Skip to content

pbr-1.2.2: move DNS-Policies up in the firewall#93

Merged
stangri merged 1 commit intomossdef-org:1.2.2from
egc112:feature-branch-1
Apr 13, 2026
Merged

pbr-1.2.2: move DNS-Policies up in the firewall#93
stangri merged 1 commit intomossdef-org:1.2.2from
egc112:feature-branch-1

Conversation

@egc112
Copy link
Copy Markdown
Collaborator

@egc112 egc112 commented Apr 11, 2026

By executing DNS policies first in the firewall make sure those take precedence over other DNS-hijacking rules

@egc112
pbr-1.2.2: move DNS-Policies up in the firewall
4551398 
By executing DNS policies first in the firewall make sure those take precedence over other DNS-hijacking rules

Signed-off-by: Erik Conijn <egc112@msn.com>
@stangri stangri requested a review from Copilot April 13, 2026 17:18
Copilot AI reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR changes the fw4 jump rule insertion order so PBR’s dstnat chain is reached before other dstnat rules, giving DNS policy rules higher precedence over other DNS redirection/hijacking behavior.

Changes:

  • Change the dstnat jump rule from add rule to insert rule so it lands at the top of the dstnat chain.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@stangri stangri merged commit b265498 into mossdef-org:1.2.2 Apr 13, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@egc112 @stangri