blob: 51123d68fe5e873433e22eb2b787f707977be6ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/bin/bash -xe
[ "$UID" = 0 ] || exec sudo -- "$0" "$@" || exit
if [ "$1" = delete ]
then
ONLY_DELETE_RULES=y
fi
ip6tables_add()
{
ip6tables -D "$@" 2>/dev/null || : not deleted
${ONLY_DELETE_RULES:+: not added -- } ip6tables -A "$@"
}
ip6rule_add()
{
ip -6 rule delete "$@" 2>/dev/null || : not deleted
${ONLY_DELETE_RULES:+: not added -- } ip -6 rule add "$@"
}
mark=22
ip6tables_add OUTPUT -t mangle -p tcp --syn -m state --state NEW -j MARK --set-mark $mark
ip6tables_add OUTPUT -t mangle -p tcp --syn -m state --state NEW -j CONNMARK --save-mark
ip6tables_add OUTPUT -t mangle -p tcp -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
ip6rule_add fwmark $mark unreachable
ip6rule_add fwmark $mark table main
exit $?
|
