v1.4.1-正式版

适配： ~适配Padavan系统及梅林固件（限384以上版本） ~适配移动ax18等低版本内核设备功能： ~更新最新版本Geoip数据库文件 ~增加CN-IP绕过内核功能 ~增加对谷歌dns的强制代理配置（用于解决奈飞TV端问题） ~本机代理功能增加iptables增强模式 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加clash -u卸载命令 ~增加了部分fake-ip-filter地址优化： ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~大量菜单描述相关优化 BUG修复： ~修复部分设备1.4.0覆盖更新后无法开机启动的bug ~修复mesh设备开机启动后clash无法正常工作的bug ~修复小闪存模式设为Github源时无法正常开机启动的bug ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~自定义host功能bug修复 ~导入配置相关bug修复 ~修复crontab命令偶尔报错的问题 ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）
v1.4.1-test
2021-06-26 16:21:49 +08:00 · 2021-06-26 15:11:07 +08:00 · 2021-06-25 00:23:32 +08:00 · 2021-06-24 23:21:23 +08:00 · 2021-06-24 23:16:28 +08:00 · 2021-06-23 19:39:05 +08:00
16 changed files with 6961 additions and 502 deletions
--- a/README.md
+++ b/README.md
@@ -37,21 +37,33 @@ opkg update && opkg install curl
 ##### ~Use curl:<br>
 ```Shell
-#Release version - by github
+#By github
-sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
-#Release version - by jsdelivrCDN
+#By jsdelivrCDN
-sh -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install.sh)" && source /etc/profile &> /dev/null
+export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
 #Test version - by github
 sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" -s 1 && source /etc/profile &> /dev/null
 ```
 ##### ~Use wget：<br>
 ```sh
-#Release version - by jsdelivrCDN
+#By jsdelivrCDN
-wget -q --no-check-certificate -O /tmp/install.sh https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 ~**Use a low version of wget (prompt not to support https) local installation**:<br> First clone the project to the local under the window (or [click to download the project source code zip package](https://github.com/juewuy/ShellClash/archive/refs/heads/master.zip) to the local and decompress it) 
 ```sh
 sh git clone https://github.com/juewuy/ShellClash.git
 ```
 Then open /project address/ShellClash/bin/hfs/hfs.exe Click menu-add directory from disk-{find the directory where ShellClash source code is located}-add as real directory Click on the menu-IP address-{choose the actual IP address of your LAN} Click ShellClash-click to copy to clipboard Then use the following command to install in SSH 
 ```sh
 sh export url='Paste the copied address here' && wget -q -O /tmp/install.sh $url/install.sh && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 Later, when updating the version, you need to update the local version library and open the hfs service, and then update in the SSH menu, and then you can build a local server through hfs to realize the function of uploading and updating the yaml configuration file 
 ~**After installation by non-root users**, please execute the following additional commands to read environment variables:<br>
 ```shell
@@ -63,6 +75,7 @@ source ~/.bashrc &> /dev/null
 ```Shell
 clash #normal mode
 clash -h #help
 clash -u #uninstall
 clash -t #test mode
 ```
@@ -98,9 +111,11 @@ ubus/iproute-doc	minimal		The host address of the machine cannot be obtained nor
 ### [See blog for details](https://juewuy.github.io)
-## Donate this project
+## Donate：
-### [Go to page](https://juewuy.github.io/yOF4Yf06Q/)
+		Alipay									WeChat
 ##### <img src="http://juewuy.github.io/post-images/1604390977172.png" style="zoom:50%;" /><img src="http://juewuy.github.io/post-images/1604391042406.png" style="zoom:50%;" />
 ## Friendly promotion: 
--- a/README_CN.md
+++ b/README_CN.md
@@ -21,13 +21,13 @@
 ~通过管理脚本在Shell环境下便捷使用[Clash](https://github.com/Dreamacro/clash)<br>
 ~支持在Shell环境下管理[Clash各种功能](https://lancellc.gitbook.io/clash)<br>
 ~支持在线导入[Clash](https://github.com/Dreamacro/clash)支持的分享、订阅及配置链接<br>~支持配置定时任务，支持配置文件定时更新<br>~支持在线安装及使用本地网页面板管理内置规则<br>
-~支持路由模式、本机模式等多种模式切换<br>~支持GNOME、KDE桌面自动配置本机模式<br>~支持在线更新<br>
+~支持路由模式、本机模式等多种模式切换<br>~支持在线更新<br>
 设备支持：
 --
 ~支持各种基于OpenWrt或使用OpenWrt二次定制开发的路由器设备<br>
-~支持各种运行标准Linux系统（如Debian/CenOS/Armbian等）的设备<br>~兼容Padavan固件（保守模式）、潘多拉固件<br>~兼容各类使用Linux内核定制开发的各类型设备<br>
+~支持各种运行标准Linux系统（如Debian/CenOS/Armbian等）的设备<br>~兼容Padavan固件（保守模式）、潘多拉固件以及华硕/梅林固件<br>~兼容各类使用Linux内核定制开发的各类型设备<br>
 ——————————<br>
 ~更多设备支持，请提issue或前往TG群反馈（需提供设备名称及运行uname -a返回的设备核心信息）<br>
@@ -36,10 +36,10 @@
 --
 ~确认路由器设备已经开启SSH并获取root权限（带GUI桌面的Linux设备可使用自带终端安装）<br>
 ~使用SSH连接工具（如putty，JuiceSSH，系统自带终端等）路由器或Linux设备的SSH管理界面或终端界面，并切换到root用户<br>
-~确认设备已经安装curl或者wget下载工具。如未安装，LInux设备请[参考此处](https://www.howtoing.com/install-curl-in-linux)安装curl，基于OpenWrt（小米官方系统、潘多拉、高恪等）的设备请使用如下命令安装curl：<br>
+~确认设备已经安装curl或者wget下载工具。**如未安装**，LInux设备请[参考此处](https://www.howtoing.com/install-curl-in-linux)安装curl，基于OpenWrt（小米官方系统、潘多拉、高恪等）的设备请使用如下命令安装curl：<br>
 ```shell
-opkg update && opkg install curl
+opkg update && opkg install curl #如已安装请忽略
 ```
 ~之后在SSH界面执行如下安装命令，并按照后续提示完成安装<br>
@@ -47,19 +47,24 @@ opkg update && opkg install curl
 ~**使用curl安装**：<br>
 ```Shell
-#Release版本-github直连
+#github直连
-sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
-#Release版本-jsdelivrCDN源
+#jsdelivrCDN源
-sh -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install.sh)" && source /etc/profile &> /dev/null
+export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
 #Test版本-github直连
 sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" -s 1 && source /etc/profile &> /dev/null
 ```
 ~**使用wget安装**：<br>
 ```sh
 #Release版本-jsdelivrCDN源
-wget -q --no-check-certificate -O /tmp/install.sh https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 ~**使用低版本wget（提示不支持https）安装**：<br>
 ```sh
 #Test版本-酱紫表私人http源
 export url='http://sc.qust.me/' && wget -q -O /tmp/install.sh $url/install_n.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 ~**非root用户安装后**请额外执行以下命令以读取环境变量：<br>
@@ -73,6 +78,7 @@ source ~/.bashrc &> /dev/null
 ```Shell
 clash #正常模式运行
 clash -h #脚本帮助及说明
 clash -u #卸载脚本
 clash -t #测试模式运行
 ```
@@ -108,9 +114,11 @@ ubus/iproute-doc	极低		缺少时无法正常获取本机host地址
 ### [详见博客](https://juewuy.github.io)
-## 捐赠此项目：
+## 请喝杯茶：
-### [前往页面](https://juewuy.github.io/yOF4Yf06Q/)
+		支付宝										微信
 ##### <img src="http://juewuy.github.io/post-images/1604390977172.png" style="zoom:50%;" /><img src="http://juewuy.github.io/post-images/1604391042406.png" style="zoom:50%;" />
 友情推广：
 --
--- a/bin/Country.mmdb
+++ b/bin/Country.mmdb
--- a/bin/ca-certificates.crt
+++ b/bin/ca-certificates.crt
@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Tue Feb  9 22:06:19 2021 GMT
+## Certificate data from Mozilla as of: Sat Jun 12 22:07:57 2021 GMT
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
@@ -14,7 +14,7 @@
 ## Just configure this file as the SSLCACertificateFile.
 ##
 ## Conversion done with mk-ca-bundle.pl version 1.28.
-## SHA256: 3bdc63d1de27058fec943a999a2a8a01fcc6806a611b19221a7727d3d9bbbdfd
+## SHA256: e292bd4e2d500c86df45b830d89417be5c42ee670408f1d2c454c63d8a782865
 ##
@@ -718,51 +718,6 @@ vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz
 TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
 GeoTrust Primary Certification Authority - G2
 =============================================
 -----BEGIN CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu
 Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD
 ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1
 OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg
 MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl
 b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG
 BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc
 KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD
 VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+
 EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m
 ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2
 npaqBA+K
 -----END CERTIFICATE-----
 VeriSign Universal Root Certification Authority
 ===============================================
 -----BEGIN CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE
 BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO
 ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk
 IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u
 IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV
 UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
 cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
 IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0
 aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj
 1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP
 MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72
 9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I
 AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR
 tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G
 CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O
 a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud
 DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3
 Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx
 Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx
 P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P
 wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4
 mJO37M2CYfE45k+XmCpajQ==
 -----END CERTIFICATE-----
 NetLock Arany (Class Gold) Főtanúsítvány
 ========================================
 -----BEGIN CERTIFICATE-----
@@ -938,82 +893,6 @@ Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z
 WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
 -----END CERTIFICATE-----
 Chambers of Commerce Root - 2008
 ================================
 -----BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD
 MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv
 bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu
 QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy
 Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl
 ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF
 EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl
 cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
 AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA
 XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj
 h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/
 ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk
 NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g
 D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331
 lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ
 0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj
 ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2
 EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI
 G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ
 BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh
 bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh
 bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC
 CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH
 AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1
 wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH
 3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU
 RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6
 M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1
 YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF
 9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK
 zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG
 nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ
 -----END CERTIFICATE-----
 Global Chambersign Root - 2008
 ==============================
 -----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD
 MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv
 bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu
 QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx
 NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg
 Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ
 QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD
 aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf
 VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf
 XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0
 ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB
 /gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA
 TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M
 H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe
 Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF
 HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh
 wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB
 AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT
 BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE
 BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm
 aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm
 aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp
 1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0
 dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG
 /5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6
 ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s
 dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg
 9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH
 foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du
 qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr
 P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq
 c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
 -----END CERTIFICATE-----
 Go Daddy Root Certificate Authority - G2
 ========================================
 -----BEGIN CERTIFICATE-----
@@ -1980,36 +1859,6 @@ uglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7
 yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3
 -----END CERTIFICATE-----
 Staat der Nederlanden Root CA - G3
 ==================================
 -----BEGIN CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE
 CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g
 Um9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloXDTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMC
 TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l
 ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4y
 olQPcPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WWIkYFsO2t
 x1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqXxz8ecAgwoNzFs21v0IJy
 EavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFyKJLZWyNtZrVtB0LrpjPOktvA9mxjeM3K
 Tj215VKb8b475lRgsGYeCasH/lSJEULR9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUur
 mkVLoR9BvUhTFXFkC4az5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU5
 1nus6+N86U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7Ngzp
 07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHPbMk7ccHViLVlvMDo
 FxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXtBznaqB16nzaeErAMZRKQFWDZJkBE
 41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTtXUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMB
 AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleu
 yjWcLhL75LpdINyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD
 U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwpLiniyMMB8jPq
 KqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8Ipf3YF3qKS9Ysr1YvY2WTxB1
 v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixpgZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA
 8KCWAg8zxXHzniN9lLf9OtMJgwYh/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b
 8KKaa8MFSu1BYBQw0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0r
 mj1AfsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq4BZ+Extq
 1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR1VmiiXTTn74eS9fGbbeI
 JG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/QFH1T/U67cjF68IeHRaVesd+QnGTbksV
 tzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM94B7IWcnMFk=
