3 | #
4 | # This is free software, licensed under the Apache License, Version 2.0 .
5 | #
6 |
7 | include $(TOPDIR)/rules.mk
8 |
9 | LUCI_TITLE:=LuCI for Aliddns
10 | LUCI_DEPENDS:=+wget +openssl-util
11 | LUCI_PKGARCH:=all
12 | PKG_VERSION:=1.0
13 | PKG_RELEASE:=1
14 |
15 | include $(TOPDIR)/feeds/luci/luci.mk
16 |
17 | # call BuildPackage - OpenWrt buildroot signature
18 |
19 |
20 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/root/etc/uci-defaults/ssrpro:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | uci -q batch <<-EOF >/dev/null
4 | delete ucitrack.@ssrpro[-1]
5 | add ucitrack ssrpro
6 | set ucitrack.@ssrpro[-1].init=ssrpro
7 | commit ucitrack
8 | delete firewall.ssrpro
9 | set firewall.ssrpro=include
10 | set firewall.ssrpro.type=script
11 | set firewall.ssrpro.path=/etc/ssrpro.include
12 | set firewall.ssrpro.reload=1
13 | commit firewall
14 | EOF
15 |
16 | /etc/init.d/ssrpro stop
17 | /etc/init.d/ssrpro enable
18 |
19 | rm -f /tmp/luci-indexcache
20 | exit 0
21 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/uci-defaults/v2raypro:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | uci -q batch <<-EOF >/dev/null
4 | delete ucitrack.@v2raypro[-1]
5 | add ucitrack v2raypro
6 | set ucitrack.@v2raypro[-1].init=v2raypro
7 | commit ucitrack
8 | delete firewall.v2raypro
9 | set firewall.v2raypro=include
10 | set firewall.v2raypro.type=script
11 | set firewall.v2raypro.path=/etc/v2raypro.include
12 | set firewall.v2raypro.reload=1
13 | commit firewall
14 | EOF
15 |
16 | /etc/init.d/v2raypro stop
17 | /etc/init.d/v2raypro enable
18 |
19 | rm -f /tmp/luci-indexcache
20 | exit 0
21 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/Makefile:
--------------------------------------------------------------------------------
1 | # Copyright (C) 2016 Openwrt.org
2 | #
3 | # This is free software, licensed under the Apache License, Version 2.0 .
4 | #
5 |
6 | include $(TOPDIR)/rules.mk
7 |
8 | LUCI_TITLE:=LuCI support for V2Ray
9 | LUCI_DEPENDS:=+iptables-mod-tproxy +kmod-ipt-tproxy +ip +ipset-lists +pdnsd-alt +coreutils +coreutils-base64 +coreutils-nohup +dnsmasq-full +v2ray +ca-certificates +lua-cjson
10 | LUCI_PKGARCH:=all
11 | PKG_VERSION:=1.0
12 | PKG_RELEASE:=11
13 |
14 | include $(TOPDIR)/feeds/luci/luci.mk
15 |
16 | # call BuildPackage - OpenWrt buildroot signature
17 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | uci -q batch <<-EOF >/dev/null
4 | delete ucitrack.@shadowsocksr[-1]
5 | add ucitrack shadowsocksr
6 | set ucitrack.@shadowsocksr[-1].init=shadowsocksr
7 | commit ucitrack
8 | delete firewall.shadowsocksr
9 | set firewall.shadowsocksr=include
10 | set firewall.shadowsocksr.type=script
11 | set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
12 | set firewall.shadowsocksr.reload=1
13 | commit firewall
14 | EOF
15 |
16 | /usr/share/shadowsocksr/gfw2ipset.sh
17 | rm -f /tmp/luci-indexcache
18 | exit 0
19 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/v2ray/up-gfwlist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | /etc/v2ray/gen-gfwlist.sh > /tmp/ol-gfw.txt
4 |
5 | if [ -s "/tmp/ol-gfw.txt" ];then
6 | sort -u /etc/v2ray/base-gfwlist.txt /tmp/ol-gfw.txt > /tmp/china-banned
7 | if ( ! cmp -s /tmp/china-banned /etc/gfwlist/china-banned );then
8 | if [ -s "/tmp/china-banned" ];then
9 | mv /tmp/china-banned /etc/gfwlist/china-banned
10 | echo "Update GFW-List Done!"
11 | fi
12 | else
13 | echo "GFW-List No Change!"
14 | fi
15 | fi
16 |
17 | rm -f /tmp/gfwlist.txt
18 | rm -f /tmp/ol-gfw.txt
19 |
20 | /etc/init.d/v2raypro restart
21 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/Makefile:
--------------------------------------------------------------------------------
1 | # Copyright (C) 2016 Openwrt.org
2 | #
3 | # This is free software, licensed under the Apache License, Version 2.0 .
4 | #
5 |
6 | include $(TOPDIR)/rules.mk
7 |
8 | LUCI_TITLE:=LuCI support for SSR Pro
9 | LUCI_DEPENDS:=+iptables-mod-tproxy +kmod-ipt-tproxy +ip +ipset-lists +shadowsocksr-libev-alt +shadowsocks-libev-ss-redir +pdnsd-alt +coreutils +coreutils-base64 +coreutils-nohup +dnsmasq-full
10 | LUCI_PKGARCH:=all
11 | PKG_VERSION:=2
12 | PKG_RELEASE:=32
13 |
14 | include $(TOPDIR)/feeds/luci/luci.mk
15 |
16 | # call BuildPackage - OpenWrt buildroot signature
17 |
18 |
19 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/luasrc/controller/ssrpro.lua:
--------------------------------------------------------------------------------
1 | module("luci.controller.ssrpro", package.seeall)
2 | function index()
3 | if not nixio.fs.access("/etc/config/ssrpro") then
4 | return
5 | end
6 | local page
7 | page = entry({"admin", "services", "ssrpro"}, cbi("ssrpro"), _("ShadowsocksR Pro"))
8 | page.dependent = true
9 | entry({"admin","services","ssrpro","status"},call("act_status")).leaf=true
10 | end
11 |
12 | function act_status()
13 | local e={}
14 | e.running=luci.sys.call("pgrep ssr-redir >/dev/null")==0
15 | luci.http.prepare_content("application/json")
16 | luci.http.write_json(e)
17 | end
18 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/root/etc/shadowsocksr/up-gfwlist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | /etc/shadowsocksr/gen-gfwlist.sh > /tmp/ol-gfw.txt
4 |
5 | if [ -s "/tmp/ol-gfw.txt" ];then
6 | sort -u /etc/shadowsocksr/base-gfwlist.txt /tmp/ol-gfw.txt > /tmp/china-banned
7 | if ( ! cmp -s /tmp/china-banned /etc/gfwlist/china-banned );then
8 | if [ -s "/tmp/china-banned" ];then
9 | mv /tmp/china-banned /etc/gfwlist/china-banned
10 | echo "Update GFW-List Done!"
11 | fi
12 | else
13 | echo "GFW-List No Change!"
14 | fi
15 | fi
16 |
17 | rm -f /tmp/gfwlist.txt
18 | rm -f /tmp/ol-gfw.txt
19 |
20 | /etc/init.d/ssrpro restart
21 |
22 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/luasrc/controller/v2raypro.lua:
--------------------------------------------------------------------------------
1 | module("luci.controller.v2raypro", package.seeall)
2 | function index()
3 | if not nixio.fs.access("/etc/config/v2raypro") then
4 | return
5 | end
6 | local page
7 | page = entry({"admin", "services", "v2raypro"}, cbi("v2raypro"), _("V2Ray Pro"))
8 | page.dependent = true
9 | entry({"admin","services","v2raypro","status"},call("act_status")).leaf=true
10 | end
11 |
12 | function act_status()
13 | local e={}
14 | e.running=luci.sys.call("pgrep v2ray >/dev/null")==0
15 | luci.http.prepare_content("application/json")
16 | luci.http.write_json(e)
17 | end
18 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/list.lua:
--------------------------------------------------------------------------------
1 | local fs = require "nixio.fs"
2 | local conffile = "/etc/config/gfw.list"
3 |
4 | f = SimpleForm("custom", translate("GFW Custom List"), translate("Please refer to the following writing"))
5 |
6 | t = f:field(TextValue, "conf")
7 | t.rmempty = true
8 | t.rows = 13
9 | function t.cfgvalue()
10 | return fs.readfile(conffile) or ""
11 | end
12 |
13 | function f.handle(self, state, data)
14 | if state == FORM_VALID then
15 | if data.conf then
16 | fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
17 | luci.sys.call("/usr/share/shadowsocksr/gfw2ipset.sh && /etc/init.d/dnsmasq restart")
18 | end
19 | end
20 | return true
21 | end
22 |
23 | return f
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/luasrc/view/v2raypro/v2raypro_status.htm:
--------------------------------------------------------------------------------
1 |
17 |
18 |
23 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/luasrc/view/ssrpro/ssrpro_status.htm:
--------------------------------------------------------------------------------
1 |
17 |
18 |
23 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm:
--------------------------------------------------------------------------------
1 |
17 |
18 |
23 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/v2ray/v2ray-watchdog:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
4 | #GOOGLE=$(ping -4 www.gstatic.com -c 1 -w 5| sed '1{s/[^(]*(//;s/).*//;q}')
5 |
6 | #iptables -t nat -I OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
7 |
8 | #sleep 3
9 |
10 | /usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.gstatic.com/generate_204
11 |
12 | if [ "$?" == "0" ]; then
13 | echo '['$LOGTIME'] V2Ray No Problem.'
14 | else
15 | /usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.baidu.com
16 | if [ "$?" == "0" ]; then
17 | echo '['$LOGTIME'] Problem decteted, restarting V2Ray...'
18 | /etc/init.d/v2raypro restart
19 | else
20 | echo '['$LOGTIME'] Network Problem. Do nothing.'
21 | fi
22 | fi
23 |
24 | #sleep 3
25 |
26 | #iptables -t nat -D OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
27 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/config/v2raypro:
--------------------------------------------------------------------------------
1 |
2 | config v2raypro 'v2raypro'
3 | option gfwlist 'china-banned'
4 | option proxy_mode 'M'
5 | option safe_dns_tcp '1'
6 | option cron_mode '1'
7 | option address '4.4.4.4'
8 | option port '443'
9 | option id '00755892-0921-4433-bd92-04242abd92af'
10 | option alterId '64'
11 | option security 'aes-128-gcm'
12 | option network_type 'tcp'
13 | option tcp_obfs 'none'
14 | option tls '0'
15 | option mux '0'
16 | option raddress '4.4.4.4'
17 | option rport '455'
18 | option ralterId '64'
19 | option rsecurity 'none'
20 | option rnetwork_type 'tcp'
21 | option rtcp_obfs 'none'
22 | option rtls '0'
23 | option rmux '0'
24 | option rid '00755892-0921-4433-bd92-04242abd92af'
25 | option enabled '1'
26 | option renable '1'
27 | option rdomain 'abcd.com'
28 | option renabled '0'
29 | option risen '0'
30 | option rserver_domain 'abc.com'
31 |
32 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm:
--------------------------------------------------------------------------------
1 | <%+cbi/valueheader%>
2 |
3 |
31 |
32 | <%=self.value%>
33 |
34 |
35 |
36 | <%+cbi/valuefooter%>
--------------------------------------------------------------------------------
/luci-app-ssr-pro/root/etc/shadowsocksr/ssr-watchdog:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
4 | #GOOGLE=$(ping -4 www.gstatic.com -c 1 -w 5| sed '1{s/[^(]*(//;s/).*//;q}')
5 |
6 | #iptables -t nat -I OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
7 |
8 | #sleep 3
9 |
10 | /usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.gstatic.com/generate_204
11 |
12 | if [ "$?" == "0" ]; then
13 | echo '['$LOGTIME'] ShadowsocksR No Problem.'
14 | else
15 | /usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.baidu.com
16 | if [ "$?" == "0" ]; then
17 | echo '['$LOGTIME'] Problem decteted, restarting ShadowsocksR...'
18 | /etc/init.d/ssrpro restart
19 | else
20 | echo '['$LOGTIME'] Network Problem. Do nothing.'
21 | fi
22 | fi
23 |
24 | #sleep 3
25 |
26 | #iptables -t nat -D OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | chnroute_data=$(wget -O- -t 3 -T 3 http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest)
4 | [ $? -eq 0 ] && {
5 | echo "$chnroute_data" | grep ipv4 | grep CN | awk -F\| '{ printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt
6 | }
7 |
8 | if [ -s "/tmp/china_ssr.txt" ];then
9 | if ( ! cmp -s /tmp/china_ssr.txt /etc/china_ssr.txt );then
10 | mv /tmp/china_ssr.txt /etc/china_ssr.txt
11 | fi
12 | fi
13 |
14 | /usr/share/shadowsocksr/chinaipset.sh
15 |
16 | wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfw.b64
17 | /usr/bin/ssr-gfw
18 |
19 | if [ -s "/tmp/gfwnew.txt" ];then
20 | if ( ! cmp -s /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf );then
21 | mv /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf
22 | echo "copy"
23 | fi
24 | fi
25 |
26 | /etc/init.d/shadowsocksr restart
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/etc/config/gfw.list:
--------------------------------------------------------------------------------
1 | 91smartyun.pt
2 | adobe.com
3 | amazonaws.com
4 | ampproject.org
5 | apple.news
6 | aws.amazon.com
7 | azureedge.net
8 | backpackers.com.tw
9 | bitfinex.com
10 | buzzfeed.com
11 | clockwise.ee
12 | cloudfront.net
13 | coindesk.com
14 | coinsquare.io
15 | cryptocompare.com
16 | dropboxstatic.com
17 | eurecom.fr
18 | gdax.com
19 | github.com
20 | kknews.cc
21 | nutaq.com
22 | openairinterface.org
23 | skype.com
24 | sublimetext.com
25 | textnow.com
26 | textnow.me
27 | trouter.io
28 | uploaded.net
29 | whatsapp.com
30 | whatsapp.net
31 | wsj.net
32 | google.com
33 | google.com.hk
34 | gstatic.com
35 | googleusercontent.com
36 | googlepages.com
37 | googlevideo.com
38 | googlecode.com
39 | googleapis.com
40 | googlesource.com
41 | googledrive.com
42 | ggpht.com
43 | youtube.com
44 | youtu.be
45 | ytimg.com
46 | twitter.com
47 | facebook.com
48 | fastly.net
49 | akamai.net
50 | akamaiedge.net
51 | akamaihd.net
52 | edgesuite.net
53 | edgekey.net
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/etc/config/shadowsocksr:
--------------------------------------------------------------------------------
1 |
2 | config global
3 | option tunnel_forward '8.8.4.4:53'
4 | option tunnel_address '0.0.0.0'
5 | option run_mode 'gfw'
6 | option pdnsd_enable '1'
7 | option monitor_enable '1'
8 | option global_server 'nil'
9 | option enable_switch '1'
10 | option switch_timeout '5'
11 | option switch_time '667'
12 |
13 | config socks5_proxy
14 | option server 'nil'
15 | option local_port '1080'
16 | option local_address '0.0.0.0'
17 |
18 | config access_control
19 | option wan_bp_list '/etc/china_ssr.txt'
20 | option lan_ac_mode 'b'
21 | option router_proxy '1'
22 | list wan_fw_ips '149.154.160.0/20'
23 | list wan_fw_ips '67.198.55.0/24'
24 | list wan_fw_ips '91.108.4.0/22'
25 | list wan_fw_ips '91.108.56.0/22'
26 | list wan_fw_ips '109.239.140.0/24'
27 |
28 | config server_global
29 | option enable_server '0'
30 |
31 | config server_subscribe
32 | option proxy '0'
33 | option auto_update_time '2'
34 | option auto_update '1'
35 |
36 |
37 |
38 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm:
--------------------------------------------------------------------------------
1 | <%+cbi/valueheader%>
2 |
3 |
33 |
34 |
35 |
36 | <%=self.value%>
37 |
38 | <%+cbi/valuefooter%>
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/v2ray/gen-gfwlist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh -e
2 |
3 | generate_china_banned()
4 | {
5 | if [ ! -f /tmp/gfwlist.txt ]; then
6 | wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfwlist.b64 >&2
7 | cat /tmp/gfwlist.b64 | base64 -d > /tmp/gfwlist.txt
8 | rm -f /tmp/gfwlist.b64
9 | fi
10 |
11 | cat /tmp/gfwlist.txt | sort -u |
12 | sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
13 | sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
14 | sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
15 | grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
16 | awk '
17 | BEGIN { prev = "________"; } {
18 | cur = $0;
19 | if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
20 | } else {
21 | print cur;
22 | prev = cur;
23 | }
24 | }' | sort -u
25 |
26 | }
27 |
28 |
29 | generate_china_banned
30 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/root/etc/shadowsocksr/gen-gfwlist.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh -e
2 |
3 | generate_china_banned()
4 | {
5 | if [ ! -f /tmp/gfwlist.txt ]; then
6 | wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfwlist.b64 >&2
7 | cat /tmp/gfwlist.b64 | base64 -d > /tmp/gfwlist.txt
8 | rm -f /tmp/gfwlist.b64
9 | fi
10 |
11 | cat /tmp/gfwlist.txt | sort -u |
12 | sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
13 | sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
14 | sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
15 | grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
16 | awk '
17 | BEGIN { prev = "________"; } {
18 | cur = $0;
19 | if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
20 | } else {
21 | print cur;
22 | prev = cur;
23 | }
24 | }' | sort -u
25 |
26 | }
27 |
28 |
29 | generate_china_banned
30 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/bin/ssr-gfw:
--------------------------------------------------------------------------------
1 | #!/bin/sh -e
2 |
3 | generate_china_banned()
4 | {
5 |
6 | cat $1 | base64 -d > /tmp/gfwlist.txt
7 | rm -f $1
8 | sed -i '/^@@|/d' /tmp/gfwlist.txt
9 |
10 | cat /tmp/gfwlist.txt | sort -u |
11 | sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
12 | sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
13 | sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
14 | grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
15 | awk '
16 | BEGIN { prev = "________"; } {
17 | cur = $0;
18 | if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
19 | } else {
20 | print cur;
21 | prev = cur;
22 | }
23 | }' | sort -u
24 |
25 | }
26 |
27 | generate_china_banned /tmp/gfw.b64 > /tmp/gfw.txt
28 | rm -f /tmp/gfwlist.txt
29 | sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt
30 | rm -f /tmp/gfw.txt
31 |
32 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm:
--------------------------------------------------------------------------------
1 | <%+cbi/valueheader%>
2 |
3 |
39 |
40 |
41 |
42 | <%=self.value%>
43 |
44 | <%+cbi/valuefooter%>
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua:
--------------------------------------------------------------------------------
1 | local m, s, o
2 |
3 | m = Map("shadowsocksr", translate("IP black-and-white list"))
4 |
5 | s = m:section(TypedSection, "access_control")
6 | s.anonymous = true
7 |
8 | -- Part of WAN
9 | s:tab("wan_ac", translate("WAN IP AC"))
10 |
11 | o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("WAN White List IP"))
12 | o.datatype = "ip4addr"
13 |
14 | o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("WAN Force Proxy IP"))
15 | o.datatype = "ip4addr"
16 |
17 | -- Part of LAN
18 | s:tab("lan_ac", translate("LAN IP AC"))
19 |
20 | o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Bypassed Host List"))
21 | o.datatype = "ipaddr"
22 | luci.ip.neighbors({ family = 4 }, function(entry)
23 | if entry.reachable then
24 | o:value(entry.dest:string())
25 | end
26 | end)
27 |
28 | o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List"))
29 | o.datatype = "ipaddr"
30 | luci.ip.neighbors({ family = 4 }, function(entry)
31 | if entry.reachable then
32 | o:value(entry.dest:string())
33 | end
34 | end)
35 |
36 | o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List"))
37 | o.datatype = "ipaddr"
38 | luci.ip.neighbors({ family = 4 }, function(entry)
39 | if entry.reachable then
40 | o:value(entry.dest:string())
41 | end
42 | end)
43 |
44 | -- Part of Self
45 | -- s:tab("self_ac", translate("Router Self AC"))
46 | -- o = s:taboption("self_ac",ListValue, "router_proxy", translate("Router Self Proxy"))
47 | -- o:value("1", translatef("Normal Proxy"))
48 | -- o:value("0", translatef("Bypassed Proxy"))
49 | -- o:value("2", translatef("Forwarded Proxy"))
50 | -- o.rmempty = false
51 |
52 | return m
--------------------------------------------------------------------------------
/luci-app-aliddns/luasrc/model/cbi/aliddns.lua:
--------------------------------------------------------------------------------
1 | local a=require"luci.sys"
2 | local e=luci.model.uci.cursor()
3 | local e=require"nixio.fs"
4 | require("luci.sys")
5 | local t,e,o
6 | local m,s
7 | t=Map("aliddns",translate("阿里DDNS客户端"),translate("基于阿里云解析的私人DDNS解决方案"))
8 |
9 | e=t:section(TypedSection,"base")
10 | e.anonymous=true
11 |
12 | e:tab("basic", translate("设置"))
13 |
14 | enable=e:taboption("basic",Flag,"enable",translate("开启"),translate("开启或关闭aliddns动态域名"))
15 | enable.rmempty=false
16 | token=e:taboption("basic",Value,"app_key",translate("APP KEY"))
17 | email=e:taboption("basic",Value,"app_secret",translate("APP SECRET"))
18 | iface=e:taboption("basic",ListValue,"interface",translate("选择外网接口"),translate("限定要动态aliddns的外网接口,如pppoe-wan"))
19 | iface:value("",translate("选择要动态更新的外网接口"))
20 | for t,e in ipairs(a.net.devices())do
21 | if e~="lo"then iface:value(e)end
22 | end
23 | iface.rmempty=false
24 | main=e:taboption("basic",Value,"main_domain",translate("主域名"),"想要解析的主域名,例如:baidu.com")
25 | main.rmempty=false
26 | sub=e:taboption("basic",Value,"sub_domain",translate("子域名"),"想要解析的子域名,例如:test hehe")
27 | sub.rmempty=false
28 | time=e:taboption("basic",Value,"time",translate("检查时间"),"域名检查时间,单位分钟,范围1-59")
29 | time.rmempty=false
30 |
31 | e:tab("log", translate("更新记录"))
32 | --e=t:section(TypedSection,"base",translate("更新记录"))
33 | e.anonymous=true
34 | local a="/var/log/aliddns.log"
35 | tvlog=e:taboption("log",TextValue,"sylogtext")
36 | tvlog.rows=14
37 | tvlog.readonly="readonly"
38 | tvlog.wrap="off"
39 | function tvlog.cfgvalue(e,e)
40 | sylogtext=""
41 | if a and nixio.fs.access(a)then
42 | sylogtext=luci.sys.exec("tail -n 100 %s"%a)
43 | end
44 | return sylogtext
45 | end
46 | tvlog.write=function(e,e,e)
47 | end
48 | local e=luci.http.formvalue("cbi.apply")
49 | if e then
50 | io.popen("/etc/init.d/aliddns restart")
51 | end
52 | return t
53 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua:
--------------------------------------------------------------------------------
1 | local shadowsocksr = "shadowsocksr"
2 | local uci = luci.model.uci.cursor()
3 | local server_table = {}
4 |
5 | uci:foreach(shadowsocksr, "servers", function(s)
6 | if s.alias then
7 | server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias}
8 | elseif s.server and s.server_port then
9 | server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port}
10 | end
11 | end)
12 |
13 | local key_table = {}
14 | for key,_ in pairs(server_table) do
15 | table.insert(key_table,key)
16 | end
17 |
18 | table.sort(key_table)
19 |
20 | m = Map(shadowsocksr)
21 |
22 | s = m:section(TypedSection, "global", translate("Server failsafe auto swith settings"))
23 | s.anonymous = true
24 |
25 | o = s:option(Flag, "monitor_enable", translate("Enable Process Deamon"))
26 | o.rmempty = false
27 |
28 | o = s:option(Flag, "enable_switch", translate("Enable Auto Switch"))
29 | o.rmempty = false
30 |
31 | o = s:option(Value, "switch_time", translate("Switch check cycly(second)"))
32 | o.datatype = "uinteger"
33 | o:depends("enable_switch", "1")
34 | o.default = 3600
35 |
36 | o = s:option(Value, "switch_timeout", translate("Check timout(second)"))
37 | o.datatype = "uinteger"
38 | o:depends("enable_switch", "1")
39 | o.default = 5
40 |
41 | -- [[ SOCKS5 Proxy ]]--
42 | if nixio.fs.access("/usr/bin/ssr-local") then
43 | s = m:section(TypedSection, "socks5_proxy", translate("SOCKS5 Proxy"))
44 | s.anonymous = true
45 |
46 | o = s:option(ListValue, "server", translate("Server"))
47 | o:value("nil", translate("Disable"))
48 | for _,key in pairs(key_table) do o:value(key,server_table[key]) end
49 | o.default = "nil"
50 | o.rmempty = false
51 |
52 | o = s:option(Value, "local_port", translate("Local Port"))
53 | o.datatype = "port"
54 | o.default = 1080
55 | o.rmempty = false
56 |
57 | end
58 |
59 | return m
60 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua:
--------------------------------------------------------------------------------
1 | -- Copyright (C) 2017 yushi studio
2 | -- Licensed to the public under the GNU General Public License v3.
3 |
4 | local m, s, o
5 | local shadowsocksr = "shadowsocksr"
6 | local sid = arg[1]
7 |
8 | local encrypt_methods = {
9 | "rc4-md5",
10 | "rc4-md5-6",
11 | "rc4",
12 | "table",
13 | "aes-128-cfb",
14 | "aes-192-cfb",
15 | "aes-256-cfb",
16 | "aes-128-ctr",
17 | "aes-192-ctr",
18 | "aes-256-ctr",
19 | "bf-cfb",
20 | "camellia-128-cfb",
21 | "camellia-192-cfb",
22 | "camellia-256-cfb",
23 | "cast5-cfb",
24 | "des-cfb",
25 | "idea-cfb",
26 | "rc2-cfb",
27 | "seed-cfb",
28 | "salsa20",
29 | "chacha20",
30 | "chacha20-ietf",
31 | }
32 |
33 | local protocol = {
34 | "origin",
35 | }
36 |
37 | obfs = {
38 | "plain",
39 | "http_simple",
40 | "http_post",
41 | }
42 |
43 | m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
44 |
45 | m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/server")
46 | if m.uci:get(shadowsocksr, sid) ~= "server_config" then
47 | luci.http.redirect(m.redirect)
48 | return
49 | end
50 |
51 |
52 |
53 |
54 | -- [[ Server Setting ]]--
55 | s = m:section(NamedSection, sid, "server_config")
56 | s.anonymous = true
57 | s.addremove = false
58 |
59 | o = s:option(Flag, "enable", translate("Enable"))
60 | o.default = 1
61 | o.rmempty = false
62 |
63 | o = s:option(Value, "server_port", translate("Server Port"))
64 | o.datatype = "port"
65 | o.default = 8388
66 | o.rmempty = false
67 |
68 | o = s:option(Value, "timeout", translate("Connection Timeout"))
69 | o.datatype = "uinteger"
70 | o.default = 60
71 | o.rmempty = false
72 |
73 | o = s:option(Value, "password", translate("Password"))
74 | o.password = true
75 | o.rmempty = false
76 |
77 | o = s:option(ListValue, "encrypt_method", translate("Encrypt Method"))
78 | for _, v in ipairs(encrypt_methods) do o:value(v) end
79 | o.rmempty = false
80 |
81 | o = s:option(ListValue, "protocol", translate("Protocol"))
82 | for _, v in ipairs(protocol) do o:value(v) end
83 | o.rmempty = false
84 |
85 |
86 | o = s:option(ListValue, "obfs", translate("Obfs"))
87 | for _, v in ipairs(obfs) do o:value(v) end
88 | o.rmempty = false
89 |
90 | o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
91 |
92 | o = s:option(Flag, "fast_open", translate("TCP Fast Open"))
93 | o.rmempty = false
94 |
95 | return m
96 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/Makefile:
--------------------------------------------------------------------------------
1 | include $(TOPDIR)/rules.mk
2 |
3 | PKG_NAME:=luci-app-ssr-plus
4 | PKG_VERSION:=1
5 | PKG_RELEASE:=100
6 |
7 | PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks \
8 | CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
9 | CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \
10 | CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server \
11 | CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks
12 |
13 | include $(INCLUDE_DIR)/package.mk
14 |
15 | define Package/$(PKG_NAME)/config
16 | config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks
17 | bool "Include Shadowsocks New Version"
18 | default n
19 |
20 | config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray
21 | bool "Include V2ray"
22 | default n
23 |
24 | config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun
25 | bool "Include Kcptun"
26 | default n
27 |
28 | config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server
29 | bool "Include ShadowsocksR Server"
30 | default n
31 |
32 | config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks
33 | bool "Include ShadowsocksR Socks and Tunnel"
34 | default n
35 | endef
36 |
37 | define Package/luci-app-ssr-plus
38 | SECTION:=luci
39 | CATEGORY:=LuCI
40 | SUBMENU:=3. Applications
41 | TITLE:=SS/SSR/V2Ray LuCI interface
42 | PKGARCH:=all
43 | DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +bash +pdnsd-alt +wget \
44 | +PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks:shadowsocks-libev-ss-redir \
45 | +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \
46 | +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \
47 | +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server \
48 | +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Socks:shadowsocksr-libev-ssr-local
49 | endef
50 |
51 | define Build/Prepare
52 | endef
53 |
54 | define Build/Compile
55 | endef
56 |
57 | define Package/luci-app-ssr-plus/install
58 | $(INSTALL_DIR) $(1)/usr/lib/lua/luci
59 | cp -pR ./luasrc/* $(1)/usr/lib/lua/luci
60 | $(INSTALL_DIR) $(1)/
61 | cp -pR ./root/* $(1)/
62 | $(INSTALL_DIR) $(1)/usr/lib/lua/luci/i18n
63 | po2lmo ./po/zh-cn/ssr-plus.po $(1)/usr/lib/lua/luci/i18n/ssr-plus.zh-cn.lmo
64 | endef
65 |
66 | define Package/luci-app-ssr-plus/postinst
67 | #!/bin/sh
68 | if [ -z "$${IPKG_INSTROOT}" ]; then
69 | ( . /etc/uci-defaults/luci-ssr-plus ) && rm -f /etc/uci-defaults/luci-ssr-plus
70 | rm -f /tmp/luci-indexcache
71 | chmod 755 /etc/init.d/shadowsocksr >/dev/null 2>&1
72 | /etc/init.d/shadowsocksr enable >/dev/null 2>&1
73 | fi
74 | exit 0
75 | endef
76 |
77 | define Package/luci-app-ssr-plus/prerm
78 | #!/bin/sh
79 | if [ -z "$${IPKG_INSTROOT}" ]; then
80 | /etc/init.d/shadowsocksr disable
81 | /etc/init.d/shadowsocksr stop
82 | fi
83 | exit 0
84 | endef
85 |
86 | $(eval $(call BuildPackage,luci-app-ssr-plus))
87 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua:
--------------------------------------------------------------------------------
1 | -- Copyright (C) 2017 yushi studio
2 | -- Licensed to the public under the GNU General Public License v3.
