As a precaution, I'm not going to access the router. I'm going to reflash it with a new image. I don't know anything about forensics.
So, in summary, if the firewall breaks no rules are applied?
If so, this information should be added to the Wiki.
1 Like
the thing is you filter on vlan tag, in this context no meta will peel off that. try netdev filtering on interface.999 instead.
Make a request in documentation section eg to run fw4 check after manually typing nftables rules.
Changing my station's OS is going to take some time. I'd also have to test the conditions under which the firewall breaks (especially if my rules are valid). So, when I'm ready I think I'll have to do a bug report.
1 Like
Nothing about OS change.
Your rule filters vlan-s in netdev, vlan has just vlan id and encapsulated ethertype to filter. If you filter on vlan netdev you have lots of meta info.