Update nftables ruleset syntax

Apparently the tooling is now more strict in what syntax it accepts. Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2019-01-11 14:06:54 +01:00 · 2019-01-11 14:06:54 +01:00 · 9a49a8aac4
parent 8650c174f7
commit 9a49a8aac4
2 changed files with 2 additions and 2 deletions
--- a/layer/router-alix/nftables.rules
+++ b/layer/router-alix/nftables.rules
@ -6,7 +6,7 @@ table inet filter {

    ip protocol icmp accept

-    ct state {established, related} accept
+    ct state established, related accept
    ct state invalid drop

    iifname lo accept
--- a/layer/router-rpi3/nftables.rules
+++ b/layer/router-rpi3/nftables.rules
@ -4,7 +4,7 @@ table inet filter {
  chain input {
    type filter hook input priority 0; policy drop;

-    ct state {established, related} accept
+    ct state established, related accept
    ct state invalid drop

    iifname lo accept