diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm
index cff1dbac6..1aa626cd5 100755
--- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm
+++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm
@@ -469,7 +469,7 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm
{
content += String.format('%s %s
','<%:ip address:%>', ipaddr);
}
- if(ip6addr !== '')
+ if(ip6addr !== '' && gateway6 != '')
{
content += String.format('%s %s
','<%:ipv6 address:%>', ip6addr);
}
@@ -477,7 +477,7 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm
{
content += String.format('%s %s
','<%:wan address:%>', wanip);
}
- if(wanip6 !== '' && gateway6 != '')
+ if(wanip6 !== '')
{
content += String.format('%s %s
','<%:wan ipv6 address:%>', wanip6);
}
diff --git a/shadowsocks-libev/files/shadowsocks-libev.init b/shadowsocks-libev/files/shadowsocks-libev.init
index 7c3056747..9e15c6241 100755
--- a/shadowsocks-libev/files/shadowsocks-libev.init
+++ b/shadowsocks-libev/files/shadowsocks-libev.init
@@ -1,6 +1,7 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2017-2019 Yousong Zhou
+# Copyright (C) 2019-2021 Ycarus (Yannick Chabanois) for OpenMPTCProuter
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
@@ -314,6 +315,10 @@ stop_service() {
rm -rf "$ss_confdir"
}
+reload_service() {
+ restart "$@"
+}
+
rules_exist() {
[ -n "$(iptables -t nat -L -n | grep ssr)" ] && return 0
return 1
diff --git a/shadowsocks-libev/files/ss-rules b/shadowsocks-libev/files/ss-rules
index 732d9d620..396de706d 100755
--- a/shadowsocks-libev/files/ss-rules
+++ b/shadowsocks-libev/files/ss-rules
@@ -1,7 +1,7 @@
#!/bin/sh -e
#
# Copyright (C) 2017 Yousong Zhou
-# Copyright (C) 2018 Ycarus (Yannick Chabanois)
+# Copyright (C) 2018-2021 Ycarus (Yannick Chabanois)
#
# The design idea was derived from ss-rules by Jian Chang
#
@@ -125,28 +125,28 @@ ss_rules_flush() {
iptables-save --counters | grep -v ssr_ | iptables-restore -w --counters
while ip rule del fwmark 1 lookup 100 2>/dev/null; do true; done
ip route flush table 100 || true
- for setname in $(ipset -n list | grep "ss_rules_"); do
+ for setname in $(ipset -n list | grep "ssr_${rule}"); do
ipset destroy "$setname" 2>/dev/null || true
done
}
ss_rules_ipset_init() {
ipset --exist restore <<-EOF
- create ss_rules_src_bypass hash:net hashsize 64
- create ss_rules_src_forward hash:net hashsize 64
- create ss_rules_src_checkdst hash:net hashsize 64
+ create ssr_${rule}_src_bypass hash:net hashsize 64
+ create ssr_${rule}_src_forward hash:net hashsize 64
+ create ssr_${rule}_src_checkdst hash:net hashsize 64
create ss_rules_dst_bypass_all hash:net hashsize 64
- create ss_rules_dst_bypass hash:net hashsize 64
- create ss_rules_dst_bypass_ hash:net hashsize 64
- create ss_rules_dst_forward hash:net hashsize 64
+ create ssr_${rule}_dst_bypass hash:net hashsize 64
+ create ssr_${rule}_dst_bypass_ hash:net hashsize 64
+ create ssr_${rule}_dst_forward hash:net hashsize 64
create ss_rules_dst_forward_recentrst_ hash:ip hashsize 64 timeout 3600
- $(ss_rules_ipset_mkadd ss_rules_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
+ $(ss_rules_ipset_mkadd ssr_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
$(ss_rules_ipset_mkadd ss_rules_dst_bypass_all "$o_dst_bypass_all")
- $(ss_rules_ipset_mkadd ss_rules_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
- $(ss_rules_ipset_mkadd ss_rules_src_bypass "$o_src_bypass")
- $(ss_rules_ipset_mkadd ss_rules_src_forward "$o_src_forward")
- $(ss_rules_ipset_mkadd ss_rules_src_checkdst "$o_src_checkdst")
- $(ss_rules_ipset_mkadd ss_rules_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
+ $(ss_rules_ipset_mkadd ssr_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
+ $(ss_rules_ipset_mkadd ssr_${rule}_src_bypass "$o_src_bypass")
+ $(ss_rules_ipset_mkadd ssr_${rule}_src_forward "$o_src_forward")
+ $(ss_rules_ipset_mkadd ssr_${rule}_src_checkdst "$o_src_checkdst")
+ $(ss_rules_ipset_mkadd ssr_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
EOF
}
@@ -187,18 +187,19 @@ ss_rules_iptchains_init_tcp() {
forward) local_target=ssr_${rule}_forward ;;
bypass|*) return 0;;
esac
-
- iptables-restore -w --noflush <<-EOF
- *nat
- :ssr_${rule}_local_out -
- -I OUTPUT 1 -p tcp -j ssr_${rule}_local_out
