drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-08-10 01:02:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

init.d: openwrt-minimal disable ipv6 instructions

Browse Source
This commit is contained in:
bol-van
2024-10-21 22:14:10 +03:00
parent f649743d70
commit d548d76c1b
3 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
init.d/openwrt-minimal/tpws/etc/firewall.user
View File

@@ -1,8 +1,11 @@
DISABLE_IPV6=0
TP_PORT=900
TP_USER=daemon
EXCLUDE4="10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16"
EXCLUDE6="fc00::/7 fe80::/10"
IPTS="iptables ip6tables"
[ "$DISABLE_IPV6" = 1 ] && IPTS=iptables
exists()
{
@@ -25,22 +28,22 @@ redirect()
redirect_port 443 $TP_PORT
}
for IPTABLES in iptables ip6tables; do
for IPTABLES in $IPTS; do
$IPTABLES -t nat -N tpws 2>/dev/null
$IPTABLES -t nat -F tpws
redirect
done
for net in $EXCLUDE4
do
for net in $EXCLUDE4; do
iptables -t nat -I tpws -d $net -j RETURN
done
for net in $EXCLUDE6
do
ip6tables -t nat -I tpws -d $net -j RETURN
done
[ "$DISABLE_IPV6" = 1 ] || {
for net in $EXCLUDE6; do
ip6tables -t nat -I tpws -d $net -j RETURN
done
}
for IPTABLES in iptables ip6tables; do
for IPTABLES in $IPTS; do
ipt PREROUTING -t nat -j tpws
ipt OUTPUT -t nat -m owner ! --uid-owner $TP_USER -j tpws
done