util/linuxfw: fix stateful packet filtering in nftables mode

To match iptables: https://github.com/tailscale/tailscale/blob/b5dbf155b1b0fbd5947160d8bca4085c6ff039a5/util/linuxfw/iptables_runner.go#L536 Updates #12066 Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2024-05-09 10:26:57 +01:00
parent b5dbf155b1
commit ac638f32c0
1 changed files with 1 additions and 1 deletions
@@ -1773,7 +1773,7 @@ func makeStatefulRuleExprs(tunname string) []expr.Any {
 		// going to our TUN.
 		&expr.Meta{Key: expr.MetaKeyOIFNAME, Register: 1},
 		&expr.Cmp{
-			Op:       expr.CmpOpNeq,
+			Op:       expr.CmpOpEq,
 			Register: 1,
 			Data:     []byte(tunname),
 		},