3 |
4 | local m, sec, o
5 | local shadowsocksr = "shadowsocksr"
6 | local uci = luci.model.uci.cursor()
7 | local ipkg = require("luci.model.ipkg")
8 |
9 |
10 | m = Map(shadowsocksr, translate("ShadowSocksR Server"))
11 |
12 | local encrypt_methods = {
13 | "table",
14 | "rc4",
15 | "rc4-md5",
16 | "rc4-md5-6",
17 | "aes-128-cfb",
18 | "aes-192-cfb",
19 | "aes-256-cfb",
20 | "aes-128-ctr",
21 | "aes-192-ctr",
22 | "aes-256-ctr",
23 | "bf-cfb",
24 | "camellia-128-cfb",
25 | "camellia-192-cfb",
26 | "camellia-256-cfb",
27 | "cast5-cfb",
28 | "des-cfb",
29 | "idea-cfb",
30 | "rc2-cfb",
31 | "seed-cfb",
32 | "salsa20",
33 | "chacha20",
34 | "chacha20-ietf",
35 | }
36 |
37 | local protocol = {
38 | "origin",
39 | "verify_deflate",
40 | "auth_sha1_v4",
41 | "auth_aes128_sha1",
42 | "auth_aes128_md5",
43 | "auth_chain_a",
44 | }
45 |
46 | obfs = {
47 | "plain",
48 | "http_simple",
49 | "http_post",
50 | "random_head",
51 | "tls1.2_ticket_auth",
52 | "tls1.2_ticket_fastauth",
53 | }
54 |
55 |
56 |
57 |
58 |
59 | -- [[ Global Setting ]]--
60 | sec = m:section(TypedSection, "server_global", translate("Global Setting"))
61 | sec.anonymous = true
62 |
63 |
64 |
65 | o = sec:option(Flag, "enable_server", translate("Enable Server"))
66 | o.rmempty = false
67 |
68 | -- [[ Server Setting ]]--
69 | sec = m:section(TypedSection, "server_config", translate("Server Setting"))
70 | sec.anonymous = true
71 | sec.addremove = true
72 | sec.template = "cbi/tblsection"
73 | sec.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/server/%s")
74 | function sec.create(...)
75 | local sid = TypedSection.create(...)
76 | if sid then
77 | luci.http.redirect(sec.extedit % sid)
78 | return
79 | end
80 | end
81 |
82 | o = sec:option(Flag, "enable", translate("Enable"))
83 | function o.cfgvalue(...)
84 | return Value.cfgvalue(...) or translate("0")
85 | end
86 | o.rmempty = false
87 |
88 | o = sec:option(DummyValue, "server_port", translate("Server Port"))
89 | function o.cfgvalue(...)
90 | return Value.cfgvalue(...) or "?"
91 | end
92 |
93 |
94 | o = sec:option(DummyValue, "encrypt_method", translate("Encrypt Method"))
95 | function o.cfgvalue(...)
96 | local v = Value.cfgvalue(...)
97 | return v and v:upper() or "?"
98 | end
99 |
100 | o = sec:option(DummyValue, "protocol", translate("Protocol"))
101 | function o.cfgvalue(...)
102 | return Value.cfgvalue(...) or "?"
103 | end
104 |
105 |
106 |
107 | o = sec:option(DummyValue, "obfs", translate("Obfs"))
108 | function o.cfgvalue(...)
109 | return Value.cfgvalue(...) or "?"
110 | end
111 |
112 |
113 |
114 | return m
115 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua:
--------------------------------------------------------------------------------
1 | local ucursor = require "luci.model.uci".cursor()
2 | local json = require "luci.jsonc"
3 | local server_section = arg[1]
4 | local proto = arg[2]
5 | local local_port = arg[3]
6 |
7 | local server = ucursor:get_all("shadowsocksr", server_section)
8 |
9 | local v2ray = {
10 | log = {
11 | -- error = "/var/ssrplus.log",
12 | loglevel = "warning"
13 | },
14 | -- 传入连接
15 | inbound = {
16 | port = local_port,
17 | protocol = "dokodemo-door",
18 | settings = {
19 | network = proto,
20 | followRedirect = true
21 | },
22 | sniffing = {
23 | enabled = true,
24 | destOverride = { "http", "tls" }
25 | }
26 | },
27 | -- 传出连接
28 | outbound = {
29 | protocol = "vmess",
30 | settings = {
31 | vnext = {
32 | {
33 | address = server.server,
34 | port = tonumber(server.server_port),
35 | users = {
36 | {
37 | id = server.vmess_id,
38 | alterId = tonumber(server.alter_id),
39 | security = server.security
40 | }
41 | }
42 | }
43 | }
44 | },
45 | -- 底层传输配置
46 | streamSettings = {
47 | network = server.transport,
48 | security = (server.tls == '1') and "tls" or "none",
49 | tlsSettings = {allowInsecure = (server.insecure == "1") and true or false,},
50 | kcpSettings = (server.transport == "kcp") and {
51 | mtu = tonumber(server.mtu),
52 | tti = tonumber(server.tti),
53 | uplinkCapacity = tonumber(server.uplink_capacity),
54 | downlinkCapacity = tonumber(server.downlink_capacity),
55 | congestion = (server.congestion == "1") and true or false,
56 | readBufferSize = tonumber(server.read_buffer_size),
57 | writeBufferSize = tonumber(server.write_buffer_size),
58 | header = {
59 | type = server.kcp_guise
60 | }
61 | } or nil,
62 | wsSettings = (server.transport == "ws") and {
63 | path = server.ws_path,
64 | headers = (server.ws_host ~= nil) and {
65 | Host = server.ws_host
66 | } or nil,
67 | } or nil,
68 | httpSettings = (server.transport == "h2") and {
69 | path = server.h2_path,
70 | host = server.h2_host,
71 | } or nil,
72 | quicSettings = (server.transport == "quic") and {
73 | security = server.quic_security,
74 | key = server.quic_key,
75 | header = {
76 | type = server.quic_guise
77 | }
78 | } or nil
79 | },
80 | mux = {
81 | enabled = (server.mux == "1") and true or false,
82 | concurrency = tonumber(server.concurrency)
83 | }
84 | },
85 |
86 | -- 额外传出连接
87 | outboundDetour = {
88 | {
89 | protocol = "freedom",
90 | tag = "direct",
91 | settings = { keep = "" }
92 | }
93 | }
94 | }
95 | print(json.stringify(v2ray, 1))
96 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua:
--------------------------------------------------------------------------------
1 | -- Licensed to the public under the GNU General Public License v3.
2 |
3 | local m, s, o
4 | local shadowsocksr = "shadowsocksr"
5 |
6 | local uci = luci.model.uci.cursor()
7 | local server_count = 0
8 | uci:foreach("shadowsocksr", "servers", function(s)
9 | server_count = server_count + 1
10 | end)
11 |
12 | m = Map(shadowsocksr, translate("Servers subscription and manage"))
13 |
14 | -- Server Subscribe
15 |
16 | s = m:section(TypedSection, "server_subscribe")
17 | s.anonymous = true
18 |
19 | o = s:option(Flag, "auto_update", translate("Auto Update"))
20 | o.rmempty = false
21 | o.description = translate("Auto Update Server subscription, GFW list and CHN route")
22 |
23 |
24 | o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
25 | for t = 0,23 do
26 | o:value(t, t..":00")
27 | end
28 | o.default=2
29 | o.rmempty = false
30 |
31 | o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL"))
32 | o.rmempty = true
33 |
34 | o = s:option(Flag, "proxy", translate("Through proxy update"))
35 | o.rmempty = false
36 | o.description = translate("Through proxy update list, Not Recommended ")
37 |
38 | o = s:option(Button,"update",translate("Update"))
39 | o.inputstyle = "reload"
40 | o.write = function()
41 | luci.sys.call("bash /usr/share/shadowsocksr/subscribe.sh >>/tmp/ssrplus.log 2>&1")
42 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
43 | end
44 |
45 | o = s:option(Button,"delete",translate("Delete all severs"))
46 | o.inputstyle = "reset"
47 | o.description = string.format(translate("Server Count") .. ": %d", server_count)
48 | o.write = function()
49 | uci:delete_all("shadowsocksr", "servers", function(s) return true end)
50 | uci:save("shadowsocksr")
51 | luci.sys.call("uci commit shadowsocksr && /etc/init.d/shadowsocksr stop")
52 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
53 | end
54 |
55 | -- [[ Servers Manage ]]--
56 | s = m:section(TypedSection, "servers")
57 | s.anonymous = true
58 | s.addremove = true
59 | s.sortable = false
60 | s.template = "cbi/tblsection"
61 | s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s")
62 | function s.create(...)
63 | local sid = TypedSection.create(...)
64 | if sid then
65 | luci.http.redirect(s.extedit % sid)
66 | return
67 | end
68 | end
69 |
70 | o = s:option(DummyValue, "type", translate("Type"))
71 | function o.cfgvalue(...)
72 | return Value.cfgvalue(...) or translate("")
73 | end
74 |
75 | o = s:option(DummyValue, "alias", translate("Alias"))
76 | function o.cfgvalue(...)
77 | return Value.cfgvalue(...) or translate("None")
78 | end
79 |
80 | o = s:option(DummyValue, "server", translate("Server Address"))
81 | function o.cfgvalue(...)
82 | return Value.cfgvalue(...) or "?"
83 | end
84 |
85 | o = s:option(DummyValue, "server_port", translate("Server Port"))
86 | function o.cfgvalue(...)
87 | return Value.cfgvalue(...) or "?"
88 | end
89 |
90 | if nixio.fs.access("/usr/bin/kcptun-client") then
91 |
92 | o = s:option(DummyValue, "kcp_enable", translate("KcpTun"))
93 | function o.cfgvalue(...)
94 | return Value.cfgvalue(...) or "?"
95 | end
96 |
97 | end
98 |
99 | o = s:option(DummyValue, "switch_enable", translate("Auto Switch"))
100 | function o.cfgvalue(...)
101 | return Value.cfgvalue(...) or "0"
102 | end
103 |
104 | return m
105 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/po/zh-cn/ssrpro.po:
--------------------------------------------------------------------------------
1 | msgid "ShadowsocksR is Running"
2 | msgstr "ShadowsocksR 正在运行"
3 |
4 | msgid "ShadowsocksR is Not Running"
5 | msgstr "ShadowsocksR 没有运行"
6 |
7 | msgid "Shadowsocksr Transparent Proxy"
8 | msgstr "ShadowsocksR 透明代理"
9 |
10 | msgid "A fast secure tunnel proxy that help you get through firewalls on your router"
11 | msgstr "一个快速安全隧道代理,帮助您穿过防火墙"
12 |
13 | msgid "Base Setting"
14 | msgstr "基本设置"
15 |
16 | msgid "Proxy Mode"
17 | msgstr "代理模式"
18 |
19 | msgid "Base on GFW-List Auto Proxy Mode(Recommend)"
20 | msgstr "基于GFW-List自动代理(推荐)"
21 |
22 | msgid "Bypassing China Manland IP Mode(Be caution when using P2P download!)"
23 | msgstr "绕过中国大陆IP地址(P2P 下载慎用!)"
24 |
25 | msgid "Global Mode"
26 | msgstr "全局代理"
27 |
28 | msgid "Overseas users watch China video website Mode"
29 | msgstr "海外用户回国看视频"
30 |
31 | msgid "Auto Update GFW-List"
32 | msgstr "自动更新GFW-List"
33 |
34 | msgid "Manually force update GFW-List"
35 | msgstr "手动强制更新GFW-List"
36 |
37 | msgid "DNS uses TCP"
38 | msgstr "启用DNS TCP防污染"
39 |
40 | msgid "Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"
41 | msgstr "往国外的DNS请求将通过服务器中转发出(更安全,推荐)"
42 |
43 | msgid "Server Setting"
44 | msgstr "服务器设置"
45 |
46 | msgid "Server Address"
47 | msgstr "服务器地址(支持域名)"
48 |
49 | msgid "Server Port"
50 | msgstr "服务器端口"
51 |
52 | msgid "Password"
53 | msgstr "密码"
54 |
55 | msgid "Encryption Method"
56 | msgstr "加密"
57 |
58 | msgid "Protocol"
59 | msgstr "协议"
60 |
61 | msgid "Protocol Param"
62 | msgstr "协议参数"
63 |
64 | msgid "Obfs Param"
65 | msgstr "混淆"
66 |
67 | msgid "Plug-in parameters"
68 | msgstr "插件参数"
69 |
70 | msgid "Confusing plug-in parameters"
71 | msgstr "混淆参数"
72 |
73 | msgid "Incorrect use of this parameter will cause IP to be blocked. Please use it with care"
74 | msgstr "不正确的使用参数可能会导致IP被封,请注意使用"
75 |
76 | msgid "User-defined GFW-List"
77 | msgstr "用户自定义GFW-List"
78 |
79 | msgid "
(!)Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying."
80 | msgstr "用户自定义GFW-List将会和自动更新的自动合并。如果要新加入域名马上生效,请应用后点击手动强制更新GFW-List"
81 |
82 | msgid "Status and Tools"
83 | msgstr "状态与工具"
84 |
85 | msgid "Watchdog Log"
86 | msgstr "守护日志"
87 |
88 | msgid "Client Proxy Mode Settings"
89 | msgstr "客户端代理模式设置"
90 |
91 | msgid "Proxy mode settings can be set to specific LAN clients ( No Proxy, Global Proxy, Game Mode) . Does not need to be set by default."
92 | msgstr "可以为局域网客户端分别设置不同的代理模式 ( 不代理, 全局代理, 游戏模式).默认无需设置"
93 |
94 | msgid "GFW-List Add-in IP"
95 | msgstr "GFW-List附加IP"
96 |
97 | msgid "
(!)Note: IP add-in to GFW-List. Such as Telegram Messenger"
98 | msgstr "
(!)注意:有些应用使用IP而不是域名,例如 Telegram Messenger ,您需要把IP地址加入这里"
99 |
100 | msgid "No Proxy"
101 | msgstr "不代理"
102 |
103 | msgid "Global Proxy"
104 | msgstr "全局代理"
105 |
106 | msgid "Game Mode"
107 | msgstr "游戏模式"
108 |
109 | msgid "Using SS instead of SSR"
110 | msgstr "使用SS新版代替SSR"
111 |
112 | msgid "Using incorrect encryption mothod may causes service fail to start"
113 | msgstr "设置不正确的加密方法可能会导致SS/SSR服务无法启动"
114 |
115 | msgid "Shadowsocks New Vesion"
116 | msgstr "Shadowsocks 原版(支持新增协议)"
117 |
118 | msgid "Tool Select"
119 | msgstr "SS/SSR 版本选择"
120 |
121 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/po/zh-cn/v2raypro.po:
--------------------------------------------------------------------------------
1 | msgid "V2Ray is Running"
2 | msgstr "V2Ray 正在运行"
3 |
4 | msgid "V2Ray is Not Running"
5 | msgstr "V2Ray 没有运行"
6 |
7 | msgid "V2Ray Transparent Proxy"
8 | msgstr "V2Ray 透明代理"
9 |
10 | msgid "A fast secure tunnel proxy that help you get through firewalls on your router"
11 | msgstr "一个快速安全隧道代理,帮助您穿过防火墙"
12 |
13 | msgid "Base Setting"
14 | msgstr "基本设置"
15 |
16 | msgid "Proxy Mode"
17 | msgstr "代理模式"
18 |
19 | msgid "Base on GFW-List Auto Proxy Mode(Recommend)"
20 | msgstr "基于GFW-List自动代理(推荐)"
21 |
22 | msgid "Bypassing China Manland IP Mode(Be caution when using P2P download!)"
23 | msgstr "绕过中国大陆IP地址(P2P 下载慎用!)"
24 |
25 | msgid "Global Mode"
26 | msgstr "全局代理"
27 |
28 | msgid "Overseas users watch China video website Mode"
29 | msgstr "海外用户回国看视频"
30 |
31 | msgid "Auto Update GFW-List"
32 | msgstr "自动更新GFW-List"
33 |
34 | msgid "Manually force update GFW-List"
35 | msgstr "手动强制更新GFW-List"
36 |
37 | msgid "DNS uses TCP"
38 | msgstr "启用DNS TCP防污染"
39 |
40 | msgid "Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"
41 | msgstr "往国外的DNS请求将通过服务器中转发出(更安全,推荐)"
42 |
43 | msgid "Server Setting"
44 | msgstr "服务器设置"
45 |
46 | msgid "Server Address"
47 | msgstr "服务器地址(支持域名)"
48 |
49 | msgid "Server Port"
50 | msgstr "服务器端口"
51 |
52 | msgid "ID"
53 | msgstr "ID"
54 |
55 | msgid "Alter ID"
56 | msgstr "额外ID"
57 |
58 | msgid "Security"
59 | msgstr "加密方式"
60 |
61 | msgid "Network Type"
62 | msgstr "传输协议"
63 |
64 | msgid "User-defined GFW-List"
65 | msgstr "用户自定义GFW-List"
66 |
67 | msgid "
(!)Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying."
68 | msgstr "用户自定义GFW-List将会和自动更新的自动合并。如果要新加入域名马上生效,请应用后点击手动强制更新GFW-List"
69 |
70 | msgid "Status and Tools"
71 | msgstr "状态与工具"
72 |
73 | msgid "Watchdog Log"
74 | msgstr "守护日志"
75 |
76 | msgid "Client Proxy Mode Settings"
77 | msgstr "客户端代理模式设置"
78 |
79 | msgid "Proxy mode settings can be set to specific LAN clients ( No Proxy, Global Proxy, Game Mode) . Does not need to be set by default."
80 | msgstr "可以为局域网客户端分别设置不同的代理模式 ( 不代理, 全局代理, 游戏模式).默认无需设置"
81 |
82 | msgid "GFW-List Add-in IP"
83 | msgstr "GFW-List附加IP"
84 |
85 | msgid "
(!)Note: IP add-in to GFW-List. Such as Telegram Messenger"
86 | msgstr "
(!)注意:有些应用使用IP而不是域名,例如 Telegram Messenger ,您需要把IP地址加入这里"
87 |
88 | msgid "No Proxy"
89 | msgstr "不代理"
90 |
91 | msgid "Global Proxy"
92 | msgstr "全局代理"
93 |
94 | msgid "Game Mode"
95 | msgstr "游戏模式"
96 |
97 | msgid "Config File Type"
98 | msgstr "配置文件类型"
99 |
100 | msgid "Use Config File"
101 | msgstr "使用配置文件"
102 |
103 | msgid "Warning: Can't find v2ctl. You can only choose Protobuf."
104 | msgstr "注意:没有找到 v2ctl 可执行程序。你只能选择使用 Protobuf."
105 |
106 | msgid "If you choose to upload a new file, please do not modify and this configuration will be overwritten automatically."
107 | msgstr "如果你在下方选择了上传新的配置文件,那你不需要改动这个框框里的内容。上传完成后将会自动填充。"
108 |
109 | msgid "Create upload file error."
110 | msgstr "上传文件失败。"
111 |
112 | msgid "File saved to"
113 | msgstr "文件已保存到"
114 |
115 | msgid "No specify upload file."
116 | msgstr "未指定上传文件"
117 |
118 | msgid "Severse Setting"
119 | msgstr "反向代理设置"
120 |
121 | msgid "Server domain"
122 | msgstr "反向代理域名"
123 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua:
--------------------------------------------------------------------------------
1 | -- Copyright (C) 2017 yushi studio github.com/ywb94
2 | -- Copyright (C) 2018 lean github.com/coolsnowwolf
3 | -- Licensed to the public under the GNU General Public License v3.
4 |
5 | local m, s, sec, o, kcp_enable
6 | local shadowsocksr = "shadowsocksr"
7 | local uci = luci.model.uci.cursor()
8 |
9 | local sys = require "luci.sys"
10 |
11 | m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings"))
12 |
13 | m:section(SimpleSection).template = "shadowsocksr/status"
14 |
15 | local server_table = {}
16 | uci:foreach(shadowsocksr, "servers", function(s)
17 | if s.alias then
18 | server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias}
19 | elseif s.server and s.server_port then
20 | server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port}
21 | end
22 | end)
23 |
24 | local key_table = {}
25 | for key,_ in pairs(server_table) do
26 | table.insert(key_table,key)
27 | end
28 |
29 | table.sort(key_table)
30 |
31 | -- [[ Global Setting ]]--
32 | s = m:section(TypedSection, "global")
33 | s.anonymous = true
34 |
35 | o = s:option(ListValue, "global_server", translate("Main Server"))
36 | o:value("nil", translate("Disable"))
37 | for _,key in pairs(key_table) do o:value(key,server_table[key]) end
38 | o.default = "nil"
39 | o.rmempty = false
40 |
41 | o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server"))
42 | o:value("", translate("Disable"))
43 | o:value("same", translate("Same as Global Server"))
44 | for _,key in pairs(key_table) do o:value(key,server_table[key]) end
45 |
46 | o = s:option(ListValue, "threads", translate("Multi Threads Option"))
47 | o:value("0", translate("Auto Threads"))
48 | o:value("1", translate("1 Thread"))
49 | o:value("2", translate("2 Threads"))
50 | o:value("4", translate("4 Threads"))
51 | o:value("8", translate("8 Threads"))
52 | o.default = "0"
53 | o.rmempty = false
54 |
55 | o = s:option(ListValue, "run_mode", translate("Running Mode"))
56 | o:value("gfw", translate("GFW List Mode"))
57 | o:value("router", translate("IP Route Mode"))
58 | o:value("all", translate("Global Mode"))
59 | o:value("oversea", translate("Oversea Mode"))
60 | o.default = gfw
61 |
62 | o = s:option(ListValue, "dports", translate("Proxy Ports"))
63 | o:value("1", translate("All Ports"))
64 | o:value("2", translate("Only Common Ports"))
65 | o.default = 1
66 |
67 | o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
68 | o:value("1", translate("Use Pdnsd tcp query and cache"))
69 | o:value("0", translate("Use Local DNS Service listen port 5335"))
70 | o.default = 1
71 |
72 | o = s:option(ListValue, "tunnel_forward", translate("Anti-pollution DNS Server"))
73 | o:value("8.8.4.4:53", translate("Google Public DNS (8.8.4.4)"))
74 | o:value("8.8.8.8:53", translate("Google Public DNS (8.8.8.8)"))
75 | o:value("208.67.222.222:53", translate("OpenDNS (208.67.222.222)"))
76 | o:value("208.67.220.220:53", translate("OpenDNS (208.67.220.220)"))
77 | o:value("209.244.0.3:53", translate("Level 3 Public DNS (209.244.0.3)"))
78 | o:value("209.244.0.4:53", translate("Level 3 Public DNS (209.244.0.4)"))
79 | o:value("4.2.2.1:53", translate("Level 3 Public DNS (4.2.2.1)"))
80 | o:value("4.2.2.2:53", translate("Level 3 Public DNS (4.2.2.2)"))
81 | o:value("4.2.2.3:53", translate("Level 3 Public DNS (4.2.2.3)"))
82 | o:value("4.2.2.4:53", translate("Level 3 Public DNS (4.2.2.4)"))
83 | o:value("1.1.1.1:53", translate("Cloudflare DNS (1.1.1.1)"))
84 | o:value("114.114.114.114:53", translate("Oversea Mode DNS-1 (114.114.114.114)"))
85 | o:value("114.114.115.115:53", translate("Oversea Mode DNS-2 (114.114.115.115)"))
86 | o:depends("pdnsd_enable", "1")
87 |
88 | return m
89 |
--------------------------------------------------------------------------------
/luci-app-aliddns/root/usr/sbin/aliddns:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | aliddns_ak=`uci get aliddns.base.app_key 2>/dev/null`
4 | aliddns_sk=`uci get aliddns.base.app_secret 2>/dev/null`
5 | aliddns_record_id=`uci get aliddns.base.record_id 2>/dev/null`
6 | time=`uci get aliddns.base.time 2>/dev/null`
7 | aliddns_enable=`uci get aliddns.base.enable`
8 | aliddns_domain=`uci get aliddns.base.main_domain 2>/dev/null`
9 | aliddns_name=`uci get aliddns.base.sub_domain 2>/dev/null`
10 | interface=`uci get aliddns.base.interface 2>/dev/null`
11 | DATE=$(date +'%Y-%m-%d %H:%M:%S')
12 | timestamp=`date -u "+%Y-%m-%dT%H%%3A%M%%3A%SZ"`
13 | ip=$(ifconfig $interface 2> /dev/null | grep 'inet addr' | awk '{print $2}' | cut -d: -f2 2>/dev/null)
14 |
15 | check_aliddns() {
16 | #ip=`wget -qO- http://whatismyip.akamai.com/ 2>/dev/null`
17 | #current_ip=`nslookup $aliddns_name.$aliddns_domain | grep "Address 1"|tail -n1|cut -d' ' -f3 2>/dev/null`
18 | current_ip=`echo $query_result | sed 's/.*,"Value":"\([0-9\.]*\)",.*/\1/'`
19 | echo "$DATE 当前路由IP: ${ip}" >> /var/log/aliddns.log
20 | echo "$DATE 远程解析IP: ${current_ip}" >> /var/log/aliddns.log
21 | if [ "$ip" = "$current_ip" ]
22 | then
23 | echo "$DATE IP未改变,无需更新" >> /var/log/aliddns.log
24 | exit 0
25 | else
26 | echo "$DATE 更新中..." >> /var/log/aliddns.log
27 | fi
28 | }
29 |
30 | urlencode() {
31 | # urlencode
32 |
33 | local length="${#1}"
34 | i=0
35 | out=""
36 | for i in $(awk "BEGIN { for ( i=0; i<$length; i++ ) { print i; } }")
37 | do
38 | local c="${1:$i:1}"
39 | case $c in
40 | [a-zA-Z0-9._-]) out="$out$c" ;;
41 | *) out="$out`printf '%%%02X' "'$c"`" ;;
42 | esac
43 | i=$(($i + 1))
44 | done
45 | echo -n $out
46 | }
47 |
48 | send_request() {
49 | local args="AccessKeyId=$aliddns_ak&Action=$1&Format=json&$2&Version=2015-01-09"
50 | local hash=$(urlencode $(echo -n "GET&%2F&$(urlencode $args)" | openssl dgst -sha1 -hmac "$aliddns_sk&" -binary | openssl base64))
51 | wget -qO- "http://alidns.aliyuncs.com/?$args&Signature=$hash" 2> /dev/null
52 | }
53 |
54 | get_recordid() {
55 | grep -Eo '"RecordId":"[0-9]+"' | cut -d':' -f2 | tr -d '"'
56 | }
57 |
58 | query_recordid() {
59 | send_request "DescribeSubDomainRecords" "SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&SubDomain=$(urlencode "$aliddns_name").$aliddns_domain&Timestamp=$timestamp"
60 | }
61 |
62 | update_record() {
63 | send_request "UpdateDomainRecord" "RR=$(urlencode "$aliddns_name")&RecordId=$1&SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&Timestamp=$timestamp&Type=A&Value=$ip"
64 | }
65 |
66 | add_record() {
67 | send_request "AddDomainRecord&DomainName=$aliddns_domain" "RR=$(urlencode "$aliddns_name")&SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&Timestamp=$timestamp&Type=A&Value=$ip"
68 | }
69 |
70 | go_record() {
71 | if [ "$aliddns_record_id" = "" ]
72 | then
73 | aliddns_record_id=`echo $query_result | get_recordid`
74 | fi
75 | if [ "$aliddns_record_id" = "" ]
76 | then
77 | aliddns_record_id=`add_record | get_recordid`
78 | echo "$DATE 添加 record $aliddns_record_id" >> /var/log/aliddns.log
79 | else
80 | update_record $aliddns_record_id
81 | echo "$DATE 更新 record $aliddns_record_id" >> /var/log/aliddns.log
82 | fi
83 | # save to file
84 | if [ "$aliddns_record_id" = "" ]; then
85 | # failed
86 | echo "$DATE : 更新出错,请检查设置!" >> /var/log/aliddns.log
87 | exit 0
88 | else
89 | uci set aliddns.base.record_id=$aliddns_record_id
90 | uci commit
91 | echo "$DATE : 更新成功!($ip)" >> /var/log/aliddns.log
92 | fi
93 | }
94 | #将执行脚本写入crontab定时运行
95 | add_aliddns_cru(){
96 | wirtecron=$(cat /etc/crontabs/root | grep "$time * * * *" | grep aliddns)
97 | if [ -z "$wirtecron" ];then
98 | sed -i '/aliddns/d' /etc/crontabs/root >/dev/null 2>&1
99 | echo "*/$time * * * * /usr/sbin/aliddns" >> /etc/crontabs/root
100 | fi
101 | }
102 |
103 | #清除过多记录
104 | clean_log(){
105 | logrow=$(grep -c "" /var/log/aliddns.log)
106 | if [ $logrow -ge 15 ];then
107 | cat /dev/null > /var/log/aliddns.log
108 | echo "$DATE Log条数超限,清空处理!" >> /var/log/aliddns.log
109 | fi
110 | }
111 |
112 | #停止服务
113 | stop_aliddns(){
114 | #停掉cru里的任务
115 | sed -i '/aliddns/d' /etc/crontabs/root >/dev/null 2>&1
116 | }
117 |
118 | if [ "$aliddns_enable" != "1" ]; then
119 | stop_aliddns
120 | echo "$DATE : aliddns没有开启!" >> /var/log/aliddns.log
121 | else
122 | clean_log
123 | query_result=$(query_recordid)
124 | check_aliddns
125 | go_record
126 | add_aliddns_cru
127 | fi
128 |
129 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/bin/ssr-switch:
--------------------------------------------------------------------------------
1 | #!/bin/sh /etc/rc.common
2 | #
3 | # Copyright (C) 2017 openwrt-ssr
4 | # Copyright (C) 2017 yushi studio
5 | #
6 | # This is free software, licensed under the GNU General Public License v3.
