From 69969841d84c4450a0172cd8a4556d10795d8c28 Mon Sep 17 00:00:00 2001 From: juewuy Date: Sun, 15 Jan 2023 20:58:15 +0800 Subject: [PATCH] =?UTF-8?q?v1.6.15c=20~=E4=BF=AE=E5=A4=8D=E8=84=9A?= =?UTF-8?q?=E6=9C=AC=E5=86=85=E7=BD=AE=E6=9B=B4=E6=96=B0=E6=97=B6=E6=97=A0?= =?UTF-8?q?=E6=B3=95=E6=AD=A3=E7=A1=AE=E6=9B=B4=E6=96=B0=E7=89=88=E6=9C=AC?= =?UTF-8?q?=E5=8F=B7=E7=9A=84bug=20~=E4=BF=AE=E5=A4=8Ddnsmasq=E8=BD=AC?= =?UTF-8?q?=E5=8F=91=E6=97=A0=E6=B3=95=E6=AD=A3=E5=B8=B8=E7=A6=81=E7=94=A8?= =?UTF-8?q?=E7=9A=84bug=20~=E6=A2=85=E6=9E=97=E5=9B=BA=E4=BB=B6=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E5=AF=B9nat-start=E6=96=87=E4=BB=B6=E7=9A=84=E8=87=AA?= =?UTF-8?q?=E5=90=AF=E6=8E=88=E6=9D=83=EF=BC=8C=E8=A7=A3=E5=86=B3=E8=84=9A?= =?UTF-8?q?=E6=9C=AC=E6=97=A0=E6=B3=95=E8=87=AA=E5=90=AF=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98=20~=E4=BF=AE=E5=A4=8D=E5=8D=8E=E7=A1=95=E5=9B=BA?= =?UTF-8?q?=E4=BB=B6=E5=9B=A0=E4=B8=8D=E6=94=AF=E6=8C=81command=E5=91=BD?= =?UTF-8?q?=E4=BB=A4=E8=80=8C=E5=AF=BC=E8=87=B4=E7=9A=84=E4=B8=80=E7=B3=BB?= =?UTF-8?q?=E5=88=97=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/clash.sh | 33 ++++++++++++++++++++------------- scripts/getdate.sh | 7 ++++--- scripts/init.sh | 4 ++-- scripts/start.sh | 33 ++++++++++++++++++--------------- 4 files changed, 44 insertions(+), 33 deletions(-) diff --git a/scripts/clash.sh b/scripts/clash.sh index 8a49723..ce8547d 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -3,6 +3,9 @@ #读取配置相关 +ckcmd(){ + command -v sh &>/dev/null && command -v $1 &>/dev/null || type $1 &>/dev/null +} getconfig(){ #服务器缺省地址 @@ -427,8 +430,8 @@ setdns(){ echo -e " 3 \033[33m重置\033[0mDNS配置" echo -e " 4 一键配置\033[32m加密DNS\033[0m" echo -e " 5 hosts优化: \033[36m$hosts_opt\033[0m ————调用本机hosts并劫持NTP服务" - echo -e " 6 Dnsmasq转发: \033[36m$dns_redir\033[0m ————不明勿动" - echo -e " 7 禁用内置DNS: \033[36m$dns_no\033[0m ————不明勿动" + echo -e " 6 Dnsmasq转发: \033[36m$dns_redir\033[0m ————不推荐使用" + echo -e " 7 禁用DNS劫持: \033[36m$dns_no\033[0m ————取消劫持局域网53端口" echo -e " 0 返回上级菜单" echo ----------------------------------------------- read -p "请输入对应数字 > " num @@ -504,7 +507,11 @@ setdns(){ echo -e "\033[32m已启用Dnsmasq转发DNS功能!!!\033[0m" sleep 1 else - echo -e "\033[33m禁用成功!!\033[0m" + uci del dhcp.@dnsmasq[-1].server + uci set dhcp.@dnsmasq[0].noresolv=0 + uci commit dhcp + /etc/init.d/dnsmasq restart + echo -e "\033[33m禁用成功!!如有报错请重启设备!\033[0m" dns_redir=未开启 fi sleep 1 @@ -516,10 +523,10 @@ setdns(){ if [ "$dns_no" = "未禁用" ]; then echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用!\033[0m" dns_no=已禁用 - echo -e "\033[32m已禁用内置DNS!!!\033[0m" + echo -e "\033[32m已禁用DNS劫持!!!\033[0m" else dns_no=未禁用 - echo -e "\033[33m已启用内置DNS!!!\033[0m" + echo -e "\033[33m已启用DNS劫持!!!\033[0m" fi sleep 1 setconfig dns_no $dns_no @@ -742,7 +749,7 @@ localproxy(){ echo -e " 1 \033[36m$proxy_set本机代理\033[0m" echo -e " 2 使用\033[32m环境变量\033[0m方式配置(部分应用可能无法使用)" [ -n "$(lsmod | grep ^xt_owner)" ] && echo -e " 3 使用\033[32miptables增强模式\033[0m配置(支持docker)" - command -v nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)" + ckcmd nft && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)" echo -e " 0 返回上级菜单" echo ----------------------------------------------- read -p "请输入对应数字 > " num @@ -829,13 +836,13 @@ setboot(){ 1) if [ "$autostart" = "enable" ]; then [ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null - command -v systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl disable clash.service > /dev/null 2>&1 touch $clashdir/.dis_startup autostart=disable echo -e "\033[33m已禁止Clash开机启动!\033[0m" elif [ "$autostart" = "disable" ]; then [ -f /etc/rc.common ] && /etc/init.d/clash enable - command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1 rm -rf $clashdir/.dis_startup autostart=enable echo -e "\033[32m已设置Clash开机启动!\033[0m" @@ -959,7 +966,7 @@ clashcfg(){ } [ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && sup_tp=1 #[ -n "$(lsmod | grep '^tun')" ] || ip tuntap &>/dev/null && sup_tun=1 - command -v nft &> /dev/null && sup_nft=1 + ckcmd nft && sup_nft=1 #[ -n "$(lsmod | grep 'nft_tproxy')" ] && sup_nft=2 echo ----------------------------------------------- echo -e "当前代理模式为:\033[47;30m $redir_mod \033[0m;Clash核心为:\033[47;30m $clashcore \033[0m" @@ -1006,7 +1013,7 @@ clashcfg(){ set_redir_config elif [ "$num" = 6 ]; then - if command -v opkg >/dev/null && [ -z "$(opkg list-installed | grep firewall4)" ];then + if ckcmd opkg && [ -z "$(opkg list-installed | grep firewall4)" ];then read -p "检测到缺少firewall4依赖,是否自动安装?(1/0)" res [ "$res" = '1' ] && opkg install firewall4 && redir_mod=Nft基础 else @@ -1015,7 +1022,7 @@ clashcfg(){ set_redir_config elif [ "$num" = 7 ]; then - if command -v opkg >/dev/null && [ -z "$(opkg list-installed | grep kmod-nft-tproxy)" ];then + if ckcmd opkg && [ -z "$(opkg list-installed | grep kmod-nft-tproxy)" ];then read -p "检测到缺少kmod-nft-tproxy依赖,是否自动安装?(1/0)" res [ "$res" = '1' ] && opkg install kmod-nft-tproxy && redir_mod=Nft混合 else @@ -1467,9 +1474,9 @@ tools(){ elif [ "$num" = 3 ]; then if [ "$ssh_ol" = "开启" ];then iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 - [ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 + [ -n "$(ckcmd ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 echo "iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user - [ -n "$(command -v ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user + [ -n "$(ckcmd ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user echo ----------------------------------------------- echo -e "已开启外网访问SSH功能!" else diff --git a/scripts/getdate.sh b/scripts/getdate.sh index dee1ddd..a0feb82 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -345,6 +345,7 @@ gettar(){ echo -e "\033[33m文件解压失败!\033[0m" error_down else + setconfig versionsh_l $release_new echo -e "\033[32m脚本更新成功!\033[0m" fi fi @@ -940,14 +941,14 @@ userguide(){ errornum forwhat elif [ "$num" = 1 ];then - if command -v nft &>/dev/null;then + if ckcmd nft;then setconfig redir_mod "Nft模式" else setconfig redir_mod "Redir模式" fi #设置开机启动 [ -f /etc/rc.common ] && /etc/init.d/clash enable - command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1 + ckcmd systemctl && systemctl enable clash.service > /dev/null 2>&1 rm -rf $clashdir/.dis_startup autostart=enable #检测IP转发 @@ -1032,7 +1033,7 @@ userguide(){ sethost fi } - if command -v systemd >/dev/null 2>&1 ;then + if ckcmd systemd;then echo ----------------------------------------------- echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务?\033[0m" echo -e "注意当前设备必须有公网IP才能从公网正常访问" diff --git a/scripts/init.sh b/scripts/init.sh index 88e9fb9..f0dd921 100644 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -166,7 +166,7 @@ else fi fi #修饰文件及版本号 -command -v bash &>/dev/null && sed -i "s|/bin/sh|/bin/bash|" $clashdir/start.sh +bash --help &>/dev/null && sed -i "s|/bin/sh|/bin/bash|" $clashdir/start.sh chmod 755 $clashdir/start.sh setconfig versionsh_l $version #设置更新地址 @@ -197,6 +197,7 @@ fi sed -i '/ShellClash初始化/'d $initdir touch $initdir echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir + chmod a+rx $initdir 2>/dev/null setconfig initdir $initdir } #小米镜像化OpenWrt额外设置 @@ -210,7 +211,6 @@ if [ "$systype" = "mi_snapshot" ];then setconfig systype $systype else rm -rf $clashdir/misnap_init.sh - rm -rf $clashdir/clashservice fi #华硕USB启动额外设置 [ "$usb_status" = "1" ] && { diff --git a/scripts/start.sh b/scripts/start.sh index f557308..c1f29d7 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -36,10 +36,13 @@ setconfig(){ [ -z "$3" ] && configpath=$clashdir/mark || configpath=$3 [ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath } +ckcmd(){ + command -v sh &>/dev/null && command -v $1 &>/dev/null || type $1 &>/dev/null +} compare(){ if [ ! -f $1 -o ! -f $2 ];then return 1 - elif command -v cmp >/dev/null 2>&1;then + elif ckcmd cmp;then cmp -s $1 $2 else [ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1 @@ -255,7 +258,7 @@ EOF` exit 1 fi #检测并去除无效节点组 - [ -n "$url_type" ] && command -v xargs >/dev/null 2>&1 && { + [ -n "$url_type" ] && ckcmd xargs && { cat $yamlnew | grep -A 8 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/ rules:.*//g' | sed 's/- //g' | grep -E '#DIRECT $' | awk -F '#' '{print $1}' > /tmp/clash_proxies_$USER while read line ;do sed -i "/- $line/d" $yamlnew @@ -691,7 +694,7 @@ start_output(){ iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out } #Docker转发 - command -v docker &>/dev/null && { + ckcmd docker && { iptables -t nat -N clash_docker iptables -t nat -A clash_docker -d 10.0.0.0/8 -j RETURN iptables -t nat -A clash_docker -d 127.0.0.0/8 -j RETURN @@ -883,20 +886,20 @@ start_wan(){ iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT iptables -A INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT iptables -A INPUT -p tcp --dport $mix_port -j REJECT - command -v ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null + ckcmd ip6tables && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null } if [ "$public_support" = "已开启" ];then [ "$mix_port" != "7890" -a -n "$authentication" ] && { iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT - command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null + ckcmd ip6tables && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null } iptables -I INPUT -p tcp --dport $db_port -j ACCEPT - command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null + ckcmd ip6tables && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null fi } stop_firewall(){ #重置iptables相关规则 - command -v iptables >/dev/null 2>&1 && { + ckcmd iptables && { #redir iptables -t nat -D PREROUTING -p tcp $ports -j clash 2> /dev/null iptables -t nat -F clash 2> /dev/null @@ -939,7 +942,7 @@ stop_firewall(){ iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null } #重置ipv6规则 - command -v ip6tables >/dev/null 2>&1 && { + ckcmd ip6tables && { #redir ip6tables -t nat -D PREROUTING -p tcp -j clashv6 2> /dev/null ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellClash-IPV6_DNS-REJECT" -j REJECT 2> /dev/null @@ -984,7 +987,7 @@ stop_firewall(){ ip rule del fwmark 1 table 102 2> /dev/null ip route del local 172.16.0.0/12 dev lo table 102 2> /dev/null #重置nftables相关规则 - command -v nft >/dev/null 2>&1 && { + ckcmd nft && { nft flush table inet shellclash >/dev/null 2>&1 nft delete table inet shellclash >/dev/null 2>&1 } @@ -1100,7 +1103,7 @@ bfstart(){ #检查clash核心 if [ ! -f $bindir/clash ];then if [ -f $clashdir/clash ];then - mv $clashdir/clash $bindir/clash && chmod +x $bindir/clash + mv $clashdir/clash $bindir/clash else logger "未找到clash核心,正在下载!" 33 if [ -z "$clashcore" ];then @@ -1110,7 +1113,6 @@ bfstart(){ [ -z "$cpucore" ] && logger 找不到设备的CPU信息,请手动指定处理器架构类型! 31 && setcpucore $0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore" [ "$?" = "1" ] && rm -rf $bindir/clash && logger "核心下载失败,已退出!" 31 && exit 1 - [ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限1 clashv=$($bindir/clash -v 2>/dev/null | sed 's/ linux.*//;s/.* //') if [ -z "$clashv" ];then rm -rf $bindir/clash @@ -1122,6 +1124,7 @@ bfstart(){ fi fi fi + [ ! -x $bindir/clash ] && chmod +x $bindir/clash #检测可执行权限 #检查数据库文件 if [ ! -f $bindir/Country.mmdb ];then if [ -f $clashdir/Country.mmdb ];then @@ -1157,7 +1160,7 @@ bfstart(){ #本机代理准备 if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then - if command -v userdel useradd groupmod &>/dev/null; then + if ckcmd userdel useradd groupmod; then userdel shellclash 2>/dev/null useradd shellclash -u 7890 groupmod shellclash -g 7890 @@ -1225,7 +1228,7 @@ afstart(){ [ "$local_proxy" = "已开启" ] && [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port [ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output [ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft - command -v iptables >/dev/null 2>&1 && start_wan + ckcmd iptables && start_wan #标记启动时间 mark_time #加载定时任务 @@ -1249,7 +1252,7 @@ start_old(){ if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then su shellclash -c "$bindir/clash -d $bindir >/dev/null" & else - command -v nohup >/dev/null 2>&1 && nohup=nohup + ckcmd nohup && nohup=nohup $nohup $bindir/clash -d $bindir >/dev/null 2>&1 & fi afstart @@ -1418,7 +1421,7 @@ unset_proxy) sed -i '/ALL_PROXY/'d $profile ;; -t) - $2 + $2 $3 $4 $5 $6 ;; esac