[PATCH] fw4: fix handling of unaccepted forward packets

Jo-Philipp Wich jo at mein.io
Thu Nov 3 15:13:49 PDT 2022


Hi,

you misunderstand the purpose of the zone forward policy. It is not meant to
catch traffic from a zone to another zone, but traffic relayed from one
interface to another interface within the same zone.

Traffic from one zone to another zone is solely handled by the global forward
policy in the defaults section (or individual rules).

Your patch would change this long standing behavior, therefor NACK from me.

~ Jo

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20221103/de5b7bfa/attachment.sig>


More information about the openwrt-devel mailing list