From 7d572b165cb6f717a8e3c8f948f56faa7e79bcf1 Mon Sep 17 00:00:00 2001
From: Mikael Magnusson <mikma@users.sourceforge.net>
Date: Fri, 6 Nov 2020 16:17:39 +0100
Subject: iprule: move down address rule priority

With this configuration it's possible to accept traffic from the LAN to
the WAN address, if a rule between the network and address rules which
looks up the main table is inserted by the administrator. Previously
the reverse traffic was wrongly sent out on the WAN interface.

This is useful when you run a service such as a VPN gateway on the router
that you want to access both from the LAN and WAN.

Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
---
 iprule.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iprule.h b/iprule.h
index 89b94b4..739bdad 100644
--- a/iprule.h
+++ b/iprule.h
@@ -17,7 +17,7 @@
 
 #include "interface-ip.h"
 
-#define IPRULE_PRIORITY_ADDR		10000
+#define IPRULE_PRIORITY_ADDR		30000
 #define IPRULE_PRIORITY_ADDR_MASK	20000
 #define IPRULE_PRIORITY_NW		90000
 #define IPRULE_PRIORITY_REJECT		4200000000
-- 
cgit v1.2.3