luci-app-vssr: bump to v1.13
This commit is contained in:
CN_SZTL
parent
b70213ea1c
commit
d897d20955
@ -1,34 +1,40 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-vssr
|
||||
PKG_VERSION:=1.12
|
||||
PKG_RELEASE:=20200822
|
||||
|
||||
PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks
|
||||
PKG_VERSION:=1.13
|
||||
PKG_RELEASE:=20200823
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/$(PKG_NAME)/config
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin
|
||||
bool "Include Shadowsocks V2ray Plugin"
|
||||
default y if i386||x86_64||arm||aarch64
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray
|
||||
bool "Include V2ray"
|
||||
default y
|
||||
default y if i386||x86_64||arm||aarch64
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan
|
||||
bool "Include Trojan"
|
||||
default y
|
||||
default y if i386||x86_64||arm||aarch64
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun
|
||||
bool "Include Kcptun"
|
||||
default n
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server
|
||||
bool "Include ShadowsocksR Server"
|
||||
default n
|
||||
|
||||
config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks
|
||||
bool "Include ShadowsocksR Socks and Tunnel"
|
||||
default y
|
||||
default y if i386||x86_64||arm||aarch64
|
||||
endef
|
||||
|
||||
PKG_CONFIG_DEPENDS:= \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Trojan \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server
|
||||
|
||||
define Package/luci-app-vssr
|
||||
SECTION:=luci
|
||||
CATEGORY:=LuCI
|
||||
@ -36,11 +42,13 @@ define Package/luci-app-vssr
|
||||
TITLE:=A New SS/SSR/V2Ray/Trojan LuCI interface
|
||||
PKGARCH:=all
|
||||
DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +bash +pdnsd-alt +wget +luasocket +coreutils-nohup +lua-maxminddb \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \
|
||||
+shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:ipt2socks \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks:shadowsocksr-libev-ssr-local
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \
|
||||
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server
|
||||
endef
|
||||
|
||||
define Build/Prepare
|
||||
|
||||
@ -18,34 +18,85 @@ end
|
||||
|
||||
local server_table = {}
|
||||
local encrypt_methods = {
|
||||
"none", "table", "rc4", "rc4-md5-6", "rc4-md5", "aes-128-cfb",
|
||||
"aes-192-cfb", "aes-256-cfb", "aes-128-ctr", "aes-192-ctr", "aes-256-ctr",
|
||||
"bf-cfb", "camellia-128-cfb", "camellia-192-cfb", "camellia-256-cfb",
|
||||
"cast5-cfb", "des-cfb", "idea-cfb", "rc2-cfb", "seed-cfb", "salsa20",
|
||||
"chacha20", "chacha20-ietf"
|
||||
"none",
|
||||
"table",
|
||||
"rc4",
|
||||
"rc4-md5-6",
|
||||
"rc4-md5",
|
||||
"aes-128-cfb",
|
||||
"aes-192-cfb",
|
||||
"aes-256-cfb",
|
||||
"aes-128-ctr",
|
||||
"aes-192-ctr",
|
||||
"aes-256-ctr",
|
||||
"bf-cfb",
|
||||
"camellia-128-cfb",
|
||||
"camellia-192-cfb",
|
||||
"camellia-256-cfb",
|
||||
"cast5-cfb",
|
||||
"des-cfb",
|
||||
"idea-cfb",
|
||||
"rc2-cfb",
|
||||
"seed-cfb",
|
||||
"salsa20",
|
||||
"chacha20",
|
||||
"chacha20-ietf",
|
||||
}
|
||||
|
||||
local encrypt_methods_ss = {
|
||||
-- aead
|
||||
"aes-128-gcm", "aes-192-gcm", "aes-256-gcm", "chacha20-ietf-poly1305",
|
||||
"xchacha20-ietf-poly1305", -- stream
|
||||
"table", "rc4", "rc4-md5", "aes-128-cfb", "aes-192-cfb", "aes-256-cfb",
|
||||
"aes-128-ctr", "aes-192-ctr", "aes-256-ctr", "bf-cfb", "camellia-128-cfb",
|
||||
"camellia-192-cfb", "camellia-256-cfb", "salsa20", "chacha20",
|
||||
"chacha20-ietf"
|
||||
-- aead
|
||||
"aes-128-gcm",
|
||||
"aes-192-gcm",
|
||||
"aes-256-gcm",
|
||||
"chacha20-ietf-poly1305",
|
||||
"xchacha20-ietf-poly1305",
|
||||
-- stream
|
||||
"table",
|
||||
"rc4",
|
||||
"rc4-md5",
|
||||
"aes-128-cfb",
|
||||
"aes-192-cfb",
|
||||
"aes-256-cfb",
|
||||
"aes-128-ctr",
|
||||
"aes-192-ctr",
|
||||
"aes-256-ctr",
|
||||
"bf-cfb",
|
||||
"camellia-128-cfb",
|
||||
"camellia-192-cfb",
|
||||
"camellia-256-cfb",
|
||||
"salsa20",
|
||||
"chacha20",
|
||||
"chacha20-ietf",
|
||||
}
|
||||
|
||||
local protocol = {
|
||||
"origin", "verify_deflate", "auth_sha1_v4", "auth_aes128_sha1",
|
||||
"auth_aes128_md5", "auth_chain_a", "auth_chain_b", "auth_chain_c",
|
||||
"auth_chain_d", "auth_chain_e", "auth_chain_f"
|
||||
"origin",
|
||||
"verify_deflate",
|
||||
"auth_sha1_v4",
|
||||
"auth_aes128_sha1",
|
||||
"auth_aes128_md5",
|
||||
"auth_chain_a",
|
||||
"auth_chain_b",
|
||||
"auth_chain_c",
|
||||
"auth_chain_d",
|
||||
"auth_chain_e",
|
||||
"auth_chain_f",
|
||||
}
|
||||
|
||||
obfs = {
|
||||
"plain", "http_simple", "http_post", "random_head", "tls1.2_ticket_auth"
