luci-app-ssr-plus: Optimize and fix bugs (#3841)

2025-06-16 02:25:29 +08:00 · 2020-03-18 21:00:18 +08:00 · 2020-03-18 21:00:18 +08:00 · 830d3f946c
commit 830d3f946c
parent 033b0ec159
22 changed files with 637 additions and 19569 deletions
--- a/package/lean/luci-app-ssr-plus/Makefile
+++ b/package/lean/luci-app-ssr-plus/Makefile
@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=luci-app-ssr-plus
 PKG_VERSION:=170
-PKG_RELEASE:=3
+PKG_RELEASE:=4

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)

@ -77,9 +77,6 @@ define Package/$(PKG_NAME)/conffiles
 endef

 define Package/$(PKG_NAME)/install
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DATA) ./root/etc/china_ssr.txt $(1)/etc/china_ssr.txt
-
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_CONF) ./root/etc/config/shadowsocksr $(1)/etc/config/shadowsocksr
 	$(INSTALL_DATA) ./root/etc/config/*.list $(1)/etc/config/
@ -118,27 +115,14 @@ endef

 define Package/$(PKG_NAME)/postinst
 #!/bin/sh
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	( . /etc/uci-defaults/luci-ssr-plus ) && rm -f /etc/uci-defaults/luci-ssr-plus
-	rm -f /tmp/luci-indexcache
-	/etc/init.d/shadowsocksr enable >/dev/null 2>&1
-fi
-exit 0
-endef
-
-define Package/$(PKG_NAME)/prerm
-#!/bin/sh
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	/etc/init.d/shadowsocksr disable
-	/etc/init.d/shadowsocksr stop
-fi
-exit 0
+rm -rf /tmp/luci-modulecache/*
+rm -f /tmp/luci-indexcache
 endef

 define Package/$(PKG_NAME)/postrm
 #!/bin/sh
 rm -rf /etc/china_ssr.txt /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/config/shadowsocksr /etc/config/black.list \
-		/etc/config/gfw.list /etc/config/white.list >/dev/null 2>&1
+		/etc/config/gfw.list /etc/config/white.list /etc/config/netflix.list /etc/config/netflixip.list >/dev/null 2>&1
 exit 0
 endef

--- a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua
@ -70,136 +70,127 @@ function check_status()
 end

