更新 install.sh

1

.github/workflows/bin_update.yml

@@ -40,15 +40,22 @@ jobs:
         # Yacd-meta
         ########################################
         unzip -o "$TEMP/meta_yacd.zip" -d "$TEMP/yacd" > /dev/null
-        find "$TEMP/yacd" -name "*.map" -delete
-        rm -f "$TEMP/yacd/report.html"
-        tar -zcvf "$DASH/meta_yacd.tar.gz" -C "$TEMP/yacd" . > /dev/null
+        # 删除字体文件
+        find "$TEMP/yacd" \( -name "*.ttf" -o -name "*.woff" -o -name "*.woff2" \) -delete
+        # 确认子目录名称
+        subdir=$(find "$TEMP/yacd" -maxdepth 1 -type d ! -path "$TEMP/yacd" | head -n1)
+        # 打包
+        tar -zcvf "$DASH/meta_yacd.tar.gz" -C "$subdir" . > /dev/null
         ########################################
         # metacubexd
         ########################################
         unzip -o "$TEMP/meta_xd.zip" -d "$TEMP/xd" > /dev/null
-        find "$TEMP/xd" -name "*.ttf" -delete
-        tar -zcvf "$DASH/meta_xd.tar.gz" -C "$TEMP/xd" . > /dev/null
+        # 删除字体文件
+        find "$TEMP/xd" \( -name "*.ttf" -o -name "*.woff" -o -name "*.woff2" \) -delete
+        # 确认子目录名称
+        subdir=$(find "$TEMP/xd" -maxdepth 1 -type d ! -path "$TEMP/xd" | head -n1)
+        # 打包
+        tar -zcvf "$DASH/meta_xd.tar.gz" -C "$subdir" . > /dev/null
         ########################################
         # zashboard
         ########################################
@@ -61,6 +68,8 @@ jobs:
             echo "未找到 dist 目录"
             exit 1
         fi
+        # 删除字体文件
+        find "$ZDIR" \( -name "*.ttf" -o -name "*.woff" -o -name "*.woff2" \) -delete
         echo 'board.zash.run.place' > "$ZDIR/CNAME"
         tar -zcvf "$DASH/zashboard.tar.gz" -C "$ZDIR" . > /dev/null
         ########################################
@@ -75,7 +84,7 @@ jobs:
         curl -kfSL -o geodata/cn_mini.mmdb https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/Country.mmdb
         curl -kfSL -o geodata/china_ip_list.txt https://raw.githubusercontent.com/ChanthMiao/China-IPv4-List/release/cn.txt
         curl -kfSL -o geodata/china_ipv6_list.txt https://raw.githubusercontent.com/ChanthMiao/China-IPv6-List/release/cn6.txt
-        curl -kfSL -o geodata/geosite.dat https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-geodata/geosite-all.dat
+        curl -kfSL -o geodata/geosite.dat https://github.com/MetaCubeX/meta-rules-dat/releases/download/latest/geosite.dat
         curl -kfSL -o geodata/srs_geoip_cn.srs https://github.com/DustinWin/ruleset_geodata/releases/download/sing-box-ruleset/cnip.srs
         curl -kfSL -o geodata/srs_geosite_cn.srs https://github.com/DustinWin/ruleset_geodata/releases/download/sing-box-ruleset/cn.srs
         curl -kfSL -o geodata/mrs_geosite_cn.mrs https://github.com/DustinWin/ruleset_geodata/releases/download/mihomo-ruleset/cn.mrs

bin/version

@@ -1,4 +1,4 @@
 meta_v=v1.19.17
 singboxr_v=1.13.0-alpha.27
-versionsh=1.9.3beta3
+versionsh=1.9.3beta6
 GeoIP_v=20251205

install.sh

@@ -1,14 +1,9 @@
 #! /bin/bash
 # Copyright (C) Juewuy
 
-[ -z "$url" ] && url="https://fastly.jsdelivr.net/gh/juewuy/ShellCrash@master"
+[ -z "$url" ] && url="https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@dev"
 type bash &>/dev/null && shtype=bash || shtype=sh
-echo='echo -e'
-[ -n "$(echo -e | grep e)" ] && {
-	echo "\033[31m不支持dash环境安装！请先输入bash命令后再运行安装命令！\033[0m"
-	exit
-}
-
+[ -n "$(echo -e | grep e)" ] && echo=echo || echo='echo -e'
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
 echo "**                ShellCrash                 **"
@@ -26,12 +21,14 @@ webget() {
 	#参数【$1】代表下载目录，【$2】代表在线地址
 	#参数【$3】代表输出显示，【$4】不启用重定向
 	if curl --version >/dev/null 2>&1; then
+		echo "1111111111111"
 		[ "$3" = "echooff" ] && progress='-s' || progress='-#'
 		[ -z "$4" ] && redirect='-L' || redirect=''
 		result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2)
 		[ -n "$(echo $result | grep -e ^2)" ] && result="200"
 	else
 		if wget --version >/dev/null 2>&1; then
+		    echo "222222222222"
 			[ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress'
 			[ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect=''
 			certificate='--no-check-certificate'
@@ -48,6 +45,23 @@ error_down() {
 	$echo "\033[33m使用其他安装源重新安装！\033[0m"
 }
 #安装及初始化
+set_alias(){
+	$echo "\033[32m请选择一个别名\033[0m"
+	echo -----------------------------------------------
+	$echo " 1 【\033[32m crash \033[0m】"
+	$echo " 2   【\033[32m sc \033[0m】"
+	$echo " 3   【\033[32m mm \033[0m】"
+	$echo " 0 退出安装"
+	echo -----------------------------------------------
+	read -p "请输入相应数字或自定义别名 > " res
+	case "$res" in
+	1) my_alias=crash ;;
+	2) my_alias=sc ;;
+	3) my_alias=mm ;;
+	*) my_alias=$res ;;
+	esac
+	setconfig my_alias $my_alias
+}
 gettar() {
 	webget /tmp/ShellCrash.tar.gz "$url/ShellCrash.tar.gz"
 	if [ "$result" != "200" ]; then
@@ -62,7 +76,9 @@ gettar() {
 		mkdir -p $CRASHDIR >/dev/null
 		tar -zxf '/tmp/ShellCrash.tar.gz' -C $CRASHDIR/ || tar -zxf '/tmp/ShellCrash.tar.gz' --no-same-owner -C $CRASHDIR/
 		if [ -s $CRASHDIR/init.sh ]; then
-			. $CRASHDIR/init.sh >/dev/null || $echo "\033[33m初始化失败，请尝试本地安装！\033[0m"
+			set_alias
+			. $CRASHDIR/init.sh >/dev/null
+			[ "$?" != 0 ] && $echo "\033[33m初始化失败，请尝试本地安装！\033[0m" && exit 1
 		else
 			rm -rf /tmp/ShellCrash.tar.gz
 			$echo "\033[33m文件解压失败！\033[0m"
@@ -209,10 +225,10 @@ install() {
 	gettar
 	echo -----------------------------------------------
 	echo ShellCrash 已经安装成功!
-	[ "$profile" = "~/.bashrc" ] && echo "请执行【. ~/.bashrc &> /dev/null】命令以加载环境变量！"
-	[ -n "$(ls -l /bin/sh | grep -oE 'zsh')" ] && echo "请执行【. ~/.zshrc &> /dev/null】命令以加载环境变量！"
+	[ "$profile" = "~/.bashrc" ] && echo "请执行【. ~/.bashrc > /dev/null】命令以加载环境变量！"
+	[ -n "$(ls -l /bin/sh | grep -oE 'zsh')" ] && echo "请执行【. ~/.zshrc > /dev/null】命令以加载环境变量！"
 	echo -----------------------------------------------
-	$echo "\033[33m输入\033[30;47m crash \033[0;33m命令即可管理！！！\033[0m"
+	$echo "\033[33m输入\033[30;47m $my_alias \033[0;33m命令即可管理！！！\033[0m"
 	echo -----------------------------------------------
 }
 setversion() {

public/servers.list

@@ -5,7 +5,6 @@
 103 ShellClash自建源(请勿滥用!) https://gh.jwsc.eu.org
 104 Cloudflare_CDN源(推荐) https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash
 
-201 wwng2333自建CN源(请勿滥用!)  https://mirrors.csgo.ovh/ShellClash 公测版
 202 http私人内测源(危险!非必要请勿使用)  http://t.jwsc.eu.org 开发版
 
 401 作者提供,支持vless|hy2 https://sub.jwsc.eu.org ua

scripts/init.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 # Copyright (C) Juewuy
 
