Comments (10)
这个文件在什么地方?
from luci-app-vssr.
在 /var/etc/
我的openwrt版本:
Linux MT-OP 3.14.29 #1 SMP Tue May 28 17:32:37 CST 2019 aarch64 GNU/Linux
from luci-app-vssr.
这个目录是在内存中的 重启后肯定会复位。
from luci-app-vssr.
这个目录是在内存中的 重启后肯定会复位。
哦,求大神告知如果修改此文件内容,是在哪里修改呢?
因为其中内容有条规则影响我当前设置。
from luci-app-vssr.
/usr/bin/vssr-rules 应该在这里
from luci-app-vssr.
/usr/bin/vssr-rules 应该在这里
那看起来要重新修改再编译了?
from luci-app-vssr.
你直接去修改这个文件即可
from luci-app-vssr.
在这个文件中插入下面这个后:
flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
/usr/sbin/iptables-restore < /root/ipmt.fw
iptables -t nat -D PREROUTING 1
iptables -t nat -I PREROUTING 5 -p tcp -m comment --comment SS_SPEC_RULE -j SS_SPEC_WAN_AC
[ "$?" = 0 ] || loger 3 "Start failed!"
exit $?
重启,查询 NAT表后,总是被下面第一条替换,总是把新增的规则冲掉。
SS_SPEC_WAN_AC tcp -- anywhere anywhere /* SS_SPEC_RULE */
希望预期增加的规则:
iptables -t nat -I PREROUTING 1 -m mac --mac-source xx:xx:xx:xx -j SS_SPEC_WAN_AC
iptables -t nat -I PREROUTING 2 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 3 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 4 -m mac --mac-source xx:xx:xx:xx -j ACCEPT
iptables -t nat -I PREROUTING 5 -p tcp -j DNAT --to 127.0.0.1:xxxxx
from luci-app-vssr.
还请大神再给看看
from luci-app-vssr.
最后屏蔽了下面两条相关restore, 就OK了, 但是这两条的作用是?屏蔽了会有什么问题?
gen_include() {
[ -n "$FWI" ] || return 0
extract_rules() {
echo "*$1"
iptables-save -t $1 | grep SS_SPEC_ |
sed -e "s/^-A (OUTPUT|PREROUTING)/-I \1 1/"
echo 'COMMIT'
}
cat <<-EOF >>$FWI
iptables-save -c | grep -v "SS_SPEC" | iptables-restore -c
iptables-restore -n <<-EOT
$(extract_rules nat)
$(extract_rules mangle)
EOT
EOF
return 0
}
from luci-app-vssr.
Related Issues (20)
- bug报告Unable to launch the requested CGI program HOT 1
- 22.03版本无法启动,提示“Can't redirect, please check the iptables” HOT 1
- 在openwrt/openwrt-22.03上编译完,界面点击helloworld出错 HOT 2
- 有计划支持vless的reality吗? HOT 3
- 1.25无法启动 HOT 2
- 【访问控制】中的【直连域名】【代理域名】修改后保存并应用不重启ss
- 无法使用,启动成功,链接不上vless的节点 HOT 5
- 最新版的xray-core1.8已不支持xtls-rprx-direct,导致启动失败 HOT 14
- 本地代理能不能加个独立的开关,就是基本设置那里不开启主服务器,也可以单独打开本地代理 HOT 1
- 添加服务器节点无法导入配置
- 为什么我安装之后服务器类型里面没有xray呢?谢谢
- 开启服务后被墙网站访问顺利,大陆网站确无法打开 HOT 1
- 大佬,什么时候修复下,那些问题啊
- openwrt上面键入需要代理的网站却不正常的走,某些域名无法被正常代理。 HOT 1
- 拨号只要开启ipv6就不能魔法联网了,我反复的测试过几次,只要拨号开启ipv6的就无法代理,关闭ipv6拨号就能正常代理了 HOT 1
- 为什么不能指定本地dns
- hello world太重了 HOT 1
- 能否增加wireguard类型节点
- 请问有编译遇到这个错误的吗,见下文,gcc_mipsx.S:27: Error: invalid operands `sw $18,12($29)'
- 这么好一个插件,作者没时间维护了
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from luci-app-vssr.