v1.8.1
~修复部分设备无法正确获取本地网段的问题 ~本机代理增加绕过本机dnsmasq逻辑
This commit is contained in:
juewuy
@@ -141,7 +141,7 @@ mark_time(){
|
||||
getlanip(){
|
||||
i=1
|
||||
while [ "$i" -le "10" ];do
|
||||
host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -Ev 'iot|metric' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' ) #ipv4局域网网段
|
||||
host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -Ev 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' ) #ipv4局域网网段
|
||||
[ "$ipv6_redir" = "已开启" ] && host_ipv6=$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g' ) #ipv6公网地址段
|
||||
[ -f $TMPDIR/ShellClash_log ] && break
|
||||
[ -n "$host_ipv4" -a -n "$host_ipv6" ] && break
|
||||
@@ -715,6 +715,7 @@ start_output(){
|
||||
#设置dns转发
|
||||
[ "$dns_no" != "已禁用" ] && {
|
||||
iptables -t nat -N clash_dns_out
|
||||
iptables -t nat -A clash_dns_out -m owner --gid-owner 453 -j RETURN #绕过本机dnsmasq
|
||||
iptables -t nat -A clash_dns_out -m owner --gid-owner 7890 -j RETURN
|
||||
iptables -t nat -A clash_dns_out -p udp -s 127.0.0.0/8 -j REDIRECT --to $dns_port
|
||||
iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out
|
||||
@@ -880,7 +881,7 @@ start_nft(){
|
||||
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && {
|
||||
#dns
|
||||
nft add chain inet shellclash dns_out { type nat hook output priority -100 \; }
|
||||
nft add rule inet shellclash dns_out meta skgid 7890 return && \
|
||||
nft add rule inet shellclash dns_out meta skgid {453,7890} return && \
|
||||
nft add rule inet shellclash dns_out udp dport 53 redirect to $dns_port
|
||||
#output
|
||||
nft add chain inet shellclash output { type nat hook output priority -100 \; }
|
||||
|
||||
Reference in New Issue
Block a user