mirror of
https://github.com/juewuy/ShellCrash.git
synced 2024-11-16 03:32:34 +08:00
Compare commits
6 Commits
0afd40443b
...
d2b094718a
Author | SHA1 | Date | |
---|---|---|---|
|
d2b094718a | ||
|
5ff25682c1 | ||
|
32f48046fa | ||
|
fbb8bbf25e | ||
|
36c9601749 | ||
|
284b89f705 |
|
@ -17,7 +17,7 @@
|
||||||
功能简介:
|
功能简介:
|
||||||
--
|
--
|
||||||
|
|
||||||
~通过管理脚本在Shell环境下便捷使用<br>
|
~通过管理脚本在Shell环境下便捷使用Mihomo/Singbox内核<br>
|
||||||
~支持在Shell环境下管理<br>
|
~支持在Shell环境下管理<br>
|
||||||
~支持在线导入订阅及配置链接<br>
|
~支持在线导入订阅及配置链接<br>
|
||||||
~支持配置定时任务,支持配置文件定时更新<br>
|
~支持配置定时任务,支持配置文件定时更新<br>
|
||||||
|
@ -160,5 +160,4 @@ ubus/iproute-doc 极低 缺少时无法正常获取本机host地址
|
||||||
|
|
||||||
机场推荐:
|
机场推荐:
|
||||||
--
|
--
|
||||||
#### [大米-群友力荐,流媒体解锁,月付推荐](https://cloud.bigme.pro/user#/register?code=2PuWY9I7)<br>
|
#### [大米-群友力荐,流媒体解锁,月付推荐](https://1s.bigmeok.me/user#/register?code=2PuWY9I7)<br>
|
||||||
#### [Dler-老牌稳定,流媒体解锁,年付推荐](https://dler.best/auth/register?affid=89698)<br>
|
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,8 +1,8 @@
|
||||||
clashnet_v=v1.7.6
|
clashnet_v=v1.7.6
|
||||||
clashpre_v=2022.11.25
|
clashpre_v=2022.11.25
|
||||||
clash_v=v1.7.1
|
clash_v=v1.7.1
|
||||||
meta_v=v1.18.1
|
meta_v=v1.18.5
|
||||||
singboxp_v=1.9.0-beta.16-3140e7ac
|
singboxp_v=1.9.0-5dd2e2da
|
||||||
singbox_v=1.8.8
|
singbox_v=1.9.0
|
||||||
versionsh=1.9.1beta8
|
versionsh=1.9.1beta9
|
||||||
GeoIP_v=20240601
|
GeoIP_v=20240601
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# Copyright (C) Juewuy
|
# Copyright (C) Juewuy
|
||||||
|
|
||||||
version=1.9.1beta8
|
version=1.9.1beta9
|
||||||
|
|
||||||
setdir(){
|
setdir(){
|
||||||
dir_avail(){
|
dir_avail(){
|
||||||
|
|
|
@ -62,9 +62,11 @@ init(){
|
||||||
#启动服务
|
#启动服务
|
||||||
if [ ! -f $CRASHDIR/.dis_startup ]; then
|
if [ ! -f $CRASHDIR/.dis_startup ]; then
|
||||||
#AX6S/AX6000修复tun功能
|
#AX6S/AX6000修复tun功能
|
||||||
[ -f $CRASHDIR/configs/tun.ko ] && tunfix
|
[ -s $CRASHDIR/tools/tun.ko ] && tunfix
|
||||||
#小米7000/小米万兆修复tproxy
|
#小米7000/小米万兆修复tproxy
|
||||||
[ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix
|
[ -f /etc/init.d/qca-nss-ecm ] && [ -n "$(grep 'redir_mod=Tproxy' $CRASHDIR/configs/ShellCrash.cfg )" ] && tproxyfix
|
||||||
|
#自动覆盖根证书文件
|
||||||
|
[ -s $CRASHDIR/tools/ca-certificates.crt ] && cp -f $CRASHDIR/tools/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
||||||
#启动服务
|
#启动服务
|
||||||
$CRASHDIR/start.sh start
|
$CRASHDIR/start.sh start
|
||||||
/etc/init.d/shellcrash enable
|
/etc/init.d/shellcrash enable
|
||||||
|
|
|
@ -12,7 +12,7 @@ CRASHDIR=$(cd $(dirname $0);pwd)
|
||||||
getconfig() { #读取配置及全局变量
|
getconfig() { #读取配置及全局变量
|
||||||
#加载配置文件
|
#加载配置文件
|
||||||
. "$CRASHDIR"/configs/ShellCrash.cfg >/dev/null
|
. "$CRASHDIR"/configs/ShellCrash.cfg >/dev/null
|
||||||
#默认设置
|
#缺省值
|
||||||
[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式
|
[ -z "$redir_mod" ] && [ "$USER" = "root" -o "$USER" = "admin" ] && redir_mod=Redir模式
|
||||||
[ -z "$redir_mod" ] && redir_mod=纯净模式
|
[ -z "$redir_mod" ] && redir_mod=纯净模式
|
||||||
[ -z "$skip_cert" ] && skip_cert=已开启
|
[ -z "$skip_cert" ] && skip_cert=已开启
|
||||||
|
@ -20,6 +20,7 @@ getconfig() { #读取配置及全局变量
|
||||||
[ -z "$ipv6_redir" ] && ipv6_redir=未开启
|
[ -z "$ipv6_redir" ] && ipv6_redir=未开启
|
||||||
[ -z "$ipv6_dns" ] && ipv6_dns=已开启
|
[ -z "$ipv6_dns" ] && ipv6_dns=已开启
|
||||||
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
|
[ -z "$cn_ipv6_route" ] && cn_ipv6_route=未开启
|
||||||
|
[ -z "$macfilter_type" ] && macfilter_type=黑名单
|
||||||
[ -z "$mix_port" ] && mix_port=7890
|
[ -z "$mix_port" ] && mix_port=7890
|
||||||
[ -z "$redir_port" ] && redir_port=7892
|
[ -z "$redir_port" ] && redir_port=7892
|
||||||
[ -z "$tproxy_port" ] && tproxy_port=7893
|
[ -z "$tproxy_port" ] && tproxy_port=7893
|
||||||
|
@ -1079,7 +1080,7 @@ start_iptables() { #iptables配置总入口
|
||||||
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports'; then
|
if ip6tables -j REDIRECT -h 2>/dev/null | grep -q '\--to-ports'; then
|
||||||
start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
|
start_ipt_dns ip6tables PREROUTING shellcrashv6_dns #ipv6-局域网dns转发
|
||||||
else
|
else
|
||||||
ip6tables -I INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT
|
ip6tables -I INPUT -p udp --dport 53 -j REJECT
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
[ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发
|
[ "$local_proxy" = true ] && start_ipt_dns iptables OUTPUT shellcrash_dns_out #ipv4-本机dns转发
|
||||||
|
@ -1090,8 +1091,8 @@ start_iptables() { #iptables配置总入口
|
||||||
set_cn_ip='-m set ! --match-set cn_ip dst'
|
set_cn_ip='-m set ! --match-set cn_ip dst'
|
||||||
set_cn_ip6='-m set ! --match-set cn_ip6 dst'
|
set_cn_ip6='-m set ! --match-set cn_ip6 dst'
|
||||||
}
|
}
|
||||||
iptables -I FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT >/dev/null 2>&1
|
iptables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT >/dev/null 2>&1
|
||||||
ip6tables -I FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT >/dev/null 2>&1
|
ip6tables -I FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
start_nft_route() { #nftables-route通用工具
|
start_nft_route() { #nftables-route通用工具
|
||||||
|
@ -1337,8 +1338,8 @@ stop_firewall() { #还原防火墙配置
|
||||||
iptables -D FORWARD -o utun -j ACCEPT 2>/dev/null
|
iptables -D FORWARD -o utun -j ACCEPT 2>/dev/null
|
||||||
#屏蔽QUIC
|
#屏蔽QUIC
|
||||||
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
|
[ "$dns_mod" != "fake-ip" -a "$cn_ip_route" = "已开启" ] && set_cn_ip='-m set ! --match-set cn_ip dst'
|
||||||
iptables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null
|
iptables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null
|
||||||
iptables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null
|
iptables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip -j REJECT 2>/dev/null
|
||||||
#公网访问
|
#公网访问
|
||||||
for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do
|
for ip in $host_ipv4 $local_ipv4 $reserve_ipv4; do
|
||||||
iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null
|
iptables -D INPUT -p tcp -s $ip --dport $mix_port -j ACCEPT 2>/dev/null
|
||||||
|
@ -1364,18 +1365,18 @@ stop_firewall() { #还原防火墙配置
|
||||||
ip6tables -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null
|
ip6tables -t nat -D PREROUTING -p udp --dport 53 -j shellcrashv6_dns 2>/dev/null
|
||||||
#redir
|
#redir
|
||||||
ip6tables -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null
|
ip6tables -t nat -D PREROUTING -p tcp $ports -j shellcrashv6 2>/dev/null
|
||||||
ip6tables -D INPUT -p udp --dport 53 -m comment --comment "ShellCrash-IPV6_DNS-REJECT" -j REJECT 2>/dev/null
|
ip6tables -D INPUT -p udp --dport 53 -j REJECT 2>/dev/null
|
||||||
#mark
|
#mark
|
||||||
ip6tables -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null
|
ip6tables -t mangle -D PREROUTING -p tcp $ports -j shellcrashv6_mark 2>/dev/null
|
||||||
ip6tables -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null
|
ip6tables -t mangle -D PREROUTING -p udp $ports -j shellcrashv6_mark 2>/dev/null
|
||||||
ip6tables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip -j REJECT 2>/dev/null
|
ip6tables -D INPUT -p udp --dport 443 $set_cn_ip -j REJECT 2>/dev/null
|
||||||
#tun
|
#tun
|
||||||
ip6tables -D FORWARD -o utun -j ACCEPT 2>/dev/null
|
ip6tables -D FORWARD -o utun -j ACCEPT 2>/dev/null
|
||||||
ip6tables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" -j REJECT >/dev/null 2>&1
|
ip6tables -D FORWARD -p udp --dport 443 -o utun -j REJECT >/dev/null 2>&1
|
||||||
#屏蔽QUIC
|
#屏蔽QUIC
|
||||||
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst'
|
[ "$dns_mod" != "fake-ip" -a "$cn_ipv6_route" = "已开启" ] && set_cn_ip6='-m set ! --match-set cn_ip6 dst'
|
||||||
ip6tables -D INPUT -p udp --dport 443 -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT 2>/dev/null
|
ip6tables -D INPUT -p udp --dport 443 $set_cn_ip6 -j REJECT 2>/dev/null
|
||||||
ip6tables -D FORWARD -p udp --dport 443 -o utun -m comment --comment "ShellCrash-QUIC-REJECT" $set_cn_ip6 -j REJECT 2>/dev/null
|
ip6tables -D FORWARD -p udp --dport 443 -o utun $set_cn_ip6 -j REJECT 2>/dev/null
|
||||||
#公网访问
|
#公网访问
|
||||||
ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null
|
ip6tables -D INPUT -p tcp --dport $mix_port -j REJECT 2>/dev/null
|
||||||
ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null
|
ip6tables -D INPUT -p tcp --dport $mix_port -j ACCEPT 2>/dev/null
|
||||||
|
|
|
@ -1917,7 +1917,9 @@ getcrt(){ #下载根证书文件
|
||||||
error_down
|
error_down
|
||||||
else
|
else
|
||||||
echo -----------------------------------------------
|
echo -----------------------------------------------
|
||||||
mkdir -p $openssldir
|
[ "$systype" = 'mi_snapshot' ] && cp -f ${TMPDIR}/ca-certificates.crt $CRASHDIR/tools #镜像化设备特殊处理
|
||||||
|
[ -f $openssldir/certs ] && rm -rf $openssldir/certs #如果certs不是目录而是文件则删除并创建目录
|
||||||
|
mkdir -p $openssldir/certs
|
||||||
mv -f ${TMPDIR}/ca-certificates.crt $crtdir
|
mv -f ${TMPDIR}/ca-certificates.crt $crtdir
|
||||||
${CRASHDIR}/start.sh webget /dev/null https://baidu.com echooff rediron skipceroff
|
${CRASHDIR}/start.sh webget /dev/null https://baidu.com echooff rediron skipceroff
|
||||||
if [ "$?" = "1" ];then
|
if [ "$?" = "1" ];then
|
||||||
|
@ -2231,12 +2233,11 @@ userguide(){
|
||||||
} && echo "已成功开启ipv4转发,如未正常开启,请手动重启设备!" || echo "开启失败!请自行谷歌查找当前设备的开启方法!"
|
} && echo "已成功开启ipv4转发,如未正常开启,请手动重启设备!" || echo "开启失败!请自行谷歌查找当前设备的开启方法!"
|
||||||
fi
|
fi
|
||||||
elif [ "$num" = 2 ];then
|
elif [ "$num" = 2 ];then
|
||||||
setconfig redir_mod "纯净模式"
|
setconfig redir_mod "Redir模式"
|
||||||
setconfig crashcore "clash"
|
setconfig crashcore "clash"
|
||||||
setconfig common_ports "未开启"
|
setconfig common_ports "未开启"
|
||||||
echo -----------------------------------------------
|
setconfig firewall_area '2'
|
||||||
echo -e "\033[36m请选择设置本机代理的方式\033[0m"
|
|
||||||
localproxy
|
|
||||||
elif [ "$num" = 3 ];then
|
elif [ "$num" = 3 ];then
|
||||||
mv -f $CFG_PATH.bak $CFG_PATH
|
mv -f $CFG_PATH.bak $CFG_PATH
|
||||||
echo -e "\033[32m脚本设置已还原!\033[0m"
|
echo -e "\033[32m脚本设置已还原!\033[0m"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user