From 086f15c29f7126dde904b6e09640c02d7b0fbbf0 Mon Sep 17 00:00:00 2001 From: bol-van Date: Mon, 21 Oct 2024 22:18:30 +0300 Subject: [PATCH] init.d: openwrt-minimal exclude localnet --- init.d/openwrt-minimal/tpws/etc/firewall.user | 4 ++-- init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/init.d/openwrt-minimal/tpws/etc/firewall.user b/init.d/openwrt-minimal/tpws/etc/firewall.user index b2d24c6..2681cf5 100644 --- a/init.d/openwrt-minimal/tpws/etc/firewall.user +++ b/init.d/openwrt-minimal/tpws/etc/firewall.user @@ -2,8 +2,8 @@ DISABLE_IPV6=0 TP_PORT=900 TP_USER=daemon -EXCLUDE4="10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16" -EXCLUDE6="fc00::/7 fe80::/10" +EXCLUDE4="10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16 127.0.0.0/8" +EXCLUDE6="fc00::/7 fe80::/10 ::1" IPTS="iptables ip6tables" [ "$DISABLE_IPV6" = 1 ] && IPTS=iptables diff --git a/init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft b/init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft index 96be0a4..819ca4f 100644 --- a/init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft +++ b/init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft @@ -1,10 +1,10 @@ set tpws_exclude4 { type ipv4_addr; flags interval; auto-merge; - elements = { 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16 } + elements = { 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,127.0.0.0/8 } } set tpws_exclude6 { type ipv6_addr; flags interval; auto-merge; - elements = { fc00::/7, fe80::/10 } + elements = { fc00::/7, fe80::/10, ::1 } } chain tpws_pre { type nat hook prerouting priority dstnat; policy accept;