Less restrictive blacklist

Signed-off-by: Tommy <contact@tommytran.io>

etc/modprobe.d/FCOS-VM-blacklist.conf

@@ -1,5 +1,12 @@
-# This blacklist is generated from a fresh install my ignition files at https://github.com/TommyTran732/Fedora-CoreOS-Ignition
-# Every unused kernel module is blacklisted.
+# Kernel module blacklist for FCOS VMs.
+# Kernel module groups removed from this blacklist:
+# arptables
+# bridge
+# gre
+# netfilter
+# nftable
+# ebtables
+# iptables
 
 blacklist qaic
 install qaic /bin/false
@@ -7967,58 +7974,6 @@ blacklist hidp
 install hidp /bin/false
 blacklist rfcomm
 install rfcomm /bin/false
-blacklist br_netfilter
-install br_netfilter /bin/false
-blacklist bridge
-install bridge /bin/false
-blacklist ebt_802_3
-install ebt_802_3 /bin/false
-blacklist ebt_among
-install ebt_among /bin/false
-blacklist ebt_arp
-install ebt_arp /bin/false
-blacklist ebt_arpreply
-install ebt_arpreply /bin/false
-blacklist ebt_dnat
-install ebt_dnat /bin/false
-blacklist ebt_ip
-install ebt_ip /bin/false
-blacklist ebt_ip6
-install ebt_ip6 /bin/false
-blacklist ebt_limit
-install ebt_limit /bin/false
-blacklist ebt_log
-install ebt_log /bin/false
-blacklist ebt_mark
-install ebt_mark /bin/false
-blacklist ebt_mark_m
-install ebt_mark_m /bin/false
-blacklist ebt_nflog
-install ebt_nflog /bin/false
-blacklist ebt_pkttype
-install ebt_pkttype /bin/false
-blacklist ebt_redirect
-install ebt_redirect /bin/false
-blacklist ebt_snat
-install ebt_snat /bin/false
-blacklist ebt_stp
-install ebt_stp /bin/false
-blacklist ebt_vlan
-install ebt_vlan /bin/false
-blacklist ebtable_broute
-install ebtable_broute /bin/false
-blacklist ebtable_filter
-install ebtable_filter /bin/false
-blacklist ebtable_nat
-install ebtable_nat /bin/false
-blacklist ebtables
-install ebtables /bin/false
-blacklist nf_conntrack_bridge
-install nf_conntrack_bridge /bin/false
-blacklist nft_meta_bridge
-install nft_meta_bridge /bin/false
-blacklist nft_reject_bridge
-install nft_reject_bridge /bin/false
 blacklist can-bcm
 install can-bcm /bin/false
 blacklist can-gw
@@ -8087,10 +8042,6 @@ blacklist esp4_offload
 install esp4_offload /bin/false
 blacklist fou
 install fou /bin/false
-blacklist gre
-install gre /bin/false
-blacklist ip_gre
-install ip_gre /bin/false
 blacklist ip_tunnel
 install ip_tunnel /bin/false
 blacklist ip_vti
@@ -8113,48 +8064,6 @@ blacklist udp_tunnel
 install udp_tunnel /bin/false
 blacklist xfrm4_tunnel
 install xfrm4_tunnel /bin/false
-blacklist arp_tables
-install arp_tables /bin/false
-blacklist arpt_mangle
-install arpt_mangle /bin/false
-blacklist arptable_filter
-install arptable_filter /bin/false
-blacklist ipt_ECN
-install ipt_ECN /bin/false
-blacklist ipt_REJECT
-install ipt_REJECT /bin/false
-blacklist ipt_SYNPROXY
-install ipt_SYNPROXY /bin/false
-blacklist ipt_ah
-install ipt_ah /bin/false
-blacklist ipt_rpfilter
-install ipt_rpfilter /bin/false
-blacklist iptable_filter
-install iptable_filter /bin/false
-blacklist iptable_mangle
-install iptable_mangle /bin/false
-blacklist iptable_nat
-install iptable_nat /bin/false
-blacklist iptable_raw
-install iptable_raw /bin/false
-blacklist iptable_security
-install iptable_security /bin/false
-blacklist nf_dup_ipv4
-install nf_dup_ipv4 /bin/false
-blacklist nf_nat_h323
-install nf_nat_h323 /bin/false
-blacklist nf_nat_pptp
-install nf_nat_pptp /bin/false
-blacklist nf_nat_snmp_basic
-install nf_nat_snmp_basic /bin/false
-blacklist nf_socket_ipv4
-install nf_socket_ipv4 /bin/false
-blacklist nf_tproxy_ipv4
-install nf_tproxy_ipv4 /bin/false
-blacklist nft_dup_ipv4
-install nft_dup_ipv4 /bin/false
-blacklist nft_reject_ipv4
-install nft_reject_ipv4 /bin/false
