ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-14 10:48:32 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

readme.eng.md : minor fix

Browse Source
This commit is contained in:
bol-van 2024-03-02 17:59:08 +03:00
parent f5c3517363
commit 2ab1141b88
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/readme.eng.md
View File

@ -99,7 +99,7 @@ Its necessary to use this filter when also using `connbytes 1:6`. Without it pac
Some attacks require redirection of incoming packets : Some attacks require redirection of incoming packets :
iptables -t mangle -I PREROUTING -i <external_interface> -p tcp --sport 80 -m connbytes --connbytes-dir=reply --connbytes-mode=packets --connbytes 1:6 -m set --match-set zapret src -j NFQUEUE --queue-num 200 --queue-bypass `iptables -t mangle -I PREROUTING -i <external_interface> -p tcp --sport 80 -m connbytes --connbytes-dir=reply --connbytes-mode=packets --connbytes 1:6 -m set --match-set zapret src -j NFQUEUE --queue-num 200 --queue-bypass`
Incoming packets are filtered by incoming interface, source port and IP. This is opposite to the direct rule. Incoming packets are filtered by incoming interface, source port and IP. This is opposite to the direct rule.