-version=1.9.3beta3
+version=1.9.3beta6
 
 setdir() {
 	dir_avail() {
@@ -145,10 +145,14 @@ setdir() {
 		[ "$res" = "1" ] && CRASHDIR=$dir/ShellCrash || setdir
 	fi
 }
-setconfig() {
+setconfig() { #脚本配置工具
 	#参数1代表变量名，参数2代表变量值,参数3即文件路径
-	[ -z "$3" ] && configpath=${CRASHDIR}/configs/ShellCrash.cfg || configpath="${3}"
-	[ -n "$(grep "${1}=" "$configpath")" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >>$configpath
+	[ -z "$3" ] && configpath="$CRASHDIR"/configs/ShellCrash.cfg || configpath="${3}"
+	if grep -q "^${1}=" "$configpath";then
+		sed -i "s#${1}=.*#${1}=${2}#g" "$configpath"
+	else
+		printf '%s=%s\n' "$1" "$2" >> "$configpath"
+	fi
 }
 #特殊固件识别及标记
 [ -f "/etc/storage/started_script.sh" ] && {
@@ -244,20 +248,19 @@ grep -q 'firewall_mod' "$CRASHDIR/configs/ShellClash.cfg" 2>/dev/null || {
 [ -w /jffs/configs/profile.add ] && profile=/jffs/configs/profile.add
 [ -w ~/.bashrc ] && profile=~/.bashrc
 [ -w /etc/profile ] && profile=/etc/profile
+set_profile(){
+	[ -z "$my_alias" ] && my_alias=crash
+	sed -i "/alias crash=*/"d "$1"
+	sed -i "/alias ${my_alias}=*/"d "$1"
+	echo "alias ${my_alias}=\"$shtype $CRASHDIR/menu.sh\"" >>"$1" #设置快捷命令环境变量
+	sed -i '/export CRASHDIR=*/'d "$1"
+	echo "export CRASHDIR=\"$CRASHDIR\"" >>"$1" #设置路径环境变量
+	. "$1" >/dev/null 2>&1
+}
 if [ -n "$profile" ]; then
-	sed -i '/alias crash=*/'d $profile
-	echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >>$profile #设置快捷命令环境变量
-	sed -i '/export CRASHDIR=*/'d $profile
-	echo "export CRASHDIR=\"$CRASHDIR\"" >>$profile #设置路径环境变量
-	. $profile >/dev/null 2>&1 || echo 运行错误！请使用bash而不是dash运行安装命令！！！
+	set_profile "$profile"
 	#适配zsh环境变量
-	zsh --version >/dev/null 2>&1 && [ -z "$(cat ~/.zshrc 2>/dev/null | grep CRASHDIR)" ] && {
-		sed -i '/alias crash=*/'d ~/.zshrc 2>/dev/null
-		echo "alias crash=\"$shtype $CRASHDIR/menu.sh\"" >>~/.zshrc
-		sed -i '/export CRASHDIR=*/'d ~/.zshrc 2>/dev/null
-		echo "export CRASHDIR=\"$CRASHDIR\"" >>~/.zshrc
-		. ~/.zshrc >/dev/null 2>&1
-	}
+	zsh --version >/dev/null 2>&1 && [ -z "$(cat ~/.zshrc 2>/dev/null | grep CRASHDIR)" ] && set_profile '~/.zshrc' 2>/dev/null
 else
 	echo -e "\033[33m无法写入环境变量！请检查安装权限！\033[0m"
 	exit 1

