From 099c188b1d5287700e0d36ec08a25d7f9efd30a4 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Mon, 15 Dec 2025 19:19:31 -0500
Subject: Fix

---
 modules/router.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules')

diff --git a/modules/router.nix b/modules/router.nix
index 63b39fb..53d14fd 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -295,8 +295,8 @@ ip protocol icmp limit rate 4/second counter accept comment "icmp v4"
             ip6 nexthdr ipv6-icmp limit rate 4/second counter accept comment "accept all ICMP types"
 
             ct state vmap { established : accept, related : accept, invalid : drop }
-
-            jump miniupnpd
+            # For miniupnpd.
+            ct status dnat accept
 
             # Don't allow accidental vpn forwarding to wan.
             iifname vpnlan-vport oifname wan-vport counter reject
-- 
cgit v1.2.3