xm/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2026-03-10 23:41:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1205 from sofia-riese/chroe-7

Browse Source 
chore(7_gateway.sh): invoke the common.sh componen
This commit is contained in:
juewuy
2026-02-03 17:27:46 +08:00
committed by GitHub
parent a34dac4e22 228badb65f
commit 8a37ff52b6
1 changed files with 95 additions and 211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

306
scripts/menus/7_gateway.sh
View File

@@ -11,10 +11,7 @@ __IS_MODULE_7_GATEWAY_LOADED=1
# 访问与控制主菜单
gateway() {
while true; do
line_break
separator_line "="
content_line "\033[30;47m访问与控制\033[0m"
separator_line "="
comp_box "\033[30;47m访问与控制菜单\033[0m"
content_line "1) 配置\033[33m公网访问防火墙 \033[32m$fw_wan\033[0m"
content_line "2) 配置\033[36mTelegram专属控制机器人 \033[32m$bot_tg_service\033[0m"
content_line "3) 配置\033[36mDDNS自动域名\033[0m"
@@ -24,6 +21,7 @@ gateway() {
content_line "6) 配置\033[36mTailscale内网穿透\033[0m限Singbox \033[32m$ts_service\033[0m"
content_line "7) 配置\033[36mWireguard客户端\033[0m限Singbox \033[32m$wg_service\033[0m"
}
content_line ""
content_line "0) 返回上级菜单"
separator_line "="
read -r -p "请输入对应标号> " num
@@ -32,15 +30,11 @@ gateway() {
break
;;
1)
line_break
separator_line "="
if [ -n "$(pidof CrashCore)" ] && [ "$firewall_mod" = 'iptables' ]; then
content_line "\033[33m公网访问防火墙需要先停止服务\033[0m"
content_line "是否确认继续"
separator_line "="
content_line "1) "
content_line "0) 否,返回上级菜单"
separator_line "="
comp_box "\033[33m公网访问防火墙需要先停止服务\033[0m" \
"是否确认继续"
btm_box "1) 是" \
"0) 否,返回上级菜单"
read -r -p "请输入对应标号> " res
if [ "$res" = 1 ]; then
"$CRASHDIR"/start.sh stop && set_fw_wan
@@ -67,27 +61,18 @@ gateway() {
if echo "$crashcore" | grep -q 'sing'; then
set_tailscale
else
line_break
separator_line "="
content_line "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
separator_line "="
sleep 1
msg_alert "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
fi
;;
7)
if echo "$crashcore" | grep -q 'sing'; then
set_wireguard
else
line_break
separator_line "="
content_line "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
separator_line "="
sleep 1
msg_alert "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
fi
;;
*)
errornum
sleep 1
;;
esac
done
@@ -106,12 +91,12 @@ set_fw_wan() {
content_line "当前自动放行端口:\033[36m$vms_port $sss_port\033[0m"
content_line "默认拦截端口:\033[33m$mix_port,$db_port\033[0m"
separator_line "="
content_line "1) 启用/关闭公网防火墙:\033[36m$fw_wan\033[0m"
content_line "2) 添加放行端口(可包含默认拦截端口)"
content_line "3) 移除指定手动放行端口"
content_line "4) 清空全部手动放行端口"
content_line "0) 返回上级菜单"
separator_line "="
btm_box "1) 启用/关闭公网防火墙:\033[36m$fw_wan\033[0m" \
"2) 添加放行端口(可包含默认拦截端口)" \
"3) 移除指定手动放行端口" \
"4) 清空全部手动放行端口" \
"" \
"0) 返回上级菜单"
read -r -p "请输入对应标号> " num
case $num in
"" | 0)
@@ -119,14 +104,10 @@ set_fw_wan() {
;;
1)
if [ "$fw_wan" = ON ]; then
line_break
separator_line "="
content_line "是否确认关闭防火墙?"
content_line "这会带来极大的安全隐患!"
separator_line "="
content_line "1) 是"
content_line "0) 否,返回上级菜单"
separator_line "="
comp_box "是否确认关闭防火墙?" \
"这会带来极大的安全隐患!"
btm_box "1) 是" \
"0) 否,返回上级菜单"
read -r -p "请输入对应标号> " res
if [ "$res" = 1 ]; then
fw_wan=OFF
@@ -139,77 +120,55 @@ set_fw_wan() {
setconfig fw_wan "$fw_wan"
;;
2)
line_break
port_count=$(echo "$fw_wan_ports" | awk -F',' '{print NF}')
if [ "$port_count" -ge 10 ]; then
separator_line "="
content_line "\033[31m最多支持设置放行10个端口请先减少一些\033[0m"
separator_line "="
msg_alert "\033[31m最多支持设置放行10个端口请先减少一些\033[0m"
else
line_break
read -r -p "请输入要放行的端口号> " port
if echo ",$fw_wan_ports," | grep -q ",$port,"; then
line_break
separator_line "="
content_line "\033[31m输入错误请勿重复添加\033[0m"
separator_line "="
msg_alert "\033[31m输入错误请勿重复添加\033[0m"
elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then
line_break
separator_line "="
content_line "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
separator_line "="
msg_alert "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
else
fw_wan_ports=$(echo "$fw_wan_ports,$port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
if setconfig fw_wan_ports "$fw_wan_ports"; then
common_success
else
common_faileds
fi
fi
fi
sleep 1
;;
3)
while true; do
line_break
separator_line "="
content_line "请直接输入要移除的端口号"
content_line "或输入 0 返回上级菜单"
separator_line "="
comp_box "\033[36m请直接输入要移除的端口号\033[0m" \
"或输入 0 返回上级菜单"
read -r -p "请输入> " port
if [ "$port" = 0 ]; then
break
elif echo ",$fw_wan_ports," | grep -q ",$port,"; then
if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then
line_break
separator_line "="
content_line "\033[31m输入错误\033[0m"
content_line "\033[31m请输入正确的数值(1-65535)\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m输入错误\033[0m" \
"\033[31m请输入正确的数值(1-65535)\033[0m"
else
fw_wan_ports=$(echo ",$fw_wan_ports," | sed "s/,$port//; s/^,//; s/,$//")
setconfig fw_wan_ports "$fw_wan_ports"
break
fi
else
line_break
separator_line "="
content_line "\033[31m输入错误\033[0m"
content_line "\033[31m请输入已添加过的端口\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m输入错误\033[0m" \
"\033[31m请输入已添加过的端口\033[0m"
fi
done
;;
4)
fw_wan_ports=''
setconfig fw_wan_ports
line_break
separator_line "="
content_line "\033[32m操作成功\033[0m"
separator_line "="
sleep 1
msg_alert "\033[32m操作成功\033[0m"
;;
*)
errornum
sleep 1
;;
esac
done
@@ -236,10 +195,7 @@ EOF
web_json_post "$bot_api/setMyCommands" "$JSON"
web_json_post "$bot_api/sendMessage" '{"chat_id":"'"$chat_ID"'","text":"'"$TEXT"'","parse_mode":"Markdown"}'
line_break
separator_line "="
content_line "\033[32m$TEXT\033[0m"
separator_line "="
comp_box "\033[32m$TEXT\033[0m"
}
set_bot_tg_init() {
@@ -267,14 +223,11 @@ set_bot_tg() {
while true; do
[ -n "$ts_auth_key" ] && ts_auth_key_info='已设置'
[ -n "$TG_CHATID" ] && TG_CHATID_info='已绑定'
line_break
separator_line "="
content_line "\033[31m注意\033[0m由于网络环境原因此机器人仅限服务启动时运行"
separator_line "="
content_line "1) 启用关闭TG-BOT服务 \033[32m$bot_tg_service\033[0m"
content_line "2) TG-BOT绑定设置 \033[32m$TG_CHATID_info\033[0m"
content_line "0) 返回上级菜单"
separator_line "="
comp_box "\033[31m注意\033[0m由于网络环境原因此机器人仅限服务启动时运行"
btm_box "1) 启用关闭TG-BOT服务 \033[32m$bot_tg_service\033[0m" \
"2) TG-BOT绑定设置 \033[32m$TG_CHATID_info\033[0m" \
"" \
"0) 返回上级菜单"
read -r -p "请输入对应标号> " num
case "$num" in
"" | 0)
@@ -285,23 +238,15 @@ set_bot_tg() {
if [ -n "$TG_CHATID" ]; then
set_bot_tg_service
else
line_break
separator_line "="
content_line "\033[31m请先绑定TG-BOT\033[0m"
separator_line "="
msg_alert "\033[31m请先绑定TG-BOT\033[0m"
fi
sleep 1
;;
2)
if [ -n "$chat_ID" ] && [ -n "$push_TG" ] && [ "$push_TG" != 'publictoken' ]; then
line_break
separator_line "="
content_line "检测到已经绑定了TG推送BOT"
content_line "是否直接使用:"
separator_line "="
content_line "1) 是"
content_line "0) 否"
separator_line "="
comp_box "检测到已经绑定了TG推送BOT" \
"是否直接使用?"
btm_box "1) 是" \
"0) 否"
read -r -p "请输入对应标号> " res
if [ "$res" = 1 ]; then
TOKEN="$push_TG"
@@ -313,7 +258,6 @@ set_bot_tg() {
;;
*)
errornum
sleep 1
;;
esac
done
@@ -322,13 +266,10 @@ set_bot_tg() {
# 自定义入站
set_vmess() {
while true; do
line_break
separator_line "="
content_line "\033[31m注意\033[0m"
content_line "设置的端口会添加到公网访问防火墙并自动放行!"
content_line "脚本只提供基础功能,更多需求请用自定义配置文件功能!"
content_line "\033[31m切勿用于搭建违法翻墙节点违者后果自负\033[0m"
separator_line "="
comp_box "\033[31m注意\033[0m" \
"设置的端口会添加到公网访问防火墙并自动放行!" \
"脚本只提供基础功能,更多需求请用自定义配置文件功能!" \
"\033[31m切勿用于搭建违法翻墙节点违者后果自负\033[0m"
content_line "1) \033[32m启用/关闭\033[0mVmess入站 \033[32m$vms_service\033[0m"
content_line "2) 设置\033[36m监听端口\033[0m \033[36m$vms_port\033[0m"
content_line "3) 设置\033[33mWS-path可选\033[0m \033[33m$vms_ws_path\033[0m"
@@ -337,6 +278,7 @@ set_vmess() {
gen_base64 1 >/dev/null 2>&1 &&
content_line "6) 设置\033[36m混淆host可选\033[0m \033[33m$vms_host\033[0m"
content_line "7) 一键生成\033[32m分享链接\033[0m"
content_line ""
content_line "0) 返回上级菜单"
separator_line "="
read -r -p "请输入对应标号> " num
@@ -353,11 +295,7 @@ set_vmess() {
vms_service=ON
setconfig vms_service "$vms_service"
else
line_break
separator_line "="
content_line "\033[31m请先完成必选设置\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m请先完成必选设置\033[0m"
fi
fi
;;
@@ -384,11 +322,7 @@ set_vmess() {
vms_ws_path="$text"
setconfig vms_ws_path "$text" "$GT_CFG_PATH"
else
line_break
separator_line "="
content_line "\033[31m不是合法的path路径必须以【/】开头!\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m不是合法的path路径必须以【/】开头!\033[0m"
fi
;;
4)
@@ -401,11 +335,7 @@ set_vmess() {
vms_uuid="$text"
setconfig vms_uuid "$text" "$GT_CFG_PATH"
else
line_break
separator_line "="
content_line "\033[31m不是合法的UUID格式请重新输入或使用随机生成功能\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m不是合法的UUID格式请重新输入或使用随机生成功能\033[0m"
fi
;;
5)
@@ -448,17 +378,13 @@ EOF
vms_link="vmess://$(gen_base64 "$vms_json")"
line_break
echo -e "你的分享链接是(请勿随意分享给他人):\n\033[32m$vms_link\033[0m"
sleep 1
else
line_break
separator_line "="
content_line "\033[31m请先完成必选设置\033[0m"
separator_line "="
msg_alert "\033[31m请先完成必选设置\033[0m"
fi
sleep 1
;;
*)
errornum
sleep 1
;;
esac
done
@@ -466,19 +392,17 @@ EOF
set_shadowsocks() {
while true; do
line_break
separator_line "="
content_line "\033[31m注意\033[0m"
content_line "设置的端口会添加到公网访问防火墙并自动放行!"
content_line "脚本只提供基础功能,更多需求请用自定义配置文件功能!"
content_line "\033[31m切勿用于搭建违法翻墙节点违者后果自负\033[0m"
separator_line "="
comp_box "\033[31m注意\033[0m" \
"设置的端口会添加到公网访问防火墙并自动放行!" \
"脚本只提供基础功能,更多需求请用自定义配置文件功能!" \
"\033[31m切勿用于搭建违法翻墙节点违者后果自负\033[0m"
content_line "1) \033[32m启用/关闭\033[0mShadowSocks入站 \033[32m$sss_service\033[0m"
content_line "2) 设置\033[36m监听端口\033[0m \033[36m$sss_port\033[0m"
content_line "3) 选择\033[33m加密协议\033[0m \033[33m$sss_cipher\033[0m"
content_line "4) 设置\033[36mpassword\033[0m \033[36m$sss_pwd\033[0m"
gen_base64 1 >/dev/null 2>&1 &&
content_line "5) 一键生成分享链接"
content_line ""
content_line "0) 返回上级菜单"
separator_line "="
read -r -p "请输入对应标号> " num
@@ -495,11 +419,7 @@ set_shadowsocks() {
sss_service=ON
setconfig sss_service "$sss_service"
else
line_break
separator_line "="
content_line "\033[31m请先完成必选设置\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m请先完成必选设置\033[0m"
fi
fi
;;
@@ -517,10 +437,7 @@ set_shadowsocks() {
fi
;;
3)
line_break
separator_line "="
content_line "请选择要使用的加密协议:"
separator_line "="
comp_box "请选择要使用的加密协议:"
content_line "1) \033[32mxchacha20-ietf-poly1305\033[0m"
content_line "2) \033[32mchacha20-ietf-poly1305\033[0m"
content_line "3) \033[32maes-128-gcm\033[0m"
@@ -569,20 +486,16 @@ set_shadowsocks() {
;;
*)
errornum
sleep 1
;;
esac
setconfig sss_cipher "$sss_cipher" "$GT_CFG_PATH"
setconfig sss_pwd "$sss_pwd" "$GT_CFG_PATH"
;;
4)
line_break
if echo "$sss_cipher" | grep -q '2022-blake3'; then
separator_line "="
content_line "\033[31m注意\033[0m2022系列加密必须使用脚本随机生成的password"
separator_line "="
sleep 1
msg_alert "\033[31m注意\033[0m2022系列加密必须使用脚本随机生成的password"
else
line_break
read -r -p "请输入秘钥输入0删除> " text
[ "$text" = 0 ] && sss_pwd='' || sss_pwd="$text"
setconfig sss_pwd "$text" "$GT_CFG_PATH"
@@ -595,17 +508,13 @@ set_shadowsocks() {
ss_link="ss://$(gen_base64 "$sss_cipher":"$sss_pwd")@${text}:${sss_port}#ShellCrash_ss_in"
line_break
echo -e "你的分享链接是(请勿随意分享给他人):\n\033[32m$ss_link\033[0m"
sleep 1
else
line_break
separator_line "="
content_line "\033[31m请先完成必选设置\033[0m"
separator_line "="
msg_alert "\033[31m请先完成必选设置\033[0m"
fi
sleep 1
;;
*)
errornum
sleep 1
;;
esac
done
@@ -615,20 +524,17 @@ set_shadowsocks() {
set_tailscale() {
while true; do
[ -n "$ts_auth_key" ] && ts_auth_key_info='*********'
line_break
separator_line "="
content_line "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译Tailscale模块\n如需使用请先前往自定义内核更新完整版内核文件"
content_line "创建秘钥:\033[32;4mhttps://login.tailscale.com/admin/settings/keys\033[0m"
content_line "访问非本机目标需允许通告:\033[32;4mhttps://login.tailscale.com\033[0m"
content_line "访问非本机目标需在终端设置使用Subnet或EXIT-NODE模式"
separator_line "="
content_line "1) \033[32m启用/关闭\033[0mTailscale服务 \033[32m$ts_service\033[0m"
content_line "2) 设置\033[36m秘钥\033[0mAuth Key $ts_auth_key_info"
content_line "3) 通告路由\033[33m内网地址\033[0mSubnet \033[36m$ts_subnet\033[0m"
content_line "4) 通告路由\033[31m全部流量\033[0mEXIT-NODE \033[36m$ts_exit_node\033[0m"
content_line "5) 设置\033[36m设备名称\033[0m可选 $ts_hostname"
content_line "0) 返回上级菜单"
separator_line "="
comp_box "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译Tailscale模块\n如需使用请先前往自定义内核更新完整版内核文件" \
"创建秘钥:\033[32;4mhttps://login.tailscale.com/admin/settings/keys\033[0m" \
"访问非本机目标需允许通告:\033[32;4mhttps://login.tailscale.com\033[0m" \
"访问非本机目标需在终端设置使用Subnet或EXIT-NODE模式"
btm_box "1) \033[32m启用/关闭\033[0mTailscale服务 \033[32m$ts_service\033[0m" \
"2) 设置\033[36m秘钥\033[0mAuth Key $ts_auth_key_info" \
"3) 通告路由\033[33m内网地址\033[0mSubnet \033[36m$ts_subnet\033[0m" \
"4) 通告路由\033[31m全部流量\033[0mEXIT-NODE \033[36m$ts_exit_node\033[0m" \
"5) 设置\033[36m设备名称\033[0m可选 $ts_hostname" \
"" \
"0) 返回上级菜单"
read -r -p "请输入对应标号> " num
case "$num" in
"" | 0)
@@ -639,11 +545,7 @@ set_tailscale() {
[ "$ts_service" = ON ] && ts_service=OFF || ts_service=ON
setconfig ts_service "$ts_service"
else
line_break
separator_line "="
content_line "\033[31m请先设置秘钥\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m请先设置秘钥\033[0m"
fi
;;
2)
@@ -661,20 +563,13 @@ set_tailscale() {
ts_exit_node=false
else
ts_exit_node=true
line_break
separator_line "="
content_line "\033[31m注意\033[0m目前exitnode的官方DNS有bug要么启用域名嗅探并禁用TailscaleDNS\n要么必须在网页设置Globalname servers为分配的本设备子网IP且启用override"
separator_line "="
sleep 3
msg_alert -t 3 "\033[31m注意\033[0m目前exitnode的官方DNS有bug要么启用域名嗅探并禁用TailscaleDNS\n要么必须在网页设置Globalname servers为分配的本设备子网IP且启用override"
fi
setconfig ts_exit_node "$ts_exit_node" "$GT_CFG_PATH"
;;
5)
line_break
separator_line "="
content_line "请直接输入希望在Tailscale显示的设备名称"
content_line "或输入 0 返回上级菜单"
separator_line "="
comp_box "\033[36m请直接输入希望在Tailscale显示的设备名称\033[0m" \
"或输入 0 返回上级菜单"
read -r -p "请输入> " ts_hostname
if [ "$ts_hostname" != 0 ]; then
setconfig ts_hostname "$ts_hostname" "$GT_CFG_PATH"
@@ -682,7 +577,6 @@ set_tailscale() {
;;
*)
errornum
sleep 1
;;
esac
done
@@ -708,24 +602,19 @@ set_wireguard() {
else
unset wgpsk_key_info
fi
line_break
separator_line "="
content_line "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译WireGuard模块\n如需使用请先前往自定义内核更新完整版内核文件"
separator_line "="
content_line "1) \033[32m启用/关闭\033[0mWireguard服务 \033[32m$wg_service\033[0m"
content_line ""
content_line "2) 设置\033[36mEndpoint地址\033[0m \033[36m$wg_server\033[0m"
content_line "3) 设置\033[36mEndpoint端口\033[0m \033[36m$wg_port\033[0m"
content_line "4) 设置\033[36m公钥-PublicKey\033[0m \033[36m$wgp_key_info\033[0m"
content_line "5) 设置\033[36m密钥-PresharedKey\033[0m \033[36m$wgpsk_key_info\033[0m"
content_line ""
content_line "6) 设置\033[33m私钥-PrivateKey\033[0m \033[33m$wgv_key_info\033[0m"
content_line "7) 设置\033[33m组网IPV4地址\033[0m \033[33m$wg_ipv4\033[0m"
content_line "8) 可选\033[33m组网IPV6地址\033[0m \033[33m$wg_ipv6\033[0m"
content_line ""
content_line "0) 返回上级菜单"
separator_line "="
comp_box "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译WireGuard模块\n如需使用请先前往自定义内核更新完整版内核文件"
btm_box "1) \033[32m启用/关闭\033[0mWireguard服务 \033[32m$wg_service\033[0m" \
"" \
"2) 设置\033[36mEndpoint地址\033[0m \033[36m$wg_server\033[0m" \
"3) 设置\033[36mEndpoint端口\033[0m \033[36m$wg_port\033[0m" \
"4) 设置\033[36m公钥-PublicKey\033[0m \033[36m$wgp_key_info\033[0m" \
"5) 设置\033[36m密钥-PresharedKey\033[0m \033[36m$wgpsk_key_info\033[0m" \
"" \
"6) 设置\033[33m私钥-PrivateKey\033[0m \033[33m$wgv_key_info\033[0m" \
"7) 设置\033[33m组网IPV4地址\033[0m \033[33m$wg_ipv4\033[0m" \
"8) 可选\033[33m组网IPV6地址\033[0m \033[33m$wg_ipv6\033[0m" \
"" \
"0) 返回上级菜单"
read -r -p "请输入对应标号> " num
case "$num" in
"" | 0)
@@ -736,11 +625,7 @@ set_wireguard() {
[ "$wg_service" = ON ] && wg_service=OFF || wg_service=ON
setconfig wg_service "$wg_service"
else
line_break
separator_line "="
content_line "\033[31m请先完成必选设置\033[0m"
separator_line "="
sleep 1
msg_alert "\033[31m请先完成必选设置\033[0m"
fi
;;
[1-8])
@@ -780,7 +665,6 @@ set_wireguard() {
;;
*)
errornum
sleep 1
;;
esac
done