v1.0.0beta7

~全面兼容Debian/Armbian/Centos等标准Linux系统
~增加配置本机代理功能
~重写启动脚本，优化在不同系统下的启动方式
~支持以systemd方式启动及守护进程
~~大幅度优化优化安装脚本及更新机制，修复cdn更新延迟
~修改定时任务机制，增加稳定性

README.md

@@ -1,49 +1,52 @@
-# clash-for-Miwifi
+# ShellClash（原Clash for Miwifi）
-在小米AX3600/AX1800/AX5等路由器上使用clash做透明代理
+在shell环境下一键部署及管理[clash](https://github.com/Dreamacro/clash)
 =====
 
 功能简介：
 --
-~支持小米AX系列路由器设备使用clash做透明代理，更多的设备支持可以前往TG群报名参与测试<br>
+~通过管理脚本在shell环境下便捷使用[clash](https://github.com/Dreamacro/clash)<br>
-~支持SS、SSR、v2ray、trojan、sock5等协议<br>
+~支持在shell环境下管理[clash各种功能](https://lancellc.gitbook.io/clash)<br>
-~支持批量导入节点链接及订阅链接<br>
+~支持批量导入SS/SSR/v2ray/trojan节点链接及各种订阅链接<br>
-~支持使用网页面板管理规则组<br>
+~支持使用/安装网页面板管理规则组<br>
-~支持多种模式切换，支持在线更新<br>
+~支持局域网透明代理/纯净模式等多种模式切换<br>
-~支持部署内置的管理面板<br>
+~支持在线更新<br>
-~更多功能可在使用中发掘<br>
+
+使用方式：
+--
+~确认路由器或设备已经开启SSH并获取root权限<br>
+~使用SSH连接工具（如putty，JuiceSSH，mac终端）登陆路由器或设备的SSH管理界面<br>
+~在SSH界面执行如下安装命令，并按照提示安装clash管理脚本<br>
+OpenWrt系统：
+```Shell
+sh -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+```
+或者
+```Shell
+sh -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash/install_cdn.sh)" && source /etc/profile &> /dev/null
+```
+Debian/CenOS/Armbian等默认使用dash的Linux系统：
+```Shell
+bash -c "$(curl -kfsSl --resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
+```
+或者
+```Shell
+bash -c "$(curl -kfsSl https://cdn.jsdelivr.net/gh/juewuy/ShellClash/install_cdn.sh)" && source /etc/profile &> /dev/null
+```
+~安装完成管理脚本后，执行如下命令以运行管理脚本<br>
+```Shell
+clash
+```
+
+设备支持：
+--
+~支持小米/红米全系使用官方系统或官方开发版系统的路由器设备（ac2100系列除外）<br>
+~支持所有基于openwrt或使用openwrt二次开发的路由器设备<br>
+~支持各种运行标准Linux系统（Debian/CenOS/Armbian等）的设备<br>
+~如有不兼容的Linux设备或CPU架构请提issue或前往TG群反馈（需提供设备名称及运行uname -a返回的设备核心信息）<br>
 
 更新日志：
 --
-* v0.8.7<br>
+https://github.com/juewuy/ShellClash/releases
-~修复了脚本更新路径不正确的bug<br>
-~调整了geoip数据库下载源地址<br>
-~增加了自定义源输入检测<br>
-* v0.8.6<br>
-~新增CDN下载源和Github下载源，下载更新速度更快<br>
-~新增了切换下载源的选项菜单<br>
-~界面UI优化及bug修复<br>
-* v0.8.5<br>
-~新增了Tun/Redir混合模式<br>
-~新增是否支持ipv6的开关<br>
-~新增了更新核心时的版本检测<br>
-~新增了本地面板重复安装提示<br>
-~修复了部分报错提示<br>
-~修复了部分设定未及时更新的bug<br>
-* v0.8.4<br>
-~更新在线下载GeoIP数据库功能<br>
-~更新在线下载及部署Dashboard面板功能<br>
-~UI小幅度优化<br>
-
-使用依赖：
---
-~路由器或设备已经开启SSH并获取root权限<br>
-~SSH连接工具，例如putty，bitvise，JuiceSSH（支持安卓手机）等<br>
-
-一键安装：
---
-```Shell
-sh -c "$(curl -kfsSl https://juewuy.xyz/clash/install.sh)" && source /etc/profile &> /dev/null
-```
 
 交流反馈：
 --
@@ -51,23 +54,12 @@ sh -c "$(curl -kfsSl https://juewuy.xyz/clash/install.sh)" && source /etc/profil
 
 已知问题：
 --
-~Tun模式下clash服务可能会和小米路由器内置的tx网游加速器冲突，请谨慎同时使用<br>
+~Tun模式下clash服务可能会和路由器内置的网游加速器冲突，请谨慎同时使用<br>
-~Redir模式无法转发udp流量，外服游戏可能会受影响，此功能是由官方系统阉割了Tproxy导致，暂时无解，外服游戏用户建议使用Tun模式<br>
+~Redir模式暂不支持转发udp流量，外服游戏可能会受影响，外服游戏用户建议使用Tun模式<br>
+~部分设备长时间使用会出现内存占用偏高——此为golang内存回收不及时导致，可以通过屏蔽p2p流量及设置每日定时重启核心以缓解<br>
+~节点无法连接——在【clash功能设置】中打开【跳过本地证书验证】<br>
+~非OpenWrt系统下定时任务不工作，待修复<br>
 
-ToDo：
+友情推广：
 --
-~~增加订阅功能~~<br>
+https://dler.best/auth/register?affid=89698
-~~添加一键安装脚本~~<br>
-~~增加屏蔽P2P流量功能~~<br>
-~~增加更新功能~~<br>
-~~修复redir-host DNS以及IPV6支持~~<br>
-~增加定时功能<br>
-
-感谢：
---
-~https://lancellc.gitbook.io/clash/start-clash/clash-tun-mode<br>
-~https://comzyh.gitbook.io/clash/<br>
-~https://h-cheung.gitlab.io/post/使用_clash_和路由表实现透明代理<br>
-~https://www.right.com.cn/forum/thread-4042741-1-1.html<br>
-
-

bin/clash/version

@@ -1 +1 @@
-version=1.0.0
+version=1.1.0

bin/clashpre/version

@@ -1 +1 @@
-version=1.0.0
+version=2020.08.16

bin/version

@@ -1 +1,2 @@
-versionsh=0.8.7
+GeoIP_v=20200917
+versionsh=1.0.0beta7

install.sh

@@ -1,24 +1,22 @@
- #!/bin/sh
+#! /bin/bash
 # Copyright (C) Juewuy
 
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
-echo "**             Clash for Miwifi              **"
+echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
-
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
-url="https://juewuy.xyz/clash/"
+release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $url/bin/version)
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
-[ "$result" != "200" ] && echo "无法连接到服务器！" && exit 1
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
-source /tmp/clashversion
+echo -e "最新版本：\033[32m$release_new\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "~~~~版本：\033[32m$versionsh\033[0m"
+echo -e "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[37m支持各种基于openwrt的路由器设备"
+echo -e "\033[33m有限兼容debian、centos等Linux系统\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m使用中如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[32m 1 在默认目录(/etc)安装ShellClash"
-echo -e "\033[37m目前仅支持小米AX系列3款路由器"
-echo -e "\033[44m其余型号可到TG群报名参与测试\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[32m 1 在默认目录(/etc)安装Clash for Miwifi"
 echo -e "\033[33m 2 手动设置安装目录（不明勿用！）"
 echo -e "\033[0m 0 退出安装"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -27,9 +25,9 @@ read -p "请输入相应数字 > " num
 if [ -z $num ];then
 	echo 安装已取消
 	exit;
-elif [[ $num == 1 ]];then
+elif [ "$num" = "1" ];then
 	dir=/etc
-elif [[ $num == 2 ]];then
+elif [ "$num" = "2" ];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo '可用路径 剩余空间:'
 	df -h | awk '{print $6,$2}'| sed 1d 
@@ -47,7 +45,7 @@ fi
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 开始从服务器获取安装文件！
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-tarurl=$url/bin/clashfm.tar.gz
+tarurl=$url@$release_new/bin/clashfm.tar.gz
 if command -v curl &> /dev/null; then
 	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
 else $result
@@ -59,29 +57,45 @@ fi
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 开始解压文件！
 mkdir -p $dir/clash > /dev/null
-tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/ > /dev/null
+tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/
 [ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-#初始化文件目录
+#判断系统类型写入不同的启动文件
-mv $dir/clash/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
+if [ -n "$(cat /proc/version | grep -i openwrt)" ];then
-chmod  777 $dir/clash/clash  #授予权限
+	mv $dir/clash/clashservice /etc/init.d/clash #将rc服务文件移动到系统目录
 	chmod  777 /etc/init.d/clash #授予权限
+	rm -rf $dir/clash/clash.service 
+else
+	[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+	[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+	mv $dir/clash/clash.service $sysdir/clash.service #将service服务文件移动到系统目录
+	sed -i "s%/etc/clash%${dir}/clash%g" $sysdir/clash.service
+	rm -rf $dir/clash/clashservice
+	rm -rf /etc/init.d/clash
+fi
+#初始化文件目录
 if [ ! -f "$dir/clash/mark" ]; then
-cat >$ccfg<<EOF
+cat >$dir/clash/mark<<EOF
 #标识clash运行状态的文件，不明勿动！
 EOF
 fi
+#修饰文件及版本号
+shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $dir/clash/start.sh
+chmod  777 $dir/clash/start.sh
 sed -i '/versionsh_l=*/'d $dir/clash/mark
-sed -i "1i\versionsh_l=$versionsh" $dir/clash/mark
+sed -i "1i\versionsh_l=$release_new" $dir/clash/mark
 #设置环境变量
+
 sed -i '/alias clash=*/'d /etc/profile
-echo "alias clash=\"sh $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+echo "alias clash=\"$shtype $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
 sed -i '/export clashdir=*/'d /etc/profile
 echo "export clashdir=\"$dir/clash\"" >> /etc/profile #设置clash路径环境变量
 #删除临时文件
 rm -rf /tmp/clashfm.tar.gz 
 #提示
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo clash for Miwifi 已经安装成功!
+echo ShellClash 已经安装成功!
-echo -e "\033[33m直接输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

install_cdn.sh

@@ -1,24 +1,22 @@
- #!/bin/sh
+#! /bin/bash
 # Copyright (C) Juewuy
 
 echo "***********************************************"
 echo "**                 欢迎使用                  **"
-echo "**             Clash for Miwifi              **"
+echo "**                ShellClash                 **"
 echo "**                             by  Juewuy    **"
 echo "***********************************************"
-
+url="https://cdn.jsdelivr.net/gh/juewuy/ShellClash"
-url="https://juewuy.xyz/clash/"
+release_new=$(curl -kfsSL --resolve api.github.com:443:140.82.113.5 "https://api.github.com/repos/juewuy/ShellClash/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $url/bin/version)
+[ -z "$release_new" ] && release_new=$(curl -kfsSL $url/bin/version | grep "versionsh" | awk -F "=" '{print $2}')
-[ "$result" != "200" ] && echo "无法连接到服务器！" && exit 1
+[ -z "$release_new" ] && echo "无法连接服务器！" && exit
-source /tmp/clashversion
+echo -e "最新版本：\033[32m$release_new\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "~~~~版本：\033[32m$versionsh\033[0m"
+echo -e "\033[44m如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[37m支持各种基于openwrt的路由器设备"
+echo -e "\033[33m有限兼容debian、centos等Linux系统\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m使用中如遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[32m 1 在默认目录(/etc)安装ShellClash"
-echo -e "\033[37m目前仅支持小米AX系列3款路由器"
-echo -e "\033[44m其余型号可到TG群报名参与测试\033[0m"
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[32m 1 在默认目录(/etc)安装Clash for Miwifi"
 echo -e "\033[33m 2 手动设置安装目录（不明勿用！）"
 echo -e "\033[0m 0 退出安装"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -27,9 +25,9 @@ read -p "请输入相应数字 > " num
 if [ -z $num ];then
 	echo 安装已取消
 	exit;
-elif [[ $num == 1 ]];then
+elif [ "$num" = "1" ];then
 	dir=/etc
-elif [[ $num == 2 ]];then
+elif [ "$num" = "2" ];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo '可用路径 剩余空间:'
 	df -h | awk '{print $6,$2}'| sed 1d 
@@ -47,7 +45,7 @@ fi
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 开始从服务器获取安装文件！
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-tarurl=$url/bin/clashfm.tar.gz
+tarurl=$url@$release_new/bin/clashfm.tar.gz
 if command -v curl &> /dev/null; then
 	result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $tarurl)
 else $result
@@ -59,29 +57,45 @@ fi
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 开始解压文件！
 mkdir -p $dir/clash > /dev/null
-tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/ > /dev/null
+tar -zxvf '/tmp/clashfm.tar.gz' -C $dir/clash/
 [ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-#初始化文件目录
+#判断系统类型写入不同的启动文件
-mv $dir/clash/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
+if [ -n "$(cat /proc/version | grep -i openwrt)" ];then
-chmod  777 $dir/clash/clash  #授予权限
+	mv $dir/clash/clashservice /etc/init.d/clash #将rc服务文件移动到系统目录
 	chmod  777 /etc/init.d/clash #授予权限
+	rm -rf $dir/clash/clash.service 
+else
+	[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+	[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+	mv $dir/clash/clash.service $sysdir/clash.service #将service服务文件移动到系统目录
+	sed -i "s%/etc/clash%${dir}/clash%g" $sysdir/clash.service
+	rm -rf $dir/clash/clashservice
+	rm -rf /etc/init.d/clash
+fi
+#初始化文件目录
 if [ ! -f "$dir/clash/mark" ]; then
-cat >$ccfg<<EOF
+cat >$dir/clash/mark<<EOF
 #标识clash运行状态的文件，不明勿动！
 EOF
 fi
+#修饰文件及版本号
+shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $dir/clash/start.sh
+chmod  777 $dir/clash/start.sh
 sed -i '/versionsh_l=*/'d $dir/clash/mark
-sed -i "1i\versionsh_l=$versionsh" $dir/clash/mark
+sed -i "1i\versionsh_l=$release_new" $dir/clash/mark
 #设置环境变量
+
 sed -i '/alias clash=*/'d /etc/profile
-echo "alias clash=\"sh $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
+echo "alias clash=\"$shtype $dir/clash/clash.sh\"" >> /etc/profile #设置快捷命令环境变量
 sed -i '/export clashdir=*/'d /etc/profile
 echo "export clashdir=\"$dir/clash\"" >> /etc/profile #设置clash路径环境变量
 #删除临时文件
 rm -rf /tmp/clashfm.tar.gz 
 #提示
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo clash for Miwifi 已经安装成功!
+echo ShellClash 已经安装成功!
-echo -e "\033[33m直接输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理！！！\033[0m"
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

scripts/clash.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=clash
+After=network.target
+
+[Service]
+Type=simple
+User=root
+ExecStart=/etc/clash/clash -d /etc/clash
+ExecStartPost=/etc/clash/start.sh afstart
+Restart=on-failure
+RestartSec=3s
+
+
+[Install]
+WantedBy=multi-user.target

