Dustin
b83e832df9
Marking packets matching port-forwarding rules, and then allowing traffic carrying that mark did not seem to work well. Often, packets seemed to get dropped for no apparent reason, and outside connections to NAT'd services was sometimes slow as a result. Explicitly listing every destination host/port in the `forward` table seems to resolve this issue. |
||
|---|---|---|
| .. | ||
| forward.nft.j2 | ||
| incoming.nft.j2 | ||
| masquerade.nft.j2 | ||
| outgoing.nft.j2 | ||
| port-forwards.nft.j2 | ||
| reject.nft.j2 | ||