xm/ShellCrash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.6.14b

Browse Source 
~增加节点绕过功能
~增加nftables依赖检测及自动安装功能(限OpenWrt)
~优化配置文件生成逻辑
…………
~修复节点绕过bug
~pre核redirhost模式强制启用域名嗅探
~新手引导部分优化
~在线生成配置下载优化
This commit is contained in:
juewuy
2023-01-01 20:25:30 +08:00
parent 9aec51a267
commit 862af13667
3 changed files with 18 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/clash.sh
View File

@@ -1203,6 +1203,7 @@ clashadv(){
[ -z "$tproxy_mod" ] && tproxy_mod=未开启 [ -z "$tproxy_mod" ] && tproxy_mod=未开启
[ -z "$public_support" ] && public_support=未开启 [ -z "$public_support" ] && public_support=未开启
[ -z "$sniffer" ] && sniffer=未启用 [ -z "$sniffer" ] && sniffer=未启用
[ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && sniffer=已启用
[ "$bindir" = "/tmp/clash_$USER" ] && mini_clash=已开启 || mini_clash=未开启 [ "$bindir" = "/tmp/clash_$USER" ] && mini_clash=已开启 || mini_clash=未开启
# #
echo ----------------------------------------------- echo -----------------------------------------------
@@ -1255,6 +1256,8 @@ clashadv(){
echo "已将clash内核切换为Meta内核域名嗅探依赖Meta或者高版本clashpre内核" echo "已将clash内核切换为Meta内核域名嗅探依赖Meta或者高版本clashpre内核"
fi fi
sniffer=已启用 sniffer=已启用
elif [ "$clashcore" = "clashpre" -a "$dns_mod" = "redir_host" ];then
echo -e "\033[31m使用clashpre内核且开启redir-host模式时无法关闭\033[0m"
else else
sniffer=未启用 sniffer=未启用
fi fi

7
scripts/getdate.sh
View File

@@ -972,10 +972,12 @@ userguide(){
elif [ "$num" = 2 ];then elif [ "$num" = 2 ];then
setconfig redir_mod "纯净模式" setconfig redir_mod "纯净模式"
setconfig clashcore "clash" setconfig clashcore "clash"
setconfig common_ports "未开启"
echo ----------------------------------------------- echo -----------------------------------------------
echo -e "\033[36m请选择设置本机代理的方式\033[0m" echo -e "\033[36m请选择设置本机代理的方式\033[0m"
echo -e " 1 使用\033[32m环境变量\033[0m方式配置(不支持部分应用)" echo -e " 1 使用\033[32m环境变量\033[0m方式配置(不支持部分应用)"
echo -e " 2 使用\033[32miptables增强模式\033[0m配置(不支持OpenWrt)" echo -e " 2 使用\033[32miptables增强模式\033[0m配置"
echo -e " 3 使用\033[32mnftables增强模式\033[0m配置"
echo -e " 0 稍后设置" echo -e " 0 稍后设置"
read -p "请输入对应数字 > " num read -p "请输入对应数字 > " num
if [ "$num" = 1 ]; then if [ "$num" = 1 ]; then
@@ -984,6 +986,9 @@ userguide(){
elif [ "$num" = 2 ]; then elif [ "$num" = 2 ]; then
local_proxy=已开启 local_proxy=已开启
local_type=iptables增强模式 local_type=iptables增强模式
elif [ "$num" = 3 ]; then
local_proxy=已开启
local_type=nftables增强模式
fi fi
setconfig local_proxy $local_proxy setconfig local_proxy $local_proxy
setconfig local_type $local_type setconfig local_type $local_type

19
scripts/start.sh
View File

@@ -174,8 +174,8 @@ https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Full_Games.
EOF` EOF`
Https=$(echo ${Https//\%26/\&}) #将%26替换回& Https=$(echo ${Https//\%26/\&}) #将%26替换回&
#如果传来的是Url链接则合成Https链接否则直接使用Https链接 #如果传来的是Url链接则合成Https链接否则直接使用Https链接
if [ -z "$Https" ];then if [ -z "$Https" -a -z "$retry" ];then
[ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://v.id9.cc' [ -n "$(echo $Url | grep -oE 'vless:')" ] && Server='https://api.v1.mk'
[ -n "$(echo $Url | grep -oE 'hysteria:')" ] && Server='https://sub.shellclash.cf' [ -n "$(echo $Url | grep -oE 'hysteria:')" ] && Server='https://sub.shellclash.cf'
Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config" Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
url_type=true url_type=true
@@ -317,11 +317,10 @@ modify_yaml(){
dns='dns: {enable: true, '$dns_v6', listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}' dns='dns: {enable: true, '$dns_v6', listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
fi fi
} }
#sniffer配置 #域名嗅探配置
[ "$sniffer" = "已启用" ] && { [ "$sniffer" = "已启用" ] && [ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}"
[ "$clashcore" = "clash.meta" ] && sniffer_set="sniffer: {enable: true, sniffing: [tls, http]}" [ "$clashcore" = "clashpre" ] && [ "$dns_mod" = "redir_host" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}"
[ "$clashcore" = "clashpre" ] && exper="experimental: {ignore-resolve-fail: true, interface-name: en0, sniff-tls-sni: true}"
}
#设置目录 #设置目录
yaml=$clashdir/config.yaml yaml=$clashdir/config.yaml
tmpdir=/tmp/clash_$USER tmpdir=/tmp/clash_$USER
@@ -344,7 +343,7 @@ modify_yaml(){
[ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml [ "$skip_cert" = "已开启" ] && sed -i 's/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml
#节点绕过功能支持 #节点绕过功能支持
[ "$proxies_bypass" = "已启用" ] && { [ "$proxies_bypass" = "已启用" ] && {
cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass cat /tmp/clash_$USER/proxy.yaml | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '!a[$0]++' | sed 's/^/\ -\ IP-CIDR,/g' | sed 's|$|/32,DIRECT #节点绕过|g' >> $tmpdir/proxies_bypass
cat /tmp/clash_$USER/proxy.yaml | grep -vE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+\.?'| awk '!a[$0]++' | sed 's/^/\ -\ DOMAIN,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass cat /tmp/clash_$USER/proxy.yaml | grep -vE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+\.?'| awk '!a[$0]++' | sed 's/^/\ -\ DOMAIN,/g' | sed 's/$/,DIRECT #节点绕过/g' >> $tmpdir/proxies_bypass
sed -i "/#节点绕过/d" $tmpdir/rule.yaml sed -i "/#节点绕过/d" $tmpdir/rule.yaml
cat $tmpdir/rule.yaml >> $tmpdir/proxies_bypass cat $tmpdir/rule.yaml >> $tmpdir/proxies_bypass
@@ -891,7 +890,7 @@ stop_firewall(){
iptables -t nat -X clash_docker 2> /dev/null iptables -t nat -X clash_docker 2> /dev/null
iptables -t nat -D PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker 2> /dev/null iptables -t nat -D PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker 2> /dev/null
iptables -t nat -D PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port 2> /dev/null iptables -t nat -D PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port 2> /dev/null
#TPROXY #TPROXY&tun
iptables -t mangle -D PREROUTING -p tcp $ports -j clash 2> /dev/null iptables -t mangle -D PREROUTING -p tcp $ports -j clash 2> /dev/null
iptables -t mangle -D PREROUTING -p udp $ports -j clash 2> /dev/null iptables -t mangle -D PREROUTING -p udp $ports -j clash 2> /dev/null
iptables -t mangle -F clash 2> /dev/null iptables -t mangle -F clash 2> /dev/null
@@ -922,7 +921,7 @@ stop_firewall(){
ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
#tproxy #tproxy&tun
ip6tables -t mangle -D PREROUTING -p tcp $ports -j clashv6 2> /dev/null ip6tables -t mangle -D PREROUTING -p tcp $ports -j clashv6 2> /dev/null
ip6tables -t mangle -D PREROUTING -p udp $ports -j clashv6 2> /dev/null ip6tables -t mangle -D PREROUTING -p udp $ports -j clashv6 2> /dev/null
ip6tables -t mangle -F clashv6 2> /dev/null ip6tables -t mangle -F clashv6 2> /dev/null