xm/ShellCrash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

~重写自定义内核下载模块,支持直接从github提取

Browse Source 
~优化本地证书及ssl校验机制
~优化启动逻辑
~优化解压提示
~适配singbox内核rule-set功能,增加cn相关数据库下载逻辑
~singbox内核dns模块重写,mix模式改为使用rule-set分流
~dns模块适配singboxp内核多路并发功能
~增加一键清理数据库文件功能
~修复切换版本时未能同步切换安装源的问题
~修复设备找不到tun模块依然启动相关防火墙规则的bug
~修复启动时自动下载数据库时未能正确记录版本号的bug
This commit is contained in:
juewuy
2024-02-01 23:14:28 +08:00
parent 9d8909ce08
commit 4b98c2a4fd
6 changed files with 525 additions and 354 deletions
Download Patch File Download Diff File Expand all files Collapse all files

372
scripts/getdate.sh
View File

@@ -767,7 +767,7 @@ gettar(){
echo -----------------------------------------------
echo 开始解压文件!
mkdir -p ${CRASHDIR} > /dev/null
tar -zxvf "${TMPDIR}/update.tar.gz" -C ${CRASHDIR}/ 2>/dev/null || tar -zxvf "${TMPDIR}/update.tar.gz" --no-same-owner -C ${CRASHDIR}/
tar -zxf "${TMPDIR}/update.tar.gz" -C ${CRASHDIR}/ 2>/dev/null || tar -zxf "${TMPDIR}/update.tar.gz" --no-same-owner -C ${CRASHDIR}/
if [ $? -ne 0 ];then
echo -e "\033[33m文件解压失败\033[0m"
error_down
@@ -797,7 +797,7 @@ getsh(){
fi
}
getcpucore(){
getcpucore(){ #自动获取内核架构
cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
[ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5"
[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && [ ! -d /jffs ] && cpucore="armv7"
@@ -810,7 +810,7 @@ getcpucore(){
fi
[ -n "$cpucore" ] && setconfig cpucore $cpucore
}
setcpucore(){
setcpucore(){ #手动设置内核架构
cpucore_list="armv5 armv7 arm64 386 amd64 mipsle-softfloat mipsle-hardfloat mips-softfloat"
echo -----------------------------------------------
echo -e "\033[31m仅适合脚本无法正确识别核心或核心无法正常运行时使用\033[0m"
@@ -829,7 +829,7 @@ setcpucore(){
setconfig cpucore $cpucore
fi
}
setcoretype(){
setcoretype(){ #手动指定内核类型
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && core_old=singbox || core_old=clash
echo -e "\033[33m请确认该自定义内核的类型\033[0m"
echo -e " 1 Clash基础内核"
@@ -845,7 +845,7 @@ setcoretype(){
esac
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && core_new=singbox || core_new=clash
}
switch_core(){
switch_core(){ #clash与singbox内核切换
#singbox和clash内核切换时提示是否保留文件
[ "$core_new" != "$core_old" ] && {
echo -e "\033[33m已从$core_old内核切换至$core_new内核\033[0m"
@@ -872,85 +872,178 @@ switch_core(){
fi
setconfig COMMAND "$COMMAND" ${CRASHDIR}/configs/command.env && source ${CRASHDIR}/configs/command.env
}
getcore(){
[ -z "$crashcore" ] && crashcore=clashpre
getcore(){ #下载内核文件
[ -z "$crashcore" ] && crashcore=singbox
[ -z "$cpucore" ] && getcpucore
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && core_new=singbox || core_new=clash
#获取在线内核文件
echo -----------------------------------------------
echo 正在在线获取$crashcore核心文件……
if [ -n "$custcorelink" ];then
${CRASHDIR}/start.sh webget ${TMPDIR}/core.tar.gz "$custcorelink"
zip_type=$(echo $custcorelink | grep -oE 'tar.gz$')
[ -z "$zip_type" ] && zip_type=$(echo $custcorelink | grep -oE 'gz$')
if [ -n "$zip_type" ];then
${CRASHDIR}/start.sh webget ${TMPDIR}/core_new.${zip_type} "$custcorelink"
else
echo -e "\033[31m链接不是以.tar.gz或.gz结尾下载已取消\033[0m"
exit
fi
else
${CRASHDIR}/start.sh get_bin ${TMPDIR}/core.tar.gz bin/${crashcore}/${core_new}-linux-${cpucore}.tar.gz
${CRASHDIR}/start.sh get_bin ${TMPDIR}/core_new.tar.gz bin/${crashcore}/${core_new}-linux-${cpucore}.tar.gz
fi
if [ "$?" = "1" ];then
echo -e "\033[31m核心文件下载失败\033[0m"
rm -rf ${TMPDIR}/core.tar.gz
rm -rf ${TMPDIR}/core_new.tar.gz
[ -z "$custcorelink" ] && error_down
else
[ -n "$(pidof CrashCore)" ] && ${CRASHDIR}/start.sh stop #停止内核服务防止内存不足
[ -f ${TMPDIR}/core.tar.gz ] && {
mkdir -p ${TMPDIR}/core_new
tar -zxvf "${TMPDIR}/core.tar.gz" -C ${TMPDIR}/core_new/ &>/dev/null || tar -zxvf "${TMPDIR}/core.tar.gz" --no-same-owner -C ${TMPDIR}/core_new/
for file in "$(ls -1 ${TMPDIR}/core_new | grep -iE 'CrashCore|sing-box|clash|mihomo|meta')" ;do
mv -f ${TMPDIR}/core_new/$file ${TMPDIR}/CrashCore
[ -f ${TMPDIR}/core_new.tar.gz ] && {
mkdir -p ${TMPDIR}/core_tmp
tar -zxf "${TMPDIR}/core_new.tar.gz" -C ${TMPDIR}/core_tmp/ &>/dev/null || tar -zxf "${TMPDIR}/core_new.tar.gz" --no-same-owner -C ${TMPDIR}/core_tmp/
for file in "$(find ${TMPDIR}/core_tmp -type f -size +4096)" ;do
mv -f $file ${TMPDIR}/core_new
done
rm -rf ${TMPDIR}/core_new
rm -rf ${TMPDIR}/core_tmp
}
chmod +x ${TMPDIR}/CrashCore
[ -f ${TMPDIR}/core_new.gz ] && gunzip ${TMPDIR}/core_new.gz && rm -rf ${TMPDIR}/core_new.gz
chmod +x ${TMPDIR}/core_new
[ "$crashcore" = unknow ] && setcoretype
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ];then
core_v=$(${TMPDIR}/CrashCore version 2>/dev/null | grep version | awk '{print $3}')
core_v=$(${TMPDIR}/core_new version 2>/dev/null | grep version | awk '{print $3}')
else
core_v=$(${TMPDIR}/CrashCore -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
core_v=$(${TMPDIR}/core_new -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
fi
if [ -z "$core_v" ];then
echo -e "\033[31m核心文件下载成功但校验失败请尝试手动指定CPU版本\033[0m"
rm -rf ${TMPDIR}/CrashCore
rm -rf ${TMPDIR}/core.tar.gz
rm -rf ${TMPDIR}/core_new
rm -rf ${TMPDIR}/core_new.tar.gz
setcpucore
else
echo -e "\033[32m$crashcore核心下载成功\033[0m"
mv -f ${TMPDIR}/core.tar.gz ${BINDIR}/core.tar.gz 2>/dev/null
sleep 1
mv -f ${TMPDIR}/core_new ${TMPDIR}/CrashCore
if [ -f ${TMPDIR}/core_new.tar.gz ];then
mv -f ${TMPDIR}/core_new.tar.gz ${BINDIR}/CrashCore.tar.gz
else
tar -zcf ${BINDIR}/CrashCore.tar.gz -C ${TMPDIR} CrashCore
fi
setconfig crashcore $crashcore
setconfig core_v $core_v
setconfig custcorelink $custcorelink
switch_core
fi
fi
}
setcustcore(){
setcustcore(){ #自定义内核
checkcustcore(){
[ "$api_tag" = "latest" ] && api_url=latest || api_url="tags/$api_tag"
#通过githubapi获取内核信息
echo -e "\033[32m正在获取内核文件链接\033[0m"
${CRASHDIR}/start.sh webget ${TMPDIR}/github_api https://api.github.com/repos/${project}/releases/${api_url}
release_tag=$(cat ${TMPDIR}/github_api | grep '"tag_name":' | awk -F '"' '{print $4}')
release_date=$(cat ${TMPDIR}/github_api | grep '"published_at":' | awk -F '"' '{print $4}')
cat ${TMPDIR}/github_api | grep "browser_download_url" | grep -oE "https://github.com/${project}/releases/download.*linux.*${cpucore}.*\.gz\"$" | sed 's/"//' > ${TMPDIR}/core.list
rm -rf ${TMPDIR}/github_api
#
if [ -f ${TMPDIR}/core.list ];then
echo -----------------------------------------------
echo -e "内核版本:\033[36m$release_tag\033[0m"
echo -e "发布时间:\033[32m$release_date\033[0m"
echo -----------------------------------------------
echo -e "\033[33m请确认内核信息并选择\033[0m"
cat ${TMPDIR}/core.list | grep -oE "$release_tag.*" | sed 's|.*/||' | awk '{print " "NR" "$1}'
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0)
setcustcore
;;
[1-99])
if [ "$num" -le "$(wc -l < ${TMPDIR}/core.list)" ];then
custcorelink=$(sed -n "$num"p ${TMPDIR}/core.list)
getcore
else
errornum
fi
;;
*)
errornum
;;
esac
else
echo -e "\033[31m查找失败请尽量在服务启动后再使用本功能\033[0m"
sleep 1
fi
rm -rf ${TMPDIR}/core.list
}
[ -z "$cpucore" ] && getcpucore
echo -----------------------------------------------
echo -e "\033[36m此处内核通常源自互联网采集此处致谢各位开发者\033[0m"
echo -e "\033[33m自定义内核未经过完整适配使用出现问题请自行解决\033[0m"
echo -e "\033[31m自定义内核已适配定时任务但不支持小闪存模式\033[0m"
echo -e "\033[32m如遇到网络错误请先启动ShellCrash服务\033[0m"
[ -n "$custcore" ] && {
echo -----------------------------------------------
echo -e "当前内核为:\033[36m$custcore\033[0m"
}
echo -----------------------------------------------
echo -e "\033[33m请选择需要使用的核心\033[0m"
echo -e "1 \033[32m Premium-2023.08.17内核(已停止维护) \033[0m"
echo -e "2 \033[32m 最新Meta.Alpha内核(每日更新) \033[0m"
echo -e "3 \033[32m singbox-1.7.8内核(不支持rule-set,部分旧设备可用) \033[0m"
#echo -e "4 \033[32m singbox_PuerNya内核(支持SSR、providers、rule-set) \033[0m"
echo -e "9 \033[33m 自定义内核链接 \033[0m"
echo -e "1 \033[36mMetaCubeX/mihomo\033[32m@release\033[0m版本内核"
echo -e "2 \033[36mMetaCubeX/mihomo\033[32m@alpha\033[0m版本内核"
echo -e "3 \033[36myaling888/clash\033[32m@release\033[0m版本内核"
echo -e "4 \033[36mSagerNet/sing-box\033[32m@release\033[0m版本内核"
echo -e "5 \033[36mPuerNya/sing-box\033[0m内核(with_gvisor,with_wireguard)"
echo -e "6 \033[36mSagerNet/sing-box\033[32m@1.7.8\033[0m版本内核(不支持rule-set)"
echo -e "7 Premium-2023.08.17内核(已停止维护)"
echo -e "a \033[33m自定义内核链接 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
1)
crashcore=clashpre
custcorelink=https://github.com/juewuy/ShellCrash/releases/download/clash.premium.latest/clash-linux-${cpucore}.tar.gz
getcore
project=MetaCubeX/mihomo
api_tag=latest
crashcore=meta
checkcustcore
;;
2)
project=MetaCubeX/mihomo
api_tag=Prerelease-Alpha
crashcore=meta
custcorelink=https://github.com/juewuy/ShellCrash/releases/download/clash.meta.alpha/clash-linux-${cpucore}.tar.gz
getcore
checkcustcore
;;
3)
crashcore=singbox
custcorelink=https://github.com/juewuy/ShellCrash/releases/download/singbox_core/singbox-linux-${cpucore}.tar.gz
getcore
project=yaling888/clash
api_tag=latest
crashcore=clashpre
checkcustcore
;;
4)
crashcore=singboxp
custcorelink=https://github.com/juewuy/ShellCrash/releases/download/singbox_core_PuerNya/singbox-linux-${cpucore}.tar.gz
getcore
project=SagerNet/sing-box
api_tag=latest
crashcore=singbox
checkcustcore
;;
9)
read -p "请输入自定义内核的链接地址(必须是二进制文件) > " link
5)
project=juewuy/ShellCrash
api_tag=singbox_core_PuerNya
crashcore=singboxp
checkcustcore
;;
6)
project=SagerNet/sing-box
api_tag=v1.7.8
crashcore=singbox
checkcustcore
;;
7)
project=juewuy/ShellCrash
api_tag=clash.premium.latest
crashcore=clashpre
checkcustcore
;;
a)
read -p "请输入自定义内核的链接地址(必须是以.tar.gz或.gz结尾的压缩文件) > " link
[ -n "$link" ] && custcorelink="$link"
crashcore=unknow
getcore
@@ -960,11 +1053,12 @@ setcustcore(){
;;
esac
}
setcore(){
setcore(){ #内核选择菜单
#获取核心及版本信息
[ -z "$crashcore" ] && crashcore="unknow"
[ ! -f ${CRASHDIR}/core.tar.gz ] && crashcore="未安装核心"
[ ! -f ${CRASHDIR}/CrashCore.tar.gz ] && crashcore="未安装核心"
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && core_old=singbox || core_old=clash
[ -n "$custcorelink" ] && custcore="$(echo $custcorelink | sed 's#.*github.com##; s#/releases/download/#@#; s#-linux.*$##')"
###
echo -----------------------------------------------
[ -z "$cpucore" ] && getcpucore
@@ -976,21 +1070,18 @@ setcore(){
echo -e "1 \033[43;30m Clash \033[0m \033[32m占用低\033[0m"
echo -e " (开源基础内核) \033[33m不支持Tun、Rule-set等\033[0m"
echo -e " 说明文档: \033[36;4mhttps://lancellc.gitbook.io\033[0m"
echo
echo -e "2 \033[43;30m SingBox \033[0m \033[32m支持全面占用低\033[0m"
echo -e " (sing-box主干) \033[33m不支持providers\033[0m"
echo -e " 说明文档: \033[36;4mhttps://sing-box.sagernet.org\033[0m"
echo
echo -e "3 \033[43;30m Mihomo \033[0m \033[32m多功能支持全面\033[0m"
echo -e " (Meta/Mihomo) \033[33m内存占用较高\033[0m"
echo -e " 说明文档: \033[36;4mhttps://wiki.metacubex.one\033[0m"
echo
echo -e "4 \033[43;30m SingBoxP \033[0m \033[32m支持ssr、providers、dns并发……\033[0m"
echo -e " (sing-box分支) \033[33mPuerNya分支版本\033[0m"
echo -e " 说明文档: \033[36;4mhttps://sing-box.sagernet.org\033[0m"
echo
echo -e "5 \033[32m自定义内核\033[0m \033[33m仅限专业用户使用\033[0m"
echo
echo -----------------------------------------------
echo -e "5 \033[36m自定义内核\033[0m $custcore"
echo -----------------------------------------------
echo "9 手动指定处理器架构"
echo -----------------------------------------------
echo 0 返回上级菜单
@@ -1017,19 +1108,11 @@ setcore(){
getcore
;;
5)
echo -----------------------------------------------
echo -e "\033[36m自定义内核均未经过适配可能存在部分功能不兼容的问题\033[0m"
echo -e "\033[36m如你不熟悉相关内核的运行机制请使用脚本已经适配过的内核\033[0m"
echo -e "\033[36m自定义内核不兼容小闪存模式且下载可能依赖服务\033[0m"
echo -e "\033[33m继续后如出现任何问题请务必自行解决一切提问恕不受理\033[0m"
echo -----------------------------------------------
sleep 1
read -p "我确认遇到问题可以自行解决[1/0] > " res
[ "$res" = '1' ] && setcustcore
setcustcore
setcore
;;
9)
setcpucore
setcore
;;
*)
errornum
@@ -1037,7 +1120,7 @@ setcore(){
esac
}
getgeo(){
getgeo(){ #下载Geo文件
#生成链接
echo -----------------------------------------------
echo 正在从服务器获取数据库文件…………
@@ -1060,10 +1143,10 @@ getgeo(){
fi
sleep 1
}
setcustgeo(){
setcustgeo(){ #下载自定义数据库文件
getcustgeo(){
echo -----------------------------------------------
echo 正在从服务器获取数据库文件…………
echo 正在获取数据库文件…………
${CRASHDIR}/start.sh webget ${TMPDIR}/$geoname $custgeolink
if [ "$?" = "1" ];then
echo -----------------------------------------------
@@ -1114,14 +1197,15 @@ setcustgeo(){
;;
esac
else
echo -e "\033[31m查找失败检查网络连接\033[0m"
echo -e "\033[31m查找失败尽量在服务启动后再使用本功能\033[0m"
sleep 1
fi
}
rm -rf ${TMPDIR}/geo.list
echo -----------------------------------------------
echo -e "\033[36m此处数据库均源自互联网采集此处致谢各位者!\033[0m"
echo -e "\033[36m此处数据库均源自互联网采集此处致谢各位开发者!\033[0m"
echo -e "\033[32m请点击或复制链接前往项目页面查看具体说明\033[0m"
echo -e "\033[31m自定义数据库不支持定时任务及小闪存模式\033[0m"
echo -e "\033[33m如遇到网络错误请先启动ShellCrash服务\033[0m"
echo -e "\033[0m请选择需要更新的数据库项目来源\033[0m"
echo -----------------------------------------------
@@ -1178,7 +1262,7 @@ setcustgeo(){
;;
esac
}
setgeo(){
setgeo(){ #数据库选择菜单
source $CFG_PATH > /dev/null
[ -n "$cn_mini.mmdb_v" ] && geo_type_des=精简版 || geo_type_des=全球版
echo -----------------------------------------------
@@ -1187,15 +1271,24 @@ setgeo(){
echo -e "\033[36mClash内核和SingBox内核的数据库文件不通用\033[0m"
echo -e "在线数据库最新版本:\033[32m$GeoIP_v\033[0m"
echo -----------------------------------------------
echo -e " 1 CN-IP绕过文件(约0.1mb) \033[33m$china_ip_list_v\033[0m"
echo -e " 2 CN-IPV6绕过文件(约30kb) \033[33m$china_ipv6_list_v\033[0m"
echo -e " 3 Clash全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m"
echo -e " 4 Clash精简版GeoIP_cn数据库(约0.1mb) \033[33m$cn_mini_v\033[0m"
echo -e " 5 Meta完整版GeoSite数据库(约5mb) \033[33m$geosite_v\033[0m"
echo -e " 6 SingBox精简版GeoIP_cn数据库(约0.3mb) \033[33m$geoip_cn_v\033[0m"
echo -e " 7 SingBox精简版GeoSite数据库(约0.8mb) \033[33m$geosite_cn_v\033[0m"
[ "$cn_ip_route" = "已开启" ] && {
echo -e " 1 CN-IP绕过文件(约0.1mb) \033[33m$china_ip_list_v\033[0m"
echo -e " 2 CN-IPV6绕过文件(约30kb) \033[33m$china_ipv6_list_v\033[0m"
}
[ -z "$(echo "$crashcore" | grep sing)" ] && {
echo -e " 3 Clash全球版GeoIP数据库(约6mb) \033[33m$Country_v\033[0m"
echo -e " 4 Clash精简版GeoIP_cn数据库(约0.1mb) \033[33m$cn_mini_v\033[0m"
echo -e " 5 Meta完整版GeoSite数据库(约5mb) \033[33m$geosite_v\033[0m"
}
[ -n "$(echo "$crashcore" | grep sing)" ] && {
echo -e " 6 SingBox精简版GeoIP_cn数据库(约0.3mb) \033[33m$geoip_cn_v\033[0m"
echo -e " 7 SingBox精简版GeoSite数据库(约0.8mb) \033[33m$geosite_cn_v\033[0m"
echo -e " 8 Rule_Set_geoip_cn数据库(约0.1mb) \033[33m$srs_geoip_cn_v\033[0m"
echo -e " 9 Rule_Set_geosite_cn数据库(约0.1mb) \033[33m$srs_geosite_cn_v\033[0m"
}
echo -----------------------------------------------
echo -e " 9 \033[32m自定义数据库\033[0m \033[33m仅限专业用户使用\033[0m"
echo -e " a \033[32m自定义数据库文件\033[0m"
echo -e " b \033[31m清理数据库文件\033[0m"
echo " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
@@ -1203,97 +1296,78 @@ setgeo(){
0)
;;
1)
if [ "$cn_ip_route" = "已开启" ]; then
geotype=china_ip_list.txt
geoname=cn_ip.txt
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m未开启绕过内核功能无需更新CN-IP文件\033[0m"
sleep 1
fi
geotype=china_ip_list.txt
geoname=cn_ip.txt
getgeo
setgeo
;;
2)
if [ "$cn_ipv6_route" = "已开启" -a "$ipv6_redir" = "已开启" ]; then
geotype=china_ipv6_list.txt
geoname=cn_ipv6.txt
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m未开启ipv6下CN绕过功能无需更新CN-IPV6文件\033[0m"
sleep 1
fi
geotype=china_ipv6_list.txt
geoname=cn_ipv6.txt
getgeo
setgeo
;;
3)
if [ "$crashcore" != "singbox" ]; then
geotype=Country.mmdb
geoname=Country.mmdb
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用clash内核无需使用此数据库\033[0m"
sleep 1
fi
geotype=Country.mmdb
geoname=Country.mmdb
getgeo
setgeo
;;
4)
if [ "$crashcore" != "singbox" ]; then
geotype=cn_mini.mmdb
geoname=Country.mmdb
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用clash内核无需使用此数据库\033[0m"
sleep 1
fi
geotype=cn_mini.mmdb
geoname=Country.mmdb
getgeo
setgeo
;;
5)
if [ "$crashcore" = "meta" ]; then
geotype=geosite.dat
geoname=GeoSite.dat
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用meta内核无需使用此数据库\033[0m"
sleep 1
fi
geotype=geosite.dat
geoname=GeoSite.dat
getgeo
setgeo
;;
6)
if [ "$crashcore" = "singbox" ]; then
geotype=geoip_cn.db
geoname=geoip.db
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用singbox内核无需使用此数据库\033[0m"
sleep 1
fi
geotype=geoip_cn.db
geoname=geoip.db
getgeo
setgeo
;;
7)
if [ "$crashcore" = "singbox" ]; then
geotype=geosite_cn.db
geoname=geosite.db
getgeo
else
echo -----------------------------------------------
echo -e "\033[31m当前未使用singbox内核无需使用此数据库\033[0m"
sleep 1
fi
geotype=geosite_cn.db
geoname=geosite.db
getgeo
setgeo
;;
8)
geotype=srs_geoip_cn.srs
geoname=geoip-cn.srs
getgeo
setgeo
;;
9)
geotype=srs_geosite_cn.srs
geoname=geosite-cn.srs
getgeo
setgeo
;;
a)
setcustgeo
setgeo
;;
b)
echo -----------------------------------------------
echo -e "\033[36m自定义数据库需要调用第三方地址请尽量在服务启动后更新\033[0m"
echo -e "\033[36m自定义数据库不兼容小闪存模式,也不支持自动更新!\033[0m"
echo -e "\033[33m继续后如出现任何问题请务必自行解决一切提问恕不受理\033[0m"
echo -e "\033[33m这将清理$CRASHDIR目录下所有数据库文件\033[0m"
echo -e "\033[36m清理后启动服务即可自动下载所需文件~\033[0m"
echo -----------------------------------------------
read -p "确认遇到问题可以自行解决[1/0] > " res
[ "$res" = '1' ] && setcustgeo
read -p "确认清理?[1/0] > " res
[ "$res" = '1' ] && {
for file in cn_ip.txt cn_ipv6.txt Country.mmdb GeoSite.dat geoip.db geosite.db ;do
rm -rf $CRASHDIR/$file
done
rm -rf $CRASHDIR/*.srs
echo -e "\033[33m所以数据库文件均已清理\033[0m"
sleep 1
}
setgeo
;;
*)
errornum
@@ -1315,9 +1389,9 @@ getdb(){
else
echo -e "\033[33m下载成功正在解压文件\033[0m"
mkdir -p $dbdir > /dev/null
tar -zxvf "${TMPDIR}/clashdb.tar.gz" -C $dbdir > /dev/null
tar -zxf "${TMPDIR}/clashdb.tar.gz" -C $dbdir > /dev/null
if [ $? -ne 0 ];then
tar -zxvf "${TMPDIR}/clashdb.tar.gz" --no-same-permissions -C $dbdir > /dev/null
tar -zxf "${TMPDIR}/clashdb.tar.gz" --no-same-permissions -C $dbdir > /dev/null
[ $? -ne 0 ] && echo "文件解压失败!" && rm -rf ${TMPDIR}/clashfm.tar.gz && exit 1
fi
#修改默认host和端口
@@ -1500,7 +1574,7 @@ setserver(){
setconfig url_id $url_id
setconfig release_type $release_type
echo -----------------------------------------------
echo -e "\033[32m源地址更新成功!\033[0m"
echo -e "\033[32m源地址切换成功!\033[0m"
}
echo -----------------------------------------------
echo -e "\033[30;47m切换ShellCrash版本及更新源地址\033[0m"
@@ -1540,11 +1614,13 @@ setserver(){
a)
release_type=stable
[ -z "$url_id" ] && url_id=101
saveserver
setserver
;;
b)
release_type=master
[ -z "$url_id" ] && url_id=101
saveserver
setserver
;;
c)
@@ -1556,6 +1632,7 @@ setserver(){
if [ "$res" = 1 ];then
release_type=dev
[ -z "$url_id" ] && url_id=101
saveserver
fi
setserver
;;
@@ -1791,7 +1868,9 @@ userguide(){
}
fi
#检测及下载根证书
if [ -d /etc/ssl/certs -a ! -f '/etc/ssl/certs/ca-certificates.crt' ];then
openssldir=$(openssl version -a 2>&1 | grep OPENSSLDIR | awk -F "\"" '{print $2}')
[ -z "$openssldir" ] && openssldir=/etc/ssl
if [ -d $openssldir/certs -a ! -f $openssldir/certs/ca-certificates.crt ];then
echo -----------------------------------------------
echo -e "\033[33m当前设备未找到根证书文件\033[0m"
echo -----------------------------------------------
@@ -1799,8 +1878,7 @@ userguide(){
[ "$res" = 1 ] && checkupdate && getcrt
fi
#设置加密DNS
${CRASHDIR}/start.sh webget /dev/null https://baidu.com echooff rediron
if [ "$?" = "0" ];then
if [ -s $openssldir/certs/ca-certificates.crt ];then
dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query'
setconfig dns_nameserver \'"$dns_nameserver"\'

2
scripts/init.sh
View File

@@ -277,7 +277,7 @@ done
#内核改名
mv -f ${CRASHDIR}/clash ${CRASHDIR}/CrashCore 2>/dev/null
#内核压缩
[ -f ${CRASHDIR}/CrashCore ] && tar -zcvf ${CRASHDIR}/core.tar.gz -C ${CRASHDIR} CrashCore
[ -f ${CRASHDIR}/CrashCore ] && tar -zcf ${CRASHDIR}/CrashCore.tar.gz -C ${CRASHDIR} CrashCore
for file in dropbear_rsa_host_key authorized_keys tun.ko ShellDDNS.sh;do
mv -f ${CRASHDIR}/$file ${CRASHDIR}/tools/$file 2>/dev/null
done

38
scripts/menu.sh
View File

@@ -114,7 +114,7 @@ ckstatus(){
if [ -n "$core_v" ];then
source ${CRASHDIR}/getdate.sh && setcoretype && \
mv -f $file ${TMPDIR}/CrashCore && \
tar -zcvf ${BINDIR}/core.tar.gz -C ${TMPDIR} CrashCore && \
tar -zcf ${BINDIR}/CrashCore.tar.gz -C ${TMPDIR} CrashCore && \
echo -e "\033[32m内核加载完成\033[0m " && \
setconfig crashcore $crashcore && \
setconfig core_v $core_v && \
@@ -175,16 +175,18 @@ start_core(){
echo -----------------------------------------------
if [ -s $core_config -o -n "$Url" -o -n "$Https" ];then
${CRASHDIR}/start.sh start
sleep 2
if [ -n "$(pidof CrashCore)" ];then
startover
else
${COMMAND} &>${TMPDIR}/core_test.log &
sleep 2 ; kill $! &>/dev/null
${CRASHDIR}/start.sh start_error
${CRASHDIR}/start.sh stop
exit 1
fi
#设置循环检测以判定服务启动是否成功
i=1
while [ -z "$test" -a "$i" -lt 10 ];do
sleep 1
if curl --version > /dev/null 2>&1;then
test=$(curl -s http://127.0.0.1:${db_port}/configs | grep -o port)
else
test=$(wget -q -O - http://127.0.0.1:${db_port}/configs | grep -o port)
fi
i=$((i+1))
done
[ -n "$test" ] && startover
else
echo -e "\033[31m没有找到${crashcore}配置文件,请先导入配置文件!\033[0m"
source ${CRASHDIR}/getdate.sh && set_core_config
@@ -566,14 +568,16 @@ setdns(){ #DNS设置
elif [ "$num" = 4 ]; then
echo -----------------------------------------------
if openssl version >/dev/null 2>&1;then
openssldir=$(openssl version -a 2>&1 | grep OPENSSLDIR | awk -F "\"" '{print $2}')
[ -z "$openssldir" ] && openssldir=/etc/ssl
if [ -s "$openssldir/certs/ca-certificates.crt" ];then
dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
dns_fallback='tls://1.0.0.1:853, tls://8.8.4.4:853, https://doh.opendns.com/dns-query'
setconfig dns_nameserver \'"$dns_nameserver"\'
setconfig dns_fallback \'"$dns_fallback"\'
echo -e "\033[32m已设置加密DNS如出现DNS解析问题请尝试重置DNS配置\033[0m"
else
echo -e "\033[31m当前设备未安装OpenSSL无法启用加密DNSLinux系统请自行搜索安装方式\033[0m"
echo -e "\033[31m找不到根证书文件无法启用加密DNSLinux系统请自行搜索安装OpenSSL的方式!\033[0m"
fi
sleep 2
setdns
@@ -1209,7 +1213,7 @@ normal_set(){ #基础设置
echo -e " 2 redir_host模式\033[32m兼容性更好\033[0m"
echo -e " 需搭配加密DNS使用"
echo -e " 3 mix混合模式 \033[32m内部realip外部fakeip\033[0m"
echo -e " 限singbox内核+geosite.db!"
echo -e " 限singbox1.8.0+内核!"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
@@ -1228,13 +1232,13 @@ normal_set(){ #基础设置
echo -----------------------------------------------
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
elif [ "$num" = 3 ]; then
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ];then
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ] && [ "$core_v" != '1.7.8' ];then
dns_mod=mix
setconfig dns_mod $dns_mod
echo -----------------------------------------------
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m仅限singbox内核使用\033[0m"
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
else
@@ -1469,7 +1473,7 @@ advanced_set(){ #进阶设置
if [ "$crashcore" = "clash" ];then
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/core.tar.gz
rm -rf ${CRASHDIR}/CrashCore.tar.gz
crashcore=meta
setconfig crashcore $crashcore
echo "已将ShellCrash内核切换为Meta内核域名嗅探依赖Meta或者高版本clashpre内核"

6
scripts/shellcrash.procd
View File

@@ -11,10 +11,10 @@ CRASHDIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}')
source ${CRASHDIR}/configs/command.env #加载启动命令和启动目录
start_service() {
#检测必须文件
$CRASHDIR/start.sh bfstart
#本机代理用户
[ -n "$(grep -E 'local_type.*增强模式' ${CRASHDIR}/configs/ShellCrash.cfg)" ] && USER=shellcrash || USER=root
#检测必须文件
$CRASHDIR/start.sh bfstart
if [ "$?" = "0" ];then
#使用procd创建clash后台进程
procd_open_instance
@@ -25,7 +25,7 @@ start_service() {
procd_set_param stdout 0
procd_close_instance
#启动结束执行
$CRASHDIR/start.sh afstart
$CRASHDIR/start.sh afstart &
fi
}
stop_service(){

414
scripts/start.sh
View File

@@ -560,14 +560,36 @@ EOF
}
fi
#生成dns.json
[ -z "$dns_nameserver" ] && dns_nameserver='223.5.5.5' || dns_nameserver=$(echo $dns_nameserver | awk -F ',' '{print $1}')
[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1' || dns_fallback=$(echo $dns_fallback | awk -F ',' '{print $1}')
[ -z "$dns_nameserver" ] && dns_nameserver='223.5.5.5'
[ -z "$dns_fallback" ] && dns_proxy='1.0.0.1'
if [ "crashcore" = singboxp ];then
dns_direct=[\"$(echo $dns_nameserver | sed 's/, /", "/g')\"]
dns_proxy=[\"$(echo $dns_fallback | sed 's/, /", "/g')\"]
else
dns_direct=\"$(echo $dns_nameserver | awk -F ',' '{print $1}')\"
dns_proxy=\"$(echo $dns_fallback | awk -F ',' '{print $1}')\"
fi
[ "$ipv6_dns" = "已开启" ] && strategy='prefer_ipv4' || strategy='ipv4_only'
[ "$dns_mod" = "redir_host" ] && final_dns=dns_direct
[ "$dns_mod" = "fake-ip" ] && final_dns=dns_fakeip
[ "$dns_mod" = "redir_host" ] && final_dns=dns_direct && global_dns=dns_proxy
[ "$dns_mod" = "fake-ip" ] && final_dns=dns_fakeip && global_dns=dns_fakeip
[ "$dns_mod" = "mix" ] && {
final_dns=dns_direct
mix_dns="{ \"geosite\": [\"geolocation-!cn\"], \"server\": \"dns_fakeip\" },"
final_dns=dns_direct && global_dns=dns_fakeip
mix_dns="{ \"rule_set\": [\"geosite-cn\"], \"invert\": true, \"server\": \"dns_fakeip\" },"
#生成add_rule_set.json
[ -z "$(cat ${CRASHDIR}/jsons/*.json | grep -Ei '\"tag\": \"geosite-cn\"')" ] && cat > ${TMPDIR}/jsons/add_rule_set.json <<EOF
{
"route": {
"rule_set": [
{
"tag": "geosite-cn",
"type": "local",
"format": "binary",
"path": "geosite-cn.sys"
}
]
}
}
EOF
}
cat > ${TMPDIR}/jsons/dns.json <<EOF
{
@@ -575,12 +597,12 @@ EOF
"servers": [
{
"tag": "dns_proxy",
"address": "$dns_fallback",
"address": $dns_proxy,
"strategy": "$strategy",
"address_resolver": "dns_resolver"
}, {
"tag": "dns_direct",
"address": "$dns_nameserver",
"address": $dns_direct,
"strategy": "$strategy",
"address_resolver": "dns_resolver",
"detour": "DIRECT"
@@ -598,7 +620,7 @@ EOF
],
"rules": [
{ "outbound": ["any"], "server": "dns_resolver" },
{ "clash_mode": "Global", "server": "$final_dns" },
{ "clash_mode": "Global", "server": "$global_dns" },
{ "clash_mode": "Direct", "server": "dns_direct" },
$mix_dns
{ "query_type": [ "A", "AAAA" ], "server": "$final_dns" }
@@ -1051,66 +1073,70 @@ start_tun(){ #iptables-tun
sleep 1
i=$((i+1))
done
ip route add default dev utun table 100
ip rule add fwmark $fwmark table 100
#获取局域网host地址
getlanip
iptables -t mangle -N shellcrash
iptables -t mangle -A shellcrash -p udp --dport 53 -j RETURN
for ip in $host_ipv4 $reserve_ipv4;do #跳过目标保留地址及目标本机网段
iptables -t mangle -A shellcrash -d $ip -j RETURN
done
#防止回环
iptables -t mangle -A shellcrash -s 198.18.0.0/16 -j RETURN
#绕过CN_IP
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && \
iptables -t mangle -A shellcrash -m set --match-set cn_ip dst -j RETURN 2>/dev/null
#局域网设备过滤
if [ "$macfilter_type" = "白名单" -a -n "$(cat ${CRASHDIR}/configs/mac)" ];then
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac白名单
iptables -t mangle -A shellcrash -m mac --mac-source $mac -j MARK --set-mark $fwmark
done
if [ -z "$(ip route list |grep utun)" ];then
logger "找不到tun模块放弃启动tun相关防火墙规则" 31
else
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac黑名单
iptables -t mangle -A shellcrash -m mac --mac-source $mac -j RETURN
ip route add default dev utun table 100
ip rule add fwmark $fwmark table 100
#获取局域网host地址
getlanip
iptables -t mangle -N shellcrash
iptables -t mangle -A shellcrash -p udp --dport 53 -j RETURN
for ip in $host_ipv4 $reserve_ipv4;do #跳过目标保留地址及目标本机网段
iptables -t mangle -A shellcrash -d $ip -j RETURN
done
#仅代理本机局域网网段流量
for ip in $host_ipv4;do
iptables -t mangle -A shellcrash -s $ip -j MARK --set-mark $fwmark
done
fi
iptables -t mangle -A PREROUTING -p udp $ports -j shellcrash
[ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j shellcrash
#设置ipv6转发
[ "$ipv6_redir" = "已开启" ] && ip6tables -t nat -L &>/dev/null && [ "$crashcore" != clash ] && {
ip -6 route add default dev utun table 101
ip -6 rule add fwmark $fwmark table 101
ip6tables -t mangle -N shellcrashv6
ip6tables -t mangle -A shellcrashv6 -p udp --dport 53 -j RETURN
for ip in $host_ipv6 $reserve_ipv6;do #跳过目标保留地址及目标本机网段
ip6tables -t mangle -A shellcrashv6 -d $ip -j RETURN
done
#绕过CN_IPV6
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && \
ip6tables -t mangle -A shellcrashv6 -m set --match-set cn_ip6 dst -j RETURN 2>/dev/null
#防止回环
iptables -t mangle -A shellcrash -s 198.18.0.0/16 -j RETURN
#绕过CN_IP
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && \
iptables -t mangle -A shellcrash -m set --match-set cn_ip dst -j RETURN 2>/dev/null
#局域网设备过滤
if [ "$macfilter_type" = "白名单" -a -n "$(cat ${CRASHDIR}/configs/mac)" ];then
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac白名单
ip6tables -t mangle -A shellcrashv6 -m mac --mac-source $mac -j MARK --set-mark $fwmark
iptables -t mangle -A shellcrash -m mac --mac-source $mac -j MARK --set-mark $fwmark
done
else
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac黑名单
ip6tables -t mangle -A shellcrashv6 -m mac --mac-source $mac -j RETURN
iptables -t mangle -A shellcrash -m mac --mac-source $mac -j RETURN
done
#仅代理本机局域网网段流量
for ip in $host_ipv6;do
ip6tables -t mangle -A shellcrashv6 -s $ip -j MARK --set-mark $fwmark
done
fi
ip6tables -t mangle -A PREROUTING -p udp $ports -j shellcrashv6
[ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j shellcrashv6
}
for ip in $host_ipv4;do
iptables -t mangle -A shellcrash -s $ip -j MARK --set-mark $fwmark
done
fi
iptables -t mangle -A PREROUTING -p udp $ports -j shellcrash
[ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j shellcrash
#设置ipv6转发
[ "$ipv6_redir" = "已开启" ] && ip6tables -t nat -L &>/dev/null && [ "$crashcore" != clash ] && {
ip -6 route add default dev utun table 101
ip -6 rule add fwmark $fwmark table 101
ip6tables -t mangle -N shellcrashv6
ip6tables -t mangle -A shellcrashv6 -p udp --dport 53 -j RETURN
for ip in $host_ipv6 $reserve_ipv6;do #跳过目标保留地址及目标本机网段
ip6tables -t mangle -A shellcrashv6 -d $ip -j RETURN
done
#绕过CN_IPV6
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && \
ip6tables -t mangle -A shellcrashv6 -m set --match-set cn_ip6 dst -j RETURN 2>/dev/null
#局域网设备过滤
if [ "$macfilter_type" = "白名单" -a -n "$(cat ${CRASHDIR}/configs/mac)" ];then
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac白名单
ip6tables -t mangle -A shellcrashv6 -m mac --mac-source $mac -j MARK --set-mark $fwmark
done
else
for mac in $(cat ${CRASHDIR}/configs/mac); do #mac黑名单
ip6tables -t mangle -A shellcrashv6 -m mac --mac-source $mac -j RETURN
done
#仅代理本机局域网网段流量
for ip in $host_ipv6;do
ip6tables -t mangle -A shellcrashv6 -s $ip -j MARK --set-mark $fwmark
done
fi
ip6tables -t mangle -A PREROUTING -p udp $ports -j shellcrashv6
[ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j shellcrashv6
}
fi
} &
}
start_nft(){ #nftables-allinone
@@ -1375,7 +1401,7 @@ web_save(){ #最小化保存面板节点选择
}
web_restore(){ #还原面板选择
getconfig
#设置循环检测clash面板端口
#设置循环检测面板端口以判定服务启动是否成功
i=1
while [ -z "$test" -a "$i" -lt 20 ];do
sleep 2
@@ -1386,21 +1412,23 @@ web_restore(){ #还原面板选择
fi
i=$((i+1))
done
#发送节点选择数据
[ -s ${CRASHDIR}/configs/web_save ] && {
num=$(cat ${CRASHDIR}/configs/web_save | wc -l)
i=1
while [ "$i" -le "$num" ];do
group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' ${CRASHDIR}/configs/web_save | sed 's/ /%20/g')
now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' ${CRASHDIR}/configs/web_save)
put_save http://127.0.0.1:${db_port}/proxies/${group_name} "{\"name\":\"${now_name}\"}"
i=$((i+1))
done
}
#还原面板设置
[ "$crashcore" != singbox ] && [ -s ${CRASHDIR}/configs/web_configs ] && {
sleep 5
put_save http://127.0.0.1:${db_port}/configs "$(cat ${CRASHDIR}/configs/web_configs)" PATCH
[ -n "$test" ] && {
#发送节点选择数据
[ -s ${CRASHDIR}/configs/web_save ] && {
num=$(cat ${CRASHDIR}/configs/web_save | wc -l)
i=1
while [ "$i" -le "$num" ];do
group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' ${CRASHDIR}/configs/web_save | sed 's/ /%20/g')
now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' ${CRASHDIR}/configs/web_save)
put_save http://127.0.0.1:${db_port}/proxies/${group_name} "{\"name\":\"${now_name}\"}"
i=$((i+1))
done
}
#还原面板设置
[ "$crashcore" != singbox ] && [ -s ${CRASHDIR}/configs/web_configs ] && {
sleep 5
put_save http://127.0.0.1:${db_port}/configs "$(cat ${CRASHDIR}/configs/web_configs)" PATCH
}
}
}
makehtml(){ #生成面板跳转文件
@@ -1454,22 +1482,22 @@ EOF
core_check(){
#检查及下载内核文件
if [ ! -f ${TMPDIR}/CrashCore ];then
if [ -f ${CRASHDIR}/CrashCore ];then
ln -sf ${CRASHDIR}/CrashCore ${TMPDIR}/CrashCore
elif [ -f ${CRASHDIR}/core.tar.gz ];then
tar -zxvf "${CRASHDIR}/core.tar.gz" -C ${TMPDIR}/ &>/dev/null || tar -zxvf "${CRASHDIR}/core.tar.gz" --no-same-owner -C ${TMPDIR}/
if [ -f ${BINDIR}/CrashCore ];then
ln -sf ${BINDIR}/CrashCore ${TMPDIR}/CrashCore
elif [ -f ${BINDIR}/CrashCore.tar.gz ];then
tar -zxvf "${BINDIR}/CrashCore.tar.gz" -C ${TMPDIR}/ &>/dev/null || tar -zxvf "${BINDIR}/CrashCore.tar.gz" --no-same-owner -C ${TMPDIR}/
else
logger "未找到【$crashcore】核心,正在下载!" 33
[ -z "$cpucore" ] && source ${CRASHDIR}/getdate.sh && getcpucore
[ -z "$cpucore" ] && logger 找不到设备的CPU信息请手动指定处理器架构类型 31 && exit 1
get_bin ${TMPDIR}/core.tar.gz "bin/$crashcore/${target}-linux-${cpucore}.tar.gz"
get_bin ${TMPDIR}/CrashCore.tar.gz "bin/$crashcore/${target}-linux-${cpucore}.tar.gz"
#校验内核
mkdir -p ${TMPDIR}/core_new
tar -zxvf "${TMPDIR}/core.tar.gz" -C ${TMPDIR}/core_new/ &>/dev/null || tar -zxvf "${TMPDIR}/core.tar.gz" --no-same-owner -C ${TMPDIR}/core_new/
for file in "$(ls -1 ${TMPDIR}/core_new | grep -iE 'CrashCore|sing-box|clash|mihomo|meta')" ;do
mv -f ${TMPDIR}/core_new/$file ${TMPDIR}/CrashCore
mkdir -p ${TMPDIR}/core_tmp
tar -zxvf "${TMPDIR}/CrashCore.tar.gz" -C ${TMPDIR}/core_tmp/ &>/dev/null || tar -zxvf "${TMPDIR}/CrashCore.tar.gz" --no-same-owner -C ${TMPDIR}/core_tmp/
for file in "$(find ${TMPDIR}/core_tmp -type f -size +4096)" ;do
mv -f $file ${TMPDIR}/core_new
done
rm -rf ${TMPDIR}/core_new
rm -rf ${TMPDIR}/core_tmp
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ];then
core_v=$(${TMPDIR}/CrashCore version 2>/dev/null | grep version | awk '{print $3}')
COMMAND='"$TMPDIR/CrashCore run -D $BINDIR -C $TMPDIR/jsons"'
@@ -1482,8 +1510,7 @@ core_check(){
logger "核心下载失败,请重新运行或更换安装源!" 31
exit 1
else
mv -f ${TMPDIR}/core.new ${TMPDIR}/CrashCore
mv -f ${TMPDIR}/core.tar.gz ${BINDIR}/core.tar.gz
mv -f ${TMPDIR}/CrashCore.tar.gz ${BINDIR}/CrashCore.tar.gz
setconfig COMMAND "$COMMAND" ${CRASHDIR}/configs/command.env && source ${CRASHDIR}/configs/command.env
setconfig crashcore $crashcore
setconfig core_v $core_v
@@ -1499,8 +1526,8 @@ clash_check(){ #clash启动前检查
echo -----------------------------------------------
logger "检测到vless/hysteria协议将改为使用meta核心启动" 33
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/core.tar.gz
rm -rf ${BINDIR}/CrashCore
rm -rf ${BINDIR}/CrashCore.tar.gz
crashcore=meta
echo -----------------------------------------------
fi
@@ -1512,33 +1539,33 @@ clash_check(){ #clash启动前检查
echo -----------------------------------------------
logger "检测到高级功能将改为使用meta核心启动" 33
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/core.tar.gz
rm -rf ${BINDIR}/CrashCore
rm -rf ${BINDIR}/CrashCore.tar.gz
crashcore=meta
echo -----------------------------------------------
}
fi
core_check
#预下载GeoIP数据库
if [ ! -f ${BINDIR}/Country.mmdb ];then
if [ -n "$(cat ${CRASHDIR}/yamls/*.yaml | grep -oEi 'geoip')" ] && [ ! -f ${BINDIR}/Country.mmdb ];then
if [ -f ${CRASHDIR}/Country.mmdb ];then
ln -sf ${CRASHDIR}/Country.mmdb ${BINDIR}/Country.mmdb
mv -f ${CRASHDIR}/Country.mmdb ${BINDIR}/Country.mmdb
else
logger "未找到GeoIP数据库,正在下载!" 33
logger "未找到Country.mmdb数据库,正在下载!" 33
get_bin ${BINDIR}/Country.mmdb bin/geodata/cn_mini.mmdb
[ "$?" = "1" ] && rm -rf ${BINDIR}/Country.mmdb && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
Geo_v=$(date +"%Y%m%d")
setconfig Geo_v $Geo_v
setconfig cn_mini_v $(date +"%Y%m%d")
fi
fi
#预下载GeoSite数据库
if [ -n "$(cat $core_config|grep -Ei 'geosite')" ] && [ ! -f ${BINDIR}/GeoSite.dat ];then
if [ -n "$(cat ${CRASHDIR}/yamls/*.yaml | grep -oEi 'geosite')" ] && [ ! -f ${BINDIR}/GeoSite.dat ];then
if [ -f ${CRASHDIR}/GeoSite.dat ];then
ln -sf ${CRASHDIR}/GeoSite.dat ${BINDIR}/GeoSite.dat
mv -f ${CRASHDIR}/GeoSite.dat ${BINDIR}/GeoSite.dat
else
logger "未找到GeoSite数据库正在下载" 33
logger "未找到GeoSite.dat数据库,正在下载!" 33
get_bin ${BINDIR}/GeoSite.dat bin/geodata/geosite.dat
[ "$?" = "1" ] && rm -rf ${BINDIR}/GeoSite.dat && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
setconfig geosite_v $(date +"%Y%m%d")
fi
fi
return 0
@@ -1549,33 +1576,53 @@ singbox_check(){ #singbox启动前检查
echo -----------------------------------------------
logger "检测到PuerNya内核专属功能改为使用singboxp内核启动" 33
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/core.tar.gz
rm -rf ${BINDIR}/CrashCore
rm -rf ${BINDIR}/CrashCore.tar.gz
crashcore=singboxp
fi
core_check
#预下载GeoIP数据库
if [ ! -f ${BINDIR}/geoip.db ];then
if [ -f ${CRASHDIR}/geoip.db ];then
ln -sf ${CRASHDIR}/geoip.db ${BINDIR}/geoip.db
#预下载geoip-cn.srs数据库
if [ -n "$(cat ${CRASHDIR}/jsons/*.json | grep -oEi '\"rule_set\": \"geoip-cn\"')" ] && [ ! -f ${BINDIR}/geoip-cn.srs ];then
if [ -f ${CRASHDIR}/geoip-cn.srs ];then
mv -f ${CRASHDIR}/geoip-cn.srs ${BINDIR}/geoip-cn.srs
else
logger "未找到GeoIP数据库,正在下载!" 33
logger "未找到geoip-cn.srs数据库,正在下载!" 33
get_bin ${BINDIR}/geoip-cn.srs bin/geodata/srs_geoip_cn.srs
[ "$?" = "1" ] && rm -rf ${BINDIR}/geoip-cn.srs && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
setconfig srs_geoip_cn_v $(date +"%Y%m%d")
fi
fi
#预下载geosite-cn.srs数据库
if [ -n "$(cat ${CRASHDIR}/jsons/*.json | grep -oEi '\"rule_set\": \"geosite-cn\"')" -o "$dns_mod" = "mix" ] && [ ! -f ${BINDIR}/geosite-cn.srs ];then
if [ -f ${CRASHDIR}/geosite-cn.srs ];then
mv -f ${CRASHDIR}/geosite-cn.srs ${BINDIR}/geosite-cn.srs
else
logger "未找到geosite-cn.srs数据库正在下载" 33
get_bin ${BINDIR}/geosite-cn.srs bin/geodata/srs_geosite_cn.srs
[ "$?" = "1" ] && rm -rf ${BINDIR}/geosite-cn.srs && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
setconfig srs_geosite_cn_v $(date +"%Y%m%d")
fi
fi
#预下载GeoIP数据库
if [ -n "$(cat ${CRASHDIR}/jsons/*.json | grep -oEi '\"geoip\":')" ] && [ ! -f ${BINDIR}/geoip.db ];then
if [ -f ${CRASHDIR}/geoip.db ];then
mv -f ${CRASHDIR}/geoip.db ${BINDIR}/geoip.db
else
logger "未找到geoip.db数据库正在下载" 33
get_bin ${BINDIR}/geoip.db bin/geodata/geoip_cn.db
[ "$?" = "1" ] && rm -rf ${BINDIR}/geoip.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
Geo_v=$(date +"%Y%m%d")
setconfig Geo_v $Geo_v
setconfig geoip_cn_v $(date +"%Y%m%d")
fi
fi
#预下载GeoSite数据库
if [ -n "cat ${CRASHDIR}/jsons/*.json | grep -Ei 'geosite')" -o "$dns_mod" = "mix" ] && [ ! -f ${BINDIR}/geosite.db ];then
if [ -n "$(cat ${CRASHDIR}/jsons/*.json | grep -oEi '\"geosite\":')" ] && [ ! -f ${BINDIR}/geosite.db ];then
if [ -f ${CRASHDIR}/geosite.db ];then
ln -sf ${CRASHDIR}/geosite.db ${BINDIR}/geosite.db
mv -f ${CRASHDIR}/geosite.db ${BINDIR}/geosite.db
else
logger "未找到GeoSite数据库正在下载" 33
logger "未找到geosite.db数据库,正在下载!" 33
get_bin ${BINDIR}/geosite.db bin/geodata/geosite_cn.db
[ "$?" = "1" ] && rm -rf ${BINDIR}/geosite.db && logger "数据库下载失败,已退出,请前往更新界面尝试手动下载!" 31 && exit 1
Geo_v=$(date +"%Y%m%d")
setconfig Geo_v $Geo_v
setconfig geosite_cn_v $(date +"%Y%m%d")
fi
fi
return 0
@@ -1640,68 +1687,88 @@ afstart(){ #启动后
logger "ShellCrash将延迟$start_delay秒启动" 31 pushoff
sleep $start_delay
}
#设置DNS转发
start_dns(){
[ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
[ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" != "fake-ip" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
if [ "$dns_no" != "已禁用" ];then
if [ "$dns_redir" != "已开启" ];then
[ -n "$(echo $redir_mod|grep Nft)" ] && start_nft_dns || start_ipt_dns
else
#openwrt使用dnsmasq转发
uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1
uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null
uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port > /dev/null 2>&1
uci set dhcp.@dnsmasq[0].noresolv=1 2>/dev/null
uci commit dhcp >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1
fi
#设置循环检测面板端口以判定服务启动是否成功
i=1
while [ -z "$test" -a "$i" -lt 10 ];do
sleep 1
if curl --version > /dev/null 2>&1;then
test=$(curl -s http://127.0.0.1:${db_port}/configs | grep -o port)
else
test=$(wget -q -O - http://127.0.0.1:${db_port}/configs | grep -o port)
fi
return 0
}
#设置路由规则
#[ "$ipv6_redir" = "已开启" ] && ipv6_wan=$(ip addr show|grep -A1 'inet6 [^f:]'|grep -oE 'inet6 ([a-f0-9:]+)/'|sed s#inet6\ ##g|sed s#/##g)
[ "$redir_mod" = "Redir模式" ] && start_dns && start_redir
[ "$redir_mod" = "混合模式" ] && start_dns && start_redir && start_tun udp
[ "$redir_mod" = "Tproxy混合" ] && start_dns && start_redir && start_tproxy udp
[ "$redir_mod" = "Tun模式" ] && start_dns && start_tun all
[ "$redir_mod" = "Tproxy模式" ] && start_dns && start_tproxy all
[ -n "$(echo $redir_mod|grep Nft)" -o "$local_type" = "nftables增强模式" ] && {
nft add table inet shellcrash #初始化nftables
nft flush table inet shellcrash
}
[ -n "$(echo $redir_mod|grep Nft)" ] && start_dns && start_nft
#设置本机代理
[ "$local_proxy" = "已开启" ] && {
[ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port
[ "$local_type" = "iptables增强模式" ] && [ -n "$(grep '0:7890' /etc/passwd)" ] && start_output
[ "$local_type" = "nftables增强模式" ] && [ -n "$(grep '0:7890' /etc/passwd)" ] && [ "$redir_mod" = "纯净模式" ] && start_nft
}
ckcmd iptables && start_wan #本地防火墙
mark_time #标记启动时间
[ -s ${CRASHDIR}/configs/web_save -o -s ${CRASHDIR}/configs/web_configs ] && web_restore &>/dev/null & #后台还原面板配置
{ sleep 5;logger Clash服务已启动;} & #推送日志
#加载定时任务
[ -s ${CRASHDIR}/task/cron ] && croncmd ${CRASHDIR}/task/cron
[ -s ${CRASHDIR}/task/running ] && {
cronset '运行时每'
while read line ;do
cronset '2fjdi124dd12s' "$line"
done < ${CRASHDIR}/task/running
}
#加载条件任务
[ -s ${CRASHDIR}/task/afstart ] && { source ${CRASHDIR}/task/afstart ;} &
[ -s ${CRASHDIR}/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && {
#注入防火墙
line=$(grep -En "fw3 restart" /etc/init.d/firewall | cut -d ":" -f 1)
sed -i.bak "${line}a\\source ${CRASHDIR}/task/affirewall" /etc/init.d/firewall
line=$(grep -En "fw3 .* start" /etc/init.d/firewall | cut -d ":" -f 1)
sed -i "${line}a\\source ${CRASHDIR}/task/affirewall" /etc/init.d/firewall
} &
return 0
i=$((i+1))
done
if [ -n "$test" ];then
#设置DNS转发
start_dns(){
[ "$dns_mod" != "fake-ip" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
[ "$ipv6_redir" = "已开启" ] && [ "$dns_mod" != "fake-ip" ] && [ "$cn_ipv6_route" = "已开启" ] && cn_ipv6_route
if [ "$dns_no" != "已禁用" ];then
if [ "$dns_redir" != "已开启" ];then
[ -n "$(echo $redir_mod|grep Nft)" ] && start_nft_dns || start_ipt_dns
else
#openwrt使用dnsmasq转发
uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1
uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null
uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port > /dev/null 2>&1
uci set dhcp.@dnsmasq[0].noresolv=1 2>/dev/null
uci commit dhcp >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1
fi
fi
return 0
}
#设置路由规则
[ "$redir_mod" = "Redir模式" ] && start_dns && start_redir
[ "$redir_mod" = "混合模式" ] && start_dns && start_redir && start_tun udp
[ "$redir_mod" = "Tproxy混合" ] && start_dns && start_redir && start_tproxy udp
[ "$redir_mod" = "Tun模式" ] && start_dns && start_tun all
[ "$redir_mod" = "Tproxy模式" ] && start_dns && start_tproxy all
[ -n "$(echo $redir_mod|grep Nft)" -o "$local_type" = "nftables增强模式" ] && {
nft add table inet shellcrash #初始化nftables
nft flush table inet shellcrash
}
[ -n "$(echo $redir_mod|grep Nft)" ] && start_dns && start_nft
#设置本机代理
[ "$local_proxy" = "已开启" ] && {
[ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port
[ "$local_type" = "iptables增强模式" ] && [ -n "$(grep '0:7890' /etc/passwd)" ] && start_output
[ "$local_type" = "nftables增强模式" ] && [ -n "$(grep '0:7890' /etc/passwd)" ] && [ "$redir_mod" = "纯净模式" ] && start_nft
}
ckcmd iptables && start_wan #本地防火墙
mark_time #标记启动时间
[ -s ${CRASHDIR}/configs/web_save -o -s ${CRASHDIR}/configs/web_configs ] && web_restore &>/dev/null & #后台还原面板配置
{ sleep 5;logger ShellCrash服务已启动;} & #推送日志
#加载定时任务
[ -s ${CRASHDIR}/task/cron ] && croncmd ${CRASHDIR}/task/cron
[ -s ${CRASHDIR}/task/running ] && {
cronset '运行时每'
while read line ;do
cronset '2fjdi124dd12s' "$line"
done < ${CRASHDIR}/task/running
}
[ "$start_old" = "已开启" ] && cronset '保守模式守护进程' "* * * * * test -z \"\$(pidof CrashCore)\" && ${CRASHDIR}/start.sh daemon #ShellCrash保守模式守护进程"
#加载条件任务
[ -s ${CRASHDIR}/task/afstart ] && { source ${CRASHDIR}/task/afstart ;} &
[ -s ${CRASHDIR}/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && {
#注入防火墙
line=$(grep -En "fw3 restart" /etc/init.d/firewall | cut -d ":" -f 1)
sed -i.bak "${line}a\\source ${CRASHDIR}/task/affirewall" /etc/init.d/firewall
line=$(grep -En "fw3 .* start" /etc/init.d/firewall | cut -d ":" -f 1)
sed -i "${line}a\\source ${CRASHDIR}/task/affirewall" /etc/init.d/firewall
} &
else
start_error
$0 stop
fi
}
start_error(){ #启动报错
ckcmd journalctl && journalctl -xeu shellcrash > $TMPDIR/core_test.log
if [ "$start_old" != "已开启" ] && ckcmd journalctl;then
ournalctl -xeu shellcrash > $TMPDIR/core_test.log
else
${COMMAND} &>${TMPDIR}/core_test.log &
sleep 2 ; kill $! &>/dev/null
fi
error=$(cat $TMPDIR/core_test.log | grep -Eo 'error.*=.*|.*ERROR.*|.*FATAL.*')
logger "服务启动失败!请查看报错信息!详细信息请查看$TMPDIR/core_test.log" 33
logger "$error" 31
@@ -1720,8 +1787,7 @@ start_old(){ #保守模式
ckcmd nohup && [ -d /jffs ] && nohup=nohup #华硕调用nohup启动
$nohup $COMMAND >/dev/null 2>&1 &
fi
afstart
cronset '保守模式守护进程' "* * * * * test -z \"\$(pidof CrashCore)\" && ${CRASHDIR}/start.sh daemon #ShellCrash保守模式守护进程"
afstart &
}
#杂项
update_config(){ #更新订阅并重启

47
scripts/task.sh
View File

@@ -31,28 +31,51 @@ update_core(){ #自动更新内核
logger "任务【自动更新内核】中止-未检测到版本更新"
exit 1
else
#更新内核
[ "$crashcore" = singbox ] && core_new=singbox || core_new=clash
${CRASHDIR}/start.sh get_bin ${TMPDIR}/core.new "bin/${crashcore}/${core_new}-linux-${cpucore}"
[ "$crashcore" = singbox -o "$crashcore" = singboxp ] && core_new=singbox || core_new=clash
if [ -n "$custcorelink" ];then
zip_type=$(echo $custcorelink | grep -oE 'tar.gz$')
[ -z "$zip_type" ] && zip_type=$(echo $custcorelink | grep -oE 'gz$')
if [ -n "$zip_type" ];then
${CRASHDIR}/start.sh webget ${TMPDIR}/core_new.${zip_type} ${custcorelink}
fi
else
${CRASHDIR}/start.sh get_bin ${TMPDIR}/core_new.tar.gz bin/${crashcore}/${core_new}-linux-${cpucore}.tar.gz
fi
if [ "$?" != "0" ];then
logger "任务【自动更新内核】出错-下载失败!"
rm -rf ${TMPDIR}/core.new
${TMPDIR}/CrashCore.tar.gz
return 1
else
chmod +x ${TMPDIR}/core.new
${CRASHDIR}/start.sh stop
if [ "$crashcore" = singbox ];then
core_v=$(${TMPDIR}/core.new version 2>/dev/null | grep version | awk '{print $3}')
[ -n "$(pidof CrashCore)" ] && ${CRASHDIR}/start.sh stop #停止内核服务防止内存不足
[ -f ${TMPDIR}/core_new.tar.gz ] && {
mkdir -p ${TMPDIR}/core_new
tar -zxf "${TMPDIR}/core_new.tar.gz" -C ${TMPDIR}/core_new/ &>/dev/null || tar -zxf "${TMPDIR}/core_new.tar.gz" --no-same-owner -C ${TMPDIR}/core_new/
for file in "$(ls -1 ${TMPDIR}/core_new | grep -iE 'CrashCore|sing-box|clash|mihomo|meta')" ;do
mv -f ${TMPDIR}/core_new/$file ${TMPDIR}/core_new
done
rm -rf ${TMPDIR}/core_new
}
[ -f ${TMPDIR}/core_new.gz ] && gunzip ${TMPDIR}/core_new.gz >/dev/null && rm -rf ${TMPDIR}/core_new.gz
chmod +x ${TMPDIR}/core_new
[ "$crashcore" = unknow ] && setcoretype
if [ "$crashcore" = singbox -o "$crashcore" = singboxp ];then
core_v=$(${TMPDIR}/core_new version 2>/dev/null | grep version | awk '{print $3}')
else
core_v=$(${TMPDIR}/core.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
core_v=$(${TMPDIR}/core_new -v 2>/dev/null | head -n 1 | sed 's/ linux.*//;s/.* //')
fi
if [ -z "$core_v" ];then
logger "任务【自动更新内核】出错-内核校验失败!"
rm -rf ${TMPDIR}/core.new
rm -rf ${TMPDIR}/core_new.tar.gz
rm -rf ${TMPDIR}/core_new
${CRASHDIR}/start.sh start
return 1
else
mv -f ${TMPDIR}/core.new ${BINDIR}/CrashCore
mv -f ${TMPDIR}/core_new ${TMPDIR}/CrashCore
if [ -f ${TMPDIR}/core_new.tar.gz ];then
mv -f ${TMPDIR}/core_new.tar.gz ${BINDIR}/CrashCore.tar.gz
else
tar -zcf ${BINDIR}/CrashCore.tar.gz -C ${TMPDIR} CrashCore
fi
logger "任务【自动更新内核】下载完成,正在重启服务!"
setconfig core_v $core_v
${CRASHDIR}/start.sh start
@@ -75,7 +98,7 @@ update_shellcrash(){ #自动更新脚本
return 1
else
#解压
tar -zxvf "${TMPDIR}/update.tar.gz" -C ${CRASHDIR}/ || tar -zxvf "${TMPDIR}/update.tar.gz" --no-same-owner -C ${CRASHDIR}/
tar -zxf "${TMPDIR}/update.tar.gz" -C ${CRASHDIR}/ || tar -zxf "${TMPDIR}/update.tar.gz" --no-same-owner -C ${CRASHDIR}/
if [ $? -ne 0 ];then
rm -rf ${TMPDIR}/update.tar.gz
logger "任务【自动更新内核】出错-解压失败!"