diff --git a/scripts/menu.sh b/scripts/menu.sh index 7f17b82b..c6d82d06 100644 --- a/scripts/menu.sh +++ b/scripts/menu.sh @@ -110,7 +110,7 @@ ckstatus() { #脚本启动前检查 #检查新手引导 if [ -z "$userguide" ]; then setconfig userguide 1 - . "$CRASHDIR"/menus/8_tools.sh && userguide + . "$CRASHDIR"/menus/userguide.sh && userguide fi #检查执行权限 [ ! -x "$CRASHDIR"/start.sh ] && chmod +x "$CRASHDIR"/start.sh diff --git a/scripts/menus/1_start.sh b/scripts/menus/1_start.sh index 29b13ca3..c3c39249 100644 --- a/scripts/menus/1_start.sh +++ b/scripts/menus/1_start.sh @@ -12,7 +12,7 @@ startover() { if [ "$redir_mod" = "纯净模式" ]; then echo "-----------------------------------------------" echo -e "其他设备可以使用PAC配置连接:\033[4;32mhttp://$host:$db_port/ui/pac\033[0m" - echo -e "或者使用HTTP/SOCK5方式连接:IP{\033[36m$host\033[0m}端口{\033[36m$mix_port\033[0m}" + echo -e "或者使用HTTP/SOCK5方式连接:IP{\033[36m$host\033[0m}Port{\033[36m$mix_port\033[0m}" fi return 0 } diff --git a/scripts/menus/2_settings.sh b/scripts/menus/2_settings.sh index 3c880c2a..43be432e 100644 --- a/scripts/menus/2_settings.sh +++ b/scripts/menus/2_settings.sh @@ -47,7 +47,7 @@ settings() { #功能设置 settings ;; 3) - set_fw_filter + . "$CRASHDIR"/menus/fw_filter.sh && set_fw_filter sleep 1 settings ;; @@ -282,412 +282,6 @@ set_redir_mod() { #路由模式设置 ;; esac } -set_fw_filter(){ #流量过滤 - [ -z "$common_ports" ] && common_ports=ON - [ -z "$quic_rj" ] && quic_rj=OFF - [ -z "$cn_ip_route" ] && cn_ip_route=OFF - touch "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter - [ -z "$(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null)" ] && mac_return=OFF || mac_return=ON - echo "-----------------------------------------------" - echo -e " 1 过滤非常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量" - echo -e " 2 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤" - echo -e " 3 过滤QUIC协议: \033[36m$quic_rj\033[0m ————优化视频性能" - echo -e " 4 过滤CN_IP(6)列表: \033[36m$cn_ip_route\033[0m ————优化性能,不兼容Fake-ip" - echo -e " 5 自定义透明路由ipv4网段: 适合vlan等复杂网络环境" - echo -e " 6 自定义保留地址ipv4网段: 需要以保留地址为访问目标的环境" - echo "-----------------------------------------------" - echo -e " 0 返回上级菜单 \033[0m" - echo "-----------------------------------------------" - read -p "请输入对应数字 > " num - case "$num" in - 0) - ;; - 1) - echo "-----------------------------------------------" - if [ -n "$(pidof CrashCore)" ] && [ "$firewall_mod" = 'iptables' ]; then - read -p "切换时将停止服务,是否继续?(1/0) > " res - [ "$res" = 1 ] && "$CRASHDIR"/start.sh stop && set_common_ports - else - set_common_ports - fi - set_fw_filter - ;; - 2) - checkcfg_mac=$(cat "$CRASHDIR"/configs/mac) - fw_filter_lan - if [ -n "$PID" ]; then - checkcfg_mac_new=$(cat "$CRASHDIR"/configs/mac) - [ "$checkcfg_mac" != "$checkcfg_mac_new" ] && checkrestart - fi - set_fw_filter - ;; - 3) - echo "-----------------------------------------------" - if [ -n "$(echo "$redir_mod" | grep -oE '混合|Tproxy|Tun')" ]; then - if [ "$quic_rj" = "OFF" ]; then - echo -e "\033[33m已禁止QUIC流量通过ShellCrash内核!!\033[0m" - quic_rj=ON - else - echo -e "\033[33m已取消禁止QUIC协议流量!!\033[0m" - quic_rj=OFF - fi - setconfig quic_rj $quic_rj - else - echo -e "\033[33m当前模式默认不会代理UDP流量,无需设置!!\033[0m" - fi - sleep 1 - set_fw_filter - ;; - 4) - if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = 'nftables' ]; then - if [ "$cn_ip_route" = "OFF" ]; then - echo -e "\033[32m已开启CN_IP绕过内核功能!!\033[0m" - echo -e "\033[31m注意!!!此功能会导致全局模式及一切CN相关规则失效!!!\033[0m" - cn_ip_route=ON - sleep 2 - else - echo -e "\033[33m已禁用CN_IP绕过内核功能!!\033[0m" - cn_ip_route=OFF - fi - setconfig cn_ip_route $cn_ip_route - else - echo -e "\033[31m当前设备缺少ipset模块或未使用nftables模式,无法启用绕过功能!!\033[0m" - sleep 1 - fi - set_fw_filter - ;; - 5) - set_cust_host_ipv4 - set_fw_filter - ;; - 6) - [ -z "$reserve_ipv4" ] && reserve_ipv4="0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 100.64.0.0/10 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4" - echo -e "当前网段:\033[36m$reserve_ipv4\033[0m" - echo -e "\033[33m地址必须是空格分隔,错误的设置可能导致网络回环或启动报错,请务必谨慎!\033[0m" - read -p "请输入 > " text - if [ -n "$( - echo $text | grep -E "(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])/(3[0-2]|[1-2]?[0-9]))( +|$)+" - )" ]; then - reserve_ipv4="$text" - echo -e "已将保留地址网段设为:\033[32m$reserve_ipv4\033[0m" - setconfig reserve_ipv4 "'$reserve_ipv4'" - else - echo -e "\033[31m输入有误,操作已取消!\033[0m" - fi - sleep 1 - set_fw_filter - ;; - *) - errornum - ;; - esac -} -set_common_ports() { - [ -z "$multiport" ] && multiport='22,80,443,8080,8443' - echo "-----------------------------------------------" - echo -e "\033[31m注意:\033[0mMIX模式下,所有fake-ip来源的非常用端口流量不会被过滤" - [ -n "$common_ports" ] && - echo -e "当前放行端口:\033[36m$multiport\033[0m" - echo "-----------------------------------------------" - echo -e " 1 启用/关闭端口过滤: \033[36m$common_ports\033[0m" - echo -e " 2 添加放行端口" - echo -e " 3 移除指定放行端口" - echo -e " 4 重置默认放行端口" - echo -e " 5 重置为旧版放行端口" - echo -e " 0 返回上级菜单" - echo "-----------------------------------------------" - read -p "请输入对应数字 > " num - case $num in - 1) - if [ "$common_ports" = ON ];then - common_ports=OFF - else - common_ports=ON - fi - setconfig common_ports "$common_ports" - set_common_ports - ;; - 2) - port_count=$(echo "$multiport" | awk -F',' '{print NF}' ) - if [ "$port_count" -ge 15 ];then - echo -e "\033[31m最多支持设置放行15个端口,请先减少一些!\033[0m" - else - read -p "请输入要放行的端口号 > " port - if echo ",$multiport," | grep -q ",$port,";then - echo -e "\033[31m输入错误!请勿重复添加!\033[0m" - elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then - echo -e "\033[31m输入错误!请输入正确的数值(1-65535)!\033[0m" - else - multiport=$(echo "$multiport,$port" | sed "s/^,//") - setconfig multiport "$multiport" - fi - fi - sleep 1 - set_common_ports - ;; - 3) - read -p "请输入要移除的端口号 > " port - if echo ",$multiport," | grep -q ",$port,";then - if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then - echo -e "\033[31m输入错误!请输入正确的数值(1-65535)!\033[0m" - else - multiport=$(echo ",$multiport," | sed "s/,$port//; s/^,//; s/,$//") - setconfig multiport "$multiport" - fi - else - echo -e "\033[31m输入错误!请输入已添加过的端口!\033[0m" - fi - sleep 1 - set_common_ports - ;; - 4) - multiport='' - setconfig multiport - sleep 1 - set_common_ports - ;; - 5) - multiport='22,80,143,194,443,465,587,853,993,995,5222,8080,8443' - setconfig multiport "$multiport" - sleep 1 - set_common_ports - ;; - *) - errornum - ;; - esac -} -set_cust_host_ipv4() { #自定义ipv4透明路由网段 - [ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="OFF" - echo "-----------------------------------------------" - echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo) \033[0m" - echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m" - echo "-----------------------------------------------" - echo -e " 1 移除所有自定义网段" - echo -e " 2 使用自定义网段覆盖默认网段 \033[36m$replace_default_host_ipv4\033[0m" - echo -e " 0 返回上级菜单" - read -p "请输入对应的序号或需要额外添加的网段 > " text - case "$text" in - 2) - if [ "$replace_default_host_ipv4" == "OFF" ]; then - replace_default_host_ipv4="ON" - else - replace_default_host_ipv4="OFF" - fi - setconfig replace_default_host_ipv4 "$replace_default_host_ipv4" - set_cust_host_ipv4 - ;; - 1) - unset cust_host_ipv4 - setconfig cust_host_ipv4 - set_cust_host_ipv4 - ;; - 0) ;; - *) - if [ -n "$(echo $text | grep -Eo '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}'$)" -a -z "$(echo $cust_host_ipv4 | grep "$text")" ]; then - cust_host_ipv4="$cust_host_ipv4 $text" - setconfig cust_host_ipv4 "'$cust_host_ipv4'" - else - echo "-----------------------------------------------" - echo -e "\033[31m请输入正确的网段地址!\033[0m" - fi - sleep 1 - set_cust_host_ipv4 - ;; - esac -} -fw_filter_lan() { #局域网设备过滤 - get_devinfo() { - dev_ip=$(cat $dhcpdir | grep " $dev " | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip=$dev - dev_mac=$(cat $dhcpdir | grep " $dev " | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$dev - dev_name=$(cat $dhcpdir | grep " $dev " | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备' - } - add_mac() { - echo "-----------------------------------------------" - echo 已添加的mac地址: - cat "$CRASHDIR"/configs/mac 2>/dev/null - echo "-----------------------------------------------" - echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[32m" - cat $dhcpdir | awk '{print " "NR" "$3,$2,$4}' - echo -e "\033[0m-----------------------------------------------" - echo -e "手动输入mac地址时仅支持\033[32mxx:xx:xx:xx:xx:xx\033[0m的形式" - echo -e " 0 或回车 结束添加" - echo "-----------------------------------------------" - read -p "请输入对应序号或直接输入mac地址 > " num - if [ -z "$num" -o "$num" = 0 ]; then - i= - elif [ -n "$(echo $num | grep -aE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$')" ]; then - if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$num")" ]; then - echo $num | grep -oE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$' >>"$CRASHDIR"/configs/mac - else - echo "-----------------------------------------------" - echo -e "\033[31m已添加的设备,请勿重复添加!\033[0m" - fi - add_mac - elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then - macadd=$(cat $dhcpdir | awk '{print $2}' | sed -n "$num"p) - if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$macadd")" ]; then - echo $macadd >>"$CRASHDIR"/configs/mac - else - echo "-----------------------------------------------" - echo -e "\033[31m已添加的设备,请勿重复添加!\033[0m" - fi - add_mac - else - echo "-----------------------------------------------" - echo -e "\033[31m输入有误,请重新输入!\033[0m" - add_mac - fi - } - add_ip() { - echo "-----------------------------------------------" - echo "已添加的IP地址(段):" - cat "$CRASHDIR"/configs/ip_filter 2>/dev/null - echo "-----------------------------------------------" - echo -e "\033[33m序号 设备IP 设备名称\033[32m" - cat $dhcpdir | awk '{print " "NR" "$3,$4}' - echo -e "\033[0m-----------------------------------------------" - echo -e "手动输入时仅支持\033[32m 192.168.1.0/24\033[0m 或 \033[32m192.168.1.0\033[0m 的形式" - echo -e "不支持ipv6地址过滤,如有需求请使用mac地址过滤" - echo -e " 0 或回车 结束添加" - echo "-----------------------------------------------" - read -p "请输入对应序号或直接输入IP地址段 > " num - if [ -z "$num" -o "$num" = 0 ]; then - i= - elif [ -n "$(echo $num | grep -aE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$')" ]; then - if [ -z "$(cat "$CRASHDIR"/configs/ip_filter | grep -E "$num")" ]; then - echo $num | grep -oE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$' >>"$CRASHDIR"/configs/ip_filter - else - echo "-----------------------------------------------" - echo -e "\033[31m已添加的地址,请勿重复添加!\033[0m" - fi - add_ip - elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then - ipadd=$(cat $dhcpdir | awk '{print $3}' | sed -n "$num"p) - if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$ipadd")" ]; then - echo $ipadd >>"$CRASHDIR"/configs/ip_filter - else - echo "-----------------------------------------------" - echo -e "\033[31m已添加的地址,请勿重复添加!\033[0m" - fi - add_ip - else - echo "-----------------------------------------------" - echo -e "\033[31m输入有误,请重新输入!\033[0m" - add_ip - fi - } - del_all() { - echo "-----------------------------------------------" - if [ -z "$(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null)" ]; then - echo -e "\033[31m列表中没有需要移除的设备!\033[0m" - sleep 1 - else - echo -e "请选择需要移除的设备:\033[36m" - echo -e "\033[33m 设备IP 设备mac地址 设备名称\033[0m" - i=1 - for dev in $(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null); do - get_devinfo - echo -e " $i \033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m" - i=$((i + 1)) - done - echo "-----------------------------------------------" - echo -e "\033[0m 0 或回车 结束删除" - read -p "请输入需要移除的设备的对应序号 > " num - mac_filter_rows=$(cat "$CRASHDIR"/configs/mac 2>/dev/null | wc -l) - ip_filter_rows=$(cat "$CRASHDIR"/configs/ip_filter 2>/dev/null | wc -l) - if [ -z "$num" ] || [ "$num" -le 0 ]; then - n= - elif [ $num -le $mac_filter_rows ]; then - sed -i "${num}d" "$CRASHDIR"/configs/mac - echo "-----------------------------------------------" - echo -e "\033[32m对应设备已移除!\033[0m" - del_all - elif [ $num -le $((mac_filter_rows + ip_filter_rows)) ]; then - num=$((num - mac_filter_rows)) - sed -i "${num}d" "$CRASHDIR"/configs/ip_filter - echo "-----------------------------------------------" - echo -e "\033[32m对应设备已移除!\033[0m" - del_all - else - echo "-----------------------------------------------" - echo -e "\033[31m输入有误,请重新输入!\033[0m" - del_all - fi - fi - } - echo "-----------------------------------------------" - [ -z "$dhcpdir" ] && [ -f /var/lib/dhcp/dhcpd.leases ] && dhcpdir='/var/lib/dhcp/dhcpd.leases' - [ -z "$dhcpdir" ] && [ -f /var/lib/dhcpd/dhcpd.leases ] && dhcpdir='/var/lib/dhcpd/dhcpd.leases' - [ -z "$dhcpdir" ] && [ -f /tmp/dhcp.leases ] && dhcpdir='/tmp/dhcp.leases' - [ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases' - [ -z "$dhcpdir" ] && dhcpdir='/dev/null' - [ -z "$macfilter_type" ] && macfilter_type='黑名单' - if [ "$macfilter_type" = "黑名单" ]; then - fw_filter_lan_over='白名单' - fw_filter_lan_scrip='不' - else - fw_filter_lan_over='黑名单' - fw_filter_lan_scrip='' - fi - ###### - echo -e "\033[30;47m请在此添加或移除设备\033[0m" - echo -e "当前过滤方式为:\033[33m$fw_filter_lan_type模式\033[0m" - echo -e "仅列表内设备流量\033[36m$fw_filter_lan_scrip经过\033[0m内核" - if [ -n "$(cat "$CRASHDIR"/configs/mac)" ]; then - echo "-----------------------------------------------" - echo -e "当前已过滤设备为:\033[36m" - echo -e "\033[33m 设备mac/ip地址 设备名称\033[0m" - for dev in $(cat "$CRASHDIR"/configs/mac 2>/dev/null); do - get_devinfo - echo -e "\033[36m$dev_mac \033[0m$dev_name" - done - for dev in $(cat "$CRASHDIR"/configs/ip_filter 2>/dev/null); do - get_devinfo - echo -e "\033[32m$dev_ip \033[0m$dev_name" - done - echo "-----------------------------------------------" - fi - echo -e " 1 切换为\033[33m$fw_filter_lan_over模式\033[0m" - echo -e " 2 \033[32m添加指定设备(mac地址)\033[0m" - echo -e " 3 \033[32m添加指定设备(IP地址/网段)\033[0m" - echo -e " 4 \033[36m移除指定设备\033[0m" - echo -e " 9 \033[31m清空整个列表\033[0m" - echo -e " 0 返回上级菜单" - read -p "请输入对应数字 > " num - case "$num" in - 0) ;; - 1) - macfilter_type=$fw_filter_lan_over - setconfig macfilter_type $macfilter_type - echo "-----------------------------------------------" - echo -e "\033[32m已切换为$fw_filter_lan_type模式!\033[0m" - fw_filter_lan - ;; - 2) - add_mac - fw_filter_lan - ;; - 3) - add_ip - fw_filter_lan - ;; - 4) - del_all - fw_filter_lan - ;; - 9) - : >"$CRASHDIR"/configs/mac - : >"$CRASHDIR"/configs/ip_filter - echo "-----------------------------------------------" - echo -e "\033[31m设备列表已清空!\033[0m" - fw_filter_lan - ;; - *) - errornum - ;; - esac -} set_adv_config() { #端口设置 . "$CFG_PATH" >/dev/null [ -z "$secret" ] && secret=未设置 diff --git a/scripts/menus/8_tools.sh b/scripts/menus/8_tools.sh index 25704d0f..4de89734 100644 --- a/scripts/menus/8_tools.sh +++ b/scripts/menus/8_tools.sh @@ -111,7 +111,7 @@ tools() { break ;; 2) - userguide + . "$CRASHDIR"/menus/userguide.sh && userguide break ;; 3) @@ -685,124 +685,3 @@ debug(){ esac } -#新手引导 -userguide(){ - . "$CRASHDIR"/libs/check_dir_avail.sh - forwhat(){ - echo "-----------------------------------------------" - echo -e "\033[30;46m 欢迎使用ShellCrash新手引导! \033[0m" - echo "-----------------------------------------------" - echo -e "\033[33m请先选择你的使用环境: \033[0m" - echo -e "\033[0m(你之后依然可以在设置中更改各种配置)\033[0m" - echo "-----------------------------------------------" - echo -e " 1 \033[32m路由设备配置局域网透明代理\033[0m" - echo -e " 2 \033[36mLinux设备仅配置本机代理\033[0m" - [ -f "$CFG_PATH.bak" ] && echo -e " 3 \033[33m还原之前备份的设置\033[0m" - echo "-----------------------------------------------" - read -p "请输入对应数字 > " num - case "$num" in - 1) - #设置运行模式 - redir_mod="混合模式" - [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && { - if grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then - redir_mod="Tproxy模式" - else - redir_mod="Redir模式" - fi - } - [ -z "$crashcore" ] && crashcore=meta - setconfig crashcore "$crashcore" - setconfig redir_mod "$redir_mod" - setconfig dns_mod mix - setconfig firewall_area '1' - #默认启用绕过CN-IP - setconfig cn_ip_route ON - #自动识别IPV6 - [ -n "$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g')" ] && { - setconfig ipv6_redir ON - setconfig ipv6_support ON - setconfig ipv6_dns ON - setconfig cn_ipv6_route ON - } - #设置开机启动 - [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable - ckcmd systemctl && [ "$(cat /proc/1/comm)" = "systemd" ] && systemctl enable shellcrash.service > /dev/null 2>&1 - rm -rf "$CRASHDIR"/.dis_startup - autostart=enable - #检测IP转发 - if [ "$(cat /proc/sys/net/ipv4/ip_forward)" = "0" ];then - echo "-----------------------------------------------" - echo -e "\033[33m检测到你的设备尚未开启ip转发,局域网设备将无法正常连接网络,是否立即开启?\033[0m" - read -p "是否开启?(1/0) > " res - [ "$res" = 1 ] && { - echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf - sysctl -w net.ipv4.ip_forward=1 - } && echo "已成功开启ipv4转发,如未正常开启,请手动重启设备!" || echo "开启失败!请自行谷歌查找当前设备的开启方法!" - fi - #禁止docker启用的net.bridge.bridge-nf-call-iptables - sysctl -w net.bridge.bridge-nf-call-iptables=0 > /dev/null 2>&1 - sysctl -w net.bridge.bridge-nf-call-ip6tables=0 > /dev/null 2>&1 - ;; - 2) - setconfig redir_mod "Redir模式" - [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && setconfig crashcore "clash" - setconfig common_ports "OFF" - setconfig firewall_area '2' - ;; - 3) - mv -f $CFG_PATH.bak $CFG_PATH - echo -e "\033[32m脚本设置已还原!\033[0m" - echo -e "\033[33m请重新启动脚本!\033[0m" - exit 0 - ;; - *) - errornum - forwhat - ;; - esac - } - forwhat - #检测小内存模式 - dir_size=$(dir_avail "$CRASHDIR") - if [ "$dir_size" -lt 10240 ];then - echo "-----------------------------------------------" - echo -e "\033[33m检测到你的安装目录空间不足10M,是否开启小闪存模式?\033[0m" - echo -e "\033[0m开启后核心及数据库文件将被下载到内存中,这将占用一部分内存空间\033[0m" - echo -e "\033[0m每次开机后首次运行服务时都会自动的重新下载相关文件\033[0m" - echo "-----------------------------------------------" - read -p "是否开启?(1/0) > " res - [ "$res" = 1 ] && { - BINDIR=/tmp/ShellCrash - setconfig BINDIR /tmp/ShellCrash "$CRASHDIR"/configs/command.env - } - fi - #启用推荐的自动任务配置 - . "$CRASHDIR"/menus/5_task.sh && task_recom - #小米设备软固化 - if [ "$systype" = "mi_snapshot" ];then - echo "-----------------------------------------------" - echo -e "\033[33m检测到为小米路由设备,启用软固化可防止路由升级后丢失SSH\033[0m" - read -p "是否启用软固化功能?(1/0) > " res - [ "$res" = 1 ] && mi_autoSSH - fi - #提示导入订阅或者配置文件 - [ ! -s "$CRASHDIR"/yamls/config.yaml -a ! -s "$CRASHDIR"/jsons/config.json ] && { - echo "-----------------------------------------------" - echo -e "\033[32m是否导入配置文件?\033[0m(这是运行前的最后一步)" - echo -e "\033[0m你必须拥有一份配置文件才能运行服务!\033[0m" - echo "-----------------------------------------------" - read -p "现在开始导入?(1/0) > " res - [ "$res" = 1 ] && inuserguide=1 && { - . "$CRASHDIR"/menus/6_core_config.sh && set_core_config - inuserguide="" - } - } - #回到主界面 - echo "-----------------------------------------------" - echo -e "\033[36m很好!现在只需要执行启动就可以愉快的使用了!\033[0m" - echo "-----------------------------------------------" - read -p "立即启动服务?(1/0) > " res - [ "$res" = 1 ] && start_core && sleep 2 - main_menu -} diff --git a/scripts/menus/fw_filter.sh b/scripts/menus/fw_filter.sh new file mode 100644 index 00000000..89e6324b --- /dev/null +++ b/scripts/menus/fw_filter.sh @@ -0,0 +1,412 @@ +#!/bin/sh +# Copyright (C) Juewuy + +[ -n "$__IS_MODULE_FW_FILTER_LOADED" ] && return +__IS_MODULE_FW_FILTER_LOADED=1 + +set_fw_filter(){ #流量过滤 + [ -z "$common_ports" ] && common_ports=ON + [ -z "$quic_rj" ] && quic_rj=OFF + [ -z "$cn_ip_route" ] && cn_ip_route=OFF + touch "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter + [ -z "$(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null)" ] && mac_return=OFF || mac_return=ON + echo "-----------------------------------------------" + echo -e " 1 过滤非常用端口: \033[36m$common_ports\033[0m ————用于过滤P2P流量" + echo -e " 2 过滤局域网设备: \033[36m$mac_return\033[0m ————使用黑/白名单进行过滤" + echo -e " 3 过滤QUIC协议: \033[36m$quic_rj\033[0m ————优化视频性能" + echo -e " 4 过滤CN_IP(6)列表: \033[36m$cn_ip_route\033[0m ————优化性能,不兼容Fake-ip" + echo -e " 5 自定义透明路由ipv4网段: 适合vlan等复杂网络环境" + echo -e " 6 自定义保留地址ipv4网段: 需要以保留地址为访问目标的环境" + echo "-----------------------------------------------" + echo -e " 0 返回上级菜单 \033[0m" + echo "-----------------------------------------------" + read -p "请输入对应数字 > " num + case "$num" in + 0) + ;; + 1) + echo "-----------------------------------------------" + if [ -n "$(pidof CrashCore)" ] && [ "$firewall_mod" = 'iptables' ]; then + read -p "切换时将停止服务,是否继续?(1/0) > " res + [ "$res" = 1 ] && "$CRASHDIR"/start.sh stop && set_common_ports + else + set_common_ports + fi + set_fw_filter + ;; + 2) + checkcfg_mac=$(cat "$CRASHDIR"/configs/mac) + fw_filter_lan + if [ -n "$PID" ]; then + checkcfg_mac_new=$(cat "$CRASHDIR"/configs/mac) + [ "$checkcfg_mac" != "$checkcfg_mac_new" ] && checkrestart + fi + set_fw_filter + ;; + 3) + echo "-----------------------------------------------" + if [ -n "$(echo "$redir_mod" | grep -oE '混合|Tproxy|Tun')" ]; then + if [ "$quic_rj" = "OFF" ]; then + echo -e "\033[33m已禁止QUIC流量通过ShellCrash内核!!\033[0m" + quic_rj=ON + else + echo -e "\033[33m已取消禁止QUIC协议流量!!\033[0m" + quic_rj=OFF + fi + setconfig quic_rj $quic_rj + else + echo -e "\033[33m当前模式默认不会代理UDP流量,无需设置!!\033[0m" + fi + sleep 1 + set_fw_filter + ;; + 4) + if [ -n "$(ipset -v 2>/dev/null)" ] || [ "$firewall_mod" = 'nftables' ]; then + if [ "$cn_ip_route" = "OFF" ]; then + echo -e "\033[32m已开启CN_IP绕过内核功能!!\033[0m" + echo -e "\033[31m注意!!!此功能会导致全局模式及一切CN相关规则失效!!!\033[0m" + cn_ip_route=ON + sleep 2 + else + echo -e "\033[33m已禁用CN_IP绕过内核功能!!\033[0m" + cn_ip_route=OFF + fi + setconfig cn_ip_route $cn_ip_route + else + echo -e "\033[31m当前设备缺少ipset模块或未使用nftables模式,无法启用绕过功能!!\033[0m" + sleep 1 + fi + set_fw_filter + ;; + 5) + set_cust_host_ipv4 + set_fw_filter + ;; + 6) + [ -z "$reserve_ipv4" ] && reserve_ipv4="0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 100.64.0.0/10 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4" + echo -e "当前网段:\033[36m$reserve_ipv4\033[0m" + echo -e "\033[33m地址必须是空格分隔,错误的设置可能导致网络回环或启动报错,请务必谨慎!\033[0m" + read -p "请输入 > " text + if [ -n "$( + echo $text | grep -E "(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])/(3[0-2]|[1-2]?[0-9]))( +|$)+" + )" ]; then + reserve_ipv4="$text" + echo -e "已将保留地址网段设为:\033[32m$reserve_ipv4\033[0m" + setconfig reserve_ipv4 "'$reserve_ipv4'" + else + echo -e "\033[31m输入有误,操作已取消!\033[0m" + fi + sleep 1 + set_fw_filter + ;; + *) + errornum + ;; + esac +} +set_common_ports() { + [ -z "$multiport" ] && multiport='22,80,443,8080,8443' + echo "-----------------------------------------------" + echo -e "\033[31m注意:\033[0mMIX模式下,所有fake-ip来源的非常用端口流量不会被过滤" + [ -n "$common_ports" ] && + echo -e "当前放行端口:\033[36m$multiport\033[0m" + echo "-----------------------------------------------" + echo -e " 1 启用/关闭端口过滤: \033[36m$common_ports\033[0m" + echo -e " 2 添加放行端口" + echo -e " 3 移除指定放行端口" + echo -e " 4 重置默认放行端口" + echo -e " 5 重置为旧版放行端口" + echo -e " 0 返回上级菜单" + echo "-----------------------------------------------" + read -p "请输入对应数字 > " num + case $num in + 1) + if [ "$common_ports" = ON ];then + common_ports=OFF + else + common_ports=ON + fi + setconfig common_ports "$common_ports" + set_common_ports + ;; + 2) + port_count=$(echo "$multiport" | awk -F',' '{print NF}' ) + if [ "$port_count" -ge 15 ];then + echo -e "\033[31m最多支持设置放行15个端口,请先减少一些!\033[0m" + else + read -p "请输入要放行的端口号 > " port + if echo ",$multiport," | grep -q ",$port,";then + echo -e "\033[31m输入错误!请勿重复添加!\033[0m" + elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then + echo -e "\033[31m输入错误!请输入正确的数值(1-65535)!\033[0m" + else + multiport=$(echo "$multiport,$port" | sed "s/^,//") + setconfig multiport "$multiport" + fi + fi + sleep 1 + set_common_ports + ;; + 3) + read -p "请输入要移除的端口号 > " port + if echo ",$multiport," | grep -q ",$port,";then + if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then + echo -e "\033[31m输入错误!请输入正确的数值(1-65535)!\033[0m" + else + multiport=$(echo ",$multiport," | sed "s/,$port//; s/^,//; s/,$//") + setconfig multiport "$multiport" + fi + else + echo -e "\033[31m输入错误!请输入已添加过的端口!\033[0m" + fi + sleep 1 + set_common_ports + ;; + 4) + multiport='' + setconfig multiport + sleep 1 + set_common_ports + ;; + 5) + multiport='22,80,143,194,443,465,587,853,993,995,5222,8080,8443' + setconfig multiport "$multiport" + sleep 1 + set_common_ports + ;; + *) + errornum + ;; + esac +} +set_cust_host_ipv4() { #自定义ipv4透明路由网段 + [ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="OFF" + echo "-----------------------------------------------" + echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo) \033[0m" + echo -e "当前已添加的自定义网段为:\033[36m$cust_host_ipv4\033[0m" + echo "-----------------------------------------------" + echo -e " 1 移除所有自定义网段" + echo -e " 2 使用自定义网段覆盖默认网段 \033[36m$replace_default_host_ipv4\033[0m" + echo -e " 0 返回上级菜单" + read -p "请输入对应的序号或需要额外添加的网段 > " text + case "$text" in + 2) + if [ "$replace_default_host_ipv4" == "OFF" ]; then + replace_default_host_ipv4="ON" + else + replace_default_host_ipv4="OFF" + fi + setconfig replace_default_host_ipv4 "$replace_default_host_ipv4" + set_cust_host_ipv4 + ;; + 1) + unset cust_host_ipv4 + setconfig cust_host_ipv4 + set_cust_host_ipv4 + ;; + 0) ;; + *) + if [ -n "$(echo $text | grep -Eo '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}'$)" -a -z "$(echo $cust_host_ipv4 | grep "$text")" ]; then + cust_host_ipv4="$cust_host_ipv4 $text" + setconfig cust_host_ipv4 "'$cust_host_ipv4'" + else + echo "-----------------------------------------------" + echo -e "\033[31m请输入正确的网段地址!\033[0m" + fi + sleep 1 + set_cust_host_ipv4 + ;; + esac +} +fw_filter_lan() { #局域网设备过滤 + get_devinfo() { + dev_ip=$(cat $dhcpdir | grep " $dev " | awk '{print $3}') && [ -z "$dev_ip" ] && dev_ip=$dev + dev_mac=$(cat $dhcpdir | grep " $dev " | awk '{print $2}') && [ -z "$dev_mac" ] && dev_mac=$dev + dev_name=$(cat $dhcpdir | grep " $dev " | awk '{print $4}') && [ -z "$dev_name" ] && dev_name='未知设备' + } + add_mac() { + echo "-----------------------------------------------" + echo 已添加的mac地址: + cat "$CRASHDIR"/configs/mac 2>/dev/null + echo "-----------------------------------------------" + echo -e "\033[33m序号 设备IP 设备mac地址 设备名称\033[32m" + cat $dhcpdir | awk '{print " "NR" "$3,$2,$4}' + echo -e "\033[0m-----------------------------------------------" + echo -e "手动输入mac地址时仅支持\033[32mxx:xx:xx:xx:xx:xx\033[0m的形式" + echo -e " 0 或回车 结束添加" + echo "-----------------------------------------------" + read -p "请输入对应序号或直接输入mac地址 > " num + if [ -z "$num" -o "$num" = 0 ]; then + i= + elif [ -n "$(echo $num | grep -aE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$')" ]; then + if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$num")" ]; then + echo $num | grep -oE '^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$' >>"$CRASHDIR"/configs/mac + else + echo "-----------------------------------------------" + echo -e "\033[31m已添加的设备,请勿重复添加!\033[0m" + fi + add_mac + elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then + macadd=$(cat $dhcpdir | awk '{print $2}' | sed -n "$num"p) + if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$macadd")" ]; then + echo $macadd >>"$CRASHDIR"/configs/mac + else + echo "-----------------------------------------------" + echo -e "\033[31m已添加的设备,请勿重复添加!\033[0m" + fi + add_mac + else + echo "-----------------------------------------------" + echo -e "\033[31m输入有误,请重新输入!\033[0m" + add_mac + fi + } + add_ip() { + echo "-----------------------------------------------" + echo "已添加的IP地址(段):" + cat "$CRASHDIR"/configs/ip_filter 2>/dev/null + echo "-----------------------------------------------" + echo -e "\033[33m序号 设备IP 设备名称\033[32m" + cat $dhcpdir | awk '{print " "NR" "$3,$4}' + echo -e "\033[0m-----------------------------------------------" + echo -e "手动输入时仅支持\033[32m 192.168.1.0/24\033[0m 或 \033[32m192.168.1.0\033[0m 的形式" + echo -e "不支持ipv6地址过滤,如有需求请使用mac地址过滤" + echo -e " 0 或回车 结束添加" + echo "-----------------------------------------------" + read -p "请输入对应序号或直接输入IP地址段 > " num + if [ -z "$num" -o "$num" = 0 ]; then + i= + elif [ -n "$(echo $num | grep -aE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$')" ]; then + if [ -z "$(cat "$CRASHDIR"/configs/ip_filter | grep -E "$num")" ]; then + echo $num | grep -oE '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|[12]?[0-9]))?$' >>"$CRASHDIR"/configs/ip_filter + else + echo "-----------------------------------------------" + echo -e "\033[31m已添加的地址,请勿重复添加!\033[0m" + fi + add_ip + elif [ $num -le $(cat $dhcpdir 2>/dev/null | awk 'END{print NR}') ]; then + ipadd=$(cat $dhcpdir | awk '{print $3}' | sed -n "$num"p) + if [ -z "$(cat "$CRASHDIR"/configs/mac | grep -E "$ipadd")" ]; then + echo $ipadd >>"$CRASHDIR"/configs/ip_filter + else + echo "-----------------------------------------------" + echo -e "\033[31m已添加的地址,请勿重复添加!\033[0m" + fi + add_ip + else + echo "-----------------------------------------------" + echo -e "\033[31m输入有误,请重新输入!\033[0m" + add_ip + fi + } + del_all() { + echo "-----------------------------------------------" + if [ -z "$(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null)" ]; then + echo -e "\033[31m列表中没有需要移除的设备!\033[0m" + sleep 1 + else + echo -e "请选择需要移除的设备:\033[36m" + echo -e "\033[33m 设备IP 设备mac地址 设备名称\033[0m" + i=1 + for dev in $(cat "$CRASHDIR"/configs/mac "$CRASHDIR"/configs/ip_filter 2>/dev/null); do + get_devinfo + echo -e " $i \033[32m$dev_ip \033[36m$dev_mac \033[32m$dev_name\033[0m" + i=$((i + 1)) + done + echo "-----------------------------------------------" + echo -e "\033[0m 0 或回车 结束删除" + read -p "请输入需要移除的设备的对应序号 > " num + mac_filter_rows=$(cat "$CRASHDIR"/configs/mac 2>/dev/null | wc -l) + ip_filter_rows=$(cat "$CRASHDIR"/configs/ip_filter 2>/dev/null | wc -l) + if [ -z "$num" ] || [ "$num" -le 0 ]; then + n= + elif [ $num -le $mac_filter_rows ]; then + sed -i "${num}d" "$CRASHDIR"/configs/mac + echo "-----------------------------------------------" + echo -e "\033[32m对应设备已移除!\033[0m" + del_all + elif [ $num -le $((mac_filter_rows + ip_filter_rows)) ]; then + num=$((num - mac_filter_rows)) + sed -i "${num}d" "$CRASHDIR"/configs/ip_filter + echo "-----------------------------------------------" + echo -e "\033[32m对应设备已移除!\033[0m" + del_all + else + echo "-----------------------------------------------" + echo -e "\033[31m输入有误,请重新输入!\033[0m" + del_all + fi + fi + } + echo "-----------------------------------------------" + [ -z "$dhcpdir" ] && [ -f /var/lib/dhcp/dhcpd.leases ] && dhcpdir='/var/lib/dhcp/dhcpd.leases' + [ -z "$dhcpdir" ] && [ -f /var/lib/dhcpd/dhcpd.leases ] && dhcpdir='/var/lib/dhcpd/dhcpd.leases' + [ -z "$dhcpdir" ] && [ -f /tmp/dhcp.leases ] && dhcpdir='/tmp/dhcp.leases' + [ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases' + [ -z "$dhcpdir" ] && dhcpdir='/dev/null' + [ -z "$macfilter_type" ] && macfilter_type='黑名单' + if [ "$macfilter_type" = "黑名单" ]; then + fw_filter_lan_over='白名单' + fw_filter_lan_scrip='不' + else + fw_filter_lan_over='黑名单' + fw_filter_lan_scrip='' + fi + ###### + echo -e "\033[30;47m请在此添加或移除设备\033[0m" + echo -e "当前过滤方式为:\033[33m$fw_filter_lan_type模式\033[0m" + echo -e "仅列表内设备流量\033[36m$fw_filter_lan_scrip经过\033[0m内核" + if [ -n "$(cat "$CRASHDIR"/configs/mac)" ]; then + echo "-----------------------------------------------" + echo -e "当前已过滤设备为:\033[36m" + echo -e "\033[33m 设备mac/ip地址 设备名称\033[0m" + for dev in $(cat "$CRASHDIR"/configs/mac 2>/dev/null); do + get_devinfo + echo -e "\033[36m$dev_mac \033[0m$dev_name" + done + for dev in $(cat "$CRASHDIR"/configs/ip_filter 2>/dev/null); do + get_devinfo + echo -e "\033[32m$dev_ip \033[0m$dev_name" + done + echo "-----------------------------------------------" + fi + echo -e " 1 切换为\033[33m$fw_filter_lan_over模式\033[0m" + echo -e " 2 \033[32m添加指定设备(mac地址)\033[0m" + echo -e " 3 \033[32m添加指定设备(IP地址/网段)\033[0m" + echo -e " 4 \033[36m移除指定设备\033[0m" + echo -e " 9 \033[31m清空整个列表\033[0m" + echo -e " 0 返回上级菜单" + read -p "请输入对应数字 > " num + case "$num" in + 0) ;; + 1) + macfilter_type=$fw_filter_lan_over + setconfig macfilter_type $macfilter_type + echo "-----------------------------------------------" + echo -e "\033[32m已切换为$fw_filter_lan_type模式!\033[0m" + fw_filter_lan + ;; + 2) + add_mac + fw_filter_lan + ;; + 3) + add_ip + fw_filter_lan + ;; + 4) + del_all + fw_filter_lan + ;; + 9) + : >"$CRASHDIR"/configs/mac + : >"$CRASHDIR"/configs/ip_filter + echo "-----------------------------------------------" + echo -e "\033[31m设备列表已清空!\033[0m" + fw_filter_lan + ;; + *) + errornum + ;; + esac +} diff --git a/scripts/menus/userguide.sh b/scripts/menus/userguide.sh new file mode 100644 index 00000000..65be54e5 --- /dev/null +++ b/scripts/menus/userguide.sh @@ -0,0 +1,127 @@ +#!/bin/sh +# Copyright (C) Juewuy + +[ -n "$__IS_MODULE_USERGUIDE_LOADED" ] && return +__IS_MODULE_USERGUIDE_LOADED=1 + +#新手引导 +userguide(){ + . "$CRASHDIR"/libs/check_dir_avail.sh + forwhat(){ + echo "-----------------------------------------------" + echo -e "\033[30;46m 欢迎使用ShellCrash新手引导! \033[0m" + echo "-----------------------------------------------" + echo -e "\033[33m请先选择你的使用环境: \033[0m" + echo -e "\033[0m(你之后依然可以在设置中更改各种配置)\033[0m" + echo "-----------------------------------------------" + echo -e " 1 \033[32m路由设备配置局域网透明代理\033[0m" + echo -e " 2 \033[36mLinux设备仅配置本机代理\033[0m" + [ -f "$CFG_PATH.bak" ] && echo -e " 3 \033[33m还原之前备份的设置\033[0m" + echo "-----------------------------------------------" + read -p "请输入对应数字 > " num + case "$num" in + 1) + #设置运行模式 + redir_mod="混合模式" + [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && { + if grep -qE '^TPROXY$' /proc/net/ip_tables_targets || modprobe xt_TPROXY >/dev/null 2>&1; then + redir_mod="Tproxy模式" + else + redir_mod="Redir模式" + fi + } + [ -z "$crashcore" ] && crashcore=meta + setconfig crashcore "$crashcore" + setconfig redir_mod "$redir_mod" + setconfig dns_mod mix + setconfig firewall_area '1' + #默认启用绕过CN-IP + setconfig cn_ip_route ON + #自动识别IPV6 + [ -n "$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g')" ] && { + setconfig ipv6_redir ON + setconfig ipv6_support ON + setconfig ipv6_dns ON + setconfig cn_ipv6_route ON + } + #设置开机启动 + [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ] && /etc/init.d/shellcrash enable + ckcmd systemctl && [ "$(cat /proc/1/comm)" = "systemd" ] && systemctl enable shellcrash.service > /dev/null 2>&1 + rm -rf "$CRASHDIR"/.dis_startup + autostart=enable + #检测IP转发 + if [ "$(cat /proc/sys/net/ipv4/ip_forward)" = "0" ];then + echo "-----------------------------------------------" + echo -e "\033[33m检测到你的设备尚未开启ip转发,局域网设备将无法正常连接网络,是否立即开启?\033[0m" + read -p "是否开启?(1/0) > " res + [ "$res" = 1 ] && { + echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf + sysctl -w net.ipv4.ip_forward=1 + } && echo "已成功开启ipv4转发,如未正常开启,请手动重启设备!" || echo "开启失败!请自行谷歌查找当前设备的开启方法!" + fi + #禁止docker启用的net.bridge.bridge-nf-call-iptables + sysctl -w net.bridge.bridge-nf-call-iptables=0 > /dev/null 2>&1 + sysctl -w net.bridge.bridge-nf-call-ip6tables=0 > /dev/null 2>&1 + ;; + 2) + setconfig redir_mod "Redir模式" + [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ] && setconfig crashcore "clash" + setconfig common_ports "OFF" + setconfig firewall_area '2' + ;; + 3) + mv -f $CFG_PATH.bak $CFG_PATH + echo -e "\033[32m脚本设置已还原!\033[0m" + echo -e "\033[33m请重新启动脚本!\033[0m" + exit 0 + ;; + *) + errornum + forwhat + ;; + esac + } + forwhat + #检测小内存模式 + dir_size=$(dir_avail "$CRASHDIR") + if [ "$dir_size" -lt 10240 ];then + echo "-----------------------------------------------" + echo -e "\033[33m检测到你的安装目录空间不足10M,是否开启小闪存模式?\033[0m" + echo -e "\033[0m开启后核心及数据库文件将被下载到内存中,这将占用一部分内存空间\033[0m" + echo -e "\033[0m每次开机后首次运行服务时都会自动的重新下载相关文件\033[0m" + echo "-----------------------------------------------" + read -p "是否开启?(1/0) > " res + [ "$res" = 1 ] && { + BINDIR=/tmp/ShellCrash + setconfig BINDIR /tmp/ShellCrash "$CRASHDIR"/configs/command.env + } + fi + #启用推荐的自动任务配置 + . "$CRASHDIR"/menus/5_task.sh && task_recom + #小米设备软固化 + if [ "$systype" = "mi_snapshot" ];then + echo "-----------------------------------------------" + echo -e "\033[33m检测到为小米路由设备,启用软固化可防止路由升级后丢失SSH\033[0m" + read -p "是否启用软固化功能?(1/0) > " res + [ "$res" = 1 ] && mi_autoSSH + fi + #提示导入订阅或者配置文件 + [ ! -s "$CRASHDIR"/yamls/config.yaml -a ! -s "$CRASHDIR"/jsons/config.json ] && { + echo "-----------------------------------------------" + echo -e "\033[32m是否导入配置文件?\033[0m(这是运行前的最后一步)" + echo -e "\033[0m你必须拥有一份配置文件才能运行服务!\033[0m" + echo "-----------------------------------------------" + read -p "现在开始导入?(1/0) > " res + [ "$res" = 1 ] && inuserguide=1 && { + . "$CRASHDIR"/menus/6_core_config.sh && set_core_config + inuserguide="" + } + } + #回到主界面 + echo "-----------------------------------------------" + echo -e "\033[36m很好!现在只需要执行启动就可以愉快的使用了!\033[0m" + echo "-----------------------------------------------" + read -p "立即启动服务?(1/0) > " res + [ "$res" = 1 ] && start_core && sleep 2 + main_menu +}