- -A ssr_${rule}_local_out -m set --match-set ss_rules_dst_bypass dst -j RETURN
- -A ssr_${rule}_local_out -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A ssr_${rule}_local_out -m set --match-set ss_rules_dst_bypass_ dst -j RETURN
- -A ssr_${rule}_local_out -m mark --mark 0x539 -j RETURN
- -A ssr_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default"
- COMMIT
- EOF
+ if [ "$(iptables -t nat -L ssr_${rule}_local_out | grep ssr_${rule}_dst_bypass)" = "" ]; then
+ iptables-restore -w --noflush <<-EOF
+ *nat
+ :ssr_${rule}_local_out -
+ -I OUTPUT 1 -p tcp -j ssr_${rule}_local_out
+ -A ssr_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
+ -A ssr_${rule}_local_out -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
+ -A ssr_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN
+ -A ssr_${rule}_local_out -m mark --mark 0x539 -j RETURN
+ -A ssr_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default"
+ COMMIT
+ EOF
+ fi
}
ss_rules_iptchains_init_udp() {
@@ -250,19 +251,19 @@ ss_rules_iptchains_init_() {
:ssr_${rule}_dst -
:ssr_${rule}_forward -
$(ss_rules_iptchains_mkprerules "$proto")
- -A ssr_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_ dst -j RETURN
+ -A ssr_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN
-A ssr_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j MARK --set-mark 0x539
-A ssr_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A ssr_${rule}_pre_src -m set --match-set ss_rules_dst_bypass dst -j RETURN
+ -A ssr_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
-A ssr_${rule}_pre_src -m mark --mark 0x539 -j RETURN
-A ssr_${rule}_dst -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A ssr_${rule}_dst -m set --match-set ss_rules_dst_bypass dst -j RETURN
+ -A ssr_${rule}_dst -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
-A ssr_${rule}_pre_src -p $proto $o_ipt_extra -j ssr_${rule}_src
- -A ssr_${rule}_src -m set --match-set ss_rules_src_bypass src -j RETURN
- -A ssr_${rule}_src -m set --match-set ss_rules_src_forward src -j ssr_${rule}_forward
- -A ssr_${rule}_src -m set --match-set ss_rules_src_checkdst src -j ssr_${rule}_dst
+ -A ssr_${rule}_src -m set --match-set ssr_${rule}_src_bypass src -j RETURN
+ -A ssr_${rule}_src -m set --match-set ssr_${rule}_src_forward src -j ssr_${rule}_forward
+ -A ssr_${rule}_src -m set --match-set ssr_${rule}_src_checkdst src -j ssr_${rule}_dst
-A ssr_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default"
- -A ssr_${rule}_dst -m set --match-set ss_rules_dst_forward dst -j ssr_${rule}_forward
+ -A ssr_${rule}_dst -m set --match-set ssr_${rule}_dst_forward dst -j ssr_${rule}_forward
$recentrst_addset_rules
-A ssr_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default"
$forward_rules
diff --git a/shadowsocks-libev/files/ss-rules6 b/shadowsocks-libev/files/ss-rules6
index 1c25b43bf..84d04beb5 100755
--- a/shadowsocks-libev/files/ss-rules6
+++ b/shadowsocks-libev/files/ss-rules6
@@ -1,7 +1,7 @@
#!/bin/sh -e
#
# Copyright (C) 2017 Yousong Zhou
-# Copyright (C) 2018 Ycarus (Yannick Chabanois)
+# Copyright (C) 2018-2021 Ycarus (Yannick Chabanois)
#
# The design idea was derived from ss-rules by Jian Chang
#
@@ -108,28 +108,28 @@ ss_rules6_flush() {
ip6tables-save --counters | grep -v ssr6_ | ip6tables-restore -w --counters
while ip -f inet6 rule del fwmark 1 lookup 100 2>/dev/null; do true; done
ip -f inet6 route flush table 100 || true
- for setname in $(ipset -n list | grep "ss_rules6_"); do
+ for setname in $(ipset -n list | grep "ssr6_${rule}"); do
ipset destroy "$setname" 2>/dev/null || true
done
}
ss_rules6_ipset_init() {
ipset --exist restore <<-EOF
- create ss_rules6_src_bypass hash:net family inet6 hashsize 64
- create ss_rules6_src_forward hash:net family inet6 hashsize 64
- create ss_rules6_src_checkdst hash:net family inet6 hashsize 64
- create ss_rules6_dst_bypass hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_bypass hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_forward hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_checkdst hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_bypass hash:net family inet6 hashsize 64
create ss_rules6_dst_bypass_all hash:net family inet6 hashsize 64
- create ss_rules6_dst_bypass_ hash:net family inet6 hashsize 64
