Ahoj, Dňa Tue, 23 Jul 2024 11:39:24 +0200 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> napísal: > commit fa23e0d4b756d25829e124d6b670a4c6bbd4bf7e Found i properly that is (will be) in 6.10? > You mentioned you are on 5.15, right? Yes, 5.15.150 (openwrt), i choose to use openwrt mostly due its luci (web interface), but as i usually don't work with openwrt (only on my home router), i have not set build environment for it, nor i follow its patches, thus no simple way to get newer kernel nor to patch existing for me. For now i installed ip(6)tables-nft (+ ipset), it seems to work. The only downside is, that i see no way how to customize openwrt firewall's (chain's) hooks priority (to ensure that they are run after iptables)... I hope that it will not be problem. I hope that can live with both, dropped before or after nftables. But i will like to abandon iptables at all, is here some workaround for that commit, please? regards -- Slavko https://www.slavino.sk
Attachment:
pgpmmkNjO738D.pgp
Description: Digitálny podpis OpenPGP
