ShellCrash/scripts/menu.sh

1931 lines
70 KiB
Bash
Raw Normal View History

#!/bin/sh
2020-08-03 15:16:33 +08:00
# Copyright (C) Juewuy
CFG_PATH=${CRASHDIR}/configs/ShellCrash.cfg
YAMLSDIR=${CRASHDIR}/yamls
JSONSDIR=${CRASHDIR}/jsons
#加载执行目录,失败则初始化
source ${CRASHDIR}/configs/command.env &>/dev/null
[ -z "$BINDIR" -o -z "$TMPDIR" -o -z "$COMMAND" ] && source ${CRASHDIR}/init.sh &>/dev/null
[ ! -f ${TMPDIR} ] && mkdir -p ${TMPDIR}
#读取配置相关
setconfig(){
#参数1代表变量名参数2代表变量值,参数3即文件路径
[ -z "$3" ] && configpath=${CFG_PATH} || configpath="${3}"
[ -n "$(grep "${1}=" "$configpath")" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath
}
ckcmd(){
command -v sh &>/dev/null && command -v $1 &>/dev/null || type $1 &>/dev/null
}
#脚本启动前检查
ckstatus(){
#检查/读取脚本配置文件
if [ -f $CFG_PATH ];then
[ -n "$(awk 'a[$0]++' $CFG_PATH)" ] && awk '!a[$0]++' $CFG_PATH > $CFG_PATH #检查重复行并去除
source $CFG_PATH &>/dev/null
else
source ${CRASHDIR}/init.sh &>/dev/null
fi
versionsh=$(cat ${CRASHDIR}/init.sh | grep -E ^version= | head -n 1 | sed 's/version=//')
[ -n "$versionsh" ] && versionsh_l=$versionsh
#服务器缺省地址
[ -z "$mix_port" ] && mix_port=7890
[ -z "$redir_port" ] && redir_port=7892
[ -z "$db_port" ] && db_port=9999
[ -z "$dns_port" ] && dns_port=1053
[ -z "$multiport" ] && multiport='22,53,80,123,143,194,443,465,587,853,993,995,5222,8080,8443'
[ -z "$local_proxy" ] && local_proxy=未开启
[ -z "$redir_mod" ] && redir_mod=纯净模式
#检查mac地址记录
[ ! -f ${CRASHDIR}/configs/mac ] && touch ${CRASHDIR}/configs/mac
#获取本机host地址
[ -z "$host" ] && host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
[ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'lan' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1)
[ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1)
[ -z "$host" ] && host='设备IP地址'
#dashboard目录位置
[ -f ${CRASHDIR}/ui/index.html ] && dbdir=${CRASHDIR}/ui && hostdir=":$db_port/ui"
[ -f /www/clash/index.html ] && dbdir=/www/clash && hostdir=/clash
#开机自启检测
if [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ];then
[ -n "$(find /etc/rc.d -name '*shellcrash')" ] && autostart=enable || autostart=disable
elif ckcmd systemctl;then
[ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && autostart=enable || autostart=disable
else
[ -f ${CRASHDIR}/.dis_startup ] && autostart=disable || autostart=enable
fi
#开机自启描述
if [ "$autostart" = "enable" ]; then
auto="\033[32m已设置开机启动\033[0m"
auto1="\033[36m禁用\033[0mShellCrash开机启动"
else
auto="\033[31m未设置开机启动\033[0m"
auto1="\033[36m允许\033[0mShellCrash开机启动"
fi
#获取运行状态
PID=$(pidof CrashCore | awk '{print $NF}')
if [ -n "$PID" ];then
run="\033[32m正在运行$redir_mod\033[0m"
VmRSS=`cat /proc/$PID/status|grep -w VmRSS|awk '{print $2,$3}'`
#获取运行时长
touch ${TMPDIR}/crash_start_time #用于延迟启动的校验
start_time=$(cat ${TMPDIR}/crash_start_time)
if [ -n "$start_time" ]; then
time=$((`date +%s`-start_time))
day=$((time/86400))
[ "$day" = "0" ] && day='' || day="$day天"
time=`date -u -d @${time} +%H小时%M分%S秒`
fi
else
run="\033[31m没有运行$redir_mod\033[0m"
#检测系统端口占用
checkport
fi
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && corename=SingBox || corename=Clash
[ -f ${TMPDIR}/debug.log -a -n "$PID" ] && auto="\033[33m并处于debug状态\033[0m"
#输出状态
echo -----------------------------------------------
echo -e "\033[30;46m欢迎使用ShellCrash\033[0m 版本:$versionsh_l"
echo -e "$corename服务"$run""$auto""
if [ -n "$PID" ];then
echo -e "当前内存占用:\033[44m"$VmRSS"\033[0m已运行\033[46;30m"$day"\033[44;37m"$time"\033[0m"
fi
echo -e "TG频道\033[36;4mhttps://t.me/ShellClash\033[0m"
echo -----------------------------------------------
#检查新手引导
if [ -z "$userguide" ];then
setconfig userguide 1
source ${CRASHDIR}/getdate.sh && userguide
fi
#检查执行权限
[ ! -x ${CRASHDIR}/start.sh ] && chmod +x ${CRASHDIR}/start.sh
#检查/tmp内核文件
for file in `ls -F /tmp | grep -v [/\$] | grep -v '\ ' | grep -Ev ".*[(gz)(zip)(7z)(tar)]$" | grep -iE '^clash$|^clash-linux.*|^mihomo.*|^sing.*box|^clash.meta.*'` ; do
file=/tmp/$file
chmod +x $file
echo -e "发现可用的内核文件: \033[36m$file\033[0m "
read -p "是否加载(会停止当前服务)(1/0) > " res
[ "$res" = 1 ] && {
${CRASHDIR}/start.sh stop
core_v=$($file -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
[ -z "$core_v" ] && core_v=$($file version 2>/dev/null | grep -Eo 'version .*' | sed 's/version //')
if [ -n "$core_v" ];then
source ${CRASHDIR}/getdate.sh && setcoretype && \
2024-01-29 15:33:52 +08:00
mv -f $file ${TMPDIR}/CrashCore && \
tar -zcf ${BINDIR}/CrashCore.tar.gz -C ${TMPDIR} CrashCore && \
echo -e "\033[32m内核加载完成\033[0m " && \
setconfig crashcore $crashcore && \
setconfig core_v $core_v && \
switch_core
sleep 1
else
echo -e "\033[33m检测到不可用的内核文件可能是文件受损或CPU架构不匹配\033[0m"
rm -rf $file
echo -e "\033[33m内核文件已移除请认真检查后重新上传\033[0m"
sleep 2
fi
}
echo -----------------------------------------------
done
#检查/tmp配置文件
for file in `ls -F /tmp | grep -v [/\$] | grep -v '\ ' | grep -iE '.yaml$|.yml$|config.json$'` ; do
file=/tmp/$file
echo -e "发现内核配置文件: \033[36m$file\033[0m "
read -p "是否加载为$crashcore的配置文件(1/0) > " res
[ "$res" = 1 ] && {
if [ -n "$(echo $file | grep -iE '.json$')" ];then
mv -f $file ${CRASHDIR}/jsons/config.json
else
mv -f $file ${CRASHDIR}/yamls/config.yaml
fi
echo -e "\033[32m配置文件加载完成\033[0m "
sleep 1
}
done
#检查禁用配置覆写
[ "$disoverride" = "1" ] && {
echo -e "\033[33m你已经禁用了配置文件覆写功能这会导致大量脚本功能无法使用\033[0m "
read -p "是否取消禁用?(1/0) > " res
[ "$res" = 1 ] && unset disoverride && setconfig disoverride
echo -----------------------------------------------
}
}
errornum(){
echo -----------------------------------------------
echo -e "\033[31m请输入正确的字母或数字\033[0m"
2020-08-03 15:16:33 +08:00
}
startover(){
echo -e "\033[32m$corename服务已启动\033[0m"
echo -e "请使用 \033[4;36mhttp://$host$hostdir\033[0m 管理内置规则"
if [ "$redir_mod" = "纯净模式" ];then
echo -----------------------------------------------
echo -e "其他设备可以使用PAC配置连接\033[4;32mhttp://$host:$db_port/ui/pac\033[0m"
echo -e "或者使用HTTP/SOCK5方式连接IP{\033[36m$host\033[0m}端口{\033[36m$mix_port\033[0m}"
fi
}
start_core(){
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ];then
core_config=${CRASHDIR}/jsons/config.json
else
core_config=${CRASHDIR}/yamls/config.yaml
fi
echo -----------------------------------------------
if [ -s $core_config -o -n "$Url" -o -n "$Https" ];then
${CRASHDIR}/start.sh start
#设置循环检测以判定服务启动是否成功
i=1
while [ -z "$test" -a "$i" -lt 10 ];do
sleep 1
if curl --version > /dev/null 2>&1;then
test=$(curl -s http://127.0.0.1:${db_port}/configs | grep -o port)
else
test=$(wget -q -O - http://127.0.0.1:${db_port}/configs | grep -o port)
fi
i=$((i+1))
done
[ -n "$test" ] && startover
else
echo -e "\033[31m没有找到${crashcore}配置文件,请先导入配置文件!\033[0m"
source ${CRASHDIR}/getdate.sh && set_core_config
fi
}
checkrestart(){
echo -----------------------------------------------
echo -e "\033[32m检测到已变更的内容请重启服务\033[0m"
echo -----------------------------------------------
read -p "是否现在重启服务?(1/0) > " res
[ "$res" = 1 ] && start_core
}
#功能相关
log_pusher(){ #日志菜单
