When I create the base chains I use something like
the following:
create chain ip mangle PREROUTING { type filter hook prerouting priority -150; policy accept; }
I set the priority via _priority -150_ , but when I'm listing rules, I get this:
table inet filter {
chain INPUT {
type filter hook input _priority filter_; policy drop;
...
chain FORWARD {
type filter hook forward _priority filter_; policy drop;
...
chain OUTPUT {
type filter hook output _priority filter_; policy accept;
...
table ip mangle {
chain PREROUTING {
type filter hook prerouting _priority mangle_; policy accept;
...
chain INPUT {
type filter hook input _priority mangle_; policy accept;
...
table ip raw-set {
chain PREROUTING {
type filter hook prerouting _priority raw - 1_; policy accept;
...
chain OUTPUT {
type filter hook output _priority raw - 1_; policy accept;
...
Shouldn't be there normal numbers like the ones used
when creating the rules?
Attachment:
signature.asc
Description: OpenPGP digital signature
