luci-app-ssr-plus:Code optimization and Fix Bug (#4253)

* luci-app-ssr-plus:Code optimization and Fix Bug * luci-app-ssr-plus:Adjust reference data location
2025-04-16 04:13:31 +00:00 · 2020-04-11 21:53:11 +08:00 · 2020-04-11 21:53:11 +08:00 · a10390cc21
commit a10390cc21
parent ce326f078b
36 changed files with 1350 additions and 1581 deletions
--- a/package/lean/luci-app-ssr-plus/Makefile
+++ b/package/lean/luci-app-ssr-plus/Makefile
@ -1,8 +1,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=luci-app-ssr-plus
-PKG_VERSION:=175
-PKG_RELEASE:=5
+PKG_VERSION:=176
+PKG_RELEASE:=1

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)

@ -38,10 +38,10 @@ define Package/$(PKG_NAME)
 	SECTION:=luci
 	CATEGORY:=LuCI
 	SUBMENU:=3. Applications
-	TITLE:=SS/SSR/V2Ray/Trojan LuCI interface
+	TITLE:=SS/SSR/V2Ray/Trojan/Socks5/Tun LuCI interface
 	PKGARCH:=all
 	DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +pdnsd-alt +wget +lua +libuci-lua \
-	+microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping \
+	+microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping +resolveip \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \
@ -58,23 +58,17 @@ define Build/Compile
 endef

 define Package/$(PKG_NAME)/conffiles
-/etc/ssr_ip
-/etc/china_ssr.txt
 /etc/config/shadowsocksr
-/etc/config/white.list
-/etc/config/black.list
-/etc/config/netflix.list
-/etc/dnsmasq.ssr/ad.conf
-/etc/dnsmasq.ssr/gfw_list.conf
+/etc/ssr/netflix.list
+/etc/ssr/netflixip.list
 endef

 define Package/$(PKG_NAME)/install
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DATA) ./root/etc/china_ssr.txt $(1)/etc/china_ssr.txt
+	$(INSTALL_DIR) $(1)/etc/ssr
+	$(INSTALL_DATA) ./root/etc/ssr/* $(1)/etc/ssr/

 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_CONF) ./root/etc/config/shadowsocksr $(1)/etc/config/shadowsocksr
-	$(INSTALL_DATA) ./root/etc/config/*.list $(1)/etc/config/

 	$(INSTALL_DIR) $(1)/etc/dnsmasq.oversea
 	$(INSTALL_DATA) ./root/etc/dnsmasq.oversea/* $(1)/etc/dnsmasq.oversea/
@ -110,8 +104,8 @@ endef

 define Package/$(PKG_NAME)/postrm
 #!/bin/sh
-rm -rf /etc/china_ssr.txt /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/config/shadowsocksr /etc/config/black.list \
-		/etc/config/gfw.list /etc/config/white.list /etc/config/netflix.list /etc/config/netflixip.list 2>/dev/null
+rm -rf /etc/ssl/private /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/ssr /etc/config/shadowsocksr /etc/china_ssr.txt /etc/config/black.list /etc/config/white.list \
+/etc/config/netflix.list /etc/config/netflixip.list
 endef

 $(eval $(call BuildPackage,$(PKG_NAME)))
--- a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua
@ -1,6 +1,5 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.
-
 module("luci.controller.shadowsocksr", package.seeall)

 function index()
@ -74,105 +73,50 @@ function refresh_data()
 	local set = luci.http.formvalue("set")
 	local uci = luci.model.uci.cursor()
 	local icount = 0
-	if set == "gfw_data" then
-		refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. ' > /tmp/gfw.b64'
+	local retstring = 0
+	local function update(url, file, type, file2)
+		local Num = 1
+		refresh_cmd = "wget-ssl --no-check-certificate -t 3 -T 10 -O- " .. url .. " > /tmp/ssr-update." .. type
 		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
 		if sret == 0 then
-			luci.sys.call("/usr/bin/ssr-gfw")
-			icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l")
-			if tonumber(icount) > 1000 then
-				if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
-					oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
-				else
-					oldcount = "0"
-				end
-				if tonumber(icount) ~= tonumber(oldcount) then
-					luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf")
-					luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf")
-					luci.sys.call("/etc/init.d/dnsmasq restart")
-					retstring = tostring(tonumber(icount)/2)
-				else
-					retstring = "0"
-				end
-			else
-				retstring = "-1"
+			if type == "gfw_data" then
+				luci.sys.call("/usr/bin/ssr-gfw " .. type)
+				Num = 2
+			end
+			if type == "ad_data" then
+				luci.sys.call("/usr/bin/ssr-ad " .. type)
+			end
+			local new_md5 = luci.sys.exec("echo -n $([ -f '/tmp/ssr-update." .. type .. "' ] && md5sum /tmp/ssr-update." .. type .. " | awk '{print $1}')")
+			local old_md5 = luci.sys.exec("echo -n $([ -f '" .. file .. "' ] && md5sum " .. file .. " | awk '{print $1}')")
+			if new_md5 == old_md5 then
+				retstring = "0"
+			else
+				icount = luci.sys.exec("cat /tmp/ssr-update." .. type .. " | wc -l")
+				luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file)
+				if file2 then luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file2) end
+				retstring = tostring(tonumber(icount)/Num)
+				if type == "gfw_data" or type == "ad_data" then
+					luci.sys.exec("/usr/share/shadowsocksr/gfw2ipset.sh gfw_data")
+				else
+					luci.sys.exec("/etc/init.d/shadowsocksr restart &")
+				end
 			end
-			luci.sys.exec("rm -f /tmp/gfwnew.txt")
 		else
 			retstring = "-1"
 		end
+		luci.sys.exec("rm -f /tmp/ssr-update." .. type)
+	end
+	if set == "gfw_data" then
+		update(uci:get_first("shadowsocksr", "global", "gfwlist_url", "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt"), "/etc/dnsmasq.ssr/gfw_list.conf", set, "/tmp/dnsmasq.ssr/gfw_list.conf")
 	end
 	if set == "ip_data" then
-		refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url', 'https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt"
-		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-		icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-		if sret == 0 and tonumber(icount) > 1000 then
-			if nixio.fs.access("/etc/china_ssr.txt") then
-				oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
-			else
-				oldcount = "0"
-			end
-			if tonumber(icount) ~= tonumber(oldcount) then
-				luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt")
-				luci.sys.exec("/etc/init.d/shadowsocksr restart &")
-				retstring = tostring(tonumber(icount))
-			else
-				retstring = "0"
-			end
-		else
-			retstring = "-1"
-		end
-		luci.sys.exec("rm -f /tmp/china_ssr.txt")
-	end
-	if set == "nfip_data" then
-		refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list"
-		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-		icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l")
-		if sret == 0 and tonumber(icount) > 5 then
-			if nixio.fs.access("/etc/config/netflixip.list") then
-				oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l")
-			else
-				oldcount = "0"
-			end
-			if tonumber(icount) ~= tonumber(oldcount) then
-				luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list")
-				luci.sys.exec("/etc/init.d/shadowsocksr restart &")
-				retstring = tostring(tonumber(icount))
-			else
-				retstring = "0"
-			end
-		else
-			retstring = "-1"
-		end
-		luci.sys.exec("rm -f /tmp/netflixip.list")
+		update(uci:get_first("shadowsocksr", "global", "chnroute_url","https://ispip.clang.cn/all_cn.txt"), "/etc/ssr/china_ssr.txt", set)
 	end
 	if set == "ad_data" then
-		refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf"
-		sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-		if sret == 0 then
-			luci.sys.call("/usr/bin/ssr-ad")
-			icount = luci.sys.exec("cat /tmp/ad.conf | wc -l")
-			if tonumber(icount) > 100 then
-				if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-					oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
-				else
-					oldcount = "0"
-				end
-				if tonumber(icount) ~= tonumber(oldcount) then
-					luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf")
-					luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf")
-					luci.sys.call("/etc/init.d/dnsmasq restart")
-					retstring = tostring(tonumber(icount))
-				else
-					retstring = "0"
-				end
-			else
-				retstring = "-1"
-			end
-			luci.sys.exec("rm -f /tmp/ad.conf")
-		else
-			retstring = "-1"
-		end
+		update(uci:get_first("shadowsocksr", "global", "adblock_url","https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt"), "/etc/dnsmasq.ssr/ad.conf", set, "/tmp/dnsmasq.ssr/ad.conf")
+	end
+	if set == "nfip_data" then
+		update(uci:get_first("shadowsocksr", "global", "nfip_url","https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"), "/etc/ssr/netflixip.list", set)
 	end
 	luci.http.prepare_content("application/json")
 	luci.http.write_json({ret = retstring,retcount = icount})
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua
@ -1,3 +1,4 @@
+require "luci.model.uci"
 local shadowsocksr = "shadowsocksr"
 local uci = luci.model.uci.cursor()
 local server_table = {}
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
@ -1,108 +1,105 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
 -- Licensed to the public under the GNU General Public License v3.
-
+require "luci.model.uci"
+require "nixio.fs"
+require "luci.sys"
+require "luci.http"
 local m, s, o,kcp_enable
 local shadowsocksr = "shadowsocksr"
 local uci = luci.model.uci.cursor()
-local fs = require "nixio.fs"
-local sys = require "luci.sys"
 local sid = arg[1]
 local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid")
-local http  = require "luci.http"

 local function isKcptun(file)
-	if not fs.access(file, "rwx", "rx", "rx") then
-		fs.chmod(file, 755)
+	if not nixio.fs.access(file, "rwx", "rx", "rx") then
+		nixio.fs.chmod(file, 755)
 	end
-
-	local str = sys.exec(file .. " -v | awk '{printf $1}'")
+	local str = uci.sys.exec(file .. " -v | awk '{printf $1}'")
 	return (str:lower() == "kcptun")
 end

-
 local server_table = {}
 local encrypt_methods = {
-	"none",
-	"table",
-	"rc4",
-	"rc4-md5-6",
-	"rc4-md5",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"none",
+"table",
+"rc4",
+"rc4-md5-6",
+"rc4-md5",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local encrypt_methods_ss = {
-	-- aead
-	"aes-128-gcm",
-	"aes-192-gcm",
-	"aes-256-gcm",
-	"chacha20-ietf-poly1305",
-	"xchacha20-ietf-poly1305",
-	-- stream
-	"table",
-	"rc4",
-	"rc4-md5",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+-- aead
+"aes-128-gcm",
+"aes-192-gcm",
+"aes-256-gcm",
+"chacha20-ietf-poly1305",
+"xchacha20-ietf-poly1305",
+-- stream
+"table",
+"rc4",
+"rc4-md5",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
-	"auth_chain_b",
-	"auth_chain_c",
-	"auth_chain_d",
-	"auth_chain_e",
-	"auth_chain_f",
+"origin",
+"verify_deflate",
+"auth_sha1_v4",
+"auth_aes128_sha1",
+"auth_aes128_md5",
+"auth_chain_a",
+"auth_chain_b",
+"auth_chain_c",
+"auth_chain_d",
+"auth_chain_e",
+"auth_chain_f",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
+"plain",
+"http_simple",
+"http_post",
+"random_head",
+"tls1.2_ticket_auth",
 }

 local securitys = {
-	"auto",
-	"none",
-	"aes-128-gcm",
-	"chacha20-poly1305"
+"auto",
+"none",
+"aes-128-gcm",
+"chacha20-poly1305"
 }

-
 m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
 m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers")
 if m.uci:get(shadowsocksr, sid) ~= "servers" then
@ -113,35 +110,35 @@ end
 -- [[ Servers Setting ]]--
 s = m:section(NamedSection, sid, "servers")
 s.anonymous = true
-s.addremove   = false
+s.addremove = false

 o = s:option(DummyValue,"ssr_url","SS/SSR/V2RAY/TROJAN URL")
-o.rawhtml  = true
+o.rawhtml = true
 o.template = "shadowsocksr/ssrurl"
 o.value =sid

 o = s:option(ListValue, "type", translate("Server Node Type"))
 o:value("ssr", translate("ShadowsocksR"))
 if nixio.fs.access("/usr/bin/ss-redir") then
-o:value("ss", translate("Shadowsocks New Version"))
+	o:value("ss", translate("Shadowsocks New Version"))
 end
 if nixio.fs.access("/usr/bin/v2ray/v2ray") or nixio.fs.access("/usr/bin/v2ray") then
-o:value("v2ray", translate("V2Ray"))
+	o:value("v2ray", translate("V2Ray"))
 end
 if nixio.fs.access("/usr/sbin/trojan") then
-o:value("trojan", translate("Trojan"))
+	o:value("trojan", translate("Trojan"))
 end
 if nixio.fs.access("/usr/sbin/redsocks2") then
-o:value("socks5", translate("Socks5"))
-o:value("tun", translate("Network Tunnel"))
+	o:value("socks5", translate("Socks5"))
+	o:value("tun", translate("Network Tunnel"))
 end
 o.description = translate("Using incorrect encryption mothod may causes service fail to start")

 o = s:option(Value, "alias", translate("Alias(optional)"))

 o = s:option(ListValue, "iface", translate("Network interface to use"))
-for _, e in ipairs(sys.net.devices()) do
-		if e ~= "lo" then o:value(e) end
+for _, e in ipairs(luci.sys.net.devices()) do
+	if e ~= "lo" then o:value(e) end
 end
 o:depends("type", "tun")
 o.description = translate("Redirect traffic to this network interface")
@ -369,6 +366,7 @@ o.rmempty = true
 o:depends("type", "v2ray")
 o:depends("type", "trojan")
 o.default = "1"
+o.description = translate("If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.")

