drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-30 05:50:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

blockcheck: revert /proc/net/ip_* checking for iptables targets

Browse Source
This commit is contained in:
bol-van 2022-01-11 00:28:44 +03:00
parent dc9d596247
commit d746805aec
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
blockcheck.sh
View File

@ -117,9 +117,20 @@ IPFW_DEL()
} }
ipt6_has_raw() ipt6_has_raw()
{ {
grep -xFq raw /proc/net/ip6_tables_names ip6tables -nL -t raw >/dev/null 2>/dev/null
}
ipt_has_nfq()
{
# cannot just check /proc/net/ip_tables_targets because of iptables-nft or modules not loaded yet
local ret ipt
for ipt in iptables ip6tables; do
$ipt -A OUTPUT -t mangle -p 255 -j NFQUEUE --queue-num $QNUM --queue-bypass 2>/dev/null
ret=$?
[ $ret = 0 ] || return 1
$ipt -D OUTPUT -t mangle -p 255 -j NFQUEUE --queue-num $QNUM --queue-bypass 2>/dev/null
done
return 0
} }
check_system() check_system()
{ {
@ -176,7 +187,7 @@ check_prerequisites()
case "$UNAME" in case "$UNAME" in
Linux) Linux)
progs="$progs iptables ip6tables" progs="$progs iptables ip6tables"
! grep -xFq NFQUEUE /proc/net/ip_tables_targets || ! grep -xFq NFQUEUE /proc/net/ip6_tables_targets && { ipt_has_nfq || {
echo NFQUEUE iptables or ip6tables target is missing. pls install modules. echo NFQUEUE iptables or ip6tables target is missing. pls install modules.
[ "$SUBSYS" = openwrt ] && echo 'OpenWRT : opkg update ; opkg install iptables-mod-nfqueue' [ "$SUBSYS" = openwrt ] && echo 'OpenWRT : opkg update ; opkg install iptables-mod-nfqueue'
exitp 6 exitp 6