vanja/gluetun
1
0
Fork 0
mirror of https://github.com/qdm12/gluetun.git synced 2026-05-17 14:10:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reject output public ip traffic for 1s as another fallback

Browse Source
This commit is contained in:
Quentin McGaw
2026-02-26 18:04:23 +00:00
parent a37354426b
commit f654dece66
6 changed files with 118 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/firewall/iptables/parse.go
+6 -1
View File
@@ -36,7 +36,8 @@ type iptablesInstruction struct {
tcpFlags tcpFlags
mark mark
connMark mark
setMark uint // only used for jump CONNMARK --set-mark
setMark uint // only used for jump CONNMARK --set-mark
rejectWith string // only used for REJECT targets
}
func (i *iptablesInstruction) setDefaults() {
@@ -81,6 +82,8 @@ func (i *iptablesInstruction) equalToRule(table, chain string, rule chainRule) (
return false
case i.setMark != rule.setMark:
return false
case i.rejectWith != rule.rejectWith:
return false
default:
return true
}
@@ -193,6 +196,8 @@ func parseInstructionFlag(fields []string, instruction *iptablesInstruction) (co
if err != nil {
return 0, fmt.Errorf("parsing TCP flags: %w", err)
}
case "--reject-with":
instruction.rejectWith = value // for example "tcp-reset"
default:
return 0, fmt.Errorf("%w: unknown key %q", ErrIptablesCommandMalformed, flag)
}