scripts/menu.sh

@@ -17,8 +17,12 @@ JSONSDIR=${CRASHDIR}/jsons
 #读取配置相关
 setconfig() {
 	#参数1代表变量名，参数2代表变量值,参数3即文件路径
-	[ -z "$3" ] && configpath=${CFG_PATH} || configpath="${3}"
-	grep -q "${1}=" "$configpath" && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || sed -i "\$a\\${1}=${2}" $configpath
+	[ -z "$3" ] && configpath="$CRASHDIR"/configs/ShellCrash.cfg || configpath="${3}"
+	if grep -q "^${1}=" "$configpath";then
+		sed -i "s#${1}=.*#${1}=${2}#g" "$configpath"
+	else
+		printf '%s=%s\n' "$1" "$2" >> "$configpath"
+	fi
 }
 ckcmd() {
 	command -v sh >/dev/null 2>&1 && command -v $1 >/dev/null 2>&1 || type $1 >/dev/null 2>&1
@@ -572,7 +576,7 @@ setport() { #端口设置
 	echo -----------------------------------------------
 	echo -e " 1 修改Http/Sock5端口：	\033[36m$mix_port\033[0m"
 	echo -e " 2 设置Http/Sock5密码：	\033[36m$auth\033[0m"
-	echo -e " 3 修改静态路由端口：	\033[36m$redir_port\033[0m"
+	echo -e " 3 修改Redir/Tproxy端口：\033[36m$redir_port,$((redir_port + 1))\033[0m"
 	echo -e " 4 修改DNS监听端口：	\033[36m$dns_port\033[0m"
 	echo -e " 5 修改面板访问端口：	\033[36m$db_port\033[0m"
 	echo -e " 6 设置面板访问密码：	\033[36m$secret\033[0m"
@@ -607,7 +611,7 @@ setport() { #端口设置
 			else
 				authentication=$(echo $input | grep :)
 				if [ -n "$authentication" ]; then
-					setconfig authentication \'$authentication\'
+					setconfig authentication "'$authentication'"
 					echo -e "\033[32m设置成功！！！\033[0m"
 				else
 					echo -e "\033[31m输入有误，请重新输入！\033[0m"
@@ -645,7 +649,7 @@ setport() { #端口设置
 		echo -----------------------------------------------
 		read -p "请输入需要指定代理的端口 > " multiport
 		if [ -n "$multiport" ]; then
-			[ "$multiport" = "0" ] && multiport=""
+			[ "$multiport" = "0" ] && multiport="22,80,143,194,443,465,587,853,993,995,5222,8080,8443"
 			common_ports=已开启
 			setconfig multiport $multiport
 			setconfig common_ports $common_ports
@@ -692,71 +696,83 @@ setport() { #端口设置
 }
 setdns() { #DNS详细设置
 	[ -z "$dns_nameserver" ] && dns_nameserver='180.184.1.1, 1.2.4.8'
-	[ -z "$dns_fallback" ] && dns_fallback="$dns_nameserver"
+	[ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
+	[ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"
 	[ -z "$hosts_opt" ] && hosts_opt=已启用
 	[ -z "$dns_redir" ] && dns_redir=未开启
 	[ -z "$dns_no" ] && dns_no=未禁用
 	echo -----------------------------------------------
 	echo -e "当前基础DNS：\033[32m$dns_nameserver\033[0m"
 	echo -e "PROXY-DNS：\033[36m$dns_fallback\033[0m"
+	echo -e "解析DNS：\033[33m$dns_resolver\033[0m"
 	echo -e "多个DNS地址请用\033[30;47m“|”\033[0m或者\033[30;47m“, ”\033[0m分隔输入"
 	echo -e "\033[33m必须拥有本地根证书文件才能使用dot/doh类型的加密dns\033[0m"
-	echo -e "\033[33m注意singbox内核只有首个dns会被加载！\033[0m"
+	echo -e "\033[31m注意singbox内核只有首个dns会被加载！\033[0m"
 	echo -----------------------------------------------
 	echo -e " 1 修改\033[32m基础DNS\033[0m"
-	echo -e " 2 修改\033[36mPROXY-DNS\033[0m"
-	echo -e " 3 \033[33m重置\033[0m默认DNS配置"
+	echo -e " 2 修改\033[36mPROXY-DNS\033[0m(该DNS查询会经过节点)"
+	echo -e " 3 修改\033[33m解析DNS\033[0m(必须是IP,用于解析其他DNS)"
 	echo -e " 4 一键配置\033[32m加密DNS\033[0m"
 	echo -e " 5 hosts优化：  	\033[36m$hosts_opt\033[0m	————调用本机hosts并劫持NTP服务"
 	echo -e " 6 Dnsmasq转发：	\033[36m$dns_redir\033[0m	————不推荐使用"
 	echo -e " 7 禁用DNS劫持：	\033[36m$dns_no\033[0m	————搭配第三方DNS使用"
+	echo -e " 9 \033[33m重置\033[0m默认DNS配置"
 	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
-	if [ -z "$num" ]; then
-		errornum
-	elif [ "$num" = 1 ]; then
+	case "$num" in
+	0)
+	;;
+	1)
 		read -p "请输入新的DNS > " dns_nameserver
 		dns_nameserver=$(echo $dns_nameserver | sed 's#|#\,\ #g')
 		if [ -n "$dns_nameserver" ]; then
-			setconfig dns_nameserver \'"$dns_nameserver"\'
+			setconfig dns_nameserver "'$dns_nameserver'"
 			echo -e "\033[32m设置成功！！！\033[0m"
 		fi
+		sleep 1
 		setdns
-
-	elif [ "$num" = 2 ]; then
+	;;
+	2)
 		read -p "请输入新的DNS > " dns_fallback
 		dns_fallback=$(echo $dns_fallback | sed 's/|/\,\ /g')
 		if [ -n "$dns_fallback" ]; then
-			setconfig dns_fallback \'"$dns_fallback"\'
+			setconfig dns_fallback "'$dns_fallback'"
 			echo -e "\033[32m设置成功！！！\033[0m"
 		fi
+		sleep 1
 		setdns
-
-	elif [ "$num" = 3 ]; then
-		dns_nameserver=""
-		dns_fallback=""
-		setconfig dns_nameserver
-		setconfig dns_fallback
-		echo -e "\033[33mDNS配置已重置！！！\033[0m"
+	;;
+	3)
+		read -p "请输入新的DNS > " text
+		if echo "$text" | grep -qE '://.*::'; then
+			echo -e "\033[31m此选项暂不支持ipv6加密DNS！！！\033[0m"
+		elif [ -n "$text" ]; then
+			dns_resolver=$(echo $text | sed 's/|/\,\ /g')
+			setconfig dns_resolver "'$dns_resolver'"
+			echo -e "\033[32m设置成功！！！\033[0m"
+		fi
+		sleep 1
 		setdns
-
-	elif [ "$num" = 4 ]; then
+	;;
+	4)
 		echo -----------------------------------------------
 		openssldir="$(openssl version -d 2>&1 | awk -F '"' '{print $2}')"
 		if [ -s "$openssldir/certs/ca-certificates.crt" -o -s "/etc/ssl/certs/ca-certificates.crt" ]; then
 			dns_nameserver='https://doh.360.cn/dns-query, https://dns.alidns.com/dns-query, https://doh.pub/dns-query'
 			dns_fallback='https://cloudflare-dns.com/dns-query, https://dns.google/dns-query, https://doh.opendns.com/dns-query'
-			setconfig dns_nameserver \'"$dns_nameserver"\'
-			setconfig dns_fallback \'"$dns_fallback"\'
+			dns_resolver='https://223.5.5.5/dns-query, 2400:3200::1'
+			setconfig dns_nameserver "'$dns_nameserver'"
+			setconfig dns_fallback "'$dns_fallback'"
+			setconfig dns_resolver "'$dns_resolver'"
 			echo -e "\033[32m已设置加密DNS，如出现DNS解析问题，请尝试重置DNS配置！\033[0m"
 		else
 			echo -e "\033[31m找不到根证书文件，无法启用加密DNS，Linux系统请自行搜索安装OpenSSL的方式！\033[0m"
 		fi
-		sleep 2
+		sleep 1
 		setdns
-
-	elif [ "$num" = 5 ]; then
+	;;
+	5)
 		echo -----------------------------------------------
 		if [ "$hosts_opt" = "已启用" ]; then
 			hosts_opt=未启用
@@ -765,18 +781,17 @@ setdns() { #DNS详细设置
 			hosts_opt=已启用
 			echo -e "\033[33m已启用hosts优化功能！！！\033[0m"
 		fi
-		sleep 1
 		setconfig hosts_opt $hosts_opt
+		sleep 1
 		setdns
-
-	elif [ "$num" = 6 ]; then
+	;;
+	6)
 		echo -----------------------------------------------
 		if [ "$dns_redir" = "未开启" ]; then
 			echo -e "\033[31m将使用OpenWrt中Dnsmasq插件自带的DNS转发功能转发DNS请求至内核！\033[0m"
 			echo -e "\033[33m启用后将禁用本插件自带的iptables转发功能\033[0m"
 			dns_redir=已开启
 			echo -e "\033[32m已启用Dnsmasq转发DNS功能！！！\033[0m"
-			sleep 1
 		else
 			uci del dhcp.@dnsmasq[-1].server
 			uci set dhcp.@dnsmasq[0].noresolv=0
@@ -785,11 +800,11 @@ setdns() { #DNS详细设置
 			echo -e "\033[33m禁用成功！！如有报错请重启设备！\033[0m"
 			dns_redir=未开启
 		fi
-		sleep 1
 		setconfig dns_redir $dns_redir
+		sleep 1
 		setdns
-
-	elif [ "$num" = 7 ]; then
+	;;
+	7)
 		echo -----------------------------------------------
 		if [ "$dns_no" = "未禁用" ]; then
 			echo -e "\033[31m仅限搭配其他DNS服务(比如dnsmasq、smartDNS)时使用！\033[0m"
@@ -799,10 +814,26 @@ setdns() { #DNS详细设置
 			dns_no=未禁用
 			echo -e "\033[33m已启用DNS劫持！！！\033[0m"
 		fi
-		sleep 1
 		setconfig dns_no $dns_no
+		sleep 1
 		setdns
-	fi
+	;;
+	9)
+		dns_nameserver=
+		dns_fallback=
+		dns_resolver=
+		setconfig dns_nameserver
+		setconfig dns_fallback
+		setconfig dns_resolver
+		echo -e "\033[33mDNS配置已重置！！！\033[0m"
+		sleep 1
+		setdns
+	;;
+	*)
+		errornum
+		sleep 1
+	;;
+	esac
 }
 setipv6() { #ipv6设置
 	[ -z "$ipv6_redir" ] && ipv6_redir=未开启
@@ -947,7 +978,7 @@ setfirewall() { #防火墙设置
 		)" ]; then
 			reserve_ipv4="$text"
 			echo -e "已将保留地址网段设为：\033[32m$reserve_ipv4\033[0m"
-			setconfig reserve_ipv4 "\'$reserve_ipv4\'"
+			setconfig reserve_ipv4 "'$reserve_ipv4'"
 		else
 			echo -e "\033[31m输入有误，操作已取消！\033[0m"
 		fi
@@ -960,7 +991,7 @@ setfirewall() { #防火墙设置
 	esac
 }
 checkport() { #自动检查端口冲突
-	for portx in $dns_port $mix_port $redir_port $db_port; do
+	for portx in $dns_port $mix_port $redir_port $((redir_port + 1)) $db_port; do
 		if [ -n "$(netstat -ntul 2>&1 | grep ':$portx ')" ]; then
 			echo -----------------------------------------------
 			echo -e "检测到端口【$portx】被以下进程占用！内核可能无法正常启动！\033[33m"
@@ -1420,7 +1451,7 @@ set_firewall_area() { #防火墙模式设置
 		*) ;;
 		esac
 		setconfig vm_redir $vm_redir
-		setconfig vm_ipv4 "\'$vm_ipv4\'"
+		setconfig vm_ipv4 "'$vm_ipv4'"
 		sleep 1
 		set_firewall_area
 		;;
@@ -1575,15 +1606,17 @@ set_dns_mod() { #DNS模式设置
 	echo -e "当前DNS运行模式为：\033[47;30m $dns_mod \033[0m"
 	echo -e "\033[33m切换模式后需要手动重启服务以生效！\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 fake-ip模式：   \033[32m响应速度更快\033[0m"
+	echo -e " 1 fake-ip模式：   响应快，\033[33m兼容性较差\033[0m"
 	echo -e "                   不支持CN-IP绕过功能"
-	echo -e " 2 redir_host模式：\033[32m兼容性更好\033[0m"
-	echo -e "                   需搭配加密DNS使用"
+	echo -e " 2 redir_host模式：\033[33m不安全，易被污染\033[0m"
+	echo -e "                   建议搭配第三方DNS服务使用"
 	if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
-		echo -e " 3 mix混合模式：   \033[32m内部realip外部fakeip\033[0m"
-		echo -e "                   依赖geosite.dat/geosite-cn.srs数据库"
+		echo -e " 3 mix混合模式：   \033[32m防污染防泄露，响应快，推荐！\033[0m"
+		echo -e "                   cn域名realip其他fakeip分流"
+		echo -e " 4 route模式：     \033[32m防污染防泄露，全真实IP\033[0m"
+		echo -e "                   cn域名realip其他dns2proxy分流"
 	fi
-	echo -e " 4 \033[36mDNS进阶设置\033[0m"
+	echo -e " 9 \033[36mDNS进阶设置\033[0m"
 	echo " 0 返回上级菜单"
 	read -p "请输入对应数字 > " num
 	case $num in
@@ -1612,6 +1645,17 @@ set_dns_mod() { #DNS模式设置
 		fi
 		;;
 	4)
+		if echo "$crashcore" | grep -q 'singbox' || [ "$crashcore" = meta ]; then
+			dns_mod=route
+			setconfig dns_mod $dns_mod
+			echo -----------------------------------------------
+			echo -e "\033[36m已设为 $dns_mod 模式！！\033[0m"
+		else
+			echo -e "\033[31m当前内核不支持的功能！！！\033[0m"
+			sleep 1
+		fi
+		;;
+	9)
 		setdns
 		set_dns_mod
 		;;
@@ -1701,6 +1745,7 @@ normal_set() { #基础设置
 
