diff --git a/bin/clashfm.tar.gz b/bin/clashfm.tar.gz index d655a60..1c61ca1 100644 Binary files a/bin/clashfm.tar.gz and b/bin/clashfm.tar.gz differ diff --git a/bin/version b/bin/version index 2a99869..be0677f 100644 --- a/bin/version +++ b/bin/version @@ -1,4 +1,4 @@ clash_v=1.6.0 clashpre_v=2021.05.08 GeoIP_v=20210514 -versionsh=1.3.1 +versionsh=1.3.2 diff --git a/install.sh b/install.sh index 5428ed1..b4cec0f 100644 --- a/install.sh +++ b/install.sh @@ -78,7 +78,6 @@ gettar(){ mv $clashdir/clash.service $sysdir/clash.service sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service systemctl daemon-reload - useradd shellclash else #设为保守模式启动 sed -i '/start_old=*/'d $clashdir/mark diff --git a/scripts/clash.service b/scripts/clash.service index 7663212..ab7aad2 100644 --- a/scripts/clash.service +++ b/scripts/clash.service @@ -5,7 +5,7 @@ After=network.target [Service] Type=simple User=root -ExecStart=su shellclash -c "/etc/clash/clash -d /etc/clash" +ExecStart=/etc/clash/clash -d /etc/clash ExecStartPost=/etc/clash/start.sh afstart Restart=on-failure RestartSec=3s diff --git a/scripts/clash.sh b/scripts/clash.sh index 2446413..d022f6e 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -492,6 +492,7 @@ localproxy(){ $clashdir/start.sh set_proxy $mix_port $db_port echo -e "\033[32m已经成功使用$local_proxy_type方式配置本机代理~\033[0m" [ "$local_proxy_type" = "环境变量" ] && echo -e "\033[36m如未生效,请重新启动终端或重新连接SSH!\033[0m" && sleep 1 + [ "$local_proxy_type" = "iptables增强模式" ] && $clashdir/start.sh start fi else local_proxy=未开启 @@ -505,7 +506,21 @@ localproxy(){ setconfig local_proxy_type $local_proxy_type localproxy elif [ "$num" = 3 ]; then - if id shellclash >/dev/null 2>&1 ;then + [ -w /etc/systemd/system/clash.service ] && servdir=/etc/systemd/system/clash.service + [ -w /usr/lib/systemd/system/clash.service ] && servdir=/usr/lib/systemd/system/clash.service + if [ -n "$servdir" ];then + #检测用户如无则创建并提权 + if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then + userdel shellclash 2>/dev/null + useradd shellclash -u 7890 + sed -Ei s/7890:7890/0:7890/g /etc/passwd + fi + #停止clash服务 + $clashdir/start.sh stop + #修改service文件,使用shellclash用户运行clash服务 + setconfig ExecStart "su\ shellclash\ -c\ \"$bindir/clash\ -d\ $bindir\"" $servdir + systemctl daemon-reload + #修改模式变量 local_proxy_type="iptables增强模式" setconfig local_proxy_type $local_proxy_type else diff --git a/scripts/clashservice b/scripts/clashservice index 7d20347..745210d 100644 --- a/scripts/clashservice +++ b/scripts/clashservice @@ -1,6 +1,6 @@ #!/bin/sh /etc/rc.common -START=92 +START=101 SERVICE_DAEMONIZE=1 SERVICE_WRITE_PID=1 diff --git a/scripts/getdate.sh b/scripts/getdate.sh index f62ae4e..8eef402 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -359,7 +359,7 @@ gettar(){ mv $clashdir/clash.service $sysdir/clash.service sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service systemctl daemon-reload - useradd shellclash + #useradd shellclash else #设为保守模式启动 sed -i '/start_old=*/'d $clashdir/mark @@ -854,7 +854,8 @@ update(){ rm -rf /etc/systemd/system/clash.service rm -rf /usr/lib/systemd/system/clash.service rm -rf /www/clash - userdel -r shellclash + sed -Ei s/0:7890/7890:7890/g /etc/passwd + userdel -r shellclash 2>/dev/null echo ----------------------------------------------- echo -e "\033[36m已卸载ShellClash相关文件!有缘再会!\033[0m" echo -e "\033[33m请手动关闭当前窗口以重置环境变量!\033[0m" diff --git a/scripts/start.sh b/scripts/start.sh index ad0279c..2730ed0 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -420,7 +420,7 @@ start_udp(){ start_output(){ #流量过滤规则 iptables -t nat -N clash_out - iptables -t nat -A clash_out -m owner --uid-owner shellclash -j RETURN + iptables -t nat -A clash_out -m owner --uid-owner 7890 -j RETURN iptables -t nat -A clash_out -d 0.0.0.0/8 -j RETURN iptables -t nat -A clash_out -d 10.0.0.0/8 -j RETURN iptables -t nat -A clash_out -d 127.0.0.0/8 -j RETURN