 function refresh_data()
-local set =luci.http.formvalue("set")
-local icount =0
-
-if set == "gfw_data" then
-	refresh_cmd="wget-ssl --no-check-certificate https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt -O /tmp/gfw.b64"
-	sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
-	if sret== 0 then
+	local set =luci.http.formvalue("set")
+	local uci = luci.model.uci.cursor()
+	local icount =0
+	if set == "gfw_data" then
+		refresh_cmd = "wget-ssl --no-check-certificate -O - https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt > /tmp/gfw.b64"
+		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
+		if sret == 0 then
 			luci.sys.call("/usr/bin/ssr-gfw")
 			icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l")
-	if tonumber(icount)>1000 then
-	oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
+			if tonumber(icount) > 1000 then
+				oldcount= l uci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
 				if tonumber(icount) ~= tonumber(oldcount) then
 					luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf")
 					luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf")
 					luci.sys.call("/etc/init.d/dnsmasq restart")
-		retstring=tostring(math.ceil(tonumber(icount)/2))
+					retstring = tostring(tonumber(icount)/2)
 				else
 					retstring ="0"
 				end
 			else
-	retstring ="-1"
+				retstring = "-1"
 			end
-	luci.sys.exec("rm -f /tmp/gfwnew.txt ")
-else
-	retstring ="-1"
-end
-elseif set == "ip_data" then
-	if (luci.model.uci.cursor():get_first('shadowsocksr', 'global', 'chnroute', '0') == '1') then
-		refresh_cmd="wget-ssl --no-check-certificate -O - " .. luci.model.uci.cursor():get_first('shadowsocksr', 'global', 'chnroute_url', 'https://ispip.clang.cn/all_cn.txt') .. ' > /tmp/china_ssr.txt 2>/dev/null'
+			luci.sys.exec("rm -f /tmp/gfwnew.txt")
 		else
-		refresh_cmd="wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest'  2>/dev/null| awk -F\\| '/CN\\|ipv4/ { printf(\"%s/%d\\n\", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt"
+			retstring = "-1"
 		end
-	sret=luci.sys.call(refresh_cmd)
+	elseif set == "ip_data" then
+		refresh_cmd = "wget-ssl --no-check-certificate -O - " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url', 'https://ispip.clang.cn/all_cn.txt') .. ' > /tmp/china_ssr.txt'
+		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
 		icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-	if sret== 0 and tonumber(icount)>1000 then
-		oldcount=luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
+		if sret == 0 and tonumber(icount) > 1000 then
+			oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
 			if tonumber(icount) ~= tonumber(oldcount) then
 				luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt")
-			retstring=tostring(tonumber(icount))
+				luci.sys.exec("/etc/init.d/shadowsocksr restart &")
+				retstring = tostring(tonumber(icount))
 			else
-			retstring ="0"
+				retstring = "0"
 			end
 		else
-		retstring ="-1"
+			retstring = "-1"
 		end
-	luci.sys.exec("rm -f /tmp/china_ssr.txt ")
-elseif set == "nfip_data" then
-  if (luci.model.uci.cursor():get_first('shadowsocksr', 'global', 'netflix', '0') == '1') then
-    refresh_cmd="wget-ssl --no-check-certificate -O - ".. luci.model.uci.cursor():get_first('shadowsocksr', 'global', 'nfip_url', 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list"
-	else
-    refresh_cmd="wget-ssl --no-check-certificate -O - https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt > /tmp/netflixip.list"
-	end
-	sret=luci.sys.call(refresh_cmd)
+		luci.sys.exec("rm -f /tmp/china_ssr.txt")
+	elseif set == "nfip_data" then
+		refresh_cmd = "wget-ssl --no-check-certificate -O - ".. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list"
+		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
 		icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l")
-	if sret== 0 and tonumber(icount)>1 then
-		oldcount=luci.sys.exec("cat /etc/config/netflixip.list | wc -l")
+		if sret == 0 and tonumber(icount) > 5 then
+			oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l")
 			if tonumber(icount) ~= tonumber(oldcount) then
 				luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list")
 				luci.sys.exec("/etc/init.d/shadowsocksr restart &")
-			retstring=tostring(tonumber(icount))
+				retstring = tostring(tonumber(icount))
 			else
-			retstring ="0"
+				retstring = "0"
 			end
 		else
-		retstring ="-1"
+			retstring = "-1"
 		end
-	luci.sys.exec("rm -f /tmp/netflixip.list ")
-else
-if nixio.fs.access("/usr/bin/wget-ssl") then
-	refresh_cmd="wget-ssl --no-check-certificate -O - ".. luci.model.uci.cursor():get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf"
-end
-sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
-if sret== 0 then
+		luci.sys.exec("rm -f /tmp/netflixip.list")
+	else
+		refresh_cmd = "wget-ssl --no-check-certificate -O - ".. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf"
+		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
+		if sret== 0 then
 			luci.sys.call("/usr/bin/ssr-ad")
 			icount = luci.sys.exec("cat /tmp/ad.conf | wc -l")
-	if tonumber(icount)>1000 then
+			if tonumber(icount) > 100 then
 				if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-		oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
+					oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
 				else
-		oldcount=0
+					oldcount = "0"
 				end
 				if tonumber(icount) ~= tonumber(oldcount) then
 					luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf")
 					luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf")
 					luci.sys.call("/etc/init.d/dnsmasq restart")
-		retstring=tostring(math.ceil(tonumber(icount)))
+					retstring = tostring(tonumber(icount))
 				else
-		retstring ="0"
+					retstring = "0"
 				end
 			else
-	retstring ="-1"
+				retstring = "-1"
 			end
 			luci.sys.exec("rm -f /tmp/ad.conf")
-else
-	retstring ="-1"
-end
-end
-luci.http.prepare_content("application/json")
-luci.http.write_json({ ret=retstring ,retcount=icount})
+		else
+			retstring = "-1"
+		end
+	end
+	luci.http.prepare_content("application/json")
+	luci.http.write_json({ret=retstring,retcount=icount})
 end

