Fix block from lan

2025-03-09 15:40:03 +00:00 · 2021-06-17 12:30:16 +02:00 · 2021-06-17 12:30:16 +02:00 · 5e058118c8
commit 5e058118c8
parent 240076b993
6 changed files with 34 additions and 37 deletions
--- a/v2ray-core/files/usr/bin/v2ray-rules
+++ b/v2ray-core/files/usr/bin/v2ray-rules
@ -284,17 +284,22 @@ v2r_rules_iptchains_mkprerules() {
 }

 v2r_rules_fw_drop() {
-	fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) printf "%s ",$i }' |
+	fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
 	while IFS=$"\n" read -r c; do
-		iptables -t nat -A zone_lan_prerouting $(echo $c | sed 's/reject/REDIRECT --to-ports 65535/') 2>&1 >/dev/null
+		fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
+		if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
+			eval "iptables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
+		fi
 	done
-	fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) printf "%s ",$i }' |
+	fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
 	while IFS=$"\n" read -r c; do
-		iptables -t nat -A zone_lan_prerouting $(echo $c | sed 's/drop/REDIRECT --to-ports 65535/') 2>&1 >/dev/null
+		fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/')
+		if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
+			eval "iptables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
+		fi
 	done
 }

-
 v2r_rules_parse_args "$@"
 #v2r_rules_flush
 v2r_rules_ipset_init