iprule: move down address rule prioritypriority-fix

With this configuration it's possible to accept traffic from the LAN to the WAN address, if a rule between the network and address rules which looks up the main table is inserted by the administrator. Previously the reverse traffic was wrongly sent out on the WAN interface. This is useful when you run a service such as a VPN gateway on the router that you want to access both from the LAN and WAN. Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
author: Mikael Magnusson <mikma@users.sourceforge.net> 2020-11-06 16:17:39 +0100
committer: Mikael Magnusson <mikma@users.sourceforge.net> 2020-11-06 16:17:39 +0100
commit: 7d572b165cb6f717a8e3c8f948f56faa7e79bcf1 (patch)
tree: c22fb7bc4eb656b3a951bd03db4222b033ec860e
parent: ed11f0c0ffe4fdacfe3f8223049ef8a61d9c53e9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/iprule.h b/iprule.h
index 89b94b4..739bdad 100644
--- a/iprule.h
+++ b/iprule.h
@@ -17,7 +17,7 @@
 
 #include "interface-ip.h"
 
-#define IPRULE_PRIORITY_ADDR		10000
+#define IPRULE_PRIORITY_ADDR		30000
 #define IPRULE_PRIORITY_ADDR_MASK	20000
 #define IPRULE_PRIORITY_NW		90000
 #define IPRULE_PRIORITY_REJECT		4200000000
author	Mikael Magnusson <mikma@users.sourceforge.net>	2020-11-06 16:17:39 +0100
committer	Mikael Magnusson <mikma@users.sourceforge.net>	2020-11-06 16:17:39 +0100
commit	7d572b165cb6f717a8e3c8f948f56faa7e79bcf1 (patch)
tree	c22fb7bc4eb656b3a951bd03db4222b033ec860e
parent	ed11f0c0ffe4fdacfe3f8223049ef8a61d9c53e9 (diff)