#
# influxdb-ruleset - Basic influxdb rules for bondingadmin
#

flush ruleset

table inet filter {
    chain input {
        type filter hook input priority 0; policy drop;
        ct state established,related accept
        ct state invalid drop

        # Allow ICMP/ICMPv6
        #
        ip protocol icmp accept
        ip6 nexthdr ipv6-icmp accept

        # Allow influxdb TCP ports
        #
        tcp dport {8086, 8088} accept

        # Allow from loopback
        iifname lo accept
    }
}