v1.9.1beta1

~移除了所有不支持vless及hy的在线sub服务器并将重试次数降低到3次
~singbox内核不再默认启用ntp服务
~自动任务中重启命令优化
~修复providers中指定单独提供商生成配置失败的bug
~优化iptables/ip6tables检测机制,修复报错,修复旧设备ipv6运行出错导致的各种问题
~优化cn绕过检测机制,修复报错
~优化保持面板节点功能,增加了空文件校验,修复部分用户还原失败的bug
This commit is contained in:
juewuy 2024-03-19 13:58:02 +08:00
parent 78d834bc7f
commit fd1b592a7e
9 changed files with 46 additions and 50 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -4,5 +4,5 @@ clash_v=v1.7.1
meta_v=v1.18.1
singboxp_v=1.9.0-beta.16-3140e7ac
singbox_v=1.8.8
versionsh=1.9.1alpha9
versionsh=1.9.1beta1
GeoIP_v=20240316

View File

@ -8,12 +8,8 @@
201 wwng2333自建CN源(请勿滥用!) https://mirrors.csgo.ovh/ShellClash 公测版
202 http私人内测源(危险!非必要请勿使用) http://t.jwsc.eu.org 开发版
301 墙洞提供,不支持vless|hy https://api.dler.io
302 SUB作者提供,不支持vless|hy https://sub.xeton.dev
303 品云提供,不支持vless|hy https://sub.id9.cc
401 肥羊提供(有广告),支持vless|hy2 https://sub.d1.mk
402 作者提供,支持vless|hy2 https://sub.jwsc.eu.org
401 作者提供,支持vless|hy2 https://sub.jwsc.eu.org
402 肥羊提供(有广告),支持vless|hy2 https://sub.d1.mk
403 肥羊提供(有广告),支持vless|hy2 https://api.v1.mk
497 作者提供,未加密仅备用 http://sub2.jwsc.eu.org

View File

@ -13,6 +13,6 @@
113#$CRASHDIR/task/task.sh update_mmdb#自动更新数据库文件
121#$CRASHDIR/task/task.sh reset_firewall#重设透明路由防火墙
122#reboot#重启路由设备(慎用)
122#sleep 70 && touch /etc/banner && reboot#重启路由设备(慎用)

View File

@ -1,7 +1,7 @@
#!/bin/sh
# Copyright (C) Juewuy
version=1.9.1alpha9
version=1.9.1beta1
setdir(){
dir_avail(){

View File

@ -275,10 +275,10 @@ check_singbox_config(){ #检查singbox配置文件
}
get_core_config(){ #下载内核配置文件
[ -z "$rule_link" ] && rule_link=1
[ -z "$server_link" ] && server_link=1
[ -z "$server_link" ] || [ $server_link -gt $(grep -aE '^4' ${CRASHDIR}/configs/servers.list | wc -l) ] && server_link=1
Server=$(grep -aE '^3|^4' ${CRASHDIR}/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}')
[ -n "$(echo $Url | grep -oE 'vless:|hysteria:')" ] && Server=$(grep -aE '^4' ${CRASHDIR}/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}')
[ "$retry" = 4 ] && Server=$(grep -aE '^497' ${CRASHDIR}/configs/servers.list | awk '{print $3}')
[ "$retry" = 3 ] && Server=$(grep -aE '^497' ${CRASHDIR}/configs/servers.list | awk '{print $3}')
Config=$(grep -aE '^5' ${CRASHDIR}/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}')
#如果传来的是Url链接则合成Https链接否则直接使用Https链接
if [ -z "$Https" ];then
@ -304,11 +304,11 @@ get_core_config(){ #下载内核配置文件
echo -----------------------------------------------
exit 1
else
if [ "$retry" = 4 ];then
if [ "$retry" = 3 ];then
logger "无法获取配置文件,请检查链接格式以及网络连接状态!" 31
echo -e "\033[32m也可用浏览器下载以上链接后使用WinSCP手动上传到/tmp目录后执行crash命令本地导入\033[0m"
exit 1
elif [ "$retry" = 3 ];then
elif [ "$retry" = 2 ];then
retry=4
logger "配置文件获取失败将尝试使用http协议备用服务器获取" 31
echo -e "\033[32m如担心数据安全请在3s内使用【Ctrl+c】退出\033[0m"
@ -319,8 +319,8 @@ get_core_config(){ #下载内核配置文件
retry=$((retry+1))
logger "配置文件获取失败!" 31
echo -e "\033[32m尝试使用其他服务器获取配置\033[0m"
logger "正在重试第$retry次/共4次!" 33
if [ "$server_link" -ge 5 ]; then
logger "正在重试第$retry次/共3次!" 33
if [ "$server_link" -ge 4 ]; then
server_link=0
fi
server_link=$((server_link+1))
@ -677,17 +677,17 @@ EOF
}
EOF
#生成ntp.json
cat > ${TMPDIR}/jsons/ntp.json <<EOF
{
"ntp": {
"enabled": true,
"server": "203.107.6.88",
"server_port": 123,
"interval": "30m0s",
"detour": "DIRECT"
}
}
EOF
# cat > ${TMPDIR}/jsons/ntp.json <<EOF
# {
# "ntp": {
# "enabled": true,
# "server": "203.107.6.88",
# "server_port": 123,
# "interval": "30m0s",
# "detour": "DIRECT"
# }
# }
# EOF
#生成inbounds.json
[ -n "$authentication" ] && {
username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码
@ -994,10 +994,10 @@ start_iptables(){ #iptables配置总入口
[ "$dns_no" != "已禁用" -a "$dns_redir" != "已开启" -a "$firewall_area" -le 3 ] && {
[ "$lan_proxy" = true ] && {
start_ipt_dns iptables PREROUTING shellcrash_dns #ipv4-局域网dns转发
if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports';then
start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
else
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT 2>/dev/null
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT
fi
}
[ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发
@ -1008,7 +1008,7 @@ start_iptables(){ #iptables配置总入口
[ "$lan_proxy" = true ] && {
start_ipt_route iptables nat PREROUTING shellcrash tcp #ipv4-局域网tcp转发
[ "$ipv6_redir" = "已开启" ] && {
if [ -n "$(grep -E '^REDIRECT$' /proc/net/ip6_tables_targets)" ];then
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports';then
start_ipt_route ip6tables nat PREROUTING shellcrashv6 tcp #ipv6-局域网tcp转发
else
logger "当前设备内核缺少ip6tables_REDIRECT模块支持已放弃启动相关规则" 31
@ -1019,7 +1019,7 @@ start_iptables(){ #iptables配置总入口
}
[ "$redir_mod" = "Tproxy模式" ] && {
JUMP="TPROXY --on-port $tproxy_port --tproxy-mark $fwmark" #跳转劫持的具体命令
if [ -n "$(grep -E '^TPROXY$' /proc/net/ip_tables_targets)" ];then
if iptables -j TPROXY -h 2>/dev/null | grep -q '\--on-port';then
[ "$lan_proxy" = true ] && start_ipt_route iptables mangle PREROUTING shellcrash_mark all
[ "$local_proxy" = true ] && {
if [ -n "$(grep -E '^MARK$' /proc/net/ip_tables_targets)" ];then
@ -1035,7 +1035,7 @@ start_iptables(){ #iptables配置总入口
logger "当前设备内核可能缺少kmod_ipt_tproxy模块支持已放弃启动相关规则" 31
fi
[ "$ipv6_redir" = "已开启" ] && [ "$lan_proxy" = true ] && {
if [ -n "$(grep -E '^TPROXY$' /proc/net/ip6_tables_targets)" ];then
if ip6tables -j TPROXY -h 2>/dev/null | grep -q '\--on-port';then
JUMP="TPROXY --on-port $tproxy_port --tproxy-mark $fwmark" #跳转劫持的具体命令
start_ipt_route ip6tables mangle PREROUTING shellcrashv6_mark all
else
@ -1048,12 +1048,9 @@ start_iptables(){ #iptables配置总入口
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "T&U旁路转发" ] && protocol=all
[ "$redir_mod" = "混合模式" ] && protocol=udp
[ "$redir_mod" = "TCP旁路转发" ] && protocol=tcp
if [ -n "$(grep -E '^MARK$' /proc/net/ip_tables_targets)" ];then
if iptables -j MARK -h 2>/dev/null | grep -q '\--set-mark';then
[ "$lan_proxy" = true ] && {
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && {
iptables -I FORWARD -o utun -j ACCEPT
#ip route show | grep "dev utun proto kernel scope link src" | while read route; do ip route del $route; done #移除内核生成的tun路由
}
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && iptables -I FORWARD -o utun -j ACCEPT
start_ipt_route iptables mangle PREROUTING shellcrash_mark $protocol
}
[ "$local_proxy" = true ] && start_ipt_route iptables mangle OUTPUT shellcrash_mark_out $protocol
@ -1061,7 +1058,7 @@ start_iptables(){ #iptables配置总入口
logger "当前设备内核可能缺少x_mark模块支持已放弃启动相关规则" 31
fi
[ "$ipv6_redir" = "已开启" ] && [ "$lan_proxy" = true ] && [ "$crashcore" != clashpre ] && {
if [ -n "$(grep -E '^MARK$' /proc/net/ip6_tables_targets)" ];then
if ip6tables -j MARK -h 2>/dev/null | grep -q '\--set-mark';then
[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && ip6tables -I FORWARD -o utun -j ACCEPT
start_ipt_route ip6tables mangle PREROUTING shellcrashv6_mark $protocol
else
@ -1406,8 +1403,6 @@ web_save(){ #最小化保存面板节点选择
if [ -s ${TMPDIR}/${file} ];then
compare ${TMPDIR}/${file} ${CRASHDIR}/configs/${file}
[ "$?" = 0 ] && rm -rf ${TMPDIR}/${file} || mv -f ${TMPDIR}/${file} ${CRASHDIR}/configs/${file}
else
echo > ${CRASHDIR}/configs/${file}
fi
done
}
@ -1610,8 +1605,10 @@ bfstart(){ #启动前
[ "$disoverride" != "1" ] && modify_yaml || ln -sf $core_config ${TMPDIR}/config.yaml
fi
#检查下载cnip绕过相关文件
[ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
[ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" != "fake-ip" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
[ "$firewall_mod" = nftables ] || ckcmd ipset && [ "$dns_mod" != "fake-ip" ] && {
[ "$cn_ip_route" = "已开启" ] && cn_ip_route
[ "$ipv6_redir" = "已开启" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
}
#添加shellcrash用户
[ "$firewall_area" = 2 ] || [ "$firewall_area" = 3 ] || [ "$(cat /proc/1/comm)" = "systemd" ] && \
[ -z "$(id shellcrash 2>/dev/null | grep 'root')" ] && {
@ -1652,7 +1649,7 @@ afstart(){ #启动后
rm -rf ${TMPDIR}/CrashCore #删除缓存目录内核文件
start_firewall #配置防火墙流量劫持
mark_time #标记启动时间
[ -s ${CRASHDIR}/configs/web_save -o -s ${CRASHDIR}/configs/web_configs ] && web_restore >/dev/null 2>&1 & #后台还原面板配置
[ -s ${CRASHDIR}/configs/web_save ] && web_restore >/dev/null 2>&1 & #后台还原面板配置
{ sleep 5;logger ShellCrash服务已启动;} & #推送日志
ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 & #Padavan保存/etc/storage
#加载定时任务

View File

@ -395,7 +395,7 @@ EOF
if [ -n "$2" ];then
gen_clash_providers_txt $1 $2
providers_tags=$1
sed -i 's/, {providers_tags}//g' ${TMPDIR}/providers/proxy-groups.yaml
echo ' - {name: '${1}', type: url-test, tolerance: 100, lazy: true, use: ['${1}']}' >> ${TMPDIR}/providers/proxy-groups.yaml
else
providers_tags=''
while read line;do
@ -479,14 +479,16 @@ EOF
{
"outbound_providers": [
EOF
if [ -n "$2" ];then
gen_singbox_providers_txt $1 $2
providers_tags=\"$1\"
else
cat > ${TMPDIR}/providers/outbounds_add.json <<EOF
{
"outbounds": [
EOF
#单独指定节点时使用特殊方式
if [ -n "$2" ];then
gen_singbox_providers_txt $1 $2
providers_tags=\"$1\"
echo '{ "tag": "'${1}'", "type": "urltest", "tolerance": 100, "providers": "'${1}'", "includes": ".*" },' >> ${TMPDIR}/providers/outbounds_add.json
else
providers_tags=''
while read line;do
tag=$(echo $line | awk '{print $1}')
@ -495,9 +497,10 @@ EOF
gen_singbox_providers_txt $tag $url
echo '{ "tag": "'${tag}'", "type": "urltest", "tolerance": 100, "providers": "'${tag}'", "includes": ".*" },' >> ${TMPDIR}/providers/outbounds_add.json
done < ${CRASHDIR}/configs/providers.cfg
sed -i '$s/},/}]}/' ${TMPDIR}/providers/outbounds_add.json #修复文件格式
fi
sed -i '$s/},/}]}/' ${TMPDIR}/providers/providers.json #修复文件格式
#修复文件格式
sed -i '$s/},/}]}/' ${TMPDIR}/providers/outbounds_add.json
sed -i '$s/},/}]}/' ${TMPDIR}/providers/providers.json
#使用模版生成outbounds和rules模块
cat ${TMPDIR}/provider_temp_file | sed "s/{providers_tags}/$providers_tags/g" >> ${TMPDIR}/providers/outbounds.json
rm -rf ${TMPDIR}/provider_temp_file