From b22e1ba3d01252f487105de76a90eb6af402b809 Mon Sep 17 00:00:00 2001
From: Wojciech Kozlowski <wk@wojciechkozlowski.eu>
Date: Thu, 23 Feb 2023 22:42:55 +0100
Subject: [PATCH] Update nftables to allow libvirt traffic

---
 system/base/nftables/templates/nftables.conf.j2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/system/base/nftables/templates/nftables.conf.j2 b/system/base/nftables/templates/nftables.conf.j2
index ea73105..60ad856 100755
--- a/system/base/nftables/templates/nftables.conf.j2
+++ b/system/base/nftables/templates/nftables.conf.j2
@@ -10,6 +10,9 @@ table inet filter {
                 # Accept any localhost traffic.
                 iif lo accept;
 
+                # Accept any libvirt traffic.
+                iifname virbr0 accept;
+
                 # Accept traffic originated from us.
                 ct state established,related accept;