7 | # See /LICENSE for more information.
8 | #
9 |
10 | cycle_time=60
11 | switch_time=3
12 | normal_flag=0
13 | server_locate=0
14 | server_count=0
15 | NAME=shadowsocksr
16 | ENABLE_SERVER=nil
17 | CONFIG_SWTICH_FILE=/var/etc/${NAME}_t.json
18 |
19 |
20 | [ -n "$1" ] && cycle_time=$1
21 | [ -n "$2" ] && switch_time=$2
22 |
23 | uci_get_by_name() {
24 | local ret=$(uci get $NAME.$1.$2 2>/dev/null)
25 | echo ${ret:=$3}
26 | }
27 |
28 | uci_get_by_type() {
29 | local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
30 | echo ${ret:=$3}
31 | }
32 |
33 | DEFAULT_SERVER=$(uci_get_by_type global global_server)
34 | CURRENT_SERVER=$DEFAULT_SERVER
35 |
36 | #判断代理是否正常
37 | check_proxy() {
38 | /usr/bin/ssr-check www.google.com 80 $switch_time 1
39 | if [ "$?" == "0" ]; then
40 | return 0
41 | else
42 | /usr/bin/ssr-check www.baidu.com 80 $switch_time 1
43 | if [ "$?" == "0" ]; then
44 | #goole不通baidu通则不正常
45 | return 1
46 | else
47 | return 2
48 | fi
49 | fi
50 | return 0
51 | }
52 |
53 |
54 | test_proxy() {
55 | local servername=$(uci_get_by_name $1 server)
56 | local serverport=$(uci_get_by_name $1 server_port)
57 | ret=$(ping -c 3 $servername | grep 'loss' | awk -F ',' '{ print $3 }' | awk -F "%" '{ print $1 }')
58 | [ -z "$ret" ] && return 1
59 | [ "$ret" -gt "50" ] && return 1
60 | ipset add ss_spec_wan_ac $servername 2>/dev/null
61 | ret=$?
62 | /usr/bin/ssr-check $servername $serverport $switch_time
63 | local ret2=$?
64 | if [ "$ret" = "0" ] ;then
65 | ipset del ss_spec_wan_ac $servername 2>/dev/null
66 | fi
67 | if [ "$ret2" = "0" ] ;then
68 | return 0
69 | else
70 | return 1
71 | fi
72 | }
73 |
74 | search_proxy() {
75 | let server_count=server_count+1
76 | [ "$normal_flag" = "1" -a "$server_count" -le "$server_locate" ] && return 0
77 | [ "$(uci_get_by_name $1 switch_enable)" != "1" ] && return 1
78 | [ $ENABLE_SERVER != nil ] && return 0
79 | [ "$1" = "$CURRENT_SERVER" ] && return 0
80 | local servername=$(uci_get_by_name $1 server)
81 | local serverport=$(uci_get_by_name $1 server_port)
82 | ipset add ss_spec_wan_ac $servername 2>/dev/null
83 | ret=$?
84 | /usr/bin/ssr-check $servername $serverport $switch_time
85 | local ret2=$?
86 | if [ "$ret" = "0" ] ;then
87 | ipset del ss_spec_wan_ac $servername 2>/dev/null
88 | fi
89 | if [ "$ret2" = "0" ] ;then
90 | server_locate=$server_count
91 | ENABLE_SERVER=$1
92 | return 0
93 | else
94 | return 1
95 | fi
96 |
97 | }
98 | #选择可用的代理
99 | select_proxy() {
100 |
101 | config_load $NAME
102 | ENABLE_SERVER=nil
103 | mkdir -p /var/run /var/etc
104 | server_count=0
105 | config_foreach search_proxy servers
106 |
107 | }
108 |
109 | #切换代理
110 | switch_proxy() {
111 | /etc/init.d/shadowsocksr restart $1
112 | return 0
113 | }
114 |
115 | start() {
116 | #不支持kcptun启用时的切换
117 | [ $(uci_get_by_name $DEFAULT_SERVER kcp_enable) = "1" ] && return 1
118 |
119 | while [ "1" = "1" ] #死循环
120 | do
121 | sleep $cycle_time
122 |
123 | LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
124 |
125 |
126 | #判断当前代理是否为缺省服务器
127 | if [ "$CURRENT_SERVER" != "$DEFAULT_SERVER" ] ;then
128 | #echo "not default proxy"
129 | echo "$(date "+%Y-%m-%d %H:%M:%S") Current server is not default Main server, try to switch back." >> /tmp/ssrplus.log
130 |
131 | #检查缺省服务器是否正常
132 | if test_proxy $DEFAULT_SERVER ;then
133 | #echo "switch to default proxy"
134 | echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is avilable." >> /tmp/ssrplus.log
135 | #缺省服务器正常,切换回来
136 | CURRENT_SERVER=$DEFAULT_SERVER
137 | switch_proxy $CURRENT_SERVER
138 | echo "switch to default ["$(uci_get_by_name $CURRENT_SERVER server)"] proxy!" >> /tmp/ssrplus.log
139 | continue
140 | else
141 | echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is NOT avilable.Continue using current server." >> /tmp/ssrplus.log
142 | fi
143 | fi
144 |
145 | #判断当前代理是否正常
146 | check_proxy
147 | current_ret=$?
148 |
149 | if [ "$current_ret" = "1" ] ;then
150 | #当前代理错误,判断有无可用的服务器
151 | #echo "current error"
152 | echo "$(date "+%Y-%m-%d %H:%M:%S") Current server error, try to switch another server." >> /tmp/ssrplus.log
153 |
154 | select_proxy
155 | if [ "$ENABLE_SERVER" != nil ] ;then
156 | #有其他服务器可用,进行切换
157 | #echo $(uci_get_by_name $new_proxy server)
158 | echo "$(date "+%Y-%m-%d %H:%M:%S") Another server is avilable, now switching server." >> /tmp/ssrplus.log
159 | CURRENT_SERVER=$ENABLE_SERVER
160 | switch_proxy $CURRENT_SERVER
161 | normal_flag=1
162 | echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR server switch OK" >> /tmp/ssrplus.log
163 | else
164 | switch_proxy $CURRENT_SERVER
165 | normal_flag=1
166 | echo "$(date "+%Y-%m-%d %H:%M:%S") Try restart current server." >> /tmp/ssrplus.log
167 | fi
168 | else
169 | normal_flag=0
170 | echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >> /tmp/ssrplus.log
171 | fi
172 |
173 |
174 | done
175 | }
176 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua:
--------------------------------------------------------------------------------
1 | -- Copyright (C) 2017 yushi studio
2 | -- Licensed to the public under the GNU General Public License v3.
3 |
4 | local IPK_Version="3.0.9"
5 | local m, s, o
6 | local redir_run=0
7 | local reudp_run=0
8 | local sock5_run=0
9 | local server_run=0
10 | local kcptun_run=0
11 | local tunnel_run=0
12 | local udp2raw_run=0
13 | local udpspeeder_run=0
14 | local gfw_count=0
15 | local ad_count=0
16 | local ip_count=0
17 | local gfwmode=0
18 |
19 | if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
20 | gfwmode=1
21 | end
22 |
23 | local shadowsocksr = "shadowsocksr"
24 | -- html constants
25 | font_blue = [[]]
26 | font_off = [[]]
27 | bold_on = [[]]
28 | bold_off = [[]]
29 |
30 | local fs = require "nixio.fs"
31 | local sys = require "luci.sys"
32 | local kcptun_version=translate("Unknown")
33 | local kcp_file="/usr/bin/kcptun-client"
34 | if not fs.access(kcp_file) then
35 | kcptun_version=translate("Not exist")
36 | else
37 | if not fs.access(kcp_file, "rwx", "rx", "rx") then
38 | fs.chmod(kcp_file, 755)
39 | end
40 | kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
41 | if not kcptun_version or kcptun_version == "" then
42 | kcptun_version = translate("Unknown")
43 | end
44 |
45 | end
46 |
47 | if gfwmode==1 then
48 | gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
49 | if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
50 | ad_count=tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
51 | end
52 | end
53 |
54 | if nixio.fs.access("/etc/china_ssr.txt") then
55 | ip_count = sys.exec("cat /etc/china_ssr.txt | wc -l")
56 | end
57 |
58 | local icount=sys.exec("ps -w | grep ssr-reudp |grep -v grep| wc -l")
59 | if tonumber(icount)>0 then
60 | reudp_run=1
61 | else
62 | icount=sys.exec("ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
63 | if tonumber(icount)>0 then
64 | reudp_run=1
65 | end
66 | end
67 |
68 |
69 | if luci.sys.call("ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 then
70 | redir_run=1
71 | end
72 |
73 | if luci.sys.call("pidof ssr-local >/dev/null") == 0 then
74 | sock5_run=1
75 | end
76 |
77 | if luci.sys.call("pidof kcptun-client >/dev/null") == 0 then
78 | kcptun_run=1
79 | end
80 |
81 | if luci.sys.call("pidof ssr-server >/dev/null") == 0 then
82 | server_run=1
83 | end
84 |
85 | if luci.sys.call("ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
86 | tunnel_run=1
87 | end
88 |
89 | if luci.sys.call("pidof pdnsd >/dev/null") == 0 then
90 | pdnsd_run=1
91 | end
92 |
93 | m = SimpleForm("Version")
94 | m.reset = false
95 | m.submit = false
96 |
97 | s=m:field(DummyValue,"redir_run",translate("Global Client"))
98 | s.rawhtml = true
99 | if redir_run == 1 then
100 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
101 | else
102 | s.value = translate("Not Running")
103 | end
104 |
105 | s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay"))
106 | s.rawhtml = true
107 | if reudp_run == 1 then
108 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
109 | else
110 | s.value = translate("Not Running")
111 | end
112 |
113 | s=m:field(DummyValue,"pdnsd_run",translate("PDNSD"))
114 | s.rawhtml = true
115 | if pdnsd_run == 1 then
116 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
117 | else
118 | s.value = translate("Not Running")
119 | end
120 |
121 | if nixio.fs.access("/usr/bin/ssr-local") then
122 | s=m:field(DummyValue,"sock5_run",translate("SOCKS5 Proxy"))
123 | s.rawhtml = true
124 | if sock5_run == 1 then
125 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
126 | else
127 | s.value = translate("Not Running")
128 | end
129 | end
130 |
131 | if nixio.fs.access("/usr/bin/ssr-server") then
132 | s=m:field(DummyValue,"server_run",translate("Global SSR Server"))
133 | s.rawhtml = true
134 | if server_run == 1 then
135 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
136 | else
137 | s.value = translate("Not Running")
138 | end
139 | end
140 |
141 | if nixio.fs.access("/usr/bin/kcptun-client") then
142 | s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
143 | s.rawhtml = true
144 | s.value =kcptun_version
145 |
146 | s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
147 | s.rawhtml = true
148 | if kcptun_run == 1 then
149 | s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
150 | else
151 | s.value = translate("Not Running")
152 | end
153 | end
154 |
155 | s=m:field(DummyValue,"google",translate("Google Connectivity"))
156 | s.value = translate("No Check")
157 | s.template = "shadowsocksr/check"
158 |
159 | s=m:field(DummyValue,"baidu",translate("Baidu Connectivity"))
160 | s.value = translate("No Check")
161 | s.template = "shadowsocksr/check"
162 |
163 | if gfwmode==1 then
164 | s=m:field(DummyValue,"gfw_data",translate("GFW List Data"))
165 | s.rawhtml = true
166 | s.template = "shadowsocksr/refresh"
167 | s.value =tostring(math.ceil(gfw_count)) .. " " .. translate("Records")
168 |
169 | end
170 |
171 | s=m:field(DummyValue,"ip_data",translate("China IP Data"))
172 | s.rawhtml = true
173 | s.template = "shadowsocksr/refresh"
174 | s.value =ip_count .. " " .. translate("Records")
175 |
176 | s=m:field(DummyValue,"check_port",translate("Check Server Port"))
177 | s.template = "shadowsocksr/checkport"
178 | s.value =translate("No Check")
179 |
180 | return m
181 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm:
--------------------------------------------------------------------------------
1 | <%+cbi/valueheader%>
2 |
3 |
134 |
135 |
136 |
137 | <%:ssr://%>
138 |
139 | <%+cbi/valuefooter%>
140 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf:
--------------------------------------------------------------------------------
1 | server=/v.youku.com/127.0.0.1#5335
2 | server=/api.youku.com/127.0.0.1#5335
3 | server=/v2.tudou.com/127.0.0.1#5335
4 | server=/www.tudou.com/127.0.0.1#5335
5 | server=/s.plcloud.music.qq.com/127.0.0.1#5335
6 | server=/i.y.qq.com/127.0.0.1#5335
7 | server=/hot.vrs.sohu.com/127.0.0.1#5335
8 | server=/live.tv.sohu.com/127.0.0.1#5335
9 | server=/pad.tv.sohu.com/127.0.0.1#5335
10 | server=/my.tv.sohu.com/127.0.0.1#5335
11 | server=/hot.vrs.letv.com/127.0.0.1#5335
12 | server=/data.video.qiyi.com/127.0.0.1#5335
13 | server=/cache.video.qiyi.com/127.0.0.1#5335
14 | server=/cache.vip.qiyi.com/127.0.0.1#5335
15 | server=/vv.video.qq.com/127.0.0.1#5335
16 | server=/tt.video.qq.com/127.0.0.1#5335
17 | server=/ice.video.qq.com/127.0.0.1#5335
18 | server=/tjsa.video.qq.com/127.0.0.1#5335
19 | server=/a10.video.qq.com/127.0.0.1#5335
20 | server=/xyy.video.qq.com/127.0.0.1#5335
21 | server=/vcq.video.qq.com/127.0.0.1#5335
22 | server=/vsh.video.qq.com/127.0.0.1#5335
23 | server=/vbj.video.qq.com/127.0.0.1#5335
24 | server=/bobo.video.qq.com/127.0.0.1#5335
25 | server=/flvs.video.qq.com/127.0.0.1#5335
26 | server=/bkvv.video.qq.com/127.0.0.1#5335
27 | server=/info.zb.qq.com/127.0.0.1#5335
28 | server=/geo.js.kankan.xunlei.com/127.0.0.1#5335
29 | server=/web-play.pptv.com/127.0.0.1#5335
30 | server=/web-play.pplive.cn/127.0.0.1#5335
31 | server=/dyn.ugc.pps.tv/127.0.0.1#5335
32 | server=/v.pps.tv/127.0.0.1#5335
33 | server=/inner.kandian.com/127.0.0.1#5335
34 | server=/ipservice.163.com/127.0.0.1#5335
35 | server=/so.open.163.com/127.0.0.1#5335
36 | server=/zb.s.qq.com/127.0.0.1#5335
37 | server=/ip.kankan.xunlei.com/127.0.0.1#5335
38 | server=/vxml.56.com/127.0.0.1#5335
39 | server=/music.sina.com.cn/127.0.0.1#5335
40 | server=/play.baidu.com/127.0.0.1#5335
41 | server=/v.iask.com/127.0.0.1#5335
42 | server=/tv.weibo.com/127.0.0.1#5335
43 | server=/wtv.v.iask.com/127.0.0.1#5335
44 | server=/video.sina.com.cn/127.0.0.1#5335
45 | server=/www.yinyuetai.com/127.0.0.1#5335
46 | server=/api.letv.com/127.0.0.1#5335
47 | server=/live.gslb.letv.com/127.0.0.1#5335
48 | server=/static.itv.letv.com/127.0.0.1#5335
49 | server=/ip.apps.cntv.cn/127.0.0.1#5335
50 | server=/vdn.apps.cntv.cn/127.0.0.1#5335
51 | server=/vdn.live.cntv.cn/127.0.0.1#5335
52 | server=/vip.sports.cntv.cn/127.0.0.1#5335
53 | server=/a.play.api.3g.youku.com/127.0.0.1#5335
54 | server=/i.play.api.3g.youku.com/127.0.0.1#5335
55 | server=/api.3g.youku.com/127.0.0.1#5335
56 | server=/tv.api.3g.youku.com/127.0.0.1#5335
57 | server=/play.api.3g.youku.com/127.0.0.1#5335
58 | server=/play.api.3g.tudou.com/127.0.0.1#5335
59 | server=/tv.api.3g.tudou.com/127.0.0.1#5335
60 | server=/api.3g.tudou.com/127.0.0.1#5335
61 | server=/api.tv.sohu.com/127.0.0.1#5335
62 | server=/access.tv.sohu.com/127.0.0.1#5335
63 | server=/iface.iqiyi.com/127.0.0.1#5335
64 | server=/iface2.iqiyi.com/127.0.0.1#5335
65 | server=/cache.m.iqiyi.com/127.0.0.1#5335
66 | server=/dynamic.app.m.letv.com/127.0.0.1#5335
67 | server=/dynamic.meizi.app.m.letv.com/127.0.0.1#5335
68 | server=/dynamic.search.app.m.letv.com/127.0.0.1#5335
69 | server=/dynamic.live.app.m.letv.com/127.0.0.1#5335
70 | server=/listso.m.areainfo.ppstream.com/127.0.0.1#5335
71 | server=/epg.api.pptv.com/127.0.0.1#5335
72 | server=/play.api.pptv.com/127.0.0.1#5335
73 | server=/m.letv.com/127.0.0.1#5335
74 | server=/interface.bilibili.com/127.0.0.1#5335
75 | server=/3g.music.qq.com/127.0.0.1#5335
76 | server=/mqqplayer.3g.qq.com/127.0.0.1#5335
77 | server=/proxy.music.qq.com/127.0.0.1#5335
78 | server=/proxymc.qq.com/127.0.0.1#5335
79 | server=/ip2.kugou.com/127.0.0.1#5335
80 | server=/ip.kugou.com/127.0.0.1#5335
81 | server=/client.api.ttpod.com/127.0.0.1#5335
82 | server=/mobi.kuwo.cn/127.0.0.1#5335
83 | server=/mobilefeedback.kugou.com/127.0.0.1#5335
84 | server=/tingapi.ting.baidu.com/127.0.0.1#5335
85 | server=/music.baidu.com/127.0.0.1#5335
86 | server=/serviceinfo.sdk.duomi.com/127.0.0.1#5335
87 | server=/music.163.com/127.0.0.1#5335
88 | server=/www.xiami.com/127.0.0.1#5335
89 | server=/spark.api.xiami.com/127.0.0.1#5335
90 | server=/iplocation.geo.qiyi.com/127.0.0.1#5335
91 | server=/sns.video.qq.com/127.0.0.1#5335
92 | server=/v5.pc.duomi.com/127.0.0.1#5335
93 | server=/tms.is.ysten.com/127.0.0.1#5335
94 | server=/internal.check.duokanbox.com/127.0.0.1#5335
95 | server=/openapi.youku.com/127.0.0.1#5335
96 | server=/y.qq.com/127.0.0.1#5335
97 | ipset=/v.youku.com/oversea
98 | ipset=/api.youku.com/oversea
99 | ipset=/v2.tudou.com/oversea
100 | ipset=/www.tudou.com/oversea
101 | ipset=/s.plcloud.music.qq.com/oversea
102 | ipset=/i.y.qq.com/oversea
103 | ipset=/hot.vrs.sohu.com/oversea
104 | ipset=/live.tv.sohu.com/oversea
105 | ipset=/pad.tv.sohu.com/oversea
106 | ipset=/my.tv.sohu.com/oversea
107 | ipset=/hot.vrs.letv.com/oversea
108 | ipset=/data.video.qiyi.com/oversea
109 | ipset=/cache.video.qiyi.com/oversea
110 | ipset=/cache.vip.qiyi.com/oversea
111 | ipset=/vv.video.qq.com/oversea
112 | ipset=/tt.video.qq.com/oversea
113 | ipset=/ice.video.qq.com/oversea
114 | ipset=/tjsa.video.qq.com/oversea
115 | ipset=/a10.video.qq.com/oversea
116 | ipset=/xyy.video.qq.com/oversea
117 | ipset=/vcq.video.qq.com/oversea
118 | ipset=/vsh.video.qq.com/oversea
119 | ipset=/vbj.video.qq.com/oversea
120 | ipset=/bobo.video.qq.com/oversea
121 | ipset=/flvs.video.qq.com/oversea
122 | ipset=/bkvv.video.qq.com/oversea
123 | ipset=/info.zb.qq.com/oversea
124 | ipset=/geo.js.kankan.xunlei.com/oversea
125 | ipset=/web-play.pptv.com/oversea
126 | ipset=/web-play.pplive.cn/oversea
127 | ipset=/dyn.ugc.pps.tv/oversea
128 | ipset=/v.pps.tv/oversea
129 | ipset=/inner.kandian.com/oversea
130 | ipset=/ipservice.163.com/oversea
131 | ipset=/so.open.163.com/oversea
132 | ipset=/zb.s.qq.com/oversea
133 | ipset=/ip.kankan.xunlei.com/oversea
134 | ipset=/vxml.56.com/oversea
135 | ipset=/music.sina.com.cn/oversea
136 | ipset=/play.baidu.com/oversea
137 | ipset=/v.iask.com/oversea
138 | ipset=/tv.weibo.com/oversea
139 | ipset=/wtv.v.iask.com/oversea
140 | ipset=/video.sina.com.cn/oversea
141 | ipset=/www.yinyuetai.com/oversea
142 | ipset=/api.letv.com/oversea
143 | ipset=/live.gslb.letv.com/oversea
144 | ipset=/static.itv.letv.com/oversea
145 | ipset=/ip.apps.cntv.cn/oversea
146 | ipset=/vdn.apps.cntv.cn/oversea
147 | ipset=/vdn.live.cntv.cn/oversea
148 | ipset=/vip.sports.cntv.cn/oversea
149 | ipset=/a.play.api.3g.youku.com/oversea
150 | ipset=/i.play.api.3g.youku.com/oversea
151 | ipset=/api.3g.youku.com/oversea
152 | ipset=/tv.api.3g.youku.com/oversea
153 | ipset=/play.api.3g.youku.com/oversea
154 | ipset=/play.api.3g.tudou.com/oversea
155 | ipset=/tv.api.3g.tudou.com/oversea
156 | ipset=/api.3g.tudou.com/oversea
157 | ipset=/api.tv.sohu.com/oversea
158 | ipset=/access.tv.sohu.com/oversea
159 | ipset=/iface.iqiyi.com/oversea
160 | ipset=/iface2.iqiyi.com/oversea
161 | ipset=/cache.m.iqiyi.com/oversea
162 | ipset=/dynamic.app.m.letv.com/oversea
163 | ipset=/dynamic.meizi.app.m.letv.com/oversea
164 | ipset=/dynamic.search.app.m.letv.com/oversea
165 | ipset=/dynamic.live.app.m.letv.com/oversea
166 | ipset=/listso.m.areainfo.ppstream.com/oversea
167 | ipset=/epg.api.pptv.com/oversea
168 | ipset=/play.api.pptv.com/oversea
169 | ipset=/m.letv.com/oversea
170 | ipset=/interface.bilibili.com/oversea
171 | ipset=/3g.music.qq.com/oversea
172 | ipset=/mqqplayer.3g.qq.com/oversea
173 | ipset=/proxy.music.qq.com/oversea
174 | ipset=/proxymc.qq.com/oversea
175 | ipset=/ip2.kugou.com/oversea
176 | ipset=/ip.kugou.com/oversea
177 | ipset=/client.api.ttpod.com/oversea
178 | ipset=/mobi.kuwo.cn/oversea
179 | ipset=/mobilefeedback.kugou.com/oversea
180 | ipset=/tingapi.ting.baidu.com/oversea
181 | ipset=/music.baidu.com/oversea
182 | ipset=/serviceinfo.sdk.duomi.com/oversea
183 | ipset=/music.163.com/oversea
184 | ipset=/www.xiami.com/oversea
185 | ipset=/spark.api.xiami.com/oversea
186 | ipset=/iplocation.geo.qiyi.com/oversea
187 | ipset=/sns.video.qq.com/oversea
188 | ipset=/v5.pc.duomi.com/oversea
189 | ipset=/tms.is.ysten.com/oversea
190 | ipset=/internal.check.duokanbox.com/oversea
191 | ipset=/openapi.youku.com/oversea
192 | ipset=/y.qq.com/oversea
193 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Copyright (C) 2017 XiaoShan https://www.mivm.cn
3 |
4 | . /usr/share/libubox/jshn.sh
5 |
6 | urlsafe_b64decode() {
7 | local d="====" data=$(echo $1 | sed 's/_/\//g; s/-/+/g')
8 | local mod4=$((${#data}%4))
9 | [ $mod4 -gt 0 ] && data=${data}${d:mod4}
10 | echo $data | base64 -d
11 | }
12 |
13 | echo_date(){
14 | echo $(TZ=UTC-8 date -R +%Y-%m-%d\ %X):$1
15 | }
16 |
17 | Server_Update() {
18 | local uci_set="uci -q set $name.$1."
