IP路由表（ip rule）修改

sh 复制代码

su
ip rule show
ip rule del pref 12500

未开启VPN的路由表

复制代码

generic_x86_64:/ # ip rule show
0:	from all lookup local 
10000:	from all fwmark 0xc0000/0xd0000 lookup legacy_system 
10500:	from all iif lo oif wlan0 uidrange 0-0 lookup wlan0 
10500:	from all iif lo oif radio0 uidrange 0-0 lookup radio0 
13000:	from all fwmark 0x10063/0x1ffff iif lo lookup local_network 
13000:	from all fwmark 0x10065/0x1ffff iif lo lookup wlan0 
13000:	from all fwmark 0x50064/0x5ffff iif lo lookup radio0 
14000:	from all iif lo oif wlan0 lookup wlan0 
14000:	from all fwmark 0x40000/0x40000 iif lo oif radio0 lookup radio0 
15000:	from all fwmark 0x0/0x10000 lookup legacy_system 
16000:	from all fwmark 0x0/0x10000 lookup legacy_network 
17000:	from all fwmark 0x0/0x10000 lookup local_network 
19000:	from all fwmark 0x65/0x1ffff iif lo lookup wlan0 
22000:	from all fwmark 0x0/0xffff iif lo lookup wlan0 
32000:	from all unreachable

开启VPN的路由表

复制代码

generic_x86_64:/ # ip rule show                                                                                                      
0:	from all lookup local 
10000:	from all fwmark 0xc0000/0xd0000 lookup legacy_system 
10500:	from all iif lo oif wlan0 uidrange 0-0 lookup wlan0 
10500:	from all iif lo oif radio0 uidrange 0-0 lookup radio0 
11000:	from all iif tun0 lookup local_network 
12000:	from all fwmark 0x0/0x20000 iif lo uidrange 10086-10086 lookup tun0 
12000:	from all fwmark 0xc0066/0xcffff lookup tun0 
13000:	from all fwmark 0x10063/0x1ffff iif lo lookup local_network 
13000:	from all fwmark 0x10065/0x1ffff iif lo lookup wlan0 
13000:	from all fwmark 0x50064/0x5ffff iif lo lookup radio0 
13000:	from all fwmark 0x10066/0x1ffff iif lo uidrange 10086-10086 lookup tun0 
13000:	from all fwmark 0x10066/0x1ffff iif lo uidrange 0-0 lookup tun0 
14000:	from all iif lo oif wlan0 lookup wlan0 
14000:	from all fwmark 0x40000/0x40000 iif lo oif radio0 lookup radio0 
14000:	from all iif lo oif tun0 uidrange 10086-10086 lookup tun0 
15000:	from all fwmark 0x0/0x10000 lookup legacy_system 
16000:	from all fwmark 0x0/0x10000 lookup legacy_network 
17000:	from all fwmark 0x0/0x10000 lookup local_network 
19000:	from all fwmark 0x65/0x1ffff iif lo lookup wlan0 
21000:	from all fwmark 0x66/0x1ffff lookup wlan0 
22000:	from all fwmark 0x0/0xffff iif lo lookup wlan0 
32000:	from all unreachable

手动修改路由表

观察，上面我只开始了一个应用的加速，就是uid=10086，看到开启VPN后，系统会把这个应用的UID加到路由表中。

参考这个信息，可以对特定的应用修改，在不开关VPN的前提下，自由的决定流量是否走TUN。

sh 复制代码

# 查看android上某个应用的uid。
dumpsys package com.android.chrome | grep userId                                                                    
    userId=10075

# 添加规则（加的时候要避免不要使用已经存在的规则（比如:12000），不然关闭tun的时候，这个删除起来有点麻烦）

# 凡是 10075 应用 发出的、没有被特殊标记 的本地流量全部强制走 tun0 加速通道
ip rule add from all fwmark 0x0/0x20000 iif lo uidrange 10075-10075 lookup tun0 pref 12500
# 优先级13500：凡是 10075 应用 发出的、被系统标记为加速流量 的本地流量也强制走 tun0 加速通道
ip rule add from all fwmark 0x10066/0x1ffff iif lo uidrange 10075-10075 lookup tun0 pref 13500
# 优先级14500：凡是 10075 应用 发出的、本来就要走 tun0 的流量继续确认走 tun0 加速通道（防止回环、路由丢失）
ip rule add from all iif lo oif tun0 uidrange 10075-10075 lookup tun0 pref 14500


# 删除规则
ip rule del pref 12500
ip rule del pref 13500
ip rule del pref 14500

iif lo：本地发出的流量（APP 自己发的）

lookup tun0：走加速网卡

uidrange：哪个应用（UID）

fwmark：系统给流量打的标记 fwmark MARK/MASK， (packet.mark & MASK) == (MARK & MASK)，只匹配 MARK 中 MASK 为 1 的那些 bit 位。

效果：

添加规则之后，就可以把特定应用的流量打向VPN（上面是添加一个浏览器，浏览器上看到出口IP变了）
删除规则，可以去掉VPN对特定应用流量的拦截。

AOSP代码

system/netd/server/RouteController.cpp

https://cs.android.com/android/platform/superproject/+/android-latest-release:system/netd/server/RouteController.cpp

cpp 复制代码

// Adds or removes a routing rule for IPv4 and IPv6.
//
// + If |table| is non-zero, the rule points at the specified routing table. Otherwise, the table is
//   unspecified. An unspecified table is not allowed when creating an FR_ACT_TO_TBL rule.
// + If |mask| is non-zero, the rule matches the specified fwmark and mask. Otherwise, |fwmark| is
//   ignored.
// + If |iif| is non-NULL, the rule matches the specified incoming interface.
// + If |oif| is non-NULL, the rule matches the specified outgoing interface.
// + If |uidStart| and |uidEnd| are not INVALID_UID, the rule matches packets from UIDs in that
//   range (inclusive). Otherwise, the rule matches packets from all UIDs.
//
// Returns 0 on success or negative errno on failure.
[[nodiscard]] static int modifyIpRule(uint16_t action, int32_t priority, uint8_t ruleType,
                                      uint32_t table, uint32_t fwmark, uint32_t mask,
                                      const char* iif, const char* oif, uid_t uidStart,
                                      uid_t uidEnd) {