From db157e35d9ce9213f8a80a574d95f5ec9bb2f2e5 Mon Sep 17 00:00:00 2001
From: chn <chn@chn.moe>
Date: Wed, 12 Nov 2025 12:21:33 +0800
Subject: [PATCH] modules.services.nginx/xray: fix routing policy rule priority

---
 modules/services/nginx/transparentProxy.nix | 6 +++---
 modules/services/xray/client.nix            | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/services/nginx/transparentProxy.nix b/modules/services/nginx/transparentProxy.nix
index 774968cc..551f4caa 100644
--- a/modules/services/nginx/transparentProxy.nix
+++ b/modules/services/nginx/transparentProxy.nix
@@ -47,12 +47,12 @@ inputs:
             ip = "${inputs.pkgs.iproute2}/bin/ip";
             start = inputs.pkgs.writeShellScript "nginx-proxy.start"
             ''
-              ${ip} rule add fwmark 2/2 table 200
+              ${ip} rule add fwmark 2/2 table 200 priority 5001
               ${ip} route add local 0.0.0.0/0 dev lo table 200
             '';
             stop = inputs.pkgs.writeShellScript "nginx-proxy.stop"
             ''
-              ${ip} rule del fwmark 2/2 table 200
+              ${ip} rule del fwmark 2/2 table 200 priority 5001
               ${ip} route del local 0.0.0.0/0 dev lo table 200
             '';
           in
@@ -76,7 +76,7 @@ inputs:
         {
           matchConfig.Name = "lo";
           routes = [{ Table = 200; Destination = "0.0.0.0/0"; Type = "local"; }];
-          routingPolicyRules = [{ FirewallMark = "2/2"; Table = 200; }];
+          routingPolicyRules = [{ FirewallMark = "2/2"; Table = 200; Priority = 5001; }];
         };
       };
     };
diff --git a/modules/services/xray/client.nix b/modules/services/xray/client.nix
index 13a7a81e..81c54243 100644
--- a/modules/services/xray/client.nix
+++ b/modules/services/xray/client.nix
@@ -226,12 +226,12 @@ inputs:
               RemainAfterExit = true;
               ExecStart = inputs.pkgs.writeShellScript "v2ray-forwarder.start"
               ''
-                ${ip} rule add fwmark 1/1 table 100
+                ${ip} rule add fwmark 1/1 table 100 priority 5000
                 ${ip} route add local 0.0.0.0/0 dev lo table 100
               '';
               ExecStop = inputs.pkgs.writeShellScript "v2ray-forwarder.stop"
               ''
-                ${ip} rule del fwmark 1/1 table 100
+                ${ip} rule del fwmark 1/1 table 100 priority 5000
                 ${ip} route del local 0.0.0.0/0 dev lo table 100
               '';
             };
@@ -244,7 +244,7 @@ inputs:
         {
           matchConfig.Name = "lo";
           routes = [{ Table = 100; Destination = "0.0.0.0/0"; Type = "local"; }];
-          routingPolicyRules = [{ FirewallMark = "1/1"; Table = 100; }];
+          routingPolicyRules = [{ FirewallMark = "1/1"; Table = 100; Priority = 5000; }];
         };
       };
     };