jackiejtr
commented
5 years ago 如果没有输出则说明还未加载,可以运行 modprobe xt_set 命令来加载试试。
然后再执行 iptables -t nat -A PREROUTING -p tcp -m set --match-set chn dst -j REDIRECT --to-port 1080 看看还会不会报错。
如果确实是这个原因造成的,你可以先手动把 modprobe xt_set 命令添加到 /jffs/scripts/services-start 启动脚本的前部,让路由器启动时自动加载 xt_set 模块。
我之后再更新下脚本,加入自动判断和加载此模块的功能。
已通过这种方法解决
gxfxyz
✔ 保存 ipset 载入命令到路由器的 nat-start 启动脚本中:/jffs/scripts/nat-start iptables: No chain/target/match by that name. Command 'iptables -t nat -A PREROUTING -p tcp -m set --match-set chn dst -j REDIRECT --to-port 1080' returned non-zero exit status 1. Traceback (most recent call last): File "unblockchn.py", line 956, in
main()
File "unblockchn.py", line 44, in main
Router.execute(sys.argv[2:])
File "unblockchn.py", line 88, in execute
cls.cmd_setup(raw_args[1:])
File "unblockchn.py", line 214, in cmd_setup
cls.setup_ipset_iptables()
File "unblockchn.py", line 458, in setup_ipset_iptables
cls.add_iptables_chn()
File "unblockchn.py", line 586, in add_iptables_chn
subprocess.check_call(ADD_IPTABLES_CHN_CMD, shell=True)
File "/subprocess.py", line 341, in check_call
subprocess.CalledProcessError: Command 'iptables -t nat -A PREROUTING -p tcp -m set --match-set chn dst -j REDIRECT --to-port 1080' returned non-zero exit status 1.