xm/MIXBOX-ARCHIVE
1
0
Fork 0
mirror of https://github.com/monlor/MIXBOX-ARCHIVE.git synced 2026-03-10 23:41:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

moxbox init

Browse Source
This commit is contained in:
monlor
2020-03-05 00:08:40 +08:00
commit 76dbe98978
856 changed files with 170708 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
apps/shadowsocks/bin/dns2socks_linux_arm Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/dns2socks_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/dns2socks_linux_x86_64 Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/haveged_linux_arm Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/haveged_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/kcptun_linux_arm Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/kcptun_linux_mips Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/kcptun_linux_x86_64 Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/obfs-local_linux_x86_64 Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-local_linux_arm Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-local_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-local_linux_x86_64 Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-redir_linux_arm Executable file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-redir_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ss-redir_linux_x86_64 Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-local_linux_arm Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-local_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-local_linux_x86_64 Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-redir_linux_arm Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-redir_linux_mips Normal file
View File

Binary file not shown.

BIN
apps/shadowsocks/bin/ssr-redir_linux_x86_64 Normal file
View File

Binary file not shown.

41529
apps/shadowsocks/config/cdn.txt Normal file
View File

File diff suppressed because it is too large Load Diff

8182
apps/shadowsocks/config/chnroute.txt Normal file
View File

File diff suppressed because it is too large Load Diff

10706
apps/shadowsocks/config/gfwlist.conf Normal file
View File

File diff suppressed because it is too large Load Diff

450
apps/shadowsocks/config/mixbox.conf Normal file
View File

@@ -0,0 +1,450 @@
#---------------【ShadowSocks】-----------------
shadowsocksAdd() {
ciphers="aes-256-gcm aes-192-gcm aes-128-gcm aes-256-ctr aes-192-ctr aes-128-ctr aes-256-cfb aes-192-cfb aes-128-cfb camellia-128-cfb camellia-192-cfb camellia-256-cfb xchacha20-ietf-poly1305 chacha20-ietf-poly1305 chacha20-ietf chacha20 salsa20 rc4-md5"
v2ray_ciphers="auto aes-128-cfb aes-128-gcm chacha20-poly1305 none"
protocols="origin verify_deflate auth_sha1_v4 auth_aes128_md5 auth_aes128_sha1 auth_chain_a auth_chain_b auth_chain_c auth_chain_d auth_chain_e auth_chain_f"
obfs="plain http_simple http_post tls1.2_ticket_auth tls1.2_ticket_fastauth"
read -p "选择${appname}节点类型[1.ss 2.ssr 3.v2ray] " proxy_type
case "$proxy_type" in
1) proxy_type="ss" ;;
2) proxy_type="ssr" ;;
3) proxy_type="v2ray" ;;
*) echo "服务器类型输入错误!" && return ;;
esac
if [ "$proxy_type" = "v2ray" ]; then
read -p "输入v2ray节点名" ss_id
read -p "输入v2ray服务器地址" ss_server
read -p "输入v2ray服务器端口" ss_port
echo "选择v2ray加密方式(不一定都支持)"
echo $v2ray_ciphers | tr " " "\n" | grep -n . | sed -e "s/:/) /g"
read -p "输入v2ray加密方式(选择或输入)" ss_method
if [ -n "$(echo $ss_method | grep "[0-9][0-9]*")" ]; then
ss_method="$(echo $v2ray_ciphers | tr " " "\n" | sed -n "$ss_method"p)"
[ -z "$ss_method" ] && echo "输入错误!" && return
fi
read -p "输入v2ray用户ID" ss_uuid
read -p "输入v2ray额外ID" ss_alterid
read -p "输入v2ray传输协议[1.tcp 2.kcp 3.ws 4.h2]" ss_network
case "$ss_network" in
1)
ss_network="tcp"
read -p "输入v2ray伪装类型tcp[1.不伪装 2.伪装http]" ss_headtype_tcp
if [ "$ss_headtype_tcp" = "http" ]; then
ss_headtype_tcp="http"
read -p "输入v2ray伪装域名(回车不添加)" ss_network_host
else
ss_headtype_tcp="none"
fi
;;
2)
ss_network="kcp"
echo -e "1.不伪装\n2.伪装视频通话(srtp)\n3.伪装BT下载(uTP)\n4.伪装微信视频通话"
read -p "选择v2ray伪装类型kcp" ss_headtype_kcp
case "$ss_headtype_kcp" in
1) ss_headtype_kcp="none" ;;
2) ss_headtype_kcp="srtp" ;;
3) ss_headtype_kcp="utp" ;;
4) ss_headtype_kcp="wechat-video" ;;
*) ss_headtype_kcp="none" ;;
esac
;;
3)
ss_network="ws"
read -p "输入v2ray路径(回车不添加)" ss_network_path
read -p "输入v2ray伪装域名(回车不添加)" ss_network_host
;;
4)
ss_network="h2"
read -p "输入v2ray路径(回车不添加)" ss_network_path
read -p "输入v2ray伪装域名(回车不添加)" ss_network_host
;;
*) echo "输入错误!" && return
esac
read -p "输入v2ray底层安全传输[1.tls 2.none]" ss_network_security
case $ss_network_security in
1) ss_network_security="tls" ;;
2) ss_network_security="none" ;;
*) ss_network_security="none" ;;
esac
read -p "启用v2ray多路复用[1/0] " ss_mux_enable
[ -n "$ss_mux_enable" ] && ss_mux_enable="$ss_mux_enable"
case "$ss_mux_enable" in
1) ss_mux_enable="true" ;;
0) ss_mux_enable="false" ;;
esac
read -p "输入v2ray并发连接数(默认8)" ss_mux_concurrency
[ -z "$ss_mux_concurrency" ] && ss_mux_concurrency=8
else
read -p "输入${appname}节点名:" ss_id
read -p "输入${appname}服务器地址:" ss_server
read -p "输入${appname}服务器端口:" ss_port
read -p "输入${appname}服务器密码:" ss_passwd
echo "选择${appname}加密方式(不一定都支持)"
echo $ciphers | tr " " "\n" | grep -n . | sed -e "s/:/) /g"
read -p "输入${appname}加密方式(选择或输入)" ss_method
if [ -n "$(echo $ss_method | grep "[0-9][0-9]*")" ]; then
ss_method="$(echo $ciphers | tr " " "\n" | sed -n "$ss_method"p)"
[ -z "$ss_method" ] && echo "输入错误!" && return
fi
if [ "$proxy_type" = 'ssr' ]; then
echo "选择ssr协议(不一定都支持)"
echo $protocols | tr " " "\n" | grep -n . | sed -e "s/:/) /g"
read -p "输入${appname}协议protocols(ss请回车)" ss_protocol
if [ -n "$(echo $ss_protocol | grep "[0-9][0-9]*")" -a -n "$ss_protocol" ]; then
ss_protocol="$(echo $protocols | tr " " "\n" | sed -n "$ss_protocol"p)"
[ -z "$ss_protocol" ] && echo "输入错误!" && return
fi
echo "选择ssr混淆(不一定都支持)"
echo $obfs | tr " " "\n" | grep -n . | sed -e "s/:/) /g"
read -p "输入${appname}混淆obfs" ss_obfs
if [ -n "$(echo $ss_obfs | grep "[0-9][0-9]*")" -a -n "$ss_obfs" ]; then
ss_obfs="$(echo $obfs | tr " " "\n" | sed -n "$ss_obfs"p)"
[ -z "$ss_obfs" ] && echo "输入错误!" && return
fi
read -p "输入${appname}协议参数protocol_param(没有请回车)" ss_protocol_param
read -p "输入${appname}混淆参数obfs_param(没有请回车):" ss_obfs_param
fi
fi
echo "你要添加的节点信息为:"
if [ "$proxy_type" = "v2ray" ]; then
cat << EOF
服务器v2ray类型$proxy_type
服务器v2ray名称$ss_id
服务器v2ray地址$ss_server
服务器v2ray端口号$ss_port
服务器v2ray加密方式$ss_method
服务器v2ray用户ID$ss_uuid
服务器v2ray额外ID$ss_alterid
服务器v2ray传输协议$ss_network
服务器v2ray的tcp伪装类型$ss_headtype_tcp
服务器v2ray伪装域名$ss_network_host
服务器v2ray的kcp伪装类型$ss_headtype_kcp
服务器v2ray路径$ss_network_path
服务器v2ray伪装域名$ss_network_host
服务器v2ray底层安全传输$ss_network_security
服务器v2ray多路复用$ss_mux_enable
服务器v2ray并发连接数$ss_mux_concurrency
EOF
else
cat << EOF
服务器ss类型$proxy_type
服务器ss名称$ss_id
服务器ss地址$ss_server
服务器ss端口号$ss_port
服务器ss密码$ss_passwd
服务器ss加密方式$ss_method
服务器ssr协议$ss_protocol
服务器ssr混淆$ss_obfs
服务器ssr协议参数$ss_protocol_param
服务器ssr混淆参数$ss_obfs_param
EOF
fi
read -p "确定要添加此服务器?[1/0] " res
if [ "$res" == '1' ]; then
sed -i "/,$ss_id,/d" $SSID.conf
if [ "$proxy_type" = "ss" -o "$proxy_type" = "ssr" ]; then
echo "$proxy_type,$ss_id,$ss_server,$ss_port,$ss_passwd,$ss_method,$ss_protocol,$ss_obfs,$ss_protocol_param,$ss_obfs_param" >> $SSID.conf
else
echo "$proxy_type,$ss_id,$ss_server,$ss_port,$ss_method,$ss_uuid,$ss_alterid,$ss_network,$ss_headtype_tcp,$ss_headtype_kcp,$ss_network_host,$ss_network_path,$ss_network_security,$ss_mux_enable,$ss_mux_concurrency" >> $SSID.conf
fi
fi
read -p "添加完成,再添加一个?[1/0] " res
if checkread $res; then
[ "$res" == '1' ] && shadowsocksAdd
fi
}
shadowsocksDel() {
echo "${appname}节点:"
cat $SSID.conf | sed -e 's/.*/[&]/g' | grep -n . | sed -e 's/:/\./g' | while read line
do
[ "${#line}" -gt 70 ] && line="$(echo ${line} | cut -b 1-70)"...
echo ${line}
done
read -p "请选择要删除的节点:" res
[ -n "$res" ] && sed -i "$res"d $SSID.conf
read -p "删除完成,继续删除?[1/0] " res
if checkread $res; then
[ "$res" == '1' ] && shadowsocksDel
fi
}
shadowsocks() {
eval `mbdb export shadowsocks`
source /etc/mixbox/bin/base
SSID=${mbroot}/apps/${appname}/config/ssserver
black_list=${mbroot}/apps/${appname}/config/customize_black.conf
white_list=${mbroot}/apps/${appname}/config/customize_white.conf
[ ! -f $SSID.conf ] && touch $SSID.conf
[ ! -f "$black_list" ] && touch $black_list
[ ! -f "$white_list" ] && touch $white_list
# sslist=$(cat $SSID* | cut -d, -f2 | grep -n . | sed -e 's/:/./g')
control=${mbroot}/apps/${appname}/config/sscontrol.conf
[ ! -f "$control" ] && touch $control
echo "********* $service ***********"
echo "[最好的翻墙工具,没有之一,还可以加速国内外游戏]"
readsh "启动${appname}服务[1/0] " "enable" "1"
if [ "$enable" == '1' ]; then
# [ -z "$sslist" ] && sslist="空"
# echo "${appname}节点:[`echo $sslist`]"
read -p "添加${appname}节点?[1/0] " res
if [ "$res" == '1' ]; then
read -p "选择添加方式[1.手动添加 2.订阅地址 3.uri地址] " res
if [ "$res" == '1' ]; then
shadowsocksAdd
elif [ "$res" == '2' ]; then
cat ${mbroot}/apps/${appname}/config/subscribe_link.txt 2> /dev/null | grep -v "^$"
read -p "清空订阅地址列表后再添加?[1/0] " res
[ "$res" = '1' ] && cat /dev/null > ${mbroot}/apps/${appname}/config/subscribe_link.txt
while(true)
do
read -p "请输入ssr节点订阅地址(回车停止添加)" res
[ -z "$res" ] && break || echo "$res" >> ${mbroot}/apps/${appname}/config/subscribe_link.txt
done
if [ -n "$(cat ${mbroot}/apps/${appname}/config/subscribe_link.txt)" ]; then
${mbroot}/apps/${appname}/scripts/ss_online_update.sh
[ "$?" -ne 0 ] && echo "订阅失败,退出插件配置!" && return 1
fi
read -p "是否需要删除所有的订阅节点?[1/0] " res
[ "$res" = '1' ] && rm -rf ${mbroot}/apps/${appname}/config/ssserver_online.conf
elif [ "$res" == '3' ]; then
read -p "请输入ssr节点uri地址" res
if [ ! -z "$res" ]; then
${mbroot}/apps/${appname}/scripts/ss_online_update.sh add "$res"
fi
fi
fi
# sslist=$(cat $SSID* | cut -d, -f2 | grep -n . | sed -e 's/:/./g')
id=$(mbdb get ${appname}.main.id)
ss_mode=$(mbdb get ${appname}.main.ss_mode)
[ -z "$id" ] && id="空"
[ -z $ss_mode ] && ss_mode="空"
read -p "修改${appname}配置($id, $ss_mode)[1/0] " res
if [ "$res" == '1' ]; then
# [ -z "$sslist" ] && sslist="空"
echo "${appname}节点:"
cat $SSID* | sed -e 's/.*/[&]/g' | grep -n . | sed -e 's/:/\./g' | while read line
do
[ "${#line}" -gt 70 ] && line="$(echo ${line} | cut -b 1-70)"...
echo ${line}
done
read -p "请选择${appname}节点:" res
if [ -n "$res" ]; then
id=$(cat $SSID* | cut -d, -f2 | sed -n "$res"p)
[ ! -z "$id" ] && mbdb set $appname.main.id="$id"
fi
echo "[1.黑名单模式 2.白名单模式 3.全局模式 4.回国模式]"
read -p "请选择${appname}模式:" res
if [ ! -z "$res" ]; then
case "$res" in
1) res="gfwlist" ;;
2) res="whitelist" ;;
3) res="wholemode" ;;
4) res="homemode" ;;