 function check_port()
-local set=""
-local retstring="<br /><br />"
-local s
-local server_name = ""
-local shadowsocksr = "shadowsocksr"
-local uci = luci.model.uci.cursor()
-local iret=1
-uci:foreach(shadowsocksr, "servers", function(s)
+	local set = ""
+	local retstring="<br /><br />"
+	local s
+	local server_name = ""
+	local shadowsocksr = "shadowsocksr"
+	local uci = luci.model.uci.cursor()
+	local iret = 1
+	uci:foreach(shadowsocksr, "servers", function(s)
 		if s.alias then
-		server_name=s.alias
+			server_name = s.alias
 		elseif s.server and s.server_port then
-		server_name= "%s:%s" %{s.server, s.server_port}
+			server_name = "%s:%s" %{s.server, s.server_port}
 		end
-	iret=luci.sys.call(" ipset add ss_spec_wan_ac " .. s.server .. " 2>/dev/null")
+		iret = luci.sys.call(" ipset add ss_spec_wan_ac " .. s.server .. " 2>/dev/null")
 		socket = nixio.socket("inet", "stream")
 		socket:setopt("socket", "rcvtimeo", 3)
 		socket:setopt("socket", "sndtimeo", 3)
-	ret=socket:connect(s.server,s.server_port)
+		ret = socket:connect(s.server,s.server_port)
 		if tostring(ret) == "true" then
 			socket:close()
-	retstring =retstring .. "<font color='green'>[" .. server_name .. "] OK.</font><br />"
+			retstring = retstring .. "<font color='green'>[" .. server_name .. "] OK.</font><br />"
 		else
-	retstring =retstring .. "<font color='red'>[" .. server_name .. "] Error.</font><br />"
+			retstring = retstring .. "<font color='red'>[" .. server_name .. "] Error.</font><br />"
 		end
-	if  iret== 0 then
+		if iret == 0 then
 			luci.sys.call(" ipset del ss_spec_wan_ac " .. s.server)
 		end
-end)
-luci.http.prepare_content("application/json")
-luci.http.write_json({ ret=retstring })
+	end)
+	luci.http.prepare_content("application/json")
+	luci.http.write_json({ret=retstring})
 end
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua
@ -1,4 +1,3 @@
-
 m = Map("shadowsocksr")
 -- [[ global ]]--
 s = m:section(TypedSection, "global", translate("Server failsafe auto swith and custom update settings"))
@ -27,12 +26,8 @@ o.datatype = "uinteger"
 o:depends("enable_switch", "1")
 o.default = 3

-o = s:option(Flag, "chnroute", translate("Enable Custom Chnroute"))
-o.rmempty = false
-
 o = s:option(Value, "chnroute_url", translate("Chnroute Update url"))
 o.default = "https://ispip.clang.cn/all_cn.txt"
-o:depends("chnroute", "1")

 o = s:option(Flag, "adblock", translate("Enable adblock"))
 o.rmempty = false
@ -42,46 +37,42 @@ o.default = "https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-
 o:depends("adblock", "1")
 o.description = translate("Support AdGuardHome and DNSMASQ format list")

-o = s:option(Flag, "netflix", translate("Enable Custom Netflix IP Url"))
-o.rmempty = false
-
 o = s:option(Value, "nfip_url", translate("nfip_url"))
 o.default = "https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"
-o:depends("netflix", "1")
 o.description = translate("Customize Netflix IP Url")

 -- [[ SOCKS Proxy ]]--
 if nixio.fs.access("/usr/bin/microsocks") then
-s = m:section(TypedSection, "socks5_proxy", translate("SOCKS5 Proxy Server Settings"))
-s.anonymous = true
+	s = m:section(TypedSection, "socks5_proxy", translate("SOCKS5 Proxy Server Settings"))
+	s.anonymous = true
 	
-o = s:option(Flag, "socks", translate("Enable SOCKS5 Proxy Server"))
-o.rmempty = false
+	o = s:option(Flag, "socks", translate("Enable SOCKS5 Proxy Server"))
+	o.rmempty = false
 	
-o = s:option(Value, "local_port", translate("Local Port"))
-o.datatype = "port"
-o.default = 10800
-o.rmempty = true
-o:depends("socks", "1")
+	o = s:option(Value, "local_port", translate("Local Port"))
+	o.datatype = "port"
+	o.default = 10800
+	o.rmempty = true
+	o:depends("socks", "1")
 	
-o = s:option(Flag, "auth_enable", translate("Enable Authentication"))
-o.rmempty = false
-o.default = "0"
-o:depends("socks", "1")
+	o = s:option(Flag, "auth_enable", translate("Enable Authentication"))
+	o.rmempty = false
+	o.default = "0"
+	o:depends("socks", "1")
 	
-o = s:option(Value, "username", translate("Username"))
-o.default = "username"
-o:depends("auth_enable", "1")
+	o = s:option(Value, "username", translate("Username"))
+	o.default = "username"
+	o:depends("auth_enable", "1")
 	
-o = s:option(Value, "password", translate("Password"))
-o.password = true
-o.default = "password"
-o:depends("auth_enable", "1")
+	o = s:option(Value, "password", translate("Password"))
+	o.password = true
+	o.default = "password"
+	o:depends("auth_enable", "1")
 	
-o = s:option(Flag, "wan_enable", translate("Enable WAN Access"))
-o.rmempty = true
-o.default = "0"
-o:depends("auth_enable", "1")
+	o = s:option(Flag, "wan_enable", translate("Enable WAN Access"))
+	o.rmempty = true
+	o.default = "0"
+	o:depends("auth_enable", "1")
 	
 end
 return m
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
@ -14,92 +14,90 @@ local function isKcptun(file)
 	if not fs.access(file, "rwx", "rx", "rx") then
 		fs.chmod(file, 755)
 	end
-
 	local str = sys.exec(file .. " -v | awk '{printf $1}'")
 	return (str:lower() == "kcptun")
 end

