mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2024-06-20 11:22:09 +00:00
stop sending external ADoT queries through unbound
This commit is contained in:
Daniel Micay
parent
5ed0c02e99
commit
8d1782161f
|
|
@ -53,7 +53,10 @@ table inet filter {
|
|||
|
||||
chain output-internal {
|
||||
skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
|
||||
skuid {chrony, http, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
|
||||
skuid powerdns meta l4proto tcp th sport 54 th dport >= 1024 accept
|
||||
skuid http meta l4proto {tcp, udp} th sport >= 1024 th dport 54 accept
|
||||
|
||||
skuid powerdns meta l4proto tcp th sport 81 th dport >= 1024 accept
|
||||
|
||||
|
|
|
|||
|
|
@ -55,7 +55,10 @@ table inet filter {
|
|||
|
||||
chain output-internal {
|
||||
skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
|
||||
skuid {chrony, http, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
|
||||
|
||||
skuid powerdns meta l4proto tcp th sport 54 th dport >= 1024 accept
|
||||
skuid http meta l4proto {tcp, udp} th sport >= 1024 th dport 54 accept
|
||||
|
||||
skuid powerdns meta l4proto tcp th sport 81 th dport >= 1024 accept
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user