github-mirror/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2026-03-09 14:55:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

QUIC support to main scripts

Browse Source
This commit is contained in:
bol-van
2023-07-02 18:46:26 +03:00
parent db1c533b6c
commit 9a87e617e4
12 changed files with 141 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
common/nft.sh
View File

@@ -270,6 +270,13 @@ nft_filter_apply_port_target()
fi
eval $1="\"\$$1 $f\""
}
nft_filter_apply_port_target_quic()
{
# $1 - var name of nftables filter
local f
f="udp dport 443"
eval $1="\"\$$1 $f\""
}
nft_filter_apply_ipset_target4()
{
# $1 - var name of ipv4 nftables filter
@@ -532,6 +539,22 @@ zapret_apply_firewall_rules_nft()
nft_fw_nfqws_post6 "$f6 $desync" $qns6
fi
fi
get_nfqws_qnums_quic qn qn6
if [ -n "$qn" ]; then
f4=
nft_filter_apply_port_target_quic f4
f4="$f4 $first_packet_only"
nft_filter_apply_ipset_target4 f4
nft_fw_nfqws_post4 "$f4 $desync" $qn
fi
if [ -n "$qn6" ]; then
f6=
nft_filter_apply_port_target_quic f6
f6="$f6 $first_packet_only"
nft_filter_apply_ipset_target6 f6
nft_fw_nfqws_post6 "$f6 $desync" $qn6
fi
;;
custom)
existf zapret_custom_firewall_nft && zapret_custom_firewall_nft