diff --git a/Makefile b/Makefile index 988ffc9..13ac831 100644 --- a/Makefile +++ b/Makefile @@ -81,7 +81,7 @@ install: all uninstall: rm $(PREFIX)/bin/youtubeUnblock rm $(PREFIX)/lib/systemd/system/youtubeUnblock.service - systemctl disable youtubeUnblock.service + -systemctl disable youtubeUnblock.service clean: rm -rf $(BUILD_DIR) diff --git a/README.md b/README.md index 1896b90..69a50df 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Here iptables serves every tcp packet, destinating port 443 for this userspace p Run an application with `youtubeUnblock 537` where `537` stands for the queue-num (must be the same as in the iptables rule). -Systemd daemon is also available. Do `systemctl enable --now youtubeUnblock.service` after installation (uses queue-num `537`). +Systemd daemon is also available. Do `systemctl enable --now youtubeUnblock.service` after installation (uses queue-num `537`). Please, note that systemd will configure iptables automatically. If you have troubles with it, delete ExecStartPre and ExecStop from youtubeUnblock.service and configure iptables manually (may be a useful case for nftables). Also DNS over HTTPS (DOH) is preferred for additional anonimity. diff --git a/youtubeUnblock.service b/youtubeUnblock.service index 672dc6a..fba168d 100644 --- a/youtubeUnblock.service +++ b/youtubeUnblock.service @@ -5,7 +5,9 @@ Description=youtubeUnblock StandardError=journal StandardOutput=journal StandardInput=null +ExecStartPre=iptables -t mangle -A OUTPUT -p tcp --dport 443 -j NFQUEUE --queue-num 537 --queue-bypass ExecStart=$(PREFIX)/bin/youtubeUnblock 537 +ExecStop=iptables -t mangle -D OUTPUT -p tcp --dport 443 -j NFQUEUE --queue-num 537 --queue-bypass [Install] WantedBy=multi-user.target