From 2125e805d18fe4441f48748cb90e2ac3dae14785 Mon Sep 17 00:00:00 2001 From: lean Date: Wed, 15 Apr 2020 20:39:16 +0800 Subject: [PATCH] luci-app-ssr-plus: revert lock feature --- package/lean/luci-app-ssr-plus/Makefile | 24 +- .../luasrc/controller/shadowsocksr.lua | 124 +- .../model/cbi/shadowsocksr/advanced.lua | 1 - .../model/cbi/shadowsocksr/client-config.lua | 279 ++--- .../luasrc/model/cbi/shadowsocksr/client.lua | 7 +- .../luasrc/model/cbi/shadowsocksr/control.lua | 68 +- .../luasrc/model/cbi/shadowsocksr/log.lua | 26 +- .../model/cbi/shadowsocksr/server-config.lua | 60 +- .../luasrc/model/cbi/shadowsocksr/server.lua | 77 +- .../luasrc/model/cbi/shadowsocksr/servers.lua | 65 +- .../luasrc/model/cbi/shadowsocksr/status.lua | 124 +- .../luasrc/view/shadowsocksr/certupload.htm | 4 +- .../luasrc/view/shadowsocksr/checkport.htm | 10 + .../luasrc/view/shadowsocksr/server_list.htm | 10 + .../luasrc/view/shadowsocksr/ssrurl.htm | 9 + .../luci-app-ssr-plus/po/zh-cn/ssr-plus.po | 12 - .../root/etc/{ssr => }/china_ssr.txt | 25 +- .../root/etc/{ssr => config}/netflix.list | 0 .../root/etc/{ssr => config}/netflixip.list | 0 .../root/etc/config/shadowsocksr | 18 +- .../root/etc/dnsmasq.ssr/gfw_list.conf | 306 ++++- .../root/etc/init.d/shadowsocksr | 1042 +++++++++-------- .../root/etc/uci-defaults/luci-ssr-plus | 10 +- .../luci-app-ssr-plus/root/usr/bin/ssr-ad | 10 +- .../luci-app-ssr-plus/root/usr/bin/ssr-gfw | 5 +- .../root/usr/bin/ssr-monitor | 41 +- .../luci-app-ssr-plus/root/usr/bin/ssr-rules | 53 +- .../luci-app-ssr-plus/root/usr/bin/ssr-switch | 13 +- .../root/usr/share/shadowsocksr/chinaipset.sh | 6 +- .../usr/share/shadowsocksr/genred2config.sh | 96 +- .../share/shadowsocksr/gentrojanconfig.lua | 1 + .../usr/share/shadowsocksr/genv2config.lua | 1 + .../root/usr/share/shadowsocksr/gfw2ipset.sh | 37 +- .../usr/share/shadowsocksr/ssrplusupdate.sh | 6 +- .../root/usr/share/shadowsocksr/subscribe.lua | 59 +- .../root/usr/share/shadowsocksr/update.lua | 139 ++- 36 files changed, 1548 insertions(+), 1220 deletions(-) rename package/lean/luci-app-ssr-plus/root/etc/{ssr => }/china_ssr.txt (99%) rename package/lean/luci-app-ssr-plus/root/etc/{ssr => config}/netflix.list (100%) rename package/lean/luci-app-ssr-plus/root/etc/{ssr => config}/netflixip.list (100%) diff --git a/package/lean/luci-app-ssr-plus/Makefile b/package/lean/luci-app-ssr-plus/Makefile index 65d86a8a8..17fa2180a 100644 --- a/package/lean/luci-app-ssr-plus/Makefile +++ b/package/lean/luci-app-ssr-plus/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-ssr-plus PKG_VERSION:=176 -PKG_RELEASE:=5 +PKG_RELEASE:=6 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME) @@ -38,10 +38,10 @@ define Package/$(PKG_NAME) SECTION:=luci CATEGORY:=LuCI SUBMENU:=3. Applications - TITLE:=SS/SSR/V2Ray/Trojan/Socks5/Tun LuCI interface + TITLE:=SS/SSR/V2Ray/Trojan LuCI interface PKGARCH:=all DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +pdnsd-alt +wget +lua +libuci-lua \ - +microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping +resolveip \ + +microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping \ +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \ +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \ +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \ @@ -58,17 +58,23 @@ define Build/Compile endef define Package/$(PKG_NAME)/conffiles +/etc/ssr_ip +/etc/china_ssr.txt /etc/config/shadowsocksr -/etc/ssr/netflix.list -/etc/ssr/netflixip.list +/etc/config/white.list +/etc/config/black.list +/etc/config/netflix.list +/etc/dnsmasq.ssr/ad.conf +/etc/dnsmasq.ssr/gfw_list.conf endef define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/etc/ssr - $(INSTALL_DATA) ./root/etc/ssr/* $(1)/etc/ssr/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_DATA) ./root/etc/china_ssr.txt $(1)/etc/china_ssr.txt $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./root/etc/config/shadowsocksr $(1)/etc/config/shadowsocksr + $(INSTALL_DATA) ./root/etc/config/*.list $(1)/etc/config/ $(INSTALL_DIR) $(1)/etc/dnsmasq.oversea $(INSTALL_DATA) ./root/etc/dnsmasq.oversea/* $(1)/etc/dnsmasq.oversea/ @@ -104,8 +110,8 @@ endef define Package/$(PKG_NAME)/postrm #!/bin/sh -rm -rf /etc/ssl/private /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/ssr /etc/config/shadowsocksr /etc/china_ssr.txt /etc/config/black.list /etc/config/white.list \ -/etc/config/netflix.list /etc/config/netflixip.list +rm -rf /etc/china_ssr.txt /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/config/shadowsocksr /etc/config/black.list \ + /etc/config/gfw.list /etc/config/white.list /etc/config/netflix.list /etc/config/netflixip.list 2>/dev/null endef $(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua b/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua index dfe74557f..3176ad456 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua @@ -1,5 +1,6 @@ -- Copyright (C) 2017 yushi studio -- Licensed to the public under the GNU General Public License v3. + module("luci.controller.shadowsocksr", package.seeall) function index() @@ -73,50 +74,105 @@ function refresh_data() local set = luci.http.formvalue("set") local uci = luci.model.uci.cursor() local icount = 0 - local retstring = 0 - local function update(url, file, type, file2) - local Num = 1 - refresh_cmd = "wget-ssl --no-check-certificate -t 3 -T 10 -O- " .. url .. " > /tmp/ssr-update." .. type + if set == "gfw_data" then + refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. ' > /tmp/gfw.b64' sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") if sret == 0 then - if type == "gfw_data" then - luci.sys.call("/usr/bin/ssr-gfw " .. type) - Num = 2 - end - if type == "ad_data" then - luci.sys.call("/usr/bin/ssr-ad " .. type) - end - local new_md5 = luci.sys.exec("echo -n $([ -f '/tmp/ssr-update." .. type .. "' ] && md5sum /tmp/ssr-update." .. type .. " | awk '{print $1}')") - local old_md5 = luci.sys.exec("echo -n $([ -f '" .. file .. "' ] && md5sum " .. file .. " | awk '{print $1}')") - if new_md5 == old_md5 then - retstring = "0" - else - icount = luci.sys.exec("cat /tmp/ssr-update." .. type .. " | wc -l") - luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file) - if file2 then luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file2) end - retstring = tostring(tonumber(icount)/Num) - if type == "gfw_data" or type == "ad_data" then - luci.sys.exec("/usr/share/shadowsocksr/gfw2ipset.sh gfw_data") + luci.sys.call("/usr/bin/ssr-gfw") + icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l") + if tonumber(icount) > 1000 then + if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then + oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l") else - luci.sys.exec("/etc/init.d/shadowsocksr restart &") + oldcount = "0" end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf") + luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf") + luci.sys.call("/etc/init.d/dnsmasq restart") + retstring = tostring(tonumber(icount)/2) + else + retstring = "0" + end + else + retstring = "-1" + end + luci.sys.exec("rm -f /tmp/gfwnew.txt") + else + retstring = "-1" + end + end + if set == "ip_data" then + refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url', 'https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt" + sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") + icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") + if sret == 0 and tonumber(icount) > 1000 then + if nixio.fs.access("/etc/china_ssr.txt") then + oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt") + luci.sys.exec("/etc/init.d/shadowsocksr restart &") + retstring = tostring(tonumber(icount)) + else + retstring = "0" end else retstring = "-1" end - luci.sys.exec("rm -f /tmp/ssr-update." .. type) - end - if set == "gfw_data" then - update(uci:get_first("shadowsocksr", "global", "gfwlist_url", "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt"), "/etc/dnsmasq.ssr/gfw_list.conf", set, "/tmp/dnsmasq.ssr/gfw_list.conf") - end - if set == "ip_data" then - update(uci:get_first("shadowsocksr", "global", "chnroute_url","https://ispip.clang.cn/all_cn.txt"), "/etc/ssr/china_ssr.txt", set) - end - if set == "ad_data" then - update(uci:get_first("shadowsocksr", "global", "adblock_url","https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt"), "/etc/dnsmasq.ssr/ad.conf", set, "/tmp/dnsmasq.ssr/ad.conf") + luci.sys.exec("rm -f /tmp/china_ssr.txt") end if set == "nfip_data" then - update(uci:get_first("shadowsocksr", "global", "nfip_url","https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"), "/etc/ssr/netflixip.list", set) + refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list" + sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") + icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l") + if sret == 0 and tonumber(icount) > 5 then + if nixio.fs.access("/etc/config/netflixip.list") then + oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list") + luci.sys.exec("/etc/init.d/shadowsocksr restart &") + retstring = tostring(tonumber(icount)) + else + retstring = "0" + end + else + retstring = "-1" + end + luci.sys.exec("rm -f /tmp/netflixip.list") + end + if set == "ad_data" then + refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf" + sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") + if sret == 0 then + luci.sys.call("/usr/bin/ssr-ad") + icount = luci.sys.exec("cat /tmp/ad.conf | wc -l") + if tonumber(icount) > 100 then + if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then + oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf") + luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf") + luci.sys.call("/etc/init.d/dnsmasq restart") + retstring = tostring(tonumber(icount)) + else + retstring = "0" + end + else + retstring = "-1" + end + luci.sys.exec("rm -f /tmp/ad.conf") + else + retstring = "-1" + end end luci.http.prepare_content("application/json") luci.http.write_json({ret = retstring,retcount = icount}) diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua index ff05ae3db..d7908e5e6 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua @@ -1,4 +1,3 @@ -require "luci.model.uci" local shadowsocksr = "shadowsocksr" local uci = luci.model.uci.cursor() local server_table = {} diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua index 580fbc678..f42822f58 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua @@ -1,105 +1,108 @@ -- Copyright (C) 2017 yushi studio github.com/ywb94 -- Licensed to the public under the GNU General Public License v3. -require "luci.model.uci" -require "nixio.fs" -require "luci.sys" -require "luci.http" + local m, s, o,kcp_enable local shadowsocksr = "shadowsocksr" local uci = luci.model.uci.cursor() +local fs = require "nixio.fs" +local sys = require "luci.sys" local sid = arg[1] local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid") +local http = require "luci.http" local function isKcptun(file) - if not nixio.fs.access(file, "rwx", "rx", "rx") then - nixio.fs.chmod(file, 755) + if not fs.access(file, "rwx", "rx", "rx") then + fs.chmod(file, 755) end - local str = luci.sys.exec(file .. " -v | awk '{printf $1}'") + + local str = sys.exec(file .. " -v | awk '{printf $1}'") return (str:lower() == "kcptun") end + local server_table = {} local encrypt_methods = { -"none", -"table", -"rc4", -"rc4-md5-6", -"rc4-md5", -"aes-128-cfb", -"aes-192-cfb", -"aes-256-cfb", -"aes-128-ctr", -"aes-192-ctr", -"aes-256-ctr", -"bf-cfb", -"camellia-128-cfb", -"camellia-192-cfb", -"camellia-256-cfb", -"cast5-cfb", -"des-cfb", -"idea-cfb", -"rc2-cfb", -"seed-cfb", -"salsa20", -"chacha20", -"chacha20-ietf", + "none", + "table", + "rc4", + "rc4-md5-6", + "rc4-md5", + "aes-128-cfb", + "aes-192-cfb", + "aes-256-cfb", + "aes-128-ctr", + "aes-192-ctr", + "aes-256-ctr", + "bf-cfb", + "camellia-128-cfb", + "camellia-192-cfb", + "camellia-256-cfb", + "cast5-cfb", + "des-cfb", + "idea-cfb", + "rc2-cfb", + "seed-cfb", + "salsa20", + "chacha20", + "chacha20-ietf", } local encrypt_methods_ss = { --- aead -"aes-128-gcm", -"aes-192-gcm", -"aes-256-gcm", -"chacha20-ietf-poly1305", -"xchacha20-ietf-poly1305", --- stream -"table", -"rc4", -"rc4-md5", -"aes-128-cfb", -"aes-192-cfb", -"aes-256-cfb", -"aes-128-ctr", -"aes-192-ctr", -"aes-256-ctr", -"bf-cfb", -"camellia-128-cfb", -"camellia-192-cfb", -"camellia-256-cfb", -"salsa20", -"chacha20", -"chacha20-ietf", + -- aead + "aes-128-gcm", + "aes-192-gcm", + "aes-256-gcm", + "chacha20-ietf-poly1305", + "xchacha20-ietf-poly1305", + -- stream + "table", + "rc4", + "rc4-md5", + "aes-128-cfb", + "aes-192-cfb", + "aes-256-cfb", + "aes-128-ctr", + "aes-192-ctr", + "aes-256-ctr", + "bf-cfb", + "camellia-128-cfb", + "camellia-192-cfb", + "camellia-256-cfb", + "salsa20", + "chacha20", + "chacha20-ietf", } local protocol = { -"origin", -"verify_deflate", -"auth_sha1_v4", -"auth_aes128_sha1", -"auth_aes128_md5", -"auth_chain_a", -"auth_chain_b", -"auth_chain_c", -"auth_chain_d", -"auth_chain_e", -"auth_chain_f", + "origin", + "verify_deflate", + "auth_sha1_v4", + "auth_aes128_sha1", + "auth_aes128_md5", + "auth_chain_a", + "auth_chain_b", + "auth_chain_c", + "auth_chain_d", + "auth_chain_e", + "auth_chain_f", } obfs = { -"plain", -"http_simple", -"http_post", -"random_head", -"tls1.2_ticket_auth", + "plain", + "http_simple", + "http_post", + "random_head", + "tls1.2_ticket_auth", } local securitys = { -"auto", -"none", -"aes-128-gcm", -"chacha20-poly1305" + "auto", + "none", + "aes-128-gcm", + "chacha20-poly1305" } + m = Map(shadowsocksr, translate("Edit ShadowSocksR Server")) m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers") if m.uci:get(shadowsocksr, sid) ~= "servers" then @@ -110,35 +113,35 @@ end -- [[ Servers Setting ]]-- s = m:section(NamedSection, sid, "servers") s.anonymous = true -s.addremove = false +s.addremove = false o = s:option(DummyValue,"ssr_url","SS/SSR/V2RAY/TROJAN URL") -o.rawhtml = true +o.rawhtml = true o.template = "shadowsocksr/ssrurl" o.value =sid o = s:option(ListValue, "type", translate("Server Node Type")) o:value("ssr", translate("ShadowsocksR")) if nixio.fs.access("/usr/bin/ss-redir") then - o:value("ss", translate("Shadowsocks New Version")) +o:value("ss", translate("Shadowsocks New Version")) end if nixio.fs.access("/usr/bin/v2ray/v2ray") or nixio.fs.access("/usr/bin/v2ray") then - o:value("v2ray", translate("V2Ray")) +o:value("v2ray", translate("V2Ray")) end if nixio.fs.access("/usr/sbin/trojan") then - o:value("trojan", translate("Trojan")) +o:value("trojan", translate("Trojan")) end if nixio.fs.access("/usr/sbin/redsocks2") then - o:value("socks5", translate("Socks5")) - o:value("tun", translate("Network Tunnel")) +o:value("socks5", translate("Socks5")) +o:value("tun", translate("Network Tunnel")) end o.description = translate("Using incorrect encryption mothod may causes service fail to start") o = s:option(Value, "alias", translate("Alias(optional)")) o = s:option(ListValue, "iface", translate("Network interface to use")) -for _, e in ipairs(luci.sys.net.devices()) do - if e ~= "lo" then o:value(e) end +for _, e in ipairs(sys.net.devices()) do + if e ~= "lo" then o:value(e) end end o:depends("type", "tun") o.description = translate("Redirect traffic to this network interface") @@ -243,6 +246,7 @@ o.rmempty = true o:depends("type", "v2ray") -- [[ TCP部分 ]]-- + -- TCP伪装 o = s:option(ListValue, "tcp_guise", translate("Camouflage Type")) o:depends("transport", "tcp") @@ -261,6 +265,7 @@ o:depends("tcp_guise", "http") o.rmempty = true -- [[ WS部分 ]]-- + -- WS域名 o = s:option(Value, "ws_host", translate("WebSocket Host")) o:depends("transport", "ws") @@ -272,6 +277,7 @@ o:depends("transport", "ws") o.rmempty = true -- [[ H2部分 ]]-- + -- H2域名 o = s:option(Value, "h2_host", translate("HTTP/2 Host")) o:depends("transport", "h2") @@ -283,6 +289,7 @@ o:depends("transport", "h2") o.rmempty = true -- [[ QUIC部分 ]]-- + o = s:option(ListValue, "quic_security", translate("QUIC Security")) o:depends("transport", "quic") o.rmempty = true @@ -305,6 +312,7 @@ o:value("dtls", "DTLS 1.2") o:value("wireguard", "WireGuard") -- [[ mKCP部分 ]]-- + o = s:option(ListValue, "kcp_guise", translate("Camouflage Type")) o:depends("transport", "kcp") o:value("none", translate("None")) @@ -361,7 +369,6 @@ o.rmempty = true o:depends("type", "v2ray") o:depends("type", "trojan") o.default = "1" -o.description = translate("If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.") -- [[ TLS ]]-- o = s:option(Flag, "tls", translate("TLS")) @@ -402,31 +409,31 @@ o:depends("certificate", 1) cert_dir = "/etc/ssl/private/" local path -luci.http.setfilehandler( -function(meta, chunk, eof) - if not fd then - if (not meta) or (not meta.name) or (not meta.file) then return end - fd = nixio.open(cert_dir .. meta.file, "w") - if not fd then - path = translate("Create upload file error.") - return - end - end - if chunk and fd then - fd:write(chunk) - end - if eof and fd then - fd:close() - fd = nil - path = '/etc/ssl/private/' .. meta.file .. '' - end -end -) +http.setfilehandler( + function(meta, chunk, eof) + if not fd then + if (not meta) or (not meta.name) or (not meta.file) then return end + fd = nixio.open(cert_dir .. meta.file, "w") + if not fd then + path = translate("Create upload file error.") + return + end + end + if chunk and fd then + fd:write(chunk) + end + if eof and fd then + fd:close() + fd = nil + path = '/etc/ssl/private/' .. meta.file .. '' + end + end + ) if luci.http.formvalue("upload") then - local f = luci.http.formvalue("ulfile") - if #f <= 0 then - path = translate("No specify upload file.") - end + local f = luci.http.formvalue("ulfile") + if #f <= 0 then + path = translate("No specify upload file.") + end end o = s:option(Value, "certpath", translate("Current Certificate Path")) @@ -452,36 +459,42 @@ o.default = 1234 o.rmempty = false if nixio.fs.access("/usr/bin/kcptun-client") then - kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client")) - kcp_enable.rmempty = true - kcp_enable.default = "0" - kcp_enable:depends("type", "ssr") - kcp_enable:depends("type", "ss") - o = s:option(Value, "kcp_port", translate("KcpTun Port")) - o.datatype = "port" - o.default = 4000 - function o.validate(self, value, section) + +kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client")) +kcp_enable.rmempty = true +kcp_enable.default = "0" +kcp_enable:depends("type", "ssr") +kcp_enable:depends("type", "ss") + +o = s:option(Value, "kcp_port", translate("KcpTun Port")) +o.datatype = "port" +o.default = 4000 +function o.validate(self, value, section) local kcp_file="/usr/bin/kcptun-client" local enable = kcp_enable:formvalue(section) or kcp_enable.disabled if enable == kcp_enable.enabled then - if not nixio.fs.access(kcp_file) then - return nil, translate("Haven't a Kcptun executable file") - elseif not isKcptun(kcp_file) then - return nil, translate("Not a Kcptun executable file") - end - end - return value + if not fs.access(kcp_file) then + return nil, translate("Haven't a Kcptun executable file") + elseif not isKcptun(kcp_file) then + return nil, translate("Not a Kcptun executable file") end - o:depends("type", "ssr") - o:depends("type", "ss") - o = s:option(Value, "kcp_password", translate("KcpTun Password")) - o.password = true - o:depends("type", "ssr") - o:depends("type", "ss") - o = s:option(Value, "kcp_param", translate("KcpTun Param")) - o.default = "--nocomp" - o:depends("type", "ssr") - o:depends("type", "ss") + end + + return value +end +o:depends("type", "ssr") +o:depends("type", "ss") + +o = s:option(Value, "kcp_password", translate("KcpTun Password")) +o.password = true +o:depends("type", "ssr") +o:depends("type", "ss") + +o = s:option(Value, "kcp_param", translate("KcpTun Param")) +o.default = "--nocomp" +o:depends("type", "ssr") +o:depends("type", "ss") + end return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua index 7e09f4d36..c73e5e21d 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua @@ -1,13 +1,16 @@ -- Copyright (C) 2017 yushi studio github.com/ywb94 -- Copyright (C) 2018 lean github.com/coolsnowwolf -- Licensed to the public under the GNU General Public License v3. -require "luci.model.uci" + local m, s, sec, o, kcp_enable local shadowsocksr = "shadowsocksr" local uci = luci.model.uci.cursor() +local sys = require "luci.sys" + m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings")) -m:section(SimpleSection).template = "shadowsocksr/status" + +m:section(SimpleSection).template = "shadowsocksr/status" local server_table = {} uci:foreach(shadowsocksr, "servers", function(s) diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua index 39da0e123..7a5e33b63 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua @@ -1,6 +1,5 @@ -require "luci.ip" -require "nixio.fs" local m, s, o +local NXFS = require "nixio.fs" m = Map("shadowsocksr", translate("IP black-and-white list")) @@ -28,9 +27,9 @@ o.rmempty = false o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List")) o.datatype = "ipaddr" luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end + if entry.reachable then + o:value(entry.dest:string()) + end end) o:depends("lan_ac_mode", "w") o:depends("lan_ac_mode", "b") @@ -38,25 +37,25 @@ o:depends("lan_ac_mode", "b") o = s:taboption("lan_ac", DynamicList, "lan_bp_ips", translate("LAN Bypassed Host List")) o.datatype = "ipaddr" luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end + if entry.reachable then + o:value(entry.dest:string()) + end end) o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List")) o.datatype = "ipaddr" luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end + if entry.reachable then + o:value(entry.dest:string()) + end end) o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List")) o.datatype = "ipaddr" luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end + if entry.reachable then + o:value(entry.dest:string()) + end end) -- Part of Self @@ -67,72 +66,73 @@ end) -- o:value("2", translatef("Forwarded Proxy")) -- o.rmempty = false -s:tab("esc", translate("Bypass Domain List")) +s:tab("esc", translate("Bypass Domain List")) -local escconf = "/etc/ssr/white.list" +local escconf = "/etc/config/white.list" o = s:taboption("esc", TextValue, "escconf") o.rows = 13 o.wrap = "off" o.rmempty = true o.cfgvalue = function(self, section) - return nixio.fs.readfile(escconf) or "" + return NXFS.readfile(escconf) or "" end o.write = function(self, section, value) - nixio.fs.writefile(escconf, value:gsub("\r\n", "\n")) + NXFS.writefile(escconf, value:gsub("\r\n", "\n")) end o.remove = function(self, section, value) - nixio.fs.writefile(escconf, "") + NXFS.writefile(escconf, "") end -s:tab("block", translate("Black Domain List")) -local blockconf = "/etc/ssr/black.list" +s:tab("block", translate("Black Domain List")) + +local blockconf = "/etc/config/black.list" o = s:taboption("block", TextValue, "blockconf") o.rows = 13 o.wrap = "off" o.rmempty = true o.cfgvalue = function(self, section) - return nixio.fs.readfile(blockconf) or " " + return NXFS.readfile(blockconf) or " " end o.write = function(self, section, value) - nixio.fs.writefile(blockconf, value:gsub("\r\n", "\n")) + NXFS.writefile(blockconf, value:gsub("\r\n", "\n")) end o.remove = function(self, section, value) - nixio.fs.writefile(blockconf, "") + NXFS.writefile(blockconf, "") end -s:tab("netflix", translate("Netflix Domain List")) +s:tab("netflix", translate("Netflix Domain List")) -local netflixconf = "/etc/ssr/netflix.list" +local netflixconf = "/etc/config/netflix.list" o = s:taboption("netflix", TextValue, "netflixconf") o.rows = 13 o.wrap = "off" o.rmempty = true o.cfgvalue = function(self, section) - return nixio.fs.readfile(netflixconf) or " " + return NXFS.readfile(netflixconf) or " " end o.write = function(self, section, value) - nixio.fs.writefile(netflixconf, value:gsub("\r\n", "\n")) + NXFS.writefile(netflixconf, value:gsub("\r\n", "\n")) end o.remove = function(self, section, value) - nixio.fs.writefile(netflixconf, "") + NXFS.writefile(netflixconf, "") end -s:tab("netflixip", translate("Netflix IP List")) +s:tab("netflixip", translate("Netflix IP List")) -local netflixipconf = "/etc/ssr/netflixip.list" +local netflixipconf = "/etc/config/netflixip.list" o = s:taboption("netflixip", TextValue, "netflixipconf") o.rows = 13 o.wrap = "off" o.rmempty = true o.cfgvalue = function(self, section) - return nixio.fs.readfile(netflixipconf) or " " + return NXFS.readfile(netflixipconf) or " " end o.write = function(self, section, value) - nixio.fs.writefile(netflixipconf, value:gsub("\r\n", "\n")) + NXFS.writefile(netflixipconf, value:gsub("\r\n", "\n")) end o.remove = function(self, section, value) - nixio.fs.writefile(netflixipconf, "") + NXFS.writefile(netflixipconf, "") end return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua index a71d0003b..6c5938ed7 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua @@ -1,20 +1,20 @@ -require "luci.util" -require "nixio.fs" +local fs = require "nixio.fs" + f = SimpleForm("logview") -f.reset = false -f.submit = false + t = f:field(TextValue, "conf") t.rmempty = true t.rows = 20 function t.cfgvalue() - if nixio.fs.access("/tmp/ssrplus.log") then - local logs = luci.util.execi("cat /tmp/ssrplus.log") - local s = "" - for line in logs do - s = line .. "\n" .. s - end - return s - end + if fs.access("/tmp/ssrplus.log") then + local logs = luci.util.execi("cat /tmp/ssrplus.log") + local s = "" + for line in logs do + s = line .. "\n" .. s + end + return s + end end t.readonly="readonly" -return f + +return f \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua index 2f7b21868..c7d902156 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua @@ -1,44 +1,43 @@ -- Copyright (C) 2017 yushi studio -- Licensed to the public under the GNU General Public License v3. -require "luci.http" -require "luci.dispatcher" + local m, s, o local shadowsocksr = "shadowsocksr" local sid = arg[1] local encrypt_methods = { -"rc4-md5", -"rc4-md5-6", -"rc4", -"table", -"aes-128-cfb", -"aes-192-cfb", -"aes-256-cfb", -"aes-128-ctr", -"aes-192-ctr", -"aes-256-ctr", -"bf-cfb", -"camellia-128-cfb", -"camellia-192-cfb", -"camellia-256-cfb", -"cast5-cfb", -"des-cfb", -"idea-cfb", -"rc2-cfb", -"seed-cfb", -"salsa20", -"chacha20", -"chacha20-ietf", + "rc4-md5", + "rc4-md5-6", + "rc4", + "table", + "aes-128-cfb", + "aes-192-cfb", + "aes-256-cfb", + "aes-128-ctr", + "aes-192-ctr", + "aes-256-ctr", + "bf-cfb", + "camellia-128-cfb", + "camellia-192-cfb", + "camellia-256-cfb", + "cast5-cfb", + "des-cfb", + "idea-cfb", + "rc2-cfb", + "seed-cfb", + "salsa20", + "chacha20", + "chacha20-ietf", } local protocol = { -"origin", + "origin", } obfs = { -"plain", -"http_simple", -"http_post", + "plain", + "http_simple", + "http_post", } m = Map(shadowsocksr, translate("Edit ShadowSocksR Server")) @@ -49,10 +48,13 @@ if m.uci:get(shadowsocksr, sid) ~= "server_config" then return end + + + -- [[ Server Setting ]]-- s = m:section(NamedSection, sid, "server_config") s.anonymous = true -s.addremove = false +s.addremove = false o = s:option(Flag, "enable", translate("Enable")) o.default = 1 diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua index 42f01055f..ec273e0f3 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua @@ -1,55 +1,56 @@ -- Copyright (C) 2017 yushi studio -- Licensed to the public under the GNU General Public License v3. -require "luci.http" -require "luci.dispatcher" + local m, sec, o local shadowsocksr = "shadowsocksr" +local uci = luci.model.uci.cursor() + + +m = Map(shadowsocksr) local encrypt_methods = { -"table", -"rc4", -"rc4-md5", -"rc4-md5-6", -"aes-128-cfb", -"aes-192-cfb", -"aes-256-cfb", -"aes-128-ctr", -"aes-192-ctr", -"aes-256-ctr", -"bf-cfb", -"camellia-128-cfb", -"camellia-192-cfb", -"camellia-256-cfb", -"cast5-cfb", -"des-cfb", -"idea-cfb", -"rc2-cfb", -"seed-cfb", -"salsa20", -"chacha20", -"chacha20-ietf", + "table", + "rc4", + "rc4-md5", + "rc4-md5-6", + "aes-128-cfb", + "aes-192-cfb", + "aes-256-cfb", + "aes-128-ctr", + "aes-192-ctr", + "aes-256-ctr", + "bf-cfb", + "camellia-128-cfb", + "camellia-192-cfb", + "camellia-256-cfb", + "cast5-cfb", + "des-cfb", + "idea-cfb", + "rc2-cfb", + "seed-cfb", + "salsa20", + "chacha20", + "chacha20-ietf", } local protocol = { -"origin", -"verify_deflate", -"auth_sha1_v4", -"auth_aes128_sha1", -"auth_aes128_md5", -"auth_chain_a", + "origin", + "verify_deflate", + "auth_sha1_v4", + "auth_aes128_sha1", + "auth_aes128_md5", + "auth_chain_a", } obfs = { -"plain", -"http_simple", -"http_post", -"random_head", -"tls1.2_ticket_auth", -"tls1.2_ticket_fastauth", + "plain", + "http_simple", + "http_post", + "random_head", + "tls1.2_ticket_auth", + "tls1.2_ticket_fastauth", } -m = Map(shadowsocksr) - -- [[ Global Setting ]]-- sec = m:section(TypedSection, "server_global", translate("Global Setting")) sec.anonymous = true diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua index e95c85cc1..d1ca50467 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua @@ -1,19 +1,23 @@ -- Licensed to the public under the GNU General Public License v3. -require "luci.http" -require "luci.dispatcher" -require "luci.model.uci" + local m, s, o local shadowsocksr = "shadowsocksr" + local uci = luci.model.uci.cursor() local server_count = 0 - uci:foreach("shadowsocksr", "servers", function(s) - server_count = server_count + 1 + server_count = server_count + 1 end) -m = Map(shadowsocksr, translate("Servers subscription and manage")) +local fs = require "nixio.fs" +local sys = require "luci.sys" + +local ucic = luci.model.uci.cursor() + +m = Map(shadowsocksr, translate("Servers subscription and manage")) -- Server Subscribe + s = m:section(TypedSection, "server_subscribe") s.anonymous = true @@ -21,9 +25,10 @@ o = s:option(Flag, "auto_update", translate("Auto Update")) o.rmempty = false o.description = translate("Auto Update Server subscription, GFW list and CHN route") + o = s:option(ListValue, "auto_update_time", translate("Update time (every day)")) for t = 0,23 do - o:value(t, t..":00") +o:value(t, t..":00") end o.default=2 o.rmempty = false @@ -39,7 +44,7 @@ o = s:option(Button,"update_Sub",translate("Update Subscribe List")) o.inputstyle = "reload" o.description = translate("Update subscribe url list first") o.write = function() - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) + luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) end o = s:option(Flag, "switch", translate("Subscribe Default Auto-Switch")) @@ -51,26 +56,27 @@ o = s:option(Flag, "proxy", translate("Through proxy update")) o.rmempty = false o.description = translate("Through proxy update list, Not Recommended ") + o = s:option(Button,"subscribe", translate("Update All Subscribe Severs")) -o.rawhtml = true +o.rawhtml = true o.template = "shadowsocksr/subscribe" o = s:option(Button,"delete",translate("Delete All Subscribe Severs")) o.inputstyle = "reset" -o.description = string.format(translate("Server Count") .. ": %d", server_count) +o.description = string.format(translate("Server Count") .. ": %d", server_count) o.write = function() - uci:delete_all("shadowsocksr", "servers", function(s) - if s.hashkey or s.isSubscribe then - return true - else - return false - end - end) - uci:save("shadowsocksr") - uci:commit("shadowsocksr") - luci.sys.exec("/etc/init.d/shadowsocksr restart") - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) - return +uci:delete_all("shadowsocksr", "servers", function(s) + if s.hashkey or s.isSubscribe then + return true + else + return false + end +end) +uci:save("shadowsocksr") +uci:commit("shadowsocksr") +luci.sys.exec("/etc/init.d/shadowsocksr restart") +luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) +return end -- [[ Servers Manage ]]-- @@ -79,12 +85,12 @@ s.anonymous = true s.addremove = true s.template = "cbi/tblsection" s.sortable = true -s.extedit = luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers", "%s") +s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s") function s.create(...) local sid = TypedSection.create(...) if sid then luci.http.redirect(s.extedit % sid) - return + return end end @@ -111,14 +117,15 @@ o = s:option(DummyValue, "server", translate("Ping Latency")) o.template="shadowsocksr/ping" o.width="10%" + node = s:option(Button,"apply_node",translate("Apply")) node.inputstyle = "apply" node.write = function(self, section) - uci:set("shadowsocksr", '@global[0]', 'global_server', section) - uci:save("shadowsocksr") - uci:commit("shadowsocksr") - luci.sys.exec("/etc/init.d/shadowsocksr restart") - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client")) + ucic:set("shadowsocksr", '@global[0]', 'global_server', section) + ucic:save("shadowsocksr") + ucic:commit("shadowsocksr") + luci.sys.exec("/etc/init.d/shadowsocksr restart") + luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client")) end o = s:option(Flag, "switch_enable", translate("Auto Switch")) diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua index c8225f3eb..0ae5219ee 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua @@ -1,8 +1,6 @@ -- Copyright (C) 2017 yushi studio -- Licensed to the public under the GNU General Public License v3. -require "nixio.fs" -require "luci.sys" -require "luci.model.uci" + local m, s, o local redir_run=0 local reudp_run=0 @@ -22,69 +20,71 @@ font_off = [[]] bold_on = [[]] bold_off = [[]] +local fs = require "nixio.fs" +local sys = require "luci.sys" local kcptun_version=translate("Unknown") local kcp_file="/usr/bin/kcptun-client" -if not nixio.fs.access(kcp_file) then - kcptun_version=translate("Not exist") +if not fs.access(kcp_file) then +kcptun_version=translate("Not exist") else - if not nixio.fs.access(kcp_file, "rwx", "rx", "rx") then - nixio.fs.chmod(kcp_file, 755) - end - kcptun_version=luci.sys.exec(kcp_file .. " -v | awk '{printf $3}'") - if not kcptun_version or kcptun_version == "" then - kcptun_version = translate("Unknown") - end - +if not fs.access(kcp_file, "rwx", "rx", "rx") then +fs.chmod(kcp_file, 755) +end +kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'") +if not kcptun_version or kcptun_version == "" then +kcptun_version = translate("Unknown") +end + end if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then - gfw_count = tonumber(luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2 +gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2 end if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then - ad_count = tonumber(luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")) +ad_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")) end -if nixio.fs.access("/etc/ssr/china_ssr.txt") then - ip_count = tonumber(luci.sys.exec("cat /etc/ssr/china_ssr.txt | wc -l")) +if nixio.fs.access("/etc/china_ssr.txt") then +ip_count = tonumber(sys.exec("cat /etc/china_ssr.txt | wc -l")) end -if nixio.fs.access("/etc/ssr/netflixip.list") then - nfip_count = tonumber(luci.sys.exec("cat /etc/ssr/netflixip.list | wc -l")) +if nixio.fs.access("/etc/config/netflixip.list") then +nfip_count = tonumber(sys.exec("cat /etc/config/netflixip.list | wc -l")) end -local icount=luci.sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l") +local icount=sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l") if tonumber(icount)>0 then - reudp_run=1 +reudp_run=1 else - icount=luci.sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l") - if tonumber(icount)>0 then - reudp_run=1 - end +icount=sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l") +if tonumber(icount)>0 then +reudp_run=1 +end end if luci.sys.call("busybox ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 then - redir_run=1 +redir_run=1 end if luci.sys.call("busybox ps -w | grep ssr-local | grep -v ssr-socksdns |grep -v grep >/dev/null") == 0 then - sock5_run=1 +sock5_run=1 end if luci.sys.call("pidof kcptun-client >/dev/null") == 0 then - kcptun_run=1 +kcptun_run=1 end if luci.sys.call("busybox ps -w | grep ssr-server | grep -v grep >/dev/null") == 0 then - server_run=1 +server_run=1 end --- if luci.sys.call("busybox ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then --- tunnel_run=1 --- end +if luci.sys.call("busybox ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then +tunnel_run=1 +end if luci.sys.call("pidof pdnsd >/dev/null") == 0 or (luci.sys.call("busybox ps -w | grep ssr-dns |grep -v grep >/dev/null") == 0 and luci.sys.call("pidof dns2socks >/dev/null") == 0)then - pdnsd_run=1 +pdnsd_run=1 end m = SimpleForm("Version") @@ -94,56 +94,56 @@ m.submit = false s=m:field(DummyValue,"redir_run",translate("Global Client")) s.rawhtml = true if redir_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off else - s.value = translate("Not Running") +s.value = translate("Not Running") end s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay")) s.rawhtml = true if reudp_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off else - s.value = translate("Not Running") +s.value = translate("Not Running") end if uci:get_first(shadowsocksr, 'global', 'pdnsd_enable', '0') ~= '0' then - s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution")) - s.rawhtml = true - if pdnsd_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off - else - s.value = translate("Not Running") - end +s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution")) +s.rawhtml = true +if pdnsd_run == 1 then +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +else +s.value = translate("Not Running") +end end s=m:field(DummyValue,"sock5_run",translate("Global SOCKS5 Proxy Server")) s.rawhtml = true if sock5_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off else - s.value = translate("Not Running") +s.value = translate("Not Running") end s=m:field(DummyValue,"server_run",translate("Local Servers")) s.rawhtml = true if server_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off else - s.value = translate("Not Running") +s.value = translate("Not Running") end if nixio.fs.access("/usr/bin/kcptun-client") then - s=m:field(DummyValue,"kcp_version",translate("KcpTun Version")) - s.rawhtml = true - s.value =kcptun_version - s=m:field(DummyValue,"kcptun_run",translate("KcpTun")) - s.rawhtml = true - if kcptun_run == 1 then - s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off - else - s.value = translate("Not Running") - end +s=m:field(DummyValue,"kcp_version",translate("KcpTun Version")) +s.rawhtml = true +s.value =kcptun_version +s=m:field(DummyValue,"kcptun_run",translate("KcpTun")) +s.rawhtml = true +if kcptun_run == 1 then +s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off +else +s.value = translate("Not Running") +end end s=m:field(DummyValue,"google",translate("Google Connectivity")) @@ -170,10 +170,10 @@ s.template = "shadowsocksr/refresh" s.value = nfip_count .. " " .. translate("Records") if uci:get_first(shadowsocksr, 'global', 'adblock', '0') == '1' then - s=m:field(DummyValue,"ad_data",translate("Advertising Data")) - s.rawhtml = true - s.template = "shadowsocksr/refresh" - s.value = ad_count .. " " .. translate("Records") +s=m:field(DummyValue,"ad_data",translate("Advertising Data")) +s.rawhtml = true +s.template = "shadowsocksr/refresh" +s.value = ad_count .. " " .. translate("Records") end s=m:field(DummyValue,"check_port",translate("Check Server Port")) diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm index 55ed14ef8..f34f04d7b 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm +++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm @@ -1,4 +1,4 @@ <%+cbi/valueheader%> - - + + <%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm index e37b446e9..ed91a2f22 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm +++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm @@ -1,5 +1,7 @@ <%+cbi/valueheader%> + <%=self.value%> + + + <%+cbi/valuefooter%> \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm index f5b3c079a..9c5ba66ac 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm +++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm @@ -81,39 +81,47 @@ local dsp = require "luci.dispatcher" return false; } + // set tr draggable function enableDragForTable(table_selecter, store) { var trs = document.querySelectorAll(table_selecter + " tr"); if (!trs || trs.length.length < 3) { return; } + function ondragstart(ev) { ev.dataTransfer.setData("Text", ev.target.id); } + function ondrop(ev) { var from = ev.dataTransfer.getData("Text"); cbi_row_drop(from, this.id, store); } + function ondragover(ev) { ev.preventDefault(); ev.dataTransfer.dropEffect = "move"; } + function moveToTop(id) { var top = document.querySelectorAll(table_selecter + " tr")[2]; cbi_row_drop(id, top.id, store); } + function