diff options
Diffstat (limited to 'data/vyos-firewall-init.conf')
-rw-r--r-- | data/vyos-firewall-init.conf | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf index 768031c83..7e258e6f1 100644 --- a/data/vyos-firewall-init.conf +++ b/data/vyos-firewall-init.conf @@ -19,6 +19,15 @@ table raw { type filter hook forward priority -300; policy accept; } + chain vyos_global_rpfilter { + return + } + + chain vyos_rpfilter { + type filter hook prerouting priority -300; policy accept; + counter jump vyos_global_rpfilter + } + chain PREROUTING { type filter hook prerouting priority -300; policy accept; counter jump VYOS_CT_IGNORE @@ -82,8 +91,13 @@ table ip6 raw { type filter hook forward priority -300; policy accept; } + chain vyos_global_rpfilter { + return + } + chain vyos_rpfilter { type filter hook prerouting priority -300; policy accept; + counter jump vyos_global_rpfilter } chain PREROUTING { |