zhao/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-passwall: sync upstream

Browse Source 
last commit: c75cb867c3
This commit is contained in:
sbwml 2024-08-19 14:00:10 +08:00
parent b2f5c16521
commit 068279cbf5
1 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -698,8 +698,17 @@ filter_node() {
} }
dns_hijack() { dns_hijack() {
$ipt_n -I PSW -p udp --dport 53 -j REDIRECT --to-ports 53 [ $(config_t_get global dns_redirect "0") = "1" ] && {
echolog "强制转发本机DNS端口 UDP/53 的请求[$?]" $ipt_m -A PSW -p udp --dport 53 -j RETURN
$ipt_m -A PSW -p tcp --dport 53 -j RETURN
$ip6t_m -A PSW -p udp --dport 53 -j RETURN
$ip6t_m -A PSW -p tcp --dport 53 -j RETURN
$ipt_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ipt_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ip6t_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ip6t_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
echolog " - 开启 DNS 重定向"
}
} }
add_firewall_rule() { add_firewall_rule() {
@ -1121,17 +1130,7 @@ add_firewall_rule() {
$ip6t_m -I OUTPUT $(comment "mangle-OUTPUT-PSW") -o lo -j RETURN $ip6t_m -I OUTPUT $(comment "mangle-OUTPUT-PSW") -o lo -j RETURN
insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW) -m mark --mark 1 -j RETURN" insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW) -m mark --mark 1 -j RETURN"
[ $(config_t_get global dns_redirect "0") = "1" ] && { dns_hijack
$ipt_m -A PSW -p udp --dport 53 -j RETURN
$ipt_m -A PSW -p tcp --dport 53 -j RETURN
$ip6t_m -A PSW -p udp --dport 53 -j RETURN
$ip6t_m -A PSW -p tcp --dport 53 -j RETURN
$ipt_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ipt_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ip6t_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
$ip6t_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null
echolog " - 开启 DNS 重定向"
}
} }