iopq/nixos-laptop - Change TMIOYVLXEJ76UFDXTDTH6NW7XGMBBN2J6OZ625SV5AN6K7EG4MUQC

delete the old shit

Created by EbwjwgbHP64g5DPwCqcF1oKFEikinCPQ2vNWwmnsaYkz on November 15, 2025

TMIOYVLXEJ76UFDXTDTH6NW7XGMBBN2J6OZ625SV5AN6K7EG4MUQC

Dependencies

In channels

main

Change contents

File deletion: tproxy-rules.sh

BF:BFD[4.19] → [4.345:384]

BF:BFD[4.384] → [4.385:385]

B:BD[4.385] → [4.386:429]

∅:D[2.159] → [4.583:847]

B:BD[4.583] → [4.583:847]

B:BD[4.429] → [2.0:159]

#!/bin/sh
# Load variables from .env file
echo $SERVER
/etc/nixos/scripts/iptables.sh
/run/current-system/sw/bin/ip route add local 0.0.0.0/0 dev lo table 100
/run/current-system/sw/bin/ip rule add fwmark 1 table 100
/etc/profiles/per-user/iopq/bin/iptables -I INPUT -s $SERVER $IPTABLES_OPTIONS -j DROP
until SERVER=$(/etc/profiles/per-user/iopq/bin/dig @$NAME_SERVER +short A $DOMAIN) && [ -n "$SERVER" ]; do /run/current-system/sw/bin/sleep 2; echo >&2; done;

File deletion: iptables.sh

BF:BFD[4.19] → [4.848:883]

BF:BFD[4.883] → [4.884:884]

B:BD[4.884] → [4.885:2000]

∅:D[3.272] → [4.2067:2735]

B:BD[4.2067] → [4.2067:2735]

B:BD[4.2000] → [3.204:272]

#!/bin/sh
iptables -t mangle -N XRAY
#ip -o -4 addr show scope global | awk '{print $4}'
iptables -t mangle -A XRAY -d 192.168.2.184/24 -j RETURN
# 组播地址/E类地址/广播地址直连
iptables -t mangle -A XRAY -d 224.0.0.0/3 -j RETURN
iptables -t mangle -A XRAY -d 0.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY -d 10.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY -d 100.64.0.0/10 -j RETURN
iptables -t mangle -A XRAY -d 127.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY -d 169.254.0.0/16 -j RETURN
iptables -t mangle -A XRAY -d 172.16.0.0/12 -j RETURN
iptables -t mangle -A XRAY -d 192.168.0.0/16 -j RETURN
iptables -t mangle -A XRAY -d 198.18.0.0/15 -j RETURN
iptables -t mangle -A XRAY -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A XRAY -d 240.0.0.0/4 -j RETURN
#ip -o -4 addr show scope global | awk '{print $4}'
iptables -t mangle -A XRAY ! -s 192.168.2.184/24 -j RETURN
iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 12345 --tproxy-mark 1
iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 12345 --tproxy-mark 1
iptables -t mangle -A PREROUTING -j XRAY
iptables -t mangle -N XRAY_MASK
iptables -t mangle -A XRAY_MASK -d 0.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY_MASK -d 10.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY_MASK -d 127.0.0.0/8 -j RETURN
iptables -t mangle -A XRAY_MASK -d 169.254.0.0/16 -j RETURN
iptables -t mangle -A XRAY_MASK -d 172.16.0.0/12 -j RETURN
#ip -o -4 addr show scope global | awk '{print $4}'
iptables -t mangle -A XRAY_MASK -d 192.168.2.184/24 -j RETURN
iptables -t mangle -A XRAY_MASK -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A XRAY_MASK -d 240.0.0.0/4 -j RETURN
iptables -t mangle -A XRAY_MASK -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp -j XRAY_MASK
iptables -t mangle -A OUTPUT -p udp -j XRAY_MASK 
iptables -t mangle -A XRAY_MASK -m owner --gid-owner 1988 -j RETURN

File deletion: ipclean.sh

BF:BFD[4.19] → [4.2736:2770]

BF:BFD[4.2770] → [4.2771:2771]

B:BD[4.2771] → [4.2772:3050]

#!/bin/sh
iptables -t mangle -D PREROUTING -j XRAY -w
iptables -t mangle -D OUTPUT -p tcp -j XRAY_MASK -w
iptables -t mangle -D OUTPUT -p udp -j XRAY_MASK -w
iptables -t mangle -F XRAY
iptables -t mangle -F XRAY_MASK
iptables -t mangle -X XRAY
iptables -t mangle -X XRAY_MASK

