diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/xtables.conf | 41 |
1 files changed, 24 insertions, 17 deletions
diff --git a/etc/xtables.conf b/etc/xtables.conf index 00b5df4f..6d26ffe4 100644 --- a/etc/xtables.conf +++ b/etc/xtables.conf @@ -1,24 +1,31 @@ -table raw prio -300 { - chain PREROUTING hook NF_INET_PRE_ROUTING - chain OUTPUT hook NF_INET_LOCAL_OUT +table raw { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -300 + chain OUTPUT hook NF_INET_LOCAL_OUT prio -300 } -table mangle prio -150 { - chain PREROUTING hook NF_INET_PRE_ROUTING - chain INPUT hook NF_INET_LOCAL_IN - chain FORWARD hook NF_INET_FORWARD - chain OUTPUT hook NF_INET_LOCAL_OUT - chain POSTROUTING hook NF_INET_POST_ROUTING +table mangle { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -150 + chain INPUT hook NF_INET_LOCAL_IN prio -150 + chain FORWARD hook NF_INET_FORWARD prio -150 + chain OUTPUT hook NF_INET_LOCAL_OUT prio -150 + chain POSTROUTING hook NF_INET_POST_ROUTING prio -150 } -table filter prio 0 { - chain INPUT hook NF_INET_LOCAL_IN - chain FORWARD hook NF_INET_FORWARD - chain OUTPUT hook NF_INET_LOCAL_OUT +table filter { + chain INPUT hook NF_INET_LOCAL_IN prio 0 + chain FORWARD hook NF_INET_FORWARD prio 0 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 0 } -table security prio 150 { - chain INPUT hook NF_INET_LOCAL_IN - chain FORWARD hook NF_INET_FORWARD - chain OUTPUT hook NF_INET_LOCAL_OUT +table nat { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -100 + chain POSTROUTING hook NF_INET_POST_ROUTING prio 100 + chain INPUT hook NF_INET_LOCAL_IN prio -100 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 100 +} + +table security { + chain INPUT hook NF_INET_LOCAL_IN prio 150 + chain FORWARD hook NF_INET_FORWARD prio 150 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 150 } |