44 lines
1.1 KiB
Bash
Executable File
44 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
source ./00_env.sh
|
|
set -euo pipefail
|
|
|
|
apt install -y ipset || true
|
|
mkdir -p /etc/ipset
|
|
|
|
rm -f "$CHN_FILE"
|
|
for url in "${CHNROUTE_URLS[@]}"; do
|
|
curl -fsSL "$url" -o /tmp/chn.tmp && grep -E '^[0-9]' /tmp/chn.tmp | sed 's/\r//g' > "$CHN_FILE" && break
|
|
done
|
|
|
|
ipset list chnroute -n &>/dev/null && ipset flush chnroute && ipset destroy chnroute || true
|
|
ipset create chnroute hash:net family inet maxelem 65536 || true
|
|
|
|
for net in 0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16; do
|
|
ipset add chnroute $net || true
|
|
done
|
|
|
|
while IFS= read -r line; do
|
|
[[ -z "$line" || "$line" =~ ^# ]] && continue
|
|
ipset add chnroute "$line" || true
|
|
done < "$CHN_FILE"
|
|
|
|
ipset save > "$IPSET_FILE"
|
|
|
|
cat >/etc/systemd/system/ipset-load.service <<EOL
|
|
[Unit]
|
|
Description=Load ipset rules
|
|
After=network.target
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/sbin/ipset restore -f $IPSET_FILE
|
|
RemainAfterExit=yes
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOL
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable ipset-load.service
|
|
systemctl start ipset-load.service || true
|
|
|
|
echo "CHNROUTE ipset 已安装"
|