# Configure transparent proxy for router in IPv6 only network> Environment:>

1. # Configure transparent proxy for router in IPv6 only network
2.  
3. > Environment:
4. >
5. > Router: ASUS ac66u_b1
6. >
7. > OS: asus merlin 384.3
8. >
9. > Shadowsocks: shadowsocks-libev 3.1(can support udp relay)
10.  
11. 1. Make sure router can connect to VPS via IPv6.
12.  
13. 2. Install shadowsocks-libev on VPS, start ss-server with IPv6 enabled and `-u` (udp relay).
14.  
15. 3. Install ss-redir on router(need to install entware first).
16.  
17. 4. Start ss-redir on router with `-u`.
18.  
19. ```
20. nohup ss-redir -s [VPS's ipv6 address] -p [shadowsocks's port] -m [encrypt method] -k [password] -b 0.0.0.0 -l 1080 -u > /dev/null &
21. ```
22.  
23. 5. Enable TPROXY on router:
24.  
25. ```bash
26. modprobe ip_set
27. modprobe ip_set_hash_net
28. modprobe ip_set_hash_ip
29. modprobe xt_set
30. modprobe xt_TPROXY.ko
31. ```
32.  
33. 6. Configure iptables: (NOTE: Configurations below is used for IPv6 connection. If you use IPv4 connection, don't forget to set iptables to allow traffics to VPS, or network willl be unreachable)
34.  
35. ```bash
36. # TCP rules
37. iptables -t nat -N SHADOWSOCKS_TCP
38. # Uncomment line below on ipv4 environment
39. # iptables -t nat -A SHADOWSOCKS -d [VPS's ipv4 address] -j RETURN
40. iptables -t nat -A SHADOWSOCKS_TCP -d 0.0.0.0/8 -j RETURN
41. iptables -t nat -A SHADOWSOCKS_TCP -d 10.0.0.0/8 -j RETURN
42. iptables -t nat -A SHADOWSOCKS_TCP -d 127.0.0.0/8 -j RETURN
43. iptables -t nat -A SHADOWSOCKS_TCP -d 169.254.0.0/16 -j RETURN
44. iptables -t nat -A SHADOWSOCKS_TCP -d 172.16.0.0/12 -j RETURN
45. iptables -t nat -A SHADOWSOCKS_TCP -d 192.168.0.0/16 -j RETURN
46. iptables -t nat -A SHADOWSOCKS_TCP -d 224.0.0.0/4 -j RETURN
47. iptables -t nat -A SHADOWSOCKS_TCP -d 240.0.0.0/4 -j RETURN
48. iptables -t nat -A SHADOWSOCKS_TCP -p tcp -j REDIRECT --to-ports 1080
49. iptables -t nat -I PREROUTING 1 -p tcp -j SHADOWSOCKS_TCP
50. iptables -t nat -I OUTPUT 1 -p tcp -j SHADOWSOCKS_TCP
51.  
52. # UDP rules
53. iptables -t mangle -N SHADOWSOCKS_UDP
54. iptables -t mangle -N SHADOWSOCKS_MARK
55. ip rule add fwmark 1 lookup 100
56. ip route add local default dev lo table 100
57. # Uncomment line below on ipv4 environment
58. # iptables -t nat -A SHADOWSOCKS_MARK -d [VPS's ipv4 address] -j RETURN
59. iptables -t mangle -A SHADOWSOCKS_MARK -d 0.0.0.0/8 -j RETURN
60. iptables -t mangle -A SHADOWSOCKS_MARK -d 10.0.0.0/8 -j RETURN
61. iptables -t mangle -A SHADOWSOCKS_MARK -d 127.0.0.0/8 -j RETURN
62. iptables -t mangle -A SHADOWSOCKS_MARK -d 169.254.0.0/16 -j RETURN
63. iptables -t mangle -A SHADOWSOCKS_MARK -d 172.16.0.0/12 -j RETURN
64. iptables -t mangle -A SHADOWSOCKS_MARK -d 192.168.0.0/16 -j RETURN
65. iptables -t mangle -A SHADOWSOCKS_MARK -d 224.0.0.0/4 -j RETURN
66. iptables -t mangle -A SHADOWSOCKS_MARK -d 240.0.0.0/4 -j RETURN
67. # Uncomment line below on ipv4 environment
68. # iptables -t nat -A SHADOWSOCKS_UDP -d [VPS's ipv4 address] -j RETURN
69. iptables -t mangle -A SHADOWSOCKS_UDP -d 0.0.0.0/8 -j RETURN
70. iptables -t mangle -A SHADOWSOCKS_UDP -d 10.0.0.0/8 -j RETURN
71. iptables -t mangle -A SHADOWSOCKS_UDP -d 127.0.0.0/8 -j RETURN
72. iptables -t mangle -A SHADOWSOCKS_UDP -d 169.254.0.0/16 -j RETURN
73. iptables -t mangle -A SHADOWSOCKS_UDP -d 172.16.0.0/12 -j RETURN
74. iptables -t mangle -A SHADOWSOCKS_UDP -d 192.168.0.0/16 -j RETURN
75. iptables -t mangle -A SHADOWSOCKS_UDP -d 224.0.0.0/4 -j RETURN
76. iptables -t mangle -A SHADOWSOCKS_UDP -d 240.0.0.0/4 -j RETURN
77. iptables -t mangle -A SHADOWSOCKS_MARK -p udp -d 8.8.8.8 --dport 53 -j MARK --set-mark 1
78. iptables -t mangle -A SHADOWSOCKS_UDP -p udp --dport 53 -j TPROXY --on-port 1080 --on-ip 192.168.50.1 --tproxy-mark 0x01/0x01
79. iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS_UDP
80. iptables -t mangle -A OUTPUT -p udp -j SHADOWSOCKS_MARK
81. ```
82.  
83. ​