Commit Graph

35 Commits

Author SHA1 Message Date
bol-van
e1ecd8ecb0 init.d: zapret_custom_firewall_nft_flush 2024-10-13 13:51:20 +03:00
bol-van
755915a3ba init.d: number pools. FW_EXTRA. nft insert. customs reorder 2024-10-12 21:28:51 +03:00
bol-van
e8012ee67f init.d: multiple customs 2024-10-12 12:33:06 +03:00
bol-van
aa4c3c68ff move udp to nft POSTNAT scheme 2024-03-15 15:46:07 +03:00
bol-van
2f9c69b33f fix incoming connbytes range 2024-03-14 16:04:18 +03:00
bol-van
76cbcf57eb nft always use PRENAT mode for quic 2024-03-03 09:27:28 +03:00
bol-van
8a161f1f49 autottl, datanoack, oob, postnat 2024-03-02 17:53:37 +03:00
bol-van
b7a5f51064 ports override 2023-12-12 21:00:22 +03:00
bol-van
a9a4cd5cb4 nfqws: tls client hello reassemble 2023-11-15 19:36:34 +03:00
bol-van
f03bb1747f nft: POSTNAT mode support 2023-11-07 12:04:26 +03:00
bol-van
ac574ce2ce autohostlist mode 2023-10-26 15:12:32 +03:00
bol-van
9a87e617e4 QUIC support to main scripts 2023-07-02 18:46:26 +03:00
bol-van
9f303c2748 nft openwrt : resolve physdev behind pppoe for hw offload 2022-11-15 14:45:04 +03:00
bol-van
be077c5ae0 nft: flow offload test counter 2022-11-15 11:04:02 +03:00
bol-van
cf5433c6fb nft hw offload optimize 2022-11-01 12:30:00 +03:00
bol-van
321a553c8f fix hardware offload if not all bridge members support it 2022-11-01 10:39:09 +03:00
bol-van
e7a3c8c142 nft: fix chains deletion on stop_fw 2022-06-01 16:31:52 +03:00
bol-van
ef669a15a5 TSPU QUIC block bypass custom script 2022-05-29 23:07:59 +03:00
bol-van
5244af1838 nftables: flush predefrag chain 2022-03-22 14:24:41 +03:00
bol-van
38883a67a9 nftables: use after-srcnat postrouting hook. enable ipfrag notrack 2022-03-22 13:58:02 +03:00
bol-van
e484808b3f move local var definitions 2022-03-04 19:06:26 +03:00
bol-van
7f5731c5d0 allow to specify protocol in helper function, do not fix tcp 2022-03-04 17:30:02 +03:00
bol-van
3a4bf75ce6 init: reuse builtin mode in custom scripts 2022-02-23 22:39:49 +03:00
bol-van
09416dee64 nft: avoid using complex maps 2022-02-23 16:15:01 +03:00
bol-van
6b3d9153f8 nft: use map for tpws DNAT6 targeting 2022-02-23 12:13:26 +03:00
bol-van
f49ad5d194 nft: do not flush ifsets on firewall stop 2022-02-18 15:50:53 +03:00
bol-van
0c58537217 nft: do not delete all chains on firewall down 2022-02-18 13:40:49 +03:00
bol-van
be1269d950 nft: try to bypass digit starting interfaces nft bug 2022-02-17 19:34:35 +03:00
bol-van
a5757eac50 nft: quoting interface names 2022-02-16 23:33:45 +03:00
bol-van
0d08b555e8 nftables: quote interface names in ifname sets 2022-02-16 22:08:01 +03:00
bol-van
0b242d6068 hardware offloading: resolve bridge interfaces 2022-02-16 21:48:02 +03:00
bol-van
7d1b336061 nft: use iif instead of iifname for lo 2022-02-16 17:52:16 +03:00
bol-van
5a1ca8d481 init: deduplicate shell code 2022-02-16 15:46:29 +03:00
bol-van
4dd8635f6b init: nft_fill_ifsets universal 2022-02-15 23:11:52 +03:00
bol-van
95667733a6 nftables support 2022-02-15 17:16:23 +03:00