fix: linux external tun

db/ConfigBuilder.cpp

@@ -777,7 +777,7 @@ namespace NekoGui {
         return QFileInfo(file).absoluteFilePath();
     }
 
-    QString WriteVPNLinuxScript(const QString &protectPath, const QString &configPath) {
+    QString WriteVPNLinuxScript(const QString &configPath) {
 #ifdef Q_OS_WIN
         return {};
 #endif
@@ -786,9 +786,7 @@ namespace NekoGui {
         if (QFile::exists("vpn/vpn-run-root.sh")) scriptFn = "vpn/vpn-run-root.sh";
         auto script = ReadFileText(scriptFn)
                           .replace("./nekobox_core", QApplication::applicationDirPath() + "/nekobox_core")
-                          .replace("$PROTECT_LISTEN_PATH", protectPath)
+                          .replace("$CONFIG_PATH", configPath);
-                          .replace("$CONFIG_PATH", configPath)
-                          .replace("$TABLE_FWMARK", "514");
         // write script
         QFile file2;
         file2.setFileName(QFileInfo(scriptFn).fileName());

db/ConfigBuilder.hpp

@@ -55,5 +55,5 @@ namespace NekoGui {
 
     QString WriteVPNSingBoxConfig();
 
-    QString WriteVPNLinuxScript(const QString &protectPath, const QString &configPath);
+    QString WriteVPNLinuxScript(const QString &configPath);
 } // namespace NekoGui

res/vpn/vpn-run-root.sh

@@ -6,40 +6,25 @@ if [ "$EUID" -ne 0 ]; then
   echo "[Warning] Tun script not running as root"
 fi
 
-if [ "$(uname)" == "Darwin" ]; then
-  IS_MACOS=1
-fi
-
-[ -z $TABLE_FWMARK ] && echo "Please set env TABLE_FWMARK" && exit
 command -v pkill >/dev/null 2>&1 || echo "[Warning] pkill not found"
 
 BASEDIR=$(dirname "$0")
 cd $BASEDIR
 
 pre_start_linux() {
-  # set bypass: fwmark
-  ip rule add pref 8999 fwmark $TABLE_FWMARK table main || return
-  ip -6 rule add pref 8999 fwmark $TABLE_FWMARK table main || return
-
   # for Tun2Socket
   iptables -I INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
   ip6tables -I INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
 }
 
 start() {
-  [ -z $IS_MACOS ] && pre_start_linux
+  pre_start_linux
-  "./nekobox_core" run -c "$CONFIG_PATH" --protect-listen-path "$PROTECT_LISTEN_PATH" --protect-fwmark $TABLE_FWMARK
+  "./nekobox_core" run -c "$CONFIG_PATH"
 }
 
 stop() {
-  [ -z $IS_MACOS ] || return
-  for local in $BYPASS_IPS; do
-    ip rule del to $local table main
-  done
   iptables -D INPUT -s 172.19.0.2 -d 172.19.0.1 -p tcp -j ACCEPT
   ip6tables -D INPUT -s fdfe:dcba:9876::2 -d fdfe:dcba:9876::1 -p tcp -j ACCEPT
-  ip rule del fwmark $TABLE_FWMARK
-  ip -6 rule del fwmark $TABLE_FWMARK
 }
 
 if [ "$1" != "stop" ]; then

ui/mainwindow.cpp

@@ -1776,9 +1776,8 @@ bool MainWindow::StartVPNProcess() {
         return true;
     }
     //
-    auto protectPath = QDir::currentPath() + "/protect";
     auto configPath = NekoGui::WriteVPNSingBoxConfig();
-    auto scriptPath = NekoGui::WriteVPNLinuxScript(protectPath, configPath);
+    auto scriptPath = NekoGui::WriteVPNLinuxScript(configPath);
     //
 #ifdef Q_OS_WIN
     runOnNewThread([=] {
@@ -1790,11 +1789,6 @@ bool MainWindow::StartVPNProcess() {
         runOnUiThread([=] { neko_set_spmode_vpn(false); });
     });
 #else
-    QFile::remove(protectPath);
-    if (QFile::exists(protectPath)) {
-        MessageBoxWarning("Error", "protect cannot be removed");
-        return false;
-    }
     //
     auto vpn_process = new QProcess;
     QProcess::connect(vpn_process, &QProcess::stateChanged, this, [=](QProcess::ProcessState state) {