- create ss_rules6_dst_forward hash:net family inet6 hashsize 64
- create ss_rules6_dst_forward_recrst_ hash:ip family inet6 hashsize 64 timeout 3600
- $(ss_rules6_ipset_mkadd ss_rules6_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
+ create ssr6_${rule}_dst_bypass_ hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_forward hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_forward_recrst_ hash:ip family inet6 hashsize 64 timeout 3600
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
$(ss_rules6_ipset_mkadd ss_rules6_dst_bypass_all "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
- $(ss_rules6_ipset_mkadd ss_rules6_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
- $(ss_rules6_ipset_mkadd ss_rules6_src_bypass "$o_src_bypass")
- $(ss_rules6_ipset_mkadd ss_rules6_src_forward "$o_src_forward")
- $(ss_rules6_ipset_mkadd ss_rules6_src_checkdst "$o_src_checkdst")
- $(ss_rules6_ipset_mkadd ss_rules6_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_src_bypass "$o_src_bypass")
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_src_forward "$o_src_forward")
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_src_checkdst "$o_src_checkdst")
+ $(ss_rules6_ipset_mkadd ssr6_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
EOF
}
@@ -174,9 +174,9 @@ ss_rules6_iptchains_init_tcp() {
*nat
:ssr6_${rule}_local_out -
-I OUTPUT 1 -p tcp -j ssr6_${rule}_local_out
- -A ssr6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass dst -j RETURN
- -A ssr6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN
- -A ssr6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass_ dst -j RETURN
+ -A ssr6_${rule}_local_out -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN
+ -A ssr6_${rule}_local_out -m set --match-set ssr6_${rule}_dst_bypass_all dst -j RETURN
+ -A ssr6_${rule}_local_out -m set --match-set ssr6_${rule}_dst_bypass_ dst -j RETURN
-A ssr6_${rule}_local_out -m mark --mark 0x6539 -j RETURN
-A ssr6_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default"
COMMIT
@@ -232,19 +232,19 @@ ss_rules6_iptchains_init_() {
:ssr6_${rule}_dst -
:ssr6_${rule}_forward -
$(ss_rules6_iptchains_mkprerules "$proto")
- -A ssr6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_ dst -j RETURN
+ -A ssr6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass_ dst -j RETURN
-A ssr6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j MARK --set-mark 0x6539
-A ssr6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN
- -A ssr6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass dst -j RETURN
+ -A ssr6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN
-A ssr6_${rule}_pre_src -m mark --mark 0x6539 -j RETURN
-A ssr6_${rule}_dst -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN
- -A ssr6_${rule}_dst -m set --match-set ss_rules6_dst_bypass dst -j RETURN
+ -A ssr6_${rule}_dst -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN
-A ssr6_${rule}_pre_src -p $proto $o_ipt_extra -j ssr6_${rule}_src
- -A ssr6_${rule}_src -m set --match-set ss_rules6_src_bypass src -j RETURN
- -A ssr6_${rule}_src -m set --match-set ss_rules6_src_forward src -j ssr6_${rule}_forward
- -A ssr6_${rule}_src -m set --match-set ss_rules6_src_checkdst src -j ssr6_${rule}_dst
+ -A ssr6_${rule}_src -m set --match-set ssr6_${rule}_src_bypass src -j RETURN
+ -A ssr6_${rule}_src -m set --match-set ssr6_${rule}_src_forward src -j ssr6_${rule}_forward
+ -A ssr6_${rule}_src -m set --match-set ssr6_${rule}_src_checkdst src -j ssr6_${rule}_dst
-A ssr6_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default"
- -A ssr6_${rule}_dst -m set --match-set ss_rules6_dst_forward dst -j ssr6_${rule}_forward
+ -A ssr6_${rule}_dst -m set --match-set ssr6_${rule}_dst_forward dst -j ssr6_${rule}_forward
$recentrst_addset_rules
-A ssr6_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default"
$forward_rules
diff --git a/v2ray-core/files/usr/bin/v2ray-rules b/v2ray-core/files/usr/bin/v2ray-rules
index 2d6642274..a43b19be7 100755
--- a/v2ray-core/files/usr/bin/v2ray-rules
+++ b/v2ray-core/files/usr/bin/v2ray-rules
@@ -125,28 +125,28 @@ v2r_rules_flush() {
iptables-save --counters | grep -v v2r_ | iptables-restore -w --counters
while ip rule del fwmark 1 lookup 100 2>/dev/null; do true; done
