[LEDE-DEV] [PATCH] shadowsocks-libev: fix tproxy issue for udp traffic
Zhizhang
andy at 2011ysyb.com
Thu Jun 22 20:20:28 PDT 2017
ss-rules script in shadowsocks-libev currently is using TPROXY without mark packet first this patch will fix it
Signed-off-by: Zhizhang Deng <andy at 2011ysyb.com>
---
net/shadowsocks-libev/files/ss-rules | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/shadowsocks-libev/files/ss-rules b/net/shadowsocks-libev/files/ss-rules
index 8ce1000..084f87e 100644
--- a/net/shadowsocks-libev/files/ss-rules
+++ b/net/shadowsocks-libev/files/ss-rules
@@ -120,6 +120,9 @@ tp_rule() {
$ipt_m -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \
-j TPROXY --on-port $LOCAL_PORT --tproxy-mark 0x01/0x01
$ipt_m -A PREROUTING -p udp $EXT_ARGS \
+ -m socket \
+ -m comment --comment "_SS_SPEC_RULE_" -j MARK --set-mark 1
+ $ipt_m -A PREROUTING -p udp $EXT_ARGS \
-m set ! --match-set ss_spec_lan_ac src \
-m comment --comment "_SS_SPEC_RULE_" -j SS_SPEC_TPROXY
return $?
More information about the Lede-dev
mailing list