dnomd343
/
TProxy
mirror of https://github.com/dnomd343/TProxy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

refactor: optimize init script

master
dnomd343 3 years ago
parent
84302e33c3
commit
0446c78072
3 changed files with 198 additions and 167 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      Dockerfile
  2. 8
      load.sh
  3. 41
      tproxy.sh

2
Dockerfile
View File

@ -1,6 +1,6 @@
FROM alpine as asset FROM alpine as asset
COPY ./asset.sh / COPY ./asset.sh /
RUN apk --update add --no-cache curl wget jq && \ RUN apk add curl wget jq && \
sh /asset.sh sh /asset.sh
FROM alpine FROM alpine

8
load.sh
View File

@ -184,14 +184,14 @@ EOF
} }
load_bypass_ipv4() { load_bypass_ipv4() {
cat>"$NETWORK_DIR/bypass/ipv4"<<EOF cat > $NETWORK_DIR/bypass/ipv4 << EOF
169.254.0.0/16 169.254.0.0/16
224.0.0.0/3 224.0.0.0/3
EOF EOF
} }
load_bypass_ipv6() { load_bypass_ipv6() {
cat>"$NETWORK_DIR/bypass/ipv6"<<EOF cat > $NETWORK_DIR/bypass/ipv6 << EOF
fc00::/7 fc00::/7
fe80::/10 fe80::/10
ff00::/8 ff00::/8
@ -199,7 +199,7 @@ EOF
} }
load_network_ipv4() { load_network_ipv4() {
cat>"$NETWORK_DIR/interface/ipv4"<<EOF cat > $NETWORK_DIR/interface/ipv4 << EOF
ADDRESS= ADDRESS=
GATEWAY= GATEWAY=
FORWARD=true FORWARD=true
@ -207,7 +207,7 @@ EOF
} }
load_network_ipv6() { load_network_ipv6() {
cat>"$NETWORK_DIR/interface/ipv6"<<EOF cat > $NETWORK_DIR/interface/ipv6 << EOF
ADDRESS= ADDRESS=
GATEWAY= GATEWAY=
FORWARD=true FORWARD=true

41
tproxy.sh
View File

@ -1,44 +1,75 @@
#!/bin/sh #!/bin/sh
trap "echo \"Get exit signal\" && exit" 2 15
[ -f "/etc/xray/expose/custom.sh" ] && sh /etc/xray/expose/custom.sh
# IPv4 tproxy settings exit_func() { # doing before exit
echo "[TProxy] Get exit signal."
kill -15 -1 # send SIGTERM to all process
while [ "$(ps -ef | grep -cv "PID\|ps -ef\|\[")" != "2" ] # remain itself and it's fork $(...)
do
usleep 10000 # wait 10ms
done
echo "[TProxy] All subprocess exit."
exit
}
ipv4_tproxy() { # IPv4 tproxy settings
ip -4 rule add fwmark 1 table 100 ip -4 rule add fwmark 1 table 100
ip -4 route add local 0.0.0.0/0 dev lo table 100 ip -4 route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -N XRAY iptables -t mangle -N XRAY
for cidr in $(ip -4 addr | grep -w "inet" | awk '{print $2}') # bypass local ipv4 range for cidr in $(ip -4 addr | grep -w "inet" | awk '{print $2}') # bypass local ipv4 range
do do
echo "[TProxy] IPv4 bypass $cidr"
eval "iptables -t mangle -A XRAY -d $cidr -j RETURN" eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
done done
while read -r cidr # bypass custom ipv4 range while read -r cidr # bypass custom ipv4 range
do do
echo "[TProxy] IPv4 bypass $cidr"
eval "iptables -t mangle -A XRAY -d $cidr -j RETURN" eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
done < /etc/xray/expose/network/bypass/ipv4 done < /etc/xray/expose/network/bypass/ipv4
iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 7288 --tproxy-mark 1 iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 7288 --tproxy-mark 1
iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 7288 --tproxy-mark 1 iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 7288 --tproxy-mark 1
iptables -t mangle -A PREROUTING -j XRAY iptables -t mangle -A PREROUTING -j XRAY
}
# IPv6 tproxy settings ipv6_tproxy() { # IPv6 tproxy settings
ip -6 rule add fwmark 1 table 106 ip -6 rule add fwmark 1 table 106
ip -6 route add local ::/0 dev lo table 106 ip -6 route add local ::/0 dev lo table 106
ip6tables -t mangle -N XRAY6 ip6tables -t mangle -N XRAY6
for cidr in $(ip -6 addr | grep -w "inet6" | awk '{print $2}') # bypass local ipv6 range for cidr in $(ip -6 addr | grep -w "inet6" | awk '{print $2}') # bypass local ipv6 range
do do
echo "[TProxy] IPv6 bypass $cidr"
eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN" eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
done done
while read -r cidr # bypass custom ipv6 range while read -r cidr # bypass custom ipv6 range
do do
echo "[TProxy] IPv6 bypass $cidr"
eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN" eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
done < /etc/xray/expose/network/bypass/ipv6 done < /etc/xray/expose/network/bypass/ipv6
ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 7289 --tproxy-mark 1 ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 7289 --tproxy-mark 1
ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 7289 --tproxy-mark 1 ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 7289 --tproxy-mark 1
ip6tables -t mangle -A PREROUTING -j XRAY6 ip6tables -t mangle -A PREROUTING -j XRAY6
}
trap exit_func 2 15 # SIGINT and SIGTERM signal
echo "[TProxy] Server start."
echo "[TProxy] Init network environment."
ipv4_tproxy
ipv6_tproxy
sh /etc/xray/load.sh sh /etc/xray/load.sh
xray -confdir /etc/xray/config/ # start xray server echo "[TProxy] Init complete."
echo "[TProxy] Running custom script."
custom_script="/etc/xray/expose/custom.sh"
[ -f "$custom_script" ] && sh $custom_script
echo "[TProxy] Start xray service."
xray -confdir /etc/xray/config/

Write Preview
Loading…
Cancel
Save