feat: nftables logging

2024-05-23 13:56:10 +02:00 · 2024-05-23 13:56:10 +02:00 · 4dbecdcc5b
commit 4dbecdcc5b
parent 54745d09a1
1 changed files with 7 additions and 5 deletions
--- a/rootfs/etc/nftables.conf
+++ b/rootfs/etc/nftables.conf
@ -6,19 +6,21 @@ table inet filter {
  chain input {
    type filter hook input priority filter; policy drop;

-    ct state invalid counter drop
+    #tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"

-    iif "lo"                       counter accept
-    ip protocol {icmp,icmpv6}      counter accept
+    ct state invalid               counter drop
    ct state {established,related} counter accept

-    counter comment "dropped"
+    iif "lo"                  counter accept
+    ip protocol {icmp,icmpv6} counter accept
+
+    counter meta nftrace set 1 comment "dropped"
  }

  chain forward {
    type filter hook forward priority filter; policy drop;

-    counter comment "dropped"
+    counter meta nftrace set 1 comment "dropped"
  }

  chain output {