diff --git a/package/lienol/luci-app-passwall/Makefile b/package/lienol/luci-app-passwall/Makefile index d3df1e9d81..643ce86ead 100644 --- a/package/lienol/luci-app-passwall/Makefile +++ b/package/lienol/luci-app-passwall/Makefile @@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall PKG_VERSION:=3.9 -PKG_RELEASE:=64 -PKG_DATE:=20200925 +PKG_RELEASE:=65 +PKG_DATE:=20201003 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/api.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/api.lua index 6a44a4cf4b..2693c35c34 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/api.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/api.lua @@ -14,8 +14,11 @@ command_timeout = 300 LEDE_BOARD = nil DISTRIB_TARGET = nil -function gen_uuid() - local uuid = string.gsub(sys.exec("echo -n $(cat /proc/sys/kernel/random/uuid)"), "-", "") +function gen_uuid(format) + local uuid = sys.exec("echo -n $(cat /proc/sys/kernel/random/uuid)") + if format == nil then + uuid = string.gsub(uuid, "-", "") + end return uuid end diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua index e5e9278cda..5b5f0222bd 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua @@ -42,7 +42,7 @@ local function gen_outbound(node, tag) node.stream_security = "none" end - if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then + if node.transport == "mkcp" or node.transport == "quic" then node.stream_security = "none" end @@ -54,23 +54,26 @@ local function gen_outbound(node, tag) concurrency = (node.mux_concurrency) and tonumber(node.mux_concurrency) or 8 }, -- 底层传输配置 - streamSettings = (node.protocol == "vmess" or node.protocol == "vless" or node.protocol == "socks" or node.protocol == "shadowsocks") and { + streamSettings = (node.protocol == "vmess" or node.protocol == "vless" or node.protocol == "socks" or node.protocol == "shadowsocks" or node.protocol == "trojan") and { network = node.transport, security = node.stream_security, + xtlsSettings = (node.stream_security == "xtls") and { + serverName = node.tls_serverName, + allowInsecure = (node.tls_allowInsecure == "1") and true or false + } or nil, tlsSettings = (node.stream_security == "tls") and { - disableSessionResumption = node.sessionTicket ~= "1" and true or false, serverName = node.tls_serverName, allowInsecure = (node.tls_allowInsecure == "1") and true or false } or nil, tcpSettings = (node.transport == "tcp" and node.protocol ~= "socks") and { header = { type = node.tcp_guise, - request = { + request = (node.tcp_guise == "http") and { path = node.tcp_guise_http_path or {"/"}, headers = { Host = node.tcp_guise_http_host or {} } - } or {} + } or nil } } or nil, kcpSettings = (node.transport == "mkcp") and { @@ -110,19 +113,19 @@ local function gen_outbound(node, tag) id = node.uuid, alterId = tonumber(node.alter_id), level = node.level and tonumber(node.level) or 0, - security = node.security, - encryption = node.encryption or "none" + security = (node.protocol == "vmess") and node.security or nil, + encryption = node.encryption or "none", + flow = (node.stream_security == "xtls") and node.flow or nil } } } } or nil, - servers = (node.protocol == "socks" or node.protocol == "http" or node.protocol == "shadowsocks") and { + servers = (node.protocol == "socks" or node.protocol == "http" or node.protocol == "shadowsocks" or node.protocol == "trojan") and { { address = node.address, port = tonumber(node.port), method = node.method or nil, password = node.password or "", - ota = node.ota == '1' and true or false, users = (node.username and node.password) and {{user = node.username, pass = node.password}} or nil } diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua index c0165429a6..18e620a89d 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua @@ -106,6 +106,7 @@ protocol:value("vless", translate("VLESS")) protocol:value("http", translate("HTTP")) protocol:value("socks", translate("Socks")) protocol:value("shadowsocks", translate("Shadowsocks")) +protocol:value("trojan", translate("Trojan")) protocol:value("_balancing", translate("Balancing")) protocol:value("_shunt", translate("Shunt")) protocol:depends("type", "V2ray") @@ -176,16 +177,17 @@ address.rmempty = false address:depends("type", "Socks") address:depends("type", "SS") address:depends("type", "SSR") -address:depends({ type = "V2ray", protocol = "vmess" }) -address:depends({ type = "V2ray", protocol = "vless" }) -address:depends({ type = "V2ray", protocol = "http" }) -address:depends({ type = "V2ray", protocol = "socks" }) -address:depends({ type = "V2ray", protocol = "shadowsocks" }) address:depends("type", "Brook") address:depends("type", "Trojan") address:depends("type", "Trojan-Plus") address:depends("type", "Trojan-Go") address:depends("type", "Naiveproxy") +address:depends({ type = "V2ray", protocol = "vmess" }) +address:depends({ type = "V2ray", protocol = "vless" }) +address:depends({ type = "V2ray", protocol = "http" }) +address:depends({ type = "V2ray", protocol = "socks" }) +address:depends({ type = "V2ray", protocol = "shadowsocks" }) +address:depends({ type = "V2ray", protocol = "trojan" }) --[[ use_ipv6 = s:option(Flag, "use_ipv6", translate("Use IPv6")) @@ -193,15 +195,16 @@ use_ipv6.default = 0 use_ipv6:depends("type", "Socks") use_ipv6:depends("type", "SS") use_ipv6:depends("type", "SSR") +use_ipv6:depends("type", "Brook") +use_ipv6:depends("type", "Trojan") +use_ipv6:depends("type", "Trojan-Plus") +use_ipv6:depends("type", "Trojan-Go") use_ipv6:depends({ type = "V2ray", protocol = "vmess" }) use_ipv6:depends({ type = "V2ray", protocol = "vless" }) use_ipv6:depends({ type = "V2ray", protocol = "http" }) use_ipv6:depends({ type = "V2ray", protocol = "socks" }) use_ipv6:depends({ type = "V2ray", protocol = "shadowsocks" }) -use_ipv6:depends("type", "Brook") -use_ipv6:depends("type", "Trojan") -use_ipv6:depends("type", "Trojan-Plus") -use_ipv6:depends("type", "Trojan-Go") +use_ipv6:depends({ type = "V2ray", protocol = "trojan" }) --]] port = s:option(Value, "port", translate("Port")) @@ -210,22 +213,23 @@ port.rmempty = false port:depends("type", "Socks") port:depends("type", "SS") port:depends("type", "SSR") -port:depends({ type = "V2ray", protocol = "vmess" }) -port:depends({ type = "V2ray", protocol = "vless" }) -port:depends({ type = "V2ray", protocol = "http" }) -port:depends({ type = "V2ray", protocol = "socks" }) -port:depends({ type = "V2ray", protocol = "shadowsocks" }) port:depends("type", "Brook") port:depends("type", "Trojan") port:depends("type", "Trojan-Plus") port:depends("type", "Trojan-Go") port:depends("type", "Naiveproxy") +port:depends({ type = "V2ray", protocol = "vmess" }) +port:depends({ type = "V2ray", protocol = "vless" }) +port:depends({ type = "V2ray", protocol = "http" }) +port:depends({ type = "V2ray", protocol = "socks" }) +port:depends({ type = "V2ray", protocol = "shadowsocks" }) +port:depends({ type = "V2ray", protocol = "trojan" }) username = s:option(Value, "username", translate("Username")) username:depends("type", "Socks") username:depends("type", "Naiveproxy") -username:depends("protocol", "http") -username:depends("protocol", "socks") +username:depends({ type = "V2ray", protocol = "http" }) +username:depends({ type = "V2ray", protocol = "socks" }) password = s:option(Value, "password", translate("Password")) password.password = true @@ -237,9 +241,10 @@ password:depends("type", "Trojan") password:depends("type", "Trojan-Plus") password:depends("type", "Trojan-Go") password:depends("type", "Naiveproxy") -password:depends("protocol", "http") -password:depends("protocol", "socks") -password:depends("protocol", "shadowsocks") +password:depends({ type = "V2ray", protocol = "http" }) +password:depends({ type = "V2ray", protocol = "socks" }) +password:depends({ type = "V2ray", protocol = "shadowsocks" }) +password:depends({ type = "V2ray", protocol = "trojan" }) ss_encrypt_method = s:option(ListValue, "ss_encrypt_method", translate("Encrypt Method")) for a, t in ipairs(ss_encrypt_method_list) do ss_encrypt_method:value(t) end @@ -263,11 +268,11 @@ end security = s:option(ListValue, "security", translate("Encrypt Method")) for a, t in ipairs(security_list) do security:value(t) end -security:depends("protocol", "vmess") +security:depends({ type = "V2ray", protocol = "vmess" }) encryption = s:option(Value, "encryption", translate("Encrypt Method")) encryption.default = "none" -encryption:depends("protocol", "vless") +encryption:depends({ type = "V2ray", protocol = "vless" }) v_ss_encrypt_method = s:option(ListValue, "v_ss_encrypt_method", translate("Encrypt Method")) for a, t in ipairs(v_ss_encrypt_method_list) do v_ss_encrypt_method:value(t) end @@ -279,16 +284,6 @@ function v_ss_encrypt_method.write(self, section, value) m:set(section, "method", value) end -ss_ota = s:option(Flag, "ss_ota", translate("OTA"), translate("When OTA is enabled, V2Ray will reject connections that are not OTA enabled. This option is invalid when using AEAD encryption.")) -ss_ota.default = "0" -ss_ota:depends("protocol", "shadowsocks") -function ss_ota.cfgvalue(self, section) - return m:get(section, "ota") -end -function ss_ota.write(self, section, value) - m:set(section, "ota", value) -end - ssr_protocol = s:option(ListValue, "ssr_protocol", translate("Protocol")) for a, t in ipairs(ssr_protocol_list) do ssr_protocol:value(t) end ssr_protocol:depends("type", "SSR") @@ -367,25 +362,28 @@ kcp_opts:depends("use_kcp", "1") uuid = s:option(Value, "uuid", translate("ID")) uuid.password = true -uuid:depends("protocol", "vmess") -uuid:depends("protocol", "vless") +uuid:depends({ type = "V2ray", protocol = "vmess" }) +uuid:depends({ type = "V2ray", protocol = "vless" }) alter_id = s:option(Value, "alter_id", translate("Alter ID")) alter_id:depends("protocol", "vmess") level = s:option(Value, "level", translate("User Level")) level.default = 1 -level:depends("protocol", "vmess") -level:depends("protocol", "vless") +level:depends({ type = "V2ray", protocol = "vmess" }) +level:depends({ type = "V2ray", protocol = "vless" }) +level:depends({ type = "V2ray", protocol = "trojan" }) -stream_security = s:option(ListValue, "stream_security", translate("Transport Layer Encryption"), translate('Whether or not transport layer encryption is enabled, the supported options are "none" for unencrypted and "TLS" for using TLS.')) +stream_security = s:option(ListValue, "stream_security", translate("Transport Layer Encryption"), translate('Whether or not transport layer encryption is enabled, "none" for unencrypted, "tls" for using TLS, "xtls" for using XTLS.')) stream_security:value("none", "none") stream_security:value("tls", "tls") +stream_security:value("xtls", "xtls") stream_security.default = "tls" -stream_security:depends("protocol", "vmess") -stream_security:depends("protocol", "vless") -stream_security:depends("protocol", "socks") -stream_security:depends("protocol", "shadowsocks") +stream_security:depends({ type = "V2ray", protocol = "vmess" }) +stream_security:depends({ type = "V2ray", protocol = "vless" }) +stream_security:depends({ type = "V2ray", protocol = "socks" }) +stream_security:depends({ type = "V2ray", protocol = "shadowsocks" }) +stream_security:depends({ type = "V2ray", protocol = "trojan" }) stream_security:depends("type", "Trojan") stream_security:depends("type", "Trojan-Plus") stream_security:depends("type", "Trojan-Go") @@ -396,10 +394,18 @@ stream_security.validate = function(self, value) return value end +flow = s:option(Value, "flow", translate("flow")) +flow.default = "xtls-rprx-origin" +flow:value("xtls-rprx-origin") +flow:value("xtls-rprx-origin-udp443") +flow:depends("stream_security", "xtls") + -- [[ TLS部分 ]] -- tls_sessionTicket = s:option(Flag, "tls_sessionTicket", translate("Session Ticket")) tls_sessionTicket.default = "0" -tls_sessionTicket:depends("stream_security", "tls") +tls_sessionTicket:depends({ type = "Trojan", stream_security = "tls" }) +tls_sessionTicket:depends({ type = "Trojan-Plus", stream_security = "tls" }) +tls_sessionTicket:depends({ type = "Trojan-Go", stream_security = "tls" }) -- [[ Trojan TLS ]]-- trojan_force_fp = s:option(ListValue, "fingerprint", translate("Finger Print")) @@ -409,10 +415,12 @@ trojan_force_fp:depends({ type = "Trojan-Go", stream_security = "tls" }) tls_serverName = s:option(Value, "tls_serverName", translate("Domain")) tls_serverName:depends("stream_security", "tls") +tls_serverName:depends("stream_security", "xtls") tls_allowInsecure = s:option(Flag, "tls_allowInsecure", translate("allowInsecure"), translate("Whether unsafe connections are allowed. When checked, Certificate validation will be skipped.")) tls_allowInsecure.default = "0" tls_allowInsecure:depends("stream_security", "tls") +tls_allowInsecure:depends("stream_security", "xtls") -- [[ Trojan Cert ]]-- trojan_cert_path = s:option(Value, "trojan_cert_path", translate("Trojan Cert Path")) @@ -456,17 +464,18 @@ transport:value("ws", "WebSocket") transport:value("h2", "HTTP/2") transport:value("ds", "DomainSocket") transport:value("quic", "QUIC") -transport:depends("protocol", "vmess") -transport:depends("protocol", "vless") -transport:depends("protocol", "socks") -transport:depends("protocol", "shadowsocks") +transport:depends({ type = "V2ray", protocol = "vmess" }) +transport:depends({ type = "V2ray", protocol = "vless" }) +transport:depends({ type = "V2ray", protocol = "socks" }) +transport:depends({ type = "V2ray", protocol = "shadowsocks" }) +transport:depends({ type = "V2ray", protocol = "trojan" }) --[[ ss_transport = s:option(ListValue, "ss_transport", translate("Transport")) ss_transport:value("ws", "WebSocket") ss_transport:value("h2", "HTTP/2") ss_transport:value("h2+ws", "HTTP/2 & WebSocket") -ss_transport:depends("protocol", "shadowsocks") +ss_transport:depends({ type = "V2ray", protocol = "shadowsocks" }) ]]-- -- [[ TCP部分 ]]-- diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua index 924512ebfc..1a974c4fc6 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua @@ -14,6 +14,7 @@ function gen_config(user) for i = 1, #user.uuid do clients[i] = { id = user.uuid[i], + flow = (user.stream_security == "xtls") and user.flow or nil, level = tonumber(user.level), alterId = tonumber(user.alter_id) } @@ -48,9 +49,21 @@ function gen_config(user) method = user.method, password = user.password, level = tonumber(user.level) or 1, - network = user.ss_network or "TCP,UDP", - ota = (user.ss_ota == '1') and true or false + network = user.ss_network or "TCP,UDP" } + elseif user.protocol == "trojan" then + if user.uuid then + local clients = {} + for i = 1, #user.uuid do + clients[i] = { + password = user.uuid[i], + level = tonumber(user.level) + } + end + settings = { + clients = clients + } + end elseif user.protocol == "mtproto" then settings = { users = { @@ -76,7 +89,7 @@ function gen_config(user) if user.transit_node and user.transit_node ~= "nil" then local node = ucic:get_all("passwall", user.transit_node) if node and node ~= "nil" and node.type and node.type == "V2ray" then - if node.transport == "mkcp" or node.transport == "ds" or node.transport == "quic" then + if node.transport == "mkcp" or node.transport == "quic" then node.stream_security = "none" end local transit_node = { @@ -90,6 +103,10 @@ function gen_config(user) streamSettings = { network = node.transport, security = node.stream_security, + xtlsSettings = (node.stream_security == "xtls") and { + serverName = node.tls_serverName, + allowInsecure = (node.tls_allowInsecure == "1") and true or false + } or nil, tlsSettings = (node.stream_security == "tls") and { disableSessionResumption = node.sessionTicket ~= "1" and true or false, serverName = node.tls_serverName, @@ -98,12 +115,12 @@ function gen_config(user) tcpSettings = (node.transport == "tcp") and { header = { type = node.tcp_guise, - request = { + request = (node.tcp_guise == "http") and { path = node.tcp_guise_http_path or {"/"}, headers = { Host = node.tcp_guise_http_host or {} } - } or {} + } or nil } } or nil, kcpSettings = (node.transport == "mkcp") and { @@ -143,19 +160,19 @@ function gen_config(user) id = node.uuid, alterId = tonumber(node.alter_id), level = node.level and tonumber(node.level) or 0, - security = node.security, - encryption = node.encryption or "none" + security = (node.protocol == "vmess") and node.security or nil, + encryption = node.encryption or "none", + flow = (node.stream_security == "xtls") and node.flow or nil } } } } or nil, - servers = (node.protocol == "http" or node.protocol == "socks" or node.protocol == "shadowsocks") and { + servers = (node.protocol == "http" or node.protocol == "socks" or node.protocol == "shadowsocks" or node.protocol == "trojan") and { { address = node.address, port = tonumber(node.port), method = node.v_ss_encrypt_method, password = node.password or "", - ota = (node.ss_ota == '1') and true or false, users = (node.username and node.password) and { { @@ -185,10 +202,18 @@ function gen_config(user) settings = settings, streamSettings = { network = user.transport, - security = (user.stream_security == 'tls') and "tls" or "none", + security = user.stream_security, + xtlsSettings = (user.stream_security == 'xtls') and { + --alpn = {"http/1.1"}, + disableSystemRoot = false, + certificates = { + { + certificateFile = user.tls_certificateFile, + keyFile = user.tls_keyFile + } + } + } or nil, tlsSettings = (user.stream_security == 'tls') and { - disableSessionResumption = user.sessionTicket ~= "1" and true or false, - allowInsecure = false, disableSystemRoot = false, certificates = { { @@ -200,12 +225,12 @@ function gen_config(user) tcpSettings = (user.transport == "tcp") and { header = { type = user.tcp_guise, - request = { + request = (user.tcp_guise == "http") and { path = user.tcp_guise_http_path or {"/"}, headers = { Host = user.tcp_guise_http_host or {} } - } or {} + } or nil } } or nil, kcpSettings = (user.transport == "mkcp") and { @@ -220,6 +245,7 @@ function gen_config(user) header = {type = user.mkcp_guise} } or nil, wsSettings = (user.transport == "ws") and { + acceptProxyProtocol = false, headers = (user.ws_host) and {Host = user.ws_host} or nil, path = user.ws_path } or nil, @@ -242,7 +268,7 @@ function gen_config(user) routing = routing } - if user.transport == "mkcp" or user.transport == "ds" or user.transport == "quic" then + if user.transport == "mkcp" or user.transport == "quic" then config.inbounds[1].streamSettings.security = "none" config.inbounds[1].streamSettings.tlsSettings = nil end diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/index.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/index.lua index 905588edda..2825a30fb7 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/index.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/index.lua @@ -44,6 +44,16 @@ e.width = "15%" ---- Type e = t:option(DummyValue, "type", translate("Type")) +e.cfgvalue = function(t, n) + local v = Value.cfgvalue(t, n) + if v then + if v == "V2ray" then + local protocol = m:get(n, "protocol") + return v .. " -> " .. protocol + end + return v + end +end e = t:option(DummyValue, "port", translate("Port")) diff --git a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua index 32d9a0a61a..75bcb5479b 100644 --- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua +++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua @@ -102,6 +102,7 @@ protocol:value("vless", "VLESS") protocol:value("http", "HTTP") protocol:value("socks", "Socks") protocol:value("shadowsocks", "Shadowsocks") +protocol:value("trojan", "Trojan") protocol:value("mtproto", "MTProto") protocol:depends("type", "V2ray") @@ -133,9 +134,9 @@ username.validate = function(self, value, t) end return value end -username:depends("protocol", "http") -username:depends("protocol", "socks") username:depends("type", "Socks") +username:depends({ type = "V2ray", protocol = "http" }) +username:depends({ type = "V2ray", protocol = "socks" }) password = s:option(Value, "password", translate("Password")) password.password = true @@ -169,7 +170,7 @@ end decryption = s:option(Value, "decryption", translate("Encrypt Method")) decryption.default = "none" -decryption:depends("protocol", "vless") +decryption:depends({ type = "V2ray", protocol = "vless" }) ss_encrypt_method = s:option(ListValue, "ss_encrypt_method", translate("Encrypt Method")) for a, t in ipairs(ss_encrypt_method_list) do ss_encrypt_method:value(t) end @@ -193,7 +194,7 @@ end v_ss_encrypt_method = s:option(ListValue, "v_ss_encrypt_method", translate("Encrypt Method")) for a, t in ipairs(v_ss_encrypt_method_list) do v_ss_encrypt_method:value(t) end -v_ss_encrypt_method:depends("protocol", "shadowsocks") +v_ss_encrypt_method:depends({ type = "V2ray", protocol = "shadowsocks" }) function v_ss_encrypt_method.cfgvalue(self, section) return m:get(section, "method") end @@ -206,17 +207,7 @@ ss_network.default = "tcp,udp" ss_network:value("tcp", "TCP") ss_network:value("udp", "UDP") ss_network:value("tcp,udp", "TCP,UDP") -ss_network:depends("protocol", "shadowsocks") - -ss_ota = s:option(Flag, "ss_ota", translate("OTA"), translate("When OTA is enabled, a connection that is not OTA enabled is rejected. This option is invalid when using AEAD encryption.")) -ss_ota.default = "0" -ss_ota:depends("protocol", "shadowsocks") -function ss_ota.cfgvalue(self, section) - return m:get(section, "ota") -end -function ss_ota.write(self, section, value) - m:set(section, "ota", value) -end +ss_network:depends({ type = "V2ray", protocol = "shadowsocks" }) ssr_protocol = s:option(ListValue, "ssr_protocol", translate("Protocol")) for a, t in ipairs(ssr_protocol_list) do ssr_protocol:value(t) end @@ -258,12 +249,13 @@ udp_forward.default = "1" udp_forward.rmempty = false udp_forward:depends("type", "SSR") -uuid = s:option(DynamicList, "uuid", translate("ID")) +uuid = s:option(DynamicList, "uuid", translate("ID") .. "/" .. translate("Password")) for i = 1, 3 do - uuid:value(api.gen_uuid()) + uuid:value(api.gen_uuid(1)) end uuid:depends({ type = "V2ray", protocol = "vmess" }) uuid:depends({ type = "V2ray", protocol = "vless" }) +uuid:depends({ type = "V2ray", protocol = "trojan" }) uuid:depends("type", "Trojan-Go") alter_id = s:option(Value, "alter_id", translate("Alter ID")) @@ -275,16 +267,19 @@ level.default = 1 level:depends({ type = "V2ray", protocol = "vmess" }) level:depends({ type = "V2ray", protocol = "vless" }) level:depends({ type = "V2ray", protocol = "shadowsocks" }) +level:depends({ type = "V2ray", protocol = "trojan" }) level:depends({ type = "V2ray", protocol = "mtproto" }) -stream_security = s:option(ListValue, "stream_security", translate("Transport Layer Encryption"), translate('Whether or not transport layer encryption is enabled, the supported options are "none" for unencrypted and "TLS" for using TLS.')) +stream_security = s:option(ListValue, "stream_security", translate("Transport Layer Encryption"), translate('Whether or not transport layer encryption is enabled, "none" for unencrypted, "tls" for using TLS, "xtls" for using XTLS.')) stream_security:value("none", "none") stream_security:value("tls", "tls") +stream_security:value("xtls", "xtls") stream_security.default = "none" stream_security:depends({ type = "V2ray", protocol = "vmess" }) stream_security:depends({ type = "V2ray", protocol = "vless" }) stream_security:depends({ type = "V2ray", protocol = "socks" }) stream_security:depends({ type = "V2ray", protocol = "shadowsocks" }) +stream_security:depends({ type = "V2ray", protocol = "trojan" }) stream_security:depends("type", "Trojan") stream_security:depends("type", "Trojan-Plus") stream_security:depends("type", "Trojan-Go") @@ -294,24 +289,37 @@ stream_security.validate = function(self, value) end return value end + +flow = s:option(Value, "flow", translate("flow")) +flow.default = "xtls-rprx-origin" +flow:value("xtls-rprx-origin") +flow:value("xtls-rprx-origin-udp443") +flow:depends("stream_security", "xtls") + -- [[ TLS部分 ]] -- tls_sessionTicket = s:option(Flag, "tls_sessionTicket", translate("Session Ticket")) tls_sessionTicket.default = "0" -tls_sessionTicket:depends("stream_security", "tls") +tls_sessionTicket:depends({ type = "Trojan", stream_security = "tls" }) +tls_sessionTicket:depends({ type = "Trojan-Plus", stream_security = "tls" }) +tls_sessionTicket:depends({ type = "Trojan-Go", stream_security = "tls" }) tls_serverName = s:option(Value, "tls_serverName", translate("Domain")) tls_serverName:depends("stream_security", "tls") +tls_serverName:depends("stream_security", "xtls") tls_allowInsecure = s:option(Flag, "tls_allowInsecure", translate("allowInsecure"), translate("Whether unsafe connections are allowed. When checked, Certificate validation will be skipped.")) tls_allowInsecure.default = "0" tls_allowInsecure:depends("stream_security", "tls") +tls_allowInsecure:depends("stream_security", "xtls") tls_certificateFile = s:option(Value, "tls_certificateFile", translate("Public key absolute path"), translate("as:") .. "/etc/ssl/fullchain.pem") tls_certificateFile:depends("stream_security", "tls") +tls_certificateFile:depends("stream_security", "xtls") tls_keyFile = s:option(Value, "tls_keyFile", translate("Private key absolute path"), translate("as:") .. "/etc/ssl/private.key") tls_keyFile:depends("stream_security", "tls") +tls_keyFile:depends("stream_security", "xtls") transport = s:option(ListValue, "transport", translate("Transport")) transport:value("tcp", "TCP") @@ -324,6 +332,7 @@ transport:depends({ type = "V2ray", protocol = "vmess" }) transport:depends({ type = "V2ray", protocol = "vless" }) transport:depends({ type = "V2ray", protocol = "socks" }) transport:depends({ type = "V2ray", protocol = "shadowsocks" }) +transport:depends({ type = "V2ray", protocol = "trojan" }) trojan_transport = s:option(ListValue, "trojan_transport", translate("Transport")) trojan_transport:value("original", "Original") diff --git a/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po b/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po index fcb300726a..bdfaff2b91 100644 --- a/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po +++ b/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po @@ -931,8 +931,8 @@ msgstr "伪装类型" msgid "Transport Layer Encryption" msgstr "传输层加密" -msgid "Whether or not transport layer encryption is enabled, the supported options are \"none\" for unencrypted and \"TLS\" for using TLS." -msgstr "是否启入传输层加密,支持的选项有 \"none\" 表示不加密,\"tls\" 表示使用 TLS。" +msgid "Whether or not transport layer encryption is enabled, \"none\" for unencrypted, \"tls\" for using TLS, \"xtls\" for using XTLS." +msgstr "是否启入传输层加密,支持的选项有 \"none\" 表示不加密,\"tls\" 表示使用 TLS,\"xtls\" 表示使用 XTLS。" msgid "'none' not supported for original Trojan, please choose 'tls'." msgstr "原版Trojan不支持'none',请选择TLS。" @@ -1003,9 +1003,6 @@ msgstr "当你隐藏后想再次显示,地址栏输入例:" msgid "The MTProto protocol must be 32 characters and can only contain characters from 0 to 9 and a to f." msgstr "MTProto 协议必须为 32 个字符,仅可包含 0 到 9 和 a 到 f 之间的字符。" -msgid "When OTA is enabled, a connection that is not OTA enabled is rejected. This option is invalid when using AEAD encryption." -msgstr "开启 OTA 后,将拒绝未启用 OTA 的连接。当使用 AEAD 加密时,该选项无效。" - msgid "transit node" msgstr "中转到此节点"