Include outputs and forwards in domain blocks

2017-04-20 10:49:03 +01:00 · 2017-04-20 10:49:03 +01:00 · da18dc225e
parent 71cb693fad
commit da18dc225e
1 changed files with 8 additions and 0 deletions
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@ -408,6 +408,10 @@ function firewall_block_domain {
        hexstr=$(domain_to_hex_string $blocked_domain)
        iptables -A INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
        iptables -A INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -A OUTPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -A OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -I FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -I FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
        echo "${blocked_domain}" >> $FIREWALL_DOMAINS
        save_firewall_settings
    fi
@ -419,6 +423,10 @@ function firewall_unblock_domain {
        hexstr=$(domain_to_hex_string $unblocked_domain)
        iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
        iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D OUTPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D OUTPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
        sed -i "/${unblocked_domain}/d" $FIREWALL_DOMAINS
        save_firewall_settings
    fi