xm/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2026-03-10 23:41:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

~优化dns菜单,移除fake-ip模式,并将部分原进阶选项移动至dns主菜单

Browse Source 
~优化tg-bot绑定流程,增加循环检测对话ID机制
~优化tg-bot启动逻辑,现在不会随着内核服务重启而重启进而导致死循环
~优化公网防火墙功能,增加一键清空功能,增加vmess和ss端口的额外显示
~优化vmess和ss的界面逻辑,增加vmess一键生成时的混淆host输入
~修复因为未选择ss加密类型而导致启动失败的bug
~修复小米/网件镜像化设备重启后服务丢失的bug
~修复因为切换vmess和ss端口导致公网防火墙启动报错的bug
~修复6-5设置定时任务报错的bug
This commit is contained in:
juewuy
2025-12-28 21:15:34 +08:00
parent ad19f96138
commit c9cb6d41ac
20 changed files with 127 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/menus/1_start.sh
View File

@@ -29,7 +29,11 @@ start_core() {
"$CRASHDIR"/start.sh start
#设置循环检测以判定服务启动是否成功
. "$CRASHDIR"/libs/start_wait.sh
[ -n "$test" -o -n "$(pidof CrashCore)" ] && startover
[ -n "$test" -o -n "$(pidof CrashCore)" ] && {
#启动TG机器人
[ "$bot_tg_service" = ON ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_start
startover
}
else
echo -e "\033[31m没有找到${crashcore}配置文件,请先导入配置文件!\033[0m"
. "$CRASHDIR"/webget.sh && set_core_config

3
scripts/menus/2_settings.sh
View File

@@ -288,7 +288,6 @@ set_fw_filter(){ #流量过滤
echo -e " 1 过滤非常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量"
echo -e " 2 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤"
echo -e " 3 过滤QUIC协议: \033[36m$quic_rj\033[0m ————优化视频性能"
[ "$dns_mod" != "fake-ip" ] &&
echo -e " 4 过滤CN_IP(6)列表: \033[36m$cn_ip_route\033[0m ————优化性能不兼容Fake-ip"
echo -e " 5 自定义透明路由ipv4网段: 适合vlan等复杂网络环境"
echo -e " 6 自定义保留地址ipv4网段: 需要以保留地址为访问目标的环境"
@@ -303,7 +302,7 @@ set_fw_filter(){ #流量过滤
set_common_ports() {
if [ "$common_ports" = "未开启" ]; then
echo -e "\033[33m当前代理端口为$multiport】\033[0m"
echo -e "\033[31m注意fake-ip模式下,非常用端口的域名连接将不受影响!!\033[0m"
echo -e "\033[31m注意MIX模式下,非常用端口的域名连接将不受影响!!\033[0m"
read -p "是否修改默认端口?(1/0) > " res
[ "$res" = "1" ] && {
read -p "请输入自定义端口,注意用小写逗号分隔 > " text

2
scripts/menus/6_core_config.sh
View File

@@ -1095,7 +1095,7 @@ set_core_config(){ #配置文件功能
exit
;;
5)
. ${CRASHDIR}/task/task.sh && task_menu
. ${CRASHDIR}/menus/task.sh && task_menu
set_core_config
;;
6)

59
scripts/menus/7_gateway.sh
View File

@@ -70,12 +70,15 @@ set_fw_wan() {
echo "-----------------------------------------------"
echo -e "\033[31m注意\033[0m如在vps运行还需在vps安全策略对相关端口同时放行"
[ -n "$fw_wan_ports" ] &&
echo -e "当前放行端口:\033[36m$fw_wan_ports\033[0m"
echo -e "当前手动放行端口:\033[36m$fw_wan_ports\033[0m"
[ -n "$vms_port$sss_port" ] &&
echo -e "当前自动放行端口:\033[36m$vms_port $sss_port\033[0m"
echo -e "默认拦截端口:\033[33m$dns_port,$mix_port,$db_port\033[0m"
echo "-----------------------------------------------"
echo -e " 1 启用/关闭公网防火墙: \033[36m$fw_wan\033[0m"
echo -e " 2 添加放行端口(可包含默认拦截端口)"
echo -e " 3 移除指定放行端口"
echo -e " 3 移除指定手动放行端口"
echo -e " 4 清空全部手动放行端口"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
@@ -122,10 +125,16 @@ set_fw_wan() {
fi
sleep 1
set_fw_wan
;;
;;
4)
fw_wan_ports=''
setconfig fw_wan_ports
sleep 1
set_fw_wan
;;
*)
errornum
;;
;;
esac
}
#tg_BOT相关
@@ -221,19 +230,24 @@ set_vmess(){
echo -e " 4 设置\033[36m秘钥-uuid\033[0m \033[36m$vms_uuid\033[0m"
echo -e " 5 一键生成\033[32m随机秘钥\033[0m"
gen_base64 1 >/dev/null 2>&1 &&
echo -e " 6 一键生成分享链接"
echo -e " 6 一键生成\033[36m分享链接\033[0m"
echo -e " 0 返回上级菜单 \033[0m"
echo "-----------------------------------------------"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ -n "$vms_port" ] && [ -n "$vms_uuid" ];then
[ "$vms_service" = ON ] && vms_service=OFF || vms_service=ON
if [ "$vms_service" = ON ];then
vms_service=OFF
setconfig vms_service "$vms_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
if [ -n "$vms_port" ] && [ -n "$vms_uuid" ];then
vms_service=OFF
setconfig vms_service "$vms_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
fi
fi
set_vmess
;;
@@ -245,8 +259,6 @@ set_vmess(){
elif check_port "$text"; then
vms_port="$text"
setconfig vms_port "$text" "$GT_CFG_PATH"
fw_wan_ports=$(echo "$fw_wan_ports,$vms_port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
else
sleep 1
fi
@@ -288,6 +300,7 @@ set_vmess(){
;;
6)
read -p "请输入本机公网IP(4/6)或域名 > " host_wan
read -p "请输入免流混淆host(可选) > " vms_host
if [ -n "$host_wan" ] && [ -n "$vms_port" ] && [ -n "$vms_uuid" ];then
[ -n "$vms_ws_path" ] && vms_net=ws
vms_json=$(cat <<EOF
@@ -300,7 +313,8 @@ set_vmess(){
"aid": "0",
"type": "auto",
"net": "$vms_net",
"path": "$vms_ws_path"
"path": "$vms_ws_path",
"host": "$vms_host"
}
EOF
)
@@ -317,7 +331,6 @@ EOF
esac
}
set_shadowsocks(){
[ -z "$sss_cipher" ] && sss_cipher='xchacha20-ietf-poly1305'
echo "-----------------------------------------------"
echo -e "\033[31m注意\033[0m设置的端口会添加到公网访问防火墙并自动放行\n 脚本只提供基础功能,更多需求请用自定义配置文件功能!"
echo "-----------------------------------------------"
@@ -334,12 +347,17 @@ set_shadowsocks(){
case "$num" in
0) ;;
1)
if [ -n "$sss_port" ] && [ -n "$sss_pwd" ];then
[ "$sss_service" = ON ] && sss_service=OFF || sss_service=ON
if [ "$sss_service" = ON ];then
sss_service=OFF
setconfig sss_service "$sss_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
if [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ];then
sss_service=OFF
setconfig sss_service "$sss_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
fi
fi
set_shadowsocks
;;
@@ -351,8 +369,6 @@ set_shadowsocks(){
elif check_port "$text"; then
sss_port="$text"
setconfig sss_port "$text" "$GT_CFG_PATH"
fw_wan_ports=$(echo "$fw_wan_ports,$sss_port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
else
sleep 1
fi
@@ -416,15 +432,14 @@ set_shadowsocks(){
sleep 1
else
read -p "请输入秘钥(输入0删除) > " text
[ "$text" = 0 ] && unset sss_pwd
sss_pwd="$text"
[ "$text" = 0 ] && sss_pwd='' || sss_pwd="$text"
setconfig sss_pwd "$text" "$GT_CFG_PATH"
fi
set_shadowsocks
;;
5)
read -p "请输入本机公网IP(4/6)或域名 > " text
if [ -n "$text" ] && [ -n "$sss_port" ] && [ -n "$sss_pwd" ];then
if [ -n "$text" ] && [ -n "$sss_port" ] && [ -n "$sss_cipher" ] && [ -n "$sss_pwd" ];then
ss_link="ss://$(gen_base64 "$sss_cipher":"$sss_pwd")@${text}:${sss_port}#ShellCrash_ss_in"
echo "-----------------------------------------------"
echo -e "你的分享链接是(请勿随意分享给他人):\n\033[32m$ss_link\033[0m"

5
scripts/menus/9_upgrade.sh
View File

@@ -202,7 +202,7 @@ switch_core(){ #clash与singbox内核切换
#singbox和clash内核切换时提示是否保留文件
[ "$core_new" != "$core_old" ] && {
[ "$dns_mod" = "redir_host" ] && [ "$core_old" = "clash" ] && setconfig dns_mod mix #singbox自动切换dns
[ "$dns_mod" = "mix" ] && [ "$crashcore" = 'clash' -o "$crashcore" = 'clashpre' ] && setconfig dns_mod fake-ip #singbox自动切换dns
[ "$dns_mod" = "mix" ] && [ "$crashcore" = 'clash' -o "$crashcore" = 'clashpre' ] && setconfig dns_mod redir_host #singbox自动切换dns
echo -e "\033[33m已从$core_old内核切换至$core_new内核\033[0m"
echo -e "\033[33m二者Geo数据库及yaml/json配置文件不通用\033[0m"
read -p "是否保留相关数据库文件?(1/0) > " res
@@ -795,8 +795,7 @@ setdb(){
0) ;;
1)
db_type=zashboard
echo $update_url
setconfig external_ui_url "https://raw.githubusercontent.com/juewuy/ShellCrash/update/bin/dashboard/zashboard.tar.gz"
setconfig external_ui_url "https://github.com/Zephyruso/zashboard/releases/latest/download/dist-cdn-fonts.zip"
dbdir
;;
2)

16
scripts/menus/bot_tg_bind.sh
View File

@@ -22,14 +22,26 @@ tg_push_token(){
setconfig chat_ID "$chat_ID"
"$CRASHDIR"/start.sh logger "已完成Telegram日志推送设置" 32
}
get_chatid(){
i=1
chat_ID=''
while [ $i -le 3 ] && [ -z "$chat_ID" ]; do
sleep 1
echo -e "\033[33m第 $i 次尝试获取对话ID失败正在重试...\033[0m"
chat=$(web_get_lite "$url_tg" 2>/dev/null)
if [ -n "$chat" ];then
chat_ID=$(echo $chat | sed 's/"update_id":/{\n"update_id":/g' | grep "$public_key" | head -n1 | grep -oE '"id":.*,"is_bot' | sed s'/"id"://' | sed s'/,"is_bot//')
fi
i=$((i + 1))
done
}
set_bot() {
public_key=$(cat /proc/sys/kernel/random/boot_id | sed 's/.*-//')
echo -e "发送此秘钥: \033[30;46m$public_key\033[0m"
echo "-----------------------------------------------"
read -p "我已经发送完成(1/0) > " res
if [ "$res" = 1 ]; then
chat=$(web_get_lite $url_tg 2>/dev/null)
[ -n "$chat" ] && chat_ID=$(echo $chat | sed 's/"update_id":/{\n"update_id":/g' | grep "$public_key" | head -n1 | grep -oE '"id":.*,"is_bot' | sed s'/"id"://' | sed s'/,"is_bot//')
get_chatid
[ -z "$chat_ID" ] && [ "$TOKEN" != 'publictoken' ] && {
echo -e "\033[31m无法获取对话ID请返回重新设置或手动输入ChatID\033[0m"
echo -e "通常访问 \033[32;4m$url_tg\033[0m \n\033[36m即可看到ChatID\033[0m"

8
scripts/menus/bot_tg_service.sh
View File

@@ -4,10 +4,14 @@
bot_tg_start(){
. "$CRASHDIR"/starts/start_legacy.sh
start_legacy "$CRASHDIR/menus/bot_tg.sh" 'bot_tg'
cronset 'TG_BOT守护进程' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程"
bot_tg_cron
}
bot_tg_stop(){
cronset 'TG_BOT守护进程'
[ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM "$(cat "$TMPDIR/bot_tg.pid")"
rm -f "$TMPDIR/bot_tg.pid"
}
}
bot_tg_cron(){
cronset 'TG_BOT守护进程'
cronset 'TG_BOT守护进程' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程"
}

103
scripts/menus/dns.sh
View File

@@ -2,43 +2,29 @@
# Copyright (C) Juewuy
set_dns_mod() { #DNS模式设置
[ -z "$hosts_opt" ] && hosts_opt=ON
[ -z "$dns_protect" ] && dns_protect=ON
echo "-----------------------------------------------"
echo -e "当前DNS运行模式为\033[47;30m $dns_mod \033[0m"
echo -e "\033[33m切换模式后需要手动重启服务以生效\033[0m"
echo "-----------------------------------------------"
echo -e " 1 fake-ip模式: 响应快,\033[33m兼容性较差\033[0m"
echo -e " 不支持CN-IP绕过功能"
echo -e " 2 redir_host模式\033[33m不安全易被污染\033[0m"
echo -e " 建议搭配第三方DNS服务使用"
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
echo -e " 3 mix混合模式 \033[32m防污染防泄露响应快推荐\033[0m"
echo -e " cn域名realip其他fakeip分流"
echo -e " 4 route模式 \033[32m防污染防泄露全真实IP\033[0m"
echo -e " cn域名realip其他dns2proxy分流"
fi
echo -e " 1 MIX模式: \033[32m防污染防泄露响应快推荐\033[0m"
echo -e " cn域名realip其他fakeip分流"
echo -e " 2 Route模式\033[32m防污染防泄露全真实IP\033[0m"
echo -e " cn域名realip其他dns2proxy分流"
echo -e " 3 Redir模式\033[33m不安全易被污染\033[0m"
echo -e " 建议搭配第三方DNS服务使用"
echo "-----------------------------------------------"
[ "$dns_mod" = "fake-ip" ] || [ "$dns_mod" = "mix" ] &&
echo -e " 8 管理Fake-ip过滤列表"
echo -e " 4 DNS防泄漏 \033[36m$dns_protect\033[0m ———启用时少量网站可能连接卡顿"
echo -e " 5 Hosts优化 \033[36m$hosts_opt\033[0m ———调用本机hosts并劫持NTP服务"
[ "$dns_mod" = "mix" ] &&
echo -e " 8 管理MIX模式Fake-ip过滤列表"
echo -e " 9 \033[36mDNS进阶设置\033[0m"
echo " 0 返回上级菜单"
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
dns_mod=fake-ip
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
set_dns_mod
;;
2)
dns_mod=redir_host
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
set_dns_mod
;;
3)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=mix
setconfig dns_mod $dns_mod
@@ -50,7 +36,7 @@ set_dns_mod() { #DNS模式设置
fi
set_dns_mod
;;
4)
2)
if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
dns_mod=route
setconfig dns_mod $dns_mod
@@ -62,6 +48,23 @@ set_dns_mod() { #DNS模式设置
fi
set_dns_mod
;;
3)
dns_mod=redir_host
setconfig dns_mod $dns_mod
echo "-----------------------------------------------"
echo -e "\033[36m已设为 $dns_mod 模式!!\033[0m"
set_dns_mod
;;
4)
[ "$dns_protect" = "ON" ] && dns_protect=OFF || dns_protect=ON
setconfig dns_protect $dns_protect
set_dns_mod
;;
5)
[ "$hosts_opt" = "ON" ] && hosts_opt=OFF || hosts_opt=ON
setconfig hosts_opt $hosts_opt
set_dns_mod
;;
8)
echo "-----------------------------------------------"
fake_ip_filter
@@ -113,9 +116,6 @@ set_dns_adv() { #DNS详细设置
[ -z "$dns_nameserver" ] && dns_nameserver='223.5.5.5, 1.2.4.8'
[ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
[ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"
[ -z "$hosts_opt" ] && hosts_opt=已启用
[ -z "$dns_protect" ] && dns_protect=ON
[ -z "$dns_redir" ] && dns_redir=未开启
[ -z "$dns_no" ] && dns_no=未禁用
echo "-----------------------------------------------"
echo -e "当前基础DNS\033[32m$dns_nameserver\033[0m"
@@ -128,10 +128,8 @@ set_dns_adv() { #DNS详细设置
echo -e " 1 修改\033[32m基础DNS\033[0m"
echo -e " 2 修改\033[36mPROXY-DNS\033[0m(该DNS查询会经过节点)"
echo -e " 3 修改\033[33m解析DNS\033[0m(必须是IP,用于解析其他DNS)"
echo -e " 4 DNS防泄漏 \033[36m$dns_protect\033[0m ———启用时少量网站可能连接卡顿"
echo -e " 5 hosts优化 \033[36m$hosts_opt\033[0m ———调用本机hosts并劫持NTP服务"
echo -e " 4 一键配置\033[32m加密DNS\033[0m"
echo -e " 7 禁用DNS劫持\033[36m$dns_no\033[0m ———搭配第三方DNS使用"
echo -e " 8 一键配置\033[32m加密DNS\033[0m"
echo -e " 9 \033[33m重置\033[0m默认DNS配置"
echo -e " 0 返回上级菜单"
echo "-----------------------------------------------"
@@ -170,43 +168,6 @@ set_dns_adv() { #DNS详细设置
sleep 1
set_dns_adv
;;
4)
[ "$dns_protect" = "ON" ] && dns_protect=OFF || dns_protect=ON
setconfig dns_protect $dns_protect
set_dns_adv
;;
5)
echo "-----------------------------------------------"
if [ "$hosts_opt" = "已启用" ]; then
hosts_opt=未启用
echo -e "\033[32m已禁用hosts优化功能\033[0m"
else
hosts_opt=已启用
echo -e "\033[33m已启用hosts优化功能\033[0m"
fi
setconfig hosts_opt $hosts_opt
sleep 1
set_dns_adv
;;
6)
echo "-----------------------------------------------"
if [ "$dns_redir" = "未开启" ]; then
echo -e "\033[31m将使用OpenWrt中Dnsmasq插件自带的DNS转发功能转发DNS请求至内核\033[0m"
echo -e "\033[33m启用后将禁用本插件自带的iptables转发功能\033[0m"
dns_redir=已开启
echo -e "\033[32m已启用Dnsmasq转发DNS功能\033[0m"
else
uci del dhcp.@dnsmasq[-1].server
uci set dhcp.@dnsmasq[0].noresolv=0
uci commit dhcp
/etc/init.d/dnsmasq restart
echo -e "\033[33m禁用成功如有报错请重启设备\033[0m"
dns_redir=未开启
fi
setconfig dns_redir $dns_redir
sleep 1
set_dns_adv
;;
7)
echo "-----------------------------------------------"
if [ "$dns_no" = "未禁用" ]; then
@@ -221,7 +182,7 @@ set_dns_adv() { #DNS详细设置
sleep 1
set_dns_adv
;;
8)
4)
echo "-----------------------------------------------"
openssldir="$(openssl version -d 2>&1 | awk -F '"' '{print $2}')"
if [ -s "$openssldir/certs/ca-certificates.crt" ] || [ -s "/etc/ssl/certs/ca-certificates.crt" ] ||