From 06d32a6e43824f802d3b3435fcf4a24fdc2297c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Tue, 8 Oct 2024 20:54:52 +0800
Subject: [PATCH] auto-redirect: Let fw4 take precedence over prerouting

---
 redirect_nftables.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/redirect_nftables.go b/redirect_nftables.go
index 2fbebfe..be86114 100644
--- a/redirect_nftables.go
+++ b/redirect_nftables.go
@@ -88,7 +88,7 @@ func (r *autoRedirect) setupNFTables() error {
 		Name:     "prerouting",
 		Table:    table,
 		Hooknum:  nftables.ChainHookPrerouting,
-		Priority: nftables.ChainPriorityMangle,
+		Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityNATDest + 1),
 		Type:     nftables.ChainTypeNAT,
 	})
 	err = r.nftablesCreateExcludeRules(nft, table, chainPreRouting)
@@ -104,7 +104,7 @@ func (r *autoRedirect) setupNFTables() error {
 			Name:     "prerouting_udp",
 			Table:    table,
 			Hooknum:  nftables.ChainHookPrerouting,
-			Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityMangle + 1),
+			Priority: nftables.ChainPriorityRef(*nftables.ChainPriorityNATDest + 2),
 			Type:     nftables.ChainTypeFilter,
 		})
 		if r.enableIPv4 {