mirror
/
NetGuard
mirror of https://github.com/M66B/NetGuard.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Revert "Explicitly block DNS over TCP" 

This reverts commit 97ed4ee1ec.
This commit is contained in:
M66B 2019-04-18 20:03:54 +02:00
parent 97ed4ee1ec
commit c8c722d077
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
View File

@ -1841,11 +1841,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
packet.allowed = false; packet.allowed = false;
if (prefs.getBoolean("filter", false)) { if (prefs.getBoolean("filter", false)) {
// https://android.googlesource.com/platform/system/core/+/master/include/private/android_filesystem_config.h // https://android.googlesource.com/platform/system/core/+/master/include/private/android_filesystem_config.h
if (packet.uid == 0 && packet.protocol == 6 /* TCP */ && packet.dport == 53) { if (packet.uid < 2000 &&
// Block DNS over TCP
packet.allowed = false;
Log.w(TAG, "Blocking DNS/TCP " + packet);
} else if (packet.uid < 2000 &&
!last_connected && isSupported(packet.protocol)) { !last_connected && isSupported(packet.protocol)) {
// Allow system applications in disconnected state // Allow system applications in disconnected state
packet.allowed = true; packet.allowed = true;