[LEDE-DEV] [PATCH] shadowsocks-libev: fix tproxy issue for udp traffic
Zhizhang
andy at 2011ysyb.com
Thu Jun 22 05:46:38 PDT 2017
ss-rules script in shadowsocks-libev currently is using TPROXY without mark packet first this patch will fix it.
Signed-off-by: Zhizhang Deng <andy at 2011ysyb.com>
--- ss-rules 2017-05-17 12:40:01.020106879 -0400
+++ ss-rules-new 2017-05-17 12:45:19.740116941 -0400
@@ -120,6 +120,9 @@
$ipt_m -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \
-j TPROXY --on-port $LOCAL_PORT --tproxy-mark 0x01/0x01
$ipt_m -A PREROUTING -p udp $EXT_ARGS \
+ -m socket \
+ -m comment --comment "_SS_SPEC_RULE_" -j MARK --set-mark 1
+ $ipt_m -A PREROUTING -p udp $EXT_ARGS \
-m set ! --match-set ss_spec_lan_ac src \
-m comment --comment "_SS_SPEC_RULE_" -j SS_SPEC_TPROXY
return $?
More information about the Lede-dev
mailing list