Update nftables to allow libvirt traffic

2023-02-23 22:42:55 +01:00 · 2023-02-23 22:42:55 +01:00 · b22e1ba3d0
commit b22e1ba3d0
parent 5d8a2e3f43
1 changed files with 3 additions and 0 deletions
--- a/system/base/nftables/templates/nftables.conf.j2
+++ b/system/base/nftables/templates/nftables.conf.j2
@ -10,6 +10,9 @@ table inet filter {
                # Accept any localhost traffic.
                iif lo accept;

+                # Accept any libvirt traffic.
+                iifname virbr0 accept;
+
                # Accept traffic originated from us.
                ct state established,related accept;