v1.0.0beta11

~同步最新GeoIP数据库
~修复启动失败后依然提示服务启动的bug
~屏蔽经常出现的netstat命令提示
~优化节点链接导入功能
~修复部分设备开启ipv6后造成dns污染的问题

README.md

@@ -12,7 +12,7 @@
 设备支持：
 --
 
-~支持小米/红米全系使用官方系统或官方开发版系统的路由器设备（Ac2100系列除外）<br>
+~支持小米/红米全系使用官方系统或官方开发版系统的路由器设备<br>
 ~支持各种基于OpenWrt或使用OpenWrt二次定制开发的路由器设备<br>
 ~支持各种运行标准Linux系统（如Debian/CenOS/Armbian等）的设备<br>
 ~更多设备，请提issue或前往TG群反馈（需提供设备名称及运行uname -a返回的设备核心信息）<br>
@@ -53,4 +53,4 @@ https://github.com/juewuy/ShellClash/releases
 
 友情推广：
 --
-https://dler.best/auth/register?affid=89698
+[顶级8K专线机场-墙洞](https://dler.best/auth/register?affid=89698)

bin/version

@@ -1,2 +1,2 @@
-GeoIP_v=20200917
-versionsh=1.0.0beta9fix2
+versionsh=1.0.0beta10fix2
+GeoIP_v=20201001

scripts/clash.sh

@@ -10,7 +10,7 @@ else
 	[ -z $host ] && host=127.0.0.1
 fi
 #服务器地址
-[ -z "$update_url" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash
+[ -z "$update_url" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master
 #文件路径
 [ -z "$clashdir" ] && clashdir=$(dirname $(readlink -f "$0")) && echo "export clashdir=\"$clashdir\"" >> /etc/profile
 ccfg=$clashdir/mark
@@ -95,6 +95,7 @@ if [ ! -f $clashdir/Country.mmdb ];then
 fi
 }
 start_over(){
+	[ $? -eq 1 ] && exit
 	echo -e "\033[32mclash服务已启动！\033[0m"
 	if [ -d /www/clash ];then
 		echo -e "请使用\033[30;47m http://$host/clash \033[0m管理内置规则"
@@ -132,13 +133,11 @@ clashstart(){
 clashlink(){
 #获取订阅规则
 if [ -z "$rule_link" ]; then
-	sed -i '/rule_link=*/'d $ccfg
 	sed -i "4i\rule_link=1" $ccfg
 	rule_link=1
 fi
 #获取后端服务器地址
 if [ -z "$server_link" ]; then
-	sed -i '/server_link=*/'d $ccfg
 	sed -i "5i\server_link=1" $ccfg
 	server_link=1
 fi
@@ -146,7 +145,7 @@ echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[30;47m 欢迎使用订阅功能！\033[0m"
 echo -----------------------------------------------
 echo -e " 1 导入\033[36m节点/订阅\033[0m链接"
-echo -e " 2 使用完整clash规则链接"
+echo -e " 2 导入完整clash链接"
 echo -e " 3 添加/修改\033[32m节点过滤\033[0m关键字 \033[47;30m$exclude\033[0m"
 echo -e " 4 选取\033[33mclash配置规则\033[0m模版"
 echo -e " 5 选择在线生成服务器"
@@ -229,18 +228,19 @@ elif [[ $num == 6 ]];then
 elif [[ $num == 7 ]];then
 	if [ -z "$Url" -a -z "$Https" ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo 没有找到你的订阅链接！请先输入链接！
+		echo -e "\033[31m没有找到你的订阅链接！请先输入链接！\033[0m"
+		sleep 2
 		clashlink
 	else
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[33m当前系统记录的订阅链接为：\033[0m"
 		echo -e "\033[4;32m$Url\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		read -p "确认更新配置文件？[1/0] > " res
 		if [ "$res" = '1' ]; then
-			source $clashdir/start.sh
-			getyaml
+			$clashdir/start.sh getyaml
+			start_over
+			exit;
 		fi
 		clashlink
 	fi
@@ -573,13 +573,13 @@ if [[ $num -le 9 ]] > /dev/null 2>&1; then
 			echo -e "\033[33m改为使用保守方式启动clash服务！！\033[0m"
 			echo -e "\033[36m此模式兼容性更好但无法禁用开机启动！！\033[0m"
 			start_old=已开启
-			$clashdir/start.sh stop > /dev/null 2>&1
+			$clashdir/start.sh stop
 			sleep 2
 		else
 			sed -i "1i\start_old=未开启" $ccfg
 			echo -e "\033[32m改为使用默认方式启动clash服务！！\033[0m"
 			start_old=未开启
-			$clashdir/start.sh stop > /dev/null 2>&1
+			$clashdir/start.sh stop
 		fi
 		clashadv  
 		
@@ -635,11 +635,11 @@ update(){
 if [ -z "$release_new" ];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[33m正在检查更新！\033[0m"
-	if [ "$update_url" = "https://cdn.jsdelivr.net/gh/juewuy/ShellClash" ];then
-		release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
+	if [ "$update_url" = "https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master" ];then
+		release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 --connect-timeout 3 -m 3 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
 		update_url=$update_url@$release_new
 	fi
-	[ -z "$release_new" ] && release_new=$(curl -kfsSL $update_url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+	[ -z "$release_new" ] && release_new=$(curl -kfsSL --connect-timeout 3 -m 3 $update_url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
 	[ -z "$release_new" ] && echo "检查更新失败！"
 fi
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

scripts/getdate.sh

@@ -5,24 +5,28 @@ linkconfig(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 echo 当前使用规则为：$rule_link
-echo 1 ACL4SSR默认通用版
-echo 2 ACL4SSR精简全能版（推荐）
-echo 3 ACL4SSR通用版+去广告加强
-echo 4 ACL4SSR精简版+去广告加强
-echo 5 ACL4SSR通用版无去广告
-echo 6 ACL4SSR通用版无自动测速
-echo 7 ACL4SSR精简版无自动测速
-echo 8 ACL4SSR全分组+奈飞（慎用）
-echo 9 ACL4SSR全分组+去广告（慎用）
+echo 1	ACL4SSR通用版无去广告（推荐）
+echo 2	ACL4SSR精简全能版（推荐）
+echo 3	ACL4SSR通用版+去广告加强
+echo 4	ACL4SSR精简版+去广告加强
+echo 5	ACL4SSR重度全分组+奈飞分流
+echo 6	ACL4SSR重度全分组+去广告加强
+echo 7	洞主规则精简版（推荐）
+echo 8	洞主规则重度完整版
+echo 9	神机规则高级版
+echo 10	神机规则-回国专用
+echo 11	李哥规则-墙洞专用
+echo 12	基础规则-仅Geoip CN+Final
+echo 13	网易云解锁-仅规则分组
 echo -----------------------------------------------
 echo 0 返回上级菜单
 read -p "请输入对应数字 > " num
-if [ -z "$num" ] || [[ $num -gt 9 ]];then
+if [ -z "$num" ] || [[ $num -gt 13 ]];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[31m请输入正确的数字！\033[0m"
 elif [[ "$num" = 0 ]];then
 	echo 
-elif [[ $num -le 9 ]];then
+elif [[ $num -le 13 ]];then
 	#将对应标记值写入mark
 	sed -i '/rule_link*/'d $ccfg
 	sed -i "4i\rule_link="$num"" $ccfg	
@@ -66,7 +70,7 @@ echo -e "\033[33m当前过滤关键字：\033[47;30m$exclude\033[0m"
 echo -----------------------------------------------
 echo -e "\033[36m匹配关键字的节点会在导入时被屏蔽\033[0m"
 echo -e "多个关键字可以用\033[30;47m | \033[0m号分隔"
-echo -e "\033[32m支持正则表达式\033[0m，特殊符号请使用\033[30;47m \ \033[0m号转义"
+echo -e "\033[32m支持正则表达式\033[0m，空格请使用\033[30;47m + \033[0m号替代"
 echo -----------------------------------------------
 echo -e " 000   \033[31m删除\033[0m关键字"
 echo -e " 回车  取消输入并返回上级菜单"
@@ -110,8 +114,9 @@ if [ -n $Url ];then
 		sed -i "6i\Url=\'$Url\'" $ccfg
 		Https=""
 		#获取在线yaml文件
-		source $clashdir/start.sh
-		getyaml
+		$clashdir/start.sh getyaml
+		start_over
+		exit;
 	elif [ "$num" = '2' ]; then
 		linkfilter
 		linkset
@@ -167,15 +172,16 @@ do
 	url=`echo ${url/\&config\=*/""}`   #将clash完整链接还原成单一链接
 	url=`echo ${url//\&/\%26}`   #将分隔符 & 替换成urlcode：%26
 	if [[ "$test" != "" ]];then
-		if [[ -z $Url ]];then
+		if [ -z "$Url" ];then
 			Url="$url"
 		else
 			Url="$Url"\|"$url"
 		fi
 		i=$(($i+1))
 	elif [ -z $url ];then
-		linkset
+		[ -n "$Url" ] && linkset
 	elif [[ $url == 0 ]];then
+		Url=""
 		clashlink
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -190,7 +196,7 @@ clashlink
 } 
 getlink2(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[30;47m 此功能不明勿用，出问题自行解决！\033[0m"
+echo -e "\033[30;47m 此功能不明勿用！\033[0m"
 echo -----------------------------------------------
 echo -e "\033[33m仅限导入完整clash链接！！！\033[0m"
 echo -e "可以使用\033[32m https://acl4ssr.netlify.app \033[0m在线转换"
@@ -215,6 +221,8 @@ if [ -n $Https ];then
 				sed -i "6i\Https=\'$Https\'" $ccfg
 				#获取在线yaml文件
 				$clashdir/start.sh getyaml
+				start_over
+				exit;
 			fi
 			clashlink
 	fi
@@ -300,16 +308,16 @@ if [ ! -f $clashdir/clash ]; then
 fi
 clashcore_n=$clashcore
 #获取设备处理器架构
-cpucore=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
-[ -n "$(echo $cpucore | grep -E "linux.*armv.*")" ] && cpucore="armv5"
-[ -n "$(echo $cpucore | grep -E "linux.*aarch64.*")" ] && cpucore="armv8"
-[ -n "$(echo $cpucore | grep -E "linux.*armv8.*")" ] && cpucore="armv8"
-[ -n "$(echo $cpucore | grep -E "linux.*armv7.*")" ] && cpucore="armv7"
-[ -n "$(echo $cpucore | grep -E "linux.*x86.*")" ] && cpucore="386"
-[ -n "$(echo $cpucore | grep -E "linux.*x86_64.*")" ] && cpucore="amd64"
-if [ -n "$(echo $cpucore | grep -E "linux.*mips.*")" ];then
+cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
+[ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5"
+[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && cpucore="armv7"
+[ -n "$(echo $cputype | grep -E "linux.*aarch64.*")" ] && cpucore="armv8"
+[ -n "$(echo $cputype | grep -E "linux.*armv8.*")" ] && cpucore="armv8"
+[ -n "$(echo $cputype | grep -E "linux.*x86.*")" ] && cpucore="386"
+[ -n "$(echo $cputype | grep -E "linux.*x86_64.*")" ] && cpucore="amd64"
+if [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ];then
 	cpucore="mipsle-softfloat"
-	[ -n "$(uname -a | grep -E "*M2100*")" ] && cpucore="mipsle-hardfloat"
+	[ -n "$(uname -a | grep -E "M2100")" ] && cpucore="mipsle-hardfloat"
 fi
 ###
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -540,7 +548,7 @@ if	[ -z $num ]; then
 elif [[ $num == 1 ]]; then
 	update_url='--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master'
 elif [[ $num == 2 ]]; then
-	update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash' 
+	update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master'
 elif [[ $num == 3 ]]; then
 	update_url='-x 127.0.0.1:7890 https://raw.githubusercontent.com/juewuy/ShellClash/master'
 elif [[ $num == 4 ]]; then
@@ -563,5 +571,6 @@ sed -i '/update_url*/'d $ccfg
 sed -i "1i\update_url=\'$update_url\'" $ccfg
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[32m源地址更新成功！\033[0m"
+release_new=""
 update
 }

scripts/start.sh

@@ -19,10 +19,6 @@ source $ccfg
 [ -z "$local_proxy" ] && local_proxy=未开启
 #是否代理常用端口
 [ "$common_ports" = "已开启" ] && ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
-#检测系统端口占用
-for portx in 1053 7890 7892 9999 ;do
-	[ -n "$(netstat -ntulp |grep :$portx|grep -v clash)" ] && echo -e "检测到端口：\033[30;47m $portx \033[0m被以下进程占用！clash无法启动！" && echo $(netstat -ntulp |grep :$portx) && exit;
-done
 }
 getyaml(){
 #前后端订阅服务器地址索引，可在此处添加！
@@ -35,15 +31,19 @@ api.wcc.best
 skapi.cool
 EOF`
 Config=`sed -n ""$rule_link"p"<<EOF
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
 https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
 https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
 https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoAuto.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_NoAuto.ini
 https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_Netflix.ini
 https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_AdblockPlus.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_clash.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_dler.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_pro.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_backtocn.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/dlercloud_lige_platinum.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/basic.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/netease.ini
 EOF`
 #如果传来的是Url链接则合成Https链接，否则直接使用Https链接
 if [ -z $Https ];then
@@ -69,11 +69,11 @@ result=$(curl -w %{http_code} -kLo $yamlnew $Https)
 if [ "$result" != "200" ];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[31m配置文件获取失败！\033[0m"
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo
 	if [ -z $markhttp ];then
-		echo 请尝试使用导入节点/链接功能！
-		getlink
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请尝试使用【导入节点/链接】功能！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
 		
 	else
 		read -p "是否更换后端地址后重试？[1/0] > " res
@@ -88,69 +88,60 @@ if [ "$result" != "200" ];then
 			Https=""
 			getyaml
 		fi
-		#exit;
 	fi
 else
 	Https=""
-	if cat $yamlnew | grep ', server:' >/dev/null;then
-		#检测旧格式
-		if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			echo -e "\033[31m已经停止对旧格式配置文件的支持！！！\033[0m"
-			echo -e "请使用新格式或者使用\033[32m导入节点/订阅\033[0m功能！"
-			sleep 2
-			clashlink
-		fi
-		#检测不支持的加密协议
-		if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
-			if [ "$clashcore" = "clash" -o "$clashcore" = "clashpre" ];then
-				echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-				echo -e "\033[31m当前核心：$clashcore不支持chacha20加密！！！\033[0m"
-				echo -e "请更换使用clashR核心！！！"
-				sleep 2
-				getcore
-			fi
-		fi
-		#替换文件
-		[ -f $yaml ] && mv $yaml $yaml.bak
-		mv $yamlnew $yaml
-		echo 配置文件已生成！正在启动clash使其生效！
-		#重启clash服务
-		$0 stop
-		$0 start
-		sleep 1
-		if pidof clash >/dev/null;then
-			start_over
-		else
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			if [ -f $yaml.bak ];then
-				$clashdir/start.sh stop
-				mv $yaml.bak $yaml
-				$0 start
-				echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
-				sleep 1
-				if pidof clash >/dev/null;then
-					start_over
-				exit;
-				fi
-			fi
-			echo -e "\033[31mclash服务启动失败！请查看报错信息！\033[0m"
-			$0 stop
-			$clashdir/clash -t -d $clashdir
-			exit;
-		fi
-	else
+	#检测节点
+	if [ -z "$(cat $yamlnew | grep ', server:')" ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[33m获取到了配置文件，但格式似乎不对！\033[0m"
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -----------------------------------------------
 		sed -n '1,30p' $yamlnew
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -----------------------------------------------
 		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测旧格式
+	if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m已经停止对旧格式配置文件的支持！！！\033[0m"
+		echo -e "请使用新格式或者使用【导入节点/链接】功能！"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测不支持的加密协议
+	if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m不支持chacha20加密，请更换节点加密协议！！！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#替换文件
+	[ -f $yaml ] && mv $yaml $yaml.bak
+	mv $yamlnew $yaml
+	echo 配置文件已生成！正在启动clash使其生效！
+	#重启clash服务
+	$0 stop
+	$0 start
+	sleep 1
+	if [ -z $(pidof clash) ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ -f $yaml.bak ];then
+			$clashdir/start.sh stop
+			mv $yaml.bak $yaml
+			$0 start
+			echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
+			sleep 1
+			[ -n $(pidof clash) ] && exit 0
+		fi
+		echo -e "\033[31mclash服务启动失败！请查看报错信息！\033[0m"
+		$0 stop
+		$clashdir/clash -t -d $clashdir
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
 	fi
-	#exit;
 fi
-#exit
 }
 modify_yaml(){
 ##########需要变更的配置###########
@@ -231,12 +222,12 @@ start_redir(){
 	iptables -t nat -A PREROUTING -p tcp -j clash
 	#设置ipv6转发
 	if [ "$ipv6_support" = "已开启" ];then
-		ip6tables -t nat -N clash
+		ip6tables -t nat -N clashv6
 		for mac in $(cat $clashdir/mac); do
-			ip6tables -t nat -A clash -m mac --mac-source $mac -j RETURN
+			ip6tables -t nat -A clashv6 -m mac --mac-source $mac -j RETURN
 		done
-		ip6tables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
-		ip6tables -t nat -A PREROUTING -p tcp -j clash
+		ip6tables -t nat -A clashv6 -p tcp $ports-j REDIRECT --to-ports 7892
+		ip6tables -t nat -A PREROUTING -p tcp -j clashv6
 	fi
 }
 stop_iptables(){
@@ -245,24 +236,26 @@ stop_iptables(){
 	iptables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
 	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash_dns > /dev/null 2>&1
 	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash_dns > /dev/null 2>&1
-	
 	iptables -t nat -F clash > /dev/null 2>&1
 	iptables -t nat -X clash > /dev/null 2>&1
 	iptables -t nat -F clash_dns > /dev/null 2>&1
 	iptables -t nat -X clash_dns > /dev/null 2>&1
-
+	iptables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
 	#重置ipv6规则
-	ip6tables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
-	ip6tables -t nat -F clash > /dev/null 2>&1
-	ip6tables -t nat -X clash > /dev/null 2>&1
-	ip6tables -t nat -F clash_dns > /dev/null 2>&1
-	ip6tables -t nat -X clash_dns > /dev/null 2>&1
+	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 > /dev/null 2>&1
+	ip6tables -t nat -D PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -F clashv6 > /dev/null 2>&1
+	ip6tables -t nat -X clashv6 > /dev/null 2>&1
+	ip6tables -t nat -F clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -X clashv6_dns > /dev/null 2>&1
+	ip6tables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
 }
 start_dns(){
 	#允许tun网卡接受流量
-	iptables -I FORWARD -o utun -j ACCEPT
-	ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	if [ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ];then
+		iptables -I FORWARD -o utun -j ACCEPT
+		[ "$ipv6_support" = "已开启" ] && ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	fi
 	#设置dns转发
 	iptables -t nat -N clash_dns
 	for mac in $(cat $clashdir/mac); do
@@ -274,14 +267,13 @@ start_dns(){
 	#Google home DNS特殊处理
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash_dns
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash_dns
-
 	#ipv6DNS
-	ip6tables -t nat -N clash_dns > /dev/null 2>&1
+	ip6tables -t nat -N clashv6_dns > /dev/null 2>&1
 	for mac in $(cat $clashdir/mac); do
-		ip6tables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN > /dev/null 2>&1
+		ip6tables -t nat -A clashv6_dns -m mac --mac-source $mac -j RETURN > /dev/null 2>&1
 	done
-	ip6tables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -A PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	ip6tables -t nat -A clashv6_dns -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
+	ip6tables -t nat -A PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
 }
 checkcron(){
 	[ -d /etc/crontabs/ ]&&cronpath="/etc/crontabs/root"
@@ -313,6 +305,10 @@ afstart)
 start)		
 		#读取配置文件
 		getconfig
+		#检测系统端口占用
+		for portx in 1053 7890 7892 9999 ;do
+			[ -n "$(netstat -ntul |grep :$portx)" ] && echo "检测到端口【$portx】被以下进程占用！clash无法启动！" && echo $(netstat -ntulp |grep :$portx) && exit 1
+		done
 		#使用内置规则强行覆盖config配置文件
 		[ "$modify_yaml" != "已开启" ] && modify_yaml
 		#使用不同方式启动clash服务
@@ -352,4 +348,3 @@ daemon)
 		daemon
 		;;
 esac
-#exit 0