drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-24 22:32:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

remove upstart support. add hostlist support to init scripts

Browse Source
This commit is contained in:
bolvan
2019-05-02 13:26:25 +03:00
parent 342c766a9a
commit 84228dd6ef
5 changed files with 81 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
init.d/openwrt/firewall.user.hostlist Normal file
View File

@@ -0,0 +1,20 @@
TPPORT=1188
TPWS_USER=daemon
. /lib/functions/network.sh
network_find_wan wan_iface
for ext_iface in $wan_iface; do
network_get_device DEVICE $ext_iface
# DNAT for local traffic
iptables -t nat -C OUTPUT -p tcp --dport 80 -o $DEVICE -m owner ! --uid-owner $TPWS_USER -j DNAT --to 127.0.0.1:$TPPORT ||
iptables -t nat -I OUTPUT -p tcp --dport 80 -o $DEVICE -m owner ! --uid-owner $TPWS_USER -j DNAT --to 127.0.0.1:$TPPORT
done
network_get_device DEVICE lan
sysctl -w net.ipv4.conf.$DEVICE.route_localnet=1
iptables -t nat -C prerouting_lan_rule -p tcp --dport 80 -j DNAT --to 127.0.0.1:$TPPORT ||
iptables -t nat -I prerouting_lan_rule -p tcp --dport 80 -j DNAT --to 127.0.0.1:$TPPORT