[ -n "$push_TG" ] && stat_TG=32m已启用 || stat_TG=33m未启用
[ -n "$push_Deer" ] && stat_Deer=32m已启用 || stat_Deer=33m未启用
[ -n "$push_bark" ] && stat_bark=32m已启用 || stat_bark=33m未启用
[ -n "$push_Po" ] && stat_Po=32m已启用 || stat_Po=33m未启用
[ "$task_push" = 1 ] && stat_task=32m已启用 || stat_task=33m未启用
[ -n "$device_name" ] && device_s=32m$device_name || device_s=33m未设置
echo -----------------------------------------------
echo -e " 1 查看\033[36m运行日志\033[0m"
echo -e " 2 Telegram推送 ——\033[$stat_TG\033[0m"
echo -e " 3 PushDeer推送 ——\033[$stat_Deer\033[0m"
echo -e " 4 Bark推送-IOS ——\033[$stat_bark\033[0m"
echo -e " 5 Passover推送 ——\033[$stat_Po\033[0m"
echo -e " 6 推送任务日志 ——\033[$stat_task\033[0m"
echo -e " 8 设置设备名称 ——\033[$device_s\033[0m"
echo -e " 9 清空日志文件"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case $num in
1)
if [ -s ${TMPDIR}/ShellCrash.log ];then
echo -----------------------------------------------
cat ${TMPDIR}/ShellCrash.log
exit 0
else
echo -e "\033[31m未找到相关日志\033[0m"
fi
sleep 1
;;
2)
echo -----------------------------------------------
if [ -n "$push_TG" ];then
read -p "确认关闭TG日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_TG=
chat_ID=
setconfig push_TG
setconfig chat_ID
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先通过 \033[32;4mhttps://t.me/BotFather\033[0m 申请TG机器人并获取其\033[36mAPI TOKEN\033[0m"
echo -----------------------------------------------
read -p "请输入你获取到的API TOKEN > " TOKEN
echo -----------------------------------------------
echo -e "\033[32m请通过Telegram的对话窗口向该机器人发送任意消息\033[0m"
echo -----------------------------------------------
read -p "我已经发送完成(1/0) > " res
if [ "$res" = 1 ];then
url_tg=https://api.telegram.org/bot${TOKEN}/getUpdates
[ -n "$authentication" ] && auth="$authentication@"
export https_proxy="http://${auth}127.0.0.1:$mix_port"
if curl --version &> /dev/null;then
chat=$(curl -kfsSl $url_tg 2>/dev/null| tail -n -1)
else
chat=$(wget -Y on -q -O - $url_tg | tail -n -1)
fi
[ -n "$chat" ] && chat_ID=$(echo $chat | grep -oE '"id":.*,"is_bot":false' | sed s'/"id"://'g | sed s'/,"is_bot":false//'g)
if [ -n "$chat_ID" ];then
push_TG=$TOKEN
setconfig push_TG $TOKEN
setconfig chat_ID $chat_ID
${CRASHDIR}/start.sh logger "已完成Telegram日志推送设置" 32
else
echo -e "\033[31m无法获取对话ID请重新配置\033[0m"
fi
fi
sleep 1
fi
log_pusher
;;
3)
echo -----------------------------------------------
if [ -n "$push_Deer" ];then
read -p "确认关闭PushDeer日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_Deer=
setconfig push_Deer
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先前往 \033[32;4mhttp://www.pushdeer.com/official.html\033[0m 扫码安装快应用或下载APP"
echo -e "打开快应用/APP并完成登陆"
echo -e "\033[33m切换到「设备」标签页点击右上角的加号注册当前设备\033[0m"
echo -e "\033[36m切换到「秘钥」标签页点击右上角的加号创建一个秘钥并复制\033[0m"
echo -----------------------------------------------
read -p "请输入你复制的秘钥 > " url
if [ -n "$url" ];then
push_Deer=$url
setconfig push_Deer $url
${CRASHDIR}/start.sh logger "已完成PushDeer日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
sleep 1
fi
log_pusher
;;
4)
echo -----------------------------------------------
if [ -n "$push_bark" ];then
read -p "确认关闭Bark日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_bark=
bark_param=
setconfig push_bark
setconfig bark_param
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "\033[33mBark推送仅支持IOS系统其他平台请使用其他推送方式\033[0m"
echo -e "\033[32m请安装Bark-IOS客户端并在客户端中找到专属推送链接\033[0m"
echo -----------------------------------------------
read -p "请输入你的Bark推送链接 > " url
if [ -n "$url" ];then
push_bark=$url
setconfig push_bark $url
echo -----------------------------------------------
echo -e "\033[32m例: ?group=ShellCrash\033[0m"
read -p "请输入你的Bark请求参数(默认回车为空) > " param
param=$(echo $param | sed 's/\&/\\\&/g')
if [ -n "$param" ];then
bark_param=$param
setconfig bark_param \'$param\'
fi
${CRASHDIR}/start.sh logger "已完成Bark日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
sleep 1
fi
log_pusher
;;
5)
echo -----------------------------------------------
if [ -n "$push_Po" ];then
read -p "确认关闭Pushover日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_Po=
push_Po_key=
setconfig push_Po
setconfig push_Po_key
}
elif curl --version &> /dev/null;then
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先通过 \033[32;4mhttps://pushover.net/\033[0m 注册账号并获取\033[36mUser Key\033[0m"
echo -----------------------------------------------
read -p "请输入你的User Key > " key
if [ -n "$key" ];then
echo -----------------------------------------------
echo -e "\033[33m请检查注册邮箱完成账户验证\033[0m"
read -p "我已经验证完成(1/0) > "
echo -----------------------------------------------
echo -e "请通过 \033[32;4mhttps://pushover.net/apps/build\033[0m 生成\033[36mAPI Token\033[0m"
echo -----------------------------------------------
read -p "请输入你的API Token > " Token
if [ -n "$Token" ];then
push_Po=$Token
push_Po_key=$key
setconfig push_Po $Token
setconfig push_Po_key $key
${CRASHDIR}/start.sh logger "已完成Passover日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
else
echo -e "\033[33mPashover不支持使用wget命令推送请尝试其他推送方式\033[0m"
fi
sleep 1
log_pusher
;;
6)
[ "$task_push" = 1 ] && task_push='' || task_push=1
setconfig task_push $task_push
sleep 1
log_pusher
;;
8)
read -p "请输入本设备自定义推送名称 > " device_name
setconfig device_name $device_name
sleep 1
log_pusher
;;
9)
echo -e "\033[33m运行日志及任务日志均已清空\033[0m"
rm -rf ${TMPDIR}/ShellCrash.log
sleep 1
log_pusher
;;
*) errornum ;;
esac
}
setport(){ #端口设置
source $CFG_PATH > /dev/null
[ -z "$secret" ] && secret=未设置
[ -z "$authentication" ] && auth=未设置 || auth=******
inputport(){
read -p "请输入端口号(1-65535) > " portx
if [ -z "$portx" ]; then
setport
elif [ $portx -gt 65535 -o $portx -le 1 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
inputport
2022-11-07 20:12:17 +08:00
elif [ -n "$(echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep "|$portx|")" ]; then
echo -e "\033[31m输入错误请不要输入重复的端口\033[0m"
inputport
elif [ -n "$(netstat -ntul |grep ":$portx ")" ];then
echo -e "\033[31m当前端口已被其他进程占用请重新输入\033[0m"
inputport
else
setconfig $xport $portx
echo -e "\033[32m设置成功\033[0m"
setport
fi
}
echo -----------------------------------------------
echo -e " 1 修改Http/Sock5端口 \033[36m$mix_port\033[0m"
echo -e " 2 设置Http/Sock5密码 \033[36m$auth\033[0m"
echo -e " 3 修改静态路由端口: \033[36m$redir_port\033[0m"
echo -e " 4 修改DNS监听端口 \033[36m$dns_port\033[0m"
echo -e " 5 修改面板访问端口: \033[36m$db_port\033[0m"
echo -e " 6 设置面板访问密码: \033[36m$secret\033[0m"
echo -e " 7 修改默认端口过滤: \033[36m$multiport\033[0m"
echo -e " 8 自定义本机host地址 \033[36m$host\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 1 ]; then
xport=mix_port
inputport
elif [ "$num" = 2 ]; then
echo -----------------------------------------------
echo -e "格式必须是\033[32m 用户名:密码 \033[0m的形式注意用小写冒号分隔"
echo -e "请尽量不要使用特殊符号!避免产生未知错误!"
echo "输入 0 删除密码"
echo -----------------------------------------------
read -p "请输入Http/Sock5用户名及密码 > " input
if [ "$input" = "0" ];then
authentication=""
setconfig authentication
echo 密码已移除!
