xnullzz
79 lines
2.4 KiB
Bash
79 lines
2.4 KiB
Bash
#!/usr/bin/env bash
|
|
set -e
|
|
|
|
SECOND_IP="$1"
|
|
[ -z "$SECOND_IP" ] && echo "Usage: $0 SECOND_IP" && exit 1
|
|
[ "$(id -u)" -ne 0 ] && echo "Run as root" && exit 1
|
|
|
|
DEFAULT_LINE=$(ip route show default | head -n1)
|
|
GATEWAY=$(echo "$DEFAULT_LINE" | awk '{for(i=1;i<=NF;i++){if($i=="via"){print $(i+1); exit}}}')
|
|
DEV=$(echo "$DEFAULT_LINE" | awk '{for(i=1;i<=NF;i++){if($i=="dev"){print $(i+1); exit}}}')
|
|
|
|
systemctl list-unit-files | grep -q '^x-ui.service' || { echo "x-ui.service not found"; exit 1; }
|
|
|
|
[ ! -f /etc/systemd/system/xray.slice ] && cat <<EOF >/etc/systemd/system/xray.slice
|
|
[Unit]
|
|
Description=Xray traffic slice
|
|
Before=slices.target
|
|
EOF
|
|
|
|
mkdir -p /etc/systemd/system/x-ui.service.d
|
|
cat <<EOF >/etc/systemd/system/x-ui.service.d/slice.conf
|
|
[Service]
|
|
Slice=xray.slice
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl restart x-ui.service
|
|
|
|
iptables -t mangle -C OUTPUT -m cgroup --path xray.slice -j MARK --set-mark 1 2>/dev/null || \
|
|
iptables -t mangle -A OUTPUT -m cgroup --path xray.slice -j MARK --set-mark 1
|
|
|
|
iptables -t nat -C POSTROUTING -m mark --mark 1 -o "$DEV" -j SNAT --to-source "$SECOND_IP" 2>/dev/null || \
|
|
iptables -t nat -A POSTROUTING -m mark --mark 1 -o "$DEV" -j SNAT --to-source "$SECOND_IP"
|
|
|
|
grep -qE '^\s*100\s+xray\b' /etc/iproute2/rt_tables 2>/dev/null || echo "100 xray" >> /etc/iproute2/rt_tables
|
|
|
|
ip rule del fwmark 1 table 100 2>/dev/null || true
|
|
ip rule add fwmark 1 table 100
|
|
ip route flush table 100 2>/dev/null || true
|
|
ip route add default via "$GATEWAY" dev "$DEV" src "$SECOND_IP" table 100
|
|
|
|
sysctl -w net.core.default_qdisc=fq >/dev/null
|
|
sysctl -w net.ipv4.tcp_congestion_control=bbr >/dev/null
|
|
grep -q 'net.core.default_qdisc=fq' /etc/sysctl.conf 2>/dev/null || cat <<EOF >>/etc/sysctl.conf
|
|
net.core.default_qdisc=fq
|
|
net.ipv4.tcp_congestion_control=bbr
|
|
EOF
|
|
sysctl -p >/dev/null || true
|
|
|
|
cat <<EOF >/usr/local/sbin/xray-routing.sh
|
|
#!/bin/bash
|
|
ip rule add fwmark 1 table 100 2>/dev/null || true
|
|
ip route add default via "$GATEWAY" dev "$DEV" src "$SECOND_IP" table 100 2>/dev/null || true
|
|
EOF
|
|
|
|
chmod +x /usr/local/sbin/xray-routing.sh
|
|
|
|
cat <<EOF >/etc/systemd/system/xray-routing.service
|
|
[Unit]
|
|
Description=Policy routing for Xray dual-IP
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/local/sbin/xray-routing.sh
|
|
RemainAfterExit=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable xray-routing.service
|
|
systemctl start xray-routing.service
|
|
|
|
echo "OK: $SECOND_IP active"
|
|
|