From 5630f6eed13ba3bf49eea49330d189cd5f995846 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 15 Apr 2017 12:04:04 +0100
Subject: [PATCH] input rather than forward

---
 src/freedombone-utils-firewall | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index e1bd76972..54f96688a 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -405,8 +405,8 @@ function firewall_block_domain {
     blocked_domain="$1"
     if ! grep "$blocked_domain" $FIREWALL_DOMAINS; then
         hexstr=$(domain_to_hex_string $blocked_domain)
-        iptables -I FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
-        iptables -I FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -A INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -A INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
         echo "${blocked_domain}" >> $FIREWALL_DOMAINS
         save_firewall_settings
     fi
@@ -416,8 +416,8 @@ function firewall_unblock_domain {
     unblocked_domain="$1"
     if grep "${unblocked_domain}" $FIREWALL_DOMAINS; then
         hexstr=$(domain_to_hex_string $unblocked_domain)
-        iptables -D FORWARD -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
-        iptables -D FORWARD -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D INPUT -p udp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
+        iptables -D INPUT -p tcp --dport 53 -m string --hex-string "$hexstr" --algo bm -j DROP
         sed -i "/${unblocked_domain}/d" $FIREWALL_DOMAINS
         save_firewall_settings
     fi
-- 
GitLab