open nftables & fixes

shared/commons/nftables.nix

@@ -73,6 +73,11 @@ in
                                 tcp dport 587 accept
                             '' else ""}
 
+                            ${if lib.elem myName mapping.db.hosts then ''
+                                # DNS Secondary
+                                iifname mesh tcp dport 5432 accept
+                            '' else ""}
+
                             # Log anything else
                             ip protocol tcp counter log prefix "tcp.in.dropped: "
                             ip protocol udp counter log prefix "udp.in.dropped: "