Scott Kuhl bc24ed359a Make nat and nft rules consistent; improve rule ordering. ... First, check if TTL indicates we should ignore packet (instead of checking in multiple rules later). Also, nft method didn't do this at all. Now, nft matches the behavior of nat. Second, forward DNS traffic (we may need to intercept traffic to localhost if a DNS server is running on localhost). Third, ignore any local traffic packets. (Previously, we ignored local traffic except DNS and then had the DNS rules). The nft method didn't do this previously at all. It now matches the behavior of nat. Lastly, list the subnets to redirect and/or exclude. This step is left unchanged. Excluding the local port that we are listening on is redundant with the third step, but should cause no harm. In summary, this ordering simplifies the rules in nat and eliminates differences that previously existed between nat and nft.		2020-10-21 11:51:39 -04:00
..
client	Make nat and nft rules consistent; improve rule ordering.	2020-10-21 11:51:39 -04:00
server	Fix/pep8 (#277)	2019-02-11 09:59:13 +11:00
ssh	Fix parse_hostport to always return string for host	2020-08-13 07:53:38 +10:00