From 9990e9813f85c1bc903dfd9a6654dc8a729b2191 Mon Sep 17 00:00:00 2001
From: coolsnowwolf <coolsnowwolf@gmail.com>
Date: Sun, 8 Apr 2018 22:45:01 +0800
Subject: [PATCH] improve brook support

---
 .../root/etc/init.d/brookpro                  | 32 +++++++++++++------
 1 file changed, 22 insertions(+), 10 deletions(-)

diff --git a/package/lean/luci-app-brook-pro/root/etc/init.d/brookpro b/package/lean/luci-app-brook-pro/root/etc/init.d/brookpro
index 00a428779..e13f9918f 100755
--- a/package/lean/luci-app-brook-pro/root/etc/init.d/brookpro
+++ b/package/lean/luci-app-brook-pro/root/etc/init.d/brookpro
@@ -275,17 +275,29 @@ uci_get_by_type() {
 
 add_rule()
 {
-	iptables -t nat -N brook_pre
-	iptables -t nat -F brook_pre
-	iptables -t nat -A brook_pre -m set --match-set local dst -j RETURN || {
-		iptables -t nat -A brook_pre -d 10.0.0.0/8 -j RETURN
-		iptables -t nat -A brook_pre -d 127.0.0.0/8 -j RETURN
-		iptables -t nat -A brook_pre -d 172.16.0.0/12 -j RETURN
-		iptables -t nat -A brook_pre -d 192.168.0.0/16 -j RETURN
-		iptables -t nat -A brook_pre -d 127.0.0.0/8 -j RETURN
-		iptables -t nat -A brook_pre -d 224.0.0.0/3 -j RETURN
+  /usr/bin/ip rule add fwmark 1 lookup 100
+	iptables -t mangle -N brook_pre
+	iptables -t mangle -F brook_pre
+	iptables -t mangle -A brook_pre -m set --match-set local dst -j RETURN || {
+    iptables -t mangle -A brook_pre -d 0.0.0.0/8 -j RETURN
+    iptables -t mangle -A brook_pre -d 10.0.0.0/8 -j RETURN
+    iptables -t mangle -A brook_pre -d 127.0.0.0/8 -j RETURN
+    iptables -t mangle -A brook_pre -d 169.254.0.0/16 -j RETURN
+    iptables -t mangle -A brook_pre -d 172.16.0.0/12 -j RETURN
+    iptables -t mangle -A brook_pre -d 192.168.0.0/16 -j RETURN
+    iptables -t mangle -A brook_pre -d 224.0.0.0/4 -j RETURN
+    iptables -t mangle -A brook_pre -d 240.0.0.0/4 -j RETURN
+    iptables -t mangle -A brook_pre -d $vt_server_add -j RETURN
 	}
-	iptables -t nat -A brook_pre -d $vt_server_addr -j RETURN
+	
+	iptables -t mangle -A brook_pre -j MARK --set-mark 1
+	iptables -t mangle -A brook_pre -j ACCEPT
+	
+	iptables -t mangle -A PREROUTING -p tcp -m socket -j brook_pre
+  iptables -t mangle -A PREROUTING -p tcp -j TPROXY --tproxy-mark 0x1/0x1 --on-port 7070
+
+  iptables -t mangle -A PREROUTING -p udp -m socket -j brook_pre
+  iptables -t mangle -A PREROUTING -p udp -j TPROXY --tproxy-mark 0x1/0x1 --on-port 7070
 	
 	iptables -N gameboost -t mangle
 	ipset -! create gameuser hash:ip maxelem 65536 2>/dev/null