drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-04-19 05:22:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

docs : find_wan => find_wan_all

Browse Source
This commit is contained in:
bolvan 2019-05-17 18:24:51 +03:00
parent 7fdc41fc21
commit 1ce5609038
2 changed files with 12 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/https.txt
View File

@ -97,12 +97,11 @@ redsocks {
--- /etc/firewall.user ----- --- /etc/firewall.user -----
SOXIFIER_PORT=1099 SOXIFIER_PORT=1099
. /opt/zapret/init.d/openwrt/functions . /opt/zapret/init.d/openwrt/functions
create_ipset no-update
network_find_wan wan_iface
create_ipset no-update
network_find_wan_all wan_iface
for ext_iface in $wan_iface; do for ext_iface in $wan_iface; do
network_get_device ext_device $ext_iface network_get_device ext_device $ext_iface
ipt OUTPUT -t nat -o $ext_device -p tcp --dport 443 -m set --match-set zapret dst -j REDIRECT --to-port $SOXIFIER_PORT ipt OUTPUT -t nat -o $ext_device -p tcp --dport 443 -m set --match-set zapret dst -j REDIRECT --to-port $SOXIFIER_PORT

20
docs/wireguard/wireguard_iproute_openwrt.txt
View File

@ -233,15 +233,13 @@ OUTPUT относится к исходящим с роутера пакетам
Если с самого роутера ничего заруливать не надо, можно опустить все до команд с PREROUTING. Если с самого роутера ничего заруливать не надо, можно опустить все до команд с PREROUTING.
--/etc/firewall.user---------------------------- --/etc/firewall.user----------------------------
. /opt/zapret/init.d/openwrt/functions . /opt/zapret/init.d/openwrt/functions
create_ipset no-update
network_find_wan wan_iface
create_ipset no-update
network_find_wan_all wan_iface
for ext_iface in $wan_iface; do for ext_iface in $wan_iface; do
network_get_device DEVICE $ext_iface network_get_device DEVICE $ext_iface
ipt OUTPUT -t mangle -o $DEVICE -p tcp --dport 443 -m set --match-set zapret dst -j MARK --set-mark 0x800/0x800 ipt OUTPUT -t mangle -o $DEVICE -p tcp --dport 443 -m set --match-set zapret dst -j MARK --set-mark 0x800/0x800
ipt OUTPUT -t mangle -o $DEVICE -m set --match-set ipban dst -j MARK --set-mark 0x800/0x800 ipt OUTPUT -t mangle -o $DEVICE -m set --match-set ipban dst -j MARK --set-mark 0x800/0x800
done done
@ -302,15 +300,13 @@ config rule
Если вам не актуальны исходящие с самого роутера, то можно ничего не менять. Если вам не актуальны исходящие с самого роутера, то можно ничего не менять.
--/etc/firewall.user---------------------------- --/etc/firewall.user----------------------------
. /opt/zapret/init.d/openwrt/functions . /opt/zapret/init.d/openwrt/functions
create_ipset no-update
network_find_wan wan_iface
create_ipset no-update
network_find_wan_all wan_iface
for ext_iface in $wan_iface; do for ext_iface in $wan_iface; do
network_get_device DEVICE $ext_iface network_get_device DEVICE $ext_iface
ipt OUTPUT -t mangle -o $DEVICE -p tcp --dport 443 -m set --match-set zapret dst -j MARK --set-mark 0x800/0x800 ipt OUTPUT -t mangle -o $DEVICE -p tcp --dport 443 -m set --match-set zapret dst -j MARK --set-mark 0x800/0x800
ipt OUTPUT -t mangle -o $DEVICE -m set --match-set ipban dst -j MARK --set-mark 0x800/0x800 ipt OUTPUT -t mangle -o $DEVICE -m set --match-set ipban dst -j MARK --set-mark 0x800/0x800
ipt OUTPUT -t mangle -o $DEVICE -j MARK --set-mark 0x1000/0x1000 ipt OUTPUT -t mangle -o $DEVICE -j MARK --set-mark 0x1000/0x1000