diff --git a/script/CMakeLists.txt b/script/CMakeLists.txt
index 7fbcde7..e1c4529 100644
--- a/script/CMakeLists.txt
+++ b/script/CMakeLists.txt
@@ -5,3 +5,4 @@ install(FILES sysctl/80-tfe.conf DESTINATION /etc/sysctl.d/ COMPONENT Profile)
 install(FILES tmpfiles/tfe.conf DESTINATION /usr/lib/tmpfiles.d/ COMPONENT Profile)
 install(FILES service/tfe-env-config DESTINATION /etc/sysconfig/ COMPONENT Profile)
 install(FILES shell/show_trust_certs_info.sh DESTINATION /opt/tsg/tfe/shell/ COMPONENT Program)
+install(FILES service/tfe-env-debug.sh DESTINATION /opt/tsg/tfe/shell/ COMPONENT Program)
\ No newline at end of file
diff --git a/script/service/tfe-env-debug.sh b/script/service/tfe-env-debug.sh
new file mode 100644
index 0000000..2750aee
--- /dev/null
+++ b/script/service/tfe-env-debug.sh
@@ -0,0 +1,181 @@
+#!/bin/bash
+
+eth=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_DEVICE_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_addr_v4=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_LOCAL_IP_DATA_INCOMING | awk -F '=' '{print $2}')
+peer_addr_v4=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_PEER_IP_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_mac=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_LOCAL_MAC_DATA_INCOMING | awk -F '=' '{print $2}')
+peer_mac=$(cat /etc/sysconfig/tfe-env-config | grep -v \# | grep TFE_PEER_MAC_DATA_INCOMING | awk -F '=' '{print $2}')
+
+local_addr_v6=fd00::02
+peer_addr_v6=fd00::01
+
+###########################################################
+# Start
+###########################################################
+
+function setup() {
+    # 配置网卡 MAC 并将网卡状态设置为 UP
+    ip link set ${eth} address ${local_mac}
+    ip link set ${eth} up
+
+    # 配置 Address 和 Netmask
+    ip addr flush dev ${eth}
+
+    ip addr add ${local_addr_v4}/30 dev ${eth}
+    ip addr add ${local_addr_v6}/64 dev ${eth}
+
+    # 回流的 IPv4/IPv6 流量分别走 table 100/102
+    ip -4 rule add iif ${eth} tab 100
+    ip -6 rule add iif ${eth} tab 102
+
+    ip -4 route add local default dev lo table 100
+    ip -6 route add local default dev lo table 102
+
+    # 回注的 IPv4 流量走 table 101
+    # 回注的 IPv6 流量走默认路由
+    ip rule add fwmark 0x65 lookup 101
+    ip -4 route add default dev ${eth} via ${peer_addr_v4} table 101
+    ip -6 route add default dev ${eth} via ${peer_addr_v6}
+
+    # 配置 ARP
+    ip neigh flush dev ${eth}
+
+    ip -4 neigh add ${peer_addr_v4} lladdr ${peer_mac} dev ${eth} nud permanent
+    ip -6 neigh add ${peer_addr_v6} lladdr ${peer_mac} dev ${eth} nud permanent
+
+    # 配置 iptables
+    iptables -A INPUT -i ${eth} -m bpf --bytecode '18,48 0 0 0,84 0 0 240,21 0 14 64,48 0 0 9,21 0 12 6,40 0 0 6,69 10 0 8191,177 0 0 0,80 0 0 12,84 0 0 240,116 0 0 2,53 0 5 24,80 0 0 20,21 0 3 88,80 0 0 21,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+    ip6tables -A INPUT -i ${eth} -m bpf --bytecode '17,48 0 0 0,84 0 0 240,21 0 13 96,48 0 0 6,21 0 11 6,40 0 0 4,37 0 9 24,48 0 0 52,84 0 0 240,116 0 0 2,53 0 5 24,48 0 0 60,21 0 3 88,48 0 0 61,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+}
+
+###########################################################
+# Stop
+###########################################################
+
+function setdown() {
+    # 删除 iptables
+    iptables -D INPUT -i ${eth} -m bpf --bytecode '18,48 0 0 0,84 0 0 240,21 0 14 64,48 0 0 9,21 0 12 6,40 0 0 6,69 10 0 8191,177 0 0 0,80 0 0 12,84 0 0 240,116 0 0 2,53 0 5 24,80 0 0 20,21 0 3 88,80 0 0 21,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+    ip6tables -D INPUT -i ${eth} -m bpf --bytecode '17,48 0 0 0,84 0 0 240,21 0 13 96,48 0 0 6,21 0 11 6,40 0 0 4,37 0 9 24,48 0 0 52,84 0 0 240,116 0 0 2,53 0 5 24,48 0 0 60,21 0 3 88,48 0 0 61,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
+
+    # 删除 ARP
+    ip -4 neigh del ${peer_addr_v4} lladdr ${peer_mac} dev ${eth} nud permanent # TODO NEW ADD
+    ip -6 neigh del ${peer_addr_v6} lladdr ${peer_mac} dev ${eth} nud permanent # TODO NEW ADD
+
+    # 删除回注的路由
+    ip rule del fwmark 0x65 lookup 101
+
+    ip -4 route del default dev ${eth} via ${peer_addr_v4} table 101
+    ip -6 route del default dev ${eth} via ${peer_addr_v6}
+
+    # 删除回流的路由
+    ip -4 rule del iif ${eth} tab 100
+    ip -6 rule del iif ${eth} tab 102
+
+    ip -4 route del local default dev lo table 100
+    ip -6 route del local default dev lo table 102
+
+    # 删除 IP Address 和 NetMask
+    ip addr del ${local_addr_v4}/30 dev ${eth} # TODO NEW ADD
+    ip addr del ${local_addr_v6}/64 dev ${eth}
+
+    # 将网卡状态设置为 DOWN
+    ip link set ${eth} down
+}
+
+###########################################################
+# Debug
+###########################################################
+
+function debug() {
+    printf "\e[32m --------------------------------------------- \e[0m\n"
+    printf "\e[32m Local Addr V4 : %s \e[0m\n" ${local_addr_v4}
+    printf "\e[32m Peer  Addr V4 : %s \e[0m\n" ${peer_addr_v4}
+    printf "\e[32m Local Addr V6 : %s \e[0m\n" ${local_addr_v6}
+    printf "\e[32m Peer  Addr V6 : %s \e[0m\n" ${peer_addr_v6}
+    printf "\e[32m Local MAC     : %s \e[0m\n" ${local_mac}
+    printf "\e[32m Peer  MAC     : %s \e[0m\n" ${peer_mac}
+    printf "\e[32m --------------------------------------------- \e[0m\n"
+
+    printf "\n\n\e[32m Run: ifconfig %s \e[0m\n" ${eth}
+    ifconfig ${eth}
+
+    printf "\n\n\e[32m Run: ethtool %s \e[0m\n" ${eth}
+    ethtool ${eth}
+
+    # 检查 ip rule
+    printf "\n\n\e[32m Run: ip -4 rule list table 100 \e[0m\n"
+    ip -4 rule list table 100
+
+    printf "\n\n\e[32m Run: ip -4 rule list table 101 \e[0m\n"
+    ip -4 rule list table 101
+
+    printf "\n\n\e[32m Run: ip -6 rule list table 102 \e[0m\n"
+    ip -6 rule list table 102
+
+    # 检查 ip route
+    printf "\n\n\e[32m Run: ip -4 route show table 100 \e[0m\n"
+    ip -4 route show table 100
+
+    printf "\n\n\e[32m Run: ip -4 route show table 101 \e[0m\n"
+    ip -4 route show table 101
+
+    printf "\n\n\e[32m Run: ip -6 route show table 102 \e[0m\n"
+    ip -6 route show table 102
+
+    printf "\n\n\e[32m Run: ip -6 route show default \e[0m\n"
+    ip -6 route show default
+
+    # 检查 ip neigh
+    printf "\n\n\e[32m Run: ip -4 neigh list dev %s \e[0m\n" ${eth}
+    ip -4 neigh list dev ${eth}
+
+    printf "\n\n\e[32m Run: ip -6 neigh list dev %s \e[0m\n" ${eth}
+    ip -6 neigh list dev ${eth}
+
+    # 检查 iptables
+    printf "\n\n\e[32m Run: iptables -t mangle -L \e[0m\n"
+    iptables -t mangle -L
+
+    printf "\n\n\e[32m Run: iptables -t filter -L \e[0m\n"
+    iptables -t filter -L
+
+    printf "\n\n\e[32m Run: iptables -t raw -L \e[0m\n"
+    iptables -t raw -L
+
+    printf "\n\n\e[32m Run: iptables -t nat -L \e[0m\n"
+    iptables -t nat -L
+
+    printf "\n\n\e[32m Run: ip6tables -t mangle -L \e[0m\n"
+    ip6tables -t mangle -L
+
+    printf "\n\n\e[32m Run: ip6tables -t filter -L \e[0m\n"
+    ip6tables -t filter -L
+
+    printf "\n\n\e[32m Run: ip6tables -t raw -L \e[0m\n"
+    ip6tables -t raw -L
+
+    printf "\n\n\e[32m Run: ip6tables -t nat -L \e[0m\n"
+    ip6tables -t nat -L
+}
+
+function usage() {
+    echo "Usage: $(basename $0) [setup|setdown|debug]"
+}
+
+option_setup="setup"
+option_setdown="setdown"
+option_debug="debug"
+
+option=$1
+
+if [ "$option" = "$option_setup" ]; then
+    setup
+elif [ "$option" = "$option_setdown" ]; then
+    setdown
+elif [ "$option" = "$option_debug" ]; then
+    debug
+else
+    usage
+fi
\ No newline at end of file