iifname "lo" accept comment "!fw4: Accept traffic from loopback"
- ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
+ ct state established,related accept comment "!fw4: Allow inbound established and related flows"
iifname "eth0" jump input_wanA comment "!fw4: Handle wanA IPv4/IPv6 input traffic"
iifname "eth1" jump input_wanB comment "!fw4: Handle wanB IPv4/IPv6 input traffic"
iifname "eth2" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
chain forward {
type filter hook forward priority filter; policy drop;
- ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
+ ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
iifname "eth0" jump forward_wanA comment "!fw4: Handle wanA IPv4/IPv6 forward traffic"
iifname "eth1" jump forward_wanB comment "!fw4: Handle wanB IPv4/IPv6 forward traffic"
iifname "eth2" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
oifname "lo" accept comment "!fw4: Accept traffic towards loopback"
- ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows"
+ ct state established,related accept comment "!fw4: Allow outbound established and related flows"
oifname "eth0" jump output_wanA comment "!fw4: Handle wanA IPv4/IPv6 output traffic"
oifname "eth1" jump output_wanB comment "!fw4: Handle wanB IPv4/IPv6 output traffic"
oifname "eth2" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
projects / project / firewall4.git / blobdiff