github.com/AntonOrnatskyi/goproxy@v0.0.0-20190205095733-4526a9fa18b4/core/tproxy/tproxy_setup.sh (about) 1 #!/bin/bash 2 SOURCE_BIND_IP="127.0.1.1" 3 4 echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter 5 echo 2 > /proc/sys/net/ipv4/conf/default/rp_filter 6 echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter 7 echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects 8 echo 1 > /proc/sys/net/ipv4/conf/all/forwarding 9 echo 1 > /proc/sys/net/ipv4/ip_forward 10 11 # 本地的话,貌似这段不需要 12 # iptables -t mangle -N DIVERT >/dev/null 2>&1 13 # iptables -t mangle -F DIVERT 14 # iptables -t mangle -D PREROUTING -p tcp -m socket -j DIVERT >/dev/null 2>&1 15 # iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT 16 # iptables -t mangle -A DIVERT -j MARK --set-mark 1 17 # iptables -t mangle -A DIVERT -j ACCEPT 18 19 ip rule del fwmark 1 lookup 100 20 ip rule add fwmark 1 lookup 100 21 ip route del local 0.0.0.0/0 dev lo table 100 22 ip route add local 0.0.0.0/0 dev lo table 100 23 24 ip rule del from ${SOURCE_BIND_IP} table 101 25 ip rule add from ${SOURCE_BIND_IP} table 101 26 ip route del default via 127.0.0.1 dev lo table 101 27 ip route add default via 127.0.0.1 dev lo table 101 28 29 ip route flush cache 30 ip ro flush cache