 	elif [ "$num" = 2 ]; then
 		set_dns_mod
+		sleep 1
 		normal_set
 
 	elif [ "$num" = 3 ]; then

scripts/misnap_init.sh

@@ -23,8 +23,6 @@ autoSSH(){
 	#备份还原SSH秘钥
 	[ -f $CRASHDIR/configs/dropbear_rsa_host_key ] && ln -sf $CRASHDIR/configs/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key
 	[ -f $CRASHDIR/configs/authorized_keys ] && ln -sf $CRASHDIR/configs/authorized_keys /etc/dropbear/authorized_keys
-	#自动清理升级备份文件夹
-	rm -rf /data/etc_bak
 }
 tunfix(){
 	ko_dir=$(modinfo ip_tables | grep  -Eo '/lib/modules.*/ip_tables.ko' | sed 's|/ip_tables.ko||' )
@@ -41,6 +39,15 @@ tproxyfix(){
 	sysctl -w net.bridge.bridge-nf-call-iptables=0
 	sysctl -w net.bridge.bridge-nf-call-ip6tables=0
 }
+auto_clean(){
+	#自动清理升级备份文件夹
+	rm -rf /data/etc_bak
+	#自动清理被写入闪存的系统日志并禁止服务
+	/etc/init.d/stat_points stop 2>/dev/null
+	/etc/init.d/stat_points disable 2>/dev/null
+	sed -i '\#/logrotate#{ /^[[:space:]]*#/!s/^/#ShellCrash自动注释 / }' /etc/crontabs/root
+	rm -rf /data/usr/log
+}
 init(){
 	#等待启动完成
 	while ! ip a| grep -q lan; do
@@ -54,8 +61,8 @@ init(){
 	echo "alias crash=\"sh $CRASHDIR/menu.sh\"" >>$profile
 	echo "alias clash=\"sh $CRASHDIR/menu.sh\"" >>$profile
 	echo "export CRASHDIR=\"$CRASHDIR\"" >>$profile
-	#软固化功能
-	autoSSH
+	autoSSH #软固化功能
+	auto_clean #自动清理
 	#设置init.d服务
 	cp -f $CRASHDIR/shellcrash.procd /etc/init.d/shellcrash
 	chmod 755 /etc/init.d/shellcrash
@@ -76,6 +83,7 @@ init(){
 case "$1" in
 	tunfix) tunfix ;;
 	tproxyfix) tproxyfix ;;
+	auto_clean) auto_clean ;;
 	init) init ;;
 	*)
 		if [ -z $(pidof CrashCore) ];then

scripts/shellcrash.service

@@ -5,6 +5,8 @@ After=network.target
 [Service]
 Type=simple
 User=shellcrash
+User=shellcrash
+StandardOutput=null
 ExecStartPre=/etc/ShellCrash/start.sh bfstart
 ExecStart=/etc/ShellCrash/CrashCore run -D /etc/ShellCrash -C /tmp/ShellCrash/jsons >/dev/null
 ExecStartPost=/etc/ShellCrash/start.sh afstart

scripts/start.sh

@@ -51,14 +51,9 @@ getconfig() { #读取配置及全局变量
 	ckcmd iptables && iptables -h | grep -q '\-w' && iptable='iptables -w' || iptable=iptables
 	ckcmd ip6tables && ip6tables -h | grep -q '\-w' && ip6table='ip6tables -w' || ip6table=ip6tables
 	#默认dns
-	[ -z "$dns_nameserver" ] && {
-		if [ -n "$(pidof dnsmasq)" ];then
-			dns_nameserver='127.0.0.1'
-		else
-			dns_nameserver='180.184.1.1, 1.2.4.8'
-		fi
-	}
-	[ -z "$dns_fallback" ] && dns_fallback="$dns_nameserver"
+	[ -z "$dns_nameserver" ] && dns_nameserver='180.184.1.1, 1.2.4.8'
+	[ -z "$dns_fallback" ] && dns_fallback="1.1.1.1, 8.8.8.8"
+	[ -z "$dns_resolver" ] && dns_resolver="223.5.5.5, 2400:3200::1"
 	#自动生成ua
 	[ -z "$user_agent" -o "$user_agent" = "auto" ] && {
 		if echo "$crashcore" | grep -q 'singbox';then
@@ -74,7 +69,11 @@ getconfig() { #读取配置及全局变量
 setconfig() { #脚本配置工具
 	#参数1代表变量名，参数2代表变量值,参数3即文件路径
 	[ -z "$3" ] && configpath="$CRASHDIR"/configs/ShellCrash.cfg || configpath="${3}"
-	grep -q "${1}=" "$configpath" && sed -i "s#${1}=.*#${1}=${2}#g" "$configpath" || sed -i "\$a\\${1}=${2}" $configpath
+	if grep -q "^${1}=" "$configpath";then
+		sed -i "s#${1}=.*#${1}=${2}#g" "$configpath"
+	else
+		printf '%s=%s\n' "$1" "$2" >> "$configpath"
+	fi
 }
 ckcmd() { #检查命令是否存在
 	command -v sh >/dev/null 2>&1 && command -v "$1" >/dev/null 2>&1 || type "$1" >/dev/null 2>&1
@@ -207,10 +206,10 @@ put_save() { #推送面板选择
 	fi
 }
 get_bin() { #专用于项目内部文件的下载
-	. "$CRASHDIR"/configs/ShellCrash.cfg >/dev/null
 	[ -z "$update_url" ] && update_url=https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@master
 	if [ -n "$url_id" ]; then
 		echo "$2" | grep -q '^bin/' && release_type=update #/bin文件改为在update分支下载
+		echo "$2" | grep -q '^public/' && release_type=dev #/public文件改为在dev分支下载
 		[ -z "$release_type" ] && release_type=master
 		if [ "$url_id" = 101 -o "$url_id" = 104 ]; then
 			url="$(grep "$url_id" "$CRASHDIR"/configs/servers.list | awk '{print $3}')@$release_type/$2" #jsdelivr特殊处理
@@ -303,6 +302,12 @@ check_singbox_config() { #检查singbox配置文件
 		sed -i 's/^.*"inbounds":/{"inbounds":/' "$core_config_new"
 		sed -i 's/{[^{}]*"dns-out"[^{}]*}//g' "$core_config_new"
 	}
+	#检查不支持的旧版内容
+	grep -q '"sni"' "$core_config_new" && {
+		logger "获取到了不支持的旧版(<1.12)配置文件【$core_config_new】！" 31
+		echo "请尝试使用支持1.12以上版本内核的方式生成配置文件！"
+		exit 1
+	}
 	#检测并去除无效策略组
 	[ -n "$url_type" ] && {
 		#获得无效策略组名称
@@ -411,38 +416,39 @@ modify_yaml() { #修饰clash配置文件
 	}
 	#dns配置
 	[ -z "$(cat "$CRASHDIR"/yamls/user.yaml 2>/dev/null | grep '^dns:')" ] && {
-		default_nameserver='223.5.5.5' 
-		[ "$crashcore" = 'meta' ] && default_nameserver='https://223.5.5.5/dns-query' 
+		[ "$crashcore" != meta ] && dns_resolver='223.5.5.5'
 		cat >"$TMPDIR"/dns.yaml <<EOF
 dns:
   enable: true
   listen: :$dns_port
   use-hosts: true
   ipv6: $dns_v6
-  default-nameserver: [ $default_nameserver ]
+  default-nameserver: [ $dns_resolver ]
   enhanced-mode: fake-ip
   fake-ip-range: 28.0.0.1/8
   fake-ip-range6: fc00::/16
   fake-ip-filter:
 EOF
-		if [ "$dns_mod" != "redir_host" ]; then
+		if [ "$dns_mod" = "mix" ] || [ "$dns_mod" = "fake-ip" ];then
 			cat "$CRASHDIR"/configs/fake_ip_filter "$CRASHDIR"/configs/fake_ip_filter.list 2>/dev/null | grep -v '#' | sed "s/^/    - '/" | sed "s/$/'/" >>"$TMPDIR"/dns.yaml
-			[ "$dns_mod" = "mix" ] && {
-				#插入过滤规则
-				cat >>"$TMPDIR"/dns.yaml <<EOF
-    - "rule-set:cn"
-EOF
-			}
 		else
 			echo "    - '+.*'" >>"$TMPDIR"/dns.yaml #使用fake-ip模拟redir_host
 		fi
-		cat >>"$TMPDIR"/dns.yaml <<EOF
-  nameserver: [$dns_nameserver]
+		#mix模式fakeip绕过cn
+		[ "$dns_mod" = "mix" ] && echo '    - "rule-set:cn"' >>"$TMPDIR"/dns.yaml
+		#mix模式和route模式插入分流设置
+		if [ "$dns_mod" = "mix" ] || [ "$dns_mod" = "route" ];then
+			cat >>"$TMPDIR"/dns.yaml <<EOF
+  respect-rules: true
+  nameserver-policy: {'rule-set:cn': [ $dns_nameserver ]}
+  proxy-server-nameserver : [ $dns_resolver ]
+  nameserver: [ $dns_fallback ]
 EOF
-		# [ -s "$CRASHDIR"/configs/fallback_filter.list ] && {
-			# echo "    domain:" >>"$TMPDIR"/dns.yaml
-			# cat "$CRASHDIR"/configs/fallback_filter.list | grep -v '#' | sed "s/^/      - '/" | sed "s/$/'/" >>"$TMPDIR"/dns.yaml
-		# }
+		else
+			cat >>"$TMPDIR"/dns.yaml <<EOF
+  nameserver: [ $dns_nameserver ]
+EOF
+		fi
 	}
 	#域名嗅探配置
 	[ "$sniffer" = "已启用" ] && [ "$crashcore" = "meta" ] && sniffer_set="sniffer: {enable: true, parse-pure-ip: true, skip-domain: [Mijia Cloud], sniff: {http: {ports: [80, 8080-8880], override-destination: true}, tls: {ports: [443, 8443]}, quic: {ports: [443, 8443]}}}"
@@ -570,7 +576,7 @@ EOF
 	[ "$dns_mod" = "mix" ] && ! grep -q 'cn:' "$TMPDIR"/rule-providers.yaml && ! grep -q '^rule-providers' "$CRASHDIR"/yamls/others.yaml 2>/dev/null && {
 		space=$(sed -n "1p" "$TMPDIR"/rule-providers.yaml | grep -oE '^ *')                               #获取空格数
 		[ -z "$space" ] && space='  '
-		echo "${space}cn: {type: http, behavior: domain, format: mrs, path: ./ruleset/cn.mrs, url: https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@dev/bin/geodata/mrs_geosite_cn.mrs}" >> "$TMPDIR"/rule-providers.yaml 
+		echo "${space}cn: {type: http, behavior: domain, format: mrs, path: ./ruleset/cn.mrs, url: https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@update/bin/geodata/mrs_geosite_cn.mrs}" >> "$TMPDIR"/rule-providers.yaml 
 }
 	#对齐rules中的空格
 	sed -i 's/^ *-/ -/g' "$TMPDIR"/rules.yaml
@@ -674,17 +680,21 @@ EOF
 	dns_proxy=$(echo $dns_proxy_1st | sed 's|.*://||' | sed 's|/.*||')
 	dns_proxy_type=$(echo "$dns_proxy_1st" | awk -F '://' '{print $1}')
 	[ "$dns_proxy_type" = "$dns_proxy" ] && dns_proxy_type="udp"
+	dns_resolver_1st=$(echo $dns_resolver | awk -F ',' '{print $1}')
+	dns_resolverip=$(echo $dns_resolver_1st | sed 's|.*://||' | sed 's|/.*||')
+	dns_resolver_type=$(echo "$dns_resolver_1st" | awk -F '://' '{print $1}')
+	[ "$dns_resolver_type" = "$dns_resolverip" ] && dns_resolver_type="udp"
 	[ "$ipv6_dns" = "已开启" ] && strategy='prefer_ipv4' || strategy='ipv4_only'
 	#获取detour出口
 	auto_detour=$(grep -E '"type": "urltest"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | head -n 1 | sed 's/^[[:space:]]*"tag": //;s/,$//' )
 	[ -z "$auto_detour" ] && auto_detour=$(grep -E '"type": "selector"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | head -n 1 | sed 's/^[[:space:]]*"tag": //;s/,$//' )
-	[ -z "$auto_detour" ] && auto_detour=DIRECT
+	[ -z "$auto_detour" ] && auto_detour='"DIRECT"'
 	#根据dns模式生成
 	[ "$dns_mod" = "redir_host" ] && {
 		global_dns=dns_proxy
-		direct_dns="{ \"inbound\": [ \"dns-in\" ], \"server\": \"dns_direct\" },"
+		direct_dns="{ \"inbound\": [ \"dns-in\" ], \"server\": \"dns_direct\" }"
 	}
-	[ "$dns_mod" = "fake-ip" ] && {
+	[ "$dns_mod" = "fake-ip" ] || [ "$dns_mod" = "mix" ] && {
 		global_dns=dns_fakeip
 		fake_ip_filter_domain=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -Ev '#|\*|\+|Mijia' | sed '/^\s*$/d' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
 		fake_ip_filter_suffix=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -v '.\*' | grep -E '\*|\+' | sed 's/^[*+]\.//' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
@@ -692,33 +702,30 @@ EOF
 		[ -n "$fake_ip_filter_domain" ] && fake_ip_filter_domain="{ \"domain\": [$fake_ip_filter_domain], \"server\": \"dns_direct\" },"
 		[ -n "$fake_ip_filter_suffix" ] && fake_ip_filter_suffix="{ \"domain_suffix\": [$fake_ip_filter_suffix], \"server\": \"dns_direct\" },"
 		[ -n "$fake_ip_filter_regex" ] && fake_ip_filter_regex="{ \"domain_regex\": [$fake_ip_filter_regex], \"server\": \"dns_direct\" },"
+		proxy_dns='{ "query_type": ["A", "AAAA"], "server": "dns_fakeip", "strategy": "'"$strategy"'", "rewrite_ttl": 1 }'
+		#mix模式插入fakeip过滤规则
+		[ "$dns_mod" = "mix" ] && direct_dns="{ \"rule_set\": [\"cn\"], \"server\": \"dns_direct\" },"
+	}
+	[ "$dns_mod" = "route" ] && {
+		global_dns=dns_proxy
+		direct_dns="{ \"rule_set\": [\"cn\"], \"server\": \"dns_direct\" }"
 	}
-	[ "$dns_mod" = "mix" ] && {
-		global_dns=dns_fakeip
-		fake_ip_filter_domain=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -Ev '#|\*|\+|Mijia' | sed '/^\s*$/d' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
-		fake_ip_filter_suffix=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -v '.\*' | grep -E '\*|\+' | sed 's/^[*+]\.//' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
-		fake_ip_filter_regex=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep '.\*' | sed 's/^*/.\*/' | sed 's/^+/.\+/' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
-		[ -n "$fake_ip_filter_domain" ] && fake_ip_filter_domain="{ \"domain\": [$fake_ip_filter_domain], \"server\": \"dns_direct\" },"
-		[ -n "$fake_ip_filter_suffix" ] && fake_ip_filter_suffix="{ \"domain_suffix\": [$fake_ip_filter_suffix], \"server\": \"dns_direct\" },"
-		[ -n "$fake_ip_filter_regex" ] && fake_ip_filter_regex="{ \"domain_regex\": [$fake_ip_filter_regex], \"server\": \"dns_direct\" },"
-		direct_dns="{ \"rule_set\": [\"cn\"], \"server\": \"dns_direct\" },"
 		#生成add_rule_set.json
-		[ -z "$(cat "$CRASHDIR"/jsons/*.json | grep -Ei '"tag" *: *"cn"')" ] && cat >"$TMPDIR"/jsons/add_rule_set.json <<EOF
+		[ "$dns_mod" = "mix" ] || [ "$dns_mod" = "route" ] && \
+		[ -z "$(cat "$CRASHDIR"/jsons/*.json | grep -Ei '"tag" *: *"cn"')" ] && \
+		cat >"$TMPDIR"/jsons/add_rule_set.json <<EOF
 {
   "route": {
     "rule_set": [
       {
         "tag": "cn",
-        "type": "remote",
-        "format": "binary",
-        "path": "./ruleset/cn.srs",
-        "url": "https://testingcf.jsdelivr.net/gh/juewuy/ShellCrash@dev/bin/geodata/srs_geosite_cn.srs"
+        "type": "local",
+        "path": "./ruleset/cn.srs"
       }
     ]
   }
 }
 EOF
-	}
 	cat >"$TMPDIR"/jsons/dns.json <<EOF
 {
   "dns": {
@@ -746,8 +753,8 @@ EOF
       },
       {
         "tag": "dns_resolver",
-        "type": "https",
-        "server": "223.5.5.5",
+        "type": "$dns_resolver_type",
+        "server": "$dns_resolverip",
 		"routing_mark": $routing_mark
       }
     ],
@@ -760,7 +767,6 @@ EOF
 	  { "clash_mode": "Global", "query_type": ["A", "AAAA"], "server": "$global_dns", "strategy": "$strategy", "rewrite_ttl": 1 },
       $direct_dns
 	  $proxy_dns
-      { "query_type": ["A", "AAAA"], "server": "dns_fakeip", "strategy": "$strategy", "rewrite_ttl": 1 }
     ],
     "final": "dns_proxy",
 	"strategy": "$strategy",
@@ -869,7 +875,7 @@ EOF
 	grep -qE '"tag": "REJECT"' "$TMPDIR"/jsons/outbounds.json || add_reject='{ "tag": "REJECT", "type": "block" }'
 	grep -qE '"tag": "GLOBAL"' "$TMPDIR"/jsons/outbounds.json || {
 		auto_proxies=$(grep -E '"type": "(selector|urltest)"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | sed 's/^[[:space:]]*"tag": //;$ s/,$//')
-		add_global='{ "tag": "GLOBAL", "type": "selector", "outbounds": ['"$auto_proxies"']}'
+		[ -n "$auto_proxies" ] && add_global='{ "tag": "GLOBAL", "type": "selector", "outbounds": ['"$auto_proxies"', "DIRECT"]}'
 	}
 	[ -n "$add_direct" -a -n "$add_reject" ] && add_direct="${add_direct},"
 	[ -n "$add_reject" -a -n "$add_global" ] && add_reject="${add_reject},"
@@ -1033,7 +1039,7 @@ start_ipt_route() { #iptables-route通用工具
 	[ "$3" = 'PREROUTING' ] && [ "$macfilter_type" != "白名单" ] && {
 		[ -s "$CRASHDIR"/configs/mac ] &&
 			for mac in $(cat "$CRASHDIR"/configs/mac); do
-				$1 $w -t $2 -A $4 -m mac --mac-. $mac -j RETURN
+				$1 $w -t $2 -A $4 -m mac --mac-source $mac -j RETURN
 			done
 		[ -s "$CRASHDIR"/configs/ip_filter ] && [ "$1" = 'iptables' ] &&
 			for ip in $(cat "$CRASHDIR"/configs/ip_filter); do
@@ -1045,7 +1051,7 @@ start_ipt_route() { #iptables-route通用工具
 		if [ "$3" = 'PREROUTING' ] && [ "$4" != 'shellcrash_vm' ] && [ "$macfilter_type" = "白名单" ] && [ -n "$(cat $CRASHDIR/configs/mac $CRASHDIR/configs/ip_filter 2>/dev/null)" ]; then
 			[ -s "$CRASHDIR"/configs/mac ] &&
 				for mac in $(cat "$CRASHDIR"/configs/mac); do
-					$1 $w -t $2 -A $4 -p $5 -m mac --mac-. $mac -j $JUMP
+					$1 $w -t $2 -A $4 -p $5 -m mac --mac-source $mac -j $JUMP
 				done
 			[ -s "$CRASHDIR"/configs/ip_filter ] && [ "$1" = 'iptables' ] &&
 				for ip in $(cat "$CRASHDIR"/configs/ip_filter); do
@@ -1058,8 +1064,8 @@ start_ipt_route() { #iptables-route通用工具
 		fi
 		#将所在链指定流量指向shellcrash表
 		$1 $w -t $2 -I $3 -p $5 $ports -j $4
-		[ "$dns_mod" != "redir_host" ] && [ "$common_ports" = "已开启" ] && [ "$1" = iptables ] && $1 $w -t $2 -I $3 -p $5 -d 28.0.0.1/8 -j $4
-		[ "$dns_mod" != "redir_host" ] && [ "$common_ports" = "已开启" ] && [ "$1" = ip6tables ] && $1 $w -t $2 -I $3 -p $5 -d fc00::/16 -j $4
+		[ "$dns_mod" = "mix" -o "$dns_mod" = "fake-ip" ] && [ "$common_ports" = "已开启" ] && [ "$1" = iptables ] && $1 $w -t $2 -I $3 -p $5 -d 28.0.0.1/8 -j $4
+		[ "$dns_mod" = "mix" -o "$dns_mod" = "fake-ip" ] && [ "$common_ports" = "已开启" ] && [ "$1" = ip6tables ] && $1 $w -t $2 -I $3 -p $5 -d fc00::/16 -j $4
 	}
 	[ "$5" = "tcp" -o "$5" = "all" ] && proxy_set $1 $2 $3 $4 tcp
 	[ "$5" = "udp" -o "$5" = "all" ] && proxy_set $1 $2 $3 $4 udp
@@ -1091,7 +1097,7 @@ start_ipt_dns() { #iptables-dns通用工具
 	[ "$2" = 'PREROUTING' ] && [ "$macfilter_type" != "白名单" ] && {
 		[ -s "$CRASHDIR"/configs/mac ] &&
 			for mac in $(cat "$CRASHDIR"/configs/mac); do
-				$1 $w -t nat -A $3 -m mac --mac-. $mac -j RETURN
+				$1 $w -t nat -A $3 -m mac --mac-source $mac -j RETURN
 			done
 		[ -s "$CRASHDIR"/configs/ip_filter ] && [ "$1" = 'iptables' ] &&
 			for ip in $(cat "$CRASHDIR"/configs/ip_filter); do
@@ -1101,8 +1107,8 @@ start_ipt_dns() { #iptables-dns通用工具
 	if [ "$2" = 'PREROUTING' ] && [ "$3" != 'shellcrash_vm_dns' ] && [ "$macfilter_type" = "白名单" ] && [ -n "$(cat $CRASHDIR/configs/mac $CRASHDIR/configs/ip_filter 2>/dev/null)" ]; then
 		[ -s "$CRASHDIR"/configs/mac ] &&
 			for mac in $(cat "$CRASHDIR"/configs/mac); do
-				$1 $w -t nat -A $3 -p tcp -m mac --mac-. $mac -j REDIRECT --to-ports $dns_port
-				$1 $w -t nat -A $3 -p udp -m mac --mac-. $mac -j REDIRECT --to-ports $dns_port
+				$1 $w -t nat -A $3 -p tcp -m mac --mac-source $mac -j REDIRECT --to-ports $dns_port
+				$1 $w -t nat -A $3 -p udp -m mac --mac-source $mac -j REDIRECT --to-ports $dns_port
 			done
 		[ -s "$CRASHDIR"/configs/ip_filter ] && [ "$1" = 'iptables' ] &&
 			for ip in $(cat "$CRASHDIR"/configs/ip_filter); do
@@ -2174,7 +2180,7 @@ webget)
 	[ "$result" = "200" ] && exit 0 || exit 1
 	;;
 *)
-	$1 $2 $3 $4 $5 $6 $7
+	"$1" "$2" "$3" "$4" "$5" "$6" "$7"
 	;;
 
 esac

scripts/task.sh

@@ -161,7 +161,8 @@ logger(){
 	[ "$task_push" = 1 ] && push= || push=off
 	[ -n "$2" -a "$2" != 0 ] && echo -e "\033[$2m$1\033[0m"
 	[ "$3" = 'off' ] && push=off
-	${CRASHDIR}/start.sh logger $1 0 $push
+	echo "$1" |grep -qE '(每隔|时每)([1-9]|[1-9][0-9])分钟' && push=off
+	${CRASHDIR}/start.sh logger "$1" 0 "$push"
 }
 croncmd(){
 	if [ -n "$(crontab -h 2>&1 | grep '\-l')" ];then
@@ -321,7 +322,7 @@ task_type(){ #任务条件选择菜单
 	;;
 	1)
 		echo -----------------------------------------------
-		echo -e " 输入  0~6  对应\033[33m每周的指定某天\033[0m运行(0=周日)"
+		echo -e " 输入  1-7  对应\033[33m每周的指定某天\033[0m运行(7=周日)"
 		echo -e " 输入 1,4,0 代表\033[36m每周一、周四、周日\033[0m运行"
 		echo -e " 输入 1-5 代表\033[36m周一至周五\033[0m运行"
 		read -p "在每周哪天执行？ > " week
@@ -329,8 +330,8 @@ task_type(){ #任务条件选择菜单
 		echo -----------------------------------------------
 		read -p "想在该日的具体哪个小时执行？（0-23） > " hour	
 		cron_time="在每周$week的$hour点整"
-		cron_time=`echo ${cron_time/0/日}` #把0换成日
-		set_cron
+		cron_time=`echo ${cron_time/周0/周日}` #把0换成日
+		[ -n "$week" ] && [ -n "$hour" ] && set_cron
 	;;	
 	2)
 		echo -----------------------------------------------
@@ -340,21 +341,21 @@ task_type(){ #任务条件选择菜单
 		echo -----------------------------------------------
 		read -p "想在具体哪分钟执行？（0-59的整数） > " min
 		cron_time="在每日的$hour点$min分"
-		set_cron
+		[ -n "$min" ] && [ -n "$hour" ] && set_cron
 	;;	
 	3)
 		echo -----------------------------------------------
 		read -p "想每隔多少小时执行一次？（1-23的整数） > " num
 		hour="*/$num"
 		cron_time="每隔$num小时"
-		set_cron
+		[ -n "$hour" ] && set_cron
 	;;	
 	4)
 		echo -----------------------------------------------
 		read -p "想每隔多少分钟执行一次？（1-59的整数） > " num
 		min="*/$num"
 		cron_time="每隔$num分钟"
-		set_cron
+		[ -n "$min" ] && set_cron
 	;;
 	5)
 		set_service bfstart "$task_id" "服务启动前$task_name"
@@ -376,7 +377,7 @@ task_type(){ #任务条件选择菜单
 			cron_time="0 */$hour * * *"
 			time_des="$hour小时"
 		fi
-		set_service running "$task_id" "运行时每$time_des$task_name" "$cron_time"
+		[ -n "$cron_time" ] && set_service running "$task_id" "运行时每$time_des$task_name" "$cron_time"
 	;;
 	8)
 		echo -e "该功能会将相关启动代码注入到/etc/init.d/firewall中"

scripts/webget.sh

@@ -575,10 +575,10 @@ setproviders(){ #自定义providers
 			errornum
 		else
 			echo -----------------------------------------------
-			echo -e " 1 修改代理服务商：\033[36m$provider_name\033[0m"
+			echo -e " 1 修改名称：\033[36m$provider_name\033[0m"
 			echo -e " 2 修改链接地址：\033[32m$provider_url\033[0m"
-			echo -e " 3 生成\033[33m仅包含此服务商\033[0m的配置文件"
-			echo -e " 4 \033[31m移除此服务商\033[0m"
+			echo -e " 3 生成\033[33m仅包含此链接\033[0m的配置文件"
+			echo -e " 4 \033[31m移除此链接\033[0m"
 			echo -----------------------------------------------
 			echo -e " 0 返回上级菜单"
 			read -p "请选择需要执行的操作 > " num
@@ -586,15 +586,15 @@ setproviders(){ #自定义providers
 			0)
 			;;
 			1)
-				read -p "请输入代理服务商的名称或者代称(如有多个服务商不可重复) > " name
-				if [ -n "$name" ] && [ -z "$(grep "$name" $CRASHDIR/configs/providers.cfg)" ];then
+				read -p "请输入名称或者代号(不可重复,不支持纯数字)  > " name
+				if [ -n "$name" ] && [ -z "$(echo "$name" | grep -E '^[0-9]+$')" ] && ! grep -q "$name" $CRASHDIR/configs/providers.cfg;then
 					sed -i "s|$provider_name $provider_url|$name $provider_url|" $CRASHDIR/configs/providers.cfg
 				else
 					echo -e "\033[31m输入错误，请重新输入！\033[0m"
 				fi
 			;;
 			2)
-				read -p "请输入providers订阅地址或本地相对路径 > " link
+				read -p "请输入链接地址或本地相对路径 > " link
 				if [ -n "$(echo $link | grep -E '.*\..*|^\./')" ] && [ -z "$(grep "$link" $CRASHDIR/configs/providers.cfg)" ];then
 					link=$(echo $link | sed 's/\&/\\\&/g') #特殊字符添加转义
 					sed -i "s|$provider_name $provider_url|$provider_name $link|" $CRASHDIR/configs/providers.cfg
@@ -621,14 +621,14 @@ setproviders(){ #自定义providers
 		echo -e "支持填写在线的\033[32mYClash订阅地址\033[0m或者\033[32m本地Clash配置文件\033[0m"
 		echo -e "本地配置文件请放在\033[32m$CRASHDIR\033[0m目录下，并填写相对路径如【\033[32m./providers/test.yaml\033[0m】"
 		echo -----------------------------------------------
-		read -p "请输入providers订阅地址或本地相对路径 > " link
+		read -p "请输入链接地址或本地相对路径 > " link
 		link=$(echo $link | sed 's/ //g') #去空格
 		[ -n "$(echo $link | grep -E '.*\..*|^\./')" ] && {
-			read -p "请输入代理服务商的名称或者代号(不可重复) > " name
+			read -p "请输入名称或代号(不可重复,不支持纯数字) > " name
 			name=$(echo $name | sed 's/ //g')
-			[ -n "$name" ] && [ -z "$(grep "name" $CRASHDIR/configs/providers.cfg)" ] && {
+			[ -n "$name" ] && [ -z "$(echo "$name" | grep -E '^[0-9]+$')" ] && ! grep -q "$name" $CRASHDIR/configs/providers.cfg && {
 				echo -----------------------------------------------
-				echo -e "代理服务商：\033[36m$name\033[0m"
+				echo -e "名称：\033[36m$name\033[0m"
 				echo -e "链接地址/路径：\033[32m$link\033[0m"
 				read -p "确认添加？(1/0) > " res
 					[ "$res" = 1 ] && {
@@ -637,7 +637,7 @@ setproviders(){ #自定义providers
 					}
 			}
 		}
-		[ "$?" != 0 ] && echo -e "\033[31m操作已取消！\033[0m"
+		[ "$?" != 0 ] && echo -e "\033[31m输入错误，操作已取消！\033[0m"
 		sleep 1
 		setproviders
 	;;
@@ -651,7 +651,7 @@ setproviders(){ #自定义providers
 				gen_${coretype}_providers
 			}
 		else
-			echo -e "\033[31m你还未添加providers服务商，请先添加！\033[0m"
+			echo -e "\033[31m你还未添加链接或本地配置文件，请先添加！\033[0m"
 			sleep 1
 		fi
 		setproviders
@@ -692,7 +692,7 @@ setproviders(){ #自定义providers
 		setproviders
 	;;
 	d)
-		read -p "确认清空全部providers服务商？(1/0) > " res
+		read -p "确认清空全部链接？(1/0) > " res
 		[ "$res" = "1" ] && rm -rf $CRASHDIR/configs/providers.cfg
 		setproviders
 	;;
@@ -880,7 +880,7 @@ gen_link_flt(){ #在线生成节点过滤
 		exclude=''
 		echo -e "\033[31m 已删除节点过滤关键字！！！\033[0m"
 	fi
-	setconfig exclude \'$exclude\'
+	setconfig exclude "'$exclude'"
 }
 gen_link_ele(){ #在线生成节点筛选
 	[ -z "$include" ] && include="未设置"
@@ -900,7 +900,7 @@ gen_link_ele(){ #在线生成节点筛选
 		include=''
 		echo -e "\033[31m 已删除节点匹配关键字！！！\033[0m"
 	fi
-	setconfig include \'$include\'
+	setconfig include "'$include'"
 }
 get_core_config(){ #调用工具下载
 	${CRASHDIR}/start.sh get_core_config
@@ -954,7 +954,7 @@ gen_core_config_link(){ #在线生成工具
 				i=100
 				#将用户链接写入配置
 				setconfig Https
-				setconfig Url \'$Url_link\'
+				setconfig Url "'$Url_link'"
 				#获取在线yaml文件
 				get_core_config
 			else
@@ -1008,7 +1008,7 @@ set_core_config_link(){ #直接导入配置
 			if [ "$res" = '1' ]; then
 				#将用户链接写入配置
 				sed -i '/Url=*/'d $CFG_PATH
-				setconfig Https \'$link\'
+				setconfig Https "'$link'"
 				setconfig Url
 				#获取在线yaml文件
 				get_core_config
@@ -1032,13 +1032,13 @@ set_core_config(){ #配置文件功能
 	echo -----------------------------------------------
 	echo -e "\033[30;47m ShellCrash配置文件管理\033[0m"
 	echo -----------------------------------------------
-	echo -e " 1 在线\033[32m生成$crashcore配置文件\033[0m"
+	echo -e " 1 在线\033[32m生成配置文件\033[0m(基于Subconverter订阅转换)"
 	if [ -f "$CRASHDIR"/v2b_api.sh ];then
 		echo -e " 2 登录\033[33m获取订阅(推荐！)\033[0m"
 	else
-		echo -e " 2 在线\033[33m获取完整配置文件\033[0m"
+		echo -e " 2 在线\033[33m获取配置文件\033[0m(基于订阅提供者)"
 	fi
-	echo -e " 3 本地\033[32m生成providers配置文件\033[0m"
+	echo -e " 3 本地\033[32m生成配置文件\033[0m(基于内核providers,推荐！)"
 	echo -e " 4 本地\033[33m上传完整配置文件\033[0m"
 	echo -e " 5 设置\033[36m自动更新\033[0m"
 	echo -e " 6 \033[32m自定义\033[0m配置文件"
@@ -1819,15 +1819,16 @@ getdb(){ #下载Dashboard文件
 		tar -zxf "${TMPDIR}/clashdb.tar.gz" ${tar_para} -C $dbdir > /dev/null
 		[ $? -ne 0 ] && echo "文件解压失败！" && rm -rf ${TMPDIR}/clashfm.tar.gz && exit 1
 		#修改默认host和端口
-		if [ "$db_type" = "clashdb" -o "$db_type" = "meta_db" -o "$db_type" = "meta_xd" -o "$db_type" = "zashboard" ];then
+		if [ "$db_type" = "clashdb" -o "$db_type" = "meta_db" -o "$db_type" = "zashboard" ];then
 			sed -i "s/127.0.0.1/${host}/g" $dbdir/assets/*.js
 			sed -i "s/9090/${db_port}/g" $dbdir/assets/*.js
+		elif [ "$db_type" = "meta_xd" ];then
+			sed -i "s/127.0.0.1:9090/${host}:${db_port}/g" $dbdir/_nuxt/*.js
 		else
 			sed -i "s/127.0.0.1:9090/${host}:${db_port}/g" $dbdir/*.html
-			#sed -i "s/7892/${db_port}/g" $dbdir/app*.js
 		fi
 		#写入配置文件
-		setconfig hostdir \'$hostdir\'
+		setconfig hostdir "'$hostdir'"
 		echo -----------------------------------------------
 		echo -e "\033[32m面板安装成功！\033[36m如未生效，请使用【Ctrl+F5】强制刷新浏览器！！！\033[0m"
 		rm -rf ${TMPDIR}/clashdb.tar.gz
@@ -1885,9 +1886,9 @@ setdb(){
 	echo -----------------------------------------------
 	echo -e "请选择面板\033[33m安装类型：\033[0m"
 	echo -----------------维护中------------------------
-	echo -e " 1 安装\033[32mzashboard面板\033[0m(约1.2mb)"
+	echo -e " 1 安装\033[32mzashboard面板\033[0m(约2.2mb)"
 	echo -e " 2 安装\033[32mMetaXD面板\033[0m(约1.5mb)"
-	echo -e " 3 安装\033[32mYacd-Meta魔改面板\033[0m(约1.5mb)"
+	echo -e " 3 安装\033[32mYacd-Meta魔改面板\033[0m(约1.7mb)"
 	echo ---------------已停止维护----------------------
 	echo -e " 4 安装\033[32m基础面板\033[0m(约500kb)"
 	echo -e " 5 安装\033[32mMeta基础面板\033[0m(约800kb)"
@@ -1902,12 +1903,12 @@ setdb(){
 	1)
 		db_type=zashboard
 		echo $update_url
-		setconfig external_ui_url "https://raw.githubusercontent.com/juewuy/ShellCrash/dev/bin/dashboard/zashboard.tar.gz"
+		setconfig external_ui_url "https://raw.githubusercontent.com/juewuy/ShellCrash/update/bin/dashboard/zashboard.tar.gz"
 		dbdir
 	;;
 	2)
 		db_type=meta_xd
-		setconfig external_ui_url "https://raw.githubusercontent.com/juewuy/ShellCrash/dev/bin/dashboard/meta_xd.tar.gz"
+		setconfig external_ui_url "https://raw.githubusercontent.com/juewuy/ShellCrash/update/bin/dashboard/meta_xd.tar.gz"
 		dbdir
 	;;
 	3)
@@ -2007,7 +2008,7 @@ setserver(){
 	[ -n "$url_id" ] && url_name=$(grep "$url_id" ${CRASHDIR}/configs/servers.list 2>/dev/null | awk '{print $2}') || url_name=$update_url
 	saveserver(){
 		#写入配置文件
-		setconfig update_url \'$update_url\'
+		setconfig update_url "'$update_url'"
 		setconfig url_id $url_id
 		setconfig release_type $release_type
 		echo -----------------------------------------------
@@ -2261,9 +2262,10 @@ userguide(){
 					redir_mod="Redir模式"
 				fi
 			}
-			setconfig crashcore "mihomo"
+			setconfig crashcore "meta"
 			setconfig redir_mod "$redir_mod"
 			setconfig dns_mod mix
+			setconfig firewall_area '1'
 			#默认启用绕过CN-IP
 			setconfig cn_ip_route 已开启
 			#自动识别IPV6
@@ -2333,8 +2335,10 @@ userguide(){
 	if [ -s $openssldir/certs/ca-certificates.crt ];then
 		dns_nameserver='https://doh.360.cn/dns-query, https://dns.alidns.com/dns-query, https://doh.pub/dns-query'
 		dns_fallback='https://cloudflare-dns.com/dns-query, https://dns.google/dns-query, https://doh.opendns.com/dns-query'
-		setconfig dns_nameserver \'"$dns_nameserver"\'
-		setconfig dns_fallback \'"$dns_fallback"\'
+		dns_resolver='https://223.5.5.5/dns-query, 2400:3200::1'
+		setconfig dns_nameserver "'$dns_nameserver'"
+		setconfig dns_fallback "'$dns_fallback'"
+		setconfig dns_resolver "'$dns_resolver'"
 	fi
 	#开启公网访问
 	sethost(){
@@ -2366,7 +2370,7 @@ userguide(){
 			setconfig mix_port $mix_port
 			setconfig host $host
 			setconfig public_support $public_support
-			setconfig authentication \'$authentication\'
+			setconfig authentication "'$authentication'"
 		fi
 	fi
 	#启用推荐的自动任务配置

tools/ShellDDNS.sh

@@ -11,6 +11,7 @@ echo -e "TG群：\033[36;4mhttps://t.me/ShellCrash\033[0m"
 
 add_ddns() {
 	cat >>$ddns_dir <<EOF
+	
 config service '$service'
 	option enabled '1'
 	option force_unit 'hours'
@@ -61,23 +62,18 @@ set_ddns() {
 }
 
 set_service() {
-	services_dir=/etc/ddns/$services 
-	if [ -s $services_dir ];then
-		row=2
-	else
-		services_dir=/usr/share/ddns/list
-		row=1
-	fi
+	services_dir=/etc/ddns/$serv 
+	[ -s $services_dir ] || services_dir=/usr/share/ddns/list
 	echo -----------------------------------------------
 	echo -e "\033[32m请选择服务提供商\033[0m"
-	cat $services_dir | grep -v '^#' | awk -F "[\"]" -v i="$row" '{print " "NR" " $i}'
+	cat $services_dir | grep -v '^#' | awk '{print " "NR" " $1}'
 	nr=$(cat $services_dir | grep -v '^#' | wc -l)
 	read -p "请输入对应数字 > " num
 	if [ -z "$num" ]; then
 		i=
 	elif [ "$num" -gt 0 -a "$num" -lt $nr ]; then
-		service=$(cat $services_dir | grep -v '^#' | awk -F "[\".]" -v i="$row" '{print " "NR" " $i}' | sed -n "$num"p)
-		service_name=$(cat $services_dir | grep -v '^#' | awk -F "[\"]" -v i="$row" '{print " "NR" " $i}' | sed -n "$num"p)
+		service_name=$(cat $services_dir | grep -v '^#' | awk '{print $1}' | sed -n "$num"p | sed 's/"//g')
+		service=$(echo $service_name | sed 's/\./_/g')
 		set_ddns
 	else
 		echo "输入错误，请重新输入！"
@@ -96,11 +92,11 @@ network_type() {
 		i=
 	elif [ "$num" = 1 ]; then
 		use_ipv6=0
-		services=services
+		serv=services
 		set_service
 	elif [ "$num" = 2 ]; then
 		use_ipv6=1
-		services=services_ipv6
+		serv=services_ipv6
 		set_service
 	else
 		echo "输入错误，请重新输入！"
@@ -117,6 +113,7 @@ rev_service() {
 	echo -e " 2 编辑当前服务\033[0m"
 	echo -e " 3 $enabled_b当前服务"
 	echo -e " 4 移除当前服务"
+	echo -e " 5 查看运行日志"
 	echo -e " 0 返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入对应数字 > " num
@@ -138,6 +135,10 @@ rev_service() {
 	elif [ "$num" = 4 ]; then
 		uci delete ddns.$service
 		uci commit ddns.$service
+	elif [ "$num" = 5 ]; then
+		echo -----------------------------------------------
+		cat /var/log/ddns/$service.log 2>/dev/null
+		sleep 1
 	fi
 }
 
@@ -152,7 +153,7 @@ load_ddns() {
 		nr=$((nr + 1))
 		enabled=$(uci show ddns.$service 2>/dev/null | grep 'enabled' | awk -F "=" '{print $2}' | tr -d "'\"")
 		domain=$(uci show ddns.$service 2>/dev/null | grep 'domain' | awk -F "=" '{print $2}' | tr -d "'\"")
-		local_ip=$(sed '1!G;h;$!d' /var/log/ddns/$service.log 2>/dev/null | grep -E 'Update successful - IP' | tail -1 | awk -F "'" '{print $2}' | tr -d "'\"")
+		local_ip=$(sed '1!G;h;$!d' /var/log/ddns/$service.log 2>/dev/null | grep -E 'Registered IP' | tail -1 | awk -F "'" '{print $2}' | tr -d "'\"")
 		echo -e " $nr   $domain  $enabled   $local_ip"
 	done
 	echo -e " $((nr + 1))   添加DDNS服务"

version

@@ -1 +1 @@
-1.9.3beta3
+1.9.3beta6