ip route flush table 100 || true
- for setname in $(ipset -n list | grep "ss_rules_"); do
+ for setname in $(ipset -n list | grep "ssr_${rule}"); do
ipset destroy "$setname" 2>/dev/null || true
done
}
v2r_rules_ipset_init() {
ipset --exist restore <<-EOF
- create ss_rules_src_bypass hash:net hashsize 64
- create ss_rules_src_forward hash:net hashsize 64
- create ss_rules_src_checkdst hash:net hashsize 64
+ create ssr_${rule}_src_bypass hash:net hashsize 64
+ create ssr_${rule}_src_forward hash:net hashsize 64
+ create ssr_${rule}_src_checkdst hash:net hashsize 64
create ss_rules_dst_bypass_all hash:net hashsize 64
- create ss_rules_dst_bypass hash:net hashsize 64
- create ss_rules_dst_bypass_ hash:net hashsize 64
- create ss_rules_dst_forward hash:net hashsize 64
+ create ssr_${rule}_dst_bypass hash:net hashsize 64
+ create ssr_${rule}_dst_bypass_ hash:net hashsize 64
+ create ssr_${rule}_dst_forward hash:net hashsize 64
create ss_rules_dst_forward_recentrst_ hash:ip hashsize 64 timeout 3600
- $(v2r_rules_ipset_mkadd ss_rules_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
$(v2r_rules_ipset_mkadd ss_rules_dst_bypass_all "$o_dst_bypass_all")
- $(v2r_rules_ipset_mkadd ss_rules_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
- $(v2r_rules_ipset_mkadd ss_rules_src_bypass "$o_src_bypass")
- $(v2r_rules_ipset_mkadd ss_rules_src_forward "$o_src_forward")
- $(v2r_rules_ipset_mkadd ss_rules_src_checkdst "$o_src_checkdst")
- $(v2r_rules_ipset_mkadd ss_rules_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_src_bypass "$o_src_bypass")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_src_forward "$o_src_forward")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_src_checkdst "$o_src_checkdst")
+ $(v2r_rules_ipset_mkadd ssr_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')")
EOF
}
@@ -192,9 +192,9 @@ v2r_rules_iptchains_init_tcp() {
*nat
:v2r_${rule}_local_out -
-I OUTPUT 1 -p tcp -j v2r_${rule}_local_out
- -A v2r_${rule}_local_out -m set --match-set ss_rules_dst_bypass dst -j RETURN
+ -A v2r_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
-A v2r_${rule}_local_out -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A v2r_${rule}_local_out -m set --match-set ss_rules_dst_bypass_ dst -j RETURN
+ -A v2r_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN
-A v2r_${rule}_local_out -m mark --mark 0x539 -j RETURN
-A v2r_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default"
COMMIT
@@ -250,19 +250,19 @@ v2r_rules_iptchains_init_() {
:v2r_${rule}_dst -
:v2r_${rule}_forward -
$(v2r_rules_iptchains_mkprerules "$proto")
- -A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_ dst -j RETURN
+ -A v2r_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN
-A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j MARK --set-mark 0x539
-A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass dst -j RETURN
+ -A v2r_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
-A v2r_${rule}_pre_src -m mark --mark 0x539 -j RETURN
-A v2r_${rule}_dst -m set --match-set ss_rules_dst_bypass_all dst -j RETURN
- -A v2r_${rule}_dst -m set --match-set ss_rules_dst_bypass dst -j RETURN
+ -A v2r_${rule}_dst -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN
-A v2r_${rule}_pre_src -p $proto $o_ipt_extra -j v2r_${rule}_src
- -A v2r_${rule}_src -m set --match-set ss_rules_src_bypass src -j RETURN
- -A v2r_${rule}_src -m set --match-set ss_rules_src_forward src -j v2r_${rule}_forward
- -A v2r_${rule}_src -m set --match-set ss_rules_src_checkdst src -j v2r_${rule}_dst
+ -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_bypass src -j RETURN
+ -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_forward src -j v2r_${rule}_forward
+ -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_checkdst src -j v2r_${rule}_dst
-A v2r_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default"
- -A v2r_${rule}_dst -m set --match-set ss_rules_dst_forward dst -j v2r_${rule}_forward
+ -A v2r_${rule}_dst -m set --match-set ssr_${rule}_dst_forward dst -j v2r_${rule}_forward
$recentrst_addset_rules
-A v2r_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default"
$forward_rules
diff --git a/v2ray-core/files/usr/bin/v2ray-rules6 b/v2ray-core/files/usr/bin/v2ray-rules6
