fish/immortalwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge Mainline

Browse Source
This commit is contained in:
CN_SZTL 2020-07-27 19:36:31 +08:00
commit 628d31dbe1
No known key found for this signature in database
GPG Key ID: 6850B6345C862176
47 changed files with 807 additions and 466 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -15,7 +15,7 @@ Has access to both ChinaNet & Internet
```bash
sudo apt-get update -y
sudo apt-get full-upgrade -y
sudo apt-get install -y build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libreadline-dev libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint ccache curl wget vim nano python python3 python-pip python3-pip python-ply python3-ply haveged lrzsz device-tree-compiler scons antlr3 gperf intltool
sudo apt-get install -y build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libreadline-dev libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint ccache curl wget vim nano python python3 python-pip python3-pip python-ply python3-ply haveged lrzsz device-tree-compiler scons antlr3 gperf intltool rsync
```
#### For mainland China & Ubuntu(16.04+) user, you may run the following command to setup quickly:
```bash

3
package/ctcgfw/luci-app-adguardhome/root/usr/share/AdGuardHome/links.txt
View File

@ -1,3 +1,2 @@
https://github.com/AdguardTeam/AdGuardHome/releases/download/${latest_ver}/AdGuardHome_linux_${Arch}.tar.gz
https://static.adguard.com/adguardhome/release/AdGuardHome_linux_${Arch}.tar.gz
#https://static.adguard.com/adguardhome/beta/AdGuardHome_linux_${Arch}.tar.gz
#https://static.adguard.com/adguardhome/beta/AdGuardHome_linux_${Arch}.tar.gz

7
package/ctcgfw/luci-app-openclash/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-openclash
PKG_VERSION:=0.39.4
PKG_VERSION:=0.39.5
PKG_RELEASE:=beta
PKG_MAINTAINER:=vernesong <https://github.com/vernesong/OpenClash>
@ -41,6 +41,7 @@ define Build/Prepare
cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_rules_2.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_rules_2.list" >/dev/null 2>&1
cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_hosts.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_hosts.list" >/dev/null 2>&1
cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_fake_filter.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_fake_filter.list" >/dev/null 2>&1
cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_domain_dns.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_domain_dns.list" >/dev/null 2>&1
endef
define Build/Configure
@ -64,6 +65,7 @@ if [ -f "/etc/openclash/custom/openclash_custom_rules.list" ]; then
cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/tmp/openclash_custom_rules_2.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_hosts.list" "/tmp/openclash_custom_hosts.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/tmp/openclash_custom_fake_filter.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/tmp/openclash_custom_domain_dns.list.bak" >/dev/null 2>&1
fi
endef
@ -91,6 +93,7 @@ cp "/etc/openclash/custom/openclash_custom_rules.list" "/usr/share/openclash/bac
cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/usr/share/openclash/backup/openclash_custom_rules_2.list" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_hosts.list" "/usr/share/openclash/backup/openclash_custom_hosts.list" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/usr/share/openclash/backup/openclash_custom_fake_filter.list" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/usr/share/openclash/backup/openclash_custom_domain_dns.list" >/dev/null 2>&1
if [ -f "/tmp/openclash.bak" ]; then
mv "/tmp/openclash.bak" "/etc/config/openclash" >/dev/null 2>&1
@ -98,6 +101,7 @@ if [ -f "/tmp/openclash.bak" ]; then
mv "/tmp/openclash_custom_rules_2.list.bak" "/etc/openclash/custom/openclash_custom_rules_2.list" >/dev/null 2>&1
mv "/tmp/openclash_custom_hosts.list.bak" "/etc/openclash/custom/openclash_custom_hosts.list" >/dev/null 2>&1
mv "/tmp/openclash_custom_fake_filter.list.bak" "/etc/openclash/custom/openclash_custom_fake_filter.list" >/dev/null 2>&1
mv "/tmp/openclash_custom_domain_dns.list.bak" "/etc/openclash/custom/openclash_custom_domain_dns.list" >/dev/null 2>&1
if [ -d "/tmp/openclash_history/" ]; then
cp -a "/tmp/openclash_history/." "/etc/openclash/history" >/dev/null 2>&1
rm -rf "/tmp/openclash_history" >/dev/null 2>&1
@ -168,6 +172,7 @@ define Package/$(PKG_NAME)/prerm
cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/tmp/openclash_custom_rules_2.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_hosts.list" "/tmp/openclash_custom_hosts.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/tmp/openclash_custom_fake_filter.list.bak" >/dev/null 2>&1
cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/tmp/openclash_custom_domain_dns.list.bak" >/dev/null 2>&1
endef
define Package/$(PKG_NAME)/postrm

34
package/ctcgfw/luci-app-openclash/files/etc/init.d/openclash
View File

@ -62,8 +62,11 @@ change_dns() {
if [ "$2" -eq "1" ]; then
uci set dhcp.@dnsmasq[0].cachesize=0 2>/dev/null
fi
uci commit dhcp
uci commit openclash
/usr/share/openclash/openclash_custom_domain_dns.sh
}
revert_dns() {
@ -93,6 +96,7 @@ revert_dns() {
uci commit dhcp
uci commit openclash
rm -rf /tmp/dnsmasq.d/dnsmasq_openclash.conf >/dev/null 2>&1
rm -rf /tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf >/dev/null 2>&1
}
kill_clash()
@ -1022,7 +1026,7 @@ do_run_core()
core_type="Game"
fi
if [ "$proxy_mode" = "Script" ] || [ "$rule_source" = "ConnersHua" ]; then
if [ "$proxy_mode" = "script" ] || [ "$rule_source" = "ConnersHua" ]; then
ln -s /etc/openclash/core/clash_tun /etc/openclash/clash 2>/dev/null
core_type="Tun"
fi
@ -1077,6 +1081,21 @@ cat > "/var/etc/openclash.include" <<-EOF
/etc/init.d/openclash reload >/dev/null 2>&1
EOF
if [ "$china_ip_route" -eq 1 ]; then
if [ ! -f "/tmp/china_ip_route.ipset" ]; then
cp /etc/openclash/rule_provider/ChinaIP.yaml /tmp/china_ip_route.list 2>/dev/null
sed -i "s/'//g" /tmp/china_ip_route.list 2>/dev/null
sed -i "s/^ \{0,\}- //g" /tmp/china_ip_route.list 2>/dev/null
sed -i '/payload:/d' /tmp/china_ip_route.list 2>/dev/null
sed -i '/^ \{0,\}#/d' /tmp/china_ip_route.list 2>/dev/null
echo "create china_ip_route hash:net family inet hashsize 1024 maxelem 65536" >/tmp/china_ip_route.ipset
awk '!/^$/&&!/^#/{printf("add china_ip_route %s'" "'\n",$0)}' /tmp/china_ip_route.list >>/tmp/china_ip_route.ipset
rm -rf /tmp/china_ip_route.list 2>/dev/null
fi
ipset -! flush china_ip_route 2>/dev/null
ipset -! restore </tmp/china_ip_route.ipset 2>/dev/null
fi
#lan_ac
if [ "$operation_mode" = "redir-host" ] && [ "$en_mode" = "redir-host" ]; then
if [ "$lan_ac_mode" = "0" ] && [ -n "$(uci get openclash.config.lan_ac_black_ips 2>/dev/null)" ]; then
@ -1114,6 +1133,9 @@ if [ -z "$en_mode_tun" ]; then
iptables -t nat -A openclash -m set --match-set localnetwork dst -j RETURN
iptables -t nat -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1
iptables -t nat -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1
if [ "$en_mode" = "redir-host" ]; then
iptables -t nat -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1
fi
iptables -t nat -A openclash -p tcp -j REDIRECT --to-ports "$proxy_port"
iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j REDIRECT --to-ports "$proxy_port"
iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j REDIRECT --to-ports "$proxy_port"
@ -1127,6 +1149,9 @@ if [ -z "$en_mode_tun" ]; then
iptables -t mangle -A openclash -m set --match-set localnetwork dst -j RETURN
iptables -t mangle -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1
iptables -t mangle -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1
if [ "$en_mode" = "redir-host" ]; then
iptables -t mangle -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1
fi
iptables -t mangle -A openclash -p udp --dport 53 -j RETURN >/dev/null 2>&1
#端口转发
config_load "firewall"
@ -1201,6 +1226,7 @@ else
#其他流量
iptables -t mangle -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1
iptables -t mangle -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1
iptables -t mangle -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1
iptables -t mangle -A openclash -m set ! --match-set localnetwork dst -j MARK --set-mark "$PROXY_FWMARK"
iptables -t mangle -I PREROUTING -j openclash
iptables -t nat -I PREROUTING -p tcp --dport 53 -j ACCEPT
@ -1278,6 +1304,7 @@ revert_firewall()
#ip6tables -t mangle -D PREROUTING -j MARK --set-mark "$PROXY_FWMARK" >/dev/null 2>&1
ipset destroy localnetwork >/dev/null 2>&1
ipset destroy china_ip_route >/dev/null 2>&1
ipset destroy lan_ac_white_ips >/dev/null 2>&1
ipset destroy lan_ac_black_ips >/dev/null 2>&1
}
@ -1306,6 +1333,7 @@ get_config()
lan_ac_mode=$(uci get openclash.config.lan_ac_mode 2>/dev/null)
enable_rule_proxy=$(uci get openclash.config.enable_rule_proxy 2>/dev/null)
stack_type=$(uci get openclash.config.stack_type 2>/dev/null)
china_ip_route=$(uci get openclash.config.china_ip_route 2>/dev/null)
}
start()
@ -1423,7 +1451,9 @@ if [ "$enable" -eq 1 ] && [ -f "$CONFIG_FILE" ]; then
mv "$START_BACKUP" /tmp/configrules.bak
sed -i -n '/^rules:/,$p' /tmp/configrules.bak
sed -i '/^rules:/,$d' "$CONFIG_FILE" 2>/dev/null
sed -i '/##Other-rule-providers##/,/##Other-rule-providers-end##/d' "$CONFIG_FILE" 2>/dev/null
if [ -z "$(grep "##source:" /tmp/configrules.bak 2>/dev/null)" ]; then
sed -i '/##Other-rule-providers##/,/##Other-rule-providers-end##/d' "$CONFIG_FILE" 2>/dev/null
fi
cat /tmp/configrules.bak >> "$CONFIG_FILE"
rm -rf /tmp/configrules.bak
nohup "$CLASH" -d "$CLASH_CONFIG" -f "$CONFIG_FILE" >> $LOG_FILE 2>&1 &

7
package/ctcgfw/luci-app-openclash/files/etc/openclash/ConnersHua.yaml
View File

@ -50,6 +50,7 @@ rule-providers:
# 规则
rules:
##source:ConnersHua
# Unbreak
- RULE-SET,Unbreak,DIRECT
@ -76,11 +77,11 @@ rules:
- IP-CIDR,224.0.0.0/4,DIRECT
# (可选)使用来自 ipipdotnet 的 ChinaIP 以解决数据不准确的问题,使用 ChinaIP.yaml 时可禁用下列直至包括「GEOIP,CN」规则
# - RULE-SET,ChinaIP,DIRECT
- RULE-SET,ChinaIP,DIRECT
# Tencent
- IP-CIDR,119.28.28.28/32,DIRECT
- IP-CIDR,182.254.116.0/24,DIRECT
# GeoIP China
- GEOIP,CN,DIRECT
#- GEOIP,CN,DIRECT
- MATCH,MATCH
- MATCH,MATCH

BIN
package/ctcgfw/luci-app-openclash/files/etc/openclash/Country.mmdb
View File

Binary file not shown.

1
package/ctcgfw/luci-app-openclash/files/etc/openclash/custom/openclash_custom_domain_dns.list Normal file
View File

@ -0,0 +1 @@
#baidu.com

26
package/ctcgfw/luci-app-openclash/files/etc/openclash/default.yaml
View File

@ -134,6 +134,32 @@ proxies: # 节点设置此部分与proxy-provider两者不能同时删除
# headers:
# custom: value
# shadowsocksR
#The supported shadowsocksR ciphers(encrypt methods):
#aes-128-cfb aes-192-cfb aes-256-cfb
#aes-128-ctr aes-192-ctr aes-256-ctr
#rc4-md5 chacha20-ietf xchacha20
#The supported shadowsocksR obfses:
#plain http_simple http_post
#random_head tls1.2_ticket_auth tls1.2_ticket_fastauth
#The supported shadowsocksR protocols:
#origin auth_sha1_v4 auth_aes128_md5
#auth_aes128_sha1 auth_chain_a auth_chain_b
- name: "ssr"
type: ssr
server: server
port: 443
cipher: chacha20-ietf
password: "password"
obfs: tls1.2_ticket_auth
protocol: auth_sha1_v4
# obfs-param: domain.tld
# protocol-param: "#"
# udp: true
# vmess
# cipher support auto/aes-128-gcm/chacha20-poly1305/none
- name: "vmess"

4
package/ctcgfw/luci-app-openclash/files/etc/openclash/openclash_version
View File

File diff suppressed because one or more lines are too long

57
package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/China.yaml
View File

@ -207,63 +207,6 @@ payload:
- DOMAIN-SUFFIX,springsunday.net
- DOMAIN-SUFFIX,tjupt.org
- DOMAIN-SUFFIX,totheglory.im
# > Scholar
- DOMAIN-SUFFIX,acm.org
- DOMAIN-SUFFIX,acs.org
- DOMAIN-SUFFIX,aip.org
- DOMAIN-SUFFIX,ams.org
- DOMAIN-SUFFIX,annualreviews.org
- DOMAIN-SUFFIX,aps.org
- DOMAIN-SUFFIX,ascelibrary.org
- DOMAIN-SUFFIX,asm.org
- DOMAIN-SUFFIX,asme.org
- DOMAIN-SUFFIX,astm.org
- DOMAIN-SUFFIX,bmj.com
- DOMAIN-SUFFIX,cambridge.org
- DOMAIN-SUFFIX,cas.org
- DOMAIN-SUFFIX,clarivate.com
- DOMAIN-SUFFIX,ebscohost.com
- DOMAIN-SUFFIX,emerald.com
- DOMAIN-SUFFIX,engineeringvillage.com
- DOMAIN-SUFFIX,icevirtuallibrary.com
- DOMAIN-SUFFIX,ieee.org
- DOMAIN-SUFFIX,imf.org
- DOMAIN-SUFFIX,iop.org
- DOMAIN-SUFFIX,jamanetwork.com
- DOMAIN-SUFFIX,jhu.edu
- DOMAIN-SUFFIX,jstor.org
- DOMAIN-SUFFIX,karger.com
- DOMAIN-SUFFIX,libguides.com
- DOMAIN-SUFFIX,madsrevolution.net
- DOMAIN-SUFFIX,mpg.de
- DOMAIN-SUFFIX,myilibrary.com
- DOMAIN-SUFFIX,nature.com
- DOMAIN-SUFFIX,oecd-ilibrary.org
- DOMAIN-SUFFIX,osapublishing.org
- DOMAIN-SUFFIX,oup.com
- DOMAIN-SUFFIX,ovid.com
- DOMAIN-SUFFIX,oxfordartonline.com
- DOMAIN-SUFFIX,oxfordbibliographies.com
- DOMAIN-SUFFIX,oxfordmusiconline.com
- DOMAIN-SUFFIX,pnas.org
- DOMAIN-SUFFIX,proquest.com
- DOMAIN-SUFFIX,rsc.org
- DOMAIN-SUFFIX,sagepub.com
- DOMAIN-SUFFIX,sciencedirect.com
- DOMAIN-SUFFIX,sciencemag.org
- DOMAIN-SUFFIX,scopus.com
- DOMAIN-SUFFIX,siam.org
- DOMAIN-SUFFIX,spiedigitallibrary.org
- DOMAIN-SUFFIX,springer.com
- DOMAIN-SUFFIX,springerlink.com
- DOMAIN-SUFFIX,tandfonline.com
- DOMAIN-SUFFIX,un.org
- DOMAIN-SUFFIX,uni-bielefeld.de
- DOMAIN-SUFFIX,webofknowledge.com
- DOMAIN-SUFFIX,westlaw.com
- DOMAIN-SUFFIX,wiley.com
- DOMAIN-SUFFIX,worldbank.org
- DOMAIN-SUFFIX,worldscientific.com
# > Other
- DOMAIN-SUFFIX,cn
# - DOMAIN-SUFFIX,vmware.com

245
package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/ChinaIP.yaml
View File

@ -13,8 +13,7 @@ payload:
- '1.1.32.0/19'
- '1.2.0.0/23'
- '1.2.2.0/24'
- '1.2.5.0/24'
- '1.2.6.0/23'
- '1.2.4.0/22'
- '1.2.8.0/21'
- '1.2.16.0/20'
- '1.2.32.0/19'
@ -27,21 +26,7 @@ payload:
- '1.4.16.0/20'
- '1.4.32.0/19'
- '1.4.64.0/18'
- '1.8.0.0/18'
- '1.8.64.0/19'
- '1.8.96.0/22'
- '1.8.100.0/23'
- '1.8.112.0/20'
- '1.8.128.0/20'
- '1.8.144.0/22'
- '1.8.148.0/23'
- '1.8.154.0/23'
- '1.8.156.0/22'
- '1.8.160.0/19'
- '1.8.192.0/19'
- '1.8.224.0/20'
- '1.8.244.0/22'
- '1.8.248.0/21'
- '1.8.0.0/16'
- '1.10.0.0/21'
- '1.10.8.0/23'
- '1.10.11.0/24'
@ -73,13 +58,12 @@ payload:
- '1.192.0.0/13'
- '1.202.0.0/15'
- '1.204.0.0/14'
- '2.20.54.23/32'
- '3.5.214.0/23'
- '3.5.216.0/24'
- '8.128.0.0/10'
- '8.209.36.0/22'
- '8.209.40.0/21'
- '8.211.0.0/16'
- '8.211.128.0/17'
- '8.212.0.0/14'
- '8.216.0.0/13'
- '14.0.0.0/21'
@ -101,16 +85,18 @@ payload:
- '14.196.0.0/15'
- '14.204.0.0/15'
- '14.208.0.0/12'
- '15.230.41.0/24'
- '20.62.0.0/24'
- '20.81.0.0/24'
- '20.134.160.0/20'
- '20.139.160.0/20'
- '20.249.255.0/24'
- '20.251.0.0/22'
- '23.236.64.0/25'
- '23.236.64.128/26'
- '23.236.64.192/27'
- '27.0.128.0/21'
- '27.0.128.0/22'
- '27.0.132.0/24'
- '27.0.134.0/23'
- '27.0.160.0/21'
- '27.0.188.0/22'
- '27.0.204.0/22'
@ -597,8 +583,7 @@ payload:
- '45.87.54.0/23'
- '45.112.132.0/22'
- '45.112.188.0/22'
- '45.112.208.0/22'
- '45.112.216.0/21'
- '45.112.208.0/20'
- '45.112.228.0/22'
- '45.112.232.0/21'
- '45.113.12.0/22'
@ -793,7 +778,6 @@ payload:
- '45.253.96.0/20'
- '45.253.112.0/21'
- '45.253.120.0/22'
- '45.253.130.0/23'
- '45.253.132.0/22'
- '45.253.136.0/21'
- '45.253.144.0/20'
@ -811,7 +795,6 @@ payload:
- '45.254.192.0/19'
- '45.254.224.0/21'
- '45.254.236.0/22'
- '45.254.240.0/22'
- '45.254.248.0/22'
- '45.255.0.0/18'
- '45.255.64.0/19'
@ -955,6 +938,9 @@ payload:
- '61.236.0.0/15'
- '61.240.0.0/14'
- '62.234.0.0/16'
- '64.188.38.0/23'
- '64.188.40.0/22'
- '64.188.44.0/23'
- '68.79.0.0/18'
- '69.230.192.0/18'
- '69.231.128.0/18'
@ -967,12 +953,9 @@ payload:
- '72.163.240.0/23'
- '72.163.248.0/22'
- '81.68.0.0/14'
- '81.161.63.0/24'
- '82.156.0.0/15'
- '87.254.207.0/24'
- '91.223.53.0/24'
- '91.234.36.0/24'
- '91.239.190.0/24'
- '89.19.34.0/23'
- '93.183.14.0/24'
- '93.183.18.0/24'
- '94.191.0.0/17'
@ -1107,10 +1090,8 @@ payload:
- '103.5.192.0/22'
- '103.5.252.0/22'
- '103.6.76.0/22'
- '103.6.108.0/22'
- '103.6.120.0/22'
- '103.6.220.0/22'
- '103.6.228.0/22'
- '103.7.140.0/22'
- '103.7.212.0/22'
- '103.7.216.0/21'
@ -1767,7 +1748,8 @@ payload:
- '103.93.204.0/22'
- '103.94.12.0/22'
- '103.94.20.0/22'
- '103.94.28.0/22'
- '103.94.29.0/24'
- '103.94.30.0/23'
- '103.94.32.0/20'
- '103.94.72.0/22'
- '103.94.88.0/22'
@ -1956,7 +1938,6 @@ payload:
- '103.116.92.0/22'
- '103.116.120.0/22'
- '103.116.128.0/22'
- '103.116.150.0/23'
- '103.116.184.0/22'
- '103.116.220.0/22'
- '103.116.224.0/21'
@ -2089,7 +2070,6 @@ payload:
- '103.142.156.0/23'
- '103.142.180.0/23'
- '103.142.186.0/23'
- '103.142.221.0/24'
- '103.142.230.0/24'
- '103.142.234.0/23'
- '103.142.238.0/23'
@ -2105,11 +2085,9 @@ payload:
- '103.144.72.0/23'
- '103.144.136.0/23'
- '103.144.158.0/23'
- '103.145.40.0/22'
- '103.145.80.0/23'
- '103.145.42.0/23'
- '103.145.92.0/22'
- '103.145.98.0/23'
- '103.145.107.0/24'
- '103.145.188.0/23'
- '103.146.6.0/23'
- '103.146.72.0/23'
@ -2137,13 +2115,31 @@ payload:
- '103.150.72.0/23'
- '103.150.122.0/23'
- '103.150.126.0/23'
- '103.150.128.0/22'
- '103.150.128.0/23'
- '103.150.131.0/24'
- '103.150.146.0/23'
- '103.150.164.0/23'
- '103.150.172.0/23'
- '103.150.200.0/23'
- '103.150.210.0/23'
- '103.150.216.0/23'
- '103.150.244.0/23'
- '103.151.142.0/23'
- '103.151.148.0/22'
- '103.151.158.0/23'
- '103.151.178.0/23'
- '103.151.206.0/23'
- '103.151.216.0/23'
- '103.151.228.0/23'
- '103.152.14.0/23'
- '103.152.24.0/23'
- '103.152.28.0/22'
- '103.152.76.0/23'
- '103.152.80.0/23'
- '103.152.98.0/23'
- '103.152.112.0/23'
- '103.152.120.0/22'
- '103.152.132.0/23'
- '103.152.152.0/23'
- '103.152.168.0/23'
- '103.192.0.0/19'
- '103.192.48.0/21'
- '103.192.56.0/22'
@ -2193,8 +2189,6 @@ payload:
- '103.198.180.0/22'
- '103.198.196.0/22'
- '103.198.200.0/22'
- '103.198.216.0/21'
- '103.198.224.0/20'
- '103.199.164.0/22'
- '103.199.196.0/22'
- '103.199.228.0/22'
@ -2348,8 +2342,7 @@ payload:
- '103.217.192.0/20'
- '103.218.8.0/21'
- '103.218.16.0/21'
- '103.218.29.0/24'
- '103.218.30.0/23'
- '103.218.28.0/22'
- '103.218.32.0/19'
- '103.218.64.0/19'
- '103.218.192.0/20'
@ -2380,7 +2373,10 @@ payload:
- '103.220.252.0/22'
- '103.221.0.0/19'
- '103.221.32.0/21'
- '103.221.88.0/21'
- '103.221.44.0/22'
- '103.221.88.0/22'
- '103.221.92.0/23'
- '103.221.95.0/24'
- '103.221.96.0/19'
- '103.221.128.0/18'
- '103.221.192.0/20'
@ -2656,7 +2652,6 @@ payload:
- '103.255.200.0/22'
- '103.255.208.0/22'
- '103.255.228.0/22'
- '104.222.196.0/24'
- '106.0.0.0/24'
- '106.0.2.0/23'
- '106.0.4.0/22'
@ -3122,11 +3117,9 @@ payload:
- '117.128.0.0/10'
- '118.24.0.0/15'
- '118.26.0.0/19'
- '118.26.36.0/22'
- '118.26.40.0/21'
- '118.26.48.0/20'
- '118.26.64.0/19'
- '118.26.104.0/21'
- '118.26.112.0/20'
- '118.26.128.0/17'
- '118.28.0.0/15'
@ -3184,7 +3177,6 @@ payload:
- '118.188.0.0/16'
- '118.190.0.0/16'
- '118.191.0.0/20'
- '118.191.24.0/21'
- '118.191.32.0/19'
- '118.191.64.0/18'
- '118.191.144.0/21'
@ -3377,7 +3369,18 @@ payload:
- '121.58.136.0/21'
- '121.58.144.0/20'
- '121.58.160.0/21'
- '121.59.0.0/16'
- '121.59.0.0/20'
- '121.59.16.0/21'
- '121.59.24.0/22'
- '121.59.28.0/24'
- '121.59.31.0/24'
- '121.59.33.0/24'
- '121.59.34.0/23'
- '121.59.36.0/22'
- '121.59.40.0/21'
- '121.59.48.0/20'
- '121.59.64.0/18'
- '121.59.128.0/17'
- '121.60.0.0/14'
- '121.68.0.0/14'
- '121.76.0.0/15'
@ -3404,8 +3407,7 @@ payload:
- '122.10.216.0/22'
- '122.10.228.0/22'
- '122.10.232.0/21'
- '122.10.240.0/21'
- '122.10.250.0/23'
- '122.10.240.0/22'
- '122.11.0.0/17'
- '122.12.0.0/15'
- '122.14.0.0/17'
@ -3640,7 +3642,6 @@ payload:
- '131.253.12.0/29'
- '131.253.12.80/28'
- '131.253.12.240/29'
- '132.159.251.0/24'
- '132.232.0.0/16'
- '132.237.134.0/24'
- '134.175.0.0/16'
@ -3692,8 +3693,6 @@ payload:
- '139.198.72.0/21'
- '139.198.80.0/20'
- '139.198.96.0/20'
- '139.198.113.0/24'
- '139.198.114.0/23'
- '139.198.116.0/22'
- '139.198.122.0/23'
- '139.198.124.0/22'
@ -3719,14 +3718,7 @@ payload:
- '140.101.208.0/24'
- '140.143.0.0/16'
- '140.179.0.0/16'
- '140.205.0.0/18'
- '140.205.64.0/19'
- '140.205.96.0/20'
- '140.205.112.0/21'
- '140.205.120.0/23'
- '140.205.123.0/24'
- '140.205.124.0/22'
- '140.205.128.0/17'
- '140.205.0.0/16'
- '140.206.0.0/15'
- '140.210.0.0/16'
- '140.224.0.0/16'
@ -3739,6 +3731,8 @@ payload:
- '140.249.0.0/16'
- '140.250.0.0/16'
- '140.255.0.0/16'
- '142.70.0.0/16'
- '142.86.0.0/16'
- '144.0.0.0/16'
- '144.7.0.0/16'
- '144.12.0.0/16'
@ -3843,7 +3837,14 @@ payload:
- '157.148.0.0/16'
- '157.156.0.0/16'
- '157.255.0.0/16'
- '158.116.80.0/22'
- '158.79.0.0/24'
- '158.79.2.0/23'
- '158.79.4.0/22'
- '158.79.8.0/21'
- '158.79.16.0/20'
- '158.79.32.0/19'
- '158.79.64.0/18'
- '158.79.128.0/17'
- '159.75.0.0/16'
- '159.221.232.0/22'
- '159.226.0.0/16'
@ -3861,6 +3862,7 @@ payload:
- '160.202.216.0/21'
- '160.202.224.0/19'
- '160.238.64.0/22'
- '161.120.0.0/16'
- '161.163.0.0/21'
- '161.163.28.0/23'
- '161.163.176.0/24'
@ -3868,7 +3870,13 @@ payload:
- '161.163.180.0/22'
- '161.189.0.0/16'
- '161.207.0.0/16'
- '162.14.0.0/16'
- '162.14.0.0/21'
- '162.14.12.0/22'
- '162.14.20.0/22'
- '162.14.24.0/21'
- '162.14.32.0/19'
- '162.14.64.0/18'
- '162.14.128.0/17'
- '162.105.0.0/16'
- '163.0.0.0/16'
- '163.47.4.0/22'
@ -3925,7 +3933,6 @@ payload:
- '171.104.0.0/13'
- '171.112.0.0/12'
- '171.208.0.0/12'
- '172.60.2.0/24'
- '172.81.192.0/18'
- '173.39.200.0/23'
- '175.0.0.0/12'
@ -4002,15 +4009,16 @@ payload:
- '180.210.236.0/22'
- '180.212.0.0/15'
- '180.222.224.0/19'
- '180.223.0.0/19'
- '180.223.32.0/20'
- '180.223.48.0/21'
- '180.223.57.0/24'
- '180.223.58.0/23'
- '180.223.60.0/22'
- '180.223.0.0/18'
- '180.223.80.0/20'
- '180.223.96.0/19'
- '180.223.128.0/17'
- '180.223.129.0/24'
- '180.223.130.0/23'
- '180.223.132.0/22'
- '180.223.136.0/21'
- '180.223.144.0/20'
- '180.223.160.0/19'
- '180.223.192.0/18'
- '180.233.0.0/18'
- '180.233.64.0/19'
- '180.233.144.0/22'
@ -4047,14 +4055,14 @@ payload:
- '182.238.0.0/16'
- '182.239.0.0/19'
- '182.240.0.0/13'
- '182.254.0.0/17'
- '182.254.128.0/18'
- '182.254.192.0/19'
- '182.254.224.0/20'
- '182.254.240.0/21'
- '182.254.248.0/23'
- '182.254.251.0/24'
- '182.254.252.0/22'
- '182.254.0.0/18'
- '182.254.64.0/19'
- '182.254.96.0/20'
- '182.254.112.0/22'
- '182.254.117.0/24'
- '182.254.119.0/24'
- '182.254.120.0/21'
- '182.254.128.0/17'
- '183.0.0.0/10'
- '183.64.0.0/13'
- '183.78.160.0/21'
@ -4073,7 +4081,10 @@ payload:
- '183.184.0.0/13'
- '183.192.0.0/10'
- '185.109.236.0/24'
- '185.216.118.0/24'
- '185.216.118.0/26'
- '185.216.118.64/27'
- '185.216.118.112/28'
- '185.216.118.128/25'
- '188.131.128.0/17'
- '192.11.23.0/24'
- '192.11.26.0/24'
@ -4096,12 +4107,9 @@ payload:
- '192.144.128.0/17'
- '192.163.11.0/24'
- '192.232.97.0/24'
- '193.9.22.0/24'
- '193.17.120.0/22'
- '193.20.64.0/22'
- '193.32.54.0/24'
- '193.112.0.0/16'
- '193.143.92.0/24'
- '193.200.196.0/24'
- '193.200.222.160/28'
- '194.138.136.0/24'
@ -4733,8 +4741,6 @@ payload:
- '203.12.66.0/24'
- '203.12.70.0/23'
- '203.12.87.0/24'
- '203.12.90.0/24'
- '203.12.92.0/22'
- '203.12.100.0/23'
- '203.12.103.0/24'
- '203.12.114.0/24'
@ -4926,7 +4932,9 @@ payload:
- '203.22.182.0/30'
- '203.22.182.6/31'
- '203.22.182.8/29'
- '203.22.182.16/28'
- '203.22.182.18/31'
- '203.22.182.20/30'
- '203.22.182.24/29'
- '203.22.182.32/27'
- '203.22.182.64/26'
- '203.22.182.128/25'
@ -5380,8 +5388,7 @@ payload:
- '203.83.12.0/22'
- '203.83.56.0/21'
- '203.83.224.0/20'
- '203.86.0.0/18'
- '203.86.64.0/19'
- '203.86.0.0/17'
- '203.86.250.0/24'
- '203.86.254.0/23'
- '203.88.32.0/19'
@ -5441,7 +5448,9 @@ payload:
- '203.118.192.0/19'
- '203.118.241.0/24'
- '203.118.248.0/22'
- '203.119.24.0/23'
- '203.119.24.0/22'
- '203.119.28.0/23'
- '203.119.30.0/24'
- '203.119.32.0/24'
- '203.119.34.0/23'
- '203.119.80.0/22'
@ -5454,8 +5463,16 @@ payload:
- '203.128.32.0/19'
- '203.128.96.0/19'
- '203.128.128.0/24'
- '203.128.224.0/21'
- '203.128.225.0/24'
- '203.128.226.0/23'
- '203.128.228.0/22'
- '203.130.32.0/20'
- '203.130.49.0/24'
- '203.130.51.0/24'
- '203.130.53.0/24'
- '203.130.54.0/23'
- '203.130.56.0/22'
- '203.130.60.0/23'
- '203.132.32.0/19'
- '203.134.240.0/22'
- '203.134.246.0/23'
@ -5464,6 +5481,7 @@ payload:
- '203.142.12.0/23'
- '203.142.219.0/24'
- '203.142.224.0/19'
- '203.144.96.0/19'
- '203.145.0.0/19'
- '203.148.0.0/18'
- '203.148.64.0/20'
@ -5519,7 +5537,6 @@ payload:
- '203.195.64.0/19'
- '203.195.128.0/17'
- '203.196.0.0/21'
- '203.196.10.0/23'
- '203.196.12.0/22'
- '203.196.28.0/22'
- '203.201.181.0/24'
@ -5605,7 +5622,6 @@ payload:
- '211.144.0.0/13'
- '211.152.0.0/17'
- '211.152.134.0/23'
- '211.152.138.0/23'
- '211.152.140.0/22'
- '211.152.150.0/23'
- '211.152.157.0/24'
@ -5628,8 +5644,7 @@ payload:
- '211.155.100.0/22'
- '211.155.104.0/21'
- '211.155.113.0/24'
- '211.155.117.0/24'
- '211.155.118.0/23'
- '211.155.116.0/22'
- '211.155.120.0/21'
- '211.155.128.0/17'
- '211.156.0.0/18'
@ -5670,11 +5685,7 @@ payload:
- '218.64.0.0/11'
- '218.96.0.0/15'
- '218.98.0.0/18'
- '218.98.96.0/21'
- '218.98.104.0/22'
- '218.98.108.0/23'
- '218.98.110.0/24'
- '218.98.112.0/20'
- '218.98.96.0/19'
- '218.98.128.0/19'
- '218.98.192.0/18'
- '218.99.0.0/16'
@ -5742,7 +5753,9 @@ payload:
- '220.231.128.0/17'
- '220.232.64.0/18'
- '220.234.0.0/16'
- '220.242.0.0/24'
- '220.242.0.0/23'
- '220.242.6.0/24'
- '220.242.8.0/24'
- '220.242.12.0/23'
- '220.242.14.0/24'
- '220.242.17.0/24'
@ -5761,20 +5774,42 @@ payload:
- '220.242.120.0/22'
- '220.242.124.0/23'
- '220.242.126.0/24'
- '220.242.134.0/23'
- '220.242.173.0/24'
- '220.242.183.0/24'
- '220.242.197.0/24'
- '220.242.205.0/24'
- '220.242.207.0/24'
- '220.242.215.0/24'
- '220.242.216.0/21'
- '220.242.224.0/19'
- '220.243.0.0/17'
- '220.243.128.0/18'
- '220.243.192.0/23'
- '220.243.194.0/24'
- '220.243.196.0/24'
- '220.243.198.0/23'
- '220.243.201.0/24'
- '220.243.204.0/24'
- '220.243.214.0/24'
- '220.243.217.0/24'
- '220.243.216.0/23'
- '220.243.218.0/24'
- '220.243.238.0/24'
- '220.243.220.0/23'
- '220.243.223.0/24'
- '220.243.225.0/24'
- '220.243.226.0/23'
- '220.243.229.0/24'
- '220.243.230.0/24'
- '220.243.233.0/24'
- '220.243.234.0/23'
- '220.243.237.0/24'
- '220.243.238.0/23'
- '220.243.243.0/24'
- '220.243.244.0/24'
- '220.243.246.0/23'
- '220.243.249.0/24'
- '220.243.250.0/24'
- '220.243.252.0/24'
- '220.243.254.0/23'
- '220.247.136.0/21'
- '220.248.0.0/14'
- '220.252.0.0/16'

34
package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Global.yaml
View File

@ -16,6 +16,8 @@ payload:
- DOMAIN,az668014.vo.msecnd.net
# > Facebook
- DOMAIN-SUFFIX,cdninstagram.com
- DOMAIN-SUFFIX,facebook.com
- DOMAIN-SUFFIX,facebook.net
- DOMAIN-SUFFIX,fb.com
- DOMAIN-SUFFIX,fb.me
- DOMAIN-SUFFIX,fbaddins.com
@ -30,7 +32,6 @@ payload:
- DOMAIN-SUFFIX,rocksdb.org
- DOMAIN-SUFFIX,whatsapp.com
- DOMAIN-SUFFIX,whatsapp.net
- DOMAIN-KEYWORD,facebook
# > Twitter
- DOMAIN-SUFFIX,pscp.tv
- DOMAIN-SUFFIX,periscope.tv
@ -38,8 +39,8 @@ payload:
- DOMAIN-SUFFIX,twimg.co
- DOMAIN-SUFFIX,twimg.com
- DOMAIN-SUFFIX,twitpic.com
- DOMAIN-SUFFIX,twitter.com
- DOMAIN-SUFFIX,vine.co
- DOMAIN-KEYWORD,twitter
# > Telegram
- DOMAIN-SUFFIX,telegra.ph
- DOMAIN-SUFFIX,telegram.org
@ -74,6 +75,7 @@ payload:
- DOMAIN-SUFFIX,abc.net.au
- DOMAIN-SUFFIX,abebooks.com
- DOMAIN-SUFFIX,amazon.co.jp
- DOMAIN-SUFFIX,ao3.org
- DOMAIN-SUFFIX,apigee.com
- DOMAIN-SUFFIX,apkcombo.com
- DOMAIN-SUFFIX,apk-dl.com
@ -84,6 +86,7 @@ payload:
- DOMAIN-SUFFIX,aptoide.com
- DOMAIN-SUFFIX,archive.is
- DOMAIN-SUFFIX,archive.org
- DOMAIN-SUFFIX,archiveofourown.com
- DOMAIN-SUFFIX,archiveofourown.org
- DOMAIN-SUFFIX,arte.tv
- DOMAIN-SUFFIX,artstation.com
@ -99,6 +102,7 @@ payload:
- DOMAIN-SUFFIX,bibox.com
- DOMAIN-SUFFIX,biggo.com.tw
- DOMAIN-SUFFIX,binance.com
- DOMAIN-SUFFIX,bit.ly
- DOMAIN-SUFFIX,bitcointalk.org
- DOMAIN-SUFFIX,bitfinex.com
- DOMAIN-SUFFIX,bitmex.com
@ -187,6 +191,9 @@ payload:
- DOMAIN-SUFFIX,gate.io
- DOMAIN-SUFFIX,getlantern.org
- DOMAIN-SUFFIX,getsync.com
- DOMAIN-SUFFIX,github.com
- DOMAIN-SUFFIX,github.io
- DOMAIN-SUFFIX,githubusercontent.com
- DOMAIN-SUFFIX,globalvoices.org
- DOMAIN-SUFFIX,goo.ne.jp
- DOMAIN-SUFFIX,goodreads.com
@ -204,12 +211,14 @@ payload:
- DOMAIN-SUFFIX,hket.com
- DOMAIN-SUFFIX,hootsuite.com
- DOMAIN-SUFFIX,hudson.org
- DOMAIN-SUFFIX,huffpost.com
- DOMAIN-SUFFIX,hyread.com.tw
- DOMAIN-SUFFIX,ibtimes.com
- DOMAIN-SUFFIX,i-cable.com
- DOMAIN-SUFFIX,icij.org
- DOMAIN-SUFFIX,icoco.com
- DOMAIN-SUFFIX,imgur.com
- DOMAIN-SUFFIX,independent.co.uk
- DOMAIN-SUFFIX,initiummall.com
- DOMAIN-SUFFIX,inoreader.com
- DOMAIN-SUFFIX,insecam.org
@ -228,6 +237,7 @@ payload:
- DOMAIN-SUFFIX,kakaocorp.com
- DOMAIN-SUFFIX,kik.com
- DOMAIN-SUFFIX,kingkong.com.tw
- DOMAIN-SUFFIX,knowyourmeme.com
- DOMAIN-SUFFIX,kobo.com
- DOMAIN-SUFFIX,kobobooks.com
- DOMAIN-SUFFIX,kodingen.com
@ -257,12 +267,15 @@ payload:
- DOMAIN-SUFFIX,nanyang.com
- DOMAIN-SUFFIX,nationalinterest.org
- DOMAIN-SUFFIX,naver.com
- DOMAIN-SUFFIX,nbcnews.com
- DOMAIN-SUFFIX,ndr.de
- DOMAIN-SUFFIX,neowin.net
- DOMAIN-SUFFIX,newstapa.org
- DOMAIN-SUFFIX,nexitally.com
- DOMAIN-SUFFIX,nhk.or.jp
- DOMAIN-SUFFIX,nii.ac.jp
- DOMAIN-SUFFIX,nikkei.com
- DOMAIN-SUFFIX,nitter.net
- DOMAIN-SUFFIX,nofile.io
- DOMAIN-SUFFIX,notion.so
- DOMAIN-SUFFIX,now.com
@ -308,6 +321,7 @@ payload:
- DOMAIN-SUFFIX,quora.com
- DOMAIN-SUFFIX,quoracdn.net
- DOMAIN-SUFFIX,qz.com
- DOMAIN-SUFFIX,radio.garden
- DOMAIN-SUFFIX,rakuten.co.jp
- DOMAIN-SUFFIX,rarbgprx.org
- DOMAIN-SUFFIX,readingtimes.com.tw
@ -329,8 +343,10 @@ payload:
- DOMAIN-SUFFIX,shadowsocks.org
- DOMAIN-SUFFIX,shindanmaker.com
- DOMAIN-SUFFIX,shopee.tw
- DOMAIN-SUFFIX,sina.com.hk
- DOMAIN-SUFFIX,slideshare.net
- DOMAIN-SUFFIX,softfamous.com
- DOMAIN-SUFFIX,spiegel.de
- DOMAIN-SUFFIX,ssrcloud.org
- DOMAIN-SUFFIX,startpage.com
- DOMAIN-SUFFIX,steamcommunity.com
@ -348,6 +364,7 @@ payload:
- DOMAIN-SUFFIX,theinitium.com
- DOMAIN-SUFFIX,themoviedb.org
- DOMAIN-SUFFIX,thetvdb.com
- DOMAIN-SUFFIX,time.com
- DOMAIN-SUFFIX,tineye.com
- DOMAIN-SUFFIX,tiny.cc
- DOMAIN-SUFFIX,tinyurl.com
@ -414,8 +431,8 @@ payload:
- DOMAIN,s3-ap-northeast-1.amazonaws.com
- DOMAIN,s3-ap-southeast-2.amazonaws.com
- DOMAIN,search.avira.com
- DOMAIN,us.weibo.com
- DOMAIN-KEYWORD,github
- DOMAIN-KEYWORD,jav
- DOMAIN-KEYWORD,pinterest
- DOMAIN-KEYWORD,porn
@ -476,10 +493,19 @@ payload:
- DOMAIN-SUFFIX,tdesktop.com
- DOMAIN-SUFFIX,telegram.me
- DOMAIN-SUFFIX,telesco.pe
# > Facebook
- DOMAIN-SUFFIX,facebook.br
- DOMAIN-SUFFIX,facebook.design
- DOMAIN-SUFFIX,facebook.hu
- DOMAIN-SUFFIX,facebook.in
- DOMAIN-SUFFIX,facebook.nl
- DOMAIN-SUFFIX,facebook.se
- DOMAIN-SUFFIX,facebookmail.com
# > Others
- DOMAIN-SUFFIX,noxinfluencer.com
- DOMAIN-SUFFIX,smartmailcloud.com
- DOMAIN-SUFFIX,weebly.com
- DOMAIN-SUFFIX,twitter.jp
# (Region-Restricted Access Denied)
# ---(Apple)---
@ -508,7 +534,7 @@ payload:
# (Network Jitter)
# > Fix download or update is stuck in App Store,and when change the Apple ID region,the payment information can be selected by none.
