sanebox: fix bwrap+pasta DNS forwarding for hosts not using trust-dns
This commit is contained in:
parent
b1c7061b21
commit
a03099569c
|
@ -838,7 +838,9 @@ pastaonlyIngestNetGateway() {
|
|||
}
|
||||
pastaonlyIngestDns() {
|
||||
# NAT DNS requests to localhost to the VPN's DNS resolver
|
||||
pastaNetSetup="ip addr del 127.0.0.1/8 dev lo; iptables -A OUTPUT -t nat -p udp --dport 53 -m iprange --dst-range 127.0.0.1 -j DNAT --to-destination $1:53; $pastaNetSetup"
|
||||
# claim the whole 127.0.0.x space, because some setups place the DNS on a different address of localhost.
|
||||
pastaNetSetup="iptables -A OUTPUT -t nat -p udp --dport 53 -m iprange --dst-range 127.0.0.1-127.0.0.255 -j DNAT --to-destination $1:53; $pastaNetSetup"
|
||||
pastaNetSetup="ip addr del 127.0.0.1/8 dev lo; $pastaNetSetup"
|
||||
}
|
||||
pastaonlyIngestKeepNamespace() {
|
||||
:
|
||||
|
|
Loading…
Reference in New Issue
Block a user