ruleset: fix conntrack helpers

[project/firewall4.git] / tests / 04_forwardings / 01_family_selections

diff --git a/tests/04_forwardings/01_family_selections b/tests/04_forwardings/01_family_selections
index 194d35a6e8557a4cfc5657ec7c1c5359eb80cf09..f9362869785d64c3ec49d6201b1d855db00eba3b 100644 (file)
--- a/tests/04_forwardings/01_family_selections
+++ b/tests/04_forwardings/01_family_selections
@@ -117,6 +117,10 @@ table inet fw4 {
                oifname "eth2" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
        }
 
+       chain prerouting {
+               type filter hook prerouting priority filter; policy accept;
+       }
+
        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject with icmpx type port-unreachable comment "!fw4: Reject any other traffic"
@@ -207,7 +211,7 @@ table inet fw4 {
 
 
        #
-       # Raw rules (notrack & helper)
+       # Raw rules (notrack)
        #
 
        chain raw_prerouting {