diff --git a/files/etc/local/mesh-firewall/05-xlink b/files/etc/local/mesh-firewall/05-xlink index d8227cc1..aa752df1 100755 --- a/files/etc/local/mesh-firewall/05-xlink +++ b/files/etc/local/mesh-firewall/05-xlink @@ -54,7 +54,7 @@ if nixio.fs.stat("/etc/config.mesh/xlink") then local ifname = section.ifname nft_delete("forward", "iifname \"" .. ifname .. "\".*jump forward_dtdlink") nft_delete("input", "iifname \"" .. ifname .. "\".*jump input_dtdlink") - nft_delete("output", "oifname \"" .. ifname .. "\".*jump accept_to_dtdlink") + nft_delete("output", "oifname \"" .. ifname .. "\".*jump output_dtdlink") nft_delete("accept_to_dtdlink", "oifname \"" .. ifname .. "\".*accept") nft_delete("reject_to_dtdlink", "oifname \"" .. ifname .. "\".*reject") nft_delete("reject_from_dtdlink", "iifname \"" .. ifname .. "\".*reject") @@ -66,8 +66,8 @@ if nixio.fs.stat("/etc/config.mesh/xlink") then function(section) local ifname = section.ifname os.execute("/usr/sbin/nft insert rule ip fw4 forward iifname \"" .. ifname .. "\" counter jump forward_dtdlink") - os.execute("/usr/sbin/nft insert rule ip fw4 input iifname \"" .. ifname .. "\" counter jump input_dtdlink") - os.execute("/usr/sbin/nft insert rule ip fw4 output oifname \"" .. ifname .. "\" counter jump accept_to_dtdlink") + os.execute("/usr/sbin/nft add rule ip fw4 input iifname \"" .. ifname .. "\" counter jump input_dtdlink") + os.execute("/usr/sbin/nft add rule ip fw4 output oifname \"" .. ifname .. "\" counter jump output_dtdlink") os.execute("/usr/sbin/nft add rule ip fw4 accept_to_dtdlink oifname \"" .. ifname .. "\" counter accept") os.execute("/usr/sbin/nft add rule ip fw4 reject_to_dtdlink oifname \"" .. ifname .. "\" counter reject") os.execute("/usr/sbin/nft add rule ip fw4 reject_from_dtdlink iifname \"" .. ifname .. "\" counter reject")