Merge branch 'master' into dev

docker/README.md

@@ -87,14 +87,10 @@ mkdir -p /root/ShellCrash
 ```shell
 docker run -d \
   ………………
-  -v /root/ShellCrash:/etc/ShellCrash \
+  -v shellcrash_configs:/etc/ShellCrash/configs \
   ………………
 ```
 
-------
-
-
-
 ------
 
 ## Compose Deployment（Compose部署）
@@ -102,8 +98,8 @@ docker run -d \
 ### 1. 创建宿主机目录并进入目录
 
 ```shell
-mkdir -p /root/ShellCrash
+mkdir -p /tmp/ShellCrash
-cd /root/ShellCrash
+cd /tmp/ShellCrash
 ```
 
 ### 2. 下载Compose模版
@@ -126,8 +122,29 @@ docker compose up -d
 
 ------
 
-### Notes
+## Delete（移除容器镜像或删除卷）
 
+### Docker删除容器
+
+```shell
+docker rm -f shellcrash
+```
+
+### Docker删除卷
+
+```shell
+docker volume rm shellcrash_configs
+```
+
+### Compose删除容器&卷
+
+```shell
+docker-compose down -v
+```
+
+## Notes
+
+- 内置公网防火墙功能无法管理宿主机网络，请自行做好宿主机7890/9999端口的网络防护！
 - 旁路由模式需要宿主机支持 `TUN`
 - macvlan 网络下宿主机默认无法直接访问容器 IP
 - 透明代理场景可能需要额外的网络规划

docker/compose.yml

@@ -16,9 +16,12 @@ services:
     sysctls:
       net.ipv4.ip_forward: 1
     volumes:
-      - /etc/ShellCrash:/root/ShellCrash
+      - shellcrash_configs:/etc/ShellCrash/configs:rw
     restart: unless-stopped
     
+volumes:
+  shellcrash_configs:
+  
 networks:
   macvlan_lan:
     name: macvlan_lan

scripts/libs/check_autostart.sh

@@ -3,6 +3,7 @@ check_autostart(){
 		[ ! -f "$CRASHDIR"/.dis_startup ] && return 0
 	elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
 		[ -n "$(find /etc/rc.d -name '*shellcrash')" ] && return 0
+		[ ! -f "$CRASHDIR"/.dis_startup ] && return 0
 	elif ckcmd systemctl; then
 		[ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && return 0
 	elif grep -q 's6' /proc/1/comm; then

scripts/libs/get_config.sh

@@ -16,7 +16,7 @@ routing_mark=$((fwmark + 2))
 
 [ -z "$dns_nameserver" ] && {
 	dns_nameserver='223.5.5.5, 1.2.4.8'
-	cat /proc/net/udp | grep -q '0035' && dns_nameserver='127.0.0.1'
+	nslookup localhost 127.0.0.1 >/dev/null 2>&1 && dns_nameserver='127.0.0.1'
 }
 [ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
 [ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"

scripts/libs/set_cron.sh

@@ -10,17 +10,19 @@ touch "$tmpcron"
 cronadd() { #定时任务工具
 	if crontab -h 2>&1 | grep -q '\-l'; then
         crontab "$1"
-	else
+	elif [ -f "$crondir/$USER" ];then
 		cat "$1" >"$crondir"/"$USER" && cru a REFRESH "0 0 1 1 * /bin/true" 2>/dev/null
+	else
+		echo "找不到可用的crond或者crontab应用！No available crond or crontab application can be found!"
 	fi
 }
 cronload() { #定时任务工具
-	if [ -f "$crondir/$USER" ];then
+	if crontab -h 2>&1 | grep -q '\-l'; then
-		cat "$crondir"/"$USER" 2>/dev/null
-	elif crontab -h 2>&1 | grep -q '\-l'; then
         crontab -l
+	elif [ -f "$crondir/$USER" ];then
+		cat "$crondir"/"$USER" 2>/dev/null
 	else
-		echo "找不到可用的crond或者crontab应用！No available crond or crontab application can be found!"
+		return 1
 	fi
 }
 cronset() { #定时任务设置

scripts/menu.sh

@@ -125,6 +125,7 @@ ckstatus() {
 		userguide=1
 		. "$CRASHDIR"/menus/userguide.sh && userguide
 		setconfig userguide 1
+		. "$CRASHDIR"/configs/ShellCrash.cfg
 	fi
 
 	# 检查执行权限

scripts/start.sh

@@ -37,7 +37,7 @@ case "$1" in
 start)
     [ -n "$(pidof CrashCore)" ] && $0 stop #禁止多实例
     stop_firewall                          #清理路由策略
-	rm -f "CRASHDIR"/.start_error #移除自启失败标记
+	rm -f "$CRASHDIR"/\.start_error #移除自启失败标记
     #使用不同方式启动服务
 	if [ "$firewall_area" = "5" ]; then #主旁转发
         . "$CRASHDIR"/starts/fw_start.sh

scripts/starts/afstart.sh

@@ -21,8 +21,6 @@ if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then
 	[ "$start_old" = "ON" ] && [ ! -L "$TMPDIR"/CrashCore ] && rm -f "$TMPDIR"/CrashCore	#删除缓存目录内核文件
 	. "$CRASHDIR"/starts/fw_start.sh										#配置防火墙流量劫持
 	date +%s >"$TMPDIR"/crash_start_time                                    #标记启动时间
-	#TG机器人守护进程
-	[ "$bot_tg_service" = ON ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_cron
 	#后台还原面板配置
 	[ -s "$CRASHDIR"/configs/web_save ] && {
 		. "$CRASHDIR"/libs/web_restore.sh
@@ -35,13 +33,14 @@ if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then
 	} &
 	ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 #Padavan保存/etc/storage
 	#加载定时任务
-	[ -s "$CRASHDIR"/task/cron ] && cronadd "$CRASHDIR"/task/cron
+	cronload | grep -v '^$' > "$TMPDIR"/cron_tmp
-	[ -s "$CRASHDIR"/task/running ] && {
+	[ -s "$CRASHDIR"/task/cron ] && cat "$CRASHDIR"/task/cron >> "$TMPDIR"/cron_tmp
-		cronload | grep -v '^$' | grep -vF "运行时每" >/tmp/cron_tmp
+	[ -s "$CRASHDIR"/task/running ] && cat "$CRASHDIR"/task/running >> "$TMPDIR"/cron_tmp
-		cat "$CRASHDIR"/task/running >> /tmp/cron_tmp
+	[ "$bot_tg_service" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程" >> "$TMPDIR"/cron_tmp
-		cronadd /tmp/cron_tmp
+	[ "$start_old" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程" >> "$TMPDIR"/cron_tmp
-	}
+	awk '!x[$0]++' "$TMPDIR"/cron_tmp > "$TMPDIR"/cron_tmp2 #删除重复行
-	[ "$start_old" = "ON" ] && cronset '保守模式守护进程' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程"
+	cronadd "$TMPDIR"/cron_tmp2
+	rm -f "$TMPDIR"/cron_tmp "$TMPDIR"/cron_tmp2
 	#加载条件任务
 	[ -s "$CRASHDIR"/task/afstart ] && { . "$CRASHDIR"/task/afstart; } &
 	[ -s "$CRASHDIR"/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && {

scripts/starts/bfstart.sh

@@ -8,7 +8,7 @@
 [ ! -f "$TMPDIR" ] && mkdir -p "$TMPDIR"
 
 #当上次启动失败时终止自启动
-[ -f "CRASHDIR"/.start_error ] && exit 1
+[ -f "$CRASHDIR"/.start_error ] && exit 1
 #加载工具
 . "$CRASHDIR"/libs/check_cmd.sh
 . "$CRASHDIR"/libs/check_target.sh

scripts/starts/start_legacy_wd.sh

@@ -2,6 +2,8 @@
 [ -z "$CRASHDIR" ] && CRASHDIR=$( cd $(dirname $0);cd ..;pwd)
 PIDFILE="/tmp/ShellCrash/$1.pid"
 
+[ -f "$CRASHDIR"/.start_error ] && [ ! -f /tmp/ShellCrash/crash_start_time ] && exit 1 #当启动失败后禁止开机自启动
+
 if [ -f "$PIDFILE" ]; then
 	PID="$(cat "$PIDFILE")"
 	if [ -n "$PID" ] && [ -d "/proc/$PID" ]; then