Mirror/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2026-01-27 04:40:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

blockcheck: change nft postnat hook from output to postrouting to fix some issues

Browse Source
This commit is contained in:
bol-van
2025-09-21 17:53:50 +03:00
parent acfbbc58ac
commit b2468a9095
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
blockcheck.sh
View File

@@ -804,7 +804,7 @@ nft_scheme()
make_comma_list iplist $3
nft add table inet $NFT_TABLE
nft "add chain inet $NFT_TABLE postnat { type filter hook output priority 102; }"
nft "add chain inet $NFT_TABLE postnat { type filter hook postrouting priority 102; }"
nft "add rule inet $NFT_TABLE postnat meta nfproto ipv${IPV} $1 dport $2 mark and $DESYNC_MARK == 0 ip${ipver} daddr {$iplist} ct mark set ct mark or $DESYNC_MARK queue num $QNUM"
# for strategies with incoming packets involved (autottl)
nft "add chain inet $NFT_TABLE prenat { type filter hook prerouting priority -102; }"