mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

No more wildcard mark check for bypass

Browse source
This commit is contained in:
Ycarus 2018-10-15 15:11:04 +02:00
parent ba685393b4
commit 69f657dbc7
4 changed files with 27 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

16
luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua
View file

@ -6,7 +6,7 @@ local sys = require "luci.sys"
local net = require "luci.model.network".init()
local ifaces = net:get_interfaces() or { net:get_interface() }
m = Map("omr-bypass", translate("Bypass"))
m = Map("omr-bypass", translate("Bypass"), translate("Here you can bypass ShadowSocks and VPN. If you set Interface to Default this use any working interface."))
s = m:section(TypedSection, "domains", translate("Domains"))
s.addremove = true
@ -60,13 +60,15 @@ ifp.rmempty = true
ifd.default = "all"
ifi.default = "all"
ifp.default = "all"
ifd:value("all",translate("Master interface"))
ifi:value("all",translate("Master interface"))
ifp:value("all",translate("Master interface"))
ifd:value("all",translate("Default"))
ifi:value("all",translate("Default"))
ifp:value("all",translate("Default"))
for _, iface in ipairs(ifaces) do
ifd:value(iface:name(),"%s" % iface:name())
ifi:value(iface:name(),"%s" % iface:name())
ifp:value(iface:name(),"%s" % iface:name())
if iface:is_up() then
ifd:value(iface:name(),"%s" % iface:name())
ifi:value(iface:name(),"%s" % iface:name())
ifp:value(iface:name(),"%s" % iface:name())
end
end
return m

17
luci-app-omr-bypass/root/etc/init.d/omr-bypass
View file

@ -65,6 +65,7 @@ _intf_rule() {
local mode
config_get mode $1 multipath "off"
[ "$mode" = "off" ] && return
[ "$(echo $1 | grep _dev)" != "" ] && return
ipset -q flush ss_rules_dst_bypass_$intf > /dev/null 2>&1
ipset -q flush ss_rules6_dst_bypass_$intf > /dev/null 2>&1
ipset -q --exist restore <<-EOF
@ -79,6 +80,14 @@ _intf_rule() {
-A PREROUTING -m set --match-set ss_rules_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
COMMIT
EOF
if [ "$(iptables -w 40 -t nat -L | grep ss_rules_pre_src)" != "" ]; then
iptables-restore --wait=60 --noflush <<-EOF
*nat
-I ss_rules_pre_src 1 -m mark --mark 0x539$count -j RETURN
-I ss_rules_local_out 1 -m mark --mark 0x539$count -j RETURN
COMMIT
EOF
fi
fi
if [ "$(ip6tables -w 40 -t mangle -L | grep ss_rules6_dst_bypass_$intf)" = "" ]; then
ip6tables-restore --wait=60 --noflush <<-EOF
@ -86,6 +95,14 @@ _intf_rule() {
-A PREROUTING -m set --match-set ss_rules6_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
COMMIT
EOF
if [ "$(ip6tables -w 40 -t nat -L | grep ss_rules6_pre_src)" != "" ]; then
iptables-restore --wait=60 --noflush <<-EOF
*nat
-I ss_rules6_pre_src 1 -m mark --mark 0x539$count -j RETURN
-I ss_rules6_local_out 1 -m mark --mark 0x539$count -j RETURN
COMMIT
EOF
fi
fi
uci -q set omr-bypass.$intf=interface
uci -q set omr-bypass.$intf.id=$count