v1.0.0beta15

~新增对使用mips-softfloat核心设备的适配
~新增手动指定核心架构的菜单
~增加了按照关键字白名单筛选节点的功能
~新增了帮助：-h，测试：-t脚本运行参数
~优化节点保存方式，现在每10分钟检测一次，仅在检测到文件变动后方进行保存
~修复部分ssr节点不可用的bug
~mac过滤功能增加移除单个设备以及添加全部设备功能
~修复设置本机代理时直接跳出的bug
~优化安装脚本，增加root用户检测
~优化ipv6dns拦截方式
~回滚对循环计算的方式

README.md

@@ -1,86 +1,70 @@
-# clash-for-Miwifi
-在小米AX3600/AX1800/AX5等路由器上使用clash做透明代理
+
+
+# ShellClash（原Clash for Miwifi）
+
+在Shell环境下一键部署及管理[Clash](https://github.com/Dreamacro/clash)
 =====
-更新日志：
+
+功能简介：
+--
+~通过管理脚本在Shell环境下便捷使用[Clash](https://github.com/Dreamacro/clash)<br>
+~支持在Shell环境下管理[Clash各种功能](https://lancellc.gitbook.io/clash)<br>
+~支持批量导入[Clash](https://github.com/Dreamacro/clash)支持的节点链接及订阅链接<br>~支持配置定时任务，以及定时更新订阅<br>~支持在线安装及使用网页面板管理规则组<br>
+~支持局域网透明代理/纯净模式等多种模式切换<br>~支持在线更新管理脚本及升级Clash核心<br>
+
+设备支持：
 --
 
-•旧版本请重新下载[除config.yaml和Country.mmdb以外的3个文件](https://github.com/juewuy/clash-for-Miwifi/tree/master/clash)并上传到etc/clash后，并重新使用安装命令安装以完成更新<br>
-#### v0.5
-•新增订阅功能，功能强大，欢迎体验！<br>
-•修改了配置记录的位置和格式，大幅度增加了脚本可用性<br>
-•clash核心使用upx压缩，大幅度缩减了体积<br>
-•更新到新版本clash核心，修复Tun模式电报无法正常代理的bug<br>
-•新增若干小功能及使用优化<br>
-
-#### v0.2
-•合并Tun和Redir模式为一套文件，可以通过管理脚本直接切换<br>
-•同步官方最新premium版核心，全面支持ssr<br>
-•大幅度优化管理脚本，增加部分实用功能<br>
-
-#### v0.1
-•支持redir模式<br>
-•增加了一个简单的管理脚本<br>
-•支持ss、v2ray以及trojan协议，Redir模式额外支持ssr协议<br>
-•支持Tun模式<br>
-
-使用依赖：
---
-•请确认路由器或设备已经开启SSH并获取root权限，小米AX系列可参考：https://www.right.com.cn/forum/thread-4032490-1-1.html 开启<br>
-•SSH连接工具，例如putty，bitvise，JuiceSSH（支持安卓手机）等，请自行安装使用<br>
-•SCP连接工具，如winscp<br>
-•以上都不了解或者看不懂的朋友暂不推荐使用<br>
+~支持小米/红米全系使用官方系统或官方开发版系统的路由器设备<br>
+~支持各种基于OpenWrt或使用OpenWrt二次定制开发的路由器设备<br>
+~支持各种运行标准Linux系统（如Debian/CenOS/Armbian等）的设备<br>~兼容Padavan固件（保守模式）、潘多拉固件<br>——————————
+~暂不支持高恪、梅林等固件<br>
+~更多设备支持，请提issue或前往TG群反馈（需提供设备名称及运行uname -a返回的设备核心信息）<br>
 
 使用方式：
 --
-•下载 [目录中全部5个文件](https://github.com/juewuy/clash-for-Miwifi/tree/master/clash)到本地电脑 <br>
-•将下载并修改后的5个文件通过winSCP上传到路由器/etc/clash文件夹（clash文件夹请自行创建）下（最终应该是/etc/clash/"5个文件"）<br>
-•登陆SSH，并在SSH中用root用户执行下方的命令即可使用！<br>
+~确认路由器或设备已经开启SSH并获取root权限<br>
+~使用SSH连接工具（如putty，JuiceSSH，系统自带终端等）路由器或设备的SSH管理界面，并切换到root用户<br>
+~确认设备已经安装curl，如未安装，LInux设备请[参考此处](https://www.howtoing.com/install-curl-in-linux)进行安装，基于OpenWrt（小米官方系统、潘多拉、高恪等）的设备请使用如下命令安装：<br>
+
+```shell
+opkg update && opkg install curl
+```
+
+~之后在SSH界面执行如下安装命令，并按照后续提示完成安装<br>
+
+~使用curl：<br>
 
-**首次安装**
 ```Shell
-mv /etc/clash/clashservice /etc/init.d/clash #移动clash服务文件
-mv /etc/clash/clashsh /bin/clash             #移动clash管理脚本
-chmod  777 /etc/clash/clash                  #授予权限
-chmod  777 /etc/init.d/clash                 #授予权限
-chmod  777 /bin/clash                        #授予权限
-clash                                        #使用管理脚本
+#Release版本-github直连
+sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+#Release版本-jsdelivrCDN源
+sh -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install.sh)" && source /etc/profile &> /dev/null
+#Test版本-github直连
+sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" -s 1 && source /etc/profile &> /dev/null
 ```
-**管理脚本**
-```Shell 
-clash                                        #使用管理脚本
-```
-•启用后可以通过 http://clash.razord.top （或者 https://yacd.haishan.me http://app.tossp.com ） （Host为网关IP，端口为9999，密钥为空）管理clash内置规则<br>
 
-问题反馈：
+~安装完成管理脚本后，执行如下命令以运行管理脚本<br>
+
+```Shell
+clash
+```
+
+更新日志：
+--
+https://github.com/juewuy/ShellClash/releases
+
+交流反馈：
 --
 ### https://t.me/clashfm 
 
-故障解决：
---
-•部分设备安装时提示bin目录只读（readonly）：可以通过输入mount -o remount rw /bin 来使目录临时可写，之后重新执行安装命令即可完成安装<br>
-•部分设备确实无法写入bin目录的，也可以通过sh /etc/clash/clashsh 命令来运行管理脚本<br>
-•如果能正常连接国内网站而无法访问屏蔽网站：请在浏览器中打开 http://clash.razord.top 并使用测速功能，之后手动指定服务器即可；如果所有服务器都不可用即代表配置文件有问题<br>
-
 已知问题：
 --
-•由于使用了clash的fake-ip模式，故两种模式均不支持ipv6<br>
-•Tun模式下clash服务可能会和小米路由器内置的tx网游加速器冲突，请谨慎同时使用<br>
-•Tun模式下部分软件可能不会经过clash，可以通过设置软件内置sock5（IP=路由IP，port=7891）或http代理（IP=路由IP，port=7890）解决<br>
-•Redir模式无法转发udp流量，外服游戏可能会受影响，此功能是由官方系统阉割了Tproxy导致，暂时无解，外服游戏用户建议使用Tun模式<br>
+~Tun模式下clash服务可能会和路由器内置的网游加速器冲突，请谨慎同时使用<br>
+~Redir模式暂不支持转发udp流量，外服游戏可能会受影响，外服游戏用户建议使用Tun模式<br>
+~部分设备长时间使用会出现内存占用偏高——此为golang内存回收不及时导致，可以通过屏蔽p2p流量及设置每日定时重启核心以缓解<br>
+~节点无法连接——在【clash功能设置】中打开【跳过本地证书验证】或者升级clash核心<br>
 
-ToDo：
+友情推广：
 --
-~~•管理脚本增加订阅功能~~<br>
-•管理脚本增加更新功能<br>
-•添加一键安装脚本<br>
-•修复redir-host DNS以及IPV6支持<br>
-•……<br>
-
-
-感谢：
---
-•https://lancellc.gitbook.io/clash/start-clash/clash-tun-mode<br>
-•https://comzyh.gitbook.io/clash/<br>
-•https://h-cheung.gitlab.io/post/使用_clash_和路由表实现透明代理<br>
-•https://www.right.com.cn/forum/thread-4042741-1-1.html<br>
-
+[顶级8K专线机场-墙洞](https://dler.best/auth/register?affid=89698)

bin/version

@@ -0,0 +1,4 @@
+clash_v=1.2.0
+clashpre_v=2020.10.09
+GeoIP_v=20201010
+versionsh=1.0.0beta14fix5

clash/clashservice

@@ -1,86 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Example script
-# Copyright (C) 2007 OpenWrt.org
-
-USE_PROCD=1
-START=99
-
-getconfig(){
-cpath=/etc/clash
-ccfg=$cpath/mark
-if [ ! -f "$ccfg" ]; then
-echo mark文件不存在，默认以Redir模式运行！
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，请勿改动！
-EOF
-redir_mod=redir模式
-fi
-source $ccfg
-}
-mark_time(){
-start_time=`date +%s`
-sed -i '/start_time*/'d $ccfg
-sed -i "3i\start_time=$start_time" $ccfg
-}
-start_redir(){
-	#修改iptables规则使流量进入clash
-	iptables -t nat -N clash
-	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
-	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -p tcp -j REDIRECT --to-ports 7892
-	iptables -t nat -A PREROUTING -p tcp -j clash
-	iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-	ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-}
-stop_redir(){
-    #重置iptables规则
-	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
-	iptables -t nat -F clash > /dev/null 2>&1
-	iptables -t nat -X clash > /dev/null 2>&1
-	iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-}
-start_tun(){
-	#修改iptables规则使流量进入clash
-	iptables -I FORWARD -o utun -j ACCEPT
-	iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-	ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-}
-stop_tun(){
-	iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-}
-start_service() {
-	getconfig
-    #创建clash后台进程
-	procd_open_instance
-	procd_set_param respawn
-	procd_set_param stderr 1
-	procd_set_param stdout 1
-	procd_set_param command $cpath/clash -d $cpath
-	procd_close_instance
-	#修改iptables规则使流量进入clash
-	if [[ "$redir_mod" = "Tun模式" ]];then
-		stop_tun
-		start_tun
-		mark_time
-	else
-		stop_redir
-		start_redir
-		mark_time
-	fi
-}
-stop_service() {
-	getconfig
-	if [[ "$redir_mod" = "Tun模式" ]];then
-		stop_tun
-	else
-		stop_redir
-	fi
-}

clash/clashsh

@@ -1,574 +0,0 @@
- #!/bin/sh
-# Copyright (C) Juewuy
-
-echo "***********************************************"
-echo "**                 欢迎使用                  **"
-echo "**             Clash for Miwifi              **"
-echo "**                             by  Juewuy    **"
-echo "***********************************************"
-
-getconfig(){
-#文件路径
-cpath=/etc/clash #clash目录地址，如有变动只需要修改此处
-sed -i "/^cpath\=*/ccpath\=$cpath" /etc/init.d/clash #同步service文件中的clash路径
-ccfg=$cpath/mark
-yaml=$cpath/config.yaml
-#检查标识文件
-if [ ! -f "$ccfg" ]; then
-echo mark文件不存在，正在创建！
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，请勿改动！
-EOF
-fi
-source $ccfg
-#获取自启状态
-if [ $auto_start = true ] > /dev/null 2>&1; then 
-auto="\033[32m已设置开机启动！\033[0m"
-auto1="禁用clash开机启动"
-else
-auto="\033[31m未设置开机启动！\033[0m"
-auto1="允许clash开机启动"
-fi
-#获取运行模式
-if [ ! -n "$redir_mod" ]; then
-sed -i "2i\redir_mod=Redir模式" $ccfg
-redir_mod=Redir模式
-fi
-#获取运行状态
-uid=`ps |grep -w 'clash -d'|grep -v grep|awk '{print $1}'`
-if [ $uid > 0 ];then
-run="\033[32m正在运行（$redir_mod）\033[0m"
-VmRSS=`cat /proc/$uid/status|grep -w VmRSS|awk '{print $2,$3}'`
-  #获取运行时长
-  if [ "$start_time" > 0 ] > /dev/null 2>&1; then 
-  time=$((`date +%s`-$start_time))
-  day=$(($time/86400))
-    if [[ $day != 0 ]]; then 
-    day=$day天
-    else
-    day=""
-    fi
-  time=`date -u -d @${time} +"%-H小时%-M分%-S秒"`
-  fi
-else
-run="\033[31m没有运行（$redir_mod）\033[0m"
-fi
-#输出状态
-echo -----------------------------------------------
-echo -e "Clash服务"$run"，"$auto""
-if [ $uid > 0 ];then
-echo -e "当前内存占用：\033[44m"$VmRSS"\033[0m，已运行：\033[46;30m"$day"\033[44;37m"$time"\033[0m"
-fi
-}
-
-getyaml(){
-source $ccfg
-#前后端订阅服务器地址索引，可在此处添加！
-Server=`sed -n ""$server_link"p"<<EOF
-subconverter-web.now.sh
-subcon.py6.pw
-api.dler.io
-api.wcc.best
-EOF`
-Config=`sed -n ""$rule_link"p"<<EOF
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
-EOF`
-Https="https://$Server/sub?target=clashr&new_name=true&url=$Url&insert=false&config=$Config"
-echo -----------------------------------------------
-echo 正在连接服务器获取配置文件…………链接地址为：
-echo -e "\033[4;32m$Https\033[0m"
-echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
-echo -e "\033[36m-----------------------------------------------"
-echo -e "|                                             |"
-echo -e "|         需要一点时间，请耐心等待！          |"
-echo -e "|                                             |"
-echo -e "-----------------------------------------------\033[0m"
-#获取在线yaml文件
-yamlnew=$yaml.new
-rm $yamlnew > /dev/null 2>&1
-
-result=$(curl -w %{http_code} -skLo $yamlnew $Https)
-if [ "$result" != "200" ];then
-echo -----------------------------------------------
-echo -e "\033[31m配置文件获取失败！\033[0m"
-echo -----------------------------------------------
-echo
-read -p "是否更换后端地址后重试？[1/0] > " res
-  if [ "$res" = '1' ]; then
-  	sed -i '/server_link=*/'d $ccfg
-	if [ "$server_link" = '4' ]; then
-	server_link=0
-	fi
-	server_link=$(($server_link + 1))
-	echo $server_link
-    sed -i "5i\server_link=$server_link" $ccfg
-	getyaml
-  fi
-exit;
-else
-  if cat $yamlnew | grep ', server:' >/dev/null;then
-##########需要变更的配置###########
-redir='redir-port: 7892'
-external='external-controller: 0.0.0.0:9999'
-dns='dns: {enable: true, listen: 0.0.0.0:1053, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, nameserver: [tls://dns.rubyfish.cn:853, 127.0.0.1:53], fallback: [tcp://1.1.1.1, tls://dns.google:853]}'
-tun='tun: {enable: false, stack: system}' 
-exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
-###################################
-	#预删除需要添加的项目
-	sed -i '/redir-port:*/'d $yamlnew
-	sed -i '/external-controller:*/'d $yamlnew
-	sed -i '/dns:*/'d $yamlnew
-	sed -i '/tun:*/'d $yamlnew
-	sed -i '/experimental:*/'d $yamlnew
-	#添加配置
-	sed -i "2a$redir" $yamlnew
-	sed -i "6a$external" $yamlnew
-	sed -i "7a$dns" $yamlnew
-	sed -i "8a$tun" $yamlnew
-	sed -i "9a$experimental" $yamlnew
-	sed -i "1,40s/sni: \S*/\1skip-cert-verify: true}/" $yamlnew
-	#替换文件
-	mv $yaml $yaml.bak
-	mv $yamlnew $yaml
-	echo 配置文件已生成！正在重启clash使其生效！
-	#重启clash服务
-	/etc/init.d/clash stop
-	/etc/init.d/clash start
-	sleep 1
-	uid=`ps |grep -w 'clash -d'|grep -v grep|awk '{print $1}'`
-		if [ $uid > 0 ];then
-		echo -----------------------------------------------
-		echo -e "\033[32mclash服务已启动！\033[0m"
-		echo 可以使用 http://clash.razord.top （IP为网关IP，端口为9999）管理clash内置规则
-		clashsh
-		else
-		echo -----------------------------------------------
-		echo -e "\033[31mclash服务启动失败！请检查配置文件！\033[0m"
-		clashsh
-		fi
-		exit;
-  else
-  echo -----------------------------------------------
-  echo -e "\033[33m囧囧囧 获取到了配置文件，但格式似乎不对 囧囧囧\033[0m"
-  echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-  sed -n '1,20p' $yamlnew
-  echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-  echo -e "\033[33m请检查如上配置文件信息:\033[0m"
-  echo -----------------------------------------------
-  fi
-  exit;
-fi
-exit
-}
-getlink(){
-#设置输入循环
-i=1
-while [ $i -le 9 ]
-do
-echo -----------------------------------------------
-echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-echo -----------------------------------------------
-echo -e "\033[33m支持批量导入\033[30;46m Http/Https/Clash \033[0;33m等格式的订阅链接"
-echo -e "支持批量导入\033[30;42m Vmess/SSR/SS/Trojan/Sock5 \033[0;33m等格式的节点链接"
-echo -e "\033[36m多个较短的链接可以用\033[30;47m | \033[0;36m分隔以一次性输入"
-echo -e "多个较长的链接请尽量分多次输入，可支持多达\033[30;47m 9 \033[0;36m次输入"
-echo -e "\033[0m注意SSR/SS不支持\033[30;47m chacha20加密 \033[0m"
-echo -e "\033[44;37m直接输入回车以结束输入并开始导入链接！\033[0m"
-echo -e "\033[33m 0 返回上级目录！\033[0m"
-echo
-url=""
-read -p "请输入第"$i"个链接 > " url
-  test=$(echo $url | grep "://")
-  url=`echo ${url/\ \(*\)/''}`   #删除恶心的超链接内容
-  url=`echo ${url/*\&url\=/""}`   #将clash完整链接还原成单一链接
-  url=`echo ${url/\&config\=*/""}`   #将clash完整链接还原成单一链接
-  url=`echo ${url//\&/\%26}`   #将分隔符 & 替换成urlcode：%26
-  if [[ "$test" != "" ]];then
-	if [[ $i == 1 ]];then
-	Url="$url"
-	else
-	Url="$Url"\|"$url"
-	fi
-  i=$(($i+1))
-  elif [ -z $url ];then
-	  if [ -n $Url ];then
-	  echo -----------------------------------------------
-	  echo -e 请检查输入的链接是否正确：
-      echo -e "\033[4m$Url\033[0m"
-	  read -p "确认导入配置文件？原配置文件将被更名为config.bak![1/0] > " res
-	    if [ "$res" = '1' ]; then
-		#将用户链接写入mark
-		sed -i '/Url=*/'d $ccfg
-		sed -i "6i\Url=\'$Url\'" $ccfg
-		#获取在线yaml文件
-		getyaml
-		exit;
-	    fi
-		clashlink
-	  fi
-  elif [[ $url == 0 ]];then
-    clashlink
-  else
-    echo -----------------------------------------------
-    echo -e "\033[31m请输入正确的订阅/分享链接！！！\033[0m"
-  fi
-done
-echo -----------------------------------------------
-echo 输入太多啦，可能会导致订阅失败！
-echo "多个较短的链接请尽量用“|”分隔以一次性输入！"
-echo -e "请检查输入的链接是否正确：\033[4m$Url\033[0m"
-read -p "确认导入配置文件？原配置文件将被更名为config.bak![1/0] > " res
-	    if [ "$res" = '1' ]; then
-		#将用户链接写入mark
-		sed -i '/Url=*/'d $ccfg
-		sed -i "6i\Url=\'$Url\'" $ccfg
-		#获取在线yaml文件
-		getyaml
-		exit;
-		else
-		echo -----------------------------------------------
-		echo 操作已取消！返回上级菜单！
-		clashlink
-	    fi
-		clashlink
-} 
-clashlink(){
-#获取订阅规则
-if [ ! -n "$rule_link" ]; then
-sed -i '/rule_link=*/'d $ccfg
-sed -i "4i\rule_link=1" $ccfg
-rule_link=1
-fi
-#获取后端服务器地址
-if [ ! -n "$server_link" ]; then
-sed -i '/server_link=*/'d $ccfg
-sed -i "5i\server_link=3" $ccfg
-server_link=3
-fi
-echo -----------------------------------------------
-echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-echo -e "\033[32m 欢迎使用订阅功能！\033[0m"
-echo -e 1 输入订阅链接
-echo -e 2 选取规则模版
-echo -e 3 选择后端地址
-echo -e 4 还原配置文件
-echo -e 5 手动更新订阅
-echo -e 6 设置自动更新（未完成）
-echo -e 0 返回上级菜单
-read -p "请输入对应数字 > " num
-if [ -z $num ];then
-  echo -----------------------------------------------
-  echo -e "\033[31m请输入正确的数字！\033[0m"
-  clashsh
-elif [[ $num == 1 ]];then
-  getlink
-elif [[ $num == 2 ]];then
-  echo -----------------------------------------------
-  echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-  echo 当前使用规则为：$rule_link
-  echo 1 ACL4SSR默认通用版（推荐）
-  echo 2 ACL4SSR精简全能版（推荐）
-  echo 3 ACL4SSR通用版去广告加强
-  echo 4 ACL4SSR精简版去广告加强
-  echo 5 ACL4SSR通用版无去广告
-  echo 0 返回上级菜单
-  read -p "请输入对应数字 > " num
-    if [ -z $num ];then
-	  echo -----------------------------------------------
-	  echo -e "\033[31m请输入正确的数字！\033[0m"
-	  clashlink
-	else
-	  #将对应标记值写入mark
-	  sed -i '/rule_link*/'d $ccfg
-      sed -i "4i\rule_link="$num"" $ccfg	
-	  echo -----------------------------------------------	  
-	  echo -e "\033[32m设置成功！返回上级菜单！\033[0m"
-	  clashlink
-	fi
-elif [[ $num == 3 ]];then
-  echo -----------------------------------------------
-  echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-  echo 当前使用后端为：$server_link
-  echo 1 subconverter-web.now.sh
-  echo 2 subcon.py6.pw
-  echo 3 api.dler.io
-  echo 4 api.wcc.best
-  echo 0 返回上级菜单
-  read -p "请输入对应数字 > " num
-    if [ -z $num ];then
-	  echo -----------------------------------------------
-	  echo -e "\033[31m请输入正确的数字！\033[0m"
-	  clashlink
-	else
-	  if [[ $num == 0 ]];then
-	  clashlink
-	  fi
-	  #将对应标记值写入mark
-	  sed -i '/server_link*/'d $ccfg
-      sed -i "4i\server_link="$num"" $ccfg		
-      echo -----------------------------------------------	  
-	  echo -e "\033[32m设置成功！返回上级菜单！\033[0m"
-	  clashlink
-	fi
-elif [[ $num == 4 ]];then
-  yamlbak=$yaml.bak
-  if [ ! -f "$yaml".bak ];then
-  echo -----------------------------------------------
-  echo -e "\033[31m没有找到配置文件的备份！\033[0m"
-  else
-  echo -----------------------------------------------
-  echo -e 备份文件共有"\033[32m`wc -l < $yamlbak`\033[0m"行内容，当前文件共有"\033[32m`wc -l < $yaml`\033[0m"行内容
-  read -p "确认还原配置文件？此操作不可逆！[1/0] > " res
-	if [ "$res" = '1' ]; then
-	mv $yamlbak $yaml
-    echo -----------------------------------------------
-	echo -e "\033[32m配置文件已还原！请手动重启clash服务！\033[0m"
-	else 
-    echo -----------------------------------------------
-	echo -e "\033[31m操作已取消！返回上级菜单！\033[0m"
-	fi
-  fi
-  clashsh
-elif [[ $num == 5 ]];then
-  if [ ! -n "$Url" ];then
-    echo -----------------------------------------------
-    echo 没有找到你的订阅链接！请先输入链接！
-  clashlink
-  else
-    echo -----------------------------------------------
-    echo -----------------------------------------------
-    echo -e "\033[33m当前系统记录的订阅链接为：\033[0m"
-    echo -e "\033[4;32m$Url\033[0m"
-    echo -----------------------------------------------
-	read -p "确认更新配置文件？[1/0] > " res
-	  if [ "$res" = '1' ]; then
-      getyaml
-	  fi
-	  clashlink
-  fi
-elif [[ $num == 0 ]];then
-  clashsh
-else
-  echo -----------------------------------------------
-  echo -e "\033[31m请输入正确的数字！\033[0m"
-  exit;
-fi
-}
-clashadv(){
-echo -----------------------------------------------
-echo -e "\033[33m欢迎使用高级模式菜单：\033[0m"
-echo 1 切换代理模式（Tun/Redir）
-echo 2 更新clash核心文件（施工中）
-echo 3 更新GeoIP数据库（施工中）
-echo 4 更新管理脚本（施工中）
-echo 9 卸载clash
-echo 0 返回上级菜单 
-read -p "请输入对应数字 > " num
-if [[ $num -le 9 ]] > /dev/null 2>&1; then 
-  if [[ $num == 0 ]]; then
-    clashsh
-  
-  elif [[ $num == 1 ]]; then
-    echo -----------------------------------------------
-    echo -e "当前代理模式为：\033[47;30m $redir_mod \033[0m"
-	echo -e "\033[33m切换模式时会重启clash服务，可能会导致短时间的网络中断！\033[0m"
-	echo "1 Tun模式：  支持UDP转发且延迟低"
-	echo "             但CPU及内存占用更高"
-	echo "             适合外服游戏用户"
-	echo "2 Redir模式：CPU以及内存占用较低"
-	echo "             但不支持UDP流量转发"
-	echo "             日常使用推荐此模式"
-	echo 0 返回上级菜单 
-	read -p "请输入对应数字 > " num
-	if [[ $num == 0 ]]; then
-	  clashadv
-	elif [[ $num == 1 ]]; then
-	  if [[ $redir_mod = "Redir模式" ]]; then
-	    sed -i '/redir_mod*/'d $ccfg
-		sed -i "2i\redir_mod=Tun模式" $ccfg	#修改redir_mod标记
-	    sed -i '5,20s/tun: {enable: false/tun: {enable: true/' $yaml		#修改配置文件
-		if [ $uid > 0 ];then > /dev/null 2>&1
-		echo -----------------------------------------------
-		echo -e "\033[33m正在重启clash进程……\033[0m"
-		/etc/init.d/clash stop > /dev/null 2>&1
-		fi	  
-		/etc/init.d/clash start
-		sleep 1
-		uid=`ps |grep -w 'clash -d'|grep -v grep|awk '{print $1}'`	  
-		if [ $uid > 0 ];then
-		echo -----------------------------------------------
-		echo -e "\033[32mclash服务已启动！\033[0m"
-		echo -e "\033[33mclash已成功切换为：\033[47;34m Tun模式! \033[0m"
-		echo -e 可以使用 "\033[32mhttp://clash.razord.top\033[0m"（IP为网关IP，端口为9999）管理clash内置规则
-		clashsh
-		else
-		echo -----------------------------------------------
-		echo -e "\033[31mclash服务启动失败！请检查配置文件！\033[0m"
-		clashsh
-		fi  
-	  else
-	    echo -----------------------------------------------
-		echo -e "\033[33m当前已经处于Tun模式，无需重复设置！\033[0m"
-		clashadv
-	  fi
-	  
-	elif [[ $num == 2 ]]; then
-	  if [[ $redir_mod = "Tun模式" ]]; then
-	    sed -i '/redir_mod*/'d $ccfg
-		sed -i "2i\redir_mod=Redir模式" $ccfg	#修改redir_mod标记
-	    sed -i '5,20s/tun: {enable: true/tun: {enable: false/' $yaml		#修改配置文件
-		if [ $uid > 0 ];then
-		echo -----------------------------------------------
-		echo -e "\033[33m正在重启clash进程……\033[0m"
-		/etc/init.d/clash stop > /dev/null 2>&1
-		fi	  
-		/etc/init.d/clash start
-		sleep 1
-		uid=`ps |grep -w 'clash -d'|grep -v grep|awk '{print $1}'`	  
-		if [ $uid > 0 ];then
-		echo -----------------------------------------------
-		echo -e "\033[32mclash服务已启动！\033[0m"
-		echo -e "\033[33mclash已成功切换为：\033[47;34m Redir模式! \033[0m"
-		echo -e 可以使用 "\033[32mhttp://clash.razord.top\033[0m"（IP为网关IP，端口为9999）管理clash内置规则
-		clashsh
-		else
-		echo -----------------------------------------------
-		echo -e "\033[31mclash服务启动失败！请检查配置文件！\033[0m"
-		clashsh
-		fi  
-	  else
-	    echo -----------------------------------------------
-		echo -e "\033[33m当前已经处于Redir模式，无需重复设置！\033[0m"
-		clashadv
-	  fi
-	else
-	  echo -----------------------------------------------
-	  echo -e "\033[31m请输入正确的数字！\033[0m"
-      clashadv
-	fi
-	
-  elif [[ $num == 9 ]]; then
-    read -p "确认卸载clash？（警告：该操作不可逆！）[1/0] " res
-	if [ "$res" = '1' ]; then
-    /etc/init.d/clash disable
-    /etc/init.d/clash stop
-    rm -rf $cpath
-    rm /etc/init.d/clash
-    rm $csh
-    echo 已卸载clash相关文件！
-	fi
-    exit;
-  else
-    echo -e "\033[31m暂未支持的选项！\033[0m"
-    clashadv
-  fi
-else
-  echo -----------------------------------------------
-  echo -e "\033[31m请输入正确的数字！\033[0m"
-  clashsh
-fi
-exit;
-}
-clashsh(){
-#############################
-getconfig
-#############################
-echo 1 启动/重启clash服务
-echo 2 测试代理服务器连通性
-echo 3 停止clash服务
-echo 4 $auto1
-echo 5 设置定时任务（施工中）
-echo 6 使用链接导入节点/订阅
-echo 7 高级设置
-echo 0 退出脚本
-read -p "请输入对应数字 > " num
-if [[ $num -le 7 ]] > /dev/null 2>&1; then 
-  if [[ $num == 0 ]]; then
-  exit;
-  
-  elif [[ $num == 1 ]]; then
-    if [ $uid > 0 ];then
-	echo -----------------------------------------------
-	/etc/init.d/clash stop > /dev/null 2>&1
-	echo -e "\033[31mClash服务已停止！\033[0m"
-	fi
-    /etc/init.d/clash start
-	sleep 1
-    uid=`ps |grep -w 'clash -d'|grep -v grep|awk '{print $1}'`
-      if [ $uid > 0 ];then
-	  echo -----------------------------------------------
-      echo -e "\033[32mclash服务已启动！\033[0m"
-	  echo 可以使用 http://clash.razord.top （IP为网关IP，端口为9999）管理clash内置规则
-	  clashsh
-      else
-	  echo -----------------------------------------------
-      echo -e "\033[31mclash服务启动失败！请检查配置文件！\033[0m"
-	  clashsh
-      fi
-	  exit;
-  
-  elif [[ $num == 2 ]]; then
-      echo 注意：测试结果不保证一定准确！
-      delay=`curl -kx socks5://127.0.0.1:7891 -o /dev/null -s -w '%{time_starttransfer}' 'https://google.tw' & { sleep 3 ; kill $! & }` > /dev/null 2>&1
-	  delay=`echo |awk "{print $delay*1000}"` > /dev/null 2>&1
-	  echo -----------------------------------------------
-	  if [ `echo ${#delay}` -gt 1 ];then
-	  echo -e "\033[32m连接成功！响应时间为："$delay" ms\033[0m"
-	  else
-	  echo -e "\033[31m连接超时！请重试或检查节点配置！\033[0m"
-	  fi
-	  clashsh
-  elif [[ $num == 3 ]]; then
-  /etc/init.d/clash stop > /dev/null 2>&1
-  echo -----------------------------------------------
-  echo -e "\033[31mClash服务已停止！\033[0m"
-  echo -----------------------------------------------
-  exit;
-
-  elif [[ $num == 4 ]]; then
-    sed -i '/auto_start*/'d $ccfg
-	echo -----------------------------------------------
-	  if [ $auto_start = true ] > /dev/null 2>&1; then 
-	  /etc/init.d/clash disable
-	  sed -i "1i\auto_start=false" $ccfg
-	  echo -e "\033[33m已禁止Clash开机启动！\033[0m"
-	  else
-	  /etc/init.d/clash enable
-	  sed -i "1i\auto_start=true" $ccfg
-	  echo -e "\033[32m已设置Clash开机启动！\033[0m"
-	  fi
-	clashsh
-
-  elif [[ $num == 5 ]]; then
-echo -----------------------------------------------
-echo -e "\033[31m正在施工中，敬请期待！\033[0m"
-echo -e "\033[32m正在施工中，敬请期待！\033[0m"
-echo -e "\033[33m正在施工中，敬请期待！\033[0m"
-echo -e "\033[34m正在施工中，敬请期待！\033[0m"
-echo -e "\033[35m正在施工中，敬请期待！\033[0m"
-echo -e "\033[36m正在施工中，敬请期待！\033[0m"
-
-  clashsh
-    
-  elif [[ $num == 6 ]]; then
-  clashlink
-
-  elif [[ $num == 7 ]]; then
-  clashadv
-  
-  else
-  echo -----------------------------------------------
-  echo -e "\033[31m请输入正确的数字！\033[0m"
-  fi
-  exit 1
-else
-echo -----------------------------------------------
-echo -e "\033[31m请输入正确的数字！\033[0m"
-fi
-exit 1
-}
-clashsh

install.sh

@@ -0,0 +1,144 @@
+#! /bin/bash
+# Copyright (C) Juewuy
+
+echo='echo -e' && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && echo=echo
+[ -z "$1" ] && test=0 || test=$1
+
+echo "***********************************************"
+echo "**                 欢迎使用                  **"
+echo "**                ShellClash                 **"
+echo "**                             by  Juewuy    **"
+echo "***********************************************"
+
+#检查root权限
+[ "$USER" != "root" ] && [ "$USER" != "admin" ] && echo 请使用root用户执行安装！&& exit 1
+
+#检查更新
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+if [ "$test" -gt 0 ];then 
+	url="--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master"
+	[ "$test" -eq 2 ] && url="http://192.168.31.30:8080/clash-for-Miwifi" && echo $url
+	[ "$test" -eq 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+else
+	release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')	#检查版本
+fi
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url@$release_new/bin/clashfm.tar.gz
+[ "$test" -gt 0 ] && tarurl=$url/bin/clashfm.tar.gz
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo -----------------------------------------------
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system/ ] && sysdir=/etc/systemd/system/
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+#下载及安装
+install(){
+echo -----------------------------------------------
+echo 开始从服务器获取安装文件！
+echo -----------------------------------------------
+gettar
+echo -----------------------------------------------
+echo ShellClash 已经安装成功!
+echo -----------------------------------------------
+$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo -----------------------------------------------
+}
+setdir(){		
+echo -----------------------------------------------		
+$echo "\033[32m 1 在默认目录(/etc)安装"
+$echo "\033[33m 2 手动设置安装目录"
+$echo "\033[0m 0 退出安装"
+echo -----------------------------------------------
+read -p "请输入相应数字 > " num
+#设置目录
+if [ -z $num ];then
+	echo 安装已取消
+	exit;
+elif [ "$num" = "1" ];then
+	dir=/etc
+elif [ "$num" = "2" ];then
+	echo -----------------------------------------------
+	echo '可用路径 剩余空间:'
+	df -h | awk '{print $6,$2}'| sed 1d 
+	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
+	read -p "请输入自定义路径 > " dir
+	if [ -z "$dir" ];then
+		$echo "\033[31m路径错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	echo 安装已取消！！！
+	exit;
+fi
+clashdir=$dir/clash
+install
+}
+
+#输出
+$echo "最新版本：\033[32m$release_new\033[0m"
+echo -----------------------------------------------
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[37m支持各种基于openwrt的路由器设备"
+$echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
+
+if [ -n "$clashdir" ];then
+	echo -----------------------------------------------
+	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
+	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
+	read -p "覆盖安装/卸载旧版本？(1/0) > " res
+	if [ "$res" = "1" ];then
+		install
+	elif [ "$res" = "0" ];then
+		rm -rf $clashdir
+		echo -----------------------------------------------
+		$echo "\033[31m 旧版本文件已卸载！\033[0m"
+		setdir
+	else
+		$echo "\033[31m输入错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	setdir
+fi

install_cdn.sh

@@ -0,0 +1,144 @@
+#! /bin/bash
+# Copyright (C) Juewuy
+
+echo='echo -e' && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && echo=echo
+[ -z "$1" ] && test=0 || test=$1
+
+echo "***********************************************"
+echo "**                 欢迎使用                  **"
+echo "**                ShellClash                 **"
+echo "**                             by  Juewuy    **"
+echo "***********************************************"
+
+#检查root权限
+[ "$USER" != "root" ] && [ "$USER" != "admin" ] && echo 请使用root用户执行安装！&& exit 1
+
+#检查更新
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+if [ "$test" -gt 0 ];then 
+	url="--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master"
+	[ "$test" -eq 2 ] && url="http://192.168.31.30:8080/clash-for-Miwifi" && echo $url
+	[ "$test" -eq 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+else
+	release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')	#检查版本
+fi
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url@$release_new/bin/clashfm.tar.gz
+[ "$test" -gt 0 ] && tarurl=$url/bin/clashfm.tar.gz
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo -----------------------------------------------
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system/ ] && sysdir=/etc/systemd/system/
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+#下载及安装
+install(){
+echo -----------------------------------------------
+echo 开始从服务器获取安装文件！
+echo -----------------------------------------------
+gettar
+echo -----------------------------------------------
+echo ShellClash 已经安装成功!
+echo -----------------------------------------------
+$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo -----------------------------------------------
+}
+setdir(){		
+echo -----------------------------------------------		
+$echo "\033[32m 1 在默认目录(/etc)安装"
+$echo "\033[33m 2 手动设置安装目录"
+$echo "\033[0m 0 退出安装"
+echo -----------------------------------------------
+read -p "请输入相应数字 > " num
+#设置目录
+if [ -z $num ];then
+	echo 安装已取消
+	exit;
+elif [ "$num" = "1" ];then
+	dir=/etc
+elif [ "$num" = "2" ];then
+	echo -----------------------------------------------
+	echo '可用路径 剩余空间:'
+	df -h | awk '{print $6,$2}'| sed 1d 
+	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
+	read -p "请输入自定义路径 > " dir
+	if [ -z "$dir" ];then
+		$echo "\033[31m路径错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	echo 安装已取消！！！
+	exit;
+fi
+clashdir=$dir/clash
+install
+}
+
+#输出
+$echo "最新版本：\033[32m$release_new\033[0m"
+echo -----------------------------------------------
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[37m支持各种基于openwrt的路由器设备"
+$echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
+
+if [ -n "$clashdir" ];then
+	echo -----------------------------------------------
+	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
+	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
+	read -p "覆盖安装/卸载旧版本？(1/0) > " res
+	if [ "$res" = "1" ];then
+		install
+	elif [ "$res" = "0" ];then
+		rm -rf $clashdir
+		echo -----------------------------------------------
+		$echo "\033[31m 旧版本文件已卸载！\033[0m"
+		setdir
+	else
+		$echo "\033[31m输入错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	setdir
+fi

scripts/clash.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=clash
+After=network.target
+
+[Service]
+Type=simple
+User=root
+ExecStart=/etc/clash/clash -d /etc/clash
+ExecStartPost=/etc/clash/start.sh afstart
+Restart=on-failure
+RestartSec=3s
+
+
+[Install]
+WantedBy=multi-user.target

scripts/clashservice

@@ -0,0 +1,33 @@
+#!/bin/sh /etc/rc.common
+
+START=92
+
+SERVICE_DAEMONIZE=1
+SERVICE_WRITE_PID=1
+USE_PROCD=1
+DIR=$(cat /etc/profile|grep clashdir|awk -F "\"" '{print $2}')
+
+start_service() {
+	#使用procd创建clash后台进程
+	procd_open_instance
+	procd_set_param respawn
+	procd_set_param stderr 1
+	procd_set_param stdout 1
+	procd_set_param command $DIR/clash -d $DIR
+	procd_close_instance
+	#其他设置
+	$DIR/start.sh afstart
+}
+
+start() {
+	if [ -z "$(pidof procd)" ];then
+		#创建后台进程
+		service_start  $DIR/clash -d $DIR
+		#设置守护进程
+		$DIR/start.sh deamon
+		#其他设置
+		$DIR/start.sh afstart
+	else
+		start_service
+	fi
+}

scripts/getdate.sh

@@ -0,0 +1,599 @@
+#!/bin/bash
+# Copyright (C) Juewuy
+
+linkconfig(){
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo 当前使用规则为：$rule_link
+echo 1	ACL4SSR通用版无去广告（推荐）
+echo 2	ACL4SSR精简全能版（推荐）
+echo 3	ACL4SSR通用版+去广告加强
+echo 4	ACL4SSR精简版+去广告加强
+echo 5	ACL4SSR重度全分组+奈飞分流
+echo 6	ACL4SSR重度全分组+去广告加强
+echo 7	洞主规则精简版（推荐）
+echo 8	洞主规则重度完整版
+echo 9	神机规则高级版
+echo 10	神机规则-回国专用
+echo 11	李哥规则-墙洞专用
+echo 12	基础规则-仅Geoip CN+Final
+echo 13	网易云解锁-仅规则分组
+echo -----------------------------------------------
+echo 0 返回上级菜单
+read -p "请输入对应数字 > " num
+if [ -z "$num" ] || [[ $num -gt 13 ]];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = "0" ]];then
+	echo 
+elif [[ $num -le 13 ]];then
+	#将对应标记值写入mark
+	sed -i '/rule_link*/'d $ccfg
+	sed -i "4i\rule_link="$num"" $ccfg	
+	rule_link=$num
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
+fi
+}
+linkserver(){
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[36m 感谢 https://github.com/tindy2013/subconverter \033[0m"
+echo 当前使用后端为：$server_link
+echo 1 subcon.dlj.tf
+echo 2 subconverter.herokuapp.com
+echo 3 subcon.py6.pw
+echo 4 api.dler.io
+echo 5 api.wcc.best
+echo -----------------------------------------------
+echo 0 返回上级菜单
+read -p "请输入对应数字 > " num
+if [ -z "$num" ] || [[ $num -gt 5 ]];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = 0 ]];then
+	echo
+elif [[ $num -le 5 ]];then
+	#将对应标记值写入mark
+	sed -i '/server_link*/'d $ccfg
+	sed -i "4i\server_link="$num"" $ccfg	
+	server_link=$num
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
+fi
+}
+linkfilter(){
+[ -z "$exclude" ] && exclude="未设置"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[33m当前过滤关键字：\033[47;30m$exclude\033[0m"
+echo -----------------------------------------------
+echo -e "\033[33m匹配关键字的节点会在导入时被【屏蔽】！！！\033[0m"
+echo -e "多个关键字可以用\033[30;47m | \033[0m号分隔"
+echo -e "\033[32m支持正则表达式\033[0m，空格请使用\033[30;47m + \033[0m号替代"
+echo -----------------------------------------------
+echo -e " 000   \033[31m删除\033[0m关键字"
+echo -e " 回车  取消输入并返回上级菜单"
+echo -----------------------------------------------
+read -p "请输入关键字 > " exclude
+if [ -z "$exclude" ]; then
+	linkset
+elif [ "$exclude" = '000' ]; then
+	echo -----------------------------------------------
+	exclude=''
+	echo -e "\033[31m 已删除节点过滤关键字！！！\033[0m"
+fi
+sed -i '/exclude=*/'d $ccfg
+sed -i "1i\exclude=\'$exclude\'" $ccfg
+linkset
+}
+linkfilter2(){
+[ -z "$include" ] && include="未设置"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[33m当前筛选关键字：\033[47;30m$include\033[0m"
+echo -----------------------------------------------
+echo -e "\033[33m仅有匹配关键字的节点才会被【导入】！！！\033[0m"
+echo -e "多个关键字可以用\033[30;47m | \033[0m号分隔"
+echo -e "\033[32m支持正则表达式\033[0m，空格请使用\033[30;47m + \033[0m号替代"
+echo -----------------------------------------------
+echo -e " 000   \033[31m删除\033[0m关键字"
+echo -e " 回车  取消输入并返回上级菜单"
+echo -----------------------------------------------
+read -p "请输入关键字 > " include
+if [ -z "$include" ]; then
+	linkset
+elif [ "$include" = '000' ]; then
+	echo -----------------------------------------------
+	include=''
+	echo -e "\033[31m 已删除节点匹配关键字！！！\033[0m"
+fi
+sed -i '/include=*/'d $ccfg
+sed -i "1i\include=\'$include\'" $ccfg
+linkset
+}
+linkset(){
+if [ -n "$Url" ];then
+	[ -z "$skip_cert" ] && skip_cert=已开启
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[47;30m请检查输入的链接是否正确：\033[0m"
+	echo -e "\033[32;4m$Url\033[0m"
+	echo -----------------------------------------------
+	echo -e " 1 \033[36m生成配置文件\033[0m（原文件将被备份）"
+	echo -e " 2 设置\033[31m节点过滤\033[0m关键字 \033[47;30m$exclude\033[0m"
+	echo -e " 3 设置\033[32m节点筛选\033[0m关键字 \033[47;30m$include\033[0m"
+	echo -e " 4 选取在线\033[33m配置规则模版\033[0m"
+	echo -e " 5 \033[0m选取在线生成服务器\033[0m"
+	echo -e " 6 \033[0m跳过本地证书验证：	\033[36m$skip_cert\033[0m   ————自建tls节点务必开启"
+	echo -----------------------------------------------
+	echo -e " 0 \033[31m取消导入\033[0m并返回上级菜单"
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		clashlink
+	elif [ "$num" = '0' ]; then
+		clashlink
+	elif [ "$num" = '1' ]; then
+		#将用户链接写入mark
+		sed -i '/Url=*/'d $ccfg
+		sed -i '/Https=*/'d $ccfg
+		sed -i "6i\Url=\'$Url\'" $ccfg
+		Https=""
+		#获取在线yaml文件
+		$clashdir/start.sh getyaml
+		start_over
+		exit;
+	elif [ "$num" = '2' ]; then
+		linkfilter
+		linkset
+	elif [ "$num" = '3' ]; then
+		linkfilter2
+		linkset
+	elif [ "$num" = '4' ]; then
+		linkconfig
+		linkset
+	elif [ "$num" = '5' ]; then
+		linkserver
+		linkset
+	elif [ "$num" = '6' ]; then
+		sed -i '/skip_cert*/'d $ccfg
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ "$skip_cert" = "未开启" ] > /dev/null 2>&1; then 
+			sed -i "1i\skip_cert=已开启" $ccfg
+			#echo -e "\033[33m已设为开启跳过本地证书验证！！\033[0m"
+			skip_cert=已开启
+		else
+			sed -i "1i\skip_cert=未开启" $ccfg
+			#echo -e "\033[33m已设为禁止跳过本地证书验证！！\033[0m"
+			skip_cert=未开启
+		fi
+		linkset
+	else
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请输入正确的数字！\033[0m"
+		linkset
+	fi
+	clashlink
+fi
+}
+getlink(){
+#设置输入循环
+i=1
+while [ $i -le 99 ]
+do
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+	echo -e "\033[31m本功能依赖第三方网站在线服务实现，脚本本身不提供任何代理服务！\033[0m"
+	echo -----------------------------------------------
+	echo -e "支持批量导入订阅文件的在线链接"
+	echo -----------------------------------------------
+	echo -e " 0   \033[31m撤销输入\033[0m"
+	echo -e "回车 \033[32m完成输入\033[0m并\033[33m开始导入\033[0m配置文件！"
+	echo -----------------------------------------------
+	read -p "请输入第${i}个链接 > " url
+	test=$(echo $url | grep "://")
+	url=`echo ${url/\ \(*\)/''}`   #删除恶心的超链接内容
+	url=`echo ${url/*\&url\=/""}`   #将clash完整链接还原成单一链接
+	url=`echo ${url/\&config\=*/""}`   #将clash完整链接还原成单一链接
+	url=`echo ${url//\&/\%26}`   #将分隔符 & 替换成urlcode：%26
+	if [[ "$test" != "" ]];then
+		if [ -z "$Url" ];then
+			Url="$url"
+		else
+			Url="$Url"\|"$url"
+		fi
+		i=$((i+1))
+	elif [ -z "$url" ];then
+		[ -n "$Url" ] && linkset
+	elif [[ $url == 0 ]];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m已撤销并删除所有已输入的链接！！！\033[0m"
+		Url=""
+		sleep 1
+		clashlink
+	else
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请输入正确的订阅链接！！！\033[0m"
+	fi
+done
+####
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo 输入太多啦，可能会导致订阅失败！
+echo "多个较短的链接请尽量用“|”分隔以一次性输入！"
+clashlink
+} 
+getlink2(){
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[33m仅限导入完整clash配置文件链接！！！\033[0m"
+echo -e "可以使用\033[32m https://acl4ssr.netlify.app \033[0m在线生成配置文件"
+echo -e "\033[36m导入后如无法运行，请使用【导入订阅】功能"
+echo -----------------------------------------------
+echo -e "\033[33m0 返回上级菜单\033[0m"
+echo -----------------------------------------------
+read -p "请输入完整链接 > " Https
+test=$(echo $Https | grep -iE "http.*://" )
+Https=`echo ${Https/\ \(*\)/''}`   #删除恶心的超链接内容
+if [ -n "$Https" -a -n "$test" ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e 请检查输入的链接是否正确：
+	echo -e "\033[4m$Https\033[0m"
+	read -p "确认导入配置文件？原配置文件将被更名为config.yaml.bak![1/0] > " res
+		if [ "$res" = '1' ]; then
+			#将用户链接写入mark
+			sed -i '/Url=*/'d $ccfg
+			sed -i '/Https=*/'d $ccfg
+			sed -i "6i\Https=\'$Https\'" $ccfg
+			#获取在线yaml文件
+			$clashdir/start.sh getyaml
+			start_over
+			exit;
+		fi
+elif [[ $Https == 0 ]];then
+	clashlink
+else
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的配置文件链接地址！！！\033[0m"
+	echo -e "\033[33m链接地址必须是http或者https开头的形式\033[0m"
+	clashlink
+fi
+}
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+getsh(){
+echo -----------------------------------------------
+echo -e "当前脚本版本为：\033[33m $versionsh_l \033[0m"
+echo -e "最新脚本版本为：\033[32m $release_new \033[0m"
+echo -----------------------------------------------
+read -p "是否更新脚本？[1/0] > " res
+if [ "$res" = '1' ]; then
+	tarurl=$update_url/bin/clashfm.tar.gz
+	#下载更新
+	gettar
+	#提示
+	echo -----------------------------------------------
+	echo -e "\033[32m管理脚本更新成功!\033[0m"
+	echo -----------------------------------------------
+	exit;
+	else
+	update
+fi
+}
+getcore(){
+#获取核心及版本信息
+[ ! -f $clashdir/clash ] && clashcore="未安装核心"
+#获取设备处理器架构
+	getcputype(){
+		cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
+		[ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5"
+		[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && cpucore="armv7"
+		[ -n "$(echo $cputype | grep -E "linux.*aarch64.*|linux.*armv8.*")" ] && cpucore="armv8"
+		[ -n "$(echo $cputype | grep -E "linux.*86.*")" ] && cpucore="386"
+		[ -n "$(echo $cputype | grep -E "linux.*86_64.*")" ] && cpucore="amd64"
+		if [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ];then
+			mipstype=$(echo -n I | hexdump -o | awk '{ print substr($2,6,1); exit}') #通过判断大小端判断mips或mipsle
+			if [ "$mipstype" = "1" ];then
+				cpucore="mipsle-softfloat"
+				#[ -n "$(uname -a | grep -E "M2100")" ] && cpucore="mipsle-hardfloat"
+			else
+				cpucore="mips-softfloat"
+			fi
+		fi
+	}
+###
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+[ -z "$cpucore" ] && getcputype
+echo -e "当前clash核心：\033[47;30m $clashcore \033[46;30m$clashv\033[0m"
+echo -e "当前系统处理器架构：\033[32m $cpucore \033[0m"
+echo -e "\033[33m请选择需要下载的核心版本！\033[0m"
+echo -----------------------------------------------
+echo "1 clash：     稳定，内存占用小，推荐！"
+echo "(官方正式版)  不支持Tun模式、混合模式"
+echo
+echo "2 clashpre：  支持Tun模式、混合模式"
+echo "(高级预览版)  内存占用更高"
+echo
+echo "3 手动指定处理器架构"
+echo -----------------------------------------------
+echo 0 返回上级菜单 
+read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		echo -----------------------------------------------
+		echo -e "\033[31m请输入正确的数字！\033[0m"
+		update
+	elif [[ $num == 0 ]]; then
+		update
+	elif [[ $num == 1 ]]; then
+		clashcore=clash
+		version=$clash_v
+	elif [[ $num == 2 ]]; then
+		clashcore=clashpre
+		version=$clashpre_v
+	elif [[ $num == 3 ]]; then
+		cpucore_list="armv5 armv7 armv8 386 amd64 mipsle-softfloat mipsle-hardfloat mips-softfloat"
+		echo -----------------------------------------------
+		echo -e "\033[31m仅适合脚本无法正确识别核心或核心无法正常运行时使用！\033[0m"
+		echo -e "当前可供在线下载的处理器架构为："
+		echo -e "\033[32m$cpucore_list\033[0m"
+		echo -e "如果您的CPU架构未在以上列表中，请运行【uname -a】命令,并复制好返回信息"
+		echo -e "之后前往 t.me/clashfm 群提交或 github.com/juewuy/ShellClash 提交issue"
+		echo -----------------------------------------------
+		read -p "请手动输入处理器架构 > " cpucore
+		if [ -z "$(echo $cpucore_list |grep "$cpucore")" ];then
+			echo -e "\033[31m请输入正确的处理器架构！\033[0m"
+			sleep 1
+			cpucore=""
+		fi
+		getcore
+	else
+		echo -----------------------------------------------
+		echo -e "\033[31m请输入正确的数字！\033[0m"
+		update
+	fi
+#生成链接
+corelink="$update_url/bin/$clashcore/clash-linux-$cpucore"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo 正在连接服务器获取clash核心文件…………链接地址为：
+echo -e "\033[4;32m$corelink\033[0m"
+echo 如无法正常下载可以手动复制到浏览器下载核心文件！
+echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo -e "|                                             |"
+echo -e "|         需要一点时间，请耐心等待！          |"
+echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出        |"
+echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+#获取在线clash核心文件
+result=$(curl -w %{http_code} -kLo /tmp/clash.new $corelink)
+if [ "$result" != "200" ];then
+	echo -----------------------------------------------
+	echo -e "\033[31m核心文件下载失败！\033[0m"
+	echo -----------------------------------------------
+	getcore
+else
+	echo -e "\033[32m$clashcore核心下载成功，正在替换！\033[0m"
+	mv /tmp/clash.new $clashdir/clash
+	chmod  777 $clashdir/clash  #授予权限
+	sed -i '/clashcore=*/'d $ccfg
+	sed -i "1i\clashcore=$clashcore" $ccfg
+	sed -i '/clashv=*/'d $ccfg
+	sed -i "1i\clashv=$version" $ccfg
+	rm -rf /tmp/clashversion
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[32m$clashcore核心替换成功，请手动启动clash服务！\033[0m"
+	clashsh
+fi			
+}
+getgeo(){
+echo -----------------------------------------------
+echo -e "当前GeoIP版本为：\033[33m $Geo_v \033[0m"
+echo -e "最新GeoIP版本为：\033[32m $GeoIP_v \033[0m"
+echo -----------------------------------------------
+read -p "是否更新数据库文件？[1/0] > " res
+if [ "$res" = '1' ]; then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo 正在从服务器获取数据库文件…………
+	result=$(curl -w %{http_code} -kLo /tmp/Country.mmdb $update_url/bin/Country.mmdb)
+	if [ "$result" != "200" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m文件下载失败！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		getgeo
+	else
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[32mGeoIP数据库文件下载成功！\033[0m"
+		mv /tmp/Country.mmdb $clashdir/Country.mmdb
+		sed -i '/Geo_v=*/'d $ccfg
+		sed -i "1i\Geo_v=$GeoIP_v" $ccfg
+		rm -rf /tmp/clashversion
+		clashsh
+	fi
+else
+clashsh
+fi
+}
+getdb(){
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[36m安装本地版dashboard管理面板\033[0m"
+echo -----------------------------------------------
+echo -e "\033[32m打开管理面板的速度更快且更稳定"
+echo -e "\033[33m需要占用约500kb的本地空间\033[0m"
+echo -----------------------------------------------
+echo -e " 1 在$clashdir/ui目录安装（推荐！）\033[33m安装后需重启clash服务！！！\033[0m"
+echo " 2 在/www/clash目录安装(依赖路由器自带的Nginx服务，可能安装失败！)"
+echo -----------------------------------------------
+echo " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+
+if [ -z "$num" ];then
+	update
+elif [ "$num" = '1' ]; then
+	dbdir=$clashdir/ui
+	hostdir=":$db_port/ui\033[0;36m访问面板(需重启clash服务！)"
+elif [ "$num" = '2' ]; then
+	dbdir=/www/clash
+	hostdir='/clash\033[0;36m访问面板'
+else
+	update
+fi
+	#下载及安装
+	if [ -d /www/clash -o -d $clashdir/ui ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m检测到您已经安装过本地面板了！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		read -p "是否覆盖安装？[1/0] > " res
+		if [ -z "$res" ]; then
+			update
+		elif [ "$res" = 1 ]; then
+			rm -rf /www/clash
+			rm -rf $clashdir/ui
+		else
+			update
+		fi
+	fi
+	dblink="$update_url/bin/clashdb.tar.gz"
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo 正在连接服务器获取安装文件…………
+	result=$(curl -w %{http_code} -kLo /tmp/clashdb.tar.gz $dblink)
+	if [ "$result" != "200" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m文件下载失败！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		getdb
+	else
+		echo -e "\033[33m下载成功，正在解压文件！\033[0m"
+		mkdir -p $dbdir > /dev/null
+		tar -zxvf '/tmp/clashdb.tar.gz' -C $dbdir > /dev/null
+		[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+		#修改默认host和端口
+		sed -i "s/127.0.0.1/${host}/g" $dbdir/js/*.js
+		sed -i "s/9090/${db_port}/g" $dbdir/js/*.js
+		#
+		echo -e "\033[32m面板安装成功！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[36m请使用\033[32;4mhttp://$host$hostdir\033[0m"
+		rm -rf /tmp/clashdb.tar.gz
+		update
+	fi
+	
+update
+}
+catpac(){
+#检测目录
+[ ! -d /www/clash -a ! -d $clashdir/ui ]&&echo 未检测到本地Dashboard面板，请先安装面板！&&sleep 1&&getdb
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+[ -d /www/clash ]&&dir="/www/clash"&&pac=http://$host/clash/pac
+[ -d $clashdir/ui ]&&dir="$clashdir/ui"&&pac=http://$host:$db_port/ui/pac
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[30;47m生成用于设备WIFI或浏览器的自动PAC代理文件\033[0m"
+echo -e "\033[33m非纯净模式不推荐使用此功能\033[0m"
+[ -f $dir/pac ]&&echo -e "PAC地址：\033[32m$pac\033[0m"
+echo -----------------------------------------------
+echo -e " 1 生成PAC文件"
+echo -e " 2 清除PAC文件"
+echo -----------------------------------------------
+echo -e " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+	if [ "$num" = '1' ]; then
+		echo 'function FindProxyForURL(url, host) {' > $dir/pac
+		echo "    return \"SOCKS $host:$mix_port; PROXY $host:$mix_port; DIRECT;\"" >> $dir/pac
+		echo '}' >> $dir/pac
+		echo -e "\033[33mPAC文件已生成！\033[0m"
+		echo -e "PAC地址：\033[32m$pac\033[0m"
+		echo "使用教程：https://baike.baidu.com/item/PAC/16292100"
+		sleep 2
+	elif [[ $num == 2 ]]; then
+		rm -rf $dir/pac
+		echo -----------------------------------------------
+		echo -e "\033[33mPAC文件已清除！\033[0m"
+		sleep 1
+	fi
+}
+setserver(){
+
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[30;47m您可以在此处切换在线更新时使用的资源地址\033[0m"
+echo -e "当前源：\033[4;32m$update_url\033[0m"
+echo -----------------------------------------------
+echo -e " 1 Github源(直连美国服务器)"
+echo -e " 2 Jsdelivr-CDN源(仅同步最新release版本)"
+echo -e " 3 Github源+clash代理(需开启clash服务)"
+echo -e " 4 自定义输入(请务必确保路径正确)"
+echo -e " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+if	[ -z "$num" ]; then 
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+	update
+elif [[ $num == 1 ]]; then
+	update_url='--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master'
+elif [[ $num == 2 ]]; then
+	update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
+elif [[ $num == 3 ]]; then
+	update_url='-x 127.0.0.1:'$mix_port' https://raw.githubusercontent.com/juewuy/ShellClash/master'
+elif [[ $num == 4 ]]; then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	read -p "请输入个人源路径 > " update_url
+	if [ -z "$update_url" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m取消输入，返回上级菜单\033[0m"
+		update
+	fi
+elif [[ $num == 9 ]]; then
+	update_url='http://127.0.0.1:8080/clash-for-Miwifi'
+else
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+	update
+fi
+#写入mark文件
+sed -i '/update_url*/'d $ccfg
+sed -i "1i\update_url=\'$update_url\'" $ccfg
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[32m源地址更新成功！\033[0m"
+release_new=""
+update
+}

scripts/start.sh

@@ -0,0 +1,412 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+getconfig(){
+#加载环境变量
+[ -z "$clashdir" ] && source /etc/profile > /dev/null 2>&1
+ccfg=$clashdir/mark
+#检查/读取标识文件
+[ ! -f $ccfg ]&& echo '#标识clash运行状态的文件，不明勿动！' >> $ccfg
+source $ccfg
+#默认设置
+[ -z "$skip_cert" ] && skip_cert=已开启
+[ -z "$common_ports" ] && common_ports=已开启
+[ -z "$dns_mod" ] && dns_mod=redir_host
+[ -z "$dns_over" ] && dns_over=已开启
+[ -z "$modify_yaml" ] && modify_yaml=未开启
+[ -z "$ipv6_support" ] && ipv6_support=未开启
+[ -z "$start_old" ] && start_old=未开启
+[ -z "$local_proxy" ] && local_proxy=未开启
+[ -z "$mix_port" ] && mix_port=7890
+[ -z "$redir_port" ] && redir_port=7892
+[ -z "$db_port" ] && db_port=9999
+[ -z "$dns_port" ] && dns_port=1053
+#是否代理常用端口
+[ "$common_ports" = "已开启" ] && ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
+}
+getyaml(){
+#前后端订阅服务器地址索引，可在此处添加！
+Server=`sed -n ""$server_link"p"<<EOF
+subcon.dlj.tf
+subconverter.herokuapp.com
+subcon.py6.pw
+api.dler.io
+api.wcc.best
+EOF`
+Config=`sed -n ""$rule_link"p"<<EOF
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_Netflix.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_AdblockPlus.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_clash.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_dler.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_pro.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_backtocn.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/dlercloud_lige_platinum.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/basic.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/netease.ini
+EOF`
+#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
+if [ -z "$Https" ];then
+	#echo $Url
+	Https="https://$Server/sub?target=clash&insert=true&new_name=true&scv=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
+	markhttp=1
+fi
+#
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo 正在连接服务器获取配置文件…………链接地址为：
+echo -e "\033[4;32m$Https\033[0m"
+echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
+echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo -e "|                                             |"
+echo -e "|         需要一点时间，请耐心等待！          |"
+echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出\033[36m        |"
+echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+#获取在线yaml文件
+yaml=$clashdir/config.yaml
+yamlnew=/tmp/config.yaml
+rm -rf $yamlnew > /dev/null 2>&1
+result=$(curl -w %{http_code} -kLo $yamlnew $Https)
+if [ "$result" != "200" ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m配置文件获取失败！\033[0m"
+	if [ -z "$markhttp" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请尝试使用【导入节点/链接】功能！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	else
+		if [ "$retry" -ge 5 ];then
+			echo -e "\033[32m无法获取配置文件，请检查链接格式以及网络连接状态！\033[0m"
+			exit 1
+		else
+			retry=$((retry+1))
+			echo -e "\033[32m尝试使用其他服务器获取配置！\033[0m"
+			echo -e "\033[33m正在尝试第$retry次/共5次！\033[0m"
+			sed -i '/server_link=*/'d $ccfg
+			if [ "$server_link" -ge 5 ]; then
+				server_link=0
+			fi
+			server_link=$((server_link+1))
+			sed -i "1i\server_link=$server_link" $ccfg
+			Https=""
+			getyaml
+		fi
+	fi
+else
+	Https=""
+	#检测节点
+	if [ -z "$(cat $yamlnew | grep 'server:' | grep -v 'nameserver')" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[33m获取到了配置文件，但似乎并不包含正确的节点信息！\033[0m"
+		echo -----------------------------------------------
+		sed -n '1,30p' $yamlnew
+		echo -----------------------------------------------
+		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测旧格式
+	if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m已经停止对旧格式配置文件的支持！！！\033[0m"
+		echo -e "请使用新格式或者使用【导入节点/链接】功能！"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测不支持的加密协议
+	if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m不支持chacha20加密，请更换节点加密协议！！！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#替换文件
+	[ -f $yaml ] && mv $yaml $yaml.bak
+	mv $yamlnew $yaml
+	echo 配置文件已生成！正在启动clash使其生效！
+	#重启clash服务
+	$0 stop
+	$0 start
+	sleep 1
+	if [ -z "$(pidof clash)" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ -f $yaml.bak ];then
+			$clashdir/start.sh stop
+			mv $yaml.bak $yaml
+			$0 start
+			echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
+			sleep 1
+			[ -n "$(pidof clash)" ] && exit 0
+		fi
+		echo -e "\033[31mclash服务启动失败！请查看报错信息！\033[0m"
+		$0 stop
+		$clashdir/clash -t -d $clashdir
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+fi
+}
+modify_yaml(){
+##########需要变更的配置###########
+lan='allow-lan: true'
+mode='mode: Rule'
+log='log-level: info'
+[ "$ipv6_support" = "已开启" ] && ipv6='ipv6: true' || ipv6='ipv6: false'
+external="external-controller: 0.0.0.0:$db_port"
+[ -d $clashdir/ui ] && db_ui=ui
+[ "$redir_mod" != "Redir模式" ] && tun='tun: {enable: true, stack: system}' || tun='tun: {enable: false}'
+exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
+#dns配置
+if [ "$dns_mod" = "fake-ip" ];then
+	dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org"], nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+elif [ "$dns_over" = "已开启" ];then
+	dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+else
+	dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+fi
+
+###################################
+	yaml=$clashdir/config.yaml
+	#预删除需要添加的项目
+	i=$(grep  -n  "^proxies:" $clashdir/config.yaml | head -1 | cut -d ":" -f 1)
+	i=$((i-1))
+	sed -i "1,${i}d" $yaml
+	#添加配置
+	sed -i "1imixed-port:\ $mix_port" $yaml
+	sed -i "1aredir-port:\ $redir_port" $yaml
+	sed -i "2a$lan" $yaml
+	sed -i "3a$mode" $yaml
+	sed -i "4a$log" $yaml
+	sed -i "5a$ipv6" $yaml
+	sed -i "6aexternal-controller:\ :$db_port" $yaml
+	sed -i "7aexternal-ui:\ $db_ui" $yaml
+	sed -i "8asecret:\ $secret" $yaml
+	sed -i "9a$dns" $yaml
+	sed -i "10a$tun" $yaml
+	sed -i "11a$exper" $yaml
+	#跳过本地tls证书验证
+	if [ "$skip_cert" = "已开启" ];then
+	sed -i '10,99s/skip-cert-verify: false/skip-cert-verify: true/' $yaml
+	else
+	sed -i '10,99s/skip-cert-verify: true/skip-cert-verify: false/' $yaml
+	fi
+}
+mark_time(){
+	start_time=`date +%s`
+	sed -i '/start_time*/'d $clashdir/mark
+	sed -i "1i\start_time=$start_time" $clashdir/mark
+}
+start_redir(){
+	#流量过滤规则
+	iptables -t nat -N clash
+	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
+	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
+	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash -m mac --mac-source $mac -j RETURN
+	done
+	#设置防火墙流量转发
+	iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports $redir_port
+	iptables -t nat -A PREROUTING -p tcp -j clash
+	#设置ipv6转发
+	if [ -n "ip6_nat" -a "$ipv6_support" = "已开启" ];then
+		ip6tables -t nat -N clashv6
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clashv6 -m mac --mac-source $mac -j RETURN
+		done
+		ip6tables -t nat -A clashv6 -p tcp $ports-j REDIRECT --to-ports $redir_port
+		ip6tables -t nat -A PREROUTING -p tcp -j clashv6
+	fi
+}
+stop_iptables(){
+    #重置iptables规则
+	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash_dns > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash_dns > /dev/null 2>&1
+	iptables -t nat -F clash > /dev/null 2>&1
+	iptables -t nat -X clash > /dev/null 2>&1
+	iptables -t nat -F clash_dns > /dev/null 2>&1
+	iptables -t nat -X clash_dns > /dev/null 2>&1
+	iptables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	#重置ipv6规则
+	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 > /dev/null 2>&1
+	ip6tables -t nat -D PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -F clashv6 > /dev/null 2>&1
+	ip6tables -t nat -X clashv6 > /dev/null 2>&1
+	ip6tables -t nat -F clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -X clashv6_dns > /dev/null 2>&1
+	ip6tables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+}
+start_dns(){
+	#允许tun网卡接受流量
+	if [ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ];then
+		iptables -I FORWARD -o utun -j ACCEPT
+		[ "$ipv6_support" = "已开启" ] && ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	fi
+	#设置dns转发
+	iptables -t nat -N clash_dns
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN
+	done
+	iptables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to $dns_port
+	iptables -t nat -A clash_dns -p tcp --dport 53 -j REDIRECT --to $dns_port
+	iptables -t nat -A PREROUTING -p udp -j clash_dns
+	#Google home DNS特殊处理
+	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash_dns
+	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash_dns
+	#ipv6DNS
+	ip6_nat=$(ip6tables -t nat -L 2>&1|grep -o 'Chain')
+	if [ -n "ip6_nat" ];then
+		ip6tables -t nat -N clashv6_dns > /dev/null 2>&1
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clashv6_dns -m mac --mac-source $mac -j RETURN > /dev/null 2>&1
+		done
+		ip6tables -t nat -A clashv6_dns -p udp --dport 53 -j REDIRECT --to $dns_port > /dev/null 2>&1
+		ip6tables -t nat -A PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
+	else
+		 ip6tables -I INPUT -p tcp --dport 53 -j REJECT
+		 ip6tables -I INPUT -p udp --dport 53 -j REJECT
+	fi
+}
+daemon(){
+	if [ -n "$cronpath" ];then
+		echo '*/1 * * * * test -z "$(pidof clash)"  &&  /etc/init.d/clash restart #clash保守模式守护进程' >> $cronpath
+		chmod 600 $cronpath
+	else
+		echo 找不到定时任务配置文件，无法添加守护进程！
+		echo 请进入定时任务菜单手动指定系统定时任务文件路径！！！
+	fi
+}
+web_save(){
+	#使用curl获取面板节点设置
+	curl -s -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" http://localhost:${db_port}/proxies | awk -F "{" '{for(i=1;i<=NF;i++) print $i}' | grep -E '^"all".*"Selector"' | grep -oE '"name".*"now".*",' | sed 's/"name"://g' | sed 's/"now"://g'| sed 's/"//g' > /tmp/clash_web_save
+	#对比文件，如果有变动则写入磁盘，否则清除缓存
+	if [ "$(cat /tmp/clash_web_save)" = "$(cat $clashdir/web_save 2>/dev/null)" ];then
+		rm -rf /tmp/clash_web_save
+	else
+		mv -f /tmp/clash_web_save $clashdir/web_save
+	fi
+}
+web_restore(){
+	#设置循环检测clash面板端口
+	i=1
+	while [ $i -lt 10 ]
+	do
+		sleep 1
+		[ -n "$(curl -s http://localhost:${db_port})" ] && i=10
+	done
+	#发送数据
+	num=$(cat $clashdir/web_save | wc -l)
+	for i in `seq $num`;
+	do
+		group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' $clashdir/web_save | sed 's/ /%20/g')
+		now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' $clashdir/web_save)
+		curl -sS -X PUT -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" http://localhost:${db_port}/proxies/"${group_name}" -d "{\"name\":\"${now_name}\"}" >/dev/null
+	done
+	exit 0
+}
+web_save_auto(){
+	if [ -n "$cronpath" ];then
+		if [ -z "$(cat $cronpath | grep '保存节点配置')" ];then
+			echo '*/10 * * * * test -n "$(pidof clash)"  &&  /etc/init.d/clash web_save #每10分钟保存节点配置' >> $cronpath
+			chmod 600 $cronpath
+		fi
+	else
+		echo 找不到定时任务配置文件，无法添加守护进程！
+		echo 请进入定时任务菜单手动指定系统定时任务文件路径！！！
+	fi
+}
+afstart(){
+	#读取配置文件
+	getconfig
+	#修改iptables规则使流量进入clash
+	stop_iptables
+	[ "$redir_mod" != "纯净模式" ] && start_dns
+	[ "$redir_mod" != "纯净模式" ] && [ "$redir_mod" != "Tun模式" ] && start_redir
+	#标记启动时间
+	mark_time
+	#设置本机代理
+	[ "$local_proxy" = "已开启" ] && $0 set_proxy $mix_port
+	#启用面板配置自动保存
+	web_save_auto
+	#后台还原面板配置
+	[ -f $clashdir/web_save ] && web_restore &
+}
+
+case "$1" in
+
+afstart)
+		afstart
+	;;
+start)		
+		#读取配置文件
+		getconfig
+		#使用内置规则强行覆盖config配置文件
+		[ "$modify_yaml" != "已开启" ] && modify_yaml
+		#使用不同方式启动clash服务
+		if [ "$start_old" = "已开启" ];then
+			$clashdir/clash -d $clashdir >/dev/null 2>&1 &
+			sleep 1
+			daemon
+			afstart
+		elif [ -f /etc/rc.common ];then
+			/etc/init.d/clash start
+		else
+			systemctl start clash.service
+		fi
+	;;
+stop)	
+		#读取配置文件
+		getconfig
+		#保存面板配置
+		web_save
+		#删除守护进程&面板配置自动保存
+		sed -i /clash保守模式守护进程/d $cronpath >/dev/null 2>&1
+		sed -i /面板配置自动保存/d $cronpath >/dev/null 2>&1
+		#多种方式结束进程
+		if [ -f /etc/rc.common ];then
+			/etc/init.d/clash stop >/dev/null 2>&1
+		else
+			systemctl stop clash.service >/dev/null 2>&1
+		fi
+		killall -9 clash >/dev/null 2>&1
+		#清理iptables
+		stop_iptables
+		#禁用本机代理
+		[ "$local_proxy" = "已开启" ] && $0 unset_proxy
+        ;;
+restart)
+        $0 stop
+        $0 start
+        ;;
+getyaml)	
+		getconfig
+		getyaml
+		;;
+daemon)	
+		daemon
+		;;
+web_save)
+		getconfig
+		web_save
+	;;
+set_proxy)
+		echo 'export all_proxy=http://127.0.0.1:'"$2" >> /etc/profile
+		echo 'export ALL_PROXY=$all_proxy' >> /etc/profile
+	;;
+unset_proxy)
+		sed -i '/all_proxy/'d /etc/profile
+		sed -i '/ALL_PROXY/'d /etc/profile
+	;;
+esac
+
+exit 0