iptables - 图1
    iptables - 图2

    1. /data/local/test.sh stop 203.76.240.135 25245    u0_a12; iptables -F;  iptables -t nat -F; 
    2. /data/local/test.sh start  203.76.240.135 58582   u0_a12
    3. iptables -A OUTPUT  -p tcp -d 203.76.240.135 -j ACCEPT; iptables  -A INPUT -p tcp  --dport 8123  -j ACCEPT; 
    4. iptables -nxvL INPUT;iptables -nxvL OUTPUT;iptables -t nat  -nxvL OUTPUT;

    注: REDIRECT本地端口 会导致流量重新进入INPUT OUTPUT链
    成倍数关系.
    iptables - 图3

    提供一份最简单的s5,需要root

    1. DIR=/data/local
    2. proxy_port=8123
    3. host=$2
    4. port=$3
    6. case $1 in
    7.  start)
    9. echo "
    10. base {
    11.  log_debug = off;
    12.  log_info = off;
    13.  log = stderr;
    14.  daemon = on;
    15.  redirector = iptables;
    16. }
    18. redsocks {
    19.  local_ip = 0.0.0.0;
    20.  local_port = $proxy_port;
    21.  ip = $host;
    22.  port = $port;
    23.  type = socks5;
    24.  }
    26. " >$DIR/redsocks.conf
    28.  $DIR/redsocks -p $DIR/redsocks.pid -c $DIR/redsocks.conf
    29.  iptables -t nat -A OUTPUT -p tcp -d $host -j RETURN
    30.  iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-ports $proxy_port
    32.  ;;
    33. stop)
    34.   iptables -t nat -F OUTPUT 
    35.   kill -9 `cat $DIR/redsocks.pid`
    36.   rm $DIR/redsocks.pid
    37.   rm $DIR/redsocks.conf
    38. esac