clnc-tun-v2.1

zhj9709 · Jan 26, 2021 · bbb51ef · bbb51ef
1 parent 0d2c22b
commit bbb51ef
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -3,4 +3,12 @@
 ### v2.0
 
 1. 默认禁止ipv6联网
-2. 清除规则用了while循环，防止有多个重复的规则一次清不掉
+2. 清除规则用了while循环，防止有多个重复的规则一次清不掉
+
+### v2.1
+
+1. 修复一些内网未放行的问题
+2. 可以用tls了(`method="GET:tls"`)
+3. 更新了busybox(v1.31.1)
+4. 重新设置了解析域名时的超时设置，防止停机卡等解析时等待较长的时间
+
diff --git a/clnc-tun/bin/clncs.bin b/clnc-tun/bin/clncs.bin
@@ -126,7 +126,7 @@ start_rules() {
     iptables -t mangle -N man_PRE
     iptables -t mangle -A PREROUTING -j man_PRE
     # PREROUTING
-    allow_ip="0/8,127/8,10/8,192.168/16,224/3,169.254/16,100.64/10,172.16/12"
+    allow_ip="10/8,100/8,127/8,169.254/16,172.16/12,192/24,192.168/16,224/4,240/4"
     iptables -t mangle -A man_PRE -d $allow_ip -j ACCEPT
     # OUTPUT
     iptables -t mangle -A man_OUT -m owner --gid-owner 2222 -j ACCEPT
@@ -230,7 +230,7 @@ else
   param1=$method
 fi
 
-[ -n "$param2" ] && tls_client='\n    tls_client = '$host'';
+[ "$param2" = "tls" ] && tls_client='\n    tls_client = '$host'';
 
 echo 'tcp::Global {
     tcp_listen = 0.0.0.0:1230;

diff --git a/clnc-tun/bin/clnct.bin b/clnc-tun/bin/clnct.bin
@@ -77,8 +77,7 @@ start_rules() {
   ip route add default dev $TunDev table 1234
   # 防跳
   iptables -t mangle -N TUN_MARK
-  allow_ip="0/8,127/8,10/8,192.168/16,224/3,169.254/16,100.64/10,172.16/12"
-  #allow_ip="0.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,172.16.0.0/12,192.168.0.0/16,10.0.0.0/8,224.0.0.0/3"
+  allow_ip="10/8,100/8,127/8,169.254/16,172.16/12,192/24,192.168/16,224/4,240/4"
 
   iptables -t mangle -A TUN_MARK -d $allow_ip -j ACCEPT
 
@@ -174,7 +173,7 @@ else
   param1=$method
 fi
 
-[ -n "$param2" ] && tls_client='\n    tls_client = '$host'';
+[ "$param2" = "tls" ] && tls_client='\n    tls_client = '$host'';
 
 echo 'tcp::Global {
 }