summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xpkg/linux/bitmask-root9
1 files changed, 6 insertions, 3 deletions
diff --git a/pkg/linux/bitmask-root b/pkg/linux/bitmask-root
index b9a7acbc..a583c94c 100755
--- a/pkg/linux/bitmask-root
+++ b/pkg/linux/bitmask-root
@@ -561,11 +561,14 @@ def firewall_start(args):
"--jump", "ACCEPT")
# block DNS requests to anyone but the service provider or localhost
+ # XXX need to insert ipv6 too ??? -- kali
ip4tables("--insert", BITMASK_CHAIN, "--protocol", "udp", "--dport", "53",
"--jump", "REJECT")
- for allowed_dns in gateways + ["127.0.0.1", "127.0.1.1"]:
- ip4tables("--insert", "bitmask", "--protocol", "udp", "--dport", "53",
- "--destination", allowed_dns, "--jump", "ACCEPT")
+
+ for allowed_dns in [NAMESERVER, "127.0.0.1", "127.0.1.1"]:
+ ip4tables("--insert", BITMASK_CHAIN, "--protocol", "udp",
+ "--dport", "53", "--destination", allowed_dns,
+ "--jump", "ACCEPT")
def firewall_stop():