drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-08-10 01:02:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

doc works

Browse Source
This commit is contained in:
bol-van
2025-07-30 15:08:09 +03:00
parent c4e5db309f
commit 84e75b0f28
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/readme.en.md
View File

@@ -1225,16 +1225,19 @@ Don't use `<HOSTLIST>` in highly specialized profiles. Use your own filter or ho
`<HOSTLIST_NOAUTO>` marker uses standard autohostlist as usual hostlist thus disabling auto additions in this profile. `<HOSTLIST_NOAUTO>` marker uses standard autohostlist as usual hostlist thus disabling auto additions in this profile.
If any other profile adds something this profile accepts the change automatically. If any other profile adds something this profile accepts the change automatically.
***Change loop prevention mark bit***\ Change loop prevention mark bit
`DESYNC_MARK=0x40000000` `DESYNC_MARK=0x40000000`
***Change postnat scheme mark bit***\ Change postnat scheme mark bit
`DESYNC_MARK_POSTNAT=0x20000000` `DESYNC_MARK_POSTNAT=0x20000000`
***If uncommented pass to zapret only packets marked with this bit***\ If uncommented pass to zapret only packets marked with this bit
`#FILTER_MARK_POSTNAT=0x10000000` `#FILTER_MARK_POSTNAT=0x10000000`
Bit must be set in your own rules.. Bit must be set in your own rules.
* iptables - in mangle PREROUTING and mangle OUTPUT before zapret rules (iptables -I _after_ zapret rules application). * iptables - in mangle PREROUTING and mangle OUTPUT before zapret rules (iptables -I _after_ zapret rules application).
* nftables - in output and prerouting hooks with priority -102 or lower. * nftables - in output and prerouting hooks with priority -102 or lower.