search

Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.72k stars 252 forks source link

Question about iptables to nftables change: Will ip rule add fwmark comands still work? #3338

Open ioogithub opened 1 month ago

ioogithub commented 1 month ago

I am using 0.59.1-5.4 and I would like to upgrade and start testing 0.60.

I created a VPN on VPS solution by marking v2ray packets and routing the wg as follows:

  1. In the exwg0.conf interface I have this:

    PostUp = ip rule add fwmark 123 lookup 111
PostDown = ip rule del fwmark 123 lookup 111

  2. In the /etc/v2ray/config.json I added the following:

    "outbounds": [
            {
                    "protocol": "freedom",
                    "settings": {
                            "userLevel": 0
                    },
                    "streamSettings": {
                            "sockopt": {
                                    "mark": 111
                            }
                    },
                    "tag": "direct"
            }
    ],

So basically any v2ray packets arriving at the VPS from v2ray are marked and routed though the wg interface.

Will these ip rule commands still work with OMR version 6.0? I see the kernel is upgraded to 6.1 but iptables has been replaced with nftables. Does the VPS still have iptables or has this been replaced with nftables as well?

Ysurac commented 1 month ago

Yes, should still work with V2Ray or XRay. iptables is still used on VPS side for now.