mirror of
https://github.com/kenzok8/small-package.git
synced 2026-02-08 07:37:13 +08:00
update 2022-08-13 20:17:39
This commit is contained in:
github-actions[bot]
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-xray
|
||||
PKG_VERSION:=1.15.2
|
||||
PKG_VERSION:=1.15.3
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_LICENSE:=MPLv2
|
||||
|
||||
@@ -53,6 +53,7 @@ Focus on making the most of Xray (HTTP/HTTPS/Socks/TProxy inbounds, multiple pro
|
||||
* 2022-06-19 feat: skip proxy for specific uids / gids (nftables support only)
|
||||
* 2022-08-07 fix: avoid duplicated items in generated nftables ruleset
|
||||
* 2022-08-08 fix: make sure forwarded IPs are always forwarded to Xray even for reserved addresses. Xray may not forward those requests so that manner may be changed later.
|
||||
* 2022-08-13 fix: apply 2022-08-08 fix to iptables as well
|
||||
|
||||
## Changelog 2021
|
||||
|
||||
@@ -102,3 +103,7 @@ Focus on making the most of Xray (HTTP/HTTPS/Socks/TProxy inbounds, multiple pro
|
||||
* [x] transparent proxy access control for LAN
|
||||
* [x] try to be compatible with [OpenWrt Packages: xray-core](https://github.com/openwrt/packages/tree/master/net/xray-core)
|
||||
* [ ] Better DNS module implementation like DoH (may involve breaking changes)
|
||||
|
||||
## Star History
|
||||
|
||||
[](https://star-history.com/#yichya/luci-app-xray&Date)
|
||||
|
||||
@@ -18,8 +18,10 @@ COMMIT
|
||||
*mangle
|
||||
:TP_SPEC_LAN_AC - [0:0]
|
||||
:TP_SPEC_LAN_DG - [0:0]
|
||||
:TP_SPEC_LAN_RE - [0:0]
|
||||
:TP_SPEC_WAN_AC - [0:0]
|
||||
:TP_SPEC_WAN_DG - [0:0]
|
||||
:TP_SPEC_WAN_RE - [0:0]
|
||||
:TP_SPEC_WAN_FW - [0:0]
|
||||
-I PREROUTING 1 -m mark --mark 0xfc -j TP_SPEC_WAN_AC]]
|
||||
local lan = "-I PREROUTING 1 -i %s -j TP_SPEC_LAN_DG"
|
||||
@@ -28,18 +30,24 @@ local rules = [[-A OUTPUT -j TP_SPEC_WAN_DG
|
||||
-A TP_SPEC_LAN_AC -m set --match-set tp_spec_src_fw src -j TP_SPEC_WAN_FW
|
||||
-A TP_SPEC_LAN_AC -m set --match-set tp_spec_src_ac src -j TP_SPEC_WAN_AC
|
||||
-A TP_SPEC_LAN_AC -j TP_SPEC_WAN_AC
|
||||
-A TP_SPEC_LAN_DG -m set --match-set tp_spec_dst_fw dst -j TP_SPEC_LAN_RE
|
||||
-A TP_SPEC_LAN_DG -m set --match-set tp_spec_dst_sp dst -j RETURN
|
||||
-A TP_SPEC_LAN_DG -p tcp -j TP_SPEC_LAN_AC
|
||||
-A TP_SPEC_LAN_DG -p udp -j TP_SPEC_LAN_AC
|
||||
-A TP_SPEC_LAN_DG -m set --match-set tp_spec_dst_bp dst -j RETURN
|
||||
-A TP_SPEC_LAN_DG -m set --match-set tp_spec_def_gw dst -j RETURN
|
||||
-A TP_SPEC_LAN_DG -j TP_SPEC_LAN_RE
|
||||
-A TP_SPEC_LAN_RE -p tcp -j TP_SPEC_LAN_AC
|
||||
-A TP_SPEC_LAN_RE -p udp -j TP_SPEC_LAN_AC
|
||||
-A TP_SPEC_WAN_AC -m set --match-set tp_spec_dst_fw dst -j TP_SPEC_WAN_FW
|
||||
-A TP_SPEC_WAN_AC -m set --match-set tp_spec_dst_bp dst -j RETURN
|
||||
-A TP_SPEC_WAN_AC -j TP_SPEC_WAN_FW
|
||||
-A TP_SPEC_WAN_DG -m mark --mark 0x%x -j RETURN
|
||||
-A TP_SPEC_WAN_DG -m set --match-set tp_spec_dst_fw dst -j TP_SPEC_WAN_RE
|
||||
-A TP_SPEC_WAN_DG -m set --match-set tp_spec_dst_sp dst -j RETURN
|
||||
-A TP_SPEC_WAN_DG -m set --match-set tp_spec_dst_bp dst -j RETURN
|
||||
-A TP_SPEC_WAN_DG -m set --match-set tp_spec_def_gw dst -j RETURN
|
||||
-A TP_SPEC_WAN_DG -m mark --mark 0x%x -j RETURN
|
||||
-A TP_SPEC_WAN_DG -p tcp -j MARK --set-xmark 0xfc/0xffffffff
|
||||
-A TP_SPEC_WAN_DG -p udp -j MARK --set-xmark 0xfc/0xffffffff
|
||||
-A TP_SPEC_WAN_DG -j TP_SPEC_WAN_RE
|
||||
-A TP_SPEC_WAN_RE -p tcp -j MARK --set-xmark 0xfc/0xffffffff
|
||||
-A TP_SPEC_WAN_RE -p udp -j MARK --set-xmark 0xfc/0xffffffff
|
||||
-A TP_SPEC_WAN_FW -p tcp -j TPROXY --on-port %d --on-ip 0.0.0.0 --tproxy-mark 0xfb/0xffffffff
|
||||
-A TP_SPEC_WAN_FW -p udp -j TPROXY --on-port %d --on-ip 0.0.0.0 --tproxy-mark 0xfb/0xffffffff
|
||||
COMMIT
|
||||
|
||||
Reference in New Issue
Block a user