v1.0.0beta13fix2

~修复了导入未经转换配置文件时报错的bug
~屏蔽了部分已经无法使用的sub后端服务器地址
~修改了本机代理实现方式，现在会随着clash服务停止而取消

README.md

@@ -1,49 +1,46 @@
-# clash-for-Miwifi
-在小米AX3600/AX1800/AX5等路由器上使用clash做透明代理
+# ShellClash（原Clash for Miwifi）
+在Shell环境下一键部署及管理[Clash](https://github.com/Dreamacro/clash)
 =====
 
 功能简介：
 --
-~支持小米AX系列路由器设备使用clash做透明代理，更多的设备支持可以前往TG群报名参与测试<br>
-~支持SS、SSR、v2ray、trojan、sock5等协议<br>
-~支持批量导入节点链接及订阅链接<br>
-~支持使用网页面板管理规则组<br>
-~支持多种模式切换，支持在线更新<br>
-~支持部署内置的管理面板<br>
-~更多功能可在使用中发掘<br>
+~通过管理脚本在shell环境下便捷使用[Clash](https://github.com/Dreamacro/clash)<br>
+~支持在Shell环境下管理[Clash各种功能](https://lancellc.gitbook.io/clash)<br>
+~支持批量导入SS/SSR/v2ray/trojan等节点链接及订阅链接<br>~支持配置定时任务，以及定时更新订阅<br>~支持使用以及安装网页面板管理规则组<br>
+~支持局域网透明代理/纯净模式等多种模式切换<br>~支持在线更新管理脚本及升级Clash核心<br>
+
+设备支持：
+--
+
+~支持小米/红米全系使用官方系统或官方开发版系统的路由器设备<br>
+~支持各种基于OpenWrt或使用OpenWrt二次定制开发的路由器设备<br>
+~支持各种运行标准Linux系统（如Debian/CenOS/Armbian等）的设备<br>
+——————————
+~不支持使用Padavan以及梅林系统的路由器设备<br>
+~更多设备支持，请提issue或前往TG群反馈（需提供设备名称及运行uname -a返回的设备核心信息）<br>
+
+使用方式：
+--
+~确认路由器或设备已经开启SSH并获取root权限<br>
+~使用SSH连接工具（如putty，JuiceSSH，系统自带终端等）路由器或设备的SSH管理界面，并切换到root用户<br>
+~在SSH界面执行如下安装命令，并按照后续提示完成安装<br>
+
+```Shell
+sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+```
+或者
+```Shell
+sh -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash@master/install_cdn.sh)" && source /etc/profile &> /dev/null
+```
+~安装完成管理脚本后，执行如下命令以运行管理脚本<br>
+
+```Shell
+clash
+```
 
 更新日志：
 --
-* v0.8.7<br>
-~修复了脚本更新路径不正确的bug<br>
-~调整了geoip数据库下载源地址<br>
-~增加了自定义源输入检测<br>
-* v0.8.6<br>
-~新增CDN下载源和Github下载源，下载更新速度更快<br>
-~新增了切换下载源的选项菜单<br>
-~界面UI优化及bug修复<br>
-* v0.8.5<br>
-~新增了Tun/Redir混合模式<br>
-~新增是否支持ipv6的开关<br>
-~新增了更新核心时的版本检测<br>
-~新增了本地面板重复安装提示<br>
-~修复了部分报错提示<br>
-~修复了部分设定未及时更新的bug<br>
-* v0.8.4<br>
-~更新在线下载GeoIP数据库功能<br>
-~更新在线下载及部署Dashboard面板功能<br>
-~UI小幅度优化<br>
-
-使用依赖：
---
-~路由器或设备已经开启SSH并获取root权限<br>
-~SSH连接工具，例如putty，bitvise，JuiceSSH（支持安卓手机）等<br>
-
-一键安装：
---
-```Shell
-sh -c "$(curl -kfsSl https://juewuy.xyz/clash/install.sh)" && source /etc/profile &> /dev/null
-```
+https://github.com/juewuy/ShellClash/releases
 
 交流反馈：
 --
@@ -51,23 +48,11 @@ sh -c "$(curl -kfsSl https://juewuy.xyz/clash/install.sh)" && source /etc/profil
 
 已知问题：
 --
-~Tun模式下clash服务可能会和小米路由器内置的tx网游加速器冲突，请谨慎同时使用<br>
-~Redir模式无法转发udp流量，外服游戏可能会受影响，此功能是由官方系统阉割了Tproxy导致，暂时无解，外服游戏用户建议使用Tun模式<br>
+~Tun模式下clash服务可能会和路由器内置的网游加速器冲突，请谨慎同时使用<br>
+~Redir模式暂不支持转发udp流量，外服游戏可能会受影响，外服游戏用户建议使用Tun模式<br>
+~部分设备长时间使用会出现内存占用偏高——此为golang内存回收不及时导致，可以通过屏蔽p2p流量及设置每日定时重启核心以缓解<br>
+~节点无法连接——在【clash功能设置】中打开【跳过本地证书验证】或者升级clash核心<br>
 
-ToDo：
+友情推广：
 --
-~~增加订阅功能~~<br>
-~~添加一键安装脚本~~<br>
-~~增加屏蔽P2P流量功能~~<br>
-~~增加更新功能~~<br>
-~~修复redir-host DNS以及IPV6支持~~<br>
-~增加定时功能<br>
-
-感谢：
---
-~https://lancellc.gitbook.io/clash/start-clash/clash-tun-mode<br>
-~https://comzyh.gitbook.io/clash/<br>
-~https://h-cheung.gitlab.io/post/使用_clash_和路由表实现透明代理<br>
-~https://www.right.com.cn/forum/thread-4042741-1-1.html<br>
-
-
+[顶级8K专线机场-墙洞](https://dler.best/auth/register?affid=89698)

bin/clash/version

@@ -1 +1 @@
-version=1.0.0
+version=1.1.0

bin/clashpre/version

@@ -1 +1 @@
-version=1.0.0
+version=2020.09.27

bin/version

@@ -1 +1,4 @@
-versionsh=0.8.7
+GeoIP_v=20201001
+clash_v=1.1.0
+clashpre_v=2020.09.27
+versionsh=1.0.0beta13fix2

install.sh

@@ -1,87 +1,140 @@
- #!/bin/sh
+#! /bin/bash
 # Copyright (C) Juewuy
 
+echo='echo -e' && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && echo=echo
+test=1
+
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
-echo "**             Clash for Miwifi              **"
+echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
 
-url="https://juewuy.xyz/clash/"
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $url/bin/version)
-[ "$result" != "200" ] && echo "无法连接到服务器！" && exit 1
-source /tmp/clashversion
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "~~~~版本：\033[32m$versionsh\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m使用中如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-echo -e "\033[37m目前仅支持小米AX系列3款路由器"
-echo -e "\033[44m其余型号可到TG群报名参与测试\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[32m 1 在默认目录(/etc)安装Clash for Miwifi"
-echo -e "\033[33m 2 手动设置安装目录（不明勿用！）"
-echo -e "\033[0m 0 退出安装"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+if [ $test -ge 1 ];then 
+	url="--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master"
+	[ $test -ge 2 ] && url="http://192.168.31.30:8080/clash-for-Miwifi"
+	[ $test -ge 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+else
+	release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')	#检查版本
+fi
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url@$release_new/bin/clashfm.tar.gz
+[ $test -ge 1 ] && tarurl=$url/bin/clashfm.tar.gz
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo -----------------------------------------------
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+#下载及安装
+install(){
+echo -----------------------------------------------
+echo 开始从服务器获取安装文件！
+echo -----------------------------------------------
+gettar
+echo -----------------------------------------------
+echo ShellClash 已经安装成功!
+echo -----------------------------------------------
+$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo -----------------------------------------------
+}
+setdir(){		
+echo -----------------------------------------------		
+$echo "\033[32m 1 在默认目录(/etc)安装"
+$echo "\033[33m 2 手动设置安装目录"
+$echo "\033[0m 0 退出安装"
+echo -----------------------------------------------
 read -p "请输入相应数字 > " num
-
+#设置目录
 if [ -z $num ];then
 	echo 安装已取消
 	exit;
-elif [[ $num == 1 ]];then
+elif [ "$num" = "1" ];then
 	dir=/etc
-elif [[ $num == 2 ]];then
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+elif [ "$num" = "2" ];then
+	echo -----------------------------------------------
 	echo '可用路径 剩余空间:'
 	df -h | awk '{print $6,$2}'| sed 1d 
 	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
 	read -p "请输入自定义路径 > " dir
-	if [ -z $dir ];then
-		echo 路径错误！已取消安装！
+	if [ -z "$dir" ];then
+		$echo "\033[31m路径错误！已取消安装！\033[0m"
 		exit;
 	fi
 else
-	echo 安装已取消
+	echo 安装已取消！！！
 	exit;
 fi
-#下载文件包
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 开始从服务器获取安装文件！
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-tarurl=$url/bin/clashfm.tar.gz
-if command -v curl &> /dev/null; then
-	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
-else $result
-	wget-ssl -q --no-check-certificate --tries=1 --timeout=10 -O /tmp/clashfm.tar.gz $tarurl
-	[ $? -eq 0 ] && result="200"
-fi
-[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
-#解压
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 开始解压文件！
-mkdir -p $dir/clash > /dev/null
-tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/ > /dev/null
-[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-#初始化文件目录
-mv $dir/clash/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
-chmod  777 $dir/clash/clash  #授予权限
-chmod  777 /etc/init.d/clash #授予权限
-if [ ! -f "$dir/clash/mark" ]; then
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，不明勿动！
-EOF
-fi
-sed -i '/versionsh_l=*/'d $dir/clash/mark
-sed -i "1i\versionsh_l=$versionsh" $dir/clash/mark
-#设置环境变量
-sed -i '/alias clash=*/'d /etc/profile
-echo "alias clash=\"sh $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
-sed -i '/export clashdir=*/'d /etc/profile
-echo "export clashdir=\"$dir/clash\"" >> /etc/profile #设置clash路径环境变量
-#删除临时文件
-rm -rf /tmp/clashfm.tar.gz 
-#提示
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo clash for Miwifi 已经安装成功!
-echo -e "\033[33m直接输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+clashdir=$dir/clash
+install
+}
 
+#输出
+$echo "最新版本：\033[32m$release_new\033[0m"
+echo -----------------------------------------------
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[37m支持各种基于openwrt的路由器设备"
+$echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
+
+if [ -n "$clashdir" ];then
+	echo -----------------------------------------------
+	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
+	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
+	read -p "覆盖安装/卸载旧版本？(1/0) > " res
+	if [ "$res" = "1" ];then
+		install
+	elif [ "$res" = "0" ];then
+		rm -rf $clashdir
+		echo -----------------------------------------------
+		$echo "\033[31m 旧版本文件已卸载！\033[0m"
+		setdir
+	else
+		$echo "\033[31m输入错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	setdir
+fi

install_c.sh

@@ -1,87 +0,0 @@
- #!/bin/sh
-# Copyright (C) Juewuy
-
-echo "***********************************************"
-echo "**                 欢迎使用                  **"
-echo "**             Clash for Miwifi              **"
-echo "**                             by  Juewuy    **"
-echo "***********************************************"
-
-url="https://juewuy.xyz/clash/"
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $url/bin/version)
-[ "$result" != "200" ] && echo "无法连接到服务器！" && exit 1
-source /tmp/clashversion
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "~~~~版本：\033[32m$versionsh\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m使用中如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-echo -e "\033[37m目前仅支持小米AX系列3款路由器"
-echo -e "\033[44m其余型号可到TG群报名参与测试\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[32m 1 在默认目录(/etc)安装Clash for Miwifi"
-echo -e "\033[33m 2 手动设置安装目录（不明勿用！）"
-echo -e "\033[0m 0 退出安装"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-read -p "请输入相应数字 > " num
-
-if [ -z $num ];then
-	echo 安装已取消
-	exit;
-elif [[ $num == 1 ]];then
-	dir=/etc
-elif [[ $num == 2 ]];then
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo '可用路径 剩余空间:'
-	df -h | awk '{print $6,$2}'| sed 1d 
-	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
-	read -p "请输入自定义路径 > " dir
-	if [ -z $dir ];then
-		echo 路径错误！已取消安装！
-		exit;
-	fi
-else
-	echo 安装已取消
-	exit;
-fi
-#下载文件包
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 开始从服务器获取安装文件！
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-tarurl=$url/bin/clashfm.tar.gz
-if command -v curl &> /dev/null; then
-	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
-else $result
-	wget-ssl -q --no-check-certificate --tries=1 --timeout=10 -O /tmp/clashfm.tar.gz $tarurl
-	[ $? -eq 0 ] && result="200"
-fi
-[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
-#解压
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 开始解压文件！
-mkdir -p $dir/clash > /dev/null
-tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/ > /dev/null
-[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-#初始化文件目录
-mv $dir/clash/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
-chmod  777 $dir/clash/clash  #授予权限
-chmod  777 /etc/init.d/clash #授予权限
-if [ ! -f "$dir/clash/mark" ]; then
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，不明勿动！
-EOF
-fi
-sed -i '/versionsh_l=*/'d $dir/clash/mark
-sed -i "1i\versionsh_l=$versionsh" $dir/clash/mark
-#设置环境变量
-sed -i '/alias clash=*/'d /etc/profile
-echo "alias clash=\"sh $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
-sed -i '/export clashdir=*/'d /etc/profile
-echo "export clashdir=\"$dir/clash\"" >> /etc/profile #设置clash路径环境变量
-#删除临时文件
-rm -rf /tmp/clashfm.tar.gz 
-#提示
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo clash for Miwifi 已经安装成功!
-echo -e "\033[33m直接输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-

install_cdn.sh

@@ -0,0 +1,140 @@
+#! /bin/bash
+# Copyright (C) Juewuy
+
+echo='echo -e' && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && echo=echo
+test=0
+
+echo "***********************************************"
+echo "**                 欢迎使用                  **"
+echo "**                ShellClash                 **"
+echo "**                             by  Juewuy    **"
+echo "***********************************************"
+
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+if [ $test -ge 1 ];then 
+	url="--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master"
+	[ $test -ge 2 ] && url="http://192.168.31.30:8080/clash-for-Miwifi"
+	[ $test -ge 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+else
+	release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')	#检查版本
+fi
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url@$release_new/bin/clashfm.tar.gz
+[ $test -ge 1 ] && tarurl=$url/bin/clashfm.tar.gz
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo -----------------------------------------------
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+#下载及安装
+install(){
+echo -----------------------------------------------
+echo 开始从服务器获取安装文件！
+echo -----------------------------------------------
+gettar
+echo -----------------------------------------------
+echo ShellClash 已经安装成功!
+echo -----------------------------------------------
+$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo -----------------------------------------------
+}
+setdir(){		
+echo -----------------------------------------------		
+$echo "\033[32m 1 在默认目录(/etc)安装"
+$echo "\033[33m 2 手动设置安装目录"
+$echo "\033[0m 0 退出安装"
+echo -----------------------------------------------
+read -p "请输入相应数字 > " num
+#设置目录
+if [ -z $num ];then
+	echo 安装已取消
+	exit;
+elif [ "$num" = "1" ];then
+	dir=/etc
+elif [ "$num" = "2" ];then
+	echo -----------------------------------------------
+	echo '可用路径 剩余空间:'
+	df -h | awk '{print $6,$2}'| sed 1d 
+	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
+	read -p "请输入自定义路径 > " dir
+	if [ -z "$dir" ];then
+		$echo "\033[31m路径错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	echo 安装已取消！！！
+	exit;
+fi
+clashdir=$dir/clash
+install
+}
+
+#输出
+$echo "最新版本：\033[32m$release_new\033[0m"
+echo -----------------------------------------------
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[37m支持各种基于openwrt的路由器设备"
+$echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
+
+if [ -n "$clashdir" ];then
+	echo -----------------------------------------------
+	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
+	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
+	read -p "覆盖安装/卸载旧版本？(1/0) > " res
+	if [ "$res" = "1" ];then
+		install
+	elif [ "$res" = "0" ];then
+		rm -rf $clashdir
+		echo -----------------------------------------------
+		$echo "\033[31m 旧版本文件已卸载！\033[0m"
+		setdir
+	else
+		$echo "\033[31m输入错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	setdir
+fi

install_test.sh

@@ -0,0 +1,140 @@
+#! /bin/bash
+# Copyright (C) Juewuy
+
+echo='echo -e' && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && echo=echo
+test=1
+
+echo "***********************************************"
+echo "**                 欢迎使用                  **"
+echo "**                ShellClash                 **"
+echo "**                             by  Juewuy    **"
+echo "***********************************************"
+
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
+if [ $test -ge 1 ];then 
+	url="--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master"
+	[ $test -ge 2 ] && url="http://192.168.31.30:8080/clash-for-Miwifi"
+	[ $test -ge 3 ] && url="http://192.168.123.90:8080/clash-for-Miwifi"
+else
+	release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')	#检查版本
+fi
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
+tarurl=$url@$release_new/bin/clashfm.tar.gz
+[ $test -ge 1 ] && tarurl=$url/bin/clashfm.tar.gz
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo -----------------------------------------------
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
+#下载及安装
+install(){
+echo -----------------------------------------------
+echo 开始从服务器获取安装文件！
+echo -----------------------------------------------
+gettar
+echo -----------------------------------------------
+echo ShellClash 已经安装成功!
+echo -----------------------------------------------
+$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo -----------------------------------------------
+}
+setdir(){		
+echo -----------------------------------------------		
+$echo "\033[32m 1 在默认目录(/etc)安装"
+$echo "\033[33m 2 手动设置安装目录"
+$echo "\033[0m 0 退出安装"
+echo -----------------------------------------------
+read -p "请输入相应数字 > " num
+#设置目录
+if [ -z $num ];then
+	echo 安装已取消
+	exit;
+elif [ "$num" = "1" ];then
+	dir=/etc
+elif [ "$num" = "2" ];then
+	echo -----------------------------------------------
+	echo '可用路径 剩余空间:'
+	df -h | awk '{print $6,$2}'| sed 1d 
+	echo '路径是必须带 / 的格式，写入虚拟内存(/tmp,/sys,..)的文件会在重启后消失！！！'
+	read -p "请输入自定义路径 > " dir
+	if [ -z "$dir" ];then
+		$echo "\033[31m路径错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	echo 安装已取消！！！
+	exit;
+fi
+clashdir=$dir/clash
+install
+}
+
+#输出
+$echo "最新版本：\033[32m$release_new\033[0m"
+echo -----------------------------------------------
+$echo "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+$echo "\033[37m支持各种基于openwrt的路由器设备"
+$echo "\033[33m支持Debian、Centos等标准Linux系统\033[0m"
+
+if [ -n "$clashdir" ];then
+	echo -----------------------------------------------
+	$echo "检测到旧的安装目录\033[36m$clashdir\033[0m，是否覆盖安装？"
+	$echo "\033[32m覆盖安装时不会移除配置文件！\033[0m"
+	read -p "覆盖安装/卸载旧版本？(1/0) > " res
+	if [ "$res" = "1" ];then
+		install
+	elif [ "$res" = "0" ];then
+		rm -rf $clashdir
+		echo -----------------------------------------------
+		$echo "\033[31m 旧版本文件已卸载！\033[0m"
+		setdir
+	else
+		$echo "\033[31m输入错误！已取消安装！\033[0m"
+		exit;
+	fi
+else
+	setdir
+fi

