diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall index 7880f35b..0c646f34 100755 --- a/src/freedombone-utils-firewall +++ b/src/freedombone-utils-firewall @@ -465,6 +465,7 @@ function firewall_block_domain { blocked_domain="$1" if [[ "$blocked_domain" == *'@'* ]]; then # Don't try to block email/microblog addresses + echo "${blocked_domain}" >> $FIREWALL_DOMAINS return fi if ! grep -q "$blocked_domain" $FIREWALL_DOMAINS; then @@ -538,15 +539,17 @@ function firewall_refresh_blocklist { function firewall_unblock_domain { unblocked_domain="$1" if grep -q "${unblocked_domain}" $FIREWALL_DOMAINS; then - hexstr=$(domain_to_hex_string $unblocked_domain) - iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP - iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP - iptables -D OUTPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP - iptables -D OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP - iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP - iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + if [[ "${unblocked_domain}" != *'@'* ]]; then + hexstr=$(domain_to_hex_string $unblocked_domain) + iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + iptables -D OUTPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + iptables -D OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP + save_firewall_settings + fi sed -i "/${unblocked_domain}/d" $FIREWALL_DOMAINS - save_firewall_settings fi }