From b0ae77bdf630f5d8e3989336c402848446ff7461 Mon Sep 17 00:00:00 2001 From: juewuy Date: Sat, 10 Dec 2022 21:19:47 +0800 Subject: [PATCH] =?UTF-8?q?v1.6.13b=20~Tun=E7=BD=91=E5=8D=A1Redir-host?= =?UTF-8?q?=E6=94=AF=E6=8C=81=20~=E6=97=A5=E5=BF=97=E6=8E=A8=E9=80=81?= =?UTF-8?q?=E9=80=82=E9=85=8DPashDeer=20~ipv6=E5=87=BA=E5=8F=A3=E5=B1=8F?= =?UTF-8?q?=E8=94=BD=E6=9C=AC=E6=9C=BAWAN=E7=BD=91=E5=8D=A1=20~=E5=AE=89?= =?UTF-8?q?=E8=A3=85=E8=84=9A=E6=9C=AC=E4=BC=98=E5=8C=96=EF=BC=8C=E5=85=BC?= =?UTF-8?q?=E5=AE=B9zsh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- install.sh | 12 ++++++-- scripts/clash.sh | 12 ++++---- scripts/getdate.sh | 18 ++++++++---- scripts/start.sh | 70 +++++++++++++++++++++++----------------------- 4 files changed, 64 insertions(+), 48 deletions(-) diff --git a/install.sh b/install.sh index 897dddf..a18fd17 100644 --- a/install.sh +++ b/install.sh @@ -1,8 +1,8 @@ #! /bin/bash # Copyright (C) Juewuy -echo='echo -e' && [ -n "$(echo -e|grep e)" ] && echo=echo -#[ -z "$1" ] && test=0 || test=$1 +echo='echo -e' +[ -z "$1" ] && command -v bash &>/dev/null && { bash $0 0; exit;} echo "***********************************************" echo "** 欢迎使用 **" @@ -116,7 +116,7 @@ gettar(){ fi fi #修饰文件及版本号 - shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash + shtype=sh && command -v bash &>/dev/null && shtype=bash sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh chmod 755 $clashdir/start.sh setconfig versionsh_l $release_new @@ -132,6 +132,11 @@ gettar(){ echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> $profile #设置快捷命令环境变量 sed -i '/export clashdir=*/'d $profile echo "export clashdir=\"$clashdir\"" >> $profile #设置clash路径环境变量 + #适配zsh环境变量 + [ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && [ -z "$(cat ~/.zshrc 2>/dev/null|grep clashdir)" ] && { + echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> ~/.zshrc + echo "export clashdir=\"$clashdir\"" >> ~/.zshrc + } else echo 无法写入环境变量!请检查安装权限! exit 1 @@ -175,6 +180,7 @@ gettar echo ----------------------------------------------- echo ShellClash 已经安装成功! [ "$profile" = "~/.bashrc" ] && echo "请执行【source ~/.bashrc &> /dev/null】命令以加载环境变量!" +[ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && echo "请执行【source ~/.zshrc &> /dev/null】命令以加载环境变量!" echo ----------------------------------------------- $echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理!!!\033[0m" echo ----------------------------------------------- diff --git a/scripts/clash.sh b/scripts/clash.sh index f8dc45e..074476a 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -709,7 +709,7 @@ localproxy(){ echo -e " 1 \033[36m$proxy_set本机代理\033[0m" echo -e " 2 使用\033[32m环境变量\033[0m方式配置(部分应用可能无法使用)" [ -n "$(lsmod | grep ^xt_owner)" ] && echo -e " 3 使用\033[32miptables增强模式\033[0m配置(支持docker)" - type nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)" + command -v nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)" echo -e " 0 返回上级菜单" echo ----------------------------------------------- read -p "请输入对应数字 > " num @@ -796,13 +796,13 @@ setboot(){ 1) if [ "$autostart" = "enable" ]; then [ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null - type systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1 + command -v systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1 touch $clashdir/.dis_startup autostart=disable echo -e "\033[33m已禁止Clash开机启动!\033[0m" elif [ "$autostart" = "disable" ]; then [ -f /etc/rc.common ] && /etc/init.d/clash enable - type systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1 + command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1 rm -rf $clashdir/.dis_startup autostart=enable echo -e "\033[32m已设置Clash开机启动!\033[0m" @@ -926,7 +926,7 @@ clashcfg(){ } [ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && sup_tp=1 #[ -n "$(lsmod | grep '^tun')" ] || ip tuntap &>/dev/null && sup_tun=1 - type nft &> /dev/null && sup_nft=1 + command -v nft &> /dev/null && sup_nft=1 #[ -n "$(lsmod | grep 'nft_tproxy')" ] && sup_nft=2 echo ----------------------------------------------- echo -e "当前代理模式为:\033[47;30m $redir_mod \033[0m;Clash核心为:\033[47;30m $clashcore \033[0m" @@ -1170,8 +1170,9 @@ clashcfg(){ if [ -n "$(ipset -v 2>/dev/null)" -o -n "$(echo $redir_mod | grep Nft)" ];then if [ "$cn_ip_route" = "未开启" ]; then echo -e "\033[32m已开启CN_IP绕过内核功能!!\033[0m" + echo -e "\033[31m注意!!!此功能会导致全局模式及一切CN相关规则失效!!!\033[0m" cn_ip_route=已开启 - sleep 1 + sleep 2 else echo -e "\033[33m已禁用CN_IP绕过内核功能!!\033[0m" cn_ip_route=未开启 @@ -1814,6 +1815,7 @@ case "$1" in sed -i "/启用外网访问SSH服务/d" /etc/firewall.user sed -i '/ShellClash初始化/'d /etc/storage/started_script.sh 2>/dev/null sed -i '/ShellClash初始化/'d /jffs/.asusrouter 2>/dev/null + rm -rf $bindir rm -rf $clashdir rm -rf /etc/init.d/clash rm -rf /etc/systemd/system/clash.service diff --git a/scripts/getdate.sh b/scripts/getdate.sh index 3f24145..c259568 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -354,7 +354,7 @@ gettar(){ fi fi #修饰文件及版本号 - shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash + shtype=sh && command -v bash &>/dev/null && shtype=bash sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh chmod +x $clashdir/start.sh setconfig versionsh_l $release_new @@ -370,13 +370,20 @@ gettar(){ echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> $profile #设置快捷命令环境变量 sed -i '/export clashdir=*/'d $profile echo "export clashdir=\"$clashdir\"" >> $profile #设置clash路径环境变量 + #适配zsh环境变量 + [ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && { + echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> ~/.zshrc + echo "export clashdir=\"$clashdir\"" >> ~/.zshrc + } else echo 无法写入环境变量!请检查安装权限! exit 1 fi - #华硕/Padavan额外设置 + #梅林/Padavan额外设置 [ -n "$initdir" ] && { - sed -i '/ShellClash初始化/'d $initdir && touch $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir + sed -i '/ShellClash初始化/'d $initdir + touch $initdir + echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir setconfig initdir $initdir } #小米镜像化OpenWrt额外设置 @@ -396,6 +403,7 @@ gettar(){ rm -rf /tmp/clashfm.tar.gz rm -rf $clashdir/clash.service } + getsh(){ echo ----------------------------------------------- echo -e "当前脚本版本为:\033[33m $versionsh_l \033[0m" @@ -948,7 +956,7 @@ userguide(){ errornum forwhat elif [ "$num" = 1 ];then - if type nft &>/dev/null;then + if command -v nft &>/dev/null;then setconfig redir_mod "Nft模式" else setconfig redir_mod "Redir模式" @@ -1030,7 +1038,7 @@ userguide(){ sethost fi } - if type systemd >/dev/null 2>&1 ;then + if command -v systemd >/dev/null 2>&1 ;then echo ----------------------------------------------- echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务?\033[0m" echo -e "注意当前设备必须有公网IP才能从公网正常访问" diff --git a/scripts/start.sh b/scripts/start.sh index 743e85e..2ba09af 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -38,7 +38,7 @@ setconfig(){ compare(){ if [ ! -f $1 -o ! -f $2 ];then return 1 - elif type cmp >/dev/null 2>&1;then + elif command -v cmp >/dev/null 2>&1;then cmp -s $1 $2 else [ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1 @@ -253,7 +253,7 @@ EOF` exit 1 fi #检测并去除无效节点组 - [ -n "$url_type" ] && type xargs >/dev/null 2>&1 && { + [ -n "$url_type" ] && command -v xargs >/dev/null 2>&1 && { cat $yamlnew | grep -A 8 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/ rules:.*//g' | sed 's/- //g' | grep -E '#DIRECT $' | awk -F '#' '{print $1}' > /tmp/clash_proxies_$USER while read line ;do sed -i "/- $line/d" $yamlnew @@ -651,7 +651,7 @@ start_output(){ iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out } #Docker转发 - type docker &>/dev/null && { + command -v docker &>/dev/null && { iptables -t nat -N clash_docker iptables -t nat -A clash_docker -d 10.0.0.0/8 -j RETURN iptables -t nat -A clash_docker -d 127.0.0.0/8 -j RETURN @@ -715,29 +715,29 @@ start_tun(){ [ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j clash #设置ipv6转发 - # [ "$ipv6_redir" = "已开启" -a "$clashcore" = "clash.meta" ] && { - # ip -6 route add default dev utun table 101 - # ip -6 rule add fwmark 1 table 101 - # ip6tables -t mangle -N clashv6 - # ip6tables -t mangle -A clashv6 -p udp --dport 53 -j RETURN - # ip6tables -t mangle -A clashv6 -d ::1/128 -j RETURN - # ip6tables -t mangle -A clashv6 -d fc00::/7 -j RETURN - # ip6tables -t mangle -A clashv6 -d fe80::/10 -j RETURN - # if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then - # #mac白名单 - # for mac in $(cat $clashdir/mac); do - # ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j MARK --set-mark 1 - # done - # else - # #mac黑名单 - # for mac in $(cat $clashdir/mac); do - # ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j RETURN - # done - # ip6tables -t mangle -A clashv6 -j MARK --set-mark 1 - # fi - # ip6tables -t mangle -A PREROUTING -p udp $ports -j clashv6 - # [ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j clashv6 - # } + [ "$ipv6_redir" = "已开启" -a "$clashcore" = "clash.meta" ] && { + ip -6 route add default dev utun table 101 + ip -6 rule add fwmark 1 table 101 + ip6tables -t mangle -N clashv6 + ip6tables -t mangle -A clashv6 -p udp --dport 53 -j RETURN + ip6tables -t mangle -A clashv6 -d ::1/128 -j RETURN + ip6tables -t mangle -A clashv6 -d fc00::/7 -j RETURN + ip6tables -t mangle -A clashv6 -d fe80::/10 -j RETURN + if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then + #mac白名单 + for mac in $(cat $clashdir/mac); do + ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j MARK --set-mark 1 + done + else + #mac黑名单 + for mac in $(cat $clashdir/mac); do + ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j RETURN + done + ip6tables -t mangle -A clashv6 -j MARK --set-mark 1 + fi + ip6tables -t mangle -A PREROUTING -p udp $ports -j clashv6 + [ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j clashv6 + } } & } } @@ -829,20 +829,20 @@ start_wan(){ iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT iptables -A INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT iptables -A INPUT -p tcp --dport $mix_port -j REJECT - type ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null + command -v ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null } if [ "$public_support" = "已开启" ];then [ "$mix_port" != "7890" -a -n "$authentication" ] && { iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT - type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null + command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null } iptables -I INPUT -p tcp --dport $db_port -j ACCEPT - type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null + command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null fi } stop_firewall(){ #重置iptables相关规则 - type iptables >/dev/null 2>&1 && { + command -v iptables >/dev/null 2>&1 && { #redir iptables -t nat -D PREROUTING -p tcp $ports -j clash 2> /dev/null iptables -t nat -F clash 2> /dev/null @@ -884,7 +884,7 @@ stop_firewall(){ iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null } #重置ipv6规则 - type ip6tables >/dev/null 2>&1 && { + command -v ip6tables >/dev/null 2>&1 && { #redir ip6tables -t nat -D PREROUTING -p tcp -j clashv6 2> /dev/null ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellClash-IPV6_DNS-REJECT" -j REJECT 2> /dev/null @@ -924,7 +924,7 @@ stop_firewall(){ ip rule del fwmark 1 table 102 2> /dev/null ip route del local 172.16.0.0/12 dev lo table 102 2> /dev/null #重置nftables相关规则 - type nft >/dev/null 2>&1 && { + command -v nft >/dev/null 2>&1 && { nft flush table inet shellclash >/dev/null 2>&1 nft delete table inet shellclash >/dev/null 2>&1 } @@ -1091,7 +1091,7 @@ bfstart(){ #本机代理准备 if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then - if type userdel useradd groupmod &>/dev/null; then + if command -v userdel useradd groupmod &>/dev/null; then userdel shellclash 2>/dev/null useradd shellclash -u 7890 groupmod shellclash -g 7890 @@ -1158,7 +1158,7 @@ afstart(){ [ "$local_proxy" = "已开启" ] && [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port [ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output [ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft - type iptables >/dev/null 2>&1 && start_wan + command -v iptables >/dev/null 2>&1 && start_wan #标记启动时间 mark_time #加载定时任务 @@ -1182,7 +1182,7 @@ start_old(){ if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then su shellclash -c "$bindir/clash -d $bindir >/dev/null" & else - type nohup >/dev/null 2>&1 && nohup=nohup + command -v nohup >/dev/null 2>&1 && nohup=nohup $nohup $bindir/clash -d $bindir >/dev/null 2>&1 & fi afstart