ruleset: reduce ksoftirqd load by refering to looopback by numeric id

[project/firewall4.git] / tests / 03_rules / 03_constraints

diff --git a/tests/03_rules/03_constraints b/tests/03_rules/03_constraints
index eb3272fb41d7d2039ac5fccf868a737c41d3afa7..76f4c0c8bfd37044cc1c1bc94ec89d712dea6775 100644 (file)
--- a/tests/03_rules/03_constraints
+++ b/tests/03_rules/03_constraints
@@ -105,7 +105,7 @@ table inet fw4 {
        chain input {
                type filter hook input priority filter; policy drop;
 
-               iifname "lo" accept comment "!fw4: Accept traffic from loopback"
+               iif "lo" accept comment "!fw4: Accept traffic from loopback"
 
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
        }
@@ -119,7 +119,7 @@ table inet fw4 {
        chain output {
                type filter hook output priority filter; policy drop;
 
-               oifname "lo" accept comment "!fw4: Accept traffic towards loopback"
+               oif "lo" accept comment "!fw4: Accept traffic towards loopback"
 
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows"
                meta nfproto ipv4 ip dscp 0x0 counter comment "!fw4: DSCP match rule #1"