fix AutoIptables

This commit is contained in:
maze.y2b@gmail.com 2021-12-04 19:59:41 +08:00
parent 8580ee8898
commit eb999b3bf1
5 changed files with 29 additions and 34 deletions

View file

@ -2,40 +2,31 @@ NAME=Clash.Meta
BINDIR=bin BINDIR=bin
VERSION=$(shell git describe --tags || echo "unknown version") VERSION=$(shell git describe --tags || echo "unknown version")
BUILDTIME=$(shell date -u) BUILDTIME=$(shell date -u)
AUTOIPTABLES=Enable
GOBUILD=CGO_ENABLED=0 go build -trimpath -ldflags '-X "github.com/Dreamacro/clash/constant.Version=$(VERSION)" \ GOBUILD=CGO_ENABLED=0 go build -trimpath -ldflags '-X "github.com/Dreamacro/clash/constant.Version=$(VERSION)" \
-X "github.com/Dreamacro/clash/constant.BuildTime=$(BUILDTIME)" \ -X "github.com/Dreamacro/clash/constant.BuildTime=$(BUILDTIME)" \
-w -s -buildid=' -w -s -buildid='
GOBUILDOP=CGO_ENABLED=0 go build -trimpath -ldflags '-X "github.com/Dreamacro/clash/constant.Version=$(VERSION)" \ GOBUILDOP=CGO_ENABLED=0 go build -trimpath -ldflags '-X "github.com/Dreamacro/clash/constant.Version=$(VERSION)" \
-X "github.com/Dreamacro/clash/constant.BuildTime=$(BUILDTIME)" \ -X "github.com/Dreamacro/clash/constant.BuildTime=$(BUILDTIME)" \
-X "github.com/Dreamacro/clash/constant.OpenWrt:=true" \ -X "github.com/Dreamacro/clash/constant.AutoIptables=$(AUTOIPTABLES)" \
-w -s -buildid=' -w -s -buildid='
PLATFORM_LIST = \ PLATFORM_LIST = \
darwin-amd64 \ darwin-amd64 \
darwin-arm64 \ darwin-arm64 \
linux-386 \ linux-arm64 \
linux-amd64 \ linux-amd64 \
linux-armv5 \ linux-arm64-AutoIptables\
linux-armv6 \ linux-amd64-AutoIptables
linux-armv7 \
linux-armv8 \
linux-mips-softfloat \
linux-mips-hardfloat \
linux-mipsle-softfloat \
linux-mipsle-hardfloat \
linux-mips64 \
linux-mips64le \
freebsd-386 \
freebsd-amd64 \
freebsd-arm64
WINDOWS_ARCH_LIST = \ WINDOWS_ARCH_LIST = \
windows-386 \ windows-386 \
windows-amd64 \ windows-amd64
windows-arm32v7
all: linux-arm64-openwrt linux-amd64-openwrt linux-arm64 linux-amd64 darwin-amd64 darwin-arm64 windows-amd64 windows-386 # Most used
all: linux-arm64-AutoIptables linux-amd64-AutoIptables linux-arm64 linux-amd64 darwin-amd64 darwin-arm64 windows-amd64 windows-386 # Most used
docker: docker:
$(GOBUILD) -o $(BINDIR)/$(NAME)-$@ $(GOBUILD) -o $(BINDIR)/$(NAME)-$@
@ -52,13 +43,13 @@ linux-386:
linux-amd64: linux-amd64:
GOARCH=amd64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ GOARCH=amd64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@
linux-amd64-openwrt: linux-amd64-AutoIptables:
GOARCH=amd64 GOOS=linux $(GOBUILDOP) -o $(BINDIR)/$(NAME)-$@ GOARCH=amd64 GOOS=linux $(GOBUILDOP) -o $(BINDIR)/$(NAME)-$@
linux-arm64: linux-arm64:
GOARCH=arm64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ GOARCH=arm64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@
linux-arm64-openwrt: linux-arm64-AutoIptables:
GOARCH=arm64 GOOS=linux $(GOBUILDOP) -o $(BINDIR)/$(NAME)-$@ GOARCH=arm64 GOOS=linux $(GOBUILDOP) -o $(BINDIR)/$(NAME)-$@
linux-armv5: linux-armv5:

View file

@ -245,24 +245,25 @@ tproxy-port: 9898
tun: tun:
enable: false enable: false
``` ```
Create user given name `clash`. Create user given name `Clash.Meta`.
Run Clash by user `clash` as a daemon. Run Meta Kennel by user `Clash.Meta` as a daemon.
Create the systemd configuration file at /etc/systemd/system/clash.service: Create the systemd configuration file at /etc/systemd/system/clash.service:
``` ```
[Unit] [Unit]
Description=Clash daemon, A rule-based proxy in Go. Description=Clash.Meta daemon, A rule-based proxy in Go.
After=network.target After=network.target
[Service] [Service]
Type=simple Type=simple
User=clash User=Clash.Meta
Group=clash Group=Clash.Meta
CapabilityBoundingSet=cap_net_admin CapabilityBoundingSet=cap_net_admin
AmbientCapabilities=cap_net_admin AmbientCapabilities=cap_net_admin
Restart=always Restart=always
ExecStart=/usr/local/bin/clash -d /etc/clash ExecStart=/usr/local/bin/Clash.Meta -d /etc/Clash.Meta
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,8 +1,8 @@
package constant package constant
var ( var (
Meta = true Meta = true
Version = "1.8.0" Version = "1.8.0"
BuildTime = "unknown time" BuildTime = "unknown time"
OpenWrt bool AutoIptables string
) )

View file

@ -289,7 +289,8 @@ func patchSelectGroup(proxies map[string]C.Proxy) {
} }
func updateIPTables(dns *config.DNS, general *config.General) { func updateIPTables(dns *config.DNS, general *config.General) {
if runtime.GOOS != "linux" || dns.Listen == "" || general.TProxyPort == 0 || general.Tun.Enable || C.OpenWrt { AutoIptables := C.AutoIptables
if runtime.GOOS != "linux" || dns.Listen == "" || general.TProxyPort == 0 || general.Tun.Enable || AutoIptables != "Enable" {
return return
} }
@ -315,8 +316,8 @@ func updateIPTables(dns *config.DNS, general *config.General) {
func CleanUp() { func CleanUp() {
P.CleanUp() P.CleanUp()
AutoIptables := C.AutoIptables
if runtime.GOOS == "linux" && C.OpenWrt { if runtime.GOOS == "linux" && AutoIptables == "Enable" {
tproxy.CleanUpTProxyLinuxIPTables() tproxy.CleanUpTProxyLinuxIPTables()
} }
} }

View file

@ -28,7 +28,9 @@ func (ps *Process) Match(metadata *C.Metadata) bool {
return strings.EqualFold(metadata.Process, ps.process) return strings.EqualFold(metadata.Process, ps.process)
} }
// ignore match in proxy type "tproxy" // ignore match in proxy type "tproxy"
if metadata.Type == C.TPROXY || !C.OpenWrt { //if metadata.Type == C.TPROXY || !C.AutoIptables {
if C.AutoIptables == "Enable" {
return false return false
} }