forked from Myts2/redsocks-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
redsocks-fw.sh
54 lines (43 loc) · 1.38 KB
/
redsocks-fw.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#!/bin/sh
##########################
# Setup the Firewall rules
##########################
fw_setup() {
# First we added a new chain called 'REDSOCKS' to the 'nat' table.
iptables -t nat -N REDSOCKS
# Next we used "-j RETURN" rules for the networks we don’t want to use a proxy.
while read item; do
iptables -t nat -A REDSOCKS -d $item -j RETURN
done < /etc/redsocks-whitelist.txt
# Redirect all TCP traffic to redsocks and all dns traffic to internal dns.
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345
iptables -t nat ! -d 114.114.114.114 -I REDSOCKS 1 -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:5533
# Every Traffic which is not the socks server as destination is getting redirected to redsocks.
iptables --table nat --append OUTPUT ! --destination "$socksip" --jump REDSOCKS
}
##########################
# Clear the Firewall rules
##########################
fw_clear() {
iptables-save | grep -v REDSOCKS | iptables-restore
#iptables -L -t nat --line-numbers
#iptables -t nat -D PREROUTING 2
}
case "$1" in
start)
echo -n "Setting REDSOCKS firewall rules..."
fw_clear
fw_setup
echo "done."
;;
stop)
echo -n "Cleaning REDSOCKS firewall rules..."
fw_clear
echo "done."
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
exit 0