else
if [ "$local_proxy" = "已开启" -a "$local_type" = "环境变量" ];then
echo -----------------------------------------------
echo -e "\033[33m请先禁用本机代理功能或使用增强模式\033[0m"
sleep 1
else
authentication=$(echo $input | grep :)
if [ -n "$authentication" ]; then
setconfig authentication \'$authentication\'
echo -e "\033[32m设置成功\033[0m"
else
echo -e "\033[31m输入有误请重新输入\033[0m"
fi
fi
fi
setport
elif [ "$num" = 3 ]; then
xport=redir_port
inputport
elif [ "$num" = 4 ]; then
xport=dns_port
inputport
elif [ "$num" = 5 ]; then
xport=db_port
inputport
elif [ "$num" = 6 ]; then
read -p "请输入面板访问密码(输入0删除密码) > " secret
if [ -n "$secret" ]; then
[ "$secret" = "0" ] && secret=""
setconfig secret $secret
echo -e "\033[32m设置成功\033[0m"
fi
setport
elif [ "$num" = 7 ]; then
echo -----------------------------------------------
echo -e "需配合\033[32m仅代理常用端口\033[0m功能使用"
echo -e "多个端口请用小写逗号分隔,例如:\033[33m143,80,443\033[0m"
echo -e "输入 0 重置为默认端口"
echo -----------------------------------------------
read -p "请输入需要指定代理的端口 > " multiport
if [ -n "$multiport" ]; then
[ "$multiport" = "0" ] && multiport=""
common_ports=已开启
setconfig multiport $multiport
setconfig common_ports $common_ports
echo -e "\033[32m设置成功\033[0m"
fi
setport
elif [ "$num" = 8 ]; then
echo -----------------------------------------------
echo -e "\033[33m如果你的局域网网段不是192.168.x或127.16.x或10.x开头请务必修改\033[0m"
echo -e "\033[31m设置后如本机host地址有变动请务必重新修改\033[0m"
echo -----------------------------------------------
read -p "请输入自定义host地址(输入0移除自定义host) > " host
if [ "$host" = "0" ];then
host=""
setconfig host $host
echo -e "\033[32m已经移除自定义host地址请重新运行脚本以自动获取host\033[0m"
exit 0
elif [ -n "$(echo $host |grep -E -o '\<([1-9]|[1-9][0-9]|1[0-9]{2}|2[01][0-9]|22[0-3])\>(\.\<([0-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>){2}\.\<([1-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>' )" ]; then
setconfig host $host
echo -e "\033[32m设置成功\033[0m"
else
host=""
echo -e "\033[31m输入错误请仔细核对\033[0m"
fi
sleep 1
setport
fi
}
setdns(){ #DNS设置
[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
[ -z "$hosts_opt" ] && hosts_opt=已开启
[ -z "$dns_redir" ] && dns_redir=未开启
[ -z "$dns_no" ] && dns_no=未禁用
echo -----------------------------------------------
echo -e "当前基础DNS\033[32m$dns_nameserver\033[0m"
echo -e "PROXY-DNS\033[36m$dns_fallback\033[0m"
echo -e "多个DNS地址请用\033[30;47m“|”\033[0m或者\033[30;47m“, ”\033[0m分隔输入"
echo -e "\033[33m必须拥有本地根证书文件才能使用dot/doh类型的加密dns\033[0m"
echo -e "\033[33m注意singbox内核只有首个dns会被加载\033[0m"
echo -----------------------------------------------
echo -e " 1 修改\033[32m基础DNS\033[0m"
echo -e " 2 修改\033[36mPROXY-DNS\033[0m"
echo -e " 3 \033[33m重置\033[0m默认DNS配置"
echo -e " 4 一键配置\033[32m加密DNS\033[0m"
echo -e " 5 hosts优化 \033[36m$hosts_opt\033[0m ————调用本机hosts并劫持NTP服务"
echo -e " 6 Dnsmasq转发 \033[36m$dns_redir\033[0m ————不推荐使用"
echo -e " 7 禁用DNS劫持 \033[36m$dns_no\033[0m ————搭配第三方DNS使用"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 1 ]; then
read -p "请输入新的DNS > " dns_nameserver
dns_nameserver=$(echo $dns_nameserver | sed 's#|#\,\ #g')
if [ -n "$dns_nameserver" ]; then
setconfig dns_nameserver \'"$dns_nameserver"\'
echo -e "\033[32m设置成功\033[0m"
fi
setdns
elif [ "$num" = 2 ]; then
read -p "请输入新的DNS > " dns_fallback
dns_fallback=$(echo $dns_fallback | sed 's/|/\,\ /g')
if [ -n "$dns_fallback" ]; then
setconfig dns_fallback \'"$dns_fallback"\'
echo -e "\033[32m设置成功\033[0m"
fi
setdns
elif [ "$num" = 3 ]; then
dns_nameserver=""
dns_fallback=""
setconfig dns_nameserver
setconfig dns_fallback
echo -e "\033[33mDNS配置已重置\033[0m"
setdns
elif [ "$num" = 4 ]; then
echo -----------------------------------------------
openssldir=$(openssl version -a 2>&1 | grep OPENSSLDIR | awk -F "\"" '{print $2}')
[ -z "$openssldir" ] && openssldir=/etc/ssl
if [ -s "$openssldir/certs/ca-certificates.crt" ];then
dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
dns_fallback='tls://1.0.0.1:853, tls://8.8.4.4:853, https://doh.opendns.com/dns-query'
setconfig dns_nameserver \'"$dns_nameserver"\'
setconfig dns_fallback \'"$dns_fallback"\'
echo -e "\033[32m已设置加密DNS如出现DNS解析问题请尝试重置DNS配置\033[0m"
else
echo -e "\033[31m找不到根证书文件无法启用加密DNSLinux系统请自行搜索安装OpenSSL的方式\033[0m"
fi
sleep 2
setdns
elif [ "$num" = 5 ]; then
echo -----------------------------------------------
if [ "$hosts_opt" = "已启用" ]; then
hosts_opt=未启用
echo -e "\033[32m已禁用hosts优化功能\033[0m"
else
hosts_opt=已启用
echo -e "\033[33m已启用hosts优化功能\033[0m"
fi
sleep 1
setconfig hosts_opt $hosts_opt
setdns
elif [ "$num" = 6 ]; then
echo -----------------------------------------------
if [ "$dns_redir" = "未开启" ]; then
echo -e "\033[31m将使用OpenWrt中Dnsmasq插件自带的DNS转发功能转发DNS请求至内核\033[0m"
echo -e "\033[33m启用后将禁用本插件自带的iptables转发功能\033[0m"
dns_redir=已开启
echo -e "\033[32m已启用Dnsmasq转发DNS功能\033[0m"
sleep 1
else
uci del dhcp.@dnsmasq[-1].server
uci set dhcp.@dnsmasq[0].noresolv=0
uci commit dhcp
/etc/init.d/dnsmasq restart
echo -e "\033[33m禁用成功如有报错请重启设备\033[0m"
dns_redir=未开启
fi
sleep 1
setconfig dns_redir $dns_redir
setdns
elif [ "$num" = 7 ]; then
echo -----------------------------------------------
if [ "$dns_no" = "未禁用" ]; then
echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用!\033[0m"
dns_no=已禁用
echo -e "\033[32m已禁用DNS劫持\033[0m"
else
dns_no=未禁用
echo -e "\033[33m已启用DNS劫持\033[0m"
fi
sleep 1
setconfig dns_no $dns_no
setdns
fi
}
setipv6(){ #ipv6设置
[ -z "$ipv6_support" ] && ipv6_support=已开启
[ -z "$ipv6_redir" ] && ipv6_redir=未开启
[ -z "$ipv6_dns" ] && ipv6_dns=已开启
2022-12-21 11:23:23 +08:00
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
echo -----------------------------------------------
[ "$disoverride" != "1" ] && echo -e " 1 ipv6内核支持: \033[36m$ipv6_support\033[0m ——用于ipv6节点及规则支持"
2022-12-21 11:23:23 +08:00
echo -e " 2 ipv6透明代理: \033[36m$ipv6_redir\033[0m ——代理ipv6流量"
[ "$disoverride" != "1" ] && echo -e " 3 ipv6-DNS解析: \033[36m$ipv6_dns\033[0m ——决定内置DNS是否返回ipv6地址"
echo -e " 4 CNIP绕过内核: \033[36m$cn_ipv6_route\033[0m ——优化性能不兼容fake-ip"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case $num in
1)
[ "$ipv6_support" = "未开启" ] && ipv6_support=已开启 || ipv6_support=未开启
setconfig ipv6_support $ipv6_support
setipv6
;;
2)
if [ "$ipv6_redir" = "未开启" ]; then
echo -e "如果启用后导致部分应用加载缓慢,请关闭此功能即可恢复"
echo -e "\033[31m除非特殊需要否则无需开启此功能\033[0m"
ipv6_support=已开启
ipv6_redir=已开启
sleep 2
else
ipv6_redir=未开启
fi
setconfig ipv6_redir $ipv6_redir
setconfig ipv6_support $ipv6_support
setipv6
;;
3)
[ "$ipv6_dns" = "未开启" ] && ipv6_dns=已开启 || ipv6_dns=未开启
setconfig ipv6_dns $ipv6_dns
setipv6
;;
2022-12-21 11:23:23 +08:00
4)
if [ "$ipv6_redir" = "未开启" ]; then
ipv6_support=已开启
ipv6_redir=已开启
setconfig ipv6_redir $ipv6_redir
setconfig ipv6_support $ipv6_support
fi
if [ -n "$(ipset -v 2>/dev/null)" -o -n "$(echo $redir_mod | grep Nft)" ];then
[ "$cn_ipv6_route" = "未开启" ] && cn_ipv6_route=已开启 || cn_ipv6_route=未开启
setconfig cn_ipv6_route $cn_ipv6_route
else
echo -e "\033[31m当前设备缺少ipset模块或未使用Nft模式无法启用绕过功能\033[0m"
sleep 1
fi
setipv6
;;
*)
errornum
;;
esac
}
setfirewall(){ #防火墙设置
set_cust_host_ipv4(){
echo -----------------------------------------------
echo -e "当前已自动设置透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo ) \033[0m"
echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m"
