fix(nftables): update fw nftables to allow vpn connection regardless of crowdsec ban

2026-05-07 09:22:49 +09:00
parent f697715065
commit 3b4b56f53f
1 changed files with 2 additions and 0 deletions
@@ -82,6 +82,8 @@ table inet filter {
        chain global {
                # invalid packets
                ct state invalid drop comment "deny invalid connection"
+                # VPN connection exception handling
+                udp dport $PORTS_VPN return comment "return vpn connection to input and forward chain"
                # crowdsec
                ip saddr @crowdsec-blacklists counter drop comment "deny all crowdsec blacklist"
                ip6 saddr @crowdsec6-blacklists counter drop comment "deny all ipv6 crowdsec blacklist"