[v1.0.1] Add Transparent proxy iptables script.
This commit is contained in:
parent
38ab477763
commit
76fb4ff667
@ -1,10 +1,151 @@
|
||||
#!/sbin/sh
|
||||
# This is a dummy file that should be replaced with a proper installer script
|
||||
|
||||
# If you are creating a module locally for personal usage or testing,
|
||||
# download the script in the following URL:
|
||||
# https://github.com/topjohnwu/Magisk/blob/master/scripts/module_installer.sh
|
||||
# And replace this script with the downloaded script
|
||||
TMPDIR=/dev/tmp
|
||||
MOUNTPATH=/dev/magisk_img
|
||||
|
||||
# Error, this script should always be replaced
|
||||
# Default permissions
|
||||
umask 022
|
||||
|
||||
# Initial cleanup
|
||||
rm -rf $TMPDIR 2>/dev/null
|
||||
mkdir -p $TMPDIR
|
||||
|
||||
# echo before loading util_functions
|
||||
ui_print() { echo "$1"; }
|
||||
|
||||
require_new_magisk() {
|
||||
ui_print "***********************************"
|
||||
ui_print " Please install the latest Magisk! "
|
||||
ui_print "***********************************"
|
||||
exit 1
|
||||
}
|
||||
|
||||
imageless_magisk() {
|
||||
[ $MAGISK_VER_CODE -gt 18100 ]
|
||||
return $?
|
||||
}
|
||||
|
||||
##########################################################################################
|
||||
# Environment
|
||||
##########################################################################################
|
||||
|
||||
OUTFD=$2
|
||||
ZIPFILE=$3
|
||||
|
||||
mount /data 2>/dev/null
|
||||
|
||||
# Load utility functions
|
||||
if [ -f /data/adb/magisk/util_functions.sh ]; then
|
||||
. /data/adb/magisk/util_functions.sh
|
||||
NVBASE=/data/adb
|
||||
else
|
||||
require_new_magisk
|
||||
fi
|
||||
|
||||
# Preperation for flashable zips
|
||||
setup_flashable
|
||||
|
||||
# Mount partitions
|
||||
mount_partitions
|
||||
|
||||
# Detect version and architecture
|
||||
api_level_arch_detect
|
||||
|
||||
# Setup busybox and binaries
|
||||
$BOOTMODE && boot_actions || recovery_actions
|
||||
|
||||
##########################################################################################
|
||||
# Preparation
|
||||
##########################################################################################
|
||||
|
||||
# Extract common files
|
||||
unzip -oj "$ZIPFILE" module.prop install.sh uninstall.sh 'common/*' -d $TMPDIR >&2
|
||||
|
||||
[ ! -f $TMPDIR/install.sh ] && abort "! Unable to extract zip file!"