- DOMAIN-KEYWORD,buy.itunes.apple.com
# - DOMAIN-SUFFIX,evernote.com
- DOMAIN-SUFFIX,cloudcone.com.cn
- DOMAIN-SUFFIX,inkbunny.net
- DOMAIN-SUFFIX,metapix.net
- DOMAIN-SUFFIX,s3.amazonaws.com

13
package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Streaming.yaml
View File

@ -10,8 +10,8 @@ payload:
- DOMAIN-SUFFIX,deezer.com
- DOMAIN-SUFFIX,dzcdn.net
# > JOOX
# USER-AGENT,WeMusic*
# USER-AGENT,JOOX*
# USER-AGENT,WeMusic*
- DOMAIN-SUFFIX,joox.com
- DOMAIN-KEYWORD,jooxweb-api
# > KKBOX
@ -96,6 +96,10 @@ payload:
- DOMAIN-SUFFIX,dssott.com
- DOMAIN,cdn.registerdisney.go.com
- DOMAIN,global.edge.bamgrid.com
# > DMM
- DOMAIN-SUFFIX,dmm.co.jp
- DOMAIN-SUFFIX,dmm.com
- DOMAIN-SUFFIX,dmm-extension.com
# > encoreTVB
# USER-AGENT,encoreTVB*
- DOMAIN-SUFFIX,encoretvb.com
@ -148,6 +152,7 @@ payload:
- DOMAIN-SUFFIX,hulustream.com
# > Hulu / フールー
- DOMAIN-SUFFIX,happyon.jp
- DOMAIN-SUFFIX,hjholdings.jp
- DOMAIN-SUFFIX,hulu.jp
# > ITV
# USER-AGENT,ITV_Player*
@ -229,16 +234,18 @@ payload:
# USER-AGENT,TikTok*
- DOMAIN-SUFFIX,byteoversea.com
- DOMAIN-SUFFIX,ibytedtos.com
- DOMAIN-SUFFIX,ipstatp.com
- DOMAIN-SUFFIX,muscdn.com
- DOMAIN-SUFFIX,musical.ly
- DOMAIN-SUFFIX,tiktok.com
- DOMAIN-SUFFIX,tiktokcdn.com
- DOMAIN-SUFFIX,tiktokv.com
- DOMAIN-KEYWORD,-tiktokcdn-com
# > Twitch
- DOMAIN-SUFFIX,jtvnw.net
- DOMAIN-SUFFIX,ttvnw.net
- DOMAIN-SUFFIX,twitch.tv
- DOMAIN-SUFFIX,twitchcdn.net
- DOMAIN-SUFFIX,ttvnw.net
- DOMAIN-SUFFIX,jtvnw.net
# > ViuTV
# USER-AGENT,Viu*
- DOMAIN-SUFFIX,viu.com

17
package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/controller/openclash.lua
View File

@ -25,6 +25,7 @@ function index()
entry({"admin", "services", "openclash", "ping"}, call("act_ping"))
entry({"admin", "services", "openclash", "download_rule"}, call("action_download_rule"))
entry({"admin", "services", "openclash", "restore"}, call("action_restore_config"))
entry({"admin", "services", "openclash", "switch_mode"}, call("action_switch_mode"))
entry({"admin", "services", "openclash", "settings"},cbi("openclash/settings"),_("Global Settings"), 30).leaf = true
entry({"admin", "services", "openclash", "servers"},cbi("openclash/servers"),_("Severs and Groups"), 40).leaf = true
entry({"admin", "services", "openclash", "rule-providers-settings"},cbi("openclash/rule-providers-settings"),_("Rule Providers and Groups"), 50).leaf = true
@ -213,6 +214,22 @@ function action_restore_config()
luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_rules_2.list' '/etc/openclash/custom/openclash_custom_rules_2.list' >/dev/null 2>&1 &")
luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_fake_black.conf' '/etc/openclash/custom/openclash_custom_fake_black.conf' >/dev/null 2>&1 &")
luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_hosts.list' '/etc/openclash/custom/openclash_custom_hosts.list' >/dev/null 2>&1 &")
luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_domain_dns.list' '/etc/openclash/custom/openclash_custom_domain_dns.list' >/dev/null 2>&1 &")
end
function action_switch_mode()
local switch_mode = luci.sys.exec("uci get openclash.config.operation_mode 2>/dev/null")
if switch_mode == "redir-host\n" then
switch_mode = "redir-host"
luci.sys.call("uci set openclash.config.operation_mode=fake-ip >/dev/null 2>&1 && uci commit openclash")
else
switch_mode = "fake-ip"
luci.sys.call("uci set openclash.config.operation_mode=redir-host >/dev/null 2>&1 && uci commit openclash")
end
luci.http.prepare_content("application/json")
luci.http.write_json({
switch_mode = switch_mode;
})
end
function action_status()

54
package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/model/cbi/openclash/settings.lua
View File

@ -36,13 +36,6 @@ s:tab("geo_update", translate("GEOIP Update"))
s:tab("version_update", translate("Version Update"))
s:tab("debug", translate("Debug Logs"))
---- Operation Mode
o = s:taboption("op_mode", ListValue, "operation_mode", font_red..bold_on..translate("Select Operation Mode")..bold_off..font_off)
o.description = translate("Select Mode For Page Settings, Switch By Click the Button Bellow")
o:value("redir-host", translate("redir-host mode"))
o:value("fake-ip", translate("fake-ip mode"))
o.default = "redir-host"
o = s:taboption("op_mode", ListValue, "en_mode", font_red..bold_on..translate("Select Mode")..bold_off..font_off)
o.description = translate("Select Mode For OpenClash Work, Try Flush DNS Cache If Network Error")
if op_mode == "redir-host" then
@ -81,14 +74,19 @@ o:value("direct", translate("Direct Proxy Mode"))
o:value("script", translate("Script Proxy Mode (Tun Core Only)"))
o.default = "rule"
o = s:taboption("op_mode", Button, translate("Switch Operation Mode"))
o.title = translate("Switch Operation Mode")
o.inputtitle = translate("Switch Mode")
o.inputstyle = "reload"
o.write = function()
m.uci:commit("openclash")
HTTP.redirect(DISP.build_url("admin", "services", "openclash", "settings"))
end
o = s:taboption("op_mode", ListValue, "china_ip_route", font_red..bold_on..translate("China IP Route")..bold_off..font_off)
o.description = translate("Bypass The China Network Flows, Improve Performance")
o:value("0", translate("Disable"))
o:value("1", translate("Enable"))
o.default = "0"
o:depends("en_mode", "redir-host")
o:depends("en_mode", "redir-host-tun")
o:depends("en_mode", "redir-host-vpn")
---- Operation Mode
switch_mode = s:taboption("op_mode", DummyValue, "", nil)
switch_mode.template = "openclash/switch_mode"
---- General Settings
local cpu_model=SYS.exec("opkg status libc 2>/dev/null |grep 'Architecture' |awk -F ': ' '{print $2}' 2>/dev/null")
@ -177,13 +175,13 @@ o:value("0", translate("Disable"))
o:value("1", translate("Enable"))
o.default=0
if op_mode == "fake-ip" then
o = s:taboption("dns", ListValue, "dns_advanced_setting", translate("Advanced Setting"))
o.description = translate("DNS Advanced Settings")..font_red..bold_on..translate("(Please Don't Modify it at Will)")..bold_off..font_off
o:value("0", translate("Disable"))
o:value("1", translate("Enable"))
o.default=0
if op_mode == "fake-ip" then
o = s:taboption("dns", Button, translate("Fake-IP-Filter List Update"))
o.title = translate("Fake-IP-Filter List Update")
o:depends("dns_advanced_setting", "1")
@ -215,6 +213,30 @@ function custom_fake_black.write(self, section, value)
end
end
o = s:taboption("dns", Value, "custom_domain_dns_server", translate("Specify DNS Server"))
o.description = translate("Specify DNS Server For List, Only One IP Server Address Support")
o.default="114.114.114.114"
o.placeholder = translate("114.114.114.114 or 127.0.0.1#5300")
o:depends("dns_advanced_setting", "1")
custom_domain_dns = s:taboption("dns", Value, "custom_domain_dns")
custom_domain_dns.template = "cbi/tvalue"
custom_domain_dns.description = translate("Domain Names In The List Use The Custom DNS Server, One rule per line")
custom_domain_dns.rows = 20
custom_domain_dns.wrap = "off"
custom_domain_dns:depends("dns_advanced_setting", "1")
function custom_domain_dns.cfgvalue(self, section)
return NXFS.readfile("/etc/openclash/custom/openclash_custom_domain_dns.list") or ""
end
function custom_domain_dns.write(self, section, value)
if value then
value = value:gsub("\r\n?", "\n")
NXFS.writefile("/etc/openclash/custom/openclash_custom_domain_dns.list", value)
end
end
---- Access Control
if op_mode == "redir-host" then
o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("Access Control Mode"))

38
package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/switch_mode.htm Normal file
View File

@ -0,0 +1,38 @@
<fieldset class="cbi-section">
<table width="100%">
<tr><td width="100%" colspan="4">
<p align="center" id="switch_mode">
<%:Collecting data...%>
</p>
</td></tr>
</table>
</fieldset>
<script type="text/javascript">//<![CDATA[
var switch_mode = document.getElementById('switch_mode');
switch_mode.innerHTML = '<input type="button" class="cbi-button cbi-button-reset" value="<%:Redir-Host/Fake-IP模式切换%>" onclick="return switch_modes(this)"/>';
function switch_modes(btn)
{
btn.value = '<%:Redir-Host/Fake-IP模式切换%>';
btn.disabled = true;
XHR.get('<%=luci.dispatcher.build_url("admin", "services", "openclash", "switch_mode")%>', null, function(x, status) {
if ( x && x.status == 200 ) {
if ( status.switch_mode == "redir-host" ) {
alert('页面已切换为Fake-IP模式')
window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>';
}
else {
alert('页面已切换为Redir-Host模式')
window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>';
}
}
});
btn.disabled = false;
return false;
}
//]]></script>

2
package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/update.htm
View File

@ -322,9 +322,11 @@
XHR.get('<%=luci.dispatcher.build_url("admin", "services", "openclash", "restore")%>', null, function(x, status) {
if ( x && x.status == 200 ) {
alert('还原默认配置成功!')
window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>';
}
else {
alert('还原默认配置失败!')
