From 9e1fe84fec35880b44b67ccc327e97a72d0c91ca Mon Sep 17 00:00:00 2001 From: juewuy Date: Tue, 5 Jan 2021 19:38:48 +0800 Subject: [PATCH] =?UTF-8?q?v1.0.0beta18.4=20~=E4=BF=AE=E5=A4=8D=E5=8F=AF?= =?UTF-8?q?=E4=BB=A5=E9=80=9A=E8=BF=87=E5=A4=96=E7=BD=91=E8=AE=BF=E9=97=AE?= =?UTF-8?q?clash=E5=AF=BC=E8=87=B4=E7=AB=AF=E5=8F=A3=E6=9A=B4=E9=9C=B2?= =?UTF-8?q?=E7=9A=84bug=20~=E4=BF=AE=E5=A4=8Dpac=E9=83=A8=E5=88=86?= =?UTF-8?q?=E6=83=85=E5=86=B5=E4=B8=8B=E4=B8=8D=E5=8F=AF=E7=94=A8=E7=9A=84?= =?UTF-8?q?bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/clash.sh | 1 + scripts/start.sh | 23 +++++++++++++++-------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/scripts/clash.sh b/scripts/clash.sh index 5f4aec0..8e264ad 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -808,6 +808,7 @@ clashadv(){ read -p "确认停用此功能?(1/0) > " res [ "$res" = 1 ] && bindir="$clashdir" && echo -e "\033[33m已经停用小闪存功能!\033[0m" else + rm -rf /tmp/clash_$USER bindir="$clashdir" echo -e "\033[33m已经停用小闪存功能!\033[0m" fi diff --git a/scripts/start.sh b/scripts/start.sh index cda8422..76e3cdc 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -89,6 +89,11 @@ mark_time(){ sed -i '/start_time*/'d $clashdir/mark echo start_time=$start_time >> $clashdir/mark } +gethost(){ + host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';) + [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E '192.|10.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) + [ -n "$host" ] && lanhost="-s $(echo $host | grep -oE '192.|10.')0.0.0/8" +} #配置文件相关 getyaml(){ [ -z "$rule_link" ] && rule_link=1 @@ -282,6 +287,8 @@ EOF } #设置路由规则 start_redir(){ + #获取本地局域网地址段 + gethost #流量过滤规则 iptables -t nat -N clash iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN @@ -304,7 +311,7 @@ start_redir(){ done iptables -t nat -A clash -p tcp $ports -j REDIRECT --to-ports $redir_port fi - iptables -t nat -A PREROUTING -p tcp -j clash + iptables -t nat -A PREROUTING -p tcp $lanhost -j clash #设置ipv6转发 ip6_nat=$(ip6tables -t nat -L 2>&1 | grep -o 'Chain') if [ -n "$ip6_nat" -a "$ipv6_support" = "已开启" ];then @@ -375,6 +382,7 @@ start_dns(){ fi } start_udp(){ + gethost #获取本地局域网地址段 ip rule add fwmark 1 table 100 ip route add local default dev lo table 100 iptables -t mangle -N clash @@ -398,13 +406,14 @@ start_udp(){ done iptables -t mangle -A clash -p udp -j TPROXY --on-port $redir_port --tproxy-mark 1 fi - iptables -t mangle -A PREROUTING -p udp -j clash + iptables -t mangle -A PREROUTING -p udp $lanhost -j clash } stop_iptables(){ + gethost #获取本地局域网地址段 #重置iptables规则 ip rule del fwmark 1 table 100 2> /dev/null ip route del local default dev lo table 100 2> /dev/null - iptables -t nat -D PREROUTING -p tcp -j clash 2> /dev/null + iptables -t nat -D PREROUTING -p tcp $lanhost -j clash 2> /dev/null iptables -t nat -D PREROUTING -p udp -j clash_dns 2> /dev/null iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash_dns 2> /dev/null iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash_dns 2> /dev/null @@ -414,7 +423,7 @@ stop_iptables(){ iptables -t nat -X clash_dns 2> /dev/null iptables -D FORWARD -o utun -j ACCEPT 2> /dev/null #重置udp规则 - iptables -t mangle -D PREROUTING -p udp -j clash 2> /dev/null + iptables -t mangle -D PREROUTING -p udp $lanhost -j clash 2> /dev/null iptables -t mangle -F clash 2> /dev/null iptables -t mangle -X clash 2> /dev/null #重置ipv6规则 @@ -483,9 +492,7 @@ web_restore(){ } #启动相关 catpac(){ - host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';) - [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E '192.|10.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) - [ -z "$host" ] && host=127.0.0.1 + gethost cat > /tmp/clash_pac <