298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-16 04:13:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

upgrade luci app SSR Plus+ to switch version

Browse Source
This commit is contained in:
coolsnowwolf 2018-10-08 09:00:07 +08:00
parent 45b2c4b282
commit 3140e4b431
55 changed files with 29836 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
package/lean/luci-app-ssr-plus/Makefile Normal file
View File

@ -0,0 +1,18 @@
# Copyright (C) 2016 Openwrt.org
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI support for SSR Plus
LUCI_DEPENDS:=+shadowsocksr-libev +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +bash +pdnsd-alt +wget
LUCI_PKGARCH:=all
PKG_VERSION:=1
PKG_RELEASE:=12
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

178
package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua Normal file
View File

@ -0,0 +1,178 @@
-- Copyright (C) 2017 yushi studio <ywb94@qq.com>
-- Licensed to the public under the GNU General Public License v3.
module("luci.controller.shadowsocksr", package.seeall)
function index()
if not nixio.fs.access("/etc/config/shadowsocksr") then
return
end
entry({"admin", "services", "shadowsocksr"},alias("admin", "services", "shadowsocksr", "client"),_("ShadowSocksR Plus+"), 10).dependent = true
entry({"admin", "services", "shadowsocksr", "client"},cbi("shadowsocksr/client"),_("SSR Client"), 10).leaf = true
entry({"admin", "services", "shadowsocksr", "servers"}, arcombine(cbi("shadowsocksr/servers"), cbi("shadowsocksr/client-config")),_("Servers Manage"), 20).leaf = true
entry({"admin", "services", "shadowsocksr", "control"},cbi("shadowsocksr/control"),_("Access Control"), 30).leaf = true
entry({"admin", "services", "shadowsocksr", "list"},form("shadowsocksr/list"),_("GFW List"), 40).leaf = true
entry({"admin", "services", "shadowsocksr", "advanced"},cbi("shadowsocksr/advanced"),_("Advanced Settings"), 50).leaf = true
entry({"admin", "services", "shadowsocksr", "status"},form("shadowsocksr/status"),_("Status"), 60).leaf = true
entry({"admin", "services", "shadowsocksr", "check"}, call("check_status"))
entry({"admin", "services", "shadowsocksr", "refresh"}, call("refresh_data"))
entry({"admin", "services", "shadowsocksr", "checkport"}, call("check_port"))
entry({"admin", "services", "shadowsocksr", "log"},form("shadowsocksr/log"),_("Log"), 70).leaf = true
entry({"admin", "services", "shadowsocksr","run"},call("act_status")).leaf=true
end
function act_status()
local e={}
e.running=luci.sys.call("pgrep ssr-redir >/dev/null")==0
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function check_status()
local set ="/usr/bin/ssr-check www." .. luci.http.formvalue("set") .. ".com 80 3 1"
sret=luci.sys.call(set)
if sret== 0 then
retstring ="0"
else
retstring ="1"
end
luci.http.prepare_content("application/json")
luci.http.write_json({ ret=retstring })
end
function refresh_data()
local set =luci.http.formvalue("set")
local icount =0
if set == "gfw_data" then
if nixio.fs.access("/usr/bin/wget-ssl") then
refresh_cmd="wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfw.b64"
else
refresh_cmd="wget -O /tmp/gfw.b64 http://iytc.net/tools/list.b64"
end
sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
if sret== 0 then
luci.sys.call("/usr/bin/ssr-gfw")
icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l")
if tonumber(icount)>1000 then
oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
if tonumber(icount) ~= tonumber(oldcount) then
luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf")
retstring=tostring(math.ceil(tonumber(icount)/2))
else
retstring ="0"
end
else
retstring ="-1"
end
luci.sys.exec("rm -f /tmp/gfwnew.txt ")
else
retstring ="-1"
end
elseif set == "ip_data" then
refresh_cmd="wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' 2>/dev/null| awk -F\\| '/CN\\|ipv4/ { printf(\"%s/%d\\n\", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt"
sret=luci.sys.call(refresh_cmd)
icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
if sret== 0 and tonumber(icount)>1000 then
oldcount=luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
if tonumber(icount) ~= tonumber(oldcount) then
luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt")
retstring=tostring(tonumber(icount))
else
retstring ="0"
end
else
retstring ="-1"
end
luci.sys.exec("rm -f /tmp/china_ssr.txt ")
else
local need_process = 0
if nixio.fs.access("/usr/bin/wget-ssl") then
refresh_cmd="wget-ssl --no-check-certificate -O - https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt > /tmp/adnew.conf"
need_process = 1
else
refresh_cmd="wget -O /tmp/ad.conf http://iytc.net/tools/ad.conf"
end
sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
if sret== 0 then
if need_process == 1 then
luci.sys.call("/usr/bin/ssr-ad")
end
icount = luci.sys.exec("cat /tmp/ad.conf | wc -l")
if tonumber(icount)>1000 then
if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
else
oldcount=0
end
if tonumber(icount) ~= tonumber(oldcount) then
luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf")
retstring=tostring(math.ceil(tonumber(icount)))
if oldcount==0 then
luci.sys.call("/etc/init.d/dnsmasq restart")
end
else
retstring ="0"
end
else
retstring ="-1"
end
luci.sys.exec("rm -f /tmp/ad.conf ")
else
retstring ="-1"
end
end
luci.http.prepare_content("application/json")
luci.http.write_json({ ret=retstring ,retcount=icount})
end
function check_port()
local set=""
local retstring="<br /><br />"
local s
local server_name = ""
local shadowsocksr = "shadowsocksr"
local uci = luci.model.uci.cursor()
local iret=1
uci:foreach(shadowsocksr, "servers", function(s)
if s.alias then
server_name=s.alias
elseif s.server and s.server_port then
server_name= "%s:%s" %{s.server, s.server_port}
end
iret=luci.sys.call(" ipset add ss_spec_wan_ac " .. s.server .. " 2>/dev/null")
socket = nixio.socket("inet", "stream")
socket:setopt("socket", "rcvtimeo", 3)
socket:setopt("socket", "sndtimeo", 3)
ret=socket:connect(s.server,s.server_port)
if tostring(ret) == "true" then
socket:close()
retstring =retstring .. "<font color='green'>[" .. server_name .. "] OK.</font><br />"
else
retstring =retstring .. "<font color='red'>[" .. server_name .. "] Error.</font><br />"
end
if iret== 0 then
luci.sys.call(" ipset del ss_spec_wan_ac " .. s.server)
end
end)
luci.http.prepare_content("application/json")
luci.http.write_json({ ret=retstring })
end

49
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua Normal file
View File

@ -0,0 +1,49 @@
local shadowsocksr = "shadowsocksr"
local uci = luci.model.uci.cursor()
local server_table = {}
uci:foreach(shadowsocksr, "servers", function(s)
if s.alias then
server_table[s[".name"]] = s.alias
elseif s.server and s.server_port then
server_table[s[".name"]] = "%s:%s" %{s.server, s.server_port}
end
end)
m = Map(shadowsocksr)
s = m:section(TypedSection, "global", translate("Server failsafe auto swith settings"))
s.anonymous = true
o = s:option(Flag, "enable_switch", translate("Enable Auto Switch"))
o.rmempty = false
o = s:option(Value, "switch_time", translate("Switch check cycly(second)"))
o.datatype = "uinteger"
o:depends("enable_switch", "1")
o.default = 3600
o = s:option(Value, "switch_timeout", translate("Check timout(second)"))
o.datatype = "uinteger"
o:depends("enable_switch", "1")
o.default = 5
-- o = s:option(Flag, "monitor_enable", translate("Enable Process Deamon"))
-- o.rmempty = false
-- [[ SOCKS5 Proxy ]]--
s = m:section(TypedSection, "socks5_proxy", translate("SOCKS5 Proxy"))
s.anonymous = true
o = s:option(ListValue, "server", translate("Server"))
o:value("nil", translate("Disable"))
for k, v in pairs(server_table) do o:value(k, v) end
o.default = "nil"
o.rmempty = false
o = s:option(Value, "local_port", translate("Local Port"))
o.datatype = "port"
o.default = 1080
o.rmempty = false
return m

168
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua Normal file
View File

@ -0,0 +1,168 @@
-- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
-- Licensed to the public under the GNU General Public License v3.
local m, s, o,kcp_enable
local shadowsocksr = "shadowsocksr"
local uci = luci.model.uci.cursor()
local ipkg = require("luci.model.ipkg")
local fs = require "nixio.fs"
local sys = require "luci.sys"
local sid = arg[1]
local function isKcptun(file)
if not fs.access(file, "rwx", "rx", "rx") then
fs.chmod(file, 755)
end
local str = sys.exec(file .. " -v | awk '{printf $1}'")
return (str:lower() == "kcptun")
end
local server_table = {}
local encrypt_methods = {
"none",
"table",
"rc4",
"rc4-md5-6",
"rc4-md5",
"aes-128-cfb",
"aes-192-cfb",
"aes-256-cfb",
"aes-128-ctr",
"aes-192-ctr",
"aes-256-ctr",
"bf-cfb",
"camellia-128-cfb",
"camellia-192-cfb",
"camellia-256-cfb",
"cast5-cfb",
"des-cfb",
"idea-cfb",
"rc2-cfb",
"seed-cfb",
"salsa20",
"chacha20",
"chacha20-ietf",
}
local protocol = {
"origin",
"verify_deflate",
"auth_sha1_v4",
"auth_aes128_sha1",
"auth_aes128_md5",
"auth_chain_a",
"auth_chain_b",
"auth_chain_c",
"auth_chain_d",
"auth_chain_e",
"auth_chain_f",
}
obfs = {
"plain",
"http_simple",
"http_post",
"random_head",
"tls1.2_ticket_auth",
}
m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers")
if m.uci:get(shadowsocksr, sid) ~= "servers" then
luci.http.redirect(m.redirect)
return
end
-- [[ Servers Setting ]]--
s = m:section(NamedSection, sid, "servers")
s.anonymous = true
s.addremove = false
o = s:option(DummyValue,"ssr_url","SSR URL")
o.rawhtml = true
o.template = "shadowsocksr/ssrurl"
o.value =sid
o = s:option(Value, "alias", translate("Alias(optional)"))
-- o = s:option(Flag, "auth_enable", translate("Onetime Authentication"))
-- o.rmempty = false
o = s:option(Value, "server", translate("Server Address"))
o.datatype = "host"
o.rmempty = false
o = s:option(Value, "server_port", translate("Server Port"))
o.datatype = "port"
o.rmempty = false
-- o = s:option(Value, "timeout", translate("Connection Timeout"))
-- o.datatype = "uinteger"
-- o.default = 60
-- o.rmempty = false
o = s:option(Value, "password", translate("Password"))
o.password = true
o.rmempty = false
o = s:option(ListValue, "encrypt_method", translate("Encrypt Method"))
for _, v in ipairs(encrypt_methods) do o:value(v) end
o.rmempty = false
o = s:option(ListValue, "protocol", translate("Protocol"))
for _, v in ipairs(protocol) do o:value(v) end
o.rmempty = false
o = s:option(Value, "protocol_param", translate("Protocol param(optional)"))
o = s:option(ListValue, "obfs", translate("Obfs"))
for _, v in ipairs(obfs) do o:value(v) end
o.rmempty = false
o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
-- o = s:option(Flag, "fast_open", translate("TCP Fast Open"))
-- o.rmempty = false
o = s:option(Flag, "switch_enable", translate("Enable Auto Switch"))
o.rmempty = false
o.default = "1"
o = s:option(Value, "local_port", translate("Local Port"))
o.datatype = "port"
o.default = 1234
o.rmempty = false
if nixio.fs.access("/usr/bin/ssr-kcptun") then
kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/ssr-kcptun"))
kcp_enable.rmempty = false
o = s:option(Value, "kcp_port", translate("KcpTun Port"))
o.datatype = "port"
o.default = 4000
function o.validate(self, value, section)
local kcp_file="/usr/bin/ssr-kcptun"
local enable = kcp_enable:formvalue(section) or kcp_enable.disabled
if enable == kcp_enable.enabled then
if not fs.access(kcp_file) then
return nil, translate("Haven't a Kcptun executable file")
elseif not isKcptun(kcp_file) then
return nil, translate("Not a Kcptun executable file")
end
end
return value
end
o = s:option(Value, "kcp_password", translate("KcpTun Password"))
o.password = true
o = s:option(Value, "kcp_param", translate("KcpTun Param"))
o.default = "--nocomp"
end
return m

71
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua Normal file
View File

@ -0,0 +1,71 @@
-- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
-- Copyright (C) 2018 lean <coolsnowwolf@gmail.com> github.com/coolsnowwolf
-- Licensed to the public under the GNU General Public License v3.
local m, s, sec, o, kcp_enable
local shadowsocksr = "shadowsocksr"
local uci = luci.model.uci.cursor()
local sys = require "luci.sys"
m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings"))
m:section(SimpleSection).template = "shadowsocksr/status"
local server_table = {}
uci:foreach(shadowsocksr, "servers", function(s)
if s.alias then
server_table[s[".name"]] = s.alias
elseif s.server and s.server_port then
server_table[s[".name"]] = "%s:%s" %{s.server, s.server_port}
end
end)
-- [[ Global Setting ]]--
s = m:section(TypedSection, "global")
s.anonymous = true
o = s:option(ListValue, "global_server", translate("Main Server"))
o:value("nil", translate("Disable"))
for k, v in pairs(server_table) do o:value(k, v) end
o.default = "nil"
o.rmempty = false
o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server"))
o:value("", translate("Disable"))
o:value("same", translate("Same as Global Server"))
for k, v in pairs(server_table) do o:value(k, v) end
o = s:option(ListValue, "run_mode", translate("Running Mode"))
o:value("gfw", translate("GFW List Mode"))
o:value("router", translate("IP Route Mode"))
o.default = gfw
o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
o:depends("run_mode", "gfw")
o:value("1", translate("Use Pdnsd tcp query and cache"))
o:value("0", translate("Use SSR DNS Tunnel"))
o.default = 1
o = s:option(Flag, "tunnel_enable", translate("Enable Tunnel(DNS)"))
o:depends("run_mode", "router")
o.default = 1
o = s:option(Value, "tunnel_port", translate("Tunnel Port"))
o:depends("run_mode", "router")
o.datatype = "port"
o.default = 5300
o = s:option(ListValue, "tunnel_forward", translate("Anti-pollution DNS Server"))
o:value("8.8.4.4:53", translate("Google Public DNS (8.8.4.4)"))
o:value("8.8.8.8:53", translate("Google Public DNS (8.8.8.8)"))
o:value("208.67.222.222:53", translate("OpenDNS (208.67.222.222)"))
o:value("208.67.220.220:53", translate("OpenDNS (208.67.220.220)"))
o:value("209.244.0.3:53", translate("Level 3 Public DNS (209.244.0.3)"))
o:value("209.244.0.4:53", translate("Level 3 Public DNS (209.244.0.4)"))
o:value("4.2.2.1:53", translate("Level 3 Public DNS (4.2.2.1)"))
o:value("4.2.2.2:53", translate("Level 3 Public DNS (4.2.2.2)"))
o:value("4.2.2.3:53", translate("Level 3 Public DNS (4.2.2.3)"))
o:value("4.2.2.4:53", translate("Level 3 Public DNS (4.2.2.4)"))
return m

