~优化定时任务中周日的输入提示并增加容错机制
~修复iptables-tproxy模式禁用quic失败的问题
~修复会将tun所用网段加入局域网代理的bug
This commit is contained in:
juewuy 2024-07-06 15:41:53 +08:00
parent 390f47148a
commit 91a0866b9e
3 changed files with 13 additions and 12 deletions

View File

@ -724,7 +724,7 @@ setipv6(){ #ipv6设置
} }
setfirewall(){ #防火墙设置 setfirewall(){ #防火墙设置
set_cust_host_ipv4(){ set_cust_host_ipv4(){
[ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="未启" [ -z "$replace_default_host_ipv4" ] && replace_default_host_ipv4="未"
echo ----------------------------------------------- echo -----------------------------------------------
echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo ) \033[0m" echo -e "当前默认透明路由的网段为: \033[32m$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'br' | grep -v 'iot' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g' | tr '\n' ' ' && echo ) \033[0m"
@ -736,10 +736,10 @@ setfirewall(){ #防火墙设置
read -p "请输入对应的序号或需要额外添加的网段 > " text read -p "请输入对应的序号或需要额外添加的网段 > " text
case $text in case $text in
2) 2)
if [ "$replace_default_host_ipv4" == "未用" ]; then if [ "$replace_default_host_ipv4" == "未用" ]; then
replace_default_host_ipv4="已用" replace_default_host_ipv4="已用"
else else
replace_default_host_ipv4="未用" replace_default_host_ipv4="未用"
fi fi
setconfig replace_default_host_ipv4 "$replace_default_host_ipv4" setconfig replace_default_host_ipv4 "$replace_default_host_ipv4"
set_cust_host_ipv4 set_cust_host_ipv4

View File

@ -186,7 +186,7 @@ mark_time() { #时间戳
getlanip() { #获取局域网host地址 getlanip() { #获取局域网host地址
i=1 i=1
while [ "$i" -le "20" ]; do while [ "$i" -le "20" ]; do
host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -Ev 'iot|peer' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g') #ipv4局域网网段 host_ipv4=$(ip a 2>&1 | grep -w 'inet' | grep 'global' | grep 'brd' | grep -Ev 'utun|iot|peer' | grep -E ' 1(92|0|72)\.' | sed 's/.*inet.//g' | sed 's/br.*$//g' | sed 's/metric.*$//g') #ipv4局域网网段
[ "$ipv6_redir" = "已开启" ] && host_ipv6=$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g') #ipv6公网地址段 [ "$ipv6_redir" = "已开启" ] && host_ipv6=$(ip a 2>&1 | grep -w 'inet6' | grep -E 'global' | sed 's/.*inet6.//g' | sed 's/scope.*$//g') #ipv6公网地址段
[ -f "$TMPDIR"/ShellCrash.log ] && break [ -f "$TMPDIR"/ShellCrash.log ] && break
[ -n "$host_ipv4" -a "$ipv6_redir" != "已开启" ] && break [ -n "$host_ipv4" -a "$ipv6_redir" != "已开启" ] && break
@ -1114,8 +1114,8 @@ start_iptables() { #iptables配置总入口
set_cn_ip='-m set ! --match-set cn_ip dst' set_cn_ip='-m set ! --match-set cn_ip dst'
set_cn_ip6='-m set ! --match-set cn_ip6 dst' set_cn_ip6='-m set ! --match-set cn_ip6 dst'
} }
iptables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT >/dev/null 2>&1 iptables -I INPUT -p udp --dport 443 $set_cn_ip -j REJECT >/dev/null 2>&1
ip6tables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT >/dev/null 2>&1 ip6tables -I INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT >/dev/null 2>&1
} }
} }
start_nft_route() { #nftables-route通用工具 start_nft_route() { #nftables-route通用工具
@ -1376,7 +1376,6 @@ stop_firewall() { #还原防火墙配置
#屏蔽QUIC #屏蔽QUIC
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst' [ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
iptables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null iptables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null
iptables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT 2>/dev/null
#公网访问 #公网访问
for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do
iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null
@ -1420,7 +1419,6 @@ stop_firewall() { #还原防火墙配置
#屏蔽QUIC #屏蔽QUIC
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst' [ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst'
ip6tables -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null ip6tables -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null
ip6tables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT 2>/dev/null
#公网访问 #公网访问
ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null
ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null

View File

@ -222,6 +222,7 @@ set_service(){
task_user_add(){ #自定义命令添加 task_user_add(){ #自定义命令添加
echo ----------------------------------------------- echo -----------------------------------------------
echo -e "\033[33m命令可包含空格请确保命令可执行\033[0m" echo -e "\033[33m命令可包含空格请确保命令可执行\033[0m"
echo -e "\033[36m此处不要添加执行条件请在添加完成后返回添加具体执行条件\033[0m"
echo -e "也可以手动编辑\033[32m${CRASHDIR}/task/task.user\033[0m添加" echo -e "也可以手动编辑\033[32m${CRASHDIR}/task/task.user\033[0m添加"
read -p "请输入命令语句 > " script read -p "请输入命令语句 > " script
if [ -n "$script" ];then if [ -n "$script" ];then
@ -318,13 +319,15 @@ task_type(){ #任务条件选择菜单
;; ;;
1) 1)
echo ----------------------------------------------- echo -----------------------------------------------
echo -e " 输入 1~7 对应\033[33m每周的指定某天\033[0m运行" echo -e " 输入 0~6 对应\033[33m每周的指定某天\033[0m运行(0=周日)"
echo -e " 输入 1,3,6 代表\033[36m每周1,3,6\033[0m运行" echo -e " 输入 1,4,0 代表\033[36m每周一、周四、周日\033[0m运行"
echo -e " 输入 1-5 代表\033[36m周一至周五\033[0m运行" echo -e " 输入 1-5 代表\033[36m周一至周五\033[0m运行"
read -p "请在每周哪天执行? > " week read -p "在每周哪天执行? > " week
week=`echo ${week/7/0}` #把7换成0
echo ----------------------------------------------- echo -----------------------------------------------
read -p "想在该日的具体哪个小时执行0-23 > " hour read -p "想在该日的具体哪个小时执行0-23 > " hour
cron_time="在每周$week的$hour点整" cron_time="在每周$week的$hour点整"
cron_time=`echo ${cron_time/0/日}` #把0换成日
set_cron set_cron
;; ;;
2) 2)