This repository was archived by the owner on Nov 21, 2019. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +5
-1
lines changed
Expand file tree Collapse file tree 1 file changed +5
-1
lines changed Original file line number Diff line number Diff line change @@ -388,12 +388,16 @@ class Generator {
388388 ip = await Utils . resolveDomain ( ips [ i ] )
389389 }
390390 contents . push ( genFWRulesHelper ( `-d ${ ip } ) )
391+ // bypass udp to serverIP to-port
392+ contents . push ( `iptables -t mangle -A PREROUTING -p udp -d ${ ip } )
391393 }
392394
393395 // bypass lan_networks. 如果不想绕过lan, 生成一个空的lan ipset集合即可
394396 contents . push ( '# bypass lan networks' )
395397 const rule = `-m set --match-set ${ firewallInfo . ipset . lanSetName }
396398 contents . push ( genFWRulesHelper ( rule ) )
399+ // bypass udp too
400+ contents . push ( `iptables -t mangle -A PREROUTING -p udp -m set --match-set ${ firewallInfo . ipset . lanSetName } )
397401
398402 // whitelist mode: bypass whitelist and route others
399403 if ( profile . mode === 'whitelist' ) {
@@ -404,7 +408,7 @@ class Generator {
404408
405409 if ( profile . enableRelayUDP ) {
406410 contents . push ( 'ip rule add fwmark 1 lookup 100' )
407- contents . push ( 'ip route add local default dev lo table 100' )
411+ contents . push ( 'ip route add local default dev lo table 100 2>/dev/null ' )
408412 contents . push ( `iptables -t mangle -A PREROUTING -p udp -m set --match-set ${ firewallInfo . ipset . blackSetName } ${ udpRedirPort } )
409413 }
410414
You can’t perform that action at this time.
0 commit comments