-
Notifications
You must be signed in to change notification settings - Fork 5
/
start
55 lines (42 loc) · 1.81 KB
/
start
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
DIR_PATH="/data/data/xray-linux-arm64"
FILES_PATH="$(cd `dirname $0`; pwd)"
CONFIG_FILE="$(cd $FILES_PATH && ls *config.json*)"
if [ ! -f ${FILES_PATH}/${CONFIG_FILE} ];then
echo "XRAY CONFIG FILE "${FILES_PATH}/${CONFIG_FILE}" not exist. now quit...."
exit
fi
. ${FILES_PATH}/stop 2> /dev/null
echo "prepareing XRAY package to ${DIR_PATH}...."
mkdir -p ${DIR_PATH}
cp -arf ${FILES_PATH}/xray-linux-arm64/* ${DIR_PATH}/
if [[ $? -ne 0 ]];then
echo "prepare XRAY package file. xray-linux-arm64 dir not exist. now quit...."
exit
fi
chmod -R +x ${DIR_PATH}
#echo "RUN XRAY and GOST ...."
echo "RUN XRAY ...."
#nohup ${DIR_PATH}/gost -L=udp://127.0.0.1:53/208.67.222.222:443 > /dev/null 2>&1 &
nohup ${DIR_PATH}/xray -config=${FILES_PATH}/${CONFIG_FILE} -format=json > /dev/null 2>&1 &
sleep 2
netstat -lnpt | grep "61099 "
if [ $? -ne 0 ];then
echo "RUN XRAY failed. now quit...."
exit
fi
echo "add iptables for XRAY rules...."
# 新建一个名为 XRAY 的链
iptables -w 3 -t nat -N XRAY
# 其余流量转发到 61099 端口(即 V2Ray)
iptables -w 3 -t nat -A XRAY -p tcp -j REDIRECT --to-ports 61099
# 设置root权限运行的进程出方向直连(避免xray进程本机出方向流量回环)
iptables -w 3 -t nat -I OUTPUT -p tcp -m owner --uid-owner 0 -j RETURN
# 对局域网其他设备进行透明代理 (仅转发80,443,8080端口)
iptables -w 3 -t nat -A PREROUTING -p tcp -m multiport --dports 80,443,8080 -j XRAY
# 对本机进行透明代理 (仅转发80,443,8080端口)
iptables -w 3 -t nat -A OUTPUT -p tcp -m multiport --dports 80,443,8080 -j XRAY
# 对局域网其他设备进行透明代理 (全部端口)
# iptables -w 3 -t nat -A PREROUTING -p tcp -j XRAY
# 对本机进行透明代理 (全部端口)
# iptables -w 3 -t nat -A OUTPUT -p tcp -j XRAY
echo "add iptables for XRAY finished...."