restrict the outgoing traffic

Eslam-Nawara · Eslam-Nawara · commit e56ea0ddd949 · 2024-09-10T13:27:31.000+03:00
diff --git a/cmds/modules/netlightd/nft/rules.nft b/cmds/modules/netlightd/nft/rules.nft
@@ -8,7 +8,8 @@ table inet filter {
 	}
 
 	chain output {
-		type filter hook output priority filter; policy accept;
+		type filter hook output priority filter; policy drop;
+		ip daddr 192.168.1.1 accept # the router ip
 	}
 
 	chain prerouting {

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,8 @@ table inet filter {`
`8`	`8`	`}`
`9`	`9`
`10`	`10`	`chain output {`
`11`		`- type filter hook output priority filter; policy accept;`
	`11`	`+ type filter hook output priority filter; policy drop;`
	`12`	`+ ip daddr 192.168.1.1 accept # the router ip`
`12`	`13`	`}`
`13`	`14`
`14`	`15`	`chain prerouting {`