1.6.3发布至正式版

修正workflows脚本中的几个小问题

.github/workflows/bin_update.yml

@@ -0,0 +1,107 @@
+name: bin_update
+
+on: 
+#   release:
+#       types: [published]
+#   push:
+#       tags:
+#       - 'v*'
+#   branches: 
+#       - master
+    schedule:
+        - cron: 0 9 * * 2,6
+#   watch:
+#       types: [started]
+    workflow_dispatch:
+
+jobs:
+  update:
+    runs-on: ubuntu-18.04
+
+    steps:
+    
+    - name: Checkout
+      uses: actions/checkout@master
+ 
+    - name: Apt Update
+      env:
+        DEBIAN_FRONTEND: noninteractive
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install unzip curl git tar
+        
+    - name: Update Dashboard
+      run: |
+        cd \bin
+        echo 下载官方面板
+        curl -kfSL -o clashdb.zip  https://github.com/Dreamacro/clash-dashboard/archive/gh-pages.zip
+        echo 下载Meta面板
+        curl -kfSL -o meta_db.zip  https://github.com/MetaCubeX/Razord-meta/archive/gh-pages.zip
+        echo 下载yacd面板
+        curl -kfSL -o yacd.zip  https://github.com/haishanh/yacd/archive/gh-pages.zip 
+        echo 下载meta魔改yacd面板
+        curl -kfSL -o meta_yacd.zip  https://github.com/MetaCubeX/Yacd-meta/archive/gh-pages.zip
+        echo 解压缩
+        unzip -o clashdb.zip > /dev/null
+        unzip -o yacd.zip > /dev/null
+        cd \clash-dashboard-gh-pages
+        tar -zcvf clashdb.tar.gz * > /dev/null
+        mv -f clashdb.tar.gz ../
+        cd ..
+        cd \yacd-gh-pages
+        echo yacd特殊处理
+        find -name '*.map' | xargs  rm -rf
+        rm -rf report.html
+        tar -zcvf yacd.tar.gz * > /dev/null
+        mv -f yacd.tar.gz ../
+        cd ..
+
+        echo 解压缩
+        unzip -o meta_db.zip > /dev/null
+        unzip -o meta_yacd.zip > /dev/null
+        cd \Razord-meta-gh-pages
+        tar -zcvf meta_db.tar.gz * > /dev/null
+        mv -f meta_db.tar.gz ../
+        cd ..
+        cd \Yacd-meta-gh-pages
+        echo yacd特殊处理
+        find -name '*.map' | xargs  rm -rf
+        rm -rf report.html
+        tar -zcvf meta_yacd.tar.gz * > /dev/null
+        mv -f meta_yacd.tar.gz ../
+        cd ..
+
+        rm -rf clashdb.zip
+        rm -rf yacd.zip
+        rm -rf meta_db.zip
+        rm -rf meta_yacd.zip
+        rm -rf \clash-dashboard-gh-pages
+        rm -rf \yacd-gh-pages
+        rm -rf \Razord-meta-gh-pages
+        rm -rf \Yacd-meta-gh-pages
+        echo 面板更新完成！
+        
+    - name: Update GeoIP
+      run: |
+        cd \bin
+        source version
+        curl -kfSL -O https://raw.githubusercontent.com/alecthw/mmdb_china_ip_list/release/Country.mmdb
+        curl -kfSL -o cn_mini.mmdb https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/Country.mmdb
+        curl -kfSL -o china_ip_list.txt https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt
+        curl -kfSL -O https://raw.githubusercontent.com/P3TERX/ca-certificates.crt/download/ca-certificates.crt
+        curl -kfSL -O https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/geosite.dat
+        sed -i '/GeoIP_v*/'d version
+        echo GeoIP_v=`date '+%Y%m%d'` >> version
+        echo IP数据库及根证书文件更新完成！
+
+    - name: Commit and push
+      run: |
+        git config --global user.email "juewuy@gmail.com" && git config --global user.name "Bot"
+        git add . && git commit -m "自动更新最新Dashboard、地址库、根证书" || exit 0
+        git push
+        
+    - name: Cleanup Workflow
+      uses: Mattraks/delete-workflow-runs@main
+      with:
+        retain_days: 1
+        keep_minimum_runs: 3

.github/workflows/update_clash_core.yaml

@@ -0,0 +1,51 @@
+name: Update Clash Core
+on: 
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'version of Clash, such as v1.10.6'
+        required: true
+        type: string
+env:
+  download_version: ${{ github.event.inputs.version }}
+  download_url: https://github.com/Dreamacro/clash/releases/download
+jobs:
+  Update:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Clone Repository
+      uses: actions/checkout@main
+    - name: Init Dependencies
+      run: |
+        wget https://github.com/upx/upx/releases/download/v3.96/upx-3.96-amd64_linux.tar.xz
+        wget https://github.com/upx/upx/releases/download/v3.93/upx-3.93-amd64_linux.tar.xz
+        tar xf upx-3.96-amd64_linux.tar.xz
+        tar xf upx-3.93-amd64_linux.tar.xz
+    - name: Download Core
+      run: |
+        archs="386 amd64 armv5 armv7 armv8 mips-softfloat mipsle-hardfloat mipsle-softfloat"
+        mkdir tmp
+        for arch in ${archs};do
+          wget "${download_url}/${download_version}/clash-linux-${arch}-${download_version}.gz" -O - | gunzip -c > ./tmp/clash-linux-${arch}
+          chmod +x ./tmp/clash-linux-${arch}
+          if [ "${arch}" != "armv5" ];then
+            if [[ ${arch} == mips* ]];then
+              ./upx-3.93-amd64_linux/upx ./tmp/clash-linux-${arch}
+            else
+              ./upx-3.96-amd64_linux/upx ./tmp/clash-linux-${arch}
+            fi
+          fi
+        done
+        rm -fr upx*
+    - name: Update
+      run: |
+        rm -fr ./bin/clash/*
+        cp ./tmp/* ./bin/clash/
+        rm -fr ./tmp
+        sed -i "s/clash_v=.*/clash_v=$(./bin/clash/clash-linux-amd64 -v 2>/dev/null | sed 's/ linux.*//;s/.* //')/" bin/version
+    - name: Commit and push
+      run: |
+        git config --global user.email "juewuy@gmail.com" && git config --global user.name "Bot"
+        git add . && git commit -m "更新Clash内核至${download_version}" || exit 0
+        git push
+        

.github/workflows/update_dotnet_core.yaml

@@ -0,0 +1,51 @@
+name: Update DotNet Core
+on: 
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'version of Clash DotNet, such as v1.7.6'
+        required: true
+        type: string
+env:
+  download_version: ${{ github.event.inputs.version }}
+  download_url: https://github.com/ClashDotNetFramework/experimental-clash/releases/download
+jobs:
+  Update:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Clone Repository
+      uses: actions/checkout@main
+    - name: Init Dependencies
+      run: |
+        wget https://github.com/upx/upx/releases/download/v3.96/upx-3.96-amd64_linux.tar.xz
+        wget https://github.com/upx/upx/releases/download/v3.93/upx-3.93-amd64_linux.tar.xz
+        tar xf upx-3.96-amd64_linux.tar.xz
+        tar xf upx-3.93-amd64_linux.tar.xz
+    - name: Download Core
+      run: |
+        archs="386 amd64 armv5 armv7 armv8 mips-softfloat mipsle-hardfloat mipsle-softfloat"
+        mkdir tmp
+        for arch in ${archs};do
+          wget "${download_url}/${download_version}/clash-linux-${arch}-${download_version}.gz" -O - | gunzip -c > ./tmp/clash-linux-${arch}
+          chmod +x ./tmp/clash-linux-${arch}
+          if [ "${arch}" != "armv5" ];then
+            if [[ ${arch} == mips* ]];then
+              ./upx-3.93-amd64_linux/upx ./tmp/clash-linux-${arch}
+            else
+              ./upx-3.96-amd64_linux/upx ./tmp/clash-linux-${arch}
+            fi
+          fi
+        done
+        rm -fr upx*
+    - name: Update
+      run: |
+        rm -fr ./bin/clash.net/*
+        cp ./tmp/* ./bin/clash.net/
+        rm -fr ./tmp
+        sed -i "s/clashnet_v=.*/clashnet_v=$(./bin/clash.net/clash-linux-amd64 -v 2>/dev/null | sed 's/ linux.*//;s/.* //')/" bin/version
+    - name: Commit and push
+      run: |
+        git config --global user.email "juewuy@gmail.com" && git config --global user.name "Bot"
+        git add . && git commit -m "更新DotNet内核至${download_version}" || exit 0
+        git push
+        

.github/workflows/update_meta_core.yaml

@@ -0,0 +1,59 @@
+name: Update Meta Core
+on: 
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'tag of Clash Meta, such as Prerelease-Alpha, Prerelease-Beta, v1.11.1'
+        required: true
+        type: string
+env:
+  download_tag: ${{ github.event.inputs.tag }}
+  download_version: ''
+  download_url: https://github.com/MetaCubeX/Clash.Meta/releases/download
+jobs:
+  Update:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Clone Repository
+      uses: actions/checkout@main
+    - name: Init Dependencies
+      run: |
+        wget https://github.com/upx/upx/releases/download/v3.96/upx-3.96-amd64_linux.tar.xz
+        wget https://github.com/upx/upx/releases/download/v3.93/upx-3.93-amd64_linux.tar.xz
+        tar xf upx-3.96-amd64_linux.tar.xz
+        tar xf upx-3.93-amd64_linux.tar.xz
+    - name: Download Core
+      run: |
+        if [ "${download_tag}" = "Prerelease-Alpha" ] || [ "${download_tag}" = "Prerelease-Beta" ];then
+          download_version=$(curl -sL https://api.github.com/repos/MetaCubeX/Clash.Meta/releases/tags/${download_tag} | grep linux-arm64 | head -n 1 | sed 's_.gz.*__;s_.*arm64-__')
+        else
+          download_version=${download_tag}
+        fi
+        echo "download_version=${download_version}" >> ${GITHUB_ENV}
+        archs=(amd64-compatible armv5 armv7 arm64 mips-softfloat mipsle-hardfloat mipsle-softfloat)
+        new_name=(amd64 armv5 armv7 armv8 mips-softfloat mipsle-hardfloat mipsle-softfloat)
+        mkdir tmp
+        for((i=0;i<7;i++));do
+          wget "${download_url}/${download_tag}/Clash.Meta-linux-${archs[i]}-${download_version}.gz" -O - | gunzip -c > ./tmp/clash-linux-${new_name[i]}
+          chmod +x ./tmp/clash-linux-${new_name[i]}
+          if [ "${archs[i]}" != "armv5" ];then
+            if [[ ${archs[i]} = mips* ]];then
+              ./upx-3.93-amd64_linux/upx ./tmp/clash-linux-${new_name[i]}
+            else
+              ./upx-3.96-amd64_linux/upx ./tmp/clash-linux-${new_name[i]}
+            fi
+          fi
+        done
+        rm -fr upx*
+    - name: Update
+      run: |
+        rm -fr ./bin/clash.meta/*
+        cp ./tmp/* ./bin/clash.meta/
+        rm -fr ./tmp
+        sed -i "s/meta_v=.*/meta_v=$(./bin/clash.meta/clash-linux-amd64 -v 2>/dev/null | sed 's/ linux.*//;s/.* //')/" bin/version
+    - name: Commit and push
+      run: |
+        git config --global user.email "juewuy@gmail.com" && git config --global user.name "Bot"
+        git add . && git commit -m "更新Meta内核至${download_version}" || exit 0
+        git push
+        

.github/workflows/update_premium_core.yaml

@@ -0,0 +1,51 @@
+name: Update Premium Core
+on: 
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'version of Clash Premium, such as 2022.05.18'
+        required: true
+        type: string
+env:
+  download_version: ${{ github.event.inputs.version }}
+  download_url: https://release.dreamacro.workers.dev
+jobs:
+  Update:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Clone Repository
+      uses: actions/checkout@main
+    - name: Init Dependencies
+      run: |
+        wget https://github.com/upx/upx/releases/download/v3.96/upx-3.96-amd64_linux.tar.xz
+        wget https://github.com/upx/upx/releases/download/v3.93/upx-3.93-amd64_linux.tar.xz
+        tar xf upx-3.96-amd64_linux.tar.xz
+        tar xf upx-3.93-amd64_linux.tar.xz
+    - name: Download Core
+      run: |
+        archs="386 amd64 armv5 armv7 armv8 mips-softfloat mipsle-hardfloat mipsle-softfloat"
+        mkdir tmp
+        for arch in ${archs};do
+          wget "${download_url}/${download_version}/clash-linux-${arch}-${download_version}.gz" -O - | gunzip -c > ./tmp/clash-linux-${arch}
+          chmod +x ./tmp/clash-linux-${arch}
+          if [ "${arch}" != "armv5" ];then
+            if [[ ${arch} == mips* ]];then
+              ./upx-3.93-amd64_linux/upx ./tmp/clash-linux-${arch}
+            else
+              ./upx-3.96-amd64_linux/upx ./tmp/clash-linux-${arch}
+            fi
+          fi
+        done
+        rm -fr upx*
+    - name: Update
+      run: |
+        rm -fr ./bin/clashpre/*
+        cp ./tmp/* ./bin/clashpre/
+        rm -fr ./tmp
+        sed -i "s/clashpre_v=.*/clashpre_v=$(./bin/clashpre/clash-linux-amd64 -v 2>/dev/null | sed 's/ linux.*//;s/.* //')/" bin/version
+    - name: Commit and push
+      run: |
+        git config --global user.email "juewuy@gmail.com" && git config --global user.name "Bot"
+        git add . && git commit -m "更新Premium内核至${download_version}" || exit 0
+        git push
+        

README.md

@@ -17,7 +17,7 @@
 
 ## Function introduction: 
 
-~Convenient use in Shell environment through management script [Clash](https://github.com/Dreamacro/clash)<br>~Support management of [Clash functions](https://lancellc.gitbook.io/clash)<br>~Support online import [Clash](https://github.com/Dreamacro/clash) supports sharing, subscription and configuration links<br>~Support configuration timing tasks, support configuration file timing updates<br>~Support online installation and Use local web panel to manage built-in rules<br>~Support routing mode, native mode and other mode switching<br>~Support GNOME, KDE desktop automatic configuration native mode<br>~Support online update<br>
+~Convenient use in Shell environment through management script [Clash](https://github.com/Dreamacro/clash)<br>~Support management of [Clash functions](https://lancellc.gitbook.io/clash)<br>~Support online import [Clash](https://github.com/Dreamacro/clash) supports sharing, subscription and configuration links<br>~Support configuration timing tasks, support configuration file timing updates<br>~Support online installation and Use local web panel to manage built-in rules<br>~Support routing mode, native mode and other mode switching<br>~Support online update<br>
 
 ## Equipment support:
 
@@ -28,7 +28,7 @@ How to use:
 
 ~Confirm that the router device has enabled SSH and obtained root privileges (Linux devices with GUI desktops can be installed using their own terminal)<br>~Use SSH connection tools (such as putty, JuiceSSH, system built-in terminal, etc.) router or Linux device SSH management interface or terminal interface, and switch to the root user<br>~Confirm that the curl or wget download tool has been installed on the device. If not installed, please [refer to here](https://www.howtoforge.com/install-curl-in-linux) for LInux devices to install curl. For devices based on OpenWrt (Xiaomi official system, Pandora, Gaoke, etc.), please Use the following command to install curl:<br>
 
-```sh
+```Shell
 opkg update && opkg install curl
 ```
 
@@ -37,36 +37,45 @@ opkg update && opkg install curl
 ##### ~Use curl:<br>
 
 ```Shell
-#By github
-export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
-#By jsdelivrCDN
-export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+#by fastgit.org
+export url='https://raw.fastgit.org/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
 ```
 
+```shell
+#by GitHub
+export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+```
+
+```shell
+#by jsDelivr-CDN
+export url='https://fastly.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+```
+
+
+
+
 ##### ~Use wget：<br>
 
-```sh
-#By jsdelivrCDN
-export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```Shell
+#by GitHub
+export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 
-~**Use a low version of wget (prompt not to support https) local installation**:<br> First clone the project to the local under the window (or [click to download the project source code zip package](https://github.com/juewuy/ShellClash/archive/refs/heads/master.zip) to the local and decompress it) 
-
-```sh
-sh git clone https://github.com/juewuy/ShellClash.git
+```shell
+#By jsDelivrCDN
+export url='https://fastly.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 
- Then open /project address/ShellClash/bin/hfs/hfs.exe Click menu-add directory from disk-{find the directory where ShellClash source code is located}-add as real directory Click on the menu-IP address-{choose the actual IP address of your LAN} Click ShellClash-click to copy to clipboard Then use the following command to install in SSH 
+~**Use a low version of wget (prompt not to support https) local installation**:<br>
 
-```sh
-sh export url='Paste the copied address here' && wget -q -O /tmp/install.sh $url/install.sh && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```Shell
+#by shellclash.cf
+export url='http://shellclash.cf/' && wget -q -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 
- Later, when updating the version, you need to update the local version library and open the hfs service, and then update in the SSH menu, and then you can build a local server through hfs to realize the function of uploading and updating the yaml configuration file 
-
 ~**After installation by non-root users**, please execute the following additional commands to read environment variables:<br>
 
-```shell
+```Shell
 source ~/.bashrc &> /dev/null
 ```
 
@@ -79,13 +88,15 @@ clash -u #uninstall
 clash -t #test mode
 ```
 
+~**Install in Docker：**<br>
+
+Use: https://github.com/echvoyager/shellclash_docker
+
 ~**Additional dependencies at runtime**：<br>
 
-```
-Most of the equipment/systems are pre-installed with most of the following dependencies, you can ignore them if there is no impact when you use them.
-```
+> Most of the equipment/systems are pre-installed with most of the following dependencies, you can ignore them if there is no impact when you use them.
 
-```sh
+```Text
 bash/ash		necessary		Cannot install and run scripts when all are missing
 curl/wget		necessary		When all are missing, it cannot be installed and updated online
 iptables		important		Only use pure mode when missing
@@ -105,7 +116,7 @@ ubus/iproute-doc	minimal		The host address of the machine cannot be obtained nor
 
 ## Exchange feedback: 
 
-### [TG Discussion Group](https://t.me/clashfm)
+### [TG Discussion Group](https://t.me/ShellClash)
 
 ## Related Q&A:
 
@@ -117,7 +128,8 @@ ubus/iproute-doc	minimal		The host address of the machine cannot be obtained nor
 
 ##### <img src="http://juewuy.github.io/post-images/1604390977172.png" style="zoom:50%;" /><img src="http://juewuy.github.io/post-images/1604391042406.png" style="zoom:50%;" />
 
-## Friendly promotion: 
-
-### [Top 8K Airport-Dler](https://dler.best/auth/register?affid=89698)
+机场推荐：
+--
+#### [Catnet](https://dash.catnet.uk/#/register?code=KOhfH9qD)<br>
+#### [Dler](https://dler.best/auth/register?affid=89698)<br>
 

README_CN.md

@@ -38,38 +38,63 @@
 ~使用SSH连接工具（如putty，JuiceSSH，系统自带终端等）路由器或Linux设备的SSH管理界面或终端界面，并切换到root用户<br>
 ~确认设备已经安装curl或者wget下载工具。**如未安装**，LInux设备请[参考此处](https://www.howtoing.com/install-curl-in-linux)安装curl，基于OpenWrt（小米官方系统、潘多拉、高恪等）的设备请使用如下命令安装curl：<br>
 
-```shell
+```Shell
 opkg update && opkg install curl #如已安装请忽略
 ```
 
 ~之后在SSH界面执行如下安装命令，并按照后续提示完成安装<br>
 
+（**如无法连接或出现SSL连接错误，请尝试更换各种不同的安装源！**）<br>
+
 ~**使用curl安装**：<br>
 
 ```Shell
-#github直连
+#fastgit.org加速
+export url='https://raw.fastgit.org/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+```
+
+```shell
+#GitHub源
 export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
-#jsdelivrCDN源
-export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+```
+
+```shell
+#jsDelivrCDN源
+export url='https://fastly.jsdelivr.net/gh/juewuy/ShellClash@master' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
+```
+
+```shell
+#作者私人源
+export url='https://shellclash.cf' && sh -c "$(curl -kfsSl $url/install.sh)" && source /etc/profile &> /dev/null
 ```
 
 ~**使用wget安装**：<br>
 
-```sh
-#Release版本-jsdelivrCDN源
-export url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```Shell
+#GitHub源
+export url='https://raw.githubusercontent.com/juewuy/ShellClash/master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```
+
+```shell
+#jsDelivrCDN源
+export url='https://fastly.jsdelivr.net/gh/juewuy/ShellClash@master' && wget -q --no-check-certificate -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```
+
+```shell
+#fastgit.org加速
+export url='https://raw.fastgit.org/juewuy/ShellClash/master' && wget -q -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 
 ~**使用低版本wget（提示不支持https）安装**：<br>
 
-```sh
-#Test版本-酱紫表私人http源
-export url='http://sc.qust.me/' && wget -q -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
+```Shell
+#作者私人http源
+export url='http://shellclash.cf/' && wget -q -O /tmp/install.sh $url/install.sh  && sh /tmp/install.sh && source /etc/profile &> /dev/null
 ```
 
 ~**非root用户安装后**请额外执行以下命令以读取环境变量：<br>
 
-```shell
+```Shell
 source ~/.bashrc &> /dev/null
 ```
 
@@ -82,11 +107,15 @@ clash -u #卸载脚本
 clash -t #测试模式运行
 ```
 
+~**DOCKER环境下安装：**<br>
+
+请参考https://github.com/echvoyager/shellclash_docker
+
 ~**运行时的额外依赖**：<br>
 
-`大部分的设备/系统都已经预装了以下的大部分依赖，使用时如无影响可以无视之`
+> 大部分的设备/系统都已经预装了以下的大部分依赖，使用时如无影响可以无视之
 
-```sh
+```Text
 bash/ash		必须		全部缺少时无法安装及运行脚本
 curl/wget		必须		全部缺少时无法在线安装及更新，无法使用节点保存功能
 iptables		重要		缺少时只能使用纯净模式
@@ -107,7 +136,7 @@ ubus/iproute-doc	极低		缺少时无法正常获取本机host地址
 
 交流反馈：
 --
-### [TG讨论组](https://t.me/clashfm) 
+### [TG讨论组](https://t.me/ShellClash) 
 
 相关Q&A：
 --
@@ -120,6 +149,7 @@ ubus/iproute-doc	极低		缺少时无法正常获取本机host地址
 
 ##### <img src="http://juewuy.github.io/post-images/1604390977172.png" style="zoom:50%;" /><img src="http://juewuy.github.io/post-images/1604391042406.png" style="zoom:50%;" />
 
-友情推广：
+机场推荐：
 --
-### [顶级8K专线机场-墙洞](https://dler.best/auth/register?affid=89698)
+#### [梦迪-高速专线，流媒体解锁，月付推荐](https://dash.catnet.uk/#/register?code=KOhfH9qD)<br>
+#### [墙洞-老牌稳定，流媒体解锁，年付推荐](https://dler.best/auth/register?affid=89698)<br>

bin/Disney_Plus_Domains.list

@@ -0,0 +1,48 @@
+vod-akc-eu-south-1.media.dssott.com
+vod-vzc-eu-south-1.media.dssott.com
+vod-l3c-na-central-1.media.dssott.com
+vod-akc-na-central-1.media.dssott.com
+vod-ftc-na-central-1.media.dssott.com
+vod-vzc-na-central-1.media.dssott.com
+vod-l3c-na-east-1.media.dssott.com
+vod-bgc-na-east-1.media.dssott.com
+vod-akc-na-east-1.media.dssott.com
+vod-ftc-na-east-1.media.dssott.com
+vod-vzc-na-east-1.media.dssott.com
+vod-bgc-oc-east-1.media.dssott.com
+vod-l3c-na-west-1.media.dssott.com
+vod-akc-na-west-1.media.dssott.com
+vod-ftc-na-west-1.media.dssott.com
+vod-vzc-na-west-1.media.dssott.com
+vod-l3c-eu-south-2.media.dssott.com
+vod-ftc-eu-south-2.media.dssott.com
+vod-l3c-na-east-2.media.dssott.com
+vod-akc-na-east-2.media.dssott.com
+vod-ftc-na-east-2.media.dssott.com
+vod-vzc-na-east-2.media.dssott.com
+vod-l3c-oc-east-2.media.dssott.com
+vod-akc-oc-east-2.media.dssott.com
+vod-ftc-oc-east-2.media.dssott.com
+vod-vzc-oc-east-2.media.dssott.com
+vod-l3c-na-west-2.media.dssott.com
+vod-akc-na-west-2.media.dssott.com
+vod-llc-na-west-2.media.dssott.com
+vod-cmc-na-west-2.media.dssott.com
+vod-ftc-na-west-2.media.dssott.com
+vod-vzc-na-west-2.media.dssott.com
+cdn.registerdisney.go.com
+qa.cdn.registerdisney.go.com
+stg.cdn.registerdisney.go.com
+val.cdn.registerdisney.go.com
+prod-ripcut-delivery.disney-plus.net
+appconfigs.disney-plus.net
+prod-static.disney-plus.net
+global.edge.bamgrid.com
+bam-sdk-configs.bamgrid.com
+playback-certs.bamgrid.com
+search-api-disney.bamgrid.com
+content.global.edge.bamgrid.com
+disney.playback.edge.bamgrid.com
+disney.api.edge.bamgrid.com
+disney.content.edge.bamgrid.com
+disney.connections.edge.bamgrid.com

bin/Netflix_Domains.list

@@ -0,0 +1,555 @@
+ipv4-c001-hkg001-hgc-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg001-hgc-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg001-hgc-isp.1.oca.nflxvideo.net
+ipv4-c001-hkg002-hgc-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg002-hgc-isp.1.oca.nflxvideo.net
+ipv4-c001-hkg001-cmhk-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg001-cmhk-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg001-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg001-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg001-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c005-hkg001-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c001-hkg002-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg002-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg002-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg002-hkbn-isp.1.oca.nflxvideo.net
+ipv4-c001-hkg001-pccw-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg001-pccw-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg001-pccw-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg002-pccw-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg002-pccw-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg002-pccw-isp.1.oca.nflxvideo.net
+ipv4-c005-hkg002-pccw-isp.1.oca.nflxvideo.net
+ipv4-c001-hkg003-pccw-isp.1.oca.nflxvideo.net
+ipv4-c002-hkg003-pccw-isp.1.oca.nflxvideo.net
+ipv4-c003-hkg003-pccw-isp.1.oca.nflxvideo.net
+ipv4-c004-hkg003-pccw-isp.1.oca.nflxvideo.net
+ipv4-c010-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c010-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c020-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c020-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c030-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c030-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c040-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c040-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c050-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c060-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c001-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c011-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c011-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c021-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c021-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c031-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c031-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c041-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c041-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c051-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c061-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c002-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c002-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c012-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c022-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c022-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c032-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c032-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c042-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c042-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c052-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c062-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c003-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c003-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c013-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c013-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c023-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c023-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c033-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c033-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c043-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c043-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c053-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c004-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c004-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c014-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c014-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c024-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c024-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c034-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c034-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c044-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c044-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c054-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c005-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c005-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c015-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c015-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c025-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c025-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c035-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c035-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c045-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c055-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c006-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c006-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c016-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c016-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c026-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c026-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c036-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c036-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c046-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c056-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c007-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c007-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c017-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c017-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c027-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c027-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c037-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c037-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c047-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c057-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c008-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c008-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c018-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c018-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c028-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c028-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c038-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c038-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c048-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c058-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c009-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c009-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c019-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c029-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c029-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c039-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c039-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c049-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c059-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c001-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c019-hkg001-ix.1.oca.nflxvideo.net
+ipv4-c001-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c001-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c002-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c002-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c003-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c003-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c004-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c004-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c005-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c005-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c006-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv4-c010-sin001-ix.1.oca.nflxvideo.net
+ipv6-c010-sin001-ix.1.oca.nflxvideo.net
+ipv4-c020-sin001-ix.1.oca.nflxvideo.net
+ipv4-c030-sin001-ix.1.oca.nflxvideo.net
+ipv6-c030-sin001-ix.1.oca.nflxvideo.net
+ipv4-c040-sin001-ix.1.oca.nflxvideo.net
+ipv6-c040-sin001-ix.1.oca.nflxvideo.net
+ipv4-c050-sin001-ix.1.oca.nflxvideo.net
+ipv4-c060-sin001-ix.1.oca.nflxvideo.net
+ipv4-c001-sin001-ix.1.oca.nflxvideo.net
+ipv4-c011-sin001-ix.1.oca.nflxvideo.net
+ipv6-c011-sin001-ix.1.oca.nflxvideo.net
+ipv4-c021-sin001-ix.1.oca.nflxvideo.net
+ipv4-c031-sin001-ix.1.oca.nflxvideo.net
+ipv6-c031-sin001-ix.1.oca.nflxvideo.net
+ipv4-c041-sin001-ix.1.oca.nflxvideo.net
+ipv6-c041-sin001-ix.1.oca.nflxvideo.net
+ipv4-c051-sin001-ix.1.oca.nflxvideo.net
+ipv4-c061-sin001-ix.1.oca.nflxvideo.net
+ipv4-c002-sin001-ix.1.oca.nflxvideo.net
+ipv6-c002-sin001-ix.1.oca.nflxvideo.net
+ipv4-c012-sin001-ix.1.oca.nflxvideo.net
+ipv6-c012-sin001-ix.1.oca.nflxvideo.net
+ipv4-c032-sin001-ix.1.oca.nflxvideo.net
+ipv6-c032-sin001-ix.1.oca.nflxvideo.net
+ipv4-c042-sin001-ix.1.oca.nflxvideo.net
+ipv6-c042-sin001-ix.1.oca.nflxvideo.net
+ipv4-c052-sin001-ix.1.oca.nflxvideo.net
+ipv4-c062-sin001-ix.1.oca.nflxvideo.net
+ipv4-c003-sin001-ix.1.oca.nflxvideo.net
+ipv4-c013-sin001-ix.1.oca.nflxvideo.net
+ipv6-c013-sin001-ix.1.oca.nflxvideo.net
+ipv4-c033-sin001-ix.1.oca.nflxvideo.net
+ipv4-c043-sin001-ix.1.oca.nflxvideo.net
+ipv6-c043-sin001-ix.1.oca.nflxvideo.net
+ipv4-c053-sin001-ix.1.oca.nflxvideo.net
+ipv6-c053-sin001-ix.1.oca.nflxvideo.net
+ipv4-c063-sin001-ix.1.oca.nflxvideo.net
+ipv4-c004-sin001-ix.1.oca.nflxvideo.net
+ipv6-c004-sin001-ix.1.oca.nflxvideo.net
+ipv4-c014-sin001-ix.1.oca.nflxvideo.net
+ipv6-c014-sin001-ix.1.oca.nflxvideo.net
+ipv4-c034-sin001-ix.1.oca.nflxvideo.net
+ipv6-c034-sin001-ix.1.oca.nflxvideo.net
+ipv4-c044-sin001-ix.1.oca.nflxvideo.net
+ipv6-c044-sin001-ix.1.oca.nflxvideo.net
+ipv4-c054-sin001-ix.1.oca.nflxvideo.net
+ipv4-c005-sin001-ix.1.oca.nflxvideo.net
+ipv6-c005-sin001-ix.1.oca.nflxvideo.net
+ipv4-c015-sin001-ix.1.oca.nflxvideo.net
+ipv6-c015-sin001-ix.1.oca.nflxvideo.net
+ipv4-c025-sin001-ix.1.oca.nflxvideo.net
+ipv6-c025-sin001-ix.1.oca.nflxvideo.net
+ipv4-c035-sin001-ix.1.oca.nflxvideo.net
+ipv6-c035-sin001-ix.1.oca.nflxvideo.net
+ipv4-c045-sin001-ix.1.oca.nflxvideo.net
+ipv6-c045-sin001-ix.1.oca.nflxvideo.net
+ipv4-c055-sin001-ix.1.oca.nflxvideo.net
+ipv4-c006-sin001-ix.1.oca.nflxvideo.net
+ipv4-c016-sin001-ix.1.oca.nflxvideo.net
+ipv4-c026-sin001-ix.1.oca.nflxvideo.net
+ipv4-c036-sin001-ix.1.oca.nflxvideo.net
+ipv6-c036-sin001-ix.1.oca.nflxvideo.net
+ipv4-c046-sin001-ix.1.oca.nflxvideo.net
+ipv6-c046-sin001-ix.1.oca.nflxvideo.net
+ipv4-c056-sin001-ix.1.oca.nflxvideo.net
+ipv4-c007-sin001-ix.1.oca.nflxvideo.net
+ipv6-c007-sin001-ix.1.oca.nflxvideo.net
+ipv4-c017-sin001-ix.1.oca.nflxvideo.net
+ipv6-c017-sin001-ix.1.oca.nflxvideo.net
+ipv4-c027-sin001-ix.1.oca.nflxvideo.net
+ipv6-c027-sin001-ix.1.oca.nflxvideo.net
+ipv4-c037-sin001-ix.1.oca.nflxvideo.net
+ipv6-c037-sin001-ix.1.oca.nflxvideo.net
+ipv4-c047-sin001-ix.1.oca.nflxvideo.net
+ipv6-c047-sin001-ix.1.oca.nflxvideo.net
+ipv4-c057-sin001-ix.1.oca.nflxvideo.net
+ipv4-c008-sin001-ix.1.oca.nflxvideo.net
+ipv6-c008-sin001-ix.1.oca.nflxvideo.net
+ipv4-c018-sin001-ix.1.oca.nflxvideo.net
+ipv4-c028-sin001-ix.1.oca.nflxvideo.net
+ipv6-c028-sin001-ix.1.oca.nflxvideo.net
+ipv4-c038-sin001-ix.1.oca.nflxvideo.net
+ipv6-c038-sin001-ix.1.oca.nflxvideo.net
+ipv4-c048-sin001-ix.1.oca.nflxvideo.net
+ipv6-c048-sin001-ix.1.oca.nflxvideo.net
+ipv4-c058-sin001-ix.1.oca.nflxvideo.net
+ipv4-c009-sin001-ix.1.oca.nflxvideo.net
+ipv6-c009-sin001-ix.1.oca.nflxvideo.net
+ipv4-c019-sin001-ix.1.oca.nflxvideo.net
+ipv6-c019-sin001-ix.1.oca.nflxvideo.net
+ipv6-c029-sin001-ix.1.oca.nflxvideo.net
+ipv4-c039-sin001-ix.1.oca.nflxvideo.net
+ipv6-c039-sin001-ix.1.oca.nflxvideo.net
+ipv4-c049-sin001-ix.1.oca.nflxvideo.net
+ipv6-c049-sin001-ix.1.oca.nflxvideo.net
+ipv4-c059-sin001-ix.1.oca.nflxvideo.net
+ipv6-c050-sin001-ix.1.oca.nflxvideo.net
+ipv4-c029-sin001-ix.1.oca.nflxvideo.net
+ipv4-c001-xsp001-m1-isp.1.oca.nflxvideo.net
+ipv4-c002-xsp001-m1-isp.1.oca.nflxvideo.net
+ipv4-c003-xsp001-m1-isp.1.oca.nflxvideo.net
+ipv4-c001-xsp002-m1-isp.1.oca.nflxvideo.net
+ipv4-c002-xsp002-m1-isp.1.oca.nflxvideo.net
+ipv4-c003-xsp002-m1-isp.1.oca.nflxvideo.net
+ipv4-c001-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv6-c001-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c003-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv6-c003-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c004-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv6-c004-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c005-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv6-c005-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c006-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv6-c006-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c007-xsp002-starhub-isp.1.oca.nflxvideo.net
+ipv4-c002-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv6-c002-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c004-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv6-c004-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c005-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c006-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv6-c006-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c007-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c008-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv6-c008-xsp003-starhub-isp.1.oca.nflxvideo.net
+ipv4-c100-fra002-ix.1.oca.nflxvideo.net
+ipv4-c010-fra002-ix.1.oca.nflxvideo.net
+ipv4-c110-fra002-ix.1.oca.nflxvideo.net
+ipv4-c020-fra002-ix.1.oca.nflxvideo.net
+ipv4-c120-fra002-ix.1.oca.nflxvideo.net
+ipv4-c030-fra002-ix.1.oca.nflxvideo.net
+ipv4-c130-fra002-ix.1.oca.nflxvideo.net
+ipv4-c040-fra002-ix.1.oca.nflxvideo.net
+ipv4-c140-fra002-ix.1.oca.nflxvideo.net
+ipv4-c050-fra002-ix.1.oca.nflxvideo.net
+ipv4-c150-fra002-ix.1.oca.nflxvideo.net
+ipv4-c060-fra002-ix.1.oca.nflxvideo.net
+ipv4-c070-fra002-ix.1.oca.nflxvideo.net
+ipv4-c080-fra002-ix.1.oca.nflxvideo.net
+ipv4-c090-fra002-ix.1.oca.nflxvideo.net
+ipv4-c001-fra002-ix.1.oca.nflxvideo.net
+ipv4-c101-fra002-ix.1.oca.nflxvideo.net
+ipv4-c011-fra002-ix.1.oca.nflxvideo.net
+ipv4-c111-fra002-ix.1.oca.nflxvideo.net
+ipv4-c021-fra002-ix.1.oca.nflxvideo.net
+ipv4-c121-fra002-ix.1.oca.nflxvideo.net
+ipv4-c031-fra002-ix.1.oca.nflxvideo.net
+ipv4-c131-fra002-ix.1.oca.nflxvideo.net
+ipv4-c041-fra002-ix.1.oca.nflxvideo.net
+ipv4-c141-fra002-ix.1.oca.nflxvideo.net
+ipv4-c051-fra002-ix.1.oca.nflxvideo.net
+ipv4-c061-fra002-ix.1.oca.nflxvideo.net
+ipv4-c071-fra002-ix.1.oca.nflxvideo.net
+ipv4-c081-fra002-ix.1.oca.nflxvideo.net
+ipv4-c091-fra002-ix.1.oca.nflxvideo.net
+ipv4-c002-fra002-ix.1.oca.nflxvideo.net
+ipv4-c102-fra002-ix.1.oca.nflxvideo.net
+ipv4-c012-fra002-ix.1.oca.nflxvideo.net
+ipv4-c112-fra002-ix.1.oca.nflxvideo.net
+ipv4-c022-fra002-ix.1.oca.nflxvideo.net
+ipv4-c122-fra002-ix.1.oca.nflxvideo.net
+ipv4-c132-fra002-ix.1.oca.nflxvideo.net
+ipv4-c042-fra002-ix.1.oca.nflxvideo.net
+ipv4-c062-fra002-ix.1.oca.nflxvideo.net
+ipv4-c072-fra002-ix.1.oca.nflxvideo.net
+ipv4-c082-fra002-ix.1.oca.nflxvideo.net
+ipv4-c092-fra002-ix.1.oca.nflxvideo.net
+ipv4-c003-fra002-ix.1.oca.nflxvideo.net
+ipv4-c103-fra002-ix.1.oca.nflxvideo.net
+ipv4-c013-fra002-ix.1.oca.nflxvideo.net
+ipv4-c113-fra002-ix.1.oca.nflxvideo.net
+ipv4-c023-fra002-ix.1.oca.nflxvideo.net
+ipv4-c123-fra002-ix.1.oca.nflxvideo.net
+ipv4-c033-fra002-ix.1.oca.nflxvideo.net
+ipv4-c133-fra002-ix.1.oca.nflxvideo.net
+ipv4-c043-fra002-ix.1.oca.nflxvideo.net
+ipv4-c153-fra002-ix.1.oca.nflxvideo.net
+ipv4-c063-fra002-ix.1.oca.nflxvideo.net
+ipv4-c073-fra002-ix.1.oca.nflxvideo.net
+ipv4-c083-fra002-ix.1.oca.nflxvideo.net
+ipv4-c093-fra002-ix.1.oca.nflxvideo.net
+ipv4-c004-fra002-ix.1.oca.nflxvideo.net
+ipv4-c104-fra002-ix.1.oca.nflxvideo.net
+ipv4-c014-fra002-ix.1.oca.nflxvideo.net
+ipv4-c114-fra002-ix.1.oca.nflxvideo.net
+ipv4-c024-fra002-ix.1.oca.nflxvideo.net
+ipv4-c124-fra002-ix.1.oca.nflxvideo.net
+ipv4-c034-fra002-ix.1.oca.nflxvideo.net
+ipv4-c134-fra002-ix.1.oca.nflxvideo.net
+ipv4-c044-fra002-ix.1.oca.nflxvideo.net
+ipv4-c154-fra002-ix.1.oca.nflxvideo.net
+ipv4-c064-fra002-ix.1.oca.nflxvideo.net
+ipv4-c074-fra002-ix.1.oca.nflxvideo.net
+ipv4-c084-fra002-ix.1.oca.nflxvideo.net
+ipv4-c094-fra002-ix.1.oca.nflxvideo.net
+ipv4-c005-fra002-ix.1.oca.nflxvideo.net
+ipv4-c105-fra002-ix.1.oca.nflxvideo.net
+ipv4-c015-fra002-ix.1.oca.nflxvideo.net
+ipv4-c115-fra002-ix.1.oca.nflxvideo.net
+ipv4-c025-fra002-ix.1.oca.nflxvideo.net
+ipv4-c125-fra002-ix.1.oca.nflxvideo.net
+ipv4-c035-fra002-ix.1.oca.nflxvideo.net
+ipv4-c135-fra002-ix.1.oca.nflxvideo.net
+ipv4-c045-fra002-ix.1.oca.nflxvideo.net
+ipv4-c145-fra002-ix.1.oca.nflxvideo.net
+ipv4-c065-fra002-ix.1.oca.nflxvideo.net
+ipv4-c075-fra002-ix.1.oca.nflxvideo.net
+ipv4-c085-fra002-ix.1.oca.nflxvideo.net
+ipv4-c095-fra002-ix.1.oca.nflxvideo.net
+ipv4-c006-fra002-ix.1.oca.nflxvideo.net
+ipv4-c106-fra002-ix.1.oca.nflxvideo.net
+ipv4-c016-fra002-ix.1.oca.nflxvideo.net
+ipv4-c116-fra002-ix.1.oca.nflxvideo.net
+ipv4-c026-fra002-ix.1.oca.nflxvideo.net
+ipv4-c126-fra002-ix.1.oca.nflxvideo.net
+ipv4-c036-fra002-ix.1.oca.nflxvideo.net
+ipv4-c136-fra002-ix.1.oca.nflxvideo.net
+ipv4-c046-fra002-ix.1.oca.nflxvideo.net
+ipv4-c146-fra002-ix.1.oca.nflxvideo.net
+ipv4-c056-fra002-ix.1.oca.nflxvideo.net
+ipv4-c156-fra002-ix.1.oca.nflxvideo.net
+ipv4-c066-fra002-ix.1.oca.nflxvideo.net
+ipv4-c076-fra002-ix.1.oca.nflxvideo.net
+ipv4-c086-fra002-ix.1.oca.nflxvideo.net
+ipv4-c096-fra002-ix.1.oca.nflxvideo.net
+ipv4-c007-fra002-ix.1.oca.nflxvideo.net
+ipv4-c107-fra002-ix.1.oca.nflxvideo.net
+ipv4-c017-fra002-ix.1.oca.nflxvideo.net
+ipv4-c117-fra002-ix.1.oca.nflxvideo.net
+ipv4-c027-fra002-ix.1.oca.nflxvideo.net
+ipv4-c127-fra002-ix.1.oca.nflxvideo.net
+ipv4-c037-fra002-ix.1.oca.nflxvideo.net
+ipv4-c137-fra002-ix.1.oca.nflxvideo.net
+ipv4-c047-fra002-ix.1.oca.nflxvideo.net
+ipv4-c057-fra002-ix.1.oca.nflxvideo.net
+ipv4-c067-fra002-ix.1.oca.nflxvideo.net
+ipv4-c077-fra002-ix.1.oca.nflxvideo.net
+ipv4-c087-fra002-ix.1.oca.nflxvideo.net
+ipv4-c097-fra002-ix.1.oca.nflxvideo.net
+ipv4-c008-fra002-ix.1.oca.nflxvideo.net
+ipv4-c108-fra002-ix.1.oca.nflxvideo.net
+ipv4-c018-fra002-ix.1.oca.nflxvideo.net
+ipv4-c028-fra002-ix.1.oca.nflxvideo.net
+ipv4-c128-fra002-ix.1.oca.nflxvideo.net
+ipv4-c038-fra002-ix.1.oca.nflxvideo.net
+ipv4-c138-fra002-ix.1.oca.nflxvideo.net
+ipv4-c048-fra002-ix.1.oca.nflxvideo.net
+ipv4-c148-fra002-ix.1.oca.nflxvideo.net
+ipv4-c058-fra002-ix.1.oca.nflxvideo.net
+ipv4-c158-fra002-ix.1.oca.nflxvideo.net
+ipv4-c068-fra002-ix.1.oca.nflxvideo.net
+ipv4-c078-fra002-ix.1.oca.nflxvideo.net
+ipv4-c088-fra002-ix.1.oca.nflxvideo.net
+ipv4-c098-fra002-ix.1.oca.nflxvideo.net
+ipv4-c009-fra002-ix.1.oca.nflxvideo.net
+ipv4-c109-fra002-ix.1.oca.nflxvideo.net
+ipv4-c019-fra002-ix.1.oca.nflxvideo.net
+ipv4-c119-fra002-ix.1.oca.nflxvideo.net
+ipv4-c029-fra002-ix.1.oca.nflxvideo.net
+ipv4-c129-fra002-ix.1.oca.nflxvideo.net
+ipv4-c039-fra002-ix.1.oca.nflxvideo.net
+ipv4-c139-fra002-ix.1.oca.nflxvideo.net
+ipv4-c049-fra002-ix.1.oca.nflxvideo.net
+ipv4-c149-fra002-ix.1.oca.nflxvideo.net
+ipv4-c059-fra002-ix.1.oca.nflxvideo.net
+ipv4-c069-fra002-ix.1.oca.nflxvideo.net
+ipv4-c079-fra002-ix.1.oca.nflxvideo.net
+ipv4-c089-fra002-ix.1.oca.nflxvideo.net
+ipv4-c099-fra002-ix.1.oca.nflxvideo.net
+ipv4-c010-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c001-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c011-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c002-fra002-dev-ix.1.oca.nflxvideo.net
+ipv6-c002-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c012-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c003-fra002-dev-ix.1.oca.nflxvideo.net
+ipv6-c003-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c004-fra002-dev-ix.1.oca.nflxvideo.net
+ipv6-c004-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c005-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c006-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c007-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c008-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c009-fra002-dev-ix.1.oca.nflxvideo.net
+ipv4-c151-fra002-ix.1.oca.nflxvideo.net
+ipv4-c032-fra002-ix.1.oca.nflxvideo.net
+ipv4-c142-fra002-ix.1.oca.nflxvideo.net
+ipv4-c152-fra002-ix.1.oca.nflxvideo.net
+ipv4-c143-fra002-ix.1.oca.nflxvideo.net
+ipv4-c144-fra002-ix.1.oca.nflxvideo.net
+ipv4-c155-fra002-ix.1.oca.nflxvideo.net
+ipv4-c147-fra002-ix.1.oca.nflxvideo.net
+ipv4-c157-fra002-ix.1.oca.nflxvideo.net
+ipv4-c118-fra002-ix.1.oca.nflxvideo.net
+ipv4-c003-mfm001-ctm-isp.1.oca.nflxvideo.net
+ipv4-c001-tsa001-chieftelecom-isp.1.oca.nflxvideo.net
+ipv4-c001-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c002-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c003-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c004-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c005-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c006-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c007-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c008-tsa001-cht-isp.1.oca.nflxvideo.net
+ipv4-c002-cjj001-lguplus-isp.1.oca.nflxvideo.net
+ipv4-c006-cjj001-lguplus-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp001-im2-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp001-myrepublicid-isp.1.oca.nflxvideo.net
+ipv4-c002-hlp001-myrepublicid-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp001-cbn-isp.1.oca.nflxvideo.net
+ipv4-c002-hlp001-cbn-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp002-linknet-isp.1.oca.nflxvideo.net
+ipv4-c002-hlp002-linknet-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp003-linknet-isp.1.oca.nflxvideo.net
+ipv4-c002-hlp003-linknet-isp.1.oca.nflxvideo.net
+ipv4-c001-hlp001-mncplay-isp.1.oca.nflxvideo.net
+ipv4-c002-hlp001-mncplay-isp.1.oca.nflxvideo.net
+ipv4-c001-bdo001-starnetid-isp.1.oca.nflxvideo.net
+ipv4-c002-bdo001-starnetid-isp.1.oca.nflxvideo.net
+ipv4-c002-cgk001-moratel-isp.1.oca.nflxvideo.net
+ipv4-c001-cgk001-linknet-isp.1.oca.nflxvideo.net
+ipv4-c002-cgk001-linknet-isp.1.oca.nflxvideo.net
+ipv4-c003-cgk001-linknet-isp.1.oca.nflxvideo.net
+ipv4-c001-cgk002-linknet-isp.1.oca.nflxvideo.net
+ipv4-c002-cgk002-linknet-isp.1.oca.nflxvideo.net
+ipv4-c003-cgk002-linknet-isp.1.oca.nflxvideo.net
+ipv4-c003-cgk002-biznet-isp.1.oca.nflxvideo.net
+ipv4-c004-cgk002-biznet-isp.1.oca.nflxvideo.net
+ipv4-c001-cxp001-biznet-isp.1.oca.nflxvideo.net
+ipv4-c001-sub001-biznet-isp.1.oca.nflxvideo.net
+ipv4-c016-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c010-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c025-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c027-jnb001-ix.1.oca.nflxvideo.net
+ipv6-c001-sin001-ix.1.oca.nflxvideo.net
+ipv4-c002-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c008-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c004-jnb001-ix.1.oca.nflxvideo.net
+ipv6-c063-sin001-ix.1.oca.nflxvideo.net
+ipv6-c117-fra002-ix.1.oca.nflxvideo.net
+ipv4-c037-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c026-jnb001-ix.1.oca.nflxvideo.net
+ipv6-c124-fra002-ix.1.oca.nflxvideo.net
+ipv6-c062-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c058-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c057-sin001-ix.1.oca.nflxvideo.net
+ipv6-c051-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c108-fra002-ix.1.oca.nflxvideo.net
+ipv4-c024-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c030-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c010-osa001-ix.1.oca.nflxvideo.net
+ipv4-c020-osa001-ix.1.oca.nflxvideo.net
+ipv4-c001-osa001-ix.1.oca.nflxvideo.net
+ipv4-c011-osa001-ix.1.oca.nflxvideo.net
+ipv4-c021-osa001-ix.1.oca.nflxvideo.net
+ipv4-c002-osa001-ix.1.oca.nflxvideo.net
+ipv4-c012-osa001-ix.1.oca.nflxvideo.net
+ipv4-c022-osa001-ix.1.oca.nflxvideo.net
+ipv4-c003-osa001-ix.1.oca.nflxvideo.net
+ipv4-c013-osa001-ix.1.oca.nflxvideo.net
+ipv4-c004-osa001-ix.1.oca.nflxvideo.net
+ipv4-c014-osa001-ix.1.oca.nflxvideo.net
+ipv4-c005-osa001-ix.1.oca.nflxvideo.net
+ipv4-c015-osa001-ix.1.oca.nflxvideo.net
+ipv4-c006-osa001-ix.1.oca.nflxvideo.net
+ipv4-c016-osa001-ix.1.oca.nflxvideo.net
+ipv4-c007-osa001-ix.1.oca.nflxvideo.net
+ipv4-c017-osa001-ix.1.oca.nflxvideo.net
+ipv4-c008-osa001-ix.1.oca.nflxvideo.net
+ipv4-c018-osa001-ix.1.oca.nflxvideo.net
+ipv4-c009-osa001-ix.1.oca.nflxvideo.net
+ipv4-c019-osa001-ix.1.oca.nflxvideo.net
+ipv4-c020-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c001-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c011-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c021-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c031-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c012-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c022-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c032-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c003-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c023-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c033-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c014-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c034-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c005-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c015-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c006-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c036-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c007-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c017-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c018-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c028-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c038-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c009-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c019-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c029-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c013-jnb001-ix.1.oca.nflxvideo.net
+ipv4-c035-jnb001-ix.1.oca.nflxvideo.net
+dualstack.apiproxy-nrdp-prod-nlb-4-9fae3883a092e5c6.elb.us-west-2.amazonaws.com
+dualstack.apiproxy-nrdp-prod-nlb-2-42101415231301e4.elb.us-west-2.amazonaws.com
+dualstack.apiproxy-nrdp-prod-nlb-1-4659b24f746a127b.elb.us-west-2.amazonaws.com
+dualstack.apiproxy-nrdp-prod-nlb-3-80d1f4b305f7c0e4.elb.us-west-2.amazonaws.com
+ipv4-c002-hkg001-pccw-isp.1.oca.nflxvideo.net
+ipv6-c012-hkg001-ix.1.oca.nflxvideo.net
+ipv6-c006-sin001-starhub-isp.1.oca.nflxvideo.net
+ipv6-c026-sin001-ix.1.oca.nflxvideo.net
+ipv4-c001-cgk001-moratel-isp.1.oca.nflxvideo.net
+ipv4-c221-sjc002-ix.1.oca.nflxvideo.net
+ipv4-c204-sjc002-dev-ix.1.oca.nflxvideo.net
+ipv4-c070-lax009-ix.1.oca.nflxvideo.net
+ipv4-c024-lax009-ix.1.oca.nflxvideo.net

bin/ca-certificates.crt

@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Sat Jun 12 22:07:57 2021 GMT
+## Certificate data from Mozilla as of: Thu Dec  9 22:21:11 2021 GMT
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
@@ -14,7 +14,7 @@
 ## Just configure this file as the SSLCACertificateFile.
 ##
 ## Conversion done with mk-ca-bundle.pl version 1.28.
-## SHA256: e292bd4e2d500c86df45b830d89417be5c42ee670408f1d2c454c63d8a782865
+## SHA256: bb36818a81feaa4cca61101e6d6276cd09e972efcb08112dfed846918ca41d7f
 ##
 
 
@@ -156,38 +156,6 @@ Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z
 12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
 
-QuoVadis Root CA
-================
------BEGIN CERTIFICATE-----
-MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE
-ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz
-MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp
-cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD
-EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk
-J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL
-F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL
-YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen
-AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w
-PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y
-ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7
-MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj
-YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs
-ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
-Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW
-Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu
-BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw
-FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6
-tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo
-fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul
-LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x
-gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi
-5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi
-5nrQNiOKSnQ2+Q==
------END CERTIFICATE-----
-
 QuoVadis Root CA 2
 ==================
 -----BEGIN CERTIFICATE-----
@@ -275,26 +243,6 @@ s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ
 FL39vmwLAw==
 -----END CERTIFICATE-----
 
-Sonera Class 2 Root CA
-======================
------BEGIN CERTIFICATE-----
-MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG
-U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw
-NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh
-IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3
-/Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT
-dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG
-f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P
-tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH
-nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT
-XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt
-0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI
-cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph
-Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx
-EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH
-llpwrN9M
------END CERTIFICATE-----
-
 XRamp Global CA Root
 ====================
 -----BEGIN CERTIFICATE-----
@@ -433,26 +381,6 @@ mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
 -----END CERTIFICATE-----
 
-DST Root CA X3
-==============
------BEGIN CERTIFICATE-----
-MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK
-ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X
-DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1
-cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT
-rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9
-UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy
-xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d
-utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T
-AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ
-MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug
-dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE
-GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw
-RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS
-fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
------END CERTIFICATE-----
-
 SwissSign Gold CA - G2
 ======================
 -----BEGIN CERTIFICATE-----
@@ -1194,27 +1122,6 @@ OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9
 vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
 
-Trustis FPS Root CA
-===================
------BEGIN CERTIFICATE-----
-MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG
-EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290
-IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV
-BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ
-RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk
-H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa
-cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt
-o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA
-AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd
-BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c
-GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC
-yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P
-8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV
-l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl
-iB6XzCGcKQENZetX2fNXlrtIzYE=
------END CERTIFICATE-----
-
 Buypass Class 2 Root CA
 =======================
 -----BEGIN CERTIFICATE-----
@@ -3136,3 +3043,190 @@ gLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZk
 vLtoURMMA/cVi4RguYv/Uo7njLwcAjA8+RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+
 CAezNIm8BZ/3Hobui3A=
 -----END CERTIFICATE-----
+
+GLOBALTRUST 2020
+================
+-----BEGIN CERTIFICATE-----
+MIIFgjCCA2qgAwIBAgILWku9WvtPilv6ZeUwDQYJKoZIhvcNAQELBQAwTTELMAkGA1UEBhMCQVQx
+IzAhBgNVBAoTGmUtY29tbWVyY2UgbW9uaXRvcmluZyBHbWJIMRkwFwYDVQQDExBHTE9CQUxUUlVT
+VCAyMDIwMB4XDTIwMDIxMDAwMDAwMFoXDTQwMDYxMDAwMDAwMFowTTELMAkGA1UEBhMCQVQxIzAh
+BgNVBAoTGmUtY29tbWVyY2UgbW9uaXRvcmluZyBHbWJIMRkwFwYDVQQDExBHTE9CQUxUUlVTVCAy
+MDIwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAri5WrRsc7/aVj6B3GyvTY4+ETUWi
+D59bRatZe1E0+eyLinjF3WuvvcTfk0Uev5E4C64OFudBc/jbu9G4UeDLgztzOG53ig9ZYybNpyrO
+VPu44sB8R85gfD+yc/LAGbaKkoc1DZAoouQVBGM+uq/ufF7MpotQsjj3QWPKzv9pj2gOlTblzLmM
+CcpL3TGQlsjMH/1WljTbjhzqLL6FLmPdqqmV0/0plRPwyJiT2S0WR5ARg6I6IqIoV6Lr/sCMKKCm
+fecqQjuCgGOlYx8ZzHyyZqjC0203b+J+BlHZRYQfEs4kUmSFC0iAToexIiIwquuuvuAC4EDosEKA
+A1GqtH6qRNdDYfOiaxaJSaSjpCuKAsR49GiKweR6NrFvG5Ybd0mN1MkGco/PU+PcF4UgStyYJ9OR
+JitHHmkHr96i5OTUawuzXnzUJIBHKWk7buis/UDr2O1xcSvy6Fgd60GXIsUf1DnQJ4+H4xj04KlG
+DfV0OoIu0G4skaMxXDtG6nsEEFZegB31pWXogvziB4xiRfUg3kZwhqG8k9MedKZssCz3AwyIDMvU
+clOGvGBG85hqwvG/Q/lwIHfKN0F5VVJjjVsSn8VoxIidrPIwq7ejMZdnrY8XD2zHc+0klGvIg5rQ
+mjdJBKuxFshsSUktq6HQjJLyQUp5ISXbY9e2nKd+Qmn7OmMCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
+AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFNwuH9FhN3nkq9XVsxJxaD1qaJwiMB8GA1Ud
+IwQYMBaAFNwuH9FhN3nkq9XVsxJxaD1qaJwiMA0GCSqGSIb3DQEBCwUAA4ICAQCR8EICaEDuw2jA
+VC/f7GLDw56KoDEoqoOOpFaWEhCGVrqXctJUMHytGdUdaG/7FELYjQ7ztdGl4wJCXtzoRlgHNQIw
+4Lx0SsFDKv/bGtCwr2zD/cuz9X9tAy5ZVp0tLTWMstZDFyySCstd6IwPS3BD0IL/qMy/pJTAvoe9
+iuOTe8aPmxadJ2W8esVCgmxcB9CpwYhgROmYhRZf+I/KARDOJcP5YBugxZfD0yyIMaK9MOzQ0MAS
+8cE54+X1+NZK3TTN+2/BT+MAi1bikvcoskJ3ciNnxz8RFbLEAwW+uxF7Cr+obuf/WEPPm2eggAe2
+HcqtbepBEX4tdJP7wry+UUTF72glJ4DjyKDUEuzZpTcdN3y0kcra1LGWge9oXHYQSa9+pTeAsRxS
+vTOBTI/53WXZFM2KJVj04sWDpQmQ1GwUY7VA3+vA/MRYfg0UFodUJ25W5HCEuGwyEn6CMUO+1918
+oa2u1qsgEu8KwxCMSZY13At1XrFP1U80DhEgB3VDRemjEdqso5nCtnkn4rnvyOL2NSl6dPrFf4IF
+YqYK6miyeUcGbvJXqBUzxvd4Sj1Ce2t+/vdG6tHrju+IaFvowdlxfv1k7/9nR4hYJS8+hge9+6jl
+gqispdNpQ80xiEmEU5LAsTkbOYMBMMTyqfrQA71yN2BWHzZ8vTmR9W0Nv3vXkg==
+-----END CERTIFICATE-----
+
+ANF Secure Server Root CA
+=========================
+-----BEGIN CERTIFICATE-----
+MIIF7zCCA9egAwIBAgIIDdPjvGz5a7EwDQYJKoZIhvcNAQELBQAwgYQxEjAQBgNVBAUTCUc2MzI4
+NzUxMDELMAkGA1UEBhMCRVMxJzAlBgNVBAoTHkFORiBBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lv
+bjEUMBIGA1UECxMLQU5GIENBIFJhaXoxIjAgBgNVBAMTGUFORiBTZWN1cmUgU2VydmVyIFJvb3Qg
+Q0EwHhcNMTkwOTA0MTAwMDM4WhcNMzkwODMwMTAwMDM4WjCBhDESMBAGA1UEBRMJRzYzMjg3NTEw
+MQswCQYDVQQGEwJFUzEnMCUGA1UEChMeQU5GIEF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uMRQw
+EgYDVQQLEwtBTkYgQ0EgUmFpejEiMCAGA1UEAxMZQU5GIFNlY3VyZSBTZXJ2ZXIgUm9vdCBDQTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANvrayvmZFSVgpCjcqQZAZ2cC4Ffc0m6p6zz
+BE57lgvsEeBbphzOG9INgxwruJ4dfkUyYA8H6XdYfp9qyGFOtibBTI3/TO80sh9l2Ll49a2pcbnv
+T1gdpd50IJeh7WhM3pIXS7yr/2WanvtH2Vdy8wmhrnZEE26cLUQ5vPnHO6RYPUG9tMJJo8gN0pcv
+B2VSAKduyK9o7PQUlrZXH1bDOZ8rbeTzPvY1ZNoMHKGESy9LS+IsJJ1tk0DrtSOOMspvRdOoiXse
+zx76W0OLzc2oD2rKDF65nkeP8Nm2CgtYZRczuSPkdxl9y0oukntPLxB3sY0vaJxizOBQ+OyRp1RM
+VwnVdmPF6GUe7m1qzwmd+nxPrWAI/VaZDxUse6mAq4xhj0oHdkLePfTdsiQzW7i1o0TJrH93PB0j
+7IKppuLIBkwC/qxcmZkLLxCKpvR/1Yd0DVlJRfbwcVw5Kda/SiOL9V8BY9KHcyi1Swr1+KuCLH5z
+JTIdC2MKF4EA/7Z2Xue0sUDKIbvVgFHlSFJnLNJhiQcND85Cd8BEc5xEUKDbEAotlRyBr+Qc5RQe
+8TZBAQIvfXOn3kLMTOmJDVb3n5HUA8ZsyY/b2BzgQJhdZpmYgG4t/wHFzstGH6wCxkPmrqKEPMVO
+Hj1tyRRM4y5Bu8o5vzY8KhmqQYdOpc5LMnndkEl/AgMBAAGjYzBhMB8GA1UdIwQYMBaAFJxf0Gxj
+o1+TypOYCK2Mh6UsXME3MB0GA1UdDgQWBBScX9BsY6Nfk8qTmAitjIelLFzBNzAOBgNVHQ8BAf8E
+BAMCAYYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEATh65isagmD9uw2nAalxJ
+UqzLK114OMHVVISfk/CHGT0sZonrDUL8zPB1hT+L9IBdeeUXZ701guLyPI59WzbLWoAAKfLOKyzx
+j6ptBZNscsdW699QIyjlRRA96Gejrw5VD5AJYu9LWaL2U/HANeQvwSS9eS9OICI7/RogsKQOLHDt
+dD+4E5UGUcjohybKpFtqFiGS3XNgnhAY3jyB6ugYw3yJ8otQPr0R4hUDqDZ9MwFsSBXXiJCZBMXM
+5gf0vPSQ7RPi6ovDj6MzD8EpTBNO2hVWcXNyglD2mjN8orGoGjR0ZVzO0eurU+AagNjqOknkJjCb
+5RyKqKkVMoaZkgoQI1YS4PbOTOK7vtuNknMBZi9iPrJyJ0U27U1W45eZ/zo1PqVUSlJZS2Db7v54
+EX9K3BR5YLZrZAPbFYPhor72I5dQ8AkzNqdxliXzuUJ92zg/LFis6ELhDtjTO0wugumDLmsx2d1H
+hk9tl5EuT+IocTUW0fJz/iUrB0ckYyfI+PbZa/wSMVYIwFNCr5zQM378BvAxRAMU8Vjq8moNqRGy
+g77FGr8H6lnco4g175x2MjxNBiLOFeXdntiP2t7SxDnlF4HPOEfrf4htWRvfn0IUrn7PqLBmZdo3
+r5+qPeoott7VMVgWglvquxl1AnMaykgaIZOQCo6ThKd9OyMYkomgjaw=
+-----END CERTIFICATE-----
+
+Certum EC-384 CA
+================
+-----BEGIN CERTIFICATE-----
+MIICZTCCAeugAwIBAgIQeI8nXIESUiClBNAt3bpz9DAKBggqhkjOPQQDAzB0MQswCQYDVQQGEwJQ
+TDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkxGTAXBgNVBAMTEENlcnR1bSBFQy0zODQgQ0EwHhcNMTgwMzI2
+MDcyNDU0WhcNNDMwMzI2MDcyNDU0WjB0MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERh
+dGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx
+GTAXBgNVBAMTEENlcnR1bSBFQy0zODQgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATEKI6rGFtq
+vm5kN2PkzeyrOvfMobgOgknXhimfoZTy42B4mIF4Bk3y7JoOV2CDn7TmFy8as10CW4kjPMIRBSqn
+iBMY81CE1700LCeJVf/OTOffph8oxPBUw7l8t1Ot68KjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD
+VR0OBBYEFI0GZnQkdjrzife81r1HfS+8EF9LMA4GA1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNo
+ADBlAjADVS2m5hjEfO/JUG7BJw+ch69u1RsIGL2SKcHvlJF40jocVYli5RsJHrpka/F2tNQCMQC0
+QoSZ/6vnnvuRlydd3LBbMHHOXjgaatkl5+r3YZJW+OraNsKHZZYuciUvf9/DE8k=
+-----END CERTIFICATE-----
+
+Certum Trusted Root CA
+======================
+-----BEGIN CERTIFICATE-----
+MIIFwDCCA6igAwIBAgIQHr9ZULjJgDdMBvfrVU+17TANBgkqhkiG9w0BAQ0FADB6MQswCQYDVQQG
+EwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0Ew
+HhcNMTgwMzE2MTIxMDEzWhcNNDMwMzE2MTIxMDEzWjB6MQswCQYDVQQGEwJQTDEhMB8GA1UEChMY
+QXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDRLY67tzbqbTeRn06TpwXkKQMlzhyC93yZn0EGze2jusDbCSzBfN8p
+fktlL5On1AFrAygYo9idBcEq2EXxkd7fO9CAAozPOA/qp1x4EaTByIVcJdPTsuclzxFUl6s1wB52
+HO8AU5853BSlLCIls3Jy/I2z5T4IHhQqNwuIPMqw9MjCoa68wb4pZ1Xi/K1ZXP69VyywkI3C7Te2
+fJmItdUDmj0VDT06qKhF8JVOJVkdzZhpu9PMMsmN74H+rX2Ju7pgE8pllWeg8xn2A1bUatMn4qGt
+g/BKEiJ3HAVz4hlxQsDsdUaakFjgao4rpUYwBI4Zshfjvqm6f1bxJAPXsiEodg42MEx51UGamqi4
+NboMOvJEGyCI98Ul1z3G4z5D3Yf+xOr1Uz5MZf87Sst4WmsXXw3Hw09Omiqi7VdNIuJGmj8PkTQk
+fVXjjJU30xrwCSss0smNtA0Aq2cpKNgB9RkEth2+dv5yXMSFytKAQd8FqKPVhJBPC/PgP5sZ0jeJ
+P/J7UhyM9uH3PAeXjA6iWYEMspA90+NZRu0PqafegGtaqge2Gcu8V/OXIXoMsSt0Puvap2ctTMSY
+njYJdmZm/Bo/6khUHL4wvYBQv3y1zgD2DGHZ5yQD4OMBgQ692IU0iL2yNqh7XAjlRICMb/gv1SHK
+HRzQ+8S1h9E6Tsd2tTVItQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSM+xx1
+vALTn04uSNn5YFSqxLNP+jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIBAEii1QAL
+LtA/vBzVtVRJHlpr9OTy4EA34MwUe7nJ+jW1dReTagVphZzNTxl4WxmB82M+w85bj/UvXgF2Ez8s
+ALnNllI5SW0ETsXpD4YN4fqzX4IS8TrOZgYkNCvozMrnadyHncI013nR03e4qllY/p0m+jiGPp2K
+h2RX5Rc64vmNueMzeMGQ2Ljdt4NR5MTMI9UGfOZR0800McD2RrsLrfw9EAUqO0qRJe6M1ISHgCq8
+CYyqOhNf6DR5UMEQGfnTKB7U0VEwKbOukGfWHwpjscWpxkIxYxeU72nLL/qMFH3EQxiJ2fAyQOaA
+4kZf5ePBAFmo+eggvIksDkc0C+pXwlM2/KfUrzHN/gLldfq5Jwn58/U7yn2fqSLLiMmq0Uc9Nneo
+WWRrJ8/vJ8HjJLWG965+Mk2weWjROeiQWMODvA8s1pfrzgzhIMfatz7DP78v3DSk+yshzWePS/Tj
+6tQ/50+6uaWTRRxmHyH6ZF5v4HaUMst19W7l9o/HuKTMqJZ9ZPskWkoDbGs4xugDQ5r3V7mzKWmT
+OPQD8rv7gmsHINFSH5pkAnuYZttcTVoP0ISVoDwUQwbKytu4QTbaakRnh6+v40URFWkIsr4WOZck
+bxJF0WddCajJFdr60qZfE2Efv4WstK2tBZQIgx51F9NxO5NQI1mg7TyRVJ12AMXDuDjb
+-----END CERTIFICATE-----
+
+TunTrust Root CA
+================
+-----BEGIN CERTIFICATE-----
+MIIFszCCA5ugAwIBAgIUEwLV4kBMkkaGFmddtLu7sms+/BMwDQYJKoZIhvcNAQELBQAwYTELMAkG
+A1UEBhMCVE4xNzA1BgNVBAoMLkFnZW5jZSBOYXRpb25hbGUgZGUgQ2VydGlmaWNhdGlvbiBFbGVj
+dHJvbmlxdWUxGTAXBgNVBAMMEFR1blRydXN0IFJvb3QgQ0EwHhcNMTkwNDI2MDg1NzU2WhcNNDQw
+NDI2MDg1NzU2WjBhMQswCQYDVQQGEwJUTjE3MDUGA1UECgwuQWdlbmNlIE5hdGlvbmFsZSBkZSBD
+ZXJ0aWZpY2F0aW9uIEVsZWN0cm9uaXF1ZTEZMBcGA1UEAwwQVHVuVHJ1c3QgUm9vdCBDQTCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMPN0/y9BFPdDCA61YguBUtB9YOCfvdZn56eY+hz
+2vYGqU8ftPkLHzmMmiDQfgbU7DTZhrx1W4eI8NLZ1KMKsmwb60ksPqxd2JQDoOw05TDENX37Jk0b
+bjBU2PWARZw5rZzJJQRNmpA+TkBuimvNKWfGzC3gdOgFVwpIUPp6Q9p+7FuaDmJ2/uqdHYVy7BG7
+NegfJ7/Boce7SBbdVtfMTqDhuazb1YMZGoXRlJfXyqNlC/M4+QKu3fZnz8k/9YosRxqZbwUN/dAd
+gjH8KcwAWJeRTIAAHDOFli/LQcKLEITDCSSJH7UP2dl3RxiSlGBcx5kDPP73lad9UKGAwqmDrViW
+VSHbhlnUr8a83YFuB9tgYv7sEG7aaAH0gxupPqJbI9dkxt/con3YS7qC0lH4Zr8GRuR5KiY2eY8f
+Tpkdso8MDhz/yV3A/ZAQprE38806JG60hZC/gLkMjNWb1sjxVj8agIl6qeIbMlEsPvLfe/ZdeikZ
+juXIvTZxi11Mwh0/rViizz1wTaZQmCXcI/m4WEEIcb9PuISgjwBUFfyRbVinljvrS5YnzWuioYas
+DXxU5mZMZl+QviGaAkYt5IPCgLnPSz7ofzwB7I9ezX/SKEIBlYrilz0QIX32nRzFNKHsLA4KUiwS
+VXAkPcvCFDVDXSdOvsC9qnyW5/yeYa1E0wCXAgMBAAGjYzBhMB0GA1UdDgQWBBQGmpsfU33x9aTI
+04Y+oXNZtPdEITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFAaamx9TffH1pMjThj6hc1m0
+90QhMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAqgVutt0Vyb+zxiD2BkewhpMl
+0425yAA/l/VSJ4hxyXT968pk21vvHl26v9Hr7lxpuhbI87mP0zYuQEkHDVneixCwSQXi/5E/S7fd
+Ao74gShczNxtr18UnH1YeA32gAm56Q6XKRm4t+v4FstVEuTGfbvE7Pi1HE4+Z7/FXxttbUcoqgRY
+YdZ2vyJ/0Adqp2RT8JeNnYA/u8EH22Wv5psymsNUk8QcCMNE+3tjEUPRahphanltkE8pjkcFwRJp
+adbGNjHh/PqAulxPxOu3Mqz4dWEX1xAZufHSCe96Qp1bWgvUxpVOKs7/B9dPfhgGiPEZtdmYu65x
+xBzndFlY7wyJz4sfdZMaBBSSSFCp61cpABbjNhzI+L/wM9VBD8TMPN3pM0MBkRArHtG5Xc0yGYuP
+jCB31yLEQtyEFpslbei0VXF/sHyz03FJuc9SpAQ/3D2gu68zngowYI7bnV2UqL1g52KAdoGDDIzM
+MEZJ4gzSqK/rYXHv5yJiqfdcZGyfFoxnNidF9Ql7v/YQCvGwjVRDjAS6oz/v4jXH+XTgbzRB0L9z
+ZVcg+ZtnemZoJE6AZb0QmQZZ8mWvuMZHu/2QeItBcy6vVR/cO5JyboTT0GFMDcx2V+IthSIVNg3r
+AZ3r2OvEhJn7wAzMMujjd9qDRIueVSjAi1jTkD5OGwDxFa2DK5o=
+-----END CERTIFICATE-----
+
+HARICA TLS RSA Root CA 2021
+===========================
+-----BEGIN CERTIFICATE-----
+MIIFpDCCA4ygAwIBAgIQOcqTHO9D88aOk8f0ZIk4fjANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQG
+EwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u
+cyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0EgUm9vdCBDQSAyMDIxMB4XDTIxMDIxOTEwNTUz
+OFoXDTQ1MDIxMzEwNTUzN1owbDELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgUlNB
+IFJvb3QgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIvC569lmwVnlskN
+JLnQDmT8zuIkGCyEf3dRywQRNrhe7Wlxp57kJQmXZ8FHws+RFjZiPTgE4VGC/6zStGndLuwRo0Xu
+a2s7TL+MjaQenRG56Tj5eg4MmOIjHdFOY9TnuEFE+2uva9of08WRiFukiZLRgeaMOVig1mlDqa2Y
+Ulhu2wr7a89o+uOkXjpFc5gH6l8Cct4MpbOfrqkdtx2z/IpZ525yZa31MJQjB/OCFks1mJxTuy/K
+5FrZx40d/JiZ+yykgmvwKh+OC19xXFyuQnspiYHLA6OZyoieC0AJQTPb5lh6/a6ZcMBaD9YThnEv
+dmn8kN3bLW7R8pv1GmuebxWMevBLKKAiOIAkbDakO/IwkfN4E8/BPzWr8R0RI7VDIp4BkrcYAuUR
+0YLbFQDMYTfBKnya4dC6s1BG7oKsnTH4+yPiAwBIcKMJJnkVU2DzOFytOOqBAGMUuTNe3QvboEUH
+GjMJ+E20pwKmafTCWQWIZYVWrkvL4N48fS0ayOn7H6NhStYqE613TBoYm5EPWNgGVMWX+Ko/IIqm
+haZ39qb8HOLubpQzKoNQhArlT4b4UEV4AIHrW2jjJo3Me1xR9BQsQL4aYB16cmEdH2MtiKrOokWQ
+CPxrvrNQKlr9qEgYRtaQQJKQCoReaDH46+0N0x3GfZkYVVYnZS6NRcUk7M7jAgMBAAGjQjBAMA8G
+A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFApII6ZgpJIKM+qTW8VX6iVNvRLuMA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPpBIqm5iFSVmewzVjIuJndftTgfvnNAUX15QvWiWkKQU
+EapobQk1OUAJ2vQJLDSle1mESSmXdMgHHkdt8s4cUCbjnj1AUz/3f5Z2EMVGpdAgS1D0NTsY9FVq
+QRtHBmg8uwkIYtlfVUKqrFOFrJVWNlar5AWMxajaH6NpvVMPxP/cyuN+8kyIhkdGGvMA9YCRotxD
+QpSbIPDRzbLrLFPCU3hKTwSUQZqPJzLB5UkZv/HywouoCjkxKLR9YjYsTewfM7Z+d21+UPCfDtcR
+j88YxeMn/ibvBZ3PzzfF0HvaO7AWhAw6k9a+F9sPPg4ZeAnHqQJyIkv3N3a6dcSFA1pj1bF1BcK5
+vZStjBWZp5N99sXzqnTPBIWUmAD04vnKJGW/4GKvyMX6ssmeVkjaef2WdhW+o45WxLM0/L5H9MG0
+qPzVMIho7suuyWPEdr6sOBjhXlzPrjoiUevRi7PzKzMHVIf6tLITe7pTBGIBnfHAT+7hOtSLIBD6
+Alfm78ELt5BGnBkpjNxvoEppaZS3JGWg/6w/zgH7IS79aPib8qXPMThcFarmlwDB31qlpzmq6YR/
+PFGoOtmUW4y/Twhx5duoXNTSpv4Ao8YWxw/ogM4cKGR0GQjTQuPOAF1/sdwTsOEFy9EgqoZ0njnn
+kf3/W9b3raYvAwtt41dU63ZTGI0RmLo=
+-----END CERTIFICATE-----
+
+HARICA TLS ECC Root CA 2021
+===========================
+-----BEGIN CERTIFICATE-----
+MIICVDCCAdugAwIBAgIQZ3SdjXfYO2rbIvT/WeK/zjAKBggqhkjOPQQDAzBsMQswCQYDVQQGEwJH
+UjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+QTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9vdCBDQSAyMDIxMB4XDTIxMDIxOTExMDExMFoX
+DTQ1MDIxMzExMDEwOVowbDELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWlj
+IGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgRUNDIFJv
+b3QgQ0EgMjAyMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDgI/rGgltJ6rK9JOtDA4MM7KKrxcm1l
+AEeIhPyaJmuqS7psBAqIXhfyVYf8MLA04jRYVxqEU+kw2anylnTDUR9YSTHMmE5gEYd103KUkE+b
+ECUqqHgtvpBBWJAVcqeht6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUyRtTgRL+BNUW
+0aq8mm+3oJUZbsowDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMBHervjcToiwqfAi
+rcJRQO9gcS3ujwLEXQNwSaSS6sUUiHCm0w2wqsosQJz76YJumgIwK0eaB8bRwoF8yguWGEEbo/Qw
+CZ61IygNnxS2PFOiTAZpffpskcYqSUXm7LcT4Tps
+-----END CERTIFICATE-----

bin/release_version

@@ -1,8 +1,7 @@
-1.4.4
+1.6.3
+1.5.1
 1.3.0
 1.2.0
 1.1.0
-1.0.0beta17
 1.0.0beta11
-1.0.0beta5
 0.9.7

bin/version

@@ -1,5 +1,6 @@
-clashnet_v=1.7.3
-versionsh=1.4.4-test
-clash_v=1.7.1
+clashnet_v=v1.7.6
 clashpre_v=2021.09.15
-GeoIP_v=202109150303
+clash_v=v1.7.1
+meta_v=v1.12.0
+versionsh=1.6.3
+GeoIP_v=20220709

install.sh

@@ -9,9 +9,20 @@ echo "**                 欢迎使用                  **"
 echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
-
+dir_avail(){
+	df -h $1 |awk '{ for(i=1;i<=NF;i++){ if(NR==1){ arr[i]=$i; }else{ arr[i]=arr[i]" "$i; } } } END{ for(i=1;i<=NF;i++){ print arr[i]; } }' |grep Ava |awk '{print $2}'
+}
+setconfig(){
+	configpath=$clashdir/mark
+	[ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath
+}
 [ -f "/etc/storage/started_script.sh" ] && systype=Padavan && initdir='/etc/storage/started_script.sh'
-[ -f "/jffs/.asusrouter" ] && systype=asusrouter && initdir='/jffs/.asusrouter'
+[ -d "/jffs" ] && systype=asusrouter && { 
+	[ -f "/jffs/.asusrouter" ] && initdir='/jffs/.asusrouter'
+	[ -d "/jffs/scripts" ] && initdir='/jffs/scripts/nat-start' 
+	[ -z "$initdir" ] && initdir='/jffs/scripts/nat-start' && mkdir -p '/jffs/scripts'
+	}
+[ -f "/data/etc/crontabs/root" -a "$(dir_avail /etc)" = 0 ] && systype=mi_snapshot
 #检查root权限
 if [ "$USER" != "root" -a -z "$systype" ];then
 	echo 当前用户:$USER
@@ -20,6 +31,7 @@ if [ "$USER" != "root" -a -z "$systype" ];then
 	read -p "仍要安装？可能会产生未知错误！(1/0) > " res
 	[ "$res" != "1" ] && exit 1
 fi
+
 webget(){
 	#参数【$1】代表下载目录，【$2】代表在线地址
 	#参数【$3】代表输出显示，【$4】不启用重定向
@@ -27,6 +39,7 @@ webget(){
 		[ "$3" = "echooff" ] && progress='-s' || progress='-#'
 		[ -z "$4" ] && redirect='-L' || redirect=''
 		result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2)
+		[ -n "$(echo $result | grep -e ^2)" ] && result="200"
 	else
 		if wget --version > /dev/null 2>&1;then
 			[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
@@ -41,8 +54,8 @@ webget(){
 	fi
 }
 #检查更新
-[ -z "$url" ] && url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
-#选择版本
+url_cdn="https://raw.githubusercontents.com/juewuy/ShellClash"
+[ -z "$url" ] && url=$url_cdn
 echo -----------------------------------------------
 $echo "\033[33m请选择想要安装的版本：\033[0m"	
 $echo " 1 \033[32mShellclash正式版\033[0m"
@@ -50,28 +63,27 @@ $echo " 2 \033[31mShellclash测试版\033[0m"
 echo -----------------------------------------------
 read -p "请输入相应数字 > " num
 if [ -z $num ];then
-	echo 安装已取消
-	exit 1;
+	echo 安装已取消！ && exit 1;
 elif [ "$num" = "1" ];then
-	webget /tmp/clashrelease $url/bin/release_version echoon rediroff 2>/tmp/clashrelease
+	webget /tmp/clashrelease $url_cdn/master/bin/release_version echoon rediroff 2>/tmp/clashrelease
 	if [ "$result" = "200" ];then
 		release_new=$(cat /tmp/clashrelease | head -1)
-		url2="https://cdn.jsdelivr.net/gh/juewuy/ShellClash@$release_new"
+		url_dl="$url_cdn/$release_new"
 	else
 		echo "无法切换版本，尝试安装测试版！"
 	fi
 fi
-[ -z "$url2" ] && url2=$url
-webget /tmp/clashversion "$url2/bin/version" echooff
+[ -z "$url_dl" ] && url_dl=$url
+webget /tmp/clashversion "$url_dl/bin/version" echooff
 [ "$result" = "200" ] && versionsh=$(cat /tmp/clashversion | grep "versionsh" | awk -F "=" '{print $2}')
 [ -z "$release_new" ] && release_new=$versionsh
 rm -rf /tmp/clashversion
 rm -rf /tmp/clashrelease
-tarurl=$url2/bin/clashfm.tar.gz
+tarurl=$url_dl/bin/clashfm.tar.gz
 
 gettar(){
 	webget /tmp/clashfm.tar.gz $tarurl
-	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	[ "$result" != "200" ] && echo "文件下载失败,请尝试使用其他安装源！" && exit 1
 	$clashdir/start.sh stop 2>/dev/null
 	#解压
 	echo -----------------------------------------------
@@ -84,8 +96,8 @@ gettar(){
 	#判断系统类型写入不同的启动文件
 	if [ -f /etc/rc.common ];then
 			#设为init.d方式启动
-			mv $clashdir/clashservice /etc/init.d/clash
-			chmod  777 /etc/init.d/clash
+			cp -f $clashdir/clashservice /etc/init.d/clash
+			chmod 755 /etc/init.d/clash
 	else
 		[ -w /etc/systemd/system ] && sysdir=/etc/systemd/system
 		[ -w /usr/lib/systemd/system ] && sysdir=/usr/lib/systemd/system
@@ -96,19 +108,16 @@ gettar(){
 			systemctl daemon-reload
 		else
 			#设为保守模式启动
-			sed -i '/start_old=*/'d $clashdir/mark
-			echo start_old=已开启 >> $clashdir/mark
+			setconfig start_old 已开启
 		fi
 	fi
 	#修饰文件及版本号
 	shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash 
 	sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh
-	chmod  777 $clashdir/start.sh
-	sed -i '/versionsh_l=*/'d $clashdir/mark
-	echo versionsh_l=$release_new >> $clashdir/mark
+	chmod 755 $clashdir/start.sh
+	setconfig versionsh_l $release_new
 	#设置更新地址
-	sed -i '/update_url=*/'d $clashdir/mark
-	echo update_url=$url >> $clashdir/mark
+	[ -n "$url" ] && setconfig update_url $url
 	#设置环境变量	
 	[ -w /opt/etc/profile ] && profile=/opt/etc/profile
 	[ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
@@ -124,10 +133,25 @@ gettar(){
 		exit 1
 	fi
 	#华硕/Padavan额外设置
-	[ -n "$systype" ] && sed -i '/ShellClash初始化/'d $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
+	[ -n "$initdir" ] && {
+		sed -i '/ShellClash初始化/'d $initdir && touch $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
+		setconfig initdir $initdir
+		}
+	#小米镜像化OpenWrt额外设置
+	if [ "$systype" = "mi_snapshot" ];then
+		chmod 755 $clashdir/misnap_init.sh
+		uci set firewall.ShellClash=include
+		uci set firewall.ShellClash.type='script'
+		uci set firewall.ShellClash.path='/data/clash/misnap_init.sh'
+		uci set firewall.ShellClash.enabled='1'
+		uci commit firewall
+		setconfig systype $systype
+	else
+		rm -rf $clashdir/misnap_init.sh
+		rm -rf $clashdir/clashservice
+	fi
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
-	rm -rf $clashdir/clashservice
 	rm -rf $clashdir/clash.service
 }
 #下载及安装
@@ -147,6 +171,7 @@ setdir(){
 if [ -n "$systype" ];then
 	[ "$systype" = "Padavan" ] && dir=/etc/storage
 	[ "$systype" = "asusrouter" ] && dir=/jffs
+	[ "$systype" = "mi_snapshot" ] && dir=/data
 else
 	echo -----------------------------------------------
 	$echo "\033[33m安装ShellClash至少需要预留约1MB的磁盘空间\033[0m"	
@@ -183,10 +208,11 @@ else
 		exit 1;
 	fi
 fi
+
 if [ ! -w $dir ];then
 	$echo "\033[31m没有$dir目录写入权限！请重新设置！\033[0m" && sleep 1 && setdir
 else
-	$echo "目标目录\033[32m$dir\033[0m空间剩余：$(df -h $dir | awk '{print $4}' | sed 1d )"
+	$echo "目标目录\033[32m$dir\033[0m空间剩余：$(dir_avail $dir)"
 	read -p "确认安装？(1/0) > " res
 	[ "$res" = "1" ] && clashdir=$dir/clash || setdir
 fi
@@ -195,7 +221,7 @@ fi
 #输出
 $echo "最新版本：\033[32m$release_new\033[0m"
 echo -----------------------------------------------
-$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/ShellClash \033[0m"
 $echo "\033[37m支持各种基于openwrt的路由器设备"
 $echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
 

rules/ShellClash.ini

@@ -0,0 +1,43 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanAD.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanProgramAD.list
+ruleset=📢 谷歌FCM,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/GoogleFCM.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Netflix.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Global-Services/Netflix.list
+ruleset=🎥 DisneyP,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/DisneyPlus.list
+ruleset=Ⓜ️ 微软服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Microsoft.list
+ruleset=🍎 苹果服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Apple.list
+ruleset=📲 电报消息,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Telegram.list
+ruleset=🌍 国外媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyMedia.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+custom_proxy_group=🚀 节点选择`select`[]♻️ 自动选择`[]📺 省流节点`[]👍 高级节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🚀 手动切换`select`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🛑 广告拦截`select`[]DIRECT`[]REJECT
+custom_proxy_group=📲 电报消息`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=📢 谷歌FCM`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎥 NETFLIX`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 DisneyP`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🌍 国外媒体`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=Ⓜ️ 微软服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🍎 苹果服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🚀 节点选择`[]♻️ 自动选择`[]DIRECT`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=🎥 流媒体解锁`select`(NF|原生|奈飞|解锁|流媒|迪士尼|N.*D|Netflix|NETFLIX|Media|Disn|Unlock)
+custom_proxy_group=📺 省流节点`url-test`(0\.[0-5]|低倍率|省流|大流量)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=👍 高级节点`url-test`(专线|专用|高级|直连|急速|高倍率|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇭🇰 香港节点`url-test`(港|HK|Hong Kong)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇯🇵 日韩节点`url-test`(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|KR|Korea|KOR|首尔|韩|韓)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇺🇲 美国节点`url-test`(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States)`http://www.gstatic.com/generate_204`300,,150
+custom_proxy_group=🇨🇳 台湾节点`url-test`(台|新北|彰化|TW|Taiwan)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇸🇬 新加坡节点`url-test`(新加坡|坡|狮城|SG|Singapore)`http://www.gstatic.com/generate_204`300,,50
+
+enable_rule_generator=true
+overwrite_original_rules=true

rules/ShellClash_Block.ini

@@ -0,0 +1,48 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanAD.list
+ruleset=🍃 应用净化,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanProgramAD.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyList.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyListChina.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyPrivacy.list
+ruleset=📢 谷歌FCM,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/GoogleFCM.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Netflix.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Global-Services/Netflix.list
+ruleset=🎥 DisneyP,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/DisneyPlus.list
+ruleset=Ⓜ️ 微软服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Microsoft.list
+ruleset=🍎 苹果服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Apple.list
+ruleset=📲 电报消息,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Telegram.list
+ruleset=🌍 国外媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyMedia.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+custom_proxy_group=🚀 节点选择`select`[]♻️ 自动选择`[]📺 省流节点`[]👍 高级节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🚀 手动切换`select`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🛑 广告拦截`select`[]REJECT`[]DIRECT
+custom_proxy_group=🍃 应用净化`select`[]REJECT`[]DIRECT
+custom_proxy_group=🆎 增强拦截`select`[]DIRECT`[]REJECT
+custom_proxy_group=📲 电报消息`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=📢 谷歌FCM`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎥 NETFLIX`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 DisneyP`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🌍 国外媒体`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=Ⓜ️ 微软服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🍎 苹果服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🚀 节点选择`[]♻️ 自动选择`[]DIRECT`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=🎥 流媒体解锁`select`(NF|原生|奈飞|解锁|流媒|迪士尼|N.*D|Netflix|NETFLIX|Media|Disn|Unlock)
+custom_proxy_group=📺 省流节点`url-test`(0\.[0-5]|低倍率|省流|大流量)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=👍 高级节点`url-test`(专线|专用|高级|直连|急速|高倍率|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇭🇰 香港节点`url-test`(港|HK|Hong Kong)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇯🇵 日韩节点`url-test`(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|KR|Korea|KOR|首尔|韩|韓)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇺🇲 美国节点`url-test`(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States)`http://www.gstatic.com/generate_204`300,,150
+custom_proxy_group=🇨🇳 台湾节点`url-test`(台|新北|彰化|TW|Taiwan)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇸🇬 新加坡节点`url-test`(新加坡|坡|狮城|SG|Singapore)`http://www.gstatic.com/generate_204`300,,50
+
+enable_rule_generator=true
+overwrite_original_rules=true

rules/ShellClash_Full.ini

@@ -0,0 +1,60 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/UnBan.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanAD.list
+ruleset=🍃 应用净化,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanProgramAD.list
+ruleset=📢 谷歌FCM,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/GoogleFCM.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Netflix.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Global-Services/Netflix.list
+ruleset=🎥 DisneyP,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/DisneyPlus.list
+ruleset=🎥 YouTube,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/YouTube.list
+ruleset=📺 哔哩海外,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/BilibiliHMT.list
+ruleset=Ⓜ️ 微软服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Microsoft.list
+ruleset=🍎 苹果服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Apple.list
+ruleset=📲 电报消息,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Telegram.list
+ruleset=🎮 外服游戏,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Game.list
+ruleset=🌍 国外媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyMedia.list
+ruleset=🌏 国内媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaMedia.list
+ruleset=🎶 网易音乐,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/NetEaseMusic.list
+ruleset=📺 巴哈姆特,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Bahamut.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Download.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+
+custom_proxy_group=🚀 节点选择`select`[]♻️ 自动选择`[]📺 省流节点`[]👍 高级节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🚀 手动切换`select`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🛑 广告拦截`select`[]DIRECT`[]REJECT
+custom_proxy_group=🍃 应用净化`select`[]DIRECT`[]REJECT
+custom_proxy_group=🎮 外服游戏`select`[]🎯 全球直连`[]🎮 游戏节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=📲 电报消息`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=📢 谷歌FCM`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎥 NETFLIX`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 DisneyP`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 YouTube`select`[]📺 省流节点`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=📺 哔哩海外`select`[]🎯 全球直连`[]🇨🇳 台湾节点`[]🇭🇰 香港节点
+custom_proxy_group=🌍 国外媒体`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🌏 国内媒体`select`[]DIRECT`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=Ⓜ️ 微软服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🍎 苹果服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=📺 巴哈姆特`select`[]🇨🇳 台湾节点`[]🚀 节点选择`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🎶 网易音乐`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择`(网易|音乐|解锁|Music|NetEase)
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🚀 节点选择`[]♻️ 自动选择`[]DIRECT`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=🎮 游戏节点`select`(游戏|Game|game|加速)`
+custom_proxy_group=🎥 流媒体解锁`select`(NF|奈飞|解锁|Netflix|NETFLIX|Media)
+custom_proxy_group=📺 省流节点`url-test`(0\.[0-5]|低倍率|省流|大流量)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=👍 高级节点`url-test`(专线|专用|高级|直连|急速|高倍率|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇭🇰 香港节点`url-test`(港|HK|Hong Kong)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇯🇵 日韩节点`url-test`(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|KR|Korea|KOR|首尔|韩|韓)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇺🇲 美国节点`url-test`(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States)`http://www.gstatic.com/generate_204`300,,150
+custom_proxy_group=🇨🇳 台湾节点`url-test`(台|新北|彰化|TW|Taiwan)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇸🇬 新加坡节点`url-test`(新加坡|坡|狮城|SG|Singapore)`http://www.gstatic.com/generate_204`300,,50
+
+enable_rule_generator=true
+overwrite_original_rules=true

rules/ShellClash_Full_Block.ini

@@ -0,0 +1,65 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/UnBan.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanAD.list
+ruleset=🍃 应用净化,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanProgramAD.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyList.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyListChina.list
+ruleset=🆎 增强拦截,rules/ACL4SSR/Clash/BanEasyPrivacy.list
+ruleset=📢 谷歌FCM,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/GoogleFCM.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Netflix.list
+ruleset=🎥 NETFLIX,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Global-Services/Netflix.list
+ruleset=🎥 DisneyP,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/DisneyPlus.list
+ruleset=🎥 YouTube,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/YouTube.list
+ruleset=📺 哔哩海外,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/BilibiliHMT.list
+ruleset=Ⓜ️ 微软服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Microsoft.list
+ruleset=🍎 苹果服务,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Apple.list
+ruleset=📲 电报消息,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Telegram.list
+ruleset=🎮 外服游戏,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Game.list
+ruleset=🌍 国外媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyMedia.list
+ruleset=🌏 国内媒体,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaMedia.list
+ruleset=🎶 网易音乐,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/NetEaseMusic.list
+ruleset=📺 巴哈姆特,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Bahamut.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Download.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+custom_proxy_group=🚀 节点选择`select`[]♻️ 自动选择`[]📺 省流节点`[]👍 高级节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🚀 手动切换`select`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🛑 广告拦截`select`[]REJECT`[]DIRECT
+custom_proxy_group=🍃 应用净化`select`[]REJECT`[]DIRECT
+custom_proxy_group=🆎 增强拦截`select`[]DIRECT`[]REJECT
+custom_proxy_group=🎮 外服游戏`select`[]🎯 全球直连`[]🎮 游戏节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=📲 电报消息`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=📢 谷歌FCM`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🎥 NETFLIX`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 DisneyP`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=🎥 YouTube`select`[]📺 省流节点`[]👍 高级节点`[]🇸🇬 新加坡节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 节点选择
+custom_proxy_group=📺 哔哩海外`select`[]🎯 全球直连`[]🇨🇳 台湾节点`[]🇭🇰 香港节点
+custom_proxy_group=🌍 国外媒体`select`[]🚀 节点选择`[]♻️ 自动选择`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🌏 国内媒体`select`[]DIRECT`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=Ⓜ️ 微软服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=🍎 苹果服务`select`[]DIRECT`[]🚀 节点选择`[]🇺🇲 美国节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🚀 手动切换
+custom_proxy_group=📺 巴哈姆特`select`[]🇨🇳 台湾节点`[]🚀 节点选择`[]🚀 手动切换`[]DIRECT
+custom_proxy_group=🎶 网易音乐`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择`(网易|音乐|解锁|Music|NetEase)
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🚀 节点选择`[]♻️ 自动选择`[]DIRECT`[]📺 省流节点`[]🇭🇰 香港节点`[]🇨🇳 台湾节点`[]🇸🇬 新加坡节点`[]🇯🇵 日韩节点`[]🇺🇲 美国节点`[]🚀 手动切换
+custom_proxy_group=🎮 游戏节点`select`(游戏|Game|game|加速)`
+custom_proxy_group=🎥 流媒体解锁`select`(NF|奈飞|解锁|Netflix|NETFLIX|Media)
+custom_proxy_group=📺 省流节点`url-test`(0\.[0-5]|低倍率|省流|大流量)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=👍 高级节点`url-test`(专线|专用|高级|直连|急速|高倍率|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇭🇰 香港节点`url-test`(港|HK|Hong Kong)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇯🇵 日韩节点`url-test`(日本|川日|东京|大阪|泉日|埼玉|沪日|深日|[^-]日|JP|Japan|KR|Korea|KOR|首尔|韩|韓)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇺🇲 美国节点`url-test`(美|波特兰|达拉斯|俄勒冈|凤凰城|费利蒙|硅谷|拉斯维加斯|洛杉矶|圣何塞|圣克拉拉|西雅图|芝加哥|US|United States)`http://www.gstatic.com/generate_204`300,,150
+custom_proxy_group=🇨🇳 台湾节点`url-test`(台|新北|彰化|TW|Taiwan)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🇸🇬 新加坡节点`url-test`(新加坡|坡|狮城|SG|Singapore)`http://www.gstatic.com/generate_204`300,,50
+
+
+
+enable_rule_generator=true
+overwrite_original_rules=true

rules/ShellClash_Mini.ini

@@ -0,0 +1,28 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanAD.list
+ruleset=🛑 广告拦截,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/BanProgramAD.list
+ruleset=🎥 奈飞解锁,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/Netflix.list
+ruleset=🎥 奈飞解锁,https://raw.githubusercontent.com/LM-Firefly/Rules/master/Global-Services/Netflix.list
+ruleset=🎥 奈飞解锁,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/Ruleset/DisneyPlus.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+custom_proxy_group=🚀 节点选择`select`[]🔯 故障转移`[]♻️ 自动选择`[]📺 省流节点`[]👍 高级节点`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🔯 故障转移首选`select`.*
+custom_proxy_group=🔯 故障转移`fallback`[]🔯 故障转移首选`[]👍 高级节点`[]♻️ 自动选择`http://www.gstatic.com/generate_204`180
+custom_proxy_group=🛑 广告拦截`select`[]DIRECT`[]REJECT
+custom_proxy_group=🎥 奈飞解锁`select`[]🎥 流媒体解锁`[]👍 高级节点`[]🔯 故障转移`[]🚀 节点选择
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🔯 故障转移`[]🚀 节点选择`[]📺 省流节点`[]♻️ 自动选择`[]DIRECT
+custom_proxy_group=🎥 流媒体解锁`select`(NF|奈飞|解锁|Netflix|NETFLIX|Media)
+custom_proxy_group=📺 省流节点`url-test`(0\.[0-5]|低倍率|省流|大流量)`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=👍 高级节点`url-test`(专线|专用|高级|直连|急速|高倍率|IEPL|IPLC|AIA|CTM|CC|iepl|iplc|aia|ctm|cc)`http://www.gstatic.com/generate_204`300,,50
+
+enable_rule_generator=true
+overwrite_original_rules=true

rules/ShellClash_Nano.ini

@@ -0,0 +1,16 @@
+[custom]
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/LocalAreaNetwork.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/GoogleCN.list
+ruleset=🚀 节点选择,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ProxyLite.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaDomain.list
+ruleset=🎯 全球直连,https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/ChinaCompanyIp.list
+ruleset=🎯 全球直连,[]GEOIP,CN
+ruleset=🐟 漏网之鱼,[]FINAL
+
+custom_proxy_group=🚀 节点选择`select`[]♻️ 自动选择`select`.*
+custom_proxy_group=♻️ 自动选择`url-test`.*`http://www.gstatic.com/generate_204`300,,50
+custom_proxy_group=🎯 全球直连`select`[]DIRECT`[]🚀 节点选择`[]♻️ 自动选择
+custom_proxy_group=🐟 漏网之鱼`select`[]🚀 节点选择`[]♻️ 自动选择`[]DIRECT
+
+enable_rule_generator=true
+overwrite_original_rules=true

scripts/clash.service

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=simple
 User=root
-ExecStart=/etc/clash/clash -d /etc/clash
+ExecStart=/etc/clash/clash -d /etc/clash >/dev/null
 ExecStartPost=/etc/clash/start.sh afstart
 Restart=on-failure
 RestartSec=3s
@@ -13,4 +13,4 @@ LimitNOFILE=999999
 
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target

scripts/clash.sh

@@ -4,7 +4,7 @@
 #读取配置相关
 getconfig(){
 	#服务器缺省地址
-	[ -z "$update_url" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash
+	[ -z "$update_url" ] && update_url=https://raw.githubusercontents.com/juewuy/ShellClash
 	#文件路径
 	[ -z "$clashdir" ] && echo 环境变量配置有误！请重新安装脚本！
 	ccfg=$clashdir/mark
@@ -22,7 +22,7 @@ getconfig(){
 	[ -z "$redir_port" ] && redir_port=7892
 	[ -z "$db_port" ] && db_port=9999
 	[ -z "$dns_port" ] && dns_port=1053
-	[ -z "$multiport" ] && multiport='53,587,465,995,993,143,80,443'
+	[ -z "$multiport" ] && multiport='22,53,587,465,995,993,143,80,443,8080'
 	[ -z "$local_proxy" ] && local_proxy=未开启
 	#检查mac地址记录
 	[ ! -f $clashdir/mac ] && touch $clashdir/mac
@@ -35,26 +35,21 @@ getconfig(){
 	[ -d /www/clash ] && dbdir=/www/clash && hostdir=/clash
 	#开机自启检测
 	if [ -f /etc/rc.common ];then
-		[ -n "$(find /etc/rc.d -name '*clash')" ] && autostart=enable_rc || autostart=disable_rc
+		[ -n "$(find /etc/rc.d -name '*clash')" ] && autostart=enable || autostart=disable
 	elif [ -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
-		[ -n "$(systemctl is-enabled clash.service 2>&1 | grep enable)" ] && autostart=enable_sys || autostart=disable_sys
+		[ -n "$(systemctl is-enabled clash.service 2>&1 | grep enable)" ] && autostart=enable || autostart=disable
+	else
+		[ -f $clashdir/.dis_startup ] && autostart=disable || autostart=enable
 	fi
 	#开机自启描述
-	if [ "$start_old" = "已开启" ]; then
-		auto="\033[32m保守模式\033[0m"
-		auto1="代理本机：\033[36m$local_proxy\033[0m"
-	elif [ "$autostart" = "enable_rc" -o "$autostart" = "enable_sys" ]; then
+	if [ "$autostart" = "enable" ]; then
 		auto="\033[32m已设置开机启动！\033[0m"
 		auto1="\033[36m禁用\033[0mclash开机启动"
-	elif [ "$autostart" = "disable_rc" -o "$autostart" = "disable_sys" ]; then
+	else
 		auto="\033[31m未设置开机启动！\033[0m"
 		auto1="\033[36m允许\033[0mclash开机启动"
-	else
-		auto="\033[32m保守模式\033[0m"
-		auto1="代理本机：\033[36m$local_proxy\033[0m"
 	fi
 	#获取运行模式
-	[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式
 	[ -z "$redir_mod" ] && redir_mod=纯净模式
 	#获取运行状态
 	PID=$(pidof clash)
@@ -80,7 +75,7 @@ getconfig(){
 	if [ -n "$PID" ];then
 		echo -e "当前内存占用：\033[44m"$VmRSS"\033[0m，已运行：\033[46;30m"$day"\033[44;37m"$time"\033[0m"
 	fi
-	echo -e "TG群：\033[36;4mhttps://t.me/clashfm\033[0m"
+	echo -e "TG频道：\033[36;4mhttps://t.me/ShellClash\033[0m"
 	echo -----------------------------------------------
 	#检查新手引导
 	if [ -z "$userguide" ];then
@@ -136,14 +131,15 @@ checkrestart(){
 }
 #功能相关
 setport(){
+	source $ccfg
 	[ -z "$secret" ] && secret=未设置
 	[ -z "$authentication" ] && authentication=未设置
 	inputport(){
-		read -p "请输入端口号(1000-65535) > " portx
+		read -p "请输入端口号(1-65535) > " portx
 		if [ -z "$portx" ]; then
 			setport
-		elif [ $portx -gt 65535 -o $portx -le 999 ]; then
-			echo -e "\033[31m输入错误！请输入正确的数值(1000-65535)！\033[0m"
+		elif [ $portx -gt 65535 -o $portx -le 1 ]; then
+			echo -e "\033[31m输入错误！请输入正确的数值(1-65535)！\033[0m"
 			inputport
 		elif [ -n "$(echo $mix_port$redir_port$dns_port$db_port|grep $portx)" ]; then
 			echo -e "\033[31m输入错误！请不要输入重复的端口！\033[0m"
@@ -153,7 +149,6 @@ setport(){
 			inputport
 		else
 			setconfig $xport $portx 
-			$xport=$portx
 			echo -e "\033[32m设置成功！！！\033[0m"
 			setport
 		fi
@@ -187,9 +182,9 @@ setport(){
 			setconfig authentication
 			echo 密码已移除！
 		else
-			if [ "$local_proxy" = "已开启" ];then
+			if [ "$local_proxy" = "已开启" -a "$local_type" = "环境变量" ];then
 				echo -----------------------------------------------
-				echo -e "\033[33m请先禁用本机代理功能！\033[0m"
+				echo -e "\033[33m请先禁用本机代理功能或使用增强模式！\033[0m"
 				sleep 1
 			else
 				authentication=$(echo $input | grep :)
@@ -236,7 +231,7 @@ setport(){
 		setport
 	elif [ "$num" = 8 ]; then
 		echo -----------------------------------------------
-		echo -e "\033[33m此处可以更改脚本内置的host地址\033[0m"
+		echo -e "\033[33m此处可以更改脚本内置的局域网设备IP地址\033[0m"
 		echo -e "\033[31m设置后如本机host地址有变动，请务必手动修改！\033[0m"
 		echo -----------------------------------------------
 		read -p "请输入自定义host地址(输入0移除自定义host) > " host
@@ -259,6 +254,9 @@ setport(){
 setdns(){
 	[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
 	[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
+	[ -z "$ipv6_dns" ] && ipv6_dns=已开启
+	[ -z "$dns_redir" ] && dns_redir=未开启
+	[ -z "$dns_no" ] && dns_no=未禁用
 	echo -----------------------------------------------
 	echo -e "当前基础DNS：\033[32m$dns_nameserver\033[0m"
 	echo -e "fallbackDNS：\033[36m$dns_fallback\033[0m"
@@ -268,8 +266,10 @@ setdns(){
 	echo -e " 1 修改\033[32m基础DNS\033[0m"
 	echo -e " 2 修改\033[36mfallback_DNS\033[0m"
 	echo -e " 3 \033[33m重置\033[0mDNS配置"
-	echo -e " 4 禁用内置DNS(慎用)"
-	echo -e " 5 使用\033[32m加密DNS\033[0m"
+	echo -e " 4 一键配置\033[32m加密DNS\033[0m"
+	echo -e " 5 ipv6_dns解析：	\033[36m$ipv6_dns\033[0m	————建议开启"
+	echo -e " 6 Dnsmasq转发：	\033[36m$dns_redir\033[0m	————用于解决dns劫持失败的问题"
+	echo -e " 7 禁用内置DNS：	\033[36m$dns_no\033[0m	————不明勿动"
 	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
@@ -283,6 +283,7 @@ setdns(){
 			echo -e "\033[32m设置成功！！！\033[0m"
 		fi
 		setdns
+		
 	elif [ "$num" = 2 ]; then
 		read -p "请输入新的DNS > " dns_fallback
 		dns_fallback=$(echo $dns_fallback | sed 's/|/\,\ /g')
@@ -291,6 +292,7 @@ setdns(){
 			echo -e "\033[32m设置成功！！！\033[0m"
 		fi
 		setdns
+		
 	elif [ "$num" = 3 ]; then
 		dns_nameserver=""
 		dns_fallback=""
@@ -298,14 +300,8 @@ setdns(){
 		setconfig dns_fallback
 		echo -e "\033[33mDNS配置已重置！！！\033[0m"
 		setdns
+		
 	elif [ "$num" = 4 ]; then
-		echo -----------------------------------------------
-		echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用！\033[0m"
-		dns_no=已禁用
-		setconfig dns_no $dns_no
-		echo -e "\033[33m已禁用内置DNS！！！\033[0m"
-		setdns
-	elif [ "$num" = 5 ]; then
 		$clashdir/start.sh webget /tmp/ssl_test https://www.baidu.com echooff rediron skipceroff
 		if [ "$？" = "1" ];then
 			echo -----------------------------------------------
@@ -326,14 +322,57 @@ setdns(){
 		rm -rf /tmp/ssl_test
 		sleep 1
 		setdns
+		
+	elif [ "$num" = 5 ]; then
+		echo -----------------------------------------------
+		if [ "$ipv6_dns" = "未开启" ]; then 
+			echo -e "\033[32m开启成功！！\033[0m"
+			ipv6_dns=已开启
+		else
+			echo -e "\033[33m禁用成功！！\033[0m"
+			ipv6_dns=未开启
+		fi
+		sleep 1
+		setconfig ipv6_dns $ipv6_dns
+		setdns
+				
+	elif [ "$num" = 6 ]; then
+		echo -----------------------------------------------
+		if [ "$dns_redir" = "未开启" ]; then 
+			echo -e "\033[31m将使用OpenWrt中Dnsmasq插件自带的DNS转发功能转发DNS请求至clash内核！\033[0m"
+			echo -e "\033[33m启用后将禁用本插件自带的iptables转发功能\033[0m"
+			dns_redir=已开启
+			echo -e "\033[32m已启用Dnsmasq转发DNS功能！！！\033[0m"
+			sleep 1
+		else
+			echo -e "\033[33m禁用成功！！\033[0m"
+			dns_redir=未开启
+		fi
+		sleep 1
+		setconfig dns_redir $dns_redir
+		setdns
+	
+	elif [ "$num" = 7 ]; then
+		echo -----------------------------------------------
+		if [ "$dns_no" = "未禁用" ]; then
+			echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用！\033[0m"
+			dns_no=已禁用
+			echo -e "\033[32m已禁用内置DNS！！！\033[0m"
+		else
+			dns_no=未禁用
+			echo -e "\033[33m已启用内置DNS！！！\033[0m"
+		fi
+		sleep 1
+		setconfig dns_no $dns_no
+		setdns
 	fi
 }
 checkport(){
 	for portx in $dns_port $mix_port $redir_port $db_port ;do
-		if [ -n "$(netstat -ntul 2>&1 |grep :$portx)" ];then
+		if [ -n "$(netstat -ntul 2>&1 |grep \:$portx\ )" ];then
 			echo -----------------------------------------------
 			echo -e "检测到端口【$portx】被以下进程占用！clash可能无法正常启动！\033[33m"
-			echo $(netstat -ntulp | grep :$portx | head -n 1)
+			echo $(netstat -ntul | grep :$portx | head -n 1)
 			echo -e "\033[0m-----------------------------------------------"
 			echo -e "\033[36m请修改默认端口配置！\033[0m"
 			setport
@@ -481,8 +520,8 @@ localproxy(){
 	echo -e "\033[33m当前本机代理配置方式为：\033[32m$local_type\033[0m"
 	echo -----------------------------------------------
 	echo -e " 1 \033[36m$proxy_set本机代理\033[0m"
-	echo -e " 2 使用\033[32m环境变量\033[0m方式配置"
-	echo -e " 3 使用\033[32miptables增强模式\033[0m配置（仅支持Linux系统）"
+	echo -e " 2 使用\033[32m环境变量\033[0m方式配置(部分应用可能无法使用)"
+	echo -e " 3 使用\033[32miptables增强模式\033[0m配置(支持docker)"
 	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
@@ -501,13 +540,21 @@ localproxy(){
 			else
 				local_proxy=已开启
 				setconfig local_proxy $local_proxy
+				setconfig local_type $local_type
 				echo -e "\033[32m已经成功使用$local_type方式配置本机代理~\033[0m"
-				[ "$local_type" = "环境变量" ] && $clashdir/start.sh set_proxy $mix_port $db_port &&echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
-				[ "$local_type" = "iptables增强模式" ] && $clashdir/start.sh start
+				if [ "$local_type" = "环境变量" ];then
+					$clashdir/start.sh set_proxy $mix_port $db_port
+					echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m"
+				else
+					echo -e "\033[36m请重新启动clash服务！\033[0m"
+				fi
+				sleep 1
 			fi		
 		else
 			local_proxy=未开启
 			setconfig local_proxy $local_proxy
+			setconfig local_type
+			sed -i '/user shellclash/d' /etc/init.d/clash 2>/dev/null
 			$clashdir/start.sh stop
 			echo -e "\033[33m已经停用本机代理规则并停止clash服务！！\033[0m"
 			[ "$local_type" = "环境变量" ] && echo -e "\033[36m如未生效，请重新启动终端或重新连接SSH！\033[0m" && sleep 1
@@ -521,6 +568,9 @@ localproxy(){
 		if [ -w /etc/systemd/system/clash.service -o -w /usr/lib/systemd/system/clash.service -o -x /bin/su ];then
 			local_type="iptables增强模式"
 			setconfig local_type $local_type
+		elif [ -f /etc/rc.common -a -w /etc/passwd ]; then
+			local_type="iptables增强模式"
+			setconfig local_type $local_type
 		else
 			echo -e "\033[31m当前设备无法使用增强模式！\033[0m"
 			sleep 1
@@ -535,6 +585,11 @@ clashcfg(){
 		set_redir_config(){
 			setconfig redir_mod $redir_mod
 			setconfig dns_mod $dns_mod 
+			if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ] && [ "$clashcore" = "clash" ];then
+				rm -rf $bindir/clash
+				rm -rf $clashdir/clash
+				setconfig clashcore clash.meta
+			fi
 			echo -----------------------------------------------	
 			echo -e "\033[36m已设为 $redir_mod ！！\033[0m"
 		}
@@ -652,13 +707,41 @@ clashcfg(){
 			errornum
 		fi
 	}
-	
+	fake_ip_filter(){
+		echo -e "\033[32m用于解决Fake-ip模式下部分地址或应用无法连接的问题\033[0m"
+		echo -e "\033[31m脚本已经内置了大量地址，你只需要添加出现问题的地址！\033[0m"
+		echo -e "\033[36m示例：a.b.com"
+		echo -e "示例：*.b.com"
+		echo -e "示例：*.*.b.com\033[0m"
+		echo -----------------------------------------------
+		if [ -f $clashdir/fake_ip_filter ];then
+			echo -e "\033[33m已添加Fake-ip过滤地址：\033[0m"
+			cat $clashdir/fake_ip_filter | awk '{print NR" "$1}'
+		else
+			echo -e "\033[33m你还未添加Fake-ip过滤地址\033[0m" 
+		fi
+		echo -----------------------------------------------
+		echo -e "\033[32m输入数字直接移除对应地址，输入地址直接添加！\033[0m"
+		read -p "请输入数字或地址 > " input
+		if [ -z "$input" -o "input" = 0 ];then
+			i=
+		elif [ "$input" -le "$(cat $clashdir/fake_ip_filter | wc -l)" ];then
+			sed -i "${input}d" $clashdir/fake_ip_filter	2>/dev/null
+			echo -e "\033[32m移除成功！\033[0m"	
+			fake_ip_filter
+		else
+			echo -e "你输入的地址是：\033[32m$input\033[0m"	
+			read -p "确认添加？(1/0) > " res
+			[ "$res" = 1 ] && echo $input >> $clashdir/fake_ip_filter || fake_ip_filter
+		fi
+	}
 	#获取设置默认显示
 	[ -z "$skip_cert" ] && skip_cert=已开启
 	[ -z "$common_ports" ] && common_ports=已开启
 	[ -z "$dns_mod" ] && dns_mod=redir_host
 	[ -z "$dns_over" ] && dns_over=已开启
 	[ -z "$cn_ip_route" ] && cn_ip_route=未开启
+	[ -z "$quic_rj" ] && quic_rj=未开启
 	[ -z "$(cat $clashdir/mac)" ] && mac_return=未开启 || mac_return=已启用
 	#
 	echo -----------------------------------------------
@@ -670,7 +753,10 @@ clashcfg(){
 	echo -e " 4 只代理常用端口： 	\033[36m$common_ports\033[0m   ————用于过滤P2P流量"
 	echo -e " 5 过滤局域网设备：	\033[36m$mac_return\033[0m   ————使用黑/白名单进行过滤"
 	echo -e " 6 设置本机代理服务:	\033[36m$local_proxy\033[0m   ————使本机流量经过clash内核"
-	echo -e " 7 CN_IP绕过内核:	\033[36m$cn_ip_route\033[0m   ————优化性能，不兼容Fake-ip"
+	echo -e " 7 屏蔽QUIC流量:	\033[36m$quic_rj\033[0m   ————优化视频性能"
+	[ "$dns_mod" = "fake-ip" ] && \
+	echo -e " 8 管理Fake-ip过滤列表" || \
+	echo -e " 8 CN_IP绕过内核:	\033[36m$cn_ip_route\033[0m   ————优化性能，不兼容Fake-ip"
 	echo -----------------------------------------------
 	echo -e " 0 返回上级菜单 \033[0m"
 	echo -----------------------------------------------
@@ -707,7 +793,7 @@ clashcfg(){
 	
 	elif [ "$num" = 4 ]; then	
 		echo -----------------------------------------------	
-		if [ "$common_ports" = "未开启" ] > /dev/null 2>&1; then 
+		if [ "$common_ports" = "未开启" ]; then 
 			echo -e "\033[33m已设为仅代理【$multiport】等常用端口！！\033[0m"
 			common_ports=已开启
 		else
@@ -726,27 +812,44 @@ clashcfg(){
 		sleep 1
 		clashcfg
 		
-	elif [ "$num" = 7 ]; then
+	elif [ "$num" = 7 ]; then	
 		echo -----------------------------------------------
-		if ! ipset -v >/dev/null 2>&1;then
-			echo -e "\033[31m当前设备缺少ipset模块，无法启用绕过功能！！\033[0m"
-			sleep 1
-		elif [ "$dns_mod" = "fake-ip" ];then
-			echo -e "\033[31m不支持fake-ip模式，请将DNS模式更换为Redir-host！！\033[0m"
-			sleep 1
+		if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" -o "$tproxy_mod" = "已开启" ];then
+			if [ "$quic_rj" = "未开启" ]; then 
+				echo -e "\033[33m已禁止QUCI流量通过clash内核！！\033[0m"
+				quic_rj=已启用
+			else
+				echo -e "\033[33m已取消禁止QUIC协议流量！！\033[0m"
+				quic_rj=未开启
+			fi
+			setconfig quic_rj $quic_rj
+		else
+			echo -e "\033[33m当前模式默认不会代理UDP流量，无需设置！！\033[0m"
+		fi
+		clashcfg	
+		
+	elif [ "$num" = 8 ]; then
+		echo -----------------------------------------------
+		if [ "$dns_mod" = "fake-ip" ];then
+			fake_ip_filter
 			clashcfg
 		else
-			if [ "$cn_ip_route" = "未开启" ]; then 
-				echo -e "\033[32m已开启CN_IP绕过内核功能！！\033[0m"
-				cn_ip_route=已开启
+			if ! ipset -v >/dev/null 2>&1;then
+				echo -e "\033[31m当前设备缺少ipset模块，无法启用绕过功能！！\033[0m"
 				sleep 1
 			else
-				echo -e "\033[33m已禁用CN_IP绕过内核功能！！\033[0m"
-				cn_ip_route=未开启
+				if [ "$cn_ip_route" = "未开启" ]; then 
+					echo -e "\033[32m已开启CN_IP绕过内核功能！！\033[0m"
+					cn_ip_route=已开启
+					sleep 1
+				else
+					echo -e "\033[33m已禁用CN_IP绕过内核功能！！\033[0m"
+					cn_ip_route=未开启
+				fi
+				setconfig cn_ip_route $cn_ip_route
 			fi
-			setconfig cn_ip_route $cn_ip_route
 		fi
-			clashcfg  	
+		clashcfg  	
 		
 	elif [ "$num" = 9 ]; then	
 		clashstart
@@ -767,7 +870,7 @@ clashadv(){
 	echo -e "\033[30;47m欢迎使用进阶模式菜单：\033[0m"
 	echo -e "\033[33m如您并不了解clash的运行机制，请勿更改本页面功能！\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 使用保守方式启动:	\033[36m$start_old\033[0m	————切换时会停止clash服务"
+	echo -e " 1 使用保守模式启动:	\033[36m$start_old\033[0m	————切换时会停止clash服务"
 	echo -e " 2 启用ipv6支持:	\033[36m$ipv6_support\033[0m	————实验性功能，可能不稳定"
 	echo -e " 3 Redir模式udp转发:	\033[36m$tproxy_mod\033[0m	————依赖iptables-mod-tproxy"
 	echo -e " 4 启用小闪存模式:	\033[36m$mini_clash\033[0m	————不保存核心及数据库文件"
@@ -784,6 +887,28 @@ clashadv(){
 		errornum
 	elif [ "$num" = 0 ]; then
 		i=
+	elif [ "$num" = 1 ]; then	
+		echo -----------------------------------------------
+		if [ "$start_old" = "未开启" ] > /dev/null 2>&1; then 
+			echo -e "\033[33m改为使用保守模式启动clash服务！！\033[0m"
+			echo -e "\033[31m注意：部分设备保守模式可能无法禁用开机启动！！\033[0m"
+			start_old=已开启
+			setconfig start_old $start_old
+			$clashdir/start.sh stop
+		else
+			if [ -f /etc/init.d/clash -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
+				echo -e "\033[32m改为使用默认方式启动clash服务！！\033[0m"
+				$clashdir/start.sh cronset "ShellClash初始化"
+				start_old=未开启
+				setconfig start_old $start_old
+				$clashdir/start.sh stop
+				
+			else
+				echo -e "\033[31m当前设备不支持以其他模式启动！！\033[0m"
+			fi
+		fi
+		sleep 1
+		clashadv 
 		
 	elif [ "$num" = 2 ]; then
 		echo -----------------------------------------------
@@ -797,29 +922,7 @@ clashadv(){
 			ipv6_support=未开启
 		fi
 		setconfig ipv6_support $ipv6_support
-		clashadv  
-		
-	elif [ "$num" = 1 ]; then	
-		echo -----------------------------------------------
-		if [ "$start_old" = "未开启" ] > /dev/null 2>&1; then 
-			echo -e "\033[33m改为使用保守方式启动clash服务！！\033[0m"
-			echo -e "\033[36m此模式兼容性更好但无法禁用开机启动！！\033[0m"
-			start_old=已开启
-			setconfig start_old $start_old
-			$clashdir/start.sh stop
-			sleep 2
-		else
-			if [ -f /etc/init.d/clash -o -w /etc/systemd/system -o -w /usr/lib/systemd/system ];then
-				echo -e "\033[32m改为使用默认方式启动clash服务！！\033[0m"
-				start_old=未开启
-				setconfig start_old $start_old
-				$clashdir/start.sh stop
-			else
-				echo -e "\033[31m当前设备不支持以其他模式启动！！\033[0m"
-				sleep 1
-			fi
-		fi
-		clashadv  
+		clashadv   
 		
 	elif [ "$num" = 3 ]; then	
 		echo -----------------------------------------------
@@ -914,10 +1017,9 @@ clashadv(){
 	elif [ "$num" = 7 ]; then
 		[ ! -f $clashdir/user.yaml ] && cat > $clashdir/user.yaml <<EOF
 #用于编写自定义设定(可参考https://lancellc.gitbook.io/clash)，例如
+#新版已经支持直接读取系统hosts(/etc/hosts)并写入配置文件，无需在此处添加！
+#新版meta内核已经支持yaml-v3，所有能在脚本中修改的条目请勿在此处配置以免报错！
 #port: 7890
-#hosts:
-#   '*.clash.dev': 127.0.0.1 
-#   'alpha.clash.dev': ::1
 EOF
 		[ ! -f $clashdir/rules.yaml ] && cat > $clashdir/rules.yaml <<EOF
 #用于编写自定义规则(此处规则将优先生效)，(可参考https://lancellc.gitbook.io/clash/clash-config-file/rules)：
@@ -972,12 +1074,93 @@ EOF
 		errornum
 	fi
 }
+streaming(){
+	[ -z "$netflix_pre" ] && netflix_pre=未开启
+	[ -z "$disneyP_pre" ] && disneyP_pre=未开启
+	[ -z "$streaming_int" ] && streaming_int=24
+	netflix_dir=$clashdir/streaming/Netflix_Domains.list
+	disneyp_dir=$clashdir/streaming/Disney_Plus_Domains.list
+	####
+	echo -e "\033[30;46m欢迎使用流媒体预解析功能：\033[0m"
+	echo -e "\033[33m感谢OpenClash项目提供相关域名数据库！\033[0m"
+	echo -e "\033[31m修改后需重启服务！\033[0m"
+	echo -----------------------------------------------
+	echo -e " 1 预解析\033[36mNetflix域名  	\033[33m$netflix_pre\033[0m"
+	echo -e " 2 预解析\033[36mDisney+域名  	\033[33m$disneyP_pre\033[0m"
+	echo -e " 3 设置预解析间隔	\033[32m$streaming_int小时\033[0m"
+	echo -e " 4 更新本地\033[32m域名数据库\033[0m"
+	echo -e " 0 返回上级菜单" 
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		errornum
+	elif [ "$num" = 0 ]; then
+		i=
+	elif [ "$num" = 1 ]; then	
+		echo -----------------------------------------------
+		if [ "$netflix_pre" = "未开启" ] > /dev/null 2>&1; then
+			echo -e "\033[33m已启用Netflix域名预解析功能！！\033[0m"
+			netflix_pre=已开启
+			sleep 1
+		else
+			echo -e "\033[31m已停用Netflix域名预解析功能！！\033[0m"
+			[ -f "$netflix_dir" ] && rm -rf $netflix_dir
+			netflix_pre=未开启
+		fi
+		setconfig netflix_pre $netflix_pre
+		sleep 1
+		streaming
+	elif [ "$num" = 2 ]; then	
+		echo -----------------------------------------------
+		if [ "$disneyP_pre" = "未开启" ] > /dev/null 2>&1; then
+			echo -e "\033[33m已启用Disney+域名预解析功能！！\033[0m"
+			disneyP_pre=已开启
+			sleep 1
+		else
+			echo -e "\033[31m已停用Disney+域名预解析功能！！\033[0m"
+			[ -f "$disneyp_dir" ] && rm -rf $disneyp_dir
+			disneyP_pre=未开启
+		fi
+		setconfig disneyP_pre $disneyP_pre
+		sleep 1
+		streaming
+	elif [ "$num" = 3 ]; then	
+		echo -----------------------------------------------
+		read -p "请输入刷新间隔(1-24小时,不支持小数) > " num
+			if [ -z "$num" ]; then 
+				errornum
+			elif [ $num -gt 24 ] || [ $num -lt 1 ]; then 
+				errornum
+			else	
+				streaming_int=$num
+				setconfig streaming_int $streaming_int
+				echo -e "\033[32m设置成功！！！\033[0m"
+			fi
+			sleep 1
+			streaming
+	elif [ "$num" = 4 ]; then
+		[ -f "$netflix_dir" ] && rm -rf $netflix_dir
+		[ -f "$disneyp_dir" ] && rm -rf $disneyp_dir
+		echo -----------------------------------------------
+		echo -e "\033[32m本地文件已清理，将在下次刷新时自动更新数据库文件！！！\033[0m"
+		sleep 1
+		streaming
+	else
+		errornum
+		streaming
+	fi		
+}
 tools(){
 	ssh_tools(){
-		[ -n "$(cat /etc/firewall.user 2>1 | grep '启用外网访问SSH服务')" ] && ssh_ol=禁止 || ssh_ol=开启
+		stop_iptables(){
+			iptables -t nat -D PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
+			ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 >/dev/null 2>&1
+		}
+		[ -n "$(cat /etc/firewall.user 2>&1 | grep '启用外网访问SSH服务')" ] && ssh_ol=禁止 || ssh_ol=开启
 		[ -z "$ssh_port" ] && ssh_port=10022
 		echo -----------------------------------------------
 		echo -e "\033[33m此功能仅针对使用Openwrt系统的设备生效，且不依赖clash服务\033[0m"
+		echo -e "\033[31m本功能不支持红米AX6S等镜像化系统设备，请勿尝试！\033[0m"
 		echo -----------------------------------------------
 		echo -e " 1 \033[32m修改\033[0m外网访问端口：\033[36m$ssh_port\033[0m"
 		echo -e " 2 \033[32m修改\033[0mSSH访问密码(请连续输入2次后回车)"
@@ -1003,6 +1186,7 @@ tools(){
 						ssh_port=$num
 						setconfig ssh_port $ssh_port
 						sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
+						stop_iptables
 						echo -e "\033[32m设置成功，请重新开启外网访问SSH功能！！！\033[0m"
 					fi
 				sleep 1
@@ -1016,11 +1200,14 @@ tools(){
 			elif [ "$num" = 3 ]; then	 
 				if [ "$ssh_ol" = "开启" ];then
 					iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
+					[ -n "$(command -v ip6tables)" ] && ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22
 					echo "iptables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
+					[ -n "$(command -v ip6tables)" ] && echo "ip6tables -t nat -A PREROUTING -p tcp -m multiport --dports $ssh_port -j REDIRECT --to-ports 22 #启用外网访问SSH服务" >> /etc/firewall.user
 					echo -----------------------------------------------
 					echo -e "已开启外网访问SSH功能！"
 				else
 					sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
+					stop_iptables
 					echo -----------------------------------------------
 					echo -e "已禁止外网访问SSH！"
 				fi
@@ -1029,19 +1216,23 @@ tools(){
 			fi
 			}
 	#获取设置默认显示
-	[ -n "$(cat /etc/crontabs/root 2>1| grep otapredownload)" ] && mi_update=禁用 || mi_update=启用
+	[ -n "$(cat /etc/crontabs/root 2>&1| grep otapredownload)" ] && mi_update=禁用 || mi_update=启用
+	[ "$mi_autoSSH" = "已启用" ] && mi_autoSSH_type=32m已启用 || mi_autoSSH_type=31m未启用
 	#
 	echo -----------------------------------------------
 	echo -e "\033[30;47m欢迎使用其他工具菜单：\033[0m"
 	echo -e "\033[33m本页工具可能无法兼容全部Linux设备，请酌情使用！\033[0m"
+	echo -e "磁盘占用/所在目录："
+	du -sh $clashdir
 	echo -----------------------------------------------
 	echo -e " 1 ShellClash测试菜单"
-	[ -f "/etc/firewall.user" ] && echo -e " 2 \033[32m配置\033[0m外网访问SSH"
-	#echo -e " 3 配置DDNS服务:	\033[36m$ipv6_support\033[0m	————待施工"
-	[ -x /usr/sbin/otapredownload ] && echo -e " 3 \033[33m$mi_update\033[0m小米系统自动更新"
-	#[ -w "/etc/config/firewall" ] && echo -e " 4 \033[32修复\033[0mRedir_host模式Netflix访问"
+	[ -f /etc/firewall.user ] && echo -e " 2 \033[32m配置\033[0m外网访问SSH"
+	[ -f /etc/config/ddns -a -d "/etc/ddns" ] && echo -e " 3 配置DDNS服务(需下载相关脚本)"
+	echo -e " 4 \033[32m流媒体增强\033[0m————用于解决流媒体解锁在TV应用上失效的问题"
+	[ -x /usr/sbin/otapredownload ] && echo -e " 5 \033[33m$mi_update\033[0m小米系统自动更新"
+	[ -f /usr/sbin/otapredownload ] && echo -e " 6 小米设备软固化SSH ———— \033[$mi_autoSSH_type \033[0m"
 	echo -----------------------------------------------
-	echo -e " 0 返回上级菜单 \033[0m"
+	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
 	if [ -z "$num" ]; then
@@ -1057,21 +1248,88 @@ tools(){
 		sleep 1
 		tools  
 		
-	elif [ -x /usr/sbin/otapredownload ] && [ "$num" = 3 ]; then	
-		[ "$mi_update" = "禁用" ] && sed -i "/otapredownload/d" /etc/crontabs/root || echo "15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >> /etc/crontabs/root	
+	elif [ "$num" = 3 ]; then
 		echo -----------------------------------------------
-		echo -e "已\033[33m$mi_update\033[0m小米路由器的自动启动，如未生效，请在官方APP中同步设置！"
+		if [ ! -f $clashdir/ShellDDNS.sh ];then
+			echo -e "正在获取在线脚本……"
+			$clashdir/start.sh webget /tmp/ShellDDNS.sh $update_url/tools/ShellDDNS.sh
+			if [ "$?" = "0" ];then
+				mv -f /tmp/ShellDDNS.sh $clashdir/ShellDDNS.sh
+				source $clashdir/ShellDDNS.sh
+			else
+				echo -e "\033[31m文件下载失败！\033[0m"
+			fi
+		else
+			source $clashdir/ShellDDNS.sh
+		fi
 		sleep 1
-		tools
+		tools  
 		
 	elif [ "$num" = 4 ]; then
-		sed -i "s/drop_invalid\ \'1\'/drop_invalid\ \'0\'/g" /etc/config/firewall
+		checkcfg=$(cat $ccfg)
 		echo -----------------------------------------------
-		read -P "已修复，是否立即重启设备使其生效？(1/0) > " res
-		[ "$res" = 1 ] && reboot
-		sleep 1
+		echo -e "\033[36m请选择实现方式(不建议同时开启)：\033[0m"
+		echo -e " 1 定时预解析流媒体DNS"
+		echo -e " 2 Meta内核专属tls域名嗅探(推荐) \033[33m$sniffer\033[0m"
+		echo -e " 0 返回上级菜单"
+		read -p "请输入对应数字 > " num
+		if [ -z "$num" ]; then
+			errornum
+		elif [ "$num" = 0 ]; then
+			i=
+		elif [ "$num" = 1 ]; then
+			streaming
+		elif [ "$num" = 2 ]; then
+			echo -----------------------------------------------
+			if [ "$sniffer" = "未启用" ];then
+				if [ "$clashcore" != "clash.meta" ];then
+					rm -rf $bindir/clash
+					clashcore=clash.meta
+					setconfig clashcore $clashcore
+					echo "已将clash内核切换为Meta内核！"
+				fi
+				sniffer=已启用
+			else
+				sniffer=未启用
+			fi
+			setconfig sniffer $sniffer
+			echo -e "\033[32m设置成功！\033[0m"
+			sleep 1
+		fi
+		if [ -n "$PID" ];then
+			checkcfg_new=$(cat $ccfg)
+			[ "$checkcfg" != "$checkcfg_new" ] && checkrestart
+		fi
 		tools
 		
+	elif [ -x /usr/sbin/otapredownload ] && [ "$num" = 5 ]; then	
+		[ "$mi_update" = "禁用" ] && sed -i "/otapredownload/d" /etc/crontabs/root || echo "15 3,4,5 * * * /usr/sbin/otapredownload >/dev/null 2>&1" >> /etc/crontabs/root	
+		echo -----------------------------------------------
+		echo -e "已\033[33m$mi_update\033[0m小米路由器的自动更新，如未生效，请在官方APP中同步设置！"
+		sleep 1
+		tools	
+		
+	elif [ -f /usr/sbin/otapredownload ] && [ "$num" = 6 ]; then
+		if [ "$mi_autoSSH" = "已启用" ];then
+			mi_autoSSH=禁用
+		else
+			if [ "$systype" = "mi_snapshot" ];then
+				echo -----------------------------------------------
+				echo -e "\033[33m本功能使用软件命令进行固化不保证100%成功！\033[0m"
+				echo -e "本功能需依赖clash服务，请确保clash为开机启动状态！"
+				echo -e "\033[33m如有问题请加群反馈：\033[36;4mhttps://t.me/ShellClash\033[0m"
+				read -p "请输入需要还原的SSH密码(不影响当前密码,回车可跳过) > " mi_autoSSH_pwd
+				mi_autoSSH=已启用
+				cp -f /etc/dropbear/dropbear_rsa_host_key $clashdir/dropbear_rsa_host_key 2>/dev/null
+				echo -e "\033[32m设置成功！\033[0m"
+				sleep 1
+			else
+				echo 不支持的设备！
+			fi
+		fi
+		setconfig mi_autoSSH $mi_autoSSH
+		setconfig mi_autoSSH_pwd $mi_autoSSH_pwd
+		tools		
 	else
 		errornum
 	fi
@@ -1085,7 +1343,7 @@ clashcron(){
 			[ ! -w "$crondir" ] && crondir="/etc/storage/cron/crontabs"
 			[ ! -w "$crondir" ] && crondir="/var/spool/cron/crontabs"
 			[ ! -w "$crondir" ] && crondir="/var/spool/cron"
-			[ ! -w "$crondir" ] && echo "你的设备不支持定时任务配置，脚本大量功能无法启用，请前往 https://t.me/clashfm 申请适配！"
+			[ ! -w "$crondir" ] && echo "你的设备不支持定时任务配置，脚本大量功能无法启用，请前往 https://t.me/ShellClash 申请适配！"
 			[ "$1" = "-l" ] && cat $crondir/$USER 2>/dev/null
 			[ -f "$1" ] && cat $1 > $crondir/$USER
 		fi
@@ -1168,7 +1426,6 @@ clashcron(){
 	#定时任务菜单
 	echo -----------------------------------------------
 	echo -e "\033[30;47m欢迎使用定时任务功能：\033[0m"
-	echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 	echo -----------------------------------------------
 	echo  -e "\033[33m已添加的定时任务：\033[36m"
 	croncmd -l | grep -oE ' #.*' 
@@ -1177,6 +1434,7 @@ clashcron(){
 	echo -e " 2 设置\033[31m定时停止\033[0mclash服务"
 	echo -e " 3 设置\033[32m定时开启\033[0mclash服务"
 	echo -e " 4 设置\033[33m定时更新\033[0m订阅并重启服务"
+	echo -e " 5 设置\033[33m定时更新\033[0m订阅但不重启服务"
 	echo -----------------------------------------------
 	echo -e " 0 返回上级菜单" 
 	read -p "请输入对应数字 > " num
@@ -1201,6 +1459,11 @@ clashcron(){
 		clashcron
 	elif [ "$num" = 4 ]; then	
 		cronname=更新订阅链接
+		cronset="$clashdir/start.sh getyaml && $clashdir/start.sh restart"
+		setcron	
+		clashcron
+	elif [ "$num" = 5 ]; then	
+		cronname=更新订阅但不重启
 		cronset="$clashdir/start.sh updateyaml"
 		setcron	
 		clashcron
@@ -1253,23 +1516,16 @@ clashsh(){
 
 	elif [ "$num" = 4 ]; then
 		echo -----------------------------------------------
-		if [ "$start_old" = "已开启" ];then
-			localproxy
-		elif [ "$autostart" = "enable_rc" ]; then
-			/etc/init.d/clash disable
-			cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
+		if [ "$autostart" = "enable" ]; then
+			[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
+			type systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1
+			touch $clashdir/.dis_startup
 			echo -e "\033[33m已禁止Clash开机启动！\033[0m"
-		elif [ "$autostart" = "disable_rc" ]; then
-			/etc/init.d/clash enable
+		elif [ "$autostart" = "disable" ]; then
+			[ -f /etc/rc.common ] && /etc/init.d/clash enable
+			type systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1
+			rm -rf $clashdir/.dis_startup
 			echo -e "\033[32m已设置Clash开机启动！\033[0m"
-		elif [ "$autostart" = "enable_sys" ]; then
-			systemctl disable clash.service > /dev/null 2>&1
-			echo -e "\033[33m已禁止Clash开机启动！\033[0m"
-		elif [ "$autostart" = "disable_sys" ]; then
-			systemctl enable clash.service > /dev/null 2>&1
-			echo -e "\033[32m已设置Clash开机启动！\033[0m"
-		else
-			echo -e "\033[32m当前系统不支持设置开启启动！\033[0m"
 		fi
 		clashsh
 
@@ -1320,7 +1576,11 @@ case "$1" in
 		echo "	-h 帮助列表"
 		echo "	-u 卸载脚本"
 		echo -----------------------------------------
-		echo "在线求助：t.me/clashfm"
+		echo "	$clashdir/start.sh start	启动服务"
+		echo "	$clashdir/start.sh stop		停止服务"
+		echo "	$clashdir/start.sh init		写入服务"
+		echo -----------------------------------------
+		echo "在线求助：t.me/ShellClash"
 		echo "官方博客：juewuy.github.io"
 		echo "发布页面：github.com/juewuy/ShellClash"
 		echo -----------------------------------------
@@ -1329,12 +1589,17 @@ case "$1" in
 		shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
 		$shtype -x $clashdir/clash.sh
 	;;
+	-st)
+		shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash
+		$shtype -x $clashdir/start.sh $2 $3 $4 $5 $6
+	;;
 	-u)
 		read -p "确认卸载ShellClash？（警告：该操作不可逆！）[1/0] " res
 		if [ "$res" = '1' ]; then
 			$clashdir/start.sh stop
 			$clashdir/start.sh cronset "clash服务"
 			$clashdir/start.sh cronset "订阅链接"
+			$clashdir/start.sh cronset "ShellClash初始化"
 			[ -w ~/.bashrc ] && profile=~/.bashrc
 			[ -w /etc/profile ] && profile=/etc/profile
 			sed -i '/alias clash=*/'d $profile
@@ -1349,6 +1614,7 @@ case "$1" in
 			rm -rf /etc/systemd/system/clash.service
 			rm -rf /usr/lib/systemd/system/clash.service
 			rm -rf /www/clash
+			rm -rf /tmp/clash_$USER
 			sed -Ei s/0:7890/7890:7890/g /etc/passwd
 			userdel -r shellclash 2>/dev/null
 			echo -----------------------------------------------

scripts/clashservice

@@ -14,28 +14,32 @@ BINDIR=$(cat $DIR/mark | grep bindir | awk -F "=" '{print $2}')
 start_service() {
 	#检测必须文件
 	$DIR/start.sh bfstart
-	#使用procd创建clash后台进程
-	procd_open_instance
-	procd_set_param respawn
-	procd_set_param stderr 1
-	procd_set_param stdout 1
-	procd_set_param command $BINDIR/clash -d $BINDIR
-	procd_close_instance
-	#其他设置
-	$DIR/start.sh afstart
+	if [ "$?" = "0" ];then
+		#使用procd创建clash后台进程
+		procd_open_instance
+		procd_set_param respawn
+		procd_set_param stderr 0
+		procd_set_param stdout 0
+		procd_set_param command $BINDIR/clash -d $BINDIR
+		procd_close_instance
+		#其他设置
+		$DIR/start.sh afstart
+	fi
 }
 
 start() {
 	if [ -z "$(pidof procd)" ];then
 		#检测必须文件
 		$DIR/start.sh bfstart
-		#创建后台进程
-		service_start  $BINDIR/clash -d $BINDIR
-		#其他设置
-		$DIR/start.sh afstart
-		#设置守护进程
-		$DIR/start.sh deamon
+		if [ "$?" = "0" ];then
+			#创建后台进程
+			service_start  $BINDIR/clash -d $BINDIR
+			#其他设置
+			$DIR/start.sh afstart
+			#设置守护进程
+			$DIR/start.sh deamon
+		fi
 	else
 		start_service
 	fi
-}
+}

scripts/getdate.sh

@@ -5,23 +5,17 @@
 linkconfig(){
 	echo -----------------------------------------------
 	echo 当前使用规则为：$rule_link
-	echo 1	ACL4SSR通用版无去广告（推荐）
-	echo 2	ACL4SSR精简全能版（推荐）
-	echo 3	ACL4SSR通用版+去广告加强
-	echo 4	ACL4SSR精简版+去广告加强
-	echo 5	ACL4SSR重度全分组+奈飞分流
-	echo 6	ACL4SSR重度全分组+去广告加强
-	echo 7	洞主规则精简版（推荐）
-	echo 8	洞主规则重度完整版
-	echo 9	神机规则高级版
-	echo 10	神机规则-回国专用
-	echo 11	李哥规则-墙洞专用
-	echo 12	基础规则-仅Geoip CN+Final
-	echo 13	网易云解锁-仅规则分组
-	echo 14	ACL4SSR重度全分组+谷歌优化
-	echo 15	ACL4SSR通用版+LM-Firefly游戏规则
-	echo 16	ACL4SSR精简版+LM-Firefly游戏规则
-	echo 17	ACL4SSR重度+LM-Firefly游戏规则
+	echo " 1	Acl4SSR全能优化版（推荐）"
+	echo " 2	Acl4SSR精简优化版（推荐）"
+	echo " 3	Acl4SSR全能优化+去广告增强"
+	echo " 4	Acl4SSR极简版（适合自建节点）"
+	echo " 5	Acl4SSR分流&游戏增强"
+	echo " 6	Acl4SSR分流&游戏&去广告增强（低性能设备慎用）"
+	echo " 7	洞主规则精简版（推荐）"
+	echo " 8	洞主规则重度完整版"
+	echo " 9	神机规则高级版"
+	echo " 10	神机规则-回国专用"
+	echo " 11	李哥规则-墙洞专用"
 	echo -----------------------------------------------
 	echo 0 返回上级菜单
 	read -p "请输入对应数字 > " num
@@ -40,12 +34,13 @@ linkconfig(){
 linkserver(){
 	echo -----------------------------------------------
 	echo -e "\033[36m以下为互联网采集的第三方服务器，具体安全性请自行斟酌！\033[0m"
+	echo -e "\033[32m感谢以下作者的无私奉献！！！\033[0m"
 	echo 当前使用后端为：$server_link
-	echo 1 subcon.dlj.tf
-	echo 2 api.dler.io
-	echo 3 api.wcc.best
-	echo 4 api2.tsutsu.cc
-	echo 5 api.v1.mk
+	echo 1 api.dler.io			（墙洞提供）
+	echo 2 sub.shellclash.cf	（作者提供）
+	echo 3 sub.xeton.dev		（SUB作者T大提供）
+	echo 4 sub.id9.cc			（品云提供）
+	echo 5 sub.maoxiongnet.com	（猫熊提供）
 	echo -----------------------------------------------
 	echo 0 返回上级菜单
 	read -p "请输入对应数字 > " num
@@ -64,7 +59,6 @@ linkserver(){
 linkfilter(){
 	[ -z "$exclude" ] && exclude="未设置"
 	echo -----------------------------------------------
-	echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 	echo -e "\033[33m当前过滤关键字：\033[47;30m$exclude\033[0m"
 	echo -----------------------------------------------
 	echo -e "\033[33m匹配关键字的节点会在导入时被【屏蔽】！！！\033[0m"
@@ -85,7 +79,6 @@ linkfilter(){
 linkfilter2(){
 	[ -z "$include" ] && include="未设置"
 	echo -----------------------------------------------
-	echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 	echo -e "\033[33m当前筛选关键字：\033[47;30m$include\033[0m"
 	echo -----------------------------------------------
 	echo -e "\033[33m仅有匹配关键字的节点才会被【导入】！！！\033[0m"
@@ -114,12 +107,14 @@ getyaml(){
 	fi
 }
 getlink(){
+	echo -----------------------------------------------
+	echo -e "\033[30;47m 欢迎使用在线生成配置文件功能！\033[0m"
+	echo -----------------------------------------------
 	#设置输入循环
 	i=1
 	while [ $i -le 99 ]
 	do
 		echo -----------------------------------------------
-		echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 		echo -e "\033[33m本功能依赖第三方在线subconverter服务实现，脚本本身不提供任何代理服务！\033[0m"
 		echo -e "\033[31m严禁使用本脚本从事任何非法活动，否则一切后果请自负！\033[0m"
 		echo -----------------------------------------------
@@ -134,6 +129,7 @@ getlink(){
 		echo -----------------------------------------------
 		read -p "请直接输入第${i}个链接或对应数字选项 > " link
 		test=$(echo $link | grep "://")
+		link=`echo ${link/\#*/''}`   #删除链接附带的注释内容
 		link=`echo ${link/\ \(*\)/''}`   #删除恶心的超链接内容
 		link=`echo ${link/*\&url\=/""}`   #将clash完整链接还原成单一链接
 		link=`echo ${link/\&config\=*/""}`   #将clash完整链接还原成单一链接
@@ -186,8 +182,12 @@ getlink(){
 } 
 getlink2(){
 	echo -----------------------------------------------
-	echo -e "\033[33m仅限导入完整clash配置文件链接！！！\033[0m"
-	echo -e "可使用\033[4;32mhttps://acl4ssr.netlify.app\033[0m在线生成配置文件"
+	echo -e "\033[32m仅限导入完整clash配置文件链接！！！\033[0m"
+	echo -----------------------------------------------
+	echo -e "\033[33m有流媒体需求，请使用\033[32m6-1在线生成配置文件功能！！！\033[0m"
+	echo -e "\033[33m如不了解机制，请使用\033[32m6-1在线生成配置文件功能！！！\033[0m"
+	echo -e "\033[33m如遇任何问题，请使用\033[32m6-1在线生成配置文件功能！！！\033[0m"
+	echo -e "\033[31m此功能可能会导致部分节点无法连接或者规则覆盖不完整！！！\033[0m"
 	echo -----------------------------------------------
 	echo -e "\033[33m0 返回上级菜单\033[0m"
 	echo -----------------------------------------------
@@ -255,7 +255,19 @@ clashlink(){
 		getlink
 	  
 	elif [ "$num" = 2 ];then
-		getlink2
+		echo -----------------------------------------------
+		echo -e "\033[33m此功能可能会导致严重bug，仅限熟练了解clash运行机制的用户使用！！！\033[0m"
+		echo -e "如你不熟悉clash机制或者使用此功能出现bug，请使用\033[32m在线生成配置文件功能！\033[0m"
+		echo -----------------------------------------------
+		read -p "是否继续？[1/0] > " res
+		if [ "$res" = '1' ]; then
+			getlink2
+		else
+			echo -----------------------------------------------
+			echo -e "\033[32m正在跳转……\033[0m"
+			sleep 1
+			getlink
+		fi
 		
 	elif [ "$num" = 3 ];then
 		yamlbak=$yaml.bak
@@ -307,8 +319,8 @@ clashlink(){
 #下载更新相关
 gettar(){
 	$clashdir/start.sh webget /tmp/clashfm.tar.gz $tarurl
-	[ "$?" = "1" ] && echo "文件下载失败！" && exit 1
-	$clashdir/start.sh stop
+	[ "$?" != "0" ] && echo "文件下载失败,请尝试使用其他安装源！" && exit 1
+	$clashdir/start.sh stop 2>/dev/null
 	#解压
 	echo -----------------------------------------------
 	echo 开始解压文件！
@@ -320,8 +332,8 @@ gettar(){
 	#判断系统类型写入不同的启动文件
 	if [ -f /etc/rc.common ];then
 			#设为init.d方式启动
-			mv $clashdir/clashservice /etc/init.d/clash
-			chmod  777 /etc/init.d/clash
+			cp -f $clashdir/clashservice /etc/init.d/clash
+			chmod +x /etc/init.d/clash
 	else
 		[ -w /etc/systemd/system ] && sysdir=/etc/systemd/system
 		[ -w /usr/lib/systemd/system ] && sysdir=/usr/lib/systemd/system
@@ -332,16 +344,16 @@ gettar(){
 			systemctl daemon-reload
 		else
 			#设为保守模式启动
-			sed -i '/start_old=*/'d $clashdir/mark
-			echo start_old=已开启 >> $clashdir/mark
+			setconfig start_old 已开启
 		fi
 	fi
 	#修饰文件及版本号
 	shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash 
 	sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh
-	chmod  777 $clashdir/start.sh
-	sed -i '/versionsh_l=*/'d $clashdir/mark
-	echo versionsh_l=$release_new >> $clashdir/mark
+	chmod +x $clashdir/start.sh
+	setconfig versionsh_l $release_new
+	#设置更新地址
+	[ -n "$url" ] && setconfig update_url $url
 	#设置环境变量	
 	[ -w /opt/etc/profile ] && profile=/opt/etc/profile
 	[ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
@@ -357,10 +369,25 @@ gettar(){
 		exit 1
 	fi
 	#华硕/Padavan额外设置
-	[ -n "$systype" ] && sed -i '/ShellClash初始化/'d $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
+	[ -n "$initdir" ] && {
+		sed -i '/ShellClash初始化/'d $initdir && touch $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
+		setconfig initdir $initdir
+		}
+	#小米镜像化OpenWrt额外设置
+	if [ "$systype" = "mi_snapshot" ];then
+		chmod +x $clashdir/misnap_init.sh
+		uci set firewall.ShellClash=include
+		uci set firewall.ShellClash.type='script'
+		uci set firewall.ShellClash.path='/data/clash/misnap_init.sh'
+		uci set firewall.ShellClash.enabled='1'
+		uci commit firewall
+		setconfig systype $systype
+	else
+		rm -rf $clashdir/misnap_init.sh
+		rm -rf $clashdir/clashservice
+	fi
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
-	rm -rf $clashdir/clashservice
 	rm -rf $clashdir/clash.service
 }
 getsh(){
@@ -384,7 +411,7 @@ getsh(){
 getcpucore(){
 	cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
 	[ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5"
-	[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && cpucore="armv7"
+	[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && [ ! -d /jffs/clash ] && cpucore="armv7"
 	[ -n "$(echo $cputype | grep -E "linux.*aarch64.*|linux.*armv8.*")" ] && cpucore="armv8"
 	[ -n "$(echo $cputype | grep -E "linux.*86.*")" ] && cpucore="386"
 	[ -n "$(echo $cputype | grep -E "linux.*86_64.*")" ] && cpucore="amd64"
@@ -401,7 +428,7 @@ setcpucore(){
 	echo -e "当前可供在线下载的处理器架构为："
 	echo $cpucore_list | awk -F " " '{for(i=1;i<=NF;i++) {print i" "$i }}'
 	echo -e "如果您的CPU架构未在以上列表中，请运行【uname -a】命令,并复制好返回信息"
-	echo -e "之后前往 t.me/clashfm 群提交或 github.com/juewuy/ShellClash 提交issue"
+	echo -e "之后前往 t.me/ShellClash 群提交或 github.com/juewuy/ShellClash 提交issue"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
 	setcpucore=$(echo $cpucore_list | awk '{print $"'"$num"'"}' )
@@ -425,12 +452,19 @@ getcore(){
 	$clashdir/start.sh webget /tmp/clash.new $corelink
 	if [ "$?" = "1" ];then
 		echo -e "\033[31m核心文件下载失败！\033[0m"
+		rm -rf /tmp/clash.new
 	else
-		echo -e "\033[32m$clashcore核心下载成功！\033[0m"
-		mv -f /tmp/clash.new $bindir/clash
-		chmod 777 $bindir/clash  #授予权限
-		setconfig clashcore $clashcore
-		setconfig clashv $version
+		chmod +x /tmp/clash.new && /tmp/clash.new -v >/dev/null 2>&1
+		if [ "$?" != 0 ];then
+			echo -e "\033[31m核心文件下载失败！\033[0m"
+			rm -rf /tmp/clash.new
+		else
+			echo -e "\033[32m$clashcore核心下载成功！\033[0m"
+			mv -f /tmp/clash.new $bindir/clash
+			chmod +x $bindir/clash 
+			setconfig clashcore $clashcore
+			setconfig clashv $version
+		fi
 	fi
 }
 setcore(){
@@ -449,10 +483,13 @@ setcore(){
 	echo "2 clashpre：  支持Tun模式、混合模式"
 	echo "(高级预览版)  内存占用更高"
 	echo
-	echo "3 clash.net： 支持vless/xtls"
-	echo "(.net定制版)  未测试，可能不稳定"
+	echo "3 clash.net： 支持部分vless协议"
+	echo "(.net定制版)  第三方定制内核"
 	echo
-	echo "4 手动指定处理器架构"
+	echo "4 clash.meta：支持大部分vless协议"
+	echo "(meta定制版)  第三方定制内核"
+	echo
+	echo "5 手动指定处理器架构"
 	echo -----------------------------------------------
 	echo 0 返回上级菜单 
 	read -p "请输入对应数字 > " num
@@ -473,6 +510,10 @@ setcore(){
 			version=$clashnet_v
 			getcore
 		elif [ "$num" = 4 ]; then
+			clashcore=clash.meta
+			version=$meta_v
+			getcore
+		elif [ "$num" = 5 ]; then
 			setcpucore
 			setcore
 		else
@@ -494,18 +535,22 @@ getgeo(){
 		echo -e "\033[32mGeoIP/CN_IP数据库文件下载成功！\033[0m"
 		Geo_v=$GeoIP_v
 		setconfig Geo_v $GeoIP_v
-		setconfig geotype $geotype
+		if [ "$geoname" = "Country.mmdb" ];then
+			geotype=$geotype
+			setconfig geotype $geotype
+		fi
 	fi
 }
 setgeo(){
 	echo -----------------------------------------------
-	[ "$geotype" = "Country.mmdb" ] && geo_type=全球版 || geo_type=精简版
-	[ -n "$geo_type" ] && echo -e "当前使用的是\033[47;30m$geo_type数据库\033[0m"
+	[ "$geotype" = "cn_mini.mmdb" ] && echo -e "当前使用的是\033[47;30m精简版数据库\033[0m" || echo -e "当前使用的是\033[47;30m全球版数据库\033[0m"
 	echo -e "\033[36m请选择需要更新/切换的GeoIP/CN_IP数据库：\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 由\033[32malecthw\033[0m提供的全球版GeoIP数据库(约4mb)"
-	echo -e " 2 由\033[32mHackl0us\033[0m提供的精简版CN-IP数据库(约0.1mb)"
-	echo -e " 3 由\033[32m17mon\033[0m提供的CN-IP文件(需启用CN_IP绕过内核功能，约0.1mb)"
+	echo -e " 1 由\033[32malecthw\033[0m提供的全球版GeoIP数据库(约6mb)"
+	echo -e " 2 由\033[32mHackl0us\033[0m提供的精简版CN-IP数据库(约0.2mb)"
+	echo -e " 3 由\033[32m17mon\033[0m提供的CN-IP文件(需启用CN_IP绕过内核功能，约0.2mb)"
+	[ "$clashcore" = "clash.meta" ] && \
+	echo -e " 4 由\033[32mLoyalsoldier\033[0m提供的GeoSite数据库(限Meta内核，约4.5mb)"
 	echo " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
@@ -527,6 +572,10 @@ setgeo(){
 			echo -e "\033[31m未开启绕过内核功能，无需更新CN-IP文件！！\033[0m"	
 			sleep 1
 		fi
+	elif [ "$num" = '4' ]; then
+		geotype=geosite.dat
+		geoname=geosite.dat
+		getgeo
 	else
 		update
 	fi
@@ -541,6 +590,7 @@ getdb(){
 		if [ "$res" = 1 ]; then
 			rm -rf /www/clash
 			rm -rf $clashdir/ui
+			rm -rf $bindir/ui
 		fi
 	fi
 	dblink="${update_url}/bin/${db_type}.tar.gz"
@@ -561,20 +611,17 @@ getdb(){
 			[ $? -ne 0 ] && echo "文件解压失败！" && rm -rf /tmp/clashfm.tar.gz && exit 1 
 		fi
 		#修改默认host和端口
-		if [ "$db_type" = "clashdb" ];then
+		if [ "$db_type" = "clashdb" -o "$db_type" = "meta_db" ];then
 			sed -i "s/127.0.0.1/${host}/g" $dbdir/assets/*.js
 			sed -i "s/9090/${db_port}/g" $dbdir/assets/*.js
 		else
 			sed -i "s/127.0.0.1:9090/${host}:${db_port}/g" $dbdir/*.html
 			#sed -i "s/7892/${db_port}/g" $dbdir/app*.js
 		fi
-		#如果clash在运行则重启clash服务
-		[ "$dbdir" != "/www/clash" ] && [ -n "$PID" ] && $clashdir/start.sh restart
 		#写入配置文件
 		setconfig hostdir \'$hostdir\'
 		echo -----------------------------------------------
 		echo -e "\033[32m面板安装成功！\033[0m"
-		echo -e "\033[36m请使用\033[32;4mhttp://$host$hostdir\033[0;36m访问面板\033[0m"
 		rm -rf /tmp/clashdb.tar.gz
 		sleep 1
 	fi
@@ -613,8 +660,10 @@ setdb(){
 	echo -e "请选择面板\033[33m安装类型：\033[0m"
 	echo -----------------------------------------------
 	echo -e " 1 安装\033[32m官方面板\033[0m(约500kb)"
-	echo -e " 2 安装\033[32mYacd面板\033[0m(约1.1mb)"
-	echo -e " 3 卸载\033[33m本地面板\033[0m"
+	echo -e " 2 安装\033[32mMeta面板\033[0m(约800kb)"
+	echo -e " 3 安装\033[32mYacd面板\033[0m(约1.1mb)"
+	echo -e " 4 安装\033[32mYacd-Meta魔改面板\033[0m(约1.5mb)"
+	echo -e " 5 卸载\033[33m本地面板\033[0m"
 	echo " 0 返回上级菜单"
 	read -p "请输入对应数字 > " num
 
@@ -623,14 +672,23 @@ setdb(){
 		dbdir
 		getdb
 	elif [ "$num" = '2' ]; then
-		db_type=yacd
+		db_type=meta_db
 		dbdir
 		getdb
 	elif [ "$num" = '3' ]; then
+		db_type=yacd
+		dbdir
+		getdb
+	elif [ "$num" = '4' ]; then
+		db_type=meta_yacd
+		dbdir
+		getdb
+	elif [ "$num" = '5' ]; then
 		read -p "确认卸载本地面板？(1/0) > " res
 		if [ "$res" = 1 ];then
 			rm -rf /www/clash
 			rm -rf $clashdir/ui
+			rm -rf $bindir/ui
 			echo -----------------------------------------------
 			echo -e "\033[31m面板已经卸载！\033[0m"
 			sleep 1
@@ -662,6 +720,7 @@ getcrt(){
 }
 setcrt(){
 	openssldir=$(openssl version -a 2>&1 | grep OPENSSLDIR | awk -F "\"" '{print $2}')
+	[ -z "$openssldir" ] && openssldir=/etc/ssl
 	if [ -n "$openssldir" ];then
 		crtdir="$openssldir/certs/ca-certificates.crt"
 		echo -----------------------------------------------
@@ -691,6 +750,7 @@ setserver(){
 	saveserver(){
 		#写入mark文件
 		setconfig update_url \'$update_url\'
+		setconfig release_url \'$release_url\'
 		echo -----------------------------------------------
 		echo -e "\033[32m源地址更新成功！\033[0m"
 		release_new=""
@@ -699,29 +759,46 @@ setserver(){
 	echo -e "\033[30;47m切换ShellClash版本及更新源地址\033[0m"
 	echo -e "当前源地址：\033[4;32m$update_url\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 \033[32m正式版\033[0m&Jsdelivr-CDN源(推荐)"
-	echo -e " 2 \033[36m测试版\033[0m&Jsdelivr-CDN源"
-	echo -e " 3 \033[36m测试版\033[0m&Github源(需开启clash服务）"
-	[ -z "$(curl -V 2>/dev/null)" ] && [ -n "$(wget -V 2>&1 | grep BusyBox)" ] && echo -e " 4 \033[33mHttp专用源\033[0m@Qust.me(感谢\033[32m酱紫表\033[0m提供及维护)"
-	echo -e " 5 自定义源地址(用于本地源或自建源)"
-	echo -e " 6 \033[31m版本回退\033[0m"
+	echo -e " 1 \033[32m正式版\033[0m&Jsdelivr-CDN源"
+	echo -e " 2 \033[32m正式版\033[0m&fastgit.org源"
+	echo -e " 3 \033[36m公测版\033[0m&Github源(本机clash服务加速)"
+	echo -e " 4 \033[36m公测版\033[0m&ShellClash源"
+	echo -e " 5 \033[36m公测版\033[0m&githubusercontents加速"
+	echo -e " 6 \033[36m公测版\033[0m&fastgit.org源"
+	echo -e " 7 \033[33m内测版\033[0m(请加TG讨论组:\033[4;36mhttps://t.me/ShellClash\033[0m)"
+	echo -e " 8 自定义源地址(用于本地源或自建源)"
+	echo -e " 9 \033[31m版本回退\033[0m"
 	echo -e " 0 返回上级菜单"
 	read -p "请输入对应数字 > " num
 	if	[ -z "$num" ]; then 
 		errornum
 	elif [ "$num" = 1 ]; then
-		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
+		release_url='https://fastly.jsdelivr.net/gh/juewuy/ShellClash'
 		saveserver
 	elif [ "$num" = 2 ]; then
-		update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master'
+		release_url='https://raw.fastgit.org/juewuy/ShellClash'
 		saveserver
 	elif [ "$num" = 3 ]; then
 		update_url='https://raw.githubusercontent.com/juewuy/ShellClash/master'
+		release_url=''
 		saveserver
 	elif [ "$num" = 4 ]; then
-		update_url='http://sc.qust.me'
+		update_url='https://gh.shellclash.cf/master'
+		release_url=''
 		saveserver
 	elif [ "$num" = 5 ]; then
+		update_url='https://raw.githubusercontents.com/juewuy/ShellClash/master'
+		release_url=''
+		saveserver
+	elif [ "$num" = 6 ]; then
+		update_url='https://raw.fastgit.org/juewuy/ShellClash/master'
+		release_url=''
+		saveserver
+	elif [ "$num" = 7 ]; then
+		update_url='http://test.shellclash.cf'
+		release_url=''
+		saveserver
+	elif [ "$num" = 8 ]; then
 		echo -----------------------------------------------
 		read -p "请输入个人源路径 > " update_url
 		if [ -z "$update_url" ];then
@@ -729,10 +806,11 @@ setserver(){
 			echo -e "\033[31m取消输入，返回上级菜单\033[0m"
 		else
 			saveserver
+			release_url=''
 		fi
-	elif [ "$num" = 6 ]; then
+	elif [ "$num" = 9 ]; then
 		echo -----------------------------------------------
-		$clashdir/start.sh webget /tmp/clashrelease https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/bin/release_version echooff rediroff 2>/tmp/clashrelease
+		$clashdir/start.sh webget /tmp/clashrelease https://raw.githubusercontents.com/juewuy/ShellClash/master/bin/release_version echooff rediroff 2>/tmp/clashrelease
 		echo -e "\033[31m请选择想要回退至的release版本：\033[0m"
 		cat /tmp/clashrelease | awk '{print " "NR" "$1}'
 		echo -e " 0 返回上级菜单"
@@ -741,29 +819,32 @@ setserver(){
 			setserver
 		elif [ $num -le $(cat /tmp/clashrelease | awk 'END{print NR}') 2>/dev/null ]; then
 			release_version=$(cat /tmp/clashrelease | awk '{print $1}' | sed -n "$num"p)
-			update_url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash@$release_version"
+			update_url="https://raw.githubusercontents.com/juewuy/ShellClash/$release_version"
 			saveserver
+			release_url=''
 		else
 			echo -----------------------------------------------
 			echo -e "\033[31m输入有误，请重新输入！\033[0m"
 		fi
-		
-	elif [ "$num" = 9 ]; then
-		update_url='http://192.168.123.90:8080/ShellClash'
 	else
 		errornum
 	fi
 }
 checkupdate(){
 if [ -z "$release_new" ];then
-	if [ "$update_url" = "https://cdn.jsdelivr.net/gh/juewuy/ShellClash" ];then
-		$clashdir/start.sh webget /tmp/clashversion $update_url@master/bin/release_version echoon rediroff 2>/tmp/clashrelease
-		[ "$?" = "0" ] && release_new=$(cat /tmp/clashversion | head -1)
-		update_url=$update_url@$release_new
+	if [ -n "$release_url" ];then
+		[ -n "$(echo $release_url|grep 'jsdelivr')" ] && check_url=$release_url@master || check_url=$release_url/master
+		$clashdir/start.sh webget /tmp/clashversion $check_url/bin/release_version echoon rediroff 2>/tmp/clashversion
+		release_new=$(cat /tmp/clashversion | head -1)
+		[ -n "$(echo $release_url|grep 'jsdelivr')" ] && update_url=$release_url@$release_new || update_url=$release_url/$release_new
+		setconfig update_url \'$update_url\'
+		release_type=正式版
+	else
+		release_type=测试版
 	fi	
 	$clashdir/start.sh webget /tmp/clashversion $update_url/bin/version echooff 
-	[ "$?" = "0" ] && release_new=$(cat /tmp/clashversion | grep versionsh | awk -F'=' '{ print $2 }')
-	[ -n "$release_new" ] &&source /tmp/clashversion || echo -e "\033[31m检查更新失败！请检查网络连接或切换安装源！\033[0m"
+	[ "$?" = "0" ] && release_new=$(cat /tmp/clashversion | grep -oE 'versionsh=.*' | awk -F'=' '{ print $2 }')
+	[ -n "$release_new" ] && source /tmp/clashversion 2>/dev/null || echo -e "\033[31m检查更新失败！请检查网络连接或切换安装源！\033[0m"
 	rm -rf /tmp/clashversion
 fi
 }
@@ -774,11 +855,12 @@ update(){
 	[ "$clashcore" = "clash" ] && clash_n=$clash_v || clash_n=$clashpre_v
 	[ "$clashcore" = "clashpre" ] && clash_n=$clashpre_v
 	[ "$clashcore" = "clash.net" ] && clash_n=$clashnet_v
-	clash_v=$($bindir/clash -v 2>/dev/null | awk '{print $2}')
+	[ "$clashcore" = "clash.meta" ] && clash_n=$meta_v
+	clash_v=$($bindir/clash -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
 	[ -z "$clash_v" ] && clash_v=$clashv
 	echo -e "\033[30;47m欢迎使用更新功能：\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 更新\033[36m管理脚本  	\033[33m$versionsh_l\033[0m > \033[32m$versionsh\033[0m"
+	echo -e " 1 更新\033[36m管理脚本  	\033[33m$versionsh_l\033[0m > \033[32m$versionsh$release_type\033[0m"
 	echo -e " 2 切换\033[33mclash核心 	\033[33m$clash_v\033[0m > \033[32m$clash_n\033[0m"
 	echo -e " 3 更新\033[32mGeoIP/CN-IP	\033[33m$Geo_v\033[0m > \033[32m$GeoIP_v\033[0m"
 	echo -e " 4 安装本地\033[35mDashboard\033[0m面板"
@@ -848,14 +930,14 @@ update(){
 userguide(){
 	whichmod(){	
 		echo -----------------------------------------------
-		echo -e "\033[33m是否需要代理UDP流量(主要用于游戏)？ \033[0m"
+		echo -e "\033[33m是否需要代理UDP流量(主要用于连接外服游戏)？ \033[0m"
 		echo -----------------------------------------------
-		echo -e " 1 \033[33m不代理UDP流量\033[0m(可能会导致一部分外服游戏/应用无法连接)"
+		echo -e " 1 \033[33m不代理UDP流量(推荐)\033[0m"
 		ip tuntap >/dev/null 2>&1 && [ "$?" = 0 ] && \
-		echo -e " 2 \033[32m使用Tun虚拟网卡\033[0m代理UDP流量(更低的延迟但更多的CPU消耗)" || \
+		echo -e " 2 \033[32m使用Tun虚拟网卡\033[0m代理UDP流量" || \
 		echo -e " - \033[0m使用Tun模式(你的设备不支持此模式，如为虚拟机运行请调整虚拟网卡设置)\033[0m"
 		[ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && \
-		echo -e " 3 \033[32m使用Tproxy模式\033[0m代理UDP流量(较低CPU消耗但相对高的延迟)"
+		echo -e " 3 \033[32m使用Tproxy模式\033[0m代理UDP流量"
 		echo -----------------------------------------------
 		read -p "请输入对应数字 > " num
 		if [ -z "$num" ] || [ "$num" -gt 4 ];then
@@ -880,8 +962,8 @@ userguide(){
 		echo -e "\033[33m请先选择你的使用环境： \033[0m"
 		echo -e "\033[0m(你之后依然可以在设置中更改各种配置)\033[0m"
 		echo -----------------------------------------------
-		echo -e " 1 \033[32m主路由或旁路由\033[0m"
-		echo -e " 2 \033[36mLinux本机代理\033[0m"
+		echo -e " 1 \033[32m路由设备配置局域网透明代理\033[0m"
+		echo -e " 2 \033[36mLinux设备仅配置本机代理\033[0m"
 		[ -f "$ccfg.bak" ] && echo -e " 3 \033[33m还原之前备份的设置\033[0m"
 		echo -----------------------------------------------
 		read -p "请输入对应数字 > " num
@@ -950,7 +1032,7 @@ userguide(){
 		[ "$res" = 1 ] && checkupdate && getcrt
 	fi
 	#设置加密DNS
-	$clashdir/start.sh webget /tmp/ssl_test https://www.baidu.com echooff rediron skipceroff
+	$clashdir/start.sh webget /tmp/ssl_test https://doh.pub echooff rediron skipceroff
 	if [ "$?" = "0" ];then
 		dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853'
 		dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query'
@@ -958,6 +1040,39 @@ userguide(){
 		setconfig dns_fallback \'"$dns_fallback"\' 
 	fi
 	rm -rf /tmp/ssl_test
+	#开启公网访问
+	sethost(){
+		read -p "请输入你的公网IP地址 > " host
+		echo $host | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
+		if [ -z "$host" ];then
+			echo -e "\033[31m请输入正确的IP地址！\033[0m"
+			sethost
+		fi
+	}
+	if type systemd >/dev/null 2>&1 ;then
+		echo -----------------------------------------------
+		echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务？\033[0m"
+		echo -e "注意当前设备必须有公网IP才能从公网正常访问"
+		echo -e "\033[31m此功能会增加暴露风险请谨慎使用！\033[0m"
+		echo -e "vps设备可能还需要额外在服务商后台开启相关端口"
+		read -p "现在开启？(1/0) > " res
+		if [ "$res" = 1 ];then
+			read -p "请先设置面板访问秘钥 > " secret
+			read -p "请先修改Socks服务端口(1-65535) > " mix_port
+			read -p "请先设置Socks服务密码(账号默认为clash) > " sec
+			[ -z "$sec" ] && authentication=clash:$sec
+			host=$(curl ip.sb  2>/dev/null | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
+			if [ -z "$host" ];then
+				sethost
+			fi	
+			public_support=已开启
+			setconfig secret $secret
+			setconfig mix_port $mix_port
+			setconfig host $host
+			setconfig public_support $public_support
+			setconfig authentication \'$authentication\'
+		fi
+	fi
 	#提示导入订阅或者配置文件
 	echo -----------------------------------------------
 	echo -e "\033[32m是否导入配置文件？\033[0m(这是运行前的最后一步)"
@@ -978,12 +1093,10 @@ testcommand(){
 	echo -----------------------------------------------
 	echo -e "\033[30;47m这里是测试命令菜单\033[0m"
 	echo -e "\033[33m如遇问题尽量运行相应命令后截图发群\033[0m"
-	echo -e "磁盘占用/所在目录："
-	du -sh $clashdir
 	echo -----------------------------------------------
-	echo " 1 查看clash运行时的报错信息"
+	echo " 1 查看Clash运行时的报错信息(会停止clash服务)"
 	echo " 2 查看系统DNS端口(:53)占用 "
-	echo " 3 测试ssl加密（aes-128-gcm）跑分"
+	echo " 3 测试ssl加密(aes-128-gcm)跑分"
 	echo " 4 查看iptables端口转发详情"
 	echo " 5 查看config.yaml前40行"
 	echo " 6 测试代理服务器连通性（google.tw)"
@@ -1055,4 +1168,4 @@ testcommand(){
 		errornum
 		clashsh
 	fi
-}
+}

scripts/misnap_init.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+clashdir=/data/clash
+profile=/etc/profile
+
+#h初始化环境变量
+echo "alias clash=\"$clashdir/clash.sh\"" >> $profile 
+echo "export clashdir=\"$clashdir\"" >> $profile 
+
+#设置init.d服务并启动clash服务
+ln -sf $clashdir/clashservice /etc/init.d/clash
+chmod 755 /etc/init.d/clash
+
+if [ ! -f $clashdir/.dis_startup ];then
+	log_file=`uci get system.@system[0].log_file`
+	while [ "$i" -lt 10 ];do
+		sleep 3
+		[ -n "$(grep 'init complete' $log_file)" ] && i=10 || i=$((i+1))
+	done
+	/etc/init.d/clash start
+	/etc/init.d/clash enable
+fi

scripts/start.sh

@@ -13,27 +13,21 @@ getconfig(){
 	#默认设置
 	[ -z "$bindir" ] && bindir=$clashdir
 	[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式
-	[ -z "$redir_mod" ] && redir_mod=Redir模式
+	[ -z "$redir_mod" ] && redir_mod=纯净模式
 	[ -z "$skip_cert" ] && skip_cert=已开启
-	[ -z "$common_ports" ] && common_ports=已开启
 	[ -z "$dns_mod" ] && dns_mod=redir_host
-	[ -z "$dns_over" ] && dns_over=已开启
-	[ -z "$modify_yaml" ] && modify_yaml=未开启
 	[ -z "$ipv6_support" ] && ipv6_support=未开启
-	[ -z "$start_old" ] && start_old=未开启
-	[ -z "$local_proxy" ] && local_proxy=未开启
+	[ -z "$ipv6_dns" ] && ipv6_dns=$ipv6_support
 	[ -z "$mix_port" ] && mix_port=7890
 	[ -z "$redir_port" ] && redir_port=7892
 	[ -z "$db_port" ] && db_port=9999
 	[ -z "$dns_port" ] && dns_port=1053
-	[ -z "$cn_ip_route" ] && cn_ip_route=未开启
-	[ -z "$public_support" ] && public_support=未开启
-	[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
-	[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
-	[ -z "$multiport" ] && multiport='22,53,587,465,995,993,143,80,443,8080'
+	[ -z "$streaming_int" ] && streaming_int=24
 	#是否代理常用端口
+	[ -z "$common_ports" ] && common_ports=已开启
+	[ -z "$multiport" ] && multiport='22,53,587,465,995,993,143,80,443,8080'
 	[ "$common_ports" = "已开启" ] && ports="-m multiport --dports $multiport"
-	}
+}
 setconfig(){
 	#参数1代表变量名，参数2代表变量值,参数3即文件路径
 	[ -z "$3" ] && configpath=$clashdir/mark || configpath=$3
@@ -42,7 +36,7 @@ setconfig(){
 compare(){
 	if [ ! -f $1 -o ! -f $2 ];then
 		return 1
-	elif command -v cmp >/dev/null 2>&1;then
+	elif type cmp >/dev/null 2>&1;then
 		cmp -s $1 $2
 	else
 		[ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1
@@ -76,15 +70,72 @@ cronset(){
 	croncmd $tmpcron
 	rm -f $tmpcron
 }
+put_save(){
+	if curl --version > /dev/null 2>&1;then
+		curl -sS -X PUT -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" "$1" -d "$2" >/dev/null
+	elif wget --version > /dev/null 2>&1;then
+		wget -q --method=PUT --header="Authorization: Bearer ${secret}" --header="Content-Type:application/json" --body-data="$2" "$1" >/dev/null
+	fi
+}
 mark_time(){
 	start_time=`date +%s`
 	sed -i '/start_time*/'d $clashdir/mark
 	echo start_time=$start_time >> $clashdir/mark
 }
-gethost(){
-	[ -z "$host" ] && host=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
-	[ -z "$host" ] && host=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E '\ 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1)
-	[ -n "$host" ] && lanhost="-s $(echo $host | grep -oE '^1(92|0|72)\.')0.0.0/8"
+streaming(){
+	getconfig
+	#设置循环检测clashDNS端口
+	ns_type=$(nslookup -version 2>&1 | grep -io busybox)
+	ns_lookup(){
+		[ -n "$ns_type" ] && \
+		nslookup $1 127.0.0.1:${dns_port} > /dev/null 2>&1 || \
+		nslookup -port=${dns_port} $1 127.0.0.1 > /dev/null 2>&1
+	}
+	while [ "$i" != 0 ];do
+		[ "$j" = 60 ] && exit 1
+		sleep 1	
+		ns_lookup baidu.com
+		i=$?
+		j=$((j+1))
+	done
+	streaming_dns(){
+		streaming_dir=$clashdir/streaming/${streaming_type}_Domains.list
+		rm -rf $clashdir/steaming
+		if [ ! -s "$streaming_dir" ];then
+			echo 未找到$streaming_type域名数据库，正在下载！
+			mkdir -p $clashdir/streaming
+			$0 webget "$streaming_dir" "$update_url/bin/${streaming_type}_Domains.list"
+			[ "$?" = "1" ] && logger "$streaming_type数据库文件下载失败"
+		fi
+		if [ -f "$streaming_dir" ];then
+			for line in $(cat $streaming_dir);do
+				[ -n "$line" ] && ns_lookup "$line"
+			done >/dev/null 2>&1
+			echo "$streaming_type域名预解析完成！"
+		fi
+	}
+	echo "正在后台进行流媒体预解析服务，请耐心等待！"
+	[ "$netflix_pre" = "已开启" ] && streaming_type=Netflix && streaming_dns
+	[ "$disneyP_pre" = "已开启" ] && streaming_type=Disney_Plus && streaming_dns
+	echo "请输入回车以继续！"
+}
+autoSSH(){
+	#自动开启SSH
+	[ "$(nvram get ssh_en)" = 0 ] && nvram set ssh_en=1 && nvram commit
+    [ "`uci -c /usr/share/xiaoqiang get xiaoqiang_version.version.CHANNEL`" != 'stable' ] && {
+	uci -c /usr/share/xiaoqiang set xiaoqiang_version.version.CHANNEL='stable' 
+    uci -c /usr/share/xiaoqiang commit xiaoqiang_version.version
+	}
+	[ -z "$(pidof dropbear)" -o -z "$(netstat -ntul | grep :22)" ] && {
+	sed -i 's/channel=.*/channel="debug"/g' /etc/init.d/dropbear
+	/etc/init.d/dropbear restart
+	[ -n "$mi_autoSSH_pwd" ] && echo -e "$mi_autoSSH_pwd\n$mi_autoSSH_pwd" | passwd root
+	}
+	#备份还原SSH秘钥
+	[ -f $clashdir/dropbear_rsa_host_key ] && ln -sf $clashdir/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key
+}
+host_lan(){
+	[ -n "$(echo $host | grep -oE "([0-9]{1,3}[\.]){3}[0-9]{1,3}" )" ] && host_lan="$(echo $host | grep -oE "([0-9]{1,3}[\.]){3}")0/24"
 }
 #配置文件相关
 getyaml(){
@@ -92,19 +143,19 @@ getyaml(){
 	[ -z "$server_link" ] && server_link=1
 	#前后端订阅服务器地址索引，可在此处添加！
 	Server=`sed -n ""$server_link"p"<<EOF
-subcon.dlj.tf
-api.dler.io
-api.wcc.best
-api2.tsutsu.cc
-api.v1.mk
+https://api.dler.io
+https://sub.shellclash.cf
+https://sub.xeton.dev
+https://sub.id9.cc
+https://sub.maoxiongnet.com
 EOF`
 	Config=`sed -n ""$rule_link"p"<<EOF
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_Netflix.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_AdblockPlus.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash_Mini.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash_Block.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash_Nano.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash_Full.ini
+https://github.com/juewuy/ShellClash/raw/master/rules/ShellClash_Full_Block.ini
 https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_clash.ini
 https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_dler.ini
 https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_pro.ini
@@ -120,9 +171,9 @@ EOF`
 	Https=$(echo ${Https//\%26/\&})   #将%26替换回&
 	#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
 	if [ -z "$Https" ];then
-		#[ -n "$(echo $Url | grep -o 'https://dler')" ] && Server='api.dler.io'
-		Https="https://$Server/sub?target=clash&insert=true&new_name=true&scv=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
-		markhttp=1
+		[ -n "$(echo $Url | grep -o 'vless')" ] && Server='https://sub.shellclash.cf'
+		Https="$Server/sub?target=clash&insert=true&new_name=true&scv=true&udp=true&exclude=$exclude&include=$include&url=$Url&config=$Config"
+		url_type=true
 	fi
 	#输出
 	echo -----------------------------------------------
@@ -133,9 +184,9 @@ EOF`
 	yaml=$clashdir/config.yaml
 	yamlnew=/tmp/clash_config_$USER.yaml
 	rm -rf $yamlnew
-	$0 webget $yamlnew $Https 0 0 0 1
+	$0 webget $yamlnew $Https
 	if [ "$?" = "1" ];then
-		if [ -z "$markhttp" ];then
+		if [ -z "$url_type" ];then
 			echo -----------------------------------------------
 			logger "配置文件获取失败！" 31
 			echo -e "\033[31m请尝试使用【在线生成配置文件】功能！\033[0m"
@@ -177,7 +228,7 @@ EOF`
 		if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
 			echo -----------------------------------------------
 			logger "已经停止对旧格式配置文件的支持！！！" 31
-			echo -e "请使用新格式或者使用【导入节点/链接】功能！"
+			echo -e "请使用新格式或者使用【在线生成配置文件】功能！"
 			echo -----------------------------------------------
 			exit 1
 		fi
@@ -188,14 +239,31 @@ EOF`
 			echo -----------------------------------------------
 			exit 1
 		fi
+		#检测vless协议
+		if [ -n "$(cat $yamlnew | grep -E 'vless')" ] && [ "$clashcore" = "clash" -o "$clashcore" = "clashpre" ];then
+			echo -----------------------------------------------
+			logger "检测到vless协议！将改为使用clash.meta核心启动！" 33
+			rm -rf $bindir/clash
+			setconfig clashcore clash.meta
+			echo -----------------------------------------------
+		fi
 		#检测是否存在高级版规则
 		if [ "$clashcore" = "clash" -a -n "$(cat $yamlnew | grep -E '^script:|proxy-providers|rule-providers')" ];then
 			echo -----------------------------------------------
-			logger "检测到高级版核心专属规则！将改为使用premium核心启动！" 33
+			logger "检测到高级版核心专属规则！将改为使用clash.net核心启动！" 33
 			rm -rf $bindir/clash
-			setconfig clashcore clashpre
+			setconfig clashcore clash.net
 			echo -----------------------------------------------
 		fi
+		#检测并去除无效节点组
+		[ -n "$url_type" ] && type xargs >/dev/null 2>&1 && {
+		cat $yamlnew | grep -A 8 "\-\ name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/ rules:.*//g' | sed 's/- //g' | grep -E '#DIRECT $' | awk -F '#' '{print $1}' > /tmp/clash_proxies_$USER
+		while read line ;do
+			sed -i "/- $line/d" $yamlnew
+			sed -i "/- name: $line/,/- DIRECT/d" $yamlnew
+		done < /tmp/clash_proxies_$USER
+		rm -rf /tmp/clash_proxies_$USER
+		}
 		#使用核心内置test功能检测
 		if [ -x $bindir/clash ];then
 			$bindir/clash -t -d $bindir -f $yamlnew >/dev/null
@@ -214,39 +282,59 @@ EOF`
 			mv -f $yamlnew $yaml
 		fi
 		echo -e "\033[32m已成功获取配置文件！\033[0m"
-		rm -rf $yamlnew
-		exit 0
 	fi
 }
 modify_yaml(){
 ##########需要变更的配置###########
+	[ -z "$dns_nameserver" ] && dns_nameserver='114.114.114.114, 223.5.5.5'
+	[ -z "$dns_fallback" ] && dns_fallback='1.0.0.1, 8.8.4.4'
+	[ -z "$skip_cert" ] && skip_cert=已开启
+	#默认fake-ip过滤列表
+	fake_ft_df='"*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org","*.sgcc.com.cn","*.alicdn.com","*.aliyuncs.com"'
 	lan='allow-lan: true'
-	mode='mode: Rule'
 	log='log-level: info'
 	[ "$ipv6_support" = "已开启" ] && ipv6='ipv6: true' || ipv6='ipv6: false'
+	[ "$ipv6_dns" = "已开启" ] && dns_v6='ipv6: true' || dns_v6=$ipv6
 	external="external-controller: 0.0.0.0:$db_port"
 	[ -d $clashdir/ui ] && db_ui=ui
-	[ "$redir_mod" != "Redir模式" ] && tun='tun: {enable: true, stack: system}' || tun='tun: {enable: false}'
+	if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ];then
+		[ "$clashcore" = 'clash.meta' ] && tun_meta=', device: utun, auto-route: false'
+		tun="tun: {enable: true, stack: system$tun_meta}"
+	else
+		tun='tun: {enable: false}'
+	fi
 	exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
 	#dns配置
+	[ "$clashcore" = 'clash.meta' ] && dns_default_meta=', https://1.0.0.1/dns-query, https://223.5.5.5/dns-query'
+	dns_default="114.114.114.114, 223.5.5.5$dns_default_meta"
+	if [ -f $clashdir/fake_ip_filter ];then
+		while read line;do
+			fake_ft_ad=$fake_ft_ad,\"$line\"
+		done < $clashdir/fake_ip_filter
+	fi
 	if [ "$dns_mod" = "fake-ip" ];then
-		dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org","*.sgcc.com.cn","*.alicdn.com","*.aliyuncs.com"], nameserver: ['$dns_nameserver', 127.0.0.1:53], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
+		dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ['${fake_ft_df}${fake_ft_ad}'], default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver', 127.0.0.1:53], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
 	else
-		dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
+		dns='dns: {enable: true, '$dns_v6', listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, default-nameserver: ['$dns_default', 127.0.0.1:53], nameserver: ['$dns_nameserver$dns_local'], fallback: ['$dns_fallback'], fallback-filter: {geoip: true}}'
+	fi
+	#meta专属功能
+	if [ "$clashcore" = "clash.meta" -a "$sniffer" = "已启用" ];then
+		sniffer_set="sniffer: {enable: true, force: false, sniffing: [tls]}"
 	fi
 	#设置目录
 	yaml=$clashdir/config.yaml
 	tmpdir=/tmp/clash_$USER
+	#预读取变量
+	mode=$(grep "^mode" $yaml | head -1 | awk '{print $2}')
+	[ -z "$mode" ] && mode='Rule'
 	#预删除需要添加的项目
 	a=$(grep -n "port:" $yaml | head -1 | cut -d ":" -f 1)
 	b=$(grep -n "^prox" $yaml | head -1 | cut -d ":" -f 1)
 	b=$((b-1))
 	mkdir -p $tmpdir > /dev/null
-	[ "$b" != "0" ] && sed "${a},${b}d" $yaml > $tmpdir/proxy.yaml
+	[ "$b" -gt 0 ] && sed "${a},${b}d" $yaml > $tmpdir/proxy.yaml || cp -f $yaml $tmpdir/proxy.yaml
 	#跳过本地tls证书验证
 	[ "$skip_cert" = "已开启" ] && sed -i '1,99s/skip-cert-verify: false/skip-cert-verify: true/' $tmpdir/proxy.yaml
-	#检测是否使用script规则
-	[ -n "$(cat $yaml | grep -E '^script:')" ] && mode='mode: Script'
 	#添加配置
 ###################################
 	cat > $tmpdir/set.yaml <<EOF
@@ -254,7 +342,7 @@ mixed-port: $mix_port
 redir-port: $redir_port
 authentication: ["$authentication"]
 $lan
-$mode
+mode: $mode
 $log
 $ipv6
 external-controller: :$db_port
@@ -263,24 +351,42 @@ secret: $secret
 $tun
 $exper
 $dns
+$sniffer_set
 store-selected: $restore
+hosts:
 EOF
 ###################################
-	[ -f $clashdir/user.yaml ] && yaml_user=$clashdir/user.yaml
+	#读取本机hosts并生成配置文件
+	hosts_dir=/etc/hosts
+	if [ "$redir_mod" != "纯净模式" ] && [ "$dns_no" != "已禁用" ] && [ -f $hosts_dir ];then
+		while read line;do
+			[ -n "$(echo "$line" | grep -oE "([0-9]{1,3}[\.]){3}" )" ] && \
+			[ -z "$(echo "$line" | grep -oE '^#')" ] && \
+			hosts_ip=$(echo $line | awk '{print $1}')  && \
+			hosts_domain=$(echo $line | awk '{print $2}') && \
+			echo "   '$hosts_domain': $hosts_ip" >> $tmpdir/hosts.yaml
+		done < $hosts_dir
+	fi
 	#合并文件
-	cut -c 1- $tmpdir/set.yaml $yaml_user $tmpdir/proxy.yaml > $tmpdir/config.yaml
+	[ -f $clashdir/user.yaml ] && yaml_user=$clashdir/user.yaml
+	[ -f $tmpdir/hosts.yaml ] && yaml_hosts=$tmpdir/hosts.yaml
+	cut -c 1- $tmpdir/set.yaml $yaml_hosts $yaml_user $tmpdir/proxy.yaml > $tmpdir/config.yaml
 	#插入自定义规则
 	sed -i "/#自定义规则/d" $tmpdir/config.yaml
+	space=$(sed -n '/^rules/{n;p}' $tmpdir/proxy.yaml | grep -oE '^\ *') #获取空格数
 	if [ -f $clashdir/rules.yaml ];then
 		sed -i '/^$/d' $clashdir/rules.yaml && echo >> $clashdir/rules.yaml #处理换行
-		space=$(sed -n '/^rules/{n;p}' $tmpdir/proxy.yaml | grep -oE '^\ *') #获取空格数
 		while read line;do
-			[ -z "$(echo "$line " | grep '#')" ] && \
+			[ -z "$(echo "$line" | grep '#')" ] && \
 			[ -n "$(echo "$line" | grep '\-\ ')" ] && \
 			line=$(echo "$line" | sed 's#/#\\/#') && \
 			sed -i "/^rules:/a\\$space$line #自定义规则" $tmpdir/config.yaml
 		done < $clashdir/rules.yaml
 	fi
+	#tun/fake-ip防止流量回环
+	if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" -o "$dns_mod" = "fake-ip" ];then
+		sed -i "/^rules:/a\\$space- SRC-IP-CIDR,198.18.0.0/16,REJECT #自定义规则(防止回环)" $tmpdir/config.yaml
+	fi
 	#如果没有使用小闪存模式
 	if [ "$tmpdir" != "$bindir" ];then
 		cmp -s $tmpdir/config.yaml $yaml >/dev/null 2>&1
@@ -288,6 +394,7 @@ EOF
 	fi
 	rm -f $tmpdir/set.yaml
 	rm -f $tmpdir/proxy.yaml
+	rm -f $tmpdir/hosts.yaml
 }
 #设置路由规则
 cn_ip_route(){	
@@ -309,41 +416,42 @@ cn_ip_route(){
 	fi
 }
 start_redir(){
-	#获取本地局域网地址段
-	gethost
+	#获取局域网host地址
+	host_lan
 	#流量过滤规则
 	iptables -t nat -N clash
 	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
 	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
 	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 100.64.0.0/10 -j RETURN
 	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
 	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
 	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
 	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
 	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
+	[ -n "$host_lan" ] && iptables -t nat -A clash -d $host_lan -j RETURN
 	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t nat -A clash -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash -p tcp $ports -m mac --mac-source $mac -j REDIRECT --to-ports $redir_port
+			iptables -t nat -A clash -p tcp -m mac --mac-source $mac -j REDIRECT --to-ports $redir_port
 		done
 	else
 		#mac黑名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash -m mac --mac-source $mac -j RETURN
 		done
-		iptables -t nat -A clash -p tcp $ports -j REDIRECT --to-ports $redir_port
+		iptables -t nat -A clash -p tcp -s 192.168.0.0/16 -j REDIRECT --to-ports $redir_port
+		iptables -t nat -A clash -p tcp -s 10.0.0.0/8 -j REDIRECT --to-ports $redir_port
+		[ -n "$host_lan" ] && iptables -t nat -A clash -p tcp -s $host_lan -j REDIRECT --to-ports $redir_port
 	fi
-	iptables -t nat -A PREROUTING -p tcp $lanhost -j clash
-	if [ "$public_support" = "已开启" ];then
-		iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT
-		iptables -I INPUT -p tcp --dport $db_port -j ACCEPT
+	#将PREROUTING链指向clash链
+	iptables -t nat -A PREROUTING -p tcp $ports -j clash
+	#禁用QUIC
+	if [ "$quic_rj" = 已启用 ] && [ "$tproxy_mod" = "已开启" ];then
+		[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
+		iptables -I INPUT -p udp --dport 443 -m comment --comment "ShellClash QUIC REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1
 	fi
-	#Google home DNS特殊处理
-	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash
-	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash
-	#Docker特殊处理
-	[ "$local_proxy" = "已开启" ] && iptables -t nat -I PREROUTING -s 172.16.0.0/12  -j clash
 	#设置ipv6转发
 	ip6_nat=$(ip6tables -t nat -L 2>&1 | grep -o 'Chain')
 	if [ -n "$ip6_nat" -a "$ipv6_support" = "已开启" ];then
@@ -364,28 +472,26 @@ start_redir(){
 	fi
 }
 start_dns(){
-	#允许tun网卡接受流量
-	if [ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ];then
-		iptables -I FORWARD -o utun -j ACCEPT
-		[ "$ipv6_support" = "已开启" ] && ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
-	fi
+	#屏蔽OpenWrt内置53端口转发
+	iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null
+	iptables -t nat -D PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null
+	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null
+	ip6tables -t nat -D PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 2> /dev/null	
 	#设置dns转发
 	iptables -t nat -N clash_dns
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
 		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash_dns -p udp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
-			iptables -t nat -A clash_dns -p tcp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
+			iptables -t nat -A clash_dns -p udp -m mac --mac-source $mac -j REDIRECT --to $dns_port
 		done
 	else
 		#mac黑名单
 		for mac in $(cat $clashdir/mac); do
 			iptables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN
 		done	
-		iptables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to $dns_port
-		iptables -t nat -A clash_dns -p tcp --dport 53 -j REDIRECT --to $dns_port
+		iptables -t nat -A clash_dns -p udp -j REDIRECT --to $dns_port
 	fi
-	iptables -t nat -A PREROUTING -p udp -j clash_dns
+	iptables -t nat -I PREROUTING -p udp --dport 53 -j clash_dns
 	#ipv6DNS
 	ip6_nat=$(ip6tables -t nat -L 2>&1 | grep -o 'Chain')
 	if [ -n "$ip6_nat" ];then
@@ -393,36 +499,38 @@ start_dns(){
 		if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 			#mac白名单
 			for mac in $(cat $clashdir/mac); do
-				ip6tables -t nat -A clashv6_dns -p udp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
-				ip6tables -t nat -A clashv6_dns -p tcp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
+				ip6tables -t nat -A clashv6_dns -p udp -m mac --mac-source $mac -j REDIRECT --to $dns_port
 			done
 		else
 			#mac黑名单
 			for mac in $(cat $clashdir/mac); do
 				ip6tables -t nat -A clashv6_dns -m mac --mac-source $mac -j RETURN
 			done	
-			ip6tables -t nat -A clashv6_dns -p udp --dport 53 -j REDIRECT --to $dns_port
-			ip6tables -t nat -A clashv6_dns -p tcp --dport 53 -j REDIRECT --to $dns_port
+			ip6tables -t nat -A clashv6_dns -p udp -j REDIRECT --to $dns_port
 		fi
-		ip6tables -t nat -A PREROUTING -p udp -j clashv6_dns
+		ip6tables -t nat -I PREROUTING -p udp --dport 53 -j clashv6_dns
 	else
-		ip6tables -I INPUT -p tcp --dport 53 -j REJECT > /dev/null 2>&1
 		ip6tables -I INPUT -p udp --dport 53 -j REJECT > /dev/null 2>&1
 	fi
+
 }
 start_udp(){
-	gethost	#获取本地局域网地址段
+	#获取局域网host地址
+	host_lan
 	ip rule add fwmark 1 table 100
 	ip route add local default dev lo table 100
 	iptables -t mangle -N clash
+	iptables -t mangle -A clash -p udp --dport 53 -j RETURN
 	iptables -t mangle -A clash -d 0.0.0.0/8 -j RETURN
 	iptables -t mangle -A clash -d 10.0.0.0/8 -j RETURN
 	iptables -t mangle -A clash -d 127.0.0.0/8 -j RETURN
+	iptables -t mangle -A clash -d 100.64.0.0/10 -j RETURN
 	iptables -t mangle -A clash -d 169.254.0.0/16 -j RETURN
 	iptables -t mangle -A clash -d 172.16.0.0/12 -j RETURN
 	iptables -t mangle -A clash -d 192.168.0.0/16 -j RETURN
 	iptables -t mangle -A clash -d 224.0.0.0/4 -j RETURN
 	iptables -t mangle -A clash -d 240.0.0.0/4 -j RETURN
+	[ -n "$host_lan" ] && iptables -t mangle -A clash -d $host_lan -j RETURN
 	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t mangle -A clash -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
 	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
 		#mac白名单
@@ -434,86 +542,125 @@ start_udp(){
 		for mac in $(cat $clashdir/mac); do
 			iptables -t mangle -A clash -m mac --mac-source $mac -j RETURN
 		done
-		iptables -t mangle -A clash -p udp -j TPROXY --on-port $redir_port --tproxy-mark 1
+		iptables -t mangle -A clash -p udp -s 192.168.0.0/16 -j TPROXY --on-port $redir_port --tproxy-mark 1
+		iptables -t mangle -A clash -p udp -s 10.0.0.0/8 -j TPROXY --on-port $redir_port --tproxy-mark 1
+		[ -n "$host_lan" ] && iptables -t mangle -A clash -p udp -s $host_lan -j TPROXY --on-port $redir_port --tproxy-mark 1
 	fi
-	iptables -t mangle -A PREROUTING -p udp $lanhost -j clash
+	iptables -t mangle -A PREROUTING -p udp -j clash
 }
 start_output(){
-	#流量过滤规则
+	#流量过滤
 	iptables -t nat -N clash_out
 	iptables -t nat -A clash_out -m owner --gid-owner 7890 -j RETURN
 	iptables -t nat -A clash_out -d 0.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A clash_out -d 100.64.0.0/10 -j RETURN
 	iptables -t nat -A clash_out -d 127.0.0.0/8 -j RETURN
 	iptables -t nat -A clash_out -d 169.254.0.0/16 -j RETURN
-	iptables -t nat -A clash_out -d 172.16.0.0/12 -j RETURN
 	iptables -t nat -A clash_out -d 192.168.0.0/16 -j RETURN
 	iptables -t nat -A clash_out -d 224.0.0.0/4 -j RETURN
 	iptables -t nat -A clash_out -d 240.0.0.0/4 -j RETURN
-	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && iptables -t nat -A clash_out -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
-	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
-		#mac白名单
-		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash_out -p tcp $ports -m mac --mac-source $mac -j REDIRECT --to-ports $redir_port
-		done
-	else
-		#mac黑名单
-		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash_out -m mac --mac-source $mac -j RETURN
-		done
-		iptables -t nat -A clash_out -p tcp $ports -j REDIRECT --to-ports $redir_port
-	fi
+	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && \
+	iptables -t nat -A clash_out -m set --match-set cn_ip dst -j RETURN >/dev/null 2>&1 #绕过大陆IP
+	iptables -t nat -A clash_out -p tcp -j REDIRECT --to-ports $redir_port
+	#
 	iptables -t nat -A OUTPUT -p tcp -j clash_out
 	#设置dns转发
+	[ "$dns_no" != "已禁用" ] && {
 	iptables -t nat -N clash_dns_out
 	iptables -t nat -A clash_dns_out -m owner --gid-owner 7890 -j RETURN
-	if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
-		#mac白名单
-		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash_dns_out -p udp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
-			iptables -t nat -A clash_dns_out -p tcp --dport 53 -m mac --mac-source $mac -j REDIRECT --to $dns_port
-		done
-	else
-		#mac黑名单
-		for mac in $(cat $clashdir/mac); do
-			iptables -t nat -A clash_dns_out -m mac --mac-source $mac -j RETURN
-		done	
-		iptables -t nat -A clash_dns_out -p udp --dport 53 -j REDIRECT --to $dns_port
-		iptables -t nat -A clash_dns_out -p tcp --dport 53 -j REDIRECT --to $dns_port
+	iptables -t nat -A clash_dns_out -p udp -j REDIRECT --to $dns_port
+	iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out
+	}
+	#Docker转发
+	type docker &>/dev/null && {
+	iptables -t nat -N clash_docker
+	iptables -t nat -A clash_docker -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A clash_docker -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A clash_docker -d 172.16.0.0/12 -j RETURN
+	iptables -t nat -A clash_docker -d 192.168.0.0/16 -j RETURN
+	iptables -t nat -A clash_docker -p tcp -j REDIRECT --to-ports $redir_port
+	iptables -t nat -A PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker
+	[ "$dns_no" != "已禁用" ] && iptables -t nat -A PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port
+	}
+}
+start_tun(){
+	if [ "$quic_rj" = 已启用 ];then
+		[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
+		iptables -I FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellClash QUIC REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1 
+	fi
+	iptables -A FORWARD -o utun -j ACCEPT
+	#ip6tables -A FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+}
+start_wan(){
+	[ "$mix_port" = "7890" -o -z "$authentication" ] && {
+	iptables -A INPUT -p tcp -s 10.0.0.0/8 --dport $mix_port -j ACCEPT
+	iptables -A INPUT -p tcp -s 127.0.0.0/8 --dport $mix_port -j ACCEPT
+	iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT
+	iptables -A INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT
+	iptables -A INPUT -p tcp --dport $mix_port -j REJECT
+	type ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
+	}
+	if [ "$public_support" = "已开启" ];then
+		[ "$mix_port" != "7890" -a -n "$authentication" ] && {
+		iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT
+		type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
+		}
+		iptables -I INPUT -p tcp --dport $db_port -j ACCEPT
+		type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
 	fi
-	iptables -t nat -A OUTPUT -p udp -j clash_dns_out
 }
 stop_iptables(){
-	gethost #获取本地局域网地址段
     #重置iptables规则
 	ip rule del fwmark 1 table 100  2> /dev/null
 	ip route del local default dev lo table 100 2> /dev/null
-	iptables -t nat -D PREROUTING -p tcp $lanhost -j clash 2> /dev/null
+	iptables -t nat -D PREROUTING -p tcp $ports -j clash 2> /dev/null
 	iptables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
 	iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
-	iptables -t nat -D PREROUTING -p udp -j clash_dns 2> /dev/null
-	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash 2> /dev/null
-	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash 2> /dev/null
-	iptables -t nat -D PREROUTING -s 172.16.0.0/12  -j clash 2> /dev/null
+	iptables -t nat -D PREROUTING -p udp --dport 53 -j clash_dns 2> /dev/null
 	iptables -t nat -F clash 2> /dev/null
 	iptables -t nat -X clash 2> /dev/null
 	iptables -t nat -F clash_dns 2> /dev/null
 	iptables -t nat -X clash_dns 2> /dev/null
 	iptables -D FORWARD -o utun -j ACCEPT 2> /dev/null
+	#重置屏蔽QUIC规则
+	[ "$dns_mod" = "redir_host" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
+	iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellClash QUIC REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1
+	iptables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellClash QUIC REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1
 	#重置output规则
 	iptables -t nat -D OUTPUT -p tcp -j clash_out 2> /dev/null
 	iptables -t nat -F clash_out 2> /dev/null
 	iptables -t nat -X clash_out 2> /dev/null	
-	iptables -t nat -D OUTPUT -p udp -j clash_dns_out 2> /dev/null
+	iptables -t nat -D OUTPUT -p udp --dport 53 -j clash_dns_out 2> /dev/null
 	iptables -t nat -F clash_dns_out 2> /dev/null
 	iptables -t nat -X clash_dns_out 2> /dev/null
+	#重置docker规则
+	iptables -t nat -F clash_docker 2> /dev/null
+	iptables -t nat -X clash_docker 2> /dev/null
+	iptables -t nat -D PREROUTING -p tcp -s 172.16.0.0/12 -j clash_docker 2> /dev/null
+	iptables -t nat -D PREROUTING -p udp --dport 53 -s 172.16.0.0/12 -j REDIRECT --to $dns_port 2> /dev/null
 	#重置udp规则
-	iptables -t mangle -D PREROUTING -p udp $lanhost -j clash 2> /dev/null
+	iptables -t mangle -D PREROUTING -p udp -j clash 2> /dev/null
 	iptables -t mangle -F clash 2> /dev/null
 	iptables -t mangle -X clash 2> /dev/null
+	iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellClash QUIC REJECT" -j REJECT >/dev/null 2>&1
+	iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellClash QUIC REJECT" -m set ! --match-set cn_ip dst -j REJECT >/dev/null 2>&1
+	#重置公网访问规则
+	iptables -D INPUT -p tcp -s 10.0.0.0/8 --dport $mix_port -j ACCEPT 2> /dev/null
+	iptables -D INPUT -p tcp -s 127.0.0.0/8 --dport $mix_port -j ACCEPT 2> /dev/null
+	iptables -D INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT 2> /dev/null
+	iptables -D INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT 2> /dev/null
+	iptables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
+	ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
+	iptables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
+	ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
+	iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
+	ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
 	#重置ipv6规则
+	ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
+	ip6tables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
 	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 2> /dev/null
-	ip6tables -t nat -D PREROUTING -p udp -j clashv6_dns 2> /dev/null
+	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j clashv6_dns 2> /dev/null
 	ip6tables -t nat -F clashv6 2> /dev/null
 	ip6tables -t nat -X clashv6 2> /dev/null
 	ip6tables -t nat -F clashv6_dns 2> /dev/null
@@ -521,6 +668,12 @@ stop_iptables(){
 	ip6tables -D FORWARD -o utun -j ACCEPT 2> /dev/null
 	#清理ipset规则
 	ipset destroy cn_ip >/dev/null 2>&1
+	#移除dnsmasq转发规则
+	[ "$dns_redir" = "已开启" ] && {
+		uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1
+		uci delete dhcp.@dnsmasq[0].cachesize >/dev/null 2>&1
+		/etc/init.d/dnsmasq restart >/dev/null 2>&1
+	}
 }
 #面板配置保存相关
 web_save(){
@@ -535,8 +688,8 @@ web_save(){
 	get_save http://localhost:${db_port}/proxies | awk -F "{" '{for(i=1;i<=NF;i++) print $i}' | grep -E '^"all".*"Selector"' > /tmp/clash_web_check_$USER
 	while read line ;do
 		def=$(echo $line | awk -F "[[,]" '{print $2}')
-		now=$(echo $line | grep -oE '"now".*",' | sed 's/"now"://g'| sed 's/,//g')
-		[ "$def" != "$now" ] && echo $line | grep -oE '"name".*"now".*",' | sed 's/"name"://g' | sed 's/"now"://g'| sed 's/"//g' >> /tmp/clash_web_save_$USER
+		now=$(echo $line | grep -oE '"now".*",' | sed 's/"now"://g' | sed 's/"type":.*//g' |  sed 's/,//g')
+		[ "$def" != "$now" ] && echo $line | grep -oE '"name".*"now".*",' | sed 's/"name"://g' | sed 's/"now"://g' | sed 's/"type":.*//g' | sed 's/"//g' >> /tmp/clash_web_save_$USER
 	done < /tmp/clash_web_check_$USER
 	rm -rf /tmp/clash_web_check_$USER
 	#对比文件，如果有变动且不为空则写入磁盘，否则清除缓存
@@ -546,37 +699,36 @@ web_save(){
 	fi
 }
 web_restore(){
-	put_save(){
-		if curl --version > /dev/null 2>&1;then
-			curl -sS -X PUT -H "Authorization: Bearer ${secret}" -H "Content-Type:application/json" "$1" -d "$2" >/dev/null
-		elif wget --version > /dev/null 2>&1;then
-			wget -q --method=PUT --header="Authorization: Bearer ${secret}" --header="Content-Type:application/json" --body-data="$2" "$1" >/dev/null
-		fi
-	}
+
 	#设置循环检测clash面板端口
 	i=1
-	while [ $i -lt 10 ];do
+	while [ -z "$test" -a "$i" -lt 60 ];do
 		sleep 1
 		if curl --version > /dev/null 2>&1;then
 			test=$(curl -s http://localhost:${db_port})
 		else
 			test=$(wget -q -O - http://localhost:${db_port})
 		fi
-		[ -n "$test" ] && i=10
+		i=$((i+1))
 	done
 	#发送数据
 	num=$(cat $clashdir/web_save | wc -l)
-	for i in `seq $num`;
-	do
+	i=1
+	while [ "$i" -le "$num" ];do
 		group_name=$(awk -F ',' 'NR=="'${i}'" {print $1}' $clashdir/web_save | sed 's/ /%20/g')
 		now_name=$(awk -F ',' 'NR=="'${i}'" {print $2}' $clashdir/web_save)
 		put_save http://localhost:${db_port}/proxies/${group_name} "{\"name\":\"${now_name}\"}"
+		i=$((i+1))
 	done
 }
 #启动相关
 catpac(){
-	gethost
+	#获取本机host地址
+	[ -n "$host" ] && host_pac=$host
+	[ -z "$host_pac" ] && host_pac=$(ubus call network.interface.lan status 2>&1 | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+	[ -z "$host_pac" ] && host_pac=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep -E '\ 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/\/[0-9][0-9].*$//g' | head -n 1)
 	cat > /tmp/clash_pac <<EOF
+//如看见此处内容，请重新安装本地面板！
 function FindProxyForURL(url, host) {
 	if (
 		isInNet(host, "0.0.0.0", "255.0.0.0")||
@@ -590,7 +742,7 @@ function FindProxyForURL(url, host) {
 	)
 		return "DIRECT";
 	else
-		return "PROXY $host:$mix_port; DIRECT; SOCKS5 $host:$mix_port"
+		return "PROXY $host_pac:$mix_port; DIRECT; SOCKS5 $host_pac:$mix_port"
 }
 EOF
 	compare /tmp/clash_pac $bindir/ui/pac
@@ -600,7 +752,7 @@ bfstart(){
 	#读取配置文件
 	getconfig
 	[ ! -d $bindir/ui ] && mkdir -p $bindir/ui
-	[ -z "$update_url" ] || [ -n "$(echo $update_url | grep 'github')" ] && update_url=https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master
+	update_url=https://ghproxy.com/https://raw.githubusercontent.com/juewuy/ShellClash/master
 	#检查clash核心
 	if [ ! -f $bindir/clash ];then
 		if [ -f $clashdir/clash ];then
@@ -614,8 +766,10 @@ bfstart(){
 			[ -z "$cpucore" ] && logger 找不到设备的CPU信息，请手动指定处理器架构类型！ 31 && setcpucore
 			$0 webget $bindir/clash "$update_url/bin/$clashcore/clash-linux-$cpucore"
 			[ "$?" = "1" ] && rm -rf $bindir/clash && logger "核心下载失败，已退出！" 31 && exit 1
-			[ ! -x $bindir/clash ] && chmod +x $bindir/clash 	#检测可执行权限
-			clashv=$($bindir/clash -v | awk '{print $2}')
+			[ ! -x $bindir/clash ] && chmod +x $bindir/clash 	#检测可执行权限1
+			clashv=$($bindir/clash -v 2>/dev/null | sed 's/ linux.*//;s/.* //')
+			[ -z "$clashv" ] && rm -rf $bindir/clash && logger "核心下载失败，请重新运行或更换安装源！" 31 && exit 1
+			setconfig clashcore $clashcore
 			setconfig clashv $clashv
 		fi
 	fi
@@ -625,8 +779,7 @@ bfstart(){
 			mv $clashdir/Country.mmdb $bindir/Country.mmdb
 		else
 			logger "未找到GeoIP数据库，正在下载！" 33
-			[ -z "$geotype" ] && geotype=cn_mini.mmdb
-			$0 webget $bindir/Country.mmdb $update_url/bin/$geotype
+			$0 webget $bindir/Country.mmdb $update_url/bin/cn_mini.mmdb
 			[ "$?" = "1" ] && rm -rf $bindir/Country.mmdb && logger "数据库下载失败，已退出！" 31 && exit 1
 			Geo_v=$(date +"%Y%m%d")
 			setconfig Geo_v $Geo_v
@@ -653,19 +806,38 @@ bfstart(){
 			exit 1
 		fi
 	fi
+	#预下载Geosite数据库
+	if [ "$clashcore" = "clash.meta" ] && [ ! -f $bindir/geosite.dat ] && [ -n "$(cat $clashdir/config.yaml|grep -Ei 'geosite')" ];then
+		if [ -f $clashdir/geosite.dat ];then
+			mv $clashdir/geosite.dat $bindir/geosite.dat
+		else
+			logger "未找到geosite数据库，正在下载！" 33
+			$0 webget $bindir/geosite.dat $update_url/bin/geosite.dat
+			[ "$?" = "1" ] && rm -rf $bindir/geosite.dat && logger "数据库下载失败，已退出！" 31 && exit 1
+		fi
+	fi
 	#本机代理准备
 	if [ "$local_proxy" = "已开启" -a "$local_type" = "iptables增强模式" ];then
 		if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then
-			userdel shellclash 2>/dev/null
-			useradd shellclash -u 7890
-			groupmod shellclash -g 7890
-			sed -Ei s/7890:7890/0:7890/g /etc/passwd
+			if type userdel useradd groupmod &>/dev/null; then
+				userdel shellclash 2>/dev/null
+				useradd shellclash -u 7890
+				groupmod shellclash -g 7890
+				sed -Ei s/7890:7890/0:7890/g /etc/passwd
+			else
+				grep -qw shellclash /etc/passwd || echo "shellclash:x:0:7890:::" >> /etc/passwd
+			fi
 		fi
 		if [ "$start_old" != "已开启" ];then
 			[ -w /etc/systemd/system/clash.service ] && servdir=/etc/systemd/system/clash.service
 			[ -w /usr/lib/systemd/system/clash.service ] && servdir=/usr/lib/systemd/system/clash.service
-			setconfig ExecStart "/bin/su\ shellclash\ -c\ \"$bindir/clash\ -d\ $bindir\"" $servdir
-			systemctl daemon-reload >/dev/null
+			if [ -w /etc/init.d/clash ]; then
+				[ -z "$(grep 'procd_set_param user shellclash' /etc/init.d/clash)" ] && \
+    			sed -i '/procd_close_instance/i\\t\tprocd_set_param user shellclash' /etc/init.d/clash
+			elif [ -w "$servdir" ]; then
+				setconfig ExecStart "/bin/su\ shellclash\ -c\ \"$bindir/clash\ -d\ $bindir\"" $servdir
+				systemctl daemon-reload >/dev/null
+			fi
 		fi
 	fi
 }
@@ -677,20 +849,38 @@ afstart(){
 	if [ "$?" = 0 ];then
 		#设置iptables转发规则
 		[ "$dns_mod" = "redir_host" ] && [ "$cn_ip_route" = "已开启" ] && cn_ip_route
-		[ "$redir_mod" != "纯净模式" ] && [ "$dns_no" != "已禁用" ] && start_dns
+		if [ "$redir_mod" != "纯净模式" ] && [ "$dns_no" != "已禁用" ];then
+			if [ "$dns_redir" != "已开启" ];then
+				start_dns
+			else
+				#openwrt使用dnsmasq转发
+				uci del dhcp.@dnsmasq[-1].server >/dev/null 2>&1
+				uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null
+				uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#$dns_port > /dev/null 2>&1
+				/etc/init.d/dnsmasq restart >/dev/null 2>&1
+			fi
+		fi
 		[ "$redir_mod" != "纯净模式" ] && [ "$redir_mod" != "Tun模式" ] && start_redir
 		[ "$redir_mod" = "Redir模式" ] && [ "$tproxy_mod" = "已开启" ] && start_udp
 		[ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output
+		[ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ] && start_tun
+		type iptables >/dev/null 2>&1 && start_wan
 		#标记启动时间
 		mark_time
 		#设置本机代理
 		[ "$local_proxy" = "已开启" ] && $0 set_proxy $mix_port $db_port
 		#加载定时任务
-		[ -f $clashdir/cron ] && croncmd $clashdir/cron
+		[ -f $clashdir/cron ] && croncmd $clashdir/cron	
 		#启用面板配置自动保存
-		if [ "$restore" = false ];then
-			cronset '#每10分钟保存节点配置' "*/10 * * * * test -n \"\$(pidof clash)\" && $clashdir/start.sh web_save #每10分钟保存节点配置"
-			[ -f $clashdir/web_save ] && web_restore & #后台还原面板配置
+		cronset '#每10分钟保存节点配置' "*/10 * * * * test -n \"\$(pidof clash)\" && $clashdir/start.sh web_save #每10分钟保存节点配置"
+		[ -f $clashdir/web_save ] && web_restore & #后台还原面板配置
+		#自动开启SSH
+		[ "$mi_autoSSH" = "已启用" ] && autoSSH 2>/dev/null
+		#流媒体预解析
+		if [ "$netflix_pre" = "已开启" -o "$disneyP_pre" = "已开启" ];then
+			cronset '#ShellClash流媒体预解析' "* */$streaming_int * * * test -n \"\$(pidof clash)\" && $clashdir/start.sh streaming #ShellClash流媒体预解析"
+			sleep 1
+			$0 streaming & #后台执行流媒体预解析进程
 		fi
 	else
 		logger "clash服务启动失败！请查看报错信息！" 31
@@ -705,7 +895,8 @@ start_old(){
 	if [ "$local_proxy" = "已开启" -a "$local_type" = "iptables增强模式" ];then
 		su shellclash -c "$bindir/clash -d $bindir >/dev/null" &
 	else
-		$bindir/clash -d $bindir >/dev/null &
+		type nohup >/dev/null 2>&1 && nohup=nohup
+		$nohup $bindir/clash -d $bindir >/dev/null 2>&1 &
 	fi
 	afstart
 	$0 daemon
@@ -744,6 +935,7 @@ stop)
 		#删除守护进程&面板配置自动保存
 		cronset "clash保守模式守护进程"
 		cronset "保存节点配置"
+		cronset "流媒体预解析"
 		#多种方式结束进程
 		if [ -f /etc/rc.common ];then
 			/etc/init.d/clash stop >/dev/null 2>&1
@@ -761,25 +953,32 @@ restart)
 init)
         if [ -d "/etc/storage/clash" ];then
 			clashdir=/etc/storage/clash
-			if [ -w "/opt/etc/profile" ];then
-				profile=/opt/etc/profile
-			else
-				profile=/etc/profile
-				sed -i '' $profile #将软链接转化为一般文件
-			fi
+			i=1
+			while [ ! -w "/etc/profile" -a "$i" -lt 60 ];do
+				sleep 1 && i=$((i+1))
+			done
+			profile=/etc/profile
+			sed -i '' $profile #将软链接转化为一般文件
+		elif [ -d "/jffs/clash" ];then
+			clashdir=/jffs/clash
+			profile=/jffs/configs/profile.add
+		else
+			clashdir=$(cd $(dirname $0);pwd)
+			profile=/etc/profile
 		fi
-		[ -d "/jffs/clash" ] && clashdir=/jffs/clash && profile=/jffs/configs/profile.add
 		echo "alias clash=\"$clashdir/clash.sh\"" >> $profile 
 		echo "export clashdir=\"$clashdir\"" >> $profile 
-		$0 start
+		[ -f $clashdir/.dis_startup ] && cronset "clash保守模式守护进程" || $0 start
         ;;
 getyaml)	
 		getconfig
 		getyaml
 		;;
 updateyaml)	
-		$0 getyaml
-		$0 restart
+		getconfig
+		getyaml
+		modify_yaml
+		put_save http://localhost:${db_port}/configs "{\"path\":\"${clashdir}/config.yaml\"}"
 		;;
 webget)
 		#设置临时http代理 
@@ -792,8 +991,8 @@ webget)
 			[ "$5" = "rediroff" ] && redirect='' || redirect='-L'
 			[ "$6" = "skipceroff" ] && certificate='' || certificate='-k'
 			#[ -n "$7" ] && agent='-A "clash"'
-			result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3")
-			[ "$?" != "0" ] && export all_proxy="" && result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3")
+			result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3" 2>/dev/null)
+			[ "$result" != "200" ] && export all_proxy="" && result=$(curl $agent -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o "$2" "$3")
 		else
 			if wget --version > /dev/null 2>&1;then
 				[ "$4" = "echooff" ] && progress='-q' || progress='-q --show-progress'
@@ -844,6 +1043,12 @@ unset_proxy)
 		sed -i '/all_proxy/'d  $profile
 		sed -i '/ALL_PROXY/'d  $profile
 	;;
+streaming)	
+		streaming
+	;;
+db)	
+		$2
+	;;
 esac
 
 exit 0

tools/ShellDDNS.sh

@@ -0,0 +1,171 @@
+#! /bin/bash
+# Copyright (C) Juewuy
+
+ddns_dir=/etc/config/ddns
+tmp_dir=/tmp/ddns_$USER
+
+[ ! -f "$ddns_dir" -o ! -d "/etc/ddns" ] && echo -e "本脚本依赖OpenWrt内置的DDNS服务,当前设备无法运行,已退出！" && exit 1
+echo -----------------------------------------------
+echo -e "\033[30;46m欢迎使用ShellDDNS！\033[0m"
+echo -e "TG群：\033[36;4mhttps://t.me/clashfm\033[0m"
+
+add_ddns(){
+	cat >> $ddns_dir << EOF
+config service '$service'
+	option enabled '1'
+	option force_unit 'hours'
+	option lookup_host '$domain'
+	option service_name '$service_name'
+	option domain '$domain'
+	option username '$username'
+	option use_https '0'
+	option use_ipv6 '$use_ipv6'
+	option password '$password'
+	option ip_source 'web'
+	option check_unit 'minutes'
+	option check_interval '$check_interval'
+	option force_interval '$force_interval'
+	option interface 'wan'
+EOF
+	/usr/lib/ddns/dynamic_dns_updater.sh -S $service start >/dev/null 2>&1 &
+	sleep 3
+	echo 服务已经添加！
+}
+set_ddns(){
+	echo -----------------------------------------------
+	read -p "请输入你的域名 > " str
+	[ -z "$str" ] && domain=$domain || domain=$str
+	echo -----------------------------------------------
+	read -p "请输入用户名或邮箱 > " str
+	[ -z "$str" ] && username=$username || username=$str
+	echo -----------------------------------------------
+	read -p "请输入密码或令牌秘钥 > " str
+	[ -z "$str" ] && password=$password || password=$str
+	echo -----------------------------------------------
+	read -p "请输入检测更新间隔(单位:分钟;默认为10) > " check_interval
+	[ -z "$check_interval" ] || [ "$check_interval" -lt 1 -o "$check_interval" -gt 1440 ] && check_interval=10
+	echo -----------------------------------------------
+	read -p "请输入强制更新间隔(单位:小时;默认为24) > " force_interval
+	[ -z "$force_interval" ] || [ "$force_interval" -lt 1 -o "$force_interval" -gt 240 ] && force_interval=24
+	echo -----------------------------------------------
+	echo -e "请核对如下信息："
+	echo -e "服务商：		\033[32m$service\033[0m"
+	echo -e "域名：			\033[32m$domain\033[0m"
+	echo -e "用户名：		\033[32m$username\033[0m"
+	echo -e "检测间隔：		\033[32m$check_interval\033[0m"
+	echo -----------------------------------------------
+	read -p "确认添加？(1/0) > " res
+	[ "$res" = 1 ] && add_ddns || set_ddns
+}
+
+set_service(){
+	services_dir=/etc/ddns/$services
+	echo -----------------------------------------------
+	echo -e "\033[32m请选择服务提供商\033[0m"
+	cat $services_dir | grep -v '^#' | awk -F "[\"]" '{print " "NR" " $2}'
+	nr=$(cat $services_dir | grep -v '^#' | wc -l)
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		i=
+	elif [ "$num" -gt 0 -a "$num" -lt $nr ]; then
+		service=$(cat $services_dir | grep -v '^#' | awk -F "[\".]" '{print $2}' | sed -n "$num"p)
+		service_name=$(cat $services_dir | grep -v '^#' | awk -F "[\"]" '{print $2}' | sed -n "$num"p)
+		set_ddns
+	else
+		echo "输入错误，请重新输入！"
+		sleep 1
+		set_service
+	fi
+}
+
+network_type(){
+	echo -----------------------------------------------
+	echo -e "\033[32m请选择网络模式\033[0m"
+	echo -e " 1 \033[36mIPV4\033[0m"
+	echo -e " 2 \033[36mIPV6\033[0m"
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		i=
+	elif [ "$num" = 1 ];then
+		use_ipv6=0
+		services=services
+		set_service
+	elif [ "$num" = 2 ];then
+		use_ipv6=1
+		services=services_ipv6
+		set_service
+	else
+		echo "输入错误，请重新输入！"
+		sleep 1
+		network_type
+	fi
+}
+
+rev_service(){
+	enabled=$(uci show ddns.$service | grep 'enabled' | awk -F "\'" '{print $2}')
+	[ "$enabled" = 1 ] && enabled_b="停用" || enabled_b="启用"
+	echo -----------------------------------------------
+	echo -e " 1 \033[32m立即更新\033[0m"
+	echo -e " 2 编辑当前服务\033[0m"
+	echo -e " 3 $enabled_b当前服务"	
+	echo -e " 4 移除当前服务"
+	echo -e " 0 返回上级菜单"
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" -o "$num" = 0 ]; then
+		i=
+	elif [ "$num" = 1 ]; then
+		/usr/lib/ddns/dynamic_dns_updater.sh -S $service start >/dev/null 2>&1 &
+		sleep 3
+	elif [ "$num" = 2 ]; then
+		domain=$(uci show ddns.$service | grep 'domain' | awk -F "\'" '{print $2}')
+		username=$(uci show ddns.$service | grep 'username' | awk -F "\'" '{print $2}')
+		password=$(uci show ddns.$service | grep 'password' | awk -F "\'" '{print $2}')
+		service_name=$(uci show ddns.$service | grep 'service_name' | awk -F "\'" '{print $2}')
+		uci delete ddns.$service
+		set_ddns
+	elif [ "$num" = 3 ]; then
+		[ "$enabled" = 1 ] && uci set ddns.$service.enabled='0' || uci set ddns.$service.enabled='1' && sleep 3
+		uci commit ddns.$service
+	elif [ "$num" = 4 ]; then
+		uci delete ddns.$service
+		uci commit ddns.$service
+	fi
+}
+
+load_ddns(){
+	nr=0
+	cat $ddns_dir | grep 'config service' | awk '{print $3}' | sed "s/\'//g" > $tmp_dir
+	echo -----------------------------------------------
+	echo -e "列表      域名       启用     IP地址"
+	echo -----------------------------------------------
+	for service in $(cat $tmp_dir) ;do
+		echo $service >> $tmp_dir
+		nr=$((nr+1))
+		enabled=$(uci show ddns.$service | grep 'enabled' | awk -F "\'" '{print $2}')
+		domain=$(uci show ddns.$service | grep 'domain' | awk -F "\'" '{print $2}')
+		local_ip=$(cat /var/log/ddns/$service.log | grep 'Local IP' | tail -1 | awk -F "\'" '{print $2}')
+		echo -e " $nr   $domain  $enabled   $local_ip"
+	done
+	echo -e " $((nr+1))   添加DDNS服务"
+	echo -e " 0   退出"
+	echo -----------------------------------------------
+	read -p "请输入对应序号 > " num
+	if [ -z "$num" -o "$num" = 0 ]; then
+		i=
+	elif [ "$num" -gt $nr ]; then
+		network_type
+		load_ddns
+	elif [ "$num" -gt 0 -a "$num" -le $nr ]; then
+		service=$(cat $tmp_dir | sed -n "$num"p)
+		rev_service
+		load_ddns
+	else
+		echo "请输入正确数字！" && load_ddns
+	fi
+}
+
+
+load_ddns
+rm -rf $tmp_dir
+