|
||||
# Load install script
|
||||
. $TMPDIR/install.sh
|
||||
|
||||
if imageless_magisk; then
|
||||
$BOOTMODE && MODDIRNAME=modules_update || MODDIRNAME=modules
|
||||
MODULEROOT=$NVBASE/$MODDIRNAME
|
||||
else
|
||||
$BOOTMODE && IMGNAME=magisk_merge.img || IMGNAME=magisk.img
|
||||
IMG=$NVBASE/$IMGNAME
|
||||
request_zip_size_check "$ZIPFILE"
|
||||
mount_magisk_img
|
||||
MODULEROOT=$MOUNTPATH
|
||||
fi
|
||||
|
||||
MODID=`grep_prop id $TMPDIR/module.prop`
|
||||
MODPATH=$MODULEROOT/$MODID
|
||||
|
||||
print_modname
|
||||
|
||||
ui_print "******************************"
|
||||
ui_print "Powered by Magisk (@topjohnwu)"
|
||||
ui_print "******************************"
|
||||
|
||||
##########################################################################################
|
||||
# Install
|
||||
##########################################################################################
|
||||
|
||||
# Create mod paths
|
||||
rm -rf $MODPATH 2>/dev/null
|
||||
mkdir -p $MODPATH
|
||||
|
||||
# Remove placeholder
|
||||
rm -f $MODPATH/system/placeholder 2>/dev/null
|
||||
|
||||
# Custom uninstaller
|
||||
[ -f $TMPDIR/uninstall.sh ] && cp -af $TMPDIR/uninstall.sh $MODPATH/uninstall.sh
|
||||
|
||||
# Auto Mount
|
||||
if imageless_magisk; then
|
||||
$SKIPMOUNT && touch $MODPATH/skip_mount
|
||||
else
|
||||
$SKIPMOUNT || touch $MODPATH/auto_mount
|
||||
fi
|
||||
|
||||
# prop files
|
||||
$PROPFILE && cp -af $TMPDIR/system.prop $MODPATH/system.prop
|
||||
|
||||
# Module info
|
||||
cp -af $TMPDIR/module.prop $MODPATH/module.prop
|
||||
if $BOOTMODE; then
|
||||
# Update info for Magisk Manager
|
||||
if imageless_magisk; then
|
||||
mktouch $NVBASE/modules/$MODID/update
|
||||
cp -af $TMPDIR/module.prop $NVBASE/modules/$MODID/module.prop
|
||||
else
|
||||
mktouch /sbin/.magisk/img/$MODID/update
|
||||
cp -af $TMPDIR/module.prop /sbin/.magisk/img/$MODID/module.prop
|
||||
fi
|
||||
fi
|
||||
|
||||
# post-fs-data mode scripts
|
||||
$POSTFSDATA && cp -af $TMPDIR/post-fs-data.sh $MODPATH/post-fs-data.sh
|
||||
|
||||
# service mode scripts
|
||||
$LATESTARTSERVICE && cp -af $TMPDIR/service.sh $MODPATH/service.sh
|
||||
|
||||
on_install
|
||||
|
||||
# Handle replace folders
|
||||
for TARGET in $REPLACE; do
|
||||
mktouch $MODPATH$TARGET/.replace
|
||||
done
|
||||
|
||||
ui_print "- Setting permissions"
|
||||
set_permissions
|
||||
|
||||
##########################################################################################
|
||||
# Finalizing
|
||||
##########################################################################################
|
||||
|
||||
cd /
|
||||
imageless_magisk || unmount_magisk_img
|
||||
$BOOTMODE || recovery_cleanup
|
||||
rm -rf $TMPDIR $MOUNTPATH
|
||||
|
||||
ui_print "- Done"
|
||||
exit 0
|
||||
|
66
README.md
66
README.md
@ -6,9 +6,11 @@ This is a v2ray module for Magisk, and includes binaries for arm, arm64, x86, x6
|
||||
|
||||
## Included
|
||||
|
||||
* [V2Ray](<https://github.com/v2ray/v2ray-core>)
|
||||
* [V2Ray core](<https://github.com/v2ray/v2ray-core>)
|
||||
* [magisk-module-installer](https://github.com/topjohnwu/magisk-module-installer)
|
||||
|
||||
- V2Ray service script and Android transparent proxy iptables script
|
||||
|
||||
|
||||
|
||||
## Install
|
||||
@ -19,9 +21,13 @@ This is a v2ray module for Magisk, and includes binaries for arm, arm64, x86, x6
|
||||
|
||||
## Config
|
||||
|
||||
V2ray config file is store in `/data/v2ray/config.json` .
|
||||
- V2ray config file is store in `/data/v2ray/config.json` .
|
||||
|
||||
|
||||
- Please make sure the config is correct. You can check it by running a command :
|
||||
|
||||
`export V2RAY_LOCATION_ASSET=/data/v2ray; v2ray -test -config /data/v2ray/config.json` in android terminal.
|
||||
|
||||
Please make sure the config is correct. You can do that by running a command `v2ray -test -config /data/v2ray/config.json` in android terminal.
|
||||
|
||||
|
||||
|
||||
@ -29,7 +35,7 @@ Please make sure the config is correct. You can do that by running a command `v2
|
||||
|
||||
- V2ray service is autorun on boot. If you don't want it run automatically, you can just add a file `/data/v2ray/no-autostart` .
|
||||
|
||||
- You can also start / stop manually by run the service script in `$MODDIR` . For example, in my environment , the script's absolute path is `/sbin/.magisk/img/v2ray/v2ray.service` .
|
||||
- You can start / stop manually by execute the service script in `$MODDIR/v2ray.service` . For example, in my environment , the script's absolute path is `/sbin/.magisk/img/v2ray/v2ray.service` .
|
||||
|
||||
- So, if you want to start v2ray service, just run:
|
||||
|
||||
@ -43,12 +49,62 @@ Please make sure the config is correct. You can do that by running a command `v2
|
||||
|
||||
`/sbin/.magisk/img/v2ray/v2ray.service restart`
|
||||
|
||||
## Transparent proxy
|
||||
|
||||
### Working principle
|
||||
|
||||
This module also contains a simple script that helping you to make transparent proxy via iptables. In fact , the script is just make some REDIRECT and TPROXY rules to redirect app's network into 65535 port in localhost. And 65535 port is listen by v2ray inbond with dokodemo-door protocol. In summarize, the App proxy network path is looks like :
|
||||
|
||||
|
||||
|
||||
**Android App** ( Browser, Google, Facebook, Twitter ... ... )
|
||||
|
||||
⇕ ( TCP & UDP network protocol )
|
||||
|
||||
Android system **iptables** [ localhost inside ]
|
||||
|
||||
⇕ ( REDIRECT & TPROXY iptables rules )
|
||||
|
||||
127.0.0.1:65535 [ Inbond ] ----- **V2Ray** ----- [ Outbond ]
|
||||
|
||||
( Shadowsocks, Vmess ) ⇕
|
||||
|
||||
[ Internet outside ] ( SS, V2Ray) **Proxy Server**
|
||||
|
||||
( HTTP, TCP, ... other application protocol ) ⇕
|
||||
|
||||
( Google, Facebook, Twitter ... ... ) **App Server**
|
||||
|
||||
|
||||
|
||||
### Choose proxy target
|
||||
|
||||
- Select mode : You can write a list of App's uid into `/data/v2ray/appid.list` file so that the script would select these App's network proxy via V2Ray. Each App's uid should separate by space or just One App's uid per line.
|
||||
|
||||
- Global mode : You can write a single number "0" into `/data/v2ray/appid.list` file to make all App's network proxy via V2Ray.
|
||||
|
||||
|
||||
|
||||
### Enable/Disable proxy
|
||||
|
||||
- Only when the V2Ray service start normally on boot and `/data/v2ray/appid.list` file is not empty, the transparent proxy iptables script can run automatically.
|
||||
|
||||
- Otherwise, you can execute iptables script in `$MODDIR/v2ray.redirect` . For example, in my environment:
|
||||
|
||||
Enable transparent proxy:
|
||||
|
||||
`/sbin/.magisk/img/v2ray/v2ray.redirect enable`
|
||||
|
||||
Disable transparent proxy:
