Last active
April 17, 2024 15:34
-
-
Save DianQK/25cf82bff5136068b98575adef598f82 to your computer and use it in GitHub Desktop.
使用基于 tproxy 的 clash 处理外网流量(同时解决在外面访问家里内网问题)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| iptables -t mangle -N DIVERT | |
| iptables -t mangle -A DIVERT -d 100.64.0.0/10 -j RETURN | |
| iptables -t mangle -A DIVERT -d 127.0.0.0/8 -j RETURN | |
| iptables -t mangle -A DIVERT -d 169.254.0.0/16 -j RETURN | |
| iptables -t mangle -A DIVERT -d 192.0.0.0/24 -j RETURN | |
| iptables -t mangle -A DIVERT -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A DIVERT -d 240.0.0.0/4 -j RETURN | |
| iptables -t mangle -A DIVERT -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A DIVERT -d 192.168.0.0/16 -j RETURN | |
| iptables -t mangle -A DIVERT -d 172.16.0.0/12 -j RETURN | |
| iptables -t mangle -A DIVERT -d 10.0.0.0/8 -j RETURN | |
| iptables -t mangle -A DIVERT -p tcp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A DIVERT -p udp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A PREROUTING -j DIVERT | |
| iptables -t mangle -N LOCAL_DIVERT | |
| iptables -t mangle -A LOCAL_DIVERT -d 100.64.0.0/10 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 127.0.0.0/8 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 169.254.0.0/16 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 192.0.0.0/24 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 240.0.0.0/4 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 192.168.0.0/16 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 172.16.0.0/12 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 10.0.0.0/8 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -p tcp -j MARK --set-mark 23 | |
| iptables -t mangle -A LOCAL_DIVERT -p udp -j MARK --set-mark 23 | |
| iptables -t mangle -A OUTPUT -m owner ! --gid-owner 23333 -j LOCAL_DIVERT | |
| iptables -t nat -N LOCAL_DNS_DIVERT | |
| iptables -t nat -A LOCAL_DNS_DIVERT -p udp --dport 53 -j REDIRECT --to-ports 1053 | |
| iptables -t nat -I OUTPUT -m owner ! --gid-owner 23333 -j LOCAL_DNS_DIVERT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| home_cidr='192.168.22.0/24' | |
| iptables -t mangle -N INTRANT_DIVERT | |
| iptables -t mangle -A INTRANT_DIVERT -s 10.0.0.0/8 -p tcp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A INTRANT_DIVERT -s 10.0.0.0/8 -p udp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A INTRANT_DIVERT -s 172.16.0.0/12 -p tcp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A INTRANT_DIVERT -s 172.16.0.0/12 -p udp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A INTRANT_DIVERT -s 192.168.0.0/16 -p tcp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A INTRANT_DIVERT -s 192.168.0.0/16 -p udp -j TPROXY --on-port 22223 | |
| iptables -t mangle -N DIVERT | |
| iptables -t mangle -A DIVERT -d 100.64.0.0/10 -j RETURN | |
| iptables -t mangle -A DIVERT -d 127.0.0.0/8 -j RETURN | |
| iptables -t mangle -A DIVERT -d 169.254.0.0/16 -j RETURN | |
| iptables -t mangle -A DIVERT -d 192.0.0.0/24 -j RETURN | |
| iptables -t mangle -A DIVERT -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A DIVERT -d 240.0.0.0/4 -j RETURN | |
| iptables -t mangle -A DIVERT -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A DIVERT -d $home_cidr ! -s $home_cidr -j INTRANT_DIVERT | |
| iptables -t mangle -A DIVERT -d 192.168.0.0/16 -j RETURN | |
| iptables -t mangle -A DIVERT -d 172.16.0.0/12 -j RETURN | |
| iptables -t mangle -A DIVERT -d 10.0.0.0/8 -j RETURN | |
| iptables -t mangle -A DIVERT -p tcp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A DIVERT -p udp -j TPROXY --on-port 22223 | |
| iptables -t mangle -A PREROUTING -j DIVERT | |
| iptables -t mangle -N LOCAL_INTRANET_DIVERT | |
| iptables -t mangle -A LOCAL_INTRANET_DIVERT -p tcp -j MARK --set-mark 23 | |
| iptables -t mangle -A LOCAL_INTRANET_DIVERT -p udp -j MARK --set-mark 23 | |
| iptables -t mangle -N LOCAL_DIVERT | |
| iptables -t mangle -A LOCAL_DIVERT -d 100.64.0.0/10 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 127.0.0.0/8 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 169.254.0.0/16 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 192.0.0.0/24 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 240.0.0.0/4 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d $home_cidr ! -s $home_cidr -j LOCAL_INTRANET_DIVERT | |
| iptables -t mangle -A LOCAL_DIVERT -d 192.168.0.0/16 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 172.16.0.0/12 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -d 10.0.0.0/8 -j RETURN | |
| iptables -t mangle -A LOCAL_DIVERT -p tcp -j MARK --set-mark 23 | |
| iptables -t mangle -A LOCAL_DIVERT -p udp -j MARK --set-mark 23 | |
| iptables -t mangle -A OUTPUT -m owner ! --gid-owner 23333 -j LOCAL_DIVERT | |
| iptables -t nat -N LOCAL_DNS_DIVERT | |
| iptables -t nat -A LOCAL_DNS_DIVERT -p udp --dport 53 -j REDIRECT --to-ports 1053 | |
| iptables -t nat -I OUTPUT -m owner ! --gid-owner 23333 -j LOCAL_DNS_DIVERT |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment