Skip to content

Commit

Permalink
fixup! fix: add missing --on-ip equivalence in nft tproxy rules
Browse files Browse the repository at this point in the history
  • Loading branch information
@cubercsl
cubercsl committed Jan 25, 2023
1 parent 7594499 commit a94c84b
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion nftables.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,8 @@ table inet cgproxy {
chain tproxy_ent {
# core
socket wildcard 0 mark set $fwmark_tproxy accept
meta l4proto { tcp, udp } tproxy ip to 127.0.0.1:$port tproxy ip6 to [::1]:$port meta mark set $fwmark_tproxy
meta l4proto { tcp, udp } tproxy ip to 127.0.0.1:$port meta mark set $fwmark_tproxy
meta l4proto { tcp, udp } tproxy ip6 to [::1]:$port meta mark set $fwmark_tproxy
}
chain tproxy_pre {
Expand Down

0 comments on commit a94c84b

Please sign in to comment.