Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-12-26 07:59:30 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixes

Browse Source
This commit is contained in:
Tad 2017-05-29 22:38:33 -04:00
parent 188d9632ec
commit 3a6815c4eb
3 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Patches/LineageOS-14.1/android_system_netd/0001-iptables.patch
View File

@ -1,33 +1,31 @@
From 468c7af6d84d1b2c7bafd10c0a109d7ba8512c0b Mon Sep 17 00:00:00 2001 From 9663281c60b56be2d2cf00cd7ed11625a6ac1998 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us> From: Tad <tad@spotco.us>
Date: Mon, 29 May 2017 20:01:31 -0400 Date: Mon, 29 May 2017 21:36:29 -0400
Subject: [PATCH] Network hardening via iptables Subject: [PATCH] Network hardening via iptables
Change-Id: I4b7c330a50aa55ad9259e0ced8aee71d4acaf508 Change-Id: Ic128a37ccbc1885b4f92cee5bd6eb4408fa78105
Credit: https://javapipe.com/iptables-ddos-protection Credit: https://javapipe.com/iptables-ddos-protection
--- ---
server/CommandListener.cpp | 51 ++++++++++++++++++++++++++++++++++++++++++++++ server/CommandListener.cpp | 49 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+) 1 file changed, 49 insertions(+)
diff --git a/server/CommandListener.cpp b/server/CommandListener.cpp diff --git a/server/CommandListener.cpp b/server/CommandListener.cpp
index b16da18..0a318fc 100755 index b16da18..06db5b9 100755
--- a/server/CommandListener.cpp --- a/server/CommandListener.cpp
+++ b/server/CommandListener.cpp +++ b/server/CommandListener.cpp
@@ -145,6 +145,12 @@ static const char* RAW_PREROUTING[] = { @@ -145,6 +145,10 @@ static const char* RAW_PREROUTING[] = {
NULL, NULL,
}; };
+static const char* MANGLE_PREROUTING[] = { +static const char* MANGLE_PREROUTING[] = {
+ BandwidthController::LOCAL_MANGLE_PREROUTING,
+ IdletimerController::LOCAL_MANGLE_PREROUTING,
+ NULL, + NULL,
+}; +};
+ +
static const char* MANGLE_POSTROUTING[] = { static const char* MANGLE_POSTROUTING[] = {
BandwidthController::LOCAL_MANGLE_POSTROUTING, BandwidthController::LOCAL_MANGLE_POSTROUTING,
IdletimerController::LOCAL_MANGLE_POSTROUTING, IdletimerController::LOCAL_MANGLE_POSTROUTING,
@@ -225,11 +231,56 @@ CommandListener::CommandListener() : @@ -225,11 +229,56 @@ CommandListener::CommandListener() :
createChildChains(V4V6, "filter", "FORWARD", FILTER_FORWARD); createChildChains(V4V6, "filter", "FORWARD", FILTER_FORWARD);
createChildChains(V4V6, "filter", "OUTPUT", FILTER_OUTPUT); createChildChains(V4V6, "filter", "OUTPUT", FILTER_OUTPUT);
createChildChains(V4V6, "raw", "PREROUTING", RAW_PREROUTING); createChildChains(V4V6, "raw", "PREROUTING", RAW_PREROUTING);

1
Scripts/Generic_Deblob.sh
View File

@ -182,6 +182,7 @@ deblobDevice() {
#awk -i inplace '!/'$makes'/' "${PWD##*/}".mk; #Remove all shim references from device makefile FIXME: Deletes the entire makefile for some reason #awk -i inplace '!/'$makes'/' "${PWD##*/}".mk; #Remove all shim references from device makefile FIXME: Deletes the entire makefile for some reason
#fi; #fi;
if [ -f system.prop ]; then if [ -f system.prop ]; then
sed -i 's/drm.service.enabled=true/drm.service.enabled=false/' system.prop;
if ! grep -q "drm.service.enabled=false" system.prop; then echo "drm.service.enabled=false" >> system.prop; fi; #Disable DRM server if ! grep -q "drm.service.enabled=false" system.prop; then echo "drm.service.enabled=false" >> system.prop; fi; #Disable DRM server
sed -i 's/persist.bt.enableAptXHD=true/persist.bt.enableAptXHD=false/' system.prop; #Disable aptX sed -i 's/persist.bt.enableAptXHD=true/persist.bt.enableAptXHD=false/' system.prop; #Disable aptX
sed -i 's/persist.cne.feature=./persist.cne.feature=0/' system.prop; #Disable CNE sed -i 's/persist.cne.feature=./persist.cne.feature=0/' system.prop; #Disable CNE

4
Scripts/LAOS-14.1_Patches.sh
View File

@ -128,8 +128,8 @@ enter "system/core"
cat /tmp/ar/hosts >> rootdir/etc/hosts #Merge in our HOSTS file cat /tmp/ar/hosts >> rootdir/etc/hosts #Merge in our HOSTS file
patch -p1 < $patches"android_system_core/0001-Hardening.patch" #Misc hardening patch -p1 < $patches"android_system_core/0001-Hardening.patch" #Misc hardening
enter "system/netd" #enter "system/netd"
patch -p1 < $patches"android_system_netd/0001-iptables.patch"; #Network hardening via iptables XXX: Untested #patch -p1 < $patches"android_system_netd/0001-iptables.patch"; #Network hardening via iptables XXX: Doesn't seem to do anything?
enter "vendor/cm" enter "vendor/cm"
patch -p1 < $patches"android_vendor_cm/0001-SCE.patch" #Include our extras such as MicroG and F-Droid patch -p1 < $patches"android_vendor_cm/0001-SCE.patch" #Include our extras such as MicroG and F-Droid