I want to configure Openwrt firewall with following rule:
iptables -t nat -I POSTROUTING -m policy --pol ipsec --dir out -j ACCEPT
How to I write UCI configuration for above?
Not all rules are supported by uci. The fastest way is to add it in /etc/firewall.user
Better response by @vgaetera
1 Like
I assume you want to skip NAT for IPsec traffic.
This is my solution to the same problem. I set up a VPN zone which allows me to configure firewall policy specific to VPN traffic and separate from WAN and LAN policy.
1 Like