From 862af1366750c165747ff3e92254c5ee20b15f2f Mon Sep 17 00:00:00 2001 From: juewuy Date: Sun, 1 Jan 2023 20:25:30 +0800 Subject: [PATCH] =?UTF-8?q?v1.6.14b=20~=E5=A2=9E=E5=8A=A0=E8=8A=82?= =?UTF-8?q?=E7=82=B9=E7=BB=95=E8=BF=87=E5=8A=9F=E8=83=BD=20~=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0nftables=E4=BE=9D=E8=B5=96=E6=A3=80=E6=B5=8B=E5=8F=8A?= =?UTF-8?q?=E8=87=AA=E5=8A=A8=E5=AE=89=E8=A3=85=E5=8A=9F=E8=83=BD(?= =?UTF-8?q?=E9=99=90OpenWrt)=20~=E4=BC=98=E5=8C=96=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E7=94=9F=E6=88=90=E9=80=BB=E8=BE=91=20?= =?UTF-8?q?=E2=80=A6=E2=80=A6=E2=80=A6=E2=80=A6=20~=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=E8=8A=82=E7=82=B9=E7=BB=95=E8=BF=87bug=20~pre=E6=A0=B8redirhos?= =?UTF-8?q?t=E6=A8=A1=E5=BC=8F=E5=BC=BA=E5=88=B6=E5=90=AF=E7=94=A8?= =?UTF-8?q?=E5=9F=9F=E5=90=8D=E5=97=85=E6=8E=A2=20~=E6=96=B0=E6=89=8B?= =?UTF-8?q?=E5=BC=95=E5=AF=BC=E9=83=A8=E5=88=86=E4=BC=98=E5=8C=96=20~?= =?UTF-8?q?=E5=9C=A8=E7=BA=BF=E7=94=9F=E6=88=90=E9=85=8D=E7=BD=AE=E4=B8=8B?= =?UTF-8?q?=E8=BD=BD=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/clash.sh | 3 +++ scripts/getdate.sh | 7 ++++++- scripts/start.sh | 19 +++++++++---------- 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/scripts/clash.sh b/scripts/clash.sh index f21169e..1e29b94 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -1203,6 +1203,7 @@ clashadv(){ [ -z "$tproxy_mod" ] && tproxy_mod=未开启 [ -z "$public_support" ] && public_support=未开启 [ -z "$sniffer" ] && sniffer=未启用 + [ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && sniffer=已启用 [ "$bindir" = "/tmp/clash_$USER" ] && mini_clash=已开启 || mini_clash=未开启 # echo ----------------------------------------------- @@ -1255,6 +1256,8 @@ clashadv(){ echo "已将clash内核切换为Meta内核!域名嗅探依赖Meta或者高版本clashpre内核!" fi sniffer=已启用 + elif [ "$clashcore" = "clashpre" -a "$dns_mod" = "redir_host" ];then + echo -e "\033[31m使用clashpre内核且开启redir-host模式时无法关闭!\033[0m" else sniffer=未启用 fi diff --git a/scripts/getdate.sh b/scripts/getdate.sh index 7fa35dd..132260e 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -972,10 +972,12 @@ userguide(){ elif [ "$num" = 2 ];then setconfig redir_mod "纯净模式" setconfig clashcore "clash" + setconfig common_ports "未开启" echo ----------------------------------------------- echo -e "\033[36m请选择设置本机代理的方式\033[0m" echo -e " 1 使用\033[32m环境变量\033[0m方式配置(不支持部分应用)" - echo -e " 2 使用\033[32miptables增强模式\033[0m配置(不支持OpenWrt)" + echo -e " 2 使用\033[32miptables增强模式\033[0m配置" + echo -e " 3 使用\033[32mnftables增强模式\033[0m配置" echo -e " 0 稍后设置" read -p "请输入对应数字 > " num if [ "$num" = 1 ]; then @@ -984,6 +986,9 @@ userguide(){ elif [ "$num" = 2 ]; then local_proxy=已开启 local_type=iptables增强模式 + elif [ "$num" = 3 ]; then + local_proxy=已开启 + local_type=nftables增强模式 fi setconfig local_proxy $local_proxy setconfig local_type $local_type diff --git a/scripts/start.sh b/scripts/start.sh index 55a035c..dc91b61 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -174,8 +174,8 @@ https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Full_Games. EOF` Https=$(echo ${Https//\%26/\&}) #将%26替换回& #如果传来的是Url链接则合成Https链接,否则直接使用Https链接 - if [ -z "$Https" ];then - [ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://v.id9.cc' + if [ -z "$Https" -a -z "$retry" ];then + [ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://api.v1.mk' [ -n "$(echo $Url | grep -oE 'hysteria:')" ] && Server='https://sub.shellclash.cf' Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" url_type=true @@ -317,11 +317,10 @@ modify_yaml(){ dns='dns: {enable: true, '$dns_v6', listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}' fi } - #sniffer配置 - [ "$sniffer" = "已启用" ] && { - [ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}" - [ "$clashcore" = "clashpre" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}" - } + #域名嗅探配置 + [ "$sniffer" = "已启用" ] && [ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}" + [ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}" + #设置目录 yaml=$clashdir/config.yaml tmpdir=/tmp/clash_$USER @@ -344,7 +343,7 @@ modify_yaml(){ [ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml #节点绕过功能支持 [ "$proxies_bypass" = "已启用" ] && { - cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass + cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's|$|/32,DIRECT #节点绕过|g' >> $tmpdir/proxies_bypass cat /tmp/clash_$USER/proxy.yaml | grep -vE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+\.?'| awk '!a[$0]++' | sed 's/^/\ -\ DOMAIN,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass sed -i "/#节点绕过/d" $tmpdir/rule.yaml cat $tmpdir/rule.yaml >> $tmpdir/proxies_bypass @@ -891,7 +890,7 @@ stop_firewall(){ iptables -t nat -X clash_docker 2> /dev/null iptables -t nat -D PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker 2> /dev/null iptables -t nat -D PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port 2> /dev/null - #TPROXY + #TPROXY&tun iptables -t mangle -D PREROUTING -p tcp $ports -j clash 2> /dev/null iptables -t mangle -D PREROUTING -p udp $ports -j clash 2> /dev/null iptables -t mangle -F clash 2> /dev/null @@ -922,7 +921,7 @@ stop_firewall(){ ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null - #tproxy + #tproxy&tun ip6tables -t mangle -D PREROUTING -p tcp $ports -j clashv6 2> /dev/null ip6tables -t mangle -D PREROUTING -p udp $ports -j clashv6 2> /dev/null ip6tables -t mangle -F clashv6 2> /dev/null