Austin/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2024-11-16 11:42:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

v1.6.15c

Browse Source 
~修复脚本内置更新时无法正确更新版本号的bug
~修复dnsmasq转发无法正常禁用的bug
~梅林固件增加对nat-start文件的自启授权,解决脚本无法自启的问题
~修复华硕固件因不支持command命令而导致的一系列问题
This commit is contained in:
juewuy 2023-01-15 20:58:15 +08:00
parent d27ebdb0a8
commit 69969841d8
4 changed files with 44 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
scripts/clash.sh
View File

@ -3,6 +3,9 @@
#读取配置相关
ckcmd(){
command -v sh &>/dev/null && command -v $1 &>/dev/null || type $1 &>/dev/null
}
getconfig(){
#服务器缺省地址
@ -427,8 +430,8 @@ setdns(){
echo -e " 3 \033[33m重置\033[0mDNS配置"
echo -e " 4 一键配置\033[32m加密DNS\033[0m"
echo -e " 5 hosts优化 \033[36m$hosts_opt\033[0m ————调用本机hosts并劫持NTP服务"
echo -e " 6 Dnsmasq转发 \033[36m$dns_redir\033[0m ————不明勿动"
echo -e " 7 禁用内置DNS \033[36m$dns_no\033[0m ————不明勿动"
echo -e " 6 Dnsmasq转发 \033[36m$dns_redir\033[0m ————不推荐使用"
echo -e " 7 禁用DNS劫持 \033[36m$dns_no\033[0m ————取消劫持局域网53端口"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
@ -504,7 +507,11 @@ setdns(){
echo -e "\033[32m已启用Dnsmasq转发DNS功能\033[0m"
sleep 1
else
echo -e "\033[33m禁用成功\033[0m"
uci del dhcp.@dnsmasq[-1].server
uci set dhcp.@dnsmasq[0].noresolv=0
uci commit dhcp
/etc/init.d/dnsmasq restart
echo -e "\033[33m禁用成功如有报错请重启设备\033[0m"
dns_redir=未开启
fi
sleep 1
@ -516,10 +523,10 @@ setdns(){
if [ "$dns_no" = "未禁用" ]; then
echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用!\033[0m"
dns_no=已禁用
echo -e "\033[32m已禁用内置DNS\033[0m"
echo -e "\033[32m已禁用DNS劫持\033[0m"
else
dns_no=未禁用
echo -e "\033[33m已启用内置DNS\033[0m"
echo -e "\033[33m已启用DNS劫持\033[0m"
fi
sleep 1
setconfig dns_no $dns_no
@ -742,7 +749,7 @@ localproxy(){
echo -e " 1 \033[36m$proxy_set本机代理\033[0m"
echo -e " 2 使用\033[32m环境变量\033[0m方式配置(部分应用可能无法使用)"
[ -n "$(lsmod | grep ^xt_owner)" ] && echo -e " 3 使用\033[32miptables增强模式\033[0m配置(支持docker)"
command -v nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)"
ckcmd nft && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
@ -829,13 +836,13 @@ setboot(){
1)
if [ "$autostart" = "enable" ]; then
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
command -v systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl disable clash.service > /dev/null 2>&1
touch $clashdir/.dis_startup
autostart=disable
echo -e "\033[33m已禁止Clash开机启动\033[0m"
elif [ "$autostart" = "disable" ]; then
[ -f /etc/rc.common ] && /etc/init.d/clash enable
command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1
rm -rf $clashdir/.dis_startup
autostart=enable
echo -e "\033[32m已设置Clash开机启动\033[0m"
@ -959,7 +966,7 @@ clashcfg(){
}
[ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && sup_tp=1
#[ -n "$(lsmod | grep '^tun')" ] || ip tuntap &>/dev/null && sup_tun=1
command -v nft &> /dev/null && sup_nft=1
ckcmd nft && sup_nft=1
#[ -n "$(lsmod | grep 'nft_tproxy')" ] && sup_nft=2
echo -----------------------------------------------
echo -e "当前代理模式为:\033[47;30m $redir_mod \033[0mClash核心为\033[47;30m $clashcore \033[0m"
@ -1006,7 +1013,7 @@ clashcfg(){
set_redir_config
elif [ "$num" = 6 ]; then
if command -v opkg >/dev/null && [ -z "$(opkg list-installed | grep firewall4)" ];then
if ckcmd opkg && [ -z "$(opkg list-installed | grep firewall4)" ];then
read -p "检测到缺少firewall4依赖是否自动安装(1/0)" res
[ "$res" = '1' ] && opkg install firewall4 && redir_mod=Nft基础
else
@ -1015,7 +1022,7 @@ clashcfg(){
set_redir_config
elif [ "$num" = 7 ]; then
if command -v opkg >/dev/null && [ -z "$(opkg list-installed | grep kmod-nft-tproxy)" ];then
if ckcmd opkg && [ -z "$(opkg list-installed | grep kmod-nft-tproxy)" ];then
read -p "检测到缺少kmod-nft-tproxy依赖是否自动安装(1/0)" res
[ "$res" = '1' ] && opkg install kmod-nft-tproxy && redir_mod=Nft混合
else
@ -1467,9 +1474,9 @@ tools(){
elif [ "$num" = 3 ]; then
if [ "$ssh_ol" = "开启" ];then
iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
[ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
[ -n "$(ckcmd ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
echo "iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
[ -n "$(command -v ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
[ -n "$(ckcmd ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
echo -----------------------------------------------
echo -e "已开启外网访问SSH功能"
else

7
scripts/getdate.sh
View File

@ -345,6 +345,7 @@ gettar(){
echo -e "\033[33m文件解压失败\033[0m"
error_down
else
setconfig versionsh_l $release_new
echo -e "\033[32m脚本更新成功\033[0m"
fi
fi
@ -940,14 +941,14 @@ userguide(){
errornum
forwhat
elif [ "$num" = 1 ];then
if command -v nft &>/dev/null;then
if ckcmd nft;then
setconfig redir_mod "Nft模式"
else
setconfig redir_mod "Redir模式"
fi
#设置开机启动
[ -f /etc/rc.common ] && /etc/init.d/clash enable
command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1
rm -rf $clashdir/.dis_startup
autostart=enable
#检测IP转发
@ -1032,7 +1033,7 @@ userguide(){
sethost
fi
}
if command -v systemd >/dev/null 2>&1 ;then
if ckcmd systemd;then
echo -----------------------------------------------
echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务\033[0m"
echo -e "注意当前设备必须有公网IP才能从公网正常访问"

4
scripts/init.sh
View File

@ -166,7 +166,7 @@ else
fi
fi
#修饰文件及版本号
command -v bash &>/dev/null && sed -i "s|/bin/sh|/bin/bash|" $clashdir/start.sh
bash --help &>/dev/null && sed -i "s|/bin/sh|/bin/bash|" $clashdir/start.sh
chmod 755 $clashdir/start.sh
setconfig versionsh_l $version
#设置更新地址
@ -197,6 +197,7 @@ fi
sed -i '/ShellClash初始化/'d $initdir
touch $initdir
echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
chmod a+rx $initdir 2>/dev/null
setconfig initdir $initdir
}
#小米镜像化OpenWrt额外设置
@ -210,7 +211,6 @@ if [ "$systype" = "mi_snapshot" ];then
setconfig systype $systype
else
rm -rf $clashdir/misnap_init.sh
rm -rf $clashdir/clashservice
fi
#华硕USB启动额外设置
[ "$usb_status" = "1" ] && {

