17362ce57c
It may take a long time waiting for a new tag, so backport these important bug fixes for now. While at it, added 3 new options provided by upstream, and deprecated the usage of `$(AUTORELEASE)`. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
38 lines
1.4 KiB
Diff
38 lines
1.4 KiB
Diff
From 4a87a6fc9a17939cc0fc54058b2128b1f688045a Mon Sep 17 00:00:00 2001
|
|
From: Xiaoxu Guo <ftiasch0@gmail.com>
|
|
Date: Thu, 4 Aug 2022 22:56:46 +0800
|
|
Subject: [PATCH] improved
|
|
|
|
---
|
|
service/core/iptables/tproxy.go | 6 +++---
|
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
--- a/core/iptables/tproxy.go
|
|
+++ b/core/iptables/tproxy.go
|
|
@@ -16,7 +16,7 @@ var Tproxy tproxy
|
|
func (t *tproxy) AddIPWhitelist(cidr string) {
|
|
// avoid duplication
|
|
t.RemoveIPWhitelist(cidr)
|
|
- pos := 5
|
|
+ pos := 6
|
|
if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
|
|
pos += 3
|
|
}
|
|
@@ -65,7 +65,7 @@ iptables -w 2 -t mangle -A TP_PRE -p udp
|
|
|
|
iptables -w 2 -t mangle -A TP_RULE -j CONNMARK --restore-mark
|
|
iptables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
|
|
-iptables -w 2 -t mangle -A TP_RULE -i br+ -j RETURN
|
|
+iptables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
|
|
iptables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
|
|
iptables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
|
|
`
|
|
@@ -124,7 +124,7 @@ ip6tables -w 2 -t mangle -A TP_PRE -p ud
|
|
|
|
ip6tables -w 2 -t mangle -A TP_RULE -j CONNMARK --restore-mark
|
|
ip6tables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
|
|
-ip6tables -w 2 -t mangle -A TP_RULE -i br+ -j RETURN
|
|
+ip6tables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
|
|
ip6tables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
|
|
ip6tables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
|
|
`
|