diff --git a/README.md b/README.md index df91b0f..93e04d6 100644 --- a/README.md +++ b/README.md @@ -3,4 +3,12 @@ ### v2.0 1. 默认禁止ipv6联网 -2. 清除规则用了while循环,防止有多个重复的规则一次清不掉 \ No newline at end of file +2. 清除规则用了while循环,防止有多个重复的规则一次清不掉 + +### v2.1 + +1. 修复一些内网未放行的问题 +2. 可以用tls了(`method="GET:tls"`) +3. 更新了busybox(v1.31.1) +4. 重新设置了解析域名时的超时设置,防止停机卡等解析时等待较长的时间 + diff --git a/clnc-tun/bin/clncs.bin b/clnc-tun/bin/clncs.bin index d973103..aee1232 100644 --- a/clnc-tun/bin/clncs.bin +++ b/clnc-tun/bin/clncs.bin @@ -126,7 +126,7 @@ start_rules() { iptables -t mangle -N man_PRE iptables -t mangle -A PREROUTING -j man_PRE # PREROUTING - allow_ip="0/8,127/8,10/8,192.168/16,224/3,169.254/16,100.64/10,172.16/12" + allow_ip="10/8,100/8,127/8,169.254/16,172.16/12,192/24,192.168/16,224/4,240/4" iptables -t mangle -A man_PRE -d $allow_ip -j ACCEPT # OUTPUT iptables -t mangle -A man_OUT -m owner --gid-owner 2222 -j ACCEPT @@ -230,7 +230,7 @@ else param1=$method fi -[ -n "$param2" ] && tls_client='\n tls_client = '$host''; +[ "$param2" = "tls" ] && tls_client='\n tls_client = '$host''; echo 'tcp::Global { tcp_listen = 0.0.0.0:1230; diff --git a/clnc-tun/bin/clnct.bin b/clnc-tun/bin/clnct.bin index 3d0b696..a080ad0 100644 --- a/clnc-tun/bin/clnct.bin +++ b/clnc-tun/bin/clnct.bin @@ -77,8 +77,7 @@ start_rules() { ip route add default dev $TunDev table 1234 # 防跳 iptables -t mangle -N TUN_MARK - allow_ip="0/8,127/8,10/8,192.168/16,224/3,169.254/16,100.64/10,172.16/12" - #allow_ip="0.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,172.16.0.0/12,192.168.0.0/16,10.0.0.0/8,224.0.0.0/3" + allow_ip="10/8,100/8,127/8,169.254/16,172.16/12,192/24,192.168/16,224/4,240/4" iptables -t mangle -A TUN_MARK -d $allow_ip -j ACCEPT @@ -174,7 +173,7 @@ else param1=$method fi -[ -n "$param2" ] && tls_client='\n tls_client = '$host''; +[ "$param2" = "tls" ] && tls_client='\n tls_client = '$host''; echo 'tcp::Global { }