-
 local server_table = {}
 local encrypt_methods = {
-	"none",
-	"table",
-	"rc4",
-	"rc4-md5-6",
-	"rc4-md5",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"none",
+"table",
+"rc4",
+"rc4-md5-6",
+"rc4-md5",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local encrypt_methods_ss = {
-	-- aead
-	"aes-128-gcm",
-	"aes-192-gcm",
-	"aes-256-gcm",
-	"chacha20-ietf-poly1305",
-	"xchacha20-ietf-poly1305",
-	-- stream
-	"table",
-	"rc4",
-	"rc4-md5",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+-- aead
+"aes-128-gcm",
+"aes-192-gcm",
+"aes-256-gcm",
+"chacha20-ietf-poly1305",
+"xchacha20-ietf-poly1305",
+-- stream
+"table",
+"rc4",
+"rc4-md5",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
-	"auth_chain_b",
-	"auth_chain_c",
-	"auth_chain_d",
-	"auth_chain_e",
-	"auth_chain_f",
+"origin",
+"verify_deflate",
+"auth_sha1_v4",
+"auth_aes128_sha1",
+"auth_aes128_md5",
+"auth_chain_a",
+"auth_chain_b",
+"auth_chain_c",
+"auth_chain_d",
+"auth_chain_e",
+"auth_chain_f",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
+"plain",
+"http_simple",
+"http_post",
+"random_head",
+"tls1.2_ticket_auth",
 }

 local securitys = {
-	"auto",
-	"none",
-	"aes-128-gcm",
-	"chacha20-poly1305"
+"auto",
+"none",
+"aes-128-gcm",
+"chacha20-poly1305"
 }


@ -123,17 +121,17 @@ o.value =sid
 o = s:option(ListValue, "type", translate("Server Node Type"))
 o:value("ssr", translate("ShadowsocksR"))
 if nixio.fs.access("/usr/bin/ss-redir") then
-o:value("ss", translate("Shadowsocks New Version"))
+	o:value("ss", translate("Shadowsocks New Version"))
 end
 if nixio.fs.access("/usr/bin/v2ray/v2ray") or nixio.fs.access("/usr/bin/v2ray") then
-o:value("v2ray", translate("V2Ray"))
+	o:value("v2ray", translate("V2Ray"))
 end
 if nixio.fs.access("/usr/sbin/trojan") then
-o:value("trojan", translate("Trojan"))
+	o:value("trojan", translate("Trojan"))
 end
 if nixio.fs.access("/usr/sbin/redsocks2") then
-o:value("socks5", translate("Socks5"))
-o:value("tun", translate("Network Tunnel"))
+	o:value("socks5", translate("Socks5"))
+	o:value("tun", translate("Network Tunnel"))
 end
 o.description = translate("Using incorrect encryption mothod may causes service fail to start")

@ -410,7 +408,7 @@ cert_dir = "/etc/ssl/private/"
 local path

 http.setfilehandler(
-    function(meta, chunk, eof)
+function(meta, chunk, eof)
 	if not fd then
 		if (not meta) or (not meta.name) or (not meta.file) then return end
 		fd = nixio.open(cert_dir .. meta.file, "w")
@ -427,8 +425,8 @@ http.setfilehandler(
 		fd = nil
 		path = '/etc/ssl/private/' .. meta.file .. ''
 	end
-    end
-    )
+end
+)
 if luci.http.formvalue("upload") then
 	local f = luci.http.formvalue("ulfile")
 	if #f <= 0 then
@ -460,16 +458,16 @@ o.rmempty = false

 if nixio.fs.access("/usr/bin/kcptun-client") then
 	
-kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
-kcp_enable.rmempty = true
-kcp_enable.default = "0"
-kcp_enable:depends("type", "ssr")
-kcp_enable:depends("type", "ss")
+	kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
+	kcp_enable.rmempty = true
+	kcp_enable.default = "0"
+	kcp_enable:depends("type", "ssr")
+	kcp_enable:depends("type", "ss")
 	
-o = s:option(Value, "kcp_port", translate("KcpTun Port"))
-o.datatype = "port"
-o.default = 4000
-function o.validate(self, value, section)
+	o = s:option(Value, "kcp_port", translate("KcpTun Port"))
+	o.datatype = "port"
+	o.default = 4000
+	function o.validate(self, value, section)
 		local kcp_file="/usr/bin/kcptun-client"
 		local enable = kcp_enable:formvalue(section) or kcp_enable.disabled
 		if enable == kcp_enable.enabled then
@ -481,19 +479,19 @@ function o.validate(self, value, section)
 		end
 		
 		return value
-end
-o:depends("type", "ssr")
-o:depends("type", "ss")
+	end
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
 	
