add new ShadowSocksR Plus+ and Turbo ACC acceleration center Luci apps

include/target.mk

@@ -15,8 +15,8 @@ DEVICE_TYPE?=router
 # Default packages - the really basic set
 DEFAULT_PACKAGES:=base-files libc libgcc busybox dropbear mtd uci opkg netifd fstools uclient-fetch logd \
 iptables-mod-nat-extra kmod-nf-nathelper kmod-nf-nathelper-extra kmod-ipt-raw kmod-macvlan kmod-nft-offload block-mount automount \
-default-settings ipset-lists luci luci-app-ddns luci-app-sqm luci-app-upnp luci-app-adbyby-plus luci-app-autoreboot \
-luci-app-filetransfer luci-app-ssr-pro luci-app-usb-printer luci-app-vsftpd ddns-scripts_aliyun luci-app-xlnetacc \
+default-settings luci luci-app-ddns luci-app-sqm luci-app-upnp luci-app-adbyby-plus luci-app-autoreboot \
+luci-app-filetransfer luci-app-ssr-plus luci-app-usb-printer luci-app-vsftpd ddns-scripts_aliyun luci-app-xlnetacc \
 luci-app-pptp-server luci-app-ipsec-vpnd luci-app-vlmcsd luci-app-wifischedule luci-app-wol  \
 luci-app-sfe luci-app-flowoffload luci-app-nlbwmon luci-app-wrtbwmon
 # For nas targets

package/lean/automount/Makefile

@@ -17,7 +17,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/automount
   TITLE:=Mount autoconfig hotplug script.
   MAINTAINER:=Lean
-  DEPENDS:=block-mount +kmod-usb-storage +kmod-usb-storage-extras +kmod-fs-ext4 +kmod-fs-vfat +ntfs-3g
+  DEPENDS:=block-mount +kmod-usb-storage +kmod-usb-storage-extras
 endef
 
 define Package/automount/description

package/lean/autosamba/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=autosamba
 PKG_VERSION:=1
-PKG_RELEASE:=8
+PKG_RELEASE:=9
 PKG_ARCH:=all
 
 include $(INCLUDE_DIR)/package.mk
@@ -17,7 +17,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/autosamba
   TITLE:=Samba autoconfig hotplug script.
   MAINTAINER:=Lean
-  DEPENDS:=+luci-app-samba
+  DEPENDS:=+luci-app-samba +kmod-fs-vfat +ntfs-3g +kmod-fs-ext4
 endef
 
 define Package/autosamba/description

package/lean/luci-app-flowoffload/Makefile

@@ -6,10 +6,10 @@
 include $(TOPDIR)/rules.mk
 
 LUCI_TITLE:=LuCI support for Flow Offload
-LUCI_DEPENDS:=@LINUX_4_14
+LUCI_DEPENDS:=+kmod-ipt-offload @LINUX_4_14
 LUCI_PKGARCH:=all
 PKG_VERSION:=1.0
-PKG_RELEASE:=7
+PKG_RELEASE:=6
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

package/lean/luci-app-flowoffload/luasrc/controller/flowoffload.lua

@@ -5,7 +5,7 @@ function index()
 		return
 	end
 	local page
-	page = entry({"admin", "network", "flowoffload"}, cbi("flowoffload"), _(" Flow Offload ACC"), 101)
+	page = entry({"admin", "network", "flowoffload"}, cbi("flowoffload"), _("Turbo ACC Center"), 101)
 	page.i18n = "flowoffload"
 	page.dependent = true
 	

package/lean/luci-app-flowoffload/luasrc/model/cbi/flowoffload.lua

@@ -2,7 +2,7 @@ local m,s,o
 local SYS  = require "luci.sys"
 
 m = Map("firewall")
-m.title	= translate("Linux Flow Offload Forwarding Engine Settings")
+m.title	= translate("Turbo ACC Acceleration Settings")
 m.description = translate("Opensource Linux Flow Offload driver (Fast Path or HWNAT)")
 m:append(Template("flow/status"))
 
@@ -19,8 +19,6 @@ hw = s:option(Flag, "flow_offloading_hw", translate("HWNAT"))
 hw.default = 0
 hw.rmempty = false
 hw.description = translate("Enable Hardware NAT (depends on hw capability like MTK 762x)")
-hw:depends( "flow_offloading", 1)
-
-
+hw:depends("flow_offloading", 1)
 
 return m

package/lean/luci-app-flowoffload/po/zh-cn/flowoffload.po

@@ -1,11 +1,11 @@
 msgid "Flow Offload ACC"
 msgstr "Flow Offload 转发加速"
 
-msgid "<strong><font color=\"green\">Linux Flow offload Forwarding Engine is Running</font></strong>"
-msgstr "<strong><font color=\"green\">Linux Flow offload 转发引擎正在运行</font></strong>"
+msgid "Turbo ACC Center"
+msgstr "Turbo ACC 网络加速"
 
-msgid "<strong><font color=\"red\">Linux Flow offload Forwarding  Engine is Not Running</font></strong>"
-msgstr "<strong><font color=\"red\">Linux Flow offload Forwarding  转发引擎未运行</font></strong>"
+msgid "Turbo ACC Acceleration Settings"
+msgstr "Turbo ACC 网络加速设置"
 
 msgid "Linux Flow Offload Forwarding Engine Settings"
 msgstr "Linux Flow Offload Forwarding 转发加速引擎设置"
@@ -16,9 +16,8 @@ msgstr "开源 Linux Flow Offload 驱动 (支持 Fast Path 或者 HWNAT)"
 msgid "Enable"
 msgstr "启用"
 
+msgid "Enable software flow offloading for connections. (decrease cpu load / increase routing throughput)"
+msgstr "开启 Flow Offloading 转发加速. (降低CPU占用 / 增强路由转发性能，和多WAN或者QOS功能可能会冲突)"
 
-
-
-
-
-
+msgid "Enable Hardware NAT (depends on hw capability like MTK 762x)"
+msgstr "启用硬件HWNAT加速（依赖特定的硬件，例如 MTK 762x 系列）"

package/lean/luci-app-ipsec-vpnd/Makefile

@@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk
 LUCI_TITLE:=LuCI support for IPSec VPN Server (IKEv1 with PSK and Xauth)
 LUCI_DEPENDS:=+strongswan-minimal +strongswan-mod-xauth-generic
 LUCI_PKGARCH:=all
-PKG_VERSION:=2.0
-PKG_RELEASE:=10
+PKG_VERSION:=1.0
+PKG_RELEASE:=5
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

package/lean/luci-app-ipsec-vpnd/luasrc/controller/ipsec-server.lua

@@ -7,8 +7,13 @@ function index()
 	end
 	
 	entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
-	
-	local page
-
 	entry({"admin", "vpn", "ipsec-server"}, cbi("ipsec-server/ipsec-server"), _("IPSec VPN Server"), 80).dependent=false
+	entry({"admin", "vpn", "ipsec-server","status"},call("act_status")).leaf=true
+end
+
+function act_status()
+  local e={}
+  e.running=luci.sys.call("pgrep ipsec >/dev/null")==0
+  luci.http.prepare_content("application/json")
+  luci.http.write_json(e)
 end

package/lean/luci-app-ipsec-vpnd/luasrc/model/cbi/ipsec-server/ipsec-server.lua

@@ -1,12 +1,11 @@
 
---require("luci.tools.webadmin")
-
 mp = Map("ipsec", translate("IPSec VPN Server"))
 mp.description = translate("IPSec VPN connectivity using the native built-in VPN Client on iOS or Andriod (IKEv1 with PSK and Xauth)")
 
+mp:section(SimpleSection).template  = "ipsec/ipsec_status"
+
 s = mp:section(NamedSection, "ipsec", "service")
 s.anonymouse = true
---s.addremove = true
 
 enabled = s:option(Flag, "enabled", translate("Enable"))
 enabled.default = 0
@@ -33,135 +32,4 @@ password.password = true
 secret = s:option(Value, "secret", translate("Secret Pre-Shared Key"))
 secret.password = true
 
-
-function mp.on_save(self)
-    require "luci.model.uci"
-    require "luci.sys"
-
-	local have_ike_rule = false
-	local have_ipsec_rule = false
-	local have_ah_rule = false
-	local have_esp_rule = false
-
-    luci.model.uci.cursor():foreach('firewall', 'rule',
-        function (section)
-			if section.name == 'ike' then
-				have_ike_rule = true
-			end
-			if section.name == 'ipsec' then
-				have_ipsec_rule = true
-			end
-			if section.name == 'ah' then
-				have_ah_rule = true
-			end
-			if section.name == 'esp' then
-				have_esp_rule = true
-			end
-        end
-    )
-
-	if not have_ike_rule then
-		local cursor = luci.model.uci.cursor()
-		local ike_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', ike_rulename, {
-			['name'] = 'ike',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 'udp',
-			['dest_port'] = 500
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-  if not have_ipsec_rule then
-		local cursor = luci.model.uci.cursor()
-		local ipsec_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', ipsec_rulename, {
-			['name'] = 'ipsec',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 'udp',
-			['dest_port'] = 4500
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-	if not have_ah_rule then
-		local cursor = luci.model.uci.cursor()
-		local ah_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', ah_rulename, {
-			['name'] = 'ah',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 'ah'
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-  if not have_esp_rule then
-		local cursor = luci.model.uci.cursor()
-		local esp_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', esp_rulename, {
-			['name'] = 'esp',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 'esp'
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-	
-		
-end
-
-
-local pid = luci.util.exec("/usr/bin/pgrep ipsec")
-
-function ipsec_process_status()
-  local status = "IPSec VPN Server is not running now "
-
-  if pid ~= "" then
-      status = "IPSec VPN Server is running with the PID " .. pid .. ""
-  end
-
-  local status = { status=status }
-  local table = { pid=status }
-  return table
-end
-
-t = mp:section(Table, ipsec_process_status())
-t.anonymous = true
-
-t:option(DummyValue, "status", translate("IPSec VPN Server status"))
-
-if pid == "" then
-  start = t:option(Button, "_start", translate("Start"))
-  start.inputstyle = "apply"
-  function start.write(self, section)
-        luci.util.exec("uci set ipsec.ipsec.enabled='1' &&  uci commit ipsec")
-        message = luci.util.exec("/etc/init.d/ipsec start 2>&1")
-        luci.util.exec("sleep 2")
-        luci.http.redirect(
-                luci.dispatcher.build_url("admin", "vpn", "ipsec-server")
-        )
-  end
-else
-  stop = t:option(Button, "_stop", translate("Stop"))
-  stop.inputstyle = "reset"
-  function stop.write(self, section)
-        luci.util.exec("uci set ipsec.ipsec.enabled='0' &&  uci commit ipsec")
-        luci.util.exec("/etc/init.d/ipsec stop")
-        luci.util.exec("sleep 2")
-        luci.http.redirect(
-                luci.dispatcher.build_url("admin", "vpn", "ipsec-server")
-        )
-  end
-end
-
-function mp.on_after_commit(self)
-  os.execute("/etc/ipsecvpn restart >/dev/null 2>&1 &")
-  os.execute("/etc/init.d/firewall restart >/dev/null 2>&1 &")
-end
-
-
 return mp

package/lean/luci-app-ipsec-vpnd/luasrc/view/ipsec/ipsec_status.htm

@@ -0,0 +1,22 @@
+<script type="text/javascript">//<![CDATA[
+XHR.poll(3, '<%=url([[admin]], [[vpn]], [[ipsec-server]], [[status]])%>', null,
+	function(x, data) {
+		var tb = document.getElementById('ipsec_status');
+		if (data && tb) {
+			if (data.running) {
+				var links = '<em><b><font color=green>IPSec VPN <%:RUNNING%></font></b></em>';
+				tb.innerHTML = links;
+			} else {
+				tb.innerHTML = '<em><b><font color=red>IPSec VPN <%:NOT RUNNING%></font></b></em>';
+			}
+		}
+	}
+);
+//]]>
+</script>
+<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
+<fieldset class="cbi-section">
+	<p id="ipsec_status">
+		<em><%:Collecting data...%></em>
+	</p>
+</fieldset>

