From b8ee21b6e835ba58433f6743bd4154b108bdeff6 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Wed, 5 Jun 2024 20:21:48 +0100 Subject: [PATCH] nixos/home/routing-common: More Disney+ IPv6 workarounds --- nixos/boxes/home/routing-common/default.nix | 4 ++++ nixos/boxes/home/routing-common/dns.nix | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/nixos/boxes/home/routing-common/default.nix b/nixos/boxes/home/routing-common/default.nix index 5982e50..b8e2a22 100644 --- a/nixos/boxes/home/routing-common/default.nix +++ b/nixos/boxes/home/routing-common/default.nix @@ -375,6 +375,10 @@ in # MSS clamping to workaround IPv6 PMTUD being broken... tcp flags syn tcp option maxseg size set rt mtu counter + + # More Disney+ discrimination... + # TODO: This prefix could change (random AWS block) + ip6 daddr 2600:9000:2245::/48 drop } chain forward { ${lib.my.c.as211024.nftTrust} diff --git a/nixos/boxes/home/routing-common/dns.nix b/nixos/boxes/home/routing-common/dns.nix index f7f9885..45e6c95 100644 --- a/nixos/boxes/home/routing-common/dns.nix +++ b/nixos/boxes/home/routing-common/dns.nix @@ -66,7 +66,7 @@ in -- Disney+ doesn't like our IP space... function preresolve(dq) local name = dq.qname:toString() - if dq.qtype == pdns.AAAA and (string.find(name, "disneyplus") or string.find(name, "disney-plus")) then + if dq.qtype == pdns.AAAA and (string.find(name, "disneyplus") or string.find(name, "disney-plus") or string.find(name , "disney.api")) then dq.rcode = 0 return true end