/data/local/test.sh stop 203.76.240.135 25245 u0_a12; iptables -F; iptables -t nat -F;
/data/local/test.sh start 203.76.240.135 58582 u0_a12
iptables -A OUTPUT -p tcp -d 203.76.240.135 -j ACCEPT; iptables -A INPUT -p tcp --dport 8123 -j ACCEPT;
iptables -nxvL INPUT;iptables -nxvL OUTPUT;iptables -t nat -nxvL OUTPUT;
注: REDIRECT本地端口 会导致流量重新进入INPUT OUTPUT链
成倍数关系.
提供一份最简单的s5,需要root
DIR=/data/local
proxy_port=8123
host=$2
port=$3
case $1 in
start)
echo "
base {
log_debug = off;
log_info = off;
log = stderr;
daemon = on;
redirector = iptables;
}
redsocks {
local_ip = 0.0.0.0;
local_port = $proxy_port;
ip = $host;
port = $port;
type = socks5;
}
" >$DIR/redsocks.conf
$DIR/redsocks -p $DIR/redsocks.pid -c $DIR/redsocks.conf
iptables -t nat -A OUTPUT -p tcp -d $host -j RETURN
iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-ports $proxy_port
;;
stop)
iptables -t nat -F OUTPUT
kill -9 `cat $DIR/redsocks.pid`
rm $DIR/redsocks.pid
rm $DIR/redsocks.conf
esac