-o = s:option(Value, "kcp_password", translate("KcpTun Password"))
-o.password = true
-o:depends("type", "ssr")
-o:depends("type", "ss")
+	o = s:option(Value, "kcp_password", translate("KcpTun Password"))
+	o.password = true
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
 	
-o = s:option(Value, "kcp_param", translate("KcpTun Param"))
-o.default = "--nocomp"
-o:depends("type", "ssr")
-o:depends("type", "ss")
+	o = s:option(Value, "kcp_param", translate("KcpTun Param"))
+	o.default = "--nocomp"
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
 	
 end

--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua
@ -5,12 +5,12 @@ t = f:field(TextValue, "conf")
 t.rmempty = true
 t.rows = 20
 function t.cfgvalue()
-local logs = luci.util.execi("cat /tmp/ssrplus.log")
-local s = ""
-for line in logs do
-s = line .. "\n" .. s
-end
-return s
+	local logs = luci.util.execi("cat /tmp/ssrplus.log")
+	local s = ""
+	for line in logs do
+		s = line .. "\n" .. s
+	end
+	return s
 end
 t.readonly="readonly"

--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
@ -6,38 +6,38 @@ local shadowsocksr = "shadowsocksr"
 local sid = arg[1]

 local encrypt_methods = {
-	"rc4-md5",
-	"rc4-md5-6",
-	"rc4",
-	"table",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"rc4-md5",
+"rc4-md5-6",
+"rc4",
+"table",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
+"origin",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
+"plain",
+"http_simple",
+"http_post",
 }

 m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
@ -9,46 +9,46 @@ local uci = luci.model.uci.cursor()
 m = Map(shadowsocksr, translate("ShadowSocksR Server"))

 local encrypt_methods = {
-	"table",
-	"rc4",
-	"rc4-md5",
-	"rc4-md5-6",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"table",
+"rc4",
+"rc4-md5",
+"rc4-md5-6",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
+"origin",
+"verify_deflate",
+"auth_sha1_v4",
+"auth_aes128_sha1",
+"auth_aes128_md5",
+"auth_chain_a",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
-	"tls1.2_ticket_fastauth",
+"plain",
+"http_simple",
+"http_post",
+"random_head",
+"tls1.2_ticket_auth",
+"tls1.2_ticket_fastauth",
 }

 -- [[ Global Setting ]]--
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua
@ -12,8 +12,6 @@ end)
 local fs  = require "nixio.fs"
 local sys = require "luci.sys"

-local ucic = luci.model.uci.cursor()
-
 m = Map(shadowsocksr,  translate("Servers subscription and manage"))

 -- Server Subscribe
@ -28,7 +26,7 @@ o.description = translate("Auto Update Server subscription, GFW list and CHN rou

 o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
 for t = 0,23 do
-o:value(t, t..":00")
+	o:value(t, t..":00")
 end
 o.default=2
 o.rmempty = false
@ -61,18 +59,18 @@ o = s:option(Button,"delete",translate("Delete All Subscribe Severs"))
 o.inputstyle = "reset"
 o.description = string.format(translate("Server Count") ..  ": %d", server_count)
 o.write = function()
-uci:delete_all("shadowsocksr", "servers", function(s)
+	uci:delete_all("shadowsocksr", "servers", function(s)
 		if s.hashkey or s.isSubscribe then
 			return true
 		else
 			return false
 		end
-end)
-uci:save("shadowsocksr") 
-uci:commit("shadowsocksr")
-luci.sys.exec("/etc/init.d/shadowsocksr restart")
-luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
-return
+	end)
+	uci:save("shadowsocksr")
+	uci:commit("shadowsocksr")
+	luci.sys.exec("/etc/init.d/shadowsocksr restart")
+	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
+	return
 end

 -- [[ Servers Manage ]]--
@ -117,9 +115,9 @@ o.width="10%"
 node = s:option(Button,"apply_node",translate("Apply"))
 node.inputstyle = "apply"
 node.write = function(self, section)
-  ucic:set("shadowsocksr", '@global[0]', 'global_server', section)
-  ucic:save("shadowsocksr") 
-  ucic:commit("shadowsocksr")
+	uci:set("shadowsocksr", '@global[0]', 'global_server', section)
+	uci:save("shadowsocksr")
+	uci:commit("shadowsocksr")
 	luci.sys.exec("/etc/init.d/shadowsocksr restart")
 	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client"))
 end
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua
@ -1,7 +1,6 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.

