diff --git a/scripts/menus/7_gateway.sh b/scripts/menus/7_gateway.sh
index 7c7f747e..8bcd7894 100644
--- a/scripts/menus/7_gateway.sh
+++ b/scripts/menus/7_gateway.sh
@@ -151,13 +151,15 @@ set_bot_tg_init(){
 	fi
 }
 set_bot_tg_service(){
-	PID=$(pidof /bin/sh "$CRASHDIR"/menus/bot_tg.sh)
 	if [ "$bot_tg_service" = ON ];then
 		bot_tg_service=OFF
-		[ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
+		[ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM -"$(cat "$TMPDIR/bot_tg.pid")" && rm -f "$TMPDIR/bot_tg.pid"
 	else
 		bot_tg_service=ON
-		[ -n "$(pidof CrashCore)" ] && [ -z "$PID" ] && "$CRASHDIR"/menus/bot_tg.sh &
+		[ -n "$(pidof CrashCore)" ] && {
+			setsid sh "$CRASHDIR/menus/bot_tg.sh" &
+			echo $! > "$TMPDIR/bot_tg.pid"
+		}
 	fi
 	setconfig bot_tg_service "$bot_tg_service"
 }
diff --git a/scripts/start.sh b/scripts/start.sh
index d2445ff2..525e9113 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -49,12 +49,12 @@ start)
     elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
         /etc/init.d/shellcrash start
     elif [ "$USER" = "root" -a "$(cat /proc/1/comm)" = "systemd" ]; then
-        bfstart && {
-            FragmentPath=$(systemctl show -p FragmentPath shellcrash | sed 's/FragmentPath=//')
-            [ -f $FragmentPath ] && setconfig ExecStart "$COMMAND >/dev/null" "$FragmentPath"
-            systemctl daemon-reload
-            systemctl start shellcrash.service || . "$CRASHDIR"/starts/start_error.sh
-        }
+		FragmentPath=$(systemctl show -p FragmentPath shellcrash | sed 's/FragmentPath=//')
+		[ -f $FragmentPath ] && {
+			setconfig ExecStart "$COMMAND >/dev/null" "$FragmentPath"
+			systemctl daemon-reload
+		}
+		systemctl start shellcrash.service || . "$CRASHDIR"/starts/start_error.sh
     elif grep -q 's6' /proc/1/comm; then
 		bfstart && /command/s6-svc -u /run/service/shellcrash && {
 			[ ! -f "$CRASHDIR"/.dis_startup ] && touch /etc/s6-overlay/s6-rc.d/user/contents.d/afstart
@@ -75,9 +75,8 @@ stop)
     cronset '运行时每'
     cronset '流媒体预解析'
 	#停止tg机器人
-	PID=$(pidof /bin/sh "$CRASHDIR"/menus/bot_tg.sh) && [ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
+	[ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM -"$(cat "$TMPDIR/bot_tg.pid")" && rm -f "$TMPDIR/bot_tg.pid"
     #多种方式结束进程
-
     if [ "$start_old" != "已开启" -a "$USER" = "root" -a "$(cat /proc/1/comm)" = "systemd" ]; then
         systemctl stop shellcrash.service >/dev/null 2>&1
     elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
diff --git a/scripts/starts/afstart.sh b/scripts/starts/afstart.sh
index 410b769a..222ea2d9 100644
--- a/scripts/starts/afstart.sh
+++ b/scripts/starts/afstart.sh
@@ -1,4 +1,4 @@
-#!/bin/ash
+#!/bin/sh
 # Copyright (C) Juewuy
 
 #初始化目录
@@ -51,7 +51,10 @@ if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then
 		sed -i "${line}a\\. $CRASHDIR/task/affirewall" /etc/init.d/firewall
 	} &
 	#启动TG机器人
-	[ "$bot_tg_service" = ON ] && "$CRASHDIR"/menus/bot_tg.sh &
+	[ "$bot_tg_service" = ON ] && {
+		setsid sh "$CRASHDIR/menus/bot_tg.sh" &
+		echo $! > "$TMPDIR/bot_tg.pid"
+	}
 else
 	. "$CRASHDIR"/starts/start_error.sh
 	"$CRASHDIR"/start.sh stop
diff --git a/scripts/starts/bfstart.sh b/scripts/starts/bfstart.sh
index b53b64c3..1014f5b6 100644
--- a/scripts/starts/bfstart.sh
+++ b/scripts/starts/bfstart.sh
@@ -1,4 +1,4 @@
-#!/bin/ash
+#!/bin/sh
 # Copyright (C) Juewuy
 
 [ -z "$CRASHDIR" ] && CRASHDIR=$( cd $(dirname $0);cd ..;pwd)
@@ -132,5 +132,5 @@ fi
 #清理debug日志
 rm -rf /tmp/ShellCrash/debug.log
 rm -rf "$CRASHDIR"/debug.log
-return 0
+exit 0
 
diff --git a/scripts/starts/fw_stop.sh b/scripts/starts/fw_stop.sh
index b380b5b5..b155f15c 100644
--- a/scripts/starts/fw_stop.sh
+++ b/scripts/starts/fw_stop.sh
@@ -1,8 +1,10 @@
 #!/bin/sh
 # Copyright (C) Juewuy
 
-#还原防火墙配置
-. "$CRASHDIR"/configs/ShellCrash.cfg
+#初始化目录
+[ -z "$CRASHDIR" ] && CRASHDIR=$( cd $(dirname $0);cd ..;pwd)
+. "$CRASHDIR"/libs/get_config.sh
+. "$CRASHDIR"/libs/check_cmd.sh
 . "$CRASHDIR"/starts/fw_getlanip.sh && getlanip #获取局域网host地址
 #缺省值
 [ -z "$common_ports" ] && common_ports='已开启'
diff --git a/scripts/starts/shellcrash.openrc b/scripts/starts/shellcrash.openrc
new file mode 100644
index 00000000..4d58297b
--- /dev/null
+++ b/scripts/starts/shellcrash.openrc
@@ -0,0 +1,73 @@
+#!/sbin/openrc-run
+
+# 服务名
+name="shellcrash"
+description="Custom proxy service for ShellCrash"
+#获取目录
+CRASHDIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}')
+[ -z "$CRASHDIR" ] && CRASHDIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}')
+source ${CRASHDIR}/configs/command.env #加载启动命令和启动目录
+
+# PID 文件
+pidfile="/run/shellcrash.pid"
+
+depend() {
+    #need net
+    after firewall
+}
+
+start() {
+    ebegin "Starting ShellCrash service"
+
+    # 如果 firewal_area=5 则运行主旁转发脚本
+    if grep -q 'firewall_area=5' "$CRASHDIR/configs/ShellCrash.cfg" 2>/dev/null; then
+        "$CRASHDIR"/starts/fw_start.sh
+        eend $? "Firewall start failed"
+        return
+    fi
+	
+    # 确定运行用户：shellcrash 或 root
+    if grep -q 'shellcrash:x:0:7890' /etc/passwd; then
+        runuser="shellcrash"
+    else
+        runuser="root"
+    fi
+
+    # 必要文件检测
+    "$CRASHDIR"/starts/bfstart.sh
+    if [ "$?" != "0" ]; then
+        eend 1 "bfstart check failed"
+        return
+    fi
+
+    # 启动主程序（自动守护 + 自动重启）
+    supervise-daemon "${name}" \
+        --pidfile "${pidfile}" \
+        --user "${runuser}" \
+        --respawn-max 0 \
+        --respawn-delay 3 \
+        --start ${COMMAND%% *} -- ${COMMAND#* }
+
+    ret=$?
+    eend $ret
+    [ $ret -ne 0 ] && return
+
+    # 启动后操作
+    "$CRASHDIR"/starts/afstart.sh &
+}
+
+stop() {
+    ebegin "Stopping ShellCrash service"
+
+    # 停止后台进程
+    start-stop-daemon --stop \
+        --pidfile "${pidfile}" \
+        --retry 5
+
+    rm -f "${pidfile}"
+
+    # 清理 firewall、proxy
+    "$CRASHDIR"/starts/fw_stop.sh
+
+    eend $?
+}
diff --git a/scripts/starts/shellcrash.procd b/scripts/starts/shellcrash.procd
new file mode 100644
index 00000000..9e4803bc
--- /dev/null
+++ b/scripts/starts/shellcrash.procd
@@ -0,0 +1,38 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+
+SERVICE_DAEMONIZE=1
+SERVICE_WRITE_PID=1
+USE_PROCD=1
+#获取目录
+CRASHDIR=$(cat /etc/profile | grep CRASHDIR | awk -F "\"" '{print $2}')
+[ -z "$CRASHDIR" ] && CRASHDIR=$(cat ~/.bashrc | grep CRASHDIR | awk -F "\"" '{print $2}')
+source "$CRASHDIR"/configs/command.env #加载启动命令和启动目录
+
+start_service() {
+	if [ -n "$(cat $CRASHDIR/configs/ShellCrash.cfg | grep 'firewall_area=5')" ]; then
+		"$CRASHDIR"/starts/fw_start.sh #主旁转发
+	else
+		#本机代理用户
+		[ -n "$(grep 'shellcrash:x:0:7890' /etc/passwd)" ] && USER=shellcrash || USER=root
+		#检测必须文件
+		"$CRASHDIR"/starts/bfstart.sh
+		if [ "$?" = "0" ]; then
+			#使用procd创建clash后台进程
+			procd_open_instance
+			procd_set_param user $USER
+			procd_set_param respawn
+			procd_set_param command $COMMAND
+			procd_set_param stderr 0
+			procd_set_param stdout 0
+			procd_close_instance
+			#启动结束执行
+			"$CRASHDIR"/starts/afstart.sh &
+		fi
+	fi
+}
+stop_service() {
+	procd_close_instance
+	"$CRASHDIR"/starts/fw_stop.sh
+}
diff --git a/scripts/starts/shellcrash.service b/scripts/starts/shellcrash.service
new file mode 100644
index 00000000..1c0e5faa
--- /dev/null
+++ b/scripts/starts/shellcrash.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=ShellCrash Core
+After=network.target
+
+[Service]
+Type=simple
+User=shellcrash
+StandardOutput=null
+ExecStartPre=/etc/ShellCrash/starts/bfstart.sh
+ExecStart=/etc/ShellCrash/CrashCore run -D /etc/ShellCrash -C /tmp/ShellCrash/jsons >/dev/null
+ExecStartPost=/etc/ShellCrash/starts/afstart.sh
+ExecStopPost=/etc/ShellCrash/starts/fw_stop.sh
+Restart=on-abnormal
+RestartSec=10s
+LimitNOFILE=infinity
+
+
+[Install]
+WantedBy=multi-user.target
diff --git a/scripts/starts/snapshot_init.sh b/scripts/starts/snapshot_init.sh
new file mode 100644
index 00000000..8a1a69d4
--- /dev/null
+++ b/scripts/starts/snapshot_init.sh
@@ -0,0 +1,94 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+CRASHDIR="$(uci get firewall.ShellCrash.path | sed 's/\/misnap_init.sh//')"
+profile=/etc/profile
+. "$CRASHDIR"/configs/ShellCrash.cfg
+
+autoSSH(){
+	#自动开启SSH
+    [ "`uci -c /usr/share/xiaoqiang get xiaoqiang_version.version.CHANNEL`" != 'stable' ] && {
+		uci -c /usr/share/xiaoqiang set xiaoqiang_version.version.CHANNEL='stable' 
+		uci -c /usr/share/xiaoqiang commit xiaoqiang_version.version
+	}
+	[ -z "$(pidof dropbear)" -o -z "$(netstat -ntul | grep :22)" ] && {
+		sed -i 's/channel=.*/channel="debug"/g' /etc/init.d/dropbear
+		/etc/init.d/dropbear restart
+		mi_autoSSH_pwd=$(grep 'mi_autoSSH_pwd=' $CRASHDIR/configs/ShellCrash.cfg | awk -F "=" '{print $2}')
+		[ -n "$mi_autoSSH_pwd" ] && echo -e "$mi_autoSSH_pwd\n$mi_autoSSH_pwd" | passwd root
+	}
+	#配置nvram
+	[ "$(nvram get ssh_en)" = 0 ] && nvram set ssh_en=1 
+	[ "$(nvram get telnet_en)" = 0 ] && nvram set telnet_en=1
+	nvram commit &> /dev/null
+	#备份还原SSH秘钥
+	[ -f $CRASHDIR/configs/dropbear_rsa_host_key ] && ln -sf $CRASHDIR/configs/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key
+	[ -f $CRASHDIR/configs/authorized_keys ] && ln -sf $CRASHDIR/configs/authorized_keys /etc/dropbear/authorized_keys
+}
+tunfix(){
+	ko_dir=$(modinfo ip_tables | grep  -Eo '/lib/modules.*/ip_tables.ko' | sed 's|/ip_tables.ko||' )
+	#在/tmp创建并挂载overlay
+	mkdir -p /tmp/overlay
+	mkdir -p /tmp/overlay/upper
+	mkdir -p /tmp/overlay/work
+	mount -o noatime,lowerdir=${ko_dir},upperdir=/tmp/overlay/upper,workdir=/tmp/overlay/work -t overlay "overlay_mods_only" ${ko_dir}
+	#将tun.ko链接到lib
+	ln -sf $CRASHDIR/tools/tun.ko ${ko_dir}/tun.ko || $CRASHDIR/start.sh loggger "小米Tun模块修复失败！"
+}
+tproxyfix(){
+	sed -i 's/sysctl -w net.bridge.bridge-nf-call-ip/#sysctl -w net.bridge.bridge-nf-call-ip/g' /etc/init.d/qca-nss-ecm
+	sysctl -w net.bridge.bridge-nf-call-iptables=0
+	sysctl -w net.bridge.bridge-nf-call-ip6tables=0
+}
+auto_clean(){
+	#自动清理升级备份文件夹
+	rm -rf /data/etc_bak
+	#自动清理被写入闪存的系统日志并禁止服务
+	/etc/init.d/stat_points stop 2>/dev/null
+	/etc/init.d/stat_points disable 2>/dev/null
+	sed -i '\#/logrotate#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root
+	rm -rf /data/usr/log
+}
+init(){
+	#等待启动完成
+	while ! ip a| grep -q lan; do
+		sleep 10
+	done
+	sleep 20
+	#初始化环境变量
+    [ -z "$my_alias" ] && my_alias=crash
+    sed -i "/ShellCrash\/menu.sh/"d "$profile"
+    echo "alias ${my_alias}=\"sh $CRASHDIR/menu.sh\"" >>"$profile"
+	sed -i "/export CRASHDIR/d" "$profile"
+	echo "export CRASHDIR=\"$CRASHDIR\"" >>"$profile"
+	autoSSH #软固化功能
+	auto_clean #自动清理
+	#设置init.d服务
+	cp -f $CRASHDIR/shellcrash.procd /etc/init.d/shellcrash
+	chmod 755 /etc/init.d/shellcrash
+	#启动服务
+	if [ ! -f $CRASHDIR/.dis_startup ]; then
+		#AX6S/AX6000修复tun功能
+		[ -s $CRASHDIR/tools/tun.ko ] && tunfix
+		#小米7000/小米万兆修复tproxy
+		[ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix
+		#自动覆盖根证书文件
+		[ -s $CRASHDIR/tools/ca-certificates.crt ] && cp -f $CRASHDIR/tools/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+		#启动服务
+		$CRASHDIR/start.sh start
+		/etc/init.d/shellcrash enable
+	fi
+}
+
+case "$1" in
+	tunfix) tunfix ;;
+	tproxyfix) tproxyfix ;;
+	auto_clean) auto_clean ;;
+	init) init ;;
+	*)
+		if [ -z $(pidof CrashCore) ];then
+			init &
+		fi
+	;;
+esac
+