nft: fix chains deletion on stop_fw

2024-09-22 09:42:51 +05:00 · 2022-06-01 16:31:52 +03:00 · 2022-06-01 16:31:52 +03:00 · e7a3c8c142
commit e7a3c8c142
parent 0af2bb1841
1 changed files with 2 additions and 1 deletions
--- a/common/nft.sh
+++ b/common/nft.sh
@ -109,10 +109,11 @@ cat << EOF | nft -f - 2>/dev/null
 	delete chain inet $ZAPRET_NFT_TABLE forward
 	delete chain inet $ZAPRET_NFT_TABLE input
 	delete chain inet $ZAPRET_NFT_TABLE postrouting
-	delete chain inet $ZAPRET_NFT_TABLE predefrag
 	delete chain inet $ZAPRET_NFT_TABLE flow_offload
 	delete chain inet $ZAPRET_NFT_TABLE localnet_protect
 EOF
+# unfortunately this approach breaks udp desync of the connection initiating packet (new, first one)
+#	delete chain inet $ZAPRET_NFT_TABLE predefrag
 }
 nft_del_flowtable()
 {