Merge pull request #2155 from sever-sever/T5488

T5488: Set correct priority -300 for conntrack entries
author: Christian Breunig <christian@breunig.cc> 2023-08-17 21:20:56 +0200
committer: GitHub <noreply@github.com> 2023-08-17 21:20:56 +0200
commit: 214d0d4933e90cbe9440280d916f069b9db463fc (patch)
tree: f583a15bd2bbe3e6570ce09dbfa2582bf4b59b5c
parent: b9655365bcc0518babdc32b094da488fada3f2f0 (diff)
parent: 8c2aa73dce97a7c8c7e5efd2076e272a1af90bc8 (diff)
download: vyos-1x-214d0d4933e90cbe9440280d916f069b9db463fc.tar.gz
vyos-1x-214d0d4933e90cbe9440280d916f069b9db463fc.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf
index 11a5bc7bf..36d92fe93 100644
--- a/data/vyos-firewall-init.conf
+++ b/data/vyos-firewall-init.conf
@@ -20,7 +20,7 @@ table raw {
     }
 
     chain PREROUTING {
-        type filter hook prerouting priority -200; policy accept;
+        type filter hook prerouting priority -300; policy accept;
         counter jump VYOS_CT_IGNORE
         counter jump VYOS_CT_TIMEOUT
         counter jump VYOS_CT_PREROUTING_HOOK
@@ -29,7 +29,7 @@ table raw {
     }
 
     chain OUTPUT {
-        type filter hook output priority -200; policy accept;
+        type filter hook output priority -300; policy accept;
         counter jump VYOS_CT_IGNORE
         counter jump VYOS_CT_TIMEOUT
         counter jump VYOS_CT_OUTPUT_HOOK
author	Christian Breunig <christian@breunig.cc>	2023-08-17 21:20:56 +0200
committer	GitHub <noreply@github.com>	2023-08-17 21:20:56 +0200
commit	214d0d4933e90cbe9440280d916f069b9db463fc (patch)
tree	f583a15bd2bbe3e6570ce09dbfa2582bf4b59b5c
parent	b9655365bcc0518babdc32b094da488fada3f2f0 (diff)
parent	8c2aa73dce97a7c8c7e5efd2076e272a1af90bc8 (diff)
download	vyos-1x-214d0d4933e90cbe9440280d916f069b9db463fc.tar.gz vyos-1x-214d0d4933e90cbe9440280d916f069b9db463fc.zip