From 46e0095403e5a8b5ef20f003cc3892d82b3e8ab7 Mon Sep 17 00:00:00 2001 From: Xiao Pan Date: Sat, 10 Jan 2026 22:49:50 +0800 Subject: nft no allow to swgp port from local network --- etc/nftables.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'etc/nftables.conf') diff --git a/etc/nftables.conf b/etc/nftables.conf index 02f65913..689a1a17 100644 --- a/etc/nftables.conf +++ b/etc/nftables.conf @@ -32,8 +32,8 @@ table inet my_table { #udp dport wireguard accept iifname wg_* ip saddr 10.0.0.7 tcp dport distccd-alarm-armv8 accept iifname wg_* ip6 saddr fdc9:281f:04d7:9ee9::7 tcp dport distccd-alarm-armv8 accept - ip saddr 192.168.0.0/16 udp dport swgp accept - ip6 saddr fe80::/10 udp dport swgp accept + #ip saddr 192.168.0.0/16 udp dport swgp accept + #ip6 saddr fe80::/10 udp dport swgp accept pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited counter comment "count any other traffic" -- cgit v1.2.3-70-g09d2