 -----END CERTIFICATE-----
 Staat der Nederlanden EV Root CA
 ================================
 -----BEGIN CERTIFICATE-----
@@ -3226,3 +3075,64 @@ qqFJu3FS8r/2/yehNq+4tneI3TqkbZs0kNwUXTC/t+sX5Ie3cdCh13cV1ELX8vMxmV2b3RZtP+oG
 I/hGoiLtk/bdmuYqh7GYVPEi92tF4+KOdh2ajcQGjTa3FPOdVGm3jjzVpG2Tgbet9r1ke8LJaDmg
 kpzNNIaRkPpkUZ3+/uul9XXeifdy
 -----END CERTIFICATE-----
 AC RAIZ FNMT-RCM SERVIDORES SEGUROS
 ===================================
 -----BEGIN CERTIFICATE-----
 MIICbjCCAfOgAwIBAgIQYvYybOXE42hcG2LdnC6dlTAKBggqhkjOPQQDAzB4MQswCQYDVQQGEwJF
 UzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgwFgYDVQRhDA9WQVRFUy1RMjgy
 NjAwNEoxLDAqBgNVBAMMI0FDIFJBSVogRk5NVC1SQ00gU0VSVklET1JFUyBTRUdVUk9TMB4XDTE4
 MTIyMDA5MzczM1oXDTQzMTIyMDA5MzczM1oweDELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQt
 UkNNMQ4wDAYDVQQLDAVDZXJlczEYMBYGA1UEYQwPVkFURVMtUTI4MjYwMDRKMSwwKgYDVQQDDCNB
 QyBSQUlaIEZOTVQtUkNNIFNFUlZJRE9SRVMgU0VHVVJPUzB2MBAGByqGSM49AgEGBSuBBAAiA2IA
 BPa6V1PIyqvfNkpSIeSX0oNnnvBlUdBeh8dHsVnyV0ebAAKTRBdp20LHsbI6GA60XYyzZl2hNPk2
 LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oKUm8BA06Oi6NCMEAwDwYDVR0TAQH/BAUw
 AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFAG5L++/EYZg8k/QQW6rcx/n0m5JMAoGCCqG
 SM49BAMDA2kAMGYCMQCuSuMrQMN0EfKVrRYj3k4MGuZdpSRea0R7/DjiT8ucRRcRTBQnJlU5dUoD
 zBOQn5ICMQD6SmxgiHPz7riYYqnOK8LZiqZwMR2vsJRM60/G49HzYqc8/5MuB1xJAWdpEgJyv+c=
 -----END CERTIFICATE-----
 GlobalSign Root R46
 ===================
 -----BEGIN CERTIFICATE-----
 MIIFWjCCA0KgAwIBAgISEdK7udcjGJ5AXwqdLdDfJWfRMA0GCSqGSIb3DQEBDAUAMEYxCzAJBgNV
 BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQDExNHbG9iYWxTaWduIFJv
 b3QgUjQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAX
 BgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYwggIi
 MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokNRbopiLKkHWPd08Es
 CVeJOaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNgQB+msLZ4j5lUlghYruQGvGIFAha/
 r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3RerdELv8HQvJfTqa1VbkNud316HCkD7rRlr+/fKYIje
 2sGP1q7Vf9Q8g+7XFkyDRTNrJ9CG0Bwta/OrffGFqfUo0q3v84RLHIf8E6M6cqJaESvWJ3En7YEt
 bWaBkoe0G1h6zD8K+kZPTXhc+CtI4wSEy132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvj
 K8Cd+RTyG/FWaha/LIWFzXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNrLNRyc0NXfeD4
 12lPFzYE+cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsHTUB+JMWKmIJ5jqSngiCNI/on
 ccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++ZdU6Z+Ffy7dXxd7Pj2Fxzsx2sZy/N78CsHpdls
 eVR2bJ0cpm4O6XkMqCNqo98bMDGfsVR7/mrLZqrcZdCinkqaByFrgY/bxFn63iLABJzjqls2k+g9
 vXqhnQt2sQvHnf3PmKgGwvgqo6GDoLclcqUC4wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYD
 VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA1yrc4GHqMywptWU4jaWSf8FmSwwDQYJKoZIhvcNAQEM
 BQADggIBAHx47PYCLLtbfpIrXTncvtgdokIzTfnvpCo7RGkerNlFo048p9gkUbJUHJNOxO97k4Vg
 JuoJSOD1u8fpaNK7ajFxzHmuEajwmf3lH7wvqMxX63bEIaZHU1VNaL8FpO7XJqti2kM3S+LGteWy
 gxk6x9PbTZ4IevPuzz5i+6zoYMzRx6Fcg0XERczzF2sUyQQCPtIkpnnpHs6i58FZFZ8d4kuaPp92
 CC1r2LpXFNqD6v6MVenQTqnMdzGxRBF6XLE+0xRFFRhiJBPSy03OXIPBNvIQtQ6IbbjhVp+J3pZm
 OUdkLG5NrmJ7v2B0GbhWrJKsFjLtrWhV/pi60zTe9Mlhww6G9kuEYO4Ne7UyWHmRVSyBQ7N0H3qq
 JZ4d16GLuc1CLgSkZoNNiTW2bKg2SnkheCLQQrzRQDGQob4Ez8pn7fXwgNNgyYMqIgXQBztSvwye
 qiv5u+YfjyW6hY0XHgL+XVAEV8/+LbzvXMAaq7afJMbfc2hIkCwU9D9SGuTSyxTDYWnP4vkYxboz
 nxSjBF25cfe1lNj2M8FawTSLfJvdkzrnE6JwYZ+vj+vYxXX4M2bUdGc6N3ec592kD3ZDZopD8p/7
 DEJ4Y9HiD2971KE9dJeFt0g5QdYg/NA6s/rob8SKunE3vouXsXgxT7PntgMTzlSdriVZzH81Xwj3
 QEUxeCp6
 -----END CERTIFICATE-----
 GlobalSign Root E46
 ===================
 -----BEGIN CERTIFICATE-----
 MIICCzCCAZGgAwIBAgISEdK7ujNu1LzmJGjFDYQdmOhDMAoGCCqGSM49BAMDMEYxCzAJBgNVBAYT
 AkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQDExNHbG9iYWxTaWduIFJvb3Qg
 RTQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNV
 BAoTEEdsb2JhbFNpZ24gbnYtc2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYwdjAQBgcq
 hkjOPQIBBgUrgQQAIgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qUuwzSChDH2omwlwxwEwkB
 jtjqR+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNoIwZD7JIvU4Tb+0cUB+hflGddyXqBPCCj
 QjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQxCpCPtsad0kRL
 gLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZk
 vLtoURMMA/cVi4RguYv/Uo7njLwcAjA8+RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+
 CAezNIm8BZ/3Hobui3A=
 -----END CERTIFICATE-----
--- a/bin/china_ip_list.txt
+++ b/bin/china_ip_list.txt
--- a/bin/clashfm.tar.gz
+++ b/bin/clashfm.tar.gz
--- a/bin/cn_mini.mmdb
+++ b/bin/cn_mini.mmdb
--- a/bin/hfs/hfs.exe
+++ b/bin/hfs/hfs.exe
--- a/bin/release_version
+++ b/bin/release_version
@@ -1,8 +1,8 @@
 1.4.1
 1.3.0
 1.2.0
 1.1.0
 1.0.0beta18.2
 1.0.0beta17
 1.0.0beta15
 1.0.0beta11
 1.0.0beta5
 0.9.7
--- a/bin/version
+++ b/bin/version
@@ -1,4 +1,4 @@
 clash_v=1.6.0
 clashpre_v=2021.05.08
-GeoIP_v=20210514
+GeoIP_v=20210623
-versionsh=1.3.0
+versionsh=1.4.1
--- a/install.sh
+++ b/install.sh
@@ -2,7 +2,7 @@
 # Copyright (C) Juewuy
 echo='echo -e' && [ -n "$(echo -e|grep e)" ] && echo=echo
-[ -z "$1" ] && test=0 || test=$1
+#[ -z "$1" ] && test=0 || test=$1
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
@@ -10,12 +10,14 @@ echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
 [ -f "/etc/storage/started_script.sh" ] && systype=Padavan && initdir='/etc/storage/started_script.sh'
 [ -f "/jffs/.asusrouter" ] && systype=asusrouter && initdir='/jffs/.asusrouter'
 #检查root权限
-if [ "$USER" != "root" ];then
+if [ "$USER" != "root" -a -z "$systype" ];then
 	echo 当前用户:$USER
-	$echo "\033[31m请尽量使用root用户（但绝对不要使用sudo命令！）执行安装!\033[0m"
+	$echo "\033[31m请尽量使用root用户（不要直接使用sudo命令！）执行安装!\033[0m"
 	echo -----------------------------------------------
-	read -p "仍要安装？可能会产生大量未知错误！(1/0) > " res
+	read -p "仍要安装？可能会产生未知错误！(1/0) > " res
 	[ "$res" != "1" ] && exit
 fi
 webget(){
@@ -26,33 +28,46 @@ webget(){
 		[ -z "$4" ] && redirect='-L' || redirect=''
 		result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2)
 	else
 		if wget --version > /dev/null 2>&1;then
 			[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 			[ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 			certificate='--no-check-certificate'
 			timeout='--timeout=3'
 		fi
 		[ "$3" = "echoon" ] && progress=''
-		[ -z "$4" ] && redirect='' || redirect='--max-redirect=0'
+		[ "$3" = "echooff" ] && progress='-q'
-		wget -Y on $progress $redirect --no-check-certificate --timeout=5 -O $1 $2 
+		wget $progress $redirect $certificate $timeout -O $1 $2 
 		[ $? -eq 0 ] && result="200"
 	fi
 }
 #检查更新
-url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+[ -z "$url" ] && url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
-if [ "$test" -gt 0 ];then 
+#选择版本
-	url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master"
+echo -----------------------------------------------
-	[ "$test" -eq 2 ] && url="http://192.168.31.31:8080/ShellClash"
+$echo "\033[33m请选择想要安装的版本：\033[0m"	
-	[ "$test" -eq 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+$echo " 1 \033[32mShellclash正式版\033[0m"
 $echo " 2 \033[31mShellclash测试版\033[0m"
 echo -----------------------------------------------
 read -p "请输入相应数字 > " num
 if [ -z $num ];then
 	echo 安装已取消
 	exit;
 elif [ "$num" = "1" ];then
 	webget /tmp/clashrelease $url/bin/release_version echoon rediroff 2>/tmp/clashrelease
 	if [ "$result" = "200" ];then
 		release_new=$(cat /tmp/clashrelease | head -1)
 		url2="https://cdn.jsdelivr.net/gh/juewuy/ShellClash@$release_new"
 	else
-	webget /tmp/clashrelease $url@master/bin/release_version echoon rediroff 2>/tmp/clashrelease
+		echo "无法切换版本，尝试安装测试版！"
 	[ "$result" = "200" ] && release_new=$(cat /tmp/clashrelease | head -1)
 	[ -z "$release_new" ] && release_new=master
 	url=$url@$release_new
 	fi
-webget /tmp/clashversion $url/bin/version echooff
+fi
 [ -z "$url2" ] && url2=$url
 webget /tmp/clashversion "$url2/bin/version" echooff
 [ "$result" = "200" ] && versionsh=$(cat /tmp/clashversion | grep "versionsh" | awk -F "=" '{print $2}')
 [ -z "$release_new" ] && release_new=$versionsh
 rm -rf /tmp/clashversion
 rm -rf /tmp/clashrelease
-[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url2/bin/clashfm.tar.gz
 tarurl=$url/bin/clashfm.tar.gz
 gettar(){
 	webget /tmp/clashfm.tar.gz $tarurl
@@ -90,7 +105,12 @@ gettar(){
 	chmod  777 $clashdir/start.sh
 	sed -i '/versionsh_l=*/'d $clashdir/mark
 	echo versionsh_l=$release_new >> $clashdir/mark
 	#设置更新地址
 	sed -i '/update_url=*/'d $clashdir/mark
 	echo update_url=$url >> $clashdir/mark
 	#设置环境变量	
 	[ -w /opt/etc/profile ] && profile=/opt/etc/profile
 	[ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
 	[ -w ~/.bashrc ] && profile=~/.bashrc
 	[ -w /etc/profile ] && profile=/etc/profile
 	if [ -n "$profile" ];then
@@ -102,6 +122,8 @@ gettar(){
 		echo 无法写入环境变量！请检查安装权限！
 		exit 1
 	fi
 	#华硕/Padavan额外设置
 	[ -n "$systype" ] && sed -i '/ShellClash初始化/'d $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
 	rm -rf $clashdir/clashservice
@@ -115,16 +137,20 @@ echo -----------------------------------------------
 gettar
 echo -----------------------------------------------
 echo ShellClash 已经安装成功!
-[ "$USER" != "root" ] && echo "请执行【source ~/.bashrc &> /dev/null】命令以加载环境变量！"
+[ "$profile" = "~/.bashrc" ] && echo "请执行【source ~/.bashrc &> /dev/null】命令以加载环境变量！"
 echo -----------------------------------------------
 $echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
 echo -----------------------------------------------
 }
 setdir(){
 if [ -n "$systype" ];then
 	[ "$systype" = "Padavan" ] && dir=/etc/storage
 	[ "$systype" = "asusrouter" ] && dir=/jffs
 else
 	echo -----------------------------------------------
 	$echo "\033[33m安装ShellClash至少需要预留约1MB的磁盘空间\033[0m"	
-$echo " 1 在\033[32m/etc目录\033[0m下安装(适合路由设备)"
+	$echo " 1 在\033[32m/etc目录\033[0m下安装(适合root用户)"
-$echo " 2 在\033[32m/usr/share目录\033[0m下安装(适合大多数设备)"
+	$echo " 2 在\033[32m/usr/share目录\033[0m下安装(适合Linux设备)"
 	$echo " 3 在\033[32m当前用户目录\033[0m下安装(适合非root用户)"
 	$echo " 4 手动设置安装目录"
 	$echo " 0 退出安装"
@@ -145,7 +171,7 @@ elif [ "$num" = "4" ];then
 		echo -----------------------------------------------
 		echo '可用路径 剩余空间:'
 		df -h | awk '{print $6,$4}'| sed 1d 
-	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
+		echo '路径是必须带 / 的格式，注意写入虚拟内存(/tmp,/opt,/sys...)的文件会在重启后消失！！！'
 		read -p "请输入自定义路径 > " dir
 		if [ -z "$dir" ];then
 			$echo "\033[31m路径错误！请重新设置！\033[0m"
@@ -155,10 +181,11 @@ else
 		echo 安装已取消！！！
 		exit;
 	fi
 fi
 if [ ! -w $dir ];then
 	$echo "\033[31m没有$dir目录写入权限！请重新设置！\033[0m" && sleep 1 && setdir
 else
-	echo 目标目录磁盘剩余：$(df -h $dir | awk '{print $4}' | sed 1d )
+	$echo "目标目录\033[32m$dir\033[0m空间剩余：$(df -h $dir | awk '{print $4}' | sed 1d )"
 	read -p "确认安装？(1/0) > " res
 	[ "$res" = "1" ] && clashdir=$dir/clash || setdir
 fi
--- a/install_n.sh
+++ b/install_n.sh
@@ -0,0 +1,225 @@
 #! /bin/bash
 # Copyright (C) Juewuy
 echo='echo -e' && [ -n "$(echo -e|grep e)" ] && echo=echo
 #[ -z "$1" ] && test=0 || test=$1
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
 echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
 [ -f "/etc/storage/started_script.sh" ] && systype=Padavan && initdir='/etc/storage/started_script.sh'
 [ -f "/jffs/.asusrouter" ] && systype=asusrouter && initdir='/jffs/.asusrouter'
 #检查root权限
 if [ "$USER" != "root" -a -z "$systype" ];then
 	echo 当前用户:$USER
 	$echo "\033[31m请尽量使用root用户（不要直接使用sudo命令！）执行安装!\033[0m"
 	echo -----------------------------------------------
 	read -p "仍要安装？可能会产生未知错误！(1/0) > " res
 	[ "$res" != "1" ] && exit
 fi
 webget(){
 	#参数【$1】代表下载目录，【$2】代表在线地址
 	#参数【$3】代表输出显示，【$4】不启用重定向
 	if curl --version > /dev/null 2>&1;then
 		[ "$3" = "echooff" ] && progress='-s' || progress='-#'
 		[ -z "$4" ] && redirect='-L' || redirect=''
 		result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2)
 	else
 		if wget --version > /dev/null 2>&1;then
 			[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 			[ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 			certificate='--no-check-certificate'
 			timeout='--timeout=3'
 		fi
 		[ "$3" = "echoon" ] && progress=''
 		[ "$3" = "echooff" ] && progress='-q'
 		wget $progress $redirect $certificate $timeout -O $1 $2 
 		[ $? -eq 0 ] && result="200"
 	fi
 }
 #检查更新
 [ -z "$url" ] && url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
 #选择版本
 echo -----------------------------------------------
 $echo "\033[33m请选择想要安装的版本：\033[0m"	
 $echo " 1 \033[32mShellclash正式版\033[0m"
 $echo " 2 \033[31mShellclash测试版\033[0m"
 echo -----------------------------------------------
 read -p "请输入相应数字 > " num
 if [ -z $num ];then
 	echo 安装已取消
 	exit;
 elif [ "$num" = "1" ];then
 	webget /tmp/clashrelease $url/bin/release_version echoon rediroff 2>/tmp/clashrelease
 	if [ "$result" = "200" ];then
 		release_new=$(cat /tmp/clashrelease | head -1)
 		url2="https://cdn.jsdelivr.net/gh/juewuy/ShellClash@$release_new"
 	else
 		echo "无法切换版本，尝试安装测试版！"
 	fi
 fi
 [ -z "$url2" ] && url2=$url
 webget /tmp/clashversion "$url2/bin/version" echooff
 [ "$result" = "200" ] && versionsh=$(cat /tmp/clashversion | grep "versionsh" | awk -F "=" '{print $2}')
 [ -z "$release_new" ] && release_new=$versionsh
 rm -rf /tmp/clashversion
 rm -rf /tmp/clashrelease
 tarurl=$url2/bin/clashfm.tar.gz
 gettar(){
 	webget /tmp/clashfm.tar.gz $tarurl
 	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
 	#解压
 	echo -----------------------------------------------
 	echo 开始解压文件！
 	mkdir -p $clashdir > /dev/null
 	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
 	[ $? -ne 0 ] && echo "文件解压失败！" && rm -rf /tmp/clashfm.tar.gz && exit 1 
 	#初始化文件目录
 	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
 	#判断系统类型写入不同的启动文件
 	if [ -f /etc/rc.common ];then
 			#设为init.d方式启动
 			mv $clashdir/clashservice /etc/init.d/clash
 			chmod  777 /etc/init.d/clash
 	else
 		[ -w /etc/systemd/system ] && sysdir=/etc/systemd/system
 		[ -w /usr/lib/systemd/system ] && sysdir=/usr/lib/systemd/system
 		if [ -n "$sysdir" ];then
 			#设为systemd方式启动
 			mv $clashdir/clash.service $sysdir/clash.service
 			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
 			systemctl daemon-reload
 		else
 			#设为保守模式启动
 			sed -i '/start_old=*/'d $clashdir/mark
 			echo start_old=已开启 >> $clashdir/mark
 		fi
 	fi
 	#修饰文件及版本号
 	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
 	sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh
 	chmod  777 $clashdir/start.sh
 	sed -i '/versionsh_l=*/'d $clashdir/mark
 	echo versionsh_l=$release_new >> $clashdir/mark
 	#设置更新地址
 	sed -i '/update_url=*/'d $clashdir/mark
 	echo update_url=$url >> $clashdir/mark
 	#设置环境变量	
 	[ -w /opt/etc/profile ] && profile=/opt/etc/profile
 	[ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
 	[ -w ~/.bashrc ] && profile=~/.bashrc
 	[ -w /etc/profile ] && profile=/etc/profile
 	if [ -n "$profile" ];then
 		sed -i '/alias clash=*/'d $profile
 		echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> $profile #设置快捷命令环境变量
 		sed -i '/export clashdir=*/'d $profile
 		echo "export clashdir=\"$clashdir\"" >> $profile #设置clash路径环境变量
 	else
 		echo 无法写入环境变量！请检查安装权限！
 		exit 1
 	fi
 	#华硕/Padavan额外设置
 	[ -n "$systype" ] && sed -i '/ShellClash初始化/'d $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
 	rm -rf $clashdir/clashservice
 	rm -rf $clashdir/clash.service
 }
 #下载及安装
 install(){
 echo -----------------------------------------------
 echo 开始从服务器获取安装文件！
 echo -----------------------------------------------
 gettar
 echo -----------------------------------------------
 echo ShellClash 已经安装成功!
