Tomas Volf 82f9e5ac97 services: nftables: Tighten the default rules. ... Packets for local host IP ranges should be coming only over lo. If that is not the case, we should drop them. Use iif for the check instead of iifname, lo is guaranteed to exists, and iif is faster. * gnu/services/networking.scm (%default-nftables-ruleset): Tighten the rules. Signed-off-by: Ludovic Courtès <ludo@gnu.org>		2023-10-20 00:33:26 +02:00
..
admin.scm
audio.scm
auditd.scm
authentication.scm
avahi.scm
base.scm
certbot.scm
cgit.scm
ci.scm
configuration.scm
cuirass.scm
cups.scm
databases.scm
dbus.scm
desktop.scm
dict.scm
dns.scm
docker.scm
file-sharing.scm
games.scm
ganeti.scm
getmail.scm
guix.scm
herd.scm
hurd.scm
kerberos.scm
ldap.scm
lightdm.scm
linux.scm
lirc.scm
mail.scm
mcron.scm
messaging.scm
monitoring.scm
networking.scm	services: nftables: Tighten the default rules.	2023-10-20 00:33:26 +02:00
nfs.scm
nix.scm
pam-mount.scm
pm.scm
rsync.scm
samba.scm
science.scm
sddm.scm
security-token.scm
security.scm
shepherd.scm
sound.scm
spice.scm
ssh.scm
syncthing.scm
sysctl.scm
telephony.scm
version-control.scm
virtualization.scm
vnc.scm
vpn.scm
web.scm
xorg.scm