ange/archinstall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: nftables logging

Browse Source
This commit is contained in:
ange 2024-05-23 13:56:10 +02:00
parent 54745d09a1
commit 4dbecdcc5b
Signed by: ange
GPG Key ID: 9E0C4157BB7BEB1D
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
rootfs/etc/nftables.conf
View File

@ -6,19 +6,21 @@ table inet filter {
chain input { chain input {
type filter hook input priority filter; policy drop; type filter hook input priority filter; policy drop;
ct state invalid counter drop #tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"
iif "lo" counter accept ct state invalid counter drop
ip protocol {icmp,icmpv6} counter accept
ct state {established,related} counter accept ct state {established,related} counter accept
counter comment "dropped" iif "lo" counter accept
ip protocol {icmp,icmpv6} counter accept
counter meta nftrace set 1 comment "dropped"
} }
chain forward { chain forward {
type filter hook forward priority filter; policy drop; type filter hook forward priority filter; policy drop;
counter comment "dropped" counter meta nftrace set 1 comment "dropped"
} }
chain output { chain output {