Fix rootfull podman containers

2025-09-30 20:38:03 +02:00
parent 313284fafd
commit ece655263e
1 changed files with 4 additions and 1 deletions
--- a/services/firewall/rules.nft
+++ b/services/firewall/rules.nft
@@ -97,6 +97,9 @@ table inet firewall {
    iifname $vpn ip daddr $lan_net drop                   # Block all other VPN clients from accessing the LAN network 
  
    iifname $vpn oifname $wan accept                      # Allow VPN traffic to access WAN
+    
+    iifname "podman*" accept                              # allow traffic from podman interfaces (podman0, podman1, ...)
+    oifname "podman*" accept                              # allow traffic to podman interfaces (podman0, podman1, ...)
  }

  chain outgoing {