package/lean/luci-app-ipsec-vpnd/root/etc/init.d/ipsec

@@ -0,0 +1,427 @@
+#!/bin/sh /etc/rc.common
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/lib/ipsec/starter
+
+. $IPKG_INSTROOT/lib/functions.sh
+. $IPKG_INSTROOT/lib/functions/network.sh
+
+IPSEC_SECRETS_FILE=/etc/ipsec.secrets
+IPSEC_CONN_FILE=/etc/ipsec.conf
+STRONGSWAN_CONF_FILE=/etc/strongswan.conf
+
+IPSEC_VAR_SECRETS_FILE=/var/ipsec/ipsec.secrets
+IPSEC_VAR_CONN_FILE=/var/ipsec/ipsec.conf
+STRONGSWAN_VAR_CONF_FILE=/var/ipsec/strongswan.conf
+
+WAIT_FOR_INTF=0
+
+file_reset() {
+	: > "$1"
+}
+
+xappend() {
+	local file="$1"
+	shift
+
+	echo "${@}" >> "${file}"
+}
+
+remove_include() {
+	local file="$1"
+	local include="$2"
+
+	sed -i "\_${include}_d" "${file}"
+}
+
+remove_includes() {
+	remove_include "${IPSEC_CONN_FILE}" "${IPSEC_VAR_CONN_FILE}"
+	remove_include "${IPSEC_SECRETS_FILE}" "${IPSEC_VAR_SECRETS_FILE}"
+	remove_include "${STRONGSWAN_CONF_FILE}" "${STRONGSWAN_VAR_CONF_FILE}"
+}
+
+do_include() {
+	local conf="$1"
+	local uciconf="$2"
+	local backup=`mktemp -t -p /tmp/ ipsec-init-XXXXXX`
+
+	[ ! -f "${conf}" ] && rm -rf "${conf}"
+	touch "${conf}"
+
+	cat "${conf}" | grep -v "${uciconf}" > "${backup}"
+	mv "${backup}" "${conf}"
+	xappend "${conf}" "include ${uciconf}"
+	file_reset "${uciconf}"
+}
+
+ipsec_reset() {
+	do_include "${IPSEC_CONN_FILE}" "${IPSEC_VAR_CONN_FILE}"
+}
+
+ipsec_xappend() {
+	xappend "${IPSEC_VAR_CONN_FILE}" "$@"
+}
+
+swan_reset() {
+	do_include "${STRONGSWAN_CONF_FILE}" "${STRONGSWAN_VAR_CONF_FILE}"
+}
+
+swan_xappend() {
+	xappend "${STRONGSWAN_VAR_CONF_FILE}" "$@"
+}
+
+secret_reset() {
+	do_include "${IPSEC_SECRETS_FILE}" "${IPSEC_VAR_SECRETS_FILE}"
+}
+
+secret_xappend() {
+	xappend "${IPSEC_VAR_SECRETS_FILE}" "$@"
+}
+
+warning() {
+	echo "WARNING: $@" >&2
+}
+
+add_crypto_proposal() {
+	local encryption_algorithm
+	local hash_algorithm
+	local dh_group
+
+	config_get encryption_algorithm  "$1" encryption_algorithm
+	config_get hash_algorithm        "$1" hash_algorithm
+	config_get dh_group              "$1" dh_group
+
+	[ -n "${encryption_algorithm}" ] && \
+		crypto="${crypto:+${crypto},}${encryption_algorithm}${hash_algorithm:+-${hash_algorithm}}${dh_group:+-${dh_group}}"
+}
+
+set_crypto_proposal() {
+	local conf="$1"
+	local proposal
+
+	crypto=""
+
+	config_get crypto_proposal "$conf" crypto_proposal ""
+	for proposal in $crypto_proposal; do
+		add_crypto_proposal "$proposal"
+	done
+
+	[ -n "${crypto}" ] && {
+		local force_crypto_proposal
+
+		config_get_bool force_crypto_proposal "$conf" force_crypto_proposal
+
+		[ "${force_crypto_proposal}" = "1" ] && crypto="${crypto}!"
+	}
+
+	crypto_proposal="${crypto}"
+}
+
+config_conn() {
+	# Generic ipsec conn section shared by tunnel and transport
+	local mode
+	local local_subnet
+	local local_nat
+	local local_sourceip
+	local local_updown
+	local local_firewall
+	local remote_subnet
+	local remote_sourceip
+	local remote_updown
+	local remote_firewall
+	local ikelifetime
+	local lifetime
+	local margintime
+	local keyingtries
+	local dpdaction
+	local dpddelay
+	local inactivity
+	local keyexchange
+
+	config_get mode                     "$1"           mode "route"
+	config_get local_subnet             "$1"           local_subnet ""
+	config_get local_nat                "$1"           local_nat ""
+	config_get local_sourceip           "$1"           local_sourceip ""
+	config_get local_updown             "$1"           local_updown ""
+	config_get local_firewall           "$1"           local_firewall ""
+	config_get remote_subnet            "$1"           remote_subnet ""
+	config_get remote_sourceip          "$1"           remote_sourceip ""
+	config_get remote_updown            "$1"           remote_updown ""
+	config_get remote_firewall          "$1"           remote_firewall ""
+	config_get ikelifetime              "$1"           ikelifetime "3h"
+	config_get lifetime                 "$1"           lifetime "1h"
+	config_get margintime               "$1"           margintime "9m"
+	config_get keyingtries              "$1"           keyingtries "3"
+	config_get dpdaction                "$1"           dpdaction "none"
+	config_get dpddelay                 "$1"           dpddelay "30s"
+	config_get inactivity               "$1"           inactivity
+	config_get keyexchange              "$1"           keyexchange "ikev2"
+
+	[ -n "$local_nat" ] && local_subnet=$local_nat
+
+	ipsec_xappend "conn $config_name-$1"
+	ipsec_xappend "  left=%any"
+	ipsec_xappend "  right=$remote_gateway"
+
+	[ -n "$local_sourceip" ] && ipsec_xappend "  leftsourceip=$local_sourceip"
+	[ -n "$local_subnet" ] && ipsec_xappend "  leftsubnet=$local_subnet"
+
+	[ -n "$local_firewall" ] && ipsec_xappend "  leftfirewall=$local_firewall"
+	[ -n "$remote_firewall" ] && ipsec_xappend "  rightfirewall=$remote_firewall"
+
+	ipsec_xappend "  ikelifetime=$ikelifetime"
+	ipsec_xappend "  lifetime=$lifetime"
+	ipsec_xappend "  margintime=$margintime"
+	ipsec_xappend "  keyingtries=$keyingtries"
+	ipsec_xappend "  dpdaction=$dpdaction"
+	ipsec_xappend "  dpddelay=$dpddelay"
+
+	[ -n "$inactivity" ] && ipsec_xappend "  inactivity=$inactivity"
+
+	if [ "$auth_method" = "psk" ]; then
+		ipsec_xappend "  leftauth=psk"
+		ipsec_xappend "  rightauth=psk"
+
+		[ "$remote_sourceip" != "" ] && ipsec_xappend "  rightsourceip=$remote_sourceip"
+		[ "$remote_subnet" != "" ] && ipsec_xappend "  rightsubnet=$remote_subnet"
+
+		ipsec_xappend "  auto=$mode"
+	else
+		warning "AuthenticationMethod $auth_method not supported"
+	fi
+
+	[ -n "$local_identifier" ] && ipsec_xappend "  leftid=$local_identifier"
+	[ -n "$remote_identifier" ] && ipsec_xappend "  rightid=$remote_identifier"
+	[ -n "$local_updown" ] && ipsec_xappend "  leftupdown=$local_updown"
+	[ -n "$remote_updown" ] && ipsec_xappend "  rightupdown=$remote_updown"
+	ipsec_xappend "  keyexchange=$keyexchange"
+
+	set_crypto_proposal "$1"
+	[ -n "${crypto_proposal}" ] && ipsec_xappend "  esp=$crypto_proposal"
+	[ -n "${ike_proposal}" ] && ipsec_xappend "  ike=$ike_proposal"
+}
+
+config_tunnel() {
+	config_conn "$1"
+
+	# Specific for the tunnel part
+	ipsec_xappend "  type=tunnel"
+}
+
+config_transport() {
+	config_conn "$1"
+
+	# Specific for the transport part
+	ipsec_xappend "  type=transport"
+}
+
+config_remote() {
+	local enabled
+	local gateway
+	local pre_shared_key
+	local auth_method
+
+	config_name=$1
+
+	config_get_bool enabled "$1" enabled 0
+	[ $enabled -eq 0 ] && return
+
+	config_get gateway           "$1" gateway
+	config_get pre_shared_key    "$1" pre_shared_key
+	config_get auth_method       "$1" authentication_method
+	config_get local_identifier  "$1" local_identifier ""
+	config_get remote_identifier "$1" remote_identifier ""
+
+	[ "$gateway" = "any" ] && remote_gateway="%any" || remote_gateway="$gateway"
+
+	[ -z "$local_identifier" ] && {
+		local ipdest
+
+		[ "$remote_gateway" = "%any" ] && ipdest="1.1.1.1" || ipdest="$remote_gateway"
+		local_gateway=`ip route get $ipdest | awk -F"src" '/src/{gsub(/ /,"");print $2}'`
+	}
+
+	[ -n "$local_identifier" ] && secret_xappend -n "$local_identifier " || secret_xappend -n "$local_gateway "
+	[ -n "$remote_identifier" ] && secret_xappend -n "$remote_identifier " || secret_xappend -n "$remote_gateway "
+
+	secret_xappend ": PSK \"$pre_shared_key\""
+
+	set_crypto_proposal "$1"
+	ike_proposal="$crypto_proposal"
+
+	config_list_foreach "$1" tunnel config_tunnel
+
+	config_list_foreach "$1" transport config_transport
+
+	ipsec_xappend ""
+}
+
+config_ipsec() {
+	local debug
+	local rtinstall_enabled
+	local routing_tables_ignored
+	local routing_table
+	local routing_table_id
+	local interface
+	local device_list
+
+	ipsec_reset
+	secret_reset
+	swan_reset
+
+	ipsec_xappend "# generated by /etc/init.d/ipsec"
+	ipsec_xappend "version 2"
+	ipsec_xappend ""
+
+	secret_xappend "# generated by /etc/init.d/ipsec"
+
+	config_get debug "$1" debug 0
+	config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1
+	[ $rtinstall_enabled -eq 1 ] && install_routes=yes || install_routes=no
+
+	# prepare extra charon config option ignore_routing_tables
+	for routing_table in $(config_get "$1" "ignore_routing_tables"); do
+		if [ "$routing_table" -ge 0 ] 2>/dev/null; then
+			routing_table_id=$routing_table
+		else
+			routing_table_id=$(sed -n '/[ \t]*[0-9]\+[ \t]\+'$routing_table'[ \t]*$/s/[ \t]*\([0-9]\+\).*/\1/p' /etc/iproute2/rt_tables)
+		fi
+
+		[ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id"
+	done
+
+	local interface_list=$(config_get "$1" "interface")
+	if [ -z "$interface_list" ]; then
+		WAIT_FOR_INTF=0
+	else
+		for interface in $interface_list; do
+			network_get_device device $interface
+			[ -n "$device" ] && append device_list "$device" ","
+		done
+		[ -n "$device_list" ] && WAIT_FOR_INTF=0 || WAIT_FOR_INTF=1
+	fi
+
+	swan_xappend "# generated by /etc/init.d/ipsec"
+	swan_xappend "charon {"
+	swan_xappend "  load_modular = yes"
+	swan_xappend "  install_routes = $install_routes"
+	[ -n "$routing_tables_ignored" ] && swan_xappend "  ignore_routing_tables = $routing_tables_ignored"
+	[ -n "$device_list" ] && swan_xappend "  interfaces_use = $device_list"
+	swan_xappend "    plugins {"
+	swan_xappend "      include /etc/strongswan.d/charon/*.conf"
+	swan_xappend "    }"
+	swan_xappend "  syslog {"
+	swan_xappend "    identifier = ipsec"
+	swan_xappend "    daemon {"
+	swan_xappend "      default = $debug"
+	swan_xappend "    }"
+	swan_xappend "    auth {"
+	swan_xappend "      default = $debug"
+	swan_xappend "    }"
+	swan_xappend "  }"
+	swan_xappend "}"
+}
+
+prepare_env() {
+	mkdir -p /var/ipsec
+	remove_includes
+	config_load ipsec
+	config_foreach config_ipsec ipsec
+	config_foreach config_remote remote
+}
+
+service_running() {
+	ipsec status > /dev/null 2>&1
+}
+
+reload_service() {
+  local bool vt_enabled=`uci get ipsec.@service[0].enabled 2>/dev/null`
+  [ "$vt_enabled" = 0 ] && /etc/init.d/ipsec stop && return
+	running && {
+		prepare_env
+		[ $WAIT_FOR_INTF -eq 0 ] && {
+			ipsec rereadall
+			ipsec reload
+			return
+		}
+	}
+	[ "$vt_enabled" = 1 ] && start
+}
+
+check_ipsec_interface() {
+	local intf
+
+	for intf in $(config_get "$1" interface); do
+		procd_add_interface_trigger "interface.*" "$intf" /etc/init.d/ipsec reload
+	done
+}
+
+service_triggers() {
+	procd_add_reload_trigger "ipsec"
+	config load "ipsec"
+	config_foreach check_ipsec_interface ipsec
+}
+
+start_service() {
+  local vt_enabled=`uci get ipsec.@service[0].enabled 2>/dev/null`
+	local vt_clientip=`uci get ipsec.@service[0].clientip`
+	local vt_clientdns=`uci get ipsec.@service[0].clientdns`
+	local vt_account=`uci get ipsec.@service[0].account`
+	local vt_password=`uci get ipsec.@service[0].password 2>/dev/null`
+	local vt_secret=`uci get ipsec.@service[0].secret 2>/dev/null`
+	
+	[ "$vt_enabled" = 0 ] && /etc/init.d/ipsec stop && return
+	
+	cat > /etc/ipsec.conf <<EOF
+# ipsec.conf - strongSwan IPsec configuration file
+
+# basic configuration
+
+config setup
+    # strictcrlpolicy=yes
+    uniqueids=never
+
+# Add connections here.
+
+conn xauth_psk
+	keyexchange=ikev1
+	ike=aes128-sha1-modp2048,aes128-sha1-modp1024,3des-sha1-modp1024,3des-sha1-modp1536
+  esp=aes128-sha1,3des-sha1
+	left=%defaultroute
+	leftauth=psk
+	leftsubnet=0.0.0.0/0
+	right=%any
+	rightauth=psk
+	rightauth2=xauth
+	rightsourceip=$vt_clientip
+	rightdns=$vt_clientdns
+	auto=add
+EOF
+
+	cat > /etc/ipsec.secrets <<EOF
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+: PSK "$vt_secret"
+$vt_account : XAUTH "$vt_password"
+EOF
+  
+	prepare_env
+
+	[ $WAIT_FOR_INTF -eq 1 ] && return
+
+	procd_open_instance
+
+	procd_set_param command $PROG --daemon charon --nofork
+
+	procd_set_param file $IPSEC_CONN_FILE
+	procd_append_param file $IPSEC_SECRETS_FILE
+	procd_append_param file $STRONGSWAN_CONF_FILE
+	procd_append_param file /etc/strongswan.d/*.conf
+	procd_append_param file /etc/strongswan.d/charon/*.conf
+
+	procd_set_param respawn
+
+	procd_close_instance
+}

package/lean/luci-app-ipsec-vpnd/root/etc/ipsecvpn

@@ -1,71 +0,0 @@
-#!/bin/sh /etc/rc.common
-#
-# Copyright (C) 2018 Lean <coolsnowwolf@gmail.com>
-#
-
-START=99
-
-start()
-{
-	local vt_enabled=`uci get ipsec.@service[0].enabled 2>/dev/null`
-	local vt_clientip=`uci get ipsec.@service[0].clientip`
-	local vt_clientdns=`uci get ipsec.@service[0].clientdns`
-	local vt_account=`uci get ipsec.@service[0].account`
-	local vt_password=`uci get ipsec.@service[0].password 2>/dev/null`
-	local vt_secret=`uci get ipsec.@service[0].secret 2>/dev/null`
-
-	# -----------------------------------------------------------------
-	if [ "$vt_enabled" = 0 ]; then
-    /etc/init.d/ipsec disable && /etc/init.d/ipsec stop
-		echo "WARNING: IPSec VPN is disabled."
-		return 1
-	fi
-
-	cat > /etc/ipsec.conf <<EOF
-# ipsec.conf - strongSwan IPsec configuration file
-
-# basic configuration
-
-config setup
-    # strictcrlpolicy=yes
-    uniqueids=never
-
-# Add connections here.
-
-conn xauth_psk
-	keyexchange=ikev1
-	ike=aes128-sha1-modp2048,aes128-sha1-modp1024,3des-sha1-modp1024,3des-sha1-modp1536
-  esp=aes128-sha1,3des-sha1
-	left=%defaultroute
-	leftauth=psk
-	leftsubnet=0.0.0.0/0
-	right=%any
-	rightauth=psk
-	rightauth2=xauth
-	rightsourceip=$vt_clientip
-	rightdns=$vt_clientdns
-	auto=add
-EOF
-
-	cat > /etc/ipsec.secrets <<EOF
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-: PSK "$vt_secret"
-$vt_account : XAUTH "$vt_password"
-EOF
-
-/etc/init.d/ipsec enable && /etc/init.d/ipsec start
-echo "IPSec VPN is Started."
-
-}
-
-stop() {
-  /etc/init.d/ipsec disable && /etc/init.d/ipsec stop
-	echo "IPSec VPN is Stopped."
-}
-
-restart() {
-  stop
-  start
-}
-
-

package/lean/luci-app-ipsec-vpnd/root/etc/uci-defaults/ipsec

@@ -9,7 +9,46 @@ uci -q batch <<-EOF >/dev/null
 	commit firewall
 EOF
 
-/etc/init.d/ipsec disable && /etc/init.d/ipsec stop
+uci -q batch <<-EOF >/dev/null
+  delete firewall.ike
+  add firewall rule
+  rename firewall.@rule[-1]="ike"
+  set firewall.@rule[-1].name="ike"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="udp"
+  set firewall.@rule[-1].dest_port="500"
+  delete firewall.ipsec
+  add firewall rule
+  rename firewall.@rule[-1]="ipsec"
+  set firewall.@rule[-1].name="ipsec"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="udp"
+  set firewall.@rule[-1].dest_port="4500"
+  delete firewall.ah
+  add firewall rule
+  rename firewall.@rule[-1]="ah"
+  set firewall.@rule[-1].name="ah"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="ah"
+  delete firewall.esp
+  add firewall rule
+  rename firewall.@rule[-1]="esp"
+  set firewall.@rule[-1].name="esp"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="esp"
+  commit firewall
+EOF
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@ipsec[-1]
+	add ucitrack ipsec
+	set ucitrack.@ipsec[-1].init=ipsec
+	commit ucitrack
+EOF
 
 rm -f /tmp/luci-indexcache
 exit 0

package/lean/luci-app-pptp-server/Makefile

@@ -9,8 +9,8 @@ LUCI_TITLE:=LuCI support for PPTP VPN Server
 LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp
 LUCI_PKGARCH:=all
 PKG_NAME:=luci-app-pptp-server
-PKG_VERSION:=2.0
-PKG_RELEASE:=7
+PKG_VERSION:=1.0
+PKG_RELEASE:=13
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

package/lean/luci-app-pptp-server/luasrc/controller/pptp-server.lua

@@ -6,9 +6,14 @@ function index()
 		return
 	end
 	
-	entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
-	
-	local page
-
+  entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
 	entry({"admin", "vpn", "pptp-server"}, cbi("pptp-server/pptp-server"), _("PPTP VPN Server"), 80).dependent=false
+	entry({"admin", "vpn", "pptp-server","status"},call("act_status")).leaf=true
+end
+
+function act_status()
+  local e={}
+  e.running=luci.sys.call("pgrep pptpd >/dev/null")==0
+  luci.http.prepare_content("application/json")
+  luci.http.write_json(e)
 end

package/lean/luci-app-pptp-server/luasrc/model/cbi/pptp-server/pptp-server.lua

@@ -1,11 +1,11 @@
 
---require("luci.tools.webadmin")
+mp = Map("pptpd", "PPTP VPN Server","")
+mp.description = translate("PPTP VPN Server connectivity using the native built-in VPN Client on Windows/Linux or Andriod")
 
-mp = Map("pptpd", "PPTP Server","")
+mp:section(SimpleSection).template  = "pptp/pptp_status"
 
-s = mp:section(NamedSection, "pptpd", "service", translate("PPTP Service"))
+s = mp:section(NamedSection, "pptpd", "service")
 s.anonymouse = true
---s.addremove = true
 
 enabled = s:option(Flag, "enabled", translate("Enable"))
 enabled.default = 0
@@ -34,104 +34,4 @@ username.datatype = "string"
 password = logins:option(Value, "password", translate("Password"))
 password.password = true
 
-function mp.on_save(self)
-    require "luci.model.uci"
-    require "luci.sys"
-
-	local have_pptp_rule = false
-	local have_gre_rule = false
-
-    luci.model.uci.cursor():foreach('firewall', 'rule',
-        function (section)
-			if section.name == 'pptp' then
-				have_pptp_rule = true
-			end
-			if section.name == 'gre' then
-				have_gre_rule = true
-			end
-        end
-    )
-
-	if not have_pptp_rule then
-		local cursor = luci.model.uci.cursor()
-		local pptp_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', pptp_rulename, {
-			['name'] = 'pptp',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 'tcp',
-			['dest_port'] = 1723
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-	if not have_gre_rule then
-		local cursor = luci.model.uci.cursor()
-		local gre_rulename = cursor:add('firewall','rule')
-		cursor:tset('firewall', gre_rulename, {
-			['name'] = 'gre',
-			['target'] = 'ACCEPT',
-			['src'] = 'wan',
-			['proto'] = 47
-		})
-		cursor:save('firewall')
-		cursor:commit('firewall')
-	end
-	
-	
-end
-
-
-local pid = luci.util.exec("/usr/bin/pgrep pptpd")
-
-function pptpd_process_status()
-  local status = "PPTPD is not running now "
-
-  if pid ~= "" then
-      status = "PPTPD is running with the PID " .. pid .. ""
-  end
-
-  local status = { status=status }
-  local table = { pid=status }
-  return table
-end
-
-t = mp:section(Table, pptpd_process_status())
-t.anonymous = true
-
-t:option(DummyValue, "status", translate("PPTPD status"))
-
-if pid == "" then
-  start = t:option(Button, "_start", translate("Start"))
-  start.inputstyle = "apply"
-  function start.write(self, section)
-        luci.util.exec("uci set pptpd.pptpd.enabled='1' &&  uci commit pptpd")
-        message = luci.util.exec("/etc/init.d/pptpd start 2>&1")
-        luci.util.exec("sleep 2")
-        luci.http.redirect(
-                luci.dispatcher.build_url("admin", "vpn", "pptp-server") .. "?message=" .. message
-        )
-  end
-else
-  stop = t:option(Button, "_stop", translate("Stop"))
-  stop.inputstyle = "reset"
-  function stop.write(self, section)
-        luci.util.exec("uci set pptpd.pptpd.enabled='0' &&  uci commit pptpd")
-        luci.util.exec("/etc/init.d/pptpd stop")
-        luci.util.exec("sleep 2")
-        luci.http.redirect(
-                luci.dispatcher.build_url("admin", "vpn", "pptp-server")
-        )
-  end
-end
-
-function mp.on_before_commit (self)
-  os.execute("rm /var/etc/chap-secrets")
-end
-
-function mp.on_after_commit(self)
-  os.execute("/etc/init.d/pptpd restart >/dev/null 2>&1 &")
-end
-
-
 return mp

package/lean/luci-app-pptp-server/luasrc/view/pptp/pptp_status.htm

@@ -0,0 +1,22 @@
+<script type="text/javascript">//<![CDATA[
+XHR.poll(3, '<%=url([[admin]], [[vpn]], [[pptp-server]], [[status]])%>', null,
+	function(x, data) {
+		var tb = document.getElementById('pptp_status');
+		if (data && tb) {
+			if (data.running) {
+				var links = '<em><b><font color=green>PPTP VPN Server <%:RUNNING%></font></b></em>';
+				tb.innerHTML = links;
+			} else {
+				tb.innerHTML = '<em><b><font color=red>PPTP VPN Server <%:NOT RUNNING%></font></b></em>';
+			}
+		}
+	}
+);
+//]]>
+</script>
+<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
+<fieldset class="cbi-section">
+	<p id="pptp_status">
+		<em><%:Collecting data...%></em>
+	</p>
+</fieldset>

package/lean/luci-app-pptp-server/po/zh-cn/pptp.po

@@ -1,3 +1,9 @@
+msgid "Disable from startup"
+msgstr "禁止开机启动"
+
+msgid "Enable on startup"
+msgstr "允许开机启动"
+
 msgid "PPTP VPN Server"
 msgstr "PPTP VPN 服务器"
 
