xm/ShellCrash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

~修复和优化dns劫持问题

Browse Source 
~优化证书配置并修复跳过证书验证功能
~增加停止服务时清理缓存目录的功能
~修复对sub-store配置文件的支持
~更新在线订阅转换服务器地址
This commit is contained in:
juewuy
2025-12-01 18:17:47 +08:00
parent c8f738e8b2
commit 96ca1a167d
3 changed files with 24 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/servers.list
View File

@@ -9,7 +9,7 @@
202 http私人内测源(危险!非必要请勿使用) http://t.jwsc.eu.org 开发版 202 http私人内测源(危险!非必要请勿使用) http://t.jwsc.eu.org 开发版
401 作者提供,支持vless|hy2 https://sub.jwsc.eu.org ua 401 作者提供,支持vless|hy2 https://sub.jwsc.eu.org ua
402 肥羊提供(有广告),支持vless|hy2 https://sub.d1.mk diyua 402 肥羊提供(有广告),支持vless|hy2 https://api.v1.mk diyua
403 肥羊提供(有广告),支持vless|hy2 https://url.v1.mk diyua 403 肥羊提供(有广告),支持vless|hy2 https://url.v1.mk diyua
501 Acl4SSR全能优化版 https://github.com/juewuy/ShellCrash/raw/master/rules/ShellClash.ini (推荐) 501 Acl4SSR全能优化版 https://github.com/juewuy/ShellCrash/raw/master/rules/ShellClash.ini (推荐)

37
scripts/start.sh
View File

@@ -295,8 +295,10 @@ check_singbox_config() { #检查singbox配置文件
exit 1 exit 1
fi fi
#删除不兼容的旧版内容 #删除不兼容的旧版内容
sed -i 's/^.*"inbounds":/{"inbounds":/' "$core_config_new" [ "$(wc -l < "$core_config_new")" -lt 3 ] && {
sed -i 's/{[^{}]*"dns-out"[^{}]*}//g' "$core_config_new" sed -i 's/^.*"inbounds":/{"inbounds":/' "$core_config_new"
sed -i 's/{[^{}]*"dns-out"[^{}]*}//g' "$core_config_new"
}
#检测并去除无效策略组 #检测并去除无效策略组
[ -n "$url_type" ] && { [ -n "$url_type" ] && {
#获得无效策略组名称 #获得无效策略组名称
@@ -724,12 +726,8 @@ EOF
], ],
"rules": [ "rules": [
{ "action": "route", "server": "dns_fakeip", "strategy": "$strategy", "disable_cache": true, "rewrite_ttl": 1 }, { "clash_mode": "Global", "server": "$global_dns", "strategy": "$strategy", "disable_cache": true },
{ "action": "route", "server": "dns_proxy", "strategy": "$strategy", "disable_cache": true }, { "clash_mode": "Direct", "server": "dns_direct", "strategy": "$strategy", "disable_cache": true },
{ "action": "route", "server": "dns_direct", "strategy": "$strategy", "disable_cache": true },
{ "clash_mode": "Global", "server": "$global_dns" },
{ "clash_mode": "Direct", "server": "dns_direct" },
{ "domain_suffix": ["services.googleapis.cn"], "server": "dns_fakeip" }, { "domain_suffix": ["services.googleapis.cn"], "server": "dns_fakeip" },
$fake_ip_filter_domain $fake_ip_filter_domain
@@ -737,10 +735,7 @@ EOF
$fake_ip_filter_regex $fake_ip_filter_regex
$direct_dns $direct_dns
{ { "query_type": ["A", "AAAA"], "server": "dns_fakeip", "strategy": "$strategy", "disable_cache": true, "rewrite_ttl": 1 }
"query_type": ["A", "AAAA"],
"server": "dns_fakeip"
}
], ],
"strategy": "$strategy", "strategy": "$strategy",
"final": "dns_proxy", "final": "dns_proxy",
@@ -751,7 +746,7 @@ EOF
EOF EOF
#生成add_route.json #生成add_route.json
#域名嗅探配置 #域名嗅探配置
[ "$sniffer" = "已启用" ] && sniffer_set='{ "inbound": [ "redirect-in", "dns-in", "tproxy-in", "tun-in" ], "action": "sniff", "timeout": "500ms" },' [ "$sniffer" = "已启用" ] && sniffer_set='{ "inbound": [ "redirect-in", "tproxy-in", "tun-in" ], "action": "sniff", "timeout": "500ms" },'
cat >"$TMPDIR"/jsons/add_route.json <<EOF cat >"$TMPDIR"/jsons/add_route.json <<EOF
{ {
"route": { "route": {
@@ -761,6 +756,7 @@ EOF
}, },
"default_mark": $routing_mark, "default_mark": $routing_mark,
"rules": [ "rules": [
{ "inbound": [ "dns-in" ], "action": "hijack-dns" },
$sniffer_set $sniffer_set
{ "protocol": "dns", "action": "hijack-dns" }, { "protocol": "dns", "action": "hijack-dns" },
{ "clash_mode": [ "Direct" ], "outbound": "DIRECT" }, { "clash_mode": [ "Direct" ], "outbound": "DIRECT" },
@@ -781,6 +777,14 @@ EOF
# } # }
# } # }
# EOF # EOF
#生成certificate.json
cat >"$TMPDIR"/jsons/certificate.json <<EOF
{
"certificate": {
"store": "mozilla"
}
}
EOF
#生成inbounds.json #生成inbounds.json
[ -n "$authentication" ] && { [ -n "$authentication" ] && {
username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码 username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码
@@ -902,9 +906,9 @@ EOF
sed -i 's/"auto_detect_interface": true/"auto_detect_interface": false/g' "$TMPDIR"/jsons/route.json sed -i 's/"auto_detect_interface": true/"auto_detect_interface": false/g' "$TMPDIR"/jsons/route.json
#跳过本地tls证书验证 #跳过本地tls证书验证
if [ -z "$skip_cert" -o "$skip_cert" = "已开启" ]; then if [ -z "$skip_cert" -o "$skip_cert" = "已开启" ]; then
sed -i 's/"insecure": false/"insecure": true/' "$TMPDIR"/jsons/outbounds.json sed -i 's/"insecure": false/"insecure": true/' "$TMPDIR"/jsons/outbounds.json "$TMPDIR"/jsons/providers.json
else else
sed -i 's/"insecure": true/"insecure": false/' "$TMPDIR"/jsons/outbounds.json sed -i 's/"insecure": true/"insecure": false/' "$TMPDIR"/jsons/outbounds.json "$TMPDIR"/jsons/providers.json
fi fi
#判断可用并修饰outbounds&providers&route.json结尾 #判断可用并修饰outbounds&providers&route.json结尾
for file in outbounds providers route; do for file in outbounds providers route; do
@@ -2042,6 +2046,9 @@ stop)
unset_proxy #禁用本机代理 unset_proxy #禁用本机代理
fi fi
PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1 PID=$(pidof CrashCore) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
#清理缓存目录
rm -rf "$TMPDIR"/crash_start_time
rm -rf "$TMPDIR"/CrashCore.tar.gz
;; ;;
restart) restart)
$0 stop $0 stop

2
scripts/webget.sh
View File

@@ -464,7 +464,7 @@ EOF
"timeout": "3s" "timeout": "3s"
}, },
"override_tls": { "override_tls": {
"enabled": $override_tls, "enabled": true,
"insecure": $override_tls "insecure": $override_tls
} }
}, },