drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-08-10 01:02:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

init.d: openwrt-minimal exclude local subnets

Browse Source
This commit is contained in:
bol-van
2024-10-21 20:50:28 +03:00
parent c645e17b0b
commit 2dc7332533
2 changed files with 34 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
init.d/openwrt-minimal/tpws/etc/nftables.d/90-tpws.nft
View File

@@ -1,8 +1,18 @@
chain tpws_re {
set tpws_exclude4 {
type ipv4_addr; flags interval; auto-merge;
elements = { 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16 }
}
set tpws_exclude6 {
type ipv6_addr; flags interval; auto-merge;
elements = { fc00::/7, fe80::/10 }
}
chain tpws_pre {
type nat hook prerouting priority dstnat; policy accept;
tcp dport {80,443} redirect to :900
tcp dport {80,443} ip daddr != @tpws_exclude4 redirect to :900
tcp dport {80,443} ip6 daddr != @tpws_exclude6 redirect to :900
}
chain tpws_out {
type nat hook output priority -100; policy accept;
tcp dport {80,443} skuid != daemon redirect to :900
tcp dport {80,443} skuid != daemon ip daddr != @tpws_exclude4 redirect to :900
tcp dport {80,443} skuid != daemon ip6 daddr != @tpws_exclude6 redirect to :900
}