From 4373c84301e9f3a4acd89098720cbf07e9534249 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sun, 6 Nov 2022 17:38:27 +0000
Subject: [PATCH] nftables: Fix opening ports without ip range

---
 roles/nftables/templates/nftables.conf.j2 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/nftables/templates/nftables.conf.j2 b/roles/nftables/templates/nftables.conf.j2
index 692a6e2..164d1d4 100644
--- a/roles/nftables/templates/nftables.conf.j2
+++ b/roles/nftables/templates/nftables.conf.j2
@@ -19,7 +19,7 @@ table ip filter {
 {%       endif %}
 {%     endfor %}
 {%   else %}
-        ip {{ rule.proto }} dport {{ rule.port }} accept
+        {{ rule.proto }} dport {{ rule.port }} accept
 {%   endif %}
 {% endfor %}
         reject with icmp type host-prohibited
@@ -42,11 +42,11 @@ table ip6 filter {
 {%         set from = lookup('dig', from) %}
 {%       endif %}
 {%       if from | ipv6 %}
-        ip saddr {{ from }} {{ rule.proto }} dport {{ rule.port }} accept
+        ip6 saddr {{ from }} {{ rule.proto }} dport {{ rule.port }} accept
 {%       endif %}
 {%     endfor %}
 {%   else %}
-        ip {{ rule.proto }} dport {{ rule.port }} accept
+        {{ rule.proto }} dport {{ rule.port }} accept
 {%   endif %}
 {% endfor %}
         reject with icmpv6 type admin-prohibited