window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>';
}
});
} else {

20
package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_custom_domain_dns.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/sh
status=$(ps|grep -c /usr/share/openclash/openclash_custom_domain_dns.sh)
[ "$status" -gt "3" ] && exit 0
START_LOG="/tmp/openclash_start.log"
rm -rf /tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf >/dev/null 2>&1
if [ "$(uci get openclash.config.dns_advanced_setting 2>/dev/null)" -eq 1 ]; then
echo "正在设置第二DNS服务器列表..." >$START_LOG
custom_domain_dns_server=$(uci get openclash.config.custom_domain_dns_server 2>/dev/null)
[ -z "$custom_domain_dns_server" ] && {
custom_domain_dns_server="114.114.114.114"
}
if [ -s "/etc/openclash/custom/openclash_custom_domain_dns.list" ]; then
mkdir -p /tmp/dnsmasq.d
awk -v tag="$custom_domain_dns_server" '!/^$/&&!/^#/{printf("server=/%s/"'tag'"\n",$0)}' /etc/openclash/custom/openclash_custom_domain_dns.list >>/tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf 2>/dev/null
fi
fi

1
package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_rule.sh
View File

@ -29,6 +29,7 @@
fi
sed -i -n '/^rule-providers:/,$p' /tmp/rules.yaml 2>/dev/null
sed -i "s/# - RULE-SET,ChinaIP,DIRECT/- RULE-SET,ChinaIP,DIRECT/g" /tmp/rules.yaml 2>/dev/null
sed -i "s/- GEOIP,/#- GEOIP,/g" /tmp/rules.yaml 2>/dev/null
elif [ "$RUlE_SOURCE" = "ConnersHua_return" ]; then
if pidof clash >/dev/null; then
curl -sL --connect-timeout 10 --retry 2 -x http://$PROXY_ADDR:$HTTP_PORT -U "$PROXY_AUTH" https://raw.githubusercontent.com/ConnersHua/Profiles/master/Clash/China.yaml -o /tmp/rules.yaml >/dev/null 2>&1

20
package/ctcgfw/luci-app-openclash/files/usr/share/openclash/yml_rules_change.sh
View File

@ -13,8 +13,14 @@ yml_other_set()
sed -i '/^##Custom Rules 2##/d' "$4" 2>/dev/null
sed -i '/^##Custom Rules 2 End##/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,tracker,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,announce,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,announce.php?passkey=,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,torrent,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,peer_id=,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,info_hash,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,get_peers,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,find_node,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,BitTorrent,DIRECT/d' "$4" 2>/dev/null
sed -i '/- DOMAIN-KEYWORD,announce_peer,DIRECT/d' "$4" 2>/dev/null
if [ -z "$(grep '^ \{0,\}- IP-CIDR,198.18.0.1/16,REJECT,no-resolve' "$4")" ] && [ "$6" = "fake-ip" ]; then
if [ ! -z "$(grep "^ \{0,\}- IP-CIDR,198.18.0.1/16" "$4")" ]; then
@ -26,7 +32,7 @@ yml_other_set()
fi
fi
fi
if [ "$7" = 1 ]; then
sed -i '1,/^ \{0,\}- GEOIP/{/^ \{0,\}- GEOIP/s/^ \{0,\}- GEOIP/- DOMAIN-KEYWORD,tracker,DIRECT\n&/}' "$4" 2>/dev/null
if [ -z "$(grep '^- DOMAIN-KEYWORD,tracker,DIRECT' "$4")" ]; then
@ -35,8 +41,14 @@ yml_other_set()
if [ -z "$(grep '^- DOMAIN-KEYWORD,tracker,DIRECT' "$4")" ]; then
echo "- DOMAIN-KEYWORD,tracker,DIRECT" >> "$4" 2>/dev/null
fi
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce.php?passkey=,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,torrent,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,peer_id=,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,info_hash,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,get_peers,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,find_node,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,BitTorrent,DIRECT" "$4" 2>/dev/null
sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce_peer,DIRECT" "$4" 2>/dev/null
if [ -z "$(grep "###- MATCH," "$4")" ] && [ -z "$(grep "###- FINAL," "$4")" ]; then
sed -i 's/- MATCH,/###&/' "$4" 2>/dev/null
echo "- MATCH,DIRECT" >> "$4" 2>/dev/null
@ -47,7 +59,7 @@ yml_other_set()
sed -i "s/###- MATCH,/- MATCH,/" "$4" 2>/dev/null
fi
fi
if [ "$3" = 1 ]; then
sed -i '/^rules:/a\##Custom Rules End##' "$4" 2>/dev/null
sed -i '/^rules:/a\##Custom Rules##' "$4" 2>/dev/null

11
package/ctcgfw/luci-app-openclash/i18n/zh-cn/openclash.zh-cn.po
View File

@ -149,6 +149,12 @@ msgstr "网络栈类型"
msgid "Select Stack Type For Tun Mode, According To The Running Speed on Your Machine"
msgstr "请自行根据运行速度为Tun模式选择合适的网络栈"
msgid "China IP Route"
msgstr "实验性绕过中国大陆IP"
msgid "Bypass The China Network Flows, Improve Performance"
msgstr "启用后中国大陆流量将不再经过内核,提升系统性能"
msgid "Log Level"
msgstr "日志等级"
@ -213,7 +219,7 @@ msgid "(Please Don't Modify it at Will)"
msgstr "(如您不知道选项有何用,请不要随意修改)"
msgid "Specify DNS Server"
msgstr "Fake-IP模式黑名单DNS服务器"
msgstr "指定(第二)DNS服务器"
msgid "Specify DNS Server For List, Only One IP Server Address Support"
msgstr "指定下方列表中域名的DNS服务器只支持填写一个IP地址"
@ -221,6 +227,9 @@ msgstr "指定下方列表中域名的DNS服务器只支持填写一个IP地
msgid "Domain Names In The List Do Not Return Fake-IP, One rule per line"
msgstr "每行请只填写一个域名列表中的域名在Fake-IP模式下查询DNS时将返回真实IP地址更改后点击上方按钮生效"
msgid "Domain Names In The List Use The Custom DNS Server, One rule per line"
msgstr "每行请只填写一个域名列表中的域名将使用上方指定的DNS进行查询"
msgid "Fake-IP-Filter List Update"
msgstr "更新Fake-IP域名黑名单"

2
package/ctcgfw/luci-theme-argonv3/Makefile
View File

@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
LUCI_TITLE:=Argon Theme
LUCI_DEPENDS:=
PKG_VERSION:=1.6.2
PKG_VERSION:=1.6.3
PKG_RELEASE:=20200725
include $(TOPDIR)/feeds/luci/luci.mk

38
package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/css/cascade.css
View File

@ -200,7 +200,7 @@ li {
line-height: 1;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
color: #adb5bd;
color: #525461;
font-size: 1.5rem;
position: absolute;
z-index: 100;
@ -225,10 +225,10 @@ li {
margin: 0.825rem 0;
box-sizing: border-box;
transition: all 0.3s cubic-bezier(0.68, -0.55, 0.265, 1.55);
color: #8898aa;
color: #525461;
border: 0;
border-radius: 0;
border-bottom: 1px solid #dee2e6;
border-bottom: 1px solid #fff;
background-color: transparent;
background-clip: padding-box;
box-shadow: 0 3px 2px rgba(233, 236, 239, 0.05);
@ -293,6 +293,13 @@ li {
.pull-left {
float: left;
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
.login-page .login-container .login-form {
-webkit-backdrop-filter: blur(10px);
backdrop-filter: blur(10px);
background-color: rgba(244, 245, 247, 0.7);
}
}
/***********************
*
* Header
@ -1069,6 +1076,11 @@ small {
.cbi-section > legend {
display: none !important;
}
.cbi-section-error {
padding: 1.5rem;
color: #fb6340;
font-weight: 600;
}
fieldset > fieldset {
margin: 0;
padding: 0;
@ -2676,13 +2688,6 @@ input[name="nslookup"] {
border-bottom: var(--white) 1px solid;
border-radius: 0;
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
.login-page .login-container .login-form {
-webkit-backdrop-filter: blur(10px);
backdrop-filter: blur(10px);
background-color: rgba(244, 245, 247, 0.7);
}
}
fieldset {
padding: 0;
margin: 1rem 0 0 0;
@ -3213,11 +3218,8 @@ input[name="nslookup"] {
padding: 5px;
background: #252525;
}
}
@media (prefers-color-scheme: dark) and (max-width: 480px) {
.node-status-iptables > .main div > .cbi-map > form {
background-color: #1e1e1e;
box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, 0.35);
.cbi-section-error {
color: darkorange;
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
.login-page .login-container .login-form {
@ -3227,3 +3229,9 @@ input[name="nslookup"] {
}
}
}
@media (prefers-color-scheme: dark) and (max-width: 480px) {
.node-status-iptables > .main div > .cbi-map > form {
background-color: #1e1e1e;
box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, 0.35);
}
}

47
package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/less/cascade.less
View File

@ -226,7 +226,7 @@ li {
line-height: 1;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
color: #adb5bd;
color: #525461;
font-size: 1.5rem;
position: absolute;
z-index: 100;
@ -253,10 +253,10 @@ li {
margin: 0.825rem 0;
box-sizing: border-box;
transition: all .3s cubic-bezier(.68, -.55, .265, 1.55);
color: #8898aa;
color: #525461;
border: 0;
border-radius: 0;
border-bottom: 1px solid #dee2e6;
border-bottom: 1px solid #fff;
background-color: transparent;
background-clip: padding-box;
box-shadow: 0 3px 2px rgba(233, 236, 239, .05);
@ -340,6 +340,15 @@ li {
float: left;
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
.login-page .login-container .login-form {
-webkit-backdrop-filter: blur(10px);
backdrop-filter: blur(10px);
background-color: rgba(244, 245, 247, 0.7);
}
}
/***********************
@ -1296,6 +1305,11 @@ small {
.cbi-section>legend {
display: none !important;
}
.cbi-section-error {
padding: 1.5rem;
color: #fb6340;
font-weight: 600;
}
fieldset>fieldset {
margin: 0;
@ -3379,14 +3393,7 @@ input[name="nslookup"] {
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
.login-page .login-container .login-form {
-webkit-backdrop-filter: blur(10px);
backdrop-filter: blur(10px);
background-color: rgba(244, 245, 247, 0.7);
}
}
fieldset {
padding: 0;
@ -4110,12 +4117,8 @@ input[name="nslookup"] {
background: #252525;
}
}
@media (prefers-color-scheme: dark) and (max-width: 480px) {
.node-status-iptables>.main div>.cbi-map>form {
background-color: #1e1e1e;
box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, .35);
.cbi-section-error {
color: darkorange;
}
@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) {
@ -4126,4 +4129,14 @@ input[name="nslookup"] {
}
}
}
@media (prefers-color-scheme: dark) and (max-width: 480px) {
.node-status-iptables>.main div>.cbi-map>form {
background-color: #1e1e1e;
box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, .35);
}
}

4
package/lean/UnblockNeteaseMusic-Go/Makefile
View File

@ -1,12 +1,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=UnblockNeteaseMusic-Go
PKG_VERSION:=0.2.1
PKG_VERSION:=0.2.4
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cnsilvan/UnblockNeteaseMusic.git
PKG_SOURCE_VERSION:=7664b2b5c5dbe8e1ff7fde0c0051b4feabc0e0ba
PKG_SOURCE_VERSION:=2db62fe071c9f8fbfa8bad87256f853a78bb76f1
PKG_MAINTAINER:=Silvan <cnsilvan@gmail.com>
PKG_SOURCE_SUBDIR:=$(PKG_NAME)

2
package/lean/luci-app-turboacc/root/etc/config/turboacc
View File

@ -1,7 +1,7 @@
config turboacc 'config'
option sw_flow '1'
option hw_flow '0'
option hw_flow '1'
option sfe_flow '1'
option sfe_bridge '1'
option sfe_ipv6 '0'

5
package/lienol/brook/Makefile
View File

@ -23,6 +23,9 @@ ifeq ($(ARCH),arm)
endif
ifeq ($(BOARD),bcm53xx)
PKG_ARCH_BROOK:=_linux_arm6
ifeq ($(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE)))),)
PKG_ARCH_BROOK:=_linux_arm5
endif
endif
ifeq ($(BOARD),kirkwood)
PKG_ARCH_BROOK:=_linux_arm5
@ -32,7 +35,7 @@ ifeq ($(ARCH),aarch64)
endif
PKG_NAME:=brook
PKG_VERSION:=20200201
PKG_VERSION:=20200701
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=brook$(PKG_ARCH_BROOK)

4
package/lienol/luci-app-passwall/Makefile
View File

@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
PKG_VERSION:=3.9
PKG_RELEASE:=22
PKG_DATE:=20200724
PKG_RELEASE:=23
PKG_DATE:=20200727
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)

105
package/lienol/luci-app-passwall/luasrc/controller/passwall.lua
View File

@ -9,58 +9,61 @@ local v2ray = require "luci.model.cbi.passwall.api.v2ray"
local trojan_go = require "luci.model.cbi.passwall.api.trojan_go"
function index()
appname = "passwall"
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
entry({"admin", "services", appname, "show"}, call("show_menu")).leaf = true
entry({"admin", "services", appname, "hide"}, call("hide_menu")).leaf = true
if not nixio.fs.access("/etc/config/passwall") then return end
entry({"admin", "services", "passwall", "reset_config"}, call("reset_config")).leaf = true
entry({"admin", "services", "passwall", "show"}, call("show_menu")).leaf = true
entry({"admin", "services", "passwall", "hide"}, call("hide_menu")).leaf = true
if nixio.fs.access("/etc/config/passwall_show") then
entry({"admin", "services", "passwall"}, alias("admin", "services", "passwall", "settings"), _("Pass Wall"), 1).dependent = true
entry({"admin", "services", appname}, alias("admin", "services", appname, "settings"), _("Pass Wall"), 1).dependent = true
end
entry({"admin", "services", "passwall", "settings"}, cbi("passwall/global"), _("Basic Settings"), 1).dependent = true
entry({"admin", "services", "passwall", "node_list"}, cbi("passwall/node_list"), _("Node List"), 2).dependent = true
entry({"admin", "services", "passwall", "auto_switch"}, cbi("passwall/auto_switch"), _("Auto Switch"), 3).leaf = true
entry({"admin", "services", "passwall", "other"}, cbi("passwall/other", {autoapply = true}), _("Other Settings"), 93).leaf = true
entry({"admin", "services", appname, "settings"}, cbi("passwall/global"), _("Basic Settings"), 1).dependent = true
entry({"admin", "services", appname, "node_list"}, cbi("passwall/node_list"), _("Node List"), 2).dependent = true
entry({"admin", "services", appname, "auto_switch"}, cbi("passwall/auto_switch"), _("Auto Switch"), 3).leaf = true
entry({"admin", "services", appname, "other"}, cbi("passwall/other", {autoapply = true}), _("Other Settings"), 93).leaf = true
if nixio.fs.access("/usr/sbin/haproxy") then
entry({"admin", "services", "passwall", "haproxy"}, cbi("passwall/haproxy"), _("Load Balancing"), 94).leaf = true
entry({"admin", "services", appname, "haproxy"}, cbi("passwall/haproxy"), _("Load Balancing"), 94).leaf = true
end
entry({"admin", "services", "passwall", "node_subscribe"}, cbi("passwall/node_subscribe"), _("Node Subscribe"), 95).dependent = true
entry({"admin", "services", "passwall", "rule"}, cbi("passwall/rule"), _("Rule Update"), 96).leaf = true
entry({"admin", "services", "passwall", "node_config"}, cbi("passwall/node_config")).leaf = true
entry({"admin", "services", "passwall", "shunt_rules"}, cbi("passwall/shunt_rules")).leaf = true
entry({"admin", "services", "passwall", "acl"}, cbi("passwall/acl"), _("Access control"), 97).leaf = true
entry({"admin", "services", "passwall", "log"}, form("passwall/log"), _("Watch Logs"), 999).leaf = true
entry({"admin", "services", "passwall", "server"}, cbi("passwall/server/index"), _("Server-Side"), 99).leaf = true