 -- [[ TLS ]]--
 o = s:option(Flag, "tls", translate("TLS"))
@ -409,31 +407,31 @@ o:depends("certificate", 1)
 cert_dir = "/etc/ssl/private/"
 local path

-http.setfilehandler(
-    function(meta, chunk, eof)
-      if not fd then
-        if (not meta) or (not meta.name) or (not meta.file) then return end
-           fd = nixio.open(cert_dir .. meta.file, "w")
-        if not fd then
-           path = translate("Create upload file error.")
-        return
-        end
-     end
-     if chunk and fd then
-     fd:write(chunk)
-     end
-     if eof and fd then
-       fd:close()
-       fd = nil
-       path = '/etc/ssl/private/' .. meta.file .. ''
-    end
-    end
-    )
+luci.http.setfilehandler(
+function(meta, chunk, eof)
+	if not fd then
+		if (not meta) or (not meta.name) or (not meta.file) then return end
+		fd = nixio.open(cert_dir .. meta.file, "w")
+		if not fd then
+			path = translate("Create upload file error.")
+			return
+		end
+	end
+	if chunk and fd then
+		fd:write(chunk)
+	end
+	if eof and fd then
+		fd:close()
+		fd = nil
+		path = '/etc/ssl/private/' .. meta.file .. ''
+	end
+end
+)
 if luci.http.formvalue("upload") then
-   local f = luci.http.formvalue("ulfile")
-    if #f <= 0 then
-        path = translate("No specify upload file.")
-   end   
+	local f = luci.http.formvalue("ulfile")
+	if #f <= 0 then
+		path = translate("No specify upload file.")
+	end
 end

 o = s:option(Value, "certpath", translate("Current Certificate Path"))
@ -459,42 +457,36 @@ o.default = 1234
 o.rmempty = false

 if nixio.fs.access("/usr/bin/kcptun-client") then
-
-kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
-kcp_enable.rmempty = true
-kcp_enable.default = "0"
-kcp_enable:depends("type", "ssr")
-kcp_enable:depends("type", "ss")
-
-o = s:option(Value, "kcp_port", translate("KcpTun Port"))
-o.datatype = "port"
-o.default = 4000
-function o.validate(self, value, section)
+	kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
+	kcp_enable.rmempty = true
+	kcp_enable.default = "0"
+	kcp_enable:depends("type", "ssr")
+	kcp_enable:depends("type", "ss")
+	o = s:option(Value, "kcp_port", translate("KcpTun Port"))
+	o.datatype = "port"
+	o.default = 4000
+	function o.validate(self, value, section)
 		local kcp_file="/usr/bin/kcptun-client"
 		local enable = kcp_enable:formvalue(section) or kcp_enable.disabled
 		if enable == kcp_enable.enabled then
-	if not fs.access(kcp_file)  then
-		return nil, translate("Haven't a Kcptun executable file")
-	elseif  not isKcptun(kcp_file) then
-		return nil, translate("Not a Kcptun executable file")
+			if not nixio.fs.access(kcp_file) then
+				return nil, translate("Haven't a Kcptun executable file")
+			elseif not isKcptun(kcp_file) then
+				return nil, translate("Not a Kcptun executable file")
+			end
+		end
+		return value
 	end
-	end
-
-	return value
-end
-o:depends("type", "ssr")
-o:depends("type", "ss")
-
-o = s:option(Value, "kcp_password", translate("KcpTun Password"))
-o.password = true
-o:depends("type", "ssr")
-o:depends("type", "ss")
-
-o = s:option(Value, "kcp_param", translate("KcpTun Param"))
-o.default = "--nocomp"
-o:depends("type", "ssr")
-o:depends("type", "ss")
-
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
+	o = s:option(Value, "kcp_password", translate("KcpTun Password"))
+	o.password = true
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
+	o = s:option(Value, "kcp_param", translate("KcpTun Param"))
+	o.default = "--nocomp"
+	o:depends("type", "ssr")
+	o:depends("type", "ss")
 end

 return m
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua
@ -1,16 +1,14 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
 -- Copyright (C) 2018 lean <coolsnowwolf@gmail.com> github.com/coolsnowwolf
 -- Licensed to the public under the GNU General Public License v3.
-
+require "luci.model.uci"
 local m, s, sec, o, kcp_enable
 local shadowsocksr = "shadowsocksr"
 local uci = luci.model.uci.cursor()

-local sys = require "luci.sys"
-
 m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings"))

-m:section(SimpleSection).template  = "shadowsocksr/status"
+m:section(SimpleSection).template = "shadowsocksr/status"

 local server_table = {}
 uci:foreach(shadowsocksr, "servers", function(s)
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua
@ -1,5 +1,6 @@
+require "luci.ip"
+require "nixio.fs"
 local m, s, o
-local NXFS = require "nixio.fs"

 m = Map("shadowsocksr", translate("IP black-and-white list"))

@ -27,9 +28,9 @@ o.rmempty = false
 o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-		if entry.reachable then
-			o:value(entry.dest:string())
-		end
+	if entry.reachable then
+		o:value(entry.dest:string())
+	end
 end)
 o:depends("lan_ac_mode", "w")
 o:depends("lan_ac_mode", "b")
@ -37,25 +38,25 @@ o:depends("lan_ac_mode", "b")
 o = s:taboption("lan_ac", DynamicList, "lan_bp_ips", translate("LAN Bypassed Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-		if entry.reachable then
-			o:value(entry.dest:string())
-		end
+	if entry.reachable then
+		o:value(entry.dest:string())
+	end
 end)

 o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-		if entry.reachable then
-			o:value(entry.dest:string())
-		end
+	if entry.reachable then
+		o:value(entry.dest:string())
+	end
 end)

 o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-		if entry.reachable then
-			o:value(entry.dest:string())
-		end
+	if entry.reachable then
+		o:value(entry.dest:string())
+	end
 end)

 -- Part of Self
@ -66,73 +67,73 @@ end)
 -- o:value("2", translatef("Forwarded Proxy"))
 -- o.rmempty = false

-s:tab("esc",  translate("Bypass Domain List"))
+s:tab("esc", translate("Bypass Domain List"))

-local escconf = "/etc/config/white.list"
+local escconf = "/etc/ssr/white.list"
 o = s:taboption("esc", TextValue, "escconf")
 o.rows = 13
 o.wrap = "off"
 o.rmempty = true
 o.cfgvalue = function(self, section)
-	return NXFS.readfile(escconf) or ""
+	return nixio.fs.readfile(escconf) or ""
 end
 o.write = function(self, section, value)
-	NXFS.writefile(escconf, value:gsub("\r\n", "\n"))
+	nixio.fs.writefile(escconf, value:gsub("\r\n", "\n"))
 end
 o.remove = function(self, section, value)
-	NXFS.writefile(escconf, "")
+	nixio.fs.writefile(escconf, "")
 end


-s:tab("block",  translate("Black Domain List"))
+s:tab("block", translate("Black Domain List"))

-local blockconf = "/etc/config/black.list"
+local blockconf = "/etc/ssr/black.list"
 o = s:taboption("block", TextValue, "blockconf")
 o.rows = 13
 o.wrap = "off"
 o.rmempty = true
 o.cfgvalue = function(self, section)
-	return NXFS.readfile(blockconf) or " "
+	return nixio.fs.readfile(blockconf) or " "
 end
 o.write = function(self, section, value)
-	NXFS.writefile(blockconf, value:gsub("\r\n", "\n"))
+	nixio.fs.writefile(blockconf, value:gsub("\r\n", "\n"))
 end
 o.remove = function(self, section, value)
-	NXFS.writefile(blockconf, "")
+	nixio.fs.writefile(blockconf, "")
 end

-s:tab("netflix",  translate("Netflix Domain List"))
+s:tab("netflix", translate("Netflix Domain List"))

-local netflixconf = "/etc/config/netflix.list"
+local netflixconf = "/etc/ssr/netflix.list"
 o = s:taboption("netflix", TextValue, "netflixconf")
 o.rows = 13
 o.wrap = "off"
 o.rmempty = true
 o.cfgvalue = function(self, section)
-	return NXFS.readfile(netflixconf) or " "
+	return nixio.fs.readfile(netflixconf) or " "
 end
 o.write = function(self, section, value)
-	NXFS.writefile(netflixconf, value:gsub("\r\n", "\n"))
+	nixio.fs.writefile(netflixconf, value:gsub("\r\n", "\n"))
 end
 o.remove = function(self, section, value)
-	NXFS.writefile(netflixconf, "")
+	nixio.fs.writefile(netflixconf, "")
 end

-s:tab("netflixip",  translate("Netflix IP List"))
+s:tab("netflixip", translate("Netflix IP List"))

-local netflixipconf = "/etc/config/netflixip.list"
+local netflixipconf = "/etc/ssr/netflixip.list"
 o = s:taboption("netflixip", TextValue, "netflixipconf")
 o.rows = 13
 o.wrap = "off"
 o.rmempty = true
 o.cfgvalue = function(self, section)
-	return NXFS.readfile(netflixipconf) or " "
+	return nixio.fs.readfile(netflixipconf) or " "
 end
 o.write = function(self, section, value)
-	NXFS.writefile(netflixipconf, value:gsub("\r\n", "\n"))
+	nixio.fs.writefile(netflixipconf, value:gsub("\r\n", "\n"))
 end
 o.remove = function(self, section, value)
-	NXFS.writefile(netflixipconf, "")
+	nixio.fs.writefile(netflixipconf, "")
 end

 return m
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua
@ -1,20 +1,20 @@
-local fs = require "nixio.fs"
-
+require "luci.util"
+require "nixio.fs"
 f = SimpleForm("logview")
-
+f.reset = false
+f.submit = false
 t = f:field(TextValue, "conf")
 t.rmempty = true
 t.rows = 20
 function t.cfgvalue()
-  if fs.access("/tmp/ssrplus.log") then
-    local logs = luci.util.execi("cat /tmp/ssrplus.log")
-    local s = ""
-    for line in logs do
-      s = line .. "\n" .. s
-      end
-    return s
-  end
+	if nixio.fs.access("/tmp/ssrplus.log") then
+		local logs = luci.util.execi("cat /tmp/ssrplus.log")
+		local s = ""
+		for line in logs do
+			s = line .. "\n" .. s
+		end
+		return s
+	end
 end
 t.readonly="readonly"
-
-return f
+return f
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
@ -1,43 +1,44 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.
-
+require "luci.http"
+require "luci.dispatcher"
 local m, s, o
 local shadowsocksr = "shadowsocksr"
 local sid = arg[1]

 local encrypt_methods = {
-	"rc4-md5",
-	"rc4-md5-6",
-	"rc4",
-	"table",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"rc4-md5",
+"rc4-md5-6",
+"rc4",
+"table",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
+"origin",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
+"plain",
+"http_simple",
+"http_post",
 }

 m = Map(shadowsocksr, translate("Edit ShadowSocksR Server"))
@ -54,7 +55,7 @@ end
 -- [[ Server Setting ]]--
 s = m:section(NamedSection, sid, "server_config")
 s.anonymous = true
-s.addremove   = false
+s.addremove = false

 o = s:option(Flag, "enable", translate("Enable"))
 o.default = 1
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
@ -1,56 +1,55 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.
-
+require "luci.http"
+require "luci.dispatcher"
 local m, sec, o
 local shadowsocksr = "shadowsocksr"
-local uci = luci.model.uci.cursor()
-
-
-m = Map(shadowsocksr)

 local encrypt_methods = {
-	"table",
-	"rc4",
-	"rc4-md5",
-	"rc4-md5-6",
-	"aes-128-cfb",
-	"aes-192-cfb",
-	"aes-256-cfb",
-	"aes-128-ctr",
-	"aes-192-ctr",
-	"aes-256-ctr",
-	"bf-cfb",
-	"camellia-128-cfb",
-	"camellia-192-cfb",
-	"camellia-256-cfb",
-	"cast5-cfb",
-	"des-cfb",
-	"idea-cfb",
-	"rc2-cfb",
-	"seed-cfb",
-	"salsa20",
-	"chacha20",
-	"chacha20-ietf",
+"table",
+"rc4",
+"rc4-md5",
+"rc4-md5-6",
+"aes-128-cfb",
+"aes-192-cfb",
+"aes-256-cfb",
+"aes-128-ctr",
+"aes-192-ctr",
+"aes-256-ctr",
+"bf-cfb",
+"camellia-128-cfb",
+"camellia-192-cfb",
+"camellia-256-cfb",
+"cast5-cfb",
+"des-cfb",
+"idea-cfb",
+"rc2-cfb",
+"seed-cfb",
+"salsa20",
+"chacha20",
+"chacha20-ietf",
 }

 local protocol = {
-	"origin",
-	"verify_deflate",
-	"auth_sha1_v4",
-	"auth_aes128_sha1",
-	"auth_aes128_md5",
-	"auth_chain_a",
+"origin",
+"verify_deflate",
+"auth_sha1_v4",
+"auth_aes128_sha1",
+"auth_aes128_md5",
+"auth_chain_a",
 }

 obfs = {
-	"plain",
-	"http_simple",
-	"http_post",
-	"random_head",
-	"tls1.2_ticket_auth",
-	"tls1.2_ticket_fastauth",
+"plain",
+"http_simple",
+"http_post",
+"random_head",
+"tls1.2_ticket_auth",
+"tls1.2_ticket_fastauth",
 }