-local IPK_Version="3.0.9"
 local m, s, o
 local redir_run=0
 local reudp_run=0
@ -9,13 +8,11 @@ local sock5_run=0
 local server_run=0
 local kcptun_run=0
 local tunnel_run=0
-local udp2raw_run=0
-local udpspeeder_run=0
 local gfw_count=0
 local ad_count=0
 local ip_count=0
 local nfip_count=0
-local ucic = luci.model.uci.cursor()
+local uci = luci.model.uci.cursor()
 local shadowsocksr = "shadowsocksr"
 -- html constants
 font_blue = [[<font color="green">]]
@ -28,66 +25,66 @@ local sys = require "luci.sys"
 local kcptun_version=translate("Unknown")
 local kcp_file="/usr/bin/kcptun-client"
 if not fs.access(kcp_file)  then
-kcptun_version=translate("Not exist")
+	kcptun_version=translate("Not exist")
 else
-if not fs.access(kcp_file, "rwx", "rx", "rx") then
-fs.chmod(kcp_file, 755)
-end
-kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
-if not kcptun_version or kcptun_version == "" then
-kcptun_version = translate("Unknown")
-end
+	if not fs.access(kcp_file, "rwx", "rx", "rx") then
+		fs.chmod(kcp_file, 755)
+	end
+	kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
+	if not kcptun_version or kcptun_version == "" then
+		kcptun_version = translate("Unknown")
+	end
 	
 end

 if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
-gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
+	gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
 end

 if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-ad_count=tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
+	ad_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
 end

 if nixio.fs.access("/etc/china_ssr.txt") then
-ip_count = sys.exec("cat /etc/china_ssr.txt | wc -l")
+	ip_count = tonumber(sys.exec("cat /etc/china_ssr.txt | wc -l"))
 end

 if nixio.fs.access("/etc/config/netflixip.list") then
-    nfip_count = sys.exec("cat /etc/config/netflixip.list | wc -l")
+	nfip_count = tonumber(sys.exec("cat /etc/config/netflixip.list | wc -l"))
 end

 local icount=sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l")
 if tonumber(icount)>0 then
-reudp_run=1
+	reudp_run=1
 else
-icount=sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
-if tonumber(icount)>0 then
-reudp_run=1
-end
+	icount=sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
+	if tonumber(icount)>0 then
+		reudp_run=1
+	end
 end

 if luci.sys.call("busybox ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 then
-redir_run=1
+	redir_run=1
 end

 if luci.sys.call("busybox ps -w | grep ssr-socks | grep -v grep >/dev/null") == 0 then
-sock5_run=1
+	sock5_run=1
 end

 if luci.sys.call("pidof kcptun-client >/dev/null") == 0 then
-kcptun_run=1
+	kcptun_run=1
 end

 if luci.sys.call("pidof ssr-server >/dev/null") == 0 then
-server_run=1
+	server_run=1
 end

 if luci.sys.call("busybox ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
-tunnel_run=1
+	tunnel_run=1
 end

 if luci.sys.call("pidof pdnsd >/dev/null") == 0 or (luci.sys.call("busybox ps -w | grep ssr-dns |grep -v grep >/dev/null") == 0 and luci.sys.call("pidof dns2socks >/dev/null") == 0)then
-pdnsd_run=1
+	pdnsd_run=1
 end

 m = SimpleForm("Version")
@ -97,63 +94,62 @@ m.submit = false
 s=m:field(DummyValue,"redir_run",translate("Global Client"))
 s.rawhtml  = true
 if redir_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

 s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay"))
 s.rawhtml  = true
 if reudp_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

-if ucic:get_first(shadowsocksr, 'global', 'pdnsd_enable', '0') ~= '0' then
-s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution"))
-s.rawhtml  = true
-if pdnsd_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
+if uci:get_first(shadowsocksr, 'global', 'pdnsd_enable', '0') ~= '0' then
+	s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution"))
+	s.rawhtml  = true
+	if pdnsd_run == 1 then
+		s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	else
+		s.value = translate("Not Running")
+	end
 end

-if ucic:get_first(shadowsocksr, 'socks5_proxy', 'socks', '0') == '1' then
-if nixio.fs.access("/usr/bin/microsocks") then
-s=m:field(DummyValue,"sock5_run",translate("SOCKS5 Proxy Server"))
-s.rawhtml  = true
-if sock5_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
-end
+if uci:get_first(shadowsocksr, 'socks5_proxy', 'socks', '0') == '1' then
+	if nixio.fs.access("/usr/bin/microsocks") then
+		s=m:field(DummyValue,"sock5_run",translate("SOCKS5 Proxy Server"))
+		s.rawhtml  = true
+		if sock5_run == 1 then
+			s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+		else
+			s.value = translate("Not Running")
+		end
+	end
 end

 if nixio.fs.access("/usr/bin/ssr-server") then
-s=m:field(DummyValue,"server_run",translate("Global SSR Server"))
-s.rawhtml  = true
-if server_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
+	s=m:field(DummyValue,"server_run",translate("Global SSR Server"))
+	s.rawhtml  = true
+	if server_run == 1 then
+		s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	else
+		s.value = translate("Not Running")
+	end
 end