echo -----------------------------------------------
echo -e "\033[33m自定义网段不会覆盖自动获取的网段地址无需重复添加\033[0m"
echo -e " 1 移除所有自定义网段"
echo -e " 0 返回上级菜单"
read -p "请输入需要额外添加的网段 > " text
case $text in
1)
unset cust_host_ipv4
setconfig cust_host_ipv4
set_cust_host_ipv4
;;
0)
;;
*)
if [ -n "$(echo $text | grep -Eo '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}'$)" -a -z "$(echo $cust_host_ipv4 | grep "$text")" ];then
cust_host_ipv4="$cust_host_ipv4 $text"
setconfig cust_host_ipv4 "'$cust_host_ipv4'"
else
echo -----------------------------------------------
echo -e "\033[31m请输入正确的网段地址\033[0m"
fi
sleep 1
set_cust_host_ipv4
;;
esac
}
[ -z "$public_support" ] && public_support=未开启
[ -z "$public_mixport" ] && public_mixport=未开启
[ -z "$ipv6_dns" ] && ipv6_dns=已开启
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
echo -----------------------------------------------
echo -e " 1 公网访问Dashboard面板: \033[36m$public_support\033[0m"
echo -e " 2 公网访问Socks/Http代理: \033[36m$public_mixport\033[0m"
echo -e " 3 自定义透明路由ipv4网段: 适合vlan等复杂网络环境"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case $num in
1)
if [ "$public_support" = "未开启" ]; then
public_support=已开启
else
public_support=未开启
fi
setconfig public_support $public_support
setfirewall
;;
2)
if [ "$public_mixport" = "未开启" ]; then
if [ "$mix_port" = "7890" -o -z "$authentication" ];then
echo -----------------------------------------------
echo -e "\033[33m为了安全考虑请先修改默认Socks/Http端口并设置代理密码\033[0m"
sleep 1
setport
else
public_mixport=已开启
fi
else
public_mixport=未开启
fi
setconfig public_mixport $public_mixport
setfirewall
;;
3)
set_cust_host_ipv4
setfirewall
;;
*)
errornum
;;
esac
}
checkport(){ #自动检查端口冲突
for portx in $dns_port $mix_port $redir_port $db_port ;do
if [ -n "$(netstat -ntul 2>&1 |grep '\:$portx ')" ];then
echo -----------------------------------------------
echo -e "检测到端口【$portx】被以下进程占用!内核可能无法正常启动!\033[33m"
echo $(netstat -ntul | grep :$portx | head -n 1)
echo -e "\033[0m-----------------------------------------------"
echo -e "\033[36m请修改默认端口配置\033[0m"
setport
source $CFG_PATH > /dev/null
checkport
fi
done
}
macfilter(){ #局域网设备过滤
add_mac(){
echo -----------------------------------------------
echo 已添加的mac地址
cat ${CRASHDIR}/configs/mac
echo -----------------------------------------------
echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[32m"
cat $dhcpdir | awk '{print " "NR" "$3,$2,$4}'
echo -e "\033[0m-----------------------------------------------"
echo -e "手动输入mac地址时仅支持\033[32mxx:xx:xx:xx:xx:xx\033[0m的形式"
echo -e " 0 或回车 结束添加"
echo -----------------------------------------------
read -p "请输入对应序号或直接输入mac地址 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ -n "$(echo $num | grep -aE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$')" ];then
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$num")" ];then
echo $num | grep -oE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$' >> ${CRASHDIR}/configs/mac
else
echo -----------------------------------------------
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then
macadd=$(cat $dhcpdir | awk '{print $2}' | sed -n "$num"p)
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$macadd")" ];then
echo $macadd >> ${CRASHDIR}/configs/mac
else
echo -----------------------------------------------
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
else
echo -----------------------------------------------
echo -e "\033[31m输入有误请重新输入\033[0m"
add_mac
fi
}
del_mac(){
echo -----------------------------------------------
if [ -z "$(cat ${CRASHDIR}/configs/mac)" ];then
echo -e "\033[31m列表中没有需要移除的设备\033[0m"
else
echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[0m"
i=1
for mac in $(cat ${CRASHDIR}/configs/mac); do
dev_ip=$(cat $dhcpdir | grep $mac | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip='000.000.00.00'
dev_mac=$(cat $dhcpdir | grep $mac | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$mac
dev_name=$(cat $dhcpdir | grep $mac | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备'
echo -e " $i \033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m"
i=$((i+1))
done
echo -----------------------------------------------
echo -e "\033[0m 0 或回车 结束删除"
read -p "请输入需要移除的设备的对应序号 > " num
if [ -z "$num" ]||[ "$num" -le 0 ]; then
n=
elif [ $num -le $(cat ${CRASHDIR}/configs/mac | wc -l) ];then
sed -i "${num}d" ${CRASHDIR}/configs/mac
echo -----------------------------------------------
echo -e "\033[32m对应设备已移除\033[0m"
del_mac
else
echo -----------------------------------------------
echo -e "\033[31m输入有误请重新输入\033[0m"
del_mac
fi
fi
}
echo -----------------------------------------------
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcp/dhcpd.leases ] && dhcpdir='/var/lib/dhcp/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcpd/dhcpd.leases ] && dhcpdir='/var/lib/dhcpd/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dhcp.leases ] && dhcpdir='/tmp/dhcp.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases'
[ -z "$dhcpdir" ] && dhcpdir='/dev/null'
[ -z "$macfilter_type" ] && macfilter_type='黑名单'
if [ "$macfilter_type" = "黑名单" ];then
macfilter_over='白名单'
macfilter_scrip='不'
else
macfilter_over='黑名单'
macfilter_scrip=''
fi
######
echo -e "\033[30;47m请在此添加或移除设备\033[0m"
echo -e "当前过滤方式为:\033[33m$macfilter_type模式\033[0m"
echo -e "仅列表内设备\033[36m$macfilter_scrip经过\033[0mClash内核"
if [ -n "$(cat ${CRASHDIR}/configs/mac)" ]; then
echo -----------------------------------------------
echo -e "当前已过滤设备为:\033[36m"
echo -e "\033[33m 设备IP 设备mac地址 设备名称\033[0m"
for mac in $(cat ${CRASHDIR}/configs/mac); do
dev_ip=$(cat $dhcpdir | grep $mac | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip='000.000.00.00'
dev_mac=$(cat $dhcpdir | grep $mac | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$mac
dev_name=$(cat $dhcpdir | grep $mac | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备'
echo -e "\033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m"
done
echo -----------------------------------------------
fi
echo -e " 1 切换为\033[33m$macfilter_over模式\033[0m"
echo -e " 2 \033[32m添加指定设备\033[0m"
echo -e " 3 \033[36m移除指定设备\033[0m"
echo -e " 4 \033[31m清空整个列表\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
macfilter_type=$macfilter_over
setconfig macfilter_type $macfilter_type
echo -----------------------------------------------
echo -e "\033[32m已切换为$macfilter_type模式\033[0m"
macfilter
elif [ "$num" = 2 ]; then
add_mac
macfilter
elif [ "$num" = 3 ]; then
del_mac
macfilter
elif [ "$num" = 4 ]; then
:>${CRASHDIR}/configs/mac
echo -----------------------------------------------
echo -e "\033[31m设备列表已清空\033[0m"
macfilter
else
errornum
macfilter
fi
}
localproxy(){ #本机代理
[ -w /etc/systemd/system/shellcrash.service -o -w /usr/lib/systemd/system/shellcrash.service -o -x /bin/su ] && local_enh=1
[ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && [ -w /etc/passwd ] && local_enh=1
echo -----------------------------------------------
[ -n "$local_enh" ] && {
ckcmd iptables && [ -n "$(iptables -m owner --help | grep owner)" ] && echo -e " 1 使用\033[32miptables增强模式\033[0m配置(支持docker,推荐!)"
ckcmd nft && modprobe nf_nat &> /dev/null && echo -e " 2 使用\033[32mnftables增强模式\033[0m配置(支持docker,推荐!)"
