diff options
Diffstat (limited to 'extensions/libxt_conntrack.txlate')
-rw-r--r-- | extensions/libxt_conntrack.txlate | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/extensions/libxt_conntrack.txlate b/extensions/libxt_conntrack.txlate index e35d5ce8..8a3d0181 100644 --- a/extensions/libxt_conntrack.txlate +++ b/extensions/libxt_conntrack.txlate @@ -28,6 +28,9 @@ nft add rule ip filter INPUT ct reply daddr 10.100.2.131 counter accept iptables-translate -t filter -A INPUT -m conntrack --ctproto tcp --ctorigsrcport 443:444 -j ACCEPT nft add rule ip filter INPUT ct original protocol 6 ct original proto-src 443-444 counter accept +iptables-translate -t filter -A INPUT -m conntrack --ctstatus EXPECTED -j ACCEPT +nft add rule ip filter INPUT ct status expected counter accept + iptables-translate -t filter -A INPUT -m conntrack ! --ctstatus CONFIRMED -j ACCEPT nft add rule ip filter INPUT ct status != confirmed counter accept |