From 367378e6fa1349c9101e8ce95d725948d03a5ea6 Mon Sep 17 00:00:00 2001
From: necro-nemesis <necro_nemesis@hotmail.com>
Date: Fri, 27 Sep 2019 08:47:10 -0400
Subject: [PATCH] More nftables rules

---
 installers/common.sh | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/installers/common.sh b/installers/common.sh
index 3085b45..c2d4ca2 100755
--- a/installers/common.sh
+++ b/installers/common.sh
@@ -206,15 +206,16 @@ function network_tables() {
     if [ $version -lt 10 ]; then
     install_log "Use iptables"
     tablerouteA='iptables -t nat -A POSTROUTING -s 10.3.141.0\/24 -o lokitun0 -j MASQUERADE #RASPAP'
-    tablerouteB='iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP'    else
-    tablerouteC='#RASPAP'
-    tablerouteD='#RASPAP'
+    tablerouteB='iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP'
+    else
     install_log "Use nftables"
     sudo apt-get -y install nftables
-    tablerouteA='nft -f backup.nft #RASPAP'
-    tablerouteB='nft add chain nat postrouting { type nat hook postrouting priority 100 \\; } #RASPAP'
-    tablerouteC='nft add rule ip nat postrouting oifname "lokitun0" ip saddr 10.3.141.0\/24 counter masquerade #RASPAP'
-    tablerouteD='nft add rule ip nat postrouting counter masquerade #RASPAP'
+    sudo apt-get purge iptables
+    nft flush ruleset
+    nft add chain nat postrouting { type nat hook postrouting priority 100 \; }
+    nft add rule ip nat postrouting oifname "lokitun0" ip saddr 10.3.141.0/24 counter masquerade
+    nft add rule ip nat postrouting counter masquerade
+    nft systemctl enable nftables
     fi
     }
 
@@ -249,8 +250,6 @@ function default_configuration() {
     'echo 1 > \/proc\/sys\/net\/ipv4\/ip_forward #RASPAP'
     "$tablerouteA"
     "$tablerouteB"
-    "$tablerouteC"
-    "$tablerouteD"
     'sudo \/var\/lib\/lokinet\/.\/lokilaunch.sh start #RASPAP'
     )