_iptables_save() { if [[ $cmd == "apt-get" && $(command -v iptables) ]]; then cat >/etc/network/if-pre-up.d/iptables <<-EOF #!/bin/sh /sbin/iptables-restore < /etc/iptables.rules.v4 /sbin/ip6tables-restore < /etc/iptables.rules.v6 EOF chmod +x /etc/network/if-pre-up.d/iptables fi } _iptables_add() { if [[ $cmd == "apt-get" && $(command -v iptables) ]]; then if [[ $1 != "multiport" ]]; then iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT iptables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT ip6tables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT ip6tables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT else local multiport="${v2ray_dynamic_port_start_input}:${v2ray_dynamic_port_end_input}" iptables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT iptables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT ip6tables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT ip6tables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT fi iptables-save >/etc/iptables.rules.v4 ip6tables-save >/etc/iptables.rules.v6 fi } _iptables_del() { if [[ $cmd == "apt-get" && $(command -v iptables) ]]; then if [[ $1 != "multiport" ]]; then iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT iptables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT ip6tables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT ip6tables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT else local ports="${v2ray_dynamicPort_start}:${v2ray_dynamicPort_end}" iptables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT iptables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT ip6tables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT ip6tables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT fi iptables-save >/etc/iptables.rules.v4 ip6tables-save >/etc/iptables.rules.v6 fi }