summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
Diffstat (limited to 'data')
-rw-r--r--data/templates/firewall/nftables.j24
-rw-r--r--data/vyos-firewall-init.conf4
2 files changed, 6 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2
index d889a505d..84af0449a 100644
--- a/data/templates/firewall/nftables.j2
+++ b/data/templates/firewall/nftables.j2
@@ -3,9 +3,9 @@
{% import 'firewall/nftables-defines.j2' as group_tmpl %}
{% if first_install is not vyos_defined %}
-delete table inet vyos_rpfilter
+delete table inet vyos_global_rpfilter
{% endif %}
-table inet vyos_rpfilter {
+table inet vyos_global_rpfilter {
chain PREROUTING {
type filter hook prerouting priority -300; policy accept;
{% if global_options.source_validation is vyos_defined('loose') %}
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf
index 36d92fe93..ab25ab4bd 100644
--- a/data/vyos-firewall-init.conf
+++ b/data/vyos-firewall-init.conf
@@ -82,6 +82,10 @@ table ip6 raw {
type filter hook forward priority -300; policy accept;
}
+ chain vyos_rpfilter {
+ type filter hook prerouting priority -300; policy accept;
+ }
+
chain PREROUTING {
type filter hook prerouting priority -300; policy accept;
counter jump VYOS_CT_PREROUTING_HOOK
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 08:47:30 +0000