diff --git a/scripts/clash.service b/scripts/clash.service deleted file mode 100644 index 32bc66c..0000000 --- a/scripts/clash.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=clash -After=network.target - -[Service] -Type=simple -User=root -ExecStartPre=/etc/clash/start.sh bfstart -ExecStart=/etc/clash/clash -d /etc/clash >/dev/null -ExecStartPost=/etc/clash/start.sh afstart -Restart=on-failure -RestartSec=3s -LimitNOFILE=999999 - - -[Install] -WantedBy=multi-user.target diff --git a/scripts/clashservice b/scripts/clashservice deleted file mode 100644 index 51e4d4d..0000000 --- a/scripts/clashservice +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=99 - -SERVICE_DAEMONIZE=1 -SERVICE_WRITE_PID=1 -USE_PROCD=1 -#获取目录 -DIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}') -[ -z "$DIR" ] && DIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}') -BINDIR=$(cat $DIR/configs/ShellCrash.cfg | grep bindir | awk -F "=" '{print $2}') -[ -z "$BINDIR" ] && BINDIR=$DIR - -start_service() { - #检测必须文件 - $DIR/start.sh bfstart - if [ "$?" = "0" ];then - #使用procd创建clash后台进程 - procd_open_instance - procd_set_param respawn - procd_set_param stderr 0 - procd_set_param stdout 0 - procd_set_param command $BINDIR/clash -d $BINDIR - procd_close_instance - #其他设置 - $DIR/start.sh afstart - fi -} - -start() { - if [ -z "$(pidof procd)" ];then - #检测必须文件 - $DIR/start.sh bfstart - if [ "$?" = "0" ];then - #创建后台进程 - service_start $BINDIR/clash -d $BINDIR - #其他设置 - $DIR/start.sh afstart - #设置守护进程 - $DIR/start.sh daemon - fi - else - start_service - fi -} diff --git a/scripts/getdate.sh b/scripts/getdate.sh index b83e46b..1345213 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -548,7 +548,7 @@ override(){ case "$num" in 1) source $CFG_PATH - if [ -n "$(pidof clash)" ];then + if [ -n "$(pidof CrashCore)" ];then echo ----------------------------------------------- echo -e "\033[33m检测到服务正在运行,需要先停止服务!\033[0m" read -p "是否停止服务?(1/0) > " res @@ -807,11 +807,61 @@ setcpucore(){ setconfig cpucore $cpucore fi } +setcoretype(){ + [ "$crashcore" = singbox ] && core_old=singbox || core_old=clash + echo -e "\033[33m请确认该自定义内核的类型:\033[0m" + echo -e " 1 Clash基础内核" + echo -e " 2 Clash-Premium内核" + echo -e " 3 Clash-Meta内核" + echo -e " 4 Sing-Box内核" + read -p "请输入对应数字 > " num + case "$num" in + 2) crashcore=clashpre ;; + 3) crashcore=meta ;; + 4) crashcore=singbox ;; + *) crashcore=clash ;; + esac + [ "$crashcore" = singbox ] && core_new=singbox || core_new=clash +} +switch_core(){ + #singbox和clash内核切换时提示是否保留文件 + [ "$core_new" != "$core_old" ] && { + echo -e "\033[33m已从$core_old内核切换至$core_new内核\033[0m" + echo -e "\033[33m二者Geo数据库及yaml/json配置文件不通用\033[0m" + read -p "是否保留相关数据库文件?(1/0) > " res + [ "$res" = '0' ] && [ "$core_old" = "clash" ] && { + rm -rf $CRASHDIR/Country.mmdb + rm -rf $CRASHDIR/GeoSite.dat + setconfig Country_v + setconfig cn_mini_v + setconfig geosite_v + } + [ "$res" = '0' ] && [ "$core_old" = "singbox" ] && { + rm -rf $CRASHDIR/geoip.db + rm -rf $CRASHDIR/geosite.db + setconfig geoip_cn_v + setconfig geosite_cn_v + } + read -p "是否保留$core_old相关配置文件?(1/0) > " res + [ "$res" = '0' ] && [ "$core_old" = "clash" ] && rm -rf $CRASHDIR/yamls + [ "$res" = '0' ] && [ "$core_old" = "singbox" ] && rm -rf $CRASHDIR/jsons + } + if [ "$crashcore" = singbox ];then + COMMAND="$bindir/CrashCore run -D $bindir -c $TMPDIR/config.json >/dev/null" + COMMAND_T="$bindir/CrashCore check -D $bindir -c $TMPDIR/config.json" + else + COMMAND="$bindir/CrashCore -d $bindir -f $TMPDIR/config.yaml >/dev/null" + COMMAND_T="$bindir/CrashCore -t -d $bindir -f $TMPDIR/config.yaml" + fi + setconfig COMMAND $COMMAND $CRASHDIR/configs/service.env + setconfig COMMAND_T $COMMAND_T $CRASHDIR/configs/service.env +} getcore(){ [ -z "$crashcore" ] && crashcore=clashpre [ -z "$cpucore" ] && getcpucore + [ "$crashcore" = singbox ] && core_new=singbox || core_new=clash #生成链接 - [ -z "$custcorelink" ] && corelink="$update_url/bin/$crashcore/clash-linux-$cpucore" || corelink="$custcorelink" + [ -z "$custcorelink" ] && corelink="${update_url}/bin/${crashcore}/${core_new}-linux-${cpucore}" || corelink="$custcorelink" #获取在线内核文件 echo ----------------------------------------------- echo 正在在线获取$crashcore核心文件…… @@ -820,9 +870,10 @@ getcore(){ echo -e "\033[31m核心文件下载失败!\033[0m" rm -rf $TMPDIR/core.new [ -z "$custcorelink" ] && error_down - else= + else chmod +x $TMPDIR/core.new $CRASHDIR/start.sh stop + [ "$crashcore" = unknow ] && setcoretype if [ "$crashcore" = singbox ];then core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}') else @@ -837,6 +888,8 @@ getcore(){ mv -f $TMPDIR/core.new $bindir/CrashCore chmod +x $bindir/CrashCore setconfig crashcore $crashcore + setconfig core_v $core_v + switch_core fi fi } @@ -876,7 +929,7 @@ setcustcore(){ 4) read -p "请输入自定义内核的链接地址(必须是二进制文件) > " link [ -n "$link" ] && custcorelink="$link" - crashcore=meta + crashcore=unknow getcore ;; *) @@ -887,11 +940,13 @@ setcustcore(){ } setcore(){ #获取核心及版本信息 + [ -z "$crashcore" ] && crashcore="unknow" [ ! -f $CRASHDIR/CrashCore ] && crashcore="未安装核心" + [ "$crashcore" = singbox ] && core_old=singbox || core_old=clash ### echo ----------------------------------------------- [ -z "$cpucore" ] && getcpucore - echo -e "当前clash核心:\033[42;30m $crashcore \033[47;30m$clashv\033[0m" + echo -e "当前内核:\033[42;30m $crashcore \033[47;30m$core_v\033[0m" echo -e "当前系统处理器架构:\033[32m $cpucore \033[0m" echo -e "\033[33m请选择需要使用的核心版本!\033[0m" echo ----------------------------------------------- @@ -943,9 +998,11 @@ setcore(){ } getgeo(){ + #生成链接 + [ -z "$custcorelink" ] && geolink="$update_url/bin/geodata/$geotype" || geolink="$custcorelink" echo ----------------------------------------------- echo 正在从服务器获取数据库文件………… - $CRASHDIR/start.sh webget $TMPDIR/$geoname $update_url/bin/geodata/$geotype + $CRASHDIR/start.sh webget $TMPDIR/$geoname $geolink if [ "$?" = "1" ];then echo ----------------------------------------------- echo -e "\033[31m文件下载失败!\033[0m" @@ -964,19 +1021,110 @@ getgeo(){ fi sleep 1 } +setcustgeo(){ + checkcustgeo(){ + echo -e "\033[32m正在查找可更新的数据库文件!\033[0m" + $CRASHDIR/start.sh webget $TMPDIR/github_api https://api.github.com/repos/$project/releases/latest + cat $TMPDIR/github_api | grep "browser_download_url" | grep -oiE 'geosite.*\.dat"$|country.*\.mmdb"$|geosite.*\.db"$|geoip.*\.db"$' | sed 's/"//' > $TMPDIR/github_api + if [ -s $TMPDIR/github_api ];then + echo ----------------------------------------------- + cat $TMPDIR/github_api | awk '{print " "NR" "$3,$2,$4}' + echo -e "0 返回上级菜单" + echo ----------------------------------------------- + read -p "请输入对应数字 > " num + case "$num" in + 0) + ;; + [1-99]) + if [ "$num" -le "$(wc -l $TMPDIR/github_api)" ];then + geotype=$(sed -n "$num"p $TMPDIR/github_api) + [ -n "$(echo $geo_api | grep -oiE 'GeoSite.*dat')" ] && geoname=GeoSite.dat + [ -n "$(echo $geo_api | grep -oiE 'Country.*mmdb')" ] && geoname=Country.mmdb + [ -n "$(echo $geo_api | grep -oiE 'geosite.*db')" ] && geoname=geosite.db + [ -n "$(echo $geo_api | grep -oiE 'geoip.*db')" ] && geoname=geoip.db + custgeolink=https://raw.githubusercontent.com/$project/release/$geotype + getgeo + else + errornum + fi + ;; + *) + errornum + ;; + esac + rm -rf $TMPDIR/github_api + else + echo -e "\033[31m查找失败,请检查网络连接!\033[0m" + sleep 1 + fi + } + echo ----------------------------------------------- + echo -e "\033[36m自定义数据库需要调用第三方地址,请尽量在服务启动后更新!\033[0m" + echo -e "\033[36m自定义数据库不兼容小闪存模式,也不支持自动更新!\033[0m" + echo -e "\033[33m继续后如出现任何问题,请务必自行解决,一切提问恕不受理!\033[0m" + echo ----------------------------------------------- + sleep 1 + read -p "我确认遇到问题可以自行解决[1/0] > " res + [ "$res" = '1' ] && { + echo -e "\033[33m此处数据库均源自互联网采集,此处致谢各位作者!\033[0m" + echo -e "\033[33m请点击或复制链接前往项目页面查看具体说明!\033[0m" + echo -e "\033[33m请选择需要更新的数据库项目来源!\033[0m" + echo ----------------------------------------------- + echo -e "1 \033[36;4mhttps://github.com/MetaCubeX/meta-rules-dat\033[0m (Clash及SingBox)" + echo -e "2 \033[36;4mhttps://github.com/DustinWin/clash-geosite\033[0m (Clash及SingBox)" + echo -e "3 \033[36;4mhttps://github.com/lyc8503/sing-box-rules\033[0m (仅限SingBox)" + echo -e "4 \033[36;4mhttps://github.com/Loyalsoldier/geoip\033[0m (仅限Clash-GeoIP)" + echo ----------------------------------------------- + echo -e "9 \033[33m 自定义数据库链接 \033[0m" + echo -e "0 返回上级菜单" + read -p "请输入对应数字 > " num + case "$num" in + 0) + ;; + 1) + project=MetaCubeX/meta-rules-dat + checkcustgeo + ;; + 2) + project=DustinWin/clash-geosite + checkcustgeo + ;; + 3) + project=lyc8503/sing-box-rules + checkcustgeo + ;; + 4) + project=Loyalsoldier/geoip + checkcustgeo + ;; + 9) + read -p "请输入自定义数据库的链接地址 > " link + [ -n "$link" ] && custgeolink="$link" + getgeo + ;; + *) + errornum + ;; + esac + } +} setgeo(){ source $CFG_PATH > /dev/null [ -n "$cn_mini.mmdb_v" ] && geo_type_des=精简版 || geo_type_des=全球版 echo ----------------------------------------------- - echo -e "\033[36m请选择需要更新的GeoIP/CN_IP数据库:\033[0m" + echo -e "\033[36m请选择需要更新的Geo/CN数据库文件:\033[0m" echo -e "\033[36m全球版GeoIP和精简版CN-IP数据库不共存\033[0m" + echo -e "\033[36mClash内核和SingBox内核的数据库文件不通用\033[0m" echo -e "在线数据库最新版本:\033[32m$GeoIP_v\033[0m" echo ----------------------------------------------- - echo -e " 1 全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m" - echo -e " 2 精简版CN-IP数据库(约0.2mb) \033[33m$cn_mini_v\033[0m" - echo -e " 3 CN-IP绕过文件(约0.2mb) \033[33m$china_ip_list_v\033[0m" - echo -e " 4 CN-IPV6绕过文件(约50kb) \033[33m$china_ipv6_list_v\033[0m" - echo -e " 5 GeoSite数据库(约4.5mb) \033[33m$geosite_v\033[0m" + echo -e " 1 CN-IP绕过文件(约0.1mb) \033[33m$china_ip_list_v\033[0m" + echo -e " 2 CN-IPV6绕过文件(约30kb) \033[33m$china_ipv6_list_v\033[0m" + echo -e " 3 Clash全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m" + echo -e " 4 Clash精简版GeoIP_cn数据库(约0.1mb) \033[33m$cn_mini_v\033[0m" + echo -e " 5 Meta完整版GeoSite数据库(约5mb) \033[33m$geosite_v\033[0m" + echo -e " 6 SingBox精简版GeoIP_cn数据库(约0.3mb) \033[33m$Country_v\033[0m" + echo -e " 7 SingBox精简版GeoSite数据库(约0.8mb) \033[33m$cn_mini_v\033[0m" + echo -e " 9 \033[32m自定义数据库\033[0m: \033[33m仅限专业用户使用\033[0m" echo " 0 返回上级菜单" echo ----------------------------------------------- read -p "请输入对应数字 > " num @@ -984,18 +1132,6 @@ setgeo(){ 0) ;; 1) - geotype=Country.mmdb - geoname=Country.mmdb - getgeo - setgeo - ;; - 2) - geotype=cn_mini.mmdb - geoname=Country.mmdb - getgeo - setgeo - ;; - 3) if [ "$cn_ip_route" = "已开启" ]; then geotype=china_ip_list.txt geoname=cn_ip.txt @@ -1007,7 +1143,7 @@ setgeo(){ fi setgeo ;; - 4) + 2) if [ "$cn_ipv6_route" = "已开启" -a "$ipv6_redir" = "已开启" ]; then geotype=china_ipv6_list.txt geoname=cn_ipv6.txt @@ -1019,6 +1155,30 @@ setgeo(){ fi setgeo ;; + 3) + if [ "$crashcore" != "singbox" ]; then + geotype=Country.mmdb + geoname=Country.mmdb + getgeo + else + echo ----------------------------------------------- + echo -e "\033[31m当前未使用clash内核,无需使用此数据库!!\033[0m" + sleep 1 + fi + setgeo + ;; + 4) + if [ "$crashcore" != "singbox" ]; then + geotype=cn_mini.mmdb + geoname=Country.mmdb + getgeo + else + echo ----------------------------------------------- + echo -e "\033[31m当前未使用clash内核,无需使用此数据库!!\033[0m" + sleep 1 + fi + setgeo + ;; 5) if [ "$crashcore" = "meta" ]; then geotype=geosite.dat @@ -1026,11 +1186,38 @@ setgeo(){ getgeo else echo ----------------------------------------------- - echo -e "\033[31m当前未使用meta内核,无需更新GeoSite数据库!!\033[0m" + echo -e "\033[31m当前未使用meta内核,无需使用此数据库!!\033[0m" sleep 1 fi setgeo ;; + 6) + if [ "$crashcore" = "singbox" ]; then + geotype=geoip_cn.db + geoname=geoip.db + getgeo + else + echo ----------------------------------------------- + echo -e "\033[31m当前未使用singbox内核,无需使用此数据库!!\033[0m" + sleep 1 + fi + setgeo + ;; + 7) + if [ "$crashcore" = "singbox" ]; then + geotype=geosite_cn.db + geoname=geosite.db + getgeo + else + echo ----------------------------------------------- + echo -e "\033[31m当前未使用singbox内核,无需使用此数据库!!\033[0m" + sleep 1 + fi + setgeo + ;; + 9) + setcustgeo + ;; *) errornum ;; @@ -1313,8 +1500,7 @@ update(){ echo ----------------------------------------------- echo -ne "\033[32m正在检查更新!\033[0m\r" checkupdate - core_v=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //') - [ -z "$core_v" ] && core_v=$clashv + [ -z "$core_v" ] && core_v=unknow core_v_new=$(eval echo \$${crashcore}_v) echo -e "\033[30;47m欢迎使用更新功能:\033[0m" echo ----------------------------------------------- @@ -1431,7 +1617,7 @@ userguide(){ } #设置开机启动 [ -f /etc/rc.common ] && /etc/init.d/clash enable - ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl enable shellcrash.service > /dev/null 2>&1 rm -rf $CRASHDIR/.dis_startup autostart=enable #检测IP转发 @@ -1598,7 +1784,7 @@ testcommand(){ elif [ "$num" = 4 ]; then if [ -n "$(echo $redir_mod | grep 'Nft')" -o "$local_type" = "nftables增强模式" ];then - nft list table inet shellclash + nft list table inet shellcrash else echo -------------------Redir--------------------- iptables -t nat -L PREROUTING --line-numbers diff --git a/scripts/init.sh b/scripts/init.sh index 58b703f..ba86a60 100644 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -1,7 +1,7 @@ #!/bin/sh # Copyright (C) Juewuy -version=1.8.3d +version=1.8.3e setdir(){ dir_avail(){ @@ -157,17 +157,17 @@ mkdir -p $CRASHDIR/configs #本地安装跳过新手引导 #[ -z "$url" ] && setconfig userguide 1 #判断系统类型写入不同的启动文件 -if [ -f /etc/rc.common ];then +if [ -f /etc/rc.common ] && [ -n "$(pidof procd)" ];then #设为init.d方式启动 - cp -f $CRASHDIR/clashservice /etc/init.d/clash - chmod 755 /etc/init.d/clash + cp -f $CRASHDIR/crash.rc /etc/init.d/shellcrash + chmod 755 /etc/init.d/shellcrash else [ -w /etc/systemd/system ] && sysdir=/etc/systemd/system [ -w /usr/lib/systemd/system ] && sysdir=/usr/lib/systemd/system if [ -n "$sysdir" -a -z "$WSL_DISTRO_NAME" ];then #wsl环境不使用systemd #设为systemd方式启动 - mv -f $CRASHDIR/clash.service $sysdir/clash.service 2>/dev/null - sed -i "s%/etc/clash%$CRASHDIR%g" $sysdir/clash.service + mv -f $CRASHDIR/shellcrash.service $sysdir/shellcrash.service 2>/dev/null + sed -i "s%/etc/ShellCrash%$CRASHDIR%g" $sysdir/shellcrash.service systemctl daemon-reload else #设为保守模式启动 @@ -188,13 +188,13 @@ setconfig versionsh_l $version [ -w /etc/profile ] && profile=/etc/profile if [ -n "$profile" ];then sed -i '/alias crash=*/'d $profile - echo "alias crash=\"$shtype $CRASHDIR/clash.sh\"" >> $profile #设置快捷命令环境变量 + echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >> $profile #设置快捷命令环境变量 sed -i '/export CRASHDIR=*/'d $profile - echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile #设置clash路径环境变量 + echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile #设置路径环境变量 source $profile &>/dev/null || echo 运行错误!请使用bash而不是dash运行安装命令!!! #适配zsh环境变量 [ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && [ -z "$(cat ~/.zshrc 2>/dev/null|grep CRASHDIR)" ] && { - echo "alias crash=\"$shtype $CRASHDIR/clash.sh\"" >> ~/.zshrc + echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >> ~/.zshrc echo "export CRASHDIR=\"$CRASHDIR\"" >> ~/.zshrc source ~/.zshrc &>/dev/null } @@ -231,7 +231,7 @@ fi nvram commit } #删除临时文件 -rm -rf /tmp/*lash*gz +rm -rf /tmp/*rash*gz rm -rf /tmp/SC_tmp #转换&清理旧版本文件 mkdir -p $CRASHDIR/yamls @@ -256,10 +256,14 @@ for file in cron task.sh task.list;do mv -f $CRASHDIR/$file $CRASHDIR/task/$file 2>/dev/null done chmod 755 $CRASHDIR/task/task.sh -for file in log clash.service mark? mark.bak;do +#旧版文件清理 +rm -rf $sysdir/shellcrash.service +for file in log shellcrash.service mark? mark.bak;do rm -rf $CRASHDIR/$file done - +#旧版变量改名 +sed -i "s/clashcore/crashcore/g" $configpath +sed -i "s/ShellClash/ShellCrash/g" $configpath #旧版任务清理 $CRASHDIR/start.sh cronset "clash服务" 2>/dev/null $CRASHDIR/start.sh cronset "订阅链接" 2>/dev/null diff --git a/scripts/clash.sh b/scripts/menu.sh similarity index 98% rename from scripts/clash.sh rename to scripts/menu.sh index d432254..792be0c 100644 --- a/scripts/clash.sh +++ b/scripts/menu.sh @@ -55,7 +55,7 @@ ckstatus(){ if [ -f /etc/rc.common ];then [ -n "$(find /etc/rc.d -name '*clash')" ] && autostart=enable || autostart=disable elif [ -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then - [ -n "$(systemctl is-enabled clash.service 2>&1 | grep enable)" ] && autostart=enable || autostart=disable + [ -n "$(systemctl is-enabled shellcrash.service 2>&1 | grep enable)" ] && autostart=enable || autostart=disable else [ -f $CRASHDIR/.dis_startup ] && autostart=disable || autostart=enable fi @@ -68,7 +68,7 @@ ckstatus(){ auto1="\033[36m允许\033[0mShellCrash开机启动" fi #获取运行状态 - PID=$(pidof clash | awk '{print $NF}') + PID=$(pidof CrashCore | awk '{print $NF}') if [ -n "$PID" ];then run="\033[32m正在运行($redir_mod)\033[0m" VmRSS=`cat /proc/$PID/status|grep -w VmRSS|awk '{print $2,$3}'` @@ -111,17 +111,12 @@ ckstatus(){ echo -e "发现可用的内核文件: \033[36m$file\033[0m " read -p "是否加载?(1/0) > " res [ "$res" = 1 ] && { - echo -e " 1 Clash内核" - echo -e " 2 Clashpre内核" - echo -e " 3 Clash.Meta内核" - read -p "请手动确定该内核类型 > " num - case "$num" in - 2) crashcore=clashpre ;; - 3) crashcore=meta ;; - *) crashcore=clash ;; - esac - mv -f $file $bindir/clash && echo -e "\033[32m内核加载完成!\033[0m " && sleep 1 - setconfig crashcore $crashcore + source $CRASHDIR/getdate.sh && setcoretype && \ + mv -f $file $CRASHDIR/CrashCore && \ + echo -e "\033[32m内核加载完成!\033[0m " && \ + setconfig crashcore $crashcore && \ + switch_core + sleep 1 } else echo -e "\033[33m检测到不可用的内核文件!可能是文件受损或CPU架构不匹配!\033[0m" @@ -180,7 +175,7 @@ clashstart(){ if [ -s $CRASHDIR/yamls/config.yaml -o -n "$Url" -o -n "$Https" ];then $CRASHDIR/start.sh start sleep 1 - [ -n "$(pidof clash)" ] && startover + [ -n "$(pidof CrashCore)" ] && startover else echo -e "\033[31m没有找到配置文件,请先导入配置文件!\033[0m" source $CRASHDIR/getdate.sh && clashlink @@ -903,7 +898,7 @@ macfilter(){ fi } localproxy(){ - [ -w /etc/systemd/system/clash.service -o -w /usr/lib/systemd/system/clash.service -o -x /bin/su ] && local_enh=1 + [ -w /etc/systemd/system/shellcrash.service -o -w /usr/lib/systemd/system/shellcrash.service -o -x /bin/su ] && local_enh=1 [ -f /etc/rc.common -a -w /etc/passwd ] && local_enh=1 echo ----------------------------------------------- [ -n "$local_enh" ] && { @@ -964,13 +959,13 @@ setboot(){ 1) if [ "$autostart" = "enable" ]; then [ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null - ckcmd systemctl && systemctl disable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl disable shellcrash.service > /dev/null 2>&1 touch $CRASHDIR/.dis_startup autostart=disable echo -e "\033[33m已禁止Clash开机启动!\033[0m" elif [ "$autostart" = "disable" ]; then [ -f /etc/rc.common ] && /etc/init.d/clash enable - ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl enable shellcrash.service > /dev/null 2>&1 rm -rf $CRASHDIR/.dis_startup autostart=enable echo -e "\033[32m已设置Clash开机启动!\033[0m" @@ -984,7 +979,7 @@ setboot(){ setconfig start_old $start_old $CRASHDIR/start.sh stop else - if [ -f /etc/init.d/clash -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then + if [ -n "$(pidof procd)" -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then echo -e "\033[32m改为使用系统守护进程启动服务!!\033[0m" $CRASHDIR/start.sh cronset "ShellCrash初始化" start_old=未开启 @@ -1338,7 +1333,7 @@ clashcfg(){ setconfig common_ports $common_ports } echo ----------------------------------------------- - if [ -n "$(pidof clash)" ];then + if [ -n "$(pidof CrashCore)" ];then read -p "切换时将停止服务,是否继续?(1/0) > " res [ "$res" = 1 ] && $CRASHDIR/start.sh stop && set_common_ports else @@ -1362,7 +1357,7 @@ clashcfg(){ local_proxy=未开启 setconfig local_proxy $local_proxy setconfig local_type - sed -i '/user shellclash/d' /etc/init.d/clash 2>/dev/null + sed -i '/user shellcrash/d' /etc/init.d/clash 2>/dev/null echo -e "\033[33m已经停用本机代理规则,请尽快重启服务!!\033[0m" fi sleep 1 @@ -1834,7 +1829,7 @@ case "$1" in ;; -t) shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash - $shtype -x $CRASHDIR/clash.sh + $shtype -x $CRASHDIR/menu.sh ;; -s) $CRASHDIR/start.sh $2 $3 $4 $5 $6 @@ -1876,12 +1871,12 @@ case "$1" in sed -i '/ShellCrash初始化/'d /jffs/.asusrouter 2>/dev/null rm -rf $bindir rm -rf /etc/init.d/clash - rm -rf /etc/systemd/system/clash.service - rm -rf /usr/lib/systemd/system/clash.service + rm -rf /etc/systemd/system/shellcrash.service + rm -rf /usr/lib/systemd/system/shellcrash.service rm -rf /www/clash rm -rf /tmp/clash_$USER sed -Ei s/0:7890/7890:7890/g /etc/passwd - userdel -r shellclash 2>/dev/null + userdel -r shellcrash 2>/dev/null nvram set script_usbmount="" 2>/dev/null nvram commit 2>/dev/null uci delete firewall.ShellClash 2>/dev/null diff --git a/scripts/misnap_init.sh b/scripts/misnap_init.sh index 5d0272e..a50be7e 100644 --- a/scripts/misnap_init.sh +++ b/scripts/misnap_init.sh @@ -52,13 +52,13 @@ init(){ #初始化环境变量 sed -i "/alias crash/d" $profile sed -i "/export CRASHDIR/d" $profile - echo "alias crash=\"$CRASHDIR/clash.sh\"" >>$profile + echo "alias crash=\"$CRASHDIR/menu.sh\"" >>$profile echo "export CRASHDIR=\"$CRASHDIR\"" >>$profile #软固化功能 autoSSH #设置init.d服务 - cp -f $CRASHDIR/clashservice /etc/init.d/clash - chmod 755 /etc/init.d/clash + cp -f $CRASHDIR/shellcrash.rc /etc/init.d/shellcrash + chmod 755 /etc/init.d/shellcrash #启动服务 if [ ! -f $CRASHDIR/.dis_startup ]; then #AX6S/AX6000修复tun功能 @@ -66,8 +66,8 @@ init(){ #小米7000/小米万兆修复tproxy [ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix #启动服务 - /etc/init.d/clash start - /etc/init.d/clash enable + /etc/init.d/shellcrash start + /etc/init.d/shellcrash enable fi } @@ -76,7 +76,7 @@ case "$1" in tproxyfix) tproxyfix ;; init) init ;; *) - if [ -z $(pidof clash) ];then + if [ -z $(pidof CrashCore) ];then init & fi ;; diff --git a/scripts/shellcrash.rc b/scripts/shellcrash.rc new file mode 100644 index 0000000..554c97f --- /dev/null +++ b/scripts/shellcrash.rc @@ -0,0 +1,30 @@ +#!/bin/sh /etc/rc.common + +START=99 + +SERVICE_DAEMONIZE=1 +SERVICE_WRITE_PID=1 +USE_PROCD=1 +#获取目录 +CRASHDIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}') +[ -z "$CRASHDIR" ] && CRASHDIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}') +BINDIR=$(cat $DIR/configs/ShellCrash.cfg | grep bindir | awk -F "=" '{print $2}') +[ -z "$BINDIR" ] && BINDIR=$DIR +source $DIR/configs/service.env + +start_service() { + #检测必须文件 + $CRASHDIR/start.sh bfstart + if [ "$?" = "0" ];then + #使用procd创建clash后台进程 + procd_open_instance + procd_set_param respawn + procd_set_param stderr 0 + procd_set_param stdout 0 + procd_set_param command $COMMAND + procd_close_instance + #其他设置 + $CRASHDIR/start.sh afstart + fi +} + diff --git a/scripts/shellcrash.service b/scripts/shellcrash.service new file mode 100644 index 0000000..ce06522 --- /dev/null +++ b/scripts/shellcrash.service @@ -0,0 +1,20 @@ +[Unit] +Description=ShellCrash Core +After=network.target + +[Service] +Type=simple +User=root +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH +AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH +EnvironmentFile=/etc/ShellCrash/configs/systemd.env +ExecStartPre=$CRASHDIR/start.sh bfstart +ExecStart=$ExecStart +ExecStartPost=$CRASHDIR/start.sh afstart +Restart=on-failure +RestartSec=5s +LimitNOFILE=infinity + + +[Install] +WantedBy=multi-user.target diff --git a/scripts/start.sh b/scripts/start.sh index 1983e2d..5159812 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -33,8 +33,12 @@ getconfig(){ [ -z "$common_ports" ] && common_ports=已开启 [ -z "$multiport" ] && multiport='22,53,80,123,143,194,443,465,587,853,993,995,5222,8080,8443' [ "$common_ports" = "已开启" ] && ports="-m multiport --dports $multiport" - #yaml - [ -z "$yaml" ] && yaml=$CRASHDIR/yamls/config.yaml + #内核配置文件 + [ -z "$core_config" ] && if [ "$crashcore" = singbox ];then + core_config=$CRASHDIR/jsons/config.json + else + core_config=$CRASHDIR/yamls/config.yaml + fi } setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 @@ -62,7 +66,7 @@ logger(){ [ -z "$3" ] && { getconfig [ -n "$device_name" ] && log_text="$log_text($device_name)" - [ -n "$(pidof clash)" ] && { + [ -n "$(pidof CrashCore)" ] && { [ -n "$authentication" ] && auth="$authentication@" export https_proxy="http://${auth}127.0.0.1:$mix_port" } @@ -160,7 +164,68 @@ getlanip(){ reserve_ipv6="::/128 ::1/128 ::ffff:0:0/96 64:ff9b::/96 100::/64 2001::/32 2001:20::/28 2001:db8::/32 2002::/16 fc00::/7 fe80::/10 ff00::/8" } #配置文件相关 -getyaml(){ +check_clash_config(){ + #检测节点或providers + if [ -z "$(cat $core_config_new | grep -E 'server|proxy-providers' | grep -v 'nameserver' | head -n 1)" ];then + echo ----------------------------------------------- + logger "获取到了配置文件,但似乎并不包含正确的节点信息!" 31 + echo ----------------------------------------------- + sed -n '1,30p' $core_config_new + echo ----------------------------------------------- + echo -e "\033[33m请检查如上配置文件信息:\033[0m" + echo ----------------------------------------------- + exit 1 + fi + #检测旧格式 + if cat $core_config_new | grep 'Proxy Group:' >/dev/null;then + echo ----------------------------------------------- + logger "已经停止对旧格式配置文件的支持!!!" 31 + echo -e "请使用新格式或者使用【在线生成配置文件】功能!" + echo ----------------------------------------------- + exit 1 + fi + #检测不支持的加密协议 + if cat $core_config_new | grep 'cipher: chacha20,' >/dev/null;then + echo ----------------------------------------------- + logger "已停止支持chacha20加密,请更换更安全的节点加密协议!" 31 + echo ----------------------------------------------- + exit 1 + fi + #检测并去除无效节点组 + [ -n "$url_type" ] && ckcmd xargs && { + cat $core_config_new | sed '/^rules:/,$d' | grep -A 15 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/- //g' | grep -E '#DIRECT $|#DIRECT$' | awk -F '#' '{print $1}' > $TMPDIR/clash_proxies_$USER + while read line ;do + sed -i "/- $line/d" $core_config_new + sed -i "/- name: $line/,/- DIRECT/d" $core_config_new + done < $TMPDIR/clash_proxies_$USER + rm -rf $TMPDIR/clash_proxies_$USER + } + #使用核心内置test功能检测 + if [ -x $bindir/clash ];then + $bindir/clash -t -d $bindir -f $core_config_new >/dev/null + if [ "$?" != "0" ];then + logger "配置文件加载失败!请查看报错信息!" 31 + $bindir/clash -t -d $bindir -f $core_config_new + echo "$($bindir/clash -t -d $bindir -f $core_config_new)" >> $TMPDIR/ShellCrash.log + exit 1 + fi + fi +} +check_singbox_config(){ + #使用核心内置format功能检测并格式化 + if [ -x $bindir/singbox ];then + $bindir/singbox format -c $core_config_new > $TMPDIR/format.json + if [ "$?" != "0" ];then + logger "配置文件加载失败!请查看报错信息!" 31 + $bindir/singbox check -c $core_config_new + echo "$($bindir/singbox check -c $core_config_new)" >> $TMPDIR/ShellCrash.log + exit 1 + else + mv -f $TMPDIR/format.json $core_config_new + fi + fi +} +get_core_config(){ [ -z "$rule_link" ] && rule_link=1 [ -z "$server_link" ] && server_link=1 Server=$(grep -aE '^3|^4' $CRASHDIR/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}') @@ -169,18 +234,25 @@ getyaml(){ Config=$(grep -aE '^5' $CRASHDIR/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}') #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 if [ -z "$Https" ];then - Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" + if [ "$crashcore" = singbox ];then + target=singbox + format=json + else + target=clash + format=yaml + fi + Https="$Server/sub?target=$target&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" url_type=true fi #输出 echo ----------------------------------------------- - logger 正在连接服务器获取配置文件………… + logger 正在连接服务器获取$target配置文件………… echo -e "链接地址为:\033[4;32m$Https\033[0m" echo 可以手动复制该链接到浏览器打开并查看数据是否正常! - #获取在线yaml文件 - yamlnew=$TMPDIR/clash_config_$USER.yaml - rm -rf $yamlnew - $0 webget $yamlnew $Https + #获取在线config文件 + core_config_new=$TMPDIR/$target_config.$format + rm -rf $core_config_new + $0 webget $core_config_new $Https if [ "$?" = "1" ];then if [ -z "$url_type" ];then echo ----------------------------------------------- @@ -199,7 +271,7 @@ getyaml(){ echo -e "\033[32m如担心数据安全,请在3s内使用【Ctrl+c】退出!\033[0m" sleep 3 Https="" - getyaml + get_core_config else retry=$((retry+1)) logger "配置文件获取失败!" 31 @@ -211,62 +283,18 @@ getyaml(){ server_link=$((server_link+1)) setconfig server_link $server_link Https="" - getyaml + get_core_config fi fi else Https="" - #检测节点或providers - if [ -z "$(cat $yamlnew | grep -E 'server|proxy-providers' | grep -v 'nameserver' | head -n 1)" ];then - echo ----------------------------------------------- - logger "获取到了配置文件,但似乎并不包含正确的节点信息!" 31 - echo ----------------------------------------------- - sed -n '1,30p' $yamlnew - echo ----------------------------------------------- - echo -e "\033[33m请检查如上配置文件信息:\033[0m" - echo ----------------------------------------------- - exit 1 - fi - #检测旧格式 - if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then - echo ----------------------------------------------- - logger "已经停止对旧格式配置文件的支持!!!" 31 - echo -e "请使用新格式或者使用【在线生成配置文件】功能!" - echo ----------------------------------------------- - exit 1 - fi - #检测不支持的加密协议 - if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then - echo ----------------------------------------------- - logger "已停止支持chacha20加密,请更换更安全的节点加密协议!" 31 - echo ----------------------------------------------- - exit 1 - fi - #检测并去除无效节点组 - [ -n "$url_type" ] && ckcmd xargs && { - cat $yamlnew | sed '/^rules:/,$d' | grep -A 15 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/- //g' | grep -E '#DIRECT $|#DIRECT$' | awk -F '#' '{print $1}' > $TMPDIR/clash_proxies_$USER - while read line ;do - sed -i "/- $line/d" $yamlnew - sed -i "/- name: $line/,/- DIRECT/d" $yamlnew - done < $TMPDIR/clash_proxies_$USER - rm -rf $TMPDIR/clash_proxies_$USER - } - #使用核心内置test功能检测 - if [ -x $bindir/clash ];then - $bindir/clash -t -d $bindir -f $yamlnew >/dev/null - if [ "$?" != "0" ];then - logger "配置文件加载失败!请查看报错信息!" 31 - $bindir/clash -t -d $bindir -f $yamlnew - echo "$($bindir/clash -t -d $bindir -f $yamlnew)" >> $TMPDIR/ShellCrash.log - exit 1 - fi - fi + [ "$crashcore" = singbox ] && check_singbox_config || check_clash_config #如果不同则备份并替换文件 - if [ -f $yaml ];then - compare $yamlnew $yaml - [ "$?" = 0 ] || mv -f $yaml $yaml.bak && mv -f $yamlnew $yaml + if [ -s $core_config ];then + compare $core_config_new $core_config + [ "$?" = 0 ] || mv -f $core_config $core_config.bak && mv -f $core_config_new $core_config else - mv -f $yamlnew $yaml + mv -f $core_config_new $core_config fi echo -e "\033[32m已成功获取配置文件!\033[0m" fi @@ -280,19 +308,19 @@ modify_yaml(){ [ "$ipv6_dns" = "已开启" ] && dns_v6='true' || dns_v6='false' external="external-controller: 0.0.0.0:$db_port" if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ];then - [ "$clashcore" = 'meta' ] && tun_meta=', device: utun, auto-route: false' + [ "$crashcore" = 'meta' ] && tun_meta=', device: utun, auto-route: false' tun="tun: {enable: true, stack: system$tun_meta}" else tun='tun: {enable: false}' fi exper='experimental: {ignore-resolve-fail: true, interface-name: en0}' #Meta内核专属配置 - [ "$clashcore" = 'meta' ] && { + [ "$crashcore" = 'meta' ] && { [ "$redir_mod" != "纯净模式" ] && find_process='find-process-mode: "off"' } #dns配置 [ -z "$(cat $CRASHDIR/yamls/user.yaml 2>/dev/null | grep '^dns:')" ] && { - [ "$clashcore" = 'meta' ] && dns_default_meta='- https://223.5.5.5/dns-query' + [ "$crashcore" = 'meta' ] && dns_default_meta='- https://223.5.5.5/dns-query' cat > $TMPDIR/dns.yaml < $TMPDIR/set.yaml < $TMPDIR/${char}.yaml + for char in $core_config_char;do + sed -n "/^$char:/,/^[a-z]/ { /^[a-z]/d; p; }" $core_config > $TMPDIR/${char}.yaml done #跳过本地tls证书验证 [ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $TMPDIR/proxies.yaml || \ @@ -447,21 +474,21 @@ EOF #set和user去重,且优先使用user.yaml cp -f $TMPDIR/set.yaml $TMPDIR/set_bak.yaml for char in mode allow-lan log-level tun experimental interface-name dns store-selected;do - [ -n "$(grep -E "^$char" $yaml_user)" ] && sed -i "/^$char/d" $TMPDIR/set.yaml + [ -n "$(grep -E "^$char" $core_config_user)" ] && sed -i "/^$char/d" $TMPDIR/set.yaml done } [ -s $TMPDIR/dns.yaml ] && yaml_dns=$TMPDIR/dns.yaml [ -s $TMPDIR/hosts.yaml ] && yaml_hosts=$TMPDIR/hosts.yaml [ -s $CRASHDIR/yamls/others.yaml ] && yaml_others=$CRASHDIR/yamls/others.yaml yaml_add= - for char in $yaml_char;do #将额外配置文件合并 + for char in $core_config_char;do #将额外配置文件合并 [ -s $TMPDIR/${char}.yaml ] && { sed -i "1i\\${char}:" $TMPDIR/${char}.yaml - yaml_add="$yaml_add $TMPDIR/${char}.yaml" + yaml_add="$core_config_add $TMPDIR/${char}.yaml" } done #合并完整配置文件 - cut -c 1- $TMPDIR/set.yaml $yaml_dns $yaml_hosts $yaml_user $yaml_others $yaml_add > $TMPDIR/config.yaml + cut -c 1- $TMPDIR/set.yaml $core_config_dns $core_config_hosts $core_config_user $core_config_others $core_config_add > $TMPDIR/config.yaml #测试自定义配置文件 $bindir/clash -t -d $bindir -f $TMPDIR/config.yaml >/dev/null if [ "$?" != 0 ];then @@ -472,16 +499,187 @@ EOF sed -i "/#自定义策略组开始/,/#自定义策略组结束/d" $TMPDIR/proxy-groups.yaml mv -f $TMPDIR/set_bak.yaml $TMPDIR/set.yaml &>/dev/null #合并基础配置文件 - cut -c 1- $TMPDIR/set.yaml $yaml_dns $yaml_add > $TMPDIR/config.yaml + cut -c 1- $TMPDIR/set.yaml $core_config_dns $core_config_add > $TMPDIR/config.yaml sed -i "/#自定义/d" $TMPDIR/config.yaml fi #建立软连接 [ "$TMPDIR" = "$bindir" ] || ln -sf $TMPDIR/config.yaml $bindir/config.yaml #清理缓存 - for char in $yaml_char set set_bak dns hosts;do + for char in $core_config_char set set_bak dns hosts;do rm -f $TMPDIR/${char}.yaml done } +modify_json(){ + #生成log.json + cat > $TMPDIR/log.json <> $sys_hosts </dev/null | grep '^dns:')" ] && { + cat > $TMPDIR/dns.json < $TMPDIR/ntp.json < $TMPDIR/inbounds.json < $TMPDIR/experimental.json < $TMPDIR/outbounds.json + cat $core_config | sed -n '/"route":/,/"experimental":/{/"experimental":/d; p}' > $TMPDIR/route.json + #跳过本地tls证书验证 + if [ -z "$skip_cert" -o "$skip_cert" = "已开启" ];then + sed -i 's/"insecure": false/"insecure": true/' $TMPDIR/outbounds.json + else + sed -i 's/"insecure": true/"insecure": false/' $TMPDIR/outbounds.json + fi + #合并文件 + json_all= + for char in log dns ntp inbounds outbounds route experimental;do + [ -s $TMPDIR/$char.json ] && json_add=$TMPDIR/$char.json + [ -s $CRASHDIR/jsons/$char.json ] && json_add=$CRASHDIR/jsons/$char.json #如果有自定义配置文件则使用 + json_all="$json_all $json_add" + done + cut -c 1- $json_all > $TMPDIR/all.json + #测试自定义配置文件 + $bindir/singbox check -D $bindir -c $TMPDIR/config.json >/dev/null + if [ "$?" != 0 ];then + logger "$($bindir/singbox check -D $bindir -c $TMPDIR/config.json | grep -Eo 'error.*=.*')" 31 + logger "自定义配置文件校验失败!将使用基础配置文件启动!" 33 + logger "错误详情请参考 $TMPDIR/error.json 文件!" 33 + mv -f $TMPDIR/config.json $TMPDIR/error.json &>/dev/null + #合并基础配置文件 + for char in log dns ntp inbounds outbounds route experimental;do + [ -s $TMPDIR/$char.json ] && json_add=$TMPDIR/$char.json + json_all="$json_all $json_add" + done + cut -c 1- $json_all > $TMPDIR/config.json + fi + #清理缓存 + for char in all log dns ntp inbounds outbounds route experimental;do + rm -f $TMPDIR/${char}.json + done +} + #设置路由规则 cn_ip_route(){ [ ! -f $bindir/cn_ip.txt ] && { @@ -790,7 +988,7 @@ start_tun(){ [ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j clash #设置ipv6转发 - [ "$ipv6_redir" = "已开启" -a "$clashcore" = "meta" ] && { + [ "$ipv6_redir" = "已开启" -a "$crashcore" = "meta" ] && { ip -6 route add default dev utun table 101 ip -6 rule add fwmark $fwmark table 101 ip6tables -t mangle -N clashv6 @@ -830,30 +1028,30 @@ start_nft(){ ip rule add fwmark $fwmark table 100 ip route add local default dev lo table 100 [ "$redir_mod" = "Nft基础" ] && \ - nft add chain inet shellclash prerouting { type nat hook prerouting priority -100 \; } + nft add chain inet shellcrash prerouting { type nat hook prerouting priority -100 \; } [ "$redir_mod" = "Nft混合" ] && { modprobe nft_tproxy &> /dev/null - nft add chain inet shellclash prerouting { type filter hook prerouting priority 0 \; } + nft add chain inet shellcrash prerouting { type filter hook prerouting priority 0 \; } } [ -n "$(echo $redir_mod|grep Nft)" ] && { #过滤局域网设备 [ -n "$(cat $CRASHDIR/configs/mac)" ] && { MAC=$(awk '{printf "%s, ",$1}' $CRASHDIR/configs/mac) [ "$macfilter_type" = "黑名单" ] && \ - nft add rule inet shellclash prerouting ether saddr {$MAC} return || \ - nft add rule inet shellclash prerouting ether saddr != {$MAC} return + nft add rule inet shellcrash prerouting ether saddr {$MAC} return || \ + nft add rule inet shellcrash prerouting ether saddr != {$MAC} return } #过滤保留地址 - nft add rule inet shellclash prerouting ip daddr {$RESERVED_IP} return + nft add rule inet shellcrash prerouting ip daddr {$RESERVED_IP} return #仅代理本机局域网网段流量 - nft add rule inet shellclash prerouting ip saddr != {$HOST_IP} return + nft add rule inet shellcrash prerouting ip saddr != {$HOST_IP} return #绕过CN-IP [ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" -a -f $bindir/cn_ip.txt ] && { CN_IP=$(awk '{printf "%s, ",$1}' $bindir/cn_ip.txt) - [ -n "$CN_IP" ] && nft add rule inet shellclash prerouting ip daddr {$CN_IP} return + [ -n "$CN_IP" ] && nft add rule inet shellcrash prerouting ip daddr {$CN_IP} return } #过滤常用端口 - [ -n "$PORTS" ] && nft add rule inet shellclash prerouting tcp dport != {$PORTS} ip daddr != {198.18.0.0/16} return + [ -n "$PORTS" ] && nft add rule inet shellcrash prerouting tcp dport != {$PORTS} ip daddr != {198.18.0.0/16} return #ipv6支持 if [ "$ipv6_redir" = "已开启" ];then RESERVED_IP6="$(echo "$reserve_ipv6 $host_ipv6" | sed 's/ /, /g')" @@ -861,62 +1059,62 @@ start_nft(){ ip -6 rule add fwmark $fwmark table 101 2> /dev/null ip -6 route add local ::/0 dev lo table 101 2> /dev/null #过滤保留地址及本机地址 - nft add rule inet shellclash prerouting ip6 daddr {$RESERVED_IP6} return + nft add rule inet shellcrash prerouting ip6 daddr {$RESERVED_IP6} return #仅代理本机局域网网段流量 - nft add rule inet shellclash prerouting ip6 saddr != {$HOST_IP6} return + nft add rule inet shellcrash prerouting ip6 saddr != {$HOST_IP6} return #绕过CN_IPV6 [ "$dns_mod" = "redir_host" -a "$cn_ipv6_route" = "已开启" -a -f $bindir/cn_ipv6.txt ] && { CN_IP6=$(awk '{printf "%s, ",$1}' $bindir/cn_ipv6.txt) - [ -n "$CN_IP6" ] && nft add rule inet shellclash prerouting ip6 daddr {$CN_IP6} return + [ -n "$CN_IP6" ] && nft add rule inet shellcrash prerouting ip6 daddr {$CN_IP6} return } else - nft add rule inet shellclash prerouting meta nfproto ipv6 return + nft add rule inet shellcrash prerouting meta nfproto ipv6 return fi #透明路由 - [ "$redir_mod" = "Nft基础" ] && nft add rule inet shellclash prerouting meta l4proto tcp mark set $fwmark redirect to $redir_port - [ "$redir_mod" = "Nft混合" ] && nft add rule inet shellclash prerouting meta l4proto {tcp, udp} mark set $fwmark tproxy to :$tproxy_port + [ "$redir_mod" = "Nft基础" ] && nft add rule inet shellcrash prerouting meta l4proto tcp mark set $fwmark redirect to $redir_port + [ "$redir_mod" = "Nft混合" ] && nft add rule inet shellcrash prerouting meta l4proto {tcp, udp} mark set $fwmark tproxy to :$tproxy_port } #屏蔽QUIC [ "$quic_rj" = 已启用 ] && { - nft add chain inet shellclash input { type filter hook input priority 0 \; } - [ -n "$CN_IP" ] && nft add rule inet shellclash input ip daddr {$CN_IP} return - [ -n "$CN_IP6" ] && nft add rule inet shellclash input ip6 daddr {$CN_IP6} return - nft add rule inet shellclash input udp dport 443 reject comment 'ShellCrash-QUIC-REJECT' + nft add chain inet shellcrash input { type filter hook input priority 0 \; } + [ -n "$CN_IP" ] && nft add rule inet shellcrash input ip daddr {$CN_IP} return + [ -n "$CN_IP6" ] && nft add rule inet shellcrash input ip6 daddr {$CN_IP6} return + nft add rule inet shellcrash input udp dport 443 reject comment 'ShellCrash-QUIC-REJECT' } #代理本机(仅TCP) [ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && { #dns - nft add chain inet shellclash dns_out { type nat hook output priority -100 \; } - nft add rule inet shellclash dns_out meta skgid { 453, 7890 } return && \ - nft add rule inet shellclash dns_out udp dport 53 redirect to $dns_port + nft add chain inet shellcrash dns_out { type nat hook output priority -100 \; } + nft add rule inet shellcrash dns_out meta skgid { 453, 7890 } return && \ + nft add rule inet shellcrash dns_out udp dport 53 redirect to $dns_port #output - nft add chain inet shellclash output { type nat hook output priority -100 \; } - nft add rule inet shellclash output meta skgid 7890 return && { - [ -n "$PORTS" ] && nft add rule inet shellclash output tcp dport != {$PORTS} return - nft add rule inet shellclash output ip daddr {$RESERVED_IP} return - nft add rule inet shellclash output meta l4proto tcp mark set $fwmark redirect to $redir_port + nft add chain inet shellcrash output { type nat hook output priority -100 \; } + nft add rule inet shellcrash output meta skgid 7890 return && { + [ -n "$PORTS" ] && nft add rule inet shellcrash output tcp dport != {$PORTS} return + nft add rule inet shellcrash output ip daddr {$RESERVED_IP} return + nft add rule inet shellcrash output meta l4proto tcp mark set $fwmark redirect to $redir_port } #Docker type docker &>/dev/null && { - nft add chain inet shellclash docker { type nat hook prerouting priority -100 \; } - nft add rule inet shellclash docker ip saddr != {172.16.0.0/12} return #进代理docker网段 - nft add rule inet shellclash docker ip daddr {$RESERVED_IP} return #过滤保留地址 - nft add rule inet shellclash docker udp dport 53 redirect to $dns_port - nft add rule inet shellclash docker meta l4proto tcp mark set $fwmark redirect to $redir_port + nft add chain inet shellcrash docker { type nat hook prerouting priority -100 \; } + nft add rule inet shellcrash docker ip saddr != {172.16.0.0/12} return #进代理docker网段 + nft add rule inet shellcrash docker ip daddr {$RESERVED_IP} return #过滤保留地址 + nft add rule inet shellcrash docker udp dport 53 redirect to $dns_port + nft add rule inet shellcrash docker meta l4proto tcp mark set $fwmark redirect to $redir_port } } } start_nft_dns(){ - nft add chain inet shellclash dns { type nat hook prerouting priority -100 \; } + nft add chain inet shellcrash dns { type nat hook prerouting priority -100 \; } #过滤局域网设备 [ -n "$(cat $CRASHDIR/configs/mac)" ] && { MAC=$(awk '{printf "%s, ",$1}' $CRASHDIR/configs/mac) [ "$macfilter_type" = "黑名单" ] && \ - nft add rule inet shellclash dns ether saddr {$MAC} return || \ - nft add rule inet shellclash dns ether saddr != {$MAC} return + nft add rule inet shellcrash dns ether saddr {$MAC} return || \ + nft add rule inet shellcrash dns ether saddr != {$MAC} return } - nft add rule inet shellclash dns udp dport 53 redirect to ${dns_port} - nft add rule inet shellclash dns tcp dport 53 redirect to ${dns_port} + nft add rule inet shellcrash dns udp dport 53 redirect to ${dns_port} + nft add rule inet shellcrash dns tcp dport 53 redirect to ${dns_port} } start_wan(){ #获取局域网host地址 @@ -1045,8 +1243,8 @@ stop_firewall(){ ip -6 route del local ::/0 dev lo table 101 2> /dev/null #重置nftables相关规则 ckcmd nft && { - nft flush table inet shellclash >/dev/null 2>&1 - nft delete table inet shellclash >/dev/null 2>&1 + nft flush table inet shellcrash >/dev/null 2>&1 + nft delete table inet shellcrash >/dev/null 2>&1 } #还原防火墙文件 [ -s /etc/init.d/firewall.bak ] && mv -f /etc/init.d/firewall.bak /etc/init.d/firewall @@ -1141,68 +1339,28 @@ EOF compare $TMPDIR/clash_pac $bindir/ui/pac [ "$?" = 0 ] && rm -rf $TMPDIR/clash_pac || mv -f $TMPDIR/clash_pac $bindir/ui/pac } -bfstart(){ - #读取配置文件 - getconfig - [ ! -d $bindir/ui ] && mkdir -p $bindir/ui - [ -z "$update_url" ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master - #检查yaml配置文件 - if [ ! -f $yaml ];then - if [ -n "$Url" -o -n "$Https" ];then - logger "未找到配置文件,正在下载!" 33 - getyaml - exit 0 - else - logger "未找到配置文件链接,请先导入配置文件!" 31 - exit 1 - fi - fi +clash_check(){ #检测vless/hysteria协议 - if [ -n "$(cat $yaml | grep -oE 'type: vless|type: hysteria')" ] && [ "$clashcore" != "meta" ];then + if [ "$crashcore" != "meta" ] && [ -n "$(cat $core_config | grep -oE 'type: vless|type: hysteria')" ];then echo ----------------------------------------------- logger "检测到vless/hysteria协议!将改为使用meta核心启动!" 33 rm -rf $bindir/clash - clashcore=meta - setconfig clashcore meta + crashcore=meta echo ----------------------------------------------- fi - #检测是否存在高级版规则 - if [ "$clashcore" = "clash" -a -n "$(cat $yaml | grep -aE '^script:|proxy-providers|rule-providers|rule-set')" ];then - echo ----------------------------------------------- - logger "检测到高级规则!将改为使用meta核心启动!" 33 - rm -rf $bindir/clash - clashcore=meta - setconfig clashcore meta - echo ----------------------------------------------- + #检测是否存在高级版规则或者tun模式 + if [ "$crashcore" = "clash" ];then + [ -n "$(cat $core_config | grep -aE '^script:|proxy-providers|rule-providers|rule-set')" ] || \ + [ "$redir_mod" = "混合模式" ] || \ + [ "$redir_mod" = "Tun模式" ] && { + echo ----------------------------------------------- + logger "检测到高级功能!将改为使用ClashPre核心启动!" 33 + rm -rf $bindir/clash + crashcore=clashpre + echo ----------------------------------------------- + } fi - #检查clash核心 - if [ ! -f $bindir/clash ];then - if [ -f $CRASHDIR/clash ];then - mv $CRASHDIR/clash $bindir/clash - else - logger "未找到clash核心,正在下载!" 33 - if [ -z "$clashcore" ];then - [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ] && clashcore=clashpre || clashcore=clash - fi - [ -z "$cpucore" ] && source $CRASHDIR/getdate.sh && getcpucore - [ -z "$cpucore" ] && logger 找不到设备的CPU信息,请手动指定处理器架构类型! 31 && setcpucore - [ "$update_url" = "https://jwsc.eu.org:8888" ] && [ "$clashcore" != 'clash' ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master - $0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore" - #校验内核 - chmod +x $bindir/clash 2>/dev/null - clashv=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //') - if [ -z "$clashv" ];then - rm -rf $bindir/clash - logger "核心下载失败,请重新运行或更换安装源!" 31 - exit 1 - else - setconfig clashcore $clashcore - setconfig clashv $clashv - fi - fi - fi - [ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限 - #检查数据库文件 + #预下载GeoIP数据库 if [ ! -f $bindir/Country.mmdb ];then if [ -f $CRASHDIR/Country.mmdb ];then mv $CRASHDIR/Country.mmdb $bindir/Country.mmdb @@ -1214,54 +1372,131 @@ bfstart(){ setconfig Geo_v $Geo_v fi fi + #预下载GeoSite数据库 + if [ -n "$(cat $core_config|grep -Ei 'geosite')" ] && [ ! -f $bindir/GeoSite.dat ];then + if [ -f $CRASHDIR/GeoSite.dat ];then + mv -f $CRASHDIR/GeoSite.dat $bindir/GeoSite.dat + else + logger "未找到GeoSite数据库,正在下载!" 33 + $0 webget $bindir/GeoSite.dat $update_url/bin/geodata/geosite.dat + [ "$?" = "1" ] && rm -rf $bindir/GeoSite.dat && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1 + fi + fi +} +singbox_check(){ + #预下载GeoIP数据库 + if [ ! -f $bindir/geoip.db ];then + if [ -f $CRASHDIR/geoip.db ];then + mv $CRASHDIR/geoip.db $bindir/geoip.db + else + logger "未找到GeoIP数据库,正在下载!" 33 + $0 webget $bindir/geoip.db $update_url/bin/geodata/geoip_cn.db + [ "$?" = "1" ] && rm -rf $bindir/geoip.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1 + Geo_v=$(date +"%Y%m%d") + setconfig Geo_v $Geo_v + fi + fi + #预下载GeoSite数据库 + if [ -n "$(cat $core_config|grep -Ei '"geosite":')" ] && [ ! -f $bindir/geosite.db ];then + if [ -f $CRASHDIR/geosite.db ];then + mv -f $CRASHDIR/geosite.db$bindir/geosite.db + else + logger "未找到GeoSite数据库,正在下载!" 33 + $0 webget $bindir/geosite.db $update_url/bin/geodata/geosite_cn.db + [ "$?" = "1" ] && rm -rf $bindir/geosite.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1 + Geo_v=$(date +"%Y%m%d") + setconfig Geo_v $Geo_v + fi + fi +} +bfstart(){ + #读取ShellCrash配置 + getconfig + [ -z "$update_url" ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master + [ ! -d $bindir/ui ] && mkdir -p $bindir/ui + [ -z "$crashcore" ] && crashcore=clash + #检查内核配置文件 + if [ ! -f $core_config ];then + if [ -n "$Url" -o -n "$Https" ];then + logger "未找到配置文件,正在下载!" 33 + get_core_config + exit 0 + else + logger "未找到配置文件链接,请先导入配置文件!" 31 + exit 1 + fi + fi + #检查dashboard文件 if [ -f $CRASHDIR/ui/index.html -a ! -f $bindir/ui/index.html ];then cp -rf $CRASHDIR/ui $bindir fi [ ! -s $bindir/ui/index.html ] && makehtml #如没有面板则创建跳转界面 - #检查curl或wget支持 - curl --version > /dev/null 2>&1 - [ "$?" = 1 ] && wget --version > /dev/null 2>&1 - [ "$?" = 1 ] && restore=true || restore=false #生成pac文件 catpac - #预下载GeoSite数据库 - if [ "$clashcore" = "meta" ] && [ ! -f $bindir/GeoSite.dat ] && [ -n "$(cat $yaml|grep -Ei 'geosite')" ];then - [ -f $CRASHDIR/geosite.dat ] && mv -f $CRASHDIR/geosite.dat $CRASHDIR/GeoSite.dat - if [ -f $CRASHDIR/GeoSite.dat ];then - mv -f $CRASHDIR/GeoSite.dat $bindir/GeoSite.dat - else - logger "未找到geosite数据库,正在下载!" 33 - $0 webget $bindir/GeoSite.dat $update_url/bin/geodata/geosite.dat - [ "$?" = "1" ] && rm -rf $bindir/GeoSite.dat && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1 - fi + #内核及内核配置文件检查 + if [ "$crashcore" = singbox ];then + singbox_check + [ "$disoverride" != "1" ] && modify_json || ln -sf $core_config $bindir/config.json + else + clash_check + [ "$disoverride" != "1" ] && modify_yaml || ln -sf $core_config $bindir/config.yaml fi - #本机代理准备 - if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then - if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then - if ckcmd userdel useradd groupmod; then - userdel shellclash 2>/dev/null - useradd shellclash -u 7890 - groupmod shellclash -g 7890 - sed -Ei s/7890:7890/0:7890/g /etc/passwd + #检查及下载内核文件 + if [ ! -f $bindir/CrashCore ];then + if [ -f $CRASHDIR/CrashCore ];then + mv $CRASHDIR/CrashCore $bindir/CrashCore + elif [ -f $CRASHDIR/clash ];then + mv $CRASHDIR/clash $bindir/CrashCore + else + logger "未找到【$crashcore】核心,正在下载!" 33 + [ -z "$cpucore" ] && source $CRASHDIR/getdate.sh && getcpucore + [ -z "$cpucore" ] && logger 找不到设备的CPU信息,请手动指定处理器架构类型! 31 && exit 1 + $0 webget $bindir/core.new "$update_url/bin/$crashcore/clash-linux-$cpucore" + #校验内核 + chmod +x $bindir/core.new 2>/dev/null + if [ "$crashcore" = singbox ];then + core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}') else - grep -qw shellclash /etc/passwd || echo "shellclash:x:0:7890:::" >> /etc/passwd + core_v=$($TMPDIR/core.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //') + fi + if [ -z "$core_v" ];then + rm -rf $bindir/clash + logger "核心下载失败,请重新运行或更换安装源!" 31 + exit 1 + else + setconfig crashcore $crashcore + setconfig core_v $core_v fi fi + fi + [ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限 + #本机代理准备 + if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then + #添加shellcrash用户 + if [ -z "$(id shellcrash 2>/dev/null | grep 'root')" ];then + if ckcmd userdel useradd groupmod; then + userdel shellcrash 2>/dev/null + useradd shellcrash -u 7890 + groupmod shellcrash -g 7890 + sed -Ei s/7890:7890/0:7890/g /etc/passwd + else + grep -qw shellcrash /etc/passwd || echo "shellcrash:x:0:7890:::" >> /etc/passwd + fi + fi + #修改启动文件 if [ "$start_old" != "已开启" ];then - [ -w /etc/systemd/system/clash.service ] && servdir=/etc/systemd/system/clash.service - [ -w /usr/lib/systemd/system/clash.service ] && servdir=/usr/lib/systemd/system/clash.service + [ -w /etc/systemd/system/shellcrash.service ] && servdir=/etc/systemd/system/shellcrash.service + [ -w /usr/lib/systemd/system/shellcrash.service ] && servdir=/usr/lib/systemd/system/shellcrash.service if [ -w /etc/init.d/clash ]; then - [ -z "$(grep 'procd_set_param user shellclash' /etc/init.d/clash)" ] && \ - sed -i '/procd_close_instance/i\\t\tprocd_set_param user shellclash' /etc/init.d/clash + [ -z "$(grep 'procd_set_param user shellcrash' /etc/init.d/clash)" ] && \ + sed -i '/procd_close_instance/i\\t\tprocd_set_param user shellcrash' /etc/init.d/clash elif [ -w "$servdir" ]; then - setconfig ExecStart "/bin/su shellclash -c \"$bindir/clash -d $bindir -f $TMPDIR/config.yaml >/dev/null\"" $servdir + setconfig User shellcrash $servdir systemctl daemon-reload >/dev/null fi fi fi - #生成配置文件 - [ "$disoverride" != "1" ] && modify_yaml || ln -sf $yaml $bindir/config.yaml #执行条件任务 [ -s $CRASHDIR/task/bfstart ] && source $CRASHDIR/task/bfstart } @@ -1274,81 +1509,78 @@ afstart(){ logger "clash将延迟$start_delay秒启动" 31 pushoff sleep $start_delay } - $bindir/clash -t -d $bindir >/dev/null - if [ "$?" = 0 ];then - #设置DNS转发 - start_dns(){ - [ "$dns_mod" = "redir_host" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route - [ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" = "redir_host" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route - if [ "$dns_no" != "已禁用" ];then - if [ "$dns_redir" != "已开启" ];then - [ -n "$(echo $redir_mod|grep Nft)" ] && start_nft_dns || start_ipt_dns - else - #openwrt使用dnsmasq转发 - uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1 - uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null - uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port > /dev/null 2>&1 - uci set dhcp.@dnsmasq[0].noresolv=1 2>/dev/null - uci commit dhcp >/dev/null 2>&1 - /etc/init.d/dnsmasq restart >/dev/null 2>&1 - fi + #设置DNS转发 + start_dns(){ + [ "$dns_mod" = "redir_host" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route + [ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" = "redir_host" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route + if [ "$dns_no" != "已禁用" ];then + if [ "$dns_redir" != "已开启" ];then + [ -n "$(echo $redir_mod|grep Nft)" ] && start_nft_dns || start_ipt_dns + else + #openwrt使用dnsmasq转发 + uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1 + uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null + uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port > /dev/null 2>&1 + uci set dhcp.@dnsmasq[0].noresolv=1 2>/dev/null + uci commit dhcp >/dev/null 2>&1 + /etc/init.d/dnsmasq restart >/dev/null 2>&1 fi - return 0 - } - #设置路由规则 - #[ "$ipv6_redir" = "已开启" ] && ipv6_wan=$(ip addr show|grep -A1 'inet6 [^f:]'|grep -oE 'inet6 ([a-f0-9:]+)/'|sed s#inet6\ ##g|sed s#/##g) - [ "$redir_mod" = "Redir模式" ] && start_dns && start_redir - [ "$redir_mod" = "混合模式" ] && start_dns && start_redir && start_tun udp - [ "$redir_mod" = "Tproxy混合" ] && start_dns && start_redir && start_tproxy udp - [ "$redir_mod" = "Tun模式" ] && start_dns && start_tun all - [ "$redir_mod" = "Tproxy模式" ] && start_dns && start_tproxy all - [ -n "$(echo $redir_mod|grep Nft)" -o "$local_type" = "nftables增强模式" ] && { - nft add table inet shellclash #初始化nftables - nft flush table inet shellclash - } - [ -n "$(echo $redir_mod|grep Nft)" ] && start_dns && start_nft - #设置本机代理 - [ "$local_proxy" = "已开启" ] && { - [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port - [ "$local_type" = "iptables增强模式" ] && start_output - [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft - } - ckcmd iptables && start_wan #本地防火墙 - mark_time #标记启动时间 - [ -s $CRASHDIR/task/cron ] && croncmd $CRASHDIR/task/cron #加载定时任务 - [ -s $CRASHDIR/configs/web_save ] && web_restore & #后台还原面板配置 - { sleep 5;logger Clash服务已启动!;} & #推送日志 - #执行条件任务 - [ -s $CRASHDIR/task/afstart ] && { source $CRASHDIR/task/afstart ;} & - [ -s $CRASHDIR/task/running ] && { - cronset '运行时每' - while read line ;do - cronset '2fjdi124dd12s' "$line" - done < $CRASHDIR/task/running - } - [ -s $CRASHDIR/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && { - #注入防火墙 - line=$(grep -En "fw3 restart" /etc/init.d/firewall | cut -d ":" -f 1) - sed -i.bak "${line}a\\source $CRASHDIR/task/affirewall" /etc/init.d/firewall - line=$(grep -En "fw3 .* start" /etc/init.d/firewall | cut -d ":" -f 1) - sed -i "${line}a\\source $CRASHDIR/task/affirewall" /etc/init.d/firewall - } - else - logger "Clash服务启动失败!请查看报错信息!" 33 - logger "$($bindir/clash -t -d $bindir | grep -Eo 'error.*=.*')" 31 - $0 stop - exit 1 - fi + fi + return 0 + } + #设置路由规则 + #[ "$ipv6_redir" = "已开启" ] && ipv6_wan=$(ip addr show|grep -A1 'inet6 [^f:]'|grep -oE 'inet6 ([a-f0-9:]+)/'|sed s#inet6\ ##g|sed s#/##g) + [ "$redir_mod" = "Redir模式" ] && start_dns && start_redir + [ "$redir_mod" = "混合模式" ] && start_dns && start_redir && start_tun udp + [ "$redir_mod" = "Tproxy混合" ] && start_dns && start_redir && start_tproxy udp + [ "$redir_mod" = "Tun模式" ] && start_dns && start_tun all + [ "$redir_mod" = "Tproxy模式" ] && start_dns && start_tproxy all + [ -n "$(echo $redir_mod|grep Nft)" -o "$local_type" = "nftables增强模式" ] && { + nft add table inet shellcrash #初始化nftables + nft flush table inet shellcrash + } + [ -n "$(echo $redir_mod|grep Nft)" ] && start_dns && start_nft + #设置本机代理 + [ "$local_proxy" = "已开启" ] && { + [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port + [ "$local_type" = "iptables增强模式" ] && start_output + [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft + } + ckcmd iptables && start_wan #本地防火墙 + mark_time #标记启动时间 + [ -s $CRASHDIR/task/cron ] && croncmd $CRASHDIR/task/cron #加载定时任务 + [ -s $CRASHDIR/configs/web_save ] && web_restore & #后台还原面板配置 + { sleep 5;logger Clash服务已启动!;} & #推送日志 + #执行条件任务 + [ -s $CRASHDIR/task/afstart ] && { source $CRASHDIR/task/afstart ;} & + [ -s $CRASHDIR/task/running ] && { + cronset '运行时每' + while read line ;do + cronset '2fjdi124dd12s' "$line" + done < $CRASHDIR/task/running + } + [ -s $CRASHDIR/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && { + #注入防火墙 + line=$(grep -En "fw3 restart" /etc/init.d/firewall | cut -d ":" -f 1) + sed -i.bak "${line}a\\source $CRASHDIR/task/affirewall" /etc/init.d/firewall + line=$(grep -En "fw3 .* start" /etc/init.d/firewall | cut -d ":" -f 1) + sed -i "${line}a\\source $CRASHDIR/task/affirewall" /etc/init.d/firewall + } } start_old(){ + source $CRASHDIR/configs/service.env bfstart #使用传统后台执行二进制文件的方式执行 if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then - ckcmd su && su=su - $su shellclash -c "$bindir/clash -d $bindir >/dev/null" & + if ckcmd su;then + su shellcrash -c "$COMMAND" 2>&1 & + else + logger "当前设备缺少su命令,保守模式下无法兼容本机代理增强模式,已停止启动!" 31 + exit 1 + fi else - ckcmd nohup && nohup=nohup - $nohup $bindir/clash -d $bindir >/dev/null 2>&1 & + ckcmd nohup && nohup=nohup #华硕调用nohup启动 + $nohup "$COMMAND" 2>&1 & fi afstart $0 daemon @@ -1363,35 +1595,35 @@ afstart) afstart ;; start) - [ -n "$(pidof clash)" ] && $0 stop #禁止多实例 + [ -n "$(pidof CrashCore)" ] && $0 stop #禁止多实例 getconfig stop_firewall #清理路由策略 #使用不同方式启动服务 if [ "$start_old" = "已开启" ];then start_old - elif [ -f /etc/rc.common ];then - /etc/init.d/clash start - elif [ "$USER" = "root" ];then - systemctl start clash.service + elif [ -f /etc/rc.common -a -n "$(pidof procd)" ];then + service shellcrash start + elif [ "$USER" = "root" -a -n "$(pidof systemd)" ];then + systemctl start shellcrash.service else start_old fi ;; stop) getconfig - logger Clash服务即将关闭…… - [ -n "$(pidof clash)" ] && web_save #保存面板配置 + logger ShellCrash服务即将关闭…… + [ -n "$(pidof CrashCore)" ] && web_save #保存面板配置 #删除守护进程&面板配置自动保存 cronset '保守模式守护进程' cronset '运行时每' cronset '流媒体预解析' #多种方式结束进程 if [ -f /etc/rc.common ];then - /etc/init.d/clash stop >/dev/null 2>&1 + service shellcrash stop >/dev/null 2>&1 elif [ "$USER" = "root" ];then - systemctl stop clash.service >/dev/null 2>&1 + systemctl stop shellcrash.service >/dev/null 2>&1 fi - PID=$(pidof clash) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1 + PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1 stop_firewall #清理路由策略 $0 unset_proxy #禁用本机代理 ;; @@ -1420,20 +1652,20 @@ init) fi sed -i "/alias crash/d" $profile sed -i "/export CRASHDIR/d" $profile - echo "alias crash=\"$CRASHDIR/clash.sh\"" >> $profile + echo "alias crash=\"$CRASHDIR/menu.sh\"" >> $profile echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile [ -f $CRASHDIR/.dis_startup ] && cronset "保守模式守护进程" || $0 start ;; getyaml) getconfig - getyaml && \ + get_core_config && \ logger "任务:【更新订阅并重启服务】配置文件已更新!" ;; updateyaml) getconfig - getyaml && \ - modify_yaml && \ - put_save http://127.0.0.1:${db_port}/configs "{\"path\":\"${CRASHDIR}/config.yaml\"}" && \ + get_core_config + modify_$format && \ + put_save http://127.0.0.1:${db_port}/configs "{\"path\":\"${CRASHDIR}/config.$format\"}" && \ logger "任务:【热更新订阅】配置文件已更新!" ;; ntp) @@ -1444,7 +1676,7 @@ logger) ;; webget) #设置临时代理 - if [ -n "$(pidof clash)" ];then + if [ -n "$(pidof CrashCore)" ];then getconfig [ -n "$authentication" ] && auth="$authentication@" export all_proxy="http://${auth}127.0.0.1:$mix_port" @@ -1493,7 +1725,7 @@ web_restore) ;; daemon) getconfig - cronset '保守模式守护进程' "*/1 * * * * test -z \"\$(pidof clash)\" && $CRASHDIR/start.sh restart #保守模式守护进程" + cronset '保守模式守护进程' "*/1 * * * * test -z \"\$(pidof CrashCore)\" && $CRASHDIR/start.sh restart #ShellCrash保守模式守护进程" ;; cronset) cronset $2 $3 diff --git a/scripts/task.sh b/scripts/task.sh index 27db50c..b1144a9 100644 --- a/scripts/task.sh +++ b/scripts/task.sh @@ -18,44 +18,49 @@ setconfig(){ #任务命令 check_update(){ #检查更新工具 - $CRASHDIR/start.sh webget $TMPDIR/clashversion "$update_url/bin/version" echooff - [ "$?" = "0" ] && source $TMPDIR/clashversion 2>/dev/null - rm -rf $TMPDIR/clashversion + $CRASHDIR/start.sh webget $TMPDIR/crashversion "$update_url/bin/version" echooff + [ "$?" = "0" ] && source $TMPDIR/crashversion 2>/dev/null + rm -rf $TMPDIR/crashversion } update_core(){ #自动更新内核 #检查版本 check_update - clash_v_new=$(eval echo \$${crashcore}_v) - clash_v_now=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //') - if [ -z "$clash_v_new" -o "$clash_v_new" = "clash_v_now" ];then + crash_v_new=$(eval echo \$${crashcore}_v) + if [ -z "$crash_v_new" -o "$crash_v_new" = "core_v" ];then logger "任务【自动更新内核】中止-未检测到版本更新" exit 1 else #更新内核 - $CRASHDIR/start.sh webget $TMPDIR/clash.new "$update_url/bin/$crashcore/clash-linux-$cpucore" + [ "$crashcore" = singbox ] && core_new=singbox || core_new=clash + $CRASHDIR/start.sh webget $TMPDIR/core.new "${update_url}/bin/${crashcore}/${core_new}-linux-${cpucore}" if [ "$?" != "0" ];then logger "任务【自动更新内核】出错-下载失败!" - rm -rf $TMPDIR/clash.new + rm -rf $TMPDIR/core.new return 1 else - chmod +x $TMPDIR/clash.new + chmod +x $TMPDIR/core.new $CRASHDIR/start.sh stop - clashv=$($TMPDIR/clash.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //') - if [ -z "$clashv" ];then - logger "任务【自动更新内核】出错-下载失败!" - rm -rf $TMPDIR/clash.new - [ $crashcore = meta ] && $CRASHDIR/start.sh start + if [ "$crashcore" = singbox ];then + core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}') + else + core_v=$($TMPDIR/core.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //') + fi + if [ -z "$core_v" ];then + logger "任务【自动更新内核】出错-内核校验失败!" + rm -rf $TMPDIR/core.new + $CRASHDIR/start.sh start return 1 else - mv -f $TMPDIR/clash.new $bindir/clash + mv -f $TMPDIR/core.new $bindir/CrashCore logger "任务【自动更新内核】下载完成,正在重启服务!" + setconfig core_v $core_v $CRASHDIR/start.sh start return 0 fi fi fi } -update_shellclash(){ #自动更新脚本 +update_shellcrash(){ #自动更新脚本 #检查版本 check_update if [ -z "$versionsh" -o "$versionsh" = "versionsh_l" ];then @@ -110,6 +115,8 @@ update_mmdb(){ #自动更新数据库 [ -n "${china_ip_list_v}" ] && getgeo cn_ip.txt china_ip_list.txt [ -n "${china_ipv6_list_v}" ] && getgeo cn_ipv6.txt china_ipv6_list.txt [ -n "${geosite_v}" ] && getgeo GeoSite.dat geosite.dat + [ -n "${geoip_cn_v}" ] && getgeo geoip.db geoip_cn.db + [ -n "${geosite_cn_v}" ] && getgeo geosite.db geosite_cn.db } reset_firewall(){ #重设透明路由防火墙 $CRASHDIR/start.sh stop_firewall @@ -170,7 +177,7 @@ set_service(){ if [ "$1" = "running" ];then task_txt="$4 $CRASHDIR/task/task.sh $2 $3" echo "$task_txt" >> $task_file - [ -n "$(pidof clash)" ] && cronset "$3" "$task_txt" + [ -n "$(pidof CrashCore)" ] && cronset "$3" "$task_txt" else echo "$CRASHDIR/task/task.sh $2 $3" >> $task_file fi @@ -294,7 +301,7 @@ task_type(){ #任务条件选择菜单 echo -e " 输入 6-18 代表\033[36m早6点至晚18点间每小时\033[0m运行" read -p "想在每日的具体哪个小时执行?(0-23) > " hour echo ----------------------------------------------- - read -p "想在具体哪分钟执行?(1-59的整数) > " min + read -p "想在具体哪分钟执行?(0-59的整数) > " min cron_time="在每日的$hour点$min分" set_cron ;; @@ -434,7 +441,7 @@ task_recom(){ #任务推荐 echo ----------------------------------------------- read -p "是否启用?(1/0) > " res [ "$res" = 1 ] && { - set_service running "106" "运行时每10分钟自动保存面板配置" "*/10" + set_service running "106" "运行时每10分钟自动保存面板配置" "*/10 * * * *" set_service afstart "107" "服务启动后自动同步ntp时间" cronset "在每周3的3点整更新订阅并重启服务" "0 3 * * 3 $CRASHDIR/task/task.sh 104 在每周3的3点整更新订阅并重启服务" && \ echo -e "任务【在每周3的3点整更新订阅并重启服务】\033[32m添加成功!\033[0m"