#!/bin/sh
trap "echo \"Get exit signal\" && exit" 2 15
[ -f "/etc/xray/expose/custom.sh" ] && sh /etc/xray/expose/custom.sh

# IPv4 tproxy settings
ip -4 rule add fwmark 1 table 100
ip -4 route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -N XRAY

for cidr in $(ip -4 addr | grep -w "inet" | awk '{print $2}') # bypass local ipv4 range
do
  eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
done

while read -r cidr # bypass custom ipv4 range
do
  eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
done < /etc/xray/expose/network/bypass/ipv4

iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 7288 --tproxy-mark 1
iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 7288 --tproxy-mark 1
iptables -t mangle -A PREROUTING -j XRAY

# IPv6 tproxy settings
ip -6 rule add fwmark 1 table 106
ip -6 route add local ::/0 dev lo table 106
ip6tables -t mangle -N XRAY6

for cidr in $(ip -6 addr | grep -w "inet6" | awk '{print $2}') # bypass local ipv6 range
do
  eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
done

while read -r cidr # bypass custom ipv6 range
do
  eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
done < /etc/xray/expose/network/bypass/ipv6

ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 7289 --tproxy-mark 1
ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 7289 --tproxy-mark 1
ip6tables -t mangle -A PREROUTING -j XRAY6

sh /etc/xray/load.sh
xray -confdir /etc/xray/config/ # start xray server