19 | ${uci_set}grouphashkey="$ssr_grouphashkey"
20 | ${uci_set}hashkey="$ssr_hashkey"
21 | ${uci_set}alias="[$ssr_group] $ssr_remarks"
22 | ${uci_set}auth_enable="0"
23 | ${uci_set}switch_enable="1"
24 | ${uci_set}type="$ssr_type"
25 | ${uci_set}server="$ssr_host"
26 | ${uci_set}server_port="$ssr_port"
27 | ${uci_set}local_port="1234"
28 | uci -q get $name.@servers[$1].timeout >/dev/null || ${uci_set}timeout="60"
29 | ${uci_set}password="$ssr_passwd"
30 | ${uci_set}encrypt_method="$ssr_method"
31 | ${uci_set}protocol="$ssr_protocol"
32 | ${uci_set}protocol_param="$ssr_protoparam"
33 | ${uci_set}obfs="$ssr_obfs"
34 | ${uci_set}obfs_param="$ssr_obfsparam"
35 | ${uci_set}fast_open="0"
36 | ${uci_set}kcp_enable="0"
37 | ${uci_set}kcp_port="0"
38 | ${uci_set}kcp_param="--nocomp"
39 |
40 | if [ "$ssr_type" = "v2ray" ]; then
41 | #v2ray
42 | ${uci_set}alter_id="$ssr_alter_id"
43 | ${uci_set}vmess_id="$ssr_vmess_id"
44 | ${uci_set}transport="$ssr_transport"
45 | ${uci_set}tcp_guise="$ssr_tcp_guise"
46 | ${uci_set}ws_host="$ssr_ws_host"
47 | ${uci_set}ws_path="$ssr_ws_path"
48 | ${uci_set}tls="$ssr_tls"
49 | ${uci_set}security="auto"
50 | fi
51 | }
52 |
53 | name=shadowsocksr
54 | subscribe_url=($(uci get $name.@server_subscribe[0].subscribe_url)) #订阅服务器地址
55 | [ ${#subscribe_url[@]} -eq 0 ] && exit 1
56 | [ $(uci -q get $name.@server_subscribe[0].proxy || echo 0) -eq 0 ] && /etc/init.d/$name stop >/dev/null 2>&1
57 | log_name=${name}_subscribe
58 | for ((o=0;o<${#subscribe_url[@]};o++))
59 | do
60 | echo_date "从 ${subscribe_url[o]} 获取订阅"
61 | echo_date "开始更新在线订阅列表..."
62 | echo_date "开始下载订阅链接到本地临时文件,请稍等..."
63 | subscribe_data=$(wget-ssl --user-agent="User-Agent: Mozilla" --no-check-certificate -T 3 -O- ${subscribe_url[o]})
64 | curl_code=$?
65 | # 计算group的hashkey
66 | ssr_grouphashkey=$(echo "${subscribe_url[o]}" | md5sum | cut -d ' ' -f1)
67 | if [ ! $curl_code -eq 0 ];then
68 | echo_date "下载订阅成功..."
69 | echo_date "开始解析节点信息..."
70 | subscribe_data=$(wget-ssl --no-check-certificate -T 3 -O- ${subscribe_url[o]})
71 | curl_code=$?
72 | fi
73 | if [ $curl_code -eq 0 ];then
74 | ssr_url=($(echo $subscribe_data | base64 -d | sed 's/\r//g')) # 解码数据并删除 \r 换行符
75 | subscribe_max=$(echo ${ssr_url[0]} | grep -i MAX= | awk -F = '{print $2}')
76 | subscribe_max_x=()
77 | if [ -n "$subscribe_max" ]; then
78 | while [ ${#subscribe_max_x[@]} -ne $subscribe_max ]
79 | do
80 | if [ ${#ssr_url[@]} -ge 10 ]; then
81 | if [ $((${RANDOM:0:2}%2)) -eq 0 ]; then
82 | temp_x=${RANDOM:0:1}
83 | else
84 | temp_x=${RANDOM:0:2}
85 | fi
86 | else
87 | temp_x=${RANDOM:0:1}
88 | fi
89 | [ $temp_x -lt ${#ssr_url[@]} -a -z "$(echo "${subscribe_max_x[*]}" | grep -w $temp_x)" ] && subscribe_max_x[${#subscribe_max_x[@]}]="$temp_x"
90 | done
91 | else
92 | subscribe_max=${#ssr_url[@]}
93 | fi
94 | echo_date "共计$subscribe_max个节点"
95 | ssr_group=$(urlsafe_b64decode $(urlsafe_b64decode ${ssr_url[$((${#ssr_url[@]} - 1))]//ssr:\/\//} | sed 's/&/\n/g' | grep group= | awk -F = '{print $2}'))
96 | if [ -z "$ssr_group" ]; then
97 | ssr_group="default"
98 | fi
99 | if [ -n "$ssr_group" ]; then
100 | subscribe_i=0
101 | subscribe_n=0
102 | subscribe_o=0
103 | subscribe_x=""
104 | temp_host_o=()
105 | curr_ssr=$(uci show $name | grep @servers | grep -c server=)
106 | for ((x=0;x<$curr_ssr;x++)) # 循环已有服务器信息,匹配当前订阅群组
107 | do
108 | temp_alias=$(uci -q get $name.@servers[$x].grouphashkey | grep "$ssr_grouphashkey")
109 | [ -n "$temp_alias" ] && temp_host_o[${#temp_host_o[@]}]=$(uci get $name.@servers[$x].hashkey)
110 | done
111 |
112 | for ((x=0;x<$subscribe_max;x++)) # 循环链接
113 | do
114 | [ ${#subscribe_max_x[@]} -eq 0 ] && temp_x=$x || temp_x=${subscribe_max_x[x]}
115 | result=$(echo ${ssr_url[temp_x]} | grep "ssr")
116 | if [[ "$result" != "" ]]
117 | then
118 | temp_info=$(urlsafe_b64decode ${ssr_url[temp_x]//ssr:\/\//}) # 解码 SSR 链接
119 | # 计算hashkey
120 | ssr_hashkey=$(echo "$temp_info" | md5sum | cut -d ' ' -f1)
121 |
122 |
123 | info=${temp_info///?*/}
124 | temp_info_array=(${info//:/ })
125 | ssr_type="ssr"
126 | ssr_host=${temp_info_array[0]}
127 | ssr_port=${temp_info_array[1]}
128 | ssr_protocol=${temp_info_array[2]}
129 | ssr_method=${temp_info_array[3]}
130 | ssr_obfs=${temp_info_array[4]}
131 | ssr_passwd=$(urlsafe_b64decode ${temp_info_array[5]})
132 | info=${temp_info:$((${#info} + 2))}
133 | info=(${info//&/ })
134 | ssr_protoparam=""
135 | ssr_obfsparam=""
136 | ssr_remarks="$temp_x"
137 | for ((i=0;i<${#info[@]};i++)) # 循环扩展信息
138 | do
139 | temp_info=($(echo ${info[i]} | sed 's/=/ /g'))
140 | case "${temp_info[0]}" in
141 | protoparam)
142 | ssr_protoparam=$(urlsafe_b64decode ${temp_info[1]})
143 | ;;
144 | obfsparam)
145 | ssr_obfsparam=$(urlsafe_b64decode ${temp_info[1]})
146 | ;;
147 | remarks)
148 | ssr_remarks=$(urlsafe_b64decode ${temp_info[1]})
149 | ;;
150 | esac
151 | done
152 | else
153 | temp_info=$(urlsafe_b64decode ${ssr_url[temp_x]//vmess:\/\//}) # 解码 Vmess 链接
154 | # 计算hashkey
155 | ssr_hashkey=$(echo "$temp_info" | md5sum | cut -d ' ' -f1)
156 |
157 | ssr_type="v2ray"
158 | json_load "$temp_info"
159 | json_get_var ssr_host add
160 | json_get_var ssr_port port
161 | json_get_var ssr_alter_id aid
162 | json_get_var ssr_vmess_id id
163 | json_get_var ssr_security type
164 | json_get_var ssr_transport net
165 | json_get_var ssr_remarks ps
166 | ssr_tcp_guise="none"
167 | json_get_var ssr_ws_host host
168 | json_get_var ssr_ws_path path
169 | json_get_var ssr_tls tls
170 | if [ "$ssr_tls" == "tls" -o "$ssr_tls" == "1" ]; then
171 | ssr_tls="1"
172 | else
173 | ssr_tls="0"
174 | fi
175 | fi
176 |
177 | if [ -z "ssr_remarks" ]; then # 没有备注的话则生成一个
178 | ssr_remarks="$ssr_host:$ssr_port";
179 | fi
180 |
181 | uci_name_tmp=$(uci show $name | grep -w "$ssr_hashkey" | awk -F . '{print $2}')
182 | if [ -z "$uci_name_tmp" ]; then # 判断当前服务器信息是否存在
183 | uci_name_tmp=$(uci add $name servers)
184 | subscribe_n=$(($subscribe_n + 1))
185 | fi
186 | Server_Update $uci_name_tmp
187 | subscribe_x=$subscribe_x$ssr_hashkey" "
188 | ssrtype=$(echo $ssr_type | tr '[a-z]' '[A-Z]')
189 | echo_date "$ssrtype节点:【$ssr_remarks】"
190 |
191 | # SSR
192 | # echo "服务器地址: $ssr_host"
193 | # echo "服务器端口 $ssr_port"
194 | # echo "密码: $ssr_passwd"
195 | # echo "加密: $ssr_method"
196 | # echo "协议: $ssr_protocol"
197 | # echo "协议参数: $ssr_protoparam"
198 | # echo "混淆: $ssr_obfs"
199 | # echo "混淆参数: $ssr_obfsparam"
200 | # echo "备注: $ssr_remarks"
201 |
202 | done
203 | for ((x=0;x<${#temp_host_o[@]};x++)) # 新旧服务器信息匹配,如果旧服务器信息不存在于新服务器信息则删除
204 | do
205 | if [ -z "$(echo "$subscribe_x" | grep -w ${temp_host_o[x]})" ]; then
206 | uci_name_tmp=$(uci show $name | grep ${temp_host_o[x]} | awk -F . '{print $2}')
207 | uci delete $name.$uci_name_tmp
208 | subscribe_o=$(($subscribe_o + 1))
209 | fi
210 | done
211 | echo_date "本次更新订阅来源 【$ssr_group】 服务器数量: ${#ssr_url[@]} 新增服务器: $subscribe_n 删除服务器: $subscribe_o"
212 | echo_date "在线订阅列表更新完成!请等待网页自动刷新!"
213 | subscribe_log="$ssr_group 服务器订阅更新成功 服务器数量: ${#ssr_url[@]} 新增服务器: $subscribe_n 删除服务器: $subscribe_o"
214 | logger -st $log_name[$$] -p6 "$subscribe_log"
215 | uci commit $name
216 | else
217 | echo_date "${subscribe_url[$o]} 订阅数据解析失败 无法获取 Group"
218 | logger -st $log_name[$$] -p3 "${subscribe_url[$o]} 订阅数据解析失败 无法获取 Group"
219 | fi
220 | else
221 | echo_date "${subscribe_url[$o]} 订阅数据获取失败 错误代码: $curl_code"
222 | logger -st $log_name[$$] -p3 "${subscribe_url[$o]} 订阅数据获取失败 错误代码: $curl_code"
223 | fi
224 | done
225 | /etc/init.d/$name restart >/dev/null 2>&1
226 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/luasrc/model/cbi/ssrpro.lua:
--------------------------------------------------------------------------------
1 |
2 | local fs = require "nixio.fs"
3 | local NXFS = require "nixio.fs"
4 | local WLFS = require "nixio.fs"
5 | local SYS = require "luci.sys"
6 | local ND = SYS.exec("cat /etc/gfwlist/china-banned | wc -l")
7 | local conf = "/etc/shadowsocksr/base-gfwlist.txt"
8 | local watch = "/tmp/shadowsocksr_watchdog.log"
9 | local dog = "/tmp/ssrpro.log"
10 |
11 | m = Map("ssrpro")
12 | m.title = translate("Shadowsocksr Transparent Proxy")
13 | m.description = translate("A fast secure tunnel proxy that help you get through firewalls on your router")
14 |
15 | m:section(SimpleSection).template = "ssrpro/ssrpro_status"
16 |
17 | s = m:section(TypedSection, "ssrpro")
18 | s.anonymous = true
19 |
20 | -- ---------------------------------------------------
21 |
22 | s:tab("basic", translate("Base Setting"))
23 |
24 |
25 | switch = s:taboption("basic",Flag, "enabled", translate("Enable"))
26 | switch.rmempty = false
27 |
28 | proxy_mode = s:taboption("basic",ListValue, "proxy_mode", translate("Proxy Mode"))
29 | proxy_mode:value("M", translate("Base on GFW-List Auto Proxy Mode(Recommend)"))
30 | proxy_mode:value("S", translate("Bypassing China Manland IP Mode(Be caution when using P2P download!)"))
31 | proxy_mode:value("G", translate("Global Mode"))
32 | proxy_mode:value("V", translate("Overseas users watch China video website Mode"))
33 |
34 | cronup = s:taboption("basic", Flag, "cron_mode", translate("Auto Update GFW-List"),
35 | translate(string.format("GFW-List Lines: %s Lines", ND)))
36 | cronup.default = 0
37 | cronup.rmempty = false
38 |
39 | updatead = s:taboption("basic", Button, "updatead", translate("Manually force update GFW-List"), translate("Note: It needs to download and convert the rules. The background process may takes 60-120 seconds to run.
After completed it would automatically refresh, please do not duplicate click!"))
40 | updatead.inputtitle = translate("Manually force update GFW-List")
41 | updatead.inputstyle = "apply"
42 | updatead.write = function()
43 | SYS.call("nohup sh /etc/shadowsocksr/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1 &")
44 | end
45 |
46 | safe_dns_tcp = s:taboption("basic",Flag, "safe_dns_tcp", translate("DNS uses TCP"),
47 | translate("Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"))
48 | safe_dns_tcp.rmempty = false
49 | -- safe_dns_tcp:depends("more", "1")
50 |
51 | -- timeout = s:taboption("basic",Value, "timeout", translate("Timeout"))
52 | -- timeout.datatype = "range(0,10000)"
53 | -- timeout.placeholder = "60"
54 | -- timeout.optional = false
55 | -- timeout:depends("more", "1")
56 |
57 | -- safe_dns = s:taboption("basic",Value, "safe_dns", translate("Safe DNS"),
58 | -- translate("8.8.8.8 or 8.8.4.4 is recommended"))
59 | -- safe_dns.datatype = "ip4addr"
60 | -- safe_dns.optional = false
61 | -- safe_dns:depends("more", "1")
62 |
63 | -- safe_dns_port = s:taboption("basic",Value, "safe_dns_port", translate("Safe DNS Port"),
64 | -- translate("Foreign DNS on UDP port 53 might be polluted"))
65 | -- safe_dns_port.datatype = "range(1,65535)"
66 | -- safe_dns_port.placeholder = "53"
67 | -- safe_dns_port.optional = false
68 | -- safe_dns_port:depends("more", "1")
69 |
70 | --fast_open =s:taboption("basic",Flag, "fast_open", translate("TCP Fast Open"),
71 | -- translate("Enable TCP fast open, only available on kernel > 3.7.0"))
72 |
73 |
74 |
75 | s:tab("main", translate("Server Setting"))
76 |
77 | more = s:taboption("main",ListValue, "more", translate("Tool Select"))
78 | more:value("0", translate("ShadowsockR"))
79 | more:value("1", translate("Shadowsocks New Vesion"))
80 | more.description = translate("Using incorrect encryption mothod may causes service fail to start")
81 |
82 | server = s:taboption("main",Value, "server", translate("Server Address"))
83 | server.optional = false
84 | server.datatype = "host"
85 | server.rmempty = false
86 |
87 | server_port = s:taboption("main",Value, "server_port", translate("Server Port"))
88 | server_port.datatype = "range(1,65535)"
89 | server_port.optional = false
90 | server_port.rmempty = false
91 |
92 | password = s:taboption("main",Value, "password", translate("Password"))
93 | password.password = true
94 |
95 | method = s:taboption("main",ListValue, "method", translate("Encryption Method"))
96 | method:value("none")
97 | method:value("aes-128-ctr")
98 | method:value("aes-192-ctr")
99 | method:value("aes-256-ctr")
100 | method:value("aes-128-cfb")
101 | method:value("aes-192-cfb")
102 | method:value("aes-256-cfb")
103 | method:value("aes-128-gcm")
104 | method:value("aes-192-gcm")
105 | method:value("aes-256-gcm")
106 | method:value("rc4")
107 | method:value("rc4-md5")
108 | method:value("rc4-md5-6")
109 | method:value("salsa20")
110 | method:value("chacha20")
111 | method:value("chacha20-ietf")
112 | method:value("camellia-128-cfb")
113 | method:value("camellia-192-cfb")
114 | method:value("camellia-256-cfb")
115 | method:value("bf-cfb")
116 | method:value("chacha20-ietf-poly1305")
117 | method:value("xchacha20-ietf-poly1305")
118 |
119 | protocol = s:taboption("main",ListValue, "protocol", translate("Protocol"))
120 | protocol:value("origin")
121 | protocol:value("verify_deflate")
122 | protocol:value("auth_sha1_v4")
123 | protocol:value("auth_aes128_md5")
124 | protocol:value("auth_aes128_sha1")
125 | protocol:value("auth_chain_a")
126 | protocol:value("auth_chain_b")
127 | protocol:value("auth_chain_c")
128 | protocol:value("auth_chain_d")
129 | protocol:value("auth_chain_e")
130 | protocol:value("auth_chain_f")
131 |
132 | protoparam = s:taboption("main",Value, "protoparam", translate("Protocol Param"))
133 | protoparam.optional = true
134 | protoparam.rmempty = true
135 |
136 | obfs = s:taboption("main",ListValue, "obfs", translate("Obfs Param"))
137 | obfs:value("plain")
138 | obfs:value("http_simple")
139 | obfs:value("http_post")
140 | obfs:value("random_head")
141 | obfs:value("tls1.2_ticket_auth")
142 | obfs:value("tls1.2_ticket_fastauth")
143 |
144 | plugin_param = s:taboption("main",Flag, "plugin_param", translate("Plug-in parameters"),
145 | translate("Incorrect use of this parameter will cause IP to be blocked. Please use it with care"))
146 | plugin_param:depends("obfs", "http_simple")
147 | plugin_param:depends("obfs", "http_post")
148 | plugin_param:depends("obfs", "tls1.2_ticket_auth")
149 | plugin_param:depends("obfs", "tls1.2_ticket_fastauth")
150 |
151 | obfs_param = s:taboption("main",Value, "obfs_param", translate("Confusing plug-in parameters"))
152 | obfs_param.rmempty = true
153 | obfs_param:depends("plugin_param", "1")
154 |
155 | s:tab("list", translate("User-defined GFW-List"))
156 | gfwlist = s:taboption("list", TextValue, "conf")
157 | gfwlist.description = translate("
(!)Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying.")
158 | gfwlist.rows = 13
159 | gfwlist.wrap = "off"
160 | gfwlist.cfgvalue = function(self, section)
161 | return NXFS.readfile(conf) or ""
162 | end
163 | gfwlist.write = function(self, section, value)
164 | NXFS.writefile(conf, value:gsub("\r\n", "\n"))
165 | end
166 |
167 | local addipconf = "/etc/shadowsocksr/addinip.txt"
168 |
169 | s:tab("addip", translate("GFW-List Add-in IP"))
170 | gfwaddin = s:taboption("addip", TextValue, "addipconf")
171 | gfwaddin.description = translate("
(!)Note: IP add-in to GFW-List. Such as Telegram Messenger")
172 | gfwaddin.rows = 13
173 | gfwaddin.wrap = "off"
174 | gfwaddin.cfgvalue = function(self, section)
175 | return NXFS.readfile(addipconf) or ""
176 | end
177 | gfwaddin.write = function(self, section, value)
178 | NXFS.writefile(addipconf, value:gsub("\r\n", "\n"))
179 | end
180 |
181 | s:tab("status", translate("Status and Tools"))
182 | s:taboption("status", DummyValue,"opennewwindow" ,
183 | translate(""))
184 |
185 |
186 | s:tab("watchdog", translate("Watchdog Log"))
187 | log = s:taboption("watchdog", TextValue, "sylogtext")
188 | log.template = "cbi/tvalue"
189 | log.rows = 13
190 | log.wrap = "off"
191 | log.readonly="readonly"
192 |
193 | function log.cfgvalue(self, section)
194 | SYS.exec("[ -f /tmp/shadowsocksr_watchdog.log ] && sed '1!G;h;$!d' /tmp/shadowsocksr_watchdog.log > /tmp/ssrpro.log")
195 | return nixio.fs.readfile(dog)
196 | end
197 |
198 | function log.write(self, section, value)
199 | value = value:gsub("\r\n?", "\n")
200 | nixio.fs.writefile(dog, value)
201 | end
202 |
203 |
204 |
205 | t=m:section(TypedSection,"acl_rule",translate("Client Proxy Mode Settings"),
206 | translate("Proxy mode settings can be set to specific LAN clients ( No Proxy, Global Proxy, Game Mode) . Does not need to be set by default."))
207 | t.template="cbi/tblsection"
208 | t.sortable=true
209 | t.anonymous=true
210 | t.addremove=true
211 | e=t:option(Value,"ipaddr",translate("IP Address"))
212 | e.width="40%"
213 | e.datatype="ip4addr"
214 | e.placeholder="0.0.0.0/0"
215 | luci.ip.neighbors({ family = 4 }, function(entry)
216 | if entry.reachable then
217 | e:value(entry.dest:string())
218 | end
219 | end)
220 |
221 | e=t:option(ListValue,"filter_mode",translate("Proxy Mode"))
222 | e.width="40%"
223 | e.default="disable"
224 | e.rmempty=false
225 | e:value("disable",translate("No Proxy"))
226 | e:value("global",translate("Global Proxy"))
227 | e:value("game",translate("Game Mode"))
228 |
229 | return m
230 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/po/zh-cn/ssr-plus.po:
--------------------------------------------------------------------------------
1 | msgid ""
2 | msgstr "Content-Type: text/plain; charset=UTF-8\n"
3 |
4 | msgid "ShadowSocksR Client"
5 | msgstr "ShadowSocksR 客户端"
6 |
7 | msgid "Enable"
8 | msgstr "启用"
9 |
10 | msgid "Disable"
11 | msgstr "停用"
12 |
13 | msgid "Log"
14 | msgstr "日志"
15 |
16 | msgid "ShadowSocksR is running"
17 | msgstr "ShadowSocksR 客户端运行中"
18 |
19 | msgid "ShadowSocksR is not running"
20 | msgstr "ShadowSocksR 客户端未运行"
21 |
22 | msgid "Global Setting"
23 | msgstr "全局设置"
24 |
25 | msgid "Global Server"
26 | msgstr "全局服务器"
27 |
28 | msgid "ShadowSocksR SOCK5 Proxy is running"
29 | msgstr "ShadowSocksR SOCK5代理运行中"
30 |
31 | msgid "UDP Relay Server"
32 | msgstr "UDP中继服务器"
33 |
34 | msgid "Same as Global Server"
35 | msgstr "与全局服务器相同"
36 |
37 | msgid "Servers Setting"
38 | msgstr "服务器配置"
39 |
40 | msgid "Alias(optional)"
41 | msgstr "别名(可选)"
42 |
43 | msgid "Onetime Authentication"
44 | msgstr "一次验证"
45 |
46 | msgid "Server Address"
47 | msgstr "服务器地址"
48 |
49 | msgid "Server Port"
50 | msgstr "服务器端口"
51 |
52 | msgid "Local Port"
53 | msgstr "本地端口"
54 |
55 | msgid "Connection Timeout"
56 | msgstr "连接超时"
57 |
58 | msgid "Password"
59 | msgstr "密码"
60 |
61 | msgid "Encrypt Method"
62 | msgstr "加密方式"
63 |
64 | msgid "Protocol"
65 | msgstr "传输协议"
66 |
67 | msgid "Protocol param(optional)"
68 | msgstr "传输协议参数(可选)"
69 |
70 | msgid "Obfs"
71 | msgstr "混淆插件"
72 |
73 | msgid "Obfs param(optional)"
74 | msgstr "混淆参数(可选)"
75 |
76 | msgid "Enable Tunnel(DNS)"
77 | msgstr "启用隧道(DNS)转发"
78 |
79 | msgid "Tunnel Port"
80 | msgstr "隧道(DNS)本地端口"
81 |
82 | msgid "Forwarding Tunnel"
83 | msgstr "隧道(DNS)转发地址"
84 |
85 | msgid "Access Control"
86 | msgstr "访问控制"
87 |
88 | msgid "Interfaces - WAN"
89 | msgstr "接口 - WAN"
90 |
91 | msgid "Bypassed IP List"
92 | msgstr "被忽略IP列表"
93 |
94 | msgid "NULL - As Global Proxy"
95 | msgstr "留空 - 作为全局代理"
96 |
97 | msgid "Bypassed IP"
98 | msgstr "额外被忽略IP"
99 |
100 | msgid "Forwarded IP"
101 | msgstr "强制走代理IP"
102 |
103 | msgid "Interfaces - LAN"
104 | msgstr "接口 - LAN"
105 |
106 | msgid "LAN Access Control"
107 | msgstr "内网访问控制"
108 |
109 | msgid "Allow listed only"
110 | msgstr "仅允许列表内"
111 |
112 | msgid "Allow all except listed"
113 | msgstr "仅允许列表外"
114 |
115 | msgid "LAN Host List"
116 | msgstr "内网主机列表"
117 |
118 | msgid "SSR Client"
119 | msgstr "客户端"
120 |
121 | msgid "SSR Server"
122 | msgstr "服务端"
123 |
124 | msgid "ShadowSocksR Server"
125 | msgstr "ShadowSocksR 服务端"
126 |
127 | msgid "ShadowSocksR Server is running"
128 | msgstr "ShadowSocksR 服务端运行中"
129 |
130 | msgid "ShadowSocksR Server is not running"
131 | msgstr "ShadowSocksR 服务端未运行"
132 |
133 | msgid "Enable Server"
134 | msgstr "启动服务端"
135 |
136 | msgid "Server Setting"
137 | msgstr "服务端配置"
138 |
139 | msgid "KcpTun Enable"
140 | msgstr "KcpTun 启用"
141 |
142 | msgid "bin:/usr/bin/kcptun-client"
143 | msgstr "二进制文件:/usr/bin/kcptun-client"
144 |
145 | msgid "KcpTun Port"
146 | msgstr "KcpTun 端口"
147 |
148 | msgid "KcpTun Param"
149 | msgstr "KcpTun 参数"
150 |
151 | msgid "KcpTun Password"
152 | msgstr "KcpTun 密码"
153 |
154 | msgid "Haven't a Kcptun executable file"
155 | msgstr "不存在Kcptun可执行文件,请下载Kcptun可执行文件并改名放入/usr/bin/kcptun-client"
156 |
157 | msgid "Not a Kcptun executable file"
158 | msgstr "Kcptun可执行文件格式不正确,请确认是否正确下载了路由器对应的可执行文件"
159 |
160 | msgid "Enable Process Monitor"
161 | msgstr "启用进程监控"
162 |
163 | msgid "Edit ShadowSocksR Server"
164 | msgstr "编辑服务器配置"
165 |
166 | msgid "Alias"
167 | msgstr "别名"
168 |
169 | msgid "SOCKS5 Proxy"
170 | msgstr "SOCKS5代理"
171 |
172 | msgid "Server"
173 | msgstr "服务器"
174 |
175 | msgid "TCP Fast Open"
176 | msgstr "TCP快速打开"
177 |
178 | msgid "Status"
179 | msgstr "状态"
180 |
181 | msgid "Unknown"
182 | msgstr "未知"
183 |
184 | msgid "Running Status"
185 | msgstr "运行状态"
186 |
187 | msgid "Global Client"
188 | msgstr "TCP透明代理"
189 |
190 | msgid "Global SSR Server"
191 | msgstr "SSR服务端"
192 |
193 | msgid "DNS Tunnel"
194 | msgstr "DNS 隧道"
195 |
196 | msgid "IPK Version"
197 | msgstr "IPK 版本号"
198 |
199 | msgid "KcpTun Version"
200 | msgstr "KcpTun 版本号"
201 |
202 | msgid "Not exist"
203 | msgstr "未安装可执行文件"
204 |
205 | msgid "IPK Installation Time"
206 | msgstr "IPK 安装时间"
207 |
208 | msgid "Project"
209 | msgstr "项目地址"
210 |
211 | msgid "Not Running"
212 | msgstr "未运行"
213 |
214 | msgid "Running"
215 | msgstr "运行中"
216 |
217 | msgid "Enable GFW mode"
218 | msgstr "启用 GFW 模式"
219 |
220 | msgid "Running Mode"
221 | msgstr "运行模式"
222 |
223 | msgid "IP Route Mode"
224 | msgstr "绕过中国大陆IP模式"
225 |
226 | msgid "GFW List Mode"
227 | msgstr "GFW列表模式"
228 |
229 | msgid "Global Mode"
230 | msgstr "全局模式"
231 |
232 | msgid "Oversea Mode"
233 | msgstr "海外用户回国模式"
234 |
235 | msgid "Router Proxy"
236 | msgstr "路由器访问控制"
237 |
238 | msgid "Normal Proxy"
239 | msgstr "正常代理"
240 |
241 | msgid "Bypassed Proxy"
242 | msgstr "不走代理"
243 |
244 | msgid "Forwarded Proxy"
245 | msgstr "强制走代理"
246 |
247 | msgid "UDP Relay"
248 | msgstr "UDP中继"
249 |
250 | msgid "Google Connectivity"
251 | msgstr "【谷歌】连通性检查"
252 |
253 | msgid "Baidu Connectivity"
254 | msgstr "【百度】连通性检查"
255 |
256 | msgid "No Check"
257 | msgstr "未检查"
258 |
259 | msgid "Check"
260 | msgstr "检查"
261 |
262 | msgid "Connect OK"
263 | msgstr "连接正常"
264 |
265 | msgid "Connect Error"
266 | msgstr "连接错误"
267 |
268 | msgid "Check..."
