feat: add incoming fw rules, fixed routes and improved docs

2026-02-17 08:44:28 +01:00 · 2026-02-17 08:44:28 +01:00 · c1aafd19c1
commit c1aafd19c1
parent b92f2c6175
4 changed files with 87 additions and 4 deletions
--- a/templates/nftables.conf.j2
+++ b/templates/nftables.conf.j2
@ -15,6 +15,12 @@ table inet filter {
        # Allow LAN management access
        iif {{ lan_interface }} accept

+        # Allow incoming firewall rules
+{% for rule in incoming_firewall_rules %}
+        # {{ rule.name }}
+        iif {{ lan_interface }} ip saddr {{ rule.source }} {{ rule.protocol | default('tcp') }} dport {{ rule.port }} accept
+{% endfor %}
+
        # Allow ICMP
        ip protocol icmp accept
        ip6 nexthdr ipv6-icmp accept