feat: nftables logging

2024-05-23 13:56:10 +02:00 · 2024-05-23 13:56:10 +02:00 · 4dbecdcc5b
commit 4dbecdcc5b
parent 54745d09a1
1 changed files with 7 additions and 5 deletions
--- a/rootfs/etc/nftables.conf
+++ b/rootfs/etc/nftables.conf
@ -6,19 +6,21 @@ table inet filter {
  chain input {
    type filter hook input priority filter; policy drop;

+    #tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"
+
    ct state invalid               counter drop
+    ct state {established,related} counter accept

    iif "lo"                  counter accept
    ip protocol {icmp,icmpv6} counter accept
-    ct state {established,related} counter accept

-    counter comment "dropped"
+    counter meta nftrace set 1 comment "dropped"
  }

  chain forward {
    type filter hook forward priority filter; policy drop;

-    counter comment "dropped"
+    counter meta nftrace set 1 comment "dropped"
  }

  chain output {