+m = Map(shadowsocksr)
+
 -- [[ Global Setting ]]--
 sec = m:section(TypedSection, "server_global", translate("Global Setting"))
 sec.anonymous = true
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua
@ -1,20 +1,17 @@
 -- Licensed to the public under the GNU General Public License v3.
-
+require "luci.http"
+require "luci.dispatcher"
+require "luci.model.uci"
 local m, s, o
 local shadowsocksr = "shadowsocksr"
-
 local uci = luci.model.uci.cursor()
 local server_count = 0
+
 uci:foreach("shadowsocksr", "servers", function(s)
-  server_count = server_count + 1
+	server_count = server_count + 1
 end)

-local fs  = require "nixio.fs"
-local sys = require "luci.sys"
-
-local ucic = luci.model.uci.cursor()
-
-m = Map(shadowsocksr,  translate("Servers subscription and manage"))
+m = Map(shadowsocksr, translate("Servers subscription and manage"))

 -- Server Subscribe

@ -28,7 +25,7 @@ o.description = translate("Auto Update Server subscription, GFW list and CHN rou

 o = s:option(ListValue, "auto_update_time", translate("Update time (every day)"))
 for t = 0,23 do
-o:value(t, t..":00")
+	o:value(t, t..":00")
 end
 o.default=2
 o.rmempty = false
@ -44,7 +41,7 @@ o = s:option(Button,"update_Sub",translate("Update Subscribe List"))
 o.inputstyle = "reload"
 o.description = translate("Update subscribe url list first")
 o.write = function()
-  luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
+	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
 end

 o = s:option(Flag, "switch", translate("Subscribe Default Auto-Switch"))
@ -58,25 +55,25 @@ o.description = translate("Through proxy update list, Not Recommended ")


 o = s:option(Button,"subscribe", translate("Update All Subscribe Severs"))
-o.rawhtml  = true
+o.rawhtml = true
 o.template = "shadowsocksr/subscribe"

 o = s:option(Button,"delete",translate("Delete All Subscribe Severs"))
 o.inputstyle = "reset"
-o.description = string.format(translate("Server Count") ..  ": %d", server_count)
+o.description = string.format(translate("Server Count") .. ": %d", server_count)
 o.write = function()
-uci:delete_all("shadowsocksr", "servers", function(s)
-  if s.hashkey or s.isSubscribe then
-    return true
-  else
-    return false
-  end
-end)
-uci:save("shadowsocksr") 
-uci:commit("shadowsocksr")
-luci.sys.exec("/etc/init.d/shadowsocksr restart")
-luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
-return
+	uci:delete_all("shadowsocksr", "servers", function(s)
+		if s.hashkey or s.isSubscribe then
+			return true
+		else
+			return false
+		end
+	end)
+	uci:save("shadowsocksr")
+	uci:commit("shadowsocksr")
+	luci.sys.exec("/etc/init.d/shadowsocksr restart")
+	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers"))
+	return
 end

 -- [[ Servers Manage ]]--
@ -85,12 +82,12 @@ s.anonymous = true
 s.addremove = true
 s.template = "cbi/tblsection"
 s.sortable = true
-s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s")
+s.extedit = luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers", "%s")
 function s.create(...)
 	local sid = TypedSection.create(...)
 	if sid then
 		luci.http.redirect(s.extedit % sid)
-	return
+		return
 	end
 end

@ -121,11 +118,11 @@ o.width="10%"
 node = s:option(Button,"apply_node",translate("Apply"))
 node.inputstyle = "apply"
 node.write = function(self, section)
-  ucic:set("shadowsocksr", '@global[0]', 'global_server', section)
-  ucic:save("shadowsocksr") 
-  ucic:commit("shadowsocksr")
-  luci.sys.exec("/etc/init.d/shadowsocksr restart")
-  luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client"))
+	uci:set("shadowsocksr", '@global[0]', 'global_server', section)
+	uci:save("shadowsocksr")
+	uci:commit("shadowsocksr")
+	luci.sys.exec("/etc/init.d/shadowsocksr restart")
+	luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client"))
 end

 o = s:option(Flag, "switch_enable", translate("Auto Switch"))
--- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua
+++ b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua
@ -1,6 +1,8 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com>
 -- Licensed to the public under the GNU General Public License v3.
-
+require "nixio.fs"
+require "luci.sys"
+require "luci.model.uci"
 local m, s, o
 local redir_run=0
 local reudp_run=0
@ -20,71 +22,69 @@ font_off = [[</font>]]
 bold_on = [[<strong>]]
 bold_off = [[</strong>]]

-local fs = require "nixio.fs"
-local sys = require "luci.sys"
 local kcptun_version=translate("Unknown")
 local kcp_file="/usr/bin/kcptun-client"
-if not fs.access(kcp_file) then
-kcptun_version=translate("Not exist")
+if not nixio.fs.access(kcp_file) then
+	kcptun_version=translate("Not exist")
 else
-if not fs.access(kcp_file, "rwx", "rx", "rx") then
-fs.chmod(kcp_file, 755)
-end
-kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'")
-if not kcptun_version or kcptun_version == "" then
-kcptun_version = translate("Unknown")
-end
-
+	if not nixio.fs.access(kcp_file, "rwx", "rx", "rx") then
+		nixio.fs.chmod(kcp_file, 755)
+	end
+	kcptun_version=luci.sys.exec(kcp_file .. " -v | awk '{printf $3}'")
+	if not kcptun_version or kcptun_version == "" then
+		kcptun_version = translate("Unknown")
+	end
+	
 end

 if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
-gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
+	gfw_count = tonumber(luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2
 end

 if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-ad_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
+	ad_count = tonumber(luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l"))
 end

-if nixio.fs.access("/etc/china_ssr.txt") then
-ip_count = tonumber(sys.exec("cat /etc/china_ssr.txt | wc -l"))
+if nixio.fs.access("/etc/ssr/china_ssr.txt") then
+	ip_count = tonumber(luci.sys.exec("cat /etc/china_ssr.txt | wc -l"))
 end

-if nixio.fs.access("/etc/config/netflixip.list") then
-nfip_count = tonumber(sys.exec("cat /etc/config/netflixip.list | wc -l"))
+if nixio.fs.access("/etc/ssr/netflixip.list") then
+	nfip_count = tonumber(luci.sys.exec("cat /etc/ssr/netflixip.list | wc -l"))
 end

-local icount=sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l")
+local icount=luci.sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l")
 if tonumber(icount)>0 then
-reudp_run=1
+	reudp_run=1
 else
-icount=sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
-if tonumber(icount)>0 then
-reudp_run=1
-end
+	icount=luci.sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l")
+	if tonumber(icount)>0 then
+		reudp_run=1
+	end
 end

 if luci.sys.call("busybox ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 then
-redir_run=1
+	redir_run=1
 end

 if luci.sys.call("busybox ps -w | grep ssr-local | grep -v ssr-socksdns |grep -v grep >/dev/null") == 0 then
-sock5_run=1
+	sock5_run=1
 end

 if luci.sys.call("pidof kcptun-client >/dev/null") == 0 then
-kcptun_run=1
+	kcptun_run=1
 end

 if luci.sys.call("busybox ps -w | grep ssr-server | grep -v grep >/dev/null") == 0 then
-server_run=1
+	server_run=1
 end

 if luci.sys.call("busybox ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then
-tunnel_run=1
+	tunnel_run=1
 end

 if luci.sys.call("pidof pdnsd >/dev/null") == 0 or (luci.sys.call("busybox ps -w | grep ssr-dns |grep -v grep >/dev/null") == 0 and luci.sys.call("pidof dns2socks >/dev/null") == 0)then
-pdnsd_run=1
+	pdnsd_run=1
 end

 m = SimpleForm("Version")
@ -94,56 +94,56 @@ m.submit = false
 s=m:field(DummyValue,"redir_run",translate("Global Client"))
 s.rawhtml = true
 if redir_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

 s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay"))
 s.rawhtml = true
 if reudp_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

 if uci:get_first(shadowsocksr, 'global', 'pdnsd_enable', '0') ~= '0' then
-s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution"))
-s.rawhtml = true
-if pdnsd_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
+	s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution"))
+	s.rawhtml = true
+	if pdnsd_run == 1 then
+		s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	else
+		s.value = translate("Not Running")
+	end
 end

 s=m:field(DummyValue,"sock5_run",translate("Global SOCKS5 Proxy Server"))
 s.rawhtml = true
 if sock5_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

 s=m:field(DummyValue,"server_run",translate("Local Servers"))
 s.rawhtml = true
 if server_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
 else
-s.value = translate("Not Running")
+	s.value = translate("Not Running")
 end

 if nixio.fs.access("/usr/bin/kcptun-client") then
-s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
-s.rawhtml = true
-s.value =kcptun_version
-s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
-s.rawhtml = true
-if kcptun_run == 1 then
-s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
-else
-s.value = translate("Not Running")
-end
+	s=m:field(DummyValue,"kcp_version",translate("KcpTun Version"))
+	s.rawhtml = true
+	s.value =kcptun_version
+	s=m:field(DummyValue,"kcptun_run",translate("KcpTun"))
+	s.rawhtml = true
+	if kcptun_run == 1 then
+		s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off
+	else
+		s.value = translate("Not Running")
+	end
 end

 s=m:field(DummyValue,"google",translate("Google Connectivity"))
@ -170,10 +170,10 @@ s.template = "shadowsocksr/refresh"
 s.value = nfip_count .. " " .. translate("Records")

 if uci:get_first(shadowsocksr, 'global', 'adblock', '0') == '1' then
-s=m:field(DummyValue,"ad_data",translate("Advertising Data"))
-s.rawhtml = true
-s.template = "shadowsocksr/refresh"
-s.value = ad_count .. " " .. translate("Records")
+	s=m:field(DummyValue,"ad_data",translate("Advertising Data"))
+	s.rawhtml = true
+	s.template = "shadowsocksr/refresh"
+	s.value = ad_count .. " " .. translate("Records")
 end

 s=m:field(DummyValue,"check_port",translate("Check Server Port"))
--- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm
+++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm
@ -1,4 +1,4 @@
 <%+cbi/valueheader%>
-	<input class="cbi-input-file" style="width: 400px" type="file" id="ulfile" name="ulfile" />
-	<input type="submit" class="cbi-button cbi-input-apply" name="upload" value="<%:Upload%>" />
+<input class="cbi-input-file" style="width: 400px" type="file" id="ulfile" name="ulfile" />
+<input type="submit" class="cbi-button cbi-input-apply" name="upload" value="<%:Upload%>" />
 <%+cbi/valuefooter%>
--- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm
+++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm
@ -1,7 +1,5 @@
 <%+cbi/valueheader%>
-
 <script type="text/javascript">//<![CDATA[
-
 	function check_port(btn)
 	{
 		btn.disabled = true;
@ -15,22 +13,14 @@
 			{

 				s.innerHTML =rv.ret;
-
-
-
 			}
-
 				btn.disabled = false;
 				btn.value    = '<%:Check Server%>';
 			}
 		);
-
 		return false;
 	}
 //]]></script>
 <input type="button" class="cbi-button cbi-button-apply" value="<%:Check Server%>" onclick="return check_port(this)" />
 <span id="<%=self.option%>-status"><em><%=self.value%></em></span>
-
-
-
 <%+cbi/valuefooter%>
--- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm
+++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm
@ -81,47 +81,39 @@ local dsp = require "luci.dispatcher"

