gsd
/
zapret
mirror of https://github.com/bol-van/zapret/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

nft: use iif instead of iifname for lo

pull/98/head
bol-van 3 years ago
parent
48da387626
commit
7d1b336061
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      common/nft.sh

2
common/nft.sh
View File

@ -82,7 +82,7 @@ cat << EOF | nft -f -
flush chain inet $ZAPRET_NFT_TABLE localnet_protect
add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr $TPWS_LOCALHOST4 return comment "route_localnet allow access to tpws"
add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr 127.0.0.0/8 drop comment "route_localnet remote access protection"
add rule inet $ZAPRET_NFT_TABLE input iifname != lo jump localnet_protect
add rule inet $ZAPRET_NFT_TABLE input iif != lo jump localnet_protect
add chain inet $ZAPRET_NFT_TABLE postrouting { type filter hook postrouting priority -151; }
flush chain inet $ZAPRET_NFT_TABLE postrouting
add set inet $ZAPRET_NFT_TABLE lanif { type ifname; }

Write Preview
Loading…
Cancel
Save