ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-11 17:29:16 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity
b6fe438017
zapret/files/huawei/E8372/zapret-ip

35 lines
979 B
Plaintext
Raw Normal View History

history purge
2021-03-04 16:30:38 +05:00
#!/system/bin/busybox sh
# $1 - ip list file. create individual rules for tpws redirection. ipset is not available
[ -z "$1" ] && {
echo need iplist file as parameter
exit 1
}
insmod /online/modules/unfuck_nfqueue.ko 2>/dev/null
tpws --maxconn=1024 --uid 1:3003 --port=1 --daemon
REDIR="-j REDIRECT --to-port 1"
iptables -F tpws -t nat
iptables -X tpws -t nat
iptables -N tpws -t nat
iptables -A tpws -t nat -d 192.168.0.0/16 -j RETURN
while read ip; do
echo redirecting $ip
iptables -A tpws -t nat -d $ip -p tcp $REDIR
done <"$1"
rule="PREROUTING -t nat -i br0 -p tcp -m multiport --dports 80,443 -j tpws"
iptables -C $rule 2>/dev/null || iptables -I $rule
nfqws --uid 2 --qnum=200 --dpi-desync=disorder --dpi-desync-ttl=8 --dpi-desync-fooling=md5sig --daemon
rule="OUTPUT -t mangle -o wan0 -p tcp -m multiport --dports 80,443 -m mark ! --mark 0x40000000/0x40000000 -j NFQUEUE --queue-num 200 --queue-bypass"
iptables -C $rule 2>/dev/null || iptables -I $rule
Reference in New Issue Copy Permalink