diff options
Diffstat (limited to 'server/BandwidthController.cpp')
| -rw-r--r-- | server/BandwidthController.cpp | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp index b674ee5b..84b1914a 100644 --- a/server/BandwidthController.cpp +++ b/server/BandwidthController.cpp @@ -351,9 +351,12 @@ int BandwidthController::enableHappyBox(void) { snprintf(cmd, sizeof(cmd), "-A bw_penalty_box -j bw_happy_box"); res |= runIpxtablesCmd(cmd, IptJumpNoAdd); + /* Whitelist all system apps. */ + snprintf(cmd, sizeof(cmd), + "-A bw_happy_box -m owner --uid-owner %d-%d -j RETURN", 0, MAX_SYSTEM_UID); + res |= runIpxtablesCmd(cmd, IptJumpNoAdd); + /* Reject. Defaulting to prot-unreachable */ - snprintf(cmd, sizeof(cmd), "-D bw_happy_box -j REJECT"); - runIpxtablesCmd(cmd, IptJumpNoAdd); snprintf(cmd, sizeof(cmd), "-A bw_happy_box -j REJECT"); res |= runIpxtablesCmd(cmd, IptJumpNoAdd); |