Skip to content

Instantly share code, notes, and snippets.

@breakertt
Last active October 31, 2024 04:14
Show Gist options
  • Save breakertt/e9b89a8313cc566644a51463bec3d08f to your computer and use it in GitHub Desktop.
Save breakertt/e9b89a8313cc566644a51463bec3d08f to your computer and use it in GitHub Desktop.
clash-redir.sh
# clash
iptables -t nat -N clash
iptables -t nat -A clash -p tcp -m multiport --sports 21,22,80,443,445,3389,5201,5900,5901,5902 -j RETURN
iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
iptables -t nat -A clash -d 192.168.18.2/32 -j RETURN
iptables -t nat -A clash -p tcp -j REDIRECT --to-port 7892
# nat PREROUTING
iptables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 3053
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 3053
iptables -t nat -A PREROUTING -p tcp -j clash
# ip route
ip route add local default dev lo table 100
ip rule add fwmark 1 lookup 100
# udp
iptables -t mangle -N clash
iptables -t mangle -A clash -p udp --dport 53 -j RETURN
iptables -t mangle -A clash -p udp --dport 7853 -j RETURN
iptables -t mangle -A clash -d 0.0.0.0/8 -j RETURN
iptables -t mangle -A clash -d 10.0.0.0/8 -j RETURN
iptables -t mangle -A clash -d 127.0.0.0/8 -j RETURN
iptables -t mangle -A clash -d 169.254.0.0/16 -j RETURN
iptables -t mangle -A clash -d 172.16.0.0/12 -j RETURN
iptables -t mangle -A clash -d 192.168.0.0/16 -j RETURN
iptables -t mangle -A clash -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A clash -d 240.0.0.0/4 -j RETURN
iptables -t mangle -A clash -d 192.168.18.2/32 -j RETURN
iptables -t mangle -A clash -p udp -j TPROXY --on-port 7892 --tproxy-mark 1
iptables -t mangle -A PREROUTING -p udp -j clash
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment