xm/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2026-03-11 16:01:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

~继续拆分脚本

Browse Source
This commit is contained in:
juewuy
2025-12-24 11:09:28 +08:00
parent 1a4330cb86
commit e62f485df4
16 changed files with 315 additions and 320 deletions
Download Patch File Download Diff File Expand all files Collapse all files

502
scripts/menus/7_gateway.sh Normal file
View File

@@ -0,0 +1,502 @@
#!/bin/sh
# Copyright (C) Juewuy
. "$GT_CFG_PATH"
. "$CRASHDIR"/menus/check_port.sh
gateway(){ #访问与控制主菜单
echo -----------------------------------------------
echo -e "\033[30;47m欢迎使用访问与控制菜单\033[0m"
echo -----------------------------------------------
echo -e " 1 配置\033[33m公网访问防火墙\033[0m"
echo -e " 2 配置\033[36mTelegram专属控制机器人\033[0m \033[32m$bot_tg_service\033[0m"
echo -e " 3 配置\033[36mDDNS自动域名\033[0m"
[ "$disoverride" != "1" ] && {
echo -e " 4 自定义\033[33m公网Vmess入站\033[0m节点 \033[32m$vms_service\033[0m"
echo -e " 5 自定义\033[33m公网ShadowSocks入站\033[0m节点 \033[32m$sss_service\033[0m"
echo -e " 6 配置\033[36mTailscale内网穿透\033[0m(限Singbox) \033[32m$ts_service\033[0m"
echo -e " 7 配置\033[36mWireguard客户端\033[0m(限Singbox) \033[32m$wg_service\033[0m"
}
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
set_fw_wan
gateway
;;
2)
set_bot_tg
gateway
;;
3)
. "$CRASHDIR"/menus/ddns.sh && ddns_menu
gateway
;;
4)
set_vmess
gateway
;;
5)
set_shadowsocks
gateway
;;
6)
if echo "$crashcore" | grep -q 'sing';then
set_tailscale
else
echo -e "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
sleep 1
fi
gateway
;;
7)
if echo "$crashcore" | grep -q 'sing';then
set_wireguard
else
echo -e "\033[33m$crashcore内核暂不支持此功能,请先更换内核!\033[0m"
sleep 1
fi
gateway
;;
*) errornum ;;
esac
}
set_fw_wan() { #公网防火墙设置
[ -z "$fw_wan" ] && fw_wan=ON
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m如在vps运行还需在vps安全策略对相关端口同时放行"
[ -n "$fw_wan_ports" ] &&
echo -e "当前放行端口:\033[36m$fw_wan_ports\033[0m"
echo -e "默认拦截端口:\033[33m$dns_port,$mix_port,$db_port\033[0m"
echo -----------------------------------------------
echo -e " 1 启用/关闭公网防火墙: \033[36m$fw_wan\033[0m"
echo -e " 2 添加放行端口(可包含默认拦截端口)"
echo -e " 3 移除指定放行端口"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case $num in
1)
[ "$fw_wan" = ON ] && fw_wan=OFF || fw_wan=ON
setconfig ts_service "$ts_service"
set_fw_wan
;;
2)
port_count=$(echo "$fw_wan_ports" | awk -F',' '{print NF}' )
if [ "$port_count" -ge 10 ];then
echo -e "\033[31m最多支持设置放行10个端口请先减少一些\033[0m"
else
read -p "请输入要放行的端口号 > " port
if echo ",$fw_wan_ports," | grep -q ",$port,";then
echo -e "\033[31m输入错误请勿重复添加\033[0m"
elif [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
else
fw_wan_ports=$(echo "$fw_wan_ports,$port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
fi
fi
sleep 1
set_fw_wan
;;
3)
read -p "请输入要移除的端口号 > " port
if echo ",$fw_wan_ports," | grep -q ",$port,";then
if [ "$port" -lt 1 ] || [ "$port" -gt 65535 ]; then
echo -e "\033[31m输入错误请输入正确的数值(1-65535)\033[0m"
else
fw_wan_ports=$(echo ",$fw_wan_ports," | sed "s/,$port//; s/^,//; s/,$//")
setconfig fw_wan_ports "$fw_wan_ports"
fi
else
echo -e "\033[31m输入错误请输入已添加过的端口\033[0m"
fi
sleep 1
set_fw_wan
;;
*)
errornum
;;
esac
}
set_bot_tg_init(){
echo -----------------------------------------------
echo -e "请先通过 \033[32;4mhttps://t.me/BotFather\033[0m 申请TG机器人并获取其\033[36mAPI TOKEN\033[0m"
echo -----------------------------------------------
read -p "请输入你获取到的API TOKEN > " TOKEN
echo -----------------------------------------------
echo -e "请向\033[32m你申请的机器人\033[31m而不是BotFather\033[0m发送任意几条消息"
echo -----------------------------------------------
read -p "我已经发送完成(1/0) > " res
if [ "$res" = 1 ]; then
. "$CRASHDIR"/libs/web_json.sh #加载web工具
bot_api=https://api.telegram.org/bot$TOKEN
chat=$(web_json_get "$bot_api/getUpdates" | tail -n -1)
[ -n "$chat" ] && chat_ID=$(echo $chat | grep -oE '"id":.*,"is_bot":false' | sed s'/"id"://'g | sed s'/,"is_bot":false//'g)
[ -z "$chat_ID" ] && {
echo -e "\033[31m无法获取对话ID请确认使用的不是已经被绑定的机器人或手动输入ChatID\033[0m"
echo -e "通常访问 $url_tg 即可看到ChatID也可以尝试其他方法\033[0m"
read -p "请手动输入ChatID > " chat_ID
}
if [ -n "$chat_ID" ]; then
setconfig TG_TOKEN $TOKEN "$CFG"
setconfig TG_CHATID $chat_ID "$CFG"
#设置机器人快捷命令
JSON=$(cat <<EOF
{
"commands": [
{"command": "crash", "description": "呼出ShellCrash菜单"},
{"command": "help", "description": "查看帮助"}
]
}
EOF
)
TEXT='已完成Telegram机器人设置'
web_json_post "$bot_api/setMyCommands" "$JSON"
web_json_post "$bot_api/sendMessage" '{"chat_id":"'"$chat_ID"'","text":"'"$TEXT"'","parse_mode":"Markdown"}'
echo -e "\033[32m$TEXT\033[0m"
return 0
else
echo -e "\033[31m无法获取对话ID请重新配置\033[0m"
return 1
fi
fi
}
set_bot_tg_service(){
PID=$(pidof /bin/sh "$CRASHDIR"/menus/bot_tg.sh)
if [ "$bot_tg_service" = ON ];then
bot_tg_service=OFF
[ -n "$PID" ] && kill -9 $PID >/dev/null 2>&1
else
bot_tg_service=ON
[ -z "$PID" ] && "$CRASHDIR"/menus/bot_tg.sh &
fi
setconfig bot_tg_service "$bot_tg_service"
}
set_bot_tg(){
[ -n "$ts_auth_key" ] && ts_auth_key_info='已设置'
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m由于网络环境原因此机器人仅限服务启动时运行"
echo -e "此机器人与推送机器人互不影响,请尽量不要设置成同一机器人"
echo -----------------------------------------------
echo -e " 1 启用/关闭TG-BOT服务 \033[32m$bot_tg_service\033[0m"
echo -e " 2 TG-BOT绑定设置"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
. "$CFG"
if [ -n "$TG_CHATID" ];then
set_bot_tg_service
else
set_bot_tg_init && set_bot_tg_service
fi
sleep 1
set_bot_tg
;;
2)
set_bot_tg_init && set_bot_tg_service
set_bot_tg
;;
*)
errornum
;;
esac
}
set_vmess(){
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m设置的端口会添加到公网访问防火墙并自动放行\n 脚本只提供基础功能,更多需求请用自定义配置文件功能!"
echo -----------------------------------------------
echo -e " 1 \033[32m启用/关闭\033[0mVmess入站 \033[32m$vms_service\033[0m"
echo -----------------------------------------------
echo -e " 2 设置\033[36m监听端口\033[0m \033[36m$vms_port\033[0m"
echo -e " 3 设置\033[33mWS-path(可选)\033[0m \033[33m$vms_ws_path\033[0m"
echo -e " 4 设置\033[36m秘钥-uuid\033[0m \033[36m$vms_uuid\033[0m"
echo -e " 5 一键生成\033[32m随机秘钥\033[0m"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ -n "$vms_port" ] && [ -n "$vms_uuid" ];then
[ "$vms_service" = ON ] && vms_service=OFF || vms_service=ON
setconfig vms_service "$vms_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
fi
set_vmess
;;
2)
read -p "请输入端口号(输入0删除) > " text
[ "$text" = 0 ] && unset vms_port
if check_port "$text"; then
vms_port="$text"
setconfig vms_port "$text" "$CFG"
fw_wan_ports=$(echo "$fw_wan_ports,$vms_port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
else
sleep 1
fi
set_vmess
;;
3)
read -p "请输入ws-path路径(输入0删除) > " text
[ "$text" = 0 ] && unset vms_ws_path
if echo "$text" |grep -qE '^/';then
vms_ws_path="$text"
setconfig vms_ws_path "$text" "$CFG"
else
echo -e "\033[31m不是合法的path路径必须以【/】开头!\033[0m"
sleep 1
fi
set_vmess
;;
4)
read -p "请输入UUID(输入0删除) > " text
[ "$text" = 0 ] && unset vms_uuid
if echo "$text" |grep -qiE '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$';then
vms_uuid="$text"
setconfig vms_uuid "$text" "$CFG"
else
echo -e "\033[31m不是合法的UUID格式请重新输入或使用随机生成功能\033[0m"
sleep 1
fi
set_vmess
;;
5)
vms_uuid=$(cat /proc/sys/kernel/random/uuid)
setconfig vms_uuid "$vms_uuid" "$CFG"
sleep 1
set_vmess
;;
*) errornum ;;
esac
}
set_shadowsocks(){
[ -z "$sss_cipher" ] && sss_cipher='xchacha20-ietf-poly1305'
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m设置的端口会添加到公网访问防火墙并自动放行\n 脚本只提供基础功能,更多需求请用自定义配置文件功能!"
echo -----------------------------------------------
echo -e " 1 \033[32m启用/关闭\033[0mShadowSocks入站 \033[32m$sss_service\033[0m"
echo -----------------------------------------------
echo -e " 2 设置\033[36m监听端口\033[0m \033[36m$sss_port\033[0m"
echo -e " 3 选择\033[33m加密协议\033[0m \033[33m$sss_cipher\033[0m"
echo -e " 4 设置\033[36mpassword\033[0m \033[36m$sss_pwd\033[0m"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ -n "$sss_port" ] && [ -n "$sss_pwd" ];then
[ "$sss_service" = ON ] && sss_service=OFF || sss_service=ON
setconfig sss_service "$sss_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
fi
set_shadowsocks
;;
2)
read -p "请输入端口号(输入0删除) > " text
[ "$text" = 0 ] && unset sss_port
if check_port "$text"; then
sss_port="$text"
setconfig sss_port "$text" "$CFG"
fw_wan_ports=$(echo "$fw_wan_ports,$sss_port" | sed "s/^,//")
setconfig fw_wan_ports "$fw_wan_ports"
else
sleep 1
fi
set_shadowsocks
;;
3)
echo -----------------------------------------------
echo -e " 1 \033[32mxchacha20-ietf-poly1305\033[0m"
echo -e " 2 \033[32mchacha20-ietf-poly1305\033[0m"
echo -e " 3 \033[32maes-128-gcm\033[0m"
echo -e " 4 \033[32maes-256-gcm\033[0m"
ckcmd openssl && {
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m2022系列加密必须使用OpenSSL随机生成的password"
echo -e " 5 \033[32m2022-blake3-chacha20-poly1305\033[0m"
echo -e " 6 \033[32m2022-blake3-aes-128-gcm\033[0m"
echo -e " 7 \033[32m2022-blake3-aes-256-gcm\033[0m"
}
echo -----------------------------------------------
echo -e " 0 返回上级菜单"
read -p "请选择要使用的加密协议 > " num
case "$num" in
1)
sss_cipher=xchacha20-ietf-poly1305
sss_pwd=$(cat /proc/sys/kernel/random/uuid)
;;
2)
sss_cipher=chacha20-ietf-poly1305
sss_pwd=$(cat /proc/sys/kernel/random/uuid)
;;
3)
sss_cipher=aes-128-gcm
sss_pwd=$(cat /proc/sys/kernel/random/uuid)
;;
4)
sss_cipher=aes-256-gcm
sss_pwd=$(cat /proc/sys/kernel/random/uuid)
;;
5)
sss_cipher=2022-blake3-chacha20-poly1305
sss_pwd=$(openssl rand --base64 32)
;;
6)
sss_cipher=2022-blake3-aes-128-gcm
sss_pwd=$(openssl rand --base64 16)
;;
7)
sss_cipher=2022-blake3-aes-256-gcm
sss_pwd=$(openssl rand --base64 32)
;;
*)
;;
esac
setconfig sss_cipher "$sss_cipher" "$CFG"
setconfig sss_pwd "$sss_pwd" "$CFG"
set_shadowsocks
;;
4)
if echo "$sss_cipher" |grep -q '2022-blake3';then
echo -e "\033[31m注意\033[0m2022系列加密必须使用脚本随机生成的password"
sleep 1
else
read -p "请输入秘钥(输入0删除) > " text
[ "$text" = 0 ] && unset sss_pwd
sss_pwd="$text"
setconfig sss_pwd "$text" "$CFG"
fi
set_shadowsocks
;;
*) errornum ;;
esac
}
set_tailscale(){
[ -n "$ts_auth_key" ] && ts_auth_key_info='*********'
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译Tailscale模块\n如需使用请先前往自定义内核更新完整版内核文件"
echo -e "创建秘钥:\033[32;4mhttps://login.tailscale.com/admin/settings/keys\033[0m"
echo -e "访问非本机目标需允许通告:\033[32;4mhttps://login.tailscale.com\033[0m"
echo -e "访问非本机目标需在终端设置使用Subnet或EXIT-NODE模式"
echo -----------------------------------------------
echo -e " 1 \033[32m启用/关闭\033[0mTailscale服务 \033[32m$ts_service\033[0m"
echo -e " 2 设置\033[36m秘钥\033[0m(Auth Key) $ts_auth_key_info"
echo -e " 3 通告路由\033[33m内网地址\033[0m(Subnet) \033[36m$ts_subnet\033[0m"
echo -e " 4 通告路由\033[31m全部流量\033[0m(EXIT-NODE) \033[36m$ts_exit_node\033[0m"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ -n "$ts_auth_key" ];then
[ "$ts_service" = ON ] && ts_service=OFF || ts_service=ON
setconfig ts_service "$ts_service"
else
echo -e "\033[31m请先设置秘钥\033[0m"
sleep 1
fi
set_tailscale
;;
2)
read -p "请输入秘钥(输入0删除) > " text
[ "$text" = 0 ] && unset ts_auth_key ts_auth_key_info || ts_auth_key="$text"
[ -n "$ts_auth_key" ] && setconfig ts_auth_key "$ts_auth_key" "$CFG"
set_tailscale
;;
3)
[ "$ts_subnet" = true ] && ts_subnet=false || ts_subnet=true
setconfig ts_subnet "$ts_subnet" "$CFG"
set_tailscale
;;
4)
[ "$ts_exit_node" = true ] && ts_exit_node=false || ts_exit_node=true
setconfig ts_exit_node "$ts_exit_node" "$CFG"
set_tailscale
;;
*) errornum ;;
esac
}
set_wireguard(){
[ -n "$wg_public_key" ] && wgp_key_info='*********' || unset wgp_key_info
[ -n "$wg_private_key" ] && wgv_key_info='*********' || unset wgv_key_info
[ -n "$wg_pre_shared_key" ] && wgpsk_key_info='*********' || unset wgpsk_key_info
echo -----------------------------------------------
echo -e "\033[31m注意\033[0m脚本默认内核为了节约内存没有编译WireGuard模块\n如需使用请先前往自定义内核更新完整版内核文件"
echo -----------------------------------------------
echo -e " 1 \033[32m启用/关闭\033[0mWireguard服务 \033[32m$wg_service\033[0m"
echo -----------------------------------------------
echo -e " 2 设置\033[36mEndpoint地址\033[0m \033[36m$wg_server\033[0m"
echo -e " 3 设置\033[36mEndpoint端口\033[0m \033[36m$wg_port\033[0m"
echo -e " 4 设置\033[36m公钥-PublicKey\033[0m \033[36m$wgp_key_info\033[0m"
echo -e " 5 设置\033[36m密钥-PresharedKey\033[0m \033[36m$wgpsk_key_info\033[0m"
echo -----------------------------------------------
echo -e " 6 设置\033[33m私钥-PrivateKey\033[0m \033[33m$wgv_key_info\033[0m"
echo -e " 7 设置\033[33m组网IPV4地址\033[0m \033[33m$wg_ipv4\033[0m"
echo -e " 8 可选\033[33m组网IPV6地址\033[0m \033[33m$wg_ipv6\033[0m"
echo -e " 0 返回上级菜单 \033[0m"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
case "$num" in
0) ;;
1)
if [ -n "$wg_server" ] && [ -n "$wg_port" ] && [ -n "$wg_public_key" ] && [ -n "$wg_pre_shared_key" ] && [ -n "$wg_private_key" ] && [ -n "$wg_ipv4" ];then
[ "$wg_service" = ON ] && wg_service=OFF || wg_service=ON
setconfig wg_service "$wg_service"
else
echo -e "\033[31m请先完成必选设置\033[0m"
sleep 1
fi
set_wireguard
;;
[1-8])
read -p "请输入相应内容(回车或0删除) > " text
[ "$text" = 0 ] && text=''
case "$num" in
2)
wg_server="$text"
setconfig wg_server "$text" "$CFG"
;;
3)
wg_port="$text"
setconfig wg_port "$text" "$CFG"
;;
4)
wg_public_key="$text"
setconfig wg_public_key "$text" "$CFG"
;;
5)
wg_pre_shared_key="$text"
setconfig wg_pre_shared_key "$text" "$CFG"
;;
6)
wg_private_key="$text"
setconfig wg_private_key "$text" "$CFG"
;;
7)
wg_ipv4="$text"
setconfig wg_ipv4 "$text" "$CFG"
;;
8)
wg_ipv6="$text"
setconfig wg_ipv6 "$text" "$CFG"
;;
esac
set_wireguard
;;
*) errornum ;;
esac
}