|
||||
|
||||
`/sbin/.magisk/img/v2ray/v2ray.redirect disable`
|
||||
|
||||
|
||||
|
||||
## Uninstall
|
||||
|
||||
1. Uninstall the module via Magisk Manager App.
|
||||
2. Remove the directory with command `rm -rf /data/v2ray` .
|
||||
2. You can clean v2ray data dir by running command `rm -rf /data/v2ray` .
|
||||
|
||||
|
||||
|
||||
|
@ -8,4 +8,4 @@ MODDIR=${0%/*}
|
||||
|
||||
# This script will be executed in late_start service mode
|
||||
|
||||
if [ ! -f /data/v2ray/no-autostart ] ; then $MODDIR/v2ray.service start ; fi
|
||||
if [ ! -f /data/v2ray/no-autostart ] ; then $MODDIR/v2ray.service start && [ -f /data/v2ray/appid.list ] && $MODDIR/v2ray.redirect enable ; fi
|
||||
|
@ -140,13 +140,14 @@ on_install() {
|
||||
mkdir -p $MODPATH/system/bin
|
||||
mkdir -p $MODPATH/system/etc
|
||||
unzip -j -o "$ZIPFILE" "v2ray/etc/v2ray.service" -d $MODPATH >&2
|
||||
unzip -j -o "$ZIPFILE" "v2ray/etc/v2ray.redirect" -d $MODPATH >&2
|
||||
unzip -j -o "$ZIPFILE" "v2ray/bin/$ARCH/*" -d $MODPATH/system/bin >&2
|
||||
|
||||
# copy v2ray data and config
|
||||
ui_print "- Copy V2Ray config and data files"
|
||||
mkdir -p /data/v2ray
|
||||
mkdir -p /data/v2ray/run
|
||||
[ -f /data/v2ray/config.json ] || \\
|
||||
[ -f /data/v2ray/config.json ] || \
|
||||
unzip -j -o "$ZIPFILE" "v2ray/etc/config.json" -d /data/v2ray >&2
|
||||
unzip -j -o "$ZIPFILE" "v2ray/etc/resolv.conf" -d /data/v2ray >&2
|
||||
unzip -j -o "$ZIPFILE" "v2ray/etc/geosite.dat" -d /data/v2ray >&2
|
||||
@ -163,6 +164,7 @@ set_permissions() {
|
||||
# The following is the default rule, DO NOT remove
|
||||
set_perm_recursive $MODPATH 0 0 0755 0644
|
||||
set_perm $MODPATH/v2ray.service 0 0 0755
|
||||
set_perm $MODPATH/v2ray.redirect 0 0 0755
|
||||
set_perm $MODPATH/system/bin/v2ray ${inet_uid} ${inet_uid} 6755
|
||||
set_perm $MODPATH/system/bin/v2ctl ${inet_uid} ${inet_uid} 6755
|
||||
set_perm /data/v2ray ${inet_uid} ${inet_uid} 0755
|
||||
|
@ -1,6 +1,6 @@
|
||||
id=v2ray
|
||||
name=V2ray for Android
|
||||
version=v4.18
|
||||
versionCode=20190329
|
||||
versionCode=20190330
|
||||
author=chendefine
|
||||
description=V2ray core with service scripts for Android
|
||||
|
@ -1 +0,0 @@
|
||||
This file will be deleted in Magisk Manager, it is only a placeholder for git
|
11
uninstall.sh
Normal file
11
uninstall.sh
Normal file
@ -0,0 +1,11 @@
|
||||
##########################################################################################
|
||||
#
|
||||
# V2Ray Magisk Module Uninstaller Script
|
||||
#
|
||||
##########################################################################################
|
||||
|
||||
remove_v2ray_data_dir() {
|
||||
rm -rf /data/v2ray
|
||||
}
|
||||
|
||||
remove_v2ray_data_dir
|
@ -8,6 +8,7 @@
|
||||
|
||||
// By default, V2Ray write error log to stdout.
|
||||
// "error": "/path/to/error/log/file",
|
||||
"error": "/data/v2ray/run/error.log",
|
||||
|
||||
// Log level, one of "debug", "info", "warning", "error", "none"
|
||||
"loglevel": "warning"
|
||||
@ -15,22 +16,22 @@
|
||||
// List of inbound proxy configurations.
|
||||
"inbounds": [{
|
||||
// Port to listen on. You may need root access if the value is less than 1024.
|
||||
"port": 1080,
|
||||
"port": 65535,
|
||||
|
||||
// IP address to listen on. Change to "0.0.0.0" to listen on all network interfaces.
