diff --git a/bin/ShellClash.tar.gz b/bin/ShellClash.tar.gz index 8c49ed3..0d61075 100644 Binary files a/bin/ShellClash.tar.gz and b/bin/ShellClash.tar.gz differ diff --git a/bin/clashfm.tar.gz b/bin/clashfm.tar.gz index 9780e97..aaf7f2a 100644 Binary files a/bin/clashfm.tar.gz and b/bin/clashfm.tar.gz differ diff --git a/bin/public.tar.gz b/bin/public.tar.gz new file mode 100644 index 0000000..3bc21c7 Binary files /dev/null and b/bin/public.tar.gz differ diff --git a/bin/version b/bin/version index 0377876..1dca624 100644 --- a/bin/version +++ b/bin/version @@ -2,5 +2,5 @@ clashnet_v=v1.7.6 clashpre_v=2022.11.25 clash_v=v1.7.1 meta_v=v1.15.0 -versionsh=1.7.9f GeoIP_v=20230729 +versionsh=1.7.10c diff --git a/scripts/clash.service b/scripts/clash.service index 0c27197..267cc7a 100644 --- a/scripts/clash.service +++ b/scripts/clash.service @@ -5,7 +5,7 @@ After=network.target [Service] Type=simple User=root -ExecStart=/etc/clash/clash -d /etc/clash -f /tmp/clash_$USER/config.yaml >/dev/null +ExecStart=/etc/clash/clash -d /etc/clash >/dev/null ExecStartPost=/etc/clash/start.sh afstart Restart=on-failure RestartSec=3s diff --git a/scripts/clash.sh b/scripts/clash.sh index 72ced97..7c2522f 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -3,7 +3,7 @@ CFG_PATH=$clashdir/configs/ShellClash.cfg YAMLSDIR=$clashdir/yamls -TMPDIR=/tmp/clash_$USER && [ ! -f $TMPDIR ] && mkdir -p $TMPDIR +TMPDIR=/tmp/ShellClash && [ ! -f $TMPDIR ] && mkdir -p $TMPDIR #读取配置相关 setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 @@ -1745,7 +1745,7 @@ clashcron(){ echo "$cronwords" >> $tmpcron croncmd $tmpcron #华硕/Padavan固件存档在本地,其他则删除 - [ "$clashdir" = "/jffs/clash" -o "$clashdir" = "/etc/storage/clash" ] && mv -f $tmpcron $clashdir/cron || rm -f $tmpcron + [ "$clashdir" = "/jffs/clash" -o "$clashdir" = "/etc/storage/clash" ] && mv -f $tmpcron $clashdir/tools/cron || rm -f $tmpcron echo ----------------------------------------------- echo -e "\033[31m定时任务已添加!!!\033[0m" fi @@ -1769,7 +1769,7 @@ clashcron(){ i= elif [ "$num" = 9 ]; then croncmd -l > $TMPDIR/conf && sed -i "/$cronname/d" $TMPDIR/conf && croncmd $TMPDIR/conf - sed -i "/$cronname/d" $clashdir/cron 2>/dev/null + sed -i "/$cronname/d" $clashdir/tools/cron 2>/dev/null rm -f $TMPDIR/conf echo ----------------------------------------------- echo -e "\033[31m定时任务:$cronname已删除!\033[0m" @@ -1853,7 +1853,7 @@ clashcron(){ [ -n "$txt" ] && { cronname=$txt croncmd -l > $TMPDIR/conf && sed -i "/$cronname/d" $TMPDIR/conf && croncmd $TMPDIR/conf - sed -i "/$cronname/d" $clashdir/cron 2>/dev/null + sed -i "/$cronname/d" $clashdir/tools/cron 2>/dev/null rm -f $TMPDIR/conf echo ----------------------------------------------- echo -e "所有关键词\033[32m$cronname\033[0m匹配的定时任务均已删除!\033[0m" diff --git a/scripts/clashservice b/scripts/clashservice index 04c086b..b7ade0e 100644 --- a/scripts/clashservice +++ b/scripts/clashservice @@ -10,7 +10,6 @@ DIR=$(cat /etc/profile | grep clashdir | awk -F "\"" '{print $2}') [ -z "$DIR" ] && DIR=$(cat ~/.bashrc | grep clashdir | awk -F "\"" '{print $2}') BINDIR=$(cat $DIR/configs/ShellClash.cfg | grep bindir | awk -F "=" '{print $2}') [ -z "$BINDIR" ] && BINDIR=$DIR -TMPDIR=/tmp/clash_$USER start_service() { #检测必须文件 @@ -21,7 +20,7 @@ start_service() { procd_set_param respawn procd_set_param stderr 0 procd_set_param stdout 0 - procd_set_param command $BINDIR/clash -d $BINDIR -f $TMPDIR/config.yaml + procd_set_param command $BINDIR/clash -d $BINDIR procd_close_instance #其他设置 $DIR/start.sh afstart @@ -34,7 +33,7 @@ start() { $DIR/start.sh bfstart if [ "$?" = "0" ];then #创建后台进程 - service_start $BINDIR/clash -d $BINDIR -f $TMPDIR/config.yaml + service_start $BINDIR/clash -d $BINDIR #其他设置 $DIR/start.sh afstart #设置守护进程 diff --git a/scripts/getdate.sh b/scripts/getdate.sh index fad9197..6275cef 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -729,7 +729,7 @@ clashlink(){ } #下载更新相关 gettar(){ - $clashdir/start.sh webget $tmpdir/clashfm.tar.gz $tarurl + $clashdir/start.sh webget $TMPDIR/clashfm.tar.gz $tarurl if [ "$?" != "0" ];then echo -e "\033[33m文件下载失败!\033[0m" error_down @@ -739,9 +739,9 @@ gettar(){ echo ----------------------------------------------- echo 开始解压文件! mkdir -p $clashdir > /dev/null - tar -zxvf "$tmpdir/clashfm.tar.gz" -C $clashdir/ + tar -zxvf "$TMPDIR/clashfm.tar.gz" -C $clashdir/ if [ $? -ne 0 ];then - rm -rf $tmpdir/clashfm.tar.gz + rm -rf $TMPDIR/clashfm.tar.gz echo -e "\033[33m文件解压失败!\033[0m" error_down else @@ -810,21 +810,21 @@ getcore(){ #获取在线clash核心文件 echo ----------------------------------------------- echo 正在在线获取clash核心文件…… - $clashdir/start.sh webget $tmpdir/clash.new $corelink + $clashdir/start.sh webget $TMPDIR/clash.new $corelink if [ "$?" = "1" ];then echo -e "\033[31m核心文件下载失败!\033[0m" - rm -rf $tmpdir/clash.new + rm -rf $TMPDIR/clash.new [ -z "$custcorelink" ] && error_down else - chmod +x $tmpdir/clash.new - clashv=$($tmpdir/clash.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //') + chmod +x $TMPDIR/clash.new + clashv=$($TMPDIR/clash.new -v 2>/dev/null | sed 's/ linux.*//;s/.* //') if [ -z "$clashv" ];then echo -e "\033[31m核心文件下载成功但校验失败!请尝试手动指定CPU版本\033[0m" - rm -rf $tmpdir/clash.new + rm -rf $TMPDIR/clash.new setcpucore else echo -e "\033[32m$clashcore核心下载成功!\033[0m" - mv -f $tmpdir/clash.new $bindir/clash + mv -f $TMPDIR/clash.new $bindir/clash chmod +x $bindir/clash setconfig clashcore $clashcore setconfig clashv $version @@ -930,13 +930,13 @@ setcore(){ getgeo(){ echo ----------------------------------------------- echo 正在从服务器获取数据库文件………… - $clashdir/start.sh webget $tmpdir/$geoname $update_url/bin/geodata/$geotype + $clashdir/start.sh webget $TMPDIR/$geoname $update_url/bin/geodata/$geotype if [ "$?" = "1" ];then echo ----------------------------------------------- echo -e "\033[31m文件下载失败!\033[0m" error_down else - mv -f $tmpdir/$geoname $bindir/$geoname + mv -f $TMPDIR/$geoname $bindir/$geoname echo ----------------------------------------------- echo -e "\033[32mGeoIP/CN_IP数据库文件下载成功!\033[0m" Geo_v=$GeoIP_v @@ -1014,7 +1014,7 @@ getdb(){ dblink="${update_url}/bin/dashboard/${db_type}.tar.gz" echo ----------------------------------------------- echo 正在连接服务器获取安装文件………… - $clashdir/start.sh webget $tmpdir/clashdb.tar.gz $dblink + $clashdir/start.sh webget $TMPDIR/clashdb.tar.gz $dblink if [ "$?" = "1" ];then echo ----------------------------------------------- echo -e "\033[31m文件下载失败!\033[0m" @@ -1024,10 +1024,10 @@ getdb(){ else echo -e "\033[33m下载成功,正在解压文件!\033[0m" mkdir -p $dbdir > /dev/null - tar -zxvf "$tmpdir/clashdb.tar.gz" -C $dbdir > /dev/null + tar -zxvf "$TMPDIR/clashdb.tar.gz" -C $dbdir > /dev/null if [ $? -ne 0 ];then - tar -zxvf "$tmpdir/clashdb.tar.gz" --no-same-permissions -C $dbdir > /dev/null - [ $? -ne 0 ] && echo "文件解压失败!" && rm -rf $tmpdir/clashfm.tar.gz && exit 1 + tar -zxvf "$TMPDIR/clashdb.tar.gz" --no-same-permissions -C $dbdir > /dev/null + [ $? -ne 0 ] && echo "文件解压失败!" && rm -rf $TMPDIR/clashfm.tar.gz && exit 1 fi #修改默认host和端口 if [ "$db_type" = "clashdb" -o "$db_type" = "meta_db" ];then @@ -1041,7 +1041,7 @@ getdb(){ setconfig hostdir \'$hostdir\' echo ----------------------------------------------- echo -e "\033[32m面板安装成功!\033[0m" - rm -rf $tmpdir/clashdb.tar.gz + rm -rf $TMPDIR/clashdb.tar.gz sleep 1 fi } @@ -1121,20 +1121,20 @@ getcrt(){ crtlink="${update_url}/bin/fix/ca-certificates.crt" echo ----------------------------------------------- echo 正在连接服务器获取安装文件………… - $clashdir/start.sh webget $tmpdir/ca-certificates.crt $crtlink + $clashdir/start.sh webget $TMPDIR/ca-certificates.crt $crtlink if [ "$?" = "1" ];then echo ----------------------------------------------- echo -e "\033[31m文件下载失败!\033[0m" error_down else echo ----------------------------------------------- - mv -f $tmpdir/ca-certificates.crt $crtdir - $clashdir/start.sh webget $tmpdir/ssl_test https://baidu.com echooff rediron skipceroff + mv -f $TMPDIR/ca-certificates.crt $crtdir + $clashdir/start.sh webget $TMPDIR/ssl_test https://baidu.com echooff rediron skipceroff if [ "$?" = "1" ];then export CURL_CA_BUNDLE=$crtdir echo "export CURL_CA_BUNDLE=$crtdir" >> /etc/profile fi - rm -rf $tmpdir/ssl_test + rm -rf $TMPDIR/ssl_test echo -e "\033[32m证书安装成功!\033[0m" sleep 1 fi @@ -1212,15 +1212,15 @@ setserver(){ b) echo ----------------------------------------------- echo -e "\033[33m如无法连接,请务必先启用clash服务!!!\033[0m" - $clashdir/start.sh webget $tmpdir/clashrelease https://raw.githubusercontent.com/juewuy/ShellClash/master/bin/release_version echooff rediroff 2>$tmpdir/clashrelease + $clashdir/start.sh webget $TMPDIR/clashrelease https://raw.githubusercontent.com/juewuy/ShellClash/master/bin/release_version echooff rediroff 2>$TMPDIR/clashrelease echo -e "\033[31m请选择想要回退至的release版本:\033[0m" - cat $tmpdir/clashrelease | awk '{print " "NR" "$1}' + cat $TMPDIR/clashrelease | awk '{print " "NR" "$1}' echo -e " 0 返回上级菜单" read -p "请输入对应数字 > " num if [ -z "$num" -o "$num" = 0 ]; then setserver - elif [ $num -le $(cat $tmpdir/clashrelease 2>/dev/null | awk 'END{print NR}') ]; then - release_version=$(cat $tmpdir/clashrelease | awk '{print $1}' | sed -n "$num"p) + elif [ $num -le $(cat $TMPDIR/clashrelease 2>/dev/null | awk 'END{print NR}') ]; then + release_version=$(cat $TMPDIR/clashrelease | awk '{print $1}' | sed -n "$num"p) update_url="https://raw.githubusercontent.com/juewuy/ShellClash/$release_version" saveserver unset release_url @@ -1228,7 +1228,7 @@ setserver(){ echo ----------------------------------------------- echo -e "\033[31m输入有误,请重新输入!\033[0m" fi - rm -rf $tmpdir/clashrelease + rm -rf $TMPDIR/clashrelease ;; *) errornum @@ -1240,25 +1240,25 @@ checkupdate(){ if [ -z "$release_new" ];then if [ -n "$release_url" ];then [ -n "$(echo $release_url|grep 'jsdelivr')" ] && check_url=$release_url@master || check_url=$release_url/master - $clashdir/start.sh webget $tmpdir/clashversion $check_url/bin/release_version echoon rediroff 2>$tmpdir/clashversion - release_new=$(cat $tmpdir/clashversion | head -1) + $clashdir/start.sh webget $TMPDIR/clashversion $check_url/bin/release_version echoon rediroff 2>$TMPDIR/clashversion + release_new=$(cat $TMPDIR/clashversion | head -1) [ -n "$(echo $release_url|grep 'jsdelivr')" ] && update_url=$release_url@$release_new || update_url=$release_url/$release_new setconfig update_url \'$update_url\' release_type=正式版 else release_type=测试版 fi - $clashdir/start.sh webget $tmpdir/clashversion $update_url/bin/version echooff - [ "$?" = "0" ] && release_new=$(cat $tmpdir/clashversion | grep -oE 'versionsh=.*' | awk -F'=' '{ print $2 }') + $clashdir/start.sh webget $TMPDIR/clashversion $update_url/bin/version echooff + [ "$?" = "0" ] && release_new=$(cat $TMPDIR/clashversion | grep -oE 'versionsh=.*' | awk -F'=' '{ print $2 }') if [ -n "$release_new" ];then - source $tmpdir/clashversion 2>/dev/null + source $TMPDIR/clashversion 2>/dev/null else echo -e "\033[31m检查更新失败!请切换其他安装源!\033[0m" echo -e "\033[36m如全部安装源都无法使用,请先运行clash服务后再使用更新功能!\033[0m" sleep 1 setserver fi - rm -rf $tmpdir/clashversion + rm -rf $TMPDIR/clashversion fi } update(){ @@ -1438,14 +1438,14 @@ userguide(){ [ "$res" = 1 ] && checkupdate && getcrt fi #设置加密DNS - $clashdir/start.sh webget $tmpdir/ssl_test https://doh.pub echooff rediron + $clashdir/start.sh webget $TMPDIR/ssl_test https://doh.pub echooff rediron if [ "$?" = "0" ];then dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853' dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query' setconfig dns_nameserver \'"$dns_nameserver"\' setconfig dns_fallback \'"$dns_fallback"\' fi - rm -rf $tmpdir/ssl_test + rm -rf $TMPDIR/ssl_test #开启公网访问 sethost(){ read -p "请输入你的公网IP地址 > " host @@ -1526,7 +1526,7 @@ testcommand(){ echo ----------------------------------------------- if $clashdir/clash -v &>/dev/null;then clash -s modify_yaml &>/dev/null - $clashdir/clash -t -d $clashdir -f $tmpdir/config.yaml + $clashdir/clash -t -d $clashdir -f $TMPDIR/config.yaml [ "$?" = 0 ] && testover=32m测试通过!|| testover=31m出现错误!请截图后到TG群询问!!! echo -e "\033[$testover\033[0m" else diff --git a/scripts/init.sh b/scripts/init.sh index 1f4fb64..9cfff00 100644 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -1,7 +1,7 @@ #!/bin/sh # Copyright (C) Juewuy -version=1.7.9f +version=1.7.10c setdir(){ dir_avail(){ @@ -124,7 +124,7 @@ fi } setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 - [ -z "$3" ] && configpath=$clashdir/mark || configpath=$3 + [ -z "$3" ] && configpath=$clashdir/configs/ShellClash.cfg || configpath=$3 [ -n "$(grep -E "^${1}=" $configpath)" ] && sed -i "s#^${1}=\(.*\)#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath } @@ -151,7 +151,8 @@ mkdir -p $clashdir mv -f /tmp/SC_tmp/* $clashdir 2>/dev/null #初始化 -[ -f "$clashdir/mark" ] || echo '#ShellClash配置文件,不明勿动!' > $clashdir/mark +mkdir -p $clashdir/configs +[ -f "$clashdir/configs/ShellClash.cfg" ] || echo '#ShellClash配置文件,不明勿动!' > $clashdir/configs/ShellClash.cfg #本地安装跳过新手引导 #[ -z "$url" ] && setconfig userguide 1 #判断系统类型写入不同的启动文件 @@ -231,17 +232,16 @@ rm -rf /tmp/*lash*gz rm -rf /tmp/SC_tmp #转换&清理旧版本文件 mkdir -p $clashdir/yamls -mkdir -p $clashdir/configs mkdir -p $clashdir/tools for file in config.yaml config.yaml.bak user.yaml proxies.yaml proxy-groups.yaml rules.yaml others.yaml ;do - mv -f $clashdir/$file $clashdir/yamls/$file + mv -f $clashdir/$file $clashdir/yamls/$file 2>/dev/null done for file in fake_ip_filter mac web_save servers.list fake_ip_filter.list fallback_filter.list;do - mv -f $clashdir/$file $clashdir/configs/$file + mv -f $clashdir/$file $clashdir/configs/$file 2>/dev/null done - mv -f $clashdir/mark $clashdir/configs/ShellClash.cfg -for file in dropbear_rsa_host_key authorized_keys tun.ko ShellDDNS.sh;do - mv -f $clashdir/$file $clashdir/tools/$file + mv -f $clashdir/mark $clashdir/configs/ShellClash.cfg 2>/dev/null +for file in cron dropbear_rsa_host_key authorized_keys tun.ko ShellDDNS.sh;do + mv -f $clashdir/$file $clashdir/tools/$file 2>/dev/null done for file in log clash.service mark? mark.bak;do rm -rf $clashdir/$file diff --git a/scripts/start.sh b/scripts/start.sh index ea61955..c4a578a 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -7,7 +7,7 @@ [ -z "$clashdir" ] && clashdir=$(cat /etc/profile | grep clashdir | awk -F "\"" '{print $2}') [ -z "$clashdir" ] && clashdir=$(cat ~/.bashrc | grep clashdir | awk -F "\"" '{print $2}') CFG_PATH=$clashdir/configs/ShellClash.cfg -TMPDIR=/tmp/clash_$USER && [ ! -f $TMPDIR ] && mkdir -p $TMPDIR +TMPDIR=/tmp/ShellClash && [ ! -f $TMPDIR ] && mkdir -p $TMPDIR #脚本内部工具 getconfig(){ #加载配置文件 @@ -38,7 +38,7 @@ getconfig(){ } setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 - [ -z "$3" ] && configpath=$clashdir/mark || configpath=$3 + [ -z "$3" ] && configpath=$CFG_PATH || configpath=$3 [ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath } ckcmd(){ @@ -143,8 +143,8 @@ getlanip(){ while [ "$i" -le "10" ];do host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' ) #ipv4局域网网段 host_ipv6=$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g' ) #ipv6公网地址段 - [ -n "$host_ipv4" -a -n "$host_ipv6" ] && break [ -f $TMPDIR/ShellClash_log ] && break + [ -n "$host_ipv4" -o -n "$host_ipv6" ] && break sleep 2 && i=$((i+1)) done #添加自定义ipv4局域网网段 @@ -163,10 +163,10 @@ getlanip(){ getyaml(){ [ -z "$rule_link" ] && rule_link=1 [ -z "$server_link" ] && server_link=1 - Server=$(grep -aE '^3|^4' $clashdir/servers.list | sed -n ""$server_link"p" | awk '{print $3}') - [ -n "$(echo $Url | grep -oE 'vless:|hysteria:')" ] && Server=$(grep -aE '^4' $clashdir/servers.list | sed -n ""$server_link"p" | awk '{print $3}') - [ "$retry" = 4 ] && Server=$(grep -aE '^499' $clashdir/servers.list | awk '{print $3}') - Config=$(grep -aE '^5' $clashdir/servers.list | sed -n ""$server_link"p" | awk '{print $3}') + Server=$(grep -aE '^3|^4' $clashdir/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}') + [ -n "$(echo $Url | grep -oE 'vless:|hysteria:')" ] && Server=$(grep -aE '^4' $clashdir/configs/servers.list | sed -n ""$server_link"p" | awk '{print $3}') + [ "$retry" = 4 ] && Server=$(grep -aE '^499' $clashdir/configs/servers.list | awk '{print $3}') + Config=$(grep -aE '^5' $clashdir/configs/servers.list | sed -n ""$rule_link"p" | awk '{print $3}') #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 if [ -z "$Https" ];then Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" @@ -257,7 +257,7 @@ getyaml(){ if [ "$?" != "0" ];then logger "配置文件加载失败!请查看报错信息!" 31 $bindir/clash -t -d $bindir -f $yamlnew - echo "$($bindir/clash -t -d $bindir -f $yamlnew)" >> $clashdir/log + echo "$($bindir/clash -t -d $bindir -f $yamlnew)" >> $TMPDIR/ShellClash_log exit 1 fi fi @@ -308,7 +308,7 @@ dns: fake-ip-filter: EOF if [ "$dns_mod" = "fake-ip" ];then - cat $clashdir/configs/fake_ip_filter.list $clashdir/configs/fake_ip_filter | grep '\.' | sed "s/^/ - '/" | sed "s/$/'/" >> $TMPDIR/dns.yaml + cat $clashdir/configs/fake_ip_filter $clashdir/configs/fake_ip_filter.list 2>/dev/null | grep '\.' | sed "s/^/ - '/" | sed "s/$/'/" >> $TMPDIR/dns.yaml else echo " - '+.*'" >> $TMPDIR/dns.yaml fi @@ -434,16 +434,16 @@ EOF } #插入自定义规则 sed -i "/#自定义规则/d" $TMPDIR/rules.yaml - [ -f $clashdir/rules.yaml ] && { - cat $clashdir/rules.yaml | sed "/^#/d" | sed '$a\' | sed 's/$/ #自定义规则/g' > $TMPDIR/rules.add + [ -f $clashdir/yamls/rules.yaml ] && { + cat $clashdir/yamls/rules.yaml | sed "/^#/d" | sed '$a\' | sed 's/$/ #自定义规则/g' > $TMPDIR/rules.add cat $TMPDIR/rules.yaml >> $TMPDIR/rules.add mv -f $TMPDIR/rules.add $TMPDIR/rules.yaml } #对齐rules中的空格 sed -i 's/^ *-/ -/g' $TMPDIR/rules.yaml #合并文件 - [ -s $clashdir/user.yaml ] && { - yaml_user=$clashdir/user.yaml + [ -s $clashdir/yamls/user.yaml ] && { + yaml_user=$clashdir/yamls/user.yaml #set和user去重,且优先使用user.yaml cp -f $TMPDIR/set.yaml $TMPDIR/set_bak.yaml for char in mode allow-lan log-level tun experimental interface-name dns store-selected;do @@ -452,7 +452,7 @@ EOF } [ -s $TMPDIR/dns.yaml ] && yaml_dns=$TMPDIR/dns.yaml [ -s $TMPDIR/hosts.yaml ] && yaml_hosts=$TMPDIR/hosts.yaml - [ -s $TMPDIR/others.yaml ] && yaml_others=$clashdir/others.yaml + [ -s $TMPDIR/others.yaml ] && yaml_others=$clashdir/yamls/others.yaml yaml_add= for char in $yaml_char;do #将额外配置文件合并 [ -s $TMPDIR/${char}.yaml ] && { @@ -473,6 +473,8 @@ EOF cut -c 1- $TMPDIR/set.yaml $yaml_dns $yaml_add > $TMPDIR/config.yaml sed -i "/#自定义/d" $TMPDIR/config.yaml fi + #建立软连接 + [ "$TMPDIR" = "$bindir" ] || ln -sf $TMPDIR/config.yaml $bindir/config.yaml #清理缓存 for char in $yaml_char set set_bak dns hosts;do rm -f $TMPDIR/${char}.yaml @@ -887,8 +889,10 @@ start_nft(){ } #Docker type docker &>/dev/null && { - ip rule add fwmark $fwmark table 102 2> /dev/null - ip route add local 172.16.0.0/12 dev lo table 102 2> /dev/null + nft add chain inet shellclash docker { type nat hook prerouting priority -100 \; } + nft add rule inet shellclash docker ip saddr != {172.16.0.0/12} return + nft add rule inet shellclash docker udp dport 53 redirect to $dns_port + nft add rule inet shellclash docker meta l4proto tcp mark set $fwmark redirect to $redir_port } } } @@ -953,7 +957,7 @@ stop_firewall(){ iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellClash-QUIC-REJECT" $set_cn_ip -j REJECT 2> /dev/null iptables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellClash-QUIC-REJECT" $set_cn_ip -j REJECT 2> /dev/null #本机代理 - iptables -t nat -D OUTPUT -p tcp -j clash_out 2> /dev/null + iptables -t nat -D OUTPUT -p tcp $ports -j clash_out 2> /dev/null iptables -t nat -F clash_out 2> /dev/null iptables -t nat -X clash_out 2> /dev/null iptables -t nat -D OUTPUT -p udp --dport 53 -j clash_dns_out 2> /dev/null @@ -1027,8 +1031,6 @@ stop_firewall(){ ip route del local default dev lo table 100 2> /dev/null ip -6 rule del fwmark $fwmark table 101 2> /dev/null ip -6 route del local ::/0 dev lo table 101 2> /dev/null - ip rule del fwmark $fwmark table 102 2> /dev/null - ip route del local 172.16.0.0/12 dev lo table 102 2> /dev/null #重置nftables相关规则 ckcmd nft && { nft flush table inet shellclash >/dev/null 2>&1 @@ -1222,6 +1224,8 @@ bfstart(){ fi fi fi + #生成配置文件 + [ "$disoverride" != "1" ] && modify_yaml || ln -s $yaml $bindir/config.yaml } afstart(){ @@ -1275,7 +1279,7 @@ afstart(){ #标记启动时间 mark_time #加载定时任务 - [ -f $clashdir/cron ] && croncmd $clashdir/cron + [ -f $clashdir/tools/cron ] && croncmd $clashdir/tools/cron #启用面板配置自动保存 cronset '#每10分钟保存节点配置' "*/10 * * * * test -n \"\$(pidof clash)\" && $clashdir/start.sh web_save #每10分钟保存节点配置" [ -f $clashdir/configs/web_save ] && web_restore & #后台还原面板配置 @@ -1294,10 +1298,10 @@ start_old(){ #使用传统后台执行二进制文件的方式执行 if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then ckcmd su && su=su - $su shellclash -c "$bindir/clash -d $bindir -f $TMPDIR/config.yaml >/dev/null" & + $su shellclash -c "$bindir/clash -d $bindir >/dev/null" & else ckcmd nohup && nohup=nohup - $nohup $bindir/clash -d $bindir -f $TMPDIR/config.yaml >/dev/null 2>&1 & + $nohup $bindir/clash -d $bindir >/dev/null 2>&1 & fi afstart $0 daemon @@ -1317,8 +1321,6 @@ start) #检测必须文件并下载 bfstart stop_firewall #清理路由策略 - #使用内置规则强行覆盖config配置文件 - [ "$disoverride" != "1" ] && modify_yaml || ln -s $yaml $TMPDIR/config.yaml #使用不同方式启动clash服务 if [ "$start_old" = "已开启" ];then start_old