 blacklist ah6
 install ah6 /bin/false
 blacklist esp6
@@ -8215,16 +8124,6 @@ blacklist ip6table_raw
 install ip6table_raw /bin/false
 blacklist ip6table_security
 install ip6table_security /bin/false
-blacklist nf_dup_ipv6
-install nf_dup_ipv6 /bin/false
-blacklist nf_socket_ipv6
-install nf_socket_ipv6 /bin/false
-blacklist nf_tproxy_ipv6
-install nf_tproxy_ipv6 /bin/false
-blacklist nft_dup_ipv6
-install nft_dup_ipv6 /bin/false
-blacklist nft_reject_ipv6
-install nft_reject_ipv6 /bin/false
 blacklist kcm
 install kcm /bin/false
 blacklist af_key
@@ -8247,104 +8146,6 @@ blacklist mpls_iptunnel
 install mpls_iptunnel /bin/false
 blacklist mpls_router
 install mpls_router /bin/false
-blacklist nf_conncount
-install nf_conncount /bin/false
-blacklist nf_conntrack_amanda
-install nf_conntrack_amanda /bin/false
-blacklist nf_conntrack_broadcast
-install nf_conntrack_broadcast /bin/false
-blacklist nf_conntrack_ftp
-install nf_conntrack_ftp /bin/false
-blacklist nf_conntrack_h323
-install nf_conntrack_h323 /bin/false
-blacklist nf_conntrack_irc
-install nf_conntrack_irc /bin/false
-blacklist nf_conntrack_netbios_ns
-install nf_conntrack_netbios_ns /bin/false
-blacklist nf_conntrack_netlink
-install nf_conntrack_netlink /bin/false
-blacklist nf_conntrack_pptp
-install nf_conntrack_pptp /bin/false
-blacklist nf_conntrack_sane
-install nf_conntrack_sane /bin/false
-blacklist nf_conntrack_sip
-install nf_conntrack_sip /bin/false
-blacklist nf_conntrack_snmp
-install nf_conntrack_snmp /bin/false
-blacklist nf_conntrack_tftp
-install nf_conntrack_tftp /bin/false
-blacklist nf_dup_netdev
-install nf_dup_netdev /bin/false
-blacklist nf_flow_table
-install nf_flow_table /bin/false
-blacklist nf_flow_table_inet
-install nf_flow_table_inet /bin/false
-blacklist nf_log_syslog
-install nf_log_syslog /bin/false
-blacklist nf_nat_amanda
-install nf_nat_amanda /bin/false
-blacklist nf_nat_ftp
-install nf_nat_ftp /bin/false
-blacklist nf_nat_irc
-install nf_nat_irc /bin/false
-blacklist nf_nat_sip
-install nf_nat_sip /bin/false
-blacklist nf_nat_tftp
-install nf_nat_tftp /bin/false
-blacklist nf_synproxy_core
-install nf_synproxy_core /bin/false
-blacklist nfnetlink_acct
-install nfnetlink_acct /bin/false
-blacklist nfnetlink_hook
-install nfnetlink_hook /bin/false
-blacklist nfnetlink_log
-install nfnetlink_log /bin/false
-blacklist nfnetlink_osf
-install nfnetlink_osf /bin/false
-blacklist nfnetlink_queue
-install nfnetlink_queue /bin/false
-blacklist nft_compat
-install nft_compat /bin/false
-blacklist nft_connlimit
-install nft_connlimit /bin/false
-blacklist nft_dup_netdev
-install nft_dup_netdev /bin/false
-blacklist nft_fib_netdev
-install nft_fib_netdev /bin/false
-blacklist nft_flow_offload
-install nft_flow_offload /bin/false
-blacklist nft_fwd_netdev
-install nft_fwd_netdev /bin/false
-blacklist nft_hash
-install nft_hash /bin/false
-blacklist nft_limit
-install nft_limit /bin/false
-blacklist nft_log
-install nft_log /bin/false
-blacklist nft_masq
-install nft_masq /bin/false
-blacklist nft_nat
-install nft_nat /bin/false
-blacklist nft_numgen
-install nft_numgen /bin/false
-blacklist nft_queue
-install nft_queue /bin/false
-blacklist nft_quota
-install nft_quota /bin/false
-blacklist nft_redir
-install nft_redir /bin/false
-blacklist nft_reject_netdev
-install nft_reject_netdev /bin/false
-blacklist nft_socket
-install nft_socket /bin/false
-blacklist nft_synproxy
-install nft_synproxy /bin/false
-blacklist nft_tproxy
-install nft_tproxy /bin/false
-blacklist nft_tunnel
-install nft_tunnel /bin/false
-blacklist nft_xfrm
-install nft_xfrm /bin/false
 blacklist xt_AUDIT
 install xt_AUDIT /bin/false
 blacklist xt_CHECKSUM