dan9i10/amnezia-client
1
0
Fork 0
mirror of https://github.com/amnezia-vpn/amnezia-client.git synced 2026-05-08 14:33:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: DNS unresponsive during connect

Browse Source
This commit is contained in:
cd-amn
2026-04-24 19:09:44 +04:00
parent 76d9bf468d
commit 5b82fd6019
3 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
client/platforms/linux/daemon/linuxdaemon.cpp
View File

@@ -15,6 +15,7 @@
#include <QTextStream> #include <QTextStream>
#include <QtGlobal> #include <QtGlobal>
#include "linuxfirewall.h"
#include "leakdetector.h" #include "leakdetector.h"
#include "logger.h" #include "logger.h"
@@ -50,3 +51,17 @@ LinuxDaemon* LinuxDaemon::instance() {
Q_ASSERT(s_daemon); Q_ASSERT(s_daemon);
return s_daemon; return s_daemon;
} }
bool LinuxDaemon::run(Op op, const InterfaceConfig& config) {
if (!config.m_killSwitchEnabled || !LinuxFirewall::isInstalled()) {
return true;
}
if (op == Up) {
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true);
} else if (op == Down) {
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), false);
}
return true;
}

1
client/platforms/linux/daemon/linuxdaemon.h
View File

@@ -21,6 +21,7 @@ class LinuxDaemon final : public Daemon {
static LinuxDaemon* instance(); static LinuxDaemon* instance();
protected: protected:
bool run(Op op, const InterfaceConfig& config) override;
WireguardUtils* wgutils() const override { return m_wgutils; } WireguardUtils* wgutils() const override { return m_wgutils; }
DnsUtils* dnsutils() override { return m_dnsutils; } DnsUtils* dnsutils() override { return m_dnsutils; }
bool supportIPUtils() const override { return true; } bool supportIPUtils() const override { return true; }

2
client/platforms/linux/daemon/wireguardutilslinux.cpp
View File

@@ -479,7 +479,7 @@ void WireguardUtilsLinux::applyFirewallRules(FirewallParams& params)
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true);
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), false);
LinuxFirewall::updateDNSServers(params.dnsServers); LinuxFirewall::updateDNSServers(params.dnsServers);
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true);
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true);