}
echo -e " 3 使用\033[33m环境变量\033[0m方式配置(部分应用可能无法使用,不推荐!)"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请选择本机代理方式 > " num
case "$num" in
1)
local_type="iptables增强模式"
local_proxy=已开启
;;
2)
local_type="nftables增强模式"
local_proxy=已开启
;;
3)
if [ -z "$authentication" -o "$authentication" = "未设置" ];then
local_type="环境变量"
echo -e "\033[33m注意请重启ShellCrash服务后手动输入以下命令使配置生效\033[0m"
echo -e "【\033[32m source /etc/profile > /dev/null \033[0m】"
local_proxy=已开启
else
echo -e "\033[32m检测到您已经设置了Http/Sock5代理密码请先取消密码\033[0m"
setport
localproxy
fi
sleep 1
;;
*)
errornum
;;
esac
setconfig local_proxy $local_proxy
setconfig local_type $local_type
}
setboot(){ #启动相关设置
[ -z "$start_old" ] && start_old=未开启
[ -z "$start_delay" -o "$start_delay" = 0 ] && delay=未设置 || delay=${start_delay}
[ "$autostart" = "enable" ] && auto_set="\033[33m禁止" || auto_set="\033[32m允许"
[ "${BINDIR}" = "${CRASHDIR}" ] && mini_clash=未开启 || mini_clash=已开启
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用启动设置菜单\033[0m"
echo -----------------------------------------------
echo -e " 1 ${auto_set}\033[0mShellCrash开机启动"
echo -e " 2 使用保守模式: \033[36m$start_old\033[0m ————基于定时任务(每分钟检测)"
echo -e " 3 设置自启延时: \033[36m$delay\033[0m ————用于解决自启后服务受限"
echo -e " 4 启用小闪存模式: \033[36m$mini_clash\033[0m ————用于闪存空间不足的设备"
[ "${BINDIR}" != "${CRASHDIR}" ] && echo -e " 5 设置小闪存目录: \033[36m${BINDIR}\033[0m"
echo -----------------------------------------------
echo -e " 0 \033[0m返回上级菜单\033[0m"
read -p "请输入对应数字 > " num
echo -----------------------------------------------
case "$num" in
1)
if [ "$autostart" = "enable" ]; then
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash > /dev/null 2>&1 && cd - >/dev/null
ckcmd systemctl && systemctl disable shellcrash.service > /dev/null 2>&1
touch ${CRASHDIR}/.dis_startup
autostart=disable
echo -e "\033[33m已禁止Clash开机启动\033[0m"
elif [ "$autostart" = "disable" ]; then
[ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable
ckcmd systemctl && systemctl enable shellcrash.service > /dev/null 2>&1
rm -rf ${CRASHDIR}/.dis_startup
autostart=enable
echo -e "\033[32m已设置Clash开机启动\033[0m"
fi
setboot
;;
2)
if [ "$start_old" = "未开启" ] > /dev/null 2>&1; then
echo -e "\033[33m改为使用保守模式启动服务\033[0m"
start_old=已开启
setconfig start_old $start_old
${CRASHDIR}/start.sh stop
else
if [ -n "$(pidof procd)" -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
echo -e "\033[32m改为使用系统守护进程启动服务\033[0m"
${CRASHDIR}/start.sh cronset "ShellCrash初始化"
start_old=未开启
setconfig start_old $start_old
${CRASHDIR}/start.sh stop
else
echo -e "\033[31m当前设备不支持以其他模式启动\033[0m"
fi
fi
sleep 1
setboot
;;
3)
echo -e "\033[33m如果你的设备启动后可以正常使用则无需设置\033[0m"
echo -e "\033[36m推荐设置为30~120秒之间请根据设备问题自行试验\033[0m"
read -p "请输入启动延迟时间(0~300秒) > " sec
case "$sec" in
[0-9]|[0-9][0-9]|[0-2][0-9][0-9]|300)
start_delay=$sec
setconfig start_delay $sec
echo -e "\033[32m设置成功\033[0m"
;;
*)
echo -e "\033[31m输入有误或超过300秒请重新输入\033[0m"
;;
esac
sleep 1
setboot
;;
4)
dir_size=$(df ${CRASHDIR} |awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' |grep Ava |awk '{print $2}')
if [ "$mini_clash" = "未开启" ]; then
if [ "$dir_size" -gt 20480 ];then
echo -e "\033[33m您的设备空间充足(>20M),无需开启!\033[0m"
elif [ "start_old" != '已开启' -a "$(cat /proc/1/comm)" = "systemd" ];then
echo -e "\033[33m不支持systemd启动模式请先启用保守模式\033[0m"
else
[ "$BINDIR" = "$CRASHDIR" ] && BINDIR="$TMPDIR"
echo -e "\033[32m已经启用小闪存功能\033[0m"
echo -e "如需更换目录,请使用【设置小闪存目录】功能\033[0m"
fi
else
if [ "$dir_size" -lt 8192 ];then
echo -e "\033[31m您的设备剩余空间不足8M停用后可能无法正常运行\033[0m"
read -p "确认停用此功能?(1/0) > " res
[ "$res" = 1 ] && BINDIR="$CRASHDIR" && echo -e "\033[33m已经停用小闪存功能\033[0m"
else
rm -rf /tmp/ShellCrash
BINDIR="$CRASHDIR"
echo -e "\033[33m已经停用小闪存功能\033[0m"
fi
fi
setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
sleep 1
setboot
;;
5)
echo -e "\033[33m如设置到内存则每次开机后都自动重新下载相关文件\033[0m"
echo -e "\033[33m请确保安装源可用裸连否则会导致启动失败\033[0m"
echo " 1 使用内存(/tmp)"
echo " 2 选择U盘目录"
echo " 3 自定义目录"
read -p "请输入相应数字 > " num
case "$num" in
1)
BINDIR="$TMPDIR" ;;
2)
set_usb_dir(){
echo "请选择安装目录"
du -hL /mnt | awk '{print " "NR" "$2" "$1}'
read -p "请输入相应数字 > " num
BINDIR=$(du -hL /mnt | awk '{print $2}' | sed -n "$num"p)
if [ -z "$BINDIR" ];then
echo "\033[31m输入错误请重新设置\033[0m"
set_usb_dir
fi
}
set_usb_dir
;;
3)
input_dir(){
read -p "请输入自定义目录 > " BINDIR
if [ ! -d "$BINDIR" ];then
echo "\033[31m输入错误请重新设置\033[0m"
input_dir
fi
}
input_dir
;;
*)
errornum
;;
esac
setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
setboot
;;
*)
errornum
;;
esac
}
metacfg(){
echo -----------------------------------------------
}
normal_set(){ #基础设置
set_redir_mod(){
set_redir_config(){
setconfig redir_mod $redir_mod
setconfig dns_mod $dns_mod
if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ] && [ "$crashcore" = "clash" ];then
rm -rf ${BINDIR}/clash
rm -rf ${CRASHDIR}/clash
setconfig crashcore meta
fi
echo -----------------------------------------------
echo -e "\033[36m已设为 $redir_mod \033[0m"
}
[ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && sup_tp=1
[ -n "$(ls /dev/net/tun)" ] || ip tuntap &>/dev/null && sup_tun=1
ckcmd nft && modprobe nf_nat &> /dev/null && sup_nft=1 && modprobe nft_tproxy &> /dev/null && sup_nft=2
echo -----------------------------------------------
echo -e "当前代理模式为:\033[47;30m $redir_mod \033[0mClash核心为\033[47;30m $crashcore \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo -----------------------------------------------
ckcmd iptables && echo -e " 1 \033[32mRedir模式\033[0m Redir转发TCP不转发UDP"
[ -n "$sup_tun" ] && echo -e " 2 \033[36m混合模式\033[0m Redir转发TCPTun转发UDP"
[ -n "$sup_tun" ] && echo -e " 4 \033[33mTun模式\033[0m 使用Tun转发TCP&UDP(占用高)"
[ -n "$sup_tp" ] && echo -e " 5 \033[32mTproxy模式\033[0m 使用Tproxy转发TCP&UDP"
[ -n "$sup_nft" ] && echo -e " 6 \033[36mNft基础\033[0m 使用nftables转发TCP不转发UDP"
[ "$sup_nft" = 2 ] && echo -e " 7 \033[32mNft混合\033[0m 使用nft_tproxy转发TCP&UDP"
echo -e " 8 \033[36m纯净模式\033[0m 不设置流量转发"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
redir_mod=Redir模式
dns_mod=redir_host
set_redir_config
elif [ "$num" = 2 ]; then
[ -n "$sup_tun" ] || {
echo -e "\033[32m设备未检测到Tun内核模块可能无法代理UDP流量\033[0m"
sleep 1
}
redir_mod=混合模式
set_redir_config
elif [ "$num" = 3 ]; then
if [ -f /etc/init.d/qca-nss-ecm -a "$systype" = "mi_snapshot" ] ;then
read -p "当前设备的QOS服务与本模式冲突是否禁用相关功能(1/0) > " res
[ "$res" = '1' ] && ${CRASHDIR}/misnap_init.sh tproxyfix && redir_mod=Tproxy混合
else
redir_mod=Tproxy混合
fi
set_redir_config
elif [ "$num" = 4 ]; then
redir_mod=Tun模式
set_redir_config
elif [ "$num" = 5 ]; then
if [ -f /etc/init.d/qca-nss-ecm -a "$systype" = "mi_snapshot" ] ;then
read -p "当前设备的QOS服务与本模式冲突是否禁用相关功能(1/0) > " res
[ "$res" = '1' ] && ${CRASHDIR}/misnap_init.sh tproxyfix && redir_mod=Tproxy模式