|
||||
"listen": "127.0.0.1",
|
||||
|
||||
// Tag of the inbound proxy. May be used for routing.
|
||||
"tag": "socks-inbound",
|
||||
"tag": "proxy-inbound",
|
||||
|
||||
// Protocol name of inbound proxy.
|
||||
"protocol": "socks",
|
||||
"protocol": "dokodemo-door",
|
||||
|
||||
// Settings of the protocol. Varies based on protocol.
|
||||
"settings": {
|
||||
"auth": "noauth",
|
||||
"udp": false,
|
||||
"ip": "127.0.0.1"
|
||||
"timeout": 10,
|
||||
"network": "tcp,udp",
|
||||
"followRedirect": true
|
||||
},
|
||||
|
||||
// Enable sniffing on TCP connection.
|
||||
@ -42,6 +43,15 @@
|
||||
}],
|
||||
// List of outbound proxy configurations.
|
||||
"outbounds": [{
|
||||
// Replace your proxy protocol in this section, like: vmess or shadowsocks
|
||||
"protocol": "freedom",
|
||||
|
||||
// Settings of the protocol. Varies based on protocol.
|
||||
"settings": {},
|
||||
|
||||
// Tag of the outbound. May be used for routing.
|
||||
"tag": "proxy"
|
||||
},{
|
||||
// Protocol name of the outbound proxy.
|
||||
"protocol": "freedom",
|
||||
|
||||
@ -65,10 +75,22 @@
|
||||
"domainStrategy": "IPOnDemand",
|
||||
"rules":[
|
||||
{
|
||||
// Blocks access to private IPs. Remove this if you want to access your router.
|
||||
// Bypass private IPs.
|
||||
"type": "field",
|
||||
"ip": ["geoip:private"],
|
||||
"outboundTag": "blocked"
|
||||
"outboundTag": "direct"
|
||||
},
|
||||
{
|
||||
// Bypass all china IPs.
|
||||
"type": "field",
|
||||
"ip": ["geoip:cn"],
|
||||
"outboundTag": "direct"
|
||||
},
|
||||
{
|
||||
// Bypass all china sites.
|
||||
"type": "field",
|
||||
"domain": ["geosite:cn"],
|
||||
"outboundTag": "direct"
|
||||
},
|
||||
{
|
||||
// Blocks major ads.
|
||||
|
149
v2ray/etc/v2ray.redirect
Normal file
149
v2ray/etc/v2ray.redirect
Normal file
@ -0,0 +1,149 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
route_id="1130"
|
||||
inet_uid="3003"
|
||||
route_name="v2ray"
|
||||
proxy_port="65535"
|
||||
proxy_mark="0x20151130"
|
||||
appid_file="/data/v2ray/appid.list"
|
||||
table_file="/data/misc/net/rt_tables"
|
||||
|
||||
appid_list=`[ -f ${appid_file} ] && cat ${appid_file}`
|
||||
|
||||
intranet=(0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4)
|
||||
|
||||
probe_uid_app_name() {
|
||||
app_name=`grep " $1 " /data/system/packages.list | cut -d ' ' -f 1`
|
||||
app_name=`echo ${app_name} | sed 's/ / \& /g'`
|
||||
if [ "${app_name}" != "" ] ; then
|
||||
echo "Redirect ${app_name} APP's network."
|
||||
else
|
||||
echo "APP with uid=$1 is not found."
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
delete_route_table() {
|
||||
if eval "ip rule | grep -q \"from all fwmark ${proxy_mark} lookup\"" ; then
|
||||
echo "Clean UDP redirection route table."
|
||||
ip rule del fwmark ${proxy_mark} lookup ${route_id}
|
||||
ip route flush table ${route_id}
|
||||
fi
|
||||
sed -i "/${route_id} ${route_name}/d" ${table_file}
|
||||
}
|
||||
|
||||
create_route_table() {
|
||||
echo "Create UDP redirection route table."
