~修复cn绕过未生效的bug

~修复华硕设备ip6tables报错的问题

scripts/menu.sh

@@ -667,8 +667,6 @@ setipv6(){ #ipv6设置
 	case $num in
 	1)
 		if [ "$ipv6_redir" = "未开启" ]; then 
-			echo -e "如果启用后导致部分应用加载缓慢，请关闭此功能即可恢复"
-			echo -e "\033[31m除非特殊需要，否则无需开启此功能！\033[0m"
 			ipv6_support=已开启
 			ipv6_redir=已开启
 			sleep 2
@@ -691,11 +689,11 @@ setipv6(){ #ipv6设置
 			setconfig ipv6_redir $ipv6_redir
 			setconfig ipv6_support $ipv6_support
 		fi
-		if [ -n "$(ipset -v 2>/dev/null)" -o "$firewall_mod" = 'nftables' ];then
+		if [ -n "$(ipset -v 2>/dev/null)"] || [ "$firewall_mod" = nftables ];then
 			[ "$cn_ipv6_route" = "未开启" ] && cn_ipv6_route=已开启 || cn_ipv6_route=未开启
 			setconfig cn_ipv6_route $cn_ipv6_route
 		else
-			echo -e "\033[31m当前设备缺少ipset模块或未使用Nft模式，无法启用绕过功能！！\033[0m"
+			echo -e "\033[31m当前设备缺少ipset模块或防火墙未使用nftables，无法启用绕过功能！！\033[0m"
 			sleep 1
 		fi
 		setipv6
@@ -1441,7 +1439,7 @@ normal_set(){ #基础设置
 		normal_set		
 		
 	elif [ "$num" = 8 ]; then	
-		if [ -n "$(ipset -v 2>/dev/null)" -o "$firewall_mod" = 'nftables' ];then
+		if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = 'nftables' ];then
 			if [ "$cn_ip_route" = "未开启" ]; then 
 				echo -e "\033[32m已开启CN_IP绕过内核功能！！\033[0m"
 				echo -e "\033[31m注意！！！此功能会导致全局模式及一切CN相关规则失效！！！\033[0m"
@@ -1453,7 +1451,7 @@ normal_set(){ #基础设置
 			fi
 			setconfig cn_ip_route $cn_ip_route
 		else
-			echo -e "\033[31m当前设备缺少ipset模块或未使用Nft模式，无法启用绕过功能！！\033[0m"
+			echo -e "\033[31m当前设备缺少ipset模块或未使用nftables模式，无法启用绕过功能！！\033[0m"
 			sleep 1
 		fi
 		normal_set

scripts/start.sh

@@ -844,7 +844,7 @@ EOF
 #设置路由规则
 cn_ip_route(){	#CN-IP绕过
 	ckgeo cn_ip.txt china_ip_list.txt
-	[ -f ${BINDIR}/cn_ip.txt -a -z "$(echo $redir_mod|grep 'Nft')" ] && {
+	[ -f ${BINDIR}/cn_ip.txt ] && [ "$firewall_mod" = iptables ] && {
 			# see https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/CN-ip-cidr.txt
 			echo "create cn_ip hash:net family inet hashsize 10240 maxelem 10240" > ${TMPDIR}/cn_$USER.ipset
 			awk '!/^$/&&!/^#/{printf("add cn_ip %s'" "'\n",$0)}' ${BINDIR}/cn_ip.txt >> ${TMPDIR}/cn_$USER.ipset
@@ -855,7 +855,7 @@ cn_ip_route(){	#CN-IP绕过
 }
 cn_ipv6_route(){ #CN-IPV6绕过
 	ckgeo cn_ipv6.txt china_ipv6_list.txt
-	[ -f ${BINDIR}/cn_ipv6.txt -a -z "$(echo $redir_mod|grep 'Nft')" ] && {
+	[ -f ${BINDIR}/cn_ipv6.txt ] && [ "$firewall_mod" = iptables ] && {
 			#ipv6
 			#see https://ispip.clang.cn/all_cn_ipv6.txt
 			echo "create cn_ip6 hash:net family inet6 hashsize 4096 maxelem 4096" > ${TMPDIR}/cn6_$USER.ipset
@@ -980,7 +980,7 @@ start_iptables(){ #iptables配置总入口
 	[ "$dns_no" != "已禁用" -a "$dns_redir" != "已开启" -a "$firewall_area" -le 3 ] && {
 		[ "$lan_proxy" = true ] && {
 			start_ipt_dns iptables PREROUTING shellcrash_dns #ipv4-局域网dns转发
-			if ip6tables -t nat -L >/dev/null 2>&1;then
+			if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
 				start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
 			else
 				ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT 2>/dev/null
@@ -994,10 +994,10 @@ start_iptables(){ #iptables配置总入口
 		[ "$lan_proxy" = true ] && {
 			start_ipt_route iptables nat PREROUTING shellcrash tcp #ipv4-局域网tcp转发
 			[ "$ipv6_redir" = "已开启" ] && {
-				if ip6tables -t nat -L >/dev/null 2>&1;then
+			if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
 					start_ipt_route ip6tables nat PREROUTING shellcrashv6 tcp #ipv6-局域网tcp转发
 				else
-					logger "当前设备内核缺少ip6tables_nat模块支持，已放弃启动相关规则！" 31
+					logger "当前设备内核缺少ip6tables_REDIRECT模块支持，已放弃启动相关规则！" 31
 				fi
 			}
 		}