rc/servers
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
servers/roles/ocserv/files/ocserv.nft
Timotej Lazar 292ddbb7e7 ocserv: fix firewall config 
Oops, let’s not drop everything but VPN packets in postrouting.
2025-08-11 12:26:55 +02:00

14 lines
348 B
Text
Raw Blame History

table inet ocserv {
chain forward {
type filter hook forward priority filter + 10; policy drop;
ct state { established, related } accept
meta mark 0x100 accept
}
}
table ip ocserv {
chain postrouting {
type nat hook postrouting priority srcnat; policy accept;
meta mark 0x100 masquerade
}
}
Reference in a new issue View git blame Copy permalink