 		return false;
 	}
-
 	// set tr draggable
 	function enableDragForTable(table_selecter, store) {
 		var trs = document.querySelectorAll(table_selecter + " tr");
 		if (!trs || trs.length.length < 3) {
 			return;
 		}
-
 		function ondragstart(ev) {
 			ev.dataTransfer.setData("Text", ev.target.id);
 		}
-
 		function ondrop(ev) {
 			var from = ev.dataTransfer.getData("Text");
 			cbi_row_drop(from, this.id, store);
 		}
-
 		function ondragover(ev) {
 			ev.preventDefault();
 			ev.dataTransfer.dropEffect = "move";
 		}
-
 		function moveToTop(id) {
 			var top = document.querySelectorAll(table_selecter + " tr")[2];
 			cbi_row_drop(id, top.id, store);
 		}
-
 		function moveToBottom(id) {
 			console.log('moveToBottom:', id);
 			var trList = document.querySelectorAll(table_selecter + " tr");
 			var bottom = trList[trList.length - 1];
 			cbi_row_drop(id, bottom.id, store, true);
 		}
-
 		for (let index = 2; index < trs.length; index++) {
 			const el = trs[index];
 			el.setAttribute("draggable", true);
 			el.ondragstart = ondragstart;
 			el.ondrop = ondrop;
 			el.ondragover = ondragover;
-
 			// reset the behaviors of the btns
 			var upBtns = el.querySelectorAll(".cbi-button.cbi-button-up");
 			if (upBtns && upBtns.length > 0) {
@ -131,7 +123,6 @@ local dsp = require "luci.dispatcher"
 					};
 				});
 			}
-
 			var downBtns = el.querySelectorAll(".cbi-button.cbi-button-down");
 			if (downBtns && downBtns.length > 0) {
 				downBtns.forEach(function (_el) {
@ -142,7 +133,6 @@ local dsp = require "luci.dispatcher"
 			}
 		}
 	}
-
 	// enable
 	enableDragForTable(
 		"#cbi-shadowsocksr-servers table",
--- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm
+++ b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm
@ -80,7 +80,6 @@
 		}
 		return false;
 	}
-
 	function import_ssr_url(btn, urlname, sid) {
 		var s = document.getElementById(urlname + '-status');
 		if (!s)
@ -98,7 +97,6 @@
 			s.innerHTML = "<font color='red'>无效格式</font>";
 			return false;
 		}
-
 		var event = document.createEvent("HTMLEvents");
 		event.initEvent("change", true, true);
 		if (ssu[0] == "ssr") {
@ -137,7 +135,6 @@
 			s.innerHTML = "<font color='green'>导入ShadowsocksR配置信息成功</font>";
 			return false;
 		} else if (ssu[0] == "ss") {
-
 			var url0, param = "";
 			var sipIndex = ssu[1].indexOf("@");
 			var ploc = ssu[1].indexOf("#");
@ -147,7 +144,6 @@
 			} else {
 				url0 = ssu[1];
 			}
-
 			if (sipIndex != -1) {
 				// SIP002
 				var userInfo = b64decsafe(url0.substr(0, sipIndex));
@ -163,7 +159,6 @@
 					plugin = pluginNameInfo.substr(pluginNameInfo.indexOf("=") + 1)
 					pluginOpts = pluginInfo.substr(pluginIndex + 1);
 				}
-
 				var userInfoSplitIndex = userInfo.indexOf(":");
 				if (userInfoSplitIndex != -1) {
 					method = userInfo.substr(0, userInfoSplitIndex);
@ -177,7 +172,6 @@
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.encrypt_method_ss')[0].value = method || "";
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.plugin')[0].value = plugin || "";
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.plugin_opts')[0].value = pluginOpts || "";
-
 				if (param != undefined) {
 					document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURI(param);
 				}
@ -212,7 +206,6 @@
 				url0 = ssu[1]
 			}
 			var sstr = url0;
-
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "trojan";
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 			var team = sstr.split('@');
@ -229,7 +222,6 @@
 					queryParam[decodeURIComponent(params[0])] = decodeURIComponent(params[1] || '');
 				}
 			}
-			
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = serverPart[0];
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.password')[0].value = password;
@ -237,7 +229,6 @@
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].dispatchEvent(event);
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls_host')[0].value = queryParam.peer || '';
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].checked = queryParam.allowInsecure === '1';
-
 			if (param != undefined) {
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURI(param);
 			}
--- a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po
+++ b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po
@ -61,9 +61,21 @@ msgstr "密码"
 msgid "Encrypt Method"
 msgstr "加密方式"

+msgid "Transport"
+msgstr "传输协议"
+
 msgid "Protocol"
 msgstr "传输协议"

+msgid "allowInsecure"
+msgstr "允许不安全连接"
+
+msgid "Concurrency"
+msgstr "最大并发连接数"
+
+msgid "If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates."
+msgstr "是否允许不安全连接。当选择时，将不会检查远端主机所提供的 TLS 证书的有效性。"
+
 msgid "Protocol param(optional)"
 msgstr "传输协议参数（可选）"

--- a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr
@ -6,7 +6,6 @@ config global
 	option dports '2'
 	option pdnsd_enable '1'
 	option monitor_enable '1'
-	option global_server 'nil'
 	option enable_switch '1'
 	option switch_timeout '5'
 	option switch_time '667'
@ -15,16 +14,13 @@ config global
 	option chnroute_url 'https://ispip.clang.cn/all_cn.txt'
 	option nfip_url 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt'
 	option adblock_url 'https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf'
-	option netflix_server 'same'
 	option threads '0'
-
-config socks5_proxy
-	option socks '0'
-	option local_port '1080'
-	option local_address '0.0.0.0'
+	option global_server 'nil'
+	option netflix_server 'nil'
+	option netflix_proxy '0'

 config access_control
-	option wan_bp_list '/etc/china_ssr.txt'
+	option wan_bp_list '/etc/ssr/china_ssr.txt'
 	option lan_ac_mode 'b'
 	option router_proxy '1'
 	list wan_fw_ips '149.154.160.0/20'
@ -33,6 +29,11 @@ config access_control
 	list wan_fw_ips '91.108.56.0/22'
 	list wan_fw_ips '109.239.140.0/24'

+config socks5_proxy
+	option socks '0'
+	option local_port '1080'
+	option local_address '0.0.0.0'
+
 config server_global
 	option enable_server '0'

--- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf
+++ b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf
@ -1,5 +1,5 @@
-server=/.030buy.com/127.0.0.1#5335
-ipset=/.030buy.com/gfwlist
+server=/.0914.global.ssl.fastly.net/127.0.0.1#5335
+ipset=/.0914.global.ssl.fastly.net/gfwlist
 server=/.0rz.tw/127.0.0.1#5335
 ipset=/.0rz.tw/gfwlist
 server=/.10.tt/127.0.0.1#5335
@ -210,14 +210,10 @@ server=/.8news.com.tw/127.0.0.1#5335
 ipset=/.8news.com.tw/gfwlist
 server=/.8z1.net/127.0.0.1#5335
 ipset=/.8z1.net/gfwlist
-server=/.9001700.com/127.0.0.1#5335
-ipset=/.9001700.com/gfwlist
 server=/.91porn.com/127.0.0.1#5335
 ipset=/.91porn.com/gfwlist
 server=/.91vps.club/127.0.0.1#5335
 ipset=/.91vps.club/gfwlist
-server=/.92ccav.com/127.0.0.1#5335
-ipset=/.92ccav.com/gfwlist
 server=/.991.com/127.0.0.1#5335
 ipset=/.991.com/gfwlist
 server=/.99btgc01.com/127.0.0.1#5335
@ -236,6 +232,8 @@ server=/.a248.e.akamai.net/127.0.0.1#5335
 ipset=/.a248.e.akamai.net/gfwlist
 server=/.a5.com.ru/127.0.0.1#5335
 ipset=/.a5.com.ru/gfwlist
+server=/.a771.dscq.akamai.net/127.0.0.1#5335
+ipset=/.a771.dscq.akamai.net/gfwlist
 server=/.aamacau.com/127.0.0.1#5335
 ipset=/.aamacau.com/gfwlist
 server=/.abc.com/127.0.0.1#5335
@ -248,8 +246,6 @@ server=/.abc.xyz/127.0.0.1#5335
 ipset=/.abc.xyz/gfwlist
 server=/.abchinese.com/127.0.0.1#5335
 ipset=/.abchinese.com/gfwlist
-server=/.abclite.net/127.0.0.1#5335
-ipset=/.abclite.net/gfwlist
 server=/.abebooks.com/127.0.0.1#5335
 ipset=/.abebooks.com/gfwlist
 server=/.abematv.akamaized.net/127.0.0.1#5335
@ -260,20 +256,12 @@ server=/.aboluowang.com/127.0.0.1#5335
 ipset=/.aboluowang.com/gfwlist
 server=/.about.google/127.0.0.1#5335
 ipset=/.about.google/gfwlist
-server=/.aboutgfw.com/127.0.0.1#5335
-ipset=/.aboutgfw.com/gfwlist
-server=/.abs.edu/127.0.0.1#5335
-ipset=/.abs.edu/gfwlist
 server=/.ac.jiruan.net/127.0.0.1#5335
 ipset=/.ac.jiruan.net/gfwlist
-server=/.accim.org/127.0.0.1#5335
-ipset=/.accim.org/gfwlist
 server=/.aceros-de-hispania.com/127.0.0.1#5335
 ipset=/.aceros-de-hispania.com/gfwlist
 server=/.acevpn.com/127.0.0.1#5335
 ipset=/.acevpn.com/gfwlist
-server=/.acg18.me/127.0.0.1#5335
-ipset=/.acg18.me/gfwlist
 server=/.acgkj.com/127.0.0.1#5335
 ipset=/.acgkj.com/gfwlist
 server=/.acmedia365.com/127.0.0.1#5335
@ -300,8 +288,6 @@ server=/.admob.com/127.0.0.1#5335
 ipset=/.admob.com/gfwlist
 server=/.adpl.org.hk/127.0.0.1#5335
 ipset=/.adpl.org.hk/gfwlist
-server=/.ads-twitter.com/127.0.0.1#5335
-ipset=/.ads-twitter.com/gfwlist
 server=/.adsense.com/127.0.0.1#5335
 ipset=/.adsense.com/gfwlist
 server=/.adult-sex-games.com/127.0.0.1#5335
@ -320,8 +306,6 @@ server=/.aex.com/127.0.0.1#5335
 ipset=/.aex.com/gfwlist
 server=/.af.mil/127.0.0.1#5335
 ipset=/.af.mil/gfwlist
-server=/.agnesb.fr/127.0.0.1#5335
-ipset=/.agnesb.fr/gfwlist
 server=/.agoogleaday.com/127.0.0.1#5335
 ipset=/.agoogleaday.com/gfwlist
 server=/.agro.hk/127.0.0.1#5335
@ -352,8 +336,6 @@ server=/.aiweiweiblog.com/127.0.0.1#5335
 ipset=/.aiweiweiblog.com/gfwlist
 server=/.akiba-online.com/127.0.0.1#5335
 ipset=/.akiba-online.com/gfwlist
-server=/.akiba-web.com/127.0.0.1#5335
-ipset=/.akiba-web.com/gfwlist
 server=/.akow.org/127.0.0.1#5335
 ipset=/.akow.org/gfwlist
 server=/.al-islam.com/127.0.0.1#5335
@ -414,8 +396,6 @@ server=/.alphaporno.com/127.0.0.1#5335
 ipset=/.alphaporno.com/gfwlist
 server=/.alternate-tools.com/127.0.0.1#5335
 ipset=/.alternate-tools.com/gfwlist
-server=/.altrec.com/127.0.0.1#5335
-ipset=/.altrec.com/gfwlist
 server=/.alvinalexander.com/127.0.0.1#5335
 ipset=/.alvinalexander.com/gfwlist
 server=/.alwaysdata.com/127.0.0.1#5335
@ -428,8 +408,8 @@ server=/.am730.com.hk/127.0.0.1#5335
 ipset=/.am730.com.hk/gfwlist
 server=/.amazon.co.jp/127.0.0.1#5335
 ipset=/.amazon.co.jp/gfwlist
-server=/.ameblo.jp/127.0.0.1#5335
-ipset=/.ameblo.jp/gfwlist
+server=/.ameba.jp/127.0.0.1#5335
+ipset=/.ameba.jp/gfwlist
 server=/.americangreencard.com/127.0.0.1#5335
 ipset=/.americangreencard.com/gfwlist
 server=/.americanunfinished.com/127.0.0.1#5335
@ -470,8 +450,6 @@ server=/.andygod.com/127.0.0.1#5335
 ipset=/.andygod.com/gfwlist
 server=/.angela-merkel.de/127.0.0.1#5335
 ipset=/.angela-merkel.de/gfwlist
-server=/.angola.org/127.0.0.1#5335
-ipset=/.angola.org/gfwlist
 server=/.angularjs.org/127.0.0.1#5335
 ipset=/.angularjs.org/gfwlist
 server=/.animecrazy.net/127.0.0.1#5335
@ -518,10 +496,6 @@ server=/.aolchannels.aol.com/127.0.0.1#5335
 ipset=/.aolchannels.aol.com/gfwlist
 server=/.aomiwang.com/127.0.0.1#5335
 ipset=/.aomiwang.com/gfwlist
-server=/.apartmentratings.com/127.0.0.1#5335
-ipset=/.apartmentratings.com/gfwlist
-server=/.apartments.com/127.0.0.1#5335
-ipset=/.apartments.com/gfwlist
 server=/.apetube.com/127.0.0.1#5335
 ipset=/.apetube.com/gfwlist
 server=/.api-secure.recaptcha.net/127.0.0.1#5335
@ -598,8 +572,6 @@ server=/.arctosia.com/127.0.0.1#5335
 ipset=/.arctosia.com/gfwlist
 server=/.areca-backup.org/127.0.0.1#5335
 ipset=/.areca-backup.org/gfwlist
-server=/.arena.taipei/127.0.0.1#5335
-ipset=/.arena.taipei/gfwlist
 server=/.arethusa.su/127.0.0.1#5335
 ipset=/.arethusa.su/gfwlist
 server=/.arlingtoncemetery.mil/127.0.0.1#5335
@ -644,16 +616,12 @@ server=/.assembla.com/127.0.0.1#5335
 ipset=/.assembla.com/gfwlist
 server=/.assets.bwbx.io/127.0.0.1#5335
 ipset=/.assets.bwbx.io/gfwlist
-server=/.assimp.org/127.0.0.1#5335
-ipset=/.assimp.org/gfwlist
 server=/.astrill.com/127.0.0.1#5335
 ipset=/.astrill.com/gfwlist
 server=/.atc.org.au/127.0.0.1#5335
 ipset=/.atc.org.au/gfwlist
 server=/.atchinese.com/127.0.0.1#5335
 ipset=/.atchinese.com/gfwlist
-server=/.atdmt.com/127.0.0.1#5335
-ipset=/.atdmt.com/gfwlist
 server=/.atgfw.org/127.0.0.1#5335
 ipset=/.atgfw.org/gfwlist
 server=/.athenaeizou.com/127.0.0.1#5335
@ -716,8 +684,6 @@ server=/.azerbaycan.tv/127.0.0.1#5335
 ipset=/.azerbaycan.tv/gfwlist
 server=/.azerimix.com/127.0.0.1#5335
 ipset=/.azerimix.com/gfwlist
-server=/.azubu.tv/127.0.0.1#5335
-ipset=/.azubu.tv/gfwlist
 server=/.b0ne.com/127.0.0.1#5335
 ipset=/.b0ne.com/gfwlist
 server=/.babynet.com.hk/127.0.0.1#5335
@ -732,8 +698,6 @@ server=/.badjojo.com/127.0.0.1#5335
 ipset=/.badjojo.com/gfwlist
 server=/.badoo.com/127.0.0.1#5335
 ipset=/.badoo.com/gfwlist
-server=/.baidu.jp/127.0.0.1#5335
-ipset=/.baidu.jp/gfwlist
 server=/.baijie.org/127.0.0.1#5335
 ipset=/.baijie.org/gfwlist
 server=/.bailandaily.com/127.0.0.1#5335
@ -746,6 +710,8 @@ server=/.banana-vpn.com/127.0.0.1#5335
 ipset=/.banana-vpn.com/gfwlist
 server=/.band.us/127.0.0.1#5335
 ipset=/.band.us/gfwlist
+server=/.bandpage.com/127.0.0.1#5335
+ipset=/.bandpage.com/gfwlist
 server=/.bandwagonhost.com/127.0.0.1#5335
 ipset=/.bandwagonhost.com/gfwlist
 server=/.bangbrosnetwork.com/127.0.0.1#5335
@ -756,14 +722,10 @@ server=/.bangdream.space/127.0.0.1#5335
 ipset=/.bangdream.space/gfwlist
 server=/.bangyoulater.com/127.0.0.1#5335
 ipset=/.bangyoulater.com/gfwlist
-server=/.bankmobilevibe.com/127.0.0.1#5335
-ipset=/.bankmobilevibe.com/gfwlist
 server=/.bannedbook.org/127.0.0.1#5335
 ipset=/.bannedbook.org/gfwlist
 server=/.bannednews.org/127.0.0.1#5335
 ipset=/.bannednews.org/gfwlist
-server=/.banorte.com/127.0.0.1#5335
-ipset=/.banorte.com/gfwlist
 server=/.baramangaonline.com/127.0.0.1#5335
 ipset=/.baramangaonline.com/gfwlist
 server=/.barenakedislam.com/127.0.0.1#5335
@ -774,8 +736,6 @@ server=/.barton.de/127.0.0.1#5335
 ipset=/.barton.de/gfwlist
 server=/.bartvpn.com/127.0.0.1#5335
 ipset=/.bartvpn.com/gfwlist
-server=/.bash-hackers.org/127.0.0.1#5335
-ipset=/.bash-hackers.org/gfwlist
 server=/.bastillepost.com/127.0.0.1#5335
 ipset=/.bastillepost.com/gfwlist
 server=/.bayvoice.net/127.0.0.1#5335
@ -920,8 +880,6 @@ server=/.bfsh.hk/127.0.0.1#5335
 ipset=/.bfsh.hk/gfwlist
 server=/.bgvpn.com/127.0.0.1#5335
 ipset=/.bgvpn.com/gfwlist
-server=/.bianlei.com/127.0.0.1#5335
-ipset=/.bianlei.com/gfwlist
 server=/.biantailajiao.com/127.0.0.1#5335
 ipset=/.biantailajiao.com/gfwlist
 server=/.biantailajiao.in/127.0.0.1#5335
@ -936,6 +894,8 @@ server=/.big.one/127.0.0.1#5335
 ipset=/.big.one/gfwlist
 server=/.bigfools.com/127.0.0.1#5335
 ipset=/.bigfools.com/gfwlist
+server=/.biggo.com.tw/127.0.0.1#5335
+ipset=/.biggo.com.tw/gfwlist
 server=/.bigjapanesesex.com/127.0.0.1#5335
 ipset=/.bigjapanesesex.com/gfwlist
 server=/.bigmoney.biz/127.0.0.1#5335
@ -1122,8 +1082,6 @@ server=/.bolin.netfirms.com/127.0.0.1#5335
 ipset=/.bolin.netfirms.com/gfwlist
 server=/.bonbonme.com/127.0.0.1#5335
 ipset=/.bonbonme.com/gfwlist
-server=/.bonbonsex.com/127.0.0.1#5335
-ipset=/.bonbonsex.com/gfwlist
 server=/.bonfoundation.org/127.0.0.1#5335
 ipset=/.bonfoundation.org/gfwlist
 server=/.bongacams.com/127.0.0.1#5335
@ -1352,8 +1310,6 @@ server=/.castbox.fm/127.0.0.1#5335
 ipset=/.castbox.fm/gfwlist
 server=/.catch22.net/127.0.0.1#5335
 ipset=/.catch22.net/gfwlist
-server=/.catchgod.com/127.0.0.1#5335
-ipset=/.catchgod.com/gfwlist
 server=/.catfightpayperview.xxx/127.0.0.1#5335
 ipset=/.catfightpayperview.xxx/gfwlist
 server=/.catholic.org.hk/127.0.0.1#5335
@ -1602,8 +1558,6 @@ server=/.chinasoul.org/127.0.0.1#5335
 ipset=/.chinasoul.org/gfwlist
 server=/.chinasucks.net/127.0.0.1#5335
 ipset=/.chinasucks.net/gfwlist
-server=/.chinatimes.com/127.0.0.1#5335
-ipset=/.chinatimes.com/gfwlist
 server=/.chinatopsex.com/127.0.0.1#5335
 ipset=/.chinatopsex.com/gfwlist
 server=/.chinatown.com.au/127.0.0.1#5335
@ -1656,8 +1610,6 @@ server=/.chithu.org/127.0.0.1#5335
 ipset=/.chithu.org/gfwlist
 server=/.chn.chosun.com/127.0.0.1#5335
 ipset=/.chn.chosun.com/gfwlist
-server=/.chobit.cc/127.0.0.1#5335
-ipset=/.chobit.cc/gfwlist
 server=/.chrdnet.com/127.0.0.1#5335
 ipset=/.chrdnet.com/gfwlist
 server=/.christianfreedom.org/127.0.0.1#5335
@ -1754,6 +1706,8 @@ server=/.clinica-tibet.ru/127.0.0.1#5335
 ipset=/.clinica-tibet.ru/gfwlist
 server=/.clipfish.de/127.0.0.1#5335
 ipset=/.clipfish.de/gfwlist
+server=/.clips4sale.com/127.0.0.1#5335
+ipset=/.clips4sale.com/gfwlist
 server=/.cloakpoint.com/127.0.0.1#5335
 ipset=/.cloakpoint.com/gfwlist
 server=/.cloud.feedly.com/127.0.0.1#5335
@ -1790,8 +1744,6 @@ server=/.cn.freeones.com/127.0.0.1#5335
 ipset=/.cn.freeones.com/gfwlist
 server=/.cn.ibtimes.com/127.0.0.1#5335
 ipset=/.cn.ibtimes.com/gfwlist
-server=/.cn.nytstyle.com/127.0.0.1#5335
-ipset=/.cn.nytstyle.com/gfwlist
 server=/.cn.sandscotaicentral.com/127.0.0.1#5335
 ipset=/.cn.sandscotaicentral.com/gfwlist
 server=/.cn.shafaqna.com/127.0.0.1#5335
@ -1948,8 +1900,6 @@ server=/.cristyli.com/127.0.0.1#5335
 ipset=/.cristyli.com/gfwlist
 server=/.crocotube.com/127.0.0.1#5335
 ipset=/.crocotube.com/gfwlist
-server=/.crossfire.co.kr/127.0.0.1#5335
-ipset=/.crossfire.co.kr/gfwlist
 server=/.crossthewall.net/127.0.0.1#5335
 ipset=/.crossthewall.net/gfwlist
 server=/.crossvpn.net/127.0.0.1#5335
@ -2116,8 +2066,6 @@ server=/.darktech.org/127.0.0.1#5335
 ipset=/.darktech.org/gfwlist
 server=/.darktoy.net/127.0.0.1#5335
 ipset=/.darktoy.net/gfwlist
-server=/.darpa.mil/127.0.0.1#5335
-ipset=/.darpa.mil/gfwlist
 server=/.dastrassi.org/127.0.0.1#5335
 ipset=/.dastrassi.org/gfwlist
 server=/.data-vocabulary.org/127.0.0.1#5335
@ -2130,8 +2078,6 @@ server=/.daum.net/127.0.0.1#5335
 ipset=/.daum.net/gfwlist
 server=/.david-kilgour.com/127.0.0.1#5335
 ipset=/.david-kilgour.com/gfwlist
-server=/.dawangidc.com/127.0.0.1#5335
-ipset=/.dawangidc.com/gfwlist
 server=/.daxa.cn/127.0.0.1#5335
 ipset=/.daxa.cn/gfwlist
 server=/.db.tt/127.0.0.1#5335
@ -2166,6 +2112,8 @@ server=/.deck.ly/127.0.0.1#5335
 ipset=/.deck.ly/gfwlist
 server=/.decodet.co/127.0.0.1#5335
 ipset=/.decodet.co/gfwlist
+server=/.deepdiscount.com/127.0.0.1#5335
+ipset=/.deepdiscount.com/gfwlist
 server=/.deepmind.com/127.0.0.1#5335
 ipset=/.deepmind.com/gfwlist
 server=/.deezer.com/127.0.0.1#5335
@ -2228,8 +2176,6 @@ server=/.diigo.com/127.0.0.1#5335
 ipset=/.diigo.com/gfwlist
 server=/.dilber.se/127.0.0.1#5335
 ipset=/.dilber.se/gfwlist
-server=/.dingchin.com.tw/127.0.0.1#5335
-ipset=/.dingchin.com.tw/gfwlist
 server=/.dipity.com/127.0.0.1#5335
 ipset=/.dipity.com/gfwlist
 server=/.directcreative.com/127.0.0.1#5335
@ -2270,14 +2216,10 @@ server=/.dlsite.com/127.0.0.1#5335
 ipset=/.dlsite.com/gfwlist
 server=/.dlyoutube.com/127.0.0.1#5335
 ipset=/.dlyoutube.com/gfwlist
-server=/.dm530.net/127.0.0.1#5335
-ipset=/.dm530.net/gfwlist
 server=/.dmcdn.net/127.0.0.1#5335
 ipset=/.dmcdn.net/gfwlist
 server=/.dmhy.org/127.0.0.1#5335
 ipset=/.dmhy.org/gfwlist
-server=/.dmm.co.jp/127.0.0.1#5335
-ipset=/.dmm.co.jp/gfwlist
 server=/.dns-dns.com/127.0.0.1#5335
 ipset=/.dns-dns.com/gfwlist
 server=/.dns-stuff.com/127.0.0.1#5335
@ -2302,8 +2244,6 @@ server=/.dnsrd.com/127.0.0.1#5335
 ipset=/.dnsrd.com/gfwlist
 server=/.dnssec.net/127.0.0.1#5335
 ipset=/.dnssec.net/gfwlist
-server=/.dnvod.tv/127.0.0.1#5335
-ipset=/.dnvod.tv/gfwlist
 server=/.doctorvoice.org/127.0.0.1#5335
 ipset=/.doctorvoice.org/gfwlist
 server=/.documentingreality.com/127.0.0.1#5335
@ -2338,6 +2278,8 @@ server=/.dontmovetochina.com/127.0.0.1#5335
 ipset=/.dontmovetochina.com/gfwlist
 server=/.dorjeshugden.com/127.0.0.1#5335
 ipset=/.dorjeshugden.com/gfwlist
+server=/.dotgov.gov/127.0.0.1#5335
+ipset=/.dotgov.gov/gfwlist
 server=/.dotplane.com/127.0.0.1#5335
 ipset=/.dotplane.com/gfwlist
 server=/.dotsub.com/127.0.0.1#5335
@ -2554,8 +2496,6 @@ server=/.edubridge.com/127.0.0.1#5335
 ipset=/.edubridge.com/gfwlist
 server=/.edupro.org/127.0.0.1#5335
 ipset=/.edupro.org/gfwlist
-server=/.eesti.ee/127.0.0.1#5335
-ipset=/.eesti.ee/gfwlist
 server=/.eevpn.com/127.0.0.1#5335
 ipset=/.eevpn.com/gfwlist
 server=/.efcc.org.hk/127.0.0.1#5335
@ -2702,8 +2642,6 @@ server=/.eslite.com/127.0.0.1#5335
 ipset=/.eslite.com/gfwlist
 server=/.esmtp.biz/127.0.0.1#5335
 ipset=/.esmtp.biz/gfwlist
-server=/.esurance.com/127.0.0.1#5335
-ipset=/.esurance.com/gfwlist
 server=/.etaa.org.au/127.0.0.1#5335
 ipset=/.etaa.org.au/gfwlist
 server=/.etadult.com/127.0.0.1#5335
@ -2910,8 +2848,6 @@ server=/.farwestchina.com/127.0.0.1#5335
 ipset=/.farwestchina.com/gfwlist
 server=/.fast.wistia.com/127.0.0.1#5335
 ipset=/.fast.wistia.com/gfwlist
-server=/.fastpic.ru/127.0.0.1#5335
-ipset=/.fastpic.ru/gfwlist
 server=/.fastssh.com/127.0.0.1#5335
 ipset=/.fastssh.com/gfwlist
 server=/.faststone.org/127.0.0.1#5335
@ -2996,16 +2932,12 @@ server=/.fileflyer.com/127.0.0.1#5335
 ipset=/.fileflyer.com/gfwlist
 server=/.files2me.com/127.0.0.1#5335
 ipset=/.files2me.com/gfwlist
-server=/.filesor.com/127.0.0.1#5335
-ipset=/.filesor.com/gfwlist
 server=/.fillthesquare.org/127.0.0.1#5335
 ipset=/.fillthesquare.org/gfwlist
 server=/.filmingfortibet.org/127.0.0.1#5335
 ipset=/.filmingfortibet.org/gfwlist
 server=/.filthdump.com/127.0.0.1#5335
 ipset=/.filthdump.com/gfwlist
-server=/.financetwitter.com/127.0.0.1#5335
-ipset=/.financetwitter.com/gfwlist
 server=/.finchvpn.com/127.0.0.1#5335
 ipset=/.finchvpn.com/gfwlist
 server=/.findmespot.com/127.0.0.1#5335
@ -3062,10 +2994,6 @@ server=/.flyvpn.com/127.0.0.1#5335
 ipset=/.flyvpn.com/gfwlist
 server=/.flyzy2005.com/127.0.0.1#5335
 ipset=/.flyzy2005.com/gfwlist
-server=/.fnac.be/127.0.0.1#5335
-ipset=/.fnac.be/gfwlist
-server=/.fnac.com/127.0.0.1#5335
-ipset=/.fnac.com/gfwlist
 server=/.fochk.org/127.0.0.1#5335
 ipset=/.fochk.org/gfwlist
 server=/.focustaiwan.tw/127.0.0.1#5335
@ -3318,8 +3246,6 @@ server=/.fw.cm/127.0.0.1#5335
 ipset=/.fw.cm/gfwlist
 server=/.fxcm-chinese.com/127.0.0.1#5335
 ipset=/.fxcm-chinese.com/gfwlist
-server=/.fxnetworks.com/127.0.0.1#5335
-ipset=/.fxnetworks.com/gfwlist
 server=/.fzh999.com/127.0.0.1#5335
 ipset=/.fzh999.com/gfwlist
 server=/.fzh999.net/127.0.0.1#5335
@ -3470,10 +3396,6 @@ server=/.getsync.com/127.0.0.1#5335
 ipset=/.getsync.com/gfwlist
 server=/.gettrials.com/127.0.0.1#5335
 ipset=/.gettrials.com/gfwlist
-server=/.gettyimages.com/127.0.0.1#5335
-ipset=/.gettyimages.com/gfwlist
-server=/.getuploader.com/127.0.0.1#5335
-ipset=/.getuploader.com/gfwlist
 server=/.gfbv.de/127.0.0.1#5335
 ipset=/.gfbv.de/gfwlist
 server=/.gfgold.com.hk/127.0.0.1#5335
@ -3512,8 +3434,6 @@ server=/.gjczz.com/127.0.0.1#5335
 ipset=/.gjczz.com/gfwlist
 server=/.glass8.eu/127.0.0.1#5335
 ipset=/.glass8.eu/gfwlist
-server=/.global.bing.com/127.0.0.1#5335
-ipset=/.global.bing.com/gfwlist
 server=/.globaljihad.net/127.0.0.1#5335
 ipset=/.globaljihad.net/gfwlist
 server=/.globalmediaoutreach.com/127.0.0.1#5335
@ -3536,8 +3456,6 @@ server=/.gloryhole.com/127.0.0.1#5335
 ipset=/.gloryhole.com/gfwlist
 server=/.glorystar.me/127.0.0.1#5335
 ipset=/.glorystar.me/gfwlist
-server=/.glype.com/127.0.0.1#5335
-ipset=/.glype.com/gfwlist
 server=/.gmail.com/127.0.0.1#5335
 ipset=/.gmail.com/gfwlist
 server=/.gmbd.cn/127.0.0.1#5335
@ -4214,10 +4132,6 @@ server=/.hkzone.org/127.0.0.1#5335
 ipset=/.hkzone.org/gfwlist
 server=/.hmonghot.com/127.0.0.1#5335
 ipset=/.hmonghot.com/gfwlist
-server=/.hmvdigital.ca/127.0.0.1#5335
-ipset=/.hmvdigital.ca/gfwlist
-server=/.hmvdigital.com/127.0.0.1#5335
-ipset=/.hmvdigital.com/gfwlist
 server=/.hnjhj.com/127.0.0.1#5335
 ipset=/.hnjhj.com/gfwlist
 server=/.hnntube.com/127.0.0.1#5335
@ -4234,8 +4148,6 @@ server=/.holyspiritspeaks.org/127.0.0.1#5335
 ipset=/.holyspiritspeaks.org/gfwlist
 server=/.home.sina.com/127.0.0.1#5335
 ipset=/.home.sina.com/gfwlist
-server=/.homedepot.com/127.0.0.1#5335
-ipset=/.homedepot.com/gfwlist
 server=/.homeperversion.com/127.0.0.1#5335
 ipset=/.homeperversion.com/gfwlist
 server=/.homeservershow.com/127.0.0.1#5335
@ -4248,8 +4160,6 @@ server=/.hongzhi.li/127.0.0.1#5335
 ipset=/.hongzhi.li/gfwlist
 server=/.hootsuite.com/127.0.0.1#5335
 ipset=/.hootsuite.com/gfwlist
-server=/.hoovers.com/127.0.0.1#5335
-ipset=/.hoovers.com/gfwlist
 server=/.hopedialogue.org/127.0.0.1#5335
 ipset=/.hopedialogue.org/gfwlist
 server=/.hopto.org/127.0.0.1#5335
@ -4522,8 +4432,6 @@ server=/.illusionfactory.com/127.0.0.1#5335
 ipset=/.illusionfactory.com/gfwlist
 server=/.ilove80.be/127.0.0.1#5335
 ipset=/.ilove80.be/gfwlist
-server=/.ilovelongtoes.com/127.0.0.1#5335
-ipset=/.ilovelongtoes.com/gfwlist
 server=/.im.tv/127.0.0.1#5335
 ipset=/.im.tv/gfwlist
 server=/.im88.tw/127.0.0.1#5335
@ -4536,8 +4444,6 @@ server=/.imageflea.com/127.0.0.1#5335
 ipset=/.imageflea.com/gfwlist
 server=/.images-gaytube.com/127.0.0.1#5335
 ipset=/.images-gaytube.com/gfwlist
-server=/.images.comico.tw/127.0.0.1#5335
-ipset=/.images.comico.tw/gfwlist
 server=/.imageshack.us/127.0.0.1#5335
 ipset=/.imageshack.us/gfwlist
 server=/.imagevenue.com/127.0.0.1#5335
@ -4664,8 +4570,6 @@ server=/.isaacmao.com/127.0.0.1#5335
 ipset=/.isaacmao.com/gfwlist
