├── Windows ├── sh.exe ├── create-shortcuts.bat └── start-easyconnect-win.sh ├── libpango ├── libpango-1.0.so.0 ├── libpangoft2-1.0.so.0 ├── libpangocairo-1.0.so.0 └── README.md ├── start-easyconnect-mac.sh ├── start-easyconnect-wsl.sh ├── start-easyconnect-linux.sh └── README.md /Windows/sh.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tangruize/NJU-EasyConnect-Script/HEAD/Windows/sh.exe -------------------------------------------------------------------------------- /libpango/libpango-1.0.so.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tangruize/NJU-EasyConnect-Script/HEAD/libpango/libpango-1.0.so.0 -------------------------------------------------------------------------------- /libpango/libpangoft2-1.0.so.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tangruize/NJU-EasyConnect-Script/HEAD/libpango/libpangoft2-1.0.so.0 -------------------------------------------------------------------------------- /libpango/libpangocairo-1.0.so.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tangruize/NJU-EasyConnect-Script/HEAD/libpango/libpangocairo-1.0.so.0 -------------------------------------------------------------------------------- /libpango/README.md: -------------------------------------------------------------------------------- 1 | # 安装说明 2 | 3 | 如果你的系统是Ubuntu 20.04, 或者无法打开有以下提示, 可以将这个目录下的库文件复制到EasyConnect安装目录. 4 | 5 | ``` 6 | Pango-ERROR **: 22:21:00.985: Harfbuzz version too old 7 | ``` 8 | 9 | 安装方法: 10 | 11 | ```bash 12 | sudo cp libpango* /usr/share/sangfor/EasyConnect 13 | ``` 14 | 15 | 参考了 16 | -------------------------------------------------------------------------------- /Windows/create-shortcuts.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | set "target=%~dp0sh.exe" 3 | set "arguments=%~dp0start-easyconnect-win.sh" 4 | set "shortcutPath=%USERPROFILE%\Desktop\EasyConnect.lnk" 5 | 6 | powershell -Command ^ 7 | "$WScriptShell = New-Object -ComObject WScript.Shell; ^ 8 | $Shortcut = $WScriptShell.CreateShortcut('%shortcutPath%'); ^ 9 | $Shortcut.TargetPath = '%target%'; ^ 10 | $Shortcut.Arguments = '%arguments%'; ^ 11 | $Shortcut.WorkingDirectory = '%~dp0'; ^ 12 | $Shortcut.Save(); ^ 13 | Add-Type -AssemblyName PresentationFramework; ^ 14 | [System.Windows.MessageBox]::Show('Shortcut created on desktop', 'EasyConnect')" 15 | -------------------------------------------------------------------------------- /start-easyconnect-mac.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | check_network() { 4 | export VPN_IP=`host vpn.nju.edu.cn | head -1 | rev | cut -d' ' -f1 | rev` 5 | export VPN_IP_START=`echo $VPN_IP | cut -d'.' -f-2` 6 | if [[ ! $VPN_IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then 7 | echo 1>&2 Error: Cannot lookup domain of vpn.nju.edu.cn 8 | exit 1 9 | fi 10 | } 11 | 12 | check_easy_connect() { 13 | if [ ! -d "/Applications/EasyConnect.app" ]; then 14 | echo 1>&2 Error: \"EasyConnect\" not found 15 | exit 1 16 | fi 17 | } 18 | 19 | wait_60s() { 20 | ECHO=${3:-echo} 21 | $ECHO -n "Wait $1 ... 