Adapt configuration from stallman

config/networks/dmz.nft

@@ -4,28 +4,20 @@ table inet firewall {
 		# helper set to quickly add a web server to the whitelist
 		type ipv4_addr
 		elements = {
-			# jarvis (librenms)
+			193.54.193.11, # jarvis (librenms)
-			193.54.193.11,
+			193.54.193.23, # fafnir (passbolt)
-			# fafnir (passbolt)
+			193.54.193.25, # thor (re2o)
-			193.54.193.23,
+			193.54.193.26, # urdarbrunn (wiki)
-			# thor (re2o)
+			193.54.193.27, # loki (contrôleur de bornes)
-			193.54.193.25,
+			193.54.193.31, # brokkr (gitlab)
-			# urdarbrunn (wiki)
+			193.54.193.33, # verdandi (icinga)
-			193.54.193.26,
-			# loki (contrôleur de bornes)
-			193.54.193.27,
-			# brokkr (gitlab)
-			193.54.193.31,
-			# verdandi (icinga)
-			193.54.193.33,
 		}
 	}
 
 	set dmz_whitelist_tcp {
 		type ipv4_addr . inet_service
 		elements = {
-			# frigg (radius)
+			193.54.193.20 . 1812, # frigg (radius)
-			193.54.193.20 . 1812,
 			193.54.193.20 . 1813,
 		}
 	}
@@ -33,8 +25,7 @@ table inet firewall {
 	set dmz_whitelist_udp {
 		type ipv4_addr . inet_service
 		elements = {
-			# frigg (radius)
+			193.54.193.20 . 1812, # frigg (radius)
-			193.54.193.20 . 1812,
 			193.54.193.20 . 1813,
 		}
 	}

config/networks/nerim.nft

@@ -10,7 +10,7 @@ table inet firewall {
 
 	chain fwd_yann_minecraft{
 		# Serveur minecraft Yann
-		dnat to 10.2.4.29:23456
+		ip version 4 ip protocol tcp dnat to 10.2.4.29:23456
 	}
 
 	chain fwd_fabien_pathier{
@@ -31,6 +31,6 @@ table inet firewall {
 	}
 
 	chain snat_nerim {
-		masquerade log prefix "masquerade:"
+		log prefix "masquerade:" masquerade
 	}
 }