[arch-commits] Commit in nftables/trunk (PKGBUILD nftables.conf)
Sébastien Luttringer
seblu at gemini.archlinux.org
Wed Jul 28 09:33:27 UTC 2021
Date: Wednesday, July 28, 2021 @ 09:33:27
Author: seblu
Revision: 420554
upgpkg: nftables 1:0.9.9-5
Modified:
nftables/trunk/PKGBUILD
nftables/trunk/nftables.conf
---------------+
PKGBUILD | 4 ++--
nftables.conf | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-07-28 08:48:13 UTC (rev 420553)
+++ PKGBUILD 2021-07-28 09:33:27 UTC (rev 420554)
@@ -3,7 +3,7 @@
pkgname=nftables
epoch=1
pkgver=0.9.9
-pkgrel=4
+pkgrel=5
pkgdesc='Netfilter tables userspace tools'
arch=('x86_64')
url='https://netfilter.org/projects/nftables/'
@@ -19,7 +19,7 @@
install=nftables.install
sha256sums=('76ef2dc7fd0d79031a8369487739a217ca83996b3a746cec5bda79da11e3f1b4'
'SKIP'
- 'c66fd3b4ee14e577d077d346ba548090040bb8b1cb26c65235814c51aad40e98'
+ '5612ba3a94a90bc6fe3ce5bbcce7695f3f7c60d48f864ea1838355e6bac10910'
'deffeef36fe658867dd9203ec13dec85047a6d224ea63334dcf60db97e1809ea')
prepare() {
Modified: nftables.conf
===================================================================
--- nftables.conf 2021-07-28 08:48:13 UTC (rev 420553)
+++ nftables.conf 2021-07-28 09:33:27 UTC (rev 420554)
@@ -11,13 +11,13 @@
type filter hook input priority filter
policy drop
+ ct state invalid drop comment "early drop of invalid connections"
ct state {established, related} accept comment "allow tracked connections"
- ct state invalid drop comment "early drop of invalid connections"
iifname lo accept comment "allow from loopback"
ip protocol icmp accept comment "allow icmp"
meta l4proto ipv6-icmp accept comment "allow icmp v6"
tcp dport ssh accept comment "allow sshd"
- pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
+ limit rate 5/second counter reject with icmpx type admin-prohibited
counter
}
chain forward {
More information about the arch-commits
mailing list