44
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua Normal file
View File

@ -0,0 +1,44 @@
local m, s, o
m = Map("shadowsocksr", translate("IP black-and-white list"))
s = m:section(TypedSection, "access_control")
s.anonymous = true
-- Part of WAN
s:tab("wan_ac", translate("WAN IP AC"))
o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("WAN White List IP"))
o.datatype = "ip4addr"
o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("WAN Force Proxy IP"))
o.datatype = "ip4addr"
-- Part of LAN
s:tab("lan_ac", translate("LAN IP AC"))
o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Bypassed Host List"))
o.datatype = "ipaddr"
luci.ip.neighbors({ family = 4 }, function(entry)
if entry.reachable then
o:value(entry.dest:string())
end
end)
o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List"))
o.datatype = "ipaddr"
luci.ip.neighbors({ family = 4 }, function(entry)
if entry.reachable then
o:value(entry.dest:string())
end
end)
-- Part of Self
-- s:tab("self_ac", translate("Router Self AC"))
-- o = s:taboption("self_ac",ListValue, "router_proxy", translate("Router Self Proxy"))
-- o:value("1", translatef("Normal Proxy"))
-- o:value("0", translatef("Bypassed Proxy"))
-- o:value("2", translatef("Forwarded Proxy"))
-- o.rmempty = false
return m

23
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/list.lua Normal file
View File

@ -0,0 +1,23 @@
local fs = require "nixio.fs"
local conffile = "/etc/config/gfw.list"
f = SimpleForm("custom", translate("GFW Custom List"), translate("Please refer to the following writing"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 13
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/usr/share/shadowsocksr/gfw2ipset.sh && /etc/init.d/dnsmasq restart && ipset flush gfwlist")
end
end
return true
end
return f

15
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua Normal file
View File

@ -0,0 +1,15 @@
local fs = require "nixio.fs"
local conffile = "/tmp/ssrpro.log"
f = SimpleForm("logview")
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
luci.sys.exec("[ -f /tmp/ssrplus.log ] && sed '1!G;h;$!d' /tmp/ssrplus.log > /tmp/ssrpro.log")
return fs.readfile(conffile) or ""
end
t.readonly="readonly"
return f

81
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua Normal file
View File

@ -0,0 +1,81 @@
-- Licensed to the public under the GNU General Public License v3.
local m, s, o
local shadowsocksr = "shadowsocksr"
m = Map(shadowsocksr, translate("Servers subscription and manage"))
-- Server Subscribe
s = m:section(TypedSection, "server_subscribe")
s.anonymous = true
o = s:option(Flag, "auto_update", translate("Auto Update"))
o.rmempty = false
o.description = translate("Auto Update Server subscription, GFW list and CHN route")
o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
for t = 0,23 do
o:value(t, t..":00")
end
o.default=2
o.rmempty = false
o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL"))
o.rmempty = true
o = s:option(Flag, "proxy", translate("Through proxy update"))
o.rmempty = false
o.description = translate("Through proxy update list, Not Recommended ")
o = s:option(Button,"update",translate("Update"))
o.inputstyle = "reload"
o.write = function()
luci.sys.call("nohup bash /usr/share/shadowsocksr/subscribe.sh > /tmp/subupdate.log 2>&1 &")
luci.sys.call("sleep 5")
luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
end
-- [[ Servers Manage ]]--
s = m:section(TypedSection, "servers")
s.anonymous = true
s.addremove = true
s.sortable = false
s.template = "cbi/tblsection"
s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s")
function s.create(...)
local sid = TypedSection.create(...)
if sid then
luci.http.redirect(s.extedit % sid)
return
end
end
o = s:option(DummyValue, "alias", translate("Alias"))
function o.cfgvalue(...)
return Value.cfgvalue(...) or translate("None")
end
o = s:option(DummyValue, "server", translate("Server Address"))
function o.cfgvalue(...)
return Value.cfgvalue(...) or "?"
end
o = s:option(DummyValue, "server_port", translate("Server Port"))
function o.cfgvalue(...)
return Value.cfgvalue(...) or "?"
end
o = s:option(DummyValue, "kcp_enable", translate("KcpTun"))
function o.cfgvalue(...)
return Value.cfgvalue(...) or "?"
end
o = s:option(DummyValue, "switch_enable", translate("Auto Switch"))
function o.cfgvalue(...)
return Value.cfgvalue(...) or "0"
end
return m

166
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua Normal file
View File

@ -0,0 +1,166 @@
-- Copyright (C) 2017 yushi studio <ywb94@qq.com>
-- Licensed to the public under the GNU General Public License v3.
local IPK_Version="3.0.9"
local m, s, o
local redir_run=0
local reudp_run=0
local sock5_run=0
local server_run=0
local kcptun_run=0
local tunnel_run=0
local udp2raw_run=0
local udpspeeder_run=0
local gfw_count=0
local ad_count=0
local ip_count=0
local gfwmode=0
if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
gfwmode=1
end
local shadowsocksr = "shadowsocksr"
-- html constants
font_blue = [[<font color="green">]]
font_off = [[</font>]]
bold_on = [[<strong>]]
bold_off = [[</strong>]]
local fs = require "nixio.fs"
local sys = require "luci.sys"
local kcptun_version=translate("Unknown")
local kcp_file="/usr/bin/ssr-kcptun"
if not fs.access(kcp_file) then
kcptun_version=translate("Not exist")
else
if not fs.access(kcp_file, "rwx", "rx", "rx") then
fs.chmod(kcp_file, 755)
end
kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
if not kcptun_version or kcptun_version == "" then
kcptun_version = translate("Unknown")
end
end
if gfwmode==1 then
gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
ad_count=tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
end
end
if nixio.fs.access("/etc/china_ssr.txt") then
ip_count = sys.exec("cat /etc/china_ssr.txt | wc -l")
end
local icount=sys.exec("ps -w | grep ssr-reudp |grep -v grep| wc -l")
if tonumber(icount)>0 then
reudp_run=1
else
icount=sys.exec("ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
if tonumber(icount)>0 then
reudp_run=1
end
end
if luci.sys.call("pidof ssr-redir >/dev/null") == 0 then
redir_run=1
end
if luci.sys.call("pidof ssr-kcptun >/dev/null") == 0 then
kcptun_run=1
end
if luci.sys.call("pidof ssr-server >/dev/null") == 0 then
server_run=1
end
if luci.sys.call("ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
tunnel_run=1
end
if luci.sys.call("pidof pdnsd >/dev/null") == 0 then
pdnsd_run=1
end
m = SimpleForm("Version")
m.reset = false
m.submit = false
s=m:field(DummyValue,"redir_run",translate("Global Client"))
s.rawhtml = true
if redir_run == 1 then
s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
else
s.value = translate("Not Running")
end
s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay"))
s.rawhtml = true
if reudp_run == 1 then
s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
else
s.value = translate("Not Running")
end
s=m:field(DummyValue,"pdnsd_run",translate("PDNSD"))
s.rawhtml = true
if pdnsd_run == 1 then
s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
else
s.value = translate("Not Running")
end
s=m:field(DummyValue,"tunnel_run",translate("DNS Tunnel"))
s.rawhtml = true
if tunnel_run == 1 then
s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
else
s.value = translate("Not Running")
end
if nixio.fs.access("/usr/bin/ssr-kcptun") then
s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
s.rawhtml = true
s.value =kcptun_version
s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
s.rawhtml = true
if kcptun_run == 1 then
s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
else
s.value = translate("Not Running")
end
end
s=m:field(DummyValue,"google",translate("Google Connectivity"))
s.value = translate("No Check")
s.template = "shadowsocksr/check"
s=m:field(DummyValue,"baidu",translate("Baidu Connectivity"))
s.value = translate("No Check")
s.template = "shadowsocksr/check"
if gfwmode==1 then
s=m:field(DummyValue,"gfw_data",translate("GFW List Data"))
s.rawhtml = true
s.template = "shadowsocksr/refresh"
s.value =tostring(math.ceil(gfw_count)) .. " " .. translate("Records")
end
s=m:field(DummyValue,"ip_data",translate("China IP Data"))
s.rawhtml = true
s.template = "shadowsocksr/refresh"
s.value =ip_count .. " " .. translate("Records")
s=m:field(DummyValue,"check_port",translate("Check Server Port"))
s.template = "shadowsocksr/checkport"
s.value =translate("No Check")
return m

38
package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm Normal file
View File

@ -0,0 +1,38 @@
<%+cbi/valueheader%>
<script type="text/javascript">//<![CDATA[
function check_connect(btn,urlname)
{
btn.disabled = true;
btn.value = '<%:Check...%>';
murl=urlname;
XHR.get('<%=luci.dispatcher.build_url("admin", "services", "shadowsocksr","check")%>',
{ set:murl },
function(x,rv)
{
var s = document.getElementById(urlname+'-status');
if (s)
{
if (rv.ret=="0")
s.innerHTML ="<font color='green'>"+"<%:Connect OK%>"+"</font>";
else
s.innerHTML ="<font color='red'>"+"<%:Connect Error%>"+"</font>";
}
btn.disabled = false;
btn.value = '<%:Check Connect%>';
}
);
return false;
}
//]]></script>
<input type="button" class="cbi-button cbi-button-apply" value="<%:Check Connect%>" onclick="return check_connect(this,'<%=self.option%>')" />
<span id="<%=self.option%>-status"><em><%=self.value%></em></span>
<%+cbi/valuefooter%>

36
package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm Normal file
View File

@ -0,0 +1,36 @@
<%+cbi/valueheader%>
<script type="text/javascript">//<![CDATA[
function check_port(btn)
{
btn.disabled = true;
btn.value = '<%:Check...%>';
XHR.get('<%=luci.dispatcher.build_url("admin", "services", "shadowsocksr","checkport")%>',
null,
function(x,rv)
{
var s = document.getElementById('<%=self.option%>-status');
if (s)
{
s.innerHTML =rv.ret;
}
btn.disabled = false;
btn.value = '<%:Check Server%>';
}
);
return false;
}
//]]></script>
<input type="button" class="cbi-button cbi-button-apply" value="<%:Check Server%>" onclick="return check_port(this)" />
<span id="<%=self.option%>-status"><em><%=self.value%></em></span>
<%+cbi/valuefooter%>

44
package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm Normal file
View File

@ -0,0 +1,44 @@
<%+cbi/valueheader%>
<script type="text/javascript">//<![CDATA[
function refresh_data(btn,dataname)
{
btn.disabled = true;
btn.value = '<%:Refresh...%> ';
murl=dataname;
XHR.get('<%=luci.dispatcher.build_url("admin", "services", "shadowsocksr","refresh")%>',
{ set:murl },
function(x,rv)
{
var s = document.getElementById(dataname+'-status');
if (s)
{
if (rv.ret=="0")
s.innerHTML ="<font color='green'>"+"<%:No new data!%> "+"</font>";
else if(rv.ret=="-1")
{
s.innerHTML ="<font color='red'>"+"<%:Refresh Error!%> "+"</font>";
}
else
{
s.innerHTML ="<font color='green'>"+"<%:Refresh OK!%> "+"<%:Total Records:%>"+rv.ret+"</font>";
}
}
btn.disabled = false;
btn.value = '<%:Refresh Data %>';
}
);
return false;
}
//]]></script>
<input type="button" class="cbi-button cbi-input-reload" value="<%:Refresh Data%> " onclick="return refresh_data(this,'<%=self.option%>')" />
<span id="<%=self.option%>-status"><em><%=self.value%></em></span>
<%+cbi/valuefooter%>

139
package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm Normal file
View File

@ -0,0 +1,139 @@
<%+cbi/valueheader%>
<script type="text/javascript">//<![CDATA[
function padright(str, cnt, pad){
return str + Array(cnt+1).join(pad);
}
function b64EncodeUnicode(str) {
return btoa(encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, function(match, p1) {
return String.fromCharCode('0x' + p1);
}));
}
function b64encutf8safe(str) {
return b64EncodeUnicode(str).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/g,'');
}
function b64DecodeUnicode(str) {
return decodeURIComponent(Array.prototype.map.call(atob(str), function(c) {
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
}).join(''));
}
function b64decutf8safe(str) {
var l;
str = str.replace(/-/g,"+").replace(/_/g,"/");
l = str.length;
l = (4 - l % 4)%4;
if( l )
str = padright(str,l,"=");
return b64DecodeUnicode(str);
}
function b64encsafe(str){
return btoa(str).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/g,'')
}
function b64decsafe(str){
var l;
str = str.replace(/-/g,"+").replace(/_/g,"/");
l = str.length;
l = (4 - l % 4)%4;
if( l )
str = padright(str,l,"=");
return atob(str);
}
function dictvalue(d,key) {
var v = d[key];
if( typeof(v)=='undefined' || v=='' )
return '';
return b64decsafe(v);
}
function export_ssr_url(btn,urlname,sid) {
var s = document.getElementById(urlname+'-status');
if(!s)
return false;
var v_server = document.getElementById('cbid.shadowsocksr.'+sid+'.server');
var v_port = document.getElementById('cbid.shadowsocksr.'+sid+'.server_port');
var v_protocol = document.getElementById('cbid.shadowsocksr.'+sid+'.protocol');
var v_method = document.getElementById('cbid.shadowsocksr.'+sid+'.encrypt_method');
var v_obfs = document.getElementById('cbid.shadowsocksr.'+sid+'.obfs');
var v_password = document.getElementById('cbid.shadowsocksr.'+sid+'.password');
var v_obfs_param = document.getElementById('cbid.shadowsocksr.'+sid+'.obfs_param');
var v_protocol_param = document.getElementById('cbid.shadowsocksr.'+sid+'.protocol_param');
var v_alias = document.getElementById('cbid.shadowsocksr.'+sid+'.alias');
var ssr_str = v_server.value+":"+
v_port.value+":"+
v_protocol.value+":"+
v_method.value+":"+
v_obfs.value+":"+
b64encsafe(v_password.value)+
"/?obfsparam="+b64encsafe(v_obfs_param.value)+
"&protoparam="+b64encsafe(v_protocol_param.value)+
"&remarks="+b64encutf8safe(v_alias.value);
var textarea = document.createElement("textarea");
textarea.textContent = "ssr://"+b64encsafe(ssr_str);
textarea.style.position = "fixed";
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand("copy"); // Security exception may be thrown by some browsers.
s.innerHTML = "<font color='green'><%:Copy SSR to clipboard successfully.%></font>";
} catch (ex) {
s.innerHTML = "<font color='red'><%:Unable to copy SSR to clipboard.%></font>";
} finally {
document.body.removeChild(textarea);
}
return false;
}
function import_ssr_url(btn,urlname,sid) {
var s = document.getElementById(urlname+'-status');
if(!s)
return false;
var ssrurl = prompt("<%:Paste ssr url here%>", "ssr://");
if (ssrurl == null || ssrurl == "") {
s.innerHTML = "<font color='red'><%:User cancelled.%></font>";
return false;
}
s.innerHTML = "<font color='red'><%:Invalid SSR format.%></font>";
var ssu = ssrurl.match(/ssr:\/\/([A-Za-z0-9_-]+)/i);
if( !ssu || ssu.length<2 )
return false;
var sstr = b64decsafe(ssu[1]);
var ploc = sstr.indexOf("/?");
var url0, param="";
if( ploc>0 ) {
url0 = sstr.substr(0,ploc);
param = sstr.substr(ploc+2);
}
var ssm = url0.match(/^(.+):([^:]+):([^:]*):([^:]+):([^:]*):([^:]+)/);
if( !ssm || ssm.length<7 )
return false;
var pdict = {};
if( param.length>2 )
{
var a = param.split('&');
for( var i=0;i<a.length; i++ ) {
var b = a[i].split('=');
pdict[decodeURIComponent(b[0])] = decodeURIComponent(b[1] || '');
}
}
document.getElementById('cbid.shadowsocksr.'+sid+'.server').value = ssm[1];
document.getElementById('cbid.shadowsocksr.'+sid+'.server_port').value = ssm[2];
document.getElementById('cbid.shadowsocksr.'+sid+'.protocol').value = ssm[3];
document.getElementById('cbid.shadowsocksr.'+sid+'.encrypt_method').value = ssm[4];
document.getElementById('cbid.shadowsocksr.'+sid+'.obfs').value = ssm[5];
document.getElementById('cbid.shadowsocksr.'+sid+'.password').value = b64decsafe(ssm[6]);
document.getElementById('cbid.shadowsocksr.'+sid+'.obfs_param').value = dictvalue(pdict,'obfsparam');
document.getElementById('cbid.shadowsocksr.'+sid+'.protocol_param').value = dictvalue(pdict,'protoparam');
var rem = pdict['remarks'];
if( typeof(rem)!='undefined' && rem!='' && rem.length>0 )
document.getElementById('cbid.shadowsocksr.'+sid+'.alias').value = b64decutf8safe(rem);
s.innerHTML = "<font color='green'><%:Import SSR successfully.%></font>";
return false;
}
//]]></script>
<input type="button" class="cbi-button cbi-button-apply" value="<%:Import SSR%>" onclick="return import_ssr_url(this,'<%=self.option%>','<%=self.value%>')" />
<input type="button" class="cbi-button cbi-button-apply" value="<%:Export SSR%>" onclick="return export_ssr_url(this,'<%=self.option%>','<%=self.value%>')" />
<span id="<%=self.option%>-status"><%:ssr://%></span>
<%+cbi/valuefooter%>

