Leave forwarding UDP for another time

2023-10-22 09:39:25 +02:00 · 2023-10-22 09:39:25 +02:00 · ffe65032db
commit ffe65032db
parent 1bcd445dc6
1 changed files with 2 additions and 2 deletions
--- a/vpn/bridge/templates/nftables/up.nft
+++ b/vpn/bridge/templates/nftables/up.nft
@ -14,7 +14,7 @@ table ip ${IFACE}_ipv4 {
        chain prerouting {
                type nat hook prerouting priority -100;
 {% for forward in vpn_bridge_dnat %}
-                iif {{ ansible_default_ipv4.interface | default(ansible_default_ipv6.interface) }} meta l4proto { tcp, udp } th dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet_address }};
+                iif {{ ansible_default_ipv4.interface | default(ansible_default_ipv6.interface) }} tcp dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet_address }};
 {% endfor %}
        }
@ -37,7 +37,7 @@ table ip6 ${IFACE}_ipv6 {
        chain prerouting {
                type nat hook prerouting priority -100;
 {% for forward in vpn_bridge_dnat %}
-                iif {{ ansible_default_ipv6.interface | default(ansible_default_ipv4.interface) }} meta l4proto { tcp, udp } th dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet6_address }};
+                iif {{ ansible_default_ipv6.interface | default(ansible_default_ipv4.interface) }} tcp dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet6_address }};
 {% endfor %}
        }