From 7e690c0022bb3673b8924f2c28073fe1a7823af3 Mon Sep 17 00:00:00 2001 From: coolsnowwolf Date: Thu, 29 Nov 2018 12:16:32 +0800 Subject: [PATCH] luci ssr plus: add oversea run mode --- package/lean/luci-app-ssr-plus/Makefile | 2 +- .../luasrc/model/cbi/shadowsocksr/client.lua | 3 + .../luci-app-ssr-plus/po/zh-cn/ssr-plus.po | 3 + .../etc/dnsmasq.oversea/oversea_list.conf | 192 ++++++++++++++++++ .../root/etc/init.d/shadowsocksr | 16 +- .../luci-app-ssr-plus/root/usr/bin/ssr-rules | 57 ++++-- 6 files changed, 253 insertions(+), 20 deletions(-) create mode 100644 package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf diff --git a/package/lean/luci-app-ssr-plus/Makefile b/package/lean/luci-app-ssr-plus/Makefile index 31e98e9f8..3dd11b943 100644 --- a/package/lean/luci-app-ssr-plus/Makefile +++ b/package/lean/luci-app-ssr-plus/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-ssr-plus PKG_VERSION:=1 -PKG_RELEASE:=63 +PKG_RELEASE:=64 PO2LMO:=$(STAGING_DIR_HOSTPKG)/bin/po2lmo diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua index 7e2cb1de4..2d0e85443 100644 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua +++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua @@ -39,6 +39,7 @@ for k, v in pairs(server_table) do o:value(k, v) end o = s:option(ListValue, "run_mode", translate("Running Mode")) o:value("gfw", translate("GFW List Mode")) o:value("router", translate("IP Route Mode")) +o:value("oversea", translate("Oversea Mode")) o.default = gfw o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode")) @@ -58,6 +59,8 @@ o:value("4.2.2.2:53", translate("Level 3 Public DNS (4.2.2.2)")) o:value("4.2.2.3:53", translate("Level 3 Public DNS (4.2.2.3)")) o:value("4.2.2.4:53", translate("Level 3 Public DNS (4.2.2.4)")) o:value("1.1.1.1:53", translate("Cloudflare DNS (1.1.1.1)")) +o:value("114.114.114.114:53", translate("Oversea Mode DNS-1 (114.114.114.114)")) +o:value("114.114.115.115:53", translate("Oversea Mode DNS-2 (114.114.115.115)")) o:depends("pdnsd_enable", "1") return m diff --git a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po index 875c1c109..f0df2775a 100644 --- a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po +++ b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po @@ -226,6 +226,9 @@ msgstr "绕过中国大陆IP模式" msgid "GFW List Mode" msgstr "GFW列表模式" +msgid "Oversea Mode" +msgstr "海外用户回国模式" + msgid "Router Proxy" msgstr "路由器访问控制" diff --git a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf new file mode 100644 index 000000000..ae50fb90d --- /dev/null +++ b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf @@ -0,0 +1,192 @@ +server=/v.youku.com/127.0.0.1#5335 +server=/api.youku.com/127.0.0.1#5335 +server=/v2.tudou.com/127.0.0.1#5335 +server=/www.tudou.com/127.0.0.1#5335 +server=/s.plcloud.music.qq.com/127.0.0.1#5335 +server=/i.y.qq.com/127.0.0.1#5335 +server=/hot.vrs.sohu.com/127.0.0.1#5335 +server=/live.tv.sohu.com/127.0.0.1#5335 +server=/pad.tv.sohu.com/127.0.0.1#5335 +server=/my.tv.sohu.com/127.0.0.1#5335 +server=/hot.vrs.letv.com/127.0.0.1#5335 +server=/data.video.qiyi.com/127.0.0.1#5335 +server=/cache.video.qiyi.com/127.0.0.1#5335 +server=/cache.vip.qiyi.com/127.0.0.1#5335 +server=/vv.video.qq.com/127.0.0.1#5335 +server=/tt.video.qq.com/127.0.0.1#5335 +server=/ice.video.qq.com/127.0.0.1#5335 +server=/tjsa.video.qq.com/127.0.0.1#5335 +server=/a10.video.qq.com/127.0.0.1#5335 +server=/xyy.video.qq.com/127.0.0.1#5335 +server=/vcq.video.qq.com/127.0.0.1#5335 +server=/vsh.video.qq.com/127.0.0.1#5335 +server=/vbj.video.qq.com/127.0.0.1#5335 +server=/bobo.video.qq.com/127.0.0.1#5335 +server=/flvs.video.qq.com/127.0.0.1#5335 +server=/bkvv.video.qq.com/127.0.0.1#5335 +server=/info.zb.qq.com/127.0.0.1#5335 +server=/geo.js.kankan.xunlei.com/127.0.0.1#5335 +server=/web-play.pptv.com/127.0.0.1#5335 +server=/web-play.pplive.cn/127.0.0.1#5335 +server=/dyn.ugc.pps.tv/127.0.0.1#5335 +server=/v.pps.tv/127.0.0.1#5335 +server=/inner.kandian.com/127.0.0.1#5335 +server=/ipservice.163.com/127.0.0.1#5335 +server=/so.open.163.com/127.0.0.1#5335 +server=/zb.s.qq.com/127.0.0.1#5335 +server=/ip.kankan.xunlei.com/127.0.0.1#5335 +server=/vxml.56.com/127.0.0.1#5335 +server=/music.sina.com.cn/127.0.0.1#5335 +server=/play.baidu.com/127.0.0.1#5335 +server=/v.iask.com/127.0.0.1#5335 +server=/tv.weibo.com/127.0.0.1#5335 +server=/wtv.v.iask.com/127.0.0.1#5335 +server=/video.sina.com.cn/127.0.0.1#5335 +server=/www.yinyuetai.com/127.0.0.1#5335 +server=/api.letv.com/127.0.0.1#5335 +server=/live.gslb.letv.com/127.0.0.1#5335 +server=/static.itv.letv.com/127.0.0.1#5335 +server=/ip.apps.cntv.cn/127.0.0.1#5335 +server=/vdn.apps.cntv.cn/127.0.0.1#5335 +server=/vdn.live.cntv.cn/127.0.0.1#5335 +server=/vip.sports.cntv.cn/127.0.0.1#5335 +server=/a.play.api.3g.youku.com/127.0.0.1#5335 +server=/i.play.api.3g.youku.com/127.0.0.1#5335 +server=/api.3g.youku.com/127.0.0.1#5335 +server=/tv.api.3g.youku.com/127.0.0.1#5335 +server=/play.api.3g.youku.com/127.0.0.1#5335 +server=/play.api.3g.tudou.com/127.0.0.1#5335 +server=/tv.api.3g.tudou.com/127.0.0.1#5335 +server=/api.3g.tudou.com/127.0.0.1#5335 +server=/api.tv.sohu.com/127.0.0.1#5335 +server=/access.tv.sohu.com/127.0.0.1#5335 +server=/iface.iqiyi.com/127.0.0.1#5335 +server=/iface2.iqiyi.com/127.0.0.1#5335 +server=/cache.m.iqiyi.com/127.0.0.1#5335 +server=/dynamic.app.m.letv.com/127.0.0.1#5335 +server=/dynamic.meizi.app.m.letv.com/127.0.0.1#5335 +server=/dynamic.search.app.m.letv.com/127.0.0.1#5335 +server=/dynamic.live.app.m.letv.com/127.0.0.1#5335 +server=/listso.m.areainfo.ppstream.com/127.0.0.1#5335 +server=/epg.api.pptv.com/127.0.0.1#5335 +server=/play.api.pptv.com/127.0.0.1#5335 +server=/m.letv.com/127.0.0.1#5335 +server=/interface.bilibili.com/127.0.0.1#5335 +server=/3g.music.qq.com/127.0.0.1#5335 +server=/mqqplayer.3g.qq.com/127.0.0.1#5335 +server=/proxy.music.qq.com/127.0.0.1#5335 +server=/proxymc.qq.com/127.0.0.1#5335 +server=/ip2.kugou.com/127.0.0.1#5335 +server=/ip.kugou.com/127.0.0.1#5335 +server=/client.api.ttpod.com/127.0.0.1#5335 +server=/mobi.kuwo.cn/127.0.0.1#5335 +server=/mobilefeedback.kugou.com/127.0.0.1#5335 +server=/tingapi.ting.baidu.com/127.0.0.1#5335 +server=/music.baidu.com/127.0.0.1#5335 +server=/serviceinfo.sdk.duomi.com/127.0.0.1#5335 +server=/music.163.com/127.0.0.1#5335 +server=/www.xiami.com/127.0.0.1#5335 +server=/spark.api.xiami.com/127.0.0.1#5335 +server=/iplocation.geo.qiyi.com/127.0.0.1#5335 +server=/sns.video.qq.com/127.0.0.1#5335 +server=/v5.pc.duomi.com/127.0.0.1#5335 +server=/tms.is.ysten.com/127.0.0.1#5335 +server=/internal.check.duokanbox.com/127.0.0.1#5335 +server=/openapi.youku.com/127.0.0.1#5335 +server=/y.qq.com/127.0.0.1#5335 +ipset=/v.youku.com/oversea +ipset=/api.youku.com/oversea +ipset=/v2.tudou.com/oversea +ipset=/www.tudou.com/oversea +ipset=/s.plcloud.music.qq.com/oversea +ipset=/i.y.qq.com/oversea +ipset=/hot.vrs.sohu.com/oversea +ipset=/live.tv.sohu.com/oversea +ipset=/pad.tv.sohu.com/oversea +ipset=/my.tv.sohu.com/oversea +ipset=/hot.vrs.letv.com/oversea +ipset=/data.video.qiyi.com/oversea +ipset=/cache.video.qiyi.com/oversea +ipset=/cache.vip.qiyi.com/oversea +ipset=/vv.video.qq.com/oversea +ipset=/tt.video.qq.com/oversea +ipset=/ice.video.qq.com/oversea +ipset=/tjsa.video.qq.com/oversea +ipset=/a10.video.qq.com/oversea +ipset=/xyy.video.qq.com/oversea +ipset=/vcq.video.qq.com/oversea +ipset=/vsh.video.qq.com/oversea +ipset=/vbj.video.qq.com/oversea +ipset=/bobo.video.qq.com/oversea +ipset=/flvs.video.qq.com/oversea +ipset=/bkvv.video.qq.com/oversea +ipset=/info.zb.qq.com/oversea +ipset=/geo.js.kankan.xunlei.com/oversea +ipset=/web-play.pptv.com/oversea +ipset=/web-play.pplive.cn/oversea +ipset=/dyn.ugc.pps.tv/oversea +ipset=/v.pps.tv/oversea +ipset=/inner.kandian.com/oversea +ipset=/ipservice.163.com/oversea +ipset=/so.open.163.com/oversea +ipset=/zb.s.qq.com/oversea +ipset=/ip.kankan.xunlei.com/oversea +ipset=/vxml.56.com/oversea +ipset=/music.sina.com.cn/oversea +ipset=/play.baidu.com/oversea +ipset=/v.iask.com/oversea +ipset=/tv.weibo.com/oversea +ipset=/wtv.v.iask.com/oversea +ipset=/video.sina.com.cn/oversea +ipset=/www.yinyuetai.com/oversea +ipset=/api.letv.com/oversea +ipset=/live.gslb.letv.com/oversea +ipset=/static.itv.letv.com/oversea +ipset=/ip.apps.cntv.cn/oversea +ipset=/vdn.apps.cntv.cn/oversea +ipset=/vdn.live.cntv.cn/oversea +ipset=/vip.sports.cntv.cn/oversea +ipset=/a.play.api.3g.youku.com/oversea +ipset=/i.play.api.3g.youku.com/oversea +ipset=/api.3g.youku.com/oversea +ipset=/tv.api.3g.youku.com/oversea +ipset=/play.api.3g.youku.com/oversea +ipset=/play.api.3g.tudou.com/oversea +ipset=/tv.api.3g.tudou.com/oversea +ipset=/api.3g.tudou.com/oversea +ipset=/api.tv.sohu.com/oversea +ipset=/access.tv.sohu.com/oversea +ipset=/iface.iqiyi.com/oversea +ipset=/iface2.iqiyi.com/oversea +ipset=/cache.m.iqiyi.com/oversea +ipset=/dynamic.app.m.letv.com/oversea +ipset=/dynamic.meizi.app.m.letv.com/oversea +ipset=/dynamic.search.app.m.letv.com/oversea +ipset=/dynamic.live.app.m.letv.com/oversea +ipset=/listso.m.areainfo.ppstream.com/oversea +ipset=/epg.api.pptv.com/oversea +ipset=/play.api.pptv.com/oversea +ipset=/m.letv.com/oversea +ipset=/interface.bilibili.com/oversea +ipset=/3g.music.qq.com/oversea +ipset=/mqqplayer.3g.qq.com/oversea +ipset=/proxy.music.qq.com/oversea +ipset=/proxymc.qq.com/oversea +ipset=/ip2.kugou.com/oversea +ipset=/ip.kugou.com/oversea +ipset=/client.api.ttpod.com/oversea +ipset=/mobi.kuwo.cn/oversea +ipset=/mobilefeedback.kugou.com/oversea +ipset=/tingapi.ting.baidu.com/oversea +ipset=/music.baidu.com/oversea +ipset=/serviceinfo.sdk.duomi.com/oversea +ipset=/music.163.com/oversea +ipset=/www.xiami.com/oversea +ipset=/spark.api.xiami.com/oversea +ipset=/iplocation.geo.qiyi.com/oversea +ipset=/sns.video.qq.com/oversea +ipset=/v5.pc.duomi.com/oversea +ipset=/tms.is.ysten.com/oversea +ipset=/internal.check.duokanbox.com/oversea +ipset=/openapi.youku.com/oversea +ipset=/y.qq.com/oversea diff --git a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr index e42473885..8b4809513 100755 --- a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr +++ b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr @@ -176,6 +176,10 @@ start_rules() { local gfwmode="" if [ "$run_mode" = "gfw" ]; then gfwmode="-g" + elif [ "$run_mode" = "router" ]; then + gfwmode="-r" + elif [ "$run_mode" = "oversea" ]; then + gfwmode="-c" fi @@ -336,6 +340,8 @@ start_redir() { local dnsport=`echo "$dnsstr"|awk -F ':' '{print $2}'` if [ "$run_mode" = "gfw" ]; then ipset add gfwlist $dnsserver 2>/dev/null + elif [ "$run_mode" = "oversea" ]; then + ipset add oversea $dnsserver 2>/dev/null else ipset add ss_spec_wan_ac $dnsserver nomatch 2>/dev/null fi @@ -456,14 +462,18 @@ start() { fi if rules ;then start_redir - + + mkdir -p /tmp/dnsmasq.d if ! [ "$run_mode" = "oversea" ] ;then - mkdir -p /tmp/dnsmasq.d cat > /tmp/dnsmasq.d/dnsmasq-ssr.conf </dev/null 2>&1 + else + cat > /tmp/dnsmasq.d/dnsmasq-ssr.conf </dev/null 2>&1 fi start_server diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules index 50f5197d5..405507121 100755 