From d2b2adfefc790bbd4ece80a465bd5eaab609dd6f Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 24 Mar 2020 19:57:29 +0100
Subject: [PATCH] Fixes for shadowsocks rules

---
 .../files/shadowsocks-libev.init              | 57 ++++++++++---------
 shadowsocks-libev/files/ss-rules              |  2 +-
 shadowsocks-libev/files/ss-rules6             |  2 +-
 3 files changed, 31 insertions(+), 30 deletions(-)

diff --git a/shadowsocks-libev/files/shadowsocks-libev.init b/shadowsocks-libev/files/shadowsocks-libev.init
index 7a8fa9efa..a40312443 100644
--- a/shadowsocks-libev/files/shadowsocks-libev.init
+++ b/shadowsocks-libev/files/shadowsocks-libev.init
@@ -185,8 +185,10 @@ ss_rules() {
 			all_ss_redir_ports=$min_ss_redir_ports
 		fi
 		local_port_tcp="$all_ss_redir_ports"
+		#local_port_udp="$all_ss_redir_ports"
 		eval local_port_udp="\$ss_rules_redir_udp_$redir_udp"
 		local_port_tcp6="$all_ss_redir_ports"
+		#local_port_udp6="$all_ss_redir_ports"
 		eval local_port_udp6="\$ss_rules6_redir_udp_$redir_udp"
 	else
 		eval local_port_tcp="\$ss_rules_redir_tcp_$redir_tcp"
@@ -217,20 +219,20 @@ ss_rules() {
 ss_rules_call() {
 	"$bin" "$@" \
 			-s "$ss_redir_servers4" \
-			-l "$local_port_tcp" \
-			-L "$local_port_udp" \
-			--src-default "$src_default" \
-			--dst-default "$dst_default" \
-			--local-default "$local_default" \
-			--dst-bypass-file "$dst_ips_bypass_file" \
-			--dst-forward-file "$dst_ips_forward_file" \
-			--dst-bypass "$dst_ips_bypass4" \
-			--dst-forward "$dst_ips_forward4" \
-			--src-bypass "$src_ips_bypass4" \
-			--src-forward "$src_ips_forward4" \
-			--src-checkdst "$src_ips_checkdst4" \
-			--ifnames "$ifnames" \
-			--ipt-extra "$ipt_args" \
+			${local_port_tcp:+-l "$local_port_tcp"} \
+			${local_port_udp:+-L "$local_port_udp"} \
+			${src_default:+--src-default "$src_default"} \
+			${dst_default:+--dst-default "$dst_default"} \
+			${local_default:+--local-default "$local_default"} \
+			${dst_ips_bypass_file:+--dst-bypass-file "$dst_ips_bypass_file"} \
+			${dst_ips_forward_file:+--dst-forward-file "$dst_ips_forward_file"} \
+			${dst_ips_bypass4:+--dst-bypass "$dst_ips_bypass4"} \
+			${dst_ips_forward4:+--dst-forward "$dst_ips_forward4"} \
+			${src_ips_bypass4:+--src-bypass "$src_ips_bypass4"} \
+			${src_ips_forward4:+--src-forward "$src_ips_forward4"} \
+			${src_ips_checkdst4:+--src-checkdst "$src_ips_checkdst4"} \
+			${ifnames:+--ifnames "$ifnames"} \
+			${ipt_args:+--ipt-extra "$ipt_args"} \
 			$args \
 		|| "$bin" "$@" -f
 }
@@ -238,20 +240,19 @@ ss_rules_call() {
 ss_rules_call6() {
 	"$bin6" "$@" \
 			-s "$ss_redir_servers6" \
-			-l "$local_port_tcp6" \
-			-L "$local_port_udp6" \
-			--src-default "$src_default" \
-			--dst-default "$dst_default" \
-			--local-default "$local_default" \
-			--dst-bypass-file "$dst_ips_bypass_file" \
-			--dst-forward-file "$dst_ips_forward_file" \
-			--dst-bypass "$dst_ips_bypass6" \
-			--dst-forward "$dst_ips_forward6" \
-			--src-bypass "$src_ips_bypass6" \
-			--src-forward "$src_ips_forward6" \
-			--src-checkdst "$src_ips_checkdst6" \
-			--ifnames "$ifnames" \
-			--ipt-extra "$ipt_args" \
+			${local_port_tcp:+-l "$local_port_tcp6"} \
+			${local_port_udp:+-L "$local_port_udp6"} \
+			${src_default:+--src-default "$src_default" \
+			${dst_default:+--dst-default "$dst_default" \
+			${dst_ips_bypass_file:+--dst-bypass-file "$dst_ips_bypass_file"} \
+			${dst_ips_forward_file:+--dst-forward-file "$dst_ips_forward_file"} \
+			${dst_ips_bypass6:+--dst-bypass "$dst_ips_bypass6"} \
+			${dst_ips_forward6:+--dst-forward "$dst_ips_forward6"} \
+			${src_ips_bypass6:+--src-bypass "$src_ips_bypass6"} \
+			${src_ips_forward6:+--src-forward "$src_ips_forward6"} \
+			${src_ips_checkdst6:+--src-checkdst "$src_ips_checkdst6"} \
+			${ifnames:+--ifnames "$ifnames"} \
+			${ipt_args:+--ipt-extra "$ipt_args"} \
 			$args \
 		|| "$bin6" "$@" -f
 }
diff --git a/shadowsocks-libev/files/ss-rules b/shadowsocks-libev/files/ss-rules
index b50eaeacd..5146316d9 100755
--- a/shadowsocks-libev/files/ss-rules
+++ b/shadowsocks-libev/files/ss-rules
@@ -123,7 +123,7 @@ ss_rules_flush() {
 
 	iptables-save --counters | grep -v ss_rules_ | iptables-restore -w --counters
 	while ip rule del fwmark 1 lookup 100 2>/dev/null; do true; done
-	ip route flush table 100
+	ip route flush table 100 || true
 	for setname in $(ipset -n list | grep "ss_rules_"); do
 		ipset destroy "$setname" 2>/dev/null || true
 	done
diff --git a/shadowsocks-libev/files/ss-rules6 b/shadowsocks-libev/files/ss-rules6
index 3c78e9a73..796e3178e 100755
--- a/shadowsocks-libev/files/ss-rules6
+++ b/shadowsocks-libev/files/ss-rules6
@@ -105,7 +105,7 @@ ss_rules6_flush() {
 
 	ip6tables-save --counters | grep -v ss_rules6_ | ip6tables-restore -w --counters
 	while ip -f inet6 rule del fwmark 1 lookup 100 2>/dev/null; do true; done
-	ip -f inet6 route flush table 100
+	ip -f inet6 route flush table 100 || true
 	for setname in $(ipset -n list | grep "ss_rules6_"); do
 		ipset destroy "$setname" 2>/dev/null || true
 	done