ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-09-22 09:42:51 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

blockcheck: separate LINKLOCAL and LOCALHOST

Browse Source
This commit is contained in:
bol-van 2024-03-11 21:36:39 +03:00
parent 353d34a425
commit f892b625d2
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
blockcheck.sh
View File

@ -128,12 +128,12 @@ mpf_tpws_anchor()
# $1 - port
case "$IPV" in
4)
echo "rdr pass on $LO_IFACE inet proto tcp from \!127.0.0.0/8 to any port $1 -> $LOCALHOST port $TPPORT"
echo "pass out route-to ($LO_IFACE $LOCALHOST) inet proto tcp from any to any port $1 user { >root }"
echo "rdr pass on $LO_IFACE inet proto tcp from \!127.0.0.0/8 to any port $1 -> $LINKLOCAL port $TPPORT"
echo "pass out route-to ($LO_IFACE $LINKLOCAL) inet proto tcp from any to any port $1 user { >root }"
;;
6)
echo "rdr pass on $LO_IFACE inet6 proto tcp from \!::1 to any port $1 -> $LOCALHOST port $TPPORT"
echo "pass out route-to ($LO_IFACE $LOCALHOST) inet6 proto tcp from any to any port $1 user { >root }"
echo "rdr pass on $LO_IFACE inet6 proto tcp from \!::1 to any port $1 -> $LINKLOCAL port $TPPORT"
echo "pass out route-to ($LO_IFACE $LINKLOCAL) inet6 proto tcp from any to any port $1 user { >root }"
;;
esac
}
@ -373,7 +373,7 @@ curl_translate_code()
curl_supports_tls13()
{
local r
curl --tlsv1.3 -Is -o /dev/null http://$LOCALHOST_IPT:65535 2>/dev/null
curl --tlsv1.3 -Is -o /dev/null http://127.0.0.1:65535 2>/dev/null
# return code 2 = init failed. likely bad command line options
[ $? = 2 ] && return 1
# curl can have tlsv1.3 key present but ssl library without TLS 1.3 support
@ -388,7 +388,7 @@ curl_supports_tlsmax()
# supported only in OpenSSL and LibreSSL
curl --version | grep -Fq -e OpenSSL -e LibreSSL -e GnuTLS || return 1
# supported since curl 7.54
curl --tls-max 1.2 -Is -o /dev/null http://$LOCALHOST_IPT:65535 2>/dev/null
curl --tls-max 1.2 -Is -o /dev/null http://127.0.0.1:65535 2>/dev/null
# return code 2 = init failed. likely bad command line options
[ $? != 2 ]
}
@ -584,7 +584,7 @@ pktws_start()
}
tpws_start()
{
"$TPWS" --uid $TPWS_UID:$TPWS_GID --bind-addr=$LOCALHOST%$LO_IFACE --port=$TPPORT "$@" >/dev/null &
"$TPWS" --uid $TPWS_UID:$TPWS_GID --bind-addr=$LINKLOCAL%$LO_IFACE --port=$TPPORT "$@" >/dev/null &
PID=$!
# give some time to initialize
minsleep
@ -924,13 +924,17 @@ configure_ip_version()
{
if [ "$IPV" = 6 ]; then
LOCALHOST=::1
[ "$UNAME" = Darwin ] && LOCALHOST=fe80::1
LOCALHOST_IPT=[${LOCALHOST}]
LINKLOCAL=$LOCALHOST
[ "$UNAME" = Darwin ] && LINKLOCAL=fe80::1
LINKLOCAL_IPT=[${LINKLOCAL}]
IPVV=6
else
IPTABLES=iptables
LOCALHOST=127.0.0.1
LOCALHOST_IPT=$LOCALHOST
LINKLOCAL=$LOCALHOST
LINKLOCAL_IPT=$LINKLOCAL
IPVV=
fi
IPTABLES=ip${IPVV}tables