 [ "$profile" = "~/.bashrc" ] && echo "请执行【source ~/.bashrc &> /dev/null】命令以加载环境变量！"
 echo -----------------------------------------------
 $echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
 echo -----------------------------------------------
 }
 setdir(){
 if [ -n "$systype" ];then
 	[ "$systype" = "Padavan" ] && dir=/etc/storage
 	[ "$systype" = "asusrouter" ] && dir=/jffs
 else
 	echo -----------------------------------------------
 	$echo "\033[33m安装ShellClash至少需要预留约1MB的磁盘空间\033[0m"	
 	$echo " 1 在\033[32m/etc目录\033[0m下安装(适合root用户)"
 	$echo " 2 在\033[32m/usr/share目录\033[0m下安装(适合Linux设备)"
 	$echo " 3 在\033[32m当前用户目录\033[0m下安装(适合非root用户)"
 	$echo " 4 手动设置安装目录"
 	$echo " 0 退出安装"
 	echo -----------------------------------------------
 	read -p "请输入相应数字 > " num
 	#设置目录
 	if [ -z $num ];then
 		echo 安装已取消
 		exit;
 	elif [ "$num" = "1" ];then
 		dir=/etc
 	elif [ "$num" = "2" ];then
 		dir=/usr/share
 	elif [ "$num" = "3" ];then
 		dir=~/.local/share
 		mkdir -p ~/.config/systemd/user
 	elif [ "$num" = "4" ];then
 		echo -----------------------------------------------
 		echo '可用路径 剩余空间:'
 		df -h | awk '{print $6,$4}'| sed 1d 
 		echo '路径是必须带 / 的格式，注意写入虚拟内存(/tmp,/opt,/sys...)的文件会在重启后消失！！！'
 		read -p "请输入自定义路径 > " dir
 		if [ -z "$dir" ];then
 			$echo "\033[31m路径错误！请重新设置！\033[0m"
 			setdir
 		fi
 	else
 		echo 安装已取消！！！
 		exit;
 	fi
 fi
 if [ ! -w $dir ];then
 	$echo "\033[31m没有$dir目录写入权限！请重新设置！\033[0m" && sleep 1 && setdir
 else
 	$echo "目标目录\033[32m$dir\033[0m空间剩余：$(df -h $dir | awk '{print $4}' | sed 1d )"
 	read -p "确认安装？(1/0) > " res
 	[ "$res" = "1" ] && clashdir=$dir/clash || setdir
 fi
 }
 #输出
 $echo "最新版本：\033[32m$release_new\033[0m"
 echo -----------------------------------------------
 $echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 $echo "\033[37m支持各种基于openwrt的路由器设备"
 $echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
 if [ -n "$clashdir" ];then
 	echo -----------------------------------------------
 	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
 	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
 	read -p "覆盖安装/卸载旧版本？(1/0) > " res
 	if [ "$res" = "1" ];then
 		install
 	elif [ "$res" = "0" ];then
 		rm -rf $clashdir
 		echo -----------------------------------------------
 		$echo "\033[31m 旧版本文件已卸载！\033[0m"
 		setdir
 		install
 	elif [ "$res" = "9" ];then
 		echo 测试模式，变更安装位置
 		setdir
 		install
 	else
 		$echo "\033[31m输入错误！已取消安装！\033[0m"
 		exit;
 	fi
 else
 	setdir
 	install
 fi
--- a/scripts/clash.sh
+++ b/scripts/clash.sh
@@ -93,7 +93,7 @@ getconfig(){
 setconfig(){
 	#参数1代表变量名，参数2代表变量值,参数3即文件路径
 	[ -z "$3" ] && configpath=$clashdir/mark || configpath=$3
-	[ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=\(.*\)#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath
+	[ -n "$(grep -E "^${1}=" $configpath)" ] && sed -i "s#^${1}=\(.*\)#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath
 }
 #启动相关
 errornum(){
@@ -245,7 +245,7 @@ setport(){
 			setconfig host $host
 			echo -e "\033[32m已经移除自定义host地址，请重新运行脚本以自动获取host！！！\033[0m"
 			exit 0
-		elif [ -n "$(echo $host | grep -Po '(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|[1-9])(\.(1\d{2}|2[0-4]\d|25[0-5]|[1-9]\d|\d)){3}')" ]; then
+		elif [ -n "$(echo $host |grep -E -o '\<([1-9]|[1-9][0-9]|1[0-9]{2}|2[01][0-9]|22[0-3])\>(\.\<([0-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>){2}\.\<([1-9]|[0-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>' )" ]; then
 			setconfig host $host
 			echo -e "\033[32m设置成功！！！\033[0m"
 		else
@@ -306,12 +306,16 @@ setdns(){
 		echo -e "\033[33m已禁用内置DNS！！！\033[0m"
 		setdns
 	elif [ "$num" = 5 ]; then
-		source $clashdir/getdate.sh
+		$clashdir/start.sh webget /tmp/ssl_test https://www.baidu.com echooff rediron skipceroff
-		webget /tmp/ssl_test https://baidu.com echooff rediron skipceroff
+		if [ "$？" = "1" ];then
 		if [ "$result" != "200" ];then
 			echo -----------------------------------------------
 			if openssl version >/dev/null 2>&1;then
 				echo -e "\033[31m当前设备缺少本地根证书，请先安装证书！\033[0m"
 				source $clashdir/getdate.sh
 				setcrt
 			else
 				echo -e "\033[31m当前设备未安装OpenSSL，无法启用加密DNS，Linux系统请自行搜索安装方式！\033[0m"
 			fi
 		else
 			dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
 			dns_fallback='tls://1.0.0.1:853, tls://8.8.4.4:853, https://doh.opendns.com/dns-query'
@@ -414,10 +418,17 @@ macfilter(){
 	[ -z "$dhcpdir" ] && [ -f /tmp/dnsmasq.leases ] && dhcpdir='/tmp/dnsmasq.leases'
 	[ -z "$dhcpdir" ] && dhcpdir='/dev/null'
 	[ -z "$macfilter_type" ] && macfilter_type='黑名单' 
-	[ "$macfilter_type" = "黑名单" ] && macfilter_over='白名单' || macfilter_over='黑名单'
+	if [ "$macfilter_type" = "黑名单" ];then
 		macfilter_over='白名单'
 		macfilter_scrip='不'
 	else
 		macfilter_over='黑名单'
 		macfilter_scrip=''
 	fi
 	######
 	echo -e "\033[30;47m请在此添加或移除设备\033[0m"
 	echo -e "当前过滤方式为：\033[33m$macfilter_type模式\033[0m"
 	echo -e "仅列表内设备\033[36m$macfilter_scrip经过\033[0mClash内核"
 	if [ -n "$(cat $clashdir/mac)" ]; then
 		echo -----------------------------------------------
 		echo -e "当前已过滤设备为：\033[36m"
@@ -444,7 +455,7 @@ macfilter(){
 		macfilter_type=$macfilter_over
 		setconfig macfilter_type $macfilter_type
 		echo -----------------------------------------------
-		echo -e "\033[31m已切换为$macfilter_type模式！\033[0m"
+		echo -e "\033[32m已切换为$macfilter_type模式！\033[0m"
 		macfilter
 	elif [ "$num" = 2 ]; then	
 		add_mac
@@ -464,15 +475,14 @@ macfilter(){
 }
 localproxy(){
 	[ -z "$local_proxy" ] && local_proxy='未开启'
-	[ -z "$local_proxy_type" ] && local_proxy_type='环境变量'
+	[ -z "$local_type" ] && local_type='环境变量'
 	[ "$local_proxy" = "已开启" ] && proxy_set='禁用' || proxy_set='启用'
 	echo -----------------------------------------------
-	echo -e "\033[33m当前本机代理配置方式为：\033[32m$local_proxy_type\033[0m"
+	echo -e "\033[33m当前本机代理配置方式为：\033[32m$local_type\033[0m"
 	echo -----------------------------------------------
 	echo -e " 1 \033[36m$proxy_set本机代理\033[0m"
 	echo -e " 2 使用\033[32m环境变量\033[0m方式配置"
-	echo -e " 3 使用\033[32mGNOME桌面API\033[0m配置"
+	echo -e " 3 使用\033[32miptables增强模式\033[0m配置（仅支持Linux系统）"
 	echo -e " 4 使用\033[32mKDE桌面API\033[0m配置"
 	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
@@ -490,36 +500,29 @@ localproxy(){
 				localproxy
 			else
 				local_proxy=已开启
-				$clashdir/start.sh set_proxy $mix_port $db_port
+				setconfig local_proxy $local_proxy
-				echo -e "\033[32m已经成功使用$local_proxy_type方式配置本机代理~\033[0m"
+				echo -e "\033[32m已经成功使用$local_type方式配置本机代理~\033[0m"
-				[ "$local_proxy_type" = "环境变量" ] && echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
+				[ "$local_type" = "环境变量" ] && $clashdir/start.sh set_proxy $mix_port $db_port &&echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
 				[ "$local_type" = "iptables增强模式" ] && $clashdir/start.sh start
 			fi		
 		else
 			local_proxy=未开启
 			$clashdir/start.sh unset_proxy
 			echo -e "\033[33m已经停用本机代理规则！！\033[0m"
 			[ "$local_proxy_type" = "环境变量" ] && echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
 		fi
 			setconfig local_proxy $local_proxy
 			$clashdir/start.sh stop
 			echo -e "\033[33m已经停用本机代理规则并停止clash服务！！\033[0m"
 			[ "$local_type" = "环境变量" ] && echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
 		fi
 	elif [ "$num" = 2 ]; then
-		local_proxy_type="环境变量"
+		local_type="环境变量"
-		setconfig local_proxy_type $local_proxy_type
+		setconfig local_type $local_type
 		localproxy
 	elif [ "$num" = 3 ]; then
-		if  gsettings --version >/dev/null 2>&1 ;then
+		if [ -w /etc/systemd/system/clash.service -o -w /usr/lib/systemd/system/clash.service -o -x /bin/su ];then
-			local_proxy_type="GNOME"
+			local_type="iptables增强模式"
-			setconfig local_proxy_type $local_proxy_type
+			setconfig local_type $local_type
 		else
-			echo -e "\033[31m没有找到GNOME桌面，无法设置！\033[0m"
+			echo -e "\033[31m当前设备无法使用增强模式！\033[0m"
 			sleep 1
 		fi
 		localproxy
 	elif [ "$num" = 4 ]; then
 		if  kwriteconfig5 -h >/dev/null 2>&1 ;then
 			local_proxy_type="KDE"
 			setconfig local_proxy_type $local_proxy_type
 		else
 			echo -e "\033[31m没有找到KDE桌面，无法设置！\033[0m"
 			sleep 1
 		fi
 		localproxy
@@ -650,6 +653,7 @@ clashcfg(){
 	[ -z "$common_ports" ] && common_ports=已开启
 	[ -z "$dns_mod" ] && dns_mod=redir_host
 	[ -z "$dns_over" ] && dns_over=已开启
 	[ -z "$cn_ip_route" ] && cn_ip_route=未开启
 	[ -z "$(cat $clashdir/mac)" ] && mac_return=未开启 || mac_return=已启用
 	#
 	echo -----------------------------------------------
@@ -659,8 +663,9 @@ clashcfg(){
 	echo -e " 2 切换DNS运行模式：	\033[36m$dns_mod\033[0m"
 	echo -e " 3 跳过本地证书验证：	\033[36m$skip_cert\033[0m   ————解决节点证书验证错误"
 	echo -e " 4 只代理常用端口： 	\033[36m$common_ports\033[0m   ————用于过滤P2P流量"
-	echo -e " 5 过滤局域网设备：	\033[36m$mac_return\033[0m   ————使用黑名单/白名单进行过滤"
+	echo -e " 5 过滤局域网设备：	\033[36m$mac_return\033[0m   ————使用黑/白名单进行过滤"
-	echo -e " 6 设置本机代理服务:	\033[36m$local_proxy\033[0m	————使用环境变量或GUI/api配置本机代理"
+	echo -e " 6 设置本机代理服务:	\033[36m$local_proxy\033[0m   ————使本机流量经过clash内核"
 	echo -e " 7 CN_IP绕过内核:	\033[36m$cn_ip_route\033[0m   ————优化性能，不兼容Fake-ip"
 	echo -----------------------------------------------
 	echo -e " 0 返回上级菜单 \033[0m"
 	echo -----------------------------------------------
@@ -672,8 +677,8 @@ clashcfg(){
 	elif [ "$num" = 1 ]; then
 		if [ "$USER" != "root" -a "$USER" != "admin" ];then
 			echo -----------------------------------------------
-			echo -e "\033[33m非root用户无法启用静态路由，仅可以使用纯净模式！\033[0m"
+			read -p "非root用户可能无法正确配置其他模式！依然尝试吗？(1/0) > " res
-			sleep 1
+			[ "$res" = 1 ] && set_redir_mod
 		else
 			set_redir_mod
 		fi
@@ -716,6 +721,28 @@ clashcfg(){
 		sleep 1
 		clashcfg
 	elif [ "$num" = 7 ]; then
 		echo -----------------------------------------------
 		if ! ipset -v >/dev/null 2>&1;then
 			echo -e "\033[31m当前设备缺少ipset模块，无法启用绕过功能！！\033[0m"
 			sleep 1
 		elif [ "$dns_mod" = "fake-ip" ];then
 			echo -e "\033[31m不支持fake-ip模式，请将DNS模式更换为Redir-host！！\033[0m"
 			sleep 1
 			clashcfg
 		else
 			if [ "$cn_ip_route" = "未开启" ]; then 
 				echo -e "\033[32m已开启CN_IP绕过内核功能！！\033[0m"
 				cn_ip_route=已开启
 				sleep 1
 			else
 				echo -e "\033[33m已禁用CN_IP绕过内核功能！！\033[0m"
 				cn_ip_route=未开启
 			fi
 			setconfig cn_ip_route $cn_ip_route
 		fi
 			clashcfg  	
 	elif [ "$num" = 9 ]; then	
 		clashstart
 	else
@@ -728,8 +755,8 @@ clashadv(){
 	[ -z "$ipv6_support" ] && ipv6_support=未开启
 	[ -z "$start_old" ] && start_old=未开启
 	[ -z "$tproxy_mod" ] && tproxy_mod=未开启
 	[ -z "$public_support" ] && public_support=未开启
 	[ "$bindir" = "/tmp/clash_$USER" ] && mini_clash=已开启 || mini_clash=未开启
 	[ -n "$(cat /etc/crontabs/root | grep otapredownload)" ] && mi_update=禁用 || mi_update=启用
 	#
 	echo -----------------------------------------------
 	echo -e "\033[30;47m欢迎使用进阶模式菜单：\033[0m"
@@ -739,10 +766,10 @@ clashadv(){
 	echo -e " 2 启用ipv6支持:	\033[36m$ipv6_support\033[0m	————实验性功能，可能不稳定"
 	echo -e " 3 Redir模式udp转发:	\033[36m$tproxy_mod\033[0m	————依赖iptables-mod-tproxy"
 	echo -e " 4 启用小闪存模式:	\033[36m$mini_clash\033[0m	————不保存核心及数据库文件"
-	echo -e " 5 配置内置DNS服务	\033[36m$dns_no\033[0m"