scripts/clashservice

@@ -3,129 +3,11 @@
 # Copyright (C) 2007 OpenWrt.org
 
 USE_PROCD=1
-START=99
+START=92
 
-getconfig(){
+start_service() {
 	#开机加载环境变量保证找到文件路径
 	source /etc/profile > /dev/null 2>&1
-ccfg=$clashdir/mark
-if [ ! -f "$ccfg" ]; then
-	echo mark文件不存在，默认以Redir模式运行！
-cat >$ccfg<<EOF
-#标识clash运行状态的文件，不明勿动！
-EOF
-	#指定一些默认状态
-	redir_mod=redir模式
-	common_ports=未开启
-	dns_mod=redir-host
-	modify_yaml=未开启
-	ipv6_support=未开启
-fi
-source $ccfg #加载配置文件
-#是否代理常用端口
-if [ "$common_ports" = "已开启" ];then
-	ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
-fi
-#DNS模式
-if [ "$common_ports" = "已开启" ];then
-	ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
-fi
-}
-modify_yaml(){
-##########需要变更的配置###########
-mix='mixed-port: 7890'
-redir='redir-port: 7892'
-lan='allow-lan: true'
-mode='mode: Rule'
-log='log-level: info'
-if [ "$ipv6_support" = "已开启" ];then
-ipv6='ipv6: true'
-else
-ipv6='ipv6: false'
-fi
-external='external-controller: 0.0.0.0:9999'
-if [ "$dns_mod" = "fake-ip" ];then
-dns='dns: {enable: true, listen: 0.0.0.0:1053, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4]}'
-else
-dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:1053, enhanced-mode: redir-host, nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4]}'
-fi
-if [ "$redir_mod" != "Redir模式" ];then
-tun='tun: {enable: true, stack: system}'
-else
-tun='tun: {enable: false}'
-fi 
-exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
-###################################
-	#预删除需要添加的项目
-	i=$(grep  -n  "^proxies:" $clashdir/config.yaml | head -1 | cut -d ":" -f 1)
-	i=$(($i-1))
-	sed -i '1,'$i'd' $clashdir/config.yaml
-	#添加配置
-	sed -i "1i$mix" $clashdir/config.yaml
-	sed -i "1a$redir" $clashdir/config.yaml
-	sed -i "2a$lan" $clashdir/config.yaml
-	sed -i "3a$mode" $clashdir/config.yaml
-	sed -i "4a$log" $clashdir/config.yaml
-	sed -i "5a$ipv6" $clashdir/config.yaml
-	sed -i "6a$external" $clashdir/config.yaml
-	sed -i "7a$dns" $clashdir/config.yaml
-	sed -i "8a$tun" $clashdir/config.yaml
-	sed -i "9a$exper" $clashdir/config.yaml
-	#跳过本地tls证书验证
-	if [ "$skip_cert" != "未开启" ];then
-	sed -i "10,99s/sni: \S*/\1skip-cert-verify: true}/" $clashdir/config.yaml  #跳过trojan本地证书验证
-	sed -i '10,99s/}}/}, skip-cert-verify: true}/' $clashdir/config.yaml  #跳过v2+ssl本地证书验证
-	fi
-	#sed -i '/rules:/a \ - DOMAIN-SUFFIX,clash.razord.top,🎯 全球直连' $clashdir/config.yaml
-}
-mark_time(){
-	start_time=`date +%s`
-	sed -i '/start_time*/'d $ccfg
-	sed -i "3i\start_time=$start_time" $ccfg
-}
-start_redir(){
-	#修改iptables规则使流量进入clash
-	iptables -t nat -N clash
-	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
-	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
-	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
-	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
-	iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
-	iptables -t nat -A PREROUTING -p tcp -j clash
-	if [ "$ipv6_support" = "已开启" ];then
-		ip6tables -t nat -N clashv6
-		ip6tables -t nat -A clashv6 -p tcp $ports-j REDIRECT --to-ports 7892
-		ip6tables -t nat -A PREROUTING -p tcp -j clashv6
-	fi
-}
-stop_iptables(){
-    #重置iptables规则
-	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
-	iptables -t nat -F clash > /dev/null 2>&1
-	iptables -t nat -X clash > /dev/null 2>&1
-	iptables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
-	ip6tables -t nat -D PREROUTING -p tcp -j clashv6 > /dev/null 2>&1
-	ip6tables -t nat -F clashv6 > /dev/null 2>&1
-	ip6tables -t nat -X clashv6 > /dev/null 2>&1
-}
-start_dns(){
-	#允许tun网卡接受流量
-	iptables -I FORWARD -o utun -j ACCEPT
-	#设置dns转发
-	iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-	ip6tables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to 1053
-}
-start_service() {
-	getconfig
-	#使用内置规则强行覆盖config配置文件
-	if [ "$modify_yaml" != "已开启" ];then
-	modify_yaml
-	fi
     #创建clash后台进程
 	procd_open_instance
 	procd_set_param respawn
@@ -133,14 +15,6 @@ start_service() {
 	procd_set_param stdout 1
 	procd_set_param command $clashdir/clash -d $clashdir
 	procd_close_instance
-	#修改iptables规则使流量进入clash
+	#其他设置
-	stop_iptables
+	sh $clashdir/start.sh afstart
-	start_dns
-	if [ "$redir_mod" != "Tun模式" ];then
-	start_redir
-	fi
-	mark_time
-}
-stop_service() {
-	stop_iptables
 }

