Comment out TPROXY rule for TCP in iptables setup script to prevent unintended behavior

2025-12-27 17:26:16 +03:00
parent 54296bf161
commit 4126234efc
1 changed files with 2 additions and 2 deletions
--- a/scripts/iptables-mihomo-setup.sh
+++ b/scripts/iptables-mihomo-setup.sh
@@ -109,7 +109,7 @@ ipt -t mangle -A MIHOMO_TPROXY -d 172.16.0.0/12 -j RETURN
 ipt -t mangle -A MIHOMO_TPROXY -d 127.0.0.0/8 -j RETURN

 # TProxy Targets
-ipt -t mangle -A MIHOMO_TPROXY -p tcp -j TPROXY --on-port "${TPROXY_PORT}" --tproxy-mark "${FW_MARK}/${FW_MARK}"
+# ipt -t mangle -A MIHOMO_TPROXY -p tcp -j TPROXY --on-port "${TPROXY_PORT}" --tproxy-mark "${FW_MARK}/${FW_MARK}"
 ipt -t mangle -A MIHOMO_TPROXY -p udp -j TPROXY --on-port "${TPROXY_PORT}" --tproxy-mark "${FW_MARK}/${FW_MARK}"

 # Apply to OUTPUT (Local)
@@ -119,7 +119,7 @@ done
 ipt -t mangle -A OUTPUT -m owner --uid-owner "${MIHOMO_UID}" -m comment --comment "MIHOMO-EXCLUDE" -j RETURN

 # Mark packets
-ipt -t mangle -A OUTPUT -p tcp -m comment --comment "MIHOMO-MARK" -j MARK --set-mark "${FW_MARK}"
+# ipt -t mangle -A OUTPUT -p tcp -m comment --comment "MIHOMO-MARK" -j MARK --set-mark "${FW_MARK}"
 ipt -t mangle -A OUTPUT -p udp -m comment --comment "MIHOMO-MARK" -j MARK --set-mark "${FW_MARK}"

 # Apply to PREROUTING (wt0 Ingress)