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules +++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules @@ -2,7 +2,6 @@ # # Copyright (C) 2017 openwrt-ssr # Copyright (C) 2017 yushi studio -# Copyright (C) 2018 lean # # This is free software, licensed under the GNU General Public License v3. # See /LICENSE for more information. @@ -37,6 +36,7 @@ usage() { and ports for TCP and UDP -f flush the rules -g gfw list mode + -r return china mode -h show this help message and exit EOF exit $1 @@ -65,40 +65,48 @@ flush_r() { ipset -X ssr_gen_router 2>/dev/null ipset -X fplan 2>/dev/null ipset -X gmlan 2>/dev/null + ipset -X oversea 2>/dev/null [ -n "$FWI" ] && echo '#!/bin/sh' >$FWI return 0 } ipset_r() { - if [ -z "$GFWMODE" ] ;then + if [ "$RUNMODE" = "router" ] ;then ipset -! -R <<-EOF || return 1 create ss_spec_wan_ac hash:net $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") $(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done) EOF + ipset -N gfwlist hash:net 2>/dev/null $IPT -N SS_SPEC_WAN_AC - ipset -N fplan hash:net 2>/dev/null - for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done - $IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - else + + elif [ "$RUNMODE" = "gfw" ] ;then ipset -N gfwlist hash:net 2>/dev/null for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done $IPT -N SS_SPEC_WAN_AC - $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW - + $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW ipset -N gmlan hash:net 2>/dev/null for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done - $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW + $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN + + elif [ "$RUNMODE" = "oversea" ] ;then + ipset -N oversea hash:net 2>/dev/null + $IPT -N SS_SPEC_WAN_AC + ipset -N gmlan hash:net 2>/dev/null + for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done + $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set --match-set china dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set oversea dst -j SS_SPEC_WAN_FW + $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN + + fi ipset -N fplan hash:net 2>/dev/null for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done $IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW - - $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN - fi return $? } @@ -176,18 +184,29 @@ tp_rule() { $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN - if [ -z "$GFWMODE" ] ;then + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set fplan src \ + -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + + if [ "$RUNMODE" = "router" ] ;then $ipt -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - else + + elif [ "$RUNMODE" = "gfw" ] ;then $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gfwlist dst \ -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + + elif [ "$RUNMODE" = "oversea" ] ;then + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set --match-set china dst \ + -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 + $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set oversea dst \ + -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 fi $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \ -m comment --comment "$TAG" -j SS_SPEC_TPROXY + return $? } @@ -262,7 +281,7 @@ EOF return 0 } -while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgh" arg; do +while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgrch" arg; do case "$arg" in s) server=$OPTARG @@ -310,7 +329,13 @@ while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgh" arg; do TPROXY=2 ;; g) - GFWMODE=1 + RUNMODE=gfw + ;; + r) + RUNMODE=router + ;; + c) + RUNMODE=oversea ;; f) flush_r