zapret/init.d/pfsense/zapret.sh

25 lines
656 B
Bash
Raw Normal View History

2022-01-23 12:29:20 +03:00
#!/bin/sh
# this file should be placed to /usr/local/etc/rc.d and chmod 755
# prepare system
kldload ipfw
kldload ipdivert
2022-09-08 21:50:19 +03:00
# for older pfsense versions. newer do not have these sysctls
2022-01-23 12:29:20 +03:00
sysctl net.inet.ip.pfil.outbound=ipfw,pf
sysctl net.inet.ip.pfil.inbound=ipfw,pf
sysctl net.inet6.ip6.pfil.outbound=ipfw,pf
sysctl net.inet6.ip6.pfil.inbound=ipfw,pf
2022-09-08 21:50:19 +03:00
# required for newer pfsense versions (2.6.0 tested) to return ipfw to functional state
pfctl -d ; pfctl -e
2022-01-23 12:29:20 +03:00
# add ipfw rules and start daemon
ipfw delete 100
ipfw add 100 divert 989 tcp from any to any 80,443 out not diverted not sockarg
pkill ^dvtws$
dvtws --daemon --port 989 --dpi-desync=split2