 if nixio.fs.access("/usr/bin/kcptun-client") then
-s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
-s.rawhtml  = true
-s.value =kcptun_version
-
-s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
-s.rawhtml  = true
-if kcptun_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
+	s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
+	s.rawhtml  = true
+	s.value =kcptun_version
+	s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
+	s.rawhtml  = true
+	if kcptun_run == 1 then
+		s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	else
+		s.value = translate("Not Running")
+	end
 end

 s=m:field(DummyValue,"google",translate("Google Connectivity"))
@ -167,23 +163,23 @@ s.template = "shadowsocksr/check"
 s=m:field(DummyValue,"gfw_data",translate("GFW List Data"))
 s.rawhtml  = true
 s.template = "shadowsocksr/refresh"
-s.value =tostring(math.ceil(gfw_count)) .. " " .. translate("Records")
+s.value = gfw_count .. " " .. translate("Records")

 s=m:field(DummyValue,"ip_data",translate("China IP Data"))
 s.rawhtml  = true
 s.template = "shadowsocksr/refresh"
-s.value =ip_count .. " " .. translate("Records")
+s.value = ip_count .. " " .. translate("Records")

 s=m:field(DummyValue,"nfip_data",translate("Netflix IP Data"))
 s.rawhtml  = true
 s.template = "shadowsocksr/refresh"
-s.value =nfip_count .. " " .. translate("Records")
+s.value = nfip_count .. " " .. translate("Records")

-if ucic:get_first(shadowsocksr, 'global', 'adblock', '0') == '1' then
-s=m:field(DummyValue,"ad_data",translate("Advertising Data"))
-s.rawhtml  = true
-s.template = "shadowsocksr/refresh"
-s.value =ad_count .. " " .. translate("Records")
+if uci:get_first(shadowsocksr, 'global', 'adblock', '0') == '1' then
+	s=m:field(DummyValue,"ad_data",translate("Advertising Data"))
+	s.rawhtml  = true
+	s.template = "shadowsocksr/refresh"
+	s.value = ad_count .. " " .. translate("Records")
 end

 s=m:field(DummyValue,"check_port",translate("Check Server Port"))
--- a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po
+++ b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po
@ -334,9 +334,6 @@ msgstr "启用广告屏蔽"
 msgid "adblock_url"
 msgstr "广告屏蔽订阅"

-msgid "Enable Custom Netflix IP Url"
-msgstr "启用自定义Netflix IP更新URL"
-
 msgid "nfip_url"
 msgstr "Netflix IP更新URL"

@ -352,9 +349,6 @@ msgstr "【广告屏蔽】数据库"
 msgid "Chnroute Setting"
 msgstr "国内IP段数据库更新设置"

-msgid "Enable custom chnroute"
-msgstr "启用自定义更新地址"
-
 msgid "Update url"
 msgstr "更新链接"

--- a/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt
+++ b/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt
--- a/package/lean/luci-app-ssr-plus/root/etc/config/black.list
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/black.list
--- a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr
@ -13,7 +13,6 @@ config global
 	option switch_try_count '3'
 	option adblock '0'
 	option adblock_url 'https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf'
-	option chnroute '1'
 	option chnroute_url 'https://ispip.clang.cn/all_cn.txt'
 	option nfip_url 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt'
 	option netflix_server 'same'
--- a/package/lean/luci-app-ssr-plus/root/etc/config/white.list
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/white.list
--- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/ad.conf
+++ b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/ad.conf
--- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf
+++ b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf
--- a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
+++ b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
@ -68,7 +68,6 @@ add_cron() {
 	sed -i '/shadowsocksr/d' $CRON_FILE
 	sed -i '/ssrplus.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/ssrplus.log' >>$CRON_FILE
 	[ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/ssrplusupdate.sh" >>$CRON_FILE
-
 	crontab $CRON_FILE
 }

@ -432,7 +431,6 @@ start_redir() {
 		fi
 	fi

-	
 	if [ -n "$UDP_RELAY_SERVER" ]; then
 		redir_udp=1
 		if [ "$utype" == "ss" -o "$utype" == "ssr" ]; then
@ -725,4 +723,3 @@ stop() {
 	fi
 	del_cron
 }
-
--- a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
+++ b/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
@ -13,7 +13,7 @@ uci -q batch <<-EOF >/dev/null
 	commit firewall
 EOF

