From 17fda09f93b18ba921edab36b0b006bb186d031b Mon Sep 17 00:00:00 2001
From: Nada Kafia <nada.kafia@gmail.com>
Date: Tue, 3 Dec 2019 17:34:34 +0100
Subject: [PATCH] Open ports for minecraft.

---
 zones/dmz.nft | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/zones/dmz.nft b/zones/dmz.nft
index 3b4329b..fd2af45 100644
--- a/zones/dmz.nft
+++ b/zones/dmz.nft
@@ -75,6 +75,12 @@ table inet firewall {
 		elements = {10.7.0.243}
 	}
 
+	set minecraft {
+		type ipv4_addr
+		flags interval
+		elements = {193.48.225.202}
+	}
+
 	chain to_dmz {
 		ip saddr 10.7.0.0/16 accept
 
@@ -92,6 +98,9 @@ table inet firewall {
 		ip daddr @video tcp dport { 5678 } accept
 		ip saddr $monitoring udp dport { 161 } accept
 
+		ip daddr @minecraft tcp dport { 25565 } accept
+		ip daddr @minecraft udp dport { 25565 } accept
+
 		ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
 		ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept