From 65810c77c1f1ee24fe2d0cd32376dc77b4fb9567 Mon Sep 17 00:00:00 2001
From: juewuy <juewuy@126.com>
Date: Sun, 17 Sep 2023 19:02:27 +0800
Subject: [PATCH] =?UTF-8?q?v1.8.1=20~=E4=BF=AE=E5=A4=8D=E9=83=A8=E5=88=86?=
 =?UTF-8?q?=E8=AE=BE=E5=A4=87=E6=97=A0=E6=B3=95=E6=AD=A3=E7=A1=AE=E8=8E=B7?=
 =?UTF-8?q?=E5=8F=96=E6=9C=AC=E5=9C=B0=E7=BD=91=E6=AE=B5=E7=9A=84=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98=20~=E6=9C=AC=E6=9C=BA=E4=BB=A3=E7=90=86=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E7=BB=95=E8=BF=87=E6=9C=AC=E6=9C=BAdnsmasq=E9=80=BB?=
 =?UTF-8?q?=E8=BE=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 scripts/clash.sh | 2 +-
 scripts/start.sh | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/scripts/clash.sh b/scripts/clash.sh
index 0398793..f96bcbc 100644
--- a/scripts/clash.sh
+++ b/scripts/clash.sh
@@ -670,7 +670,7 @@ setipv6(){
 setfirewall(){
 	set_cust_host_ipv4(){		
 		echo -----------------------------------------------
-		echo -e "当前已自动设置透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | tr '\n' ' ' && echo ) \033[0m"
+		echo -e "当前已自动设置透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo ) \033[0m"
 		echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m"
 		echo -----------------------------------------------	
 		echo -e "\033[33m自定义网段不会覆盖自动获取的网段地址，无需重复添加\033[0m"
diff --git a/scripts/start.sh b/scripts/start.sh
index ab610fa..50a5ed3 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -141,7 +141,7 @@ mark_time(){
 getlanip(){
 	i=1
 	while [ "$i" -le "10" ];do
-		host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -Ev 'iot|metric' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' ) #ipv4局域网网段
+		host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -Ev 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' ) #ipv4局域网网段
 		[ "$ipv6_redir" = "已开启" ] && host_ipv6=$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g' ) #ipv6公网地址段
 		[ -f  $TMPDIR/ShellClash_log ] && break
 		[ -n "$host_ipv4" -a -n "$host_ipv6" ] && break
@@ -715,6 +715,7 @@ start_output(){
 	#设置dns转发
 	[ "$dns_no" != "已禁用" ] && {
 	iptables -t nat -N clash_dns_out
+	iptables -t nat -A clash_dns_out -m owner --gid-owner 453 -j RETURN #绕过本机dnsmasq
 	iptables -t nat -A clash_dns_out -m owner --gid-owner 7890 -j RETURN
 	iptables -t nat -A clash_dns_out -p udp -s 127.0.0.0/8 -j REDIRECT --to $dns_port
 	iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out
@@ -880,7 +881,7 @@ start_nft(){
 	[ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && {
 		#dns
 		nft add chain inet shellclash dns_out { type nat hook output priority -100 \; }
-		nft add rule inet shellclash dns_out meta skgid 7890 return && \
+		nft add rule inet shellclash dns_out meta skgid {453,7890} return && \
 		nft add rule inet shellclash dns_out udp dport 53 redirect to $dns_port
 		#output
 		nft add chain inet shellclash output { type nat hook output priority -100 \; }