moveToBottom(id) { console.log('moveToBottom:', id); var trList = document.querySelectorAll(table_selecter + " tr"); var bottom = trList[trList.length - 1]; cbi_row_drop(id, bottom.id, store, true); } + for (let index = 2; index < trs.length; index++) { const el = trs[index]; el.setAttribute("draggable", true); el.ondragstart = ondragstart; el.ondrop = ondrop; el.ondragover = ondragover; + // reset the behaviors of the btns var upBtns = el.querySelectorAll(".cbi-button.cbi-button-up"); if (upBtns && upBtns.length > 0) { @@ -123,6 +131,7 @@ local dsp = require "luci.dispatcher" }; }); } + var downBtns = el.querySelectorAll(".cbi-button.cbi-button-down"); if (downBtns && downBtns.length > 0) { downBtns.forEach(function (_el) { @@ -133,6 +142,7 @@ local dsp = require "luci.dispatcher" } } } + // enable enableDragForTable( "#cbi-shadowsocksr-servers table", diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm index aabc8b59f..e734af05a 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm +++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm @@ -80,6 +80,7 @@ } return false; } + function import_ssr_url(btn, urlname, sid) { var s = document.getElementById(urlname + '-status'); if (!s) @@ -97,6 +98,7 @@ s.innerHTML = "无效格式"; return false; } + var event = document.createEvent("HTMLEvents"); event.initEvent("change", true, true); if (ssu[0] == "ssr") { @@ -135,6 +137,7 @@ s.innerHTML = "导入ShadowsocksR配置信息成功"; return false; } else if (ssu[0] == "ss") { + var url0, param = ""; var sipIndex = ssu[1].indexOf("@"); var ploc = ssu[1].indexOf("#"); @@ -144,6 +147,7 @@ } else { url0 = ssu[1]; } + if (sipIndex != -1) { // SIP002 var userInfo = b64decsafe(url0.substr(0, sipIndex)); @@ -159,6 +163,7 @@ plugin = pluginNameInfo.substr(pluginNameInfo.indexOf("=") + 1) pluginOpts = pluginInfo.substr(pluginIndex + 1); } + var userInfoSplitIndex = userInfo.indexOf(":"); if (userInfoSplitIndex != -1) { method = userInfo.substr(0, userInfoSplitIndex); @@ -172,6 +177,7 @@ document.getElementsByName('cbid.shadowsocksr.' + sid + '.encrypt_method_ss')[0].value = method || ""; document.getElementsByName('cbid.shadowsocksr.' + sid + '.plugin')[0].value = plugin || ""; document.getElementsByName('cbid.shadowsocksr.' + sid + '.plugin_opts')[0].value = pluginOpts || ""; + if (param != undefined) { document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURI(param); } @@ -206,6 +212,7 @@ url0 = ssu[1] } var sstr = url0; + document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "trojan"; document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event); var team = sstr.split('@'); @@ -222,6 +229,7 @@ queryParam[decodeURIComponent(params[0])] = decodeURIComponent(params[1] || ''); } } + document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = serverPart[0]; document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port; document.getElementsByName('cbid.shadowsocksr.' + sid + '.password')[0].value = password; @@ -229,6 +237,7 @@ document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].dispatchEvent(event); document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls_host')[0].value = queryParam.peer || ''; document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].checked = queryParam.allowInsecure === '1'; + if (param != undefined) { document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURI(param); } diff --git a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po index cf0a7aa50..6052702da 100644 --- a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po +++ b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po @@ -61,21 +61,9 @@ msgstr "密码" msgid "Encrypt Method" msgstr "加密方式" -msgid "Transport" -msgstr "传输协议" - msgid "Protocol" msgstr "传输协议" -msgid "allowInsecure" -msgstr "允许不安全连接" - -msgid "Concurrency" -msgstr "最大并发连接数" - -msgid "If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates." -msgstr "是否允许不安全连接。当选择时,将不会检查远端主机所提供的 TLS 证书的有效性。" - msgid "Protocol param(optional)" msgstr "传输协议参数(可选)" diff --git a/package/lean/luci-app-ssr-plus/root/etc/ssr/china_ssr.txt b/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt similarity index 99% rename from package/lean/luci-app-ssr-plus/root/etc/ssr/china_ssr.txt rename to package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt index 4acc39721..c152a07af 100644 --- a/package/lean/luci-app-ssr-plus/root/etc/ssr/china_ssr.txt +++ b/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt @@ -1030,8 +1030,7 @@ 45.65.28.0/22 45.112.132.0/22 45.112.188.0/22 -45.112.208.0/22 -45.112.212.0/22 +45.112.208.0/21 45.112.216.0/22 45.112.220.0/22 45.112.228.0/22 @@ -1472,9 +1471,6 @@ 45.253.232.0/22 45.253.236.0/22 45.253.240.0/22 -45.253.244.0/22 -45.253.248.0/22 -45.253.252.0/22 45.254.0.0/22 45.254.4.0/22 45.254.8.0/22 @@ -1786,7 +1782,6 @@ 61.29.128.0/18 61.29.192.0/19 61.29.224.0/20 -61.29.240.0/20 61.45.128.0/18 61.45.224.0/20 61.47.128.0/18 @@ -4009,13 +4004,6 @@ 103.149.210.0/23 103.149.214.0/23 103.149.220.0/23 -103.149.242.0/23 -103.149.244.0/23 -103.149.246.0/23 -103.149.248.0/23 -103.150.24.0/23 -103.150.66.0/23 -103.150.72.0/23 103.192.0.0/22 103.192.4.0/22 103.192.8.0/22 @@ -5074,7 +5062,8 @@ 106.4.0.0/14 106.8.0.0/15 106.11.0.0/16 -106.12.0.0/14 +106.12.0.0/15 +106.14.0.0/15 106.16.0.0/12 106.32.0.0/12 106.48.0.0/15 @@ -5412,7 +5401,10 @@ 117.32.0.0/13 117.40.0.0/14 117.44.0.0/15 -117.48.0.0/14 +117.48.0.0/17 +117.48.128.0/17 +117.49.0.0/16 +117.50.0.0/15 117.53.48.0/20 117.53.176.0/20 117.57.0.0/16 @@ -5840,7 +5832,8 @@ 124.64.0.0/15 124.66.0.0/17 124.67.0.0/16 -124.68.0.0/14 +124.68.0.0/15 +124.70.0.0/15 124.72.0.0/16 124.73.0.0/16 124.74.0.0/15 diff --git a/package/lean/luci-app-ssr-plus/root/etc/ssr/netflix.list b/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list similarity index 100% rename from package/lean/luci-app-ssr-plus/root/etc/ssr/netflix.list rename to package/lean/luci-app-ssr-plus/root/etc/config/netflix.list diff --git a/package/lean/luci-app-ssr-plus/root/etc/ssr/netflixip.list b/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list similarity index 100% rename from package/lean/luci-app-ssr-plus/root/etc/ssr/netflixip.list rename to package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list diff --git a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr b/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr index f8aac0821..faaa2348b 100644 --- a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr +++ b/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr @@ -6,20 +6,25 @@ config global option dports '2' option pdnsd_enable '1' option monitor_enable '1' + option global_server 'nil' option enable_switch '1' option switch_timeout '5' option switch_time '667' option switch_try_count '3' - option gfwlist_url 'https://raw.githubusercontent.com/Loukky/gfwlist-by-loukky/master/gfwlist.txt' + option gfwlist_url 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt' option chnroute_url 'https://ispip.clang.cn/all_cn.txt' option nfip_url 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt' option adblock_url 'https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf' + option netflix_server 'same' option threads '0' - option global_server 'nil' - option netflix_server 'nil' - option netflix_proxy '0' + +config socks5_proxy + option socks '0' + option local_port '1080' + option local_address '0.0.0.0' config access_control + option wan_bp_list '/etc/china_ssr.txt' option lan_ac_mode 'b' option router_proxy '1' list wan_fw_ips '149.154.160.0/20' @@ -28,11 +33,6 @@ config access_control list wan_fw_ips '91.108.56.0/22' list wan_fw_ips '109.239.140.0/24' -config socks5_proxy - option socks '0' - option local_port '1080' - option local_address '0.0.0.0' - config server_global option enable_server '0' diff --git a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf index db07b2f02..cfeb42fc8 100644 --- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf +++ b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf @@ -1,5 +1,5 @@ -server=/.0914.global.ssl.fastly.net/127.0.0.1#5335 -ipset=/.0914.global.ssl.fastly.net/gfwlist +server=/.030buy.com/127.0.0.1#5335 +ipset=/.030buy.com/gfwlist server=/.0rz.tw/127.0.0.1#5335 ipset=/.0rz.tw/gfwlist server=/.10.tt/127.0.0.1#5335 @@ -210,10 +210,14 @@ server=/.8news.com.tw/127.0.0.1#5335 ipset=/.8news.com.tw/gfwlist server=/.8z1.net/127.0.0.1#5335 ipset=/.8z1.net/gfwlist +server=/.9001700.com/127.0.0.1#5335 +ipset=/.9001700.com/gfwlist server=/.91porn.com/127.0.0.1#5335 ipset=/.91porn.com/gfwlist server=/.91vps.club/127.0.0.1#5335 ipset=/.91vps.club/gfwlist +server=/.92ccav.com/127.0.0.1#5335 +ipset=/.92ccav.com/gfwlist server=/.991.com/127.0.0.1#5335 ipset=/.991.com/gfwlist server=/.99btgc01.com/127.0.0.1#5335 @@ -232,8 +236,6 @@ server=/.a248.e.akamai.net/127.0.0.1#5335 ipset=/.a248.e.akamai.net/gfwlist server=/.a5.com.ru/127.0.0.1#5335 ipset=/.a5.com.ru/gfwlist -server=/.a771.dscq.akamai.net/127.0.0.1#5335 -ipset=/.a771.dscq.akamai.net/gfwlist server=/.aamacau.com/127.0.0.1#5335 ipset=/.aamacau.com/gfwlist server=/.abc.com/127.0.0.1#5335 @@ -246,6 +248,8 @@ server=/.abc.xyz/127.0.0.1#5335 ipset=/.abc.xyz/gfwlist server=/.abchinese.com/127.0.0.1#5335 ipset=/.abchinese.com/gfwlist +server=/.abclite.net/127.0.0.1#5335 +ipset=/.abclite.net/gfwlist server=/.abebooks.com/127.0.0.1#5335 ipset=/.abebooks.com/gfwlist server=/.abematv.akamaized.net/127.0.0.1#5335 @@ -256,12 +260,20 @@ server=/.aboluowang.com/127.0.0.1#5335 ipset=/.aboluowang.com/gfwlist server=/.about.google/127.0.0.1#5335 ipset=/.about.google/gfwlist +server=/.aboutgfw.com/127.0.0.1#5335 +ipset=/.aboutgfw.com/gfwlist +server=/.abs.edu/127.0.0.1#5335 +ipset=/.abs.edu/gfwlist server=/.ac.jiruan.net/127.0.0.1#5335 ipset=/.ac.jiruan.net/gfwlist +server=/.accim.org/127.0.0.1#5335 +ipset=/.accim.org/gfwlist server=/.aceros-de-hispania.com/127.0.0.1#5335 ipset=/.aceros-de-hispania.com/gfwlist server=/.acevpn.com/127.0.0.1#5335 ipset=/.acevpn.com/gfwlist +server=/.acg18.me/127.0.0.1#5335 +ipset=/.acg18.me/gfwlist server=/.acgkj.com/127.0.0.1#5335 ipset=/.acgkj.com/gfwlist server=/.acmedia365.com/127.0.0.1#5335 @@ -288,6 +300,8 @@ server=/.admob.com/127.0.0.1#5335 ipset=/.admob.com/gfwlist server=/.adpl.org.hk/127.0.0.1#5335 ipset=/.adpl.org.hk/gfwlist +server=/.ads-twitter.com/127.0.0.1#5335 +ipset=/.ads-twitter.com/gfwlist server=/.adsense.com/127.0.0.1#5335 ipset=/.adsense.com/gfwlist server=/.adult-sex-games.com/127.0.0.1#5335 @@ -306,6 +320,8 @@ server=/.aex.com/127.0.0.1#5335 ipset=/.aex.com/gfwlist server=/.af.mil/127.0.0.1#5335 ipset=/.af.mil/gfwlist +server=/.agnesb.fr/127.0.0.1#5335 +ipset=/.agnesb.fr/gfwlist server=/.agoogleaday.com/127.0.0.1#5335 ipset=/.agoogleaday.com/gfwlist server=/.agro.hk/127.0.0.1#5335 @@ -336,6 +352,8 @@ server=/.aiweiweiblog.com/127.0.0.1#5335 ipset=/.aiweiweiblog.com/gfwlist server=/.akiba-online.com/127.0.0.1#5335 ipset=/.akiba-online.com/gfwlist +server=/.akiba-web.com/127.0.0.1#5335 +ipset=/.akiba-web.com/gfwlist server=/.akow.org/127.0.0.1#5335 ipset=/.akow.org/gfwlist server=/.al-islam.com/127.0.0.1#5335 @@ -396,6 +414,8 @@ server=/.alphaporno.com/127.0.0.1#5335 ipset=/.alphaporno.com/gfwlist server=/.alternate-tools.com/127.0.0.1#5335 ipset=/.alternate-tools.com/gfwlist +server=/.altrec.com/127.0.0.1#5335 +ipset=/.altrec.com/gfwlist server=/.alvinalexander.com/127.0.0.1#5335 ipset=/.alvinalexander.com/gfwlist server=/.alwaysdata.com/127.0.0.1#5335 @@ -408,8 +428,8 @@ server=/.am730.com.hk/127.0.0.1#5335 ipset=/.am730.com.hk/gfwlist server=/.amazon.co.jp/127.0.0.1#5335 ipset=/.amazon.co.jp/gfwlist -server=/.ameba.jp/127.0.0.1#5335 -ipset=/.ameba.jp/gfwlist +server=/.ameblo.jp/127.0.0.1#5335 +ipset=/.ameblo.jp/gfwlist server=/.americangreencard.com/127.0.0.1#5335 ipset=/.americangreencard.com/gfwlist server=/.americanunfinished.com/127.0.0.1#5335 @@ -450,6 +470,8 @@ server=/.andygod.com/127.0.0.1#5335 ipset=/.andygod.com/gfwlist server=/.angela-merkel.de/127.0.0.1#5335 ipset=/.angela-merkel.de/gfwlist +server=/.angola.org/127.0.0.1#5335 +ipset=/.angola.org/gfwlist server=/.angularjs.org/127.0.0.1#5335 ipset=/.angularjs.org/gfwlist server=/.animecrazy.net/127.0.0.1#5335 @@ -496,6 +518,10 @@ server=/.aolchannels.aol.com/127.0.0.1#5335 ipset=/.aolchannels.aol.com/gfwlist server=/.aomiwang.com/127.0.0.1#5335 ipset=/.aomiwang.com/gfwlist +server=/.apartmentratings.com/127.0.0.1#5335 +ipset=/.apartmentratings.com/gfwlist +server=/.apartments.com/127.0.0.1#5335 +ipset=/.apartments.com/gfwlist server=/.apetube.com/127.0.0.1#5335 ipset=/.apetube.com/gfwlist server=/.api-secure.recaptcha.net/127.0.0.1#5335 @@ -514,8 +540,6 @@ server=/.api.pureapk.com/127.0.0.1#5335 ipset=/.api.pureapk.com/gfwlist server=/.api.recaptcha.net/127.0.0.1#5335 ipset=/.api.recaptcha.net/gfwlist -server=/.api.tenor.com/127.0.0.1#5335 -ipset=/.api.tenor.com/gfwlist server=/.apiary.io/127.0.0.1#5335 ipset=/.apiary.io/gfwlist server=/.apidocs.linksalpha.com/127.0.0.1#5335 @@ -574,6 +598,8 @@ server=/.arctosia.com/127.0.0.1#5335 ipset=/.arctosia.com/gfwlist server=/.areca-backup.org/127.0.0.1#5335 ipset=/.areca-backup.org/gfwlist +server=/.arena.taipei/127.0.0.1#5335 +ipset=/.arena.taipei/gfwlist server=/.arethusa.su/127.0.0.1#5335 ipset=/.arethusa.su/gfwlist server=/.arlingtoncemetery.mil/127.0.0.1#5335 @@ -618,12 +644,16 @@ server=/.assembla.com/127.0.0.1#5335 ipset=/.assembla.com/gfwlist server=/.assets.bwbx.io/127.0.0.1#5335 ipset=/.assets.bwbx.io/gfwlist +server=/.assimp.org/127.0.0.1#5335 +ipset=/.assimp.org/gfwlist server=/.astrill.com/127.0.0.1#5335 ipset=/.astrill.com/gfwlist server=/.atc.org.au/127.0.0.1#5335 ipset=/.atc.org.au/gfwlist server=/.atchinese.com/127.0.0.1#5335 ipset=/.atchinese.com/gfwlist +server=/.atdmt.com/127.0.0.1#5335 +ipset=/.atdmt.com/gfwlist server=/.atgfw.org/127.0.0.1#5335 ipset=/.atgfw.org/gfwlist server=/.athenaeizou.com/127.0.0.1#5335 @@ -686,6 +716,8 @@ server=/.azerbaycan.tv/127.0.0.1#5335 ipset=/.azerbaycan.tv/gfwlist server=/.azerimix.com/127.0.0.1#5335 ipset=/.azerimix.com/gfwlist +server=/.azubu.tv/127.0.0.1#5335 +ipset=/.azubu.tv/gfwlist server=/.b0ne.com/127.0.0.1#5335 ipset=/.b0ne.com/gfwlist server=/.babynet.com.hk/127.0.0.1#5335 @@ -700,6 +732,8 @@ server=/.badjojo.com/127.0.0.1#5335 ipset=/.badjojo.com/gfwlist server=/.badoo.com/127.0.0.1#5335 ipset=/.badoo.com/gfwlist +server=/.baidu.jp/127.0.0.1#5335 +ipset=/.baidu.jp/gfwlist server=/.baijie.org/127.0.0.1#5335 ipset=/.baijie.org/gfwlist server=/.bailandaily.com/127.0.0.1#5335 @@ -712,8 +746,6 @@ server=/.banana-vpn.com/127.0.0.1#5335 ipset=/.banana-vpn.com/gfwlist server=/.band.us/127.0.0.1#5335 ipset=/.band.us/gfwlist -server=/.bandpage.com/127.0.0.1#5335 -ipset=/.bandpage.com/gfwlist server=/.bandwagonhost.com/127.0.0.1#5335 ipset=/.bandwagonhost.com/gfwlist server=/.bangbrosnetwork.com/127.0.0.1#5335 @@ -724,10 +756,14 @@ server=/.bangdream.space/127.0.0.1#5335 ipset=/.bangdream.space/gfwlist server=/.bangyoulater.com/127.0.0.1#5335 ipset=/.bangyoulater.com/gfwlist +server=/.bankmobilevibe.com/127.0.0.1#5335 +ipset=/.bankmobilevibe.com/gfwlist server=/.bannedbook.org/127.0.0.1#5335 ipset=/.bannedbook.org/gfwlist server=/.bannednews.org/127.0.0.1#5335 ipset=/.bannednews.org/gfwlist +server=/.banorte.com/127.0.0.1#5335 +ipset=/.banorte.com/gfwlist server=/.baramangaonline.com/127.0.0.1#5335 ipset=/.baramangaonline.com/gfwlist server=/.barenakedislam.com/127.0.0.1#5335 @@ -738,6 +774,8 @@ server=/.barton.de/127.0.0.1#5335 ipset=/.barton.de/gfwlist server=/.bartvpn.com/127.0.0.1#5335 ipset=/.bartvpn.com/gfwlist +server=/.bash-hackers.org/127.0.0.1#5335 +ipset=/.bash-hackers.org/gfwlist server=/.bastillepost.com/127.0.0.1#5335 ipset=/.bastillepost.com/gfwlist server=/.bayvoice.net/127.0.0.1#5335 @@ -748,6 +786,8 @@ server=/.bbc.co.uk/127.0.0.1#5335 ipset=/.bbc.co.uk/gfwlist server=/.bbc.com/127.0.0.1#5335 ipset=/.bbc.com/gfwlist +server=/.bbc.in/127.0.0.1#5335 +ipset=/.bbc.in/gfwlist server=/.bbcchinese.com/127.0.0.1#5335 ipset=/.bbcchinese.com/gfwlist server=/.bbchat.tv/127.0.0.1#5335 @@ -880,6 +920,8 @@ server=/.bfsh.hk/127.0.0.1#5335 ipset=/.bfsh.hk/gfwlist server=/.bgvpn.com/127.0.0.1#5335 ipset=/.bgvpn.com/gfwlist +server=/.bianlei.com/127.0.0.1#5335 +ipset=/.bianlei.com/gfwlist server=/.biantailajiao.com/127.0.0.1#5335 ipset=/.biantailajiao.com/gfwlist server=/.biantailajiao.in/127.0.0.1#5335 @@ -894,8 +936,6 @@ server=/.big.one/127.0.0.1#5335 ipset=/.big.one/gfwlist server=/.bigfools.com/127.0.0.1#5335 ipset=/.bigfools.com/gfwlist -server=/.biggo.com.tw/127.0.0.1#5335 -ipset=/.biggo.com.tw/gfwlist server=/.bigjapanesesex.com/127.0.0.1#5335 ipset=/.bigjapanesesex.com/gfwlist server=/.bigmoney.biz/127.0.0.1#5335 @@ -1082,6 +1122,8 @@ server=/.bolin.netfirms.com/127.0.0.1#5335 ipset=/.bolin.netfirms.com/gfwlist server=/.bonbonme.com/127.0.0.1#5335 ipset=/.bonbonme.com/gfwlist +server=/.bonbonsex.com/127.0.0.1#5335 +ipset=/.bonbonsex.com/gfwlist server=/.bonfoundation.org/127.0.0.1#5335 ipset=/.bonfoundation.org/gfwlist server=/.bongacams.com/127.0.0.1#5335 @@ -1310,6 +1352,8 @@ server=/.castbox.fm/127.0.0.1#5335 ipset=/.castbox.fm/gfwlist server=/.catch22.net/127.0.0.1#5335 ipset=/.catch22.net/gfwlist +server=/.catchgod.com/127.0.0.1#5335 +ipset=/.catchgod.com/gfwlist server=/.catfightpayperview.xxx/127.0.0.1#5335 ipset=/.catfightpayperview.xxx/gfwlist server=/.catholic.org.hk/127.0.0.1#5335 @@ -1558,6 +1602,8 @@ server=/.chinasoul.org/127.0.0.1#5335 ipset=/.chinasoul.org/gfwlist server=/.chinasucks.net/127.0.0.1#5335 ipset=/.chinasucks.net/gfwlist +server=/.chinatimes.com/127.0.0.1#5335 +ipset=/.chinatimes.com/gfwlist server=/.chinatopsex.com/127.0.0.1#5335 ipset=/.chinatopsex.com/gfwlist server=/.chinatown.com.au/127.0.0.1#5335 @@ -1610,6 +1656,8 @@ server=/.chithu.org/127.0.0.1#5335 ipset=/.chithu.org/gfwlist server=/.chn.chosun.com/127.0.0.1#5335 ipset=/.chn.chosun.com/gfwlist +server=/.chobit.cc/127.0.0.1#5335 +ipset=/.chobit.cc/gfwlist server=/.chrdnet.com/127.0.0.1#5335 ipset=/.chrdnet.com/gfwlist server=/.christianfreedom.org/127.0.0.1#5335 @@ -1706,8 +1754,6 @@ server=/.clinica-tibet.ru/127.0.0.1#5335 ipset=/.clinica-tibet.ru/gfwlist server=/.clipfish.de/127.0.0.1#5335 ipset=/.clipfish.de/gfwlist -server=/.clips4sale.com/127.0.0.1#5335 -ipset=/.clips4sale.com/gfwlist server=/.cloakpoint.com/127.0.0.1#5335 ipset=/.cloakpoint.com/gfwlist server=/.cloud.feedly.com/127.0.0.1#5335 @@ -1744,6 +1790,8 @@ server=/.cn.freeones.com/127.0.0.1#5335 ipset=/.cn.freeones.com/gfwlist server=/.cn.ibtimes.com/127.0.0.1#5335 ipset=/.cn.ibtimes.com/gfwlist +server=/.cn.nytstyle.com/127.0.0.1#5335 +ipset=/.cn.nytstyle.com/gfwlist server=/.cn.sandscotaicentral.com/127.0.0.1#5335 ipset=/.cn.sandscotaicentral.com/gfwlist server=/.cn.shafaqna.com/127.0.0.1#5335 @@ -1900,6 +1948,8 @@ server=/.cristyli.com/127.0.0.1#5335 ipset=/.cristyli.com/gfwlist server=/.crocotube.com/127.0.0.1#5335 ipset=/.crocotube.com/gfwlist +server=/.crossfire.co.kr/127.0.0.1#5335 +ipset=/.crossfire.co.kr/gfwlist server=/.crossthewall.net/127.0.0.1#5335 ipset=/.crossthewall.net/gfwlist server=/.crossvpn.net/127.0.0.1#5335 @@ -2066,6 +2116,8 @@ server=/.darktech.org/127.0.0.1#5335 ipset=/.darktech.org/gfwlist server=/.darktoy.net/127.0.0.1#5335 ipset=/.darktoy.net/gfwlist +server=/.darpa.mil/127.0.0.1#5335 +ipset=/.darpa.mil/gfwlist server=/.dastrassi.org/127.0.0.1#5335 ipset=/.dastrassi.org/gfwlist server=/.data-vocabulary.org/127.0.0.1#5335 @@ -2078,6 +2130,8 @@ server=/.daum.net/127.0.0.1#5335 ipset=/.daum.net/gfwlist server=/.david-kilgour.com/127.0.0.1#5335 ipset=/.david-kilgour.com/gfwlist +server=/.dawangidc.com/127.0.0.1#5335 +ipset=/.dawangidc.com/gfwlist server=/.daxa.cn/127.0.0.1#5335 ipset=/.daxa.cn/gfwlist server=/.db.tt/127.0.0.1#5335 @@ -2112,8 +2166,6 @@ server=/.deck.ly/127.0.0.1#5335 ipset=/.deck.ly/gfwlist server=/.decodet.co/127.0.0.1#5335 ipset=/.decodet.co/gfwlist -server=/.deepdiscount.com/127.0.0.1#5335 -ipset=/.deepdiscount.com/gfwlist server=/.deepmind.com/127.0.0.1#5335 ipset=/.deepmind.com/gfwlist server=/.deezer.com/127.0.0.1#5335 @@ -2176,6 +2228,8 @@ server=/.diigo.com/127.0.0.1#5335 ipset=/.diigo.com/gfwlist server=/.dilber.se/127.0.0.1#5335 ipset=/.dilber.se/gfwlist +server=/.dingchin.com.tw/127.0.0.1#5335 +ipset=/.dingchin.com.tw/gfwlist server=/.dipity.com/127.0.0.1#5335 