@@ -40,3 +46,11 @@ msgstr "启动"
 msgid "Stop"
 msgstr "关闭"
 
+msgid "PPTP VPN Server"
+msgstr "PPTP VPN 服务器"
+
+msgid "PPTP VPN Server connectivity using the native built-in VPN Client on Windows/Linux or Andriod"
+msgstr "使用Windows/Linux 或者 Andriod 内置的 PPTP VPN 客户端进行连接 "
+
+
+

package/lean/luci-app-pptp-server/root/etc/pptpd.include

@@ -1,5 +1,5 @@
-iptables -D forwarding_rule -i ppp+ -j ACCEPT
-iptables -D forwarding_rule -o ppp+ -j ACCEPT
+iptables -D forwarding_rule -i ppp+ -j ACCEPT 2>/dev/null
+iptables -D forwarding_rule -o ppp+ -j ACCEPT 2>/dev/null
 
 iptables -A forwarding_rule -i ppp+ -j ACCEPT
 iptables -A forwarding_rule -o ppp+ -j ACCEPT

package/lean/luci-app-pptp-server/root/etc/uci-defaults/pptpd

@@ -6,7 +6,29 @@ uci -q batch <<-EOF >/dev/null
 	set firewall.pptpd.type=script
 	set firewall.pptpd.path=/etc/pptpd.include
 	set firewall.pptpd.reload=1
-	commit firewall
+	delete firewall.pptp
+  add firewall rule 
+  rename firewall.@rule[-1]="pptp"
+  set firewall.@rule[-1].name="pptp"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="tcp"
+  set firewall.@rule[-1].dest_port="1723"
+  delete firewall.gre
+  add firewall rule 
+  rename firewall.@rule[-1]="gre"
+  set firewall.@rule[-1].name="gre"
+  set firewall.@rule[-1].target="ACCEPT"
+  set firewall.@rule[-1].src="wan"
+  set firewall.@rule[-1].proto="47"
+  commit firewall
+EOF
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@pptpd[-1]
+	add ucitrack pptpd
+	set ucitrack.@pptpd[-1].init=pptpd
+	commit ucitrack
 EOF
 
 /etc/init.d/pptpd enable && /etc/init.d/pptpd restart

package/lean/luci-app-sfe/Makefile

@@ -6,10 +6,10 @@
 include $(TOPDIR)/rules.mk
 
 LUCI_TITLE:=LuCI support for SFE
-LUCI_DEPENDS:=+kmod-fast-classifier @!LINUX_4_14
+LUCI_DEPENDS:=+kmod-fast-classifier @LINUX_4_9
 LUCI_PKGARCH:=all
 PKG_VERSION:=1.0
-PKG_RELEASE:=3
+PKG_RELEASE:=6
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

package/lean/luci-app-sfe/luasrc/controller/sfe.lua

@@ -5,7 +5,30 @@ function index()
 		return
 	end
 	local page
-	page = entry({"admin", "network", "sfe"}, cbi("sfe"), _("SFE Acceleration"), 100)
+	page = entry({"admin", "network", "sfe"}, cbi("sfe"), _("Turbo ACC Center"), 100)
 	page.i18n = "sfe"
 	page.dependent = true
+	
+	entry({"admin", "network", "sfe", "status"}, call("action_status"))
 end
+
+local function is_running()
+	return luci.sys.call("lsmod | grep fast_classifier >/dev/null") == 0
+end
+
+local function is_bbr()
+	return luci.sys.call("sysctl net.ipv4.tcp_congestion_control | grep bbr >/dev/null") == 0
+end
+
+local function is_fullcone()
+	return luci.sys.call("iptables -t nat -L -n --line-numbers | grep FULLCONENAT >/dev/null") == 0
+end
+
+function action_status()
+	luci.http.prepare_content("application/json")
+	luci.http.write_json({
+		run_state = is_running(),
+		down_state = is_bbr(),
+		up_state = is_fullcone()
+	})
+end

package/lean/luci-app-sfe/luasrc/model/cbi/sfe.lua

@@ -1,38 +1,30 @@
-local m,s,o
-local SYS  = require "luci.sys"
-
-
-if SYS.call("lsmod | grep fast_classifier >/dev/null") == 0 then
-	Status = translate("<strong><font color=\"green\">Shortcut Forwarding Engine is Running</font></strong>")
-else
-	Status = translate("<strong><font color=\"red\">Shortcut Forwarding Engine is Not Running</font></strong>")
-end
 
 m = Map("sfe")
-m.title	= translate("Shortcut Forwarding Engine Acceleration Settings")
+m.title	= translate("Turbo ACC Acceleration Settings")
 m.description = translate("Opensource Qualcomm Shortcut FE driver (Fast Path)")
 
+m:append(Template("sfe/status"))
+
 s = m:section(TypedSection, "sfe", "")
 s.addremove = false
 s.anonymous = true
-s.description = translate(string.format("%s<br /><br />", Status))
+
 
 enable = s:option(Flag, "enabled", translate("Enable"))
 enable.default = 0
 enable.rmempty = false
+enable.description = translate("Enable Fast Path offloading for connections. (decrease cpu load / increase routing throughput)")
 
-wifi = s:option(Flag, "wifi", translate("Wireless Acceleration"))
+wifi = s:option(Flag, "wifi", translate("Bridge Acceleration"))
 wifi.default = 0
 wifi.rmempty = false
-wifi.description = translate("Enable Wireless Bridge Acceleration")
+wifi.description = translate("Enable Bridge Acceleration (may be functional conflict with bridge-mode VPN Server)")
+wifi:depends("enabled", 1)
 
 ipv6 = s:option(Flag, "ipv6", translate("IPv6 Acceleration"))
 ipv6.default = 0
 ipv6.rmempty = false
 ipv6.description = translate("Enable IPv6 Acceleration")
-
---function m.on_after_commit(self)
-
---end
+ipv6:depends("enabled", 1)
 
 return m

package/lean/luci-app-sfe/luasrc/view/sfe/status.htm

@@ -0,0 +1,21 @@
+<fieldset class="cbi-section">
+	<legend><%:Running Status%></legend>
+	<table width="100%" cellspacing="10" id="_xlnetacc_status_table">
+		<tr><td width="33%">SFE 加速状态</td><td id="_run_state"><em><%:Collecting data...%></em></td></tr>
+		<tr><td width="33%">BBR 加速</td><td id="_down_state"><em><%:Collecting data...%></em></td></tr>
+		<tr><td width="33%">FULLCONE NAT加速</td><td id="_up_state"><em><%:Collecting data...%></em></td></tr>
+	</table>
+</fieldset>
+
+<script type="text/javascript">//<![CDATA[
+	var run_state = document.getElementById('_run_state');
+	var down_state = document.getElementById('_down_state');
+	var up_state = document.getElementById('_up_state');
+	XHR.poll(5, '<%=luci.dispatcher.build_url("admin", "network", "sfe", "status")%>', null, function(x, status) {
+		if ( x && x.status == 200 ) {
+			run_state.innerHTML = status.run_state ? '<em><b><font color=green><%:RUNNING%></font></b></em>' : '<em><b><font color=red><%:NOT RUNNING%></font></b></em>';
+			down_state.innerHTML = status.down_state ? '<em><b><font color=green><%:RUNNING%></font></b></em>' : '<em><b><font color=red><%:NOT RUNNING%></font></b></em>';
+			up_state.innerHTML = status.up_state ? '<em><b><font color=green><%:RUNNING%></font></b></em>' : '<em><b><font color=red><%:NOT RUNNING%></font></b></em>';
+		}
+	});
+//]]></script>

package/lean/luci-app-sfe/po/zh-cn/sfe.po

@@ -1,11 +1,11 @@
 msgid "SFE Acceleration"
 msgstr "SFE 转发加速"
 
-msgid "<strong><font color=\"green\">Shortcut Forwarding Engine is Running</font></strong>"
-msgstr "<strong><font color=\"green\">SFE 转发加速引擎正在运行</font></strong>"
+msgid "Turbo ACC Center"
+msgstr "Turbo ACC 网络加速"
 
-msgid "<strong><font color=\"red\">Shortcut Forwarding Engine is Not Running</font></strong>"
-msgstr "<strong><font color=\"red\">SFE 转发加速引擎未运行</font></strong>"
+msgid "Turbo ACC Acceleration Settings"
+msgstr "Turbo ACC 网络加速设置"
 
 msgid "Shortcut Forwarding Engine Acceleration Settings"
 msgstr "SFE 转发加速引擎设置"
@@ -16,20 +16,17 @@ msgstr "来自高通开源的 Shortcut FE 转发加速引擎 (Fast Path)"
 msgid "Enable"
 msgstr "启用"
 
-msgid "Wireless Acceleration"
-msgstr "无线加速"
+msgid "Enable Fast Path offloading for connections. (decrease cpu load / increase routing throughput)"
+msgstr "开启 Fast Path 转发加速. (降低CPU占用 / 增强路由转发性能，和多WAN或者QOS功能可能会冲突)"
 
-msgid "Enable Wireless Bridge Acceleration"
-msgstr "开启无线桥接加速"
+msgid "Bridge Acceleration"
+msgstr "桥接加速"
+
+msgid "Enable Bridge Acceleration (may be functional conflict with bridge-mode VPN Server)"
+msgstr "启用桥接加速 (可能会和路由器上桥接模式的VPN服务器冲突)"
 
 msgid "IPv6 Acceleration"
 msgstr "IPv6 加速"
 
 msgid "Enable IPv6 Acceleration"
 msgstr "开启IPv6加速"
-
-
-
-
-
-

package/lean/luci-app-ssr-plus/Makefile

@@ -0,0 +1,18 @@
+# Copyright (C) 2016 Openwrt.org
+#
+# This is free software, licensed under the Apache License, Version 2.0 .
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=LuCI support for SSR Plus
+LUCI_DEPENDS:=+shadowsocksr-libev +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +bash +pdnsd-alt +wget
+LUCI_PKGARCH:=all
+PKG_VERSION:=1
+PKG_RELEASE:=5
+
+include $(TOPDIR)/feeds/luci/luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
+
+

package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua

@@ -1,3 +1,4 @@
+-- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.
 
 module("luci.controller.shadowsocksr", package.seeall)
@@ -7,25 +8,34 @@ function index()
 		return
 	end
 
-         if nixio.fs.access("/usr/bin/ssr-redir") 
-         then
-         entry({"admin", "services", "shadowsocksr"},alias("admin", "services", "shadowsocksr", "client"),_("ShadowSocksR"), 10).dependent = true
-         entry({"admin", "services", "shadowsocksr", "client"},arcombine(cbi("shadowsocksr/client"), cbi("shadowsocksr/client-config")),_("SSR Client"), 10).leaf = true
-         elseif nixio.fs.access("/usr/bin/ssr-server") 
-         then 
-         entry({"admin", "services", "shadowsocksr"},alias("admin", "services", "shadowsocksr", "server"),_("ShadowSocksR"), 10).dependent = true
-         else
-          return
-         end  
+
+  entry({"admin", "services", "shadowsocksr"},alias("admin", "services", "shadowsocksr", "client"),_("ShadowSocksR Plus+"), 10).dependent = true
+
+  entry({"admin", "services", "shadowsocksr", "client"},cbi("shadowsocksr/client"),_("SSR Client"), 10).leaf = true
+ 
+	entry({"admin", "services", "shadowsocksr", "servers"}, arcombine(cbi("shadowsocksr/servers"), cbi("shadowsocksr/client-config")),_("Servers Manage"), 20).leaf = true
 	
-
-entry({"admin", "services", "shadowsocksr", "servers"},cbi("shadowsocksr/servers"),_("Subscription"), 20).leaf = true
-
-	entry({"admin", "services", "shadowsocksr", "status"},cbi("shadowsocksr/status"),_("Status"), 30).leaf = true
-	entry({"admin", "services", "shadowsocksr", "check"}, call("check_status"))
+	entry({"admin", "services", "shadowsocksr", "control"},cbi("shadowsocksr/control"),_("Access Control"), 30).leaf = true
+	
+	entry({"admin", "services", "shadowsocksr", "list"},form("shadowsocksr/list"),_("GFW List"), 40).leaf = true
+	
+	entry({"admin", "services", "shadowsocksr", "status"},form("shadowsocksr/status"),_("Status"), 50).leaf = true
+	
+		entry({"admin", "services", "shadowsocksr", "check"}, call("check_status"))
 	entry({"admin", "services", "shadowsocksr", "refresh"}, call("refresh_data"))
-  entry({"admin", "services", "shadowsocksr", "checkport"}, call("check_port"))
-  
+	entry({"admin", "services", "shadowsocksr", "checkport"}, call("check_port"))
+	
+	entry({"admin", "services", "shadowsocksr", "log"},form("shadowsocksr/log"),_("Log"), 60).leaf = true
+	
+	entry({"admin", "services", "shadowsocksr","run"},call("act_status")).leaf=true
+	
+end
+
+function act_status()
+  local e={}
+  e.running=luci.sys.call("pgrep ssr-redir >/dev/null")==0
+  luci.http.prepare_content("application/json")
+  luci.http.write_json(e)
 end
 
 function check_status()

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua

@@ -69,7 +69,7 @@ obfs = {
 }
 
 m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
-m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/client")
+m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers")
 if m.uci:get(shadowsocksr, sid) ~= "servers" then
 	luci.http.redirect(m.redirect) 
 	return

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua

@@ -0,0 +1,73 @@
+-- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
+-- Copyright (C) 2018 lean <coolsnowwolf@gmail.com> github.com/coolsnowwolf
+-- Licensed to the public under the GNU General Public License v3.
+
+local m, s, sec, o, kcp_enable
+local shadowsocksr = "shadowsocksr"
+local uci = luci.model.uci.cursor()
+
+local sys = require "luci.sys"
+
+m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings"))
+
+m:section(SimpleSection).template  = "shadowsocksr/status"
+
+local server_table = {}
+uci:foreach(shadowsocksr, "servers", function(s)
+	if s.alias then
+		server_table[s[".name"]] = s.alias
+	elseif s.server and s.server_port then
+		server_table[s[".name"]] = "%s:%s" %{s.server, s.server_port}
+	end
+end)
+
+-- [[ Global Setting ]]--
+s = m:section(TypedSection, "global")
+s.anonymous = true
+
+o = s:option(ListValue, "global_server", translate("Main Server"))
+o:value("nil", translate("Disable"))
+for k, v in pairs(server_table) do o:value(k, v) end
+o.default = "nil"
+o.rmempty = false
+
+o = s:option(ListValue, "udp_relay_server", translate("UDP Relay Server"))
+o:value("", translate("Disable"))
+o:value("same", translate("Same as Global Server"))
+for k, v in pairs(server_table) do o:value(k, v) end
+
+if nixio.fs.access("/usr/bin/ssr-gfw") then
+o = s:option(ListValue, "run_mode", translate("Running Mode"))
+o:value("gfw", translate("GFW List Mode"))
+o:value("router", translate("IP Route Mode"))
+o.default = gfw
+
+o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
+o:depends("run_mode", "gfw")
+o:value("1", translate("Use Pdnsd tcp query and cache"))
+o:value("0", translate("Use SSR DNS Tunnel"))
+o.default = 1
+
+o = s:option(Flag, "tunnel_enable", translate("Enable Tunnel(DNS)"))
+o:depends("run_mode", "router")
+o.default = 0
+
+o = s:option(Value, "tunnel_port", translate("Tunnel Port"))
+o:depends("run_mode", "router")
+o.datatype = "port"
+o.default = 5300
+else
+o = s:option(Flag, "tunnel_enable", translate("Enable Tunnel(DNS)"))
+o.default = 0
+
+o = s:option(Value, "tunnel_port", translate("Tunnel Port"))
+o.datatype = "port"
+o.default = 5300
+end
+
+o = s:option(Value, "tunnel_forward", translate("Anti-pollution DNS Server"))
+o.default = "8.8.4.4:53"
+o.rmempty = false
+o.description = translate("DNS Server IP:Port")
+
+return m

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua

@@ -0,0 +1,44 @@
+local m, s, o
+
+m = Map("shadowsocksr", translate("IP black-and-white list"))
+
+s = m:section(TypedSection, "access_control")
+s.anonymous = true
+
+-- Part of WAN
+s:tab("wan_ac", translate("WAN IP AC"))
+
+o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("WAN White List IP"))
+o.datatype = "ip4addr"
+
+o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("WAN Force Proxy IP"))
+o.datatype = "ip4addr"
+
+-- Part of LAN
+s:tab("lan_ac", translate("LAN IP AC"))
+
+o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Bypassed Host List"))
+o.datatype = "ipaddr"
+luci.ip.neighbors({ family = 4 }, function(entry)
+       if entry.reachable then
+               o:value(entry.dest:string())
+       end
+end)
+
+o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List"))
+o.datatype = "ipaddr"
+luci.ip.neighbors({ family = 4 }, function(entry)
+       if entry.reachable then
+               o:value(entry.dest:string())
+       end
+end)
+
+-- Part of Self
+s:tab("self_ac", translate("Router Self AC"))
+o = s:taboption("self_ac",ListValue, "router_proxy", translate("Router Self Proxy"))
+o:value("1", translatef("Normal Proxy"))
+o:value("0", translatef("Bypassed Proxy"))
+o:value("2", translatef("Forwarded Proxy"))
+o.rmempty = false
+
+return m

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/list.lua

@@ -0,0 +1,23 @@
+local fs = require "nixio.fs"
+local conffile = "/etc/config/gfw.list"
+
+f = SimpleForm("custom", translate("GFW Custom List"), translate("Please refer to the following writing"))
+
+t = f:field(TextValue, "conf")
+t.rmempty = true
+t.rows = 13
+function t.cfgvalue()
+	return fs.readfile(conffile) or ""
+end
+
+function f.handle(self, state, data)
+	if state == FORM_VALID then
+		if data.conf then
+			fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
+			luci.sys.call("/usr/share/shadowsocksr/gfw2ipset.sh && /etc/init.d/dnsmasq restart && ipset flush gfwlist")
+		end
+	end
+	return true
+end
+
+return f

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua

@@ -0,0 +1,14 @@
+local fs = require "nixio.fs"
+local conffile = "/tmp/ssrplus.log"
+
+f = SimpleForm("custom")
+
+t = f:field(TextValue, "conf")
+t.rmempty = true
+t.rows = 20
+function t.cfgvalue()
+	return fs.readfile(conffile) or ""
+end
+t.readonly="readonly"
+
+return f

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua

@@ -0,0 +1,81 @@
+-- Licensed to the public under the GNU General Public License v3.
+
+local m, s, o
+local shadowsocksr = "shadowsocksr"
+
+m = Map(shadowsocksr,  translate("Servers subscription and manage"))
+
+-- Server Subscribe
+
+s = m:section(TypedSection, "server_subscribe")
+s.anonymous = true
+
+o = s:option(Flag, "auto_update", translate("Auto Update"))
+o.rmempty = false
+o.description = translate("Auto Update Server subscription, GFW list and CHN route")
+
+
+o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
+for t = 0,23 do
+o:value(t, t..":00")
+end
+o.default=2
+o.rmempty = false
+
+o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL"))
+o.rmempty = true
+
+o = s:option(Flag, "proxy", translate("Through proxy update"))
+o.rmempty = false
+o.description = translate("Through proxy update list, Not Recommended ")
+
+o = s:option(Button,"update",translate("Update"))
+o.inputstyle = "reload"
+o.write = function()
+  luci.sys.call("nohup bash /usr/share/shadowsocksr/subscribe.sh > /tmp/subupdate.log 2>&1 &")
+  luci.sys.call("sleep 5")
+  luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
+end
+
+
+-- [[ Servers Manage ]]--
+s = m:section(TypedSection, "servers")
+s.anonymous = true
+s.addremove = true
+s.sortable = false
+s.template = "cbi/tblsection"
+s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s")
+function s.create(...)
+	local sid = TypedSection.create(...)
+	if sid then
+		luci.http.redirect(s.extedit % sid)
+		return
+	end
+end
+
+o = s:option(DummyValue, "alias", translate("Alias"))
+function o.cfgvalue(...)
+	return Value.cfgvalue(...) or translate("None")
+end
+
+o = s:option(DummyValue, "server", translate("Server Address"))
+function o.cfgvalue(...)
+	return Value.cfgvalue(...) or "?"
+end
+
+o = s:option(DummyValue, "server_port", translate("Server Port"))
+function o.cfgvalue(...)
+	return Value.cfgvalue(...) or "?"
+end
+
+o = s:option(DummyValue, "kcp_enable", translate("KcpTun"))
+function o.cfgvalue(...)
+	return Value.cfgvalue(...) or "?"
+end
+
+o = s:option(DummyValue, "switch_enable", translate("Auto Switch"))
+function o.cfgvalue(...)
+	return Value.cfgvalue(...) or "0"
+end
+
+return m

package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua

@@ -0,0 +1,150 @@
+-- Copyright (C) 2017 yushi studio <ywb94@qq.com>
+-- Licensed to the public under the GNU General Public License v3.
+
+local IPK_Version="3.0.9"
+local m, s, o
+local redir_run=0
+local reudp_run=0
+local sock5_run=0
+local server_run=0
+local kcptun_run=0
+local tunnel_run=0
+local udp2raw_run=0
+local udpspeeder_run=0
+local gfw_count=0
+local ad_count=0
+local ip_count=0
+local gfwmode=0
+
+if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
+gfwmode=1		
+end
+
+local shadowsocksr = "shadowsocksr"
+-- html constants
+font_blue = [[<font color="green">]]
+font_off = [[</font>]]
+bold_on  = [[<strong>]]
+bold_off = [[</strong>]]
+
+local fs = require "nixio.fs"
+local sys = require "luci.sys"
+local kcptun_version=translate("Unknown")
+local kcp_file="/usr/bin/ssr-kcptun"
+if not fs.access(kcp_file)  then
+ kcptun_version=translate("Not exist")
+else
+ if not fs.access(kcp_file, "rwx", "rx", "rx") then
+   fs.chmod(kcp_file, 755)
+ end
+ kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
+ if not kcptun_version or kcptun_version == "" then
+     kcptun_version = translate("Unknown")
+ end
+        
+end
+
+if gfwmode==1 then 
+ gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
+ if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
+  ad_count=tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
+ end
+end
+ 
+if nixio.fs.access("/etc/china_ssr.txt") then 
+ ip_count = sys.exec("cat /etc/china_ssr.txt | wc -l")
+end
+
+local icount=sys.exec("ps -w | grep ssr-reudp |grep -v grep| wc -l")
+if tonumber(icount)>0 then
+reudp_run=1
+else
+icount=sys.exec("ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
+if tonumber(icount)>0 then
+reudp_run=1
+end
+end
+
+
+if luci.sys.call("pidof ssr-redir >/dev/null") == 0 then
+redir_run=1
+end	
+
+if luci.sys.call("pidof ssr-kcptun >/dev/null") == 0 then
+kcptun_run=1
+end	
+
+if luci.sys.call("pidof ssr-server >/dev/null") == 0 then
+server_run=1
+end	
+
+if luci.sys.call("ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
+tunnel_run=1
+end	
+
+m = SimpleForm("Version")
+m.reset = false
+m.submit = false
+
+s=m:field(DummyValue,"redir_run",translate("Global Client")) 
+s.rawhtml  = true
+if redir_run == 1 then
+s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+else
+s.value = translate("Not Running")
+end
+
+s=m:field(DummyValue,"reudp_run",translate("UDP Relay")) 
+s.rawhtml  = true
+if reudp_run == 1 then
+s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+else
+s.value = translate("Not Running")
+end
+
+s=m:field(DummyValue,"tunnel_run",translate("DNS Tunnel")) 
+s.rawhtml  = true
+if tunnel_run == 1 then
+s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+else
+s.value = translate("Not Running")
+end
+
+s=m:field(DummyValue,"kcp_version",translate("KcpTun Version")) 
+s.rawhtml  = true
+s.value =kcptun_version
+
+s=m:field(DummyValue,"kcptun_run",translate("KcpTun")) 
+s.rawhtml  = true
+if kcptun_run == 1 then
+s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+else
+s.value = translate("Not Running")
+end
+
+s=m:field(DummyValue,"google",translate("Google Connectivity"))
+s.value = translate("No Check") 
+s.template = "shadowsocksr/check"
+
+s=m:field(DummyValue,"baidu",translate("Baidu Connectivity")) 
+s.value = translate("No Check") 
+s.template = "shadowsocksr/check"
+
+if gfwmode==1 then 
+s=m:field(DummyValue,"gfw_data",translate("GFW List Data")) 
+s.rawhtml  = true
+s.template = "shadowsocksr/refresh"
+s.value =tostring(math.ceil(gfw_count)) .. " " .. translate("Records")
+
+end
+
+s=m:field(DummyValue,"ip_data",translate("China IP Data")) 
+s.rawhtml  = true
+s.template = "shadowsocksr/refresh"
+s.value =ip_count .. " " .. translate("Records")
+
+s=m:field(DummyValue,"check_port",translate("Check Server Port"))
+s.template = "shadowsocksr/checkport"
+s.value =translate("No Check")
+
+return m

package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm

@@ -0,0 +1,22 @@
+<script type="text/javascript">//<![CDATA[
+XHR.poll(3, '<%=url([[admin]], [[services]], [[shadowsocksr]], [[run]])%>', null,
+	function(x, data) {
+		var tb = document.getElementById('shadowsocksr_status');
+		if (data && tb) {
+			if (data.running) {
+				var links = '<em><b><font color=green>ShadowsocksR Plus+ <%:RUNNING%></font></b></em>';
+				tb.innerHTML = links;
+			} else {
+				tb.innerHTML = '<em><b><font color=red>ShadowsocksR Plus+ <%:NOT RUNNING%></font></b></em>';
+			}
+		}
+	}
+);
+//]]>
+</script>
+<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
+<fieldset class="cbi-section">
+	<p id="shadowsocksr_status">
+		<em><%:Collecting data...%></em>
+	</p>
+</fieldset>

package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po

@@ -218,7 +218,7 @@ msgid "Running Mode"
 msgstr "运行模式"
 
 msgid "IP Route Mode"
-msgstr "IP路由模式"
+msgstr "绕过中国大陆IP模式"
 
 msgid "GFW List Mode"
 msgstr "GFW列表模式"
@@ -353,8 +353,8 @@ msgstr "无法复制SSR网址到剪贴板。"
 msgid "Copy SSR to clipboard successfully."
 msgstr "成功复制SSR网址到剪贴板。"
 
-msgid "Subscription"
-msgstr "订阅"
+msgid "Servers Manage"
+msgstr "服务器管理"
 
 msgid "Auto Update"
 msgstr "自动更新"
@@ -362,13 +362,80 @@ msgstr "自动更新"
 msgid "Through proxy update"
 msgstr "通过代理更新"
 
+msgid "GFW List"
+msgstr "GFW列表"
+
+msgid "ShadowSocksR Plus+ Settings"
+msgstr "ShadowSocksR Plus+ 设置"
+
+msgid "Main Server"
+msgstr "主服务器"
+
+msgid "Anti-pollution DNS Server"
+msgstr "访问国外域名DNS服务器"
+
+msgid "Use Pdnsd tcp query and cache"
+msgstr "使用PDNSD TCP查询并缓存"
+
+msgid "DNS Server IP:Port"
+msgstr "DNS服务器 IP:Port"
+
 msgid "Update time (every day)"
-msgstr "更新时间 （每天）"
+msgstr "更新时间 (每天)"
+
+msgid "Auto Update Server subscription, GFW list and CHN route"
+msgstr "自动更新服务器订阅、GFW列表和 CHN路由表"
 
 msgid "Subscribe URL"
-msgstr "订阅链接"
+msgstr "SSR服务器订阅URL地址"
 
 msgid "Update"
 msgstr "更新"
 
+msgid "IP black-and-white list"
+msgstr "IP黑白名单"
 
+msgid "WAN IP AC"
+msgstr "WAN IP访问控制"
+
+msgid "WAN White List IP"
+msgstr "不走代理的WAN IP"
+
+msgid "WAN Force Proxy IP"
+msgstr "强制走代理的WAN IP"
+
+msgid "LAN Bypassed Host List"
+msgstr "不走代理的局域网 LAN IP"
+
+msgid "LAN Force Proxy Host List"
+msgstr "全局代理的LAN IP"
+
+msgid "Router Self AC"
+msgstr "路由器自身代理设置"
+
+msgid "Router Self Proxy"
+msgstr "路由器自身代理方式"
+
+msgid "Normal Proxy"
+msgstr "跟随全局设置"
+
+msgid "Bypassed Proxy"
+msgstr "不走代理"
+
+msgid "Forwarded Proxy"
+msgstr "全局代理"
+
+msgid "GFW Custom List"
+msgstr "GFW 用户自定义列表"
+
+msgid "Please refer to the following writing"
+msgstr "每行一个域名，无需写前面的 HTTP(S):// ，提交后即时生效"
+
+msgid "Servers subscription and manage"
+msgstr "服务器节点订阅与管理（支持订阅和手动导入SSR链接）"
+
+msgid "Through proxy update list, Not Recommended"
+msgstr "通过路由器自身代理更新订阅（不推荐）"
+
+msgid "LAN IP AC"
+msgstr "LAN IP访问控制"

package/lean/luci-app-ssr-plus/root/etc/config/gfw.list

@@ -0,0 +1,36 @@
+91smartyun.pt
+adobe.com
+amazonaws.com
+ampproject.org
+apple.news
+aws.amazon.com
+azureedge.net
+backpackers.com.tw
+bitfinex.com
+buzzfeed.com
+clockwise.ee
+cloudfront.net
+coindesk.com
+coinsquare.io
+cryptocompare.com
+dropboxstatic.com
+eurecom.fr
+gdax.com
+github.com
+isnssdk.com
+kknews.cc
+nutaq.com
+openairinterface.org
+skype.com
+snssdk.com
+sublimetext.com
+textnow.com
+textnow.me
+trouter.io
+uploaded.net
+whatsapp.com
+whatsapp.net
+wsj.net
+google.com
+google.com.hk
+youtube.com

package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr

@@ -0,0 +1,30 @@
+
+config global
+	option tunnel_forward '8.8.4.4:53'
+	option tunnel_address '0.0.0.0'
+	option run_mode 'gfw'
+	option pdnsd_enable '1'
+	option monitor_enable '0'
+	option enable_switch '0'
+	option global_server 'nil'
+
+config socks5_proxy
+	option server 'nil'
+	option local_port '1080'
+	option local_address '0.0.0.0'
+
+config access_control
+	option wan_bp_list '/etc/china_ssr.txt'
+	option lan_ac_mode 'b'
+	option router_proxy '1'
+
+config server_global
+	option enable_server '0'
+
+config server_subscribe
+	option proxy '0'
+	option auto_update_time '2'
+	option auto_update '1'
+
+
+

package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr

@@ -27,6 +27,7 @@ pdnsd_enable_flag=0
 switch_enable=0
 switch_server=$1
 MAXFD=32768
+CRON_FILE=/etc/crontabs/root
 
 uci_get_by_name() {
 	local ret=$(uci get $NAME.$1.$2 2>/dev/null)
@@ -38,6 +39,24 @@ uci_get_by_type() {
 	echo ${ret:=$3}
 }
 
+add_cron()
+{
+	sed -i '/ssrplus.log/d' $CRON_FILE
+	echo '0 */1 * * * /usr/share/shadowsocksr/ssr-watchdog >> /tmp/ssrplus.log 2>&1' >> $CRON_FILE
+	echo '0 1 * * 0 echo "" > /tmp/ssrplus.log' >> $CRON_FILE
+	[ -n "$(grep -w "/usr/share/shadowsocksr/subscribe.sh" $CRON_FILE)" ] && sed -i '/\/usr\/share\/shadowsocksr\/subscribe.sh/d' $CRON_FILE
+	[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/subscribe.sh" >> $CRON_FILE
+	[ -z "$(grep -w "/usr/share/shadowsocksr/update.sh" $CRON_FILE)" ] && echo "0 5 * * 0 /usr/share/shadowsocksr/update.sh" >> $CRON_FILE
+	crontab $CRON_FILE
+}
+
+del_cron()
+{
+	sed -i '/shadowsocksr/d' $CRON_FILE
+	sed -i '/ssrplus.log/d' $CRON_FILE
+	/etc/init.d/cron restart
+}
+
 run_mode=$(uci_get_by_type global run_mode)
 
 gen_config_file() {
@@ -119,7 +138,7 @@ start_rules() {
 	
 	local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port)
 	local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips)
-	local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode)
+	local lan_ac_mode="b"
 	local router_proxy=$(uci_get_by_type access_control router_proxy)
 	if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then
 		ARG_UDP="-u"
@@ -151,6 +170,7 @@ start_rules() {
 		-i "$(uci_get_by_type access_control wan_bp_list)" \
 		-b "$(uci_get_by_type access_control wan_bp_ips)" \
 		-w "$(uci_get_by_type access_control wan_fw_ips)" \
+		-p "$(uci_get_by_type access_control lan_fp_ips)" \
 		$(get_arg_out) $gfwmode $ARG_UDP
 			
 	return $?
@@ -172,7 +192,7 @@ start_pdnsd() {
 	
 	cat > /var/etc/pdnsd.conf <<EOF
 global {
-	perm_cache=10240;
+	perm_cache=1024;
 	cache_dir="/var/pdnsd";
 	pid_file = /var/run/pdnsd.pid;
 	run_as="nobody";
@@ -310,34 +330,6 @@ start_redir() {
 	return $?
 }
 
-start_udp2raw() {
-	cat > /var/etc/udp2raw.conf <<EOF
-# udp2raw config file
--c
--l0.0.0.0:$(uci_get_by_type udp2raw local_port)
--r$(uci_get_by_type udp2raw server):$(uci_get_by_type udp2raw server_port)
--a
--k $(uci_get_by_type udp2raw key)
---raw-mode $(uci_get_by_type udp2raw raw_mode)
---seq-mode $(uci_get_by_type udp2raw seq_mode)
---cipher-mode $(uci_get_by_type udp2raw cipher_mode)
---auth-mode $(uci_get_by_type udp2raw auth_mode)
-EOF
-	/usr/bin/udp2raw --conf-file /var/etc/udp2raw.conf >/dev/null 2>&1 &
-}
-
-start_udpspeeeder() {
-	/usr/bin/udpspeeder -c -l0.0.0.0:$(uci_get_by_type udpspeeder local_port) \
-		-r$(uci_get_by_type udpspeeder server):$(uci_get_by_type udpspeeder server_port) \
-		-k $(uci_get_by_type udpspeeder key) \
-		--mode $(uci_get_by_type udpspeeder speeder_mode) \
-		--mtu $(uci_get_by_type udpspeeder mtu) \
-		-f$(uci_get_by_type udpspeeder fec) \
-		-q$(uci_get_by_type udpspeeder queue_len) \
-		--timeout $(uci_get_by_type udpspeeder timeout) \
-		>/dev/null 2>&1 &
-}
-
 gen_service_file() {
 	if [ $(uci_get_by_name $1 fast_open) = "1" ] ;then
 	fastopen="true";
@@ -428,18 +420,7 @@ rules() {
 	fi
 }
 
-start() {
-	case "$(uci_get_by_type udp2raw udp2raw_enable)" in
-		1|on|true|yes|enabled)
-			start_udp2raw
-			;;
-	esac
-	case "$(uci_get_by_type udpspeeder udpspeeder_enable)" in
-		1|on|true|yes|enabled)
-			start_udpspeeeder
-			;;
-	esac
-
+start() { 
 	if [ -z "$switch_server" ] ;then
 	GLOBAL_SERVER=$(uci_get_by_type global global_server)
 	else
@@ -455,21 +436,20 @@ start() {
 			start_tunnel
 			;;
 	esac
+	else
+		mkdir -p /tmp/dnsmasq.d
+		cat > /tmp/dnsmasq.d/dnsmasq-ssr.conf <<EOF
+conf-dir=/etc/dnsmasq.ssr
+EOF
+		/etc/init.d/dnsmasq restart
 	fi
 	
 	fi
 	start_server	
 	start_local
-	if [ $(uci_get_by_type global monitor_enable) = 1 ] ;then
-	let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable
-	if [ $total_count -gt 0 ] ;then
-	#param:server(count) redir_tcp(0:no,1:yes)  redir_udp tunnel kcp local gfw
-		service_start /usr/bin/ssr-monitor \
-			$server_count $redir_tcp $redir_udp $tunnel_enable \
-			$kcp_enable_flag $local_enable $pdnsd_enable_flag $switch_enable
-	fi
-	fi
-	
+	ENABLE_SERVER=$(uci_get_by_type global global_server)
+	[ "$ENABLE_SERVER" = "nil" ] && return 1
+	add_cron
 }
 
 boot() {
@@ -484,13 +464,6 @@ stop() {
 	iptables -t filter -D INPUT  -j SSR-SERVER-RULE
 	iptables -X SSR-SERVER-RULE 2>/dev/null
 	fi
-
-	killall -q -9 ssr-monitor
-
-	killall -q -9 udp2raw
-	killall -q -9 udpspeeder
-	/usr/bin/udp2raw --clear >/dev/null
-
 	if [ -z "$switch_server" ] ;then
 	killall -q -9 ssr-switch
 	fi
@@ -499,5 +472,11 @@ stop() {
 	killall -q -9 ssr-server
 	killall -q -9 ssr-kcptun
 	killall -q -9 ssr-local
-	killall -q pdnsd
+	kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 || killall -9 pdnsd >/dev/null 2>&1 
+	
+	if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then
+		rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf
+		/etc/init.d/dnsmasq restart
+  fi
+  del_cron
 }

package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus

@@ -13,5 +13,6 @@ uci -q batch <<-EOF >/dev/null
 	commit firewall
 EOF
 
+/usr/share/shadowsocksr/gfw2ipset.sh
 rm -f /tmp/luci-indexcache
 exit 0

package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw

@@ -26,8 +26,6 @@ BEGIN { prev = "________"; }  {
 
 generate_china_banned /tmp/gfw.b64 > /tmp/gfw.txt
 rm -f /tmp/gfwlist.txt
-datestr=`date`
-echo -e "# gfw list ipset rules for dnsmasq\n# updated on $datestr\n#">/tmp/gfwnew.txt
-sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5353\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >>/tmp/gfwnew.txt
+sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5353\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt
 rm -f /tmp/gfw.txt
 

package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules

@@ -26,6 +26,7 @@ usage() {
 		                            define access control mode
 		    -b <wan_ips>            wan ip of will be bypassed
 		    -w <wan_ips>            wan ip of will be forwarded
+		    -p <fp_lan_ips>         lan ip of will be global proxy
 		    -e <extra_options>      extra options for iptables
 		    -o                      apply the rules to the OUTPUT chain
 		    -O                      apply the global rules to the OUTPUT chain
@@ -60,6 +61,7 @@ flush_r() {
 	ipset -X ss_spec_lan_ac 2>/dev/null
 	ipset -X ss_spec_wan_ac 2>/dev/null
 	ipset -X ssr_gen_router 2>/dev/null
+	ipset -X fplan 2>/dev/null
 	[ -n "$FWI" ] && echo '#!/bin/sh' >$FWI
 	return 0
 }
@@ -79,12 +81,22 @@ EOF
 	for ip in $WAN_FW_IP; do ipset add gfwlist  $ip ; done
 	$IPT -N SS_SPEC_WAN_AC
 	$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
+	
+	ipset -N fplan iphash 2>/dev/null
+	for ip in $LAN_FP_IP; do ipset add fplan $ip ; done
+	$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
 	fi
 	return $?
 }
 
 fw_rule() {
-	$IPT -N SS_SPEC_WAN_FW && \
+	$IPT -N SS_SPEC_WAN_FW
+	$IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN
+	$IPT -A SS_SPEC_WAN_FW -d 127.0.0.0/8 -j RETURN
+	$IPT -A SS_SPEC_WAN_FW -d 172.16.0.0/12 -j RETURN
+	$IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN
+	$IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN
+	$IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4	-j RETURN
 	$IPT -A SS_SPEC_WAN_FW -p tcp \
 		-j REDIRECT --to-ports $local_port 2>/dev/null || {
 		loger 3 "Can't redirect, please check the iptables."
@@ -220,7 +232,7 @@ EOF
 	return 0
 }
 
-while getopts ":s:l:S:L:i:e:a:b:w:oOuUfgh" arg; do
+while getopts ":s:l:S:L:i:e:a:b:w:p:oOuUfgh" arg; do
 	case "$arg" in
 		s)
 			server=$OPTARG
@@ -249,6 +261,9 @@ while getopts ":s:l:S:L:i:e:a:b:w:oOuUfgh" arg; do
 		w)
 			WAN_FW_IP=$OPTARG
 			;;
+		p)
+			LAN_FP_IP=$OPTARG
+			;;		
 		o)
 			OUTPUT=1
 			;;

package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"gfwlist"'\n",$0)}' /etc/config/gfw.list > /etc/dnsmasq.ssr/custom_forward.conf
+awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5353"'\n",$0)}' /etc/config/gfw.list >> /etc/dnsmasq.ssr/custom_forward.conf
+

package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssr-watchdog

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
+
+/usr/bin/ssr-check www.google.com 80 3 1
+
+if [ "$?" == "0" ]; then
+	echo '['$LOGTIME'] ShadowsocksR No Problem.'
+else
+	/usr/bin/ssr-check www.baidu.com 80 3 1
+	if [ "$?" == "0" ]; then
+		echo '['$LOGTIME'] Problem decteted, restarting ShadowsocksR...'
+		/etc/init.d/shadowsocksr restart
+	else
+		echo '['$LOGTIME'] Network Problem. Do nothing.'
+	fi
+fi

package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.sh

@@ -24,7 +24,7 @@ Server_Update() {
     local uci_set="uci -q set $name.$1."
     ${uci_set}alias="[$ssr_group] $ssr_remarks"
     ${uci_set}auth_enable="0"
-    ${uci_set}switch_enable="0"
+    ${uci_set}switch_enable="1"
     ${uci_set}server="$ssr_host"
     ${uci_set}server_port="$ssr_port"
     ${uci_set}local_port="1234"
@@ -48,7 +48,7 @@ subscribe_url=($(uci get $name.@server_subscribe[0].subscribe_url))
 log_name=${name}_subscribe
 for ((o=0;o<${#subscribe_url[@]};o++))
 do
-    subscribe_data=$(curl -s -L --connect-timeout 3 ${subscribe_url[o]})
+    subscribe_data=$(wget-ssl --no-check-certificate -T 3 -O- ${subscribe_url[o]})
     curl_code=$?
     if [ $curl_code -eq 0 ];then
         ssr_url=($(echo $subscribe_data | base64 -d | sed 's/\r//g')) # 解码数据并删除 \r 换行符
@@ -117,19 +117,7 @@ do
                         ;;
                     esac
                 done
-                CheckIPAddr $ssr_host
-                if [ $? -ne 0 ]; then # 如果地址不是IP 则解析IP
-                    ssr_hosts=($(dig $ssr_host a +short))
-                    for ((i=0;i<${#ssr_hosts[@]};i++))
-                    do
-                        ssr_host=${ssr_hosts[i]}
-                        CheckIPAddr $ssr_host
-                        [ $? -eq 0 ] && continue
-                        ssr_host=""
-                    done
-                    [ -z "$ssr_host" ] && continue
-                fi
-                
+               
                 uci_name_tmp=$(uci show $name | grep -w $ssr_host | awk -F . '{print $2}')
                 if [ -z "$uci_name_tmp" ]; then # 判断当前服务器信息是否存在
                     uci_name_tmp=$(uci add $name servers)

package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.sh

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+chnroute_data=$(wget -O- -t 3 -T 3 http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest)
+[ $? -eq 0 ] && {
+    echo "$chnroute_data" | grep ipv4 | grep CN | awk -F\| '{ printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt
+}
+
+if [ -s "/tmp/china_ssr.txt" ];then
+  if ( ! cmp -s /tmp/china_ssr.txt /etc/china_ssr.txt );then
+    mv /tmp/china_ssr.txt /etc/china_ssr.txt
+  fi
+fi
+
+wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfw.b64
+/usr/bin/ssr-gfw
+
+if [ -s "/tmp/gfwnew.txt" ];then
+  if ( ! cmp -s /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf );then
+    mv /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf
+    echo "copy"
+  fi
+fi
+
+/etc/init.d/shadowsocksr restart

package/lean/luci-app-zerotier/Makefile

@@ -10,7 +10,7 @@ LUCI_TITLE:=LuCI for Zerotier
 LUCI_DEPENDS:=+zerotier
 LUCI_PKGARCH:=all
 PKG_VERSION:=1.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

package/lean/luci-app-zerotier/luasrc/controller/zerotier.lua

@@ -5,7 +5,7 @@ function index()
 return
 end
 
-entry({"admin","services","zerotier"},cbi("zerotier"),_("ZeroTier"),10).dependent=true
+entry({"admin","services","zerotier"},cbi("zerotier"),_("ZeroTier"),90).dependent=true
 entry({"admin","services","zerotier","status"},call("act_status")).leaf=true
 end
 

package/lean/openwrt-ssr/Makefile

@@ -1,238 +0,0 @@
-#
-# Copyright (C) 2017 OpenWrt-ssr
-# Copyright (C) 2017 yushi studio <ywb94@qq.com>
-#
-# This is free software, licensed under the GNU General Public License v3.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=openwrt-ssr
-PKG_VERSION:=3.1.1
-# PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
-PKG_SOURCE_VERSION:=d4904568c0bd7e0861c0cbfeaa43740f404db214
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_LICENSE:=GPLv3
-PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Akkariiin
-
-#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_INSTALL:=1
-PKG_FIXUP:=autoreconf
-PKG_USE_MIPS16:=0
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/openwrt-ssr/Default
-	SECTION:=luci
-	CATEGORY:=LuCI
-	SUBMENU:=3. Applications
-	TITLE:=shadowsocksR-libev LuCI interface
-	URL:=https://github.com/MrTheUniverse/openwrt-ssr
-	VARIANT:=$(1)
-	DEPENDS:=$(3)	
-	PKGARCH:=all
-endef
-
-
-Package/luci-app-shadowsocksR = $(call Package/openwrt-ssr/Default,openssl,(OpenSSL),+libopenssl +libpthread +ipset +ip-full +iptables-mod-tproxy +libpcre +zlib)
-Package/luci-app-shadowsocksR-Client = $(call Package/openwrt-ssr/Default,openssl,(OpenSSL),+libopenssl +libpthread +ipset +ip-full +iptables-mod-tproxy +libpcre +zlib)
-Package/luci-app-shadowsocksR-Server = $(call Package/openwrt-ssr/Default,openssl,(OpenSSL),+libopenssl +libpthread +ipset +ip-full +iptables-mod-tproxy +libpcre +zlib)
-Package/luci-app-shadowsocksR-GFW = $(call Package/openwrt-ssr/Default,openssl,(OpenSSL),+libopenssl +libpthread +ipset +ip-full +iptables-mod-tproxy +libpcre +zlib +dnsmasq-full +coreutils +coreutils-base64 +curl +bash +bind-dig +pdnsd-alt)
-
-define Package/openwrt-ssr/description
-	LuCI Support for $(1).
-endef
-
-Package/luci-app-shadowsocksR/description = $(call Package/openwrt-ssr/description,shadowsocksr-libev Client and Server)
-Package/luci-app-shadowsocksR-Client/description = $(call Package/openwrt-ssr/description,shadowsocksr-libev Client)
-Package/luci-app-shadowsocksR-Server/description = $(call Package/openwrt-ssr/description,shadowsocksr-libev Server)
-Package/luci-app-shadowsocksR-GFW/description = $(call Package/openwrt-ssr/description,shadowsocksr-libev GFW)
-
-define Package/openwrt-ssr/prerm
-#!/bin/sh
-# check if we are on real system
-if [ -z "$${IPKG_INSTROOT}" ]; then
-    echo "Removing rc.d symlink for shadowsocksr"
-     /etc/init.d/shadowsocksr disable
-     /etc/init.d/shadowsocksr stop
-    echo "Removing firewall rule for shadowsocksr"
-	  uci -q batch <<-EOF >/dev/null
-		delete firewall.shadowsocksr
-		commit firewall
-EOF
-if [ "$(1)" = "GFW" ] ;then
-sed -i '/conf-dir/d' /etc/dnsmasq.conf
-/etc/init.d/dnsmasq restart 
-fi
-fi
-exit 0
-endef
-
-Package/luci-app-shadowsocksR/prerm = $(call Package/openwrt-ssr/prerm,shadowsocksr)
-Package/luci-app-shadowsocksR-Client/prerm = $(call Package/openwrt-ssr/prerm,shadowsocksr)
-Package/luci-app-shadowsocksR-GFW/prerm = $(call Package/openwrt-ssr/prerm,GFW)
-
-define Package/luci-app-shadowsocksR-Server/prerm
-#!/bin/sh
-if [ -z "$${IPKG_INSTROOT}" ]; then
- /etc/init.d/shadowsocksr disable
- /etc/init.d/shadowsocksr stop
-fi 
-exit 0
-
-endef
-
-
-define Package/openwrt-ssr/postinst
-#!/bin/sh
-
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	uci -q batch <<-EOF >/dev/null
-		delete firewall.shadowsocksr
-		set firewall.shadowsocksr=include
-		set firewall.shadowsocksr.type=script
-		set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
-		set firewall.shadowsocksr.reload=1
-		commit firewall
-EOF
-fi
-
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	( . /etc/uci-defaults/luci-shadowsocksr ) && rm -f /etc/uci-defaults/luci-shadowsocksr
-	chmod 755 /etc/init.d/shadowsocksr >/dev/null 2>&1
-	/etc/init.d/shadowsocksr enable >/dev/null 2>&1
-    if [ "$(1)" = "GFW" ] ;then
-	   if [ -f "/etc/dnsmasq.conf" ]; then
-          str=`cat /etc/dnsmasq.conf|grep conf-dir`
-          if [ -z "$str" ]; then
-             echo "conf-dir=/etc/dnsmasq.ssr" >> /etc/dnsmasq.conf
-         else
-             sed -i '/conf-dir/d' /etc/dnsmasq.conf  
-             echo "conf-dir=/etc/dnsmasq.ssr" >> /etc/dnsmasq.conf
-           fi 
-       else
-           echo "conf-dir=/etc/dnsmasq.ssr" > /etc/dnsmasq.conf
-       fi
-	    /etc/init.d/dnsmasq restart 
-	fi
-fi
-exit 0
-endef
-
-
-Package/luci-app-shadowsocksR/postinst = $(call Package/openwrt-ssr/postinst,shadowsocksr)
-Package/luci-app-shadowsocksR-Client/postinst = $(call Package/openwrt-ssr/postinst,shadowsocksr)
-Package/luci-app-shadowsocksR-GFW/postinst = $(call Package/openwrt-ssr/postinst,GFW)
-
-define Package/luci-app-shadowsocksR-Server/postinst
-#!/bin/sh
-
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	( . /etc/uci-defaults/luci-shadowsocksr ) && rm -f /etc/uci-defaults/luci-shadowsocksr
-	chmod 755 /etc/init.d/shadowsocksr >/dev/null 2>&1
-	/etc/init.d/shadowsocksr enable >/dev/null 2>&1
-fi
-exit 0
-endef
-
-
-
-CONFIGURE_ARGS += --disable-documentation --disable-ssp
-
-define Install/common
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller
-	$(INSTALL_DATA) ./files/luci/controller/shadowsocksr.lua $(1)/usr/lib/lua/luci/controller/shadowsocksr.lua
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/i18n
-	$(INSTALL_DATA) ./files/luci/i18n/shadowsocksr.*.lmo $(1)/usr/lib/lua/luci/i18n
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr
-	$(INSTALL_DATA) ./files/luci/model/cbi/shadowsocksr/*.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr/
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/shadowsocksr
-	$(INSTALL_DATA) ./files/luci/view/shadowsocksr/*.htm $(1)/usr/lib/lua/luci/view/shadowsocksr/
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_BIN) ./files/root/etc/uci-defaults/luci-shadowsocksr $(1)/etc/uci-defaults/luci-shadowsocksr
-
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DATA) ./files/shadowsocksr.config $(1)/etc/config/shadowsocksr
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/shadowsocksr.init $(1)/etc/init.d/shadowsocksr
-endef
-
-define Package/openwrt-ssr/install
-	$(call Install/common,$(1))
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local	
-	$(LN) /usr/bin/ssr-local $(1)/usr/bin/ssr-tunnel
-	#$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-server $(1)/usr/bin/ssr-server		
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
-	$(INSTALL_BIN) ./files/shadowsocksr.rule $(1)/usr/bin/ssr-rules
-	$(INSTALL_BIN) ./files/shadowsocksr.monitor $(1)/usr/bin/ssr-monitor
-	$(INSTALL_BIN) ./files/shadowsocksr.switch $(1)/usr/bin/ssr-switch
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DATA) ./files/china_ssr.txt $(1)/etc/china_ssr.txt
-	$(INSTALL_DIR) $(1)/usr/share/shadowsocksr
-	$(INSTALL_BIN) ./files/root/usr/share/shadowsocksr/*.sh $(1)/usr/share/shadowsocksr/
-endef
-
-Package/luci-app-shadowsocksR/install = $(call Package/openwrt-ssr/install,$(1),shadowsocksr)
-
-define Package/luci-app-shadowsocksR-Client/install
-	$(call Install/common,$(1))
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
-	#$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-tunnel $(1)/usr/bin/ssr-tunnel	
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
-	$(INSTALL_BIN) ./files/shadowsocksr.rule $(1)/usr/bin/ssr-rules
-	$(INSTALL_BIN) ./files/shadowsocksr.monitor $(1)/usr/bin/ssr-monitor
-	$(INSTALL_BIN) ./files/shadowsocksr.switch $(1)/usr/bin/ssr-switch
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DATA) ./files/china_ssr.txt $(1)/etc/china_ssr.txt	
-endef
-
-define Package/luci-app-shadowsocksR-Server/install
-	$(call Install/common,$(1))
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-server $(1)/usr/bin/ssr-server		
-	$(INSTALL_BIN) ./files/shadowsocksr.rule $(1)/usr/bin/ssr-rules
-	$(INSTALL_BIN) ./files/shadowsocksr.monitor $(1)/usr/bin/ssr-monitor
-endef
-
-define Package/luci-app-shadowsocksR-GFW/install
-	$(call Install/common,$(1))
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local	
-	$(LN) /usr/bin/ssr-local $(1)/usr/bin/ssr-tunnel
-	#$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-server $(1)/usr/bin/ssr-server		
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
-	$(INSTALL_BIN) ./files/shadowsocksr.rule $(1)/usr/bin/ssr-rules
-	$(INSTALL_BIN) ./files/shadowsocksr.monitor $(1)/usr/bin/ssr-monitor
-	$(INSTALL_BIN) ./files/shadowsocksr.gfw $(1)/usr/bin/ssr-gfw
-	$(INSTALL_BIN) ./files/shadowsocksr.ad $(1)/usr/bin/ssr-ad
-	$(INSTALL_BIN) ./files/shadowsocksr.switch $(1)/usr/bin/ssr-switch
-	$(INSTALL_DIR) $(1)/etc/dnsmasq.ssr
-	$(INSTALL_DATA) ./files/gfw_list.conf $(1)/etc/dnsmasq.ssr/gfw_list.conf
-	$(INSTALL_DATA) ./files/custom_forward.conf $(1)/etc/dnsmasq.ssr/custom_forward.conf
-	$(INSTALL_DATA) ./files/ad.conf $(1)/etc/dnsmasq.ssr/ad.conf
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DATA) ./files/china_ssr.txt $(1)/etc/china_ssr.txt	
-	$(INSTALL_DIR) $(1)/usr/share/shadowsocksr
-	$(INSTALL_DATA) ./files/root/usr/share/shadowsocksr/*.sh $(1)/usr/share/shadowsocksr/
-endef
-
-#$(eval $(call BuildPackage,luci-app-shadowsocksR))
-#$(eval $(call BuildPackage,luci-app-shadowsocksR-Client))
-#$(eval $(call BuildPackage,luci-app-shadowsocksR-Server))
-$(eval $(call BuildPackage,luci-app-shadowsocksR-GFW))