else
redir_mod=Tproxy模式
fi
set_redir_config
elif [ "$num" = 6 ]; then
if ckcmd opkg && [ -z "$(opkg list-installed | grep firewall4)" ];then
read -p "检测到缺少firewall4依赖是否自动安装(1/0) > " res
[ "$res" = '1' ] && opkg install firewall4 && redir_mod=Nft基础
else
redir_mod=Nft基础
fi
set_redir_config
elif [ "$num" = 7 ]; then
if ckcmd opkg && [ -z "$(opkg list-installed | grep kmod-nft-tproxy)" ];then
read -p "检测到缺少kmod-nft-tproxy依赖是否自动安装(1/0) > " res
[ "$res" = '1' ] && opkg install kmod-nft-tproxy && redir_mod=Nft混合
else
redir_mod=Nft混合
fi
set_redir_config
elif [ "$num" = 8 ]; then
redir_mod=纯净模式
set_redir_config
echo -----------------------------------------------
echo -e "\033[33m当前模式需要手动在设备WiFi或应用中配置HTTP或sock5代理\033[0m"
echo -e "HTTP/SOCK5代理服务器地址\033[30;47m$host\033[0m;端口均为:\033[30;47m$mix_port\033[0m"
echo -e "也可以使用更便捷的PAC自动代理PAC代理链接为"
echo -e "\033[30;47m http://$host:$db_port/ui/pac \033[0m"
echo -e "PAC的使用教程请参考\033[4;32mhttps://juewuy.github.io/ehRUeewcv\033[0m"
sleep 2
else
errornum
fi
}
set_dns_mod(){
echo -----------------------------------------------
echo -e "当前DNS运行模式为\033[47;30m $dns_mod \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo -----------------------------------------------
echo -e " 1 fake-ip模式 \033[32m响应速度更快\033[0m"
echo -e " 不支持绕过CN-IP功能"
echo -e " 2 redir_host模式\033[32m兼容性更好\033[0m"
echo -e " 需搭配加密DNS使用"
echo -e " 3 mix混合模式 \033[32m内部realip外部fakeip\033[0m"
echo -e " 限singbox1.8.0+内核!"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
dns_mod=fake-ip
setconfig dns_mod $dns_mod
echo -----------------------------------------------
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
elif [ "$num" = 2 ]; then
dns_mod=redir_host
setconfig dns_mod $dns_mod
echo -----------------------------------------------
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
elif [ "$num" = 3 ]; then
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ] && [ "$core_v" != '1.7.8' ];then
dns_mod=mix
setconfig dns_mod $dns_mod
echo -----------------------------------------------
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
else
errornum
fi
}
fake_ip_filter(){
echo -e "\033[32m用于解决Fake-ip模式下部分地址或应用无法连接的问题\033[0m"
echo -e "\033[31m脚本已经内置了大量地址你只需要添加出现问题的地址\033[0m"
echo -e "\033[36m示例a.b.com"
echo -e "示例:*.b.com"
echo -e "示例:*.*.b.com\033[0m"
echo -----------------------------------------------
if [ -s ${CRASHDIR}/configs/fake_ip_filter ];then
echo -e "\033[33m已添加Fake-ip过滤地址\033[0m"
cat ${CRASHDIR}/configs/fake_ip_filter | awk '{print NR" "$1}'
else
echo -e "\033[33m你还未添加Fake-ip过滤地址\033[0m"
fi
echo -----------------------------------------------
echo -e "\033[32m输入数字直接移除对应地址输入地址直接添加\033[0m"
read -p "请输入数字或地址 > " input
case $input in
0) ;;
'') ;;
[0-99])
sed -i "${input}d" ${CRASHDIR}/configs/fake_ip_filter 2>/dev/null
echo -e "\033[32m移除成功\033[0m"
fake_ip_filter
;;
*)
echo -e "你输入的地址是:\033[32m$input\033[0m"
read -p "确认添加?(1/0) > " res
[ "$res" = 1 ] && echo $input >> ${CRASHDIR}/configs/fake_ip_filter
fake_ip_filter
;;
esac
}
#获取设置默认显示
[ -z "$skip_cert" ] && skip_cert=已开启
[ -z "$common_ports" ] && common_ports=已开启
[ -z "$dns_mod" ] && dns_mod=redir_host
[ -z "$dns_over" ] && dns_over=已开启
[ -z "$cn_ip_route" ] && cn_ip_route=未开启
[ -z "$local_proxy" ] && local_proxy=未开启
[ -z "$quic_rj" ] && quic_rj=未开启
[ -z "$(cat ${CRASHDIR}/configs/mac)" ] && mac_return=未开启 || mac_return=已启用
#
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用功能设置菜单\033[0m"
echo -----------------------------------------------
echo -e " 1 切换Clash运行模式: \033[36m$redir_mod\033[0m"
[ "$disoverride" != "1" ] && {
echo -e " 2 切换DNS运行模式 \033[36m$dns_mod\033[0m"
echo -e " 3 跳过本地证书验证: \033[36m$skip_cert\033[0m ————解决节点证书验证错误"
}
echo -e " 4 只代理常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量"
echo -e " 5 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤"
echo -e " 6 设置本机代理服务: \033[36m$local_proxy\033[0m ————使本机流量经过ShellCrash内核"
echo -e " 7 屏蔽QUIC流量: \033[36m$quic_rj\033[0m ————优化视频性能"
[ "$disoverride" != "1" ] && {
[ "$dns_mod" = "fake-ip" -a "$crashcore" != "singbox" ] && \
echo -e " 8 管理Fake-ip过滤列表" || \
echo -e " 8 CN_IP绕过内核: \033[36m$cn_ip_route\033[0m ————优化性能不兼容Fake-ip"
}
echo -----------------------------------------------
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
if [ "$USER" != "root" -a "$USER" != "admin" ];then
echo -----------------------------------------------
read -p "非root用户可能无法正确配置其他模式依然尝试吗(1/0) > " res
[ "$res" = 1 ] && set_redir_mod
else
set_redir_mod
fi
normal_set
elif [ "$num" = 2 ]; then
set_dns_mod
normal_set
elif [ "$num" = 3 ]; then
echo -----------------------------------------------
if [ "$skip_cert" = "未开启" ] > /dev/null 2>&1; then
echo -e "\033[33m已设为开启跳过本地证书验证\033[0m"
skip_cert=已开启
else
echo -e "\033[33m已设为禁止跳过本地证书验证\033[0m"
skip_cert=未开启
fi
setconfig skip_cert $skip_cert
normal_set
elif [ "$num" = 4 ]; then
set_common_ports(){
if [ "$common_ports" = "未开启" ]; then
echo -e "\033[33m已设为仅代理【$multiport】等常用端口!!\033[0m"
echo -e "\033[31m注意fake-ip模式下非常用端口的域名连接将不受影响\033[0m"
common_ports=已开启
sleep 1
else
echo -e "\033[33m已设为代理全部端口\033[0m"
common_ports=未开启
fi
setconfig common_ports $common_ports
}
echo -----------------------------------------------
if [ -n "$(pidof CrashCore)" ];then
read -p "切换时将停止服务,是否继续?(1/0) > " res
[ "$res" = 1 ] && ${CRASHDIR}/start.sh stop && set_common_ports
else
set_common_ports
fi
normal_set
elif [ "$num" = 5 ]; then
checkcfg_mac=$(cat ${CRASHDIR}/configs/mac)
macfilter
if [ -n "$PID" ];then
checkcfg_mac_new=$(cat ${CRASHDIR}/configs/mac)
[ "$checkcfg_mac" != "$checkcfg_mac_new" ] && checkrestart
fi
normal_set
elif [ "$num" = 6 ]; then
if [ "$local_proxy" = "未开启" ]; then
localproxy
else
local_proxy=未开启
setconfig local_proxy $local_proxy
setconfig local_type
echo -e "\033[33m已经停用本机代理规则,请尽快重启服务!!\033[0m"
fi
sleep 1
normal_set
elif [ "$num" = 7 ]; then
echo -----------------------------------------------
if [ -n "$(echo "$redir_mod" | grep -oE '混合|Tproxy|Tun')" ];then
if [ "$quic_rj" = "未开启" ]; then
echo -e "\033[33m已禁止QUIC流量通过ShellCrash内核\033[0m"
quic_rj=已启用
else
echo -e "\033[33m已取消禁止QUIC协议流量\033[0m"
quic_rj=未开启
fi
setconfig quic_rj $quic_rj
else
echo -e "\033[33m当前模式默认不会代理UDP流量无需设置\033[0m"
fi
sleep 1
normal_set
elif [ "$num" = 8 ]; then
echo -----------------------------------------------
if [ "$dns_mod" = "fake-ip" -a "$crashcore" != "singbox" ];then
fake_ip_filter
else
if [ -n "$(ipset -v 2>/dev/null)" -o -n "$(echo $redir_mod | grep Nft)" ];then
if [ "$cn_ip_route" = "未开启" ]; then
echo -e "\033[32m已开启CN_IP绕过内核功能\033[0m"
echo -e "\033[31m注意此功能会导致全局模式及一切CN相关规则失效\033[0m"
cn_ip_route=已开启
sleep 2
else
echo -e "\033[33m已禁用CN_IP绕过内核功能\033[0m"