|
||||
"plain",
|
||||
"http_simple",
|
||||
"http_post",
|
||||
"random_head",
|
||||
"tls1.2_ticket_auth",
|
||||
}
|
||||
local securitys = {
|
||||
"auto",
|
||||
"none",
|
||||
"aes-128-gcm",
|
||||
"chacha20-poly1305"
|
||||
}
|
||||
|
||||
local securitys = {"auto", "none", "aes-128-gcm", "chacha20-poly1305"}
|
||||
|
||||
m = Map(vssr, translate("Edit vssr Server"))
|
||||
m.redirect = luci.dispatcher.build_url("admin/services/vssr/servers")
|
||||
@ -81,7 +132,7 @@ o.description = translate(
|
||||
|
||||
o = s:option(Value, "alias", translate("Alias(optional)"))
|
||||
|
||||
o = s:option(Value, "flag", translate("Area"))
|
||||
o = s:option(Value, "flag", translate("Country"))
|
||||
o.description = translate("请自己指定。格式:cn us hk 等")
|
||||
o.rmempty = true
|
||||
|
||||
@ -120,6 +171,16 @@ for _, v in ipairs(encrypt_methods_ss) do o:value(v) end
|
||||
o.rmempty = true
|
||||
o:depends("type", "ss")
|
||||
|
||||
-- Shadowsocks Plugin
|
||||
o = s:option(Value, "plugin", translate("Plugin"))
|
||||
o.rmempty = true
|
||||
o:depends("type", "ss")
|
||||
|
||||
o = s:option(Value, "plugin_opts", translate("Plugin Opts"))
|
||||
o.rmempty = true
|
||||
o:depends("type", "ss")
|
||||
|
||||
|
||||
o = s:option(ListValue, "protocol", translate("Protocol"))
|
||||
for _, v in ipairs(protocol) do o:value(v) end
|
||||
o.rmempty = true
|
||||
@ -133,26 +194,7 @@ for _, v in ipairs(obfs) do o:value(v) end
|
||||
o.rmempty = true
|
||||
o:depends("type", "ssr")
|
||||
|
||||
o = s:option(Flag, "v2ray_plugin", translate("V2ray-plugin"))
|
||||
o.rmempty = false
|
||||
o:depends("type", "ss")
|
||||
|
||||
o = s:option(Value, "obfs_transport", translate("V2ray-plugin-transport"))
|
||||
o.rmempty = true
|
||||
o.default = "ws"
|
||||
o:depends("v2ray_plugin", "1")
|
||||
|
||||
o = s:option(Value, "obfs_host", translate("V2ray-plugin-host"))
|
||||
o.rmempty = true
|
||||
o:depends("v2ray_plugin", "1")
|
||||
|
||||
o = s:option(Value, "obfs_path", translate("V2ray-plugin-path"))
|
||||
o.rmempty = true
|
||||
o:depends("v2ray_plugin", "1")
|
||||
|
||||
o = s:option(Flag, "obfs_opts", translate("TLS"))
|
||||
o.rmempty = false
|
||||
o:depends("v2ray_plugin", "1")
|
||||
|
||||
o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
|
||||
o:depends("type", "ssr")
|
||||
@ -321,7 +363,6 @@ o = s:option(Flag, "mux", translate("Mux"))
|
||||
o.rmempty = true
|
||||
o.default = "0"
|
||||
o:depends("type", "v2ray")
|
||||
o:depends("v2ray_plugin", "1")
|
||||
|
||||
o = s:option(Value, "concurrency", translate("Concurrency"))
|
||||
o.datatype = "uinteger"
|
||||
|
||||
@ -17,7 +17,7 @@ m = Map(vssr)
|
||||
m:section(SimpleSection).template = "vssr/status_top"
|
||||
|
||||
local server_table = {}
|
||||
local v2ray_table = {}
|
||||
|
||||
uci:foreach(vssr, "servers", function(s)
|
||||
if s.alias then
|
||||
server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias}
|
||||
@ -25,13 +25,6 @@ uci:foreach(vssr, "servers", function(s)
|
||||
server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port}
|
||||
end
|
||||
|
||||
if s.type == "v2ray" then
|
||||
if s.alias then
|
||||
v2ray_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias}
|
||||
elseif s.server and s.server_port then
|
||||
v2ray_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port}
|
||||
end
|
||||
end
|
||||
end)
|
||||
|
||||
local key_table = {}
|
||||
@ -41,15 +34,8 @@ end
|
||||
|
||||
table.sort(key_table)
|
||||
|
||||
local key_table_v2 = {}
|
||||
for key,_ in pairs(v2ray_table) do
|
||||
table.insert(key_table_v2,key)
|
||||
end
|
||||
|
||||
table.sort(key_table_v2)
|
||||
|
||||
-- [[ Global Setting ]]--
|
||||
s = m:section(TypedSection, "global",translate("Basic Settings [SS(R)|V2ray|Trojan]"))
|
||||
s = m:section(TypedSection, "global",translate("Basic Settings [SS|SSR|V2ray|Trojan]"))
|
||||
s.anonymous = true
|
||||
|
||||
o = s:option(ListValue, "global_server", translate("Main Server"))
|
||||
@ -60,51 +46,51 @@ o.rmempty = false
|
||||
|
||||
o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server"))
|
||||
o:value("", translate("Disable"))
|
||||
o:value("same", translate("Same as Global Server"))
|
||||
o:value("same", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
|
||||
o = s:option(Flag, "v2ray_flow", translate("Open v2ray split-flow"))
|
||||
o = s:option(Flag, "v2ray_flow", translate("Open v2ray route"))
|
||||
o.rmempty = false
|
||||
o.description = translate("When open v2ray split-flow,your main server must be a v2ray server")
|
||||
o.description = translate("When open v2ray routed,Apply may take more time.")
|
||||
|
||||
o = s:option(ListValue, "youtube_server", translate("Youtube Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
|
||||
|
||||
o = s:option(ListValue, "tw_video_server", translate("TaiWan Video Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
|
||||
o = s:option(ListValue, "netflix_server", translate("Netflix Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
|
||||
o = s:option(ListValue, "disney_server", translate("Diseny+ Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
|
||||
o = s:option(ListValue, "prime_server", translate("Prime Video Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
o = s:option(ListValue, "tvb_server", translate("TVB Video Proxy"))
|
||||
o:value("nil", translate("Same as Global Server"))
|
||||
for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end
|
||||
o:value("nil", translate("Same as Main Server"))
|
||||
for _,key in pairs(key_table) do o:value(key,server_table[key]) end
|
||||
o:depends("v2ray_flow", "1")
|
||||
o.default = "nil"
|
||||
|
||||
|
||||
@ -37,8 +37,8 @@ msgstr "vssr SOCK5代理运行中"
|
||||
msgid "UDP Relay Server"
|
||||
msgstr "UDP中继服务器"
|
||||
|
||||
msgid "Same as Global Server"
|
||||
msgstr "与全局服务器相同"
|
||||
msgid "Same as Main Server"
|
||||
msgstr "与主服务器相同"
|
||||
|
||||
msgid "Servers Setting"
|
||||
msgstr "服务器配置"
|
||||
@ -386,8 +386,8 @@ msgstr "通过代理更新"
|
||||
msgid "GFW List"
|
||||
msgstr "GFW列表"
|
||||
|
||||
msgid "Basic Settings [SS(R)|V2ray|Trojan]"
|
||||
msgstr "基本设置 [SS(R)|V2ray|Trojan]"
|
||||
msgid "Basic Settings [SS|SSR|V2ray|Trojan]"
|
||||
msgstr "基本设置 [SS|SSR|V2ray|Trojan]"
|
||||
|
||||
msgid "Main Server"
|
||||
msgstr "主服务器"
|
||||
@ -615,11 +615,11 @@ msgstr "导入配置信息"
|
||||
msgid "Configuration Url"
|
||||
msgstr "配置链接"
|
||||
|
||||
msgid "Open v2ray split-flow"
|
||||
msgstr "开启V2ray分流"
|
||||
msgid "Open v2ray route"
|
||||
msgstr "开启分流"
|
||||
|
||||
msgid "When open v2ray split-flow,your main server must be a v2ray server"
|
||||
msgstr "当使用v2ray分流功能时 主服务器必须为V2ray"
|
||||
msgid "When open v2ray routed,Apply may take more time."
|
||||
msgstr "(支持全类型分流)当分流开启时,保存并应用的时间可能变长。"
|
||||
|
||||
msgid "Youtube Proxy"
|
||||
msgstr "Youtube 代理"
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
#!/bin/bash /etc/rc.common
|
||||
#
|
||||
# Copyright (C) 2017 openwrt-ssr
|
||||
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
|
||||
@ -29,11 +29,15 @@ kcp_enable_flag=0
|
||||
kcp_flag=0
|
||||
pdnsd_enable_flag=0
|
||||
switch_enable=0
|
||||
shunt_enable=0
|
||||
switch_server=$1
|
||||
MAXFD=32768
|
||||
CRON_FILE=/etc/crontabs/root
|
||||
threads=1
|
||||
|
||||
shunt_type=("global" "youtube" "tw_video" "netflix" "disney" "prime" "tvb")
|
||||
shunt_port=(2080 2081 2082 2083 2084 2085 2086)
|
||||
shunt_array=("youtube" "tw_video" "netflix" "disney" "prime" "tvb")
|
||||
scount=0
|
||||
uci_get_by_name() {
|
||||
local ret=$(uci get $NAME.$1.$2 2>/dev/null)
|
||||
echo ${ret:=$3}
|
||||
@ -45,9 +49,9 @@ uci_get_by_type() {
|
||||
}
|
||||
|
||||
add_cron() {
|
||||
sed -i '/vssr.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/vssr.log' >> $CRON_FILE
|
||||
[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/subscribe.lua" >> $CRON_FILE
|
||||
[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/update.lua" >> $CRON_FILE
|
||||
sed -i '/vssr.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/vssr.log' >>$CRON_FILE
|
||||
[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/subscribe.lua" >>$CRON_FILE
|
||||
[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/update.lua" >>$CRON_FILE
|
||||
crontab $CRON_FILE
|
||||
}
|
||||
|
||||
@ -56,7 +60,17 @@ del_cron() {
|
||||
sed -i '/vssr.log/d' $CRON_FILE
|
||||
/etc/init.d/cron restart
|
||||
}
|
||||
|
||||
count_shunt() {
|
||||
scount=0
|
||||
for ((i = 0; i < ${#shunt_array[@]}; i++)); do
|
||||
local server_index=$(uci_get_by_type global ${shunt_array[i]}_server)
|
||||
local server_type=$(uci_get_by_name $server_index type)
|
||||
if [ "$server_type" != "" ]; then
|
||||
scount=$(($scount + 1))
|
||||
fi
|
||||
done
|
||||
}
|
||||
count_shunt
|
||||
run_mode=$(uci_get_by_type global run_mode)
|
||||
|
||||
gen_config_file() {
|
||||
@ -89,9 +103,14 @@ gen_config_file() {
|
||||
re_type="nat"
|
||||
fi
|
||||
fi
|
||||
lua /usr/share/vssr/genconfig_${stype}.lua ${server_obj} ${re_type} ${port} ${hostip} >${config_file}
|
||||
local mport=0
|
||||
if [ $3 = "1" ]; then
|
||||
stype="v2ray"
|
||||
mport=1090
|
||||
re_type="tcp"
|
||||
fi
|
||||
lua /usr/share/vssr/genconfig_${stype}.lua ${server_obj} ${re_type} ${port} ${hostip} ${mport} >${config_file}
|
||||
sed -i 's/\\//g' $config_file
|
||||
|
||||
}
|
||||
|
||||
get_arg_out() {
|
||||
@ -128,11 +147,23 @@ start_rules() {
|
||||
local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips)
|
||||
local lan_ac_mode="b"
|
||||
local router_proxy=$(uci_get_by_type access_control router_proxy)
|
||||
if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then
|
||||
if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a $kcp_flag == 0 ]; then
|
||||
ARG_UDP="-u"
|
||||
elif [ -n "$UDP_RELAY_SERVER" ]; then
|
||||
ARG_UDP="-U"
|
||||
local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server)
|
||||
if echo $udp_server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
|
||||
udp_server=${udp_server}
|
||||
elif [ "$udp_server" != "${udp_server#*:[0-9a-fA-F]}" ]; then
|
||||
udp_server=${udp_server}
|
||||
else
|
||||
udp_server=$(ping ${udp_server} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1)
|
||||
if echo $udp_server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
|
||||
echo $udp_server >/etc/ssr_ip
|
||||
else
|
||||
udp_server=$(cat /etc/ssr_ip)
|
||||
fi
|
||||
fi
|
||||
local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port)
|
||||
fi
|
||||
|
||||
@ -174,7 +205,6 @@ start_rules() {
|
||||
-G "$(uci_get_by_type access_control lan_gm_ips)" \
|
||||
-D "$proxyport" \
|
||||
$(get_arg_out) $gfwmode $ARG_UDP
|
||||
|
||||
return $?
|
||||
}
|
||||
|
||||
@ -234,6 +264,48 @@ EOF
|
||||
/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d
|
||||
}
|
||||
|
||||
find_bin() {
|
||||
case "$1" in
|
||||
ss) ret="/usr/bin/ss-redir" ;;
|
||||
ss-local) ret="/usr/bin/ss-local" ;;
|
||||
ssr) ret="/usr/bin/ssr-redir" ;;
|
||||
ssr-local) ret="/usr/bin/ssr-local" ;;
|
||||
ssr-server) ret="/usr/bin/ssr-server" ;;
|
||||
v2ray) ret="/usr/bin/v2ray/v2ray" && [ ! -f "$ret" ] && ret="/usr/bin/v2ray" ;;
|
||||
trojan) ret="/usr/sbin/trojan" ;;
|
||||
socks5 | tun) ret="/usr/sbin/redsocks2" ;;
|
||||
esac
|
||||
echo $ret
|
||||
}
|
||||
#分流节点
|
||||
start_shunt() {
|
||||
for ((i = 0; i < ${#shunt_type[@]}; i++)); do
|
||||
local server_index=$(uci_get_by_type global ${shunt_type[i]}_server)
|
||||
local server_port=${shunt_port[i]}
|
||||
local server_type=$(uci_get_by_name $server_index type)
|
||||
local server_ip=$(uci_get_by_name $server_index server)
|
||||
[ "$server_type" == "trojan" ] && re_type="client" || re_type="tcp"
|
||||
if [ "$server_type" != "v2ray" -a "$server_type" != "" ]; then
|
||||
local config_file=/var/etc/${NAME}_${shunt_type[i]}.json
|
||||
local bin=$(find_bin $server_type)
|
||||
lua /usr/share/vssr/genconfig_${server_type}.lua ${server_index} ${re_type} ${server_port} ${server_ip} >${config_file}
|
||||
sed -i 's/\\//g' $config_file
|
||||
case "$server_type" in
|
||||
ss | ssr)
|
||||
bin=$(find_bin "ss-local")
|
||||
[ "$server_type" == "ssr" ] && bin=$(find_bin "ssr-local")
|
||||
$bin -c $config_file $ARG_OTA -f /var/run/vssr-${shunt_type[i]}.pid1 >/dev/null 2>&1
|
||||
;;
|
||||
trojan)
|
||||
$bin --config $config_file >/dev/null 2>&1 &
|
||||
;;
|
||||
esac
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") ${shunt_type[i]}: $server_type 分流服务已启动!" >>/tmp/vssr.log
|
||||
fi
|
||||
done
|
||||
return $?
|
||||
}
|
||||
|
||||
start_redir() {
|
||||
case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in
|
||||
1 | on | true | yes | enabled) ARG_OTA="-A" ;;
|
||||
@ -258,26 +330,12 @@ start_redir() {
|
||||
kcp_enable_flag=1
|
||||
fi
|
||||
|
||||
gen_config_file $GLOBAL_SERVER 0
|
||||
gen_config_file $GLOBAL_SERVER 0 0
|
||||
local stype=$(uci_get_by_name $GLOBAL_SERVER type)
|
||||
if [ "$stype" == "ss" -o "$stype" == "v2ray" ]; then
|
||||
sscmd="/usr/bin/v2ray/v2ray"
|
||||
[ ! -f "$sscmd" ] && sscmd="/usr/bin/v2ray"
|
||||
elif [ "$stype" == "ssr" ]; then
|
||||
sscmd="/usr/bin/ssr-redir"
|
||||
elif [ "$stype" == "trojan" ]; then
|
||||
sscmd="/usr/sbin/trojan"
|
||||
fi
|
||||
sscmd=$(find_bin $stype)
|
||||
|
||||
local utype=$(uci_get_by_name $UDP_RELAY_SERVER type)
|
||||
if [ "$utype" == "ss" -o "$utype" == "v2ray" ]; then
|
||||
ucmd="/usr/bin/v2ray/v2ray"
|
||||
[ ! -f "$ucmd" ] && ucmd="/usr/bin/v2ray"
|
||||
elif [ "$utype" == "ssr" ]; then
|
||||
ucmd="/usr/bin/ssr-redir"
|
||||
elif [ "$utype" == "trojan" ]; then
|
||||
ucmd="/usr/sbin/trojan"
|
||||
fi
|
||||
ucmd=$(find_bin $utype)
|
||||
|
||||
if [ "$(uci_get_by_type global threads 0)" = "0" ]; then
|
||||
threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l)
|
||||
@ -286,47 +344,69 @@ start_redir() {
|
||||
fi
|
||||
#转发TCP
|
||||
redir_tcp=1
|
||||
local last_config_file=$CONFIG_FILE
|
||||
if [ "$stype" == "ssr" ]; then
|
||||
local pid_file="/var/run/ssr-retcp.pid"
|
||||
for i in $(seq 1 $threads); do
|
||||
$sscmd -c $last_config_file $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1
|
||||
done
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") SSR $threads 线程 已启动!" >>/tmp/vssr.log
|
||||
elif [ "$stype" == "v2ray" -o "$stype" == "ss" ]; then
|
||||
$sscmd -config $last_config_file >/dev/null 2>&1 &
|
||||
if [ $scount == "0" ]; then
|
||||
local last_config_file=$CONFIG_FILE
|
||||
case "$stype" in
|
||||
ss | ssr)
|
||||
local pid_file="/var/run/ssr-retcp.pid"
|
||||
local name="Shadowsocks"
|
||||
[ "$type" == "ssr" ] && name="ShadowsocksR"
|
||||
for i in $(seq 1 $threads); do
|
||||
$sscmd -c $last_config_file $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1
|
||||
done
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $name $threads 线程 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
v2ray)
|
||||
$sscmd -config $last_config_file >/dev/null 2>&1 &
|
||||
echo $sscmd
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
trojan)
|
||||
for i in $(seq 1 $threads); do
|
||||
$sscmd -c $last_config_file >/dev/null 2>&1 &
|
||||
done
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -V 2>&1 | head -1) $threads 线程 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
esac
|
||||
else
|
||||
if [ $stype != "vray" ]; then
|
||||
#开启 v2ray 路由服务
|
||||
gen_config_file $GLOBAL_SERVER 0 1
|
||||
sscmd=$(find_bin "v2ray")
|
||||
local last_config_file=$CONFIG_FILE
|
||||
$sscmd -config $last_config_file >/dev/null 2>&1 &
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log
|
||||
fi
|
||||
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log
|
||||
|
||||
elif [ "$stype" == "trojan" ]; then
|
||||
for i in $(seq 1 $threads); do
|
||||
$sscmd -c $last_config_file >/dev/null 2>&1 &
|
||||
done
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -V 2>&1 | head -1) $threads 线程 已启动!" >>/tmp/vssr.log
|
||||
fi
|
||||
|
||||
#转发UDP
|
||||
if [ -n "$UDP_RELAY_SERVER" ]; then
|
||||
redir_udp=1
|
||||
gen_config_file $UDP_RELAY_SERVER 1
|
||||
gen_config_file $UDP_RELAY_SERVER 1 0
|
||||
last_config_file=$CONFIG_UDP_FILE
|
||||
echo $utype
|
||||
if [ "$utype" == "ssr" ]; then
|
||||
|
||||
case "$stype" in
|
||||
ss | ssr)
|
||||
case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in
|
||||
1 | on | true | yes | enabled) ARG_OTA="-A" ;;
|
||||
*) ARG_OTA="" ;;
|
||||
esac
|
||||
local name="Shadowsocks"
|
||||
[ "$type" == "ssr" ] && name="ShadowsocksR"
|
||||
pid_file="/var/run/ssr-reudp.pid"
|
||||
#echo $ucmd >> /tmp/vssr.log
|
||||
$ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/tmp/vssr.log 2>&1
|
||||
#echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) UDP已启动!" >> /tmp/vssr.log
|
||||
elif [ "$utype" == "ss" -o "$utype" == "v2ray" ]; then
|
||||
$ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: $name 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
v2ray)
|
||||
$ucmd -config $last_config_file >/dev/null 2>&1 &
|
||||
elif [ "$stype" == "trojan" ]; then
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: V2ray 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
trojan)
|
||||
$ucmd --config $last_config_file >/dev/null 2>&1 &
|
||||
ipt2socks -U -4 -b 0.0.0.0 -s 127.0.0.1 -p 10801 -l $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/dev/null 2>&1 &
|
||||
fi
|
||||
echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: Trojan 已启动!" >>/tmp/vssr.log
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
#deal with dns
|
||||
@ -430,14 +510,13 @@ start_server() {
|
||||
start_local() {
|
||||
local local_server=$(uci_get_by_type socks5_proxy enable_server)
|
||||
|
||||
[ "$local_server" = "0" ] && return 0
|
||||
[ "$local_server" = "0" ] && return 1
|
||||
mkdir -p /var/run /var/etc
|
||||
|
||||
lua /usr/share/vssr/genconfig_v2ray_s.lua >$CONFIG_SOCK5_FILE
|
||||
lua /usr/share/vssr/genconfig_v2ray_s.lua >$CONFIG_SOCK5_FILE
|
||||
sed -i 's/\\//g' $config_file
|
||||
|
||||
/usr/bin/v2ray/v2ray -config $CONFIG_SOCK5_FILE >/dev/null 2>&1 &
|
||||
|
||||
local_enable=1
|
||||
}
|
||||
|
||||
@ -485,7 +564,9 @@ EOF
|
||||
fi
|
||||
start_server
|
||||
start_local
|
||||
|
||||
if [ $scount != "0" ]; then
|
||||
start_shunt
|
||||
fi
|
||||
if [ $(uci_get_by_type global monitor_enable) = 1 ]; then
|
||||
let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable
|
||||
if [ $total_count -gt 0 ]; then
|
||||
@ -503,6 +584,7 @@ boot() {
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo "stop"
|
||||
/usr/bin/vssr-rules -f
|
||||
srulecount=$(iptables -L | grep SSR-SERVER-RULE | wc -l)
|
||||
if [ $srulecount -gt 0 ]; then
|
||||
@ -516,15 +598,7 @@ stop() {
|
||||
if [ $(uci_get_by_type global monitor_enable) = 1 ]; then
|
||||
kill -9 $(busybox ps -w | grep vssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1
|
||||
fi
|
||||
killall -q -9 vssr-monitor
|
||||
killall -q -9 ssr-redir
|
||||
killall -q -9 v2ray
|
||||
killall -q -9 trojan
|
||||
killall -q -9 ipt2socks
|
||||
killall -q -9 ssr-server
|
||||
killall -q -9 kcptun-client
|
||||
killall -q -9 ssr-local
|
||||
killall -q -9 pdnsd
|
||||
killall -q -9 ss-redir ss-local obfs-local ssr-redir ssr-local ssr-server v2ray v2ray-plugin trojan microsocks ipt2socks dns2socks redsocks2 pdnsd
|
||||
|
||||
if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then
|
||||
rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf
|
||||
|
||||
@ -75,41 +75,41 @@ flush_r() {
|
||||
|
||||
ipset_r() {
|
||||
ipset -N gmlan hash:net 2>/dev/null
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
|
||||
|
||||
if [ "$RUNMODE" = "router" ] ;then
|
||||
ipset -! -R <<-EOF || return 1
|
||||
create ss_spec_wan_ac hash:net
|
||||
$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
|
||||
EOF
|
||||
ipset -N gfwlist hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
|
||||
|
||||
elif [ "$RUNMODE" = "gfw" ] ;then
|
||||
ipset -N gfwlist hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
|
||||
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
|
||||
|
||||
elif [ "$RUNMODE" = "oversea" ] ;then
|
||||
ipset -N oversea hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
ipset -N gmlan hash:net 2>/dev/null
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW
|
||||
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
|
||||
|
||||
elif [ "$RUNMODE" = "all" ] ;then
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
|
||||
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
|
||||
|
||||
fi
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
|
||||
case "$RUNMODE" in
|
||||
router)
|
||||
ipset -! -R <<-EOF || return 1
|
||||
create ss_spec_wan_ac hash:net
|
||||
$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
|
||||
EOF
|
||||
ipset -N gfwlist hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
|
||||
;;
|
||||
gfw)
|
||||
ipset -N gfwlist hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
|
||||
$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
|
||||
;;
|
||||
oversea)
|
||||
ipset -N oversea hash:net 2>/dev/null
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
ipset -N gmlan hash:net 2>/dev/null
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW
|
||||
$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
|
||||
;;
|
||||
all)
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
|
||||
$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
|
||||
;;
|
||||
esac
|
||||
|
||||
ipset -N fplan hash:net 2>/dev/null
|
||||
for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done
|
||||
@ -147,37 +147,37 @@ fw_rule() {
|
||||
ac_rule() {
|
||||
if [ -n "$LAN_AC_IP" ]; then
|
||||
case "${LAN_AC_IP:0:1}" in
|
||||
w|W)
|
||||
MATCH_SET="-m set --match-set ss_spec_lan_ac src"
|
||||
;;
|
||||
b|B)
|
||||
MATCH_SET="-m set ! --match-set ss_spec_lan_ac src"
|
||||
;;
|
||||
*)
|
||||
loger 3 "Bad argument \`-a $LAN_AC_IP\`."
|
||||
return 2
|
||||
;;
|
||||
w | W)
|
||||
MATCH_SET="-m set --match-set ss_spec_lan_ac src"
|
||||
;;
|
||||
b | B)
|
||||
MATCH_SET="-m set ! --match-set ss_spec_lan_ac src"
|
||||
;;
|
||||
*)
|
||||
loger 3 "Bad argument \`-a $LAN_AC_IP\`."
|
||||
return 2
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
IFNAME=$(uci get -P/var/state network.lan.ifname 2>/dev/null)
|
||||
ipset -! -R <<-EOF || return 1
|
||||
create ss_spec_lan_ac hash:net
|
||||
$(for ip in ${LAN_AC_IP:1}; do echo "add ss_spec_lan_ac $ip"; done)
|
||||
EOF
|
||||
EOF
|
||||
$IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET \
|
||||
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
|
||||
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
|
||||
if [ "$OUTPUT" = 1 ]; then
|
||||
$IPT -I OUTPUT 1 -p tcp $EXT_ARGS \
|
||||
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
|
||||
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
|
||||
elif [ "$OUTPUT" = 2 ]; then
|
||||
ipset -! -R <<-EOF || return 1
|
||||
create ssr_gen_router hash:net
|
||||
$(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /")
|
||||
EOF
|
||||
create ssr_gen_router hash:net
|
||||
$(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /")
|
||||
EOF
|
||||
$IPT -N SS_SPEC_ROUTER && \
|
||||
$IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \
|
||||
$IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW
|
||||
$IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER
|
||||
$IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER
|
||||
fi
|
||||
return $?
|
||||
}
|
||||
@ -188,6 +188,8 @@ tp_rule() {
|
||||
ip route add local 0.0.0.0/0 dev lo table 100
|
||||
local ipt="iptables -t mangle"
|
||||
$ipt -N SS_SPEC_TPROXY
|
||||
$ipt -A SS_SPEC_TPROXY -p udp --dport 443 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp --dport 80 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp --dport 53 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 0.0.0.0/8 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 10.0.0.0/8 -j RETURN
|
||||
@ -197,35 +199,33 @@ tp_rule() {
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 192.168.0.0/16 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 224.0.0.0/4 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
|
||||
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp ! --dport 53 -d $server -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
case "$RUNMODE" in
|
||||
router)
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
if [ "$RUNMODE" = "router" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
|
||||
;;
|
||||
gfw)
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "gfw" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
|
||||
;;
|
||||
oversea)
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "oversea" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "all" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
fi
|
||||
|
||||
;;
|
||||
all)
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
;;
|
||||
esac
|
||||
$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
|
||||
-m comment --comment "$TAG" -j SS_SPEC_TPROXY
|
||||
|
||||
-m comment --comment "$TAG" -j SS_SPEC_TPROXY
|
||||
return $?
|
||||
}
|
||||
|
||||
@ -376,14 +376,14 @@ if [ -z "$server" -o -z "$local_port" ]; then
|
||||
usage 2
|
||||
fi
|
||||
|
||||
if [ "$TPROXY" = 1 ]; then
|
||||
if [ "$TPROXY" == 1 ]; then
|
||||
SERVER=$server
|
||||
LOCAL_PORT=$local_port
|
||||
elif [ "$TPROXY" = 2 ]; then
|
||||
elif [ "$TPROXY" == 2 ]; then
|
||||
: ${SERVER:?"You must assign an ip for the udp relay server."}
|
||||
: ${LOCAL_PORT:?"You must assign a port for the udp relay server."}
|
||||
fi
|
||||
|
||||
flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
|
||||
[ "$?" = 0 ] || loger 3 "Start failed!"
|
||||
[ "$?" == 0 ] || loger 3 "Start failed!"
|
||||
exit $?
|
||||
@ -1,61 +1,23 @@
|
||||
local ucursor = require"luci.model.uci".cursor()
|
||||
local ucursor = require "luci.model.uci".cursor()
|
||||
local json = require "luci.jsonc"
|
||||
local server_section = arg[1]
|
||||
local proto = arg[2]
|
||||
local proto = arg[2]
|
||||
local local_port = arg[3]
|
||||
local host = arg[4]
|
||||
|
||||
local server = ucursor:get_all("vssr", server_section)
|
||||
|
||||
local v2ray = {
|
||||
log = {
|
||||
-- error = "/var/ssrplus.log",
|
||||
loglevel = "info"
|
||||
},
|
||||
-- 传入连接
|
||||
inbound = {
|
||||
|
||||
port = local_port,
|
||||
protocol = "dokodemo-door",
|
||||
settings = {network = proto, followRedirect = true},
|
||||
sniffing = {enabled = true, destOverride = {"http", "tls"}}
|
||||
|
||||
},
|
||||
-- 传出连接
|
||||
outbounds = {
|
||||
{
|
||||
tag = "protocol_layer",
|
||||
protocol = "shadowsocks",
|
||||
settings = {
|
||||
servers = {
|
||||
{
|
||||
address = host,
|
||||
port = tonumber(server.server_port),
|
||||
method = server.encrypt_method_ss,
|
||||
password = server.password
|
||||
}
|
||||
}
|
||||
},
|
||||
proxySettings = {tag = "transport_layer"}
|
||||
}, {
|
||||
tag = "transport_layer",
|
||||
protocol = "freedom",
|
||||
settings = (server.obfs_host ~= nil) and{
|
||||
redirect = server.obfs_host .. ":" ..
|
||||
tonumber(server.server_port)
|
||||
} or nil,
|
||||
streamSettings = (server.obfs_transport ~= nil) and{
|
||||
network = server.obfs_transport,
|
||||
security = (server.obfs_opts == '1') and "tls" or "none",
|
||||
wsSettings = {
|
||||
path = server.obfs_path,
|
||||
headers = (server.obfs_host ~= nil) and {host = server.obfs_host} or nil
|
||||
}
|
||||
} or nil,
|
||||
mux = {enabled = (server.mux == "1") and true or false}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
local ss = {
|
||||
server = host,
|
||||
server_port = server.server_port,
|
||||
local_address = "0.0.0.0",
|
||||
local_port = local_port,
|
||||
password = server.password,
|
||||
timeout = (server.timeout ~= nil) and server.timeout or 60,
|
||||
method = server.encrypt_method_ss,
|
||||
reuse_port = true,
|
||||
fast_open = (server.fast_open == "1") and true or false,
|
||||
plugin = (server.plugin ~= nil) and server.plugin or nil,
|
||||
plugin_opts = (server.plugin ~= nil) and server.plugin_opts or nil,
|
||||
}
|
||||
print(json.stringify(v2ray, 1))
|
||||
print(json.stringify(ss, 1))
|
||||
|
||||
@ -18,7 +18,7 @@ local trojan = {
|
||||
password = {server.password},
|
||||
-- 传出连接
|
||||
ssl = {
|
||||
verify = false,
|
||||
verify = (server.insecure == "0") and true or false,
|
||||
verify_hostname = (server.tls == "1") and false or true,
|
||||
cert = "",
|
||||
cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
|
||||
|
||||
@ -5,6 +5,7 @@ local server_section = arg[1]
|
||||
local proto = arg[2]
|
||||
local local_port = arg[3]
|
||||
local host = arg[4]
|
||||
local main_port = arg[5]
|
||||
|
||||
local v2ray_flow = ucursor:get_first(name, 'global', 'v2ray_flow', '0')
|
||||
local youtube_server = ucursor:get_first(name, 'global', 'youtube_server')
|
||||
@ -14,81 +15,100 @@ local disney_server = ucursor:get_first(name, 'global', 'disney_server')
|
||||
local prime_server = ucursor:get_first(name, 'global', 'prime_server')
|
||||
local tvb_server = ucursor:get_first(name, 'global', 'tvb_server')
|
||||
|
||||
function gen_outbound(server_node, tags)
|
||||
function gen_outbound(server_node, tags, local_ports)
|
||||
local bound = {}
|
||||
if server_node == "nil" then
|
||||
bound = nil
|
||||
else
|
||||
|
||||
local server = ucursor:get_all(name, server_node)
|
||||
bound = {
|
||||
tag = tags,
|
||||
protocol = "vmess",
|
||||
settings = {
|
||||
vnext = {
|
||||
{
|
||||
address = server.server,
|
||||
port = tonumber(server.server_port),
|
||||
users = {
|
||||
{
|
||||
id = server.vmess_id,
|
||||
alterId = tonumber(server.alter_id),
|
||||
security = server.security
|
||||
}
|
||||
if server.type ~= "v2ray" then
|
||||
bound = {
|
||||
tag = tags,
|
||||
protocol = "socks",
|
||||
settings = {
|
||||
servers = {
|
||||
{
|
||||
address = "127.0.0.1",
|
||||
port = tonumber(local_ports)
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
-- 底层传输配置
|
||||
streamSettings = {
|
||||
network = server.transport,
|
||||
security = (server.tls == '1') and "tls" or "none",
|
||||
tlsSettings = {
|
||||
allowInsecure = (server.insecure == "1") and true or false,
|
||||
serverName = server.ws_host
|
||||
},
|
||||
kcpSettings = (server.transport == "kcp") and {
|
||||
mtu = tonumber(server.mtu),
|
||||
tti = tonumber(server.tti),
|
||||
uplinkCapacity = tonumber(server.uplink_capacity),
|
||||
downlinkCapacity = tonumber(server.downlink_capacity),
|
||||
congestion = (server.congestion == "1") and true or false,
|
||||
readBufferSize = tonumber(server.read_buffer_size),
|
||||
writeBufferSize = tonumber(server.write_buffer_size),
|
||||
header = {type = server.kcp_guise}
|
||||
} or nil,
|
||||
wsSettings = (server.transport == "ws") and
|
||||
(server.ws_path ~= nil or server.ws_host ~= nil) and {
|
||||
path = server.ws_path,
|
||||
headers = (server.ws_host ~= nil) and
|
||||
{Host = server.ws_host} or nil
|
||||
} or nil,
|
||||
httpSettings = (server.transport == "h2") and
|
||||
{path = server.h2_path, host = server.h2_host} or nil,
|
||||
quicSettings = (server.transport == "quic") and {
|
||||
security = server.quic_security,
|
||||
key = server.quic_key,
|
||||
header = {type = server.quic_guise}
|
||||
} or nil
|
||||
},
|
||||
mux = {
|
||||
enabled = (server.mux == "1") and true or false,
|
||||
concurrency = tonumber(server.concurrency)
|
||||
}
|
||||
}
|
||||
else
|
||||
bound = {
|
||||
tag = tags,
|
||||
protocol = "vmess",
|
||||
settings = {
|
||||
vnext = {
|
||||
{
|
||||
address = server.server,
|
||||
port = tonumber(server.server_port),
|
||||
users = {
|
||||
{
|
||||
id = server.vmess_id,
|
||||
alterId = tonumber(server.alter_id),
|
||||
security = server.security
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
-- 底层传输配置
|
||||
streamSettings = {
|
||||
network = server.transport,
|
||||
security = (server.tls == '1') and "tls" or "none",
|
||||
tlsSettings = {
|
||||
allowInsecure = (server.insecure == "1") and true or false,
|
||||
serverName = server.ws_host
|
||||
},
|
||||
kcpSettings = (server.transport == "kcp") and {
|
||||
mtu = tonumber(server.mtu),
|
||||
tti = tonumber(server.tti),
|
||||
uplinkCapacity = tonumber(server.uplink_capacity),
|
||||
downlinkCapacity = tonumber(server.downlink_capacity),
|
||||
congestion = (server.congestion == "1") and true or false,
|
||||
readBufferSize = tonumber(server.read_buffer_size),
|
||||
writeBufferSize = tonumber(server.write_buffer_size),
|
||||
header = {type = server.kcp_guise}
|
||||
} or nil,
|
||||
wsSettings = (server.transport == "ws") and
|
||||
(server.ws_path ~= nil or server.ws_host ~= nil) and {
|
||||
path = server.ws_path,
|
||||
headers = (server.ws_host ~= nil) and
|
||||
{Host = server.ws_host} or nil
|
||||
} or nil,
|
||||
httpSettings = (server.transport == "h2") and
|
||||
{path = server.h2_path, host = server.h2_host} or nil,
|
||||
quicSettings = (server.transport == "quic") and {
|
||||
security = server.quic_security,
|
||||
key = server.quic_key,
|
||||
header = {type = server.quic_guise}
|
||||
} or nil
|
||||
},
|
||||
mux = {
|
||||
enabled = (server.mux == "1") and true or false,
|
||||
concurrency = tonumber(server.concurrency)
|
||||
}
|
||||
}
|
||||
end
|
||||
end
|
||||
return bound
|
||||
end
|
||||
|
||||
local outbounds_table = {}
|
||||
|
||||
table.insert(outbounds_table, gen_outbound(server_section, "main"))
|
||||
|
||||
if v2ray_flow == "1" then
|
||||
table.insert(outbounds_table, gen_outbound(youtube_server, "youtube"))
|
||||
table.insert(outbounds_table, gen_outbound(tw_video_server, "twvideo"))
|
||||
table.insert(outbounds_table, gen_outbound(netflix_server, "netflix"))
|
||||
table.insert(outbounds_table, gen_outbound(disney_server, "disney"))
|
||||
table.insert(outbounds_table, gen_outbound(prime_server, "prime"))
|
||||
table.insert(outbounds_table, gen_outbound(tvb_server, "tvb"))
|
||||
table.insert(outbounds_table, gen_outbound(server_section, "global",2080))
|
||||
table.insert(outbounds_table, gen_outbound(youtube_server, "youtube",2081))
|
||||
table.insert(outbounds_table, gen_outbound(tw_video_server, "twvideo",2082))
|
||||
table.insert(outbounds_table, gen_outbound(netflix_server, "netflix",2083))
|
||||
table.insert(outbounds_table, gen_outbound(disney_server, "disney",2084))
|
||||
table.insert(outbounds_table, gen_outbound(prime_server, "prime",2085))
|
||||
table.insert(outbounds_table, gen_outbound(tvb_server, "tvb",2086))
|
||||
else
|
||||
table.insert(outbounds_table, gen_outbound(server_section, "main",local_port))
|
||||
end
|
||||
|
||||
-- rules gen
|
||||
@ -215,17 +235,18 @@ end
|
||||
|
||||
local v2ray = {
|
||||
log = {
|
||||
-- error = "/var/ssrplus.log",
|
||||
-- error = "/var/vssrsss.log",
|
||||
-- access = "/var/v2rays.log",
|
||||
loglevel = "warning"
|
||||
},
|
||||
-- 传入连接
|
||||
inbounds = {
|
||||
{
|
||||
port = local_port,
|
||||
port = tonumber(local_port),
|
||||
protocol = "dokodemo-door",
|
||||
settings = {network = proto, followRedirect = true},
|
||||
sniffing = {enabled = true, destOverride = {"http", "tls"}}
|
||||
sniffing = {enabled = true, destOverride = {"http", "tls"}},
|
||||
streamSettings = {sockopt = { tproxy = (proto == "tcp") and "redirect" or "tproxy"}}
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
@ -224,6 +224,7 @@ local function processData(szType, content)
|
||||
result.alias = UrlDecode(alias)
|
||||
result.type = "trojan"
|
||||
result.server = host[1]
|
||||
result.insecure = "0"
|
||||
if host[2]:find("?") then
|
||||
local query = split(host[2], "?")
|
||||
result.server_port = query[1]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user