entry({"admin", "services", "passwall", "server_user"}, cbi("passwall/server/user")).leaf = true
entry({"admin", "services", appname, "node_subscribe"}, cbi("passwall/node_subscribe"), _("Node Subscribe"), 95).dependent = true
entry({"admin", "services", appname, "rule"}, cbi("passwall/rule"), _("Rule"), 96).leaf = true
entry({"admin", "services", appname, "app_update"}, cbi("passwall/app_update"), _("App Update"), 97).leaf = true
entry({"admin", "services", appname, "node_config"}, cbi("passwall/node_config")).leaf = true
entry({"admin", "services", appname, "shunt_rules"}, cbi("passwall/shunt_rules")).leaf = true
entry({"admin", "services", appname, "acl"}, cbi("passwall/acl"), _("Access control"), 98).leaf = true
entry({"admin", "services", appname, "log"}, form("passwall/log"), _("Watch Logs"), 999).leaf = true
entry({"admin", "services", appname, "server"}, cbi("passwall/server/index"), _("Server-Side"), 99).leaf = true
entry({"admin", "services", appname, "server_user"}, cbi("passwall/server/user")).leaf = true
entry({"admin", "services", "passwall", "server_user_status"}, call("server_user_status")).leaf = true
entry({"admin", "services", "passwall", "server_get_log"}, call("server_get_log")).leaf = true
entry({"admin", "services", "passwall", "server_clear_log"}, call("server_clear_log")).leaf = true
entry({"admin", "services", "passwall", "link_append_temp"}, call("link_append_temp")).leaf = true
entry({"admin", "services", "passwall", "link_load_temp"}, call("link_load_temp")).leaf = true
entry({"admin", "services", "passwall", "link_clear_temp"}, call("link_clear_temp")).leaf = true
entry({"admin", "services", "passwall", "link_add_node"}, call("link_add_node")).leaf = true
entry({"admin", "services", "passwall", "get_log"}, call("get_log")).leaf = true
entry({"admin", "services", "passwall", "clear_log"}, call("clear_log")).leaf = true
entry({"admin", "services", "passwall", "status"}, call("status")).leaf = true
entry({"admin", "services", "passwall", "socks_status"}, call("socks_status")).leaf = true
entry({"admin", "services", "passwall", "connect_status"}, call("connect_status")).leaf = true
entry({"admin", "services", "passwall", "check_port"}, call("check_port")).leaf = true
entry({"admin", "services", "passwall", "ping_node"}, call("ping_node")).leaf = true
entry({"admin", "services", "passwall", "set_node"}, call("set_node")).leaf = true
entry({"admin", "services", "passwall", "copy_node"}, call("copy_node")).leaf = true
entry({"admin", "services", "passwall", "clear_all_nodes"}, call("clear_all_nodes")).leaf = true
entry({"admin", "services", "passwall", "delete_select_nodes"}, call("delete_select_nodes")).leaf = true
entry({"admin", "services", "passwall", "update_rules"}, call("update_rules")).leaf = true
entry({"admin", "services", "passwall", "luci_check"}, call("luci_check")).leaf = true
entry({"admin", "services", "passwall", "luci_update"}, call("luci_update")).leaf = true
entry({"admin", "services", "passwall", "kcptun_check"}, call("kcptun_check")).leaf = true
entry({"admin", "services", "passwall", "kcptun_update"}, call("kcptun_update")).leaf = true
entry({"admin", "services", "passwall", "brook_check"}, call("brook_check")).leaf = true
entry({"admin", "services", "passwall", "brook_update"}, call("brook_update")).leaf = true
entry({"admin", "services", "passwall", "v2ray_check"}, call("v2ray_check")).leaf = true
entry({"admin", "services", "passwall", "v2ray_update"}, call("v2ray_update")).leaf = true
entry({"admin", "services", "passwall", "trojan_go_check"}, call("trojan_go_check")).leaf = true
entry({"admin", "services", "passwall", "trojan_go_update"}, call("trojan_go_update")).leaf = true
entry({"admin", "services", appname, "server_user_status"}, call("server_user_status")).leaf = true
entry({"admin", "services", appname, "server_get_log"}, call("server_get_log")).leaf = true
entry({"admin", "services", appname, "server_clear_log"}, call("server_clear_log")).leaf = true
entry({"admin", "services", appname, "link_append_temp"}, call("link_append_temp")).leaf = true
entry({"admin", "services", appname, "link_load_temp"}, call("link_load_temp")).leaf = true
entry({"admin", "services", appname, "link_clear_temp"}, call("link_clear_temp")).leaf = true
entry({"admin", "services", appname, "link_add_node"}, call("link_add_node")).leaf = true
entry({"admin", "services", appname, "get_log"}, call("get_log")).leaf = true
entry({"admin", "services", appname, "clear_log"}, call("clear_log")).leaf = true
entry({"admin", "services", appname, "status"}, call("status")).leaf = true
entry({"admin", "services", appname, "socks_status"}, call("socks_status")).leaf = true
entry({"admin", "services", appname, "connect_status"}, call("connect_status")).leaf = true
entry({"admin", "services", appname, "check_port"}, call("check_port")).leaf = true
entry({"admin", "services", appname, "ping_node"}, call("ping_node")).leaf = true
entry({"admin", "services", appname, "set_node"}, call("set_node")).leaf = true
entry({"admin", "services", appname, "copy_node"}, call("copy_node")).leaf = true
entry({"admin", "services", appname, "clear_all_nodes"}, call("clear_all_nodes")).leaf = true
entry({"admin", "services", appname, "delete_select_nodes"}, call("delete_select_nodes")).leaf = true
entry({"admin", "services", appname, "update_rules"}, call("update_rules")).leaf = true
entry({"admin", "services", appname, "luci_check"}, call("luci_check")).leaf = true
entry({"admin", "services", appname, "luci_update"}, call("luci_update")).leaf = true
entry({"admin", "services", appname, "kcptun_check"}, call("kcptun_check")).leaf = true
entry({"admin", "services", appname, "kcptun_update"}, call("kcptun_update")).leaf = true
entry({"admin", "services", appname, "brook_check"}, call("brook_check")).leaf = true
entry({"admin", "services", appname, "brook_update"}, call("brook_update")).leaf = true
entry({"admin", "services", appname, "v2ray_check"}, call("v2ray_check")).leaf = true
entry({"admin", "services", appname, "v2ray_update"}, call("v2ray_update")).leaf = true
entry({"admin", "services", appname, "trojan_go_check"}, call("trojan_go_check")).leaf = true
entry({"admin", "services", appname, "trojan_go_update"}, call("trojan_go_update")).leaf = true
end
local function http_write_json(content)
@ -70,12 +73,12 @@ end
function reset_config()
luci.sys.call('[ -f "/usr/share/passwall/config.default" ] && cp -f /usr/share/passwall/config.default /etc/config/passwall && /etc/init.d/passwall reload')
luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall"))
luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname))
end
function show_menu()
luci.sys.call("touch /etc/config/passwall_show")
luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall"))
luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname))
end
function hide_menu()
@ -130,7 +133,7 @@ end
function status()
-- local dns_mode = ucic:get(appname, "@global[0]", "dns_mode")
local e = {}
e.dns_mode_status = luci.sys.call("netstat -apn | grep 7913 >/dev/null") == 0
e.dns_mode_status = luci.sys.call("netstat -apn | grep ':7913 ' | grep 'LISTEN' >/dev/null") == 0
e.haproxy_status = luci.sys.call(string.format("ps -w | grep -v grep | grep '%s/bin/' | grep haproxy >/dev/null", appname)) == 0
local tcp_node_num = ucic:get(appname, "@global_other[0]", "tcp_node_num") or 1
for i = 1, tcp_node_num, 1 do
@ -198,7 +201,7 @@ function set_node()
ucic:set(appname, "@global[0]", protocol .. "_node" .. number, section)
ucic:commit(appname)
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall", "log"))
luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname, "log"))
end
function copy_node()
@ -245,7 +248,7 @@ function check_port()
-- retstring = retstring .. "<font color='red'>暂时不支持UDP检测</font><br />"
retstring = retstring .. "<font color='green'>检测端口可用性</font><br />"
ucic:foreach("passwall", "nodes", function(s)
ucic:foreach(appname, "nodes", function(s)
local ret = ""
local tcp_socket
if (s.use_kcp and s.use_kcp == "1" and s.kcp_port) or

7
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua
View File

@ -75,6 +75,7 @@ local function gen_outbound(node, tag)
congestion = (node.mkcp_congestion == "1") and true or false,
readBufferSize = tonumber(node.mkcp_readBufferSize),
writeBufferSize = tonumber(node.mkcp_writeBufferSize),
seed = (node.mkcp_seed and node.mkcp_seed ~= "") and node.mkcp_seed or nil,
header = {type = node.mkcp_guise}
} or nil,
wsSettings = (node.transport == "ws") and {
@ -122,6 +123,12 @@ local function gen_outbound(node, tag)
}
}
end
if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then
result.streamSettings.security = "none"
result.streamSettings.tlsSettings = nil
end
return result
end

47
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/app_update.lua Normal file
View File

@ -0,0 +1,47 @@
local d = require "luci.dispatcher"
local appname = "passwall"
m = Map(appname)
-- [[ App Settings ]]--
s = m:section(TypedSection, "global_app", translate("App Update"),
"<font color='red'>" ..
translate("Please confirm that your firmware supports FPU.") ..
"</font>")
s.anonymous = true
s:append(Template(appname .. "/app_update/v2ray_version"))
s:append(Template(appname .. "/app_update/trojan_go_version"))
s:append(Template(appname .. "/app_update/kcptun_version"))
s:append(Template(appname .. "/app_update/brook_version"))
---- V2ray Path
o = s:option(Value, "v2ray_file", translate("V2ray Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/v2ray/"))
o.default = "/usr/bin/v2ray/"
o.rmempty = false
---- Trojan-Go Path
o = s:option(Value, "trojan_go_file", translate("Trojan-Go Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/trojan-go"))
o.default = "/usr/bin/trojan-go"
o.rmempty = false
o = s:option(Value, "trojan_go_latest", translate("Trojan-Go Version API"), translate("alternate API URL for version checking"))
o.default = "https://api.github.com/repos/peter-tank/trojan-go/releases/latest"
---- Kcptun client Path
o = s:option(Value, "kcptun_client_file", translate("Kcptun Client Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/kcptun-client"))
o.default = "/usr/bin/kcptun-client"
o.rmempty = false
--[[
o = s:option(Button, "_check_kcptun", translate("Manually update"), translatef("Make sure there is enough space to install %s", "kcptun"))
o.template = appname .. "/kcptun"
o.inputstyle = "apply"
o.btnclick = "onBtnClick_kcptun(this);"
o.id = "_kcptun-check_btn"]] --
---- Brook Path
o = s:option(Value, "brook_file", translate("Brook Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/brook"))
o.default = "/usr/bin/brook"
o.rmempty = false
return m

2
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/auto_switch.lua
View File

@ -20,7 +20,7 @@ end)
m = Map(appname)
-- [[ Auto Switch Settings ]]--
s = m:section(TypedSection, "auto_switch", translate("Auto Switch"))
s = m:section(TypedSection, "auto_switch")
s.anonymous = true
---- Enable

3
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/global.lua
View File

@ -68,8 +68,7 @@ else
end
-- [[ Global Settings ]]--
s = m:section(TypedSection, "global", translate("Main Settings"))
-- s.description = translate("If you can use it, very stable. If not, GG !!!")
s = m:section(TypedSection, "global")
s.anonymous = true
s.addremove = false

4
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/haproxy.lua
View File

@ -19,7 +19,7 @@ end)
m = Map(appname)
-- [[ Haproxy Settings ]]--
s = m:section(TypedSection, "global_haproxy", translate("Load Balancing"))
s = m:section(TypedSection, "global_haproxy")
s.anonymous = true
s:append(Template(appname .. "/haproxy/status"))
@ -47,7 +47,7 @@ o.default = "1188"
o:depends("balancing_enable", 1)
-- [[ Balancing Settings ]]--
s = m:section(TypedSection, "haproxy_config", translate("Load Balancing Setting"),
s = m:section(TypedSection, "haproxy_config", "",
"<font color='red'>" .. translate("Add a node, Export Of Multi WAN Only support Multi Wan. Load specific gravity range 1-256. Multiple primary servers can be load balanced, standby will only be enabled when the primary server is offline! Multiple groups can be set, Haproxy port same one for each group.").."</font>")
s.template = "cbi/tblsection"
s.sortable = true

9
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/node_config.lua
View File

@ -414,26 +414,35 @@ for a, t in ipairs(header_type_list) do mkcp_guise:value(t) end
mkcp_guise:depends("transport", "mkcp")
mkcp_mtu = s:option(Value, "mkcp_mtu", translate("KCP MTU"))
mkcp_mtu.default = "1350"
mkcp_mtu:depends("transport", "mkcp")
mkcp_tti = s:option(Value, "mkcp_tti", translate("KCP TTI"))
mkcp_tti.default = "20"
mkcp_tti:depends("transport", "mkcp")
mkcp_uplinkCapacity = s:option(Value, "mkcp_uplinkCapacity", translate("KCP uplinkCapacity"))
mkcp_uplinkCapacity.default = "5"
mkcp_uplinkCapacity:depends("transport", "mkcp")
mkcp_downlinkCapacity = s:option(Value, "mkcp_downlinkCapacity", translate("KCP downlinkCapacity"))
mkcp_downlinkCapacity.default = "20"
mkcp_downlinkCapacity:depends("transport", "mkcp")
mkcp_congestion = s:option(Flag, "mkcp_congestion", translate("KCP Congestion"))
mkcp_congestion:depends("transport", "mkcp")
mkcp_readBufferSize = s:option(Value, "mkcp_readBufferSize", translate("KCP readBufferSize"))
mkcp_readBufferSize.default = "1"
mkcp_readBufferSize:depends("transport", "mkcp")
mkcp_writeBufferSize = s:option(Value, "mkcp_writeBufferSize", translate("KCP writeBufferSize"))
mkcp_writeBufferSize.default = "1"
mkcp_writeBufferSize:depends("transport", "mkcp")
mkcp_seed = s:option(Value, "mkcp_seed", translate("KCP Seed"))
mkcp_seed:depends("transport", "mkcp")
-- [[ WebSocket部分 ]]--
ws_host = s:option(Value, "ws_host", translate("WebSocket Host"))
ws_host:depends("transport", "ws")

41
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/rule.lua
View File

@ -64,45 +64,4 @@ end
o = s:option(DummyValue, "remarks", translate("Remarks"))
-- [[ App Settings ]]--
s = m:section(TypedSection, "global_app", translate("App Update"),
"<font color='red'>" ..
translate("Please confirm that your firmware supports FPU.") ..
