diff --git a/scripts/clash.sh b/scripts/clash.sh index f21169e..1e29b94 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -1203,6 +1203,7 @@ clashadv(){ [ -z "$tproxy_mod" ] && tproxy_mod=未开启 [ -z "$public_support" ] && public_support=未开启 [ -z "$sniffer" ] && sniffer=未启用 + [ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && sniffer=已启用 [ "$bindir" = "/tmp/clash_$USER" ] && mini_clash=已开启 || mini_clash=未开启 # echo ----------------------------------------------- @@ -1255,6 +1256,8 @@ clashadv(){ echo "已将clash内核切换为Meta内核!域名嗅探依赖Meta或者高版本clashpre内核!" fi sniffer=已启用 + elif [ "$clashcore" = "clashpre" -a "$dns_mod" = "redir_host" ];then + echo -e "\033[31m使用clashpre内核且开启redir-host模式时无法关闭!\033[0m" else sniffer=未启用 fi diff --git a/scripts/getdate.sh b/scripts/getdate.sh index 7fa35dd..132260e 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -972,10 +972,12 @@ userguide(){ elif [ "$num" = 2 ];then setconfig redir_mod "纯净模式" setconfig clashcore "clash" + setconfig common_ports "未开启" echo ----------------------------------------------- echo -e "\033[36m请选择设置本机代理的方式\033[0m" echo -e " 1 使用\033[32m环境变量\033[0m方式配置(不支持部分应用)" - echo -e " 2 使用\033[32miptables增强模式\033[0m配置(不支持OpenWrt)" + echo -e " 2 使用\033[32miptables增强模式\033[0m配置" + echo -e " 3 使用\033[32mnftables增强模式\033[0m配置" echo -e " 0 稍后设置" read -p "请输入对应数字 > " num if [ "$num" = 1 ]; then @@ -984,6 +986,9 @@ userguide(){ elif [ "$num" = 2 ]; then local_proxy=已开启 local_type=iptables增强模式 + elif [ "$num" = 3 ]; then + local_proxy=已开启 + local_type=nftables增强模式 fi setconfig local_proxy $local_proxy setconfig local_type $local_type diff --git a/scripts/start.sh b/scripts/start.sh index 55a035c..dc91b61 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -174,8 +174,8 @@ https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Full_Games. EOF` Https=$(echo ${Https//\%26/\&}) #将%26替换回& #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 - if [ -z "$Https" ];then - [ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://v.id9.cc' + if [ -z "$Https" -a -z "$retry" ];then + [ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://api.v1.mk' [ -n "$(echo $Url | grep -oE 'hysteria:')" ] && Server='https://sub.shellclash.cf' Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" url_type=true @@ -317,11 +317,10 @@ modify_yaml(){ dns='dns: {enable: true, '$dns_v6', listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}' fi } - #sniffer配置 - [ "$sniffer" = "已启用" ] && { - [ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}" - [ "$clashcore" = "clashpre" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}" - } + #域名嗅探配置 + [ "$sniffer" = "已启用" ] && [ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}" + [ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}" + #设置目录 yaml=$clashdir/config.yaml tmpdir=/tmp/clash_$USER @@ -344,7 +343,7 @@ modify_yaml(){ [ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml #节点绕过功能支持 [ "$proxies_bypass" = "已启用" ] && { - cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass + cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's|$|/32,DIRECT #节点绕过|g' >> $tmpdir/proxies_bypass cat /tmp/clash_$USER/proxy.yaml | grep -vE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+\.?'| awk '!a[$0]++' | sed 's/^/\ -\ DOMAIN,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass sed -i "/#节点绕过/d" $tmpdir/rule.yaml cat $tmpdir/rule.yaml >> $tmpdir/proxies_bypass @@ -891,7 +890,7 @@ stop_firewall(){ iptables -t nat -X clash_docker 2> /dev/null iptables -t nat -D PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker 2> /dev/null iptables -t nat -D PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port 2> /dev/null - #TPROXY + #TPROXY&tun iptables -t mangle -D PREROUTING -p tcp $ports -j clash 2> /dev/null iptables -t mangle -D PREROUTING -p udp $ports -j clash 2> /dev/null iptables -t mangle -F clash 2> /dev/null @@ -922,7 +921,7 @@ stop_firewall(){ ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null - #tproxy + #tproxy&tun ip6tables -t mangle -D PREROUTING -p tcp $ports -j clashv6 2> /dev/null ip6tables -t mangle -D PREROUTING -p udp $ports -j clashv6 2> /dev/null ip6tables -t mangle -F clashv6 2> /dev/null