Search the Community
Showing results for tags 'nftables'.
Found 2 results
-
Debian 11, nftables v1.0.6, Bluetit 1.3.0. Hello all, I'm trying to add an nftables input rule. In my very limited understanding the standard way to do this would be add it into /etc/nftables.conf. Would that still work if using bluetit persistent network-lock feature? Based on a cursory look through bluetit's code it seems that bluetit flushes the nftable rules and then replaces them with a full working kill-switch configuration. That would prevent my input rule from taking effect, correct? If so, how do I go about adding my nftables rule in conjunction with bluetit's killswitch? My first thought was a small daemon to nft insert rule filter input ip saddr <badip> drop After bluetit has loaded on boot, but it occurs to me that should bluetit ever disable/enable network-lock then the rule would get overwritten. Thanks!
-
I run the command nft list tables and I get this output: table inet filter table ip6 wg-quick-tun0 table ip wg-quick-tun0 So the question is why is there separate tables for IP4 & IP6? Why not just have it be an inet connection?