269 | msgstr "正在检查.."
270 |
271 | msgid "Proxy Check"
272 | msgstr "代理检查"
273 |
274 |
275 | msgid "GFW List Data"
276 | msgstr "【GFW列表】数据库"
277 |
278 | msgid "China IP Data"
279 | msgstr "【国内IP段】数据库"
280 |
281 | msgid "Records"
282 | msgstr "条记录"
283 |
284 | msgid "Refresh Data"
285 | msgstr "更新数据库"
286 |
287 | msgid "Refresh..."
288 | msgstr "正在更新,请稍候.."
289 |
290 | msgid "Refresh OK!"
291 | msgstr "更新成功!"
292 |
293 | msgid "Refresh Error!"
294 | msgstr "更新失败!"
295 |
296 | msgid "No new data!"
297 | msgstr "你已经是最新数据,无需更新!"
298 |
299 | msgid "Total Records:"
300 | msgstr "新的总纪录数:"
301 |
302 | msgid "Check Server Port"
303 | msgstr "【服务器端口】检查"
304 |
305 | msgid "Check Connect"
306 | msgstr "检查连通性"
307 |
308 | msgid "Check Server"
309 | msgstr "检查服务器"
310 |
311 | msgid "Auto Switch"
312 | msgstr "自动切换"
313 |
314 | msgid "Enable Auto Switch"
315 | msgstr "启用自动切换"
316 |
317 | msgid "Switch check cycly(second)"
318 | msgstr "自动切换检查周期(秒)"
319 |
320 | msgid "Check timout(second)"
321 | msgstr "切换检查超时时间(秒)"
322 |
323 | msgid "Enable Process Deamon"
324 | msgstr "启用进程自动守护"
325 |
326 | msgid "Advertising Data"
327 | msgstr "【广告屏蔽】数据库"
328 |
329 | msgid "DNS Server IP and Port"
330 | msgstr "DNS服务器地址和端口"
331 |
332 | msgid "Resolve Dns Mode"
333 | msgstr "DNS解析方式"
334 |
335 | msgid "Use SSR DNS Tunnel"
336 | msgstr "使用SSR-DNS隧道"
337 |
338 | msgid "Use Pdnsd"
339 | msgstr "使用Pdnsd"
340 |
341 | msgid "Use Other DNS Tunnel(Need to install)"
342 | msgstr "使用其他DNS转发(需要自己安装)"
343 |
344 | msgid "Import SSR"
345 | msgstr "导入ssr配置信息"
346 |
347 | msgid "Export SSR"
348 | msgstr "导出ssr配置信息"
349 |
350 | msgid "Import SSR successfully."
351 | msgstr "成功导入SSR。"
352 |
353 | msgid "Invalid SSR format."
354 | msgstr "无效的SSR格式。"
355 |
356 | msgid "User cancelled."
357 | msgstr "用户已取消。"
358 |
359 | msgid "Paste ssr url here"
360 | msgstr "在此处粘贴ssr://网址"
361 |
362 | msgid "Unable to copy SSR to clipboard."
363 | msgstr "无法复制SSR网址到剪贴板。"
364 |
365 | msgid "Copy SSR to clipboard successfully."
366 | msgstr "成功复制SSR网址到剪贴板。"
367 |
368 | msgid "Servers Manage"
369 | msgstr "服务器管理"
370 |
371 | msgid "Auto Update"
372 | msgstr "自动更新"
373 |
374 | msgid "Through proxy update"
375 | msgstr "通过代理更新"
376 |
377 | msgid "GFW List"
378 | msgstr "GFW列表"
379 |
380 | msgid "ShadowSocksR Plus+ Settings"
381 | msgstr "ShadowSocksR Plus+ 设置(支持SS/SSR/V2RAY)"
382 |
383 | msgid "Main Server"
384 | msgstr "主服务器"
385 |
386 | msgid "Anti-pollution DNS Server"
387 | msgstr "访问国外域名DNS服务器"
388 |
389 | msgid "Use Pdnsd tcp query and cache"
390 | msgstr "使用PDNSD TCP查询并缓存"
391 |
392 | msgid "DNS Server IP:Port"
393 | msgstr "DNS服务器 IP:Port"
394 |
395 | msgid "Update time (every day)"
396 | msgstr "更新时间 (每天)"
397 |
398 | msgid "Auto Update Server subscription, GFW list and CHN route"
399 | msgstr "自动更新服务器订阅、GFW列表和 CHN路由表"
400 |
401 | msgid "Subscribe URL"
402 | msgstr "SSR/V2RAY订阅URL地址"
403 |
404 | msgid "Update"
405 | msgstr "更新"
406 |
407 | msgid "Server Count"
408 | msgstr "服务器节点数量"
409 |
410 | msgid "IP black-and-white list"
411 | msgstr "IP黑白名单"
412 |
413 | msgid "WAN IP AC"
414 | msgstr "WAN IP访问控制"
415 |
416 | msgid "WAN White List IP"
417 | msgstr "不走代理的WAN IP"
418 |
419 | msgid "WAN Force Proxy IP"
420 | msgstr "强制走代理的WAN IP"
421 |
422 | msgid "LAN Bypassed Host List"
423 | msgstr "不走代理的局域网LAN IP"
424 |
425 | msgid "LAN Force Proxy Host List"
426 | msgstr "全局代理的LAN IP"
427 |
428 | msgid "Router Self AC"
429 | msgstr "路由器自身代理设置"
430 |
431 | msgid "Router Self Proxy"
432 | msgstr "路由器自身代理方式"
433 |
434 | msgid "Normal Proxy"
435 | msgstr "跟随全局设置"
436 |
437 | msgid "Bypassed Proxy"
438 | msgstr "不走代理"
439 |
440 | msgid "Forwarded Proxy"
441 | msgstr "全局代理"
442 |
443 | msgid "GFW Custom List"
444 | msgstr "GFW 用户自定义列表"
445 |
446 | msgid "Please refer to the following writing"
447 | msgstr "每行一个域名,无需写前面的 HTTP(S):// ,提交后即时生效"
448 |
449 | msgid "Servers subscription and manage"
450 | msgstr "服务器节点订阅与管理(支持订阅和手动导入SSR链接)"
451 |
452 | msgid "Through proxy update list, Not Recommended"
453 | msgstr "通过路由器自身代理更新订阅(不推荐)"
454 |
455 | msgid "LAN IP AC"
456 | msgstr "LAN IP访问控制"
457 |
458 | msgid "Game Mode UDP Server"
459 | msgstr "游戏模式UDP中继服务器"
460 |
461 | msgid "Game Mode UDP Relay"
462 | msgstr "游戏模式UDP中继"
463 |
464 | msgid "Server failsafe auto swith settings"
465 | msgstr "服务器节点故障自动切换设置"
466 |
467 | msgid "Delete all severs"
468 | msgstr "删除所有服务器"
469 |
470 | msgid "Severs Nodes"
471 | msgstr "服务器节点"
472 |
473 | msgid "Use Local DNS Service listen port 5335"
474 | msgstr "使用本机端口为5335的DNS服务"
475 |
476 | msgid "Server Node Type"
477 | msgstr "服务器节点类型"
478 |
479 | msgid "Using incorrect encryption mothod may causes service fail to start"
480 | msgstr "输入不正确的参数组合可能会导致服务无法启动"
481 |
482 | msgid "Game Mode Host List"
483 | msgstr "增强游戏模式客户端LAN IP"
484 |
485 | msgid "Multi Threads Option"
486 | msgstr "多线程并发转发"
487 |
488 | msgid "Auto Threads"
489 | msgstr "自动(CPU线程数)"
490 |
491 | msgid "1 Thread"
492 | msgstr "单线程"
493 |
494 | msgid "2 Threads"
495 | msgstr "2 线程"
496 |
497 | msgid "4 Threads"
498 | msgstr "4 线程"
499 |
500 | msgid "8 Threads"
501 | msgstr "8 线程"
502 |
503 | msgid "Proxy Ports"
504 | msgstr "需要代理的端口"
505 |
506 | msgid "All Ports"
507 | msgstr "所有端口(默认)"
508 |
509 | msgid "Only Common Ports"
510 | msgstr "仅常用端口(不走P2P流量到代理)"
511 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua:
--------------------------------------------------------------------------------
1 | -- Copyright (C) 2017 yushi studio github.com/ywb94
2 | -- Licensed to the public under the GNU General Public License v3.
3 |
4 | local m, s, o,kcp_enable
5 | local shadowsocksr = "shadowsocksr"
6 | local uci = luci.model.uci.cursor()
7 | local ipkg = require("luci.model.ipkg")
8 | local fs = require "nixio.fs"
9 | local sys = require "luci.sys"
10 | local sid = arg[1]
11 | local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid")
12 |
13 | local function isKcptun(file)
14 | if not fs.access(file, "rwx", "rx", "rx") then
15 | fs.chmod(file, 755)
16 | end
17 |
18 | local str = sys.exec(file .. " -v | awk '{printf $1}'")
19 | return (str:lower() == "kcptun")
20 | end
21 |
22 |
23 | local server_table = {}
24 | local encrypt_methods = {
25 | "none",
26 | "table",
27 | "rc4",
28 | "rc4-md5-6",
29 | "rc4-md5",
30 | "aes-128-cfb",
31 | "aes-192-cfb",
32 | "aes-256-cfb",
33 | "aes-128-ctr",
34 | "aes-192-ctr",
35 | "aes-256-ctr",
36 | "bf-cfb",
37 | "camellia-128-cfb",
38 | "camellia-192-cfb",
39 | "camellia-256-cfb",
40 | "cast5-cfb",
41 | "des-cfb",
42 | "idea-cfb",
43 | "rc2-cfb",
44 | "seed-cfb",
45 | "salsa20",
46 | "chacha20",
47 | "chacha20-ietf",
48 | }
49 |
50 | local encrypt_methods_ss = {
51 | -- aead
52 | "aes-128-gcm",
53 | "aes-192-gcm",
54 | "aes-256-gcm",
55 | "chacha20-ietf-poly1305",
56 | "xchacha20-ietf-poly1305",
57 | -- stream
58 | "table",
59 | "rc4",
60 | "rc4-md5",
61 | "aes-128-cfb",
62 | "aes-192-cfb",
63 | "aes-256-cfb",
64 | "aes-128-ctr",
65 | "aes-192-ctr",
66 | "aes-256-ctr",
67 | "bf-cfb",
68 | "camellia-128-cfb",
69 | "camellia-192-cfb",
70 | "camellia-256-cfb",
71 | "salsa20",
72 | "chacha20",
73 | "chacha20-ietf",
74 | }
75 |
76 | local protocol = {
77 | "origin",
78 | "verify_deflate",
79 | "auth_sha1_v4",
80 | "auth_aes128_sha1",
81 | "auth_aes128_md5",
82 | "auth_chain_a",
83 | "auth_chain_b",
84 | "auth_chain_c",
85 | "auth_chain_d",
86 | "auth_chain_e",
87 | "auth_chain_f",
88 | }
89 |
90 | obfs = {
91 | "plain",
92 | "http_simple",
93 | "http_post",
94 | "random_head",
95 | "tls1.2_ticket_auth",
96 | }
97 |
98 | local securitys = {
99 | "auto",
100 | "none",
101 | "aes-128-gcm",
102 | "chacha20-poly1305"
103 | }
104 |
105 |
106 | m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
107 | m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers")
108 | if m.uci:get(shadowsocksr, sid) ~= "servers" then
109 | luci.http.redirect(m.redirect)
110 | return
111 | end
112 |
113 | -- [[ Servers Setting ]]--
114 | s = m:section(NamedSection, sid, "servers")
115 | s.anonymous = true
116 | s.addremove = false
117 |
118 | o = s:option(DummyValue,"ssr_url","SSR URL")
119 | o.rawhtml = true
120 | o.template = "shadowsocksr/ssrurl"
121 | o.value =sid
122 | o:depends("type", "ssr")
123 |
124 | o = s:option(ListValue, "type", translate("Server Node Type"))
125 | o:value("ssr", translate("ShadowsocksR"))
126 | if nixio.fs.access("/usr/bin/ss-redir") then
127 | o:value("ss", translate("Shadowsocks New Version"))
128 | end
129 | if nixio.fs.access("/usr/bin/v2ray/v2ray") then
130 | o:value("v2ray", translate("V2Ray"))
131 | end
132 | o.description = translate("Using incorrect encryption mothod may causes service fail to start")
133 |
134 | o = s:option(Value, "alias", translate("Alias(optional)"))
135 |
136 | o = s:option(Value, "server", translate("Server Address"))
137 | o.datatype = "host"
138 | o.rmempty = false
139 |
140 | o = s:option(Value, "server_port", translate("Server Port"))
141 | o.datatype = "port"
142 | o.rmempty = false
143 |
144 | -- o = s:option(Value, "timeout", translate("Connection Timeout"))
145 | -- o.datatype = "uinteger"
146 | -- o.default = 60
147 | -- o.rmempty = false
148 |
149 | o = s:option(Value, "password", translate("Password"))
150 | o.password = true
151 | o.rmempty = true
152 | o:depends("type", "ssr")
153 | o:depends("type", "ss")
154 |
155 | o = s:option(ListValue, "encrypt_method", translate("Encrypt Method"))
156 | for _, v in ipairs(encrypt_methods) do o:value(v) end
157 | o.rmempty = true
158 | o:depends("type", "ssr")
159 |
160 | o = s:option(ListValue, "encrypt_method_ss", translate("Encrypt Method"))
161 | for _, v in ipairs(encrypt_methods_ss) do o:value(v) end
162 | o.rmempty = true
163 | o:depends("type", "ss")
164 |
165 | o = s:option(ListValue, "protocol", translate("Protocol"))
166 | for _, v in ipairs(protocol) do o:value(v) end
167 | o.rmempty = true
168 | o:depends("type", "ssr")
169 |
170 | o = s:option(Value, "protocol_param", translate("Protocol param(optional)"))
171 | o:depends("type", "ssr")
172 |
173 | o = s:option(ListValue, "obfs", translate("Obfs"))
174 | for _, v in ipairs(obfs) do o:value(v) end
175 | o.rmempty = true
176 | o:depends("type", "ssr")
177 |
178 | o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
179 | o:depends("type", "ssr")
180 |
181 | -- AlterId
182 | o = s:option(Value, "alter_id", translate("AlterId"))
183 | o.datatype = "port"
184 | o.default = 16
185 | o.rmempty = true
186 | o:depends("type", "v2ray")
187 |
188 | -- VmessId
189 | o = s:option(Value, "vmess_id", translate("VmessId (UUID)"))
190 | o.rmempty = true
191 | o.default = uuid
192 | o:depends("type", "v2ray")
193 |
194 | -- 加密方式
195 | o = s:option(ListValue, "security", translate("Encrypt Method"))
196 | for _, v in ipairs(securitys) do o:value(v, v:upper()) end
197 | o.rmempty = true
198 | o:depends("type", "v2ray")
199 |
200 | -- 传输协议
201 | o = s:option(ListValue, "transport", translate("Transport"))
202 | o:value("tcp", "TCP")
203 | o:value("kcp", "mKCP")
204 | o:value("ws", "WebSocket")
205 | o:value("h2", "HTTP/2")
206 | o:value("quic", "QUIC")
207 | o.rmempty = true
208 | o:depends("type", "v2ray")
209 |
210 | -- [[ TCP部分 ]]--
211 |
212 | -- TCP伪装
213 | o = s:option(ListValue, "tcp_guise", translate("Camouflage Type"))
214 | o:depends("transport", "tcp")
215 | o:value("none", translate("None"))
216 | o:value("http", "HTTP")
217 | o.rmempty = true
218 |
219 | -- HTTP域名
220 | o = s:option(DynamicList, "http_host", translate("HTTP Host"))
221 | o:depends("tcp_guise", "http")
222 | o.rmempty = true
223 |
224 | -- HTTP路径
225 | o = s:option(DynamicList, "http_path", translate("HTTP Path"))
226 | o:depends("tcp_guise", "http")
227 | o.rmempty = true
228 |
229 | -- [[ WS部分 ]]--
230 |
231 | -- WS域名
232 | o = s:option(Value, "ws_host", translate("WebSocket Host"))
233 | o:depends("transport", "ws")
234 | o.rmempty = true
235 |
236 | -- WS路径
237 | o = s:option(Value, "ws_path", translate("WebSocket Path"))
238 | o:depends("transport", "ws")
239 | o.rmempty = true
240 |
241 | -- [[ H2部分 ]]--
242 |
243 | -- H2域名
244 | o = s:option(DynamicList, "h2_host", translate("HTTP/2 Host"))
245 | o:depends("transport", "h2")
246 | o.rmempty = true
247 |
248 | -- H2路径
249 | o = s:option(Value, "h2_path", translate("HTTP/2 Path"))
250 | o:depends("transport", "h2")
251 | o.rmempty = true
252 |
253 | -- [[ QUIC部分 ]]--
254 |
255 | o = s:option(ListValue, "quic_security", translate("QUIC Security"))
256 | o:depends("transport", "quic")
257 | o.rmempty = true
258 | o:value("none", translate("None"))
259 | o:value("aes-128-gcm", translate("aes-128-gcm"))
260 | o:value("chacha20-poly1305", translate("chacha20-poly1305"))
261 |
262 | o = s:option(Value, "quic_key", translate("QUIC Key"))
263 | o:depends("transport", "quic")
264 | o.rmempty = true
265 |
266 | o = s:option(ListValue, "quic_guise", translate("Header"))
267 | o:depends("transport", "quic")
268 | o.rmempty = true
269 | o:value("none", translate("None"))
270 | o:value("srtp", translate("VideoCall (SRTP)"))
271 | o:value("utp", translate("BitTorrent (uTP)"))
272 | o:value("wechat-video", translate("WechatVideo"))
273 | o:value("dtls", "DTLS 1.2")
274 | o:value("wireguard", "WireGuard")
275 |
276 | -- [[ mKCP部分 ]]--
277 |
278 | o = s:option(ListValue, "kcp_guise", translate("Camouflage Type"))
279 | o:depends("transport", "kcp")
280 | o:value("none", translate("None"))
281 | o:value("srtp", translate("VideoCall (SRTP)"))
282 | o:value("utp", translate("BitTorrent (uTP)"))
283 | o:value("wechat-video", translate("WechatVideo"))
284 | o:value("dtls", "DTLS 1.2")
285 | o:value("wireguard", "WireGuard")
286 | o.rmempty = true
287 |
288 | o = s:option(Value, "mtu", translate("MTU"))
289 | o.datatype = "uinteger"
290 | o:depends("transport", "kcp")
291 | o.default = 1350
292 | o.rmempty = true
293 |
294 | o = s:option(Value, "tti", translate("TTI"))
295 | o.datatype = "uinteger"
296 | o:depends("transport", "kcp")
297 | o.default = 50
298 | o.rmempty = true
299 |
300 | o = s:option(Value, "uplink_capacity", translate("Uplink Capacity"))
301 | o.datatype = "uinteger"
302 | o:depends("transport", "kcp")
303 | o.default = 5
304 | o.rmempty = true
305 |
306 | o = s:option(Value, "downlink_capacity", translate("Downlink Capacity"))
307 | o.datatype = "uinteger"
308 | o:depends("transport", "kcp")
309 | o.default = 20
310 | o.rmempty = true
311 |
312 | o = s:option(Value, "read_buffer_size", translate("Read Buffer Size"))
313 | o.datatype = "uinteger"
314 | o:depends("transport", "kcp")
315 | o.default = 2
316 | o.rmempty = true
317 |
318 | o = s:option(Value, "write_buffer_size", translate("Write Buffer Size"))
319 | o.datatype = "uinteger"
320 | o:depends("transport", "kcp")
321 | o.default = 2
322 | o.rmempty = true
323 |
324 | o = s:option(Flag, "congestion", translate("Congestion"))
325 | o:depends("transport", "kcp")
326 | o.rmempty = true
327 |
328 | -- [[ allowInsecure ]]--
329 | o = s:option(Flag, "insecure", translate("allowInsecure"))
330 | o.rmempty = true
331 | o:depends("type", "v2ray")
332 |
333 | -- [[ TLS ]]--
334 | o = s:option(Flag, "tls", translate("TLS"))
335 | o.rmempty = true
336 | o.default = "0"
337 | o:depends("type", "v2ray")
338 |
339 | -- [[ Mux ]]--
340 | o = s:option(Flag, "mux", translate("Mux"))
341 | o.rmempty = true
342 | o.default = "0"
343 | o:depends("type", "v2ray")
344 |
345 | o = s:option(Value, "concurrency", translate("Concurrency"))
346 | o.datatype = "uinteger"
347 | o.rmempty = true
348 | o.default = "8"
349 | o:depends("mux", "1")
350 |
351 | o = s:option(Flag, "fast_open", translate("TCP Fast Open"))
352 | o.rmempty = true
353 | o.default = "0"
354 | o:depends("type", "ssr")
355 | o:depends("type", "ss")
356 |
357 | o = s:option(Flag, "switch_enable", translate("Enable Auto Switch"))
358 | o.rmempty = false
359 | o.default = "1"
360 |
361 | o = s:option(Value, "local_port", translate("Local Port"))
362 | o.datatype = "port"
363 | o.default = 1234
364 | o.rmempty = false
365 |
366 | if nixio.fs.access("/usr/bin/kcptun-client") then
367 |
368 | kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
369 | kcp_enable.rmempty = true
370 | kcp_enable.default = "0"
371 | kcp_enable:depends("type", "ssr")
372 | kcp_enable:depends("type", "ss")
373 |
374 | o = s:option(Value, "kcp_port", translate("KcpTun Port"))
375 | o.datatype = "port"
376 | o.default = 4000
377 | function o.validate(self, value, section)
378 | local kcp_file="/usr/bin/kcptun-client"
379 | local enable = kcp_enable:formvalue(section) or kcp_enable.disabled
380 | if enable == kcp_enable.enabled then
381 | if not fs.access(kcp_file) then
382 | return nil, translate("Haven't a Kcptun executable file")
383 | elseif not isKcptun(kcp_file) then
384 | return nil, translate("Not a Kcptun executable file")
385 | end
386 | end
387 |
388 | return value
389 | end
390 | o:depends("type", "ssr")
391 | o:depends("type", "ss")
392 |
393 | o = s:option(Value, "kcp_password", translate("KcpTun Password"))
394 | o.password = true
395 | o:depends("type", "ssr")
396 | o:depends("type", "ss")
397 |
398 | o = s:option(Value, "kcp_param", translate("KcpTun Param"))
399 | o.default = "--nocomp"
400 | o:depends("type", "ssr")
401 | o:depends("type", "ss")
402 |
403 | end
404 |
405 | return m
406 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/usr/bin/ssr-rules:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # Copyright (C) 2017 openwrt-ssr
4 | # Copyright (C) 2017 yushi studio
5 | #
6 | # This is free software, licensed under the GNU General Public License v3.
7 | # See /LICENSE for more information.
8 | #
9 |
10 | TAG="_SS_SPEC_RULE_" # comment tag
11 | IPT="iptables -t nat" # alias of iptables
12 | FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) # firewall include file
13 |
14 | usage() {
15 | cat <<-EOF
16 | Usage: ssr-rules [options]
17 |
18 | Valid options are:
19 |
20 | -s ip address of shadowsocksr remote server
21 | -l port number of shadowsocksr local server
22 | -S ip address of shadowsocksr remote UDP server
23 | -L port number of shadowsocksr local UDP server
24 | -i a file content is bypassed ip list
25 | -a lan ip of access control, need a prefix to
26 | define access control mode
27 | -b wan ip of will be bypassed
28 | -w wan ip of will be forwarded
29 | -p lan ip of will be global proxy
30 | -G lan ip of will be game mode proxy
31 | -D proxy ports
32 | -e extra options for iptables
33 | -o apply the rules to the OUTPUT chain
34 | -O apply the global rules to the OUTPUT chain
35 | -u enable udprelay mode, TPROXY is required
36 | -U enable udprelay mode, using different IP
37 | and ports for TCP and UDP
38 | -f flush the rules
39 | -g gfw list mode
40 | -r return china mode
41 | -h show this help message and exit
42 | EOF
43 | exit $1
44 | }
45 |
46 | loger() {
47 | # 1.alert 2.crit 3.err 4.warn 5.notice 6.info 7.debug
48 | logger -st ssr-rules[$$] -p$1 $2
49 | }
50 |
51 | flush_r() {
52 | flush_iptables() {
53 | local ipt="iptables -t $1"
54 | local DAT=$(iptables-save -t $1)
55 | eval $(echo "$DAT" | grep "$TAG" | sed -e 's/^-A/$ipt -D/' -e 's/$/;/')
56 | for chain in $(echo "$DAT" | awk '/^:SS_SPEC/{print $1}'); do
57 | $ipt -F ${chain:1} 2>/dev/null && $ipt -X ${chain:1}
58 | done
59 | }
60 | flush_iptables nat
61 | flush_iptables mangle
62 | ip rule del fwmark 0x01/0x01 table 100 2>/dev/null
63 | ip route del local 0.0.0.0/0 dev lo table 100 2>/dev/null
64 | ipset -X ss_spec_lan_ac 2>/dev/null
65 | ipset -X ss_spec_wan_ac 2>/dev/null
66 | ipset -X ssr_gen_router 2>/dev/null
67 | ipset -X fplan 2>/dev/null
68 | ipset -X gmlan 2>/dev/null
69 | ipset -X oversea 2>/dev/null
70 | [ -n "$FWI" ] && echo '#!/bin/sh' >$FWI
71 | return 0
72 | }
73 |
74 | ipset_r() {
75 | ipset -N gmlan hash:net 2>/dev/null
76 | for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
77 |
78 | if [ "$RUNMODE" = "router" ] ;then
79 | ipset -! -R <<-EOF || return 1
80 | create ss_spec_wan_ac hash:net
81 | $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
82 | $(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done)
83 | EOF
84 | ipset -N gfwlist hash:net 2>/dev/null
85 | $IPT -N SS_SPEC_WAN_AC
86 | $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
87 | $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
88 | $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
89 |
90 | elif [ "$RUNMODE" = "gfw" ] ;then
91 | ipset -N gfwlist hash:net 2>/dev/null
92 | for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done
93 | $IPT -N SS_SPEC_WAN_AC
94 | $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
95 | $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
96 | $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
97 | $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
98 |
99 | elif [ "$RUNMODE" = "oversea" ] ;then
100 | ipset -N oversea hash:net 2>/dev/null
101 | $IPT -N SS_SPEC_WAN_AC
102 | ipset -N gmlan hash:net 2>/dev/null
103 | for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
104 | $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW
105 | $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
106 |
107 | elif [ "$RUNMODE" = "all" ] ;then
108 | $IPT -N SS_SPEC_WAN_AC
109 | $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
110 | $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
111 |
112 | fi
113 |
114 | ipset -N fplan hash:net 2>/dev/null
115 | for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done
116 | $IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
117 |
118 | return $?
119 | }
120 |
121 | fw_rule() {
122 | $IPT -N SS_SPEC_WAN_FW
123 | $IPT -A SS_SPEC_WAN_FW -d 0.0.0.0/8 -j RETURN
124 | $IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN
125 | $IPT -A SS_SPEC_WAN_FW -d 127.0.0.0/8 -j RETURN
126 | $IPT -A SS_SPEC_WAN_FW -d 169.254.0.0/16 -j RETURN
127 | $IPT -A SS_SPEC_WAN_FW -d 172.16.0.0/12 -j RETURN
128 | $IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN
129 | $IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN
130 | $IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN
131 | $IPT -A SS_SPEC_WAN_FW -p tcp $PROXY_PORTS \
132 | -j REDIRECT --to-ports $local_port 2>/dev/null || {
133 | loger 3 "Can't redirect, please check the iptables."
134 | exit 1
135 | }
136 | return $?
137 | }
138 |
139 | ac_rule() {
140 | if [ -n "$LAN_AC_IP" ]; then
141 | case "${LAN_AC_IP:0:1}" in
142 | w|W)
143 | MATCH_SET="-m set --match-set ss_spec_lan_ac src"
144 | ;;
145 | b|B)
146 | MATCH_SET="-m set ! --match-set ss_spec_lan_ac src"
147 | ;;
148 | *)
149 | loger 3 "Bad argument \`-a $LAN_AC_IP\`."
150 | return 2
151 | ;;
152 | esac
153 | fi
154 | IFNAME=$(uci get -P/var/state network.lan.ifname 2>/dev/null)
155 | ipset -! -R <<-EOF || return 1
156 | create ss_spec_lan_ac hash:net
157 | $(for ip in ${LAN_AC_IP:1}; do echo "add ss_spec_lan_ac $ip"; done)
158 | EOF
159 | $IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET \
160 | -m comment --comment "$TAG" -j SS_SPEC_WAN_AC
161 | if [ "$OUTPUT" = 1 ]; then
162 | $IPT -I OUTPUT 1 -p tcp $EXT_ARGS \
163 | -m comment --comment "$TAG" -j SS_SPEC_WAN_AC
164 | elif [ "$OUTPUT" = 2 ]; then
165 | ipset -! -R <<-EOF || return 1
166 | create ssr_gen_router hash:net
167 | $(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /")
168 | EOF
169 | $IPT -N SS_SPEC_ROUTER && \
170 | $IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \
171 | $IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW
172 | $IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER
173 | fi
174 | return $?
175 | }
176 |
177 | tp_rule() {
178 | [ -n "$TPROXY" ] || return 0
179 | ip rule add fwmark 0x01/0x01 table 100
180 | ip route add local 0.0.0.0/0 dev lo table 100
181 | local ipt="iptables -t mangle"
182 | $ipt -N SS_SPEC_TPROXY
183 | $ipt -A SS_SPEC_TPROXY -p udp --dport 53 -j RETURN
184 | $ipt -A SS_SPEC_TPROXY -p udp -d 0.0.0.0/8 -j RETURN
185 | $ipt -A SS_SPEC_TPROXY -p udp -d 10.0.0.0/8 -j RETURN
186 | $ipt -A SS_SPEC_TPROXY -p udp -d 127.0.0.0/8 -j RETURN
187 | $ipt -A SS_SPEC_TPROXY -p udp -d 169.254.0.0/16 -j RETURN
188 | $ipt -A SS_SPEC_TPROXY -p udp -d 172.16.0.0/12 -j RETURN
189 | $ipt -A SS_SPEC_TPROXY -p udp -d 192.168.0.0/16 -j RETURN
190 | $ipt -A SS_SPEC_TPROXY -p udp -d 224.0.0.0/4 -j RETURN
191 | $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN
192 | $ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
193 |
194 | $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
195 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
196 |
197 | if [ "$RUNMODE" = "router" ] ;then
198 | $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
199 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
200 | $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
201 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
202 |
203 | elif [ "$RUNMODE" = "gfw" ] ;then
204 | $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
205 | $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
206 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
207 | $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
208 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
209 |
210 | elif [ "$RUNMODE" = "oversea" ] ;then
211 | $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
212 | -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
213 |
214 | elif [ "$RUNMODE" = "all" ] ;then
215 | $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
216 | fi
217 |
218 | $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
219 | -m comment --comment "$TAG" -j SS_SPEC_TPROXY
220 |
221 | return $?
222 | }
223 |
224 | get_wan_ip() {
225 | cat <<-EOF | grep -E "^([0-9]{1,3}\.){3}[0-9]{1,3}"
226 | $server
227 | $SERVER
228 | $WAN_BP_IP
229 | EOF
230 | }
231 |
232 | gen_iplist() {
233 | cat <<-EOF
234 | 0.0.0.0/8
235 | 10.0.0.0/8
236 | 100.64.0.0/10
237 | 127.0.0.0/8
238 | 169.254.0.0/16
239 | 172.16.0.0/12
240 | 192.0.0.0/24
241 | 192.0.2.0/24
242 | 192.88.99.0/24
243 | 192.168.0.0/16
244 | 198.18.0.0/15
245 | 198.51.100.0/24
246 | 203.0.113.0/24
247 | 224.0.0.0/4
248 | 240.0.0.0/4
249 | 255.255.255.255
250 | $(get_wan_ip)
251 | $(cat ${IGNORE_LIST:=/dev/null} 2>/dev/null)
252 | EOF
253 | }
254 |
255 | gen_spec_iplist() {
256 | cat <<-EOF
257 | 0.0.0.0/8
258 | 10.0.0.0/8
259 | 100.64.0.0/10
260 | 127.0.0.0/8
261 | 169.254.0.0/16
262 | 172.16.0.0/12
263 | 192.0.0.0/24
264 | 192.0.2.0/24
265 | 192.88.99.0/24
266 | 192.168.0.0/16
267 | 198.18.0.0/15
268 | 198.51.100.0/24
269 | 203.0.113.0/24
270 | 224.0.0.0/4
271 | 240.0.0.0/4
272 | 255.255.255.255
273 | $(get_wan_ip)
274 | EOF
275 | }
276 |
277 | gen_include() {
278 | [ -n "$FWI" ] || return 0
279 | extract_rules() {
280 | echo "*$1"
281 | iptables-save -t $1 | grep SS_SPEC_ |\
282 | sed -e "s/^-A \(OUTPUT\|PREROUTING\)/-I \1 1/"
283 | echo 'COMMIT'
284 | }
285 | cat <<-EOF >>$FWI
286 | iptables-save -c | grep -v "SS_SPEC" | iptables-restore -c
287 | iptables-restore -n <<-EOT
288 | $(extract_rules nat)
289 | $(extract_rules mangle)
290 | EOT
291 | EOF
292 | return 0
293 | }
294 |
295 | while getopts ":s:l:S:L:i:e:a:b:w:p:G:D:oOuUfgrczh" arg; do
296 | case "$arg" in
297 | s)
298 | server=$OPTARG
299 | ;;
300 | l)
301 | local_port=$OPTARG
302 | ;;
303 | S)
304 | SERVER=$OPTARG
305 | ;;
306 | L)
307 | LOCAL_PORT=$OPTARG
308 | ;;
309 | i)
310 | IGNORE_LIST=$OPTARG
311 | ;;
312 | e)
313 | EXT_ARGS=$OPTARG
314 | ;;
315 | a)
316 | LAN_AC_IP=$OPTARG
317 | ;;
318 | b)
319 | WAN_BP_IP=$(for ip in $OPTARG; do echo $ip; done)
320 | ;;
321 | w)
322 | WAN_FW_IP=$OPTARG
323 | ;;
324 | p)
325 | LAN_FP_IP=$OPTARG
326 | ;;
327 | G)
328 | LAN_GM_IP=$OPTARG
329 | ;;
330 | D)
331 | PROXY_PORTS=$OPTARG
332 | ;;
333 | o)
334 | OUTPUT=1
335 | ;;
336 | O)
337 | OUTPUT=2
338 | ;;
339 | u)
340 | TPROXY=1
341 | ;;
342 | U)
343 | TPROXY=2
344 | ;;
345 | g)
346 | RUNMODE=gfw
347 | ;;
348 | r)
349 | RUNMODE=router
350 | ;;
351 | c)
352 | RUNMODE=oversea
353 | ;;
354 | z)
355 | RUNMODE=all
356 | ;;
357 | f)
358 | flush_r
359 | exit 0
360 | ;;
361 | h)
362 | usage 0
363 | ;;
364 | esac
365 | done
366 |
367 | if [ -z "$server" -o -z "$local_port" ]; then
368 | usage 2
369 | fi
370 |
371 | if [ "$TPROXY" = 1 ]; then
372 | SERVER=$server
373 | LOCAL_PORT=$local_port
374 | elif [ "$TPROXY" = 2 ]; then
375 | : ${SERVER:?"You must assign an ip for the udp relay server."}
376 | : ${LOCAL_PORT:?"You must assign a port for the udp relay server."}
377 | fi
378 |
379 | flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
380 | [ "$?" = 0 ] || loger 3 "Start failed!"
381 | exit $?
382 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/init.d/v2raypro:
--------------------------------------------------------------------------------
1 | #!/bin/sh /etc/rc.common
2 | #
3 | #
4 |
5 | START=99
6 | STOP=10
7 |
8 | EXTRA_COMMANDS="reload_rule"
9 |
10 | V2RAY_REDIR_PORT=7070
11 | V2RAY_REDIR_PIDFILE=/var/run/v2ray-redir-go.pid
12 | PDNSD_LOCAL_PORT=7453
13 | V2RAYCONF=/tmp/config.json
14 | CRON_FILE=/etc/crontabs/root
15 | V2_CONF_GENERATE_LUA=/etc/v2ray/gen_config.lua
16 | CONFIG=v2raypro
17 | KEEP_GFWLIST=Y
18 | vt_np_ipset="china"
19 |
20 | get_config()
21 | {
22 | config_get_bool vt_enabled $1 enabled 0
23 | config_get vt_server_addr $1 address
24 | config_get vt_server_port $1 server_port
25 | config_get vt_password $1 password
26 | config_get vt_method $1 method
27 | config_get vt_protocol $1 protocol
28 | config_get vt_protoparam $1 protoparam
29 | config_get vt_obfs $1 obfs
30 | config_get obfs_param $1 obfs_param
31 | config_get vt_proxy_mode $1 proxy_mode
32 | config_get vt_timeout $1 timeout
33 | config_get vt_safe_dns $1 safe_dns
34 | config_get vt_timeout $1 timeout
35 | config_get vt_safe_dns $1 safe_dns
36 | config_get vt_safe_dns_port $1 safe_dns_port
37 | config_get vt_safe_dns_tcp $1 safe_dns_tcp
38 | config_get cron_mode $1 cron_mode 1
39 | }
40 |
41 |
42 |
43 |
44 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
45 |
46 | # Get LAN settings as default parameters
47 | [ -f /lib/functions/network.sh ] && . /lib/functions/network.sh
48 | network_get_subnet covered_subnets lan
49 | network_get_ipaddr local_addresses lan
50 |
51 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
52 |
53 | __gfwlist_by_mode()
54 | {
55 | case "$1" in
56 | V) echo unblock-youku;;
57 | *) echo china-banned;;
58 | esac
59 | }
60 |
61 | start()
62 | {
63 | config_load v2raypro
64 | config_foreach get_config v2raypro
65 |
66 | [ -f /etc/init.d/pdnsd ] && /etc/init.d/pdnsd disable 2>/dev/null
67 |
68 | if [ "$vt_enabled" = 0 ]; then
69 | echo "WARNING: v2ray is disabled."
70 | exit 0
71 | fi
72 |
73 | local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
74 | [ -z "$vt_proxy_mode" ] && vt_proxy_mode=M
75 | [ -z "$vt_method" ] && vt_method=table
76 | [ -z "$vt_timeout" ] && vt_timeout=60
77 | case "$vt_proxy_mode" in
78 | M|S|G)
79 | [ -z "$vt_safe_dns" ] && vt_safe_dns="8.8.8.8"
80 | [ -z "$vt_safe_dns_tcp" ] && vt_safe_dns_tcp=1
81 | ;;
82 | esac
83 | [ -z "$vt_safe_dns_port" ] && vt_safe_dns_port=53
84 |
85 | # -----------------------------------------------------------------
86 | ###### v2ray ######
87 | /usr/bin/lua $V2_CONF_GENERATE_LUA $CONFIG $V2RAYCONF
88 | /usr/bin/v2ray/v2ray -config=$V2RAYCONF &
89 |
90 | echo "V2Ray started"
91 |
92 |
93 | # IPv4 firewall rules
94 | add_rule
95 |
96 | # -----------------------------------------------------------------
97 | mkdir -p /var/etc/dnsmasq-go.d
98 | ###### Anti-pollution configuration ######
99 | if [ -n "$vt_safe_dns" ]; then
100 | if [ "$vt_safe_dns_tcp" = 1 ]; then
101 | start_pdnsd "$vt_safe_dns"
102 | awk -vs="127.0.0.1#$PDNSD_LOCAL_PORT" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
103 | /etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
104 | else
105 | awk -vs="$vt_safe_dns#$vt_safe_dns_port" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
106 | /etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
107 | fi
108 | else
109 | echo "WARNING: Not using secure DNS, DNS resolution might be polluted if you are in China."
110 | fi
111 |
112 | ###### dnsmasq-to-ipset configuration ######
113 | case "$vt_proxy_mode" in
114 | M|V)
115 | awk '!/^$/&&!/^#/{printf("ipset=/%s/'"$vt_gfwlist"'\n",$0)}' \
116 | /etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/02-ipset.conf
117 | ;;
118 | esac
119 |
120 | # -----------------------------------------------------------------
121 | ###### Restart main 'dnsmasq' service if needed ######
122 | if ls /var/etc/dnsmasq-go.d/* >/dev/null 2>&1; then
123 | mkdir -p /tmp/dnsmasq.d
124 | cat > /tmp/dnsmasq.d/dnsmasq-go.conf </dev/null
155 | del_cron
156 | }
157 |
158 |
159 | reload_rule()
160 | {
161 | config_load v2raypro
162 | config_foreach get_config v2raypro
163 |
164 | local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
165 |
166 | KEEP_GFWLIST=Y
167 | del_rule
168 | add_rule
169 | if [ "$vt_safe_dns_tcp" = 1 ]; then
170 | stop_pdnsd
171 | start_pdnsd
172 | fi
173 | }
174 |
175 | restart()
176 | {
177 | KEEP_GFWLIST=Y
178 | stop
179 | start
180 | }
181 |
182 |
183 | # $1: upstream DNS server
184 | start_pdnsd()
185 | {
186 | local safe_dns="$1"
187 |
188 | local tcp_dns_list="208.67.222.222, 208.67.220.220"
189 | [ -n "$safe_dns" ] && tcp_dns_list="$safe_dns,$tcp_dns_list"
190 |
191 | #killall -9 pdnsd 2>/dev/null && sleep 1
192 | kill -9 $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
193 |
194 | mkdir -p /var/etc /var/pdnsd
195 | if ! test -f "/var/pdnsd/pdnsd.cache"; then
196 | dd if=/dev/zero of="/var/pdnsd/pdnsd.cache" bs=1 count=4 2> /dev/null
197 | chown -R nobody.nogroup /var/pdnsd
198 | fi
199 |
200 | cat > /var/etc/pdnsd.conf </dev/null; then
241 | while iptables -t nat -D OUTPUT -p tcp --dport 53 -j pdnsd_output 2>/dev/null; do :; done
242 | iptables -t nat -X pdnsd_output
243 | fi
244 | killall -9 pdnsd 2>/dev/null
245 | rm -rf /var/pdnsd
246 | rm -f /var/etc/pdnsd.conf
247 | }
248 |
249 | add_cron()
250 | {
251 | sed -i '/up-gfwlist.sh/d' $CRON_FILE
252 | sed -i '/v2ray_watchdog.log/d' $CRON_FILE
253 | if [ $cron_mode -eq 1 ]; then
254 | echo '0 5 * * * /etc/v2ray/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1' >> $CRON_FILE
255 | fi
256 | echo '0 */1 * * * /etc/v2ray/v2ray-watchdog >> /tmp/v2ray_watchdog.log 2>&1' >> $CRON_FILE
257 | echo '0 1 * * 0 echo "" > /tmp/v2ray_watchdog.log' >> $CRON_FILE
258 | crontab $CRON_FILE
259 | }
260 |
261 | del_cron()
262 | {
263 | sed -i '/up-gfwlist.sh/d' $CRON_FILE
264 | sed -i '/v2ray_watchdog.log/d' $CRON_FILE
265 | /etc/init.d/cron restart
266 | }
267 |
268 |
269 |
270 | uci_get_by_name() {
271 | local ret=$(uci get $CONFIG.$1.$2 2>/dev/null)
272 | echo ${ret:=$3}
273 | }
274 |
275 | uci_get_by_type() {
276 | local index=0
277 | if [ -n $4 ]; then
278 | index=$4
279 | fi
280 | local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
281 | echo ${ret:=$3}
282 | }
283 |
284 | add_rule()
285 | {
286 | iptables -t nat -N v2ray_pre
287 | iptables -t nat -F v2ray_pre
288 | iptables -t nat -A v2ray_pre -m set --match-set local dst -j RETURN || {
289 | iptables -t nat -A v2ray_pre -d 10.0.0.0/8 -j RETURN
290 | iptables -t nat -A v2ray_pre -d 127.0.0.0/8 -j RETURN
291 | iptables -t nat -A v2ray_pre -d 172.16.0.0/12 -j RETURN
292 | iptables -t nat -A v2ray_pre -d 192.168.0.0/16 -j RETURN
293 | iptables -t nat -A v2ray_pre -d 127.0.0.0/8 -j RETURN
294 | iptables -t nat -A v2ray_pre -d 224.0.0.0/3 -j RETURN
295 | }
296 | iptables -t nat -A v2ray_pre -d $vt_server_addr -j RETURN
297 |
298 | iptables -N gameboost -t mangle
299 | ipset -! create gameuser hash:ip maxelem 65536 2>/dev/null
300 | ip rule add fwmark 0x100/0xfff table 100
301 | ip route add local 0.0.0.0/0 dev lo table 100
302 | iptables -t mangle -A gameboost -p udp -m set --match-set local dst -j RETURN
303 | iptables -t mangle -A gameboost -p udp -m set --match-set china dst -j RETURN
304 | iptables -t mangle -A gameboost -p udp --dport 53 -j RETURN
305 | iptables -t mangle -A gameboost -p udp -j TPROXY --on-port 7070 --tproxy-mark 0x100/0xfff
306 | iptables -t mangle -A PREROUTING -m set --match-set gameuser src -j gameboost
307 |
308 | for i in $(seq 0 100)
309 | do
310 | local ip=$(uci_get_by_type acl_rule ipaddr '' $i)
311 | local mode=$(uci_get_by_type acl_rule filter_mode '' $i)
312 | case "$mode" in
313 | disable)
314 | iptables -t nat -A v2ray_pre -s $ip -j RETURN
315 | ;;
316 | global)
317 | iptables -t nat -A v2ray_pre -s $ip -p tcp -j REDIRECT --to $V2RAY_REDIR_PORT
318 | iptables -t nat -A v2ray_pre -s $ip -j RETURN
319 | ;;
320 | game)
321 | iptables -t nat -A v2ray_pre -p tcp -s $ip -m set ! --match-set china dst -j REDIRECT --to $V2RAY_REDIR_PORT
322 | ipset -! add gameuser $ip
323 | ;;
324 | esac
325 | done
326 |
327 | case "$vt_proxy_mode" in
328 | G) : ;;
329 | S)
330 | iptables -t nat -A v2ray_pre -m set --match-set $vt_np_ipset dst -j RETURN
331 | iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $V2RAY_REDIR_PORT
332 | ;;
333 | M)
334 | ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
335 | awk '!/^$/&&!/^#/{printf("add vt_gfwlist %s'" "'\n",$0)}' /etc/v2ray/addinip.txt > /tmp/addinip.ipset
336 | sed -i "s/vt_gfwlist/$vt_gfwlist/g" /tmp/addinip.ipset
337 | ipset -! restore < /tmp/addinip.ipset
338 | iptables -t nat -A v2ray_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
339 | iptables -t nat -A v2ray_pre -m set --match-set $vt_np_ipset dst -j RETURN
340 | iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set $vt_gfwlist dst -j REDIRECT --to $V2RAY_REDIR_PORT
341 | ;;
342 | V)
343 | vt_np_ipset=""
344 | ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
345 | iptables -t nat -A v2ray_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
346 | ;;
347 | esac
348 | local subnet
349 | for subnet in $covered_subnets; do
350 | iptables -t nat -A v2ray_pre -s $subnet -p tcp -j REDIRECT --to $V2RAY_REDIR_PORT
351 | done
352 | iptables -t nat -I PREROUTING -p tcp -j v2ray_pre
353 | }
354 |
355 | del_rule()
356 | {
357 | if iptables -t nat -F v2ray_pre 2>/dev/null; then
358 | while iptables -t nat -D PREROUTING -p tcp -j v2ray_pre 2>/dev/null; do :; done
359 | iptables -t nat -X v2ray_pre 2>/dev/null
360 | fi
361 |
362 | iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set china-banned dst -j REDIRECT --to $V2RAY_REDIR_PORT 2>/dev/null
363 | iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $V2RAY_REDIR_PORT 2>/dev/null
364 |
365 | /usr/bin/ip rule del fwmark 0x100/0xfff table 100
366 | /usr/bin/ip route del local 0.0.0.0/0 dev lo table 100
367 | if iptables -t mangle -F gameboost 2>/dev/null; then
368 | while iptables -t mangle -D PREROUTING -m set --match-set gameuser src -j gameboost 2>/dev/null; do :; done
369 | iptables -t mangle -X gameboost 2>/dev/null
370 | fi
371 |
372 | ipset destroy gameuser 2>/dev/null
373 |
374 |
375 | # -----------------------------------------------------------------
376 | [ "$KEEP_GFWLIST" = Y ] || ipset destroy "$vt_gfwlist" 2>/dev/null
377 | }
378 |
379 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/root/etc/v2ray/gen_config.lua:
--------------------------------------------------------------------------------
1 | --[[
2 | Auto generate config for Project V
3 | Author: @libc0607
4 | add reverse
5 | use io write ,fix sequence(cjson.encode's sequence , reverse can't work )
6 | @tqsi
7 |
8 | ]]--
9 |
10 | local conf_path, json_path = ...
