Hi,
I noticed that when I start vpnserver there are following iptables rules added:
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP icmp -- !127.164.127.124 !127.202.195.175 icmp port-unreachable connmark match ! 0x43c51593
DROP tcp -- !127.129.212.46 !127.107.205.206 tcp spts:61001:65535 flags:RST/RST connmark match ! 0x79a30f60
and it seems to me if I remove them vpnserver stops working. How I can use nftables instead of iptables ?
Thanks...
Using nftables instead of iptables
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Using nftables instead of iptables
Please try to disable RawIP mode SecureNAT.