60s" 22 | for i in `seq -w 59 -1 -1`; do 23 | $2 && break 24 | sleep 1 25 | $ECHO -en '\b\b\b'${i}s 26 | done 27 | if [ $i -eq -1 ]; then 28 | $ECHO -e '\b\b\btimeout' 29 | return 1 30 | else 31 | $ECHO -e '\b\b\bdone' 32 | return 0 33 | fi 34 | } 35 | 36 | show_progress() { 37 | LEN=${#2} 38 | if [ "$1" -ne 1 ]; then 39 | for _i in `seq $((LEN*2+1))`; do 40 | if [ "$1" -ne "$2" ]; then 41 | echo -en '\b' 42 | else 43 | echo -en '\b \b' 44 | fi 45 | done 46 | fi 47 | if [ "$1" -ne "$2" ]; then 48 | printf "%0${LEN}d/$2" $1 49 | fi 50 | } 51 | 52 | start_easy_connect() { 53 | if ! open -a EasyConnect; then 54 | echo 1>&2 Error: Open EasyConnect failed 55 | exit 1 56 | fi 57 | } 58 | 59 | get_route_to_delete() { 60 | export ROUTE_TO_DEL=`netstat -rn | grep -w tun0 | tr -s ' ' | grep -v $VPN_IP_START` 61 | if [ -n "$ROUTE_TO_DEL" ]; then 62 | return 0 63 | fi 64 | return 1 65 | } 66 | 67 | delete_route_rules() { 68 | echo -n 'Delete route rules ... ' 69 | sleep 3 70 | get_route_to_delete 71 | NET_IP=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f1`) 72 | NET_FLAG=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f3`) 73 | export GATEWAY=`echo "$ROUTE_TO_DEL" | cut -d' ' -f2 | uniq | head -1` 74 | for ((i=0;i<${#NET_IP[@]};i++)); do 75 | if grep -vq / <<< ${NET_IP[i]} && [ "${NET_FLAG[i]}" = "UGSc" ]; then 76 | sudo route delete "${NET_IP[i]}/0" > /dev/null 77 | else 78 | sudo route delete "${NET_IP[i]}" > /dev/null 79 | fi 80 | show_progress $((i+1)) ${#NET_IP[@]} 81 | done 82 | echo done 83 | } 84 | 85 | add_route_rules() { 86 | echo -n 'Add route rules ... ' 87 | if [ -z "$GATEWAY" ]; then 88 | GATEWAY=`ifconfig tun0 | tr ' ' '\n' | grep '[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+' | head -1` 89 | if [ -z "$GATEWAY" ]; then 90 | echo 1>&2 Warning: Gateway is null 91 | fi 92 | fi 93 | SUBNET=(36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.38.2.0/23 202.38.126.160/28 202.119.32.0/19 202.127.247.0/24 210.28.0.0/14 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 222.94.3.0/24 222.94.208.0/24) 94 | for ((i=0;i<${#SUBNET[@]};i++)); do 95 | if [[ ${SUBNET[i]} != ${VPN_IP_START}* ]]; then 96 | sudo route -n add -net ${SUBNET[i]} $GATEWAY > /dev/null 97 | show_progress $((i+1)) ${#SUBNET[@]} 98 | fi 99 | done 100 | echo done 101 | } 102 | 103 | check_network 104 | check_easy_connect 105 | sudo true 106 | start_easy_connect 107 | wait_60s EasyConnect get_route_to_delete 108 | if [ -z "$ROUTE_TO_DEL" ]; then 109 | echo -e Error: no rules to delete 110 | exit 1 111 | fi 112 | delete_route_rules 113 | add_route_rules 114 | -------------------------------------------------------------------------------- /start-easyconnect-wsl.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | EASYCONNECT=/mnt/c/Program\ Files\ \(x86\)/Sangfor/SSL/EasyConnect/EasyConnect.exe 4 | BAT_FILE=route-script.bat 5 | 6 | check_dependency() { 7 | if ! which route &> /dev/null; then 8 | echo 1>&2 Error: \"route\" not found, run \"sudo apt install net-tools\" 9 | exit 1 10 | fi 11 | } 12 | 13 | check_wsl() { 14 | if ! cat /proc/version | grep -q Microsoft; then 15 | echo 1>&2 Error: Not in WSL 16 | exit 1 17 | fi 18 | } 19 | 20 | check_network() { 21 | export VPN_IP=`host vpn.nju.edu.cn | head -1 | rev | cut -d' ' -f1 | rev` # must run before EasyConnect start 22 | export VPN_IP_START=`echo $VPN_IP | cut -d'.' -f-2` 23 | [[ ! $VPN_IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] && echo 1>&2 Error: Cannot lookup domain of vpn.nju.edu.cn && exit 1 24 | # export BAT_FILE=${BAT_FILE%.bat}-`echo ${VPN_IP} | tr '.' '_'`.bat 25 | export IFACE_ID=`route.exe print if | grep Sangfor | tr -d ' ' | cut -d. -f1` 26 | [ -z "$IFACE_ID" ] && echo 1>&2 Cannot find \"Sangfor SSL VPN\" interface && exit 1 27 | export IFACE=`ip -o -4 addr show | grep ^${IFACE_ID} | cut -d' ' -f2` 28 | # echo '@echo off' > $BAT_FILE 29 | rm -f $BAT_FILE 30 | } 31 | 32 | check_easy_connect() { 33 | [ ! -x "$EASYCONNECT" ] && echo 1>&2 Error: \"${EASYCONNECT}\" not found && exit 1 34 | } 35 | 36 | get_iface_gw() { 37 | echo -n 'Wait 10 seconds for EasyConnect to complete ... 10s' 38 | for i in `seq -w 9 -1 -1`; do 39 | sleep 1 40 | echo -en '\b\b\b'${i}s 41 | done 42 | export IFACE_GW=`ip -o -4 route show dev ${IFACE} | grep via | cut -d' ' -f4 | sort | uniq -c | sort -nr | head -1 | tr -s ' ' | cut -d' ' -f3` 43 | echo -e '\b\b\bdone' 44 | } 45 | 46 | get_route_to_delete() { 47 | export ROUTE_TO_DEL=`route -n | grep -w ${IFACE} | tr -s ' ' | grep -v $VPN_IP_START | grep -v ' 0.0.0.0'` 48 | ([ -n "$ROUTE_TO_DEL" ] || ! ps -p $EASY_CONNECT_PID &> /dev/null) && return 0 49 | return 1 50 | } 51 | 52 | wait_60s() { # wait_60s NAME FUNC 53 | echo -n "Wait $1 ... 60s" 54 | for i in `seq -w 59 -1 -1`; do 55 | $2 && break 56 | sleep 1 57 | echo -en '\b\b\b'${i}s 58 | done 59 | if [ $i -eq -1 ]; then 60 | echo -e '\b\b\btimeout' 61 | return 1 62 | else 63 | echo -e '\b\b\bdone' 64 | return 0 65 | fi 66 | } 67 | 68 | int2ip() { 69 | local ui32=$1; shift 70 | local ip n 71 | for n in 1 2 3 4; do 72 | ip=$((ui32 & 0xff))${ip:+.}$ip 73 | ui32=$((ui32 >> 8)) 74 | done 75 | echo $ip 76 | } 77 | 78 | netmask() { # Example: netmask 24 => 255.255.255.0 79 | local mask=$((0xffffffff << (32 - $1))); shift 80 | int2ip $mask 81 | } 82 | 83 | delete_route_rules() { 84 | echo -n 'Generate route delete cmd ... ' 85 | get_route_to_delete 86 | NET_IP=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f1`) 87 | NET_MASK=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f3`) 88 | for ((i=0;i<${#NET_IP[@]};i++)); do 89 | echo route DELETE "${NET_IP[i]}" MASK "${NET_MASK[i]}" "${IFACE_GW}" IF "${IFACE_ID}" '> nul' >> ${BAT_FILE} 90 | done 91 | echo done 92 | } 93 | 94 | add_route_rules() { 95 | echo -n 'Generate route add cmd ... ' 96 | SUBNET="36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.38.2.0/23 202.38.126.160/28 202.119.32.0/19 202.127.247.0/24 210.28.0.0/14 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 222.94.3.0/24 222.94.208.0/24" 97 | #SUBNET="10.254.253.0/24 36.152.24.0/24 58.192.0.0/10 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.0.0.0/8 210.28.0.0/14 211.162.0.0/16 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25" 98 | for i in $SUBNET; do 99 | if [[ $i != ${VPN_IP_START}* ]]; then 100 | IFS='/' read -ra a <<< "$i" 101 | echo route ADD "${a[0]}" MASK "`netmask ${a[1]}`" "${IFACE_GW}" METRIC 257 IF "${IFACE_ID}" '> nul' >> ${BAT_FILE} 102 | fi 103 | done 104 | # echo pause >> ${BAT_FILE} 105 | echo done 106 | } 107 | 108 | check_wsl 109 | check_dependency 110 | check_easy_connect 111 | check_network 112 | "$EASYCONNECT" &> /dev/null & 113 | EASY_CONNECT_PID=$! 114 | wait_60s EasyConnect get_route_to_delete 115 | [ -z "$ROUTE_TO_DEL" ] && echo -e Error: no rules to delete && exit 1 116 | get_iface_gw 117 | delete_route_rules 118 | add_route_rules 119 | echo "Run $BAT_FILE" 120 | powershell.exe Start-Process -Verb runas -FilePath ./${BAT_FILE} 121 | -------------------------------------------------------------------------------- /Windows/start-easyconnect-win.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | EASYCONNECT_DIR=C:/Program\ Files\ \(x86\)/Sangfor/SSL/EasyConnect 4 | EASYCONNECT_NAME=EasyConnect.exe 5 | 6 | check_network() { 7 | if [ -z "$VPN_IP" ]; then 8 | export VPN_IP=`nslookup.exe vpn.nju.edu.cn 2> nul | grep vpn.nju.edu.cn -A1 | grep Address | head -1 | rev | cut -d' ' -f1 | rev` 9 | fi 10 | export VPN_IP_START=`echo $VPN_IP | cut -d'.' -f-2` 11 | [ -z "$VPN_IP" ] && echo 1>&2 Error: Cannot lookup domain of vpn.nju.edu.cn && exit 1 12 | export IFACE_ID=`route.exe print if | grep Sangfor | tr -d ' ' | cut -d. -f1` 13 | [ -z "$IFACE_ID" ] && echo 1>&2 Cannot find \"Sangfor SSL VPN\" interface && exit 1 14 | } 15 | 16 | check_easy_connect() { 17 | [ ! -f "$EASYCONNECT_DIR/$EASYCONNECT_NAME" ] && echo 1>&2 Error: \"${EASYCONNECT_NAME}\" not found && exit 1 18 | } 19 | 20 | get_iface_gw() { 21 | IFACE_INFO=`route.exe print \?22.0.0.0 | grep '^[ ]*[0-9]\+.[0-9]\+.[0-9]\+.[0-9]\+' | awk '{ print $3,$4 }' | sort | uniq -c | sort -nr | head -1` 22 | export IFACE_GW=`echo $IFACE_INFO | awk '{ print $2 }'` 23 | export IFACE_IP=`echo $IFACE_INFO | awk '{ print $3 }'` 24 | ([ -n "$IFACE_IP" ] || ! pidof $EASYCONNECT_NAME &> nul) && return 0 25 | return 1 26 | } 27 | 28 | get_route_to_delete() { 29 | export ROUTE_TO_DEL=`route.exe print | grep $IFACE_IP | grep -v $VPN_IP_START` 30 | ([ -n "$ROUTE_TO_DEL" ] || ! pidof $EASYCONNECT_NAME &> nul) && return 0 31 | return 1 32 | } 33 | 34 | _wait_60s() { 35 | echo -n "Wait $1 ... 60s" 36 | for _i in `seq -w 59 -1 -1`; do 37 | $2 && break 38 | sleep 1 39 | echo -en '\b\b\b'${_i}s 40 | done 41 | if [ ${_i} -eq -1 ]; then 42 | echo -e '\b\b\btimeout' 43 | return 1 44 | else 45 | echo -e '\b\b\bdone' 46 | return 0 47 | fi 48 | } 49 | 50 | wait_60s() { 51 | while ! _wait_60s "$@"; do 52 | read -p "Continue wait? [Y/n] " cont 53 | if [ "$cont" != "" ] && [ "$cont" != 'Y' ] && [ "$cont" != 'y' ]; then 54 | return 1 55 | fi 56 | done 57 | } 58 | 59 | show_progress() { 60 | LEN=${#2} 61 | if [ "$1" -ne 1 ]; then 62 | for _i in `seq $((LEN*2+1))`; do 63 | if [ "$1" -ne "$2" ]; then 64 | echo -en '\b' 65 | else 66 | echo -en '\b \b' 67 | fi 68 | done 69 | fi 70 | if [ "$1" -ne "$2" ]; then 71 | printf "%0${LEN}d/$2" $1 72 | fi 73 | } 74 | 75 | delete_route_rules() { 76 | echo -n 'Delete route rules ... ' 77 | get_route_to_delete 78 | ROUTE_RULES=$(echo "$ROUTE_TO_DEL" | awk '{ print $1,"MASK",$2 }') 79 | COUNT=1 80 | TOTAL=`echo "$ROUTE_RULES" | wc -l` 81 | echo "$ROUTE_RULES" | tac | while read RULE; do 82 | # echo "route.exe DELETE $RULE IF ${IFACE_ID} > nul" 83 | eval "route.exe DELETE $RULE IF ${IFACE_ID} > nul" 84 | show_progress $COUNT $TOTAL 85 | COUNT=$((COUNT+1)) 86 | done 87 | echo done 88 | } 89 | 90 | add_route_rules() { 91 | echo -n 'Add route rules ... ' 92 | #SUBNET="10.254.253.0/24 36.152.24.0/24 58.192.0.0/10 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.0.0.0/8 210.28.0.0/14 211.162.0.0/16 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25" 93 | SUBNET="36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.38.2.0/23 202.38.126.160/28 202.119.32.0/19 202.127.247.0/24 210.28.0.0/14 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 222.94.3.0/24 222.94.208.0/24" 94 | COUNT=1 95 | TOTAL=`echo "$SUBNET" | tr ' ' '\n' | wc -l` 96 | for i in $SUBNET; do 97 | if [[ $i != ${VPN_IP_START}* ]]; then 98 | IP=`ipcalc -n $i | awk -F= '{ print $2 }'` 99 | MASK=`ipcalc -m $i | awk -F= '{ print $2 }'` 100 | # echo route.exe ADD "$IP" MASK "$MASK" "${IFACE_GW}" METRIC 257 IF "${IFACE_ID}" 101 | route.exe ADD "$IP" MASK "$MASK" "${IFACE_GW}" METRIC 257 IF "${IFACE_ID}" > nul 102 | show_progress $COUNT $TOTAL 103 | COUNT=$((COUNT+1)) 104 | fi 105 | done 106 | echo done 107 | } 108 | 109 | if [ "$#" -eq 0 ]; then 110 | check_easy_connect 111 | check_network 112 | cd "$EASYCONNECT_DIR" 113 | cmd.exe /c start /B ".\\$EASYCONNECT_NAME" 114 | cd - > nul 115 | wait_60s EasyConnect get_iface_gw 116 | [ -z "$IFACE_IP" ] && echo 1>&2 Error: Cannot get interface IP && exit 1 117 | su -c "sh $0 admin $VPN_IP; exit" 118 | elif [ "$#" -eq 2 -a "$1" = "admin" ]; then 119 | export VPN_IP=$2 120 | check_network 121 | wait_60s "EasyConnect interface" get_iface_gw 122 | wait_60s "EasyConnect route" get_route_to_delete 123 | [ -z "$ROUTE_TO_DEL" ] && echo 1>&2 Error: No route rules to delete && exit 1 124 | delete_route_rules 125 | add_route_rules 126 | else 127 | echo 1>&2 Usage: sh.exe $0 128 | fi 129 | -------------------------------------------------------------------------------- /start-easyconnect-linux.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | EASYCONNECT=/usr/share/sangfor/EasyConnect/EasyConnect 4 | 5 | check_dependency() { 6 | if ! which route &> /dev/null; then 7 | echo 1>&2 Error: \"route\" not found, run \"sudo apt install net-tools\" 8 | exit 1 9 | fi 10 | } 11 | 12 | check_network() { 13 | export VPN_IP=`host vpn.nju.edu.cn | head -1 | rev | cut -d' ' -f1 | rev` 14 | export VPN_IP_START=`echo $VPN_IP | cut -d'.' -f-2` 15 | [[ ! $VPN_IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] && echo 1>&2 Error: Cannot lookup domain of vpn.nju.edu.cn && exit 1 16 | } 17 | 18 | check_easy_connect() { 19 | [ ! -x "$EASYCONNECT" ] && echo 1>&2 Error: \"${EASYCONNECT}\" not found && exit 1 20 | export EASY_CONNECT_PID=1 21 | } 22 | 23 | get_easy_monitor_status() { 24 | grep -q running <(systemctl status EasyMonitor.service) 25 | return $? 26 | } 27 | 28 | start_easy_monitor() { 29 | if ! get_easy_monitor_status; then 30 | sudo systemctl start EasyMonitor.service 31 | return 0 32 | fi 33 | return 1 34 | } 35 | 36 | stop_easy_monitor() { 37 | if get_easy_monitor_status; then 38 | echo -n 'Stop EasyMonitor ...' 39 | sudo systemctl stop EasyMonitor.service 40 | echo done 41 | fi 42 | } 43 | 44 | NOECHO() { 45 | return 0 46 | } 47 | 48 | wait_60s() { # wait_60s NAME FUNC [NOECHO] 49 | ECHO=${3:-echo} 50 | $ECHO -n "Wait $1 ... 60s" 51 | for i in `seq -w 59 -1 -1`; do 52 | $2 && break 53 | sleep 1 54 | $ECHO -en '\b\b\b'${i}s 55 | done 56 | if [ $i -eq -1 ]; then 57 | $ECHO -e '\b\b\btimeout' 58 | return 1 59 | else 60 | $ECHO -e '\b\b\bdone' 61 | return 0 62 | fi 63 | } 64 | 65 | start_easy_connect() { 66 | wait_60s Easymonitor get_easy_monitor_status NOECHO || exit 1 67 | if ! grep -q tun0 <(ip link show); then 68 | $EASYCONNECT --enable-transparent-visuals --disable-gpu &> /dev/null 69 | #LD_LIBRARY_PATH=/snap/gnome-3-28-1804/current/usr/lib/x86_64-linux-gnu/ $EASYCONNECT --enable-transparent-visuals --disable-gpu &> /dev/null 70 | fi 71 | } 72 | 73 | get_route_to_delete() { 74 | export ROUTE_TO_DEL=`route -n | grep -w tun0 | tr -s ' ' | grep -v $VPN_IP_START` 75 | ([ -n "$ROUTE_TO_DEL" ] || ! ps -p $EASY_CONNECT_PID &> /dev/null) && return 0 76 | return 1 77 | } 78 | 79 | delete_route_rules() { 80 | echo -n 'Delete route rules ... ' 81 | sleep 2 && get_route_to_delete 82 | NET_IP=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f1`) 83 | NET_MASK=(`echo "$ROUTE_TO_DEL" | cut -d' ' -f3`) 84 | for ((i=0;i<${#NET_IP[@]};i++)); do 85 | sudo route del -net "${NET_IP[i]}" netmask "${NET_MASK[i]}" dev tun0 86 | done 87 | echo done 88 | } 89 | 90 | add_route_rules() { 91 | echo -n 'Add route rules ... ' 92 | SUBNET="36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.38.2.0/23 202.38.126.160/28 202.119.32.0/19 202.127.247.0/24 210.28.0.0/14 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 222.94.3.0/24 222.94.208.0/24" 93 | #SUBNET="10.254.253.0/24 36.152.24.0/24 58.192.0.0/10 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.0.0.0/8 210.28.0.0/14 211.162.0.0/16 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25" 94 | for i in $SUBNET; do 95 | [[ $i != ${VPN_IP_START}* ]] && sudo ip route add $i dev tun0 96 | done 97 | echo done 98 | } 99 | 100 | change_dns() { 101 | if [ -f /etc/resolv.conf.sangforbak ]; then 102 | if [ "`dd if=/usr/share/sangfor/EasyConnect/resources/bin/svpnservice count=2 skip=284760 iflag=skip_bytes,count_bytes 2>/dev/null`" = "`echo -en '\x39\xc0'`" ]; then 103 | echo -n 'Restore DNS server ... ' 104 | grep 'were added' /usr/share/sangfor/EasyConnect/resources/logs/DNS.log | tail -1 | cut -d: -f4- | sed 's/-A/-D/' | cat - <(echo cp /etc/resolv.conf.sangforbak /etc/resolv.conf) | sudo sh -e &>/dev/null 105 | [ $? -eq 0 ] && echo 'done' || echo 'failed' 106 | fi 107 | fi 108 | } 109 | 110 | check_dependency 111 | check_network 112 | if [ -z "$1" ]; then 113 | check_easy_connect 114 | start_easy_connect & 115 | EASY_CONNECT_PID=$! 116 | pkexec --user root "`realpath $0`" $EASY_CONNECT_PID 117 | exit $? 118 | else 119 | export EASY_CONNECT_PID=$1 120 | start_easy_monitor 121 | START_BY_SCRIPT=$? 122 | wait_60s EasyConnect get_route_to_delete 123 | if [ -z "$ROUTE_TO_DEL" ]; then 124 | echo -e Error: no rules to delete 125 | exit 1 126 | fi 127 | delete_route_rules 128 | add_route_rules 129 | change_dns 130 | if [ $START_BY_SCRIPT -eq 0 ]; then 131 | echo -n 'Wait EasyConnect exit ... ' 132 | tail --pid=$EASY_CONNECT_PID -f /dev/null 133 | echo done 134 | stop_easy_monitor 135 | else 136 | echo 'Wait EasyConnect exit ... skip' 137 | echo 'Stop EasyMonitor ... skip' 138 | fi 139 | fi 140 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # EasyConnect 启动脚本 2 | 3 | EasyConnect 是一个可用于访问校内资源的 VPN 软件, 但该软件添加的路由表规则几乎包含了所有的地址. 4 | 这个启动脚本用于删除不需要的路由规则, 添加需要的路由规则. 5 | 6 | 目前实现了: 7 | 8 | - Windows 脚本 [start-easyconnect-win.sh](./Windows) 9 | - Windows WSL 脚本 [start-easyconnect-wsl.sh](./start-easyconnect-wsl.sh) 10 | - MacOS 脚本 [start-easyconnect-mac.sh](./start-easyconnect-mac.sh) 11 | - Linux 脚本 [start-easyconnect-linux.sh](./start-easyconnect-linux.sh) 12 | 13 | ## 安装 EasyConnect 14 | 15 | 访问 下载相应的客户端并安装 (校园网可能无法访问). 16 | 17 | ## 常见问题 18 | 19 | 安装 EasyConnect 时, 20 | 如果使用 Ubuntu 20.04 提示 `Harfbuzz version too old` 21 | 可以尝试 [libpango/README.md](libpango/README.md) 的解决方法. 22 | 23 | 启动 EasyConnect 后, 如果部分网站提示您当前 ip 并非校内地址, 这是因为 EasyConnect 不支持 IPv6, 24 | 需要在系统设置中关闭 IPv6 功能 (浏览器中可通过 IPvFoo 等插件查看网页是否通过 IPv6 连接). 25 | 26 | MacOS 脚本报错问题可以尝试 [issue#2](https://github.com/tangruize/NJU-EasyConnect-Script/issues/2) 27 | 的解决方法. 28 | 29 | ## Windows 30 | 31 | ### Busybox 32 | 33 | 进入 [Windows](./Windows) 目录, 34 | 把 [start-easyconnect-win.sh](./Windows/start-easyconnect-win.sh) 35 | 拖到 [sh.exe](./Windows/sh.exe) 上面打开. 36 | 37 | 或在 Windows 目录打开 CMD 输入: 38 | 39 | ```cmd 40 | .\sh.exe start-easyconnect-win.sh 41 | ``` 42 | 43 | 或者双击 [create-shortcuts.bat](./Windows/create-shortcuts.bat) 44 | 在桌面上创建一个启动脚本的快捷方式. 45 | 46 | 注意: 如果你的 `EasyConnect.exe` 不在 `C:/Program\ Files\ \(x86\)/Sangfor/SSL/EasyConnect`, 47 | 请修改 [start-easyconnect-win.sh 第三行](https://github.com/tangruize/NJU-EasyConnect-Script/blob/master/Windows/start-easyconnect-win.sh#L3). 48 | 49 | Busybox 说明: 编译自 [busybox-w32](https://github.com/rmyorston/busybox-w32), 50 | 仅去选了一些没有用到的 applet, 更换了图标, 没有修改源代码. 51 | 也可以使用 [官网](https://frippery.org/busybox/) 的 52 | [busybox.exe](https://frippery.org/files/busybox/busybox.exe), 53 | 需要重命名为 `sh.exe` 或 `bash.exe` 才能拖动运行. 54 | 55 | ### WSL (不推荐) 56 | 57 | 需要安装 WSL, 由于 Busybox 的方法不需要安装额外的程序, 因此不建议专门为此装 WSL. 58 | 59 | 推荐使用 Ubuntu 18.04. 60 | 61 | 安装依赖关系: 62 | 63 | ```bash 64 | sudo apt install net-tools # 使用了route命令 65 | ``` 66 | 67 | 直接运行 (先不要手动运行 EasyConnect): 68 | 69 | ```bash 70 | ./start-easyconnect-wsl.sh 71 | ``` 72 | 73 | 会提示使用管理员权限运行. 74 | 75 | 如果先运行了 EasyConnect 再运行脚本会导致 `vpn.nju.edu.cn` DNS解析为一个不正确的值, 导致连接失败, 76 | 可能需要重启电脑修复不能连接的问题. 77 | 78 | ## MacOS 79 | 80 | 不要先打开 EasyConnect, 直接运行命令, 在删除路由表的时候可能会提示输入密码: 81 | 82 | ```bash 83 | ./start-easyconnect-mac.sh 84 | ``` 85 | 86 | ## Ubuntu 87 | 88 | EasyConnect 开机后会通过 systemd 启动后台服务, 但我们可以只在需要时启动, 因此可以禁用这个服务 89 | (当然, 不禁用也可以用): 90 | 91 | ```bash 92 | sudo systemctl stop EasyMonitor.service 93 | sudo systemctl disable EasyMonitor.service 94 | ``` 95 | 96 | 有几个程序有 setuid 权限, 但不是必要的, 可以去掉: 97 | 98 | ```bash 99 | sudo chmod -s /usr/share/sangfor/EasyConnect/resources/bin/CSClient /usr/share/sangfor/EasyConnect/resources/bin/ECAgent 100 | ``` 101 | 102 | 安装依赖关系: 103 | 104 | ```bash 105 | sudo apt install net-tools # 使用了route命令 106 | ``` 107 | 108 | 直接运行 (操作路由表需要root权限, 会提示你输入密码): 109 | 110 | ```bash 111 | ./start-easyconnect-linux.sh 112 | ``` 113 | 114 | 通过点击图标运行: 115 | 修改 `/usr/share/applications/EasyConnect.desktop` 第5行 `Exec=` 为你的 `start-easyconnect.sh` 的绝对路径: 116 | 117 | ```bash 118 | sudo sed "s@Exec=.*@Exec=\"`realpath ./start-easyconnect-linux.sh`\"@" /usr/share/applications/EasyConnect.desktop #-i 119 | # 上一行命令的注释去掉(加 -i)才能写入 120 | ``` 121 | 122 | ~~如果不希望使用 EasyConnect 提供的 DNS 服务器, 可以对程序进行 patch~~ (版本更新后已不支持): 123 | 124 | ```bash 125 | cd /usr/share/sangfor/EasyConnect/resources/bin 126 | sudo cp svpnservice svpnservice.bak 127 | echo -e '\x39\xc0\x39\xc0' | sudo dd of=svpnservice count=4 seek=284760 oflag=seek_bytes iflag=count_bytes conv=notrunc # 39 c0: cmp eax, eax 128 | ``` 129 | 130 | `svpnservice` 程序判断 `/etc/resolv.conf` 的修改时间有没有发生变化, 如果改变了就将内容复写掉. 131 | 上面的命令修改了程序, 让程序认为文件始终没有被修改. 132 | 133 | ## 脚本工作原理 134 | 135 | - 启动 EasyConnect 前, 查询 `vpn.nju.edu.cn` 的 IP 地址 136 | - 启动 EasyConnect 137 | - 等待路由表更新 138 | - 删除 tun0 接口的所有路由规则, 除了 `vpn.nju.edu.cn` 的 IP 地址所在子网 139 | - 添加路由规则, 上一步除外的子网不会添加 (添加了 `vpn.nju.edu.cn` 所在子网会导致无法连接) 140 | 141 | 添加的路由规则主要来自于 EasyConnect 软件界面的默认资源组的资源地址, 整理如下: 142 | 143 | ```txt 144 | 10.254.253.0/24 36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.119.32.0/19 202.127.247.0/24 202.38.126.160/28 202.38.2.0/23 210.28.128.0/20 210.29.240.0/20 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 145 | ``` 146 | 147 | 我做了一些修改: 148 | 149 | ```txt 150 | # 南大IP 151 | 36.152.24.0/24 58.192.32.0/20 58.192.48.0/21 58.193.224.0/19 58.240.127.0/27 112.25.191.64/26 114.212.0.0/16 172.0.0.0/8 180.209.0.0/20 202.38.2.0/23 202.38.126.160/28 202.119.32.0/19 202.127.247.0/24 210.28.0.0/14 211.162.26.0/27 211.162.81.0/25 218.94.142.0/24 219.219.112.0/20 221.6.40.128/25 222.94.3.0/24 222.94.208.0/24 152 | # 图书馆电子资源 153 | 122.115.32.0/19 101.230.240.0/20 42.62.48.0/20 42.62.64.0/18 140.210.64.0/19 183.84.0.0/21 103.88.33.0/24 23.33.94.0/24 162.159.129.0/24 34.107.128.0/24 140.234.252.0/24 151.101.228.0/22 104.18.0.0/24 195.128.8.0/24 151.101.0.0/16 104.18.20.0/24 47.114.157.0/24 154 | ``` 155 | 156 | ## 其他问题 157 | 158 | 虽然上面的子网用起来没啥问题, 但这个网页提供的似乎更精确一点 . 159 | 160 | 删除路由表时出现少量错误提示影响不大. 161 | --------------------------------------------------------------------------------