package/lean/openwrt-ssr/files/custom_forward.conf

@@ -1,68 +0,0 @@
-server=/.skype.com/127.0.0.1#5353
-ipset=/.skype.com/gfwlist
-server=/.buzzfeed.com/127.0.0.1#5353
-ipset=/.buzzfeed.com/gfwlist
-server=/.openairinterface.org/127.0.0.1#5353
-ipset=/.openairinterface.org/gfwlist
-server=/.apple.news/127.0.0.1#5353
-ipset=/.apple.news/gfwlist
-server=/.dropboxstatic.com/127.0.0.1#5353
-ipset=/.dropboxstatic.com/gfwlist
-server=/.github.com/127.0.0.1#5353
-ipset=/.github.com/gfwlist
-server=/.amazonaws.com/127.0.0.1#5353
-ipset=/.amazonaws.com/gfwlist
-server=/.aws.amazon.com/127.0.0.1#5353
-ipset=/.aws.amazon.com/gfwlist
-server=/.sublimetext.com/127.0.0.1#5353
-ipset=/.sublimetext.com/gfwlist
-server=/.clockwise.ee/127.0.0.1#5353
-ipset=/.clockwise.ee/gfwlist
-server=/.adobe.com/127.0.0.1#5353
-ipset=/.adobe.com/gfwlist
-server=/.nutaq.com/127.0.0.1#5353
-ipset=/.nutaq.com/gfwlist
-server=/.uploaded.net/127.0.0.1#5353
-ipset=/.uploaded.net/gfwlist
-server=/.whatsapp.com/127.0.0.1#5353
-ipset=/.whatsapp.com/gfwlist
-server=/.whatsapp.net/127.0.0.1#5353
-ipset=/.whatsapp.net/gfwlist
-server=/.backpackers.com.tw/127.0.0.1#5353
-ipset=/.backpackers.com.tw/gfwlst
-server=/.kknews.cc/127.0.0.1#5353
-ipset=/.kknews.cc/gfwlist
-server=/.eurecom.fr/127.0.0.1#5353
-ipset=/.eurecom.fr/gfwlist
-server=/.91smartyun.pt/127.0.0.1#5353
-ipset=/.91smartyun.pt/gfwlist
-server=/.gdax.com/127.0.0.1#5353
-ipset=/.gdax.com/gfwlist
-server=/.coinsquare.io/127.0.0.1#5353
-ipset=/.coinsquare.io/gfwlist
-server=/.coindesk.com/127.0.0.1#5353
-ipset=/.coindesk.com/gfwlist
-server=/.trouter.io/127.0.0.1#5353
-ipset=/.trouter.io/gfwlist
-server=/.cryptocompare.com/127.0.0.1#5353
-ipset=/.cryptocompare.com/gfwlist
-server=/.github.com/127.0.0.1#5353
-ipset=/.github.com/gfwlist
-server=/.azureedge.net/127.0.0.1#5353
-ipset=/.azureedge.net/gfwlist
-server=/.wsj.net/127.0.0.1#5353
-ipset=/.wsj.net/gfwlist
-server=/.bitfinex.com/127.0.0.1#5353
-ipset=/.bitfinex.com/gfwlist
-server=/.textnow.me/127.0.0.1#5353
-ipset=/.textnow.me/gfwlist
-server=/.textnow.com/127.0.0.1#5353
-ipset=/.textnow.com/gfwlist
-server=/.isnssdk.com/127.0.0.1#5353
-ipset=/.isnssdk.com/gfwlist
-server=/.snssdk.com/127.0.0.1#5353
-ipset=/.snssdk.com/gfwlist
-server=/.ampproject.org/127.0.0.1#5353
-ipset=/.ampproject.org/gfwlist
-server=/.cloudfront.net/127.0.0.1#5353
-ipset=/.cloudfront.net/gfwlist

package/lean/openwrt-ssr/files/dnsmasq.conf

@@ -1,38 +0,0 @@
-# Change the following lines if you want dnsmasq to serve SRV
-# records.
-# You may add multiple srv-host lines.
-# The fields are <name>,<target>,<port>,<priority>,<weight>
-
-# A SRV record sending LDAP for the example.com domain to
-# ldapserver.example.com port 289
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
-
-# Two SRV records for LDAP, each with different priorities
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
-
-# A SRV record indicating that there is no LDAP server for the domain
-# example.com
-#srv-host=_ldap._tcp.example.com
-
-# The following line shows how to make dnsmasq serve an arbitrary PTR
-# record. This is useful for DNS-SD.
-# The fields are <name>,<target>
-#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
-
-# Change the following lines to enable dnsmasq to serve TXT records.
-# These are used for things like SPF and zeroconf.
-# The fields are <name>,<text>,<text>...
-
-#Example SPF.
-#txt-record=example.com,"v=spf1 a -all"
-
-#Example zeroconf
-#txt-record=_http._tcp.example.com,name=value,paper=A4
-
-# Provide an alias for a "local" DNS name. Note that this _only_ works
-# for targets which are names from DHCP or /etc/hosts. Give host
-# "bert" another name, bertrand
-# The fields are <cname>,<target>
-#cname=bertand,bert
-conf-dir=/etc/dnsmasq.ssr

package/lean/openwrt-ssr/files/luci/model/cbi/shadowsocksr/client.lua

@@ -1,376 +0,0 @@
--- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
--- Licensed to the public under the GNU General Public License v3.
-
-local m, s, sec, o, kcp_enable
-local shadowsocksr = "shadowsocksr"
-local uci = luci.model.uci.cursor()
-local ipkg = require("luci.model.ipkg")
-
-local sys = require "luci.sys"
-
-m = Map(shadowsocksr, translate("ShadowSocksR Client"))
-
-local server_table = {}
-local encrypt_methods = {
-	"none",
-	"table",
-	"rc4",
-	"rc4-md5-6",
-	"rc4-md5",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",	
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
-}
-
-local protocol = {
-	"origin",
-	"verify_deflate",		
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
-	"auth_chain_b",
-	"auth_chain_c",
-	"auth_chain_d",
-	"auth_chain_e",
-	"auth_chain_f",
-}
-
-obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",	
-	"tls1.2_ticket_auth",
-}
-
-local raw_mode = {
-	"faketcp",
-	"udp",
-	"icmp",
-}
-
-local seq_mode = {
-	"0",
-	"1",
-	"2",
-	"3",
-	"4",
-}
-
-local cipher_mode = {
-	"none",
-	"xor",
-	"aes128cbc",
-}
-
-local auth_mode = {
-	"none",
-	"simple",
-	"md5",
-	"crc32",
-}
-
-local speeder_mode = {
-	"0",
-	"1",
-}
-
-uci:foreach(shadowsocksr, "servers", function(s)
-	if s.alias then
-		server_table[s[".name"]] = s.alias
-	elseif s.server and s.server_port then
-		server_table[s[".name"]] = "%s:%s" %{s.server, s.server_port}
-	end
-end)
-
--- [[ Servers Setting ]]--
-sec = m:section(TypedSection, "servers", translate("Servers Setting"))
-sec.anonymous = true
-sec.addremove = true
-sec.sortable = true
-sec.template = "cbi/tblsection"
-sec.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/client/%s")
-function sec.create(...)
-	local sid = TypedSection.create(...)
-	if sid then
-		luci.http.redirect(sec.extedit % sid)
-		return
-	end
-end
-
-o = sec:option(DummyValue, "alias", translate("Alias"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or translate("None")
-end
-
-o = sec:option(DummyValue, "server", translate("Server Address"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "server_port", translate("Server Port"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "encrypt_method", translate("Encrypt Method"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "protocol", translate("Protocol"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "obfs", translate("Obfs"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "kcp_enable", translate("KcpTun"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "switch_enable", translate("Auto Switch"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "0"
-end
-
--- [[ Global Setting ]]--
-s = m:section(TypedSection, "global", translate("Global Setting"))
-s.anonymous = true
-
-o = s:option(ListValue, "global_server", translate("Global Server"))
-o:value("nil", translate("Disable"))
-for k, v in pairs(server_table) do o:value(k, v) end
-o.default = "nil"
-o.rmempty = false
-
-o = s:option(ListValue, "udp_relay_server", translate("UDP Relay Server"))
-o:value("", translate("Disable"))
-o:value("same", translate("Same as Global Server"))
-for k, v in pairs(server_table) do o:value(k, v) end
-
-o = s:option(Flag, "monitor_enable", translate("Enable Process Monitor"))
-o.rmempty = false
-
-o = s:option(Flag, "enable_switch", translate("Enable Auto Switch"))
-o.rmempty = false
-
-o = s:option(Value, "switch_time", translate("Switch check cycly(second)"))
-o.datatype = "uinteger"
-o:depends("enable_switch", "1")
-o.default = 600
-
-o = s:option(Value, "switch_timeout", translate("Check timout(second)"))
-o.datatype = "uinteger"
-o:depends("enable_switch", "1")
-o.default = 3
-
-if nixio.fs.access("/usr/bin/ssr-gfw") then
-o = s:option(ListValue, "run_mode", translate("Running Mode"))
-o:value("router", translate("IP Route Mode"))
-o:value("gfw", translate("GFW List Mode"))
-
-o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
-o:depends("run_mode", "gfw")
-o:value("0", translate("Use SSR DNS Tunnel"))
-o:value("1", translate("Use Pdnsd(Need to install)"))
-o:value("2", translate("Use Other DNS Tunnel(Need to install)"))
-
-o = s:option(Flag, "tunnel_enable", translate("Enable Tunnel(DNS)"))
-o:depends("run_mode", "router")
-o.default = 0
-
-o = s:option(Value, "tunnel_port", translate("Tunnel Port"))
-o:depends("run_mode", "router")
-o.datatype = "port"
-o.default = 5300
-else
-o = s:option(Flag, "tunnel_enable", translate("Enable Tunnel(DNS)"))
-o.default = 0
-
-o = s:option(Value, "tunnel_port", translate("Tunnel Port"))
-o.datatype = "port"
-o.default = 5300
-end
-
-o = s:option(Value, "tunnel_forward", translate("DNS Server IP and Port"))
-o.default = "8.8.4.4:53"
-o.rmempty = false
-
--- [[ SOCKS5 Proxy ]]--
-s = m:section(TypedSection, "socks5_proxy", translate("SOCKS5 Proxy"))
-s.anonymous = true
-
-o = s:option(ListValue, "server", translate("Server"))
-o:value("nil", translate("Disable"))
-for k, v in pairs(server_table) do o:value(k, v) end
-o.default = "nil"
-o.rmempty = false
-
-o = s:option(Value, "local_port", translate("Local Port"))
-o.datatype = "port"
-o.default = 1234
-o.rmempty = false
-
--- [[ udp2raw ]]--
-if nixio.fs.access("/usr/bin/udp2raw") then
-
-s = m:section(TypedSection, "udp2raw", translate("udp2raw tunnel"))
-s.anonymous = true
-
-o = s:option(Flag, "udp2raw_enable", translate("Enable udp2raw"))
-o.default = 0
-o.rmempty = false
-
-o = s:option(Value, "server", translate("Server Address"))
-o.datatype = "host"
-o.rmempty = false
-
-o = s:option(Value, "server_port", translate("Server Port"))
-o.datatype = "port"
-o.rmempty = false
-
-o = s:option(Value, "local_port", translate("Local Port"))
-o.datatype = "port"
-o.rmempty = false
-
-o = s:option(Value, "key", translate("Password"))
-o.password = true
-o.rmempty = false
-
-o = s:option(ListValue, "raw_mode", translate("Raw Mode"))
-for _, v in ipairs(raw_mode) do o:value(v) end
-o.default = "faketcp"
-o.rmempty = false
-
-o = s:option(ListValue, "seq_mode", translate("Seq Mode"))
-for _, v in ipairs(seq_mode) do o:value(v) end
-o.default = "3"
-o.rmempty = false
-
-o = s:option(ListValue, "cipher_mode", translate("Cipher Mode"))
-for _, v in ipairs(cipher_mode) do o:value(v) end
-o.default = "xor"
-o.rmempty = false
-
-o = s:option(ListValue, "auth_mode", translate("Auth Mode"))
-for _, v in ipairs(auth_mode) do o:value(v) end
-o.default = "simple"
-o.rmempty = false
-
-end
-
--- [[ udpspeeder ]]--
-if nixio.fs.access("/usr/bin/udpspeeder") then
-
-s = m:section(TypedSection, "udpspeeder", translate("UDPspeeder"))
-s.anonymous = true
-
-o = s:option(Flag, "udpspeeder_enable", translate("Enable UDPspeeder"))
-o.default = 0
-o.rmempty = false
-
-o = s:option(Value, "server", translate("Server Address"))
-o.datatype = "host"
-o.rmempty = false
-
-o = s:option(Value, "server_port", translate("Server Port"))
-o.datatype = "port"
-o.rmempty = false
-
-o = s:option(Value, "local_port", translate("Local Port"))
-o.datatype = "port"
-o.rmempty = false
-
-o = s:option(Value, "key", translate("Password"))
-o.password = true
-o.rmempty = false
-
-o = s:option(ListValue, "speeder_mode", translate("Speeder Mode"))
-for _, v in ipairs(speeder_mode) do o:value(v) end
-o.default = "0"
-o.rmempty = false
-
-o = s:option(Value, "fec", translate("Fec"))
-o.default = "20:10"
-o.rmempty = false
-
-o = s:option(Value, "mtu", translate("Mtu"))
-o.datatype = "uinteger"
-o.default = 1250
-o.rmempty = false
-
-o = s:option(Value, "queue_len", translate("Queue Len"))
-o.datatype = "uinteger"
-o.default = 200
-o.rmempty = false
-
-o = s:option(Value, "timeout", translate("Fec Timeout"))
-o.datatype = "uinteger"
-o.default = 8
-o.rmempty = false
-
-end
-
--- [[ Access Control ]]--
-s = m:section(TypedSection, "access_control", translate("Access Control"))
-s.anonymous = true
-
--- Part of WAN
-s:tab("wan_ac", translate("Interfaces - WAN"))
-
-o = s:taboption("wan_ac", Value, "wan_bp_list", translate("Bypassed IP List"))
-o:value("/dev/null", translate("NULL - As Global Proxy"))
-
-o.default = "/dev/null"
-o.rmempty = false
-
-o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("Bypassed IP"))
-o.datatype = "ip4addr"
-
-o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("Forwarded IP"))
-o.datatype = "ip4addr"
-
--- Part of LAN
-s:tab("lan_ac", translate("Interfaces - LAN"))
-
-o = s:taboption("lan_ac",ListValue, "router_proxy", translate("Router Proxy"))
-o:value("1", translatef("Normal Proxy"))
-o:value("0", translatef("Bypassed Proxy"))
-o:value("2", translatef("Forwarded Proxy"))
-o.rmempty = false
-
-o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("LAN Access Control"))
-o:value("0", translate("Disable"))
-o:value("w", translate("Allow listed only"))
-o:value("b", translate("Allow all except listed"))
-o.rmempty = false
-
-o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List"))
-o.datatype = "ipaddr"
-luci.ip.neighbors({ family = 4 }, function(entry)
-       if entry.reachable then
-               o:value(entry.dest:string())
-       end
-end)
-return m