"</font>")
s.anonymous = true
s:append(Template(appname .. "/rule/v2ray_version"))
s:append(Template(appname .. "/rule/trojan_go_version"))
s:append(Template(appname .. "/rule/kcptun_version"))
s:append(Template(appname .. "/rule/brook_version"))
---- V2ray Path
o = s:option(Value, "v2ray_file", translate("V2ray Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/v2ray/"))
o.default = "/usr/bin/v2ray/"
o.rmempty = false
---- Trojan-Go Path
o = s:option(Value, "trojan_go_file", translate("Trojan-Go Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/trojan-go"))
o.default = "/usr/bin/trojan-go"
o.rmempty = false
o = s:option(Value, "trojan_go_latest", translate("Trojan-Go Version API"), translate("alternate API URL for version checking"))
o.default = "https://api.github.com/repos/peter-tank/trojan-go/releases/latest"
---- Kcptun client Path
o = s:option(Value, "kcptun_client_file", translate("Kcptun Client Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/kcptun-client"))
o.default = "/usr/bin/kcptun-client"
o.rmempty = false
--[[
o = s:option(Button, "_check_kcptun", translate("Manually update"), translatef("Make sure there is enough space to install %s", "kcptun"))
o.template = appname .. "/kcptun"
o.inputstyle = "apply"
o.btnclick = "onBtnClick_kcptun(this);"
o.id = "_kcptun-check_btn"]] --
---- Brook Path
o = s:option(Value, "brook_file", translate("Brook Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/brook"))
o.default = "/usr/bin/brook"
o.rmempty = false
return m

40
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua
View File

@ -89,8 +89,7 @@ function gen_config(user)
tlsSettings = (node.stream_security == "tls") and {
disableSessionResumption = node.sessionTicket ~= "1" and true or false,
serverName = node.tls_serverName,
allowInsecure = (node.tls_allowInsecure == "1") and true or
false
allowInsecure = (node.tls_allowInsecure == "1") and true or false
} or nil,
tcpSettings = (node.transport == "tcp") and {
header = {
@ -107,25 +106,23 @@ function gen_config(user)
mtu = tonumber(node.mkcp_mtu),
tti = tonumber(node.mkcp_tti),
uplinkCapacity = tonumber(node.mkcp_uplinkCapacity),
downlinkCapacity = tonumber(
node.mkcp_downlinkCapacity),
congestion = (node.mkcp_congestion == "1") and
true or false,
downlinkCapacity = tonumber(node.mkcp_downlinkCapacity),
congestion = (node.mkcp_congestion == "1") and true or false,
readBufferSize = tonumber(node.mkcp_readBufferSize),
writeBufferSize = tonumber(
node.mkcp_writeBufferSize),
writeBufferSize = tonumber(node.mkcp_writeBufferSize),
seed = (node.mkcp_seed and node.mkcp_seed ~= "") and node.mkcp_seed or nil,
header = {type = node.mkcp_guise}
} or nil,
wsSettings = (node.transport == "ws") and {
path = node.ws_path or "",
headers = (node.ws_host ~= nil) and
{Host = node.ws_host} or nil
headers = (node.ws_host ~= nil) and {Host = node.ws_host} or nil
} or nil,
httpSettings = (node.transport == "h2") and {
path = node.h2_path, host = node.h2_host
} or nil,
dsSettings = (node.transport == "ds") and {
path = node.ds_path
} or nil,
httpSettings = (node.transport == "h2") and
{path = node.h2_path, host = node.h2_host} or
nil,
dsSettings = (node.transport == "ds") and
{path = node.ds_path} or nil,
quicSettings = (node.transport == "quic") and {
security = node.quic_security,
key = node.quic_key,
@ -165,6 +162,12 @@ function gen_config(user)
} or nil
}
}
if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then
transit_node.streamSettings.security = "none"
transit_node.streamSettings.tlsSettings = nil
end
table.insert(outbounds, 1, transit_node)
end
end
@ -214,6 +217,7 @@ function gen_config(user)
congestion = (user.mkcp_congestion == "1") and true or false,
readBufferSize = tonumber(user.mkcp_readBufferSize),
writeBufferSize = tonumber(user.mkcp_writeBufferSize),
seed = (user.mkcp_seed and user.mkcp_seed ~= "") and user.mkcp_seed or nil,
header = {type = user.mkcp_guise}
} or nil,
wsSettings = (user.transport == "ws") and {
@ -238,5 +242,11 @@ function gen_config(user)
outbounds = outbounds,
routing = routing
}
if user.transport == "mkcp" or user.transport == "ds" or user.transport == "quic" then
user.streamSettings.security = "none"
user.streamSettings.tlsSettings = nil
end
return config
end

9
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua
View File

@ -294,26 +294,35 @@ for a, t in ipairs(header_type_list) do mkcp_guise:value(t) end
mkcp_guise:depends("transport", "mkcp")
mkcp_mtu = s:option(Value, "mkcp_mtu", translate("KCP MTU"))
mkcp_mtu.default = "1350"
mkcp_mtu:depends("transport", "mkcp")
mkcp_tti = s:option(Value, "mkcp_tti", translate("KCP TTI"))
mkcp_tti.default = "20"
mkcp_tti:depends("transport", "mkcp")
mkcp_uplinkCapacity = s:option(Value, "mkcp_uplinkCapacity", translate("KCP uplinkCapacity"))
mkcp_uplinkCapacity.default = "5"
mkcp_uplinkCapacity:depends("transport", "mkcp")
mkcp_downlinkCapacity = s:option(Value, "mkcp_downlinkCapacity", translate("KCP downlinkCapacity"))
mkcp_downlinkCapacity.default = "20"
mkcp_downlinkCapacity:depends("transport", "mkcp")
mkcp_congestion = s:option(Flag, "mkcp_congestion", translate("KCP Congestion"))
mkcp_congestion:depends("transport", "mkcp")
mkcp_readBufferSize = s:option(Value, "mkcp_readBufferSize", translate("KCP readBufferSize"))
mkcp_readBufferSize.default = "1"
mkcp_readBufferSize:depends("transport", "mkcp")
mkcp_writeBufferSize = s:option(Value, "mkcp_writeBufferSize", translate("KCP writeBufferSize"))
mkcp_writeBufferSize.default = "1"
mkcp_writeBufferSize:depends("transport", "mkcp")
mkcp_seed = s:option(Value, "mkcp_seed", translate("KCP Seed"))
mkcp_seed:depends("transport", "mkcp")
-- [[ WebSocket部分 ]]--
ws_host = s:option(Value, "ws_host", translate("WebSocket Host"))

0
package/lienol/luci-app-passwall/luasrc/view/passwall/rule/brook_version.htm → package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/brook_version.htm
View File

0
package/lienol/luci-app-passwall/luasrc/view/passwall/rule/kcptun_version.htm → package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/kcptun_version.htm
View File

0
package/lienol/luci-app-passwall/luasrc/view/passwall/rule/trojan_go_version.htm → package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/trojan_go_version.htm
View File

0
package/lienol/luci-app-passwall/luasrc/view/passwall/rule/v2ray_version.htm → package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/v2ray_version.htm
View File

7
package/lienol/luci-app-passwall/po/zh-cn/passwall.po
View File

@ -67,8 +67,8 @@ msgstr "负载均衡"
msgid "Enter interface"
msgstr "进入界面"
msgid "Rule Update"
msgstr "自动更新"
msgid "Rule"
msgstr "规则"
msgid "Access control"
msgstr "访问控制"
@ -586,9 +586,6 @@ msgstr "在浏览器输入路由IP加端口访问192.168.1.1:1188"
msgid "Haproxy Port"
msgstr "负载均衡端口"
msgid "Load Balancing Setting"
msgstr "负载均衡设置"
msgid "Add a node, Export Of Multi WAN Only support Multi Wan. Load specific gravity range 1-256. Multiple primary servers can be load balanced, standby will only be enabled when the primary server is offline! Multiple groups can be set, Haproxy port same one for each group."
msgstr "添加节点指定出口功能是为多WAN用户准备的。负载比重范围1-256。多个主服务器可以负载均衡备用只有在主服务器离线时才会启用可以设置多个组负载均衡端口相同则为一组。"

25
package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -95,8 +95,8 @@ hosts_foreach() {
[ -z "${__hosts}" ] && return 0
local __ip __port
for __host in $(echo $__hosts | sed 's/[ ,]/\n/g'); do
__ip=$(echo $__host | sed -n 's/\(^[^:#]*\).*$/\1/p')
[ -n "${__default_port}" ] && __port=$(echo $__host | sed -n 's/^[^:#]*[:#]\([0-9]*\).*$/\1/p')
__port=$(echo $__host | sed -n 's/^.*[:#]\(^[0-9]*\)$/\1/p')
__ip="${__host%%${__port:+[:#]${__port}*}}"
eval "$__func \"${__host}\" \"\${__ip}\" \"\${__port:-${__default_port}}\" $@"
__ret=$?
[ ${__ret} -ge ${ERROR_NO_CATCH:-1} ] && return ${__ret}
@ -278,7 +278,7 @@ run_socks() {
local port=$(config_n_get $node port)
local msg
echolog "分析 Socks 服务 ${bind}:${local_port} 的代理服务器配置...."
echolog " 启用 ${bind}:${local_port}"
if [ -n "$server_host" ] && [ -n "$port" ]; then
server_host=$(echo $server_host | sed 's/^\(https:\/\/\|http:\/\/\)//g' | awk -F '/' '{print $1}')
[ -n "$(echo -n $server_host | awk '{print gensub(/[!-~]/,"","g",$0)}')" ] && msg="$remarks,非法的代理服务器地址,无法启动 "
@ -287,13 +287,13 @@ run_socks() {
fi
[ -n "${msg}" ] && {
echolog ${msg}
echolog " ${msg}"
return 1
}
echolog "使用代理服务器:$remarks,地址:${server_host}:${port}"
echolog " 节点:$remarks${server_host}:${port}"
if [ "$type" == "socks" ]; then
echolog "Socks节点不能使用Socks代理节点"
echolog " 不能使用 Socks 类型的代理节点"
elif [ "$type" == "v2ray" ]; then
lua $API_GEN_V2RAY $node nil nil $local_port > $config_file
ln_start_bin $(config_t_get global_app v2ray_file $(find_bin v2ray))/v2ray v2ray "-config=$config_file"
@ -314,11 +314,6 @@ run_socks() {
lua $API_GEN_SS $node $local_port > $config_file
ln_start_bin $(find_bin ${type}-local) ${type}-local "-c $config_file -b $bind -u"
fi
msg="此 Sock 服务启动失败!"
netstat -netplu | grep ":${local_port} "
[ $? -eq 0 ] && msg="看起来这个 Socks 服务已经成功开启了。"
echolog $msg
}
run_redir() {
@ -488,6 +483,7 @@ start_redir() {
start_socks() {
local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
echolog "分析 Socks 服务的节点配置..."
for id in $ids; do
local enabled=$(config_n_get $id enabled 0)
[ "$enabled" == "0" ] && continue
@ -732,6 +728,7 @@ gen_pdnsd_config() {
local perm_cache=2048
local _cache="on"
[ "$DNS_CACHE" == "0" ] && _cache="off" && perm_cache=0
echolog "准备 pdnsd 配置文件..."
cat > $pdnsd_dir/pdnsd.conf <<-EOF
global {
perm_cache = $perm_cache;
@ -754,8 +751,8 @@ gen_pdnsd_config() {
EOF
append_pdnsd_updns() {
[ -z "${2}" ] && echolog "略过错误配置的 DNS : [${1}]" && return 0
echolog "配置 pdnsd 的上游DNS[${2}:${3}]"
[ -z "${2}" ] && echolog " 略过错误 : [${1}]" && return 0
echolog " 上游DNS[${2}:${3}]"
cat >> $pdnsd_dir/pdnsd.conf <<-EOF
server {
label = "node-${2}_${3}";
@ -936,6 +933,7 @@ start() {
add_dnsmasq
source $APP_PATH/iptables.sh start
/etc/init.d/dnsmasq restart >/dev/null 2>&1
echolog "重启 dnsmasq 服务[$?]"
}
start_crontab
echolog "运行完成!\n"
@ -953,6 +951,7 @@ stop() {
stop_crontab
del_dnsmasq
/etc/init.d/dnsmasq restart >/dev/null 2>&1
echolog "重启 dnsmasq 服务[$?]"
echolog "清空并关闭相关程序和缓存完成。"
}

266
package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -30,6 +30,19 @@ comment() {
echo "-m comment --comment '$1'"
}
RULE_LAST_INDEX() {
[ $# -ge 3 ] || {
echolog "索引列举方式不正确iptables终止执行"
exit 1
}
local ipt_tmp=${1}; shift
local chain=${1}; shift
local list=${1}; shift
local default=${1:-0}; shift
local _index=$($ipt_tmp -n -L $chain --line-numbers 2>/dev/null | grep "$list" | sed -n '$p' | awk '{print $1}')
echo "${_index:-${default}}"
}
REDIRECT() {
local redirect="-j REDIRECT --to-ports $1"
[ "$2" == "TPROXY" ] && redirect="-j TPROXY --tproxy-mark 0x1/0x1 --on-port $1"
@ -136,7 +149,12 @@ load_acl() {
[ "$TCP_NODE" != "nil" ] && {
eval TCP_NODE_TYPE=$(echo $(config_n_get $TCP_NODE type) | tr 'A-Z' 'a-z')
local is_tproxy
[ "$TCP_NODE_TYPE" == "brook" -a "$(config_n_get $TCP_NODE brook_protocol client)" == "client" ] && ipt_tmp=$ipt_m && is_tproxy="TPROXY"
if [ "$TCP_NODE_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE brook_protocol client)" == "client" ]; then
echolog "为 brook 启用 TCP TPROXY 模式"
ipt_tmp=$ipt_m && is_tproxy="TPROXY"
else
echolog "使用 TCP FORWARD 模式"
fi
[ "$tcp_no_redir_ports" != "disable" ] && $ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
eval tcp_port=\$TCP_REDIR_PORT$tcp_node
$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy)
@ -149,6 +167,7 @@ load_acl() {
[ "$udp_proxy_mode" != "disable" ] && {
[ "$UDP_NODE" != "nil" ] && {
echolog "UDP 代理启用 TPROXY 模式"
eval udp_port=\$UDP_REDIR_PORT$udp_node
[ "$udp_no_redir_ports" != "disable" ] && $ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN
$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY)
@ -165,7 +184,12 @@ load_acl() {
[ "$TCP_NODE1" != "nil" -a "$TCP_PROXY_MODE" != "disable" ] && {
local TCP_NODE1_TYPE=$(echo $(config_n_get $TCP_NODE1 type) | tr 'A-Z' 'a-z')
local is_tproxy
[ "$TCP_NODE1_TYPE" == "brook" -a "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ] && ipt_tmp=$ipt_m && is_tproxy="TPROXY"
if [ "$TCP_NODE1_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ]; then
ipt_tmp=$ipt_m && is_tproxy="TPROXY"
echolog "为 brook TCP默认代理启用 TPROXY 模式!"
else
echolog "TCP默认代理使用 FORWARD 模式"
fi
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT1 $is_tproxy)
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $TCP_PROXY_MODE $TCP_REDIR_PORT1 $is_tproxy)
@ -174,11 +198,12 @@ load_acl() {
echolog "TCP默认代理模式$(get_action_chain_name $TCP_PROXY_MODE)"
# 加载UDP默认代理模式
[ "$UDP_NODE1" != "nil" -a "$UDP_PROXY_MODE" != "disable" ] && {
if [ "$UDP_NODE1" != "nil" ] && [ "$UDP_PROXY_MODE" != "disable" ]; then
echolog "UDP默认代理使用 TPROXY 模式"
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && $ipt_m -A PSW $(comment "默认") -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT1 TPROXY)
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $UDP_PROXY_MODE $UDP_REDIR_PORT1 TPROXY)
}
fi
$ipt_m -A PSW $(comment "默认") -p udp -j RETURN
echolog "UDP默认代理模式$(get_action_chain_name $UDP_PROXY_MODE)"
}
@ -187,71 +212,87 @@ filter_vpsip() {
echolog "开始过滤所有节点到白名单"
uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
#uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIP6LIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
echolog "过滤所有节点完成"
echolog "过滤所有节点直接 IP 地址完成"
}
filter_node() {
local proxy_node=${1} stream=$(echo ${2} | tr 'A-Z' 'a-z')
local proxy_port=${3}
filter_rules() {
[ -n "$1" ] && [ "$1" != "nil" ] && {
local type=$(echo $(config_n_get $1 type) | tr 'A-Z' 'a-z')
local i=$ipt_n
[ "$2" == "udp" ] || [ "$type" == "brook" -a "$(config_n_get $1 brook_protocol client)" == "client" ] && i=$ipt_m
local address=$(config_n_get $1 address)
local port=$(config_n_get $1 port)
if [ -n "$3" ] && [ "$3" == "1" ] && [ -n "$4" ]; then
is_exist=$($i -n -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port")
[ "$is_exist" == 0 ] && {
if [ "$i" == "$ipt_m" ]; then
$i -I PSW_OUTPUT 2 $(comment "$address:$port") -p $2 -d $address --dport $port $(REDIRECT 1 MARK)
else
$i -I PSW_OUTPUT 2 $(comment "$address:$port") -p $2 -d $address --dport $port $(REDIRECT $4)
fi
}
else
is_exist=$($i -n -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port")
[ "$is_exist" == 0 ] && {
local ADD_INDEX=2
local INDEX=$($i -n -L PSW_OUTPUT --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}')
[ -n "$INDEX" ] && ADD_INDEX=$INDEX
$i -I PSW_OUTPUT $ADD_INDEX $(comment "$address:$port") -p $2 -d $address --dport $port -j RETURN
}
local msg node=${1} stream=${2}
local _proxy=${3} _port=${4}
if [ -n "$node" ] && [ "$node" != "nil" ]; then
local type=$(echo $(config_n_get $node type) | tr 'A-Z' 'a-z')
local address=$(config_n_get $node address)
local port=$(config_n_get $node port)
local ipt_tmp=$ipt_n
if [ "$stream" == "udp" ] || [ "$type" == "brook" -a "$(config_n_get $node brook_protocol client)" == "client" ]; then
ipt_tmp=$ipt_m
echolog " 为 udp 或 brook 启用 TPROXY 模式"
fi
}
else
echolog " 节点配置不正常,略过"
return 0
fi
local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" PSW_OUT_PUT "$IPSET_VPSIPLIST" 2)
$ipt_tmp -n -L PSW_OUTPUT | grep -q "${address}:${port}"
if [ $? -ne 0 ]; then
local dst_rule=$(REDIRECT 1 MARK)
msg="按规则路由"
[ "$ipt_tmp" == "$ipt_m" ] || {
dst_rule=$(REDIRECT $_port)
msg="套娃使用"
}
[ -n "$_proxy" ] && [ "$_proxy" == "1" ] && [ -n "$_port" ] || {
dst_rule=" -j RETURN"
msg="直连代理"
}
$ipt_tmp -I PSW_OUTPUT $ADD_INDEX $(comment "${address}:${port}") -p $stream -d $address --dport $port $dst_rule
else
msg="转发条目已存在,略过"
fi
msg="${msg}[$?],节点(${type}${address}:${port}"
echolog " $msg"
}
local v2ray_protocol=$(config_n_get $1 protocol)
if [ "$v2ray_protocol" == "_shunt" ]; then
local default_node=$(config_n_get $1 default_node nil)
filter_rules $default_node $2
local proxy_protocol=$(config_n_get $proxy_node protocol)
local proxy_type=$(echo $(config_n_get $proxy_node type nil) | tr 'A-Z' 'a-z')
[ "$proxy_type" == "nil" ] && echolog " 节点配置不正常,略过!:${proxy_node}" && return 0
if [ "$proxy_protocol" == "_shunt" ]; then
echolog " 按请求目的地址分流(${proxy_type}..."
local default_node=$(config_n_get $proxy_node default_node nil)
filter_rules $default_node $stream
local default_node_address=$(get_host_ip ipv4 $(config_n_get $default_node address) 1)
local default_node_port=$(config_n_get $default_node port)
local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for shunt_id in $shunt_ids; do
local _proxy=$(config_n_get $1 "${shunt_id}_proxy" 0)
local _node=$(config_n_get $1 "${shunt_id}" nil)
[ "$_proxy" == 1 ] && {
local _node_address=$(get_host_ip ipv4 $(config_n_get $_node address) 1)
local _node_port=$(config_n_get $_node port)
[ "$_node_address" == "$default_node_address" ] && [ "$_node_port" == "$default_node_port" ] && {
_proxy=0
local shunt_proxy=$(config_n_get $proxy_node "${shunt_id}_proxy" 0)
local shunt_node=$(config_n_get $proxy_node "${shunt_id}" nil)
[ "$shunt_proxy" == 1 ] && {
local shunt_node_address=$(get_host_ip ipv4 $(config_n_get $shunt_node address) 1)
local shunt_node_port=$(config_n_get $shunt_node port)
[ "$shunt_node_address" == "$default_node_address" ] && [ "$shunt_node_port" == "$default_node_port" ] && {
shunt_proxy=0
}
}
filter_rules $(config_n_get $1 $shunt_id) $2 $_proxy $3
filter_rules "$(config_n_get $proxy_node $shunt_id)" "$stream" "$shunt_proxy" "$proxy_port"
done
elif [ "$v2ray_protocol" == "_balancing" ]; then
local balancing_node=$(config_n_get $1 balancing_node)
for node_id in $balancing_node
do
filter_rules $node_id $2
elif [ "$proxy_protocol" == "_balancing" ]; then
echolog " 多节点负载均衡(${proxy_type}..."
proxy_node=$(config_n_get $proxy_node balancing_node)
for _node in $proxy_node; do
filter_rules "$_node" "$stream"
done
else
filter_rules $1 $2
echolog " 普通节点(${proxy_type}..."
filter_rules "$proxy_node" "$stream"
fi
}
dns_hijack() {
$ipt_n -I PSW -p udp --dport 53 -j REDIRECT --to-ports 53
echolog "强制转发本机DNS端口 UDP/53 的请求[$?]"
}
add_firewall_rule() {
@ -272,16 +313,20 @@ add_firewall_rule() {
EOF
# 忽略特殊IP段
local lan_ifname lan_ip
lan_ifname=$(uci -q -p /var/state get network.lan.ifname)
[ -n "$lan_ifname" ] && {
lan_ip=$(ip address show $lan_ifname | grep -w "inet" | awk '{print $2}')
echolog "本机网段互访直连:${lan_ip}"
[ -n "$lan_ip" ] && ipset -! add $IPSET_LANIPLIST $lan_ip >/dev/null 2>&1 &
}
ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
local ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
[ -n "$ISP_DNS" ] && {
echolog "处理 ISP DNS 例外..."
for ispip in $ISP_DNS; do
ipset -! add $IPSET_WHITELIST $ispip >/dev/null 2>&1 &
echolog " 追加到白名单:${ispip}"
done
}
@ -311,27 +356,6 @@ add_firewall_rule() {
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
# 过滤Socks节点
local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for id in $ids; do
local enabled=$(config_n_get $id enabled 0)
[ "$enabled" == "0" ] && continue
local node=$(config_n_get $id node nil)
if [ "$(echo $node | grep ^tcp)" ]; then
local num=$(echo $node | sed "s/tcp//g")
eval node=\$TCP_NODE$num
fi
[ "$node" == "nil" ] && continue
filter_node $node tcp
filter_node $node udp
done
for i in $(seq 1 $TCP_NODE_NUM); do
eval node=\$TCP_NODE$i
eval port=\$TCP_REDIR_PORT$i
[ "$node" != "nil" ] && filter_node $node tcp $port
done
# 加载路由器自身代理 TCP
if [ "$TCP_NODE1" != "nil" ]; then
local ipt_tmp=$ipt_n
@ -340,7 +364,9 @@ add_firewall_rule() {
local blist_r=$(REDIRECT $TCP_REDIR_PORT1)
local p_r=$(get_redirect_ipt $LOCALHOST_TCP_PROXY_MODE $TCP_REDIR_PORT1)
TCP_NODE1_TYPE=$(echo $(config_n_get $TCP_NODE1 type) | tr 'A-Z' 'a-z')
echolog "加载路由器自身 TCP 代理..."
if [ "$TCP_NODE1_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ]; then
echolog " 为 brook 启用 TCP TPROXY 模式"
ipt_tmp=$ipt_m
dns_l="PSW"
dns_r="$(REDIRECT $TCP_REDIR_PORT1 TPROXY)"
@ -350,66 +376,122 @@ add_firewall_rule() {
_proxy_tcp_access() {
[ -n "${2}" ] || return 0
ipset test $IPSET_LANIPLIST ${2} 2>/dev/null
[ $? == 0 ] && return 0
$ipt_tmp -I $dns_l 2 -p tcp -d ${2} --dport ${3} $dns_r
[ "$ipt_tmp" == "$ipt_m" ] && $ipt_tmp -I PSW_OUTPUT 2 -p tcp -d ${2} --dport ${3} $(REDIRECT 1 MARK)
[ $? -eq 0 ] && {
echolog " 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 TCP 代理转发对该服务器 TCP/${3} 端口的访问"
return 0
}
local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" "$dns_l" "$IPSET_VPSIPLIST" 2)
$ipt_tmp -I $dns_l $ADD_INDEX -p tcp -d ${2} --dport ${3} $dns_r
[ "$ipt_tmp" == "$ipt_m" ] && $ipt_tmp -I PSW_OUTPUT $ADD_INDEX -p tcp -d ${2} --dport ${3} $(REDIRECT 1 MARK)
echolog " 将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 TCP 转发链${ADD_INDEX}[$?]"
}
[ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_tcp_access 53
$ipt_tmp -A OUTPUT -p tcp -j PSW_OUTPUT
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
echolog " 按要求设置全局例外 TCP 端口[$?]$TCP_NO_REDIR_PORTS"
}
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $blist_r
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $p_r
fi
local PRE_INDEX=1
ADBYBY_INDEX=$($ipt_n -L PREROUTING --line-numbers | grep "ADBYBY" | sed -n '$p' | awk '{print $1}')
if [ -n "$ADBYBY_INDEX" ]; then
PRE_INDEX=$(expr $ADBYBY_INDEX + 1)
local PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING ADBYBY)
if [ "$PR_INDEX" == "0" ]; then
PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING prerouting_rule)
else
PR_INDEX=$($ipt_n -L PREROUTING --line-numbers | grep "prerouting_rule" | sed -n '$p' | awk '{print $1}')
[ -n "$PR_INDEX" ] && PRE_INDEX=$(expr $PR_INDEX + 1)
echolog "发现 adbyby 规则链adbyby 规则优先..."
fi
$ipt_n -I PREROUTING $PRE_INDEX -p tcp -j PSW
PR_INDEX=$((PR_INDEX + 1))
$ipt_n -I PREROUTING $PR_INDEX -p tcp -j PSW
echolog "使用链表 PREROUTING 排列索引${PR_INDEX}[$?]"
if [ "$PROXY_IPV6" == "1" ]; then
local msg="IPv6 配置不当,无法代理"
[ -n "$lan_ifname" ] && {
lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段
[ -n "$lan_ipv6" ] && {
$ip6t_n -N PSW
$ip6t_n -A PREROUTING -j PSW
msg="接管 IPv6 流量[$?]"
[ -n "$lan_ipv6" ] && {
for ip in $lan_ipv6; do
$ip6t_n -A PSW -d $ip -j RETURN
done
}
[ "$use_ipv6" == "1" -a -n "$server_ip" ] && $ip6t_n -A PSW -d $server_ip -j RETURN
[ "$use_ipv6" == "1" ] && [ -n "$server_ip" ] && $ip6t_n -A PSW -d $server_ip -j RETURN
$ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT1)
#$ip6t_n -I OUTPUT -p tcp -j PSW
msg="${msg},转发 IPv6 TCP 流量到节点1[$?]"
}
}
echolog "$msg"
fi
for i in $(seq 1 $UDP_NODE_NUM); do
eval node=\$UDP_NODE$i
eval port=\$UDP_REDIR_PORT$i
[ "$node" == "tcp" ] && eval node=\$TCP_NODE$i && eval port=\$TCP_REDIR_PORT$i
[ "$node" != "nil" ] && filter_node $node udp $port
# 过滤Socks节点
local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
echolog "分析 Socks 服务所使用节点..."
for id in $ids; do
local enabled=$(config_n_get $id enabled 0)
[ "$enabled" == "1" ] || continue
local node=$(config_n_get $id node nil)
local port=$(config_n_get $id port 0)
local msg="Socks 服务 [:${port}]"
if [ "$node" == "nil" ] || [ "$port" == "0" ]; then
msg="${msg} 未配置完全,略过"
elif [ "$(echo $node | grep ^tcp)" ]; then
local num=$(echo $node | sed "s/tcp//g")
eval "node=\${TCP_NODE$num}"
msg="${msg} 使用与 TCP 代理自动切换${num} 相同的节点,延后处理"
else
filter_node $node tcp
filter_node $node udp
fi
echolog " $msg[$?]"
done
# 处理轮换节点的分流或套娃
local node port stream
for stream in TCP UDP; do
for switch in $(eval "seq 1 \${${stream}_NODE_NUM}"); do
eval "node=\${${stream}_NODE$switch}"
eval "port=\${${stream}_REDIR_PORT$switch}"
echolog "分析 $stream 代理自动切换$switch..."
[ "$node" == "tcp" ] && [ "$stream" == "UDP" ] && {
eval "node=\${TCP_NODE$switch}"
eval "port=\${TCP_REDIR_PORT$switch}"
echolog " 采用 TCP 代理的配置"
}
if [ "$node" != "nil" ]; then
filter_node $node $stream $port
else
echolog " 忽略无效的 $stream 代理自动切换$switch"
fi
done
done
# 加载路由器自身代理 UDP
if [ "$UDP_NODE1" != "nil" ]; then
echolog "加载路由器自身 UDP 代理..."
local UDP_NODE1_TYPE=$(echo $(config_n_get $UDP_NODE1 type) | tr 'A-Z' 'a-z')
_proxy_udp_access() {
[ -n "${2}" ] || return 0
ipset test $IPSET_LANIPLIST ${2} 2>/dev/null
[ $? == 0 ] && return 0
local ADD_INDEX=2
[ $? == 0 ] && {
echolog " 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 UDP 代理转发对该服务器 UDP/${3} 端口的访问"
return 0
}
local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" "$dns_l" "$IPSET_VPSIPLIST" 2)
$ipt_m -I PSW $ADD_INDEX -p udp -d ${2} --dport ${3} $(REDIRECT $UDP_REDIR_PORT1 TPROXY)
$ipt_m -I PSW_OUTPUT $ADD_INDEX -p udp -d ${2} --dport ${3} $(REDIRECT 1 MARK)
echolog " 将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链${ADD_INDEX}[$?]"
}
[ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_udp_access 53
$ipt_m -A OUTPUT -p udp -j PSW_OUTPUT
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && $ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN
echolog " 按要求配置例外 UDP 端口[$?]$UDP_NO_REDIR_PORTS"
}
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK)
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $LOCALHOST_UDP_PROXY_MODE 1 MARK)
fi

2
package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_host
View File

@ -49,6 +49,8 @@ fox.com
gamer.com.tw
ggpht.com
github-production-release-asset-2e65be.s3.amazonaws.com
githubapp.com
githubassets.com
github.com
github.io
githubusercontent.com

8
package/ntlf9t/luci-app-clash/luasrc/model/cbi/clash/update/update.lua
View File

@ -24,13 +24,13 @@ sul.addremove=false
o = sul:option(FileUpload, "")
o.description =''..font_red..bold_on..translate("Manually download, unzip and rename clash core from links below and upload")..bold_off..font_off..' '
.."<br />"
..translate("Dreamacro clash tun core (dtun) - (https://github.com/Dreamacro/clash/releases/tag/premium)")
..translatef("<a href=\"%s\" target=\"_blank\">" .. "Dreamacro clash core - clash</a>", translate("https://github.com/Dreamacro/clash/releases/latest"))
.."<br />"
..translate("Dreamacro clash core - (https://github.com/Dreamacro/clash/releases)")
..translatef("<a href=\"%s\" target=\"_blank\">" .. "Frainzy1477 clashr core - clash</a>", translate("https://github.com/frainzy1477/clash_dev/releases/latest"))
.."<br />"
..translate("comzyh clash tun core (ctun) - (https://github.com/comzyh/clash/releases)")
..translatef("<a href=\"%s\" target=\"_blank\">" .. "comzyh clash tun core - clash(ctun)</a>", translate("https://github.com/comzyh/clash/releases/latest"))
.."<br />"
..translate("Frainzy1477 clash core - (https://github.com/frainzy1477/clash_dev/releases)")
..translatef("<a href=\"%s\" target=\"_blank\">" .. "Dreamacro clash tun core - clash(premium)</a>", translate("https://github.com/Dreamacro/clash/releases/tag/premium"))
o.title = translate(" ")