From a1c95c2d828c0ace70bdf3c04bc12049d318fe3e Mon Sep 17 00:00:00 2001 From: juewuy Date: Sun, 6 Feb 2022 19:14:05 +0800 Subject: [PATCH] =?UTF-8?q?v1.5.2=20~=E5=A2=9E=E5=8A=A0DDNS=E8=84=9A?= =?UTF-8?q?=E6=9C=AC=20~=E4=BC=98=E5=8C=96=E5=AE=89=E8=A3=85=E8=84=9A?= =?UTF-8?q?=E6=9C=AC=20~SSH=E5=85=AC=E7=BD=91=E8=AE=BF=E9=97=AE=E5=8A=9F?= =?UTF-8?q?=E8=83=BD=E5=A2=9E=E5=8A=A0ipv6=E6=94=AF=E6=8C=81=20~=E4=BC=98?= =?UTF-8?q?=E5=8C=96Geosite=E8=87=AA=E5=8A=A8=E4=B8=8B=E8=BD=BD=E6=A3=80?= =?UTF-8?q?=E6=B5=8B=E6=9C=BA=E5=88=B6=20~=E5=B0=9D=E8=AF=95=E5=B1=8F?= =?UTF-8?q?=E8=94=BDOpenWrt=E8=87=AA=E5=B8=A653=E7=AB=AF=E5=8F=A3=E5=8A=AB?= =?UTF-8?q?=E6=8C=81=20~=E4=BB=A3=E7=A0=81=E4=BC=98=E5=8C=96=E5=8F=8Abug?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- install.sh | 6 ++---- scripts/clash.sh | 8 ++++++++ scripts/getdate.sh | 2 +- scripts/start.sh | 35 ++++++++++++++++------------------- 4 files changed, 27 insertions(+), 24 deletions(-) diff --git a/install.sh b/install.sh index 726cbcc..026815a 100644 --- a/install.sh +++ b/install.sh @@ -28,7 +28,7 @@ webget(){ [ "$3" = "echooff" ] && progress='-s' || progress='-#' [ -z "$4" ] && redirect='-L' || redirect='' result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2) - [ -z $(echo $result | grep -e ^2) && result="200" + [ -n "$(echo $result | grep -e ^2)" ] && result="200" else if wget --version > /dev/null 2>&1;then [ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress' @@ -44,7 +44,6 @@ webget(){ } #检查更新 [ -z "$url" ] && url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash" -#选择版本 echo ----------------------------------------------- $echo "\033[33m请选择想要安装的版本:\033[0m" $echo " 1 \033[32mShellclash正式版\033[0m" @@ -52,8 +51,7 @@ $echo " 2 \033[31mShellclash测试版\033[0m" echo ----------------------------------------------- read -p "请输入相应数字 > " num if [ -z $num ];then - echo 安装已取消 - exit 1; + echo 安装已取消! && exit 1; elif [ "$num" = "1" ];then webget /tmp/clashrelease $url/bin/release_version echoon rediroff 2>/tmp/clashrelease if [ "$result" = "200" ];then diff --git a/scripts/clash.sh b/scripts/clash.sh index fd01b34..2eadea9 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -1096,6 +1096,10 @@ streaming(){ } tools(){ ssh_tools(){ + stop_iptables(){ + iptables -t nat -D PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1 + ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1 + } [ -n "$(cat /etc/firewall.user 2>1 | grep '启用外网访问SSH服务')" ] && ssh_ol=禁止 || ssh_ol=开启 [ -z "$ssh_port" ] && ssh_port=10022 echo ----------------------------------------------- @@ -1125,6 +1129,7 @@ tools(){ ssh_port=$num setconfig ssh_port $ssh_port sed -i "/启用外网访问SSH服务/d" /etc/firewall.user + stop_iptables echo -e "\033[32m设置成功,请重新开启外网访问SSH功能!!!\033[0m" fi sleep 1 @@ -1138,11 +1143,14 @@ tools(){ elif [ "$num" = 3 ]; then if [ "$ssh_ol" = "开启" ];then iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 + [ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 echo "iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user + [ -n "$(command -v ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user echo ----------------------------------------------- echo -e "已开启外网访问SSH功能!" else sed -i "/启用外网访问SSH服务/d" /etc/firewall.user + stop_iptables echo ----------------------------------------------- echo -e "已禁止外网访问SSH!" fi diff --git a/scripts/getdate.sh b/scripts/getdate.sh index 9ce26ef..d05f3b1 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -975,7 +975,7 @@ userguide(){ [ "$res" = 1 ] && checkupdate && getcrt fi #设置加密DNS - $clashdir/start.sh webget /tmp/ssl_test https://www.baidu.com echooff rediron skipceroff + $clashdir/start.sh webget /tmp/ssl_test https://doh.pub echooff rediron skipceroff if [ "$?" = "0" ];then dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853' dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query' diff --git a/scripts/start.sh b/scripts/start.sh index 86554eb..8f1df33 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -13,23 +13,16 @@ getconfig(){ #默认设置 [ -z "$bindir" ] && bindir=$clashdir [ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式 - [ -z "$redir_mod" ] && redir_mod=Redir模式 + [ -z "$redir_mod" ] && redir_mod=纯净模式 [ -z "$skip_cert" ] && skip_cert=已开启 [ -z "$common_ports" ] && common_ports=已开启 [ -z "$dns_mod" ] && dns_mod=redir_host - [ -z "$dns_over" ] && dns_over=已开启 - [ -z "$modify_yaml" ] && modify_yaml=未开启 [ -z "$ipv6_support" ] && ipv6_support=未开启 [ -z "$ipv6_dns" ] && ipv6_dns=$ipv6_support - [ -z "$start_old" ] && start_old=未开启 - [ -z "$local_proxy" ] && local_proxy=未开启 [ -z "$mix_port" ] && mix_port=7890 [ -z "$redir_port" ] && redir_port=7892 [ -z "$db_port" ] && db_port=9999 [ -z "$dns_port" ] && dns_port=1053 - [ -z "$dns_redir" ] && dns_redir=未开启 - [ -z "$cn_ip_route" ] && cn_ip_route=未开启 - [ -z "$public_support" ] && public_support=未开启 [ -z "$stearming_int" ] && stearming_int=24 [ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5' [ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4' @@ -429,6 +422,11 @@ start_dns(){ ip6tables -I INPUT -p tcp --dport 53 -j REJECT > /dev/null 2>&1 ip6tables -I INPUT -p udp --dport 53 -j REJECT > /dev/null 2>&1 fi + #屏蔽OpenWrt内置53端口转发 + iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null + iptables -t nat -D PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null + ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null + ip6tables -t nat -D PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null } start_udp(){ ip rule add fwmark 1 table 100 @@ -653,15 +651,6 @@ bfstart(){ setconfig Geo_v $Geo_v fi fi - # if [ "$clashcore" = "clash.meta" -a ! -f $bindir/geosite.dat ];then - # if [ -f $clashdir/geosite.dat ];then - # mv $clashdir/geosite.dat $bindir/geosite.dat - # else - # logger "未找到geosite数据库,正在下载!" 33 - # $0 webget $bindir/geosite.dat $update_url/bin/geosite.dat - # [ "$?" = "1" ] && rm -rf $bindir/geosite.dat && logger "数据库下载失败,已退出!" 31 && exit 1 - # fi - # fi #检查dashboard文件 if [ -f $clashdir/ui/index.html -a ! -f $bindir/ui/index.html ];then cp -rf $clashdir/ui $bindir @@ -683,6 +672,16 @@ bfstart(){ exit 1 fi fi + #预下载Geosite数据库 + if [ "$clashcore" = "clash.meta" ] && [ ! -f $bindir/geosite.dat ] && [ -n "$(cat $clashdir/config.yaml|grep -Ei 'geosite')" ];then + if [ -f $clashdir/geosite.dat ];then + mv $clashdir/geosite.dat $bindir/geosite.dat + else + logger "未找到geosite数据库,正在下载!" 33 + $0 webget $bindir/geosite.dat $update_url/bin/geosite.dat + [ "$?" = "1" ] && rm -rf $bindir/geosite.dat && logger "数据库下载失败,已退出!" 31 && exit 1 + fi + fi #本机代理准备 if [ "$local_proxy" = "已开启" -a "$local_type" = "iptables增强模式" ];then if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then @@ -770,8 +769,6 @@ start) #检测必须文件并下载 bfstart stop_iptables #清理iptables - #使用内置规则强行覆盖config配置文件 - [ "$modify_yaml" != "已开启" ] && modify_yaml #使用不同方式启动clash服务 if [ "$start_old" = "已开启" ];then start_old