TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-08 03:00:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

创建nftables规则时,使用REJECT代替DROP

Browse Source
This commit is contained in:
GoEdgeLab
2023-04-01 15:55:24 +08:00
parent b902b0ad26
commit 6287786bd3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/firewalls/firewall_nftables.go
View File

@@ -235,13 +235,13 @@ func (this *NFTablesFirewall) init() error {
if setAction == "allow" { if setAction == "allow" {
rule, err = chain.AddAcceptIPv4SetRule(setName, ruleName) rule, err = chain.AddAcceptIPv4SetRule(setName, ruleName)
} else { } else {
rule, err = chain.AddDropIPv4SetRule(setName, ruleName) rule, err = chain.AddRejectIPv4SetRule(setName, ruleName)
} }
} else if tableDef.IsIPv6 { } else if tableDef.IsIPv6 {
if setAction == "allow" { if setAction == "allow" {
rule, err = chain.AddAcceptIPv6SetRule(setName, ruleName) rule, err = chain.AddAcceptIPv6SetRule(setName, ruleName)
} else { } else {
rule, err = chain.AddDropIPv6SetRule(setName, ruleName) rule, err = chain.AddRejectIPv6SetRule(setName, ruleName)
} }
} }
if err != nil { if err != nil {