package/lean/openwrt-ssr/files/luci/model/cbi/shadowsocksr/server-config.lua

@@ -1,108 +0,0 @@
--- Copyright (C) 2017 yushi studio <ywb94@qq.com>
--- Licensed to the public under the GNU General Public License v3.
-
-local m, s, o
-local shadowsocksr = "shadowsocksr"
-local sid = arg[1]
-
-local encrypt_methods = {
-	"table",
-	"rc4",
-	"rc4-md5",
-	"rc4-md5-6",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",	
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
-}
-
-local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
-}
-
-obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
-	"tls1.2_ticket_fastauth",
-}
-
-m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
-
-m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/server")
-if m.uci:get(shadowsocksr, sid) ~= "server_config" then
-	luci.http.redirect(m.redirect) 
-	return
-end
-
-
-
-
--- [[ Server Setting ]]--
-s = m:section(NamedSection, sid, "server_config")
-s.anonymous = true
-s.addremove   = false
-
-o = s:option(Flag, "enable", translate("Enable"))
-o.default = 1
-o.rmempty = false
-
-o = s:option(Value, "server", translate("Server Address"))
-o.datatype = "ipaddr"
-o.default = "0.0.0.0"
-o.rmempty = false
-
-o = s:option(Value, "server_port", translate("Server Port"))
-o.datatype = "port"
-o.default = 8388
-o.rmempty = false
-
-o = s:option(Value, "timeout", translate("Connection Timeout"))
-o.datatype = "uinteger"
-o.default = 60
-o.rmempty = false
-
-o = s:option(Value, "password", translate("Password"))
-o.password = true
-o.rmempty = false
-
-o = s:option(ListValue, "encrypt_method", translate("Encrypt Method"))
-for _, v in ipairs(encrypt_methods) do o:value(v) end
-o.rmempty = false
-
-o = s:option(ListValue, "protocol", translate("Protocol"))
-for _, v in ipairs(protocol) do o:value(v) end
-o.rmempty = false
-
-
-o = s:option(ListValue, "obfs", translate("Obfs"))
-for _, v in ipairs(obfs) do o:value(v) end
-o.rmempty = false
-
-o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
-
-o = s:option(Flag, "fast_open", translate("TCP Fast Open"))
-o.rmempty = false
-
-return m

package/lean/openwrt-ssr/files/luci/model/cbi/shadowsocksr/server.lua

@@ -1,122 +0,0 @@
--- Copyright (C) 2017 yushi studio <ywb94@qq.com>
--- Licensed to the public under the GNU General Public License v3.
-
-local m, sec, o
-local shadowsocksr = "shadowsocksr"
-local uci = luci.model.uci.cursor()
-local ipkg = require("luci.model.ipkg")
-
-
-m = Map(shadowsocksr, translate("ShadowSocksR Server"))
-
-local encrypt_methods = {
-	"table",
-	"rc4",
-	"rc4-md5",
-	"rc4-md5-6",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",	
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
-}
-
-local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
-}
-
-obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
-	"tls1.2_ticket_fastauth",
-}
-
-
-
-
-
--- [[ Global Setting ]]--
-sec = m:section(TypedSection, "server_global", translate("Global Setting"))
-sec.anonymous = true
-
-
-
-o = sec:option(Flag, "enable_server", translate("Enable Server"))
-o.rmempty = false
-
--- [[ Server Setting ]]--
-sec = m:section(TypedSection, "server_config", translate("Server Setting"))
-sec.anonymous = true
-sec.addremove = true
-sec.sortable = true
-sec.template = "cbi/tblsection"
-sec.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/server/%s")
-function sec.create(...)
-	local sid = TypedSection.create(...)
-	if sid then
-		luci.http.redirect(sec.extedit % sid)
-		return
-	end
-end
-
-o = sec:option(Flag, "enable", translate("Enable"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or translate("0")
-end
-o.rmempty = false
-
-o = sec:option(DummyValue, "server", translate("Server Address"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-o = sec:option(DummyValue, "server_port", translate("Server Port"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-
-o = sec:option(DummyValue, "encrypt_method", translate("Encrypt Method"))
-function o.cfgvalue(...)
-	local v = Value.cfgvalue(...)
-	return v and v:upper() or "?"
-end
-
-o = sec:option(DummyValue, "protocol", translate("Protocol"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-
-
-o = sec:option(DummyValue, "obfs", translate("Obfs"))
-function o.cfgvalue(...)
-	return Value.cfgvalue(...) or "?"
-end
-
-
-
-
-
-return m

package/lean/openwrt-ssr/files/luci/model/cbi/shadowsocksr/servers.lua

@@ -1,40 +0,0 @@
-
-
-local m, s, o
-local shadowsocksr = "shadowsocksr"
-
-local function has_bin(name)
-	return luci.sys.call("command -v %s >/dev/null" %{name}) == 0
-end
-
-m = Map(shadowsocksr, "%s - %s" %{translate("ShadowSocksR"), translate("Servers Manage")})
-
--- Server Subscribe
-if nixio.fs.access("/usr/share/shadowsocksr/subscribe.sh") and has_bin("base64") and has_bin("curl") and has_bin("bash") and has_bin("dig") then
-	s = m:section(TypedSection, "server_subscribe", translate("Server subscription"))
-	s.anonymous = true
-
-	o = s:option(Flag, "auto_update", translate("Auto Update"))
-	o.rmempty = false
-
-	o = s:option(Flag, "proxy", translate("Through proxy update"))
-	o.rmempty = false
-
-	o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
-	for t = 0,23 do
-	o:value(t, t..":00")
-	end
-	o.default=2
-	o.rmempty = false
-
-	o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL"))
-	o.rmempty = true
-
-	o = s:option(Button,"update",translate("Update"))
-	o.write = function()
-	luci.sys.call("/usr/share/shadowsocksr/subscribe.sh >/dev/null 2>&1")
-	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
-	end
-end
-
-return m

package/lean/openwrt-ssr/files/luci/model/cbi/shadowsocksr/status.lua

@@ -1,258 +0,0 @@
--- Copyright (C) 2017 yushi studio <ywb94@qq.com>
--- Licensed to the public under the GNU General Public License v3.
-
-local IPK_Version="3.1.0"
-local m, s, o
-local redir_run=0
-local reudp_run=0
-local sock5_run=0
--- local server_run=0
-local kcptun_run=0
-local tunnel_run=0
-local udp2raw_run=0
-local udpspeeder_run=0
-local gfw_count=0
-local ad_count=0
-local ip_count=0
-local gfwmode=0
-
-if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
-gfwmode=1		
-end
-
-local shadowsocksr = "shadowsocksr"
--- html constants
-font_blue = [[<font color="blue">]]
-font_off = [[</font>]]
-bold_on  = [[<strong>]]
-bold_off = [[</strong>]]
-
-local fs = require "nixio.fs"
-local sys = require "luci.sys"
-local kcptun_version=translate("Unknown")
-local kcp_file="/usr/bin/ssr-kcptun"
-if not fs.access(kcp_file)  then
- kcptun_version=translate("Not exist")
-else
- if not fs.access(kcp_file, "rwx", "rx", "rx") then
-   fs.chmod(kcp_file, 755)
- end
- kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
- if not kcptun_version or kcptun_version == "" then
-     kcptun_version = translate("Unknown")
- end
-        
-end
-
-local udp2raw_version=translate("Unknown")
-local udp2raw_file="/usr/bin/udp2raw"
-if not fs.access(udp2raw_file) then
-	udp2raw_version=translate("Not exist")
-else
-	if not fs.access(udp2raw_file, "rwx", "rx", "rx") then
-		fs.chmod(udp2raw_file, 755)
-	end
-	udp2raw_version=sys.exec(udp2raw_file .. " -h |grep 'git version' |awk -F ':' '{print $2}'|awk '{print $1}'")
-	if not udp2raw_version or udp2raw_version == "" then
-		udp2raw_version = translate("Unknown")
-	end
-end
-
-local udpspeeder_version=translate("Unknown")
-local udpspeeder_file="/usr/bin/udpspeeder"
-if not fs.access(udpspeeder_file) then
-	udpspeeder_version=translate("Not exist")
-else
-	if not fs.access(udpspeeder_file, "rwx", "rx", "rx") then
-		fs.chmod(udpspeeder_file, 755)
-	end
-	udpspeeder_version=sys.exec(udpspeeder_file .. " -h |grep 'git version' |awk -F ':' '{print $2}'|awk '{print $1}'")
-	if not udpspeeder_version or udpspeeder_version == "" then
-		udpspeeder_version = translate("Unknown")
-	end
-end
-
-if gfwmode==1 then 
- gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
- if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-  ad_count=tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
- end
-end
- 
-if nixio.fs.access("/etc/china_ssr.txt") then 
- ip_count = sys.exec("cat /etc/china_ssr.txt | wc -l")
-end
-
-local icount=sys.exec("ps -w | grep ssr-reudp |grep -v grep| wc -l")
-if tonumber(icount)>0 then
-reudp_run=1
-else
-icount=sys.exec("ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
-if tonumber(icount)>0 then
-reudp_run=1
-end
-end
-
-
-if luci.sys.call("pidof ssr-redir >/dev/null") == 0 then
-redir_run=1
-end	
-
-if luci.sys.call("ps -w | grep ssr-local |grep -v grep >/dev/null") == 0 then
-sock5_run=1
-end	
-
-if luci.sys.call("pidof ssr-kcptun >/dev/null") == 0 then
-kcptun_run=1
-end	
-
--- if luci.sys.call("pidof ssr-server >/dev/null") == 0 then
--- server_run=1
--- end	
-
-if luci.sys.call("ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
-tunnel_run=1
-end	
-
-if luci.sys.call("pidof udp2raw >/dev/null") == 0 then
-udp2raw_run=1
-end
-
-if luci.sys.call("pidof udpspeeder >/dev/null") == 0 then
-udpspeeder_run=1
-end
-
-m = SimpleForm("Version", translate("Running Status"))
-m.reset = false
-m.submit = false
-
-s=m:field(DummyValue,"redir_run",translate("Global Client")) 
-s.rawhtml  = true
-if redir_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
--- s=m:field(DummyValue,"server_run",translate("Global SSR Server")) 
--- s.rawhtml  = true
--- if server_run == 1 then
--- s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
--- else
--- s.value = translate("Not Running")
--- end
-
-s=m:field(DummyValue,"reudp_run",translate("UDP Relay")) 
-s.rawhtml  = true
-if reudp_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"sock5_run",translate("SOCKS5 Proxy")) 
-s.rawhtml  = true
-if sock5_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"tunnel_run",translate("DNS Tunnel")) 
-s.rawhtml  = true
-if tunnel_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"kcptun_run",translate("KcpTun")) 
-s.rawhtml  = true
-if kcptun_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"udp2raw_run",translate("udp2raw")) 
-s.rawhtml  = true
-if udp2raw_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"udpspeeder_run",translate("UDPspeeder")) 
-s.rawhtml  = true
-if udpspeeder_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-
-s=m:field(DummyValue,"google",translate("Google Connectivity"))
-s.value = translate("No Check") 
-s.template = "shadowsocksr/check"
-
-s=m:field(DummyValue,"baidu",translate("Baidu Connectivity")) 
-s.value = translate("No Check") 
-s.template = "shadowsocksr/check"
-
-if gfwmode==1 then 
-s=m:field(DummyValue,"gfw_data",translate("GFW List Data")) 
-s.rawhtml  = true
-s.template = "shadowsocksr/refresh"
-s.value =tostring(math.ceil(gfw_count)) .. " " .. translate("Records")
-
-s=m:field(DummyValue,"ad_data",translate("Advertising Data")) 
-s.rawhtml  = true
-s.template = "shadowsocksr/refresh"
-s.value =tostring(math.ceil(ad_count)) .. " " .. translate("Records")
-end
-
-s=m:field(DummyValue,"ip_data",translate("China IP Data")) 
-s.rawhtml  = true
-s.template = "shadowsocksr/refresh"
-s.value =ip_count .. " " .. translate("Records")
-
-s=m:field(DummyValue,"check_port",translate("Check Server Port"))
-s.template = "shadowsocksr/checkport"
-s.value =translate("No Check")
-
-s=m:field(DummyValue,"version",translate("IPK Version")) 
-s.rawhtml  = true
-s.value =IPK_Version
-
-s=m:field(DummyValue,"ipk_project",translate("IPK Project")) 
-s.rawhtml  = true
-s.value =bold_on .. [[<a href="]] .. "https://github.com/ywb94/openwrt-ssr" .. [[" >]]
-	.. "https://github.com/ywb94/openwrt-ssr" .. [[</a>]] .. bold_off
-
-s=m:field(DummyValue,"kcp_version",translate("KcpTun Version")) 
-s.rawhtml  = true
-s.value =kcptun_version
-
-s=m:field(DummyValue,"kcptun_project",translate("Kcp Tun Project")) 
-s.rawhtml  = true
-s.value =bold_on .. [[<a href="]] .. "https://github.com/xtaci/kcptun" .. [[" >]]
-	.. "https://github.com/xtaci/kcptun" .. [[</a>]] .. bold_off
-
-s=m:field(DummyValue,"udp2raw_version",translate("udp2raw Version")) 
-s.rawhtml  = true
-s.value =udp2raw_version
-
-s=m:field(DummyValue,"udp2raw_project",translate("udp2raw tunnel Project")) 
-s.rawhtml  = true
-s.value =bold_on .. [[<a href="]] .. "https://github.com/wangyu-/udp2raw-tunnel" .. [[" >]]
-	.. "https://github.com/wangyu-/udp2raw-tunnel" .. [[</a>]] .. bold_off
-
-s=m:field(DummyValue,"udpspeeder_version",translate("UDPspeeder Version")) 
-s.rawhtml  = true
-s.value =udpspeeder_version
-
-s=m:field(DummyValue,"udpspeeder_project",translate("UDPspeeder Project")) 
-s.rawhtml  = true
-s.value =bold_on .. [[<a href="]] .. "https://github.com/wangyu-/UDPspeeder" .. [[" >]]
-	.. "https://github.com/wangyu-/UDPspeeder" .. [[</a>]] .. bold_off
-	
-return m

package/lean/openwrt-ssr/files/shadowsocksr.config

@@ -1,76 +0,0 @@
-
-config global
-	option global_server 'nil'
-	option monitor_enable '1'
-	option tunnel_enable '0'
-	option tunnel_port '5300'
-	option tunnel_forward '8.8.4.4:53'
-        option tunnel_address '0.0.0.0'
-	option pdnsd_enable '0'
-	option run_mode 'router'
-		
-config servers
-	option auth_enable '0'
-	option fast_open '0'
-	option server '127.0.0.1'
-	option server_port '8388'
-	option local_port '1234'
-	option password 'hello!!'
-	option timeout '60'
-	option encrypt_method 'rc4-md5'
-	option protocol 'origin'
-	option obfs 'plain'
-	option obfs_param ''
-	option kcp_enable '0'
-	option kcp_port '4000'
-	option kcp_password ''
-	option kcp_param '--nocomp'
-
-config socks5_proxy
-	option server 'nil'
-	option local_port '1080'
-	option local_address '0.0.0.0'
-
-config access_control
-	option lan_ac_mode '0'
-	option router_proxy '1'
-	option wan_bp_list '/etc/china_ssr.txt'
-
-config server_global
-	option enable_server '0'	
-
-config server_config
-	option server '0.0.0.0'
-	option server_port '8388'
-	option password 'hello!!'
-	option timeout '60'
-	option encrypt_method 'rc4-md5'
-	option protocol 'origin'
-	option obfs 'plain'
-	option obfs_param ''	
-	option fast_open '0'
-	option enable '1'
-
-config	server_subscribe
-	option auto_update '0'
-
-config udp2raw
-	option server '127.0.0.1'
-	option server_port '600'
-	option local_port '400'
-	option key 'passwd'
-	option raw_mode 'faketcp'
-	option seq_mode '3'
-	option cipher_mode 'xor'
-	option auth_mode 'simple'
-
-config udpspeeder
-	option server '127.0.0.1'
-	option server_port '400'
-	option local_port '500'
-	option key 'passwd'
-	option speeder_mode '0'
-	option fec '2:4'
-	option mtu '1250'
-	option queue_len '1'
-	option timeout '8'

package/lean/openwrt-ssr/tools/po2lmo/Makefile

@@ -1,12 +0,0 @@
-
-INSTALL = install
-PREFIX  = /usr/bin
-
-po2lmo: src/po2lmo.o src/template_lmo.o
-	$(CC) -o src/po2lmo src/po2lmo.o src/template_lmo.o
-
-install:
-	$(INSTALL) -m 755 src/po2lmo $(PREFIX)
-
-clean:
-	$(RM) src/po2lmo src/*.o

