nftables fix ipv6 (allow ICMP)

2023-11-29 07:45:02 +00:00 · 2023-11-29 07:45:02 +00:00 · 9de094f09f
commit 9de094f09f
parent a37eebfd29
1 changed files with 3 additions and 3 deletions
--- a/nftables.conf
+++ b/nftables.conf
@ -11,9 +11,9 @@ table inet filter {
 		ct state invalid drop
 		ct state { established, related } accept

-		# Allow ICMP ping
-		meta nfproto ipv4 icmp type echo-request limit rate 1/second accept
-		meta nfproto ipv6 icmpv6 type echo-request limit rate 1/second accept
+		# Allow ICMP
+		meta l4proto icmp limit rate 2/second accept
+		meta l4proto ipv6-icmp limit rate 2/second accept
 				
 		# SSH
 		tcp dport 995 limit rate 15/minute accept