Skip to content
This repository has been archived by the owner on Jan 19, 2025. It is now read-only.

fix #7 #9

Merged
merged 1 commit into from
Mar 19, 2019
Merged

fix #7 #9

merged 1 commit into from
Mar 19, 2019

Conversation

cnzgray
Copy link
Contributor

@cnzgray cnzgray commented Mar 17, 2019

No description provided.

@SukkaW SukkaW self-requested a review March 18, 2019 00:47
SukkaW
SukkaW suggested changes Mar 18, 2019
View reviewed changes
Copy link
Owner

@SukkaW SukkaW left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

感觉并不需要 IP 黑名单功能。毕竟只要把所有流量转发给 Clash,让 Clash 做分流就行了。
至于 DNS 请求,Clash 不支持 UDP 转发、iptables 中也只操作了 TCP 流量,因此 IP 白名单中也不需要添加公共 DNS IP 地址(毕竟也不可能把所有用户可能会使用的递归 DNS IP 都收集起来加进白名单里)。白名单里只保留 LAN IP 就足够了。

@cnzgray
Copy link
Contributor Author

cnzgray commented Mar 18, 2019

感觉并不需要 IP 黑名单功能。毕竟只要把所有流量转发给 Clash,让 Clash 做分流就行了。
至于 DNS 请求,Clash 不支持 UDP 转发、iptables 中也只操作了 TCP 流量,因此 IP 白名单中也不需要添加公共 DNS IP 地址(毕竟也不可能把所有用户可能会使用的递归 DNS IP 都收集起来加进白名单里)。白名单里只保留 LAN IP 就足够了。

恩,你说的是对的,IP黑名单不需要,DNS的白名单也应该移除。

@SukkaW
Copy link
Owner

SukkaW commented Mar 18, 2019

这样吧,这个 PR 晚些时候我合并一下,然后我来修改。

@SukkaW SukkaW changed the base branch from master to iptables March 19, 2019 14:31
@SukkaW SukkaW merged commit b9583e3 into SukkaW:iptables Mar 19, 2019
@SukkaW SukkaW mentioned this pull request Mar 31, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@SukkaW SukkaW SukkaW approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cnzgray @SukkaW