#!/bin/sh
mount -o bind /jffs/opt /opt
mount -o bind /jffs/opt/sbin/dnsmasq /usr/sbin/dnsmasq
mount -o bind /jffs/opt/sbin/iptables /usr/sbin/iptables
insmod /jffs/usr/lib/modules/xt_set.ko
/opt/bin/shadow#socks -m
/opt/bin/shadow#socks -S
sleep 1
server_ip=`sed -n 's/.*ver": *"\(.*\)".*/\1/p' /opt/etc/shadow#socks.json`
local_port=`sed -n 's/.*l_port": *\(.*\)/\1/p' /opt/etc/shadow#socks.json | sed 's/,//g'`
/jffs/usr/sbin/ipset create gfw_black_list hash:net hashsize 64
/jffs/usr/sbin/ipset create baimingdan hash:net hashsize 64
/jffs/usr/sbin/ipset -A baimingdan 0.0.0.0/8
/jffs/usr/sbin/ipset -A baimingdan 10.0.0.0/8
/jffs/usr/sbin/ipset -A baimingdan 100.64.0.0/10
/jffs/usr/sbin/ipset -A baimingdan 127.0.0.0/8
/jffs/usr/sbin/ipset -A baimingdan 169.254.0.0/16
/jffs/usr/sbin/ipset -A baimingdan 172.16.0.0/12
/jffs/usr/sbin/ipset -A baimingdan 192.0.0.0/24
/jffs/usr/sbin/ipset -A baimingdan 192.0.2.0/24
/jffs/usr/sbin/ipset -A baimingdan 192.31.196.0/24
/jffs/usr/sbin/ipset -A baimingdan 192.52.193.0/24
/jffs/usr/sbin/ipset -A baimingdan 192.88.99.0/24
/jffs/usr/sbin/ipset -A baimingdan 192.168.0.0/16
/jffs/usr/sbin/ipset -A baimingdan 192.175.48.0/24
/jffs/usr/sbin/ipset -A baimingdan 198.18.0.0/15
/jffs/usr/sbin/ipset -A baimingdan 198.51.100.0/24
/jffs/usr/sbin/ipset -A baimingdan 203.0.113.0/24
/jffs/usr/sbin/ipset -A baimingdan 224.0.0.0/4
/jffs/usr/sbin/ipset -A baimingdan 240.0.0.0/4
/jffs/usr/sbin/ipset -A baimingdan 255.255.255.255
/jffs/usr/sbin/ipset -A baimingdan $server_ip
iptables -t nat -N ss
iptables -t nat -A ss -p tcp -m set --match-set baimingdan dst -j RETURN
iptables -t nat -A ss -p tcp -m set --match-set gfw_black_list dst -j REDIRECT --to-ports $local_port
iptables -t nat -A ss -p udp -m set --match-set gfw_black_list dst -j REDIRECT --to-ports $local_port
iptables -t nat -A ss -p tcp -j RETURN
iptables -t nat -A ss -p udp -j RETURN
iptables -t nat -A PREROUTING -p tcp -j ss
stopservice dnsmasq && startservice dnsmasq
stopservice cron && startservice cron