janlay/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Clash tun and Telegram

This gist provides key guideline to make Clash tun handle Telegram's pure IP traffic.
You may want to change the corresponding items in the script


The IP list file telegram.list is located in /etc/asn/
7892 is redir-port in Clash's config file
iptables module iptables-mod-extra is required for the --match-set usage

Usage


Prepare your Clash service with:


Run setup_firewall after starting service
Run reset_firewall after stopping service


Start Clash service with tun enabled


## scripts.sh
setup_firewall() {
	local name=telegram
	ipset create $name hash:net family inet hashsize 1024 maxelem 32
	xargs -n1 ipset add $name < /etc/asn/telegram.list

	iptables -t nat -A PREROUTING -p tcp -m set --match-set $name dst -j REDIRECT --to-ports 7892
}

reset_firewall() {
	local name=telegram
	iptables -t nat -D PREROUTING -p tcp -m set --match-set $name dst -j REDIRECT --to-ports 7892 &> /dev/null
	ipset destroy $name
}

## telegram.list
91.105.192.0/23
91.108.4.0/22
91.108.8.0/21
91.108.16.0/21
91.108.56.0/22
95.161.64.0/20
109.239.140.0/24
149.154.160.0/20
185.76.151.0/24
	setup_firewall() {
	local name=telegram
	ipset create $name hash:net family inet hashsize 1024 maxelem 32
	xargs -n1 ipset add $name < /etc/asn/telegram.list

	iptables -t nat -A PREROUTING -p tcp -m set --match-set $name dst -j REDIRECT --to-ports 7892
	}

	reset_firewall() {
	local name=telegram
	iptables -t nat -D PREROUTING -p tcp -m set --match-set $name dst -j REDIRECT --to-ports 7892 &> /dev/null
	ipset destroy $name
	}
	91.105.192.0/23
	91.108.4.0/22
	91.108.8.0/21
	91.108.16.0/21
	91.108.56.0/22
	95.161.64.0/20
	109.239.140.0/24
	149.154.160.0/20
	185.76.151.0/24