#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2011 OpenWrt.org
# ref http://ipset.netfilter.org/ipset.man.html

START=95

SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1

start() {
	echo starting ss-redir...
    service_start /opt/bin/ss-redir -c /etc/shadowsocks.json
	echo loading firewall rules...
    ipset create gfwlist hash:ip counters timeout 1200
	iptables -t nat -A zone_lan_prerouting -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081
	echo done.
}

stop() {
	echo stopping ss-redir...
    service_stop /opt/bin/ss-redir
	echo restarting firewall...
    /etc/init.d/firewall restart
	echo done.
}