Compare commits

..

6 Commits

Author SHA1 Message Date
juewuy
d2b094718a v1.9.1beta9打包 2024-06-06 14:42:00 +08:00
juewuy
5ff25682c1 ~优化了根证书更新功能,支持镜像化设备重启后自动覆盖原文件
~修复华硕设备禁用quic功能报错的问题
~修复mac黑名单会错误识别为白名单的bug
~修复新手引导选择本机代理时的报错等问题
~修复ax6s/ax6000等设备tun修复工具修复失败的问题
2024-06-06 14:40:22 +08:00
github-actions[bot]
32f48046fa 更新singbox内核至1.9.0 2024-06-06 05:59:17 +00:00
github-actions[bot]
fbb8bbf25e 更新singboxp内核至1.9.0-5dd2e2da 2024-06-06 05:53:58 +00:00
github-actions[bot]
36c9601749 更新meta内核至v1.18.5 2024-06-06 05:50:46 +00:00
juewuy
284b89f705
Update README_CN.md 2024-06-06 13:47:30 +08:00
30 changed files with 28 additions and 25 deletions

View File

@ -17,7 +17,7 @@
功能简介: 功能简介:
-- --
~通过管理脚本在Shell环境下便捷使用<br> ~通过管理脚本在Shell环境下便捷使用Mihomo/Singbox内核<br>
~支持在Shell环境下管理<br> ~支持在Shell环境下管理<br>
~支持在线导入订阅及配置链接<br> ~支持在线导入订阅及配置链接<br>
~支持配置定时任务,支持配置文件定时更新<br> ~支持配置定时任务,支持配置文件定时更新<br>
@ -160,5 +160,4 @@ ubus/iproute-doc 极低 缺少时无法正常获取本机host地址
机场推荐: 机场推荐:
-- --
#### [大米-群友力荐,流媒体解锁,月付推荐](https://cloud.bigme.pro/user#/register?code=2PuWY9I7)<br> #### [大米-群友力荐,流媒体解锁,月付推荐](https://1s.bigmeok.me/user#/register?code=2PuWY9I7)<br>
#### [Dler-老牌稳定,流媒体解锁,年付推荐](https://dler.best/auth/register?affid=89698)<br>

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,8 +1,8 @@
clashnet_v=v1.7.6 clashnet_v=v1.7.6
clashpre_v=2022.11.25 clashpre_v=2022.11.25
clash_v=v1.7.1 clash_v=v1.7.1
meta_v=v1.18.1 meta_v=v1.18.5
singboxp_v=1.9.0-beta.16-3140e7ac singboxp_v=1.9.0-5dd2e2da
singbox_v=1.8.8 singbox_v=1.9.0
versionsh=1.9.1beta8 versionsh=1.9.1beta9
GeoIP_v=20240601 GeoIP_v=20240601

View File

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# Copyright (C) Juewuy # Copyright (C) Juewuy
version=1.9.1beta8 version=1.9.1beta9
setdir(){ setdir(){
dir_avail(){ dir_avail(){

View File

@ -62,9 +62,11 @@ init(){
#启动服务 #启动服务
if [ ! -f $CRASHDIR/.dis_startup ]; then if [ ! -f $CRASHDIR/.dis_startup ]; then
#AX6S/AX6000修复tun功能 #AX6S/AX6000修复tun功能
[ -f $CRASHDIR/configs/tun.ko ] && tunfix [ -s $CRASHDIR/tools/tun.ko ] && tunfix
#小米7000/小米万兆修复tproxy #小米7000/小米万兆修复tproxy
[ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix [ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix
#自动覆盖根证书文件
[ -s $CRASHDIR/tools/ca-certificates.crt ] && cp -f $CRASHDIR/tools/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
#启动服务 #启动服务
$CRASHDIR/start.sh start $CRASHDIR/start.sh start
/etc/init.d/shellcrash enable /etc/init.d/shellcrash enable

