From 6fe819ad2798edce47ad498b44bc48d8cfc2bf9d Mon Sep 17 00:00:00 2001
From: maurice <maurict@pm.me>
Date: Sat, 22 Nov 2025 18:29:37 +0100
Subject: [PATCH] Update firewall

---
 services/firewall/rules.nft | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/services/firewall/rules.nft b/services/firewall/rules.nft
index ad9d646..d1a87d4 100644
--- a/services/firewall/rules.nft
+++ b/services/firewall/rules.nft
@@ -82,6 +82,10 @@ table inet firewall {
     ip saddr { $lan_net, $vpn_net } tcp dport { 53, 445 } accept
     ip6 saddr $lan_net6 tcp dport { 53, 445 } accept
 
+    # Allow MongoDB from LAN and VPN
+    ip saddr { $lan_net, $vpn_net } tcp dport 27017 accept
+    ip6 saddr { $lan_net, $vpn_net } tcp dport 27017 accept
+
     # Allow Minecraft server access from LAN and VPN
     ip saddr { $lan_net, $vpn_net } tcp dport 25565 accept
     ip saddr { $lan_net, $vpn_net } udp dport 25565 accept