From 027367944753d0949f420e78ac130182da99cf70 Mon Sep 17 00:00:00 2001
From: Wend4r <47463683+Wend4r@users.noreply.github.com>
Date: Tue, 8 Apr 2025 17:45:41 +0300
Subject: [PATCH] Cloudflare (NFT): correct IPv6 rule

Co-authored-by: Ivan Trubach <mr.trubach@icloud.com>
---
 init.d/custom.d.examples.linux/50-cloudflare | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/init.d/custom.d.examples.linux/50-cloudflare b/init.d/custom.d.examples.linux/50-cloudflare
index 40735df..e2372ee 100644
--- a/init.d/custom.d.examples.linux/50-cloudflare
+++ b/init.d/custom.d.examples.linux/50-cloudflare
@@ -53,18 +53,19 @@ zapret_custom_firewall_nft()
 	local first_packets_only="$nft_connbytes 1-3"
 	local dest_set_ipv4="ip daddr @$NFQWS_CLOUDFLARE_SET_NAME_IPV4"
 	local dest_set_ipv6="ip6 daddr @$NFQWS_CLOUDFLARE_SET_NAME_IPV6"
-	local nft_rules="type ipv4_addr; size 4096; auto-merge; flags interval;"
+	local nft_rules_ipv4="type ipv4_addr; size 4096; auto-merge; flags interval;"
+	local nft_rules_ipv6="type ipv6_addr; size 4096; auto-merge; flags interval;"
 	local subnets subnets_ipv6
 
 	make_comma_list subnets $NFQWS_CLOUDFLARE_SUBNETS_IPV4
 	make_comma_list subnets_ipv6 $NFQWS_CLOUDFLARE_SUBNETS_IPV6
 
-	nft_create_set $NFQWS_CLOUDFLARE_SET_NAME_IPV4 "$nft_rules"
+	nft_create_set $NFQWS_CLOUDFLARE_SET_NAME_IPV4 "$nft_rules_ipv4"
 	nft_flush_set $NFQWS_CLOUDFLARE_SET_NAME_IPV4
 	nft_add_set_element $NFQWS_CLOUDFLARE_SET_NAME_IPV4 "$subnets"
 
 	[ "$DISABLE_IPV6" != "1" ] && {
-		nft_create_set $NFQWS_CLOUDFLARE_SET_NAME_IPV6 "$nft_rules"
+		nft_create_set $NFQWS_CLOUDFLARE_SET_NAME_IPV6 "$nft_rules_ipv6"
 		nft_flush_set $NFQWS_CLOUDFLARE_SET_NAME_IPV6
 		nft_add_set_element $NFQWS_CLOUDFLARE_SET_NAME_IPV6 "$subnets_ipv6"
 	}