 server=/.isasecret.com/127.0.0.1#5335
 ipset=/.isasecret.com/gfwlist
-server=/.isc.sans.edu/127.0.0.1#5335
-ipset=/.isc.sans.edu/gfwlist
 server=/.isgreat.org/127.0.0.1#5335
 ipset=/.isgreat.org/gfwlist
 server=/.islahhaber.net/127.0.0.1#5335
@ -4770,6 +4674,8 @@ server=/.jav68.tv/127.0.0.1#5335
 ipset=/.jav68.tv/gfwlist
 server=/.javakiba.org/127.0.0.1#5335
 ipset=/.javakiba.org/gfwlist
+server=/.javbus.co/127.0.0.1#5335
+ipset=/.javbus.co/gfwlist
 server=/.javbus.com/127.0.0.1#5335
 ipset=/.javbus.com/gfwlist
 server=/.javfor.me/127.0.0.1#5335
@ -4778,10 +4684,6 @@ server=/.javhd.com/127.0.0.1#5335
 ipset=/.javhd.com/gfwlist
 server=/.javhip.com/127.0.0.1#5335
 ipset=/.javhip.com/gfwlist
-server=/.javhub.net/127.0.0.1#5335
-ipset=/.javhub.net/gfwlist
-server=/.javhuge.com/127.0.0.1#5335
-ipset=/.javhuge.com/gfwlist
 server=/.javlibrary.com/127.0.0.1#5335
 ipset=/.javlibrary.com/gfwlist
 server=/.javmobile.net/127.0.0.1#5335
@ -4804,8 +4706,6 @@ server=/.jbtalks.com/127.0.0.1#5335
 ipset=/.jbtalks.com/gfwlist
 server=/.jbtalks.my/127.0.0.1#5335
 ipset=/.jbtalks.my/gfwlist
-server=/.jcpenney.com/127.0.0.1#5335
-ipset=/.jcpenney.com/gfwlist
 server=/.jdwsy.com/127.0.0.1#5335
 ipset=/.jdwsy.com/gfwlist
 server=/.jeanyim.com/127.0.0.1#5335
@ -4838,8 +4738,6 @@ server=/.jihadology.net/127.0.0.1#5335
 ipset=/.jihadology.net/gfwlist
 server=/.jiji.com/127.0.0.1#5335
 ipset=/.jiji.com/gfwlist
-server=/.jims.net/127.0.0.1#5335
-ipset=/.jims.net/gfwlist
 server=/.jinbushe.org/127.0.0.1#5335
 ipset=/.jinbushe.org/gfwlist
 server=/.jingpin.org/127.0.0.1#5335
@ -4974,8 +4872,6 @@ server=/.kawaiikawaii.jp/127.0.0.1#5335
 ipset=/.kawaiikawaii.jp/gfwlist
 server=/.kawase.com/127.0.0.1#5335
 ipset=/.kawase.com/gfwlist
-server=/.kb.monitorware.com/127.0.0.1#5335
-ipset=/.kb.monitorware.com/gfwlist
 server=/.kba-tx.org/127.0.0.1#5335
 ipset=/.kba-tx.org/gfwlist
 server=/.kcoolonline.com/127.0.0.1#5335
@ -5002,8 +4898,6 @@ server=/.keycdn.com/127.0.0.1#5335
 ipset=/.keycdn.com/gfwlist
 server=/.khabdha.org/127.0.0.1#5335
 ipset=/.khabdha.org/gfwlist
-server=/.khatrimaza.org/127.0.0.1#5335
-ipset=/.khatrimaza.org/gfwlist
 server=/.khmusic.com.tw/127.0.0.1#5335
 ipset=/.khmusic.com.tw/gfwlist
 server=/.kichiku-doujinko.com/127.0.0.1#5335
@ -5166,8 +5060,6 @@ server=/.leirentv.ca/127.0.0.1#5335
 ipset=/.leirentv.ca/gfwlist
 server=/.leisurecafe.ca/127.0.0.1#5335
 ipset=/.leisurecafe.ca/gfwlist
-server=/.leisurepro.com/127.0.0.1#5335
-ipset=/.leisurepro.com/gfwlist
 server=/.lematin.ch/127.0.0.1#5335
 ipset=/.lematin.ch/gfwlist
 server=/.lemonde.fr/127.0.0.1#5335
@ -5208,8 +5100,6 @@ server=/.liberal.org.hk/127.0.0.1#5335
 ipset=/.liberal.org.hk/gfwlist
 server=/.libertytimes.com.tw/127.0.0.1#5335
 ipset=/.libertytimes.com.tw/gfwlist
-server=/.lifemiles.com/127.0.0.1#5335
-ipset=/.lifemiles.com/gfwlist
 server=/.lighten.org.tw/127.0.0.1#5335
 ipset=/.lighten.org.tw/gfwlist
 server=/.lighti.me/127.0.0.1#5335
@ -5316,8 +5206,6 @@ server=/.longmusic.com/127.0.0.1#5335
 ipset=/.longmusic.com/gfwlist
 server=/.longtermly.net/127.0.0.1#5335
 ipset=/.longtermly.net/gfwlist
-server=/.longtoes.com/127.0.0.1#5335
-ipset=/.longtoes.com/gfwlist
 server=/.lookpic.com/127.0.0.1#5335
 ipset=/.lookpic.com/gfwlist
 server=/.looktoronto.com/127.0.0.1#5335
@ -5376,8 +5264,6 @@ server=/.m.plixi.com/127.0.0.1#5335
 ipset=/.m.plixi.com/gfwlist
 server=/.m.slandr.net/127.0.0.1#5335
 ipset=/.m.slandr.net/gfwlist
-server=/.macgamestore.com/127.0.0.1#5335
-ipset=/.macgamestore.com/gfwlist
 server=/.macrovpn.com/127.0.0.1#5335
 ipset=/.macrovpn.com/gfwlist
 server=/.macts.com.tw/127.0.0.1#5335
@ -5420,10 +5306,6 @@ server=/.mamingzhe.com/127.0.0.1#5335
 ipset=/.mamingzhe.com/gfwlist
 server=/.manchukuo.net/127.0.0.1#5335
 ipset=/.manchukuo.net/gfwlist
-server=/.mangafox.com/127.0.0.1#5335
-ipset=/.mangafox.com/gfwlist
-server=/.mangafox.me/127.0.0.1#5335
-ipset=/.mangafox.me/gfwlist
 server=/.maniash.com/127.0.0.1#5335
 ipset=/.maniash.com/gfwlist
 server=/.manicur4ik.ru/127.0.0.1#5335
@ -5574,8 +5456,6 @@ server=/.meyou.jp/127.0.0.1#5335
 ipset=/.meyou.jp/gfwlist
 server=/.meyul.com/127.0.0.1#5335
 ipset=/.meyul.com/gfwlist
-server=/.mfxmedia.com/127.0.0.1#5335
-ipset=/.mfxmedia.com/gfwlist
 server=/.mgoon.com/127.0.0.1#5335
 ipset=/.mgoon.com/gfwlist
 server=/.mgstage.com/127.0.0.1#5335
@ -5746,8 +5626,6 @@ server=/.moodyz.com/127.0.0.1#5335
 ipset=/.moodyz.com/gfwlist
 server=/.moonbbs.com/127.0.0.1#5335
 ipset=/.moonbbs.com/gfwlist
-server=/.moonbingo.com/127.0.0.1#5335
-ipset=/.moonbingo.com/gfwlist
 server=/.morningsun.org/127.0.0.1#5335
 ipset=/.morningsun.org/gfwlist
 server=/.moroneta.com/127.0.0.1#5335
@ -5824,8 +5702,6 @@ server=/.muzi.com/127.0.0.1#5335
 ipset=/.muzi.com/gfwlist
 server=/.muzi.net/127.0.0.1#5335
 ipset=/.muzi.net/gfwlist
-server=/.muzu.tv/127.0.0.1#5335
-ipset=/.muzu.tv/gfwlist
 server=/.mvdis.gov.tw/127.0.0.1#5335
 ipset=/.mvdis.gov.tw/gfwlist
 server=/.mvg.jp/127.0.0.1#5335
@ -5986,6 +5862,8 @@ server=/.nccwatch.org.tw/127.0.0.1#5335
 ipset=/.nccwatch.org.tw/gfwlist
 server=/.nch.com.tw/127.0.0.1#5335
 ipset=/.nch.com.tw/gfwlist
+server=/.nchrd.org/127.0.0.1#5335
+ipset=/.nchrd.org/gfwlist
 server=/.ncn.org/127.0.0.1#5335
 ipset=/.ncn.org/gfwlist
 server=/.nde.de/127.0.0.1#5335
@ -5996,8 +5874,6 @@ server=/.ned.org/127.0.0.1#5335
 ipset=/.ned.org/gfwlist
 server=/.nekoslovakia.net/127.0.0.1#5335
 ipset=/.nekoslovakia.net/gfwlist
-server=/.neo-miracle.com/127.0.0.1#5335
-ipset=/.neo-miracle.com/gfwlist
 server=/.nepusoku.com/127.0.0.1#5335
 ipset=/.nepusoku.com/gfwlist
 server=/.net-fits.pro/127.0.0.1#5335
@ -6128,8 +6004,6 @@ server=/.nic.cz.cc/127.0.0.1#5335
 ipset=/.nic.cz.cc/gfwlist
 server=/.nic.google/127.0.0.1#5335
 ipset=/.nic.google/gfwlist
-server=/.nic.gov/127.0.0.1#5335
-ipset=/.nic.gov/gfwlist
 server=/.nicovideo.jp/127.0.0.1#5335
 ipset=/.nicovideo.jp/gfwlist
 server=/.nighost.org/127.0.0.1#5335
@ -6176,16 +6050,14 @@ server=/.norbulingka.org/127.0.0.1#5335
 ipset=/.norbulingka.org/gfwlist
 server=/.nordstrom.com/127.0.0.1#5335
 ipset=/.nordstrom.com/gfwlist
-server=/.nordstromimage.com/127.0.0.1#5335
-ipset=/.nordstromimage.com/gfwlist
+server=/.nordstrommedia.com/127.0.0.1#5335
+ipset=/.nordstrommedia.com/gfwlist
 server=/.nordstromrack.com/127.0.0.1#5335
 ipset=/.nordstromrack.com/gfwlist
 server=/.nordvpn.com/127.0.0.1#5335
 ipset=/.nordvpn.com/gfwlist
 server=/.notify.dropboxapi.com/127.0.0.1#5335
 ipset=/.notify.dropboxapi.com/gfwlist
-server=/.nottinghampost.com/127.0.0.1#5335
-ipset=/.nottinghampost.com/gfwlist
 server=/.novelasia.com/127.0.0.1#5335
 ipset=/.novelasia.com/gfwlist
 server=/.now.com/127.0.0.1#5335
@ -6206,8 +6078,6 @@ server=/.npnt.me/127.0.0.1#5335
 ipset=/.npnt.me/gfwlist
 server=/.nps.gov/127.0.0.1#5335
 ipset=/.nps.gov/gfwlist
-server=/.npsboost.com/127.0.0.1#5335
-ipset=/.npsboost.com/gfwlist
 server=/.nradio.me/127.0.0.1#5335
 ipset=/.nradio.me/gfwlist
 server=/.nrk.no/127.0.0.1#5335
@ -6246,8 +6116,6 @@ server=/.ntdtv.co.kr/127.0.0.1#5335
 ipset=/.ntdtv.co.kr/gfwlist
 server=/.ntdtv.com/127.0.0.1#5335
 ipset=/.ntdtv.com/gfwlist
-server=/.ntdtv.cz/127.0.0.1#5335
-ipset=/.ntdtv.cz/gfwlist
 server=/.ntdtv.org/127.0.0.1#5335
 ipset=/.ntdtv.org/gfwlist
 server=/.ntdtv.ru/127.0.0.1#5335
@ -6260,14 +6128,14 @@ server=/.ntsna.gov.tw/127.0.0.1#5335
 ipset=/.ntsna.gov.tw/gfwlist
 server=/.nubiles.net/127.0.0.1#5335
 ipset=/.nubiles.net/gfwlist
+server=/.nudezz.com/127.0.0.1#5335
+ipset=/.nudezz.com/gfwlist
 server=/.nuexpo.com/127.0.0.1#5335
 ipset=/.nuexpo.com/gfwlist
 server=/.nukistream.com/127.0.0.1#5335
 ipset=/.nukistream.com/gfwlist
 server=/.nurgo-software.com/127.0.0.1#5335
 ipset=/.nurgo-software.com/gfwlist
-server=/.nusatrip.com/127.0.0.1#5335
-ipset=/.nusatrip.com/gfwlist
 server=/.nutaku.net/127.0.0.1#5335
 ipset=/.nutaku.net/gfwlist
 server=/.nuuvem.com/127.0.0.1#5335
@ -6332,6 +6200,8 @@ server=/.ocreampies.com/127.0.0.1#5335
 ipset=/.ocreampies.com/gfwlist
 server=/.ocry.com/127.0.0.1#5335
 ipset=/.ocry.com/gfwlist
+server=/.ocsp.int-x3.letsencrypt.org/127.0.0.1#5335
+ipset=/.ocsp.int-x3.letsencrypt.org/gfwlist
 server=/.october-review.org/127.0.0.1#5335
 ipset=/.october-review.org/gfwlist
 server=/.oculus.com/127.0.0.1#5335
@ -6382,8 +6252,6 @@ server=/.on.cc/127.0.0.1#5335
 ipset=/.on.cc/gfwlist
 server=/.on2.com/127.0.0.1#5335
 ipset=/.on2.com/gfwlist
-server=/.onapp.com/127.0.0.1#5335
-ipset=/.onapp.com/gfwlist
 server=/.onedrive.live.com/127.0.0.1#5335
 ipset=/.onedrive.live.com/gfwlist
 server=/.onedumb.com/127.0.0.1#5335
@ -6416,8 +6284,6 @@ server=/.onmypc.us/127.0.0.1#5335
 ipset=/.onmypc.us/gfwlist
 server=/.onthehunt.com/127.0.0.1#5335
 ipset=/.onthehunt.com/gfwlist
-server=/.ontrac.com/127.0.0.1#5335
-ipset=/.ontrac.com/gfwlist
 server=/.oopsforum.com/127.0.0.1#5335
 ipset=/.oopsforum.com/gfwlist
 server=/.open.com.hk/127.0.0.1#5335
@ -6552,8 +6418,8 @@ server=/.paradisehill.cc/127.0.0.1#5335
 ipset=/.paradisehill.cc/gfwlist
 server=/.paradisepoker.com/127.0.0.1#5335
 ipset=/.paradisepoker.com/gfwlist
-server=/.parkansky.com/127.0.0.1#5335
-ipset=/.parkansky.com/gfwlist
+server=/.parts.blog.livedoor.jp/127.0.0.1#5335
+ipset=/.parts.blog.livedoor.jp/gfwlist
 server=/.partycasino.com/127.0.0.1#5335
