Austin/ShellCrash
1
0
Fork 0
mirror of https://github.com/juewuy/ShellCrash.git synced 2024-11-15 19:22:54 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

v1.6.13b

Browse Source 
~Tun网卡Redir-host支持
~日志推送适配PashDeer
~ipv6出口屏蔽本机WAN网卡
~安装脚本优化,兼容zsh
This commit is contained in:
juewuy 2022-12-10 21:19:47 +08:00
parent a6f60e64a8
commit b0ae77bdf6
4 changed files with 64 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
install.sh
View File

@ -1,8 +1,8 @@
#! /bin/bash
# Copyright (C) Juewuy
echo='echo -e' && [ -n "$(echo -e|grep e)" ] && echo=echo
#[ -z "$1" ] && test=0 || test=$1
echo='echo -e'
[ -z "$1" ] && command -v bash &>/dev/null && { bash $0 0; exit;}
echo "***********************************************"
echo "** 欢迎使用 **"
@ -116,7 +116,7 @@ gettar(){
fi
fi
#修饰文件及版本号
shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash
shtype=sh && command -v bash &>/dev/null && shtype=bash
sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh
chmod 755 $clashdir/start.sh
setconfig versionsh_l $release_new
@ -132,6 +132,11 @@ gettar(){
echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> $profile #设置快捷命令环境变量
sed -i '/export clashdir=*/'d $profile
echo "export clashdir=\"$clashdir\"" >> $profile #设置clash路径环境变量
#适配zsh环境变量
[ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && [ -z "$(cat ~/.zshrc 2>/dev/null|grep clashdir)" ] && {
echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> ~/.zshrc
echo "export clashdir=\"$clashdir\"" >> ~/.zshrc
}
else
echo 无法写入环境变量!请检查安装权限!
exit 1
@ -175,6 +180,7 @@ gettar
echo -----------------------------------------------
echo ShellClash 已经安装成功!
[ "$profile" = "~/.bashrc" ] && echo "请执行【source ~/.bashrc &> /dev/null】命令以加载环境变量"
[ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && echo "请执行【source ~/.zshrc &> /dev/null】命令以加载环境变量"
echo -----------------------------------------------
$echo "\033[33m输入\033[30;47m clash \033[0;33m命令即可管理\033[0m"
echo -----------------------------------------------

