From ca6a05273284daa04856a840e64f3936f700b7c3 Mon Sep 17 00:00:00 2001
From: mzz2017 <mzz@tuta.io>
Date: Fri, 16 Sep 2022 15:13:11 +0800
Subject: [PATCH] fix: we should skip interface ppp+ to avoid to break net

---
 service/core/iptables/tproxy.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

--- a/core/iptables/tproxy.go
+++ b/core/iptables/tproxy.go
@@ -16,7 +16,7 @@ var Tproxy tproxy
 func (t *tproxy) AddIPWhitelist(cidr string) {
 	// avoid duplication
 	t.RemoveIPWhitelist(cidr)
-	pos := 6
+	pos := 8
 	if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
 		pos += 3
 	}
@@ -68,6 +68,8 @@ iptables -w 2 -t mangle -A TP_RULE -m ma
 iptables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
 iptables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
 iptables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
+iptables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN
+iptables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN
 `
 	if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
 		commands += `
@@ -127,6 +129,8 @@ ip6tables -w 2 -t mangle -A TP_RULE -m m
 ip6tables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
 ip6tables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
 ip6tables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
+ip6tables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN
+ip6tables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN
 `
 		if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
 			commands += `