~优化保守模式守护进程

# Conflicts:
#	ShellCrash.tar.gz

Dockerfile

@@ -57,8 +57,7 @@ RUN apk add --no-cache \
     ca-certificates \
     tzdata \
     nftables \
-    iproute2 \
-    dcron
+    iproute2
 
 RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
     echo "${TZ}" > /etc/timezone

bin/version

@@ -1,4 +1,4 @@
 meta_v=v1.19.17
 singboxr_v=1.13.0-alpha.27
-versionsh=1.9.4rc4
+versionsh=1.9.4rc7.1
 GeoIP_v=20251205

docker/README.md

@@ -57,6 +57,7 @@ docker run -d \
   --cap-add NET_ADMIN \
   --cap-add NET_RAW \
   --cap-add SYS_ADMIN \
+  --sysctl net.ipv4.ip_forward=1 \
   --device /dev/net/tun:/dev/net/tun \
   --restart unless-stopped \
   juewuy/shellcrash:latest
@@ -87,14 +88,10 @@ mkdir -p /root/ShellCrash
 ```shell
 docker run -d \
   ………………
-  -v /root/ShellCrash:/etc/ShellCrash \
+  -v shellcrash_configs:/etc/ShellCrash/configs \
   ………………
 ```
 
-------
-
-
-
 ------
 
 ## Compose Deployment（Compose部署）
@@ -102,8 +99,8 @@ docker run -d \
 ### 1. 创建宿主机目录并进入目录
 
 ```shell
-mkdir -p /root/ShellCrash
-cd /root/ShellCrash
+mkdir -p /tmp/ShellCrash
+cd /tmp/ShellCrash
 ```
 
 ### 2. 下载Compose模版
@@ -126,8 +123,29 @@ docker compose up -d
 
 ------
 
-### Notes
+## Delete（移除容器镜像或删除卷）
 
+### Docker删除容器
+
+```shell
+docker rm -f shellcrash
+```
+
+### Docker删除卷
+
+```shell
+docker volume rm shellcrash_configs
+```
+
+### Compose删除容器&卷
+
+```shell
+docker-compose down -v
+```
+
+## Notes
+
+- 内置公网防火墙功能无法管理宿主机网络，请自行做好宿主机7890/9999端口的网络防护！
 - 旁路由模式需要宿主机支持 `TUN`
 - macvlan 网络下宿主机默认无法直接访问容器 IP
 - 透明代理场景可能需要额外的网络规划

docker/compose.yml

@@ -14,11 +14,15 @@ services:
     devices:
       - "/dev/net/tun:/dev/net/tun"
     sysctls:
-      net.ipv4.ip_forward: 1
+      - net.ipv4.ip_forward: 1
+      # - net.ipv6.conf.all.forwarding=1
     volumes:
-      - /etc/ShellCrash:/root/ShellCrash
+      - shellcrash_configs:/etc/ShellCrash/configs:rw
     restart: unless-stopped
     
+volumes:
+  shellcrash_configs:
+  
 networks:
   macvlan_lan:
     name: macvlan_lan

scripts/libs/check_autostart.sh

@@ -3,6 +3,7 @@ check_autostart(){
 		[ ! -f "$CRASHDIR"/.dis_startup ] && return 0
 	elif [ -f /etc/rc.common -a "$(cat /proc/1/comm)" = "procd" ]; then
 		[ -n "$(find /etc/rc.d -name '*shellcrash')" ] && return 0
+		[ ! -f "$CRASHDIR"/.dis_startup ] && return 0
 	elif ckcmd systemctl; then
 		[ "$(systemctl is-enabled shellcrash.service 2>&1)" = enabled ] && return 0
 	elif grep -q 's6' /proc/1/comm; then

scripts/libs/core_tools.sh

@@ -72,8 +72,11 @@ core_webget(){
 		[ -z "$zip_type" ] && zip_type='tar.gz'
 		get_bin "$TMPDIR/Coretmp.$zip_type" "bin/$crashcore/${target}-linux-${cpucore}.$zip_type"
 	else
-		zip_type=$(echo "$custcorelink" | grep -oE 'tar.gz$')
-		[ -z "$zip_type" ] && zip_type=$(echo "$custcorelink" | grep -oE 'gz$')
+		case "$custcorelink" in
+			*.tar.gz) zip_type="tar.gz" ;;
+			*.gz)     zip_type="gz" ;;
+			*.upx)    zip_type="upx" ;;
+		esac
 		[ -n "$zip_type" ] && webget "$TMPDIR/Coretmp.$zip_type" "$custcorelink"
 	fi
 	#校验内核

scripts/libs/get_config.sh

@@ -16,7 +16,7 @@ routing_mark=$((fwmark + 2))
 
 [ -z "$dns_nameserver" ] && {
 	dns_nameserver='223.5.5.5, 1.2.4.8'
-	cat /proc/net/udp | grep -q '0035' && dns_nameserver='127.0.0.1'
+	netstat -ntlup 2>/dev/null | grep -q '127.0.0.1:53' && dns_nameserver='127.0.0.1'
 }
 [ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
 [ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"

scripts/libs/set_cron.sh

@@ -10,17 +10,19 @@ touch "$tmpcron"
 cronadd() { #定时任务工具
 	if crontab -h 2>&1 | grep -q '\-l'; then
         crontab "$1"
-	else
+	elif [ -f "$crondir/$USER" ];then
 		cat "$1" >"$crondir"/"$USER" && cru a REFRESH "0 0 1 1 * /bin/true" 2>/dev/null
+	else
+		echo "找不到可用的crond或者crontab应用！No available crond or crontab application can be found!"
 	fi
 }
 cronload() { #定时任务工具
-	if [ -f "$crondir/$USER" ];then
-		cat "$crondir"/"$USER" 2>/dev/null
-	elif crontab -h 2>&1 | grep -q '\-l'; then
+	if crontab -h 2>&1 | grep -q '\-l'; then
         crontab -l
+	elif [ -f "$crondir/$USER" ];then
+		cat "$crondir"/"$USER" 2>/dev/null
 	else
-		echo "找不到可用的crond或者crontab应用！No available crond or crontab application can be found!"
+		return 1
 	fi
 }
 cronset() { #定时任务设置
@@ -34,5 +36,4 @@ cronset() { #定时任务设置
 	else
 		rm -f "$tmpcron"
 	fi
-	sleep 1
 }

scripts/libs/set_profile.sh

@@ -5,4 +5,5 @@ set_profile() {
     echo "alias ${my_alias}=\"$shtype $CRASHDIR/menu.sh\"" >>"$1" #设置快捷命令环境变量
     sed -i '/export CRASHDIR=*/'d "$1"
     echo "export CRASHDIR=\"$CRASHDIR\"" >>"$1" #设置路径环境变量
+	. "$1" >/dev/null 2>&1 || true
 }

scripts/menu.sh

@@ -97,6 +97,7 @@ ckstatus() { #脚本启动前检查
         userguide=1
         setconfig userguide 1
         . "$CRASHDIR"/menus/8_tools.sh && userguide
+		. "$CRASHDIR"/configs/ShellCrash.cfg
     fi
     #检查执行权限
     [ ! -x "$CRASHDIR"/start.sh ] && chmod +x "$CRASHDIR"/start.sh

scripts/menus/2_settings.sh

@@ -295,7 +295,7 @@ set_fw_filter(){ #流量过滤
     echo -e " 1 过滤非常用端口： 	\033[36m$common_ports\033[0m	————用于过滤P2P流量"
     echo -e " 2 过滤局域网设备：	\033[36m$mac_return\033[0m	————使用黑/白名单进行过滤"
     echo -e " 3 过滤QUIC协议:	\033[36m$quic_rj\033[0m	————优化视频性能"
-    echo -e " 4 过滤CN_IP(6)列表:	\033[36m$cn_ip_route\033[0m	————优化性能，不兼容Fake-ip"
+    echo -e " 4 过滤CN_IP列表:	\033[36m$cn_ip_route\033[0m	————优化性能，不兼容Fake-ip"
 	echo -e " 5 自定义透明路由ipv4网段:	适合vlan等复杂网络环境"
 	echo -e " 6 自定义保留地址ipv4网段:	需要以保留地址为访问目标的环境"
     echo "-----------------------------------------------"

scripts/menus/7_gateway.sh

@@ -183,7 +183,8 @@ set_bot_tg_service(){
 		. "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_stop
 	else
 		bot_tg_service=ON
-		[ -n "$(pidof CrashCore)" ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_start
+		[ -n "$(pidof CrashCore)" ] && . "$CRASHDIR"/menus/bot_tg_service.sh &&
+			bot_tg_start && bot_tg_cron
 	fi
 	setconfig bot_tg_service "$bot_tg_service"
 }
@@ -195,6 +196,7 @@ set_bot_tg(){
 	echo "-----------------------------------------------"
 	echo -e " 1 启用/关闭TG-BOT服务	\033[32m$bot_tg_service\033[0m"
 	echo -e " 2 TG-BOT绑定设置	\033[32m$TG_CHATID_info\033[0m"
+	echo -e " 3 启动时推送菜单	\033[32m$TG_menupush\033[0m"
 	echo -e " 0 返回上级菜单 \033[0m"
 	echo "-----------------------------------------------"
 	read -p "请输入对应数字 > " num
@@ -223,6 +225,15 @@ set_bot_tg(){
 		set_bot_tg_init
 		set_bot_tg
 	;;
+	3)
+		if [ "$TG_menupush" = ON ];then
+			TG_menupush=OFF
+		else
+			TG_menupush=ON
+		fi
+		setconfig TG_menupush "$TG_menupush" "$GT_CFG_PATH"
+		set_bot_tg
+	;;
 	*)
 		errornum
 	;;

scripts/menus/9_upgrade.sh

@@ -354,7 +354,7 @@ setcustcore(){ #自定义内核
 		checkcustcore
 	;;
 	9)
-		read -p "请输入自定义内核的链接地址(必须是以.tar.gz或.gz结尾的压缩文件) > " link
+		read -p "请输入自定义内核的链接地址(必须是以.tar.gz、.upx或.gz结尾的压缩文件) > " link
 		[ -n "$link" ] && custcorelink="$link"
 		setcoretype
 		getcore
@@ -398,7 +398,7 @@ setcore() {
         [ -z "$crashcore" ] && crashcore="unknow"
         [ -z "$zip_type" ] && zip_type="tar.gz"
         echo "$crashcore" | grep -q 'singbox' && core_old=singbox || core_old=clash
-        [ -n "$custcorelink" ] && custcore="$(echo $custcorelink | sed 's#.*github.com##; s#/releases/download/#@#; s#-linux.*$##')"
+        [ -n "$custcorelink" ] && custcore="$(echo $custcorelink | sed 's#.*github.com##; s#/releases/download/#@#')"
         ###
         echo "-----------------------------------------------"
         [ -z "$cpucore" ] && check_cpucore

scripts/menus/bot_tg.sh

@@ -320,7 +320,7 @@ polling(){
 	done
 }
 
-#send_menu
+[ "$TG_menupush" = ON ] && send_menu
 
 polling
 

scripts/menus/bot_tg_service.sh

@@ -4,10 +4,9 @@
 bot_tg_start(){
 	. "$CRASHDIR"/starts/start_legacy.sh
 	start_legacy "$CRASHDIR/menus/bot_tg.sh" 'bot_tg'
-	bot_tg_cron
 }
 bot_tg_stop(){
-	cronset 'TG_BOT守护进程'
+	cronload | grep -q 'TG_BOT' && cronset 'TG_BOT'
 	[ -f "$TMPDIR/bot_tg.pid" ] && kill -TERM "$(cat "$TMPDIR/bot_tg.pid")" 2>/dev/null
 	killall bot_tg.sh 2>/dev/null
 	rm -f "$TMPDIR/bot_tg.pid"

scripts/menus/ddns.sh

@@ -59,16 +59,21 @@ set_ddns() {
 }
 set_ddns_service() {
 	services_dir=/etc/ddns/"$serv"
+	[ -s "$services_dir" ] || services_dir=/etc/ddns/services
 	[ -s "$services_dir" ] || services_dir=/usr/share/ddns/list
+	[ -s "$services_dir" ] || {
+		echo -e "\033[33m未找到DDNS列表文件，尝试在线获取……\033[0m"
+		ddns service update >/dev/null || echo -e "\033[31m下载失败，请重试！\033[0m"
+	}
 	echo -----------------------------------------------
 	echo -e "\033[32m请选择服务提供商\033[0m"
-	cat "$services_dir" | grep -v '^#' | awk '{print " "NR" " $1}'
-	nr=$(cat "$services_dir" | grep -v '^#' | wc -l)
+	cat "$services_dir" | grep -vE '^#|^[[:space:]]*$' | awk '{print " "NR" " $1}'
+	nr=$(cat "$services_dir" | grep -vE '^#|^[[:space:]]*$' | wc -l)
 	read -p "请输入对应数字 > " num
 	if [ -z "$num" ]; then
 		i=
 	elif [ "$num" -gt 0 -a "$num" -lt $nr ]; then
-		service_name=$(cat "$services_dir" | grep -v '^#' | awk '{print $1}' | sed -n "$num"p | sed 's/"//g')
+		service_name=$(cat "$services_dir" | grep -vE '^#|^[[:space:]]*$' | awk '{print $1}' | sed -n "$num"p | sed 's/"//g')
 		service=$(echo $service_name | sed 's/\./_/g')
 		set_ddns
 	else

scripts/start.sh

@@ -37,7 +37,7 @@ case "$1" in
 start)
     [ -n "$(pidof CrashCore)" ] && $0 stop #禁止多实例
     stop_firewall                          #清理路由策略
-	rm -f "CRASHDIR"/.start_error #移除自启失败标记
+	rm -f "$CRASHDIR"/\.start_error #移除自启失败标记
     #使用不同方式启动服务
 	if [ "$firewall_area" = "5" ]; then #主旁转发
         . "$CRASHDIR"/starts/fw_start.sh
@@ -67,10 +67,10 @@ start)
 stop)
     logger ShellCrash服务即将关闭……
     [ -n "$(pidof CrashCore)" ] && web_save #保存面板配置
-    #删除守护进程&面板配置自动保存
-    cronset '保守模式守护进程'
-    cronset '运行时每'
-    cronset '流媒体预解析'
+    #清理定时任务
+	cronload | grep -vE '^$|start_legacy_wd.sh|运行时每' > "$TMPDIR"/cron_tmp
+	cronadd "$TMPDIR"/cron_tmp
+	rm -f "$TMPDIR"/cron_tmp
     #停止tg_bot
     . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_stop
     #多种方式结束进程

scripts/starts/afstart.sh

@@ -21,8 +21,6 @@ if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then
 	[ "$start_old" = "ON" ] && [ ! -L "$TMPDIR"/CrashCore ] && rm -f "$TMPDIR"/CrashCore	#删除缓存目录内核文件
 	. "$CRASHDIR"/starts/fw_start.sh										#配置防火墙流量劫持
 	date +%s >"$TMPDIR"/crash_start_time                                    #标记启动时间
-	#TG机器人守护进程
-	[ "$bot_tg_service" = ON ] && . "$CRASHDIR"/menus/bot_tg_service.sh && bot_tg_cron
 	#后台还原面板配置
 	[ -s "$CRASHDIR"/configs/web_save ] && {
 		. "$CRASHDIR"/libs/web_restore.sh
@@ -35,12 +33,14 @@ if [ -n "$test" -o -n "$(pidof CrashCore)" ]; then
 	} &
 	ckcmd mtd_storage.sh && mtd_storage.sh save >/dev/null 2>&1 #Padavan保存/etc/storage
 	#加载定时任务
-	[ -s "$CRASHDIR"/task/cron ] && cronadd "$CRASHDIR"/task/cron
-	[ -s "$CRASHDIR"/task/running ] && {
-		cronset '运行时每'
-		cronadd "$CRASHDIR"/task/running
-	}
-	[ "$start_old" = "ON" ] && cronset '保守模式守护进程' "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程"
+	cronload | grep -v '^$' > "$TMPDIR"/cron_tmp
+	[ -s "$CRASHDIR"/task/cron ] && cat "$CRASHDIR"/task/cron >> "$TMPDIR"/cron_tmp
+	[ -s "$CRASHDIR"/task/running ] && cat "$CRASHDIR"/task/running >> "$TMPDIR"/cron_tmp
+	[ "$bot_tg_service" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh bot_tg #ShellCrash-TG_BOT守护进程" >> "$TMPDIR"/cron_tmp
+	[ "$start_old" = ON ] && echo "* * * * * /bin/sh $CRASHDIR/starts/start_legacy_wd.sh shellcrash #ShellCrash保守模式守护进程" >> "$TMPDIR"/cron_tmp
+	awk '!x[$0]++' "$TMPDIR"/cron_tmp > "$TMPDIR"/cron_tmp2 #删除重复行
+	cronadd "$TMPDIR"/cron_tmp2
+	rm -f "$TMPDIR"/cron_tmp "$TMPDIR"/cron_tmp2
 	#加载条件任务
 	[ -s "$CRASHDIR"/task/afstart ] && { . "$CRASHDIR"/task/afstart; } &
 	[ -s "$CRASHDIR"/task/affirewall -a -s /etc/init.d/firewall -a ! -f /etc/init.d/firewall.bak ] && {

scripts/starts/bfstart.sh

@@ -8,7 +8,7 @@
 [ ! -f "$TMPDIR" ] && mkdir -p "$TMPDIR"
 
 #当上次启动失败时终止自启动
-[ -f "CRASHDIR"/.start_error ] && exit 1
+[ -f "$CRASHDIR"/.start_error ] && exit 1
 #加载工具
 . "$CRASHDIR"/libs/check_cmd.sh
 . "$CRASHDIR"/libs/check_target.sh

scripts/starts/clash_check.sh

@@ -11,10 +11,10 @@ clash_check() { #clash启动前检查
     [ "$crashcore" = "clash" ] && [ "$firewall_area" = 2 -o "$firewall_area" = 3 ] && [ -z "$(grep '0:7890' /etc/passwd)" ] &&
         core_exchange meta '当前内核不支持非root用户启用本机代理'
     check_core
-    #预下载GeoIP数据库并排除存在自定义数据库链接的情况
-    [ -n "$(grep -oEi 'geoip:' "$CRASHDIR"/yamls/config.yaml)" ] && check_geo Country.mmdb cn_mini.mmdb
-    #预下载GeoSite数据库并排除存在自定义数据库链接的情况
-    [ -n "$(grep -oEi 'geosite:' "$CRASHDIR"/yamls/config.yaml)" ] && check_geo GeoSite.dat geosite.dat
+    #预下载GeoIP数据库
+    grep -qEi 'GEOIP,CN' "$CRASHDIR"/yamls/config.yaml && ! grep -Eq '^[[:space:]]*geodata-mode:' "$CRASHDIR"/yamls/*.yaml && check_geo Country.mmdb cn_mini.mmdb
+    #预下载GeoSite数据库
+    grep -qEi 'GEOSITE,' "$CRASHDIR"/yamls/config.yaml && ! grep -Eq '^[[:space:]]*geosite:' "$CRASHDIR"/yamls/*.yaml && check_geo GeoSite.dat geosite.dat
     #预下载cn.mrs数据库
     [ "$dns_mod" = "mix" ] || [ "$dns_mod" = "route" ] && ! grep -Eq '^[[:space:]]*cn:' "$CRASHDIR"/yamls/*.yaml && check_geo ruleset/cn.mrs mrs_geosite_cn.mrs
     return 0

scripts/starts/core_config.sh

@@ -41,6 +41,8 @@ get_core_config() { #下载内核配置文件
 		fi
         Https="${Server}/sub?target=${target}&${Server_ua}=${user_agent}&insert=true&new_name=true&scv=true&udp=true&${urlencodeUrl}"
         url_type=true
+	else
+		Https=$(echo $Https | sed 's/\\&/\&/g')   #还原转义
     fi
     #输出
     echo "-----------------------------------------------"

scripts/starts/start_legacy_wd.sh

@@ -1,18 +1,30 @@
 
-[ -z "$CRASHDIR" ] && CRASHDIR=$( cd $(dirname $0);cd ..;pwd)
+[ -z "$CRASHDIR" ] && CRASHDIR=$(cd "$(dirname "$0")"/.. && pwd)
 PIDFILE="/tmp/ShellCrash/$1.pid"
+LOCKDIR="/tmp/ShellCrash/start_$1.lock"
+
+[ -f "$CRASHDIR"/.start_error ] && [ ! -f /tmp/ShellCrash/crash_start_time ] && exit 1 #当启动失败后禁止开机自启动
+mkdir "$LOCKDIR" 2>/dev/null || exit 1
 
 if [ -f "$PIDFILE" ]; then
 	PID="$(cat "$PIDFILE")"
-	if [ -n "$PID" ] && [ -d "/proc/$PID" ]; then
-		return 0
+	if [ -n "$PID" ] && [ "$PID" -eq "$PID" ] 2>/dev/null; then
+		if kill -0 "$PID" 2>/dev/null || [ -d "/proc/$PID" ]; then
+			rm -d "$LOCKDIR" 2>/dev/null
+			return 0
+		fi
+	else
+		rm -f "$PIDFILE"
 	fi
 fi
+
 #如果没有进程则拉起
-if [ "$1" = shellcrash ];then
+if [ "$1" = "shellcrash" ]; then
 	"$CRASHDIR"/start.sh start
 else
-	. "$CRASHDIR"/starts/start_legacy.sh
+	[ -f "$CRASHDIR/starts/start_legacy.sh" ] && . "$CRASHDIR/starts/start_legacy.sh"
+	killall bot_tg.sh 2>/dev/null
 	start_legacy "$CRASHDIR/menus/bot_tg.sh" "$1"
 fi
-		
+
+rm -d "$LOCKDIR" 2>/dev/null

version

@@ -1 +1 @@
-1.9.4rc4
+1.9.4rc7.1