File deletion: ip6tables.sh

BF:BFD[4.19] → [4.3051:3087]

BF:BFD[4.3087] → [4.3088:3088]

B:BD[4.3088] → [4.3089:4526]

#!/bin/sh
ip6tables -t mangle -N XRAY6
ip6tables -t mangle -A XRAY6 -d 2408:8207:2452:9010:dfba:2572:4088:320d/64 -j RETURN
ip6tables -t mangle -A XRAY6 -d 2408:8207:2452:9010:7301:5ec:a961:e85/64 -j RETURN
ip6tables -t mangle -A XRAY6 -d ::/128  -j RETURN
ip6tables -t mangle -A XRAY6 -d ::1/128  -j RETURN
ip6tables -t mangle -A XRAY6 -d 64:ff9b::/96  -j RETURN
ip6tables -t mangle -A XRAY6 -d 100::/64  -j RETURN
ip6tables -t mangle -A XRAY6 -d 2001::/32  -j RETURN
ip6tables -t mangle -A XRAY6 -d 2001:20::/28  -j RETURN
ip6tables -t mangle -A XRAY6 -d fe80::/10  -j RETURN
ip6tables -t mangle -A XRAY6 -d ff00::/8  -j RETURN
ip6tables -t mangle -A XRAY6 ! -s 2408:8207:2452:9010:dfba:2572:4088:320d/64 -j RETURN
ip6tables -t mangle -A XRAY6 ! -s 2408:8207:2452:9010:7301:5ec:a961:e85/64 -j RETURN
ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 2500 --tproxy-mark 1
ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 2500 --tproxy-mark 1
ip6tables -t mangle -A PREROUTING -j XRAY6
ip6tables -t mangle -N XRAY6_MASK
ip6tables -t mangle -A XRAY6_MASK -m owner --gid-owner 988 -j RETURN
ip6tables -t mangle -A XRAY6_MASK -d 2408:8207:2452:9010:dfba:2572:4088:320d -j RETURN
ip6tables -t mangle -A XRAY6_MASK -d 2408:8207:2452:9010:7301:5ec:a961:e85 -j RETURN
ip6tables -t mangle -A XRAY6_MASK -j MARK --set-mark 1
ip6tables -t mangle -A OUTPUT -p tcp -j XRAY6_MASK
ip6tables -t mangle -A OUTPUT -p udp -j XRAY6_MASK

File deletion: ip6clean.sh

BF:BFD[4.19] → [4.4527:4562]

BF:BFD[4.4562] → [4.4563:4563]

B:BD[4.4563] → [4.4564:4856]

#!/bin/sh
ip6tables -t mangle -D PREROUTING -j XRAY6 -w
ip6tables -t mangle -D OUTPUT -p tcp -j XRAY6_MASK -w
ip6tables -t mangle -D OUTPUT -p udp -j XRAY6_MASK -w
ip6tables -t mangle -F XRAY6
ip6tables -t mangle -F XRAY6_MASK
ip6tables -t mangle -X XRAY6
ip6tables -t mangle -X XRAY6_MASK

Insertion in modules.nix at line 191 [4.4893]

[3.1893]

    };
  };
  systemd.paths.udpspeeder = {
    description = "Watch udp2raw .env creation";
    wantedBy = [ "multi-user.target" ];
    pathConfig = {
      PathExists = "/run/udp2raw/.env";
      Unit = "udpspeeder.service";

Insertion in modules.nix at line 204 [4.4893]
[3.1906]
[3.1906]

Replacement in modules.nix at line 207 [4.4893]

B:BD[3.1973] → [3.1973:2036]

    wants = [ "udp2raw.path"
              "tproxy.service" ];

[3.1973]

[3.2036]

    requires = [ "udp2raw.path" ];

Deletion in modules.nix at line 220 [4.4893]
B:BD[4.8863] → [3.2325:2366]
```
    wantedBy = [ "multi-user.target" ];
```
Deletion in modules.nix at line 223 [4.4893]
B:BD[4.8903] → [4.8903:8922]
```
    enable = true;
```

Replacement in modules.nix at line 224 [4.4893]

B:BD[4.8975] → [4.8975:9015]

B:BD[4.9015] → [3.2367:2463]

    wantedBy = [ "multi-user.target" ];
    wants = [ "udp2raw.path"
              "tproxy.service"];
    after = [ "tproxy.service" ];

[4.8975]

[3.2463]

    requires = [ "udp2raw.path"];
    after = [ "udp2raw.path" ];

Replacement in .ignore at line 1 [4.16090]
B:BD[4.16090] → [4.16091:16104]
```
scripts/.env
```
[4.16090]
```
scripts/servers.yaml
```