Skip to content

Commit

Permalink
auto-redirect: Let fw4 take precedence over prerouting
Browse files Browse the repository at this point in the history
  • Loading branch information
@nekohasekai
nekohasekai committed Oct 11, 2024
1 parent 9ba70c3 commit 06d32a6
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions redirect_nftables.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ func (r *autoRedirect) setupNFTables() error {
Name: "prerouting",
Table: table,
Hooknum: nftables.ChainHookPrerouting,
Priority: nftables.ChainPriorityMangle,
Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityNATDest + 1),
Type: nftables.ChainTypeNAT,
})
err = r.nftablesCreateExcludeRules(nft, table, chainPreRouting)
Expand All @@ -104,7 +104,7 @@ func (r *autoRedirect) setupNFTables() error {
Name: "prerouting_udp",
Table: table,
Hooknum: nftables.ChainHookPrerouting,
Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityMangle + 1),
Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityNATDest + 2),
Type: nftables.ChainTypeFilter,
})
if r.enableIPv4 {
Expand Down

0 comments on commit 06d32a6

Please sign in to comment.