12
scripts/clash.sh
View File

@ -709,7 +709,7 @@ localproxy(){
echo -e " 1 \033[36m$proxy_set本机代理\033[0m"
echo -e " 2 使用\033[32m环境变量\033[0m方式配置(部分应用可能无法使用)"
[ -n "$(lsmod | grep ^xt_owner)" ] && echo -e " 3 使用\033[32miptables增强模式\033[0m配置(支持docker)"
type nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)"
command -v nft &> /dev/null && echo -e " 4 使用\033[32mnftables增强模式\033[0m配置(支持docker)"
echo -e " 0 返回上级菜单"
echo -----------------------------------------------
read -p "请输入对应数字 > " num
@ -796,13 +796,13 @@ setboot(){
1)
if [ "$autostart" = "enable" ]; then
[ -d /etc/rc.d ] && cd /etc/rc.d && rm -rf *clash > /dev/null 2>&1 && cd - >/dev/null
type systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1
command -v systemctl >/dev/null 2>&1 && systemctl disable clash.service > /dev/null 2>&1
touch $clashdir/.dis_startup
autostart=disable
echo -e "\033[33m已禁止Clash开机启动\033[0m"
elif [ "$autostart" = "disable" ]; then
[ -f /etc/rc.common ] && /etc/init.d/clash enable
type systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1
command -v systemctl >/dev/null 2>&1 && systemctl enable clash.service > /dev/null 2>&1
rm -rf $clashdir/.dis_startup
autostart=enable
echo -e "\033[32m已设置Clash开机启动\033[0m"
@ -926,7 +926,7 @@ clashcfg(){
}
[ -n "$(iptables -j TPROXY 2>&1 | grep 'on-port')" ] && sup_tp=1
#[ -n "$(lsmod | grep '^tun')" ] || ip tuntap &>/dev/null && sup_tun=1
type nft &> /dev/null && sup_nft=1
command -v nft &> /dev/null && sup_nft=1
#[ -n "$(lsmod | grep 'nft_tproxy')" ] && sup_nft=2
echo -----------------------------------------------
echo -e "当前代理模式为:\033[47;30m $redir_mod \033[0mClash核心为\033[47;30m $clashcore \033[0m"
@ -1170,8 +1170,9 @@ clashcfg(){
if [ -n "$(ipset -v 2>/dev/null)" -o -n "$(echo $redir_mod | grep Nft)" ];then
if [ "$cn_ip_route" = "未开启" ]; then
echo -e "\033[32m已开启CN_IP绕过内核功能\033[0m"
echo -e "\033[31m注意此功能会导致全局模式及一切CN相关规则失效\033[0m"
cn_ip_route=已开启
sleep 1
sleep 2
else
echo -e "\033[33m已禁用CN_IP绕过内核功能\033[0m"
cn_ip_route=未开启
@ -1814,6 +1815,7 @@ case "$1" in
sed -i "/启用外网访问SSH服务/d" /etc/firewall.user
sed -i '/ShellClash初始化/'d /etc/storage/started_script.sh 2>/dev/null
sed -i '/ShellClash初始化/'d /jffs/.asusrouter 2>/dev/null
rm -rf $bindir
rm -rf $clashdir
rm -rf /etc/init.d/clash
rm -rf /etc/systemd/system/clash.service

18
scripts/getdate.sh
View File

@ -354,7 +354,7 @@ gettar(){
fi
fi
#修饰文件及版本号
shtype=sh && [ -n "$(ls -l /bin/sh|grep -oE 'dash|show|bash')" ] && shtype=bash
shtype=sh && command -v bash &>/dev/null && shtype=bash
sed -i "s|/bin/sh|/bin/$shtype|" $clashdir/start.sh
chmod +x $clashdir/start.sh
setconfig versionsh_l $release_new
@ -370,13 +370,20 @@ gettar(){
echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> $profile #设置快捷命令环境变量
sed -i '/export clashdir=*/'d $profile
echo "export clashdir=\"$clashdir\"" >> $profile #设置clash路径环境变量
#适配zsh环境变量
[ -n "$(ls -l /bin/sh|grep -oE 'zsh')" ] && {
echo "alias clash=\"$shtype $clashdir/clash.sh\"" >> ~/.zshrc
echo "export clashdir=\"$clashdir\"" >> ~/.zshrc
}
else
echo 无法写入环境变量!请检查安装权限!
exit 1
fi
#华硕/Padavan额外设置
#梅林/Padavan额外设置
[ -n "$initdir" ] && {
sed -i '/ShellClash初始化/'d $initdir && touch $initdir && echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
sed -i '/ShellClash初始化/'d $initdir
touch $initdir
echo "$clashdir/start.sh init #ShellClash初始化脚本" >> $initdir
setconfig initdir $initdir
}
#小米镜像化OpenWrt额外设置
@ -396,6 +403,7 @@ gettar(){
rm -rf /tmp/clashfm.tar.gz
rm -rf $clashdir/clash.service
}
getsh(){
echo -----------------------------------------------
echo -e "当前脚本版本为:\033[33m $versionsh_l \033[0m"
@ -948,7 +956,7 @@ userguide(){
errornum
forwhat
elif [ "$num" = 1 ];then
if type nft &>/dev/null;then
if command -v nft &>/dev/null;then
setconfig redir_mod "Nft模式"
else
setconfig redir_mod "Redir模式"
@ -1030,7 +1038,7 @@ userguide(){
sethost
fi
}
if type systemd >/dev/null 2>&1 ;then
if command -v systemd >/dev/null 2>&1 ;then
echo -----------------------------------------------
echo -e "\033[32m是否开启公网访问Dashboard面板及socks服务\033[0m"
echo -e "注意当前设备必须有公网IP才能从公网正常访问"

70
scripts/start.sh
View File

@ -38,7 +38,7 @@ setconfig(){
compare(){
if [ ! -f $1 -o ! -f $2 ];then
return 1
elif type cmp >/dev/null 2>&1;then
elif command -v cmp >/dev/null 2>&1;then
cmp -s $1 $2
else
[ "$(cat $1)" = "$(cat $2)" ] && return 0 || return 1
@ -253,7 +253,7 @@ EOF`
exit 1
fi
#检测并去除无效节点组
[ -n "$url_type" ] && type xargs >/dev/null 2>&1 && {
[ -n "$url_type" ] && command -v xargs >/dev/null 2>&1 && {
cat $yamlnew | grep -A 8 "\- name:" | xargs | sed 's/- name: /\n/g' | sed 's/ type: .*proxies: /#/g' | sed 's/ rules:.*//g' | sed 's/- //g' | grep -E '#DIRECT $' | awk -F '#' '{print $1}' > /tmp/clash_proxies_$USER
while read line ;do
sed -i "/- $line/d" $yamlnew
@ -651,7 +651,7 @@ start_output(){
iptables -t nat -A OUTPUT -p udp --dport 53 -j clash_dns_out
}
#Docker转发
type docker &>/dev/null && {
command -v docker &>/dev/null && {
iptables -t nat -N clash_docker
iptables -t nat -A clash_docker -d 10.0.0.0/8 -j RETURN
iptables -t nat -A clash_docker -d 127.0.0.0/8 -j RETURN
@ -715,29 +715,29 @@ start_tun(){
[ "$1" = "all" ] && iptables -t mangle -A PREROUTING -p tcp $ports -j clash
#设置ipv6转发
# [ "$ipv6_redir" = "已开启" -a "$clashcore" = "clash.meta" ] && {
# ip -6 route add default dev utun table 101
# ip -6 rule add fwmark 1 table 101
# ip6tables -t mangle -N clashv6
# ip6tables -t mangle -A clashv6 -p udp --dport 53 -j RETURN
# ip6tables -t mangle -A clashv6 -d ::1/128 -j RETURN
# ip6tables -t mangle -A clashv6 -d fc00::/7 -j RETURN
# ip6tables -t mangle -A clashv6 -d fe80::/10 -j RETURN
# if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
# #mac白名单
# for mac in $(cat $clashdir/mac); do
# ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j MARK --set-mark 1
# done
# else
# #mac黑名单
# for mac in $(cat $clashdir/mac); do
# ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j RETURN
# done
# ip6tables -t mangle -A clashv6 -j MARK --set-mark 1
# fi
# ip6tables -t mangle -A PREROUTING -p udp $ports -j clashv6
# [ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j clashv6
# }
[ "$ipv6_redir" = "已开启" -a "$clashcore" = "clash.meta" ] && {
ip -6 route add default dev utun table 101
ip -6 rule add fwmark 1 table 101
ip6tables -t mangle -N clashv6
ip6tables -t mangle -A clashv6 -p udp --dport 53 -j RETURN
ip6tables -t mangle -A clashv6 -d ::1/128 -j RETURN
ip6tables -t mangle -A clashv6 -d fc00::/7 -j RETURN
ip6tables -t mangle -A clashv6 -d fe80::/10 -j RETURN
if [ "$macfilter_type" = "白名单" -a -n "$(cat $clashdir/mac)" ];then
#mac白名单
for mac in $(cat $clashdir/mac); do
ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j MARK --set-mark 1
done
else
#mac黑名单
for mac in $(cat $clashdir/mac); do
ip6tables -t mangle -A clashv6 -m mac --mac-source $mac -j RETURN
done
ip6tables -t mangle -A clashv6 -j MARK --set-mark 1
fi
ip6tables -t mangle -A PREROUTING -p udp $ports -j clashv6
[ "$1" = "all" ] && ip6tables -t mangle -A PREROUTING -p tcp $ports -j clashv6
}
} &
}
}
@ -829,20 +829,20 @@ start_wan(){
iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport $mix_port -j ACCEPT
iptables -A INPUT -p tcp -s 172.16.0.0/12 --dport $mix_port -j ACCEPT
iptables -A INPUT -p tcp --dport $mix_port -j REJECT
type ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
command -v ip6tables >/dev/null 2>&1 && ip6tables -A INPUT -p tcp --dport $mix_port -j REJECT 2> /dev/null
}
if [ "$public_support" = "已开启" ];then
[ "$mix_port" != "7890" -a -n "$authentication" ] && {
iptables -I INPUT -p tcp --dport $mix_port -j ACCEPT
type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $mix_port -j ACCEPT 2> /dev/null
}
iptables -I INPUT -p tcp --dport $db_port -j ACCEPT
type ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
command -v ip6tables >/dev/null 2>&1 && ip6tables -I INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
fi
}
stop_firewall(){
#重置iptables相关规则
type iptables >/dev/null 2>&1 && {
command -v iptables >/dev/null 2>&1 && {
#redir
iptables -t nat -D PREROUTING -p tcp $ports -j clash 2> /dev/null
iptables -t nat -F clash 2> /dev/null
@ -884,7 +884,7 @@ stop_firewall(){
iptables -D INPUT -p tcp --dport $db_port -j ACCEPT 2> /dev/null
}
#重置ipv6规则
type ip6tables >/dev/null 2>&1 && {
command -v ip6tables >/dev/null 2>&1 && {
#redir
ip6tables -t nat -D PREROUTING -p tcp -j clashv6 2> /dev/null
ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellClash-IPV6_DNS-REJECT" -j REJECT 2> /dev/null
@ -924,7 +924,7 @@ stop_firewall(){
ip rule del fwmark 1 table 102 2> /dev/null
ip route del local 172.16.0.0/12 dev lo table 102 2> /dev/null
#重置nftables相关规则
type nft >/dev/null 2>&1 && {
command -v nft >/dev/null 2>&1 && {
nft flush table inet shellclash >/dev/null 2>&1
nft delete table inet shellclash >/dev/null 2>&1
}
@ -1091,7 +1091,7 @@ bfstart(){
#本机代理准备
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
if [ -z "$(id shellclash 2>/dev/null | grep 'root')" ];then
if type userdel useradd groupmod &>/dev/null; then
if command -v userdel useradd groupmod &>/dev/null; then
userdel shellclash 2>/dev/null
useradd shellclash -u 7890
groupmod shellclash -g 7890
@ -1158,7 +1158,7 @@ afstart(){
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "环境变量" ] && $0 set_proxy $mix_port $db_port
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "iptables增强模式" ] && start_output
[ "$local_proxy" = "已开启" ] && [ "$local_type" = "nftables增强模式" ] && [ "$redir_mod" = "纯净模式" ] && start_nft
type iptables >/dev/null 2>&1 && start_wan
command -v iptables >/dev/null 2>&1 && start_wan
#标记启动时间
mark_time
#加载定时任务
@ -1182,7 +1182,7 @@ start_old(){
if [ "$local_proxy" = "已开启" -a -n "$(echo $local_type | grep '增强模式')" ];then
su shellclash -c "$bindir/clash -d $bindir >/dev/null" &
else
type nohup >/dev/null 2>&1 && nohup=nohup
command -v nohup >/dev/null 2>&1 && nohup=nohup
$nohup $bindir/clash -d $bindir >/dev/null 2>&1 &
fi
afstart