branch: externals/nftables-mode
commit 78a1a4889837a25f5a5bff6a089bb8b262d5b133
Author: Trent W. Buck <trentb...@gmail.com>
Commit: Trent W. Buck <trentb...@gmail.com>
cannot reject as default policy
root@not-omega:~# nft 'add chain inet my_filter my_forward { type filter
hook forward priority filter; policy reject; }'
Error: syntax error, unexpected reject, expecting accept or drop
---
nftables-host.nft | 1 -
1 file changed, 1 deletion(-)
diff --git a/nftables-host.nft b/nftables-host.nft
index e944676225..5ff348a36d 100644
--- a/nftables-host.nft
+++ b/nftables-host.nft
@@ -101,7 +101,6 @@ table inet my_filter {
# Finally, politely reject all other attempts.
# Omit to use the default policy ("policy drop", above) instead.
- # FIXME: can we simply do "policy reject" nowadays?
reject
}
