--- /dev/null
+From 8325b18738061f16eeeef13a2cbe39f9f5cfec91 Mon Sep 17 00:00:00 2001
+From: mzz2017 <2017@duck.com>
+Date: Sat, 11 Feb 2023 22:54:40 +0800
+Subject: [PATCH] fix: tproxy cannot work on openwrt (ifname is br-lan)
+
+---
+ service/core/iptables/tproxy.go | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+--- a/core/iptables/tproxy.go
++++ b/core/iptables/tproxy.go
+@@ -16,7 +16,7 @@ var Tproxy tproxy
+ func (t *tproxy) AddIPWhitelist(cidr string) {
+ // avoid duplication
+ t.RemoveIPWhitelist(cidr)
+- pos := 8
++ pos := 7
+ if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
+ pos += 3
+ }
+@@ -65,7 +65,6 @@ iptables -w 2 -t mangle -A TP_PRE -p udp
+
+ iptables -w 2 -t mangle -A TP_RULE -j CONNMARK --restore-mark
+ iptables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
+-iptables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
+ iptables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
+ iptables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
+ iptables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN
+@@ -126,7 +125,6 @@ ip6tables -w 2 -t mangle -A TP_PRE -p ud
+
+ ip6tables -w 2 -t mangle -A TP_RULE -j CONNMARK --restore-mark
+ ip6tables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
+-ip6tables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN
+ ip6tables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
+ ip6tables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
+ ip6tables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN