xm/ShellCrash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.8.4(未测试)

Browse Source 
~全面适配singbox内核
~保守模式启动优化
~修复推荐任务每10分钟保存节点配置未生效的bug
This commit is contained in:
juewuy
2024-01-06 22:35:41 +08:00
parent 42a5474939
commit 101bbae2ba
10 changed files with 849 additions and 437 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
scripts/clash.service
View File

@@ -1,17 +0,0 @@
[Unit]
Description=clash
After=network.target
[Service]
Type=simple
User=root
ExecStartPre=/etc/clash/start.sh bfstart
ExecStart=/etc/clash/clash -d /etc/clash >/dev/null
ExecStartPost=/etc/clash/start.sh afstart
Restart=on-failure
RestartSec=3s
LimitNOFILE=999999
[Install]
WantedBy=multi-user.target

45
scripts/clashservice
View File

@@ -1,45 +0,0 @@
#!/bin/sh /etc/rc.common
START=99
SERVICE_DAEMONIZE=1
SERVICE_WRITE_PID=1
USE_PROCD=1
#获取目录
DIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}')
[ -z "$DIR" ] && DIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}')
BINDIR=$(cat $DIR/configs/ShellCrash.cfg | grep bindir | awk -F "=" '{print $2}')
[ -z "$BINDIR" ] && BINDIR=$DIR
start_service() {
#检测必须文件
$DIR/start.sh bfstart
if [ "$?" = "0" ];then
#使用procd创建clash后台进程
procd_open_instance
procd_set_param respawn
procd_set_param stderr 0
procd_set_param stdout 0
procd_set_param command $BINDIR/clash -d $BINDIR
procd_close_instance
#其他设置
$DIR/start.sh afstart
fi
}
start() {
if [ -z "$(pidof procd)" ];then
#检测必须文件
$DIR/start.sh bfstart
if [ "$?" = "0" ];then
#创建后台进程
service_start $BINDIR/clash -d $BINDIR
#其他设置
$DIR/start.sh afstart
#设置守护进程
$DIR/start.sh daemon
fi
else
start_service
fi
}

246
scripts/getdate.sh
View File

@@ -548,7 +548,7 @@ override(){
case "$num" in
1)
source $CFG_PATH
if [ -n "$(pidof clash)" ];then
if [ -n "$(pidof CrashCore)" ];then
echo -----------------------------------------------
echo -e "\033[33m检测到服务正在运行需要先停止服务\033[0m"
read -p "是否停止服务?(1/0) > " res
@@ -807,11 +807,61 @@ setcpucore(){
setconfig cpucore $cpucore
fi
}
setcoretype(){
[ "$crashcore" = singbox ] && core_old=singbox || core_old=clash
echo -e "\033[33m请确认该自定义内核的类型\033[0m"
echo -e " 1 Clash基础内核"
echo -e " 2 Clash-Premium内核"
echo -e " 3 Clash-Meta内核"
echo -e " 4 Sing-Box内核"
read -p "请输入对应数字 > " num
case "$num" in
2) crashcore=clashpre ;;
3) crashcore=meta ;;
4) crashcore=singbox ;;
*) crashcore=clash ;;
esac
[ "$crashcore" = singbox ] && core_new=singbox || core_new=clash
}
switch_core(){
#singbox和clash内核切换时提示是否保留文件
[ "$core_new" != "$core_old" ] && {
echo -e "\033[33m已从$core_old内核切换至$core_new内核\033[0m"
echo -e "\033[33m二者Geo数据库及yaml/json配置文件不通用\033[0m"
read -p "是否保留相关数据库文件?(1/0) > " res
[ "$res" = '0' ] && [ "$core_old" = "clash" ] && {
rm -rf $CRASHDIR/Country.mmdb
rm -rf $CRASHDIR/GeoSite.dat
setconfig Country_v
setconfig cn_mini_v
setconfig geosite_v
}
[ "$res" = '0' ] && [ "$core_old" = "singbox" ] && {
rm -rf $CRASHDIR/geoip.db
rm -rf $CRASHDIR/geosite.db
setconfig geoip_cn_v
setconfig geosite_cn_v
}
read -p "是否保留$core_old相关配置文件(1/0) > " res
[ "$res" = '0' ] && [ "$core_old" = "clash" ] && rm -rf $CRASHDIR/yamls
[ "$res" = '0' ] && [ "$core_old" = "singbox" ] && rm -rf $CRASHDIR/jsons
}
if [ "$crashcore" = singbox ];then
COMMAND="$bindir/CrashCore run -D $bindir -c $TMPDIR/config.json >/dev/null"
COMMAND_T="$bindir/CrashCore check -D $bindir -c $TMPDIR/config.json"
else
COMMAND="$bindir/CrashCore -d $bindir -f $TMPDIR/config.yaml >/dev/null"
COMMAND_T="$bindir/CrashCore -t -d $bindir -f $TMPDIR/config.yaml"
fi
setconfig COMMAND $COMMAND $CRASHDIR/configs/service.env
setconfig COMMAND_T $COMMAND_T $CRASHDIR/configs/service.env
}
getcore(){
[ -z "$crashcore" ] && crashcore=clashpre
[ -z "$cpucore" ] && getcpucore
[ "$crashcore" = singbox ] && core_new=singbox || core_new=clash
#生成链接
[ -z "$custcorelink" ] && corelink="$update_url/bin/$crashcore/clash-linux-$cpucore" || corelink="$custcorelink"
[ -z "$custcorelink" ] && corelink="${update_url}/bin/${crashcore}/${core_new}-linux-${cpucore}" || corelink="$custcorelink"
#获取在线内核文件
echo -----------------------------------------------
echo 正在在线获取$crashcore核心文件……
@@ -820,9 +870,10 @@ getcore(){
echo -e "\033[31m核心文件下载失败\033[0m"
rm -rf $TMPDIR/core.new
[ -z "$custcorelink" ] && error_down
else=
else
chmod +x $TMPDIR/core.new
$CRASHDIR/start.sh stop
[ "$crashcore" = unknow ] && setcoretype
if [ "$crashcore" = singbox ];then
core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}')
else
@@ -837,6 +888,8 @@ getcore(){
mv -f $TMPDIR/core.new $bindir/CrashCore
chmod +x $bindir/CrashCore
setconfig crashcore $crashcore
setconfig core_v $core_v
switch_core
fi
fi
}
@@ -876,7 +929,7 @@ setcustcore(){
4)
read -p "请输入自定义内核的链接地址(必须是二进制文件) > " link
[ -n "$link" ] && custcorelink="$link"
crashcore=meta
crashcore=unknow
getcore
;;
*)
@@ -887,11 +940,13 @@ setcustcore(){
}
setcore(){
#获取核心及版本信息
[ -z "$crashcore" ] && crashcore="unknow"
[ ! -f $CRASHDIR/CrashCore ] && crashcore="未安装核心"
[ "$crashcore" = singbox ] && core_old=singbox || core_old=clash
###
echo -----------------------------------------------
[ -z "$cpucore" ] && getcpucore
echo -e "当前clash核心\033[42;30m $crashcore \033[47;30m$clashv\033[0m"
echo -e "当前内核\033[42;30m $crashcore \033[47;30m$core_v\033[0m"
echo -e "当前系统处理器架构:\033[32m $cpucore \033[0m"
echo -e "\033[33m请选择需要使用的核心版本\033[0m"
echo -----------------------------------------------
@@ -943,9 +998,11 @@ setcore(){
}
getgeo(){
#生成链接
[ -z "$custcorelink" ] && geolink="$update_url/bin/geodata/$geotype" || geolink="$custcorelink"
echo -----------------------------------------------
echo 正在从服务器获取数据库文件…………
$CRASHDIR/start.sh webget $TMPDIR/$geoname $update_url/bin/geodata/$geotype
$CRASHDIR/start.sh webget $TMPDIR/$geoname $geolink
if [ "$?" = "1" ];then
echo -----------------------------------------------
echo -e "\033[31m文件下载失败\033[0m"
@@ -964,19 +1021,110 @@ getgeo(){
fi
sleep 1
}
setcustgeo(){
checkcustgeo(){
echo -e "\033[32m正在查找可更新的数据库文件\033[0m"
$CRASHDIR/start.sh webget $TMPDIR/github_api https://api.github.com/repos/$project/releases/latest
cat $TMPDIR/github_api | grep "browser_download_url" | grep -oiE 'geosite.*\.dat"$|country.*\.mmdb"$|geosite.*\.db"$|geoip.*\.db"$' | sed 's/"//' > $TMPDIR/github_api
if [ -s $TMPDIR/github_api ];then
echo -----------------------------------------------
cat $TMPDIR/github_api | awk '{print " "NR" "$3,$2,$4}'
echo -e "0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
[1-99])
if [ "$num" -le "$(wc -l $TMPDIR/github_api)" ];then
geotype=$(sed -n "$num"p $TMPDIR/github_api)
[ -n "$(echo $geo_api | grep -oiE 'GeoSite.*dat')" ] && geoname=GeoSite.dat
[ -n "$(echo $geo_api | grep -oiE 'Country.*mmdb')" ] && geoname=Country.mmdb
[ -n "$(echo $geo_api | grep -oiE 'geosite.*db')" ] && geoname=geosite.db
[ -n "$(echo $geo_api | grep -oiE 'geoip.*db')" ] && geoname=geoip.db
custgeolink=https://raw.githubusercontent.com/$project/release/$geotype
getgeo
else
errornum
fi
;;
*)
errornum
;;
esac
rm -rf $TMPDIR/github_api
else
echo -e "\033[31m查找失败请检查网络连接\033[0m"
sleep 1
fi
}
echo -----------------------------------------------
echo -e "\033[36m自定义数据库需要调用第三方地址请尽量在服务启动后更新\033[0m"
echo -e "\033[36m自定义数据库不兼容小闪存模式也不支持自动更新\033[0m"
echo -e "\033[33m继续后如出现任何问题请务必自行解决一切提问恕不受理\033[0m"
echo -----------------------------------------------
sleep 1
read -p "我确认遇到问题可以自行解决[1/0] > " res
[ "$res" = '1' ] && {
echo -e "\033[33m此处数据库均源自互联网采集此处致谢各位作者\033[0m"
echo -e "\033[33m请点击或复制链接前往项目页面查看具体说明\033[0m"
echo -e "\033[33m请选择需要更新的数据库项目来源\033[0m"
echo -----------------------------------------------
echo -e "1 \033[36;4mhttps://github.com/MetaCubeX/meta-rules-dat\033[0m (Clash及SingBox)"
echo -e "2 \033[36;4mhttps://github.com/DustinWin/clash-geosite\033[0m (Clash及SingBox)"
echo -e "3 \033[36;4mhttps://github.com/lyc8503/sing-box-rules\033[0m (仅限SingBox)"
echo -e "4 \033[36;4mhttps://github.com/Loyalsoldier/geoip\033[0m (仅限Clash-GeoIP)"
echo -----------------------------------------------
echo -e "9 \033[33m 自定义数据库链接 \033[0m"
echo -e "0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
1)
project=MetaCubeX/meta-rules-dat
checkcustgeo
;;
2)
project=DustinWin/clash-geosite
checkcustgeo
;;
3)
project=lyc8503/sing-box-rules
checkcustgeo
;;
4)
project=Loyalsoldier/geoip
checkcustgeo
;;
9)
read -p "请输入自定义数据库的链接地址 > " link
[ -n "$link" ] && custgeolink="$link"
getgeo
;;
*)
errornum
;;
esac
}
}
setgeo(){
source $CFG_PATH > /dev/null
[ -n "$cn_mini.mmdb_v" ] && geo_type_des=精简版 || geo_type_des=全球版
echo -----------------------------------------------
echo -e "\033[36m请选择需要更新的GeoIP/CN_IP数据库:\033[0m"
echo -e "\033[36m请选择需要更新的Geo/CN数据库文件\033[0m"
echo -e "\033[36m全球版GeoIP和精简版CN-IP数据库不共存\033[0m"
echo -e "\033[36mClash内核和SingBox内核的数据库文件不通用\033[0m"
echo -e "在线数据库最新版本:\033[32m$GeoIP_v\033[0m"
echo -----------------------------------------------
echo -e " 1 全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m"
echo -e " 2 精简版CN-IP数据库(约0.2mb) \033[33m$cn_mini_v\033[0m"
echo -e " 3 CN-IP绕过文件(约0.2mb) \033[33m$china_ip_list_v\033[0m"
echo -e " 4 CN-IPV6绕过文件(约50kb) \033[33m$china_ipv6_list_v\033[0m"
echo -e " 5 GeoSite数据库(约4.5mb) \033[33m$geosite_v\033[0m"
echo -e " 1 CN-IP绕过文件(约0.1mb) \033[33m$china_ip_list_v\033[0m"
echo -e " 2 CN-IPV6绕过文件(约30kb) \033[33m$china_ipv6_list_v\033[0m"
echo -e " 3 Clash全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m"
echo -e " 4 Clash精简版GeoIP_cn数据库(约0.1mb) \033[33m$cn_mini_v\033[0m"
echo -e " 5 Meta完整版GeoSite数据库(约5mb) \033[33m$geosite_v\033[0m"
echo -e " 6 SingBox精简版GeoIP_cn数据库(约0.3mb) \033[33m$Country_v\033[0m"
echo -e " 7 SingBox精简版GeoSite数据库(约0.8mb) \033[33m$cn_mini_v\033[0m"
echo -e " 9 \033[32m自定义数据库\033[0m \033[33m仅限专业用户使用\033[0m"
echo " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
@@ -984,18 +1132,6 @@ setgeo(){
0)
;;
1)
geotype=Country.mmdb
geoname=Country.mmdb
getgeo
setgeo
;;
2)
geotype=cn_mini.mmdb
geoname=Country.mmdb
getgeo
setgeo
;;
3)
if [ "$cn_ip_route" = "已开启" ]; then
geotype=china_ip_list.txt
geoname=cn_ip.txt
@@ -1007,7 +1143,7 @@ setgeo(){
fi
setgeo
;;
4)
2)
if [ "$cn_ipv6_route" = "已开启" -a "$ipv6_redir" = "已开启" ]; then
geotype=china_ipv6_list.txt
geoname=cn_ipv6.txt
@@ -1019,6 +1155,30 @@ setgeo(){
fi
setgeo
;;
3)
if [ "$crashcore" != "singbox" ]; then
geotype=Country.mmdb
geoname=Country.mmdb
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用clash内核无需使用此数据库\033[0m"
sleep 1
fi
setgeo
;;
4)
if [ "$crashcore" != "singbox" ]; then
geotype=cn_mini.mmdb
geoname=Country.mmdb
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用clash内核无需使用此数据库\033[0m"
sleep 1
fi
setgeo
;;
5)
if [ "$crashcore" = "meta" ]; then
geotype=geosite.dat
@@ -1026,11 +1186,38 @@ setgeo(){
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用meta内核无需更新GeoSite数据库!!\033[0m"
echo -e "\033[31m当前未使用meta内核无需使用此数据库!!\033[0m"
sleep 1
fi
setgeo
;;
6)
if [ "$crashcore" = "singbox" ]; then
geotype=geoip_cn.db
geoname=geoip.db
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用singbox内核无需使用此数据库\033[0m"
sleep 1
fi
setgeo
;;
7)
if [ "$crashcore" = "singbox" ]; then
geotype=geosite_cn.db
geoname=geosite.db
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用singbox内核无需使用此数据库\033[0m"
sleep 1
fi
setgeo
;;
9)
setcustgeo
;;
*)
errornum
;;
@@ -1313,8 +1500,7 @@ update(){
echo -----------------------------------------------
echo -ne "\033[32m正在检查更新\033[0m\r"
checkupdate
core_v=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
[ -z "$core_v" ] && core_v=$clashv
[ -z "$core_v" ] && core_v=unknow
core_v_new=$(eval echo \$${crashcore}_v)
echo -e "\033[30;47m欢迎使用更新功能\033[0m"
echo -----------------------------------------------
@@ -1431,7 +1617,7 @@ userguide(){
}
#设置开机启动
[ -f /etc/rc.common ] && /etc/init.d/clash enable
ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl enable shellcrash.service > /dev/null 2>&1
rm -rf $CRASHDIR/.dis_startup
autostart=enable
#检测IP转发
@@ -1598,7 +1784,7 @@ testcommand(){
elif [ "$num" = 4 ]; then
if [ -n "$(echo $redir_mod | grep 'Nft')" -o "$local_type" = "nftables增强模式" ];then
nft list table inet shellclash
nft list table inet shellcrash
else
echo -------------------Redir---------------------
iptables -t nat -L PREROUTING --line-numbers

28
scripts/init.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh
# Copyright (C) Juewuy
version=1.8.3d
version=1.8.3e
setdir(){
dir_avail(){
@@ -157,17 +157,17 @@ mkdir -p $CRASHDIR/configs
#本地安装跳过新手引导
#[ -z "$url" ] && setconfig userguide 1
#判断系统类型写入不同的启动文件
if [ -f /etc/rc.common ];then
if [ -f /etc/rc.common ] && [ -n "$(pidof procd)" ];then
#设为init.d方式启动
cp -f $CRASHDIR/clashservice /etc/init.d/clash
chmod 755 /etc/init.d/clash
cp -f $CRASHDIR/crash.rc /etc/init.d/shellcrash
chmod 755 /etc/init.d/shellcrash
else
[ -w /etc/systemd/system ] && sysdir=/etc/systemd/system
[ -w /usr/lib/systemd/system ] && sysdir=/usr/lib/systemd/system
if [ -n "$sysdir" -a -z "$WSL_DISTRO_NAME" ];then #wsl环境不使用systemd
#设为systemd方式启动
mv -f $CRASHDIR/clash.service $sysdir/clash.service 2>/dev/null
sed -i "s%/etc/clash%$CRASHDIR%g" $sysdir/clash.service
mv -f $CRASHDIR/shellcrash.service $sysdir/shellcrash.service 2>/dev/null
sed -i "s%/etc/ShellCrash%$CRASHDIR%g" $sysdir/shellcrash.service
systemctl daemon-reload
else
#设为保守模式启动
@@ -188,13 +188,13 @@ setconfig versionsh_l $version
[ -w /etc/profile ] && profile=/etc/profile
if [ -n "$profile" ];then
sed -i '/alias crash=*/'d $profile
echo "alias crash=\"$shtype $CRASHDIR/clash.sh\"" >> $profile #设置快捷命令环境变量
echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >> $profile #设置快捷命令环境变量
sed -i '/export CRASHDIR=*/'d $profile
echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile #设置clash路径环境变量
echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile #设置路径环境变量
source $profile &>/dev/null || echo 运行错误请使用bash而不是dash运行安装命令
#适配zsh环境变量
[ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && [ -z "$(cat ~/.zshrc 2>/dev/null|grep CRASHDIR)" ] && {
echo "alias crash=\"$shtype $CRASHDIR/clash.sh\"" >> ~/.zshrc
echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >> ~/.zshrc
echo "export CRASHDIR=\"$CRASHDIR\"" >> ~/.zshrc
source ~/.zshrc &>/dev/null
}
@@ -231,7 +231,7 @@ fi
nvram commit
}
#删除临时文件
rm -rf /tmp/*lash*gz
rm -rf /tmp/*rash*gz
rm -rf /tmp/SC_tmp
#转换&清理旧版本文件
mkdir -p $CRASHDIR/yamls
@@ -256,10 +256,14 @@ for file in cron task.sh task.list;do
mv -f $CRASHDIR/$file $CRASHDIR/task/$file 2>/dev/null
done
chmod 755 $CRASHDIR/task/task.sh
for file in log clash.service mark? mark.bak;do
#旧版文件清理
rm -rf $sysdir/shellcrash.service
for file in log shellcrash.service mark? mark.bak;do
rm -rf $CRASHDIR/$file
done
#旧版变量改名
sed -i "s/clashcore/crashcore/g" $configpath
sed -i "s/ShellClash/ShellCrash/g" $configpath
#旧版任务清理
$CRASHDIR/start.sh cronset "clash服务" 2>/dev/null
$CRASHDIR/start.sh cronset "订阅链接" 2>/dev/null

43
scripts/clash.sh → scripts/menu.sh
View File

@@ -55,7 +55,7 @@ ckstatus(){
if [ -f /etc/rc.common ];then
[ -n "$(find /etc/rc.d -name '*clash')" ] && autostart=enable || autostart=disable
elif [ -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
[ -n "$(systemctl is-enabled clash.service 2>&1 | grep enable)" ] && autostart=enable || autostart=disable
[ -n "$(systemctl is-enabled shellcrash.service 2>&1 | grep enable)" ] && autostart=enable || autostart=disable
else
[ -f $CRASHDIR/.dis_startup ] && autostart=disable || autostart=enable
fi
@@ -68,7 +68,7 @@ ckstatus(){
auto1="\033[36m允许\033[0mShellCrash开机启动"
fi
#获取运行状态
PID=$(pidof clash | awk '{print $NF}')
PID=$(pidof CrashCore | awk '{print $NF}')
if [ -n "$PID" ];then
run="\033[32m正在运行$redir_mod\033[0m"
VmRSS=`cat /proc/$PID/status|grep -w VmRSS|awk '{print $2,$3}'`
@@ -111,17 +111,12 @@ ckstatus(){
echo -e "发现可用的内核文件: \033[36m$file\033[0m "
read -p "是否加载?(1/0) > " res
[ "$res" = 1 ] && {
echo -e " 1 Clash内核"
echo -e " 2 Clashpre内核"
echo -e " 3 Clash.Meta内核"
read -p "请手动确定该内核类型 > " num
case "$num" in
2) crashcore=clashpre ;;
3) crashcore=meta ;;
*) crashcore=clash ;;
esac
mv -f $file $bindir/clash && echo -e "\033[32m内核加载完成\033[0m " && sleep 1
setconfig crashcore $crashcore
source $CRASHDIR/getdate.sh && setcoretype && \
mv -f $file $CRASHDIR/CrashCore && \
echo -e "\033[32m内核加载完成\033[0m " && \
setconfig crashcore $crashcore && \
switch_core
sleep 1
}
else
echo -e "\033[33m检测到不可用的内核文件可能是文件受损或CPU架构不匹配\033[0m"
@@ -180,7 +175,7 @@ clashstart(){
if [ -s $CRASHDIR/yamls/config.yaml -o -n "$Url" -o -n "$Https" ];then
$CRASHDIR/start.sh start
sleep 1
[ -n "$(pidof clash)" ] && startover
[ -n "$(pidof CrashCore)" ] && startover
else
echo -e "\033[31m没有找到配置文件请先导入配置文件\033[0m"
source $CRASHDIR/getdate.sh && clashlink
@@ -903,7 +898,7 @@ macfilter(){
fi
}
localproxy(){
[ -w /etc/systemd/system/clash.service -o -w /usr/lib/systemd/system/clash.service -o -x /bin/su ] && local_enh=1
[ -w /etc/systemd/system/shellcrash.service -o -w /usr/lib/systemd/system/shellcrash.service -o -x /bin/su ] && local_enh=1
[ -f /etc/rc.common -a -w /etc/passwd ] && local_enh=1
echo -----------------------------------------------
[ -n "$local_enh" ] && {
@@ -964,13 +959,13 @@ setboot(){
1)
if [ "$autostart" = "enable" ]; then
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
ckcmd systemctl && systemctl disable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl disable shellcrash.service > /dev/null 2>&1
touch $CRASHDIR/.dis_startup
autostart=disable
echo -e "\033[33m已禁止Clash开机启动\033[0m"
elif [ "$autostart" = "disable" ]; then
[ -f /etc/rc.common ] && /etc/init.d/clash enable
ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1
ckcmd systemctl && systemctl enable shellcrash.service > /dev/null 2>&1
rm -rf $CRASHDIR/.dis_startup
autostart=enable
echo -e "\033[32m已设置Clash开机启动\033[0m"
@@ -984,7 +979,7 @@ setboot(){
setconfig start_old $start_old
$CRASHDIR/start.sh stop
else
if [ -f /etc/init.d/clash -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
if [ -n "$(pidof procd)" -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
echo -e "\033[32m改为使用系统守护进程启动服务\033[0m"
$CRASHDIR/start.sh cronset "ShellCrash初始化"
start_old=未开启
@@ -1338,7 +1333,7 @@ clashcfg(){
setconfig common_ports $common_ports
}
echo -----------------------------------------------
if [ -n "$(pidof clash)" ];then
if [ -n "$(pidof CrashCore)" ];then
read -p "切换时将停止服务,是否继续?(1/0) > " res
[ "$res" = 1 ] && $CRASHDIR/start.sh stop && set_common_ports
else
@@ -1362,7 +1357,7 @@ clashcfg(){
local_proxy=未开启
setconfig local_proxy $local_proxy
setconfig local_type
sed -i '/user shellclash/d' /etc/init.d/clash 2>/dev/null
sed -i '/user shellcrash/d' /etc/init.d/clash 2>/dev/null
echo -e "\033[33m已经停用本机代理规则,请尽快重启服务!!\033[0m"
fi
sleep 1
@@ -1834,7 +1829,7 @@ case "$1" in
;;
-t)
shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
$shtype -x $CRASHDIR/clash.sh
$shtype -x $CRASHDIR/menu.sh
;;
-s)
$CRASHDIR/start.sh $2 $3 $4 $5 $6
@@ -1876,12 +1871,12 @@ case "$1" in
sed -i '/ShellCrash初始化/'d /jffs/.asusrouter 2>/dev/null
rm -rf $bindir
rm -rf /etc/init.d/clash
rm -rf /etc/systemd/system/clash.service
rm -rf /usr/lib/systemd/system/clash.service
rm -rf /etc/systemd/system/shellcrash.service
rm -rf /usr/lib/systemd/system/shellcrash.service
rm -rf /www/clash
rm -rf /tmp/clash_$USER
sed -Ei s/0:7890/7890:7890/g /etc/passwd
userdel -r shellclash 2>/dev/null
userdel -r shellcrash 2>/dev/null
nvram set script_usbmount="" 2>/dev/null
nvram commit 2>/dev/null
uci delete firewall.ShellClash 2>/dev/null

12
scripts/misnap_init.sh
View File

@@ -52,13 +52,13 @@ init(){
#初始化环境变量
sed -i "/alias crash/d" $profile
sed -i "/export CRASHDIR/d" $profile
echo "alias crash=\"$CRASHDIR/clash.sh\"" >>$profile
echo "alias crash=\"$CRASHDIR/menu.sh\"" >>$profile
echo "export CRASHDIR=\"$CRASHDIR\"" >>$profile
#软固化功能
autoSSH
#设置init.d服务
cp -f $CRASHDIR/clashservice /etc/init.d/clash
chmod 755 /etc/init.d/clash
cp -f $CRASHDIR/shellcrash.rc /etc/init.d/shellcrash
chmod 755 /etc/init.d/shellcrash
#启动服务
if [ ! -f $CRASHDIR/.dis_startup ]; then
#AX6S/AX6000修复tun功能
@@ -66,8 +66,8 @@ init(){
#小米7000/小米万兆修复tproxy
[ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix
#启动服务
/etc/init.d/clash start
/etc/init.d/clash enable
/etc/init.d/shellcrash start
/etc/init.d/shellcrash enable
fi
}
@@ -76,7 +76,7 @@ case "$1" in
tproxyfix) tproxyfix ;;
init) init ;;
*)
if [ -z $(pidof clash) ];then
if [ -z $(pidof CrashCore) ];then
init &
fi
;;

30
scripts/shellcrash.rc Normal file
View File

@@ -0,0 +1,30 @@
#!/bin/sh /etc/rc.common
START=99
SERVICE_DAEMONIZE=1
SERVICE_WRITE_PID=1
USE_PROCD=1
#获取目录
CRASHDIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}')
[ -z "$CRASHDIR" ] && CRASHDIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}')
BINDIR=$(cat $DIR/configs/ShellCrash.cfg | grep bindir | awk -F "=" '{print $2}')
[ -z "$BINDIR" ] && BINDIR=$DIR
source $DIR/configs/service.env
start_service() {
#检测必须文件
$CRASHDIR/start.sh bfstart
if [ "$?" = "0" ];then
#使用procd创建clash后台进程
procd_open_instance
procd_set_param respawn
procd_set_param stderr 0
procd_set_param stdout 0
procd_set_param command $COMMAND
procd_close_instance
#其他设置
$CRASHDIR/start.sh afstart
fi
}

20
scripts/shellcrash.service Normal file
View File

@@ -0,0 +1,20 @@
[Unit]
Description=ShellCrash Core
After=network.target
[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
EnvironmentFile=/etc/ShellCrash/configs/systemd.env
ExecStartPre=$CRASHDIR/start.sh bfstart
ExecStart=$ExecStart
ExecStartPost=$CRASHDIR/start.sh afstart
Restart=on-failure
RestartSec=5s
LimitNOFILE=infinity
[Install]
WantedBy=multi-user.target

674
scripts/start.sh
View File

@@ -33,8 +33,12 @@ getconfig(){
[ -z "$common_ports" ] && common_ports=已开启
[ -z "$multiport" ] && multiport='22,53,80,123,143,194,443,465,587,853,993,995,5222,8080,8443'
[ "$common_ports" = "已开启" ] && ports="-m multiport --dports $multiport"
#yaml
[ -z "$yaml" ] && yaml=$CRASHDIR/yamls/config.yaml
#内核配置文件
[ -z "$core_config" ] && if [ "$crashcore" = singbox ];then
core_config=$CRASHDIR/jsons/config.json
else
core_config=$CRASHDIR/yamls/config.yaml
fi
}
setconfig(){
#参数1代表变量名参数2代表变量值,参数3即文件路径
@@ -62,7 +66,7 @@ logger(){
[ -z "$3" ] && {
getconfig
[ -n "$device_name" ] && log_text="$log_text($device_name)"
[ -n "$(pidof clash)" ] && {
[ -n "$(pidof CrashCore)" ] && {
[ -n "$authentication" ] && auth="$authentication@"
export https_proxy="http://${auth}127.0.0.1:$mix_port"
}
@@ -160,7 +164,68 @@ getlanip(){
reserve_ipv6="::/128 ::1/128 ::ffff:0:0/96 64:ff9b::/96 100::/64 2001::/32 2001:20::/28 2001:db8::/32 2002::/16 fc00::/7 fe80::/10 ff00::/8"
}
#配置文件相关
getyaml(){
check_clash_config(){
#检测节点或providers
if [ -z "$(cat $core_config_new | grep -E 'server|proxy-providers' | grep -v 'nameserver' | head -n 1)" ];then
echo -----------------------------------------------
logger "获取到了配置文件,但似乎并不包含正确的节点信息!" 31
echo -----------------------------------------------
sed -n '1,30p' $core_config_new
echo -----------------------------------------------
echo -e "\033[33m请检查如上配置文件信息:\033[0m"
echo -----------------------------------------------
exit 1
fi
#检测旧格式
if cat $core_config_new | grep 'Proxy Group:' >/dev/null;then
echo -----------------------------------------------
logger "已经停止对旧格式配置文件的支持!!!" 31
echo -e "请使用新格式或者使用【在线生成配置文件】功能!"
echo -----------------------------------------------
exit 1
fi
#检测不支持的加密协议
if cat $core_config_new | grep 'cipher: chacha20,' >/dev/null;then
echo -----------------------------------------------
logger "已停止支持chacha20加密请更换更安全的节点加密协议" 31
echo -----------------------------------------------
exit 1
fi
#检测并去除无效节点组
[ -n "$url_type" ] && ckcmd xargs && {
cat $core_config_new | sed '/^rules:/,$d' | grep -A 15 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/- //g' | grep -E '#DIRECT $|#DIRECT$' | awk -F '#' '{print $1}' > $TMPDIR/clash_proxies_$USER
while read line ;do
sed -i "/- $line/d" $core_config_new
sed -i "/- name: $line/,/- DIRECT/d" $core_config_new
done < $TMPDIR/clash_proxies_$USER
rm -rf $TMPDIR/clash_proxies_$USER
}
#使用核心内置test功能检测
if [ -x $bindir/clash ];then
$bindir/clash -t -d $bindir -f $core_config_new >/dev/null
if [ "$?" != "0" ];then
logger "配置文件加载失败!请查看报错信息!" 31
$bindir/clash -t -d $bindir -f $core_config_new
echo "$($bindir/clash -t -d $bindir -f $core_config_new)" >> $TMPDIR/ShellCrash.log
exit 1
fi
fi
}
check_singbox_config(){
#使用核心内置format功能检测并格式化
if [ -x $bindir/singbox ];then
$bindir/singbox format -c $core_config_new > $TMPDIR/format.json
if [ "$?" != "0" ];then
logger "配置文件加载失败!请查看报错信息!" 31
$bindir/singbox check -c $core_config_new
echo "$($bindir/singbox check -c $core_config_new)" >> $TMPDIR/ShellCrash.log
exit 1
else
mv -f $TMPDIR/format.json $core_config_new
fi
fi
}
get_core_config(){
[ -z "$rule_link" ] && rule_link=1
[ -z "$server_link" ] && server_link=1
Server=$(grep -aE '^3|^4' $CRASHDIR/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}')
@@ -169,18 +234,25 @@ getyaml(){
Config=$(grep -aE '^5' $CRASHDIR/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}')
#如果传来的是Url链接则合成Https链接否则直接使用Https链接
if [ -z "$Https" ];then
Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
if [ "$crashcore" = singbox ];then
target=singbox
format=json
else
target=clash
format=yaml
fi
Https="$Server/sub?target=$target&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
url_type=true
fi
#输出
echo -----------------------------------------------
logger 正在连接服务器获取配置文件…………
logger 正在连接服务器获取$target配置文件…………
echo -e "链接地址为:\033[4;32m$Https\033[0m"
echo 可以手动复制该链接到浏览器打开并查看数据是否正常!
#获取在线yaml文件
yamlnew=$TMPDIR/clash_config_$USER.yaml
rm -rf $yamlnew
$0 webget $yamlnew $Https
#获取在线config文件
core_config_new=$TMPDIR/$target_config.$format
rm -rf $core_config_new
$0 webget $core_config_new $Https
if [ "$?" = "1" ];then
if [ -z "$url_type" ];then
echo -----------------------------------------------
@@ -199,7 +271,7 @@ getyaml(){
echo -e "\033[32m如担心数据安全请在3s内使用【Ctrl+c】退出\033[0m"
sleep 3
Https=""
getyaml
get_core_config
else
retry=$((retry+1))
logger "配置文件获取失败!" 31
@@ -211,62 +283,18 @@ getyaml(){
server_link=$((server_link+1))
setconfig server_link $server_link
Https=""
getyaml
get_core_config
fi
fi
else
Https=""
#检测节点或providers
if [ -z "$(cat $yamlnew | grep -E 'server|proxy-providers' | grep -v 'nameserver' | head -n 1)" ];then
echo -----------------------------------------------
logger "获取到了配置文件,但似乎并不包含正确的节点信息!" 31
echo -----------------------------------------------
sed -n '1,30p' $yamlnew
echo -----------------------------------------------
echo -e "\033[33m请检查如上配置文件信息:\033[0m"
echo -----------------------------------------------
exit 1
fi
#检测旧格式
if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
echo -----------------------------------------------
logger "已经停止对旧格式配置文件的支持!!!" 31
echo -e "请使用新格式或者使用【在线生成配置文件】功能!"
echo -----------------------------------------------
exit 1
fi
#检测不支持的加密协议
if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
echo -----------------------------------------------
logger "已停止支持chacha20加密请更换更安全的节点加密协议" 31
echo -----------------------------------------------
exit 1
fi
#检测并去除无效节点组
[ -n "$url_type" ] && ckcmd xargs && {
cat $yamlnew | sed '/^rules:/,$d' | grep -A 15 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/- //g' | grep -E '#DIRECT $|#DIRECT$' | awk -F '#' '{print $1}' > $TMPDIR/clash_proxies_$USER
while read line ;do
sed -i "/- $line/d" $yamlnew
sed -i "/- name: $line/,/- DIRECT/d" $yamlnew
done < $TMPDIR/clash_proxies_$USER
rm -rf $TMPDIR/clash_proxies_$USER
}
#使用核心内置test功能检测
if [ -x $bindir/clash ];then
$bindir/clash -t -d $bindir -f $yamlnew >/dev/null
if [ "$?" != "0" ];then
logger "配置文件加载失败!请查看报错信息!" 31
$bindir/clash -t -d $bindir -f $yamlnew
echo "$($bindir/clash -t -d $bindir -f $yamlnew)" >> $TMPDIR/ShellCrash.log
exit 1
fi
fi
[ "$crashcore" = singbox ] && check_singbox_config || check_clash_config
#如果不同则备份并替换文件
if [ -f $yaml ];then
compare $yamlnew $yaml
[ "$?" = 0 ] || mv -f $yaml $yaml.bak && mv -f $yamlnew $yaml
if [ -s $core_config ];then
compare $core_config_new $core_config
[ "$?" = 0 ] || mv -f $core_config $core_config.bak && mv -f $core_config_new $core_config
else
mv -f $yamlnew $yaml
mv -f $core_config_new $core_config
fi
echo -e "\033[32m已成功获取配置文件\033[0m"
fi
@@ -280,19 +308,19 @@ modify_yaml(){
[ "$ipv6_dns" = "已开启" ] && dns_v6='true' || dns_v6='false'
external="external-controller: 0.0.0.0:$db_port"
if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ];then
[ "$clashcore" = 'meta' ] && tun_meta=', device: utun, auto-route: false'
[ "$crashcore" = 'meta' ] && tun_meta=', device: utun, auto-route: false'
tun="tun: {enable: true, stack: system$tun_meta}"
else
tun='tun: {enable: false}'
fi
exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
#Meta内核专属配置
[ "$clashcore" = 'meta' ] && {
[ "$crashcore" = 'meta' ] && {
[ "$redir_mod" != "纯净模式" ] && find_process='find-process-mode: "off"'
}
#dns配置
[ -z "$(cat $CRASHDIR/yamls/user.yaml 2>/dev/null | grep '^dns:')" ] && {
[ "$clashcore" = 'meta' ] && dns_default_meta='- https://223.5.5.5/dns-query'
[ "$crashcore" = 'meta' ] && dns_default_meta='- https://223.5.5.5/dns-query'
cat > $TMPDIR/dns.yaml <<EOF
dns:
enable: true
@@ -324,8 +352,8 @@ EOF
}
}
#域名嗅探配置
[ "$sniffer" = "已启用" ] && [ "$clashcore" = "meta" ] && sniffer_set="sniffer: {enable: true, skip-domain: [Mijia Cloud], sniff: {tls: {ports: [443, 8443]}, http: {ports: [80, 8080-8880]}}}"
[ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}"
[ "$sniffer" = "已启用" ] && [ "$crashcore" = "meta" ] && sniffer_set="sniffer: {enable: true, skip-domain: [Mijia Cloud], sniff: {tls: {ports: [443, 8443]}, http: {ports: [80, 8080-8880]}}}"
[ "$crashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}"
#生成set.yaml
cat > $TMPDIR/set.yaml <<EOF
mixed-port: $mix_port
@@ -342,7 +370,6 @@ secret: $secret
$tun
$exper
$sniffer_set
store-selected: $restore
$find_process
EOF
#读取本机hosts并生成配置文件
@@ -367,8 +394,8 @@ EOF
fi
#分割配置文件
yaml_char='proxies proxy-groups proxy-providers rules rule-providers'
for char in $yaml_char;do
sed -n "/^$char:/,/^[a-z]/ { /^[a-z]/d; p; }" $yaml > $TMPDIR/${char}.yaml
for char in $core_config_char;do
sed -n "/^$char:/,/^[a-z]/ { /^[a-z]/d; p; }" $core_config > $TMPDIR/${char}.yaml
done
#跳过本地tls证书验证
[ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $TMPDIR/proxies.yaml || \
@@ -447,21 +474,21 @@ EOF
#set和user去重,且优先使用user.yaml
cp -f $TMPDIR/set.yaml $TMPDIR/set_bak.yaml
for char in mode allow-lan log-level tun experimental interface-name dns store-selected;do
[ -n "$(grep -E "^$char" $yaml_user)" ] && sed -i "/^$char/d" $TMPDIR/set.yaml
[ -n "$(grep -E "^$char" $core_config_user)" ] && sed -i "/^$char/d" $TMPDIR/set.yaml
done
}
[ -s $TMPDIR/dns.yaml ] && yaml_dns=$TMPDIR/dns.yaml
[ -s $TMPDIR/hosts.yaml ] && yaml_hosts=$TMPDIR/hosts.yaml
[ -s $CRASHDIR/yamls/others.yaml ] && yaml_others=$CRASHDIR/yamls/others.yaml
yaml_add=
for char in $yaml_char;do #将额外配置文件合并
for char in $core_config_char;do #将额外配置文件合并
[ -s $TMPDIR/${char}.yaml ] && {
sed -i "1i\\${char}:" $TMPDIR/${char}.yaml
yaml_add="$yaml_add $TMPDIR/${char}.yaml"
yaml_add="$core_config_add $TMPDIR/${char}.yaml"
}
done
#合并完整配置文件
cut -c 1- $TMPDIR/set.yaml $yaml_dns $yaml_hosts $yaml_user $yaml_others $yaml_add > $TMPDIR/config.yaml
cut -c 1- $TMPDIR/set.yaml $core_config_dns $core_config_hosts $core_config_user $core_config_others $core_config_add > $TMPDIR/config.yaml
#测试自定义配置文件
$bindir/clash -t -d $bindir -f $TMPDIR/config.yaml >/dev/null
if [ "$?" != 0 ];then
@@ -472,16 +499,187 @@ EOF
sed -i "/#自定义策略组开始/,/#自定义策略组结束/d" $TMPDIR/proxy-groups.yaml
mv -f $TMPDIR/set_bak.yaml $TMPDIR/set.yaml &>/dev/null
#合并基础配置文件
cut -c 1- $TMPDIR/set.yaml $yaml_dns $yaml_add > $TMPDIR/config.yaml
cut -c 1- $TMPDIR/set.yaml $core_config_dns $core_config_add > $TMPDIR/config.yaml
sed -i "/#自定义/d" $TMPDIR/config.yaml
fi
#建立软连接
[ "$TMPDIR" = "$bindir" ] || ln -sf $TMPDIR/config.yaml $bindir/config.yaml
#清理缓存
for char in $yaml_char set set_bak dns hosts;do
for char in $core_config_char set set_bak dns hosts;do
rm -f $TMPDIR/${char}.yaml
done
}
modify_json(){
#生成log.json
cat > $TMPDIR/log.json <<EOF
{
"log": {
"disabled": false,
"level": "info",
"timestamp": true
},
EOF
#生成dns.json
[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
[ "$ipv6_dns" = "已开启" ] && strategy='prefer_ipv4' || strategy='ipv4_only'
[ "$dns_mod" = "fake-ip" ] && proxy_dns=dns_fakeip || proxy_dns=dns_proxy
if [ "$hosts_opt" != "未启用" ];then #本机hosts
reverse_mapping=true
sys_hosts=/etc/hosts
[ -s /data/etc/custom_hosts ] && sys_hosts=/data/etc/custom_hosts
#NTP劫持
[ -s $sys_hosts ] && {
sed -i '/203.107.6.88/d' $sys_hosts
cat >> $sys_hosts <<EOF
203.107.6.88 time.android.com
203.107.6.88 time.facebook.com
EOF
}
else
reverse_mapping=false
fi
[ -z "$(cat $CRASHDIR/jsons/user.json 2>/dev/null | grep '^dns:')" ] && {
cat > $TMPDIR/dns.json <<EOF
"dns": {
"servers": [{
"tag": "dns_proxy",
"address": "$dns_fallback",
"strategy": "$strategy",
"address_resolver": "dns_resolver"
}, {
"tag": "dns_direct",
"address": "$dns_nameserver",
"strategy": "$strategy",
"address_resolver": "dns_resolver",
"detour": "DIRECT"
}, {
"tag": "dns_fakeip",
"address": "fakeip"
}, {
"tag": "dns_resolver",
"address": "https://223.5.5.5/dns-query, 223.5.5.5",
"detour": "DIRECT"
}, {
"tag": "block",
"address": "rcode://success"
}],
"rules": [{
"outbound": ["any"],
"server": "dns_resolver"
}, {
"geosite": ["geolocation-!cn"],
"server": "$proxy_dns"
}],
"final": "dns_direct",
"independent_cache": true,
"reverse_mapping": true,
"fakeip": { "enabled": true, "inet4_range": "198.18.0.0/15" }
},
EOF
}
#生成ntp.json
cat > $TMPDIR/ntp.json <<EOF
"ntp": {
"enabled": true,
"server": "time.apple.com",
"server_port": 123,
"interval": "30m"
},
EOF
#生成inbounds.json
username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码
password=$(echo $authentication | awk -F ':' '{print $2}')
[ "$sniffer" = "已启用" ] && sniffer=ture || sniffer=false #域名嗅探配置
if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ];then
type_in=tun
tag_in=tun-in
else
type_in=direct
tag_in=direct-in
fi
cat > $TMPDIR/inbounds.json <<EOF
"inbounds": [
{
"type": "mixed",
"tag": "mixed-in",
"listen": "0.0.0.0",
"listen_port": $mix_port,
"users": [{ "username": "$username", "password": "$password" }],
}, {
"type": "redirect",
"tag": "redirect-in",
"listen": "::",
"listen_port": $redir_port,
"sniff": $sniffer
}, {
"type": "tproxy",
"tag": "tproxy-in",
"listen": "::",
"listen_port": $tproxy_port,
"sniff": $sniffer
}, {
"type": "tun",
"tag": "tun-in",
"interface_name": "utun",
"inet4_address": "172.19.0.1/30",
"auto_route": false,
"stack": "system",
"sniff": $sniffer
}
],
EOF
#生成experimental.json
cat > $TMPDIR/experimental.json <<EOF
"experimental": {
"clash_api": {
"external_controller": "0.0.0.0:$db_port",
"external_ui": "ui",
"secret": "$secret",
"default_mode": "Rule"
}
}
}
EOF
#分割配置文件获得outbounds.json及route.json
cat $core_config | sed -n '/"outbounds":/,/"route":/{/"route":/d; p}' > $TMPDIR/outbounds.json
cat $core_config | sed -n '/"route":/,/"experimental":/{/"experimental":/d; p}' > $TMPDIR/route.json
#跳过本地tls证书验证
if [ -z "$skip_cert" -o "$skip_cert" = "已开启" ];then
sed -i 's/"insecure": false/"insecure": true/' $TMPDIR/outbounds.json
else
sed -i 's/"insecure": true/"insecure": false/' $TMPDIR/outbounds.json
fi
#合并文件
json_all=
for char in log dns ntp inbounds outbounds route experimental;do
[ -s $TMPDIR/$char.json ] && json_add=$TMPDIR/$char.json
[ -s $CRASHDIR/jsons/$char.json ] && json_add=$CRASHDIR/jsons/$char.json #如果有自定义配置文件则使用
json_all="$json_all $json_add"
done
cut -c 1- $json_all > $TMPDIR/all.json
#测试自定义配置文件
$bindir/singbox check -D $bindir -c $TMPDIR/config.json >/dev/null
if [ "$?" != 0 ];then
logger "$($bindir/singbox check -D $bindir -c $TMPDIR/config.json | grep -Eo 'error.*=.*')" 31
logger "自定义配置文件校验失败!将使用基础配置文件启动!" 33
logger "错误详情请参考 $TMPDIR/error.json 文件!" 33
mv -f $TMPDIR/config.json $TMPDIR/error.json &>/dev/null
#合并基础配置文件
for char in log dns ntp inbounds outbounds route experimental;do
[ -s $TMPDIR/$char.json ] && json_add=$TMPDIR/$char.json
json_all="$json_all $json_add"
done
cut -c 1- $json_all > $TMPDIR/config.json
fi
#清理缓存
for char in all log dns ntp inbounds outbounds route experimental;do
rm -f $TMPDIR/${char}.json
done
}
#设置路由规则
cn_ip_route(){
[ ! -f $bindir/cn_ip.txt ] && {
@@ -790,7 +988,7 @@ start_tun(){
[ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j clash
#设置ipv6转发
[ "$ipv6_redir" = "已开启" -a "$clashcore" = "meta" ] && {
[ "$ipv6_redir" = "已开启" -a "$crashcore" = "meta" ] && {
ip -6 route add default dev utun table 101
ip -6 rule add fwmark $fwmark table 101
ip6tables -t mangle -N clashv6
@@ -830,30 +1028,30 @@ start_nft(){
ip rule add fwmark $fwmark table 100
ip route add local default dev lo table 100
[ "$redir_mod" = "Nft基础" ] && \
nft add chain inet shellclash prerouting { type nat hook prerouting priority -100 \; }
nft add chain inet shellcrash prerouting { type nat hook prerouting priority -100 \; }
[ "$redir_mod" = "Nft混合" ] && {
modprobe nft_tproxy &> /dev/null
nft add chain inet shellclash prerouting { type filter hook prerouting priority 0 \; }
nft add chain inet shellcrash prerouting { type filter hook prerouting priority 0 \; }
}
[ -n "$(echo $redir_mod|grep Nft)" ] && {
#过滤局域网设备
[ -n "$(cat $CRASHDIR/configs/mac)" ] && {
MAC=$(awk '{printf "%s, ",$1}' $CRASHDIR/configs/mac)
[ "$macfilter_type" = "黑名单" ] && \
nft add rule inet shellclash prerouting ether saddr {$MAC} return || \
nft add rule inet shellclash prerouting ether saddr != {$MAC} return
nft add rule inet shellcrash prerouting ether saddr {$MAC} return || \
nft add rule inet shellcrash prerouting ether saddr != {$MAC} return
}
#过滤保留地址
nft add rule inet shellclash prerouting ip daddr {$RESERVED_IP} return
nft add rule inet shellcrash prerouting ip daddr {$RESERVED_IP} return
#仅代理本机局域网网段流量
nft add rule inet shellclash prerouting ip saddr != {$HOST_IP} return
nft add rule inet shellcrash prerouting ip saddr != {$HOST_IP} return
#绕过CN-IP
[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" -a -f $bindir/cn_ip.txt ] && {
CN_IP=$(awk '{printf "%s, ",$1}' $bindir/cn_ip.txt)
[ -n "$CN_IP" ] && nft add rule inet shellclash prerouting ip daddr {$CN_IP} return
[ -n "$CN_IP" ] && nft add rule inet shellcrash prerouting ip daddr {$CN_IP} return
}
#过滤常用端口
[ -n "$PORTS" ] && nft add rule inet shellclash prerouting tcp dport != {$PORTS} ip daddr != {198.18.0.0/16} return
[ -n "$PORTS" ] && nft add rule inet shellcrash prerouting tcp dport != {$PORTS} ip daddr != {198.18.0.0/16} return
#ipv6支持
if [ "$ipv6_redir" = "已开启" ];then
RESERVED_IP6="$(echo "$reserve_ipv6 $host_ipv6" | sed 's/ /, /g')"
@@ -861,62 +1059,62 @@ start_nft(){
ip -6 rule add fwmark $fwmark table 101 2> /dev/null
ip -6 route add local ::/0 dev lo table 101 2> /dev/null
#过滤保留地址及本机地址
nft add rule inet shellclash prerouting ip6 daddr {$RESERVED_IP6} return
nft add rule inet shellcrash prerouting ip6 daddr {$RESERVED_IP6} return
#仅代理本机局域网网段流量
nft add rule inet shellclash prerouting ip6 saddr != {$HOST_IP6} return
nft add rule inet shellcrash prerouting ip6 saddr != {$HOST_IP6} return
#绕过CN_IPV6
[ "$dns_mod" = "redir_host" -a "$cn_ipv6_route" = "已开启" -a -f $bindir/cn_ipv6.txt ] && {
CN_IP6=$(awk '{printf "%s, ",$1}' $bindir/cn_ipv6.txt)
[ -n "$CN_IP6" ] && nft add rule inet shellclash prerouting ip6 daddr {$CN_IP6} return
[ -n "$CN_IP6" ] && nft add rule inet shellcrash prerouting ip6 daddr {$CN_IP6} return
}
else
nft add rule inet shellclash prerouting meta nfproto ipv6 return
nft add rule inet shellcrash prerouting meta nfproto ipv6 return
fi
#透明路由
[ "$redir_mod" = "Nft基础" ] && nft add rule inet shellclash prerouting meta l4proto tcp mark set $fwmark redirect to $redir_port
[ "$redir_mod" = "Nft混合" ] && nft add rule inet shellclash prerouting meta l4proto {tcp, udp} mark set $fwmark tproxy to :$tproxy_port
[ "$redir_mod" = "Nft基础" ] && nft add rule inet shellcrash prerouting meta l4proto tcp mark set $fwmark redirect to $redir_port
[ "$redir_mod" = "Nft混合" ] && nft add rule inet shellcrash prerouting meta l4proto {tcp, udp} mark set $fwmark tproxy to :$tproxy_port
}
#屏蔽QUIC
[ "$quic_rj" = 已启用 ] && {
nft add chain inet shellclash input { type filter hook input priority 0 \; }
[ -n "$CN_IP" ] && nft add rule inet shellclash input ip daddr {$CN_IP} return
[ -n "$CN_IP6" ] && nft add rule inet shellclash input ip6 daddr {$CN_IP6} return
nft add rule inet shellclash input udp dport 443 reject comment 'ShellCrash-QUIC-REJECT'
nft add chain inet shellcrash input { type filter hook input priority 0 \; }
[ -n "$CN_IP" ] && nft add rule inet shellcrash input ip daddr {$CN_IP} return
[ -n "$CN_IP6" ] && nft add rule inet shellcrash input ip6 daddr {$CN_IP6} return
nft add rule inet shellcrash input udp dport 443 reject comment 'ShellCrash-QUIC-REJECT'
}
#代理本机(仅TCP)
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && {
#dns
nft add chain inet shellclash dns_out { type nat hook output priority -100 \; }
nft add rule inet shellclash dns_out meta skgid { 453, 7890 } return && \
nft add rule inet shellclash dns_out udp dport 53 redirect to $dns_port
nft add chain inet shellcrash dns_out { type nat hook output priority -100 \; }
nft add rule inet shellcrash dns_out meta skgid { 453, 7890 } return && \
nft add rule inet shellcrash dns_out udp dport 53 redirect to $dns_port
#output
nft add chain inet shellclash output { type nat hook output priority -100 \; }
nft add rule inet shellclash output meta skgid 7890 return && {
[ -n "$PORTS" ] && nft add rule inet shellclash output tcp dport != {$PORTS} return
nft add rule inet shellclash output ip daddr {$RESERVED_IP} return
nft add rule inet shellclash output meta l4proto tcp mark set $fwmark redirect to $redir_port
nft add chain inet shellcrash output { type nat hook output priority -100 \; }
nft add rule inet shellcrash output meta skgid 7890 return && {
[ -n "$PORTS" ] && nft add rule inet shellcrash output tcp dport != {$PORTS} return
nft add rule inet shellcrash output ip daddr {$RESERVED_IP} return
nft add rule inet shellcrash output meta l4proto tcp mark set $fwmark redirect to $redir_port
}
#Docker
type docker &>/dev/null && {
nft add chain inet shellclash docker { type nat hook prerouting priority -100 \; }
nft add rule inet shellclash docker ip saddr != {172.16.0.0/12} return #进代理docker网段
nft add rule inet shellclash docker ip daddr {$RESERVED_IP} return #过滤保留地址
nft add rule inet shellclash docker udp dport 53 redirect to $dns_port
nft add rule inet shellclash docker meta l4proto tcp mark set $fwmark redirect to $redir_port
nft add chain inet shellcrash docker { type nat hook prerouting priority -100 \; }
nft add rule inet shellcrash docker ip saddr != {172.16.0.0/12} return #进代理docker网段
nft add rule inet shellcrash docker ip daddr {$RESERVED_IP} return #过滤保留地址
nft add rule inet shellcrash docker udp dport 53 redirect to $dns_port
nft add rule inet shellcrash docker meta l4proto tcp mark set $fwmark redirect to $redir_port
}
}
}
start_nft_dns(){
nft add chain inet shellclash dns { type nat hook prerouting priority -100 \; }
nft add chain inet shellcrash dns { type nat hook prerouting priority -100 \; }
#过滤局域网设备
[ -n "$(cat $CRASHDIR/configs/mac)" ] && {
MAC=$(awk '{printf "%s, ",$1}' $CRASHDIR/configs/mac)
[ "$macfilter_type" = "黑名单" ] && \
nft add rule inet shellclash dns ether saddr {$MAC} return || \
nft add rule inet shellclash dns ether saddr != {$MAC} return
nft add rule inet shellcrash dns ether saddr {$MAC} return || \
nft add rule inet shellcrash dns ether saddr != {$MAC} return
}
nft add rule inet shellclash dns udp dport 53 redirect to ${dns_port}
nft add rule inet shellclash dns tcp dport 53 redirect to ${dns_port}
nft add rule inet shellcrash dns udp dport 53 redirect to ${dns_port}
nft add rule inet shellcrash dns tcp dport 53 redirect to ${dns_port}
}
start_wan(){
#获取局域网host地址
@@ -1045,8 +1243,8 @@ stop_firewall(){
ip -6 route del local ::/0 dev lo table 101 2> /dev/null
#重置nftables相关规则
ckcmd nft && {
nft flush table inet shellclash >/dev/null 2>&1
nft delete table inet shellclash >/dev/null 2>&1
nft flush table inet shellcrash >/dev/null 2>&1
nft delete table inet shellcrash >/dev/null 2>&1
}
#还原防火墙文件
[ -s /etc/init.d/firewall.bak ] && mv -f /etc/init.d/firewall.bak /etc/init.d/firewall
@@ -1141,68 +1339,28 @@ EOF
compare $TMPDIR/clash_pac $bindir/ui/pac
[ "$?" = 0 ] && rm -rf $TMPDIR/clash_pac || mv -f $TMPDIR/clash_pac $bindir/ui/pac
}
bfstart(){
#读取配置文件
getconfig
[ ! -d $bindir/ui ] && mkdir -p $bindir/ui
[ -z "$update_url" ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master
#检查yaml配置文件
if [ ! -f $yaml ];then
if [ -n "$Url" -o -n "$Https" ];then
logger "未找到配置文件,正在下载!" 33
getyaml
exit 0
else
logger "未找到配置文件链接,请先导入配置文件!" 31
exit 1
fi
fi
clash_check(){
#检测vless/hysteria协议
if [ -n "$(cat $yaml | grep -oE 'type: vless|type: hysteria')" ] && [ "$clashcore" != "meta" ];then
if [ "$crashcore" != "meta" ] && [ -n "$(cat $core_config | grep -oE 'type: vless|type: hysteria')" ];then
echo -----------------------------------------------
logger "检测到vless/hysteria协议将改为使用meta核心启动" 33
rm -rf $bindir/clash
clashcore=meta
setconfig clashcore meta
crashcore=meta
echo -----------------------------------------------
fi
#检测是否存在高级版规则
if [ "$clashcore" = "clash" -a -n "$(cat $yaml | grep -aE '^script:|proxy-providers|rule-providers|rule-set')" ];then
#检测是否存在高级版规则或者tun模式
if [ "$crashcore" = "clash" ];then
[ -n "$(cat $core_config | grep -aE '^script:|proxy-providers|rule-providers|rule-set')" ] || \
[ "$redir_mod" = "混合模式" ] || \
[ "$redir_mod" = "Tun模式" ] && {
echo -----------------------------------------------
logger "检测到高级规则!将改为使用meta核心启动!" 33
logger "检测到高级功能!将改为使用ClashPre核心启动!" 33
rm -rf $bindir/clash
clashcore=meta
setconfig clashcore meta
crashcore=clashpre
echo -----------------------------------------------
}
fi
#检查clash核心
if [ ! -f $bindir/clash ];then
if [ -f $CRASHDIR/clash ];then
mv $CRASHDIR/clash $bindir/clash
else
logger "未找到clash核心正在下载" 33
if [ -z "$clashcore" ];then
[ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ] && clashcore=clashpre || clashcore=clash
fi
[ -z "$cpucore" ] && source $CRASHDIR/getdate.sh && getcpucore
[ -z "$cpucore" ] && logger 找不到设备的CPU信息请手动指定处理器架构类型 31 && setcpucore
[ "$update_url" = "https://jwsc.eu.org:8888" ] && [ "$clashcore" != 'clash' ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master
$0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore"
#校验内核
chmod +x $bindir/clash 2>/dev/null
clashv=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
if [ -z "$clashv" ];then
rm -rf $bindir/clash
logger "核心下载失败,请重新运行或更换安装源!" 31
exit 1
else
setconfig clashcore $clashcore
setconfig clashv $clashv
fi
fi
fi
[ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限
#检查数据库文件
#预下载GeoIP数据库
if [ ! -f $bindir/Country.mmdb ];then
if [ -f $CRASHDIR/Country.mmdb ];then
mv $CRASHDIR/Country.mmdb $bindir/Country.mmdb
@@ -1214,54 +1372,131 @@ bfstart(){
setconfig Geo_v $Geo_v
fi
fi
#预下载GeoSite数据库
if [ -n "$(cat $core_config|grep -Ei 'geosite')" ] && [ ! -f $bindir/GeoSite.dat ];then
if [ -f $CRASHDIR/GeoSite.dat ];then
mv -f $CRASHDIR/GeoSite.dat $bindir/GeoSite.dat
else
logger "未找到GeoSite数据库正在下载" 33
$0 webget $bindir/GeoSite.dat $update_url/bin/geodata/geosite.dat
[ "$?" = "1" ] && rm -rf $bindir/GeoSite.dat && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
fi
fi
}
singbox_check(){
#预下载GeoIP数据库
if [ ! -f $bindir/geoip.db ];then
if [ -f $CRASHDIR/geoip.db ];then
mv $CRASHDIR/geoip.db $bindir/geoip.db
else
logger "未找到GeoIP数据库正在下载" 33
$0 webget $bindir/geoip.db $update_url/bin/geodata/geoip_cn.db
[ "$?" = "1" ] && rm -rf $bindir/geoip.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
Geo_v=$(date +"%Y%m%d")
setconfig Geo_v $Geo_v
fi
fi
#预下载GeoSite数据库
if [ -n "$(cat $core_config|grep -Ei '"geosite":')" ] && [ ! -f $bindir/geosite.db ];then
if [ -f $CRASHDIR/geosite.db ];then
mv -f $CRASHDIR/geosite.db$bindir/geosite.db
else
logger "未找到GeoSite数据库正在下载" 33
$0 webget $bindir/geosite.db $update_url/bin/geodata/geosite_cn.db
[ "$?" = "1" ] && rm -rf $bindir/geosite.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
Geo_v=$(date +"%Y%m%d")
setconfig Geo_v $Geo_v
fi
fi
}
bfstart(){
#读取ShellCrash配置
getconfig
[ -z "$update_url" ] && update_url=https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master
[ ! -d $bindir/ui ] && mkdir -p $bindir/ui
[ -z "$crashcore" ] && crashcore=clash
#检查内核配置文件
if [ ! -f $core_config ];then
if [ -n "$Url" -o -n "$Https" ];then
logger "未找到配置文件,正在下载!" 33
get_core_config
exit 0
else
logger "未找到配置文件链接,请先导入配置文件!" 31
exit 1
fi
fi
#检查dashboard文件
if [ -f $CRASHDIR/ui/index.html -a ! -f $bindir/ui/index.html ];then
cp -rf $CRASHDIR/ui $bindir
fi
[ ! -s $bindir/ui/index.html ] && makehtml #如没有面板则创建跳转界面
#检查curl或wget支持
curl --version > /dev/null 2>&1
[ "$?" = 1 ] && wget --version > /dev/null 2>&1
[ "$?" = 1 ] && restore=true || restore=false
#生成pac文件
catpac
#预下载GeoSite数据库
if [ "$clashcore" = "meta" ] && [ ! -f $bindir/GeoSite.dat ] && [ -n "$(cat $yaml|grep -Ei 'geosite')" ];then
[ -f $CRASHDIR/geosite.dat ] && mv -f $CRASHDIR/geosite.dat $CRASHDIR/GeoSite.dat
if [ -f $CRASHDIR/GeoSite.dat ];then
mv -f $CRASHDIR/GeoSite.dat $bindir/GeoSite.dat
#内核及内核配置文件检查
if [ "$crashcore" = singbox ];then
singbox_check
[ "$disoverride" != "1" ] && modify_json || ln -sf $core_config $bindir/config.json
else
logger "未找到geosite数据库正在下载" 33
$0 webget $bindir/GeoSite.dat $update_url/bin/geodata/geosite.dat
[ "$?" = "1" ] && rm -rf $bindir/GeoSite.dat && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
clash_check
[ "$disoverride" != "1" ] && modify_yaml || ln -sf $core_config $bindir/config.yaml
fi
#检查及下载内核文件
if [ ! -f $bindir/CrashCore ];then
if [ -f $CRASHDIR/CrashCore ];then
mv $CRASHDIR/CrashCore $bindir/CrashCore
elif [ -f $CRASHDIR/clash ];then
mv $CRASHDIR/clash $bindir/CrashCore
else
logger "未找到【$crashcore】核心,正在下载!" 33
[ -z "$cpucore" ] && source $CRASHDIR/getdate.sh && getcpucore
[ -z "$cpucore" ] && logger 找不到设备的CPU信息请手动指定处理器架构类型 31 && exit 1
$0 webget $bindir/core.new "$update_url/bin/$crashcore/clash-linux-$cpucore"
#校验内核
chmod +x $bindir/core.new 2>/dev/null
if [ "$crashcore" = singbox ];then
core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}')
else
core_v=$($TMPDIR/core.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
fi
if [ -z "$core_v" ];then
rm -rf $bindir/clash
logger "核心下载失败,请重新运行或更换安装源!" 31
exit 1
else
setconfig crashcore $crashcore
setconfig core_v $core_v
fi
fi
fi
[ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限
#本机代理准备
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then
#添加shellcrash用户
if [ -z "$(id shellcrash 2>/dev/null | grep 'root')" ];then
if ckcmd userdel useradd groupmod; then
userdel shellclash 2>/dev/null
useradd shellclash -u 7890
groupmod shellclash -g 7890
userdel shellcrash 2>/dev/null
useradd shellcrash -u 7890
groupmod shellcrash -g 7890
sed -Ei s/7890:7890/0:7890/g /etc/passwd
else
grep -qw shellclash /etc/passwd || echo "shellclash:x:0:7890:::" >> /etc/passwd
grep -qw shellcrash /etc/passwd || echo "shellcrash:x:0:7890:::" >> /etc/passwd
fi
fi
#修改启动文件
if [ "$start_old" != "已开启" ];then
[ -w /etc/systemd/system/clash.service ] && servdir=/etc/systemd/system/clash.service
[ -w /usr/lib/systemd/system/clash.service ] && servdir=/usr/lib/systemd/system/clash.service
[ -w /etc/systemd/system/shellcrash.service ] && servdir=/etc/systemd/system/shellcrash.service
[ -w /usr/lib/systemd/system/shellcrash.service ] && servdir=/usr/lib/systemd/system/shellcrash.service
if [ -w /etc/init.d/clash ]; then
[ -z "$(grep 'procd_set_param user shellclash' /etc/init.d/clash)" ] && \
sed -i '/procd_close_instance/i\\t\tprocd_set_param user shellclash' /etc/init.d/clash
[ -z "$(grep 'procd_set_param user shellcrash' /etc/init.d/clash)" ] && \
sed -i '/procd_close_instance/i\\t\tprocd_set_param user shellcrash' /etc/init.d/clash
elif [ -w "$servdir" ]; then
setconfig ExecStart "/bin/su shellclash -c \"$bindir/clash -d $bindir -f $TMPDIR/config.yaml >/dev/null\"" $servdir
setconfig User shellcrash $servdir
systemctl daemon-reload >/dev/null
fi
fi
fi
#生成配置文件
[ "$disoverride" != "1" ] && modify_yaml || ln -sf $yaml $bindir/config.yaml
#执行条件任务
[ -s $CRASHDIR/task/bfstart ] && source $CRASHDIR/task/bfstart
}
@@ -1274,8 +1509,6 @@ afstart(){
logger "clash将延迟$start_delay秒启动" 31 pushoff
sleep $start_delay
}
$bindir/clash -t -d $bindir >/dev/null
if [ "$?" = 0 ];then
#设置DNS转发
start_dns(){
[ "$dns_mod" = "redir_host" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
@@ -1303,8 +1536,8 @@ afstart(){
[ "$redir_mod" = "Tun模式" ] && start_dns && start_tun all
[ "$redir_mod" = "Tproxy模式" ] && start_dns && start_tproxy all
[ -n "$(echo $redir_mod|grep Nft)" -o "$local_type" = "nftables增强模式" ] && {
nft add table inet shellclash #初始化nftables
nft flush table inet shellclash
nft add table inet shellcrash #初始化nftables
nft flush table inet shellcrash
}
[ -n "$(echo $redir_mod|grep Nft)" ] && start_dns && start_nft
#设置本机代理
@@ -1333,22 +1566,21 @@ afstart(){
line=$(grep -En "fw3 .* start" /etc/init.d/firewall | cut -d ":" -f 1)
sed -i "${line}a\\source $CRASHDIR/task/affirewall" /etc/init.d/firewall
}
else
logger "Clash服务启动失败请查看报错信息" 33
logger "$($bindir/clash -t -d $bindir | grep -Eo 'error.*=.*')" 31
$0 stop
exit 1
fi
}
start_old(){
source $CRASHDIR/configs/service.env
bfstart
#使用传统后台执行二进制文件的方式执行
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
ckcmd su && su=su
$su shellclash -c "$bindir/clash -d $bindir >/dev/null" &
if ckcmd su;then
su shellcrash -c "$COMMAND" 2>&1 &
else
ckcmd nohup && nohup=nohup
$nohup $bindir/clash -d $bindir >/dev/null 2>&1 &
logger "当前设备缺少su命令保守模式下无法兼容本机代理增强模式已停止启动" 31
exit 1
fi
else
ckcmd nohup && nohup=nohup #华硕调用nohup启动
$nohup "$COMMAND" 2>&1 &
fi
afstart
$0 daemon
@@ -1363,35 +1595,35 @@ afstart)
afstart
;;
start)
[ -n "$(pidof clash)" ] && $0 stop #禁止多实例
[ -n "$(pidof CrashCore)" ] && $0 stop #禁止多实例
getconfig
stop_firewall #清理路由策略
#使用不同方式启动服务
if [ "$start_old" = "已开启" ];then
start_old
elif [ -f /etc/rc.common ];then
/etc/init.d/clash start
elif [ "$USER" = "root" ];then
systemctl start clash.service
elif [ -f /etc/rc.common -a -n "$(pidof procd)" ];then
service shellcrash start
elif [ "$USER" = "root" -a -n "$(pidof systemd)" ];then
systemctl start shellcrash.service
else
start_old
fi
;;
stop)
getconfig
logger Clash服务即将关闭……
[ -n "$(pidof clash)" ] && web_save #保存面板配置
logger ShellCrash服务即将关闭……
[ -n "$(pidof CrashCore)" ] && web_save #保存面板配置
#删除守护进程&面板配置自动保存
cronset '保守模式守护进程'
cronset '运行时每'
cronset '流媒体预解析'
#多种方式结束进程
if [ -f /etc/rc.common ];then
/etc/init.d/clash stop >/dev/null 2>&1
service shellcrash stop >/dev/null 2>&1
elif [ "$USER" = "root" ];then
systemctl stop clash.service >/dev/null 2>&1
systemctl stop shellcrash.service >/dev/null 2>&1
fi
PID=$(pidof clash) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
stop_firewall #清理路由策略
$0 unset_proxy #禁用本机代理
;;
@@ -1420,20 +1652,20 @@ init)
fi
sed -i "/alias crash/d" $profile
sed -i "/export CRASHDIR/d" $profile
echo "alias crash=\"$CRASHDIR/clash.sh\"" >> $profile
echo "alias crash=\"$CRASHDIR/menu.sh\"" >> $profile
echo "export CRASHDIR=\"$CRASHDIR\"" >> $profile
[ -f $CRASHDIR/.dis_startup ] && cronset "保守模式守护进程" || $0 start
;;
getyaml)
getconfig
getyaml && \
get_core_config && \
logger "任务:【更新订阅并重启服务】配置文件已更新!"
;;
updateyaml)
getconfig
getyaml && \
modify_yaml && \
put_save http://127.0.0.1:${db_port}/configs "{\"path\":\"${CRASHDIR}/config.yaml\"}" && \
get_core_config
modify_$format && \
put_save http://127.0.0.1:${db_port}/configs "{\"path\":\"${CRASHDIR}/config.$format\"}" && \
logger "任务:【热更新订阅】配置文件已更新!"
;;
ntp)
@@ -1444,7 +1676,7 @@ logger)
;;
webget)
#设置临时代理
if [ -n "$(pidof clash)" ];then
if [ -n "$(pidof CrashCore)" ];then
getconfig
[ -n "$authentication" ] && auth="$authentication@"
export all_proxy="http://${auth}127.0.0.1:$mix_port"
@@ -1493,7 +1725,7 @@ web_restore)
;;
daemon)
getconfig
cronset '保守模式守护进程' "*/1 * * * * test -z \"\$(pidof clash)\" && $CRASHDIR/start.sh restart #保守模式守护进程"
cronset '保守模式守护进程' "*/1 * * * * test -z \"\$(pidof CrashCore)\" && $CRASHDIR/start.sh restart #ShellCrash保守模式守护进程"
;;
cronset)
cronset $2 $3

45
scripts/task.sh
View File

@@ -18,44 +18,49 @@ setconfig(){
#任务命令
check_update(){ #检查更新工具
$CRASHDIR/start.sh webget $TMPDIR/clashversion "$update_url/bin/version" echooff
[ "$?" = "0" ] && source $TMPDIR/clashversion 2>/dev/null
rm -rf $TMPDIR/clashversion
$CRASHDIR/start.sh webget $TMPDIR/crashversion "$update_url/bin/version" echooff
[ "$?" = "0" ] && source $TMPDIR/crashversion 2>/dev/null
rm -rf $TMPDIR/crashversion
}
update_core(){ #自动更新内核
#检查版本
check_update
clash_v_new=$(eval echo \$${crashcore}_v)
clash_v_now=$($bindir/clash -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
if [ -z "$clash_v_new" -o "$clash_v_new" = "clash_v_now" ];then
crash_v_new=$(eval echo \$${crashcore}_v)
if [ -z "$crash_v_new" -o "$crash_v_new" = "core_v" ];then
logger "任务【自动更新内核】中止-未检测到版本更新"
exit 1
else
#更新内核
$CRASHDIR/start.sh webget $TMPDIR/clash.new "$update_url/bin/$crashcore/clash-linux-$cpucore"
[ "$crashcore" = singbox ] && core_new=singbox || core_new=clash
$CRASHDIR/start.sh webget $TMPDIR/core.new "${update_url}/bin/${crashcore}/${core_new}-linux-${cpucore}"
if [ "$?" != "0" ];then
logger "任务【自动更新内核】出错-下载失败!"
rm -rf $TMPDIR/clash.new
rm -rf $TMPDIR/core.new
return 1
else
chmod +x $TMPDIR/clash.new
chmod +x $TMPDIR/core.new
$CRASHDIR/start.sh stop
clashv=$($TMPDIR/clash.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
if [ -z "$clashv" ];then
logger "任务【自动更新内核】出错-下载失败!"
rm -rf $TMPDIR/clash.new
[ $crashcore = meta ] && $CRASHDIR/start.sh start
if [ "$crashcore" = singbox ];then
core_v=$($TMPDIR/core.new version 2>/dev/null | grep version | awk '{print $3}')
else
core_v=$($TMPDIR/core.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
fi
if [ -z "$core_v" ];then
logger "任务【自动更新内核】出错-内核校验失败!"
rm -rf $TMPDIR/core.new
$CRASHDIR/start.sh start
return 1
else
mv -f $TMPDIR/clash.new $bindir/clash
mv -f $TMPDIR/core.new $bindir/CrashCore
logger "任务【自动更新内核】下载完成,正在重启服务!"
setconfig core_v $core_v
$CRASHDIR/start.sh start
return 0
fi
fi
fi
}
update_shellclash(){ #自动更新脚本
update_shellcrash(){ #自动更新脚本
#检查版本
check_update
if [ -z "$versionsh" -o "$versionsh" = "versionsh_l" ];then
@@ -110,6 +115,8 @@ update_mmdb(){ #自动更新数据库
[ -n "${china_ip_list_v}" ] && getgeo cn_ip.txt china_ip_list.txt
[ -n "${china_ipv6_list_v}" ] && getgeo cn_ipv6.txt china_ipv6_list.txt
[ -n "${geosite_v}" ] && getgeo GeoSite.dat geosite.dat
[ -n "${geoip_cn_v}" ] && getgeo geoip.db geoip_cn.db
[ -n "${geosite_cn_v}" ] && getgeo geosite.db geosite_cn.db
}
reset_firewall(){ #重设透明路由防火墙
$CRASHDIR/start.sh stop_firewall
@@ -170,7 +177,7 @@ set_service(){
if [ "$1" = "running" ];then
task_txt="$4 $CRASHDIR/task/task.sh $2 $3"
echo "$task_txt" >> $task_file
[ -n "$(pidof clash)" ] && cronset "$3" "$task_txt"
[ -n "$(pidof CrashCore)" ] && cronset "$3" "$task_txt"
else
echo "$CRASHDIR/task/task.sh $2 $3" >> $task_file
fi
@@ -294,7 +301,7 @@ task_type(){ #任务条件选择菜单
echo -e " 输入 6-18 代表\033[36m早6点至晚18点间每小时\033[0m运行"
read -p "想在每日的具体哪个小时执行0-23 > " hour
echo -----------------------------------------------
read -p "想在具体哪分钟执行?(1-59的整数 > " min
read -p "想在具体哪分钟执行?(0-59的整数 > " min
cron_time="在每日的$hour点$min分"
set_cron
;;
@@ -434,7 +441,7 @@ task_recom(){ #任务推荐
echo -----------------------------------------------
read -p "是否启用?(1/0) > " res
[ "$res" = 1 ] && {
set_service running "106" "运行时每10分钟自动保存面板配置" "*/10"
set_service running "106" "运行时每10分钟自动保存面板配置" "*/10 * * * *"
set_service afstart "107" "服务启动后自动同步ntp时间"
cronset "在每周3的3点整更新订阅并重启服务" "0 3 * * 3 $CRASHDIR/task/task.sh 104 在每周3的3点整更新订阅并重启服务" && \
echo -e "任务【在每周3的3点整更新订阅并重启服务】\033[32m添加成功\033[0m"