Cokebar Chi
Cokebar Chi
有个人给我反映使用你wiki中的方法,把那条iptables加到`/etc/firewall.user`,路由器开机无法翻墙。 开机时候,/etc/firewall.user执行的时候可能ss-rules还没执行,SS_SPEC_XXX_XX的链可能还没建立,所以可能导致语句执行出错。即使ss-rules早于/etc/firewall.user执行,但/etc/config/firewall中,下面还有一个shadowsocks.include,这条也会导致之前添加的`iptables -t nat -I SS_SPEC_WAN_AC 1 -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW`被删掉。 所以,对于合理地完成开机自启动, @aa65535 你有什么建议么
@sotux gfwlist模式下 udp relay 意义不大
@legendchi 不知道下面这种方法行不行,没测试 编写一个脚本,内容为你需要在wan口重连后执行的命令,然后在/etc/config/firewall的末尾添加: ``` config include 'yourscriptname' option type 'script' option path '/path/to/yourscript' option reload '1' ```
same with you
maybe you can try to use pdnsd as a TCP DNS upstreaming sevice. dnsmasq→ChinaDNS→pdnsd→(TCP)→DNS server abroad. I have a similar phenomena few weeks ago. (Now it disapears) In those days...
Technically no problem. But the problem is I do not have time doing this recently. PR is welcomed.
@fanthos If these domains are not included in this gfwlist2dnsmasq rule file, default DNS set in dnsmasq will be used. So there's no need to proceed theses domains.
@fanthos Please use this instead: https://github.com/felixonmars/dnsmasq-china-list/blob/master/google.china.conf refer to #5. And process these rules from gfwlist is impossible, It will cause problems. eg: share.dmhy.org @@|https://share.dmhy.org In Gfwlist, http / https connection...
Whitelist mode now is minority. But Many IPs are being blocked temporarily or permanently. Does everyone has a study on GFW's blocking policy?