22
package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm Normal file
View File

@ -0,0 +1,22 @@
<script type="text/javascript">//<![CDATA[
XHR.poll(3, '<%=url([[admin]], [[services]], [[shadowsocksr]], [[run]])%>', null,
function(x, data) {
var tb = document.getElementById('shadowsocksr_status');
if (data && tb) {
if (data.running) {
var links = '<em><b><font color=green>ShadowsocksR Plus+ <%:RUNNING%></font></b></em>';
tb.innerHTML = links;
} else {
tb.innerHTML = '<em><b><font color=red>ShadowsocksR Plus+ <%:NOT RUNNING%></font></b></em>';
}
}
}
);
//]]>
</script>
<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
<fieldset class="cbi-section">
<p id="shadowsocksr_status">
<em><%:Collecting data...%></em>
</p>
</fieldset>

453
package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po Normal file
View File

@ -0,0 +1,453 @@
msgid ""
msgstr "Content-Type: text/plain; charset=UTF-8\n"
msgid "ShadowSocksR Client"
msgstr "ShadowSocksR 客户端"
msgid "Enable"
msgstr "启用"
msgid "Disable"
msgstr "停用"
msgid "Log"
msgstr "日志"
msgid "ShadowSocksR is running"
msgstr "ShadowSocksR 客户端运行中"
msgid "ShadowSocksR is not running"
msgstr "ShadowSocksR 客户端未运行"
msgid "Global Setting"
msgstr "全局设置"
msgid "Global Server"
msgstr "全局服务器"
msgid "ShadowSocksR SOCK5 Proxy is running"
msgstr "ShadowSocksR SOCK5代理运行中"
msgid "UDP Relay Server"
msgstr "UDP中继服务器"
msgid "Same as Global Server"
msgstr "与全局服务器相同"
msgid "Servers Setting"
msgstr "服务器配置"
msgid "Alias(optional)"
msgstr "别名(可选)"
msgid "Onetime Authentication"
msgstr "一次验证"
msgid "Server Address"
msgstr "服务器地址"
msgid "Server Port"
msgstr "服务器端口"
msgid "Local Port"
msgstr "本地端口"
msgid "Connection Timeout"
msgstr "连接超时"
msgid "Password"
msgstr "密码"
msgid "Encrypt Method"
msgstr "加密方式"
msgid "Protocol"
msgstr "传输协议"
msgid "Protocol param(optional)"
msgstr "传输协议参数(可选)"
msgid "Obfs"
msgstr "混淆插件"
msgid "Obfs param(optional)"
msgstr "混淆参数(可选)"
msgid "Enable Tunnel(DNS)"
msgstr "启用隧道DNS转发"
msgid "Tunnel Port"
msgstr "隧道DNS本地端口"
msgid "Forwarding Tunnel"
msgstr "隧道DNS转发地址"
msgid "Access Control"
msgstr "访问控制"
msgid "Interfaces - WAN"
msgstr "接口 - WAN"
msgid "Bypassed IP List"
msgstr "被忽略IP列表"
msgid "NULL - As Global Proxy"
msgstr "留空 - 作为全局代理"
msgid "Bypassed IP"
msgstr "额外被忽略IP"
msgid "Forwarded IP"
msgstr "强制走代理IP"
msgid "Interfaces - LAN"
msgstr "接口 - LAN"
msgid "LAN Access Control"
msgstr "内网访问控制"
msgid "Allow listed only"
msgstr "仅允许列表内"
msgid "Allow all except listed"
msgstr "仅允许列表外"
msgid "LAN Host List"
msgstr "内网主机列表"
msgid "SSR Client"
msgstr "客户端"
msgid "SSR Server"
msgstr "服务端"
msgid "ShadowSocksR Server"
msgstr "ShadowSocksR 服务端"
msgid "ShadowSocksR Server is running"
msgstr "ShadowSocksR 服务端运行中"
msgid "ShadowSocksR Server is not running"
msgstr "ShadowSocksR 服务端未运行"
msgid "Enable Server"
msgstr "启动服务端"
msgid "Server Setting"
msgstr "服务端配置"
msgid "KcpTun Enable"
msgstr "KcpTun 启用"
msgid "bin:/usr/bin/ssr-kcptun"
msgstr "二进制文件:/usr/bin/ssr-kcptun"
msgid "KcpTun Port"
msgstr "KcpTun 端口"
msgid "KcpTun Param"
msgstr "KcpTun 参数"
msgid "KcpTun Password"
msgstr "KcpTun 密码"
msgid "Haven't a Kcptun executable file"
msgstr "不存在Kcptun可执行文件请下载Kcptun可执行文件并改名放入/usr/bin/ssr-kcptun"
msgid "Not a Kcptun executable file"
msgstr "Kcptun可执行文件格式不正确请确认是否正确下载了路由器对应的可执行文件"
msgid "Enable Process Monitor"
msgstr "启用进程监控"
msgid "Edit ShadowSocksR Server"
msgstr "编辑服务器配置"
msgid "Alias"
msgstr "别名"
msgid "SOCKS5 Proxy"
msgstr "SOCKS5代理"
msgid "Server"
msgstr "服务器"
msgid "TCP Fast Open"
msgstr "TCP快速打开"
msgid "Status"
msgstr "状态"
msgid "Unknown"
msgstr "未知"
msgid "Running Status"
msgstr "运行状态"
msgid "Global Client"
msgstr "全局客户端"
msgid "Global SSR Server"
msgstr "SSR服务端"
msgid "DNS Tunnel"
msgstr "DNS 隧道"
msgid "IPK Version"
msgstr "IPK 版本号"
msgid "KcpTun Version"
msgstr "KcpTun 版本号"
msgid "Not exist"
msgstr "未安装可执行文件"
msgid "IPK Installation Time"
msgstr "IPK 安装时间"
msgid "Project"
msgstr "项目地址"
msgid "Not Running"
msgstr "未运行"
msgid "Running"
msgstr "运行中"
msgid "Enable GFW mode"
msgstr "启用 GFW 模式"
msgid "Running Mode"
msgstr "运行模式"
msgid "IP Route Mode"
msgstr "绕过中国大陆IP模式"
msgid "GFW List Mode"
msgstr "GFW列表模式"
msgid "Router Proxy"
msgstr "路由器访问控制"
msgid "Normal Proxy"
msgstr "正常代理"
msgid "Bypassed Proxy"
msgstr "不走代理"
msgid "Forwarded Proxy"
msgstr "强制走代理"
msgid "UDP Relay"
msgstr "UDP中继"
msgid "Google Connectivity"
msgstr "【谷歌】连通性检查"
msgid "Baidu Connectivity"
msgstr "【百度】连通性检查"
msgid "No Check"
msgstr "未检查"
msgid "Check"
msgstr "检查"
msgid "Connect OK"
msgstr "连接正常"
msgid "Connect Error"
msgstr "连接错误"
msgid "Check..."
msgstr "正在检查.."
msgid "Proxy Check"
msgstr "代理检查"
msgid "GFW List Data"
msgstr "【GFW列表】数据库"
msgid "China IP Data"
msgstr "【国内IP段】数据库"
msgid "Records"
msgstr "条记录"
msgid "Refresh Data"
msgstr "更新数据库"
msgid "Refresh..."
msgstr "正在更新,请稍候.."
msgid "Refresh OK!"
msgstr "更新成功!"
msgid "Refresh Error!"
msgstr "更新失败!"
msgid "No new data!"
msgstr "你已经是最新数据,无需更新!"
msgid "Total Records:"
msgstr "新的总纪录数:"
msgid "Check Server Port"
msgstr "【服务器端口】检查"
msgid "Check Connect"
msgstr "检查连通性"
msgid "Check Server"
msgstr "检查服务器"
msgid "Auto Switch"
msgstr "自动切换"
msgid "Enable Auto Switch"
msgstr "启用自动切换"
msgid "Switch check cycly(second)"
msgstr "自动切换检查周期(秒)"
msgid "Check timout(second)"
msgstr "切换检查超时时间(秒)"
msgid "Advertising Data"
msgstr "【广告屏蔽】数据库"
msgid "DNS Server IP and Port"
msgstr "DNS服务器地址和端口"
msgid "Resolve Dns Mode"
msgstr "DNS解析方式"
msgid "Use SSR DNS Tunnel"
msgstr "使用SSR-DNS隧道"
msgid "Use Pdnsd"
msgstr "使用Pdnsd"
msgid "Use Other DNS Tunnel(Need to install)"
msgstr "使用其他DNS转发(需要自己安装)"
msgid "Import SSR"
msgstr "导入ssr配置信息"
msgid "Export SSR"
msgstr "导出ssr配置信息"
msgid "Import SSR successfully."
msgstr "成功导入SSR。"
msgid "Invalid SSR format."
msgstr "无效的SSR格式。"
msgid "User cancelled."
msgstr "用户已取消。"
msgid "Paste ssr url here"
msgstr "在此处粘贴ssr://网址"
msgid "Unable to copy SSR to clipboard."
msgstr "无法复制SSR网址到剪贴板。"
msgid "Copy SSR to clipboard successfully."
msgstr "成功复制SSR网址到剪贴板。"
msgid "Servers Manage"
msgstr "服务器管理"
msgid "Auto Update"
msgstr "自动更新"
msgid "Through proxy update"
msgstr "通过代理更新"
msgid "GFW List"
msgstr "GFW列表"
msgid "ShadowSocksR Plus+ Settings"
msgstr "ShadowSocksR Plus+ 设置"
msgid "Main Server"
msgstr "主服务器"
msgid "Anti-pollution DNS Server"
msgstr "访问国外域名DNS服务器"
msgid "Use Pdnsd tcp query and cache"
msgstr "使用PDNSD TCP查询并缓存"
msgid "DNS Server IP:Port"
msgstr "DNS服务器 IP:Port"
msgid "Update time (every day)"
msgstr "更新时间 (每天)"
msgid "Auto Update Server subscription, GFW list and CHN route"
msgstr "自动更新服务器订阅、GFW列表和 CHN路由表"
msgid "Subscribe URL"
msgstr "SSR服务器订阅URL地址"
msgid "Update"
msgstr "更新"
msgid "IP black-and-white list"
msgstr "IP黑白名单"
msgid "WAN IP AC"
msgstr "WAN IP访问控制"
msgid "WAN White List IP"
msgstr "不走代理的WAN IP"
msgid "WAN Force Proxy IP"
msgstr "强制走代理的WAN IP"
msgid "LAN Bypassed Host List"
msgstr "不走代理的局域网 LAN IP"
msgid "LAN Force Proxy Host List"
msgstr "全局代理的LAN IP"
msgid "Router Self AC"
msgstr "路由器自身代理设置"
msgid "Router Self Proxy"
msgstr "路由器自身代理方式"
msgid "Normal Proxy"
msgstr "跟随全局设置"
msgid "Bypassed Proxy"
msgstr "不走代理"
msgid "Forwarded Proxy"
msgstr "全局代理"
msgid "GFW Custom List"
msgstr "GFW 用户自定义列表"
msgid "Please refer to the following writing"
msgstr "每行一个域名,无需写前面的 HTTP(S):// ,提交后即时生效"
msgid "Servers subscription and manage"
msgstr "服务器节点订阅与管理支持订阅和手动导入SSR链接"
msgid "Through proxy update list, Not Recommended"
msgstr "通过路由器自身代理更新订阅(不推荐)"
msgid "LAN IP AC"
msgstr "LAN IP访问控制"
msgid "Game Mode UDP Server"
msgstr "游戏模式UDP中继服务器"
msgid "Game Mode UDP Relay"
msgstr "游戏模式UDP中继"
msgid "Server failsafe auto swith settings"
msgstr "服务器节点故障自动切换设置"

8264
package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt Normal file
View File

File diff suppressed because it is too large Load Diff

55
package/lean/luci-app-ssr-plus/root/etc/config/gfw.list Normal file
View File

@ -0,0 +1,55 @@
91smartyun.pt
adobe.com
amazonaws.com
ampproject.org
apple.news
aws.amazon.com
azureedge.net
backpackers.com.tw
bitfinex.com
buzzfeed.com
clockwise.ee
cloudfront.net
coindesk.com
coinsquare.io
cryptocompare.com
dropboxstatic.com
eurecom.fr
gdax.com
github.com
isnssdk.com
kknews.cc
nutaq.com
openairinterface.org
skype.com
snssdk.com
sublimetext.com
textnow.com
textnow.me
trouter.io
uploaded.net
whatsapp.com
whatsapp.net
wsj.net
google.com
google.com.hk
gstatic.com
googleusercontent.com
googlepages.com
googlevideo.com
googlecode.com
googleapis.com
googlesource.com
googledrive.com
ggpht.com
youtube.com
youtu.be
ytimg.com
twitter.com
facebook.com
fastly.net
akamai.net
akamaiedge.net
akamaihd.net
edgesuite.net
edgekey.net

37
package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr Normal file
View File

@ -0,0 +1,37 @@
config global
option tunnel_forward '8.8.4.4:53'
option tunnel_address '0.0.0.0'
option run_mode 'gfw'
option pdnsd_enable '1'
option monitor_enable '0'
option global_server 'nil'
option enable_switch '1'
option switch_timeout '5'
option switch_time '667'
config socks5_proxy
option server 'nil'
option local_port '1080'
option local_address '0.0.0.0'
config access_control
option wan_bp_list '/etc/china_ssr.txt'
option lan_ac_mode 'b'
option router_proxy '1'
list wan_fw_ips '149.154.160.0/20'
list wan_fw_ips '67.198.55.0/24'
list wan_fw_ips '91.108.4.0/22'
list wan_fw_ips '91.108.56.0/22'
list wan_fw_ips '109.239.140.0/24'
config server_global
option enable_server '0'
config server_subscribe
option proxy '0'
option auto_update_time '2'
option auto_update '1'

0
package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/ad.conf Normal file
View File

10354
package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf Normal file
View File

File diff suppressed because it is too large Load Diff

484
package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr Executable file
View File

@ -0,0 +1,484 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
START=90
STOP=15
SERVICE_DAEMONIZE=1
NAME=shadowsocksr
EXTRA_COMMANDS=rules
CONFIG_FILE=/var/etc/${NAME}.json
CONFIG_UDP_FILE=/var/etc/${NAME}_u.json
CONFIG_SOCK5_FILE=/var/etc/${NAME}_s.json
server_count=0
redir_tcp=0
redir_udp=0
tunnel_enable=0
local_enable=0
kcp_enable_flag=0
kcp_flag=0
pdnsd_enable_flag=0
switch_enable=0
switch_server=$1
MAXFD=32768
CRON_FILE=/etc/crontabs/root
uci_get_by_name() {
local ret=$(uci get $NAME.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
uci_get_by_type() {
local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
echo ${ret:=$3}
}
add_cron()
{
sed -i '/ssrplus.log/d' $CRON_FILE
echo '0 */1 * * * /usr/share/shadowsocksr/ssr-watchdog >> /tmp/ssrplus.log 2>&1' >> $CRON_FILE
echo '0 1 * * 0 echo "" > /tmp/ssrplus.log' >> $CRON_FILE
[ -n "$(grep -w "/usr/share/shadowsocksr/subscribe.sh" $CRON_FILE)" ] && sed -i '/\/usr\/share\/shadowsocksr\/subscribe.sh/d' $CRON_FILE
[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/subscribe.sh" >> $CRON_FILE
[ -z "$(grep -w "/usr/share/shadowsocksr/update.sh" $CRON_FILE)" ] && echo "0 5 * * 0 /usr/share/shadowsocksr/update.sh" >> $CRON_FILE
crontab $CRON_FILE
}
del_cron()
{
sed -i '/shadowsocksr/d' $CRON_FILE
sed -i '/ssrplus.log/d' $CRON_FILE
/etc/init.d/cron restart
}
run_mode=$(uci_get_by_type global run_mode)
gen_config_file() {
local host=$(uci_get_by_name $1 server)
if echo $host|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
hostip=${host}
elif [ "$host" != "${host#*:[0-9a-fA-F]}" ] ;then
hostip=${host}
else
hostip=`ping ${host} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1`
if echo $hostip|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
hostip=${hostip}
else
hostip=`cat /etc/ssr_ip`
fi
fi
[ $2 = "0" -a $kcp_flag = "1" ] && hostip="127.0.0.1"
if [ $2 = "0" ] ;then
config_file=$CONFIG_FILE
elif [ $2 = "1" ]; then
config_file=$CONFIG_UDP_FILE
else
config_file=$CONFIG_SOCK5_FILE
fi
if [ $(uci_get_by_name $1 fast_open) = "1" ] ;then
fastopen="true";
else
fastopen="false";
fi
cat <<-EOF >$config_file
{
"server": "$hostip",
"server_port": $(uci_get_by_name $1 server_port),
"local_address": "0.0.0.0",
"local_port": $(uci_get_by_name $1 local_port),
"password": "$(uci_get_by_name $1 password)",
"timeout": $(uci_get_by_name $1 timeout 60),
"method": "$(uci_get_by_name $1 encrypt_method)",
"protocol": "$(uci_get_by_name $1 protocol)",
"protocol_param": "$(uci_get_by_name $1 protocol_param)",
"obfs": "$(uci_get_by_name $1 obfs)",
"obfs_param": "$(uci_get_by_name $1 obfs_param)",
"fast_open": $fastopen
}
EOF
}
get_arg_out() {
case "$(uci_get_by_type access_control router_proxy 1)" in
1) echo "-o";;
2) echo "-O";;
esac
}
start_rules() {
local server=$(uci_get_by_name $GLOBAL_SERVER server)
#resolve name
if echo $server|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
server=${server}
elif [ "$server" != "${server#*:[0-9a-fA-F]}" ] ;then
server=${server}
else
server=`ping ${server} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1`
if echo $server|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
echo $server >/etc/ssr_ip
else
server=`cat /etc/ssr_ip`
fi
fi
kcp_server=$server
local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable)
if [ $kcp_enable = "1" ] ;then
kcp_flag=1
fi
local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port)
local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips)
local lan_ac_mode="b"
local router_proxy=$(uci_get_by_type access_control router_proxy)
if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then
ARG_UDP="-u"
elif [ -n "$UDP_RELAY_SERVER" ]; then
ARG_UDP="-U"
local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server)
local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port)
fi
if [ -n "$lan_ac_ips" ]; then
case "$lan_ac_mode" in
w|W|b|B) local ac_ips="$lan_ac_mode$lan_ac_ips";;
esac
fi
#deal gfw firewall rule
local gfwmode=""
if [ "$run_mode" = "gfw" ]; then
gfwmode="-g"
fi
/usr/bin/ssr-rules \
-s "$server" \
-l "$local_port" \
-S "$udp_server" \
-L "$udp_local_port" \
-a "$ac_ips" \
-i "$(uci_get_by_type access_control wan_bp_list)" \
-b "$(uci_get_by_type access_control wan_bp_ips)" \
-w "$(uci_get_by_type access_control wan_fw_ips)" \
-p "$(uci_get_by_type access_control lan_fp_ips)" \
$(get_arg_out) $gfwmode $ARG_UDP
return $?
}
start_pdnsd() {
local usr_dns="$1"
local usr_port="$2"
local tcp_dns_list="208.67.222.222, 208.67.220.220"
[ -z "$usr_dns" ] && usr_dns="8.8.8.8"
[ -z "$usr_port" ] && usr_port="53"
[ -d /var/etc ] || mkdir -p /var/etc
if [ ! -d /var/pdnsd ];then
mkdir -p /var/pdnsd
echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache
chown -R nobody:nogroup /var/pdnsd
fi
cat > /var/etc/pdnsd.conf <<EOF
global {
perm_cache=1024;
cache_dir="/var/pdnsd";
pid_file = /var/run/pdnsd.pid;
run_as="nobody";
server_ip = 127.0.0.1;
server_port = 5353;
status_ctl = on;
query_method = tcp_only;
min_ttl=1h;
max_ttl=1w;
timeout=10;
neg_domain_pol=on;
proc_limit=2;
procq_limit=8;
}
server {
label= "ssr-usrdns";
ip = $usr_dns;
port = $usr_port;
timeout=6;
uptest=none;
interval=10m;
purge_cache=off;
}
server {
label= "ssr-pdnsd";
ip = $tcp_dns_list;
port = 5353;
timeout=6;
uptest=none;
interval=10m;
purge_cache=off;
}
EOF
/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d
}
start_tunnel() {
local tunnel_config_file=$CONFIG_FILE
if [ "$ARG_UDP" = "-U" ]; then
tunnel_config_file=$CONFIG_UDP_FILE
fi
local local_dns_port=$(uci_get_by_type global tunnel_port)
if [ "$run_mode" = "gfw" ] ;then
local_dns_port=5353
fi
/usr/bin/ssr-tunnel \
-c $tunnel_config_file $ARG_OTA -u \
-l $local_dns_port \
-b $(uci_get_by_type global tunnel_address 0.0.0.0) \
-L $(uci_get_by_type global tunnel_forward 8.8.4.4:53) \
-f /var/run/ssr-tunnel.pid
tunnel_enable=1
return $?
}
start_redir() {
case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in
1|on|true|yes|enabled) ARG_OTA="-A";;
*) ARG_OTA="";;
esac
#deal kcp
local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable)
if [ $kcp_enable = "1" ] ;then
[ ! -f "/usr/bin/ssr-kcptun" ] && return 1
local kcp_str=`/usr/bin/ssr-kcptun -v |grep kcptun|wc -l`
[ "0" = $kcp_str ] && return 1
local kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port)
local server_port=$(uci_get_by_name $GLOBAL_SERVER server_port)
local password=$(uci_get_by_name $GLOBAL_SERVER kcp_password)
local kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param)
[ "$password" != "" ] && password="--key "${password}
service_start /usr/bin/ssr-kcptun \
-r $kcp_server:$kcp_port \
-l :$server_port $password $kcp_param
kcp_enable_flag=1
fi
gen_config_file $GLOBAL_SERVER 0
redir_tcp=1
local last_config_file=$CONFIG_FILE
local pid_file="/var/run/ssr-retcp.pid"
if [ "$ARG_UDP" = "-U" ]; then
/usr/bin/ssr-redir \
-c $CONFIG_FILE $ARG_OTA \
-f /var/run/ssr-retcp.pid
case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in
1|on|true|yes|enabled) ARG_OTA="-A";;
*) ARG_OTA="";;
esac
gen_config_file $UDP_RELAY_SERVER 1
last_config_file=$CONFIG_UDP_FILE
pid_file="/var/run/ssr-reudp.pid"
redir_udp=1
fi
/usr/bin/ssr-redir \
-c $last_config_file $ARG_OTA $ARG_UDP \
-f $pid_file
#deal with dns
if [ "$run_mode" = "gfw" ] ;then
if [ "$(uci_get_by_type global pdnsd_enable)" = "0" ] ;then
start_tunnel
fi
if [ "$(uci_get_by_type global pdnsd_enable)" = "1" ] ;then
local dnsstr="$(uci_get_by_type global tunnel_forward 8.8.4.4:53)"
local dnsserver=`echo "$dnsstr"|awk -F ':' '{print $1}'`
local dnsport=`echo "$dnsstr"|awk -F ':' '{print $2}'`
ipset add gfwlist $dnsserver 2>/dev/null
start_pdnsd $dnsserver $dnsport
pdnsd_enable_flag=1
fi
fi
if [ "$(uci_get_by_type global enable_switch)" = "1" ] ;then
if [ "$(uci_get_by_name $GLOBAL_SERVER switch_enable)" = "1" ] ;then
if [ -z "$switch_server" ] ;then
local switch_time=$(uci_get_by_type global switch_time)
local switch_timeout=$(uci_get_by_type global switch_timeout)
service_start /usr/bin/ssr-switch start $switch_time $switch_timeout
switch_enable=1
fi
fi
fi
return $?
}
gen_service_file() {
if [ $(uci_get_by_name $1 fast_open) = "1" ] ;then
fastopen="true";
else
fastopen="false";
fi
cat <<-EOF >$2
{
"server": "$(uci_get_by_name $1 server)",
"server_port": $(uci_get_by_name $1 server_port),
"password": "$(uci_get_by_name $1 password)",
"timeout": $(uci_get_by_name $1 timeout 60),
"method": "$(uci_get_by_name $1 encrypt_method)",
"protocol": "$(uci_get_by_name $1 protocol)",
"protocol_param": "$(uci_get_by_name $1 protocol_param)",
"obfs": "$(uci_get_by_name $1 obfs)",
"obfs_param": "$(uci_get_by_name $1 obfs_param)",
"fast_open": $fastopen
}
EOF
}
start_service() {
[ $(uci_get_by_name $1 enable) = "0" ] && return 1
let server_count=server_count+1
if [ $server_count = 1 ] ;then
iptables -N SSR-SERVER-RULE && \
iptables -t filter -I INPUT -j SSR-SERVER-RULE
fi
gen_service_file $1 /var/etc/${NAME}_${server_count}.json
/usr/bin/ssr-server -c /var/etc/${NAME}_${server_count}.json -u -f /var/run/ssr-server${server_count}.pid
iptables -t filter -A SSR-SERVER-RULE -p tcp --dport $(uci_get_by_name $1 server_port) -j ACCEPT
iptables -t filter -A SSR-SERVER-RULE -p udp --dport $(uci_get_by_name $1 server_port) -j ACCEPT
return 0
}
gen_serv_include() {
FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null)
[ -n "$FWI" ] || return 0
if [ ! -f $FWI ] ;then
echo '#!/bin/sh' >$FWI
fi
extract_rules() {
echo "*filter"
iptables-save -t filter | grep SSR-SERVER-RULE|sed -e "s/^-A INPUT/-I INPUT/"
echo 'COMMIT'
}
cat <<-EOF >>$FWI
iptables-save -c | grep -v "SSR-SERVER" | iptables-restore -c
iptables-restore -n <<-EOT
$(extract_rules)
EOT
EOF
}
start_server() {
SERVER_ENABLE=$(uci_get_by_type server_global enable_server)
[ "$SERVER_ENABLE" = 0 ] && return 0
mkdir -p /var/run /var/etc
config_load $NAME
config_foreach start_service server_config
gen_serv_include
return 0
}
start_local() {
local local_server=$(uci_get_by_type socks5_proxy server)
[ "$local_server" = "nil" ] && return 1
mkdir -p /var/run /var/etc
gen_config_file $local_server 2
/usr/bin/ssr-local -c $CONFIG_SOCK5_FILE -u \
-l $(uci_get_by_type socks5_proxy local_port 1080) \
-b $(uci_get_by_type socks5_proxy local_address 0.0.0.0) \
-f /var/run/ssr-local.pid
local_enable=1
}
rules() {
[ "$GLOBAL_SERVER" = "nil" ] && return 1
mkdir -p /var/run /var/etc
UDP_RELAY_SERVER=$(uci_get_by_type global udp_relay_server)
[ "$UDP_RELAY_SERVER" = "same" ] && UDP_RELAY_SERVER=$GLOBAL_SERVER
if start_rules ;then
return 0
else
return 1
fi
}
start() {
if [ -z "$switch_server" ] ;then
GLOBAL_SERVER=$(uci_get_by_type global global_server)
else
GLOBAL_SERVER=$switch_server
switch_enable=1
fi
if rules ;then
start_redir
if ! [ "$run_mode" = "gfw" ] ;then
case "$(uci_get_by_type global tunnel_enable)" in
1|on|true|yes|enabled)
start_tunnel
;;
esac
else
mkdir -p /tmp/dnsmasq.d
cat > /tmp/dnsmasq.d/dnsmasq-ssr.conf <<EOF
conf-dir=/etc/dnsmasq.ssr
EOF
/etc/init.d/dnsmasq restart
fi
fi
start_server
start_local
ENABLE_SERVER=$(uci_get_by_type global global_server)
[ "$ENABLE_SERVER" = "nil" ] && return 1
add_cron
}
boot() {
(sleep 5 && start >/dev/null 2>&1) &
}
stop() {
/usr/bin/ssr-rules -f
srulecount=`iptables -L|grep SSR-SERVER-RULE|wc -l`
if [ $srulecount -gt 0 ] ;then
iptables -F SSR-SERVER-RULE
iptables -t filter -D INPUT -j SSR-SERVER-RULE
iptables -X SSR-SERVER-RULE 2>/dev/null
fi
if [ -z "$switch_server" ] ;then
kill -9 $(ps | grep ssr-switch | grep -v grep | awk '{print $1}') >/dev/null 2>&1
fi
killall -q -9 ssr-redir
killall -q -9 ssr-tunnel
killall -q -9 ssr-server
killall -q -9 ssr-kcptun
killall -q -9 ssr-local
kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 || killall -9 pdnsd >/dev/null 2>&1
if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then
rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf
/etc/init.d/dnsmasq restart
fi
del_cron
}

18
package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus Executable file
View File

@ -0,0 +1,18 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete ucitrack.@shadowsocksr[-1]
add ucitrack shadowsocksr
set ucitrack.@shadowsocksr[-1].init=shadowsocksr
commit ucitrack
delete firewall.shadowsocksr
set firewall.shadowsocksr=include
set firewall.shadowsocksr.type=script
set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
set firewall.shadowsocksr.reload=1
commit firewall
EOF
/usr/share/shadowsocksr/gfw2ipset.sh
rm -f /tmp/luci-indexcache
exit 0

6
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh -e
if [ -f /tmp/adnew.conf ]; then
cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/ad.conf
fi

31
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw Executable file
View File

@ -0,0 +1,31 @@
#!/bin/sh -e
generate_china_banned()
{
cat $1 | base64 -d > /tmp/gfwlist.txt
rm -f $1
cat /tmp/gfwlist.txt | sort -u |
sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
awk '
BEGIN { prev = "________"; } {
cur = $0;
if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
} else {
print cur;
prev = cur;
}
}' | sort -u
}
generate_china_banned /tmp/gfw.b64 > /tmp/gfw.txt
rm -f /tmp/gfwlist.txt
sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5353\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt
rm -f /tmp/gfw.txt

151
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor Executable file
View File

@ -0,0 +1,151 @@
#!/bin/sh
#
# Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
NAME=shadowsocksr
uci_get_by_name() {
local ret=$(uci get $NAME.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
uci_get_by_type() {
local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
echo ${ret:=$3}
}
server_process_count=$1
redir_tcp_process=$2
redir_udp_process=$3
tunnel_process=$4
kcp_process=$5
local_process=$6
pdnsd_process=$7
if [ -z "$pdnsd_process" ] ;then
pdnsd_process=0
fi
i=0
GLOBAL_SERVER=$(uci_get_by_type global global_server)
local server=$(uci_get_by_name $GLOBAL_SERVER server)
local kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port)
local server_port=$(uci_get_by_name $GLOBAL_SERVER server_port)
local password=$(uci_get_by_name $GLOBAL_SERVER kcp_password)
local kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param)
[ "$password" != "" ] && password="--key "${password}
local sock5_port=$(uci_get_by_type socks5_proxy local_port 1080)
if echo $server|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then
server=${server}
else
server=`cat /etc/ssr_ip`
fi
while [ "1" = "1" ] #死循环
do
sleep 30
#redir tcp
if [ $redir_tcp_process -gt 0 ] ;then
icount=`ps -w | grep ssr-retcp |grep -v grep| wc -l`
if [ $icount = 0 ] ;then
logger -t "$NAME" "ssr redir tcp error.restart!"
/etc/init.d/shadowsocksr restart
exit 0
fi
fi
#redir udp
if [ $redir_udp_process -gt 0 ] ;then
icount=`ps -w | grep ssr-reudp|grep -v grep| wc -l`
if [ $icount = 0 ] ;then
logger -t "$NAME" "ssr redir udp error.restart!"
/etc/init.d/shadowsocksr restart
exit 0
fi
fi
#ssr-dns tunnel
if [ $tunnel_process -gt 0 ] ;then
icount=`ps -w | grep ssr-tunnel |grep -v grep| wc -l`
if [ $icount = 0 ] ;then
logger -t "$NAME" "ssr tunnel error.restart!"
/etc/init.d/shadowsocksr restart
exit 0
fi
fi
#server
if [ $server_process_count -gt 0 ] ;then
icount=`ps -w | grep ssr-server |grep -v grep| wc -l`
if [ $icount -lt $server_process_count ] #如果进程挂掉就重启它
then
logger -t "$NAME" "ssr server error.restart!"
killall -q -9 ssr-server
for i in `seq $server_process_count`
do
/usr/bin/ssr-server -c /var/etc/shadowsocksr_$i.json -u -f /var/run/ssr-server$i.pid
done
fi
fi
#kcptun
if [ $kcp_process -gt 0 ] ;then
icount=`ps -w | grep ssr-kcptun |grep -v grep| wc -l`
if [ $icount -lt $kcp_process ] #如果进程挂掉就重启它
then
logger -t "$NAME" "ssr kcptun error.restart!"
killall -q -9 ssr-kcptun
( /usr/bin/ssr-kcptun -r $server:$kcp_port -l :$server_port $password $kcp_param &)
fi
fi
#local
if [ $local_process -gt 0 ] ;then
icount=`ps -w | grep ssr-local |grep -v grep| wc -l`
if [ $icount -lt $local_process ] #如果进程挂掉就重启它
then
logger -t "$NAME" "ssr local error.restart!"
killall -q -9 ssr-local
( /usr/bin/ssr-local -c /var/etc/shadowsocksr_s.json -u -l $sock5_port -f /var/run/ssr-local.pid &)
fi
fi
#pdnsd
if [ $pdnsd_process -gt 0 ] ;then
icount=`ps -w | grep pdnsd |grep -v grep| wc -l`
if [ $icount -lt $pdnsd_process ] #如果进程挂掉就重启它
then
logger -t "$NAME" "pdnsd tunnel error.restart!"
killall -q -9 pdnsd
( /usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d &)
fi
fi
#udp2raw
if [ $(uci_get_by_type udp2raw udp2raw_enable) = 1 ] ;then
ucount=`ps -w | grep udp2raw |grep -v grep| wc -l`
if [ $ucount = 0 ] ;then
/usr/bin/udp2raw --clear >/dev/null
/usr/bin/udp2raw --conf-file /var/etc/udp2raw.conf >/dev/null 2>&1 &
fi
fi
#udpspeeder
if [ $(uci_get_by_type udpspeeder udpspeeder_enable) = 1 ] ;then
scount=`ps -w | grep udpspeeder |grep -v grep| wc -l`
if [ $scount = 0 ] ;then
/usr/bin/udpspeeder -c -l0.0.0.0:$(uci_get_by_type udpspeeder local_port) \
-r$(uci_get_by_type udpspeeder server):$(uci_get_by_type udpspeeder server_port) \
-k $(uci_get_by_type udpspeeder key) \
--mode $(uci_get_by_type udpspeeder speeder_mode) \
--mtu $(uci_get_by_type udpspeeder mtu) \
-f$(uci_get_by_type udpspeeder fec) \
-q$(uci_get_by_type udpspeeder queue_len) \
--timeout $(uci_get_by_type udpspeeder timeout) \
>/dev/null 2>&1 &
fi
fi
done

306
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules Executable file
View File

@ -0,0 +1,306 @@
#!/bin/sh
#
# Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
TAG="_SS_SPEC_RULE_" # comment tag
IPT="iptables -t nat" # alias of iptables
FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) # firewall include file
usage() {
cat <<-EOF
Usage: ssr-rules [options]
Valid options are:
-s <server_ip> ip address of shadowsocksr remote server
-l <local_port> port number of shadowsocksr local server
-S <server_ip> ip address of shadowsocksr remote UDP server
-L <local_port> port number of shadowsocksr local UDP server
-i <ip_list_file> a file content is bypassed ip list
-a <lan_ips> lan ip of access control, need a prefix to
define access control mode
-b <wan_ips> wan ip of will be bypassed
-w <wan_ips> wan ip of will be forwarded
-p <fp_lan_ips> lan ip of will be global proxy
-e <extra_options> extra options for iptables
-o apply the rules to the OUTPUT chain
-O apply the global rules to the OUTPUT chain
-u enable udprelay mode, TPROXY is required
-U enable udprelay mode, using different IP
and ports for TCP and UDP
-f flush the rules
-g gfw list mode
-h show this help message and exit
EOF
exit $1
}
loger() {
# 1.alert 2.crit 3.err 4.warn 5.notice 6.info 7.debug
logger -st ssr-rules[$$] -p$1 $2
}
flush_r() {
flush_iptables() {
local ipt="iptables -t $1"
local DAT=$(iptables-save -t $1)
eval $(echo "$DAT" | grep "$TAG" | sed -e 's/^-A/$ipt -D/' -e 's/$/;/')
for chain in $(echo "$DAT" | awk '/^:SS_SPEC/{print $1}'); do
$ipt -F ${chain:1} 2>/dev/null && $ipt -X ${chain:1}
done
}
flush_iptables nat
flush_iptables mangle
ip rule del fwmark 0x01/0x01 table 100 2>/dev/null
ip route del local 0.0.0.0/0 dev lo table 100 2>/dev/null
ipset -X ss_spec_lan_ac 2>/dev/null
ipset -X ss_spec_wan_ac 2>/dev/null
ipset -X ssr_gen_router 2>/dev/null
ipset -X fplan 2>/dev/null
[ -n "$FWI" ] && echo '#!/bin/sh' >$FWI
return 0
}
ipset_r() {
if [ -z "$GFWMODE" ] ;then
ipset -! -R <<-EOF || return 1
create ss_spec_wan_ac hash:net
$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
$(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done)
EOF
$IPT -N SS_SPEC_WAN_AC && \
$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN && \
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
else
ipset -N gfwlist iphash 2>/dev/null
for ip in $WAN_FW_IP; do ipset add gfwlist $ip ; done
$IPT -N SS_SPEC_WAN_AC
$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
ipset -N fplan iphash 2>/dev/null
for ip in $LAN_FP_IP; do ipset add fplan $ip ; done
$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
fi
return $?
}
fw_rule() {
$IPT -N SS_SPEC_WAN_FW
$IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 127.0.0.0/8 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 172.16.0.0/12 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN
$IPT -A SS_SPEC_WAN_FW -p tcp \
-j REDIRECT --to-ports $local_port 2>/dev/null || {
loger 3 "Can't redirect, please check the iptables."
exit 1
}
return $?
}
ac_rule() {
if [ -n "$LAN_AC_IP" ]; then
case "${LAN_AC_IP:0:1}" in
w|W)
MATCH_SET="-m set --match-set ss_spec_lan_ac src"
;;
b|B)
MATCH_SET="-m set ! --match-set ss_spec_lan_ac src"
;;
*)
loger 3 "Bad argument \`-a $LAN_AC_IP\`."
return 2
;;
esac
fi
IFNAME=$(uci get -P/var/state network.lan.ifname 2>/dev/null)
ipset -! -R <<-EOF || return 1
create ss_spec_lan_ac hash:net
$(for ip in ${LAN_AC_IP:1}; do echo "add ss_spec_lan_ac $ip"; done)
EOF
$IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET \
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
if [ "$OUTPUT" = 1 ]; then
$IPT -I OUTPUT 1 -p tcp $EXT_ARGS \
-m comment --comment "$TAG" -j SS_SPEC_WAN_AC
elif [ "$OUTPUT" = 2 ]; then
ipset -! -R <<-EOF || return 1
create ssr_gen_router hash:net
$(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /")
EOF
$IPT -N SS_SPEC_ROUTER && \
$IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \
$IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW
$IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER
fi
return $?
}
tp_rule() {
[ -n "$TPROXY" ] || return 0
ip rule add fwmark 0x01/0x01 table 100
ip route add local 0.0.0.0/0 dev lo table 100
local ipt="iptables -t mangle"
$ipt -N SS_SPEC_TPROXY
if [ -z "$GFWMODE" ] ;then
$ipt -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
else
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gfwlist dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
fi
$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
-m comment --comment "$TAG" -j SS_SPEC_TPROXY
return $?
}
get_wan_ip() {
cat <<-EOF | grep -E "^([0-9]{1,3}\.){3}[0-9]{1,3}"
$server
$SERVER
$WAN_BP_IP
EOF
}
gen_iplist() {
cat <<-EOF
0.0.0.0/8
10.0.0.0/8
100.64.0.0/10
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.18.0.0/15
198.51.100.0/24
203.0.113.0/24
224.0.0.0/4
240.0.0.0/4
255.255.255.255
$(get_wan_ip)
$(cat ${IGNORE_LIST:=/dev/null} 2>/dev/null)
EOF
}
gen_spec_iplist() {
cat <<-EOF
0.0.0.0/8
10.0.0.0/8
100.64.0.0/10
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.18.0.0/15
198.51.100.0/24
203.0.113.0/24
224.0.0.0/4
240.0.0.0/4
255.255.255.255
$(get_wan_ip)
EOF
}
gen_include() {
[ -n "$FWI" ] || return 0
extract_rules() {
echo "*$1"
iptables-save -t $1 | grep SS_SPEC_ |\
sed -e "s/^-A \(OUTPUT\|PREROUTING\)/-I \1 1/"
echo 'COMMIT'
}
cat <<-EOF >>$FWI
iptables-save -c | grep -v "SS_SPEC" | iptables-restore -c
iptables-restore -n <<-EOT
$(extract_rules nat)
$(extract_rules mangle)
EOT
EOF
return 0
}
while getopts ":s:l:S:L:i:e:a:b:w:p:oOuUfgh" arg; do
case "$arg" in
s)
server=$OPTARG
;;
l)
local_port=$OPTARG
;;
S)
SERVER=$OPTARG
;;
L)
LOCAL_PORT=$OPTARG
;;
i)
IGNORE_LIST=$OPTARG
;;
e)
EXT_ARGS=$OPTARG
;;
a)
LAN_AC_IP=$OPTARG
;;
b)
WAN_BP_IP=$(for ip in $OPTARG; do echo $ip; done)
;;
w)
WAN_FW_IP=$OPTARG
;;
p)
LAN_FP_IP=$OPTARG
;;
o)
OUTPUT=1
;;
O)
OUTPUT=2
;;
u)
TPROXY=1
;;
U)
TPROXY=2
;;
g)
GFWMODE=1
;;
f)
flush_r
exit 0
;;
h)
usage 0
;;
esac
done
if [ -z "$server" -o -z "$local_port" ]; then
usage 2
fi
if [ "$TPROXY" = 1 ]; then
SERVER=$server
LOCAL_PORT=$local_port
elif [ "$TPROXY" = 2 ]; then
: ${SERVER:?"You must assign an ip for the udp relay server."}
: ${LOCAL_PORT:?"You must assign a port for the udp relay server."}
fi
flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
[ "$?" = 0 ] || loger 3 "Start failed!"
exit $?

173
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch Executable file
View File

@ -0,0 +1,173 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
cycle_time=60
switch_time=3
normal_flag=0
server_locate=0
server_count=0
NAME=shadowsocksr
ENABLE_SERVER=nil
CONFIG_SWTICH_FILE=/var/etc/${NAME}_t.json
[ -n "$1" ] && cycle_time=$1
[ -n "$2" ] && switch_time=$2
uci_get_by_name() {
local ret=$(uci get $NAME.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
uci_get_by_type() {
local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
echo ${ret:=$3}
}
DEFAULT_SERVER=$(uci_get_by_type global global_server)
CURRENT_SERVER=$DEFAULT_SERVER
#判断代理是否正常
check_proxy() {
/usr/bin/ssr-check www.google.com 80 $switch_time 1
if [ "$?" == "0" ]; then
return 0
else
/usr/bin/ssr-check www.baidu.com 80 $switch_time 1
if [ "$?" == "0" ]; then
#goole不通baidu通则不正常
return 1
else
return 2
fi
fi
return 0
}
test_proxy() {
local servername=$(uci_get_by_name $1 server)
local serverport=$(uci_get_by_name $1 server_port)
ret=$(ping -c 3 $servername | grep 'loss' | awk -F ',' '{ print $3 }' | awk -F "%" '{ print $1 }')
[ -z "$ret" ] && return 1
[ "$ret" -gt "50" ] && return 1
ipset add ss_spec_wan_ac $servername 2>/dev/null
ret=$?
/usr/bin/ssr-check $servername $serverport $switch_time
local ret2=$?
if [ "$ret" = "0" ] ;then
ipset del ss_spec_wan_ac $servername 2>/dev/null
fi
if [ "$ret2" = "0" ] ;then
return 0
else
return 1
fi
}
search_proxy() {
let server_count=server_count+1
[ "$normal_flag" = "1" -a "$server_count" -le "$server_locate" ] && return 0
[ "$(uci_get_by_name $1 switch_enable)" != "1" ] && return 1
[ $ENABLE_SERVER != nil ] && return 0
[ "$1" = "$CURRENT_SERVER" ] && return 0
local servername=$(uci_get_by_name $1 server)
local serverport=$(uci_get_by_name $1 server_port)
ipset add ss_spec_wan_ac $servername 2>/dev/null
ret=$?
/usr/bin/ssr-check $servername $serverport $switch_time
local ret2=$?
if [ "$ret" = "0" ] ;then
ipset del ss_spec_wan_ac $servername 2>/dev/null
fi
if [ "$ret2" = "0" ] ;then
server_locate=$server_count
ENABLE_SERVER=$1
return 0
else
return 1
fi
}
#选择可用的代理
select_proxy() {
config_load $NAME
ENABLE_SERVER=nil
mkdir -p /var/run /var/etc
server_count=0
config_foreach search_proxy servers
}
#切换代理
switch_proxy() {
/etc/init.d/shadowsocksr restart $1
return 0
}
start() {
#不支持kcptun启用时的切换
[ $(uci_get_by_name $DEFAULT_SERVER kcp_enable) = "1" ] && return 1
while [ "1" = "1" ] #死循环
do
sleep $cycle_time
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
#判断当前代理是否为缺省服务器
if [ "$CURRENT_SERVER" != "$DEFAULT_SERVER" ] ;then
#echo "not default proxy"
echo "$(date "+%Y-%m-%d %H:%M:%S") Current server is not default Main server, try to switch back." >> /tmp/ssrplus.log
#检查缺省服务器是否正常
if test_proxy $DEFAULT_SERVER ;then
#echo "switch to default proxy"
echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is avilable." >> /tmp/ssrplus.log
#缺省服务器正常,切换回来
CURRENT_SERVER=$DEFAULT_SERVER
switch_proxy $CURRENT_SERVER
echo "switch to default ["$(uci_get_by_name $CURRENT_SERVER server)"] proxy!" >> /tmp/ssrplus.log
continue
else
echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is NOT avilable.Continue using current server." >> /tmp/ssrplus.log
fi
fi
#判断当前代理是否正常
check_proxy
current_ret=$?
if [ "$current_ret" = "1" ] ;then
#当前代理错误,判断有无可用的服务器
#echo "current error"
echo "$(date "+%Y-%m-%d %H:%M:%S") Current server error, try to switch another server." >> /tmp/ssrplus.log
select_proxy
if [ "$ENABLE_SERVER" != nil ] ;then
#有其他服务器可用,进行切换
#echo $(uci_get_by_name $new_proxy server)
echo "$(date "+%Y-%m-%d %H:%M:%S") Another server is avilable, now switching server." >> /tmp/ssrplus.log
CURRENT_SERVER=$ENABLE_SERVER
switch_proxy $CURRENT_SERVER
normal_flag=1
echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR server switch OK" >> /tmp/ssrplus.log
else
normal_flag=0
fi
else
normal_flag=0
echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >> /tmp/ssrplus.log
fi
done
}

5
package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/sh
awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"gfwlist"'\n",$0)}' /etc/config/gfw.list > /etc/dnsmasq.ssr/custom_forward.conf
awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5353"'\n",$0)}' /etc/config/gfw.list >> /etc/dnsmasq.ssr/custom_forward.conf

17
package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssr-watchdog Executable file
View File

@ -0,0 +1,17 @@
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
/usr/bin/ssr-check www.google.com 80 3 1
if [ "$?" == "0" ]; then
echo "$LOGTIME ShadowsocksR No Problem."
else
/usr/bin/ssr-check www.baidu.com 80 3 1
if [ "$?" == "0" ]; then
echo "$LOGTIME Problem decteted, restarting ShadowsocksR..."
/etc/init.d/shadowsocksr restart
else
echo "$LOGTIME Network Problem. Do nothing."
fi
fi

157
package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.sh Executable file
View File

@ -0,0 +1,157 @@
#!/bin/bash
# Copyright (C) 2017 XiaoShan https://www.mivm.cn
urlsafe_b64decode() {
local d="====" data=$(echo $1 | sed 's/_/\//g; s/-/+/g')
local mod4=$((${#data}%4))
[ $mod4 -gt 0 ] && data=${data}${d:mod4}
echo $data | base64 -d
}
CheckIPAddr() {
echo $1 | grep "^[0-9]\{1,3\}\.\([0-9]\{1,3\}\.\)\{2\}[0-9]\{1,3\}$" >/dev/null 2>&1
[ $? -ne 0 ] && return 1
local ipaddr=($(echo $1 | sed 's/\./ /g'))
[ ${#ipaddr[@]} -ne 4 ] && return 1
for ((i=0;i<${#ipaddr[@]};i++))
do
[ ${ipaddr[i]} -gt 255 -a ${ipaddr[i]} -lt 0 ] && return 1
done
return 0
}
Server_Update() {
local uci_set="uci -q set $name.$1."
${uci_set}alias="[$ssr_group] $ssr_remarks"
${uci_set}auth_enable="0"
${uci_set}switch_enable="1"
${uci_set}server="$ssr_host"
${uci_set}server_port="$ssr_port"
${uci_set}local_port="1234"
uci -q get $name.@servers[$1].timeout >/dev/null || ${uci_set}timeout="60"
${uci_set}password="$ssr_passwd"
${uci_set}encrypt_method="$ssr_method"
${uci_set}protocol="$ssr_protocol"
${uci_set}protocol_param="$ssr_protoparam"
${uci_set}obfs="$ssr_obfs"
${uci_set}obfs_param="$ssr_obfsparam"
${uci_set}fast_open="0"
${uci_set}kcp_enable="0"
${uci_set}kcp_port="0"
${uci_set}kcp_param="--nocomp"
}
name=shadowsocksr
subscribe_url=($(uci get $name.@server_subscribe[0].subscribe_url))
[ ${#subscribe_url[@]} -eq 0 ] && exit 1
[ $(uci -q get $name.@server_subscribe[0].proxy || echo 0) -eq 0 ] && /etc/init.d/$name stop >/dev/null 2>&1
log_name=${name}_subscribe
for ((o=0;o<${#subscribe_url[@]};o++))
do
subscribe_data=$(wget-ssl --no-check-certificate -T 3 -O- ${subscribe_url[o]})
curl_code=$?
if [ $curl_code -eq 0 ];then
ssr_url=($(echo $subscribe_data | base64 -d | sed 's/\r//g')) # 解码数据并删除 \r 换行符
subscribe_max=$(echo ${ssr_url[0]} | grep -i MAX= | awk -F = '{print $2}')
subscribe_max_x=()
if [ -n "$subscribe_max" ]; then
while [ ${#subscribe_max_x[@]} -ne $subscribe_max ]
do
if [ ${#ssr_url[@]} -ge 10 ]; then
if [ $((${RANDOM:0:2}%2)) -eq 0 ]; then
temp_x=${RANDOM:0:1}
else
temp_x=${RANDOM:0:2}
fi
else
temp_x=${RANDOM:0:1}
fi
[ $temp_x -lt ${#ssr_url[@]} -a -z "$(echo "${subscribe_max_x[*]}" | grep -w ${temp_x})" ] && subscribe_max_x[${#subscribe_max_x[@]}]="$temp_x"
done
else
subscribe_max=${#ssr_url[@]}
fi
ssr_group=$(urlsafe_b64decode $(urlsafe_b64decode ${ssr_url[$((${#ssr_url[@]} - 1))]//ssr:\/\//} | sed 's/&/\n/g' | grep group= | awk -F = '{print $2}'))
if [ -n "$ssr_group" ]; then
subscribe_i=0
subscribe_n=0
subscribe_o=0
subscribe_x=""
temp_host_o=()
curr_ssr=$(uci show $name | grep @servers | grep -c server=)
for ((x=0;x<$curr_ssr;x++)) # 循环已有服务器信息,匹配当前订阅群组
do
temp_alias=$(uci -q get $name.@servers[$x].alias | grep "\[$ssr_group\]")
[ -n "$temp_alias" ] && temp_host_o[${#temp_host_o[@]}]=$(uci get $name.@servers[$x].server)
done
for ((x=0;x<$subscribe_max;x++)) # 循环链接
do
[ ${#subscribe_max_x[@]} -eq 0 ] && temp_x=$x || temp_x=${subscribe_max_x[x]}
temp_info=$(urlsafe_b64decode ${ssr_url[temp_x]//ssr:\/\//}) # 解码 SSR 链接
# 依次获取基本信息
info=${temp_info///?*/}
temp_info_array=(${info//:/ })
ssr_host=${temp_info_array[0]}
ssr_port=${temp_info_array[1]}
ssr_protocol=${temp_info_array[2]}
ssr_method=${temp_info_array[3]}
ssr_obfs=${temp_info_array[4]}
ssr_passwd=$(urlsafe_b64decode ${temp_info_array[5]})
info=${temp_info:$((${#info} + 2))}
info=(${info//&/ })
ssr_protoparam=""
ssr_obfsparam=""
ssr_remarks="$temp_x"
for ((i=0;i<${#info[@]};i++)) # 循环扩展信息
do
temp_info=($(echo ${info[i]} | sed 's/=/ /g'))
case "${temp_info[0]}" in
protoparam)
ssr_protoparam=$(urlsafe_b64decode ${temp_info[1]})
;;
obfsparam)
ssr_obfsparam=$(urlsafe_b64decode ${temp_info[1]})
;;
remarks)
ssr_remarks=$(urlsafe_b64decode ${temp_info[1]})
;;
esac
done
uci_name_tmp=$(uci show $name | grep -w $ssr_host | awk -F . '{print $2}')
if [ -z "$uci_name_tmp" ]; then # 判断当前服务器信息是否存在
uci_name_tmp=$(uci add $name servers)
subscribe_n=$(($subscribe_n + 1))
fi
Server_Update $uci_name_tmp
subscribe_x=${subscribe_x}$ssr_host" "
# echo "服务器地址: $ssr_host"
# echo "服务器端口 $ssr_port"
# echo "密码: $ssr_passwd"
# echo "加密: $ssr_method"
# echo "协议: $ssr_protocol"
# echo "协议参数: $ssr_protoparam"
# echo "混淆: $ssr_obfs"
# echo "混淆参数: $ssr_obfsparam"
# echo "备注: $ssr_remarks"
done
for ((x=0;x<${#temp_host_o[@]};x++)) # 新旧服务器信息匹配,如果旧服务器信息不存在于新服务器信息则删除
do
if [ -z "$(echo "$subscribe_x" | grep -w ${temp_host_o[x]})" ]; then
uci_name_tmp=$(uci show $name | grep ${temp_host_o[x]} | awk -F . '{print $2}')
uci delete $name.$uci_name_tmp
subscribe_o=$(($subscribe_o + 1))
fi
done
subscribe_log="$ssr_group 服务器订阅更新成功 服务器数量: ${#ssr_url[@]} 新增服务器: $subscribe_n 删除服务器: $subscribe_o"
logger -st $log_name[$$] -p6 "$subscribe_log"
uci commit $name
else
logger -st $log_name[$$] -p3 "${subscribe_url[$o]} 订阅数据解析失败 无法获取 Group"
fi
else
logger -st $log_name[$$] -p3 "${subscribe_url[$o]} 订阅数据获取失败 错误代码: $curl_code"
fi
done
/etc/init.d/$name restart >/dev/null 2>&1

24
package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.sh Executable file
View File

@ -0,0 +1,24 @@
#!/bin/sh
chnroute_data=$(wget -O- -t 3 -T 3 http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest)
[ $? -eq 0 ] && {
echo "$chnroute_data" | grep ipv4 | grep CN | awk -F\| '{ printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt
}
if [ -s "/tmp/china_ssr.txt" ];then
if ( ! cmp -s /tmp/china_ssr.txt /etc/china_ssr.txt );then
mv /tmp/china_ssr.txt /etc/china_ssr.txt
fi
fi
wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfw.b64
/usr/bin/ssr-gfw
if [ -s "/tmp/gfwnew.txt" ];then
if ( ! cmp -s /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf );then
mv /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf
echo "copy"
fi
fi
/etc/init.d/shadowsocksr restart

74
package/lean/polarssl/Makefile Normal file
View File

@ -0,0 +1,74 @@
#
# Copyright (C) 2011-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=polarssl
SRC_PKG_NAME:=mbedtls
PKG_VERSION:=1.3.16
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(SRC_PKG_NAME)-$(PKG_VERSION)-gpl.tgz
PKG_SOURCE_URL:=https://polarssl.org/download/
PKG_MD5SUM:=66ebbbf67e8a9463041846822b0a1692
PKG_BUILD_DIR:=$(BUILD_DIR)/$(SRC_PKG_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0+
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/polarssl/Default
SUBMENU:=SSL
TITLE:=Embedded SSL
URL:=http://polarssl.org/
endef
define Package/polarssl/Default/description
The aim of the PolarSSL project is to provide a quality, open-source
cryptographic library written in C and targeted at embedded systems.
endef
define Package/libpolarssl
$(call Package/polarssl/Default)
SECTION:=libs
CATEGORY:=Libraries
TITLE+= (library)
ABI_VERSION:=$(PKG_VERSION)-$(PKG_RELEASE)
endef
define Package/libpolarssl/description
$(call Package/polarssl/Default/description)
This package contains the PolarSSL library.
endef
PKG_INSTALL:=1
CMAKE_OPTIONS += \
-DCMAKE_BUILD_TYPE:String="Release" \
-DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \
-DENABLE_TESTING:Bool=OFF \
-DENABLE_PROGRAMS:Bool=OFF \
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/polarssl $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so.* $(1)/usr/lib/
$(LN) libmbedtls.so.$(PKG_VERSION) $(1)/usr/lib/libpolarssl.so
endef
define Package/libpolarssl/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libmbedtls.so.* $(1)/usr/lib/
$(LN) libmbedtls.so.$(PKG_VERSION) $(1)/usr/lib/libpolarssl.so
endef
$(eval $(call BuildPackage,libpolarssl))

12
package/lean/polarssl/patches/100-disable_sslv3.patch Normal file
View File

@ -0,0 +1,12 @@
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -1011,8 +1011,8 @@
* POLARSSL_SHA1_C
*
* Comment this macro to disable support for SSL 3.0
- */
#define POLARSSL_SSL_PROTO_SSL3
+ */
/**
* \def POLARSSL_SSL_PROTO_TLS1

