mirror of
https://github.com/juewuy/ShellCrash.git
synced 2026-03-11 07:51:45 +00:00
Merge branch 'master' into dev
This commit is contained in:
juewuy
@@ -1,7 +1,7 @@
|
||||
#!/bin/sh
|
||||
# Copyright (C) Juewuy
|
||||
|
||||
[ "$ts_service" = ON ] && {
|
||||
[ "$ts_service" = ON ] && grep -q '"tailscale"' "$CRASHDIR"/jsons/endpoints.json && {
|
||||
[ "$ts_subnet" = true ] && {
|
||||
. "$CRASHDIR"/starts/fw_getlanip.sh && getlanip
|
||||
advertise_routes=$(echo "$host_ipv4"|sed 's/[[:space:]]\+/", "/g; s/^/"/; s/$/"/')
|
||||
@@ -26,7 +26,7 @@
|
||||
EOF
|
||||
}
|
||||
|
||||
[ "$wg_service" = ON ] && {
|
||||
[ "$wg_service" = ON ] && grep -q '"wireguard"' "$CRASHDIR"/jsons/endpoints.json && {
|
||||
[ -n "$wg_ipv6" ] && wg_ipv6_add=", \"$wg_ipv6\""
|
||||
cat >"$TMPDIR"/jsons/wireguard.json <<EOF
|
||||
{
|
||||
|
||||
@@ -377,8 +377,8 @@ EOF
|
||||
provider_temp_file=$(grep "provider_temp_${coretype}" "$CRASHDIR"/configs/ShellCrash.cfg | awk -F '=' '{print $2}')
|
||||
fi
|
||||
echo "-----------------------------------------------"
|
||||
if [ -s "$TMPDIR/$provider_temp_file" ];then
|
||||
ln -sf "$TMPDIR/$provider_temp_file" "$TMPDIR"/provider_temp_file
|
||||
if [ -s "$provider_temp_file" ];then
|
||||
ln -sf "$provider_temp_file" "$TMPDIR"/provider_temp_file
|
||||
else
|
||||
echo -e "\033[33m正在获取在线模版!\033[0m"
|
||||
get_bin "$TMPDIR"/provider_temp_file "rules/${coretype}_providers/$provider_temp_file"
|
||||
@@ -469,7 +469,7 @@ EOF
|
||||
EOF
|
||||
}
|
||||
if [ -z "$(grep "provider_temp_${coretype}" "$CRASHDIR"/configs/ShellCrash.cfg)" ];then
|
||||
provider_temp_file="$TMPDIR/$(sed -n "1 p" "$CRASHDIR"/configs/${coretype}_providers.list | awk '{print $2}')"
|
||||
provider_temp_file="$(sed -n "1 p" "$CRASHDIR"/configs/${coretype}_providers.list | awk '{print $2}')"
|
||||
else
|
||||
provider_temp_file=$(grep "provider_temp_${coretype}" "$CRASHDIR"/configs/ShellCrash.cfg | awk -F '=' '{print $2}')
|
||||
fi
|
||||
|
||||
@@ -103,7 +103,7 @@ if echo "$crashcore" | grep -q 'singbox'; then
|
||||
if [ "$disoverride" != "1" ];then
|
||||
. "$CRASHDIR"/starts/singbox_modify.sh && modify_json
|
||||
else
|
||||
ln -sf "$core_config" "$TMPDIR"/configs/config.json
|
||||
ln -sf "$core_config" "$TMPDIR"/jsons/config.json
|
||||
fi
|
||||
else
|
||||
. "$CRASHDIR"/starts/clash_check.sh && clash_check
|
||||
|
||||
@@ -2,8 +2,8 @@
|
||||
getlanip() { #获取局域网host地址
|
||||
i=1
|
||||
while [ "$i" -le "20" ]; do
|
||||
host_ipv4=$(ip route show scope link | grep -Ev 'wan|utun|iot|peer|docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | grep -E ' 1(92|0|72)\.' | awk '{print $1}') #ipv4局域网网段
|
||||
[ "$ipv6_redir" = "ON" ] && host_ipv6=$(ip -6 route show | grep 'default' | awk '{print $3}') #ipv6公网地址段
|
||||
host_ipv4=$(ip route show scope link | grep -Ev 'wan|utun|iot|peer|docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | grep -E ' 1(92|0|72)\.' | awk '{print $1}' | tr '\n' ' ') #ipv4局域网网段
|
||||
[ "$ipv6_redir" = "ON" ] && host_ipv6=$(ip -6 route show | grep 'default' | awk '{print $3}' | tr '\n' ' ') #ipv6公网地址段
|
||||
[ -f "$TMPDIR"/ShellCrash.log ] && break
|
||||
[ -n "$host_ipv4" -a "$ipv6_redir" != "ON" ] && break
|
||||
[ -n "$host_ipv4" -a -n "$host_ipv6" ] && break
|
||||
@@ -13,7 +13,7 @@ getlanip() { #获取局域网host地址
|
||||
if [ "$replace_default_host_ipv4" == "ON" ]; then
|
||||
host_ipv4="$cust_host_ipv4"
|
||||
else
|
||||
host_ipv4="$host_ipv4$cust_host_ipv4"
|
||||
host_ipv4="$host_ipv4 $cust_host_ipv4"
|
||||
fi
|
||||
#缺省配置
|
||||
[ -z "$host_ipv4" ] && {
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
#!/bin/sh
|
||||
# Copyright (C) Juewuy
|
||||
|
||||
RESERVED_IP=$(echo $reserve_ipv4 | sed 's/ /, /g')
|
||||
RESERVED_IP6=$(echo "$reserve_ipv6 $host_ipv6" | sed 's/ /, /g')
|
||||
RESERVED_IP=$(echo $reserve_ipv4 | sed 's/[[:space:]]\+/, /g')
|
||||
RESERVED_IP6=$(echo "$reserve_ipv6 $host_ipv6" | sed 's/[[:space:]]\+/, /g')
|
||||
|
||||
add_ip6_route(){
|
||||
#过滤保留地址及本机地址
|
||||
@@ -22,9 +22,9 @@ add_ip6_route(){
|
||||
start_nft_route() { #nftables-route通用工具
|
||||
#$1:name $2:hook(prerouting/output) $3:type(nat/mangle/filter) $4:priority(-100/-150)
|
||||
[ "$common_ports" = "ON" ] && PORTS=$(echo $multiport | sed 's/,/, /g')
|
||||
[ "$1" = 'prerouting' ] && HOST_IP=$(echo $host_ipv4 | sed 's/ /, /g')
|
||||
[ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/ /, /g')"
|
||||
[ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/ /, /g')"
|
||||
[ "$1" = 'prerouting' ] && HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g')
|
||||
[ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/[[:space:]]\+/, /g')"
|
||||
[ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/[[:space:]]\+/, /g')"
|
||||
#添加新链
|
||||
nft add chain inet shellcrash $1 { type $3 hook $2 priority $4 \; }
|
||||
[ "$1" = 'prerouting_vm' ] && nft add rule inet shellcrash $1 ip saddr != {$HOST_IP} return #仅代理虚拟机流量
|
||||
@@ -83,10 +83,10 @@ start_nft_route() { #nftables-route通用工具
|
||||
}
|
||||
#局域网ipv6支持
|
||||
if [ "$ipv6_redir" = "ON" -a "$1" = 'prerouting' -a "$firewall_area" != 5 ]; then
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/ /, /g')
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g')
|
||||
add_ip6_route "$1"
|
||||
elif [ "$ipv6_redir" = "ON" -a "$1" = 'output' -a \( "$firewall_area" = 2 -o "$firewall_area" = 3 \) ]; then
|
||||
HOST_IP6="::1, $(echo $host_ipv6 | sed 's/ /, /g')"
|
||||
HOST_IP6="::1, $(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g')"
|
||||
add_ip6_route "$1"
|
||||
else
|
||||
nft add rule inet shellcrash $1 meta nfproto ipv6 return
|
||||
@@ -105,11 +105,11 @@ start_nft_route() { #nftables-route通用工具
|
||||
}
|
||||
start_nft_dns() { #nftables-dns
|
||||
[ "$1" = 'prerouting' ] && {
|
||||
HOST_IP=$(echo $host_ipv4 | sed 's/ /, /g')
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/ /, /g')
|
||||
HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g')
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g')
|
||||
}
|
||||
[ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/ /, /g')"
|
||||
[ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/ /, /g')"
|
||||
[ "$1" = 'output' ] && HOST_IP="127.0.0.0/8, $(echo $local_ipv4 | sed 's/[[:space:]]\+/, /g')"
|
||||
[ "$1" = 'prerouting_vm' ] && HOST_IP="$(echo $vm_ipv4 | sed 's/[[:space:]]\+/, /g')"
|
||||
nft add chain inet shellcrash "$1"_dns { type nat hook $2 priority -100 \; }
|
||||
#过滤非dns请求
|
||||
nft add rule inet shellcrash "$1"_dns udp dport != 53 return
|
||||
@@ -133,8 +133,8 @@ start_nft_dns() { #nftables-dns
|
||||
nft add rule inet shellcrash "$1"_dns tcp dport 53 redirect to "$dns_redir_port"
|
||||
}
|
||||
start_nft_wan() { #nftables公网防火墙
|
||||
HOST_IP=$(echo $host_ipv4 | sed 's/ /, /g')
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/ /, /g')
|
||||
HOST_IP=$(echo $host_ipv4 | sed 's/[[:space:]]\+/, /g')
|
||||
HOST_IP6=$(echo $host_ipv6 | sed 's/[[:space:]]\+/, /g')
|
||||
nft add chain inet shellcrash input { type filter hook input priority -100 \; }
|
||||
nft add rule inet shellcrash input iif lo accept #本机请求全放行
|
||||
#端口放行
|
||||
|
||||
@@ -7,7 +7,7 @@ else
|
||||
sleep 2
|
||||
kill $! >/dev/null 2>&1
|
||||
fi
|
||||
touch "CRASHDIR"/.start_error #标记启动失败,防止自启
|
||||
touch "$CRASHDIR"/.start_error #标记启动失败,防止自启
|
||||
error=$(cat "$TMPDIR"/core_test.log | grep -iEo 'error.*=.*|.*ERROR.*|.*FATAL.*')
|
||||
logger "服务启动失败!请查看报错信息!详细信息请查看$TMPDIR/core_test.log" 33
|
||||
logger "$error" 31
|
||||
|
||||
Reference in New Issue
Block a user