diff --git a/README.md b/README.md index 71cb7eb0a4..8605dae254 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Has access to both ChinaNet & Internet ```bash sudo apt-get update -y sudo apt-get full-upgrade -y -sudo apt-get install -y build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libreadline-dev libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint ccache curl wget vim nano python python3 python-pip python3-pip python-ply python3-ply haveged lrzsz device-tree-compiler scons antlr3 gperf intltool +sudo apt-get install -y build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libreadline-dev libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint ccache curl wget vim nano python python3 python-pip python3-pip python-ply python3-ply haveged lrzsz device-tree-compiler scons antlr3 gperf intltool rsync ``` #### For mainland China & Ubuntu(16.04+) user, you may run the following command to setup quickly: ```bash diff --git a/package/ctcgfw/luci-app-adguardhome/root/usr/share/AdGuardHome/links.txt b/package/ctcgfw/luci-app-adguardhome/root/usr/share/AdGuardHome/links.txt index 1059be5512..b9af4f2c9a 100644 --- a/package/ctcgfw/luci-app-adguardhome/root/usr/share/AdGuardHome/links.txt +++ b/package/ctcgfw/luci-app-adguardhome/root/usr/share/AdGuardHome/links.txt @@ -1,3 +1,2 @@ -https://github.com/AdguardTeam/AdGuardHome/releases/download/${latest_ver}/AdGuardHome_linux_${Arch}.tar.gz https://static.adguard.com/adguardhome/release/AdGuardHome_linux_${Arch}.tar.gz -#https://static.adguard.com/adguardhome/beta/AdGuardHome_linux_${Arch}.tar.gz \ No newline at end of file +#https://static.adguard.com/adguardhome/beta/AdGuardHome_linux_${Arch}.tar.gz diff --git a/package/ctcgfw/luci-app-openclash/Makefile b/package/ctcgfw/luci-app-openclash/Makefile index f134389612..30fe8d7591 100644 --- a/package/ctcgfw/luci-app-openclash/Makefile +++ b/package/ctcgfw/luci-app-openclash/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-openclash -PKG_VERSION:=0.39.4 +PKG_VERSION:=0.39.5 PKG_RELEASE:=beta PKG_MAINTAINER:=vernesong @@ -41,6 +41,7 @@ define Build/Prepare cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_rules_2.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_rules_2.list" >/dev/null 2>&1 cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_hosts.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_hosts.list" >/dev/null 2>&1 cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_fake_filter.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_fake_filter.list" >/dev/null 2>&1 + cp "$(PKG_BUILD_DIR)/files/etc/openclash/custom/openclash_custom_domain_dns.list" "$(PKG_BUILD_DIR)/files/usr/share/openclash/backup/openclash_custom_domain_dns.list" >/dev/null 2>&1 endef define Build/Configure @@ -64,6 +65,7 @@ if [ -f "/etc/openclash/custom/openclash_custom_rules.list" ]; then cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/tmp/openclash_custom_rules_2.list.bak" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_hosts.list" "/tmp/openclash_custom_hosts.list.bak" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/tmp/openclash_custom_fake_filter.list.bak" >/dev/null 2>&1 + cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/tmp/openclash_custom_domain_dns.list.bak" >/dev/null 2>&1 fi endef @@ -91,6 +93,7 @@ cp "/etc/openclash/custom/openclash_custom_rules.list" "/usr/share/openclash/bac cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/usr/share/openclash/backup/openclash_custom_rules_2.list" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_hosts.list" "/usr/share/openclash/backup/openclash_custom_hosts.list" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/usr/share/openclash/backup/openclash_custom_fake_filter.list" >/dev/null 2>&1 +cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/usr/share/openclash/backup/openclash_custom_domain_dns.list" >/dev/null 2>&1 if [ -f "/tmp/openclash.bak" ]; then mv "/tmp/openclash.bak" "/etc/config/openclash" >/dev/null 2>&1 @@ -98,6 +101,7 @@ if [ -f "/tmp/openclash.bak" ]; then mv "/tmp/openclash_custom_rules_2.list.bak" "/etc/openclash/custom/openclash_custom_rules_2.list" >/dev/null 2>&1 mv "/tmp/openclash_custom_hosts.list.bak" "/etc/openclash/custom/openclash_custom_hosts.list" >/dev/null 2>&1 mv "/tmp/openclash_custom_fake_filter.list.bak" "/etc/openclash/custom/openclash_custom_fake_filter.list" >/dev/null 2>&1 + mv "/tmp/openclash_custom_domain_dns.list.bak" "/etc/openclash/custom/openclash_custom_domain_dns.list" >/dev/null 2>&1 if [ -d "/tmp/openclash_history/" ]; then cp -a "/tmp/openclash_history/." "/etc/openclash/history" >/dev/null 2>&1 rm -rf "/tmp/openclash_history" >/dev/null 2>&1 @@ -168,6 +172,7 @@ define Package/$(PKG_NAME)/prerm cp "/etc/openclash/custom/openclash_custom_rules_2.list" "/tmp/openclash_custom_rules_2.list.bak" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_hosts.list" "/tmp/openclash_custom_hosts.list.bak" >/dev/null 2>&1 cp "/etc/openclash/custom/openclash_custom_fake_filter.list" "/tmp/openclash_custom_fake_filter.list.bak" >/dev/null 2>&1 + cp "/etc/openclash/custom/openclash_custom_domain_dns.list" "/tmp/openclash_custom_domain_dns.list.bak" >/dev/null 2>&1 endef define Package/$(PKG_NAME)/postrm diff --git a/package/ctcgfw/luci-app-openclash/files/etc/init.d/openclash b/package/ctcgfw/luci-app-openclash/files/etc/init.d/openclash index 8fc28b48a3..6c3353e8bb 100755 --- a/package/ctcgfw/luci-app-openclash/files/etc/init.d/openclash +++ b/package/ctcgfw/luci-app-openclash/files/etc/init.d/openclash @@ -62,8 +62,11 @@ change_dns() { if [ "$2" -eq "1" ]; then uci set dhcp.@dnsmasq[0].cachesize=0 2>/dev/null fi + uci commit dhcp uci commit openclash + + /usr/share/openclash/openclash_custom_domain_dns.sh } revert_dns() { @@ -93,6 +96,7 @@ revert_dns() { uci commit dhcp uci commit openclash rm -rf /tmp/dnsmasq.d/dnsmasq_openclash.conf >/dev/null 2>&1 + rm -rf /tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf >/dev/null 2>&1 } kill_clash() @@ -1022,7 +1026,7 @@ do_run_core() core_type="Game" fi - if [ "$proxy_mode" = "Script" ] || [ "$rule_source" = "ConnersHua" ]; then + if [ "$proxy_mode" = "script" ] || [ "$rule_source" = "ConnersHua" ]; then ln -s /etc/openclash/core/clash_tun /etc/openclash/clash 2>/dev/null core_type="Tun" fi @@ -1077,6 +1081,21 @@ cat > "/var/etc/openclash.include" <<-EOF /etc/init.d/openclash reload >/dev/null 2>&1 EOF +if [ "$china_ip_route" -eq 1 ]; then + if [ ! -f "/tmp/china_ip_route.ipset" ]; then + cp /etc/openclash/rule_provider/ChinaIP.yaml /tmp/china_ip_route.list 2>/dev/null + sed -i "s/'//g" /tmp/china_ip_route.list 2>/dev/null + sed -i "s/^ \{0,\}- //g" /tmp/china_ip_route.list 2>/dev/null + sed -i '/payload:/d' /tmp/china_ip_route.list 2>/dev/null + sed -i '/^ \{0,\}#/d' /tmp/china_ip_route.list 2>/dev/null + echo "create china_ip_route hash:net family inet hashsize 1024 maxelem 65536" >/tmp/china_ip_route.ipset + awk '!/^$/&&!/^#/{printf("add china_ip_route %s'" "'\n",$0)}' /tmp/china_ip_route.list >>/tmp/china_ip_route.ipset + rm -rf /tmp/china_ip_route.list 2>/dev/null + fi + ipset -! flush china_ip_route 2>/dev/null + ipset -! restore /dev/null +fi + #lan_ac if [ "$operation_mode" = "redir-host" ] && [ "$en_mode" = "redir-host" ]; then if [ "$lan_ac_mode" = "0" ] && [ -n "$(uci get openclash.config.lan_ac_black_ips 2>/dev/null)" ]; then @@ -1114,6 +1133,9 @@ if [ -z "$en_mode_tun" ]; then iptables -t nat -A openclash -m set --match-set localnetwork dst -j RETURN iptables -t nat -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1 iptables -t nat -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1 + if [ "$en_mode" = "redir-host" ]; then + iptables -t nat -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1 + fi iptables -t nat -A openclash -p tcp -j REDIRECT --to-ports "$proxy_port" iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j REDIRECT --to-ports "$proxy_port" iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j REDIRECT --to-ports "$proxy_port" @@ -1127,6 +1149,9 @@ if [ -z "$en_mode_tun" ]; then iptables -t mangle -A openclash -m set --match-set localnetwork dst -j RETURN iptables -t mangle -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1 iptables -t mangle -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1 + if [ "$en_mode" = "redir-host" ]; then + iptables -t mangle -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1 + fi iptables -t mangle -A openclash -p udp --dport 53 -j RETURN >/dev/null 2>&1 #端口转发 config_load "firewall" @@ -1201,6 +1226,7 @@ else #其他流量 iptables -t mangle -A openclash -m set --match-set lan_ac_black_ips src -j RETURN >/dev/null 2>&1 iptables -t mangle -A openclash -m set ! --match-set lan_ac_white_ips src -j RETURN >/dev/null 2>&1 + iptables -t mangle -A openclash -m set --match-set china_ip_route dst -j RETURN >/dev/null 2>&1 iptables -t mangle -A openclash -m set ! --match-set localnetwork dst -j MARK --set-mark "$PROXY_FWMARK" iptables -t mangle -I PREROUTING -j openclash iptables -t nat -I PREROUTING -p tcp --dport 53 -j ACCEPT @@ -1278,6 +1304,7 @@ revert_firewall() #ip6tables -t mangle -D PREROUTING -j MARK --set-mark "$PROXY_FWMARK" >/dev/null 2>&1 ipset destroy localnetwork >/dev/null 2>&1 + ipset destroy china_ip_route >/dev/null 2>&1 ipset destroy lan_ac_white_ips >/dev/null 2>&1 ipset destroy lan_ac_black_ips >/dev/null 2>&1 } @@ -1306,6 +1333,7 @@ get_config() lan_ac_mode=$(uci get openclash.config.lan_ac_mode 2>/dev/null) enable_rule_proxy=$(uci get openclash.config.enable_rule_proxy 2>/dev/null) stack_type=$(uci get openclash.config.stack_type 2>/dev/null) + china_ip_route=$(uci get openclash.config.china_ip_route 2>/dev/null) } start() @@ -1423,7 +1451,9 @@ if [ "$enable" -eq 1 ] && [ -f "$CONFIG_FILE" ]; then mv "$START_BACKUP" /tmp/configrules.bak sed -i -n '/^rules:/,$p' /tmp/configrules.bak sed -i '/^rules:/,$d' "$CONFIG_FILE" 2>/dev/null - sed -i '/##Other-rule-providers##/,/##Other-rule-providers-end##/d' "$CONFIG_FILE" 2>/dev/null + if [ -z "$(grep "##source:" /tmp/configrules.bak 2>/dev/null)" ]; then + sed -i '/##Other-rule-providers##/,/##Other-rule-providers-end##/d' "$CONFIG_FILE" 2>/dev/null + fi cat /tmp/configrules.bak >> "$CONFIG_FILE" rm -rf /tmp/configrules.bak nohup "$CLASH" -d "$CLASH_CONFIG" -f "$CONFIG_FILE" >> $LOG_FILE 2>&1 & diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/ConnersHua.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/ConnersHua.yaml index 4b139049ac..8ad79ad148 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/ConnersHua.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/ConnersHua.yaml @@ -50,6 +50,7 @@ rule-providers: # 规则 rules: +##source:ConnersHua # Unbreak - RULE-SET,Unbreak,DIRECT @@ -76,11 +77,11 @@ rules: - IP-CIDR,224.0.0.0/4,DIRECT # (可选)使用来自 ipipdotnet 的 ChinaIP 以解决数据不准确的问题,使用 ChinaIP.yaml 时可禁用下列直至(包括)「GEOIP,CN」规则 - # - RULE-SET,ChinaIP,DIRECT + - RULE-SET,ChinaIP,DIRECT # Tencent - IP-CIDR,119.28.28.28/32,DIRECT - IP-CIDR,182.254.116.0/24,DIRECT # GeoIP China - - GEOIP,CN,DIRECT + #- GEOIP,CN,DIRECT - - MATCH,MATCH \ No newline at end of file + - MATCH,MATCH diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/Country.mmdb b/package/ctcgfw/luci-app-openclash/files/etc/openclash/Country.mmdb index 7addad1644..fe0fae367b 100644 Binary files a/package/ctcgfw/luci-app-openclash/files/etc/openclash/Country.mmdb and b/package/ctcgfw/luci-app-openclash/files/etc/openclash/Country.mmdb differ diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/custom/openclash_custom_domain_dns.list b/package/ctcgfw/luci-app-openclash/files/etc/openclash/custom/openclash_custom_domain_dns.list new file mode 100644 index 0000000000..6e1fa82b46 --- /dev/null +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/custom/openclash_custom_domain_dns.list @@ -0,0 +1 @@ +#baidu.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/default.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/default.yaml index 6c24fe3221..31f55e8518 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/default.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/default.yaml @@ -134,6 +134,32 @@ proxies: # 节点设置,此部分与proxy-provider两者不能同时删除 # headers: # custom: value +# shadowsocksR +#The supported shadowsocksR ciphers(encrypt methods): +#aes-128-cfb aes-192-cfb aes-256-cfb +#aes-128-ctr aes-192-ctr aes-256-ctr +#rc4-md5 chacha20-ietf xchacha20 + +#The supported shadowsocksR obfses: +#plain http_simple http_post +#random_head tls1.2_ticket_auth tls1.2_ticket_fastauth + +#The supported shadowsocksR protocols: +#origin auth_sha1_v4 auth_aes128_md5 +#auth_aes128_sha1 auth_chain_a auth_chain_b + +- name: "ssr" + type: ssr + server: server + port: 443 + cipher: chacha20-ietf + password: "password" + obfs: tls1.2_ticket_auth + protocol: auth_sha1_v4 + # obfs-param: domain.tld + # protocol-param: "#" + # udp: true + # vmess # cipher support auto/aes-128-gcm/chacha20-poly1305/none - name: "vmess" diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/openclash_version b/package/ctcgfw/luci-app-openclash/files/etc/openclash/openclash_version index a95046e87a..142d6c6ebd 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/openclash_version +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/openclash_version @@ -1,2 +1,2 @@ -v0.39.4-beta -data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAXMAAAAqCAMAAAB2kksrAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyNpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQ4IDc5LjE2NDAzNiwgMjAxOS8wOC8xMy0wMTowNjo1NyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIDIxLjAgKFdpbmRvd3MpIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjJGMzk0NDY3Qzc3RDExRUE4OEE0Q0UzQTlCQzg5OURDIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOjJGMzk0NDY4Qzc3RDExRUE4OEE0Q0UzQTlCQzg5OURDIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6MkYzOTQ0NjVDNzdEMTFFQTg4QTRDRTNBOUJDODk5REMiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6MkYzOTQ0NjZDNzdEMTFFQTg4QTRDRTNBOUJDODk5REMiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz5EzkHVAAADAFBMVEVISEiTvNMHZ53R0dEGVYJJns9sbGwGcKw9PT1TiqqFhYW6urokhLsahMFknr5FmsqUxeGGv986lsphlLEGX5KCgoKenp5YpdLa2tqlpaV4eHgKbKLf39/n5+c/Pz/GxsahoaHOzs4kaZFpaWnR5vI0dJp2ttqRkZFmrdWizOVwcHAJdbS/v79FRUWsrKy1tbUFbakwk8vR4uxklrKStcjKysoJca5iYmLw9fdkq9MIZJkEU4CiwNFLS0tDQ0Pg4ODB2eeLi4sEYJWDs85GirGDrcVFkbx2dnYXYo2y1uoGdLLAwMCcnJwEWorDw8NBQUGx0OIXgL0neKZCQkJFgKImcJu2trajxdgrjseXl5fB1eBHnM0HXI0FaaJlZWUnicGNjY2yytgFZZtzobsEXI6xzdwFcrA2kcYHbKWkzuavr69hYWGiyN4Zdapyn7iUlJSDqsEJWIUIYZQEYph0dHQJcKuJweJ0sdU1hbJDfqEHWIcRgsMCc7QBcrNRUVFUVFRVVVVSUlIFdrcLfL1WVlYHeLkKe7wDdbUDdLQEdrYOgMAEdbYOf8ADdLUSg8NXV1cSg8QShMQAcrIThMUGd7gOf78Nfr8Nfr4Mfb4Mfb0Je7sJersIebkIeboJero6OjqqqqrU1NTV1dWrq6upqak7OzvC3u6AgIB+fn7w9/sHVoSBgYHq6upMTEzz8/P19fWEvN3h7/eEvd309PTB3u6Fvt5/f3+DvNzA1N/B3e3v9PeCqcDg6u/B3e6JiYno6Oh0s9gLernC3+8UXonW1taDq8KFvd7g6vChv9CEtNAJeLiErMLg7vYFa6aDu9zD3+/R3+gFZ58JaaALdK9Gm8vg7/cEWIjB1+MJWogLb6gIV4QGdbRGhKcKebjv9vpVos+Dr8gVaJcEVYOFvd11qMUHXo8mbZWAudnC2OSErcVkmbdor9fB2+vP5PEzeqNTU1MPgMEQgcJZWVlaWlpfX19bW1tcXFxNTU1eXl5PT09QUFBYWFhdXV1OTk7///////9pX66UAAABAHRSTlP///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////8AU/cHJQAADEJJREFUeNrsVwlUVNcZfirLiKKAMsBERlEQRAcwQVHGgaDGKLagiRpF0YrENXE3i22DhKVbWrqYtEXNsEkYZJHFiOBujHviFrMnxhTTpsuk1gbE8NH/3vdm5r1BDKfJ8ZyZ43cO7/7r99/33Zn3BqGjo3rlsJvOgD84AEY/Y+roEDriN950DvzOITA6uEOoDm91EvzWMTDaJKx0Fslbf+MgeEYI/8ZZ8GMHwWjhm/ua32s4keb/dhQIXzsN7mt+7/GVo0D4r9Pgvub3Hr90FAj/cRq85Ci4o+a+ERERPwr//lVZ6Ou70OqE+/p2p0fjq+km+8tdwme493Af++BXnn7e3t6uVn/u3+West91rl3EG94v/98QbtgjZk41OOLnxdz4jvCN8FX41ZhntadjTHco3sAb3Rz2ShfwfJvfztueL8mjc8UoavxE30v0XO9A4Ad424W8O0VscPV2feWu6KS5pgLwL1arg2gHvt9V8whEyN3sUYi3Hi0Q+v1q/scucBQP9pvc70EcVURdgfNnzkwYB7gydwXG/WXygL9KngI+JmCPXWxPp0j3chzCbSVi4lHlplURDOoq39vfEaS5wg8H3CRzHqoyu0OhU+m6OexPd0YYTkxdt27d1HEIk4ddJ1xfx8InsIIXjaOizZsnoMa+f64J47DHLrinU6R7OQ6hk0pVMao4wWDQqVTZw7qrrcZXcTy+vm531lwIxBDJLMKcdqlYc2fGGDvN3ZRDYiwVFvz5zpiGJc3vX3q/+QymycOX1q1rfuCB2PfO4Ch5RxH93gOXNq2nk/FTtnsG46EU7LEj3cMic119ZCFXi7dHVu3qqqgRYa95NdTaF7iVbWBGEXZxbxeKpOu8eKD4djGKY4rpMcSyxewFUF3M64AY7hbFcEeElf0FNSokAYHwbBJuOstXJNxWkN8eUsHDjLIYInECD02PkSrdeOMc+dazJPihRrJq4JeVZcJHR8g+8hFMWTJcij3NliM98BQtEIuyYkneLAVKMeGDd+2DWaSrXw1/G4i+5wpYPMtNZ2X51HDDZN8s5CmwC8jLtDgZGXl5pLmUKOLX+CJGU5xXjDFchF159DSq7hPQpxrTWR0pheogf3oDk1NUgYoigo3/BqDhxhAE0mhNNSpWBgwG5inI5wB9AgIG0V7yaFAxq58HDA5YWYH4GF5ZXY1DQYEkumzv1nuqwXy++jDxPYGnufc04JnVCT6mxse4UFO4e+RvKFXkV2DxB++X3kFzesg/nEK7nS+yoKbHqRlAGB1SDWpKCVlZ81HzxKlTT5ngdVfNSQqDImCvOeqGVKqEGJIChw5qVVu+zouEv0CPf6EKj3LNDx0kbxX3VGqo2avBRmfwRyQ34lHQxq5zWN4N1XJy+g64sfCWIKvmFPJgQ/z5yVJlr3ByPXifBbkSNh3HCm6swPFNufOBsdwbS/rkKvHmm6VICYklqxFhYugUSuUVw3F+amxuKd6074Rp0tTy8qnn8Q5zgzGhnDALptzc8uM4zpzc3EWz2FoeQoetaBayFShGkFkRKMJrfH0NRfx6qIWpIVDhYP6mbVsFZKh0gk4VikiqAAwqVVyyKgnF2dlxQzAkjmCjM3ugjq2P0gMnOzsBgSqtQL1JSJCRvwYQo5BMbxS2IyLKno4kFtKy42CV/iqVNk6rqpJ2x2G9p9niTXqaMDuXaf4xj37cWXP6mAZ/uXkkWRPwjqiLl0LzMDROXZ9Lmn9u1/k5HikvHzjQ5Trgk5vrhxPlC3peXF++GH65A6/i6kACnXL5gtiLF2M3p9gN7qR5r+y7ah6kEjKyM8xUqNZWkoYZCfBPzqBUhhuvAFg4mx7cxVbB5GgBkzebfTnYtUDHgm282ko+DBjlxg4ozkoxCKGMNiO5SjydoLg2ciuD5JrnW3BxMcJoCcPii/n5pLkUJs3zlZg8mV6PwZ5kXW/EO8Pnzx9eCpTa8stMjSELTufnl6KW+6UiyKrFIxcpcXrBCTbKC9GxLD92LSuslarzR47Nn19bO+3hRrvBwhYFCjBIGSDN+Uqa82svs6UwwGJYwSoAsSAABTxZoKTbUpmEUbRUIDSTkVtRICO/Rc9zDBqlHrbFSgE8KqaCxMpCka2XtDuObRaMfAjBtJSi98ht2y4DUhi4vE0JFxeXBU9iBVmxIef5Ns7+Az1seWLYfJqvtRIDB1m1UmRkCjNKbfdRa8uRZZKiysF2mmuAVXfVvMh6OAUWo6KAI0CdwMWR5ztrbtagbhXxoIWTF1l6NTLyTJWHP9+qWqa5JltSuUBWWSTX/FUr1jdiWf4i7F9Pdl9AigJ9819VYOym5c29YSJr5GaXWY9MmvRccwr6bbPm6yED+bNEkLUbu8WSh5lRj/rdHJPWTpHl6F/bJ76cPLv5XVxWjBUylADWKPxCvM7X11FovTKQFBbDf6eEZN4vz1urbIirogmjkCRw8hJLryAn11HALZR+lmy0UFThoJgaBLWs0rI7jh1WLI/GiB27sTaK7E30KeNB+sBv2tEZkwG2jF3gwjAVeMya2tYjpZ7DhLP19RRwEUEW6SrWBOPZHTvqES2lXHracjOB1TyWIu3AAjvN2+eg4qbFuTmM3dXBu2tO34xvBBGG7mheOQdjMurgkUl2AP1glNAuJ88waNk5BLJukSIIkeKW6APflebbbbgO08yzmM3MxBSM57HDSEnc3hnj0Sga7j179lzqhZTlO6y5ZknIFKx1cWElIsjai728YhHw3KvbJ2F/TwnuthwdssuG5e6J2+txWTFSMCuQaaYnaatoH6wrM5v7YBSzW0ehkJYyfmUoQYlo0L+WY6TYRvqj57ksrxa7FaAfOmpUPc5M+rWuFoOtw2TkG2muuUVQ+bOsSEQ/d1pF2kBBVlmIMhtxjg1pDZiGxT25vRoH+BqM1WwZf+DAMrYeXsSjdDQnbX2HgZBEZhw44MVomkW8i6vNzTlykK58HYH9qTk76IfSYTE+k1ifxQhu96fvDFuXnUV/RbOd5uY4D/qVHHmwrKyE/iUpY7eHkrKyyDp0pXkLfdDHUOFGdUVJJ83dQOfWukY5IRB1iDTw8yohdjop4i+TkZNxsNU8rARVNy1EWn8MIiaq17R0Q/PEAfQA7s3Vy/lsP0Ysylk0Ao2fiWqJCuzDtMP9++81ofE6PwpyDh8ABojaAvtkdPskheWam7w+7T+eGp4fm5PTMxrYSyfZ38tE3M+BrjPH57jvR3BY/09HAN+i+S2jW6D00qhS3yCFIrl9aE1XmptVmiqp4QedNBfEbsWE9lCKrJKGqS1vqHAZebhEWOUhWIl04luV/jMyd6X5VhnSG7F/oGheCGnknY0hF5j7FinA1qekwftDJkph5jyvd+dNpLmMbR/e2qrEW1J344Ar5CXqmyz3sYwGnuTW1ihpcI8HxYlWCJl2EIxGjTooKKhEYzRWZmYajB7Tg5LoTtUJlFzIrwwatUayDEadR5/Cwj5rzDry1Gp5vt3okVQ4eIhyQrZarY4TTZ3RHJpUWBjhoauUkVfqPCJ6FQ4O1aluWQdpjTSkl9psNMi3kaBeaOOV31Zq76be50TzwyvHlszYN2PJsWsfMndKU1NffipDV59saDg54Ni1RB5uaGiI7q3Xp4pNTU39ZGz9mqbYaT6laVbvCSkN0UP1UczdoB+65MkD+3o8dIxcd/2AJ/fNuLp165Wh0Q0NPf6lHyBO7FrzzEqVUcROXRu5cdxWCUYty/GrqJbO0mDYKTUwLqNRkRe7O52qscVKI6FFRt4iEe4UbERtKtsMW6WWfSwseFGOa/orFtP9mp7hmjv30vT6KLZO1Iu4Yg0zJ0rq0evTZWTp+rQXlUiTuq+lKn29u5XaOnjDD/VRimbhhc4w6LRarc4geUKyNll4oV3HKsWrWGOw1rcJj2u1jwvtzNbplHnWrVPSt+t0tkg7FWh1QpuCvE2gHSTzoG0QG6JrlxikSkEKcCju61zaOaudeGFg+sALiaITlZa2lBtLL0xMT5+Yagmnp6dvsLWkpaXKyFLTouw0j0qLOkftG5ZaAktpRvoGiS2V5rFTWrqBYu7UvvRbNXdQ/MJRILQ5DX7lKHAizX/mKBBuOQ1+7ShwIs1/7igQFrY7C37iIOgrBNzX/B7jC6HOaT7oP3UM9P1E6BgU0+IccBDJ/9khdHTUBTiH6r93APT94pOOjv8JMAC/aietN1GmkgAAAABJRU5ErkJggg== \ No newline at end of file +v0.39.5-beta +data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAXMAAAAqCAMAAAB2kksrAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyNpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQ4IDc5LjE2NDAzNiwgMjAxOS8wOC8xMy0wMTowNjo1NyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIDIxLjAgKFdpbmRvd3MpIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjY4OUM3MjlDQ0RGRjExRUFBNThGODVBNTBEMzU3REU2IiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOjY4OUM3MjlEQ0RGRjExRUFBNThGODVBNTBEMzU3REU2Ij4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6Njg5QzcyOUFDREZGMTFFQUE1OEY4NUE1MEQzNTdERTYiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6Njg5QzcyOUJDREZGMTFFQUE1OEY4NUE1MEQzNTdERTYiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz5vEDfyAAADAFBMVEUla5NISEjB1eCCqcBTiqkHXpHR0dEGcKwahMFJns5tbW09PT2EvN2EhIS6urokhLuTu9OUxeEJeLgJdbSCgoJlnr6enp4Ka6Ha2tqlpaV4eHgGbanf39/n5+c/Pz/GxsahoaE0dZrOzs46lcpYpdJpaWnR5vJ2ttpilLEEXI6RkZGizOVxcXG/v79FRUWsrKy1tbVmrdbR4uwJca0HXI2StchFmsrKysondqQEU4DB2eZiYmIEYJWy1upkq9MXgb5LS0tDQ0Pg4OCLi4sJZJkGdLKDs86iwNFGirEGVYLw9fd2dnbAwMCcnJwEWorCwsJBQUFFkbyx0OJCQkJFgKImcJuDrcW2trYYYo2jx9yXl5dHnMwmicJlZWWNjY0FaaJyn7grjsdzobuxzdwFcrAHZ502ksYIbKSvr69gYGCEtNCiyd8JWIUZdaqUlJQGZJpzsdSkzuYEYph0dHSyytgJcKuJweIwk8sIYZRGhKc1hbJDfqEHV4YRgsMCc7QBcrNRUVFUVFRVVVVSUlILfL1WVlYFdrcHeLkKe7wEdbYDdLQDdLUEdrYDdbUOf8AOgMASg8NXV1cSg8QShMQThMUAcrIGd7gOf78Nfr8Nfr4Mfb4Mfb0IebkJeroJe7sJers6OjqqqqrU1NTV1dWrq6upqak7OzvC3u6AgIB+fn4HVoTw9/uBgYHq6upMTEz19fXz8/Ph7/eHv9/09PSErMLA1N9/f3+DvNyFvt7v9Pfg6u90s9iGvt/B3e3B3e7C3+8FZ5+JiYlGm8vo6OgEVYMUXomhv9ALerkFa6YFZZuGv98HVoPW1tbg6vDD3+/B3u7g7vaEvd0FZ6CDu9wLdK8IaJ9Hm8zg7/cEWIgVaJcIWYgLb6iDr8gLeLfR3+hor9cGdbRVos/v9voEVYREmcp1qMWAudmjxdgpiL6ErcUXe7MHdrVkmbfB2+s1jsJTU1MPgMEQgcJZWVlaWlpfX19bW1tcXFxNTU1eXl5PT09QUFBYWFhdXV1OTk7///////+IfDSJAAABAHRSTlP///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////8AU/cHJQAADDlJREFUeNrsVwlUFOcdn+WQY10Vjw0ssgoiAuqCQTErHsulYmxFo9F6PDWRaIwx8Yomsa0IG+iVlB4mTVCXSwIrl0AMGq94EmOiiSbmbI42sW3aTa0NiOFH/983s7szCxhek+d7u8/fe8z3P3//md83zMwKHR01q4Zf8wT8wQ2w+TFrR4fQkbLhmmfg926BzVEdQs2oVg/B79wDm63CKk+RvPW3boLHhFHfegp+6ibYLHx7W/NbDQ/S/N/uAuEbj8FtzW89vnYXCP/1GNzW/NbjGXeB8B+PwdPugi4118TFxcUG/vCqLNFoljicQI2mJz06ja6H7M92h2eGjdg3Yphr9Gv/yH379gU4/OV/lnsSKCZhuSL+Gl579v+GcNUVSfNrwJGyMOnq94QmTqPwa7DQYc/E+J5QvI7XezjsuW7g/wa/nDf8n5ZHl4tR1EWKfpDoBSh7pSKCMkGadzfuuYDXAp67KTpprqsCgku12giao/m+mschTu6aRyPFsbVA7A+r+Z+6wRHcOWj6oDtxRBENAD5uaJg2g9Rk7jrM+Ov06AmSJ+v1ahBxRRF/Ba90N+6mOQ7hhhJJKagNVDOYtLUDb3xPkOYKfxQQKJkLUZvTEwqD2tDDYc93jTE4t2DNmjULZmCMPBwwTVjDwuewjhfNoKKtW6ehTtF8BA1rRFxUxEnX57vDzXIcQieVapPUySqTyaBWm4f3VFvdQMX2DBwY2LXmqjAMlcwSzG+XinVdMya5aB6oHJJkr7Djha4xCff5fnDxA98GTJKHL65Z43vHHWnvN+AIeUcw7v2VFzdtoZ2JlFcdweo7RHykIH0ZL7/wwvKAYbJQgN3jOUdQUSPCVfMaaPXbuGU2MaMEe7m3FyXScWEKUHqjFKVJpfQYYtlS9gKoKeV1QBJ3S5K4I8LBvk2LKklAuuMLSLiZLF+VekNBfmNoFQ8zylKIxKk8NDNJqgzkjfPlp54rIRJ1klWHyNxcKx4/Tfbpx2HNleFi2kdsOd0PD9ECsSg3zQsvy6vKla4DpGtkHX8biL7/Otg9+0Xn5g6r44bVlUIoUGAvUJBjd7KzCwpIcylRwo8pJYymtKAU47kIewvoaVTTJ6RPDWayOlIKNRHB9AYmp6QKVSUEJ/9VQMeNoQhTFRToalC1KmQIsFBBPh/oExIymM6lgAaVsvqFwJCQVVVISeKVNTU4HhFGosvO3XFNdQjg6zAmvj/wMPceBvw7izfMOuMuLtRs7p7+G8p7prkVmODF3q0iC+r6rZ4DjKGWOtSVE3JzA1D35erVP7Ei6KaakxQmRcBVc9QPrVarkkgKHD+mV2//piAewSp6/KtqcTfX/Pgx8pK4p9ZCy14NTjpTMOK5kYKiNnacz/KBqJGTs/8BFt4e4dCcQho2JJjvLFX2GkWuhvfZkS9hUwPWcWMdGjblLwISuJcALMpX4sKFcniFp5HVhDFiaDXK5RXl/E4tH+Hv2gnr1AWVlQs+xrvMjcK0SsJcWPPzKxvQwJz8/Ctz2VoZTputaBbMCpQiwqYIlOBFvr6IEn483sLUUFHhED2z2uj7I1ttUBnUsYinCsCkVidnqmeh1GxOHoqhyQQnnU2DerbeTQ8cszkVYWq9inpnIVVG/iJAjKpMeqOwMyIi80zMYiE92w5WGaxW65P16lrp7Dgc1zRPvEh/K+blM83782j/zpqTnFFfbR1A1jS8K+oS5Kr5hPJyuqWj/F01v7ey0te3UgCG5edH4tzZsVmXtlRuRGS+74f40JdAu3x2bNqlS2lbvVwGd9K8l/mmmkeoVdnmbBsVavXVpGF2KoIzsymVHcgrABY204O71CGYHC1g8prZPwc7FhlYsI1XO8iHA6MDtxN5soNiMGIZbXZmrbg7Eclt5FZHyDXfZceljRhDyxhsvLRrF2kuhUnzXUpMnx7tRXKSJczAuyMWLRpB93W5vOKujLOEx5vEaLkIskjzS/137eo/9hwbFYRxaSyf4I0LLHdBbB6QsGvRhQuTJjS5DBa2K1CEwcoAac5X0pwfe9nshSF2wwFWAYgFISjiySIl3fbqWRhNSxVicxi5A0Uy8uv0PMfg0drh2x0UwN1iKkKsLBbZeklnx7HbjgHRiKKlHD4Ddu9+B5DCwDu7lcjIyBh7P9aRlRb+MT+N8/9EP3mFbwbdsVvP+gBTOAMHWaSrOMqLGeXO67jgzJFllaLKwS6a64AHb6p5iWNziuxGVRFHiDaViyPPd9bcpkP9g8SDFk5eYu/Vychz1JpgfqpameY6s6RykayyRK75Tge2NOGBnYtxYAvZVwApClwp3KlAQsJKXx9YyRqwNWPuvVOnPuHrhUG7ZRUDxLqtwKu0zhVBVm/0FgsmMONNvNmbY6r3bFmOftp++dX0ecT5qmKskK0EsFbhF+Mlvr6EYseRgaSwG8F7JGTyfnneUeVEci1NGI1ZKk5eZu9VyckNFAiMpc+SDXaKWhwTU4OhlVXaz46j0IGV4zCysDe8Q8neRHLx4Kv0Mi3sjOkAWxLGZjAsAO7qoihUJMkQQRbpKmai8Ghh4ZsYJ6Uyspy5KcAyHvOSzsAOF83b56Pqmt25Npxd1bGba07/Gd+qRJh6onn1fIzProcmh+wQ+mCU0C4nzzbp2T6EsW6RIgLx4inRDf/dmhcKsE45j3nMTPfCZB47CK/0LuScjCbR8MvKyloRBK+VOzsX0X79nZWIIGs/9vPEYuCJnYVTcSBLgp8zR00Z61f6pdOWuGhuUyDHRk/SVtE+Vl9hs/XBaGa3jkYxLRX8yFCGMtGgn5bjpdgG+qPnuSyvFbsVoA8dLWrvYSZ9rWvFYOtwGfkGmmtrUamDWZYTZdPnTqtIG6aSVRajwkmc58QjjZiEjVncXobDfI3CMrZMPnz4AbYeXMyjtDWnnH0HgfB0Zhw+HMSWRKkoCo1+eXKQrnwdiQNL8wrpQ+mgGJ9CDY9iJLcTgb5sfeA8EhXNLprbkjX0lRx/rKKijH6SVLDLQ1lFRXw9utO8hW708VS4QVtV1knzQNC+ta5VTghDPeJNfL/KiJ12ivgrZORkHGu1DS9D7TU7kT4Yg4mJ6nUtPdA8PZreBj5cvbz3DmDk4rzFI9H0nqiWqMAhTDqYmLjfiiaBbwU5Bw8D0b68CTgkFrOig+dpK/7hork16NPEydTwZEJeXtY4YD/tZGKQlbifAB2nTM7zO4CoyYmfjgS+Q/PrlsAw6WVbq71KCsVz+/ja7jS3qXW1UsOPOmmuErsVE9pjKfKgNExrf9+PkpGPkghrNSoHkUF8q9IvI1t3mu+QIaYJB3xF863wJt7ZFP4Wc98G/sLWh6TBB8InSmHmPGn0402kOVselYqafGJ2KPC2PRF9mbx0o7f9Ov5FA09xa0eoNLjfneJEB4QcF6gsFp02IiKiTGexVOfkmCyamRGz6Eq1qZRcwo8MOq1OskwWg6ZPcXGftTYDeVqtPN9u0cwqHjJUOcGs1WqTRdNgscUOKS6O0xiqZeTVBk1cr+IhsQb1dccgvYWG9NLaLCb5aaRqlzh55Ze11Mfb54xofnL55H1zDs257+TnnzB3trd3X74rwrJTjY2nok9+ns7DjY2N43yMxqVik7f3ILY0h7OijctOSlvhwGzvuT5fUodgDGXuI0Zh2f2HD/WLPkmunzH6/kNzPtyx47IwrrGxX/jn0eLE7jXPqVZbROwxtJGbzG21yqJnOX4U1TLYG0x7pAYVORaLIi92d9pVS4uDRkKLjLxFItyjchK1qZ0znJV6dlvY8ZQcJ4yX7abfCSPDCT/uNRuNoWydaBRx2RFmTqjUYzTGsOWoVHTizFNKNNsTS5W+0c9BbR98Yv2PjaGKZmFbZ5gMer3eYJI8VaY+U7Wt3aAiWzyKNSZHfZvqHr3+HlU7sw0GZZ51G5T07QaDM9JOBXqDqk1B3qaiM8jkQecgNsTQLjFIlSopwKG4rjPNTpnSj/rG+B5NF53Q5uYV3FhxdGJMzMSl9nBMTMx6Z0tzsyimHyty9DoR2hx6hjLrV9gDK2hGzHqJbSnNa2bB9RTze2pp84rv1NxN8Wt3gdDmMfiFu8CDNP+Nu0C47jH4lbvAgzT/pbtAWNLuKfiZm6CvEHJb81uML4R6j7nRf+4e6PuZ0DE4qcUz4CaSR3UIHR31IZ6h+h/dAH2/+Kyj438CDAAsDE6KILR99wAAAABJRU5ErkJggg== \ No newline at end of file diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/China.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/China.yaml index 6c9af74f72..f09a433cf1 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/China.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/China.yaml @@ -207,63 +207,6 @@ payload: - DOMAIN-SUFFIX,springsunday.net - DOMAIN-SUFFIX,tjupt.org - DOMAIN-SUFFIX,totheglory.im - # > Scholar - - DOMAIN-SUFFIX,acm.org - - DOMAIN-SUFFIX,acs.org - - DOMAIN-SUFFIX,aip.org - - DOMAIN-SUFFIX,ams.org - - DOMAIN-SUFFIX,annualreviews.org - - DOMAIN-SUFFIX,aps.org - - DOMAIN-SUFFIX,ascelibrary.org - - DOMAIN-SUFFIX,asm.org - - DOMAIN-SUFFIX,asme.org - - DOMAIN-SUFFIX,astm.org - - DOMAIN-SUFFIX,bmj.com - - DOMAIN-SUFFIX,cambridge.org - - DOMAIN-SUFFIX,cas.org - - DOMAIN-SUFFIX,clarivate.com - - DOMAIN-SUFFIX,ebscohost.com - - DOMAIN-SUFFIX,emerald.com - - DOMAIN-SUFFIX,engineeringvillage.com - - DOMAIN-SUFFIX,icevirtuallibrary.com - - DOMAIN-SUFFIX,ieee.org - - DOMAIN-SUFFIX,imf.org - - DOMAIN-SUFFIX,iop.org - - DOMAIN-SUFFIX,jamanetwork.com - - DOMAIN-SUFFIX,jhu.edu - - DOMAIN-SUFFIX,jstor.org - - DOMAIN-SUFFIX,karger.com - - DOMAIN-SUFFIX,libguides.com - - DOMAIN-SUFFIX,madsrevolution.net - - DOMAIN-SUFFIX,mpg.de - - DOMAIN-SUFFIX,myilibrary.com - - DOMAIN-SUFFIX,nature.com - - DOMAIN-SUFFIX,oecd-ilibrary.org - - DOMAIN-SUFFIX,osapublishing.org - - DOMAIN-SUFFIX,oup.com - - DOMAIN-SUFFIX,ovid.com - - DOMAIN-SUFFIX,oxfordartonline.com - - DOMAIN-SUFFIX,oxfordbibliographies.com - - DOMAIN-SUFFIX,oxfordmusiconline.com - - DOMAIN-SUFFIX,pnas.org - - DOMAIN-SUFFIX,proquest.com - - DOMAIN-SUFFIX,rsc.org - - DOMAIN-SUFFIX,sagepub.com - - DOMAIN-SUFFIX,sciencedirect.com - - DOMAIN-SUFFIX,sciencemag.org - - DOMAIN-SUFFIX,scopus.com - - DOMAIN-SUFFIX,siam.org - - DOMAIN-SUFFIX,spiedigitallibrary.org - - DOMAIN-SUFFIX,springer.com - - DOMAIN-SUFFIX,springerlink.com - - DOMAIN-SUFFIX,tandfonline.com - - DOMAIN-SUFFIX,un.org - - DOMAIN-SUFFIX,uni-bielefeld.de - - DOMAIN-SUFFIX,webofknowledge.com - - DOMAIN-SUFFIX,westlaw.com - - DOMAIN-SUFFIX,wiley.com - - DOMAIN-SUFFIX,worldbank.org - - DOMAIN-SUFFIX,worldscientific.com # > Other - DOMAIN-SUFFIX,cn # - DOMAIN-SUFFIX,vmware.com diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/ChinaIP.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/ChinaIP.yaml index d0a447c381..816d5dada3 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/ChinaIP.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/ChinaIP.yaml @@ -13,8 +13,7 @@ payload: - '1.1.32.0/19' - '1.2.0.0/23' - '1.2.2.0/24' - - '1.2.5.0/24' - - '1.2.6.0/23' + - '1.2.4.0/22' - '1.2.8.0/21' - '1.2.16.0/20' - '1.2.32.0/19' @@ -27,21 +26,7 @@ payload: - '1.4.16.0/20' - '1.4.32.0/19' - '1.4.64.0/18' - - '1.8.0.0/18' - - '1.8.64.0/19' - - '1.8.96.0/22' - - '1.8.100.0/23' - - '1.8.112.0/20' - - '1.8.128.0/20' - - '1.8.144.0/22' - - '1.8.148.0/23' - - '1.8.154.0/23' - - '1.8.156.0/22' - - '1.8.160.0/19' - - '1.8.192.0/19' - - '1.8.224.0/20' - - '1.8.244.0/22' - - '1.8.248.0/21' + - '1.8.0.0/16' - '1.10.0.0/21' - '1.10.8.0/23' - '1.10.11.0/24' @@ -73,13 +58,12 @@ payload: - '1.192.0.0/13' - '1.202.0.0/15' - '1.204.0.0/14' - - '2.20.54.23/32' - '3.5.214.0/23' - '3.5.216.0/24' - '8.128.0.0/10' - '8.209.36.0/22' - '8.209.40.0/21' - - '8.211.0.0/16' + - '8.211.128.0/17' - '8.212.0.0/14' - '8.216.0.0/13' - '14.0.0.0/21' @@ -101,16 +85,18 @@ payload: - '14.196.0.0/15' - '14.204.0.0/15' - '14.208.0.0/12' + - '15.230.41.0/24' - '20.62.0.0/24' - '20.81.0.0/24' - - '20.134.160.0/20' - '20.139.160.0/20' - '20.249.255.0/24' - '20.251.0.0/22' - '23.236.64.0/25' - '23.236.64.128/26' - '23.236.64.192/27' - - '27.0.128.0/21' + - '27.0.128.0/22' + - '27.0.132.0/24' + - '27.0.134.0/23' - '27.0.160.0/21' - '27.0.188.0/22' - '27.0.204.0/22' @@ -597,8 +583,7 @@ payload: - '45.87.54.0/23' - '45.112.132.0/22' - '45.112.188.0/22' - - '45.112.208.0/22' - - '45.112.216.0/21' + - '45.112.208.0/20' - '45.112.228.0/22' - '45.112.232.0/21' - '45.113.12.0/22' @@ -793,7 +778,6 @@ payload: - '45.253.96.0/20' - '45.253.112.0/21' - '45.253.120.0/22' - - '45.253.130.0/23' - '45.253.132.0/22' - '45.253.136.0/21' - '45.253.144.0/20' @@ -811,7 +795,6 @@ payload: - '45.254.192.0/19' - '45.254.224.0/21' - '45.254.236.0/22' - - '45.254.240.0/22' - '45.254.248.0/22' - '45.255.0.0/18' - '45.255.64.0/19' @@ -955,6 +938,9 @@ payload: - '61.236.0.0/15' - '61.240.0.0/14' - '62.234.0.0/16' + - '64.188.38.0/23' + - '64.188.40.0/22' + - '64.188.44.0/23' - '68.79.0.0/18' - '69.230.192.0/18' - '69.231.128.0/18' @@ -967,12 +953,9 @@ payload: - '72.163.240.0/23' - '72.163.248.0/22' - '81.68.0.0/14' - - '81.161.63.0/24' - '82.156.0.0/15' - '87.254.207.0/24' - - '91.223.53.0/24' - - '91.234.36.0/24' - - '91.239.190.0/24' + - '89.19.34.0/23' - '93.183.14.0/24' - '93.183.18.0/24' - '94.191.0.0/17' @@ -1107,10 +1090,8 @@ payload: - '103.5.192.0/22' - '103.5.252.0/22' - '103.6.76.0/22' - - '103.6.108.0/22' - '103.6.120.0/22' - '103.6.220.0/22' - - '103.6.228.0/22' - '103.7.140.0/22' - '103.7.212.0/22' - '103.7.216.0/21' @@ -1767,7 +1748,8 @@ payload: - '103.93.204.0/22' - '103.94.12.0/22' - '103.94.20.0/22' - - '103.94.28.0/22' + - '103.94.29.0/24' + - '103.94.30.0/23' - '103.94.32.0/20' - '103.94.72.0/22' - '103.94.88.0/22' @@ -1956,7 +1938,6 @@ payload: - '103.116.92.0/22' - '103.116.120.0/22' - '103.116.128.0/22' - - '103.116.150.0/23' - '103.116.184.0/22' - '103.116.220.0/22' - '103.116.224.0/21' @@ -2089,7 +2070,6 @@ payload: - '103.142.156.0/23' - '103.142.180.0/23' - '103.142.186.0/23' - - '103.142.221.0/24' - '103.142.230.0/24' - '103.142.234.0/23' - '103.142.238.0/23' @@ -2105,11 +2085,9 @@ payload: - '103.144.72.0/23' - '103.144.136.0/23' - '103.144.158.0/23' - - '103.145.40.0/22' - - '103.145.80.0/23' + - '103.145.42.0/23' - '103.145.92.0/22' - '103.145.98.0/23' - - '103.145.107.0/24' - '103.145.188.0/23' - '103.146.6.0/23' - '103.146.72.0/23' @@ -2137,13 +2115,31 @@ payload: - '103.150.72.0/23' - '103.150.122.0/23' - '103.150.126.0/23' - - '103.150.128.0/22' + - '103.150.128.0/23' + - '103.150.131.0/24' - '103.150.146.0/23' - '103.150.164.0/23' - - '103.150.172.0/23' - '103.150.200.0/23' - - '103.150.210.0/23' - '103.150.216.0/23' + - '103.150.244.0/23' + - '103.151.142.0/23' + - '103.151.148.0/22' + - '103.151.158.0/23' + - '103.151.178.0/23' + - '103.151.206.0/23' + - '103.151.216.0/23' + - '103.151.228.0/23' + - '103.152.14.0/23' + - '103.152.24.0/23' + - '103.152.28.0/22' + - '103.152.76.0/23' + - '103.152.80.0/23' + - '103.152.98.0/23' + - '103.152.112.0/23' + - '103.152.120.0/22' + - '103.152.132.0/23' + - '103.152.152.0/23' + - '103.152.168.0/23' - '103.192.0.0/19' - '103.192.48.0/21' - '103.192.56.0/22' @@ -2193,8 +2189,6 @@ payload: - '103.198.180.0/22' - '103.198.196.0/22' - '103.198.200.0/22' - - '103.198.216.0/21' - - '103.198.224.0/20' - '103.199.164.0/22' - '103.199.196.0/22' - '103.199.228.0/22' @@ -2348,8 +2342,7 @@ payload: - '103.217.192.0/20' - '103.218.8.0/21' - '103.218.16.0/21' - - '103.218.29.0/24' - - '103.218.30.0/23' + - '103.218.28.0/22' - '103.218.32.0/19' - '103.218.64.0/19' - '103.218.192.0/20' @@ -2380,7 +2373,10 @@ payload: - '103.220.252.0/22' - '103.221.0.0/19' - '103.221.32.0/21' - - '103.221.88.0/21' + - '103.221.44.0/22' + - '103.221.88.0/22' + - '103.221.92.0/23' + - '103.221.95.0/24' - '103.221.96.0/19' - '103.221.128.0/18' - '103.221.192.0/20' @@ -2656,7 +2652,6 @@ payload: - '103.255.200.0/22' - '103.255.208.0/22' - '103.255.228.0/22' - - '104.222.196.0/24' - '106.0.0.0/24' - '106.0.2.0/23' - '106.0.4.0/22' @@ -3122,11 +3117,9 @@ payload: - '117.128.0.0/10' - '118.24.0.0/15' - '118.26.0.0/19' - - '118.26.36.0/22' - '118.26.40.0/21' - '118.26.48.0/20' - '118.26.64.0/19' - - '118.26.104.0/21' - '118.26.112.0/20' - '118.26.128.0/17' - '118.28.0.0/15' @@ -3184,7 +3177,6 @@ payload: - '118.188.0.0/16' - '118.190.0.0/16' - '118.191.0.0/20' - - '118.191.24.0/21' - '118.191.32.0/19' - '118.191.64.0/18' - '118.191.144.0/21' @@ -3377,7 +3369,18 @@ payload: - '121.58.136.0/21' - '121.58.144.0/20' - '121.58.160.0/21' - - '121.59.0.0/16' + - '121.59.0.0/20' + - '121.59.16.0/21' + - '121.59.24.0/22' + - '121.59.28.0/24' + - '121.59.31.0/24' + - '121.59.33.0/24' + - '121.59.34.0/23' + - '121.59.36.0/22' + - '121.59.40.0/21' + - '121.59.48.0/20' + - '121.59.64.0/18' + - '121.59.128.0/17' - '121.60.0.0/14' - '121.68.0.0/14' - '121.76.0.0/15' @@ -3404,8 +3407,7 @@ payload: - '122.10.216.0/22' - '122.10.228.0/22' - '122.10.232.0/21' - - '122.10.240.0/21' - - '122.10.250.0/23' + - '122.10.240.0/22' - '122.11.0.0/17' - '122.12.0.0/15' - '122.14.0.0/17' @@ -3640,7 +3642,6 @@ payload: - '131.253.12.0/29' - '131.253.12.80/28' - '131.253.12.240/29' - - '132.159.251.0/24' - '132.232.0.0/16' - '132.237.134.0/24' - '134.175.0.0/16' @@ -3692,8 +3693,6 @@ payload: - '139.198.72.0/21' - '139.198.80.0/20' - '139.198.96.0/20' - - '139.198.113.0/24' - - '139.198.114.0/23' - '139.198.116.0/22' - '139.198.122.0/23' - '139.198.124.0/22' @@ -3719,14 +3718,7 @@ payload: - '140.101.208.0/24' - '140.143.0.0/16' - '140.179.0.0/16' - - '140.205.0.0/18' - - '140.205.64.0/19' - - '140.205.96.0/20' - - '140.205.112.0/21' - - '140.205.120.0/23' - - '140.205.123.0/24' - - '140.205.124.0/22' - - '140.205.128.0/17' + - '140.205.0.0/16' - '140.206.0.0/15' - '140.210.0.0/16' - '140.224.0.0/16' @@ -3739,6 +3731,8 @@ payload: - '140.249.0.0/16' - '140.250.0.0/16' - '140.255.0.0/16' + - '142.70.0.0/16' + - '142.86.0.0/16' - '144.0.0.0/16' - '144.7.0.0/16' - '144.12.0.0/16' @@ -3843,7 +3837,14 @@ payload: - '157.148.0.0/16' - '157.156.0.0/16' - '157.255.0.0/16' - - '158.116.80.0/22' + - '158.79.0.0/24' + - '158.79.2.0/23' + - '158.79.4.0/22' + - '158.79.8.0/21' + - '158.79.16.0/20' + - '158.79.32.0/19' + - '158.79.64.0/18' + - '158.79.128.0/17' - '159.75.0.0/16' - '159.221.232.0/22' - '159.226.0.0/16' @@ -3861,6 +3862,7 @@ payload: - '160.202.216.0/21' - '160.202.224.0/19' - '160.238.64.0/22' + - '161.120.0.0/16' - '161.163.0.0/21' - '161.163.28.0/23' - '161.163.176.0/24' @@ -3868,7 +3870,13 @@ payload: - '161.163.180.0/22' - '161.189.0.0/16' - '161.207.0.0/16' - - '162.14.0.0/16' + - '162.14.0.0/21' + - '162.14.12.0/22' + - '162.14.20.0/22' + - '162.14.24.0/21' + - '162.14.32.0/19' + - '162.14.64.0/18' + - '162.14.128.0/17' - '162.105.0.0/16' - '163.0.0.0/16' - '163.47.4.0/22' @@ -3925,7 +3933,6 @@ payload: - '171.104.0.0/13' - '171.112.0.0/12' - '171.208.0.0/12' - - '172.60.2.0/24' - '172.81.192.0/18' - '173.39.200.0/23' - '175.0.0.0/12' @@ -4002,15 +4009,16 @@ payload: - '180.210.236.0/22' - '180.212.0.0/15' - '180.222.224.0/19' - - '180.223.0.0/19' - - '180.223.32.0/20' - - '180.223.48.0/21' - - '180.223.57.0/24' - - '180.223.58.0/23' - - '180.223.60.0/22' + - '180.223.0.0/18' - '180.223.80.0/20' - '180.223.96.0/19' - - '180.223.128.0/17' + - '180.223.129.0/24' + - '180.223.130.0/23' + - '180.223.132.0/22' + - '180.223.136.0/21' + - '180.223.144.0/20' + - '180.223.160.0/19' + - '180.223.192.0/18' - '180.233.0.0/18' - '180.233.64.0/19' - '180.233.144.0/22' @@ -4047,14 +4055,14 @@ payload: - '182.238.0.0/16' - '182.239.0.0/19' - '182.240.0.0/13' - - '182.254.0.0/17' - - '182.254.128.0/18' - - '182.254.192.0/19' - - '182.254.224.0/20' - - '182.254.240.0/21' - - '182.254.248.0/23' - - '182.254.251.0/24' - - '182.254.252.0/22' + - '182.254.0.0/18' + - '182.254.64.0/19' + - '182.254.96.0/20' + - '182.254.112.0/22' + - '182.254.117.0/24' + - '182.254.119.0/24' + - '182.254.120.0/21' + - '182.254.128.0/17' - '183.0.0.0/10' - '183.64.0.0/13' - '183.78.160.0/21' @@ -4073,7 +4081,10 @@ payload: - '183.184.0.0/13' - '183.192.0.0/10' - '185.109.236.0/24' - - '185.216.118.0/24' + - '185.216.118.0/26' + - '185.216.118.64/27' + - '185.216.118.112/28' + - '185.216.118.128/25' - '188.131.128.0/17' - '192.11.23.0/24' - '192.11.26.0/24' @@ -4096,12 +4107,9 @@ payload: - '192.144.128.0/17' - '192.163.11.0/24' - '192.232.97.0/24' - - '193.9.22.0/24' - '193.17.120.0/22' - '193.20.64.0/22' - - '193.32.54.0/24' - '193.112.0.0/16' - - '193.143.92.0/24' - '193.200.196.0/24' - '193.200.222.160/28' - '194.138.136.0/24' @@ -4733,8 +4741,6 @@ payload: - '203.12.66.0/24' - '203.12.70.0/23' - '203.12.87.0/24' - - '203.12.90.0/24' - - '203.12.92.0/22' - '203.12.100.0/23' - '203.12.103.0/24' - '203.12.114.0/24' @@ -4926,7 +4932,9 @@ payload: - '203.22.182.0/30' - '203.22.182.6/31' - '203.22.182.8/29' - - '203.22.182.16/28' + - '203.22.182.18/31' + - '203.22.182.20/30' + - '203.22.182.24/29' - '203.22.182.32/27' - '203.22.182.64/26' - '203.22.182.128/25' @@ -5380,8 +5388,7 @@ payload: - '203.83.12.0/22' - '203.83.56.0/21' - '203.83.224.0/20' - - '203.86.0.0/18' - - '203.86.64.0/19' + - '203.86.0.0/17' - '203.86.250.0/24' - '203.86.254.0/23' - '203.88.32.0/19' @@ -5441,7 +5448,9 @@ payload: - '203.118.192.0/19' - '203.118.241.0/24' - '203.118.248.0/22' - - '203.119.24.0/23' + - '203.119.24.0/22' + - '203.119.28.0/23' + - '203.119.30.0/24' - '203.119.32.0/24' - '203.119.34.0/23' - '203.119.80.0/22' @@ -5454,8 +5463,16 @@ payload: - '203.128.32.0/19' - '203.128.96.0/19' - '203.128.128.0/24' - - '203.128.224.0/21' + - '203.128.225.0/24' + - '203.128.226.0/23' + - '203.128.228.0/22' - '203.130.32.0/20' + - '203.130.49.0/24' + - '203.130.51.0/24' + - '203.130.53.0/24' + - '203.130.54.0/23' + - '203.130.56.0/22' + - '203.130.60.0/23' - '203.132.32.0/19' - '203.134.240.0/22' - '203.134.246.0/23' @@ -5464,6 +5481,7 @@ payload: - '203.142.12.0/23' - '203.142.219.0/24' - '203.142.224.0/19' + - '203.144.96.0/19' - '203.145.0.0/19' - '203.148.0.0/18' - '203.148.64.0/20' @@ -5519,7 +5537,6 @@ payload: - '203.195.64.0/19' - '203.195.128.0/17' - '203.196.0.0/21' - - '203.196.10.0/23' - '203.196.12.0/22' - '203.196.28.0/22' - '203.201.181.0/24' @@ -5605,7 +5622,6 @@ payload: - '211.144.0.0/13' - '211.152.0.0/17' - '211.152.134.0/23' - - '211.152.138.0/23' - '211.152.140.0/22' - '211.152.150.0/23' - '211.152.157.0/24' @@ -5628,8 +5644,7 @@ payload: - '211.155.100.0/22' - '211.155.104.0/21' - '211.155.113.0/24' - - '211.155.117.0/24' - - '211.155.118.0/23' + - '211.155.116.0/22' - '211.155.120.0/21' - '211.155.128.0/17' - '211.156.0.0/18' @@ -5670,11 +5685,7 @@ payload: - '218.64.0.0/11' - '218.96.0.0/15' - '218.98.0.0/18' - - '218.98.96.0/21' - - '218.98.104.0/22' - - '218.98.108.0/23' - - '218.98.110.0/24' - - '218.98.112.0/20' + - '218.98.96.0/19' - '218.98.128.0/19' - '218.98.192.0/18' - '218.99.0.0/16' @@ -5742,7 +5753,9 @@ payload: - '220.231.128.0/17' - '220.232.64.0/18' - '220.234.0.0/16' - - '220.242.0.0/24' + - '220.242.0.0/23' + - '220.242.6.0/24' + - '220.242.8.0/24' - '220.242.12.0/23' - '220.242.14.0/24' - '220.242.17.0/24' @@ -5761,20 +5774,42 @@ payload: - '220.242.120.0/22' - '220.242.124.0/23' - '220.242.126.0/24' + - '220.242.134.0/23' - '220.242.173.0/24' + - '220.242.183.0/24' - '220.242.197.0/24' - '220.242.205.0/24' - '220.242.207.0/24' - - '220.242.215.0/24' - '220.242.216.0/21' - '220.242.224.0/19' - '220.243.0.0/17' - '220.243.128.0/18' + - '220.243.192.0/23' + - '220.243.194.0/24' + - '220.243.196.0/24' + - '220.243.198.0/23' + - '220.243.201.0/24' - '220.243.204.0/24' - '220.243.214.0/24' - - '220.243.217.0/24' + - '220.243.216.0/23' - '220.243.218.0/24' - - '220.243.238.0/24' + - '220.243.220.0/23' + - '220.243.223.0/24' + - '220.243.225.0/24' + - '220.243.226.0/23' + - '220.243.229.0/24' + - '220.243.230.0/24' + - '220.243.233.0/24' + - '220.243.234.0/23' + - '220.243.237.0/24' + - '220.243.238.0/23' + - '220.243.243.0/24' + - '220.243.244.0/24' + - '220.243.246.0/23' + - '220.243.249.0/24' + - '220.243.250.0/24' + - '220.243.252.0/24' + - '220.243.254.0/23' - '220.247.136.0/21' - '220.248.0.0/14' - '220.252.0.0/16' diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Global.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Global.yaml index 2fc7e1e128..69ad117a46 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Global.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Global.yaml @@ -16,6 +16,8 @@ payload: - DOMAIN,az668014.vo.msecnd.net # > Facebook - DOMAIN-SUFFIX,cdninstagram.com + - DOMAIN-SUFFIX,facebook.com + - DOMAIN-SUFFIX,facebook.net - DOMAIN-SUFFIX,fb.com - DOMAIN-SUFFIX,fb.me - DOMAIN-SUFFIX,fbaddins.com @@ -30,7 +32,6 @@ payload: - DOMAIN-SUFFIX,rocksdb.org - DOMAIN-SUFFIX,whatsapp.com - DOMAIN-SUFFIX,whatsapp.net - - DOMAIN-KEYWORD,facebook # > Twitter - DOMAIN-SUFFIX,pscp.tv - DOMAIN-SUFFIX,periscope.tv @@ -38,8 +39,8 @@ payload: - DOMAIN-SUFFIX,twimg.co - DOMAIN-SUFFIX,twimg.com - DOMAIN-SUFFIX,twitpic.com + - DOMAIN-SUFFIX,twitter.com - DOMAIN-SUFFIX,vine.co - - DOMAIN-KEYWORD,twitter # > Telegram - DOMAIN-SUFFIX,telegra.ph - DOMAIN-SUFFIX,telegram.org @@ -74,6 +75,7 @@ payload: - DOMAIN-SUFFIX,abc.net.au - DOMAIN-SUFFIX,abebooks.com - DOMAIN-SUFFIX,amazon.co.jp + - DOMAIN-SUFFIX,ao3.org - DOMAIN-SUFFIX,apigee.com - DOMAIN-SUFFIX,apkcombo.com - DOMAIN-SUFFIX,apk-dl.com @@ -84,6 +86,7 @@ payload: - DOMAIN-SUFFIX,aptoide.com - DOMAIN-SUFFIX,archive.is - DOMAIN-SUFFIX,archive.org + - DOMAIN-SUFFIX,archiveofourown.com - DOMAIN-SUFFIX,archiveofourown.org - DOMAIN-SUFFIX,arte.tv - DOMAIN-SUFFIX,artstation.com @@ -99,6 +102,7 @@ payload: - DOMAIN-SUFFIX,bibox.com - DOMAIN-SUFFIX,biggo.com.tw - DOMAIN-SUFFIX,binance.com + - DOMAIN-SUFFIX,bit.ly - DOMAIN-SUFFIX,bitcointalk.org - DOMAIN-SUFFIX,bitfinex.com - DOMAIN-SUFFIX,bitmex.com @@ -187,6 +191,9 @@ payload: - DOMAIN-SUFFIX,gate.io - DOMAIN-SUFFIX,getlantern.org - DOMAIN-SUFFIX,getsync.com + - DOMAIN-SUFFIX,github.com + - DOMAIN-SUFFIX,github.io + - DOMAIN-SUFFIX,githubusercontent.com - DOMAIN-SUFFIX,globalvoices.org - DOMAIN-SUFFIX,goo.ne.jp - DOMAIN-SUFFIX,goodreads.com @@ -204,12 +211,14 @@ payload: - DOMAIN-SUFFIX,hket.com - DOMAIN-SUFFIX,hootsuite.com - DOMAIN-SUFFIX,hudson.org + - DOMAIN-SUFFIX,huffpost.com - DOMAIN-SUFFIX,hyread.com.tw - DOMAIN-SUFFIX,ibtimes.com - DOMAIN-SUFFIX,i-cable.com - DOMAIN-SUFFIX,icij.org - DOMAIN-SUFFIX,icoco.com - DOMAIN-SUFFIX,imgur.com + - DOMAIN-SUFFIX,independent.co.uk - DOMAIN-SUFFIX,initiummall.com - DOMAIN-SUFFIX,inoreader.com - DOMAIN-SUFFIX,insecam.org @@ -228,6 +237,7 @@ payload: - DOMAIN-SUFFIX,kakaocorp.com - DOMAIN-SUFFIX,kik.com - DOMAIN-SUFFIX,kingkong.com.tw + - DOMAIN-SUFFIX,knowyourmeme.com - DOMAIN-SUFFIX,kobo.com - DOMAIN-SUFFIX,kobobooks.com - DOMAIN-SUFFIX,kodingen.com @@ -257,12 +267,15 @@ payload: - DOMAIN-SUFFIX,nanyang.com - DOMAIN-SUFFIX,nationalinterest.org - DOMAIN-SUFFIX,naver.com + - DOMAIN-SUFFIX,nbcnews.com + - DOMAIN-SUFFIX,ndr.de - DOMAIN-SUFFIX,neowin.net - DOMAIN-SUFFIX,newstapa.org - DOMAIN-SUFFIX,nexitally.com - DOMAIN-SUFFIX,nhk.or.jp - DOMAIN-SUFFIX,nii.ac.jp - DOMAIN-SUFFIX,nikkei.com + - DOMAIN-SUFFIX,nitter.net - DOMAIN-SUFFIX,nofile.io - DOMAIN-SUFFIX,notion.so - DOMAIN-SUFFIX,now.com @@ -308,6 +321,7 @@ payload: - DOMAIN-SUFFIX,quora.com - DOMAIN-SUFFIX,quoracdn.net - DOMAIN-SUFFIX,qz.com + - DOMAIN-SUFFIX,radio.garden - DOMAIN-SUFFIX,rakuten.co.jp - DOMAIN-SUFFIX,rarbgprx.org - DOMAIN-SUFFIX,readingtimes.com.tw @@ -329,8 +343,10 @@ payload: - DOMAIN-SUFFIX,shadowsocks.org - DOMAIN-SUFFIX,shindanmaker.com - DOMAIN-SUFFIX,shopee.tw + - DOMAIN-SUFFIX,sina.com.hk - DOMAIN-SUFFIX,slideshare.net - DOMAIN-SUFFIX,softfamous.com + - DOMAIN-SUFFIX,spiegel.de - DOMAIN-SUFFIX,ssrcloud.org - DOMAIN-SUFFIX,startpage.com - DOMAIN-SUFFIX,steamcommunity.com @@ -348,6 +364,7 @@ payload: - DOMAIN-SUFFIX,theinitium.com - DOMAIN-SUFFIX,themoviedb.org - DOMAIN-SUFFIX,thetvdb.com + - DOMAIN-SUFFIX,time.com - DOMAIN-SUFFIX,tineye.com - DOMAIN-SUFFIX,tiny.cc - DOMAIN-SUFFIX,tinyurl.com @@ -414,8 +431,8 @@ payload: - DOMAIN,s3-ap-northeast-1.amazonaws.com - DOMAIN,s3-ap-southeast-2.amazonaws.com - DOMAIN,search.avira.com + - DOMAIN,us.weibo.com - - DOMAIN-KEYWORD,github - DOMAIN-KEYWORD,jav - DOMAIN-KEYWORD,pinterest - DOMAIN-KEYWORD,porn @@ -476,10 +493,19 @@ payload: - DOMAIN-SUFFIX,tdesktop.com - DOMAIN-SUFFIX,telegram.me - DOMAIN-SUFFIX,telesco.pe + # > Facebook + - DOMAIN-SUFFIX,facebook.br + - DOMAIN-SUFFIX,facebook.design + - DOMAIN-SUFFIX,facebook.hu + - DOMAIN-SUFFIX,facebook.in + - DOMAIN-SUFFIX,facebook.nl + - DOMAIN-SUFFIX,facebook.se + - DOMAIN-SUFFIX,facebookmail.com # > Others - DOMAIN-SUFFIX,noxinfluencer.com - DOMAIN-SUFFIX,smartmailcloud.com - DOMAIN-SUFFIX,weebly.com + - DOMAIN-SUFFIX,twitter.jp # (Region-Restricted Access Denied) # ---(Apple)--- @@ -508,7 +534,7 @@ payload: # (Network Jitter) # > Fix download or update is stuck in App Store,and when change the Apple ID region,the payment information can be selected by none. - DOMAIN-KEYWORD,buy.itunes.apple.com - # - DOMAIN-SUFFIX,evernote.com + - DOMAIN-SUFFIX,cloudcone.com.cn - DOMAIN-SUFFIX,inkbunny.net - DOMAIN-SUFFIX,metapix.net - DOMAIN-SUFFIX,s3.amazonaws.com diff --git a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Streaming.yaml b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Streaming.yaml index 562df3ec2c..71f8e847d7 100644 --- a/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Streaming.yaml +++ b/package/ctcgfw/luci-app-openclash/files/etc/openclash/rule_provider/Streaming.yaml @@ -10,8 +10,8 @@ payload: - DOMAIN-SUFFIX,deezer.com - DOMAIN-SUFFIX,dzcdn.net # > JOOX - # USER-AGENT,WeMusic* # USER-AGENT,JOOX* + # USER-AGENT,WeMusic* - DOMAIN-SUFFIX,joox.com - DOMAIN-KEYWORD,jooxweb-api # > KKBOX @@ -96,6 +96,10 @@ payload: - DOMAIN-SUFFIX,dssott.com - DOMAIN,cdn.registerdisney.go.com - DOMAIN,global.edge.bamgrid.com + # > DMM + - DOMAIN-SUFFIX,dmm.co.jp + - DOMAIN-SUFFIX,dmm.com + - DOMAIN-SUFFIX,dmm-extension.com # > encoreTVB # USER-AGENT,encoreTVB* - DOMAIN-SUFFIX,encoretvb.com @@ -148,6 +152,7 @@ payload: - DOMAIN-SUFFIX,hulustream.com # > Hulu / フールー - DOMAIN-SUFFIX,happyon.jp + - DOMAIN-SUFFIX,hjholdings.jp - DOMAIN-SUFFIX,hulu.jp # > ITV # USER-AGENT,ITV_Player* @@ -229,16 +234,18 @@ payload: # USER-AGENT,TikTok* - DOMAIN-SUFFIX,byteoversea.com - DOMAIN-SUFFIX,ibytedtos.com + - DOMAIN-SUFFIX,ipstatp.com - DOMAIN-SUFFIX,muscdn.com - DOMAIN-SUFFIX,musical.ly + - DOMAIN-SUFFIX,tiktok.com - DOMAIN-SUFFIX,tiktokcdn.com - DOMAIN-SUFFIX,tiktokv.com - DOMAIN-KEYWORD,-tiktokcdn-com # > Twitch + - DOMAIN-SUFFIX,jtvnw.net + - DOMAIN-SUFFIX,ttvnw.net - DOMAIN-SUFFIX,twitch.tv - DOMAIN-SUFFIX,twitchcdn.net - - DOMAIN-SUFFIX,ttvnw.net - - DOMAIN-SUFFIX,jtvnw.net # > ViuTV # USER-AGENT,Viu* - DOMAIN-SUFFIX,viu.com diff --git a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/controller/openclash.lua b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/controller/openclash.lua index b3778f1be6..0c64e280c6 100644 --- a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/controller/openclash.lua +++ b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/controller/openclash.lua @@ -25,6 +25,7 @@ function index() entry({"admin", "services", "openclash", "ping"}, call("act_ping")) entry({"admin", "services", "openclash", "download_rule"}, call("action_download_rule")) entry({"admin", "services", "openclash", "restore"}, call("action_restore_config")) + entry({"admin", "services", "openclash", "switch_mode"}, call("action_switch_mode")) entry({"admin", "services", "openclash", "settings"},cbi("openclash/settings"),_("Global Settings"), 30).leaf = true entry({"admin", "services", "openclash", "servers"},cbi("openclash/servers"),_("Severs and Groups"), 40).leaf = true entry({"admin", "services", "openclash", "rule-providers-settings"},cbi("openclash/rule-providers-settings"),_("Rule Providers and Groups"), 50).leaf = true @@ -213,6 +214,22 @@ function action_restore_config() luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_rules_2.list' '/etc/openclash/custom/openclash_custom_rules_2.list' >/dev/null 2>&1 &") luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_fake_black.conf' '/etc/openclash/custom/openclash_custom_fake_black.conf' >/dev/null 2>&1 &") luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_hosts.list' '/etc/openclash/custom/openclash_custom_hosts.list' >/dev/null 2>&1 &") + luci.sys.call("cp '/usr/share/openclash/backup/openclash_custom_domain_dns.list' '/etc/openclash/custom/openclash_custom_domain_dns.list' >/dev/null 2>&1 &") +end + +function action_switch_mode() + local switch_mode = luci.sys.exec("uci get openclash.config.operation_mode 2>/dev/null") + if switch_mode == "redir-host\n" then + switch_mode = "redir-host" + luci.sys.call("uci set openclash.config.operation_mode=fake-ip >/dev/null 2>&1 && uci commit openclash") + else + switch_mode = "fake-ip" + luci.sys.call("uci set openclash.config.operation_mode=redir-host >/dev/null 2>&1 && uci commit openclash") + end + luci.http.prepare_content("application/json") + luci.http.write_json({ + switch_mode = switch_mode; + }) end function action_status() diff --git a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/model/cbi/openclash/settings.lua b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/model/cbi/openclash/settings.lua index 6b3cff5366..167cef1f8f 100644 --- a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/model/cbi/openclash/settings.lua +++ b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/model/cbi/openclash/settings.lua @@ -36,13 +36,6 @@ s:tab("geo_update", translate("GEOIP Update")) s:tab("version_update", translate("Version Update")) s:tab("debug", translate("Debug Logs")) ----- Operation Mode -o = s:taboption("op_mode", ListValue, "operation_mode", font_red..bold_on..translate("Select Operation Mode")..bold_off..font_off) -o.description = translate("Select Mode For Page Settings, Switch By Click the Button Bellow") -o:value("redir-host", translate("redir-host mode")) -o:value("fake-ip", translate("fake-ip mode")) -o.default = "redir-host" - o = s:taboption("op_mode", ListValue, "en_mode", font_red..bold_on..translate("Select Mode")..bold_off..font_off) o.description = translate("Select Mode For OpenClash Work, Try Flush DNS Cache If Network Error") if op_mode == "redir-host" then @@ -81,14 +74,19 @@ o:value("direct", translate("Direct Proxy Mode")) o:value("script", translate("Script Proxy Mode (Tun Core Only)")) o.default = "rule" -o = s:taboption("op_mode", Button, translate("Switch Operation Mode")) -o.title = translate("Switch Operation Mode") -o.inputtitle = translate("Switch Mode") -o.inputstyle = "reload" -o.write = function() - m.uci:commit("openclash") - HTTP.redirect(DISP.build_url("admin", "services", "openclash", "settings")) -end +o = s:taboption("op_mode", ListValue, "china_ip_route", font_red..bold_on..translate("China IP Route")..bold_off..font_off) +o.description = translate("Bypass The China Network Flows, Improve Performance") +o:value("0", translate("Disable")) +o:value("1", translate("Enable")) +o.default = "0" +o:depends("en_mode", "redir-host") +o:depends("en_mode", "redir-host-tun") +o:depends("en_mode", "redir-host-vpn") + + +---- Operation Mode +switch_mode = s:taboption("op_mode", DummyValue, "", nil) +switch_mode.template = "openclash/switch_mode" ---- General Settings local cpu_model=SYS.exec("opkg status libc 2>/dev/null |grep 'Architecture' |awk -F ': ' '{print $2}' 2>/dev/null") @@ -177,13 +175,13 @@ o:value("0", translate("Disable")) o:value("1", translate("Enable")) o.default=0 -if op_mode == "fake-ip" then o = s:taboption("dns", ListValue, "dns_advanced_setting", translate("Advanced Setting")) o.description = translate("DNS Advanced Settings")..font_red..bold_on..translate("(Please Don't Modify it at Will)")..bold_off..font_off o:value("0", translate("Disable")) o:value("1", translate("Enable")) o.default=0 +if op_mode == "fake-ip" then o = s:taboption("dns", Button, translate("Fake-IP-Filter List Update")) o.title = translate("Fake-IP-Filter List Update") o:depends("dns_advanced_setting", "1") @@ -215,6 +213,30 @@ function custom_fake_black.write(self, section, value) end end +o = s:taboption("dns", Value, "custom_domain_dns_server", translate("Specify DNS Server")) +o.description = translate("Specify DNS Server For List, Only One IP Server Address Support") +o.default="114.114.114.114" +o.placeholder = translate("114.114.114.114 or 127.0.0.1#5300") +o:depends("dns_advanced_setting", "1") + +custom_domain_dns = s:taboption("dns", Value, "custom_domain_dns") +custom_domain_dns.template = "cbi/tvalue" +custom_domain_dns.description = translate("Domain Names In The List Use The Custom DNS Server, One rule per line") +custom_domain_dns.rows = 20 +custom_domain_dns.wrap = "off" +custom_domain_dns:depends("dns_advanced_setting", "1") + +function custom_domain_dns.cfgvalue(self, section) + return NXFS.readfile("/etc/openclash/custom/openclash_custom_domain_dns.list") or "" +end +function custom_domain_dns.write(self, section, value) + + if value then + value = value:gsub("\r\n?", "\n") + NXFS.writefile("/etc/openclash/custom/openclash_custom_domain_dns.list", value) + end +end + ---- Access Control if op_mode == "redir-host" then o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("Access Control Mode")) diff --git a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/switch_mode.htm b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/switch_mode.htm new file mode 100644 index 0000000000..b15583af49 --- /dev/null +++ b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/switch_mode.htm @@ -0,0 +1,38 @@ + +
+ + +
+

+ <%:Collecting data...%> +

+
+
+ + + \ No newline at end of file diff --git a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/update.htm b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/update.htm index a6a91f721c..1ba5f63a41 100644 --- a/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/update.htm +++ b/package/ctcgfw/luci-app-openclash/files/usr/lib/lua/luci/view/openclash/update.htm @@ -322,9 +322,11 @@ XHR.get('<%=luci.dispatcher.build_url("admin", "services", "openclash", "restore")%>', null, function(x, status) { if ( x && x.status == 200 ) { alert('还原默认配置成功!') + window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>'; } else { alert('还原默认配置失败!') + window.location.href='<%="http://'+window.location.hostname+'/cgi-bin/luci/admin/services/openclash/settings"%>'; } }); } else { diff --git a/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_custom_domain_dns.sh b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_custom_domain_dns.sh new file mode 100755 index 0000000000..86ec158374 --- /dev/null +++ b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_custom_domain_dns.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +status=$(ps|grep -c /usr/share/openclash/openclash_custom_domain_dns.sh) +[ "$status" -gt "3" ] && exit 0 + +START_LOG="/tmp/openclash_start.log" +rm -rf /tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf >/dev/null 2>&1 +if [ "$(uci get openclash.config.dns_advanced_setting 2>/dev/null)" -eq 1 ]; then + echo "正在设置第二DNS服务器列表..." >$START_LOG + + custom_domain_dns_server=$(uci get openclash.config.custom_domain_dns_server 2>/dev/null) + [ -z "$custom_domain_dns_server" ] && { + custom_domain_dns_server="114.114.114.114" + } + + if [ -s "/etc/openclash/custom/openclash_custom_domain_dns.list" ]; then + mkdir -p /tmp/dnsmasq.d + awk -v tag="$custom_domain_dns_server" '!/^$/&&!/^#/{printf("server=/%s/"'tag'"\n",$0)}' /etc/openclash/custom/openclash_custom_domain_dns.list >>/tmp/dnsmasq.d/dnsmasq_openclash_custom_domain.conf 2>/dev/null + fi +fi \ No newline at end of file diff --git a/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_rule.sh b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_rule.sh index e1fc398c7d..abdda6fcaf 100755 --- a/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_rule.sh +++ b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/openclash_rule.sh @@ -29,6 +29,7 @@ fi sed -i -n '/^rule-providers:/,$p' /tmp/rules.yaml 2>/dev/null sed -i "s/# - RULE-SET,ChinaIP,DIRECT/- RULE-SET,ChinaIP,DIRECT/g" /tmp/rules.yaml 2>/dev/null + sed -i "s/- GEOIP,/#- GEOIP,/g" /tmp/rules.yaml 2>/dev/null elif [ "$RUlE_SOURCE" = "ConnersHua_return" ]; then if pidof clash >/dev/null; then curl -sL --connect-timeout 10 --retry 2 -x http://$PROXY_ADDR:$HTTP_PORT -U "$PROXY_AUTH" https://raw.githubusercontent.com/ConnersHua/Profiles/master/Clash/China.yaml -o /tmp/rules.yaml >/dev/null 2>&1 diff --git a/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/yml_rules_change.sh b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/yml_rules_change.sh index 944fef817d..8658ddad92 100755 --- a/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/yml_rules_change.sh +++ b/package/ctcgfw/luci-app-openclash/files/usr/share/openclash/yml_rules_change.sh @@ -13,8 +13,14 @@ yml_other_set() sed -i '/^##Custom Rules 2##/d' "$4" 2>/dev/null sed -i '/^##Custom Rules 2 End##/d' "$4" 2>/dev/null sed -i '/- DOMAIN-KEYWORD,tracker,DIRECT/d' "$4" 2>/dev/null - sed -i '/- DOMAIN-KEYWORD,announce,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,announce.php?passkey=,DIRECT/d' "$4" 2>/dev/null sed -i '/- DOMAIN-KEYWORD,torrent,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,peer_id=,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,info_hash,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,get_peers,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,find_node,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,BitTorrent,DIRECT/d' "$4" 2>/dev/null + sed -i '/- DOMAIN-KEYWORD,announce_peer,DIRECT/d' "$4" 2>/dev/null if [ -z "$(grep '^ \{0,\}- IP-CIDR,198.18.0.1/16,REJECT,no-resolve' "$4")" ] && [ "$6" = "fake-ip" ]; then if [ ! -z "$(grep "^ \{0,\}- IP-CIDR,198.18.0.1/16" "$4")" ]; then @@ -26,7 +32,7 @@ yml_other_set() fi fi fi - + if [ "$7" = 1 ]; then sed -i '1,/^ \{0,\}- GEOIP/{/^ \{0,\}- GEOIP/s/^ \{0,\}- GEOIP/- DOMAIN-KEYWORD,tracker,DIRECT\n&/}' "$4" 2>/dev/null if [ -z "$(grep '^- DOMAIN-KEYWORD,tracker,DIRECT' "$4")" ]; then @@ -35,8 +41,14 @@ yml_other_set() if [ -z "$(grep '^- DOMAIN-KEYWORD,tracker,DIRECT' "$4")" ]; then echo "- DOMAIN-KEYWORD,tracker,DIRECT" >> "$4" 2>/dev/null fi - sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce.php?passkey=,DIRECT" "$4" 2>/dev/null sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,torrent,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,peer_id=,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,info_hash,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,get_peers,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,find_node,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,BitTorrent,DIRECT" "$4" 2>/dev/null + sed -i "/- DOMAIN-KEYWORD,tracker,DIRECT/a\- DOMAIN-KEYWORD,announce_peer,DIRECT" "$4" 2>/dev/null if [ -z "$(grep "###- MATCH," "$4")" ] && [ -z "$(grep "###- FINAL," "$4")" ]; then sed -i 's/- MATCH,/###&/' "$4" 2>/dev/null echo "- MATCH,DIRECT" >> "$4" 2>/dev/null @@ -47,7 +59,7 @@ yml_other_set() sed -i "s/###- MATCH,/- MATCH,/" "$4" 2>/dev/null fi fi - + if [ "$3" = 1 ]; then sed -i '/^rules:/a\##Custom Rules End##' "$4" 2>/dev/null sed -i '/^rules:/a\##Custom Rules##' "$4" 2>/dev/null diff --git a/package/ctcgfw/luci-app-openclash/i18n/zh-cn/openclash.zh-cn.po b/package/ctcgfw/luci-app-openclash/i18n/zh-cn/openclash.zh-cn.po index c72332c9ae..2c3ae67306 100644 --- a/package/ctcgfw/luci-app-openclash/i18n/zh-cn/openclash.zh-cn.po +++ b/package/ctcgfw/luci-app-openclash/i18n/zh-cn/openclash.zh-cn.po @@ -149,6 +149,12 @@ msgstr "网络栈类型" msgid "Select Stack Type For Tun Mode, According To The Running Speed on Your Machine" msgstr "请自行根据运行速度为Tun模式选择合适的网络栈" +msgid "China IP Route" +msgstr "实验性:绕过中国大陆IP" + +msgid "Bypass The China Network Flows, Improve Performance" +msgstr "启用后中国大陆流量将不再经过内核,提升系统性能" + msgid "Log Level" msgstr "日志等级" @@ -213,7 +219,7 @@ msgid "(Please Don't Modify it at Will)" msgstr "(如您不知道选项有何用,请不要随意修改)" msgid "Specify DNS Server" -msgstr "(Fake-IP模式)黑名单DNS服务器" +msgstr "指定(第二)DNS服务器" msgid "Specify DNS Server For List, Only One IP Server Address Support" msgstr "指定下方列表中域名的DNS服务器,只支持填写一个IP地址" @@ -221,6 +227,9 @@ msgstr "指定下方列表中域名的DNS服务器,只支持填写一个IP地 msgid "Domain Names In The List Do Not Return Fake-IP, One rule per line" msgstr "每行请只填写一个域名,列表中的域名在(Fake-IP模式)下查询DNS时将返回真实IP地址,更改后点击上方按钮生效" +msgid "Domain Names In The List Use The Custom DNS Server, One rule per line" +msgstr "每行请只填写一个域名,列表中的域名将使用上方指定的DNS进行查询" + msgid "Fake-IP-Filter List Update" msgstr "更新Fake-IP域名黑名单" diff --git a/package/ctcgfw/luci-theme-argonv3/Makefile b/package/ctcgfw/luci-theme-argonv3/Makefile index d483ef3192..b0c0939af7 100644 --- a/package/ctcgfw/luci-theme-argonv3/Makefile +++ b/package/ctcgfw/luci-theme-argonv3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Argon Theme LUCI_DEPENDS:= -PKG_VERSION:=1.6.2 +PKG_VERSION:=1.6.3 PKG_RELEASE:=20200725 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/css/cascade.css b/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/css/cascade.css index 5965ff2f60..7a1a43a127 100644 --- a/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/css/cascade.css +++ b/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/css/cascade.css @@ -200,7 +200,7 @@ li { line-height: 1; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; - color: #adb5bd; + color: #525461; font-size: 1.5rem; position: absolute; z-index: 100; @@ -225,10 +225,10 @@ li { margin: 0.825rem 0; box-sizing: border-box; transition: all 0.3s cubic-bezier(0.68, -0.55, 0.265, 1.55); - color: #8898aa; + color: #525461; border: 0; border-radius: 0; - border-bottom: 1px solid #dee2e6; + border-bottom: 1px solid #fff; background-color: transparent; background-clip: padding-box; box-shadow: 0 3px 2px rgba(233, 236, 239, 0.05); @@ -293,6 +293,13 @@ li { .pull-left { float: left; } +@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { + .login-page .login-container .login-form { + -webkit-backdrop-filter: blur(10px); + backdrop-filter: blur(10px); + background-color: rgba(244, 245, 247, 0.7); + } +} /*********************** * * Header @@ -1069,6 +1076,11 @@ small { .cbi-section > legend { display: none !important; } +.cbi-section-error { + padding: 1.5rem; + color: #fb6340; + font-weight: 600; +} fieldset > fieldset { margin: 0; padding: 0; @@ -2676,13 +2688,6 @@ input[name="nslookup"] { border-bottom: var(--white) 1px solid; border-radius: 0; } - @supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { - .login-page .login-container .login-form { - -webkit-backdrop-filter: blur(10px); - backdrop-filter: blur(10px); - background-color: rgba(244, 245, 247, 0.7); - } - } fieldset { padding: 0; margin: 1rem 0 0 0; @@ -3213,11 +3218,8 @@ input[name="nslookup"] { padding: 5px; background: #252525; } -} -@media (prefers-color-scheme: dark) and (max-width: 480px) { - .node-status-iptables > .main div > .cbi-map > form { - background-color: #1e1e1e; - box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, 0.35); + .cbi-section-error { + color: darkorange; } @supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { .login-page .login-container .login-form { @@ -3227,3 +3229,9 @@ input[name="nslookup"] { } } } +@media (prefers-color-scheme: dark) and (max-width: 480px) { + .node-status-iptables > .main div > .cbi-map > form { + background-color: #1e1e1e; + box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, 0.35); + } +} diff --git a/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/less/cascade.less b/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/less/cascade.less index b894199d23..60429feeef 100644 --- a/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/less/cascade.less +++ b/package/ctcgfw/luci-theme-argonv3/htdocs/luci-static/argon/less/cascade.less @@ -226,7 +226,7 @@ li { line-height: 1; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; - color: #adb5bd; + color: #525461; font-size: 1.5rem; position: absolute; z-index: 100; @@ -253,10 +253,10 @@ li { margin: 0.825rem 0; box-sizing: border-box; transition: all .3s cubic-bezier(.68, -.55, .265, 1.55); - color: #8898aa; + color: #525461; border: 0; border-radius: 0; - border-bottom: 1px solid #dee2e6; + border-bottom: 1px solid #fff; background-color: transparent; background-clip: padding-box; box-shadow: 0 3px 2px rgba(233, 236, 239, .05); @@ -340,6 +340,15 @@ li { float: left; } +@supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { + .login-page .login-container .login-form { + -webkit-backdrop-filter: blur(10px); + backdrop-filter: blur(10px); + background-color: rgba(244, 245, 247, 0.7); + + } +} + /*********************** @@ -1296,6 +1305,11 @@ small { .cbi-section>legend { display: none !important; } +.cbi-section-error { + padding: 1.5rem; + color: #fb6340; + font-weight: 600; +} fieldset>fieldset { margin: 0; @@ -3379,14 +3393,7 @@ input[name="nslookup"] { } - @supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { - .login-page .login-container .login-form { - -webkit-backdrop-filter: blur(10px); - backdrop-filter: blur(10px); - background-color: rgba(244, 245, 247, 0.7); - - } - } + fieldset { padding: 0; @@ -4110,12 +4117,8 @@ input[name="nslookup"] { background: #252525; } -} - -@media (prefers-color-scheme: dark) and (max-width: 480px) { - .node-status-iptables>.main div>.cbi-map>form { - background-color: #1e1e1e; - box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, .35); + .cbi-section-error { + color: darkorange; } @supports (-webkit-backdrop-filter: none) or (backdrop-filter: none) { @@ -4126,4 +4129,14 @@ input[name="nslookup"] { } } + +} + +@media (prefers-color-scheme: dark) and (max-width: 480px) { + .node-status-iptables>.main div>.cbi-map>form { + background-color: #1e1e1e; + box-shadow: 0 0 0.5rem 0 rgba(0, 0, 0, .35); + } + + } \ No newline at end of file diff --git a/package/lean/UnblockNeteaseMusic-Go/Makefile b/package/lean/UnblockNeteaseMusic-Go/Makefile index b2ed6833b6..728ac35006 100644 --- a/package/lean/UnblockNeteaseMusic-Go/Makefile +++ b/package/lean/UnblockNeteaseMusic-Go/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=UnblockNeteaseMusic-Go -PKG_VERSION:=0.2.1 +PKG_VERSION:=0.2.4 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/cnsilvan/UnblockNeteaseMusic.git -PKG_SOURCE_VERSION:=7664b2b5c5dbe8e1ff7fde0c0051b4feabc0e0ba +PKG_SOURCE_VERSION:=2db62fe071c9f8fbfa8bad87256f853a78bb76f1 PKG_MAINTAINER:=Silvan PKG_SOURCE_SUBDIR:=$(PKG_NAME) diff --git a/package/lean/luci-app-turboacc/root/etc/config/turboacc b/package/lean/luci-app-turboacc/root/etc/config/turboacc index 689253eb13..067aad2763 100644 --- a/package/lean/luci-app-turboacc/root/etc/config/turboacc +++ b/package/lean/luci-app-turboacc/root/etc/config/turboacc @@ -1,7 +1,7 @@ config turboacc 'config' option sw_flow '1' - option hw_flow '0' + option hw_flow '1' option sfe_flow '1' option sfe_bridge '1' option sfe_ipv6 '0' diff --git a/package/lienol/brook/Makefile b/package/lienol/brook/Makefile index 6121b38834..9a8bf46555 100644 --- a/package/lienol/brook/Makefile +++ b/package/lienol/brook/Makefile @@ -23,6 +23,9 @@ ifeq ($(ARCH),arm) endif ifeq ($(BOARD),bcm53xx) PKG_ARCH_BROOK:=_linux_arm6 +ifeq ($(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE)))),) + PKG_ARCH_BROOK:=_linux_arm5 +endif endif ifeq ($(BOARD),kirkwood) PKG_ARCH_BROOK:=_linux_arm5 @@ -32,7 +35,7 @@ ifeq ($(ARCH),aarch64) endif PKG_NAME:=brook -PKG_VERSION:=20200201 +PKG_VERSION:=20200701 PKG_RELEASE:=1 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE:=brook$(PKG_ARCH_BROOK) diff --git a/package/lienol/luci-app-passwall/Makefile b/package/lienol/luci-app-passwall/Makefile index ec21bb418f..aaaf97f432 100644 --- a/package/lienol/luci-app-passwall/Makefile +++ b/package/lienol/luci-app-passwall/Makefile @@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall PKG_VERSION:=3.9 -PKG_RELEASE:=22 -PKG_DATE:=20200724 +PKG_RELEASE:=23 +PKG_DATE:=20200727 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) diff --git a/package/lienol/luci-app-passwall/luasrc/controller/passwall.lua b/package/lienol/luci-app-passwall/luasrc/controller/passwall.lua index 9d180b2f12..997ec88a7b 100644 --- a/package/lienol/luci-app-passwall/luasrc/controller/passwall.lua +++ b/package/lienol/luci-app-passwall/luasrc/controller/passwall.lua @@ -9,58 +9,61 @@ local v2ray = require "luci.model.cbi.passwall.api.v2ray" local trojan_go = require "luci.model.cbi.passwall.api.trojan_go" function index() + appname = "passwall" + entry({"admin", "services", appname}).dependent = true + entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true + entry({"admin", "services", appname, "show"}, call("show_menu")).leaf = true + entry({"admin", "services", appname, "hide"}, call("hide_menu")).leaf = true if not nixio.fs.access("/etc/config/passwall") then return end - entry({"admin", "services", "passwall", "reset_config"}, call("reset_config")).leaf = true - entry({"admin", "services", "passwall", "show"}, call("show_menu")).leaf = true - entry({"admin", "services", "passwall", "hide"}, call("hide_menu")).leaf = true if nixio.fs.access("/etc/config/passwall_show") then - entry({"admin", "services", "passwall"}, alias("admin", "services", "passwall", "settings"), _("Pass Wall"), 1).dependent = true + entry({"admin", "services", appname}, alias("admin", "services", appname, "settings"), _("Pass Wall"), 1).dependent = true end - entry({"admin", "services", "passwall", "settings"}, cbi("passwall/global"), _("Basic Settings"), 1).dependent = true - entry({"admin", "services", "passwall", "node_list"}, cbi("passwall/node_list"), _("Node List"), 2).dependent = true - entry({"admin", "services", "passwall", "auto_switch"}, cbi("passwall/auto_switch"), _("Auto Switch"), 3).leaf = true - entry({"admin", "services", "passwall", "other"}, cbi("passwall/other", {autoapply = true}), _("Other Settings"), 93).leaf = true + entry({"admin", "services", appname, "settings"}, cbi("passwall/global"), _("Basic Settings"), 1).dependent = true + entry({"admin", "services", appname, "node_list"}, cbi("passwall/node_list"), _("Node List"), 2).dependent = true + entry({"admin", "services", appname, "auto_switch"}, cbi("passwall/auto_switch"), _("Auto Switch"), 3).leaf = true + entry({"admin", "services", appname, "other"}, cbi("passwall/other", {autoapply = true}), _("Other Settings"), 93).leaf = true if nixio.fs.access("/usr/sbin/haproxy") then - entry({"admin", "services", "passwall", "haproxy"}, cbi("passwall/haproxy"), _("Load Balancing"), 94).leaf = true + entry({"admin", "services", appname, "haproxy"}, cbi("passwall/haproxy"), _("Load Balancing"), 94).leaf = true end - entry({"admin", "services", "passwall", "node_subscribe"}, cbi("passwall/node_subscribe"), _("Node Subscribe"), 95).dependent = true - entry({"admin", "services", "passwall", "rule"}, cbi("passwall/rule"), _("Rule Update"), 96).leaf = true - entry({"admin", "services", "passwall", "node_config"}, cbi("passwall/node_config")).leaf = true - entry({"admin", "services", "passwall", "shunt_rules"}, cbi("passwall/shunt_rules")).leaf = true - entry({"admin", "services", "passwall", "acl"}, cbi("passwall/acl"), _("Access control"), 97).leaf = true - entry({"admin", "services", "passwall", "log"}, form("passwall/log"), _("Watch Logs"), 999).leaf = true - entry({"admin", "services", "passwall", "server"}, cbi("passwall/server/index"), _("Server-Side"), 99).leaf = true - entry({"admin", "services", "passwall", "server_user"}, cbi("passwall/server/user")).leaf = true + entry({"admin", "services", appname, "node_subscribe"}, cbi("passwall/node_subscribe"), _("Node Subscribe"), 95).dependent = true + entry({"admin", "services", appname, "rule"}, cbi("passwall/rule"), _("Rule"), 96).leaf = true + entry({"admin", "services", appname, "app_update"}, cbi("passwall/app_update"), _("App Update"), 97).leaf = true + entry({"admin", "services", appname, "node_config"}, cbi("passwall/node_config")).leaf = true + entry({"admin", "services", appname, "shunt_rules"}, cbi("passwall/shunt_rules")).leaf = true + entry({"admin", "services", appname, "acl"}, cbi("passwall/acl"), _("Access control"), 98).leaf = true + entry({"admin", "services", appname, "log"}, form("passwall/log"), _("Watch Logs"), 999).leaf = true + entry({"admin", "services", appname, "server"}, cbi("passwall/server/index"), _("Server-Side"), 99).leaf = true + entry({"admin", "services", appname, "server_user"}, cbi("passwall/server/user")).leaf = true - entry({"admin", "services", "passwall", "server_user_status"}, call("server_user_status")).leaf = true - entry({"admin", "services", "passwall", "server_get_log"}, call("server_get_log")).leaf = true - entry({"admin", "services", "passwall", "server_clear_log"}, call("server_clear_log")).leaf = true - entry({"admin", "services", "passwall", "link_append_temp"}, call("link_append_temp")).leaf = true - entry({"admin", "services", "passwall", "link_load_temp"}, call("link_load_temp")).leaf = true - entry({"admin", "services", "passwall", "link_clear_temp"}, call("link_clear_temp")).leaf = true - entry({"admin", "services", "passwall", "link_add_node"}, call("link_add_node")).leaf = true - entry({"admin", "services", "passwall", "get_log"}, call("get_log")).leaf = true - entry({"admin", "services", "passwall", "clear_log"}, call("clear_log")).leaf = true - entry({"admin", "services", "passwall", "status"}, call("status")).leaf = true - entry({"admin", "services", "passwall", "socks_status"}, call("socks_status")).leaf = true - entry({"admin", "services", "passwall", "connect_status"}, call("connect_status")).leaf = true - entry({"admin", "services", "passwall", "check_port"}, call("check_port")).leaf = true - entry({"admin", "services", "passwall", "ping_node"}, call("ping_node")).leaf = true - entry({"admin", "services", "passwall", "set_node"}, call("set_node")).leaf = true - entry({"admin", "services", "passwall", "copy_node"}, call("copy_node")).leaf = true - entry({"admin", "services", "passwall", "clear_all_nodes"}, call("clear_all_nodes")).leaf = true - entry({"admin", "services", "passwall", "delete_select_nodes"}, call("delete_select_nodes")).leaf = true - entry({"admin", "services", "passwall", "update_rules"}, call("update_rules")).leaf = true - entry({"admin", "services", "passwall", "luci_check"}, call("luci_check")).leaf = true - entry({"admin", "services", "passwall", "luci_update"}, call("luci_update")).leaf = true - entry({"admin", "services", "passwall", "kcptun_check"}, call("kcptun_check")).leaf = true - entry({"admin", "services", "passwall", "kcptun_update"}, call("kcptun_update")).leaf = true - entry({"admin", "services", "passwall", "brook_check"}, call("brook_check")).leaf = true - entry({"admin", "services", "passwall", "brook_update"}, call("brook_update")).leaf = true - entry({"admin", "services", "passwall", "v2ray_check"}, call("v2ray_check")).leaf = true - entry({"admin", "services", "passwall", "v2ray_update"}, call("v2ray_update")).leaf = true - entry({"admin", "services", "passwall", "trojan_go_check"}, call("trojan_go_check")).leaf = true - entry({"admin", "services", "passwall", "trojan_go_update"}, call("trojan_go_update")).leaf = true + entry({"admin", "services", appname, "server_user_status"}, call("server_user_status")).leaf = true + entry({"admin", "services", appname, "server_get_log"}, call("server_get_log")).leaf = true + entry({"admin", "services", appname, "server_clear_log"}, call("server_clear_log")).leaf = true + entry({"admin", "services", appname, "link_append_temp"}, call("link_append_temp")).leaf = true + entry({"admin", "services", appname, "link_load_temp"}, call("link_load_temp")).leaf = true + entry({"admin", "services", appname, "link_clear_temp"}, call("link_clear_temp")).leaf = true + entry({"admin", "services", appname, "link_add_node"}, call("link_add_node")).leaf = true + entry({"admin", "services", appname, "get_log"}, call("get_log")).leaf = true + entry({"admin", "services", appname, "clear_log"}, call("clear_log")).leaf = true + entry({"admin", "services", appname, "status"}, call("status")).leaf = true + entry({"admin", "services", appname, "socks_status"}, call("socks_status")).leaf = true + entry({"admin", "services", appname, "connect_status"}, call("connect_status")).leaf = true + entry({"admin", "services", appname, "check_port"}, call("check_port")).leaf = true + entry({"admin", "services", appname, "ping_node"}, call("ping_node")).leaf = true + entry({"admin", "services", appname, "set_node"}, call("set_node")).leaf = true + entry({"admin", "services", appname, "copy_node"}, call("copy_node")).leaf = true + entry({"admin", "services", appname, "clear_all_nodes"}, call("clear_all_nodes")).leaf = true + entry({"admin", "services", appname, "delete_select_nodes"}, call("delete_select_nodes")).leaf = true + entry({"admin", "services", appname, "update_rules"}, call("update_rules")).leaf = true + entry({"admin", "services", appname, "luci_check"}, call("luci_check")).leaf = true + entry({"admin", "services", appname, "luci_update"}, call("luci_update")).leaf = true + entry({"admin", "services", appname, "kcptun_check"}, call("kcptun_check")).leaf = true + entry({"admin", "services", appname, "kcptun_update"}, call("kcptun_update")).leaf = true + entry({"admin", "services", appname, "brook_check"}, call("brook_check")).leaf = true + entry({"admin", "services", appname, "brook_update"}, call("brook_update")).leaf = true + entry({"admin", "services", appname, "v2ray_check"}, call("v2ray_check")).leaf = true + entry({"admin", "services", appname, "v2ray_update"}, call("v2ray_update")).leaf = true + entry({"admin", "services", appname, "trojan_go_check"}, call("trojan_go_check")).leaf = true + entry({"admin", "services", appname, "trojan_go_update"}, call("trojan_go_update")).leaf = true end local function http_write_json(content) @@ -70,12 +73,12 @@ end function reset_config() luci.sys.call('[ -f "/usr/share/passwall/config.default" ] && cp -f /usr/share/passwall/config.default /etc/config/passwall && /etc/init.d/passwall reload') - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall")) + luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname)) end function show_menu() luci.sys.call("touch /etc/config/passwall_show") - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall")) + luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname)) end function hide_menu() @@ -130,7 +133,7 @@ end function status() -- local dns_mode = ucic:get(appname, "@global[0]", "dns_mode") local e = {} - e.dns_mode_status = luci.sys.call("netstat -apn | grep 7913 >/dev/null") == 0 + e.dns_mode_status = luci.sys.call("netstat -apn | grep ':7913 ' | grep 'LISTEN' >/dev/null") == 0 e.haproxy_status = luci.sys.call(string.format("ps -w | grep -v grep | grep '%s/bin/' | grep haproxy >/dev/null", appname)) == 0 local tcp_node_num = ucic:get(appname, "@global_other[0]", "tcp_node_num") or 1 for i = 1, tcp_node_num, 1 do @@ -198,7 +201,7 @@ function set_node() ucic:set(appname, "@global[0]", protocol .. "_node" .. number, section) ucic:commit(appname) luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &") - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "passwall", "log")) + luci.http.redirect(luci.dispatcher.build_url("admin", "services", appname, "log")) end function copy_node() @@ -245,7 +248,7 @@ function check_port() -- retstring = retstring .. "暂时不支持UDP检测
" retstring = retstring .. "检测端口可用性
" - ucic:foreach("passwall", "nodes", function(s) + ucic:foreach(appname, "nodes", function(s) local ret = "" local tcp_socket if (s.use_kcp and s.use_kcp == "1" and s.kcp_port) or diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua index 61f5247a99..4af3ee8621 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua @@ -75,6 +75,7 @@ local function gen_outbound(node, tag) congestion = (node.mkcp_congestion == "1") and true or false, readBufferSize = tonumber(node.mkcp_readBufferSize), writeBufferSize = tonumber(node.mkcp_writeBufferSize), + seed = (node.mkcp_seed and node.mkcp_seed ~= "") and node.mkcp_seed or nil, header = {type = node.mkcp_guise} } or nil, wsSettings = (node.transport == "ws") and { @@ -122,6 +123,12 @@ local function gen_outbound(node, tag) } } end + + if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then + result.streamSettings.security = "none" + result.streamSettings.tlsSettings = nil + end + return result end diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/app_update.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/app_update.lua new file mode 100644 index 0000000000..8a1713a769 --- /dev/null +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/app_update.lua @@ -0,0 +1,47 @@ +local d = require "luci.dispatcher" +local appname = "passwall" + +m = Map(appname) + +-- [[ App Settings ]]-- +s = m:section(TypedSection, "global_app", translate("App Update"), + "" .. + translate("Please confirm that your firmware supports FPU.") .. + "") +s.anonymous = true +s:append(Template(appname .. "/app_update/v2ray_version")) +s:append(Template(appname .. "/app_update/trojan_go_version")) +s:append(Template(appname .. "/app_update/kcptun_version")) +s:append(Template(appname .. "/app_update/brook_version")) + +---- V2ray Path +o = s:option(Value, "v2ray_file", translate("V2ray Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/v2ray/")) +o.default = "/usr/bin/v2ray/" +o.rmempty = false + +---- Trojan-Go Path +o = s:option(Value, "trojan_go_file", translate("Trojan-Go Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/trojan-go")) +o.default = "/usr/bin/trojan-go" +o.rmempty = false + +o = s:option(Value, "trojan_go_latest", translate("Trojan-Go Version API"), translate("alternate API URL for version checking")) +o.default = "https://api.github.com/repos/peter-tank/trojan-go/releases/latest" + +---- Kcptun client Path +o = s:option(Value, "kcptun_client_file", translate("Kcptun Client Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/kcptun-client")) +o.default = "/usr/bin/kcptun-client" +o.rmempty = false + +--[[ +o = s:option(Button, "_check_kcptun", translate("Manually update"), translatef("Make sure there is enough space to install %s", "kcptun")) +o.template = appname .. "/kcptun" +o.inputstyle = "apply" +o.btnclick = "onBtnClick_kcptun(this);" +o.id = "_kcptun-check_btn"]] -- + +---- Brook Path +o = s:option(Value, "brook_file", translate("Brook Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/brook")) +o.default = "/usr/bin/brook" +o.rmempty = false + +return m diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/auto_switch.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/auto_switch.lua index a98b01d2ac..9257d8cf45 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/auto_switch.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/auto_switch.lua @@ -20,7 +20,7 @@ end) m = Map(appname) -- [[ Auto Switch Settings ]]-- -s = m:section(TypedSection, "auto_switch", translate("Auto Switch")) +s = m:section(TypedSection, "auto_switch") s.anonymous = true ---- Enable diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/global.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/global.lua index b9e615e72b..22464db365 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/global.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/global.lua @@ -68,8 +68,7 @@ else end -- [[ Global Settings ]]-- -s = m:section(TypedSection, "global", translate("Main Settings")) --- s.description = translate("If you can use it, very stable. If not, GG !!!") +s = m:section(TypedSection, "global") s.anonymous = true s.addremove = false diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/haproxy.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/haproxy.lua index 24ccde1daf..893a0ae88d 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/haproxy.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/haproxy.lua @@ -19,7 +19,7 @@ end) m = Map(appname) -- [[ Haproxy Settings ]]-- -s = m:section(TypedSection, "global_haproxy", translate("Load Balancing")) +s = m:section(TypedSection, "global_haproxy") s.anonymous = true s:append(Template(appname .. "/haproxy/status")) @@ -47,7 +47,7 @@ o.default = "1188" o:depends("balancing_enable", 1) -- [[ Balancing Settings ]]-- -s = m:section(TypedSection, "haproxy_config", translate("Load Balancing Setting"), +s = m:section(TypedSection, "haproxy_config", "", "" .. translate("Add a node, Export Of Multi WAN Only support Multi Wan. Load specific gravity range 1-256. Multiple primary servers can be load balanced, standby will only be enabled when the primary server is offline! Multiple groups can be set, Haproxy port same one for each group.").."") s.template = "cbi/tblsection" s.sortable = true diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/node_config.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/node_config.lua index 8475882e29..76ed33680c 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/node_config.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/node_config.lua @@ -414,26 +414,35 @@ for a, t in ipairs(header_type_list) do mkcp_guise:value(t) end mkcp_guise:depends("transport", "mkcp") mkcp_mtu = s:option(Value, "mkcp_mtu", translate("KCP MTU")) +mkcp_mtu.default = "1350" mkcp_mtu:depends("transport", "mkcp") mkcp_tti = s:option(Value, "mkcp_tti", translate("KCP TTI")) +mkcp_tti.default = "20" mkcp_tti:depends("transport", "mkcp") mkcp_uplinkCapacity = s:option(Value, "mkcp_uplinkCapacity", translate("KCP uplinkCapacity")) +mkcp_uplinkCapacity.default = "5" mkcp_uplinkCapacity:depends("transport", "mkcp") mkcp_downlinkCapacity = s:option(Value, "mkcp_downlinkCapacity", translate("KCP downlinkCapacity")) +mkcp_downlinkCapacity.default = "20" mkcp_downlinkCapacity:depends("transport", "mkcp") mkcp_congestion = s:option(Flag, "mkcp_congestion", translate("KCP Congestion")) mkcp_congestion:depends("transport", "mkcp") mkcp_readBufferSize = s:option(Value, "mkcp_readBufferSize", translate("KCP readBufferSize")) +mkcp_readBufferSize.default = "1" mkcp_readBufferSize:depends("transport", "mkcp") mkcp_writeBufferSize = s:option(Value, "mkcp_writeBufferSize", translate("KCP writeBufferSize")) +mkcp_writeBufferSize.default = "1" mkcp_writeBufferSize:depends("transport", "mkcp") +mkcp_seed = s:option(Value, "mkcp_seed", translate("KCP Seed")) +mkcp_seed:depends("transport", "mkcp") + -- [[ WebSocket部分 ]]-- ws_host = s:option(Value, "ws_host", translate("WebSocket Host")) ws_host:depends("transport", "ws") diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/rule.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/rule.lua index e9e82b5093..4b0f68b110 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/rule.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/rule.lua @@ -64,45 +64,4 @@ end o = s:option(DummyValue, "remarks", translate("Remarks")) --- [[ App Settings ]]-- -s = m:section(TypedSection, "global_app", translate("App Update"), - "" .. - translate("Please confirm that your firmware supports FPU.") .. - "") -s.anonymous = true -s:append(Template(appname .. "/rule/v2ray_version")) -s:append(Template(appname .. "/rule/trojan_go_version")) -s:append(Template(appname .. "/rule/kcptun_version")) -s:append(Template(appname .. "/rule/brook_version")) - ----- V2ray Path -o = s:option(Value, "v2ray_file", translate("V2ray Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/v2ray/")) -o.default = "/usr/bin/v2ray/" -o.rmempty = false - ----- Trojan-Go Path -o = s:option(Value, "trojan_go_file", translate("Trojan-Go Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/trojan-go")) -o.default = "/usr/bin/trojan-go" -o.rmempty = false - -o = s:option(Value, "trojan_go_latest", translate("Trojan-Go Version API"), translate("alternate API URL for version checking")) -o.default = "https://api.github.com/repos/peter-tank/trojan-go/releases/latest" - ----- Kcptun client Path -o = s:option(Value, "kcptun_client_file", translate("Kcptun Client Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/kcptun-client")) -o.default = "/usr/bin/kcptun-client" -o.rmempty = false - ---[[ -o = s:option(Button, "_check_kcptun", translate("Manually update"), translatef("Make sure there is enough space to install %s", "kcptun")) -o.template = appname .. "/kcptun" -o.inputstyle = "apply" -o.btnclick = "onBtnClick_kcptun(this);" -o.id = "_kcptun-check_btn"]] -- - ----- Brook Path -o = s:option(Value, "brook_file", translate("Brook Path"), translatef("if you want to run from memory, change the path, such as %s, Then save the application and update it manually.", "/tmp/brook")) -o.default = "/usr/bin/brook" -o.rmempty = false - return m diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua index a0d8e5250c..27dac1d5b6 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua @@ -89,8 +89,7 @@ function gen_config(user) tlsSettings = (node.stream_security == "tls") and { disableSessionResumption = node.sessionTicket ~= "1" and true or false, serverName = node.tls_serverName, - allowInsecure = (node.tls_allowInsecure == "1") and true or - false + allowInsecure = (node.tls_allowInsecure == "1") and true or false } or nil, tcpSettings = (node.transport == "tcp") and { header = { @@ -107,25 +106,23 @@ function gen_config(user) mtu = tonumber(node.mkcp_mtu), tti = tonumber(node.mkcp_tti), uplinkCapacity = tonumber(node.mkcp_uplinkCapacity), - downlinkCapacity = tonumber( - node.mkcp_downlinkCapacity), - congestion = (node.mkcp_congestion == "1") and - true or false, + downlinkCapacity = tonumber(node.mkcp_downlinkCapacity), + congestion = (node.mkcp_congestion == "1") and true or false, readBufferSize = tonumber(node.mkcp_readBufferSize), - writeBufferSize = tonumber( - node.mkcp_writeBufferSize), + writeBufferSize = tonumber(node.mkcp_writeBufferSize), + seed = (node.mkcp_seed and node.mkcp_seed ~= "") and node.mkcp_seed or nil, header = {type = node.mkcp_guise} } or nil, wsSettings = (node.transport == "ws") and { path = node.ws_path or "", - headers = (node.ws_host ~= nil) and - {Host = node.ws_host} or nil + headers = (node.ws_host ~= nil) and {Host = node.ws_host} or nil + } or nil, + httpSettings = (node.transport == "h2") and { + path = node.h2_path, host = node.h2_host + } or nil, + dsSettings = (node.transport == "ds") and { + path = node.ds_path } or nil, - httpSettings = (node.transport == "h2") and - {path = node.h2_path, host = node.h2_host} or - nil, - dsSettings = (node.transport == "ds") and - {path = node.ds_path} or nil, quicSettings = (node.transport == "quic") and { security = node.quic_security, key = node.quic_key, @@ -165,6 +162,12 @@ function gen_config(user) } or nil } } + + if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then + transit_node.streamSettings.security = "none" + transit_node.streamSettings.tlsSettings = nil + end + table.insert(outbounds, 1, transit_node) end end @@ -214,6 +217,7 @@ function gen_config(user) congestion = (user.mkcp_congestion == "1") and true or false, readBufferSize = tonumber(user.mkcp_readBufferSize), writeBufferSize = tonumber(user.mkcp_writeBufferSize), + seed = (user.mkcp_seed and user.mkcp_seed ~= "") and user.mkcp_seed or nil, header = {type = user.mkcp_guise} } or nil, wsSettings = (user.transport == "ws") and { @@ -238,5 +242,11 @@ function gen_config(user) outbounds = outbounds, routing = routing } + + if user.transport == "mkcp" or user.transport == "ds" or user.transport == "quic" then + user.streamSettings.security = "none" + user.streamSettings.tlsSettings = nil + end + return config end diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua index 27bd046fcf..eca29b7291 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua @@ -294,26 +294,35 @@ for a, t in ipairs(header_type_list) do mkcp_guise:value(t) end mkcp_guise:depends("transport", "mkcp") mkcp_mtu = s:option(Value, "mkcp_mtu", translate("KCP MTU")) +mkcp_mtu.default = "1350" mkcp_mtu:depends("transport", "mkcp") mkcp_tti = s:option(Value, "mkcp_tti", translate("KCP TTI")) +mkcp_tti.default = "20" mkcp_tti:depends("transport", "mkcp") mkcp_uplinkCapacity = s:option(Value, "mkcp_uplinkCapacity", translate("KCP uplinkCapacity")) +mkcp_uplinkCapacity.default = "5" mkcp_uplinkCapacity:depends("transport", "mkcp") mkcp_downlinkCapacity = s:option(Value, "mkcp_downlinkCapacity", translate("KCP downlinkCapacity")) +mkcp_downlinkCapacity.default = "20" mkcp_downlinkCapacity:depends("transport", "mkcp") mkcp_congestion = s:option(Flag, "mkcp_congestion", translate("KCP Congestion")) mkcp_congestion:depends("transport", "mkcp") mkcp_readBufferSize = s:option(Value, "mkcp_readBufferSize", translate("KCP readBufferSize")) +mkcp_readBufferSize.default = "1" mkcp_readBufferSize:depends("transport", "mkcp") mkcp_writeBufferSize = s:option(Value, "mkcp_writeBufferSize", translate("KCP writeBufferSize")) +mkcp_writeBufferSize.default = "1" mkcp_writeBufferSize:depends("transport", "mkcp") +mkcp_seed = s:option(Value, "mkcp_seed", translate("KCP Seed")) +mkcp_seed:depends("transport", "mkcp") + -- [[ WebSocket部分 ]]-- ws_host = s:option(Value, "ws_host", translate("WebSocket Host")) diff --git a/package/lienol/luci-app-passwall/luasrc/view/passwall/rule/brook_version.htm b/package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/brook_version.htm similarity index 100% rename from package/lienol/luci-app-passwall/luasrc/view/passwall/rule/brook_version.htm rename to package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/brook_version.htm diff --git a/package/lienol/luci-app-passwall/luasrc/view/passwall/rule/kcptun_version.htm b/package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/kcptun_version.htm similarity index 100% rename from package/lienol/luci-app-passwall/luasrc/view/passwall/rule/kcptun_version.htm rename to package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/kcptun_version.htm diff --git a/package/lienol/luci-app-passwall/luasrc/view/passwall/rule/trojan_go_version.htm b/package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/trojan_go_version.htm similarity index 100% rename from package/lienol/luci-app-passwall/luasrc/view/passwall/rule/trojan_go_version.htm rename to package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/trojan_go_version.htm diff --git a/package/lienol/luci-app-passwall/luasrc/view/passwall/rule/v2ray_version.htm b/package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/v2ray_version.htm similarity index 100% rename from package/lienol/luci-app-passwall/luasrc/view/passwall/rule/v2ray_version.htm rename to package/lienol/luci-app-passwall/luasrc/view/passwall/app_update/v2ray_version.htm diff --git a/package/lienol/luci-app-passwall/po/zh-cn/passwall.po b/package/lienol/luci-app-passwall/po/zh-cn/passwall.po index c411319c63..097283d997 100644 --- a/package/lienol/luci-app-passwall/po/zh-cn/passwall.po +++ b/package/lienol/luci-app-passwall/po/zh-cn/passwall.po @@ -67,8 +67,8 @@ msgstr "负载均衡" msgid "Enter interface" msgstr "进入界面" -msgid "Rule Update" -msgstr "自动更新" +msgid "Rule" +msgstr "规则" msgid "Access control" msgstr "访问控制" @@ -586,9 +586,6 @@ msgstr "在浏览器输入路由IP加端口访问,如:192.168.1.1:1188" msgid "Haproxy Port" msgstr "负载均衡端口" -msgid "Load Balancing Setting" -msgstr "负载均衡设置" - msgid "Add a node, Export Of Multi WAN Only support Multi Wan. Load specific gravity range 1-256. Multiple primary servers can be load balanced, standby will only be enabled when the primary server is offline! Multiple groups can be set, Haproxy port same one for each group." msgstr "添加节点,指定出口功能是为多WAN用户准备的。负载比重范围1-256。多个主服务器可以负载均衡,备用只有在主服务器离线时才会启用!可以设置多个组,负载均衡端口相同则为一组。" diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh index 8ef83f2d6d..d10b86f09e 100755 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh @@ -95,8 +95,8 @@ hosts_foreach() { [ -z "${__hosts}" ] && return 0 local __ip __port for __host in $(echo $__hosts | sed 's/[ ,]/\n/g'); do - __ip=$(echo $__host | sed -n 's/\(^[^:#]*\).*$/\1/p') - [ -n "${__default_port}" ] && __port=$(echo $__host | sed -n 's/^[^:#]*[:#]\([0-9]*\).*$/\1/p') + __port=$(echo $__host | sed -n 's/^.*[:#]\(^[0-9]*\)$/\1/p') + __ip="${__host%%${__port:+[:#]${__port}*}}" eval "$__func \"${__host}\" \"\${__ip}\" \"\${__port:-${__default_port}}\" $@" __ret=$? [ ${__ret} -ge ${ERROR_NO_CATCH:-1} ] && return ${__ret} @@ -278,7 +278,7 @@ run_socks() { local port=$(config_n_get $node port) local msg - echolog "分析 Socks 服务 ${bind}:${local_port} 的代理服务器配置...." + echolog " 启用 ${bind}:${local_port}" if [ -n "$server_host" ] && [ -n "$port" ]; then server_host=$(echo $server_host | sed 's/^\(https:\/\/\|http:\/\/\)//g' | awk -F '/' '{print $1}') [ -n "$(echo -n $server_host | awk '{print gensub(/[!-~]/,"","g",$0)}')" ] && msg="$remarks,非法的代理服务器地址,无法启动 !" @@ -287,13 +287,13 @@ run_socks() { fi [ -n "${msg}" ] && { - echolog ${msg} + echolog " ${msg}" return 1 } - echolog "使用代理服务器:$remarks,地址:${server_host}:${port}" + echolog " 节点:$remarks,${server_host}:${port}" if [ "$type" == "socks" ]; then - echolog "Socks节点不能使用Socks代理节点!" + echolog " 不能使用 Socks 类型的代理节点" elif [ "$type" == "v2ray" ]; then lua $API_GEN_V2RAY $node nil nil $local_port > $config_file ln_start_bin $(config_t_get global_app v2ray_file $(find_bin v2ray))/v2ray v2ray "-config=$config_file" @@ -314,11 +314,6 @@ run_socks() { lua $API_GEN_SS $node $local_port > $config_file ln_start_bin $(find_bin ${type}-local) ${type}-local "-c $config_file -b $bind -u" fi - - msg="此 Sock 服务启动失败!" - netstat -netplu | grep ":${local_port} " - [ $? -eq 0 ] && msg="看起来这个 Socks 服务已经成功开启了。" - echolog $msg } run_redir() { @@ -488,6 +483,7 @@ start_redir() { start_socks() { local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') + echolog "分析 Socks 服务的节点配置..." for id in $ids; do local enabled=$(config_n_get $id enabled 0) [ "$enabled" == "0" ] && continue @@ -732,6 +728,7 @@ gen_pdnsd_config() { local perm_cache=2048 local _cache="on" [ "$DNS_CACHE" == "0" ] && _cache="off" && perm_cache=0 + echolog "准备 pdnsd 配置文件..." cat > $pdnsd_dir/pdnsd.conf <<-EOF global { perm_cache = $perm_cache; @@ -754,8 +751,8 @@ gen_pdnsd_config() { EOF append_pdnsd_updns() { - [ -z "${2}" ] && echolog "略过错误配置的 DNS : [${1}]" && return 0 - echolog "配置 pdnsd 的上游DNS[${2}:${3}]" + [ -z "${2}" ] && echolog " 略过错误 : [${1}]" && return 0 + echolog " 上游DNS[${2}:${3}]" cat >> $pdnsd_dir/pdnsd.conf <<-EOF server { label = "node-${2}_${3}"; @@ -936,6 +933,7 @@ start() { add_dnsmasq source $APP_PATH/iptables.sh start /etc/init.d/dnsmasq restart >/dev/null 2>&1 + echolog "重启 dnsmasq 服务[$?]" } start_crontab echolog "运行完成!\n" @@ -953,6 +951,7 @@ stop() { stop_crontab del_dnsmasq /etc/init.d/dnsmasq restart >/dev/null 2>&1 + echolog "重启 dnsmasq 服务[$?]" echolog "清空并关闭相关程序和缓存完成。" } diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh index d7fe10e5fe..81218b16cf 100755 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh @@ -30,6 +30,19 @@ comment() { echo "-m comment --comment '$1'" } +RULE_LAST_INDEX() { + [ $# -ge 3 ] || { + echolog "索引列举方式不正确(iptables),终止执行!" + exit 1 + } + local ipt_tmp=${1}; shift + local chain=${1}; shift + local list=${1}; shift + local default=${1:-0}; shift + local _index=$($ipt_tmp -n -L $chain --line-numbers 2>/dev/null | grep "$list" | sed -n '$p' | awk '{print $1}') + echo "${_index:-${default}}" +} + REDIRECT() { local redirect="-j REDIRECT --to-ports $1" [ "$2" == "TPROXY" ] && redirect="-j TPROXY --tproxy-mark 0x1/0x1 --on-port $1" @@ -136,7 +149,12 @@ load_acl() { [ "$TCP_NODE" != "nil" ] && { eval TCP_NODE_TYPE=$(echo $(config_n_get $TCP_NODE type) | tr 'A-Z' 'a-z') local is_tproxy - [ "$TCP_NODE_TYPE" == "brook" -a "$(config_n_get $TCP_NODE brook_protocol client)" == "client" ] && ipt_tmp=$ipt_m && is_tproxy="TPROXY" + if [ "$TCP_NODE_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE brook_protocol client)" == "client" ]; then + echolog "为 brook 启用 TCP TPROXY 模式" + ipt_tmp=$ipt_m && is_tproxy="TPROXY" + else + echolog "使用 TCP FORWARD 模式" + fi [ "$tcp_no_redir_ports" != "disable" ] && $ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN eval tcp_port=\$TCP_REDIR_PORT$tcp_node $ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy) @@ -149,6 +167,7 @@ load_acl() { [ "$udp_proxy_mode" != "disable" ] && { [ "$UDP_NODE" != "nil" ] && { + echolog "UDP 代理启用 TPROXY 模式" eval udp_port=\$UDP_REDIR_PORT$udp_node [ "$udp_no_redir_ports" != "disable" ] && $ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN $ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY) @@ -165,7 +184,12 @@ load_acl() { [ "$TCP_NODE1" != "nil" -a "$TCP_PROXY_MODE" != "disable" ] && { local TCP_NODE1_TYPE=$(echo $(config_n_get $TCP_NODE1 type) | tr 'A-Z' 'a-z') local is_tproxy - [ "$TCP_NODE1_TYPE" == "brook" -a "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ] && ipt_tmp=$ipt_m && is_tproxy="TPROXY" + if [ "$TCP_NODE1_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ]; then + ipt_tmp=$ipt_m && is_tproxy="TPROXY" + echolog "为 brook TCP默认代理启用 TPROXY 模式!" + else + echolog "TCP默认代理使用 FORWARD 模式" + fi [ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN $ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT1 $is_tproxy) $ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $TCP_PROXY_MODE $TCP_REDIR_PORT1 $is_tproxy) @@ -174,11 +198,12 @@ load_acl() { echolog "TCP默认代理模式:$(get_action_chain_name $TCP_PROXY_MODE)" # 加载UDP默认代理模式 - [ "$UDP_NODE1" != "nil" -a "$UDP_PROXY_MODE" != "disable" ] && { + if [ "$UDP_NODE1" != "nil" ] && [ "$UDP_PROXY_MODE" != "disable" ]; then + echolog "UDP默认代理使用 TPROXY 模式" [ "$UDP_NO_REDIR_PORTS" != "disable" ] && $ipt_m -A PSW $(comment "默认") -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT1 TPROXY) $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $UDP_PROXY_MODE $UDP_REDIR_PORT1 TPROXY) - } + fi $ipt_m -A PSW $(comment "默认") -p udp -j RETURN echolog "UDP默认代理模式:$(get_action_chain_name $UDP_PROXY_MODE)" } @@ -187,71 +212,87 @@ filter_vpsip() { echolog "开始过滤所有节点到白名单" uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R #uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIP6LIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - echolog "过滤所有节点完成" + echolog "过滤所有节点直接 IP 地址完成" } filter_node() { + local proxy_node=${1} stream=$(echo ${2} | tr 'A-Z' 'a-z') + local proxy_port=${3} filter_rules() { - [ -n "$1" ] && [ "$1" != "nil" ] && { - local type=$(echo $(config_n_get $1 type) | tr 'A-Z' 'a-z') - local i=$ipt_n - [ "$2" == "udp" ] || [ "$type" == "brook" -a "$(config_n_get $1 brook_protocol client)" == "client" ] && i=$ipt_m - local address=$(config_n_get $1 address) - local port=$(config_n_get $1 port) - - if [ -n "$3" ] && [ "$3" == "1" ] && [ -n "$4" ]; then - is_exist=$($i -n -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port") - [ "$is_exist" == 0 ] && { - if [ "$i" == "$ipt_m" ]; then - $i -I PSW_OUTPUT 2 $(comment "$address:$port") -p $2 -d $address --dport $port $(REDIRECT 1 MARK) - else - $i -I PSW_OUTPUT 2 $(comment "$address:$port") -p $2 -d $address --dport $port $(REDIRECT $4) - fi - } - else - is_exist=$($i -n -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port") - [ "$is_exist" == 0 ] && { - local ADD_INDEX=2 - local INDEX=$($i -n -L PSW_OUTPUT --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}') - [ -n "$INDEX" ] && ADD_INDEX=$INDEX - $i -I PSW_OUTPUT $ADD_INDEX $(comment "$address:$port") -p $2 -d $address --dport $port -j RETURN - } + local msg node=${1} stream=${2} + local _proxy=${3} _port=${4} + if [ -n "$node" ] && [ "$node" != "nil" ]; then + local type=$(echo $(config_n_get $node type) | tr 'A-Z' 'a-z') + local address=$(config_n_get $node address) + local port=$(config_n_get $node port) + local ipt_tmp=$ipt_n + if [ "$stream" == "udp" ] || [ "$type" == "brook" -a "$(config_n_get $node brook_protocol client)" == "client" ]; then + ipt_tmp=$ipt_m + echolog " 为 udp 或 brook 启用 TPROXY 模式" fi - } + else + echolog " 节点配置不正常,略过" + return 0 + fi + + local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" PSW_OUT_PUT "$IPSET_VPSIPLIST" 2) + $ipt_tmp -n -L PSW_OUTPUT | grep -q "${address}:${port}" + if [ $? -ne 0 ]; then + local dst_rule=$(REDIRECT 1 MARK) + msg="按规则路由" + [ "$ipt_tmp" == "$ipt_m" ] || { + dst_rule=$(REDIRECT $_port) + msg="套娃使用" + } + [ -n "$_proxy" ] && [ "$_proxy" == "1" ] && [ -n "$_port" ] || { + dst_rule=" -j RETURN" + msg="直连代理" + } + $ipt_tmp -I PSW_OUTPUT $ADD_INDEX $(comment "${address}:${port}") -p $stream -d $address --dport $port $dst_rule + else + msg="转发条目已存在,略过" + fi + msg="${msg}[$?],节点(${type}):${address}:${port}" + echolog " $msg" } - local v2ray_protocol=$(config_n_get $1 protocol) - if [ "$v2ray_protocol" == "_shunt" ]; then - local default_node=$(config_n_get $1 default_node nil) - filter_rules $default_node $2 + local proxy_protocol=$(config_n_get $proxy_node protocol) + local proxy_type=$(echo $(config_n_get $proxy_node type nil) | tr 'A-Z' 'a-z') + [ "$proxy_type" == "nil" ] && echolog " 节点配置不正常,略过!:${proxy_node}" && return 0 + if [ "$proxy_protocol" == "_shunt" ]; then + echolog " 按请求目的地址分流(${proxy_type})..." + local default_node=$(config_n_get $proxy_node default_node nil) + filter_rules $default_node $stream local default_node_address=$(get_host_ip ipv4 $(config_n_get $default_node address) 1) local default_node_port=$(config_n_get $default_node port) local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') for shunt_id in $shunt_ids; do - local _proxy=$(config_n_get $1 "${shunt_id}_proxy" 0) - local _node=$(config_n_get $1 "${shunt_id}" nil) - [ "$_proxy" == 1 ] && { - local _node_address=$(get_host_ip ipv4 $(config_n_get $_node address) 1) - local _node_port=$(config_n_get $_node port) - [ "$_node_address" == "$default_node_address" ] && [ "$_node_port" == "$default_node_port" ] && { - _proxy=0 + local shunt_proxy=$(config_n_get $proxy_node "${shunt_id}_proxy" 0) + local shunt_node=$(config_n_get $proxy_node "${shunt_id}" nil) + [ "$shunt_proxy" == 1 ] && { + local shunt_node_address=$(get_host_ip ipv4 $(config_n_get $shunt_node address) 1) + local shunt_node_port=$(config_n_get $shunt_node port) + [ "$shunt_node_address" == "$default_node_address" ] && [ "$shunt_node_port" == "$default_node_port" ] && { + shunt_proxy=0 } } - filter_rules $(config_n_get $1 $shunt_id) $2 $_proxy $3 + filter_rules "$(config_n_get $proxy_node $shunt_id)" "$stream" "$shunt_proxy" "$proxy_port" done - elif [ "$v2ray_protocol" == "_balancing" ]; then - local balancing_node=$(config_n_get $1 balancing_node) - for node_id in $balancing_node - do - filter_rules $node_id $2 + elif [ "$proxy_protocol" == "_balancing" ]; then + echolog " 多节点负载均衡(${proxy_type})..." + proxy_node=$(config_n_get $proxy_node balancing_node) + for _node in $proxy_node; do + filter_rules "$_node" "$stream" done else - filter_rules $1 $2 + echolog " 普通节点(${proxy_type})..." + filter_rules "$proxy_node" "$stream" fi } dns_hijack() { $ipt_n -I PSW -p udp --dport 53 -j REDIRECT --to-ports 53 + echolog "强制转发本机DNS端口 UDP/53 的请求[$?]" } add_firewall_rule() { @@ -272,16 +313,20 @@ add_firewall_rule() { EOF # 忽略特殊IP段 + local lan_ifname lan_ip lan_ifname=$(uci -q -p /var/state get network.lan.ifname) [ -n "$lan_ifname" ] && { lan_ip=$(ip address show $lan_ifname | grep -w "inet" | awk '{print $2}') + echolog "本机网段互访直连:${lan_ip}" [ -n "$lan_ip" ] && ipset -! add $IPSET_LANIPLIST $lan_ip >/dev/null 2>&1 & } - ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1) + local ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1) [ -n "$ISP_DNS" ] && { + echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do ipset -! add $IPSET_WHITELIST $ispip >/dev/null 2>&1 & + echolog " 追加到白名单:${ispip}" done } @@ -311,27 +356,6 @@ add_firewall_rule() { ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 - # 过滤Socks节点 - local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') - for id in $ids; do - local enabled=$(config_n_get $id enabled 0) - [ "$enabled" == "0" ] && continue - local node=$(config_n_get $id node nil) - if [ "$(echo $node | grep ^tcp)" ]; then - local num=$(echo $node | sed "s/tcp//g") - eval node=\$TCP_NODE$num - fi - [ "$node" == "nil" ] && continue - filter_node $node tcp - filter_node $node udp - done - - for i in $(seq 1 $TCP_NODE_NUM); do - eval node=\$TCP_NODE$i - eval port=\$TCP_REDIR_PORT$i - [ "$node" != "nil" ] && filter_node $node tcp $port - done - # 加载路由器自身代理 TCP if [ "$TCP_NODE1" != "nil" ]; then local ipt_tmp=$ipt_n @@ -340,7 +364,9 @@ add_firewall_rule() { local blist_r=$(REDIRECT $TCP_REDIR_PORT1) local p_r=$(get_redirect_ipt $LOCALHOST_TCP_PROXY_MODE $TCP_REDIR_PORT1) TCP_NODE1_TYPE=$(echo $(config_n_get $TCP_NODE1 type) | tr 'A-Z' 'a-z') + echolog "加载路由器自身 TCP 代理..." if [ "$TCP_NODE1_TYPE" == "brook" ] && [ "$(config_n_get $TCP_NODE1 brook_protocol client)" == "client" ]; then + echolog " 为 brook 启用 TCP TPROXY 模式" ipt_tmp=$ipt_m dns_l="PSW" dns_r="$(REDIRECT $TCP_REDIR_PORT1 TPROXY)" @@ -350,66 +376,122 @@ add_firewall_rule() { _proxy_tcp_access() { [ -n "${2}" ] || return 0 ipset test $IPSET_LANIPLIST ${2} 2>/dev/null - [ $? == 0 ] && return 0 - $ipt_tmp -I $dns_l 2 -p tcp -d ${2} --dport ${3} $dns_r - [ "$ipt_tmp" == "$ipt_m" ] && $ipt_tmp -I PSW_OUTPUT 2 -p tcp -d ${2} --dport ${3} $(REDIRECT 1 MARK) + [ $? -eq 0 ] && { + echolog " 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 TCP 代理转发对该服务器 TCP/${3} 端口的访问" + return 0 + } + local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" "$dns_l" "$IPSET_VPSIPLIST" 2) + $ipt_tmp -I $dns_l $ADD_INDEX -p tcp -d ${2} --dport ${3} $dns_r + [ "$ipt_tmp" == "$ipt_m" ] && $ipt_tmp -I PSW_OUTPUT $ADD_INDEX -p tcp -d ${2} --dport ${3} $(REDIRECT 1 MARK) + echolog " 将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 TCP 转发链${ADD_INDEX}[$?]" } [ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_tcp_access 53 $ipt_tmp -A OUTPUT -p tcp -j PSW_OUTPUT - [ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN + [ "$TCP_NO_REDIR_PORTS" != "disable" ] && { + $ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN + echolog " 按要求设置全局例外 TCP 端口[$?]:$TCP_NO_REDIR_PORTS" + } $ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $blist_r $ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $p_r fi - - local PRE_INDEX=1 - ADBYBY_INDEX=$($ipt_n -L PREROUTING --line-numbers | grep "ADBYBY" | sed -n '$p' | awk '{print $1}') - if [ -n "$ADBYBY_INDEX" ]; then - PRE_INDEX=$(expr $ADBYBY_INDEX + 1) + + local PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING ADBYBY) + if [ "$PR_INDEX" == "0" ]; then + PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING prerouting_rule) else - PR_INDEX=$($ipt_n -L PREROUTING --line-numbers | grep "prerouting_rule" | sed -n '$p' | awk '{print $1}') - [ -n "$PR_INDEX" ] && PRE_INDEX=$(expr $PR_INDEX + 1) + echolog "发现 adbyby 规则链,adbyby 规则优先..." fi - $ipt_n -I PREROUTING $PRE_INDEX -p tcp -j PSW + PR_INDEX=$((PR_INDEX + 1)) + $ipt_n -I PREROUTING $PR_INDEX -p tcp -j PSW + echolog "使用链表 PREROUTING 排列索引${PR_INDEX}[$?]" if [ "$PROXY_IPV6" == "1" ]; then + local msg="IPv6 配置不当,无法代理" [ -n "$lan_ifname" ] && { lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段 [ -n "$lan_ipv6" ] && { $ip6t_n -N PSW $ip6t_n -A PREROUTING -j PSW + msg="接管 IPv6 流量[$?]" [ -n "$lan_ipv6" ] && { for ip in $lan_ipv6; do $ip6t_n -A PSW -d $ip -j RETURN done } - [ "$use_ipv6" == "1" -a -n "$server_ip" ] && $ip6t_n -A PSW -d $server_ip -j RETURN + [ "$use_ipv6" == "1" ] && [ -n "$server_ip" ] && $ip6t_n -A PSW -d $server_ip -j RETURN $ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT1) #$ip6t_n -I OUTPUT -p tcp -j PSW + msg="${msg},转发 IPv6 TCP 流量到节点1[$?]" } } + echolog "$msg" fi - - for i in $(seq 1 $UDP_NODE_NUM); do - eval node=\$UDP_NODE$i - eval port=\$UDP_REDIR_PORT$i - [ "$node" == "tcp" ] && eval node=\$TCP_NODE$i && eval port=\$TCP_REDIR_PORT$i - [ "$node" != "nil" ] && filter_node $node udp $port + + # 过滤Socks节点 + local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') + echolog "分析 Socks 服务所使用节点..." + for id in $ids; do + local enabled=$(config_n_get $id enabled 0) + [ "$enabled" == "1" ] || continue + local node=$(config_n_get $id node nil) + local port=$(config_n_get $id port 0) + local msg="Socks 服务 [:${port}]" + if [ "$node" == "nil" ] || [ "$port" == "0" ]; then + msg="${msg} 未配置完全,略过" + elif [ "$(echo $node | grep ^tcp)" ]; then + local num=$(echo $node | sed "s/tcp//g") + eval "node=\${TCP_NODE$num}" + msg="${msg} 使用与 TCP 代理自动切换${num} 相同的节点,延后处理" + else + filter_node $node tcp + filter_node $node udp + fi + echolog " $msg[$?]" + done + + # 处理轮换节点的分流或套娃 + local node port stream + for stream in TCP UDP; do + for switch in $(eval "seq 1 \${${stream}_NODE_NUM}"); do + eval "node=\${${stream}_NODE$switch}" + eval "port=\${${stream}_REDIR_PORT$switch}" + echolog "分析 $stream 代理自动切换$switch..." + [ "$node" == "tcp" ] && [ "$stream" == "UDP" ] && { + eval "node=\${TCP_NODE$switch}" + eval "port=\${TCP_REDIR_PORT$switch}" + echolog " 采用 TCP 代理的配置" + } + + if [ "$node" != "nil" ]; then + filter_node $node $stream $port + else + echolog " 忽略无效的 $stream 代理自动切换$switch" + fi + done done # 加载路由器自身代理 UDP if [ "$UDP_NODE1" != "nil" ]; then + echolog "加载路由器自身 UDP 代理..." local UDP_NODE1_TYPE=$(echo $(config_n_get $UDP_NODE1 type) | tr 'A-Z' 'a-z') _proxy_udp_access() { [ -n "${2}" ] || return 0 ipset test $IPSET_LANIPLIST ${2} 2>/dev/null - [ $? == 0 ] && return 0 - local ADD_INDEX=2 + [ $? == 0 ] && { + echolog " 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 UDP 代理转发对该服务器 UDP/${3} 端口的访问" + return 0 + } + local ADD_INDEX=$(RULE_LAST_INDEX "$ipt_tmp" "$dns_l" "$IPSET_VPSIPLIST" 2) $ipt_m -I PSW $ADD_INDEX -p udp -d ${2} --dport ${3} $(REDIRECT $UDP_REDIR_PORT1 TPROXY) $ipt_m -I PSW_OUTPUT $ADD_INDEX -p udp -d ${2} --dport ${3} $(REDIRECT 1 MARK) + echolog " 将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链${ADD_INDEX}[$?]" } [ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_udp_access 53 $ipt_m -A OUTPUT -p udp -j PSW_OUTPUT - [ "$UDP_NO_REDIR_PORTS" != "disable" ] && $ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN + [ "$UDP_NO_REDIR_PORTS" != "disable" ] && { + $ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN + echolog " 按要求配置例外 UDP 端口[$?]:$UDP_NO_REDIR_PORTS" + } $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK) $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $LOCALHOST_UDP_PROXY_MODE 1 MARK) fi diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_host b/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_host index f3f716ef58..a59a361d67 100644 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_host +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_host @@ -49,6 +49,8 @@ fox.com gamer.com.tw ggpht.com github-production-release-asset-2e65be.s3.amazonaws.com +githubapp.com +githubassets.com github.com github.io githubusercontent.com diff --git a/package/ntlf9t/luci-app-clash/luasrc/model/cbi/clash/update/update.lua b/package/ntlf9t/luci-app-clash/luasrc/model/cbi/clash/update/update.lua index 22daeaf78d..594d28f53d 100644 --- a/package/ntlf9t/luci-app-clash/luasrc/model/cbi/clash/update/update.lua +++ b/package/ntlf9t/luci-app-clash/luasrc/model/cbi/clash/update/update.lua @@ -24,13 +24,13 @@ sul.addremove=false o = sul:option(FileUpload, "") o.description =''..font_red..bold_on..translate("Manually download, unzip and rename clash core from links below and upload")..bold_off..font_off..' ' .."
" -..translate("Dreamacro clash tun core (dtun) - (https://github.com/Dreamacro/clash/releases/tag/premium)") +..translatef("" .. "Dreamacro clash core - clash", translate("https://github.com/Dreamacro/clash/releases/latest")) .."
" -..translate("Dreamacro clash core - (https://github.com/Dreamacro/clash/releases)") +..translatef("" .. "Frainzy1477 clashr core - clash", translate("https://github.com/frainzy1477/clash_dev/releases/latest")) .."
" -..translate("comzyh clash tun core (ctun) - (https://github.com/comzyh/clash/releases)") +..translatef("" .. "comzyh clash tun core - clash(ctun)", translate("https://github.com/comzyh/clash/releases/latest")) .."
" -..translate("Frainzy1477 clash core - (https://github.com/frainzy1477/clash_dev/releases)") +..translatef("" .. "Dreamacro clash tun core - clash(premium)", translate("https://github.com/Dreamacro/clash/releases/tag/premium")) o.title = translate(" ")