ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-01-08 17:30:32 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

nft: use iif instead of iifname for lo

Browse Source
This commit is contained in:
bol-van 2022-02-16 17:52:16 +03:00
parent 48da387626
commit 7d1b336061
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/nft.sh
View File

@ -82,7 +82,7 @@ cat << EOF | nft -f -
flush chain inet $ZAPRET_NFT_TABLE localnet_protect flush chain inet $ZAPRET_NFT_TABLE localnet_protect
add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr $TPWS_LOCALHOST4 return comment "route_localnet allow access to tpws" add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr $TPWS_LOCALHOST4 return comment "route_localnet allow access to tpws"
add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr 127.0.0.0/8 drop comment "route_localnet remote access protection" add rule inet $ZAPRET_NFT_TABLE localnet_protect ip daddr 127.0.0.0/8 drop comment "route_localnet remote access protection"
add rule inet $ZAPRET_NFT_TABLE input iifname != lo jump localnet_protect add rule inet $ZAPRET_NFT_TABLE input iif != lo jump localnet_protect
add chain inet $ZAPRET_NFT_TABLE postrouting { type filter hook postrouting priority -151; } add chain inet $ZAPRET_NFT_TABLE postrouting { type filter hook postrouting priority -151; }
flush chain inet $ZAPRET_NFT_TABLE postrouting flush chain inet $ZAPRET_NFT_TABLE postrouting
add set inet $ZAPRET_NFT_TABLE lanif { type ifname; } add set inet $ZAPRET_NFT_TABLE lanif { type ifname; }