mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Block QUIC by default

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2020-10-28 13:09:26 +01:00
parent afe5fd135b
commit 0f5b06a31a
1 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

20
openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
View file

@ -131,6 +131,26 @@ if [ "$(uci -q get firewall.fwlantovpn)" = "" ]; then
commit firewall
EOF
fi
if [ "$(uci -q get firewall.blockquicproxy)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set firewall.blockquicproxy=rule
set firewall.blockquicproxy.name='Block QUIC Proxy'
set firewall.blockquicproxy.proto='udp'
set firewall.blockquicproxy.dest_port='443'
set firewall.blockquicproxy.target='DROP'
set firewall.blockquicproxy.src='lan'
set firewall.blockquicall=rule
set firewall.blockquicall.name='Block QUIC All'
set firewall.blockquicall.proto='udp'
set firewall.blockquicall.src='*'
set firewall.blockquicall.dest='*'
set firewall.blockquicall.dest_port='443'
set firewall.blockquicall.target='DROP'
commit firewall
EOF
fi
uci -q batch <<-EOF >/dev/null
set firewall.@zone[0].mtu_fix='1'
set firewall.zone_vpn.mtu_fix='1'