change to iptables

2026-05-30 13:47:06 +07:00
parent 054b863f23
commit 387241d1f3
7 changed files with 137 additions and 62 deletions
--- a/iptables/china-unblock.sh
+++ b/iptables/china-unblock.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+set -e
+
+IPSET_NAME="china"
+
+echo "[*] Removing iptables rules..."
+iptables -D INPUT -m set --match-set "$IPSET_NAME" src -j DROP 2>/dev/null || true
+iptables -D OUTPUT -m set --match-set "$IPSET_NAME" dst -j DROP 2>/dev/null || true
+
+echo "[*] Removing raw table rules..."
+iptables -t raw -D PREROUTING -m set --match-set "$IPSET_NAME" src -j DROP 2>/dev/null || true
+iptables -t raw -D OUTPUT -m set --match-set "$IPSET_NAME" dst -j DROP 2>/dev/null || true
+
+echo "[*] Removing ip6tables rules..."
+ip6tables -D INPUT -m set --match-set china6 src -j DROP 2>/dev/null || true
+ip6tables -D OUTPUT -m set --match-set china6 dst -j DROP 2>/dev/null || true
+ip6tables -t raw -D PREROUTING -m set --match-set china6 src -j DROP 2>/dev/null || true
+ip6tables -t raw -D OUTPUT -m set --match-set china6 dst -j DROP 2>/dev/null || true
+
+echo "[*] Destroying ipsets..."
+ipset destroy "$IPSET_NAME" 2>/dev/null || true
+ipset destroy china6 2>/dev/null || true
+rm -f /etc/ipset.conf /tmp/cn.cidr /tmp/cn6.cidr
+
+echo "[*] Clearing saved rules..."
+rm -f /etc/iptables/iptables.rules /etc/iptables/ip6tables.rules
+
+echo "[+] Done! Chinese IPs are now unblocked."