11 | conf_path = conf_path or "v2raypro"
12 | json_path = json_path or "/tmp/config.json"
13 |
14 | local local_listen_port = 7070
15 | local cjson = require "cjson.safe"
16 | local ucursor = require "luci.model.uci".cursor()
17 | local lip = require "luci.ip"
18 |
19 |
20 | local v2ray_stream_mode = ucursor:get(conf_path, "v2raypro", "network_type") -- tcp/kcp/ws
21 |
22 | local v2ray_enReverse = ucursor:get(conf_path, "v2raypro", "risen")=="1" and true or false
23 | function v2ray_get_conf_list(op)
24 | local t = {}
25 | for k, v in pairs(ucursor:get_list(conf_path, 'v2ray', op)) do
26 | table.insert(t, v)
27 | end
28 | return t
29 | end
30 |
31 | function check_addr_type(addr)
32 | local ip = luci.ip.new(addr, 32)
33 | if ip == nil then
34 | return "domain"
35 | elseif ip:is4() then
36 | return "ipv4"
37 | elseif ip:is6() then
38 | return "ipv6"
39 | end
40 | end
41 |
42 | function get_ip_list_by_domain(domain)
43 | local domain_list = {}
44 | local cmd = io.popen("nslookup " .. domain .. " |grep Address | awk {'print $3'}")
45 | for cmd_line in cmd:lines() do
46 | if check_addr_type(cmd_line) == "ipv4" then
47 | table.insert(domain_list, cmd_line)
48 | elseif check_addr_type(cmd_line) == "ipv6" then
49 | table.insert(domain_list, cmd_line)
50 | end
51 | end
52 | return domain_list
53 | end
54 |
55 |
56 | -- Generate config json to
57 |
58 |
59 | local json_file = io.open(json_path, "w+")
60 | io.output(json_file)
61 | io.write("{\"log\":{\"loglevel\":\"warning\",\"access\":\"\",\"error\":\"\"},\"dns\": {\"servers\": [\"localhost\"]},\"inbounds\":[{\"port\":7070,\"tag\": \"listen\",\"protocol\":\"dokodemo-door\",\"address\":\"\",\"settings\":{\"followRedirect\":true,\"network\":\"tcp,udp\",\"timeout\":50},\"domainOverride\":[\"tls\",\"http\"]}],")
62 | if v2ray_enReverse then --reverse set
63 | io.write("\"reverse\": {\"bridges\": [{\"tag\": \"bridge\",\"domain\": \"")
64 | io.write(ucursor:get(conf_path, "v2raypro", "rserver_domain"))
65 | io.write("\"}]},")
66 | end
67 |
68 | --outbound
69 | v2ray_proxy={
70 | tag = "proxy",
71 | protocol = "vmess",
72 | settings = {
73 | vnext = {
74 | [1] = {
75 | address = ucursor:get(conf_path, "v2raypro", "address"),
76 | port = tonumber(ucursor:get(conf_path, "v2raypro", "port")),
77 | users = {
78 | [1] = {
79 | id = ucursor:get(conf_path, "v2raypro", "id"),
80 | alterId = tonumber(ucursor:get(conf_path, "v2raypro", "alterId")),
81 | security = ucursor:get(conf_path, "v2raypro", "security")
82 | },
83 | },
84 | },
85 | },
86 | },
87 | streamSettings = {
88 | network = ucursor:get(conf_path, "v2raypro", "network_type"),
89 | tlsSettings = { allowInsecure=true },
90 | security = (ucursor:get(conf_path, "v2raypro", "tls") == '1') and "tls" or "none",
91 | tcpSettings = (v2ray_stream_mode == "tcp" and ucursor:get(conf_path, "v2raypro", "tcp_obfs") == "http") and {
92 | connectionReuse = true,
93 | header = {
94 | type = ucursor:get(conf_path, "v2raypro", "tcp_obfs"),
95 | request = {
96 | version = "1.1",
97 | method = "GET",
98 | path = v2ray_get_conf_list('tcp_path'),
99 | headers = {
100 | Host = v2ray_get_conf_list('tcp_host'),
101 | User_Agent = {
102 | "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36",
103 | "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
104 | },
105 | Accept_Encoding = {"gzip, deflate"},
106 | Connection = {"keep-alive"},
107 | Pragma = "no-cache"
108 | },
109 | },
110 | response = {
111 | version = "1.1",
112 | status = "200",
113 | reason = "OK",
114 | headers = {
115 | Content_Type = {"application/octet-stream","video/mpeg"},
116 | Transfer_Encoding = {"chunked"},
117 | Connection= {"keep-alive"},
118 | Pragma = "no-cache"
119 | },
120 | },
121 | }
122 | } or nil,
123 |
124 | kcpSettings = (v2ray_stream_mode == "kcp") and {
125 | mtu = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_mtu")),
126 | tti = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_tti")),
127 | uplinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_uplink")),
128 | downlinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_downlink")),
129 | congestion = (ucursor:get(conf_path, "v2raypro", "kcp_congestion") == "1") and true or false,
130 | readBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_readbuf")),
131 | writeBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_writebuf")),
132 | header = {
133 | type = ucursor:get(conf_path, "v2raypro", "kcp_obfs")
134 | }
135 | } or nil,
136 |
137 | wsSettings = (v2ray_stream_mode == "ws") and {
138 | connectionReuse = true,
139 | path = ucursor:get(conf_path, "v2raypro", "ws_path"),
140 | headers = (ucursor:get(conf_path, "v2raypro", "ws_headers") ~= nil) and {
141 | Host = ucursor:get(conf_path, "v2raypro", "ws_headers")
142 | } or nil,
143 | } or nil,
144 |
145 | httpSettings = (v2ray_stream_mode == "h2") and {
146 | path = ucursor:get(conf_path, "v2raypro", "h2_path"),
147 | host = (ucursor:get(conf_path, "v2raypro", "h2_domain") ~= nil) and {
148 | ucursor:get(conf_path, "v2raypro", "h2_domain")
149 | } or nil,
150 | } or nil,
151 | },
152 | mux = (v2ray_enReverse==false) and{
153 | enabled = (ucursor:get(conf_path, "v2raypro", "mux") == "1") and true or false
154 | } or nil,
155 | }
156 |
157 |
158 |
159 |
160 | io.write("\"outbounds\": [")
161 |
162 |
163 |
164 | if v2ray_enReverse then
165 | local v2ray_stream_tunnel_mode = ucursor:get(conf_path, "v2raypro", "rnetwork_type") -- tcp/kcp/ws
166 | local v2ray_tunnel= {
167 | tag = "tunnel",
168 | protocol = "vmess",
169 | settings = {
170 | vnext = {
171 | [1] = {
172 | address = ucursor:get(conf_path, "v2raypro", "raddress"),
173 | port = tonumber(ucursor:get(conf_path, "v2raypro", "rport")),
174 | users = {
175 | [1] = {
176 | id = ucursor:get(conf_path, "v2raypro", "rid"),
177 | alterId = tonumber(ucursor:get(conf_path, "v2raypro", "ralterId")),
178 | security = ucursor:get(conf_path, "v2raypro", "rsecurity")
179 | },
180 | },
181 | },
182 | },
183 | },
184 | streamSettings = {
185 | network = ucursor:get(conf_path, "v2raypro", "rnetwork_type"),
186 | tlsSettings = { allowInsecure=true },
187 | security = (ucursor:get(conf_path, "v2raypro", "rtls") == '1') and "tls" or "none",
188 | tcpSettings = (v2ray_stream_tunnel_mode == "tcp" and ucursor:get(conf_path, "v2raypro", "rtcp_obfs") == "http") and {
189 | connectionReuse = true,
190 | header = {
191 | type = ucursor:get(conf_path, "v2raypro", "rtcp_obfs"),
192 | request = {
193 | version = "1.1",
194 | method = "GET",
195 | path = v2ray_get_conf_list('tcp_path'),
196 | headers = {
197 | Host = v2ray_get_conf_list('tcp_host'),
198 | User_Agent = {
199 | "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36",
200 | "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
201 | },
202 | Accept_Encoding = {"gzip, deflate"},
203 | Connection = {"keep-alive"},
204 | Pragma = "no-cache"
205 | },
206 | },
207 | response = {
208 | version = "1.1",
209 | status = "200",
210 | reason = "OK",
211 | headers = {
212 | Content_Type = {"application/octet-stream","video/mpeg"},
213 | Transfer_Encoding = {"chunked"},
214 | Connection= {"keep-alive"},
215 | Pragma = "no-cache"
216 | },
217 | },
218 | }
219 | } or nil,
220 |
221 | kcpSettings = (v2ray_stream_tunnel_mode == "kcp") and {
222 | mtu = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_mtu")),
223 | tti = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_tti")),
224 | uplinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_uplink")),
225 | downlinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_downlink")),
226 | congestion = (ucursor:get(conf_path, "v2raypro", "rkcp_congestion") == "1") and true or false,
227 | readBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_readbuf")),
228 | writeBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_writebuf")),
229 | header = {
230 | type = ucursor:get(conf_path, "v2raypro", "rkcp_obfs")
231 | }
232 | } or nil,
233 |
234 | wsSettings = (v2ray_stream_tunnel_mode == "ws") and {
235 | connectionReuse = true,
236 | path = ucursor:get(conf_path, "v2raypro", "rws_path"),
237 | headers = (ucursor:get(conf_path, "v2raypro", "rws_headers") ~= nil) and {
238 | Host = ucursor:get(conf_path, "v2raypro", "rws_headers")
239 | } or nil,
240 | } or nil,
241 |
242 | httpSettings = (v2ray_stream_tunnel_mode == "h2") and {
243 | path = ucursor:get(conf_path, "v2raypro", "rh2_path"),
244 | host = (ucursor:get(conf_path, "v2raypro", "rh2_domain") ~= nil) and {
245 | ucursor:get(conf_path, "v2raypro", "rh2_domain")
246 | } or nil,
247 | } or nil,
248 | },
249 | mux = (v2ray_enReverse==false) and{
250 | enabled = (ucursor:get(conf_path, "v2raypro", "mux") == "1") and true or false
251 | } or nil,
252 | }
253 |
254 | json_raw_t = cjson.encode(v2ray_tunnel)
255 | io.write(json_raw_t..",")
256 | io.write("{\"protocol\": \"freedom\",\"settings\": {},\"tag\": \"out\"},")
257 |
258 | end
259 |
260 |
261 | local json_raw = cjson.encode(v2ray_proxy)
262 | io.write(json_raw.."],")
263 | --io.write("]")
264 |
265 |
266 | io.write("\"routing\": {\"strategy\": \"rules\",\"settings\": {\"rules\": [")--routing set
267 | if v2ray_enReverse then
268 | io.write("{\"type\": \"field\",\"inboundTag\": [\"bridge\"],\"domain\": [\"full:")
269 | io.write(ucursor:get(conf_path, "v2raypro", "rserver_domain"))
270 | io.write("\"],\"outboundTag\": \"tunnel\"},{\"type\": \"field\",\"inboundTag\": [\"bridge\"],\"outboundTag\": \"out\"},")
271 | end
272 |
273 | io.write("{\"domainStrategy\": \"IPIfNonMatch\",\"type\": \"field\",\"outboundTag\": \"proxy\",\"inboundTag\": [\"listen\"]}]}}")
274 |
275 |
276 |
277 |
278 | io.write("}")--end
279 | io.close(json_file)
280 |
281 |
282 |
283 | -- change '_' to '-'
284 | local keys_including_minus = {"User_Agent", "Content_Type", "Accept_Encoding", "Transfer_Encoding"}
285 | local keys_corrected = {"User-Agent", "Content-Type", "Accept-Encoding", "Transfer-Encoding"}
286 | for k, v in pairs(keys_including_minus) do
287 | os.execute("sed -i 's/" ..v.. "/" ..keys_corrected[k].. "/g' " .. json_path)
288 | end
289 |
290 | -- change "\/" to "/"
291 | os.execute("sed -i 's/\\\\\\//\\//g' ".. json_path)
292 |
293 | print("V2ray config generated at " .. json_path)
294 |
--------------------------------------------------------------------------------
/luci-app-ssr-pro/root/etc/init.d/ssrpro:
--------------------------------------------------------------------------------
1 | #!/bin/sh /etc/rc.common
2 | #
3 | #
4 |
5 | START=99
6 | STOP=10
7 |
8 | EXTRA_COMMANDS="reload_rule"
9 |
10 | SS_REDIR_PORT=7070
11 | SS_REDIR_PIDFILE=/var/run/ssr-redir-go.pid
12 | PDNSD_LOCAL_PORT=7453
13 | SSRCONF=/etc/shadowsocksr.json
14 | CRON_FILE=/etc/crontabs/root
15 | CONFIG=ssrpro
16 | KEEP_GFWLIST=Y
17 | vt_np_ipset="china"
18 |
19 | get_config()
20 | {
21 | config_get_bool vt_enabled $1 enabled 0
22 | config_get vt_server_addr $1 server
23 | config_get vt_server_port $1 server_port
24 | config_get vt_password $1 password
25 | config_get vt_method $1 method
26 | config_get vt_protocol $1 protocol
27 | config_get vt_protoparam $1 protoparam
28 | config_get vt_obfs $1 obfs
29 | config_get obfs_param $1 obfs_param
30 | config_get vt_proxy_mode $1 proxy_mode
31 | config_get vt_timeout $1 timeout
32 | config_get vt_safe_dns $1 safe_dns
33 | config_get vt_timeout $1 timeout
34 | config_get vt_safe_dns $1 safe_dns
35 | config_get vt_safe_dns_port $1 safe_dns_port
36 | config_get vt_safe_dns_tcp $1 safe_dns_tcp
37 | config_get cron_mode $1 cron_mode 1
38 | config_get_bool vt_more $1 more 0
39 | }
40 |
41 |
42 |
43 |
44 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
45 |
46 | # Get LAN settings as default parameters
47 | [ -f /lib/functions/network.sh ] && . /lib/functions/network.sh
48 | network_get_subnet covered_subnets lan
49 | network_get_ipaddr local_addresses lan
50 |
51 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
52 |
53 | __gfwlist_by_mode()
54 | {
55 | case "$1" in
56 | V) echo unblock-youku;;
57 | *) echo china-banned;;
58 | esac
59 | }
60 |
61 | start()
62 | {
63 | config_load ssrpro
64 | config_foreach get_config ssrpro
65 |
66 | [ -f /etc/init.d/pdnsd ] && /etc/init.d/pdnsd disable 2>/dev/null
67 |
68 | if [ "$vt_enabled" = 0 ]; then
69 | echo "WARNING: Shadowsocksr is disabled."
70 | exit 0
71 | fi
72 |
73 | if [ -z "$vt_server_addr" -o -z "$vt_server_port" ]; then
74 | echo "WARNING: Shadowsocksr not fully configured, not starting."
75 | exit 0
76 | fi
77 |
78 | local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
79 | [ -z "$vt_proxy_mode" ] && vt_proxy_mode=M
80 | [ -z "$vt_method" ] && vt_method=table
81 | [ -z "$vt_timeout" ] && vt_timeout=60
82 | case "$vt_proxy_mode" in
83 | M|S|G)
84 | [ -z "$vt_safe_dns" ] && vt_safe_dns="8.8.8.8"
85 | [ -z "$vt_safe_dns_tcp" ] && vt_safe_dns_tcp=1
86 | ;;
87 | esac
88 | [ -z "$vt_safe_dns_port" ] && vt_safe_dns_port=53
89 |
90 | # -----------------------------------------------------------------
91 | ###### shadowsocksr ######
92 | cat > $SSRCONF < /var/etc/dnsmasq-go.d/01-pollution.conf
128 | else
129 | awk -vs="$vt_safe_dns#$vt_safe_dns_port" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
130 | /etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
131 | fi
132 | else
133 | echo "WARNING: Not using secure DNS, DNS resolution might be polluted if you are in China."
134 | fi
135 |
136 | ###### dnsmasq-to-ipset configuration ######
137 | case "$vt_proxy_mode" in
138 | M|V)
139 | awk '!/^$/&&!/^#/{printf("ipset=/%s/'"$vt_gfwlist"'\n",$0)}' \
140 | /etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/02-ipset.conf
141 | ;;
142 | esac
143 |
144 | # -----------------------------------------------------------------
145 | ###### Restart main 'dnsmasq' service if needed ######
146 | if ls /var/etc/dnsmasq-go.d/* >/dev/null 2>&1; then
147 | mkdir -p /tmp/dnsmasq.d
148 | cat > /tmp/dnsmasq.d/dnsmasq-go.conf </dev/null
179 | del_cron
180 | }
181 |
182 |
183 | reload_rule()
184 | {
185 | config_load ssrpro
186 | config_foreach get_config ssrpro
187 |
188 | local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
189 |
190 | KEEP_GFWLIST=Y
191 | del_rule
192 | add_rule
193 | if [ "$vt_safe_dns_tcp" = 1 ]; then
194 | stop_pdnsd
195 | start_pdnsd
196 | fi
197 | }
198 |
199 | restart()
200 | {
201 | KEEP_GFWLIST=Y
202 | stop
203 | start
204 | }
205 |
206 |
207 | # $1: upstream DNS server
208 | start_pdnsd()
209 | {
210 | local safe_dns="$1"
211 |
212 | local tcp_dns_list="208.67.222.222, 208.67.220.220"
213 | [ -n "$safe_dns" ] && tcp_dns_list="$safe_dns,$tcp_dns_list"
214 |
215 | #killall -9 pdnsd 2>/dev/null && sleep 1
216 | kill -9 $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
217 |
218 | mkdir -p /var/etc /var/pdnsd
219 | if ! test -f "/var/pdnsd/pdnsd.cache"; then
220 | echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache
221 | chown -R nobody.nogroup /var/pdnsd
222 | fi
223 |
224 | cat > /var/etc/pdnsd.conf </dev/null; then
265 | while iptables -t nat -D OUTPUT -p tcp --dport 53 -j pdnsd_output 2>/dev/null; do :; done
266 | iptables -t nat -X pdnsd_output
267 | fi
268 | kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 || killall -9 pdnsd >/dev/null 2>&1
269 | rm -rf /var/pdnsd
270 | rm -f /var/etc/pdnsd.conf
271 | }
272 |
273 | add_cron()
274 | {
275 | sed -i '/up-gfwlist.sh/d' $CRON_FILE
276 | sed -i '/shadowsocksr_watchdog.log/d' $CRON_FILE
277 | if [ $cron_mode -eq 1 ]; then
278 | echo '0 5 * * * /etc/shadowsocksr/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1' >> $CRON_FILE
279 | fi
280 | echo '0 */1 * * * /etc/shadowsocksr/ssr-watchdog >> /tmp/shadowsocksr_watchdog.log 2>&1' >> $CRON_FILE
281 | echo '0 1 * * 0 echo "" > /tmp/shadowsocksr_watchdog.log' >> $CRON_FILE
282 | crontab $CRON_FILE
283 | }
284 |
285 | del_cron()
286 | {
287 | sed -i '/up-gfwlist.sh/d' $CRON_FILE
288 | sed -i '/shadowsocksr_watchdog.log/d' $CRON_FILE
289 | /etc/init.d/cron restart
290 | }
291 |
292 |
293 |
294 | uci_get_by_name() {
295 | local ret=$(uci get $CONFIG.$1.$2 2>/dev/null)
296 | echo ${ret:=$3}
297 | }
298 |
299 | uci_get_by_type() {
300 | local index=0
301 | if [ -n $4 ]; then
302 | index=$4
303 | fi
304 | local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
305 | echo ${ret:=$3}
306 | }
307 |
308 | add_rule()
309 | {
310 | iptables -t nat -N shadowsocksr_pre
311 | iptables -t nat -F shadowsocksr_pre
312 | iptables -t nat -A shadowsocksr_pre -m set --match-set local dst -j RETURN || {
313 | iptables -t nat -A shadowsocksr_pre -d 10.0.0.0/8 -j RETURN
314 | iptables -t nat -A shadowsocksr_pre -d 127.0.0.0/8 -j RETURN
315 | iptables -t nat -A shadowsocksr_pre -d 172.16.0.0/12 -j RETURN
316 | iptables -t nat -A shadowsocksr_pre -d 192.168.0.0/16 -j RETURN
317 | iptables -t nat -A shadowsocksr_pre -d 127.0.0.0/8 -j RETURN
318 | iptables -t nat -A shadowsocksr_pre -d 224.0.0.0/3 -j RETURN
319 | }
320 | iptables -t nat -A shadowsocksr_pre -d $vt_server_addr -j RETURN
321 |
322 | iptables -N gameboost -t mangle
323 | ipset -! create gameuser hash:ip maxelem 65536 2>/dev/null
324 | /usr/bin/ip rule add fwmark 0x01/0x01 table 100
325 | /usr/bin/ip route add local 0.0.0.0/0 dev lo table 100
326 | iptables -t mangle -A gameboost -p udp -m set --match-set local dst -j RETURN
327 | iptables -t mangle -A gameboost -p udp -m set --match-set china dst -j RETURN
328 | iptables -t mangle -A gameboost -p udp --dport 53 -j RETURN
329 | iptables -t mangle -A gameboost -p udp -j TPROXY --on-port 7070 --tproxy-mark 0x01/0x01
330 | iptables -t mangle -A PREROUTING -m set --match-set gameuser src -j gameboost
331 |
332 | for i in $(seq 0 100)
333 | do
334 | local ip=$(uci_get_by_type acl_rule ipaddr '' $i)
335 | local mode=$(uci_get_by_type acl_rule filter_mode '' $i)
336 | case "$mode" in
337 | disable)
338 | iptables -t nat -A shadowsocksr_pre -s $ip -j RETURN
339 | ;;
340 | global)
341 | iptables -t nat -A shadowsocksr_pre -s $ip -p tcp -j REDIRECT --to $SS_REDIR_PORT
342 | iptables -t nat -A shadowsocksr_pre -s $ip -j RETURN
343 | ;;
344 | game)
345 | iptables -t nat -A shadowsocksr_pre -p tcp -s $ip -m set ! --match-set china dst -j REDIRECT --to $SS_REDIR_PORT
346 | ipset -! add gameuser $ip
347 | ;;
348 | esac
349 | done
350 |
351 | case "$vt_proxy_mode" in
352 | G) : ;;
353 | S)
354 | iptables -t nat -A shadowsocksr_pre -m set --match-set $vt_np_ipset dst -j RETURN
355 | iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $SS_REDIR_PORT
356 | ;;
357 | M)
358 | ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
359 | awk '!/^$/&&!/^#/{printf("add vt_gfwlist %s'" "'\n",$0)}' /etc/shadowsocksr/addinip.txt > /tmp/addinip.ipset
360 | sed -i "s/vt_gfwlist/$vt_gfwlist/g" /tmp/addinip.ipset
361 | ipset -! restore < /tmp/addinip.ipset
362 | iptables -t nat -A shadowsocksr_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
363 | iptables -t nat -A shadowsocksr_pre -m set --match-set $vt_np_ipset dst -j RETURN
364 | iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set $vt_gfwlist dst -j REDIRECT --to $SS_REDIR_PORT
365 | ;;
366 | V)
367 | vt_np_ipset=""
368 | ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
369 | iptables -t nat -A shadowsocksr_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
370 | ;;
371 | esac
372 | local subnet
373 | for subnet in $covered_subnets; do
374 | iptables -t nat -A shadowsocksr_pre -s $subnet -p tcp -j REDIRECT --to $SS_REDIR_PORT
375 | done
376 | iptables -t nat -I PREROUTING -p tcp -j shadowsocksr_pre
377 | }
378 |
379 | del_rule()
380 | {
381 | if iptables -t nat -F shadowsocksr_pre 2>/dev/null; then
382 | while iptables -t nat -D PREROUTING -p tcp -j shadowsocksr_pre 2>/dev/null; do :; done
383 | iptables -t nat -X shadowsocksr_pre 2>/dev/null
384 | fi
385 |
386 | iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set china-banned dst -j REDIRECT --to $SS_REDIR_PORT 2>/dev/null
387 | iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $SS_REDIR_PORT 2>/dev/null
388 |
389 | /usr/bin/ip rule del fwmark 0x01/0x01 table 100
390 | /usr/bin/ip route del local 0.0.0.0/0 dev lo table 100
391 | if iptables -t mangle -F gameboost 2>/dev/null; then
392 | while iptables -t mangle -D PREROUTING -m set --match-set gameuser src -j gameboost 2>/dev/null; do :; done
393 | iptables -t mangle -X gameboost 2>/dev/null
394 | fi
395 |
396 | ipset destroy gameuser 2>/dev/null
397 |
398 |
399 | # -----------------------------------------------------------------
400 | [ "$KEEP_GFWLIST" = Y ] || ipset destroy "$vt_gfwlist" 2>/dev/null
401 | }
402 |
403 |
--------------------------------------------------------------------------------
/luci-app-v2ray-pro/luasrc/model/cbi/v2raypro.lua:
--------------------------------------------------------------------------------
1 |
2 | local fs = require "nixio.fs"
3 | local NXFS = require "nixio.fs"
4 | local WLFS = require "nixio.fs"
5 | local SYS = require "luci.sys"
6 | local ND = SYS.exec("cat /etc/gfwlist/china-banned | wc -l")
7 | local conf = "/etc/v2ray/base-gfwlist.txt"
8 | local watch = "/tmp/v2ray_watchdog.log"
9 | local dog = "/tmp/v2raypro.log"
10 | local http = luci.http
11 | local ucursor = require "luci.model.uci".cursor()
12 |
13 | m = Map("v2raypro")
14 | m.title = translate("V2Ray Transparent Proxy")
15 | m.description = translate("A fast secure tunnel proxy that help you get through firewalls on your router")
16 |
17 | m:section(SimpleSection).template = "v2raypro/v2raypro_status"
18 |
19 | s = m:section(TypedSection, "v2raypro")
20 | s.anonymous = true
21 |
22 | -- ---------------------------------------------------
23 |
24 | s:tab("basic", translate("Base Setting"))
25 |
26 |
27 | switch = s:taboption("basic",Flag, "enabled", translate("Enable"))
28 | switch.rmempty = false
29 |
30 | proxy_mode = s:taboption("basic",ListValue, "proxy_mode", translate("Proxy Mode"))
31 | proxy_mode:value("M", translate("Base on GFW-List Auto Proxy Mode(Recommend)"))
32 | proxy_mode:value("S", translate("Bypassing China Manland IP Mode(Be caution when using P2P download!)"))
33 | proxy_mode:value("G", translate("Global Mode"))
34 | proxy_mode:value("V", translate("Overseas users watch China video website Mode"))
35 |
36 | cronup = s:taboption("basic", Flag, "cron_mode", translate("Auto Update GFW-List"),
37 | translate(string.format("GFW-List Lines: %s Lines", ND)))
38 | cronup.default = 0
39 | cronup.rmempty = false
40 |
41 | updatead = s:taboption("basic", Button, "updatead", translate("Manually force update GFW-List"), translate("Note: It needs to download and convert the rules. The background process may takes 60-120 seconds to run.
After completed it would automatically refresh, please do not duplicate click!"))
42 | updatead.inputtitle = translate("Manually force update GFW-List")
43 | updatead.inputstyle = "apply"
44 | updatead.write = function()
45 | SYS.call("nohup sh /etc/v2ray/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1 &")
46 | end
47 |
48 | safe_dns_tcp = s:taboption("basic",Flag, "safe_dns_tcp", translate("DNS uses TCP"),
49 | translate("Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"))
50 | safe_dns_tcp.rmempty = false
51 | -- safe_dns_tcp:depends("more", "1")
52 |
53 | -- timeout = s:taboption("basic",Value, "timeout", translate("Timeout"))
54 | -- timeout.datatype = "range(0,10000)"
55 | -- timeout.placeholder = "60"
56 | -- timeout.optional = false
57 | -- timeout:depends("more", "1")
58 |
59 | -- safe_dns = s:taboption("basic",Value, "safe_dns", translate("Safe DNS"),
60 | -- translate("8.8.8.8 or 8.8.4.4 is recommended"))
61 | -- safe_dns.datatype = "ip4addr"
62 | -- safe_dns.optional = false
63 | -- safe_dns:depends("more", "1")
64 |
65 | -- safe_dns_port = s:taboption("basic",Value, "safe_dns_port", translate("Safe DNS Port"),
66 | -- translate("Foreign DNS on UDP port 53 might be polluted"))
67 | -- safe_dns_port.datatype = "range(1,65535)"
68 | -- safe_dns_port.placeholder = "53"
69 | -- safe_dns_port.optional = false
70 | -- safe_dns_port:depends("more", "1")
71 |
72 | --fast_open =s:taboption("basic",Flag, "fast_open", translate("TCP Fast Open"),
73 | -- translate("Enable TCP fast open, only available on kernel > 3.7.0"))
74 |
75 | s:tab("main", translate("Server Setting"))
76 |
77 | server = s:taboption("main",Value, "address", translate("Server Address"))
78 | server.datatype = "host"
79 | server.rmempty = false
80 |
81 | server_port = s:taboption("main",Value, "port", translate("Server Port"))
82 | server_port.datatype = "range(0,65535)"
83 | server_port.rmempty = false
84 |
85 | id = s:taboption("main",Value, "id", translate("ID"))
86 | id.password = true
87 |
88 | alterId = s:taboption("main",Value, "alterId", translate("Alter ID"))
89 | alterId.datatype = "range(1,65535)"
90 | alterId.rmempty = false
91 |
92 | security = s:taboption("main",ListValue, "security", translate("Security"))
93 | security:value("none")
94 | security:value("auto")
95 | security:value("aes-128-cfb")
96 | security:value("aes-128-gcm")
97 | security:value("chacha20-poly1305")
98 |
99 | network_type = s:taboption("main",ListValue, "network_type", translate("Network Type"))
100 | network_type:value("tcp")
101 | network_type:value("kcp")
102 | network_type:value("ws")
103 | network_type:value("h2")
104 |
105 | -- tcp settings
106 | tcp_obfs = s:taboption("main",ListValue, "tcp_obfs", translate("TCP Obfs"))
107 | tcp_obfs:value("none")
108 | tcp_obfs:value("http")
109 | tcp_obfs:depends("network_type", "tcp")
110 |
111 | tcp_path = s:taboption("main",DynamicList, "tcp_path", translate("TCP Obfs Path"))
112 | tcp_path:depends("tcp_obfs", "http")
113 |
114 | tcp_host = s:taboption("main",DynamicList, "tcp_host", translate("TCP Obfs Header"))
115 | tcp_host:depends("tcp_obfs", "http")
116 | tcp_host.datatype = "host"
117 |
118 | -- kcp settings
119 | kcp_obfs = s:taboption("main",ListValue, "kcp_obfs", translate("KCP Obfs"))
120 | kcp_obfs:value("none")
121 | kcp_obfs:value("srtp")
122 | kcp_obfs:value("utp")
123 | kcp_obfs:value("wechat-video")
124 | kcp_obfs:value("dtls")
125 | kcp_obfs:value("wireguard")
126 | kcp_obfs:depends("network_type", "kcp")
127 |
128 | kcp_mtu = s:taboption("main",Value, "kcp_mtu", translate("KCP MTU"))
129 | kcp_mtu.datatype = "range(576,1460)"
130 | kcp_mtu:depends("network_type", "kcp")
131 |
132 | kcp_tti = s:taboption("main",Value, "kcp_tti", translate("KCP TTI"))
133 | kcp_tti.datatype = "range(10,100)"
134 | kcp_tti:depends("network_type", "kcp")
135 |
136 | kcp_uplink = s:taboption("main",Value, "kcp_uplink", translate("KCP uplinkCapacity"))
137 | kcp_uplink.datatype = "range(0,1000)"
138 | kcp_uplink:depends("network_type", "kcp")
139 |
140 | kcp_downlink = s:taboption("main",Value, "kcp_downlink", translate("KCP downlinkCapacity"))
141 | kcp_downlink.datatype = "range(0,1000)"
142 | kcp_downlink:depends("network_type", "kcp")
143 |
144 | kcp_readbuf = s:taboption("main",Value, "kcp_readbuf", translate("KCP readBufferSize"))
145 | kcp_readbuf.datatype = "range(0,100)"
146 | kcp_readbuf:depends("network_type", "kcp")
147 |
148 | kcp_writebuf = s:taboption("main",Value, "kcp_writebuf", translate("KCP writeBufferSize"))
149 | kcp_writebuf.datatype = "range(0,100)"
150 | kcp_writebuf:depends("network_type", "kcp")
151 |
152 | kcp_congestion = s:taboption("main",Flag, "kcp_congestion", translate("KCP Congestion"))
153 | kcp_congestion:depends("network_type", "kcp")
154 |
155 | -- websocket settings
156 | ws_path = s:taboption("main",Value, "ws_path", translate("WebSocket Path"))
157 | ws_path:depends("network_type", "ws")
158 |
159 | ws_headers = s:taboption("main",Value, "ws_headers", translate("WebSocket Header"))
160 | ws_headers:depends("network_type", "ws")
161 | ws_headers.datatype = "host"
162 |
163 | -- http/2 settings
164 | h2_path = s:taboption("main",Value, "h2_path", translate("HTTP Path"))
165 | h2_path:depends("network_type", "h2")
166 |
167 | h2_domain = s:taboption("main",Value, "h2_domain", translate("HTTP Domain"))
168 | h2_domain:depends("network_type", "h2")
169 | h2_domain.datatype = "host"
170 |
171 | -- others
172 | tls = s:taboption("main",Flag, "tls", translate("TLS"))
173 | tls.rmempty = false
174 |
175 | mux = s:taboption("main",Flag, "mux", translate("Mux"))
176 | mux.rmempty = false
177 | ------------------------------------------------
178 | s:tab("reverse", translate("Severse Setting"))
179 | risen = s:taboption("reverse",Flag, "risen", translate("Enable"))
180 | risen.rmempty = false
181 |
182 | rserver = s:taboption("reverse",Value, "raddress", translate("Server Address"))
183 | rserver.datatype = "host"
184 | rserver.rmempty = ture
185 |
186 | rserver_domain = s:taboption("reverse",Value, "rserver_domain", translate("Server domain"))
187 | rserver_domain.datatype = "host"
188 | rserver_domain.rmempty = ture
189 |
190 | rserver_port = s:taboption("reverse",Value, "rport", translate("Server Port"))
191 | rserver_port.datatype = "range(0,65535)"
192 | rserver_port.rmempty = ture
193 |
194 | rid = s:taboption("reverse",Value, "rid", translate("ID"))
195 | rid.password = true
196 |
197 | ralterId = s:taboption("reverse",Value, "ralterId", translate("Alter ID"))
198 | ralterId.datatype = "range(1,65535)"
199 | ralterId.rmempty = ture
200 |
201 | rsecurity = s:taboption("reverse",ListValue, "rsecurity", translate("Security"))
202 | rsecurity:value("none")
203 | rsecurity:value("auto")
204 | rsecurity:value("aes-128-cfb")
205 | rsecurity:value("aes-128-gcm")
206 | rsecurity:value("chacha20-poly1305")
207 |
208 | rnetwork_type = s:taboption("reverse",ListValue, "rnetwork_type", translate("Network Type"))
209 | rnetwork_type:value("tcp")
210 | rnetwork_type:value("kcp")
211 | rnetwork_type:value("ws")
212 | rnetwork_type:value("h2")
213 |
214 | -- tcp settings
215 | rtcp_obfs = s:taboption("reverse",ListValue, "rtcp_obfs", translate("TCP Obfs"))
216 | rtcp_obfs:value("none")
217 | rtcp_obfs:value("http")
218 | rtcp_obfs:depends("rnetwork_type", "tcp")
219 |
220 | rtcp_path = s:taboption("reverse",DynamicList, "rtcp_path", translate("TCP Obfs Path"))
221 | rtcp_path:depends("rtcp_obfs", "http")
222 |
223 | rtcp_host = s:taboption("reverse",DynamicList, "rtcp_host", translate("TCP Obfs Header"))
224 | rtcp_host:depends("rtcp_obfs", "http")
225 | rtcp_host.datatype = "host"
226 |
227 | -- kcp settings
228 | rkcp_obfs = s:taboption("reverse",ListValue, "rkcp_obfs", translate("KCP Obfs"))
229 | rkcp_obfs:value("none")
230 | rkcp_obfs:value("srtp")
231 | rkcp_obfs:value("utp")
232 | rkcp_obfs:value("wechat-video")
233 | rkcp_obfs:value("dtls")
234 | rkcp_obfs:value("wireguard")
235 | rkcp_obfs:depends("rnetwork_type", "kcp")
236 |
237 | rkcp_mtu = s:taboption("reverse",Value, "rkcp_mtu", translate("KCP MTU"))
238 | rkcp_mtu.datatype = "range(576,1460)"
239 | rkcp_mtu:depends("rnetwork_type", "kcp")
240 |
241 | rkcp_tti = s:taboption("reverse",Value, "rkcp_tti", translate("KCP TTI"))
242 | rkcp_tti.datatype = "range(10,100)"
243 | rkcp_tti:depends("rnetwork_type", "kcp")
244 |
245 | rkcp_uplink = s:taboption("reverse",Value, "rkcp_uplink", translate("KCP uplinkCapacity"))
246 | rkcp_uplink.datatype = "range(0,1000)"
247 | rkcp_uplink:depends("rnetwork_type", "kcp")
248 |
249 | rkcp_downlink = s:taboption("reverse",Value, "rkcp_downlink", translate("KCP downlinkCapacity"))
250 | rkcp_downlink.datatype = "range(0,1000)"
251 | rkcp_downlink:depends("rnetwork_type", "kcp")
252 |
253 | rkcp_readbuf = s:taboption("reverse",Value, "rkcp_readbuf", translate("KCP readBufferSize"))
254 | rkcp_readbuf.datatype = "range(0,100)"
255 | rkcp_readbuf:depends("rnetwork_type", "kcp")
256 |
257 | rkcp_writebuf = s:taboption("reverse",Value, "rkcp_writebuf", translate("KCP writeBufferSize"))
258 | rkcp_writebuf.datatype = "range(0,100)"
259 | rkcp_writebuf:depends("rnetwork_type", "kcp")
260 |
261 | rkcp_congestion = s:taboption("reverse",Flag, "rkcp_congestion", translate("KCP Congestion"))
262 | rkcp_congestion:depends("rnetwork_type", "kcp")
263 |
264 | -- websocket settings
265 | rws_path = s:taboption("reverse",Value, "rws_path", translate("WebSocket Path"))
266 | rws_path:depends("rnetwork_type", "ws")
267 |
268 | rws_headers = s:taboption("reverse",Value, "rws_headers", translate("WebSocket Header"))
269 | rws_headers:depends("rnetwork_type", "ws")
270 | rws_headers.datatype = "host"
271 |
272 | -- http/2 settings
273 | rh2_path = s:taboption("reverse",Value, "rh2_path", translate("HTTP Path"))
274 | rh2_path:depends("rnetwork_type", "h2")
275 |
276 | rh2_domain = s:taboption("reverse",Value, "rh2_domain", translate("HTTP Domain"))
277 | rh2_domain:depends("rnetwork_type", "h2")
278 | rh2_domain.datatype = "host"
279 |
280 | -- others
281 | rtls = s:taboption("reverse",Flag, "rtls", translate("TLS"))
282 | rtls.rmempty = false
283 |
284 | rmux = s:taboption("reverse",Flag, "rmux", translate("Mux"))
285 | rmux.rmempty = false
286 | --------------------------------------------------
287 | s:tab("list", translate("User-defined GFW-List"))
288 | gfwlist = s:taboption("list", TextValue, "conf")
289 | gfwlist.description = translate("
(!)Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying.")
290 | gfwlist.rows = 13
291 | gfwlist.wrap = "off"
292 | gfwlist.cfgvalue = function(self, section)
293 | return NXFS.readfile(conf) or ""
294 | end
295 | gfwlist.write = function(self, section, value)
296 | NXFS.writefile(conf, value:gsub("\r\n", "\n"))
297 | end
298 |
299 | local addipconf = "/etc/v2ray/addinip.txt"
300 |
301 | s:tab("addip", translate("GFW-List Add-in IP"))
302 | gfwaddin = s:taboption("addip", TextValue, "addipconf")
303 | gfwaddin.description = translate("
(!)Note: IP add-in to GFW-List. Such as Telegram Messenger")
304 | gfwaddin.rows = 13
305 | gfwaddin.wrap = "off"
306 | gfwaddin.cfgvalue = function(self, section)
307 | return NXFS.readfile(addipconf) or ""
308 | end
309 | gfwaddin.write = function(self, section, value)
310 | NXFS.writefile(addipconf, value:gsub("\r\n", "\n"))
311 | end
312 |
313 | s:tab("status", translate("Status and Tools"))
314 | s:taboption("status", DummyValue,"opennewwindow" ,
315 | translate(""))
316 |
317 |
318 | s:tab("watchdog", translate("Watchdog Log"))
319 | log = s:taboption("watchdog", TextValue, "sylogtext")
320 | log.template = "cbi/tvalue"
321 | log.rows = 13
322 | log.wrap = "off"
323 | log.readonly="readonly"
324 |
325 | function log.cfgvalue(self, section)
326 | SYS.exec("[ -f /tmp/v2ray_watchdog.log ] && sed '1!G;h;$!d' /tmp/v2ray_watchdog.log > /tmp/v2raypro.log")
327 | return nixio.fs.readfile(dog)
328 | end
329 |
330 | function log.write(self, section, value)
331 | value = value:gsub("\r\n?", "\n")
332 | nixio.fs.writefile(dog, value)
333 | end
334 |
335 |
336 |
337 | t=m:section(TypedSection,"acl_rule",translate("Client Proxy Mode Settings"),
338 | translate("Proxy mode settings can be set to specific LAN clients ( No Proxy, Global Proxy, Game Mode) . Does not need to be set by default."))
339 | t.template="cbi/tblsection"
340 | t.sortable=true
341 | t.anonymous=true
342 | t.addremove=true
343 | e=t:option(Value,"ipaddr",translate("IP Address"))
344 | e.width="40%"
345 | e.datatype="ip4addr"
346 | e.placeholder="0.0.0.0/0"
347 | luci.ip.neighbors({ family = 4 }, function(entry)
348 | if entry.reachable then
349 | e:value(entry.dest:string())
350 | end
351 | end)
352 |
353 | e=t:option(ListValue,"filter_mode",translate("Proxy Mode"))
354 | e.width="40%"
355 | e.default="disable"
356 | e.rmempty=false
357 | e:value("disable",translate("No Proxy"))
358 | e:value("global",translate("Global Proxy"))
359 | e:value("game",translate("Game Mode"))
360 |
361 | return m
362 |
--------------------------------------------------------------------------------
/luci-app-ssr-plus/root/etc/init.d/shadowsocksr:
--------------------------------------------------------------------------------
1 | #!/bin/sh /etc/rc.common
2 | #
3 | # Copyright (C) 2017 openwrt-ssr
4 | # Copyright (C) 2017 yushi studio
5 | # Copyright (C) 2018 lean
6 | #
7 | # This is free software, licensed under the GNU General Public License v3.
8 | # See /LICENSE for more information.
9 | #
10 |
11 | START=90
12 | STOP=15
13 |
14 | SERVICE_DAEMONIZE=1
15 | NAME=shadowsocksr
16 | EXTRA_COMMANDS=rules
17 | CONFIG_FILE=/var/etc/${NAME}.json
18 | CONFIG_UDP_FILE=/var/etc/${NAME}_u.json
19 | CONFIG_SOCK5_FILE=/var/etc/${NAME}_s.json
20 | server_count=0
21 | redir_tcp=0
22 | redir_udp=0
23 | tunnel_enable=0
24 | local_enable=0
25 | kcp_enable_flag=0
26 | kcp_flag=0
27 | pdnsd_enable_flag=0
28 | switch_enable=0
29 | switch_server=$1
30 | MAXFD=32768
31 | CRON_FILE=/etc/crontabs/root
32 | threads=1
33 |
34 | uci_get_by_name() {
35 | local ret=$(uci get $NAME.$1.$2 2>/dev/null)
36 | echo ${ret:=$3}
37 | }
38 |
39 | uci_get_by_type() {
40 | local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
41 | echo ${ret:=$3}
42 | }
43 |
44 | add_cron()
45 | {
46 | sed -i '/ssrplus.log/d' $CRON_FILE
47 | echo '0 1 * * 0 echo "" > /tmp/ssrplus.log' >> $CRON_FILE
48 | [ -n "$(grep -w "/usr/share/shadowsocksr/subscribe.sh" $CRON_FILE)" ] && sed -i '/\/usr\/share\/shadowsocksr\/subscribe.sh/d' $CRON_FILE
49 | [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/subscribe.sh" >> $CRON_FILE
50 | [ -z "$(grep -w "/usr/share/shadowsocksr/update.sh" $CRON_FILE)" ] && echo "0 5 * * 0 /usr/share/shadowsocksr/update.sh" >> $CRON_FILE
51 | crontab $CRON_FILE
52 | }
53 |
54 | del_cron()
55 | {
56 | sed -i '/shadowsocksr/d' $CRON_FILE
57 | sed -i '/ssrplus.log/d' $CRON_FILE
58 | /etc/init.d/cron restart
59 | }
60 |
61 | run_mode=$(uci_get_by_type global run_mode)
62 |
63 | gen_config_file() {
64 | local host=$(uci_get_by_name $1 server)
65 | if echo $host|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
66 | hostip=${host}
67 | elif [ "$host" != "${host#*:[0-9a-fA-F]}" ] ;then
68 | hostip=${host}
69 | else
70 | hostip=`ping ${host} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1`
71 | if echo $hostip|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
72 | hostip=${hostip}
73 | else
74 | hostip=`cat /etc/ssr_ip`
75 | fi
76 | fi
77 | [ $2 = "0" -a $kcp_flag = "1" ] && hostip="127.0.0.1"
78 |
79 | if [ $2 = "0" ] ;then
80 | config_file=$CONFIG_FILE
81 | elif [ $2 = "1" ]; then
82 | config_file=$CONFIG_UDP_FILE
83 | else
84 | config_file=$CONFIG_SOCK5_FILE
85 | fi
86 | if [ $(uci_get_by_name $1 fast_open 0) = "1" ] ;then
87 | fastopen="true";
88 | else
89 | fastopen="false";
90 | fi
91 | local stype=$(uci_get_by_name $1 type)
92 | if [ "$stype" == "ss" ] ;then
93 | cat <<-EOF >$config_file
94 | {
95 | "server": "$hostip",
96 | "server_port": $(uci_get_by_name $1 server_port),
97 | "local_address": "0.0.0.0",
98 | "local_port": $(uci_get_by_name $1 local_port),
99 | "password": "$(uci_get_by_name $1 password)",
100 | "timeout": $(uci_get_by_name $1 timeout 60),
101 | "method": "$(uci_get_by_name $1 encrypt_method_ss)",
102 | "reuse_port": true,
103 | "fast_open": $fastopen
104 | }
105 | EOF
106 | elif [ "$stype" == "ssr" ] ;then
107 | cat <<-EOF >$config_file
108 | {
109 |
110 | "server": "$hostip",
111 | "server_port": $(uci_get_by_name $1 server_port),
112 | "local_address": "0.0.0.0",
113 | "local_port": $(uci_get_by_name $1 local_port),
114 | "password": "$(uci_get_by_name $1 password)",
115 | "timeout": $(uci_get_by_name $1 timeout 60),
116 | "method": "$(uci_get_by_name $1 encrypt_method)",
117 | "protocol": "$(uci_get_by_name $1 protocol)",
118 | "protocol_param": "$(uci_get_by_name $1 protocol_param)",
119 | "obfs": "$(uci_get_by_name $1 obfs)",
120 | "obfs_param": "$(uci_get_by_name $1 obfs_param)",
121 | "reuse_port": true,
122 | "fast_open": $fastopen
123 | }
124 | EOF
125 | elif [ "$stype" == "v2ray" ] ;then
126 | lua /usr/share/shadowsocksr/genv2config.lua $GLOBAL_SERVER tcp $(uci_get_by_name $1 local_port) > /var/etc/v2-ssr-retcp.json
127 | sed -i 's/\\//g' /var/etc/v2-ssr-retcp.json
128 | fi
129 | }
130 |
131 | get_arg_out() {
132 | case "$(uci_get_by_type access_control router_proxy 1)" in
133 | 1) echo "-o";;
134 | 2) echo "-O";;
135 | esac
136 | }
137 |
138 | start_rules() {
139 | local server=$(uci_get_by_name $GLOBAL_SERVER server)
140 | #resolve name
141 | if echo $server|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
142 | server=${server}
143 | elif [ "$server" != "${server#*:[0-9a-fA-F]}" ] ;then
144 | server=${server}
145 | else
146 | server=`ping ${server} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1`
147 | if echo $server|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
148 | echo $server >/etc/ssr_ip
149 | else
150 | server=`cat /etc/ssr_ip`
151 | fi
152 | fi
153 |
154 | kcp_server=$server
155 |
156 | local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0)
157 | if [ $kcp_enable = "1" ] ;then
158 | kcp_flag=1
159 | fi
160 |
161 | local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port)
162 | local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips)
163 | local lan_ac_mode="b"
164 | local router_proxy=$(uci_get_by_type access_control router_proxy)
165 | if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then
166 | ARG_UDP="-u"
167 | elif [ -n "$UDP_RELAY_SERVER" ]; then
168 | ARG_UDP="-U"
169 | local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server)
170 | local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port)
171 | fi
172 |
173 | if [ -n "$lan_ac_ips" ]; then
174 | case "$lan_ac_mode" in
175 | w|W|b|B) local ac_ips="$lan_ac_mode$lan_ac_ips";;
176 | esac
177 | fi
178 |
179 | #deal gfw firewall rule
180 | local gfwmode=""
181 | if [ "$run_mode" = "gfw" ]; then
182 | gfwmode="-g"
183 | elif [ "$run_mode" = "router" ]; then
184 | gfwmode="-r"
185 | elif [ "$run_mode" = "oversea" ]; then
186 | gfwmode="-c"
187 | elif [ "$run_mode" = "all" ]; then
188 | gfwmode="-z"
189 | fi
190 |
191 | local dports=$(uci_get_by_type global dports 1)
192 | if [ $dports = "1" ] ;then
193 | proxyport=" "
194 | else
195 | proxyport="-m multiport --dports 22,53,80,443 "
196 | fi
197 |
198 | /usr/bin/ssr-rules \
199 | -s "$server" \
200 | -l "$local_port" \
201 | -S "$udp_server" \
202 | -L "$udp_local_port" \
203 | -a "$ac_ips" \
204 | -i "$(uci_get_by_type access_control wan_bp_list)" \
205 | -b "$(uci_get_by_type access_control wan_bp_ips)" \
206 | -w "$(uci_get_by_type access_control wan_fw_ips)" \
207 | -p "$(uci_get_by_type access_control lan_fp_ips)" \
208 | -G "$(uci_get_by_type access_control lan_gm_ips)" \
209 | -D "$proxyport" \
210 | $(get_arg_out) $gfwmode $ARG_UDP
211 |
212 | return $?
213 | }
214 |
215 | start_pdnsd() {
216 | local usr_dns="$1"
217 | local usr_port="$2"
218 |
219 | local tcp_dns_list="208.67.222.222, 208.67.220.220"
220 | [ -z "$usr_dns" ] && usr_dns="8.8.8.8"
221 | [ -z "$usr_port" ] && usr_port="53"
222 |
223 | [ -d /var/etc ] || mkdir -p /var/etc
224 |
225 | if [ ! -d /var/pdnsd ];then
226 | mkdir -p /var/pdnsd
227 | echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache
228 | chown -R nobody:nogroup /var/pdnsd
229 | fi
230 |
231 | cat > /var/etc/pdnsd.conf </dev/null 2>&1
328 | done
329 | echo "$(date "+%Y-%m-%d %H:%M:%S") Shadowsocks/ShadowsocksR $threads Threads Started!" >> /tmp/ssrplus.log
330 | elif [ "$stype" == "v2ray" ] ;then
331 | $sscmd -config /var/etc/v2-ssr-retcp.json >/dev/null 2>&1 &
332 | echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) Started!" >> /tmp/ssrplus.log
333 | fi
334 |
335 | if [ -n "$UDP_RELAY_SERVER" ] ;then
336 | redir_udp=1
337 | if [ "$utype" == "ss" -o "$utype" == "ssr" ] ;then
338 | case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in
339 | 1|on|true|yes|enabled) ARG_OTA="-A";;
340 | *) ARG_OTA="";;
341 | esac
342 | gen_config_file $UDP_RELAY_SERVER 1
343 | last_config_file=$CONFIG_UDP_FILE
344 | pid_file="/var/run/ssr-reudp.pid"
345 | $ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1
346 | elif [ "$utype" == "v2ray" ] ; then
347 | lua /usr/share/shadowsocksr/genv2config.lua $UDP_RELAY_SERVER udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) > /var/etc/v2-ssr-reudp.json
348 | sed -i 's/\\//g' /var/etc/v2-ssr-reudp.json
349 | $ucmd -config /var/etc/v2-ssr-reudp.json >/dev/null 2>&1 &
350 | fi
351 | fi
352 |
353 |
354 |
355 | #deal with dns
356 |
357 | if [ "$(uci_get_by_type global pdnsd_enable)" = "1" ] ;then
358 | local dnsstr="$(uci_get_by_type global tunnel_forward 8.8.4.4:53)"
359 | local dnsserver=`echo "$dnsstr"|awk -F ':' '{print $1}'`
360 | local dnsport=`echo "$dnsstr"|awk -F ':' '{print $2}'`
361 | if [ "$run_mode" = "gfw" ]; then
362 | ipset add gfwlist $dnsserver 2>/dev/null
363 | elif [ "$run_mode" = "oversea" ]; then
364 | ipset add oversea $dnsserver 2>/dev/null
365 | else
366 | ipset add ss_spec_wan_ac $dnsserver nomatch 2>/dev/null
367 | fi
368 | start_pdnsd $dnsserver $dnsport
369 | pdnsd_enable_flag=1
370 | fi
371 |
372 | if [ "$(uci_get_by_type global enable_switch)" = "1" ] ;then
373 | if [ "$(uci_get_by_name $GLOBAL_SERVER switch_enable)" = "1" ] ;then
374 | if [ -z "$switch_server" ] ;then
375 | local switch_time=$(uci_get_by_type global switch_time)
376 | local switch_timeout=$(uci_get_by_type global switch_timeout)
377 | service_start /usr/bin/ssr-switch start $switch_time $switch_timeout
378 | switch_enable=1
379 | fi
380 | fi
381 | fi
382 | add_cron
383 |
384 | return $?
385 | }
386 |
387 | gen_service_file() {
388 | if [ $(uci_get_by_name $1 fast_open) = "1" ] ;then
389 | fastopen="true";
390 | else
391 | fastopen="false";
392 | fi
393 | cat <<-EOF >$2
394 | {
395 | "server": "0.0.0.0",
396 | "server_port": $(uci_get_by_name $1 server_port),
397 | "password": "$(uci_get_by_name $1 password)",
398 | "timeout": $(uci_get_by_name $1 timeout 60),
399 | "method": "$(uci_get_by_name $1 encrypt_method)",
400 | "protocol": "$(uci_get_by_name $1 protocol)",
401 | "protocol_param": "$(uci_get_by_name $1 protocol_param)",
402 | "obfs": "$(uci_get_by_name $1 obfs)",
403 | "obfs_param": "$(uci_get_by_name $1 obfs_param)",
404 | "fast_open": $fastopen
405 | }
406 | EOF
407 | }
408 |
409 | start_service() {
410 | [ $(uci_get_by_name $1 enable) = "0" ] && return 1
411 | let server_count=server_count+1
412 | if [ $server_count = 1 ] ;then
413 | iptables -N SSR-SERVER-RULE && \
414 | iptables -t filter -I INPUT -j SSR-SERVER-RULE
415 | fi
416 |
417 | gen_service_file $1 /var/etc/${NAME}_${server_count}.json
418 | /usr/bin/ssr-server -c /var/etc/${NAME}_${server_count}.json -u -f /var/run/ssr-server${server_count}.pid >/dev/null 2>&1
419 | iptables -t filter -A SSR-SERVER-RULE -p tcp --dport $(uci_get_by_name $1 server_port) -j ACCEPT
420 | iptables -t filter -A SSR-SERVER-RULE -p udp --dport $(uci_get_by_name $1 server_port) -j ACCEPT
421 | return 0
422 | }
423 | gen_serv_include() {
424 | FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null)
425 | [ -n "$FWI" ] || return 0
426 | if [ ! -f $FWI ] ;then
427 | echo '#!/bin/sh' >$FWI
428 | fi
429 | extract_rules() {
430 | echo "*filter"
431 | iptables-save -t filter | grep SSR-SERVER-RULE|sed -e "s/^-A INPUT/-I INPUT/"
432 | echo 'COMMIT'
433 | }
434 | cat <<-EOF >>$FWI
435 | iptables-save -c | grep -v "SSR-SERVER" | iptables-restore -c
436 | iptables-restore -n <<-EOT
437 | $(extract_rules)
438 | EOT
439 | EOF
440 |
441 | }
442 | start_server() {
443 | SERVER_ENABLE=$(uci_get_by_type server_global enable_server)
444 | [ "$SERVER_ENABLE" = 0 ] && return 0
445 | mkdir -p /var/run /var/etc
446 |
447 | config_load $NAME
448 | config_foreach start_service server_config
449 | gen_serv_include
450 | return 0
451 | }
452 |
453 | start_local() {
454 | local local_server=$(uci_get_by_type socks5_proxy server)
455 | [ "$local_server" = "nil" ] && return 1
456 | mkdir -p /var/run /var/etc
457 | gen_config_file $local_server 2
458 | /usr/bin/ssr-local -c $CONFIG_SOCK5_FILE -u \
459 | -l $(uci_get_by_type socks5_proxy local_port 1080) \
460 | -b $(uci_get_by_type socks5_proxy local_address 0.0.0.0) \
461 | -f /var/run/ssr-local.pid >/dev/null 2>&1
462 | local_enable=1
463 | }
464 |
465 | rules() {
466 | [ "$GLOBAL_SERVER" = "nil" ] && return 1
467 | mkdir -p /var/run /var/etc
468 | UDP_RELAY_SERVER=$(uci_get_by_type global udp_relay_server)
469 | [ "$UDP_RELAY_SERVER" = "same" ] && UDP_RELAY_SERVER=$GLOBAL_SERVER
470 | if start_rules ;then
471 | return 0
472 | else
473 | return 1
474 | fi
475 | }
476 |
477 | start() {
478 | if [ -z "$switch_server" ] ;then
479 | GLOBAL_SERVER=$(uci_get_by_type global global_server)
480 | else
481 | GLOBAL_SERVER=$switch_server
482 | switch_enable=1
483 | fi
484 |
485 | if rules ;then
486 | start_redir
487 |
488 | mkdir -p /tmp/dnsmasq.d
489 | if ! [ "$run_mode" = "oversea" ] ;then
490 | cat > /tmp/dnsmasq.d/dnsmasq-ssr.conf < /tmp/dnsmasq.d/dnsmasq-ssr.conf </dev/null 2>&1
499 |
500 | fi
501 | start_server
502 | start_local
503 |
504 | if [ $(uci_get_by_type global monitor_enable) = 1 ] ;then
505 | let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable
506 | if [ $total_count -gt 0 ]
507 | then
508 | #param:server(count) redir_tcp(0:no,1:yes) redir_udp tunnel kcp local gfw
509 | service_start /usr/bin/ssr-monitor $server_count $redir_tcp $redir_udp $tunnel_enable $kcp_enable_flag $local_enable $pdnsd_enable_flag $switch_enable
510 | fi
511 | fi
512 |
513 | ENABLE_SERVER=$(uci_get_by_type global global_server)
514 | [ "$ENABLE_SERVER" = "nil" ] && return 1
515 | }
516 |
517 | boot() {
518 | (/usr/share/shadowsocksr/chinaipset.sh && sleep 5 && start >/dev/null 2>&1) &
519 | }
520 |
521 | stop() {
522 | /usr/bin/ssr-rules -f
523 | srulecount=`iptables -L|grep SSR-SERVER-RULE|wc -l`
524 | if [ $srulecount -gt 0 ] ;then
525 | iptables -F SSR-SERVER-RULE
526 | iptables -t filter -D INPUT -j SSR-SERVER-RULE
527 | iptables -X SSR-SERVER-RULE 2>/dev/null
528 | fi
529 | if [ -z "$switch_server" ] ;then
530 | kill -9 $(ps | grep ssr-switch | grep -v grep | awk '{print $1}') >/dev/null 2>&1
531 | fi
532 | if [ $(uci_get_by_type global monitor_enable) = 1 ] ;then
533 | kill -9 $(ps | grep ssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1
534 | fi
535 | killall -q -9 ssr-monitor
536 | killall -q -9 ss-redir
537 | killall -q -9 ssr-redir
538 | killall -q -9 v2ray
539 | killall -q -9 ssr-server
540 | killall -q -9 kcptun-client
541 | killall -q -9 ssr-local
542 | if [ -f /var/run/pdnsd.pid ] ;then
543 | kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
544 | else
545 | kill -9 $(ps | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1
546 | fi
547 |
548 | if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then
549 | rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf
550 | /etc/init.d/dnsmasq restart >/dev/null 2>&1
551 | fi
552 | del_cron
553 | }
554 |
--------------------------------------------------------------------------------