Giter VIP home page Giter VIP logo

Comments (10)

jerrykuku avatar jerrykuku commented on August 12, 2024

这个文件在什么地方?

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

在 /var/etc/
我的openwrt版本:
Linux MT-OP 3.14.29 #1 SMP Tue May 28 17:32:37 CST 2019 aarch64 GNU/Linux

from luci-app-vssr.

jerrykuku avatar jerrykuku commented on August 12, 2024

这个目录是在内存中的 重启后肯定会复位。

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

这个目录是在内存中的 重启后肯定会复位。

哦,求大神告知如果修改此文件内容,是在哪里修改呢?

因为其中内容有条规则影响我当前设置。

from luci-app-vssr.

jerrykuku avatar jerrykuku commented on August 12, 2024

/usr/bin/vssr-rules 应该在这里

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

/usr/bin/vssr-rules 应该在这里

那看起来要重新修改再编译了?

from luci-app-vssr.

jerrykuku avatar jerrykuku commented on August 12, 2024

你直接去修改这个文件即可

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

在这个文件中插入下面这个后:
flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
/usr/sbin/iptables-restore < /root/ipmt.fw
iptables -t nat -D PREROUTING 1
iptables -t nat -I PREROUTING 5 -p tcp -m comment --comment SS_SPEC_RULE -j SS_SPEC_WAN_AC
[ "$?" = 0 ] || loger 3 "Start failed!"
exit $?

重启,查询 NAT表后,总是被下面第一条替换,总是把新增的规则冲掉。

SS_SPEC_WAN_AC tcp -- anywhere anywhere /* SS_SPEC_RULE */

希望预期增加的规则:

iptables -t nat -I PREROUTING 1 -m mac --mac-source xx:xx:xx:xx -j SS_SPEC_WAN_AC
iptables -t nat -I PREROUTING 2 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 3 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 4 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 5 -p tcp -j DNAT --to 127.0.0.1:xxxxx

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

还请大神再给看看

from luci-app-vssr.

matthuo333 avatar matthuo333 commented on August 12, 2024

最后屏蔽了下面两条相关restore, 就OK了, 但是这两条的作用是?屏蔽了会有什么问题?
gen_include() {
[ -n "$FWI" ] || return 0
extract_rules() {
echo "*$1"
iptables-save -t $1 | grep SS_SPEC_ |
sed -e "s/^-A (OUTPUT|PREROUTING)/-I \1 1/"
echo 'COMMIT'
}
cat <<-EOF >>$FWI

iptables-save -c | grep -v "SS_SPEC" | iptables-restore -c

iptables-restore -n <<-EOT

    $(extract_rules nat)
    $(extract_rules mangle)
    EOT

EOF
return 0
}

from luci-app-vssr.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.