Description

Hi,
I am using TUN_EXCLUDED_ROUTES to ignore DNS IP address. I would like to ignore all the DNS requests/UDP requests instead of specifying each IP.
Could you please let me know if there is option available to ignore all DNS requests or ignore based on port instead of IP address.
If not is there any alternate way to send DNS requests to eth adapter instead of tun adapter.
This is to ensure UDP requests are not blocked.

With respect to the code

Adding ip in the following line works
ip rule add to "$addr" table main

Could you please let me know how to add all ips for a particular port to be added to main.
Is there a direct command with which I can redirect all udp traffic via table main?

Thank you

Is this feature related to a specific bug?

time="2023-05-08T21:13:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"
time="2023-05-08T21:14:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"
time="2023-05-08T21:14:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"

Do you have a specific solution in mind?

Providing an option similar to TUN_EXCLUDED_ROUTES should be fine. For example TUN_EXCLUDED_PORTS or TUN_EXCLUDED_PROTOCOL to ignore based on port or protocol.

This issue can be alleviated by using the fwmark on the OUTPUT chain, but the priority issue is worth discussing, such as how to verdict a request if it is both in TUN_EXCLUDED_ROUTES and TUN_INCLUDE_PORTS at the same time

I got this working by using ip rules. Closing this