mirror of
https://github.com/juewuy/ShellCrash.git
synced 2024-11-16 03:32:34 +08:00
v1.9.1beta1
~移除了所有不支持vless及hy的在线sub服务器并将重试次数降低到3次 ~singbox内核不再默认启用ntp服务 ~自动任务中重启命令优化 ~修复providers中指定单独提供商生成配置失败的bug ~优化iptables/ip6tables检测机制,修复报错,修复旧设备ipv6运行出错导致的各种问题 ~优化cn绕过检测机制,修复报错 ~优化保持面板节点功能,增加了空文件校验,修复部分用户还原失败的bug
This commit is contained in:
parent
78d834bc7f
commit
fd1b592a7e
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -4,5 +4,5 @@ clash_v=v1.7.1
|
|||
meta_v=v1.18.1
|
||||
singboxp_v=1.9.0-beta.16-3140e7ac
|
||||
singbox_v=1.8.8
|
||||
versionsh=1.9.1alpha9
|
||||
versionsh=1.9.1beta1
|
||||
GeoIP_v=20240316
|
||||
|
|
|
@ -7,13 +7,9 @@
|
|||
|
||||
201 wwng2333自建CN源(请勿滥用!) https://mirrors.csgo.ovh/ShellClash 公测版
|
||||
202 http私人内测源(危险!非必要请勿使用) http://t.jwsc.eu.org 开发版
|
||||
|
||||
301 墙洞提供,不支持vless|hy https://api.dler.io
|
||||
302 SUB作者提供,不支持vless|hy https://sub.xeton.dev
|
||||
303 品云提供,不支持vless|hy https://sub.id9.cc
|
||||
|
||||
401 肥羊提供(有广告),支持vless|hy2 https://sub.d1.mk
|
||||
402 作者提供,支持vless|hy2 https://sub.jwsc.eu.org
|
||||
401 作者提供,支持vless|hy2 https://sub.jwsc.eu.org
|
||||
402 肥羊提供(有广告),支持vless|hy2 https://sub.d1.mk
|
||||
403 肥羊提供(有广告),支持vless|hy2 https://api.v1.mk
|
||||
|
||||
497 作者提供,未加密仅备用 http://sub2.jwsc.eu.org
|
||||
|
|
|
@ -13,6 +13,6 @@
|
|||
113#$CRASHDIR/task/task.sh update_mmdb#自动更新数据库文件
|
||||
|
||||
121#$CRASHDIR/task/task.sh reset_firewall#重设透明路由防火墙
|
||||
122#reboot#重启路由设备(慎用)
|
||||
122#sleep 70 && touch /etc/banner && reboot#重启路由设备(慎用)
|
||||
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) Juewuy
|
||||
|
||||
version=1.9.1alpha9
|
||||
version=1.9.1beta1
|
||||
|
||||
setdir(){
|
||||
dir_avail(){
|
||||
|
|
|
@ -275,10 +275,10 @@ check_singbox_config(){ #检查singbox配置文件
|
|||
}
|
||||
get_core_config(){ #下载内核配置文件
|
||||
[ -z "$rule_link" ] && rule_link=1
|
||||
[ -z "$server_link" ] && server_link=1
|
||||
[ -z "$server_link" ] || [ $server_link -gt $(grep -aE '^4' ${CRASHDIR}/configs/servers.list | wc -l) ] && server_link=1
|
||||
Server=$(grep -aE '^3|^4' ${CRASHDIR}/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}')
|
||||
[ -n "$(echo $Url | grep -oE 'vless:|hysteria:')" ] && Server=$(grep -aE '^4' ${CRASHDIR}/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}')
|
||||
[ "$retry" = 4 ] && Server=$(grep -aE '^497' ${CRASHDIR}/configs/servers.list | awk '{print $3}')
|
||||
[ "$retry" = 3 ] && Server=$(grep -aE '^497' ${CRASHDIR}/configs/servers.list | awk '{print $3}')
|
||||
Config=$(grep -aE '^5' ${CRASHDIR}/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}')
|
||||
#如果传来的是Url链接则合成Https链接,否则直接使用Https链接
|
||||
if [ -z "$Https" ];then
|
||||
|
@ -304,11 +304,11 @@ get_core_config(){ #下载内核配置文件
|
|||
echo -----------------------------------------------
|
||||
exit 1
|
||||
else
|
||||
if [ "$retry" = 4 ];then
|
||||
if [ "$retry" = 3 ];then
|
||||
logger "无法获取配置文件,请检查链接格式以及网络连接状态!" 31
|
||||
echo -e "\033[32m也可用浏览器下载以上链接后,使用WinSCP手动上传到/tmp目录后执行crash命令本地导入!\033[0m"
|
||||
exit 1
|
||||
elif [ "$retry" = 3 ];then
|
||||
elif [ "$retry" = 2 ];then
|
||||
retry=4
|
||||
logger "配置文件获取失败!将尝试使用http协议备用服务器获取!" 31
|
||||
echo -e "\033[32m如担心数据安全,请在3s内使用【Ctrl+c】退出!\033[0m"
|
||||
|
@ -319,8 +319,8 @@ get_core_config(){ #下载内核配置文件
|
|||
retry=$((retry+1))
|
||||
logger "配置文件获取失败!" 31
|
||||
echo -e "\033[32m尝试使用其他服务器获取配置!\033[0m"
|
||||
logger "正在重试第$retry次/共4次!" 33
|
||||
if [ "$server_link" -ge 5 ]; then
|
||||
logger "正在重试第$retry次/共3次!" 33
|
||||
if [ "$server_link" -ge 4 ]; then
|
||||
server_link=0
|
||||
fi
|
||||
server_link=$((server_link+1))
|
||||
|
@ -677,17 +677,17 @@ EOF
|
|||
}
|
||||
EOF
|
||||
#生成ntp.json
|
||||
cat > ${TMPDIR}/jsons/ntp.json <<EOF
|
||||
{
|
||||
"ntp": {
|
||||
"enabled": true,
|
||||
"server": "203.107.6.88",
|
||||
"server_port": 123,
|
||||
"interval": "30m0s",
|
||||
"detour": "DIRECT"
|
||||
}
|
||||
}
|
||||
EOF
|
||||
# cat > ${TMPDIR}/jsons/ntp.json <<EOF
|
||||
# {
|
||||
# "ntp": {
|
||||
# "enabled": true,
|
||||
# "server": "203.107.6.88",
|
||||
# "server_port": 123,
|
||||
# "interval": "30m0s",
|
||||
# "detour": "DIRECT"
|
||||
# }
|
||||
# }
|
||||
# EOF
|
||||
#生成inbounds.json
|
||||
[ -n "$authentication" ] && {
|
||||
username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码
|
||||
|
@ -994,10 +994,10 @@ start_iptables(){ #iptables配置总入口
|
|||
[ "$dns_no" != "已禁用" -a "$dns_redir" != "已开启" -a "$firewall_area" -le 3 ] && {
|
||||
[ "$lan_proxy" = true ] && {
|
||||
start_ipt_dns iptables PREROUTING shellcrash_dns #ipv4-局域网dns转发
|
||||
if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
|
||||
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports';then
|
||||
start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
|
||||
else
|
||||
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT 2>/dev/null
|
||||
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT
|
||||
fi
|
||||
}
|
||||
[ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发
|
||||
|
@ -1008,7 +1008,7 @@ start_iptables(){ #iptables配置总入口
|
|||
[ "$lan_proxy" = true ] && {
|
||||
start_ipt_route iptables nat PREROUTING shellcrash tcp #ipv4-局域网tcp转发
|
||||
[ "$ipv6_redir" = "已开启" ] && {
|
||||
if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
|
||||
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports';then
|
||||
start_ipt_route ip6tables nat PREROUTING shellcrashv6 tcp #ipv6-局域网tcp转发
|
||||
else
|
||||
logger "当前设备内核缺少ip6tables_REDIRECT模块支持,已放弃启动相关规则!" 31
|
||||
|
@ -1019,7 +1019,7 @@ start_iptables(){ #iptables配置总入口
|
|||
}
|
||||
[ "$redir_mod" = "Tproxy模式" ] && {
|
||||
JUMP="TPROXY --on-port $tproxy_port --tproxy-mark $fwmark" #跳转劫持的具体命令
|
||||
if [ -n "$(grep -E '^TPROXY$' /proc/net/ip_tables_targets)" ];then
|
||||
if iptables -j TPROXY -h 2>/dev/null | grep -q '\--on-port';then
|
||||
[ "$lan_proxy" = true ] && start_ipt_route iptables mangle PREROUTING shellcrash_mark all
|
||||
[ "$local_proxy" = true ] && {
|
||||
if [ -n "$(grep -E '^MARK$' /proc/net/ip_tables_targets)" ];then
|
||||
|
@ -1035,7 +1035,7 @@ start_iptables(){ #iptables配置总入口
|
|||
logger "当前设备内核可能缺少kmod_ipt_tproxy模块支持,已放弃启动相关规则!" 31
|
||||
fi
|
||||
[ "$ipv6_redir" = "已开启" ] && [ "$lan_proxy" = true ] && {
|
||||
if [ -n "$(grep -E '^TPROXY$' /proc/net/ip6_tables_targets)" ];then
|
||||
if ip6tables -j TPROXY -h 2>/dev/null | grep -q '\--on-port';then
|
||||
JUMP="TPROXY --on-port $tproxy_port --tproxy-mark $fwmark" #跳转劫持的具体命令
|
||||
start_ipt_route ip6tables mangle PREROUTING shellcrashv6_mark all
|
||||
else
|
||||
|
@ -1048,12 +1048,9 @@ start_iptables(){ #iptables配置总入口
|
|||
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "T&U旁路转发" ] && protocol=all
|
||||
[ "$redir_mod" = "混合模式" ] && protocol=udp
|
||||
[ "$redir_mod" = "TCP旁路转发" ] && protocol=tcp
|
||||
if [ -n "$(grep -E '^MARK$' /proc/net/ip_tables_targets)" ];then
|
||||
if iptables -j MARK -h 2>/dev/null | grep -q '\--set-mark';then
|
||||
[ "$lan_proxy" = true ] && {
|
||||
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && {
|
||||
iptables -I FORWARD -o utun -j ACCEPT
|
||||
#ip route show | grep "dev utun proto kernel scope link src" | while read route; do ip route del $route; done #移除内核生成的tun路由
|
||||
}
|
||||
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && iptables -I FORWARD -o utun -j ACCEPT
|
||||
start_ipt_route iptables mangle PREROUTING shellcrash_mark $protocol
|
||||
}
|
||||
[ "$local_proxy" = true ] && start_ipt_route iptables mangle OUTPUT shellcrash_mark_out $protocol
|
||||
|
@ -1061,7 +1058,7 @@ start_iptables(){ #iptables配置总入口
|
|||
logger "当前设备内核可能缺少x_mark模块支持,已放弃启动相关规则!" 31
|
||||
fi
|
||||
[ "$ipv6_redir" = "已开启" ] && [ "$lan_proxy" = true ] && [ "$crashcore" != clashpre ] && {
|
||||
if [ -n "$(grep -E '^MARK$' /proc/net/ip6_tables_targets)" ];then
|
||||
if ip6tables -j MARK -h 2>/dev/null | grep -q '\--set-mark';then
|
||||
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && ip6tables -I FORWARD -o utun -j ACCEPT
|
||||
start_ipt_route ip6tables mangle PREROUTING shellcrashv6_mark $protocol
|
||||
else
|
||||
|
@ -1406,8 +1403,6 @@ web_save(){ #最小化保存面板节点选择
|
|||
if [ -s ${TMPDIR}/${file} ];then
|
||||
compare ${TMPDIR}/${file} ${CRASHDIR}/configs/${file}
|
||||
[ "$?" = 0 ] && rm -rf ${TMPDIR}/${file} || mv -f ${TMPDIR}/${file} ${CRASHDIR}/configs/${file}
|
||||
else
|
||||
echo > ${CRASHDIR}/configs/${file}
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
@ -1610,8 +1605,10 @@ bfstart(){ #启动前
|
|||
[ "$disoverride" != "1" ] && modify_yaml || ln -sf $core_config ${TMPDIR}/config.yaml
|
||||
fi
|
||||
#检查下载cnip绕过相关文件
|
||||
[ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
|
||||
[ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" != "fake-ip" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
|
||||
[ "$firewall_mod" = nftables ] || ckcmd ipset && [ "$dns_mod" != "fake-ip" ] && {
|
||||
[ "$cn_ip_route" = "已开启" ] && cn_ip_route
|
||||
[ "$ipv6_redir" = "已开启" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
|
||||
}
|
||||
#添加shellcrash用户
|
||||
[ "$firewall_area" = 2 ] || [ "$firewall_area" = 3 ] || [ "$(cat /proc/1/comm)" = "systemd" ] && \
|
||||
[ -z "$(id shellcrash 2>/dev/null | grep 'root')" ] && {
|
||||
|
@ -1652,7 +1649,7 @@ afstart(){ #启动后
|
|||
rm -rf ${TMPDIR}/CrashCore #删除缓存目录内核文件
|
||||
start_firewall #配置防火墙流量劫持
|
||||
mark_time #标记启动时间
|
||||
[ -s ${CRASHDIR}/configs/web_save -o -s ${CRASHDIR}/configs/web_configs ] && web_restore >/dev/null 2>&1 & #后台还原面板配置
|
||||
[ -s ${CRASHDIR}/configs/web_save ] && web_restore >/dev/null 2>&1 & #后台还原面板配置
|
||||
{ sleep 5;logger ShellCrash服务已启动!;} & #推送日志
|
||||
ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 & #Padavan保存/etc/storage
|
||||
#加载定时任务
|
||||
|
|
|
@ -395,7 +395,7 @@ EOF
|
|||
if [ -n "$2" ];then
|
||||
gen_clash_providers_txt $1 $2
|
||||
providers_tags=$1
|
||||
sed -i 's/, {providers_tags}//g' ${TMPDIR}/providers/proxy-groups.yaml
|
||||
echo ' - {name: '${1}', type: url-test, tolerance: 100, lazy: true, use: ['${1}']}' >> ${TMPDIR}/providers/proxy-groups.yaml
|
||||
else
|
||||
providers_tags=''
|
||||
while read line;do
|
||||
|
@ -479,14 +479,16 @@ EOF
|
|||
{
|
||||
"outbound_providers": [
|
||||
EOF
|
||||
if [ -n "$2" ];then
|
||||
gen_singbox_providers_txt $1 $2
|
||||
providers_tags=\"$1\"
|
||||
else
|
||||
cat > ${TMPDIR}/providers/outbounds_add.json <<EOF
|
||||
cat > ${TMPDIR}/providers/outbounds_add.json <<EOF
|
||||
{
|
||||
"outbounds": [
|
||||
EOF
|
||||
#单独指定节点时使用特殊方式
|
||||
if [ -n "$2" ];then
|
||||
gen_singbox_providers_txt $1 $2
|
||||
providers_tags=\"$1\"
|
||||
echo '{ "tag": "'${1}'", "type": "urltest", "tolerance": 100, "providers": "'${1}'", "includes": ".*" },' >> ${TMPDIR}/providers/outbounds_add.json
|
||||
else
|
||||
providers_tags=''
|
||||
while read line;do
|
||||
tag=$(echo $line | awk '{print $1}')
|
||||
|
@ -495,9 +497,10 @@ EOF
|
|||
gen_singbox_providers_txt $tag $url
|
||||
echo '{ "tag": "'${tag}'", "type": "urltest", "tolerance": 100, "providers": "'${tag}'", "includes": ".*" },' >> ${TMPDIR}/providers/outbounds_add.json
|
||||
done < ${CRASHDIR}/configs/providers.cfg
|
||||
sed -i '$s/},/}]}/' ${TMPDIR}/providers/outbounds_add.json #修复文件格式
|
||||
fi
|
||||
sed -i '$s/},/}]}/' ${TMPDIR}/providers/providers.json #修复文件格式
|
||||
#修复文件格式
|
||||
sed -i '$s/},/}]}/' ${TMPDIR}/providers/outbounds_add.json
|
||||
sed -i '$s/},/}]}/' ${TMPDIR}/providers/providers.json
|
||||
#使用模版生成outbounds和rules模块
|
||||
cat ${TMPDIR}/provider_temp_file | sed "s/{providers_tags}/$providers_tags/g" >> ${TMPDIR}/providers/outbounds.json
|
||||
rm -rf ${TMPDIR}/provider_temp_file
|
||||
|
|
Loading…
Reference in New Issue
Block a user