cn_ip_route=未开启
fi
setconfig cn_ip_route $cn_ip_route
else
echo -e "\033[31m当前设备缺少ipset模块或未使用Nft模式无法启用绕过功能\033[0m"
sleep 1
fi
fi
normal_set
elif [ "$num" = 9 ]; then
start_core
else
errornum
fi
}
advanced_set(){ #进阶设置
#获取设置默认显示
[ -z "$proxies_bypass" ] && proxies_bypass=未启用
[ -z "$start_old" ] && start_old=未开启
[ -z "$tproxy_mod" ] && tproxy_mod=未开启
[ -z "$public_support" ] && public_support=未开启
[ -z "$sniffer" ] && sniffer=未启用
[ "$crashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && sniffer=已启用
[ "$BINDIR" = "/tmp/ShellCrash" ] && mini_clash=已开启 || mini_clash=未开启
#
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用进阶模式菜单\033[0m"
echo -e "\033[33m如您并不了解ShellCrash的运行机制请勿更改本页面功能\033[0m"
echo -----------------------------------------------
[ "$disoverride" != "1" ] && echo -e " 1 ipv6相关"
#echo -e " 2 配置Meta特性"
echo -e " 3 配置公网及局域网防火墙"
[ "$disoverride" != "1" ] && {
echo -e " 4 启用域名嗅探: \033[36m$sniffer\033[0m ————用于流媒体及防DNS污染"
echo -e " 5 自定义\033[32m端口及秘钥\033[0m"
echo -e " 6 配置内置DNS服务 \033[36m$dns_no\033[0m"
}
echo -----------------------------------------------
echo -e " 9 \033[31m重置/备份/还原\033[0m脚本设置"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
1)
setipv6
advanced_set
;;
2)
setmeta
advanced_set
;;
3)
setfirewall
advanced_set
;;
4)
echo -----------------------------------------------
if [ "$sniffer" = "未启用" ];then
if [ "$crashcore" = "clash" ];then
2024-01-29 16:18:30 +08:00
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore.tar.gz
crashcore=meta
setconfig crashcore $crashcore
echo "已将ShellCrash内核切换为Meta内核域名嗅探依赖Meta或者高版本clashpre内核"
fi
sniffer=已启用
elif [ "$crashcore" = "clashpre" -a "$dns_mod" = "redir_host" ];then
echo -e "\033[31m使用clashpre内核且开启redir-host模式时无法关闭\033[0m"
else
sniffer=未启用
fi
setconfig sniffer $sniffer
echo -e "\033[32m设置成功\033[0m"
sleep 1
advanced_set
;;
5)
if [ -n "$(pidof CrashCore)" ];then
echo -----------------------------------------------
echo -e "\033[33m检测到服务正在运行需要先停止服务\033[0m"
read -p "是否停止服务?(1/0) > " res
if [ "$res" = "1" ];then
${CRASHDIR}/start.sh stop
setport
fi
else
setport
fi
advanced_set
;;
6)
setdns
advanced_set
;;
9)
echo -e " 1 备份脚本设置"
echo -e " 2 还原脚本设置"
echo -e " 3 重置脚本设置"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
cp -f $CFG_PATH $CFG_PATH.bak
echo -e "\033[32m脚本设置已备份\033[0m"
elif [ "$num" = 2 ]; then
if [ -f "$CFG_PATH.bak" ];then
mv -f $CFG_PATH $CFG_PATH.bak2
mv -f $CFG_PATH.bak $CFG_PATH
mv -f $CFG_PATH.bak2 $CFG_PATH.bak
echo -e "\033[32m脚本设置已还原(被覆盖的配置已备份!)\033[0m"
else
echo -e "\033[31m找不到备份文件请先备份脚本设置\033[0m"
fi
elif [ "$num" = 3 ]; then
mv -f $CFG_PATH $CFG_PATH.bak
source ${CRASHDIR}/init.sh >/dev/null
echo -e "\033[32m脚本设置已重置(旧文件已备份!)\033[0m"
fi
echo -e "\033[33m请重新启动脚本\033[0m"
exit 0
;;
*) errornum ;;
esac
}
#工具脚本
autoSSH(){
echo -----------------------------------------------
echo -e "\033[33m本功能使用软件命令进行固化不保证100%成功!\033[0m"
echo -e "\033[33m如有问题请加群反馈\033[36;4mhttps://t.me/ShellClash\033[0m"
read -p "请输入需要还原的SSH密码(不影响当前密码,回车可跳过) > " mi_autoSSH_pwd
mi_autoSSH=已配置
cp -f /etc/dropbear/dropbear_rsa_host_key ${CRASHDIR}/configs/dropbear_rsa_host_key 2>/dev/null
cp -f /etc/dropbear/authorized_keys ${CRASHDIR}/configs/authorized_keys 2>/dev/null
ckcmd nvram && {
nvram set ssh_en=1
nvram set telnet_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram commit
}
echo -e "\033[32m设置成功\033[0m"
setconfig mi_autoSSH $mi_autoSSH
setconfig mi_autoSSH_pwd $mi_autoSSH_pwd
sleep 1
}
uninstall(){
read -p "确认卸载ShellCrash(警告:该操作不可逆!)[1/0] > " res
if [ "$res" = '1' ]; then
${CRASHDIR}/start.sh stop 2>/dev/null
${CRASHDIR}/start.sh cronset "clash服务" 2>/dev/null
${CRASHDIR}/start.sh cronset "订阅链接" 2>/dev/null
${CRASHDIR}/start.sh cronset "ShellCrash初始化" 2>/dev/null
${CRASHDIR}/start.sh cronset "task.sh" 2>/dev/null
read -p "是否保留脚本配置及订阅文件?[1/0] > " res
if [ "$res" = '1' ]; then
mv -f ${CRASHDIR}/configs /tmp/ShellCrash
mv -f ${CRASHDIR}/yamls /tmp/ShellCrash
mv -f ${CRASHDIR}/jsons /tmp/ShellCrash
rm -rf ${CRASHDIR}/*
mv -f /tmp/ShellCrash/configs ${CRASHDIR}
mv -f /tmp/ShellCrash/yamls ${CRASHDIR}
mv -f /tmp/ShellCrash/jsons ${CRASHDIR}
else
rm -rf ${CRASHDIR}
fi
[ -w ~/.bashrc ] && profile=~/.bashrc
[ -w /etc/profile ] && profile=/etc/profile
sed -i '/alias clash=*/'d $profile
sed -i '/alias crash=*/'d $profile
sed -i '/export CRASHDIR=*/'d $profile
sed -i '/export crashdir=*/'d $profile
sed -i '/all_proxy/'d $profile
sed -i '/ALL_PROXY/'d $profile
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user 2>/dev/null
sed -i '/ShellCrash初始化/'d /etc/storage/started_script.sh 2>/dev/null
sed -i '/ShellCrash初始化/'d /jffs/.asusrouter 2>/dev/null
[ "$BINDIR" != "$CRASHDIR" ] && rm -rf ${BINDIR}
rm -rf /etc/init.d/shellcrash
rm -rf /etc/systemd/system/shellcrash.service
rm -rf /usr/lib/systemd/system/shellcrash.service
rm -rf /www/clash
rm -rf /tmp/ShellCrash
sed -i '/0:7890/d' /etc/passwd
userdel -r shellcrash 2>/dev/null
nvram set script_usbmount="" 2>/dev/null
nvram commit 2>/dev/null
uci delete firewall.ShellCrash 2>/dev/null
uci commit firewall 2>/dev/null
echo -----------------------------------------------
echo -e "\033[36m已卸载ShellCrash相关文件有缘再会\033[0m"
echo -e "\033[33m请手动关闭当前窗口以重置环境变量\033[0m"
echo -----------------------------------------------
exit
fi
echo -e "\033[31m操作已取消\033[0m"
}
tools(){
ssh_tools(){
stop_iptables(){
iptables -t nat -D PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
}
[ -n "$(cat /etc/firewall.user 2>&1 | grep '启用外网访问SSH服务')" ] && ssh_ol=禁止 || ssh_ol=开启
[ -z "$ssh_port" ] && ssh_port=10022
echo -----------------------------------------------
echo -e "\033[33m此功能仅针对使用Openwrt系统的设备生效且不依赖服务\033[0m"
echo -e "\033[31m本功能不支持红米AX6S等镜像化系统设备请勿尝试\033[0m"
echo -----------------------------------------------
echo -e " 1 \033[32m修改\033[0m外网访问端口\033[36m$ssh_port\033[0m"
echo -e " 2 \033[32m修改\033[0mSSH访问密码(请连续输入2次后回车)"
echo -e " 3 \033[33m$ssh_ol\033[0m外网访问SSH"
echo -----------------------------------------------
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
read -p "请输入端口号(1000-65535) > " num
if [ -z "$num" ]; then
errornum
elif [ $num -gt 65535 -o $num -le 999 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1000-65535)\033[0m"
elif [ -n "$(netstat -ntul |grep :$num)" ];then
echo -e "\033[31m当前端口已被其他进程占用请重新输入\033[0m"
else
ssh_port=$num
setconfig ssh_port $ssh_port
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
stop_iptables
echo -e "\033[32m设置成功请重新开启外网访问SSH功能\033[0m"
fi
sleep 1
ssh_tools
elif [ "$num" = 2 ]; then
passwd
sleep 1
ssh_tools
elif [ "$num" = 3 ]; then
if [ "$ssh_ol" = "开启" ];then
iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
[ -n "$(ckcmd ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
