first-commit

2023-05-15 16:49:09 +08:00
commit 06cba6ca3c
816 changed files with 157018 additions and 0 deletions
--- a/v2ray示例/斐讯K2P升级padavan固件/k2p的使用.iptables
+++ b/v2ray示例/斐讯K2P升级padavan固件/k2p的使用.iptables
@@ -0,0 +1,65 @@
+# 设置策略路由
+# 添加路由表 100
+sudo ip route add local default dev lo table 100
+# 为路由表 100 设定规则
+ip rule add fwmark 1 table 100
+
+
+# 创建XRAY过滤器链
+iptables -t mangle -N XRAY
+
+# 代理局域网设备
+iptables -t mangle -A XRAY -d 10.0.0.0/8 -j RETURN
+iptables -t mangle -A XRAY -d 100.64.0.0/10 -j RETURN
+iptables -t mangle -A XRAY -d 127.0.0.0/8 -j RETURN
+iptables -t mangle -A XRAY -d 169.254.0.0/16 -j RETURN
+iptables -t mangle -A XRAY -d 172.16.0.0/12 -j RETURN
+iptables -t mangle -A XRAY -d 192.0.0.0/24 -j RETURN
+iptables -t mangle -A XRAY -d 224.0.0.0/4 -j RETURN
+iptables -t mangle -A XRAY -d 240.0.0.0/4 -j RETURN
+iptables -t mangle -A XRAY -d 255.255.255.255/32 -j RETURN
+
+# 直连局域网，避免 XRAY 无法启动时无法连网关的 SSH，如果你配置的是其他网段（如 10.x.x.x 等），则修改成自己的
+iptables -t mangle -A XRAY -d 10.10.10.0/24 -p tcp -j RETURN
+
+# 直连局域网，53 端口除外（因为要使用 XRAY 的 DNS)
+iptables -t mangle -A XRAY -d 10.10.10.0/24 -p udp ! --dport 53 -j RETURN
+
+# 直连 SO_MARK 为 0xff 的流量(0xff 是 16 进制数，数值上等同与上面XRAY 配置的 255)，此规则目的是解决XRAY占用大量CPU（https://github.com/XRAY/XRAY-core/issues/2621）
+#iptables -t mangle -A XRAY -j RETURN -m mark --mark 0xff
+
+# 给 UDP 打标记 1，转发至 12345 端口
+iptables -t mangle -A XRAY -p udp -j TPROXY  --on-port 12345 --tproxy-mark 1
+# 给 TCP 打标记 1，转发至 12345 端口
+iptables -t mangle -A XRAY -p tcp -j TPROXY  --on-port 12345 --tproxy-mark 1
+# 应用规则
+iptables -t mangle -A PREROUTING -j XRAY
+
+
+# 代理网关本机
+iptables -t mangle -N XRAY_SELF
+iptables -t mangle -A XRAY_SELF -d 10.0.0.0/8 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 100.64.0.0/10 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 127.0.0.0/8 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 169.254.0.0/16 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 172.16.0.0/12 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 192.0.0.0/24 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 224.0.0.0/4 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 240.0.0.0/4 -j RETURN
+iptables -t mangle -A XRAY_SELF -d 255.255.255.255/32 -j RETURN
+
+iptables -t mangle -A XRAY_SELF -d 10.10.10.0/24 -p tcp -j RETURN # 直连局域网
+ # 直连局域网，53 端口除外（因为要使用 XRAY 的 DNS）
+iptables -t mangle -A XRAY_SELF -d 10.10.10.0/24 -p udp ! --dport 53 -j RETURN
+
+ # 直连 SO_MARK 为 0xff 的流量(0xff 是 16 进制数，数值上等同与上面XRAY 配置的 255)，此规则目的是避免代理本机(网关)流量出现回环问题
+#iptables -t mangle -A XRAY_SELF -m mark --mark 0xff -j RETURN
+
+iptables -t mangle -A XRAY_SELF -m mark --mark 2 -j RETURN
+
+# 给 UDP 打标记，重路由
+iptables -t mangle -A XRAY_SELF -p udp -j MARK --set-mark 1
+# 给 TCP 打标记，重路由
+iptables -t mangle -A XRAY_SELF -p tcp -j MARK --set-mark 1
+# 应用规则
+iptables -t mangle -A OUTPUT -j XRAY_SELF
--- a/v2ray示例/斐讯K2P升级padavan固件/v2ray配置-透明代理.json
+++ b/v2ray示例/斐讯K2P升级padavan固件/v2ray配置-透明代理.json
@@ -0,0 +1,200 @@
+{
+  "log": {
+    "loglevel": "warning"
+  },
+  "inbounds": [
+    {
+      "tag": "all-in",
+      "port": 12345,
+      "protocol": "dokodemo-door",
+      "settings": {
+        "network": "tcp,udp",
+        "followRedirect": true
+      },
+      "sniffing": {
+        "enabled": true,
+        "destOverride": [
+          "http",
+          "tls"
+        ]
+      },
+      "streamSettings": {
+        "sockopt": {
+          "tproxy": "tproxy"
+        }
+      }
+    },
+    {
+      "protocol": "socks",
+      "port": 22999,
+      "listen": "0.0.0.0",
+      "sniffing": {
+        "enabled": true,
+        "destOverride": [
+          "http",
+          "tls"
+        ]
+      },
+      "settings": {
+        "auth": "none",
+        "udp": true,
+        "userLevel": 10
+      },
+      "streamSettings": {
+        "sockopt": {
+          "tproxy": "tproxy"
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "tag": "direct",
+      "protocol": "freedom",
+      "settings": {
+        "domainStrategy": "UseIPv4"
+      },
+      "streamSettings": {
+        "sockopt": {
+          "mark": 2
+        }
+      }
+    },
+    {
+      "tag": "proxy",
+      "protocol": "vless",
+      "settings": {
+        "vnext": [
+          {
+            "address": "43.154.83.213",
+            "port": 29999,
+            "users": [
+              {
+                "id": "fc903f5d-a007-482b-928c-570da9a851f9",
+                "alterId": 0,
+                "email": "192.168.11.19@qq.com",
+                "security": "auto",
+                "encryption": "none",
+                "flow": "xtls-rprx-direct"
+              }
+            ]
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "xtls",
+        "xtlsSettings": {
+          "serverName": "tencent-hk-11.17.107421.xyz",
+          "allowInsecure": true,
+          "rejectUnknownSni": false,
+          "alpn": [
+            "h2",
+            "http/1.1"
+          ],
+          "minVersion": "1.2",
+          "maxVersion": "1.3"
+        },
+        "sockopt": {
+          "mark": 2
+        }
+      }
+    },
+    {
+      "tag": "block",
+      "protocol": "blackhole",
+      "settings": {
+        "response": {
+          "type": "http"
+        }
+      }
+    },
+    {
+      "tag": "dns-out",
+      "protocol": "dns",
+      "settings": {
+        "address": "8.8.8.8"
+      },
+      "proxySettings": {
+        "tag": "proxy"
+      },
+      "streamSettings": {
+        "sockopt": {
+          "mark": 2
+        }
+      }
+    }
+  ],
+  "dns": {
+    "hosts": {
+      "icederce.io": "192.168.11.19"
+    },
+    "servers": [
+      {
+        "address": "223.5.5.5",
+        "port": 53,
+        "domains": [
+          "geosite:cn"
+        ],
+        "expectIPs": [
+          "geoip:cn"
+        ]
+      },
+      {
+        "address": "119.29.29.29",
+        "port": 53,
+        "domains": [
+          "geosite:cn"
+        ],
+        "expectIPs": [
+          "geoip:cn"
+        ]
+      },
+      "8.8.8.8",
+      "1.1.1.1",
+      "https+local://doh.dns.sb/dns-query"
+    ]
+  },
+  "routing": {
+    "domainStrategy": "IPIfNonMatch",
+    "rules": [
+      {
+        "type": "field",
+        "inboundTag": [
+          "all-in"
+        ],
+        "port": 53,
+        "outboundTag": "dns-out"
+      },
+      {
+        "type": "field",
+        "ip": [
+          "8.8.8.8",
+          "1.1.1.1"
+        ],
+        "outboundTag": "proxy"
+      },
+      {
+        "type": "field",
+        "domain": [
+          "geosite:category-ads-all"
+        ],
+        "outboundTag": "block"
+      },
+      {
+        "type": "field",
+        "domain": [
+          "geosite:geolocation-!cn"
+        ],
+        "outboundTag": "proxy"
+      },
+      {
+        "type": "field",
+        "domains": [
+          "geosite:cn"
+        ],
+        "outboundTag": "direct"
+      }
+    ]
+  }
+}