Adding users to the blocklist
This commit is contained in:
parent
df3df89fa8
commit
cbcdc4dd40
|
@ -465,6 +465,7 @@ function firewall_block_domain {
|
||||||
blocked_domain="$1"
|
blocked_domain="$1"
|
||||||
if [[ "$blocked_domain" == *'@'* ]]; then
|
if [[ "$blocked_domain" == *'@'* ]]; then
|
||||||
# Don't try to block email/microblog addresses
|
# Don't try to block email/microblog addresses
|
||||||
|
echo "${blocked_domain}" >> $FIREWALL_DOMAINS
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
if ! grep -q "$blocked_domain" $FIREWALL_DOMAINS; then
|
if ! grep -q "$blocked_domain" $FIREWALL_DOMAINS; then
|
||||||
|
@ -538,6 +539,7 @@ function firewall_refresh_blocklist {
|
||||||
function firewall_unblock_domain {
|
function firewall_unblock_domain {
|
||||||
unblocked_domain="$1"
|
unblocked_domain="$1"
|
||||||
if grep -q "${unblocked_domain}" $FIREWALL_DOMAINS; then
|
if grep -q "${unblocked_domain}" $FIREWALL_DOMAINS; then
|
||||||
|
if [[ "${unblocked_domain}" != *'@'* ]]; then
|
||||||
hexstr=$(domain_to_hex_string $unblocked_domain)
|
hexstr=$(domain_to_hex_string $unblocked_domain)
|
||||||
iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
||||||
iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
||||||
|
@ -545,9 +547,10 @@ function firewall_unblock_domain {
|
||||||
iptables -D OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
iptables -D OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
||||||
iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
||||||
iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
|
||||||
sed -i "/${unblocked_domain}/d" $FIREWALL_DOMAINS
|
|
||||||
save_firewall_settings
|
save_firewall_settings
|
||||||
fi
|
fi
|
||||||
|
sed -i "/${unblocked_domain}/d" $FIREWALL_DOMAINS
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function firewall_drop_spoofed_packets {
|
function firewall_drop_spoofed_packets {
|
||||||
|
|
Loading…
Reference in New Issue