From 502b36e9902be727a982a60022079e55fbee8d95 Mon Sep 17 00:00:00 2001
From: Norman Rasmussen <norman@rasmussen.co.za>
Date: Sat, 12 Oct 2019 11:02:33 -0700
Subject: [PATCH] Add tproxy udp port mark filter that was missed in #144,
 fixes #367.

---
 sshuttle/methods/tproxy.py          | 3 ++-
 tests/client/test_methods_tproxy.py | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/sshuttle/methods/tproxy.py b/sshuttle/methods/tproxy.py
index 93eb6f6..9df7988 100644
--- a/sshuttle/methods/tproxy.py
+++ b/sshuttle/methods/tproxy.py
@@ -244,7 +244,8 @@ class Method(BaseMethod):
                 else:
                     _ipt('-A', mark_chain, '-j', 'MARK', '--set-mark', '1',
                          '--dest', '%s/%s' % (snet, swidth),
-                         '-m', 'udp', '-p', 'udp')
+                         '-m', 'udp',
+                         *udp_ports)
                     _ipt('-A', tproxy_chain, '-j', 'TPROXY',
                          '--tproxy-mark', '0x1/0x1',
                          '--dest', '%s/%s' % (snet, swidth),
diff --git a/tests/client/test_methods_tproxy.py b/tests/client/test_methods_tproxy.py
index 32521bf..67a993b 100644
--- a/tests/client/test_methods_tproxy.py
+++ b/tests/client/test_methods_tproxy.py
@@ -168,7 +168,7 @@ def test_setup_firewall(mock_ipt_chain_exists, mock_ipt_ttl, mock_ipt):
              '--on-port', '1024'),
         call(AF_INET6, 'mangle', '-A', 'sshuttle-m-1024', '-j', 'MARK',
              '--set-mark', '1', '--dest', u'2404:6800:4004:80c::/64',
-             '-m', 'udp', '-p', 'udp'),
+             '-m', 'udp', '-p', 'udp', '--dport', '8000:9000'),
         call(AF_INET6, 'mangle', '-A', 'sshuttle-t-1024', '-j', 'TPROXY',
              '--tproxy-mark', '0x1/0x1', '--dest', u'2404:6800:4004:80c::/64',
              '-m', 'udp', '-p', 'udp', '--dport', '8000:9000',