├── .github └── workflows │ └── multi-arch-test-build.yml ├── LICENSE ├── README.md ├── chinadns-ng └── Makefile ├── dns2socks └── Makefile ├── dns2tcp └── Makefile ├── gn ├── Makefile ├── patches │ └── 010-gcc.patch └── src │ └── out │ └── last_commit_position.h ├── hysteria └── Makefile ├── ipt2socks └── Makefile ├── lua-neturl ├── Makefile └── patches │ └── 010-userinfo-regex.patch ├── luci-app-ssr-plus ├── Makefile ├── luasrc │ ├── controller │ │ └── shadowsocksr.lua │ ├── model │ │ └── cbi │ │ │ └── shadowsocksr │ │ │ ├── advanced.lua │ │ │ ├── client-config.lua │ │ │ ├── client.lua │ │ │ ├── control.lua │ │ │ ├── log.lua │ │ │ ├── server-config.lua │ │ │ ├── server.lua │ │ │ ├── servers.lua │ │ │ └── status.lua │ └── view │ │ └── shadowsocksr │ │ ├── certupload.htm │ │ ├── check.htm │ │ ├── checkport.htm │ │ ├── ping.htm │ │ ├── refresh.htm │ │ ├── reset.htm │ │ ├── server_list.htm │ │ ├── socket.htm │ │ ├── ssrurl.htm │ │ ├── status.htm │ │ └── subscribe.htm ├── po │ ├── zh-cn │ │ └── ssr-plus.po │ └── zh_Hans └── root │ ├── etc │ ├── config │ │ └── shadowsocksr │ ├── init.d │ │ └── shadowsocksr │ ├── ssrplus │ │ ├── ad.conf │ │ ├── black.list │ │ ├── china_ssr.txt │ │ ├── deny.list │ │ ├── gfw_base.conf │ │ ├── gfw_list.conf │ │ ├── netflix.list │ │ ├── netflixip.list │ │ ├── oversea_list.conf │ │ └── white.list │ └── uci-defaults │ │ └── luci-ssr-plus │ └── usr │ ├── bin │ ├── ssr-monitor │ ├── ssr-rules │ └── ssr-switch │ └── share │ ├── rpcd │ └── acl.d │ │ └── luci-app-ssr-plus.json │ └── shadowsocksr │ ├── chinaipset.sh │ ├── gen_config.lua │ ├── genred2config.sh │ ├── gfw2ipset.sh │ ├── ssrplusupdate.sh │ ├── subscribe.lua │ └── update.lua ├── microsocks └── Makefile ├── naiveproxy ├── Makefile ├── patches │ └── 100-macros.patch └── src │ └── init_env.sh ├── redsocks2 └── Makefile ├── shadowsocks-rust └── Makefile ├── shadowsocksr-libev ├── Makefile ├── patches │ ├── 0001-Add-ss-server-and-ss-check.patch │ ├── 0002-Revert-verify_simple-and-auth_simple.patch │ ├── 0003-Refine-Usage.patch │ ├── 100-fix-gcc-10.patch │ ├── 101-Fix-Werror-sizeof-pointer-memaccess.patch │ ├── 102-Read-listening-mode-from-config.patch │ └── 103-Add-TPROXY-support-for-TCP-ssr-redir.patch └── src │ └── server │ ├── Makefile.am │ ├── Makefile.in │ ├── README.md │ ├── acl.c │ ├── acl.h │ ├── auth.c │ ├── auth.h │ ├── base64.c │ ├── base64.h │ ├── cache.c │ ├── cache.h │ ├── check.c │ ├── common.h │ ├── crc32.c │ ├── encrypt.c │ ├── encrypt.h │ ├── http.c │ ├── http.h │ ├── http_simple.c │ ├── http_simple.h │ ├── jconf.c │ ├── jconf.h │ ├── json.c │ ├── json.h │ ├── list.c │ ├── list.h │ ├── netutils.c │ ├── netutils.h │ ├── obfs.c │ ├── obfs.h │ ├── obfsutil.c │ ├── protocol.h │ ├── resolv.c │ ├── resolv.h │ ├── rule.c │ ├── rule.h │ ├── server.c │ ├── server.h │ ├── tls.c │ ├── tls.h │ ├── tls1.2_ticket.c │ ├── tls1.2_ticket.h │ ├── udprelay.c │ ├── udprelay.h │ ├── uthash.h │ ├── utils.c │ ├── utils.h │ ├── verify.c │ └── verify.h ├── simple-obfs └── Makefile ├── tcping └── Makefile ├── trojan └── Makefile ├── tuic-client └── Makefile ├── v2ray-core └── Makefile ├── v2ray-geodata └── Makefile ├── v2ray-plugin └── Makefile ├── v2raya ├── Makefile ├── files │ ├── v2raya.config │ └── v2raya.init └── patches │ ├── 013-fix-we-should-skip-interface-ppp-to-avoid-to-break-net.patch │ ├── 014-fix-seed-cannot-be-read-from-vless-sharing-link-and-add-m.patch │ ├── 015-fix-a-problem-that-supervisor-cannot-exit-normally.patch │ ├── 016-fix-unexpected-exit-does-not-apply-stop-steps.patch │ ├── 017-optimize-reduce-disk-writes.patch │ ├── 018-fix-do-not-rollback-closed-transaction.patch │ └── 100-compat-v5.patch ├── xray-core └── Makefile └── xray-plugin └── Makefile /.github/workflows/multi-arch-test-build.yml: -------------------------------------------------------------------------------- 1 | name: Test Build 2 | 3 | on: 4 | pull_request: 5 | paths-ignore: 6 | - '**.md' 7 | 8 | jobs: 9 | build: 10 | name: Test ${{ matrix.arch }} 11 | runs-on: ubuntu-latest 12 | strategy: 13 | fail-fast: false 14 | matrix: 15 | include: 16 | - arch: arm_cortex-a9_vfpv3-d16 17 | target: mvebu-cortexa9 18 | 19 | - arch: mips_24kc 20 | target: ath79-generic 21 | 22 | - arch: mipsel_24kc 23 | target: mt7621 24 | 25 | - arch: powerpc_464fp 26 | target: apm821xx-nand 27 | 28 | - arch: powerpc_8548 29 | target: mpc85xx-p1010 30 | 31 | - arch: aarch64_cortex-a53 32 | target: mvebu-cortexa53 33 | 34 | - arch: arm_cortex-a15_neon-vfpv4 35 | target: armvirt-32 36 | 37 | - arch: i386_pentium-mmx 38 | target: x86-geode 39 | 40 | - arch: x86_64 41 | target: x86-64 42 | 43 | steps: 44 | - uses: actions/checkout@v3 45 | with: 46 | fetch-depth: 0 47 | 48 | - name: Determine branch name 49 | run: | 50 | BRANCH="${GITHUB_BASE_REF#refs/heads/}" 51 | echo "Building for $BRANCH" 52 | echo "BRANCH=$BRANCH" >> $GITHUB_ENV 53 | 54 | - name: Determine changed packages 55 | run: | 56 | # only detect packages with changes 57 | PKG_ROOTS=$(find . -name Makefile | \ 58 | grep -v ".*/src/Makefile" | \ 59 | sed -e 's@./\(.*\)/Makefile@\1/@') 60 | CHANGES=$(git diff --diff-filter=d --name-only origin/$BRANCH) 61 | 62 | for ROOT in $PKG_ROOTS; do 63 | for CHANGE in $CHANGES; do 64 | if [[ "$CHANGE" == "$ROOT"* ]]; then 65 | PACKAGES+=$(echo "$ROOT" | sed -e 's@\(.*\)/@\1 @') 66 | break 67 | fi 68 | done 69 | done 70 | # fallback to test packages if nothing explicitly changes this is 71 | # should run if other mechanics in packages.git changed 72 | PACKAGES="${PACKAGES:-luci-app-ssr-plus}" 73 | 74 | echo "Building $PACKAGES" 75 | echo "PACKAGES=$PACKAGES" >> $GITHUB_ENV 76 | 77 | - name: Build 78 | uses: immortalwrt/gh-action-sdk@v4.1 79 | env: 80 | ARCH: ${{ matrix.arch }}-${{ env.BRANCH }} 81 | FEEDNAME: packages_ci 82 | 83 | - name: Move created packages to project dir 84 | run: cp bin/packages/${{ matrix.arch }}/packages_ci/*.ipk . || true 85 | 86 | - name: Collect metadata 87 | run: | 88 | MERGE_ID=$(git rev-parse --short HEAD) 89 | echo "MERGE_ID=$MERGE_ID" >> $GITHUB_ENV 90 | echo "BASE_ID=$(git rev-parse --short HEAD^1)" >> $GITHUB_ENV 91 | echo "HEAD_ID=$(git rev-parse --short HEAD^2)" >> $GITHUB_ENV 92 | PRNUMBER=${GITHUB_REF_NAME%/merge} 93 | echo "PRNUMBER=$PRNUMBER" >> $GITHUB_ENV 94 | echo "ARCHIVE_NAME=${{matrix.arch}}-PR$PRNUMBER-$MERGE_ID" >> $GITHUB_ENV 95 | 96 | - name: Generate metadata 97 | run: | 98 | cat << _EOF_ > PKG-INFO 99 | Metadata-Version: 2.1 100 | Name: ${{env.ARCHIVE_NAME}} 101 | Version: $BRANCH 102 | Author: $GITHUB_ACTOR 103 | Home-page: $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/pull/$PRNUMBER 104 | Download-URL: $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID 105 | Summary: $PACKAGES 106 | Platform: ${{ matrix.arch }} 107 | Packages for ImmortalWrt $BRANCH running on ${{matrix.arch}}, built from PR $PRNUMBER 108 | at commit $HEAD_ID, against $BRANCH at commit $BASE_ID, with merge SHA $MERGE_ID. 109 | Modified packages: 110 | _EOF_ 111 | for p in $PACKAGES 112 | do 113 | echo " "$p >> PKG-INFO 114 | done 115 | echo >> PKG-INFO 116 | echo Full file listing: >> PKG-INFO 117 | ls -al *.ipk >> PKG-INFO || true 118 | cat PKG-INFO 119 | 120 | - name: Store packages 121 | uses: actions/upload-artifact@v3 122 | with: 123 | name: ${{env.ARCHIVE_NAME}}-packages 124 | path: | 125 | *.ipk 126 | PKG-INFO 127 | 128 | - name: Store logs 129 | uses: actions/upload-artifact@v3 130 | with: 131 | name: ${{env.ARCHIVE_NAME}}-logs 132 | path: | 133 | logs/ 134 | PKG-INFO 135 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Setup instruction 2 | 3 | ### Method 1 - Clone this repo directly 4 | 5 | 1. Clone this repo: 6 | 7 | ```bash 8 | rm -rf package/helloworld 9 | git clone --depth=1 https://github.com/fw876/helloworld.git package/helloworld 10 | ``` 11 | 12 | 2. Pull upstream commits: 13 | 14 | ```bash 15 | git -C package/helloworld pull 16 | ``` 17 | 18 | - Remove 19 | 20 | ```bash 21 | rm -rf package/helloworld 22 | ``` 23 | 24 | ### Method 2 - Add this repo as a git submodule 25 | 26 | 1. Add new submodule: 27 | 28 | ```bash 29 | rm -rf package/helloworld 30 | git submodule add -f --name helloworld https://github.com/fw876/helloworld.git package/helloworld 31 | ``` 32 | 33 | 2. Pull upstream commits: 34 | 35 | ```bash 36 | git submodule update --remote package/helloworld 37 | ``` 38 | 39 | - Remove 40 | 41 | ```bash 42 | git submodule deinit -f package/helloworld 43 | git rm -f package/helloworld 44 | git reset HEAD .gitmodules 45 | rm -rf .git/modules{/,/package/}helloworld 46 | ``` 47 | 48 | ### Method 3 - Add this repo as an OpenWrt feed 49 | 50 | 1. Add new feed: 51 | 52 | ```bash 53 | sed -i "/helloworld/d" "feeds.conf.default" 54 | echo "src-git helloworld https://github.com/fw876/helloworld.git" >> "feeds.conf.default" 55 | ``` 56 | 57 | 2. Pull upstream commits: 58 | 59 | ```bash 60 | ./scripts/feeds update helloworld 61 | ./scripts/feeds install -a -f -p helloworld 62 | ``` 63 | 64 | - Remove 65 | 66 | ```bash 67 | sed -i "/helloworld/d" "feeds.conf.default" 68 | ./scripts/feeds clean 69 | ./scripts/feeds update -a 70 | ./scripts/feeds install -a 71 | ``` 72 | 73 | ### Note 74 | 75 | #### ⚠ For OpenWrt 21.02 or lower version 76 | You have to manually upgrade Golang toolchain to [1.19](https://github.com/openwrt/packages/tree/openwrt-22.03/lang/golang) or higher to compile Xray-core. 77 | 78 | e.g.: 79 | 80 | ```bash 81 | ./scripts/feeds update packages 82 | rm -rf feeds/packages/lang/golang 83 | svn co https://github.com/openwrt/packages/branches/openwrt-22.03/lang/golang feeds/packages/lang/golang 84 | ``` 85 | -------------------------------------------------------------------------------- /chinadns-ng/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2023 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=chinadns-ng 8 | PKG_VERSION:=2023.04.20 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/zfl9/chinadns-ng/tar.gz/$(PKG_VERSION)? 13 | PKG_HASH:=e1f5197ecd96ebab4440fe069e0a06935df7ea07ac1ad0bab3f88bffe0055294 14 | 15 | PKG_LICENSE:=AGPL-3.0-only 16 | PKG_LICENSE_FILES:=LICENSE 17 | PKG_MAINTAINER:=pexcn 18 | 19 | PKG_BUILD_PARALLEL:=1 20 | PKG_INSTALL:=1 21 | 22 | include $(INCLUDE_DIR)/package.mk 23 | 24 | define Package/chinadns-ng 25 | SECTION:=net 26 | CATEGORY:=Network 27 | SUBMENU:=IP Addresses and Names 28 | TITLE:=ChinaDNS next generation, refactoring with epoll and ipset. 29 | URL:=https://github.com/zfl9/chinadns-ng 30 | DEPENDS:=+ipset 31 | endef 32 | 33 | define Package/chinadns-ng/install 34 | $(INSTALL_DIR) $(1)/usr/bin 35 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/chinadns-ng $(1)/usr/bin 36 | endef 37 | 38 | $(eval $(call BuildPackage,chinadns-ng)) 39 | -------------------------------------------------------------------------------- /dns2socks/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=dns2socks 8 | PKG_VERSION:=2.1 9 | PKG_RELEASE:=2 10 | 11 | PKG_SOURCE:=SourceCode.zip 12 | PKG_SOURCE_URL:=@SF/dns2socks 13 | PKG_SOURCE_DATE:=2020-02-18 14 | PKG_HASH:=406b5003523577d39da66767adfe54f7af9b701374363729386f32f6a3a995f4 15 | 16 | PKG_MAINTAINER:=ghostmaker 17 | PKG_LICENSE:=BSD-3-Clause 18 | PKG_LICENSE_FILE:=LICENSE 19 | 20 | include $(INCLUDE_DIR)/package.mk 21 | 22 | UNZIP_CMD:=unzip -q -d $(PKG_BUILD_DIR) $(DL_DIR)/$(PKG_SOURCE) 23 | 24 | define Package/dns2socks 25 | SECTION:=net 26 | CATEGORY:=Network 27 | SUBMENU:=IP Addresses and Names 28 | TITLE:=DNS to SOCKS or HTTP proxy 29 | URL:=http://dns2socks.sourceforge.net/ 30 | DEPENDS:=+libpthread 31 | endef 32 | 33 | define Package/dns2socks/description 34 | This is a command line utility to resolve DNS requests via 35 | a SOCKS tunnel like Tor or a HTTP proxy. 36 | endef 37 | 38 | define Build/Compile 39 | $(TARGET_CC) \ 40 | $(TARGET_CFLAGS) \ 41 | $(TARGET_CPPFLAGS) \ 42 | $(FPIC) \ 43 | -o $(PKG_BUILD_DIR)/DNS2SOCKS/dns2socks \ 44 | $(PKG_BUILD_DIR)/DNS2SOCKS/DNS2SOCKS.c \ 45 | $(TARGET_LDFLAGS) -pthread 46 | endef 47 | 48 | define Package/dns2socks/install 49 | $(INSTALL_DIR) $(1)/usr/bin 50 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/DNS2SOCKS/dns2socks $(1)/usr/bin/dns2socks 51 | endef 52 | 53 | $(eval $(call BuildPackage,dns2socks)) 54 | -------------------------------------------------------------------------------- /dns2tcp/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2022 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=dns2tcp 8 | PKG_VERSION:=1.1.0 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE_PROTO:=git 12 | PKG_SOURCE_URL:=https://github.com/zfl9/dns2tcp.git 13 | PKG_SOURCE_DATE:=2020-05-05 14 | PKG_SOURCE_VERSION:=10ed687778f18d1b9c98bb51187a3a9086d3a0d9 15 | PKG_MIRROR_HASH:=bb40f027fef8534b0f905a827dbc3cc613fd06b705392148a12b80e1f9570a88 16 | 17 | PKG_MAINTAINER:=Tianling Shen 18 | PKG_LICENSE:=AGPL-3.0-only 19 | PKG_LICENSE_FILES:=LICENSE 20 | 21 | PKG_BUILD_PARALLEL:=1 22 | PKG_USE_MIPS16:=0 23 | 24 | include $(INCLUDE_DIR)/package.mk 25 | 26 | define Package/dns2tcp 27 | SECTION:=net 28 | CATEGORY:=Network 29 | SUBMENU:=IP Addresses and Names 30 | TITLE:=utility to convert dns query from udp to tcp 31 | URL:=https://github.com/zfl9/dns2tcp 32 | endef 33 | 34 | TARGET_CFLAGS+= $(FPIC) -flto 35 | MAKE_FLAGS+= \ 36 | CFLAGS="-std=c99 $(TARGET_CFLAGS)" \ 37 | EVCFLAGS="$(TARGET_CFLAGS)" 38 | 39 | define Package/dns2tcp/install 40 | $(INSTALL_DIR) $(1)/usr/bin 41 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/dns2tcp $(1)/usr/bin/ 42 | endef 43 | 44 | $(eval $(call BuildPackage,dns2tcp)) 45 | -------------------------------------------------------------------------------- /gn/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2022 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=gn 8 | PKG_RELEASE:=1 9 | 10 | PKG_SOURCE_PROTO:=git 11 | PKG_SOURCE_URL:=https://gn.googlesource.com/gn.git 12 | PKG_SOURCE_DATE:=2023-04-05 13 | PKG_SOURCE_VERSION:=28b7b6c507eb808567e3aea446cd259f7691fddc 14 | PKG_MIRROR_HASH:=5b112442eabea4b906cc409237fac13b8efb4f5acb25989b1883d5ce96deebd2 15 | 16 | PKG_LICENSE:=BSD 3-Clause 17 | PKG_LICENSE_FILES:=LICENSE 18 | PKG_MAINTAINER:=Tianling Shen 19 | 20 | ifneq ($(wildcard $(TOPDIR)/feeds/packages/devel/ninja/ninja.mk),) 21 | PKG_BUILD_DEPENDS+= ninja/host 22 | endif 23 | PKG_HOST_ONLY:=1 24 | HOST_BUILD_PARALLEL:=1 25 | 26 | include $(INCLUDE_DIR)/host-build.mk 27 | include $(INCLUDE_DIR)/package.mk 28 | 29 | define Package/gn 30 | SECTION:=devel 31 | CATEGORY:=Development 32 | TITLE:=A meta-build system that generates build files for Ninja 33 | URL:=https://gn.googlesource.com/gn/ 34 | BUILDONLY:=1 35 | endef 36 | 37 | define Package/gn/description 38 | GN can generate Ninja build files for C, C++, Rust, Objective C, 39 | and Swift source on most popular platforms. 40 | endef 41 | 42 | define Host/Configure 43 | $(PYTHON) $(HOST_BUILD_DIR)/build/gen.py \ 44 | --no-last-commit-position 45 | endef 46 | 47 | define Host/Compile 48 | ninja -C $(HOST_BUILD_DIR)/out 49 | endef 50 | 51 | define Host/Install 52 | $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin/ 53 | $(INSTALL_BIN) $(HOST_BUILD_DIR)/out/gn $(STAGING_DIR_HOSTPKG)/bin/ 54 | endef 55 | 56 | define Host/Clean 57 | $(RM) $(STAGING_DIR_HOSTPKG)/bin/gn 58 | endef 59 | 60 | $(eval $(call HostBuild)) 61 | $(eval $(call BuildPackage,gn)) 62 | -------------------------------------------------------------------------------- /gn/patches/010-gcc.patch: -------------------------------------------------------------------------------- 1 | --- a/build/gen.py 2 | +++ b/build/gen.py 3 | @@ -368,7 +368,7 @@ def WriteGNNinja(path, platform, host, o 4 | cxx = os.environ.get('CXX', 'g++') 5 | ld = os.environ.get('LD', 'g++') 6 | ar = os.environ.get('AR', 'ar -X64') 7 | - elif platform.is_msys() or platform.is_mingw(): 8 | + elif platform.is_msys() or platform.is_mingw() or platform.is_linux(): 9 | cxx = os.environ.get('CXX', 'g++') 10 | ld = os.environ.get('LD', 'g++') 11 | ar = os.environ.get('AR', 'ar') 12 | -------------------------------------------------------------------------------- /gn/src/out/last_commit_position.h: -------------------------------------------------------------------------------- 1 | // Generated by build/gen.py. 2 | 3 | #ifndef OUT_LAST_COMMIT_POSITION_H_ 4 | #define OUT_LAST_COMMIT_POSITION_H_ 5 | 6 | #define LAST_COMMIT_POSITION_NUM 2085 7 | #define LAST_COMMIT_POSITION "2085 (28b7b6c507eb)" 8 | 9 | #endif // OUT_LAST_COMMIT_POSITION_H_ 10 | -------------------------------------------------------------------------------- /hysteria/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2022 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=hysteria 8 | PKG_VERSION:=1.3.5 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/apernet/hysteria/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=9b3b5fca069d215a1f4c9cf3aa0a7b4e9b1fe21216fddb483a20ab42eb4a4dd7 14 | 15 | PKG_LICENSE:=MIT 16 | PKG_LICENSE_FILE:=LICENSE 17 | PKG_MAINTAINER:=Tianling Shen 18 | 19 | PKG_BUILD_DEPENDS:=golang/host 20 | PKG_BUILD_PARALLEL:=1 21 | PKG_USE_MIPS16:=0 22 | 23 | GO_PKG:=github.com/apernet/hysteria 24 | GO_PKG_BUILD_PKG:=$(GO_PKG)/app/cmd 25 | GO_PKG_LDFLAGS_X:=main.appVersion=$(PKG_VERSION) 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 29 | 30 | define Package/hysteria 31 | SECTION:=net 32 | CATEGORY:=Network 33 | TITLE:=A feature-packed network utility optimized for networks of poor quality 34 | URL:=https://github.com/apernet/hysteria 35 | DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle 36 | endef 37 | 38 | define Package/hysteria/description 39 | Hysteria is a feature-packed network utility optimized for networks 40 | of poor quality (e.g. satellite connections, congested public Wi-Fi, 41 | connecting from China to servers abroad) powered by a custom version 42 | of QUIC protocol. 43 | endef 44 | 45 | define Package/hysteria/install 46 | $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) 47 | 48 | $(INSTALL_DIR) $(1)/usr/bin 49 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/cmd $(1)/usr/bin/hysteria 50 | endef 51 | 52 | $(eval $(call GoBinPackage,hysteria)) 53 | $(eval $(call BuildPackage,hysteria)) 54 | -------------------------------------------------------------------------------- /ipt2socks/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=ipt2socks 8 | PKG_VERSION:=1.1.3 9 | PKG_RELEASE:=3 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/zfl9/ipt2socks/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=5279eb1cb7555cf9292423cc9f672dc43e6e214b3411a6df26a6a1cfa59d88b7 14 | 15 | PKG_BUILD_PARALLEL:=1 16 | PKG_USE_MIPS16:=0 17 | 18 | PKG_LICENSE:=AGPL-3.0 19 | PKG_LICENSE_FILE:=LICENSE 20 | 21 | include $(INCLUDE_DIR)/package.mk 22 | 23 | define Package/ipt2socks 24 | SECTION:=net 25 | CATEGORY:=Network 26 | TITLE:=Convert iptables to socks5 27 | URL:=https://github.com/zfl9/ipt2socks 28 | DEPENDS:=+libpthread 29 | endef 30 | 31 | define Package/ipt2socks/description 32 | Utility for converting iptables (redirect/tproxy) to socks5. 33 | endef 34 | 35 | TARGET_CFLAGS+= $(FPIC) -flto 36 | MAKE_FLAGS+= \ 37 | CFLAGS="-std=c99 -pthread $(TARGET_CFLAGS)" \ 38 | EVCFLAGS="$(TARGET_CFLAGS)" 39 | 40 | define Package/ipt2socks/install 41 | $(INSTALL_DIR) $(1)/usr/bin 42 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/ipt2socks $(1)/usr/bin 43 | endef 44 | 45 | $(eval $(call BuildPackage,ipt2socks)) 46 | -------------------------------------------------------------------------------- /lua-neturl/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2022-2023 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=neturl 8 | PKG_VERSION:=1.1-1 9 | PKG_RELEASE:=3 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/golgote/neturl/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=25f3a94ba9f435ef1395555de2bf17d6f934d789fa515ed965405919e42be27b 14 | 15 | PKG_MAINTAINER:=Tianling Shen 16 | PKG_LICENSE:=MIT 17 | PKG_LICNESE_FILES:=LICENSE.txt 18 | 19 | include $(INCLUDE_DIR)/package.mk 20 | 21 | define Package/lua-neturl 22 | SUBMENU:=Lua 23 | SECTION:=lang 24 | CATEGORY:=Languages 25 | TITLE:=URL and Query string parser, builder, normalizer for Lua 26 | URL:=https://github.com/golgote/neturl 27 | DEPENDS:=+lua 28 | PKGARCH:=all 29 | endef 30 | 31 | define Package/lua-neturl/description 32 | This small Lua library provides a few functions to parse URL with 33 | querystring and build new URL easily. 34 | endef 35 | 36 | define Build/Compile 37 | endef 38 | 39 | define Package/lua-neturl/install 40 | $(INSTALL_DIR) $(1)/usr/lib/lua 41 | $(CP) $(PKG_BUILD_DIR)/lib/net/url.lua $(1)/usr/lib/lua/ 42 | endef 43 | 44 | $(eval $(call BuildPackage,lua-neturl)) 45 | -------------------------------------------------------------------------------- /lua-neturl/patches/010-userinfo-regex.patch: -------------------------------------------------------------------------------- 1 | --- a/lib/net/url.lua 2 | +++ b/lib/net/url.lua 3 | @@ -340,7 +340,7 @@ function M:setAuthority(authority) 4 | self.password = v 5 | return '' 6 | end) 7 | - if string.find(userinfo, "^[%w%+%.]+$") then 8 | + if string.find(userinfo, "^[%p%w%+%.]+$") then 9 | self.user = userinfo 10 | else 11 | -- incorrect userinfo 12 | @@ -369,7 +369,7 @@ function M.parse(url) 13 | comp.fragment = v 14 | return '' 15 | end) 16 | - url =url:gsub('^([%w][%w%+%-%.]*)%:', function(v) 17 | + url =url:gsub('^([%w][%w%+%-%_%.]*)%:', function(v) 18 | comp.scheme = v:lower() 19 | return '' 20 | end) 21 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua: -------------------------------------------------------------------------------- 1 | local uci = luci.model.uci.cursor() 2 | local server_table = {} 3 | 4 | uci:foreach("shadowsocksr", "servers", function(s) 5 | if s.alias then 6 | server_table[s[".name"]] = "[%s]:%s" % {string.upper(s.v2ray_protocol or s.type), s.alias} 7 | elseif s.server and s.server_port then 8 | server_table[s[".name"]] = "[%s]:%s:%s" % {string.upper(s.v2ray_protocol or s.type), s.server, s.server_port} 9 | end 10 | end) 11 | 12 | local key_table = {} 13 | for key, _ in pairs(server_table) do 14 | table.insert(key_table, key) 15 | end 16 | 17 | table.sort(key_table) 18 | 19 | m = Map("shadowsocksr") 20 | -- [[ global ]]-- 21 | s = m:section(TypedSection, "global", translate("Server failsafe auto swith and custom update settings")) 22 | s.anonymous = true 23 | 24 | -- o = s:option(Flag, "monitor_enable", translate("Enable Process Deamon")) 25 | -- o.rmempty = false 26 | -- o.default = "1" 27 | 28 | o = s:option(Flag, "enable_switch", translate("Enable Auto Switch")) 29 | o.rmempty = false 30 | o.default = "1" 31 | 32 | o = s:option(Value, "switch_time", translate("Switch check cycly(second)")) 33 | o.datatype = "uinteger" 34 | o:depends("enable_switch", "1") 35 | o.default = 667 36 | 37 | o = s:option(Value, "switch_timeout", translate("Check timout(second)")) 38 | o.datatype = "uinteger" 39 | o:depends("enable_switch", "1") 40 | o.default = 5 41 | 42 | o = s:option(Value, "switch_try_count", translate("Check Try Count")) 43 | o.datatype = "uinteger" 44 | o:depends("enable_switch", "1") 45 | o.default = 3 46 | 47 | o = s:option(Value, "gfwlist_url", translate("gfwlist Update url")) 48 | o:value("https://fastly.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt", translate("v2fly/domain-list-community")) 49 | o:value("https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt", translate("Loyalsoldier/v2ray-rules-dat")) 50 | o:value("https://fastly.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt", translate("Loukky/gfwlist-by-loukky")) 51 | o:value("https://fastly.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt", translate("gfwlist/gfwlist")) 52 | o.default = "https://fastly.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt" 53 | 54 | o = s:option(Value, "chnroute_url", translate("Chnroute Update url")) 55 | o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN")) 56 | o:value("https://ispip.clang.cn/all_cn_cidr.txt", translate("Clang.CN.CIDR")) 57 | o:value("https://fastly.jsdelivr.net/gh/gaoyifan/china-operator-ip@ip-lists/china.txt", translate("china-operator-ip")) 58 | o.default = "https://ispip.clang.cn/all_cn.txt" 59 | 60 | o = s:option(Flag, "netflix_enable", translate("Enable Netflix Mode")) 61 | o.rmempty = false 62 | 63 | o = s:option(Value, "nfip_url", translate("nfip_url")) 64 | o:value("https://fastly.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt", translate("Netflix IP Only")) 65 | o:value("https://fastly.jsdelivr.net/gh/QiuSimons/Netflix_IP/getflix.txt", translate("Netflix and AWS")) 66 | o.default = "https://fastly.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt" 67 | o.description = translate("Customize Netflix IP Url") 68 | o:depends("netflix_enable", "1") 69 | 70 | o = s:option(Flag, "adblock", translate("Enable adblock")) 71 | o.rmempty = false 72 | 73 | o = s:option(Value, "adblock_url", translate("adblock_url")) 74 | o:value("https://raw.githubusercontent.com/neodevpro/neodevhost/master/lite_dnsmasq.conf", translate("NEO DEV HOST Lite")) 75 | o:value("https://raw.githubusercontent.com/neodevpro/neodevhost/master/dnsmasq.conf", translate("NEO DEV HOST Full")) 76 | o:value("https://anti-ad.net/anti-ad-for-dnsmasq.conf", translate("anti-AD")) 77 | o.default = "https://raw.githubusercontent.com/neodevpro/neodevhost/master/lite_dnsmasq.conf" 78 | o:depends("adblock", "1") 79 | o.description = translate("Support AdGuardHome and DNSMASQ format list") 80 | 81 | o = s:option(Button, "reset", translate("Reset to defaults")) 82 | o.rawhtml = true 83 | o.template = "shadowsocksr/reset" 84 | 85 | -- [[ SOCKS5 Proxy ]]-- 86 | s = m:section(TypedSection, "socks5_proxy", translate("Global SOCKS5 Proxy Server")) 87 | s.anonymous = true 88 | 89 | o = s:option(ListValue, "server", translate("Server")) 90 | o:value("nil", translate("Disable")) 91 | o:value("same", translate("Same as Global Server")) 92 | for _, key in pairs(key_table) do 93 | o:value(key, server_table[key]) 94 | end 95 | o.default = "nil" 96 | o.rmempty = false 97 | 98 | o = s:option(Value, "local_port", translate("Local Port")) 99 | o.datatype = "port" 100 | o.default = 1080 101 | o.rmempty = false 102 | 103 | return m 104 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua: -------------------------------------------------------------------------------- 1 | -- Copyright (C) 2017 yushi studio github.com/ywb94 2 | -- Copyright (C) 2018 lean github.com/coolsnowwolf 3 | -- Licensed to the public under the GNU General Public License v3. 4 | 5 | local m, s, sec, o 6 | local uci = luci.model.uci.cursor() 7 | 8 | local validation = require "luci.cbi.datatypes" 9 | local function is_finded(e) 10 | return luci.sys.exec('type -t -p "%s"' % e) ~= "" and true or false 11 | end 12 | 13 | m = Map("shadowsocksr", translate("ShadowSocksR Plus+ Settings"), translate("

Support SS/SSR/V2RAY/XRAY/TROJAN/NAIVEPROXY/SOCKS5/TUN etc.

")) 14 | m:section(SimpleSection).template = "shadowsocksr/status" 15 | 16 | local server_table = {} 17 | uci:foreach("shadowsocksr", "servers", function(s) 18 | if s.alias then 19 | server_table[s[".name"]] = "[%s]:%s" % {string.upper(s.v2ray_protocol or s.type), s.alias} 20 | elseif s.server and s.server_port then 21 | server_table[s[".name"]] = "[%s]:%s:%s" % {string.upper(s.v2ray_protocol or s.type), s.server, s.server_port} 22 | end 23 | end) 24 | 25 | local key_table = {} 26 | for key, _ in pairs(server_table) do 27 | table.insert(key_table, key) 28 | end 29 | 30 | table.sort(key_table) 31 | 32 | -- [[ Global Setting ]]-- 33 | s = m:section(TypedSection, "global") 34 | s.anonymous = true 35 | 36 | o = s:option(ListValue, "global_server", translate("Main Server")) 37 | o:value("nil", translate("Disable")) 38 | for _, key in pairs(key_table) do 39 | o:value(key, server_table[key]) 40 | end 41 | o.default = "nil" 42 | o.rmempty = false 43 | 44 | o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server")) 45 | o:value("", translate("Disable")) 46 | o:value("same", translate("Same as Global Server")) 47 | for _, key in pairs(key_table) do 48 | o:value(key, server_table[key]) 49 | end 50 | 51 | if uci:get_first("shadowsocksr", 'global', 'netflix_enable', '0') ~= '0' then 52 | o = s:option(ListValue, "netflix_server", translate("Netflix Node")) 53 | o:value("nil", translate("Disable")) 54 | o:value("same", translate("Same as Global Server")) 55 | for _, key in pairs(key_table) do 56 | o:value(key, server_table[key]) 57 | end 58 | o.default = "nil" 59 | o.rmempty = false 60 | 61 | o = s:option(Flag, "netflix_proxy", translate("External Proxy Mode")) 62 | o.rmempty = false 63 | o.description = translate("Forward Netflix Proxy through Main Proxy") 64 | o.default = "0" 65 | end 66 | 67 | o = s:option(ListValue, "threads", translate("Multi Threads Option")) 68 | o:value("0", translate("Auto Threads")) 69 | o:value("1", translate("1 Thread")) 70 | o:value("2", translate("2 Threads")) 71 | o:value("4", translate("4 Threads")) 72 | o:value("8", translate("8 Threads")) 73 | o:value("16", translate("16 Threads")) 74 | o:value("32", translate("32 Threads")) 75 | o:value("64", translate("64 Threads")) 76 | o:value("128", translate("128 Threads")) 77 | o.default = "0" 78 | o.rmempty = false 79 | 80 | o = s:option(ListValue, "run_mode", translate("Running Mode")) 81 | o:value("gfw", translate("GFW List Mode")) 82 | o:value("router", translate("IP Route Mode")) 83 | o:value("all", translate("Global Mode")) 84 | o:value("oversea", translate("Oversea Mode")) 85 | o.default = gfw 86 | 87 | o = s:option(ListValue, "dports", translate("Proxy Ports")) 88 | o:value("1", translate("All Ports")) 89 | o:value("2", translate("Only Common Ports")) 90 | o.default = 1 91 | 92 | o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode")) 93 | o:value("1", translate("Use DNS2TCP query")) 94 | o:value("2", translate("Use DNS2SOCKS query and cache")) 95 | o:value("0", translate("Use Local DNS Service listen port 5335")) 96 | o.default = 1 97 | 98 | o = s:option(Value, "tunnel_forward", translate("Anti-pollution DNS Server")) 99 | o:value("8.8.4.4:53", translate("Google Public DNS (8.8.4.4)")) 100 | o:value("8.8.8.8:53", translate("Google Public DNS (8.8.8.8)")) 101 | o:value("208.67.222.222:53", translate("OpenDNS (208.67.222.222)")) 102 | o:value("208.67.220.220:53", translate("OpenDNS (208.67.220.220)")) 103 | o:value("209.244.0.3:53", translate("Level 3 Public DNS (209.244.0.3)")) 104 | o:value("209.244.0.4:53", translate("Level 3 Public DNS (209.244.0.4)")) 105 | o:value("4.2.2.1:53", translate("Level 3 Public DNS (4.2.2.1)")) 106 | o:value("4.2.2.2:53", translate("Level 3 Public DNS (4.2.2.2)")) 107 | o:value("4.2.2.3:53", translate("Level 3 Public DNS (4.2.2.3)")) 108 | o:value("4.2.2.4:53", translate("Level 3 Public DNS (4.2.2.4)")) 109 | o:value("1.1.1.1:53", translate("Cloudflare DNS (1.1.1.1)")) 110 | o:value("114.114.114.114:53", translate("Oversea Mode DNS-1 (114.114.114.114)")) 111 | o:value("114.114.115.115:53", translate("Oversea Mode DNS-2 (114.114.115.115)")) 112 | o:depends("pdnsd_enable", "1") 113 | o:depends("pdnsd_enable", "2") 114 | o.description = translate("Custom DNS Server format as IP:PORT (default: 8.8.4.4:53)") 115 | o.datatype = "ip4addrport" 116 | 117 | if is_finded("chinadns-ng") then 118 | o = s:option(Value, "chinadns_forward", translate("Domestic DNS Server")) 119 | o:value("wan", translate("Use DNS from WAN")) 120 | o:value("wan_114", translate("Use DNS from WAN and 114DNS")) 121 | o:value("114.114.114.114:53", translate("Nanjing Xinfeng 114DNS (114.114.114.114)")) 122 | o:value("119.29.29.29:53", translate("DNSPod Public DNS (119.29.29.29)")) 123 | o:value("223.5.5.5:53", translate("AliYun Public DNS (223.5.5.5)")) 124 | o:value("180.76.76.76:53", translate("Baidu Public DNS (180.76.76.76)")) 125 | o:value("101.226.4.6:53", translate("360 Security DNS (China Telecom) (101.226.4.6)")) 126 | o:value("123.125.81.6:53", translate("360 Security DNS (China Unicom) (123.125.81.6)")) 127 | o:value("1.2.4.8:53", translate("CNNIC SDNS (1.2.4.8)")) 128 | o:depends({pdnsd_enable = "1", run_mode = "router"}) 129 | o:depends({pdnsd_enable = "2", run_mode = "router"}) 130 | o.description = translate("Custom DNS Server format as IP:PORT (default: disabled)") 131 | o.validate = function(self, value, section) 132 | if (section and value) then 133 | if value == "wan" or value == "wan_114" then 134 | return value 135 | end 136 | 137 | if validation.ip4addrport(value) then 138 | return value 139 | end 140 | 141 | return nil, translate("Expecting: %s"):format(translate("valid address:port")) 142 | end 143 | 144 | return value 145 | end 146 | end 147 | 148 | return m 149 | 150 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua: -------------------------------------------------------------------------------- 1 | require "luci.ip" 2 | require "nixio.fs" 3 | local m, s, o 4 | 5 | m = Map("shadowsocksr") 6 | 7 | s = m:section(TypedSection, "access_control") 8 | s.anonymous = true 9 | 10 | -- Interface control 11 | s:tab("Interface", translate("Interface control")) 12 | o = s:taboption("Interface", DynamicList, "Interface", translate("Interface")) 13 | o.template = "cbi/network_netlist" 14 | o.widget = "checkbox" 15 | o.nocreate = true 16 | o.unspecified = true 17 | o.description = translate("Listen only on the given interface or, if unspecified, on all") 18 | 19 | -- Part of WAN 20 | s:tab("wan_ac", translate("WAN IP AC")) 21 | 22 | o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("WAN White List IP")) 23 | o.datatype = "ip4addr" 24 | 25 | o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("WAN Force Proxy IP")) 26 | o.datatype = "ip4addr" 27 | 28 | -- Part of LAN 29 | s:tab("lan_ac", translate("LAN IP AC")) 30 | 31 | o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("LAN Access Control")) 32 | o:value("0", translate("Disable")) 33 | o:value("w", translate("Allow listed only")) 34 | o:value("b", translate("Allow all except listed")) 35 | o.rmempty = false 36 | 37 | o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List")) 38 | o.datatype = "ipaddr" 39 | luci.ip.neighbors({family = 4}, function(entry) 40 | if entry.reachable then 41 | o:value(entry.dest:string()) 42 | end 43 | end) 44 | o:depends("lan_ac_mode", "w") 45 | o:depends("lan_ac_mode", "b") 46 | 47 | o = s:taboption("lan_ac", DynamicList, "lan_bp_ips", translate("LAN Bypassed Host List")) 48 | o.datatype = "ipaddr" 49 | luci.ip.neighbors({family = 4}, function(entry) 50 | if entry.reachable then 51 | o:value(entry.dest:string()) 52 | end 53 | end) 54 | 55 | o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List")) 56 | o.datatype = "ipaddr" 57 | luci.ip.neighbors({family = 4}, function(entry) 58 | if entry.reachable then 59 | o:value(entry.dest:string()) 60 | end 61 | end) 62 | 63 | o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List")) 64 | o.datatype = "ipaddr" 65 | luci.ip.neighbors({family = 4}, function(entry) 66 | if entry.reachable then 67 | o:value(entry.dest:string()) 68 | end 69 | end) 70 | 71 | -- Part of Self 72 | -- s:tab("self_ac", translate("Router Self AC")) 73 | -- o = s:taboption("self_ac",ListValue, "router_proxy", translate("Router Self Proxy")) 74 | -- o:value("1", translatef("Normal Proxy")) 75 | -- o:value("0", translatef("Bypassed Proxy")) 76 | -- o:value("2", translatef("Forwarded Proxy")) 77 | -- o.rmempty = false 78 | 79 | s:tab("esc", translate("Bypass Domain List")) 80 | local escconf = "/etc/ssrplus/white.list" 81 | o = s:taboption("esc", TextValue, "escconf") 82 | o.rows = 13 83 | o.wrap = "off" 84 | o.rmempty = true 85 | o.cfgvalue = function(self, section) 86 | return nixio.fs.readfile(escconf) or "" 87 | end 88 | o.write = function(self, section, value) 89 | nixio.fs.writefile(escconf, value:gsub("\r\n", "\n")) 90 | end 91 | o.remove = function(self, section, value) 92 | nixio.fs.writefile(escconf, "") 93 | end 94 | 95 | s:tab("block", translate("Black Domain List")) 96 | local blockconf = "/etc/ssrplus/black.list" 97 | o = s:taboption("block", TextValue, "blockconf") 98 | o.rows = 13 99 | o.wrap = "off" 100 | o.rmempty = true 101 | o.cfgvalue = function(self, section) 102 | return nixio.fs.readfile(blockconf) or " " 103 | end 104 | o.write = function(self, section, value) 105 | nixio.fs.writefile(blockconf, value:gsub("\r\n", "\n")) 106 | end 107 | o.remove = function(self, section, value) 108 | nixio.fs.writefile(blockconf, "") 109 | end 110 | 111 | s:tab("denydomain", translate("Deny Domain List")) 112 | local denydomainconf = "/etc/ssrplus/deny.list" 113 | o = s:taboption("denydomain", TextValue, "denydomainconf") 114 | o.rows = 13 115 | o.wrap = "off" 116 | o.rmempty = true 117 | o.cfgvalue = function(self, section) 118 | return nixio.fs.readfile(denydomainconf) or " " 119 | end 120 | o.write = function(self, section, value) 121 | nixio.fs.writefile(denydomainconf, value:gsub("\r\n", "\n")) 122 | end 123 | o.remove = function(self, section, value) 124 | nixio.fs.writefile(denydomainconf, "") 125 | end 126 | 127 | s:tab("netflix", translate("Netflix Domain List")) 128 | local netflixconf = "/etc/ssrplus/netflix.list" 129 | o = s:taboption("netflix", TextValue, "netflixconf") 130 | o.rows = 13 131 | o.wrap = "off" 132 | o.rmempty = true 133 | o.cfgvalue = function(self, section) 134 | return nixio.fs.readfile(netflixconf) or " " 135 | end 136 | o.write = function(self, section, value) 137 | nixio.fs.writefile(netflixconf, value:gsub("\r\n", "\n")) 138 | end 139 | o.remove = function(self, section, value) 140 | nixio.fs.writefile(netflixconf, "") 141 | end 142 | 143 | return m 144 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua: -------------------------------------------------------------------------------- 1 | require "luci.util" 2 | require "nixio.fs" 3 | f = SimpleForm("logview") 4 | f.reset = false 5 | f.submit = false 6 | t = f:field(TextValue, "conf") 7 | t.rmempty = true 8 | t.rows = 20 9 | function t.cfgvalue() 10 | if nixio.fs.access("/var/log/ssrplus.log") then 11 | local logs = luci.util.execi("cat /var/log/ssrplus.log") 12 | local s = "" 13 | for line in logs do 14 | s = line .. "\n" .. s 15 | end 16 | return s 17 | end 18 | end 19 | t.readonly = "readonly" 20 | return f 21 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua: -------------------------------------------------------------------------------- 1 | -- Copyright (C) 2017 yushi studio 2 | -- Licensed to the public under the GNU General Public License v3. 3 | require "luci.http" 4 | require "luci.dispatcher" 5 | require "nixio.fs" 6 | 7 | local m, s, o 8 | local sid = arg[1] 9 | 10 | local encrypt_methods = { 11 | "rc4-md5", 12 | "rc4-md5-6", 13 | "rc4", 14 | "table", 15 | "aes-128-cfb", 16 | "aes-192-cfb", 17 | "aes-256-cfb", 18 | "aes-128-ctr", 19 | "aes-192-ctr", 20 | "aes-256-ctr", 21 | "bf-cfb", 22 | "camellia-128-cfb", 23 | "camellia-192-cfb", 24 | "camellia-256-cfb", 25 | "cast5-cfb", 26 | "des-cfb", 27 | "idea-cfb", 28 | "rc2-cfb", 29 | "seed-cfb", 30 | "salsa20", 31 | "chacha20", 32 | "chacha20-ietf" 33 | } 34 | 35 | local encrypt_methods_ss = { 36 | -- aead 37 | "aes-128-gcm", 38 | "aes-192-gcm", 39 | "aes-256-gcm", 40 | "chacha20-ietf-poly1305", 41 | "xchacha20-ietf-poly1305", 42 | -- aead 2022 43 | "2022-blake3-aes-128-gcm", 44 | "2022-blake3-aes-256-gcm", 45 | "2022-blake3-chacha20-poly1305" 46 | --[[ stream 47 | "table", 48 | "rc4", 49 | "rc4-md5", 50 | "aes-128-cfb", 51 | "aes-192-cfb", 52 | "aes-256-cfb", 53 | "aes-128-ctr", 54 | "aes-192-ctr", 55 | "aes-256-ctr", 56 | "bf-cfb", 57 | "camellia-128-cfb", 58 | "camellia-192-cfb", 59 | "camellia-256-cfb", 60 | "salsa20", 61 | "chacha20", 62 | "chacha20-ietf" ]] 63 | } 64 | 65 | local protocol = {"origin"} 66 | 67 | obfs = {"plain", "http_simple", "http_post"} 68 | 69 | m = Map("shadowsocksr", translate("Edit ShadowSocksR Server")) 70 | 71 | m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/server") 72 | if m.uci:get("shadowsocksr", sid) ~= "server_config" then 73 | luci.http.redirect(m.redirect) 74 | return 75 | end 76 | 77 | -- [[ Server Setting ]]-- 78 | s = m:section(NamedSection, sid, "server_config") 79 | s.anonymous = true 80 | s.addremove = false 81 | 82 | o = s:option(Flag, "enable", translate("Enable")) 83 | o.default = 1 84 | o.rmempty = false 85 | 86 | o = s:option(ListValue, "type", translate("Server Type")) 87 | o:value("socks5", translate("Socks5")) 88 | if nixio.fs.access("/usr/bin/ssserver") or nixio.fs.access("/usr/bin/ss-server") then 89 | o:value("ss", translate("Shadowsocks")) 90 | end 91 | if nixio.fs.access("/usr/bin/ssr-server") then 92 | o:value("ssr", translate("ShadowsocksR")) 93 | end 94 | o.default = "socks5" 95 | 96 | o = s:option(Value, "server_port", translate("Server Port")) 97 | o.datatype = "port" 98 | math.randomseed(tostring(os.time()):reverse():sub(1, 7)) 99 | o.default = math.random(10240, 20480) 100 | o.rmempty = false 101 | o.description = translate("warning! Please do not reuse the port!") 102 | 103 | o = s:option(Value, "timeout", translate("Connection Timeout")) 104 | o.datatype = "uinteger" 105 | o.default = 60 106 | o.rmempty = false 107 | o:depends("type", "ss") 108 | o:depends("type", "ssr") 109 | 110 | o = s:option(Value, "username", translate("Username")) 111 | o.rmempty = false 112 | o:depends("type", "socks5") 113 | 114 | o = s:option(Value, "password", translate("Password")) 115 | o.password = true 116 | o.rmempty = false 117 | 118 | o = s:option(ListValue, "encrypt_method", translate("Encrypt Method")) 119 | for _, v in ipairs(encrypt_methods) do 120 | o:value(v) 121 | end 122 | o.rmempty = false 123 | o:depends("type", "ssr") 124 | 125 | o = s:option(ListValue, "encrypt_method_ss", translate("Encrypt Method")) 126 | for _, v in ipairs(encrypt_methods_ss) do 127 | o:value(v) 128 | end 129 | o.rmempty = false 130 | o:depends("type", "ss") 131 | 132 | o = s:option(ListValue, "protocol", translate("Protocol")) 133 | for _, v in ipairs(protocol) do 134 | o:value(v) 135 | end 136 | o.rmempty = false 137 | o:depends("type", "ssr") 138 | 139 | o = s:option(ListValue, "obfs", translate("Obfs")) 140 | for _, v in ipairs(obfs) do 141 | o:value(v) 142 | end 143 | o.rmempty = false 144 | o:depends("type", "ssr") 145 | 146 | o = s:option(Value, "obfs_param", translate("Obfs param(optional)")) 147 | o:depends("type", "ssr") 148 | 149 | o = s:option(Flag, "fast_open", translate("TCP Fast Open")) 150 | o.rmempty = false 151 | o:depends("type", "ss") 152 | o:depends("type", "ssr") 153 | 154 | return m 155 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua: -------------------------------------------------------------------------------- 1 | -- Copyright (C) 2017 yushi studio 2 | -- Licensed to the public under the GNU General Public License v3. 3 | require "luci.http" 4 | require "luci.dispatcher" 5 | local m, sec, o 6 | local encrypt_methods = { 7 | "table", 8 | "rc4", 9 | "rc4-md5", 10 | "rc4-md5-6", 11 | "aes-128-cfb", 12 | "aes-192-cfb", 13 | "aes-256-cfb", 14 | "aes-128-ctr", 15 | "aes-192-ctr", 16 | "aes-256-ctr", 17 | "bf-cfb", 18 | "camellia-128-cfb", 19 | "camellia-192-cfb", 20 | "camellia-256-cfb", 21 | "cast5-cfb", 22 | "des-cfb", 23 | "idea-cfb", 24 | "rc2-cfb", 25 | "seed-cfb", 26 | "salsa20", 27 | "chacha20", 28 | "chacha20-ietf" 29 | } 30 | 31 | local encrypt_methods_ss = { 32 | -- aead 33 | "aes-128-gcm", 34 | "aes-192-gcm", 35 | "aes-256-gcm", 36 | "chacha20-ietf-poly1305", 37 | "xchacha20-ietf-poly1305", 38 | -- aead 2022 39 | "2022-blake3-aes-128-gcm", 40 | "2022-blake3-aes-256-gcm", 41 | "2022-blake3-chacha20-poly1305" 42 | --[[ stream 43 | "table", 44 | "rc4", 45 | "rc4-md5", 46 | "aes-128-cfb", 47 | "aes-192-cfb", 48 | "aes-256-cfb", 49 | "aes-128-ctr", 50 | "aes-192-ctr", 51 | "aes-256-ctr", 52 | "bf-cfb", 53 | "camellia-128-cfb", 54 | "camellia-192-cfb", 55 | "camellia-256-cfb", 56 | "salsa20", 57 | "chacha20", 58 | "chacha20-ietf" ]] 59 | } 60 | 61 | local protocol = { 62 | "origin", 63 | "verify_deflate", 64 | "auth_sha1_v4", 65 | "auth_aes128_sha1", 66 | "auth_aes128_md5", 67 | "auth_chain_a" 68 | } 69 | 70 | obfs = { 71 | "plain", 72 | "http_simple", 73 | "http_post", 74 | "random_head", 75 | "tls1.2_ticket_auth", 76 | "tls1.2_ticket_fastauth" 77 | } 78 | 79 | m = Map("shadowsocksr") 80 | -- [[ Global Setting ]]-- 81 | sec = m:section(TypedSection, "server_global", translate("Global Setting")) 82 | sec.anonymous = true 83 | 84 | o = sec:option(Flag, "enable_server", translate("Enable Server")) 85 | o.rmempty = false 86 | 87 | -- [[ Server Setting ]]-- 88 | sec = m:section(TypedSection, "server_config", translate("Server Setting")) 89 | sec.anonymous = true 90 | sec.addremove = true 91 | sec.template = "cbi/tblsection" 92 | sec.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/server/%s") 93 | function sec.create(...) 94 | local sid = TypedSection.create(...) 95 | if sid then 96 | luci.http.redirect(sec.extedit % sid) 97 | return 98 | end 99 | end 100 | 101 | o = sec:option(Flag, "enable", translate("Enable")) 102 | function o.cfgvalue(...) 103 | return Value.cfgvalue(...) or translate("0") 104 | end 105 | o.rmempty = false 106 | 107 | o = sec:option(DummyValue, "type", translate("Server Type")) 108 | function o.cfgvalue(...) 109 | return Value.cfgvalue(...) or "ss" 110 | end 111 | 112 | o = sec:option(DummyValue, "server_port", translate("Server Port")) 113 | function o.cfgvalue(...) 114 | return Value.cfgvalue(...) or "-" 115 | end 116 | 117 | o = sec:option(DummyValue, "username", translate("Username")) 118 | function o.cfgvalue(...) 119 | return Value.cfgvalue(...) or "-" 120 | end 121 | 122 | o = sec:option(DummyValue, "encrypt_method", translate("Encrypt Method")) 123 | function o.cfgvalue(...) 124 | local v = Value.cfgvalue(...) 125 | return v and v:upper() or "-" 126 | end 127 | 128 | o = sec:option(DummyValue, "encrypt_method_ss", translate("Encrypt Method")) 129 | function o.cfgvalue(...) 130 | local v = Value.cfgvalue(...) 131 | return v and v:upper() or "-" 132 | end 133 | 134 | o = sec:option(DummyValue, "protocol", translate("Protocol")) 135 | function o.cfgvalue(...) 136 | return Value.cfgvalue(...) or "-" 137 | end 138 | 139 | o = sec:option(DummyValue, "obfs", translate("Obfs")) 140 | function o.cfgvalue(...) 141 | return Value.cfgvalue(...) or "-" 142 | end 143 | 144 | return m 145 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua: -------------------------------------------------------------------------------- 1 | -- Licensed to the public under the GNU General Public License v3. 2 | require "luci.http" 3 | require "luci.dispatcher" 4 | require "luci.model.uci" 5 | local m, s, o 6 | local uci = luci.model.uci.cursor() 7 | local server_count = 0 8 | uci:foreach("shadowsocksr", "servers", function(s) 9 | server_count = server_count + 1 10 | end) 11 | 12 | m = Map("shadowsocksr", translate("Servers subscription and manage")) 13 | 14 | -- Server Subscribe 15 | s = m:section(TypedSection, "server_subscribe") 16 | s.anonymous = true 17 | 18 | o = s:option(Flag, "auto_update", translate("Auto Update")) 19 | o.rmempty = false 20 | o.description = translate("Auto Update Server subscription, GFW list and CHN route") 21 | 22 | o = s:option(ListValue, "auto_update_time", translate("Update time (every day)")) 23 | for t = 0, 23 do 24 | o:value(t, t .. ":00") 25 | end 26 | o.default = 2 27 | o.rmempty = false 28 | 29 | o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL")) 30 | o.rmempty = true 31 | 32 | o = s:option(Value, "filter_words", translate("Subscribe Filter Words")) 33 | o.rmempty = true 34 | o.description = translate("Filter Words splited by /") 35 | 36 | o = s:option(Value, "save_words", translate("Subscribe Save Words")) 37 | o.rmempty = true 38 | o.description = translate("Save Words splited by /") 39 | 40 | o = s:option(Button, "update_Sub", translate("Update Subscribe List")) 41 | o.inputstyle = "reload" 42 | o.description = translate("Update subscribe url list first") 43 | o.write = function() 44 | uci:commit("shadowsocksr") 45 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) 46 | end 47 | 48 | o = s:option(Flag, "switch", translate("Subscribe Default Auto-Switch")) 49 | o.rmempty = false 50 | o.description = translate("Subscribe new add server default Auto-Switch on") 51 | o.default = "1" 52 | 53 | o = s:option(Flag, "proxy", translate("Through proxy update")) 54 | o.rmempty = false 55 | o.description = translate("Through proxy update list, Not Recommended ") 56 | 57 | o = s:option(Button, "subscribe", translate("Update All Subscribe Servers")) 58 | o.rawhtml = true 59 | o.template = "shadowsocksr/subscribe" 60 | 61 | o = s:option(Button, "delete", translate("Delete All Subscribe Servers")) 62 | o.inputstyle = "reset" 63 | o.description = string.format(translate("Server Count") .. ": %d", server_count) 64 | o.write = function() 65 | uci:delete_all("shadowsocksr", "servers", function(s) 66 | if s.hashkey or s.isSubscribe then 67 | return true 68 | else 69 | return false 70 | end 71 | end) 72 | uci:save("shadowsocksr") 73 | uci:commit("shadowsocksr") 74 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "delete")) 75 | return 76 | end 77 | 78 | -- [[ Servers Manage ]]-- 79 | s = m:section(TypedSection, "servers") 80 | s.anonymous = true 81 | s.addremove = true 82 | s.template = "cbi/tblsection" 83 | s.sortable = true 84 | s.extedit = luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers", "%s") 85 | function s.create(...) 86 | local sid = TypedSection.create(...) 87 | if sid then 88 | luci.http.redirect(s.extedit % sid) 89 | return 90 | end 91 | end 92 | 93 | o = s:option(DummyValue, "type", translate("Type")) 94 | function o.cfgvalue(self, section) 95 | return m:get(section, "v2ray_protocol") or Value.cfgvalue(self, section) or translate("None") 96 | end 97 | 98 | o = s:option(DummyValue, "alias", translate("Alias")) 99 | function o.cfgvalue(...) 100 | return Value.cfgvalue(...) or translate("None") 101 | end 102 | 103 | o = s:option(DummyValue, "server_port", translate("Server Port")) 104 | function o.cfgvalue(...) 105 | return Value.cfgvalue(...) or "N/A" 106 | end 107 | 108 | o = s:option(DummyValue, "server_port", translate("Socket Connected")) 109 | o.template = "shadowsocksr/socket" 110 | o.width = "10%" 111 | o.render = function(self, section, scope) 112 | self.transport = s:cfgvalue(section).transport 113 | if self.transport == 'ws' then 114 | self.ws_path = s:cfgvalue(section).ws_path 115 | self.tls = s:cfgvalue(section).tls 116 | end 117 | DummyValue.render(self, section, scope) 118 | end 119 | 120 | o = s:option(DummyValue, "server", translate("Ping Latency")) 121 | o.template = "shadowsocksr/ping" 122 | o.width = "10%" 123 | 124 | local global_server = uci:get_first('shadowsocksr', 'global', 'global_server') 125 | 126 | node = s:option(Button, "apply_node", translate("Apply")) 127 | node.inputstyle = "apply" 128 | node.render = function(self, section, scope) 129 | if section == global_server then 130 | self.title = translate("Reapply") 131 | else 132 | self.title = translate("Apply") 133 | end 134 | Button.render(self, section, scope) 135 | end 136 | node.write = function(self, section) 137 | uci:set("shadowsocksr", '@global[0]', 'global_server', section) 138 | uci:save("shadowsocksr") 139 | uci:commit("shadowsocksr") 140 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "restart")) 141 | end 142 | 143 | o = s:option(Flag, "switch_enable", translate("Auto Switch")) 144 | o.rmempty = false 145 | function o.cfgvalue(...) 146 | return Value.cfgvalue(...) or 1 147 | end 148 | 149 | m:append(Template("shadowsocksr/server_list")) 150 | 151 | return m 152 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua: -------------------------------------------------------------------------------- 1 | -- Copyright (C) 2017 yushi studio 2 | -- Licensed to the public under the GNU General Public License v3. 3 | require "nixio.fs" 4 | require "luci.sys" 5 | require "luci.model.uci" 6 | local m, s, o 7 | local redir_run = 0 8 | local reudp_run = 0 9 | local sock5_run = 0 10 | local server_run = 0 11 | local kcptun_run = 0 12 | local tunnel_run = 0 13 | local gfw_count = 0 14 | local ad_count = 0 15 | local ip_count = 0 16 | local nfip_count = 0 17 | local Process_list = luci.sys.exec("busybox ps -w") 18 | local uci = luci.model.uci.cursor() 19 | -- html constants 20 | font_blue = [[]] 21 | style_blue = [[]] 22 | font_off = [[]] 23 | bold_on = [[]] 24 | bold_off = [[]] 25 | local kcptun_version = translate("Unknown") 26 | local kcp_file = "/usr/bin/kcptun-client" 27 | if not nixio.fs.access(kcp_file) then 28 | kcptun_version = translate("Not exist") 29 | else 30 | if not nixio.fs.access(kcp_file, "rwx", "rx", "rx") then 31 | nixio.fs.chmod(kcp_file, 755) 32 | end 33 | kcptun_version = "" ..luci.sys.exec(kcp_file .. " -v | awk '{printf $3}'") .. "" 34 | if not kcptun_version or kcptun_version == "" then 35 | kcptun_version = translate("Unknown") 36 | end 37 | end 38 | 39 | if nixio.fs.access("/etc/ssrplus/gfw_list.conf") then 40 | gfw_count = tonumber(luci.sys.exec("cat /etc/ssrplus/gfw_list.conf | wc -l")) / 2 41 | end 42 | 43 | if nixio.fs.access("/etc/ssrplus/ad.conf") then 44 | ad_count = tonumber(luci.sys.exec("cat /etc/ssrplus/ad.conf | wc -l")) 45 | end 46 | 47 | if nixio.fs.access("/etc/ssrplus/china_ssr.txt") then 48 | ip_count = tonumber(luci.sys.exec("cat /etc/ssrplus/china_ssr.txt | wc -l")) 49 | end 50 | 51 | if nixio.fs.access("/etc/ssrplus/netflixip.list") then 52 | nfip_count = tonumber(luci.sys.exec("cat /etc/ssrplus/netflixip.list | wc -l")) 53 | end 54 | 55 | if Process_list:find("udp.only.ssr.reudp") then 56 | reudp_run = 1 57 | end 58 | 59 | if Process_list:find("tcp.only.ssr.retcp") then 60 | redir_run = 1 61 | end 62 | 63 | if Process_list:find("tcp.udp.ssr.local") then 64 | sock5_run = 1 65 | end 66 | 67 | if Process_list:find("tcp.udp.ssr.retcp") then 68 | redir_run = 1 69 | reudp_run = 1 70 | end 71 | 72 | if Process_list:find("local.ssr.retcp") then 73 | redir_run = 1 74 | sock5_run = 1 75 | end 76 | 77 | if Process_list:find("local.udp.ssr.retcp") then 78 | reudp_run = 1 79 | redir_run = 1 80 | sock5_run = 1 81 | end 82 | 83 | if Process_list:find("kcptun.client") then 84 | kcptun_run = 1 85 | end 86 | 87 | if Process_list:find("ssr.server") then 88 | server_run = 1 89 | end 90 | 91 | if Process_list:find("ssrplus/bin/dns2tcp") or (Process_list:find("ssrplus.dns") and Process_list:find("dns2socks.127.0.0.1.*127.0.0.1.5335")) then 92 | pdnsd_run = 1 93 | end 94 | 95 | m = SimpleForm("Version") 96 | m.reset = false 97 | m.submit = false 98 | 99 | s = m:field(DummyValue, "redir_run", translate("Global Client")) 100 | s.rawhtml = true 101 | if redir_run == 1 then 102 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 103 | else 104 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 105 | end 106 | 107 | s = m:field(DummyValue, "reudp_run", translate("Game Mode UDP Relay")) 108 | s.rawhtml = true 109 | if reudp_run == 1 then 110 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 111 | else 112 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 113 | end 114 | 115 | if uci:get_first("shadowsocksr", 'global', 'pdnsd_enable', '0') ~= '0' then 116 | s = m:field(DummyValue, "pdnsd_run", translate("DNS Anti-pollution")) 117 | s.rawhtml = true 118 | if pdnsd_run == 1 then 119 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 120 | else 121 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 122 | end 123 | end 124 | 125 | s = m:field(DummyValue, "sock5_run", translate("Global SOCKS5 Proxy Server")) 126 | s.rawhtml = true 127 | if sock5_run == 1 then 128 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 129 | else 130 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 131 | end 132 | 133 | s = m:field(DummyValue, "server_run", translate("Local Servers")) 134 | s.rawhtml = true 135 | if server_run == 1 then 136 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 137 | else 138 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 139 | end 140 | 141 | if nixio.fs.access("/usr/bin/kcptun-client") then 142 | s = m:field(DummyValue, "kcp_version", translate("KcpTun Version")) 143 | s.rawhtml = true 144 | s.value = kcptun_version 145 | s = m:field(DummyValue, "kcptun_run", translate("KcpTun")) 146 | s.rawhtml = true 147 | if kcptun_run == 1 then 148 | s.value = font_blue .. bold_on .. translate("Running") .. bold_off .. font_off 149 | else 150 | s.value = style_blue .. bold_on .. translate("Not Running") .. bold_off .. font_off 151 | end 152 | end 153 | 154 | s = m:field(DummyValue, "google", translate("Google Connectivity")) 155 | s.value = translate("No Check") 156 | s.template = "shadowsocksr/check" 157 | 158 | s = m:field(DummyValue, "baidu", translate("Baidu Connectivity")) 159 | s.value = translate("No Check") 160 | s.template = "shadowsocksr/check" 161 | 162 | s = m:field(DummyValue, "gfw_data", translate("GFW List Data")) 163 | s.rawhtml = true 164 | s.template = "shadowsocksr/refresh" 165 | s.value = gfw_count .. " " .. translate("Records") 166 | 167 | s = m:field(DummyValue, "ip_data", translate("China IP Data")) 168 | s.rawhtml = true 169 | s.template = "shadowsocksr/refresh" 170 | s.value = ip_count .. " " .. translate("Records") 171 | 172 | if uci:get_first("shadowsocksr", 'global', 'netflix_enable', '0') ~= '0' then 173 | s = m:field(DummyValue, "nfip_data", translate("Netflix IP Data")) 174 | s.rawhtml = true 175 | s.template = "shadowsocksr/refresh" 176 | s.value = nfip_count .. " " .. translate("Records") 177 | end 178 | 179 | if uci:get_first("shadowsocksr", 'global', 'adblock', '0') == '1' then 180 | s = m:field(DummyValue, "ad_data", translate("Advertising Data")) 181 | s.rawhtml = true 182 | s.template = "shadowsocksr/refresh" 183 | s.value = ad_count .. " " .. translate("Records") 184 | end 185 | 186 | s = m:field(DummyValue, "check_port", translate("Check Server Port")) 187 | s.template = "shadowsocksr/checkport" 188 | s.value = translate("No Check") 189 | 190 | return m 191 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 3 | 4 | <%+cbi/valuefooter%> 5 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 27 | 28 | <%=self.value%> 29 | <%+cbi/valuefooter%> 30 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 23 | 24 | <%=self.value%> 25 | <%+cbi/valuefooter%> 26 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/ping.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | -- ms 3 | <%+cbi/valuefooter%> 4 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 35 | 36 | <%=self.value%> 37 | <%+cbi/valuefooter%> 38 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/reset.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 23 | 24 | 25 | <%+cbi/valuefooter%> 26 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm: -------------------------------------------------------------------------------- 1 | <%# 2 | Copyright 2018-2019 Lienol 3 | Licensed to the public under the Apache License 2.0. 4 | -%> 5 | 146 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/socket.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | wait 3 | 4 | 5 | 6 | <%+cbi/valuefooter%> 7 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm: -------------------------------------------------------------------------------- 1 | 17 | 18 |
19 |

20 | <%:Collecting data...%> 21 |

22 |
23 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/luasrc/view/shadowsocksr/subscribe.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 16 | 17 | 18 | <%+cbi/valuefooter%> 19 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/po/zh_Hans: -------------------------------------------------------------------------------- 1 | zh-cn -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/config/shadowsocksr: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Mattraks/helloworld/ab830a2146efe6f00d12ef7ee547aeb0eff72294/luci-app-ssr-plus/root/etc/config/shadowsocksr -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/ad.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Mattraks/helloworld/ab830a2146efe6f00d12ef7ee547aeb0eff72294/luci-app-ssr-plus/root/etc/ssrplus/ad.conf -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/black.list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Mattraks/helloworld/ab830a2146efe6f00d12ef7ee547aeb0eff72294/luci-app-ssr-plus/root/etc/ssrplus/black.list -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/deny.list: -------------------------------------------------------------------------------- 1 | gvod.aiseejapp.atianqi.com 2 | stat.pandora.xiaomi.com 3 | upgrade.mishop.pandora.xiaomi.com 4 | logonext.tv.kuyun.com 5 | config.kuyun.com 6 | mishop.pandora.xiaomi.com 7 | dvb.pandora.xiaomi.com 8 | api.ad.xiaomi.com 9 | de.pandora.xiaomi.com 10 | data.mistat.xiaomi.com 11 | jellyfish.pandora.xiaomi.com 12 | gallery.pandora.xiaomi.com 13 | o2o.api.xiaomi.com 14 | bss.pandora.xiaomi.com -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/gfw_base.conf: -------------------------------------------------------------------------------- 1 | ipset=/91smartyun.pt/gfwlist 2 | ipset=/adobe.com/gfwlist 3 | ipset=/amazonaws.com/gfwlist 4 | ipset=/ampproject.org/gfwlist 5 | ipset=/apple.news/gfwlist 6 | ipset=/aws.amazon.com/gfwlist 7 | ipset=/azureedge.net/gfwlist 8 | ipset=/backpackers.com.tw/gfwlist 9 | ipset=/bitfinex.com/gfwlist 10 | ipset=/buzzfeed.com/gfwlist 11 | ipset=/clockwise.ee/gfwlist 12 | ipset=/cloudfront.net/gfwlist 13 | ipset=/coindesk.com/gfwlist 14 | ipset=/coinsquare.io/gfwlist 15 | ipset=/cryptocompare.com/gfwlist 16 | ipset=/dropboxstatic.com/gfwlist 17 | ipset=/eurecom.fr/gfwlist 18 | ipset=/gdax.com/gfwlist 19 | ipset=/github.com/gfwlist 20 | ipset=/kknews.cc/gfwlist 21 | ipset=/nutaq.com/gfwlist 22 | ipset=/openairinterface.org/gfwlist 23 | ipset=/skype.com/gfwlist 24 | ipset=/sublimetext.com/gfwlist 25 | ipset=/textnow.com/gfwlist 26 | ipset=/textnow.me/gfwlist 27 | ipset=/trouter.io/gfwlist 28 | ipset=/t66y.com/gfwlist 29 | ipset=/uploaded.net/gfwlist 30 | ipset=/whatsapp.com/gfwlist 31 | ipset=/whatsapp.net/gfwlist 32 | ipset=/wsj.net/gfwlist 33 | ipset=/google.com/gfwlist 34 | ipset=/google.com.hk/gfwlist 35 | ipset=/gstatic.com/gfwlist 36 | ipset=/googleusercontent.com/gfwlist 37 | ipset=/googlepages.com/gfwlist 38 | ipset=/googlevideo.com/gfwlist 39 | ipset=/googlecode.com/gfwlist 40 | ipset=/googleapis.com/gfwlist 41 | ipset=/googlesource.com/gfwlist 42 | ipset=/googledrive.com/gfwlist 43 | ipset=/ggpht.com/gfwlist 44 | ipset=/youtube.com/gfwlist 45 | ipset=/youtu.be/gfwlist 46 | ipset=/ytimg.com/gfwlist 47 | ipset=/twitter.com/gfwlist 48 | ipset=/facebook.com/gfwlist 49 | ipset=/fastly.net/gfwlist 50 | ipset=/akamai.net/gfwlist 51 | ipset=/akamaiedge.net/gfwlist 52 | ipset=/akamaihd.net/gfwlist 53 | ipset=/edgesuite.net/gfwlist 54 | ipset=/edgekey.net/gfwlist 55 | server=/91smartyun.pt/127.0.0.1#5335 56 | server=/adobe.com/127.0.0.1#5335 57 | server=/amazonaws.com/127.0.0.1#5335 58 | server=/ampproject.org/127.0.0.1#5335 59 | server=/apple.news/127.0.0.1#5335 60 | server=/aws.amazon.com/127.0.0.1#5335 61 | server=/azureedge.net/127.0.0.1#5335 62 | server=/backpackers.com.tw/127.0.0.1#5335 63 | server=/bitfinex.com/127.0.0.1#5335 64 | server=/buzzfeed.com/127.0.0.1#5335 65 | server=/clockwise.ee/127.0.0.1#5335 66 | server=/cloudfront.net/127.0.0.1#5335 67 | server=/coindesk.com/127.0.0.1#5335 68 | server=/coinsquare.io/127.0.0.1#5335 69 | server=/cryptocompare.com/127.0.0.1#5335 70 | server=/dropboxstatic.com/127.0.0.1#5335 71 | server=/eurecom.fr/127.0.0.1#5335 72 | server=/gdax.com/127.0.0.1#5335 73 | server=/github.com/127.0.0.1#5335 74 | server=/kknews.cc/127.0.0.1#5335 75 | server=/nutaq.com/127.0.0.1#5335 76 | server=/openairinterface.org/127.0.0.1#5335 77 | server=/skype.com/127.0.0.1#5335 78 | server=/sublimetext.com/127.0.0.1#5335 79 | server=/textnow.com/127.0.0.1#5335 80 | server=/textnow.me/127.0.0.1#5335 81 | server=/trouter.io/127.0.0.1#5335 82 | server=/t66y.com/127.0.0.1#5335 83 | server=/uploaded.net/127.0.0.1#5335 84 | server=/whatsapp.com/127.0.0.1#5335 85 | server=/whatsapp.net/127.0.0.1#5335 86 | server=/wsj.net/127.0.0.1#5335 87 | server=/google.com/127.0.0.1#5335 88 | server=/google.com.hk/127.0.0.1#5335 89 | server=/gstatic.com/127.0.0.1#5335 90 | server=/googleusercontent.com/127.0.0.1#5335 91 | server=/googlepages.com/127.0.0.1#5335 92 | server=/googlevideo.com/127.0.0.1#5335 93 | server=/googlecode.com/127.0.0.1#5335 94 | server=/googleapis.com/127.0.0.1#5335 95 | server=/googlesource.com/127.0.0.1#5335 96 | server=/googledrive.com/127.0.0.1#5335 97 | server=/ggpht.com/127.0.0.1#5335 98 | server=/youtube.com/127.0.0.1#5335 99 | server=/youtu.be/127.0.0.1#5335 100 | server=/ytimg.com/127.0.0.1#5335 101 | server=/twitter.com/127.0.0.1#5335 102 | server=/facebook.com/127.0.0.1#5335 103 | server=/fastly.net/127.0.0.1#5335 104 | server=/akamai.net/127.0.0.1#5335 105 | server=/akamaiedge.net/127.0.0.1#5335 106 | server=/akamaihd.net/127.0.0.1#5335 107 | server=/edgesuite.net/127.0.0.1#5335 108 | server=/edgekey.net/127.0.0.1#5335 109 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/netflix.list: -------------------------------------------------------------------------------- 1 | amazonaws.com 2 | aws.amazon.com 3 | awsstatic.com 4 | fast.com 5 | netflix.com 6 | netflix.net 7 | nflxext.com 8 | nflximg.net 9 | nflxso.net 10 | nflxvideo.net 11 | netflixdnstest0.com 12 | netflixdnstest1.com 13 | netflixdnstest2.com 14 | netflixdnstest3.com 15 | netflixdnstest4.com 16 | netflixdnstest5.com 17 | netflixdnstest6.com 18 | netflixdnstest7.com 19 | netflixdnstest8.com 20 | netflixdnstest9.com 21 | hulu.com 22 | huluim.com 23 | hbonow.com 24 | hbogo.com 25 | hbo.com 26 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/netflixip.list: -------------------------------------------------------------------------------- 1 | 8.41.4.0/24 2 | 23.23.189.144/28 3 | 23.246.0.0/18 4 | 34.195.253.0/25 5 | 34.210.42.111/32 6 | 37.77.184.0/21 7 | 38.72.126.0/24 8 | 45.57.0.0/17 9 | 52.24.178.0/24 10 | 52.35.140.0/24 11 | 52.89.124.203/32 12 | 54.148.37.5/32 13 | 54.204.25.0/28 14 | 54.213.167.0/24 15 | 64.120.128.0/17 16 | 66.197.128.0/17 17 | 69.53.224.0/19 18 | 103.87.204.0/22 19 | 108.175.32.0/20 20 | 185.2.220.0/22 21 | 185.9.188.0/22 22 | 192.173.64.0/18 23 | 198.38.96.0/19 24 | 198.45.48.0/20 25 | 203.75.84.0/24 26 | 203.198.13.0/24 27 | 203.198.80.0/24 28 | 207.45.72.0/22 29 | 208.75.76.0/22 30 | 210.0.153.0/24 31 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/ssrplus/white.list: -------------------------------------------------------------------------------- 1 | bilibili.com 2 | bilibili.cn 3 | bilivideo.com 4 | bilivideo.cn 5 | biliapi.com 6 | biliapi.net 7 | apple.com -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | uci -q batch <<-EOF >/dev/null 4 | delete ucitrack.@shadowsocksr[-1] 5 | add ucitrack shadowsocksr 6 | set ucitrack.@shadowsocksr[-1].init=shadowsocksr 7 | commit ucitrack 8 | 9 | delete firewall.shadowsocksr 10 | set firewall.shadowsocksr=include 11 | set firewall.shadowsocksr.type=script 12 | set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include 13 | set firewall.shadowsocksr.reload=1 14 | commit firewall 15 | EOF 16 | 17 | rm -rf /etc/config/shadowsocksr-opkg /etc/ssrplus/*opkg 18 | touch /etc/ssrplus/china_ssr.txt 19 | touch /etc/ssrplus/deny.list 20 | touch /etc/ssrplus/white.list 21 | touch /etc/ssrplus/black.list 22 | touch /etc/ssrplus/netflix.list 23 | touch /etc/ssrplus/netflixip.list 24 | touch /etc/ssrplus/gfw_base.conf 25 | touch /etc/ssrplus/gfw_list.conf 26 | touch /etc/ssrplus/oversea_list.conf 27 | touch /etc/ssrplus/ad.conf 28 | touch /etc/config/shadowsocksr 29 | [ -s "/etc/config/shadowsocksr" ] || /etc/init.d/shadowsocksr reset 30 | 31 | sed -i "s/option pdnsd_enable '3'/option pdnsd_enable '1'/g" /etc/config/shadowsocksr 32 | sed -i "s/option type 'vmess'/option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr 33 | sed -i "s/option type 'vless'/option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr 34 | sed -i "s/option encrypt_method_v2ray_ss/option encrypt_method_ss/g" /etc/config/shadowsocksr 35 | sed -i "s/option xtls/option tls/g" /etc/config/shadowsocksr 36 | sed -i "/option vless_flow/d" /etc/config/shadowsocksr 37 | sed -i "/option fingerprint 'disable'/d" /etc/config/shadowsocksr 38 | 39 | if [ -s "/etc/uwsgi/vassals/luci-webui.ini" ];then 40 | limit=$(cat /etc/uwsgi/vassals/luci-webui.ini | grep -Eo "limit-as.*"|grep -Eo "[0-9]+") 41 | [ $limit -lt 5000 ] && sed -i '/limit-as/c\limit-as = 5000' /etc/uwsgi/vassals/luci-webui.ini && \ 42 | /etc/init.d/uwsgi restart 43 | fi 44 | 45 | rm -rf /tmp/luci-modulecache /tmp/luci-indexcache 46 | exit 0 47 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/bin/ssr-monitor: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Copyright (C) 2017 openwrt-ssr 4 | # Copyright (C) 2017 yushi studio 5 | # 6 | # This is free software, licensed under the GNU General Public License v3. 7 | # See /LICENSE for more information. 8 | # 9 | . $IPKG_INSTROOT/etc/init.d/shadowsocksr 10 | LOCK_FILE="/var/lock/ssr-monitor.lock" 11 | [ -f "$LOCK_FILE" ] && exit 2 12 | touch "$LOCK_FILE" 13 | server_process_count=$1 14 | redir_tcp_process=$2 15 | redir_udp_process=$3 16 | kcp_process=$4 17 | local_process=$5 18 | pdnsd_process=$6 19 | if [ -z "$pdnsd_process" ]; then 20 | pdnsd_process=0 21 | fi 22 | i=0 23 | GLOBAL_SERVER=$(uci_get_by_type global global_server) 24 | server=$(uci_get_by_name $GLOBAL_SERVER server) 25 | kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) 26 | server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) 27 | password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) 28 | kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) 29 | [ "$password" != "" ] && password="--key "${password} 30 | 31 | while [ "1" == "1" ]; do #死循环 32 | sleep 000030s 33 | #redir tcp 34 | if [ "$redir_tcp_process" -gt 0 ]; then 35 | icount=$(busybox ps -w | grep ssr-retcp | grep -v grep | wc -l) 36 | if [ "$icount" == 0 ]; then 37 | logger -t "$NAME" "ssrplus redir tcp error.restart!" 38 | echolog "ssrplus redir tcp error.restart!" 39 | /etc/init.d/shadowsocksr restart 40 | exit 0 41 | fi 42 | fi 43 | #redir udp 44 | if [ "$redir_udp_process" -gt 0 ]; then 45 | icount=$(busybox ps -w | grep ssr-reudp | grep -v grep | wc -l) 46 | if [ "$icount" == 0 ]; then 47 | logger -t "$NAME" "ssrplus redir udp error.restart!" 48 | echolog "ssrplus redir udp error.restart!" 49 | /etc/init.d/shadowsocksr restart 50 | exit 0 51 | fi 52 | fi 53 | #server 54 | if [ "$server_process_count" -gt 0 ]; then 55 | icount=$(busybox ps -w | grep ssr-server | grep -v grep | wc -l) 56 | if [ "$icount" -lt "$server_process_count" ]; then #如果进程挂掉就重启它 57 | logger -t "$NAME" "ssrplus server error.restart!" 58 | echolog "ssrplus server error.restart!" 59 | kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1 60 | /etc/init.d/shadowsocksr restart 61 | exit 0 62 | fi 63 | fi 64 | #kcptun 65 | if [ "$kcp_process" -gt 0 ]; then 66 | icount=$(busybox ps -w | grep kcptun-client | grep -v grep | wc -l) 67 | if [ "$icount" -lt "$kcp_process" ]; then #如果进程挂掉就重启它 68 | logger -t "$NAME" "ssrplus kcptun error.restart!" 69 | echolog "ssrplus kcptun error.restart!" 70 | killall -q -9 kcptun-client 71 | (/usr/bin/kcptun-client -r $server:$kcp_port -l :$server_port $password $kcp_param &) 72 | fi 73 | fi 74 | #localsocks 75 | if [ "$local_process" -gt 0 ]; then 76 | icount=$(busybox ps -w | grep ssr-local | grep -v grep | wc -l) 77 | if [ "$icount" -lt "$local_process" ]; then #如果进程挂掉就重启它 78 | logger -t "$NAME" "global socks server error.restart!" 79 | echolog "global socks server error.restart!" 80 | kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1 81 | /etc/init.d/shadowsocksr restart 82 | exit 0 83 | fi 84 | fi 85 | #dns2tcp 86 | if [ "$pdnsd_process" -eq 1 ]; then 87 | icount=$(busybox ps -w | grep $TMP_BIN_PATH/dns2tcp | grep -v grep | wc -l) 88 | if [ "$icount" -lt 1 ]; then #如果进程挂掉就重启它 89 | logger -t "$NAME" "dns2tcp tunnel error.restart!" 90 | echolog "dns2tcp tunnel error.restart!" 91 | dnsserver=$(uci_get_by_type global tunnel_forward 8.8.4.4:53) 92 | kill -9 $(busybox ps -w | grep $TMP_BIN_PATH/dns2tcp | grep -v grep | awk '{print $1}') >/dev/null 2>&1 93 | ln_start_bin $(first_type dns2tcp) dns2tcp -L "127.0.0.1#$dns_port" -R "${dnsserver/:/#}" 94 | fi 95 | #dns2socks 96 | elif [ "$pdnsd_process" -eq 2 ]; then 97 | icount=$(busybox ps -w | grep -e ssrplus-dns -e "dns2socks 127.0.0.1 $tmp_dns_port" | grep -v grep | wc -l) 98 | if [ "$icount" -lt 2 ]; then #如果进程挂掉就重启它 99 | logger -t "$NAME" "dns2socks $dnsserver tunnel error.restart!" 100 | echolog "dns2socks $dnsserver tunnel error.restart!" 101 | dnsserver=$(uci_get_by_type global tunnel_forward 8.8.4.4:53) 102 | kill -9 $(busybox ps -w | grep ssrplus-dns | grep -v grep | awk '{print $1}') >/dev/null 2>&1 103 | kill -9 $(busybox ps -w | grep "dns2socks 127.0.0.1 $tmp_dns_port" | grep -v grep | awk '{print $1}') >/dev/null 2>&1 104 | ln_start_bin $(first_type microsocks) microsocks -i 127.0.0.1 -p $tmp_dns_port ssrplus-dns 105 | ln_start_bin $(first_type dns2socks) dns2socks 127.0.0.1:$tmp_dns_port $dnsserver 127.0.0.1:$dns_port -q 106 | fi 107 | fi 108 | #chinadns-ng 109 | if [ "$(uci -q get "dhcp.@dnsmasq[0]._unused_ssrp_changed")" = "1" ]; then 110 | icount=$(busybox ps -w | grep $TMP_BIN_PATH/chinadns-ng | grep -v grep | wc -l) 111 | if [ "$icount" -lt 1 ]; then #如果进程挂掉就重启它 112 | logger -t "$NAME" "chinadns-ng tunnel error.restart!" 113 | echolog "chinadns-ng tunnel error.restart!" 114 | chinadns=$(uci_get_by_type global chinadns_forward) 115 | wandns="$(ifstatus wan | jsonfilter -e '@["dns-server"][0]' || echo "119.29.29.29")" 116 | case "$chinadns" in 117 | "wan") chinadns="$wandns" ;; 118 | ""|"wan_114") chinadns="$wandns,114.114.114.114" ;; 119 | esac 120 | kill -9 $(busybox ps -w | grep $TMP_BIN_PATH/chinadns-ng | grep -v grep | awk '{print $1}') >/dev/null 2>&1 121 | ln_start_bin $(first_type chinadns-ng) chinadns-ng -l $china_dns_port -4 china -p 3 -c ${chinadns/:/#} -t 127.0.0.1#$dns_port -N -f -r 122 | fi 123 | fi 124 | done 125 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/bin/ssr-switch: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # 3 | # Copyright (C) 2017 openwrt-ssr 4 | # Copyright (C) 2017 yushi studio 5 | # 6 | # This is free software, licensed under the GNU General Public License v3. 7 | # See /LICENSE for more information. 8 | # 9 | 10 | . $IPKG_INSTROOT/etc/init.d/shadowsocksr 11 | LOCK_FILE="/var/lock/ssr-switch.lock" 12 | [ -f "$LOCK_FILE" ] && exit 2 13 | touch "$LOCK_FILE" 14 | LOG_FILE=/var/log/ssrplus.log 15 | 16 | cycle_time=60 17 | switch_time=3 18 | normal_flag=0 19 | server_locate=0 20 | server_count=0 21 | ENABLE_SERVER=nil 22 | [ -n "$1" ] && cycle_time=$1 23 | [ -n "$2" ] && switch_time=$2 24 | DEFAULT_SERVER=$(uci_get_by_type global global_server) 25 | CURRENT_SERVER=$DEFAULT_SERVER 26 | 27 | #判断代理是否正常 28 | check_proxy() { 29 | local result=0 30 | local try_count=$(uci_get_by_type global switch_try_count 3) 31 | for i in $(seq 1 $try_count); do 32 | /usr/bin/ssr-check www.google.com 80 $switch_time 1 33 | if [ "$?" == "0" ]; then 34 | # echolog "Check Google Proxy Success, count=$i" 35 | result=0 36 | break 37 | else 38 | # echolog "Check Google Proxy Fail, count=$i" 39 | /usr/bin/ssr-check www.baidu.com 80 $switch_time 1 40 | if [ "$?" == "0" ]; then 41 | result=1 42 | else 43 | result=2 44 | fi 45 | fi 46 | sleep 1 47 | done 48 | return $result 49 | } 50 | 51 | test_proxy() { 52 | local servername=$(uci_get_by_name $1 server) 53 | local serverport=$(uci_get_by_name $1 server_port) 54 | ipset add whitelist $servername 2>/dev/null 55 | tcping -q -c 3 -i 1 -t 2 -p $serverport $servername 56 | if [ "$?" -gt "0" ]; then 57 | ipset del whitelist $servername 2>/dev/null 58 | return 1 59 | fi 60 | /usr/bin/ssr-check $servername $serverport $switch_time 61 | local ret=$? 62 | ipset del whitelist $servername 2>/dev/null 63 | if [ "$ret" == "0" ]; then 64 | return 0 65 | else 66 | return 1 67 | fi 68 | } 69 | 70 | search_proxy() { 71 | let server_count=server_count+1 72 | [ "$normal_flag" == "1" -a "$server_count" -le "$server_locate" ] && return 0 73 | [ "$(uci_get_by_name $1 switch_enable 0)" != "1" ] && return 1 74 | [ $ENABLE_SERVER != nil ] && return 0 75 | [ "$1" == "$CURRENT_SERVER" ] && return 0 76 | local servername=$(uci_get_by_name $1 server) 77 | local serverport=$(uci_get_by_name $1 server_port) 78 | ipset add whitelist $servername 2>/dev/null 79 | /usr/bin/ssr-check $servername $serverport $switch_time 80 | local ret=$? 81 | ipset del whitelist $servername 2>/dev/null 82 | if [ "$ret" == "0" ]; then 83 | server_locate=$server_count 84 | ENABLE_SERVER=$1 85 | return 0 86 | else 87 | return 1 88 | fi 89 | } 90 | 91 | #选择可用的代理 92 | select_proxy() { 93 | config_load $NAME 94 | ENABLE_SERVER=nil 95 | mkdir -p /var/run /var/etc 96 | server_count=0 97 | config_foreach search_proxy servers 98 | } 99 | 100 | #切换代理 101 | switch_proxy() { 102 | /etc/init.d/shadowsocksr restart $1 103 | return 0 104 | } 105 | 106 | start() { 107 | #不支持kcptun启用时的切换 108 | [ $(uci_get_by_name $DEFAULT_SERVER kcp_enable) = "1" ] && return 1 109 | while [ "1" == "1" ]; do #死循环 110 | sleep 0000$cycle_time 111 | LOGTIME=$(date "+%Y-%m-%d %H:%M:%S") 112 | #判断当前代理是否为缺省服务器 113 | if [ "$CURRENT_SERVER" != "$DEFAULT_SERVER" ]; then 114 | #echo "not default proxy" 115 | echolog "Current server is not default Main server, try to switch back." 116 | #检查缺省服务器是否正常 117 | if test_proxy $DEFAULT_SERVER; then 118 | #echo "switch to default proxy" 119 | echolog "Main server is avilable." 120 | #缺省服务器正常,切换回来 121 | CURRENT_SERVER=$DEFAULT_SERVER 122 | switch_proxy $CURRENT_SERVER 123 | echolog "switch to default "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" 124 | else 125 | echolog "Main server is NOT avilable.Continue using current server." 126 | fi 127 | fi 128 | #判断当前代理是否正常 129 | #echolog "Start checking if the current server is available." 130 | check_proxy 131 | current_ret=$? 132 | if [ "$current_ret" == "1" ]; then 133 | #当前代理错误,判断有无可用的服务器 134 | #echo "current error" 135 | echolog "Current server error, try to switch another server." 136 | select_proxy 137 | if [ "$ENABLE_SERVER" != nil ]; then 138 | #有其他服务器可用,进行切换 139 | #echo $(uci_get_by_name $new_proxy server) 140 | echolog "Another server is avilable, now switching server." 141 | CURRENT_SERVER=$ENABLE_SERVER 142 | switch_proxy $CURRENT_SERVER 143 | normal_flag=1 144 | echolog "Switch to "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" 145 | else 146 | switch_proxy $CURRENT_SERVER 147 | normal_flag=1 148 | echolog "Try restart current server." 149 | fi 150 | else 151 | normal_flag=0 152 | # echolog "ShadowsocksR No Problem." 153 | fi 154 | done 155 | } 156 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/share/rpcd/acl.d/luci-app-ssr-plus.json: -------------------------------------------------------------------------------- 1 | { 2 | "luci-app-ssr-plus": { 3 | "description": "Grant UCI access for luci-app-ssr-plus", 4 | "read": { 5 | "uci": ["shadowsocksr"] 6 | }, 7 | "write": { 8 | "uci": ["shadowsocksr"] 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -f "$1" ] && china_ip=$1 3 | ipset -! flush china 2>/dev/null 4 | ipset -! -R <<-EOF || exit 1 5 | create china hash:net 6 | $(cat ${china_ip:=/etc/ssrplus/china_ssr.txt} | sed -e "s/^/add china /") 7 | EOF 8 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | argv1=$1 3 | argv2=$2 4 | argv3=$3 5 | argv4=$4 6 | argv5=$5 7 | argv6=$6 8 | argv7=$7 9 | argv8=$8 10 | argv9=$9 11 | cat <<-EOF >$argv1 12 | base { 13 | log_debug = off; 14 | log_info = off; 15 | log = stderr; 16 | daemon = on; 17 | redirector = iptables; 18 | reuseport = on; 19 | } 20 | EOF 21 | tcp() { 22 | if [ "$argv7" == "0" ]; then 23 | cat <<-EOF >>$argv1 24 | redsocks { 25 | bind = "0.0.0.0:$argv4"; 26 | relay = "$argv5:$argv6"; 27 | type = socks5; 28 | autoproxy = 0; 29 | timeout = 10; 30 | } 31 | EOF 32 | else 33 | cat <<-EOF >>$argv1 34 | redsocks { 35 | bind = "0.0.0.0:$argv4"; 36 | relay = "$argv5:$argv6"; 37 | type = socks5; 38 | autoproxy = 0; 39 | timeout = 10; 40 | login = "$argv8"; 41 | password = "$argv9"; 42 | } 43 | EOF 44 | fi 45 | } 46 | udp() { 47 | if [ "$argv7" == "0" ]; then 48 | cat <<-EOF >>$argv1 49 | redudp { 50 | bind = "0.0.0.0:$argv4"; 51 | relay = "$argv5:$argv6"; 52 | type = socks5; 53 | udp_timeout = 10; 54 | } 55 | EOF 56 | else 57 | cat <<-EOF >>$argv1 58 | redudp { 59 | bind = "0.0.0.0:$argv4"; 60 | relay = "$argv5:$argv6"; 61 | type = socks5; 62 | udp_timeout = 10; 63 | login = "$argv8"; 64 | password = "$argv9"; 65 | } 66 | EOF 67 | fi 68 | } 69 | case "$argv2" in 70 | socks5) 71 | case "$argv3" in 72 | tcp) 73 | tcp 74 | ;; 75 | udp) 76 | udp 77 | ;; 78 | *) 79 | tcp 80 | udp 81 | ;; 82 | esac 83 | ;; 84 | *) 85 | cat <<-EOF >>$argv1 86 | redsocks { 87 | bind = "0.0.0.0:$argv4"; 88 | type = direct; 89 | interface = $argv3; 90 | autoproxy = 0; 91 | timeout = 10; 92 | } 93 | EOF 94 | ;; 95 | esac 96 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . $IPKG_INSTROOT/etc/init.d/shadowsocksr 3 | netflix() { 4 | if [ -f "$TMP_DNSMASQ_PATH/gfw_list.conf" ]; then 5 | for line in $(cat /etc/ssrplus/netflix.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_list.conf; done 6 | for line in $(cat /etc/ssrplus/netflix.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_base.conf; done 7 | fi 8 | cat /etc/ssrplus/netflix.list | sed '/^$/d' | sed '/#/d' | sed "/.*/s/.*/server=\/&\/127.0.0.1#$1\nipset=\/&\/netflix/" >$TMP_DNSMASQ_PATH/netflix_forward.conf 9 | } 10 | mkdir -p $TMP_DNSMASQ_PATH 11 | if [ "$(uci_get_by_type global run_mode router)" == "oversea" ]; then 12 | cp -rf /etc/ssrplus/oversea_list.conf $TMP_DNSMASQ_PATH/ 13 | else 14 | cp -rf /etc/ssrplus/gfw_list.conf $TMP_DNSMASQ_PATH/ 15 | cp -rf /etc/ssrplus/gfw_base.conf $TMP_DNSMASQ_PATH/ 16 | fi 17 | case "$(uci_get_by_type global netflix_server nil)" in 18 | nil) 19 | rm -f $TMP_DNSMASQ_PATH/netflix_forward.conf 20 | ;; 21 | $(uci_get_by_type global global_server nil) | $switch_server | same) 22 | netflix $dns_port 23 | ;; 24 | *) 25 | netflix $tmp_shunt_dns_port 26 | ;; 27 | esac 28 | for line in $(cat /etc/ssrplus/black.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_list.conf; done 29 | for line in $(cat /etc/ssrplus/black.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_base.conf; done 30 | for line in $(cat /etc/ssrplus/white.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_list.conf; done 31 | for line in $(cat /etc/ssrplus/white.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_base.conf; done 32 | for line in $(cat /etc/ssrplus/deny.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_list.conf; done 33 | for line in $(cat /etc/ssrplus/deny.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/gfw_base.conf; done 34 | cat /etc/ssrplus/black.list | sed '/^$/d' | sed '/#/d' | sed "/.*/s/.*/server=\/&\/127.0.0.1#$dns_port\nipset=\/&\/blacklist/" >$TMP_DNSMASQ_PATH/blacklist_forward.conf 35 | cat /etc/ssrplus/white.list | sed '/^$/d' | sed '/#/d' | sed "/.*/s/.*/server=\/&\/127.0.0.1\nipset=\/&\/whitelist/" >$TMP_DNSMASQ_PATH/whitelist_forward.conf 36 | cat /etc/ssrplus/deny.list | sed '/^$/d' | sed '/#/d' | sed "/.*/s/.*/address=\/&\//" >$TMP_DNSMASQ_PATH/denylist.conf 37 | if [ "$(uci_get_by_type global adblock 0)" == "1" ]; then 38 | cp -f /etc/ssrplus/ad.conf $TMP_DNSMASQ_PATH/ 39 | if [ -f "$TMP_DNSMASQ_PATH/ad.conf" ]; then 40 | for line in $(cat /etc/ssrplus/black.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/ad.conf; done 41 | for line in $(cat /etc/ssrplus/white.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/ad.conf; done 42 | for line in $(cat /etc/ssrplus/deny.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/ad.conf; done 43 | for line in $(cat /etc/ssrplus/netflix.list); do sed -i "/$line/d" $TMP_DNSMASQ_PATH/ad.conf; done 44 | fi 45 | else 46 | rm -f $TMP_DNSMASQ_PATH/ad.conf 47 | fi 48 | -------------------------------------------------------------------------------- /luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | /usr/bin/lua /usr/share/shadowsocksr/update.lua 3 | sleep 2s 4 | /usr/share/shadowsocksr/chinaipset.sh /var/etc/ssrplus/china_ssr.txt 5 | sleep 2s 6 | /usr/bin/lua /usr/share/shadowsocksr/subscribe.lua 7 | -------------------------------------------------------------------------------- /microsocks/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=microsocks 8 | PKG_VERSION:=1.0.3 9 | PKG_RELEASE:=$(AUTORELEASE) 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/rofl0r/microsocks/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=6801559b6f8e17240ed8eef17a36eea8643412b5a7476980fd4e24b02a021b82 14 | 15 | PKG_LICENSE:=MIT 16 | PKG_LICENSE_FILES:=COPYING 17 | PKG_MAINTAINER:=lean 18 | 19 | PKG_BUILD_PARALLEL:=1 20 | PKG_INSTALL:=1 21 | 22 | include $(INCLUDE_DIR)/package.mk 23 | 24 | define Package/microsocks 25 | SECTION:=net 26 | CATEGORY:=Network 27 | SUBMENU:=Web Servers/Proxies 28 | TITLE:=Tiny, portable SOCKS5 server 29 | URL:=https://github.com/rofl0r/microsocks 30 | DEPENDS:=+libpthread 31 | endef 32 | 33 | define Package/microsocks/description 34 | A SOCKS5 service that you can run on your remote boxes to tunnel connections 35 | through them, if for some reason SSH doesn't cut it for you. 36 | endef 37 | 38 | define Package/microsocks/install 39 | $(INSTALL_DIR) $(1)/usr/bin 40 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/bin/microsocks $(1)/usr/bin/microsocks 41 | endef 42 | 43 | $(eval $(call BuildPackage,microsocks)) 44 | -------------------------------------------------------------------------------- /naiveproxy/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=naiveproxy 8 | PKG_VERSION:=113.0.5672.62-2 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/klzgrad/naiveproxy/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=75db685789d550094343a76fdcbb6ea2bfcb708c3330af621ca532842251fb26 14 | 15 | PKG_LICENSE:=BSD 3-Clause 16 | PKG_LICENSE_FILES:=LICENSE 17 | PKG_MAINTAINER:=Tianling Shen 18 | 19 | PKG_BUILD_DEPENDS:=gn/host 20 | ifneq ($(wildcard $(TOPDIR)/feeds/packages/devel/ninja/ninja.mk),) 21 | PKG_BUILD_DEPENDS+= ninja/host 22 | endif 23 | PKG_BUILD_PARALLEL:=1 24 | PKG_USE_MIPS16:=0 25 | 26 | ifneq ($(CONFIG_CPU_TYPE)," ") 27 | CPU_TYPE:=$(word 1, $(subst +," ,$(CONFIG_CPU_TYPE))) 28 | CPU_SUBTYPE:=$(word 2, $(subst +, ",$(CONFIG_CPU_TYPE))) 29 | ifeq ($(CPU_SUBTYPE),) 30 | CPU_SUBTYPE:="" 31 | endif 32 | else 33 | CPU_TYPE:="" 34 | CPU_SUBTYPE:="" 35 | endif 36 | 37 | include $(INCLUDE_DIR)/package.mk 38 | 39 | define Package/naiveproxy 40 | SECTION:=net 41 | CATEGORY:=Network 42 | SUBMENU:=Web Servers/Proxies 43 | TITLE:=Make a fortune quietly 44 | URL:=https://github.com/klzgrad/naiveproxy 45 | DEPENDS:=@!(arc||armeb||mips||mips64||powerpc||TARGET_gemini) +libatomic 46 | endef 47 | 48 | define Package/naiveproxy/description 49 | NaïveProxy uses Chrome's network stack to camouflage traffic with strong 50 | censorship resistance and low detectability. Reusing Chrome's stack also 51 | ensures best practices in performance and security. 52 | endef 53 | 54 | ifneq ($(CONFIG_CCACHE),) 55 | export CCACHE_SLOPPINESS=time_macros 56 | export CCACHE_BASEDIR=$(PKG_BUILD_DIR)/src 57 | export CCACHE_CPP2=yes 58 | export naive_ccache_flags=cc_wrapper="$(CCACHE)" 59 | endif 60 | 61 | CLANG_VER:=17-init-4759-g547e3456-1 62 | CLANG_FILE:=clang-llvmorg-$(CLANG_VER).tgz 63 | define Download/CLANG 64 | URL:=https://commondatastorage.googleapis.com/chromium-browser-clang/Linux_x64 65 | URL_FILE:=$(CLANG_FILE) 66 | FILE:=$(CLANG_FILE) 67 | HASH:=1949427e0030523dc86bdf4b63dac88228cfe05c57318be2d0b0b290297925f6 68 | endef 69 | 70 | PGO_VER:=5672-1682419203-4df9c2f8b97b0e23303fa2b15279906232abc306 71 | PGO_FILE:=chrome-linux-$(PGO_VER).profdata 72 | define Download/PGO_PROF 73 | URL:=https://storage.googleapis.com/chromium-optimization-profiles/pgo_profiles 74 | URL_FILE:=$(PGO_FILE) 75 | FILE:=$(PGO_FILE) 76 | HASH:=5fae812f617d882222cd5aa5620fb355583391127f608759b030c231b71d4c90 77 | endef 78 | 79 | define Build/Prepare 80 | $(call Build/Prepare/Default) 81 | 82 | ( \ 83 | pushd $(PKG_BUILD_DIR)/src ; \ 84 | mkdir -p "chrome/build/pgo_profiles" ; \ 85 | $(CP) "$(DL_DIR)/$(PGO_FILE)" "chrome/build/pgo_profiles" ; \ 86 | mkdir -p "third_party/llvm-build/Release+Asserts" ; \ 87 | $(TAR) -xzf "$(DL_DIR)/$(CLANG_FILE)" -C "third_party/llvm-build/Release+Asserts" ; \ 88 | echo -e "llvmorg-$(CLANG_VER)" > "third_party/llvm-build/Release+Asserts/cr_build_revision" ; \ 89 | popd ; \ 90 | ) 91 | endef 92 | 93 | define Build/Configure 94 | ( \ 95 | pushd "$(PKG_BUILD_DIR)/src" ; \ 96 | . ../init_env.sh "$(ARCH)" $(CPU_TYPE) $(CPU_SUBTYPE) "$(TOOLCHAIN_DIR)" ; \ 97 | export naive_flags+=" $$$${naive_ccache_flags}" ; \ 98 | mkdir -p "out" ; \ 99 | gn gen "out/Release" --args="$$$${naive_flags}" --script-executable="$(PYTHON)" ; \ 100 | popd ; \ 101 | ) 102 | endef 103 | 104 | define Build/Compile 105 | ninja -C "$(PKG_BUILD_DIR)/src/out/Release" naive 106 | endef 107 | 108 | define Package/naiveproxy/install 109 | $(INSTALL_DIR) $(1)/usr/bin 110 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/out/Release/naive $(1)/usr/bin/naive 111 | endef 112 | 113 | $(eval $(call Download,CLANG)) 114 | $(eval $(call Download,PGO_PROF)) 115 | 116 | $(eval $(call BuildPackage,naiveproxy)) 117 | -------------------------------------------------------------------------------- /naiveproxy/patches/100-macros.patch: -------------------------------------------------------------------------------- 1 | --- a/src/base/allocator/partition_allocator/tagging.cc 2 | +++ b/src/base/allocator/partition_allocator/tagging.cc 3 | @@ -18,22 +18,25 @@ 4 | #define PR_GET_TAGGED_ADDR_CTRL 56 5 | #define PR_TAGGED_ADDR_ENABLE (1UL << 0) 6 | 7 | -#if BUILDFLAG(IS_LINUX) 8 | -#include 9 | - 10 | -// Linux headers already provide these since v5.10. 11 | -#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0) 12 | -#define HAS_PR_MTE_MACROS 13 | -#endif 14 | -#endif 15 | - 16 | -#ifndef HAS_PR_MTE_MACROS 17 | +#ifndef PR_MTE_TCF_SHIFT 18 | #define PR_MTE_TCF_SHIFT 1 19 | +#endif 20 | +#ifndef PR_MTE_TCF_NONE 21 | #define PR_MTE_TCF_NONE (0UL << PR_MTE_TCF_SHIFT) 22 | +#endif 23 | +#ifndef PR_MTE_TCF_SYNC 24 | #define PR_MTE_TCF_SYNC (1UL << PR_MTE_TCF_SHIFT) 25 | +#endif 26 | +#ifndef PR_MTE_TCF_ASYNC 27 | #define PR_MTE_TCF_ASYNC (2UL << PR_MTE_TCF_SHIFT) 28 | +#endif 29 | +#ifndef PR_MTE_TCF_MASK 30 | #define PR_MTE_TCF_MASK (3UL << PR_MTE_TCF_SHIFT) 31 | +#endif 32 | +#ifndef PR_MTE_TAG_SHIFT 33 | #define PR_MTE_TAG_SHIFT 3 34 | +#endif 35 | +#ifndef PR_MTE_TAG_MASK 36 | #define PR_MTE_TAG_MASK (0xffffUL << PR_MTE_TAG_SHIFT) 37 | #endif 38 | #endif 39 | -------------------------------------------------------------------------------- /naiveproxy/src/init_env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # SPDX-License-Identifier: GPL-3.0-only 3 | # 4 | # Copyright (C) 2021 ImmortalWrt.org 5 | # -------------------------------------------------------- 6 | # Init build dependencies for naiveproxy 7 | 8 | # Read args from shell 9 | target_arch="$1" 10 | cpu_type="$2" 11 | cpu_subtype="$3" 12 | toolchain_dir="$4" 13 | 14 | # Set arch info 15 | case "${target_arch}" in 16 | "aarch64") 17 | naive_arch="arm64" 18 | ;; 19 | "i386") 20 | naive_arch="x86" 21 | ;; 22 | "x86_64") 23 | naive_arch="x64" 24 | ;; 25 | *) 26 | naive_arch="${target_arch}" 27 | ;; 28 | esac 29 | 30 | # OS detection 31 | [ "$(uname)" != "Linux" -o "$(uname -m)" != "x86_64" ] && { echo -e "Support Linux AMD64 only."; exit 1; } 32 | 33 | # Create TMP dir 34 | mkdir -p "$PWD/tmp" 35 | export TMPDIR="$PWD/tmp" 36 | 37 | # Set ENV 38 | export DEPOT_TOOLS_WIN_TOOLCHAIN=0 39 | export naive_flags=" 40 | is_official_build=true 41 | exclude_unwind_tables=true 42 | enable_resource_allowlist_generation=false 43 | symbol_level=1 44 | is_clang=true 45 | use_sysroot=false 46 | 47 | fatal_linker_warnings=false 48 | treat_warnings_as_errors=false 49 | 50 | enable_base_tracing=false 51 | use_udev=false 52 | use_aura=false 53 | use_ozone=false 54 | use_gio=false 55 | use_gtk=false 56 | use_platform_icu_alternatives=true 57 | use_glib=false 58 | 59 | disable_file_support=true 60 | enable_websockets=false 61 | use_kerberos=false 62 | enable_mdns=false 63 | enable_reporting=false 64 | include_transport_security_state_preload_list=false 65 | use_nss_certs=false 66 | 67 | target_os=\"openwrt\" 68 | target_cpu=\"${naive_arch}\" 69 | target_sysroot=\"${toolchain_dir}\"" 70 | 71 | case "${target_arch}" in 72 | "arm") 73 | naive_flags+=" arm_version=0 arm_cpu=\"${cpu_type}\"" 74 | case "${cpu_type}" in "arm1176jzf-s"|"arm926ej-s"|"mpcore"|"xscale") naive_flags+=" arm_use_thumb=false" ;; esac 75 | if [ -n "${cpu_subtype}" ]; then 76 | if grep -q "neon" <<< "${cpu_subtype}"; then 77 | neon_flag="arm_use_neon=true" 78 | else 79 | neon_flag="arm_use_neon=false" 80 | fi 81 | naive_flags+=" arm_fpu=\"${cpu_subtype}\" arm_float_abi=\"hard\" ${neon_flag}" 82 | else 83 | naive_flags+=" arm_float_abi=\"soft\" arm_use_neon=false" 84 | fi 85 | ;; 86 | "arm64") 87 | [ -n "${cpu_type}" ] && naive_flags+=" arm_cpu=\"${cpu_type}\"" 88 | ;; 89 | "mipsel"|"mips64el") 90 | naive_flags+=" use_thin_lto=false chrome_pgo_phase=0 mips_arch_variant=\"r2\"" 91 | if [ "${target_arch}" == "mipsel" ]; then 92 | if [ "${cpu_subtype}" == "24kf" ]; then 93 | naive_flags+=" mips_float_abi=\"hard\"" 94 | else 95 | naive_flags+=" mips_float_abi=\"soft\"" 96 | fi 97 | fi 98 | ;; 99 | esac 100 | -------------------------------------------------------------------------------- /redsocks2/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2014 OpenWrt-dist 3 | # 4 | # This is free software, licensed under the GNU General Public License v2. 5 | # See /LICENSE for more information. 6 | # 7 | 8 | include $(TOPDIR)/rules.mk 9 | 10 | 11 | PKG_NAME:=redsocks2 12 | PKG_VERSION:=0.67 13 | PKG_RELEASE:=4 14 | 15 | PKG_SOURCE_PROTO:=git 16 | PKG_SOURCE_URL:=https://github.com/semigodking/redsocks.git 17 | PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) 18 | PKG_SOURCE_VERSION:=d94c245ea47859cda5b4b7373308589206b97bdc 19 | PKG_MIRROR_HASH:=938f859d1b55a91aa5cbcda3ddff1d04ccab292f784b0434060c73acab12c457 20 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz 21 | PKG_MAINTAINER:=semigodking 22 | PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) 23 | 24 | include $(INCLUDE_DIR)/package.mk 25 | 26 | define Package/redsocks2 27 | SECTION:=net 28 | CATEGORY:=Network 29 | SUBMENU:=Web Servers/Proxies 30 | TITLE:=Redirect any TCP connection to a SOCKS or HTTPS proxy server 31 | URL:=https://github.com/semigodking/redsocks 32 | DEPENDS:=+libevent2 +libopenssl 33 | endef 34 | 35 | define Package/redsocks2/description 36 | This is a modified version of original redsocks. \ 37 | The name is changed to be REDSOCKS2 since this release to distinguish with original redsocks. \ 38 | This variant is useful for anti-GFW (Great Fire Wall). 39 | endef 40 | 41 | define Package/redsocks2/conffiles 42 | /etc/config/redsocks2 43 | endef 44 | 45 | define Build/Compile 46 | $(call Build/Compile/Default,DISABLE_SHADOWSOCKS=true) 47 | endef 48 | 49 | define Package/redsocks2/install 50 | $(INSTALL_DIR) $(1)/usr/sbin 51 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/redsocks2 $(1)/usr/sbin 52 | endef 53 | 54 | $(eval $(call BuildPackage,redsocks2)) 55 | -------------------------------------------------------------------------------- /shadowsocks-rust/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-2.0-only 2 | # 3 | # Copyright (C) 2017-2020 Yousong Zhou 4 | # Copyright (C) 2021 ImmortalWrt.org 5 | 6 | include $(TOPDIR)/rules.mk 7 | 8 | PKG_NAME:=shadowsocks-rust 9 | PKG_VERSION:=1.15.4 10 | PKG_RELEASE:=2 11 | 12 | PKG_SOURCE_HEADER:=shadowsocks-v$(PKG_VERSION) 13 | PKG_SOURCE_BODY:=unknown-linux-musl 14 | PKG_SOURCE_FOOTER:=tar.xz 15 | PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-rust/releases/download/v$(PKG_VERSION)/ 16 | 17 | ifeq ($(ARCH),aarch64) 18 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).aarch64-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER) 19 | PKG_HASH:=f03b72bc3924d9578261fff84f72f66c889012f8688f1644b2b7700d37c363b7 20 | else ifeq ($(ARCH),arm) 21 | # Referred to golang/golang-values.mk 22 | ARM_CPU_FEATURES:=$(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE)))) 23 | ifeq ($(ARM_CPU_FEATURES),) 24 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).arm-$(PKG_SOURCE_BODY)eabi.$(PKG_SOURCE_FOOTER) 25 | PKG_HASH:=b0156d446d39b74e4e5c6d7c3ccfd86e8b47947694e757950d448f7e9f9d80f2 26 | else 27 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).arm-$(PKG_SOURCE_BODY)eabihf.$(PKG_SOURCE_FOOTER) 28 | PKG_HASH:=0c6a263912fd421b591de0871e6832e780ba521ed3ceaf6c37990ad53bdb7806 29 | endif 30 | else ifeq ($(ARCH),i386) 31 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).i686-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER) 32 | PKG_HASH:=fc932cb25ba9ab622459c3e6a43c8a5c9a12efcdcec0b748f962b99208835351 33 | else ifeq ($(ARCH),mips) 34 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).mips-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER) 35 | PKG_HASH:=ec78d96dcdb795ce10e44b64c822e797ff796f0fdeede366a5042f110cc61d00 36 | else ifeq ($(ARCH),mipsel) 37 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).mipsel-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER) 38 | PKG_HASH:=b26b693b371fec8ae51da2157d4cf0c20087177322498a7d06d63859183ec8eb 39 | else ifeq ($(ARCH),x86_64) 40 | PKG_SOURCE:=$(PKG_SOURCE_HEADER).x86_64-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER) 41 | PKG_HASH:=712a3ad2bd123e76bbbcd0c0d302c3cb9c7e24160bedc696a2fb088543ba1005 42 | # Set the default value to make OpenWrt Package Checker happy 43 | else 44 | PKG_SOURCE:=dummy 45 | PKG_HASH:=dummy 46 | endif 47 | 48 | PKG_MAINTAINER:=Tianling Shen 49 | PKG_LICENSE:=MIT 50 | PKG_LICENSE_FILES:=LICENSE 51 | 52 | include $(INCLUDE_DIR)/package.mk 53 | 54 | TAR_CMD:=$(HOST_TAR) -C $(PKG_BUILD_DIR) $(TAR_OPTIONS) 55 | 56 | define Package/shadowsocks-rust/Default 57 | define Package/shadowsocks-rust-$(1) 58 | SECTION:=net 59 | CATEGORY:=Network 60 | SUBMENU:=Web Servers/Proxies 61 | TITLE:=shadowsocks-rust $(1) 62 | URL:=https://github.com/shadowsocks/shadowsocks-rust 63 | DEPENDS:=@USE_MUSL @(aarch64||arm||i386||mips||mipsel||x86_64) @!(TARGET_x86_geode||TARGET_x86_legacy) 64 | endef 65 | 66 | define Package/shadowsocks-rust-$(1)/install 67 | $$(INSTALL_DIR) $$(1)/usr/bin 68 | $$(INSTALL_BIN) $$(PKG_BUILD_DIR)/$(1) $$(1)/usr/bin 69 | endef 70 | endef 71 | 72 | SHADOWSOCKS_COMPONENTS:=sslocal ssmanager ssserver ssurl ssservice 73 | define shadowsocks-rust/templates 74 | $(foreach component,$(SHADOWSOCKS_COMPONENTS), 75 | $(call Package/shadowsocks-rust/Default,$(component)) 76 | ) 77 | endef 78 | $(eval $(call shadowsocks-rust/templates)) 79 | 80 | define Build/Compile 81 | endef 82 | 83 | $(foreach component,$(SHADOWSOCKS_COMPONENTS), \ 84 | $(eval $(call BuildPackage,shadowsocks-rust-$(component))) \ 85 | ) 86 | -------------------------------------------------------------------------------- /shadowsocksr-libev/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-2.0-only 2 | # 3 | # Copyright (C) 2017-2020 Yousong Zhou 4 | # Copyright (C) 2018 Lean 5 | # Copyright (C) 2021 ImmortalWrt.org 6 | 7 | include $(TOPDIR)/rules.mk 8 | 9 | PKG_NAME:=shadowsocksr-libev 10 | PKG_VERSION:=2.5.6 11 | PKG_RELEASE:=9 12 | 13 | PKG_SOURCE_PROTO:=git 14 | PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev 15 | PKG_SOURCE_DATE:=2018-03-07 16 | PKG_SOURCE_VERSION:=d63ff863800a5645aca4309d5dd5962bd1e95543 17 | PKG_MIRROR_HASH:=34308ed827a5dd4f4e35619914102d55b00604faa44fda051d1d25fb4a319325 18 | 19 | PKG_LICENSE:=GPL-3.0 20 | PKG_LICENSE_FILES:=LICENSE 21 | 22 | PKG_FIXUP:=autoreconf 23 | PKG_USE_MIPS16:=0 24 | PKG_BUILD_PARALLEL:=1 25 | PKG_INSTALL:=1 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | 29 | define Package/shadowsocksr-libev/Default 30 | define Package/shadowsocksr-libev-ssr-$(1) 31 | SECTION:=net 32 | CATEGORY:=Network 33 | SUBMENU:=Web Servers/Proxies 34 | TITLE:=shadowsocksr-libev ssr-$(1) 35 | URL:=https://github.com/shadowsocksrr/shadowsocksr-libev 36 | DEPENDS:=+libev +libsodium +libopenssl +libpthread +libpcre +libudns +zlib 37 | endef 38 | 39 | define Package/shadowsocksr-libev-ssr-$(1)/install 40 | $$(INSTALL_DIR) $$(1)/usr/bin 41 | $$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/ss-$(1) $$(1)/usr/bin/ssr-$(1) 42 | endef 43 | endef 44 | 45 | SHADOWSOCKSR_COMPONENTS:=check local nat redir server 46 | define shadowsocksr-libev/templates 47 | $(foreach component,$(SHADOWSOCKSR_COMPONENTS), 48 | $(call Package/shadowsocksr-libev/Default,$(component)) 49 | ) 50 | endef 51 | $(eval $(call shadowsocksr-libev/templates)) 52 | 53 | CONFIGURE_ARGS += \ 54 | --disable-documentation \ 55 | --disable-ssp \ 56 | --disable-assert \ 57 | --enable-system-shared-lib 58 | 59 | TARGET_CFLAGS += -flto 60 | TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed 61 | 62 | $(foreach component,$(SHADOWSOCKSR_COMPONENTS), \ 63 | $(eval $(call BuildPackage,shadowsocksr-libev-ssr-$(component))) \ 64 | ) 65 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/0002-Revert-verify_simple-and-auth_simple.patch: -------------------------------------------------------------------------------- 1 | --- a/src/obfs/obfs.c 2 | +++ b/src/obfs/obfs.c 3 | @@ -88,7 +88,7 @@ obfs_class *new_obfs_class(const char *p 4 | plugin->client_decode = tls12_ticket_auth_client_decode; 5 | 6 | return plugin; 7 | - /*} else if (strcmp(plugin_name, "verify_simple") == 0) { 8 | + } else if (strcmp(plugin_name, "verify_simple") == 0) { 9 | obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs_class)); 10 | plugin->init_data = init_data; 11 | plugin->new_obfs = verify_simple_new_obfs; 12 | @@ -115,7 +115,7 @@ obfs_class *new_obfs_class(const char *p 13 | plugin->client_udp_pre_encrypt = NULL; 14 | plugin->client_udp_post_decrypt = NULL; 15 | 16 | - return plugin;*/ 17 | + return plugin; 18 | } else if (strcmp(plugin_name, "auth_sha1") == 0) { 19 | obfs_class *plugin = (obfs_class *) malloc(sizeof(obfs_class)); 20 | plugin->init_data = auth_simple_init_data; 21 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/0003-Refine-Usage.patch: -------------------------------------------------------------------------------- 1 | --- a/src/utils.c 2 | +++ b/src/utils.c 3 | @@ -258,8 +258,6 @@ usage() 4 | { 5 | printf("\n"); 6 | printf("shadowsocks-libev %s with %s\n\n", VERSION, USING_CRYPTO); 7 | - printf( 8 | - " maintained by Max Lv and Linus Yang \n\n"); 9 | printf(" usage:\n\n"); 10 | #ifdef MODULE_LOCAL 11 | printf(" ss-local\n"); 12 | @@ -299,6 +297,25 @@ usage() 13 | " The default cipher is rc4-md5.\n"); 14 | printf("\n"); 15 | printf( 16 | + " -o Obfs of your remote server: plain,\n"); 17 | + printf( 18 | + " http_simple, http_post and tls1.2_ticket_auth.\n"); 19 | + printf( 20 | + " -g Obfs-Param of your remote server.\n"); 21 | + printf( 22 | + " -O Protocol of your remote server: origin,\n"); 23 | + printf( 24 | + " auth_sha1, auth_sha1_v2, auth_sha1_v4,\n"); 25 | + printf( 26 | + " auth_aes128_md5, auth_aes128_sha1,\n"); 27 | + printf( 28 | + " auth_chain_a, auth_chain_b, auth_chain_c,\n"); 29 | + printf( 30 | + " auth_chain_d, auth_chain_e and auth_chain_f.\n"); 31 | + printf( 32 | + " -G Protocol-Param of your remote server.\n"); 33 | + printf("\n"); 34 | + printf( 35 | " [-a ] Run as another user.\n"); 36 | printf( 37 | " [-f ] The file path to store pid.\n"); 38 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/100-fix-gcc-10.patch: -------------------------------------------------------------------------------- 1 | --- a/src/http.h 2 | +++ b/src/http.h 3 | @@ -29,6 +29,6 @@ 4 | #include 5 | #include "protocol.h" 6 | 7 | -const protocol_t *const http_protocol; 8 | +extern const protocol_t *const http_protocol; 9 | 10 | #endif 11 | --- a/src/tls.h 12 | +++ b/src/tls.h 13 | @@ -28,6 +28,6 @@ 14 | 15 | #include "protocol.h" 16 | 17 | -const protocol_t *const tls_protocol; 18 | +extern const protocol_t *const tls_protocol; 19 | 20 | #endif 21 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/101-Fix-Werror-sizeof-pointer-memaccess.patch: -------------------------------------------------------------------------------- 1 | --- a/src/local.c 2 | +++ b/src/local.c 3 | @@ -718,7 +718,7 @@ server_recv_cb(EV_P_ ev_io *w, int reven 4 | 5 | ss_free(hostname); 6 | } else { 7 | - strncpy(host, ip, sizeof(ip)); 8 | + strncpy(host, ip, INET6_ADDRSTRLEN); 9 | } 10 | } 11 | 12 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/102-Read-listening-mode-from-config.patch: -------------------------------------------------------------------------------- 1 | --- a/src/jconf.c 2 | +++ b/src/jconf.c 3 | @@ -259,6 +259,19 @@ read_jconf(const char *file) 4 | conf.server_legacy.obfs = to_string(value); 5 | } else if (strcmp(name, "obfs_param") == 0) { // SSR 6 | conf.server_legacy.obfs_param = to_string(value); 7 | + } else if (strcmp(name, "mode") == 0) { 8 | + char *mode_str = to_string(value); 9 | + 10 | + if (strcmp(mode_str, "tcp_only") == 0) 11 | + conf.mode = TCP_ONLY; 12 | + else if (strcmp(mode_str, "tcp_and_udp") == 0) 13 | + conf.mode = TCP_AND_UDP; 14 | + else if (strcmp(mode_str, "udp_only") == 0) 15 | + conf.mode = UDP_ONLY; 16 | + else 17 | + LOGI("ignore unknown mode: %s, use tcp_only as fallback", 18 | + mode_str); 19 | + ss_free(mode_str); 20 | } else { 21 | match = 0; 22 | } 23 | --- a/src/redir.c 24 | +++ b/src/redir.c 25 | @@ -1252,6 +1252,9 @@ main(int argc, char **argv) 26 | if (user == NULL) { 27 | user = conf->user; 28 | } 29 | + if (mode == TCP_ONLY) { 30 | + mode = conf->mode; 31 | + } 32 | if (mtu == 0) { 33 | mtu = conf->mtu; 34 | } 35 | -------------------------------------------------------------------------------- /shadowsocksr-libev/patches/103-Add-TPROXY-support-for-TCP-ssr-redir.patch: -------------------------------------------------------------------------------- 1 | --- a/completions/bash/ss-redir 2 | +++ b/completions/bash/ss-redir 3 | @@ -2,7 +2,7 @@ _ss_redir() 4 | { 5 | local cur prev opts ciphers 6 | ciphers='rc4-md5 table rc4 aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr bf-cfb camellia-128-cfb camellia-192-cfb camellia-256-cfb cast5-cfb des-cfb idea-cfb rc2-cfb seed-cfb salsa20 chacha20 and chacha20-ietf' 7 | - opts='-s -b -p -k -f -t -m -c -a -n -u -U -v -h -A --mtu --help --mptcp -l' 8 | + opts='-s -b -p -k -f -t -m -c -a -n -u -U -T -v -h -A --mtu --help --mptcp -l' 9 | cur=${COMP_WORDS[COMP_CWORD]} 10 | prev="${COMP_WORDS[COMP_CWORD-1]}" 11 | case "$prev" in 12 | --- a/src/jconf.c 13 | +++ b/src/jconf.c 14 | @@ -338,7 +338,11 @@ read_jconf(const char *file) 15 | check_json_value_type(value, json_boolean, 16 | "invalid config file: option 'ipv6_first' must be a boolean"); 17 | conf.ipv6_first = value->u.boolean; 18 | - } 19 | + } else if (strcmp(name, "tcp_tproxy") == 0) { 20 | + check_json_value_type(value, json_boolean, 21 | + "invalid config file: option 'tcp_tproxy' must be a boolean"); 22 | + conf.tcp_tproxy = value->u.boolean; 23 | + } 24 | } 25 | } 26 | } else { 27 | --- a/src/jconf.h 28 | +++ b/src/jconf.h 29 | @@ -105,6 +105,7 @@ typedef struct { 30 | int mtu; 31 | int mptcp; 32 | int ipv6_first; 33 | + int tcp_tproxy; 34 | } jconf_t; 35 | 36 | jconf_t *read_jconf(const char *file); 37 | --- a/src/redir.c 38 | +++ b/src/redir.c 39 | @@ -71,6 +71,14 @@ 40 | #define IP6T_SO_ORIGINAL_DST 80 41 | #endif 42 | 43 | +#ifndef IP_TRANSPARENT 44 | +#define IP_TRANSPARENT 19 45 | +#endif 46 | + 47 | +#ifndef IPV6_TRANSPARENT 48 | +#define IPV6_TRANSPARENT 75 49 | +#endif 50 | + 51 | #include "includeobfs.h" // I don't want to modify makefile 52 | #include "jconf.h" 53 | 54 | @@ -101,18 +109,28 @@ static struct cork_dllist inactive_profi 55 | static listen_ctx_t *current_profile; 56 | static struct cork_dllist all_connections; 57 | 58 | +static int tcp_tproxy = 0; /* use tproxy instead of redirect (for tcp) */ 59 | + 60 | int 61 | getdestaddr(int fd, struct sockaddr_storage *destaddr) 62 | { 63 | socklen_t socklen = sizeof(*destaddr); 64 | int error = 0; 65 | 66 | - error = getsockopt(fd, SOL_IPV6, IP6T_SO_ORIGINAL_DST, destaddr, &socklen); 67 | - if (error) { // Didn't find a proper way to detect IP version. 68 | - error = getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, destaddr, &socklen); 69 | - if (error) { 70 | - return -1; 71 | - } 72 | + if (tcp_tproxy) { 73 | + error = getsockname(fd, (void *)destaddr, &socklen); 74 | + } else { 75 | + error = getsockopt(fd, SOL_IPV6, IP6T_SO_ORIGINAL_DST, destaddr, &socklen); 76 | + if (error) { // Didn't find a proper way to detect IP version. 77 | + error = getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, destaddr, &socklen); 78 | + if (error) { 79 | + return -1; 80 | + } 81 | + } 82 | + } 83 | + 84 | + if (error) { 85 | + return -1; 86 | } 87 | return 0; 88 | } 89 | @@ -164,6 +182,23 @@ create_and_bind(const char *addr, const 90 | if (err == 0) { 91 | LOGI("tcp port reuse enabled"); 92 | } 93 | + 94 | + if (tcp_tproxy) { 95 | + int level = 0, optname = 0; 96 | + if (rp->ai_family == AF_INET) { 97 | + level = IPPROTO_IP; 98 | + optname = IP_TRANSPARENT; 99 | + } else { 100 | + level = IPPROTO_IPV6; 101 | + optname = IPV6_TRANSPARENT; 102 | + } 103 | + 104 | + if (setsockopt(listen_sock, level, optname, &opt, sizeof(opt)) != 0) { 105 | + ERROR("setsockopt IP_TRANSPARENT"); 106 | + exit(EXIT_FAILURE); 107 | + } 108 | + LOGI("tcp tproxy mode enabled"); 109 | + } 110 | 111 | s = bind(listen_sock, rp->ai_addr, rp->ai_addrlen); 112 | if (s == 0) { 113 | @@ -1094,7 +1129,7 @@ main(int argc, char **argv) 114 | 115 | USE_TTY(); 116 | 117 | - while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:c:b:a:n:huUvA6" 118 | + while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:c:b:a:n:huUTvA6" 119 | "O:o:G:g:", 120 | long_options, &option_index)) != -1) { 121 | switch (c) { 122 | @@ -1169,6 +1204,9 @@ main(int argc, char **argv) 123 | case 'U': 124 | mode = UDP_ONLY; 125 | break; 126 | + case 'T': 127 | + tcp_tproxy = 1; 128 | + break; 129 | case 'v': 130 | verbose = 1; 131 | break; 132 | @@ -1255,6 +1293,9 @@ main(int argc, char **argv) 133 | if (mode == TCP_ONLY) { 134 | mode = conf->mode; 135 | } 136 | + if (tcp_tproxy == 0) { 137 | + tcp_tproxy = conf->tcp_tproxy; 138 | + } 139 | if (mtu == 0) { 140 | mtu = conf->mtu; 141 | } 142 | --- a/src/utils.c 143 | +++ b/src/utils.c 144 | @@ -342,6 +342,10 @@ usage() 145 | #endif 146 | printf( 147 | " [-U] Enable UDP relay and disable TCP relay.\n"); 148 | +#ifdef MODULE_REDIR 149 | + printf( 150 | + " [-T] Use tproxy instead of redirect (for tcp).\n"); 151 | +#endif 152 | #ifdef MODULE_REMOTE 153 | printf( 154 | " [-6] Resovle hostname to IPv6 address first.\n"); 155 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/Makefile.am: -------------------------------------------------------------------------------- 1 | VERSION_INFO = 2:0:0 2 | 3 | AM_CFLAGS = -g -O2 -Wall -Werror -Wno-deprecated-declarations -fno-strict-aliasing -std=gnu99 -D_GNU_SOURCE 4 | AM_CFLAGS += $(PTHREAD_CFLAGS) 5 | if !USE_SYSTEM_SHARED_LIB 6 | AM_CFLAGS += -I$(top_srcdir)/libev 7 | AM_CFLAGS += -I$(top_srcdir)/libudns 8 | AM_CFLAGS += -I$(top_srcdir)/libsodium/src/libsodium/include 9 | endif 10 | AM_CFLAGS += -I$(top_srcdir)/libipset/include 11 | AM_CFLAGS += -I$(top_srcdir)/libcork/include 12 | AM_CFLAGS += $(LIBPCRE_CFLAGS) 13 | 14 | SS_COMMON_LIBS = $(top_builddir)/libipset/libipset.la \ 15 | $(top_builddir)/libcork/libcork.la \ 16 | $(INET_NTOP_LIB) $(LIBPCRE_LIBS) 17 | if USE_SYSTEM_SHARED_LIB 18 | SS_COMMON_LIBS += -lev -lsodium -lm 19 | else 20 | SS_COMMON_LIBS += $(top_builddir)/libev/libev.la \ 21 | $(top_builddir)/libsodium/src/libsodium/libsodium.la 22 | endif 23 | 24 | bin_PROGRAMS = ss-server ss-check 25 | 26 | sni_src = http.c \ 27 | tls.c \ 28 | rule.c 29 | 30 | ss_check_SOURCES = check.c 31 | 32 | ss_server_SOURCES = utils.c \ 33 | netutils.c \ 34 | jconf.c \ 35 | json.c \ 36 | encrypt.c \ 37 | udprelay.c \ 38 | cache.c \ 39 | acl.c \ 40 | resolv.c \ 41 | server.c \ 42 | $(sni_src) 43 | 44 | 45 | ss_check_LDADD = $(SS_COMMON_LIBS) 46 | ss_server_LDADD = $(SS_COMMON_LIBS) 47 | 48 | if USE_SYSTEM_SHARED_LIB 49 | ss_server_LDADD += -ludns 50 | else 51 | ss_server_LDADD += $(top_builddir)/libudns/libudns.la 52 | endif 53 | 54 | ss_check_CFLAGS = $(AM_CFLAGS) 55 | ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE 56 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/README.md: -------------------------------------------------------------------------------- 1 | # server 2 | 3 | `ss-server` and `ss-check` from https://github.com/ywb94/shadowsocks-libev 4 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/acl.h: -------------------------------------------------------------------------------- 1 | /* 2 | * acl.h - Define the ACL interface 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * 8 | * shadowsocks-libev is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * shadowsocks-libev is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU General Public License 19 | * along with shadowsocks-libev; see the file COPYING. If not, see 20 | * . 21 | */ 22 | 23 | #ifndef _ACL_H 24 | #define _ACL_H 25 | 26 | #define BLACK_LIST 0 27 | #define WHITE_LIST 1 28 | 29 | #define MAX_TRIES 64 30 | #define MALICIOUS 8 31 | #define SUSPICIOUS 4 32 | #define BAD 2 33 | #define MALFORMED 1 34 | 35 | int init_acl(const char *path); 36 | void free_acl(void); 37 | void clear_block_list(void); 38 | 39 | int acl_match_host(const char *ip); 40 | int acl_add_ip(const char *ip); 41 | int acl_remove_ip(const char *ip); 42 | 43 | int get_acl_mode(void); 44 | 45 | void init_block_list(int firewall); 46 | void free_block_list(); 47 | int check_block_list(char *addr); 48 | int update_block_list(char *addr, int err_level); 49 | int remove_from_block_list(char *addr); 50 | 51 | int outbound_block_match_host(const char *host); 52 | 53 | #endif // _ACL_H 54 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/auth.h: -------------------------------------------------------------------------------- 1 | /* 2 | * auth.h - Define shadowsocksR server's buffers and callbacks 3 | * 4 | * Copyright (C) 2015 - 2016, Break Wa11 5 | */ 6 | 7 | #ifndef _AUTH_H 8 | #define _AUTH_H 9 | 10 | void * auth_simple_init_data(); 11 | obfs * auth_simple_new_obfs(); 12 | void auth_simple_dispose(obfs *self); 13 | 14 | int auth_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 15 | int auth_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 16 | 17 | 18 | int auth_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 19 | int auth_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 20 | 21 | int auth_sha1_v2_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 22 | int auth_sha1_v2_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 23 | 24 | int auth_sha1_v4_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 25 | int auth_sha1_v4_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 26 | 27 | int auth_aes128_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 28 | int auth_aes128_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 29 | 30 | #endif // _AUTH_H 31 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/base64.c: -------------------------------------------------------------------------------- 1 | #include "base64.h" 2 | 3 | /* BASE 64 encode table */ 4 | static const char base64en[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 5 | 6 | #define BASE64_PAD '=' 7 | 8 | #define BASE64DE_FIRST '+' 9 | #define BASE64DE_LAST 'z' 10 | 11 | /* ASCII order for BASE 64 decode, -1 in unused character */ 12 | static const signed char base64de[] = { 13 | -1, -1, -1, -1, -1, -1, -1, -1, 14 | -1, -1, -1, -1, -1, -1, -1, -1, 15 | -1, -1, -1, -1, -1, -1, -1, -1, 16 | -1, -1, -1, -1, -1, -1, -1, -1, 17 | -1, -1, -1, -1, -1, -1, -1, -1, 18 | /* '+', ',', '-', '.', '/', */ 19 | -1, -1, -1, 62, -1, -1, -1, 63, 20 | /* '0', '1', '2', '3', '4', '5', '6', '7', */ 21 | 52, 53, 54, 55, 56, 57, 58, 59, 22 | /* '8', '9', ':', ';', '<', '=', '>', '?', */ 23 | 60, 61, -1, -1, -1, -1, -1, -1, 24 | /* '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G', */ 25 | -1, 0, 1, 2, 3, 4, 5, 6, 26 | /* 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', */ 27 | 7, 8, 9, 10, 11, 12, 13, 14, 28 | /* 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', */ 29 | 15, 16, 17, 18, 19, 20, 21, 22, 30 | /* 'X', 'Y', 'Z', '[', '\', ']', '^', '_', */ 31 | 23, 24, 25, -1, -1, -1, -1, -1, 32 | /* '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', */ 33 | -1, 26, 27, 28, 29, 30, 31, 32, 34 | /* 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', */ 35 | 33, 34, 35, 36, 37, 38, 39, 40, 36 | /* 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', */ 37 | 41, 42, 43, 44, 45, 46, 47, 48, 38 | /* 'x', 'y', 'z', */ 39 | 49, 50, 51, 40 | }; 41 | 42 | int 43 | base64_encode(const unsigned char *in, unsigned int inlen, char *out) 44 | { 45 | unsigned int i, j; 46 | 47 | for (i = j = 0; i < inlen; i++) { 48 | int s = i % 3; /* from 6/gcd(6, 8) */ 49 | 50 | switch (s) { 51 | case 0: 52 | out[j++] = base64en[(in[i] >> 2) & 0x3F]; 53 | continue; 54 | case 1: 55 | out[j++] = base64en[((in[i-1] & 0x3) << 4) + ((in[i] >> 4) & 0xF)]; 56 | continue; 57 | case 2: 58 | out[j++] = base64en[((in[i-1] & 0xF) << 2) + ((in[i] >> 6) & 0x3)]; 59 | out[j++] = base64en[in[i] & 0x3F]; 60 | } 61 | } 62 | 63 | /* move back */ 64 | i -= 1; 65 | 66 | /* check the last and add padding */ 67 | if ((i % 3) == 0) { 68 | out[j++] = base64en[(in[i] & 0x3) << 4]; 69 | out[j++] = BASE64_PAD; 70 | out[j++] = BASE64_PAD; 71 | } else if ((i % 3) == 1) { 72 | out[j++] = base64en[(in[i] & 0xF) << 2]; 73 | out[j++] = BASE64_PAD; 74 | } 75 | 76 | return BASE64_OK; 77 | } 78 | 79 | int 80 | base64_decode(const char *in, unsigned int inlen, unsigned char *out) 81 | { 82 | unsigned int i, j; 83 | 84 | for (i = j = 0; i < inlen; i++) { 85 | int c; 86 | int s = i % 4; /* from 8/gcd(6, 8) */ 87 | 88 | if (in[i] == '=') 89 | return BASE64_OK; 90 | 91 | if (in[i] < BASE64DE_FIRST || in[i] > BASE64DE_LAST || 92 | (c = base64de[(int)in[i]]) == -1) 93 | return BASE64_INVALID; 94 | 95 | switch (s) { 96 | case 0: 97 | out[j] = ((unsigned int)c << 2) & 0xFF; 98 | continue; 99 | case 1: 100 | out[j++] += ((unsigned int)c >> 4) & 0x3; 101 | 102 | /* if not last char with padding */ 103 | if (i < (inlen - 3) || in[inlen - 2] != '=') 104 | out[j] = ((unsigned int)c & 0xF) << 4; 105 | continue; 106 | case 2: 107 | out[j++] += ((unsigned int)c >> 2) & 0xF; 108 | 109 | /* if not last char with padding */ 110 | if (i < (inlen - 2) || in[inlen - 1] != '=') 111 | out[j] = ((unsigned int)c & 0x3) << 6; 112 | continue; 113 | case 3: 114 | out[j++] += (unsigned char)c; 115 | } 116 | } 117 | 118 | return BASE64_OK; 119 | } 120 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/base64.h: -------------------------------------------------------------------------------- 1 | #ifndef __BASE64_H__ 2 | #define __BASE64_H__ 3 | 4 | enum {BASE64_OK = 0, BASE64_INVALID}; 5 | 6 | #define BASE64_ENCODE_OUT_SIZE(s) (((s) + 2) / 3 * 4) 7 | #define BASE64_DECODE_OUT_SIZE(s) (((s)) / 4 * 3) 8 | 9 | int 10 | base64_encode(const unsigned char *in, unsigned int inlen, char *out); 11 | 12 | int 13 | base64_decode(const char *in, unsigned int inlen, unsigned char *out); 14 | 15 | 16 | #endif /* __BASE64_H__ */ 17 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/cache.h: -------------------------------------------------------------------------------- 1 | /* 2 | * cache.h - Define the cache manager interface 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * 8 | * shadowsocks-libev is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * shadowsocks-libev is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU General Public License 19 | * along with shadowsocks-libev; see the file COPYING. If not, see 20 | * . 21 | */ 22 | 23 | /* 24 | * Original Author: Oliver Lorenz (ol), olli@olorenz.org, https://olorenz.org 25 | * License: This is licensed under the same terms as uthash itself 26 | */ 27 | 28 | #ifndef _CACHE_ 29 | #define _CACHE_ 30 | 31 | #include "uthash.h" 32 | #include "ev.h" 33 | 34 | /** 35 | * A cache entry 36 | */ 37 | struct cache_entry { 38 | char *key; /** 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | //#define __DEBUG__ 17 | #ifdef __DEBUG__ 18 | #define DEBUG(format,...) printf("File: "__FILE__", Line: %05d: "format"/n", __LINE__, ##__VA_ARGS__) 19 | #else 20 | #define DEBUG(format,...) 21 | #endif 22 | 23 | static sigjmp_buf jmpbuf; 24 | static void alarm_func() 25 | { 26 | siglongjmp(jmpbuf, 1); 27 | } 28 | 29 | static struct hostent *timeGethostbyname(const char *domain, int timeout) 30 | { 31 | struct hostent *ipHostent = NULL; 32 | signal(SIGALRM, alarm_func); 33 | if(sigsetjmp(jmpbuf, 1) != 0) 34 | { 35 | alarm(0);//timout 36 | signal(SIGALRM, SIG_IGN); 37 | return NULL; 38 | } 39 | alarm(timeout);//setting alarm 40 | ipHostent = gethostbyname(domain); 41 | signal(SIGALRM, SIG_IGN); 42 | return ipHostent; 43 | } 44 | 45 | 46 | #define MY_HTTP_DEFAULT_PORT 80 47 | #define BUFFER_SIZE 1024 48 | #define HTTP_POST "POST /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n"\ 49 | "Content-Type:application/x-www-form-urlencoded\r\nContent-Length: %d\r\n\r\n%s" 50 | #define HTTP_GET "GET /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n\r\n" 51 | 52 | static int http_parse_url(const char *url,char *host,char *file,int *port) 53 | { 54 | char *ptr1,*ptr2; 55 | int len = 0; 56 | if(!url || !host || !file || !port){ 57 | return 1; 58 | } 59 | 60 | ptr1 = (char *)url; 61 | 62 | if(!strncmp(ptr1,"http://",strlen("http://"))){ 63 | ptr1 += strlen("http://"); 64 | }else{ 65 | return 1; 66 | } 67 | 68 | ptr2 = strchr(ptr1,'/'); 69 | if(ptr2){ 70 | len = strlen(ptr1) - strlen(ptr2); 71 | memcpy(host,ptr1,len); 72 | host[len] = '\0'; 73 | if(*(ptr2 + 1)){ 74 | memcpy(file,ptr2 + 1,strlen(ptr2) - 1 ); 75 | file[strlen(ptr2) - 1] = '\0'; 76 | } 77 | }else{ 78 | memcpy(host,ptr1,strlen(ptr1)); 79 | host[strlen(ptr1)] = '\0'; 80 | } 81 | //get host and ip 82 | ptr1 = strchr(host,':'); 83 | if(ptr1){ 84 | *ptr1++ = '\0'; 85 | *port = atoi(ptr1); 86 | }else{ 87 | *port = MY_HTTP_DEFAULT_PORT; 88 | } 89 | 90 | return 0; 91 | } 92 | 93 | 94 | static int http_tcpclient_recv(int socket,char *lpbuff){ 95 | int recvnum = 0; 96 | 97 | recvnum = recv(socket, lpbuff,BUFFER_SIZE*4,0); 98 | 99 | return recvnum; 100 | } 101 | 102 | static int http_tcpclient_send(int socket,char *buff,int size){ 103 | int sent=0,tmpres=0; 104 | 105 | while(sent < size){ 106 | tmpres = send(socket,buff+sent,size-sent,0); 107 | if(tmpres == -1){ 108 | return 1; 109 | } 110 | sent += tmpres; 111 | } 112 | return sent; 113 | } 114 | 115 | 116 | 117 | 118 | 119 | int http_get(const char *url,int socket_fd) 120 | { 121 | char lpbuf[BUFFER_SIZE*4] = {'\0'}; 122 | 123 | char host_addr[BUFFER_SIZE] = {'\0'}; 124 | char file[BUFFER_SIZE] = {'\0'}; 125 | int port = 0; 126 | 127 | 128 | if(!url){ 129 | DEBUG(" failed!\n"); 130 | return 1; 131 | } 132 | 133 | if(http_parse_url(url,host_addr,file,&port)){ 134 | DEBUG("http_parse_url failed!\n"); 135 | return 1; 136 | } 137 | DEBUG("url: %s\thost_addr : %s\tfile:%s\t,%d\n",url,host_addr,file,port); 138 | 139 | 140 | if(socket_fd < 0){ 141 | DEBUG("http_tcpclient_create failed\n"); 142 | return 1; 143 | } 144 | 145 | sprintf(lpbuf,HTTP_GET,file,host_addr,port); 146 | 147 | if(http_tcpclient_send(socket_fd,lpbuf,strlen(lpbuf)) < 0){ 148 | DEBUG("http_tcpclient_send failed..\n"); 149 | return 1; 150 | } 151 | DEBUG("request:\n%s\n",lpbuf); 152 | 153 | if(http_tcpclient_recv(socket_fd,lpbuf) <= 0){ 154 | DEBUG("http_tcpclient_recv failed\n"); 155 | close(socket_fd); 156 | return 1; 157 | } 158 | DEBUG("rec:\n%s\n",lpbuf); 159 | close(socket_fd); 160 | 161 | //return http_parse_result(lpbuf); 162 | return 0; 163 | } 164 | 165 | 166 | 167 | int main(int argc, char *argv[]) 168 | { 169 | int fd,http_flag=0,http_ret=1; 170 | struct sockaddr_in addr; 171 | struct hostent *host; 172 | struct timeval timeo = {3, 0}; 173 | socklen_t len = sizeof(timeo); 174 | 175 | char http_url[100]="http://"; 176 | 177 | 178 | 179 | fd = socket(AF_INET, SOCK_STREAM, 0); 180 | if (argc >= 4) 181 | timeo.tv_sec = atoi(argv[3]); 182 | if (argc>=5) 183 | http_flag=1; 184 | 185 | if((host=timeGethostbyname(argv[1],timeo.tv_sec)) == NULL) { 186 | DEBUG("gethostbyname err\n"); 187 | return 1; 188 | } 189 | if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &timeo, len) == -1) 190 | { 191 | 192 | DEBUG("setsockopt send err\n"); 193 | return 1; 194 | } 195 | 196 | if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timeo, len) == -1) 197 | { 198 | 199 | DEBUG("setsockopt recv err\n"); 200 | return 1; 201 | } 202 | 203 | addr.sin_family = AF_INET; 204 | addr.sin_addr = *((struct in_addr *)host->h_addr); 205 | //addr.sin_addr.s_addr = inet_addr(argv[1]); 206 | addr.sin_port = htons(atoi(argv[2])); 207 | if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) 208 | { 209 | if (errno == EINPROGRESS) 210 | { 211 | DEBUG("timeout err\n"); 212 | return 1; 213 | } 214 | DEBUG("connect err\n"); 215 | return 1; 216 | } 217 | if(http_flag==0) 218 | { 219 | close(fd); 220 | return 0; 221 | } 222 | strcat(http_url,argv[1]); 223 | http_ret=http_get(http_url,fd); 224 | if(http_ret==1) 225 | { 226 | DEBUG("recv err"); 227 | return 1; 228 | } 229 | else 230 | { 231 | DEBUG("recv ok"); 232 | 233 | return 0; 234 | } 235 | 236 | } -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * common.h - Provide global definitions 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * shadowsocks-libev is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 3 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * shadowsocks-libev is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | * 17 | * You should have received a copy of the GNU General Public License 18 | * along with shadowsocks-libev; see the file COPYING. If not, see 19 | * . 20 | */ 21 | 22 | #ifndef _COMMON_H 23 | #define _COMMON_H 24 | 25 | #define DEFAULT_CONF_PATH "/etc/shadowsocks-libev/config.json" 26 | 27 | #ifndef SOL_TCP 28 | #define SOL_TCP IPPROTO_TCP 29 | #endif 30 | 31 | #if defined(MODULE_TUNNEL) || defined(MODULE_REDIR) 32 | #define MODULE_LOCAL 33 | #endif 34 | 35 | int init_udprelay(const char *server_host, const char *server_port, 36 | #ifdef MODULE_LOCAL 37 | const struct sockaddr *remote_addr, const int remote_addr_len, 38 | #ifdef MODULE_TUNNEL 39 | const ss_addr_t tunnel_addr, 40 | #endif 41 | #endif 42 | int mtu, int method, int auth, int timeout, const char *iface, const char *protocol, const char *protocol_param); 43 | 44 | void free_udprelay(void); 45 | 46 | #ifdef ANDROID 47 | int protect_socket(int fd); 48 | int send_traffic_stat(uint64_t tx, uint64_t rx); 49 | #endif 50 | 51 | #define STAGE_ERROR -1 /* Error detected */ 52 | #define STAGE_INIT 0 /* Initial stage */ 53 | #define STAGE_HANDSHAKE 1 /* Handshake with client */ 54 | #define STAGE_PARSE 2 /* Parse the header */ 55 | #define STAGE_RESOLVE 4 /* Resolve the hostname */ 56 | #define STAGE_STREAM 5 /* Stream between client and server */ 57 | 58 | #endif // _COMMON_H 59 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/crc32.c: -------------------------------------------------------------------------------- 1 | static uint32_t crc32_table[256] = {0}; 2 | 3 | void init_crc32_table(void) { 4 | uint32_t c, i, j; 5 | if (crc32_table[0] == 0) { 6 | for (i = 0; i < 256; i++) { 7 | c = i; 8 | for (j = 0; j < 8; j++) { 9 | if (c & 1) 10 | c = 0xedb88320L ^ (c >> 1); 11 | else 12 | c = c >> 1; 13 | } 14 | crc32_table[i] = c; 15 | } 16 | } 17 | } 18 | 19 | uint32_t crc32(unsigned char *buffer, unsigned int size) { 20 | uint32_t crc = 0xFFFFFFFF; 21 | unsigned int i; 22 | for (i = 0; i < size; i++) { 23 | crc = crc32_table[(crc ^ buffer[i]) & 0xFF] ^ (crc >> 8); 24 | } 25 | return crc ^ 0xFFFFFFFF; 26 | } 27 | 28 | void fillcrc32to(unsigned char *buffer, unsigned int size, unsigned char *outbuffer) { 29 | uint32_t crc = 0xFFFFFFFF; 30 | unsigned int i; 31 | for (i = 0; i < size; i++) { 32 | crc = crc32_table[(crc ^ buffer[i]) & 0xff] ^ (crc >> 8); 33 | } 34 | crc ^= 0xFFFFFFFF; 35 | outbuffer[0] = crc; 36 | outbuffer[1] = crc >> 8; 37 | outbuffer[2] = crc >> 16; 38 | outbuffer[3] = crc >> 24; 39 | } 40 | 41 | void fillcrc32(unsigned char *buffer, unsigned int size) { 42 | uint32_t crc = 0xFFFFFFFF; 43 | unsigned int i; 44 | size -= 4; 45 | for (i = 0; i < size; i++) { 46 | crc = crc32_table[(crc ^ buffer[i]) & 0xff] ^ (crc >> 8); 47 | } 48 | buffer += size; 49 | buffer[0] = crc; 50 | buffer[1] = crc >> 8; 51 | buffer[2] = crc >> 16; 52 | buffer[3] = crc >> 24; 53 | } 54 | 55 | void adler32_short(unsigned char *buffer, unsigned int size, uint32_t *a, uint32_t *b) { 56 | for (int i = 0; i < size; i++) { 57 | *a += buffer[i]; 58 | *b += *a; 59 | } 60 | *a %= 65521; 61 | *b %= 65521; 62 | } 63 | 64 | #define NMAX 5552 65 | uint32_t adler32(unsigned char *buffer, unsigned int size) { 66 | uint32_t a = 1; 67 | uint32_t b = 0; 68 | while ( size >= NMAX ) { 69 | adler32_short(buffer, NMAX, &a, &b); 70 | buffer += NMAX; 71 | size -= NMAX; 72 | } 73 | adler32_short(buffer, size, &a, &b); 74 | return (b << 16) + a; 75 | } 76 | #undef NMAX 77 | 78 | void filladler32(unsigned char *buffer, unsigned int size) { 79 | size -= 4; 80 | uint32_t checksum = adler32(buffer, size); 81 | buffer += size; 82 | buffer[0] = checksum; 83 | buffer[1] = checksum >> 8; 84 | buffer[2] = checksum >> 16; 85 | buffer[3] = checksum >> 24; 86 | } 87 | 88 | int checkadler32(unsigned char *buffer, unsigned int size) { 89 | size -= 4; 90 | uint32_t checksum = adler32(buffer, size); 91 | buffer += size; 92 | return checksum == (((uint32_t)buffer[3] << 24) 93 | | ((uint32_t)buffer[2] << 16) 94 | | ((uint32_t)buffer[1] << 8) 95 | | (uint32_t)buffer[0]); 96 | } 97 | 98 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/http.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 and 2012, Dustin Lundquist 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | * POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifdef HAVE_CONFIG_H 28 | #include "config.h" 29 | #endif 30 | 31 | #include 32 | #include /* malloc() */ 33 | #include /* strncpy() */ 34 | #include /* strncasecmp() */ 35 | #include /* isblank() */ 36 | 37 | #include "http.h" 38 | #include "protocol.h" 39 | 40 | #define SERVER_NAME_LEN 256 41 | 42 | static int parse_http_header(const char *, size_t, char **); 43 | static int get_header(const char *, const char *, int, char **); 44 | static int next_header(const char **, int *); 45 | 46 | static const protocol_t http_protocol_st = { 47 | .default_port = 80, 48 | .parse_packet = &parse_http_header, 49 | }; 50 | const protocol_t *const http_protocol = &http_protocol_st; 51 | 52 | /* 53 | * Parses a HTTP request for the Host: header 54 | * 55 | * Returns: 56 | * >=0 - length of the hostname and updates *hostname 57 | * caller is responsible for freeing *hostname 58 | * -1 - Incomplete request 59 | * -2 - No Host header included in this request 60 | * -3 - Invalid hostname pointer 61 | * -4 - malloc failure 62 | * < -4 - Invalid HTTP request 63 | * 64 | */ 65 | static int 66 | parse_http_header(const char *data, size_t data_len, char **hostname) 67 | { 68 | int result, i; 69 | 70 | if (hostname == NULL) 71 | return -3; 72 | 73 | if (data_len == 0) 74 | return -1; 75 | 76 | result = get_header("Host:", data, data_len, hostname); 77 | if (result < 0) 78 | return result; 79 | 80 | /* 81 | * if the user specifies the port in the request, it is included here. 82 | * Host: example.com:80 83 | * so we trim off port portion 84 | */ 85 | for (i = result - 1; i >= 0; i--) 86 | if ((*hostname)[i] == ':') { 87 | (*hostname)[i] = '\0'; 88 | result = i; 89 | break; 90 | } 91 | 92 | return result; 93 | } 94 | 95 | static int 96 | get_header(const char *header, const char *data, int data_len, char **value) 97 | { 98 | int len, header_len; 99 | 100 | header_len = strlen(header); 101 | 102 | /* loop through headers stopping at first blank line */ 103 | while ((len = next_header(&data, &data_len)) != 0) 104 | if (len > header_len && strncasecmp(header, data, header_len) == 0) { 105 | /* Eat leading whitespace */ 106 | while (header_len < len && isblank(data[header_len])) 107 | header_len++; 108 | 109 | *value = malloc(len - header_len + 1); 110 | if (*value == NULL) 111 | return -4; 112 | 113 | strncpy(*value, data + header_len, len - header_len); 114 | (*value)[len - header_len] = '\0'; 115 | 116 | return len - header_len; 117 | } 118 | 119 | /* If there is no data left after reading all the headers then we do not 120 | * have a complete HTTP request, there must be a blank line */ 121 | if (data_len == 0) 122 | return -1; 123 | 124 | return -2; 125 | } 126 | 127 | static int 128 | next_header(const char **data, int *len) 129 | { 130 | int header_len; 131 | 132 | /* perhaps we can optimize this to reuse the value of header_len, rather 133 | * than scanning twice. 134 | * Walk our data stream until the end of the header */ 135 | while (*len > 2 && (*data)[0] != '\r' && (*data)[1] != '\n') { 136 | (*len)--; 137 | (*data)++; 138 | } 139 | 140 | /* advanced past the pair */ 141 | *data += 2; 142 | *len -= 2; 143 | 144 | /* Find the length of the next header */ 145 | header_len = 0; 146 | while (*len > header_len + 1 147 | && (*data)[header_len] != '\r' 148 | && (*data)[header_len + 1] != '\n') 149 | header_len++; 150 | 151 | return header_len; 152 | } 153 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/http.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 and 2012, Dustin Lundquist 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | * POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef HTTP_H 27 | #define HTTP_H 28 | 29 | #include 30 | #include "protocol.h" 31 | 32 | const protocol_t *const http_protocol; 33 | 34 | #endif 35 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/http_simple.h: -------------------------------------------------------------------------------- 1 | /* 2 | * http_simple.h - Define shadowsocksR server's buffers and callbacks 3 | * 4 | * Copyright (C) 2015 - 2016, Break Wa11 5 | */ 6 | 7 | #ifndef _HTTP_SIMPLE_H 8 | #define _HTTP_SIMPLE_H 9 | 10 | obfs * http_simple_new_obfs(); 11 | void http_simple_dispose(obfs *self); 12 | 13 | int http_simple_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); 14 | int http_simple_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); 15 | 16 | int http_post_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); 17 | 18 | int http_simple_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); 19 | int http_simple_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); 20 | 21 | #endif // _HTTP_SIMPLE_H 22 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/jconf.h: -------------------------------------------------------------------------------- 1 | /* 2 | * jconf.h - Define the config data structure 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * shadowsocks-libev is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 3 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * shadowsocks-libev is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | * 17 | * You should have received a copy of the GNU General Public License 18 | * along with shadowsocks-libev; see the file COPYING. If not, see 19 | * . 20 | */ 21 | 22 | #ifndef _JCONF_H 23 | #define _JCONF_H 24 | 25 | #define MAX_PORT_NUM 1024 26 | #define MAX_REMOTE_NUM 10 27 | #define MAX_CONF_SIZE 128 * 1024 28 | #define MAX_DNS_NUM 4 29 | #define MAX_CONNECT_TIMEOUT 10 30 | #define MAX_REQUEST_TIMEOUT 60 31 | #define MIN_UDP_TIMEOUT 10 32 | 33 | #define TCP_ONLY 0 34 | #define TCP_AND_UDP 1 35 | #define UDP_ONLY 3 36 | 37 | typedef struct { 38 | char *host; 39 | char *port; 40 | } ss_addr_t; 41 | 42 | typedef struct { 43 | char *port; 44 | char *password; 45 | } ss_port_password_t; 46 | 47 | typedef struct { 48 | int remote_num; 49 | ss_addr_t remote_addr[MAX_REMOTE_NUM]; 50 | int port_password_num; 51 | ss_port_password_t port_password[MAX_PORT_NUM]; 52 | char *remote_port; 53 | char *local_addr; 54 | char *local_port; 55 | char *password; 56 | char *protocol; // SSR 57 | char *protocol_param; // SSR 58 | char *method; 59 | char *obfs; // SSR 60 | char *obfs_param; // SSR 61 | char *timeout; 62 | char *user; 63 | int auth; 64 | int fast_open; 65 | int nofile; 66 | char *nameserver; 67 | char *tunnel_address; 68 | int mode; 69 | int mtu; 70 | int mptcp; 71 | int ipv6_first; 72 | } jconf_t; 73 | 74 | jconf_t *read_jconf(const char *file); 75 | void parse_addr(const char *str, ss_addr_t *addr); 76 | void free_addr(ss_addr_t *addr); 77 | 78 | #endif // _JCONF_H 79 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/list.h: -------------------------------------------------------------------------------- 1 | #ifndef LIST_H_H 2 | #define LIST_H_H 3 | 4 | #include 5 | #include 6 | #include 7 | 8 | typedef struct clist *List; 9 | 10 | typedef int (*compare)(void *ndata, void *data); 11 | typedef void (*dofunc)(void *ndata); 12 | 13 | typedef int (*lpf0)(List l, void *data); 14 | typedef int (*lpf1)(List l, void *data, compare pfunc); 15 | typedef List (*lpf2)(List l); 16 | typedef void (*lpf3)(List l); 17 | typedef void (*lpf4)(List l, dofunc pfunc); 18 | typedef int (*lpf5)(List l, unsigned int index, void *new_data); 19 | typedef void (*lpf6)(List l, compare pfunc); 20 | typedef int (*lpf7)(List l, unsigned int index); 21 | 22 | typedef struct cnode 23 | { 24 | void *data; 25 | struct cnode *next; 26 | }node, *Node; 27 | 28 | typedef struct clist 29 | { 30 | Node head; 31 | Node tail; 32 | unsigned int size; 33 | unsigned int data_size; 34 | lpf0 add_back; 35 | lpf0 add_front; 36 | lpf1 delete_node; 37 | lpf1 have_same; 38 | lpf0 have_same_cmp; 39 | lpf4 foreach; 40 | lpf3 clear; 41 | lpf2 destroy; 42 | lpf5 modify_at; 43 | lpf6 sort; 44 | lpf7 delete_at; 45 | }list; 46 | 47 | //初始化链表 48 | List list_init(unsigned int data_size); 49 | int list_add_back(List l, void *data); 50 | int list_add_front(List l, void *data); 51 | int list_delete_node(List l, void *data, compare pfunc); 52 | int list_delete_at(List l, unsigned int index); 53 | int list_modify_at(List l, unsigned int index, void *new_data); 54 | int list_have_same(List l, void *data, compare pfunc); 55 | int list_have_same_cmp(List l, void *data); 56 | void list_foreach(List l, dofunc doit); 57 | void list_sort(List l, compare pfunc); 58 | void list_clear(List l); 59 | //释放链表 60 | List list_destroy(List l); 61 | #endif 62 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/netutils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * netutils.h - Network utilities 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * 8 | * shadowsocks-libev is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * shadowsocks-libev is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU General Public License 19 | * along with shadowsocks-libev; see the file COPYING. If not, see 20 | * . 21 | */ 22 | 23 | #ifndef _NETUTILS_H 24 | #define _NETUTILS_H 25 | 26 | #if defined(__linux__) 27 | #include 28 | #elif !defined(__MINGW32__) 29 | #include 30 | #endif 31 | 32 | // only enable TCP_FASTOPEN on linux 33 | #if defined(__linux__) 34 | #include 35 | /* conditional define for TCP_FASTOPEN */ 36 | #ifndef TCP_FASTOPEN 37 | #define TCP_FASTOPEN 23 38 | #endif 39 | /* conditional define for MSG_FASTOPEN */ 40 | #ifndef MSG_FASTOPEN 41 | #define MSG_FASTOPEN 0x20000000 42 | #endif 43 | #elif !defined(__APPLE__) 44 | #ifdef TCP_FASTOPEN 45 | #undef TCP_FASTOPEN 46 | #endif 47 | #endif 48 | 49 | /* Backward compatibility for MPTCP_ENABLED between kernel 3 & 4 */ 50 | #ifndef MPTCP_ENABLED 51 | #ifdef TCP_CC_INFO 52 | #define MPTCP_ENABLED 42 53 | #else 54 | #define MPTCP_ENABLED 26 55 | #endif 56 | #endif 57 | 58 | /** byte size of ip4 address */ 59 | #define INET_SIZE 4 60 | /** byte size of ip6 address */ 61 | #define INET6_SIZE 16 62 | 63 | size_t get_sockaddr_len(struct sockaddr *addr); 64 | ssize_t get_sockaddr(char *host, char *port, 65 | struct sockaddr_storage *storage, int block, 66 | int ipv6first); 67 | int set_reuseport(int socket); 68 | 69 | #ifdef SET_INTERFACE 70 | int setinterface(int socket_fd, const char *interface_name); 71 | #endif 72 | 73 | int bind_to_address(int socket_fd, const char *address); 74 | 75 | /** 76 | * Compare two sockaddrs. Imposes an ordering on the addresses. 77 | * Compares address and port. 78 | * @param addr1: address 1. 79 | * @param addr2: address 2. 80 | * @param len: lengths of addr. 81 | * @return: 0 if addr1 == addr2. -1 if addr1 is smaller, +1 if larger. 82 | */ 83 | int sockaddr_cmp(struct sockaddr_storage *addr1, 84 | struct sockaddr_storage *addr2, socklen_t len); 85 | 86 | /** 87 | * Compare two sockaddrs. Compares address, not the port. 88 | * @param addr1: address 1. 89 | * @param addr2: address 2. 90 | * @param len: lengths of addr. 91 | * @return: 0 if addr1 == addr2. -1 if addr1 is smaller, +1 if larger. 92 | */ 93 | int sockaddr_cmp_addr(struct sockaddr_storage *addr1, 94 | struct sockaddr_storage *addr2, socklen_t len); 95 | 96 | int validate_hostname(const char *hostname, const int hostname_len); 97 | 98 | #endif 99 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/obfs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * obfs.h - Define shadowsocksR server's buffers and callbacks 3 | * 4 | * Copyright (C) 2015 - 2016, Break Wa11 5 | */ 6 | 7 | #ifndef _OBFS_H 8 | #define _OBFS_H 9 | 10 | #include 11 | #include 12 | 13 | typedef struct server_info { 14 | char host[64]; 15 | uint16_t port; 16 | char *param; 17 | void *g_data; 18 | uint8_t *iv; 19 | size_t iv_len; 20 | uint8_t *recv_iv; 21 | size_t recv_iv_len; 22 | uint8_t *key; 23 | size_t key_len; 24 | int head_len; 25 | size_t tcp_mss; 26 | }server_info; 27 | 28 | typedef struct obfs { 29 | server_info server; 30 | void *l_data; 31 | }obfs; 32 | 33 | typedef struct obfs_class { 34 | void * (*init_data)(); 35 | obfs * (*new_obfs)(); 36 | void (*get_server_info)(obfs *self, server_info *server); 37 | void (*set_server_info)(obfs *self, server_info *server); 38 | void (*dispose)(obfs *self); 39 | 40 | int (*client_pre_encrypt)(obfs *self, 41 | char **pplaindata, 42 | int datalength, 43 | size_t* capacity); 44 | int (*client_encode)(obfs *self, 45 | char **pencryptdata, 46 | int datalength, 47 | size_t* capacity); 48 | int (*client_decode)(obfs *self, 49 | char **pencryptdata, 50 | int datalength, 51 | size_t* capacity, 52 | int *needsendback); 53 | int (*client_post_decrypt)(obfs *self, 54 | char **pplaindata, 55 | int datalength, 56 | size_t* capacity); 57 | int (*client_udp_pre_encrypt)(obfs *self, 58 | char **pplaindata, 59 | int datalength, 60 | size_t* capacity); 61 | int (*client_udp_post_decrypt)(obfs *self, 62 | char **pplaindata, 63 | int datalength, 64 | size_t* capacity); 65 | int (*server_pre_encrypt)(obfs *self, 66 | char **pplaindata, 67 | int datalength, 68 | size_t* capacity); 69 | int (*server_post_decrypt)(obfs *self, 70 | char **pplaindata, 71 | int datalength, 72 | size_t* capacity); 73 | int (*server_udp_pre_encrypt)(obfs *self, 74 | char **pplaindata, 75 | int datalength, 76 | size_t* capacity); 77 | int (*server_udp_post_decrypt)(obfs *self, 78 | char **pplaindata, 79 | int datalength, 80 | size_t* capacity); 81 | int (*server_encode)(obfs *self, 82 | char **pencryptdata, 83 | int datalength, 84 | size_t* capacity); 85 | int (*server_decode)(obfs *self, 86 | char **pencryptdata, 87 | int datalength, 88 | size_t* capacity, 89 | int *needsendback); 90 | }obfs_class; 91 | 92 | obfs_class * new_obfs_class(char *plugin_name); 93 | void free_obfs_class(obfs_class *plugin); 94 | 95 | void set_server_info(obfs *self, server_info *server); 96 | void get_server_info(obfs *self, server_info *server); 97 | obfs * new_obfs(); 98 | void dispose_obfs(obfs *self); 99 | 100 | #endif // _OBFS_H 101 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/obfsutil.c: -------------------------------------------------------------------------------- 1 | int get_head_size(char *plaindata, int size, int def_size) { 2 | if (plaindata == NULL || size < 2) 3 | return def_size; 4 | int head_type = plaindata[0] & 0x7; 5 | if (head_type == 1) 6 | return 7; 7 | if (head_type == 4) 8 | return 19; 9 | if (head_type == 3) 10 | return 4 + plaindata[1]; 11 | return def_size; 12 | } 13 | 14 | static int shift128plus_init_flag = 0; 15 | static uint64_t shift128plus_s[2] = {0x10000000, 0xFFFFFFFF}; 16 | 17 | void init_shift128plus(void) { 18 | if (shift128plus_init_flag == 0) { 19 | shift128plus_init_flag = 1; 20 | uint32_t seed = time(NULL); 21 | shift128plus_s[0] = seed | 0x100000000L; 22 | shift128plus_s[1] = ((uint64_t)seed << 32) | 0x1; 23 | } 24 | } 25 | 26 | uint64_t xorshift128plus(void) { 27 | uint64_t x = shift128plus_s[0]; 28 | uint64_t const y = shift128plus_s[1]; 29 | shift128plus_s[0] = y; 30 | x ^= x << 23; // a 31 | x ^= x >> 17; // b 32 | x ^= y ^ (y >> 26); // c 33 | shift128plus_s[1] = x; 34 | return x + y; 35 | } 36 | 37 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/protocol.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014, Dustin Lundquist 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | * POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef PROTOCOL_H 27 | #define PROTOCOL_H 28 | 29 | typedef struct protocol { 30 | const int default_port; 31 | int(*const parse_packet)(const char *, size_t, char **); 32 | } protocol_t; 33 | 34 | #endif 35 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/resolv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014, Dustin Lundquist 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | * POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef RESOLV_H 27 | #define RESOLV_H 28 | 29 | #ifdef HAVE_CONFIG_H 30 | #include "config.h" 31 | #endif 32 | 33 | #include 34 | 35 | #ifdef __MINGW32__ 36 | #include "win32.h" 37 | #else 38 | #include 39 | #endif 40 | 41 | struct ResolvQuery; 42 | 43 | int resolv_init(struct ev_loop *, char **, int, int); 44 | struct ResolvQuery *resolv_query(const char *, void (*)(struct sockaddr *, 45 | void *), void (*)( 46 | void *), void *, uint16_t); 47 | void resolv_cancel(struct ResolvQuery *); 48 | void resolv_shutdown(struct ev_loop *); 49 | 50 | #endif 51 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/rule.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 and 2012, Dustin Lundquist 3 | * Copyright (c) 2011 Manuel Kasper 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions are met: 8 | * 9 | * 1. Redistributions of source code must retain the above copyright notice, 10 | * this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 16 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 19 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 | * POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | #ifdef HAVE_CONFIG_H 29 | #include "config.h" 30 | #endif 31 | 32 | #include 33 | #include 34 | 35 | #ifdef __MINGW32__ 36 | extern void ss_error(const char *s); 37 | #endif 38 | 39 | #include "rule.h" 40 | #include "utils.h" 41 | 42 | static void free_rule(rule_t *); 43 | 44 | rule_t * 45 | new_rule() 46 | { 47 | rule_t *rule; 48 | 49 | rule = calloc(1, sizeof(rule_t)); 50 | if (rule == NULL) { 51 | ERROR("malloc"); 52 | return NULL; 53 | } 54 | 55 | return rule; 56 | } 57 | 58 | int 59 | accept_rule_arg(rule_t *rule, const char *arg) 60 | { 61 | if (rule->pattern == NULL) { 62 | rule->pattern = strdup(arg); 63 | if (rule->pattern == NULL) { 64 | ERROR("strdup failed"); 65 | return -1; 66 | } 67 | } else { 68 | LOGE("Unexpected table rule argument: %s", arg); 69 | return -1; 70 | } 71 | 72 | return 1; 73 | } 74 | 75 | void 76 | add_rule(struct cork_dllist *rules, rule_t *rule) 77 | { 78 | cork_dllist_add(rules, &rule->entries); 79 | } 80 | 81 | int 82 | init_rule(rule_t *rule) 83 | { 84 | if (rule->pattern_re == NULL) { 85 | const char *reerr; 86 | int reerroffset; 87 | 88 | rule->pattern_re = 89 | pcre_compile(rule->pattern, 0, &reerr, &reerroffset, NULL); 90 | if (rule->pattern_re == NULL) { 91 | LOGE("Regex compilation of \"%s\" failed: %s, offset %d", 92 | rule->pattern, reerr, reerroffset); 93 | return 0; 94 | } 95 | } 96 | 97 | return 1; 98 | } 99 | 100 | rule_t * 101 | lookup_rule(const struct cork_dllist *rules, const char *name, size_t name_len) 102 | { 103 | struct cork_dllist_item *curr, *next; 104 | 105 | if (name == NULL) { 106 | name = ""; 107 | name_len = 0; 108 | } 109 | 110 | cork_dllist_foreach_void(rules, curr, next) { 111 | rule_t *rule = cork_container_of(curr, rule_t, entries); 112 | if (pcre_exec(rule->pattern_re, NULL, 113 | name, name_len, 0, 0, NULL, 0) >= 0) 114 | return rule; 115 | } 116 | 117 | return NULL; 118 | } 119 | 120 | void 121 | remove_rule(rule_t *rule) 122 | { 123 | cork_dllist_remove(&rule->entries); 124 | free_rule(rule); 125 | } 126 | 127 | static void 128 | free_rule(rule_t *rule) 129 | { 130 | if (rule == NULL) 131 | return; 132 | 133 | ss_free(rule->pattern); 134 | if (rule->pattern_re != NULL) 135 | pcre_free(rule->pattern_re); 136 | ss_free(rule); 137 | } 138 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/rule.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 and 2012, Dustin Lundquist 3 | * Copyright (c) 2011 Manuel Kasper 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions are met: 8 | * 9 | * 1. Redistributions of source code must retain the above copyright notice, 10 | * this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 16 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 19 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 | * POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | #ifndef RULE_H 28 | #define RULE_H 29 | 30 | #ifdef HAVE_CONFIG_H 31 | #include "config.h" 32 | #endif 33 | 34 | #include 35 | 36 | #ifdef HAVE_PCRE_H 37 | #include 38 | #elif HAVE_PCRE_PCRE_H 39 | #include 40 | #endif 41 | 42 | typedef struct rule { 43 | char *pattern; 44 | 45 | /* Runtime fields */ 46 | pcre *pattern_re; 47 | 48 | struct cork_dllist_item entries; 49 | } rule_t; 50 | 51 | void add_rule(struct cork_dllist *, rule_t *); 52 | int init_rule(rule_t *); 53 | rule_t *lookup_rule(const struct cork_dllist *, const char *, size_t); 54 | void remove_rule(rule_t *); 55 | rule_t *new_rule(); 56 | int accept_rule_arg(rule_t *, const char *); 57 | 58 | #endif 59 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/server.h: -------------------------------------------------------------------------------- 1 | /* 2 | * server.h - Define shadowsocks server's buffers and callbacks 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * 8 | * shadowsocks-libev is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * shadowsocks-libev is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU General Public License 19 | * along with shadowsocks-libev; see the file COPYING. If not, see 20 | * . 21 | */ 22 | 23 | #ifndef _SERVER_H 24 | #define _SERVER_H 25 | 26 | #include 27 | #include 28 | #include 29 | 30 | #include "encrypt.h" 31 | #include "jconf.h" 32 | #include "resolv.h" 33 | #include "obfs.h" 34 | #include "protocol.h" 35 | 36 | #include "common.h" 37 | 38 | typedef struct listen_ctx { 39 | ev_io io; 40 | int fd; 41 | int timeout; 42 | int method; 43 | char *iface; 44 | struct ev_loop *loop; 45 | 46 | // SSR 47 | char *protocol_name; 48 | char *protocol_param; 49 | char *obfs_name; 50 | char *obfs_param; 51 | void **list_protocol_global; 52 | void **list_obfs_global; 53 | } listen_ctx_t; 54 | 55 | typedef struct server_ctx { 56 | ev_io io; 57 | ev_timer watcher; 58 | int connected; 59 | struct server *server; 60 | } server_ctx_t; 61 | 62 | typedef struct server { 63 | int fd; 64 | int stage; 65 | buffer_t *buf; 66 | ssize_t buf_capacity; 67 | buffer_t *header_buf; 68 | 69 | int auth; 70 | struct chunk *chunk; 71 | 72 | struct enc_ctx *e_ctx; 73 | struct enc_ctx *d_ctx; 74 | struct server_ctx *recv_ctx; 75 | struct server_ctx *send_ctx; 76 | struct listen_ctx *listen_ctx; 77 | struct remote *remote; 78 | 79 | struct ResolvQuery *query; 80 | 81 | struct cork_dllist_item entries; 82 | 83 | // SSR 84 | obfs *protocol; 85 | obfs *obfs; 86 | obfs_class *protocol_plugin; 87 | obfs_class *obfs_plugin; 88 | int obfs_compatible_state; 89 | int protocol_compatible_state; 90 | } server_t; 91 | 92 | typedef struct query { 93 | server_t *server; 94 | char hostname[257]; 95 | } query_t; 96 | 97 | typedef struct remote_ctx { 98 | ev_io io; 99 | int connected; 100 | struct remote *remote; 101 | } remote_ctx_t; 102 | 103 | typedef struct remote { 104 | int fd; 105 | buffer_t *buf; 106 | ssize_t buf_capacity; 107 | struct remote_ctx *recv_ctx; 108 | struct remote_ctx *send_ctx; 109 | struct server *server; 110 | 111 | // SSR 112 | int remote_index; 113 | } remote_t; 114 | 115 | #endif // _SERVER_H 116 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/tls.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 and 2012, Dustin Lundquist 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 15 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 | * POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef TLS_H 27 | #define TLS_H 28 | 29 | #include "protocol.h" 30 | 31 | const protocol_t *const tls_protocol; 32 | 33 | #endif 34 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/tls1.2_ticket.h: -------------------------------------------------------------------------------- 1 | /* 2 | * http_simple.h - Define shadowsocksR server's buffers and callbacks 3 | * 4 | * Copyright (C) 2015 - 2016, Break Wa11 5 | */ 6 | 7 | #ifndef _TLS1_2_TICKET_H 8 | #define _TLS1_2_TICKET_H 9 | 10 | void * tls12_ticket_auth_init_data(); 11 | obfs * tls12_ticket_auth_new_obfs(); 12 | void tls12_ticket_auth_dispose(obfs *self); 13 | 14 | int tls12_ticket_auth_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); 15 | int tls12_ticket_auth_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); 16 | 17 | int tls12_ticket_auth_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); 18 | int tls12_ticket_auth_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); 19 | 20 | #endif // _TLS1_2_TICKET_H 21 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/udprelay.h: -------------------------------------------------------------------------------- 1 | /* 2 | * udprelay.h - Define UDP relay's buffers and callbacks 3 | * 4 | * Copyright (C) 2013 - 2016, Max Lv 5 | * 6 | * This file is part of the shadowsocks-libev. 7 | * 8 | * shadowsocks-libev is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * shadowsocks-libev is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU General Public License 19 | * along with shadowsocks-libev; see the file COPYING. If not, see 20 | * . 21 | */ 22 | 23 | #ifndef _UDPRELAY_H 24 | #define _UDPRELAY_H 25 | 26 | #include 27 | #include 28 | 29 | #include "encrypt.h" 30 | #include "jconf.h" 31 | #include "obfs.h" 32 | 33 | #ifdef MODULE_REMOTE 34 | #include "resolv.h" 35 | #endif 36 | 37 | #include "cache.h" 38 | 39 | #include "common.h" 40 | 41 | #define MAX_UDP_PACKET_SIZE (65507) 42 | 43 | #define DEFAULT_PACKET_SIZE 1397 // 1492 - 1 - 28 - 2 - 64 = 1397, the default MTU for UDP relay 44 | 45 | typedef struct server_ctx { 46 | ev_io io; 47 | int fd; 48 | int method; 49 | int auth; 50 | int timeout; 51 | const char *iface; 52 | struct cache *conn_cache; 53 | #ifdef MODULE_LOCAL 54 | const struct sockaddr *remote_addr; 55 | int remote_addr_len; 56 | #ifdef MODULE_TUNNEL 57 | ss_addr_t tunnel_addr; 58 | #endif 59 | #endif 60 | #ifdef MODULE_REMOTE 61 | struct ev_loop *loop; 62 | #endif 63 | // SSR 64 | obfs *protocol; 65 | obfs_class *protocol_plugin; 66 | void *protocol_global; 67 | } server_ctx_t; 68 | 69 | #ifdef MODULE_REMOTE 70 | typedef struct query_ctx { 71 | struct ResolvQuery *query; 72 | struct sockaddr_storage src_addr; 73 | buffer_t *buf; 74 | int addr_header_len; 75 | char addr_header[384]; 76 | struct server_ctx *server_ctx; 77 | struct remote_ctx *remote_ctx; 78 | } query_ctx_t; 79 | #endif 80 | 81 | typedef struct remote_ctx { 82 | ev_io io; 83 | ev_timer watcher; 84 | int af; 85 | int fd; 86 | int addr_header_len; 87 | char addr_header[384]; 88 | struct sockaddr_storage src_addr; 89 | #ifdef MODULE_REMOTE 90 | struct sockaddr_storage dst_addr; 91 | #endif 92 | struct server_ctx *server_ctx; 93 | } remote_ctx_t; 94 | 95 | #endif // _UDPRELAY_H 96 | -------------------------------------------------------------------------------- /shadowsocksr-libev/src/server/verify.h: -------------------------------------------------------------------------------- 1 | /* 2 | * verify.h - Define shadowsocksR server's buffers and callbacks 3 | * 4 | * Copyright (C) 2015 - 2016, Break Wa11 5 | */ 6 | 7 | #ifndef _VERIFY_H 8 | #define _VERIFY_H 9 | 10 | obfs * verify_simple_new_obfs(); 11 | void verify_simple_dispose(obfs *self); 12 | 13 | int verify_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 14 | int verify_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 15 | 16 | int verify_simple_server_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 17 | int verify_simple_server_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); 18 | 19 | #endif // _VERIFY_H 20 | -------------------------------------------------------------------------------- /simple-obfs/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-or-later 2 | # 3 | # Copyright (C) 2017-2019 Jian Chang 4 | # Copyright (C) 2021 ImmortalWrt.org 5 | 6 | include $(TOPDIR)/rules.mk 7 | 8 | PKG_NAME:=simple-obfs 9 | PKG_VERSION:=0.0.5 10 | PKG_RELEASE:=$(AUTORELEASE) 11 | 12 | PKG_SOURCE_PROTO:=git 13 | PKG_SOURCE_URL:=https://github.com/shadowsocks/simple-obfs.git 14 | PKG_SOURCE_DATE:=2019-08-17 15 | PKG_SOURCE_VERSION:=486bebd9208539058e57e23a12f23103016e09b4 16 | PKG_MIRROR_HASH:=b1ae62a6826616b35b6aea0c6b2d55b5f36da96be0cd1c229c263b508d1aeef0 17 | 18 | PKG_LICENSE:=GPL-3.0-or-later 19 | PKG_LICENSE_FILES:=LICENSE 20 | PKG_MAINTAINER:=Jian Chang 21 | 22 | PKG_BUILD_DEPENDS:=libev 23 | PKG_FIXUP:=autoreconf 24 | PKG_BUILD_PARALLEL:=1 25 | PKG_INSTALL:=1 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | 29 | define Package/simple-obfs/template 30 | SECTION:=net 31 | CATEGORY:=Network 32 | TITLE:=A simple obfuscating tool 33 | URL:=https://github.com/shadowsocks/simple-obfs 34 | DEPENDS:=+libpthread +libev 35 | endef 36 | 37 | define Package/simple-obfs-client 38 | $(call Package/simple-obfs/template) 39 | TITLE+= (client) 40 | PROVIDES:=simple-obfs 41 | endef 42 | 43 | define Package/simple-obfs-server 44 | $(call Package/simple-obfs/template) 45 | TITLE+= (server) 46 | endef 47 | 48 | define Package/simple-obfs/description 49 | Simple-obfs is a simple obfusacting tool, designed as plugin server of shadowsocks. 50 | endef 51 | 52 | Package/simple-obfs-client/description = $(Package/simple-obfs/description) 53 | Package/simple-obfs-server/description = $(Package/simple-obfs/description) 54 | 55 | CONFIGURE_ARGS += \ 56 | --disable-ssp \ 57 | --disable-documentation \ 58 | --disable-assert 59 | 60 | define Package/simple-obfs-client/install 61 | $(INSTALL_DIR) $(1)/usr/bin 62 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/obfs-local $(1)/usr/bin/ 63 | endef 64 | 65 | define Package/simple-obfs-server/install 66 | $(INSTALL_DIR) $(1)/usr/bin 67 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/obfs-server $(1)/usr/bin/ 68 | endef 69 | 70 | $(eval $(call BuildPackage,simple-obfs-client)) 71 | $(eval $(call BuildPackage,simple-obfs-server)) 72 | -------------------------------------------------------------------------------- /tcping/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=tcping 8 | PKG_VERSION:=0.3 9 | PKG_RELEASE:=$(AUTORELEASE) 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/Mattraks/tcping/tar.gz/$(PKG_VERSION)? 13 | PKG_HASH:=c703481d1751adf051dd3391c4dccdadc6dfca7484e636222b392e1213312e02 14 | 15 | PKG_LICENSE:=GPL-2.0-only 16 | PKG_LICENSE_FILE:=license.txt 17 | 18 | PKG_BUILD_PARALLEL:=1 19 | 20 | include $(INCLUDE_DIR)/package.mk 21 | 22 | define Package/tcping 23 | SECTION:=net 24 | CATEGORY:=Network 25 | TITLE:=tcping measures the latency of a tcp-connection 26 | URL:=https://github.com/jlyo/tcping 27 | endef 28 | 29 | define Package/tcping/install 30 | $(INSTALL_DIR) $(1)/usr/sbin 31 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/tcping $(1)/usr/sbin 32 | endef 33 | 34 | $(eval $(call BuildPackage,tcping)) 35 | -------------------------------------------------------------------------------- /trojan/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2018-2019 wongsyrone 3 | # 4 | # This is free software, licensed under the GNU General Public License v3. 5 | # See /LICENSE for more information. 6 | # 7 | include $(TOPDIR)/rules.mk 8 | 9 | PKG_NAME:=trojan 10 | PKG_VERSION:=1.16.0 11 | PKG_RELEASE:=2 12 | 13 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 14 | PKG_SOURCE_URL:=https://codeload.github.com/trojan-gfw/trojan/tar.gz/v$(PKG_VERSION)? 15 | PKG_HASH:=86cdb2685bb03a63b62ce06545c41189952f1ec4a0cd9147450312ed70956cbc 16 | 17 | PKG_BUILD_PARALLEL:=1 18 | PKG_BUILD_DEPENDS:=openssl 19 | 20 | PKG_LICENSE:=GPL-3.0 21 | PKG_LICENSE_FILE:=LICENSE 22 | PKG_MAINTAINER:=GreaterFire 23 | 24 | include $(INCLUDE_DIR)/package.mk 25 | include $(INCLUDE_DIR)/cmake.mk 26 | 27 | TARGET_CXXFLAGS += -Wall -Wextra 28 | TARGET_CXXFLAGS += $(FPIC) 29 | 30 | # LTO 31 | TARGET_CXXFLAGS += -flto 32 | TARGET_LDFLAGS += -flto 33 | 34 | # CXX standard 35 | TARGET_CXXFLAGS += -std=c++11 36 | TARGET_CXXFLAGS := $(filter-out -O%,$(TARGET_CXXFLAGS)) -O3 37 | TARGET_CXXFLAGS += -ffunction-sections -fdata-sections 38 | TARGET_LDFLAGS += -Wl,--gc-sections 39 | 40 | CMAKE_OPTIONS += \ 41 | -DENABLE_MYSQL=OFF \ 42 | -DENABLE_NAT=ON \ 43 | -DENABLE_REUSE_PORT=ON \ 44 | -DENABLE_SSL_KEYLOG=ON \ 45 | -DENABLE_TLS13_CIPHERSUITES=ON \ 46 | -DFORCE_TCP_FASTOPEN=OFF \ 47 | -DSYSTEMD_SERVICE=OFF \ 48 | -DOPENSSL_USE_STATIC_LIBS=FALSE \ 49 | -DBoost_DEBUG=ON \ 50 | -DBoost_NO_BOOST_CMAKE=ON 51 | 52 | define Package/trojan 53 | SECTION:=net 54 | CATEGORY:=Network 55 | SUBMENU:=Web Servers/Proxies 56 | TITLE:=An unidentifiable mechanism that helps you bypass GFW 57 | URL:=https://github.com/trojan-gfw/trojan 58 | DEPENDS:= \ 59 | +libpthread +libstdcpp +libopenssl \ 60 | +boost +boost-system +boost-program_options +boost-date_time 61 | endef 62 | 63 | define Package/trojan/install 64 | $(INSTALL_DIR) $(1)/usr/sbin 65 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/trojan $(1)/usr/sbin/trojan 66 | endef 67 | 68 | $(eval $(call BuildPackage,trojan)) 69 | -------------------------------------------------------------------------------- /tuic-client/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-2.0-only 2 | # 3 | # Copyright (C) 2017-2020 Yousong Zhou 4 | # Copyright (C) 2021 ImmortalWrt.org 5 | 6 | include $(TOPDIR)/rules.mk 7 | 8 | PKG_NAME:=tuic-client 9 | PKG_VERSION:=1.0.0 10 | PKG_RELEASE:=1 11 | 12 | PKG_LICENSE_FILES:=LICENSE 13 | PKG_MAINTAINER:=Tianling Shen 14 | 15 | include $(INCLUDE_DIR)/package.mk 16 | 17 | TUIC_TYPE:=tuic-client-$(PKG_VERSION) 18 | TUIC_FOOT:=unknown-linux-musl 19 | ifeq ($(ARCH),aarch64) 20 | TUIC_ARCH:=$(TUIC_TYPE)-aarch64-$(TUIC_FOOT) 21 | PKG_HASH:=c29eaaf3bc05115acc7453ac26bacf9aff65211b1e8ca7f771b818248bec8601 22 | else ifeq ($ARCH),arm64) 23 | ARM_CPU_FEATURES:=$(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE)))) 24 | ifeq ($(ARM_CPU_FEATURES),) 25 | TUIC_ARCH:=$(TUIC_TYPE)-armv7-$(TUIC_FOOT)eabi 26 | PKG_HASH:=33a83ab05dc1a598552bf1f27114502b12c94b6e5333c6ac2def3739c00a4daf 27 | else 28 | TUIC_ARCH:=$(TUIC_TYPE)-armv7-$(TUIC_FOOT)eabihf 29 | PKG_HASH:=e2cc1d81ac376ff2a94976e78c861f5cd21ad809ff5b587ae967e2a63e4c35e4 30 | endif 31 | else ifeq ($(ARCH),i686) 32 | TUIC_ARCH:=$(TUIC_TYPE)-i686-$(TUIC_FOOT) 33 | PKG_HASH:=67d930b4381a8848bf98acbccb538c73b72ca9dde0aed3705f73e62a9922f758 34 | else ifeq ($(ARCH),x86_64) 35 | TUIC_ARCH:=$(TUIC_TYPE)-x86_64-$(TUIC_FOOT) 36 | PKG_HASH:=180c562691247a7feddf553706bc8fd5b5b9de3027154f94a767ea907a45e2de 37 | endif 38 | 39 | define Download/tuic-client 40 | URL:=https://github.com/EAimTY/tuic/releases/download/$(TUIC_TYPE)/ 41 | URL_FILE:=$(TUIC_ARCH) 42 | FILE:=$(TUIC_ARCH) 43 | HASH:=$(PKG_HASH) 44 | endef 45 | 46 | define Package/tuic-client 47 | SECTION:=net 48 | CATEGORY:=Network 49 | SUBMENU:=Web Servers/Proxies 50 | TITLE:=Delicately-TUICed 0-RTT proxy protocol 51 | URL:=https://github.com/EAimTY/tuic/ 52 | DEPENDS:=@USE_MUSL @(aarch64||arm64||i686||x86_64) @!(TARGET_x86_geode||TARGET_x86_legacy) 53 | #PKGARCH:=all aarch64 arm i686 x86_64 54 | endef 55 | 56 | define Build/Prepare 57 | $(call Build/Prepare/Default) 58 | ifneq ($(CONFIG_PACKAGE_tuic-client),) 59 | $(call Download,tuic-client) 60 | endif 61 | endef 62 | 63 | define Build/Compile 64 | endef 65 | 66 | define Package/tuic-client/install 67 | $(INSTALL_DIR) $(1)/usr/bin 68 | $(INSTALL_BIN) $(DL_DIR)/$(TUIC_ARCH) $(1)/usr/bin/tuic-client 69 | chmod +x $(1)/usr/bin/tuic-client 70 | endef 71 | 72 | $(eval $(call BuildPackage,tuic-client)) 73 | -------------------------------------------------------------------------------- /v2ray-core/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=v2ray-core 8 | PKG_VERSION:=5.7.0 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/v2fly/v2ray-core/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=599fcd264537e39178b6008a11af68816dfd1609e19a9cf8adc8b2a4240ee370 14 | 15 | PKG_LICENSE:=MIT 16 | PKG_LICENSE_FILES:=LICENSE 17 | PKG_MAINTAINER:=Tianling Shen 18 | 19 | PKG_BUILD_DEPENDS:=golang/host 20 | PKG_BUILD_PARALLEL:=1 21 | PKG_USE_MIPS16:=0 22 | 23 | GO_PKG:=github.com/v2fly/v2ray-core/v5 24 | GO_PKG_BUILD_PKG:=$(GO_PKG)/main 25 | GO_PKG_LDFLAGS_X:= \ 26 | $(GO_PKG).build=OpenWrt \ 27 | $(GO_PKG).version=$(PKG_VERSION) 28 | 29 | include $(INCLUDE_DIR)/package.mk 30 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 31 | 32 | define Package/v2ray/template 33 | TITLE:=A platform for building proxies to bypass network restrictions 34 | SECTION:=net 35 | CATEGORY:=Network 36 | URL:=https://www.v2fly.org 37 | endef 38 | 39 | define Package/v2ray-core 40 | $(call Package/v2ray/template) 41 | DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle 42 | endef 43 | 44 | define Package/v2ray-extra 45 | $(call Package/v2ray/template) 46 | TITLE+= (extra resources) 47 | DEPENDS:=v2ray-core 48 | PKGARCH:=all 49 | endef 50 | 51 | define Package/v2ray/description 52 | Project V is a set of network tools that help you to build your own computer network. 53 | It secures your network connections and thus protects your privacy. 54 | endef 55 | 56 | define Package/v2ray-core/description 57 | $(call Package/v2ray/description) 58 | endef 59 | 60 | define Package/v2ray-extra/description 61 | $(call Package/v2ray/description) 62 | 63 | This includes extra resources for v2ray-core. 64 | endef 65 | 66 | define Package/v2ray-core/install 67 | $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) 68 | $(INSTALL_DIR) $(1)/usr/bin/ 69 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/main $(1)/usr/bin/v2ray 70 | endef 71 | 72 | define Package/v2ray-extra/install 73 | $(INSTALL_DIR) $(1)/usr/share/v2ray/ 74 | $(CP) $(PKG_BUILD_DIR)/release/extra/* $(1)/usr/share/v2ray/ 75 | endef 76 | 77 | $(eval $(call BuildPackage,v2ray-core)) 78 | $(eval $(call BuildPackage,v2ray-extra)) 79 | -------------------------------------------------------------------------------- /v2ray-geodata/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021-2022 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=v2ray-geodata 8 | PKG_RELEASE:=1 9 | 10 | PKG_LICENSE_FILES:=LICENSE 11 | PKG_MAINTAINER:=Tianling Shen 12 | 13 | include $(INCLUDE_DIR)/package.mk 14 | 15 | GEOIP_VER:=202210200105 16 | GEOIP_FILE:=geoip.dat.$(GEOIP_VER) 17 | define Download/geoip 18 | URL:=https://github.com/v2fly/geoip/releases/download/$(GEOIP_VER)/ 19 | URL_FILE:=geoip.dat 20 | FILE:=$(GEOIP_FILE) 21 | HASH:=08b8039a1a3f6fca59864b658bd0b0698588a950dc08ff76e83d3e204fc10679 22 | endef 23 | 24 | GEOSITE_VER:=20221023064040 25 | GEOSITE_FILE:=dlc.dat.$(GEOSITE_VER) 26 | define Download/geosite 27 | URL:=https://github.com/v2fly/domain-list-community/releases/download/$(GEOSITE_VER)/ 28 | URL_FILE:=dlc.dat 29 | FILE:=$(GEOSITE_FILE) 30 | HASH:=d1706f66a29795fa29093f85a6cd620854c53911c0b437ba80d81953280d7bf7 31 | endef 32 | 33 | define Package/v2ray-geodata/template 34 | SECTION:=net 35 | CATEGORY:=Network 36 | SUBMENU:=IP Addresses and Names 37 | URL:=https://www.v2fly.org 38 | PKGARCH:=all 39 | endef 40 | 41 | define Package/v2ray-geoip 42 | $(call Package/v2ray-geodata/template) 43 | TITLE:=GeoIP List for V2Ray 44 | VERSION:=$(GEOIP_VER)-$(PKG_RELEASE) 45 | LICENSE:=CC-BY-SA-4.0 46 | endef 47 | 48 | define Package/v2ray-geosite 49 | $(call Package/v2ray-geodata/template) 50 | TITLE:=Geosite List for V2Ray 51 | VERSION:=$(GEOSITE_VER)-$(PKG_RELEASE) 52 | LICENSE:=MIT 53 | endef 54 | 55 | define Build/Prepare 56 | $(call Build/Prepare/Default) 57 | ifneq ($(CONFIG_PACKAGE_v2ray-geoip),) 58 | $(call Download,geoip) 59 | endif 60 | ifneq ($(CONFIG_PACKAGE_v2ray-geosite),) 61 | $(call Download,geosite) 62 | endif 63 | endef 64 | 65 | define Build/Compile 66 | endef 67 | 68 | define Package/v2ray-geoip/install 69 | $(INSTALL_DIR) $(1)/usr/share/v2ray 70 | $(INSTALL_DATA) $(DL_DIR)/$(GEOIP_FILE) $(1)/usr/share/v2ray/geoip.dat 71 | endef 72 | 73 | define Package/v2ray-geosite/install 74 | $(INSTALL_DIR) $(1)/usr/share/v2ray 75 | $(INSTALL_DATA) $(DL_DIR)/$(GEOSITE_FILE) $(1)/usr/share/v2ray/geosite.dat 76 | endef 77 | 78 | $(eval $(call BuildPackage,v2ray-geoip)) 79 | $(eval $(call BuildPackage,v2ray-geosite)) 80 | -------------------------------------------------------------------------------- /v2ray-plugin/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2020 SharerMax 4 | # Copyright (C) 2021 ImmortalWrt.org 5 | 6 | include $(TOPDIR)/rules.mk 7 | 8 | PKG_NAME:=v2ray-plugin 9 | PKG_VERSION:=5.7.0 10 | PKG_RELEASE:=1 11 | 12 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 13 | PKG_SOURCE_URL:=https://codeload.github.com/teddysun/v2ray-plugin/tar.gz/v$(PKG_VERSION)? 14 | PKG_HASH:=ec0096e36cfe01a946197b44ae51ea76a3dc6a76f846a99f3b985be59ae167fb 15 | 16 | PKG_LICENSE:=MIT 17 | PKG_LICENSE_FILES:=LICENSE 18 | PKG_MAINTAINER:=madeye 19 | 20 | PKG_BUILD_DEPENDS:=golang/host 21 | PKG_BUILD_PARALLEL:=1 22 | PKG_USE_MIPS16:=0 23 | 24 | GO_PKG:=github.com/shadowsocks/v2ray-plugin 25 | GO_PKG_LDFLAGS_X:=main.VERSION=v$(PKG_VERSION) 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 29 | 30 | define Package/v2ray-plugin 31 | SECTION:=net 32 | CATEGORY:=Network 33 | SUBMENU:=Web Servers/Proxies 34 | TITLE:=SIP003 plugin for shadowsocks, based on v2ray 35 | URL:=https://github.com/teddysun/v2ray-plugin 36 | DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle 37 | endef 38 | 39 | $(eval $(call GoBinPackage,v2ray-plugin)) 40 | $(eval $(call BuildPackage,v2ray-plugin)) 41 | -------------------------------------------------------------------------------- /v2raya/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2021 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=v2rayA 8 | PKG_VERSION:=1.5.9.1698.1 9 | PKG_RELEASE:=2 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/v2rayA/v2rayA/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=247a357230c616bf48309c61d119686e4ad56939c05afef584c45051e9dc6220 14 | PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/service 15 | 16 | PKG_LICENSE:=AGPL-3.0-only 17 | PKG_LICENSE_FILES:=LICENSE 18 | PKG_MAINTAINER:=Tianling Shen 19 | 20 | PKG_BUILD_DEPENDS:=golang/host 21 | PKG_BUILD_PARALLEL:=1 22 | PKG_USE_MIPS16:=0 23 | 24 | GO_PKG:=github.com/v2rayA/v2rayA 25 | GO_PKG_LDFLAGS_X:=$(GO_PKG)/conf.Version=$(PKG_VERSION) 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 29 | 30 | TAR_OPTIONS+= --strip-components 1 31 | TAR_CMD=$(HOST_TAR) -C $(1)/.. $(TAR_OPTIONS) 32 | 33 | define Package/v2raya 34 | TITLE:=A Linux web GUI client of Project V 35 | SECTION:=net 36 | CATEGORY:=Network 37 | SUBMENU:=Web Servers/Proxies 38 | DEPENDS:=$(GO_ARCH_DEPENDS) \ 39 | +ca-bundle \ 40 | +iptables-mod-conntrack-extra \ 41 | +iptables-mod-extra \ 42 | +iptables-mod-filter \ 43 | +iptables-mod-tproxy \ 44 | +kmod-ipt-nat6 \ 45 | +xray-core 46 | URL:=https://v2raya.org 47 | endef 48 | 49 | define Package/v2raya/description 50 | v2rayA is a V2Ray Linux client supporting global transparent proxy, 51 | compatible with SS, SSR, Trojan(trojan-go), PingTunnel protocols. 52 | endef 53 | 54 | define Package/v2raya/conffiles 55 | /etc/v2raya/ 56 | /etc/config/v2raya 57 | endef 58 | 59 | WEB_FILE:=$(PKG_NAME)-web-$(PKG_VERSION).tar.gz 60 | define Download/v2raya-web 61 | URL:=https://codeload.github.com/v2rayA/v2raya-web/tar.gz/v$(PKG_VERSION)? 62 | URL_FILE:=$(WEB_FILE) 63 | FILE:=$(WEB_FILE) 64 | HASH:=149097a42c3e5fa6f5c3cd46d1bf7ec4546e79ad37c1446b759539e700bd75e2 65 | endef 66 | 67 | define Build/Prepare 68 | $(call Build/Prepare/Default) 69 | 70 | ( \ 71 | mkdir -p $(PKG_BUILD_DIR)/server/router/web ; \ 72 | gzip -dc $(DL_DIR)/$(WEB_FILE) | $(HOST_TAR) -C $(PKG_BUILD_DIR)/server/router/web $(TAR_OPTIONS) ; \ 73 | ) 74 | endef 75 | 76 | define Package/v2raya/install 77 | $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) 78 | $(INSTALL_DIR) $(1)/usr/bin/ 79 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/v2rayA $(1)/usr/bin/v2raya 80 | 81 | $(INSTALL_DIR) $(1)/etc/config/ 82 | $(INSTALL_CONF) $(CURDIR)/files/v2raya.config $(1)/etc/config/v2raya 83 | $(INSTALL_DIR) $(1)/etc/init.d/ 84 | $(INSTALL_BIN) $(CURDIR)/files/v2raya.init $(1)/etc/init.d/v2raya 85 | endef 86 | 87 | $(eval $(call Download,v2raya-web)) 88 | $(eval $(call GoBinPackage,v2raya)) 89 | $(eval $(call BuildPackage,v2raya)) 90 | -------------------------------------------------------------------------------- /v2raya/files/v2raya.config: -------------------------------------------------------------------------------- 1 | 2 | config v2raya 'config' 3 | option enabled '0' 4 | 5 | # Listening address 6 | option address '0.0.0.0:2017' 7 | 8 | # v2rayA configuration directory 9 | option config '/etc/v2raya' 10 | 11 | # Make sure your IPv6 network works fine before you turn it on. 12 | # Optional values: auto, on, off. 13 | option ipv6_support 'auto' 14 | 15 | # Optional values: trace, debug, info, warn or error 16 | option log_level 'info' 17 | 18 | # The path of log file 19 | option log_file '/var/log/v2raya/v2raya.log' 20 | 21 | # Maximum number of days to keep log files 22 | option log_max_days '3' 23 | 24 | option log_disable_color '1' 25 | 26 | option log_disable_timestamp '0' 27 | 28 | # Executable v2ray binary path. Auto-detect if put it empty 29 | option v2ray_bin '' 30 | 31 | # Additional v2ray config directory, files in it will be combined with config generated by v2rayA 32 | option v2ray_confdir '' 33 | 34 | # The executable file to run in the transparent proxy life-cycle. 35 | # v2rayA will pass in the --transparent-type (tproxy, redirect) 36 | # and --stage (pre-start, post-start, pre-stop, post-stop) arguments. 37 | option transparent_hook '' 38 | 39 | # The executable file to run in the v2ray-core life-cycle. 40 | # v2rayA will pass in the --stage (pre-start, post-start, pre-stop, post-stop) argument. 41 | option core_hook '' 42 | 43 | # The executable file to run in the v2ray-core life-cycle. 44 | # v2rayA will pass in the --stage (pre-start, post-start, pre-stop, post-stop) argument. 45 | option plugin_manager '' 46 | 47 | # Specify the certification path instead of automatically generating a self-signed certificate. 48 | # Example: /etc/v2raya/grpc_certificate.crt,/etc/v2raya/grpc_private.key 49 | option vless_grpc_inbound_cert_key '' 50 | 51 | -------------------------------------------------------------------------------- /v2raya/files/v2raya.init: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2021 Tianling Shen 3 | 4 | USE_PROCD=1 5 | START=99 6 | 7 | CONF="v2raya" 8 | PROG="/usr/bin/v2raya" 9 | 10 | is_enabled() { 11 | local enabled 12 | config_get_bool enabled "$1" "$2" "${3:-0}" 13 | if [ "$enabled" -eq "1" ]; then 14 | return 0 15 | else 16 | return 1 17 | fi 18 | } 19 | 20 | append_env() { 21 | procd_append_param env "V2RAYA_$(echo "$1" | tr "[a-z]" "[A-Z]")"="$2" 22 | } 23 | 24 | append_env_arg() { 25 | local value 26 | config_get value "$1" "$2" $3 27 | [ -n "$value" ] && append_env "$2" "$value" 28 | } 29 | 30 | append_env_bool() { 31 | is_enabled "$1" "$2" && append_env "$2" "true" 32 | } 33 | 34 | start_service() { 35 | config_load "$CONF" 36 | 37 | is_enabled "config" "enabled" || return 1 38 | 39 | procd_open_instance "$CONF" 40 | procd_set_param command "$PROG" 41 | procd_set_param env XDG_DATA_HOME="/usr/share" 42 | 43 | append_env_arg "config" "address" "0.0.0.0:2017" 44 | append_env_arg "config" "config" "/etc/v2raya" 45 | append_env_arg "config" "ipv6_support" "auto" 46 | append_env_arg "config" "log_level" "info" 47 | append_env_arg "config" "log_file" "/var/log/v2raya/v2raya.log" 48 | append_env_arg "config" "log_max_days" "3" 49 | append_env_arg "config" "v2ray_bin" 50 | append_env_arg "config" "v2ray_confdir" 51 | append_env_arg "config" "transparent_hook" 52 | append_env_arg "config" "core_hook" 53 | append_env_arg "config" "plugin_manager" 54 | append_env_arg "config" "vless_grpc_inbound_cert_key" 55 | append_env_bool "config" "log_disable_color" 56 | append_env_bool "config" "log_disable_timestamp" 57 | 58 | procd_set_param limits core="unlimited" 59 | procd_set_param limits nofile="1000000 1000000" 60 | procd_set_param respawn 61 | procd_set_param stdout 1 62 | procd_set_param stderr 1 63 | 64 | procd_close_instance 65 | } 66 | 67 | reload_service() { 68 | stop 69 | start 70 | } 71 | 72 | service_triggers() { 73 | procd_add_reload_trigger "$CONF" 74 | } 75 | -------------------------------------------------------------------------------- /v2raya/patches/013-fix-we-should-skip-interface-ppp-to-avoid-to-break-net.patch: -------------------------------------------------------------------------------- 1 | From ca6a05273284daa04856a840e64f3936f700b7c3 Mon Sep 17 00:00:00 2001 2 | From: mzz2017 3 | Date: Fri, 16 Sep 2022 15:13:11 +0800 4 | Subject: [PATCH] fix: we should skip interface ppp+ to avoid to break net 5 | 6 | --- 7 | service/core/iptables/tproxy.go | 6 +++++- 8 | 1 file changed, 5 insertions(+), 1 deletion(-) 9 | 10 | --- a/core/iptables/tproxy.go 11 | +++ b/core/iptables/tproxy.go 12 | @@ -16,7 +16,7 @@ var Tproxy tproxy 13 | func (t *tproxy) AddIPWhitelist(cidr string) { 14 | // avoid duplication 15 | t.RemoveIPWhitelist(cidr) 16 | - pos := 5 17 | + pos := 7 18 | if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed { 19 | pos += 3 20 | } 21 | @@ -68,6 +68,8 @@ iptables -w 2 -t mangle -A TP_RULE -m ma 22 | iptables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN 23 | iptables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN 24 | iptables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN 25 | +iptables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN 26 | +iptables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN 27 | ` 28 | if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed { 29 | commands += ` 30 | @@ -127,6 +129,8 @@ ip6tables -w 2 -t mangle -A TP_RULE -m m 31 | ip6tables -w 2 -t mangle -A TP_RULE -i br-+ -j RETURN 32 | ip6tables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN 33 | ip6tables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN 34 | +ip6tables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN 35 | +ip6tables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN 36 | ` 37 | if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed { 38 | commands += ` 39 | -------------------------------------------------------------------------------- /v2raya/patches/014-fix-seed-cannot-be-read-from-vless-sharing-link-and-add-m.patch: -------------------------------------------------------------------------------- 1 | From 5db722b22b39642280572a62b149d4e1efa21ce3 Mon Sep 17 00:00:00 2001 2 | From: mzz2017 3 | Date: Mon, 8 Aug 2022 22:30:36 +0800 4 | Subject: [PATCH] fix: seed cannot be read from vless sharing-link and add 5 | missing sni field. #616 6 | 7 | --- 8 | service/core/serverObj/v2ray.go | 24 +++++++++++------------- 9 | 1 file changed, 11 insertions(+), 13 deletions(-) 10 | 11 | --- a/core/serverObj/v2ray.go 12 | +++ b/core/serverObj/v2ray.go 13 | @@ -12,7 +12,6 @@ import ( 14 | "time" 15 | 16 | jsoniter "github.com/json-iterator/go" 17 | - "github.com/tidwall/gjson" 18 | "github.com/v2rayA/v2rayA/common" 19 | "github.com/v2rayA/v2rayA/core/coreObj" 20 | "github.com/v2rayA/v2rayA/core/v2ray/service" 21 | @@ -39,6 +38,7 @@ type V2Ray struct { 22 | Net string `json:"net"` 23 | Type string `json:"type"` 24 | Host string `json:"host"` 25 | + SNI string `json:"sni"` 26 | Path string `json:"path"` 27 | TLS string `json:"tls"` 28 | Flow string `json:"flow,omitempty"` 29 | @@ -69,7 +69,8 @@ func ParseVlessURL(vless string) (data * 30 | ID: u.User.String(), 31 | Net: u.Query().Get("type"), 32 | Type: u.Query().Get("headerType"), 33 | - Host: u.Query().Get("sni"), 34 | + Host: u.Query().Get("host"), 35 | + SNI: u.Query().Get("sni"), 36 | Path: u.Query().Get("path"), 37 | TLS: u.Query().Get("security"), 38 | Flow: u.Query().Get("flow"), 39 | @@ -86,16 +87,13 @@ func ParseVlessURL(vless string) (data * 40 | if data.Type == "" { 41 | data.Type = "none" 42 | } 43 | - if data.Host == "" { 44 | - data.Host = u.Query().Get("host") 45 | - } 46 | if data.TLS == "" { 47 | data.TLS = "none" 48 | } 49 | if data.Flow == "" { 50 | data.Flow = "xtls-rprx-direct" 51 | } 52 | - if data.Type == "mkcp" || data.Type == "kcp" { 53 | + if data.Net == "mkcp" || data.Net == "kcp" { 54 | data.Path = u.Query().Get("seed") 55 | } 56 | return data, nil 57 | @@ -145,6 +143,7 @@ func ParseVmessURL(vmess string) (data * 58 | if aid == "" { 59 | aid = q.Get("aid") 60 | } 61 | + sni := q.Get("sni") 62 | info = V2Ray{ 63 | ID: subMatch[1], 64 | Add: subMatch[2], 65 | @@ -152,6 +151,7 @@ func ParseVmessURL(vmess string) (data * 66 | Ps: ps, 67 | Host: obfsParam, 68 | Path: path, 69 | + SNI: sni, 70 | Net: obfs, 71 | Aid: aid, 72 | TLS: map[string]string{"1": "tls"}[q.Get("tls")], 73 | @@ -165,12 +165,6 @@ func ParseVmessURL(vmess string) (data * 74 | if err != nil { 75 | return 76 | } 77 | - if info.Host == "" { 78 | - sni := gjson.Get(raw, "sni") 79 | - if sni.Exists() { 80 | - info.Host = sni.String() 81 | - } 82 | - } 83 | } 84 | // correct the wrong vmess as much as possible 85 | if strings.HasPrefix(info.Host, "/") && info.Path == "" { 86 | @@ -328,7 +322,9 @@ func (v *V2Ray) Configuration(info Prior 87 | core.StreamSettings.TLSSettings.AllowInsecure = true 88 | } 89 | // SNI 90 | - if v.Host != "" { 91 | + if v.SNI != "" { 92 | + core.StreamSettings.TLSSettings.ServerName = v.SNI 93 | + } else if v.Host != "" { 94 | core.StreamSettings.TLSSettings.ServerName = v.Host 95 | } 96 | // Alpn 97 | @@ -345,6 +341,8 @@ func (v *V2Ray) Configuration(info Prior 98 | // SNI 99 | if v.Host != "" { 100 | core.StreamSettings.XTLSSettings.ServerName = v.Host 101 | + } else if v.Host != "" { 102 | + core.StreamSettings.TLSSettings.ServerName = v.Host 103 | } 104 | if v.AllowInsecure { 105 | core.StreamSettings.XTLSSettings.AllowInsecure = true 106 | -------------------------------------------------------------------------------- /v2raya/patches/015-fix-a-problem-that-supervisor-cannot-exit-normally.patch: -------------------------------------------------------------------------------- 1 | From 3f78422f81f3abc2668fc3938b31d213bfe4dfff Mon Sep 17 00:00:00 2001 2 | From: mzz2017 3 | Date: Sun, 28 Aug 2022 17:54:36 +0800 4 | Subject: [PATCH] fix: a problem that supervisor cannot exit normally 5 | 6 | --- 7 | service/core/specialMode/infra/handle.go | 11 ++++++---- 8 | service/core/specialMode/infra/supervisor.go | 22 ++++++++------------ 9 | 2 files changed, 16 insertions(+), 17 deletions(-) 10 | 11 | --- a/core/specialMode/infra/handle.go 12 | +++ b/core/specialMode/infra/handle.go 13 | @@ -127,10 +127,13 @@ func (interfaceHandle *handle) handleRec 14 | return results, msg 15 | } 16 | 17 | -func packetFilter(portCache *portCache, pPacket *gopacket.Packet, whitelistDnsServers *v2router.GeoIPMatcher) (m *dnsmessage.Message, pSAddr, pSPort, pDAddr, pDPort *gopacket.Endpoint) { 18 | - packet := *pPacket 19 | - trans := packet.TransportLayer() 20 | +func packetFilter(portCache *portCache, packet gopacket.Packet, whitelistDnsServers *v2router.GeoIPMatcher) (m *dnsmessage.Message, pSAddr, pSPort, pDAddr, pDPort *gopacket.Endpoint) { 21 | + //跳过非网络层的包 22 | + if packet.NetworkLayer() == nil { 23 | + return 24 | + } 25 | //跳过非传输层的包 26 | + trans := packet.TransportLayer() 27 | if trans == nil { 28 | return 29 | } 30 | @@ -180,7 +183,7 @@ func packetFilter(portCache *portCache, 31 | } 32 | 33 | func (interfaceHandle *handle) handlePacket(packet gopacket.Packet, ifname string, whitelistDnsServers *v2router.GeoIPMatcher, whitelistDomains *strmatcher.MatcherGroup) { 34 | - m, sAddr, sPort, dAddr, dPort := packetFilter(interfaceHandle.portCache, &packet, whitelistDnsServers) 35 | + m, sAddr, sPort, dAddr, dPort := packetFilter(interfaceHandle.portCache, packet, whitelistDnsServers) 36 | if m == nil { 37 | return 38 | } 39 | --- a/core/specialMode/infra/supervisor.go 40 | +++ b/core/specialMode/infra/supervisor.go 41 | @@ -9,7 +9,6 @@ import ( 42 | v2router "github.com/v2rayA/v2ray-lib/router" 43 | "github.com/v2rayA/v2rayA/pkg/util/log" 44 | "sync" 45 | - "time" 46 | ) 47 | 48 | type DnsSupervisor struct { 49 | @@ -70,7 +69,7 @@ func (d *DnsSupervisor) DeleteHandles(if 50 | } 51 | close(d.handles[ifname].done) 52 | delete(d.handles, ifname) 53 | - log.Trace("DnsSupervisor:%v closed", ifname) 54 | + log.Trace("DnsSupervisor:%v deleted", ifname) 55 | return 56 | } 57 | 58 | @@ -81,28 +80,24 @@ func (d *DnsSupervisor) Run(ifname strin 59 | d.inner.Lock() 60 | handle, ok := d.handles[ifname] 61 | if !ok { 62 | + d.inner.Unlock() 63 | return fmt.Errorf("Run: %v not exsits", ifname) 64 | } 65 | if handle.running { 66 | + d.inner.Unlock() 67 | return fmt.Errorf("Run: %v is running", ifname) 68 | } 69 | handle.running = true 70 | log.Trace("[DnsSupervisor] " + ifname + ": running") 71 | - pkgsrc := gopacket.NewPacketSource(handle, layers.LayerTypeEthernet) 72 | + // we only decode UDP packets 73 | + pkgsrc := gopacket.NewPacketSource(handle, layers.LayerTypeDNS) 74 | pkgsrc.NoCopy = true 75 | + //pkgsrc.Lazy = true 76 | d.inner.Unlock() 77 | packets := pkgsrc.Packets() 78 | go func() { 79 | - for { 80 | - //心跳包,防止内存泄漏 81 | - packets <- gopacket.NewPacket(nil, layers.LinkTypeEthernet, gopacket.DecodeOptions{}) 82 | - select { 83 | - case <-handle.done: 84 | - return 85 | - default: 86 | - time.Sleep(2 * time.Second) 87 | - } 88 | - } 89 | + <-handle.done 90 | + packets <- gopacket.NewPacket(nil, layers.LinkTypeEthernet, pkgsrc.DecodeOptions) 91 | }() 92 | out: 93 | for packet := range packets { 94 | @@ -113,5 +108,6 @@ out: 95 | } 96 | go handle.handlePacket(packet, ifname, whitelistDnsServers, whitelistDomains) 97 | } 98 | + log.Trace("DnsSupervisor:%v closed", ifname) 99 | return 100 | } 101 | -------------------------------------------------------------------------------- /v2raya/patches/016-fix-unexpected-exit-does-not-apply-stop-steps.patch: -------------------------------------------------------------------------------- 1 | From 153b72ed623876ad73b731c2ec2344e9057d3c35 Mon Sep 17 00:00:00 2001 2 | From: mzz2017 3 | Date: Wed, 21 Sep 2022 16:50:24 +0800 4 | Subject: [PATCH] fix: unexpected exit does not apply stop steps 5 | 6 | --- 7 | service/core/v2ray/process.go | 4 ++-- 8 | service/core/v2ray/processManager.go | 8 +++----- 9 | 2 files changed, 5 insertions(+), 7 deletions(-) 10 | 11 | --- a/core/v2ray/process.go 12 | +++ b/core/v2ray/process.go 13 | @@ -35,7 +35,7 @@ type Process struct { 14 | tag2WhichIndex map[string]int 15 | } 16 | 17 | -func NewProcess(tmpl *Template, prestart func() error, poststart func() error) (process *Process, err error) { 18 | +func NewProcess(tmpl *Template, prestart func() error, poststart func() error, stopfunc func(p *Process)) (process *Process, err error) { 19 | process = &Process{ 20 | template: tmpl, 21 | } 22 | @@ -111,7 +111,7 @@ func NewProcess(tmpl *Template, prestart 23 | // canceled by v2rayA 24 | return 25 | } 26 | - defer ProcessManager.Stop(false) 27 | + defer stopfunc(process) 28 | var t []string 29 | if p != nil { 30 | if p.Success() { 31 | --- a/core/v2ray/processManager.go 32 | +++ b/core/v2ray/processManager.go 33 | @@ -245,16 +245,14 @@ func (m *CoreProcessManager) Start(t *Te 34 | return m.beforeStart(t) 35 | }, func() error { 36 | return m.afterStart(t) 37 | + }, func(p *Process) { 38 | + m.p = p 39 | + ProcessManager.Stop(false) 40 | }) 41 | if err != nil { 42 | return err 43 | } 44 | m.p = process 45 | - defer func() { 46 | - if err != nil { 47 | - m.stop(true) 48 | - } 49 | - }() 50 | 51 | configure.SetRunning(true) 52 | return nil 53 | -------------------------------------------------------------------------------- /v2raya/patches/018-fix-do-not-rollback-closed-transaction.patch: -------------------------------------------------------------------------------- 1 | From 451912074ba1ba4000c66874876bc0a6b64cb5da Mon Sep 17 00:00:00 2001 2 | From: Kelo 3 | Date: Sun, 30 Oct 2022 16:49:22 +0800 4 | Subject: [PATCH] fix: do not rollback closed transaction 5 | 6 | --- 7 | service/db/boltdb.go | 3 +-- 8 | 1 file changed, 1 insertion(+), 2 deletions(-) 9 | 10 | --- a/db/boltdb.go 11 | +++ b/db/boltdb.go 12 | @@ -56,14 +56,13 @@ func Transaction(db *bbolt.DB, fn func(* 13 | if err != nil { 14 | return err 15 | } 16 | - defer tx.Rollback() 17 | dirty, err := fn(tx) 18 | if err != nil { 19 | _ = tx.Rollback() 20 | return err 21 | } 22 | if !dirty { 23 | - return nil 24 | + return tx.Rollback() 25 | } 26 | return tx.Commit() 27 | } 28 | -------------------------------------------------------------------------------- /v2raya/patches/100-compat-v5.patch: -------------------------------------------------------------------------------- 1 | --- a/core/v2ray/process.go 2 | +++ b/core/v2ray/process.go 3 | @@ -226,6 +226,7 @@ func StartCoreProcess(ctx context.Contex 4 | dir := path.Dir(v2rayBinPath) 5 | var arguments = []string{ 6 | v2rayBinPath, 7 | + "run", 8 | "--config=" + asset.GetV2rayConfigPath(), 9 | } 10 | if confdir := asset.GetV2rayConfigDirPath(); confdir != "" { 11 | --- a/core/v2ray/where/where.go 12 | +++ b/core/v2ray/where/where.go 13 | @@ -41,7 +41,7 @@ func GetV2rayServiceVersion() (variant V 14 | if err != nil || len(v2rayPath) <= 0 { 15 | return Unknown, "", fmt.Errorf("cannot find v2ray executable binary") 16 | } 17 | - out, err := exec.Command(v2rayPath, "-version").Output() 18 | + out, err := exec.Command(v2rayPath, "version").Output() 19 | var fields []string 20 | if fields = strings.Fields(strings.TrimSpace(string(out))); len(fields) < 2 { 21 | return Unknown, "", fmt.Errorf("cannot parse version of v2ray") 22 | -------------------------------------------------------------------------------- /xray-core/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=xray-core 4 | PKG_VERSION:=1.8.3 5 | PKG_RELEASE:=1 6 | 7 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 8 | PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)? 9 | PKG_HASH:=bdfa65c15cd25f931745d9c70c753503db5d119ff11960ca7b3a2e19c4b0a8d1 10 | 11 | PKG_MAINTAINER:=Tianling Shen 12 | PKG_LICENSE:=MPL-2.0 13 | PKG_LICENSE_FILES:=LICENSE 14 | 15 | PKG_BUILD_DIR:=$(BUILD_DIR)/Xray-core-$(PKG_VERSION) 16 | PKG_BUILD_DEPENDS:=golang/host 17 | PKG_BUILD_PARALLEL:=1 18 | PKG_USE_MIPS16:=0 19 | 20 | GO_PKG:=github.com/xtls/xray-core 21 | GO_PKG_LDFLAGS:=-s -w 22 | GO_PKG_BUILD_PKG:=$(GO_PKG)/main 23 | GO_PKG_LDFLAGS_X:= \ 24 | $(GO_PKG)/core.build=OpenWrt \ 25 | $(GO_PKG)/core.version=$(PKG_VERSION) 26 | 27 | include $(INCLUDE_DIR)/package.mk 28 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 29 | 30 | define Package/xray-core 31 | TITLE:=A platform for building proxies to bypass network restrictions 32 | SECTION:=net 33 | CATEGORY:=Network 34 | URL:=https://xtls.github.io 35 | DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle 36 | endef 37 | 38 | define Package/xray-core/description 39 | Xray, Penetrates Everything. It helps you to build your own computer network. 40 | It secures your network connections and thus protects your privacy. 41 | endef 42 | 43 | define Package/xray-core/install 44 | $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) 45 | $(INSTALL_DIR) $(1)/usr/bin/ 46 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/main $(1)/usr/bin/xray 47 | endef 48 | 49 | $(eval $(call BuildPackage,xray-core)) 50 | -------------------------------------------------------------------------------- /xray-plugin/Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright (C) 2022 ImmortalWrt.org 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=xray-plugin 8 | PKG_VERSION:=1.8.3 9 | PKG_RELEASE:=1 10 | 11 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 12 | PKG_SOURCE_URL:=https://codeload.github.com/teddysun/xray-plugin/tar.gz/v$(PKG_VERSION)? 13 | PKG_HASH:=78c9c7f3e049d555b68914b545224cb9fd8253b75fe797a62a54b6e9af0bf870 14 | 15 | PKG_LICENSE:=MIT 16 | PKG_LICENSE_FILES:=LICENSE 17 | PKG_MAINTAINER:=Tianling Shen 18 | 19 | PKG_BUILD_DEPENDS:=golang/host 20 | PKG_BUILD_PARALLEL:=1 21 | PKG_USE_MIPS16:=0 22 | 23 | GO_PKG:=github.com/teddysun/xray-plugin 24 | 25 | include $(INCLUDE_DIR)/package.mk 26 | include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk 27 | 28 | define Package/xray-plugin 29 | SECTION:=net 30 | CATEGORY:=Network 31 | SUBMENU:=Web Servers/Proxies 32 | TITLE:=SIP003 plugin for Shadowsocks, based on Xray 33 | URL:=https://github.com/teddysun/xray-plugin 34 | DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle 35 | endef 36 | 37 | $(eval $(call GoBinPackage,xray-plugin)) 38 | $(eval $(call BuildPackage,xray-plugin)) 39 | --------------------------------------------------------------------------------