mirror of
https://github.com/Telecominfraproject/wlan-ap.git
synced 2025-10-29 01:22:25 +00:00
uspot: add nftables firewall snippet
This enables CONNMARK'ing allowed traffic, and is used by accounting to selectively delete conntrack entries on client removal. To be used with the following fw4 config: config include option type 'nftables' option path '/usr/share/uspot/firewall.nft' option position 'chain-post' option chain 'mangle_postrouting' Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
This commit is contained in:
Thibaut VARÈNE
committed by
John Crispin
John Crispin
parent
866583625b
commit
a6a9ef6c1b
1
feeds/ucentral/uspot/files/usr/share/uspot/firewall.nft
Normal file
1
feeds/ucentral/uspot/files/usr/share/uspot/firewall.nft
Normal file
@@ -0,0 +1 @@
|
||||
mark 0x2 ct mark set 0x2
|
||||
Reference in New Issue
Block a user