Commit 563a3fc1 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

support for bypassing connection tracking for inbound packets

parent 2567a46b
Connection tracking bypass module for Alpine Wall
Copyright (C) 2012 Kaarle Ritvanen
Licensed under the terms of GPL2
module(..., package.seeall)
require 'awall.model'
require 'awall.util'
local model = awall.model
local NoTrackRule = model.class(model.Rule)
function NoTrackRule:init(context)
model.Rule.init(self, context)
for i, dir in ipairs({'in', 'out'}) do
if awall.util.contains(self[dir], model.fwzone) then
error('Connection tracking bypass rules not allowed for firewall zone')
function NoTrackRule:defaultzones() return {nil} end
function NoTrackRule:checkzoneoptfrag(ofrag)
if ofrag.out then
error('Cannot specify outbound interface for connection tracking bypass rule')
function NoTrackRule:table() return 'raw' end
function NoTrackRule:chain() return 'PREROUTING' end
function NoTrackRule:target()
if self.action then return end
return 'NOTRACK'
classes = {{'notrack', NoTrackRule}}
defrules = {}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment