From 907e76746ff4b6ead2fc662171953d7723a32cc3 Mon Sep 17 00:00:00 2001 From: monlor Date: Thu, 5 Mar 2020 18:31:48 +0800 Subject: [PATCH] 2020-03-05 18:31:48 --- .github/workflows/main.yml | 47 +- .github/workflows/master.yml | 55 + .github/workflows/test.yaml | 55 + apps/dms/config/mixbox.conf | 30 +- apps/dms/scripts/dms.sh | 74 +- apps/mixbox/bin/base | 2 +- apps/npc/config/mixbox.conf | 28 +- apps/npc/scripts/npc.sh | 78 +- apps/qiandao/scripts/qiandao.sh | 132 +-- apps/shadowsocks/scripts/shadowsocks.sh | 1286 +++++++++++------------ install.sh | 6 +- temp/known_hosts | 6 + tools/newapp.sh | 100 +- 13 files changed, 990 insertions(+), 909 deletions(-) create mode 100644 .github/workflows/master.yml create mode 100644 .github/workflows/test.yaml create mode 100644 temp/known_hosts diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 09c5bfb..6325a16 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,41 +1,11 @@ name: CI -# on: -# push: -# branchs: -# - 'test' -# - 'master' -# pull_request: -# branchs: -# - 'test' -# - 'master' - # paths: - # - 'apps/**' - # - 'appsbin/**' - # - 'temp/**' -# on: [push, pull_request] -on: - push: - paths-ignore: - - 'README.md' - - 'tools' - - '.github' - branchs: - - 'test' - - 'master' - pull_request: - paths-ignore: - - 'README.md' - - 'tools' - - '.github' - branchs: - - 'test' - - 'master' +on: [push, pull_request] jobs: publish: - runs-on: macos-latest + runs-on: ubuntu-latest steps: - name: Checkout @@ -53,10 +23,8 @@ jobs: cp -rf install.sh mbfiles/ - name: Push changes env: - GH_REF: github.com/monlor/mbfiles - GE_REF: gitee.com/monlor/mbfiles - GH_TOKEN: ${{ secrets.GH_TOKEN }} - GE_TOKEN: ${{ secrets.GE_TOKEN }} + GH_REF: ${{ secrets.GH_REF }} + CO_REF: ${{ secrets.CO_REF }} BRANCH_NAME: $(cd .. && git branch | awk '$1 == "*"{print $2}') run: | cd mbfiles/ @@ -65,8 +33,5 @@ jobs: git config --local user.name "monlor" git add . git commit -m "$(TZ='Asia/Shanghai' date "+%Y-%m-%d %H:%M:%S")" -a - eval "git branch | grep -q "${BRANCH_NAME}" || git checkout -b "${BRANCH_NAME}"" - eval "git push "https://${GH_TOKEN}@${GH_REF}" "${BRANCH_NAME}":"${BRANCH_NAME}" -f" - echo "${GE_TOKEN}" > /root/.ssh/id_rsa - chmod 600 /root/.ssh/id_rsa - eval "git push "https://${GE_REF}" "${BRANCH_NAME}":"${BRANCH_NAME}" -f" + eval "git push "${GH_REF}" master:"${BRANCH_NAME}" -f" + eval "git push "${CO_REF}" master:"${BRANCH_NAME}" -f" \ No newline at end of file diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml new file mode 100644 index 0000000..5821bda --- /dev/null +++ b/.github/workflows/master.yml @@ -0,0 +1,55 @@ +name: Master-CI + +on: + push: + paths-ignore: + - 'README.md' + branches: + - 'master1' + pull_request: + paths-ignore: + - 'README.md' + branches: + - 'master1' + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@master + + - name: Pack files + run: | + mkdir appstore/ + mkdir mbfiles/ + bash ./tools/gitsync.sh pack all + cp -rf appsbin/ mbfiles/appsbin/ + cp -rf appstore/ mbfiles/appstore/ + cp -rf temp/ mbfiles/temp/ + cp -rf applist.txt mbfiles/ + cp -rf install.sh mbfiles/ + + - name: Push to Github + env: + GH_REF: github.com/monlor/mbfiles + GH_TOKEN: ${{ secrets.GH_TOKEN }} + run: | + cd mbfiles/ + git init + git config --local user.email "monlor@qq.com" + git config --local user.name "monlor" + git add . + git commit -m "$(TZ='Asia/Shanghai' date "+%Y-%m-%d %H:%M:%S")" -a + git push "https://${GH_TOKEN}@${GH_REF}" master:master -f + + - name: Push to Gitee + uses: s0/git-publish-subdir-action@master + env: + REPO: git@gitee.com:monlor/mbfiles.git + BRANCH: master + FOLDER: mbfiles + SSH_PRIVATE_KEY: ${{ secrets.GE_TOKEN }} + KNOWN_HOSTS_FILE: temp/known_hosts # Needed if target repo is not on github.com + + diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..fca2cbb --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,55 @@ +name: Test-CI + +on: + push: + paths-ignore: + - 'README.md' + branches: + - 'test1' + pull_request: + paths-ignore: + - 'README.md' + branches: + - 'test1' + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@master + + - name: Pack files + run: | + mkdir appstore/ + mkdir mbfiles/ + bash ./tools/gitsync.sh pack all + cp -rf appsbin/ mbfiles/appsbin/ + cp -rf appstore/ mbfiles/appstore/ + cp -rf temp/ mbfiles/temp/ + cp -rf applist.txt mbfiles/ + cp -rf install.sh mbfiles/ + + - name: Push to Github + env: + GH_REF: github.com/monlor/mbfiles + GH_TOKEN: ${{ secrets.GH_TOKEN }} + run: | + cd mbfiles/ + git init + git config --local user.email "monlor@qq.com" + git config --local user.name "monlor" + git add . + git commit -m "$(TZ='Asia/Shanghai' date "+%Y-%m-%d %H:%M:%S")" -a + git push "https://${GH_TOKEN}@${GH_REF}" master:test -f + + - name: Push to Gitee + uses: s0/git-publish-subdir-action@master + env: + REPO: git@gitee.com:monlor/mbfiles.git + BRANCH: test + FOLDER: mbfiles + SSH_PRIVATE_KEY: ${{ secrets.GE_TOKEN }} + KNOWN_HOSTS_FILE: temp/known_hosts # Needed if target repo is not on github.com + + diff --git a/apps/dms/config/mixbox.conf b/apps/dms/config/mixbox.conf index d2fc5a0..134ccf7 100644 --- a/apps/dms/config/mixbox.conf +++ b/apps/dms/config/mixbox.conf @@ -1,21 +1,21 @@ #------------------【DMS】-------------------- dms() { - eval `mbdb export dms` - source "$(mbdb get mixbox.main.path)"/bin/base - echo "********* $service ***********" - echo "[${appinfo}]" - readsh "启动${appname}服务[1/0] " "enable" "1" - if [ "$enable" == '1' ]; then - # Scripts Here - readsh "请输入${appname}媒体目录" "path" "${mbdisk}" - readsh "请输入${appname}媒体服务器名称" "servername" "mixbox-dms" - # readsh "请输入${appname}外网访问配置[1/0]" "openport" "0" - readsh "重启${appname}服务[1/0] " "res" "1" - [ "$res" = '1' -o -z "$res" ] && ${mbroot}/apps/${appname}/scripts/${appname}.sh restart - else - ${mbroot}/apps/${appname}/scripts/${appname}.sh stop - fi + eval `mbdb export dms` + source "$(mbdb get mixbox.main.path)"/bin/base + echo "********* $service ***********" + echo "[${appinfo}]" + readsh "启动${appname}服务[1/0] " "enable" "1" + if [ "$enable" == '1' ]; then + # Scripts Here + readsh "请输入${appname}媒体目录" "path" "${mbdisk}" + readsh "请输入${appname}媒体服务器名称" "servername" "mixbox-dms" + # readsh "请输入${appname}外网访问配置[1/0]" "openport" "0" + readsh "重启${appname}服务[1/0] " "res" "1" + [ "$res" = '1' -o -z "$res" ] && ${mbroot}/apps/${appname}/scripts/${appname}.sh restart + else + ${mbroot}/apps/${appname}/scripts/${appname}.sh stop + fi } #------------------【DMS】-------------------- diff --git a/apps/dms/scripts/dms.sh b/apps/dms/scripts/dms.sh index 279c8ac..af15bd1 100644 --- a/apps/dms/scripts/dms.sh +++ b/apps/dms/scripts/dms.sh @@ -6,63 +6,63 @@ port="" start() { - [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 - logsh "【$service】" "正在启动${appname}服务... " - cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" - # Scripts Here - [ -z "$path" ] && echo "媒体目录不能为空!" && exit 1 - # open_port - # write_firewall_start - daemon ${mbroot}/apps/${appname}/bin/${appname} -path "${path}" -friendlyName "${servername}" -http ":11338" -fFprobeCachePath "${mbdisk}/.dms-ffprobe-cache" - if [ $? -ne 0 ]; then - logsh "【$service】" "启动${appname}服务失败!" && end - else - logsh "【$service】" "启动${appname}服务完成!" - # logsh "【$service】" "请在浏览器打开地址:http://$lanip:$port" - fi - + [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 + logsh "【$service】" "正在启动${appname}服务... " + cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" + # Scripts Here + [ -z "$path" ] && echo "媒体目录不能为空!" && exit 1 + # open_port + # write_firewall_start + daemon ${mbroot}/apps/${appname}/bin/${appname} -path "${path}" -friendlyName "${servername}" -http ":11338" -fFprobeCachePath "${mbdisk}/.dms-ffprobe-cache" + if [ $? -ne 0 ]; then + logsh "【$service】" "启动${appname}服务失败!" && end + else + logsh "【$service】" "启动${appname}服务完成!" + # logsh "【$service】" "请在浏览器打开地址:http://$lanip:$port" + fi + } stop() { - logsh "【$service】" "正在停止${appname}服务... " - [ "$enable" == '0' ] && destroy - # close_port - # remove_firewall_start - killall -9 ${appname} &> /dev/null + logsh "【$service】" "正在停止${appname}服务... " + [ "$enable" == '0' ] && destroy + # close_port + # remove_firewall_start + killall -9 ${appname} &> /dev/null } destroy() { - - # End app, Scripts here - cru d "${appname}" - return + + # End app, Scripts here + cru d "${appname}" + return } end() { - mbdb set ${appname}.main.enable=0 - stop && exit 1 + mbdb set ${appname}.main.enable=0 + stop && exit 1 } status() { - if [ -n "$(pidof ${appname})" ]; then - status="运行中|1" - else - status="未运行|0" - fi - mbdb set ${appname}.main.status="$status" + if [ -n "$(pidof ${appname})" ]; then + status="运行中|1" + else + status="未运行|0" + fi + mbdb set ${appname}.main.status="$status" } case "$1" in - start) start ;; - stop) stop ;; - restart) stop; start ;; - reload) close_port && open_port ;; - status) status ;; + start) start ;; + stop) stop ;; + restart) stop; start ;; + reload) close_port && open_port ;; + status) status ;; esac diff --git a/apps/mixbox/bin/base b/apps/mixbox/bin/base index ff60636..e398508 100644 --- a/apps/mixbox/bin/base +++ b/apps/mixbox/bin/base @@ -3,7 +3,7 @@ export PATH=$PATH:/etc/mixbox/bin mburl_coding="https://monlor.coding.net/p/mbfiles/d/mbfiles/git/raw/master" -mburl_github="https://cdn.jsdelivr.net/gh/monlor/mbfiles" +mburl_github="https://raw.githubusercontent.com/monlor/MIXBOX/master" # mburl_test="https://monlor.coding.net/p/mbfiles/d/mbfiles/git/raw/test" mburl=$(mbdb get mixbox.main.url) || mburl="$mburl_coding" mbroot=$(mbdb get mixbox.main.path) diff --git a/apps/npc/config/mixbox.conf b/apps/npc/config/mixbox.conf index fab96f3..d8899da 100644 --- a/apps/npc/config/mixbox.conf +++ b/apps/npc/config/mixbox.conf @@ -1,21 +1,21 @@ #------------------【NPC】-------------------- npc() { - eval `mbdb export npc` - source "$(mbdb get mixbox.main.path)"/bin/base - echo "********* $service ***********" - echo "[${appinfo}]" - readsh "启动${appname}服务[1/0] " "enable" "1" - if [ "$enable" == '1' ]; then - # Scripts Here - readsh "请输入npc连接命令:" "connect_cmd" + eval `mbdb export npc` + source "$(mbdb get mixbox.main.path)"/bin/base + echo "********* $service ***********" + echo "[${appinfo}]" + readsh "启动${appname}服务[1/0] " "enable" "1" + if [ "$enable" == '1' ]; then + # Scripts Here + readsh "请输入npc连接命令:" "connect_cmd" - # readsh "请输入${appname}外网访问配置[1/0]" "openport" "0" - readsh "重启${appname}服务[1/0] " "res" "1" - [ "$res" = '1' -o -z "$res" ] && ${mbroot}/apps/${appname}/scripts/${appname}.sh restart - else - ${mbroot}/apps/${appname}/scripts/${appname}.sh stop - fi + # readsh "请输入${appname}外网访问配置[1/0]" "openport" "0" + readsh "重启${appname}服务[1/0] " "res" "1" + [ "$res" = '1' -o -z "$res" ] && ${mbroot}/apps/${appname}/scripts/${appname}.sh restart + else + ${mbroot}/apps/${appname}/scripts/${appname}.sh stop + fi } #------------------【NPC】-------------------- diff --git a/apps/npc/scripts/npc.sh b/apps/npc/scripts/npc.sh index 07dc027..ba773c2 100644 --- a/apps/npc/scripts/npc.sh +++ b/apps/npc/scripts/npc.sh @@ -6,66 +6,66 @@ port="" start() { - [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 - logsh "【$service】" "正在启动${appname}服务... " - # cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" - # Scripts Here + [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 + logsh "【$service】" "正在启动${appname}服务... " + # cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" + # Scripts Here + + # open_port + # write_firewall_start + [ -z "${connect_cmd}" ] && echo "连接命令未设置!" && end + connect_cmd="$(echo "$connect_cmd" | sed -e "s#^\./#${mbroot}/apps/${appname}/bin/#")" + # 这里有参数,所以不加引号 + daemon ${connect_cmd} + if [ $? -ne 0 ]; then + logsh "【$service】" "启动${appname}服务失败!" && end + else + logsh "【$service】" "启动${appname}服务完成!" + # logsh "【$service】" "请在浏览器打开地址:http://$lanip:$port" + fi - # open_port - # write_firewall_start - [ -z "${connect_cmd}" ] && echo "连接命令未设置!" && end - connect_cmd="$(echo "$connect_cmd" | sed -e "s#^\./#${mbroot}/apps/${appname}/bin/#")" - # 这里有参数,所以不加引号 - daemon ${connect_cmd} - if [ $? -ne 0 ]; then - logsh "【$service】" "启动${appname}服务失败!" && end - else - logsh "【$service】" "启动${appname}服务完成!" - # logsh "【$service】" "请在浏览器打开地址:http://$lanip:$port" - fi - } stop() { - logsh "【$service】" "正在停止${appname}服务... " - [ "$enable" == '0' ] && destroy - # close_port - # remove_firewall_start - killall -9 ${appname} &> /dev/null + logsh "【$service】" "正在停止${appname}服务... " + [ "$enable" == '0' ] && destroy + # close_port + # remove_firewall_start + killall -9 ${appname} &> /dev/null } destroy() { - - # End app, Scripts here - # cru d "${appname}" - return + + # End app, Scripts here + # cru d "${appname}" + return } end() { - mbdb set ${appname}.main.enable=0 - stop && exit 1 + mbdb set ${appname}.main.enable=0 + stop && exit 1 } status() { - if [ -n "$(pidof ${appname})" ]; then - status="运行中|1" - else - status="未运行|0" - fi - mbdb set ${appname}.main.status="$status" + if [ -n "$(pidof ${appname})" ]; then + status="运行中|1" + else + status="未运行|0" + fi + mbdb set ${appname}.main.status="$status" } case "$1" in - start) start ;; - stop) stop ;; - restart) stop; start ;; - reload) close_port && open_port ;; - status) status ;; + start) start ;; + stop) stop ;; + restart) stop; start ;; + reload) close_port && open_port ;; + status) status ;; esac diff --git a/apps/qiandao/scripts/qiandao.sh b/apps/qiandao/scripts/qiandao.sh index 40b0ac3..fb6f936 100644 --- a/apps/qiandao/scripts/qiandao.sh +++ b/apps/qiandao/scripts/qiandao.sh @@ -7,104 +7,104 @@ SETTING_FILE="${mbroot}/apps/${appname}/bin/cookie.txt" generate_cookie_conf() { - cp -f ${mbroot}/apps/${appname}/config/cookie_template.txt ${SETTING_FILE} + cp -f ${mbroot}/apps/${appname}/config/cookie_template.txt ${SETTING_FILE} - local qiandao_setting="" - local qiandao_enable="" + local qiandao_setting="" + local qiandao_enable="" - echo "${qiandao_support}" | tr ' ' '\n' | while read line; do - test -z "${line}" && continue - qiandao_setting="$(parse_str qiandao_${line}_setting)" - qiandao_enable="$(parse_str qiandao_${line})" - # 该签到网站未启用签到程序时,将cookie置为空 - [ "${qiandao_enable}" != "1" ] && qiandao_setting="" || qiandao_setting="$(base_decode "${qiandao_setting}")" - sed -i "s/##${line}_cookie##/${qiandao_setting}/" ${SETTING_FILE} - done + echo "${qiandao_support}" | tr ' ' '\n' | while read line; do + test -z "${line}" && continue + qiandao_setting="$(parse_str qiandao_${line}_setting)" + qiandao_enable="$(parse_str qiandao_${line})" + # 该签到网站未启用签到程序时,将cookie置为空 + [ "${qiandao_enable}" != "1" ] && qiandao_setting="" || qiandao_setting="$(base_decode "${qiandao_setting}")" + sed -i "s/##${line}_cookie##/${qiandao_setting}/" ${SETTING_FILE} + done } add_cron() { - logsh "【$service】" "添加签到定时任务,每天$qiandao_time点自动签到..." - cru a ${appname} "1 $qiandao_time * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" + logsh "【$service】" "添加签到定时任务,每天$qiandao_time点自动签到..." + cru a ${appname} "1 $qiandao_time * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" } del_cron() { - logsh "【$service】" "删除签到定时任务!" - cru d ${appname} + logsh "【$service】" "删除签到定时任务!" + cru d ${appname} } start() { - [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 - logsh "【$service】" "正在启动${appname}服务... " - # Scripts Here - generate_cookie_conf - add_cron - # open_port - # write_firewall_start - if [ "$qiandao_action" == '2' ]; then - i=4 - while(true) - do - echo "-------------------------------" - cd ${mbroot}/apps/${appname}/bin && ./${appname} 2>&1 | tee ${mbroot}/var/log/${appname}.log - echo "-------------------------------" - if [ -z "$(cat ${mbroot}/var/log/${appname}.log | grep panic)" ]; then - break - else - logsh "【$service】" "出错了,1秒后尝试重新启动..." - sleep 1 - fi - let i=$i-1 - [ "$i" -eq 0 ] && logsh "【$service】" "启动${appname}服务失败!" && exit 1 - done - else - mbdb set $appname.main.qiandao_action='2' - - fi - - logsh "【$service】" "启动${appname}服务完成!" - status - + [ -n "$(pidof ${appname})" ] && logsh "【$service】" "${appname}已经在运行!" && exit 1 + logsh "【$service】" "正在启动${appname}服务... " + # Scripts Here + generate_cookie_conf + add_cron + # open_port + # write_firewall_start + if [ "$qiandao_action" == '2' ]; then + i=4 + while(true) + do + echo "-------------------------------" + cd ${mbroot}/apps/${appname}/bin && ./${appname} 2>&1 | tee ${mbroot}/var/log/${appname}.log + echo "-------------------------------" + if [ -z "$(cat ${mbroot}/var/log/${appname}.log | grep panic)" ]; then + break + else + logsh "【$service】" "出错了,1秒后尝试重新启动..." + sleep 1 + fi + let i=$i-1 + [ "$i" -eq 0 ] && logsh "【$service】" "启动${appname}服务失败!" && exit 1 + done + else + mbdb set $appname.main.qiandao_action='2' + + fi + + logsh "【$service】" "启动${appname}服务完成!" + status + } stop() { - logsh "【$service】" "正在停止${appname}服务... " - rm -rf $SETTING_FILE - rm -rf ${mbroot}/apps/${appname}/bin/cookie.txt - # killall -9 ${appname} &> /dev/null - [ "$enable" == '0' ] && destroy + logsh "【$service】" "正在停止${appname}服务... " + rm -rf $SETTING_FILE + rm -rf ${mbroot}/apps/${appname}/bin/cookie.txt + # killall -9 ${appname} &> /dev/null + [ "$enable" == '0' ] && destroy } destroy() { - - # End app, Scripts here - del_cron - return + + # End app, Scripts here + del_cron + return } status() { - if [ -n "$(cru l | grep ${appname})" -a -f ${mbroot}/apps/${appname}/bin/cookie.txt ]; then - status="运行中,每天$qiandao_time点自动签到|1" - else - status="未运行|0" - fi - mbdb set $appname.main.status="$status" + if [ -n "$(cru l | grep ${appname})" -a -f ${mbroot}/apps/${appname}/bin/cookie.txt ]; then + status="运行中,每天$qiandao_time点自动签到|1" + else + status="未运行|0" + fi + mbdb set $appname.main.status="$status" } case "$1" in - start) start ;; - stop) stop ;; - restart) stop; start ;; - reload) stop; start ;; - status) status ;; + start) start ;; + stop) stop ;; + restart) stop; start ;; + reload) stop; start ;; + status) status ;; esac diff --git a/apps/shadowsocks/scripts/shadowsocks.sh b/apps/shadowsocks/scripts/shadowsocks.sh index 1a89473..a51b2a6 100644 --- a/apps/shadowsocks/scripts/shadowsocks.sh +++ b/apps/shadowsocks/scripts/shadowsocks.sh @@ -11,767 +11,767 @@ eval `mbdb export shadowsocks` [ "$ssgena" != "1" ] && unset ssg_mode get_v2ray_bin() { - result1=$(curl -skL $mburl/appsbin/v2ray-bin/$model/lastest.txt) &> /dev/null - result2=$(${mbroot}/apps/${appname}/bin/v2ray -version | head -1 | cut -d' ' -f2) &> /dev/null - [ -z "$result1" ] && logsh "【$service】" "获取v2ray在线版本失败,请检查网络!" && exit 1 - logsh "【$service】" "检测v2ray版本,本地版本:$result2,在线版本:$result1" - if [ "$result1" != "$result2" ]; then - logsh "【$service】" "版本不一致,正在更新..." - wgetsh ${mbroot}/apps/${appname}/bin/v2ray $mburl/appsbin/v2ray-bin/$model/v2ray - wgetsh ${mbroot}/apps/${appname}/bin/v2ctl $mburl/appsbin/v2ray-bin/$model/v2ctl - chmod +x ${mbroot}/apps/${appname}/bin/v2ray - chmod +x ${mbroot}/apps/${appname}/bin/v2ctl - fi + result1=$(curl -skL $mburl/appsbin/v2ray-bin/$model/lastest.txt) &> /dev/null + result2=$(${mbroot}/apps/${appname}/bin/v2ray -version | head -1 | cut -d' ' -f2) &> /dev/null + [ -z "$result1" ] && logsh "【$service】" "获取v2ray在线版本失败,请检查网络!" && exit 1 + logsh "【$service】" "检测v2ray版本,本地版本:$result2,在线版本:$result1" + if [ "$result1" != "$result2" ]; then + logsh "【$service】" "版本不一致,正在更新..." + wgetsh ${mbroot}/apps/${appname}/bin/v2ray $mburl/appsbin/v2ray-bin/$model/v2ray + wgetsh ${mbroot}/apps/${appname}/bin/v2ctl $mburl/appsbin/v2ray-bin/$model/v2ctl + chmod +x ${mbroot}/apps/${appname}/bin/v2ray + chmod +x ${mbroot}/apps/${appname}/bin/v2ctl + fi } get_config() { - - logsh "【$service】" "创建节点配置文件..." - [ -z "$id" ] && logsh "【$service】" "未配置运行节点!" && exit - local_ip=0.0.0.0 - [ -z "$id" ] && logsh "【$service】" "未配置运行节点!" && exit 1 - idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$id," | head -1` - [ -z "$idinfo" ] && logsh "【$service】" "未找到配置节点:$id" && exit - proxy_type=`cutsh "$idinfo" 1` - ss_name=`cutsh "$idinfo" 2` - ss_server=`cutsh "$idinfo" 3` - IFIP=`echo $ss_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"` - if [ -z "$IFIP" ]; then - ss_server_tmp=`nslookup $ss_server | sed 1,2d | grep -Eo "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -1` - [ -z "$ss_server_tmp" ] && logsh "【$service】" "服务器地址解析失败,跳过解析!" || ss_server="$ss_server_tmp" + + logsh "【$service】" "创建节点配置文件..." + [ -z "$id" ] && logsh "【$service】" "未配置运行节点!" && exit + local_ip=0.0.0.0 + [ -z "$id" ] && logsh "【$service】" "未配置运行节点!" && exit 1 + idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$id," | head -1` + [ -z "$idinfo" ] && logsh "【$service】" "未找到配置节点:$id" && exit + proxy_type=`cutsh "$idinfo" 1` + ss_name=`cutsh "$idinfo" 2` + ss_server=`cutsh "$idinfo" 3` + IFIP=`echo $ss_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"` + if [ -z "$IFIP" ]; then + ss_server_tmp=`nslookup $ss_server | sed 1,2d | grep -Eo "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -1` + [ -z "$ss_server_tmp" ] && logsh "【$service】" "服务器地址解析失败,跳过解析!" || ss_server="$ss_server_tmp" + fi + if [ "$proxy_type" = "v2ray" ]; then + get_v2ray_bin + ${mbroot}/apps/${appname}/scripts/general_v2ray_config.sh "$id" + else + ss_server_port=`cutsh "$idinfo" 4` + ss_password=`cutsh "$idinfo" 5` + ss_method=`cutsh "$idinfo" 6` + ssr_protocol=`cutsh "$idinfo" 7` + ssr_obfs=`cutsh "$idinfo" 8` + ssr_protocol_param=`cutsh "$idinfo" 9` + ssr_obfs_param=`cutsh "$idinfo" 10` + # 如果kcp成功启动,应该把ss服务端指向kcp服务端口 + if [ "$kcp_started" = 1 ]; then + ss_server=127.0.0.1 + ss_server_port=11183 fi - if [ "$proxy_type" = "v2ray" ]; then - get_v2ray_bin - ${mbroot}/apps/${appname}/scripts/general_v2ray_config.sh "$id" + #生成配置文件 + if [ "$proxy_type" = "ss" ]; then + APPPATH=${mbroot}/apps/${appname}/bin/ss-redir + LOCALPATH=${mbroot}/apps/${appname}/bin/ss-local + # 如果启用了ss混淆 + if [ -n "$ssr_protocol_param" ]; then + cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF +{ + "server": "$ss_server", + "server_port": $ss_server_port, + "local_address": "0.0.0.0", + "local_port": 1081, + "password": "$ss_password", + "timeout": 600, + "method": "$ss_method", + "plugin":"obfs-local", + "plugin_opts":"obfs=$ssr_protocol_param;obfs-host=$ssr_obfs_param" +} +EOF + else + cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF +{ + "server": "$ss_server", + "server_port": $ss_server_port, + "local_address": "0.0.0.0", + "local_port": 1081, + "password": "$ss_password", + "timeout": 600, + "method": "$ss_method" +} +EOF + fi else - ss_server_port=`cutsh "$idinfo" 4` - ss_password=`cutsh "$idinfo" 5` - ss_method=`cutsh "$idinfo" 6` - ssr_protocol=`cutsh "$idinfo" 7` - ssr_obfs=`cutsh "$idinfo" 8` - ssr_protocol_param=`cutsh "$idinfo" 9` - ssr_obfs_param=`cutsh "$idinfo" 10` - # 如果kcp成功启动,应该把ss服务端指向kcp服务端口 - if [ "$kcp_started" = 1 ]; then - ss_server=127.0.0.1 - ss_server_port=11183 - fi - #生成配置文件 - if [ "$proxy_type" = "ss" ]; then - APPPATH=${mbroot}/apps/${appname}/bin/ss-redir - LOCALPATH=${mbroot}/apps/${appname}/bin/ss-local - # 如果启用了ss混淆 - if [ -n "$ssr_protocol_param" ]; then - cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF + APPPATH=${mbroot}/apps/${appname}/bin/ssr-redir + LOCALPATH=${mbroot}/apps/${appname}/bin/ssr-local + cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF { - "server": "$ss_server", - "server_port": $ss_server_port, - "local_address": "0.0.0.0", - "local_port": 1081, - "password": "$ss_password", - "timeout": 600, - "method": "$ss_method", - "plugin":"obfs-local", - "plugin_opts":"obfs=$ssr_protocol_param;obfs-host=$ssr_obfs_param" + "server": "$ss_server", + "server_port": $ss_server_port, + "local_address": "0.0.0.0", + "local_port": 1081, + "password": "$ss_password", + "timeout": 600, + "protocol": "$ssr_protocol", + "protocol_param": "$ssr_protocol_param", + "obfs": "$ssr_obfs", + "obfs_param": "$ssr_obfs_param", + "method": "$ss_method" } EOF - else - cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF -{ - "server": "$ss_server", - "server_port": $ss_server_port, - "local_address": "0.0.0.0", - "local_port": 1081, - "password": "$ss_password", - "timeout": 600, - "method": "$ss_method" -} -EOF - fi - else - APPPATH=${mbroot}/apps/${appname}/bin/ssr-redir - LOCALPATH=${mbroot}/apps/${appname}/bin/ssr-local - cat > ${mbroot}/apps/${appname}/config/ss.conf <<-EOF -{ - "server": "$ss_server", - "server_port": $ss_server_port, - "local_address": "0.0.0.0", - "local_port": 1081, - "password": "$ss_password", - "timeout": 600, - "protocol": "$ssr_protocol", - "protocol_param": "$ssr_protocol_param", - "obfs": "$ssr_obfs", - "obfs_param": "$ssr_obfs_param", - "method": "$ss_method" -} -EOF - fi - cp ${mbroot}/apps/${appname}/config/ss.conf ${mbroot}/apps/${appname}/config/dns2socks.conf && sed -i 's/1081/1082/g' ${mbroot}/apps/${appname}/config/dns2socks.conf fi + cp ${mbroot}/apps/${appname}/config/ss.conf ${mbroot}/apps/${appname}/config/dns2socks.conf && sed -i 's/1081/1082/g' ${mbroot}/apps/${appname}/config/dns2socks.conf + fi - if [ "$ssgena" == '1' ]; then - [ -z "$ssgid" ] && logsh "【$service】" "未配置游戏运行节点!" && exit - idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$ssgid," | head -1` - [ -z "$idinfo" ] && logsh "【$service】" "未找到配置节点:$ssgid" && exit - proxy_type_game=`cutsh "$idinfo" 1` - ssg_name=`cutsh "$idinfo" 2` - ssg_server=`cutsh "$idinfo" 3` - if [ "$proxy_type" = "v2ray" -a "$proxy_type_game" != "v2ray" -a "$ssg_server" != "$ss_server" ]; then - logsh "【$service】" "当主进程为v2ray代理时,游戏进程只能选择同样的v2ray节点!" - return - ssgena=0 - fi - if [ "$proxy_type" != "v2ray" -a "$proxy_type_game" = "v2ray" ]; then - logsh "【$service】" "只有当主进程为v2ray代理时,游戏进程才能启用v2ray!" - return - ssgena=0 - fi - [ "$proxy_type_game" = "v2ray" -o "$ssgid" == "$id" ] && return - ssg_server_port=`cutsh "$idinfo" 4` - ssg_password=`cutsh "$idinfo" 5` - ssg_method=`cutsh "$idinfo" 6` - ssg_protocol=`cutsh "$idinfo" 7` - ssg_obfs=`cutsh "$idinfo" 8` - ssg_protocol_param=`cutsh "$idinfo" 9` - ssg_obfs_param=`cutsh "$idinfo" 10` - IFIP=`echo $ssg_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"` - if [ -z "$IFIP" ]; then - ssg_server_tmp=`resolveip $ssg_server | head -1` - [ $? -ne 0 ] && logsh "【$service】" "游戏服务器地址解析失败,跳过解析!" || ssg_server="$ssg_server_tmp" - fi - if [ "$proxy_type_game" = "ss" ]; then - cp -rf ${mbroot}/apps/${appname}/bin/ss-redir ${mbroot}/apps/${appname}/bin/ssg-redir - # 如果启用了ss混淆 - if [ -n "$ssg_protocol_param" ]; then - cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF -{ - "server": "$ssg_server", - "server_port": $ssg_server_port, - "local_address": "0.0.0.0", - "local_port": 1085, - "password": "$ssg_password", - "timeout": 600, - "method": "$ssg_method", - "plugin":"obfs-local", - "plugin_opts":"obfs=$ssg_protocol_param;obfs-host=$ssg_obfs_param" -} -EOF - else - cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF -{ - "server": "$ssg_server", - "server_port": $ssg_server_port, - "local_address": "0.0.0.0", - "local_port": 1085, - "password": "$ssg_password", - "timeout": 600, - "method": "$ssg_method" -} -EOF - fi - else - cp -rf ${mbroot}/apps/${appname}/bin/ssr-redir ${mbroot}/apps/${appname}/bin/ssg-redir - cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF -{ - "server": "$ssg_server", - "server_port": $ssg_server_port, - "local_address": "0.0.0.0", - "local_port": 1085, - "password": "$ssg_password", - "timeout": 600, - "protocol": "$ssg_protocol", - "protocol_param": "$ssg_protocol_param", - "obfs": "$ssg_obfs", - "obfs_param": "$ssg_obfs_param", - "method": "$ssg_method" -} -EOF - fi + if [ "$ssgena" == '1' ]; then + [ -z "$ssgid" ] && logsh "【$service】" "未配置游戏运行节点!" && exit + idinfo=`cat ${mbroot}/apps/${appname}/config/ssserver* | grep ",$ssgid," | head -1` + [ -z "$idinfo" ] && logsh "【$service】" "未找到配置节点:$ssgid" && exit + proxy_type_game=`cutsh "$idinfo" 1` + ssg_name=`cutsh "$idinfo" 2` + ssg_server=`cutsh "$idinfo" 3` + if [ "$proxy_type" = "v2ray" -a "$proxy_type_game" != "v2ray" -a "$ssg_server" != "$ss_server" ]; then + logsh "【$service】" "当主进程为v2ray代理时,游戏进程只能选择同样的v2ray节点!" + return + ssgena=0 fi - # 保存代理类型 - mbdb set ${appname}.main.proxy_type="$proxy_type" + if [ "$proxy_type" != "v2ray" -a "$proxy_type_game" = "v2ray" ]; then + logsh "【$service】" "只有当主进程为v2ray代理时,游戏进程才能启用v2ray!" + return + ssgena=0 + fi + [ "$proxy_type_game" = "v2ray" -o "$ssgid" == "$id" ] && return + ssg_server_port=`cutsh "$idinfo" 4` + ssg_password=`cutsh "$idinfo" 5` + ssg_method=`cutsh "$idinfo" 6` + ssg_protocol=`cutsh "$idinfo" 7` + ssg_obfs=`cutsh "$idinfo" 8` + ssg_protocol_param=`cutsh "$idinfo" 9` + ssg_obfs_param=`cutsh "$idinfo" 10` + IFIP=`echo $ssg_server | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}|:"` + if [ -z "$IFIP" ]; then + ssg_server_tmp=`resolveip $ssg_server | head -1` + [ $? -ne 0 ] && logsh "【$service】" "游戏服务器地址解析失败,跳过解析!" || ssg_server="$ssg_server_tmp" + fi + if [ "$proxy_type_game" = "ss" ]; then + cp -rf ${mbroot}/apps/${appname}/bin/ss-redir ${mbroot}/apps/${appname}/bin/ssg-redir + # 如果启用了ss混淆 + if [ -n "$ssg_protocol_param" ]; then + cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF +{ + "server": "$ssg_server", + "server_port": $ssg_server_port, + "local_address": "0.0.0.0", + "local_port": 1085, + "password": "$ssg_password", + "timeout": 600, + "method": "$ssg_method", + "plugin":"obfs-local", + "plugin_opts":"obfs=$ssg_protocol_param;obfs-host=$ssg_obfs_param" +} +EOF + else + cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF +{ + "server": "$ssg_server", + "server_port": $ssg_server_port, + "local_address": "0.0.0.0", + "local_port": 1085, + "password": "$ssg_password", + "timeout": 600, + "method": "$ssg_method" +} +EOF + fi + else + cp -rf ${mbroot}/apps/${appname}/bin/ssr-redir ${mbroot}/apps/${appname}/bin/ssg-redir + cat > ${mbroot}/apps/${appname}/config/ssg.conf <<-EOF +{ + "server": "$ssg_server", + "server_port": $ssg_server_port, + "local_address": "0.0.0.0", + "local_port": 1085, + "password": "$ssg_password", + "timeout": 600, + "protocol": "$ssg_protocol", + "protocol_param": "$ssg_protocol_param", + "obfs": "$ssg_obfs", + "obfs_param": "$ssg_obfs_param", + "method": "$ssg_method" +} +EOF + fi + fi + # 保存代理类型 + mbdb set ${appname}.main.proxy_type="$proxy_type" } dnsconfig() { - killall ss-local &> /dev/null - killall dns2socks > /dev/null 2>&1 - if [ "$proxy_type" != "v2ray" ]; then - logsh "【$service】" "启动ss-local本地socks5代理..." - daemon $LOCALPATH -c ${mbroot}/apps/${appname}/config/dns2socks.conf - fi - logsh "【$service】" "开启dns2socks进程..." - daemon ${mbroot}/apps/${appname}/bin/dns2socks 127.0.0.1:1082 $DNS_SERVER:$DNS_SERVER_PORT 127.0.0.1:15353 - if [ $? -ne 0 ]; then - logsh "【$service】" "启动失败!" - exit - fi - if [ "$dns_red_enable" == '1' ]; then - logsh "【$service】" "启用DNS重定向到$dns_red_ip" - iptables -t nat -I PREROUTING -s $lanip/24 -p udp --dport 53 -m comment --comment "${appname}"-dns -j DNAT --to $dns_red_ip &> /dev/null - fi - + killall ss-local &> /dev/null + killall dns2socks > /dev/null 2>&1 + if [ "$proxy_type" != "v2ray" ]; then + logsh "【$service】" "启动ss-local本地socks5代理..." + daemon $LOCALPATH -c ${mbroot}/apps/${appname}/config/dns2socks.conf + fi + logsh "【$service】" "开启dns2socks进程..." + daemon ${mbroot}/apps/${appname}/bin/dns2socks 127.0.0.1:1082 $DNS_SERVER:$DNS_SERVER_PORT 127.0.0.1:15353 + if [ $? -ne 0 ]; then + logsh "【$service】" "启动失败!" + exit + fi + if [ "$dns_red_enable" == '1' ]; then + logsh "【$service】" "启用DNS重定向到$dns_red_ip" + iptables -t nat -I PREROUTING -s $lanip/24 -p udp --dport 53 -m comment --comment "${appname}"-dns -j DNAT --to $dns_red_ip &> /dev/null + fi + } get_mode_name() { - case "$1" in - 0) - echo "不走代理" - ;; - 1) - echo "科学上网" - ;; - esac + case "$1" in + 0) + echo "不走代理" + ;; + 1) + echo "科学上网" + ;; + esac } get_game_mode() { - case "$1" in - 0) - echo "不走游戏" - ;; - 1) - echo "游戏加速" - ;; - esac + case "$1" in + 0) + echo "不走游戏" + ;; + 1) + echo "游戏加速" + ;; + esac } get_jump_mode(){ - case "$1" in - 0) - echo "-j" - ;; - *) - echo "-g" - ;; - esac + case "$1" in + 0) + echo "-j" + ;; + *) + echo "-g" + ;; + esac } get_action_chain() { - case "$1" in - 0) - echo "RETURN" - ;; - 1) - echo "SHADOWSOCK" - ;; - esac + case "$1" in + 0) + echo "RETURN" + ;; + 1) + echo "SHADOWSOCK" + ;; + esac } ipset_rules_smartdns() { - # ipset deal - logsh "【$service】" "创建ipset规则..." - [ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf - [ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf - rm -rf ${mbtmp}/wblist.conf - rm -rf ${mbtmp}/sscdn.conf - ipset -N customize_black iphash -! - ipset -N customize_white iphash -! - ipset -N router iphash -! - ipset -N gfwlist iphash -! + # ipset deal + logsh "【$service】" "创建ipset规则..." + [ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf + [ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf + rm -rf ${mbtmp}/wblist.conf + rm -rf ${mbtmp}/sscdn.conf + ipset -N customize_black iphash -! + ipset -N customize_white iphash -! + ipset -N router iphash -! + ipset -N gfwlist iphash -! - # 生成自定义黑名单规则,最后4个为tg的ip - ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22" - for ip in $ip_tg - do - ipset -! add customize_black $ip >/dev/null 2>&1 - done - cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line - do - if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then - echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf - else - ipset -! add customize_black ${line} &> /dev/null - fi - done - - # 路由器自身规则 - if [ "$ss_mode" != "homemode" ]; then - echo "#for router itself" >> ${mbtmp}/wblist.conf - echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf - echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf - echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf + # 生成自定义黑名单规则,最后4个为tg的ip + ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22" + for ip in $ip_tg + do + ipset -! add customize_black $ip >/dev/null 2>&1 + done + cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line + do + if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then + echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf + else + ipset -! add customize_black ${line} &> /dev/null + fi + done + + # 路由器自身规则 + if [ "$ss_mode" != "homemode" ]; then + echo "#for router itself" >> ${mbtmp}/wblist.conf + echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf + echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf + echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf + fi + + # 生成自定义白名单规则 + ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0" + for ip in $ip_tg; do + ipset -! add customize_white $ip >/dev/null 2>&1 + done + cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line + do + if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then + echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf + else + ipset -! add customize_white ${line} &> /dev/null fi - - # 生成自定义白名单规则 - ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0" - for ip in $ip_tg; do - ipset -! add customize_white $ip >/dev/null 2>&1 - done - cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line - do - if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then - echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf - else - ipset -! add customize_white ${line} &> /dev/null - fi - done - echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf - echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf - - #黑白名单规则 - if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" ]; then - sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -! - elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then - cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf - sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf - sed -i '/^server/d' ${mbtmp}/gfwlist.conf - ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf - fi - # 使规则生效 - ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf + done + echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf + echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf + + #黑白名单规则 + if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" ]; then + sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -! + elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then + cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf + sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf + sed -i '/^server/d' ${mbtmp}/gfwlist.conf + ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf + fi + # 使规则生效 + ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf } ipset_rules() { - # ipset deal - logsh "【$service】" "创建ipset规则..." - [ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf - [ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf - rm -rf ${mbtmp}/wblist.conf - rm -rf ${mbtmp}/sscdn.conf - ipset -N customize_black iphash -! - ipset -N customize_white iphash -! - ipset -N router iphash -! - ipset -N gfwlist iphash -! + # ipset deal + logsh "【$service】" "创建ipset规则..." + [ ! -f ${mbroot}/apps/${appname}/config/customize_black.conf ] && touch ${mbroot}/apps/${appname}/config/customize_black.conf + [ ! -f ${mbroot}/apps/${appname}/config/customize_white.conf ] && touch ${mbroot}/apps/${appname}/config/customize_white.conf + rm -rf ${mbtmp}/wblist.conf + rm -rf ${mbtmp}/sscdn.conf + ipset -N customize_black iphash -! + ipset -N customize_white iphash -! + ipset -N router iphash -! + ipset -N gfwlist iphash -! - # 生成自定义黑名单规则,最后4个为tg - ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22" - for ip in $ip_tg - do - ipset -! add customize_black $ip >/dev/null 2>&1 - done - cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line - do - if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then - echo "server=/.${line}/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf - else - ipset -! add customize_black ${line} &> /dev/null - fi - done - - # 路由器自身规则 - if [ "$ss_mode" != "homemode" ]; then - echo "#for router itself" >> ${mbtmp}/wblist.conf - echo "server=/.google.com.tw/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf - echo "server=/dns.google.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf - echo "server=/.github.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf - echo "server=/.github.io/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf - echo "server=/.raw.githubusercontent.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf - echo "server=/.adblockplus.org/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf - echo "server=/.entware.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf - echo "server=/.apnic.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf - echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf + # 生成自定义黑名单规则,最后4个为tg + ip_tg="149.154.0.0 91.108.4.0 91.108.56.0 109.239.140.0 67.198.55.0 91.108.4.0/22 91.108.56.0/22 149.154.160.0/20 149.154.164.0/22" + for ip in $ip_tg + do + ipset -! add customize_black $ip >/dev/null 2>&1 + done + cat ${mbroot}/apps/${appname}/config/customize_black.conf | grep -Ev '^$|^[#;]' | while read line + do + if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then + echo "server=/.${line}/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.${line}/customize_black" >> ${mbtmp}/wblist.conf + else + ipset -! add customize_black ${line} &> /dev/null + fi + done + + # 路由器自身规则 + if [ "$ss_mode" != "homemode" ]; then + echo "#for router itself" >> ${mbtmp}/wblist.conf + echo "server=/.google.com.tw/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.google.com.tw/router" >> ${mbtmp}/wblist.conf + echo "server=/dns.google.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/dns.google.com/router" >> ${mbtmp}/wblist.conf + echo "server=/.github.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.github.com/router" >> ${mbtmp}/wblist.conf + echo "server=/.github.io/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.github.io/router" >> ${mbtmp}/wblist.conf + echo "server=/.raw.githubusercontent.com/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.raw.githubusercontent.com/router" >> ${mbtmp}/wblist.conf + echo "server=/.adblockplus.org/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.adblockplus.org/router" >> ${mbtmp}/wblist.conf + echo "server=/.entware.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.entware.net/router" >> ${mbtmp}/wblist.conf + echo "server=/.apnic.net/127.0.0.1#15353" >> ${mbtmp}/wblist.conf + echo "ipset=/.apnic.net/router" >> ${mbtmp}/wblist.conf + fi + + # 生成自定义白名单规则 + ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0" + for ip in $ip_tg; do + ipset -! add customize_white $ip >/dev/null 2>&1 + done + cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line + do + if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then + echo "server=/.${line}/$CDN#53" >> ${mbtmp}/wblist.conf + echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf + else + ipset -! add customize_white ${line} &> /dev/null fi - - # 生成自定义白名单规则 - ip_tg="$lanip $wanip $ss_server $ssg_server $CDN 10.0.0.0 100.64.0.0 127.0.0.0 169.254.0.0 172.16.0.0 192.168.0.0 224.0.0.0 240.0.0.0 223.5.5.5 223.6.6.6 114.114.114.114 114.114.115.115 1.2.4.8 210.2.4.8 112.124.47.27 114.215.126.16 180.76.76.76 119.29.29.29 0.0.0.0" - for ip in $ip_tg; do - ipset -! add customize_white $ip >/dev/null 2>&1 - done - cat ${mbroot}/apps/${appname}/config/customize_white.conf | grep -Ev '^$|^[#;]' | while read line - do - if [ -z "$(echo ${line} | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")" ]; then - echo "server=/.${line}/$CDN#53" >> ${mbtmp}/wblist.conf - echo "ipset=/.${line}/customize_white" >> ${mbtmp}/wblist.conf - else - ipset -! add customize_white ${line} &> /dev/null - fi - done - if [ "$ss_mode" != "homemode" ]; then - echo "server=/.apple.com/$CDN#53" >> ${mbtmp}/wblist.conf - echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf - echo "server=/.microsoft.com/$CDN#53" >> ${mbtmp}/wblist.conf - echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf - fi - #黑白名单规则 - if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" -o "$ss_mode" = "homemode" ]; then - sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -! - elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then - cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf - sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf - ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf - fi - #加速cdn - if [ "$ss_mode" != "gfwlist" ]; then - cat ${mbroot}/apps/${appname}/config/cdn.txt | sed "s/^/server=&\/./g" | sed "s/$/\/&$CDN/g" | sort | awk '{if ($0!=line) print;line=$0}' >>${mbtmp}/sscdn.conf - ln -s ${mbtmp}/sscdn.conf /tmp/etc/dnsmasq.d/cdn.conf - fi - # 使规则生效 - ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf + done + if [ "$ss_mode" != "homemode" ]; then + echo "server=/.apple.com/$CDN#53" >> ${mbtmp}/wblist.conf + echo "ipset=/.apple.com/customize_white" >> ${mbtmp}/wblist.conf + echo "server=/.microsoft.com/$CDN#53" >> ${mbtmp}/wblist.conf + echo "ipset=/.microsoft.com/customize_white" >> ${mbtmp}/wblist.conf + fi + #黑白名单规则 + if [ "$ss_mode" = "whitelist" -o "$ssg_mode" = "frgame" -o "$ss_mode" = "homemode" ]; then + sed -e "s/^/-A nogfwnet &/g" -e "1 i\-N nogfwnet hash:net" ${mbroot}/apps/${appname}/config/chnroute.txt | ipset -R -! + elif [ "$ss_mode" = "gfwlist" -o "$ssg_mode" = "cngame" ]; then + cp -rf ${mbroot}/apps/${appname}/config/gfwlist.conf ${mbtmp}/gfwlist.conf + sed -i 's/7913/15353/g' ${mbtmp}/gfwlist.conf + ln -s ${mbtmp}/gfwlist.conf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf + fi + #加速cdn + if [ "$ss_mode" != "gfwlist" ]; then + cat ${mbroot}/apps/${appname}/config/cdn.txt | sed "s/^/server=&\/./g" | sed "s/$/\/&$CDN/g" | sort | awk '{if ($0!=line) print;line=$0}' >>${mbtmp}/sscdn.conf + ln -s ${mbtmp}/sscdn.conf /tmp/etc/dnsmasq.d/cdn.conf + fi + # 使规则生效 + ln -s ${mbtmp}/wblist.conf /tmp/etc/dnsmasq.d/wblist.conf } lan_control() { - #lan access control - [ ! -f ${mbroot}/apps/${appname}/config/sscontrol.conf ] && touch ${mbroot}/apps/${appname}/config/sscontrol.conf - cat ${mbroot}/apps/${appname}/config/sscontrol.conf | while read line - do - mac=$(cutsh ${line} 2) - proxy_name=$(cutsh ${line} 1) - proxy_mode=$(cutsh ${line} 3) - game_mode=$(cutsh ${line} 4) - [ -z "$game_mode" ] && game_mode="$proxy_mode" - iptables -t nat -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode) - if [ "$ssgena" == '1' ]; then - iptables -t mangle -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $game_mode) $(get_action_chain $game_mode) - args="[$(get_game_mode $game_mode)]" - else - args="" - fi - logsh "【$service】" "加载ACL规则:[$proxy_name]代理模式为:[$(get_mode_name $proxy_mode)]$args" - done - #default alc mode - iptables -t nat -A SHADOWSOCKS -p tcp -j $(get_action_chain $ss_proxy_default_mode) - [ "$ssgena" = '1' ] && iptables -t mangle -A SHADOWSOCKS -p udp -j $(get_action_chain $ss_game_default_mode) - result=$(cat ${mbroot}/apps/${appname}/config/sscontrol.conf | wc -l) - [ "$result" == '0' ] && flag="全部主机" || flag="其余主机" - [ "$ssgena" == '1' ] && args="[$(get_game_mode $ss_game_default_mode)]" || args="" - logsh "【$service】" "加载ACL规则:[$flag]代理模式为:[$(get_mode_name $ss_proxy_default_mode)]$args" + #lan access control + [ ! -f ${mbroot}/apps/${appname}/config/sscontrol.conf ] && touch ${mbroot}/apps/${appname}/config/sscontrol.conf + cat ${mbroot}/apps/${appname}/config/sscontrol.conf | while read line + do + mac=$(cutsh ${line} 2) + proxy_name=$(cutsh ${line} 1) + proxy_mode=$(cutsh ${line} 3) + game_mode=$(cutsh ${line} 4) + [ -z "$game_mode" ] && game_mode="$proxy_mode" + iptables -t nat -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode) + if [ "$ssgena" == '1' ]; then + iptables -t mangle -A SHADOWSOCKS -m mac --mac-source $mac $(get_jump_mode $game_mode) $(get_action_chain $game_mode) + args="[$(get_game_mode $game_mode)]" + else + args="" + fi + logsh "【$service】" "加载ACL规则:[$proxy_name]代理模式为:[$(get_mode_name $proxy_mode)]$args" + done + #default alc mode + iptables -t nat -A SHADOWSOCKS -p tcp -j $(get_action_chain $ss_proxy_default_mode) + [ "$ssgena" = '1' ] && iptables -t mangle -A SHADOWSOCKS -p udp -j $(get_action_chain $ss_game_default_mode) + result=$(cat ${mbroot}/apps/${appname}/config/sscontrol.conf | wc -l) + [ "$result" == '0' ] && flag="全部主机" || flag="其余主机" + [ "$ssgena" == '1' ] && args="[$(get_game_mode $ss_game_default_mode)]" || args="" + logsh "【$service】" "加载ACL规则:[$flag]代理模式为:[$(get_mode_name $ss_proxy_default_mode)]$args" } load_nat() { - logsh "【$service】" "加载iptables的nat规则..." - iptables -t nat -N SHADOWSOCKS - iptables -t nat -N SHADOWSOCK - # iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN - # iptables -t nat -A SHADOWSOCKS -d $lanip/24 -j RETURN - # iptables -t nat -A SHADOWSOCKS -d $wanip/16 -j RETURN - # iptables -t nat -A SHADOWSOCKS -d $ss_server -j RETURN - # iptables -t nat -A SHADOWSOCKS -d $ssg_server -j RETURN - # general rules - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_white dst -j RETURN - #router itself - [ "$ss_mode" != "homemode" ] && iptables -t nat -A OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081 + logsh "【$service】" "加载iptables的nat规则..." + iptables -t nat -N SHADOWSOCKS + iptables -t nat -N SHADOWSOCK + # iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN + # iptables -t nat -A SHADOWSOCKS -d $lanip/24 -j RETURN + # iptables -t nat -A SHADOWSOCKS -d $wanip/16 -j RETURN + # iptables -t nat -A SHADOWSOCKS -d $ss_server -j RETURN + # iptables -t nat -A SHADOWSOCKS -d $ssg_server -j RETURN + # general rules + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_white dst -j RETURN + #router itself + [ "$ss_mode" != "homemode" ] && iptables -t nat -A OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081 - case "$ss_mode" in - "gfwlist") - logsh "【$service】" "添加国外黑名单规则..." - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-port 1081 - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081 - ;; - "whitelist") - logsh "【$service】" "添加国外白名单规则..." - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081 - iptables -t nat -A SHADOWSOCK -p tcp -m set ! --match-set nogfwnet dst -j REDIRECT --to-ports 1081 - ;; - "wholemode") - logsh "【$service】" "添加全局模式iptables规则..." - iptables -t nat -A SHADOWSOCK -p tcp -j REDIRECT --to-ports 1081 - ;; - "homemode") - logsh "【$service】" "添加回国模式规则..." - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081 - iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set nogfwnet dst -j REDIRECT --to-ports 1081 - ;; - esac + case "$ss_mode" in + "gfwlist") + logsh "【$service】" "添加国外黑名单规则..." + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-port 1081 + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081 + ;; + "whitelist") + logsh "【$service】" "添加国外白名单规则..." + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081 + iptables -t nat -A SHADOWSOCK -p tcp -m set ! --match-set nogfwnet dst -j REDIRECT --to-ports 1081 + ;; + "wholemode") + logsh "【$service】" "添加全局模式iptables规则..." + iptables -t nat -A SHADOWSOCK -p tcp -j REDIRECT --to-ports 1081 + ;; + "homemode") + logsh "【$service】" "添加回国模式规则..." + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set customize_black dst -j REDIRECT --to-ports 1081 + iptables -t nat -A SHADOWSOCK -p tcp -m set --match-set nogfwnet dst -j REDIRECT --to-ports 1081 + ;; + esac - if [ "$ssgena" == '1' ]; then - logsh "【$service】" "加载iptables的udp规则..." - ip rule add fwmark 0x01/0x01 table 300 - ip route add local 0.0.0.0/0 dev lo table 300 - iptables -t mangle -N SHADOWSOCKS - iptables -t mangle -N SHADOWSOCK - # iptables -t mangle -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN - # iptables -t mangle -A SHADOWSOCKS -d 127.0.0.1/16 -j RETURN - # iptables -t mangle -A SHADOWSOCKS -d $lanip/16 -j RETURN - # iptables -t mangle -A SHADOWSOCKS -d $wanip/16 -j RETURN - # iptables -t mangle -A SHADOWSOCKS -d $ss_server -j RETURN - iptables -t mangle -A SHADOWSOCK -p udp -m set --match-set customize_white dst -j RETURN - # chmod -x /opt/filetunnel/stunserver > /dev/null 2>&1 - # killall -9 stunserver > /dev/null 2>&1 - fi - case "ssg_mode" in - "cngame") - logsh "【$service】" "添加国内游戏iptables规则..." - iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set gfwlist dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01 - ;; - "frgame") - logsh "【$service】" "添加国外游戏iptables规则..." - iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set nogfwnet dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01 - ;; - esac + if [ "$ssgena" == '1' ]; then + logsh "【$service】" "加载iptables的udp规则..." + ip rule add fwmark 0x01/0x01 table 300 + ip route add local 0.0.0.0/0 dev lo table 300 + iptables -t mangle -N SHADOWSOCKS + iptables -t mangle -N SHADOWSOCK + # iptables -t mangle -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN + # iptables -t mangle -A SHADOWSOCKS -d 127.0.0.1/16 -j RETURN + # iptables -t mangle -A SHADOWSOCKS -d $lanip/16 -j RETURN + # iptables -t mangle -A SHADOWSOCKS -d $wanip/16 -j RETURN + # iptables -t mangle -A SHADOWSOCKS -d $ss_server -j RETURN + iptables -t mangle -A SHADOWSOCK -p udp -m set --match-set customize_white dst -j RETURN + # chmod -x /opt/filetunnel/stunserver > /dev/null 2>&1 + # killall -9 stunserver > /dev/null 2>&1 + fi + case "ssg_mode" in + "cngame") + logsh "【$service】" "添加国内游戏iptables规则..." + iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set gfwlist dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01 + ;; + "frgame") + logsh "【$service】" "添加国外游戏iptables规则..." + iptables -t mangle -A SHADOWSOCK -p udp -m set ! --match-set nogfwnet dst -j TPROXY --on-port "$ssg_port" --tproxy-mark 0x01/0x01 + ;; + esac - lan_control - # last nat - iptablenu=$(iptables -nvL PREROUTING -t nat | sed 1,2d | sed -n '/KOOLPROXY/=' | head -n1) - if [ -z "$iptablenu" ];then - iptablenu=2 - fi - iptables -t nat -I PREROUTING "$iptablenu" -p tcp -j SHADOWSOCKS - [ "$ssgena" == '1' ] && iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS + lan_control + # last nat + iptablenu=$(iptables -nvL PREROUTING -t nat | sed 1,2d | sed -n '/KOOLPROXY/=' | head -n1) + if [ -z "$iptablenu" ];then + iptablenu=2 + fi + iptables -t nat -I PREROUTING "$iptablenu" -p tcp -j SHADOWSOCKS + [ "$ssgena" == '1' ] && iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS } start_kcp() { - if [ "$kcp_enable" = '1' ]; then - [ -z "$ss_kcp_node" ] && logsh "【$service】" "未配置kcp加速节点,不启用kcp!" && return - logsh "【$service】" "启动kcptun加速主进程($ss_kcp_node)..." - # [ "$proxy_type" = "v2ray" ] && logsh "【$service】" "启动代理节点类型为v2ray,不启用kcp" && return - [ -z "$ss_kcp_mtu" ] && ss_kcp_mtu="1350" - [ -z "$ss_kcp_sndwnd" ] && ss_kcp_sndwnd="128" - [ -z "$ss_kcp_rcvwnd" ] && ss_kcp_rcvwnd="1024" - [ -z "$ss_kcp_conn" ] && ss_kcp_conn="1" - [ -z "$ss_kcp_compon" ] && ss_kcp_compon="1" - daemon ${mbroot}/apps/${appname}/bin/kcptun \ - --localaddr=127.0.0.1:11183 \ - --remoteaddr=$ss_kcp_node:$ss_kcp_port \ - --key=$ss_kcp_password \ - --crypt=$ss_kcp_crypt \ - --mode=$ss_kcp_mode \ - --mtu=$ss_kcp_mtu \ - --sndwnd=$ss_kcp_sndwnd \ - --rcvwnd=$ss_kcp_rcvwnd \ - --conn=$ss_kcp_conn \ - --nocomp=$ss_kcp_nocomp \ - --dscp=$ss_kcp_dscp \ - --sockbuf=$ss_kcp_sockbuf \ - --smuxbuf=$ss_kcp_smuxbuf \ - --log=${mbroot}/var/log/kcptun.log \ - $ss_kcp_config - [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 - kcp_started=1 - fi + if [ "$kcp_enable" = '1' ]; then + [ -z "$ss_kcp_node" ] && logsh "【$service】" "未配置kcp加速节点,不启用kcp!" && return + logsh "【$service】" "启动kcptun加速主进程($ss_kcp_node)..." + # [ "$proxy_type" = "v2ray" ] && logsh "【$service】" "启动代理节点类型为v2ray,不启用kcp" && return + [ -z "$ss_kcp_mtu" ] && ss_kcp_mtu="1350" + [ -z "$ss_kcp_sndwnd" ] && ss_kcp_sndwnd="128" + [ -z "$ss_kcp_rcvwnd" ] && ss_kcp_rcvwnd="1024" + [ -z "$ss_kcp_conn" ] && ss_kcp_conn="1" + [ -z "$ss_kcp_compon" ] && ss_kcp_compon="1" + daemon ${mbroot}/apps/${appname}/bin/kcptun \ + --localaddr=127.0.0.1:11183 \ + --remoteaddr=$ss_kcp_node:$ss_kcp_port \ + --key=$ss_kcp_password \ + --crypt=$ss_kcp_crypt \ + --mode=$ss_kcp_mode \ + --mtu=$ss_kcp_mtu \ + --sndwnd=$ss_kcp_sndwnd \ + --rcvwnd=$ss_kcp_rcvwnd \ + --conn=$ss_kcp_conn \ + --nocomp=$ss_kcp_nocomp \ + --dscp=$ss_kcp_dscp \ + --sockbuf=$ss_kcp_sockbuf \ + --smuxbuf=$ss_kcp_smuxbuf \ + --log=${mbroot}/var/log/kcptun.log \ + $ss_kcp_config + [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 + kcp_started=1 + fi } detect_status() { - [ ! -s ${mbroot}/apps/${appname}/config/ssserver.conf -a ! -s ${mbroot}/apps/${appname}/config/ssserver_online.conf ] && logsh "【$service】" "没有添加ss服务器!" && exit - result=$(ps | grep -E 'ss-redir|ssr-redir' | grep -v grep | wc -l) - if [ "$result" != '0' ];then - logsh "【$service】" "SS已经在运行!" - exit - fi + [ ! -s ${mbroot}/apps/${appname}/config/ssserver.conf -a ! -s ${mbroot}/apps/${appname}/config/ssserver_online.conf ] && logsh "【$service】" "没有添加ss服务器!" && exit + result=$(ps | grep -E 'ss-redir|ssr-redir' | grep -v grep | wc -l) + if [ "$result" != '0' ];then + logsh "【$service】" "SS已经在运行!" + exit + fi } write_cron_job() { - cru a "${appname}"_rule "20 5 * * * ${mbroot}/apps/${appname}/scripts/ss_rule_update.sh" - cru a "${appname}"_online "0 */6 * * * ${mbroot}/apps/${appname}/scripts/ss_online_update.sh" - cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" + cru a "${appname}"_rule "20 5 * * * ${mbroot}/apps/${appname}/scripts/ss_rule_update.sh" + cru a "${appname}"_online "0 */6 * * * ${mbroot}/apps/${appname}/scripts/ss_online_update.sh" + cru a "${appname}" "0 6 * * * ${mbroot}/apps/${appname}/scripts/${appname}.sh restart" } remote_cron_job() { - cru d "${appname}"_rule - cru d "${appname}"_online - cru d "${appname}" + cru d "${appname}"_rule + cru d "${appname}"_online + cru d "${appname}" } start_haveged () { - # 启动haveged用于生成随机数 - [ -x ${mbroot}/apps/${appname}/bin/haveged ] && ${mbroot}/apps/${appname}/bin/haveged -w 1024 &> /dev/null + # 启动haveged用于生成随机数 + [ -x ${mbroot}/apps/${appname}/bin/haveged ] && ${mbroot}/apps/${appname}/bin/haveged -w 1024 &> /dev/null } start_main_process() { - if [ "$proxy_type" = "v2ray" ]; then - logsh "【$service】" "启动代理为v2ray,测试配置文件" - # rm -rf ${mbroot}/bin/v2ray ${mbroot}/bin/v2ctl - # ln -s ${mbroot}/apps/${appname}/bin/v2ray ${mbroot}/bin/v2ray - # ln -s ${mbroot}/apps/${appname}/bin/v2ctl ${mbroot}/bin/v2ctl - killall -9 v2ray &> /dev/null - cd ${mbroot}/bin - result=$(${mbroot}/apps/${appname}/bin/v2ray -test -config="${mbroot}/apps/${appname}/config/v2ray.json" | grep "Configuration OK.") - [ -z "$result" ] && logsh "【$service】" "配置文件测试失败!" && exit 1 - logsh "【$service】" "启动v2ray主进程($id)..." - [ -z "$ss_mode" ] && logsh "【$service】" "未配置${appname}运行模式!" && exit 1 - daemon ${mbroot}/apps/${appname}/bin/v2ray -config="${mbroot}/apps/${appname}/config/v2ray.json" - [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 - else - logsh "【$service】" "启动ss主进程($id)..." - [ -z "$ss_mode" ] && logsh "【$service】" "未配置${appname}运行模式!" && exit 1 - killall ss-redir &> /dev/null - killall ssr-redir &> /dev/null - daemon $APPPATH -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ss.conf - [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 - fi + if [ "$proxy_type" = "v2ray" ]; then + logsh "【$service】" "启动代理为v2ray,测试配置文件" + # rm -rf ${mbroot}/bin/v2ray ${mbroot}/bin/v2ctl + # ln -s ${mbroot}/apps/${appname}/bin/v2ray ${mbroot}/bin/v2ray + # ln -s ${mbroot}/apps/${appname}/bin/v2ctl ${mbroot}/bin/v2ctl + killall -9 v2ray &> /dev/null + cd ${mbroot}/bin + result=$(${mbroot}/apps/${appname}/bin/v2ray -test -config="${mbroot}/apps/${appname}/config/v2ray.json" | grep "Configuration OK.") + [ -z "$result" ] && logsh "【$service】" "配置文件测试失败!" && exit 1 + logsh "【$service】" "启动v2ray主进程($id)..." + [ -z "$ss_mode" ] && logsh "【$service】" "未配置${appname}运行模式!" && exit 1 + daemon ${mbroot}/apps/${appname}/bin/v2ray -config="${mbroot}/apps/${appname}/config/v2ray.json" + [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 + else + logsh "【$service】" "启动ss主进程($id)..." + [ -z "$ss_mode" ] && logsh "【$service】" "未配置${appname}运行模式!" && exit 1 + killall ss-redir &> /dev/null + killall ssr-redir &> /dev/null + daemon $APPPATH -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ss.conf + [ $? -ne 0 ] && logsh "【$service】" "启动失败!" && exit 1 + fi } start_game_process() { - if [ "$ssgena" == 1 ]; then - if [ "$proxy_type_game" = "v2ray" ]; then - logsh "【$service】" "游戏加速使用v2ray代理模式!" - [ -z "$ssg_mode" ] && logsh "【$service】" "未配置游戏进程运行模式!" && exit 1 - ssg_port=1081 - else - logsh "【$service】" "启动ss游戏进程($ssgid)..." - [ -z "$ssg_mode" ] && logsh "【$service】" "未配置${appname}游戏运行模式!" && exit 1 - if [ "$ssgid" != "$id" ]; then - daemon ${mbroot}/apps/${appname}/bin/ssg-redir -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ssg.conf - if [ $? -ne 0 ]; then - logsh "【$service】" "启动失败!" - exit 1 - fi - ssg_port=1085 - else - ssg_port=1081 - fi + if [ "$ssgena" == 1 ]; then + if [ "$proxy_type_game" = "v2ray" ]; then + logsh "【$service】" "游戏加速使用v2ray代理模式!" + [ -z "$ssg_mode" ] && logsh "【$service】" "未配置游戏进程运行模式!" && exit 1 + ssg_port=1081 + else + logsh "【$service】" "启动ss游戏进程($ssgid)..." + [ -z "$ssg_mode" ] && logsh "【$service】" "未配置${appname}游戏运行模式!" && exit 1 + if [ "$ssgid" != "$id" ]; then + daemon ${mbroot}/apps/${appname}/bin/ssg-redir -b 0.0.0.0 -u -c ${mbroot}/apps/${appname}/config/ssg.conf + if [ $? -ne 0 ]; then + logsh "【$service】" "启动失败!" + exit 1 fi + ssg_port=1085 + else + ssg_port=1081 + fi fi + fi } flush_ss_rules() { - logsh "【$service】" "清除iptables规则..." - eval `iptables -t nat -S | grep SHADOWSOCK | sed -e "s/-A/iptables -t nat -D/" | sed -e 's/$/;/g'` &> /dev/null - ip rule del fwmark 0x01/0x01 table 300 &> /dev/null - ip route del local 0.0.0.0/0 dev lo table 300 &> /dev/null - iptables -t mangle -D PREROUTING -p udp -j SHADOWSOCKS &> /dev/null - iptables -t nat -D PREROUTING -p tcp -j SHADOWSOCKS &> /dev/null - iptables -t mangle -F SHADOWSOCKS &> /dev/null - iptables -t mangle -X SHADOWSOCKS &> /dev/null - iptables -t mangle -F SHADOWSOCK &> /dev/null - iptables -t mangle -X SHADOWSOCK &> /dev/null - iptables -t nat -F SHADOWSOCK &> /dev/null - iptables -t nat -X SHADOWSOCK &> /dev/null - iptables -t nat -F SHADOWSOCKS &> /dev/null - iptables -t nat -X SHADOWSOCKS &> /dev/null - iptables -t nat -D PREROUTING -s $lanip/24 -p udp --dport 53 -j DNAT --to $dns_red_ip > /dev/null 2>&1 - eval `iptables -t nat -S | grep "${appname}"-dns | head -1 | sed -e "s/-A/iptables -t nat -D/"` &> /dev/null - iptables -t nat -D OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081 &> /dev/null - chmod +x /opt/filetunnel/stunserver > /dev/null 2>&1 - ipset destroy nogfwnet &> /dev/null - ipset destroy gfwlist &> /dev/null - ipset destroy customize_black &> /dev/null - ipset destroy customize_white &> /dev/null - ipset destroy router &> /dev/null - rm -rf ${mbroot}/apps/${appname}/config/ss.conf - rm -rf ${mbroot}/apps/${appname}/config/dns2socks.conf - rm -rf ${mbroot}/apps/${appname}/config/ssg.conf - rm -rf ${mbroot}/apps/${appname}/bin/ssg-redir - rm -rf ${mbtmp}/wblist.conf - rm -rf ${mbtmp}/gfwlist.conf - rm -rf ${mbtmp}/sscdn.conf - rm -rf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf > /dev/null 2>&1 - rm -rf /tmp/etc/dnsmasq.d/wblist.conf > /dev/null 2>&1 - rm -rf /tmp/etc/dnsmasq.d/cdn.conf &> /dev/null - # rm -rf ${mbroot}/bin/v2ray &> /dev/null - # rm -rf ${mbroot}/bin/v2ctl &> /dev/null - /etc/init.d/dnsmasq restart - sleep 1 + logsh "【$service】" "清除iptables规则..." + eval `iptables -t nat -S | grep SHADOWSOCK | sed -e "s/-A/iptables -t nat -D/" | sed -e 's/$/;/g'` &> /dev/null + ip rule del fwmark 0x01/0x01 table 300 &> /dev/null + ip route del local 0.0.0.0/0 dev lo table 300 &> /dev/null + iptables -t mangle -D PREROUTING -p udp -j SHADOWSOCKS &> /dev/null + iptables -t nat -D PREROUTING -p tcp -j SHADOWSOCKS &> /dev/null + iptables -t mangle -F SHADOWSOCKS &> /dev/null + iptables -t mangle -X SHADOWSOCKS &> /dev/null + iptables -t mangle -F SHADOWSOCK &> /dev/null + iptables -t mangle -X SHADOWSOCK &> /dev/null + iptables -t nat -F SHADOWSOCK &> /dev/null + iptables -t nat -X SHADOWSOCK &> /dev/null + iptables -t nat -F SHADOWSOCKS &> /dev/null + iptables -t nat -X SHADOWSOCKS &> /dev/null + iptables -t nat -D PREROUTING -s $lanip/24 -p udp --dport 53 -j DNAT --to $dns_red_ip > /dev/null 2>&1 + eval `iptables -t nat -S | grep "${appname}"-dns | head -1 | sed -e "s/-A/iptables -t nat -D/"` &> /dev/null + iptables -t nat -D OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 1081 &> /dev/null + chmod +x /opt/filetunnel/stunserver > /dev/null 2>&1 + ipset destroy nogfwnet &> /dev/null + ipset destroy gfwlist &> /dev/null + ipset destroy customize_black &> /dev/null + ipset destroy customize_white &> /dev/null + ipset destroy router &> /dev/null + rm -rf ${mbroot}/apps/${appname}/config/ss.conf + rm -rf ${mbroot}/apps/${appname}/config/dns2socks.conf + rm -rf ${mbroot}/apps/${appname}/config/ssg.conf + rm -rf ${mbroot}/apps/${appname}/bin/ssg-redir + rm -rf ${mbtmp}/wblist.conf + rm -rf ${mbtmp}/gfwlist.conf + rm -rf ${mbtmp}/sscdn.conf + rm -rf /tmp/etc/dnsmasq.d/gfwlist_ipset.conf > /dev/null 2>&1 + rm -rf /tmp/etc/dnsmasq.d/wblist.conf > /dev/null 2>&1 + rm -rf /tmp/etc/dnsmasq.d/cdn.conf &> /dev/null + # rm -rf ${mbroot}/bin/v2ray &> /dev/null + # rm -rf ${mbroot}/bin/v2ctl &> /dev/null + /etc/init.d/dnsmasq restart + sleep 1 } # detect_process () { -# sleep 1 -# [ -n "$(pssh | grep dns2socks)" ] && local dns_process=1 -# if [ "$proxy_type" = "v2ray" ]; then -# [ -n "$(pssh | grep v2ray)" ] && local v2ray_process=1 -# [ -z "$dns_process" -o -z "$v2ray_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log" -# else -# [ -n "$(pssh | grep ss-redir)" ] && local ssredir_process=1 -# [ -n "$(pssh | grep ss-local)" ] && local sslocal_process=1 -# [ -z "$dns_process" -o -z "$ssredir_process" -o -z "$sslocal_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log" -# fi +# sleep 1 +# [ -n "$(pssh | grep dns2socks)" ] && local dns_process=1 +# if [ "$proxy_type" = "v2ray" ]; then +# [ -n "$(pssh | grep v2ray)" ] && local v2ray_process=1 +# [ -z "$dns_process" -o -z "$v2ray_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log" +# else +# [ -n "$(pssh | grep ss-redir)" ] && local ssredir_process=1 +# [ -n "$(pssh | grep ss-local)" ] && local sslocal_process=1 +# [ -z "$dns_process" -o -z "$ssredir_process" -o -z "$sslocal_process" ] && logsh "【$service】" "进程启动异常,请尝试重新启动或查看日志${mbroot}/var/log/${appname}.log" +# fi # } start() { - insmod ipt_REDIRECT 2>/dev/null + insmod ipt_REDIRECT 2>/dev/null - detect_status + detect_status - start_kcp + start_kcp - get_config + get_config - start_haveged + start_haveged - sleep 1 + sleep 1 - start_main_process + start_main_process - start_game_process + start_game_process - # [ "$smartdns" = '1' ] && ipset_rules_smartdns || ipset_rules - ipset_rules + # [ "$smartdns" = '1' ] && ipset_rules_smartdns || ipset_rules + ipset_rules - load_nat + load_nat - # [ "$smartdns" != '1' ] && dnsconfig - dnsconfig + # [ "$smartdns" != '1' ] && dnsconfig + dnsconfig - #添加定时更新规则 - write_cron_job + #添加定时更新规则 + write_cron_job - write_firewall_start + write_firewall_start - /etc/init.d/dnsmasq restart + /etc/init.d/dnsmasq restart - logsh "【$service】" "启动${appname}服务完成,启动失败可查看日志或多次重试!" + logsh "【$service】" "启动${appname}服务完成,启动失败可查看日志或多次重试!" - # detect_process + # detect_process } stop() { - - logsh "【$service】" "关闭ss主进程..." - killall -9 ss-redir &> /dev/null - killall -9 ssr-redir &> /dev/null - killall -9 ssg-redir &> /dev/null - killall -9 ss-local &> /dev/null - killall -9 ssr-local &> /dev/null - killall -9 dns2socks &> /dev/null - killall -9 v2ray &> /dev/null - killall -9 haveged &> /dev/null - killall -9 kcptun &> /dev/null - #删除定时规则 - remove_firewall_start - remote_cron_job - #ps | grep dns2socks | grep -v grep | xargs kill -9 > /dev/null 2>&1 - flush_ss_rules + + logsh "【$service】" "关闭ss主进程..." + killall -9 ss-redir &> /dev/null + killall -9 ssr-redir &> /dev/null + killall -9 ssg-redir &> /dev/null + killall -9 ss-local &> /dev/null + killall -9 ssr-local &> /dev/null + killall -9 dns2socks &> /dev/null + killall -9 v2ray &> /dev/null + killall -9 haveged &> /dev/null + killall -9 kcptun &> /dev/null + #删除定时规则 + remove_firewall_start + remote_cron_job + #ps | grep dns2socks | grep -v grep | xargs kill -9 > /dev/null 2>&1 + flush_ss_rules } status() { - result1=$(pssh | grep -v status | grep -c "${appname}") - #http_status=`curl -s -w %{http_code} https://www.google.com.hk/images/branding/googlelogo/1x/googlelogo_color_116x41dp.png -k -o /dev/null --socks5 127.0.0.1:1082` - #if [ "$result" == '0' ] || [ "$http_status" != "200" ]; then - result2=$(iptables -t nat -S | grep SHADOWSOCK) - process_count=3 - [ "$ssgena" == '1' ] && ssgflag=", 游戏节点: $ssgid($ssg_mode)" - if [ "$kcp_enable" == '1' ]; then - ssgflag="$ssgflag, kcptun($ss_kcp_node):" - let "process_count++" + result1=$(pssh | grep -v status | grep -c "${appname}") + #http_status=`curl -s -w %{http_code} https://www.google.com.hk/images/branding/googlelogo/1x/googlelogo_color_116x41dp.png -k -o /dev/null --socks5 127.0.0.1:1082` + #if [ "$result" == '0' ] || [ "$http_status" != "200" ]; then + result2=$(iptables -t nat -S | grep SHADOWSOCK) + process_count=3 + [ "$ssgena" == '1' ] && ssgflag=", 游戏节点: $ssgid($ssg_mode)" + if [ "$kcp_enable" == '1' ]; then + ssgflag="$ssgflag, kcptun($ss_kcp_node):" + let "process_count++" [ "$(pssh | grep -c kcptun)" -eq 1 ] && ssgflag="$ssgflag 运行中" || ssgflag="$ssgflag 未运行" - fi + fi - if [ "$proxy_type" == "v2ray" ]; then - let "process_count--" - fi + if [ "$proxy_type" == "v2ray" ]; then + let "process_count--" + fi - if [ "$result1" -ge $process_count ]; then - if [ -n "$result2" ]; then - status="运行节点: $id($ss_mode)$ssgflag|1" - else - status="ss链路异常,可以尝试重启服务!|0" - fi + if [ "$result1" -ge $process_count ]; then + if [ -n "$result2" ]; then + status="运行节点: $id($ss_mode)$ssgflag|1" else - status="未运行|0" + status="ss链路异常,可以尝试重启服务!|0" fi - mbdb set $appname.main.status="$status" + else + status="未运行|0" + fi + mbdb set $appname.main.status="$status" } case "$1" in - start) start ;; - stop) stop ;; - restart) stop; start ;; - reload) stop; start ;; - status) status ;; + start) start ;; + stop) stop ;; + restart) stop; start ;; + reload) stop; start ;; + status) status ;; esac diff --git a/install.sh b/install.sh index dc626fc..353be8b 100644 --- a/install.sh +++ b/install.sh @@ -17,7 +17,7 @@ logsh "【Tools】" "请按任意键安装工具箱(Ctrl + C 退出)." read answer #check root # [ "$USER" != "root" ] && logsh "【Tools】" "请使用root用户安装工具箱!" && exit 1 -mburl="https://gitee.com/monlor/mbfiles/raw/master" +mburl="https://gitee.com/monlor/mbfiles/raw/master" mbtmp="/tmp/mbtmp" [ ! -d "${mbtmp}" ] && mkdir -p ${mbtmp} model=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]') @@ -66,12 +66,12 @@ chmod -R +x ${mbroot}/* if uname -v | grep "Ubuntu" &> /dev/null; then logsh "【Tools】" "正在切换默认Shell为bash,请输入no!" dpkg-reconfigure dash -fi +fi logsh "【Tools】" "初始化工具箱配置信息..." mkdir ${mbroot}/mbdb mkdir ${mbroot}/var -mkdir ${mbroot}/var/log +mkdir ${mbroot}/var/log mkdir ${mbroot}/var/run touch ${mbroot}/config/applist.txt #初始化插件列表 cat ${mbroot}/config/mixbox.uci| while read line; do diff --git a/temp/known_hosts b/temp/known_hosts new file mode 100644 index 0000000..43a2fe8 --- /dev/null +++ b/temp/known_hosts @@ -0,0 +1,6 @@ +# gitee.com:22 SSH-2.0-Basalt-3.0.0 +gitee.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMuEoYdx6to5oxR60IWj8uoe1aI0X1fKOHWOtLqTg1tsLT1iFwXV5JmFjU46EzeMBV/6EmI1uaRI6HiEPtPtJHE= +# gitee.com:22 SSH-2.0-Basalt-1.2.12 +gitee.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMzG3r+88lWSDK9fyjcZmYsWGDBDmGoAasKMAmjoFloGt9HRQX2Qp4f9FY2XK/hsHYinvoh5Xytl9iaUNUWMfYR8q6VEMtOO87DgoAFcfKZHt0/nbAg9RoNTKYt6v8tPwYpr7N0JP/01nE4LFsNDnstr6H0bXSAzbKWCETLZfdPV4l2uSpRn3bU0ugoZ0aSKz5Dc/IloBfGCTvkSsxUydMRd/Chpjt6VxncDbp+Fa6pzsseK8OQzrg6Fgc5783EN3EQqZ2skqyCwExtx95BJlfx1B3luZnWfpkwNDnrZRT/Qx0OrWqyf0q6f9uQr+UG1S8qDcUn3e/9onq3rwBri8/ +# gitee.com:22 SSH-2.0-Basalt-3.0.0 +gitee.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKxHSJ7084RmkJ4YdEi5tngynE8aZe2uEoVVsB/OvYN \ No newline at end of file diff --git a/tools/newapp.sh b/tools/newapp.sh index 6c48838..bbd3e5e 100755 --- a/tools/newapp.sh +++ b/tools/newapp.sh @@ -28,20 +28,20 @@ cat > ${appname}/config/mixbox.conf < /dev/null + logsh "【\$service】" "正在停止\${appname}服务... " + [ "\$enable" == '0' ] && destroy + # close_port + # remove_firewall_start + killall -9 \${appname} &> /dev/null } destroy() { - - # End app, Scripts here - # cru d "\${appname}" - return + + # End app, Scripts here + # cru d "\${appname}" + return } end() { - mbdb set \${appname}.main.enable=0 - stop && exit 1 + mbdb set \${appname}.main.enable=0 + stop && exit 1 } status() { - if [ -n "\$(pidof \${appname})" ]; then - status="运行中|1" - else - status="未运行|0" - fi - mbdb set \${appname}.main.status="\$status" + if [ -n "\$(pidof \${appname})" ]; then + status="运行中|1" + else + status="未运行|0" + fi + mbdb set \${appname}.main.status="\$status" } case "\$1" in - start) start ;; - stop) stop ;; - restart) stop; start ;; - reload) close_port && open_port ;; - status) status ;; + start) start ;; + stop) stop ;; + restart) stop; start ;; + reload) close_port && open_port ;; + status) status ;; esac EOF