ipset=/.dipity.com/gfwlist server=/.directcreative.com/127.0.0.1#5335 @@ -2216,10 +2270,14 @@ server=/.dlsite.com/127.0.0.1#5335 ipset=/.dlsite.com/gfwlist server=/.dlyoutube.com/127.0.0.1#5335 ipset=/.dlyoutube.com/gfwlist +server=/.dm530.net/127.0.0.1#5335 +ipset=/.dm530.net/gfwlist server=/.dmcdn.net/127.0.0.1#5335 ipset=/.dmcdn.net/gfwlist server=/.dmhy.org/127.0.0.1#5335 ipset=/.dmhy.org/gfwlist +server=/.dmm.co.jp/127.0.0.1#5335 +ipset=/.dmm.co.jp/gfwlist server=/.dns-dns.com/127.0.0.1#5335 ipset=/.dns-dns.com/gfwlist server=/.dns-stuff.com/127.0.0.1#5335 @@ -2244,6 +2302,8 @@ server=/.dnsrd.com/127.0.0.1#5335 ipset=/.dnsrd.com/gfwlist server=/.dnssec.net/127.0.0.1#5335 ipset=/.dnssec.net/gfwlist +server=/.dnvod.tv/127.0.0.1#5335 +ipset=/.dnvod.tv/gfwlist server=/.doctorvoice.org/127.0.0.1#5335 ipset=/.doctorvoice.org/gfwlist server=/.documentingreality.com/127.0.0.1#5335 @@ -2278,8 +2338,6 @@ server=/.dontmovetochina.com/127.0.0.1#5335 ipset=/.dontmovetochina.com/gfwlist server=/.dorjeshugden.com/127.0.0.1#5335 ipset=/.dorjeshugden.com/gfwlist -server=/.dotgov.gov/127.0.0.1#5335 -ipset=/.dotgov.gov/gfwlist server=/.dotplane.com/127.0.0.1#5335 ipset=/.dotplane.com/gfwlist server=/.dotsub.com/127.0.0.1#5335 @@ -2496,6 +2554,8 @@ server=/.edubridge.com/127.0.0.1#5335 ipset=/.edubridge.com/gfwlist server=/.edupro.org/127.0.0.1#5335 ipset=/.edupro.org/gfwlist +server=/.eesti.ee/127.0.0.1#5335 +ipset=/.eesti.ee/gfwlist server=/.eevpn.com/127.0.0.1#5335 ipset=/.eevpn.com/gfwlist server=/.efcc.org.hk/127.0.0.1#5335 @@ -2642,6 +2702,8 @@ server=/.eslite.com/127.0.0.1#5335 ipset=/.eslite.com/gfwlist server=/.esmtp.biz/127.0.0.1#5335 ipset=/.esmtp.biz/gfwlist +server=/.esurance.com/127.0.0.1#5335 +ipset=/.esurance.com/gfwlist server=/.etaa.org.au/127.0.0.1#5335 ipset=/.etaa.org.au/gfwlist server=/.etadult.com/127.0.0.1#5335 @@ -2848,6 +2910,8 @@ server=/.farwestchina.com/127.0.0.1#5335 ipset=/.farwestchina.com/gfwlist server=/.fast.wistia.com/127.0.0.1#5335 ipset=/.fast.wistia.com/gfwlist +server=/.fastpic.ru/127.0.0.1#5335 +ipset=/.fastpic.ru/gfwlist server=/.fastssh.com/127.0.0.1#5335 ipset=/.fastssh.com/gfwlist server=/.faststone.org/127.0.0.1#5335 @@ -2932,12 +2996,16 @@ server=/.fileflyer.com/127.0.0.1#5335 ipset=/.fileflyer.com/gfwlist server=/.files2me.com/127.0.0.1#5335 ipset=/.files2me.com/gfwlist +server=/.filesor.com/127.0.0.1#5335 +ipset=/.filesor.com/gfwlist server=/.fillthesquare.org/127.0.0.1#5335 ipset=/.fillthesquare.org/gfwlist server=/.filmingfortibet.org/127.0.0.1#5335 ipset=/.filmingfortibet.org/gfwlist server=/.filthdump.com/127.0.0.1#5335 ipset=/.filthdump.com/gfwlist +server=/.financetwitter.com/127.0.0.1#5335 +ipset=/.financetwitter.com/gfwlist server=/.finchvpn.com/127.0.0.1#5335 ipset=/.finchvpn.com/gfwlist server=/.findmespot.com/127.0.0.1#5335 @@ -2994,6 +3062,10 @@ server=/.flyvpn.com/127.0.0.1#5335 ipset=/.flyvpn.com/gfwlist server=/.flyzy2005.com/127.0.0.1#5335 ipset=/.flyzy2005.com/gfwlist +server=/.fnac.be/127.0.0.1#5335 +ipset=/.fnac.be/gfwlist +server=/.fnac.com/127.0.0.1#5335 +ipset=/.fnac.com/gfwlist server=/.fochk.org/127.0.0.1#5335 ipset=/.fochk.org/gfwlist server=/.focustaiwan.tw/127.0.0.1#5335 @@ -3246,6 +3318,8 @@ server=/.fw.cm/127.0.0.1#5335 ipset=/.fw.cm/gfwlist server=/.fxcm-chinese.com/127.0.0.1#5335 ipset=/.fxcm-chinese.com/gfwlist +server=/.fxnetworks.com/127.0.0.1#5335 +ipset=/.fxnetworks.com/gfwlist server=/.fzh999.com/127.0.0.1#5335 ipset=/.fzh999.com/gfwlist server=/.fzh999.net/127.0.0.1#5335 @@ -3396,6 +3470,10 @@ server=/.getsync.com/127.0.0.1#5335 ipset=/.getsync.com/gfwlist server=/.gettrials.com/127.0.0.1#5335 ipset=/.gettrials.com/gfwlist +server=/.gettyimages.com/127.0.0.1#5335 +ipset=/.gettyimages.com/gfwlist +server=/.getuploader.com/127.0.0.1#5335 +ipset=/.getuploader.com/gfwlist server=/.gfbv.de/127.0.0.1#5335 ipset=/.gfbv.de/gfwlist server=/.gfgold.com.hk/127.0.0.1#5335 @@ -3434,6 +3512,8 @@ server=/.gjczz.com/127.0.0.1#5335 ipset=/.gjczz.com/gfwlist server=/.glass8.eu/127.0.0.1#5335 ipset=/.glass8.eu/gfwlist +server=/.global.bing.com/127.0.0.1#5335 +ipset=/.global.bing.com/gfwlist server=/.globaljihad.net/127.0.0.1#5335 ipset=/.globaljihad.net/gfwlist server=/.globalmediaoutreach.com/127.0.0.1#5335 @@ -3456,6 +3536,8 @@ server=/.gloryhole.com/127.0.0.1#5335 ipset=/.gloryhole.com/gfwlist server=/.glorystar.me/127.0.0.1#5335 ipset=/.glorystar.me/gfwlist +server=/.glype.com/127.0.0.1#5335 +ipset=/.glype.com/gfwlist server=/.gmail.com/127.0.0.1#5335 ipset=/.gmail.com/gfwlist server=/.gmbd.cn/127.0.0.1#5335 @@ -4024,6 +4106,8 @@ server=/.hitbtc.com/127.0.0.1#5335 ipset=/.hitbtc.com/gfwlist server=/.hitomi.la/127.0.0.1#5335 ipset=/.hitomi.la/gfwlist +server=/.hiwifi.com/127.0.0.1#5335 +ipset=/.hiwifi.com/gfwlist server=/.hizb-ut-tahrir.info/127.0.0.1#5335 ipset=/.hizb-ut-tahrir.info/gfwlist server=/.hizb-ut-tahrir.org/127.0.0.1#5335 @@ -4130,6 +4214,10 @@ server=/.hkzone.org/127.0.0.1#5335 ipset=/.hkzone.org/gfwlist server=/.hmonghot.com/127.0.0.1#5335 ipset=/.hmonghot.com/gfwlist +server=/.hmvdigital.ca/127.0.0.1#5335 +ipset=/.hmvdigital.ca/gfwlist +server=/.hmvdigital.com/127.0.0.1#5335 +ipset=/.hmvdigital.com/gfwlist server=/.hnjhj.com/127.0.0.1#5335 ipset=/.hnjhj.com/gfwlist server=/.hnntube.com/127.0.0.1#5335 @@ -4146,6 +4234,8 @@ server=/.holyspiritspeaks.org/127.0.0.1#5335 ipset=/.holyspiritspeaks.org/gfwlist server=/.home.sina.com/127.0.0.1#5335 ipset=/.home.sina.com/gfwlist +server=/.homedepot.com/127.0.0.1#5335 +ipset=/.homedepot.com/gfwlist server=/.homeperversion.com/127.0.0.1#5335 ipset=/.homeperversion.com/gfwlist server=/.homeservershow.com/127.0.0.1#5335 @@ -4158,6 +4248,8 @@ server=/.hongzhi.li/127.0.0.1#5335 ipset=/.hongzhi.li/gfwlist server=/.hootsuite.com/127.0.0.1#5335 ipset=/.hootsuite.com/gfwlist +server=/.hoovers.com/127.0.0.1#5335 +ipset=/.hoovers.com/gfwlist server=/.hopedialogue.org/127.0.0.1#5335 ipset=/.hopedialogue.org/gfwlist server=/.hopto.org/127.0.0.1#5335 @@ -4430,6 +4522,8 @@ server=/.illusionfactory.com/127.0.0.1#5335 ipset=/.illusionfactory.com/gfwlist server=/.ilove80.be/127.0.0.1#5335 ipset=/.ilove80.be/gfwlist +server=/.ilovelongtoes.com/127.0.0.1#5335 +ipset=/.ilovelongtoes.com/gfwlist server=/.im.tv/127.0.0.1#5335 ipset=/.im.tv/gfwlist server=/.im88.tw/127.0.0.1#5335 @@ -4442,6 +4536,8 @@ server=/.imageflea.com/127.0.0.1#5335 ipset=/.imageflea.com/gfwlist server=/.images-gaytube.com/127.0.0.1#5335 ipset=/.images-gaytube.com/gfwlist +server=/.images.comico.tw/127.0.0.1#5335 +ipset=/.images.comico.tw/gfwlist server=/.imageshack.us/127.0.0.1#5335 ipset=/.imageshack.us/gfwlist server=/.imagevenue.com/127.0.0.1#5335 @@ -4568,6 +4664,8 @@ server=/.isaacmao.com/127.0.0.1#5335 ipset=/.isaacmao.com/gfwlist server=/.isasecret.com/127.0.0.1#5335 ipset=/.isasecret.com/gfwlist +server=/.isc.sans.edu/127.0.0.1#5335 +ipset=/.isc.sans.edu/gfwlist server=/.isgreat.org/127.0.0.1#5335 ipset=/.isgreat.org/gfwlist server=/.islahhaber.net/127.0.0.1#5335 @@ -4672,8 +4770,6 @@ server=/.jav68.tv/127.0.0.1#5335 ipset=/.jav68.tv/gfwlist server=/.javakiba.org/127.0.0.1#5335 ipset=/.javakiba.org/gfwlist -server=/.javbus.co/127.0.0.1#5335 -ipset=/.javbus.co/gfwlist server=/.javbus.com/127.0.0.1#5335 ipset=/.javbus.com/gfwlist server=/.javfor.me/127.0.0.1#5335 @@ -4682,6 +4778,10 @@ server=/.javhd.com/127.0.0.1#5335 ipset=/.javhd.com/gfwlist server=/.javhip.com/127.0.0.1#5335 ipset=/.javhip.com/gfwlist +server=/.javhub.net/127.0.0.1#5335 +ipset=/.javhub.net/gfwlist +server=/.javhuge.com/127.0.0.1#5335 +ipset=/.javhuge.com/gfwlist server=/.javlibrary.com/127.0.0.1#5335 ipset=/.javlibrary.com/gfwlist server=/.javmobile.net/127.0.0.1#5335 @@ -4704,6 +4804,8 @@ server=/.jbtalks.com/127.0.0.1#5335 ipset=/.jbtalks.com/gfwlist server=/.jbtalks.my/127.0.0.1#5335 ipset=/.jbtalks.my/gfwlist +server=/.jcpenney.com/127.0.0.1#5335 +ipset=/.jcpenney.com/gfwlist server=/.jdwsy.com/127.0.0.1#5335 ipset=/.jdwsy.com/gfwlist server=/.jeanyim.com/127.0.0.1#5335 @@ -4736,6 +4838,8 @@ server=/.jihadology.net/127.0.0.1#5335 ipset=/.jihadology.net/gfwlist server=/.jiji.com/127.0.0.1#5335 ipset=/.jiji.com/gfwlist +server=/.jims.net/127.0.0.1#5335 +ipset=/.jims.net/gfwlist server=/.jinbushe.org/127.0.0.1#5335 ipset=/.jinbushe.org/gfwlist server=/.jingpin.org/127.0.0.1#5335 @@ -4870,6 +4974,8 @@ server=/.kawaiikawaii.jp/127.0.0.1#5335 ipset=/.kawaiikawaii.jp/gfwlist server=/.kawase.com/127.0.0.1#5335 ipset=/.kawase.com/gfwlist +server=/.kb.monitorware.com/127.0.0.1#5335 +ipset=/.kb.monitorware.com/gfwlist server=/.kba-tx.org/127.0.0.1#5335 ipset=/.kba-tx.org/gfwlist server=/.kcoolonline.com/127.0.0.1#5335 @@ -4892,8 +4998,12 @@ server=/.kepard.com/127.0.0.1#5335 ipset=/.kepard.com/gfwlist server=/.kex.com/127.0.0.1#5335 ipset=/.kex.com/gfwlist +server=/.keycdn.com/127.0.0.1#5335 +ipset=/.keycdn.com/gfwlist server=/.khabdha.org/127.0.0.1#5335 ipset=/.khabdha.org/gfwlist +server=/.khatrimaza.org/127.0.0.1#5335 +ipset=/.khatrimaza.org/gfwlist server=/.khmusic.com.tw/127.0.0.1#5335 ipset=/.khmusic.com.tw/gfwlist server=/.kichiku-doujinko.com/127.0.0.1#5335 @@ -4930,6 +5040,8 @@ server=/.kk-whys.co.jp/127.0.0.1#5335 ipset=/.kk-whys.co.jp/gfwlist server=/.kkbox.com/127.0.0.1#5335 ipset=/.kkbox.com/gfwlist +server=/.kknews.cc/127.0.0.1#5335 +ipset=/.kknews.cc/gfwlist server=/.kmuh.org.tw/127.0.0.1#5335 ipset=/.kmuh.org.tw/gfwlist server=/.kobo.com/127.0.0.1#5335 @@ -5054,6 +5166,8 @@ server=/.leirentv.ca/127.0.0.1#5335 ipset=/.leirentv.ca/gfwlist server=/.leisurecafe.ca/127.0.0.1#5335 ipset=/.leisurecafe.ca/gfwlist +server=/.leisurepro.com/127.0.0.1#5335 +ipset=/.leisurepro.com/gfwlist server=/.lematin.ch/127.0.0.1#5335 ipset=/.lematin.ch/gfwlist server=/.lemonde.fr/127.0.0.1#5335 @@ -5094,6 +5208,8 @@ server=/.liberal.org.hk/127.0.0.1#5335 ipset=/.liberal.org.hk/gfwlist server=/.libertytimes.com.tw/127.0.0.1#5335 ipset=/.libertytimes.com.tw/gfwlist +server=/.lifemiles.com/127.0.0.1#5335 +ipset=/.lifemiles.com/gfwlist server=/.lighten.org.tw/127.0.0.1#5335 ipset=/.lighten.org.tw/gfwlist server=/.lighti.me/127.0.0.1#5335 @@ -5200,6 +5316,8 @@ server=/.longmusic.com/127.0.0.1#5335 ipset=/.longmusic.com/gfwlist server=/.longtermly.net/127.0.0.1#5335 ipset=/.longtermly.net/gfwlist +server=/.longtoes.com/127.0.0.1#5335 +ipset=/.longtoes.com/gfwlist server=/.lookpic.com/127.0.0.1#5335 ipset=/.lookpic.com/gfwlist server=/.looktoronto.com/127.0.0.1#5335 @@ -5258,6 +5376,8 @@ server=/.m.plixi.com/127.0.0.1#5335 ipset=/.m.plixi.com/gfwlist server=/.m.slandr.net/127.0.0.1#5335 ipset=/.m.slandr.net/gfwlist +server=/.macgamestore.com/127.0.0.1#5335 +ipset=/.macgamestore.com/gfwlist server=/.macrovpn.com/127.0.0.1#5335 ipset=/.macrovpn.com/gfwlist server=/.macts.com.tw/127.0.0.1#5335 @@ -5300,6 +5420,10 @@ server=/.mamingzhe.com/127.0.0.1#5335 ipset=/.mamingzhe.com/gfwlist server=/.manchukuo.net/127.0.0.1#5335 ipset=/.manchukuo.net/gfwlist +server=/.mangafox.com/127.0.0.1#5335 +ipset=/.mangafox.com/gfwlist +server=/.mangafox.me/127.0.0.1#5335 +ipset=/.mangafox.me/gfwlist server=/.maniash.com/127.0.0.1#5335 ipset=/.maniash.com/gfwlist server=/.manicur4ik.ru/127.0.0.1#5335 @@ -5450,6 +5574,8 @@ server=/.meyou.jp/127.0.0.1#5335 ipset=/.meyou.jp/gfwlist server=/.meyul.com/127.0.0.1#5335 ipset=/.meyul.com/gfwlist +server=/.mfxmedia.com/127.0.0.1#5335 +ipset=/.mfxmedia.com/gfwlist server=/.mgoon.com/127.0.0.1#5335 ipset=/.mgoon.com/gfwlist server=/.mgstage.com/127.0.0.1#5335 @@ -5620,6 +5746,8 @@ server=/.moodyz.com/127.0.0.1#5335 ipset=/.moodyz.com/gfwlist server=/.moonbbs.com/127.0.0.1#5335 ipset=/.moonbbs.com/gfwlist +server=/.moonbingo.com/127.0.0.1#5335 +ipset=/.moonbingo.com/gfwlist server=/.morningsun.org/127.0.0.1#5335 ipset=/.morningsun.org/gfwlist server=/.moroneta.com/127.0.0.1#5335 @@ -5696,6 +5824,8 @@ server=/.muzi.com/127.0.0.1#5335 ipset=/.muzi.com/gfwlist server=/.muzi.net/127.0.0.1#5335 ipset=/.muzi.net/gfwlist +server=/.muzu.tv/127.0.0.1#5335 +ipset=/.muzu.tv/gfwlist server=/.mvdis.gov.tw/127.0.0.1#5335 ipset=/.mvdis.gov.tw/gfwlist server=/.mvg.jp/127.0.0.1#5335 @@ -5856,8 +5986,6 @@ server=/.nccwatch.org.tw/127.0.0.1#5335 ipset=/.nccwatch.org.tw/gfwlist server=/.nch.com.tw/127.0.0.1#5335 ipset=/.nch.com.tw/gfwlist -server=/.nchrd.org/127.0.0.1#5335 -ipset=/.nchrd.org/gfwlist server=/.ncn.org/127.0.0.1#5335 ipset=/.ncn.org/gfwlist server=/.nde.de/127.0.0.1#5335 @@ -5868,6 +5996,8 @@ server=/.ned.org/127.0.0.1#5335 ipset=/.ned.org/gfwlist server=/.nekoslovakia.net/127.0.0.1#5335 ipset=/.nekoslovakia.net/gfwlist +server=/.neo-miracle.com/127.0.0.1#5335 +ipset=/.neo-miracle.com/gfwlist server=/.nepusoku.com/127.0.0.1#5335 ipset=/.nepusoku.com/gfwlist server=/.net-fits.pro/127.0.0.1#5335 @@ -5998,6 +6128,8 @@ server=/.nic.cz.cc/127.0.0.1#5335 ipset=/.nic.cz.cc/gfwlist server=/.nic.google/127.0.0.1#5335 ipset=/.nic.google/gfwlist +server=/.nic.gov/127.0.0.1#5335 +ipset=/.nic.gov/gfwlist server=/.nicovideo.jp/127.0.0.1#5335 ipset=/.nicovideo.jp/gfwlist server=/.nighost.org/127.0.0.1#5335 @@ -6044,14 +6176,16 @@ server=/.norbulingka.org/127.0.0.1#5335 ipset=/.norbulingka.org/gfwlist server=/.nordstrom.com/127.0.0.1#5335 ipset=/.nordstrom.com/gfwlist -server=/.nordstrommedia.com/127.0.0.1#5335 -ipset=/.nordstrommedia.com/gfwlist +server=/.nordstromimage.com/127.0.0.1#5335 +ipset=/.nordstromimage.com/gfwlist server=/.nordstromrack.com/127.0.0.1#5335 ipset=/.nordstromrack.com/gfwlist server=/.nordvpn.com/127.0.0.1#5335 ipset=/.nordvpn.com/gfwlist server=/.notify.dropboxapi.com/127.0.0.1#5335 ipset=/.notify.dropboxapi.com/gfwlist +server=/.nottinghampost.com/127.0.0.1#5335 +ipset=/.nottinghampost.com/gfwlist server=/.novelasia.com/127.0.0.1#5335 ipset=/.novelasia.com/gfwlist server=/.now.com/127.0.0.1#5335 @@ -6072,6 +6206,8 @@ server=/.npnt.me/127.0.0.1#5335 ipset=/.npnt.me/gfwlist server=/.nps.gov/127.0.0.1#5335 ipset=/.nps.gov/gfwlist +server=/.npsboost.com/127.0.0.1#5335 +ipset=/.npsboost.com/gfwlist server=/.nradio.me/127.0.0.1#5335 ipset=/.nradio.me/gfwlist server=/.nrk.no/127.0.0.1#5335 @@ -6110,6 +6246,8 @@ server=/.ntdtv.co.kr/127.0.0.1#5335 ipset=/.ntdtv.co.kr/gfwlist server=/.ntdtv.com/127.0.0.1#5335 ipset=/.ntdtv.com/gfwlist +server=/.ntdtv.cz/127.0.0.1#5335 +ipset=/.ntdtv.cz/gfwlist server=/.ntdtv.org/127.0.0.1#5335 ipset=/.ntdtv.org/gfwlist server=/.ntdtv.ru/127.0.0.1#5335 @@ -6122,14 +6260,14 @@ server=/.ntsna.gov.tw/127.0.0.1#5335 ipset=/.ntsna.gov.tw/gfwlist server=/.nubiles.net/127.0.0.1#5335 ipset=/.nubiles.net/gfwlist -server=/.nudezz.com/127.0.0.1#5335 -ipset=/.nudezz.com/gfwlist server=/.nuexpo.com/127.0.0.1#5335 ipset=/.nuexpo.com/gfwlist server=/.nukistream.com/127.0.0.1#5335 ipset=/.nukistream.com/gfwlist server=/.nurgo-software.com/127.0.0.1#5335 ipset=/.nurgo-software.com/gfwlist +server=/.nusatrip.com/127.0.0.1#5335 +ipset=/.nusatrip.com/gfwlist server=/.nutaku.net/127.0.0.1#5335 ipset=/.nutaku.net/gfwlist server=/.nuuvem.com/127.0.0.1#5335 @@ -6194,8 +6332,6 @@ server=/.ocreampies.com/127.0.0.1#5335 ipset=/.ocreampies.com/gfwlist server=/.ocry.com/127.0.0.1#5335 ipset=/.ocry.com/gfwlist -server=/.ocsp.int-x3.letsencrypt.org/127.0.0.1#5335 -ipset=/.ocsp.int-x3.letsencrypt.org/gfwlist server=/.october-review.org/127.0.0.1#5335 ipset=/.october-review.org/gfwlist server=/.oculus.com/127.0.0.1#5335 @@ -6246,6 +6382,8 @@ server=/.on.cc/127.0.0.1#5335 ipset=/.on.cc/gfwlist server=/.on2.com/127.0.0.1#5335 ipset=/.on2.com/gfwlist +server=/.onapp.com/127.0.0.1#5335 +ipset=/.onapp.com/gfwlist server=/.onedrive.live.com/127.0.0.1#5335 ipset=/.onedrive.live.com/gfwlist server=/.onedumb.com/127.0.0.1#5335 @@ -6278,6 +6416,8 @@ server=/.onmypc.us/127.0.0.1#5335 ipset=/.onmypc.us/gfwlist server=/.onthehunt.com/127.0.0.1#5335 ipset=/.onthehunt.com/gfwlist +server=/.ontrac.com/127.0.0.1#5335 +ipset=/.ontrac.com/gfwlist server=/.oopsforum.com/127.0.0.1#5335 ipset=/.oopsforum.com/gfwlist server=/.open.com.hk/127.0.0.1#5335 @@ -6300,6 +6440,8 @@ server=/.openvpn.org/127.0.0.1#5335 ipset=/.openvpn.org/gfwlist server=/.openwebster.com/127.0.0.1#5335 ipset=/.openwebster.com/gfwlist +server=/.openwrt.org.cn/127.0.0.1#5335 +ipset=/.openwrt.org.cn/gfwlist server=/.opml.radiotime.com/127.0.0.1#5335 ipset=/.opml.radiotime.com/gfwlist server=/.opus-gaming.com/127.0.0.1#5335 @@ -6410,8 +6552,8 @@ server=/.paradisehill.cc/127.0.0.1#5335 ipset=/.paradisehill.cc/gfwlist server=/.paradisepoker.com/127.0.0.1#5335 ipset=/.paradisepoker.com/gfwlist -server=/.parts.blog.livedoor.jp/127.0.0.1#5335 -ipset=/.parts.blog.livedoor.jp/gfwlist +server=/.parkansky.com/127.0.0.1#5335 +ipset=/.parkansky.com/gfwlist server=/.partycasino.com/127.0.0.1#5335 ipset=/.partycasino.com/gfwlist server=/.partypoker.com/127.0.0.1#5335 @@ -6670,8 +6812,6 @@ server=/.pornhub.com/127.0.0.1#5335 ipset=/.pornhub.com/gfwlist server=/.pornhubdeutsch.net/127.0.0.1#5335 ipset=/.pornhubdeutsch.net/gfwlist -server=/.pornhubpremium.com/127.0.0.1#5335 -ipset=/.pornhubpremium.com/gfwlist server=/.pornmm.net/127.0.0.1#5335 ipset=/.pornmm.net/gfwlist server=/.pornoxo.com/127.0.0.1#5335 @@ -6766,8 +6906,6 @@ server=/.proxomitron.info/127.0.0.1#5335 ipset=/.proxomitron.info/gfwlist server=/.proxpn.com/127.0.0.1#5335 ipset=/.proxpn.com/gfwlist -server=/.proxy.org/127.0.0.1#5335 -ipset=/.proxy.org/gfwlist server=/.proxy1.xyz/127.0.0.1#5335 ipset=/.proxy1.xyz/gfwlist server=/.proxyanonimo.es/127.0.0.1#5335 @@ -6810,8 +6948,6 @@ server=/.pttvan.org/127.0.0.1#5335 ipset=/.pttvan.org/gfwlist server=/.pubu.com.tw/127.0.0.1#5335 ipset=/.pubu.com.tw/gfwlist -server=/.puffin.com/127.0.0.1#5335 -ipset=/.puffin.com/gfwlist server=/.puffinbrowser.com/127.0.0.1#5335 ipset=/.puffinbrowser.com/gfwlist server=/.puffstore.com/127.0.0.1#5335 @@ -6820,6 +6956,8 @@ server=/.pullfolio.com/127.0.0.1#5335 ipset=/.pullfolio.com/gfwlist server=/.pulse.yahoo.com/127.0.0.1#5335 ipset=/.pulse.yahoo.com/gfwlist +server=/.pure18.com/127.0.0.1#5335 +ipset=/.pure18.com/gfwlist server=/.pureconcepts.net/127.0.0.1#5335 ipset=/.pureconcepts.net/gfwlist server=/.pureinsight.org/127.0.0.1#5335 @@ -6846,6 +6984,8 @@ server=/.pwned.com/127.0.0.1#5335 ipset=/.pwned.com/gfwlist server=/.python.com/127.0.0.1#5335 ipset=/.python.com/gfwlist +server=/.pytorch.org/127.0.0.1#5335 +ipset=/.pytorch.org/gfwlist server=/.qanote.com/127.0.0.1#5335 ipset=/.qanote.com/gfwlist server=/.qgirl.com.tw/127.0.0.1#5335 @@ -6872,6 +7012,8 @@ server=/.qoos.com/127.0.0.1#5335 ipset=/.qoos.com/gfwlist server=/.qpoe.com/127.0.0.1#5335 ipset=/.qpoe.com/gfwlist +server=/.qq.co.za/127.0.0.1#5335 +ipset=/.qq.co.za/gfwlist server=/.qstatus.com/127.0.0.1#5335 ipset=/.qstatus.com/gfwlist server=/.qtrac.eu/127.0.0.1#5335 @@ -6904,6 +7046,8 @@ server=/.qxbbs.org/127.0.0.1#5335 ipset=/.qxbbs.org/gfwlist server=/.qz.com/127.0.0.1#5335 ipset=/.qz.com/gfwlist +server=/.r18.com/127.0.0.1#5335 +ipset=/.r18.com/gfwlist server=/.ra.gg/127.0.0.1#5335 ipset=/.ra.gg/gfwlist server=/.radicalparty.org/127.0.0.1#5335 @@ -6926,8 +7070,8 @@ server=/.raidtalk.com.tw/127.0.0.1#5335 ipset=/.raidtalk.com.tw/gfwlist server=/.raizoji.or.jp/127.0.0.1#5335 ipset=/.raizoji.or.jp/gfwlist -server=/.rakuten.co.jp/127.0.0.1#5335 -ipset=/.rakuten.co.jp/gfwlist +server=/.ramcity.com.au/127.0.0.1#5335 +ipset=/.ramcity.com.au/gfwlist server=/.rangwang.biz/127.0.0.1#5335 ipset=/.rangwang.biz/gfwlist server=/.rangzen.com/127.0.0.1#5335 @@ -6964,6 +7108,12 @@ server=/.rcinet.ca/127.0.0.1#5335 ipset=/.rcinet.ca/gfwlist server=/.rconversation.blogs.com/127.0.0.1#5335 ipset=/.rconversation.blogs.com/gfwlist +server=/.rd.com/127.0.0.1#5335 +ipset=/.rd.com/gfwlist +server=/.rdio.com/127.0.0.1#5335 +ipset=/.rdio.com/gfwlist +server=/.read01.com/127.0.0.1#5335 +ipset=/.read01.com/gfwlist server=/.read100.com/127.0.0.1#5335 ipset=/.read100.com/gfwlist server=/.readingtimes.com.tw/127.0.0.1#5335 @@ -6976,6 +7126,8 @@ server=/.realcourage.org/127.0.0.1#5335 ipset=/.realcourage.org/gfwlist server=/.realforum.zkiz.com/127.0.0.1#5335 ipset=/.realforum.zkiz.com/gfwlist +server=/.realitykings.com/127.0.0.1#5335 +ipset=/.realitykings.com/gfwlist server=/.realraptalk.com/127.0.0.1#5335 ipset=/.realraptalk.com/gfwlist server=/.realsexpass.com/127.0.0.1#5335 @@ -7146,6 +7298,8 @@ server=/.s-cute.com/127.0.0.1#5335 ipset=/.s-cute.com/gfwlist server=/.s-dragon.org/127.0.0.1#5335 ipset=/.s-dragon.org/gfwlist +server=/.s1.nudezz.com/127.0.0.1#5335 +ipset=/.s1.nudezz.com/gfwlist server=/.s1heng.com/127.0.0.1#5335 ipset=/.s1heng.com/gfwlist server=/.s1s1s1.com/127.0.0.1#5335 @@ -7318,6 +7472,8 @@ server=/.sexinsex.net/127.0.0.1#5335 ipset=/.sexinsex.net/gfwlist server=/.sextvx.com/127.0.0.1#5335 ipset=/.sextvx.com/gfwlist +server=/.sexxxy.biz/127.0.0.1#5335 +ipset=/.sexxxy.biz/gfwlist server=/.sfileydy.com/127.0.0.1#5335 ipset=/.sfileydy.com/gfwlist server=/.sfshibao.com/127.0.0.1#5335 @@ -7358,6 +7514,8 @@ server=/.shapeservices.com/127.0.0.1#5335 ipset=/.shapeservices.com/gfwlist server=/.share.america.gov/127.0.0.1#5335 ipset=/.share.america.gov/gfwlist +server=/.share.dmhy.org/127.0.0.1#5335 +ipset=/.share.dmhy.org/gfwlist server=/.share.youthwant.com.tw/127.0.0.1#5335 ipset=/.share.youthwant.com.tw/gfwlist server=/.sharebee.com/127.0.0.1#5335 @@ -7394,8 +7552,6 @@ server=/.shicheng.org/127.0.0.1#5335 ipset=/.shicheng.org/gfwlist server=/.shiksha.com/127.0.0.1#5335 ipset=/.shiksha.com/gfwlist -server=/.shiksha.ws/127.0.0.1#5335 -ipset=/.shiksha.ws/gfwlist server=/.shinychan.com/127.0.0.1#5335 ipset=/.shinychan.com/gfwlist server=/.shipcamouflage.com/127.0.0.1#5335 @@ -7464,6 +7620,8 @@ server=/.sino-monthly.com/127.0.0.1#5335 ipset=/.sino-monthly.com/gfwlist server=/.sinoants.com/127.0.0.1#5335 ipset=/.sinoants.com/gfwlist +server=/.sinocast.com/127.0.0.1#5335 +ipset=/.sinocast.com/gfwlist server=/.sinocism.com/127.0.0.1#5335 ipset=/.sinocism.com/gfwlist server=/.sinomontreal.ca/127.0.0.1#5335 @@ -7512,6 +7670,8 @@ server=/.skyvegas.com/127.0.0.1#5335 ipset=/.skyvegas.com/gfwlist server=/.skyxvpn.com/127.0.0.1#5335 ipset=/.skyxvpn.com/gfwlist +server=/.slacker.com/127.0.0.1#5335 +ipset=/.slacker.com/gfwlist server=/.slaytizle.com/127.0.0.1#5335 ipset=/.slaytizle.com/gfwlist server=/.sleazydream.com/127.0.0.1#5335 @@ -7652,6 +7812,8 @@ server=/.southnews.com.tw/127.0.0.1#5335 ipset=/.southnews.com.tw/gfwlist server=/.sowers.org.hk/127.0.0.1#5335 ipset=/.sowers.org.hk/gfwlist +server=/.soylentnews.org/127.0.0.1#5335 +ipset=/.soylentnews.org/gfwlist server=/.spaces.hightail.com/127.0.0.1#5335 ipset=/.spaces.hightail.com/gfwlist server=/.spankbang.com/127.0.0.1#5335 @@ -7686,8 +7848,12 @@ server=/.spotflux.com/127.0.0.1#5335 ipset=/.spotflux.com/gfwlist server=/.spotify.com/127.0.0.1#5335 ipset=/.spotify.com/gfwlist +server=/.spreadshirt.es/127.0.0.1#5335 +ipset=/.spreadshirt.es/gfwlist server=/.spring4u.info/127.0.0.1#5335 ipset=/.spring4u.info/gfwlist +server=/.springboardplatform.com/127.0.0.1#5335 +ipset=/.springboardplatform.com/gfwlist server=/.sproutcore.com/127.0.0.1#5335 ipset=/.sproutcore.com/gfwlist server=/.sproxy.info/127.0.0.1#5335 @@ -7710,6 +7876,8 @@ server=/.ssglobal.me/127.0.0.1#5335 ipset=/.ssglobal.me/gfwlist server=/.ssh91.com/127.0.0.1#5335 ipset=/.ssh91.com/gfwlist +server=/.ssl.webpack.de/127.0.0.1#5335 +ipset=/.ssl.webpack.de/gfwlist server=/.ssl443.org/127.0.0.1#5335 ipset=/.ssl443.org/gfwlist server=/.sspanel.net/127.0.0.1#5335 @@ -7742,6 +7910,8 @@ server=/.stat.gov.tw/127.0.0.1#5335 ipset=/.stat.gov.tw/gfwlist server=/.static-economist.com/127.0.0.1#5335 ipset=/.static-economist.com/gfwlist +server=/.static.comico.tw/127.0.0.1#5335 +ipset=/.static.comico.tw/gfwlist server=/.static.shemalez.com/127.0.0.1#5335 ipset=/.static.shemalez.com/gfwlist server=/.static01.nyt.com/127.0.0.1#5335 @@ -7850,6 +8020,8 @@ server=/.supchina.com/127.0.0.1#5335 ipset=/.supchina.com/gfwlist server=/.superfreevpn.com/127.0.0.1#5335 ipset=/.superfreevpn.com/gfwlist +server=/.superokayama.com/127.0.0.1#5335 +ipset=/.superokayama.com/gfwlist server=/.superpages.com/127.0.0.1#5335 ipset=/.superpages.com/gfwlist server=/.supervpn.net/127.0.0.1#5335 @@ -7872,6 +8044,8 @@ server=/.suyangg.com/127.0.0.1#5335 ipset=/.suyangg.com/gfwlist server=/.svsfx.com/127.0.0.1#5335 ipset=/.svsfx.com/gfwlist +server=/.swagbucks.com/127.0.0.1#5335 +ipset=/.swagbucks.com/gfwlist server=/.swissinfo.ch/127.0.0.1#5335 ipset=/.swissinfo.ch/gfwlist server=/.swissvpn.net/127.0.0.1#5335 @@ -7990,6 +8164,8 @@ server=/.taoism.net/127.0.0.1#5335 ipset=/.taoism.net/gfwlist server=/.taolun.info/127.0.0.1#5335 ipset=/.taolun.info/gfwlist +server=/.tapanwap.com/127.0.0.1#5335 +ipset=/.tapanwap.com/gfwlist server=/.tapatalk.com/127.0.0.1#5335 ipset=/.tapatalk.com/gfwlist server=/.tascn.com.au/127.0.0.1#5335 @@ -8862,6 +9038,8 @@ server=/.twitterrific.com/127.0.0.1#5335 ipset=/.twitterrific.com/gfwlist server=/.twittertim.es/127.0.0.1#5335 ipset=/.twittertim.es/gfwlist +server=/.twitthat.com/127.0.0.1#5335 +ipset=/.twitthat.com/gfwlist server=/.twitturk.com/127.0.0.1#5335 ipset=/.twitturk.com/gfwlist server=/.twitturly.com/127.0.0.1#5335 @@ -9072,6 +9250,8 @@ server=/.uyghurcongress.org/127.0.0.1#5335 ipset=/.uyghurcongress.org/gfwlist server=/.uyghurensemble.co.uk/127.0.0.1#5335 ipset=/.uyghurensemble.co.uk/gfwlist +server=/.uyghurpen.org/127.0.0.1#5335 +ipset=/.uyghurpen.org/gfwlist server=/.uyghurpress.com/127.0.0.1#5335 ipset=/.uyghurpress.com/gfwlist server=/.uyghurstudies.org/127.0.0.1#5335 @@ -9228,6 +9408,8 @@ server=/.vocn.tv/127.0.0.1#5335 ipset=/.vocn.tv/gfwlist server=/.vod-abematv.akamaized.net/127.0.0.1#5335 ipset=/.vod-abematv.akamaized.net/gfwlist +server=/.vod.wwe.com/127.0.0.1#5335 +ipset=/.vod.wwe.com/gfwlist server=/.vot.org/127.0.0.1#5335 ipset=/.vot.org/gfwlist server=/.vovo2000.com/127.0.0.1#5335 @@ -9320,6 +9502,8 @@ server=/.vpnworldwide.com/127.0.0.1#5335 ipset=/.vpnworldwide.com/gfwlist server=/.vporn.com/127.0.0.1#5335 ipset=/.vporn.com/gfwlist +server=/.vpser.net/127.0.0.1#5335 +ipset=/.vpser.net/gfwlist server=/.vraiesagesse.net/127.0.0.1#5335 ipset=/.vraiesagesse.net/gfwlist server=/.vrmtr.com/127.0.0.1#5335 @@ -9488,6 +9672,8 @@ server=/.wezhiyong.org/127.0.0.1#5335 ipset=/.wezhiyong.org/gfwlist server=/.wezone.net/127.0.0.1#5335 ipset=/.wezone.net/gfwlist +server=/.wforum.com/127.0.0.1#5335 +ipset=/.wforum.com/gfwlist server=/.wha.la/127.0.0.1#5335 ipset=/.wha.la/gfwlist server=/.whatblocked.com/127.0.0.1#5335 @@ -9504,6 +9690,8 @@ server=/.wheelockslatin.com/127.0.0.1#5335 ipset=/.wheelockslatin.com/gfwlist server=/.whereiswerner.com/127.0.0.1#5335 ipset=/.whereiswerner.com/gfwlist +server=/.wheretowatch.com/127.0.0.1#5335 +ipset=/.wheretowatch.com/gfwlist server=/.whichav.com/127.0.0.1#5335 ipset=/.whichav.com/gfwlist server=/.whippedass.com/127.0.0.1#5335 @@ -9556,8 +9744,6 @@ server=/.wikimapia.org/127.0.0.1#5335 ipset=/.wikimapia.org/gfwlist server=/.wikipedia.org/127.0.0.1#5335 ipset=/.wikipedia.org/gfwlist -server=/.wikiwand.com/127.0.0.1#5335 -ipset=/.wikiwand.com/gfwlist server=/.wikiwiki.jp/127.0.0.1#5335 ipset=/.wikiwiki.jp/gfwlist server=/.wildammo.com/127.0.0.1#5335 @@ -9570,6 +9756,8 @@ server=/.windowsphoneme.com/127.0.0.1#5335 ipset=/.windowsphoneme.com/gfwlist server=/.windscribe.com/127.0.0.1#5335 ipset=/.windscribe.com/gfwlist +server=/.wingamestore.com/127.0.0.1#5335 +ipset=/.wingamestore.com/gfwlist server=/.wingy.site/127.0.0.1#5335 ipset=/.wingy.site/gfwlist server=/.winning11.com/127.0.0.1#5335 @@ -9614,6 +9802,8 @@ server=/.wo3ttt.wordpress.com/127.0.0.1#5335 ipset=/.wo3ttt.wordpress.com/gfwlist server=/.woeser.com/127.0.0.1#5335 ipset=/.woeser.com/gfwlist +server=/.wokar.org/127.0.0.1#5335 +ipset=/.wokar.org/gfwlist server=/.wolfax.com/127.0.0.1#5335 ipset=/.wolfax.com/gfwlist server=/.woolyss.com/127.0.0.1#5335 @@ -9622,6 +9812,8 @@ server=/.woopie.jp/127.0.0.1#5335 ipset=/.woopie.jp/gfwlist server=/.woopie.tv/127.0.0.1#5335 ipset=/.woopie.tv/gfwlist +server=/.wordpress.com/127.0.0.1#5335 +ipset=/.wordpress.com/gfwlist server=/.workatruna.com/127.0.0.1#5335 ipset=/.workatruna.com/gfwlist server=/.workerdemo.org.hk/127.0.0.1#5335 @@ -9654,6 +9846,8 @@ server=/.woyaolian.org/127.0.0.1#5335 ipset=/.woyaolian.org/gfwlist server=/.wozy.in/127.0.0.1#5335 ipset=/.wozy.in/gfwlist +server=/.wp.com/127.0.0.1#5335 +ipset=/.wp.com/gfwlist server=/.wpoforum.com/127.0.0.1#5335 ipset=/.wpoforum.com/gfwlist server=/.wqyd.org/127.0.0.1#5335 @@ -9676,6 +9870,8 @@ server=/.wtbn.org/127.0.0.1#5335 ipset=/.wtbn.org/gfwlist server=/.wtfpeople.com/127.0.0.1#5335 ipset=/.wtfpeople.com/gfwlist +server=/.wuerkaixi.com/127.0.0.1#5335 +ipset=/.wuerkaixi.com/gfwlist server=/.wufafangwen.com/127.0.0.1#5335 ipset=/.wufafangwen.com/gfwlist server=/.wufi.org.tw/127.0.0.1#5335 @@ -9694,6 +9890,8 @@ server=/.wuyanblog.com/127.0.0.1#5335 ipset=/.wuyanblog.com/gfwlist server=/.wwitv.com/127.0.0.1#5335 ipset=/.wwitv.com/gfwlist +server=/.www.abclite.net/127.0.0.1#5335 +ipset=/.www.abclite.net/gfwlist server=/.www.ajsands.com/127.0.0.1#5335 ipset=/.www.ajsands.com/gfwlist server=/.www.americorps.gov/127.0.0.1#5335 @@ -9736,6 +9934,10 @@ server=/.www.powerpointninja.com/127.0.0.1#5335 ipset=/.www.powerpointninja.com/gfwlist server=/.www.s4miniarchive.com/127.0.0.1#5335 ipset=/.www.s4miniarchive.com/gfwlist +server=/.www.shadowsocks.com/127.0.0.1#5335 +ipset=/.www.shadowsocks.com/gfwlist +server=/.www.shwchurch.org/127.0.0.1#5335 +ipset=/.www.shwchurch.org/gfwlist server=/.www.taup.org.tw/127.0.0.1#5335 ipset=/.www.taup.org.tw/gfwlist server=/.www.wan-press.org/127.0.0.1#5335 @@ -9746,6 +9948,8 @@ server=/.www.websnapr.com/127.0.0.1#5335 ipset=/.www.websnapr.com/gfwlist server=/.www1.biz/127.0.0.1#5335 ipset=/.www1.biz/gfwlist +server=/.wwwhost.biz/127.0.0.1#5335 +ipset=/.wwwhost.biz/gfwlist server=/.x-art.com/127.0.0.1#5335 ipset=/.x-art.com/gfwlist server=/.x-berry.com/127.0.0.1#5335 @@ -9848,8 +10052,6 @@ server=/.xmovies.com/127.0.0.1#5335 ipset=/.xmovies.com/gfwlist server=/.xn--4gq171p.com/127.0.0.1#5335 ipset=/.xn--4gq171p.com/gfwlist -server=/.xn--90wwvt03e.com/127.0.0.1#5335 -ipset=/.xn--90wwvt03e.com/gfwlist server=/.xn--czq75pvv1aj5c.org/127.0.0.1#5335 ipset=/.xn--czq75pvv1aj5c.org/gfwlist server=/.xn--i2ru8q2qg.com/127.0.0.1#5335 @@ -10042,6 +10244,8 @@ server=/.youtubegaming.com/127.0.0.1#5335 ipset=/.youtubegaming.com/gfwlist server=/.youversion.com/127.0.0.1#5335 ipset=/.youversion.com/gfwlist +server=/.youwin.com/127.0.0.1#5335 +ipset=/.youwin.com/gfwlist server=/.youxu.info/127.0.0.1#5335 ipset=/.youxu.info/gfwlist server=/.yt.be/127.0.0.1#5335 @@ -10050,6 +10254,8 @@ server=/.ytht.net/127.0.0.1#5335 ipset=/.ytht.net/gfwlist server=/.ytimg.com/127.0.0.1#5335 ipset=/.ytimg.com/gfwlist +server=/.ytn.co.kr/127.0.0.1#5335 +ipset=/.ytn.co.kr/gfwlist server=/.yuanming.net/127.0.0.1#5335 ipset=/.yuanming.net/gfwlist server=/.yuanzhengtang.org/127.0.0.1#5335 @@ -10146,10 +10352,16 @@ server=/.zhongguorenquan.org/127.0.0.1#5335 ipset=/.zhongguorenquan.org/gfwlist server=/.zhongguotese.net/127.0.0.1#5335 ipset=/.zhongguotese.net/gfwlist +server=/.zhongmeng.org/127.0.0.1#5335 +ipset=/.zhongmeng.org/gfwlist server=/.zhoushuguang.com/127.0.0.1#5335 ipset=/.zhoushuguang.com/gfwlist server=/.zhreader.com/127.0.0.1#5335 ipset=/.zhreader.com/gfwlist +server=/.zhuangbi.me/127.0.0.1#5335 +ipset=/.zhuangbi.me/gfwlist +server=/.zhuanxing.cn/127.0.0.1#5335 +ipset=/.zhuanxing.cn/gfwlist server=/.zhuatieba.com/127.0.0.1#5335 ipset=/.zhuatieba.com/gfwlist server=/.zhuichaguoji.org/127.0.0.1#5335 @@ -10172,6 +10384,8 @@ server=/.zodgame.us/127.0.0.1#5335 ipset=/.zodgame.us/gfwlist server=/.zomobo.net/127.0.0.1#5335 ipset=/.zomobo.net/gfwlist +server=/.zonaeuropa.com/127.0.0.1#5335 +ipset=/.zonaeuropa.com/gfwlist server=/.zonghexinwen.com/127.0.0.1#5335 ipset=/.zonghexinwen.com/gfwlist server=/.zonghexinwen.net/127.0.0.1#5335 @@ -10184,10 +10398,10 @@ server=/.zoozle.net/127.0.0.1#5335 ipset=/.zoozle.net/gfwlist server=/.zorrovpn.com/127.0.0.1#5335 ipset=/.zorrovpn.com/gfwlist +server=/.zozotown.com/127.0.0.1#5335 +ipset=/.zozotown.com/gfwlist server=/.zpn.im/127.0.0.1#5335 ipset=/.zpn.im/gfwlist -server=/.zsdxzk.com/127.0.0.1#5335 -ipset=/.zsdxzk.com/gfwlist server=/.zspeeder.me/127.0.0.1#5335 ipset=/.zspeeder.me/gfwlist server=/.zsrhao.com/127.0.0.1#5335 diff --git a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr index e46004cf8..f45565ecd 100755 --- a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr +++ b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr @@ -10,10 +10,10 @@ START=95 STOP=15 + SERVICE_DAEMONIZE=1 -EXTRA_COMMANDS=rules NAME=shadowsocksr -LOCK_FILE=/var/lock/${NAME}.lock +EXTRA_COMMANDS=rules CONFIG_FILE=/var/etc/${NAME}.json CONFIG_UDP_FILE=/var/etc/${NAME}_u.json CONFIG_SOCK5_FILE=/var/etc/${NAME}_s.json @@ -28,6 +28,7 @@ kcp_flag=0 pdnsd_enable_flag=0 switch_enable=0 switch_server=$1 +MAXFD=32768 CRON_FILE=/etc/crontabs/root threads=1 @@ -41,47 +42,33 @@ uci_get_by_type() { echo ${ret:=$3} } -uci_set_by_name() { - uci set $NAME.$1.$2=$3 2>/dev/null - uci commit $NAME -} - -uci_set_by_type() { - uci set $NAME.@$1[0].$2=$3 2>/dev/null - uci commit $NAME -} - uci_get_by_cfgid() { local ret=$(uci show $NAME.@$1[0].$2 | awk -F '.' '{print $2}' 2>/dev/null) echo ${ret:=$3} } -get_host_ip() { +check_host() { local host=$1 - local isip="" - local ip=$host - isip=$(echo $host | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}") - if [ -z "$isip" ]; then - if [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then - ip=$host + if echo $host | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + hostip=$host + elif [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then + hostip=$host + else + hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) + if echo $hostip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + hostip=$hostip else - local ip=$(resolveip -4 -t 3 $host | awk 'NR==1{print}') - [ -z "$ip" ] && ip=$(wget -q -O- http://119.29.29.29/d?dn=$1 | awk -F ';' '{print $1}') + hostip="127.0.0.1" fi fi - echo ${ip:="127.0.0.1"} -} - -clean_log() { - logsnum=$(cat /tmp/ssrplus.log 2>/dev/null | wc -l) - [ "$logsnum" -gt 1000 ] && { - echo "$(date "+%Y-%m-%d %H:%M:%S") 日志文件过长,清空处理!" >/tmp/ssrplus.log - } + echo -e $hostip } add_cron() { sed -i '/shadowsocksr/d' $CRON_FILE - [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/ssrplusupdate.sh >>/tmp/ssrplus.log 2>&1" >>$CRON_FILE + sed -i '/ssrplus.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/ssrplus.log' >>$CRON_FILE + [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/ssrplusupdate.sh >> /tmp/ssrplus.log 2>&1" >>$CRON_FILE + crontab $CRON_FILE } @@ -89,58 +76,41 @@ del_cron() { sed -i '/shadowsocksr/d' $CRON_FILE sed -i '/ssrplus.log/d' $CRON_FILE /etc/init.d/cron restart - clean_log } -unlock() { - failcount=1 - while [ "$failcount" -le 10 ]; do - if [ -f "$LOCK_FILE" ]; then - let "failcount++" - sleep 1s - [ "$failcount" -ge 10 ] && rm -f "$LOCK_FILE" - else - break - fi - done -} - -find_bin() { - case "$1" in - ss) ret="/usr/bin/ss-redir" ;; - ss-local) ret="/usr/bin/ss-local" ;; - ssr) ret="/usr/bin/ssr-redir" ;; - ssr-local) ret="/usr/bin/ssr-local" ;; - ssr-server) ret="/usr/bin/ssr-server" ;; - v2ray) ret="/usr/bin/v2ray/v2ray" && [ ! -f "$ret" ] && ret="/usr/bin/v2ray" ;; - trojan) ret="/usr/sbin/trojan" ;; - socks5 | tun) ret="/usr/sbin/redsocks2" ;; - esac - echo $ret -} +run_mode=$(uci_get_by_type global run_mode) gen_config_file() { - local hostip=$(get_host_ip $(uci_get_by_name $1 server)) - if [ "$hostip" == "127.0.0.1" ]; then - hostip=$(uci_get_by_name $1 ip) + local host=$(uci_get_by_name $1 server) + if echo $host | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + hostip=$host + elif [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then + hostip=$host else - uci_set_by_name $1 ip $hostip + hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) + if echo $hostip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + hostip=$hostip + else + hostip=$(cat /etc/ssr_ip) + fi fi [ "$2" == "0" -a "$kcp_flag" == "1" ] && hostip="127.0.0.1" - case "$2" in - 0) config_file=$CONFIG_FILE ;; - 1) config_file=$CONFIG_UDP_FILE ;; - 2) config_file=$CONFIG_NETFLIX_FILE ;; - *) config_file=$CONFIG_SOCK5_FILE ;; - esac + if [ "$2" == "0" ]; then + config_file=$CONFIG_FILE + elif [ "$2" == "1" ]; then + config_file=$CONFIG_UDP_FILE + elif [ "$2" == "2" ]; then + config_file=$CONFIG_NETFLIX_FILE + else + config_file=$CONFIG_SOCK5_FILE + fi if [ $(uci_get_by_name $1 fast_open 0) == "1" ]; then fastopen="true" else fastopen="false" fi - local type=$(uci_get_by_name $1 type) - case "$type" in - ss) + local stype=$(uci_get_by_name $1 type) + if [ "$stype" == "ss" ]; then cat <<-EOF >$config_file { "server": "$hostip", @@ -165,8 +135,7 @@ gen_config_file() { echo "$(date "+%Y-%m-%d %H:%M:%S") Warning!!! SIP003 plugin $plugin not found!!!" >>/tmp/ssrplus.log fi fi - ;; - ssr) + elif [ "$stype" == "ssr" ]; then cat <<-EOF >$config_file { "server": "$hostip", @@ -184,18 +153,357 @@ gen_config_file() { "fast_open": $fastopen } EOF - ;; - v2ray) + elif [ "$stype" == "v2ray" ]; then lua /usr/share/shadowsocksr/genv2config.lua $GLOBAL_SERVER tcp $(uci_get_by_name $1 local_port) >/var/etc/v2-ssr-retcp.json sed -i 's/\\//g' /var/etc/v2-ssr-retcp.json - ;; - trojan) + elif [ "$stype" == "trojan" ]; then lua /usr/share/shadowsocksr/gentrojanconfig.lua $GLOBAL_SERVER nat $(uci_get_by_name $1 local_port) >/var/etc/trojan-ssr-retcp.json sed -i 's/\\//g' /var/etc/trojan-ssr-retcp.json - ;; + fi +} + +get_arg_out() { + case "$(uci_get_by_type access_control router_proxy 1)" in + 1) echo "-o" ;; + 2) echo "-O" ;; esac } +start_rules() { + local server=$(uci_get_by_name $GLOBAL_SERVER server) + #resolve name + if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + server=$server + elif [ "$server" != "${server#*:[0-9a-fA-F]}" ]; then + server=$server + else + server=$(ping $server -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) + if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + echo $server >/etc/ssr_ip + else + server=$(cat /etc/ssr_ip) + fi + fi + kcp_server=$server + local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) + if [ $kcp_enable == "1" ]; then + kcp_flag=1 + fi + local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port) + local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips) + local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode) + local router_proxy=$(uci_get_by_type access_control router_proxy) + if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a "$kcp_flag" == "0" ]; then + ARG_UDP="-u" + elif [ -n "$UDP_RELAY_SERVER" ]; then + ARG_UDP="-U" + local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server) + local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port) + fi + if [ -n "$lan_ac_ips" ]; then + case "$lan_ac_mode" in + w | W | b | B) local ac_ips="$lan_ac_mode$lan_ac_ips" ;; + esac + fi + + #deal gfw firewall rule + local gfwmode="" + if [ "$run_mode" == "gfw" ]; then + gfwmode="-g" + elif [ "$run_mode" == "router" ]; then + gfwmode="-r" + elif [ "$run_mode" == "oversea" ]; then + gfwmode="-c" + elif [ "$run_mode" == "all" ]; then + gfwmode="-z" + fi + local dports=$(uci_get_by_type global dports 1) + if [ $dports == "1" ]; then + proxyport=" " + else + proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443" + fi + if [ "$NETFLIX_SERVER" != "nil" ]; then + if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then + netflix="1" + else + netflix="2" + fi + else + netflix="0" + fi + netflix_ip=$(check_host $(uci_get_by_name $NETFLIX_SERVER server 127.0.0.1)) + /usr/bin/ssr-rules \ + -s "$server" \ + -l "$local_port" \ + -S "$udp_server" \ + -L "$udp_local_port" \ + -a "$ac_ips" \ + -i "$(uci_get_by_type access_control wan_bp_list)" \ + -b "$(uci_get_by_type access_control wan_bp_ips)" \ + -w "$(uci_get_by_type access_control wan_fw_ips)" \ + -B "$(uci_get_by_type access_control lan_bp_ips)" \ + -p "$(uci_get_by_type access_control lan_fp_ips)" \ + -G "$(uci_get_by_type access_control lan_gm_ips)" \ + -D "$proxyport" \ + -F "$netflix" \ + -N "$netflix_ip" \ + -M "$(uci_get_by_type global netflix_proxy 0)" \ + $(get_arg_out) $gfwmode $ARG_UDP + return $? +} + +start_pdnsd() { + local usr_dns="$1" + local usr_port="$2" + local tcp_dns_list="208.67.222.222, 208.67.220.220" + [ -z "$usr_dns" ] && usr_dns="8.8.8.8" + [ -z "$usr_port" ] && usr_port="53" + [ -d /var/etc ] || mkdir -p /var/etc + if [ ! -d /var/pdnsd ]; then + mkdir -p /var/pdnsd + echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache + chown -R nobody:nogroup /var/pdnsd + fi + cat <<-EOF >/var/etc/pdnsd.conf + global{ + perm_cache=1024; + cache_dir="/var/pdnsd"; + pid_file="/var/run/pdnsd.pid"; + run_as="nobody"; + server_ip=127.0.0.1; + server_port=5335; + status_ctl=on; + query_method=tcp_only; + min_ttl=1h; + max_ttl=1w; + timeout=10; + neg_domain_pol=on; + proc_limit=2; + procq_limit=8; + par_queries=1; + } + server{ + label="ssr-usrdns"; + ip=$usr_dns; + port=$usr_port; + timeout=6; + uptest=none; + interval=10m; + purge_cache=off; + } + EOF + /usr/sbin/pdnsd -c /var/etc/pdnsd.conf & +} + +start_redir() { + case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in + 1 | on | true | yes | enabled) ARG_OTA="-A" ;; + *) ARG_OTA="" ;; + esac + #deal kcp + local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) + if [ "$kcp_enable" == "1" ]; then + [ ! -f "/usr/bin/kcptun-client" ] && return 1 + local kcp_str=$(/usr/bin/kcptun-client -v | grep kcptun | wc -l) + [ "0" == "$kcp_str" ] && return 1 + local kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) + local server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) + local password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) + local kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) + [ "$password" != "" ] && password="--key "$password + service_start /usr/bin/kcptun-client \ + -r $kcp_server:$kcp_port \ + -l :$server_port $password $kcp_param + kcp_enable_flag=1 + fi + + gen_config_file $GLOBAL_SERVER 0 $(uci_get_by_name $GLOBAL_SERVER local_port 1234) + local stype=$(uci_get_by_name $GLOBAL_SERVER type) + if [ "$stype" == "ss" ]; then + sscmd="/usr/bin/ss-redir" + elif [ "$stype" == "ssr" ]; then + sscmd="/usr/bin/ssr-redir" + elif [ "$stype" == "v2ray" ]; then + sscmd="/usr/bin/v2ray/v2ray" + [ ! -f "$sscmd" ] && sscmd="/usr/bin/v2ray" + elif [ "$stype" == "trojan" ]; then + sscmd="/usr/sbin/trojan" + elif [ "$stype" == "socks5" ]; then + sscmd="/usr/sbin/redsocks2" + elif [ "$stype" == "tun" ]; then + sscmd="/usr/sbin/redsocks2" + fi + + local ntype=$(uci_get_by_name $NETFLIX_SERVER type) + if [ "$ntype" == "ss" ]; then + ncmd="/usr/bin/ss-redir" + sssock="/usr/bin/ss-local" + elif [ "$ntype" == "ssr" ]; then + ncmd="/usr/bin/ssr-redir" + sssock="/usr/bin/ssr-local" + elif [ "$ntype" == "v2ray" ]; then + ncmd="/usr/bin/v2ray/v2ray" + [ ! -f "$ncmd" ] && ncmd="/usr/bin/v2ray" + elif [ "$ntype" == "trojan" ]; then + ncmd="/usr/sbin/trojan" + elif [ "$ntype" == "socks5" ]; then + ncmd="/usr/sbin/redsocks2" + elif [ "$ntype" == "tun" ]; then + ncmd="/usr/sbin/redsocks2" + fi + + local utype=$(uci_get_by_name $UDP_RELAY_SERVER type) + if [ "$utype" == "ss" ]; then + ucmd="/usr/bin/ss-redir" + elif [ "$utype" == "ssr" ]; then + ucmd="/usr/bin/ssr-redir" + elif [ "$utype" == "v2ray" ]; then + ucmd="/usr/bin/v2ray/v2ray" + [ ! -f "$ucmd" ] && ucmd="/usr/bin/v2ray" + elif [ "$utype" == "trojan" ]; then + ucmd="/usr/sbin/trojan" + elif [ "$stype" == "socks5" ]; then + ucmd="/usr/sbin/redsocks2" + elif [ "$stype" == "tun" ]; then + ucmd="/usr/sbin/redsocks2" + fi + if [ "$(uci_get_by_type global threads 0)" == "0" ]; then + threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l) + else + threads=$(uci_get_by_type global threads) + fi + + if [ "$stype" == "ss" -o "$stype" == "ssr" ]; then + local last_config_file=$CONFIG_FILE + local pid_file="/var/run/ssr-retcp.pid" + for i in $(seq 1 $threads); do + $sscmd -c $CONFIG_FILE $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1 + done + echo "$(date "+%Y-%m-%d %H:%M:%S") Shadowsocks/ShadowsocksR $threads Threads Started!" >>/tmp/ssrplus.log + elif [ "$stype" == "v2ray" ]; then + $sscmd -config /var/etc/v2-ssr-retcp.json >/dev/null 2>&1 & + echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) Started!" >>/tmp/ssrplus.log + elif [ "$stype" == "trojan" ]; then + for i in $(seq 1 $threads); do + $sscmd --config /var/etc/trojan-ssr-retcp.json >/dev/null 2>&1 & + done + echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd --version 2>&1 | head -1) , $threads Threads Started!" >>/tmp/ssrplus.log + elif [ "$stype" == "socks5" ]; then + /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" socks5 tcp $(uci_get_by_name $GLOBAL_SERVER local_port) \ + $(check_host $(uci_get_by_name $GLOBAL_SERVER server)) $(uci_get_by_name $GLOBAL_SERVER server_port) \ + $(uci_get_by_name $GLOBAL_SERVER auth_enable 0) $(uci_get_by_name $GLOBAL_SERVER username) $(uci_get_by_name $GLOBAL_SERVER password) + for i in $(seq 1 $threads); do + $sscmd -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 + done + echo "$(date "+%Y-%m-%d %H:%M:%S") Socks5 REDIRECT/TPROXY $threads Threads Started!" >>/tmp/ssrplus.log + elif [ "$stype" == "tun" ]; then + /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" vpn $(uci_get_by_name $GLOBAL_SERVER iface "br-lan") $(uci_get_by_name $GLOBAL_SERVER local_port) + for i in $(seq 1 $threads); do + $sscmd -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 + done + echo "$(date "+%Y-%m-%d %H:%M:%S") Network Tunnel REDIRECT $threads Threads Started!" >>/tmp/ssrplus.log + fi + + if [ "$NETFLIX_SERVER" != "nil" ] && [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then + if [ "$ntype" == "ss" -o "$ntype" == "ssr" ]; then + gen_config_file $NETFLIX_SERVER 2 4321 + gen_config_file $NETFLIX_SERVER 3 1088 + $sssock -c /var/etc/shadowsocksr_s.json $ARG_OTA -f /var/run/ssr-socksdns.pid >/dev/null 2>&1 + dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & + $ncmd -c /var/etc/shadowsocksr_n.json $ARG_OTA -f /var/run/ssr-netflix.pid >/dev/null 2>&1 + elif [ "$ntype" == "v2ray" ]; then + lua /usr/share/shadowsocksr/genv2config.lua $NETFLIX_SERVER tcp 4321 1088 >/var/etc/v2-ssr-netflix.json + $ncmd -config /var/etc/v2-ssr-netflix.json >/dev/null 2>&1 & + dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & + elif [ "$ntype" == "trojan" ]; then + lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER nat 4321 >/var/etc/trojan-ssr-netflix.json + sed -i 's/\\//g' /var/etc/trojan-ssr-netflix.json + $ncmd --config /var/etc/trojan-ssr-netflix.json >/dev/null 2>&1 & + lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER client 1088 >/var/etc/trojan-ssr-socksdns.json + sed -i 's/\\//g' /var/etc/trojan-ssr-socksdns.json + $ncmd --config /var/etc/trojan-ssr-socksdns.json >/dev/null 2>&1 & + dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & + elif [ "$ntype" == "socks5" ]; then + /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" socks5 tcp 4321 \ + $(check_host $(uci_get_by_name $NETFLIX_SERVER server)) $(uci_get_by_name $NETFLIX_SERVER server_port) \ + $(uci_get_by_name $NETFLIX_SERVER auth_enable 0) $(uci_get_by_name $NETFLIX_SERVER username) $(uci_get_by_name $NETFLIX_SERVER password) + $ncmd -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 + microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & + dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & + elif [ "$ntype" == "tun" ]; then + /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" vpn $(uci_get_by_name $NETFLIX_SERVER iface "br-lan") 4321 + $ncmd -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 + microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & + dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & + fi + fi + + if [ -n "$UDP_RELAY_SERVER" ]; then + if [ "$utype" == "ss" -o "$utype" == "ssr" ]; then + case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in + 1 | on | true | yes | enabled) ARG_OTA="-A" ;; + *) ARG_OTA="" ;; + esac + gen_config_file $UDP_RELAY_SERVER 1 $(uci_get_by_name $UDP_RELAY_SERVER local_port 1234) + last_config_file=$CONFIG_UDP_FILE + pid_file="/var/run/ssr-reudp.pid" + $ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1 + elif [ "$utype" == "v2ray" ]; then + lua /usr/share/shadowsocksr/genv2config.lua $UDP_RELAY_SERVER udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/var/etc/v2-ssr-reudp.json + sed -i 's/\\//g' /var/etc/v2-ssr-reudp.json + $ucmd -config /var/etc/v2-ssr-reudp.json >/dev/null 2>&1 & + elif [ "$stype" == "trojan" ]; then + lua /usr/share/shadowsocksr/gentrojanconfig.lua $GLOBAL_SERVER client 10801 >/var/etc/trojan-ssr-reudp.json + sed -i 's/\\//g' /var/etc/trojan-ssr-reudp.json + $ucmd --config /var/etc/trojan-ssr-reudp.json >/dev/null 2>&1 & + ipt2socks -U -b 0.0.0.0 -4 -s 127.0.0.1 -p 10801 -l $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/dev/null 2>&1 & + elif [ "$utype" == "socks5" ]; then + /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-reudp.conf" socks5 udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) \ + $(check_host $(uci_get_by_name $UDP_RELAY_SERVER server)) $(uci_get_by_name $UDP_RELAY_SERVER server_port) \ + $(uci_get_by_name $UDP_RELAY_SERVER auth_enable 0) $(uci_get_by_name $UDP_RELAY_SERVER username) $(uci_get_by_name $UDP_RELAY_SERVER password) + $ucmd -c /var/etc/redsocks-ssr-reudp.conf >/dev/null 2>&1 + elif [ "$stype" == "tun" ]; then + redir_udp=0 + echo "$(date "+%Y-%m-%d %H:%M:%S") Network Tunnel UDP TPROXY Relay not supported!" >>/tmp/ssrplus.log + fi + fi + #deal with dns + local ssr_dns="$(uci_get_by_type global pdnsd_enable 0)" + local dnsstr="$(uci_get_by_type global tunnel_forward 8.8.4.4:53)" + local dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}') + local dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}') + if [ "$ssr_dns" != "0" ]; then # not use custom dns service + if [ "$run_mode" == "gfw" ]; then + ipset add gfwlist $dnsserver 2>/dev/null + elif [ "$run_mode" == "oversea" ]; then + ipset add oversea $dnsserver 2>/dev/null + else + ipset add ss_spec_wan_ac $dnsserver nomatch 2>/dev/null + fi + fi + if [ "$ssr_dns" == "1" ]; then + start_pdnsd $dnsserver $dnsport + pdnsd_enable_flag=1 + elif [ "$ssr_dns" == "2" ]; then + microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 & + dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & + pdnsd_enable_flag=2 + fi + if [ "$(uci_get_by_type global enable_switch)" == "1" ]; then + if [ "$(uci_get_by_name $GLOBAL_SERVER switch_enable 1)" == "1" ]; then + if [ -z "$switch_server" ]; then + local switch_time=$(uci_get_by_type global switch_time) + local switch_timeout=$(uci_get_by_type global switch_timeout) + service_start /usr/bin/ssr-switch start $switch_time $switch_timeout + switch_enable=1 + fi + fi + fi + add_cron + return $? +} + gen_service_file() { if [ $(uci_get_by_name $1 fast_open) == "1" ]; then fastopen="true" @@ -218,6 +526,26 @@ gen_service_file() { EOF } +start_service() { + [ $(uci_get_by_name $1 enable 0) == "0" ] && return 1 + let server_count=server_count+1 + if [ "$server_count" == "1" ]; then + if ! (iptables-save -t filter | grep SSR-SERVER-RULE >/dev/null); then + iptables -N SSR-SERVER-RULE && \ + iptables -t filter -I INPUT -j SSR-SERVER-RULE + fi + fi + if [ "$(uci_get_by_name $1 type ssr)" == "ssr" ]; then + gen_service_file $1 /var/etc/${NAME}_$server_count.json + /usr/bin/ssr-server -c /var/etc/${NAME}_$server_count.json -u -f /var/run/ssr-server$server_count.pid >/dev/null 2>&1 + else + microsocks -i :: -p $(uci_get_by_name $1 server_port) -1 -u $(uci_get_by_name $1 username) -P $(uci_get_by_name $1 password) ssr-server$server_count >/dev/null 2>&1 & + fi + iptables -t filter -A SSR-SERVER-RULE -p tcp --dport $(uci_get_by_name $1 server_port) -j ACCEPT + iptables -t filter -A SSR-SERVER-RULE -p udp --dport $(uci_get_by_name $1 server_port) -j ACCEPT + return 0 +} + gen_serv_include() { FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) [ -n "$FWI" ] || return 0 @@ -237,426 +565,42 @@ gen_serv_include() { EOF } -start_dns() { - local ssr_dns="$(uci_get_by_type global pdnsd_enable 0)" - local dnsstr="$(uci_get_by_type global tunnel_forward 8.8.4.4:53)" - local dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}') - local dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}') - start_pdnsd() { - local usr_dns="$1" - local usr_port="$2" - [ -z "$usr_dns" ] && usr_dns="8.8.8.8" - [ -z "$usr_port" ] && usr_port="53" - [ -d /var/etc ] || mkdir -p /var/etc - if [ ! -f "/var/pdnsd/pdnsd.cache" ]; then - mkdir -p /var/pdnsd - touch /var/pdnsd/pdnsd.cache - chown -R nobody:nogroup /var/pdnsd - fi - cat <<-EOF >/var/etc/pdnsd.conf - global{ - perm_cache=1024; - cache_dir="/var/pdnsd"; - pid_file="/var/run/pdnsd.pid"; - run_as="nobody"; - server_ip=127.0.0.1; - server_port=5335; - status_ctl=on; - query_method=tcp_only; - min_ttl=1h; - max_ttl=1w; - timeout=10; - neg_domain_pol=on; - proc_limit=2; - procq_limit=8; - par_queries=1; - } - server{ - label="ssr-usrdns"; - ip=$usr_dns; - port=$usr_port; - timeout=6; - uptest=none; - interval=10m; - purge_cache=off; - } - EOF - /usr/sbin/pdnsd -c /var/etc/pdnsd.conf & - } - if [ "$ssr_dns" != "0" ]; then - case "$run_mode" in - oversea) ipset add oversea $dnsserver 2>/dev/null ;; - *) ipset add gfwlist $dnsserver 2>/dev/null ;; - esac - fi - case "$ssr_dns" in - 1) - start_pdnsd $dnsserver $dnsport - pdnsd_enable_flag=1 - ;; - 2) - microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 & - dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & - pdnsd_enable_flag=2 - ;; - esac -} - -start_redir_tcp() { - local type=$(uci_get_by_name $GLOBAL_SERVER type) - local bin=$(find_bin $type) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in - 1 | on | true | yes | enabled) ARG_OTA="-A" ;; - *) ARG_OTA="" ;; - esac - local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) - if [ "$kcp_enable" == "1" ]; then - [ ! -f "/usr/bin/kcptun-client" ] && return 1 - local kcp_str=$(/usr/bin/kcptun-client -v | grep kcptun | wc -l) - [ "0" == "$kcp_str" ] && return 1 - local kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) - local server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) - local password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) - local kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) - [ "$password" != "" ] && password="--key "$password - service_start /usr/bin/kcptun-client \ - -r $kcp_server:$kcp_port \ - -l :$server_port $password $kcp_param - kcp_enable_flag=1 - fi - gen_config_file $GLOBAL_SERVER 0 $(uci_get_by_name $GLOBAL_SERVER local_port 1234) - if [ "$(uci_get_by_type global threads 0)" == "0" ]; then - threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l) - else - threads=$(uci_get_by_type global threads) - fi - case "$type" in - ss | ssr) - local last_config_file=$CONFIG_FILE - local name="Shadowsocks" - [ "$type" == "ssr" ] && name="ShadowsocksR" - for i in $(seq 1 $threads); do - $bin -c $CONFIG_FILE $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:$name $threads Threads Started!" >>/tmp/ssrplus.log - ;; - v2ray) - $bin -config /var/etc/v2-ssr-retcp.json >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:$($bin -version | head -1) Started!" >>/tmp/ssrplus.log - ;; - trojan) - for i in $(seq 1 $threads); do - $bin --config /var/etc/trojan-ssr-retcp.json >/dev/null 2>&1 & - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:$($bin --version 2>&1 | head -1) , $threads Threads Started!" >>/tmp/ssrplus.log - ;; - socks5) - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" socks5 tcp $(uci_get_by_name $GLOBAL_SERVER local_port) \ - $(get_host_ip $(uci_get_by_name $GLOBAL_SERVER server)) $(uci_get_by_name $GLOBAL_SERVER server_port) \ - $(uci_get_by_name $GLOBAL_SERVER auth_enable 0) $(uci_get_by_name $GLOBAL_SERVER username) $(uci_get_by_name $GLOBAL_SERVER password) - for i in $(seq 1 $threads); do - $bin -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:Socks5 REDIRECT/TPROXY $threads Threads Started!" >>/tmp/ssrplus.log - ;; - tun) - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" vpn $(uci_get_by_name $GLOBAL_SERVER iface "br-lan") $(uci_get_by_name $GLOBAL_SERVER local_port) - for i in $(seq 1 $threads); do - $bin -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:Network Tunnel REDIRECT $threads Threads Started!" >>/tmp/ssrplus.log - ;; - esac - return 0 -} - -start_redir_udp() { - if [ -n "$UDP_RELAY_SERVER" ]; then - local type=$(uci_get_by_name $UDP_RELAY_SERVER type) - local bin=$(find_bin $type) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - case "$type" in - ss | ssr) - case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in - 1 | on | true | yes | enabled) ARG_OTA="-A" ;; - *) ARG_OTA="" ;; - esac - local name="Shadowsocks" - [ "$type" == "ssr" ] && name="ShadowsocksR" - gen_config_file $UDP_RELAY_SERVER 1 $(uci_get_by_name $UDP_RELAY_SERVER local_port 1234) - last_config_file=$CONFIG_UDP_FILE - $bin -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1 - echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay:$name Started!" >>/tmp/ssrplus.log - ;; - v2ray) - lua /usr/share/shadowsocksr/genv2config.lua $UDP_RELAY_SERVER udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/var/etc/v2-ssr-reudp.json - sed -i 's/\\//g' /var/etc/v2-ssr-reudp.json - $bin -config /var/etc/v2-ssr-reudp.json >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay:$($bin -version | head -1) Started!" >>/tmp/ssrplus.log - ;; - trojan) - lua /usr/share/shadowsocksr/gentrojanconfig.lua $GLOBAL_SERVER client 10801 >/var/etc/trojan-ssr-reudp.json - sed -i 's/\\//g' /var/etc/trojan-ssr-reudp.json - $bin --config /var/etc/trojan-ssr-reudp.json >/dev/null 2>&1 & - ipt2socks -U -b 0.0.0.0 -4 -s 127.0.0.1 -p 10801 -l $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay:$($bin --version 2>&1 | head -1) Started!" >>/tmp/ssrplus.log - ;; - socks5) - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-reudp.conf" socks5 udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) \ - $(get_host_ip $(uci_get_by_name $UDP_RELAY_SERVER server)) $(uci_get_by_name $UDP_RELAY_SERVER server_port) \ - $(uci_get_by_name $UDP_RELAY_SERVER auth_enable 0) $(uci_get_by_name $UDP_RELAY_SERVER username) $(uci_get_by_name $UDP_RELAY_SERVER password) - $bin -c /var/etc/redsocks-ssr-reudp.conf >/dev/null 2>&1 - echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay:Socks5 REDIRECT/TPROXY Started!" >>/tmp/ssrplus.log - ;; - tun) - redir_udp=0 - echo "$(date "+%Y-%m-%d %H:%M:%S") Network Tunnel UDP TPROXY Relay not supported!" >>/tmp/ssrplus.log - ;; - esac - fi - return 0 -} - -start_shunt() { - if [ "$NETFLIX_SERVER" != "nil" ] && [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - local type=$(uci_get_by_name $NETFLIX_SERVER type) - local bin=$(find_bin $type) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - case "$type" in - ss | ssr) - local bin2=$(find_bin $type-local) - [ ! -f "$bin2" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin2 program, can't start!" >>/tmp/ssrplus.log && return 2 - local name="Shadowsocks" - [ "$type" == "ssr" ] && name="ShadowsocksR" - gen_config_file $NETFLIX_SERVER 2 4321 - gen_config_file $NETFLIX_SERVER 3 1088 - $bin -c /var/etc/shadowsocksr_n.json $ARG_OTA -f /var/run/ssr-netflix.pid >/dev/null 2>&1 - $bin2 -c /var/etc/shadowsocksr_s.json $ARG_OTA -f /var/run/ssr-socksdns.pid >/dev/null 2>&1 - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Netflix shunt:$name Started!" >>/tmp/ssrplus.log - ;; - v2ray) - lua /usr/share/shadowsocksr/genv2config.lua $NETFLIX_SERVER tcp 4321 1088 >/var/etc/v2-ssr-netflix.json - $bin -config /var/etc/v2-ssr-netflix.json >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Netflix shunt:$($bin -version | head -1) Started!" >>/tmp/ssrplus.log - ;; - trojan) - lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER nat 4321 >/var/etc/trojan-ssr-netflix.json - sed -i 's/\\//g' /var/etc/trojan-ssr-netflix.json - $bin --config /var/etc/trojan-ssr-netflix.json >/dev/null 2>&1 & - lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER client 1088 >/var/etc/trojan-ssr-socksdns.json - sed -i 's/\\//g' /var/etc/trojan-ssr-socksdns.json - $bin --config /var/etc/trojan-ssr-socksdns.json >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Netflix shunt:$($bin --version 2>&1 | head -1) Started!" >>/tmp/ssrplus.log - ;; - socks5) - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" socks5 tcp 4321 \ - $(get_host_ip $(uci_get_by_name $NETFLIX_SERVER server)) $(uci_get_by_name $NETFLIX_SERVER server_port) \ - $(uci_get_by_name $NETFLIX_SERVER auth_enable 0) $(uci_get_by_name $NETFLIX_SERVER username) $(uci_get_by_name $NETFLIX_SERVER password) - $bin -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 - microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Netflix shunt:Socks5 Started!" >>/tmp/ssrplus.log - ;; - tun) - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" vpn $(uci_get_by_name $NETFLIX_SERVER iface "br-lan") 4321 - $bin -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 - microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Netflix shunt:Network Tunnel REDIRECT Started!" >>/tmp/ssrplus.log - ;; - esac - fi +start_server() { + SERVER_ENABLE=$(uci_get_by_type server_global enable_server 0) + [ "$SERVER_ENABLE" == "0" ] && return 0 + mkdir -p /var/run /var/etc + config_load $NAME + config_foreach start_service server_config + gen_serv_include return 0 } start_local() { local local_server=$(uci_get_by_type socks5_proxy server nil) - [ "$local_server" == "nil" ] && return 1 [ "$local_server" == "same" ] && local_server=$GLOBAL_SERVER - local type=$(uci_get_by_name $local_server type) - local bin=$(find_bin $type) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - case "$type" in - ss | ssr) - local name="Shadowsocks" - local bin=$(find_bin $type-local) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - [ "$type" == "ssr" ] && name="ShadowsocksR" + [ "$local_server" == "nil" ] && return 1 + local local_type=$(uci_get_by_name $local_server type) + mkdir -p /var/run /var/etc + + if [ "$local_type" == "ssr" ]; then gen_config_file $local_server 3 $(uci_get_by_type socks5_proxy local_port 1080) - $bin -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1 - echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$name Started!" >>/tmp/ssrplus.log - ;; - v2ray) + /usr/bin/ssr-local -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1 + elif [ "$local_type" == "ss" ]; then + gen_config_file $local_server 3 $(uci_get_by_type socks5_proxy local_port 1080) + /usr/bin/ss-local -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1 + elif [ "$local_type" == "v2ray" ]; then lua /usr/share/shadowsocksr/genv2config.lua $local_server tcp 0 $(uci_get_by_type socks5_proxy local_port 1080) >/var/etc/v2-ssr-local.json sed -i 's/\\//g' /var/etc/v2-ssr-local.json - $bin -config /var/etc/v2-ssr-local.json >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$($bin -version | head -1) Started!" >>/tmp/ssrplus.log - ;; - trojan) + /usr/bin/v2ray/v2ray -config /var/etc/v2-ssr-local.json >/dev/null 2>&1 & + elif [ "$local_type" == "trojan" ]; then lua /usr/share/shadowsocksr/gentrojanconfig.lua $local_server client $(uci_get_by_type socks5_proxy local_port 1080) >/var/etc/trojan-ssr-local.json sed -i 's/\\//g' /var/etc/trojan-ssr-local.json - $bin --config /var/etc/trojan-ssr-local.json >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$($bin --version 2>&1 | head -1) Started!" >>/tmp/ssrplus.log - ;; - *) - [ -f "/bin/ping6" ] && local listenip='-i ::' - microsocks $listenip -p $(uci_get_by_type socks5_proxy local_port 1080) ssr-local >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$type Started!" >>/tmp/ssrplus.log - ;; - esac + /usr/sbin/trojan --config /var/etc/trojan-ssr-local.json >/dev/null 2>&1 & + else + microsocks -i :: -p $(uci_get_by_type socks5_proxy local_port 1080) ssr-local >/dev/null 2>&1 & + fi + local_enable=1 - return 0 -} - -start_server() { - SERVER_ENABLE=$(uci_get_by_type server_global enable_server 0) - [ "$SERVER_ENABLE" == "0" ] && return 0 - server_service() { - [ $(uci_get_by_name $1 enable 0) == "0" ] && return 1 - let server_count=server_count+1 - if [ "$server_count" == "1" ]; then - if ! (iptables-save -t filter | grep SSR-SERVER-RULE >/dev/null); then - iptables -N SSR-SERVER-RULE && \ - iptables -t filter -I INPUT -j SSR-SERVER-RULE - fi - fi - if [ "$(uci_get_by_name $1 type ssr)" == "ssr" ]; then - local bin=$(find_bin ssr-server) - [ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1 - gen_service_file $1 /var/etc/${NAME}_$server_count.json - $(find_bin ssr-server) -c /var/etc/${NAME}_$server_count.json -u -f /var/run/ssr-server$server_count.pid >/dev/null 2>&1 - echo "$(date "+%Y-%m-%d %H:%M:%S") Server:ShadowsocksR Server$server_count Started!" >>/tmp/ssrplus.log - else - [ -f "/bin/ping6" ] && local listenip='-i ::' - microsocks $listenip -p $(uci_get_by_name $1 server_port) -1 -u $(uci_get_by_name $1 username) -P $(uci_get_by_name $1 password) ssr-server$server_count >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") Server:Socks5 Server$server_count Started!" >>/tmp/ssrplus.log - fi - iptables -t filter -A SSR-SERVER-RULE -p tcp --dport $(uci_get_by_name $1 server_port) -j ACCEPT - iptables -t filter -A SSR-SERVER-RULE -p udp --dport $(uci_get_by_name $1 server_port) -j ACCEPT - return 0 - } - mkdir -p /var/run /var/etc - config_load $NAME - config_foreach server_service server_config - gen_serv_include - return 0 -} - -start_switch() { - if [ "$(uci_get_by_type global enable_switch 0)" == "1" ]; then - if [ -z "$switch_server" ]; then - local switch_time=$(uci_get_by_type global switch_time)s - local switch_timeout=$(uci_get_by_type global switch_timeout) - service_start /usr/bin/ssr-switch start $switch_time $switch_timeout - switch_enable=1 - fi - fi -} - -start_monitor() { - if [ $(uci_get_by_type global monitor_enable 1) == "1" ]; then - let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable - if [ $total_count -gt 0 ]; then - service_start /usr/bin/ssr-monitor $server_count $redir_tcp $redir_udp $tunnel_enable $kcp_enable_flag $local_enable $pdnsd_enable_flag $switch_enable - fi - fi -} - -check_server() { - ENABLE_SERVER=$(uci_get_by_type global global_server nil) - if [ "$ENABLE_SERVER" == "nil" ]; then - return 1 - else - STYPE=$(uci_get_by_name $ENABLE_SERVER type nil) - if [ "$STYPE" == "nil" ]; then - CFGID=$(uci_get_by_cfgid servers type nil) - if [ "$CFGID" == "nil" ]; then - uci_set_by_type global global_server 'nil' - else - uci_set_by_type global global_server $CFGID - fi - /etc/init.d/shadowsocksr restart - fi - fi -} - -start_rules() { - local server=$(get_host_ip $(uci_get_by_name $GLOBAL_SERVER server)) - [ "$server" == "127.0.0.1" ] && hostip=$(uci_get_by_name $GLOBAL_SERVER ip) - kcp_server=$server - local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) - if [ $kcp_enable == "1" ]; then - kcp_flag=1 - fi - local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port) - local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips) - local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode) - local router_proxy=$(uci_get_by_type access_control router_proxy) - if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a "$kcp_flag" == "0" ]; then - ARG_UDP="-u" - elif [ -n "$UDP_RELAY_SERVER" ]; then - ARG_UDP="-U" - local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server) - local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port) - fi - if [ -n "$lan_ac_ips" ]; then - case "$lan_ac_mode" in - w | W | b | B) local ac_ips="$lan_ac_mode$lan_ac_ips" ;; - esac - fi - #deal gfw firewall rule - local gfwmode="" - case "$run_mode" in - gfw) gfwmode="-g" ;; - router) gfwmode="-r" ;; - oversea) gfwmode="-c" ;; - all) gfwmode="-z" ;; - esac - local dports=$(uci_get_by_type global dports 1) - if [ $dports == "1" ]; then - proxyport=" " - else - proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443" - fi - if [ "$NETFLIX_SERVER" != "nil" ]; then - if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - netflix="1" - else - netflix="2" - fi - else - netflix="0" - fi - get_arg_out() { - case "$(uci_get_by_type access_control router_proxy 1)" in - 1) echo "-o" ;; - 2) echo "-O" ;; - esac - } - netflix_ip=$(get_host_ip $(uci_get_by_name $NETFLIX_SERVER server 127.0.0.1)) - /usr/bin/ssr-rules \ - -s "$server" \ - -l "$local_port" \ - -S "$udp_server" \ - -L "$udp_local_port" \ - -a "$ac_ips" \ - -i "/etc/ssr/china_ssr.txt" \ - -b "$(uci_get_by_type access_control wan_bp_ips)" \ - -w "$(uci_get_by_type access_control wan_fw_ips)" \ - -B "$(uci_get_by_type access_control lan_bp_ips)" \ - -p "$(uci_get_by_type access_control lan_fp_ips)" \ - -G "$(uci_get_by_type access_control lan_gm_ips)" \ - -D "$proxyport" \ - -F "$netflix" \ - -N "$netflix_ip" \ - -M "$(uci_get_by_type global netflix_proxy 0)" \ - -I "/etc/ssr/netflixip.list" \ - $(get_arg_out) $gfwmode $ARG_UDP - return $? } rules() { @@ -666,7 +610,6 @@ rules() { redir_tcp=1 fi mkdir -p /var/run /var/etc - run_mode=$(uci_get_by_type global run_mode) UDP_RELAY_SERVER=$(uci_get_by_type global udp_relay_server) [ "$UDP_RELAY_SERVER" == "same" ] && UDP_RELAY_SERVER=$GLOBAL_SERVER [ -n "$UDP_RELAY_SERVER" ] && redir_udp=1 @@ -678,48 +621,90 @@ rules() { } start() { - [ -f "$LOCK_FILE" ] && exit 2 - touch "$LOCK_FILE" - echo "-------------------------start-------------------------" >>/tmp/ssrplus.log if [ -z "$switch_server" ]; then GLOBAL_SERVER=$(uci_get_by_type global global_server) else GLOBAL_SERVER=$switch_server switch_enable=1 fi + NETFLIX_SERVER=$(uci_get_by_type global netflix_server nil) if [ "$NETFLIX_SERVER" == "same" ]; then NETFLIX_SERVER=$GLOBAL_SERVER fi + if rules; then - if start_redir_tcp; then - start_redir_udp - start_shunt - start_switch - start_dns - add_cron - mkdir -p /tmp/dnsmasq.d - if [ "$run_mode" == "oversea" ]; then - cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf - conf-dir=/tmp/dnsmasq.oversea - EOF - else - cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf - conf-dir=/tmp/dnsmasq.ssr - EOF - fi - /usr/share/shadowsocksr/gfw2ipset.sh + start_redir + mkdir -p /tmp/dnsmasq.d && cp -a /etc/dnsmasq.ssr /tmp/ && cp -a /etc/dnsmasq.oversea /tmp/ + if ! [ "$run_mode" == "oversea" ]; then + cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf + conf-dir=/tmp/dnsmasq.ssr + EOF else - /usr/bin/ssr-rules -f + cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf + conf-dir=/tmp/dnsmasq.oversea + EOF fi + if [ $(uci_get_by_type global adblock 0) == "0" ]; then + rm -f /tmp/dnsmasq.ssr/ad.conf + fi + /usr/share/shadowsocksr/gfw2ipset.sh + + if [ "$NETFLIX_SERVER" != "nil" ]; then + if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then + cat /etc/config/netflix.list | while read line || [ -n "$line" ]; do + sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf + done + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/config/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5555"'\n",$0)}' /etc/config/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf + + ipset -N netflix hash:net 2>/dev/null + cat /etc/config/netflixip.list | while read nip || [ -n "$nip" ]; do + ipset add netflix $nip 2>/dev/null + done + else + cat /etc/config/netflix.list | while read line || [ -n "$line" ]; do + sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf + done + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/config/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/config/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf + ipset -N netflix hash:net 2>/dev/null + cat /etc/config/netflixip.list | while read nip || [ -n "$nip" ]; do + ipset add netflix $nip 2>/dev/null + done + fi + else + rm -f /tmp/dnsmasq.ssr/netflix_forward.conf + fi + + /etc/init.d/dnsmasq restart >/dev/null 2>&1 fi start_server start_local - start_monitor - check_server - clean_log - echo "--------------------------end--------------------------" >>/tmp/ssrplus.log - rm -f $LOCK_FILE + if [ $(uci_get_by_type global monitor_enable 1) == "1" ]; then + let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable + if [ $total_count -gt 0 ]; then + #param:server(count) redir_tcp(0:no,1:yes) redir_udp tunnel kcp local gfw + service_start /usr/bin/ssr-monitor $server_count $redir_tcp $redir_udp $tunnel_enable $kcp_enable_flag $local_enable $pdnsd_enable_flag $switch_enable + fi + fi + + ENABLE_SERVER=$(uci_get_by_type global global_server nil) + if [ "$ENABLE_SERVER" == "nil" ]; then + return 1 + else + STYPE=$(uci_get_by_name $ENABLE_SERVER type nil) + if [ "$STYPE" == "nil" ]; then + CFGID=$(uci_get_by_cfgid servers type nil) + if [ "$CFGID" == "nil" ]; then + uci set shadowsocksr.@global[0].global_server='nil' + else + uci set shadowsocksr.@global[0].global_server=$CFGID + fi + uci commit shadowsocksr + /etc/init.d/shadowsocksr restart + fi + fi } boot() { @@ -727,7 +712,6 @@ boot() { } stop() { - unlock /usr/bin/ssr-rules -f srulecount=$(iptables -L | grep SSR-SERVER-RULE | wc -l) if [ $srulecount -gt 0 ]; then @@ -736,14 +720,32 @@ stop() { iptables -X SSR-SERVER-RULE 2>/dev/null fi if [ -z "$switch_server" ]; then - ps -w | grep -v "grep" | grep ssr-switch | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & - rm -f /var/lock/ssr-switch.lock + kill -9 $(busybox ps -w | grep ssr-switch | grep -v grep | awk '{print $1}') >/dev/null 2>&1 + fi + if [ $(uci_get_by_type global monitor_enable 0) == "1" ]; then + kill -9 $(busybox ps -w | grep ssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1 + fi + killall -q -9 ssr-monitor + killall -q -9 ss-redir + killall -q -9 obfs-local + killall -q -9 v2ray-plugin + killall -q -9 ssr-redir + killall -q -9 v2ray + killall -q -9 trojan + killall -q -9 ipt2socks + kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1 + kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1 + killall -q -9 ssr-local + killall -q -9 ss-local + killall -q -9 kcptun-client + killall -q -9 dns2socks + killall -q -9 microsocks + killall -q -9 redsocks2 + if [ -f /var/run/pdnsd.pid ]; then + kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 + else + kill -9 $(busybox ps -w | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1 fi - ps -w | grep -v "grep" | grep ssr-monitor | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & - ps -w | grep -v "grep" | grep "sleep $(uci_get_by_type global switch_time)s" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & - ps -w | grep -v "grep" | grep "sleep 30s" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & - killall -q -9 ss-redir ss-local obfs-local ssr-redir ssr-local ssr-server v2ray v2ray-plugin trojan microsocks ipt2socks dns2socks redsocks2 pdnsd - rm -f /var/lock/ssr-chinaipset.lock /var/lock/ssr-monitor.lock if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf /tmp/dnsmasq.ssr/* /tmp/dnsmasq.oversea/* /etc/init.d/dnsmasq restart >/dev/null 2>&1 diff --git a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus b/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus index 6419b4381..bd8d02a51 100755 --- a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus +++ b/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus @@ -13,11 +13,11 @@ uci -q batch <<-EOF >/dev/null commit firewall EOF -touch /etc/ssr/china_ssr.txt -touch /etc/ssr/white.list -touch /etc/ssr/black.list -touch /etc/ssr/netflix.list -touch /etc/ssr/netflixip.list +touch /etc/china_ssr.txt +touch /etc/config/white.list +touch /etc/config/black.list +touch /etc/config/netflix.list +touch /etc/config/netflixip.list touch /etc/dnsmasq.ssr/ad.conf touch /etc/dnsmasq.ssr/gfw_list.conf diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad index 1523ce6d3..2c7ffef05 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad @@ -1,9 +1,9 @@ #!/bin/sh -e if [ -f /tmp/adnew.conf ]; then - if (grep -wq "address=" /tmp/adnew.conf); then - cp /tmp/adnew.conf /tmp/ssr-update.$1 - else - cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' >/tmp/ssr-update.$1 - fi + if (grep -wq "address=" /tmp/adnew.conf) ; then + cp /tmp/adnew.conf /tmp/ad.conf + else + cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/ad.conf + fi fi rm -f /tmp/adnew.conf diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw index 44b85d29e..07ee49c45 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw @@ -1,4 +1,5 @@ #!/bin/sh -e + generate_china_banned() { cat $1 | base64 -d >/tmp/gfwlist.txt rm -f $1 @@ -18,7 +19,7 @@ generate_china_banned() { }' | sort -u } -generate_china_banned /tmp/ssr-update.$1 >/tmp/gfw.txt +generate_china_banned /tmp/gfw.b64 >/tmp/gfw.txt rm -f /tmp/gfwlist.txt -sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/ssr-update.$1 +sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt rm -f /tmp/gfw.txt diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor index 80bf559f6..889f1d119 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor @@ -6,9 +6,6 @@ # This is free software, licensed under the GNU General Public License v3. # See /LICENSE for more information. # -LOCK_FILE="/var/lock/ssr-monitor.lock" -[ -f "$LOCK_FILE" ] && exit 2 -touch "$LOCK_FILE" NAME=shadowsocksr @@ -22,23 +19,6 @@ uci_get_by_type() { echo ${ret:=$3} } -get_host_ip() { - local host=$1 - local isip="" - local ip=$host - isip=$(echo $host | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}") - if [ -z "$isip" ]; then - if [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then - ip=$host - else - local ip=$(resolveip -4 -t 3 $host | awk 'NR==1{print}') - # local hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) - [ -z "$ip" ] && ip=$(wget -q -O- http://119.29.29.29/d?dn=$1 | awk -F ';' '{print $1}') - fi - fi - echo ${ip:="127.0.0.1"} -} - server_process_count=$1 redir_tcp_process=$2 redir_udp_process=$3 @@ -49,18 +29,25 @@ pdnsd_process=$7 if [ -z "$pdnsd_process" ]; then pdnsd_process=0 fi + i=0 + GLOBAL_SERVER=$(uci_get_by_type global global_server) -server=$(get_host_ip $(uci_get_by_name $GLOBAL_SERVER server)) -[ "$server" == "127.0.0.1" ] && hostip=$(uci_get_by_name $GLOBAL_SERVER ip) +server=$(uci_get_by_name $GLOBAL_SERVER server) lkcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) [ "$password" != "" ] && password="--key "${password} +if echo "$server" | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then + server=${server} +else + server=$(cat /etc/ssr_ip) +fi + while [ "1" == "1" ]; do #死循环 - sleep 30s + sleep 30 #redir tcp if [ "$redir_tcp_process" -gt 0 ]; then icount=$(busybox ps -w | grep ssr-retcp | grep -v grep | wc -l) @@ -95,7 +82,6 @@ while [ "1" == "1" ]; do #死循环 logger -t "$NAME" "ssr server error.restart!" kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1 /etc/init.d/shadowsocksr restart - exit 0 fi fi #kcptun @@ -114,7 +100,6 @@ while [ "1" == "1" ]; do #死循环 logger -t "$NAME" "global socks server error.restart!" kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1 /etc/init.d/shadowsocksr restart - exit 0 fi fi #pdnsd @@ -127,21 +112,21 @@ while [ "1" == "1" ]; do #死循环 else kill -9 $(ps | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1 fi - (/usr/sbin/pdnsd -c /var/etc/pdnsd.conf &) + (/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d &) fi fi #dns2socks if [ "$pdnsd_process" -eq 2 ]; then icount=$(busybox ps -w | grep -e ssr-dns -e dns2socks | grep -v grep | wc -l) if [ "$icount" -lt 2 ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!" + logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!" dnsstr=$(uci_get_by_type global tunnel_forward 8.8.4.4:53) dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}') dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}') killall -q -9 dns2socks kill -9 $(busybox ps -w | grep ssr-dns | grep -v grep | awk '{print $1}') >/dev/null 2>&1 microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 & - dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & + dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & fi fi done diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules index 087a74c14..0279d926a 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules @@ -33,7 +33,6 @@ Valid options are: -F netflix mode -N netflix server IP -M netflix proxy mode - -I a file content is bypassed netflix ip list -e extra options for iptables -o apply the rules to the OUTPUT chain -O apply the global rules to the OUTPUT chain @@ -83,8 +82,7 @@ flush_r() { ipset_r() { ipset -N gmlan hash:net 2>/dev/null for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done - case "$RUNMODE" in - router) + if [ "$RUNMODE" == "router" ]; then ipset -! -R <<-EOF || return 1 create ss_spec_wan_ac hash:net $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") @@ -94,29 +92,25 @@ ipset_r() { $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - ;; - gfw) + elif [ "$RUNMODE" == "gfw" ]; then ipset -N gfwlist hash:net 2>/dev/null $IPT -N SS_SPEC_WAN_AC $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - ;; - oversea) + elif [ "$RUNMODE" == "oversea" ]; then ipset -N oversea hash:net 2>/dev/null $IPT -N SS_SPEC_WAN_AC ipset -N gmlan hash:net 2>/dev/null for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - ;; - all) + elif [ "$RUNMODE" == "all" ]; then $IPT -N SS_SPEC_WAN_AC $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - ;; - esac + fi ipset -N fplan hash:net 2>/dev/null for ip in $LAN_FP_IP; do ipset -! add fplan $ip; done $IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW @@ -129,25 +123,23 @@ ipset_r() { $IPT -I SS_SPEC_WAN_AC -m set --match-set whitelist dst -j RETURN for ip in $WAN_BP_IP; do ipset -! add whitelist $ip; done for ip in $WAN_FW_IP; do ipset -! add blacklist $ip; done - if [ "$NETFLIX" != "0" ]; then - ipset -N netflix hash:net 2>/dev/null - for ip in $(cat ${NETFLIX_LIST:=/dev/null} 2>/dev/null); do ipset -! add netflix $ip; done - fi - case "$NETFLIX" in - 1) + + if [ "$NETFLIX" == "1" ]; then $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports 4321 if [ "$NETFLIX_PROXY" == "1" ]; then $IPT -I SS_SPEC_WAN_AC -p tcp -d $NETFLIX_IP -j REDIRECT --to-ports $local_port else ipset -! add whitelist $NETFLIX_IP fi - ;; - 2) $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port ;; - esac + elif [ "$NETFLIX" == "2" ]; then + $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port + fi + return $? } fw_rule() { + ipset -N netflix hash:net 2>/dev/null $IPT -N SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_FW -d 0.0.0.0/8 -j RETURN $IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN @@ -224,26 +216,23 @@ tp_rule() { $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set bplan src -j RETURN $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - case "$RUNMODE" in - router) + if [ "$RUNMODE" == "router" ]; then $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - ;; - gfw) + elif [ "$RUNMODE" == "gfw" ]; then $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - ;; - oversea) + elif [ "$RUNMODE" == "oversea" ]; then $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - ;; - all) $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 ;; - esac + elif [ "$RUNMODE" == "all" ]; then + $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + fi $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \ -m comment --comment "$TAG" -j SS_SPEC_TPROXY return $? @@ -320,7 +309,7 @@ gen_include() { return 0 } -while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:I:oOuUfgrczh" arg; do +while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do case "$arg" in s) server=$OPTARG @@ -370,9 +359,6 @@ while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:I:oOuUfgrczh" arg; do M) NETFLIX_PROXY=$OPTARG ;; - I) - NETFLIX_LIST=$OPTARG - ;; o) OUTPUT=1 ;; @@ -417,3 +403,4 @@ fi flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include [ "$?" == 0 ] || loger 3 "Start failed!" exit $? + diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch index 661506bf5..98d91dc96 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch @@ -1,4 +1,4 @@ -#!/bin/sh /etc/rc.common +#!/bin/sh /etc/rc.common # # Copyright (C) 2017 openwrt-ssr # Copyright (C) 2017 yushi studio @@ -6,9 +6,6 @@ # This is free software, licensed under the GNU General Public License v3. # See /LICENSE for more information. # -LOCK_FILE="/var/lock/ssr-switch.lock" -[ -f "$LOCK_FILE" ] && exit 2 -touch "$LOCK_FILE" cycle_time=60 switch_time=3 @@ -82,7 +79,7 @@ test_proxy() { search_proxy() { let server_count=server_count+1 [ "$normal_flag" == "1" -a "$server_count" -le "$server_locate" ] && return 0 - [ "$(uci_get_by_name $1 switch_enable 0)" != "1" ] && return 1 + [ "$(uci_get_by_name $1 switch_enable)" != "1" ] && return 1 [ $ENABLE_SERVER != nil ] && return 0 [ "$1" == "$CURRENT_SERVER" ] && return 0 local servername=$(uci_get_by_name $1 server) @@ -136,7 +133,7 @@ start() { #缺省服务器正常,切换回来 CURRENT_SERVER=$DEFAULT_SERVER switch_proxy $CURRENT_SERVER - echo "$(date "+%Y-%m-%d %H:%M:%S") switch to default "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" >>/tmp/ssrplus.log + echo "$(date "+%Y-%m-%d %H:%M:%S") switch to default ["$(uci_get_by_name $CURRENT_SERVER server)"] proxy!" >>/tmp/ssrplus.log else echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is NOT avilable.Continue using current server." >>/tmp/ssrplus.log fi @@ -157,7 +154,7 @@ start() { CURRENT_SERVER=$ENABLE_SERVER switch_proxy $CURRENT_SERVER normal_flag=1 - echo "$(date "+%Y-%m-%d %H:%M:%S") Switch to "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" >>/tmp/ssrplus.log + echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR server switch OK" >>/tmp/ssrplus.log else switch_proxy $CURRENT_SERVER normal_flag=1 @@ -165,7 +162,7 @@ start() { fi else normal_flag=0 - # echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log + echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log fi done } diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh index d011c63ca..044d524d9 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh @@ -1,9 +1,5 @@ -#!/bin/sh -LOCK_FILE="/var/lock/ssr-chinaipset.lock" -[ -f "$LOCK_FILE" ] && exit 2 -touch "$LOCK_FILE" echo "create china hash:net family inet hashsize 1024 maxelem 65536" > /tmp/china.ipset awk '!/^$/&&!/^#/{printf("add china %s'" "'\n",$0)}' /etc/china_ssr.txt >> /tmp/china.ipset ipset -! flush china ipset -! restore < /tmp/china.ipset 2>/dev/null -rm -f /tmp/china.ipset $LOCK_FILE +rm -f /tmp/china.ipset diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh index 5e5100342..a36f48f89 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh @@ -1,70 +1,72 @@ #!/bin/sh + cat <<-EOF >$1 base { -log_debug = off; -log_info = off; -log = stderr; -daemon = on; -redirector = iptables; -reuseport = on; + log_debug = off; + log_info = off; + log = stderr; + daemon = on; + redirector = iptables; + reuseport = on; } EOF + if [ "$2" == "socks5" ]; then -if [ "$3" == "tcp" ]; then -if [ "$7" == "0" ]; then -cat <<-EOF >>$1 + if [ "$3" == "tcp" ]; then + if [ "$7" == "0" ]; then + cat <<-EOF >>$1 redsocks { -bind = "0.0.0.0:$4"; -relay = "$5:$6"; -type = socks5; -autoproxy = 0; -timeout = 10; + bind = "0.0.0.0:$4"; + relay = "$5:$6"; + type = socks5; + autoproxy = 0; + timeout = 10; } EOF -else -cat <<-EOF >>$1 + else + cat <<-EOF >>$1 redsocks { -bind = "0.0.0.0:$4"; -relay = "$5:$6"; -type = socks5; -autoproxy = 0; -timeout = 10; -login = "$8"; -password = "$9"; + bind = "0.0.0.0:$4"; + relay = "$5:$6"; + type = socks5; + autoproxy = 0; + timeout = 10; + login = "$8"; + password = "$9"; } EOF -fi -else -if [ "$7" == "0" ]; then -cat <<-EOF >>$1 + fi + else + if [ "$7" == "0" ]; then + cat <<-EOF >>$1 redudp { -bind = "0.0.0.0:$4"; -relay = "$5:$6"; -type = socks5; -udp_timeout = 10; + bind = "0.0.0.0:$4"; + relay = "$5:$6"; + type = socks5; + udp_timeout = 10; } EOF -else -cat <<-EOF >>$1 + else + cat <<-EOF >>$1 redudp { -bind = "0.0.0.0:$4"; -relay = "$5:$6"; -type = socks5; -udp_timeout = 10; -login = "$8"; -password = "$9"; + bind = "0.0.0.0:$4"; + relay = "$5:$6"; + type = socks5; + udp_timeout = 10; + login = "$8"; + password = "$9"; } EOF -fi -fi + fi + fi else -cat <<-EOF >>$1 + cat <<-EOF >>$1 redsocks { -bind = "0.0.0.0:$4"; -type = direct; -interface = $3; -autoproxy = 0; -timeout = 10; + bind = "0.0.0.0:$4"; + type = direct; + interface = $3; + autoproxy = 0; + timeout = 10; } EOF fi diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua index 275811174..8cb979bef 100644 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua @@ -3,6 +3,7 @@ local json = require "luci.jsonc" local server_section = arg[1] local proto = arg[2] local local_port = arg[3] + local server = ucursor:get_all("shadowsocksr", server_section) local trojan = { diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua index 23d5bd906..2554ebd17 100644 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua @@ -4,6 +4,7 @@ local server_section = arg[1] local proto = arg[2] local local_port = arg[3] or "0" local socks_port = arg[4] or "0" + local server = ucursor:get_all("shadowsocksr", server_section) local v2ray = { diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh index 245bb8c88..c5decd28c 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh @@ -1,34 +1,5 @@ #!/bin/sh -NAME=shadowsocksr -uci_get_by_type() { - local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null) - echo ${ret:=$3} -} -cp -a /etc/dnsmasq.ssr /tmp/ -cp -a /etc/dnsmasq.oversea /tmp/ -GLOBAL_SERVER=$(uci_get_by_type global global_server) -NETFLIX_SERVER=$(uci_get_by_type global netflix_server nil) -[ "$NETFLIX_SERVER" == "same" ] && NETFLIX_SERVER=$GLOBAL_SERVER -if [ "$NETFLIX_SERVER" != "nil" ]; then - netflix() { - for line in $(cat /etc/ssr/netflix.list); do sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf; done - awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/ssr/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf - awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#$1"'\n",$0)}' /etc/ssr/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf - } - if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - netflix 5555 - else - netflix 5335 - fi -else - rm -f /tmp/dnsmasq.ssr/netflix_forward.conf -fi -if [ "$1" == "" ]; then - awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/ssr/black.list >/tmp/dnsmasq.ssr/blacklist_forward.conf - awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/ssr/black.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf - awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/ssr/white.list >/tmp/dnsmasq.ssr/whitelist_forward.conf - if [ "$(uci_get_by_type global adblock 0)" == "0" ]; then - rm -f /tmp/dnsmasq.ssr/ad.conf - fi -fi -/etc/init.d/dnsmasq restart >/dev/null 2>&1 +mkdir -p /tmp/dnsmasq.ssr +awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/config/black.list > /tmp/dnsmasq.ssr/blacklist_forward.conf +awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/config/black.list >> /tmp/dnsmasq.ssr/blacklist_forward.conf +awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/config/white.list > /tmp/dnsmasq.ssr/whitelist_forward.conf diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh index 818726a98..5db73ff88 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh @@ -1,6 +1,6 @@ #!/bin/sh + /usr/bin/lua /usr/share/shadowsocksr/update.lua -sleep 2s -/usr/share/shadowsocksr/chinaipset.sh -sleep 2s /usr/bin/lua /usr/share/shadowsocksr/subscribe.lua +sleep 10 +/etc/init.d/shadowsocksr restart \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua index ff0a201bd..7b05ce5cf 100644 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua @@ -3,33 +3,34 @@ -- This file is part of the luci-app-ssr-plus subscribe.lua -- @author William Chan ------------------------------------------------ -require "luci.model.uci" -require "nixio" -require "luci.util" -require "luci.sys" -require "luci.jsonc" +require 'nixio' +require 'luci.util' +require 'luci.jsonc' +require 'luci.sys' +require 'uci' -- these global functions are accessed all the time by the event handler -- so caching them is worth the effort +local luci = luci local tinsert = table.insert local ssub, slen, schar, sbyte, sformat, sgsub = string.sub, string.len, string.char, string.byte, string.format, string.gsub local jsonParse, jsonStringify = luci.jsonc.parse, luci.jsonc.stringify local b64decode = nixio.bin.b64decode local cache = {} -local nodeResult = setmetatable({}, { __index = cache }) -- update result +local nodeResult = setmetatable({}, { __index = cache }) -- update result local name = 'shadowsocksr' local uciType = 'servers' local ucic = luci.model.uci.cursor() local proxy = ucic:get_first(name, 'server_subscribe', 'proxy', '0') local switch = ucic:get_first(name, 'server_subscribe', 'switch', '1') local subscribe_url = ucic:get_first(name, 'server_subscribe', 'subscribe_url', {}) -local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', '过期时间/剩余流量') +local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', 'QQ群') local log = function(...) print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " ")) end -- 分割字符串 local function split(full, sep) - full = full:gsub("%z", "") -- 这里不是很清楚 有时候结尾带个\0 + full = full:gsub("%z", "") -- 这里不是很清楚 有时候结尾带个\0 local off, result = 1, {} while true do local nStart, nEnd = full:find(sep, off) @@ -73,7 +74,7 @@ local function trim(text) end -- md5 local function md5(content) - local stdout = luci.sys.exec('echo \"' .. urlEncode(content) .. '\" | md5sum | cut -d \" \" -f1') + local stdout = luci.sys.exec('echo \"' .. urlEncode(content) .. '\" | md5sum | cut -d \" \" -f1') -- assert(nixio.errno() == 0) return trim(stdout) end @@ -118,7 +119,7 @@ local function processData(szType, content) result.protocol_param = base64Decode(params.protoparam) local group = base64Decode(params.group) if group then - result.alias = "[" .. group .. "] " + result.alias = "[" .. group .. "] " end result.alias = result.alias .. base64Decode(params.remarks) elseif szType == 'vmess' then @@ -279,15 +280,15 @@ local function wget(url) end local function check_filer(result) - do - local filter_word = split(filter_words, "/") - for i, v in pairs(filter_word) do - if result.alias:find(v) then - log('订阅节点关键字过滤:“' .. v ..'” ,该节点被丢弃') - return true - end - end - end + do + local filter_word = split(filter_words, "/") + for i, v in pairs(filter_word) do + if result.alias:find(v) then + log('订阅节点关键字过滤:“' .. v ..'” ,该节点被丢弃') + return true + end + end + end end local execute = function() @@ -312,10 +313,10 @@ local execute = function() nodes = base64Decode(raw:sub(nEnd + 1, #raw)) nodes = jsonParse(nodes) local extra = { - airport = nodes.airport, - port = nodes.port, - encryption = nodes.encryption, - password = nodes.password + airport = nodes.airport, + port = nodes.port, + encryption = nodes.encryption, + password = nodes.password } local servers = {} -- SS里面包着 干脆直接这样 @@ -348,11 +349,10 @@ local execute = function() -- log(result) if result then if - not result.server or - not result.server_port or - check_filer(result) or - result.server:match("[^0-9a-zA-Z%-%.%s]") -- 中文做地址的 也没有人拿中文域名搞,就算中文域也有Puny Code SB 机场 - then + not result.server or + check_filer(result) or + result.server:match("[^0-9a-zA-Z%-%.%s]") -- 中文做地址的 也没有人拿中文域名搞,就算中文域也有Puny Code SB 机场 + then log('丢弃无效节点: ' .. result.type ..' 节点, ' .. result.alias) else log('成功解析: ' .. result.type ..' 节点, ' .. result.alias) @@ -385,7 +385,7 @@ local execute = function() local dat = nodeResult[old.grouphashkey][old.hashkey] ucic:tset(name, old['.name'], dat) -- 标记一下 - setmetatable(nodeResult[old.grouphashkey][old.hashkey], { __index = { _ignore = true } }) + setmetatable(nodeResult[old.grouphashkey][old.hashkey], { __index = { _ignore = true } }) end else if not old.alias then @@ -393,6 +393,7 @@ local execute = function() end log('忽略手动添加的节点: ' .. old.alias) end + end) for k, v in ipairs(nodeResult) do for kk, vv in ipairs(v) do diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua index bcf256890..17341bd84 100644 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua +++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua @@ -3,8 +3,10 @@ -- This file is part of the luci-app-ssr-plus update.lua -- By Mattraks ------------------------------------------------ -require "luci.sys" -require "luci.model.uci" +require 'nixio' +require 'luci.util' +require 'luci.jsonc' +require 'luci.sys' local icount = 0 local uci = luci.model.uci.cursor() @@ -12,41 +14,112 @@ local log = function(...) print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " ")) end -local function update(url, file, type, file2) - local Num = 1 - refresh_cmd = "wget-ssl --no-check-certificate -t 3 -T 10 -O- " .. url .. " > /tmp/ssr-update." .. type - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - if sret == 0 then - if type == "gfw_data" then - luci.sys.call("/usr/bin/ssr-gfw " .. type) - Num = 2 - end - if type == "ad_data" then - luci.sys.call("/usr/bin/ssr-ad " .. type) - end - local new_md5 = luci.sys.exec("echo -n $([ -f '/tmp/ssr-update." .. type .. "' ] && md5sum /tmp/ssr-update." .. type .. " | awk '{print $1}')") - local old_md5 = luci.sys.exec("echo -n $([ -f '" .. file .. "' ] && md5sum " .. file .. " | awk '{print $1}')") - if new_md5 == old_md5 then - log("你已经是最新数据,无需更新!") +log('正在更新【GFW列表】数据库') +refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. " > /tmp/gfw.b64" +sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") +if sret == 0 then + luci.sys.call("/usr/bin/ssr-gfw") + icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l") + if tonumber(icount) > 1000 then + if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then + oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l") else - icount = luci.sys.exec("cat /tmp/ssr-update." .. type .. " | wc -l") - luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file) - if file2 then luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file2) end - log("更新成功! 新的总纪录数:" .. tostring(tonumber(icount)/Num)) + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf") + luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf") + log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount)/2)) + else + log('你已经是最新数据,无需更新!') end else - log("更新失败!") + log('更新失败!') end - luci.sys.exec("rm -f /tmp/ssr-update." .. type) + luci.sys.exec("rm -f /tmp/gfwnew.txt") +else + log('更新失败!') end -log("正在更新【GFW列表】数据库") -update(uci:get_first("shadowsocksr", "global", "gfwlist_url", "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt"), "/etc/dnsmasq.ssr/gfw_list.conf", "gfw_data", "/tmp/dnsmasq.ssr/gfw_list.conf") -log("正在更新【国内IP段】数据库") -update(uci:get_first("shadowsocksr", "global", "chnroute_url","https://ispip.clang.cn/all_cn.txt"), "/etc/ssr/china_ssr.txt", "cnip") -if uci:get_first("shadowsocksr", "global", "adblock","0") == "1" then - log("正在更新【广告屏蔽】数据库") - update(uci:get_first("shadowsocksr", "global", "adblock_url","https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt"), "/etc/dnsmasq.ssr/ad.conf", "ad_data", "/tmp/dnsmasq.ssr/ad.conf") +log('正在更新【国内IP段】数据库') +refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url','https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt" +sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") +icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") +if sret == 0 then + icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") + if tonumber(icount) > 1000 then + if nixio.fs.access("/etc/china_ssr.txt") then + oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt") + log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) + else + log('你已经是最新数据,无需更新!') + end + else + log('更新失败!') + end + luci.sys.exec("rm -f /tmp/china_ssr.txt") +else + log('更新失败!') end --- log("正在更新【Netflix IP段】数据库") --- update(uci:get_first("shadowsocksr", "global", "nfip_url","https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"), "/etc/ssr/netflixip.list", "nfip_data") + +if uci:get_first('shadowsocksr', 'global', 'adblock','0') == "1" then + log('正在更新【广告屏蔽】数据库') + refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .. " > /tmp/adnew.conf" + sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") + if sret == 0 then + luci.sys.call("/usr/bin/ssr-ad") + icount = luci.sys.exec("cat /tmp/ad.conf | wc -l") + if tonumber(icount) > 100 then + if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then + oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf") + luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf") + log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) + else + log('你已经是最新数据,无需更新!') + end + else + log('更新失败!') + end + luci.sys.exec("rm -f /tmp/ad.conf") + else + log('更新失败!') + end +end + +--[[ +log('正在更新【Netflix IP段】数据库') +refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .. " > /tmp/netflixip.list" +sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") +if sret == 0 then + luci.sys.call("/usr/bin/ssr-gfw") + icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l") + if tonumber(icount) > 5 then + if nixio.fs.access("/etc/config/netflixip.list") then + oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l") + else + oldcount = "0" + end + if tonumber(icount) ~= tonumber(oldcount) then + luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list") + log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) + else + log('你已经是最新数据,无需更新!') + end + else + log('更新失败!') + end + luci.sys.exec("rm -f /tmp/netflixip.list") +else + log('更新失败!') +end +--]]