Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build: switch to firewall4 by default
This commit replaces firewall aka firewall3 with its nftables based successor firewall4. Signed-off-by: Paul Spooren <mail@aparcar.org>
- Loading branch information
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since LuCI doesn't have the option to set software flow offload (yet), it can be enabled in /etc/config/firewall with
option flow_offloading '1'
under config default section.08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any plan to offer a translation tool for iptables rules? BTW, how to specify custom rules as /etc/firewall.user no longer exists?
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can't find the wifidog package after this mod
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be fixed via openwrt/luci@705d46b
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I still see the package here: https://downloads.openwrt.org/snapshots/packages/x86_64/packages/
You have to remove firewall4 and instead install firewall3
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found that the contents of the iptables panel have disappeared, will there be a new management panel for firewall4, which is mainly used to display the working status of firewall entries?
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I am working on it.
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By the way, when I compiled X86-64 firmware, I checked the following configs:
So after the NF is used as the default firewall, what alternative configs does I need to check?
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
docker broken
08d9f6e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please elaborate