From 1f477a5934d22d5b12efab035afab93db78acdec Mon Sep 17 00:00:00 2001
From: juewuy <juewuy@gmail.com>
Date: Fri, 26 Dec 2025 17:35:45 +0800
Subject: [PATCH] =?UTF-8?q?~=E7=BB=A7=E7=BB=AD=E4=BC=98=E5=8C=96=E4=BB=A3?=
 =?UTF-8?q?=E7=A0=81=20~bot=5Ftg.sh=E6=96=BD=E5=B7=A5=E4=B8=AD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 scripts/init.sh                 |   2 +-
 scripts/libs/check_autostart.sh |  16 ++++
 scripts/libs/logger.sh          |  28 +++----
 scripts/libs/web_data.sh        |  18 +++++
 scripts/menu.sh                 |  29 ++-----
 scripts/menus/2_settings.sh     |  38 ++++-----
 scripts/menus/4_setboot.sh      |  63 +++++++--------
 scripts/menus/7_gateway.sh      |  15 ++--
 scripts/menus/8_tools.sh        |  54 +------------
 scripts/menus/bot_tg.sh         | 132 +++++++++++++++++++++++++-------
 scripts/menus/running_status.sh |  13 ++++
 scripts/start.sh                |   6 +-
 12 files changed, 233 insertions(+), 181 deletions(-)
 create mode 100644 scripts/libs/check_autostart.sh
 create mode 100644 scripts/libs/web_data.sh
 create mode 100644 scripts/menus/running_status.sh

diff --git a/scripts/init.sh b/scripts/init.sh
index c1047b07..24efc405 100644
--- a/scripts/init.sh
+++ b/scripts/init.sh
@@ -74,7 +74,7 @@ rm -rf "$CRASHDIR"/starts/shellcrash.openrc
 command -v bash >/dev/null 2>&1 && shtype=bash
 [ -x /bin/ash ] && shtype=ash
 #批量授权
-for file in start.sh starts/bfstart.sh starts/afstart.sh menu.sh menus/task_cmd.sh menus/bot_tg.sh; do
+for file in start.sh starts/bfstart.sh starts/afstart.sh starts/fw_stop.sh menu.sh menus/task_cmd.sh menus/bot_tg.sh; do
     sed -i "s|/bin/sh|/bin/$shtype|" "$CRASHDIR/$file" 2>/dev/null
     chmod +x "$CRASHDIR/$file" 2>/dev/null
 done
diff --git a/scripts/libs/check_autostart.sh b/scripts/libs/check_autostart.sh
new file mode 100644
index 00000000..e8eaf0a4
--- /dev/null
+++ b/scripts/libs/check_autostart.sh
@@ -0,0 +1,16 @@
+check_autostart(){
+	if [ "$start_old" = "已开启" ];then
+		[ ! -f "$CRASHDIR"/.dis_startup ] && return 0
+	elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
+		[ -n "$(find /etc/rc.d -name '*shellcrash')" ] && return 0
+	elif ckcmd systemctl; then
+		[ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && return 0
+	elif grep -q 's6' /proc/1/comm; then
+		[ -f /etc/s6-overlay/s6-rc.d/user/contents.d/afstart ] && return 0
+	elif rc-status -r >/dev/null 2>&1; then
+		rc-update show default | grep -q "shellcrash" && return 0
+	else
+		return 1
+	fi
+	return 1
+}
diff --git a/scripts/libs/logger.sh b/scripts/libs/logger.sh
index 19efd221..5d168ecb 100644
--- a/scripts/libs/logger.sh
+++ b/scripts/libs/logger.sh
@@ -1,4 +1,5 @@
 #日志工具
+. "$CRASHDIR"/libs/web_json.sh
 #$1日志内容$2显示颜色$3是否推送
 logger() { 
 	TMPDIR=/tmp/ShellCrash
@@ -6,55 +7,44 @@ logger() {
     log_text="$(date "+%G-%m-%d_%H:%M:%S")~$1"
     echo "$log_text" >>"$TMPDIR"/ShellCrash.log
     [ "$(wc -l "$TMPDIR"/ShellCrash.log | awk '{print $1}')" -gt 99 ] && sed -i '1,50d' "$TMPDIR"/ShellCrash.log
-    #推送工具
-    webpush() {
-        [ -n "$(pidof CrashCore)" ] && {
-            [ -n "$authentication" ] && auth="$authentication@"
-            export https_proxy="http://${auth}127.0.0.1:$mix_port"
-        }
-        if curl --version >/dev/null 2>&1; then
-            curl -kfsSl -X POST --connect-timeout 3 -H "Content-Type: application/json; charset=utf-8" "$1" -d "$2" >/dev/null 2>&1
-        elif wget --version >/dev/null 2>&1; then
-            wget -Y on -q --timeout=3 -O - --method=POST --header="Content-Type: application/json; charset=utf-8" --body-data="$2" "$1" >/dev/null 2>&1
-        fi
-    }
+	#推送远程日志
     [ -z "$3" ] && {
         [ -n "$device_name" ] && log_text="$log_text($device_name)"
         [ -n "$push_TG" ] && {
             url="https://api.telegram.org/bot${push_TG}/sendMessage"
             [ "$push_TG" = 'publictoken' ] && url='https://tgbot.jwsc.eu.org/publictoken/sendMessage'
             content="{\"chat_id\":\"${chat_ID}\",\"text\":\"$log_text\"}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_bark" ] && {
             url="${push_bark}"
             content="{\"body\":\"${log_text}\",\"title\":\"ShellCrash日志推送\",\"level\":\"passive\",\"badge\":\"1\"}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_Deer" ] && {
             url="https://api2.pushdeer.com/message/push"
             content="{\"pushkey\":\"${push_Deer}\",\"text\":\"$log_text\"}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_Po" ] && {
             url="https://api.pushover.net/1/messages.json"
             content="{\"token\":\"${push_Po}\",\"user\":\"${push_Po_key}\",\"title\":\"ShellCrash日志推送\",\"message\":\"$log_text\"}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_PP" ] && {
             url="http://www.pushplus.plus/send"
             content="{\"token\":\"${push_PP}\",\"title\":\"ShellCrash日志推送\",\"content\":\"$log_text\"}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_Gotify" ] && {
             url="${push_Gotify}"
             content="{\"title\":\"ShellCrash日志推送\",\"message\":\"$log_text\",\"priority\":5}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
         }
         [ -n "$push_SynoChat" ] && {
             url="${push_ChatURL}/webapi/entry.cgi?api=SYNO.Chat.External&method=chatbot&version=2&token=${push_ChatTOKEN}"
             content="payload={\"text\":\"${log_text}\", \"user_ids\":[${push_ChatUSERID}]}"
-            webpush "$url" "$content" &
+            web_json_post "$url" "$content" &
 		}
     } &
 }
diff --git a/scripts/libs/web_data.sh b/scripts/libs/web_data.sh
new file mode 100644
index 00000000..993a214f
--- /dev/null
+++ b/scripts/libs/web_data.sh
@@ -0,0 +1,18 @@
+. "$CRASHDIR"/libs/set_proxy.sh
+#$1:目标地址 $2:json字符串
+web_data_get() {
+	setproxy
+	if curl --version >/dev/null 2>&1; then
+		curl -ksSl --connect-timeout 3 "$1" 2>/dev/null
+	else
+		wget -Y on -q --timeout=3 -O - "$1"
+	fi
+}
+web_data_post() {
+	setproxy
+	if curl --version >/dev/null 2>&1; then
+		curl -ksSl -X POST --connect-timeout 3 "$1" "$2" >/dev/null 2>&1
+	else
+		wget -Y on -q --timeout=3 --header="Content-Type: application/octet-stream" --method=POST --body-file="$2" "$1"
+	fi
+}
diff --git a/scripts/menu.sh b/scripts/menu.sh
index 4651d60f..8bc23ea2 100644
--- a/scripts/menu.sh
+++ b/scripts/menu.sh
@@ -14,7 +14,9 @@ CFG_PATH="$CRASHDIR"/configs/ShellCrash.cfg
 #通用工具
 . "$CRASHDIR"/libs/set_config.sh
 . "$CRASHDIR"/libs/check_cmd.sh
+. "$CRASHDIR"/libs/check_autostart.sh
 . "$CRASHDIR"/menus/1_start.sh
+. "$CRASHDIR"/menus/running_status.sh
 errornum() {
     echo "-----------------------------------------------"
     echo -e "\033[31m请输入正确的字母或数字！\033[0m"
@@ -66,19 +68,7 @@ ckstatus() { #脚本启动前检查
         hostdir=":$db_port/ui"
     fi
     #开机自启检测
-    if [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
-        [ -n "$(find /etc/rc.d -name '*shellcrash')" ] && autostart=enable || autostart=disable
-    elif ckcmd systemctl; then
-        [ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && autostart=enable || autostart=disable
-	elif grep -q 's6' /proc/1/comm; then
-		[ -f /etc/s6-overlay/s6-rc.d/user/contents.d/afstart ] && autostart=enable || autostart=disable
-    elif rc-status -r >/dev/null 2>&1; then
-        rc-update show default | grep -q "shellcrash" && autostart=enable || autostart=disable
-    else
-        [ -f "$CRASHDIR"/.dis_startup ] && autostart=disable || autostart=enable
-    fi
-    #开机自启描述
-    if [ "$autostart" = "enable" ]; then
+    if check_autostart; then
         auto="\033[32m已设置开机启动！\033[0m"
         auto1="\033[36m禁用\033[0mShellCrash开机启动"
     else
@@ -89,16 +79,7 @@ ckstatus() { #脚本启动前检查
     PID=$(pidof CrashCore | awk '{print $NF}')
     if [ -n "$PID" ]; then
         run="\033[32m正在运行（$redir_mod）\033[0m"
-        VmRSS=$(cat /proc/$PID/status | grep -w VmRSS | awk 'unit="MB" {printf "%.2f %s\n", $2/1000, unit}')
-        #获取运行时长
-        touch "$TMPDIR"/crash_start_time #用于延迟启动的校验
-        start_time=$(cat "$TMPDIR"/crash_start_time)
-        if [ -n "$start_time" ]; then
-            time=$(($(date +%s) - start_time))
-            day=$((time / 86400))
-            [ "$day" = "0" ] && day='' || day="$day天"
-            time=$(date -u -d @${time} +%H小时%M分%S秒)
-        fi
+        running_status
     elif [ "$firewall_area" = 5 ] && [ -n "$(ip route list table 100)" ]; then
         run="\033[32m已设置（$redir_mod）\033[0m"
     else
@@ -112,7 +93,7 @@ ckstatus() { #脚本启动前检查
     #输出状态
     echo "-----------------------------------------------"
     echo -e "\033[30;46m欢迎使用ShellCrash！\033[0m		版本：$versionsh_l"
-    echo -e "$corename服务"$run"，"$auto""
+    echo -e "$corename服务$run，$auto"
     if [ -n "$PID" ]; then
         echo -e "当前内存占用：\033[44m"$VmRSS"\033[0m，已运行：\033[46;30m"$day"\033[44;37m"$time"\033[0m"
     fi
diff --git a/scripts/menus/2_settings.sh b/scripts/menus/2_settings.sh
index 9bff6bf5..6b0ca017 100644
--- a/scripts/menus/2_settings.sh
+++ b/scripts/menus/2_settings.sh
@@ -10,9 +10,9 @@ settings() { #功能设置
     echo "-----------------------------------------------"
     echo -e "\033[30;47m欢迎使用功能设置菜单：\033[0m"
     echo "-----------------------------------------------"
-    echo -e " 1 代理模式设置:	\033[36m$redir_mod\033[0m"
+    echo -e " 1 路由模式设置:	\033[36m$redir_mod\033[0m"
 	echo -e " 2 DNS设置：		\033[36m$dns_mod\033[0m"
-	echo -e " 3 透明路由流量过滤"
+	echo -e " 3 透明路由\033[32m流量过滤\033[0m"
     [ "$disoverride" != "1" ] && {
         echo -e " 4 跳过证书验证：	\033[36m$skip_cert\033[0m"
 		echo -e " 5 启用域名嗅探:	\033[36m$sniffer\033[0m"
@@ -136,7 +136,7 @@ settings() { #功能设置
     esac
 }
 
-set_redir_mod() { #代理模式设置
+set_redir_mod() { #路由模式设置
     set_redir_config() {
         setconfig redir_mod $redir_mod
         setconfig dns_mod $dns_mod
@@ -149,7 +149,7 @@ set_redir_mod() { #代理模式设置
     [ -z "$redir_mod" ] && redir_mod='纯净模式'
     firewall_area_dsc=$(echo "仅局域网 仅本机 局域网+本机 纯净模式 主-旁转发($bypass_host)" | cut -d' ' -f$firewall_area)
     echo "-----------------------------------------------"
-    echo -e "当前代理模式为：\033[47;30m$redir_mod\033[0m；ShellCrash核心为：\033[47;30m $crashcore \033[0m"
+    echo -e "当前路由模式为：\033[47;30m$redir_mod\033[0m；ShellCrash核心为：\033[47;30m $crashcore \033[0m"
     echo -e "\033[33m切换模式后需要手动重启服务以生效！\033[0m"
     echo "-----------------------------------------------"
     [ $firewall_area -le 3 ] && {
@@ -164,8 +164,8 @@ set_redir_mod() { #代理模式设置
         echo -e " 6 \033[36mT&U旁路转发\033[0m：    转发TCP&UDP流量至旁路由"
         echo "-----------------------------------------------"
     }
-    echo -e " 7 设置代理范围：	\033[47;30m$firewall_area_dsc\033[0m"
-    echo -e " 8 容器/虚拟机代理：	\033[47;30m$vm_redir\033[0m"
+    echo -e " 7 设置路由劫持范围：	\033[47;30m$firewall_area_dsc\033[0m"
+    echo -e " 8 容器/虚拟机劫持：	\033[47;30m$vm_redir\033[0m"
     echo -e " 9 切换防火墙应用：	\033[47;30m$firewall_mod\033[0m"
 	echo "-----------------------------------------------"
     echo " 0 返回上级菜单"
@@ -677,7 +677,7 @@ set_adv_config() { #端口设置
         else
             if [ "$local_proxy" = "已开启" -a "$local_type" = "环境变量" ]; then
                 echo "-----------------------------------------------"
-                echo -e "\033[33m请先禁用本机代理功能或使用增强模式！\033[0m"
+                echo -e "\033[33m请先禁用本机劫持功能或使用增强模式！\033[0m"
                 sleep 1
             else
                 authentication=$(echo $input | grep :)
@@ -718,7 +718,7 @@ set_adv_config() { #端口设置
         echo -e "多个端口请用小写逗号分隔，例如：\033[33m143,80,443\033[0m"
         echo -e "输入 0 重置为默认端口"
         echo "-----------------------------------------------"
-        read -p "请输入需要指定代理的端口 > " multiport
+        read -p "请输入需要指定劫持的端口 > " multiport
         if [ -n "$multiport" ]; then
             [ "$multiport" = "0" ] && multiport="22,80,143,194,443,465,587,853,993,995,5222,8080,8443"
             common_ports=已开启
@@ -765,16 +765,16 @@ set_adv_config() { #端口设置
 	;;
     esac
 }
-set_firewall_area() { #代理范围设置
+set_firewall_area() { #路由范围设置
     [ -z "$vm_redir" ] && vm_redir='未开启'
     echo "-----------------------------------------------"
     echo -e "\033[31m注意：\033[0m基于桥接网卡的Docker/虚拟机流量，请单独启用！"
-    echo -e "\033[33m如你使用了第三方DNS如smartdns等，请勿启用本机代理或使用shellcrash用户执行！\033[0m"
+    echo -e "\033[33m如你使用了第三方DNS如smartdns等，请勿启用本机劫持或使用shellcrash用户执行！\033[0m"
     echo "-----------------------------------------------"
-    echo -e " 1 \033[32m仅代理局域网流量\033[0m"
-    echo -e " 2 \033[36m仅代理本机流量\033[0m"
-    echo -e " 3 \033[32m代理局域网+本机流量\033[0m"
-    echo -e " 4 不配置流量代理(纯净模式)\033[0m"
+    echo -e " 1 \033[32m仅劫持局域网流量\033[0m"
+    echo -e " 2 \033[36m仅劫持本机流量\033[0m"
+    echo -e " 3 \033[32m劫持局域网+本机流量\033[0m"
+    echo -e " 4 不配置流量劫持(纯净模式)\033[0m"
     #echo -e " 5 \033[33m转发局域网流量到旁路由设备\033[0m"
     echo -e " 0 返回上级菜单"
     echo "-----------------------------------------------"
@@ -816,7 +816,7 @@ set_firewall_area() { #代理范围设置
 }
 set_firewall_vm(){
 	if [ -n "$vm_ipv4" ]; then
-		vm_des='当前代理'
+		vm_des='当前劫持'
 	else
 		vm_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -E 'docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | sed 's/.*inet.//g' | sed 's/ br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ')
 		vm_des='当前获取到'
@@ -825,9 +825,9 @@ set_firewall_vm(){
 	echo -e "$vm_des的容器/虚拟机网段为：\033[32m$vm_ipv4\033[0m"
 	echo -e "如未包含容器网段，请先运行容器再运行脚本或者手动设置网段"
 	echo "-----------------------------------------------"
-	echo -e " 1 \033[32m启用代理并使用默认网段\033[0m"
-	echo -e " 2 \033[36m启用代理并自定义网段\033[0m"
-	echo -e " 3 \033[31m禁用代理\033[0m"
+	echo -e " 1 \033[32m启用劫持并使用默认网段\033[0m"
+	echo -e " 2 \033[36m启用劫持并自定义网段\033[0m"
+	echo -e " 3 \033[31m禁用劫持\033[0m"
 	echo -e " 0 返回上级菜单"
 	echo "-----------------------------------------------"
 	read -p "请输入对应数字 > " num
@@ -858,7 +858,7 @@ set_ipv6() { #ipv6设置
     [ -z "$ipv6_redir" ] && ipv6_redir=未开启
     [ -z "$ipv6_dns" ] && ipv6_dns=已开启
     echo "-----------------------------------------------"
-    echo -e " 1 ipv6透明代理:  \033[36m$ipv6_redir\033[0m  ——代理ipv6流量"
+    echo -e " 1 ipv6透明路由:  \033[36m$ipv6_redir\033[0m  ——劫持ipv6流量"
     [ "$disoverride" != "1" ] && echo -e " 2 ipv6-DNS解析:  \033[36m$ipv6_dns\033[0m  ——决定内置DNS是否返回ipv6地址"
     echo -e " 0 返回上级菜单"
     echo "-----------------------------------------------"
diff --git a/scripts/menus/4_setboot.sh b/scripts/menus/4_setboot.sh
index 5b336072..96241d16 100644
--- a/scripts/menus/4_setboot.sh
+++ b/scripts/menus/4_setboot.sh
@@ -1,11 +1,25 @@
 #!/bin/sh
 # Copyright (C) Juewuy
+allow_autostart(){
+	[ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable
+	ckcmd systemctl && systemctl enable shellcrash.service >/dev/null 2>&1
+	grep -q 's6' /proc/1/comm && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
+	rc-status -r >/dev/null 2>&1 && rc-update add shellcrash default >/dev/null 2>&1
+	rm -rf "$CRASHDIR"/.dis_startup
+}
+disable_autostart(){
+	[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash >/dev/null 2>&1 && cd - >/dev/null
+	ckcmd systemctl && systemctl disable shellcrash.service >/dev/null 2>&1
+	grep -q 's6' /proc/1/comm && rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
+	rc-status -r >/dev/null 2>&1 && rc-update del shellcrash default >/dev/null 2>&1
+	touch "$CRASHDIR"/.dis_startup
+}
 
 setboot() { #启动设置菜单
     [ -z "$start_old" ] && start_old=未开启
-    [ -z "$start_delay" -o "$start_delay" = 0 ] && delay=未设置 || delay=${start_delay}秒
-    [ "$autostart" = "enable" ] && auto_set="\033[33m禁止" || auto_set="\033[32m允许"
-    [ "${BINDIR}" = "${CRASHDIR}" ] && mini_clash=未开启 || mini_clash=已开启
+    [ -z "$start_delay" -o "$start_delay" = 0 ] && delay=未设置 || delay="${start_delay}秒"
+    check_autostart && auto_set="\033[33m禁止" || auto_set="\033[32m允许"
+    [ "${BINDIR}" = "$CRASHDIR" ] && mini_clash=未开启 || mini_clash=已开启
     [ -z "$network_check" ] && network_check=已开启
     echo "-----------------------------------------------"
     echo -e "\033[30;47m欢迎使用启动设置菜单：\033[0m"
@@ -14,7 +28,7 @@ setboot() { #启动设置菜单
     echo -e " 2 使用保守模式:	\033[36m$start_old\033[0m	————基于定时任务(每分钟检测)"
     echo -e " 3 设置自启延时:	\033[36m$delay\033[0m	————用于解决自启后服务受限"
     echo -e " 4 启用小闪存模式:	\033[36m$mini_clash\033[0m	————用于闪存空间不足的设备"
-    [ "${BINDIR}" != "${CRASHDIR}" ] && echo -e " 5 设置小闪存目录:	\033[36m${BINDIR}\033[0m"
+    [ "${BINDIR}" != "$CRASHDIR" ] && echo -e " 5 设置小闪存目录:	\033[36m${BINDIR}\033[0m"
     echo -e " 6 自启网络检查:	\033[36m$network_check\033[0m	————禁用则跳过自启时网络检查"
     echo "-----------------------------------------------"
     echo -e " 0 \033[0m返回上级菜单\033[0m"
@@ -23,23 +37,13 @@ setboot() { #启动设置菜单
     case "$num" in
     0) ;;
     1)
-        if [ "$autostart" = "enable" ]; then
+        if check_autostart; then
             # 禁止自启动：删除各系统的启动项
-            [ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash >/dev/null 2>&1 && cd - >/dev/null
-            ckcmd systemctl && systemctl disable shellcrash.service >/dev/null 2>&1
-			grep -q 's6' /proc/1/comm && rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
-            rc-status -r >/dev/null 2>&1 && rc-update del shellcrash default >/dev/null 2>&1
-            touch ${CRASHDIR}/.dis_startup
-            autostart=disable
+			disable_autostart
             echo -e "\033[33m已禁止ShellCrash开机启动！\033[0m"
-        elif [ "$autostart" = "disable" ]; then
+        else
             # 允许自启动：配置各系统的启动项
-            [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable
-            ckcmd systemctl && systemctl enable shellcrash.service >/dev/null 2>&1
-			grep -q 's6' /proc/1/comm && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
-            rc-status -r >/dev/null 2>&1 && rc-update add shellcrash default >/dev/null 2>&1
-            rm -rf ${CRASHDIR}/.dis_startup
-            autostart=enable
+			allow_autostart
             echo -e "\033[32m已设置ShellCrash开机启动！\033[0m"
         fi
         setboot
@@ -47,20 +51,17 @@ setboot() { #启动设置菜单
     2)
         if [ "$start_old" = "未开启" ] >/dev/null 2>&1; then
             echo -e "\033[33m改为使用保守模式启动服务！！\033[0m"
-            [ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash >/dev/null 2>&1 && cd - >/dev/null
-            ckcmd systemctl && systemctl disable shellcrash.service >/dev/null 2>&1
-			grep -q 's6' /proc/1/comm && rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
-			rc-status -r >/dev/null 2>&1 && rc-update del shellcrash default >/dev/null 2>&1
+            disable_autostart
             start_old=已开启
-            setconfig start_old $start_old
-            ${CRASHDIR}/start.sh stop
+            setconfig start_old "$start_old"
+            "$CRASHDIR"/start.sh stop
         else
             if grep -qE 'procd|systemd|s6' /proc/1/comm || rc-status -r >/dev/null 2>&1; then
                 echo -e "\033[32m改为使用系统守护进程启动服务！！\033[0m"
-                ${CRASHDIR}/start.sh cronset "ShellCrash初始化"
+                "$CRASHDIR"/start.sh cronset "ShellCrash初始化"
                 start_old=未开启
-                setconfig start_old $start_old
-                ${CRASHDIR}/start.sh stop
+                setconfig start_old "$start_old"
+                "$CRASHDIR"/start.sh stop
 
             else
                 echo -e "\033[31m当前设备不支持以其他模式启动！！\033[0m"
@@ -87,7 +88,7 @@ setboot() { #启动设置菜单
         setboot
 	;;
     4)
-        dir_size=$(df ${CRASHDIR} | awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' | grep Ava | awk '{print $2}')
+        dir_size=$(df "$CRASHDIR" | awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' | grep Ava | awk '{print $2}')
         if [ "$mini_clash" = "未开启" ]; then
             if [ "$dir_size" -gt 20480 ]; then
                 echo -e "\033[33m您的设备空间充足(>20M)，无需开启！\033[0m"
@@ -109,7 +110,7 @@ setboot() { #启动设置菜单
                 echo -e "\033[33m已经停用小闪存功能！\033[0m"
             fi
         fi
-        setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
+        setconfig BINDIR "$BINDIR" "$CRASHDIR"/configs/command.env
         sleep 1
         setboot
 	;;
@@ -151,7 +152,7 @@ setboot() { #启动设置菜单
             errornum
     	;;
         esac
-        setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
+        setconfig BINDIR "$BINDIR" "$CRASHDIR"/configs/command.env
         setboot
 	;;
     6)
@@ -165,7 +166,7 @@ setboot() { #启动设置菜单
             else
                 network_check=已禁用
             fi
-            setconfig network_check $network_check
+            setconfig network_check "$network_check"
         }
         sleep 1
         setboot
diff --git a/scripts/menus/7_gateway.sh b/scripts/menus/7_gateway.sh
index 8bcd7894..cb7ae627 100644
--- a/scripts/menus/7_gateway.sh
+++ b/scripts/menus/7_gateway.sh
@@ -4,12 +4,13 @@
 . "$CRASHDIR"/menus/check_port.sh
 . "$CRASHDIR"/libs/gen_base64.sh
 
-gateway(){ #访问与控制主菜单
+#访问与控制主菜单
+gateway(){
 	echo "-----------------------------------------------"
 	echo -e "\033[30;47m欢迎使用访问与控制菜单：\033[0m"
 	echo "-----------------------------------------------"
-	echo -e " 1 配置\033[33m公网访问防火墙\033[0m"
-	echo -e " 2 配置\033[36mTelegram专属控制机器人\033[0m		\033[32m$bot_tg_service\033[0m"
+	echo -e " 1 配置\033[33m公网访问防火墙			\033[32m$fw_wan\033[0m"
+	echo -e " 2 配置\033[36mTelegram专属控制机器人		\033[32m$bot_tg_service\033[0m"
 	echo -e " 3 配置\033[36mDDNS自动域名\033[0m"
 	[ "$disoverride" != "1" ] && {
 		echo -e " 4 自定义\033[33m公网Vmess入站\033[0m节点		\033[32m$vms_service\033[0m"
@@ -63,7 +64,8 @@ gateway(){ #访问与控制主菜单
 	*) errornum ;;
 	esac
 }
-set_fw_wan() { #公网防火墙设置
+#公网防火墙
+set_fw_wan() {
 	[ -z "$fw_wan" ] && fw_wan=ON
 	echo "-----------------------------------------------"
 	echo -e "\033[31m注意：\033[0m如在vps运行，还需在vps安全策略对相关端口同时放行"
@@ -80,7 +82,7 @@ set_fw_wan() { #公网防火墙设置
 	case $num in
 	1)
 		[ "$fw_wan" = ON ] && fw_wan=OFF || fw_wan=ON
-		setconfig ts_service "$ts_service"
+		setconfig fw_wan "$fw_wan"
 		set_fw_wan
 	;;
 	2)
@@ -121,6 +123,7 @@ set_fw_wan() { #公网防火墙设置
 		;;
 	esac
 }
+#tg_BOT相关
 set_bot_tg_config(){
 	setconfig TG_TOKEN "$TOKEN" "$GT_CFG_PATH"
 	setconfig TG_CHATID "$chat_ID" "$GT_CFG_PATH"
@@ -204,6 +207,7 @@ set_bot_tg(){
 	;;
 	esac		
 }
+#自定义入站
 set_vmess(){
 	echo "-----------------------------------------------"
 	echo -e "\033[31m注意：\033[0m设置的端口会添加到公网访问防火墙并自动放行！\n      脚本只提供基础功能，更多需求请用自定义配置文件功能！"
@@ -431,6 +435,7 @@ set_shadowsocks(){
 	*) errornum ;;
 	esac		
 }
+#自定义端点
 set_tailscale(){
 	[ -n "$ts_auth_key" ] && ts_auth_key_info='*********'
 	echo "-----------------------------------------------"
diff --git a/scripts/menus/8_tools.sh b/scripts/menus/8_tools.sh
index 7713782e..e5589e53 100644
--- a/scripts/menus/8_tools.sh
+++ b/scripts/menus/8_tools.sh
@@ -558,6 +558,8 @@ testcommand(){
 						iptables -t nat -L shellcrash_vm --line-numbers
 						iptables -t nat -L shellcrash_vm_dns --line-numbers
 			}
+			echo "----------------本机防火墙---------------------"
+			iptables -L INPUT --line-numbers
 		fi
 		exit;
 	    ;;
@@ -753,16 +755,6 @@ userguide(){
 			setconfig BINDIR /tmp/ShellCrash "$CRASHDIR"/configs/command.env
 		}
 	fi
-	#检测及下载根证书
-	openssldir="$(openssl version -d 2>&1 | awk -F '"' '{print $2}')"
-	[ ! -d "$openssldir/certs" ] && openssldir=/etc/ssl
-	if [ -d $openssldir/certs -a ! -f $openssldir/certs/ca-certificates.crt ];then
-		echo "-----------------------------------------------"
-		echo -e "\033[33m当前设备未找到根证书文件\033[0m"
-		echo "-----------------------------------------------"
-		read -p "是否下载并安装根证书？(1/0) > " res
-		[ "$res" = 1 ] && checkupdate && getcrt
-	fi
 	#设置加密DNS
 	if [ -s $openssldir/certs/ca-certificates.crt ];then
 		dns_nameserver='https://dns.alidns.com/dns-query, https://doh.pub/dns-query'
@@ -772,41 +764,8 @@ userguide(){
 		setconfig dns_fallback "'$dns_fallback'"
 		setconfig dns_resolver "'$dns_resolver'"
 	fi
-	#开启公网访问
-	sethost(){
-		read -p "请输入你的公网IP地址 > " host
-		echo $host | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
-		if [ -z "$host" ];then
-			echo -e "\033[31m请输入正确的IP地址！\033[0m"
-			sethost
-		fi
-	}
-	if ckcmd systemctl;then
-		echo "-----------------------------------------------"
-		echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务？\033[0m"
-		echo -e "注意当前设备必须有公网IP才能从公网正常访问"
-		echo -e "\033[31m此功能会增加暴露风险请谨慎使用！\033[0m"
-		echo -e "vps设备可能还需要额外在服务商后台开启相关端口"
-		read -p "现在开启？(1/0) > " res
-		if [ "$res" = 1 ];then
-			read -p "请先设置面板访问秘钥 > " secret
-			read -p "请先修改Socks服务端口(1-65535) > " mix_port
-			read -p "请先设置Socks服务密码(账号默认为crash) > " sec
-			[ -z "$sec" ] && authentication=crash:$sec
-			host=$(curl ip.sb  2>/dev/null | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
-			if [ -z "$host" ];then
-				sethost
-			fi
-			public_support=已开启
-			setconfig secret $secret
-			setconfig mix_port $mix_port
-			setconfig host $host
-			setconfig public_support $public_support
-			setconfig authentication "'$authentication'"
-		fi
-	fi
 	#启用推荐的自动任务配置
-	. "$CRASHDIR"/task/task.sh && task_recom
+	. "$CRASHDIR"/menus/task.sh && task_recom
 	#小米设备软固化
 	if [ "$systype" = "mi_snapshot" ];then
 		echo "-----------------------------------------------"
@@ -822,12 +781,7 @@ userguide(){
 		echo "-----------------------------------------------"
 		read -p "现在开始导入？(1/0) > " res
 		[ "$res" = 1 ] && inuserguide=1 && {
-			if [ -f "$CRASHDIR"/v2b_api.sh ];then
-				. "$CRASHDIR"/v2b_api.sh
-			else
-				set_core_config
-			fi
-			set_core_config
+			. "$CRASHDIR"/menus/6_core_config.sh && set_core_config
 			inuserguide=""
 		}
 	}
diff --git a/scripts/menus/bot_tg.sh b/scripts/menus/bot_tg.sh
index 3ca5ba2f..ff180e0c 100644
--- a/scripts/menus/bot_tg.sh
+++ b/scripts/menus/bot_tg.sh
@@ -1,8 +1,9 @@
 #!/bin/sh
 
-. "$CRASHDIR"/configs/ShellCrash.cfg
-. "$CRASHDIR"/configs/gateway.cfg
 . "$CRASHDIR"/libs/web_json.sh
+. "$CRASHDIR"/menus/running_status.sh
+. "$CRASHDIR"/configs/gateway.cfg
+. "$CRASHDIR"/configs/ShellCrash.cfg
 
 OFFSET=0
 API="https://api.telegram.org/bot$TG_TOKEN"
@@ -36,18 +37,11 @@ send_menu() {
 	PID=$(pidof CrashCore | awk '{print $NF}')
 	if [ -n "$PID" ]; then
 		run=正在运行
-		VmRSS=$(cat /proc/$PID/status | grep -w VmRSS | awk 'unit="MB" {printf "%.2f %s\n", $2/1000, unit}')
-		start_time=$(cat /tmp/ShellCrash/crash_start_time)
-		if [ -n "$start_time" ]; then
-			time=$(($(date +%s) - start_time))
-			day=$((time / 86400))
-			[ "$day" = "0" ] && day='' || day="$day天"
-			time=$(date -u -d @${time} +%H小时%M分%S秒)
-		fi
-	corename=$(echo $crashcore | sed 's/singboxr/SingBoxR/' | sed 's/singbox/SingBox/' | sed 's/clash/Clash/' | sed 's/meta/Mihomo/')
+		running_status
 	else
 		run=未运行
 	fi
+	corename=$(echo $crashcore | sed 's/singboxr/SingBoxR/' | sed 's/singbox/SingBox/' | sed 's/clash/Clash/' | sed 's/meta/Mihomo/')
     TEXT=$(cat <<EOF
 *欢迎使用ShellCrash！*                版本：$versionsh_l
 $corename服务$run               【*$redir_mod*】
@@ -56,7 +50,7 @@ $corename服务$run               【*$redir_mod*】
 EOF
 )
 
-    MENU=$(cat <<'EOF'
+    MENU=$(cat <<EOF
 {
   "inline_keyboard":[
     [
@@ -65,8 +59,9 @@ EOF
       {"text":"🔄 重启内核","callback_data":"restart"}
     ],
     [
-      {"text":"🌀 热更新订阅","callback_data":"refresh"},
-      {"text":"📝 添加订阅","callback_data":"set_sub"}
+      {"text":"📄 查看日志","callback_data":"readlog"},
+	  {"text":"🔃 文件传输","callback_data":"transport"},
+      {"text":"🌀 添加订阅","callback_data":"set_sub"}
     ]
   ]
 }
@@ -76,7 +71,51 @@ EOF
 web_json_post "$API/sendMessage" "{\"chat_id\":\"$TG_CHATID\",\"text\":\"$TEXT\",\"parse_mode\":\"Markdown\",\"reply_markup\":$MENU}"
 
 }
+send_transport_menu() {
+    TEXT=$(cat <<EOF
+请选择需要上传或下载的具体文件：
+EOF
+)
+	core_config=config.yaml
+	if echo "$crashcore" | grep -q 'singbox';then
+		core_config=config.json
+		ccdir=jsons
+	else
+		core_config=config.yaml
+		ccdir=yamls
+	fi
 
+	if curl -h >/dev/null 2>&1;then
+		CURL_KB=$(cat <<EOF
+	[
+      {"text":"📥 下载日志","callback_data":"ts_get_log"},
+      {"text":"💾 备份设置","callback_data":"ts_get_bak"},
+      {"text":"⬇️ $core_config","callback_data":"ts_get_ccf"}
+    ],
+EOF)
+	else
+		CURL_KB='[{"text":"⚠️ 因当前设备缺少curl应用，仅支持上传功能！","callback_data":"noop"}],'
+	fi
+    MENU=$(cat <<EOF
+{
+  "inline_keyboard":[
+	$CURL_KB
+    [
+      {"text":"📤 上传内核","callback_data":"ts_up_core"},
+	  {"text":"🔄 还原设置","callback_data":"ts_up_bak"},
+      {"text":"⬆️ $core_config","callback_data":"ts_up_ccf"}
+    ]
+  ]
+}
+EOF
+)
+
+web_json_post "$API/sendMessage" "{\"chat_id\":\"$TG_CHATID\",\"text\":\"$TEXT\",\"parse_mode\":\"Markdown\",\"reply_markup\":$MENU}"
+
+}
+upload_file(){
+	curl -k -X POST --connect-timeout 20 "$API/sendDocument" -F "chat_id=$TG_CHATID" -F "document=@$1" 
+}
 ### --- 具体操作函数 --- ###
 do_start_fw() {
 	[ -z "$redir_mod_bf" ] && redir_mod_bf='Redir模式'
@@ -96,16 +135,41 @@ do_restart() {
     "$CRASHDIR"/start.sh restart
     echo "ShellCrash 服务已重启！" > "$LOGFILE"
 }
-do_refresh() {
-    "$CRASHDIR"/start.sh hotupdate
-	echo "ShellCrash 已完成热更新订阅！" > "$LOGFILE"
-}
 do_set_sub() {
     #echo "$1" "$2" >> "$CRASHDIR"/configs/providers.cfg
     echo "错误，还未完成的功能！" > "$LOGFILE"
 
 }
-
+transport(){
+	case "$CALLBACK" in
+		"ts_get_log")
+			upload_file '/tmp/ShellCrash/ShellCrash.log'
+			sleep 3
+			send_menu 
+		;;
+		"ts_get_bak")
+			now=$(date +%Y%m%d_%H%M%S)
+			FILE="$CRASHDIR"/configs_"$now".tar.gz
+			tar -zcf "$FILE" "$CRASHDIR"/configs/
+			upload_file "$FILE"
+			rm -rf "$FILE"
+			sleep 3
+			send_menu 
+		;;
+		"ts_get_ccf")
+			upload_file "$CRASHDIR/$ccdir/$core_config"
+			sleep 3
+			send_menu 
+		;;
+		ts_up_core)
+			send_msg  "请发送需要上传的文件："
+		;;
+	esac
+}
+download_file(){
+	FILE_PATH=$(web_json_get "$API/getFile?file_id=$FILE_ID" | grep -o '"file_path":"[^"]*"' | sed 's/.*:"//;s/"$//')
+	echo $FILE_PATH
+}
 ### --- 轮询主进程 --- ###
 polling(){
 	while true; do
@@ -118,8 +182,10 @@ polling(){
 		
 		### --- 处理按钮事件 --- ###
 		CALLBACK=$(echo "$UPDATES" | grep -o '"data":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//')
-
-		case "$CALLBACK" in
+		FILE_ID=$(echo "$UPDATES" | sed 's/"callback_query".*//g' | grep -o '"file_id":"[^"]*"' | head -n1 | sed 's/.*:"//;s/"$//')
+		
+		[ -n "$FILE_ID" ] && download_file
+		[ -n "$CALLBACK" ] && case "$CALLBACK" in
 			"start_redir")
 				if [ "$redir_mod" = '纯净模式' ];then
 					do_start_fw
@@ -129,7 +195,7 @@ polling(){
 				fi
 				send_menu 
 				continue
-				;;
+			;;
 			"stop_redir")
 				if [ "$redir_mod" != '纯净模式' ];then
 					do_stop_fw
@@ -139,25 +205,33 @@ polling(){
 				fi
 				send_menu 
 				continue
-				;;
+			;;
 			"restart")
 				do_restart
 				send_msg  "🔄 服务已重启"
 				sleep 10
 				send_menu 
 				continue
-				;;
-			"refresh")
-				do_refresh
-				send_msg  "🌀 刷新完成：\n$(cat "$LOGFILE")"
+			;;
+			"readlog")
+				send_msg  "📄 日志内容如下(已过滤任务日志)：\n\`\`\`$(grep -v '任务' /tmp/ShellCrash/ShellCrash.log |tail -n 20)\`\`\`"
+				sleep 3
 				send_menu 
 				continue
-				;;
+			;;
+			"transport")
+				send_transport_menu
+				continue
+			;;
 			"set_sub")
 				echo "await_sub" > "$STATE_FILE"
 				send_msg  "✏ 请输入新的订阅链接："
 				continue
-				;;
+			;;
+			ts_*)
+				transport
+				continue
+			;;
 		esac
 
 
diff --git a/scripts/menus/running_status.sh b/scripts/menus/running_status.sh
new file mode 100644
index 00000000..38419d2c
--- /dev/null
+++ b/scripts/menus/running_status.sh
@@ -0,0 +1,13 @@
+
+running_status(){
+	VmRSS=$(cat /proc/$PID/status | grep -w VmRSS | awk 'unit="MB" {printf "%.2f %s\n", $2/1000, unit}')
+	#获取运行时长
+	touch "$TMPDIR"/crash_start_time #用于延迟启动的校验
+	start_time=$(cat "$TMPDIR"/crash_start_time)
+	if [ -n "$start_time" ]; then
+		time=$(($(date +%s) - start_time))
+		day=$((time / 86400))
+		[ "$day" = "0" ] && day='' || day="$day天"
+		time=$(date -u -d @${time} +%H小时%M分%S秒)
+	fi
+}
diff --git a/scripts/start.sh b/scripts/start.sh
index 525e9113..3e35f3ec 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -16,13 +16,13 @@ CRASHDIR=$(
 . "$CRASHDIR"/libs/web_save.sh
 #特殊脚本
 bfstart(){
-	. "$CRASHDIR"/starts/bfstart.sh
+	"$CRASHDIR"/starts/bfstart.sh
 }
 afstart(){
-	. "$CRASHDIR"/starts/afstart.sh
+	"$CRASHDIR"/starts/afstart.sh
 }
 stop_firewall(){
-	. "$CRASHDIR"/starts/fw_stop.sh
+	"$CRASHDIR"/starts/fw_stop.sh
 }
 #保守模式启动
 start_old(){