Skip to content

Commit

Permalink
Revert "Trying to fix local traffic loops"
Browse files Browse the repository at this point in the history
This reverts commit 74dc2bf.
  • Loading branch information
CHIZI-0618 committed Jul 2, 2024
1 parent 1db1e67 commit e7f3e07
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions box/scripts/box.tproxy
Original file line number Diff line number Diff line change
Expand Up @@ -184,9 +184,9 @@ start_tproxy() {

# Skip traffic already handled by TProxy
# If the interface of the default route has a public IPv4 or IPv6 address assigned by the ISP, omitting these rules will result in abnormal proxy behavior for local traffic, which may cause the entire network to run slower
${iptables} -t mangle -A BOX_EXTERNAL -p tcp -m socket --transparent -j MARK --set-xmark ${mark_id}
${iptables} -t mangle -A BOX_EXTERNAL -p udp -m socket --transparent -j MARK --set-xmark ${mark_id}
${iptables} -t mangle -A BOX_EXTERNAL -m socket -j RETURN
# ${iptables} -t mangle -A BOX_EXTERNAL -p tcp -m socket --transparent -j MARK --set-xmark ${mark_id}
# ${iptables} -t mangle -A BOX_EXTERNAL -p udp -m socket --transparent -j MARK --set-xmark ${mark_id}
# ${iptables} -t mangle -A BOX_EXTERNAL -m socket -j RETURN

if [ "${bin_name}" = "clash" ] || [ "${bin_name}" = "hysteria" ] ; then
${iptables} -t mangle -A BOX_EXTERNAL -p tcp --dport 53 -j RETURN
Expand Down Expand Up @@ -320,13 +320,13 @@ start_tproxy() {
${iptables} -t mangle -I OUTPUT -j BOX_LOCAL


# ${iptables} -t mangle -N DIVERT
# ${iptables} -t mangle -F DIVERT
${iptables} -t mangle -N DIVERT
${iptables} -t mangle -F DIVERT

# ${iptables} -t mangle -A DIVERT -j MARK --set-xmark ${mark_id}
# ${iptables} -t mangle -A DIVERT -j ACCEPT
${iptables} -t mangle -A DIVERT -j MARK --set-xmark ${mark_id}
${iptables} -t mangle -A DIVERT -j ACCEPT

# ${iptables} -t mangle -I PREROUTING -p tcp -m socket -j DIVERT
${iptables} -t mangle -I PREROUTING -p tcp -m socket -j DIVERT


# This rule blocks local access to tproxy-port to prevent traffic loopback.
Expand Down

0 comments on commit e7f3e07

Please sign in to comment.