mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Remove not needed iptables-save output
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
25cdf439ca
commit
ca45d952c2
11 changed files with 40 additions and 39 deletions
|
|
@ -1,2 +1,2 @@
|
|||
#!/bin/sh
|
||||
[ -z "$(pgrep -f omr-bypass)" ] && /etc/init.d/omr-bypass reload_rules
|
||||
[ -z "$(pgrep -f omr-bypass)" ] && logger -t "firewall.omr-bypass" "reloal omr-bypass rules" && /etc/init.d/omr-bypass reload_rules
|
||||
|
|
|
|||
|
|
@ -425,7 +425,7 @@ _bypass_proto() {
|
|||
_intf_rule_ss_rules() {
|
||||
rule_name=$1
|
||||
[ "$rule_name" = "ss_rules" ] && rule_name="def"
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_dst)" != "" ] && [ "$(iptables-save | grep ssr_${rule_name}_dst | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_dst)" != "" ] && [ "$(iptables-save 2>/dev/null | grep ssr_${rule_name}_dst | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I ssr_${rule_name}_dst 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -433,7 +433,7 @@ _intf_rule_ss_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_local_out)" != "" ] && [ "$(iptables-save | grep ssr_${rule_name}_local_out | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_local_out)" != "" ] && [ "$(iptables-save 2>/dev/null | grep ssr_${rule_name}_local_out | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I ssr_${rule_name}_local_out 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -441,7 +441,7 @@ _intf_rule_ss_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_pre_src)" != "" ] && [ "$(iptables-save | grep ssr_${rule_name}_pre_src | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep ssr_${rule_name}_pre_src)" != "" ] && [ "$(iptables-save 2>/dev/null | grep ssr_${rule_name}_pre_src | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I ssr_${rule_name}_pre_src 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -457,7 +457,7 @@ _intf_rule_ss_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(ip6tables --wait=40 -t nat -L -n | grep ssr6_${rule_name}_pre_src)" != "" ] && [ "$(ip6tables-save | grep ssr6 | grep omr6_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(ip6tables --wait=40 -t nat -L -n | grep ssr6_${rule_name}_pre_src)" != "" ] && [ "$(ip6tables-save 2>/dev/null | grep ssr6 | grep omr6_dst_bypass_$intf)" = "" ]; then
|
||||
ip6tables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I ssr6_${rule_name}_dst 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count
|
||||
|
|
@ -476,7 +476,7 @@ _intf_rule_v2ray_rules() {
|
|||
#rule_name=$1
|
||||
#[ "$rule_name" = "ss_rules" ] && rule_name="def"
|
||||
rule_name="def"
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_dst)" != "" ] && [ "$(iptables-save | grep v2r_${rule_name}_dst | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_dst)" != "" ] && [ "$(iptables-save 2>/dev/null | grep v2r_${rule_name}_dst | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I v2r_${rule_name}_dst 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -484,7 +484,7 @@ _intf_rule_v2ray_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_local_out)" != "" ] && [ "$(iptables-save | grep v2r_${rule_name}_local_out | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_local_out)" != "" ] && [ "$(iptables-save 2>/dev/null | grep v2r_${rule_name}_local_out | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I v2r_${rule_name}_local_out 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -492,7 +492,7 @@ _intf_rule_v2ray_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_pre_src)" != "" ] && [ "$(iptables-save | grep v2r_${rule_name}_pre_src | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables --wait=40 -t nat -L -n | grep v2r_${rule_name}_pre_src)" != "" ] && [ "$(iptables-save 2</dev/null | grep v2r_${rule_name}_pre_src | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I v2r_${rule_name}_pre_src 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -510,7 +510,7 @@ _intf_rule_v2ray_rules() {
