Jump to content

eset_wap module create bugs in nftables

Recommended Posts

Hy all,

I have a problem with my nftables firewalls since i had installed ESET on my Linux Server.

I have strange behavior of the loopback interface. Internal connections go through the network card, not "lo".
These unusual connections are therefore blocked by the firewall.

Bad log with ESET WAP:

IN= OUT=wlp3s0 SRC=192.168.0.XXX DST= LEN=60 ...............

Good log without ESET_WAP

IN= OUT=lo SRC= DST= LEN=60 ...............



  • Ubuntu 22LTS
  • Kernel 6.5.0-25-generic
  • ESET

Note: I have the problem with Debian 12 server.

Link to comment
Share on other sites

  • Administrators

Perhaps changing the priority of the output chain would help. If you use "filter" priority (alias for 0), change it to -102.

If that doesn't help, please raise a support ticket.

Link to comment
Share on other sites

Posted (edited)

OK, i found the source of problem.

Indeed, it is a problem of nftable ruleset, ESET inject NAT rules with higher priority (priority -101).

ESET rules NAT all TCP connections to But these strange connections are forbidden by my rules.

I hope this port is static ! => not !

I will add a specific rule to accept this. (all interface, all IP to, is not beautiful) in output chain:

ip daddr tcp dport 1024-65535 accept
Edited by ludo84
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...