improvement

table.sh

@@ -1,5 +1,16 @@
 #!/bin/sh
 
+PX_GROUP="tproxy"
+PX_PORT="2803"
+GID=`getent group ${PX_GROUP} | cut -d: -f3`
+
+if [[ -n ${GID} && ${GID} -gt 0 ]]; then
+    echo "Applying iptables rules for group '${PX_GROUP}'"
+else
+    echo "Group '${PX_GROUP}' not exist, please create one."
+    exit 1
+fi
+
 ip rule add fwmark 1 table 100
 ip route add local 0.0.0.0/0 dev lo table 100
 ip -6 rule add fwmark 1 table 106
@@ -39,13 +50,13 @@ ip6tables -t mangle -A XRAY6_SELF -d FE00::0/8 -j RETURN
 ip6tables -t mangle -A XRAY6_SELF -d 0000::0/8 -j RETURN
 
 # config route
-iptables -t mangle -A XRAY -p tcp -j TPROXY --on-ip 127.0.0.1 --on-port 2803 --tproxy-mark 1
-iptables -t mangle -A XRAY -p udp -j TPROXY --on-ip 127.0.0.1 --on-port 2803 --tproxy-mark 1
-ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-ip ::1 --on-port 2803 --tproxy-mark 1
-ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-ip ::1 --on-port 2803 --tproxy-mark 1
+iptables -t mangle -A XRAY -p tcp -j TPROXY --on-ip 127.0.0.1 --on-port ${PX_PORT} --tproxy-mark 1
+iptables -t mangle -A XRAY -p udp -j TPROXY --on-ip 127.0.0.1 --on-port ${PX_PORT} --tproxy-mark 1
+ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-ip ::1 --on-port ${PX_PORT} --tproxy-mark 1
+ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-ip ::1 --on-port ${PX_PORT} --tproxy-mark 1
 iptables -t mangle -A PREROUTING -j XRAY
 ip6tables -t mangle -A PREROUTING -j XRAY6
 iptables -t mangle -A XRAY_SELF -j MARK --set-mark 1
 ip6tables -t mangle -A XRAY6_SELF -j MARK --set-mark 1
-iptables -t mangle -A OUTPUT -m owner --gid-owner 10333 -j XRAY_SELF
-ip6tables -t mangle -A OUTPUT -m owner --gid-owner 10333 -j XRAY6_SELF
+iptables -t mangle -A OUTPUT -m owner --gid-owner ${GID} -j XRAY_SELF
+ip6tables -t mangle -A OUTPUT -m owner --gid-owner ${GID} -j XRAY6_SELF