252
package/lean/polarssl/patches/200-reduce_config.patch Normal file
View File

@ -0,0 +1,252 @@
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -432,8 +432,8 @@
* Requires: POLARSSL_HMAC_DRBG_C
*
* Comment this macro to disable deterministic ECDSA.
- */
#define POLARSSL_ECDSA_DETERMINISTIC
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
@@ -454,8 +454,8 @@
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_PSK_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
@@ -478,8 +478,8 @@
* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_DHE_PSK_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
@@ -498,8 +498,8 @@
* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_ECDHE_PSK_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
@@ -523,8 +523,8 @@
* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_RSA_PSK_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
@@ -602,8 +602,8 @@
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
@@ -626,8 +626,8 @@
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- */
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
@@ -650,8 +650,8 @@
* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
* TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
* TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- */
#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ */
/**
* \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
@@ -674,8 +674,8 @@
* TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
* TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
* TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- */
#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ */
/**
* \def POLARSSL_PK_PARSE_EC_EXTENDED
@@ -835,8 +835,8 @@
* \def POLARSSL_SELF_TEST
*
* Enable the checkup functions (*_self_test).
- */
#define POLARSSL_SELF_TEST
+ */
/**
* \def POLARSSL_SSL_AEAD_RANDOM_IV
@@ -1151,8 +1151,8 @@
* Requires: POLARSSL_VERSION_C
*
* Comment this to disable run-time checking and save ROM space
- */
#define POLARSSL_VERSION_FEATURES
+ */
/**
* \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
@@ -1470,8 +1470,8 @@
* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- */
#define POLARSSL_CAMELLIA_C
+ */
/**
* \def POLARSSL_CCM_C
@@ -1498,8 +1498,8 @@
* Requires: POLARSSL_PEM_PARSE_C
*
* This module is used for testing (ssl_client/server).
- */
#define POLARSSL_CERTS_C
+ */
/**
* \def POLARSSL_CIPHER_C
@@ -1538,8 +1538,8 @@
* library/ssl_tls.c
*
* This module provides debugging functions.
- */
#define POLARSSL_DEBUG_C
+ */
/**
* \def POLARSSL_DES_C
@@ -1594,8 +1594,8 @@
* ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
*
* Requires: POLARSSL_ECP_C
- */
#define POLARSSL_ECDH_C
+ */
/**
* \def POLARSSL_ECDSA_C
@@ -1609,8 +1609,8 @@
* ECDHE-ECDSA
*
* Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
- */
#define POLARSSL_ECDSA_C
+ */
/**
* \def POLARSSL_ECP_C
@@ -1622,8 +1622,8 @@
* library/ecdsa.c
*
* Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
- */
#define POLARSSL_ECP_C
+ */
/**
* \def POLARSSL_ENTROPY_C
@@ -1662,8 +1662,8 @@
*
* This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
* requisites are enabled as well.
- */
#define POLARSSL_GCM_C
+ */
/**
* \def POLARSSL_HAVEGE_C
@@ -1699,8 +1699,8 @@
* Requires: POLARSSL_MD_C
*
* Uncomment to enable the HMAC_DRBG random number geerator.
- */
#define POLARSSL_HMAC_DRBG_C
+ */
/**
* \def POLARSSL_MD_C
@@ -1826,8 +1826,8 @@
* Requires: POLARSSL_HAVE_ASM
*
* This modules adds support for the VIA PadLock on x86.
- */
#define POLARSSL_PADLOCK_C
+ */
/**
* \def POLARSSL_PBKDF2_C
@@ -1992,8 +1992,8 @@
* Module: library/ripemd160.c
* Caller: library/md.c
*
- */
#define POLARSSL_RIPEMD160_C
+ */
/**
* \def POLARSSL_RSA_C
@@ -2072,8 +2072,8 @@
* Caller:
*
* Requires: POLARSSL_SSL_CACHE_C
- */
#define POLARSSL_SSL_CACHE_C
+ */
/**
* \def POLARSSL_SSL_CLI_C
@@ -2149,8 +2149,8 @@
* Caller: library/havege.c
*
* This module is used by the HAVEGE random number generator.
- */
#define POLARSSL_TIMING_C
+ */
/**
* \def POLARSSL_VERSION_C
@@ -2160,8 +2160,8 @@
* Module: library/version.c
*
* This module provides run-time version information.
- */
#define POLARSSL_VERSION_C
+ */
/**
* \def POLARSSL_X509_USE_C
@@ -2270,8 +2270,8 @@
*
* Module: library/xtea.c
* Caller:
- */
#define POLARSSL_XTEA_C
+ */
/* \} name SECTION: mbed TLS modules */

232
package/lean/shadowsocksR-libev-full/Makefile Normal file
View File

@ -0,0 +1,232 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=shadowsocksR-libev
PKG_VERSION:=3.0.9
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=d4904568c0bd7e0861c0cbfeaa43740f404db214
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=breakwa11
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/shadowsocksr-libev/Default
SECTION:=net
CATEGORY:=Network
TITLE:=Lightweight Secured Socks5 Proxy
URL:=https://github.com/breakwa11/shadowsocks-libev
endef
define Package/shadowsocksr-libev
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +libpcre +zlib
endef
define Package/shadowsocksr-libev-alt
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +libpcre +zlib
endef
define Package/shadowsocksr-libev-mini
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +libpcre
endef
define Package/shadowsocksr-libev-polarssl
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +libpcre
endef
define Package/shadowsocksr-libev-gfwlist
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +dnsmasq-full +ipset +iptables +wget +libpcre
endef
define Package/shadowsocksr-libev-gfwlist-polarssl
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +dnsmasq-full +ipset +iptables +wget-nossl +libpcre
endef
define Package/shadowsocksr-libev-gfwlist-4M
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +dnsmasq-full +ipset +iptables +libpcre
endef
define Package/shadowsocksr-libev/description
ShadowsocksR-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes.
endef
Package/shadowsocksr-libev-mini/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-alt/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-polarssl/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist-polarssl/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist-4M/description=$(Package/shadowsocksr-libev/description)
define Package/shadowsocksr-libev/conffiles
/etc/shadowsocksr.json
endef
Package/shadowsocksr-libev-alt/conffiles = $(Package/shadowsocksr-libev/conffiles)
Package/shadowsocksr-libev-mini/conffiles = $(Package/shadowsocksr-libev/conffiles)
Package/shadowsocksr-libev-polarssl/conffiles = $(Package/shadowsocksr-libev/conffiles)
define Package/shadowsocksr-libev-gfwlist/conffiles
/etc/shadowsocksr.json
/etc/dnsmasq.d/custom_list.conf
endef
Package/shadowsocksr-libev-gfwlist-polarssl/conffiles = $(Package/shadowsocksr-libev-gfwlist/conffiles)
Package/shadowsocksr-libev-gfwlist-4M/conffiles = $(Package/shadowsocksr-libev-gfwlist/conffiles)
Package/shadowsocksr-libev-server-polarssl/conffiles = $(Package/shadowsocksr-libev-server/conffiles)
define Package/shadowsocksr-libev-gfwlist/postinst
#!/bin/sh
if [ ! -f /etc/dnsmasq.d/custom_list.conf ]; then
echo "ipset -N gfwlist iphash" >> /etc/firewall.user
echo "iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080" >> /etc/firewall.user
echo "iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080" >> /etc/firewall.user
echo "cache-size=5000" >> /etc/dnsmasq.conf
echo "min-cache-ttl=1800" >> /etc/dnsmasq.conf
echo "conf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf
echo "*/10 * * * * /root/ssr-watchdog >> /var/log/shadowsocksr_watchdog.log 2>&1" >> /etc/crontabs/root
echo "0 1 * * 0 echo \"\" > /var/log/shadowsocksr_watchdog.log" >> /etc/crontabs/root
fi
if [ -z "$${IPKG_INSTROOT}" ]; then
ipset create gfwlist hash:ip
iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080
iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080
/etc/init.d/dnsmasq restart
/etc/init.d/cron restart
/etc/init.d/shadowsocksr restart
fi
exit 0
endef
define Package/shadowsocks-libev-gfwlist/postrm
#!/bin/sh
if [ -z "$${IPKG_INSTROOT}" ]; then
sed -i '/cache-size=5000/d' /etc/dnsmasq.conf
sed -i '/min-cache-ttl=1800/d' /etc/dnsmasq.conf
sed -i '/conf-dir=\/etc\/dnsmasq.d/d' /etc/dnsmasq.conf
rm -rf /etc/dnsmasq.d
/etc/init.d/dnsmasq restart
sed -i '/ipset create gfwlist hash:ip/d' /etc/firewall.user
sed -i '/iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080/d' /etc/firewall.user
sed -i '/iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080/d' /etc/firewall.user
ipset flush gfwlist
sed -i '/shadowsocksr_watchdog.log/d' /etc/crontabs/root
/etc/init.d/cron restart
fi
exit 0
endef
Package/shadowsocksr-libev-gfwlist-polarssl/postinst = $(Package/shadowsocksr-libev-gfwlist/postinst)
Package/shadowsocksr-libev-gfwlist-polarssl/postrm = $(Package/shadowsocksr-libev-gfwlist/postrm)
Package/shadowsocksr-libev-gfwlist-4M/postinst = $(Package/shadowsocksr-libev-gfwlist/postinst)
Package/shadowsocksr-libev-gfwlist-4M/postrm = $(Package/shadowsocksr-libev-gfwlist/postrm)
CONFIGURE_ARGS += --disable-ssp
ifeq ($(BUILD_VARIANT),polarssl)
CONFIGURE_ARGS += --with-crypto-library=polarssl
endif
define Package/shadowsocksr-libev/install
#$(INSTALL_DIR) $(1)/etc/init.d
#$(INSTALL_BIN) ./files/shadowsocksr $(1)/etc/init.d/shadowsocksr
#$(INSTALL_CONF) ./files/shadowsocksr.json $(1)/etc/shadowsocksr.json
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
endef
define Package/shadowsocksr-libev-mini/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
endef
define Package/shadowsocksr-libev-alt/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
endef
Package/shadowsocksr-libev-polarssl/install=$(Package/shadowsocksr-libev/install)
define Package/shadowsocksr-libev-gfwlist/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/shadowsocksr-gfwlist $(1)/etc/init.d/shadowsocksr
$(INSTALL_CONF) ./files/shadowsocksr-gfwlist.json $(1)/etc/shadowsocksr.json.main
$(INSTALL_CONF) ./files/shadowsocksr-gfwlist.json $(1)/etc/shadowsocksr.json.backup
$(INSTALL_CONF) ./files/firewall.user $(1)/etc/firewall.user
$(INSTALL_CONF) ./files/dnsmasq.conf $(1)/etc/dnsmasq.conf
$(INSTALL_DIR) $(1)/etc/dnsmasq.d
$(INSTALL_CONF) ./files/gfw_list.conf $(1)/etc/dnsmasq.d/gfw_list.conf
$(INSTALL_CONF) ./files/custom_list.conf $(1)/etc/dnsmasq.d/custom_list.conf
$(INSTALL_DIR) $(1)/root
$(INSTALL_BIN) ./files/ssr-watchdog $(1)/root/ssr-watchdog
$(INSTALL_DIR) $(1)/etc/crontabs
$(INSTALL_CONF) ./files/root $(1)/etc/crontabs/root
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller
$(INSTALL_CONF) ./files/shadowsocksr-libev.lua $(1)/usr/lib/lua/luci/controller/shadowsocksr-libev.lua
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev
$(INSTALL_CONF) ./files/shadowsocksr-libev-general.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-general.lua
$(INSTALL_CONF) ./files/shadowsocksr-libev-backup.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-backup.lua
$(INSTALL_CONF) ./files/shadowsocksr-libev-custom.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-custom.lua
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/shadowsocksr-libev
$(INSTALL_CONF) ./files/gfwlistr.htm $(1)/usr/lib/lua/luci/view/shadowsocksr-libev/gfwlistr.htm
$(INSTALL_CONF) ./files/watchdogr.htm $(1)/usr/lib/lua/luci/view/shadowsocksr-libev/watchdogr.htm
endef
Package/shadowsocksr-libev-gfwlist-polarssl/install = $(Package/shadowsocksr-libev-gfwlist/install)
Package/shadowsocksr-libev-gfwlist-4M/install = $(Package/shadowsocksr-libev-gfwlist/install)
$(eval $(call BuildPackage,shadowsocksr-libev))
$(eval $(call BuildPackage,shadowsocksr-libev-mini))
$(eval $(call BuildPackage,shadowsocksr-libev-alt))
$(eval $(call BuildPackage,shadowsocksr-libev-polarssl))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist-polarssl))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist-4M))

2
package/lean/shadowsocksR-libev-full/files/custom_list.conf Normal file
View File

@ -0,0 +1,2 @@
#server=/.baidu.com/127.0.0.1#5353
#ipset=/.baidu.com/gfwlist

41
package/lean/shadowsocksR-libev-full/files/dnsmasq.conf Normal file
View File

@ -0,0 +1,41 @@
# Change the following lines if you want dnsmasq to serve SRV
# records.
# You may add multiple srv-host lines.
# The fields are <name>,<target>,<port>,<priority>,<weight>
# A SRV record sending LDAP for the example.com domain to
# ldapserver.example.com port 289
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
# Two SRV records for LDAP, each with different priorities
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
# A SRV record indicating that there is no LDAP server for the domain
# example.com
#srv-host=_ldap._tcp.example.com
# The following line shows how to make dnsmasq serve an arbitrary PTR
# record. This is useful for DNS-SD.
# The fields are <name>,<target>
#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
# Change the following lines to enable dnsmasq to serve TXT records.
# These are used for things like SPF and zeroconf.
# The fields are <name>,<text>,<text>...
#Example SPF.
#txt-record=example.com,"v=spf1 a -all"
#Example zeroconf
#txt-record=_http._tcp.example.com,name=value,paper=A4
# Provide an alias for a "local" DNS name. Note that this _only_ works
# for targets which are names from DHCP or /etc/hosts. Give host
# "bert" another name, bertrand
# The fields are <cname>,<target>
#cname=bertand,bert
cache-size=1000
min-cache-ttl=1800
conf-dir=/etc/dnsmasq.d

11
package/lean/shadowsocksR-libev-full/files/firewall.user Normal file
View File

@ -0,0 +1,11 @@
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
ipset create gfwlist hash:ip
iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 8989
iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 8989

6988
package/lean/shadowsocksR-libev-full/files/gfw_list.conf Normal file
View File

File diff suppressed because it is too large Load Diff

7
package/lean/shadowsocksR-libev-full/files/gfwlistr.htm Normal file
View File

@ -0,0 +1,7 @@
<%+header%>
<h2><a id="content" name="content"><%:ShadowsocksR - GFW List%></a></h2>
<div class="cbi-map-descr">ShadowsocksR内置的 GFW 名单</div>
<div id="content_gfwlist">
<textarea readonly="readonly" wrap="off" style="width: 100%" rows="20" id="gfwlist"><%=gfwlist:pcdata()%></textarea>
</div>
<%+footer%>

3
package/lean/shadowsocksR-libev-full/files/root Normal file
View File

@ -0,0 +1,3 @@
*/10 * * * * /root/ssr-watchdog >> /var/log/shadowsocksr_watchdog.log 2>&1
0 1 * * 0 echo "" > /var/log/shadowsocksr_watchdog.log
#0 1 * * 0 sleep 70 && touch /etc/banner && reboot

21
package/lean/shadowsocksR-libev-full/files/shadowsocksr Normal file
View File

@ -0,0 +1,21 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr.json
start() {
service_start /usr/bin/ssr-local -c $CONFIG -l 8888
#service_start /usr/bin/ssr-redir -c $CONFIG
#service_start /usr/bin/ssr-tunnel -c $CONFIG -l 5353 -L 8.8.8.8:53 -U
}
stop() {
service_stop /usr/bin/ssr-local
#service_stop /usr/bin/ssr-redir
#service_stop /usr/bin/ssr-tunnel
}

26
package/lean/shadowsocksR-libev-full/files/shadowsocksr-gfwlist Normal file
View File

@ -0,0 +1,26 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr.json
if [ ! -f $CONFIG ]; then
ln -sf /etc/shadowsocksr.json.main $CONFIG
fi
start() {
service_start /usr/bin/ssr-redir -c $CONFIG -b 0.0.0.0 -l 8989
sleep 1
service_start /usr/bin/ssr-tunnel -c $CONFIG -b 0.0.0.0 -l 5353 -L 8.8.8.8:53 -U
sleep 1
}
stop() {
service_stop /usr/bin/ssr-redir
sleep 1
service_stop /usr/bin/ssr-tunnel
sleep 1
}

11
package/lean/shadowsocksR-libev-full/files/shadowsocksr-gfwlist.json Normal file
View File

@ -0,0 +1,11 @@
{
"server": "serv-ro.ddns.info",
"server_port": 23143,
"password": "test.TEST",
"method": "aes-256-cfb",
"protocol": "origin",
"obfs": "plain",
"timeout": 120,
"supported_protocol": "origin, verify_simple, auth_simple, auth_sha1, auth_sha1_v2, auth_sha1_v4",
"supported_obfs": "plain, http_simple, tls1.0_session_auth, tls1.2_ticket_auth"
}

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-backup.lua Normal file
View File

@ -0,0 +1,23 @@
local fs = require "nixio.fs"
local conffile = "/etc/shadowsocksr.json.backup"
f = SimpleForm("general", translate("ShadowsocksR - 备份服务器设置"), translate("ShadowsocksR 备份服务器设置地址,当主服务器不可时将自动连接到此服务器。 主服务器可用时将自动切换回主服务器"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/shadowsocksr restart")
end
end
return true
end
return f

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-custom.lua Normal file
View File

@ -0,0 +1,23 @@
local fs = require "nixio.fs"
local conffile = "/etc/dnsmasq.d/custom_list.conf"
f = SimpleForm("custom", translate("ShadowsocksR - 自定义列表"), translate("ShadowsocksR 自动定义翻墙域名的列表。<BR />请参照以下写法去掉前面的 # 输入"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/dnsmasq restart && ipset flush gfwlist")
end
end
return true
end
return f

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-general.lua Normal file
View File

@ -0,0 +1,23 @@
local fs = require "nixio.fs"
local conffile = "/etc/shadowsocksr.json.main"
f = SimpleForm("general", translate("ShadowsocksR - 主服务器配置"), translate("ShadowsocksR 主服务器配置文件,此服务器将优先被使用"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/shadowsocksr restart")
end
end
return true
end
return f

45
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev.lua Normal file
View File

@ -0,0 +1,45 @@
module("luci.controller.shadowsocksr-libev", package.seeall)
function index()
if not nixio.fs.access("/etc/shadowsocksr.json") then
return
end
entry({"admin", "services", "shadowsocksr-libev"},
alias("admin", "services", "shadowsocksr-libev", "general"),
_("ShadowsocksR设置"), 10)
entry({"admin", "services", "shadowsocksr-libev", "general"},
cbi("shadowsocksr-libev/shadowsocksr-libev-general"),
_("主服务器设置"), 10).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "backup"},
cbi("shadowsocksr-libev/shadowsocksr-libev-backup"),
_("备份服务器设置"), 20).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "gfwlist"},
call("action_gfwlist"),
_("GFW 内置名单"), 30).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "custom"},
cbi("shadowsocksr-libev/shadowsocksr-libev-custom"),
_("自定义域名列表"), 40).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "watchdog"},
call("action_watchdog"),
_("守护进程日志"), 50).leaf = true
end
function action_gfwlist()
local fs = require "nixio.fs"
local conffile = "/etc/dnsmasq.d/gfw_list.conf"
local gfwlist = fs.readfile(conffile) or ""
luci.template.render("shadowsocksr-libev/gfwlistr", {gfwlist=gfwlist})
end
function action_watchdog()
local fs = require "nixio.fs"
local conffile = "/var/log/shadowsocksr_watchdog.log"
local watchdog = fs.readfile(conffile) or ""
luci.template.render("shadowsocksr-libev/watchdogr", {watchdog=watchdog})
end

17
package/lean/shadowsocksR-libev-full/files/shadowsocksr-server Normal file
View File

@ -0,0 +1,17 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr-server.json
start() {
service_start /usr/bin/ssr-server -c $CONFIG -u
}
stop() {
service_stop /usr/bin/ssr-server
}

15
package/lean/shadowsocksR-libev-full/files/shadowsocksr-server.json Normal file
View File

@ -0,0 +1,15 @@
{
"server": "0.0.0.0",
"server_ipv6": "::",
"server_port": 443,
"password": "password",
"method": "rc4-md5",
"timeout": 120,
"protocol": "origin",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"redirect": "",
"dns_ipv6": false,
"fast_open": false
}

14
package/lean/shadowsocksR-libev-full/files/shadowsocksr.json Normal file
View File

@ -0,0 +1,14 @@
{
"server": "serverip",
"server_port": 443,
"password": "password",
"method": "rc4-md5",
"local_address": "0.0.0.0",
"local_port": 1080,
"timeout": 120,
"protocol": "origin",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"fast_open": false
}

47
package/lean/shadowsocksR-libev-full/files/ssr-watchdog Normal file
View File

@ -0,0 +1,47 @@
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
CURRENT=$(ls -l /etc/shadowsocksr.json | awk -F "." '{print $4}')
if [ "$CURRENT" == "backup" ]; then
echo "[$LOGTIME] Backup server is running."
MAIN=$(cat /etc/shadowsocksr.json.main | awk -F '\"' '/\"server\"/ {print $4}')
PM=$(ping -c 3 $MAIN | grep 'loss' | awk -F ',' '{ print $3 }' | awk -F "%" '{ print $1 }')
if [ "$PM" -lt "50" ]; then
echo "[$LOGTIME] Main server up,$PM% packet loss, switch back."
ln -sf /etc/shadowsocksr.json.main /etc/shadowsocksr.json
CURRENT=$(ls -l /etc/shadowsocksr.json | awk -F "." '{print $4}')
/etc/init.d/shadowsocksr restart
sleep 3
else
echo "[$LOGTIME] Main server down,$PM% packet loss."
fi
fi
wget --spider --quiet -T 3 www.google.com.hk
if [ "$?" == "0" ]; then
echo "[$LOGTIME] No problem."
exit 0
else
wget --spider --quiet -T 3 www.baidu.com
if [ "$?" == "0" ]; then
echo "[$LOGTIME] Problem decteted, restart ShadowsocksR."
/etc/init.d/shadowsocksr restart
if [ "$CURRENT" == "main" ]; then
sleep 3
wget --spider --quiet -T 3 www.google.com.hk
if [ "$?" == "0" ]; then
echo "[$LOGTIME] ShadowsocksR recovered."
exit 0
else
echo "[$LOGTIME] Main server down, switch to backup server."
ln -sf /etc/shadowsocksr.json.backup /etc/shadowsocksr.json
/etc/init.d/shadowsocksr restart
exit 0
fi
fi
else
echo "[$LOGTIME] Network problem. Do nothing."
fi
fi

7
package/lean/shadowsocksR-libev-full/files/watchdogr.htm Normal file
View File

@ -0,0 +1,7 @@
<%+header%>
<h2><a id="content" name="content"><%:ShadowsocksR - 守护进程日志%></a></h2>
<div class="cbi-map-descr">ShadowsocksR 守护进程日志</div>
<div id="content_watchdog">
<textarea readonly="readonly" wrap="off" style="width: 100%" rows="20" id="watchdog"><%=watchdog:pcdata()%></textarea>
</div>
<%+footer%>

315
package/lean/shadowsocksR-libev-full/patches/0001-ss-check-Backport.patch Normal file
View File

@ -0,0 +1,315 @@
From 4a153bc0bb8ed20517871bddbf92ba69057bef97 Mon Sep 17 00:00:00 2001
From: WouldChar <wouldchar@gmail.com>
Date: Mon, 18 Dec 2017 19:33:51 +0800
Subject: [PATCH 1/7] Backport ss-check
* from https://github.com/ywb94/shadowsocks-libev
---
src/Makefile.am | 5 ++
src/check.c | 242 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
src/redir.c | 2 +-
3 files changed, 248 insertions(+), 1 deletion(-)
create mode 100644 src/check.c
diff --git a/src/Makefile.am b/src/Makefile.am
index eea1300..d2c6d24 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -22,7 +22,7 @@ SS_COMMON_LIBS += $(top_builddir)/libev/libev.la \
$(top_builddir)/libsodium/src/libsodium/libsodium.la
endif
-bin_PROGRAMS = ss-local
+bin_PROGRAMS = ss-local ss-check
#bin_PROGRAMS += ss-tunnel
if !BUILD_WINCOMPAT
#bin_PROGRAMS += ss-server ss-manager
@@ -42,6 +43,8 @@ ss_local_SOURCES = utils.c \
local.c \
$(sni_src)
+ss_check_SOURCES = check.c
+
#ss_tunnel_SOURCES = utils.c \
# jconf.c \
# json.c \
@@ -69,6 +72,7 @@ ss_local_SOURCES = utils.c \
# manager.c
ss_local_LDADD = $(SS_COMMON_LIBS)
+ss_check_LDADD = $(SS_COMMON_LIBS)
#ss_tunnel_LDADD = $(SS_COMMON_LIBS)
#ss_server_LDADD = $(SS_COMMON_LIBS)
#ss_manager_LDADD = $(SS_COMMON_LIBS)
@@ -83,6 +87,7 @@ ss_local_LDADD += $(top_builddir)/libudns/libudns.la
endif
ss_local_CFLAGS = $(AM_CFLAGS) -DMODULE_LOCAL
+ss_check_CFLAGS = $(AM_CFLAGS) -DMODULE_CHECK
#ss_tunnel_CFLAGS = $(AM_CFLAGS) -DMODULE_TUNNEL
#ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE
#ss_manager_CFLAGS = $(AM_CFLAGS) -DMODULE_MANAGER
diff --git a/src/check.c b/src/check.c
new file mode 100644
index 0000000..9243686
--- /dev/null
+++ b/src/check.c
@@ -0,0 +1,242 @@
+/*
+ * check.c - check remote shadowsocks server port
+ *
+ * Copyright (C) 2017, yushi studio <ywb94@qq.com>
+ *
+ * This file is part of the shadowsocks-libev.
+ *
+ * shadowsocks-libev is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * shadowsocks-libev is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with shadowsocks-libev; see the file COPYING. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <errno.h>
+#include <time.h>
+#include <arpa/inet.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <string.h>
+
+//#define __DEBUG__
+#ifdef __DEBUG__
+#define DEBUG(format,...) printf("File: "__FILE__", Line: %05d: "format"/n", __LINE__, ##__VA_ARGS__)
+#else
+#define DEBUG(format,...)
+#endif
+
+static sigjmp_buf jmpbuf;
+
+static void alarm_func()
+{
+ siglongjmp(jmpbuf, 1);
+}
+
+static struct hostent *timeGethostbyname(const char *domain, int timeout)
+{
+ struct hostent *ipHostent = NULL;
+ signal(SIGALRM, alarm_func);
+ if (sigsetjmp(jmpbuf, 1) != 0) {
+ alarm(0); //timout
+ signal(SIGALRM, SIG_IGN);
+ return NULL;
+ }
+ alarm(timeout); //setting alarm
+ ipHostent = gethostbyname(domain);
+ signal(SIGALRM, SIG_IGN);
+ return ipHostent;
+}
+
+
+#define MY_HTTP_DEFAULT_PORT 80
+#define BUFFER_SIZE 1024
+#define HTTP_POST "POST /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n"\
+ "Content-Type:application/x-www-form-urlencoded\r\nContent-Length: %d\r\n\r\n%s"
+#define HTTP_GET "GET /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n\r\n"
+
+static int http_parse_url(const char *url, char *host, char *file, int *port)
+{
+ char *ptr1, *ptr2;
+ int len = 0;
+ if (!url || !host || !file || !port)
+ return 1;
+
+ ptr1 = (char *)url;
+
+ if (!strncmp(ptr1, "http://", strlen("http://")))
+ ptr1 += strlen("http://");
+ else
+ return 1;
+
+ ptr2 = strchr(ptr1, '/');
+ if (ptr2) {
+ len = strlen(ptr1) - strlen(ptr2);
+ memcpy(host, ptr1, len);
+ host[len] = '\0';
+ if (*(ptr2 + 1)) {
+ memcpy(file, ptr2 + 1, strlen(ptr2) - 1);
+ file[strlen(ptr2) - 1] = '\0';
+ }
+ }
+ else {
+ memcpy(host,ptr1,strlen(ptr1));
+ host[strlen(ptr1)] = '\0';
+ }
+
+ //get host and ip
+ ptr1 = strchr(host, ':');
+ if (ptr1) {
+ *ptr1++ = '\0';
+ *port = atoi(ptr1);
+ }
+ else
+ *port = MY_HTTP_DEFAULT_PORT;
+
+ return 0;
+}
+
+static int http_tcpclient_recv(int socket, char *lpbuff)
+{
+ int recvnum = 0;
+
+ recvnum = recv(socket, lpbuff, BUFFER_SIZE*4, 0);
+
+ return recvnum;
+}
+
+static int http_tcpclient_send(int socket, char *buff, int size)
+{
+ int sent = 0, tmpres = 0;
+
+ while (sent < size) {
+ tmpres = send(socket, buff + sent, size - sent, 0);
+ if (tmpres == -1)
+ return 1;
+ sent += tmpres;
+ }
+ return sent;
+}
+
+int http_get(const char *url, int socket_fd)
+{
+ char lpbuf[BUFFER_SIZE * 4] = {'\0'};
+
+ char host_addr[BUFFER_SIZE] = {'\0'};
+ char file[BUFFER_SIZE] = {'\0'};
+ int port = 0;
+
+ if (!url) {
+ DEBUG("url failed\n");
+ return 1;
+ }
+
+ if (http_parse_url(url, host_addr, file, &port)) {
+ DEBUG("http_parse_url failed\n");
+ return 1;
+ }
+ DEBUG("url: %s\thost_addr: %s\tfile: %s\t, %d\n", url, host_addr, file, port);
+
+ if (socket_fd < 0) {
+ DEBUG("http_tcpclient_create failed\n");
+ return 1;
+ }
+
+ sprintf(lpbuf, HTTP_GET, file, host_addr, port);
+
+ if (http_tcpclient_send(socket_fd, lpbuf, strlen(lpbuf)) < 0) {
+ DEBUG("http_tcpclient_send failed\n");
+ return 1;
+ }
+ DEBUG("request:\n%s\n", lpbuf);
+
+ if (http_tcpclient_recv(socket_fd, lpbuf) <= 0) {
+ DEBUG("http_tcpclient_recv failed\n");
+ close(socket_fd);
+ return 1;
+ }
+ DEBUG("rec:\n%s\n", lpbuf);
+ close(socket_fd);
+
+ //return http_parse_result(lpbuf);
+ return 0;
+}
+
+int main(int argc, char *argv[])
+{
+ int fd, http_flag = 0, http_ret = 1;
+ struct sockaddr_in addr;
+ struct hostent *host;
+ struct timeval timeo = {3, 0};
+ socklen_t len = sizeof(timeo);
+
+ char http_url[100] = "http://";
+
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ if (argc >= 4)
+ timeo.tv_sec = atoi(argv[3]);
+ if (argc >= 5)
+ http_flag=1;
+
+ if ((host = timeGethostbyname(argv[1], timeo.tv_sec)) == NULL) {
+ DEBUG("gethostbyname err\n");
+ return 1;
+ }
+
+ if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &timeo, len) == -1) {
+ DEBUG("setsockopt send err\n");
+ return 1;
+ }
+
+ if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timeo, len) == -1) {
+ DEBUG("setsockopt recv err\n");
+ return 1;
+ }
+
+ addr.sin_family = AF_INET;
+ addr.sin_addr = *((struct in_addr *)host->h_addr);
+ //addr.sin_addr.s_addr = inet_addr(argv[1]);
+ addr.sin_port = htons(atoi(argv[2]));
+
+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
+ if (errno == EINPROGRESS) {
+ DEBUG("timeout err\n");
+ return 1;
+ }
+ DEBUG("connect err\n");
+ return 1;
+ }
+
+ if (http_flag == 0) {
+ close(fd);
+ return 0;
+ }
+
+ strcat(http_url, argv[1]);
+ http_ret = http_get(http_url, fd);
+
+ if (http_ret == 1) {
+ DEBUG("recv err");
+ return 1;
+ }
+ else {
+ DEBUG("recv ok");
+ return 0;
+ }
+}
diff --git a/src/redir.c b/src/redir.c
index 4345a36..e2bdd0e 100644
--- a/src/redir.c
+++ b/src/redir.c
@@ -203,7 +203,7 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
// continue to wait for recv
return;
} else {
- ERROR("server recv");
+ //ERROR("server recv");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
--
2.7.4