xiocode · May 6, 2019 04:42
diff --git a/clash.sh b/clash.sh
 #!/bin/sh /etc/rc.common
 # Copyright (C) 2009-2010 OpenWrt.org

 START=99
 STOP=15

 SERVICE_USE_PID=1


 CLASH="/etc/clash/clash"
 CLASH_CONFIG="/etc/clash"
 DNSSERVER="127.0.0.1#5858"
 start() {
        # 启动 Clash
        $CLASH -d "$CLASH_CONFIG" > /dev/null 2>&1 &
        
        sleep 2
        
        # 设置 iptables
        iptables -t nat -N CLASH
        
        # 8080 是 ss 代理服务器的端口，即远程 CLASH 服务器提供服务的端口，如果你有多个 ip 可用,但端口一致，就设置这个
        iptables -t nat -A CLASH -p tcp --dport 8080 -j RETURN
        
        # 192.192.192.192 是 CLASH 代理服务器的 ip, 如果你只有一个 CLASH服务器的 ip，却能选择不同端口,就设置此条
        iptables -t nat -A CLASH -d 192.192.192.192 -j RETURN
        
        # 保留地址、私有地址、回环地址 不走代理
        iptables -t nat -A CLASH -d 0.0.0.0/8 -j RETURN
        iptables -t nat -A CLASH -d 10.0.0.0/8 -j RETURN
        iptables -t nat -A CLASH -d 127.0.0.0/8 -j RETURN
        iptables -t nat -A CLASH -d 169.254.0.0/16 -j RETURN
        iptables -t nat -A CLASH -d 172.16.0.0/12 -j RETURN
        iptables -t nat -A CLASH -d 192.168.0.0/16 -j RETURN
        iptables -t nat -A CLASH -d 224.0.0.0/4 -j RETURN
        iptables -t nat -A CLASH -d 240.0.0.0/4 -j RETURN
        
        # 7892是clash_redir端口
        iptables -t nat -A CLASH -p tcp -j REDIRECT --to-ports 7892
        
        iptables -t nat -A PREROUTING -p tcp -j CLASH
                
        sleep 2
        
        #修改dnsmasq
        uci delete dhcp.@dnsmasq[0].server
        uci add_list dhcp.@dnsmasq[0].server=$DNSSERVER
        uci delete dhcp.@dnsmasq[0].resolvfile
        uci set dhcp.@dnsmasq[0].noresolv=1
        uci commit dhcp
        /etc/init.d/dnsmasq restart > /dev/null 2>&1 &
 }

 stop() {
        # 清除 iptables
        iptables -t nat -D PREROUTING -p tcp -j CLASH
        iptables -t nat -F CLASH
        iptables -t nat -X CLASH
        
        #还原dnsmasq修改
        uci delete dhcp.@dnsmasq[0].server
        uci delete dhcp.@dnsmasq[0].resolvfile
        uci delete dhcp.@dnsmasq[0].noresolv
        uci commit dhcp
        /etc/init.d/dnsmasq restart > /dev/null 2>&1 &
        
        sleep 1
        # 关闭 Clash
        kill -9 `pidof clash|sed "s/$//g"` 2>/dev/null
        
 }
	#!/bin/sh /etc/rc.common
	# Copyright (C) 2009-2010 OpenWrt.org

	START=99
	STOP=15

	SERVICE_USE_PID=1


	CLASH="/etc/clash/clash"
	CLASH_CONFIG="/etc/clash"
	DNSSERVER="127.0.0.1#5858"
	start() {
	# 启动 Clash
	$CLASH -d "$CLASH_CONFIG" > /dev/null 2>&1 &

	sleep 2

	# 设置 iptables
	iptables -t nat -N CLASH

	# 8080 是 ss 代理服务器的端口，即远程 CLASH 服务器提供服务的端口，如果你有多个 ip 可用,但端口一致，就设置这个
	iptables -t nat -A CLASH -p tcp --dport 8080 -j RETURN

	# 192.192.192.192 是 CLASH 代理服务器的 ip, 如果你只有一个 CLASH服务器的 ip，却能选择不同端口,就设置此条
	iptables -t nat -A CLASH -d 192.192.192.192 -j RETURN

	# 保留地址、私有地址、回环地址不走代理
	iptables -t nat -A CLASH -d 0.0.0.0/8 -j RETURN
	iptables -t nat -A CLASH -d 10.0.0.0/8 -j RETURN
	iptables -t nat -A CLASH -d 127.0.0.0/8 -j RETURN
	iptables -t nat -A CLASH -d 169.254.0.0/16 -j RETURN
	iptables -t nat -A CLASH -d 172.16.0.0/12 -j RETURN
	iptables -t nat -A CLASH -d 192.168.0.0/16 -j RETURN
	iptables -t nat -A CLASH -d 224.0.0.0/4 -j RETURN
	iptables -t nat -A CLASH -d 240.0.0.0/4 -j RETURN

	# 7892是clash_redir端口
	iptables -t nat -A CLASH -p tcp -j REDIRECT --to-ports 7892

	iptables -t nat -A PREROUTING -p tcp -j CLASH

	sleep 2

	#修改dnsmasq
	uci delete dhcp.@dnsmasq[0].server
	uci add_list dhcp.@dnsmasq[0].server=$DNSSERVER
	uci delete dhcp.@dnsmasq[0].resolvfile
	uci set dhcp.@dnsmasq[0].noresolv=1
	uci commit dhcp
	/etc/init.d/dnsmasq restart > /dev/null 2>&1 &
	}

	stop() {
	# 清除 iptables
	iptables -t nat -D PREROUTING -p tcp -j CLASH
	iptables -t nat -F CLASH
	iptables -t nat -X CLASH

	#还原dnsmasq修改
	uci delete dhcp.@dnsmasq[0].server
	uci delete dhcp.@dnsmasq[0].resolvfile
	uci delete dhcp.@dnsmasq[0].noresolv
	uci commit dhcp
	/etc/init.d/dnsmasq restart > /dev/null 2>&1 &

	sleep 1
	# 关闭 Clash
	kill -9 `pidof clash\|sed "s/$//g"` 2>/dev/null

	}