From ddf579d4e0a08f6742952df04d5e7f79c626a32f Mon Sep 17 00:00:00 2001 From: bol-van Date: Wed, 7 Dec 2022 21:34:34 +0300 Subject: [PATCH] blockcheck: remote bypass option for nft queue --- blockcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blockcheck.sh b/blockcheck.sh index aac0c11..32ae7ab 100755 --- a/blockcheck.sh +++ b/blockcheck.sh @@ -338,7 +338,7 @@ pktws_ipt_prepare() nft "add rule inet $NFT_TABLE predefrag meta nfproto ipv${IPV} exthdr frag exists notrack" } nft "add chain inet $NFT_TABLE premangle { type filter hook output priority -152; }" - nft "add rule inet $NFT_TABLE premangle meta nfproto ipv${IPV} tcp dport $1 mark and 0x40000000 != 0x40000000 queue num $QNUM bypass" + nft "add rule inet $NFT_TABLE premangle meta nfproto ipv${IPV} tcp dport $1 mark and 0x40000000 != 0x40000000 queue num $QNUM" ;; ipfw) IPFW_ADD divert $IPFW_DIVERT_PORT tcp from me to any $1 proto ip${IPV} out not diverted not sockarg