mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2025-12-10 07:44:50 +01:00
urlfilter: updated ebtables command
* used concurrent option with ebatables
This commit is contained in:
Amit Kumar
parent
b1aa6341a2
commit
f174cd5e12
1 changed files with 7 additions and 7 deletions
|
|
@ -25,7 +25,7 @@ configure_firewall()
|
|||
iptables -w -I INPUT 4 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# disable acceleration for https packet so that they can be read by urlfilter
|
||||
ebtables -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
|
|
@ -81,9 +81,9 @@ stop_service() {
|
|||
iptables -w -D INPUT -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p tcp --dport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ebtables -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
ip6tables -w -nL FORWARD|grep -iqE "NFQUEUE"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
|
|
@ -98,9 +98,9 @@ stop_service() {
|
|||
ip6tables -w -D INPUT -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p tcp --dport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ebtables -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
}
|
||||
reload_service() {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue