ruleset: fix conntrack helpers

[project/firewall4.git] / tests / 03_rules / 08_family_inheritance

diff --git a/tests/03_rules/08_family_inheritance b/tests/03_rules/08_family_inheritance
index 605c74b13023797b5aadbc7917de6d583099e5e1..b33d01fc3818098004b1c15e2a5617111978a1ff 100644 (file)
--- a/tests/03_rules/08_family_inheritance
+++ b/tests/03_rules/08_family_inheritance
@@ -220,6 +220,10 @@ table inet fw4 {
                meta nfproto ipv4 ip daddr 192.168.1.0/24 jump output_ipv4only comment "!fw4: Handle ipv4only IPv4 output traffic"
        }
 
+       chain prerouting {
+               type filter hook prerouting priority filter; policy accept;
+       }
+
        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject with icmpx type port-unreachable comment "!fw4: Reject any other traffic"
@@ -275,7 +279,7 @@ table inet fw4 {
 
 
        #
-       # Raw rules (notrack & helper)
+       # Raw rules (notrack)
        #
 
        chain raw_prerouting {