|
||||
echo "${route_id} ${route_name}" >> ${table_file}
|
||||
ip route add local default dev lo table ${route_id}
|
||||
ip rule add fwmark ${proxy_mark} lookup ${route_id}
|
||||
}
|
||||
|
||||
flush_tcp_iptables() {
|
||||
echo "Clean TCP redirection iptables rules."
|
||||
iptables -w 10 -t nat -D OUTPUT -p tcp -j TCP_PRE_PROXY 2>/dev/null
|
||||
if eval "iptables -w 10 -t nat -L TCP_PRE_PROXY &>/dev/null" ; then
|
||||
iptables -w 10 -t nat -F TCP_PRE_PROXY
|
||||
iptables -w 10 -t nat -X TCP_PRE_PROXY
|
||||
fi
|
||||
if eval "iptables-save -t nat | grep -q ':V2RAY '" ; then
|
||||
iptables -w 10 -t nat -F V2RAY
|
||||
iptables -w 10 -t nat -X V2RAY
|
||||
fi
|
||||
}
|
||||
|
||||
flush_udp_iptables() {
|
||||
echo "Clean UDP redirection iptables rules."
|
||||
iptables -w 10 -t mangle -D PREROUTING -p udp -j V2RAY 2>/dev/null
|
||||
iptables -w 10 -t mangle -D OUTPUT -p udp -j UDP_PRE_PROXY 2>/dev/null
|
||||
if eval "iptables-save -t mangle | grep -q ':UDP_PRE_PROXY '" ; then
|
||||
iptables -w 10 -t mangle -F UDP_PRE_PROXY
|
||||
iptables -w 10 -t mangle -X UDP_PRE_PROXY
|
||||
fi
|
||||
if eval "iptables-save -t mangle | grep -q ':V2RAY '" ; then
|
||||
iptables -w 10 -t mangle -F V2RAY
|
||||
iptables -w 10 -t mangle -X V2RAY
|
||||
fi
|
||||
}
|
||||
|
||||
init_tcp_iptables() {
|
||||
echo "Create TCP redirection iptables rules."
|
||||
## create NAT iptables for TCP redirect
|
||||
iptables -w 10 -t nat -N V2RAY
|
||||
iptables -w 10 -t nat -N TCP_PRE_PROXY
|
||||
## bypass intranet
|
||||
for subnet in ${intranet[@]}; do
|
||||
iptables -w 10 -t nat -A V2RAY -d ${subnet} -j RETURN
|
||||
done
|
||||
## bypass v2ray program
|
||||
iptables -w 10 -t nat -A TCP_PRE_PROXY -m owner --uid-owner ${inet_uid} -j RETURN
|
||||
## apply to NAT iptables OUTPUT
|
||||
iptables -w 10 -t nat -A V2RAY -p tcp -j REDIRECT --to-ports ${proxy_port}
|
||||
}
|
||||
|
||||
init_udp_iptables() {
|
||||
echo "Create UDP redirection iptables rules."
|
||||
## create Mangle iptables for UDP redirect
|
||||
iptables -w 10 -t mangle -N V2RAY
|
||||
iptables -w 10 -t mangle -N UDP_PRE_PROXY
|
||||
## bypass intranet
|
||||
for subnet in ${intranet[@]}; do
|
||||
iptables -w 10 -t mangle -A UDP_PRE_PROXY -d ${subnet} -j RETURN
|
||||
done
|
||||
## bypass v2ray program
|
||||
iptables -w 10 -t mangle -A UDP_PRE_PROXY -m owner --uid-owner ${inet_uid} -j RETURN
|
||||
## apply to Mangle iptables OUTPUT & PREROUTING
|
||||
iptables -w 10 -t mangle -A V2RAY -p udp -m mark --mark ${proxy_mark} -j TPROXY --on-ip 127.0.0.1 --on-port ${proxy_port}
|
||||
}
|
||||
|
||||
redirect_iptables() {
|
||||
if [ "${appid_list}" = "0" ] ; then
|
||||
## redirect global network
|
||||
echo "Redirect TCP & UDP with Global mode."
