update update_z-i.sh script

router/update_z-i.sh

 #!/bin/sh
 
+#exit
 # Usage: --show|--force
 
 cd $(dirname "$(realpath "$0")") || exit #"
@@ -7,10 +8,34 @@ cd $(dirname "$(realpath "$0")") || exit #"
 SETNAME=rkz
 TMPNAME=rkz.ntmp
 MAXELEM=5000000
-IFACE=breth0
+IFACE=vmbr0
 # hash:ip
 IPSTYPE=hash:net
 
+set_rules()
+{
+# initial
+if ! iptables -L -t mangle | grep -q $SETNAME ; then
+	iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark 5 || exit
+fi
+
+if ! sysctl net.ipv4.conf.tun0.rp_filter | grep -q " = 2" ; then
+	sysctl -w net.ipv4.conf.tun0.rp_filter=2
+fi
+
+if ! ip route show table openroute | grep -q "default dev tun0" ; then
+	ip route replace default table openroute scope global nexthop dev tun0 || exit
+fi
+
+if ! ip rule | grep -q "fwmark 0x5" ; then
+	ip rule add fwmark 5 table openroute || exit
+fi
+
+# check for
+# -A POSTROUTING -o tun0 -j MASQUERADE
+
+}
+
 if [ "$1" = "--show" ] ; then
 	echo "Example:"
 	echo "# iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark 5"
@@ -18,6 +43,11 @@ if [ "$1" = "--show" ] ; then
 	exit
 fi
 
+if [ "$1" = "--set-rules" ] ; then
+	set_rules
+	exit
+fi
+
 # download new list
 ./get_ips_z-i.sh | grep -v HASH > $0.list
 
@@ -65,19 +95,4 @@ cat $0.list | grep ":" >$0.skipped.ipv6
 ipset swap $TMPNAME $SETNAME
 mv $0.list $0.list.old
 
-# initial
-if ! iptables -L -t mangle | grep -q $SETNAME ; then
-	iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark 5 || exit
-fi
-
-if ! sysctl net.ipv4.conf.tun0.rp_filter | grep -q " = 2" ; then
-	sysctl -w net.ipv4.conf.tun0.rp_filter=2
-fi
-
-if ! ip route show table openroute | grep -q "default dev tun0" ; then
-	ip route replace default table openroute scope global nexthop dev tun0 || exit
-fi
-
-if ! ip rule | grep -q "fwmark 0x5" ; then
-	ip rule add fwmark 5 table openroute || exit
-fi
+set_rules