Last active
January 10, 2025 15:16
-
-
Save moremorefun/7b3fe2967b2033d1db129321d0bacee8 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # echo "1 route-nic1" | sudo tee -a /etc/iproute2/rt_tables | |
| ip route add default via 10.140.0.1 dev ens5 table route-nic1 | |
| ip route add 10.140.0.1 src 10.140.0.2 dev ens5 table route-nic1 | |
| ip rule add from 10.140.0.2/20 table route-nic1 | |
| ip rule add to 10.140.0.2/20 table route-nic1 | |
| ip route flush cache |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/nft -f | |
| define PROXY_MARK = 1 | |
| define PROXY_PORT = 1234 | |
| define SNELL_USER = 1002 | |
| define SNELL_PORT = 26781 | |
| flush ruleset | |
| table inet snell { | |
| # Define sets once and reference them | |
| set LOCAL_IPV4 { | |
| type ipv4_addr | |
| flags interval | |
| elements = { | |
| 127.0.0.0/8, | |
| 10.0.0.0/8, | |
| 224.0.0.0/4 | |
| } | |
| } | |
| set LOCAL_IPV6 { | |
| type ipv6_addr | |
| flags interval | |
| elements = { | |
| ::1/128, | |
| fe80::/10 | |
| } | |
| } | |
| chain output { | |
| type route hook output priority mangle; policy accept; | |
| ip daddr @LOCAL_IPV4 return | |
| ip6 daddr @LOCAL_IPV6 return | |
| tcp sport $SNELL_PORT counter return | |
| udp dport 53 counter return | |
| skuid $SNELL_USER meta l4proto {tcp, udp} counter meta mark set $PROXY_MARK | |
| } | |
| chain prerouting { | |
| type filter hook prerouting priority mangle; policy accept; | |
| ct state established,related accept | |
| ct state invalid drop | |
| ip daddr @LOCAL_IPV4 return | |
| ip6 daddr @LOCAL_IPV6 return | |
| meta mark $PROXY_MARK meta l4proto { tcp, udp } counter tproxy to :$PROXY_PORT | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # IPv4 设置 | |
| ip rule add fwmark 1 table 100 | |
| ip route add local 0.0.0.0/0 dev lo table 100 | |
| # IPv6 设置 | |
| ip -6 rule add fwmark 1 table 100 | |
| ip -6 route add local ::/0 dev lo table 100 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment