2019-07-02 18:06:49 +08:00
#!/bin/sh /etc/rc.common
START=99
STOP=15
CLASH="/etc/clash/clash"
CLASH_CONFIG="/etc/clash"
CRON_FILE="/etc/crontabs/root"
revert_dns() {
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
dns_serve1=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)
if [ $dns_serve1 ]; then
uci del dhcp.@dnsmasq[-1].server
fi
2019-07-02 18:06:49 +08:00
uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
uci set dhcp.@dnsmasq[0].noresolv=0
uci commit dhcp
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
add_cron(){
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
sed -i '/clash.log/d' $CRON_FILE
echo '0 0 * * 0 echo "" > /tmp/clash.log' >> $CRON_FILE
[ -n "$(grep -w "/usr/share/clash/clash.sh" $CRON_FILE)" ] && sed -i '/\/usr\/share\/clash\/clash.sh/d' $CRON_FILE
auto=$(uci get clash.config.auto_update 2>/dev/null)
if [ $auto -eq 1 ]; then
[ -z "$(grep -w "/usr/share/clash/clash.sh" $CRON_FILE)" ] && echo "0 $(uci get clash.config.auto_update_time 2>/dev/null) * * * /usr/share/clash/clash.sh" >> $CRON_FILE
2019-07-27 18:40:29 +08:00
[ -z "$(grep -w "/etc/init.d/clash" $CRON_FILE)" ] && echo "05 0 * * * /etc/init.d/clash restart" >> $CRON_FILE
2019-07-02 18:06:49 +08:00
fi
crontab $CRON_FILE
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
2019-07-27 18:40:29 +08:00
del_cron(){
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
sed -i '/clash/d' $CRON_FILE
sed -i '/clash.log/d' $CRON_FILE
/etc/init.d/cron restart
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
2019-07-27 18:40:29 +08:00
yml_change(){
#===========================================================================================================================
mode=$(uci get clash.config.mode 2>/dev/null)
da_password=$(uci get clash.config.dash_pass 2>/dev/null)
redir_port=$(uci get clash.config.redir_port 2>/dev/null)
http_port=$(uci get clash.config.http_port 2>/dev/null)
socks_port=$(uci get clash.config.socks_port 2>/dev/null)
dash_port=$(uci get clash.config.dash_port 2>/dev/null)
log_level=$(uci get clash.config.level 2>/dev/null)
subtype=$(uci get clash.config.subcri 2>/dev/null)
if [ $mode -eq 1 ]; then
sed -i "/Proxy:/i\#clash-openwrt" /etc/clash/config.yaml
sed -i "/#clash-openwrt/a\#=============" /etc/clash/config.yaml
sed -i "/#=============/a\ " /etc/clash/config.yaml
sed -i '1,/#clash-openwrt/d' /etc/clash/config.yaml
mv /etc/clash/config.yaml /etc/clash/dns.yaml
cat /usr/share/clash/dns.yaml /etc/clash/dns.yaml > /etc/clash/config.yaml
rm -rf /etc/clash/dns.yaml
sed -i "1i\port: ${http_port}" /etc/clash/config.yaml
sed -i "2i\socks-port: ${socks_port}" /etc/clash/config.yaml
sed -i "3i\redir-port: ${redir_port}" /etc/clash/config.yaml
sed -i "4i\allow-lan: true" /etc/clash/config.yaml
sed -i "5i\mode: Rule" /etc/clash/config.yaml
sed -i "6i\log-level: ${log_level}" /etc/clash/config.yaml
sed -i "7i\external-controller: 0.0.0.0:${dash_port}" /etc/clash/config.yaml
sed -i "8i\secret: '${da_password}'" /etc/clash/config.yaml
sed -i "9i\external-ui: "/usr/share/clash/dashboard"" /etc/clash/config.yaml
sed -i "10i\ " /etc/clash/config.yaml
sed -i "11i\ " /etc/clash/config.yaml
sed -i '/#=============/ d' /etc/clash/config.yaml
else
if [ $subtype=="v2rayn2clash" ] || [ $subtype=="surge2clash" ];then
sed -i "/Proxy:/i\#clash-openwrt" /etc/clash/config.yaml
sed -i "/#clash-openwrt/a\#=============" /etc/clash/config.yaml
sed -i "/#=============/a\ " /etc/clash/config.yaml
sed -i '1,/#clash-openwrt/d' /etc/clash/config.yaml
mv /etc/clash/config.yaml /etc/clash/dns.yaml
cat /usr/share/clash/dns.yaml /etc/clash/dns.yaml > /etc/clash/config.yaml
rm -rf /etc/clash/dns.yaml
else
sed -i "/dns:/i\#clash-openwrt" /etc/clash/config.yaml
sed -i "/#clash-openwrt/a\#=============" /etc/clash/config.yaml
sed -i '1,/#clash-openwrt/d' /etc/clash/config.yaml
2019-07-02 18:06:49 +08:00
fi
2019-07-27 18:40:29 +08:00
sed -i "1i\port: ${http_port}" /etc/clash/config.yaml
sed -i "2i\socks-port: ${socks_port}" /etc/clash/config.yaml
sed -i "3i\redir-port: ${redir_port}" /etc/clash/config.yaml
sed -i "4i\allow-lan: true" /etc/clash/config.yaml
sed -i "5i\mode: Rule" /etc/clash/config.yaml
sed -i "6i\log-level: ${log_level}" /etc/clash/config.yaml
sed -i "7i\external-controller: 0.0.0.0:${dash_port}" /etc/clash/config.yaml
sed -i "8i\secret: '${da_password}'" /etc/clash/config.yaml
sed -i "9i\external-ui: "/usr/share/clash/dashboard"" /etc/clash/config.yaml
sed -i "10i\ " /etc/clash/config.yaml
sed -i "11i\ " /etc/clash/config.yaml
sed -i '/#=============/ d' /etc/clash/config.yaml
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
fi
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
yml_dns_change(){
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
dns_port=$(grep listen: /etc/clash/config.yaml |awk -F ':' '{print $3}' |tr -cd "[0-9]")
dnsforwader=$(uci get clash.config.dnsforwader 2>/dev/null)
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
if [ $dns_port -eq 53 ]; then
sed -i '/listen:/ d' /etc/clash/config.yaml
sed -i "/nameserver:/i\ listen: 0.0.0.0:5300" /etc/clash/config.yaml
fi
if [ $dnsforwader -eq 1 ]; then
2019-07-02 18:06:49 +08:00
if [ $dns_port -eq 53 ]; then
dns_serve1=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)
if [ $dns_serve1 ]; then
uci del dhcp.@dnsmasq[-1].server
fi
2019-07-27 18:40:29 +08:00
uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#5300 >/dev/null 2>&1
uci delete dhcp.@dnsmasq[0].resolvfile
uci set dhcp.@dnsmasq[0].noresolv=1
uci commit dhcp
2019-07-02 18:06:49 +08:00
else
dns_serve1=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)
if [ $dns_serve1 ]; then
uci del dhcp.@dnsmasq[-1].server
fi
2019-07-27 18:40:29 +08:00
uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port >/dev/null 2>&1
uci delete dhcp.@dnsmasq[0].resolvfile
uci set dhcp.@dnsmasq[0].noresolv=1
uci commit dhcp
2019-07-02 18:06:49 +08:00
fi
2019-07-27 18:40:29 +08:00
fi
#===========================================================================================================================
}
access() {
#===========================================================================================================================
lan_ac_ips=$(uci get clash.config.lan_ac_ips)
ipset -! -R <<-EOF
create clash_lan_ac hash:net
$(for ip in $lan_ac_ips; do echo "add clash_lan_ac $ip"; done)
EOF
#===========================================================================================================================
}
reject_access() {
#===========================================================================================================================
lan_ac=$(uci get clash.config.lan_ips)
ipset -! -R <<-EOF
create clash_lan hash:net
$(for ip in $lan_ac; do echo "add clash_lan $ip"; done)
EOF
#===========================================================================================================================
}
rules(){
#===========================================================================================================================
lan_ip=$(uci get network.lan.ipaddr 2>/dev/null)
lanac=$(uci get clash.config.rejectlan 2>/dev/null)
lan=$(uci get clash.config.proxylan 2>/dev/null)
dns_port=$(grep listen: /etc/clash/config.yaml |awk -F ':' '{print $3}' |tr -cd "[0-9]")
redir_port=$(uci get clash.config.redir_port 2>/dev/null)
iptables -t nat -N clash_tcp
iptables -t nat -N clash_udp
iptables -t nat -A clash_tcp -d 0.0.0.0/8 -j RETURN
iptables -t nat -A clash_tcp -d 10.0.0.0/8 -j RETURN
iptables -t nat -A clash_tcp -d 127.0.0.0/8 -j RETURN
iptables -t nat -A clash_tcp -d 169.254.0.0/16 -j RETURN
iptables -t nat -A clash_tcp -d 172.16.0.0/12 -j RETURN
iptables -t nat -A clash_tcp -d 192.168.0.0/16 -j RETURN
iptables -t nat -A clash_tcp -d 224.0.0.0/4 -j RETURN
iptables -t nat -A clash_tcp -d 240.0.0.0/4 -j RETURN
iptables -t nat -A clash_tcp -d $lan_ip -j RETURN
iptables -t nat -A clash_tcp -p tcp --dport 22 -j ACCEPT
iptables -t nat -A clash_udp -p udp -j REDIRECT --to-ports $dns_port
if [ $lanac -eq 1 ]; then
iptables -t nat -A clash_tcp -p tcp -m set --match-set clash_lan src -j RETURN
iptables -t nat -A clash_tcp -p tcp -j REDIRECT --to-ports $redir_port
elif [ $lan -eq 1 ]; then
iptables -t nat -A clash_tcp -p tcp -m set --match-set clash_lan_ac src -j REDIRECT --to-ports $redir_port
else
iptables -t nat -A clash_tcp -p tcp -j REDIRECT --to-ports $redir_port
fi
iptables -t nat -I PREROUTING 1 -p udp --dport 53 -j clash_udp
iptables -t nat -A PREROUTING -p tcp -j clash_tcp
#===========================================================================================================================
}
yml_yaml(){
#===========================================================================================================================
subscribe_url=$(uci get clash.config.subscribe_url 2>/dev/null)
size=$(ls -l /etc/clash/config.yaml|awk '{print $5}')
if [ -f /etc/clash/config.yml ] && [ ! -f /etc/clash/config.yaml ] || [ -f /etc/clash/config.yml ] && [ -f /etc/clash/config.yaml ] && [ $size -eq 0 ];then
mv /etc/clash/config.yml /etc/clash/config.yaml
elif [ ! -f /etc/clash/config.yaml ] && [ $subscribe_url ];then
sh /usr/share/clash/clash.sh >>/tmp/clash.log >/dev/null 2>&1
fi
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
2019-07-27 18:40:29 +08:00
start(){
#===========================================================================================================================
if pidof clash >/dev/null; then
kill $(pidof clash) >/dev/null 2>&1 || kill -9 $(ps | grep clash | grep -v grep | awk '{print $1}') >/dev/null 2>&1
fi
2019-07-02 18:06:49 +08:00
enable=$(uci get clash.config.enable 2>/dev/null)
2019-07-27 18:40:29 +08:00
yml_yaml
size=$(ls -l /etc/clash/config.yaml|awk '{print $5}')
lan=$(uci get clash.config.proxylan 2>/dev/null)
lanac=$(uci get clash.config.rejectlan 2>/dev/null)
2019-07-02 18:06:49 +08:00
if [ $enable -eq 1 ]; then
2019-07-27 18:40:29 +08:00
if [ $size -ne 0 ]; then
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
if [ $lan ]; then
access >/dev/null 2>&1
fi
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
if [ $lanac ]; then
reject_access >/dev/null 2>&1
fi
yml_change
yml_dns_change
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
nohup $CLASH -d "$CLASH_CONFIG" > /tmp/clash.log 2>&1 &
ln -s /usr/share/clash/web /www/clash
uci set firewall.@defaults[0].flow_offloading=1
uci commit firewall
/etc/init.d/firewall restart >/dev/null 2>&1
rules >/dev/null 2>&1
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
killall -1 dnsmasq
2019-07-02 18:06:49 +08:00
/etc/init.d/dnsmasq restart >/dev/null 2>&1
2019-07-27 18:40:29 +08:00
2019-07-02 18:06:49 +08:00
if pidof clash >/dev/null; then
add_cron
2019-07-27 18:40:29 +08:00
nohup /usr/share/clash/clash-watchdog.sh >/dev/null 2>&1
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
fi
else
echo "===============================$(date "+%Y-%m-%d %H:%M:%S") problem with config.yaml, config.yaml is either empty or not found =====================================" >> /tmp/clash.log
2019-07-02 18:06:49 +08:00
fi
2019-07-27 18:40:29 +08:00
else
echo "===============================$(date "+%Y-%m-%d %H:%M:%S") CLIENT IS DISABLED =====================================" >> /tmp/clash.log
fi
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
2019-07-27 18:40:29 +08:00
stop(){
#===========================================================================================================================
iptables -t nat -F clash_tcp >/dev/null 2>&1
iptables -t nat -X clash_tcp >/dev/null 2>&1
iptables -t nat -F clash_udp >/dev/null 2>&1
iptables -t nat -X clash_udp >/dev/null 2>&1
iptables -t nat -D PREROUTING -p tcp -j clash_tcp >/dev/null 2>&1
iptables -t nat -D PREROUTING -p udp -j clash_udp >/dev/null 2>&1
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
ipset -! flush clash_lan_ac >/dev/null 2>&1
ipset -! flush clash_lan >/dev/null 2>&1
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
kill -9 $(ps | grep clash-watchdog.sh | grep -v grep | awk '{print $1}') >/dev/null 2>&1
kill -9 `pidof clash|sed "s/$//g"` 2>/dev/null
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
revert_dns
uci set firewall.@defaults[0].flow_offloading=1
uci commit firewall
/etc/init.d/firewall restart >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
rm -rf /www/clash 2> /dev/null
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
del_cron
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
rm -rf /tmp/clash.log
2019-07-02 18:06:49 +08:00
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
restart(){
2019-07-27 18:40:29 +08:00
#===========================================================================================================================
if pidof clash >/dev/null; then
stop
sleep 2
start
else
start
fi
#===========================================================================================================================
2019-07-02 18:06:49 +08:00
}
2019-07-27 18:40:29 +08:00
