From fb477e15f1a235e66b944f14eaf56ab021e06f66 Mon Sep 17 00:00:00 2001 From: xSmurf Date: Mon, 17 Apr 2017 15:46:31 +0000 Subject: [PATCH] Added info about iptable rules... --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index f6b8ec9..ce62ff0 100644 --- a/README.md +++ b/README.md @@ -40,3 +40,14 @@ gbp buildpackage -us -uc --git-upstream-tree=master dpkg -i /tmp/build-area/fw-daemon{,-gnome}-*.deb ## Refresh your gnome-shell session 'alt-r' type 'r' hit enter. ``` + +You will be left to install the matching iptables rules. While this may vary depending on your environment, pre-existing ruleset +and preferred mechanism; something like the following needs to be added: + +``` +iptables -t mangle -A OUTPUT -m conntrack --ctstate NEW -j NFQUEUE --queue-num 0 --queue-bypass +iptables -A INPUT -p udp -m udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass +iptables -A OUTPUT -p tcp -m mark --mark 0x1 -j LOG +iptables -A OUTPUT -p tcp -m mark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable + +```