From d897d20955bc78f6dcc9bd4022fefbb8e09a449a Mon Sep 17 00:00:00 2001 From: CN_SZTL Date: Sun, 23 Aug 2020 23:33:43 +0800 Subject: [PATCH] luci-app-vssr: bump to v1.13 --- package/ctcgfw/luci-app-vssr/Makefile | 42 ++-- .../luasrc/model/cbi/vssr/client-config.lua | 117 ++++++---- .../luasrc/model/cbi/vssr/client.lua | 48 ++-- package/ctcgfw/luci-app-vssr/po/zh-cn/vssr.po | 16 +- .../ctcgfw/luci-app-vssr/root/etc/init.d/vssr | 206 ++++++++++++------ .../luci-app-vssr/root/usr/bin/vssr-rules | 156 ++++++------- .../root/usr/share/vssr/genconfig_ss.lua | 68 ++---- .../root/usr/share/vssr/genconfig_trojan.lua | 2 +- .../root/usr/share/vssr/genconfig_v2ray.lua | 145 ++++++------ .../root/usr/share/vssr/subscribe.lua | 1 + 10 files changed, 447 insertions(+), 354 deletions(-) diff --git a/package/ctcgfw/luci-app-vssr/Makefile b/package/ctcgfw/luci-app-vssr/Makefile index c3caff47d6..eb5cf66ce6 100644 --- a/package/ctcgfw/luci-app-vssr/Makefile +++ b/package/ctcgfw/luci-app-vssr/Makefile @@ -1,34 +1,40 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-vssr -PKG_VERSION:=1.12 -PKG_RELEASE:=20200822 - -PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \ - CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server \ - CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks +PKG_VERSION:=1.13 +PKG_RELEASE:=20200823 include $(INCLUDE_DIR)/package.mk define Package/$(PKG_NAME)/config - +config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin + bool "Include Shadowsocks V2ray Plugin" + default y if i386||x86_64||arm||aarch64 + config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray bool "Include V2ray" - default y + default y if i386||x86_64||arm||aarch64 config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan bool "Include Trojan" - default y + default y if i386||x86_64||arm||aarch64 + +config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun + bool "Include Kcptun" + default n config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server bool "Include ShadowsocksR Server" - default n - -config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks - bool "Include ShadowsocksR Socks and Tunnel" - default y + default y if i386||x86_64||arm||aarch64 endef +PKG_CONFIG_DEPENDS:= \ + CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin \ + CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \ + CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Trojan \ + CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \ + CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server + define Package/luci-app-vssr SECTION:=luci CATEGORY:=LuCI @@ -36,11 +42,13 @@ define Package/luci-app-vssr TITLE:=A New SS/SSR/V2Ray/Trojan LuCI interface PKGARCH:=all DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +bash +pdnsd-alt +wget +luasocket +coreutils-nohup +lua-maxminddb \ - +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \ + +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs \ + +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \ + +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \ +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \ +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:ipt2socks \ - +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server \ - +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks:shadowsocksr-libev-ssr-local + +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \ + +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server endef define Build/Prepare diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua index 5bf65762f1..592dd1a7a5 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua @@ -18,34 +18,85 @@ end local server_table = {} local encrypt_methods = { - "none", "table", "rc4", "rc4-md5-6", "rc4-md5", "aes-128-cfb", - "aes-192-cfb", "aes-256-cfb", "aes-128-ctr", "aes-192-ctr", "aes-256-ctr", - "bf-cfb", "camellia-128-cfb", "camellia-192-cfb", "camellia-256-cfb", - "cast5-cfb", "des-cfb", "idea-cfb", "rc2-cfb", "seed-cfb", "salsa20", - "chacha20", "chacha20-ietf" +"none", +"table", +"rc4", +"rc4-md5-6", +"rc4-md5", +"aes-128-cfb", +"aes-192-cfb", +"aes-256-cfb", +"aes-128-ctr", +"aes-192-ctr", +"aes-256-ctr", +"bf-cfb", +"camellia-128-cfb", +"camellia-192-cfb", +"camellia-256-cfb", +"cast5-cfb", +"des-cfb", +"idea-cfb", +"rc2-cfb", +"seed-cfb", +"salsa20", +"chacha20", +"chacha20-ietf", } local encrypt_methods_ss = { - -- aead - "aes-128-gcm", "aes-192-gcm", "aes-256-gcm", "chacha20-ietf-poly1305", - "xchacha20-ietf-poly1305", -- stream - "table", "rc4", "rc4-md5", "aes-128-cfb", "aes-192-cfb", "aes-256-cfb", - "aes-128-ctr", "aes-192-ctr", "aes-256-ctr", "bf-cfb", "camellia-128-cfb", - "camellia-192-cfb", "camellia-256-cfb", "salsa20", "chacha20", - "chacha20-ietf" +-- aead +"aes-128-gcm", +"aes-192-gcm", +"aes-256-gcm", +"chacha20-ietf-poly1305", +"xchacha20-ietf-poly1305", +-- stream +"table", +"rc4", +"rc4-md5", +"aes-128-cfb", +"aes-192-cfb", +"aes-256-cfb", +"aes-128-ctr", +"aes-192-ctr", +"aes-256-ctr", +"bf-cfb", +"camellia-128-cfb", +"camellia-192-cfb", +"camellia-256-cfb", +"salsa20", +"chacha20", +"chacha20-ietf", } local protocol = { - "origin", "verify_deflate", "auth_sha1_v4", "auth_aes128_sha1", - "auth_aes128_md5", "auth_chain_a", "auth_chain_b", "auth_chain_c", - "auth_chain_d", "auth_chain_e", "auth_chain_f" +"origin", +"verify_deflate", +"auth_sha1_v4", +"auth_aes128_sha1", +"auth_aes128_md5", +"auth_chain_a", +"auth_chain_b", +"auth_chain_c", +"auth_chain_d", +"auth_chain_e", +"auth_chain_f", } obfs = { - "plain", "http_simple", "http_post", "random_head", "tls1.2_ticket_auth" +"plain", +"http_simple", +"http_post", +"random_head", +"tls1.2_ticket_auth", +} +local securitys = { +"auto", +"none", +"aes-128-gcm", +"chacha20-poly1305" } -local securitys = {"auto", "none", "aes-128-gcm", "chacha20-poly1305"} m = Map(vssr, translate("Edit vssr Server")) m.redirect = luci.dispatcher.build_url("admin/services/vssr/servers") @@ -81,7 +132,7 @@ o.description = translate( o = s:option(Value, "alias", translate("Alias(optional)")) -o = s:option(Value, "flag", translate("Area")) +o = s:option(Value, "flag", translate("Country")) o.description = translate("请自己指定。格式:cn us hk 等") o.rmempty = true @@ -120,6 +171,16 @@ for _, v in ipairs(encrypt_methods_ss) do o:value(v) end o.rmempty = true o:depends("type", "ss") +-- Shadowsocks Plugin +o = s:option(Value, "plugin", translate("Plugin")) +o.rmempty = true +o:depends("type", "ss") + +o = s:option(Value, "plugin_opts", translate("Plugin Opts")) +o.rmempty = true +o:depends("type", "ss") + + o = s:option(ListValue, "protocol", translate("Protocol")) for _, v in ipairs(protocol) do o:value(v) end o.rmempty = true @@ -133,26 +194,7 @@ for _, v in ipairs(obfs) do o:value(v) end o.rmempty = true o:depends("type", "ssr") -o = s:option(Flag, "v2ray_plugin", translate("V2ray-plugin")) -o.rmempty = false -o:depends("type", "ss") -o = s:option(Value, "obfs_transport", translate("V2ray-plugin-transport")) -o.rmempty = true -o.default = "ws" -o:depends("v2ray_plugin", "1") - -o = s:option(Value, "obfs_host", translate("V2ray-plugin-host")) -o.rmempty = true -o:depends("v2ray_plugin", "1") - -o = s:option(Value, "obfs_path", translate("V2ray-plugin-path")) -o.rmempty = true -o:depends("v2ray_plugin", "1") - -o = s:option(Flag, "obfs_opts", translate("TLS")) -o.rmempty = false -o:depends("v2ray_plugin", "1") o = s:option(Value, "obfs_param", translate("Obfs param(optional)")) o:depends("type", "ssr") @@ -321,7 +363,6 @@ o = s:option(Flag, "mux", translate("Mux")) o.rmempty = true o.default = "0" o:depends("type", "v2ray") -o:depends("v2ray_plugin", "1") o = s:option(Value, "concurrency", translate("Concurrency")) o.datatype = "uinteger" diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua index 29cfe7586b..37ee587612 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua @@ -17,7 +17,7 @@ m = Map(vssr) m:section(SimpleSection).template = "vssr/status_top" local server_table = {} -local v2ray_table = {} + uci:foreach(vssr, "servers", function(s) if s.alias then server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias} @@ -25,13 +25,6 @@ uci:foreach(vssr, "servers", function(s) server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port} end - if s.type == "v2ray" then - if s.alias then - v2ray_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias} - elseif s.server and s.server_port then - v2ray_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port} - end - end end) local key_table = {} @@ -41,15 +34,8 @@ end table.sort(key_table) -local key_table_v2 = {} -for key,_ in pairs(v2ray_table) do - table.insert(key_table_v2,key) -end - -table.sort(key_table_v2) - -- [[ Global Setting ]]-- -s = m:section(TypedSection, "global",translate("Basic Settings [SS(R)|V2ray|Trojan]")) +s = m:section(TypedSection, "global",translate("Basic Settings [SS|SSR|V2ray|Trojan]")) s.anonymous = true o = s:option(ListValue, "global_server", translate("Main Server")) @@ -60,51 +46,51 @@ o.rmempty = false o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server")) o:value("", translate("Disable")) -o:value("same", translate("Same as Global Server")) +o:value("same", translate("Same as Main Server")) for _,key in pairs(key_table) do o:value(key,server_table[key]) end -o = s:option(Flag, "v2ray_flow", translate("Open v2ray split-flow")) +o = s:option(Flag, "v2ray_flow", translate("Open v2ray route")) o.rmempty = false -o.description = translate("When open v2ray split-flow,your main server must be a v2ray server") +o.description = translate("When open v2ray routed,Apply may take more time.") o = s:option(ListValue, "youtube_server", translate("Youtube Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" o = s:option(ListValue, "tw_video_server", translate("TaiWan Video Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" o = s:option(ListValue, "netflix_server", translate("Netflix Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" o = s:option(ListValue, "disney_server", translate("Diseny+ Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" o = s:option(ListValue, "prime_server", translate("Prime Video Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" o = s:option(ListValue, "tvb_server", translate("TVB Video Proxy")) -o:value("nil", translate("Same as Global Server")) -for _,key in pairs(key_table_v2) do o:value(key,v2ray_table[key]) end +o:value("nil", translate("Same as Main Server")) +for _,key in pairs(key_table) do o:value(key,server_table[key]) end o:depends("v2ray_flow", "1") o.default = "nil" diff --git a/package/ctcgfw/luci-app-vssr/po/zh-cn/vssr.po b/package/ctcgfw/luci-app-vssr/po/zh-cn/vssr.po index 954638665c..48c3cab4bc 100644 --- a/package/ctcgfw/luci-app-vssr/po/zh-cn/vssr.po +++ b/package/ctcgfw/luci-app-vssr/po/zh-cn/vssr.po @@ -37,8 +37,8 @@ msgstr "vssr SOCK5代理运行中" msgid "UDP Relay Server" msgstr "UDP中继服务器" -msgid "Same as Global Server" -msgstr "与全局服务器相同" +msgid "Same as Main Server" +msgstr "与主服务器相同" msgid "Servers Setting" msgstr "服务器配置" @@ -386,8 +386,8 @@ msgstr "通过代理更新" msgid "GFW List" msgstr "GFW列表" -msgid "Basic Settings [SS(R)|V2ray|Trojan]" -msgstr "基本设置 [SS(R)|V2ray|Trojan]" +msgid "Basic Settings [SS|SSR|V2ray|Trojan]" +msgstr "基本设置 [SS|SSR|V2ray|Trojan]" msgid "Main Server" msgstr "主服务器" @@ -615,11 +615,11 @@ msgstr "导入配置信息" msgid "Configuration Url" msgstr "配置链接" -msgid "Open v2ray split-flow" -msgstr "开启V2ray分流" +msgid "Open v2ray route" +msgstr "开启分流" -msgid "When open v2ray split-flow,your main server must be a v2ray server" -msgstr "当使用v2ray分流功能时 主服务器必须为V2ray" +msgid "When open v2ray routed,Apply may take more time." +msgstr "(支持全类型分流)当分流开启时,保存并应用的时间可能变长。" msgid "Youtube Proxy" msgstr "Youtube 代理" diff --git a/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr b/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr index 474724bd56..af5cc3a7b1 100755 --- a/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr +++ b/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr @@ -1,4 +1,4 @@ -#!/bin/sh /etc/rc.common +#!/bin/bash /etc/rc.common # # Copyright (C) 2017 openwrt-ssr # Copyright (C) 2017 yushi studio @@ -29,11 +29,15 @@ kcp_enable_flag=0 kcp_flag=0 pdnsd_enable_flag=0 switch_enable=0 +shunt_enable=0 switch_server=$1 MAXFD=32768 CRON_FILE=/etc/crontabs/root threads=1 - +shunt_type=("global" "youtube" "tw_video" "netflix" "disney" "prime" "tvb") +shunt_port=(2080 2081 2082 2083 2084 2085 2086) +shunt_array=("youtube" "tw_video" "netflix" "disney" "prime" "tvb") +scount=0 uci_get_by_name() { local ret=$(uci get $NAME.$1.$2 2>/dev/null) echo ${ret:=$3} @@ -45,9 +49,9 @@ uci_get_by_type() { } add_cron() { - sed -i '/vssr.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/vssr.log' >> $CRON_FILE - [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/subscribe.lua" >> $CRON_FILE - [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/update.lua" >> $CRON_FILE + sed -i '/vssr.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/vssr.log' >>$CRON_FILE + [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/subscribe.lua" >>$CRON_FILE + [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/bin/lua /usr/share/vssr/update.lua" >>$CRON_FILE crontab $CRON_FILE } @@ -56,7 +60,17 @@ del_cron() { sed -i '/vssr.log/d' $CRON_FILE /etc/init.d/cron restart } - +count_shunt() { + scount=0 + for ((i = 0; i < ${#shunt_array[@]}; i++)); do + local server_index=$(uci_get_by_type global ${shunt_array[i]}_server) + local server_type=$(uci_get_by_name $server_index type) + if [ "$server_type" != "" ]; then + scount=$(($scount + 1)) + fi + done +} +count_shunt run_mode=$(uci_get_by_type global run_mode) gen_config_file() { @@ -89,9 +103,14 @@ gen_config_file() { re_type="nat" fi fi - lua /usr/share/vssr/genconfig_${stype}.lua ${server_obj} ${re_type} ${port} ${hostip} >${config_file} + local mport=0 + if [ $3 = "1" ]; then + stype="v2ray" + mport=1090 + re_type="tcp" + fi + lua /usr/share/vssr/genconfig_${stype}.lua ${server_obj} ${re_type} ${port} ${hostip} ${mport} >${config_file} sed -i 's/\\//g' $config_file - } get_arg_out() { @@ -128,11 +147,23 @@ start_rules() { local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips) local lan_ac_mode="b" local router_proxy=$(uci_get_by_type access_control router_proxy) - if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then + if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a $kcp_flag == 0 ]; then ARG_UDP="-u" elif [ -n "$UDP_RELAY_SERVER" ]; then ARG_UDP="-U" local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server) + if echo $udp_server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + udp_server=${udp_server} + elif [ "$udp_server" != "${udp_server#*:[0-9a-fA-F]}" ]; then + udp_server=${udp_server} + else + udp_server=$(ping ${udp_server} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) + if echo $udp_server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + echo $udp_server >/etc/ssr_ip + else + udp_server=$(cat /etc/ssr_ip) + fi + fi local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port) fi @@ -174,7 +205,6 @@ start_rules() { -G "$(uci_get_by_type access_control lan_gm_ips)" \ -D "$proxyport" \ $(get_arg_out) $gfwmode $ARG_UDP - return $? } @@ -234,6 +264,48 @@ EOF /usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d } +find_bin() { + case "$1" in + ss) ret="/usr/bin/ss-redir" ;; + ss-local) ret="/usr/bin/ss-local" ;; + ssr) ret="/usr/bin/ssr-redir" ;; + ssr-local) ret="/usr/bin/ssr-local" ;; + ssr-server) ret="/usr/bin/ssr-server" ;; + v2ray) ret="/usr/bin/v2ray/v2ray" && [ ! -f "$ret" ] && ret="/usr/bin/v2ray" ;; + trojan) ret="/usr/sbin/trojan" ;; + socks5 | tun) ret="/usr/sbin/redsocks2" ;; + esac + echo $ret +} +#分流节点 +start_shunt() { + for ((i = 0; i < ${#shunt_type[@]}; i++)); do + local server_index=$(uci_get_by_type global ${shunt_type[i]}_server) + local server_port=${shunt_port[i]} + local server_type=$(uci_get_by_name $server_index type) + local server_ip=$(uci_get_by_name $server_index server) + [ "$server_type" == "trojan" ] && re_type="client" || re_type="tcp" + if [ "$server_type" != "v2ray" -a "$server_type" != "" ]; then + local config_file=/var/etc/${NAME}_${shunt_type[i]}.json + local bin=$(find_bin $server_type) + lua /usr/share/vssr/genconfig_${server_type}.lua ${server_index} ${re_type} ${server_port} ${server_ip} >${config_file} + sed -i 's/\\//g' $config_file + case "$server_type" in + ss | ssr) + bin=$(find_bin "ss-local") + [ "$server_type" == "ssr" ] && bin=$(find_bin "ssr-local") + $bin -c $config_file $ARG_OTA -f /var/run/vssr-${shunt_type[i]}.pid1 >/dev/null 2>&1 + ;; + trojan) + $bin --config $config_file >/dev/null 2>&1 & + ;; + esac + echo "$(date "+%Y-%m-%d %H:%M:%S") ${shunt_type[i]}: $server_type 分流服务已启动!" >>/tmp/vssr.log + fi + done + return $? +} + start_redir() { case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in 1 | on | true | yes | enabled) ARG_OTA="-A" ;; @@ -258,26 +330,12 @@ start_redir() { kcp_enable_flag=1 fi - gen_config_file $GLOBAL_SERVER 0 + gen_config_file $GLOBAL_SERVER 0 0 local stype=$(uci_get_by_name $GLOBAL_SERVER type) - if [ "$stype" == "ss" -o "$stype" == "v2ray" ]; then - sscmd="/usr/bin/v2ray/v2ray" - [ ! -f "$sscmd" ] && sscmd="/usr/bin/v2ray" - elif [ "$stype" == "ssr" ]; then - sscmd="/usr/bin/ssr-redir" - elif [ "$stype" == "trojan" ]; then - sscmd="/usr/sbin/trojan" - fi + sscmd=$(find_bin $stype) local utype=$(uci_get_by_name $UDP_RELAY_SERVER type) - if [ "$utype" == "ss" -o "$utype" == "v2ray" ]; then - ucmd="/usr/bin/v2ray/v2ray" - [ ! -f "$ucmd" ] && ucmd="/usr/bin/v2ray" - elif [ "$utype" == "ssr" ]; then - ucmd="/usr/bin/ssr-redir" - elif [ "$utype" == "trojan" ]; then - ucmd="/usr/sbin/trojan" - fi + ucmd=$(find_bin $utype) if [ "$(uci_get_by_type global threads 0)" = "0" ]; then threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l) @@ -286,47 +344,69 @@ start_redir() { fi #转发TCP redir_tcp=1 - local last_config_file=$CONFIG_FILE - if [ "$stype" == "ssr" ]; then - local pid_file="/var/run/ssr-retcp.pid" - for i in $(seq 1 $threads); do - $sscmd -c $last_config_file $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") SSR $threads 线程 已启动!" >>/tmp/vssr.log - elif [ "$stype" == "v2ray" -o "$stype" == "ss" ]; then - $sscmd -config $last_config_file >/dev/null 2>&1 & + if [ $scount == "0" ]; then + local last_config_file=$CONFIG_FILE + case "$stype" in + ss | ssr) + local pid_file="/var/run/ssr-retcp.pid" + local name="Shadowsocks" + [ "$type" == "ssr" ] && name="ShadowsocksR" + for i in $(seq 1 $threads); do + $sscmd -c $last_config_file $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1 + done + echo "$(date "+%Y-%m-%d %H:%M:%S") $name $threads 线程 已启动!" >>/tmp/vssr.log + ;; + v2ray) + $sscmd -config $last_config_file >/dev/null 2>&1 & + echo $sscmd + echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log + ;; + trojan) + for i in $(seq 1 $threads); do + $sscmd -c $last_config_file >/dev/null 2>&1 & + done + echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -V 2>&1 | head -1) $threads 线程 已启动!" >>/tmp/vssr.log + ;; + esac + else + if [ $stype != "vray" ]; then + #开启 v2ray 路由服务 + gen_config_file $GLOBAL_SERVER 0 1 + sscmd=$(find_bin "v2ray") + local last_config_file=$CONFIG_FILE + $sscmd -config $last_config_file >/dev/null 2>&1 & + echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log + fi - echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log - - elif [ "$stype" == "trojan" ]; then - for i in $(seq 1 $threads); do - $sscmd -c $last_config_file >/dev/null 2>&1 & - done - echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -V 2>&1 | head -1) $threads 线程 已启动!" >>/tmp/vssr.log fi #转发UDP if [ -n "$UDP_RELAY_SERVER" ]; then redir_udp=1 - gen_config_file $UDP_RELAY_SERVER 1 + gen_config_file $UDP_RELAY_SERVER 1 0 last_config_file=$CONFIG_UDP_FILE - echo $utype - if [ "$utype" == "ssr" ]; then - + case "$stype" in + ss | ssr) case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in 1 | on | true | yes | enabled) ARG_OTA="-A" ;; *) ARG_OTA="" ;; esac + local name="Shadowsocks" + [ "$type" == "ssr" ] && name="ShadowsocksR" pid_file="/var/run/ssr-reudp.pid" - #echo $ucmd >> /tmp/vssr.log - $ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/tmp/vssr.log 2>&1 - #echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) UDP已启动!" >> /tmp/vssr.log - elif [ "$utype" == "ss" -o "$utype" == "v2ray" ]; then + $ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1 + echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: $name 已启动!" >>/tmp/vssr.log + ;; + v2ray) $ucmd -config $last_config_file >/dev/null 2>&1 & - elif [ "$stype" == "trojan" ]; then + echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: V2ray 已启动!" >>/tmp/vssr.log + ;; + trojan) $ucmd --config $last_config_file >/dev/null 2>&1 & ipt2socks -U -4 -b 0.0.0.0 -s 127.0.0.1 -p 10801 -l $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/dev/null 2>&1 & - fi + echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay: Trojan 已启动!" >>/tmp/vssr.log + ;; + esac fi #deal with dns @@ -430,14 +510,13 @@ start_server() { start_local() { local local_server=$(uci_get_by_type socks5_proxy enable_server) - [ "$local_server" = "0" ] && return 0 + [ "$local_server" = "0" ] && return 1 mkdir -p /var/run /var/etc - lua /usr/share/vssr/genconfig_v2ray_s.lua >$CONFIG_SOCK5_FILE + lua /usr/share/vssr/genconfig_v2ray_s.lua >$CONFIG_SOCK5_FILE sed -i 's/\\//g' $config_file /usr/bin/v2ray/v2ray -config $CONFIG_SOCK5_FILE >/dev/null 2>&1 & - local_enable=1 } @@ -485,7 +564,9 @@ EOF fi start_server start_local - + if [ $scount != "0" ]; then + start_shunt + fi if [ $(uci_get_by_type global monitor_enable) = 1 ]; then let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable if [ $total_count -gt 0 ]; then @@ -503,6 +584,7 @@ boot() { } stop() { + echo "stop" /usr/bin/vssr-rules -f srulecount=$(iptables -L | grep SSR-SERVER-RULE | wc -l) if [ $srulecount -gt 0 ]; then @@ -516,15 +598,7 @@ stop() { if [ $(uci_get_by_type global monitor_enable) = 1 ]; then kill -9 $(busybox ps -w | grep vssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1 fi - killall -q -9 vssr-monitor - killall -q -9 ssr-redir - killall -q -9 v2ray - killall -q -9 trojan - killall -q -9 ipt2socks - killall -q -9 ssr-server - killall -q -9 kcptun-client - killall -q -9 ssr-local - killall -q -9 pdnsd + killall -q -9 ss-redir ss-local obfs-local ssr-redir ssr-local ssr-server v2ray v2ray-plugin trojan microsocks ipt2socks dns2socks redsocks2 pdnsd if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf diff --git a/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules b/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules index e0c9cb5168..4ce92ea8d5 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules +++ b/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules @@ -75,41 +75,41 @@ flush_r() { ipset_r() { ipset -N gmlan hash:net 2>/dev/null - for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done - - if [ "$RUNMODE" = "router" ] ;then - ipset -! -R <<-EOF || return 1 - create ss_spec_wan_ac hash:net - $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") -EOF - ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN - $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN - $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - - elif [ "$RUNMODE" = "gfw" ] ;then - ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW - $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW - $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN - $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN - - elif [ "$RUNMODE" = "oversea" ] ;then - ipset -N oversea hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - ipset -N gmlan hash:net 2>/dev/null - for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done - $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN - - elif [ "$RUNMODE" = "all" ] ;then - $IPT -N SS_SPEC_WAN_AC - $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN - - fi + for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done + case "$RUNMODE" in + router) + ipset -! -R <<-EOF || return 1 + create ss_spec_wan_ac hash:net + $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") + EOF + ipset -N gfwlist hash:net 2>/dev/null + $IPT -N SS_SPEC_WAN_AC + $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN + $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN + $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW + ;; + gfw) + ipset -N gfwlist hash:net 2>/dev/null + $IPT -N SS_SPEC_WAN_AC + $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN + $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN + ;; + oversea) + ipset -N oversea hash:net 2>/dev/null + $IPT -N SS_SPEC_WAN_AC + ipset -N gmlan hash:net 2>/dev/null + for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done + $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW + $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN + ;; + all) + $IPT -N SS_SPEC_WAN_AC + $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW + $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN + ;; + esac ipset -N fplan hash:net 2>/dev/null for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done @@ -147,37 +147,37 @@ fw_rule() { ac_rule() { if [ -n "$LAN_AC_IP" ]; then case "${LAN_AC_IP:0:1}" in - w|W) - MATCH_SET="-m set --match-set ss_spec_lan_ac src" - ;; - b|B) - MATCH_SET="-m set ! --match-set ss_spec_lan_ac src" - ;; - *) - loger 3 "Bad argument \`-a $LAN_AC_IP\`." - return 2 - ;; + w | W) + MATCH_SET="-m set --match-set ss_spec_lan_ac src" + ;; + b | B) + MATCH_SET="-m set ! --match-set ss_spec_lan_ac src" + ;; + *) + loger 3 "Bad argument \`-a $LAN_AC_IP\`." + return 2 + ;; esac fi IFNAME=$(uci get -P/var/state network.lan.ifname 2>/dev/null) ipset -! -R <<-EOF || return 1 create ss_spec_lan_ac hash:net $(for ip in ${LAN_AC_IP:1}; do echo "add ss_spec_lan_ac $ip"; done) -EOF + EOF $IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET \ - -m comment --comment "$TAG" -j SS_SPEC_WAN_AC + -m comment --comment "$TAG" -j SS_SPEC_WAN_AC if [ "$OUTPUT" = 1 ]; then $IPT -I OUTPUT 1 -p tcp $EXT_ARGS \ - -m comment --comment "$TAG" -j SS_SPEC_WAN_AC + -m comment --comment "$TAG" -j SS_SPEC_WAN_AC elif [ "$OUTPUT" = 2 ]; then ipset -! -R <<-EOF || return 1 - create ssr_gen_router hash:net - $(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /") -EOF + create ssr_gen_router hash:net + $(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /") + EOF $IPT -N SS_SPEC_ROUTER && \ $IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \ $IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW - $IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER + $IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER fi return $? } @@ -188,6 +188,8 @@ tp_rule() { ip route add local 0.0.0.0/0 dev lo table 100 local ipt="iptables -t mangle" $ipt -N SS_SPEC_TPROXY + $ipt -A SS_SPEC_TPROXY -p udp --dport 443 -j RETURN + $ipt -A SS_SPEC_TPROXY -p udp --dport 80 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp --dport 53 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d 0.0.0.0/8 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d 10.0.0.0/8 -j RETURN @@ -197,35 +199,33 @@ tp_rule() { $ipt -A SS_SPEC_TPROXY -p udp -d 192.168.0.0/16 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d 224.0.0.0/4 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN - - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \ + $ipt -A SS_SPEC_TPROXY -p udp ! --dport 53 -d $server -j RETURN + $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \ + -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + case "$RUNMODE" in + router) + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - - if [ "$RUNMODE" = "router" ] ;then - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ + $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \ + ;; + gfw) + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - - elif [ "$RUNMODE" = "gfw" ] ;then - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ + $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \ + ;; + oversea) + $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - - elif [ "$RUNMODE" = "oversea" ] ;then - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - - elif [ "$RUNMODE" = "all" ] ;then - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - fi - + ;; + all) + $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + ;; + esac $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \ - -m comment --comment "$TAG" -j SS_SPEC_TPROXY - + -m comment --comment "$TAG" -j SS_SPEC_TPROXY return $? } @@ -376,14 +376,14 @@ if [ -z "$server" -o -z "$local_port" ]; then usage 2 fi -if [ "$TPROXY" = 1 ]; then +if [ "$TPROXY" == 1 ]; then SERVER=$server LOCAL_PORT=$local_port -elif [ "$TPROXY" = 2 ]; then +elif [ "$TPROXY" == 2 ]; then : ${SERVER:?"You must assign an ip for the udp relay server."} : ${LOCAL_PORT:?"You must assign a port for the udp relay server."} fi flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include -[ "$?" = 0 ] || loger 3 "Start failed!" +[ "$?" == 0 ] || loger 3 "Start failed!" exit $? \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_ss.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_ss.lua index 72b0a6f262..80c35f0bcc 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_ss.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_ss.lua @@ -1,61 +1,23 @@ -local ucursor = require"luci.model.uci".cursor() +local ucursor = require "luci.model.uci".cursor() local json = require "luci.jsonc" local server_section = arg[1] -local proto = arg[2] +local proto = arg[2] local local_port = arg[3] local host = arg[4] local server = ucursor:get_all("vssr", server_section) -local v2ray = { - log = { - -- error = "/var/ssrplus.log", - loglevel = "info" - }, - -- 传入连接 - inbound = { - - port = local_port, - protocol = "dokodemo-door", - settings = {network = proto, followRedirect = true}, - sniffing = {enabled = true, destOverride = {"http", "tls"}} - - }, - -- 传出连接 - outbounds = { - { - tag = "protocol_layer", - protocol = "shadowsocks", - settings = { - servers = { - { - address = host, - port = tonumber(server.server_port), - method = server.encrypt_method_ss, - password = server.password - } - } - }, - proxySettings = {tag = "transport_layer"} - }, { - tag = "transport_layer", - protocol = "freedom", - settings = (server.obfs_host ~= nil) and{ - redirect = server.obfs_host .. ":" .. - tonumber(server.server_port) - } or nil, - streamSettings = (server.obfs_transport ~= nil) and{ - network = server.obfs_transport, - security = (server.obfs_opts == '1') and "tls" or "none", - wsSettings = { - path = server.obfs_path, - headers = (server.obfs_host ~= nil) and {host = server.obfs_host} or nil - } - } or nil, - mux = {enabled = (server.mux == "1") and true or false} - } - - } - +local ss = { + server = host, + server_port = server.server_port, + local_address = "0.0.0.0", + local_port = local_port, + password = server.password, + timeout = (server.timeout ~= nil) and server.timeout or 60, + method = server.encrypt_method_ss, + reuse_port = true, + fast_open = (server.fast_open == "1") and true or false, + plugin = (server.plugin ~= nil) and server.plugin or nil, + plugin_opts = (server.plugin ~= nil) and server.plugin_opts or nil, } -print(json.stringify(v2ray, 1)) +print(json.stringify(ss, 1)) diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua index 3e9ad489ed..9e901ef690 100644 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua @@ -18,7 +18,7 @@ local trojan = { password = {server.password}, -- 传出连接 ssl = { - verify = false, + verify = (server.insecure == "0") and true or false, verify_hostname = (server.tls == "1") and false or true, cert = "", cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA", diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua index 4aac35978d..32ab211872 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua @@ -5,6 +5,7 @@ local server_section = arg[1] local proto = arg[2] local local_port = arg[3] local host = arg[4] +local main_port = arg[5] local v2ray_flow = ucursor:get_first(name, 'global', 'v2ray_flow', '0') local youtube_server = ucursor:get_first(name, 'global', 'youtube_server') @@ -14,81 +15,100 @@ local disney_server = ucursor:get_first(name, 'global', 'disney_server') local prime_server = ucursor:get_first(name, 'global', 'prime_server') local tvb_server = ucursor:get_first(name, 'global', 'tvb_server') -function gen_outbound(server_node, tags) +function gen_outbound(server_node, tags, local_ports) local bound = {} if server_node == "nil" then bound = nil else + local server = ucursor:get_all(name, server_node) - bound = { - tag = tags, - protocol = "vmess", - settings = { - vnext = { - { - address = server.server, - port = tonumber(server.server_port), - users = { - { - id = server.vmess_id, - alterId = tonumber(server.alter_id), - security = server.security - } + if server.type ~= "v2ray" then + bound = { + tag = tags, + protocol = "socks", + settings = { + servers = { + { + address = "127.0.0.1", + port = tonumber(local_ports) } } } - }, - -- 底层传输配置 - streamSettings = { - network = server.transport, - security = (server.tls == '1') and "tls" or "none", - tlsSettings = { - allowInsecure = (server.insecure == "1") and true or false, - serverName = server.ws_host - }, - kcpSettings = (server.transport == "kcp") and { - mtu = tonumber(server.mtu), - tti = tonumber(server.tti), - uplinkCapacity = tonumber(server.uplink_capacity), - downlinkCapacity = tonumber(server.downlink_capacity), - congestion = (server.congestion == "1") and true or false, - readBufferSize = tonumber(server.read_buffer_size), - writeBufferSize = tonumber(server.write_buffer_size), - header = {type = server.kcp_guise} - } or nil, - wsSettings = (server.transport == "ws") and - (server.ws_path ~= nil or server.ws_host ~= nil) and { - path = server.ws_path, - headers = (server.ws_host ~= nil) and - {Host = server.ws_host} or nil - } or nil, - httpSettings = (server.transport == "h2") and - {path = server.h2_path, host = server.h2_host} or nil, - quicSettings = (server.transport == "quic") and { - security = server.quic_security, - key = server.quic_key, - header = {type = server.quic_guise} - } or nil - }, - mux = { - enabled = (server.mux == "1") and true or false, - concurrency = tonumber(server.concurrency) } - } + else + bound = { + tag = tags, + protocol = "vmess", + settings = { + vnext = { + { + address = server.server, + port = tonumber(server.server_port), + users = { + { + id = server.vmess_id, + alterId = tonumber(server.alter_id), + security = server.security + } + } + } + } + }, + -- 底层传输配置 + streamSettings = { + network = server.transport, + security = (server.tls == '1') and "tls" or "none", + tlsSettings = { + allowInsecure = (server.insecure == "1") and true or false, + serverName = server.ws_host + }, + kcpSettings = (server.transport == "kcp") and { + mtu = tonumber(server.mtu), + tti = tonumber(server.tti), + uplinkCapacity = tonumber(server.uplink_capacity), + downlinkCapacity = tonumber(server.downlink_capacity), + congestion = (server.congestion == "1") and true or false, + readBufferSize = tonumber(server.read_buffer_size), + writeBufferSize = tonumber(server.write_buffer_size), + header = {type = server.kcp_guise} + } or nil, + wsSettings = (server.transport == "ws") and + (server.ws_path ~= nil or server.ws_host ~= nil) and { + path = server.ws_path, + headers = (server.ws_host ~= nil) and + {Host = server.ws_host} or nil + } or nil, + httpSettings = (server.transport == "h2") and + {path = server.h2_path, host = server.h2_host} or nil, + quicSettings = (server.transport == "quic") and { + security = server.quic_security, + key = server.quic_key, + header = {type = server.quic_guise} + } or nil + }, + mux = { + enabled = (server.mux == "1") and true or false, + concurrency = tonumber(server.concurrency) + } + } + end end return bound end local outbounds_table = {} -table.insert(outbounds_table, gen_outbound(server_section, "main")) + if v2ray_flow == "1" then - table.insert(outbounds_table, gen_outbound(youtube_server, "youtube")) - table.insert(outbounds_table, gen_outbound(tw_video_server, "twvideo")) - table.insert(outbounds_table, gen_outbound(netflix_server, "netflix")) - table.insert(outbounds_table, gen_outbound(disney_server, "disney")) - table.insert(outbounds_table, gen_outbound(prime_server, "prime")) - table.insert(outbounds_table, gen_outbound(tvb_server, "tvb")) + table.insert(outbounds_table, gen_outbound(server_section, "global",2080)) + table.insert(outbounds_table, gen_outbound(youtube_server, "youtube",2081)) + table.insert(outbounds_table, gen_outbound(tw_video_server, "twvideo",2082)) + table.insert(outbounds_table, gen_outbound(netflix_server, "netflix",2083)) + table.insert(outbounds_table, gen_outbound(disney_server, "disney",2084)) + table.insert(outbounds_table, gen_outbound(prime_server, "prime",2085)) + table.insert(outbounds_table, gen_outbound(tvb_server, "tvb",2086)) +else + table.insert(outbounds_table, gen_outbound(server_section, "main",local_port)) end -- rules gen @@ -215,17 +235,18 @@ end local v2ray = { log = { - -- error = "/var/ssrplus.log", + -- error = "/var/vssrsss.log", -- access = "/var/v2rays.log", loglevel = "warning" }, -- 传入连接 inbounds = { { - port = local_port, + port = tonumber(local_port), protocol = "dokodemo-door", settings = {network = proto, followRedirect = true}, - sniffing = {enabled = true, destOverride = {"http", "tls"}} + sniffing = {enabled = true, destOverride = {"http", "tls"}}, + streamSettings = {sockopt = { tproxy = (proto == "tcp") and "redirect" or "tproxy"}} } }, diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/subscribe.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/subscribe.lua index d56a2a51be..422adc3f1d 100644 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/subscribe.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/subscribe.lua @@ -224,6 +224,7 @@ local function processData(szType, content) result.alias = UrlDecode(alias) result.type = "trojan" result.server = host[1] + result.insecure = "0" if host[2]:find("?") then local query = split(host[2], "?") result.server_port = query[1]