|
||||
iptables -w 10 -t nat -A TCP_PRE_PROXY -m owner ! --uid-owner ${inet_uid} -j V2RAY
|
||||
iptables -w 10 -t mangle -A UDP_PRE_PROXY -m owner ! --uid-owner ${inet_uid} -j MARK --set-mark ${proxy_mark}
|
||||
else
|
||||
## effect assign app
|
||||
for appid in ${appid_list}; do
|
||||
probe_uid_app_name ${appid} && \
|
||||
iptables -w 10 -t nat -A TCP_PRE_PROXY -m owner --uid-owner ${appid} -j V2RAY && \
|
||||
iptables -w 10 -t mangle -A UDP_PRE_PROXY -m owner --uid-owner ${appid} -j MARK --set-mark ${proxy_mark}
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
apply_iptables_rules() {
|
||||
iptables -w 10 -t nat -A OUTPUT -p tcp -j TCP_PRE_PROXY
|
||||
iptables -w 10 -t mangle -A OUTPUT -p udp -j UDP_PRE_PROXY
|
||||
iptables -w 10 -t mangle -A PREROUTING -p udp -j V2RAY
|
||||
}
|
||||
|
||||
disable_redirect() {
|
||||
delete_route_table
|
||||
flush_tcp_iptables
|
||||
flush_udp_iptables
|
||||
}
|
||||
|
||||
enable_redirect() {
|
||||
disable_redirect
|
||||
create_route_table
|
||||
init_tcp_iptables
|
||||
init_udp_iptables
|
||||
redirect_iptables
|
||||
apply_iptables_rules
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
enable)
|
||||
enable_redirect
|
||||
;;
|
||||
disable)
|
||||
disable_redirect
|
||||
;;
|
||||
renew)
|
||||
enable_redirect
|
||||
;;
|
||||
*)
|
||||
echo "$0: usage: $0 {enable|disable|renew}"
|
||||
;;
|
||||
esac
|
@ -22,6 +22,13 @@ probe_service() {
|
||||
fi
|
||||
}
|
||||
|
||||
simple_clean_iptables() {
|
||||
echo "Clean relevant iptables simply."
|
||||
iptables -w 10 -t nat -D OUTPUT -p tcp -j TCP_PRE_PROXY 2>/dev/null
|
||||
iptables -w 10 -t mangle -D PREROUTING -p udp -j V2RAY 2>/dev/null
|
||||
iptables -w 10 -t mangle -D OUTPUT -p udp -j UDP_PRE_PROXY 2>/dev/null
|
||||
}
|
||||
|
||||
do_start() {
|
||||
if ! probe_service && [ -f ${CONFFILE} ] && ${V2RAY} ${V2RAY_OPTS} -test ; then
|
||||
echo "Starting ${NAME} service."
|
||||
@ -31,6 +38,16 @@ do_start() {
|
||||
chmod 6755 ${V2RAY}
|
||||
${V2RAY} ${V2RAY_OPTS} &
|
||||
echo -n $! > ${PIDFILE}
|
||||
sleep 10
|
||||
if probe_service ; then
|
||||
echo "Start ${NAME} service Done."
|
||||
else
|
||||
rm -f ${PIDFILE}
|
||||
echo "Start ${NAME} service Failed."
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
return 2
|
||||
fi
|
||||
}
|
||||
|
||||
@ -47,11 +64,13 @@ case "$1" in
|
||||
do_start
|
||||
;;
|
||||
stop)
|
||||
simple_clean_iptables
|
||||
do_stop
|
||||
;;
|
||||
restart)
|
||||
do_stop
|
||||
do_start
|
||||
do_start || \
|
||||
simple_clean_iptables
|
||||
;;
|
||||
*)
|
||||
echo "$0: usage: $0 {start|stop|restart}"
|
||||
|
Loading…
Reference in New Issue
Block a user