-killall -q -9 ssr-monitor ss-redir ssr-redir v2ray trojan ipt2socks ssr-server kcptun-client srelay
+killall -q -9 ssr-monitor ss-redir ssr-redir ss-local ssr-local obfs-local v2ray-plugin v2ray trojan ipt2socks ssr-server kcptun-client dns2socks microsocks redsocks2
 /usr/share/shadowsocksr/gfw2ipset.sh
 rm -f /tmp/luci-indexcache
 exit 0
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
@ -383,7 +383,6 @@ local execute = function()
 				end
 				log('忽略手动添加的节点: ' .. old.alias)
 			end
-
 		end)
 		for k, v in ipairs(nodeResult) do
 			for kk, vv in ipairs(v) do
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua
@ -8,20 +8,20 @@ require 'luci.util'
 require 'luci.jsonc'
 require 'luci.sys'
 local icount =0
-local ucic = luci.model.uci.cursor()
+local uci = luci.model.uci.cursor()

 local log = function(...)
 	print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " "))
 end

 log('正在更新【GFW列表】数据库')
-	refresh_cmd="wget-ssl --no-check-certificate https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt -O /tmp/gfw.b64"
-	sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
-	if sret== 0 then
+refresh_cmd = "wget-ssl --no-check-certificate -O - https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt > /tmp/gfw.b64"
+sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
+if sret == 0 then
 	luci.sys.call("/usr/bin/ssr-gfw")
 	icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l")
-	if tonumber(icount)>1000 then
-	oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
+	if tonumber(icount) > 1000 then
+		oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
 		if tonumber(icount) ~= tonumber(oldcount) then
 			luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf")
 			luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf")
@ -38,17 +38,13 @@ else
 end

 log('正在更新【国内IP段】数据库')
-if (ucic:get_first('shadowsocksr', 'global', 'chnroute','0') == '1' ) then
-	refresh_cmd="wget-ssl --no-check-certificate -O - ".. ucic:get_first('shadowsocksr', 'global', 'chnroute_url','https://ispip.clang.cn/all_cn.txt') .." > /tmp/china_ssr.txt 2>/dev/null"
-else
-	refresh_cmd="wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest'  2>/dev/null| awk -F\\| '/CN\\|ipv4/ { printf(\"%s/%d\\n\", $4, 32-log($5)/log(2)) }' > /tmp/china_ssr.txt"
-end
-sret=luci.sys.call(refresh_cmd)
+refresh_cmd = "wget-ssl --no-check-certificate -O - ".. uci:get_first('shadowsocksr', 'global', 'chnroute_url','https://ispip.clang.cn/all_cn.txt') .." > /tmp/china_ssr.txt"
+sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
 icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-if sret== 0 then
+if sret == 0 then
 	icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-	if tonumber(icount)>1000 then
-		oldcount=luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
+	if tonumber(icount) > 1000 then
+		oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
 		if tonumber(icount) ~= tonumber(oldcount) then
 			luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt")
 			log('更新成功！ 新的总纪录数：'.. icount)
@ -63,20 +59,18 @@ else
 	log('更新失败！')
 end

-if ucic:get_first('shadowsocksr', 'global', 'adblock','0') == "1" then
-log('正在更新【广告屏蔽】数据库')
-if nixio.fs.access("/usr/bin/wget-ssl") then
-	refresh_cmd="wget-ssl --no-check-certificate -O - ".. ucic:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf"
-end
-sret=luci.sys.call(refresh_cmd .. " 2>/dev/null")
-if sret== 0 then
+if uci:get_first('shadowsocksr', 'global', 'adblock','0') == "1" then
+	log('正在更新【广告屏蔽】数据库')
+	refresh_cmd = "wget-ssl --no-check-certificate -O - ".. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf"
+	sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
+	if sret == 0 then
 		luci.sys.call("/usr/bin/ssr-ad")
 		icount = luci.sys.exec("cat /tmp/ad.conf | wc -l")
-	if tonumber(icount)>1000 then
+		if tonumber(icount) > 100 then
 			if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-		oldcount=luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
+				oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
 			else
-		oldcount=0
+				oldcount = "0"
 			end
 			if tonumber(icount) ~= tonumber(oldcount) then
 				luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf")
@ -89,9 +83,31 @@ if sret== 0 then
 			log('更新失败！')
 		end
 		luci.sys.exec("rm -f /tmp/ad.conf")
+	else
+		log('更新失败！')
+	end
+end
+
+--[[
+log('正在更新【Netflix IP段】数据库')
+refresh_cmd = "wget-ssl --no-check-certificate -O - ".. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list"
+sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
+if sret == 0 then
+	luci.sys.call("/usr/bin/ssr-gfw")
+	icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l")
+	if tonumber(icount) > 5 then
+		oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l")
+		if tonumber(icount) ~= tonumber(oldcount) then
+			luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list")
+			log('更新成功！ 新的总纪录数：'.. icount)
+		else
+			log('你已经是最新数据，无需更新！')
+		end
+	else
+		log('更新失败！')
+	end
+	luci.sys.exec("rm -f /tmp/netflixip.list")
 else
 	log('更新失败！')
 end
-end
-
-luci.sys.call("/etc/init.d/dnsmasq reload")
+--]]