Added rule for rejecting outbound HTTP/3 connections.

2025-12-16 09:20:07 -05:00
parent a066063f6a
commit e6d4769956
1 changed files with 1 additions and 0 deletions
--- a/etc/nftables.conf
+++ b/etc/nftables.conf
@@ -25,6 +25,7 @@ table inet filter {
 		ct state invalid counter drop comment "drop invalid"
 		meta l4proto { icmp, ipv6-icmp } counter accept comment "accept ICMP"

+		udp dport https ct state new counter reject comment "reject new HTTP/3 connections"
 		ct state new counter accept comment "accept new outbound connections"

 		counter comment "count any other dropped traffic"