hijackfilter / hijackfilter
- вторник, 17 мая 2016 г. в 03:11:30
C
None
VFREE HijackFilter is a free software to protect you from unwanted Internet hijacking.
Copyright (C) 2016 Rayson Zhu vfreex@gmail.com
If you encountered Internet hijacking, call your ISP to stop it! This software should be your last choice for preventing Internet hijacking.
apt install make gcc iptables-dev linux-headers-`uname -r` pkg-config
make
dnf install make gcc iptables-devel kernel-devel-`uname -r` pkgconfig
make
yum install make gcc iptables-devel kernel-devel-`uname -r` pkgconfig
make
make install
depmod
make uninstall
depmod
DNSFilter is a Netfilter extension to help you match and filter proofed DNS responses.
Suppose your ISP redirects nonexistent domain names to 192.0.2.1
and 198.51.100.1
.
To match and drop those spoofed DNS responses, we can use following commands:
# for IPv4 network
iptables -t mangle -A PREROUTING -p udp --sport 53 -m vfree_dns \
--a 192.0.2.1,198.51.100.1\
-j DROP
# for IPv6 network
ip6tables -t mangle -A PREROUTING -p udp --sport 53 -m vfree_dns \
--a 192.0.2.1,198.51.100.1\
-j DROP
Use -h
option for help.
iptables -m vfree_dns -h
This program is distributed under GNU GENERAL PUBLIC LICENSE Version 3.