33
scripts/start.sh
View File

@ -36,10 +36,13 @@ setconfig(){
[ -z "$3" ] && configpath=$clashdir/mark || configpath=$3
[ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath
}
ckcmd(){
command -v sh &>/dev/null && command -v $1 &>/dev/null || type $1 &>/dev/null
}
compare(){
if [ ! -f $1 -o ! -f $2 ];then
return 1
elif command -v cmp >/dev/null 2>&1;then
elif ckcmd cmp;then
cmp -s $1 $2
else
[ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1
@ -255,7 +258,7 @@ EOF`
exit 1
fi
#检测并去除无效节点组
[ -n "$url_type" ] && command -v xargs >/dev/null 2>&1 && {
[ -n "$url_type" ] && ckcmd xargs && {
cat $yamlnew | grep -A 8 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/ rules:.*//g' | sed 's/- //g' | grep -E '#DIRECT $' | awk -F '#' '{print $1}' > /tmp/clash_proxies_$USER
while read line ;do
sed -i "/- $line/d" $yamlnew
@ -691,7 +694,7 @@ start_output(){
iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out
}
#Docker转发
command -v docker &>/dev/null && {
ckcmd docker && {
iptables -t nat -N clash_docker
iptables -t nat -A clash_docker -d 10.0.0.0/8 -j RETURN
iptables -t nat -A clash_docker -d 127.0.0.0/8 -j RETURN
@ -883,20 +886,20 @@ start_wan(){
iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT
iptables -A INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT
iptables -A INPUT -p tcp --dport $mix_port -j REJECT
command -v ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
ckcmd ip6tables && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
}
if [ "$public_support" = "已开启" ];then
[ "$mix_port" != "7890" -a -n "$authentication" ] && {
iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT
command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
ckcmd ip6tables && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
}
iptables -I INPUT -p tcp --dport $db_port -j ACCEPT
command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
ckcmd ip6tables && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
fi
}
stop_firewall(){
#重置iptables相关规则
command -v iptables >/dev/null 2>&1 && {
ckcmd iptables && {
#redir
iptables -t nat -D PREROUTING -p tcp $ports -j clash 2> /dev/null
iptables -t nat -F clash 2> /dev/null
@ -939,7 +942,7 @@ stop_firewall(){
iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
}
#重置ipv6规则
command -v ip6tables >/dev/null 2>&1 && {
ckcmd ip6tables && {
#redir
ip6tables -t nat -D PREROUTING -p tcp -j clashv6 2> /dev/null
ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellClash-IPV6_DNS-REJECT" -j REJECT 2> /dev/null
@ -984,7 +987,7 @@ stop_firewall(){
ip rule del fwmark 1 table 102 2> /dev/null
ip route del local 172.16.0.0/12 dev lo table 102 2> /dev/null
#重置nftables相关规则
command -v nft >/dev/null 2>&1 && {
ckcmd nft && {
nft flush table inet shellclash >/dev/null 2>&1
nft delete table inet shellclash >/dev/null 2>&1
}
@ -1100,7 +1103,7 @@ bfstart(){
#检查clash核心
if [ ! -f $bindir/clash ];then
if [ -f $clashdir/clash ];then
mv $clashdir/clash $bindir/clash && chmod +x $bindir/clash
mv $clashdir/clash $bindir/clash
else
logger "未找到clash核心正在下载" 33
if [ -z "$clashcore" ];then
@ -1110,7 +1113,6 @@ bfstart(){
[ -z "$cpucore" ] && logger 找不到设备的CPU信息请手动指定处理器架构类型 31 && setcpucore
$0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore"
[ "$?" = "1" ] && rm -rf $bindir/clash && logger "核心下载失败,已退出!" 31 && exit 1
[ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限1
clashv=$($bindir/clash -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
if [ -z "$clashv" ];then
rm -rf $bindir/clash
@ -1122,6 +1124,7 @@ bfstart(){
fi
fi
fi
[ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限
#检查数据库文件
if [ ! -f $bindir/Country.mmdb ];then
if [ -f $clashdir/Country.mmdb ];then
@ -1157,7 +1160,7 @@ bfstart(){
#本机代理准备
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then
if command -v userdel useradd groupmod &>/dev/null; then
if ckcmd userdel useradd groupmod; then
userdel shellclash 2>/dev/null
useradd shellclash -u 7890
groupmod shellclash -g 7890
@ -1225,7 +1228,7 @@ afstart(){
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft
command -v iptables >/dev/null 2>&1 && start_wan
ckcmd iptables && start_wan
#标记启动时间
mark_time
#加载定时任务
@ -1249,7 +1252,7 @@ start_old(){
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
su shellclash -c "$bindir/clash -d $bindir >/dev/null" &
else
command -v nohup >/dev/null 2>&1 && nohup=nohup
ckcmd nohup && nohup=nohup
$nohup $bindir/clash -d $bindir >/dev/null 2>&1 &
fi
afstart
@ -1418,7 +1421,7 @@ unset_proxy)
sed -i '/ALL_PROXY/'d $profile
;;
-t)
$2
$2 $3 $4 $5 $6
;;
esac