Skip to content

Commit

Permalink
improve: dns firewall rule
Browse files Browse the repository at this point in the history 
Signed-off-by: Dengfeng Liu <[email protected]>
  • Loading branch information
@liudf0716
liudf0716 committed Sep 27, 2024
1 parent 563ecbf commit 8a949c7
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions src/fw4_nft.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,13 +112,13 @@ const char *nft_wifidogx_init_script[] = {
};

const char *nft_wifidogx_dhcp_pass_script[] = {
"insert rule inet fw4 forward_wifidogx_unknown udp dport 67 accept",
"insert rule inet fw4 forward_wifidogx_unknown tcp dport 67 accept",
"insert rule inet fw4 forward_wifidogx_unknown udp dport 67 counter accept",
"insert rule inet fw4 forward_wifidogx_unknown tcp dport 67 counter accept",
};

const char *nft_wifidogx_dns_pass_script[] = {
"insert rule inet fw4 forward_wifidogx_unknown udp dport 53 accept",
"insert rule inet fw4 forward_wifidogx_unknown tcp dport 53 accept",
"insert rule inet fw4 forward_wifidogx_unknown udp dport 53 counter accept",
"insert rule inet fw4 forward_wifidogx_unknown tcp dport 53 counter reject",
};

const char *nft_wifidogx_dhcp_redirect_script[] = {
Expand All @@ -128,7 +128,7 @@ const char *nft_wifidogx_dhcp_redirect_script[] = {

const char *nft_wifidogx_dns_redirect_script[] = {
"add rule inet wifidogx prerouting iifname $interface$ udp dport 53 counter redirect to " DNS_FORWARD_PORT_STR,
"add rule inet wifidogx prerouting iifname $interface$ tcp dport 53 counter redirect to " DNS_FORWARD_PORT_STR,
"add rule inet wifidogx prerouting iifname $interface$ tcp dport 53 counter reject",
};

static void
Expand Down

0 comments on commit 8a949c7

Please sign in to comment.