package/lean/openwrt-ssr/tools/po2lmo/src/po2lmo.c

@@ -1,247 +0,0 @@
-/*
- * lmo - Lua Machine Objects - PO to LMO conversion tool
- *
- *   Copyright (C) 2009-2012 Jo-Philipp Wich <xm@subsignal.org>
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "template_lmo.h"
-
-static void die(const char *msg)
-{
-	fprintf(stderr, "Error: %s\n", msg);
-	exit(1);
-}
-
-static void usage(const char *name)
-{
-	fprintf(stderr, "Usage: %s input.po output.lmo\n", name);
-	exit(1);
-}
-
-static void print(const void *ptr, size_t size, size_t nmemb, FILE *stream)
-{
-	if( fwrite(ptr, size, nmemb, stream) == 0 )
-		die("Failed to write stdout");
-}
-
-static int extract_string(const char *src, char *dest, int len)
-{
-	int pos = 0;
-	int esc = 0;
-	int off = -1;
-
-	for( pos = 0; (pos < strlen(src)) && (pos < len); pos++ )
-	{
-		if( (off == -1) && (src[pos] == '"') )
-		{
-			off = pos + 1;
-		}
-		else if( off >= 0 )
-		{
-			if( esc == 1 )
-			{
-				switch (src[pos])
-				{
-				case '"':
-				case '\\':
-					off++;
-					break;
-				}
-				dest[pos-off] = src[pos];
-				esc = 0;
-			}
-			else if( src[pos] == '\\' )
-			{
-				dest[pos-off] = src[pos];
-				esc = 1;
-			}
-			else if( src[pos] != '"' )
-			{
-				dest[pos-off] = src[pos];
-			}
-			else
-			{
-				dest[pos-off] = '\0';
-				break;
-			}
-		}
-	}
-
-	return (off > -1) ? strlen(dest) : -1;
-}
-
-static int cmp_index(const void *a, const void *b)
-{
-	uint32_t x = ((const lmo_entry_t *)a)->key_id;
-	uint32_t y = ((const lmo_entry_t *)b)->key_id;
-
-	if (x < y)
-		return -1;
-	else if (x > y)
-		return 1;
-
-	return 0;
-}
-
-static void print_uint32(uint32_t x, FILE *out)
-{
-	uint32_t y = htonl(x);
-	print(&y, sizeof(uint32_t), 1, out);
-}
-
-static void print_index(void *array, int n, FILE *out)
-{
-	lmo_entry_t *e;
-
-	qsort(array, n, sizeof(*e), cmp_index);
-
-	for (e = array; n > 0; n--, e++)
-	{
-		print_uint32(e->key_id, out);
-		print_uint32(e->val_id, out);
-		print_uint32(e->offset, out);
-		print_uint32(e->length, out);
-	}
-}
-
-int main(int argc, char *argv[])
-{
-	char line[4096];
-	char key[4096];
-	char val[4096];
-	char tmp[4096];
-	int state  = 0;
-	int offset = 0;
-	int length = 0;
-	int n_entries = 0;
-	void *array = NULL;
-	lmo_entry_t *entry = NULL;
-	uint32_t key_id, val_id;
-
-	FILE *in;
-	FILE *out;
-
-	if( (argc != 3) || ((in = fopen(argv[1], "r")) == NULL) || ((out = fopen(argv[2], "w")) == NULL) )
-		usage(argv[0]);
-
-	memset(line, 0, sizeof(key));
-	memset(key, 0, sizeof(val));
-	memset(val, 0, sizeof(val));
-
-	while( (NULL != fgets(line, sizeof(line), in)) || (state >= 2 && feof(in)) )
-	{
-		if( state == 0 && strstr(line, "msgid \"") == line )
-		{
-			switch(extract_string(line, key, sizeof(key)))
-			{
-				case -1:
-					die("Syntax error in msgid");
-				case 0:
-					state = 1;
-					break;
-				default:
-					state = 2;
-			}
-		}
-		else if( state == 1 || state == 2 )
-		{
-			if( strstr(line, "msgstr \"") == line || state == 2 )
-			{
-				switch(extract_string(line, val, sizeof(val)))
-				{
-					case -1:
-						state = 4;
-						break;
-					default:
-						state = 3;
-				}
-			}
-			else
-			{
-				switch(extract_string(line, tmp, sizeof(tmp)))
-				{
-					case -1:
-						state = 2;
-						break;
-					default:
-						strcat(key, tmp);
-				}
-			}
-		}
-		else if( state == 3 )
-		{
-			switch(extract_string(line, tmp, sizeof(tmp)))
-			{
-				case -1:
-					state = 4;
-					break;
-				default:
-					strcat(val, tmp);
-			}
-		}
-
-		if( state == 4 )
-		{
-			if( strlen(key) > 0 && strlen(val) > 0 )
-			{
-				key_id = sfh_hash(key, strlen(key));
-				val_id = sfh_hash(val, strlen(val));
-
-				if( key_id != val_id )
-				{
-					n_entries++;
-					array = realloc(array, n_entries * sizeof(lmo_entry_t));
-					entry = (lmo_entry_t *)array + n_entries - 1;
-
-					if (!array)
-						die("Out of memory");
-
-					entry->key_id = key_id;
-					entry->val_id = val_id;
-					entry->offset = offset;
-					entry->length = strlen(val);
-
-					length = strlen(val) + ((4 - (strlen(val) % 4)) % 4);
-
-					print(val, length, 1, out);
-					offset += length;
-				}
-			}
-
-			state = 0;
-			memset(key, 0, sizeof(key));
-			memset(val, 0, sizeof(val));
-		}
-
-		memset(line, 0, sizeof(line));
-	}
-
-	print_index(array, n_entries, out);
-
-	if( offset > 0 )
-	{
-		print_uint32(offset, out);
-		fsync(fileno(out));
-		fclose(out);
-	}
-	else
-	{
-		fclose(out);
-		unlink(argv[2]);
-	}
-
-	fclose(in);
-	return(0);
-}

package/lean/openwrt-ssr/tools/po2lmo/src/template_lmo.c

@@ -1,328 +0,0 @@
-/*
- * lmo - Lua Machine Objects - Base functions
- *
- *   Copyright (C) 2009-2010 Jo-Philipp Wich <xm@subsignal.org>
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "template_lmo.h"
-
-/*
- * Hash function from http://www.azillionmonkeys.com/qed/hash.html
- * Copyright (C) 2004-2008 by Paul Hsieh
- */
-
-uint32_t sfh_hash(const char *data, int len)
-{
-	uint32_t hash = len, tmp;
-	int rem;
-
-	if (len <= 0 || data == NULL) return 0;
-
-	rem = len & 3;
-	len >>= 2;
-
-	/* Main loop */
-	for (;len > 0; len--) {
-		hash  += sfh_get16(data);
-		tmp    = (sfh_get16(data+2) << 11) ^ hash;
-		hash   = (hash << 16) ^ tmp;
-		data  += 2*sizeof(uint16_t);
-		hash  += hash >> 11;
-	}
-
-	/* Handle end cases */
-	switch (rem) {
-		case 3: hash += sfh_get16(data);
-			hash ^= hash << 16;
-			hash ^= data[sizeof(uint16_t)] << 18;
-			hash += hash >> 11;
-			break;
-		case 2: hash += sfh_get16(data);
-			hash ^= hash << 11;
-			hash += hash >> 17;
-			break;
-		case 1: hash += *data;
-			hash ^= hash << 10;
-			hash += hash >> 1;
-	}
-
-	/* Force "avalanching" of final 127 bits */
-	hash ^= hash << 3;
-	hash += hash >> 5;
-	hash ^= hash << 4;
-	hash += hash >> 17;
-	hash ^= hash << 25;
-	hash += hash >> 6;
-
-	return hash;
-}
-
-uint32_t lmo_canon_hash(const char *str, int len)
-{
-	char res[4096];
-	char *ptr, prev;
-	int off;
-
-	if (!str || len >= sizeof(res))
-		return 0;
-
-	for (prev = ' ', ptr = res, off = 0; off < len; prev = *str, off++, str++)
-	{
-		if (isspace(*str))
-		{
-			if (!isspace(prev))
-				*ptr++ = ' ';
-		}
-		else
-		{
-			*ptr++ = *str;
-		}
-	}
-
-	if ((ptr > res) && isspace(*(ptr-1)))
-		ptr--;
-
-	return sfh_hash(res, ptr - res);
-}
-
-lmo_archive_t * lmo_open(const char *file)
-{
-	int in = -1;
-	uint32_t idx_offset = 0;
-	struct stat s;
-
-	lmo_archive_t *ar = NULL;
-
-	if (stat(file, &s) == -1)
-		goto err;
-
-	if ((in = open(file, O_RDONLY)) == -1)
-		goto err;
-
-	if ((ar = (lmo_archive_t *)malloc(sizeof(*ar))) != NULL)
-	{
-		memset(ar, 0, sizeof(*ar));
-
-		ar->fd     = in;
-		ar->size = s.st_size;
-
-		fcntl(ar->fd, F_SETFD, fcntl(ar->fd, F_GETFD) | FD_CLOEXEC);
-
-		if ((ar->mmap = mmap(NULL, ar->size, PROT_READ, MAP_SHARED, ar->fd, 0)) == MAP_FAILED)
-			goto err;
-
-		idx_offset = ntohl(*((const uint32_t *)
-		                     (ar->mmap + ar->size - sizeof(uint32_t))));
-
-		if (idx_offset >= ar->size)
-			goto err;
-
-		ar->index  = (lmo_entry_t *)(ar->mmap + idx_offset);
-		ar->length = (ar->size - idx_offset - sizeof(uint32_t)) / sizeof(lmo_entry_t);
-		ar->end    = ar->mmap + ar->size;
-
-		return ar;
-	}
-
-err:
-	if (in > -1)
-		close(in);
-
-	if (ar != NULL)
-	{
-		if ((ar->mmap != NULL) && (ar->mmap != MAP_FAILED))
-			munmap(ar->mmap, ar->size);
-
-		free(ar);
-	}
-
-	return NULL;
-}
-
-void lmo_close(lmo_archive_t *ar)
-{
-	if (ar != NULL)
-	{
-		if ((ar->mmap != NULL) && (ar->mmap != MAP_FAILED))
-			munmap(ar->mmap, ar->size);
-
-		close(ar->fd);
-		free(ar);
-
-		ar = NULL;
-	}
-}
-
-
-lmo_catalog_t *_lmo_catalogs = NULL;
-lmo_catalog_t *_lmo_active_catalog = NULL;
-
-int lmo_load_catalog(const char *lang, const char *dir)
-{
-	DIR *dh = NULL;
-	char pattern[16];
-	char path[PATH_MAX];
-	struct dirent *de = NULL;
-
-	lmo_archive_t *ar = NULL;
-	lmo_catalog_t *cat = NULL;
-
-	if (!lmo_change_catalog(lang))
-		return 0;
-
-	if (!dir || !(dh = opendir(dir)))
-		goto err;
-
-	if (!(cat = malloc(sizeof(*cat))))
-		goto err;
-
-	memset(cat, 0, sizeof(*cat));
-
-	snprintf(cat->lang, sizeof(cat->lang), "%s", lang);
-	snprintf(pattern, sizeof(pattern), "*.%s.lmo", lang);
-
-	while ((de = readdir(dh)) != NULL)
-	{
-		if (!fnmatch(pattern, de->d_name, 0))
-		{
-			snprintf(path, sizeof(path), "%s/%s", dir, de->d_name);
-			ar = lmo_open(path);
-
-			if (ar)
-			{
-				ar->next = cat->archives;
-				cat->archives = ar;
-			}
-		}
-	}
-
-	closedir(dh);
-
-	cat->next = _lmo_catalogs;
-	_lmo_catalogs = cat;
-
-	if (!_lmo_active_catalog)
-		_lmo_active_catalog = cat;
-
-	return 0;
-
-err:
-	if (dh) closedir(dh);
-	if (cat) free(cat);
-
-	return -1;
-}
-
-int lmo_change_catalog(const char *lang)
-{
-	lmo_catalog_t *cat;
-
-	for (cat = _lmo_catalogs; cat; cat = cat->next)
-	{
-		if (!strncmp(cat->lang, lang, sizeof(cat->lang)))
-		{
-			_lmo_active_catalog = cat;
-			return 0;
-		}
-	}
-
-	return -1;
-}
-
-static lmo_entry_t * lmo_find_entry(lmo_archive_t *ar, uint32_t hash)
-{
-	unsigned int m, l, r;
-	uint32_t k;
-
-	l = 0;
-	r = ar->length - 1;
-
-	while (1)
-	{
-		m = l + ((r - l) / 2);
-
-		if (r < l)
-			break;
-
-		k = ntohl(ar->index[m].key_id);
-
-		if (k == hash)
-			return &ar->index[m];
-
-		if (k > hash)
-		{
-			if (!m)
-				break;
-
-			r = m - 1;
-		}
-		else
-		{
-			l = m + 1;
-		}
-	}
-
-	return NULL;
-}
-
-int lmo_translate(const char *key, int keylen, char **out, int *outlen)
-{
-	uint32_t hash;
-	lmo_entry_t *e;
-	lmo_archive_t *ar;
-
-	if (!key || !_lmo_active_catalog)
-		return -2;
-
-	hash = lmo_canon_hash(key, keylen);
-
-	for (ar = _lmo_active_catalog->archives; ar; ar = ar->next)
-	{
-		if ((e = lmo_find_entry(ar, hash)) != NULL)
-		{
-			*out = ar->mmap + ntohl(e->offset);
-			*outlen = ntohl(e->length);
-			return 0;
-		}
-	}
-
-	return -1;
-}
-
-void lmo_close_catalog(const char *lang)
-{
-	lmo_archive_t *ar, *next;
-	lmo_catalog_t *cat, *prev;
-
-	for (prev = NULL, cat = _lmo_catalogs; cat; prev = cat, cat = cat->next)
-	{
-		if (!strncmp(cat->lang, lang, sizeof(cat->lang)))
-		{
-			if (prev)
-				prev->next = cat->next;
-			else
-				_lmo_catalogs = cat->next;
-
-			for (ar = cat->archives; ar; ar = next)
-			{
-				next = ar->next;
-				lmo_close(ar);
-			}
-
-			free(cat);
-			break;
-		}
-	}
-}

package/lean/openwrt-ssr/tools/po2lmo/src/template_lmo.h

@@ -1,92 +0,0 @@
-/*
- * lmo - Lua Machine Objects - General header
- *
- *   Copyright (C) 2009-2012 Jo-Philipp Wich <xm@subsignal.org>
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef _TEMPLATE_LMO_H_
-#define _TEMPLATE_LMO_H_
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <stdint.h>
-#include <string.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <sys/mman.h>
-#include <arpa/inet.h>
-#include <unistd.h>
-#include <errno.h>
-#include <fnmatch.h>
-#include <dirent.h>
-#include <ctype.h>
-#include <limits.h>
-
-#if (defined(__GNUC__) && defined(__i386__))
-#define sfh_get16(d) (*((const uint16_t *) (d)))
-#else
-#define sfh_get16(d) ((((uint32_t)(((const uint8_t *)(d))[1])) << 8)\
-					   +(uint32_t)(((const uint8_t *)(d))[0]) )
-#endif
-
-
-struct lmo_entry {
-	uint32_t key_id;
-	uint32_t val_id;
-	uint32_t offset;
-	uint32_t length;
-} __attribute__((packed));
-
-typedef struct lmo_entry lmo_entry_t;
-
-
-struct lmo_archive {
-	int         fd;
-	int	        length;
-	uint32_t    size;
-	lmo_entry_t *index;
-	char        *mmap;
-	char		*end;
-	struct lmo_archive *next;
-};
-
-typedef struct lmo_archive lmo_archive_t;
-
-
-struct lmo_catalog {
-	char lang[6];
-	struct lmo_archive *archives;
-	struct lmo_catalog *next;
-};
-
-typedef struct lmo_catalog lmo_catalog_t;
-
-
-uint32_t sfh_hash(const char *data, int len);
-uint32_t lmo_canon_hash(const char *data, int len);
-
-lmo_archive_t * lmo_open(const char *file);
-void lmo_close(lmo_archive_t *ar);
-
-
-extern lmo_catalog_t *_lmo_catalogs;
-extern lmo_catalog_t *_lmo_active_catalog;
-
-int lmo_load_catalog(const char *lang, const char *dir);
-int lmo_change_catalog(const char *lang);
-int lmo_translate(const char *key, int keylen, char **out, int *outlen);
-void lmo_close_catalog(const char *lang);
-
-#endif

package/lean/shadowsocksR-libev-full/Makefile

@@ -1,13 +1,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shadowsocksR-libev
-PKG_VERSION:=2.5.1
+PKG_VERSION:=3.0.9
 PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.gz
-PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev.git
+PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=bc1bbecc49ab5a9afb4ab7076f0d9359dc0493d1
+PKG_SOURCE_VERSION:=d4904568c0bd7e0861c0cbfeaa43740f404db214
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_MAINTAINER:=breakwa11
 
@@ -31,7 +31,7 @@ define Package/shadowsocksr-libev
   $(call Package/shadowsocksr-libev/Default)
   TITLE+= (OpenSSL)
   VARIANT:=openssl
-  DEPENDS:=+libopenssl +libpthread +libpcre
+  DEPENDS:=+libopenssl +libpthread +libpcre +zlib
 endef
 
 define Package/shadowsocksr-libev-alt
@@ -168,12 +168,13 @@ ifeq ($(BUILD_VARIANT),polarssl)
 endif
 
 define Package/shadowsocksr-libev/install
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/shadowsocksr $(1)/etc/init.d/shadowsocksr
-	$(INSTALL_CONF) ./files/shadowsocksr.json $(1)/etc/shadowsocksr.json
+	#$(INSTALL_DIR) $(1)/etc/init.d
+	#$(INSTALL_BIN) ./files/shadowsocksr $(1)/etc/init.d/shadowsocksr
+	#$(INSTALL_CONF) ./files/shadowsocksr.json $(1)/etc/shadowsocksr.json
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
 	$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
 endef
 

target/linux/x86/Makefile

@@ -13,7 +13,7 @@ FEATURES:=squashfs ext4 vdi vmdk pcmcia targz fpu
 SUBTARGETS:=generic legacy geode 64
 MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 
-KERNEL_PATCHVER:=4.14
+KERNEL_PATCHVER:=4.9
 
 KERNELNAME:=bzImage