View File

@ -12,7 +12,7 @@ CRASHDIR=$(cd $(dirname $0);pwd)
getconfig() { #读取配置及全局变量 getconfig() { #读取配置及全局变量
#加载配置文件 #加载配置文件
. "$CRASHDIR"/configs/ShellCrash.cfg >/dev/null . "$CRASHDIR"/configs/ShellCrash.cfg >/dev/null
#默认设置 #缺省值
[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式 [ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式
[ -z "$redir_mod" ] && redir_mod=纯净模式 [ -z "$redir_mod" ] && redir_mod=纯净模式
[ -z "$skip_cert" ] && skip_cert=已开启 [ -z "$skip_cert" ] && skip_cert=已开启
@ -20,6 +20,7 @@ getconfig() { #读取配置及全局变量
[ -z "$ipv6_redir" ] && ipv6_redir=未开启 [ -z "$ipv6_redir" ] && ipv6_redir=未开启
[ -z "$ipv6_dns" ] && ipv6_dns=已开启 [ -z "$ipv6_dns" ] && ipv6_dns=已开启
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启 [ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
[ -z "$macfilter_type" ] && macfilter_type=黑名单
[ -z "$mix_port" ] && mix_port=7890 [ -z "$mix_port" ] && mix_port=7890
[ -z "$redir_port" ] && redir_port=7892 [ -z "$redir_port" ] && redir_port=7892
[ -z "$tproxy_port" ] && tproxy_port=7893 [ -z "$tproxy_port" ] && tproxy_port=7893
@ -1079,7 +1080,7 @@ start_iptables() { #iptables配置总入口
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports'; then if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports'; then
start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发 start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
else else
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT ip6tables -I INPUT -p udp --dport 53 -j REJECT
fi fi
} }
[ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发 [ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发
@ -1090,8 +1091,8 @@ start_iptables() { #iptables配置总入口
set_cn_ip='-m set ! --match-set cn_ip dst' set_cn_ip='-m set ! --match-set cn_ip dst'
set_cn_ip6='-m set ! --match-set cn_ip6 dst' set_cn_ip6='-m set ! --match-set cn_ip6 dst'
} }
iptables -I FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1 iptables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT >/dev/null 2>&1
ip6tables -I FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT >/dev/null 2>&1 ip6tables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT >/dev/null 2>&1
} }
} }
start_nft_route() { #nftables-route通用工具 start_nft_route() { #nftables-route通用工具
@ -1337,8 +1338,8 @@ stop_firewall() { #还原防火墙配置
iptables -D FORWARD -o utun -j ACCEPT 2>/dev/null iptables -D FORWARD -o utun -j ACCEPT 2>/dev/null
#屏蔽QUIC #屏蔽QUIC
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst' [ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null iptables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null
iptables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null iptables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT 2>/dev/null
#公网访问 #公网访问
for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do
iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null
@ -1364,18 +1365,18 @@ stop_firewall() { #还原防火墙配置
ip6tables -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null ip6tables -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null
#redir #redir
ip6tables -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null ip6tables -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null
ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT 2>/dev/null ip6tables -D INPUT -p udp --dport 53 -j REJECT 2>/dev/null
#mark #mark
ip6tables -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null ip6tables -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null
ip6tables -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null ip6tables -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null
ip6tables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null ip6tables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null
#tun #tun
ip6tables -D FORWARD -o utun -j ACCEPT 2>/dev/null ip6tables -D FORWARD -o utun -j ACCEPT 2>/dev/null
ip6tables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" -j REJECT >/dev/null 2>&1 ip6tables -D FORWARD -p udp --dport 443 -o utun -j REJECT >/dev/null 2>&1
#屏蔽QUIC #屏蔽QUIC
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst' [ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst'
ip6tables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT 2>/dev/null ip6tables -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null
ip6tables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT 2>/dev/null ip6tables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT 2>/dev/null
#公网访问 #公网访问
ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null
ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null

View File

@ -1917,7 +1917,9 @@ getcrt(){ #下载根证书文件
error_down error_down
else else
echo ----------------------------------------------- echo -----------------------------------------------
mkdir -p $openssldir [ "$systype" = 'mi_snapshot' ] && cp -f ${TMPDIR}/ca-certificates.crt $CRASHDIR/tools #镜像化设备特殊处理
[ -f $openssldir/certs ] && rm -rf $openssldir/certs #如果certs不是目录而是文件则删除并创建目录
mkdir -p $openssldir/certs
mv -f ${TMPDIR}/ca-certificates.crt $crtdir mv -f ${TMPDIR}/ca-certificates.crt $crtdir
${CRASHDIR}/start.sh webget /dev/null https://baidu.com echooff rediron skipceroff ${CRASHDIR}/start.sh webget /dev/null https://baidu.com echooff rediron skipceroff
if [ "$?" = "1" ];then if [ "$?" = "1" ];then
@ -2231,12 +2233,11 @@ userguide(){
} && echo "已成功开启ipv4转发如未正常开启请手动重启设备" || echo "开启失败!请自行谷歌查找当前设备的开启方法!" } && echo "已成功开启ipv4转发如未正常开启请手动重启设备" || echo "开启失败!请自行谷歌查找当前设备的开启方法!"
fi fi
elif [ "$num" = 2 ];then elif [ "$num" = 2 ];then
setconfig redir_mod "纯净模式" setconfig redir_mod "Redir模式"
setconfig crashcore "clash" setconfig crashcore "clash"
setconfig common_ports "未开启" setconfig common_ports "未开启"
echo ----------------------------------------------- setconfig firewall_area '2'
echo -e "\033[36m请选择设置本机代理的方式\033[0m"
localproxy
elif [ "$num" = 3 ];then elif [ "$num" = 3 ];then
mv -f $CFG_PATH.bak $CFG_PATH mv -f $CFG_PATH.bak $CFG_PATH
echo -e "\033[32m脚本设置已还原\033[0m" echo -e "\033[32m脚本设置已还原\033[0m"