chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2026-01-12 04:39:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

modules.services.xray: do not proxy sslvpn.xmu.edu.cn

Browse Source
This commit is contained in:
陈浩南
2025-03-15 14:35:13 +08:00
parent 801c0c1669
commit d47674e768
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/services/xmuvpn/default.nix
View File

@@ -51,7 +51,7 @@ inputs:
wantedBy = [ "multi-user.target" ];
serviceConfig =
{
ExecStart = "${inputs.pkgs.tcping-go}/bin/tcping office.chn.moe 22 -c 0 -I 1s -H";
ExecStart = "${inputs.pkgs.tcping-go}/bin/tcping office.chn.moe 22 -c 0 -I 10s -H";
Restart = "always";
};
};

7
modules/services/xray.nix
View File

@@ -255,6 +255,8 @@ inputs:
"${ipset} create xmu_net hash:net"
"${ipset} create noproxy_net hash:net"
"${ipset} add noproxy_net 223.5.5.5"
# sslvpn.xmu.edu.cn
"${ipset} add noproxy_net 121.192.178.179"
"${ipset} create noproxy_src_net hash:net"
"${ipset} create noproxy_port bitmap:port range 0-65535"
"${ipset} create proxy_net hash:net"
@@ -272,8 +274,9 @@ inputs:
"-m set --match-set noproxy_src_net src -j RETURN"
"-m set --match-set noproxy_net dst -j RETURN"
"-m set --match-set noproxy_port src -j RETURN"
"-m set --match-set xmu_net dst -p tcp -j TPROXY --on-port ${xmuPort} --tproxy-mark 1/1"
"-m set --match-set xmu_net dst -p udp -j TPROXY --on-port ${xmuPort} --tproxy-mark 1/1"
# if source from docker, do not redirect xmunet
"! -s 172.16.0.0/12 -m set --match-set xmu_net dst -p tcp -j TPROXY --on-port ${xmuPort} --tproxy-mark 1/1"
"! -s 172.16.0.0/12 -m set --match-set xmu_net dst -p udp -j TPROXY --on-port ${xmuPort} --tproxy-mark 1/1"
"-m set --match-set proxy_net dst -p tcp -j TPROXY --on-port ${proxyPort} --tproxy-mark 1/1"
"-m set --match-set proxy_net dst -p udp -j TPROXY --on-port ${proxyPort} --tproxy-mark 1/1"
"-m set --match-set lo_net dst -j RETURN"