Created
July 2, 2022 11:27
-
-
Save dagrons/ddabe32a5a750dc10d13ea884d70ba2f to your computer and use it in GitHub Desktop.
iptables.rules for clash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by iptables-save v1.8.7 on Sat May 28 03:15:57 2022 | |
| *raw | |
| :PREROUTING ACCEPT [10334:1353326] | |
| :OUTPUT ACCEPT [9660:1339648] | |
| COMMIT | |
| # Completed on Sat May 28 03:15:57 2022 | |
| # Generated by iptables-save v1.8.7 on Sat May 28 03:15:57 2022 | |
| *nat | |
| :PREROUTING ACCEPT [3:180] | |
| :INPUT ACCEPT [0:0] | |
| :OUTPUT ACCEPT [77:6991] | |
| :POSTROUTING ACCEPT [78:7051] | |
| :CLASH_DNS_EXTERNAL - [0:0] | |
| :CLASH_DNS_LOCAL - [0:0] | |
| :CLASH_EXTERNAL - [0:0] | |
| :CLASH_LOCAL - [0:0] | |
| -A PREROUTING -p udp -j CLASH_DNS_EXTERNAL | |
| -A PREROUTING -p tcp -j CLASH_EXTERNAL | |
| -A OUTPUT -p udp -j CLASH_DNS_LOCAL | |
| -A OUTPUT -p tcp -j CLASH_LOCAL | |
| -A CLASH_DNS_EXTERNAL -p udp -m udp ! --dport 53 -j RETURN | |
| -A CLASH_DNS_EXTERNAL -p udp -j REDIRECT --to-ports 1053 | |
| -A CLASH_DNS_LOCAL -p udp -m udp ! --dport 53 -j RETURN | |
| -A CLASH_DNS_LOCAL -m owner --uid-owner clash -j RETURN | |
| -A CLASH_DNS_LOCAL -p udp -j REDIRECT --to-ports 1053 | |
| -A CLASH_EXTERNAL -d 0.0.0.0/8 -j RETURN | |
| -A CLASH_EXTERNAL -d 127.0.0.0/8 -j RETURN | |
| -A CLASH_EXTERNAL -d 224.0.0.0/4 -j RETURN | |
| -A CLASH_EXTERNAL -d 172.16.0.0/12 -j RETURN | |
| -A CLASH_EXTERNAL -d 127.0.0.0/8 -j RETURN | |
| -A CLASH_EXTERNAL -d 169.254.0.0/16 -j RETURN | |
| -A CLASH_EXTERNAL -d 240.0.0.0/4 -j RETURN | |
| -A CLASH_EXTERNAL -d 192.168.0.0/16 -j RETURN | |
| -A CLASH_EXTERNAL -d 10.0.0.0/8 -j RETURN | |
| -A CLASH_EXTERNAL -p tcp -j REDIRECT --to-ports 7892 | |
| -A CLASH_LOCAL -m owner --uid-owner clash -j RETURN | |
| -A CLASH_LOCAL -d 0.0.0.0/8 -j RETURN | |
| -A CLASH_LOCAL -d 127.0.0.0/8 -j RETURN | |
| -A CLASH_LOCAL -d 224.0.0.0/4 -j RETURN | |
| -A CLASH_LOCAL -d 172.16.0.0/12 -j RETURN | |
| -A CLASH_LOCAL -d 127.0.0.0/8 -j RETURN | |
| -A CLASH_LOCAL -d 169.254.0.0/16 -j RETURN | |
| -A CLASH_LOCAL -d 240.0.0.0/4 -j RETURN | |
| -A CLASH_LOCAL -d 192.168.0.0/16 -j RETURN | |
| -A CLASH_LOCAL -d 10.0.0.0/8 -j RETURN | |
| -A CLASH_LOCAL -p tcp -j REDIRECT --to-ports 7892 | |
| COMMIT | |
| # Completed on Sat May 28 03:15:57 2022 | |
| # Generated by iptables-save v1.8.7 on Sat May 28 03:15:57 2022 | |
| *filter | |
| :INPUT ACCEPT [10384:1371790] | |
| :FORWARD ACCEPT [0:0] | |
| :OUTPUT ACCEPT [9775:1355522] | |
| COMMIT | |
| # Completed on Sat May 28 03:15:57 2022 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment