I use Debian 11 as my home router, and I have a script for workaround
blocked addresses. Alas Roskomnadzor lists are getting bigger, so I
came to the simple thought that it would be much easier to route all
traffic in the TOR network, but I have a bunch of addresses which
should be passed directly, without using TOR.
This is valid rule: iifname $int_ifs ip daddr @rkn meta l4proto tcp
redirect to :9051
But this one is not: iifname $int_ifs ip daddr != { @akamai,
@stormwall } meta l4proto tcp redirect to :9051
How to exclude couple of named sets properly?
--
Talk is cheap, show me the code (c) Linus Torvalds
