EljakimHerrewijnen/Openwrt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dnsmasq: add config option for connmark DNS filtering

Browse Source 
This adds uci support to configure connmark based DNS filtering.

Signed-off-by: Etan Kissling <etan_kissling@apple.com>
(See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015151.html)
Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
This commit is contained in:
Etan Kissling 2021-06-26 12:11:49 +00:00 committed by Kevin Darbyshire-Bryant
parent 3628870015
commit dea4bae7c2
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
package/network/services/dnsmasq/files/dnsmasq.init
View File

@ -172,6 +172,10 @@ append_ipset() {
xappend "--ipset=$1" xappend "--ipset=$1"
} }
append_connmark_allowlist() {
xappend "--connmark-allowlist=$1"
}
append_interface() { append_interface() {
network_get_device ifname "$1" || ifname="$1" network_get_device ifname "$1" || ifname="$1"
xappend "--interface=$ifname" xappend "--interface=$ifname"
@ -913,6 +917,14 @@ dnsmasq_start()
config_list_foreach "$cfg" "rev_server" append_rev_server config_list_foreach "$cfg" "rev_server" append_rev_server
config_list_foreach "$cfg" "address" append_address config_list_foreach "$cfg" "address" append_address
config_list_foreach "$cfg" "ipset" append_ipset config_list_foreach "$cfg" "ipset" append_ipset
local connmark_allowlist_enable
config_get connmark_allowlist_enable "$cfg" connmark_allowlist_enable 0
[ "$connmark_allowlist_enable" -gt 0 ] && {
append_parm "$cfg" "connmark_allowlist_enable" "--connmark-allowlist-enable"
config_list_foreach "$cfg" "connmark_allowlist" append_connmark_allowlist
}
[ -n "$BOOT" ] || { [ -n "$BOOT" ] || {
config_list_foreach "$cfg" "interface" append_interface config_list_foreach "$cfg" "interface" append_interface
config_list_foreach "$cfg" "notinterface" append_notinterface config_list_foreach "$cfg" "notinterface" append_notinterface