|
|||
COMMIT
|
||||
EOF
|
||||
fi
|
||||
if [ "$(ip6tables --wait=40 -t nat -L -n | grep v2r6_${rule_name}_pre_src)" != "" ] && [ "$(ip6tables-save | grep v2r6 | grep omr6_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(ip6tables --wait=40 -t nat -L -n | grep v2r6_${rule_name}_pre_src)" != "" ] && [ "$(ip6tables-save 2>/dev/null | grep v2r6 | grep omr6_dst_bypass_$intf)" = "" ]; then
|
||||
ip6tables-restore -w --wait=60 --noflush <<-EOF
|
||||
*nat
|
||||
-I v2r6_${rule_name}_dst 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count
|
||||
|
|
@ -567,7 +567,7 @@ _intf_rule() {
|
|||
ip -6 rule add prio 1 fwmark 0x6539$count lookup 6$count pref 1 > /dev/null 2>&1
|
||||
fi
|
||||
}
|
||||
if [ "$(iptables-save | grep omr-bypass | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
if [ "$(iptables-save 2>/dev/null | grep omr-bypass | grep omr_dst_bypass_$intf)" = "" ]; then
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*mangle
|
||||
-I omr-bypass 1 -m set --match-set omr_dst_bypass_$intf dst -j MARK --set-mark 0x539$count
|
||||
|
|
@ -725,7 +725,7 @@ start_service() {
|
|||
create omr6_dst_bypass_all hash:net family inet6 hashsize 64
|
||||
EOF
|
||||
}
|
||||
iptables-save --counters | grep -v omr-bypass | iptables-restore -w --counters
|
||||
iptables-save --counters 2>/dev/null | grep -v omr-bypass | iptables-restore -w --counters 2>/dev/null
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*mangle
|
||||
:omr-bypass -
|
||||
|
|
@ -739,7 +739,7 @@ start_service() {
|
|||
COMMIT
|
||||
EOF
|
||||
if [ "$disableipv6" = "0" ]; then
|
||||
ip6tables-save --counters | grep -v omr-bypass6 | ip6tables-restore -w --counters
|
||||
ip6tables-save --counters 2>/dev/null | grep -v omr-bypass6 | ip6tables-restore -w --counters 2>/dev/null
|
||||
ip6tables-restore -w --wait=60 --noflush <<-EOF
|
||||
*mangle
|
||||
:omr-bypass6 -
|
||||
|
|
@ -805,7 +805,7 @@ start_service() {
|
|||
config_foreach _ss_rules_config
|
||||
_v2ray_rules_config
|
||||
|
||||
iptables-save --counters | grep -v omr-bypass-dpi | iptables-restore -w --counters
|
||||
iptables-save --counters 2>/dev/null | grep -v omr-bypass-dpi | iptables-restore -w --counters 2>/dev/null
|
||||
iptables-restore -w --wait=60 --noflush <<-EOF
|
||||
*mangle
|
||||
:omr-bypass-dpi -
|
||||
|
|
@ -814,7 +814,7 @@ start_service() {
|
|||
COMMIT
|
||||
EOF
|
||||
if [ "$disableipv6" = "0" ]; then
|
||||
ip6tables-save --counters | grep -v omr-bypass6-dpi | ip6tables-restore -w --counters
|
||||
ip6tables-save --counters | grep -v omr-bypass6-dpi | ip6tables-restore -w --counters 2>/dev/null
|
||||
ip6tables-restore -w --wait=60 --noflush <<-EOF
|
||||
*mangle
|
||||
:omr-bypass6-dpi -
|
||||
|
|
@ -839,10 +839,10 @@ start_service() {
|
|||
}
|
||||
|
||||
stop_service() {
|
||||
iptables-save --counters | grep -v omr-bypass | iptables-restore -w --counters
|
||||
iptables-save --counters | grep -v omr_dst | iptables-restore -w --counters
|
||||
ip6tables-save --counters | grep -v omr-bypass6 | ip6tables-restore -w --counters
|
||||
ip6tables-save --counters | grep -v omr6_dst | ip6tables-restore -w --counters
|
||||
iptables-save --counters 2>/dev/null | grep -v omr-bypass | iptables-restore -w --counters 2>/dev/null
|
||||
iptables-save --counters 2>/dev/null | grep -v omr_dst | iptables-restore -w --counters 2>/dev/null
|
||||
ip6tables-save --counters 2>/dev/null | grep -v omr-bypass6 | ip6tables-restore -w --counters 2>/dev/null
|
||||
ip6tables-save --counters 2>/dev/null | grep -v omr6_dst | ip6tables-restore -w --counters 2>/dev/null
|
||||
for setname in $(ipset -n list | grep "omr_"); do
|
||||
ipset -q destroy "$setname" 2>/dev/null || true
|
||||
done
|
||||
|
|
@ -853,6 +853,7 @@ service_triggers() {
|
|||
}
|
||||
|
||||
reload_service() {
|
||||
RELOAD=1
|
||||
start
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue