From 96a227422805602403d7d5048f8ce2a3628ec1c7 Mon Sep 17 00:00:00 2001 From: coolsnowwolf Date: Sat, 11 Feb 2023 21:33:41 +0800 Subject: [PATCH] default-settings: add rules to ban Xiaomi APK install DNS redirect --- package/lean/default-settings/Makefile | 2 +- package/lean/default-settings/files/zzz-default-settings | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/package/lean/default-settings/Makefile b/package/lean/default-settings/Makefile index 9e67b468c..ce24097e0 100644 --- a/package/lean/default-settings/Makefile +++ b/package/lean/default-settings/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=default-settings PKG_VERSION:=2 -PKG_RELEASE:=35 +PKG_RELEASE:=36 PKG_LICENSE:=GPLv3 PKG_LICENSE_FILES:=LICENSE diff --git a/package/lean/default-settings/files/zzz-default-settings b/package/lean/default-settings/files/zzz-default-settings index 75e6c985e..5cd23a498 100755 --- a/package/lean/default-settings/files/zzz-default-settings +++ b/package/lean/default-settings/files/zzz-default-settings @@ -40,9 +40,12 @@ sed -i '/openwrt_luci/ { s/snapshots/releases\/18.06.9/g; }' /etc/opkg/distfeed sed -i '/REDIRECT --to-ports 53/d' /etc/firewall.user echo 'iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53' >> /etc/firewall.user echo 'iptables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53' >> /etc/firewall.user + echo '[ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53' >> /etc/firewall.user echo '[ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53' >> /etc/firewall.user +#echo 'iptables -A OUTPUT -m string --string "api.installer.xiaomi.cn" --algo bm --to 65535 -j DROP' >> /etc/firewall.user + sed -i '/option disabled/d' /etc/config/wireless sed -i '/set wireless.radio${devidx}.disabled/d' /lib/wifi/mac80211.sh