yanistyle/AS_Network_List
1
0
Fork 0
mirror of https://github.com/C24Be/AS_Network_List.git synced 2026-03-30 14:18:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
048810e560bcd657a480ab885d6dfda4477b17da
AS_Network_List/blacklists_nftables/blacklist-vk-v6.nft
C24Be 0107142b90 Update 2026.03.27 06:59:36
2026-03-27 06:59:36 +00:00

36 lines
1022 B
Plaintext
Raw Blame History

# Autogenerated nftables blacklist
# Generated: 2026-03-27T06:59:36.677644Z
# Source: /home/runner/work/AS_Network_List/AS_Network_List/blacklists/blacklist-vk-v6.txt
# IPv4: 0, IPv6: 1
#
# Usage:
# sudo nft -f <this-file>
# # VK egress blocking for VPN clients via NAT/FORWARD
# sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'
# sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip daddr @blacklist_vk_v4 counter reject
# sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip6 daddr @blacklist_vk_v6 counter reject
table inet filter {
set blacklist_vk_v4 {
type ipv4_addr
flags interval
}
set blacklist_vk_v6 {
type ipv6_addr
flags interval
elements = {
2a00:bdc0::/29
}
}
chain input {
type filter hook input priority 0;
policy accept;
ct state { established, related } accept
ip6 saddr @blacklist_vk_v6 counter drop
}
}
Reference in New Issue View Git Blame Copy Permalink