index 14f51e5dd..b05c70c59 100755
--- a/v2ray-core/files/usr/bin/v2ray-rules6
+++ b/v2ray-core/files/usr/bin/v2ray-rules6
@@ -108,28 +108,28 @@ v2ray_rules6_flush() {
ip6tables-save --counters | grep -v v2r6_ | ip6tables-restore -w --counters
while ip -f inet6 rule del fwmark 1 lookup 100 2>/dev/null; do true; done
ip -f inet6 route flush table 100 || true
- for setname in $(ipset -n list | grep "ss_rules6_"); do
+ for setname in $(ipset -n list | grep "ssr6_${rule}"); do
ipset destroy "$setname" 2>/dev/null || true
done
}
v2ray_rules6_ipset_init() {
ipset --exist restore <<-EOF
- create ss_rules6_src_bypass hash:net family inet6 hashsize 64
- create ss_rules6_src_forward hash:net family inet6 hashsize 64
- create ss_rules6_src_checkdst hash:net family inet6 hashsize 64
- create ss_rules6_dst_bypass hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_bypass hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_forward hash:net family inet6 hashsize 64
+ create ssr6_${rule}_src_checkdst hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_bypass hash:net family inet6 hashsize 64
create ss_rules6_dst_bypass_all hash:net family inet6 hashsize 64
- create ss_rules6_dst_bypass_ hash:net family inet6 hashsize 64
- create ss_rules6_dst_forward hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_bypass_ hash:net family inet6 hashsize 64
+ create ssr6_${rule}_dst_forward hash:net family inet6 hashsize 64
create ss_rules6_dst_forward_recrst_ hash:ip family inet6 hashsize 64 timeout 3600
- $(v2ray_rules6_ipset_mkadd ss_rules6_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers")
$(v2ray_rules6_ipset_mkadd ss_rules6_dst_bypass_all "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
- $(v2ray_rules6_ipset_mkadd ss_rules6_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
- $(v2ray_rules6_ipset_mkadd ss_rules6_src_bypass "$o_src_bypass")
- $(v2ray_rules6_ipset_mkadd ss_rules6_src_forward "$o_src_forward")
- $(v2ray_rules6_ipset_mkadd ss_rules6_src_checkdst "$o_src_checkdst")
- $(v2ray_rules6_ipset_mkadd ss_rules6_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_bypass "$o_src_bypass")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_forward "$o_src_forward")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_checkdst "$o_src_checkdst")
+ $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')")
EOF
}
@@ -240,20 +240,20 @@ v2ray_rules6_iptchains_init_() {
:v2r6_${rule}_forward -
$(v2ray_rules6_iptchains_mkprerules "udp")
$(v2ray_rules6_iptchains_mkprerules "tcp")
- -A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_ dst -j RETURN
+ -A v2r6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass_ dst -j RETURN
-A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j MARK --set-mark 0x6539
-A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN
- -A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass dst -j RETURN
+ -A v2r6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN
-A v2r6_${rule}_pre_src -m mark --mark 0x6539 -j RETURN
-A v2r6_${rule}_dst -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN
- -A v2r6_${rule}_dst -m set --match-set ss_rules6_dst_bypass dst -j RETURN
+ -A v2r6_${rule}_dst -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN
-A v2r6_${rule}_pre_src -p tcp $o_ipt_extra -j v2r6_${rule}_src
-A v2r6_${rule}_pre_src -p udp $o_ipt_extra -j v2r6_${rule}_src
- -A v2r6_${rule}_src -m set --match-set ss_rules6_src_bypass src -j RETURN
- -A v2r6_${rule}_src -m set --match-set ss_rules6_src_forward src -j v2r6_${rule}_forward
- -A v2r6_${rule}_src -m set --match-set ss_rules6_src_checkdst src -j v2r6_${rule}_dst
+ -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_bypass src -j RETURN
+ -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_forward src -j v2r6_${rule}_forward
+ -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_checkdst src -j v2r6_${rule}_dst
-A v2r6_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default"
- -A v2r6_${rule}_dst -m set --match-set ss_rules6_dst_forward dst -j v2r6_${rule}_forward
+ -A v2r6_${rule}_dst -m set --match-set ssr6_${rule}_dst_forward dst -j v2r6_${rule}_forward
$recentrst_addset_rules
-A v2r6_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default"
$forward_rules