From 4dbecdcc5b62b5afab23f1302d1242d1155daebb Mon Sep 17 00:00:00 2001
From: ange <ange@yw5n.com>
Date: Thu, 23 May 2024 13:56:10 +0200
Subject: [PATCH] feat: nftables logging

---
 rootfs/etc/nftables.conf | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/rootfs/etc/nftables.conf b/rootfs/etc/nftables.conf
index fc4ecb3..b949db5 100644
--- a/rootfs/etc/nftables.conf
+++ b/rootfs/etc/nftables.conf
@@ -6,19 +6,21 @@ table inet filter {
   chain input {
     type filter hook input priority filter; policy drop;
 
-    ct state invalid counter drop
+    #tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"
 
-    iif "lo"                       counter accept
-    ip protocol {icmp,icmpv6}      counter accept
+    ct state invalid               counter drop
     ct state {established,related} counter accept
 
-    counter comment "dropped"
+    iif "lo"                  counter accept
+    ip protocol {icmp,icmpv6} counter accept
+
+    counter meta nftrace set 1 comment "dropped"
   }
 
   chain forward {
     type filter hook forward priority filter; policy drop;
 
-    counter comment "dropped"
+    counter meta nftrace set 1 comment "dropped"
   }
 
   chain output {