Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

setup blacklist and whitelist #13

Open
AkramiPro opened this issue Oct 14, 2022 · 1 comment
Open

setup blacklist and whitelist #13

AkramiPro opened this issue Oct 14, 2022 · 1 comment

Comments

@AkramiPro
Copy link

i want all traffic pass through direct connection expect some domains (like Privoxy program)
Example:

*     direct
*.test.com   proxy
*.test2.org   proxy
cdn.test2.org direct
@sorz
Copy link
Owner

sorz commented Oct 17, 2022

I'm doing this on iptables/nftables level: let DNS resolver add IP addresses to ipset (or nft set), then match them on the firewall.
I was using dnsmasq (w/ ipset feature) + iptables, then switched to unbound + dnsnfset + nftables solution.

But this only works on transparent proxy mode, not the SOCKS5 frontend, and it's way too complicated. I agree that the black/whitelist is a nice-to-have feature.

sorz added a commit that referenced this issue Mar 15, 2023
@sorz
Impl policy action direct
95e66ed 
Related to #13
sorz added a commit that referenced this issue Apr 13, 2023
@sorz
Impl policy action direct
ff34235 
Related to #13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sorz @AkramiPro