status-im
/
miniupnp
mirror of https://github.com/status-im/miniupnp.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

README.md: updated. fix titles

This commit is contained in:
Thomas Bernard 2021-12-16 00:29:39 +01:00
parent 2bfed34e8c
commit 78823d762e
No known key found for this signature in database
GPG Key ID: DB511043A31ACAAF
1 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
miniupnpd/netfilter_nft/README.md
View File

@ -1,26 +1,23 @@
Miniupnpd nftables support by Tomofumi Hayashi (s1061123@gmail.com).
##Current Status
nftables support is 'alpha' version, not "so much" stable.
##Supported Features
## Supported Features
- IPv4 NAT/Filter add/del.
##How to build miniupnpd with nftables:
Run 'make' command with 'Makefile.linux_nft',
## How to build miniupnpd with nftables:
Run 'configure' command with '--firewall=nftables',
`make -f Makefile.linux_nft`
`./configure --firewall=nftables && make`
##How to Run
## How to Run
Please run 'netfilter_nft/scripts/nft_init.sh' to add miniupnpd chain.
`sudo ./netfilter_nft/scripts/nft_init.sh`
##FAQ
## FAQ
I will add this section when I get question.
Comments and Questions are welcome ;)
###Custom Chains
### Custom Chains
NFTables is very flexible but it comes with some restrictions because of that. If there is a second filter chain than all packets that were passed before with the miniupnpd chain will be reevaluated. This also means that if the chain is a drop chain you loose the packets. In that case you really want to use a custom chain and jump to it in your filter chain. miniupnpd should save all accept rules in that custom chain.
For NAT it is the same, a second chain will also evaluate the packets again and therefore it is possible that a second SNAT or DNAT is performed.