github.com/Asutorufa/yuhaiin@v0.3.6-0.20240502055049-7984da7023a0/scripts/tproxy/iptables

github.com/Asutorufa/yuhaiin@v0.3.6-0.20240502055049-7984da7023a0/scripts/tproxy/iptables (about)

     1  #! /bin/sh
     2  
     3  ip rule add fwmark 1 table 100
     4  ip route add local 0.0.0.0/0 dev lo table 100
     5  
     6  
     7  iptables -t mangle -N YUHAAIN_TPROXY
     8  iptables -t mangle -A YUHAAIN_TPROXY -d 224.0.0.0/4 -j RETURN
     9  iptables -t mangle -A YUHAAIN_TPROXY -d 255.255.255.255/32 -j RETURN
    10  iptables -t mangle -A YUHAAIN_TPROXY -d 172.16.0.0/16 -j RETURN
    11  iptables -t mangle -A YUHAAIN_TPROXY -d 127.0.0.1/32 -j RETURN
    12  iptables -t mangle -A YUHAAIN_TPROXY -p tcp -d 1.1.1.1 --dport 443 -j TPROXY --on-ip 127.0.0.1 --on-port 8083 --tproxy-mark 1
    13  iptables -t mangle -A YUHAAIN_TPROXY -p udp -d 1.1.1.1 --dport 53 -j TPROXY --on-ip 127.0.0.1 --on-port 8083 --tproxy-mark 1
    14  
    15  
    16  iptables -t mangle -N YUHAAIN_TPROXY_OUTPUT
    17  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -d 224.0.0.0/4 -j RETURN
    18  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -d 255.255.255.255/32 -j RETURN
    19  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -d 172.16.0.0/16 -j RETURN
    20  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -d 127.0.0.1/32 -j RETURN
    21  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -p tcp -d 1.1.1.1 --dport 443 -j MARK --set-mark 1
    22  iptables -t mangle -A YUHAAIN_TPROXY_OUTPUT -p udp -d 1.1.1.1 --dport 53 -j MARK --set-mark 1
    23  
    24  
    25  iptables -t mangle -A PREROUTING -j YUHAAIN_TPROXY
    26  iptables -t mangle -A OUTPUT -j YUHAAIN_TPROXY_OUTPUT