bundles/wireguard: better nftables rules

2022-12-11 17:42:39 +01:00 · 2022-12-11 17:42:39 +01:00 · c8dd809057
commit c8dd809057
parent e8d24bc363
1 changed files with 2 additions and 2 deletions
--- a/bundles/wireguard/metadata.py
+++ b/bundles/wireguard/metadata.py
@ -223,8 +223,8 @@ def snat(metadata):

    rules = set()
    for number, (peer, config) in enumerate(sorted(metadata.get('wireguard/peers', {}).items())):
-        rules.add(f'inet filter forward iif wg{number} accept')
-        rules.add(f'inet filter forward oif wg{number} accept')
+        rules.add(f'inet filter forward iifname wg{number} accept')
+        rules.add(f'inet filter forward oifname wg{number} accept')

        if 'snat_to' in config:
            rules.add('nat postrouting ip saddr {} ip daddr != {} snat to {}'.format(