haotianlPM/rosrbgprouter
allanchen2019/ospf-over-wireguard
dndx/nchnroutes
使用Clash在Debian系统上用TProxy模式搭建透明代理
https://github.com/Hamster-Prime/ospf-clash/releases/download/1.0.0/ubuntu-22.04.tar.zst
取消"无特权容器"勾选
容器创建完成后,先不要开机,点击你创建的LXC容器-选项-功能,勾选以下选项
- 嵌套
- nfs
- smb
- fuse
进入PVE控制台,输入 nano /etc/pve/lxc/"容器ID".conf 修改配置文件,添加以下内容
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
启动容器并进入控制台
wget https://raw.githubusercontent.com/Hamster-Prime/ospf-clash/main/install.sh && chmod +x install.sh && ./install.sh
/routing table add name=Clash_VPN fib
/routing ospf instance add name=Clash router-id="RouterOS的IPv4地址" routing-table=Clash_VPN
/routing ospf area add instance=Clash name=OSPF-Area-Clash
/routing ospf interface-template add area=OSPF-Area-Clash hello-interval=10s cost=10 priority=1 interfaces="LAN网桥名字或者网卡名字" type=broadcast
/ip firewall mangle add action=accept chain=prerouting src-address="安装Clash服务器的IPv4地址"
/ip firewall mangle add action=mark-routing new-routing-mark=Clash_VPN dst-address-type=!local chain=prerouting src-address-list=!No_Proxy
/ip firewall address-list add address="不想代理的主机IP地址" list=No_Proxy
/routing rule add src-address=::/0 action=lookup-only-in-table table=main
/routing ospf instance add name=Clash_IPv6 version=3 router-id="RouterOS的IPv4地址" routing-table=Clash_VPN
/routing ospf area add instance=Clash_IPv6 name=OSPF-Area-Clash_IPv6
/routing ospf interface-template add area=OSPF-Area-Clash_IPv6 hello-interval=10s cost=10 priority=1 interfaces="LAN网桥名字或者网卡名字" type=broadcast
/ipv6 firewall mangle add action=accept chain=prerouting src-address="安装Clash服务器的本地IPv6地址"
/ipv6 firewall mangle add action=mark-routing new-routing-mark=Clash_VPN dst-address-type=!local chain=prerouting src-address-list=!No_Proxy
/ipv6 firewall address-list add address="不想代理的主机IP地址" list=No_Proxy