mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-06-22 02:01:08 +07:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Mykola Baibuz
|
4fb2676759 |
@@ -264,12 +264,12 @@ void LinuxFirewall::install()
|
|||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
installAnchor(IPv4, QStringLiteral("290.allowDHCP"), {
|
// installAnchor(IPv4, QStringLiteral("290.allowDHCP"), {
|
||||||
QStringLiteral("-p udp -d 255.255.255.255 --sport 68 --dport 67 -j ACCEPT"),
|
// QStringLiteral("-p udp -d 255.255.255.255 --sport 68 --dport 67 -j ACCEPT"),
|
||||||
});
|
// });
|
||||||
installAnchor(IPv6, QStringLiteral("290.allowDHCP"), {
|
// installAnchor(IPv6, QStringLiteral("290.allowDHCP"), {
|
||||||
QStringLiteral("-p udp -d ff00::/8 --sport 546 --dport 547 -j ACCEPT"),
|
// QStringLiteral("-p udp -d ff00::/8 --sport 546 --dport 547 -j ACCEPT"),
|
||||||
});
|
// });
|
||||||
installAnchor(IPv6, QStringLiteral("250.blockIPv6"), {
|
installAnchor(IPv6, QStringLiteral("250.blockIPv6"), {
|
||||||
QStringLiteral("! -o lo+ -j REJECT"),
|
QStringLiteral("! -o lo+ -j REJECT"),
|
||||||
});
|
});
|
||||||
@@ -351,7 +351,7 @@ void LinuxFirewall::uninstall()
|
|||||||
uninstallAnchor(IPv4, QStringLiteral("320.allowDNS"));
|
uninstallAnchor(IPv4, QStringLiteral("320.allowDNS"));
|
||||||
uninstallAnchor(Both, QStringLiteral("310.blockDNS"));
|
uninstallAnchor(Both, QStringLiteral("310.blockDNS"));
|
||||||
uninstallAnchor(Both, QStringLiteral("300.allowLAN"));
|
uninstallAnchor(Both, QStringLiteral("300.allowLAN"));
|
||||||
uninstallAnchor(Both, QStringLiteral("290.allowDHCP"));
|
// uninstallAnchor(Both, QStringLiteral("290.allowDHCP"));
|
||||||
uninstallAnchor(IPv6, QStringLiteral("250.blockIPv6"));
|
uninstallAnchor(IPv6, QStringLiteral("250.blockIPv6"));
|
||||||
uninstallAnchor(Both, QStringLiteral("200.allowVPN"));
|
uninstallAnchor(Both, QStringLiteral("200.allowVPN"));
|
||||||
uninstallAnchor(IPv4, QStringLiteral("120.blockNets"));
|
uninstallAnchor(IPv4, QStringLiteral("120.blockNets"));
|
||||||
|
|||||||
@@ -314,7 +314,7 @@ void WireguardUtilsLinux::applyFirewallRules(FirewallParams& params)
|
|||||||
LinuxFirewall::updateBlockNets(params.blockAddrs);
|
LinuxFirewall::updateBlockNets(params.blockAddrs);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
|
// LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true);
|
||||||
LinuxFirewall::updateDNSServers(params.dnsServers);
|
LinuxFirewall::updateDNSServers(params.dnsServers);
|
||||||
|
|||||||
@@ -365,7 +365,7 @@ void WireguardUtilsMacos::applyFirewallRules(FirewallParams& params)
|
|||||||
|
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true);
|
// MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true);
|
||||||
MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), params.dnsServers);
|
MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), params.dnsServers);
|
||||||
|
|||||||
@@ -187,7 +187,7 @@ bool WindowsFirewall::enableKillSwitch(int vpnAdapterIndex) {
|
|||||||
logger.info() << "Enabling Killswitch Using Adapter:" << vpnAdapterIndex;
|
logger.info() << "Enabling Killswitch Using Adapter:" << vpnAdapterIndex;
|
||||||
FW_OK(allowTrafficOfAdapter(vpnAdapterIndex, MED_WEIGHT,
|
FW_OK(allowTrafficOfAdapter(vpnAdapterIndex, MED_WEIGHT,
|
||||||
"Allow usage of VPN Adapter"));
|
"Allow usage of VPN Adapter"));
|
||||||
FW_OK(allowDHCPTraffic(MED_WEIGHT, "Allow DHCP Traffic"));
|
// FW_OK(allowDHCPTraffic(MED_WEIGHT, "Allow DHCP Traffic"));
|
||||||
FW_OK(allowHyperVTraffic(MED_WEIGHT, "Allow Hyper-V Traffic"));
|
FW_OK(allowHyperVTraffic(MED_WEIGHT, "Allow Hyper-V Traffic"));
|
||||||
FW_OK(allowTrafficForAppOnAll(getCurrentPath(), MAX_WEIGHT,
|
FW_OK(allowTrafficForAppOnAll(getCurrentPath(), MAX_WEIGHT,
|
||||||
"Allow all for AmneziaVPN.exe"));
|
"Allow all for AmneziaVPN.exe"));
|
||||||
|
|||||||
+2
-2
@@ -235,7 +235,7 @@ bool IpcServer::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterInd
|
|||||||
LinuxFirewall::updateBlockNets(blocknets);
|
LinuxFirewall::updateBlockNets(blocknets);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
|
// LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
|
||||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true);
|
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true);
|
||||||
QStringList dnsServers;
|
QStringList dnsServers;
|
||||||
@@ -265,7 +265,7 @@ bool IpcServer::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterInd
|
|||||||
MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), blockNets, QStringLiteral("blocknets"), blocknets);
|
MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), blockNets, QStringLiteral("blocknets"), blocknets);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true);
|
// MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true);
|
||||||
MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true);
|
MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true);
|
||||||
|
|
||||||
QStringList dnsServers;
|
QStringList dnsServers;
|
||||||
|
|||||||
Reference in New Issue
Block a user