Last active
February 15, 2020 04:11
-
-
Save Towdium/daae4a4f4061efc98949ac989006154b to your computer and use it in GitHub Desktop.
Toggle on/off global proxy with v2ray Dokodemo based on iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ]; then | |
| echo "Usage: global [enable|disable]" | |
| exit 1 | |
| fi | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "This script must be run as root" | |
| exit 1 | |
| fi | |
| if [ $1 == "enable" ]; then | |
| ip rule add fwmark 1 table 100 | |
| ip route add local 0.0.0.0/0 dev lo table 100 | |
| iptables -t mangle -N V2RAY | |
| iptables -t mangle -A V2RAY -d 127.0.0.1/32 -j RETURN | |
| iptables -t mangle -A V2RAY -d 172.17.0.0/16 -j RETURN | |
| iptables -t mangle -A V2RAY -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A V2RAY -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A V2RAY -d 192.168.0.0/16 -p tcp -j RETURN | |
| iptables -t mangle -A V2RAY -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN | |
| iptables -t mangle -A V2RAY -p udp -j TPROXY --on-port 1082 --tproxy-mark 1 | |
| iptables -t mangle -A V2RAY -p tcp -j TPROXY --on-port 1082 --tproxy-mark 1 | |
| iptables -t mangle -A PREROUTING -j V2RAY | |
| iptables -t mangle -N V2RAY_MASK | |
| iptables -t mangle -A V2RAY_MASK -d 127.0.0.1/32 -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -d 172.17.0.0/16 -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -d 224.0.0.0/4 -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -d 255.255.255.255/32 -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -d 192.168.0.0/16 -p tcp -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN | |
| iptables -t mangle -A V2RAY_MASK -j RETURN -m mark --mark 0xff | |
| iptables -t mangle -A V2RAY_MASK -p udp -j MARK --set-mark 1 | |
| iptables -t mangle -A V2RAY_MASK -p tcp -j MARK --set-mark 1 | |
| iptables -t mangle -A OUTPUT -j V2RAY_MASK | |
| elif [ $1 == "disable" ]; then | |
| ip rule del fwmark 1 table 100 | |
| ip route del local 0.0.0.0/0 dev lo table 100 | |
| iptables -t mangle -D PREROUTING -j V2RAY | |
| iptables -t mangle -F V2RAY | |
| iptables -t mangle -X V2RAY | |
| iptables -t mangle -D OUTPUT -j V2RAY_MASK | |
| iptables -t mangle -F V2RAY_MASK | |
| iptables -t mangle -X V2RAY_MASK | |
| else | |
| echo "Invalid arg: \"$1\"" | |
| exit 1 | |
| fi% |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Enable system global proxy | |
| Wants=network-online.target | |
| After=network-online.target | |
| [Service] | |
| ExecStart=/usr/bin/global enable | |
| ExecStop=/usr/bin/global disable | |
| RemainAfterExit=yes | |
| [Install] | |
| WantedBy=multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment