From e25c6e475451cdbefab66ac4192339c9bd1440e3 Mon Sep 17 00:00:00 2001
From: coolsnowwolf <coolsnowwolf@gmail.com>
Date: Sun, 11 Nov 2018 17:12:31 +0800
Subject: [PATCH] luci ssr plus: bypass server itself in rules

---
 package/lean/luci-app-ssr-plus/Makefile               | 2 +-
 package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/package/lean/luci-app-ssr-plus/Makefile b/package/lean/luci-app-ssr-plus/Makefile
index 66f1d4270..14bcc8386 100644
--- a/package/lean/luci-app-ssr-plus/Makefile
+++ b/package/lean/luci-app-ssr-plus/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-ssr-plus
 PKG_VERSION:=1
-PKG_RELEASE:=42
+PKG_RELEASE:=43
 
 PO2LMO:=$(BUILD_DIR)/luci-base/po2lmo
 
diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
index 0a2eed280..2597b506a 100755
--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
@@ -74,6 +74,7 @@ ipset_r() {
 		$(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done)
 EOF
 	$IPT -N SS_SPEC_WAN_AC && \
+	$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN && \
 	$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN && \
 	$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
 	else
@@ -81,12 +82,13 @@ EOF
 	for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done
 	$IPT -N SS_SPEC_WAN_AC
 	$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
-
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
 	
 	ipset -N fplan hash:net 2>/dev/null
 	for ip in $LAN_FP_IP; do ipset add fplan $ip ; done
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
+	
+	$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
 	fi
 
 	return $?
@@ -162,6 +164,7 @@ tp_rule() {
 	
 	$ipt -I SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
 	$ipt -I SS_SPEC_TPROXY -p udp --dport 53 -j RETURN
+	$ipt -I SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
 	
 	$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
 		-m comment --comment "$TAG" -j SS_SPEC_TPROXY