scripts/getdate.sh

@@ -1,111 +1,144 @@
-#!/bin/sh
+#!/bin/bash
 # Copyright (C) Juewuy
 
-getyaml(){
+linkconfig(){
-source $ccfg
-#前后端订阅服务器地址索引，可在此处添加！
-Server=`sed -n ""$server_link"p"<<EOF
-subconverter-web.now.sh
-subconverter.herokuapp.com
-subcon.py6.pw
-api.dler.io
-api.wcc.best
-skapi.cool
-subconvert.dreamcloud.pw
-EOF`
-Config=`sed -n ""$rule_link"p"<<EOF
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
-https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
-EOF`
-#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
-if [ -z $Https ];then
-	Https="https://$Server/sub?target=clashr&new_name=true&url=$Url&insert=false&config=$Config"
-	markhttp=1
-fi
-#
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo 正在连接服务器获取配置文件…………链接地址为：
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
-echo -e "\033[4;32m$Https\033[0m"
+echo 当前使用规则为：$rule_link
-echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
+echo 1 ACL4SSR默认通用版
-echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo 2 ACL4SSR精简全能版（推荐）
-echo -e "|                                             |"
+echo 3 ACL4SSR通用版+去广告加强
-echo -e "|         需要一点时间，请耐心等待！          |"
+echo 4 ACL4SSR精简版+去广告加强
-echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出\033[36m        |"
+echo 5 ACL4SSR通用版无去广告
-echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+echo 6 ACL4SSR通用版无自动测速
-#获取在线yaml文件
+echo 7 ACL4SSR精简版无自动测速
-yamlnew=$yaml.new
+echo 8 ACL4SSR全分组+奈飞（慎用）
-rm -rf $yamlnew > /dev/null 2>&1
+echo 9 ACL4SSR全分组+去广告（慎用）
-result=$(curl -w %{http_code} -kLo $yamlnew $Https)
+echo -----------------------------------------------
-if [ "$result" != "200" ];then
+echo 0 返回上级菜单
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+read -p "请输入对应数字 > " num
-	echo -e "\033[31m配置文件获取失败！\033[0m"
+if [ -z "$num" ] || [[ $num -gt 9 ]];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = 0 ]];then
 	echo 
-	if [ -z $markhttp ];then
+elif [[ $num -le 9 ]];then
-		exit;
+	#将对应标记值写入mark
-	else
+	sed -i '/rule_link*/'d $ccfg
-		read -p "是否更换后端地址后重试？[1/0] > " res
+	sed -i "4i\rule_link="$num"" $ccfg	
-		if [ "$res" = '1' ]; then
+	rule_link=$num
-			sed -i '/server_link=*/'d $ccfg
-			if [ "$server_link" = '7' ]; then
-				server_link=0
-			fi
-			server_link=$(($server_link + 1))
-			#echo $server_link
-			sed -i "1i\server_link=$server_link" $ccfg
-			getyaml
-		fi
-		exit;
-	fi
-else
-	if cat $yamlnew | grep ', server:' >/dev/null;then
-		#替换文件
-		if [ -f $yaml ];then
-			mv $yaml $yaml.bak
-		fi
-		mv $yamlnew $yaml
-		echo 配置文件已生成！正在重启clash使其生效！
-		#重启clash服务
-		/etc/init.d/clash restart
-		sleep 1
-		status=`ps |grep -w 'clash -d'|grep -v grep|wc -l`
-		if [[ $status -gt 0 ]];then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
-			echo -e "\033[32mclash服务已启动！\033[0m"
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
-			echo -e "可以使用\033[30;47m http://clash.razord.top \033[0m管理clash内置规则"
+fi
-			host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+}
-			echo -e "Host地址:\033[30;46m $host \033[0m;端口:\033[30;46m 9999 \033[0m"
+linkserver(){
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo 当前使用后端为：$server_link
+echo 1 subconverter-web.now.sh
+echo 2 subconverter.herokuapp.com
+echo 3 subcon.py6.pw
+echo 4 api.dler.io
+echo 5 api.wcc.best
+echo 6 skapi.cool
+echo -----------------------------------------------
+echo 0 返回上级菜单
+read -p "请输入对应数字 > " num
+if [ -z "$num" ] || [[ $num -gt 6 ]];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m请输入正确的数字！\033[0m"
+elif [[ "$num" = 0 ]];then
+	echo
+elif [[ $num -le 6 ]];then
+	#将对应标记值写入mark
+	sed -i '/server_link*/'d $ccfg
+	sed -i "4i\server_link="$num"" $ccfg	
+	server_link=$num
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	  
+	echo -e "\033[32m设置成功！返回上级菜单\033[0m"
+fi
+}
+linkfilter(){
+[ -z "$exclude" ] && exclude="未设置"
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[44m 实验性功能，遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[33m当前过滤关键字：\033[47;30m$exclude\033[0m"
+echo -----------------------------------------------
+echo -e "\033[36m匹配关键字的节点会在导入时被屏蔽\033[0m"
+echo -e "多个关键字可以用\033[30;47m | \033[0m号分隔"
+echo -e "\033[32m支持正则表达式\033[0m，特殊符号请使用\033[30;47m \ \033[0m号转义"
+echo -----------------------------------------------
+echo -e " 000   \033[31m删除\033[0m关键字"
+echo -e " 回车  取消输入并返回上级菜单"
+echo -----------------------------------------------
+read -p "请输入关键字 > " exclude
+if [ -z "$exclude" ]; then
+	linkset
+elif [ "$exclude" = '000' ]; then
+	echo -----------------------------------------------
+	exclude=''
+	echo -e "\033[31m 已删除节点过滤关键字！！！\033[0m"
+fi
+sed -i '/exclude=*/'d $ccfg
+sed -i "1i\exclude=\'$exclude\'" $ccfg
+linkset
+}
+linkset(){
+if [ -n $Url ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[47;30m请检查输入的链接是否正确：\033[0m"
+	echo -e "\033[32;4m$Url\033[0m"
+	echo -----------------------------------------------
+	echo -e " 1 \033[32m生成配置文件（原文件将被备份）\033[0m"
+	echo -e " 2 \033[36m添加/修改节点过滤关键字 \033[47;30m$exclude\033[0m"
+	echo -e " 3 \033[33m选取配置规则模版\033[0m"
+	echo -e " 4 \033[0m选取在线生成服务器\033[0m"
+	echo -e " 5 \033[0m跳过本地证书验证：	\033[36m$skip_cert\033[0m   ————解决节点证书验证错误"
+	echo -----------------------------------------------
+	echo -e " 0 \033[31m取消导入\033[0m并返回上级菜单"
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	if [ -z "$num" ]; then
+		clashlink
+	elif [ "$num" = '0' ]; then
+		clashlink
+	elif [ "$num" = '1' ]; then
 		#将用户链接写入mark
+		sed -i '/Url=*/'d $ccfg
 		sed -i '/Https=*/'d $ccfg
-			sed -i "7i\Https=\'$Https\'" $ccfg
+		sed -i "6i\Url=\'$Url\'" $ccfg
-			clashsh
+		Https=""
+		#获取在线yaml文件
+		$clashdir/start.sh getyaml
+	elif [ "$num" = '2' ]; then
+		linkfilter
+		linkset
+	elif [ "$num" = '3' ]; then
+		linkconfig
+		linkset
+	elif [ "$num" = '4' ]; then
+		linkserver
+		linkset
+	elif [ "$num" = '5' ]; then
+		sed -i '/skip_cert*/'d $ccfg
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		if [ "$skip_cert" = "未开启" ] > /dev/null 2>&1; then 
+			sed -i "1i\skip_cert=已开启" $ccfg
+			#echo -e "\033[33m已设为开启跳过本地证书验证！！\033[0m"
+			skip_cert=已开启
+		else
+			sed -i "1i\skip_cert=未开启" $ccfg
+			#echo -e "\033[33m已设为禁止跳过本地证书验证！！\033[0m"
+			skip_cert=未开启
+		fi
+		linkset
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			if [ -f $yaml.bak ];then
+		echo -e "\033[31m请输入正确的数字！\033[0m"
-				echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
+		linkset
-				mv $yaml.bak $yaml
-				/etc/init.d/clash start
-				clashsh
-			else
-				echo -e "\033[31mclash服务启动失败！请利用测试菜单排查问题！\033[0m"
-				clashsh
 	fi
+	clashlink
 fi
-	else
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[33m获取到了配置文件，但格式似乎不对！\033[0m"
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		sed -n '1,20p' $yamlnew
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	fi
-	exit;
-fi
-exit
 }
 getlink(){
 #设置输入循环
@@ -116,13 +149,13 @@ do
 	echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
 	echo -----------------------------------------------
 	echo -e "支持批量导入\033[30;46m Http/Https/Clash \033[0m等格式的订阅链接"
-	echo -e "支持批量导入\033[30;42m Vmess/SSR/SS/Trojan/Sock5 \033[0m等格式的节点链接"
+	echo -e "以及\033[30;42m Vmess/SSR/SS/Trojan/Sock5 \033[0m等格式的节点链接"
-	echo -e "\033[31m使用SSR节点请务必使用支持SSR的clash核心！\033[0m"
-	echo -e "多个较短的链接可以用\033[30;47m | \033[0m分隔以一次性输入"
-	echo -e "多个较长的链接请尽量分多次输入，可支持多达\033[30;47m 99 \033[0;36m次输入"
-	echo -e "\033[32m直接输入回车以结束输入并开始导入链接！\033[0m"
 	echo -----------------------------------------------
-	echo -e "\033[33m 0 返回上级目录！\033[0m"
+	echo -e "多个较短的链接可以用\033[30;47m | \033[0m号分隔以一次性输入"
+	echo -e "多个较长的链接可分次输入，支持多达\033[30;47m 99 \033[0m次输入"
+	echo -----------------------------------------------
+	echo -e "回车 \033[32m完成输入\033[0m并开始导入链接！"
+	echo -e " 0   \033[33m取消输入\033[0m并返回上级菜单"
 	echo -----------------------------------------------
 	read -p "请输入第"$i"个链接 > " url
 	test=$(echo $url | grep "://")
@@ -138,21 +171,7 @@ do
 		fi
 		i=$(($i+1))
 	elif [ -z $url ];then
-		if [ -n $Url ];then
+		linkset
-			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-			echo -e 请检查输入的链接是否正确：
-			echo -e "\033[4m$Url\033[0m"
-			read -p "确认导入配置文件？原配置文件将被更名为config.yaml.bak![1/0] > " res
-			if [ "$res" = '1' ]; then
-				#将用户链接写入mark
-				sed -i '/Url=*/'d $ccfg
-				sed -i '/Https=*/'d $ccfg
-				sed -i "6i\Url=\'$Url\'" $ccfg
-				#获取在线yaml文件
-				getyaml
-			fi
-			clashlink
-		fi
 	elif [[ $url == 0 ]];then
 		clashlink
 	else
@@ -164,31 +183,18 @@ done
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo 输入太多啦，可能会导致订阅失败！
 echo "多个较短的链接请尽量用“|”分隔以一次性输入！"
-echo -e "请检查输入的链接是否正确：\033[4m$Url\033[0m"
-read -p "确认导入配置文件？原配置文件将被更名为config.bak![1/0] > " res
-if [ "$res" = '1' ]; then
-	#将用户链接写入mark
-	sed -i '/Url=*/'d $ccfg
-	sed -i '/Https=*/'d $ccfg
-	sed -i "6i\Url=\'$Url\'" $ccfg
-	#获取在线yaml文件
-	getyaml
-else
-	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	echo 操作已取消！返回上级菜单！
-	clashlink
-fi
 clashlink
 } 
 getlink2(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[44m 遇问题请加TG群反馈：\033[42;30m t.me/clashfm \033[0m"
+echo -e "\033[30;47m 此功能不明勿用，出问题自行解决！\033[0m"
 echo -----------------------------------------------
-echo -e "\033[33m仅支持导入可直接在clash中使用的完整订阅链接"
+echo -e "\033[33m仅限导入完整clash链接！！！\033[0m"
-echo -e "\033[36m非完整链接请使用【导入节点/订阅链接】功能"
+echo -e "可以使用\033[32m https://acl4ssr.netlify.app \033[0m在线转换"
+echo -e "\033[36m导入后如无法运行，请使用【导入节点/订阅链接】功能"
 echo -e "\033[31m注意如节点使用了chacha20加密协议，需将核心更新为clashr核心\033[0m"
 echo -----------------------------------------------
-echo -e "\033[33m0 返回上级目录！\033[0m"
+echo -e "\033[33m0 返回上级菜单\033[0m"
 echo -----------------------------------------------
 read -p "请输入完整链接 > " Https
 test=$(echo $Https | grep "://")
@@ -206,7 +212,7 @@ if [ -n $Https ];then
 				sed -i '/Https=*/'d $ccfg
 				sed -i "6i\Https=\'$Https\'" $ccfg
 				#获取在线yaml文件
-				getyaml
+				$clashdir/start.sh getyaml
 			fi
 			clashlink
 	fi
@@ -218,14 +224,9 @@ else
 fi
 }
 getsh(){
-echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[33m正在检查更新！\033[0m"
-result=$(curl -w %{http_code} -skLo /tmp/clashversion $update_url/bin/version)
-[ "$result" != "200" ] && echo "检查更新失败！" && exit 1
-source /tmp/clashversion
 echo -----------------------------------------------
 echo -e "当前脚本版本为：\033[33m $versionsh_l \033[0m"
-echo -e "最新脚本版本为：\033[32m $versionsh \033[0m"
+echo -e "最新脚本版本为：\033[32m $release_new \033[0m"
 echo -----------------------------------------------
 read -p "是否更新脚本？[1/0] > " res
 if [ "$res" = '1' ]; then
@@ -233,7 +234,7 @@ if [ "$res" = '1' ]; then
 		echo 正在获取更新文件
 		result=$(curl -w %{http_code} -kLo /tmp/clashfm.tar.gz $update_url/bin/clashfm.tar.gz)
 	else $result
-		wget-ssl -q --no-check-certificate --tries=1 --timeout=10 -O /tmp/clashfm.tar.gz $tarurl
+		wget-ssl -q --no-check-certificate --tries=1 --timeout=10 -O /tmp/clashfm.tar.gz $update_url/bin/clashfm.tar.gz
 		[ $? -eq 0 ] && result="200"
 	fi
 	[ "$result" != "200" ] && echo "文件下载失败！" && exit 1
@@ -243,11 +244,25 @@ if [ "$res" = '1' ]; then
 	mkdir -p $clashdir > /dev/null
 	tar -zxvf '/tmp/clashfm.tar.gz' -C $clashdir/ > /dev/null
 	[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-	#初始化文件目录
+	#判断系统类型写入不同的启动文件
-	mv $clashdir/clashservice /etc/init.d/clash #将clash服务文件移动到系统目录
+	if [ -n "$(cat /proc/version | grep -i openwrt)" ];then
-	chmod  777 $clashdir/clash  #授予权限
+		mv $clashdir/clashservice /etc/init.d/clash #将rc服务文件移动到系统目录
 		chmod  777 /etc/init.d/clash #授予权限
-
+		rm -rf $clashdir/clash.service 
+	else
+		[ -d /etc/systemd/system ] && sysdir=/etc/systemd/system
+		[ -d /usr/lib/systemd/system/ ] && sysdir=/usr/lib/systemd/system/ 
+		mv $clashdir/clash.service $sysdir/clash.service #将service服务文件移动到系统目录
+		sed -i "s%/etc/clash%${clashdir}%g" $sysdir/clash.service
+		rm -rf $clashdir/clashservice
+		rm -rf /etc/init.d/clash
+	fi
+	#修饰文件及版本号
+	shtype=sh && [ -n "$(ls -l /bin/sh|grep -o dash)" ] && shtype=bash 
+	sed -i "s%#!/bin/sh%#!/bin/$shtype%g" $clashdir/start.sh
+	chmod  777 $clashdir/start.sh
+	sed -i '/versionsh_l=*/'d $ccfg
+	sed -i "1i\versionsh_l=$release_new" $ccfg
 	#删除临时文件
 	rm -rf /tmp/clashfm.tar.gz 
 	rm -rf /tmp/clashversion
@@ -257,7 +272,7 @@ if [ "$res" = '1' ]; then
 	echo -----------------------------------------------
 	exit;
 else
-clashsh
+update
 fi
 }
 getcore(){
@@ -267,20 +282,29 @@ if [ ! -f $clashdir/clash ]; then
 	clashcore=没有安装核心！
 	clashv=''
 fi
-
-cpucore=armv7
 clashcore_n=$clashcore
+#获取设备处理器架构
+cpucore=$(uname -ms | tr ' ' '_' | tr '[A-Z]' '[a-z]')
+[ -n "$(echo $cpucore | grep -E "linux.*armv.*")" ] && cpucore="armv5"
+[ -n "$(echo $cpucore | grep -E "linux.*aarch64.*")" ] && cpucore="armv8"
+[ -n "$(echo $cpucore | grep -E "linux.*armv8.*")" ] && cpucore="armv8"
+[ -n "$(echo $cpucore | grep -E "linux.*armv7.*")" ] && cpucore="armv7"
+[ -n "$(echo $cpucore | grep -E "linux.*mips.*")" ] && cpucore="mipsle-softfloat"
+[ -n "$(echo $cpucore | grep -E "linux.*x86.*")" ] && cpucore="386"
+[ -n "$(echo $cpucore | grep -E "linux.*amd64.*")" ] && cpucore="amd64"
+[ -n "$(echo $cpucore | grep -E "linux.*x86_64.*")" ] && cpucore="amd64"
+###
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "当前clash核心：\033[47;30m $clashcore \033[46;30m$clashv\033[0m"
 echo -e "\033[32m请选择需要下载的核心版本！\033[0m"
 echo -----------------------------------------------
-echo "1 clash：     运行稳定，内存占用小"
+echo "1 clash：     稳定，内存占用小，推荐！"
-echo "(官方正式版)  不支持SSR，不支持Tun模式"
+echo "(官方正式版)  不支持chacha20加密，不支持Tun模式"
 echo
-echo "2 clashr：    稳定，内存占用小，支持SSR"
+echo "2 clashr：    内存占用小，支持chacha20加密"
 echo "(clashR修改版)不支持Tun模式"
 echo
-echo "3 clashpre：  支持SSR，支持Tun模式"
+echo "3 clashpre：  支持Tun模式"
 echo "(高级预览版)  内存占用高，不支持chacha20加密"
 echo -----------------------------------------------
 echo 0 返回上级菜单 
@@ -352,32 +376,20 @@ fi
 }
 getgeo(){
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-echo -e "\033[30;46m感谢Alecthw大神提供的优质GeoIP数据库！！！\033[0m"
+echo -e "\033[33m正在检查更新！\033[0m"
+echo $update_url
+result=$(curl -w %{http_code} -skLo /tmp/clashversion $update_url/bin/version)
+[ "$result" != "200" ] && echo "检查更新失败！" && exit 1
+source /tmp/clashversion
 echo -----------------------------------------------
-echo -e "\033[33m请选择下载源：\033[0m"
+echo -e "当前GeoIP版本为：\033[33m $Geo_v \033[0m"
-echo -e " 1 默认源：$update_url"
+echo -e "最新GeoIP版本为：\033[32m $GeoIP_v \033[0m"
-echo -e " 2 Alecthw大神的Github(需开启clash服务)"
+echo -----------------------------------------------
-echo -e " 0 返回上级菜单"
+read -p "是否更新数据库文件？[1/0] > " res
-read -p "请输入对应数字 > " num
+if [ "$res" = '1' ]; then
-	if	[ -z $num ]; then 
-		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[31m请输入正确的数字！\033[0m"
-		update
-	elif [[ $num == 0 ]]; then
-		update
-	elif [[ $num == 1 ]]; then
-		geolink="$update_url/bin/Country.mmdb"
-		#echo $geolink
-	elif [[ $num == 2 ]]; then
-		geolink="-x 127.0.0.1:7890 https://raw.githubusercontent.com/alecthw/mmdb_china_ip_list/release/Country.mmdb"
-	else
-		echo -e "\033[31m请输入正确的数字！\033[0m"
-		update
-		exit;
-	fi
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo 正在从服务器获取数据库文件…………
-	result=$(curl -w %{http_code} -kLo $clashdir/Country.mmdb $geolink)
+	result=$(curl -w %{http_code} -kLo /tmp/Country.mmdb $update_url/bin/Country.mmdb)
 	if [ "$result" != "200" ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m文件下载失败！\033[0m"
@@ -386,22 +398,43 @@ read -p "请输入对应数字 > " num
 	else
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[32mGeoIP数据库文件下载成功！\033[0m"
-			update
+		mv /tmp/Country.mmdb $clashdir/Country.mmdb
+		sed -i '/Geo_v=*/'d $ccfg
+		sed -i "1i\Geo_v=$GeoIP_v" $ccfg
+		rm -rf /tmp/clashversion
+		clashsh
+	fi
+else
+clashsh
 fi
-update
 }
 getdb(){
-host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[36m安装本地版dashboard管理面板\033[0m"
 echo -----------------------------------------------
 echo -e "\033[32m打开管理面板的速度更快且更稳定"
-echo -e "\033[33m需要占用约500kb的本地空间(目录：/www/clash)\033[0m"
+echo -e "\033[33m需要占用约500kb的本地空间\033[0m"
-echo -e "\033[36m可以使用\033[32;4mhttp://$host/clash\033[0;36m访问面板\033[0m"
 echo -----------------------------------------------
-read -p "是否安装本地面板？[1/0] > " res
+echo " 1 在/www/clash目录安装(http://$host/clash，可能安装失败！)"
-if [ "$res" = '1' ]; then
+echo " 2 在$clashdir/ui目录安装(http://$host:9999/ui，安装后需重启clash)"
-	if [ -d /www/clash ];then
+echo -----------------------------------------------
+echo " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+
+if [ -z "$num" ];then
+	update
+elif [ "$num" = '1' ]; then
+	dbdir=/www/clash
+	hostdir='/clash\033[0;36m访问面板'
+elif [ "$num" = '2' ]; then
+	dbdir=$clashdir/ui
+	hostdir=':9999/ui\033[0;36m访问面板(需重启clash服务！)'
+else
+	update
+fi
+	#下载及安装
+	if [ -d /www/clash -o -d $clashdir/ui ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 		echo -e "\033[31m检测到您已经安装过本地面板了！\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -410,6 +443,7 @@ if [ "$res" = '1' ]; then
 			update
 		elif [ "$res" = 1 ]; then
 			rm -rf /www/clash
+			rm -rf $clashdir/ui
 		else
 			update
 		fi
@@ -425,27 +459,62 @@ if [ "$res" = '1' ]; then
 		getdb
 	else
 		echo -e "\033[33m下载成功，正在解压文件！\033[0m"
-		mkdir -p /www/clash > /dev/null
+		mkdir -p $dbdir > /dev/null
-		tar -zxvf '/tmp/clashdb.tar.gz' -C /www/clash > /dev/null
+		tar -zxvf '/tmp/clashdb.tar.gz' -C $dbdir > /dev/null
 		[ $? -ne 0 ] && echo "文件解压失败！" && exit 1 
-		echo -e "\033[32m面板安装成功！"
+		#修改默认host和端口
+		sed -i "s/127.0.0.1/$host/g" $dbdir/js/*.js
+		sed -i "s/9090/9999/g" $dbdir/js/*.js
+		#
+		echo -e "\033[32m面板安装成功！\033[0m"
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[36m请使用\033[32;4mhttp://$host/clash\033[0;36m访问面板\033[0m"
+		echo -e "\033[36m请使用\033[32;4mhttp://$host$hostdir\033[0m"
 		rm -rf /tmp/clashdb.tar.gz
 		update
 	fi
-fi		
+	
 update
 }
+catpac(){
+#检测目录
+[ ! -d /www/clash -a ! -d $clashdir/ui ]&&echo 未检测到本地Dashboard面板，请先安装面板！&&sleep 1&&getdb
+#host=$(ubus call network.interface.lan status | grep \"address\" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}';)
+[ -d /www/clash ]&&dir="/www/clash"&&pac=http://$host/clash/pac
+[ -d $clashdir/ui ]&&dir="$clashdir/ui"&&pac=http://$host:9999/ui/pac
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo -e "\033[30;47m生成用于设备WIFI或浏览器的自动PAC代理文件\033[0m"
+echo -e "\033[33m非纯净模式不推荐使用此功能\033[0m"
+[ -f $dir/pac ]&&echo -e "PAC地址：\033[32m$pac\033[0m"
+echo -----------------------------------------------
+echo -e " 1 生成PAC文件"
+echo -e " 2 清除PAC文件"
+echo -----------------------------------------------
+echo -e " 0 返回上级菜单"
+read -p "请输入对应数字 > " num
+	if [ "$num" = '1' ]; then
+		echo 'function FindProxyForURL(url, host) {' > $dir/pac
+		echo "    return \"SOCKS $host:7890; PROXY $host:7890; DIRECT;\"" >> $dir/pac
+		echo '}' >> $dir/pac
+		echo -e "\033[33mPAC文件已生成！\033[0m"
+		echo -e "PAC地址：\033[32m$pac\033[0m"
+		echo "使用教程：https://baike.baidu.com/item/PAC/16292100"
+		sleep 2
+	elif [[ $num == 2 ]]; then
+		rm -rf $dir/pac
+		echo -----------------------------------------------
+		echo -e "\033[33mPAC文件已清除！\033[0m"
+		sleep 1
+	fi
+}
 setserver(){
 
 echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 echo -e "\033[30;47m您可以在此处切换在线更新时使用的资源地址\033[0m"
 echo -e "当前源：\033[4;32m$update_url\033[0m"
 echo -----------------------------------------------
-echo -e " 1 CDN源(感谢\033[4;32mwww.jsdelivr.com\033[0m，推荐)"
+echo -e " 1 Github源(使用host指定IP)"
-echo -e " 2 Github源(不稳定，不推荐)"
+echo -e " 2 CDN源(版本同步较慢)"
-echo -e " 3 Github源+clash代理(需开启clash服务，推荐)"
+echo -e " 3 Github源+clash代理(需开启clash服务)"
 echo -e " 4 自定义输入(请务必确保路径正确)"
 echo -e " 0 返回上级菜单"
 read -p "请输入对应数字 > " num
@@ -454,21 +523,21 @@ if	[ -z $num ]; then
 	echo -e "\033[31m请输入正确的数字！\033[0m"
 	update
 elif [[ $num == 1 ]]; then
-	update_url="https://cdn.jsdelivr.net/gh/juewuy/clash-for-Miwifi"
+	update_url='--resolve raw.githubusercontent.com:443:199.232.68.133 https://raw.githubusercontent.com/juewuy/ShellClash/master'
-elif [[ $num == 9 ]]; then
-	update_url="https://juewuy.xyz/clash"
 elif [[ $num == 2 ]]; then
-	update_url="https://raw.githubusercontent.com/juewuy/clash-for-Miwifi/master"
+	update_url='https://cdn.jsdelivr.net/gh/juewuy/ShellClash' 
 elif [[ $num == 3 ]]; then
-	update_url="-x 127.0.0.1:7890 https://raw.githubusercontent.com/juewuy/clash-for-Miwifi/master"
+	update_url='-x 127.0.0.1:7890 https://raw.githubusercontent.com/juewuy/ShellClash/master'
 elif [[ $num == 4 ]]; then
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	read -p "请输入个人源路径 > " update_url
 	if [ -n $update_url ];then
 		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-		echo -e "\033[31m取消输入，返回上级菜单！\033[0m"
+		echo -e "\033[31m取消输入，返回上级菜单\033[0m"
 		update
 	fi
+elif [[ $num == 9 ]]; then
+	update_url='http://127.0.0.1:8080/clash-for-Miwifi'
 else
 	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	echo -e "\033[31m请输入正确的数字！\033[0m"

scripts/start.sh

@@ -0,0 +1,353 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+getconfig(){
+#加载环境变量
+[ -z "$clashdir" ] && source /etc/profile > /dev/null 2>&1
+ccfg=$clashdir/mark
+if [ ! -f "$ccfg" ]; then
+	echo mark文件不存在，默认以Redir模式运行！
+cat >$ccfg<<EOF
+#标识clash运行状态的文件，不明勿动！
+EOF
+	#指定一些默认状态
+	redir_mod=redir模式
+	modify_yaml=未开启
+fi
+source $ccfg #加载配置文件
+#是否代理常用端口
+[ "$common_ports" = "已开启" ] && ports='-m multiport --dports 22,53,587,465,995,993,143,80,443 '
+#检测系统端口占用
+for portx in 1053 7890 7892 9999 ;do
+	[ -n "$(netstat -ntulp |grep :$portx|grep -v clash)" ] && echo -e "检测到端口：\033[30;47m $portx \033[0m被以下进程占用！clash无法启动！" && echo $(netstat -ntulp |grep :$portx) && exit;
+done
+}
+getyaml(){
+#前后端订阅服务器地址索引，可在此处添加！
+Server=`sed -n ""$server_link"p"<<EOF
+subconverter-web.now.sh
+subconverter.herokuapp.com
+subcon.py6.pw
+api.dler.io
+api.wcc.best
+skapi.cool
+EOF`
+Config=`sed -n ""$rule_link"p"<<EOF
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_MultiMode.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_AdblockPlus.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoReject.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_NoAuto.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Mini_NoAuto.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_Netflix.ini
+https://raw.githubusercontent.com/ACL4SSR/ACL4SSR/master/Clash/config/ACL4SSR_Online_Full_AdblockPlus.ini
+EOF`
+#如果传来的是Url链接则合成Https链接，否则直接使用Https链接
+if [ -z $Https ];then
+	#echo $Url
+	Https="https://$Server/sub?target=clashr&insert=true&new_name=true&scv=true&exclude=$exclude&url=$Url&config=$Config"
+	markhttp=1
+fi
+#
+echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+echo 正在连接服务器获取配置文件…………链接地址为：
+echo -e "\033[4;32m$Https\033[0m"
+echo 可以手动复制该链接到浏览器打开并查看数据是否正常！
+echo -e "\033[36m~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+echo -e "|                                             |"
+echo -e "|         需要一点时间，请耐心等待！          |"
+echo -e "|       \033[0m如长时间没有数据请用ctrl+c退出\033[36m        |"
+echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\033[0m"
+#获取在线yaml文件
+yaml=$clashdir/config.yaml
+yamlnew=/tmp/config.yaml
+rm -rf $yamlnew > /dev/null 2>&1
+result=$(curl -w %{http_code} -kLo $yamlnew $Https)
+if [ "$result" != "200" ];then
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo -e "\033[31m配置文件获取失败！\033[0m"
+	echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	echo
+	if [ -z $markhttp ];then
+		echo 请尝试使用导入节点/链接功能！
+		getlink
+		
+	else
+		read -p "是否更换后端地址后重试？[1/0] > " res
+		if [ "$res" = '1' ]; then
+			sed -i '/server_link=*/'d $ccfg
+			if [[ $server_link -ge 6 ]]; then
+				server_link=0
+			fi
+			server_link=$(($server_link + 1))
+			echo $server_link
+			sed -i "1i\server_link=$server_link" $ccfg
+			Https=""
+			getyaml
+		fi
+		#exit;
+	fi
+else
+	Https=""
+	if cat $yamlnew | grep ', server:' >/dev/null;then
+		#检测旧格式
+		if cat $yamlnew | grep 'Proxy Group:' >/dev/null;then
+			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+			echo -e "\033[31m已经停止对旧格式配置文件的支持！！！\033[0m"
+			echo -e "请使用新格式或者使用\033[32m导入节点/订阅\033[0m功能！"
+			sleep 2
+			clashlink
+		fi
+		#检测不支持的加密协议
+		if cat $yamlnew | grep 'cipher: chacha20,' >/dev/null;then
+			if [ "$clashcore" = "clash" -o "$clashcore" = "clashpre" ];then
+				echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+				echo -e "\033[31m当前核心：$clashcore不支持chacha20加密！！！\033[0m"
+				echo -e "请更换使用clashR核心！！！"
+				sleep 2
+				getcore
+			fi
+		fi
+		#替换文件
+		[ -f $yaml ] && mv $yaml $yaml.bak
+		mv $yamlnew $yaml
+		echo 配置文件已生成！正在启动clash使其生效！
+		#重启clash服务
+		$0 stop
+		start_over(){
+			echo -e "\033[32mclash服务已启动！\033[0m"
+			echo -e "可以使用\033[30;47m http://clash.razord.top \033[0m管理内置规则"
+			echo -e "Host地址:\033[36m $host \033[0m 端口:\033[36m 9999 \033[0m"
+			echo -e "也可前往更新菜单安装本地Dashboard面板，连接更稳定！\033[0m"
+			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		}
+		$0 start
+		sleep 1
+		PID=$(pidof clash)
+		if [ -n "$PID" ];then
+			start_over
+		else
+			echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+			if [ -f $yaml.bak ];then
+				echo -e "\033[31mclash服务启动失败！已还原配置文件并重启clash！\033[0m"
+				mv $yaml.bak $yaml
+				$0 start
+				sleep 1
+			else
+				echo -e "\033[31mclash服务启动失败！请查看报错信息！\033[0m"
+				$clashdir/clash -d $clashdir & { sleep 3 ; kill $! & }
+				exit;
+			fi
+		fi
+	else
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[33m获取到了配置文件，但格式似乎不对！\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		sed -n '1,30p' $yamlnew
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo -e "\033[33m请检查如上配置文件信息:\033[0m"
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+	fi
+	#exit;
+fi
+#exit
+}
+modify_yaml(){
+##########需要变更的配置###########
+mix='mixed-port: 7890'
+redir='redir-port: 7892'
+lan='allow-lan: true'
+mode='mode: Rule'
+log='log-level: info'
+if [ "$ipv6_support" = "已开启" ];then
+ipv6='ipv6: true'
+else
+ipv6='ipv6: false'
+fi
+external='external-controller: 0.0.0.0:9999'
+if [ -d $clashdir/ui ];then
+external_ui='external-ui: ui'
+else
+external_ui='external-ui:'
+fi
+if [ "$dns_mod" = "fake-ip" ];then
+dns='dns: {enable: true, listen: 0.0.0.0:1053, fake-ip-range: 198.18.0.1/16, enhanced-mode: fake-ip, nameserver: [114.114.114.114, 127.0.0.1:53], fallback: [tcp://1.0.0.1, 8.8.4.4]}'
+elif [ "$dns_over" = "已开启" ];then
+dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:1053, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5], fallback: [1.0.0.1, 8.8.4.4]}'
+else
+dns='dns: {enable: true, ipv6: true, listen: 0.0.0.0:1053, enhanced-mode: redir-host, nameserver: [114.114.114.114, 223.5.5.5, 127.0.0.1:53], fallback: [1.0.0.1, 8.8.4.4]}'
+fi
+if [ "$redir_mod" != "Redir模式" ];then
+tun='tun: {enable: true, stack: system}'
+else
+tun='tun: {enable: false}'
+fi 
+exper='experimental: {ignore-resolve-fail: true, interface-name: en0}'
+###################################
+	#预删除需要添加的项目
+	i=$(grep  -n  "^proxies:" $clashdir/config.yaml | head -1 | cut -d ":" -f 1)
+	i=$(($i-1))
+	sed -i '1,'$i'd' $clashdir/config.yaml
+	#添加配置
+	sed -i "1i$mix" $clashdir/config.yaml
+	sed -i "1a$redir" $clashdir/config.yaml
+	sed -i "2a$lan" $clashdir/config.yaml
+	sed -i "3a$mode" $clashdir/config.yaml
+	sed -i "4a$log" $clashdir/config.yaml
+	sed -i "5a$ipv6" $clashdir/config.yaml
+	sed -i "6a$external" $clashdir/config.yaml
+	sed -i "7a$external_ui" $clashdir/config.yaml
+	sed -i "8a$dns" $clashdir/config.yaml
+	sed -i "9a$tun" $clashdir/config.yaml
+	sed -i "10a$exper" $clashdir/config.yaml
+	#跳过本地tls证书验证
+	if [ "$skip_cert" = "已开启" ];then
+	sed -i '10,99s/skip-cert-verify: false/skip-cert-verify: true/' $clashdir/config.yaml
+	else
+	sed -i '10,99s/skip-cert-verify: true/skip-cert-verify: false/' $clashdir/config.yaml
+	fi
+}
+mark_time(){
+	start_time=`date +%s`
+	sed -i '/start_time*/'d $clashdir/mark
+	sed -i "1i\start_time=$start_time" $clashdir/mark
+}
+start_redir(){
+	#流量过滤规则
+	iptables -t nat -N clash
+	iptables -t nat -A clash -d 0.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A clash -d 169.254.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 172.16.0.0/12 -j RETURN
+	iptables -t nat -A clash -d 192.168.0.0/16 -j RETURN
+	iptables -t nat -A clash -d 224.0.0.0/4 -j RETURN
+	iptables -t nat -A clash -d 240.0.0.0/4 -j RETURN
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash -m mac --mac-source $mac -j RETURN
+	done
+	#设置防火墙流量转发
+	iptables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
+	iptables -t nat -A PREROUTING -p tcp -j clash
+	#设置ipv6转发
+	if [ "$ipv6_support" = "已开启" ];then
+		ip6tables -t nat -N clash
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clash -m mac --mac-source $mac -j RETURN
+		done
+		ip6tables -t nat -A clash -p tcp $ports-j REDIRECT --to-ports 7892
+		ip6tables -t nat -A PREROUTING -p tcp -j clash
+	fi
+}
+stop_iptables(){
+    #重置iptables规则
+	iptables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
+	iptables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	iptables -t nat -F clash > /dev/null 2>&1
+	iptables -t nat -X clash > /dev/null 2>&1
+	iptables -t nat -F clash_dns > /dev/null 2>&1
+	iptables -t nat -X clash_dns > /dev/null 2>&1
+	#重置ipv6规则
+	ip6tables -t nat -D PREROUTING -p tcp -j clash > /dev/null 2>&1
+	ip6tables -t nat -D PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	ip6tables -t nat -F clash > /dev/null 2>&1
+	ip6tables -t nat -X clash > /dev/null 2>&1
+	ip6tables -t nat -F clash_dns > /dev/null 2>&1
+	ip6tables -t nat -X clash_dns > /dev/null 2>&1
+}
+start_dns(){
+	#允许tun网卡接受流量
+	iptables -I FORWARD -o utun -j ACCEPT
+	ip6tables -I FORWARD -o utun -j ACCEPT > /dev/null 2>&1
+	#设置dns转发
+	iptables -t nat -N clash_dns
+	for mac in $(cat $clashdir/mac); do
+		iptables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN
+	done
+	iptables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to 1053
+	iptables -t nat -A PREROUTING -p udp -j clash_dns
+
+	#ipv6DNS
+	if [ "$ipv6_support" = "已开启" ];then
+		ip6tables -t nat -N clash_dns > /dev/null 2>&1
+		for mac in $(cat $clashdir/mac); do
+			ip6tables -t nat -A clash_dns -m mac --mac-source $mac -j RETURN > /dev/null 2>&1
+		done
+		ip6tables -t nat -A clash_dns -p udp --dport 53 -j REDIRECT --to 1053 > /dev/null 2>&1
+		ip6tables -t nat -A PREROUTING -p udp -j clash_dns > /dev/null 2>&1
+	fi
+}
+daemon_old(){
+	#守护进程状态
+	PID=$(pidof clash)
+	if [ -z "$PID" ];then
+	$clashdir/clash -d $clashdir > /dev/null &
+	mark_time
+	fi
+}
+checkcron(){
+	[ -d /etc/crontabs/ ]&&cronpath="/etc/crontabs/root"
+	[ -d /var/spool/cron/ ]&&cronpath="/var/spool/cron/root"
+	[ -d /var/spool/cron/crontabs/ ]&&cronpath="/var/spool/cron/crontabs/root"
+	if [ -z $cronpath ];then
+		echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+		echo "找不到定时任务文件,无法添加定时任务！"
+		clashsh
+	fi
+}
+afstart(){
+	#读取配置文件
+	getconfig
+	#修改iptables规则使流量进入clash
+	stop_iptables
+	[ "$redir_mod" != "纯净模式" ] && start_dns
+	[ "$redir_mod" != "纯净模式" ] && [ "$redir_mod" != "Tun模式" ] && start_redir
+	#标记启动时间
+	mark_time
+}
+
+case "$1" in
+
+afstart)
+		afstart
+	;;
+start)		
+		#读取配置文件
+		getconfig
+		#使用内置规则强行覆盖config配置文件
+		[ "$modify_yaml" != "已开启" ] && modify_yaml
+		#使用不同方式启动clash服务
+		if [ "$start_old" = "已开启" ];then
+			$clashdir/clash -d $clashdir >/dev/null 2>&1 &
+			afstart
+		elif [ -f /etc/rc.common ];then
+			/etc/init.d/clash start
+		else
+			systemctl start clash.service
+		fi
+	;;
+stop)	
+		#删除守护
+		checkcron
+		sed -i /start.sh/d $cronpath >/dev/null 2>&1
+		#多种方式结束进程
+		if [ -f /etc/rc.common ];then
+			/etc/init.d/clash stop >/dev/null 2>&1
+		else
+			systemctl stop clash.service >/dev/null 2>&1
+		fi
+		killall -9 clash >/dev/null 2>&1
+		#清理iptables
+		stop_iptables
+        ;;
+restart)
+        $0 stop
+        $0 start
+        ;;
+getyaml)	
+		getconfig
+		getyaml
+		;;
+esac
+exit 0