echo "iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
[ -n "$(ckcmd ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
echo -----------------------------------------------
echo -e "已开启外网访问SSH功能"
else
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
stop_iptables
echo -----------------------------------------------
echo -e "已禁止外网访问SSH"
fi
else
errornum
fi
}
#获取设置默认显示
2024-01-12 19:39:16 +08:00
grep -qE "^\s*[^#].*otapredownload" /etc/crontabs/root >/dev/null 2>&1 && mi_update=禁用 || mi_update=启用
[ "$mi_autoSSH" = "已配置" ] && mi_autoSSH_type=32m已配置 || mi_autoSSH_type=31m未配置
[ -f ${CRASHDIR}/tools/tun.ko ] && mi_tunfix=32m已启用 || mi_tunfix=31m未启用
#
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用其他工具菜单\033[0m"
echo -e "\033[33m本页工具可能无法兼容全部Linux设备请酌情使用\033[0m"
echo -e "磁盘占用/所在目录:"
du -sh ${CRASHDIR}
echo -----------------------------------------------
echo -e " 1 ShellCrash\033[33m测试菜单\033[0m"
echo -e " 2 ShellCrash\033[32m新手引导\033[0m"
echo -e " 3 \033[36m日志及推送工具\033[0m"
[ -f /etc/firewall.user ] && echo -e " 4 \033[32m配置\033[0m外网访问SSH"
[ -x /usr/sbin/otapredownload ] && echo -e " 5 \033[33m$mi_update\033[0m小米系统自动更新"
2024-01-25 23:47:59 +08:00
[ -f ${CRASHDIR}/misnap_init.sh ] && echo -e " 6 小米设备软固化SSH ———— \033[$mi_autoSSH_type \033[0m"
[ -f /etc/config/ddns -a -d "/etc/ddns" ] && echo -e " 7 配置\033[32mDDNS服务\033[0m(需下载相关脚本)"
2024-01-25 23:47:59 +08:00
[ -f ${CRASHDIR}/misnap_init.sh ] && echo -e " 8 小米设备Tun模块修复 ———— \033[$mi_tunfix \033[0m"
echo -----------------------------------------------
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
source ${CRASHDIR}/getdate.sh && testcommand
elif [ "$num" = 2 ]; then
source ${CRASHDIR}/getdate.sh && userguide
elif [ "$num" = 3 ]; then
log_pusher
tools
elif [ "$num" = 4 ]; then
ssh_tools
sleep 1
tools
elif [ "$num" = 7 ]; then
echo -----------------------------------------------
if [ ! -f ${CRASHDIR}/tools/ShellDDNS.sh ];then
echo -e "正在获取在线脚本……"
${CRASHDIR}/start.sh get_bin ${TMPDIR}/ShellDDNS.sh tools/ShellDDNS.sh
if [ "$?" = "0" ];then
mv -f ${TMPDIR}/ShellDDNS.sh ${CRASHDIR}/tools/ShellDDNS.sh
source ${CRASHDIR}/tools/ShellDDNS.sh
else
echo -e "\033[31m文件下载失败\033[0m"
fi
else
source ${CRASHDIR}/tools/ShellDDNS.sh
fi
sleep 1
tools
elif [ -x /usr/sbin/otapredownload ] && [ "$num" = 5 ]; then
2024-01-12 19:39:16 +08:00
if [ "$mi_update" = "禁用" ]; then
grep -q "otapredownload" /etc/crontabs/root && \
sed -i "/^[^\#]*otapredownload/ s/^/#/" /etc/crontabs/root || \
echo "#15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >> /etc/crontabs/root
else
grep -q "otapredownload" /etc/crontabs/root && \
sed -i "/^\s*#.*otapredownload/ s/^\s*#//" /etc/crontabs/root || \
echo "15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >> /etc/crontabs/root
fi
echo -----------------------------------------------
echo -e "已\033[33m$mi_update\033[0m小米路由器的自动更新如未生效请在官方APP中同步设置"
sleep 1
tools
elif [ "$num" = 6 ]; then
if [ "$systype" = "mi_snapshot" ];then
autoSSH
else
echo 不支持的设备!
fi
tools
elif [ "$num" = 8 ]; then
if [ -f ${CRASHDIR}/tools/tun.ko ];then
read -p "是否禁用此功能并移除相关补丁?(1/0) > " res
[ "$res" = 1 ] && {
rm -rf ${CRASHDIR}/tools/tun.ko
echo -e "\033[33m补丁文件已移除请立即重启设备以防止出错\033[0m"
}
elif [ -z "$(modinfo tun)" ];then
echo -e "\033[33m本功能需要修改系统文件不保证没有任何风险\033[0m"
echo -e "\033[33m本功能采集的Tun模块并不一定适用于你的设备\033[0m"
sleep 1
read -p "我已知晓,出现问题会自行承担!(1/0) > " res
if [ "$res" = 1 ];then
echo -----------------------------------------------
echo 正在连接服务器获取Tun模块补丁文件…………
${CRASHDIR}/start.sh get_bin ${TMPDIR}/tun.ko bin/fix/tun.ko
if [ "$?" = "0" ];then
mv -f ${TMPDIR}/tun.ko ${CRASHDIR}/tools/tun.ko && \
${CRASHDIR}/misnap_init.sh tunfix && \
echo -e "\033[32m设置成功请重启服务\033[0m"
else
echo -e "\033[31m文件下载失败请重试\033[0m"
fi
fi
else
echo -e "\033[31m当前设备无需设置请勿尝试\033[0m"
sleep 1
fi
tools
else
errornum
fi
}
#主菜单
main_menu(){
#############################
ckstatus
#############################
echo -e " 1 \033[32m启动/重启\033[0m服务"
echo -e " 2 内核\033[33m功能设置\033[0m"
echo -e " 3 \033[31m停止\033[0m内核服务"
echo -e " 4 内核\033[36m启动设置\033[0m"
echo -e " 5 配置\033[33m自动任务\033[0m"
echo -e " 6 导入\033[32m配置文件\033[0m"
echo -e " 7 内核\033[31m进阶设置\033[0m"
echo -e " 8 \033[35m其他工具\033[0m"
echo -e " 9 \033[36m更新/卸载\033[0m"
echo -----------------------------------------------
echo -e " 0 \033[0m退出脚本\033[0m"
read -p "请输入对应数字 > " num
if [ -z "$num" ];then
errornum
exit;
elif [ "$num" = 0 ]; then
exit;
elif [ "$num" = 1 ]; then
start_core
exit;
2020-08-03 15:16:33 +08:00
elif [ "$num" = 2 ]; then
checkcfg=$(cat $CFG_PATH)
normal_set
if [ -n "$PID" ];then
checkcfg_new=$(cat $CFG_PATH)
[ "$checkcfg" != "$checkcfg_new" ] && checkrestart
fi
main_menu
2020-08-06 17:17:05 +08:00
elif [ "$num" = 3 ]; then
${CRASHDIR}/start.sh stop
sleep 1
echo -----------------------------------------------
2020-08-06 17:17:05 +08:00
echo -e "\033[31mClash服务已停止\033[0m"
main_menu
2020-08-03 15:16:33 +08:00
elif [ "$num" = 4 ]; then
setboot
main_menu
2020-08-03 15:16:33 +08:00
elif [ "$num" = 5 ]; then
source ${CRASHDIR}/task/task.sh && task_menu
main_menu
elif [ "$num" = 6 ]; then
source ${CRASHDIR}/getdate.sh && set_core_config
main_menu
elif [ "$num" = 7 ]; then
checkcfg=$(cat $CFG_PATH)
advanced_set
if [ -n "$PID" ];then
checkcfg_new=$(cat $CFG_PATH)
[ "$checkcfg" != "$checkcfg_new" ] && checkrestart
fi
main_menu
elif [ "$num" = 8 ]; then
tools
main_menu
elif [ "$num" = 9 ]; then
checkcfg=$(cat $CFG_PATH)
source ${CRASHDIR}/getdate.sh && update
if [ -n "$PID" ];then
checkcfg_new=$(cat $CFG_PATH)
[ "$checkcfg" != "$checkcfg_new" ] && checkrestart
fi
main_menu
else
errornum
exit;
fi
2020-08-03 15:16:33 +08:00
}
[ -z "$CRASHDIR" ] && {
echo 环境变量配置有误!正在初始化~~~
CRASHDIR=$(cd `dirname $0`; pwd)
source ${CRASHDIR}/init.sh
sleep 1
echo 请重启SSH窗口以完成初始化
exit
}
[ -z "$1" ] && main_menu
case "$1" in
-h)
echo -----------------------------------------
echo "欢迎使用ShellCrash"
echo -----------------------------------------
echo " -t 测试模式"
echo " -h 帮助列表"
echo " -u 卸载脚本"
echo " -i 初始化脚本"
echo -----------------------------------------
echo " crash -s start 启动服务"
echo " crash -s stop 停止服务"
echo " 安装目录/start.sh init 开机初始化"
echo -----------------------------------------
echo "在线求助t.me/ShellClash"
echo "官方博客juewuy.github.io"
echo "发布页面github.com/juewuy/ShellCrash"
echo -----------------------------------------
;;
-t)
shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
$shtype -x ${CRASHDIR}/menu.sh
;;
-s)
${CRASHDIR}/start.sh $2 $3 $4 $5 $6
;;
-i)
source ${CRASHDIR}/init.sh
;;
-st)
shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
$shtype -x ${CRASHDIR}/start.sh $2 $3 $4 $5 $6
;;
-u)
uninstall
;;
*)
$0 -h
;;
esac