diff --git a/scripts/init.sh b/scripts/init.sh index 1215b1c4..3b76777f 100644 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -56,7 +56,7 @@ elif [ -n "$sysdir" -a "$USER" = "root" -a "$(cat /proc/1/comm 2>/dev/null)" = " mv -f "$CRASHDIR"/starts/shellcrash.service "$sysdir"/shellcrash.service 2>/dev/null sed -i "s%/etc/ShellCrash%$CRASHDIR%g" "$sysdir"/shellcrash.service systemctl daemon-reload - rm -rf "$CRASHDIR"/starts/shellcrash.procd + rm -rf "$CRASHDIR"/starts/shellcrash.procd elif rc-status -r >/dev/null 2>&1; then #设为openrc方式启动 mv -f "$CRASHDIR"/starts/shellcrash.openrc /etc/init.d/shellcrash @@ -65,7 +65,7 @@ elif rc-status -r >/dev/null 2>&1; then else #设为保守模式启动 setconfig start_old 已开启 - rm -rf "$CRASHDIR"/starts/shellcrash.procd + rm -rf "$CRASHDIR"/starts/shellcrash.procd fi rm -rf "$CRASHDIR"/starts/shellcrash.service rm -rf "$CRASHDIR"/starts/shellcrash.openrc @@ -116,10 +116,10 @@ else fi #梅林/Padavan额外设置 [ -n "$initdir" ] && { - touch "$initdir" + touch "$initdir" sed -i '/ShellCrash初始化/'d "$initdir" echo "$CRASHDIR/starts/general_init.sh & #ShellCrash初始化脚本" >>"$initdir" - chmod 755 "$CRASHDIR"/starts/general_init.sh + chmod 755 "$CRASHDIR"/starts/general_init.sh chmod a+rx "$initdir" 2>/dev/null setconfig initdir "$initdir" } @@ -128,14 +128,14 @@ fi #镜像化OpenWrt(snapshot)额外设置 if [ "$systype" = "mi_snapshot" -o "$systype" = "ng_snapshot" ]; then chmod 755 "$CRASHDIR"/starts/snapshot_init.sh - if [ "$systype" = "mi_snapshot" ];then - path="/data/shellcrash_init.sh" - sed -i "s#^CRASHDIR=.*#CRASHDIR=$CRASHDIR#" "$CRASHDIR"/starts/snapshot_init.sh - mv -f "$CRASHDIR"/starts/snapshot_init.sh "$path" - [ ! -f /data/auto_start.sh ] && echo '#用于自定义需要开机启动的功能或者命令,会在开机后自动运行' > /data/auto_start.sh - else - path="$CRASHDIR"/starts/snapshot_init.sh - fi + if [ "$systype" = "mi_snapshot" ];then + path="/data/shellcrash_init.sh" + sed -i "s#^CRASHDIR=.*#CRASHDIR=$CRASHDIR#" "$CRASHDIR"/starts/snapshot_init.sh + mv -f "$CRASHDIR"/starts/snapshot_init.sh "$path" + [ ! -f /data/auto_start.sh ] && echo '#用于自定义需要开机启动的功能或者命令,会在开机后自动运行' > /data/auto_start.sh + else + path="$CRASHDIR"/starts/snapshot_init.sh + fi uci delete firewall.auto_ssh 2>/dev/null uci delete firewall.ShellCrash 2>/dev/null uci set firewall.ShellCrash=include @@ -157,15 +157,15 @@ fi sed -i "/^PATH=/a\\$CRASHDIR/start.sh init & #ShellCrash初始化脚本" "$dir/asusware.arm/etc/init.d/S50downloadmaster" #容器环境额外设置 [ "$systype" = 'container' ] && { - setconfig userguide '1' - setconfig crashcore 'meta' - setconfig dns_mod 'mix' - setconfig firewall_area '1' - setconfig firewall_mod 'nftables' - setconfig release_type 'master' - setconfig start_old 'OFF' - echo "$CRASHDIR/menu.sh" >> /etc/profile - cat > /usr/bin/crash <<'EOF' + setconfig userguide '1' + setconfig crashcore 'meta' + setconfig dns_mod 'mix' + setconfig firewall_area '1' + setconfig firewall_mod 'nftables' + setconfig release_type 'master' + setconfig start_old 'OFF' + echo "$CRASHDIR/menu.sh" >> /etc/profile + cat > /usr/bin/crash <<'EOF' #!/bin/sh CRASHDIR=${CRASHDIR:-/etc/ShellCrash} export CRASHDIR diff --git a/scripts/libs/check_autostart.sh b/scripts/libs/check_autostart.sh index c9b8bff2..f07c80ca 100644 --- a/scripts/libs/check_autostart.sh +++ b/scripts/libs/check_autostart.sh @@ -1,17 +1,17 @@ check_autostart(){ - if [ "$start_old" = ON ];then - [ ! -f "$CRASHDIR"/.dis_startup ] && return 0 - elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then - [ -n "$(find /etc/rc.d -name '*shellcrash')" ] && return 0 - [ ! -f "$CRASHDIR"/.dis_startup ] && return 0 - elif ckcmd systemctl; then - [ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && return 0 - elif grep -q 's6' /proc/1/comm; then - [ -f /etc/s6-overlay/s6-rc.d/user/contents.d/afstart ] && return 0 - elif rc-status -r >/dev/null 2>&1; then - rc-update show default | grep -q "shellcrash" && return 0 - else - return 1 - fi - return 1 + if [ "$start_old" = ON ];then + [ ! -f "$CRASHDIR"/.dis_startup ] && return 0 + elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then + [ -n "$(find /etc/rc.d -name '*shellcrash')" ] && return 0 + [ ! -f "$CRASHDIR"/.dis_startup ] && return 0 + elif ckcmd systemctl; then + [ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && return 0 + elif grep -q 's6' /proc/1/comm; then + [ -f /etc/s6-overlay/s6-rc.d/user/contents.d/afstart ] && return 0 + elif rc-status -r >/dev/null 2>&1; then + rc-update show default | grep -q "shellcrash" && return 0 + else + return 1 + fi + return 1 } diff --git a/scripts/libs/check_cpucore.sh b/scripts/libs/check_cpucore.sh index cae95fee..2dd40cb0 100644 --- a/scripts/libs/check_cpucore.sh +++ b/scripts/libs/check_cpucore.sh @@ -1,14 +1,14 @@ check_cpucore(){ #自动获取内核架构 - cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]') - [ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5" - [ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && [ ! -d /jffs ] && cpucore="armv7" - [ -n "$(echo $cputype | grep -E "linux.*aarch64.*|linux.*armv8.*")" ] && cpucore="arm64" - [ -n "$(echo $cputype | grep -E "linux.*86.*")" ] && cpucore="386" - [ -n "$(echo $cputype | grep -E "linux.*86_64.*")" ] && cpucore="amd64" - if [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ];then - mipstype=$(echo -n I | hexdump -o 2>/dev/null | awk '{ print substr($2,6,1); exit}') #通过判断大小端判断mips或mipsle - [ "$mipstype" = "0" ] && cpucore="mips-softfloat" || cpucore="mipsle-softfloat" - fi - [ -n "$cpucore" ] && setconfig cpucore $cpucore + cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]') + [ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5" + [ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && [ ! -d /jffs ] && cpucore="armv7" + [ -n "$(echo $cputype | grep -E "linux.*aarch64.*|linux.*armv8.*")" ] && cpucore="arm64" + [ -n "$(echo $cputype | grep -E "linux.*86.*")" ] && cpucore="386" + [ -n "$(echo $cputype | grep -E "linux.*86_64.*")" ] && cpucore="amd64" + if [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ];then + mipstype=$(echo -n I | hexdump -o 2>/dev/null | awk '{ print substr($2,6,1); exit}') #通过判断大小端判断mips或mipsle + [ "$mipstype" = "0" ] && cpucore="mips-softfloat" || cpucore="mipsle-softfloat" + fi + [ -n "$cpucore" ] && setconfig cpucore $cpucore } diff --git a/scripts/libs/check_dir_avail.sh b/scripts/libs/check_dir_avail.sh index b2a68f7b..a08acac8 100644 --- a/scripts/libs/check_dir_avail.sh +++ b/scripts/libs/check_dir_avail.sh @@ -1,5 +1,5 @@ #检查目录剩余空间——$1:目标路径 $2:-h参数 dir_avail() { - df -h >/dev/null 2>&1 && h="$2" + df -h >/dev/null 2>&1 && h="$2" df -P $h "${1:-.}" 2>/dev/null | awk 'NR==2 {print $4}' } diff --git a/scripts/libs/check_target.sh b/scripts/libs/check_target.sh index b8efc811..81a45e8e 100644 --- a/scripts/libs/check_target.sh +++ b/scripts/libs/check_target.sh @@ -1,8 +1,8 @@ if echo "$crashcore" | grep -q 'singbox'; then - target=singbox - format=json + target=singbox + format=json else - target=clash - format=yaml + target=clash + format=yaml fi core_config="$CRASHDIR/${format}s/config.$format" diff --git a/scripts/libs/compare.sh b/scripts/libs/compare.sh index c0f3a684..913781b6 100644 --- a/scripts/libs/compare.sh +++ b/scripts/libs/compare.sh @@ -3,7 +3,7 @@ compare() { #对比文件 return 1 elif ckcmd cmp; then cmp -s "$1" "$2" - return $? + return $? else [ "$(cat "$1")" = "$(cat "$2")" ] && return 0 || return 1 fi diff --git a/scripts/libs/core_tools.sh b/scripts/libs/core_tools.sh index 4bd1decb..e2ed523b 100644 --- a/scripts/libs/core_tools.sh +++ b/scripts/libs/core_tools.sh @@ -3,87 +3,87 @@ [ -n "$(find --help 2>&1 | grep -o size)" ] && find_para=' -size +2000' #find命令兼容 core_unzip() { #$1:需要解压的文件 $2:目标文件名 - if echo "$1" |grep -q 'tar.gz$' ;then - [ "$BINDIR" = "$TMPDIR" ] && rm -rf "$TMPDIR"/CrashCore #小闪存模式防止空间不足 - [ -n "$(tar --help 2>&1 | grep -o 'no-same-owner')" ] && tar_para='--no-same-owner' #tar命令兼容 - mkdir -p "$TMPDIR"/core_tmp - tar -zxf "$1" ${tar_para} -C "$TMPDIR"/core_tmp/ - for file in $(find "$TMPDIR"/core_tmp $find_para 2>/dev/null); do - [ -f "$file" ] && [ -n "$(echo $file | sed 's#.*/##' | grep -iE '(CrashCore|sing|meta|mihomo|clash|pre)')" ] && mv -f "$file" "$TMPDIR"/"$2" - done - rm -rf "$TMPDIR"/core_tmp - elif echo "$1" |grep -q '.gz$' ;then - gunzip -c "$1" > "$TMPDIR"/"$2" - elif echo "$1" |grep -q '.upx$' ;then - ln -sf "$1" "$TMPDIR"/"$2" - else - mv -f "$1" "$TMPDIR"/"$2" - fi - chmod +x "$TMPDIR"/"$2" + if echo "$1" |grep -q 'tar.gz$' ;then + [ "$BINDIR" = "$TMPDIR" ] && rm -rf "$TMPDIR"/CrashCore #小闪存模式防止空间不足 + [ -n "$(tar --help 2>&1 | grep -o 'no-same-owner')" ] && tar_para='--no-same-owner' #tar命令兼容 + mkdir -p "$TMPDIR"/core_tmp + tar -zxf "$1" ${tar_para} -C "$TMPDIR"/core_tmp/ + for file in $(find "$TMPDIR"/core_tmp $find_para 2>/dev/null); do + [ -f "$file" ] && [ -n "$(echo $file | sed 's#.*/##' | grep -iE '(CrashCore|sing|meta|mihomo|clash|pre)')" ] && mv -f "$file" "$TMPDIR"/"$2" + done + rm -rf "$TMPDIR"/core_tmp + elif echo "$1" |grep -q '.gz$' ;then + gunzip -c "$1" > "$TMPDIR"/"$2" + elif echo "$1" |grep -q '.upx$' ;then + ln -sf "$1" "$TMPDIR"/"$2" + else + mv -f "$1" "$TMPDIR"/"$2" + fi + chmod +x "$TMPDIR"/"$2" } core_find(){ - if [ ! -f "$TMPDIR"/CrashCore ];then - [ -n "$(find "$CRASHDIR"/CrashCore.* $find_para 2>/dev/null)" ] && [ "$CRASHDIR" != "$BINDIR" ] && - mv -f "$CRASHDIR"/CrashCore.* "$BINDIR"/ - core_dir=$(find "$BINDIR"/CrashCore.* $find_para 2>/dev/null | head -n 1) - [ -n "$core_dir" ] && core_unzip "$core_dir" CrashCore - fi + if [ ! -f "$TMPDIR"/CrashCore ];then + [ -n "$(find "$CRASHDIR"/CrashCore.* $find_para 2>/dev/null)" ] && [ "$CRASHDIR" != "$BINDIR" ] && + mv -f "$CRASHDIR"/CrashCore.* "$BINDIR"/ + core_dir=$(find "$BINDIR"/CrashCore.* $find_para 2>/dev/null | head -n 1) + [ -n "$core_dir" ] && core_unzip "$core_dir" CrashCore + fi } core_check(){ - [ -n "$(pidof CrashCore)" ] && "$CRASHDIR"/start.sh stop #停止内核服务防止内存不足 - core_unzip "$1" core_new - sbcheck=$(echo "$crashcore" | grep 'singbox') - v='' - if [ -n "$sbcheck" ] && "$TMPDIR"/core_new -h 2>&1 | grep -q 'sing-box'; then - v=$("$TMPDIR"/core_new version 2>/dev/null | grep version | awk '{print $3}') - COMMAND='"$TMPDIR/CrashCore run -D $BINDIR -C $TMPDIR/jsons"' - elif [ -z "$sbcheck" ] && "$TMPDIR"/core_new -h 2>&1 | grep -q '\-t';then - v=$("$TMPDIR"/core_new -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //') - COMMAND='"$TMPDIR/CrashCore -d $BINDIR -f $TMPDIR/config.yaml"' - fi - if [ -z "$v" ]; then - rm -rf "$1" "$TMPDIR"/core_new - return 2 - else - rm -f "$BINDIR"/CrashCore.tar.gz "$BINDIR"/CrashCore.gz "$BINDIR"/CrashCore.upx - if [ -z "$zip_type" ];then - gzip -c "$TMPDIR/core_new" > "$BINDIR/CrashCore.gz" - else - mv -f "$1" "$BINDIR/CrashCore.$zip_type" - fi - if [ "$zip_type" = 'upx' ];then - rm -f "$1" "$TMPDIR"/core_new - ln -sf "$TMPDIR/CrashCore.upx" "$TMPDIR/CrashCore" - else - mv -f "$TMPDIR/core_new" "$TMPDIR/CrashCore" - fi - core_v="$v" - setconfig COMMAND "$COMMAND" "$CRASHDIR"/configs/command.env && . "$CRASHDIR"/configs/command.env - setconfig crashcore "$crashcore" - setconfig core_v "$core_v" - setconfig custcorelink "$custcorelink" - return 0 - fi + [ -n "$(pidof CrashCore)" ] && "$CRASHDIR"/start.sh stop #停止内核服务防止内存不足 + core_unzip "$1" core_new + sbcheck=$(echo "$crashcore" | grep 'singbox') + v='' + if [ -n "$sbcheck" ] && "$TMPDIR"/core_new -h 2>&1 | grep -q 'sing-box'; then + v=$("$TMPDIR"/core_new version 2>/dev/null | grep version | awk '{print $3}') + COMMAND='"$TMPDIR/CrashCore run -D $BINDIR -C $TMPDIR/jsons"' + elif [ -z "$sbcheck" ] && "$TMPDIR"/core_new -h 2>&1 | grep -q '\-t';then + v=$("$TMPDIR"/core_new -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //') + COMMAND='"$TMPDIR/CrashCore -d $BINDIR -f $TMPDIR/config.yaml"' + fi + if [ -z "$v" ]; then + rm -rf "$1" "$TMPDIR"/core_new + return 2 + else + rm -f "$BINDIR"/CrashCore.tar.gz "$BINDIR"/CrashCore.gz "$BINDIR"/CrashCore.upx + if [ -z "$zip_type" ];then + gzip -c "$TMPDIR/core_new" > "$BINDIR/CrashCore.gz" + else + mv -f "$1" "$BINDIR/CrashCore.$zip_type" + fi + if [ "$zip_type" = 'upx' ];then + rm -f "$1" "$TMPDIR"/core_new + ln -sf "$TMPDIR/CrashCore.upx" "$TMPDIR/CrashCore" + else + mv -f "$TMPDIR/core_new" "$TMPDIR/CrashCore" + fi + core_v="$v" + setconfig COMMAND "$COMMAND" "$CRASHDIR"/configs/command.env && . "$CRASHDIR"/configs/command.env + setconfig crashcore "$crashcore" + setconfig core_v "$core_v" + setconfig custcorelink "$custcorelink" + return 0 + fi } core_webget(){ - . "$CRASHDIR"/libs/web_get_bin.sh - . "$CRASHDIR"/libs/check_target.sh - if [ -z "$custcorelink" ];then - [ -z "$zip_type" ] && zip_type='tar.gz' - get_bin "$TMPDIR/Coretmp.$zip_type" "bin/$crashcore/${target}-linux-${cpucore}.$zip_type" - else - case "$custcorelink" in - *.tar.gz) zip_type="tar.gz" ;; - *.gz) zip_type="gz" ;; - *.upx) zip_type="upx" ;; - esac - [ -n "$zip_type" ] && webget "$TMPDIR/Coretmp.$zip_type" "$custcorelink" - fi - #校验内核 - if [ "$?" = 0 ];then - core_check "$TMPDIR/Coretmp.$zip_type" - else - rm -f "$TMPDIR/Coretmp.$zip_type" - return 1 - fi + . "$CRASHDIR"/libs/web_get_bin.sh + . "$CRASHDIR"/libs/check_target.sh + if [ -z "$custcorelink" ];then + [ -z "$zip_type" ] && zip_type='tar.gz' + get_bin "$TMPDIR/Coretmp.$zip_type" "bin/$crashcore/${target}-linux-${cpucore}.$zip_type" + else + case "$custcorelink" in + *.tar.gz) zip_type="tar.gz" ;; + *.gz) zip_type="gz" ;; + *.upx) zip_type="upx" ;; + esac + [ -n "$zip_type" ] && webget "$TMPDIR/Coretmp.$zip_type" "$custcorelink" + fi + #校验内核 + if [ "$?" = 0 ];then + core_check "$TMPDIR/Coretmp.$zip_type" + else + rm -f "$TMPDIR/Coretmp.$zip_type" + return 1 + fi } diff --git a/scripts/libs/gen_base64.sh b/scripts/libs/gen_base64.sh index a3b36a87..591c3e3d 100644 --- a/scripts/libs/gen_base64.sh +++ b/scripts/libs/gen_base64.sh @@ -1,26 +1,26 @@ #生成指定位数的加密秘钥,符合ss2022协议 gen_random() { if ckcmd openssl;then - openssl rand --base64 "$1" - elif ckcmd base64;then - head -c "$1" /dev/urandom | base64 | tr -d '\n' - elif busybox base64 --help >/dev/null 2>&1;then - head -c "$1" /dev/urandom | base64 | tr -d '\n' - elif ckcmd uuencode;then - head -c "$1" /dev/urandom | uuencode -m - | sed -n '2p' - else - return 1 - fi + openssl rand --base64 "$1" + elif ckcmd base64;then + head -c "$1" /dev/urandom | base64 | tr -d '\n' + elif busybox base64 --help >/dev/null 2>&1;then + head -c "$1" /dev/urandom | base64 | tr -d '\n' + elif ckcmd uuencode;then + head -c "$1" /dev/urandom | uuencode -m - | sed -n '2p' + else + return 1 + fi } #对指定字符串进行base64转码 gen_base64() { - if ckcmd base64;then - echo -n "$1" | base64 | tr -d '\n' - elif busybox base64 --help >/dev/null 2>&1;then - echo -n "$1" | busybox base64 | tr -d '\n' - elif ckcmd openssl;then - echo -n "$1" | openssl base64 -A - else - return 1 - fi + if ckcmd base64;then + echo -n "$1" | base64 | tr -d '\n' + elif busybox base64 --help >/dev/null 2>&1;then + echo -n "$1" | busybox base64 | tr -d '\n' + elif ckcmd openssl;then + echo -n "$1" | openssl base64 -A + else + return 1 + fi } \ No newline at end of file diff --git a/scripts/libs/get_config.sh b/scripts/libs/get_config.sh index ba9b6b08..7102d3ae 100644 --- a/scripts/libs/get_config.sh +++ b/scripts/libs/get_config.sh @@ -15,8 +15,8 @@ routing_mark=$((fwmark + 2)) [ -z "$table" ] && table=100 [ -z "$dns_nameserver" ] && { - dns_nameserver='223.5.5.5, 1.2.4.8' - netstat -ntlup 2>/dev/null | grep -q '127.0.0.1:53' && dns_nameserver='127.0.0.1' + dns_nameserver='223.5.5.5, 1.2.4.8' + netstat -ntlup 2>/dev/null | grep -q '127.0.0.1:53' && dns_nameserver='127.0.0.1' } [ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8" [ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1" diff --git a/scripts/libs/get_ecsip.sh b/scripts/libs/get_ecsip.sh index 21cec0fa..fa0b68a5 100644 --- a/scripts/libs/get_ecsip.sh +++ b/scripts/libs/get_ecsip.sh @@ -5,11 +5,11 @@ get_ecs_address() { ip=$(grep -A1 "^# Interface wan$" "$f" | grep nameserver | awk '{printf "%s ", $2}') [ -n "$ip" ] && return done - . "$CRASHDIR"/libs/web_get_lite.sh - for web in http://members.3322.org/dyndns/getip http://4.ipw.cn http://ipinfo.io/ip; do - ip=$(web_get_lite "$web" 0) - [ -n "$ip" ] && return - done + . "$CRASHDIR"/libs/web_get_lite.sh + for web in http://members.3322.org/dyndns/getip http://4.ipw.cn http://ipinfo.io/ip; do + ip=$(web_get_lite "$web" 0) + [ -n "$ip" ] && return + done } get_ecs_address [ -n "$ip" ] && ecs_address="${ip%.*}.0/24" diff --git a/scripts/libs/i18n.sh b/scripts/libs/i18n.sh index efaa52ee..1b0af090 100644 --- a/scripts/libs/i18n.sh +++ b/scripts/libs/i18n.sh @@ -1,8 +1,8 @@ load_lang() { i18n=$(cat "$CRASHDIR"/configs/i18n.cfg 2>/dev/null) - [ -z "$i18n" ] && i18n=chs - + [ -z "$i18n" ] && i18n=chs + file="$CRASHDIR/lang/$i18n/$1.lang" [ -s "$file" ] && . "$file" } \ No newline at end of file diff --git a/scripts/libs/logger.sh b/scripts/libs/logger.sh index f6bd0afe..3e3989e7 100644 --- a/scripts/libs/logger.sh +++ b/scripts/libs/logger.sh @@ -6,13 +6,13 @@ __IS_LIB_LOGGER=1 . "$CRASHDIR"/libs/web_json.sh #$1日志内容$2显示颜色$3是否推送$4是否覆盖上一条 logger() { - TMPDIR=/tmp/ShellCrash + TMPDIR=/tmp/ShellCrash [ -n "$2" -a "$2" != 0 ] && printf "\033[%sm%s\033[0m\n" "$2" "$1" log_text="$(date "+%G-%m-%d_%H:%M:%S")~$1" - [ "$4" = on ] && sed -i "/$1/d" "$TMPDIR"/ShellCrash.log + [ "$4" = on ] && sed -i "/$1/d" "$TMPDIR"/ShellCrash.log echo "$log_text" >>"$TMPDIR"/ShellCrash.log [ "$(wc -l "$TMPDIR"/ShellCrash.log | awk '{print $1}')" -gt 199 ] && sed -i '1,20d' "$TMPDIR"/ShellCrash.log - #推送远程日志 + #推送远程日志 [ "$3" != off ] && { [ -n "$device_name" ] && log_text="$log_text($device_name)" [ -n "$push_TG" ] && { @@ -51,6 +51,6 @@ logger() { url="${push_ChatURL}/webapi/entry.cgi?api=SYNO.Chat.External&method=chatbot&version=2&token=${push_ChatTOKEN}" content="payload={\"text\":\"${log_text}\", \"user_ids\":[${push_ChatUSERID}]}" web_json_post "$url" "$content" & - } + } } & } diff --git a/scripts/libs/meta_listeners.sh b/scripts/libs/meta_listeners.sh index c338a769..cf9d5b67 100644 --- a/scripts/libs/meta_listeners.sh +++ b/scripts/libs/meta_listeners.sh @@ -3,7 +3,7 @@ #meta内核vmess入站生成 [ "$vms_service" = ON ] && { - cat >>"$TMPDIR"/listeners.yaml <>"$TMPDIR"/listeners.yaml <>"$TMPDIR"/listeners.yaml <>"$TMPDIR"/listeners.yaml </dev/null && { - [ "$ts_subnet" = true ] && { - . "$CRASHDIR"/starts/fw_getlanip.sh && getlanip - advertise_routes=$(echo "$host_ipv4"|sed 's/[[:space:]]\+/", "/g; s/^/"/; s/$/"/') - } - [ -z "$ts_exit_node" ] && ts_exit_node=false - [ -z "$ts_hostname" ] && ts_hostname='ShellCrash' - cat >"$TMPDIR"/jsons/tailscale.json <"$TMPDIR"/jsons/tailscale.json </dev/null && { - [ -n "$wg_ipv6" ] && wg_ipv6_add=", \"$wg_ipv6\"" - cat >"$TMPDIR"/jsons/wireguard.json <"$TMPDIR"/jsons/wireguard.json <"$TMPDIR"/jsons/vmess-in.json <"$TMPDIR"/jsons/vmess-in.json <"$TMPDIR"/jsons/ss-in.json <"$TMPDIR"/jsons/ss-in.json <>"$configpath" + sed -i "/^${1}=.*/d" "$configpath" + printf '%s=%s\n' "$1" "$2" >>"$configpath" } \ No newline at end of file diff --git a/scripts/libs/set_cron.sh b/scripts/libs/set_cron.sh index fddf57ad..29bd8c7e 100644 --- a/scripts/libs/set_cron.sh +++ b/scripts/libs/set_cron.sh @@ -8,32 +8,32 @@ tmpcron=/tmp/cron_tmp touch "$tmpcron" cronadd() { #定时任务工具 - if crontab -h 2>&1 | grep -q '\-l'; then + if crontab -h 2>&1 | grep -q '\-l'; then crontab "$1" - elif [ -f "$crondir/$USER" ];then - cat "$1" >"$crondir"/"$USER" && cru a REFRESH "0 0 1 1 * /bin/true" 2>/dev/null - else - echo "找不到可用的crond或者crontab应用!No available crond or crontab application can be found!" - fi + elif [ -f "$crondir/$USER" ];then + cat "$1" >"$crondir"/"$USER" && cru a REFRESH "0 0 1 1 * /bin/true" 2>/dev/null + else + echo "找不到可用的crond或者crontab应用!No available crond or crontab application can be found!" + fi } cronload() { #定时任务工具 - if crontab -h 2>&1 | grep -q '\-l'; then + if crontab -h 2>&1 | grep -q '\-l'; then crontab -l - elif [ -f "$crondir/$USER" ];then - cat "$crondir"/"$USER" 2>/dev/null - else - return 1 - fi + elif [ -f "$crondir/$USER" ];then + cat "$crondir"/"$USER" 2>/dev/null + else + return 1 + fi } cronset() { #定时任务设置 # 参数1代表要移除的关键字,参数2代表要添加的任务语句 cronload | grep -v '^$' | grep -vF "$1" >"$tmpcron" [ -n "$2" ] && echo "$2" >>"$tmpcron" - cronadd "$tmpcron" - #华硕/Padavan固件存档在本地,其他则删除 - if [ -d /jffs ] || [ -d /etc/storage/ShellCrash ];then - mv -f "$tmpcron" "$CRASHDIR"/task/cron - else - rm -f "$tmpcron" - fi + cronadd "$tmpcron" + #华硕/Padavan固件存档在本地,其他则删除 + if [ -d /jffs ] || [ -d /etc/storage/ShellCrash ];then + mv -f "$tmpcron" "$CRASHDIR"/task/cron + else + rm -f "$tmpcron" + fi } diff --git a/scripts/libs/set_profile.sh b/scripts/libs/set_profile.sh index b16966ed..d8ea7ba7 100644 --- a/scripts/libs/set_profile.sh +++ b/scripts/libs/set_profile.sh @@ -5,5 +5,5 @@ set_profile() { echo "alias ${my_alias}=\"$shtype $CRASHDIR/menu.sh\"" >>"$1" #设置快捷命令环境变量 sed -i '/export CRASHDIR=*/'d "$1" echo "export CRASHDIR=\"$CRASHDIR\"" >>"$1" #设置路径环境变量 - . "$1" >/dev/null 2>&1 || true + . "$1" >/dev/null 2>&1 || true } \ No newline at end of file diff --git a/scripts/libs/set_proxy.sh b/scripts/libs/set_proxy.sh index c5e0c8ff..7a5f9abd 100644 --- a/scripts/libs/set_proxy.sh +++ b/scripts/libs/set_proxy.sh @@ -1,9 +1,9 @@ setproxy(){ - [ -n "$(pidof CrashCore)" ] && { - [ -n "$authentication" ] && auth="$authentication@" || auth="" - [ -z "$mix_port" ] && mix_port=7890 - export https_proxy="http://${auth}127.0.0.1:$mix_port" - export http_proxy="http://${auth}127.0.0.1:$mix_port" - } + [ -n "$(pidof CrashCore)" ] && { + [ -n "$authentication" ] && auth="$authentication@" || auth="" + [ -z "$mix_port" ] && mix_port=7890 + export https_proxy="http://${auth}127.0.0.1:$mix_port" + export http_proxy="http://${auth}127.0.0.1:$mix_port" + } } \ No newline at end of file diff --git a/scripts/libs/start_wait.sh b/scripts/libs/start_wait.sh index ffbee612..2daa7201 100644 --- a/scripts/libs/start_wait.sh +++ b/scripts/libs/start_wait.sh @@ -1,10 +1,10 @@ i=1 while [ -z "$test" -a "$i" -lt 30 ]; do - sleep 1 - if curl --version >/dev/null 2>&1; then - test=$(curl -s -H "Authorization: Bearer $secret" http://127.0.0.1:${db_port}/proxies | grep -o proxies) - else - test=$(wget -q --header="Authorization: Bearer $secret" -O - http://127.0.0.1:${db_port}/proxies | grep -o proxies) - fi - i=$((i + 1)) + sleep 1 + if curl --version >/dev/null 2>&1; then + test=$(curl -s -H "Authorization: Bearer $secret" http://127.0.0.1:${db_port}/proxies | grep -o proxies) + else + test=$(wget -q --header="Authorization: Bearer $secret" -O - http://127.0.0.1:${db_port}/proxies | grep -o proxies) + fi + i=$((i + 1)) done diff --git a/scripts/libs/web_get.sh b/scripts/libs/web_get.sh index 70e3aa85..1e6a6c67 100644 --- a/scripts/libs/web_get.sh +++ b/scripts/libs/web_get.sh @@ -1,77 +1,77 @@ . "$CRASHDIR"/libs/set_proxy.sh webget(){ - if pidof CrashCore >/dev/null; then - setproxy #设置临时代理,【$1】代表下载目录,【$2】代表在线地址 - url=$(printf '%s\n' "$2" | - sed -e 's#https://.*jsdelivr.net/gh/juewuy/ShellCrash[@|/]#https://raw.githubusercontent.com/juewuy/ShellCrash/#' \ - -e 's#https://gh.jwsc.eu.org/#https://raw.githubusercontent.com/juewuy/ShellCrash/#') - else - url=$(printf '%s\n' "$2" | - sed 's#https://raw.githubusercontent.com/juewuy/ShellCrash/#https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@#') - fi - # =============================================== + if pidof CrashCore >/dev/null; then + setproxy #设置临时代理,【$1】代表下载目录,【$2】代表在线地址 + url=$(printf '%s\n' "$2" | + sed -e 's#https://.*jsdelivr.net/gh/juewuy/ShellCrash[@|/]#https://raw.githubusercontent.com/juewuy/ShellCrash/#' \ + -e 's#https://gh.jwsc.eu.org/#https://raw.githubusercontent.com/juewuy/ShellCrash/#') + else + url=$(printf '%s\n' "$2" | + sed 's#https://raw.githubusercontent.com/juewuy/ShellCrash/#https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@#') + fi + # =============================================== - #参数【$1】代表下载目录,【$2】代表在线地址 - #参数【$3】代表输出显示,【$4】不启用重定向 - #参数【$5】代表验证证书,【$6】使用自定义UA - [ -n "$6" ] && agent="--user-agent $6" - if wget --help 2>&1 | grep -q 'show-progress' >/dev/null 2>&1; then - [ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress' - [ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect='' - if [ "$5" = "skipceroff" ] || [ "$skip_cert" = OFF ];then - certificate='' - else - certificate='--no-check-certificate' - fi - wget -Y on $agent $progress $redirect $certificate --timeout=3 -O "$1" "$url" && return 0 #成功则退出否则重试 - wget -Y off $agent $progress $redirect $certificate --timeout=5 -O "$1" "$2" - return $? - elif curl --version >/dev/null 2>&1; then - if [ "$3" = "echooff" ];then - progress='-s' - elif echo "$url" | grep -q 'jsdelivr.net';then - progress='-#' - . "$CRASHDIR"/libs/web_get_curlbar.sh && curl_fsize - else - progress='-#' - fi - [ "$4" = "rediroff" ] && redirect='' || redirect='-L' - if [ "$5" = "skipceroff" ] || [ "$skip_cert" = OFF ];then - certificate='' - else - certificate='-k' - fi - # curl 特殊版本兼容 - auth_arg="" - if curl --version | grep -q '^curl 8.' && ckcmd base64; then - auth_b64=$(printf '%s' "$authentication" | base64) - [ -n "$auth_b64" ] && auth_arg="--proxy-header Proxy-Authorization:Basic $auth_b64" - fi - if [ -n "$fsize_raw" ] && [ "$fsize_raw" -gt 204800 ]; then - result=$(execute_curl "$1" "$url" "$fsize_raw" "$agent $auth_arg $redirect $certificate") - else - result=$(curl $agent $auth_arg -w '%{http_code}' --connect-timeout 3 $progress $redirect $certificate -o "$1" "$url") - fi + #参数【$1】代表下载目录,【$2】代表在线地址 + #参数【$3】代表输出显示,【$4】不启用重定向 + #参数【$5】代表验证证书,【$6】使用自定义UA + [ -n "$6" ] && agent="--user-agent $6" + if wget --help 2>&1 | grep -q 'show-progress' >/dev/null 2>&1; then + [ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress' + [ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect='' + if [ "$5" = "skipceroff" ] || [ "$skip_cert" = OFF ];then + certificate='' + else + certificate='--no-check-certificate' + fi + wget -Y on $agent $progress $redirect $certificate --timeout=3 -O "$1" "$url" && return 0 #成功则退出否则重试 + wget -Y off $agent $progress $redirect $certificate --timeout=5 -O "$1" "$2" + return $? + elif curl --version >/dev/null 2>&1; then + if [ "$3" = "echooff" ];then + progress='-s' + elif echo "$url" | grep -q 'jsdelivr.net';then + progress='-#' + . "$CRASHDIR"/libs/web_get_curlbar.sh && curl_fsize + else + progress='-#' + fi + [ "$4" = "rediroff" ] && redirect='' || redirect='-L' + if [ "$5" = "skipceroff" ] || [ "$skip_cert" = OFF ];then + certificate='' + else + certificate='-k' + fi + # curl 特殊版本兼容 + auth_arg="" + if curl --version | grep -q '^curl 8.' && ckcmd base64; then + auth_b64=$(printf '%s' "$authentication" | base64) + [ -n "$auth_b64" ] && auth_arg="--proxy-header Proxy-Authorization:Basic $auth_b64" + fi + if [ -n "$fsize_raw" ] && [ "$fsize_raw" -gt 204800 ]; then + result=$(execute_curl "$1" "$url" "$fsize_raw" "$agent $auth_arg $redirect $certificate") + else + result=$(curl $agent $auth_arg -w '%{http_code}' --connect-timeout 3 $progress $redirect $certificate -o "$1" "$url") + fi - [ "$result" = "200" ] && return 0 #成功则退出否则重试 - export https_proxy="" - export http_proxy="" - - if [ -n "$fsize_raw" ] && [ "$fsize_raw" -gt 204800 ]; then - result=$(execute_curl "$1" "$2" "$fsize_raw" "$agent $redirect $certificate") - else - result=$(curl $agent -w '%{http_code}' --connect-timeout 5 $progress $redirect $certificate -o "$1" "$2") - fi - [ "$result" = "200" ] - return $? - elif ckcmd wget;then - [ "$3" = "echooff" ] && progress='-q' - wget -Y on $progress -O "$1" "$url" && return 0 #成功则退出否则重试 - wget -Y off $progress -O "$1" "$2" - return $? - else - echo "No Curl or Wget!!!" - return 1 - fi + [ "$result" = "200" ] && return 0 #成功则退出否则重试 + export https_proxy="" + export http_proxy="" + + if [ -n "$fsize_raw" ] && [ "$fsize_raw" -gt 204800 ]; then + result=$(execute_curl "$1" "$2" "$fsize_raw" "$agent $redirect $certificate") + else + result=$(curl $agent -w '%{http_code}' --connect-timeout 5 $progress $redirect $certificate -o "$1" "$2") + fi + [ "$result" = "200" ] + return $? + elif ckcmd wget;then + [ "$3" = "echooff" ] && progress='-q' + wget -Y on $progress -O "$1" "$url" && return 0 #成功则退出否则重试 + wget -Y off $progress -O "$1" "$2" + return $? + else + echo "No Curl or Wget!!!" + return 1 + fi } diff --git a/scripts/libs/web_get_bin.sh b/scripts/libs/web_get_bin.sh index c319519a..1ba78e69 100644 --- a/scripts/libs/web_get_bin.sh +++ b/scripts/libs/web_get_bin.sh @@ -3,7 +3,7 @@ get_bin() { #专用于项目内部文件的下载 [ -z "$update_url" ] && update_url=https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@master if [ -n "$url_id" ]; then - [ -n "$release_type" ] && rt="$release_type" || rt=master + [ -n "$release_type" ] && rt="$release_type" || rt=master echo "$2" | grep -q '^bin/' && rt=update #/bin文件改为在update分支下载 echo "$2" | grep -qE '^public/|^rules/' && rt=dev #/public和/rules文件改为在dev分支下载 if [ "$url_id" = 101 -o "$url_id" = 104 ]; then diff --git a/scripts/libs/web_get_curlbar.sh b/scripts/libs/web_get_curlbar.sh index 8031471a..b6c29b61 100644 --- a/scripts/libs/web_get_curlbar.sh +++ b/scripts/libs/web_get_curlbar.sh @@ -2,46 +2,46 @@ bar_max=42 #进度条长度 curl_fsize(){ # 获取文件大小 - fsize_raw=0 - header=$(curl -sIL --connect-timeout 2 "$url") - # 代理容错 - [ -z "$header" ] && { export https_proxy=""; export http_proxy=""; header=$(curl -sIL --connect-timeout 2 "$url"); } - # 提取大小 (优先 Content-Length,其次 ETag) - fsize_raw=$(echo "$header" | grep -i 'Content-Length' | tail -n 1 | awk '{print $2}' | tr -d '\r' | awk '{print int($1)}') - if [ -z "$fsize_raw" ] || [ "$fsize_raw" -eq 0 ]; then - etag=$(echo "$header" | grep -i 'etag' | tail -n 1 | cut -d '"' -f2 | cut -d '-' -f1) - [ -n "$etag" ] && fsize_raw=$(printf "%d" 0x$etag 2>/dev/null) - fi + fsize_raw=0 + header=$(curl -sIL --connect-timeout 2 "$url") + # 代理容错 + [ -z "$header" ] && { export https_proxy=""; export http_proxy=""; header=$(curl -sIL --connect-timeout 2 "$url"); } + # 提取大小 (优先 Content-Length,其次 ETag) + fsize_raw=$(echo "$header" | grep -i 'Content-Length' | tail -n 1 | awk '{print $2}' | tr -d '\r' | awk '{print int($1)}') + if [ -z "$fsize_raw" ] || [ "$fsize_raw" -eq 0 ]; then + etag=$(echo "$header" | grep -i 'etag' | tail -n 1 | cut -d '"' -f2 | cut -d '-' -f1) + [ -n "$etag" ] && fsize_raw=$(printf "%d" 0x$etag 2>/dev/null) + fi } execute_curl(){ # 手搓curl进度条 - local path="$1" target_url="$2" total_size="$3" extra_args="$4" - rm -f /tmp/webget_res - # 后台静默下载,状态码写入临时文件 - curl $extra_args -s -L -w '%{http_code}' "$target_url" -o "$path" > /tmp/webget_res & - local pid=$! - - # 循环监控 - while kill -0 $pid 2>/dev/null; do - if [ -f "$path" ]; then - local curr=$(wc -c < "$path") - local pct=$(awk -v c=$curr -v t=$total_size 'BEGIN {p=(c*100/t); if(p>100)p=100; printf "%.1f", p}') - local num=$(awk -v p=$pct -v w=$bar_max 'BEGIN {printf "%d", p*w/100}') - local bar=$(printf "%${num}s" | tr ' ' '#'); local spc_n=$((bar_max - num)) - local spc=""; [ "$spc_n" -gt 0 ] && spc=$(printf "%${spc_n}s") - local size=$(( fsize_raw * 100 / 1048576 )) - local fs="$((size / 100)).$((size % 100)) MB" - printf "\r\033[2K%s%s %6s%%(%s)" "$bar" "$spc" "$pct" "$fs" >&2 - fi - usleep 200000 2>/dev/null || sleep 1 - done - - local code=$(cat /tmp/webget_res 2>/dev/null) - if [ "$code" = "200" ] || [ "$code" = "206" ]; then - local full=$(printf "%${bar_max}s" | tr ' ' '#') - printf "\r\033[2K%s 100.0%%(%s)\n" "$full" "$fs" >&2 - else - printf "\r\033[2K" >&2; [ -f "$path" ] && rm -f "$path" - fi - echo "$code" + local path="$1" target_url="$2" total_size="$3" extra_args="$4" + rm -f /tmp/webget_res + # 后台静默下载,状态码写入临时文件 + curl $extra_args -s -L -w '%{http_code}' "$target_url" -o "$path" > /tmp/webget_res & + local pid=$! + + # 循环监控 + while kill -0 $pid 2>/dev/null; do + if [ -f "$path" ]; then + local curr=$(wc -c < "$path") + local pct=$(awk -v c=$curr -v t=$total_size 'BEGIN {p=(c*100/t); if(p>100)p=100; printf "%.1f", p}') + local num=$(awk -v p=$pct -v w=$bar_max 'BEGIN {printf "%d", p*w/100}') + local bar=$(printf "%${num}s" | tr ' ' '#'); local spc_n=$((bar_max - num)) + local spc=""; [ "$spc_n" -gt 0 ] && spc=$(printf "%${spc_n}s") + local size=$(( fsize_raw * 100 / 1048576 )) + local fs="$((size / 100)).$((size % 100)) MB" + printf "\r\033[2K%s%s %6s%%(%s)" "$bar" "$spc" "$pct" "$fs" >&2 + fi + usleep 200000 2>/dev/null || sleep 1 + done + + local code=$(cat /tmp/webget_res 2>/dev/null) + if [ "$code" = "200" ] || [ "$code" = "206" ]; then + local full=$(printf "%${bar_max}s" | tr ' ' '#') + printf "\r\033[2K%s 100.0%%(%s)\n" "$full" "$fs" >&2 + else + printf "\r\033[2K" >&2; [ -f "$path" ] && rm -f "$path" + fi + echo "$code" } \ No newline at end of file diff --git a/scripts/libs/web_get_lite.sh b/scripts/libs/web_get_lite.sh index cf485b18..2eead479 100644 --- a/scripts/libs/web_get_lite.sh +++ b/scripts/libs/web_get_lite.sh @@ -1,10 +1,10 @@ . "$CRASHDIR"/libs/set_proxy.sh #$1:目标地址 $2:禁用proxy web_get_lite() { - [ -z "$2" ] && setproxy - if curl --version >/dev/null 2>&1; then - curl -ksSl --connect-timeout 3 "$1" 2>/dev/null - else - wget -Y on -q --timeout=3 -O - "$1" - fi + [ -z "$2" ] && setproxy + if curl --version >/dev/null 2>&1; then + curl -ksSl --connect-timeout 3 "$1" 2>/dev/null + else + wget -Y on -q --timeout=3 -O - "$1" + fi } diff --git a/scripts/libs/web_json.sh b/scripts/libs/web_json.sh index 3c76260b..22b659e6 100644 --- a/scripts/libs/web_json.sh +++ b/scripts/libs/web_json.sh @@ -1,10 +1,10 @@ . "$CRASHDIR"/libs/set_proxy.sh #$1:目标地址 $2:json字符串 web_json_post() { - setproxy - if curl --version >/dev/null 2>&1; then - curl -kfsSl -X POST --connect-timeout 3 -H "Content-Type: application/json" "$1" -d "$2" >/dev/null 2>&1 - else - wget -Y on -q --timeout=3 --method=POST --header="Content-Type: application/json" --body-data="$2" "$1" - fi + setproxy + if curl --version >/dev/null 2>&1; then + curl -kfsSl -X POST --connect-timeout 3 -H "Content-Type: application/json" "$1" -d "$2" >/dev/null 2>&1 + else + wget -Y on -q --timeout=3 --method=POST --header="Content-Type: application/json" --body-data="$2" "$1" + fi } diff --git a/scripts/libs/web_restore.sh b/scripts/libs/web_restore.sh index e0368803..9907059d 100644 --- a/scripts/libs/web_restore.sh +++ b/scripts/libs/web_restore.sh @@ -9,12 +9,12 @@ put_save() { #推送面板选择 fi } web_restore() { #还原面板选择 - num=$(cat "$CRASHDIR"/configs/web_save | wc -l) - i=1 - while [ "$i" -le "$num" ]; do - group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' "$CRASHDIR"/configs/web_save | sed 's/ /%20/g') - now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' "$CRASHDIR"/configs/web_save) - put_save "http://127.0.0.1:${db_port}/proxies/${group_name}" "{\"name\":\"${now_name}\"}" - i=$((i + 1)) - done + num=$(cat "$CRASHDIR"/configs/web_save | wc -l) + i=1 + while [ "$i" -le "$num" ]; do + group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' "$CRASHDIR"/configs/web_save | sed 's/ /%20/g') + now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' "$CRASHDIR"/configs/web_save) + put_save "http://127.0.0.1:${db_port}/proxies/${group_name}" "{\"name\":\"${now_name}\"}" + i=$((i + 1)) + done } diff --git a/scripts/libs/web_save.sh b/scripts/libs/web_save.sh index e7a16f3f..d7ae9787 100644 --- a/scripts/libs/web_save.sh +++ b/scripts/libs/web_save.sh @@ -9,7 +9,7 @@ get_save() { #获取面板信息 } web_save() { #最小化保存面板节点选择 #使用get_save获取面板节点设置 - get_save "http://127.0.0.1:${db_port}/proxies" | sed 's/{}//g' | sed 's/:{/\ + get_save "http://127.0.0.1:${db_port}/proxies" | sed 's/{}//g' | sed 's/:{/\ /g'| grep -aE '"Selector"' >"$TMPDIR"/web_proxies [ -s "$TMPDIR"/web_proxies ] && while read line; do def=$(echo $line | grep -oE '"all".*",' | awk -F "[\"]" '{print $4}') @@ -25,8 +25,8 @@ web_save() { #最小化保存面板节点选择 if [ -s "$TMPDIR/$file" ]; then . "$CRASHDIR"/libs/compare.sh && compare "$TMPDIR/$file" "$CRASHDIR/configs/$file" [ "$?" = 0 ] && rm -f "$TMPDIR/$file" || mv -f "$TMPDIR/$file" "$CRASHDIR/configs/$file" - else - > "$CRASHDIR/configs/$file" #空文件时移除旧文件 + else + > "$CRASHDIR/configs/$file" #空文件时移除旧文件 fi done } diff --git a/scripts/menu.sh b/scripts/menu.sh index 3d67e5a8..5cdce9fc 100644 --- a/scripts/menu.sh +++ b/scripts/menu.sh @@ -2,8 +2,8 @@ # Copyright (C) Juewuy CRASHDIR=$( - cd $(dirname $0) - pwd + cd $(dirname $0) + pwd ) CFG_PATH="$CRASHDIR"/configs/ShellCrash.cfg @@ -32,326 +32,326 @@ load_lang common load_lang menu checkrestart() { - comp_box "\033[32m$MENU_RESTART_NOTICE\033[0m" - btm_box "1) 立即重启" \ - "0) 暂不重启" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - start_service - fi + comp_box "\033[32m$MENU_RESTART_NOTICE\033[0m" + btm_box "1) 立即重启" \ + "0) 暂不重启" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + start_service + fi } # 检查端口冲突 checkport() { - . "$CRASHDIR"/menus/check_port.sh + . "$CRASHDIR"/menus/check_port.sh - while true; do - local conflict_found=0 - local conflict_port="" - local conflict_info="" + while true; do + local conflict_found=0 + local conflict_port="" + local conflict_info="" - conflict_info=$(check_port_with_info "$mix_port") - if [ $? -ne 0 ]; then - conflict_found=1 - conflict_port="$mix_port" - fi + conflict_info=$(check_port_with_info "$mix_port") + if [ $? -ne 0 ]; then + conflict_found=1 + conflict_port="$mix_port" + fi - if [ "$conflict_found" -eq 0 ]; then - conflict_info=$(check_port_with_info "$redir_port") - [ $? -ne 0 ] && conflict_found=1 && conflict_port="$redir_port" - fi + if [ "$conflict_found" -eq 0 ]; then + conflict_info=$(check_port_with_info "$redir_port") + [ $? -ne 0 ] && conflict_found=1 && conflict_port="$redir_port" + fi - if [ "$conflict_found" -eq 0 ]; then - conflict_info=$(check_port_with_info "$((redir_port + 1))") - [ $? -ne 0 ] && conflict_found=1 && conflict_port="$((redir_port + 1))" - fi + if [ "$conflict_found" -eq 0 ]; then + conflict_info=$(check_port_with_info "$((redir_port + 1))") + [ $? -ne 0 ] && conflict_found=1 && conflict_port="$((redir_port + 1))" + fi - if [ "$conflict_found" -eq 0 ]; then - conflict_info=$(check_port_with_info "$dns_port") - [ $? -ne 0 ] && conflict_found=1 && conflict_port="$dns_port" - fi + if [ "$conflict_found" -eq 0 ]; then + conflict_info=$(check_port_with_info "$dns_port") + [ $? -ne 0 ] && conflict_found=1 && conflict_port="$dns_port" + fi - if [ "$conflict_found" -eq 0 ]; then - conflict_info=$(check_port_with_info "$db_port" tcp) - [ $? -ne 0 ] && conflict_found=1 && conflict_port="$db_port" - fi + if [ "$conflict_found" -eq 0 ]; then + conflict_info=$(check_port_with_info "$db_port" tcp) + [ $? -ne 0 ] && conflict_found=1 && conflict_port="$db_port" + fi - if [ "$conflict_found" -eq 1 ]; then - comp_box "【$conflict_port】:$MENU_PORT_CONFLICT_TITLE" \ - "\033[0m$conflict_info\033[0m" \ - "\033[36m$MENU_PORT_CONFLICT_HINT\033[0m" + if [ "$conflict_found" -eq 1 ]; then + comp_box "【$conflict_port】:$MENU_PORT_CONFLICT_TITLE" \ + "\033[0m$conflict_info\033[0m" \ + "\033[36m$MENU_PORT_CONFLICT_HINT\033[0m" - . "$CRASHDIR"/menus/2_settings.sh && set_adv_config - . "$CRASHDIR"/libs/get_config.sh - else - break - fi - done + . "$CRASHDIR"/menus/2_settings.sh && set_adv_config + . "$CRASHDIR"/libs/get_config.sh + else + break + fi + done } # 脚本启动前检查 ckstatus() { - versionsh=$(cat "$CRASHDIR"/version) - [ -n "$versionsh" ] && versionsh_l=$versionsh - [ -z "$redir_mod" ] && redir_mod="$MENU_PURE_MOD" + versionsh=$(cat "$CRASHDIR"/version) + [ -n "$versionsh" ] && versionsh_l=$versionsh + [ -z "$redir_mod" ] && redir_mod="$MENU_PURE_MOD" - # 获取本机host地址 - [ -z "$host" ] && host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') - [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'lan' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) - [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) - [ -z "$host" ] && host='$MENU_IP_DF' + # 获取本机host地址 + [ -z "$host" ] && host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') + [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'lan' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) + [ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) + [ -z "$host" ] && host='$MENU_IP_DF' - # dashboard目录位置 - if [ -f /www/clash/index.html ]; then - dbdir=/www/clash - hostdir=/clash - else - dbdir="$CRASHDIR"/ui - hostdir=":$db_port/ui" - fi + # dashboard目录位置 + if [ -f /www/clash/index.html ]; then + dbdir=/www/clash + hostdir=/clash + else + dbdir="$CRASHDIR"/ui + hostdir=":$db_port/ui" + fi - if check_autostart; then - auto="\033[32m$MENU_AUTOSTART_ON\033[0m" - else - auto="\033[31m$MENU_AUTOSTART_OFF\033[0m" - fi + if check_autostart; then + auto="\033[32m$MENU_AUTOSTART_ON\033[0m" + else + auto="\033[31m$MENU_AUTOSTART_OFF\033[0m" + fi - PID=$(pidof CrashCore | awk '{print $NF}') - if [ -n "$PID" ]; then - run="\033[32m$MENU_RUN_ON($redir_mod$MENU_MOD)\033[0m" - running_status - elif [ "$firewall_area" = 5 ] && [ -n "$(ip route list table 100)" ]; then - run="\033[32m$MENU_RUN_SET($redir_mod$MENU_MOD)\033[0m" - else - run="\033[31m$MENU_RUN_OFF($redir_mod$MENU_MOD)\033[0m" - # 检测系统端口占用 - checkport - fi - corename=$(echo $crashcore | sed 's/singboxr/SingBoxR/' | sed 's/singbox/SingBox/' | sed 's/clash/Clash/' | sed 's/meta/Mihomo/') - # [ "$firewall_area" = 5 ] && corename='转发' - [ -f "$TMPDIR"/debug.log -o -f "$CRASHDIR"/debug.log -a -n "$PID" ] && auto="\033[33m$MENU_AUTOSTART_DEBUG\033[0m" + PID=$(pidof CrashCore | awk '{print $NF}') + if [ -n "$PID" ]; then + run="\033[32m$MENU_RUN_ON($redir_mod$MENU_MOD)\033[0m" + running_status + elif [ "$firewall_area" = 5 ] && [ -n "$(ip route list table 100)" ]; then + run="\033[32m$MENU_RUN_SET($redir_mod$MENU_MOD)\033[0m" + else + run="\033[31m$MENU_RUN_OFF($redir_mod$MENU_MOD)\033[0m" + # 检测系统端口占用 + checkport + fi + corename=$(echo $crashcore | sed 's/singboxr/SingBoxR/' | sed 's/singbox/SingBox/' | sed 's/clash/Clash/' | sed 's/meta/Mihomo/') + # [ "$firewall_area" = 5 ] && corename='转发' + [ -f "$TMPDIR"/debug.log -o -f "$CRASHDIR"/debug.log -a -n "$PID" ] && auto="\033[33m$MENU_AUTOSTART_DEBUG\033[0m" - # 检查新手引导 - if [ -z "$userguide" ]; then - userguide=1 - . "$CRASHDIR"/menus/userguide.sh && userguide - setconfig userguide 1 - . "$CRASHDIR"/configs/ShellCrash.cfg - fi + # 检查新手引导 + if [ -z "$userguide" ]; then + userguide=1 + . "$CRASHDIR"/menus/userguide.sh && userguide + setconfig userguide 1 + . "$CRASHDIR"/configs/ShellCrash.cfg + fi - # 检查执行权限 - [ ! -x "$CRASHDIR"/start.sh ] && chmod +x "$CRASHDIR"/start.sh + # 检查执行权限 + [ ! -x "$CRASHDIR"/start.sh ] && chmod +x "$CRASHDIR"/start.sh - # 检查/tmp内核文件 - for file in $(ls /tmp | grep -v [/$] | grep -v ' ' | grep -Ev ".*(zip|7z|tar)$" | grep -iE 'CrashCore|^clash$|^clash-linux.*|^mihomo.*|^sing.*box'); do - comp_box "$MENU_TMP_CORE_FOUND \033[36m/tmp/$file\033[0m" \ - "$MENU_TMP_CORE_ASK" - btm_box "1) 立即加载" \ - "0) 暂不加载" - read -r -p "$COMMON_INPUT> " res - [ "$res" = 1 ] && { - zip_type=$(echo "$file" | grep -oE 'tar.gz$|upx$|gz$') - . "$CRASHDIR"/menus/9_upgrade.sh && setcoretype - . "$CRASHDIR"/libs/core_tools.sh && core_check "/tmp/$file" - if [ "$?" = 0 ] && [ -n "$crashcore" ]; then - msg_alert "\033[32m$MENU_CORE_LOADED_OK\033[0m" - switch_core - else - rm -rf /tmp/"$file" - msg_alert "\033[33m$MENU_CORE_LOADED_BAD\033[0m" \ - "\033[33m$MENU_CORE_REMOVED\033[0m" - fi - } - done + # 检查/tmp内核文件 + for file in $(ls /tmp | grep -v [/$] | grep -v ' ' | grep -Ev ".*(zip|7z|tar)$" | grep -iE 'CrashCore|^clash$|^clash-linux.*|^mihomo.*|^sing.*box'); do + comp_box "$MENU_TMP_CORE_FOUND \033[36m/tmp/$file\033[0m" \ + "$MENU_TMP_CORE_ASK" + btm_box "1) 立即加载" \ + "0) 暂不加载" + read -r -p "$COMMON_INPUT> " res + [ "$res" = 1 ] && { + zip_type=$(echo "$file" | grep -oE 'tar.gz$|upx$|gz$') + . "$CRASHDIR"/menus/9_upgrade.sh && setcoretype + . "$CRASHDIR"/libs/core_tools.sh && core_check "/tmp/$file" + if [ "$?" = 0 ] && [ -n "$crashcore" ]; then + msg_alert "\033[32m$MENU_CORE_LOADED_OK\033[0m" + switch_core + else + rm -rf /tmp/"$file" + msg_alert "\033[33m$MENU_CORE_LOADED_BAD\033[0m" \ + "\033[33m$MENU_CORE_REMOVED\033[0m" + fi + } + done - # 检查/tmp配置文件 - for file in $(ls /tmp | grep -v [/$] | grep -v ' ' | grep -iE 'config.yaml$|config.yml$|config.json$'); do - tmp_file=/tmp/$file - comp_box "$MENU_TMP_CFG_FOUND\033[36m/tmp/$file\033[0m" \ - "$MENU_TMP_CFG_ASK" - btm_box "1) 立即加载" \ - "0) 暂不加载" - read -p "$COMMON_INPUT> " res - [ "$res" = 1 ] && { - if [ -n "$(echo /tmp/$file | grep -iE '.json$')" ]; then - mv -f /tmp/$file "$CRASHDIR"/jsons/config.json - else - mv -f /tmp/$file "$CRASHDIR"/yamls/config.yaml - fi - msg_alert "\033[32m$MENU_CFG_LOADED_OK\033[0m " - } - done + # 检查/tmp配置文件 + for file in $(ls /tmp | grep -v [/$] | grep -v ' ' | grep -iE 'config.yaml$|config.yml$|config.json$'); do + tmp_file=/tmp/$file + comp_box "$MENU_TMP_CFG_FOUND\033[36m/tmp/$file\033[0m" \ + "$MENU_TMP_CFG_ASK" + btm_box "1) 立即加载" \ + "0) 暂不加载" + read -p "$COMMON_INPUT> " res + [ "$res" = 1 ] && { + if [ -n "$(echo /tmp/$file | grep -iE '.json$')" ]; then + mv -f /tmp/$file "$CRASHDIR"/jsons/config.json + else + mv -f /tmp/$file "$CRASHDIR"/yamls/config.yaml + fi + msg_alert "\033[32m$MENU_CFG_LOADED_OK\033[0m " + } + done - # 检查禁用配置覆写 - [ "$disoverride" = "1" ] && { - comp_box "\033[33m$MENU_OVERRIDE_WARN\033[0m" \ - "$MENU_OVERRIDE_ASK" - btm_box "1) 是" \ - "0) 否" - read -p "$COMMON_INPUT> " res - [ "$res" = 1 ] && unset disoverride && setconfig disoverride - } + # 检查禁用配置覆写 + [ "$disoverride" = "1" ] && { + comp_box "\033[33m$MENU_OVERRIDE_WARN\033[0m" \ + "$MENU_OVERRIDE_ASK" + btm_box "1) 是" \ + "0) 否" + read -p "$COMMON_INPUT> " res + [ "$res" = 1 ] && unset disoverride && setconfig disoverride + } - top_box "\033[30;43m$MENU_WELCOME\033[0m\t\t Ver: $versionsh_l" \ - "$MENU_TG_CHANNEL\033[36;4mhttps://t.me/ShellClash\033[0m" - separator_line "-" - content_line "$corename$run\t $auto" - if [ -n "$PID" ]; then - content_line "$MENU_MEM_USED\033[44m$VmRSS\033[0m\t $MENU_RUNNING_TIME\033[46;30m$day\033[44;37m$time\033[0m" - fi - separator_line "=" + top_box "\033[30;43m$MENU_WELCOME\033[0m\t\t Ver: $versionsh_l" \ + "$MENU_TG_CHANNEL\033[36;4mhttps://t.me/ShellClash\033[0m" + separator_line "-" + content_line "$corename$run\t $auto" + if [ -n "$PID" ]; then + content_line "$MENU_MEM_USED\033[44m$VmRSS\033[0m\t $MENU_RUNNING_TIME\033[46;30m$day\033[44;37m$time\033[0m" + fi + separator_line "=" } main_menu() { - while true; do - ckstatus + while true; do + ckstatus - btm_box "1) \033[32m$MENU_MAIN_1\033[0m" \ - "2) \033[36m$MENU_MAIN_2\033[0m" \ - "3) \033[31m$MENU_MAIN_3\033[0m" \ - "4) \033[33m$MENU_MAIN_4\033[0m" \ - "5) \033[32m$MENU_MAIN_5\033[0m" \ - "6) \033[36m$MENU_MAIN_6\033[0m" \ - "7) \033[33m$MENU_MAIN_7\033[0m" \ - "8) $MENU_MAIN_8" \ - "9) \033[32m$MENU_MAIN_9\033[0m" \ - "" \ - "0) $MENU_MAIN_0" - read -r -p "$MENU_MAIN_PROMPT" num + btm_box "1) \033[32m$MENU_MAIN_1\033[0m" \ + "2) \033[36m$MENU_MAIN_2\033[0m" \ + "3) \033[31m$MENU_MAIN_3\033[0m" \ + "4) \033[33m$MENU_MAIN_4\033[0m" \ + "5) \033[32m$MENU_MAIN_5\033[0m" \ + "6) \033[36m$MENU_MAIN_6\033[0m" \ + "7) \033[33m$MENU_MAIN_7\033[0m" \ + "8) $MENU_MAIN_8" \ + "9) \033[32m$MENU_MAIN_9\033[0m" \ + "" \ + "0) $MENU_MAIN_0" + read -r -p "$MENU_MAIN_PROMPT" num - case "$num" in - "" | 0) - line_break - exit 0 - ;; - 1) - start_service - line_break - exit - ;; - 2) - checkcfg=$(cat "$CFG_PATH") - . "$CRASHDIR"/menus/2_settings.sh && settings - if [ -n "$PID" ]; then - checkcfg_new=$(cat "$CFG_PATH") - [ "$checkcfg" != "$checkcfg_new" ] && checkrestart - fi - ;; - 3) - [ "$bot_tg_service" = ON ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_stop - "$CRASHDIR"/start.sh stop - sleep 1 - msg_alert "\033[31m$corename$MENU_SERVICE_STOPPED\033[0m" - ;; - 4) - . "$CRASHDIR"/menus/4_setboot.sh && setboot - ;; - 5) - . "$CRASHDIR"/menus/5_task.sh && task_menu - ;; - 6) - . "$CRASHDIR"/menus/6_core_config.sh && set_core_config - ;; - 7) - GT_CFG_PATH="$CRASHDIR"/configs/gateway.cfg - touch "$GT_CFG_PATH" - checkcfg=$(cat "$CFG_PATH" "$GT_CFG_PATH") - . "$CRASHDIR"/menus/7_gateway.sh && gateway - if [ -n "$PID" ]; then - checkcfg_new=$(cat "$CFG_PATH" "$GT_CFG_PATH") - [ "$checkcfg" != "$checkcfg_new" ] && checkrestart - fi - ;; - 8) - . "$CRASHDIR"/menus/8_tools.sh && tools - ;; - 9) - checkcfg=$(cat "$CFG_PATH") - . "$CRASHDIR"/menus/9_upgrade.sh && upgrade - if [ -n "$PID" ]; then - checkcfg_new=$(cat "$CFG_PATH") - [ "$checkcfg" != "$checkcfg_new" ] && checkrestart - fi - ;; - *) - errornum - ;; - esac - done + case "$num" in + "" | 0) + line_break + exit 0 + ;; + 1) + start_service + line_break + exit + ;; + 2) + checkcfg=$(cat "$CFG_PATH") + . "$CRASHDIR"/menus/2_settings.sh && settings + if [ -n "$PID" ]; then + checkcfg_new=$(cat "$CFG_PATH") + [ "$checkcfg" != "$checkcfg_new" ] && checkrestart + fi + ;; + 3) + [ "$bot_tg_service" = ON ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_stop + "$CRASHDIR"/start.sh stop + sleep 1 + msg_alert "\033[31m$corename$MENU_SERVICE_STOPPED\033[0m" + ;; + 4) + . "$CRASHDIR"/menus/4_setboot.sh && setboot + ;; + 5) + . "$CRASHDIR"/menus/5_task.sh && task_menu + ;; + 6) + . "$CRASHDIR"/menus/6_core_config.sh && set_core_config + ;; + 7) + GT_CFG_PATH="$CRASHDIR"/configs/gateway.cfg + touch "$GT_CFG_PATH" + checkcfg=$(cat "$CFG_PATH" "$GT_CFG_PATH") + . "$CRASHDIR"/menus/7_gateway.sh && gateway + if [ -n "$PID" ]; then + checkcfg_new=$(cat "$CFG_PATH" "$GT_CFG_PATH") + [ "$checkcfg" != "$checkcfg_new" ] && checkrestart + fi + ;; + 8) + . "$CRASHDIR"/menus/8_tools.sh && tools + ;; + 9) + checkcfg=$(cat "$CFG_PATH") + . "$CRASHDIR"/menus/9_upgrade.sh && upgrade + if [ -n "$PID" ]; then + checkcfg_new=$(cat "$CFG_PATH") + [ "$checkcfg" != "$checkcfg_new" ] && checkrestart + fi + ;; + *) + errornum + ;; + esac + done } case "$1" in "") - main_menu - ;; + main_menu + ;; -l) - main_menu - ;; + main_menu + ;; -t) - shtype=sh - [ -n "$(ls -l /bin/sh | grep -o dash)" ] && shtype=bash - "$shtype" -x "$CRASHDIR"/menu.sh -l - ;; + shtype=sh + [ -n "$(ls -l /bin/sh | grep -o dash)" ] && shtype=bash + "$shtype" -x "$CRASHDIR"/menu.sh -l + ;; -s) - "$CRASHDIR"/start.sh "$2" "$3" "$4" "$5" "$6" - ;; + "$CRASHDIR"/start.sh "$2" "$3" "$4" "$5" "$6" + ;; -i) - . "$CRASHDIR"/init.sh 2>/dev/null - ;; + . "$CRASHDIR"/init.sh 2>/dev/null + ;; -st) - shtype=sh - ckcmd bash && shtype=bash - "$shtype" -x "$CRASHDIR"/starts/bfstart.sh - . "$CRASHDIR"/starts/start_legacy.sh - start_legacy "$COMMAND" 'shellcrash' - "$shtype" -x "$CRASHDIR"/starts/afstart.sh - "$CRASHDIR"/start.sh stop - ;; + shtype=sh + ckcmd bash && shtype=bash + "$shtype" -x "$CRASHDIR"/starts/bfstart.sh + . "$CRASHDIR"/starts/start_legacy.sh + start_legacy "$COMMAND" 'shellcrash' + "$shtype" -x "$CRASHDIR"/starts/afstart.sh + "$CRASHDIR"/start.sh stop + ;; -d) - shtype=sh && [ -n "$(ls -l /bin/sh | grep -o dash)" ] && shtype=bash - comp_box "$MENU_TEST_RUNNING_1" \ - "$MENU_TEST_RUNNING_2\033[36;4mhttps://t.me/ShellClash\033[0m" - "$shtype" "$CRASHDIR"/start.sh debug >/dev/null 2>"$TMPDIR"/debug_sh_bug.log - "$shtype" -x "$CRASHDIR"/start.sh debug >/dev/null 2>"$TMPDIR"/debug_sh.log - cat "$TMPDIR"/debug_sh_bug.log | grep 'start\.sh' >"$TMPDIR"/sh_bug - if [ -s "$TMPDIR"/sh_bug ]; then - line_break - echo "===========================================================" - while read line; do - echo -e "$MENU_ERROR_FOUND\033[33;4m$line\033[0m" - grep -A 1 -B 3 "$line" "$TMPDIR"/debug_sh.log - echo - done <"$TMPDIR"/sh_bug - echo "===========================================================" - rm -rf "$TMPDIR"/sh_bug - comp_box "\033[32m$MENU_TEST_DONE_FAIL\033[0m" \ - "$MENU_TEST_LOG_HINT\033[36m$TMPDIR/debug_sh.log\033[0m" - else - rm -rf "$TMPDIR"/debug_sh.log - comp_box "\033[32m$MENU_TEST_DONE_OK\033[0m" - line_break - fi - "$CRASHDIR"/start.sh stop - ;; + shtype=sh && [ -n "$(ls -l /bin/sh | grep -o dash)" ] && shtype=bash + comp_box "$MENU_TEST_RUNNING_1" \ + "$MENU_TEST_RUNNING_2\033[36;4mhttps://t.me/ShellClash\033[0m" + "$shtype" "$CRASHDIR"/start.sh debug >/dev/null 2>"$TMPDIR"/debug_sh_bug.log + "$shtype" -x "$CRASHDIR"/start.sh debug >/dev/null 2>"$TMPDIR"/debug_sh.log + cat "$TMPDIR"/debug_sh_bug.log | grep 'start\.sh' >"$TMPDIR"/sh_bug + if [ -s "$TMPDIR"/sh_bug ]; then + line_break + echo "===========================================================" + while read line; do + echo -e "$MENU_ERROR_FOUND\033[33;4m$line\033[0m" + grep -A 1 -B 3 "$line" "$TMPDIR"/debug_sh.log + echo + done <"$TMPDIR"/sh_bug + echo "===========================================================" + rm -rf "$TMPDIR"/sh_bug + comp_box "\033[32m$MENU_TEST_DONE_FAIL\033[0m" \ + "$MENU_TEST_LOG_HINT\033[36m$TMPDIR/debug_sh.log\033[0m" + else + rm -rf "$TMPDIR"/debug_sh.log + comp_box "\033[32m$MENU_TEST_DONE_OK\033[0m" + line_break + fi + "$CRASHDIR"/start.sh stop + ;; -u) - . "$CRASHDIR"/menus/uninstall.sh && uninstall - ;; + . "$CRASHDIR"/menus/uninstall.sh && uninstall + ;; *) - comp_box "$MENU_WELCOME" - content_line "-t $MENU_CLI_TEST" - content_line "-h $MENU_CLI_HELP" - content_line "-u $MENU_CLI_UNINSTALL" - content_line "-i $MENU_CLI_INIT" - content_line "-d $MENU_CLI_DEBUG" - separator_line "-" - content_line "crash -s start $MENU_CLI_START" - content_line "crash -s stop $MENU_CLI_STOP" - content_line "$CRASHDIR/start.sh init $MENU_CLI_BOOT_INIT" - separator_line "-" - content_line "$MENU_HELP_ONLINE\033[36mhttps://t.me/ShellClash\033[0m" - content_line "$MENU_HELP_BLOG\033[36mhttps://juewuy.github.io\033[0m" - content_line "$MENU_HELP_GITHUB\033[36mhttps://github.com/juewuy/ShellCrash\033[0m" - separator_line "=" - line_break - ;; + comp_box "$MENU_WELCOME" + content_line "-t $MENU_CLI_TEST" + content_line "-h $MENU_CLI_HELP" + content_line "-u $MENU_CLI_UNINSTALL" + content_line "-i $MENU_CLI_INIT" + content_line "-d $MENU_CLI_DEBUG" + separator_line "-" + content_line "crash -s start $MENU_CLI_START" + content_line "crash -s stop $MENU_CLI_STOP" + content_line "$CRASHDIR/start.sh init $MENU_CLI_BOOT_INIT" + separator_line "-" + content_line "$MENU_HELP_ONLINE\033[36mhttps://t.me/ShellClash\033[0m" + content_line "$MENU_HELP_BLOG\033[36mhttps://juewuy.github.io\033[0m" + content_line "$MENU_HELP_GITHUB\033[36mhttps://github.com/juewuy/ShellCrash\033[0m" + separator_line "=" + line_break + ;; esac diff --git a/scripts/menus/2_settings.sh b/scripts/menus/2_settings.sh index 6cb466cb..c31a9b21 100644 --- a/scripts/menus/2_settings.sh +++ b/scripts/menus/2_settings.sh @@ -8,686 +8,686 @@ load_lang 2_settings # 功能设置 settings() { - while true; do - # 获取设置默认显示 - [ -z "$skip_cert" ] && skip_cert=ON - [ -z "$sniffer" ] && { - sniffer=OFF - echo "$crashcore" | grep -q 'singbox' && sniffer=ON - } - [ -z "$dns_mod" ] && dns_mod='redir_host' + while true; do + # 获取设置默认显示 + [ -z "$skip_cert" ] && skip_cert=ON + [ -z "$sniffer" ] && { + sniffer=OFF + echo "$crashcore" | grep -q 'singbox' && sniffer=ON + } + [ -z "$dns_mod" ] && dns_mod='redir_host' - comp_box "\033[30;47m$SET_MENU_TITLE\033[0m" - content_line "1) $SET_MENU_REDIR\t\033[36m$redir_mod$MENU_MOD\033[0m" - content_line "2) $SET_MENU_DNS\t\033[36m$dns_mod\033[0m" - content_line "3) $SET_MENU_FW_FILTER" - [ "$disoverride" != "1" ] && { - content_line "4) $SET_MENU_SKIP_CERT\t\033[36m$skip_cert\033[0m" - content_line "5) $SET_MENU_SNIFFER\t\033[36m$sniffer\033[0m" - content_line "6) $SET_MENU_ADV_PORT" - } - content_line "7) $SET_MENU_IPV6\t\033[36m$ipv6_redir\033[0m" - btm_box "" \ - "a) \033[31m$SET_MENU_RESET\033[0m" \ - "b) \033[36m$SET_MENU_LANG\033[0m" \ - "c) \033[33m$SET_MENU_UI\033[0m" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ "$USER" != root ] && [ "$USER" != admin ]; then - comp_box "$SET_WARN_NONROOT" - btm_box "1) $SET_YES" \ - "0) $SET_NO_BACK" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - set_redir_mod - else - continue - fi - else - set_redir_mod - fi - ;; - 2) - . "$CRASHDIR"/menus/dns.sh && set_dns_mod - ;; - 3) - . "$CRASHDIR"/menus/fw_filter.sh && set_fw_filter - ;; - 4) - line_break - separator_line "=" - if [ "$skip_cert" = "OFF" ]; then - content_line "$SET_SKIP_CERT_NOW\033[33m$SET_DISABLED\033[0m$SET_SKIP_CERT_ENABLE_Q" - else - content_line "$SET_SKIP_CERT_NOW\033[33m$SET_ENABLED\033[0m$SET_SKIP_CERT_DISABLE_Q" - fi - separator_line "=" - btm_box "1) $SET_YES" \ - "0) $SET_NO_BACK" - read -r -p "$COMMON_INPUT> " num - if [ "$num" = 1 ]; then - if [ "$skip_cert" = OFF ]; then - skip_cert=ON - msg_alert "\033[33m$SET_SKIP_CERT_ON\033[0m" - else - skip_cert=OFF - msg_alert "\033[33m$SET_SKIP_CERT_OFF\033[0m" - fi - setconfig skip_cert $skip_cert - else - continue - fi - ;; - 5) - if [ "$sniffer" = "OFF" ]; then - comp_box "$SET_SNIFFER_NOW\033[33m$SET_DISABLED\033[0m$SET_SNIFFER_ENABLE_Q" - btm_box "1) $SET_YES" \ - "0) $SET_NO_BACK" - read -r -p "$COMMON_INPUT> " num - if [ "$num" = 1 ]; then - line_break - separator_line "=" - if [ "$crashcore" = "clash" ]; then - rm -rf "$TMPDIR/CrashCore" "$CRASHDIR/CrashCore" "$CRASHDIR/CrashCore.tar.gz" - crashcore=meta - setconfig crashcore $crashcore - top_box "$SET_SNIFFER_CORE_SWITCH" \ - "" - fi - sniffer=ON - else - continue - fi - elif [ "$crashcore" = clashpre ] && [ "$dns_mod" = redir_host ]; then - msg_alert "\033[31m$SET_SNIFFER_LOCKED\033[0m" - continue - else - comp_box "$SET_SNIFFER_NOW\033[33m$SET_ENABLED\033[0m$SET_SNIFFER_DISABLE_Q" - btm_box "1) $SET_YES" \ - "0) $SET_NO_BACK" - read -r -p "$COMMON_INPUT> " num - if [ "$num" = 1 ]; then - sniffer=OFF - line_break - separator_line "=" - else - continue - fi - fi - setconfig sniffer "$sniffer" - btm_box "\033[32m$COMMON_SUCCESS\033[0m" - sleep 1 - ;; - 6) - if pidof CrashCore >/dev/null; then - comp_box "\033[33m$SET_CORE_RUNNING\033[0m" \ - "$SET_CORE_STOP_CONFIRM" - btm_box "1) $SET_YES" \ - "0) $SET_NO_BACK" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - "$CRASHDIR/start.sh" stop && set_adv_config - else - continue - fi - else - set_adv_config - fi - ;; - 7) - set_ipv6 - ;; - a) - BACK_TAR="$CRASHDIR/configs.tar.gz" - comp_box "1) $SET_BACKUP" \ - "2) $SET_RESTORE" \ - "3) $SET_RESET" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - continue - ;; - 1) - line_break - separator_line "=" - if tar -zcf "$BACK_TAR" -C "$CRASHDIR/configs/" .; then - content_line "\033[32m$SET_BACKUP_OK $BACK_TAR\033[0m" - else - content_line "\033[31m$SET_BACKUP_FAIL\033[0m" - fi - separator_line "=" - sleep 1 - continue - ;; - 2) - line_break - separator_line "=" - if [ -f "$BACK_TAR" ]; then - tar -zcf "$TMPDIR/configs.tar.gz" -C "$CRASHDIR/configs/" . - rm -rf "$CRASHDIR/configs/*" - tar -zxf "$BACK_TAR" -C "$CRASHDIR"/configs - mv -f "$TMPDIR/configs.tar.gz" "$BACK_TAR" - content_line "\033[32m$SET_RESTORE_OK $BACK_TAR\033[0m" - else - content_line "\033[31m$SET_BACKUP_MISS\033[0m" - fi - ;; - 3) - line_break - separator_line "=" - if tar -zcf "$BACK_TAR" -C "$CRASHDIR/configs/" .; then - rm -rf "$CRASHDIR/configs" - . "$CRASHDIR/init.sh" >/dev/null - content_lin e"\033[32m$SET_RESET_OK\033[0m" - else - content_lin e"\033[32m$SET_RESET_FAIL\033[0m" - fi - ;; - *) - errornum - continue - ;; - esac - content_line "\033[33m$SET_NEED_RESTART\033[0m" - separator_line "=" - line_break - sleep 1 - exit 0 - ;; - b) - comp_box "1) $SET_LANG_ZH" \ - "2) $SET_LANG_EN" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - continue - ;; - 1) - echo chs >"$CRASHDIR"/configs/i18n.cfg - msg_alert "\033[32m切换成功,请重新执行脚本!\033[0m" - ;; - 2) - echo en >"$CRASHDIR"/configs/i18n.cfg - msg_alert "\033[32mLanguage switched successfully! Please re-run the script!\033[0m" - ;; - esac - line_break - exit 0 - ;; - c) - comp_box "1) New Design by Sofia-Riese" \ - "2) TUI-lite" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - continue - ;; - 1) - setconfig tui_type 'tui_layout' - . "$CRASHDIR"/menus/tui_layout.sh - ;; - 2) - setconfig tui_type 'tui_lite' - . "$CRASHDIR"/menus/tui_lite.sh - ;; - esac - msg_alert "\033[32m$SET_SWITCH_OK\033[0m" - ;; - *) - errornum - ;; - esac - done + comp_box "\033[30;47m$SET_MENU_TITLE\033[0m" + content_line "1) $SET_MENU_REDIR\t\033[36m$redir_mod$MENU_MOD\033[0m" + content_line "2) $SET_MENU_DNS\t\033[36m$dns_mod\033[0m" + content_line "3) $SET_MENU_FW_FILTER" + [ "$disoverride" != "1" ] && { + content_line "4) $SET_MENU_SKIP_CERT\t\033[36m$skip_cert\033[0m" + content_line "5) $SET_MENU_SNIFFER\t\033[36m$sniffer\033[0m" + content_line "6) $SET_MENU_ADV_PORT" + } + content_line "7) $SET_MENU_IPV6\t\033[36m$ipv6_redir\033[0m" + btm_box "" \ + "a) \033[31m$SET_MENU_RESET\033[0m" \ + "b) \033[36m$SET_MENU_LANG\033[0m" \ + "c) \033[33m$SET_MENU_UI\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ "$USER" != root ] && [ "$USER" != admin ]; then + comp_box "$SET_WARN_NONROOT" + btm_box "1) $SET_YES" \ + "0) $SET_NO_BACK" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + set_redir_mod + else + continue + fi + else + set_redir_mod + fi + ;; + 2) + . "$CRASHDIR"/menus/dns.sh && set_dns_mod + ;; + 3) + . "$CRASHDIR"/menus/fw_filter.sh && set_fw_filter + ;; + 4) + line_break + separator_line "=" + if [ "$skip_cert" = "OFF" ]; then + content_line "$SET_SKIP_CERT_NOW\033[33m$SET_DISABLED\033[0m$SET_SKIP_CERT_ENABLE_Q" + else + content_line "$SET_SKIP_CERT_NOW\033[33m$SET_ENABLED\033[0m$SET_SKIP_CERT_DISABLE_Q" + fi + separator_line "=" + btm_box "1) $SET_YES" \ + "0) $SET_NO_BACK" + read -r -p "$COMMON_INPUT> " num + if [ "$num" = 1 ]; then + if [ "$skip_cert" = OFF ]; then + skip_cert=ON + msg_alert "\033[33m$SET_SKIP_CERT_ON\033[0m" + else + skip_cert=OFF + msg_alert "\033[33m$SET_SKIP_CERT_OFF\033[0m" + fi + setconfig skip_cert $skip_cert + else + continue + fi + ;; + 5) + if [ "$sniffer" = "OFF" ]; then + comp_box "$SET_SNIFFER_NOW\033[33m$SET_DISABLED\033[0m$SET_SNIFFER_ENABLE_Q" + btm_box "1) $SET_YES" \ + "0) $SET_NO_BACK" + read -r -p "$COMMON_INPUT> " num + if [ "$num" = 1 ]; then + line_break + separator_line "=" + if [ "$crashcore" = "clash" ]; then + rm -rf "$TMPDIR/CrashCore" "$CRASHDIR/CrashCore" "$CRASHDIR/CrashCore.tar.gz" + crashcore=meta + setconfig crashcore $crashcore + top_box "$SET_SNIFFER_CORE_SWITCH" \ + "" + fi + sniffer=ON + else + continue + fi + elif [ "$crashcore" = clashpre ] && [ "$dns_mod" = redir_host ]; then + msg_alert "\033[31m$SET_SNIFFER_LOCKED\033[0m" + continue + else + comp_box "$SET_SNIFFER_NOW\033[33m$SET_ENABLED\033[0m$SET_SNIFFER_DISABLE_Q" + btm_box "1) $SET_YES" \ + "0) $SET_NO_BACK" + read -r -p "$COMMON_INPUT> " num + if [ "$num" = 1 ]; then + sniffer=OFF + line_break + separator_line "=" + else + continue + fi + fi + setconfig sniffer "$sniffer" + btm_box "\033[32m$COMMON_SUCCESS\033[0m" + sleep 1 + ;; + 6) + if pidof CrashCore >/dev/null; then + comp_box "\033[33m$SET_CORE_RUNNING\033[0m" \ + "$SET_CORE_STOP_CONFIRM" + btm_box "1) $SET_YES" \ + "0) $SET_NO_BACK" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + "$CRASHDIR/start.sh" stop && set_adv_config + else + continue + fi + else + set_adv_config + fi + ;; + 7) + set_ipv6 + ;; + a) + BACK_TAR="$CRASHDIR/configs.tar.gz" + comp_box "1) $SET_BACKUP" \ + "2) $SET_RESTORE" \ + "3) $SET_RESET" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + continue + ;; + 1) + line_break + separator_line "=" + if tar -zcf "$BACK_TAR" -C "$CRASHDIR/configs/" .; then + content_line "\033[32m$SET_BACKUP_OK $BACK_TAR\033[0m" + else + content_line "\033[31m$SET_BACKUP_FAIL\033[0m" + fi + separator_line "=" + sleep 1 + continue + ;; + 2) + line_break + separator_line "=" + if [ -f "$BACK_TAR" ]; then + tar -zcf "$TMPDIR/configs.tar.gz" -C "$CRASHDIR/configs/" . + rm -rf "$CRASHDIR/configs/*" + tar -zxf "$BACK_TAR" -C "$CRASHDIR"/configs + mv -f "$TMPDIR/configs.tar.gz" "$BACK_TAR" + content_line "\033[32m$SET_RESTORE_OK $BACK_TAR\033[0m" + else + content_line "\033[31m$SET_BACKUP_MISS\033[0m" + fi + ;; + 3) + line_break + separator_line "=" + if tar -zcf "$BACK_TAR" -C "$CRASHDIR/configs/" .; then + rm -rf "$CRASHDIR/configs" + . "$CRASHDIR/init.sh" >/dev/null + content_lin e"\033[32m$SET_RESET_OK\033[0m" + else + content_lin e"\033[32m$SET_RESET_FAIL\033[0m" + fi + ;; + *) + errornum + continue + ;; + esac + content_line "\033[33m$SET_NEED_RESTART\033[0m" + separator_line "=" + line_break + sleep 1 + exit 0 + ;; + b) + comp_box "1) $SET_LANG_ZH" \ + "2) $SET_LANG_EN" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + continue + ;; + 1) + echo chs >"$CRASHDIR"/configs/i18n.cfg + msg_alert "\033[32m切换成功,请重新执行脚本!\033[0m" + ;; + 2) + echo en >"$CRASHDIR"/configs/i18n.cfg + msg_alert "\033[32mLanguage switched successfully! Please re-run the script!\033[0m" + ;; + esac + line_break + exit 0 + ;; + c) + comp_box "1) New Design by Sofia-Riese" \ + "2) TUI-lite" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + continue + ;; + 1) + setconfig tui_type 'tui_layout' + . "$CRASHDIR"/menus/tui_layout.sh + ;; + 2) + setconfig tui_type 'tui_lite' + . "$CRASHDIR"/menus/tui_lite.sh + ;; + esac + msg_alert "\033[32m$SET_SWITCH_OK\033[0m" + ;; + *) + errornum + ;; + esac + done } set_redir_config() { - setconfig redir_mod "$redir_mod" - setconfig dns_mod "$dns_mod" - msg_alert "\033[36m$SET_REDIR_APPLIED $redir_mod $SET_MODE_SUFFIX\033[0m" + setconfig redir_mod "$redir_mod" + setconfig dns_mod "$dns_mod" + msg_alert "\033[36m$SET_REDIR_APPLIED $redir_mod $SET_MODE_SUFFIX\033[0m" } # 路由模式设置 set_redir_mod() { - while true; do - [ -n "$(ls /dev/net/tun 2>/dev/null)" ] || ip tuntap >/dev/null 2>&1 || modprobe tun 2>/dev/null && sup_tun=1 - [ -z "$firewall_area" ] && firewall_area=1 - [ "$firewall_area" = 4 ] && redir_mod="$MENU_PURE_MOD" - [ -z "$redir_mod" ] && redir_mod='Redir' - firewall_area_dsc=$(echo "$SET_FW_AREA_DESC($bypass_host)" | cut -d'|' -f$firewall_area) - comp_box "\033[33m$SET_REDIR_RESTART_HINT\033[0m" \ - "$SET_REDIR_CURRENT\033[47;30m$redir_mod$MENU_MOD\033[0m; $SET_CORE_CURRENT\033[47;30m$crashcore\033[0m" - [ "$firewall_area" -le 3 ] && { - content_line "1) $SET_SET_TO\033[32m$SET_REDIR_REDIR\033[0m:\t$SET_REDIR_REDIRDES" - content_line "2) $SET_SET_TO\033[36m$SET_REDIR_MIX\033[0m:\t$SET_REDIR_MIXDES" - content_line "3) $SET_SET_TO\033[32m$SET_REDIR_TPROXY\033[0m:\t$SET_REDIR_TPROXYDES" - content_line "4) $SET_SET_TO\033[33m$SET_REDIR_TUN\033[0m:\t$SET_REDIR_TUNDES" - content_line "" - } - [ "$firewall_area" = 5 ] && { - content_line "5) \033[32m$SET_BYPASS_TCP\033[0m: $SET_BYPASS_TCP_DESC" - content_line "6) \033[36m$SET_BYPASS_TU\033[0m: $SET_BYPASS_TU_DESC" - content_line "" - } - btm_box "7) $SET_FW_AREA:\t\033[47;30m$firewall_area_dsc\033[0m" \ - "8) $SET_VM_REDIR:\t\033[47;30m$vm_redir\033[0m" \ - "9) $SET_FW_SWITCH:\t\033[47;30m$firewall_mod\033[0m" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - redir_mod=Redir - set_redir_config - ;; - 2) - if [ -n "$sup_tun" ]; then - redir_mod=Mix - set_redir_config - else - msg_alert "\033[31m${SET_NO_MOD}TUN\033[0m" \ - "\033[31m$SET_NO_MOD2\033[0m" - fi - ;; - 3) - if [ "$firewall_mod" = "iptables" ]; then - if [ -f /etc/init.d/qca-nss-ecm ] && [ "$systype" = "mi_snapshot" ]; then - read -r -p "$XIAOMI_QOS(1/0)> " res - [ "$res" = '1' ] && { - /data/shellcrash_init.sh tproxyfix - redir_mod=Tproxy - set_redir_config - } - elif grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then - redir_mod=Tproxy - set_redir_config - else - msg_alert "\033[31m${SET_NO_MOD}iptables-mod-tproxy\033[0m" \ - "\033[31m$SET_NO_MOD2\033[0m" - fi - elif [ "$firewall_mod" = "nftables" ]; then - if modprobe nft_tproxy >/dev/null 2>&1 || lsmod 2>/dev/null | grep -q nft_tproxy; then - redir_mod=Tproxy - set_redir_config - else - msg_alert "\033[31m${SET_NO_MOD}nft_tproxy\033[0m" \ - "\033[31m$SET_NO_MOD2\033[0m" - fi - fi - ;; - 4) - if [ -n "$sup_tun" ]; then - redir_mod=Tun - set_redir_config - else - msg_alert "\033[31m$SET_NO_TUN\033[0m" - fi - ;; - 5) - redir_mod='$SET_BYPASS_TCP' - set_redir_config - ;; - 6) - redir_mod='$SET_BYPASS_TU' - set_redir_config - ;; - 7) - set_firewall_area - ;; - 8) - set_firewall_vm - ;; - 9) - if [ "$firewall_mod" = 'iptables' ]; then - if nft add table inet shellcrash 2>/dev/null; then - firewall_mod=nftables - redir_mod=Redir - setconfig redir_mod $redir_mod - else - msg_alert "\033[31m$FW_NO_NFTABLES\033[0m" - fi - elif [ "$firewall_mod" = 'nftables' ]; then - if ckcmd iptables; then - firewall_mod=iptables - redir_mod=Redir - setconfig redir_mod $redir_mod - else - msg_alert "\033[31m$FW_NO_IPTABLES\033[0m" - fi - else - iptables -j REDIRECT -h >/dev/null 2>&1 && firewall_mod=iptables - nft add table inet shellcrash 2>/dev/null && firewall_mod=nftables - if [ -n "$firewall_mod" ]; then - redir_mod=Redir - setconfig redir_mod $redir_mod - setconfig firewall_mod "$firewall_mod" - else - msg_alert "\033[31m$FW_NO_FIREWALL_BACKEND\033[0m" - fi - fi - setconfig firewall_mod "$firewall_mod" - ;; - *) - errornum - ;; - esac - done + while true; do + [ -n "$(ls /dev/net/tun 2>/dev/null)" ] || ip tuntap >/dev/null 2>&1 || modprobe tun 2>/dev/null && sup_tun=1 + [ -z "$firewall_area" ] && firewall_area=1 + [ "$firewall_area" = 4 ] && redir_mod="$MENU_PURE_MOD" + [ -z "$redir_mod" ] && redir_mod='Redir' + firewall_area_dsc=$(echo "$SET_FW_AREA_DESC($bypass_host)" | cut -d'|' -f$firewall_area) + comp_box "\033[33m$SET_REDIR_RESTART_HINT\033[0m" \ + "$SET_REDIR_CURRENT\033[47;30m$redir_mod$MENU_MOD\033[0m; $SET_CORE_CURRENT\033[47;30m$crashcore\033[0m" + [ "$firewall_area" -le 3 ] && { + content_line "1) $SET_SET_TO\033[32m$SET_REDIR_REDIR\033[0m:\t$SET_REDIR_REDIRDES" + content_line "2) $SET_SET_TO\033[36m$SET_REDIR_MIX\033[0m:\t$SET_REDIR_MIXDES" + content_line "3) $SET_SET_TO\033[32m$SET_REDIR_TPROXY\033[0m:\t$SET_REDIR_TPROXYDES" + content_line "4) $SET_SET_TO\033[33m$SET_REDIR_TUN\033[0m:\t$SET_REDIR_TUNDES" + content_line "" + } + [ "$firewall_area" = 5 ] && { + content_line "5) \033[32m$SET_BYPASS_TCP\033[0m: $SET_BYPASS_TCP_DESC" + content_line "6) \033[36m$SET_BYPASS_TU\033[0m: $SET_BYPASS_TU_DESC" + content_line "" + } + btm_box "7) $SET_FW_AREA:\t\033[47;30m$firewall_area_dsc\033[0m" \ + "8) $SET_VM_REDIR:\t\033[47;30m$vm_redir\033[0m" \ + "9) $SET_FW_SWITCH:\t\033[47;30m$firewall_mod\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + redir_mod=Redir + set_redir_config + ;; + 2) + if [ -n "$sup_tun" ]; then + redir_mod=Mix + set_redir_config + else + msg_alert "\033[31m${SET_NO_MOD}TUN\033[0m" \ + "\033[31m$SET_NO_MOD2\033[0m" + fi + ;; + 3) + if [ "$firewall_mod" = "iptables" ]; then + if [ -f /etc/init.d/qca-nss-ecm ] && [ "$systype" = "mi_snapshot" ]; then + read -r -p "$XIAOMI_QOS(1/0)> " res + [ "$res" = '1' ] && { + /data/shellcrash_init.sh tproxyfix + redir_mod=Tproxy + set_redir_config + } + elif grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then + redir_mod=Tproxy + set_redir_config + else + msg_alert "\033[31m${SET_NO_MOD}iptables-mod-tproxy\033[0m" \ + "\033[31m$SET_NO_MOD2\033[0m" + fi + elif [ "$firewall_mod" = "nftables" ]; then + if modprobe nft_tproxy >/dev/null 2>&1 || lsmod 2>/dev/null | grep -q nft_tproxy; then + redir_mod=Tproxy + set_redir_config + else + msg_alert "\033[31m${SET_NO_MOD}nft_tproxy\033[0m" \ + "\033[31m$SET_NO_MOD2\033[0m" + fi + fi + ;; + 4) + if [ -n "$sup_tun" ]; then + redir_mod=Tun + set_redir_config + else + msg_alert "\033[31m$SET_NO_TUN\033[0m" + fi + ;; + 5) + redir_mod='$SET_BYPASS_TCP' + set_redir_config + ;; + 6) + redir_mod='$SET_BYPASS_TU' + set_redir_config + ;; + 7) + set_firewall_area + ;; + 8) + set_firewall_vm + ;; + 9) + if [ "$firewall_mod" = 'iptables' ]; then + if nft add table inet shellcrash 2>/dev/null; then + firewall_mod=nftables + redir_mod=Redir + setconfig redir_mod $redir_mod + else + msg_alert "\033[31m$FW_NO_NFTABLES\033[0m" + fi + elif [ "$firewall_mod" = 'nftables' ]; then + if ckcmd iptables; then + firewall_mod=iptables + redir_mod=Redir + setconfig redir_mod $redir_mod + else + msg_alert "\033[31m$FW_NO_IPTABLES\033[0m" + fi + else + iptables -j REDIRECT -h >/dev/null 2>&1 && firewall_mod=iptables + nft add table inet shellcrash 2>/dev/null && firewall_mod=nftables + if [ -n "$firewall_mod" ]; then + redir_mod=Redir + setconfig redir_mod $redir_mod + setconfig firewall_mod "$firewall_mod" + else + msg_alert "\033[31m$FW_NO_FIREWALL_BACKEND\033[0m" + fi + fi + setconfig firewall_mod "$firewall_mod" + ;; + *) + errornum + ;; + esac + done } inputport() { - local protocol="${1:-all}" - line_break - read -r -p "$INPUT_PORT(1~65535)> " portx - . "$CRASHDIR"/menus/check_port.sh + local protocol="${1:-all}" + line_break + read -r -p "$INPUT_PORT(1~65535)> " portx + . "$CRASHDIR"/menus/check_port.sh - if ! check_port "$portx" "$protocol"; then - msg_alert "\033[31m$COMMON_FAILED\033[0m" - return 1 - fi + if ! check_port "$portx" "$protocol"; then + msg_alert "\033[31m$COMMON_FAILED\033[0m" + return 1 + fi - local ports_to_check="" - [ "$xport" != "mix_port" ] && ports_to_check="$ports_to_check|$mix_port" - [ "$xport" != "redir_port" ] && ports_to_check="$ports_to_check|$redir_port" - [ "$xport" != "dns_port" ] && ports_to_check="$ports_to_check|$dns_port" - [ "$xport" != "db_port" ] && ports_to_check="$ports_to_check|$db_port" + local ports_to_check="" + [ "$xport" != "mix_port" ] && ports_to_check="$ports_to_check|$mix_port" + [ "$xport" != "redir_port" ] && ports_to_check="$ports_to_check|$redir_port" + [ "$xport" != "dns_port" ] && ports_to_check="$ports_to_check|$dns_port" + [ "$xport" != "db_port" ] && ports_to_check="$ports_to_check|$db_port" - if echo "$ports_to_check|" | grep -q "|$portx|"; then - msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" - return 1 - fi + if echo "$ports_to_check|" | grep -q "|$portx|"; then + msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" + return 1 + fi - setconfig "$xport" "$portx" - msg_alert "\033[32m$COMMON_SUCCESS\033[0m" - return 0 + setconfig "$xport" "$portx" + msg_alert "\033[32m$COMMON_SUCCESS\033[0m" + return 0 } # 端口设置 set_adv_config() { - while true; do - . "$CFG_PATH" >/dev/null - [ -z "$secret" ] && secret="$COMMON_UNSET" - [ -z "$table" ] && table=100 - [ -z "$authentication" ] && auth="$COMMON_UNSET" || auth="******" - comp_box "1) $ADV_HTTP_PORT:\t\033[36m$mix_port\033[0m" \ - "2) $ADV_HTTP_AUTH:\t\033[36m$auth\033[0m" \ - "3) $ADV_REDIR_PORT:\t\033[36m$redir_port,$((redir_port + 1))\033[0m" \ - "4) $ADV_DNS_PORT:\t\t\033[36m$dns_port\033[0m" \ - "5) $ADV_PANEL_PORT:\t\t\033[36m$db_port\033[0m" \ - "6) $ADV_PANEL_PASS:\t\t\033[36m$secret\033[0m" \ - "8) $ADV_HOST:\t\033[36m$host\033[0m" \ - "9) $ADV_TABLE:\t\t\033[36m$table,$((table + 1))\033[0m" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - xport=mix_port - inputport - if [ $? -eq 1 ]; then - break - else - continue - fi - ;; - 2) - comp_box "$ADV_AUTH_FORMAT_DESC" \ - "$ADV_AUTH_WARN" \ - "$ADV_AUTH_REMOVE_HINT" - read -r -p "$ADV_AUTH_INPUT> " input - if [ "$input" = "0" ]; then - authentication="" - setconfig authentication - msg_alert "\033[32m$ADV_AUTH_REMOVED\033[0m" - else - if [ "$local_proxy" = "ON" ] && [ "$local_type" = "$LOCAL_TYPE_ENV" ]; then - msg_alert "\033[33m$ADV_AUTH_ENV_CONFLICT\033[0m" - else - authentication=$(echo "$input" | grep :) - if [ -n "$authentication" ]; then - setconfig authentication "'$authentication'" - msg_alert "\033[32m$COMMON_SUCCESS\033[0m" - else - msg_alert "\033[31m$ADV_AUTH_INVALID\033[0m" - fi - fi - fi - ;; - 3) - xport=redir_port - inputport - if [ $? -eq 1 ]; then - break - else - continue - fi - ;; - 4) - xport=dns_port - inputport - if [ $? -eq 1 ]; then - break - else - continue - fi - ;; - 5) - xport=db_port - inputport tcp - if [ $? -eq 1 ]; then - break - else - continue - fi - ;; - 6) - line_break - read -r -p "$ADV_PANEL_PASS_INPUT> " secret - if [ -n "$secret" ]; then - [ "$secret" = "0" ] && secret="" - if setconfig secret "$secret"; then - common_success - else - common_failed - fi - fi - ;; - 8) - comp_box "\033[33m$ADV_HOST_WARN_LAN\033[0m" \ - "\033[31m$ADV_HOST_WARN_CHANGE\033[0m" - read -r -p "$ADV_HOST_INPUT> " host - if [ "$host" = "0" ]; then - host="" - setconfig host "$host" - msg_alert "\033[32m$ADV_HOST_REMOVED\033[0m" - line_break - exit 0 - elif echo "$host" | grep -Eq '\<([1-9]|[1-9][0-9]|1[0-9]{2}|2[01][0-9]|22[0-3])\>(\.\<([0-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>){2}\.\<([1-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>'; then - if setconfig host "$host"; then - common_success - else - common_failed - fi - else - host="" - msg_alert "\033[31m$ADV_HOST_INVALID\033[0m" - fi - ;; - 9) - comp_box "\033[33m$ADV_TABLE_WARN\033[0m" - read -r -p "$ADV_TABLE_INPUT> " table - if [ -n "$table" ]; then - [ "$table" = "0" ] && table="100" - if setconfig table "$table"; then - common_success - else - common_failed - fi - fi - ;; - *) - errornum - ;; - esac - done + while true; do + . "$CFG_PATH" >/dev/null + [ -z "$secret" ] && secret="$COMMON_UNSET" + [ -z "$table" ] && table=100 + [ -z "$authentication" ] && auth="$COMMON_UNSET" || auth="******" + comp_box "1) $ADV_HTTP_PORT:\t\033[36m$mix_port\033[0m" \ + "2) $ADV_HTTP_AUTH:\t\033[36m$auth\033[0m" \ + "3) $ADV_REDIR_PORT:\t\033[36m$redir_port,$((redir_port + 1))\033[0m" \ + "4) $ADV_DNS_PORT:\t\t\033[36m$dns_port\033[0m" \ + "5) $ADV_PANEL_PORT:\t\t\033[36m$db_port\033[0m" \ + "6) $ADV_PANEL_PASS:\t\t\033[36m$secret\033[0m" \ + "8) $ADV_HOST:\t\033[36m$host\033[0m" \ + "9) $ADV_TABLE:\t\t\033[36m$table,$((table + 1))\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + xport=mix_port + inputport + if [ $? -eq 1 ]; then + break + else + continue + fi + ;; + 2) + comp_box "$ADV_AUTH_FORMAT_DESC" \ + "$ADV_AUTH_WARN" \ + "$ADV_AUTH_REMOVE_HINT" + read -r -p "$ADV_AUTH_INPUT> " input + if [ "$input" = "0" ]; then + authentication="" + setconfig authentication + msg_alert "\033[32m$ADV_AUTH_REMOVED\033[0m" + else + if [ "$local_proxy" = "ON" ] && [ "$local_type" = "$LOCAL_TYPE_ENV" ]; then + msg_alert "\033[33m$ADV_AUTH_ENV_CONFLICT\033[0m" + else + authentication=$(echo "$input" | grep :) + if [ -n "$authentication" ]; then + setconfig authentication "'$authentication'" + msg_alert "\033[32m$COMMON_SUCCESS\033[0m" + else + msg_alert "\033[31m$ADV_AUTH_INVALID\033[0m" + fi + fi + fi + ;; + 3) + xport=redir_port + inputport + if [ $? -eq 1 ]; then + break + else + continue + fi + ;; + 4) + xport=dns_port + inputport + if [ $? -eq 1 ]; then + break + else + continue + fi + ;; + 5) + xport=db_port + inputport tcp + if [ $? -eq 1 ]; then + break + else + continue + fi + ;; + 6) + line_break + read -r -p "$ADV_PANEL_PASS_INPUT> " secret + if [ -n "$secret" ]; then + [ "$secret" = "0" ] && secret="" + if setconfig secret "$secret"; then + common_success + else + common_failed + fi + fi + ;; + 8) + comp_box "\033[33m$ADV_HOST_WARN_LAN\033[0m" \ + "\033[31m$ADV_HOST_WARN_CHANGE\033[0m" + read -r -p "$ADV_HOST_INPUT> " host + if [ "$host" = "0" ]; then + host="" + setconfig host "$host" + msg_alert "\033[32m$ADV_HOST_REMOVED\033[0m" + line_break + exit 0 + elif echo "$host" | grep -Eq '\<([1-9]|[1-9][0-9]|1[0-9]{2}|2[01][0-9]|22[0-3])\>(\.\<([0-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>){2}\.\<([1-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>'; then + if setconfig host "$host"; then + common_success + else + common_failed + fi + else + host="" + msg_alert "\033[31m$ADV_HOST_INVALID\033[0m" + fi + ;; + 9) + comp_box "\033[33m$ADV_TABLE_WARN\033[0m" + read -r -p "$ADV_TABLE_INPUT> " table + if [ -n "$table" ]; then + [ "$table" = "0" ] && table="100" + if setconfig table "$table"; then + common_success + else + common_failed + fi + fi + ;; + *) + errornum + ;; + esac + done } set_firewall_area() { - while true; do - [ -z "$vm_redir" ] && vm_redir='OFF' - comp_box "\033[33m$FW_AREA_NOTE_1\033[0m" \ - "\033[33m$FW_AREA_NOTE_2\033[0m" \ - "" \ - "$SET_FW_AREA_CURRENT$firewall_area_dsc" - btm_box "1) \033[32m$FW_AREA_LAN\033[0m" \ - "2) \033[36m$FW_AREA_LOCAL\033[0m" \ - "3) \033[32m$FW_AREA_BOTH\033[0m" \ - "4) $FW_AREA_NONE" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - [1-4]) - if [ "$firewall_area" -ge 4 ]; then - redir_mod='' - else - redir_mod=Redir - fi - firewall_area="$num" - setconfig firewall_area "$firewall_area" - setconfig redir_mod "$redir_mod" + while true; do + [ -z "$vm_redir" ] && vm_redir='OFF' + comp_box "\033[33m$FW_AREA_NOTE_1\033[0m" \ + "\033[33m$FW_AREA_NOTE_2\033[0m" \ + "" \ + "$SET_FW_AREA_CURRENT$firewall_area_dsc" + btm_box "1) \033[32m$FW_AREA_LAN\033[0m" \ + "2) \033[36m$FW_AREA_LOCAL\033[0m" \ + "3) \033[32m$FW_AREA_BOTH\033[0m" \ + "4) $FW_AREA_NONE" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + [1-4]) + if [ "$firewall_area" -ge 4 ]; then + redir_mod='' + else + redir_mod=Redir + fi + firewall_area="$num" + setconfig firewall_area "$firewall_area" + setconfig redir_mod "$redir_mod" - case "$firewall_area" in - 1) firewall_area_dsc="$FW_AREA_LAN" ;; - 2) firewall_area_dsc="$FW_AREA_LOCAL" ;; - 3) firewall_area_dsc="$FW_AREA_BOTH" ;; - 4) firewall_area_dsc="$FW_AREA_NONE" ;; - esac + case "$firewall_area" in + 1) firewall_area_dsc="$FW_AREA_LAN" ;; + 2) firewall_area_dsc="$FW_AREA_LOCAL" ;; + 3) firewall_area_dsc="$FW_AREA_BOTH" ;; + 4) firewall_area_dsc="$FW_AREA_NONE" ;; + esac - common_success - ;; - 5) - comp_box "\033[31m$SET_WARN\033[0m" \ - "$SET_BYPASS_WARN_1" \ - "$SET_BYPASS_WARN_2" \ - "$SET_BYPASS_WARN_3" \ - "\033[33m$SET_DESC\033[0m" \ - "$SET_BYPASS_DESC_1" \ - "$SET_BYPASS_DESC_2" - read -r -p "$SET_INPUT_BYPASS_IPV4> " bypass_host - [ -n "$bypass_host" ] && { - firewall_area=$num - setconfig firewall_area "$firewall_area" - setconfig bypass_host "$bypass_host" - redir_mod=$SET_BYPASS_TCP - setconfig redir_mod $redir_mod - } - ;; - *) - errornum - ;; - esac - done + common_success + ;; + 5) + comp_box "\033[31m$SET_WARN\033[0m" \ + "$SET_BYPASS_WARN_1" \ + "$SET_BYPASS_WARN_2" \ + "$SET_BYPASS_WARN_3" \ + "\033[33m$SET_DESC\033[0m" \ + "$SET_BYPASS_DESC_1" \ + "$SET_BYPASS_DESC_2" + read -r -p "$SET_INPUT_BYPASS_IPV4> " bypass_host + [ -n "$bypass_host" ] && { + firewall_area=$num + setconfig firewall_area "$firewall_area" + setconfig bypass_host "$bypass_host" + redir_mod=$SET_BYPASS_TCP + setconfig redir_mod $redir_mod + } + ;; + *) + errornum + ;; + esac + done } set_firewall_vm() { - [ -z "$vm_ipv4" ] && vm_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -E 'docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | sed 's/.*inet.//g' | sed 's/ br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ') - comp_box "$VM_DETECT_DESC\033[32m$vm_ipv4\033[0m" - btm_box "1) \033[32m$VM_ENABLE_AUTO\033[0m" \ - "2) \033[36m$VM_ENABLE_MANUAL\033[0m" \ - "3) \033[31m$VM_DISABLE\033[0m" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - 1) - if [ -n "$vm_ipv4" ]; then - vm_redir=ON - common_success - else - msg_alert "\033[33m$VM_NO_NET_DETECTED\033[0m" - fi + [ -z "$vm_ipv4" ] && vm_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -E 'docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | sed 's/.*inet.//g' | sed 's/ br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ') + comp_box "$VM_DETECT_DESC\033[32m$vm_ipv4\033[0m" + btm_box "1) \033[32m$VM_ENABLE_AUTO\033[0m" \ + "2) \033[36m$VM_ENABLE_MANUAL\033[0m" \ + "3) \033[31m$VM_DISABLE\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + 1) + if [ -n "$vm_ipv4" ]; then + vm_redir=ON + common_success + else + msg_alert "\033[33m$VM_NO_NET_DETECTED\033[0m" + fi - ;; - 2) - comp_box "$VM_INPUT_DESC_1" \ - "$VM_INPUT_DESC_2 \033[32m10.88.0.0/16 172.17.0.0/16\033[0m" \ - "" \ - "$SET_TIPS_ENTER_BACK" - read -r -p "$VM_INPUT_NET> " text - [ -n "$text" ] && vm_ipv4="$text" && vm_redir=ON - ;; - 3) - vm_redir=OFF - vm_ipv4='' - common_success - ;; - *) ;; - esac - case "$num" in - 1-3) - setconfig vm_redir "$vm_redir" - setconfig vm_ipv4 "'$vm_ipv4'" - ;; - esac + ;; + 2) + comp_box "$VM_INPUT_DESC_1" \ + "$VM_INPUT_DESC_2 \033[32m10.88.0.0/16 172.17.0.0/16\033[0m" \ + "" \ + "$SET_TIPS_ENTER_BACK" + read -r -p "$VM_INPUT_NET> " text + [ -n "$text" ] && vm_ipv4="$text" && vm_redir=ON + ;; + 3) + vm_redir=OFF + vm_ipv4='' + common_success + ;; + *) ;; + esac + case "$num" in + 1-3) + setconfig vm_redir "$vm_redir" + setconfig vm_ipv4 "'$vm_ipv4'" + ;; + esac } # ipv6设置 set_ipv6() { - while true; do - [ -z "$ipv6_redir" ] && ipv6_redir=OFF - [ -z "$ipv6_dns" ] && ipv6_dns=ON + while true; do + [ -z "$ipv6_redir" ] && ipv6_redir=OFF + [ -z "$ipv6_dns" ] && ipv6_dns=ON - top_box "1) $IPV6_REDIR:\t\033[36m$ipv6_redir\033[0m" - [ "$disoverride" != "1" ] && content_line "2) $IPV6_DNS:\t\033[36m$ipv6_dns\033[0m" - btm_box "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ "$ipv6_redir" = "OFF" ]; then - ipv6_support=ON - ipv6_redir=ON - else - ipv6_redir=OFF - fi - setconfig ipv6_redir $ipv6_redir - setconfig ipv6_support "$ipv6_support" - common_success - ;; - 2) - [ "$ipv6_dns" = OFF ] && ipv6_dns=ON || ipv6_dns=OFF - if setconfig ipv6_dns "$ipv6_dns"; then - common_success - else - common_failed - fi - ;; - *) - errornum - ;; - esac - done + top_box "1) $IPV6_REDIR:\t\033[36m$ipv6_redir\033[0m" + [ "$disoverride" != "1" ] && content_line "2) $IPV6_DNS:\t\033[36m$ipv6_dns\033[0m" + btm_box "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ "$ipv6_redir" = "OFF" ]; then + ipv6_support=ON + ipv6_redir=ON + else + ipv6_redir=OFF + fi + setconfig ipv6_redir $ipv6_redir + setconfig ipv6_support "$ipv6_support" + common_success + ;; + 2) + [ "$ipv6_dns" = OFF ] && ipv6_dns=ON || ipv6_dns=OFF + if setconfig ipv6_dns "$ipv6_dns"; then + common_success + else + common_failed + fi + ;; + *) + errornum + ;; + esac + done } diff --git a/scripts/menus/6_core_config.sh b/scripts/menus/6_core_config.sh index c084c1cb..f2dca748 100644 --- a/scripts/menus/6_core_config.sh +++ b/scripts/menus/6_core_config.sh @@ -22,7 +22,7 @@ set_core_config() { LC_ALL=C awk '{ f1 = $1 f2 = $2 - gsub(/\360[\200-\277][\200-\277][\200-\277]/,"",f1) + gsub(/\360[\200-\277][\200-\277][\200-\277]/,"",f1) if (length(f1) > 12) f1 = substr(f1, 1, 8) ".." if (length(f2) > 30) diff --git a/scripts/menus/7_gateway.sh b/scripts/menus/7_gateway.sh index dd567ef4..7338b9f9 100644 --- a/scripts/menus/7_gateway.sh +++ b/scripts/menus/7_gateway.sh @@ -11,176 +11,176 @@ load_lang 7_gateway # 访问与控制主菜单 gateway() { - while true; do - comp_box "\033[30;47m$GW_TITLE\033[0m" - content_line "1) $GW_MENU_FW_WAN \033[32m$fw_wan\033[0m" - content_line "2) $GW_MENU_TG_BOT \033[32m$bot_tg_service\033[0m" - content_line "3) $GW_MENU_DDNS" - [ "$disoverride" != "1" ] && { - content_line "4) $GW_MENU_VMESS \033[32m$vms_service\033[0m" - content_line "5) $GW_MENU_SHADOWSOCKS \033[32m$sss_service\033[0m" - content_line "6) $GW_MENU_TS \033[32m$ts_service\033[0m" - content_line "7) $GW_MENU_WG \033[32m$wg_service\033[0m" - } - btm_box "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ -n "$(pidof CrashCore)" ] && [ "$firewall_mod" = 'iptables' ]; then - comp_box "\033[33m$GW_FW_STOP_WARN\033[0m" \ - "$GW_CONFIRM_CONTINUE" - btm_box "1) $GW_YES" \ - "0) $GW_NO_BACK" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - "$CRASHDIR"/start.sh stop && set_fw_wan - else - continue - fi - else - set_fw_wan - fi - ;; - 2) - set_bot_tg - ;; - 3) - . "$CRASHDIR"/menus/ddns.sh && ddns_menu - ;; - 4) - set_vmess - ;; - 5) - set_shadowsocks - ;; - 6) - if echo "$crashcore" | grep -q 'sing'; then - set_tailscale - else - msg_alert "\033[33m$crashcore$GW_CORE_UNSUPPORTED\033[0m" - fi - ;; - 7) - if echo "$crashcore" | grep -q 'sing'; then - set_wireguard - else - msg_alert "\033[33m$crashcore$GW_CORE_UNSUPPORTED\033[0m" - fi - ;; - *) - errornum - ;; - esac - done + while true; do + comp_box "\033[30;47m$GW_TITLE\033[0m" + content_line "1) $GW_MENU_FW_WAN \033[32m$fw_wan\033[0m" + content_line "2) $GW_MENU_TG_BOT \033[32m$bot_tg_service\033[0m" + content_line "3) $GW_MENU_DDNS" + [ "$disoverride" != "1" ] && { + content_line "4) $GW_MENU_VMESS \033[32m$vms_service\033[0m" + content_line "5) $GW_MENU_SHADOWSOCKS \033[32m$sss_service\033[0m" + content_line "6) $GW_MENU_TS \033[32m$ts_service\033[0m" + content_line "7) $GW_MENU_WG \033[32m$wg_service\033[0m" + } + btm_box "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ -n "$(pidof CrashCore)" ] && [ "$firewall_mod" = 'iptables' ]; then + comp_box "\033[33m$GW_FW_STOP_WARN\033[0m" \ + "$GW_CONFIRM_CONTINUE" + btm_box "1) $GW_YES" \ + "0) $GW_NO_BACK" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + "$CRASHDIR"/start.sh stop && set_fw_wan + else + continue + fi + else + set_fw_wan + fi + ;; + 2) + set_bot_tg + ;; + 3) + . "$CRASHDIR"/menus/ddns.sh && ddns_menu + ;; + 4) + set_vmess + ;; + 5) + set_shadowsocks + ;; + 6) + if echo "$crashcore" | grep -q 'sing'; then + set_tailscale + else + msg_alert "\033[33m$crashcore$GW_CORE_UNSUPPORTED\033[0m" + fi + ;; + 7) + if echo "$crashcore" | grep -q 'sing'; then + set_wireguard + else + msg_alert "\033[33m$crashcore$GW_CORE_UNSUPPORTED\033[0m" + fi + ;; + *) + errornum + ;; + esac + done } # 公网防火墙 set_fw_wan() { - while true; do - [ -z "$fw_wan" ] && fw_wan=ON - line_break - separator_line "=" - content_line "\033[31m$GW_WARN\033[0m$GW_FW_VPS_HINT" - [ -n "$fw_wan_ports" ] && - content_line "$GW_FW_MANUAL_PORTS\033[36m$fw_wan_ports\033[0m" - [ -n "$vms_port$sss_port" ] && - content_line "$GW_FW_AUTO_PORTS\033[36m$vms_port $sss_port\033[0m" - content_line "$GW_FW_DEFAULT_BLOCK\033[33m$mix_port,$db_port\033[0m" - separator_line "=" - btm_box "1) $GW_FW_TOGGLE\033[36m$fw_wan\033[0m" \ - "2) $GW_FW_ADD_PORT" \ - "3) $GW_FW_REMOVE_PORT" \ - "4) $GW_FW_CLEAR_PORTS" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case $num in - "" | 0) - break - ;; - 1) - if [ "$fw_wan" = ON ]; then - comp_box "$GW_FW_DISABLE_CONFIRM" \ - "$GW_FW_DISABLE_RISK" - btm_box "1) $GW_YES" \ - "0) $GW_NO_BACK" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - fw_wan=OFF - else - fw_wan=ON - fi - else - fw_wan=ON - fi - setconfig fw_wan "$fw_wan" - ;; - 2) - port_count=$(echo "$fw_wan_ports" | awk -F',' '{print NF}') - if [ "$port_count" -ge 10 ]; then - msg_alert "\033[31m$GW_FW_PORT_LIMIT\033[0m" - else - line_break - read -r -p "$GW_INPUT_ALLOW_PORT> " port - if echo ",$fw_wan_ports," | grep -q ",$port,"; then - msg_alert "\033[31m$GW_ERR_DUP_PORT\033[0m" - elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then - msg_alert "\033[31m$GW_ERR_PORT_RANGE\033[0m" - else - fw_wan_ports=$(echo "$fw_wan_ports,$port" | sed "s/^,//") - if setconfig fw_wan_ports "$fw_wan_ports"; then - common_success - else - common_faileds - fi - fi - fi - ;; - 3) - while true; do - comp_box "\033[36m$GW_INPUT_REMOVE_PORT\033[0m" \ - "$GW_INPUT_0_BACK" - read -r -p "$GW_INPUT_PLAIN> " port - if [ "$port" = 0 ]; then - break - elif echo ",$fw_wan_ports," | grep -q ",$port,"; then - if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then - msg_alert "\033[31m$GW_ERR_INPUT\033[0m" \ - "\033[31m$GW_ERR_PORT_RANGE\033[0m" - else - fw_wan_ports=$(echo ",$fw_wan_ports," | sed "s/,$port//; s/^,//; s/,$//") - setconfig fw_wan_ports "$fw_wan_ports" - break - fi - else - msg_alert "\033[31m$GW_ERR_INPUT\033[0m" \ - "\033[31m$GW_ERR_PORT_NOT_FOUND\033[0m" - fi - done - ;; - 4) - fw_wan_ports='' - setconfig fw_wan_ports - msg_alert "\033[32m$GW_OK\033[0m" - ;; - *) - errornum - ;; - esac - done + while true; do + [ -z "$fw_wan" ] && fw_wan=ON + line_break + separator_line "=" + content_line "\033[31m$GW_WARN\033[0m$GW_FW_VPS_HINT" + [ -n "$fw_wan_ports" ] && + content_line "$GW_FW_MANUAL_PORTS\033[36m$fw_wan_ports\033[0m" + [ -n "$vms_port$sss_port" ] && + content_line "$GW_FW_AUTO_PORTS\033[36m$vms_port $sss_port\033[0m" + content_line "$GW_FW_DEFAULT_BLOCK\033[33m$mix_port,$db_port\033[0m" + separator_line "=" + btm_box "1) $GW_FW_TOGGLE\033[36m$fw_wan\033[0m" \ + "2) $GW_FW_ADD_PORT" \ + "3) $GW_FW_REMOVE_PORT" \ + "4) $GW_FW_CLEAR_PORTS" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case $num in + "" | 0) + break + ;; + 1) + if [ "$fw_wan" = ON ]; then + comp_box "$GW_FW_DISABLE_CONFIRM" \ + "$GW_FW_DISABLE_RISK" + btm_box "1) $GW_YES" \ + "0) $GW_NO_BACK" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + fw_wan=OFF + else + fw_wan=ON + fi + else + fw_wan=ON + fi + setconfig fw_wan "$fw_wan" + ;; + 2) + port_count=$(echo "$fw_wan_ports" | awk -F',' '{print NF}') + if [ "$port_count" -ge 10 ]; then + msg_alert "\033[31m$GW_FW_PORT_LIMIT\033[0m" + else + line_break + read -r -p "$GW_INPUT_ALLOW_PORT> " port + if echo ",$fw_wan_ports," | grep -q ",$port,"; then + msg_alert "\033[31m$GW_ERR_DUP_PORT\033[0m" + elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then + msg_alert "\033[31m$GW_ERR_PORT_RANGE\033[0m" + else + fw_wan_ports=$(echo "$fw_wan_ports,$port" | sed "s/^,//") + if setconfig fw_wan_ports "$fw_wan_ports"; then + common_success + else + common_faileds + fi + fi + fi + ;; + 3) + while true; do + comp_box "\033[36m$GW_INPUT_REMOVE_PORT\033[0m" \ + "$GW_INPUT_0_BACK" + read -r -p "$GW_INPUT_PLAIN> " port + if [ "$port" = 0 ]; then + break + elif echo ",$fw_wan_ports," | grep -q ",$port,"; then + if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then + msg_alert "\033[31m$GW_ERR_INPUT\033[0m" \ + "\033[31m$GW_ERR_PORT_RANGE\033[0m" + else + fw_wan_ports=$(echo ",$fw_wan_ports," | sed "s/,$port//; s/^,//; s/,$//") + setconfig fw_wan_ports "$fw_wan_ports" + break + fi + else + msg_alert "\033[31m$GW_ERR_INPUT\033[0m" \ + "\033[31m$GW_ERR_PORT_NOT_FOUND\033[0m" + fi + done + ;; + 4) + fw_wan_ports='' + setconfig fw_wan_ports + msg_alert "\033[32m$GW_OK\033[0m" + ;; + *) + errornum + ;; + esac + done } # tg_BOT相关 set_bot_tg_config() { - setconfig TG_TOKEN "$TOKEN" "$GT_CFG_PATH" - setconfig TG_CHATID "$chat_ID" "$GT_CFG_PATH" - # 设置机器人快捷命令 - JSON=$( - cat < " num - case "$num" in - "" | 0) - break - ;; - 1) - . "$GT_CFG_PATH" - if [ -n "$TG_CHATID" ]; then - set_bot_tg_service - else - msg_alert "\033[31m$GW_TG_BIND_FIRST\033[0m" - fi - ;; - 2) - if [ -n "$chat_ID" ] && [ -n "$push_TG" ] && [ "$push_TG" != 'publictoken' ]; then - comp_box "$GW_TG_BOUND_DETECTED" \ - "$GW_TG_USE_DIRECT" - btm_box "1) $GW_YES" \ - "0) $GW_NO" - read -r -p "$COMMON_INPUT> " res - if [ "$res" = 1 ]; then - TOKEN="$push_TG" - set_bot_tg_config - continue - fi - fi - set_bot_tg_init - ;; - 3) - if [ "$TG_menupush" = ON ]; then - TG_menupush=OFF - else - TG_menupush=ON - fi - setconfig TG_menupush "$TG_menupush" "$GT_CFG_PATH" - set_bot_tg - ;; - *) - errornum - ;; - esac - done + while true; do + [ -n "$ts_auth_key" ] && ts_auth_key_info="$GW_SET" + [ -n "$TG_CHATID" ] && TG_CHATID_info="$GW_BOUND" + comp_box "\033[31m$GW_WARN\033[0m$GW_TG_WARN" + btm_box "1) $GW_TG_TOGGLE \033[32m$bot_tg_service\033[0m" \ + "2) $GW_TG_BIND \033[32m$TG_CHATID_info\033[0m" \ + "3) $GW_TG_MENUPUSH \033[32m$TG_menupush\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + . "$GT_CFG_PATH" + if [ -n "$TG_CHATID" ]; then + set_bot_tg_service + else + msg_alert "\033[31m$GW_TG_BIND_FIRST\033[0m" + fi + ;; + 2) + if [ -n "$chat_ID" ] && [ -n "$push_TG" ] && [ "$push_TG" != 'publictoken' ]; then + comp_box "$GW_TG_BOUND_DETECTED" \ + "$GW_TG_USE_DIRECT" + btm_box "1) $GW_YES" \ + "0) $GW_NO" + read -r -p "$COMMON_INPUT> " res + if [ "$res" = 1 ]; then + TOKEN="$push_TG" + set_bot_tg_config + continue + fi + fi + set_bot_tg_init + ;; + 3) + if [ "$TG_menupush" = ON ]; then + TG_menupush=OFF + else + TG_menupush=ON + fi + setconfig TG_menupush "$TG_menupush" "$GT_CFG_PATH" + set_bot_tg + ;; + *) + errornum + ;; + esac + done } # 自定义入站 set_vmess() { - while true; do - comp_box "\033[31m$GW_WARN\033[0m" \ - "$GW_INBOUND_WARN_PORT" \ - "$GW_INBOUND_WARN_BASIC" \ - "\033[31m$GW_INBOUND_WARN_ILLEGAL\033[0m" - content_line "1) \033[32m$GW_VMS_TOGGLE\033[0m \033[32m$vms_service\033[0m" - content_line "2) $GW_SET_LISTEN_PORT \033[36m$vms_port\033[0m" - content_line "3) $GW_SET_WSPATH \033[33m$vms_ws_path\033[0m" - content_line "4) $GW_SET_UUID \033[36m$vms_uuid\033[0m" - content_line "5) $GW_GEN_RANDOM_KEY" - gen_base64 1 >/dev/null 2>&1 && - content_line "6) $GW_SET_OBFS_HOST \033[33m$vms_host\033[0m" - btm_box "7) $GW_GEN_SHARE_LINK" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ "$vms_service" = ON ]; then - vms_service=OFF - setconfig vms_service "$vms_service" - else - if [ -n "$vms_port" ] && [ -n "$vms_uuid" ]; then - vms_service=ON - setconfig vms_service "$vms_service" - else - msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" - fi - fi - ;; - 2) - line_break - read -r -p "$GW_INPUT_PORT_DEL0> " text - if [ "$text" = 0 ]; then - vms_port='' - setconfig vms_port "" "$GT_CFG_PATH" - elif check_port "$text"; then - if echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep -q "|$text|"; then - msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" - sleep 1 - else - vms_port="$text" - setconfig vms_port "$text" "$GT_CFG_PATH" - fi - else - sleep 1 - fi - ;; - 3) - line_break - read -r -p "$GW_INPUT_WSPATH> " text - if [ "$text" = 0 ]; then - vms_ws_path='' - setconfig vms_ws_path "" "$GT_CFG_PATH" - elif echo "$text" | grep -qE '^/'; then - vms_ws_path="$text" - setconfig vms_ws_path "$text" "$GT_CFG_PATH" - else - msg_alert "\033[31m$GW_ERR_WSPATH\033[0m" - fi - ;; - 4) - line_break - read -r -p "$GW_INPUT_UUID> " text - if [ "$text" = 0 ]; then - vms_uuid='' - setconfig vms_uuid "" "$GT_CFG_PATH" - elif echo "$text" | grep -qiE '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$'; then - vms_uuid="$text" - setconfig vms_uuid "$text" "$GT_CFG_PATH" - else - msg_alert "\033[31m$GW_ERR_UUID\033[0m" - fi - ;; - 5) - vms_uuid=$(cat /proc/sys/kernel/random/uuid) - setconfig vms_uuid "$vms_uuid" "$GT_CFG_PATH" - sleep 1 - ;; - 6) - line_break - read -r -p "$GW_INPUT_OBFS_HOST> " text - if [ "$text" = 0 ]; then - vms_host='' - setconfig vms_host "" "$GT_CFG_PATH" - else - vms_host="$text" - setconfig vms_host "$text" "$GT_CFG_PATH" - fi - ;; - 7) - line_break - read -r -p "$GW_INPUT_HOST> " host_wan - if [ -n "$host_wan" ] && [ -n "$vms_port" ] && [ -n "$vms_uuid" ]; then - [ -n "$vms_ws_path" ] && vms_net=ws - vms_json=$( - cat </dev/null 2>&1 && + content_line "6) $GW_SET_OBFS_HOST \033[33m$vms_host\033[0m" + btm_box "7) $GW_GEN_SHARE_LINK" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ "$vms_service" = ON ]; then + vms_service=OFF + setconfig vms_service "$vms_service" + else + if [ -n "$vms_port" ] && [ -n "$vms_uuid" ]; then + vms_service=ON + setconfig vms_service "$vms_service" + else + msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" + fi + fi + ;; + 2) + line_break + read -r -p "$GW_INPUT_PORT_DEL0> " text + if [ "$text" = 0 ]; then + vms_port='' + setconfig vms_port "" "$GT_CFG_PATH" + elif check_port "$text"; then + if echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep -q "|$text|"; then + msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" + sleep 1 + else + vms_port="$text" + setconfig vms_port "$text" "$GT_CFG_PATH" + fi + else + sleep 1 + fi + ;; + 3) + line_break + read -r -p "$GW_INPUT_WSPATH> " text + if [ "$text" = 0 ]; then + vms_ws_path='' + setconfig vms_ws_path "" "$GT_CFG_PATH" + elif echo "$text" | grep -qE '^/'; then + vms_ws_path="$text" + setconfig vms_ws_path "$text" "$GT_CFG_PATH" + else + msg_alert "\033[31m$GW_ERR_WSPATH\033[0m" + fi + ;; + 4) + line_break + read -r -p "$GW_INPUT_UUID> " text + if [ "$text" = 0 ]; then + vms_uuid='' + setconfig vms_uuid "" "$GT_CFG_PATH" + elif echo "$text" | grep -qiE '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$'; then + vms_uuid="$text" + setconfig vms_uuid "$text" "$GT_CFG_PATH" + else + msg_alert "\033[31m$GW_ERR_UUID\033[0m" + fi + ;; + 5) + vms_uuid=$(cat /proc/sys/kernel/random/uuid) + setconfig vms_uuid "$vms_uuid" "$GT_CFG_PATH" + sleep 1 + ;; + 6) + line_break + read -r -p "$GW_INPUT_OBFS_HOST> " text + if [ "$text" = 0 ]; then + vms_host='' + setconfig vms_host "" "$GT_CFG_PATH" + else + vms_host="$text" + setconfig vms_host "$text" "$GT_CFG_PATH" + fi + ;; + 7) + line_break + read -r -p "$GW_INPUT_HOST> " host_wan + if [ -n "$host_wan" ] && [ -n "$vms_port" ] && [ -n "$vms_uuid" ]; then + [ -n "$vms_ws_path" ] && vms_net=ws + vms_json=$( + cat </dev/null 2>&1 && - content_line "5) $GW_GEN_SHARE_LINK" - btm_box "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ "$sss_service" = ON ]; then - sss_service=OFF - setconfig sss_service "$sss_service" - else - if [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ]; then - sss_service=ON - setconfig sss_service "$sss_service" - else - msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" - fi - fi - ;; - 2) - line_break - read -r -p "$GW_INPUT_PORT_DEL0> " text - if [ "$text" = 0 ]; then - sss_port='' - setconfig sss_port "" "$GT_CFG_PATH" - elif check_port "$text"; then - if echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep -q "|$text|"; then - msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" - sleep 1 - else - sss_port="$text" - setconfig sss_port "$text" "$GT_CFG_PATH" - fi - else - sleep 1 - fi - ;; - 3) - comp_box "$GW_SS_SELECT_CIPHER" - content_line "1) \033[32mxchacha20-ietf-poly1305\033[0m" - content_line "2) \033[32mchacha20-ietf-poly1305\033[0m" - content_line "3) \033[32maes-128-gcm\033[0m" - content_line "4) \033[32maes-256-gcm\033[0m" - gen_random 1 >/dev/null && { - content_line "" - content_line "$GW_SS_2022_NOTE_HEADER" - content_line "$GW_SS_2022_REQUIRE" - content_line "5) \033[32m2022-blake3-chacha20-poly1305\033[0m" - content_line "6) \033[32m2022-blake3-aes-128-gcm\033[0m" - content_line "7) \033[32m2022-blake3-aes-256-gcm\033[0m" - } - btm_box "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - 0) ;; - 1) - sss_cipher=xchacha20-ietf-poly1305 - sss_pwd=$(gen_random 16) - ;; - 2) - sss_cipher=chacha20-ietf-poly1305 - sss_pwd=$(gen_random 16) - ;; - 3) - sss_cipher=aes-128-gcm - sss_pwd=$(gen_random 16) - ;; - 4) - sss_cipher=aes-256-gcm - sss_pwd=$(gen_random 16) - ;; - 5) - sss_cipher=2022-blake3-chacha20-poly1305 - sss_pwd=$(gen_random 32) - ;; - 6) - sss_cipher=2022-blake3-aes-128-gcm - sss_pwd=$(gen_random 16) - ;; - 7) - sss_cipher=2022-blake3-aes-256-gcm - sss_pwd=$(gen_random 32) - ;; - *) - errornum - ;; - esac - setconfig sss_cipher "$sss_cipher" "$GT_CFG_PATH" - setconfig sss_pwd "$sss_pwd" "$GT_CFG_PATH" - ;; - 4) - if echo "$sss_cipher" | grep -q '2022-blake3'; then - msg_alert "\033[31m$GW_WARN\033[0m$GW_SS_2022_PASSWORD_ONLY" - else - line_break - read -r -p "$GW_INPUT_PWD_DEL0> " text - [ "$text" = 0 ] && sss_pwd='' || sss_pwd="$text" - setconfig sss_pwd "$text" "$GT_CFG_PATH" - fi - ;; - 5) - line_break - read -r -p "$GW_INPUT_HOST> " text - if [ -n "$text" ] && [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ]; then - ss_link="ss://$(gen_base64 "$sss_cipher":"$sss_pwd")@${text}:${sss_port}#ShellCrash_ss_in" - line_break - echo -e "$GW_SHARE_LINK_HINT\n\033[32m$ss_link\033[0m" - sleep 1 - else - msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" - fi - ;; - *) - errornum - ;; - esac - done + while true; do + comp_box "\033[31m$GW_WARN\033[0m" \ + "$GW_INBOUND_WARN_PORT" \ + "$GW_INBOUND_WARN_BASIC" \ + "\033[31m$GW_INBOUND_WARN_ILLEGAL\033[0m" + content_line "1) \033[32m$GW_SS_TOGGLE\033[0m \033[32m$sss_service\033[0m" + content_line "2) $GW_SET_LISTEN_PORT \033[36m$sss_port\033[0m" + content_line "3) $GW_SS_SELECT_CIPHER \033[33m$sss_cipher\033[0m" + content_line "4) $GW_SS_SET_PWD \033[36m$sss_pwd\033[0m" + gen_base64 1 >/dev/null 2>&1 && + content_line "5) $GW_GEN_SHARE_LINK" + btm_box "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ "$sss_service" = ON ]; then + sss_service=OFF + setconfig sss_service "$sss_service" + else + if [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ]; then + sss_service=ON + setconfig sss_service "$sss_service" + else + msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" + fi + fi + ;; + 2) + line_break + read -r -p "$GW_INPUT_PORT_DEL0> " text + if [ "$text" = 0 ]; then + sss_port='' + setconfig sss_port "" "$GT_CFG_PATH" + elif check_port "$text"; then + if echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep -q "|$text|"; then + msg_alert "\033[31m$CHECK_PORT_DUP_ERR\033[0m" + sleep 1 + else + sss_port="$text" + setconfig sss_port "$text" "$GT_CFG_PATH" + fi + else + sleep 1 + fi + ;; + 3) + comp_box "$GW_SS_SELECT_CIPHER" + content_line "1) \033[32mxchacha20-ietf-poly1305\033[0m" + content_line "2) \033[32mchacha20-ietf-poly1305\033[0m" + content_line "3) \033[32maes-128-gcm\033[0m" + content_line "4) \033[32maes-256-gcm\033[0m" + gen_random 1 >/dev/null && { + content_line "" + content_line "$GW_SS_2022_NOTE_HEADER" + content_line "$GW_SS_2022_REQUIRE" + content_line "5) \033[32m2022-blake3-chacha20-poly1305\033[0m" + content_line "6) \033[32m2022-blake3-aes-128-gcm\033[0m" + content_line "7) \033[32m2022-blake3-aes-256-gcm\033[0m" + } + btm_box "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + 0) ;; + 1) + sss_cipher=xchacha20-ietf-poly1305 + sss_pwd=$(gen_random 16) + ;; + 2) + sss_cipher=chacha20-ietf-poly1305 + sss_pwd=$(gen_random 16) + ;; + 3) + sss_cipher=aes-128-gcm + sss_pwd=$(gen_random 16) + ;; + 4) + sss_cipher=aes-256-gcm + sss_pwd=$(gen_random 16) + ;; + 5) + sss_cipher=2022-blake3-chacha20-poly1305 + sss_pwd=$(gen_random 32) + ;; + 6) + sss_cipher=2022-blake3-aes-128-gcm + sss_pwd=$(gen_random 16) + ;; + 7) + sss_cipher=2022-blake3-aes-256-gcm + sss_pwd=$(gen_random 32) + ;; + *) + errornum + ;; + esac + setconfig sss_cipher "$sss_cipher" "$GT_CFG_PATH" + setconfig sss_pwd "$sss_pwd" "$GT_CFG_PATH" + ;; + 4) + if echo "$sss_cipher" | grep -q '2022-blake3'; then + msg_alert "\033[31m$GW_WARN\033[0m$GW_SS_2022_PASSWORD_ONLY" + else + line_break + read -r -p "$GW_INPUT_PWD_DEL0> " text + [ "$text" = 0 ] && sss_pwd='' || sss_pwd="$text" + setconfig sss_pwd "$text" "$GT_CFG_PATH" + fi + ;; + 5) + line_break + read -r -p "$GW_INPUT_HOST> " text + if [ -n "$text" ] && [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ]; then + ss_link="ss://$(gen_base64 "$sss_cipher":"$sss_pwd")@${text}:${sss_port}#ShellCrash_ss_in" + line_break + echo -e "$GW_SHARE_LINK_HINT\n\033[32m$ss_link\033[0m" + sleep 1 + else + msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" + fi + ;; + *) + errornum + ;; + esac + done } # 自定义端点 set_tailscale() { - while true; do - [ -n "$ts_auth_key" ] && ts_auth_key_info='*********' - comp_box "\033[31m$GW_WARN\033[0m$GW_TS_WARN" \ - "$GW_TS_KEY_URL" \ - "$GW_TS_ALLOW_URL" \ - "$GW_TS_SUBNET_EXIT_HINT" - btm_box "1) \033[32m$GW_TS_TOGGLE\033[0m \033[32m$ts_service\033[0m" \ - "2) $GW_TS_SET_AUTHKEY $ts_auth_key_info" \ - "3) $GW_TS_SUBNET \033[36m$ts_subnet\033[0m" \ - "4) $GW_TS_EXIT_NODE \033[36m$ts_exit_node\033[0m" \ - "5) $GW_TS_HOSTNAME $ts_hostname" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ -n "$ts_auth_key" ]; then - [ "$ts_service" = ON ] && ts_service=OFF || ts_service=ON - setconfig ts_service "$ts_service" - else - msg_alert "\033[31m$GW_TS_SET_KEY_FIRST\033[0m" - fi - ;; - 2) - line_break - read -r -p "$GW_TS_INPUT_KEY> " text - [ "$text" = 0 ] && unset ts_auth_key ts_auth_key_info || ts_auth_key="$text" - setconfig ts_auth_key "$ts_auth_key" "$GT_CFG_PATH" - ;; - 3) - [ "$ts_subnet" = true ] && ts_subnet=false || ts_subnet=true - setconfig ts_subnet "$ts_subnet" "$GT_CFG_PATH" - ;; - 4) - if [ "$ts_exit_node" = true ]; then - ts_exit_node=false - else - ts_exit_node=true - msg_alert -t 3 "\033[31m$GW_WARN\033[0m$GW_TS_EXITNODE_WARN" - fi - setconfig ts_exit_node "$ts_exit_node" "$GT_CFG_PATH" - ;; - 5) - comp_box "\033[36m$GW_TS_INPUT_NAME\033[0m" \ - "$GW_INPUT_0_BACK" - read -r -p "$GW_INPUT_PLAIN> " ts_hostname - if [ "$ts_hostname" != 0 ]; then - setconfig ts_hostname "$ts_hostname" "$GT_CFG_PATH" - fi - ;; - *) - errornum - ;; - esac - done + while true; do + [ -n "$ts_auth_key" ] && ts_auth_key_info='*********' + comp_box "\033[31m$GW_WARN\033[0m$GW_TS_WARN" \ + "$GW_TS_KEY_URL" \ + "$GW_TS_ALLOW_URL" \ + "$GW_TS_SUBNET_EXIT_HINT" + btm_box "1) \033[32m$GW_TS_TOGGLE\033[0m \033[32m$ts_service\033[0m" \ + "2) $GW_TS_SET_AUTHKEY $ts_auth_key_info" \ + "3) $GW_TS_SUBNET \033[36m$ts_subnet\033[0m" \ + "4) $GW_TS_EXIT_NODE \033[36m$ts_exit_node\033[0m" \ + "5) $GW_TS_HOSTNAME $ts_hostname" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ -n "$ts_auth_key" ]; then + [ "$ts_service" = ON ] && ts_service=OFF || ts_service=ON + setconfig ts_service "$ts_service" + else + msg_alert "\033[31m$GW_TS_SET_KEY_FIRST\033[0m" + fi + ;; + 2) + line_break + read -r -p "$GW_TS_INPUT_KEY> " text + [ "$text" = 0 ] && unset ts_auth_key ts_auth_key_info || ts_auth_key="$text" + setconfig ts_auth_key "$ts_auth_key" "$GT_CFG_PATH" + ;; + 3) + [ "$ts_subnet" = true ] && ts_subnet=false || ts_subnet=true + setconfig ts_subnet "$ts_subnet" "$GT_CFG_PATH" + ;; + 4) + if [ "$ts_exit_node" = true ]; then + ts_exit_node=false + else + ts_exit_node=true + msg_alert -t 3 "\033[31m$GW_WARN\033[0m$GW_TS_EXITNODE_WARN" + fi + setconfig ts_exit_node "$ts_exit_node" "$GT_CFG_PATH" + ;; + 5) + comp_box "\033[36m$GW_TS_INPUT_NAME\033[0m" \ + "$GW_INPUT_0_BACK" + read -r -p "$GW_INPUT_PLAIN> " ts_hostname + if [ "$ts_hostname" != 0 ]; then + setconfig ts_hostname "$ts_hostname" "$GT_CFG_PATH" + fi + ;; + *) + errornum + ;; + esac + done } set_wireguard() { - while true; do + while true; do - if [ -n "$wg_public_key" ]; then - wgp_key_info='*********' - else - unset wgp_key_info - fi + if [ -n "$wg_public_key" ]; then + wgp_key_info='*********' + else + unset wgp_key_info + fi - if [ -n "$wg_private_key" ]; then - wgv_key_info='*********' - else - unset wgv_key_info - fi + if [ -n "$wg_private_key" ]; then + wgv_key_info='*********' + else + unset wgv_key_info + fi - if [ -n "$wg_pre_shared_key" ]; then - wgpsk_key_info='*********' - else - unset wgpsk_key_info - fi - comp_box "\033[31m$GW_WARN\033[0m$GW_WG_WARN" - btm_box "1) \033[32m$GW_WG_TOGGLE\033[0m \033[32m$wg_service\033[0m" \ - "" \ - "2) $GW_WG_SET_ENDPOINT \033[36m$wg_server\033[0m" \ - "3) $GW_WG_SET_ENDPOINT_PORT \033[36m$wg_port\033[0m" \ - "4) $GW_WG_SET_PUBLIC \033[36m$wgp_key_info\033[0m" \ - "5) $GW_WG_SET_PRESHARED \033[36m$wgpsk_key_info\033[0m" \ - "" \ - "6) $GW_WG_SET_PRIVATE \033[33m$wgv_key_info\033[0m" \ - "7) $GW_WG_SET_IPV4 \033[33m$wg_ipv4\033[0m" \ - "8) $GW_WG_SET_IPV6 \033[33m$wg_ipv6\033[0m" \ - "" \ - "0) $COMMON_BACK" - read -r -p "$COMMON_INPUT> " num - case "$num" in - "" | 0) - break - ;; - 1) - if [ -n "$wg_server" ] && [ -n "$wg_port" ] && [ -n "$wg_public_key" ] && [ -n "$wg_pre_shared_key" ] && [ -n "$wg_private_key" ] && [ -n "$wg_ipv4" ]; then - [ "$wg_service" = ON ] && wg_service=OFF || wg_service=ON - setconfig wg_service "$wg_service" - else - msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" - fi - ;; - [1-8]) - line_break - read -r -p "$GW_INPUT_TEXT_DEL0> " text - [ "$text" = 0 ] && text='' - case "$num" in - 2) - wg_server="$text" - setconfig wg_server "$text" "$GT_CFG_PATH" - ;; - 3) - wg_port="$text" - setconfig wg_port "$text" "$GT_CFG_PATH" - ;; - 4) - wg_public_key="$text" - setconfig wg_public_key "$text" "$GT_CFG_PATH" - ;; - 5) - wg_pre_shared_key="$text" - setconfig wg_pre_shared_key "$text" "$GT_CFG_PATH" - ;; - 6) - wg_private_key="$text" - setconfig wg_private_key "$text" "$GT_CFG_PATH" - ;; - 7) - wg_ipv4="$text" - setconfig wg_ipv4 "$text" "$GT_CFG_PATH" - ;; - 8) - wg_ipv6="$text" - setconfig wg_ipv6 "$text" "$GT_CFG_PATH" - ;; - esac - ;; - *) - errornum - ;; - esac - done + if [ -n "$wg_pre_shared_key" ]; then + wgpsk_key_info='*********' + else + unset wgpsk_key_info + fi + comp_box "\033[31m$GW_WARN\033[0m$GW_WG_WARN" + btm_box "1) \033[32m$GW_WG_TOGGLE\033[0m \033[32m$wg_service\033[0m" \ + "" \ + "2) $GW_WG_SET_ENDPOINT \033[36m$wg_server\033[0m" \ + "3) $GW_WG_SET_ENDPOINT_PORT \033[36m$wg_port\033[0m" \ + "4) $GW_WG_SET_PUBLIC \033[36m$wgp_key_info\033[0m" \ + "5) $GW_WG_SET_PRESHARED \033[36m$wgpsk_key_info\033[0m" \ + "" \ + "6) $GW_WG_SET_PRIVATE \033[33m$wgv_key_info\033[0m" \ + "7) $GW_WG_SET_IPV4 \033[33m$wg_ipv4\033[0m" \ + "8) $GW_WG_SET_IPV6 \033[33m$wg_ipv6\033[0m" \ + "" \ + "0) $COMMON_BACK" + read -r -p "$COMMON_INPUT> " num + case "$num" in + "" | 0) + break + ;; + 1) + if [ -n "$wg_server" ] && [ -n "$wg_port" ] && [ -n "$wg_public_key" ] && [ -n "$wg_pre_shared_key" ] && [ -n "$wg_private_key" ] && [ -n "$wg_ipv4" ]; then + [ "$wg_service" = ON ] && wg_service=OFF || wg_service=ON + setconfig wg_service "$wg_service" + else + msg_alert "\033[31m$GW_FILL_REQUIRED\033[0m" + fi + ;; + [1-8]) + line_break + read -r -p "$GW_INPUT_TEXT_DEL0> " text + [ "$text" = 0 ] && text='' + case "$num" in + 2) + wg_server="$text" + setconfig wg_server "$text" "$GT_CFG_PATH" + ;; + 3) + wg_port="$text" + setconfig wg_port "$text" "$GT_CFG_PATH" + ;; + 4) + wg_public_key="$text" + setconfig wg_public_key "$text" "$GT_CFG_PATH" + ;; + 5) + wg_pre_shared_key="$text" + setconfig wg_pre_shared_key "$text" "$GT_CFG_PATH" + ;; + 6) + wg_private_key="$text" + setconfig wg_private_key "$text" "$GT_CFG_PATH" + ;; + 7) + wg_ipv4="$text" + setconfig wg_ipv4 "$text" "$GT_CFG_PATH" + ;; + 8) + wg_ipv6="$text" + setconfig wg_ipv6 "$text" "$GT_CFG_PATH" + ;; + esac + ;; + *) + errornum + ;; + esac + done } diff --git a/scripts/menus/8_tools.sh b/scripts/menus/8_tools.sh index cf41483b..aa00011b 100644 --- a/scripts/menus/8_tools.sh +++ b/scripts/menus/8_tools.sh @@ -758,7 +758,7 @@ debug() { . "$CRASHDIR"/libs/core_tools.sh && core_find && "$TMPDIR"/CrashCore merge "$TMPDIR"/debug.json -C "$TMPDIR"/jsons && line_break comp_box "\033[32m$TOOLS_MERGE_OK\033[0m" [ "$TMPDIR" = "$BINDIR" ] && rm -rf "$TMPDIR"/CrashCore - debug + debug ;; *) errornum diff --git a/scripts/menus/9_upgrade.sh b/scripts/menus/9_upgrade.sh index 85077612..eaa8cdab 100644 --- a/scripts/menus/9_upgrade.sh +++ b/scripts/menus/9_upgrade.sh @@ -1111,7 +1111,7 @@ saveserver() { setserver() { while true; do line_break - LISTFILE="$CRASHDIR"/configs/servers_"$i18n".list + LISTFILE="$CRASHDIR"/configs/servers_"$i18n".list [ -z "$release_type" ] && release_name=$UPG_SOURCE_UNSET [ -n "$release_type" ] && release_name="$release_type$UPG_SOURCE_ROLLBACK_TAG" [ "$release_type" = stable ] && release_name=$UPG_SOURCE_STABLE_TEXT diff --git a/scripts/menus/bot_tg.sh b/scripts/menus/bot_tg.sh index 09052d7b..d411e095 100644 --- a/scripts/menus/bot_tg.sh +++ b/scripts/menus/bot_tg.sh @@ -19,19 +19,19 @@ OFFSET=0 ### --- 基础函数 --- ### web_download(){ - setproxy - if curl --version >/dev/null 2>&1; then - curl -kfsSl "$1" -o "$2" - else - wget -Y on -q --timeout=3 -O "$2" "$1" - fi + setproxy + if curl --version >/dev/null 2>&1; then + curl -kfsSl "$1" -o "$2" + else + wget -Y on -q --timeout=3 -O "$2" "$1" + fi } web_upload(){ - curl -ksSfl -X POST --connect-timeout 20 "$API/sendDocument" -F "chat_id=$TG_CHATID" -F "document=@$1" >/dev/null + curl -ksSfl -X POST --connect-timeout 20 "$API/sendDocument" -F "chat_id=$TG_CHATID" -F "document=@$1" >/dev/null } send_msg(){ TEXT="$1" - web_json_post "$API/sendMessage" "{\"chat_id\":\"$TG_CHATID\",\"text\":\"$TEXT\",\"parse_mode\":\"Markdown\"}" + web_json_post "$API/sendMessage" "{\"chat_id\":\"$TG_CHATID\",\"text\":\"$TEXT\",\"parse_mode\":\"Markdown\"}" } send_help(){ TEXT=$(cat </dev/null 2>&1;then - CURL_KB=$(cat </dev/null 2>&1;then + CURL_KB=$(cat < "$LOGFILE" } do_stop_fw(){ - redir_mod_bf=$redir_mod - firewall_area=4 - setconfig firewall_area 4 - "$CRASHDIR"/start.sh stop_firewall + redir_mod_bf=$redir_mod + firewall_area=4 + setconfig firewall_area 4 + "$CRASHDIR"/start.sh stop_firewall echo "$BOT_TG_SWITCH_PURE" > "$LOGFILE" } do_restart(){ @@ -185,142 +185,142 @@ do_set_sub(){ } transport(){ #文件传输 - case "$CALLBACK" in - "ts_get_log") - web_upload "$TMPDIR"/ShellCrash.log - send_menu - ;; - "ts_get_bak") - now=$(date +%Y%m%d_%H%M%S) - FILE="$TMPDIR/configs_$now.tar.gz" - tar -zcf "$FILE" -C "$CRASHDIR/configs/" . - web_upload "$FILE" - rm -rf "$FILE" - send_menu - ;; - "ts_get_ccf") - FILE="$TMPDIR/$config_type.tar.gz" - tar -zcf "$FILE" -C "$CRASHDIR/${config_type}s/" . - web_upload "$FILE" - rm -rf "$FILE" - send_menu - ;; - "ts_up_core") - FILE_TYPE=1 - send_msg "$BOT_TG_SEND_CORE ${corename} $BOT_TG_SEND_CORE_SUFFIX" - ;; - "ts_up_bak") - FILE_TYPE=2 - send_msg "$BOT_TG_SEND_BAK" - ;; - "ts_up_ccf") - FILE_TYPE=3 - send_msg "$BOT_TG_SEND_CFG .${config_type} $BOT_TG_SEND_CFG_SUFFIX" - ;; - esac + case "$CALLBACK" in + "ts_get_log") + web_upload "$TMPDIR"/ShellCrash.log + send_menu + ;; + "ts_get_bak") + now=$(date +%Y%m%d_%H%M%S) + FILE="$TMPDIR/configs_$now.tar.gz" + tar -zcf "$FILE" -C "$CRASHDIR/configs/" . + web_upload "$FILE" + rm -rf "$FILE" + send_menu + ;; + "ts_get_ccf") + FILE="$TMPDIR/$config_type.tar.gz" + tar -zcf "$FILE" -C "$CRASHDIR/${config_type}s/" . + web_upload "$FILE" + rm -rf "$FILE" + send_menu + ;; + "ts_up_core") + FILE_TYPE=1 + send_msg "$BOT_TG_SEND_CORE ${corename} $BOT_TG_SEND_CORE_SUFFIX" + ;; + "ts_up_bak") + FILE_TYPE=2 + send_msg "$BOT_TG_SEND_BAK" + ;; + "ts_up_ccf") + FILE_TYPE=3 + send_msg "$BOT_TG_SEND_CFG .${config_type} $BOT_TG_SEND_CFG_SUFFIX" + ;; + esac } ### --- 轮询主进程 --- ### polling(){ - while true; do - UPDATES=$(web_get_lite "$API/getUpdates?timeout=25&offset=$OFFSET") + while true; do + UPDATES=$(web_get_lite "$API/getUpdates?timeout=25&offset=$OFFSET") - echo "$UPDATES" | grep -q '"update_id"' || { - sleep 10 #防止网络不佳时疯狂请求 - continue - } - - OFFSET=$(echo "$UPDATES" | grep -o '"update_id":[0-9]*' | tail -n1 | cut -d: -f2) - OFFSET=$((OFFSET + 1)) - - ### --- 校验ChatID --- ### - CHATID=$(echo "$UPDATES" | grep -o '"id":[0-9]*' | tail -n1 | cut -d: -f2) - [ "$CHATID" != "$TG_CHATID" ] && continue - - ### --- 处理按钮事件 --- ### - CALLBACK=$(echo "$UPDATES" | grep -o '"data":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//') - FILE_ID=$(echo "$UPDATES" | sed 's/"callback_query".*//g' | grep -o '"file_id":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//') - - [ -n "$FILE_ID" ] && { - download_file - continue - } - [ -n "$CALLBACK" ] && case "$CALLBACK" in - "start_redir") - if [ "$firewall_area" = 4 ];then - do_start_fw - send_msg "$BOT_TG_SWITCH_TO$redir_mod_bf!" - else - send_msg "$BOT_TG_ALREADY$redir_mod!" - fi - send_menu - continue - ;; - "stop_redir") - if [ "$firewall_area" != 4 ];then - do_stop_fw - send_msg "$BOT_TG_SWITCH_PURE" - else - send_msg "$BOT_TG_ALREADY_PURE" - fi - send_menu - continue - ;; - "restart") - do_restart - send_msg "$BOT_TG_SERVICE_RESTARTED_SHORT" - sleep 10 - send_menu - continue - ;; - "readlog") - send_msg "$BOT_TG_LOG_CONTENT\n\`\`\`$(grep -v "$BOT_TG_TASK_WORD" $TMPDIR/ShellCrash.log |tail -n 20)\`\`\`" - sleep 3 - send_menu - continue - ;; - "transport") - send_transport_menu - continue - ;; - "set_sub") - echo "await_sub" > "$STATE_FILE" - send_msg "$BOT_TG_INPUT_SUB" - continue - ;; - ts_*) - transport - continue - ;; - esac + echo "$UPDATES" | grep -q '"update_id"' || { + sleep 10 #防止网络不佳时疯狂请求 + continue + } + + OFFSET=$(echo "$UPDATES" | grep -o '"update_id":[0-9]*' | tail -n1 | cut -d: -f2) + OFFSET=$((OFFSET + 1)) + + ### --- 校验ChatID --- ### + CHATID=$(echo "$UPDATES" | grep -o '"id":[0-9]*' | tail -n1 | cut -d: -f2) + [ "$CHATID" != "$TG_CHATID" ] && continue + + ### --- 处理按钮事件 --- ### + CALLBACK=$(echo "$UPDATES" | grep -o '"data":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//') + FILE_ID=$(echo "$UPDATES" | sed 's/"callback_query".*//g' | grep -o '"file_id":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//') + + [ -n "$FILE_ID" ] && { + download_file + continue + } + [ -n "$CALLBACK" ] && case "$CALLBACK" in + "start_redir") + if [ "$firewall_area" = 4 ];then + do_start_fw + send_msg "$BOT_TG_SWITCH_TO$redir_mod_bf!" + else + send_msg "$BOT_TG_ALREADY$redir_mod!" + fi + send_menu + continue + ;; + "stop_redir") + if [ "$firewall_area" != 4 ];then + do_stop_fw + send_msg "$BOT_TG_SWITCH_PURE" + else + send_msg "$BOT_TG_ALREADY_PURE" + fi + send_menu + continue + ;; + "restart") + do_restart + send_msg "$BOT_TG_SERVICE_RESTARTED_SHORT" + sleep 10 + send_menu + continue + ;; + "readlog") + send_msg "$BOT_TG_LOG_CONTENT\n\`\`\`$(grep -v "$BOT_TG_TASK_WORD" $TMPDIR/ShellCrash.log |tail -n 20)\`\`\`" + sleep 3 + send_menu + continue + ;; + "transport") + send_transport_menu + continue + ;; + "set_sub") + echo "await_sub" > "$STATE_FILE" + send_msg "$BOT_TG_INPUT_SUB" + continue + ;; + ts_*) + transport + continue + ;; + esac - ### --- 处理订阅输入 --- ### - TEXT=$(echo "$UPDATES" | grep -o '"text":"[^"]*"' | tail -n1 | sed 's/.*"text":"//;s/"$//') + ### --- 处理订阅输入 --- ### + TEXT=$(echo "$UPDATES" | grep -o '"text":"[^"]*"' | tail -n1 | sed 's/.*"text":"//;s/"$//') - if [ "$(cat "$STATE_FILE" 2>/dev/null)" = "await_sub" ]; then - echo "" > "$STATE_FILE" - do_set_sub "$TEXT" - send_msg "$BOT_TG_SUB_UPDATED\n$(cat "$LOGFILE")" - send_menu - continue - fi + if [ "$(cat "$STATE_FILE" 2>/dev/null)" = "await_sub" ]; then + echo "" > "$STATE_FILE" + do_set_sub "$TEXT" + send_msg "$BOT_TG_SUB_UPDATED\n$(cat "$LOGFILE")" + send_menu + continue + fi - ### 处理命令 ### - case "$TEXT" in - /crash) - send_menu - ;; - /"$my_alias") - send_menu - ;; - /help) - send_help - ;; - esac + ### 处理命令 ### + case "$TEXT" in + /crash) + send_menu + ;; + /"$my_alias") + send_menu + ;; + /help) + send_help + ;; + esac - done + done } [ "$TG_menupush" = ON ] && send_menu diff --git a/scripts/menus/bot_tg_bind.sh b/scripts/menus/bot_tg_bind.sh index 7b81a5f2..eb630d8a 100644 --- a/scripts/menus/bot_tg_bind.sh +++ b/scripts/menus/bot_tg_bind.sh @@ -22,7 +22,7 @@ tg_push_token() { push_TG="$TOKEN" setconfig push_TG "$TOKEN" setconfig chat_ID "$chat_ID" - . "$CRASHDIR"/libs/logger.sh && logger "$BOT_TG_SET_DONE" 32 + . "$CRASHDIR"/libs/logger.sh && logger "$BOT_TG_SET_DONE" 32 } get_chatid() { diff --git a/scripts/menus/bot_tg_service.sh b/scripts/menus/bot_tg_service.sh index 759d6591..e02f1717 100644 --- a/scripts/menus/bot_tg_service.sh +++ b/scripts/menus/bot_tg_service.sh @@ -1,16 +1,16 @@ - + . "$CRASHDIR"/libs/set_cron.sh bot_tg_start(){ - . "$CRASHDIR"/starts/start_legacy.sh - start_legacy "$CRASHDIR/menus/bot_tg.sh" 'bot_tg' + . "$CRASHDIR"/starts/start_legacy.sh + start_legacy "$CRASHDIR/menus/bot_tg.sh" 'bot_tg' } bot_tg_stop(){ - cronload | grep -q 'TG_BOT' && cronset 'TG_BOT' - [ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM "$(cat "$TMPDIR/bot_tg.pid")" 2>/dev/null - killall bot_tg.sh 2>/dev/null - rm -f "$TMPDIR/bot_tg.pid" + cronload | grep -q 'TG_BOT' && cronset 'TG_BOT' + [ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM "$(cat "$TMPDIR/bot_tg.pid")" 2>/dev/null + killall bot_tg.sh 2>/dev/null + rm -f "$TMPDIR/bot_tg.pid" } bot_tg_cron(){ - cronset 'ShellCrash-TG_BOT' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT" + cronset 'ShellCrash-TG_BOT' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT" } diff --git a/scripts/menus/check_port.sh b/scripts/menus/check_port.sh index a7135550..5d5f1acd 100644 --- a/scripts/menus/check_port.sh +++ b/scripts/menus/check_port.sh @@ -4,46 +4,46 @@ load_lang check_port _get_netstat_cmd() { - case "$1" in - tcp) echo "netstat -ntl" ;; - udp) echo "netstat -nul" ;; - *) echo "netstat -ntul" ;; - esac + case "$1" in + tcp) echo "netstat -ntl" ;; + udp) echo "netstat -nul" ;; + *) echo "netstat -ntul" ;; + esac } check_port() { - local port="$1" - local protocol="${2:-all}" + local port="$1" + local protocol="${2:-all}" - if [ "$port" -gt 65535 ] || [ "$port" -le 1 ]; then - msg_alert "\033[31m$CHECK_PORT_RANGE_ERR\033[0m" - return 1 - fi + if [ "$port" -gt 65535 ] || [ "$port" -le 1 ]; then + msg_alert "\033[31m$CHECK_PORT_RANGE_ERR\033[0m" + return 1 + fi - local check_cmd - check_cmd=$(_get_netstat_cmd "$protocol") + local check_cmd + check_cmd=$(_get_netstat_cmd "$protocol") - if $check_cmd 2>/dev/null | grep -q ":${port}[[:space:]]"; then - msg_alert "\033[31m$CHECK_PORT_OCCUPIED_ERR\033[0m" - return 1 - fi + if $check_cmd 2>/dev/null | grep -q ":${port}[[:space:]]"; then + msg_alert "\033[31m$CHECK_PORT_OCCUPIED_ERR\033[0m" + return 1 + fi - return 0 + return 0 } check_port_with_info() { - local port="$1" - local protocol="${2:-all}" - local check_cmd - check_cmd=$(_get_netstat_cmd "$protocol") + local port="$1" + local protocol="${2:-all}" + local check_cmd + check_cmd=$(_get_netstat_cmd "$protocol") - local conflict_line - conflict_line=$($check_cmd 2>/dev/null | grep ":${port}[[:space:]]" | head -n 1) + local conflict_line + conflict_line=$($check_cmd 2>/dev/null | grep ":${port}[[:space:]]" | head -n 1) - if [ -n "$conflict_line" ]; then - echo "$conflict_line" - return 1 - fi + if [ -n "$conflict_line" ]; then + echo "$conflict_line" + return 1 + fi - return 0 + return 0 } diff --git a/scripts/menus/ddns.sh b/scripts/menus/ddns.sh index 67326c16..0b50986d 100644 --- a/scripts/menus/ddns.sh +++ b/scripts/menus/ddns.sh @@ -12,21 +12,21 @@ add_ddns() { cat >>"$ddns_dir" </dev/null 2>&1 & sleep 3 @@ -71,12 +71,12 @@ set_ddns() { set_ddns_service() { while true; do services_dir=/etc/ddns/"$serv" - [ -s "$services_dir" ] || services_dir=/etc/ddns/services + [ -s "$services_dir" ] || services_dir=/etc/ddns/services [ -s "$services_dir" ] || services_dir=/usr/share/ddns/list - [ -s "$services_dir" ] || { - msg_alert "\033[33m$DDNS_LIST_NOT_FOUND\033[0m" - ddns service update >/dev/null || msg_alert "\033[31m$DDNS_DOWNLOAD_FAILED\033[0m" - } + [ -s "$services_dir" ] || { + msg_alert "\033[33m$DDNS_LIST_NOT_FOUND\033[0m" + ddns service update >/dev/null || msg_alert "\033[31m$DDNS_DOWNLOAD_FAILED\033[0m" + } comp_box "\033[32m$DDNS_SELECT_PROVIDER\033[0m" list=$(awk '/^#/ || !NF {next} {print $1}' "$services_dir") diff --git a/scripts/menus/dns.sh b/scripts/menus/dns.sh index ee328a36..a920c4f5 100644 --- a/scripts/menus/dns.sh +++ b/scripts/menus/dns.sh @@ -48,31 +48,31 @@ set_dns_mod() { msg_alert "\033[36m$DNS_SET_OK:$dns_mod\033[0m" ;; 4) - if [ "$dns_protect" = ON ]; then - dns_protect=OFF - else - dns_protect=ON - fi - setconfig dns_protect "$dns_protect" - common_success + if [ "$dns_protect" = ON ]; then + dns_protect=OFF + else + dns_protect=ON + fi + setconfig dns_protect "$dns_protect" + common_success ;; 5) - if [ "$hosts_opt" = ON ]; then - hosts_opt=OFF - else - hosts_opt=ON - fi - setconfig hosts_opt "$hosts_opt" - common_success + if [ "$hosts_opt" = ON ]; then + hosts_opt=OFF + else + hosts_opt=ON + fi + setconfig hosts_opt "$hosts_opt" + common_success ;; 6) - if [ "$ecs_subnet" = ON ]; then - ecs_subnet=OFF - else - ecs_subnet=ON - fi - setconfig ecs_subnet "$ecs_subnet" - common_success + if [ "$ecs_subnet" = ON ]; then + ecs_subnet=OFF + else + ecs_subnet=ON + fi + setconfig ecs_subnet "$ecs_subnet" + common_success ;; 7) while true; do diff --git a/scripts/menus/providers_singbox.sh b/scripts/menus/providers_singbox.sh index a0b673ba..c667fad2 100644 --- a/scripts/menus/providers_singbox.sh +++ b/scripts/menus/providers_singbox.sh @@ -97,21 +97,21 @@ gen_providers_txt() { [ -n "$include" ] && include_ele="\"include\": \"$include\"," if [ -n "$(echo "$2" | grep -E '^./')" ]; then cat >>"$TMPDIR"/providers/providers.json <>"$TMPDIR"/providers/providers.json <>"$TMPDIR"/providers/outbounds_add.json diff --git a/scripts/menus/running_status.sh b/scripts/menus/running_status.sh index e62c8acc..3da02535 100644 --- a/scripts/menus/running_status.sh +++ b/scripts/menus/running_status.sh @@ -1,13 +1,13 @@ running_status(){ - VmRSS=$(awk '/^VmRSS:/ {printf "%.2f MB\n", ($2 * 1024) / 1000000}' /proc/$PID/status) - #获取运行时长 - touch "$TMPDIR"/crash_start_time #用于延迟启动的校验 - start_time=$(cat "$TMPDIR"/crash_start_time) - if [ -n "$start_time" ]; then - time=$(($(date +%s) - start_time)) - day=$((time / 86400)) - [ "$day" = "0" ] && day='' || day="$dayD" - time=$(date -u -d @${time} +%H:%M:%S) - fi + VmRSS=$(awk '/^VmRSS:/ {printf "%.2f MB\n", ($2 * 1024) / 1000000}' /proc/$PID/status) + #获取运行时长 + touch "$TMPDIR"/crash_start_time #用于延迟启动的校验 + start_time=$(cat "$TMPDIR"/crash_start_time) + if [ -n "$start_time" ]; then + time=$(($(date +%s) - start_time)) + day=$((time / 86400)) + [ "$day" = "0" ] && day='' || day="$dayD" + time=$(date -u -d @${time} +%H:%M:%S) + fi } diff --git a/scripts/menus/task_cmd.sh b/scripts/menus/task_cmd.sh index de5d403b..84df964e 100644 --- a/scripts/menus/task_cmd.sh +++ b/scripts/menus/task_cmd.sh @@ -14,118 +14,118 @@ load_lang task_cmd task_logger(){ - [ "$task_push" = 1 ] && push= || push=off - [ -n "$2" -a "$2" != 0 ] && echo -e "\033[$2m$1\033[0m" - [ "$3" = 'off' ] && push=off - echo "$1" |grep -qE "($TASK_CMD_EVERY|$TASK_CMD_HOURLY)([1-9]|[1-9][0-9])$TASK_CMD_MIN" && { - push=off - cover=on - } - logger "$1" 0 "$push" "$cover" + [ "$task_push" = 1 ] && push= || push=off + [ -n "$2" -a "$2" != 0 ] && echo -e "\033[$2m$1\033[0m" + [ "$3" = 'off' ] && push=off + echo "$1" |grep -qE "($TASK_CMD_EVERY|$TASK_CMD_HOURLY)([1-9]|[1-9][0-9])$TASK_CMD_MIN" && { + push=off + cover=on + } + logger "$1" 0 "$push" "$cover" } #任务命令 check_update(){ #检查更新工具 - get_bin "$TMPDIR"/crashversion "$1" echooff - [ "$?" = "0" ] && . "$TMPDIR"/crashversion 2>/dev/null - rm -rf "$TMPDIR"/crashversion + get_bin "$TMPDIR"/crashversion "$1" echooff + [ "$?" = "0" ] && . "$TMPDIR"/crashversion 2>/dev/null + rm -rf "$TMPDIR"/crashversion } update_core(){ #自动更新内核 - #检查版本 - check_update bin/version - crash_v_new=$(eval echo \$${crashcore}_v) - if [ -z "$crash_v_new" -o "$crash_v_new" = "$core_v" ];then - task_logger "$TASK_CMD_CORE_SKIP" - return 0 - else - . "$CRASHDIR"/libs/core_tools.sh && core_webget #调用下载工具 - case "$?" in - 0) - task_logger "$TASK_CMD_CORE_DONE" - "$CRASHDIR"/start.sh start - return 0 - ;; - 1) - task_logger "$TASK_CMD_CORE_DL_FAIL" - return 1 - ;; - *) - task_logger "$TASK_CMD_CORE_VERIFY_FAIL" - "$CRASHDIR"/start.sh start - return 1 - ;; - esac - fi + #检查版本 + check_update bin/version + crash_v_new=$(eval echo \$${crashcore}_v) + if [ -z "$crash_v_new" -o "$crash_v_new" = "$core_v" ];then + task_logger "$TASK_CMD_CORE_SKIP" + return 0 + else + . "$CRASHDIR"/libs/core_tools.sh && core_webget #调用下载工具 + case "$?" in + 0) + task_logger "$TASK_CMD_CORE_DONE" + "$CRASHDIR"/start.sh start + return 0 + ;; + 1) + task_logger "$TASK_CMD_CORE_DL_FAIL" + return 1 + ;; + *) + task_logger "$TASK_CMD_CORE_VERIFY_FAIL" + "$CRASHDIR"/start.sh start + return 1 + ;; + esac + fi } update_scripts(){ #自动更新脚本 - #检查版本 - check_update version - if [ -z "$versionsh" -o "$versionsh" = "versionsh_l" ];then - task_logger "$TASK_CMD_SCRIPT_SKIP" - return 0 - else - get_bin "$TMPDIR"/ShellCrash.tar.gz "ShellCrash.tar.gz" - if [ "$?" != "0" ];then - rm -rf "$TMPDIR"/ShellCrash.tar.gz - task_logger "$TASK_CMD_CORE_DL_FAIL" - return 1 - else - #停止服务 - "$CRASHDIR"/start.sh stop - #解压 - tar -zxf "$TMPDIR"/ShellCrash.tar.gz ${tar_para} -C "$CRASHDIR"/ - if [ $? -ne 0 ];then - rm -rf "$TMPDIR"/ShellCrash.tar.gz - task_logger "$TASK_CMD_SCRIPT_UNZIP_FAIL" - "$CRASHDIR"/start.sh start - return 1 - else - . "$CRASHDIR"/init.sh >/dev/null - "$CRASHDIR"/start.sh start - return 0 - fi - fi - fi + #检查版本 + check_update version + if [ -z "$versionsh" -o "$versionsh" = "versionsh_l" ];then + task_logger "$TASK_CMD_SCRIPT_SKIP" + return 0 + else + get_bin "$TMPDIR"/ShellCrash.tar.gz "ShellCrash.tar.gz" + if [ "$?" != "0" ];then + rm -rf "$TMPDIR"/ShellCrash.tar.gz + task_logger "$TASK_CMD_CORE_DL_FAIL" + return 1 + else + #停止服务 + "$CRASHDIR"/start.sh stop + #解压 + tar -zxf "$TMPDIR"/ShellCrash.tar.gz ${tar_para} -C "$CRASHDIR"/ + if [ $? -ne 0 ];then + rm -rf "$TMPDIR"/ShellCrash.tar.gz + task_logger "$TASK_CMD_SCRIPT_UNZIP_FAIL" + "$CRASHDIR"/start.sh start + return 1 + else + . "$CRASHDIR"/init.sh >/dev/null + "$CRASHDIR"/start.sh start + return 0 + fi + fi + fi } update_mmdb(){ #自动更新数据库 - getgeo(){ - #检查版本 - check_update bin/version - geo_v="$(echo $2 | awk -F "." '{print $1}')_v" #获取版本号类型比如Country_v - geo_v_new=$GeoIP_v - geo_v_now=$(eval echo \$$geo_v) - if [ -z "$geo_v_new" -o "$geo_v_new" = "$geo_v_now" ];then - task_logger "$TASK_CMD_DB_SKIP_PREFIX$2$TASK_CMD_DB_SKIP_SUFFIX" - else - #更新文件 - get_bin "$TMPDIR"/$1 "bin/geodata/$2" - if [ "$?" != "0" ];then - task_logger "$TASK_CMD_DB_DL_FAIL_PREFIX$2$TASK_CMD_DB_DL_FAIL_SUFFIX" - rm -rf "$TMPDIR"/$1 - else - mv -f "$TMPDIR"/$1 "$BINDIR"/$1 - setconfig $geo_v $GeoIP_v - task_logger "$TASK_CMD_DB_OK_PREFIX$2$TASK_CMD_DB_OK_SUFFIX" - fi - fi - } - [ -n "${cn_mini_v}" -a -s "$CRASHDIR"/Country.mmdb ] && getgeo Country.mmdb cn_mini.mmdb - [ -n "${china_ip_list_v}" -a -s "$CRASHDIR"/cn_ip.txt ] && getgeo cn_ip.txt china_ip_list.txt - [ -n "${china_ipv6_list_v}" -a -s "$CRASHDIR"/cn_ipv6.txt ] && getgeo cn_ipv6.txt china_ipv6_list.txt - [ -n "${geosite_v}" -a -s "$CRASHDIR"/GeoSite.dat ] && getgeo GeoSite.dat geosite.dat - [ -n "${geoip_cn_v}" -a -s "$CRASHDIR"/geoip.db ] && getgeo geoip.db geoip_cn.db - [ -n "${geosite_cn_v}" -a -s "$CRASHDIR"/geosite.db ] && getgeo geosite.db geosite_cn.db - return 0 + getgeo(){ + #检查版本 + check_update bin/version + geo_v="$(echo $2 | awk -F "." '{print $1}')_v" #获取版本号类型比如Country_v + geo_v_new=$GeoIP_v + geo_v_now=$(eval echo \$$geo_v) + if [ -z "$geo_v_new" -o "$geo_v_new" = "$geo_v_now" ];then + task_logger "$TASK_CMD_DB_SKIP_PREFIX$2$TASK_CMD_DB_SKIP_SUFFIX" + else + #更新文件 + get_bin "$TMPDIR"/$1 "bin/geodata/$2" + if [ "$?" != "0" ];then + task_logger "$TASK_CMD_DB_DL_FAIL_PREFIX$2$TASK_CMD_DB_DL_FAIL_SUFFIX" + rm -rf "$TMPDIR"/$1 + else + mv -f "$TMPDIR"/$1 "$BINDIR"/$1 + setconfig $geo_v $GeoIP_v + task_logger "$TASK_CMD_DB_OK_PREFIX$2$TASK_CMD_DB_OK_SUFFIX" + fi + fi + } + [ -n "${cn_mini_v}" -a -s "$CRASHDIR"/Country.mmdb ] && getgeo Country.mmdb cn_mini.mmdb + [ -n "${china_ip_list_v}" -a -s "$CRASHDIR"/cn_ip.txt ] && getgeo cn_ip.txt china_ip_list.txt + [ -n "${china_ipv6_list_v}" -a -s "$CRASHDIR"/cn_ipv6.txt ] && getgeo cn_ipv6.txt china_ipv6_list.txt + [ -n "${geosite_v}" -a -s "$CRASHDIR"/GeoSite.dat ] && getgeo GeoSite.dat geosite.dat + [ -n "${geoip_cn_v}" -a -s "$CRASHDIR"/geoip.db ] && getgeo geoip.db geoip_cn.db + [ -n "${geosite_cn_v}" -a -s "$CRASHDIR"/geosite.db ] && getgeo geosite.db geosite_cn.db + return 0 } reset_firewall(){ #重设透明路由防火墙 - "$CRASHDIR"/start.sh stop_firewall - "$CRASHDIR"/start.sh afstart + "$CRASHDIR"/start.sh stop_firewall + "$CRASHDIR"/start.sh afstart } ntp(){ - ckcmd ntpd && ntpd -n -q -p 203.107.6.88 >/dev/null 2>&1 || exit 0 + ckcmd ntpd && ntpd -n -q -p 203.107.6.88 >/dev/null 2>&1 || exit 0 } web_save_auto(){ - . "$CRASHDIR"/libs/web_save.sh && web_save + . "$CRASHDIR"/libs/web_save.sh && web_save } update_config() { #更新订阅并重启 . "$CRASHDIR"/starts/core_config.sh && get_core_config && "$CRASHDIR"/start.sh start @@ -139,14 +139,14 @@ hotupdate() { #热更新订阅 } case "$1" in - [1-9][0-9][0-9]) - task_command=$(cat "$CRASHDIR"/task/task.list "$CRASHDIR"/task/task.user 2>/dev/null | grep "$1" | awk -F '#' '{print $2}') - task_name=$(cat "$CRASHDIR"/task/task.list "$CRASHDIR"/task/task.user 2>/dev/null | grep "$1" | awk -F '#' '{print $3}') - #task_logger "任务$task_name 开始执行" - eval $task_command && task_res="$TASK_CMD_RES_OK" || task_res="$TASK_CMD_RES_FAIL" - task_logger "$TASK_CMD_EXEC_PREFIX$2$TASK_CMD_EXEC_MID$task_res" - ;; - *) - "$1" - ;; + [1-9][0-9][0-9]) + task_command=$(cat "$CRASHDIR"/task/task.list "$CRASHDIR"/task/task.user 2>/dev/null | grep "$1" | awk -F '#' '{print $2}') + task_name=$(cat "$CRASHDIR"/task/task.list "$CRASHDIR"/task/task.user 2>/dev/null | grep "$1" | awk -F '#' '{print $3}') + #task_logger "任务$task_name 开始执行" + eval $task_command && task_res="$TASK_CMD_RES_OK" || task_res="$TASK_CMD_RES_FAIL" + task_logger "$TASK_CMD_EXEC_PREFIX$2$TASK_CMD_EXEC_MID$task_res" + ;; + *) + "$1" + ;; esac diff --git a/scripts/start.sh b/scripts/start.sh index 386f3b18..97e9247f 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -16,20 +16,20 @@ . "$CRASHDIR"/libs/web_save.sh #特殊脚本 bfstart(){ - "$CRASHDIR"/starts/bfstart.sh + "$CRASHDIR"/starts/bfstart.sh } afstart(){ - "$CRASHDIR"/starts/afstart.sh + "$CRASHDIR"/starts/afstart.sh } stop_firewall(){ - "$CRASHDIR"/starts/fw_stop.sh + "$CRASHDIR"/starts/fw_stop.sh } #保守模式启动 start_l(){ - bfstart && { - . "$CRASHDIR"/starts/start_legacy.sh - start_legacy "$COMMAND" 'shellcrash' - } && afstart & + bfstart && { + . "$CRASHDIR"/starts/start_legacy.sh + start_legacy "$COMMAND" 'shellcrash' + } && afstart & } case "$1" in @@ -37,26 +37,26 @@ case "$1" in start) [ -n "$(pidof CrashCore)" ] && $0 stop #禁止多实例 stop_firewall #清理路由策略 - rm -f "$CRASHDIR"/\.start_error #移除自启失败标记 + rm -f "$CRASHDIR"/\.start_error #移除自启失败标记 #使用不同方式启动服务 - if [ "$firewall_area" = "5" ]; then #主旁转发 + if [ "$firewall_area" = "5" ]; then #主旁转发 . "$CRASHDIR"/starts/fw_start.sh elif [ "$start_old" = "ON" ]; then start_l elif [ -f /etc/rc.common ] && grep -q 'procd' /proc/1/comm; then /etc/init.d/shellcrash start elif [ "$USER" = "root" ] && grep -q 'systemd' /proc/1/comm; then - FragmentPath=$(systemctl show -p FragmentPath shellcrash | sed 's/FragmentPath=//') - [ -f "$FragmentPath" ] && { - sed -i "s#^ExecStart=.*#ExecStart=$COMMAND >/dev/null#" "$FragmentPath" - systemctl daemon-reload - } - systemctl start shellcrash.service || . "$CRASHDIR"/starts/start_error.sh + FragmentPath=$(systemctl show -p FragmentPath shellcrash | sed 's/FragmentPath=//') + [ -f "$FragmentPath" ] && { + sed -i "s#^ExecStart=.*#ExecStart=$COMMAND >/dev/null#" "$FragmentPath" + systemctl daemon-reload + } + systemctl start shellcrash.service || . "$CRASHDIR"/starts/start_error.sh elif grep -q 's6' /proc/1/comm; then - bfstart && /command/s6-svc -u /run/service/shellcrash && { - [ ! -f "$CRASHDIR"/.dis_startup ] && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart - afstart & - } + bfstart && /command/s6-svc -u /run/service/shellcrash && { + [ ! -f "$CRASHDIR"/.dis_startup ] && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart + afstart & + } elif rc-status -r >/dev/null 2>&1; then rc-service shellcrash stop >/dev/null 2>&1 rc-service shellcrash start @@ -68,9 +68,9 @@ stop) logger ShellCrash服务即将关闭...... [ -n "$(pidof CrashCore)" ] && web_save #保存面板配置 #清理定时任务 - cronload | grep -vE '^$|start_legacy_wd.sh|运行时每' > "$TMPDIR"/cron_tmp - cronadd "$TMPDIR"/cron_tmp - rm -f "$TMPDIR"/cron_tmp + cronload | grep -vE '^$|start_legacy_wd.sh|运行时每' > "$TMPDIR"/cron_tmp + cronadd "$TMPDIR"/cron_tmp + rm -f "$TMPDIR"/cron_tmp #停止tg_bot . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_stop #多种方式结束进程 @@ -83,8 +83,8 @@ stop) elif [ -f /etc/rc.common ] && grep -q 'procd' /proc/1/comm; then /etc/init.d/shellcrash stop >/dev/null 2>&1 elif grep -q 's6' /proc/1/comm; then - /command/s6-svc -d /run/service/shellcrash - stop_firewall + /command/s6-svc -d /run/service/shellcrash + stop_firewall elif rc-status -r >/dev/null 2>&1; then rc-service shellcrash stop >/dev/null 2>&1 else diff --git a/scripts/starts/afstart.sh b/scripts/starts/afstart.sh index a9da9869..e58ec665 100644 --- a/scripts/starts/afstart.sh +++ b/scripts/starts/afstart.sh @@ -12,45 +12,45 @@ [ -z "$firewall_area" ] && firewall_area=1 #延迟启动 [ ! -f "$TMPDIR"/crash_start_time ] && [ -n "$start_delay" ] && [ "$start_delay" -gt 0 ] && { - logger "ShellCrash将延迟$start_delay秒启动" 31 - sleep "$start_delay" + logger "ShellCrash将延迟$start_delay秒启动" 31 + sleep "$start_delay" } #设置循环检测面板端口以判定服务启动是否成功 . "$CRASHDIR"/libs/start_wait.sh if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then - [ "$start_old" = "ON" ] && [ ! -L "$TMPDIR"/CrashCore ] && rm -f "$TMPDIR"/CrashCore #删除缓存目录内核文件 - . "$CRASHDIR"/starts/fw_start.sh #配置防火墙流量劫持 - date +%s >"$TMPDIR"/crash_start_time #标记启动时间 - #后台还原面板配置 - [ -s "$CRASHDIR"/configs/web_save ] && { - . "$CRASHDIR"/libs/web_restore.sh - web_restore >/dev/null 2>&1 & - } - #推送日志 - { - sleep 5 - logger ShellCrash服务已启动! - } & - ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 #Padavan保存/etc/storage - #加载定时任务 - cronload | grep -v '^$' > "$TMPDIR"/cron_tmp - [ -s "$CRASHDIR"/task/cron ] && cat "$CRASHDIR"/task/cron >> "$TMPDIR"/cron_tmp - [ -s "$CRASHDIR"/task/running ] && cat "$CRASHDIR"/task/running >> "$TMPDIR"/cron_tmp - [ "$bot_tg_service" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程" >> "$TMPDIR"/cron_tmp - [ "$start_old" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程" >> "$TMPDIR"/cron_tmp - awk '!x[$0]++' "$TMPDIR"/cron_tmp > "$TMPDIR"/cron_tmp2 #删除重复行 - cronadd "$TMPDIR"/cron_tmp2 - rm -f "$TMPDIR"/cron_tmp "$TMPDIR"/cron_tmp2 - #加载条件任务 - [ -s "$CRASHDIR"/task/afstart ] && { . "$CRASHDIR"/task/afstart; } & - [ -s "$CRASHDIR"/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && { - #注入防火墙 - line=$(grep -En "fw.* restart" /etc/init.d/firewall | cut -d ":" -f 1) - sed -i.bak "${line}a\\. $CRASHDIR/task/affirewall" /etc/init.d/firewall - line=$(grep -En "fw.* start" /etc/init.d/firewall | cut -d ":" -f 1) - sed -i "${line}a\\. $CRASHDIR/task/affirewall" /etc/init.d/firewall - } & - exit 0 + [ "$start_old" = "ON" ] && [ ! -L "$TMPDIR"/CrashCore ] && rm -f "$TMPDIR"/CrashCore #删除缓存目录内核文件 + . "$CRASHDIR"/starts/fw_start.sh #配置防火墙流量劫持 + date +%s >"$TMPDIR"/crash_start_time #标记启动时间 + #后台还原面板配置 + [ -s "$CRASHDIR"/configs/web_save ] && { + . "$CRASHDIR"/libs/web_restore.sh + web_restore >/dev/null 2>&1 & + } + #推送日志 + { + sleep 5 + logger ShellCrash服务已启动! + } & + ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 #Padavan保存/etc/storage + #加载定时任务 + cronload | grep -v '^$' > "$TMPDIR"/cron_tmp + [ -s "$CRASHDIR"/task/cron ] && cat "$CRASHDIR"/task/cron >> "$TMPDIR"/cron_tmp + [ -s "$CRASHDIR"/task/running ] && cat "$CRASHDIR"/task/running >> "$TMPDIR"/cron_tmp + [ "$bot_tg_service" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程" >> "$TMPDIR"/cron_tmp + [ "$start_old" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程" >> "$TMPDIR"/cron_tmp + awk '!x[$0]++' "$TMPDIR"/cron_tmp > "$TMPDIR"/cron_tmp2 #删除重复行 + cronadd "$TMPDIR"/cron_tmp2 + rm -f "$TMPDIR"/cron_tmp "$TMPDIR"/cron_tmp2 + #加载条件任务 + [ -s "$CRASHDIR"/task/afstart ] && { . "$CRASHDIR"/task/afstart; } & + [ -s "$CRASHDIR"/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && { + #注入防火墙 + line=$(grep -En "fw.* restart" /etc/init.d/firewall | cut -d ":" -f 1) + sed -i.bak "${line}a\\. $CRASHDIR/task/affirewall" /etc/init.d/firewall + line=$(grep -En "fw.* start" /etc/init.d/firewall | cut -d ":" -f 1) + sed -i "${line}a\\. $CRASHDIR/task/affirewall" /etc/init.d/firewall + } & + exit 0 else - . "$CRASHDIR"/starts/start_error.sh + . "$CRASHDIR"/starts/start_error.sh fi diff --git a/scripts/starts/bfstart.sh b/scripts/starts/bfstart.sh index 30477cc6..7facdd59 100644 --- a/scripts/starts/bfstart.sh +++ b/scripts/starts/bfstart.sh @@ -38,8 +38,8 @@ makehtml() { #生成面板跳转文件

您还未安装本地面板

-

请在脚本更新功能中(9-4)安装
或者使用在线面板:

-

请复制当前地址/ui(不包括)前面的内容,填入url位置即可连接

+

请在脚本更新功能中(9-4)安装
或者使用在线面板:

+

请复制当前地址/ui(不包括)前面的内容,填入url位置即可连接

Zashboard面板(推荐)
如已安装,请使用Ctrl+F5强制刷新此页面!
@@ -54,19 +54,19 @@ catpac() { #生成pac文件 [ -z "$host_pac" ] && host_pac=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1) cat >"$TMPDIR"/shellcrash_pac </dev/null | grep 'root')" ] && { - ckcmd userdel && userdel shellcrash 2>/dev/null - sed -i '/0:7890/d' /etc/passwd - sed -i '/x:7890/d' /etc/group - if ckcmd useradd; then - useradd shellcrash -u 7890 - sed -Ei s/7890:7890/0:7890/g /etc/passwd - else - echo "shellcrash:x:0:7890:::" >>/etc/passwd - fi + [ -z "$(id shellcrash 2>/dev/null | grep 'root')" ] && { + ckcmd userdel && userdel shellcrash 2>/dev/null + sed -i '/0:7890/d' /etc/passwd + sed -i '/x:7890/d' /etc/group + if ckcmd useradd; then + useradd shellcrash -u 7890 + sed -Ei s/7890:7890/0:7890/g /etc/passwd + else + echo "shellcrash:x:0:7890:::" >>/etc/passwd + fi } #加载系统内核组件 [ "$redir_mod" = "Tun" -o "$redir_mod" = "Mix" ] && ckcmd modprobe && modprobe tun 2>/dev/null diff --git a/scripts/starts/check_core.sh b/scripts/starts/check_core.sh index a8815398..9c99b9a3 100644 --- a/scripts/starts/check_core.sh +++ b/scripts/starts/check_core.sh @@ -5,7 +5,7 @@ check_core() { #检查及下载内核文件 [ -n "$(find --help 2>&1 | grep -o size)" ] && find_para=' -size +2000' #find命令兼容 - [ -z "$(find "$TMPDIR"/CrashCore $find_para 2>/dev/null)" ] && core_find + [ -z "$(find "$TMPDIR"/CrashCore $find_para 2>/dev/null)" ] && core_find [ ! -f "$TMPDIR"/CrashCore ] && { logger "未找到【$crashcore】核心,正在下载!" 33 [ -z "$cpucore" ] && . "$CRASHDIR"/libs/check_cpucore.sh && check_cpucore diff --git a/scripts/starts/clash_modify.sh b/scripts/starts/clash_modify.sh index fa483a75..36b7e113 100644 --- a/scripts/starts/clash_modify.sh +++ b/scripts/starts/clash_modify.sh @@ -16,15 +16,15 @@ modify_yaml() { #Meta内核专属配置 [ "$crashcore" = 'meta' ] && { [ -z "$(grep 'PROCESS' "$CRASHDIR"/yamls/*.yaml)" ] && find_process='find-process-mode: "off"' - #ecs优化 - [ "$ecs_subnet" = ON ] && { - . "$CRASHDIR"/libs/get_ecsip.sh - if [ -n "$ecs_address" ];then - dns_fallback=$(echo "$dns_fallback, " | sed "s|, |#ecs-override=true\&ecs=$ecs_address, |g" | sed 's|, $||') - else - logger "自动获取ecs网段失败!" - fi - } + #ecs优化 + [ "$ecs_subnet" = ON ] && { + . "$CRASHDIR"/libs/get_ecsip.sh + if [ -n "$ecs_address" ];then + dns_fallback=$(echo "$dns_fallback, " | sed "s|, |#ecs-override=true\&ecs=$ecs_address, |g" | sed 's|, $||') + else + logger "自动获取ecs网段失败!" + fi + } } #dns配置 [ -z "$(cat "$CRASHDIR"/yamls/user.yaml 2>/dev/null | grep '^dns:')" ] && { @@ -100,17 +100,17 @@ EOF if [ "$crashcore" = "meta" ]; then echo " 'services.googleapis.cn': services.googleapis.com" >>"$TMPDIR"/hosts.yaml fi - #加载本机hosts - sys_hosts=/etc/hosts - [ -f /data/etc/custom_hosts ] && sys_hosts='/etc/hosts /data/etc/custom_hosts' - cat $sys_hosts | while read line; do - [ -n "$(echo "$line" | grep -oE "([0-9]{1,3}[\.]){3}")" ] && - [ -z "$(echo "$line" | grep -oE '^#')" ] && - hosts_ip=$(echo $line | awk '{print $1}') && - hosts_domain=$(echo $line | awk '{print $2}') && - [ -z "$(cat "$TMPDIR"/hosts.yaml | grep -oE "$hosts_domain")" ] && - echo " '$hosts_domain': $hosts_ip" >>"$TMPDIR"/hosts.yaml - done + #加载本机hosts + sys_hosts=/etc/hosts + [ -f /data/etc/custom_hosts ] && sys_hosts='/etc/hosts /data/etc/custom_hosts' + cat $sys_hosts | while read line; do + [ -n "$(echo "$line" | grep -oE "([0-9]{1,3}[\.]){3}")" ] && + [ -z "$(echo "$line" | grep -oE '^#')" ] && + hosts_ip=$(echo $line | awk '{print $1}') && + hosts_domain=$(echo $line | awk '{print $2}') && + [ -z "$(cat "$TMPDIR"/hosts.yaml | grep -oE "$hosts_domain")" ] && + echo " '$hosts_domain': $hosts_ip" >>"$TMPDIR"/hosts.yaml + done fi #分割配置文件 yaml_char='proxies proxy-groups proxy-providers rules rule-providers sub-rules listeners' @@ -172,10 +172,10 @@ EOF done } #添加自定义入站 - [ "$vms_service" = ON ] || [ "$sss_service" = ON ] && { - . "$CRASHDIR"/configs/gateway.cfg - . "$CRASHDIR"/libs/meta_listeners.sh - } + [ "$vms_service" = ON ] || [ "$sss_service" = ON ] && { + . "$CRASHDIR"/configs/gateway.cfg + . "$CRASHDIR"/libs/meta_listeners.sh + } #节点绕过功能支持 sed -i "/#节点绕过/d" "$TMPDIR"/rules.yaml [ "$proxies_bypass" = "ON" ] && { diff --git a/scripts/starts/core_config.sh b/scripts/starts/core_config.sh index a5aa9813..634fad78 100644 --- a/scripts/starts/core_config.sh +++ b/scripts/starts/core_config.sh @@ -31,19 +31,19 @@ get_core_config() { #下载内核配置文件 Server_ua=$(grep -aE '^4' "$CRASHDIR"/configs/servers.list | sed -n ""$server_link"p" | awk '{print $4}') Config=$(grep -aE '^5' "$CRASHDIR"/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}') gen_ua - #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 + #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 if [ -z "$Https" ]; then #Urlencord转码处理保留字符 if ckcmd hexdump;then - Url=$(echo $Url | sed 's/%26/\&/g') #处理分隔符 - urlencodeUrl="exclude=$(urlencode "$exclude")&include=$(urlencode "$include")&url=$(urlencode "$Url")&config=$(urlencode "$Config")" - else - urlencodeUrl="exclude=$exclude&include=$include&url=$Url&config=$Config" - fi + Url=$(echo $Url | sed 's/%26/\&/g') #处理分隔符 + urlencodeUrl="exclude=$(urlencode "$exclude")&include=$(urlencode "$include")&url=$(urlencode "$Url")&config=$(urlencode "$Config")" + else + urlencodeUrl="exclude=$exclude&include=$include&url=$Url&config=$Config" + fi Https="${Server}/sub?target=${target}&${Server_ua}=${user_agent}&insert=true&new_name=true&scv=true&udp=true&${urlencodeUrl}" url_type=true - else - Https=$(echo $Https | sed 's/\\&/\&/g') #还原转义 + else + Https=$(echo $Https | sed 's/\\&/\&/g') #还原转义 fi #输出 echo "-----------------------------------------------" @@ -92,7 +92,7 @@ get_core_config() { #下载内核配置文件 else . "$CRASHDIR"/starts/clash_config_check.sh fi - check_config + check_config #如果不同则备份并替换文件 if [ -s "$core_config" ]; then compare "$core_config_new" "$core_config" diff --git a/scripts/starts/fw_getlanip.sh b/scripts/starts/fw_getlanip.sh index 2849bcbe..bc9d0028 100644 --- a/scripts/starts/fw_getlanip.sh +++ b/scripts/starts/fw_getlanip.sh @@ -9,17 +9,17 @@ getlanip() { #获取局域网host地址 [ -n "$host_ipv4" -a -n "$host_ipv6" ] && break sleep 1 && i=$((i + 1)) done - #Tailscale - [ "$ts_service" = ON ] && { - ts_host_ipv4=' 100.64.0.0/10' - ts_host_ipv6=' fd7a:115c:a1e0::/48' - } - #Wireguard - [ "$wg_service" = ON ] && { - . "$CRASHDIR"/configs/gateway.cfg - wg_host_ipv4=' $wg_ipv4' - [ -n "$wg_ipv6" ] && wg_host_ipv6=' $wg_ipv6' - } + #Tailscale + [ "$ts_service" = ON ] && { + ts_host_ipv4=' 100.64.0.0/10' + ts_host_ipv6=' fd7a:115c:a1e0::/48' + } + #Wireguard + [ "$wg_service" = ON ] && { + . "$CRASHDIR"/configs/gateway.cfg + wg_host_ipv4=' $wg_ipv4' + [ -n "$wg_ipv6" ] && wg_host_ipv6=' $wg_ipv6' + } #添加自定义ipv4局域网网段 if [ "$replace_default_host_ipv4" == "ON" ]; then host_ipv4="$cust_host_ipv4" @@ -28,9 +28,9 @@ getlanip() { #获取局域网host地址 fi #缺省配置 [ -z "$host_ipv4" ] && { - host_ipv4='192.168.0.0/16 10.0.0.0/12 172.16.0.0/12' - logger "无法获取本地LAN-IPV4网段,请前往流量过滤设置界面设置自定义网段!" 31 - } + host_ipv4='192.168.0.0/16 10.0.0.0/12 172.16.0.0/12' + logger "无法获取本地LAN-IPV4网段,请前往流量过滤设置界面设置自定义网段!" 31 + } host_ipv6="fe80::/10 fd00::/8 $host_ipv6$ts_host_ipv6$wg_host_ipv6" #获取本机出口IP地址 local_ipv4=$(ip route 2>&1 | grep -Ev 'utun|iot|docker|linkdown' | grep -Eo 'src.*' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort -u) diff --git a/scripts/starts/fw_iptables.sh b/scripts/starts/fw_iptables.sh index 73b41af0..c4a828cd 100644 --- a/scripts/starts/fw_iptables.sh +++ b/scripts/starts/fw_iptables.sh @@ -3,7 +3,7 @@ ckcmd iptables && iptables -h | grep -q '\-w' && iptable='iptables -w' || iptable=iptables ckcmd ip6tables && ip6tables -h | grep -q '\-w' && ip6table='ip6tables -w' || ip6table=ip6tables - + start_ipt_route() { #iptables-route通用工具 #$1:iptables/ip6tables $2:所在的表(nat/mangle) $3:所在的链(OUTPUT/PREROUTING) $4:新创建的shellcrash链表 $5:tcp/udp/all #区分ipv4/ipv6 @@ -32,9 +32,9 @@ start_ipt_route() { #iptables-route通用工具 done [ "$firewall_area" = 5 ] && "$1" $w -t "$2" -A "$4" -s $bypass_host -j RETURN [ -z "$ports" ] && { - "$1" $w -t "$2" -A "$4" -p tcp -m multiport --dports "$mix_port,$redir_port,$tproxy_port" -j RETURN - "$1" $w -t "$2" -A "$4" -p udp -m multiport --dports "$mix_port,$redir_port,$tproxy_port" -j RETURN - } + "$1" $w -t "$2" -A "$4" -p tcp -m multiport --dports "$mix_port,$redir_port,$tproxy_port" -j RETURN + "$1" $w -t "$2" -A "$4" -p udp -m multiport --dports "$mix_port,$redir_port,$tproxy_port" -j RETURN + } #跳过目标保留地址及目标本机网段 for ip in $HOST_IP $RESERVED_IP; do "$1" $w -t "$2" -A "$4" -d $ip -j RETURN @@ -136,35 +136,35 @@ start_ipt_dns() { #iptables-dns通用工具 "$1" $w -t nat -I "$2" -p udp --dport 53 -j "$3" } start_ipt_wan() { #iptables公网防火墙 - ipt_wan_accept(){ - $iptable -I INPUT -p "$1" -m multiport --dports "$accept_ports" -j ACCEPT - ckcmd ip6tables && $ip6table -I INPUT -p "$1" -m multiport --dports "$accept_ports" -j ACCEPT - } - ipt_wan_reject(){ - $iptable -I INPUT -p "$1" -m multiport --dports "$reject_ports" -j REJECT - ckcmd ip6tables && $ip6table -I INPUT -p "$1" -m multiport --dports "$reject_ports" -j REJECT - } - #端口拦截 - reject_ports="$mix_port,$db_port" - ipt_wan_reject tcp - ipt_wan_reject udp - #端口放行 - [ -f "$CRASHDIR"/configs/gateway.cfg ] && . "$CRASHDIR"/configs/gateway.cfg - accept_ports=$(echo "$fw_wan_ports,$vms_port,$sss_port" | sed "s/,,/,/g ;s/^,// ;s/,$//") + ipt_wan_accept(){ + $iptable -I INPUT -p "$1" -m multiport --dports "$accept_ports" -j ACCEPT + ckcmd ip6tables && $ip6table -I INPUT -p "$1" -m multiport --dports "$accept_ports" -j ACCEPT + } + ipt_wan_reject(){ + $iptable -I INPUT -p "$1" -m multiport --dports "$reject_ports" -j REJECT + ckcmd ip6tables && $ip6table -I INPUT -p "$1" -m multiport --dports "$reject_ports" -j REJECT + } + #端口拦截 + reject_ports="$mix_port,$db_port" + ipt_wan_reject tcp + ipt_wan_reject udp + #端口放行 + [ -f "$CRASHDIR"/configs/gateway.cfg ] && . "$CRASHDIR"/configs/gateway.cfg + accept_ports=$(echo "$fw_wan_ports,$vms_port,$sss_port" | sed "s/,,/,/g ;s/^,// ;s/,$//") [ -n "$accept_ports" ] && { - ipt_wan_accept tcp - ipt_wan_accept udp - } - #局域网请求放行 - for ip in $host_ipv4; do - $iptable -I INPUT -s $ip -j ACCEPT - done - ckcmd ip6tables && for ip in $host_ipv6; do - $ip6table -I INPUT -s $ip -j ACCEPT - done - #本机请求全放行 - $iptable -I INPUT -i lo -j ACCEPT - ckcmd ip6tables && $ip6table -I INPUT -i lo -j ACCEPT + ipt_wan_accept tcp + ipt_wan_accept udp + } + #局域网请求放行 + for ip in $host_ipv4; do + $iptable -I INPUT -s $ip -j ACCEPT + done + ckcmd ip6tables && for ip in $host_ipv6; do + $ip6table -I INPUT -s $ip -j ACCEPT + done + #本机请求全放行 + $iptable -I INPUT -i lo -j ACCEPT + ckcmd ip6tables && $ip6table -I INPUT -i lo -j ACCEPT } start_iptables() { #iptables配置总入口 #启动公网访问防火墙 diff --git a/scripts/starts/fw_nftables.sh b/scripts/starts/fw_nftables.sh index 4b5bbf2c..b805ea22 100644 --- a/scripts/starts/fw_nftables.sh +++ b/scripts/starts/fw_nftables.sh @@ -5,24 +5,24 @@ RESERVED_IP=$(echo $reserve_ipv4 | sed 's/[[:space:]]\+/, /g') RESERVED_IP6=$(echo "$reserve_ipv6 $host_ipv6" | sed 's/[[:space:]]\+/, /g') add_ip6_route(){ - #过滤保留地址及本机地址 - nft add rule inet shellcrash $1 ip6 daddr {$RESERVED_IP6} return - #仅代理本机局域网网段流量 - nft add rule inet shellcrash $1 ip6 saddr != {$HOST_IP6} return - #绕过CN_IPV6 - [ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "ON" -a -f "$BINDIR"/cn_ipv6.txt ] && { - CN_IP6=$(awk '{printf "%s, ",$1}' "$BINDIR"/cn_ipv6.txt) - [ -n "$CN_IP6" ] && { - nft add set inet shellcrash cn_ip6 { type ipv6_addr \; flags interval \; } - nft add element inet shellcrash cn_ip6 { $CN_IP6 } - nft add rule inet shellcrash $1 ip6 daddr @cn_ip6 return - } - } + #过滤保留地址及本机地址 + nft add rule inet shellcrash $1 ip6 daddr {$RESERVED_IP6} return + #仅代理本机局域网网段流量 + nft add rule inet shellcrash $1 ip6 saddr != {$HOST_IP6} return + #绕过CN_IPV6 + [ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "ON" -a -f "$BINDIR"/cn_ipv6.txt ] && { + CN_IP6=$(awk '{printf "%s, ",$1}' "$BINDIR"/cn_ipv6.txt) + [ -n "$CN_IP6" ] && { + nft add set inet shellcrash cn_ip6 { type ipv6_addr \; flags interval \; } + nft add element inet shellcrash cn_ip6 { $CN_IP6 } + nft add rule inet shellcrash $1 ip6 daddr @cn_ip6 return + } + } } start_nft_route() { #nftables-route通用工具 #$1:name $2:hook(prerouting/output) $3:type(nat/mangle/filter) $4:priority(-100/-150) [ "$common_ports" = "ON" ] && PORTS=$(echo $multiport | sed 's/,/, /g') - [ "$1" = 'prerouting' ] && HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') + [ "$1" = 'prerouting' ] && HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') [ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/[[:space:]]\+/, /g')" [ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/[[:space:]]\+/, /g')" #添加新链 @@ -39,9 +39,9 @@ start_nft_route() { #nftables-route通用工具 #过滤常用端口 [ -n "$PORTS" ] && { nft add rule inet shellcrash $1 ip daddr != {28.0.0.0/8} tcp dport != {$PORTS} return - nft add rule inet shellcrash $1 ip daddr != {28.0.0.0/8} udp dport != {$PORTS} return + nft add rule inet shellcrash $1 ip daddr != {28.0.0.0/8} udp dport != {$PORTS} return nft add rule inet shellcrash $1 ip6 daddr != {fc00::/16} tcp dport != {$PORTS} return - nft add rule inet shellcrash $1 ip6 daddr != {fc00::/16} udp dport != {$PORTS} return + nft add rule inet shellcrash $1 ip6 daddr != {fc00::/16} udp dport != {$PORTS} return } #nft add rule inet shellcrash $1 ip saddr 28.0.0.0/8 return nft add rule inet shellcrash $1 ip daddr {$RESERVED_IP} return #过滤保留地址 @@ -76,23 +76,23 @@ start_nft_route() { #nftables-route通用工具 [ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "ON" -a -f "$BINDIR"/cn_ip.txt ] && { CN_IP=$(awk '{printf "%s, ",$1}' "$BINDIR"/cn_ip.txt) [ -n "$CN_IP" ] && { - nft add set inet shellcrash cn_ip { type ipv4_addr \; flags interval \; } - nft add element inet shellcrash cn_ip { $CN_IP } - nft add rule inet shellcrash $1 ip daddr @cn_ip return - } - } + nft add set inet shellcrash cn_ip { type ipv4_addr \; flags interval \; } + nft add element inet shellcrash cn_ip { $CN_IP } + nft add rule inet shellcrash $1 ip daddr @cn_ip return + } + } #局域网ipv6支持 if [ "$ipv6_redir" = "ON" -a "$1" = 'prerouting' -a "$firewall_area" != 5 ]; then - HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') + HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') add_ip6_route "$1" elif [ "$ipv6_redir" = "ON" -a "$1" = 'output' -a \( "$firewall_area" = 2 -o "$firewall_area" = 3 \) ]; then HOST_IP6="::1, $(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g')" - add_ip6_route "$1" + add_ip6_route "$1" else nft add rule inet shellcrash $1 meta nfproto ipv6 return fi - #屏蔽quic - [ "$quic_rj" = 'ON' -a "$lan_proxy" = true ] && nft add rule inet shellcrash $1 udp dport {443, 8443} return + #屏蔽quic + [ "$quic_rj" = 'ON' -a "$lan_proxy" = true ] && nft add rule inet shellcrash $1 udp dport {443, 8443} return #添加通用路由 nft add rule inet shellcrash "$1" "$JUMP" #处理特殊路由 @@ -104,10 +104,10 @@ start_nft_route() { #nftables-route通用工具 #nft add rule inet shellcrash local_tproxy log prefix \"pre\" level debug } start_nft_dns() { #nftables-dns - [ "$1" = 'prerouting' ] && { - HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') - HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') - } + [ "$1" = 'prerouting' ] && { + HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') + HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') + } [ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/[[:space:]]\+/, /g')" [ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/[[:space:]]\+/, /g')" nft add chain inet shellcrash "$1"_dns { type nat hook $2 priority -100 \; } @@ -133,26 +133,26 @@ start_nft_dns() { #nftables-dns nft add rule inet shellcrash "$1"_dns tcp dport 53 redirect to "$dns_redir_port" } start_nft_wan() { #nftables公网防火墙 - HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') - HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') + HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g') + HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g') nft add chain inet shellcrash input { type filter hook input priority -100 \; } nft add rule inet shellcrash input iif lo accept #本机请求全放行 - #端口放行 - [ -f "$CRASHDIR"/configs/gateway.cfg ] && . "$CRASHDIR"/configs/gateway.cfg - accept_ports=$(echo "$fw_wan_ports,$vms_port,$sss_port" | sed "s/,,/,/g ;s/^,// ;s/,$// ;s/,/, /") + #端口放行 + [ -f "$CRASHDIR"/configs/gateway.cfg ] && . "$CRASHDIR"/configs/gateway.cfg + accept_ports=$(echo "$fw_wan_ports,$vms_port,$sss_port" | sed "s/,,/,/g ;s/^,// ;s/,$// ;s/,/, /") [ -n "$accept_ports" ] && { - fw_wan_nfports="{ $(echo "$accept_ports" | sed 's/,/, /g') }" - nft add rule inet shellcrash input tcp dport $fw_wan_nfports meta mark set 0x67890 accept - nft add rule inet shellcrash input udp dport $fw_wan_nfports meta mark set 0x67890 accept - } - #端口拦截 - reject_ports="{ $mix_port, $db_port }" - nft add rule inet shellcrash input ip saddr {$HOST_IP} accept - nft add rule inet shellcrash input ip6 saddr {$HOST_IP6} accept - nft add rule inet shellcrash input tcp dport $reject_ports reject - nft add rule inet shellcrash input udp dport $reject_ports reject - #fw4特殊处理 - nft list chain inet fw4 input >/dev/null 2>&1 && \ + fw_wan_nfports="{ $(echo "$accept_ports" | sed 's/,/, /g') }" + nft add rule inet shellcrash input tcp dport $fw_wan_nfports meta mark set 0x67890 accept + nft add rule inet shellcrash input udp dport $fw_wan_nfports meta mark set 0x67890 accept + } + #端口拦截 + reject_ports="{ $mix_port, $db_port }" + nft add rule inet shellcrash input ip saddr {$HOST_IP} accept + nft add rule inet shellcrash input ip6 saddr {$HOST_IP6} accept + nft add rule inet shellcrash input tcp dport $reject_ports reject + nft add rule inet shellcrash input udp dport $reject_ports reject + #fw4特殊处理 + nft list chain inet fw4 input >/dev/null 2>&1 && \ nft list chain inet fw4 input | grep -q '67890' || \ nft insert rule inet fw4 input meta mark 0x67890 accept 2>/dev/null } diff --git a/scripts/starts/fw_start.sh b/scripts/starts/fw_start.sh index 36a985c8..955692d7 100644 --- a/scripts/starts/fw_start.sh +++ b/scripts/starts/fw_start.sh @@ -14,27 +14,27 @@ #设置策略路由 [ "$firewall_area" != 4 ] && { - [ "$redir_mod" = "Tproxy" ] && ip route add local default dev lo table $table 2>/dev/null - [ "$redir_mod" = "Tun" -o "$redir_mod" = "Mix" ] && { - i=1 - while [ -z "$(ip route list | grep utun)" -a "$i" -le 29 ]; do - sleep 1 - i=$((i + 1)) - done - if [ -z "$(ip route list | grep utun)" ]; then - logger "找不到tun模块,放弃启动tun相关防火墙规则!" 31 - else - ip route add default dev utun table $table && tun_statu=true - fi - } - [ "$firewall_area" = 5 ] && ip route add default via $bypass_host table $table 2>/dev/null - [ "$redir_mod" != "Redir" ] && ip rule add fwmark $fwmark table $table 2>/dev/null + [ "$redir_mod" = "Tproxy" ] && ip route add local default dev lo table $table 2>/dev/null + [ "$redir_mod" = "Tun" -o "$redir_mod" = "Mix" ] && { + i=1 + while [ -z "$(ip route list | grep utun)" -a "$i" -le 29 ]; do + sleep 1 + i=$((i + 1)) + done + if [ -z "$(ip route list | grep utun)" ]; then + logger "找不到tun模块,放弃启动tun相关防火墙规则!" 31 + else + ip route add default dev utun table $table && tun_statu=true + fi + } + [ "$firewall_area" = 5 ] && ip route add default via $bypass_host table $table 2>/dev/null + [ "$redir_mod" != "Redir" ] && ip rule add fwmark $fwmark table $table 2>/dev/null } #添加ipv6路由 [ "$ipv6_redir" = "ON" -a "$firewall_area" -le 3 ] && { - [ "$redir_mod" = "Tproxy" ] && ip -6 route add local default dev lo table $((table + 1)) 2>/dev/null - [ -n "$(ip route list | grep utun)" ] && ip -6 route add default dev utun table $((table + 1)) 2>/dev/null - [ "$redir_mod" != "Redir" ] && ip -6 rule add fwmark $fwmark table $((table + 1)) 2>/dev/null + [ "$redir_mod" = "Tproxy" ] && ip -6 route add local default dev lo table $((table + 1)) 2>/dev/null + [ -n "$(ip route list | grep utun)" ] && ip -6 route add default dev utun table $((table + 1)) 2>/dev/null + [ "$redir_mod" != "Redir" ] && ip -6 rule add fwmark $fwmark table $((table + 1)) 2>/dev/null } #判断代理用途 [ "$firewall_area" = 2 -o "$firewall_area" = 3 ] && local_proxy=true @@ -44,11 +44,11 @@ [ "$firewall_mod" = 'nftables' ] && . "$CRASHDIR"/starts/fw_nftables.sh && start_nftables #修复部分虚拟机dns查询失败的问题 [ "$firewall_area" = 2 -o "$firewall_area" = 3 ] && [ -z "$(grep '127.0.0.1' /etc/resolv.conf 2>/dev/null)" ] && [ "$systype" != 'container' ] && { - line=$(grep -n 'nameserver' /etc/resolv.conf | awk -F: 'FNR==1{print $1}') - sed -i "$line i\nameserver 127.0.0.1 #shellcrash-dns-repair" /etc/resolv.conf >/dev/null 2>&1 + line=$(grep -n 'nameserver' /etc/resolv.conf | awk -F: 'FNR==1{print $1}') + sed -i "$line i\nameserver 127.0.0.1 #shellcrash-dns-repair" /etc/resolv.conf >/dev/null 2>&1 } #移除openwrt-dnsmasq的DNS重定向 [ "$(uci get dhcp.@dnsmasq[0].dns_redirect 2>/dev/null)" = 1 ] && { - uci del dhcp.@dnsmasq[0].dns_redirect - uci commit dhcp.@dnsmasq[0] + uci del dhcp.@dnsmasq[0].dns_redirect + uci commit dhcp.@dnsmasq[0] } diff --git a/scripts/starts/fw_stop.sh b/scripts/starts/fw_stop.sh index d528b7be..8e3757b3 100644 --- a/scripts/starts/fw_stop.sh +++ b/scripts/starts/fw_stop.sh @@ -14,110 +14,110 @@ accept_ports=$(echo "$fw_wan_ports,$vms_port,$sss_port" | sed "s/,,/,/g ;s/^,// ;s/,$//") #重置iptables相关规则 ckcmd iptables && { - ckcmd iptables && iptables -h | grep -q '\-w' && iptable='iptables -w' || iptable=iptables - #dns - $iptable -t nat -D PREROUTING -p tcp --dport 53 -j shellcrash_dns 2>/dev/null - $iptable -t nat -D PREROUTING -p udp --dport 53 -j shellcrash_dns 2>/dev/null - $iptable -t nat -D OUTPUT -p udp --dport 53 -j shellcrash_dns_out 2>/dev/null - $iptable -t nat -D OUTPUT -p tcp --dport 53 -j shellcrash_dns_out 2>/dev/null - #redir - $iptable -t nat -D PREROUTING -p tcp $ports -j shellcrash 2>/dev/null - $iptable -t nat -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash 2>/dev/null - $iptable -t nat -D OUTPUT -p tcp $ports -j shellcrash_out 2>/dev/null - $iptable -t nat -D OUTPUT -p tcp -d 28.0.0.0/8 -j shellcrash_out 2>/dev/null - #vm_dns - $iptable -t nat -D PREROUTING -p tcp --dport 53 -j shellcrash_vm_dns 2>/dev/null - $iptable -t nat -D PREROUTING -p udp --dport 53 -j shellcrash_vm_dns 2>/dev/null - #vm_redir - $iptable -t nat -D PREROUTING -p tcp $ports -j shellcrash_vm 2>/dev/null - $iptable -t nat -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash_vm 2>/dev/null - #TPROXY&tun - $iptable -t mangle -D PREROUTING -p tcp $ports -j shellcrash_mark 2>/dev/null - $iptable -t mangle -D PREROUTING -p udp $ports -j shellcrash_mark 2>/dev/null - $iptable -t mangle -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash_mark 2>/dev/null - $iptable -t mangle -D PREROUTING -p udp -d 28.0.0.0/8 -j shellcrash_mark 2>/dev/null - $iptable -t mangle -D OUTPUT -p tcp $ports -j shellcrash_mark_out 2>/dev/null - $iptable -t mangle -D OUTPUT -p udp $ports -j shellcrash_mark_out 2>/dev/null - $iptable -t mangle -D OUTPUT -p tcp -d 28.0.0.0/8 -j shellcrash_mark_out 2>/dev/null - $iptable -t mangle -D OUTPUT -p udp -d 28.0.0.0/8 -j shellcrash_mark_out 2>/dev/null - $iptable -t mangle -D PREROUTING -m mark --mark $fwmark -p tcp -j TPROXY --on-port $tproxy_port 2>/dev/null - $iptable -t mangle -D PREROUTING -m mark --mark $fwmark -p udp -j TPROXY --on-port $tproxy_port 2>/dev/null - #tun - $iptable -D FORWARD -o utun -j ACCEPT 2>/dev/null - #屏蔽QUIC - [ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" != "OFF" ] && set_cn_ip='-m set ! --match-set cn_ip dst' - $iptable -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null - $iptable -D FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT 2>/dev/null - #公网访问 - $iptable -D INPUT -i lo -j ACCEPT 2>/dev/null - for ip in $host_ipv4; do - $iptable -D INPUT -s $ip -j ACCEPT 2>/dev/null - done - $iptable -D INPUT -p tcp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null - $iptable -D INPUT -p udp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null - $iptable -D INPUT -p tcp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null - $iptable -D INPUT -p udp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null - #清理shellcrash自建表 - for text in shellcrash_dns shellcrash shellcrash_out shellcrash_dns_out shellcrash_vm shellcrash_vm_dns; do - $iptable -t nat -F "$text" 2>/dev/null - $iptable -t nat -X "$text" 2>/dev/null - done - for text in shellcrash_mark shellcrash_mark_out; do - $iptable -t mangle -F "$text" 2>/dev/null - $iptable -t mangle -X "$text" 2>/dev/null - done + ckcmd iptables && iptables -h | grep -q '\-w' && iptable='iptables -w' || iptable=iptables + #dns + $iptable -t nat -D PREROUTING -p tcp --dport 53 -j shellcrash_dns 2>/dev/null + $iptable -t nat -D PREROUTING -p udp --dport 53 -j shellcrash_dns 2>/dev/null + $iptable -t nat -D OUTPUT -p udp --dport 53 -j shellcrash_dns_out 2>/dev/null + $iptable -t nat -D OUTPUT -p tcp --dport 53 -j shellcrash_dns_out 2>/dev/null + #redir + $iptable -t nat -D PREROUTING -p tcp $ports -j shellcrash 2>/dev/null + $iptable -t nat -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash 2>/dev/null + $iptable -t nat -D OUTPUT -p tcp $ports -j shellcrash_out 2>/dev/null + $iptable -t nat -D OUTPUT -p tcp -d 28.0.0.0/8 -j shellcrash_out 2>/dev/null + #vm_dns + $iptable -t nat -D PREROUTING -p tcp --dport 53 -j shellcrash_vm_dns 2>/dev/null + $iptable -t nat -D PREROUTING -p udp --dport 53 -j shellcrash_vm_dns 2>/dev/null + #vm_redir + $iptable -t nat -D PREROUTING -p tcp $ports -j shellcrash_vm 2>/dev/null + $iptable -t nat -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash_vm 2>/dev/null + #TPROXY&tun + $iptable -t mangle -D PREROUTING -p tcp $ports -j shellcrash_mark 2>/dev/null + $iptable -t mangle -D PREROUTING -p udp $ports -j shellcrash_mark 2>/dev/null + $iptable -t mangle -D PREROUTING -p tcp -d 28.0.0.0/8 -j shellcrash_mark 2>/dev/null + $iptable -t mangle -D PREROUTING -p udp -d 28.0.0.0/8 -j shellcrash_mark 2>/dev/null + $iptable -t mangle -D OUTPUT -p tcp $ports -j shellcrash_mark_out 2>/dev/null + $iptable -t mangle -D OUTPUT -p udp $ports -j shellcrash_mark_out 2>/dev/null + $iptable -t mangle -D OUTPUT -p tcp -d 28.0.0.0/8 -j shellcrash_mark_out 2>/dev/null + $iptable -t mangle -D OUTPUT -p udp -d 28.0.0.0/8 -j shellcrash_mark_out 2>/dev/null + $iptable -t mangle -D PREROUTING -m mark --mark $fwmark -p tcp -j TPROXY --on-port $tproxy_port 2>/dev/null + $iptable -t mangle -D PREROUTING -m mark --mark $fwmark -p udp -j TPROXY --on-port $tproxy_port 2>/dev/null + #tun + $iptable -D FORWARD -o utun -j ACCEPT 2>/dev/null + #屏蔽QUIC + [ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" != "OFF" ] && set_cn_ip='-m set ! --match-set cn_ip dst' + $iptable -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null + $iptable -D FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT 2>/dev/null + #公网访问 + $iptable -D INPUT -i lo -j ACCEPT 2>/dev/null + for ip in $host_ipv4; do + $iptable -D INPUT -s $ip -j ACCEPT 2>/dev/null + done + $iptable -D INPUT -p tcp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null + $iptable -D INPUT -p udp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null + $iptable -D INPUT -p tcp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null + $iptable -D INPUT -p udp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null + #清理shellcrash自建表 + for text in shellcrash_dns shellcrash shellcrash_out shellcrash_dns_out shellcrash_vm shellcrash_vm_dns; do + $iptable -t nat -F "$text" 2>/dev/null + $iptable -t nat -X "$text" 2>/dev/null + done + for text in shellcrash_mark shellcrash_mark_out; do + $iptable -t mangle -F "$text" 2>/dev/null + $iptable -t mangle -X "$text" 2>/dev/null + done } #重置ipv6规则 ckcmd ip6tables && { - ckcmd ip6tables && ip6tables -h | grep -q '\-w' && ip6table='ip6tables -w' || ip6table=ip6tables - #dns - $ip6table -t nat -D PREROUTING -p tcp --dport 53 -j shellcrashv6_dns 2>/dev/null - $ip6table -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null - #redir - $ip6table -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null - $ip6table -t nat -D PREROUTING -p tcp -d fc00::/16 -j shellcrashv6 2>/dev/null - $ip6table -t nat -D OUTPUT -p tcp $ports -j shellcrashv6_out 2>/dev/null - $ip6table -t nat -D OUTPUT -p tcp -d fc00::/16 -j shellcrashv6_out 2>/dev/null - $ip6table -D INPUT -p tcp --dport 53 -j REJECT 2>/dev/null - $ip6table -D INPUT -p udp --dport 53 -j REJECT 2>/dev/null - #mark - $ip6table -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null - $ip6table -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null - $ip6table -t mangle -D PREROUTING -p tcp -d fc00::/16 -j shellcrashv6_mark 2>/dev/null - $ip6table -t mangle -D PREROUTING -p udp -d fc00::/16 -j shellcrashv6_mark 2>/dev/null - $ip6table -t mangle -D OUTPUT -p tcp $ports -j shellcrashv6_mark_out 2>/dev/null - $ip6table -t mangle -D OUTPUT -p udp $ports -j shellcrashv6_mark_out 2>/dev/null - $ip6table -t mangle -D OUTPUT -p tcp -d fc00::/16 -j shellcrashv6_mark_out 2>/dev/null - $ip6table -t mangle -D OUTPUT -p udp -d fc00::/16 -j shellcrashv6_mark_out 2>/dev/null - $ip6table -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null - $ip6table -t mangle -D PREROUTING -m mark --mark $fwmark -p tcp -j TPROXY --on-port $tproxy_port 2>/dev/null - $ip6table -t mangle -D PREROUTING -m mark --mark $fwmark -p udp -j TPROXY --on-port $tproxy_port 2>/dev/null - #tun - $ip6table -D FORWARD -o utun -j ACCEPT 2>/dev/null - #屏蔽QUIC - [ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" != "OFF" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst' - $ip6table -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null - $ip6table -D FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT 2>/dev/null - #公网访问 - $ip6table -D INPUT -i lo -j ACCEPT 2>/dev/null - for ip in $host_ipv6; do - $ip6table -D INPUT -s $ip -j ACCEPT 2>/dev/null - done - $ip6table -D INPUT -p tcp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null - $ip6table -D INPUT -p udp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null - $ip6table -D INPUT -p tcp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null - $ip6table -D INPUT -p udp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null - #清理shellcrash自建表 - for text in shellcrashv6_dns shellcrashv6 shellcrashv6_out; do - $ip6table -t nat -F "$text" 2>/dev/null - $ip6table -t nat -X "$text" 2>/dev/null - done - for text in shellcrashv6_mark shellcrashv6_mark_out; do - $ip6table -t mangle -F "$text" 2>/dev/null - $ip6table -t mangle -X "$text" 2>/dev/null - done - $ip6table -t mangle -F shellcrashv6_mark 2>/dev/null - $ip6table -t mangle -X shellcrashv6_mark 2>/dev/null + ckcmd ip6tables && ip6tables -h | grep -q '\-w' && ip6table='ip6tables -w' || ip6table=ip6tables + #dns + $ip6table -t nat -D PREROUTING -p tcp --dport 53 -j shellcrashv6_dns 2>/dev/null + $ip6table -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null + #redir + $ip6table -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null + $ip6table -t nat -D PREROUTING -p tcp -d fc00::/16 -j shellcrashv6 2>/dev/null + $ip6table -t nat -D OUTPUT -p tcp $ports -j shellcrashv6_out 2>/dev/null + $ip6table -t nat -D OUTPUT -p tcp -d fc00::/16 -j shellcrashv6_out 2>/dev/null + $ip6table -D INPUT -p tcp --dport 53 -j REJECT 2>/dev/null + $ip6table -D INPUT -p udp --dport 53 -j REJECT 2>/dev/null + #mark + $ip6table -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null + $ip6table -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null + $ip6table -t mangle -D PREROUTING -p tcp -d fc00::/16 -j shellcrashv6_mark 2>/dev/null + $ip6table -t mangle -D PREROUTING -p udp -d fc00::/16 -j shellcrashv6_mark 2>/dev/null + $ip6table -t mangle -D OUTPUT -p tcp $ports -j shellcrashv6_mark_out 2>/dev/null + $ip6table -t mangle -D OUTPUT -p udp $ports -j shellcrashv6_mark_out 2>/dev/null + $ip6table -t mangle -D OUTPUT -p tcp -d fc00::/16 -j shellcrashv6_mark_out 2>/dev/null + $ip6table -t mangle -D OUTPUT -p udp -d fc00::/16 -j shellcrashv6_mark_out 2>/dev/null + $ip6table -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null + $ip6table -t mangle -D PREROUTING -m mark --mark $fwmark -p tcp -j TPROXY --on-port $tproxy_port 2>/dev/null + $ip6table -t mangle -D PREROUTING -m mark --mark $fwmark -p udp -j TPROXY --on-port $tproxy_port 2>/dev/null + #tun + $ip6table -D FORWARD -o utun -j ACCEPT 2>/dev/null + #屏蔽QUIC + [ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" != "OFF" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst' + $ip6table -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null + $ip6table -D FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT 2>/dev/null + #公网访问 + $ip6table -D INPUT -i lo -j ACCEPT 2>/dev/null + for ip in $host_ipv6; do + $ip6table -D INPUT -s $ip -j ACCEPT 2>/dev/null + done + $ip6table -D INPUT -p tcp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null + $ip6table -D INPUT -p udp -m multiport --dports "$accept_ports" -j ACCEPT 2>/dev/null + $ip6table -D INPUT -p tcp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null + $ip6table -D INPUT -p udp -m multiport --dports "$mix_port,$db_port" -j REJECT 2>/dev/null + #清理shellcrash自建表 + for text in shellcrashv6_dns shellcrashv6 shellcrashv6_out; do + $ip6table -t nat -F "$text" 2>/dev/null + $ip6table -t nat -X "$text" 2>/dev/null + done + for text in shellcrashv6_mark shellcrashv6_mark_out; do + $ip6table -t mangle -F "$text" 2>/dev/null + $ip6table -t mangle -X "$text" 2>/dev/null + done + $ip6table -t mangle -F shellcrashv6_mark 2>/dev/null + $ip6table -t mangle -X shellcrashv6_mark 2>/dev/null } #清理ipset规则 ipset destroy cn_ip >/dev/null 2>&1 diff --git a/scripts/starts/general_init.sh b/scripts/starts/general_init.sh index 8a8bcde4..38228304 100644 --- a/scripts/starts/general_init.sh +++ b/scripts/starts/general_init.sh @@ -9,22 +9,22 @@ profile=/etc/profile . "$CRASHDIR"/configs/ShellCrash.cfg #padavan和华硕环境变量目录设置 if [ -d "/etc/storage/clash" -o -d "/etc/storage/ShellCrash" ]; then - i=1 - while [ ! -w /etc/profile -a "$i" -lt 10 ]; do - sleep 3 && i=$((i + 1)) - done - [ -w "$profile" ] || profile=/etc_ro/profile - [ "$zip_type" = 'upx' ] || mount -t tmpfs -o remount,rw,size=45M tmpfs /tmp #增加/tmp空间以适配新的内核压缩方式 - sed -i '' "$profile" #将软链接转化为一般文件 + i=1 + while [ ! -w /etc/profile -a "$i" -lt 10 ]; do + sleep 3 && i=$((i + 1)) + done + [ -w "$profile" ] || profile=/etc_ro/profile + [ "$zip_type" = 'upx' ] || mount -t tmpfs -o remount,rw,size=45M tmpfs /tmp #增加/tmp空间以适配新的内核压缩方式 + sed -i '' "$profile" #将软链接转化为一般文件 elif [ -d "/jffs" ]; then - sleep 60 - [ -w "$profile" ] || profile=$(cat /etc/profile | grep -oE '\-f.*jffs.*profile' | awk '{print $2}') + sleep 60 + [ -w "$profile" ] || profile=$(cat /etc/profile | grep -oE '\-f.*jffs.*profile' | awk '{print $2}') fi #写入环境变量 set_profile "$profile" #启动进程或删除守护进程 if [ -f "$CRASHDIR"/.dis_startup ] || [ -f "$CRASHDIR"/.start_error ];then - cronset "保守模式守护进程" + cronset "保守模式守护进程" else - "$CRASHDIR"/start.sh start + "$CRASHDIR"/start.sh start fi diff --git a/scripts/starts/singbox_check.sh b/scripts/starts/singbox_check.sh index 9307664f..10bbf6f5 100644 --- a/scripts/starts/singbox_check.sh +++ b/scripts/starts/singbox_check.sh @@ -2,8 +2,8 @@ singbox_check() { #singbox启动前检查 #检测singboxr专属功能 [ "$crashcore" != "singboxr" ] && [ -n "$(cat "$CRASHDIR"/jsons/*.json | grep -oE '"shadowsocksr"|"providers"')" ] && { - . "$CRASHDIR"/starts/core_exchange.sh && core_exchange singboxr 'singboxr内核专属功能' - } + . "$CRASHDIR"/starts/core_exchange.sh && core_exchange singboxr 'singboxr内核专属功能' + } check_core #预下载cn.srs数据库 [ "$dns_mod" = "mix" ] || [ "$dns_mod" = "route" ] && ! grep -Eq '"tag" *:[[:space:]]*"cn"' "$CRASHDIR"/jsons/*.json && check_geo ruleset/cn.srs srs_geosite_cn.srs diff --git a/scripts/starts/singbox_modify.sh b/scripts/starts/singbox_modify.sh index bde8ce07..a944649d 100644 --- a/scripts/starts/singbox_modify.sh +++ b/scripts/starts/singbox_modify.sh @@ -39,7 +39,7 @@ parse_singbox_dns() { #dns转换 esac fi # 输出 - echo '"type": "'"$type"'", "server": "'"$server"'", "server_port": '"$port"',' + echo '"type": "'"$type"'", "server": "'"$server"'", "server_port": '"$port"',' } modify_json() { #提取配置文件以获得outbounds.json,providers.json及route.json @@ -53,11 +53,11 @@ modify_json() { } cat "$TMPDIR"/format.json | sed -n '/"route":/,/^\( "[a-z]\|}\)/p' | sed '$d' >>"$TMPDIR"/jsons/route.json #生成endpoints.json - [ "$ts_service" = ON ] || [ "$wg_service" = ON ] && [ "$zip_type" != upx ] && { - . "$CRASHDIR"/configs/gateway.cfg - . "$CRASHDIR"/libs/sb_endpoints.sh - } - #生成log.json + [ "$ts_service" = ON ] || [ "$wg_service" = ON ] && [ "$zip_type" != upx ] && { + . "$CRASHDIR"/configs/gateway.cfg + . "$CRASHDIR"/libs/sb_endpoints.sh + } + #生成log.json cat >"$TMPDIR"/jsons/log.json <"$TMPDIR"/jsons/add_rule_set.json <>"$TMPDIR"/jsons/tun.json <"$TMPDIR"/jsons/add_outbounds.json <"$TMPDIR"/jsons/experimental.json < /dev/null - #备份还原SSH秘钥 - [ -f "$CRASHDIR"/configs/dropbear_rsa_host_key ] && ln -sf "$CRASHDIR"/configs/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key - [ -f "$CRASHDIR"/configs/authorized_keys ] && ln -sf "$CRASHDIR"/configs/authorized_keys /etc/dropbear/authorized_keys + uci -c /usr/share/xiaoqiang set xiaoqiang_version.version.CHANNEL='stable' + uci -c /usr/share/xiaoqiang commit xiaoqiang_version.version + } + [ -z "$(pidof dropbear)" -o -z "$(netstat -ntul | grep :22)" ] && { + sed -i 's/channel=.*/channel="debug"/g' /etc/init.d/dropbear + /etc/init.d/dropbear restart + [ -n "$mi_autoSSH_pwd" ] && echo -e "$mi_autoSSH_pwd\n$mi_autoSSH_pwd" | passwd root + } + #配置nvram + [ "$(nvram get ssh_en)" = 0 ] && nvram set ssh_en=1 + [ "$(nvram get telnet_en)" = 0 ] && nvram set telnet_en=1 + nvram commit &> /dev/null + #备份还原SSH秘钥 + [ -f "$CRASHDIR"/configs/dropbear_rsa_host_key ] && ln -sf "$CRASHDIR"/configs/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key + [ -f "$CRASHDIR"/configs/authorized_keys ] && ln -sf "$CRASHDIR"/configs/authorized_keys /etc/dropbear/authorized_keys } tunfix(){ - ko_dir=$(modinfo ip_tables | grep -Eo '/lib/modules.*/ip_tables.ko' | sed 's|/ip_tables.ko||' ) - #在/tmp创建并挂载overlay - mkdir -p /tmp/overlay - mkdir -p /tmp/overlay/upper - mkdir -p /tmp/overlay/work - mount -o noatime,lowerdir="$ko_dir",upperdir=/tmp/overlay/upper,workdir=/tmp/overlay/work -t overlay "overlay_mods_only" "$ko_dir" - #将tun.ko链接到lib - ln -sf "$CRASHDIR"/tools/tun.ko "$ko_dir"/tun.ko + ko_dir=$(modinfo ip_tables | grep -Eo '/lib/modules.*/ip_tables.ko' | sed 's|/ip_tables.ko||' ) + #在/tmp创建并挂载overlay + mkdir -p /tmp/overlay + mkdir -p /tmp/overlay/upper + mkdir -p /tmp/overlay/work + mount -o noatime,lowerdir="$ko_dir",upperdir=/tmp/overlay/upper,workdir=/tmp/overlay/work -t overlay "overlay_mods_only" "$ko_dir" + #将tun.ko链接到lib + ln -sf "$CRASHDIR"/tools/tun.ko "$ko_dir"/tun.ko } tproxyfix(){ - sed -i 's/sysctl -w net.bridge.bridge-nf-call-ip/#sysctl -w net.bridge.bridge-nf-call-ip/g' /etc/init.d/qca-nss-ecm - sysctl -w net.bridge.bridge-nf-call-iptables=0 - sysctl -w net.bridge.bridge-nf-call-ip6tables=0 + sed -i 's/sysctl -w net.bridge.bridge-nf-call-ip/#sysctl -w net.bridge.bridge-nf-call-ip/g' /etc/init.d/qca-nss-ecm + sysctl -w net.bridge.bridge-nf-call-iptables=0 + sysctl -w net.bridge.bridge-nf-call-ip6tables=0 } auto_clean(){ - #自动清理升级备份文件夹 - rm -rf /data/etc_bak - #自动清理被写入闪存的系统日志并禁止服务 - /etc/init.d/stat_points stop 2>/dev/null - /etc/init.d/stat_points disable 2>/dev/null - sed -i '\#/logrotate#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root - sed -i '\#/sec_cfg_bak#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root - rm -rf /data/usr/log /data/usr/sec_cfg - + #自动清理升级备份文件夹 + rm -rf /data/etc_bak + #自动清理被写入闪存的系统日志并禁止服务 + /etc/init.d/stat_points stop 2>/dev/null + /etc/init.d/stat_points disable 2>/dev/null + sed -i '\#/logrotate#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root + sed -i '\#/sec_cfg_bak#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root + rm -rf /data/usr/log /data/usr/sec_cfg + } auto_start(){ - #设置init.d服务 - [ ! -x /etc/init.d/shellcrash ] && { - cp -f "$CRASHDIR"/starts/shellcrash.procd /etc/init.d/shellcrash - chmod 755 /etc/init.d/shellcrash - } - #初始化环境变量 - grep -q '^export CRASHDIR=' '/etc/profile' || { - . "$CRASHDIR"/libs/set_profile.sh - set_profile '/etc/profile' - } - #启动服务 - if [ ! -f "$CRASHDIR"/.dis_startup ] && [ ! -f "$CRASHDIR"/.start_error ]; then - #AX6S/AX6000修复tun功能 - [ -s "$CRASHDIR"/tools/tun.ko ] && tunfix - #小米7000/小米万兆修复tproxy - [ -f /etc/init.d/qca-nss-ecm ] && echo "$redir_mod" | grep -q 'Tproxy' && tproxyfix - #自动覆盖根证书文件 - [ -s "$CRASHDIR"/tools/ca-certificates.crt ] && cp -f "$CRASHDIR"/tools/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt - #启动服务 - "$CRASHDIR"/start.sh stop - /etc/init.d/shellcrash start && /etc/init.d/shellcrash enable - fi + #设置init.d服务 + [ ! -x /etc/init.d/shellcrash ] && { + cp -f "$CRASHDIR"/starts/shellcrash.procd /etc/init.d/shellcrash + chmod 755 /etc/init.d/shellcrash + } + #初始化环境变量 + grep -q '^export CRASHDIR=' '/etc/profile' || { + . "$CRASHDIR"/libs/set_profile.sh + set_profile '/etc/profile' + } + #启动服务 + if [ ! -f "$CRASHDIR"/.dis_startup ] && [ ! -f "$CRASHDIR"/.start_error ]; then + #AX6S/AX6000修复tun功能 + [ -s "$CRASHDIR"/tools/tun.ko ] && tunfix + #小米7000/小米万兆修复tproxy + [ -f /etc/init.d/qca-nss-ecm ] && echo "$redir_mod" | grep -q 'Tproxy' && tproxyfix + #自动覆盖根证书文件 + [ -s "$CRASHDIR"/tools/ca-certificates.crt ] && cp -f "$CRASHDIR"/tools/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt + #启动服务 + "$CRASHDIR"/start.sh stop + /etc/init.d/shellcrash start && /etc/init.d/shellcrash enable + fi } init(){ - #等待启动完成 - while ! ip a| grep -q lan; do - sleep 10 - done - autoSSH #软固化功能 - auto_clean #自动清理 - auto_start - #启动自定义服务 - [ -s /data/auto_start.sh ] && /bin/sh /data/auto_start.sh & - #兼容auto_ssh脚本 - [ -s /data/auto_ssh/auto_ssh.sh ] && /bin/sh /data/auto_ssh/auto_ssh.sh & + #等待启动完成 + while ! ip a| grep -q lan; do + sleep 10 + done + autoSSH #软固化功能 + auto_clean #自动清理 + auto_start + #启动自定义服务 + [ -s /data/auto_start.sh ] && /bin/sh /data/auto_start.sh & + #兼容auto_ssh脚本 + [ -s /data/auto_ssh/auto_ssh.sh ] && /bin/sh /data/auto_ssh/auto_ssh.sh & } case "$1" in - tunfix) tunfix ;; - tproxyfix) tproxyfix ;; - auto_clean) auto_clean ;; - init) init ;; - *) - if [ -z "$(pidof CrashCore)" ];then - init & - fi - ;; + tunfix) tunfix ;; + tproxyfix) tproxyfix ;; + auto_clean) auto_clean ;; + init) init ;; + *) + if [ -z "$(pidof CrashCore)" ];then + init & + fi + ;; esac diff --git a/scripts/starts/start_error.sh b/scripts/starts/start_error.sh index 13726b50..ecd875db 100644 --- a/scripts/starts/start_error.sh +++ b/scripts/starts/start_error.sh @@ -1,11 +1,11 @@ if [ "$start_old" != "ON" ] && ckcmd journalctl; then - journalctl -u shellcrash >"$TMPDIR"/core_test.log + journalctl -u shellcrash >"$TMPDIR"/core_test.log else - PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 "$PID" >/dev/null 2>&1 - ${COMMAND} >"$TMPDIR"/core_test.log 2>&1 & - sleep 2 - kill $! >/dev/null 2>&1 + PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 "$PID" >/dev/null 2>&1 + ${COMMAND} >"$TMPDIR"/core_test.log 2>&1 & + sleep 2 + kill $! >/dev/null 2>&1 fi touch "$CRASHDIR"/.start_error #标记启动失败,防止自启 error=$(cat "$TMPDIR"/core_test.log | grep -iEo 'error.*=.*|.*ERROR.*|.*FATAL.*') diff --git a/scripts/starts/start_legacy.sh b/scripts/starts/start_legacy.sh index bcbd4dc1..84e7d196 100644 --- a/scripts/starts/start_legacy.sh +++ b/scripts/starts/start_legacy.sh @@ -2,14 +2,14 @@ . "$CRASHDIR"/libs/check_cmd.sh start_legacy(){ - ckcmd nohup && _nohup=nohup - if ckcmd su && grep -q 'shellcrash:x:0:7890' /etc/passwd;then - su shellcrash -c "$_nohup $1 >/dev/null 2>&1 & echo \$! > /tmp/ShellCrash/$2.pid" - elif ckcmd setsid; then + ckcmd nohup && _nohup=nohup + if ckcmd su && grep -q 'shellcrash:x:0:7890' /etc/passwd;then + su shellcrash -c "$_nohup $1 >/dev/null 2>&1 & echo \$! > /tmp/ShellCrash/$2.pid" + elif ckcmd setsid; then $_nohup setsid $1 >/dev/null 2>&1 & echo $! > "/tmp/ShellCrash/$2.pid" - else - $_nohup $1 >/dev/null 2>&1 & - echo $! > "/tmp/ShellCrash/$2.pid" - fi + else + $_nohup $1 >/dev/null 2>&1 & + echo $! > "/tmp/ShellCrash/$2.pid" + fi } diff --git a/scripts/starts/start_legacy_wd.sh b/scripts/starts/start_legacy_wd.sh index f1695ef1..bd8ef80b 100644 --- a/scripts/starts/start_legacy_wd.sh +++ b/scripts/starts/start_legacy_wd.sh @@ -7,24 +7,24 @@ LOCKDIR="/tmp/ShellCrash/start_$1.lock" mkdir "$LOCKDIR" 2>/dev/null || exit 1 if [ -f "$PIDFILE" ]; then - PID="$(cat "$PIDFILE")" - if [ -n "$PID" ] && [ "$PID" -eq "$PID" ] 2>/dev/null; then - if kill -0 "$PID" 2>/dev/null || [ -d "/proc/$PID" ]; then - rm -fr "$LOCKDIR" 2>/dev/null - exit 0 - fi - else - rm -f "$PIDFILE" - fi + PID="$(cat "$PIDFILE")" + if [ -n "$PID" ] && [ "$PID" -eq "$PID" ] 2>/dev/null; then + if kill -0 "$PID" 2>/dev/null || [ -d "/proc/$PID" ]; then + rm -fr "$LOCKDIR" 2>/dev/null + exit 0 + fi + else + rm -f "$PIDFILE" + fi fi #如果没有进程则拉起 if [ "$1" = "shellcrash" ]; then - "$CRASHDIR"/start.sh start + "$CRASHDIR"/start.sh start else - [ -f "$CRASHDIR/starts/start_legacy.sh" ] && . "$CRASHDIR/starts/start_legacy.sh" - killall bot_tg.sh 2>/dev/null - start_legacy "$CRASHDIR/menus/bot_tg.sh" "$1" + [ -f "$CRASHDIR/starts/start_legacy.sh" ] && . "$CRASHDIR/starts/start_legacy.sh" + killall bot_tg.sh 2>/dev/null + start_legacy "$CRASHDIR/menus/bot_tg.sh" "$1" fi rm -fr "$LOCKDIR" 2>/dev/null