v1.3.2-test

~本机代理功能增加iptables增强模式（仅支持Linux系统） ~优化iptables增强模式机制，修复潜在报错 ~修复mesh设备开机启动后shellclash无法正常工作的bug（待测试）
2021-05-16 22:28:28 +08:00
parent fcfbc29219
commit 1bc6b7726b
2 changed files with 2 additions and 2 deletions
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -420,7 +420,7 @@ start_udp(){
 start_output(){
 	#流量过滤规则
 	iptables -t nat -N clash_out
-	iptables -t nat -A clash_out -m owner --uid-owner 7890 -j RETURN
+	iptables -t nat -A clash_out -m owner --gid-owner 7890 -j RETURN
 	iptables -t nat -A clash_out -d 0.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 10.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 127.0.0.0/8 -j RETURN
@@ -444,7 +444,7 @@ start_output(){
 	iptables -t nat -A OUTPUT -p tcp -j clash_out
 	#设置dns转发
 	iptables -t nat -N clash_dns_out
-	iptables -t nat -A clash_dns_out -m owner --uid-owner shellclash -j RETURN
+	iptables -t nat -A clash_dns_out -m owner --gid-owner 7890 -j RETURN
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do