Need help with hijackfilter?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

vfreex
196 Stars 25 Forks GNU General Public License v3.0 9 Commits 1 Opened issues

Description

a set of free software to protect you from Internet hijacking

Services available

!
?

Need anything else?

Contributors list

No Data

VFREE HijackFilter

VFREE HijackFilter is a free software to protect you from unwanted Internet hijacking.

Copyright (C) 2016 Rayson Zhu [email protected]

If you encountered Internet hijacking, call your ISP to stop it! This software should be your last choice for preventing Internet hijacking.

1. Installation

1.1 Build

  • Ubuntu / Debian
apt install make gcc iptables-dev linux-headers-`uname -r` pkg-config
make
  • Fedora
dnf install make gcc iptables-devel kernel-devel-`uname -r` pkgconfig
make
  • RHEL / CentOS
yum install make gcc iptables-devel kernel-devel-`uname -r` pkgconfig
make

1.2 Install

make install
depmod

1.3. Uninstall

make uninstall
depmod

2. Usage

2.1 DNSFilter

DNSFilter is a Netfilter extension to help you match and filter proofed DNS responses.

Suppose your ISP redirects nonexistent domain names to

192.0.2.1
and
198.51.100.1
. To match and drop those spoofed DNS responses, we can use following commands:
# for IPv4 network
iptables -t mangle -A PREROUTING -p udp --sport 53 -m vfree_dns \
  --a 192.0.2.1,198.51.100.1\
  -j DROP
# for IPv6 network
ip6tables -t mangle -A PREROUTING -p udp --sport 53 -m vfree_dns \
  --a 192.0.2.1,198.51.100.1\
  -j DROP

Use

-h
option for help.
bash
iptables -m vfree_dns -h

3. TO-DO

  • HTTPFilter: a netfilter module to match and filter proofed HTTP messages

4. LICENSE

This program is distributed under GNU GENERAL PUBLIC LICENSE Version 3.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.