Skip to content

Commit 9c69536

Browse files
perezdperezd
committed
fix: use NFLOG instead of LOG for iptables drop logging
1 parent fc566a5 commit 9c69536

1 file changed

Lines changed: 1 addition & 0 deletions

File tree

network/refresh-iptables.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ while IFS= read -r domain || [[ -n "$domain" ]]; do
2929
done < "$DOMAINS_FILE"
3030

3131
echo "-A OUTPUT -p udp -j DROP" >> "$RULES_FILE"
32+
echo '-A OUTPUT -j NFLOG --nflog-prefix "CLAUDETAINER_DROP" --nflog-group 100' >> "$RULES_FILE"
3233
echo "COMMIT" >> "$RULES_FILE"
3334

3435
iptables-restore < "$RULES_FILE"

0 commit comments

Comments
 (0)