91 lines
2.6 KiB
Bash
91 lines
2.6 KiB
Bash
#!/bin/sh /etc/rc.common
|
||
# Example script
|
||
# Copyright (C) 2007 OpenWrt.org
|
||
|
||
USE_PROCD=1
|
||
START=99
|
||
|
||
getconfig(){
|
||
cpath=/etc/clash
|
||
ccfg=$cpath/mark
|
||
if [ ! -f "$ccfg" ]; then
|
||
echo mark文件不存在,默认以Redir模式运行!
|
||
cat >$ccfg<<EOF
|
||
#标识clash运行状态的文件,不明勿动!
|
||
EOF
|
||
redir_mod=redir模式
|
||
common_ports=未开启
|
||
fi
|
||
source $ccfg #加载配置文件
|
||
#是否代理常用端口
|
||
if [ "$common_ports" = "已开启" ];then
|
||
ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
|
||
fi
|
||
}
|
||
mark_time(){
|
||
start_time=`date +%s`
|
||
sed -i '/start_time*/'d $ccfg
|
||
sed -i "3i\start_time=$start_time" $ccfg
|
||
}
|
||
start_redir(){
|
||
#修改iptables规则使流量进入clash
|
||
iptables -t nat -N clash
|
||
iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
|
||
iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
|
||
iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
|
||
iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
|
||
iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
|
||
iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
|
||
iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
|
||
iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
|
||
iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
|
||
iptables -t nat -A PREROUTING -p tcp -j clash
|
||
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
|
||
ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
|
||
}
|
||
stop_redir(){
|
||
#重置iptables规则
|
||
iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
|
||
iptables -t nat -F clash > /dev/null 2>&1
|
||
iptables -t nat -X clash > /dev/null 2>&1
|
||
iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
|
||
ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
|
||
}
|
||
start_tun(){
|
||
#修改iptables规则使流量进入clash
|
||
iptables -I FORWARD -o utun -j ACCEPT
|
||
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
|
||
ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
|
||
}
|
||
stop_tun(){
|
||
iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
|
||
ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
|
||
}
|
||
start_service() {
|
||
getconfig
|
||
#创建clash后台进程
|
||
procd_open_instance
|
||
procd_set_param respawn
|
||
procd_set_param stderr 1
|
||
procd_set_param stdout 1
|
||
procd_set_param command $cpath/clash -d $cpath
|
||
procd_close_instance
|
||
#修改iptables规则使流量进入clash
|
||
if [[ "$redir_mod" = "Tun模式" ]];then
|
||
stop_tun
|
||
start_tun
|
||
mark_time
|
||
else
|
||
stop_redir
|
||
start_redir
|
||
mark_time
|
||
fi
|
||
}
|
||
stop_service() {
|
||
getconfig
|
||
if [[ "$redir_mod" = "Tun模式" ]];then
|
||
stop_tun
|
||
else
|
||
stop_redir
|
||
fi
|
||
} |