*) res="gfwlist" ;;
esac
mbdb set $appname.main.ss_mode="$res"
fi
fi
read -p "进入${appname}高级设置?[1/0] " res
if [ "$res" == '1' ]; then
read -p "删除${appname}节点?[1/0] " res
[ "$res" == '1' ] && shadowsocksDel
if [ -n "$(lsmod | grep TPROXY)" ]; then
read -p "启动${appname}游戏模式?[1/0] " res
checkread $res && mbdb set $appname.main.ssgena="$res"
if [ "$res" == '1' ]; then
ssgid=$(mbdb get ${appname}.main.ssgid)
ssg_mode=$(mbdb get ${appname}.main.ssg_mode)
[ -z "$ssgid" ] && ssgid="空"
[ -z "$ssg_mode" ] && ssg_mode="空"
read -p "修改${appname}游戏配置($ssgid, $ssg_mode)[1/0] " res
if [ "$res" == '1' ]; then
echo "${appname}节点:"
cat $SSID* | sed -e 's/.*/[&]/g' | grep -n . | sed -e 's/:/\./g' | while read line
do
[ "${#line}" -gt 70 ] && line="$(echo ${line} | cut -b 1-70)"...
echo ${line}
done
read -p "请选择${appname}游戏节点:" res
ssgid=$(cat $SSID* | cut -d, -f2 | sed -n "$res"p)
[ ! -z "$ssgid" ] && mbdb set $appname.main.ssgid="$ssgid"
echo "[1.国内游戏 2.国外游戏]"
read -p "请选择${appname}游戏模式:" res
if [ ! -z "$res" ]; then
case "$res" in
1) res="cngame" ;;
2) res="frgame" ;;
*) res="frgame" ;;
esac
mbdb set $appname.main.ssg_mode="$res"
fi
fi
fi
fi
# smartdns
# if [ "$(mbdb get smartdns.main.enable)" = '1' ]; then
# readsh "是否使用SmartDNS作为ss的DNS解析" "smartdns" "1"
# fi
# kcptun
readsh "是否启动${appname}的kcptun加速(需要服务端支持)[1/0] " "kcp_enable" "0"
if [ "$kcp_enable" = '1' ]; then
echo "以下除了服务端配置,不清楚默认即可!"
readsh "请输入加速kcp服务器地址" "ss_kcp_node"
readsh "请输入加速kcp服务器端口" "ss_kcp_port"
readsh "请输入加速kcp服务器密码(--key)" "ss_kcp_password"
readsh "请输入加速kcp模式(--mode)" "ss_kcp_mode" "fast"
readsh "请输入加速kcp加密方式(--crypt)" "ss_kcp_crypt" "aes"
readsh "请输入加速kcp的DSCP(--dscp),需要与服务端的这个参数保持一致" "ss_kcp_dscp" "0"
read -p "剩余一些不必要的配置,是否继续?[1/0] " res
if [ "$res" = '1' ]; then
readsh "请输入加速kcp的MTU(--mtu)" "ss_kcp_mtu" "1350"
readsh "请输入加速kcp发送窗口(--sndwnd)" "ss_kcp_sndwnd" "128"
readsh "请输入加速kcp接收窗口(--rcvwnd)" "ss_kcp_rcvwnd" "1024"
readsh "请输入加速kcp链接数(--conn)" "ss_kcp_conn" "1"
readsh "请输入加速kcp关闭数据压缩(--nocomp)" "ss_kcp_nocomp" "0"
readsh "请输入加速kcp的socket buffer(--sockbuf),单位: 字节" "ss_kcp_sockbuf" "4194304"
readsh "请输入加速kcp的全局de-mux buffer(--smuxbuf),单位: 字节" "ss_kcp_smuxbuf" "4194304"
readsh "请输入加速kcp的其他配置项" "ss_kcp_config"
fi
fi
# 显示局域网控制
cat $control | while read line
do
name=$(cutsh ${line} 1)
mode=$(cutsh ${line} 3)
case "$mode" in
0) mode="不走代理" ;;
1) mode="科学上网" ;;
*) mode="空" ;;
esac
echo "设备[$name]运行模式为: $mode"
done
mode=$(mbdb get ${appname}.main.ss_proxy_default_mode)
case "$mode" in
0) mode="不走代理" ;;
1) mode="科学上网" ;;
*) mode="科学上网" ;;
esac
echo "其余设备运行模式为: $mode"
read -p "设置局域网代理控制?[1/0] " res
if [ "$res" == '1' ]; then
read -p "清空之前的配置再添加?[1/0] " res
[ "$res" == '1' ] && echo -n > $control
i=0
cat /tmp/dhcp.leases | while read line
do
name=$(echo ${line} | cut -d' ' -f4)
mac=$(echo ${line} | cut -d' ' -f2)
ip=$(echo ${line} | cut -d' ' -f3)
let i=$i+1
echo "$i. $name [$ip] [$mac]"
done
while(true)
do
read -p "请选择一个设备:" res
if [ ! -z "$res" ]; then
line=$(cat /tmp/dhcp.leases | grep -n . | grep -w "^$res")
name=$(echo ${line} | cut -d' ' -f4)
mac=$(echo ${line} | cut -d' ' -f2)
read -p "请选择代理模式(0.不走代理 1.科学上网)" ssproxy
if [ -n "$(lsmod | grep TPROXY)" ]; then
read -p "请选择游戏模式(0.不走游戏 1.游戏加速)" ssgame
fi
if checkread $ssproxy; then
if [ ! -z "$mac" ]; then
[ -z "$ssgame" ] && ssgame=0
sed -i "/^$name,$mac/d" $control
echo "$name,$mac,$ssproxy,$ssgame" >> $control
else
echo "mac不能为空, 添加失败!"
fi
else
echo "输入有误, 添加失败"
fi
read -p "继续增加设备?[1/0] " res
[ "$res" == '0' -o -z "$res" ] && break
else
echo "输入为空,跳过..."
break
fi
done
readsh "请选择其余设备代理模式(0.不走代理 1.科学上网)" "ss_proxy_default_mode" "1"
if [ -n "$(lsmod | grep TPROXY)" ]; then
readsh "请选择其余设备游戏模式(0.不走游戏 1.游戏加速)" "ss_game_default_mode" "1"
fi
fi
read -p "添加自定义规则(支持ip和域名)[1/0] " res
if [ "$res" == '1' ]; then
read -p "添加黑名单规则?[1/0] " res
if [ "$res" == '1' ]; then
echo "黑名单规则列表:"
cat $black_list
read -p "请选择添加方式(1.覆盖添加 2.追加规则)" res
[ "$res" == '1' ] && echo -n > $black_list
while(true)
do
read -p "输入域名网址(exit结束输入)" res
[ "$res" == "exit" -o -z "$res" ] && break
echo "$res" >> $black_list
done
fi
read -p "添加白名单规则?[1/0] " res
if [ "$res" == '1' ]; then
echo "白名单规则列表:"
cat $white_list
read -p "请选择添加方式(1.覆盖添加 2.追加规则)" res
[ "$res" == '1' ] && echo -n > $white_list
while(true)
do
read -p "输入域名网址(exit结束输入)" res
[ "$res" == "exit" -o -z "$res" ] && break
echo "$res" >> $white_list
done
fi
fi
[ "$dns_red_enable" != '1' ] && dns_red_text="不重定向" || dns_red_text="重定向"
[ -z "$DNS_SERVER" ] && DNS_SERVER=8.8.8.8
[ -z "$DNS_SERVER_PORT" ] && DNS_SERVER_PORT=53
read -p "修改DNS配置($dns_red_text, $DNS_SERVER, $DNS_SERVER_PORT)[1/0] " res
if [ "$res" == '1' ]; then
read -p "启用DNS重定向[1/0] " res
[ -n "$res" ] && mbdb set $appname.main.dns_red_enable="$res"
if [ "$res" == '1' ]; then
[ -z "$dns_red_ip" ] && dns_red_ip="$lanip"
read -p "修改DNS重定向IP地址($dns_red_ip)" res
[ -n "$res" ] && mbdb set $appname.main.dns_red_ip="$res"
fi
read -p "输入代理使用DNS服务器($DNS_SERVER)" res
[ -n "$res" ] && mbdb set $appname.main.DNS_SERVER="$res"
read -p "输入代理使用DNS端口号($DNS_SERVER_PORT)" res
[ -n "$res" ] && mbdb set $appname.main.DNS_SERVER_PORT="$res"
fi
fi
${mbroot}/apps/${appname}/scripts/${appname}.sh restart
else
${mbroot}/apps/${appname}/scripts/${appname}.sh stop
fi
}
#---------------【ShadowSocks】-----------------

9
apps/shadowsocks/config/shadowsocks.uci Normal file
View File

@@ -0,0 +1,9 @@
service=ShadowSocks
appname="shadowsocks"
needver="0.0.1"
supports="linux_arm,linux_mips,linux_x86_64"
openport="1"
backupfiles="config/ssserver.conf,config/sscontrol.conf,config/customize_black.conf,config/customize_white.conf"
appinfo="最好的翻墙工具,没有之一,还可以加速国内外游戏"
newinfo="修复kcptun配置错误"
version="0.1.1"

236
apps/shadowsocks/scripts/general_v2ray_config.sh Normal file
View File

@@ -0,0 +1,236 @@
#!/bin/sh
source /etc/mixbox/bin/base
eval `mbdb export shadowsocks`
ss_id="$1"
v2ray_config="${mbroot}/apps/${appname}/config/v2ray.json"
idinfo="$(cat ${mbroot}/apps/${appname}/config/ssserver.conf | grep ",$1," | head -1)"
[ -z "$idinfo" ] && logsh "$service" "未找到v2ray节点$ss_id" && exit
ss_server=`cutsh "$idinfo" 3`
ss_port=`cutsh "$idinfo" 4`
ss_method=`cutsh "$idinfo" 5`
ss_uuid=`cutsh "$idinfo" 6`
ss_alterid=`cutsh "$idinfo"o 7`
ss_network=`cutsh "$idinfo" 8`
ss_headtype_tcp=`cutsh "$idinfo" 9`
ss_headtype_kcp=`cutsh "$idinfo" 10`
ss_network_host=`cutsh "$idinfo" 11`
ss_network_path=`cutsh "$idinfo" 12`
ss_network_security=`cutsh "$idinfo" 13`
ss_mux_enable=`cutsh "$idinfo" 14`
ss_mux_concurrency=`cutsh "$idinfo" 15`
rm -rf "$v2ray_config"
logsh "$service" "生成V2Ray配置文件..."
local kcp="null"
local tcp="null"
local ws="null"
local h2="null"
local tls="null"
if [ "$ss_network" != "ws" ]; then
IFIP=`echo $ss_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"`
if [ -z "$IFIP" ]; then
ss_server_tmp=`nslookup $ss_server | sed 1,2d | grep -Eo "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -1`
[ -z "$ss_server_tmp" ] && logsh "$service" "v2ray服务器地址解析失败跳过解析" || ss_server="$ss_server_tmp"
fi
fi
get_ws_header() {
if [ -n "$1" ];then
echo {\"Host\": \"$1\"}
else
echo "null"
fi
}
get_h2_host() {
if [ -n "$1" ];then
echo [\"$1\"]
else
echo "null"
fi
}
get_path(){
if [ -n "$1" ];then
echo \"$1\"
else
echo "null"
fi
}
# tcp和kcp下tlsSettings为nullws和h2下tlsSettings
[ -z "$ss_mux_enable" ] && local ss_mux_enable=true
[ -z "$ss_mux_concurrency" ] && local ss_mux_concurrency=8
[ "$ss_network_security" == "none" ] && ss_network_security=""
#if [ "$ss_network" == "ws" -o "$ss_network" == "h2" ];then
case "$ss_network_security" in
tls)
local tls="{
\"allowInsecure\": true,
\"serverName\": null
}"
;;
*)
local tls="null"
;;
esac
#fi
# incase multi-domain input
if [ "`echo $ss_network_host | grep ","`" ];then
ss_network_host=`echo $ss_network_host | sed 's/,/", "/g'`
fi
case "$ss_network" in
tcp)
if [ "$ss_headtype_tcp" == "http" ];then
local tcp="{
\"connectionReuse\": true,
\"header\": {
\"type\": \"http\",
\"request\": {
\"version\": \"1.1\",
\"method\": \"GET\",
\"path\": [\"/\"],
\"headers\": {
\"Host\": [\"$ss_network_host\"],
\"User-Agent\": [\"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36\",\"Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46\"],
\"Accept-Encoding\": [\"gzip, deflate\"],
\"Connection\": [\"keep-alive\"],
\"Pragma\": \"no-cache\"
}
},
\"response\": {
\"version\": \"1.1\",
\"status\": \"200\",
\"reason\": \"OK\",
\"headers\": {
\"Content-Type\": [\"application/octet-stream\",\"video/mpeg\"],
\"Transfer-Encoding\": [\"chunked\"],
\"Connection\": [\"keep-alive\"],
\"Pragma\": \"no-cache\"
}
}
}
}"
else
local tcp="null"
fi
;;
kcp)
local kcp="{
\"mtu\": 1350,
\"tti\": 50,
\"uplinkCapacity\": 12,
\"downlinkCapacity\": 100,
\"congestion\": false,
\"readBufferSize\": 2,
\"writeBufferSize\": 2,
\"header\": {
\"type\": \"$ss_headtype_kcp\",
\"request\": null,
\"response\": null
}
}"
;;
ws)
local ws="{
\"connectionReuse\": true,
\"path\": $(get_path $ss_network_path),
\"headers\": $(get_ws_header $ss_network_host)
}"
;;
h2)
local h2="{
\"path\": $(get_path $ss_network_path),
\"host\": $(get_h2_host $ss_network_host)
}"
;;
esac
cat > "$v2ray_config" <<-EOF
{
"log": {
"access": "/dev/null",
"error": "${mbtmp}/v2ray_log.log",
"loglevel": "error"
},
EOF
# logsh "【$service】" 配置v2ray dns用于dns解析...
# cat >> "$v2ray_config" <<-EOF
# "inbound": {
# "protocol": "dokodemo-door",
# "port": 15353,
# "settings": {
# "address": "8.8.8.8",
# "port": 53,
# "network": "udp",
# "timeout": 0,
# "followRedirect": false
# }
# },
# EOF
cat >> "$v2ray_config" <<-EOF
"inbound": {
"port": 1082,
"listen": "0.0.0.0",
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true,
"ip": "127.0.0.1",
"clients": null
},
"streamSettings": null
},
EOF
cat >> "$v2ray_config" <<-EOF
"inboundDetour": [
{
"listen": "0.0.0.0",
"port": 1081,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
}
}
],
"outbound": {
"tag": "agentout",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "$ss_server",
"port": $ss_port,
"users": [
{
"id": "$ss_uuid",
"alterId": $ss_alterid,
"security": "$ss_method"
}
]
}
],
"servers": null
},
"streamSettings": {
"network": "$ss_network",
"security": "$ss_network_security",
"tlsSettings": $tls,
"tcpSettings": $tcp,
"kcpSettings": $kcp,
"wsSettings": $ws,
"httpSettings": $h2
},
"mux": {
"enabled": $ss_mux_enable,
"concurrency": $ss_mux_concurrency
}
}
}
EOF

743
apps/shadowsocks/scripts/shadowsocks.sh Normal file
View File

@@ -0,0 +1,743 @@
#!/bin/sh
source /etc/mixbox/bin/base
eval `mbdb export shadowsocks`
[ -z "$CDN" ] && CDN=223.5.5.5
[ -z "$DNS_SERVER" ] && DNS_SERVER=8.8.8.8
[ -z "$DNS_SERVER_PORT" ] && DNS_SERVER_PORT=53
[ -z "$ss_proxy_default_mode" ] && ss_proxy_default_mode=1
[ -z "$ss_game_default_mode" ] && ss_game_default_mode=0
[ -z "$dns_red_ip" ] && dns_red_ip="$lanip"
[ "$ssgena" != "1" ] && unset ssg_mode
get_v2ray_bin() {
result1=$(curl -skL $mburl/appsbin/v2ray-bin/$model/lastest.txt) &> /dev/null
result2=$(${mbroot}/apps/${appname}/bin/v2ray -version | head -1 | cut -d' ' -f2) &> /dev/null
[ -z "$result1" ] && logsh "$service" "获取v2ray在线版本失败请检查网络" && exit 1
logsh "$service" "检测v2ray版本本地版本$result2,在线版本:$result1"
if [ "$result1" != "$result2" ]; then
logsh "$service" "版本不一致,正在更新..."
wgetsh ${mbroot}/apps/${appname}/bin/v2ray $mburl/appsbin/v2ray-bin/$model/v2ray
wgetsh ${mbroot}/apps/${appname}/bin/v2ctl $mburl/appsbin/v2ray-bin/$model/v2ctl
chmod +x ${mbroot}/apps/${appname}/bin/v2ray
chmod +x ${mbroot}/apps/${appname}/bin/v2ctl
fi
}
get_config() {
logsh "$service" "创建节点配置文件..."
[ -z "$id" ] && logsh "$service" "未配置运行节点!" && exit
local_ip=0.0.0.0
[ -z "$id" ] && logsh "$service" "未配置运行节点!" && exit 1
idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$id," | head -1`
[ -z "$idinfo" ] && logsh "$service" "未找到配置节点:$id" && exit
proxy_type=`cutsh "$idinfo" 1`
ss_name=`cutsh "$idinfo" 2`
ss_server=`cutsh "$idinfo" 3`
IFIP=`echo $ss_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"`
if [ -z "$IFIP" ]; then
ss_server_tmp=`nslookup $ss_server | sed 1,2d | grep -Eo "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -1`
[ -z "$ss_server_tmp" ] && logsh "$service" "服务器地址解析失败,跳过解析!" || ss_server="$ss_server_tmp"
fi
if [ "$proxy_type" = "v2ray" ]; then
get_v2ray_bin
${mbroot}/apps/${appname}/scripts/general_v2ray_config.sh "$id"
else
ss_server_port=`cutsh "$idinfo" 4`
ss_password=`cutsh "$idinfo" 5`
ss_method=`cutsh "$idinfo" 6`
ssr_protocol=`cutsh "$idinfo" 7`
ssr_obfs=`cutsh "$idinfo" 8`
ssr_protocol_param=`cutsh "$idinfo" 9`
ssr_obfs_param=`cutsh "$idinfo" 10`
# 如果kcp成功启动应该把ss服务端指向kcp服务端口
if [ "$kcp_started" = 1 ]; then
ss_server=127.0.0.1
ss_server_port=11183
fi
#生成配置文件
if [ "$proxy_type" = "ss" ]; then
APPPATH=${mbroot}/apps/${appname}/bin/ss-redir
LOCALPATH=${mbroot}/apps/${appname}/bin/ss-local
cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF
{
"server": "$ss_server",
"server_port": $ss_server_port,
"local_address": "0.0.0.0",
"local_port": 1081,
"password": "$ss_password",
"timeout": 600,
"method": "$ss_method"
}
EOF
else
APPPATH=${mbroot}/apps/${appname}/bin/ssr-redir
LOCALPATH=${mbroot}/apps/${appname}/bin/ssr-local
cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF
{
"server": "$ss_server",
"server_port": $ss_server_port,
"local_address": "0.0.0.0",
"local_port": 1081,
"password": "$ss_password",
"timeout": 600,
"protocol": "$ssr_protocol",
"protocol_param": "$ssr_protocol_param",
"obfs": "$ssr_obfs",
"obfs_param": "$ssr_obfs_param",
"method": "$ss_method"
}
EOF
fi
cp ${mbroot}/apps/${appname}/config/ss.conf ${mbroot}/apps/${appname}/config/dns2socks.conf && sed -i 's/1081/1082/g' ${mbroot}/apps/${appname}/config/dns2socks.conf
fi
if [ "$ssgena" == '1' ]; then
[ -z "$ssgid" ] && logsh "$service" "未配置游戏运行节点!" && exit
idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$ssgid," | head -1`
[ -z "$idinfo" ] && logsh "$service" "未找到配置节点:$ssgid" && exit
proxy_type_game=`cutsh "$idinfo" 1`
ssg_name=`cutsh "$idinfo" 2`
ssg_server=`cutsh "$idinfo" 3`
if [ "$proxy_type" = "v2ray" -a "$proxy_type_game" != "v2ray" -a "$ssg_server" != "$ss_server" ]; then
logsh "$service" "当主进程为v2ray代理时游戏进程只能选择同样的v2ray节点"
return
ssgena=0
fi
if [ "$proxy_type" != "v2ray" -a "$proxy_type_game" = "v2ray" ]; then
logsh "$service" "只有当主进程为v2ray代理时游戏进程才能启用v2ray"
return
ssgena=0
fi
[ "$proxy_type_game" = "v2ray" -o "$ssgid" == "$id" ] && return
ssg_server_port=`cutsh "$idinfo" 4`
ssg_password=`cutsh "$idinfo" 5`
ssg_method=`cutsh "$idinfo" 6`
ssg_protocol=`cutsh "$idinfo" 7`
ssg_obfs=`cutsh "$idinfo" 8`
ssg_protocol_param=`cutsh "$idinfo" 9`
ssg_obfs_param=`cutsh "$idinfo" 10`
IFIP=`echo $ssg_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"`
if [ -z "$IFIP" ]; then
ssg_server_tmp=`resolveip $ssg_server | head -1`
[ $? -ne 0 ] && logsh "$service" "游戏服务器地址解析失败,跳过解析!" || ssg_server="$ssg_server_tmp"
fi
if [ "$proxy_type_game" = "ss" ]; then
cp -rf ${mbroot}/apps/${appname}/bin/ss-redir ${mbroot}/apps/${appname}/bin/ssg-redir
cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF
{
"server": "$ssg_server",
"server_port": $ssg_server_port,
"local_address": "0.0.0.0",
"local_port": 1085,
"password": "$ssg_password",
"timeout": 600,
"method": "$ssg_method"
}
EOF
else
cp -rf ${mbroot}/apps/${appname}/bin/ssr-redir ${mbroot}/apps/${appname}/bin/ssg-redir
cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF
{
"server": "$ssg_server",
"server_port": $ssg_server_port,
"local_address": "0.0.0.0",
"local_port": 1085,
"password": "$ssg_password",
"timeout": 600,
"protocol": "$ssg_protocol",
"protocol_param": "$ssg_protocol_param",
"obfs": "$ssg_obfs",
"obfs_param": "$ssg_obfs_param",
"method": "$ssg_method"
}
EOF
fi
fi
# 保存代理类型
mbdb set ${appname}.main.proxy_type="$proxy_type"
}
dnsconfig() {
killall ss-local &> /dev/null
killall dns2socks > /dev/null 2>&1
if [ "$proxy_type" != "v2ray" ]; then
logsh "$service" "启动ss-local本地socks5代理..."
daemon $LOCALPATH -c ${mbroot}/apps/${appname}/config/dns2socks.conf
fi
logsh "$service" "开启dns2socks进程..."
daemon ${mbroot}/apps/${appname}/bin/dns2socks 127.0.0.1:1082 $DNS_SERVER:$DNS_SERVER_PORT 127.0.0.1:15353
if [ $? -ne 0 ]; then
logsh "$service" "启动失败!"
exit
fi
if [ "$dns_red_enable" == '1' ]; then
logsh "$service" "启用DNS重定向到$dns_red_ip"
iptables -t nat -I PREROUTING -s $lanip/24 -p udp --dport 53 -m comment --comment "${appname}"-dns -j DNAT --to $dns_red_ip &> /dev/null
fi
}
get_mode_name() {
case "$1" in
0)
echo "不走代理"
;;
1)
echo "科学上网"
;;
esac
}
get_game_mode() {
case "$1" in
0)
echo "不走游戏"
;;
1)
echo "游戏加速"
;;
esac
}
get_jump_mode(){
case "$1" in
0)
echo "-j"
;;
*)
echo "-g"
;;
esac
}
get_action_chain() {
case "$1" in
0)
echo "RETURN"
;;
1)
echo "SHADOWSOCK"
;;
esac
}
ipset_rules_smartdns() {
# ipset deal
logsh "$service" "创建ipset规则..."
[ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf
[ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf
rm -rf ${mbtmp}/wblist.conf
rm -rf ${mbtmp}/sscdn.conf
ipset -N customize_black iphash -!
ipset -N customize_white iphash -!
ipset -N router iphash -!
ipset -N gfwlist iphash -!
# 生成自定义黑名单规则最后4个为tg的ip
ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22"
for ip in $ip_tg
do
ipset -! add customize_black $ip >/dev/null 2>&1
done
cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line
do
if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then
echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf
else
ipset -! add customize_black ${line} &> /dev/null
fi
done
# 路由器自身规则
if [ "$ss_mode" != "homemode" ]; then
echo "#for router itself" >> ${mbtmp}/wblist.conf
echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf
echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf
echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf
fi
# 生成自定义白名单规则
ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0"
for ip in $ip_tg; do
ipset -! add customize_white $ip >/dev/null 2>&1
done
cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line
do
if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then
echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf
else
ipset -! add customize_white ${line} &> /dev/null
fi
done
echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf
echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf
#黑白名单规则
if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" ]; then
sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -!
elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then
cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf
sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf
sed -i '/^server/d' ${mbtmp}/gfwlist.conf
ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf
fi
# 使规则生效
ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf
}
ipset_rules() {
# ipset deal
logsh "$service" "创建ipset规则..."
[ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf
[ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf
rm -rf ${mbtmp}/wblist.conf
rm -rf ${mbtmp}/sscdn.conf
ipset -N customize_black iphash -!
ipset -N customize_white iphash -!
ipset -N router iphash -!
ipset -N gfwlist iphash -!
# 生成自定义黑名单规则最后4个为tg
ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22"
for ip in $ip_tg
do
ipset -! add customize_black $ip >/dev/null 2>&1
done
cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line
do
if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then
echo "server=/.${line}/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf
else
ipset -! add customize_black ${line} &> /dev/null
fi
done
# 路由器自身规则
if [ "$ss_mode" != "homemode" ]; then
echo "#for router itself" >> ${mbtmp}/wblist.conf
echo "server=/.google.com.tw/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf
echo "server=/dns.google.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf
echo "server=/.github.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf
echo "server=/.github.io/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf
echo "server=/.raw.githubusercontent.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf
echo "server=/.adblockplus.org/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf
echo "server=/.entware.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf
echo "server=/.apnic.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf
echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf
fi
# 生成自定义白名单规则
ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0"
for ip in $ip_tg; do
ipset -! add customize_white $ip >/dev/null 2>&1
done
cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line
do
if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then
echo "server=/.${line}/$CDN#53" >> ${mbtmp}/wblist.conf
echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf
else
ipset -! add customize_white ${line} &> /dev/null
fi
done
if [ "$ss_mode" != "homemode" ]; then
echo "server=/.apple.com/$CDN#53" >> ${mbtmp}/wblist.conf
echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf
echo "server=/.microsoft.com/$CDN#53" >> ${mbtmp}/wblist.conf
echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf
fi
#黑白名单规则
if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" -o "$ss_mode" = "homemode" ]; then
sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -!
elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then
cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf
sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf
ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf
fi
#加速cdn
if [ "$ss_mode" != "gfwlist" ]; then
cat ${mbroot}/apps/${appname}/config/cdn.txt | sed "s/^/server=&\/./g" | sed "s/$/\/&$CDN/g" | sort | awk '{if ($0!=line) print;line=$0}' >>${mbtmp}/sscdn.conf
ln -s ${mbtmp}/sscdn.conf /tmp/etc/dnsmasq.d/cdn.conf
fi
# 使规则生效
ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf
}
lan_control() {
#lan access control
[ ! -f ${mbroot}/apps/${appname}/config/sscontrol.conf ] && touch ${mbroot}/apps/${appname}/config/sscontrol.conf
cat ${mbroot}/apps/${appname}/config/sscontrol.conf | while read line
do
mac=$(cutsh ${line} 2)
proxy_name=$(cutsh ${line} 1)
proxy_mode=$(cutsh ${line} 3)
game_mode=$(cutsh ${line} 4)
[ -z "$game_mode" ] && game_mode="$proxy_mode"
iptables -t nat -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode)
if [ "$ssgena" == '1' ]; then
iptables -t mangle -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $game_mode) $(get_action_chain $game_mode)
args="[$(get_game_mode $game_mode)]"
else
args=""
fi
logsh "$service" "加载ACL规则:[$proxy_name]代理模式为:[$(get_mode_name $proxy_mode)]$args"
done
#default alc mode
iptables -t nat -A SHADOWSOCKS -p tcp -j $(get_action_chain $ss_proxy_default_mode)
[ "$ssgena" = '1' ] && iptables -t mangle -A SHADOWSOCKS -p udp -j $(get_action_chain $ss_game_default_mode)
result=$(cat ${mbroot}/apps/${appname}/config/sscontrol.conf | wc -l)
[ "$result" == '0' ] && flag="全部主机" || flag="其余主机"
[ "$ssgena" == '1' ] && args="[$(get_game_mode $ss_game_default_mode)]" || args=""
logsh "$service" "加载ACL规则:[$flag]代理模式为:[$(get_mode_name $ss_proxy_default_mode)]$args"
}
load_nat() {
logsh "$service" "加载iptables的nat规则..."
iptables -t nat -N SHADOWSOCKS
iptables -t nat -N SHADOWSOCK
# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
# iptables -t nat -A SHADOWSOCKS -d $lanip/24 -j RETURN
# iptables -t nat -A SHADOWSOCKS -d $wanip/16 -j RETURN
# iptables -t nat -A SHADOWSOCKS -d $ss_server -j RETURN
# iptables -t nat -A SHADOWSOCKS -d $ssg_server -j RETURN
# general rules
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_white dst -j RETURN
#router itself
[ "$ss_mode" != "homemode" ] && iptables -t nat -A OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081
case "$ss_mode" in
"gfwlist")
logsh "$service" "添加国外黑名单规则..."
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-port 1081
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081
;;
"whitelist")
logsh "$service" "添加国外白名单规则..."
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081
iptables -t nat -A SHADOWSOCK -p tcp -m set ! --match-set nogfwnet dst -j REDIRECT --to-ports 1081
;;
"wholemode")
logsh "$service" "添加全局模式iptables规则..."
iptables -t nat -A SHADOWSOCK -p tcp -j REDIRECT --to-ports 1081
;;
"homemode")
logsh "$service" "添加回国模式规则..."
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081
iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set nogfwnet dst -j REDIRECT --to-ports 1081
;;
esac
if [ "$ssgena" == '1' ]; then
logsh "$service" "加载iptables的udp规则..."
ip rule add fwmark 0x01/0x01 table 300
ip route add local 0.0.0.0/0 dev lo table 300
iptables -t mangle -N SHADOWSOCKS
iptables -t mangle -N SHADOWSOCK
# iptables -t mangle -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
# iptables -t mangle -A SHADOWSOCKS -d 127.0.0.1/16 -j RETURN
# iptables -t mangle -A SHADOWSOCKS -d $lanip/16 -j RETURN
# iptables -t mangle -A SHADOWSOCKS -d $wanip/16 -j RETURN
# iptables -t mangle -A SHADOWSOCKS -d $ss_server -j RETURN
iptables -t mangle -A SHADOWSOCK -p udp -m set --match-set customize_white dst -j RETURN
# chmod -x /opt/filetunnel/stunserver > /dev/null 2>&1
# killall -9 stunserver > /dev/null 2>&1
fi
case "ssg_mode" in
"cngame")
logsh "$service" "添加国内游戏iptables规则..."
iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set gfwlist dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01
;;
"frgame")
logsh "$service" "添加国外游戏iptables规则..."
iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set nogfwnet dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01
;;
esac
lan_control
# last nat
iptablenu=$(iptables -nvL PREROUTING -t nat | sed 1,2d | sed -n '/KOOLPROXY/=' | head -n1)
if [ -z "$iptablenu" ];then
iptablenu=2
fi
iptables -t nat -I PREROUTING "$iptablenu" -p tcp -j SHADOWSOCKS
[ "$ssgena" == '1' ] && iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS
}
start_kcp() {
if [ "$kcp_enable" = '1' ]; then
[ -z "$ss_kcp_node" ] && logsh "$service" "未配置kcp加速节点不启用kcp" && return
logsh "$service" "启动kcptun加速主进程($ss_kcp_node)..."
# [ "$proxy_type" = "v2ray" ] && logsh "【$service】" "启动代理节点类型为v2ray不启用kcp" && return
[ -z "$ss_kcp_mtu" ] && ss_kcp_mtu="1350"
[ -z "$ss_kcp_sndwnd" ] && ss_kcp_sndwnd="128"
[ -z "$ss_kcp_rcvwnd" ] && ss_kcp_rcvwnd="1024"
[ -z "$ss_kcp_conn" ] && ss_kcp_conn="1"
[ -z "$ss_kcp_compon" ] && ss_kcp_compon="1"
daemon ${mbroot}/apps/${appname}/bin/kcptun \
--localaddr=127.0.0.1:11183 \
--remoteaddr=$ss_kcp_node:$ss_kcp_port \
--key=$ss_kcp_password \
--crypt=$ss_kcp_crypt \
--mode=$ss_kcp_mode \
--mtu=$ss_kcp_mtu \
--sndwnd=$ss_kcp_sndwnd \
--rcvwnd=$ss_kcp_rcvwnd \
--conn=$ss_kcp_conn \
--nocomp=$ss_kcp_nocomp \
--dscp=$ss_kcp_dscp \
--sockbuf=$ss_kcp_sockbuf \
--smuxbuf=$ss_kcp_smuxbuf \
--log=${mbroot}/var/log/kcptun.log \
$ss_kcp_config
[ $? -ne 0 ] && logsh "$service" "启动失败!" && exit 1
kcp_started=1
fi
}
detect_status() {
[ ! -s ${mbroot}/apps/${appname}/config/ssserver.conf -a ! -s ${mbroot}/apps/${appname}/config/ssserver_online.conf ] && logsh "$service" "没有添加ss服务器!" && exit
result=$(ps | grep -E 'ss-redir|ssr-redir' | grep -v grep | wc -l)
if [ "$result" != '0' ];then
logsh "$service" "SS已经在运行"
exit
fi
}
write_cron_job() {
cru a "${appname}"_rule "20 5 * * * ${mbroot}/apps/${appname}/scripts/ss_rule_update.sh"
cru a "${appname}"_online "0 */6 * * * ${mbroot}/apps/${appname}/scripts/ss_online_update.sh"
cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart"
}
remote_cron_job() {
cru d "${appname}"_rule
cru d "${appname}"_online
cru d "${appname}"
}
start_haveged () {
# 启动haveged用于生成随机数
[ -x ${mbroot}/apps/${appname}/bin/haveged ] && ${mbroot}/apps/${appname}/bin/haveged -w 1024 &> /dev/null
}
start_main_process() {
if [ "$proxy_type" = "v2ray" ]; then
logsh "$service" "启动代理为v2ray测试配置文件"
# rm -rf ${mbroot}/bin/v2ray ${mbroot}/bin/v2ctl
# ln -s ${mbroot}/apps/${appname}/bin/v2ray ${mbroot}/bin/v2ray
# ln -s ${mbroot}/apps/${appname}/bin/v2ctl ${mbroot}/bin/v2ctl
killall -9 v2ray &> /dev/null
cd ${mbroot}/bin
result=$(${mbroot}/apps/${appname}/bin/v2ray -test -config="${mbroot}/apps/${appname}/config/v2ray.json" | grep "Configuration OK.")
[ -z "$result" ] && logsh "$service" "配置文件测试失败!" && exit 1
logsh "$service" "启动v2ray主进程($id)..."
[ -z "$ss_mode" ] && logsh "$service" "未配置${appname}运行模式!" && exit 1
daemon ${mbroot}/apps/${appname}/bin/v2ray -config="${mbroot}/apps/${appname}/config/v2ray.json"
[ $? -ne 0 ] && logsh "$service" "启动失败!" && exit 1
else
logsh "$service" "启动ss主进程($id)..."
[ -z "$ss_mode" ] && logsh "$service" "未配置${appname}运行模式!" && exit 1
killall ss-redir &> /dev/null
killall ssr-redir &> /dev/null
daemon $APPPATH -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ss.conf
[ $? -ne 0 ] && logsh "$service" "启动失败!" && exit 1
fi
}
start_game_process() {
if [ "$ssgena" == 1 ]; then
if [ "$proxy_type_game" = "v2ray" ]; then
logsh "$service" "游戏加速使用v2ray代理模式"
[ -z "$ssg_mode" ] && logsh "$service" "未配置游戏进程运行模式!" && exit 1
ssg_port=1081
else
logsh "$service" "启动ss游戏进程($ssgid)..."
[ -z "$ssg_mode" ] && logsh "$service" "未配置${appname}游戏运行模式!" && exit 1
if [ "$ssgid" != "$id" ]; then
daemon ${mbroot}/apps/${appname}/bin/ssg-redir -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ssg.conf
if [ $? -ne 0 ]; then
logsh "$service" "启动失败!"
exit 1
fi
ssg_port=1085
else
ssg_port=1081
fi
fi
fi
}
flush_ss_rules() {
logsh "$service" "清除iptables规则..."
eval `iptables -t nat -S | grep SHADOWSOCK | sed -e "s/-A/iptables -t nat -D/" | sed -e 's/$/;/g'` &> /dev/null
ip rule del fwmark 0x01/0x01 table 300 &> /dev/null
ip route del local 0.0.0.0/0 dev lo table 300 &> /dev/null
iptables -t mangle -D PREROUTING -p udp -j SHADOWSOCKS &> /dev/null
iptables -t nat -D PREROUTING -p tcp -j SHADOWSOCKS &> /dev/null
iptables -t mangle -F SHADOWSOCKS &> /dev/null
iptables -t mangle -X SHADOWSOCKS &> /dev/null
iptables -t mangle -F SHADOWSOCK &> /dev/null
iptables -t mangle -X SHADOWSOCK &> /dev/null
iptables -t nat -F SHADOWSOCK &> /dev/null
iptables -t nat -X SHADOWSOCK &> /dev/null
iptables -t nat -F SHADOWSOCKS &> /dev/null
iptables -t nat -X SHADOWSOCKS &> /dev/null
iptables -t nat -D PREROUTING -s $lanip/24 -p udp --dport 53 -j DNAT --to $dns_red_ip > /dev/null 2>&1
eval `iptables -t nat -S | grep "${appname}"-dns | head -1 | sed -e "s/-A/iptables -t nat -D/"` &> /dev/null
iptables -t nat -D OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081 &> /dev/null
chmod +x /opt/filetunnel/stunserver > /dev/null 2>&1
ipset destroy nogfwnet &> /dev/null
ipset destroy gfwlist &> /dev/null
ipset destroy customize_black &> /dev/null
ipset destroy customize_white &> /dev/null
ipset destroy router &> /dev/null
rm -rf ${mbroot}/apps/${appname}/config/ss.conf
rm -rf ${mbroot}/apps/${appname}/config/dns2socks.conf
rm -rf ${mbroot}/apps/${appname}/config/ssg.conf
rm -rf ${mbroot}/apps/${appname}/bin/ssg-redir
rm -rf ${mbtmp}/wblist.conf
rm -rf ${mbtmp}/gfwlist.conf
rm -rf ${mbtmp}/sscdn.conf
rm -rf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf > /dev/null 2>&1
rm -rf /tmp/etc/dnsmasq.d/wblist.conf > /dev/null 2>&1
rm -rf /tmp/etc/dnsmasq.d/cdn.conf &> /dev/null
# rm -rf ${mbroot}/bin/v2ray &> /dev/null
# rm -rf ${mbroot}/bin/v2ctl &> /dev/null
/etc/init.d/dnsmasq restart
sleep 1
}
# detect_process () {
# sleep 1
# [ -n "$(pssh | grep dns2socks)" ] && local dns_process=1
# if [ "$proxy_type" = "v2ray" ]; then
# [ -n "$(pssh | grep v2ray)" ] && local v2ray_process=1
# [ -z "$dns_process" -o -z "$v2ray_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log"
# else
# [ -n "$(pssh | grep ss-redir)" ] && local ssredir_process=1
# [ -n "$(pssh | grep ss-local)" ] && local sslocal_process=1
# [ -z "$dns_process" -o -z "$ssredir_process" -o -z "$sslocal_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log"
# fi
# }
start() {
insmod ipt_REDIRECT 2>/dev/null
detect_status
start_kcp
get_config
start_haveged
sleep 1
start_main_process
start_game_process
# [ "$smartdns" = '1' ] && ipset_rules_smartdns || ipset_rules
ipset_rules
load_nat
# [ "$smartdns" != '1' ] && dnsconfig
dnsconfig
#添加定时更新规则
write_cron_job
write_firewall_start
/etc/init.d/dnsmasq restart
logsh "$service" "启动${appname}服务完成,启动失败可查看日志或多次重试!"
# detect_process
}
stop() {
logsh "$service" "关闭ss主进程..."
killall -9 ss-redir &> /dev/null
killall -9 ssr-redir &> /dev/null
killall -9 ssg-redir &> /dev/null
killall -9 ss-local &> /dev/null
killall -9 ssr-local &> /dev/null
killall -9 dns2socks &> /dev/null
killall -9 v2ray &> /dev/null
killall -9 haveged &> /dev/null
killall -9 kcptun &> /dev/null
#删除定时规则
remove_firewall_start
remote_cron_job
#ps | grep dns2socks | grep -v grep | xargs kill -9 > /dev/null 2>&1
flush_ss_rules
}
status() {
result1=$(pssh | grep -v status | grep -c "${appname}")
#http_status=`curl -s -w %{http_code} https://www.google.com.hk/images/branding/googlelogo/1x/googlelogo_color_116x41dp.png -k -o /dev/null --socks5 127.0.0.1:1082`
#if [ "$result" == '0' ] || [ "$http_status" != "200" ]; then
result2=$(iptables -t nat -S | grep SHADOWSOCK)
process_count=3
[ "$ssgena" == '1' ] && ssgflag=", 游戏节点: $ssgid($ssg_mode)"
if [ "$kcp_enable" == '1' ]; then
ssgflag="$ssgflag, kcptun($ss_kcp_node):"
let "process_count++"
[ "$(pssh | grep -c kcptun)" -eq 1 ] && ssgflag="$ssgflag 运行中" || ssgflag="$ssgflag 未运行"
fi
if [ "$proxy_type" == "v2ray" ]; then
let "process_count--"
fi
if [ "$result1" -ge $process_count ]; then
if [ -n "$result2" ]; then
status="运行节点: $id($ss_mode)$ssgflag|1"
else
status="ss链路异常可以尝试重启服务|0"
fi
else
status="未运行|0"
fi
mbdb set $appname.main.status="$status"
}
case "$1" in
start) start ;;
stop) stop ;;
restart) stop; start ;;
reload) stop; start ;;
status) status ;;
esac

134
apps/shadowsocks/scripts/ss_online_update.sh Normal file
View File

@@ -0,0 +1,134 @@
#!/bin/sh
#copyright by monlor
source /etc/mixbox/bin/base
eval `mbdb export shadowsocks`
online_config=${mbroot}/apps/${appname}/config/ssserver_online.conf
local_config=${mbroot}/apps/${appname}/config/ssserver.conf
decode_url_link(){
link=$1
num=$2
len=$((${#link}-$num))
mod4=$(($len%4))
if [ "$mod4" -gt "0" ]; then
var="===="
newlink=${link}${var:$mod4}
echo -n "$newlink" | sed 's/-/+/g; s/_/\//g' | base64 -d 2>/dev/null
else
echo -n "$link" | sed 's/-/+/g; s/_/\//g' | base64 -d 2>/dev/null
fi
}
get_ss_config() {
decode_link="$1"
server=$(echo "$decode_link" |awk -F':' '{print $1}')
server_port=$(echo "$decode_link" |awk -F':' '{print $2}')
protocol=$(echo "$decode_link" |awk -F':' '{print $3}')
encrypt_method=$(echo "$decode_link" |awk -F':' '{print $4}')
obfs=$(echo "$decode_link" |awk -F':' '{print $5}'|sed 's/_compatible//g')
#password=$(echo "$decode_link" |awk -F':' '{print $6}'|awk -F'/' '{print $1}')
password=$(decode_url_link $(echo "$decode_link" |awk -F':' '{print $6}'|awk -F'/' '{print $1}') 0)
obfsparam_temp=$(echo "$decode_link" |awk -F':' '{print $6}'|grep -Eo "obfsparam.+"|sed 's/obfsparam=//g'|awk -F'&' '{print $1}')
[ -n "$obfsparam_temp" ] && obfsparam=$(decode_url_link $obfsparam_temp 0) || obfsparam=''
protoparam_temp=$(echo "$decode_link" |awk -F':' '{print $6}'|grep -Eo "protoparam.+"|sed 's/protoparam=//g'|awk -F'&' '{print $1}')
[ -n "$protoparam_temp" ] && protoparam=$(decode_url_link $protoparam_temp 0|sed 's/_compatible//g') || protoparam=''
remarks_temp=$(echo "$decode_link" |awk -F':' '{print $6}'|grep -Eo "remarks.+"|sed 's/remarks=//g'|awk -F'&' '{print $1}')
[ -n "$remarks_temp" ] && remarks=$(decode_url_link $remarks_temp 0 | tr "\n" " " | sed -r 's/[ ]|,|\[|\]|\*|\\|\///g') || remarks="$server"
group_temp=$(echo "$decode_link" |awk -F':' '{print $6}'|grep -Eo "group.+"|sed 's/group=//g'|awk -F'&' '{print $1}')
[ -n "$group_temp" ] && group=$(decode_url_link $group_temp 0) || group='AutoSuBGroup'
# [ -n "$group" ] && group_base64=`echo $group | base64_encode | sed 's/ -//g'`
# [ -n "$server" ] && server_base64=`echo $server | base64_encode | sed 's/ -//g'`
#把全部服务器节点写入文件 /usr/share/shadowsocks/serverconfig/all_onlineservers
}
local_update() {
if [ -n "$ssuri" ]; then
# 检测ss ssr
NODE_FORMAT1=`echo $ssuri | grep -E "^ss://"`
NODE_FORMAT2=`echo $ssuri | grep -E "^ssr://"`
if [ -n "$NODE_FORMAT1" ];then
logsh "$service" "暂不支持ss节点订阅..." && exit 1
elif [ -n "$NODE_FORMAT2" ];then
urllinks=$(echo $ssuri | sed 's/ssr:\/\///g')
decode_link=$(decode_url_link $urllinks 0)
get_ss_config $decode_link
read -p "确定要添加节点:[$remarks,$server,$server_port,$password,$encrypt_method...][1/0]? " res
if [ "$res" == '1' ]; then
cat "$local_config" | grep -v "$remarks" > ${mbtmp}/server.conf
mv -f ${mbtmp}/server.conf "$local_config"
echo "ssr,$remarks,$server,$server_port,$password,$encrypt_method,$protocol,$obfs,$protoparam,$obfsparam" >> "$local_config"
fi
fi
fi
}
online_update() {
cat ${mbroot}/apps/${appname}/config/subscribe_link.txt | while read ssr_subscribe_link
do
logsh "$service" "更新订阅地址:$ssr_subscribe_link"
for i in $(seq 1 6); do
logsh "$service" "$i次下载节点..."
wgetsh ${mbtmp}/ssr_subscribe_file.txt $ssr_subscribe_link
if [ $? -ne 0 ]; then
logsh "$service" "下载订阅节点失败1秒后重试"
sleep 1
else
break
fi
done
[ ! -f ${mbtmp}/ssr_subscribe_file.txt ] && logsh "$service" "下载订阅节点失败!" && exit 1
decode_url_link `cat ${mbtmp}/ssr_subscribe_file.txt` 0 > ${mbtmp}/ssr_subscribe_file_temp1.txt
# 检测ss ssr
NODE_FORMAT1=`cat ${mbtmp}/ssr_subscribe_file_temp1.txt | grep -E "^ss://"`
NODE_FORMAT2=`cat ${mbtmp}/ssr_subscribe_file_temp1.txt | grep -E "^ssr://"`
if [ -n "$NODE_FORMAT1" ];then
logsh "$service" "暂不支持ss节点订阅..." && exit 1
elif [ -n "$NODE_FORMAT2" ];then
maxnum=$(decode_url_link `cat ${mbtmp}/ssr_subscribe_file.txt` 0 | grep "MAX=" | awk -F"=" '{print $2}' | grep -Eo "[0-9]+")
if [ -n "$maxnum" ]; then
urllinks=$(decode_url_link `cat ${mbtmp}/ssr_subscribe_file.txt` 0 | sed '/MAX=/d' | shuf -n $maxnum | sed 's/ssr:\/\// /g')
else
urllinks=$(decode_url_link `cat ${mbtmp}/ssr_subscribe_file.txt` 0 | sed 's/ssr:\/\// /g')
fi
[ -z "$urllinks" ] && logsh "$service" "订阅节点解析失败!" && exit 1
echo -n > $online_config
for link in $urllinks
do
decode_link=$(decode_url_link $link 0)
get_ss_config $decode_link
logsh "$service" "添加${appname}订阅节点:$remarks[$server]" -s
echo "ssr,$remarks,$server,$server_port,$password,$encrypt_method,$protocol,$obfs,$protoparam,$obfsparam" >> $online_config
done
logsh "$service" "ss订阅节点更新完成"
fi
rm -rf ${mbtmp}/ssr_subscribe_file.txt
done
}
if [ "$1" == "add" ]; then
echo "URI地址添加节点..."
action="uri"
ssuri="$2"
local_update
else
echo "在线更新ssr订阅节点..."
online_update
fi

18
apps/shadowsocks/scripts/ss_rule_update.sh Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
#copyright by monlor
source /etc/mixbox/bin/base
eval `mbdb export shadowsocks`
chnroute=${mbroot}/apps/${appname}/config/chnroute.txt
gfwlist=${mbroot}/apps/${appname}/config/gfwlist.conf
cdnlist=${mbroot}/apps/${appname}/config/cdn.txt
url="https://raw.githubusercontent.com/hq450/fancyss/master/rules"
logsh "$service" "更新${appname}分流规则"
wgetsh $gfwlist $url/gfwlist.conf
[ $? -ne 0 ] && logsh "$service" "更新gfw黑名单规则失败"
wgetsh $chnroute $url/chnroute.txt
[ $? -ne 0 ] && logsh "$service" "更新大陆白名单规则失败"
wgetsh $cdnlist $url/cdn.txt
[ $? -ne 0 ] && logsh "$service" "更新cdn加速列表失败"