Skip to content

Instantly share code, notes, and snippets.

@yinheli

yinheli/start-ss.sh

Created February 3, 2016 07:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yinheli/4f6a5a77fb6ce6c8f52b to your computer and use it in GitHub Desktop.
Save yinheli/4f6a5a77fb6ce6c8f52b to your computer and use it in GitHub Desktop.
Download ZIP
本地使用 ss
Raw
start-ss.sh
#!/bin/bash
# @author yinheli
workdir=$(cd $(dirname $0); pwd)
cd $workdir
wan_ip="104.224.129.180"
wan_port="1988"
dns_port="53"
ignore_list="ignore.list"
gen_iplist() {
cat <<-EOF
0.0.0.0/8
10.0.0.0/8
100.64.0.0/10
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.18.0.0/15
198.51.100.0/24
203.0.113.0/24
224.0.0.0/4
240.0.0.0/4
255.255.255.255
${wan_ip}
$(cat ${ignore_list:=/dev/null} 2>/dev/null)
$(cat ext_ignore 2>/dev/null)
EOF
}
iptables -t nat -F OUTPUT 2>/dev/null
ipset -X ss_spec_lan_ac 2>/dev/null
killall -TERM ss-redir 2>/dev/null
#killall -TERM ss-tunnel 2>/dev/null
killall -TERM chinadns 2>/dev/null
ipset -! -R <<-EOF
create ss_spec_lan_ac hash:net
$(gen_iplist | sed -e "s/^/add ss_spec_lan_ac /")
EOF
iptables -t nat -I OUTPUT 1 -p tcp \
! --dport $wan_port -m set \
! --match-set ss_spec_lan_ac dst \
-j REDIRECT --to-ports $wan_port
./ss-redir -c config.json -b 127.0.0.1 -v > $workdir/console.log 2>&1 &
#./ss-tunnel -c config.json -b 0.0.0.0 -l 5300 -L 8.8.8.8:53 -u > $workdir/dns.log 2>&1 &
./chinadns -c $ignore_list > /dev/null 2>&1 &
iptables -t nat -nL
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment