v1.0.0beta15.1
~新增自定义http/sock5代理认证功能 ~增加自定义DNS配置功能 ~修复fake-ip模式下偶尔会出现大量回环流量的bug
This commit is contained in:
juewuy
@@ -49,7 +49,6 @@ fi
|
||||
[ -z "$redir_port" ] && redir_port=7892
|
||||
[ -z "$db_port" ] && db_port=9999
|
||||
[ -z "$dns_port" ] && dns_port=1053
|
||||
[ -z "$secret" ] && secret=未设置
|
||||
#获取运行模式
|
||||
if [ -z "$redir_mod" ];then
|
||||
sed -i "2i\redir_mod=Redir模式" $ccfg
|
||||
@@ -148,6 +147,8 @@ setport(){
|
||||
fi
|
||||
}
|
||||
source $ccfg
|
||||
[ -z "$secret" ] && secret=未设置
|
||||
[ -z "$authentication" ] && authentication=未设置
|
||||
if [ -n "$(pidof clash)" ];then
|
||||
echo -----------------------------------------------
|
||||
echo -e "\033[33m检测到clash服务正在运行,需要先停止clash服务!\033[0m"
|
||||
@@ -159,11 +160,12 @@ setport(){
|
||||
fi
|
||||
fi
|
||||
echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
echo -e " 1 修改Http/Sock5端口:\033[36m$mix_port\033[0m"
|
||||
echo -e " 2 修改静态路由端口:\033[36m$redir_port\033[0m"
|
||||
echo -e " 3 修改DNS监听端口:\033[36m$dns_port\033[0m"
|
||||
echo -e " 4 修改面板访问端口:\033[36m$db_port\033[0m"
|
||||
echo -e " 5 修改面板访问密码:\033[36m$secret\033[0m"
|
||||
echo -e " 1 修改Http/Sock5端口: \033[36m$mix_port\033[0m"
|
||||
echo -e " 2 设置Http/Sock5密码: \033[36m$authentication\033[0m"
|
||||
echo -e " 3 修改静态路由端口: \033[36m$redir_port\033[0m"
|
||||
echo -e " 4 修改DNS监听端口: \033[36m$dns_port\033[0m"
|
||||
echo -e " 5 修改面板访问端口: \033[36m$db_port\033[0m"
|
||||
echo -e " 6 设置面板访问密码: \033[36m$secret\033[0m"
|
||||
echo -e " 0 返回上级菜单"
|
||||
read -p "请输入对应数字 > " num
|
||||
if [ -z "$num" ]; then
|
||||
@@ -173,19 +175,41 @@ setport(){
|
||||
xport=mix_port
|
||||
inputport
|
||||
elif [[ $num == 2 ]]; then
|
||||
echo -----------------------------------------------
|
||||
echo -e "格式必须是\033[32m 用户名:密码 \033[0m的形式,注意用小写冒号分隔!"
|
||||
echo -e "请尽量不要使用特殊符号!可能会产生未知错误!"
|
||||
echo "输入 0 删除密码"
|
||||
echo -----------------------------------------------
|
||||
read -p "请输入Http/Sock5用户名及密码 > " input
|
||||
if [ "$input" = "0" ];then
|
||||
authentication=""
|
||||
sed -i "/authentication*/"d $ccfg
|
||||
echo 密码已移除!
|
||||
else
|
||||
authentication=$(echo $input | grep :)
|
||||
if [ -n "$authentication" ]; then
|
||||
sed -i "/authentication*/"d $ccfg
|
||||
sed -i "1i\authentication=\'$authentication\'" $ccfg
|
||||
echo -e "\033[32m设置成功!!!\033[0m"
|
||||
else
|
||||
echo -e "\033[31m输入有误,请重新输入!\033[0m"
|
||||
fi
|
||||
fi
|
||||
setport
|
||||
elif [[ $num == 3 ]]; then
|
||||
xport=redir_port
|
||||
inputport
|
||||
elif [[ $num == 3 ]]; then
|
||||
elif [[ $num == 4 ]]; then
|
||||
xport=dns_port
|
||||
inputport
|
||||
elif [[ $num == 4 ]]; then
|
||||
elif [[ $num == 5 ]]; then
|
||||
xport=db_port
|
||||
inputport
|
||||
elif [[ $num == 5 ]]; then
|
||||
read -p "请输入面板访问密码 > " secret
|
||||
elif [[ $num == 6 ]]; then
|
||||
read -p "请输入面板访问密码(输入0删除密码) > " secret
|
||||
if [ -n "$secret" ]; then
|
||||
sed -i "/secret*/"d $ccfg
|
||||
sed -i "1i\secret=$secret" $ccfg
|
||||
[ "$secret" = "0" ] && secret="" || sed -i "1i\secret=$secret" $ccfg
|
||||
echo -e "\033[32m设置成功!!!\033[0m"
|
||||
fi
|
||||
setport
|
||||
@@ -669,7 +693,7 @@ echo -e " 1 不修饰config.yaml: \033[36m$modify_yaml\033[0m ————用于
|
||||
echo -e " 2 启用ipv6支持: \033[36m$ipv6_support\033[0m ————实验性功能,可能不可用"
|
||||
echo -e " 3 使用保守方式启动: \033[36m$start_old\033[0m ————切换时会停止clash服务"
|
||||
echo -e " 4 代理本机流量: \033[36m$local_proxy\033[0m ————配置本机代理环境变量"
|
||||
echo -e " 5 手动指定clash运行端口"
|
||||
echo -e " 5 手动指定clash运行端口及秘钥"
|
||||
echo -----------------------------------------------
|
||||
echo -e " 8 \033[31m重置\033[0m配置文件"
|
||||
echo -e " 9 \033[32m重启\033[0mclash服务"
|
||||
@@ -1137,7 +1161,7 @@ if [[ $num -le 9 ]] > /dev/null 2>&1; then
|
||||
exit;
|
||||
elif [[ $num == 6 ]]; then
|
||||
echo 注意:测试结果不保证一定准确!
|
||||
delay=`curl -kx 127.0.0.1:$mix_port -o /dev/null -s -w '%{time_starttransfer}' 'https://google.tw' & { sleep 3 ; kill $! & }` > /dev/null 2>&1
|
||||
delay=`curl -kx ${authentication}@127.0.0.1:$mix_port -o /dev/null -s -w '%{time_starttransfer}' 'https://google.tw' & { sleep 3 ; kill $! & }` > /dev/null 2>&1
|
||||
delay=`echo |awk "{print $delay*1000}"` > /dev/null 2>&1
|
||||
echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
if [ `echo ${#delay}` -gt 1 ];then
|
||||
|
||||
@@ -539,7 +539,7 @@ echo -e " 0 返回上级菜单"
|
||||
read -p "请输入对应数字 > " num
|
||||
if [ "$num" = '1' ]; then
|
||||
echo 'function FindProxyForURL(url, host) {' > $dir/pac
|
||||
echo " return \"SOCKS $host:$mix_port; PROXY $host:$mix_port; DIRECT;\"" >> $dir/pac
|
||||
echo " return \"SOCKS $authentication@$host:$mix_port; PROXY $authentication@$host:$mix_port; DIRECT;\"" >> $dir/pac
|
||||
echo '}' >> $dir/pac
|
||||
echo -e "\033[33mPAC文件已生成!\033[0m"
|
||||
echo -e "PAC地址:\033[32m$pac\033[0m"
|
||||
@@ -573,7 +573,7 @@ elif [[ $num == 1 ]]; then
|
||||
elif [[ $num == 2 ]]; then
|
||||
update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
|
||||
elif [[ $num == 3 ]]; then
|
||||
update_url='-x 127.0.0.1:'$mix_port' https://raw.githubusercontent.com/juewuy/ShellClash/master'
|
||||
update_url='-x '$authentication'@127.0.0.1:'$mix_port' https://raw.githubusercontent.com/juewuy/ShellClash/master'
|
||||
elif [[ $num == 4 ]]; then
|
||||
echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
read -p "请输入个人源路径 > " update_url
|
||||
|
||||
@@ -160,12 +160,13 @@ external="external-controller: 0.0.0.0:$db_port"
|
||||
[ "$redir_mod" != "Redir模式" ] && tun='tun: {enable: true, stack: system}' || tun='tun: {enable: false}'
|
||||
exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
|
||||
#dns配置
|
||||
[ "$dns_over" = "未开启" ] && dns_local=', 127.0.0.1:53'
|
||||
dns_nameserver='114.114.114.114, 223.5.5.5'
|
||||
dns_fallback='1.0.0.1, 8.8.4.4'
|
||||
if [ "$dns_mod" = "fake-ip" ];then
|
||||
dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org"], nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
|
||||
elif [ "$dns_over" = "已开启" ];then
|
||||
dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
|
||||
dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org"], nameserver: ['$dns_nameserver', 127.0.0.1:53], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
|
||||
else
|
||||
dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
|
||||
dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
|
||||
fi
|
||||
|
||||
###################################
|
||||
@@ -177,22 +178,25 @@ fi
|
||||
#添加配置
|
||||
sed -i "1imixed-port:\ $mix_port" $yaml
|
||||
sed -i "1aredir-port:\ $redir_port" $yaml
|
||||
sed -i "2a$lan" $yaml
|
||||
sed -i "3a$mode" $yaml
|
||||
sed -i "4a$log" $yaml
|
||||
sed -i "5a$ipv6" $yaml
|
||||
sed -i "6aexternal-controller:\ :$db_port" $yaml
|
||||
sed -i "7aexternal-ui:\ $db_ui" $yaml
|
||||
sed -i "8asecret:\ $secret" $yaml
|
||||
sed -i "9a$dns" $yaml
|
||||
sed -i "2aauthentication:\ \[\"$authentication\"\]" $yaml
|
||||
sed -i "3a$lan" $yaml
|
||||
sed -i "4a$mode" $yaml
|
||||
sed -i "5a$log" $yaml
|
||||
sed -i "6a$ipv6" $yaml
|
||||
sed -i "7aexternal-controller:\ :$db_port" $yaml
|
||||
sed -i "8aexternal-ui:\ $db_ui" $yaml
|
||||
sed -i "9asecret:\ $secret" $yaml
|
||||
sed -i "10a$tun" $yaml
|
||||
sed -i "11a$exper" $yaml
|
||||
sed -i "12a$dns" $yaml
|
||||
#跳过本地tls证书验证
|
||||
if [ "$skip_cert" = "已开启" ];then
|
||||
sed -i '10,99s/skip-cert-verify: false/skip-cert-verify: true/' $yaml
|
||||
else
|
||||
sed -i '10,99s/skip-cert-verify: true/skip-cert-verify: false/' $yaml
|
||||
fi
|
||||
#禁止fake-ip回环流量
|
||||
sed -i '/rules:/a \ - IP-CIDR,192.168.0.0/16,REJECT' $yaml
|
||||
}
|
||||
mark_time(){
|
||||
start_time=`date +%s`
|
||||
@@ -371,7 +375,7 @@ stop)
|
||||
web_save
|
||||
#删除守护进程&面板配置自动保存
|
||||
sed -i /clash保守模式守护进程/d $cronpath >/dev/null 2>&1
|
||||
sed -i /面板配置自动保存/d $cronpath >/dev/null 2>&1
|
||||
sed -i /保存节点配置/d $cronpath >/dev/null 2>&1
|
||||
#多种方式结束进程
|
||||
if [ -f /etc/rc.common ];then
|
||||
/etc/init.d/clash stop >/dev/null 2>&1
|
||||
|
||||
Reference in New Issue
Block a user