Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Configure transparent proxy for router in IPv6 only network
- > Environment:
- >
- > Router: ASUS ac66u_b1
- >
- > OS: asus merlin 384.3
- >
- > Shadowsocks: shadowsocks-libev 3.1(can support udp relay)
- 1. Make sure router can connect to VPS via IPv6.
- 2. Install shadowsocks-libev on VPS, start ss-server with IPv6 enabled and `-u` (udp relay).
- 3. Install ss-redir on router(need to install entware first).
- 4. Start ss-redir on router with `-u`.
- ```
- nohup ss-redir -s [VPS's ipv6 address] -p [shadowsocks's port] -m [encrypt method] -k [password] -b 0.0.0.0 -l 1080 -u > /dev/null &
- ```
- 5. Enable TPROXY on router:
- ```bash
- modprobe ip_set
- modprobe ip_set_hash_net
- modprobe ip_set_hash_ip
- modprobe xt_set
- modprobe xt_TPROXY.ko
- ```
- 6. Configure iptables: (NOTE: Configurations below is used for IPv6 connection. If you use IPv4 connection, don't forget to set iptables to allow traffics to VPS, or network willl be unreachable)
- ```bash
- # TCP rules
- iptables -t nat -N SHADOWSOCKS_TCP
- # Uncomment line below on ipv4 environment
- # iptables -t nat -A SHADOWSOCKS -d [VPS's ipv4 address] -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 0.0.0.0/8 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 10.0.0.0/8 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 127.0.0.0/8 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 169.254.0.0/16 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 172.16.0.0/12 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 192.168.0.0/16 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 224.0.0.0/4 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -d 240.0.0.0/4 -j RETURN
- iptables -t nat -A SHADOWSOCKS_TCP -p tcp -j REDIRECT --to-ports 1080
- iptables -t nat -I PREROUTING 1 -p tcp -j SHADOWSOCKS_TCP
- iptables -t nat -I OUTPUT 1 -p tcp -j SHADOWSOCKS_TCP
- # UDP rules
- iptables -t mangle -N SHADOWSOCKS_UDP
- iptables -t mangle -N SHADOWSOCKS_MARK
- ip rule add fwmark 1 lookup 100
- ip route add local default dev lo table 100
- # Uncomment line below on ipv4 environment
- # iptables -t nat -A SHADOWSOCKS_MARK -d [VPS's ipv4 address] -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 0.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 10.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 127.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 169.254.0.0/16 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 172.16.0.0/12 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 192.168.0.0/16 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 224.0.0.0/4 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -d 240.0.0.0/4 -j RETURN
- # Uncomment line below on ipv4 environment
- # iptables -t nat -A SHADOWSOCKS_UDP -d [VPS's ipv4 address] -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 0.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 10.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 127.0.0.0/8 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 169.254.0.0/16 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 172.16.0.0/12 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 192.168.0.0/16 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 224.0.0.0/4 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_UDP -d 240.0.0.0/4 -j RETURN
- iptables -t mangle -A SHADOWSOCKS_MARK -p udp -d 8.8.8.8 --dport 53 -j MARK --set-mark 1
- iptables -t mangle -A SHADOWSOCKS_UDP -p udp --dport 53 -j TPROXY --on-port 1080 --on-ip 192.168.50.1 --tproxy-mark 0x01/0x01
- iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS_UDP
- iptables -t mangle -A OUTPUT -p udp -j SHADOWSOCKS_MARK
- ```
-
Add Comment
Please, Sign In to add comment