+	echo -e " 5 允许公网访问:	\033[36m$public_support\033[0m	————需要路由拨号+公网IP"
-	echo -e " 6 手动指定相关端口、秘钥及本机host"
+	echo -e " 6 配置内置DNS服务	\033[36m$dns_no\033[0m"
 	echo -e " 7 使用自定义配置"
-	[ -x /usr/sbin/otapredownload ] && echo -e " 8 \033[33m$mi_update\033[0m小米系统自动更新"
+	echo -e " 8 手动指定相关端口、秘钥及本机host"
 	echo -----------------------------------------------
 	echo -e " 9 \033[31m重置\033[0m配置文件"
 	echo -e " 0 返回上级菜单 \033[0m"
@@ -836,6 +863,22 @@ clashadv(){
 		clashadv
 	elif [ "$num" = 5 ]; then
 		if [ "$public_support" = "未开启" ]; then 
 			echo -e "\033[32m已开启公网访问Dashboard端口及Http/Sock5代理端口！！\033[0m"
 			echo -e "\033[33m安全起见建议设置相关访问密码！！\033[0m"
 			public_support=已开启
 			setconfig public_support $public_support
 			sleep 1
 		else
 			echo -e "\033[32m已禁止公网访问Dashboard端口及Http/Sock5代理端口！！\033[0m"
 			echo -e "\033[33m如果你的防火墙默认放行公网流量，可能禁用失败！\033[0m"
 			public_support=未开启
 			setconfig public_support $public_support
 			sleep 1
 		fi
 			clashadv
 	elif [ "$num" = 6 ]; then
 		source $ccfg
 		if [ "$dns_no" = "已禁用" ];then
 			read -p "检测到内置DNS已被禁用，是否启用内置DNS？(1/0) > " res
@@ -848,7 +891,7 @@ clashadv(){
 		fi
 		clashadv	
-	elif [ "$num" = 6 ]; then
+	elif [ "$num" = 8 ]; then
 		source $ccfg
 		if [ -n "$(pidof clash)" ];then
 			echo -----------------------------------------------
@@ -873,7 +916,7 @@ clashadv(){
 EOF
 		[ ! -f $clashdir/rules.yaml ] && cat > $clashdir/rules.yaml <<EOF
 #用于编写自定义规则(此处规则将优先生效)，(可参考https://lancellc.gitbook.io/clash/clash-config-file/rules)：
-#例如“🚀 节点选择”、“🎯 全球直连”这样的自定义规则组必须与config.yaml中的代理规则组相匹配，否则将无法运行！
+#例如“🚀 节点选择”、“🎯 全球直连”这样的自定义规则组必须与config.yaml中的代理规则组相匹配，否则将无法运行
 # - DOMAIN-SUFFIX,google.com,🚀 节点选择
 # - DOMAIN-KEYWORD,baidu,🎯 全球直连
 # - DOMAIN,ad.com,REJECT
@@ -884,20 +927,12 @@ EOF
 # - SRC-PORT,7777,DIRECT
 EOF
 		echo -e "\033[32m已经启用自定义配置功能！\033[0m"
 		echo -e "Shell下(部分旧设备可能不显示中文)可\n使用【\033[36mvi $clashdir/user.yaml\033[0m】编辑自定义设定文件;\n使用【\033[36mvi $clashdir/rules.yaml\033[0m】编辑自定义规则文件。"
 		echo -e "Windows下请\n使用\033[33mwinscp软件\033[0m进入$clashdir目录后手动编辑！\033[0m"
-		echo -e "其他设备请\n使用\033[32mscp命令\033[0m下载文件编辑后上传到$clashdir目录！\033[0m"
+		echo -e "Shell下(\033[31m部分旧设备可能不显示中文\033[0m)可\n使用【\033[36mvi $clashdir/user.yaml\033[0m】编辑自定义设定文件;\n使用【\033[36mvi $clashdir/rules.yaml\033[0m】编辑自定义规则文件。"
 		echo -e "如需自定义节点，可以在config.yaml文件中修改或者直接替换config.yaml文件！\033[0m"
 		sleep 3
 		clashadv
 	elif [ -x /usr/sbin/otapredownload ] && [ "$num" = 8 ]; then	
 		[ "$mi_update" = "禁用" ] && sed -i "/otapredownload/d" /etc/crontabs/root || echo "15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >> /etc/crontabs/root	
 		echo -----------------------------------------------
 		echo -e "已\033[33m$mi_update\033[0m小米路由器的自动启动，如未生效，请在官方APP中同步设置！"
 		sleep 1
 		clashadv
 	elif [ "$num" = 9 ]; then	
 		read -p "确认重置配置文件？(1/0) > " res
 		if [ "$res" = "1" ];then
@@ -980,6 +1015,7 @@ tools(){
 	[ -f "/etc/firewall.user" ] && echo -e " 2 \033[32m配置\033[0m外网访问SSH"
 	#echo -e " 3 配置DDNS服务:	\033[36m$ipv6_support\033[0m	————待施工"
 	[ -x /usr/sbin/otapredownload ] && echo -e " 3 \033[33m$mi_update\033[0m小米系统自动更新"
 	#[ -w "/etc/config/firewall" ] && echo -e " 4 \033[32修复\033[0mRedir_host模式Netflix访问"
 	echo -----------------------------------------------
 	echo -e " 0 返回上级菜单 \033[0m"
 	echo -----------------------------------------------
@@ -1004,12 +1040,32 @@ tools(){
 		sleep 1
 		tools
 	elif [ "$num" = 4 ]; then
 		sed -i "s/drop_invalid\ \'1\'/drop_invalid\ \'0\'/g" /etc/config/firewall
 		echo -----------------------------------------------
 		read -P "已修复，是否立即重启设备使其生效？(1/0) > " res
 		[ "$res" = 1 ] && reboot
 		sleep 1
 		tools
 	else
 		errornum
 	fi
 }
 clashcron(){
-
+	croncmd(){
 		if [ -n "$(crontab -h 2>&1 | grep '\-l')" ];then
 			crontab $1
 		else
 			crondir="$(crond -h 2>&1 | grep -oE 'Default:.*' | awk -F ":" '{print $2}')"
 			[ ! -w "$crondir" ] && crondir="/etc/storage/cron/crontabs"
 			[ ! -w "$crondir" ] && crondir="/var/spool/cron/crontabs"
 			[ ! -w "$crondir" ] && crondir="/var/spool/cron"
 			[ ! -w "$crondir" ] && echo "你的设备不支持定时任务配置，脚本大量功能无法启用，请前往 https://t.me/clashfm 申请适配！"
 			[ "$1" = "-l" ] && cat $crondir/$USER 2>/dev/null
 			[ -f "$1" ] && cat $1 > $crondir/$USER
 		fi
 	}
 	setcron(){
 		setcrontab(){
 			#设置具体时间
@@ -1038,11 +1094,14 @@ clashcron(){
 						read -p  "是否确认添加定时任务？(1/0) > " res
 						if [ "$res" = '1' ]; then
 							cronwords="$min $hour * * $week $cronset >/dev/null 2>&1 #$week1的$hour点$min分$cronname"
-							crontab -l > /tmp/conf
+							tmpcron=/tmp/cron_$USER
-							sed -i "/$cronname/d" /tmp/conf
+							croncmd -l > $tmpcron
-							sed -i '/^$/d' /tmp/conf
+							sed -i "/$cronname/d" $tmpcron
-							echo "$cronwords" >> /tmp/conf && crontab /tmp/conf
+							sed -i '/^$/d' $tmpcron
-							rm -f /tmp/conf
+							echo "$cronwords" >> $tmpcron
 							croncmd $tmpcron
 							#华硕/Padavan固件存档在本地,其他则删除
 							[ "$clashdir" = "/jffs/clash" -o "$clashdir" = "/etc/storage/clash" ] && mv -f $tmpcron $clashdir/cron || rm -f $tmpcron
 							echo -----------------------------------------------
 							echo -e "\033[31m定时任务已添加！！！\033[0m"
 						fi
@@ -1065,7 +1124,8 @@ clashcron(){
 		elif [ "$num" = 0 ]; then
 			i=
 		elif [ "$num" = 9 ]; then
-			crontab -l > /tmp/conf && sed -i "/$cronname/d" /tmp/conf && crontab /tmp/conf
+			croncmd -l > /tmp/conf && sed -i "/$cronname/d" /tmp/conf && croncmd /tmp/conf
 			sed -i "/$cronname/d" $clashdir/cron 2>/dev/null
 			rm -f /tmp/conf
 			echo -----------------------------------------------
 			echo -e "\033[31m定时任务：$cronname已删除！\033[0m"
@@ -1087,7 +1147,7 @@ clashcron(){
 	echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 	echo -----------------------------------------------
 	echo  -e "\033[33m已添加的定时任务：\033[36m"
-	crontab -l | grep -oE ' #.*' 
+	croncmd -l | grep -oE ' #.*' 
 	echo -e "\033[0m"-----------------------------------------------
 	echo -e " 1 设置\033[33m定时重启\033[0mclash服务"
 	echo -e " 2 设置\033[31m定时停止\033[0mclash服务"
@@ -1173,6 +1233,7 @@ clashsh(){
 			localproxy
 		elif [ "$autostart" = "enable_rc" ]; then
 			/etc/init.d/clash disable
 			cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
 			echo -e "\033[33m已禁止Clash开机启动！\033[0m"
 		elif [ "$autostart" = "disable_rc" ]; then
 			/etc/init.d/clash enable
@@ -1233,6 +1294,7 @@ case "$1" in
 		echo -----------------------------------------
 		echo "	-t 测试模式"
 		echo "	-h 帮助列表"
 		echo "	-u 卸载脚本"
 		echo -----------------------------------------
 		echo "在线求助：t.me/clashfm"
 		echo "官方博客：juewuy.github.io"
@@ -1243,8 +1305,37 @@ case "$1" in
 		shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
 		$shtype -x $clashdir/clash.sh
 	;;
 	-u)
 		read -p "确认卸载ShellClash？（警告：该操作不可逆！）[1/0] " res
 		if [ "$res" = '1' ]; then
 			$clashdir/start.sh stop
 			$clashdir/start.sh cronset "clash服务"
 			$clashdir/start.sh cronset "订阅链接"
 			[ -w ~/.bashrc ] && profile=~/.bashrc
 			[ -w /etc/profile ] && profile=/etc/profile
 			sed -i '/alias clash=*/'d $profile
 			sed -i '/export clashdir=*/'d $profile
 			sed -i '/all_proxy/'d $profile
 			sed -i '/ALL_PROXY/'d $profile
 			sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
 			sed -i '/ShellClash初始化/'d /etc/storage/started_script.sh 2>/dev/null
 			sed -i '/ShellClash初始化/'d /jffs/.asusrouter 2>/dev/null
 			rm -rf $clashdir
 			rm -rf /etc/init.d/clash
 			rm -rf /etc/systemd/system/clash.service
 			rm -rf /usr/lib/systemd/system/clash.service
 			rm -rf /www/clash
 			sed -Ei s/0:7890/7890:7890/g /etc/passwd
 			userdel -r shellclash 2>/dev/null
 			echo -----------------------------------------------
 			echo -e "\033[36m已卸载ShellClash相关文件！有缘再会！\033[0m"
 			echo -e "\033[33m请手动关闭当前窗口以重置环境变量！\033[0m"
 			echo -----------------------------------------------
 			exit
 		fi
 		echo -e "\033[31m操作已取消！\033[0m"
 	;;
 	*)
-		echo "	-t 测试模式"
+		$0 -h
 		echo "	-h 帮助列表"	
 	;;
 esac
--- a/scripts/clashservice
+++ b/scripts/clashservice
@@ -1,6 +1,6 @@
 #!/bin/sh /etc/rc.common
-START=92
+START=101
 SERVICE_DAEMONIZE=1
 SERVICE_WRITE_PID=1
--- a/scripts/getdate.sh
+++ b/scripts/getdate.sh
@@ -1,32 +1,6 @@
 #!/bin/bash
 # Copyright (C) Juewuy
 webget(){
 	[ -n "$(pidof clash)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 
 	#参数【$1】代表下载目录，【$2】代表在线地址
 	#参数【$3】代表输出显示，【$4】不启用重定向
 	#参数【$5】代表验证证书
 	if curl --version > /dev/null 2>&1;then
 		[ "$3" = "echooff" ] && progress='-s' || progress='-#'
 		[ "$4" = "rediroff" ] && redirect='' || redirect='-L'
 		[ "$5" = "skipceroff" ] && certificate='' || certificate='-k'
 		result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2)
 		[ "$result" != "200" ] && export all_proxy="" && result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2)
 	else
 		[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 		[ "$3" = "echoon" ] && progress=''
 		[ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 		[ "$5" = "skipceroff" ] && certificate='' || certificate='--no-check-certificate'
 		wget -Y on $progress $redirect $certificate --timeout=3 -O $1 $2 
 		if [ "$?" != "0" ];then
 			wget $progress $redirect $certificate --timeout=3 -O $1 $2
 			[ "$?" = "0" ] && result="200"
 		else
 			result="200"
 		fi
 	fi
 	export all_proxy=""
 }
 #导入订阅、配置文件相关
 linkconfig(){
 	echo -----------------------------------------------
@@ -220,7 +194,7 @@ getlink2(){
 	read -p "请输入完整链接 > " link
 	test=$(echo $link | grep -iE "tp.*://" )
 	link=`echo ${link/\ \(*\)/''}`   #删除恶心的超链接内容
-	link=`echo ${link//\&/\\\&}`   #为分隔符 & 添加转义
+	link=`echo ${link//\&/\%26}`   #将分隔符 & 替换成urlcode：%26
 	if [ -n "$link" -a -n "$test" ];then
 		echo -----------------------------------------------
 		echo -e 请检查输入的链接是否正确：
@@ -279,11 +253,9 @@ clashlink(){
 			fi
 		fi
 		getlink
 		clashlink
 	elif [ "$num" = 2 ];then
 		getlink2
 		clashlink
 	elif [ "$num" = 3 ];then
 		yamlbak=$yaml.bak
@@ -328,16 +300,14 @@ clashlink(){
 	elif [ "$num" = 5 ];then
 		clashcron
 		clashlink
 	else
 		errornum
 		clashlink
 	fi
 }
 #下载更新相关
 gettar(){
-	webget /tmp/clashfm.tar.gz $tarurl
+	$clashdir/start.sh webget /tmp/clashfm.tar.gz $tarurl
-	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	[ "$?" = "1" ] && echo "文件下载失败！" && exit 1
 	#解压
 	echo -----------------------------------------------
 	echo 开始解压文件！
@@ -372,6 +342,8 @@ gettar(){
 	sed -i '/versionsh_l=*/'d $clashdir/mark
 	echo versionsh_l=$release_new >> $clashdir/mark
 	#设置环境变量	
 	[ -w /opt/etc/profile ] && profile=/opt/etc/profile
 	[ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
 	[ -w ~/.bashrc ] && profile=~/.bashrc
 	[ -w /etc/profile ] && profile=/etc/profile
 	if [ -n "$profile" ];then
@@ -383,6 +355,8 @@ gettar(){
 		echo 无法写入环境变量！请检查安装权限！
 		exit 1
 	fi
 	#华硕/Padavan额外设置
 	[ -n "$systype" ] && sed -i '/ShellClash初始化/'d $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
 	rm -rf $clashdir/clashservice
@@ -446,8 +420,8 @@ getcore(){
 	#获取在线clash核心文件
 	echo -----------------------------------------------
 	echo 正在在线获取clash核心文件……
-	webget /tmp/clash.new $corelink
+	$clashdir/start.sh webget /tmp/clash.new $corelink
-	if [ "$result" != "200" ];then
+	if [ "$?" = "1" ];then
 		echo -e "\033[31m核心文件下载失败！\033[0m"
 	else
 		echo -e "\033[32m$clashcore核心下载成功！\033[0m"
@@ -500,15 +474,15 @@ setcore(){
 getgeo(){
 	echo -----------------------------------------------
 	echo 正在从服务器获取数据库文件…………
-	webget /tmp/Country.mmdb $update_url/bin/$geotype
+	$clashdir/start.sh webget /tmp/$geoname $update_url/bin/$geotype
-	if [ "$result" != "200" ];then
+	if [ "$?" = "1" ];then
 		echo -----------------------------------------------
 		echo -e "\033[31m文件下载失败！\033[0m"
 		exit 1
 	else
-		mv -f /tmp/Country.mmdb $bindir/Country.mmdb
+		mv -f /tmp/$geoname $bindir/$geoname
 		echo -----------------------------------------------
-		echo -e "\033[32mGeoIP数据库文件下载成功！\033[0m"
+		echo -e "\033[32mGeoIP/CN_IP数据库文件下载成功！\033[0m"
 		Geo_v=$GeoIP_v
 		setconfig Geo_v $GeoIP_v
 		setconfig geotype $geotype
@@ -518,19 +492,32 @@ setgeo(){
 	echo -----------------------------------------------
 	[ "$geotype" = "Country.mmdb" ] && geo_type=全球版 || geo_type=精简版
 	[ -n "$geo_type" ] && echo -e "当前使用的是\033[47;30m$geo_type数据库\033[0m"
-	echo -e "\033[36m请选择需要更新的GeoIP数据库：\033[0m"
+	echo -e "\033[36m请选择需要更新/切换的GeoIP/CN_IP数据库：\033[0m"
 	echo -----------------------------------------------
 	echo -e " 1 由\033[32malecthw\033[0m提供的全球版GeoIP数据库(约4mb)"
 	echo -e " 2 由\033[32mHackl0us\033[0m提供的精简版CN-IP数据库(约0.1mb)"
 	echo -e " 3 由\033[32m17mon\033[0m提供的CN-IP文件(需启用CN_IP绕过内核功能，约0.1mb)"
 	echo " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
 	if [ "$num" = '1' ]; then
 		geotype=Country.mmdb
 		geoname=Country.mmdb
 		getgeo
 	elif [ "$num" = '2' ]; then
 		geotype=cn_mini.mmdb
 		geoname=Country.mmdb
 		getgeo
 	elif [ "$num" = '3' ]; then
 		if [ "$cn_ip_route" = "已开启" ]; then
 			geotype=china_ip_list.txt
 			geoname=cn_ip.txt
 			getgeo
 		else
 			echo -----------------------------------------------
 			echo -e "\033[31m未开启绕过内核功能，无需更新CN-IP文件！！\033[0m"	
 			sleep 1
 		fi
 	else
 		update
 	fi
@@ -550,8 +537,8 @@ getdb(){
 	dblink="${update_url}/bin/${db_type}.tar.gz"
 	echo -----------------------------------------------
 	echo 正在连接服务器获取安装文件…………
-	webget /tmp/clashdb.tar.gz $dblink
+	$clashdir/start.sh webget /tmp/clashdb.tar.gz $dblink
-	if [ "$result" != "200" ];then
+	if [ "$?" = "1" ];then
 		echo -----------------------------------------------
 		echo -e "\033[31m文件下载失败！\033[0m"
 		echo -----------------------------------------------
@@ -647,15 +634,15 @@ getcrt(){
 	crtlink="${update_url}/bin/ca-certificates.crt"
 	echo -----------------------------------------------
 	echo 正在连接服务器获取安装文件…………
-	webget /tmp/ca-certificates.crt $crtlink
+	$clashdir/start.sh webget /tmp/ca-certificates.crt $crtlink
-	if [ "$result" != "200" ];then
+	if [ "$?" = "1" ];then
 		echo -----------------------------------------------
 		echo -e "\033[31m文件下载失败！\033[0m"
 	else
 		echo -----------------------------------------------
 		mv -f /tmp/ca-certificates.crt $crtdir
-		webget /tmp/ssl_test https://baidu.com echooff rediron skipceroff
+		$clashdir/start.sh webget /tmp/ssl_test https://baidu.com echooff rediron skipceroff
-		if [ "$result" != "200" ];then
+		if [ "$?" = "1" ];then
 			export CURL_CA_BUNDLE=$crtdir
 			echo "export CURL_CA_BUNDLE=$crtdir" >> /etc/profile
 		fi
@@ -700,27 +687,31 @@ setserver(){
 		release_new=""
 	}
 	echo -----------------------------------------------
-	echo -e "\033[30;47m您可以在此处切换在线更新时使用的资源地址\033[0m"
+	echo -e "\033[30;47m切换ShellClash版本及更新源地址\033[0m"
-	echo -e "当前源：\033[4;32m$update_url\033[0m"
+	echo -e "当前源地址：\033[4;32m$update_url\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 Jsdelivr-CDN源(test版本)"
+	echo -e " 1 \033[32m正式版\033[0m&Jsdelivr-CDN源(推荐)"
-	echo -e " 2 Jsdelivr-CDN源(release版本)"
+	echo -e " 2 \033[36m测试版\033[0m&Jsdelivr-CDN源"
-	echo -e " 3 Github源(test版本，需开启clash服务)"
+	echo -e " 3 \033[36m测试版\033[0m&Github源(需开启clash服务）"
-	echo -e " 5 自定义输入(请务必确保路径正确)"
+	[ -z "$(curl -V 2>/dev/null)" ] && [ -n "$(wget -V 2>&1 | grep BusyBox)" ] && echo -e " 4 \033[33mHttp专用源\033[0m@Qust.me(感谢\033[32m酱紫表\033[0m提供及维护)"
-	echo -e " 6 切换版本(仅支持切换至release分支)"
+	echo -e " 5 自定义源地址(用于本地源或自建源)"
 	echo -e " 6 \033[31m版本回退\033[0m"
 	echo -e " 0 返回上级菜单"
 	read -p "请输入对应数字 > " num
 	if	[ -z "$num" ]; then 
 		errornum
 	elif [ "$num" = 1 ]; then
-		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master'
+		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
 		saveserver
 	elif [ "$num" = 2 ]; then
-		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
+		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master'
 		saveserver
 	elif [ "$num" = 3 ]; then
 		update_url='https://raw.githubusercontent.com/juewuy/ShellClash/master'
 		saveserver
 	elif [ "$num" = 4 ]; then
 		update_url='http://sc.qust.me'
 		saveserver
 	elif [ "$num" = 5 ]; then
 		echo -----------------------------------------------
 		read -p "请输入个人源路径 > " update_url
@@ -732,8 +723,8 @@ setserver(){
 		fi
 	elif [ "$num" = 6 ]; then
 		echo -----------------------------------------------
-		webget /tmp/clashrelease https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/bin/release_version echooff rediroff 2>/tmp/clashrelease
+		$clashdir/start.sh webget /tmp/clashrelease https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/bin/release_version echooff rediroff 2>/tmp/clashrelease
-		echo -e "\033[32m请选择想要更新至的版本：\033[0m"
+		echo -e "\033[31m请选择想要回退至的release版本：\033[0m"
 		cat /tmp/clashrelease | awk '{print " "NR" "$1}'
 		echo -e " 0 返回上级菜单"
 		read -p "请输入对应数字 > " num
@@ -749,7 +740,7 @@ setserver(){
 		fi
 	elif [ "$num" = 9 ]; then
-		update_url='http://192.168.31.31:8080/ShellClash'
+		update_url='http://192.168.123.90:8080/ShellClash'
 	else
 		errornum
 	fi
@@ -757,16 +748,14 @@ setserver(){
 checkupdate(){
 if [ -z "$release_new" ];then
 	if [ "$update_url" = "https://cdn.jsdelivr.net/gh/juewuy/ShellClash" ];then
-		webget /tmp/clashrelease $update_url@master/bin/release_version echoon rediroff 2>/tmp/clashrelease
+		$clashdir/start.sh webget /tmp/clashversion $update_url@master/bin/release_version echoon rediroff 2>/tmp/clashrelease
-		[ "$result" = "200" ] && release_new=$(cat /tmp/clashrelease | head -1)
+		[ "$?" = "0" ] && release_new=$(cat /tmp/clashversion | head -1)
 		[ -z "$release_new" ] && release_new=master
 		update_url=$update_url@$release_new
 	fi	
-	webget /tmp/clashversion $update_url/bin/version echooff
+	$clashdir/start.sh webget /tmp/clashversion $update_url/bin/version echooff 
-	[ "$result" = "200" ] && source /tmp/clashversion || echo -e "\033[31m检查更新失败！请检查网络连接或切换安装源！\033[0m"
+	[ "$?" = "0" ] && release_new=$(cat /tmp/clashversion | grep versionsh | awk -F'=' '{ print $2 }')
-	[ -z "$release_new" ] && release_new=$versionsh
+	[ -n "$release_new" ] &&source /tmp/clashversion || echo -e "\033[31m检查更新失败！请检查网络连接或切换安装源！\033[0m"
 	rm -rf /tmp/clashversion
 	rm -rf /tmp/clashrelease
 fi
 }
 update(){
@@ -780,12 +769,12 @@ update(){
 	echo -----------------------------------------------
 	echo -e " 1 更新\033[36m管理脚本  	\033[33m$versionsh_l\033[0m > \033[32m$versionsh\033[0m"
 	echo -e " 2 切换\033[33mclash核心 	\033[33m$clash_v\033[0m > \033[32m$clash_n\033[0m"
-	echo -e " 3 更新\033[32mGeoIP数据库	\033[33m$Geo_v\033[0m > \033[32m$GeoIP_v\033[0m"
+	echo -e " 3 更新\033[32mGeoIP/CN-IP	\033[33m$Geo_v\033[0m > \033[32m$GeoIP_v\033[0m"
 	echo -e " 4 安装本地\033[35mDashboard\033[0m面板"
 	echo -e " 5 安装/更新本地\033[33m根证书文件\033[0m"
 	echo -e " 6 查看\033[32mPAC\033[0m自动代理配置"
 	echo -----------------------------------------------
-	echo -e " 7 切换\033[36m安装源\033[0m地址"
+	echo -e " 7 切换\033[36m安装源\033[0m及\033[36m安装版本\033[0m"
 	echo -e " 8 鸣谢"
 	echo -e " 9 \033[31m卸载\033[34mShellClash\033[0m"
 	echo -e " 0 返回上级菜单" 
@@ -830,36 +819,15 @@ update(){
 		echo -e "感谢：\033[32mClash \033[0m作者\033[36m Dreamacro\033[0m 项目地址：\033[32mhttps://github.com/Dreamacro/clash\033[0m"
 		echo -e "感谢：\033[32msubconverter \033[0m作者\033[36m tindy2013\033[0m 项目地址：\033[32mhttps://github.com/tindy2013/subconverter\033[0m"
 		echo -e "感谢：\033[32malecthw提供的GeoIP数据库\033[0m 项目地址：\033[32mhttps://github.com/alecthw/mmdb_china_ip_list\033[0m"
 		echo -e "感谢：\033[32mHackl0us提供的GeoIP精简数据库\033[0m 项目地址：\033[32mhttps://github.com/Hackl0us/GeoIP2-CN\033[0m"
 		echo -e "感谢：\033[32m17mon提供的CN-IP列表\033[0m 项目地址：\033[32mhttps://github.com/17mon/china_ip_list\033[0m"
 		echo -e "感谢：\033[32myacd \033[0m作者\033[36m haishanh\033[0m 项目地址：\033[32mhttps://github.com/haishanh/yacd\033[0m"
 		echo -e "感谢：\033[32m更多的帮助过我的人！\033[0m"
 		sleep 2
 		update
 	elif [ "$num" = 9 ]; then
-		read -p "确认卸载ShellClash？（警告：该操作不可逆！）[1/0] " res
+		$0 -u
 		if [ "$res" = '1' ]; then
 			$clashdir/start.sh stop
 			$clashdir/start.sh cronset "clash服务"
 			$clashdir/start.sh cronset "订阅链接"
 			[ -w ~/.bashrc ] && profile=~/.bashrc
 			[ -w /etc/profile ] && profile=/etc/profile
 			sed -i '/alias clash=*/'d $profile
 			sed -i '/export clashdir=*/'d $profile
 			sed -i '/all_proxy/'d $profile
 			sed -i '/ALL_PROXY/'d $profile
 			sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
 			rm -rf $clashdir
 			rm -rf /etc/init.d/clash
 			rm -rf /etc/systemd/system/clash.service
 			rm -rf /usr/lib/systemd/system/clash.service
 			rm -rf /www/clash
 			echo -----------------------------------------------
 			echo -e "\033[36m已卸载ShellClash相关文件！有缘再会！\033[0m"
 			echo -e "\033[33m请手动关闭当前窗口以重置环境变量！\033[0m"
 			echo -----------------------------------------------
 			exit
 		fi
 		echo -e "\033[31m操作已取消！\033[0m"
 		update
 	else
 		errornum
@@ -871,7 +839,7 @@ userguide(){
 		echo -----------------------------------------------
 		echo -e "\033[33m是否需要代理UDP流量(主要用于游戏)？ \033[0m"
 		echo -----------------------------------------------
-		echo -e " 1 \033[33m不代理UDP流量\033[0m(可能会导致一部分游戏/应用无法连接)"
+		echo -e " 1 \033[33m不代理UDP流量\033[0m(可能会导致一部分外服游戏/应用无法连接)"
 		ip tuntap >/dev/null 2>&1 && [ "$?" = 0 ] && \
 		echo -e " 2 \033[32m使用Tun虚拟网卡\033[0m代理UDP流量(更低的延迟但更多的CPU消耗)" || \
 		echo -e " - \033[0m使用Tun模式(你的设备不支持此模式，如为虚拟机运行请调整虚拟网卡设置)\033[0m"
@@ -901,10 +869,8 @@ userguide(){
 		echo -e "\033[33m请先选择你的使用环境： \033[0m"
 		echo -e "\033[0m(你之后依然可以在设置中更改各种配置)\033[0m"
 		echo -----------------------------------------------
-		echo -e " 1 \033[32m各类路由设备\033[0m，配置局域网透明路由"
+		echo -e " 1 \033[32m主路由或旁路由\033[0m"
-		echo -e " 2 \033[36m桌面版Linux系统\033[0m，仅配置本机路由"
+		echo -e " 2 \033[36mLinux本机代理\033[0m"
 		echo -e " 3 \033[32m服务器Linux系统\033[0m，仅配置本机路由"
 		echo -e " 4 \033[36m多功能设备\033[0m，配置本机及局域网路由"
 		echo -----------------------------------------------
 		read -p "请输入对应数字 > " num
 		if [ -z "$num" ] || [ "$num" -gt 4 ];then
@@ -912,24 +878,35 @@ userguide(){
 			forwhat
 		elif [ "$num" = 1 ];then
 			whichmod
 		elif [ "$num" = 2 -o "$num" = 3 ];then
 			setconfig redir_mod "纯净模式"
 			setconfig clashcore "clash"
 			echo -----------------------------------------------
 			echo -e "\033[36m请选择设置本机代理的方式\033[0m"
 			localproxy
 		elif [ "$num" = 4 ];then
 			whichmod
 		fi
 	}
 	forwhat
 			#检测IP转发
 			if [ "$(cat /proc/sys/net/ipv4/ip_forward)" = "0" ];then
 				echo -----------------------------------------------
 				echo -e "\033[33m检测到你的设备尚未开启ip转发，局域网设备将无法正常连接网络，是否立即开启？\033[0m"
 				read -p "是否开启？(1/0) > " res
-		[ "$res" = 1 ] && echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf && /etc/init.d/procps restart && echo "已成功开启ipv4转发，如未正常开启，请手动重启设备！"
+				[ "$res" = 1 ] && echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
 				[ "$?" = 0 ] && /etc/init.d/procps restart && echo "已成功开启ipv4转发，如未正常开启，请手动重启设备！" || echo "开启失败！请自行谷歌查找当前设备的开启方法！"
 			fi
 		elif [ "$num" = 2 ];then
 			setconfig redir_mod "纯净模式"
 			setconfig clashcore "clash"
 			echo -----------------------------------------------
 			echo -e "\033[36m请选择设置本机代理的方式\033[0m"
 			echo -e " 1 使用\033[32m环境变量\033[0m方式配置(不支持部分应用)"
 			echo -e " 2 使用\033[32miptables增强模式\033[0m配置(不支持OpenWrt)"
 			echo -e " 0 稍后设置"
 			read -p "请输入对应数字 > " num
 			if [ "$num" = 1 ]; then
 				local_proxy=已开启
 				local_type=环境变量
 			elif [ "$num" = 2 ]; then
 				local_proxy=已开启
 				local_type=iptables增强模式
 			fi
 			setconfig local_proxy $local_proxy
 			setconfig local_type $local_type
 		fi
 	}
 	forwhat
 	#检测小内存模式
 	dir_size=$(df $clashdir | awk '{print $4}' | sed 1d)
 	if [ "$dir_size" -lt 10240 ];then
@@ -956,8 +933,8 @@ userguide(){
 		[ "$res" = 1 ] && checkupdate && getcrt
 	fi
 	#设置加密DNS
-	webget /tmp/ssl_test https://baidu.com echooff rediron skipceroff
+	$clashdir/start.sh webget /tmp/ssl_test https://www.baidu.com echooff rediron skipceroff
-	if [ "$result" = "200" ];then
+	if [ "$?" = "0" ];then
 		dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
 		dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query'
 		setconfig dns_nameserver \'"$dns_nameserver"\'
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -4,6 +4,8 @@
 #脚本内部工具
 getconfig(){
 	#加载配置文件
 	[ -d "/etc/storage/clash" ] && clashdir=/etc/storage/clash
 	[ -d "/jffs/clash" ] && clashdir=/jffs/clash
 	[ -z "$clashdir" ] && clashdir=$(cat /etc/profile | grep clashdir | awk -F "\"" '{print $2}')
 	[ -z "$clashdir" ] && clashdir=$(cat ~/.bashrc | grep clashdir | awk -F "\"" '{print $2}')
 	ccfg=$clashdir/mark
@@ -24,6 +26,8 @@ getconfig(){
 	[ -z "$redir_port" ] && redir_port=7892
 	[ -z "$db_port" ] && db_port=9999
 	[ -z "$dns_port" ] && dns_port=1053
 	[ -z "$cn_ip_route" ] && cn_ip_route=未开启
 	[ -z "$public_support" ] && public_support=未开启
 	[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
 	[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
 	[ -z "$multiport" ] && multiport='22,53,587,465,995,993,143,80,443,8080'
@@ -44,46 +48,33 @@ compare(){
 		[ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1
 	fi
 }
 webget(){
 	[ -n "$(pidof clash)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 
 	#参数【$1】代表下载目录，【$2】代表在线地址
 	#参数【$3】代表输出显示，【$4】不启用重定向
 	#参数【$5】代表验证证书
 	if curl --version > /dev/null 2>&1;then
 		[ "$3" = "echooff" ] && progress='-s' || progress='-#'
 		[ "$4" = "rediroff" ] && redirect='' || redirect='-L'
 		[ "$5" = "skipceroff" ] && certificate='' || certificate='-k'
 		result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2)
 		[ "$result" != "200" ] && export all_proxy="" && result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2)
 	else
 		[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 		[ "$3" = "echoon" ] && progress=''
 		[ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 		[ "$5" = "skipceroff" ] && certificate='' || certificate='--no-check-certificate'
 		wget -Y on $progress $redirect $certificate --timeout=3 -O $1 $2 
 		if [ "$?" != "0" ];then
 			wget $progress $redirect $certificate --timeout=3 -O $1 $2
 			[ "$?" = "0" ] && result="200"
 		else
 			result="200"
 		fi
 	fi
 	export all_proxy=""
 }
 logger(){
 	[ -n "$2" ] && echo -e "\033[$2m$1\033[0m"
 	echo `date "+%G-%m-%d %H:%M:%S"` $1 >> $clashdir/log
 	[ "$(wc -l $clashdir/log | awk '{print $1}')" -gt 30 ] && sed -i '1,5d' $clashdir/log
 }
 croncmd(){
 	if [ -n "$(crontab -h 2>&1 | grep '\-l')" ];then
 		crontab $1
 	else
 		crondir="$(crond -h 2>&1 | grep -oE 'Default:.*' | awk -F ":" '{print $2}')"
 		[ ! -w "$crondir" ] && crondir="/etc/storage/cron/crontabs"
 		[ ! -w "$crondir" ] && crondir="/var/spool/cron/crontabs"
 		[ ! -w "$crondir" ] && crondir="/var/spool/cron"
 		[ ! -w "$crondir" ] && echo "你的设备不支持定时任务配置，脚本大量功能无法启用，请前往 https://t.me/clashfm 申请适配！"
 		[ "$1" = "-l" ] && cat $crondir/$USER 2>/dev/null
 		[ -f "$1" ] && cat $1 > $crondir/$USER
 	fi
 }
 cronset(){
 	# 参数1代表要移除的关键字,参数2代表要添加的任务语句
-	crondir=/tmp/cron_$USER
+	tmpcron=/tmp/cron_$USER
-	crontab -l > $crondir
+	croncmd -l > $tmpcron 
-	sed -i "/$1/d" $crondir
+	sed -i "/$1/d" $tmpcron
-	sed -i '/^$/d' $crondir
+	sed -i '/^$/d' $tmpcron
-	echo "$2" >> $crondir
+	echo "$2" >> $tmpcron
-	crontab $crondir
+	croncmd $tmpcron
-	rm -f $crondir
+	rm -f $tmpcron
 }
 mark_time(){
 	start_time=`date +%s`
@@ -126,8 +117,10 @@ https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Games.ini
 https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Mini_Games.ini
 https://github.com/juewuy/ShellClash/raw/master/rules/ACL4SSR_Online_Full_Games.ini
 EOF`
 	Https=$(echo ${Https//\%26/\&})   #将%26替换回&
 	#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
 	if [ -z "$Https" ];then
 		#[ -n "$(echo $Url | grep -o 'https://dler')" ] && Server='api.dler.io'
 		Https="https://$Server/sub?target=clash&insert=true&new_name=true&scv=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
 		markhttp=1
 	fi
@@ -140,12 +133,12 @@ EOF`
 	yaml=$clashdir/config.yaml
 	yamlnew=/tmp/clash_config_$USER.yaml
 	rm -rf $yamlnew
-	webget $yamlnew $Https
+	$0 webget $yamlnew $Https 0 0 0 1
-	if [ "$result" != "200" ];then
+	if [ "$?" = "1" ];then
 		if [ -z "$markhttp" ];then
 			echo -----------------------------------------------
 			logger "配置文件获取失败！" 31
-			echo -e "\033[31m请尝试使用【导入订阅】功能！\033[0m"
+			echo -e "\033[31m请尝试使用【在线生成配置文件】功能！\033[0m"
 			echo -----------------------------------------------
 			exit 1
 		else
@@ -156,7 +149,7 @@ EOF`
 				retry=$((retry+1))
 				logger "配置文件获取失败！" 31
 				echo -e "\033[32m尝试使用其他服务器获取配置！\033[0m"
-				logger "正在重试第$retry次/共5次！" 32
+				logger "正在重试第$retry次/共5次！" 33
 				sed -i '/server_link=*/'d $ccfg
 				if [ "$server_link" -ge 5 ]; then
 					server_link=0
@@ -170,7 +163,7 @@ EOF`
 	else
 		Https=""
 		#检测节点或providers
-		if [ -z "$(cat $yamlnew | grep -E 'server:|proxy-providers:' | grep -v 'nameserver' | head -n 1)" ];then
+		if [ -z "$(cat $yamlnew | grep -E 'server|proxy-providers' | grep -v 'nameserver' | head -n 1)" ];then
 			echo -----------------------------------------------
 			logger "获取到了配置文件，但似乎并不包含正确的节点信息！" 31
 			echo -----------------------------------------------
@@ -237,7 +230,7 @@ modify_yaml(){
 	exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
 	#dns配置
 	if [ "$dns_mod" = "fake-ip" ];then
-		dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org"], nameserver: ['$dns_nameserver', 127.0.0.1:53], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
+		dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org","*.sgcc.com.cn","*.alicdn.com","*.aliyuncs.com"], nameserver: ['$dns_nameserver', 127.0.0.1:53], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
 	else
 		dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
 	fi
@@ -251,7 +244,7 @@ modify_yaml(){
 	mkdir -p $tmpdir > /dev/null
 	[ "$b" != "0" ] && sed "${a},${b}d" $yaml > $tmpdir/proxy.yaml
 	#跳过本地tls证书验证
-	[ "$skip_cert" = "已开启" ] && sed -i '10,99s/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml
+	[ "$skip_cert" = "已开启" ] && sed -i '1,99s/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml
 	#检测是否使用script规则
 	[ -n "$(cat $yaml | grep -E '^script:')" ] && mode='mode: Script'
 	#添加配置
@@ -270,7 +263,7 @@ secret: $secret
 $tun
 $exper
 $dns
-store-selected: false
+store-selected: $restore
 EOF
 ###################################
 	[ -f $clashdir/user.yaml ] && yaml_user=$clashdir/user.yaml
@@ -279,22 +272,42 @@ EOF
 	#插入自定义规则
 	sed -i "/#自定义规则/d" $tmpdir/config.yaml
 	if [ -f $clashdir/rules.yaml ];then
 		sed -i '/^$/d' $clashdir/rules.yaml && echo >> $clashdir/rules.yaml #处理换行
 		space=$(sed -n '/^rules/{n;p}' $tmpdir/proxy.yaml | grep -oE '^\ *') #获取空格数
 		while read line;do
 			[ -z "$(echo "$line " | grep '#')" ] && \
 			[ -n "$(echo "$line" | grep '\-\ ')" ] && \
 			line=$(echo "$line" | sed 's#/#\\/#') && \
-			sed -i "/^rules:/a\ $line #自定义规则" $tmpdir/config.yaml
+			sed -i "/^rules:/a\\$space$line #自定义规则" $tmpdir/config.yaml
 		done < $clashdir/rules.yaml
 	fi
 	#如果没有使用小闪存模式
 	if [ "$tmpdir" != "$bindir" ];then
-		compare $tmpdir/config.yaml $yaml
+		cmp -s $tmpdir/config.yaml $yaml >/dev/null 2>&1
 		[ "$?" != 0 ] && mv -f $tmpdir/config.yaml $yaml || rm -f $tmpdir/config.yaml
 	fi
 	rm -f $tmpdir/set.yaml
 	rm -f $tmpdir/proxy.yaml
 }
 #设置路由规则
 cn_ip_route(){	
 	if [ ! -f $bindir/cn_ip.txt ];then
 		if [ -f $clashdir/cn_ip.txt ];then
 			mv $clashdir/cn_ip.txt $bindir/cn_ip.txt
 		else
 			logger "未找到cn_ip列表，正在下载！" 33
 			$0 webget $bindir/cn_ip.txt "$update_url/bin/china_ip_list.txt"
 			[ "$?" = "1" ] && rm -rf $bindir/cn_ip.txt && logger "列表下载失败，已退出！" 31 && exit 1
 		fi
 	fi
 	if [ -f $bindir/cn_ip.txt ];then
 	echo "create cn_ip hash:net family inet hashsize 1024 maxelem 65536" > /tmp/cn_$USER.ipset
 	awk '!/^$/&&!/^#/{printf("add cn_ip %s'" "'\n",$0)}' $bindir/cn_ip.txt >> /tmp/cn_$USER.ipset
 	ipset -! flush cn_ip 2>/dev/null
 	ipset -! restore < /tmp/cn_$USER.ipset
 	rm -rf cn_$USER.ipset
 	fi
 }
 start_redir(){
 	#获取本地局域网地址段
 	gethost
@@ -308,6 +321,7 @@ start_redir(){
 	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
 	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
 	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
 	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t nat -A clash -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
@@ -321,6 +335,15 @@ start_redir(){
 		iptables -t nat -A clash -p tcp $ports -j REDIRECT --to-ports $redir_port
 	fi
 	iptables -t nat -A PREROUTING -p tcp $lanhost -j clash
 	if [ "$public_support" = "已开启" ];then
 		iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT
 		iptables -I INPUT -p tcp --dport $db_port -j ACCEPT
 	fi
 	#Google home DNS特殊处理
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash
 	#Docker特殊处理
 	iptables -t nat -I PREROUTING -s 172.16.0.0/12  -j clash
 	#设置ipv6转发
 	ip6_nat=$(ip6tables -t nat -L 2>&1 | grep -o 'Chain')
 	if [ -n "$ip6_nat" -a "$ipv6_support" = "已开启" ];then
@@ -363,9 +386,6 @@ start_dns(){
 		iptables -t nat -A clash_dns -p tcp --dport 53 -j REDIRECT --to $dns_port
 	fi
 	iptables -t nat -A PREROUTING -p udp -j clash_dns
 	#Google home DNS特殊处理
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash_dns
 	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash_dns
 	#ipv6DNS
 	ip6_nat=$(ip6tables -t nat -L 2>&1 | grep -o 'Chain')
 	if [ -n "$ip6_nat" ];then
@@ -403,6 +423,7 @@ start_udp(){
 	iptables -t mangle -A clash -d 192.168.0.0/16 -j RETURN
 	iptables -t mangle -A clash -d 224.0.0.0/4 -j RETURN
 	iptables -t mangle -A clash -d 240.0.0.0/4 -j RETURN
 	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t mangle -A clash -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
@@ -417,20 +438,75 @@ start_udp(){
 	fi
 	iptables -t mangle -A PREROUTING -p udp $lanhost -j clash
 }
 start_output(){
 	#流量过滤规则
 	iptables -t nat -N clash_out
 	iptables -t nat -A clash_out -m owner --gid-owner 7890 -j RETURN
 	iptables -t nat -A clash_out -d 0.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 10.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 127.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 169.254.0.0/16 -j RETURN
 	iptables -t nat -A clash_out -d 172.16.0.0/12 -j RETURN
 	iptables -t nat -A clash_out -d 192.168.0.0/16 -j RETURN
 	iptables -t nat -A clash_out -d 224.0.0.0/4 -j RETURN
 	iptables -t nat -A clash_out -d 240.0.0.0/4 -j RETURN
 	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t nat -A clash_out -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash_out -p tcp $ports -m mac --mac-source $mac -j REDIRECT --to-ports $redir_port
 		done
 	else
 		#mac黑名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash_out -m mac --mac-source $mac -j RETURN
 		done
 		iptables -t nat -A clash_out -p tcp $ports -j REDIRECT --to-ports $redir_port
 	fi
 	iptables -t nat -A OUTPUT -p tcp -j clash_out
 	#设置dns转发
 	iptables -t nat -N clash_dns_out
 	iptables -t nat -A clash_dns_out -m owner --gid-owner 7890 -j RETURN
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash_dns_out -p udp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
 			iptables -t nat -A clash_dns_out -p tcp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
 		done
 	else
 		#mac黑名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash_dns_out -m mac --mac-source $mac -j RETURN
 		done	
 		iptables -t nat -A clash_dns_out -p udp --dport 53 -j REDIRECT --to $dns_port
 		iptables -t nat -A clash_dns_out -p tcp --dport 53 -j REDIRECT --to $dns_port
 	fi
 	iptables -t nat -A OUTPUT -p udp -j clash_dns_out
 }
 stop_iptables(){
 	gethost #获取本地局域网地址段
    #重置iptables规则
 	ip rule del fwmark 1 table 100  2> /dev/null
 	ip route del local default dev lo table 100 2> /dev/null
 	iptables -t nat -D PREROUTING -p tcp $lanhost -j clash 2> /dev/null
 	iptables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
 	iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
 	iptables -t nat -D PREROUTING -p udp -j clash_dns 2> /dev/null
-	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash_dns 2> /dev/null
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash 2> /dev/null
-	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash_dns 2> /dev/null
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash 2> /dev/null
 	iptables -t nat -D PREROUTING -s 172.16.0.0/12  -j clash 2> /dev/null
 	iptables -t nat -F clash 2> /dev/null
 	iptables -t nat -X clash 2> /dev/null
 	iptables -t nat -F clash_dns 2> /dev/null
 	iptables -t nat -X clash_dns 2> /dev/null
 	iptables -D FORWARD -o utun -j ACCEPT 2> /dev/null
 	#重置output规则
 	iptables -t nat -D OUTPUT -p tcp -j clash_out 2> /dev/null
 	iptables -t nat -F clash_out 2> /dev/null
 	iptables -t nat -X clash_out 2> /dev/null	
 	iptables -t nat -D OUTPUT -p udp -j clash_dns_out 2> /dev/null
 	iptables -t nat -F clash_dns_out 2> /dev/null
 	iptables -t nat -X clash_dns_out 2> /dev/null
 	#重置udp规则
 	iptables -t mangle -D PREROUTING -p udp $lanhost -j clash 2> /dev/null
 	iptables -t mangle -F clash 2> /dev/null
@@ -443,6 +519,8 @@ stop_iptables(){
 	ip6tables -t nat -F clashv6_dns 2> /dev/null
 	ip6tables -t nat -X clashv6_dns 2> /dev/null
 	ip6tables -D FORWARD -o utun -j ACCEPT 2> /dev/null
 	#清理ipset规则
 	ipset destroy cn_ip >/dev/null 2>&1
 }
 #面板配置保存相关
 web_save(){
@@ -451,10 +529,6 @@ web_save(){
 			curl -s -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" "$1"
 		elif [ -n "$(wget --help 2>&1|grep '\-\-method')" ];then
 			wget -q --header="Authorization: Bearer ${secret}" --header="Content-Type:application/json" -O - "$1"
 		else
 			logger 当前系统未安装curl且wget的版本太低，无法保存节点配置！ 31
 			getconfig
 			cronset '保存节点配置'
 		fi
 	}
 	#使用get_save获取面板节点设置
@@ -475,7 +549,7 @@ web_restore(){
 	put_save(){
 		if curl --version > /dev/null 2>&1;then
 			curl -sS -X PUT -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" "$1" -d "$2" >/dev/null
-		else
+		elif wget --version > /dev/null 2>&1;then
 			wget -q --method=PUT --header="Authorization: Bearer ${secret}" --header="Content-Type:application/json" --body-data="$2" "$1" >/dev/null
 		fi
 	}
@@ -526,7 +600,7 @@ bfstart(){
 	#读取配置文件
 	getconfig
 	[ ! -d $bindir/ui ] && mkdir -p $bindir/ui
-	[ -z "$update_url" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master
+	[ -z "$update_url" ] || [ -n "$(echo $update_url | grep 'github')" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master
 	#检查clash核心
 	if [ ! -f $bindir/clash ];then
 		if [ -f $clashdir/clash ];then
@@ -538,8 +612,8 @@ bfstart(){
 			fi
 			[ -z "$cpucore" ] && source $clashdir/getdate.sh && getcpucore
 			[ -z "$cpucore" ] && logger 找不到设备的CPU信息，请手动指定处理器架构类型！ 31 && setcpucore
-			webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore"
+			$0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore"
-			[ "$?" = 1 ] && logger "核心下载失败，已退出！" 31 && rm -f $bindir/clash && exit 1
+			[ "$?" = "1" ] && rm -rf $bindir/clash && logger "核心下载失败，已退出！" 31 && exit 1
 			[ ! -x $bindir/clash ] && chmod +x $bindir/clash 	#检测可执行权限
 			clashv=$($bindir/clash -v | awk '{print $2}')
 			setconfig clashv $clashv
@@ -552,8 +626,8 @@ bfstart(){
 		else
 			logger "未找到GeoIP数据库，正在下载！" 33
 			[ -z "$geotype" ] && geotype=cn_mini.mmdb
-			webget $bindir/Country.mmdb $update_url/bin/$geotype
+			$0 webget $bindir/Country.mmdb $update_url/bin/$geotype
-			[ "$?" = 1 ] && logger "数据库下载失败，已退出！" 31 && rm -f $bindir/Country.mmdb && exit 1
+			[ "$?" = "1" ] && rm -rf $bindir/Country.mmdb && logger "数据库下载失败，已退出！" 31 && exit 1
 			Geo_v=$(date +"%Y%m%d")
 			setconfig Geo_v $Geo_v
 		fi
@@ -562,7 +636,12 @@ bfstart(){
 	if [ -f $clashdir/ui/index.html -a ! -f $bindir/ui/index.html ];then
 		cp -rf $clashdir/ui $bindir
 	fi
-	catpac #生成pac文件
+	#检查curl或wget支持
 	curl --version > /dev/null 2>&1
 	[ "$?" = 1 ] && wget --version > /dev/null 2>&1
 	[ "$?" = 1 ] && restore=true || restore=false
 	#生成pac文件
 	catpac
 	#检查yaml配置文件
 	if [ ! -f $clashdir/config.yaml ];then
 		if [ -n "$Url" -o -n "$Https" ];then
@@ -574,6 +653,20 @@ bfstart(){
 			exit 1
 		fi
 	fi
 	#本机代理准备
 	if [ "$local_proxy" = "已开启" -a "$local_type" = "iptables增强模式" ];then
 		if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then
 			userdel shellclash 2>/dev/null
 			useradd shellclash -u 7890
 			sed -Ei s/7890:7890/0:7890/g /etc/passwd
 		fi
 		if [ "$start_old" != "已开启" ];then
 			[ -w /etc/systemd/system/clash.service ] && servdir=/etc/systemd/system/clash.service
 			[ -w /usr/lib/systemd/system/clash.service ] && servdir=/usr/lib/systemd/system/clash.service
 			setconfig ExecStart "/bin/su\ shellclash\ -c\ \"$bindir/clash\ -d\ $bindir\"" $servdir
 			systemctl daemon-reload >/dev/null
 		fi
 	fi
 }
 afstart(){
@@ -582,16 +675,22 @@ afstart(){
 	$bindir/clash -t -d $bindir >/dev/null
 	if [ "$?" = 0 ];then
 		#设置iptables转发规则
 		[ "$dns_mod" = "redir_host" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
 		[ "$redir_mod" != "纯净模式" ] && [ "$dns_no" != "已禁用" ] && start_dns
 		[ "$redir_mod" != "纯净模式" ] && [ "$redir_mod" != "Tun模式" ] && start_redir
 		[ "$redir_mod" = "Redir模式" ] && [ "$tproxy_mod" = "已开启" ] && start_udp
 		[ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output
 		#标记启动时间
 		mark_time
 		#设置本机代理
 		[ "$local_proxy" = "已开启" ] && $0 set_proxy $mix_port $db_port
 		#加载定时任务
 		[ -f $clashdir/cron ] && croncmd $clashdir/cron
 		#启用面板配置自动保存
-		cronset '#每10分钟保存节点配置' "*/10 * * * * test -n \"$(pidof clash)\" && $clashdir/start.sh web_save #每10分钟保存节点配置"
+		if [ "$restore" = false ];then
 			cronset '#每10分钟保存节点配置' "*/10 * * * * test -n \"\$(pidof clash)\" && $clashdir/start.sh web_save #每10分钟保存节点配置"
 			[ -f $clashdir/web_save ] && web_restore & #后台还原面板配置
 		fi
 	else
 		logger "clash服务启动失败！请查看报错信息！" 31
 		$bindir/clash -t -d $bindir
@@ -602,7 +701,11 @@ afstart(){
 }
 start_old(){
 	#使用传统后台执行二进制文件的方式执行
 	if [ "$local_proxy" = "已开启" -a "$local_type" = "iptables增强模式" ];then
 		su shellclash -c "$bindir/clash -d $bindir >/dev/null" &
 	else
 		$bindir/clash -d $bindir >/dev/null &
 	fi
 	afstart
 	$0 daemon
 }
@@ -636,7 +739,7 @@ start)
 	;;
 stop)	
 		getconfig
-		[ -n "$(pidof clash)" ] && web_save #保存面板配置
+		[ -n "$(pidof clash)" ] && [ "$restore" = false ] && web_save #保存面板配置
 		#删除守护进程&面板配置自动保存
 		cronset "clash保守模式守护进程"
 		cronset "保存节点配置"
@@ -648,12 +751,19 @@ stop)
 		fi
 		PID=$(pidof clash) && [ -n "$PID" ] &&  kill -9 $PID >/dev/null 2>&1
 		stop_iptables #清理iptables
-		[ "$local_proxy" = "已开启" ] && $0 unset_proxy #禁用本机代理
+		$0 unset_proxy #禁用本机代理
        ;;
 restart)
        $0 stop
        $0 start
        ;;
 init)
        [ -d "/etc/storage/clash" ] && clashdir=/etc/storage/clash && profile=/opt/etc/profile
 		[ -d "/jffs/clash" ] && clashdir=/jffs/clash && profile=/jffs/configs/profile.add
 		echo "alias clash=\"$clashdir/clash.sh\"" >> $profile 
 		echo "export clashdir=\"$clashdir\"" >> $profile 
 		$0 start
        ;;
 getyaml)	
 		getconfig
 		getyaml
@@ -663,7 +773,37 @@ updateyaml)
 		$0 restart
 		;;
 webget)
-		webget $2 $3 $4 $5
+		#设置临时http代理 
 		[ -n "$(pidof clash)" ] && getconfig && export all_proxy="http://$authentication@127.0.0.1:$mix_port"
 		#参数【$2】代表下载目录，【$3】代表在线地址
 		#参数【$4】代表输出显示，【$4】不启用重定向
 		#参数【$6】代表验证证书，【$7】使用clash文件头
 		if curl --version > /dev/null 2>&1;then
 			[ "$4" = "echooff" ] && progress='-s' || progress='-#'
 			[ "$5" = "rediroff" ] && redirect='' || redirect='-L'
 			[ "$6" = "skipceroff" ] && certificate='' || certificate='-k'
 			#[ -n "$7" ] && agent='-A "clash"'
 			result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3")
 			[ "$?" != "0" ] && export all_proxy="" && result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3")
 		else
 			if wget --version > /dev/null 2>&1;then
 				[ "$4" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 				[ "$5" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 				[ "$6" = "skipceroff" ] && certificate='' || certificate='--no-check-certificate'
 				timeout='--timeout=3 -t 2'
 				#[ -n "$7" ] && agent='--user-agent="clash"'
 			fi
 			[ "$4" = "echoon" ] && progress=''
 			[ "$4" = "echooff" ] && progress='-q'
 			wget -Y on $agent $progress $redirect $certificate $timeout -O "$2" "$3"
 			if [ "$?" != "0" ];then
 				wget -Y off $agent $progress $redirect $certificate $timeout -O "$2" "$3"
 				[ "$?" = "0" ] && result="200"
 			else
 				result="200"
 			fi
 		fi
 		[ "$result" = "200" ] && exit 0 || exit 1
 		;;
 web_save)
 		getconfig
@@ -675,23 +815,14 @@ web_restore)
 	;;
 daemon)
 		getconfig
-		cronset '#clash保守模式守护进程' "*/1 * * * * test -z \"$(pidof clash)\" && $clashdir/start.sh restart #clash保守模式守护进程"
+		cronset '#clash保守模式守护进程' "*/1 * * * * test -z \"\$(pidof clash)\" && $clashdir/start.sh restart #clash保守模式守护进程"
 	;;
 cronset)
 		cronset $2 $3
 	;;
 set_proxy)
 		getconfig
-		#GNOME配置
+		if  [ "$local_type" = "环境变量" ];then
 		if  [ "$local_proxy_type" = "GNOME" ];then
 			gsettings set org.gnome.system.proxy autoconfig-url "http://127.0.0.1:$db_port/ui/pac"
 			gsettings set org.gnome.system.proxy mode "auto"
 		#KDE配置
 		elif  [ "$local_proxy_type" = "KDE" ];then
 			kwriteconfig5 --file kioslaverc --group "Proxy Settings" --key "Proxy Config Script" "http://127.0.0.1:$db_port/ui/pac"
 			kwriteconfig5 --file kioslaverc --group "Proxy Settings" --key "ProxyType" 2
 		#环境变量方式
 		else
 			[ -w ~/.bashrc ] && profile=~/.bashrc
 			[ -w /etc/profile ] && profile=/etc/profile
 			echo 'export all_proxy=http://127.0.0.1:'"$mix_port" >> $profile
@@ -699,15 +830,6 @@ set_proxy)
 		fi
 	;;
 unset_proxy)	
 		#GNOME配置
 		if  gsettings --version >/dev/null 2>&1 ;then
 			gsettings set org.gnome.system.proxy mode "none"
 		fi
 		#KDE配置
 		if  kwriteconfig5 -h >/dev/null 2>&1 ;then
 			kwriteconfig5 --file kioslaverc --group "Proxy Settings" --key "ProxyType" 0
 		fi
 		#环境变量方式
 		[ -w ~/.bashrc ] && profile=~/.bashrc
 		[ -w /etc/profile ] && profile=/etc/profile
 		sed -i '/all_proxy/'d  $profile
Author	SHA1	Message	Date
juewuy	156a24fa5a	v1.4.1-正式版适配： ~适配Padavan系统及梅林固件（限384以上版本） ~适配移动ax18等低版本内核设备功能： ~更新最新版本Geoip数据库文件 ~增加CN-IP绕过内核功能 ~增加对谷歌dns的强制代理配置（用于解决奈飞TV端问题） ~本机代理功能增加iptables增强模式 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加clash -u卸载命令 ~增加了部分fake-ip-filter地址优化： ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~大量菜单描述相关优化 BUG修复： ~修复部分设备1.4.0覆盖更新后无法开机启动的bug ~修复mesh设备开机启动后clash无法正常工作的bug ~修复小闪存模式设为Github源时无法正常开机启动的bug ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~自定义host功能bug修复 ~导入配置相关bug修复 ~修复crontab命令偶尔报错的问题 ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-26 16:21:49 +08:00
juewuy	1b83ca2a39	v1.4.1-test ~适配部分没有crontab的梅林设备 ~不再使用cat对比yaml配置文件 ~修复部分设备无法正常开机启动的bug	2021-06-26 15:11:07 +08:00
juewuy	35e998e697	v1.4.1-test ~适配部分没有crontab的梅林设备 ~不再使用cat对比yaml配置文件	2021-06-25 00:23:32 +08:00
juewuy	77293e2463	v1.4.1-test ~适配部分没有crontab的梅林设备	2021-06-24 23:21:23 +08:00
juewuy	19fe2f183e	v1.4.1-test ~适配部分没有crontab的梅林设备	2021-06-24 23:16:28 +08:00
juewuy	79b31af092	v1.4.0-正式版适配： ~适配Padavan系统及梅林固件（限384以上版本） ~适配移动ax18等低版本内核设备功能： ~更新最新版本Geoip数据库文件 ~增加CN-IP绕过内核功能 ~增加对谷歌dns的强制代理配置（用于解决奈飞TV端问题） ~本机代理功能增加iptables增强模式 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加clash -u卸载命令 ~增加了部分fake-ip-filter地址优化： ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~大量菜单描述相关优化 BUG修复： ~修复mesh设备开机启动后clash无法正常工作的bug ~修复小闪存模式设为Github源时无法正常开机启动的bug ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~自定义host功能bug修复 ~导入配置相关bug修复 ~修复crontab命令偶尔报错的问题 ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-23 19:39:05 +08:00
juewuy	dca1e9a233	v1.4.0-正式版适配： ~适配Padavan系统及梅林固件（限384以上版本） ~适配移动ax18等低版本内核设备功能： ~增加CN-IP绕过内核功能 ~增加对谷歌dns的强制代理配置（用于解决奈飞TV端问题） ~本机代理功能增加iptables增强模式 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加clash -u卸载命令 ~增加了部分fake-ip-filter地址优化： ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~大量菜单描述相关优化 BUG修复： ~修复mesh设备开机启动后clash无法正常工作的bug ~修复小闪存模式设为Github源时无法正常开机启动的bug ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~自定义host功能bug修复 ~导入配置相关bug修复 ~修复crontab命令偶尔报错的问题 ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-23 19:33:17 +08:00
juewuy	4b39cae099	适配某些辣鸡机场的配置文件	2021-06-23 18:32:06 +08:00
juewuy	cb732fd3d7	适配某些辣鸡机场的配置文件	2021-06-23 02:07:57 +08:00
juewuy	fc80994cc5	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~自定义规则描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 23:09:50 +08:00
juewuy	7604c6bbff	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~自定义规则描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 22:53:09 +08:00
juewuy	5f1bd6accb	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~自定义规则描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 22:50:30 +08:00
juewuy	c1d57536bd	Merge pull request #44 from A7T/patch-2 Update getdate.sh	2021-06-22 22:48:03 +08:00
juewuy	77c5d37076	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~自定义规则描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 18:01:09 +08:00
管子工具箱	2a2e1b546c	Update getdate.sh Fix a typo.	2021-06-22 13:42:39 +08:00
juewuy	1512e7b175	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 11:29:49 +08:00
juewuy	c7ad9ef52c	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~修复保存设置时部分bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-22 11:14:43 +08:00
juewuy	7337d266aa	Merge pull request #43 from A7T/patch-1 Update clash.sh	2021-06-22 10:56:17 +08:00
juewuy	652371aed2	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-21 19:44:19 +08:00
juewuy	52ec559100	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加支持本机Docker代理(需docker网卡设置为bridge模式) ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-21 19:43:52 +08:00
管子工具箱	fa9c890701	Update clash.sh BUG修复： clash > 7 clash进阶设置 > 6 手动指定相关端口、秘钥及本机host > 8 指定本机host地址 ```text hostdir=':9999/ui' host=127.0.0.1 ``` 修改后的匹配方案虽然仍有不足但暂且够用。	2021-06-21 01:23:24 +08:00
juewuy	5bcd9b7bfc	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-20 23:43:50 +08:00
juewuy	00ef3cb3a7	v1.4.0-pre-release ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~优化安装脚本及安装说明 ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-20 23:32:31 +08:00
juewuy	3832eec3a8	v1.4.0-release ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~局域网过滤黑白名单描述优化 ~修复加密DNS无法正确配置的bug ~版本及安装源描述优化，增加HTTP专属源（感谢酱紫表同学提供服务器！）	2021-06-20 21:43:41 +08:00
juewuy	9b6fd10267	v1.3.99-pre-release ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~局域网过滤黑白名单描述优化	2021-06-20 12:01:59 +08:00
juewuy	aa52bd83ce	v1.3.99-pre-release ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~局域网过滤黑白名单描述优化	2021-06-20 11:58:53 +08:00
juewuy	c7c249fe48	v1.3.16 ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~优化更新机制，修复出错bug ~局域网过滤黑白名单描述优化 ~修复下载更新失败时不会正常报错的bug	2021-06-20 01:15:20 +08:00
juewuy	0d44abc82a	v1.3.16 ~适配移动ax18等低版本内核设备 ~增加开启公网访问Dashboard面板及混合代理端口功能 ~增加clash -u卸载命令 ~局域网过滤黑白名单描述优化 ~修复下载更新失败时不会正常报错的bug ~修复无法正确检查更新的bug	2021-06-20 00:56:11 +08:00
juewuy	713592068b	v1.3.14 ~修复下载更新失败时不会正常报错的bug ~修复无法正确检查更新的bug ~适配移动ax18	2021-06-19 15:35:10 +08:00
juewuy	c6623721d8	v1.3.14 ~修复下载更新失败时不会正常报错的bug ~修复无法正确检查更新的bug ~适配移动ax18	2021-06-19 15:23:20 +08:00
juewuy	268e1d4823	v1.3.13 ~修复下载更新失败时不会正常报错的bug ~适配移动ax18	2021-06-19 12:04:19 +08:00
juewuy	c61d54a5a7	v1.4.0 ~修复下载更新失败时不会正常报错的bug	2021-06-18 13:18:19 +08:00
juewuy	c0ee6d273f	v1.3.12-test ~绕过内核功能ipset模块检测修复 ~优化对低版本wget命令的支持 ~暂时屏蔽对dler.io的特殊处理 ~精简部分代码 ~修复部分情况无法正常检查更新的bug ~修复本机代理增强模式部分bug	2021-06-17 22:45:41 +08:00
juewuy	4323d8fb86	v1.3.11-test ~绕过内核功能ipset模块检测修复 ~优化对低版本wget命令的支持 ~暂时屏蔽对dler.io的特殊处理 ~精简部分代码 ~修复部分情况无法正常检查更新的bug	2021-06-17 22:00:10 +08:00
juewuy	d067bb7ff0	v1.3.11-test ~绕过内核功能ipset模块检测修复 ~优化对低版本wget命令的支持 ~暂时屏蔽对dler.io的特殊处理 ~精简部分代码 ~修复部分情况无法正常检查更新的bug	2021-06-17 20:08:04 +08:00
juewuy	608337ffb2	v1.3.11-test ~绕过内核功能ipset模块检测修复 ~优化对低版本wget命令的支持 ~暂时屏蔽对dler.io的特殊处理 ~精简部分代码 ~修复部分情况无法正常检查更新的bug	2021-06-17 18:23:48 +08:00
juewuy	2c1dfada01	v1.3.10-test ~绕过内核功能ipset模块检测修复 ~优化对低版本wget命令的支持 ~暂时屏蔽对dler.io的特殊处理 ~精简部分代码	2021-06-17 11:17:00 +08:00
juewuy	2789242931	v1.3.9-test ~本机代理相关逻辑优化及bug修复 ~本机代理功能增加对保守模式的支持 ~绕过内核功能增加ipset模块检测 ~增加对低版本wget命令的支持 ~增加了使用内核保存节点列表的逻辑	2021-06-16 19:16:33 +08:00
juewuy	d7dd915472	v1.3.9-test ~本机代理相关逻辑优化及bug修复 ~本机代理功能增加对保守模式的支持 ~绕过内核功能增加ipset模块检测 ~增加对低版本wget命令的支持 ~增加了使用内核保存节点列表的逻辑	2021-06-16 19:10:16 +08:00
juewuy	97cb5479b1	v1.3.9-test ~本机代理相关逻辑优化及bug修复 ~本机代理功能增加对保守模式的支持 ~绕过内核功能增加ipset模块检测 ~增加对低版本wget命令的支持 ~增加了使用内核保存节点列表的逻辑	2021-06-16 18:55:14 +08:00
juewuy	e6bc100326	v1.3.8-test ~修复小闪存模式设为Github源时无法正常开机启动的问题 ~优化CN_IP绕过内核功能及提示说明 ~更新Geoip数据库和根证书文件 ~修复iptables及crontab报错 ~屏蔽奈飞修复工具	2021-06-14 13:22:06 +08:00
juewuy	c9d0bf2788	v1.3.7-test ~增加CN_IP绕过内核功能 ~更新Geoip数据库和根证书文件 ~修复iptables报错	2021-06-13 19:50:19 +08:00
juewuy	df29e3714a	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 19:48:33 +08:00
juewuy	aa14a9ee01	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 19:42:06 +08:00
juewuy	2fd2259737	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 19:32:43 +08:00
juewuy	17ab8175e1	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 19:28:19 +08:00
juewuy	3c315f61a1	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 19:12:57 +08:00
juewuy	4e1a9d33bc	v1.3.7-test ~增加CN_IP绕过内核功能	2021-06-13 18:54:43 +08:00
juewuy	8906077709	v1.3.6-test ~增加了对生成配置文件时指定clash为文件头的功能 ~使用在线生成配置时，强制使用dler.io作为dler的api地址 ~非root用户切换运行模式时，增加警告提示 ~修复crontab命令偶尔报错的问题 ~增加对谷歌dns的强制代理配置（尝试解决奈飞TV端问题） ~增加了部分fake-ip-filter地址	2021-06-12 13:16:54 +08:00
juewuy	f0da10af6e	~增加全新的安装脚本及本地安装辅助文件	2021-06-08 18:10:09 +08:00
juewuy	e7a2fe648e	~增加全新的安装脚本及本地安装辅助文件	2021-06-07 18:46:08 +08:00
juewuy	9018f112a0	~增加全新的安装脚本及本地安装辅助文件	2021-06-07 18:21:20 +08:00
juewuy	3b6e41221b	~增加全新的安装脚本	2021-06-07 18:20:45 +08:00
juewuy	d4ae7ae4b7	v1.3.6-test ~增加了对生成配置文件时指定clash为文件头的功能 ~使用在线生成配置时，强制使用dler.io作为dler的api地址	2021-06-06 14:47:18 +08:00
juewuy	95dfaa0eec	v1.3.5-test ~全面适配Padavan及华硕/梅林固件！ ~修复以上固件无法正确开机启动的bug ~修复以上固件定时任务无法保存的bug ~增加对部分小米设备使用redir-host模式无法观看Netflix的修复工具（8-4）	2021-06-05 19:27:28 +08:00
juewuy	262edbf03b	v1.3.5-test ~全面适配Padavan及华硕/梅林固件！ ~修复以上固件无法正确开机启动的bug ~修复以上固件定时任务无法保存的bug ~增加对部分小米设备使用redir-host模式无法观看Netflix的修复工具（8-4）	2021-06-05 19:17:26 +08:00
juewuy	75740f5fa1	v1.3.4-test ~适配Padavan及华硕固件	2021-06-05 12:56:15 +08:00
juewuy	a2f7552e25	v1.3.4-test ~适配Padavan及华硕固件	2021-06-05 12:53:20 +08:00
juewuy	bc5d16f09c	1.3.4-test ~padavan适配	2021-06-04 16:41:21 +08:00
juewuy	12aea19499	1.3.4-test ~部分描述修改	2021-05-31 16:03:30 +08:00
juewuy	d1fb7370e6	v1.3.3-test ~新手引导提示优化 ~大量bug修复	2021-05-29 17:26:10 +08:00
juewuy	9d067a673f	Merge branch 'master' of https://github.com/juewuy/ShellClash	2021-05-29 17:01:31 +08:00
juewuy	0e9ef74727	v1.3.3 ~修复指定本机host时报错的bug ~新手引导说明调整及bug修复 ~修复跳过证书验证功能相关bug ~修复检测配置文件节点相关bug	2021-05-29 16:50:55 +08:00
juewuy	1bc6b7726b	v1.3.2-test ~本机代理功能增加iptables增强模式（仅支持Linux系统） ~优化iptables增强模式机制，修复潜在报错 ~修复mesh设备开机启动后shellclash无法正常工作的bug（待测试）	2021-05-16 22:28:28 +08:00
juewuy	fcfbc29219	v1.3.2-test ~本机代理功能增加iptables增强模式（仅支持Linux系统） ~优化iptables增强模式机制，修复潜在报错 ~修复mesh设备开机启动后shellclash无法正常工作的bug（待测试）	2021-05-16 22:10:10 +08:00
juewuy	734c8d3f4a	v1.3.1-test ~本机代理功能增加iptables增强模式（仅支持Linux系统）	2021-05-15 16:26:44 +08:00
juewuy	64c50d3305	v1.2.6-test ~增加Linux系统本机代理增强模式	2021-05-15 16:25:18 +08:00
juewuy	674c7872f3	~同步最新1.6.0clash核心及premium核心 ~同步最新Geoip数据库文件 ~新增在修改加密DNS时，一键下载本地根证书的功能 ~修复导入不包含port信息的配置文件时，文件内容出错的bug ~Redir模式调整为仅支持redir_host的DNS模式 ~增加禁用小米路由器自动更新功能（7-8） ~新手引导增加检测及开启本机ip转发的功能 ~将22与8080添加为默认的常用端口 ~修复定时任务文件会出现大量空行的bug ~增加开启外网远程访问SSH的功能（限openwrt设备） ~修复部分设备始终提示证书错误的bug ~在线生成配置功能中增加了部分游戏规则 ~替换了部分在线sub服务器地址 ~默认加密DNS中部分替换为dot协议 ~修改了判定Tun虚拟网卡支持的命令 ~增加了对Script规则的自动识别机制	2021-05-15 13:12:31 +08:00