scripts/clash.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=clash
+After=network.target
+
+[Service]
+Type=simple
+User=root
+ExecStart=/etc/clash/clash -d /etc/clash
+ExecStartPost=/etc/clash/start.sh afstart
+Restart=on-failure
+RestartSec=3s
+
+
+[Install]
+WantedBy=multi-user.target

scripts/clashservice

@@ -1,146 +1,33 @@
 #!/bin/sh /etc/rc.common
-# Example script
-# Copyright (C) 2007 OpenWrt.org
 
+START=92
+
+SERVICE_DAEMONIZE=1
+SERVICE_WRITE_PID=1
 USE_PROCD=1
-START=99
+DIR=$(cat /etc/profile|grep clashdir|awk -F "\"" '{print $2}')
 
-getconfig(){
-#开机加载环境变量保证找到文件路径
-source /etc/profile > /dev/null 2>&1
-ccfg=$clashdir/mark
-if [ ! -f "$ccfg" ]; then
-	echo mark文件不存在，默认以Redir模式运行！
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，不明勿动！
-EOF
-	#指定一些默认状态
-	redir_mod=redir模式
-	common_ports=未开启
-	dns_mod=redir-host
-	modify_yaml=未开启
-	ipv6_support=未开启
-fi
-source $ccfg #加载配置文件
-#是否代理常用端口
-if [ "$common_ports" = "已开启" ];then
-	ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
-fi
-#DNS模式
-if [ "$common_ports" = "已开启" ];then
-	ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
-fi
-}
-modify_yaml(){
-##########需要变更的配置###########
-mix='mixed-port: 7890'
-redir='redir-port: 7892'
-lan='allow-lan: true'
-mode='mode: Rule'
-log='log-level: info'
-if [ "$ipv6_support" = "已开启" ];then
-ipv6='ipv6: true'
-else
-ipv6='ipv6: false'
-fi
-external='external-controller: 0.0.0.0:9999'
-if [ "$dns_mod" = "fake-ip" ];then
-dns='dns: {enable: true, listen: 0.0.0.0:1053, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4]}'
-else
-dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:1053, enhanced-mode: redir-host, nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4]}'
-fi
-if [ "$redir_mod" != "Redir模式" ];then
-tun='tun: {enable: true, stack: system}'
-else
-tun='tun: {enable: false}'
-fi 
-exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
-###################################
-	#预删除需要添加的项目
-	i=$(grep  -n  "^proxies:" $clashdir/config.yaml | head -1 | cut -d ":" -f 1)
-	i=$(($i-1))
-	sed -i '1,'$i'd' $clashdir/config.yaml
-	#添加配置
-	sed -i "1i$mix" $clashdir/config.yaml
-	sed -i "1a$redir" $clashdir/config.yaml
-	sed -i "2a$lan" $clashdir/config.yaml
-	sed -i "3a$mode" $clashdir/config.yaml
-	sed -i "4a$log" $clashdir/config.yaml
-	sed -i "5a$ipv6" $clashdir/config.yaml
-	sed -i "6a$external" $clashdir/config.yaml
-	sed -i "7a$dns" $clashdir/config.yaml
-	sed -i "8a$tun" $clashdir/config.yaml
-	sed -i "9a$exper" $clashdir/config.yaml
-	#跳过本地tls证书验证
-	if [ "$skip_cert" != "未开启" ];then
-	sed -i "10,99s/sni: \S*/\1skip-cert-verify: true}/" $clashdir/config.yaml  #跳过trojan本地证书验证
-	sed -i '10,99s/}}/}, skip-cert-verify: true}/' $clashdir/config.yaml  #跳过v2+ssl本地证书验证
-	fi
-	#sed -i '/rules:/a \ - DOMAIN-SUFFIX,clash.razord.top,🎯 全球直连' $clashdir/config.yaml
-}
-mark_time(){
-	start_time=`date +%s`
-	sed -i '/start_time*/'d $ccfg
-	sed -i "3i\start_time=$start_time" $ccfg
-}
-start_redir(){
-	#修改iptables规则使流量进入clash
-	iptables -t nat -N clash
-	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
-	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
-	iptables -t nat -A PREROUTING -p tcp -j clash
-	if [ "$ipv6_support" = "已开启" ];then
-		ip6tables -t nat -N clashv6
-		ip6tables -t nat -A clashv6 -p tcp $ports-j REDIRECT --to-ports 7892
-		ip6tables -t nat -A PREROUTING -p tcp -j clashv6
-	fi
-}
-stop_iptables(){
-    #重置iptables规则
-	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
-	iptables -t nat -F clash > /dev/null 2>&1
-	iptables -t nat -X clash > /dev/null 2>&1
-	iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 > /dev/null 2>&1
-	ip6tables -t nat -F clashv6 > /dev/null 2>&1
-	ip6tables -t nat -X clashv6 > /dev/null 2>&1
-}
-start_dns(){
-	#允许tun网卡接受流量
-	iptables -I FORWARD -o utun -j ACCEPT
-	#设置dns转发
-	iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-	ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-}
 start_service() {
-	getconfig
-	#使用内置规则强行覆盖config配置文件
-	if [ "$modify_yaml" != "已开启" ];then
-	modify_yaml
-	fi
-    #创建clash后台进程
+	#使用procd创建clash后台进程
 	procd_open_instance
 	procd_set_param respawn
 	procd_set_param stderr 1
 	procd_set_param stdout 1
-	procd_set_param command $clashdir/clash -d $clashdir
+	procd_set_param command $DIR/clash -d $DIR
 	procd_close_instance
-	#修改iptables规则使流量进入clash
-	stop_iptables
-	start_dns
-	if [ "$redir_mod" != "Tun模式" ];then
-	start_redir
-	fi
-	mark_time
+	#其他设置
+	$DIR/start.sh afstart
 }
-stop_service() {
-	stop_iptables
+
+start() {
+	if [ -z "$(pidof procd)" ];then
+		#创建后台进程
+		service_start  $DIR/clash -d $DIR
+		#设置守护进程
+		$DIR/start.sh deamon
+		#其他设置
+		$DIR/start.sh afstart
+	else
+		start_service
+	fi
 }

scripts/getdate.sh

@@ -1,111 +1,151 @@
-#!/bin/sh
+#!/bin/bash
 # Copyright (C) Juewuy
 
-getyaml(){
-source $ccfg
-#前后端订阅服务器地址索引，可在此处添加！
-Server=`sed -n ""$server_link"p"<<EOF
-subconverter-web.now.sh
-subconverter.herokuapp.com
-subcon.py6.pw
-api.dler.io
-api.wcc.best
-skapi.cool
-subconvert.dreamcloud.pw
-EOF`
-Config=`sed -n ""$rule_link"p"<<EOF
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
-EOF`
-#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
-if [ -z $Https ];then
-	Https="https://$Server/sub?target=clashr&new_name=true&url=$Url&insert=false&config=$Config"
-	markhttp=1
-fi
-#
+linkconfig(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 正在连接服务器获取配置文件…………链接地址为：
-echo -e "\033[4;32m$Https\033[0m"
-echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
-echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
-echo -e "|                                             |"
-echo -e "|         需要一点时间，请耐心等待！          |"
-echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出\033[36m        |"
-echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
-#获取在线yaml文件
-yamlnew=$yaml.new
-rm -rf $yamlnew > /dev/null 2>&1
-result=$(curl -w %{http_code} -kLo $yamlnew $Https)
-if [ "$result" != "200" ];then
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo 当前使用规则为：$rule_link
+echo 1	ACL4SSR通用版无去广告（推荐）
+echo 2	ACL4SSR精简全能版（推荐）
+echo 3	ACL4SSR通用版+去广告加强
+echo 4	ACL4SSR精简版+去广告加强
+echo 5	ACL4SSR重度全分组+奈飞分流
+echo 6	ACL4SSR重度全分组+去广告加强
+echo 7	洞主规则精简版（推荐）
+echo 8	洞主规则重度完整版
+echo 9	神机规则高级版
+echo 10	神机规则-回国专用
+echo 11	李哥规则-墙洞专用
+echo 12	基础规则-仅Geoip CN+Final
+echo 13	网易云解锁-仅规则分组
+echo -----------------------------------------------
+echo 0 返回上级菜单
+read -p "请输入对应数字 > " num
+if [ -z "$num" ] || [[ $num -gt 13 ]];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo -e "\033[31m配置文件获取失败！\033[0m"
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo
-	if [ -z $markhttp ];then
-		exit;
-	else
-		read -p "是否更换后端地址后重试？[1/0] > " res
-		if [ "$res" = '1' ]; then
-			sed -i '/server_link=*/'d $ccfg
-			if [ "$server_link" = '7' ]; then
-				server_link=0
-			fi
-			server_link=$(($server_link + 1))
-			#echo $server_link
-			sed -i "1i\server_link=$server_link" $ccfg
-			getyaml
-		fi
-		exit;
-	fi
-else
-	if cat $yamlnew | grep ', server:' >/dev/null;then
-		#替换文件
-		if [ -f $yaml ];then
-			mv $yaml $yaml.bak
-		fi
-		mv $yamlnew $yaml
-		echo 配置文件已生成！正在重启clash使其生效！
-		#重启clash服务
-		/etc/init.d/clash restart
-		sleep 1
-		status=`ps |grep -w 'clash -d'|grep -v grep|wc -l`
-		if [[ $status -gt 0 ]];then
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			echo -e "\033[32mclash服务已启动！\033[0m"
-			echo -e "可以使用\033[30;47m http://clash.razord.top \033[0m管理clash内置规则"
-			host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
-			echo -e "Host地址:\033[30;46m $host \033[0m;端口:\033[30;46m 9999 \033[0m"
-			#将用户链接写入mark
-			sed -i '/Https=*/'d $ccfg
-			sed -i "7i\Https=\'$Https\'" $ccfg
-			clashsh
-		else
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			if [ -f $yaml.bak ];then
-				echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
-				mv $yaml.bak $yaml
-				/etc/init.d/clash start
-				clashsh
-			else
-				echo -e "\033[31mclash服务启动失败！请利用测试菜单排查问题！\033[0m"
-				clashsh
-			fi
-		fi
-	else
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[33m获取到了配置文件，但格式似乎不对！\033[0m"
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		sed -n '1,20p' $yamlnew
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	fi
-	exit;
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = 0 ]];then
+	echo 
+elif [[ $num -le 13 ]];then
+	#将对应标记值写入mark
+	sed -i '/rule_link*/'d $ccfg
+	sed -i "4i\rule_link="$num"" $ccfg	
+	rule_link=$num
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
+fi
+}
+linkserver(){
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[36m 感谢 https://github.com/tindy2013/subconverter \033[0m"
+echo 当前使用后端为：$server_link
+echo 1 subcon.dlj.tf
+echo 2 subconverter.herokuapp.com
+echo 3 subcon.py6.pw
+echo 4 api.dler.io
+echo 5 api.wcc.best
+echo -----------------------------------------------
+echo 0 返回上级菜单
+read -p "请输入对应数字 > " num
+if [ -z "$num" ] || [[ $num -gt 5 ]];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = 0 ]];then
+	echo
+elif [[ $num -le 5 ]];then
+	#将对应标记值写入mark
+	sed -i '/server_link*/'d $ccfg
+	sed -i "4i\server_link="$num"" $ccfg	
+	server_link=$num
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
+fi
+}
+linkfilter(){
+[ -z "$exclude" ] && exclude="未设置"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[33m当前过滤关键字：\033[47;30m$exclude\033[0m"
+echo -----------------------------------------------
+echo -e "\033[36m匹配关键字的节点会在导入时被屏蔽\033[0m"
+echo -e "多个关键字可以用\033[30;47m | \033[0m号分隔"
+echo -e "\033[32m支持正则表达式\033[0m，空格请使用\033[30;47m + \033[0m号替代"
+echo -----------------------------------------------
+echo -e " 000   \033[31m删除\033[0m关键字"
+echo -e " 回车  取消输入并返回上级菜单"
+echo -----------------------------------------------
+read -p "请输入关键字 > " exclude
+if [ -z "$exclude" ]; then
+	linkset
+elif [ "$exclude" = '000' ]; then
+	echo -----------------------------------------------
+	exclude=''
+	echo -e "\033[31m 已删除节点过滤关键字！！！\033[0m"
+fi
+sed -i '/exclude=*/'d $ccfg
+sed -i "1i\exclude=\'$exclude\'" $ccfg
+linkset
+}
+linkset(){
+if [ -n "$Url" ];then
+	[ -z "$skip_cert" ] && skip_cert=已开启
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[47;30m请检查输入的链接是否正确：\033[0m"
+	echo -e "\033[32;4m$Url\033[0m"
+	echo -----------------------------------------------
+	echo -e " 1 \033[32m生成配置文件（原文件将被备份）\033[0m"
+	echo -e " 2 \033[36m添加/修改节点过滤关键字 \033[47;30m$exclude\033[0m"
+	echo -e " 3 \033[33m选取配置规则模版\033[0m"
+	echo -e " 4 \033[0m选取在线生成服务器\033[0m"
+	echo -e " 5 \033[0m跳过本地证书验证：	\033[36m$skip_cert\033[0m   ————自建tls节点务必开启"
+	echo -----------------------------------------------
+	echo -e " 0 \033[31m取消导入\033[0m并返回上级菜单"
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		clashlink
+	elif [ "$num" = '0' ]; then
+		clashlink
+	elif [ "$num" = '1' ]; then
+		#将用户链接写入mark
+		sed -i '/Url=*/'d $ccfg
+		sed -i '/Https=*/'d $ccfg
+		sed -i "6i\Url=\'$Url\'" $ccfg
+		Https=""
+		#获取在线yaml文件
+		$clashdir/start.sh getyaml
+		start_over
+		exit;
+	elif [ "$num" = '2' ]; then
+		linkfilter
+		linkset
+	elif [ "$num" = '3' ]; then
+		linkconfig
+		linkset
+	elif [ "$num" = '4' ]; then
+		linkserver
+		linkset
+	elif [ "$num" = '5' ]; then
+		sed -i '/skip_cert*/'d $ccfg
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ "$skip_cert" = "未开启" ] > /dev/null 2>&1; then 
+			sed -i "1i\skip_cert=已开启" $ccfg
+			#echo -e "\033[33m已设为开启跳过本地证书验证！！\033[0m"
+			skip_cert=已开启
+		else
+			sed -i "1i\skip_cert=未开启" $ccfg
+			#echo -e "\033[33m已设为禁止跳过本地证书验证！！\033[0m"
+			skip_cert=未开启
+		fi
+		linkset
+	else
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请输入正确的数字！\033[0m"
+		linkset
+	fi
+	clashlink
 fi
-exit
 }
 getlink(){
 #设置输入循环
@@ -114,15 +154,12 @@ while [ $i -le 99 ]
 do
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+	echo -e "\033[31m本功能依赖第三方网站在线服务实现，脚本本身不提供任何代理服务！033[0m"
 	echo -----------------------------------------------
-	echo -e "支持批量导入\033[30;46m Http/Https/Clash \033[0m等格式的订阅链接"
-	echo -e "支持批量导入\033[30;42m Vmess/SSR/SS/Trojan/Sock5 \033[0m等格式的节点链接"
-	echo -e "\033[31m使用SSR节点请务必使用支持SSR的clash核心！\033[0m"
-	echo -e "多个较短的链接可以用\033[30;47m | \033[0m分隔以一次性输入"
-	echo -e "多个较长的链接请尽量分多次输入，可支持多达\033[30;47m 99 \033[0;36m次输入"
-	echo -e "\033[32m直接输入回车以结束输入并开始导入链接！\033[0m"
+	echo -e "支持批量导入订阅文件的在线链接"
 	echo -----------------------------------------------
-	echo -e "\033[33m 0 返回上级目录！\033[0m"
+	echo -e " 0   \033[31m撤销输入\033[0m"
+	echo -e "回车 \033[32m完成输入\033[0m并\033[33m开始导入\033[0m配置文件！"
 	echo -----------------------------------------------
 	read -p "请输入第"$i"个链接 > " url
 	test=$(echo $url | grep "://")
@@ -131,161 +168,165 @@ do
 	url=`echo ${url/\&config\=*/""}`   #将clash完整链接还原成单一链接
 	url=`echo ${url//\&/\%26}`   #将分隔符 & 替换成urlcode：%26
 	if [[ "$test" != "" ]];then
-		if [[ -z $Url ]];then
+		if [ -z "$Url" ];then
 			Url="$url"
 		else
 			Url="$Url"\|"$url"
 		fi
 		i=$(($i+1))
-	elif [ -z $url ];then
-		if [ -n $Url ];then
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			echo -e 请检查输入的链接是否正确：
-			echo -e "\033[4m$Url\033[0m"
-			read -p "确认导入配置文件？原配置文件将被更名为config.yaml.bak![1/0] > " res
-			if [ "$res" = '1' ]; then
-				#将用户链接写入mark
-				sed -i '/Url=*/'d $ccfg
-				sed -i '/Https=*/'d $ccfg
-				sed -i "6i\Url=\'$Url\'" $ccfg
-				#获取在线yaml文件
-				getyaml
-			fi
-			clashlink
-		fi
+	elif [ -z "$url" ];then
+		[ -n "$Url" ] && linkset
 	elif [[ $url == 0 ]];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m已撤销并删除所有已输入的链接！！！\033[0m"
+		Url=""
+		sleep 1
 		clashlink
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[31m请输入正确的订阅/分享链接！！！\033[0m"
+		echo -e "\033[31m请输入正确的订阅链接！！！\033[0m"
 	fi
 done
 ####
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 输入太多啦，可能会导致订阅失败！
 echo "多个较短的链接请尽量用“|”分隔以一次性输入！"
-echo -e "请检查输入的链接是否正确：\033[4m$Url\033[0m"
-read -p "确认导入配置文件？原配置文件将被更名为config.bak![1/0] > " res
-if [ "$res" = '1' ]; then
-	#将用户链接写入mark
-	sed -i '/Url=*/'d $ccfg
-	sed -i '/Https=*/'d $ccfg
-	sed -i "6i\Url=\'$Url\'" $ccfg
-	#获取在线yaml文件
-	getyaml
-else
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo 操作已取消！返回上级菜单！
-	clashlink
-fi
-	clashlink
+clashlink
 } 
 getlink2(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[33m仅限导入完整clash配置文件链接！！！\033[0m"
+echo -e "可以使用\033[32m https://acl4ssr.netlify.app \033[0m在线生成配置文件"
+echo -e "\033[36m导入后如无法运行，请使用【导入订阅】功能"
 echo -----------------------------------------------
-echo -e "\033[33m仅支持导入可直接在clash中使用的完整订阅链接"
-echo -e "\033[36m非完整链接请使用【导入节点/订阅链接】功能"
-echo -e "\033[31m注意如节点使用了chacha20加密协议，需将核心更新为clashr核心\033[0m"
-echo -----------------------------------------------
-echo -e "\033[33m0 返回上级目录！\033[0m"
+echo -e "\033[33m0 返回上级菜单\033[0m"
 echo -----------------------------------------------
 read -p "请输入完整链接 > " Https
-test=$(echo $Https | grep "://")
+test=$(echo $Https | grep -iE "http.*://" )
 Https=`echo ${Https/\ \(*\)/''}`   #删除恶心的超链接内容
-#Https=`echo ${Https//\&/\%26}`   #将分隔符 & 替换成Httpscode：%26
-if [ -n $Https ];then
-	if [ -n $test ];then
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e 请检查输入的链接是否正确：
-		echo -e "\033[4m$Https\033[0m"
-		read -p "确认导入配置文件？原配置文件将被更名为config.yaml.bak![1/0] > " res
-			if [ "$res" = '1' ]; then
-				#将用户链接写入mark
-				sed -i '/Url=*/'d $ccfg
-				sed -i '/Https=*/'d $ccfg
-				sed -i "6i\Https=\'$Https\'" $ccfg
-				#获取在线yaml文件
-				getyaml
-			fi
-			clashlink
-	fi
+if [ -n "$Https" -a -n "$test" ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e 请检查输入的链接是否正确：
+	echo -e "\033[4m$Https\033[0m"
+	read -p "确认导入配置文件？原配置文件将被更名为config.yaml.bak![1/0] > " res
+		if [ "$res" = '1' ]; then
+			#将用户链接写入mark
+			sed -i '/Url=*/'d $ccfg
+			sed -i '/Https=*/'d $ccfg
+			sed -i "6i\Https=\'$Https\'" $ccfg
+			#获取在线yaml文件
+			$clashdir/start.sh getyaml
+			start_over
+			exit;
+		fi
 elif [[ $Https == 0 ]];then
 	clashlink
 else
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo -e "\033[31m请输入正确的链接地址！！！\033[0m"
+	echo -e "\033[31m请输入正确的配置文件链接地址！！！\033[0m"
+	echo -e "\033[33m链接地址必须是http或者https开头的形式\033[0m"
+	clashlink
 fi
 }
+gettar(){
+	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
+	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
+	#解压
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo 开始解压文件！
+	mkdir -p $clashdir > /dev/null
+	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/
+	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
+	#初始化文件目录
+	[ -f "$clashdir/mark" ] || echo '#标识clash运行状态的文件，不明勿动！' > $clashdir/mark
+	#判断系统类型写入不同的启动文件
+	if [ -f /etc/rc.common ];then
+			#设为init.d方式启动
+			mv $clashdir/clashservice /etc/init.d/clash
+			chmod  777 /etc/init.d/clash
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		if [ -n "$sysdir" ];then
+			#设为systemd方式启动
+			mv $clashdir/clash.service $sysdir/clash.service
+			sed -i "s%/etc/clash%$clashdir%g" $sysdir/clash.service
+			systemctl daemon-reload
+			rm -rf /etc/init.d/clash
+		else
+			#设为保守模式启动
+			sed -i '/start_old=*/'d $clashdir/mark
+			sed -i "1i\start_old=已开启" $clashdir/mark
+		fi
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $clashdir/mark
+	sed -i "1i\versionsh_l=$release_new" $clashdir/mark
+	#设置环境变量
+	sed -i '/alias clash=*/'d /etc/profile
+	echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+	sed -i '/export clashdir=*/'d /etc/profile
+	echo "export clashdir=\"$clashdir\"" >> /etc/profile #设置clash路径环境变量
+	#删除临时文件
+	rm -rf /tmp/clashfm.tar.gz 
+	rm -rf $clashdir/clashservice
+	rm -rf $clashdir/clash.service
+}
 getsh(){
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[33m正在检查更新！\033[0m"
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $update_url/bin/version)
-[ "$result" != "200" ] && echo "检查更新失败！" && exit 1
-source /tmp/clashversion
 echo -----------------------------------------------
 echo -e "当前脚本版本为：\033[33m $versionsh_l \033[0m"
-echo -e "最新脚本版本为：\033[32m $versionsh \033[0m"
+echo -e "最新脚本版本为：\033[32m $release_new \033[0m"
 echo -----------------------------------------------
 read -p "是否更新脚本？[1/0] > " res
 if [ "$res" = '1' ]; then
-	if command -v curl &> /dev/null; then
-		echo 正在获取更新文件
-		result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $update_url/bin/clashfm.tar.gz)
-	else $result
-		wget-ssl -q --no-check-certificate --tries=1 --timeout=10 -O /tmp/clashfm.tar.gz $tarurl
-		[ $? -eq 0 ] && result="200"
-	fi
-	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
-	#解压
-	echo -----------------------------------------------
-	echo 开始解压文件！
-	mkdir -p $clashdir > /dev/null
-	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/ > /dev/null
-	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-	#初始化文件目录
-	mv $clashdir/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
-	chmod  777 $clashdir/clash  #授予权限
-	chmod  777 /etc/init.d/clash #授予权限
-
-	#删除临时文件
-	rm -rf /tmp/clashfm.tar.gz 
-	rm -rf /tmp/clashversion
+	tarurl=$update_url/bin/clashfm.tar.gz
+	#下载更新
+	gettar
 	#提示
 	echo -----------------------------------------------
 	echo -e "\033[32m管理脚本更新成功!\033[0m"
 	echo -----------------------------------------------
 	exit;
-else
-clashsh
+	else
+	update
 fi
 }
 getcore(){
-source $ccfg
+#source $ccfg
 #获取核心及版本信息
 if [ ! -f $clashdir/clash ]; then
 	clashcore=没有安装核心！
 	clashv=''
 fi
-
-cpucore=armv7
 clashcore_n=$clashcore
+#获取设备处理器架构
+cputype=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
+[ -n "$(echo $cputype | grep -E "linux.*armv.*")" ] && cpucore="armv5"
+[ -n "$(echo $cputype | grep -E "linux.*armv7.*")" ] && [ -n "$(cat /proc/cpuinfo | grep vfp)" ] && cpucore="armv7"
+[ -n "$(echo $cputype | grep -E "linux.*aarch64.*|linux.*armv8.*")" ] && cpucore="armv8"
+[ -n "$(echo $cputype | grep -E "linux.*x86.*")" ] && cpucore="386"
+[ -n "$(echo $cputype | grep -E "linux.*x86_64.*")" ] && cpucore="amd64"
+if [ -n "$(echo $cputype | grep -E "linux.*mips.*")" ];then
+	cpucore="mipsle-softfloat"
+	[ -n "$(uname -a | grep -E "M2100")" ] && cpucore="mipsle-hardfloat"
+fi
+###
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "当前clash核心：\033[47;30m $clashcore \033[46;30m$clashv\033[0m"
 echo -e "\033[32m请选择需要下载的核心版本！\033[0m"
 echo -----------------------------------------------
-echo "1 clash：     运行稳定，内存占用小"
-echo "(官方正式版)  不支持SSR，不支持Tun模式"
+echo "1 clash：     稳定，内存占用小，推荐！"
+echo "(官方正式版)  不支持Tun模式、混合模式"
 echo
-echo "2 clashr：    稳定，内存占用小，支持SSR"
-echo "(clashR修改版)不支持Tun模式"
-echo
-echo "3 clashpre：  支持SSR，支持Tun模式"
-echo "(高级预览版)  内存占用高，不支持chacha20加密"
+echo "2 clashpre：  支持Tun模式、混合模式"
+echo "(高级预览版)  内存占用更高"
 echo -----------------------------------------------
 echo 0 返回上级菜单 
 read -p "请输入对应数字 > " num
-	if [ -z $num ]; then
+	if [ -z "$num" ]; then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m请输入正确的数字！\033[0m"
 		update
@@ -293,10 +334,13 @@ read -p "请输入对应数字 > " num
 		update
 	elif [[ $num == 1 ]]; then
 		clashcore=clash
+		version=$clash_v
 	elif [[ $num == 2 ]]; then
-		clashcore=clashr
-	elif [[ $num == 3 ]]; then
 		clashcore=clashpre
+		version=$clashpre_v
+	elif [[ $num == 3 ]]; then
+		clashcore=clashr
+		version='已停止更新'
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m请输入正确的数字！\033[0m"
@@ -304,80 +348,46 @@ read -p "请输入对应数字 > " num
 	fi
 #生成链接
 corelink="$update_url/bin/$clashcore/clash-linux-$cpucore"
-versionlink="$update_url/bin/$clashcore/version"
-#检测版本
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[33m正在检查更新！\033[0m"
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $versionlink)
-[ "$result" != "200" ] && echo "检查更新失败！" && exit 1
-source /tmp/clashversion
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "当前clash核心：\033[0m $clashcore_n \033[33m$clashv\033[0m"
-echo -e "最新clash核心：\033[32m $clashcore \033[36m$version\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-read -p "是否更新？[1/0] > " res
-if [ "$res" = '1' ]; then
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo 正在连接服务器获取clash核心文件…………链接地址为：
-	echo -e "\033[4;32m$corelink\033[0m"
-	echo 如无法正常下载可以手动复制到浏览器下载核心文件！
-	echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
-	echo -e "|                                             |"
-	echo -e "|         需要一点时间，请耐心等待！          |"
-	echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出        |"
-	echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
-	#获取在线clash核心文件
-	result=$(curl -w %{http_code} -kLo /tmp/clash.new $corelink)
-	if [ "$result" != "200" ];then
-		echo -----------------------------------------------
-		echo -e "\033[31m核心文件下载失败！\033[0m"
-		echo -----------------------------------------------
-		getcore
-	else
-		echo -e "\033[32m$clashcore核心下载成功，正在替换！\033[0m"
-		mv /tmp/clash.new $clashdir/clash
-		chmod  777 $clashdir/clash  #授予权限
-		sed -i '/clashcore=*/'d $ccfg
-		sed -i "1i\clashcore=$clashcore" $ccfg
-		sed -i '/clashv=*/'d $ccfg
-		sed -i "1i\clashv=$version" $ccfg
-		rm -rf /tmp/clashversion
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[32m$clashcore核心替换成功，请手动启动clash服务！\033[0m"
-		clashsh
-	fi	
+echo 正在连接服务器获取clash核心文件…………链接地址为：
+echo -e "\033[4;32m$corelink\033[0m"
+echo 如无法正常下载可以手动复制到浏览器下载核心文件！
+echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo -e "|                                             |"
+echo -e "|         需要一点时间，请耐心等待！          |"
+echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出        |"
+echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+#获取在线clash核心文件
+result=$(curl -w %{http_code} -kLo /tmp/clash.new $corelink)
+if [ "$result" != "200" ];then
+	echo -----------------------------------------------
+	echo -e "\033[31m核心文件下载失败！\033[0m"
+	echo -----------------------------------------------
+	getcore
 else
-getcore
+	echo -e "\033[32m$clashcore核心下载成功，正在替换！\033[0m"
+	mv /tmp/clash.new $clashdir/clash
+	chmod  777 $clashdir/clash  #授予权限
+	sed -i '/clashcore=*/'d $ccfg
+	sed -i "1i\clashcore=$clashcore" $ccfg
+	sed -i '/clashv=*/'d $ccfg
+	sed -i "1i\clashv=$version" $ccfg
+	rm -rf /tmp/clashversion
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[32m$clashcore核心替换成功，请手动启动clash服务！\033[0m"
+	clashsh
 fi			
 }
 getgeo(){
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[30;46m感谢Alecthw大神提供的优质GeoIP数据库！！！\033[0m"
 echo -----------------------------------------------
-echo -e "\033[33m请选择下载源：\033[0m"
-echo -e " 1 默认源：$update_url"
-echo -e " 2 Alecthw大神的Github(需开启clash服务)"
-echo -e " 0 返回上级菜单"
-read -p "请输入对应数字 > " num
-	if	[ -z $num ]; then 
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[31m请输入正确的数字！\033[0m"
-		update
-	elif [[ $num == 0 ]]; then
-		update
-	elif [[ $num == 1 ]]; then
-		geolink="$update_url/bin/Country.mmdb"
-		#echo $geolink
-	elif [[ $num == 2 ]]; then
-		geolink="-x 127.0.0.1:7890 https://raw.githubusercontent.com/alecthw/mmdb_china_ip_list/release/Country.mmdb"
-	else
-		echo -e "\033[31m请输入正确的数字！\033[0m"
-		update
-		exit;
-	fi
+echo -e "当前GeoIP版本为：\033[33m $Geo_v \033[0m"
+echo -e "最新GeoIP版本为：\033[32m $GeoIP_v \033[0m"
+echo -----------------------------------------------
+read -p "是否更新数据库文件？[1/0] > " res
+if [ "$res" = '1' ]; then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo 正在从服务器获取数据库文件…………
-	result=$(curl -w %{http_code} -kLo $clashdir/Country.mmdb $geolink)
+	result=$(curl -w %{http_code} -kLo /tmp/Country.mmdb $update_url/bin/Country.mmdb)
 	if [ "$result" != "200" ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m文件下载失败！\033[0m"
@@ -386,22 +396,43 @@ read -p "请输入对应数字 > " num
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[32mGeoIP数据库文件下载成功！\033[0m"
-			update
+		mv /tmp/Country.mmdb $clashdir/Country.mmdb
+		sed -i '/Geo_v=*/'d $ccfg
+		sed -i "1i\Geo_v=$GeoIP_v" $ccfg
+		rm -rf /tmp/clashversion
+		clashsh
 	fi
-update
+else
+clashsh
+fi
 }
 getdb(){
-host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[36m安装本地版dashboard管理面板\033[0m"
 echo -----------------------------------------------
 echo -e "\033[32m打开管理面板的速度更快且更稳定"
-echo -e "\033[33m需要占用约500kb的本地空间(目录：/www/clash)\033[0m"
-echo -e "\033[36m可以使用\033[32;4mhttp://$host/clash\033[0;36m访问面板\033[0m"
+echo -e "\033[33m需要占用约500kb的本地空间\033[0m"
 echo -----------------------------------------------
-read -p "是否安装本地面板？[1/0] > " res
-if [ "$res" = '1' ]; then
-	if [ -d /www/clash ];then
+echo -e " 1 在$clashdir/ui目录安装（推荐！）\033[33m安装后需重启clash服务！！！\033[0m"
+echo " 2 在/www/clash目录安装(依赖路由器自带的Nginx服务，可能安装失败！)"
+echo -----------------------------------------------
+echo " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+
+if [ -z "$num" ];then
+	update
+elif [ "$num" = '1' ]; then
+	dbdir=$clashdir/ui
+	hostdir=":$db_port/ui\033[0;36m访问面板(需重启clash服务！)"
+elif [ "$num" = '2' ]; then
+	dbdir=/www/clash
+	hostdir='/clash\033[0;36m访问面板'
+else
+	update
+fi
+	#下载及安装
+	if [ -d /www/clash -o -d $clashdir/ui ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m检测到您已经安装过本地面板了！\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -410,6 +441,7 @@ if [ "$res" = '1' ]; then
 			update
 		elif [ "$res" = 1 ]; then
 			rm -rf /www/clash
+			rm -rf $clashdir/ui
 		else
 			update
 		fi
@@ -425,50 +457,85 @@ if [ "$res" = '1' ]; then
 		getdb
 	else
 		echo -e "\033[33m下载成功，正在解压文件！\033[0m"
-		mkdir -p /www/clash > /dev/null
-		tar -zxvf '/tmp/clashdb.tar.gz' -C /www/clash > /dev/null
+		mkdir -p $dbdir > /dev/null
+		tar -zxvf '/tmp/clashdb.tar.gz' -C $dbdir > /dev/null
 		[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-		echo -e "\033[32m面板安装成功！"
+		#修改默认host和端口
+		sed -i "s/127.0.0.1/${host}/g" $dbdir/js/*.js
+		sed -i "s/9090/${db_port}/g" $dbdir/js/*.js
+		#
+		echo -e "\033[32m面板安装成功！\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[36m请使用\033[32;4mhttp://$host/clash\033[0;36m访问面板\033[0m"
+		echo -e "\033[36m请使用\033[32;4mhttp://$host$hostdir\033[0m"
 		rm -rf /tmp/clashdb.tar.gz
 		update
 	fi
-fi		
+	
 update
 }
+catpac(){
+#检测目录
+[ ! -d /www/clash -a ! -d $clashdir/ui ]&&echo 未检测到本地Dashboard面板，请先安装面板！&&sleep 1&&getdb
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+[ -d /www/clash ]&&dir="/www/clash"&&pac=http://$host/clash/pac
+[ -d $clashdir/ui ]&&dir="$clashdir/ui"&&pac=http://$host:$db_port/ui/pac
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[30;47m生成用于设备WIFI或浏览器的自动PAC代理文件\033[0m"
+echo -e "\033[33m非纯净模式不推荐使用此功能\033[0m"
+[ -f $dir/pac ]&&echo -e "PAC地址：\033[32m$pac\033[0m"
+echo -----------------------------------------------
+echo -e " 1 生成PAC文件"
+echo -e " 2 清除PAC文件"
+echo -----------------------------------------------
+echo -e " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+	if [ "$num" = '1' ]; then
+		echo 'function FindProxyForURL(url, host) {' > $dir/pac
+		echo "    return \"SOCKS $host:$mix_port; PROXY $host:$mix_port; DIRECT;\"" >> $dir/pac
+		echo '}' >> $dir/pac
+		echo -e "\033[33mPAC文件已生成！\033[0m"
+		echo -e "PAC地址：\033[32m$pac\033[0m"
+		echo "使用教程：https://baike.baidu.com/item/PAC/16292100"
+		sleep 2
+	elif [[ $num == 2 ]]; then
+		rm -rf $dir/pac
+		echo -----------------------------------------------
+		echo -e "\033[33mPAC文件已清除！\033[0m"
+		sleep 1
+	fi
+}
 setserver(){
 
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[30;47m您可以在此处切换在线更新时使用的资源地址\033[0m"
 echo -e "当前源：\033[4;32m$update_url\033[0m"
 echo -----------------------------------------------
-echo -e " 1 CDN源(感谢\033[4;32mwww.jsdelivr.com\033[0m，推荐)"
-echo -e " 2 Github源(不稳定，不推荐)"
-echo -e " 3 Github源+clash代理(需开启clash服务，推荐)"
+echo -e " 1 Github源(直连美国服务器)"
+echo -e " 2 Jsdelivr-CDN源(仅同步最新release版本)"
+echo -e " 3 Github源+clash代理(需开启clash服务)"
 echo -e " 4 自定义输入(请务必确保路径正确)"
 echo -e " 0 返回上级菜单"
 read -p "请输入对应数字 > " num
-if	[ -z $num ]; then 
+if	[ -z "$num" ]; then 
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[31m请输入正确的数字！\033[0m"
 	update
 elif [[ $num == 1 ]]; then
-	update_url="https://cdn.jsdelivr.net/gh/juewuy/clash-for-Miwifi"
-elif [[ $num == 9 ]]; then
-	update_url="https://juewuy.xyz/clash"
+	update_url='--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master'
 elif [[ $num == 2 ]]; then
-	update_url="https://raw.githubusercontent.com/juewuy/clash-for-Miwifi/master"
+	update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash'
 elif [[ $num == 3 ]]; then
-	update_url="-x 127.0.0.1:7890 https://raw.githubusercontent.com/juewuy/clash-for-Miwifi/master"
+	update_url='-x 127.0.0.1:'$mix_port' https://raw.githubusercontent.com/juewuy/ShellClash/master'
 elif [[ $num == 4 ]]; then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	read -p "请输入个人源路径 > " update_url
-	if [ -n $update_url ];then
+	if [ -z "$update_url" ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[31m取消输入，返回上级菜单！\033[0m"
+		echo -e "\033[31m取消输入，返回上级菜单\033[0m"
 		update
 	fi
+elif [[ $num == 9 ]]; then
+	update_url='http://127.0.0.1:8080/clash-for-Miwifi'
 else
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[31m请输入正确的数字！\033[0m"
@@ -479,5 +546,6 @@ sed -i '/update_url*/'d $ccfg
 sed -i "1i\update_url=\'$update_url\'" $ccfg
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[32m源地址更新成功！\033[0m"
+release_new=""
 update
 }

scripts/start.sh

@@ -0,0 +1,359 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+getconfig(){
+#加载环境变量
+[ -z "$clashdir" ] && source /etc/profile > /dev/null 2>&1
+ccfg=$clashdir/mark
+#检查/读取标识文件
+[ ! -f $ccfg ]&& echo '#标识clash运行状态的文件，不明勿动！' >> $ccfg
+source $ccfg
+#默认设置
+[ -z "$skip_cert" ] && skip_cert=已开启
+[ -z "$common_ports" ] && common_ports=已开启
+[ -z "$dns_mod" ] && dns_mod=redir_host
+[ -z "$dns_over" ] && dns_over=已开启
+[ -z "$modify_yaml" ] && modify_yaml=未开启
+[ -z "$ipv6_support" ] && ipv6_support=未开启
+[ -z "$start_old" ] && start_old=未开启
+[ -z "$local_proxy" ] && local_proxy=未开启
+[ -z "$mix_port" ] && mix_port=7890
+[ -z "$redir_port" ] && redir_port=7892
+[ -z "$db_port" ] && db_port=9999
+[ -z "$dns_port" ] && dns_port=1053
+#是否代理常用端口
+[ "$common_ports" = "已开启" ] && ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
+}
+getyaml(){
+#前后端订阅服务器地址索引，可在此处添加！
+Server=`sed -n ""$server_link"p"<<EOF
+subcon.dlj.tf
+subconverter.herokuapp.com
+subcon.py6.pw
+api.dler.io
+api.wcc.best
+EOF`
+Config=`sed -n ""$rule_link"p"<<EOF
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_Netflix.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_AdblockPlus.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_clash.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/lhie1_dler.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_pro.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/connershua_backtocn.ini
+https://gist.githubusercontent.com/tindy2013/1fa08640a9088ac8652dbd40c5d2715b/raw/dlercloud_lige_platinum.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/basic.ini
+https://subconverter.oss-ap-southeast-1.aliyuncs.com/Rules/RemoteConfig/special/netease.ini
+EOF`
+#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
+if [ -z "$Https" ];then
+	#echo $Url
+	Https="https://$Server/sub?target=clashr&insert=true&new_name=true&scv=true&exclude=$exclude&url=$Url&config=$Config"
+	markhttp=1
+fi
+#
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo 正在连接服务器获取配置文件…………链接地址为：
+echo -e "\033[4;32m$Https\033[0m"
+echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
+echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo -e "|                                             |"
+echo -e "|         需要一点时间，请耐心等待！          |"
+echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出\033[36m        |"
+echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+#获取在线yaml文件
+yaml=$clashdir/config.yaml
+yamlnew=/tmp/config.yaml
+rm -rf $yamlnew > /dev/null 2>&1
+result=$(curl -w %{http_code} -kLo $yamlnew $Https)
+if [ "$result" != "200" ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m配置文件获取失败！\033[0m"
+	if [ -z "$markhttp" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m请尝试使用【导入节点/链接】功能！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+		
+	else
+		read -p "是否更换后端地址后重试？[1/0] > " res
+		if [ "$res" = '1' ]; then
+			sed -i '/server_link=*/'d $ccfg
+			if [[ $server_link -ge 6 ]]; then
+				server_link=0
+			fi
+			server_link=$(($server_link + 1))
+			echo $server_link
+			sed -i "1i\server_link=$server_link" $ccfg
+			Https=""
+			getyaml
+		fi
+	fi
+else
+	Https=""
+	#检测节点
+	if [ -z "$(cat $yamlnew | grep 'server:' | grep -v 'nameserver')" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[33m获取到了配置文件，但似乎并不包含正确的节点信息！\033[0m"
+		echo -----------------------------------------------
+		sed -n '1,30p' $yamlnew
+		echo -----------------------------------------------
+		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测旧格式
+	if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m已经停止对旧格式配置文件的支持！！！\033[0m"
+		echo -e "请使用新格式或者使用【导入节点/链接】功能！"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#检测不支持的加密协议
+	if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[31m不支持chacha20加密，请更换节点加密协议！！！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+	#替换文件
+	[ -f $yaml ] && mv $yaml $yaml.bak
+	mv $yamlnew $yaml
+	echo 配置文件已生成！正在启动clash使其生效！
+	#重启clash服务
+	$0 stop
+	$0 start
+	sleep 1
+	if [ -z "$(pidof clash)" ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ -f $yaml.bak ];then
+			$clashdir/start.sh stop
+			mv $yaml.bak $yaml
+			$0 start
+			echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
+			sleep 1
+			[ -n "$(pidof clash)" ] && exit 0
+		fi
+		echo -e "\033[31mclash服务启动失败！请查看报错信息！\033[0m"
+		$0 stop
+		$clashdir/clash -t -d $clashdir
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		exit 1
+	fi
+fi
+}
+modify_yaml(){
+##########需要变更的配置###########
+lan='allow-lan: true'
+mode='mode: Rule'
+log='log-level: info'
+[ "$ipv6_support" = "已开启" ] && ipv6='ipv6: true' || ipv6='ipv6: false'
+external="external-controller: 0.0.0.0:$db_port"
+[ -d $clashdir/ui ] && db_ui=ui
+[ "$redir_mod" != "Redir模式" ] && tun='tun: {enable: true, stack: system}' || tun='tun: {enable: false}'
+exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
+#dns配置
+if [ "$dns_mod" = "fake-ip" ];then
+	dns='dns: {enable: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, fake-ip-filter: ["*.lan", "time.windows.com", "time.nist.gov", "time.apple.com", "time.asia.apple.com", "*.ntp.org.cn", "*.openwrt.pool.ntp.org", "time1.cloud.tencent.com", "time.ustc.edu.cn", "pool.ntp.org", "ntp.ubuntu.com", "ntp.aliyun.com", "ntp1.aliyun.com", "ntp2.aliyun.com", "ntp3.aliyun.com", "ntp4.aliyun.com", "ntp5.aliyun.com", "ntp6.aliyun.com", "ntp7.aliyun.com", "time1.aliyun.com", "time2.aliyun.com", "time3.aliyun.com", "time4.aliyun.com", "time5.aliyun.com", "time6.aliyun.com", "time7.aliyun.com", "*.time.edu.cn", "time1.apple.com", "time2.apple.com", "time3.apple.com", "time4.apple.com", "time5.apple.com", "time6.apple.com", "time7.apple.com", "time1.google.com", "time2.google.com", "time3.google.com", "time4.google.com", "music.163.com", "*.music.163.com", "*.126.net", "musicapi.taihe.com", "music.taihe.com", "songsearch.kugou.com", "trackercdn.kugou.com", "*.kuwo.cn", "api-jooxtt.sanook.com", "api.joox.com", "joox.com", "y.qq.com", "*.y.qq.com", "streamoc.music.tc.qq.com", "mobileoc.music.tc.qq.com", "isure.stream.qqmusic.qq.com", "dl.stream.qqmusic.qq.com", "aqqmusic.tc.qq.com", "amobile.music.tc.qq.com", "*.xiami.com", "*.music.migu.cn", "music.migu.cn", "*.msftconnecttest.com", "*.msftncsi.com", "localhost.ptlogin2.qq.com", "*.*.*.srv.nintendo.net", "*.*.stun.playstation.net", "xbox.*.*.microsoft.com", "*.*.xboxlive.com", "proxy.golang.org"], nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+elif [ "$dns_over" = "已开启" ];then
+	dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+else
+	dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:'$dns_port', use-hosts: true, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4], fallback-filter: {geoip: true}}'
+fi
+
+###################################
+	yaml=$clashdir/config.yaml
+	#预删除需要添加的项目
+	i=$(grep  -n  "^proxies:" $clashdir/config.yaml | head -1 | cut -d ":" -f 1)
+	i=$(($i-1))
+	sed -i "1,${i}d" $yaml
+	#添加配置
+	sed -i "1imixed-port:\ $mix_port" $yaml
+	sed -i "1aredir-port:\ $redir_port" $yaml
+	sed -i "2a$lan" $yaml
+	sed -i "3a$mode" $yaml
+	sed -i "4a$log" $yaml
+	sed -i "5a$ipv6" $yaml
+	sed -i "6aexternal-controller:\ :$db_port" $yaml
+	sed -i "7aexternal-ui:\ $db_ui" $yaml
+	sed -i "8asecret:\ $secret" $yaml
+	sed -i "9a$dns" $yaml
+	sed -i "10a$tun" $yaml
+	sed -i "11a$exper" $yaml
+	#跳过本地tls证书验证
+	if [ "$skip_cert" = "已开启" ];then
+	sed -i '10,99s/skip-cert-verify: false/skip-cert-verify: true/' $yaml
+	else
+	sed -i '10,99s/skip-cert-verify: true/skip-cert-verify: false/' $yaml
+	fi
+}
+mark_time(){
+	start_time=`date +%s`
+	sed -i '/start_time*/'d $clashdir/mark
+	sed -i "1i\start_time=$start_time" $clashdir/mark
+}
+start_redir(){
+	#流量过滤规则
+	iptables -t nat -N clash
+	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
+	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
+	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash -m mac --mac-source $mac -j RETURN
+	done
+	#设置防火墙流量转发
+	iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports $redir_port
+	iptables -t nat -A PREROUTING -p tcp -j clash
+	#设置ipv6转发
+	if [ "$ipv6_support" = "已开启" ];then
+		ip6tables -t nat -N clashv6
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clashv6 -m mac --mac-source $mac -j RETURN
+		done
+		ip6tables -t nat -A clashv6 -p tcp $ports-j REDIRECT --to-ports $redir_port
+		ip6tables -t nat -A PREROUTING -p tcp -j clashv6
+	fi
+}
+stop_iptables(){
+    #重置iptables规则
+	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.8.8 -j clash_dns > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p tcp -d 8.8.4.4 -j clash_dns > /dev/null 2>&1
+	iptables -t nat -F clash > /dev/null 2>&1
+	iptables -t nat -X clash > /dev/null 2>&1
+	iptables -t nat -F clash_dns > /dev/null 2>&1
+	iptables -t nat -X clash_dns > /dev/null 2>&1
+	iptables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	#重置ipv6规则
+	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 > /dev/null 2>&1
+	ip6tables -t nat -D PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -F clashv6 > /dev/null 2>&1
+	ip6tables -t nat -X clashv6 > /dev/null 2>&1
+	ip6tables -t nat -F clashv6_dns > /dev/null 2>&1
+	ip6tables -t nat -X clashv6_dns > /dev/null 2>&1
+	ip6tables -D FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+}
+start_dns(){
+	#允许tun网卡接受流量
+	if [ "$redir_mod" = "Tun模式" -o "$redir_mod" = "混合模式" ];then
+		iptables -I FORWARD -o utun -j ACCEPT
+		[ "$ipv6_support" = "已开启" ] && ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	fi
+	#设置dns转发
+	iptables -t nat -N clash_dns
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN
+	done
+	iptables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to $dns_port
+	iptables -t nat -A clash_dns -p tcp --dport 53 -j REDIRECT --to $dns_port
+	iptables -t nat -A PREROUTING -p udp -j clash_dns
+	#Google home DNS特殊处理
+	iptables -t nat -I PREROUTING -p tcp -d 8.8.8.8 -j clash_dns
+	iptables -t nat -I PREROUTING -p tcp -d 8.8.4.4 -j clash_dns
+	#ipv6DNS
+	ip6_nat=$(ip6tables -t nat -L 2>&1|grep -o 'not exist')
+	if [ -z "ip6_nat" ];then
+		ip6tables -t nat -N clashv6_dns > /dev/null 2>&1
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clashv6_dns -m mac --mac-source $mac -j RETURN > /dev/null 2>&1
+		done
+		ip6tables -t nat -A clashv6_dns -p udp --dport 53 -j REDIRECT --to $dns_port > /dev/null 2>&1
+		ip6tables -t nat -A PREROUTING -p udp -j clashv6_dns > /dev/null 2>&1
+	else
+		 ip6tables -I INPUT -p tcp --dport 53 -j DROP
+	fi
+}
+daemon(){
+	if [ -n "$cronpath" ];then
+		echo '*/1 * * * * test -z "$(pidof clash)"  &&  /etc/init.d/clash restart #clash保守模式守护进程' >> $cronpath
+		chmod 600 $cronpath
+	else
+		echo 找不到定时任务配置文件，无法添加守护进程！
+		echo 请进入定时任务菜单手动指定系统定时任务文件路径！！！
+	fi
+}
+set_proxy(){
+	echo 'export http_proxy=http://127.0.0.1:'"$mix_port" >> /etc/profile
+	echo 'export https_proxy=$http_proxy' >> /etc/profile
+	echo 'export HTTP_PROXY=$http_proxy' >> /etc/profile
+	echo 'export HTTPS_PROXY=$http_proxy' >> /etc/profile
+	source /etc/profile > /dev/null 2>&1
+}
+unset_proxy(){
+	sed -i '/http*_proxy/'d /etc/profile
+	sed -i '/HTTP*_PROXY/'d /etc/profile
+	source /etc/profile > /dev/null 2>&1
+}
+afstart(){
+	#读取配置文件
+	getconfig
+	#修改iptables规则使流量进入clash
+	stop_iptables
+	[ "$redir_mod" != "纯净模式" ] && start_dns
+	[ "$redir_mod" != "纯净模式" ] && [ "$redir_mod" != "Tun模式" ] && start_redir
+	#标记启动时间
+	mark_time
+	#设置本机代理
+	[ "$local_proxy" = "已开启" ] && set_proxy
+}
+
+case "$1" in
+
+afstart)
+		afstart
+	;;
+start)		
+		#读取配置文件
+		getconfig
+		#使用内置规则强行覆盖config配置文件
+		[ "$modify_yaml" != "已开启" ] && modify_yaml
+		#使用不同方式启动clash服务
+		if [ "$start_old" = "已开启" ];then
+			$clashdir/clash -d $clashdir >/dev/null 2>&1 &
+			daemon
+			afstart
+		elif [ -f /etc/rc.common ];then
+			/etc/init.d/clash start
+		else
+			systemctl start clash.service
+		fi
+	;;
+stop)	
+		#读取配置文件
+		getconfig
+		#删除守护进程
+		sed -i /clash保守模式守护进程/d $cronpath >/dev/null 2>&1
+		#多种方式结束进程
+		if [ -f /etc/rc.common ];then
+			/etc/init.d/clash stop >/dev/null 2>&1
+		else
+			systemctl stop clash.service >/dev/null 2>&1
+		fi
+		killall -9 clash >/dev/null 2>&1
+		#清理iptables
+		stop_iptables
+		#禁用本机代理
+		[ "$local_proxy" = "已开启" ] && unset_proxy
+        ;;
+restart)
+        $0 stop
+        $0 start
+        ;;
+getyaml)	
+		getconfig
+		getyaml
+		;;
+daemon)	
+		daemon
+		;;
+esac