gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

20180710:

Browse Source 
1、将IP_ENTRY改为TCPALL_ENTRY
2、将iptables规则在脚本中设置,不再代码中设置;
This commit is contained in:
liuyang
2018-07-10 09:32:18 +08:00
parent cb19b06b03
commit e7bf4a2001
6 changed files with 978 additions and 805 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
bin/kni_set_cmd
View File

@@ -6,19 +6,6 @@
#ifconfig tun0 up
echo 1 > /proc/sys/net/ipv4/ip_forward
#route add default dev tun0
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
ip rule add fwmark 1 lookup 100
#ip route add local 0.0.0.0/0 dev tun0 table 100
ip route add local 0.0.0.0/0 dev lo table 100
#iptables -t mangle -A PREROUTING -p tcp -i tun0 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 50080
ethtool -K p7p1 lro off
ethtool -K p7p1 tso off
@@ -28,3 +15,18 @@ ethtool -K em2 lro off
ethtool -K em2 tso off
ethtool -K em2 gro off
ip tuntap add dev tun0 mode tun multi_queue
ifconfig tun0 up
route add default dev tun0
iptables -F -t mangle
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
ip rule add fwmark 1 lookup 100
#ip route add local 0.0.0.0/0 dev tun0 table 100
ip route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -A PREROUTING -p tcp -i tun0 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 50080