xm/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2026-03-10 23:41:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

~拆分脚本,大幅度优化结构

Browse Source
This commit is contained in:
juewuy
2025-12-21 22:11:05 +08:00
parent 1ed156f724
commit bf55553d63
18 changed files with 4922 additions and 3663 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/init.sh
View File

@@ -222,9 +222,9 @@ fi
#修饰文件及版本号
command -v bash >/dev/null 2>&1 && shtype=bash
[ -x /bin/ash ] && shtype=ash
for file in start.sh task.sh menu.sh; do
for file in start.sh menus/task.sh menu.sh; do
sed -i "s|/bin/sh|/bin/$shtype|" ${CRASHDIR}/${file} 2>/dev/null
chmod 755 ${CRASHDIR}/${file} 2>/dev/null
chmod +x ${CRASHDIR}/${file} 2>/dev/null
done
setconfig versionsh_l $version
#生成用于执行启动服务的变量文件
@@ -339,7 +339,6 @@ for file in fake_ip_filter mac web_save servers.list fake_ip_filter.list fallbac
mv -f ${CRASHDIR}/$file ${CRASHDIR}/configs/$file 2>/dev/null
done
#配置文件改名
mv -f ${CRASHDIR}/mark ${CRASHDIR}/configs/ShellCrash.cfg 2>/dev/null
mv -f ${CRASHDIR}/configs/ShellClash.cfg ${CRASHDIR}/configs/ShellCrash.cfg 2>/dev/null
#数据库改名
mv -f ${CRASHDIR}/geosite.dat ${CRASHDIR}/GeoSite.dat 2>/dev/null
@@ -355,7 +354,7 @@ mv -f ${CRASHDIR}/clash ${CRASHDIR}/CrashCore 2>/dev/null
for file in dropbear_rsa_host_key authorized_keys tun.ko ShellDDNS.sh; do
mv -f ${CRASHDIR}/$file ${CRASHDIR}/tools/$file 2>/dev/null
done
for file in cron task.sh task.list; do
for file in cron task.list; do
mv -f ${CRASHDIR}/$file ${CRASHDIR}/task/$file 2>/dev/null
done
#旧版文件清理
@@ -364,9 +363,10 @@ sed -i '/shellclash/d' /etc/passwd
sed -i '/shellclash/d' /etc/group
rm -rf /etc/init.d/clash
rm -rf ${CRASHDIR}/rules
rm -rf "$CRASHDIR/task/task.sh"
[ "$systype" = "mi_snapshot" -a "$CRASHDIR" != '/data/clash' ] && rm -rf /data/clash
for file in CrashCore clash.sh getdate.sh core.new clashservice log shellcrash.service mark? mark.bak; do
rm -rf ${CRASHDIR}/$file
rm -rf "$CRASHDIR/$file"
done
#旧版变量改名
sed -i "s/clashcore/crashcore/g" $configpath

7
scripts/libs/check_cmd.sh Normal file
View File

@@ -0,0 +1,7 @@
ckcmd() {
if command -v sh >/dev/null 2>&1;then
command -v "$1" >/dev/null 2>&1
else
type "$1" >/dev/null 2>&1
fi
}

5
scripts/libs/check_dir_avail.sh Normal file
View File

@@ -0,0 +1,5 @@
#检查目录剩余空间——$1:目标路径 $2:-h参数
dir_avail(){
df -h >/dev/null 2>&1 && h="$2"
df $h "$1" |awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' |grep -E 'Ava|可用' |awk '{print $2}'
}

9
scripts/libs/set_config.sh Normal file
View File

@@ -0,0 +1,9 @@
#参数1代表变量名参数2代表变量值,参数3即文件路径
setconfig() {
[ -z "$3" ] && configpath="$CRASHDIR"/configs/ShellCrash.cfg || configpath="${3}"
if grep -q "^${1}=" "$configpath"; then
sed -i "s#^${1}=.*#^${1}=${2}#g" "$configpath"
else
printf '%s=%s\n' "$1" "$2" >>"$configpath"
fi
}

2132
scripts/menu.sh
View File

File diff suppressed because it is too large Load Diff

28
scripts/menus/check_port.sh
View File

@@ -1,17 +1,17 @@
#!/bin/sh
# Copyright (C) Juewuy
if [ $1 -gt 65535 -o $1 -le 1 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
exit 1
elif [ -n "$(echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep "|$1|")" ]; then
echo -e "\033[31m输入错误请不要输入重复的端口\033[0m"
exit 1
elif [ -n "$(netstat -ntul | grep ":$1 ")" ]; then
echo -e "\033[31m当前端口已被其他进程占用请重新输入\033[0m"
exit 1
else
exit 0
fi
check_port(){
if [ "$1" -gt 65535 -o "$1" -le 1 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
return 1
elif [ -n "$(echo "|$mix_port|$redir_port|$dns_port|$db_port|" | grep "|$1|")" ]; then
echo -e "\033[31m输入错误请不要输入重复的端口\033[0m"
return 1
elif [ -n "$(netstat -ntul | grep ":$1 ")" ]; then
echo -e "\033[31m当前端口已被其他进程占用请重新输入\033[0m"
return 1
else
return 0
fi
}

1177
scripts/menus/core_config.sh Normal file
View File

File diff suppressed because it is too large Load Diff

179
scripts/menus/ddns.sh Normal file
View File

@@ -0,0 +1,179 @@
#! /bin/bash
# Copyright (C) Juewuy
ddns_menu(){
echo -----------------------------------------------
echo -e "\033[30;46m欢迎使用DDNS\033[0m"
load_ddns
}
add_ddns() {
cat >>$ddns_dir <<EOF
config service '$service'
option enabled '1'
option force_unit 'hours'
option lookup_host '$domain'
option service_name '$service_name'
option domain '$domain'
option username '$username'
option use_https '0'
option use_ipv6 '$use_ipv6'
option password '$password'
option ip_source 'web'
option ip_url 'http://ip.sb'
option check_unit 'minutes'
option check_interval '$check_interval'
option force_interval '$force_interval'
option interface 'wan'
option bind_network 'wan'
EOF
/usr/lib/ddns/dynamic_dns_updater.sh -S $service start >/dev/null 2>&1 &
sleep 3
echo 服务已经添加!
}
set_ddns() {
echo -----------------------------------------------
read -p "请输入你的域名 > " str
[ -z "$str" ] && domain=$domain || domain=$str
echo -----------------------------------------------
read -p "请输入用户名或邮箱 > " str
[ -z "$str" ] && username=$username || username=$str
echo -----------------------------------------------
read -p "请输入密码或令牌秘钥 > " str
[ -z "$str" ] && password=$password || password=$str
echo -----------------------------------------------
read -p "请输入检测更新间隔(单位:分钟;默认为10) > " check_interval
[ -z "$check_interval" ] || [ "$check_interval" -lt 1 -o "$check_interval" -gt 1440 ] && check_interval=10
echo -----------------------------------------------
read -p "请输入强制更新间隔(单位:小时;默认为24) > " force_interval
[ -z "$force_interval" ] || [ "$force_interval" -lt 1 -o "$force_interval" -gt 240 ] && force_interval=24
echo -----------------------------------------------
echo -e "请核对如下信息:"
echo -e "服务商: \033[32m$service\033[0m"
echo -e "域名: \033[32m$domain\033[0m"
echo -e "用户名: \033[32m$username\033[0m"
echo -e "检测间隔: \033[32m$check_interval\033[0m"
echo -----------------------------------------------
read -p "确认添加?(1/0) > " res
[ "$res" = 1 ] && add_ddns || set_ddns
}
set_ddns_service() {
services_dir=/etc/ddns/$serv
[ -s $services_dir ] || services_dir=/usr/share/ddns/list
echo -----------------------------------------------
echo -e "\033[32m请选择服务提供商\033[0m"
cat $services_dir | grep -v '^#' | awk '{print " "NR" " $1}'
nr=$(cat $services_dir | grep -v '^#' | wc -l)
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
i=
elif [ "$num" -gt 0 -a "$num" -lt $nr ]; then
service_name=$(cat $services_dir | grep -v '^#' | awk '{print $1}' | sed -n "$num"p | sed 's/"//g')
service=$(echo $service_name | sed 's/\./_/g')
set_ddns
else
echo "输入错误,请重新输入!"
sleep 1
set_ddns_service
fi
}
set_ddns_type() {
echo -----------------------------------------------
echo -e "\033[32m请选择网络模式\033[0m"
echo -e " 1 \033[36mIPV4\033[0m"
echo -e " 2 \033[36mIPV6\033[0m"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
i=
elif [ "$num" = 1 ]; then
use_ipv6=0
serv=services
set_ddns_service
elif [ "$num" = 2 ]; then
use_ipv6=1
serv=services_ipv6
set_ddns_service
else
echo "输入错误,请重新输入!"
sleep 1
set_ddns_type
fi
}
rev_ddns_service() {
enabled=$(uci show ddns.$service | grep 'enabled' | awk -F "=" '{print $2}' | tr -d "'\"")
[ "$enabled" = 1 ] && enabled_b="停用" || enabled_b="启用"
echo -----------------------------------------------
echo -e " 1 \033[32m立即更新\033[0m"
echo -e " 2 编辑当前服务\033[0m"
echo -e " 3 $enabled_b当前服务"
echo -e " 4 移除当前服务"
echo -e " 5 查看运行日志"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
/usr/lib/ddns/dynamic_dns_updater.sh -S $service start >/dev/null 2>&1 &
sleep 3
elif [ "$num" = 2 ]; then
domain=$(uci show ddns.$service | grep 'domain' | awk -F "=" '{print $2}' | tr -d "'\"")
username=$(uci show ddns.$service | grep 'username' | awk -F "=" '{print $2}' | tr -d "'\"")
password=$(uci show ddns.$service | grep 'password' | awk -F "=" '{print $2}' | tr -d "'\"")
service_name=$(uci show ddns.$service | grep 'service_name' | awk -F "=" '{print $2}' | tr -d "'\"")
uci delete ddns.$service
set_ddns
elif [ "$num" = 3 ]; then
[ "$enabled" = 1 ] && uci set ddns.$service.enabled='0' || uci set ddns.$service.enabled='1' && sleep 3
uci commit ddns.$service
elif [ "$num" = 4 ]; then
uci delete ddns.$service
uci commit ddns.$service
elif [ "$num" = 5 ]; then
echo -----------------------------------------------
cat /var/log/ddns/$service.log 2>/dev/null
sleep 1
fi
}
load_ddns() {
ddns_dir=/etc/config/ddns
tmp_dir="$TMPDIR"/ddns
[ ! -f "$ddns_dir" ] && {
echo -e "\033[31m本脚本依赖OpenWrt内置的DDNS服务,当前设备无法运行,已退出!\033[0m"
sleep 1
return 1
}
nr=0
cat $ddns_dir | grep 'config service' | awk '{print $3}' | sed "s/\'//g" | sed "s/\"//g" >$tmp_dir
echo -----------------------------------------------
echo -e "列表 域名 启用 IP地址"
echo -----------------------------------------------
for service in $(cat $tmp_dir); do
#echo $service >>$tmp_dir
nr=$((nr + 1))
enabled=$(uci show ddns.$service 2>/dev/null | grep 'enabled' | awk -F "=" '{print $2}' | tr -d "'\"")
domain=$(uci show ddns.$service 2>/dev/null | grep 'domain' | awk -F "=" '{print $2}' | tr -d "'\"")
local_ip=$(sed '1!G;h;$!d' /var/log/ddns/$service.log 2>/dev/null | grep -E 'Registered IP' | tail -1 | awk -F "'" '{print $2}' | tr -d "'\"")
echo -e " $nr $domain $enabled $local_ip"
done
echo -e " $((nr + 1)) 添加DDNS服务"
echo -e " 0 退出"
echo -----------------------------------------------
read -p "请输入对应序号 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ "$num" -gt $nr ]; then
set_ddns_type
load_ddns
elif [ "$num" -gt 0 -a "$num" -le $nr ]; then
service=$(cat $tmp_dir | sed -n "$num"p)
rev_ddns_service
load_ddns
else
echo "请输入正确数字!" && load_ddns
fi
rm -rf $tmp_dir
}

258
scripts/menus/dns.sh Normal file
View File

@@ -0,0 +1,258 @@
#!/bin/sh
# Copyright (C) Juewuy
set_dns_mod() { #DNS模式设置
echo "-----------------------------------------------"
echo -e "当前DNS运行模式为\033[47;30m $dns_mod \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo "-----------------------------------------------"
echo -e " 1 fake-ip模式 响应快,\033[33m兼容性较差\033[0m"
echo -e " 不支持CN-IP绕过功能"
echo -e " 2 redir_host模式\033[33m不安全易被污染\033[0m"
echo -e " 建议搭配第三方DNS服务使用"
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
echo -e " 3 mix混合模式 \033[32m防污染防泄露响应快推荐\033[0m"
echo -e " cn域名realip其他fakeip分流"
echo -e " 4 route模式 \033[32m防污染防泄露全真实IP\033[0m"
echo -e " cn域名realip其他dns2proxy分流"
fi
[ "$dns_mod" = "fake-ip" ] || [ "$dns_mod" = "mix" ] &&
echo -e " 8 管理Fake-ip过滤列表"
echo -e " 9 \033[36mDNS进阶设置\033[0m"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
dns_mod=fake-ip
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
set_dns_mod
;;
2)
dns_mod=redir_host
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
set_dns_mod
;;
3)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=mix
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
set_dns_mod
;;
4)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=route
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
set_dns_mod
;;
8)
echo "-----------------------------------------------"
fake_ip_filter
set_dns_mod
;;
9)
set_dns_adv
set_dns_mod
;;
*)
errornum
;;
esac
}
fake_ip_filter() {
echo -e "\033[32m用于解决Fake-ip模式下部分地址或应用无法连接的问题\033[0m"
echo -e "\033[31m脚本已经内置了大量地址你只需要添加出现问题的地址\033[0m"
echo -e "\033[36m示例a.b.com"
echo -e "示例:*.b.com"
echo -e "示例:*.*.b.com\033[0m"
echo "-----------------------------------------------"
if [ -s ${CRASHDIR}/configs/fake_ip_filter ]; then
echo -e "\033[33m已添加Fake-ip过滤地址\033[0m"
cat ${CRASHDIR}/configs/fake_ip_filter | awk '{print NR" "$1}'
else
echo -e "\033[33m你还未添加Fake-ip过滤地址\033[0m"
fi
echo "-----------------------------------------------"
echo -e "\033[32m输入数字直接移除对应地址输入地址直接添加\033[0m"
read -p "请输入数字或地址 > " input
case "$input" in
0) ;;
'') ;;
*)
if [ $input -ge 1 ] 2>/dev/null; then
sed -i "${input}d" ${CRASHDIR}/configs/fake_ip_filter 2>/dev/null
echo -e "\033[32m移除成功\033[0m"
else
echo -e "你输入的地址是:\033[32m$input\033[0m"
read -p "确认添加?(1/0) > " res
[ "$res" = 1 ] && echo $input >>${CRASHDIR}/configs/fake_ip_filter
fi
sleep 1
fake_ip_filter
;;
esac
}
set_dns_adv() { #DNS详细设置
[ -z "$dns_nameserver" ] && dns_nameserver='223.5.5.5, 1.2.4.8'
[ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
[ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"
[ -z "$hosts_opt" ] && hosts_opt=已启用
[ -z "$dns_protect" ] && dns_protect=ON
[ -z "$dns_redir" ] && dns_redir=未开启
[ -z "$dns_no" ] && dns_no=未禁用
echo "-----------------------------------------------"
echo -e "当前基础DNS\033[32m$dns_nameserver\033[0m"
echo -e "PROXY-DNS\033[36m$dns_fallback\033[0m"
echo -e "解析DNS\033[33m$dns_resolver\033[0m"
echo -e "多个DNS地址请用\033[30;47m“|”\033[0m或者\033[30;47m“, ”\033[0m分隔输入"
echo -e "\033[33m必须拥有本地根证书文件才能使用dot/doh类型的加密dns\033[0m"
echo -e "\033[31m注意singbox内核只有首个dns会被加载\033[0m"
echo "-----------------------------------------------"
echo -e " 1 修改\033[32m基础DNS\033[0m"
echo -e " 2 修改\033[36mPROXY-DNS\033[0m(该DNS查询会经过节点)"
echo -e " 3 修改\033[33m解析DNS\033[0m(必须是IP,用于解析其他DNS)"
echo -e " 4 DNS防泄漏 \033[36m$dns_protect\033[0m ———启用时少量网站可能连接卡顿"
echo -e " 5 hosts优化 \033[36m$hosts_opt\033[0m ———调用本机hosts并劫持NTP服务"
#echo -e " 6 Dnsmasq转发\033[36m$dns_redir\033[0m ———不推荐使用"
echo -e " 7 禁用DNS劫持\033[36m$dns_no\033[0m ———搭配第三方DNS使用"
echo -e " 8 一键配置\033[32m加密DNS\033[0m"
echo -e " 9 \033[33m重置\033[0m默认DNS配置"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
read -p "请输入新的DNS > " dns_nameserver
dns_nameserver=$(echo $dns_nameserver | sed 's#|#\,\ #g')
if [ -n "$dns_nameserver" ]; then
setconfig dns_nameserver "'$dns_nameserver'"
echo -e "\033[32m设置成功\033[0m"
fi
sleep 1
set_dns_adv
;;
2)
read -p "请输入新的DNS > " dns_fallback
dns_fallback=$(echo $dns_fallback | sed 's/|/\,\ /g')
if [ -n "$dns_fallback" ]; then
setconfig dns_fallback "'$dns_fallback'"
echo -e "\033[32m设置成功\033[0m"
fi
sleep 1
set_dns_adv
;;
3)
read -p "请输入新的DNS > " text
if echo "$text" | grep -qE '://.*::'; then
echo -e "\033[31m此选项暂不支持ipv6加密DNS\033[0m"
elif [ -n "$text" ]; then
dns_resolver=$(echo $text | sed 's/|/\,\ /g')
setconfig dns_resolver "'$dns_resolver'"
echo -e "\033[32m设置成功\033[0m"
fi
sleep 1
set_dns_adv
;;
4)
[ "$dns_protect" = "ON" ] && dns_protect=OFF || dns_protect=ON
setconfig dns_protect $dns_protect
set_dns_adv
;;
5)
echo "-----------------------------------------------"
if [ "$hosts_opt" = "已启用" ]; then
hosts_opt=未启用
echo -e "\033[32m已禁用hosts优化功能\033[0m"
else
hosts_opt=已启用
echo -e "\033[33m已启用hosts优化功能\033[0m"
fi
setconfig hosts_opt $hosts_opt
sleep 1
set_dns_adv
;;
6)
echo "-----------------------------------------------"
if [ "$dns_redir" = "未开启" ]; then
echo -e "\033[31m将使用OpenWrt中Dnsmasq插件自带的DNS转发功能转发DNS请求至内核\033[0m"
echo -e "\033[33m启用后将禁用本插件自带的iptables转发功能\033[0m"
dns_redir=已开启
echo -e "\033[32m已启用Dnsmasq转发DNS功能\033[0m"
else
uci del dhcp.@dnsmasq[-1].server
uci set dhcp.@dnsmasq[0].noresolv=0
uci commit dhcp
/etc/init.d/dnsmasq restart
echo -e "\033[33m禁用成功如有报错请重启设备\033[0m"
dns_redir=未开启
fi
setconfig dns_redir $dns_redir
sleep 1
set_dns_adv
;;
7)
echo "-----------------------------------------------"
if [ "$dns_no" = "未禁用" ]; then
echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用!\033[0m"
dns_no=已禁用
echo -e "\033[32m已禁用DNS劫持\033[0m"
else
dns_no=未禁用
echo -e "\033[33m已启用DNS劫持\033[0m"
fi
setconfig dns_no $dns_no
sleep 1
set_dns_adv
;;
8)
echo "-----------------------------------------------"
openssldir="$(openssl version -d 2>&1 | awk -F '"' '{print $2}')"
if [ -s "$openssldir/certs/ca-certificates.crt" ] || [ -s "/etc/ssl/certs/ca-certificates.crt" ] ||
echo "$crashcore" | grep -qE 'meta|singbox'; then
dns_nameserver='https://dns.alidns.com/dns-query, https://doh.pub/dns-query'
dns_fallback='https://cloudflare-dns.com/dns-query, https://dns.google/dns-query, https://doh.opendns.com/dns-query'
dns_resolver='https://223.5.5.5/dns-query, 2400:3200::1'
setconfig dns_nameserver "'$dns_nameserver'"
setconfig dns_fallback "'$dns_fallback'"
setconfig dns_resolver "'$dns_resolver'"
echo -e "\033[32m已设置加密DNS如出现DNS解析问题请尝试重置DNS配置\033[0m"
else
echo -e "\033[31m找不到根证书文件无法启用加密DNSLinux系统请自行搜索安装OpenSSL的方式\033[0m"
fi
sleep 1
set_dns_adv
;;
9)
dns_nameserver=
dns_fallback=
dns_resolver=
setconfig dns_nameserver
setconfig dns_fallback
setconfig dns_resolver
echo -e "\033[33mDNS配置已重置\033[0m"
sleep 1
set_dns_adv
;;
*)
errornum
sleep 1
;;
esac
}

22
scripts/menus/gateway.sh
View File

@@ -1,17 +1,14 @@
#!/bin/sh
# Copyright (C) Juewuy
CFG="$CRASHDIR"/configs/gateway.cfg
touch "$CFG"
. "$CFG"
. "$GT_CFG_PATH"
gateway(){ #访问与控制主菜单
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用访问与控制菜单\033[0m"
echo -----------------------------------------------
echo -e " 1 配置公网访问防火墙"
echo -e " 2 配置Telegram专属控制机器人 \033[32m$bot_tg_service\033[0m"
echo -e " 3 配置DDNS自动域名"
echo -e " 1 配置\033[33m公网访问防火墙\033[0m"
echo -e " 2 配置\033[36mTelegram专属控制机器人\033[0m \033[32m$bot_tg_service\033[0m"
echo -e " 3 配置\033[36mDDNS自动域名\033[0m"
[ "$disoverride" != "1" ] && {
echo -e " 4 自定义\033[33m公网Vmess入站\033[0m节点 \033[32m$vms_service\033[0m"
echo -e " 5 自定义\033[33m公网ShadowSocks入站\033[0m节点 \033[32m$sss_service\033[0m"
@@ -32,7 +29,7 @@ gateway(){ #访问与控制主菜单
gateway
;;
3)
set_ddns
. "$CRASHDIR"/menus/ddns.sh && ddns_menu
gateway
;;
4)
@@ -193,9 +190,6 @@ set_bot_tg(){
;;
esac
}
set_ddns(){
echo 等待施工
}
set_vmess(){
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m启动内核服务后会自动开放相应端口公网访问请谨慎使用\n 脚本只提供基础功能,更多需求请使用自定义配置文件功能!"
@@ -224,7 +218,8 @@ set_vmess(){
2)
read -p "请输入端口号(输入0删除) > " text
[ "$text" = 0 ] && unset vms_port
if sh "$CRASHDIR"/menus/check_port.sh "$text"; then
. "$CRASHDIR"/menus/check_port.sh
if check_port "$text"; then
vms_port="$text"
setconfig vms_port "$text" "$CFG"
else
@@ -293,7 +288,8 @@ set_shadowsocks(){
2)
read -p "请输入端口号(输入0删除) > " text
[ "$text" = 0 ] && unset sss_port
if sh "$CRASHDIR"/menus/check_port.sh "$text"; then
. "$CRASHDIR"/menus/check_port.sh
if check_port "$text"; then
sss_port="$text"
setconfig sss_port "$text" "$CFG"
else

422
scripts/menus/normal_set.sh
View File

@@ -1,422 +0,0 @@
#!/bin/sh
# Copyright (C) Juewuy
normal_set() { #基础设置
#获取设置默认显示
[ -z "$skip_cert" ] && skip_cert=已开启
[ -z "$common_ports" ] && common_ports=已开启
[ -z "$dns_mod" ] && dns_mod=fake-ip
[ -z "$dns_over" ] && dns_over=已开启
[ -z "$cn_ip_route" ] && cn_ip_route=未开启
[ -z "$local_proxy" ] && local_proxy=未开启
[ -z "$quic_rj" ] && quic_rj=未开启
[ -z "$(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null)" ] && mac_return=未开启 || mac_return=已启用
#
echo "-----------------------------------------------"
echo -e "\033[30;47m欢迎使用功能设置菜单\033[0m"
echo "-----------------------------------------------"
echo -e " 1 切换防火墙运行模式: \033[36m$redir_mod\033[0m"
[ "$disoverride" != "1" ] && {
echo -e " 2 切换DNS运行模式 \033[36m$dns_mod\033[0m"
echo -e " 3 跳过本地证书验证: \033[36m$skip_cert\033[0m ————解决节点证书验证错误"
}
echo -e " 4 设置流量过滤"
[ "$disoverride" != "1" ] && {
[ "$dns_mod" != "redir_host" ] &&
echo -e " 9 管理Fake-ip过滤列表"
}
echo "-----------------------------------------------"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
1)
if [ "$USER" != "root" -a "$USER" != "admin" ]; then
echo "-----------------------------------------------"
read -p "非root用户可能无法正确配置其他模式依然尝试吗(1/0) > " res
[ "$res" = 1 ] && set_redir_mod
else
set_redir_mod
fi
normal_set
;;
2)
set_dns_mod
sleep 1
normal_set
;;
4)
set_fw_filter
sleep 1
normal_set
;;
3)
echo "-----------------------------------------------"
if [ "$skip_cert" = "未开启" ] >/dev/null 2>&1; then
echo -e "\033[33m已设为开启跳过本地证书验证\033[0m"
skip_cert=已开启
else
echo -e "\033[33m已设为禁止跳过本地证书验证\033[0m"
skip_cert=未开启
fi
setconfig skip_cert $skip_cert
normal_set
;;
9)
echo "-----------------------------------------------"
fake_ip_filter
normal_set
;;
*)
errornum
;;
esac
}
set_fw_filter(){ #流量过滤
echo "-----------------------------------------------"
echo -e " 1 过滤非常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量"
echo -e " 2 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤"
echo -e " 3 过滤QUIC协议: \033[36m$quic_rj\033[0m ————优化视频性能"
[ "$dns_mod" != "fake-ip" ] &&
echo -e " 4 过滤CN_IP(6)列表: \033[36m$cn_ip_route\033[0m ————优化性能不兼容Fake-ip"
echo -e " 5 自定义透明路由ipv4网段: 适合vlan等复杂网络环境"
echo -e " 6 自定义保留地址ipv4网段: 需要以保留地址为访问目标的环境"
echo "-----------------------------------------------"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
1)
set_common_ports() {
if [ "$common_ports" = "未开启" ]; then
echo -e "\033[33m当前代理端口为$multiport】\033[0m"
echo -e "\033[31m注意fake-ip模式下非常用端口的域名连接将不受影响\033[0m"
read -p "是否修改默认端口?(1/0) > " res
[ "$res" = "1" ] && {
read -p "请输入自定义端口,注意用小写逗号分隔 > " text
[ -n "$text" ] && setconfig multiport $text && echo -e "\033[33m已设为代理【$multiport】端口!!\033[0m"
}
common_ports=已开启
sleep 1
else
echo -e "\033[33m已设为代理全部端口\033[0m"
common_ports=未开启
fi
setconfig common_ports $common_ports
}
echo "-----------------------------------------------"
if [ -n "$(pidof CrashCore)" ]; then
read -p "切换时将停止服务,是否继续?(1/0) > " res
[ "$res" = 1 ] && ${CRASHDIR}/start.sh stop && set_common_ports
else
set_common_ports
fi
set_fw_filter
;;
2)
checkcfg_mac=$(cat ${CRASHDIR}/configs/mac)
fw_filter_lan
if [ -n "$PID" ]; then
checkcfg_mac_new=$(cat ${CRASHDIR}/configs/mac)
[ "$checkcfg_mac" != "$checkcfg_mac_new" ] && checkrestart
fi
set_fw_filter
;;
3)
echo "-----------------------------------------------"
if [ -n "$(echo "$redir_mod" | grep -oE '混合|Tproxy|Tun')" ]; then
if [ "$quic_rj" = "未开启" ]; then
echo -e "\033[33m已禁止QUIC流量通过ShellCrash内核\033[0m"
quic_rj=已启用
else
echo -e "\033[33m已取消禁止QUIC协议流量\033[0m"
quic_rj=未开启
fi
setconfig quic_rj $quic_rj
else
echo -e "\033[33m当前模式默认不会代理UDP流量无需设置\033[0m"
fi
sleep 1
set_fw_filter
;;
4)
if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = 'nftables' ]; then
if [ "$cn_ip_route" = "未开启" ]; then
echo -e "\033[32m已开启CN_IP绕过内核功能\033[0m"
echo -e "\033[31m注意此功能会导致全局模式及一切CN相关规则失效\033[0m"
cn_ip_route=已开启
sleep 2
else
echo -e "\033[33m已禁用CN_IP绕过内核功能\033[0m"
cn_ip_route=未开启
fi
setconfig cn_ip_route $cn_ip_route
else
echo -e "\033[31m当前设备缺少ipset模块或未使用nftables模式无法启用绕过功能\033[0m"
sleep 1
fi
set_fw_filter
;;
5)
set_cust_host_ipv4
set_fw_filter
;;
6)
[ -z "$reserve_ipv4" ] && reserve_ipv4="0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 100.64.0.0/10 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4"
echo -e "当前网段:\033[36m$reserve_ipv4\033[0m"
echo -e "\033[33m地址必须是空格分隔错误的设置可能导致网络回环或启动报错请务必谨慎\033[0m"
read -p "请输入 > " text
if [ -n "$(
echo $text | grep -E "(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])/(3[0-2]|[1-2]?[0-9]))( +|$)+"
)" ]; then
reserve_ipv4="$text"
echo -e "已将保留地址网段设为:\033[32m$reserve_ipv4\033[0m"
setconfig reserve_ipv4 "'$reserve_ipv4'"
else
echo -e "\033[31m输入有误操作已取消\033[0m"
fi
sleep 1
set_fw_filter
;;
*)
errornum
;;
esac
}
set_cust_host_ipv4() {
[ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="未启用"
echo "-----------------------------------------------"
echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo) \033[0m"
echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m"
echo "-----------------------------------------------"
echo -e " 1 移除所有自定义网段"
echo -e " 2 使用自定义网段覆盖默认网段 \033[36m$replace_default_host_ipv4\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应的序号或需要额外添加的网段 > " text
case "$text" in
2)
if [ "$replace_default_host_ipv4" == "未启用" ]; then
replace_default_host_ipv4="已启用"
else
replace_default_host_ipv4="未启用"
fi
setconfig replace_default_host_ipv4 "$replace_default_host_ipv4"
set_cust_host_ipv4
;;
1)
unset cust_host_ipv4
setconfig cust_host_ipv4
set_cust_host_ipv4
;;
0) ;;
*)
if [ -n "$(echo $text | grep -Eo '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}'$)" -a -z "$(echo $cust_host_ipv4 | grep "$text")" ]; then
cust_host_ipv4="$cust_host_ipv4 $text"
setconfig cust_host_ipv4 "'$cust_host_ipv4'"
else
echo "-----------------------------------------------"
echo -e "\033[31m请输入正确的网段地址\033[0m"
fi
sleep 1
set_cust_host_ipv4
;;
esac
}
fw_filter_lan() { #局域网设备过滤
get_devinfo() {
dev_ip=$(cat $dhcpdir | grep " $dev " | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip=$dev
dev_mac=$(cat $dhcpdir | grep " $dev " | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$dev
dev_name=$(cat $dhcpdir | grep " $dev " | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备'
}
add_mac() {
echo "-----------------------------------------------"
echo 已添加的mac地址
cat ${CRASHDIR}/configs/mac 2>/dev/null
echo "-----------------------------------------------"
echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[32m"
cat $dhcpdir | awk '{print " "NR" "$3,$2,$4}'
echo -e "\033[0m-----------------------------------------------"
echo -e "手动输入mac地址时仅支持\033[32mxx:xx:xx:xx:xx:xx\033[0m的形式"
echo -e " 0 或回车 结束添加"
echo "-----------------------------------------------"
read -p "请输入对应序号或直接输入mac地址 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ -n "$(echo $num | grep -aE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$')" ]; then
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$num")" ]; then
echo $num | grep -oE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$' >>${CRASHDIR}/configs/mac
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then
macadd=$(cat $dhcpdir | awk '{print $2}' | sed -n "$num"p)
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$macadd")" ]; then
echo $macadd >>${CRASHDIR}/configs/mac
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
add_mac
fi
}
add_ip() {
echo "-----------------------------------------------"
echo "已添加的IP地址(段)"
cat ${CRASHDIR}/configs/ip_filter 2>/dev/null
echo "-----------------------------------------------"
echo -e "\033[33m序号 设备IP 设备名称\033[32m"
cat $dhcpdir | awk '{print " "NR" "$3,$4}'
echo -e "\033[0m-----------------------------------------------"
echo -e "手动输入时仅支持\033[32m 192.168.1.0/24\033[0m 或 \033[32m192.168.1.0\033[0m 的形式"
echo -e "不支持ipv6地址过滤如有需求请使用mac地址过滤"
echo -e " 0 或回车 结束添加"
echo "-----------------------------------------------"
read -p "请输入对应序号或直接输入IP地址段 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ -n "$(echo $num | grep -aE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$')" ]; then
if [ -z "$(cat ${CRASHDIR}/configs/ip_filter | grep -E "$num")" ]; then
echo $num | grep -oE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$' >>${CRASHDIR}/configs/ip_filter
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的地址请勿重复添加\033[0m"
fi
add_ip
elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then
ipadd=$(cat $dhcpdir | awk '{print $3}' | sed -n "$num"p)
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$ipadd")" ]; then
echo $ipadd >>${CRASHDIR}/configs/ip_filter
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的地址请勿重复添加\033[0m"
fi
add_ip
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
add_ip
fi
}
del_all() {
echo "-----------------------------------------------"
if [ -z "$(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null)" ]; then
echo -e "\033[31m列表中没有需要移除的设备\033[0m"
sleep 1
else
echo -e "请选择需要移除的设备:\033[36m"
echo -e "\033[33m 设备IP 设备mac地址 设备名称\033[0m"
i=1
for dev in $(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null); do
get_devinfo
echo -e " $i \033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m"
i=$((i + 1))
done
echo "-----------------------------------------------"
echo -e "\033[0m 0 或回车 结束删除"
read -p "请输入需要移除的设备的对应序号 > " num
mac_filter_rows=$(cat ${CRASHDIR}/configs/mac 2>/dev/null | wc -l)
ip_filter_rows=$(cat ${CRASHDIR}/configs/ip_filter 2>/dev/null | wc -l)
if [ -z "$num" ] || [ "$num" -le 0 ]; then
n=
elif [ $num -le $mac_filter_rows ]; then
sed -i "${num}d" ${CRASHDIR}/configs/mac
echo "-----------------------------------------------"
echo -e "\033[32m对应设备已移除\033[0m"
del_all
elif [ $num -le $((mac_filter_rows + ip_filter_rows)) ]; then
num=$((num - mac_filter_rows))
sed -i "${num}d" ${CRASHDIR}/configs/ip_filter
echo "-----------------------------------------------"
echo -e "\033[32m对应设备已移除\033[0m"
del_all
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
del_all
fi
fi
}
echo "-----------------------------------------------"
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcp/dhcpd.leases ] && dhcpdir='/var/lib/dhcp/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcpd/dhcpd.leases ] && dhcpdir='/var/lib/dhcpd/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dhcp.leases ] && dhcpdir='/tmp/dhcp.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases'
[ -z "$dhcpdir" ] && dhcpdir='/dev/null'
[ -z "$fw_filter_lan_type" ] && fw_filter_lan_type='黑名单'
if [ "$fw_filter_lan_type" = "黑名单" ]; then
fw_filter_lan_over='白名单'
fw_filter_lan_scrip='不'
else
fw_filter_lan_over='黑名单'
fw_filter_lan_scrip=''
fi
######
echo -e "\033[30;47m请在此添加或移除设备\033[0m"
echo -e "当前过滤方式为:\033[33m$fw_filter_lan_type模式\033[0m"
echo -e "仅列表内设备流量\033[36m$fw_filter_lan_scrip经过\033[0m内核"
if [ -n "$(cat ${CRASHDIR}/configs/mac)" ]; then
echo "-----------------------------------------------"
echo -e "当前已过滤设备为:\033[36m"
echo -e "\033[33m 设备mac/ip地址 设备名称\033[0m"
for dev in $(cat ${CRASHDIR}/configs/mac 2>/dev/null); do
get_devinfo
echo -e "\033[36m$dev_mac \033[0m$dev_name"
done
for dev in $(cat ${CRASHDIR}/configs/ip_filter 2>/dev/null); do
get_devinfo
echo -e "\033[32m$dev_ip \033[0m$dev_name"
done
echo "-----------------------------------------------"
fi
echo -e " 1 切换为\033[33m$fw_filter_lan_over模式\033[0m"
echo -e " 2 \033[32m添加指定设备(mac地址)\033[0m"
echo -e " 3 \033[32m添加指定设备(IP地址/网段)\033[0m"
echo -e " 4 \033[36m移除指定设备\033[0m"
echo -e " 9 \033[31m清空整个列表\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
fw_filter_lan_type=$fw_filter_lan_over
setconfig fw_filter_lan_type $fw_filter_lan_type
echo "-----------------------------------------------"
echo -e "\033[32m已切换为$fw_filter_lan_type模式\033[0m"
fw_filter_lan
;;
2)
add_mac
fw_filter_lan
;;
3)
add_ip
fw_filter_lan
;;
4)
del_all
fw_filter_lan
;;
9)
: >${CRASHDIR}/configs/mac
: >${CRASHDIR}/configs/ip_filter
echo "-----------------------------------------------"
echo -e "\033[31m设备列表已清空\033[0m"
fw_filter_lan
;;
*)
errornum
;;
esac
}

178
scripts/menus/setboot.sh Normal file
View File

@@ -0,0 +1,178 @@
#!/bin/sh
# Copyright (C) Juewuy
setboot() { #启动设置菜单
[ -z "$start_old" ] && start_old=未开启
[ -z "$start_delay" -o "$start_delay" = 0 ] && delay=未设置 || delay=${start_delay}
[ "$autostart" = "enable" ] && auto_set="\033[33m禁止" || auto_set="\033[32m允许"
[ "${BINDIR}" = "${CRASHDIR}" ] && mini_clash=未开启 || mini_clash=已开启
[ -z "$network_check" ] && network_check=已开启
echo "-----------------------------------------------"
echo -e "\033[30;47m欢迎使用启动设置菜单\033[0m"
echo "-----------------------------------------------"
echo -e " 1 ${auto_set}\033[0mShellCrash开机启动"
echo -e " 2 使用保守模式: \033[36m$start_old\033[0m ————基于定时任务(每分钟检测)"
echo -e " 3 设置自启延时: \033[36m$delay\033[0m ————用于解决自启后服务受限"
echo -e " 4 启用小闪存模式: \033[36m$mini_clash\033[0m ————用于闪存空间不足的设备"
[ "${BINDIR}" != "${CRASHDIR}" ] && echo -e " 5 设置小闪存目录: \033[36m${BINDIR}\033[0m"
echo -e " 6 自启网络检查: \033[36m$network_check\033[0m ————禁用则跳过自启时网络检查"
echo "-----------------------------------------------"
echo -e " 0 \033[0m返回上级菜单\033[0m"
read -p "请输入对应数字 > " num
echo "-----------------------------------------------"
case "$num" in
0) ;;
1)
if [ "$autostart" = "enable" ]; then
# 禁止自启动:删除各系统的启动项
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash >/dev/null 2>&1 && cd - >/dev/null
ckcmd systemctl && systemctl disable shellcrash.service >/dev/null 2>&1
grep -q 's6' /proc/1/comm && rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
rc-status -r >/dev/null 2>&1 && rc-update del shellcrash default >/dev/null 2>&1
touch ${CRASHDIR}/.dis_startup
autostart=disable
echo -e "\033[33m已禁止ShellCrash开机启动\033[0m"
elif [ "$autostart" = "disable" ]; then
# 允许自启动:配置各系统的启动项
[ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable
ckcmd systemctl && systemctl enable shellcrash.service >/dev/null 2>&1
grep -q 's6' /proc/1/comm && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
rc-status -r >/dev/null 2>&1 && rc-update add shellcrash default >/dev/null 2>&1
rm -rf ${CRASHDIR}/.dis_startup
autostart=enable
echo -e "\033[32m已设置ShellCrash开机启动\033[0m"
fi
setboot
;;
2)
if [ "$start_old" = "未开启" ] >/dev/null 2>&1; then
echo -e "\033[33m改为使用保守模式启动服务\033[0m"
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *shellcrash >/dev/null 2>&1 && cd - >/dev/null
ckcmd systemctl && systemctl disable shellcrash.service >/dev/null 2>&1
grep -q 's6' /proc/1/comm && rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
rc-status -r >/dev/null 2>&1 && rc-update del shellcrash default >/dev/null 2>&1
start_old=已开启
setconfig start_old $start_old
${CRASHDIR}/start.sh stop
else
if grep -qE 'procd|systemd|s6' /proc/1/comm || rc-status -r >/dev/null 2>&1; then
echo -e "\033[32m改为使用系统守护进程启动服务\033[0m"
${CRASHDIR}/start.sh cronset "ShellCrash初始化"
start_old=未开启
setconfig start_old $start_old
${CRASHDIR}/start.sh stop
else
echo -e "\033[31m当前设备不支持以其他模式启动\033[0m"
fi
fi
sleep 1
setboot
;;
3)
echo -e "\033[33m如果你的设备启动后可以正常使用则无需设置\033[0m"
echo -e "\033[36m推荐设置为30~120秒之间请根据设备问题自行试验\033[0m"
read -p "请输入启动延迟时间(0~300秒) > " sec
case "$sec" in
[0-9] | [0-9][0-9] | [0-2][0-9][0-9] | 300)
start_delay=$sec
setconfig start_delay $sec
echo -e "\033[32m设置成功\033[0m"
;;
*)
echo -e "\033[31m输入有误或超过300秒请重新输入\033[0m"
;;
esac
sleep 1
setboot
;;
4)
dir_size=$(df ${CRASHDIR} | awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' | grep Ava | awk '{print $2}')
if [ "$mini_clash" = "未开启" ]; then
if [ "$dir_size" -gt 20480 ]; then
echo -e "\033[33m您的设备空间充足(>20M),无需开启!\033[0m"
elif [ "$start_old" != '已开启' -a "$(cat /proc/1/comm)" = "systemd" ]; then
echo -e "\033[33m不支持systemd启动模式请先启用保守模式\033[0m"
else
[ "$BINDIR" = "$CRASHDIR" ] && BINDIR="$TMPDIR"
echo -e "\033[32m已经启用小闪存功能\033[0m"
echo -e "如需更换目录,请使用【设置小闪存目录】功能\033[0m"
fi
else
if [ "$dir_size" -lt 8192 ]; then
echo -e "\033[31m您的设备剩余空间不足8M停用后可能无法正常运行\033[0m"
read -p "确认停用此功能?(1/0) > " res
[ "$res" = 1 ] && BINDIR="$CRASHDIR" && echo -e "\033[33m已经停用小闪存功能\033[0m"
else
rm -rf /tmp/ShellCrash
BINDIR="$CRASHDIR"
echo -e "\033[33m已经停用小闪存功能\033[0m"
fi
fi
setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
sleep 1
setboot
;;
5)
echo -e "\033[33m如设置到内存则每次开机后都自动重新下载相关文件\033[0m"
echo -e "\033[33m请确保安装源可用裸连否则会导致启动失败\033[0m"
echo " 1 使用内存(/tmp)"
echo " 2 选择U盘目录"
echo " 3 自定义目录"
read -p "请输入相应数字 > " num
case "$num" in
1)
BINDIR="$TMPDIR"
;;
2)
set_usb_dir() {
echo "请选择安装目录"
du -hL /mnt | awk '{print " "NR" "$2" "$1}'
read -p "请输入相应数字 > " num
BINDIR=$(du -hL /mnt | awk '{print $2}' | sed -n "$num"p)
if [ -z "$BINDIR" ]; then
echo "\033[31m输入错误请重新设置\033[0m"
set_usb_dir
fi
}
set_usb_dir
;;
3)
input_dir() {
read -p "请输入自定义目录 > " BINDIR
if [ ! -d "$BINDIR" ]; then
echo "\033[31m输入错误请重新设置\033[0m"
input_dir
fi
}
input_dir
;;
*)
errornum
;;
esac
setconfig BINDIR ${BINDIR} ${CRASHDIR}/configs/command.env
setboot
;;
6)
echo -e "\033[33m如果你的设备启动后可以正常使用则无需变更设置\033[0m"
echo -e "\033[36m禁用时如果使用了小闪存模式或者rule-set等在线规则则可能会因无法联网而导致启动失败\033[0m"
echo -e "\033[32m启用时会导致部分性能较差或者拨号较慢的设备可能会因查询超时导致启动失败\033[0m"
read -p "是否切换?(1/0) > " res
[ "$res" = '1' ] && {
if [ "$network_check" = "已禁用" ]; then
network_check=已启用
else
network_check=已禁用
fi
setconfig network_check $network_check
}
sleep 1
setboot
;;
*)
errornum
;;
esac
}

971
scripts/menus/settings.sh Normal file
View File

@@ -0,0 +1,971 @@
#!/bin/sh
# Copyright (C) Juewuy
settings() { #功能设置
#获取设置默认显示
[ -z "$skip_cert" ] && skip_cert=已开启
[ -z "$sniffer" ] && sniffer=未启用
#
echo "-----------------------------------------------"
echo -e "\033[30;47m欢迎使用功能设置菜单\033[0m"
echo "-----------------------------------------------"
echo -e " 1 设置代理模式: \033[36m$redir_mod\033[0m"
echo -e " 2 设置DNS模式 \033[36m$dns_mod\033[0m"
echo -e " 3 设置各类流量过滤"
[ "$disoverride" != "1" ] && {
echo -e " 4 跳过证书验证: \033[36m$skip_cert\033[0m"
echo -e " 5 启用域名嗅探: \033[36m$sniffer\033[0m"
echo -e " 6 自定义\033[32m端口及秘钥\033[0m"
}
echo -e " 8 ipv6设置 \033[36m$ipv6_redir\033[0m"
echo "-----------------------------------------------"
echo -e " 9 \033[31m重置/备份/还原\033[0m脚本设置"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
1)
if [ "$USER" != "root" -a "$USER" != "admin" ]; then
echo "-----------------------------------------------"
read -p "非root用户可能无法正确配置其他模式依然尝试吗(1/0) > " res
[ "$res" = 1 ] && set_redir_mod
else
set_redir_mod
fi
sleep 1
settings
;;
2)
set_dns_mod
sleep 1
settings
;;
3)
set_fw_filter
sleep 1
settings
;;
4)
echo "-----------------------------------------------"
if [ "$skip_cert" = "未开启" ] >/dev/null 2>&1; then
echo -e "\033[33m已设为开启跳过本地证书验证\033[0m"
skip_cert=已开启
else
echo -e "\033[33m已设为禁止跳过本地证书验证\033[0m"
skip_cert=未开启
fi
setconfig skip_cert $skip_cert
settings
;;
5)
echo "-----------------------------------------------"
if [ "$sniffer" = "未启用" ]; then
if [ "$crashcore" = "clash" ]; then
rm -rf ${TMPDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore
rm -rf ${CRASHDIR}/CrashCore.tar.gz
crashcore=meta
setconfig crashcore $crashcore
echo "已将ShellCrash内核切换为Meta内核域名嗅探依赖Meta或者高版本clashpre内核"
fi
sniffer=已启用
elif [ "$crashcore" = "clashpre" -a "$dns_mod" = "redir_host" ]; then
echo -e "\033[31m使用clashpre内核且开启redir-host模式时无法关闭\033[0m"
else
sniffer=未启用
fi
setconfig sniffer $sniffer
settings
;;
6)
if [ -n "$(pidof CrashCore)" ]; then
echo "-----------------------------------------------"
echo -e "\033[33m检测到服务正在运行需要先停止服务\033[0m"
read -p "是否停止服务?(1/0) > " res
if [ "$res" = "1" ]; then
${CRASHDIR}/start.sh stop
set_adv_config
fi
else
set_adv_config
fi
settings
;;
8)
set_ipv6
settings
;;
9)
echo "-----------------------------------------------"
echo -e " 1 备份脚本设置"
echo -e " 2 还原脚本设置"
echo -e " 3 重置脚本设置"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
cp -f "$CFG_PATH" "$CFG_PATH".bak
echo -e "\033[32m脚本设置已备份\033[0m"
elif [ "$num" = 2 ]; then
if [ -f "$CFG_PATH.bak" ]; then
mv -f "$CFG_PATH" "$CFG_PATH".bak2
mv -f "$CFG_PATH".bak "$CFG_PATH"
mv -f "$CFG_PATH".bak2 "$CFG_PATH".bak
echo -e "\033[32m脚本设置已还原(被覆盖的配置已备份!)\033[0m"
else
echo -e "\033[31m找不到备份文件请先备份脚本设置\033[0m"
fi
elif [ "$num" = 3 ]; then
mv -f "$CFG_PATH" "$CFG_PATH".bak
. ${CRASHDIR}/init.sh >/dev/null
echo -e "\033[32m脚本设置已重置(旧文件已备份!)\033[0m"
fi
echo -e "\033[33m请重新启动脚本\033[0m"
exit 0
;;
*)
errornum
;;
esac
}
set_redir_mod() { #代理模式设置
set_redir_config() {
setconfig redir_mod $redir_mod
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $redir_mod \033[0m"
}
[ -n "$(ls /dev/net/tun 2>/dev/null)" ] || ip tuntap >/dev/null 2>&1 && sup_tun=1
[ -z "$firewall_area" ] && firewall_area=1
[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod='Redir模式'
[ -z "$redir_mod" ] && redir_mod='纯净模式'
firewall_area_dsc=$(echo "仅局域网 仅本机 局域网+本机 纯净模式 主-旁转发($bypass_host)" | cut -d' ' -f$firewall_area)
echo "-----------------------------------------------"
echo -e "当前代理模式为:\033[47;30m$redir_mod\033[0mShellCrash核心为\033[47;30m $crashcore \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo "-----------------------------------------------"
[ $firewall_area -le 3 ] && {
echo -e " 1 \033[32mRedir模式\033[0m Redir转发TCP不转发UDP"
echo -e " 2 \033[36m混合模式\033[0m Redir转发TCPTun转发UDP"
echo -e " 3 \033[32mTproxy模式\033[0m Tproxy转发TCP&UDP"
echo -e " 4 \033[33mTun模式\033[0m Tun转发TCP&UDP(占用高不推荐)"
echo "-----------------------------------------------"
}
[ "$firewall_area" = 5 ] && {
echo -e " 5 \033[32mTCP旁路转发\033[0m 仅转发TCP流量至旁路由"
echo -e " 6 \033[36mT&U旁路转发\033[0m 转发TCP&UDP流量至旁路由"
echo "-----------------------------------------------"
}
echo -e " 7 设置代理范围: \033[47;30m$firewall_area_dsc\033[0m"
echo -e " 8 容器/虚拟机代理: \033[47;30m$vm_redir\033[0m"
echo -e " 9 切换防火墙应用: \033[47;30m$firewall_mod\033[0m"
echo "-----------------------------------------------"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
redir_mod=Redir模式
set_redir_config
set_redir_mod
;;
2)
if [ -n "$sup_tun" ]; then
redir_mod=混合模式
set_redir_config
else
echo -e "\033[31m设备未检测到Tun内核模块请尝试其他模式或者安装相关依赖\033[0m"
sleep 1
fi
set_redir_mod
;;
3)
if [ "$firewall_mod" = "iptables" ]; then
if [ -f /etc/init.d/qca-nss-ecm -a "$systype" = "mi_snapshot" ]; then
read -p "xiaomi设备的QOS服务与本模式冲突是否禁用相关功能(1/0) > " res
[ "$res" = '1' ] && {
${CRASHDIR}/misnap_init.sh tproxyfix
redir_mod=Tproxy模式
set_redir_config
}
elif grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then
redir_mod=Tproxy模式
set_redir_config
else
echo -e "\033[31m设备未检测到iptables-mod-tproxy模块请尝试其他模式或者安装相关依赖\033[0m"
sleep 1
fi
elif [ "$firewall_mod" = "nftables" ]; then
if modprobe nft_tproxy >/dev/null 2>&1 || lsmod 2>/dev/null | grep -q nft_tproxy; then
redir_mod=Tproxy模式
set_redir_config
else
echo -e "\033[31m设备未检测到nft_tproxy内核模块请尝试其他模式或者安装相关依赖\033[0m"
sleep 1
fi
fi
set_redir_mod
;;
4)
if [ -n "$sup_tun" ]; then
redir_mod=Tun模式
set_redir_config
else
echo -e "\033[31m设备未检测到Tun内核模块请尝试其他模式或者安装相关依赖\033[0m"
sleep 1
fi
set_redir_mod
;;
5)
redir_mod=TCP旁路转发
set_redir_config
set_redir_mod
;;
6)
redir_mod=T &
U旁路转发
set_redir_config
set_redir_mod
;;
7)
set_firewall_area
set_redir_mod
;;
8)
set_firewall_vm
set_redir_mod
;;
9)
if [ "$firewall_mod" = 'iptables' ]; then
if nft add table inet shellcrash 2>/dev/null; then
firewall_mod=nftables
redir_mod=Redir模式
setconfig redir_mod $redir_mod
else
echo -e "\033[31m当前设备未安装nftables或者nftables版本过低(<1.0.2),无法切换!\033[0m"
fi
elif [ "$firewall_mod" = 'nftables' ]; then
if ckcmd iptables; then
firewall_mod=iptables
redir_mod=Redir模式
setconfig redir_mod $redir_mod
else
echo -e "\033[31m当前设备未安装iptables,无法切换!\033[0m"
fi
else
iptables -j REDIRECT -h >/dev/null 2>&1 && firewall_mod=iptables
nft add table inet shellcrash 2>/dev/null && firewall_mod=nftables
if [ -n "$firewall_mod" ]; then
redir_mod=Redir模式
setconfig redir_mod $redir_mod
setconfig firewall_mod $firewall_mod
else
echo -e "\033[31m检测不到可用的防火墙应用(iptables/nftables),无法切换!\033[0m"
fi
fi
sleep 1
setconfig firewall_mod $firewall_mod
set_redir_mod
;;
*)
errornum
;;
esac
}
set_dns_mod() { #DNS模式设置
echo "-----------------------------------------------"
echo -e "当前DNS运行模式为\033[47;30m $dns_mod \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo "-----------------------------------------------"
echo -e " 1 fake-ip模式 响应快,\033[33m兼容性较差\033[0m"
echo -e " 不支持CN-IP绕过功能"
echo -e " 2 redir_host模式\033[33m不安全易被污染\033[0m"
echo -e " 建议搭配第三方DNS服务使用"
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
echo -e " 3 mix混合模式 \033[32m防污染防泄露响应快推荐\033[0m"
echo -e " cn域名realip其他fakeip分流"
echo -e " 4 route模式 \033[32m防污染防泄露全真实IP\033[0m"
echo -e " cn域名realip其他dns2proxy分流"
fi
echo -e " 9 \033[36mDNS进阶设置\033[0m"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
dns_mod=fake-ip
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
;;
2)
dns_mod=redir_host
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
;;
3)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=mix
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
;;
4)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=route
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
else
echo -e "\033[31m当前内核不支持的功能\033[0m"
sleep 1
fi
;;
9)
setdns
set_dns_mod
;;
*)
errornum
;;
esac
}
set_fw_filter(){ #流量过滤
[ -z "$common_ports" ] && common_ports=已开启
[ -z "$quic_rj" ] && quic_rj=未开启
[ -z "$cn_ip_route" ] && cn_ip_route=未开启
[ -z "$(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null)" ] && mac_return=未开启 || mac_return=已启用
echo "-----------------------------------------------"
echo -e " 1 过滤非常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量"
echo -e " 2 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤"
echo -e " 3 过滤QUIC协议: \033[36m$quic_rj\033[0m ————优化视频性能"
[ "$dns_mod" != "fake-ip" ] &&
echo -e " 4 过滤CN_IP(6)列表: \033[36m$cn_ip_route\033[0m ————优化性能不兼容Fake-ip"
echo -e " 5 自定义透明路由ipv4网段: 适合vlan等复杂网络环境"
echo -e " 6 自定义保留地址ipv4网段: 需要以保留地址为访问目标的环境"
echo "-----------------------------------------------"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0)
;;
1)
set_common_ports() {
if [ "$common_ports" = "未开启" ]; then
echo -e "\033[33m当前代理端口为$multiport】\033[0m"
echo -e "\033[31m注意fake-ip模式下非常用端口的域名连接将不受影响\033[0m"
read -p "是否修改默认端口?(1/0) > " res
[ "$res" = "1" ] && {
read -p "请输入自定义端口,注意用小写逗号分隔 > " text
[ -n "$text" ] && setconfig multiport $text && echo -e "\033[33m已设为代理【$multiport】端口!!\033[0m"
}
common_ports=已开启
sleep 1
else
echo -e "\033[33m已设为代理全部端口\033[0m"
common_ports=未开启
fi
setconfig common_ports $common_ports
}
echo "-----------------------------------------------"
if [ -n "$(pidof CrashCore)" ]; then
read -p "切换时将停止服务,是否继续?(1/0) > " res
[ "$res" = 1 ] && ${CRASHDIR}/start.sh stop && set_common_ports
else
set_common_ports
fi
set_fw_filter
;;
2)
checkcfg_mac=$(cat ${CRASHDIR}/configs/mac)
fw_filter_lan
if [ -n "$PID" ]; then
checkcfg_mac_new=$(cat ${CRASHDIR}/configs/mac)
[ "$checkcfg_mac" != "$checkcfg_mac_new" ] && checkrestart
fi
set_fw_filter
;;
3)
echo "-----------------------------------------------"
if [ -n "$(echo "$redir_mod" | grep -oE '混合|Tproxy|Tun')" ]; then
if [ "$quic_rj" = "未开启" ]; then
echo -e "\033[33m已禁止QUIC流量通过ShellCrash内核\033[0m"
quic_rj=已启用
else
echo -e "\033[33m已取消禁止QUIC协议流量\033[0m"
quic_rj=未开启
fi
setconfig quic_rj $quic_rj
else
echo -e "\033[33m当前模式默认不会代理UDP流量无需设置\033[0m"
fi
sleep 1
set_fw_filter
;;
4)
if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = 'nftables' ]; then
if [ "$cn_ip_route" = "未开启" ]; then
echo -e "\033[32m已开启CN_IP绕过内核功能\033[0m"
echo -e "\033[31m注意此功能会导致全局模式及一切CN相关规则失效\033[0m"
cn_ip_route=已开启
sleep 2
else
echo -e "\033[33m已禁用CN_IP绕过内核功能\033[0m"
cn_ip_route=未开启
fi
setconfig cn_ip_route $cn_ip_route
else
echo -e "\033[31m当前设备缺少ipset模块或未使用nftables模式无法启用绕过功能\033[0m"
sleep 1
fi
set_fw_filter
;;
5)
set_cust_host_ipv4
set_fw_filter
;;
6)
[ -z "$reserve_ipv4" ] && reserve_ipv4="0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 100.64.0.0/10 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4"
echo -e "当前网段:\033[36m$reserve_ipv4\033[0m"
echo -e "\033[33m地址必须是空格分隔错误的设置可能导致网络回环或启动报错请务必谨慎\033[0m"
read -p "请输入 > " text
if [ -n "$(
echo $text | grep -E "(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])/(3[0-2]|[1-2]?[0-9]))( +|$)+"
)" ]; then
reserve_ipv4="$text"
echo -e "已将保留地址网段设为:\033[32m$reserve_ipv4\033[0m"
setconfig reserve_ipv4 "'$reserve_ipv4'"
else
echo -e "\033[31m输入有误操作已取消\033[0m"
fi
sleep 1
set_fw_filter
;;
*)
errornum
;;
esac
}
set_cust_host_ipv4() { #自定义ipv4透明路由网段
[ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="未启用"
echo "-----------------------------------------------"
echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo) \033[0m"
echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m"
echo "-----------------------------------------------"
echo -e " 1 移除所有自定义网段"
echo -e " 2 使用自定义网段覆盖默认网段 \033[36m$replace_default_host_ipv4\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应的序号或需要额外添加的网段 > " text
case "$text" in
2)
if [ "$replace_default_host_ipv4" == "未启用" ]; then
replace_default_host_ipv4="已启用"
else
replace_default_host_ipv4="未启用"
fi
setconfig replace_default_host_ipv4 "$replace_default_host_ipv4"
set_cust_host_ipv4
;;
1)
unset cust_host_ipv4
setconfig cust_host_ipv4
set_cust_host_ipv4
;;
0) ;;
*)
if [ -n "$(echo $text | grep -Eo '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}'$)" -a -z "$(echo $cust_host_ipv4 | grep "$text")" ]; then
cust_host_ipv4="$cust_host_ipv4 $text"
setconfig cust_host_ipv4 "'$cust_host_ipv4'"
else
echo "-----------------------------------------------"
echo -e "\033[31m请输入正确的网段地址\033[0m"
fi
sleep 1
set_cust_host_ipv4
;;
esac
}
fw_filter_lan() { #局域网设备过滤
get_devinfo() {
dev_ip=$(cat $dhcpdir | grep " $dev " | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip=$dev
dev_mac=$(cat $dhcpdir | grep " $dev " | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$dev
dev_name=$(cat $dhcpdir | grep " $dev " | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备'
}
add_mac() {
echo "-----------------------------------------------"
echo 已添加的mac地址
cat ${CRASHDIR}/configs/mac 2>/dev/null
echo "-----------------------------------------------"
echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[32m"
cat $dhcpdir | awk '{print " "NR" "$3,$2,$4}'
echo -e "\033[0m-----------------------------------------------"
echo -e "手动输入mac地址时仅支持\033[32mxx:xx:xx:xx:xx:xx\033[0m的形式"
echo -e " 0 或回车 结束添加"
echo "-----------------------------------------------"
read -p "请输入对应序号或直接输入mac地址 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ -n "$(echo $num | grep -aE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$')" ]; then
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$num")" ]; then
echo $num | grep -oE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$' >>${CRASHDIR}/configs/mac
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then
macadd=$(cat $dhcpdir | awk '{print $2}' | sed -n "$num"p)
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$macadd")" ]; then
echo $macadd >>${CRASHDIR}/configs/mac
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的设备请勿重复添加\033[0m"
fi
add_mac
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
add_mac
fi
}
add_ip() {
echo "-----------------------------------------------"
echo "已添加的IP地址(段)"
cat ${CRASHDIR}/configs/ip_filter 2>/dev/null
echo "-----------------------------------------------"
echo -e "\033[33m序号 设备IP 设备名称\033[32m"
cat $dhcpdir | awk '{print " "NR" "$3,$4}'
echo -e "\033[0m-----------------------------------------------"
echo -e "手动输入时仅支持\033[32m 192.168.1.0/24\033[0m 或 \033[32m192.168.1.0\033[0m 的形式"
echo -e "不支持ipv6地址过滤如有需求请使用mac地址过滤"
echo -e " 0 或回车 结束添加"
echo "-----------------------------------------------"
read -p "请输入对应序号或直接输入IP地址段 > " num
if [ -z "$num" -o "$num" = 0 ]; then
i=
elif [ -n "$(echo $num | grep -aE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$')" ]; then
if [ -z "$(cat ${CRASHDIR}/configs/ip_filter | grep -E "$num")" ]; then
echo $num | grep -oE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$' >>${CRASHDIR}/configs/ip_filter
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的地址请勿重复添加\033[0m"
fi
add_ip
elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then
ipadd=$(cat $dhcpdir | awk '{print $3}' | sed -n "$num"p)
if [ -z "$(cat ${CRASHDIR}/configs/mac | grep -E "$ipadd")" ]; then
echo $ipadd >>${CRASHDIR}/configs/ip_filter
else
echo "-----------------------------------------------"
echo -e "\033[31m已添加的地址请勿重复添加\033[0m"
fi
add_ip
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
add_ip
fi
}
del_all() {
echo "-----------------------------------------------"
if [ -z "$(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null)" ]; then
echo -e "\033[31m列表中没有需要移除的设备\033[0m"
sleep 1
else
echo -e "请选择需要移除的设备:\033[36m"
echo -e "\033[33m 设备IP 设备mac地址 设备名称\033[0m"
i=1
for dev in $(cat ${CRASHDIR}/configs/mac ${CRASHDIR}/configs/ip_filter 2>/dev/null); do
get_devinfo
echo -e " $i \033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m"
i=$((i + 1))
done
echo "-----------------------------------------------"
echo -e "\033[0m 0 或回车 结束删除"
read -p "请输入需要移除的设备的对应序号 > " num
mac_filter_rows=$(cat ${CRASHDIR}/configs/mac 2>/dev/null | wc -l)
ip_filter_rows=$(cat ${CRASHDIR}/configs/ip_filter 2>/dev/null | wc -l)
if [ -z "$num" ] || [ "$num" -le 0 ]; then
n=
elif [ $num -le $mac_filter_rows ]; then
sed -i "${num}d" ${CRASHDIR}/configs/mac
echo "-----------------------------------------------"
echo -e "\033[32m对应设备已移除\033[0m"
del_all
elif [ $num -le $((mac_filter_rows + ip_filter_rows)) ]; then
num=$((num - mac_filter_rows))
sed -i "${num}d" ${CRASHDIR}/configs/ip_filter
echo "-----------------------------------------------"
echo -e "\033[32m对应设备已移除\033[0m"
del_all
else
echo "-----------------------------------------------"
echo -e "\033[31m输入有误请重新输入\033[0m"
del_all
fi
fi
}
echo "-----------------------------------------------"
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcp/dhcpd.leases ] && dhcpdir='/var/lib/dhcp/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /var/lib/dhcpd/dhcpd.leases ] && dhcpdir='/var/lib/dhcpd/dhcpd.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dhcp.leases ] && dhcpdir='/tmp/dhcp.leases'
[ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases'
[ -z "$dhcpdir" ] && dhcpdir='/dev/null'
[ -z "$fw_filter_lan_type" ] && fw_filter_lan_type='黑名单'
if [ "$fw_filter_lan_type" = "黑名单" ]; then
fw_filter_lan_over='白名单'
fw_filter_lan_scrip='不'
else
fw_filter_lan_over='黑名单'
fw_filter_lan_scrip=''
fi
######
echo -e "\033[30;47m请在此添加或移除设备\033[0m"
echo -e "当前过滤方式为:\033[33m$fw_filter_lan_type模式\033[0m"
echo -e "仅列表内设备流量\033[36m$fw_filter_lan_scrip经过\033[0m内核"
if [ -n "$(cat ${CRASHDIR}/configs/mac)" ]; then
echo "-----------------------------------------------"
echo -e "当前已过滤设备为:\033[36m"
echo -e "\033[33m 设备mac/ip地址 设备名称\033[0m"
for dev in $(cat ${CRASHDIR}/configs/mac 2>/dev/null); do
get_devinfo
echo -e "\033[36m$dev_mac \033[0m$dev_name"
done
for dev in $(cat ${CRASHDIR}/configs/ip_filter 2>/dev/null); do
get_devinfo
echo -e "\033[32m$dev_ip \033[0m$dev_name"
done
echo "-----------------------------------------------"
fi
echo -e " 1 切换为\033[33m$fw_filter_lan_over模式\033[0m"
echo -e " 2 \033[32m添加指定设备(mac地址)\033[0m"
echo -e " 3 \033[32m添加指定设备(IP地址/网段)\033[0m"
echo -e " 4 \033[36m移除指定设备\033[0m"
echo -e " 9 \033[31m清空整个列表\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
fw_filter_lan_type=$fw_filter_lan_over
setconfig fw_filter_lan_type $fw_filter_lan_type
echo "-----------------------------------------------"
echo -e "\033[32m已切换为$fw_filter_lan_type模式\033[0m"
fw_filter_lan
;;
2)
add_mac
fw_filter_lan
;;
3)
add_ip
fw_filter_lan
;;
4)
del_all
fw_filter_lan
;;
9)
: >${CRASHDIR}/configs/mac
: >${CRASHDIR}/configs/ip_filter
echo "-----------------------------------------------"
echo -e "\033[31m设备列表已清空\033[0m"
fw_filter_lan
;;
*)
errornum
;;
esac
}
set_adv_config() { #端口设置
. "$CFG_PATH" >/dev/null
[ -z "$secret" ] && secret=未设置
[ -z "$table" ] && table=100
[ -z "$authentication" ] && auth=未设置 || auth=******
inputport() {
read -p "请输入端口号(1-65535) > " portx
. "$CRASHDIR"/menus/check_port.sh #加载测试函数
if check_port "$portx"; then
setconfig "$xport" "$portx"
echo -e "\033[32m设置成功\033[0m"
set_adv_config
else
sleep 1
fi
}
echo "-----------------------------------------------"
echo -e " 1 修改Http/Sock5端口 \033[36m$mix_port\033[0m"
echo -e " 2 设置Http/Sock5密码 \033[36m$auth\033[0m"
echo -e " 3 修改Redir/Tproxy端口\033[36m$redir_port,$((redir_port + 1))\033[0m"
echo -e " 4 修改DNS监听端口 \033[36m$dns_port\033[0m"
echo -e " 5 修改面板访问端口: \033[36m$db_port\033[0m"
echo -e " 6 设置面板访问密码: \033[36m$secret\033[0m"
echo -e " 7 修改默认端口过滤: \033[36m$multiport\033[0m"
echo -e " 8 自定义本机host地址 \033[36m$host\033[0m"
echo -e " 9 自定义路由表: \033[36m$table,$((table + 1))\033[0m"
echo -e " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
xport=mix_port
inputport
;;
2)
echo "-----------------------------------------------"
echo -e "格式必须是\033[32m 用户名:密码 \033[0m的形式注意用小写冒号分隔"
echo -e "请尽量不要使用特殊符号!避免产生未知错误!"
echo "输入 0 删除密码"
echo "-----------------------------------------------"
read -p "请输入Http/Sock5用户名及密码 > " input
if [ "$input" = "0" ]; then
authentication=""
setconfig authentication
echo 密码已移除!
else
if [ "$local_proxy" = "已开启" -a "$local_type" = "环境变量" ]; then
echo "-----------------------------------------------"
echo -e "\033[33m请先禁用本机代理功能或使用增强模式\033[0m"
sleep 1
else
authentication=$(echo $input | grep :)
if [ -n "$authentication" ]; then
setconfig authentication "'$authentication'"
echo -e "\033[32m设置成功\033[0m"
else
echo -e "\033[31m输入有误请重新输入\033[0m"
fi
fi
fi
set_adv_config
;;
3)
xport=redir_port
inputport
;;
4)
xport=dns_port
inputport
;;
5)
xport=db_port
inputport
;;
6)
read -p "请输入面板访问密码(输入0删除密码) > " secret
if [ -n "$secret" ]; then
[ "$secret" = "0" ] && secret=""
setconfig secret $secret
echo -e "\033[32m设置成功\033[0m"
fi
set_adv_config
;;
7)
echo "-----------------------------------------------"
echo -e "需配合\033[32m仅代理常用端口\033[0m功能使用"
echo -e "多个端口请用小写逗号分隔,例如:\033[33m143,80,443\033[0m"
echo -e "输入 0 重置为默认端口"
echo "-----------------------------------------------"
read -p "请输入需要指定代理的端口 > " multiport
if [ -n "$multiport" ]; then
[ "$multiport" = "0" ] && multiport="22,80,143,194,443,465,587,853,993,995,5222,8080,8443"
common_ports=已开启
setconfig multiport "$multiport"
setconfig common_ports "$common_ports"
echo -e "\033[32m设置成功\033[0m"
fi
set_adv_config
;;
8)
echo "-----------------------------------------------"
echo -e "\033[33m如果你的局域网网段不是192.168.x或172.16.x或10.x开头请务必修改\033[0m"
echo -e "\033[31m设置后如本机host地址有变动请务必重新修改\033[0m"
echo "-----------------------------------------------"
read -p "请输入自定义host地址(输入0移除自定义host) > " host
if [ "$host" = "0" ]; then
host=""
setconfig host "$host"
echo -e "\033[32m已经移除自定义host地址请重新运行脚本以自动获取host\033[0m"
exit 0
elif [ -n "$(echo $host | grep -E -o '\<([1-9]|[1-9][0-9]|1[0-9]{2}|2[01][0-9]|22[0-3])\>(\.\<([0-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>){2}\.\<([1-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>')" ]; then
setconfig host "$host"
echo -e "\033[32m设置成功\033[0m"
else
host=""
echo -e "\033[31m输入错误请仔细核对\033[0m"
fi
sleep 1
set_adv_config
;;
9)
echo "-----------------------------------------------"
echo -e "\033[33m仅限Tproxy、Tun或混合模式路由表出现冲突时才需要设置\033[0m"
read -p "请输入路由表地址(不明勿动建议102-125之间) > " table
if [ -n "$table" ]; then
[ "$table" = "0" ] && table="100"
setconfig table "$table"
echo -e "\033[32m设置成功\033[0m"
fi
set_adv_config
;;
*)
errornum
;;
esac
}
set_firewall_area() { #代理范围设置
[ -z "$vm_redir" ] && vm_redir='未开启'
echo "-----------------------------------------------"
echo -e "\033[31m注意\033[0m基于桥接网卡的Docker/虚拟机流量请单独启用6"
echo -e "\033[33m如你使用了第三方DNS如smartdns等请勿启用本机代理或使用shellcrash用户执行\033[0m"
echo "-----------------------------------------------"
echo -e " 1 \033[32m仅代理局域网流量\033[0m"
echo -e " 2 \033[36m仅代理本机流量\033[0m"
echo -e " 3 \033[32m代理局域网+本机流量\033[0m"
echo -e " 4 不配置流量代理(纯净模式)\033[0m"
#echo -e " 5 \033[33m转发局域网流量到旁路由设备\033[0m"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
[1-4])
[ $firewall_area -ge 4 ] && {
redir_mod=Redir模式
setconfig redir_mod $redir_mod
}
[ "$num" = 4 ] && {
redir_mod=纯净模式
setconfig redir_mod $redir_mod
}
firewall_area=$num
setconfig firewall_area $firewall_area
;;
5)
echo "-----------------------------------------------"
echo -e "\033[31m注意\033[0m此功能存在多种风险如无网络基础请勿尝试"
echo -e "\033[33m说明\033[0m此功能不启动内核仅配置防火墙转发且子设备无需额外设置网关DNS"
echo -e "\033[33m说明\033[0m支持防火墙分流及设备过滤支持部分定时任务但不支持ipv6"
echo -e "\033[31m注意\033[0m如需代理UDP请确保旁路由运行了支持UDP代理的模式"
echo -e "\033[31m注意\033[0m如使用systemd方式启动内核依然会空载运行建议使用保守模式"
echo "-----------------------------------------------"
read -p "请输入旁路由IPV4地址 > " bypass_host
[ -n "$bypass_host" ] && {
firewall_area=$num
setconfig firewall_area $firewall_area
setconfig bypass_host $bypass_host
redir_mod=TCP旁路转发
setconfig redir_mod $redir_mod
}
;;
*) errornum ;;
esac
sleep 1
}
set_firewall_vm(){
if [ -n "$vm_ipv4" ]; then
vm_des='当前代理'
else
vm_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -E 'docker|podman|virbr|vnet|ovs|vmbr|veth|vmnic|vboxnet|lxcbr|xenbr|vEthernet' | sed 's/.*inet.//g' | sed 's/ br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ')
vm_des='当前获取到'
fi
echo "-----------------------------------------------"
echo -e "$vm_des的容器/虚拟机网段为:\033[32m$vm_ipv4\033[0m"
echo -e "如未包含容器网段,请先运行容器再运行脚本或者手动设置网段"
echo "-----------------------------------------------"
echo -e " 1 \033[32m启用代理并使用默认网段\033[0m"
echo -e " 2 \033[36m启用代理并自定义网段\033[0m"
echo -e " 3 \033[31m禁用代理\033[0m"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
1)
if [ -n "$vm_ipv4" ]; then
vm_redir=已开启
else
echo -e "\033[33m请先运行容器再运行脚本或者手动设置网段\033[0m"
fi
;;
2)
echo -e "多个网段请用空格连接可运行容器后使用【ip route】命令查看网段地址"
echo -e "示例:\033[32m10.88.0.0/16 172.17.0.0/16\033[0m"
read -p "请输入自定义网段 > " text
[ -n "$text" ] && vm_ipv4=$text && vm_redir=已开启
;;
3)
vm_redir=未开启
unset vm_ipv4
;;
*) ;;
esac
setconfig vm_redir $vm_redir
setconfig vm_ipv4 "'$vm_ipv4'"
sleep 1
set_redir_mod
}
set_ipv6() { #ipv6设置
[ -z "$ipv6_redir" ] && ipv6_redir=未开启
[ -z "$ipv6_dns" ] && ipv6_dns=已开启
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
echo "-----------------------------------------------"
echo -e " 1 ipv6透明代理: \033[36m$ipv6_redir\033[0m ——代理ipv6流量"
[ "$disoverride" != "1" ] && echo -e " 2 ipv6-DNS解析: \033[36m$ipv6_dns\033[0m ——决定内置DNS是否返回ipv6地址"
echo -e " 3 CNV6绕过内核: \033[36m$cn_ipv6_route\033[0m ——优化性能不兼容fake-ip"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ "$ipv6_redir" = "未开启" ]; then
ipv6_support=已开启
ipv6_redir=已开启
sleep 2
else
ipv6_redir=未开启
fi
setconfig ipv6_redir $ipv6_redir
setconfig ipv6_support $ipv6_support
set_ipv6
;;
2)
[ "$ipv6_dns" = "未开启" ] && ipv6_dns=已开启 || ipv6_dns=未开启
setconfig ipv6_dns $ipv6_dns
set_ipv6
;;
3)
if [ "$ipv6_redir" = "未开启" ]; then
ipv6_support=已开启
ipv6_redir=已开启
setconfig ipv6_redir $ipv6_redir
setconfig ipv6_support $ipv6_support
fi
if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = nftables ]; then
[ "$cn_ipv6_route" = "未开启" ] && cn_ipv6_route=已开启 || cn_ipv6_route=未开启
setconfig cn_ipv6_route $cn_ipv6_route
else
echo -e "\033[31m当前设备缺少ipset模块或防火墙未使用nftables无法启用绕过功能\033[0m"
sleep 1
fi
set_ipv6
;;
*)
errornum
;;
esac
}

2
scripts/task.sh → scripts/menus/task.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/ash
# Copyright (C) Juewuy
#加载全局变量

884
scripts/menus/tools.sh Normal file
View File

@@ -0,0 +1,884 @@
#!/bin/sh
# Copyright (C) Juewuy
#工具脚本
#工具与优化
tools() {
ssh_tools() {
stop_iptables() {
iptables -w -t nat -D PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
ip6tables -w -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
}
[ -n "$(cat /etc/firewall.user 2>&1 | grep '启用外网访问SSH服务')" ] && ssh_ol=禁止 || ssh_ol=开启
[ -z "$ssh_port" ] && ssh_port=10022
echo "-----------------------------------------------"
echo -e "\033[33m此功能仅针对使用Openwrt系统的设备生效且不依赖服务\033[0m"
echo -e "\033[31m本功能不支持红米AX6S等镜像化系统设备请勿尝试\033[0m"
echo "-----------------------------------------------"
echo -e " 1 \033[32m修改\033[0m外网访问端口\033[36m$ssh_port\033[0m"
echo -e " 2 \033[32m修改\033[0mSSH访问密码(请连续输入2次后回车)"
echo -e " 3 \033[33m$ssh_ol\033[0m外网访问SSH"
echo "-----------------------------------------------"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
read -p "请输入端口号(1000-65535) > " num
if [ -z "$num" ]; then
errornum
elif [ $num -gt 65535 -o $num -le 999 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1000-65535)\033[0m"
elif [ -n "$(netstat -ntul | grep :$num)" ]; then
echo -e "\033[31m当前端口已被其他进程占用请重新输入\033[0m"
else
ssh_port=$num
setconfig ssh_port $ssh_port
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
stop_iptables
echo -e "\033[32m设置成功请重新开启外网访问SSH功能\033[0m"
fi
sleep 1
ssh_tools
;;
2)
passwd
sleep 1
ssh_tools
;;
3)
if [ "$ssh_ol" = "开启" ]; then
iptables -w -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
[ -n "$(ckcmd ip6tables)" ] && ip6tables -w -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
echo "iptables -w -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >>/etc/firewall.user
[ -n "$(ckcmd ip6tables)" ] && echo "ip6tables -w -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >>/etc/firewall.user
echo "-----------------------------------------------"
echo -e "已开启外网访问SSH功能"
else
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
stop_iptables
echo "-----------------------------------------------"
echo -e "已禁止外网访问SSH"
fi
;;
*)
errornum
;;
esac
}
#获取设置默认显示
grep -qE "^\s*[^#].*otapredownload" /etc/crontabs/root >/dev/null 2>&1 && mi_update=禁用 || mi_update=启用
[ "$mi_mi_autoSSH" = "已配置" ] && mi_mi_autoSSH_type=32m已配置 || mi_mi_autoSSH_type=31m未配置
[ -f "$CRASHDIR"/tools/tun.ko ] && mi_tunfix=32m已启用 || mi_tunfix=31m未启用
#
echo "-----------------------------------------------"
echo -e "\033[30;47m欢迎使用其他工具菜单\033[0m"
echo -e "\033[33m本页工具可能无法兼容全部Linux设备请酌情使用\033[0m"
echo -e "磁盘占用/所在目录:"
du -sh "$CRASHDIR"
echo "-----------------------------------------------"
echo -e " 1 ShellCrash\033[33m测试菜单\033[0m"
echo -e " 2 ShellCrash\033[32m新手引导\033[0m"
echo -e " 3 \033[36m日志及推送工具\033[0m"
[ -f /etc/firewall.user ] && echo -e " 4 \033[32m配置\033[0m外网访问SSH"
[ -x /usr/sbin/otapredownload ] && echo -e " 5 \033[33m$mi_update\033[0m小米系统自动更新"
[ "$systype" = "mi_snapshot" ] && echo -e " 6 小米设备软固化SSH ———— \033[$mi_mi_autoSSH_type \033[0m"
[ "$systype" = "mi_snapshot" ] && echo -e " 8 小米设备Tun模块修复 ———— \033[$mi_tunfix \033[0m"
echo "-----------------------------------------------"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
if [ -z "$num" ]; then
errornum
elif [ "$num" = 0 ]; then
i=
elif [ "$num" = 1 ]; then
testcommand
elif [ "$num" = 2 ]; then
userguide
elif [ "$num" = 3 ]; then
log_pusher
tools
elif [ "$num" = 4 ]; then
ssh_tools
sleep 1
tools
elif [ "$num" = 7 ]; then
echo "-----------------------------------------------"
if [ ! -f "$CRASHDIR"/tools/ShellDDNS.sh ]; then
echo -e "正在获取在线脚本……"
"$CRASHDIR"/start.sh get_bin "$TMPDIR"/ShellDDNS.sh tools/ShellDDNS.sh
if [ "$?" = "0" ]; then
mv -f "$TMPDIR"/ShellDDNS.sh "$CRASHDIR"/tools/ShellDDNS.sh
. "$CRASHDIR"/tools/ShellDDNS.sh
else
echo -e "\033[31m文件下载失败\033[0m"
fi
else
. "$CRASHDIR"/tools/ShellDDNS.sh
fi
sleep 1
tools
elif [ -x /usr/sbin/otapredownload ] && [ "$num" = 5 ]; then
if [ "$mi_update" = "禁用" ]; then
grep -q "otapredownload" /etc/crontabs/root &&
sed -i "/^[^\#]*otapredownload/ s/^/#/" /etc/crontabs/root ||
echo "#15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >>/etc/crontabs/root
else
grep -q "otapredownload" /etc/crontabs/root &&
sed -i "/^\s*#.*otapredownload/ s/^\s*#//" /etc/crontabs/root ||
echo "15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >>/etc/crontabs/root
fi
echo "-----------------------------------------------"
echo -e "已\033[33m$mi_update\033[0m小米路由器的自动更新如未生效请在官方APP中同步设置"
sleep 1
tools
elif [ "$num" = 6 ]; then
if [ "$systype" = "mi_snapshot" ]; then
mi_autoSSH
else
echo "不支持的设备!"
fi
tools
elif [ "$num" = 8 ]; then
if [ -f "$CRASHDIR"/tools/tun.ko ]; then
read -p "是否禁用此功能并移除相关补丁?(1/0) > " res
[ "$res" = 1 ] && {
rm -rf "$CRASHDIR"/tools/tun.ko
echo -e "\033[33m补丁文件已移除请立即重启设备以防止出错\033[0m"
}
elif ckcmd modinfo && [ -z "$(modinfo tun)" ]; then
echo -e "\033[33m本功能需要修改系统文件不保证没有任何风险\033[0m"
echo -e "\033[33m本功能采集的Tun模块并不一定适用于你的设备\033[0m"
sleep 1
read -p "我已知晓,出现问题会自行承担!(1/0) > " res
if [ "$res" = 1 ]; then
echo "-----------------------------------------------"
echo "正在连接服务器获取Tun模块补丁文件…………"
"$CRASHDIR"/start.sh get_bin "$TMPDIR"/tun.ko bin/fix/tun.ko
if [ "$?" = "0" ]; then
mv -f "$TMPDIR"/tun.ko "$CRASHDIR"/tools/tun.ko &&
"$CRASHDIR"/misnap_init.sh tunfix &&
echo -e "\033[32m设置成功请重启服务\033[0m"
else
echo -e "\033[31m文件下载失败请重试\033[0m"
fi
fi
else
echo -e "\033[31m当前设备无需设置请勿尝试\033[0m"
sleep 1
fi
tools
else
errornum
fi
}
mi_autoSSH() {
echo "-----------------------------------------------"
echo -e "\033[33m本功能使用软件命令进行固化不保证100%成功!\033[0m"
echo -e "\033[33m如有问题请加群反馈\033[36;4mhttps://t.me/ShellClash\033[0m"
read -p "请输入需要还原的SSH密码(不影响当前密码,回车可跳过) > " mi_mi_autoSSH_pwd
mi_mi_autoSSH=已配置
cp -f /etc/dropbear/dropbear_rsa_host_key "$CRASHDIR"/configs/dropbear_rsa_host_key 2>/dev/null
cp -f /etc/dropbear/authorized_keys "$CRASHDIR"/configs/authorized_keys 2>/dev/null
ckcmd nvram && {
nvram set ssh_en=1
nvram set telnet_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram commit
}
echo -e "\033[32m设置成功\033[0m"
setconfig mi_mi_autoSSH $mi_mi_autoSSH
setconfig mi_mi_autoSSH_pwd $mi_mi_autoSSH_pwd
sleep 1
}
#日志菜单
log_pusher() {
[ -n "$push_TG" ] && stat_TG=32m已启用 || stat_TG=33m未启用
[ -n "$push_Deer" ] && stat_Deer=32m已启用 || stat_Deer=33m未启用
[ -n "$push_bark" ] && stat_bark=32m已启用 || stat_bark=33m未启用
[ -n "$push_Po" ] && stat_Po=32m已启用 || stat_Po=33m未启用
[ -n "$push_PP" ] && stat_PP=32m已启用 || stat_PP=33m未启用
[ -n "$push_SynoChat" ] && stat_SynoChat=32m已启用 || stat_SynoChat=33m未启用
[ -n "$push_Gotify" ] && stat_Gotify=32m已启用 || stat_Gotify=33m未启用
[ "$task_push" = 1 ] && stat_task=32m已启用 || stat_task=33m未启用
[ -n "$device_name" ] && device_s=32m$device_name || device_s=33m未设置
echo "-----------------------------------------------"
echo -e " 1 Telegram推送 ——\033[$stat_TG\033[0m"
echo -e " 2 PushDeer推送 ——\033[$stat_Deer\033[0m"
echo -e " 3 Bark推送-IOS ——\033[$stat_bark\033[0m"
echo -e " 4 Passover推送 ——\033[$stat_Po\033[0m"
echo -e " 5 PushPlus推送 ——\033[$stat_PP\033[0m"
echo -e " 6 SynoChat推送 ——\033[$stat_SynoChat\033[0m"
echo -e " 7 Gotify推送 ——\033[$stat_Gotify\033[0m"
echo "-----------------------------------------------"
echo -e " a 查看\033[36m运行日志\033[0m"
echo -e " b 推送任务日志 ——\033[$stat_task\033[0m"
echo -e " c 设置设备名称 ——\033[$device_s\033[0m"
echo -e " d 清空日志文件"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
a)
if [ -s "$TMPDIR"/ShellCrash.log ]; then
echo "-----------------------------------------------"
cat "$TMPDIR"/ShellCrash.log
exit 0
else
echo -e "\033[31m未找到相关日志\033[0m"
fi
sleep 1
;;
1)
echo "-----------------------------------------------"
if [ -n "$push_TG" ]; then
read -p "确认关闭TG日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_TG=
chat_ID=
setconfig push_TG
setconfig chat_ID
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
private_bot() {
echo -e "请先通过 \033[32;4mhttps://t.me/BotFather\033[0m 申请TG机器人并获取其\033[36mAPI TOKEN\033[0m"
echo "-----------------------------------------------"
read -p "请输入你获取到的API TOKEN > " TOKEN
echo "-----------------------------------------------"
echo -e "请向\033[32m你申请的机器人\033[33m而不是BotFather\033[0m"
url_tg=https://api.telegram.org/bot${TOKEN}/getUpdates
}
public_bot() {
echo -e "请向机器人:\033[32;4mhttps://t.me/ShellCrashtg_bot\033[0m"
TOKEN=publictoken
url_tg=https://tgbot.jwsc.eu.org/publictoken/getUpdates
}
set_bot() {
echo -e "发送此秘钥: \033[30;46m$public_key\033[0m"
echo "-----------------------------------------------"
read -p "我已经发送完成(1/0) > " res
if [ "$res" = 1 ]; then
[ -n "$authentication" ] && auth="$authentication@"
export https_proxy="http://${auth}127.0.0.1:$mix_port"
if curl --version >/dev/null 2>&1; then
chat=$(curl -kfsSl $url_tg 2>/dev/null)
else
chat=$(wget -Y on -q -O - $url_tg)
fi
[ -n "$chat" ] && chat_ID=$(echo $chat | sed 's/"update_id":/{\n"update_id":/g' | grep "$public_key" | head -n1 | grep -oE '"id":.*,"is_bot' | sed s'/"id"://' | sed s'/,"is_bot//')
[ -z "$chat_ID" ] && {
echo -e "\033[31m无法获取对话ID请返回重新设置或手动输入ChatID\033[0m"
echo -e "通常访问 \033[32;4m$url_tg\033[0m \n\033[36m即可看到ChatID\033[0m"
read -p "请手动输入ChatID > " chat_ID
}
if echo "$chat_ID" | grep -qE '^[0-9]{8,}$'; then
push_TG=$TOKEN
setconfig push_TG $TOKEN
setconfig chat_ID $chat_ID
"$CRASHDIR"/start.sh logger "已完成Telegram日志推送设置" 32
else
echo -e "\033[31m无法获取对话ID请重新配置\033[0m"
sleep 1
chose_bot
fi
fi
}
chose_bot() {
public_key=$(cat /proc/sys/kernel/random/boot_id | sed 's/.*-//')
echo "-----------------------------------------------"
echo -e " 1 使用公共机器人 ——不依赖内核服务"
echo -e " 2 使用私人机器人 ——需要额外申请"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case $num in
1)
public_bot
set_bot
;;
2)
private_bot
set_bot
;;
*)
errornum
;;
esac
}
chose_bot
fi
sleep 1
log_pusher
;;
2)
echo "-----------------------------------------------"
if [ -n "$push_Deer" ]; then
read -p "确认关闭PushDeer日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_Deer=
setconfig push_Deer
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先前往 \033[32;4mhttp://www.pushdeer.com/official.html\033[0m 扫码安装快应用或下载APP"
echo -e "打开快应用/APP并完成登陆"
echo -e "\033[33m切换到「设备」标签页点击右上角的加号注册当前设备\033[0m"
echo -e "\033[36m切换到「秘钥」标签页点击右上角的加号创建一个秘钥并复制\033[0m"
echo "-----------------------------------------------"
read -p "请输入你复制的秘钥 > " url
if [ -n "$url" ]; then
push_Deer=$url
setconfig push_Deer $url
"$CRASHDIR"/start.sh logger "已完成PushDeer日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
sleep 1
fi
log_pusher
;;
3)
echo "-----------------------------------------------"
if [ -n "$push_bark" ]; then
read -p "确认关闭Bark日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_bark=
bark_param=
setconfig push_bark
setconfig bark_param
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "\033[33mBark推送仅支持IOS系统其他平台请使用其他推送方式\033[0m"
echo -e "\033[32m请安装Bark-IOS客户端并在客户端中找到专属推送链接\033[0m"
echo "-----------------------------------------------"
read -p "请输入你的Bark推送链接 > " url
if [ -n "$url" ]; then
push_bark=$url
setconfig push_bark $url
"$CRASHDIR"/start.sh logger "已完成Bark日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
sleep 1
fi
log_pusher
;;
4)
echo "-----------------------------------------------"
if [ -n "$push_Po" ]; then
read -p "确认关闭Pushover日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_Po=
push_Po_key=
setconfig push_Po
setconfig push_Po_key
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先通过 \033[32;4mhttps://pushover.net/\033[0m 注册账号并获取\033[36mUser Key\033[0m"
echo "-----------------------------------------------"
read -p "请输入你的User Key > " key
if [ -n "$key" ]; then
echo "-----------------------------------------------"
echo -e "\033[33m请检查注册邮箱完成账户验证\033[0m"
read -p "我已经验证完成(1/0) > "
echo "-----------------------------------------------"
echo -e "请通过 \033[32;4mhttps://pushover.net/apps/build\033[0m 生成\033[36mAPI Token\033[0m"
echo "-----------------------------------------------"
read -p "请输入你的API Token > " Token
if [ -n "$Token" ]; then
push_Po=$Token
push_Po_key=$key
setconfig push_Po $Token
setconfig push_Po_key $key
"$CRASHDIR"/start.sh logger "已完成Passover日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
fi
sleep 1
log_pusher
;;
5)
echo "-----------------------------------------------"
if [ -n "$push_PP" ]; then
read -p "确认关闭PushPlus日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_PP=
setconfig push_PP
}
else
#echo -e "\033[33m详细设置指南请参考 https://juewuy.github.io/ \033[0m"
echo -e "请先通过 \033[32;4mhttps://www.pushplus.plus/push1.html\033[0m 注册账号并获取\033[36mtoken\033[0m"
echo "-----------------------------------------------"
read -p "请输入你的token > " Token
if [ -n "$Token" ]; then
push_PP=$Token
setconfig push_PP $Token
"$CRASHDIR"/start.sh logger "已完成PushPlus日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
fi
sleep 1
log_pusher
;;
6)
echo "-----------------------------------------------"
if [ -n "$push_SynoChat" ]; then
read -p "确认关闭SynoChat日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_SynoChat=
setconfig push_SynoChat
}
else
echo "-----------------------------------------------"
read -p "请输入你的Synology DSM主页地址 > " URL
echo "-----------------------------------------------"
read -p "请输入你的Synology Chat Token > " TOKEN
echo "-----------------------------------------------"
echo -e '请通过"你的群晖地址/webapi/entry.cgi?api=SYNO.Chat.External&method=user_list&version=2&token=你的TOKEN"获取user_id'
echo "-----------------------------------------------"
read -p "请输入你的user_id > " USERID
if [ -n "$URL" ]; then
push_SynoChat=$USERID
setconfig push_SynoChat $USERID
setconfig push_ChatURL $URL
setconfig push_ChatTOKEN $TOKEN
setconfig push_ChatUSERID $USERID
"$CRASHDIR"/start.sh logger "已完成SynoChat日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
setconfig push_ChatURL
setconfig push_ChatTOKEN
setconfig push_ChatUSERID
push_SynoChat=
setconfig push_SynoChat
fi
fi
sleep 1
log_pusher
;;
# 在menu.sh的case $num in代码块中添加
7)
echo "-----------------------------------------------"
if [ -n "$push_Gotify" ]; then
read -p "确认关闭Gotify日志推送(1/0) > " res
[ "$res" = 1 ] && {
push_Gotify=
setconfig push_Gotify
}
else
echo -e "请先通过Gotify服务器获取推送URL"
echo -e "格式示例: https://gotify.example.com/message?token=你的应用令牌"
echo "-----------------------------------------------"
read -p "请输入你的Gotify推送URL > " url
if [ -n "$url" ]; then
push_Gotify=$url
setconfig push_Gotify "$url"
"$CRASHDIR"/start.sh logger "已完成Gotify日志推送设置" 32
else
echo -e "\033[31m输入错误请重新输入\033[0m"
fi
fi
sleep 1
log_pusher
;;
b)
[ "$task_push" = 1 ] && task_push='' || task_push=1
setconfig task_push $task_push
sleep 1
log_pusher
;;
c)
read -p "请输入本设备自定义推送名称 > " device_name
setconfig device_name $device_name
sleep 1
log_pusher
;;
d)
echo -e "\033[33m运行日志及任务日志均已清空\033[0m"
rm -rf "$TMPDIR"/ShellCrash.log
sleep 1
log_pusher
;;
*) errornum ;;
esac
}
#新手引导
userguide(){
forwhat(){
echo "-----------------------------------------------"
echo -e "\033[30;46m 欢迎使用ShellCrash新手引导 \033[0m"
echo "-----------------------------------------------"
echo -e "\033[33m请先选择你的使用环境 \033[0m"
echo -e "\033[0m(你之后依然可以在设置中更改各种配置)\033[0m"
echo "-----------------------------------------------"
echo -e " 1 \033[32m路由设备配置局域网透明代理\033[0m"
echo -e " 2 \033[36mLinux设备仅配置本机代理\033[0m"
[ -f "$CFG_PATH.bak" ] && echo -e " 3 \033[33m还原之前备份的设置\033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
1)
#设置运行模式
redir_mod="混合模式"
[ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && {
if grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then
redir_mod="Tproxy模式"
else
redir_mod="Redir模式"
fi
}
setconfig crashcore "meta"
setconfig redir_mod "$redir_mod"
setconfig dns_mod mix
setconfig firewall_area '1'
#默认启用绕过CN-IP
setconfig cn_ip_route 已开启
#自动识别IPV6
[ -n "$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g')" ] && {
setconfig ipv6_redir 已开启
setconfig ipv6_support 已开启
setconfig ipv6_dns 已开启
setconfig cn_ipv6_route 已开启
}
#设置开机启动
[ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable
ckcmd systemctl && [ "$(cat /proc/1/comm)" = "systemd" ] && systemctl enable shellcrash.service > /dev/null 2>&1
rm -rf "$CRASHDIR"/.dis_startup
autostart=enable
#检测IP转发
if [ "$(cat /proc/sys/net/ipv4/ip_forward)" = "0" ];then
echo "-----------------------------------------------"
echo -e "\033[33m检测到你的设备尚未开启ip转发局域网设备将无法正常连接网络是否立即开启\033[0m"
read -p "是否开启?(1/0) > " res
[ "$res" = 1 ] && {
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1
} && echo "已成功开启ipv4转发如未正常开启请手动重启设备" || echo "开启失败!请自行谷歌查找当前设备的开启方法!"
fi
#禁止docker启用的net.bridge.bridge-nf-call-iptables
sysctl -w net.bridge.bridge-nf-call-iptables=0 > /dev/null 2>&1
sysctl -w net.bridge.bridge-nf-call-ip6tables=0 > /dev/null 2>&1
;;
2)
setconfig redir_mod "Redir模式"
[ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && setconfig crashcore "clash"
setconfig common_ports "未开启"
setconfig firewall_area '2'
;;
3)
mv -f $CFG_PATH.bak $CFG_PATH
echo -e "\033[32m脚本设置已还原\033[0m"
echo -e "\033[33m请重新启动脚本\033[0m"
exit 0
;;
*)
errornum
forwhat
;;
esac
}
forwhat
#检测小内存模式
dir_size=$(dir_avail "$CRASHDIR")
if [ "$dir_size" -lt 10240 ];then
echo "-----------------------------------------------"
echo -e "\033[33m检测到你的安装目录空间不足10M是否开启小闪存模式\033[0m"
echo -e "\033[0m开启后核心及数据库文件将被下载到内存中这将占用一部分内存空间\033[0m"
echo -e "\033[0m每次开机后首次运行服务时都会自动的重新下载相关文件\033[0m"
echo "-----------------------------------------------"
read -p "是否开启?(1/0) > " res
[ "$res" = 1 ] && {
BINDIR=/tmp/ShellCrash
setconfig BINDIR /tmp/ShellCrash "$CRASHDIR"/configs/command.env
}
fi
#检测及下载根证书
openssldir="$(openssl version -d 2>&1 | awk -F '"' '{print $2}')"
[ ! -d "$openssldir/certs" ] && openssldir=/etc/ssl
if [ -d $openssldir/certs -a ! -f $openssldir/certs/ca-certificates.crt ];then
echo "-----------------------------------------------"
echo -e "\033[33m当前设备未找到根证书文件\033[0m"
echo "-----------------------------------------------"
read -p "是否下载并安装根证书?(1/0) > " res
[ "$res" = 1 ] && checkupdate && getcrt
fi
#设置加密DNS
if [ -s $openssldir/certs/ca-certificates.crt ];then
dns_nameserver='https://dns.alidns.com/dns-query, https://doh.pub/dns-query'
dns_fallback='https://cloudflare-dns.com/dns-query, https://dns.google/dns-query, https://doh.opendns.com/dns-query'
dns_resolver='https://223.5.5.5/dns-query, 2400:3200::1'
setconfig dns_nameserver "'$dns_nameserver'"
setconfig dns_fallback "'$dns_fallback'"
setconfig dns_resolver "'$dns_resolver'"
fi
#开启公网访问
sethost(){
read -p "请输入你的公网IP地址 > " host
echo $host | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
if [ -z "$host" ];then
echo -e "\033[31m请输入正确的IP地址\033[0m"
sethost
fi
}
if ckcmd systemctl;then
echo "-----------------------------------------------"
echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务\033[0m"
echo -e "注意当前设备必须有公网IP才能从公网正常访问"
echo -e "\033[31m此功能会增加暴露风险请谨慎使用\033[0m"
echo -e "vps设备可能还需要额外在服务商后台开启相关端口"
read -p "现在开启?(1/0) > " res
if [ "$res" = 1 ];then
read -p "请先设置面板访问秘钥 > " secret
read -p "请先修改Socks服务端口(1-65535) > " mix_port
read -p "请先设置Socks服务密码(账号默认为crash) > " sec
[ -z "$sec" ] && authentication=crash:$sec
host=$(curl ip.sb 2>/dev/null | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ -z "$host" ];then
sethost
fi
public_support=已开启
setconfig secret $secret
setconfig mix_port $mix_port
setconfig host $host
setconfig public_support $public_support
setconfig authentication "'$authentication'"
fi
fi
#启用推荐的自动任务配置
. "$CRASHDIR"/task/task.sh && task_recom
#小米设备软固化
if [ "$systype" = "mi_snapshot" ];then
echo "-----------------------------------------------"
echo -e "\033[33m检测到为小米路由设备启用软固化可防止路由升级后丢失SSH\033[0m"
read -p "是否启用软固化功能?(1/0) > " res
[ "$res" = 1 ] && mi_autoSSH
fi
#提示导入订阅或者配置文件
[ ! -s "$CRASHDIR"/yamls/config.yaml -a ! -s "$CRASHDIR"/jsons/config.json ] && {
echo "-----------------------------------------------"
echo -e "\033[32m是否导入配置文件\033[0m(这是运行前的最后一步)"
echo -e "\033[0m你必须拥有一份配置文件才能运行服务\033[0m"
echo "-----------------------------------------------"
read -p "现在开始导入?(1/0) > " res
[ "$res" = 1 ] && inuserguide=1 && {
if [ -f "$CRASHDIR"/v2b_api.sh ];then
. "$CRASHDIR"/v2b_api.sh
else
set_core_config
fi
set_core_config
inuserguide=""
}
}
#回到主界面
echo "-----------------------------------------------"
echo -e "\033[36m很好现在只需要执行启动就可以愉快的使用了\033[0m"
echo "-----------------------------------------------"
read -p "立即启动服务?(1/0) > " res
[ "$res" = 1 ] && start_core && sleep 2
main_menu
}
#测试菜单
testcommand(){
echo "$crashcore" | grep -q 'singbox' && config_path=${JSONSDIR}/config.json || config_path=${YAMLSDIR}/config.yaml
echo "-----------------------------------------------"
echo -e "\033[30;47m这里是测试命令菜单\033[0m"
echo -e "\033[33m如遇问题尽量运行相应命令后截图提交issue或TG讨论组\033[0m"
echo "-----------------------------------------------"
echo " 1 Debug模式运行内核"
echo " 2 查看系统DNS端口(:53)占用 "
echo " 3 测试ssl加密(aes-128-gcm)跑分"
echo " 4 查看ShellCrash相关路由规则"
echo " 5 查看内核配置文件前40行"
echo " 6 测试代理服务器连通性(google.tw)"
echo "-----------------------------------------------"
echo " 0 返回上级目录!"
read -p "请输入对应数字 > " num
case "$num" in
0)
main_menu
;;
1)
debug
testcommand
;;
2)
echo "-----------------------------------------------"
netstat -ntulp |grep 53
echo "-----------------------------------------------"
echo -e "可以使用\033[44m netstat -ntulp |grep xxx \033[0m来查询任意(xxx)端口"
exit;
;;
3)
echo "-----------------------------------------------"
openssl speed -multi 4 -evp aes-128-gcm
echo "-----------------------------------------------"
exit;
;;
4)
if [ "$firewall_mod" = "nftables" ];then
nft list table inet shellcrash
else
[ "$firewall_area" = 1 -o "$firewall_area" = 3 -o "$firewall_area" = 5 -o "$vm_redir" = "已开启" ] && {
echo "----------------Redir+DNS---------------------"
iptables -t nat -L PREROUTING --line-numbers
iptables -t nat -L shellcrash_dns --line-numbers
[ -n "$(echo $redir_mod | grep -E 'Redir模式|混合模式')" ] && iptables -t nat -L shellcrash --line-numbers
[ -n "$(echo $redir_mod | grep -E 'Tproxy模式|混合模式|Tun模式')" ] && {
echo "----------------Tun/Tproxy-------------------"
iptables -t mangle -L PREROUTING --line-numbers
iptables -t mangle -L shellcrash_mark --line-numbers
}
}
[ "$firewall_area" = 2 -o "$firewall_area" = 3 ] && {
echo "-------------OUTPUT-Redir+DNS----------------"
iptables -t nat -L OUTPUT --line-numbers
iptables -t nat -L shellcrash_dns_out --line-numbers
[ -n "$(echo $redir_mod | grep -E 'Redir模式|混合模式')" ] && iptables -t nat -L shellcrash_out --line-numbers
[ -n "$(echo $redir_mod | grep -E 'Tproxy模式|混合模式|Tun模式')" ] && {
echo "------------OUTPUT-Tun/Tproxy---------------"
iptables -t mangle -L OUTPUT --line-numbers
iptables -t mangle -L shellcrash_mark_out --line-numbers
}
}
[ "$ipv6_redir" = "已开启" ] && {
[ "$firewall_area" = 1 -o "$firewall_area" = 3 ] && {
ip6tables -t nat -L >/dev/null 2>&1 && {
echo "-------------IPV6-Redir+DNS-------------------"
ip6tables -t nat -L PREROUTING --line-numbers
ip6tables -t nat -L shellcrashv6_dns --line-numbers
[ -n "$(echo $redir_mod | grep -E 'Redir模式|混合模式')" ] && ip6tables -t nat -L shellcrashv6 --line-numbers
}
[ -n "$(echo $redir_mod | grep -E 'Tproxy模式|混合模式|Tun模式')" ] && {
echo "-------------IPV6-Tun/Tproxy------------------"
ip6tables -t mangle -L PREROUTING --line-numbers
ip6tables -t mangle -L shellcrashv6_mark --line-numbers
}
}
}
[ "$vm_redir" = "已开启" ] && {
echo "-------------vm-Redir-------------------"
iptables -t nat -L shellcrash_vm --line-numbers
iptables -t nat -L shellcrash_vm_dns --line-numbers
}
fi
exit;
;;
5)
echo "-----------------------------------------------"
sed -n '1,40p' ${config_path}
echo "-----------------------------------------------"
exit;
;;
6)
echo "注意依赖curl(不支持wget),且测试结果不保证一定准确!"
delay=`curl -kx ${authentication}@127.0.0.1:$mix_port -o /dev/null -s -w '%{time_starttransfer}' 'https://google.tw' & { sleep 3 ; kill $! >/dev/null 2>&1 & }` > /dev/null 2>&1
delay=`echo |awk "{print $delay*1000}"` > /dev/null 2>&1
echo "-----------------------------------------------"
if [ `echo ${#delay}` -gt 1 ];then
echo -e "\033[32m连接成功响应时间为"$delay" ms\033[0m"
else
echo -e "\033[31m连接超时请重试或检查节点配置\033[0m"
fi
main_menu
;;
*)
errornum
main_menu
;;
esac
}
debug(){
echo "$crashcore" | grep -q 'singbox' && config_tmp="$TMPDIR"/jsons || config_tmp="$TMPDIR"/config.yaml
echo "-----------------------------------------------"
echo -e "\033[36m注意Debug运行均会停止原本的内核服务\033[0m"
echo -e "后台运行日志地址:\033[32m$TMPDIR/debug.log\033[0m"
echo -e "如长时间运行后台监测日志等级推荐error防止文件过大"
echo -e "你也可以通过:\033[33mcrash -s debug 'warning'\033[0m 命令使用其他日志等级"
echo "-----------------------------------------------"
echo -e " 1 仅测试\033[32m$config_tmp\033[0m配置文件可用性"
echo -e " 2 前台运行\033[32m$config_tmp\033[0m配置文件,不配置防火墙劫持(\033[33m使用Ctrl+C手动停止\033[0m)"
echo -e " 3 后台运行完整启动流程,并配置防火墙劫持,日志等级:\033[31merror\033[0m"
echo -e " 4 后台运行完整启动流程,并配置防火墙劫持,日志等级:\033[32minfo\033[0m"
echo -e " 5 后台运行完整启动流程,并配置防火墙劫持,日志等级:\033[33mdebug\033[0m"
echo -e " 6 后台运行完整启动流程,并配置防火墙劫持,且将错误日志打印到闪存:\033[32m$CRASHDIR/debug.log\033[0m"
echo "-----------------------------------------------"
echo -e " 8 后台运行完整启动流程,输出执行错误并查找上下文,之后关闭进程"
[ -s "$TMPDIR"/jsons/inbounds.json ] && echo -e " 9 将\033[32m$config_tmp\033[0m下json文件合并为$TMPDIR/debug.json"
echo "-----------------------------------------------"
echo " 0 返回上级目录!"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
"$CRASHDIR"/start.sh stop
"$CRASHDIR"/start.sh bfstart
if echo "$crashcore" | grep -q 'singbox' ;then
"$TMPDIR"/CrashCore run -D "$BINDIR" -C "$TMPDIR"/jsons &
{ sleep 4 ; kill $! >/dev/null 2>&1 & }
wait
else
"$TMPDIR"/CrashCore -t -d "$BINDIR" -f "$TMPDIR"/config.yaml
fi
rm -rf "$TMPDIR"/CrashCore
echo "-----------------------------------------------"
exit
;;
2)
"$CRASHDIR"/start.sh stop
"$CRASHDIR"/start.sh bfstart
"$COMMAND"
rm -rf "$TMPDIR"/CrashCore
echo "-----------------------------------------------"
exit
;;
3)
"$CRASHDIR"/start.sh debug error
main_menu
;;
4)
"$CRASHDIR"/start.sh debug info
main_menu
;;
5)
"$CRASHDIR"/start.sh debug debug
main_menu
;;
6)
echo -e "频繁写入闪存会导致闪存寿命降低如非遇到会导致设备死机或重启的bug请勿使用此功能"
read -p "是否继续?(1/0) > " res
[ "$res" = 1 ] && "$CRASHDIR"/start.sh debug debug flash
main_menu
;;
8)
$0 -d
main_menu
;;
9)
"$CRASHDIR"/start.sh core_check && "$TMPDIR"/CrashCore merge "$TMPDIR"/debug.json -C "$TMPDIR"/jsons && echo -e "\033[32m合并成功\033[0m"
rm -rf "$TMPDIR"/CrashCore
main_menu
;;
*)
errornum
;;
esac
}

1079
scripts/menus/upgrade.sh Normal file
View File

File diff suppressed because it is too large Load Diff

16
scripts/start.sh
View File

@@ -10,6 +10,9 @@ CRASHDIR=$(
. "$CRASHDIR"/configs/command.env >/dev/null 2>&1
[ -z "$BINDIR" -o -z "$TMPDIR" -o -z "$COMMAND" ] && . "$CRASHDIR"/init.sh >/dev/null 2>&1
[ ! -f "$TMPDIR" ] && mkdir -p "$TMPDIR"
#加载工具
. "$CRASHDIR"/libs/set_config.sh
. "$CRASHDIR"/libs/check_cmd.sh
#脚本内部工具
getconfig() { #读取配置及全局变量
@@ -66,18 +69,7 @@ getconfig() { #读取配置及全局变量
}
[ "$user_agent" = "none" ] && unset user_agent
}
setconfig() { #脚本配置工具
#参数1代表变量名参数2代表变量值,参数3即文件路径
[ -z "$3" ] && configpath="$CRASHDIR"/configs/ShellCrash.cfg || configpath="${3}"
if grep -q "^${1}=" "$configpath"; then
sed -i "s#^${1}=.*#${1}=${2}#g" "$configpath"
else
printf '%s=%s\n' "$1" "$2" >>"$configpath"
fi
}
ckcmd() { #检查命令是否存在
command -v sh >/dev/null 2>&1 && command -v "$1" >/dev/null 2>&1 || type "$1" >/dev/null 2>&1
}
ckgeo() { #查找及下载Geo数据文件
[ ! -d "$BINDIR"/ruleset ] && mkdir -p "$BINDIR"/ruleset
find --help 2>&1 | grep -q size && find_para=' -size +20' #find命令兼容

1206
scripts/webget.sh
View File

File diff suppressed because it is too large Load Diff