 ipset=/.partycasino.com/gfwlist
 server=/.partypoker.com/127.0.0.1#5335
@ -6906,6 +6772,8 @@ server=/.proxomitron.info/127.0.0.1#5335
 ipset=/.proxomitron.info/gfwlist
 server=/.proxpn.com/127.0.0.1#5335
 ipset=/.proxpn.com/gfwlist
+server=/.proxy.org/127.0.0.1#5335
+ipset=/.proxy.org/gfwlist
 server=/.proxy1.xyz/127.0.0.1#5335
 ipset=/.proxy1.xyz/gfwlist
 server=/.proxyanonimo.es/127.0.0.1#5335
@ -6948,6 +6816,8 @@ server=/.pttvan.org/127.0.0.1#5335
 ipset=/.pttvan.org/gfwlist
 server=/.pubu.com.tw/127.0.0.1#5335
 ipset=/.pubu.com.tw/gfwlist
+server=/.puffin.com/127.0.0.1#5335
+ipset=/.puffin.com/gfwlist
 server=/.puffinbrowser.com/127.0.0.1#5335
 ipset=/.puffinbrowser.com/gfwlist
 server=/.puffstore.com/127.0.0.1#5335
@ -6956,8 +6826,6 @@ server=/.pullfolio.com/127.0.0.1#5335
 ipset=/.pullfolio.com/gfwlist
 server=/.pulse.yahoo.com/127.0.0.1#5335
 ipset=/.pulse.yahoo.com/gfwlist
-server=/.pure18.com/127.0.0.1#5335
-ipset=/.pure18.com/gfwlist
 server=/.pureconcepts.net/127.0.0.1#5335
 ipset=/.pureconcepts.net/gfwlist
 server=/.pureinsight.org/127.0.0.1#5335
@ -6984,8 +6852,6 @@ server=/.pwned.com/127.0.0.1#5335
 ipset=/.pwned.com/gfwlist
 server=/.python.com/127.0.0.1#5335
 ipset=/.python.com/gfwlist
-server=/.pytorch.org/127.0.0.1#5335
-ipset=/.pytorch.org/gfwlist
 server=/.qanote.com/127.0.0.1#5335
 ipset=/.qanote.com/gfwlist
 server=/.qgirl.com.tw/127.0.0.1#5335
@ -7012,8 +6878,6 @@ server=/.qoos.com/127.0.0.1#5335
 ipset=/.qoos.com/gfwlist
 server=/.qpoe.com/127.0.0.1#5335
 ipset=/.qpoe.com/gfwlist
-server=/.qq.co.za/127.0.0.1#5335
-ipset=/.qq.co.za/gfwlist
 server=/.qstatus.com/127.0.0.1#5335
 ipset=/.qstatus.com/gfwlist
 server=/.qtrac.eu/127.0.0.1#5335
@ -7046,8 +6910,6 @@ server=/.qxbbs.org/127.0.0.1#5335
 ipset=/.qxbbs.org/gfwlist
 server=/.qz.com/127.0.0.1#5335
 ipset=/.qz.com/gfwlist
-server=/.r18.com/127.0.0.1#5335
-ipset=/.r18.com/gfwlist
 server=/.ra.gg/127.0.0.1#5335
 ipset=/.ra.gg/gfwlist
 server=/.radicalparty.org/127.0.0.1#5335
@ -7070,8 +6932,8 @@ server=/.raidtalk.com.tw/127.0.0.1#5335
 ipset=/.raidtalk.com.tw/gfwlist
 server=/.raizoji.or.jp/127.0.0.1#5335
 ipset=/.raizoji.or.jp/gfwlist
-server=/.ramcity.com.au/127.0.0.1#5335
-ipset=/.ramcity.com.au/gfwlist
+server=/.rakuten.co.jp/127.0.0.1#5335
+ipset=/.rakuten.co.jp/gfwlist
 server=/.rangwang.biz/127.0.0.1#5335
 ipset=/.rangwang.biz/gfwlist
 server=/.rangzen.com/127.0.0.1#5335
@ -7108,10 +6970,6 @@ server=/.rcinet.ca/127.0.0.1#5335
 ipset=/.rcinet.ca/gfwlist
 server=/.rconversation.blogs.com/127.0.0.1#5335
 ipset=/.rconversation.blogs.com/gfwlist
-server=/.rd.com/127.0.0.1#5335
-ipset=/.rd.com/gfwlist
-server=/.rdio.com/127.0.0.1#5335
-ipset=/.rdio.com/gfwlist
 server=/.read01.com/127.0.0.1#5335
 ipset=/.read01.com/gfwlist
 server=/.read100.com/127.0.0.1#5335
@ -7126,8 +6984,6 @@ server=/.realcourage.org/127.0.0.1#5335
 ipset=/.realcourage.org/gfwlist
 server=/.realforum.zkiz.com/127.0.0.1#5335
 ipset=/.realforum.zkiz.com/gfwlist
-server=/.realitykings.com/127.0.0.1#5335
-ipset=/.realitykings.com/gfwlist
 server=/.realraptalk.com/127.0.0.1#5335
 ipset=/.realraptalk.com/gfwlist
 server=/.realsexpass.com/127.0.0.1#5335
@ -7298,8 +7154,6 @@ server=/.s-cute.com/127.0.0.1#5335
 ipset=/.s-cute.com/gfwlist
 server=/.s-dragon.org/127.0.0.1#5335
 ipset=/.s-dragon.org/gfwlist
-server=/.s1.nudezz.com/127.0.0.1#5335
-ipset=/.s1.nudezz.com/gfwlist
 server=/.s1heng.com/127.0.0.1#5335
 ipset=/.s1heng.com/gfwlist
 server=/.s1s1s1.com/127.0.0.1#5335
@ -7472,8 +7326,6 @@ server=/.sexinsex.net/127.0.0.1#5335
 ipset=/.sexinsex.net/gfwlist
 server=/.sextvx.com/127.0.0.1#5335
 ipset=/.sextvx.com/gfwlist
-server=/.sexxxy.biz/127.0.0.1#5335
-ipset=/.sexxxy.biz/gfwlist
 server=/.sfileydy.com/127.0.0.1#5335
 ipset=/.sfileydy.com/gfwlist
 server=/.sfshibao.com/127.0.0.1#5335
@ -7514,8 +7366,6 @@ server=/.shapeservices.com/127.0.0.1#5335
 ipset=/.shapeservices.com/gfwlist
 server=/.share.america.gov/127.0.0.1#5335
 ipset=/.share.america.gov/gfwlist
-server=/.share.dmhy.org/127.0.0.1#5335
-ipset=/.share.dmhy.org/gfwlist
 server=/.share.youthwant.com.tw/127.0.0.1#5335
 ipset=/.share.youthwant.com.tw/gfwlist
 server=/.sharebee.com/127.0.0.1#5335
@ -7552,6 +7402,8 @@ server=/.shicheng.org/127.0.0.1#5335
 ipset=/.shicheng.org/gfwlist
 server=/.shiksha.com/127.0.0.1#5335
 ipset=/.shiksha.com/gfwlist
+server=/.shiksha.ws/127.0.0.1#5335
+ipset=/.shiksha.ws/gfwlist
 server=/.shinychan.com/127.0.0.1#5335
 ipset=/.shinychan.com/gfwlist
 server=/.shipcamouflage.com/127.0.0.1#5335
@ -7670,8 +7522,6 @@ server=/.skyvegas.com/127.0.0.1#5335
 ipset=/.skyvegas.com/gfwlist
 server=/.skyxvpn.com/127.0.0.1#5335
 ipset=/.skyxvpn.com/gfwlist
-server=/.slacker.com/127.0.0.1#5335
-ipset=/.slacker.com/gfwlist
 server=/.slaytizle.com/127.0.0.1#5335
 ipset=/.slaytizle.com/gfwlist
 server=/.sleazydream.com/127.0.0.1#5335
@ -7812,8 +7662,6 @@ server=/.southnews.com.tw/127.0.0.1#5335
 ipset=/.southnews.com.tw/gfwlist
 server=/.sowers.org.hk/127.0.0.1#5335
 ipset=/.sowers.org.hk/gfwlist
-server=/.soylentnews.org/127.0.0.1#5335
-ipset=/.soylentnews.org/gfwlist
 server=/.spaces.hightail.com/127.0.0.1#5335
 ipset=/.spaces.hightail.com/gfwlist
 server=/.spankbang.com/127.0.0.1#5335
@ -7848,12 +7696,8 @@ server=/.spotflux.com/127.0.0.1#5335
 ipset=/.spotflux.com/gfwlist
 server=/.spotify.com/127.0.0.1#5335
 ipset=/.spotify.com/gfwlist
-server=/.spreadshirt.es/127.0.0.1#5335
-ipset=/.spreadshirt.es/gfwlist
 server=/.spring4u.info/127.0.0.1#5335
 ipset=/.spring4u.info/gfwlist
-server=/.springboardplatform.com/127.0.0.1#5335
-ipset=/.springboardplatform.com/gfwlist
 server=/.sproutcore.com/127.0.0.1#5335
 ipset=/.sproutcore.com/gfwlist
 server=/.sproxy.info/127.0.0.1#5335
@ -7876,8 +7720,6 @@ server=/.ssglobal.me/127.0.0.1#5335
 ipset=/.ssglobal.me/gfwlist
 server=/.ssh91.com/127.0.0.1#5335
 ipset=/.ssh91.com/gfwlist
-server=/.ssl.webpack.de/127.0.0.1#5335
-ipset=/.ssl.webpack.de/gfwlist
 server=/.ssl443.org/127.0.0.1#5335
 ipset=/.ssl443.org/gfwlist
 server=/.sspanel.net/127.0.0.1#5335
@ -7910,8 +7752,6 @@ server=/.stat.gov.tw/127.0.0.1#5335
 ipset=/.stat.gov.tw/gfwlist
 server=/.static-economist.com/127.0.0.1#5335
 ipset=/.static-economist.com/gfwlist
-server=/.static.comico.tw/127.0.0.1#5335
-ipset=/.static.comico.tw/gfwlist
 server=/.static.shemalez.com/127.0.0.1#5335
 ipset=/.static.shemalez.com/gfwlist
 server=/.static01.nyt.com/127.0.0.1#5335
@ -8020,8 +7860,6 @@ server=/.supchina.com/127.0.0.1#5335
 ipset=/.supchina.com/gfwlist
 server=/.superfreevpn.com/127.0.0.1#5335
 ipset=/.superfreevpn.com/gfwlist
-server=/.superokayama.com/127.0.0.1#5335
-ipset=/.superokayama.com/gfwlist
 server=/.superpages.com/127.0.0.1#5335
 ipset=/.superpages.com/gfwlist
 server=/.supervpn.net/127.0.0.1#5335
@ -8044,8 +7882,6 @@ server=/.suyangg.com/127.0.0.1#5335
 ipset=/.suyangg.com/gfwlist
 server=/.svsfx.com/127.0.0.1#5335
 ipset=/.svsfx.com/gfwlist
-server=/.swagbucks.com/127.0.0.1#5335
-ipset=/.swagbucks.com/gfwlist
 server=/.swissinfo.ch/127.0.0.1#5335
 ipset=/.swissinfo.ch/gfwlist
 server=/.swissvpn.net/127.0.0.1#5335
@ -8164,8 +8000,6 @@ server=/.taoism.net/127.0.0.1#5335
 ipset=/.taoism.net/gfwlist
 server=/.taolun.info/127.0.0.1#5335
 ipset=/.taolun.info/gfwlist
-server=/.tapanwap.com/127.0.0.1#5335
-ipset=/.tapanwap.com/gfwlist
 server=/.tapatalk.com/127.0.0.1#5335
 ipset=/.tapatalk.com/gfwlist
 server=/.tascn.com.au/127.0.0.1#5335
@ -9408,8 +9242,6 @@ server=/.vocn.tv/127.0.0.1#5335
 ipset=/.vocn.tv/gfwlist
 server=/.vod-abematv.akamaized.net/127.0.0.1#5335
 ipset=/.vod-abematv.akamaized.net/gfwlist
-server=/.vod.wwe.com/127.0.0.1#5335
-ipset=/.vod.wwe.com/gfwlist
 server=/.vot.org/127.0.0.1#5335
 ipset=/.vot.org/gfwlist
 server=/.vovo2000.com/127.0.0.1#5335
@ -9690,8 +9522,6 @@ server=/.wheelockslatin.com/127.0.0.1#5335
 ipset=/.wheelockslatin.com/gfwlist
 server=/.whereiswerner.com/127.0.0.1#5335
 ipset=/.whereiswerner.com/gfwlist
-server=/.wheretowatch.com/127.0.0.1#5335
-ipset=/.wheretowatch.com/gfwlist
 server=/.whichav.com/127.0.0.1#5335
 ipset=/.whichav.com/gfwlist
 server=/.whippedass.com/127.0.0.1#5335
@ -9744,6 +9574,8 @@ server=/.wikimapia.org/127.0.0.1#5335
 ipset=/.wikimapia.org/gfwlist
 server=/.wikipedia.org/127.0.0.1#5335
 ipset=/.wikipedia.org/gfwlist
+server=/.wikiwand.com/127.0.0.1#5335
+ipset=/.wikiwand.com/gfwlist
 server=/.wikiwiki.jp/127.0.0.1#5335
 ipset=/.wikiwiki.jp/gfwlist
 server=/.wildammo.com/127.0.0.1#5335
@ -9756,8 +9588,6 @@ server=/.windowsphoneme.com/127.0.0.1#5335
 ipset=/.windowsphoneme.com/gfwlist
 server=/.windscribe.com/127.0.0.1#5335
 ipset=/.windscribe.com/gfwlist
-server=/.wingamestore.com/127.0.0.1#5335
-ipset=/.wingamestore.com/gfwlist
 server=/.wingy.site/127.0.0.1#5335
 ipset=/.wingy.site/gfwlist
 server=/.winning11.com/127.0.0.1#5335
@ -9802,8 +9632,6 @@ server=/.wo3ttt.wordpress.com/127.0.0.1#5335
 ipset=/.wo3ttt.wordpress.com/gfwlist
 server=/.woeser.com/127.0.0.1#5335
 ipset=/.woeser.com/gfwlist
-server=/.wokar.org/127.0.0.1#5335
-ipset=/.wokar.org/gfwlist
 server=/.wolfax.com/127.0.0.1#5335
 ipset=/.wolfax.com/gfwlist
 server=/.woolyss.com/127.0.0.1#5335
@ -9812,8 +9640,6 @@ server=/.woopie.jp/127.0.0.1#5335
 ipset=/.woopie.jp/gfwlist
 server=/.woopie.tv/127.0.0.1#5335
 ipset=/.woopie.tv/gfwlist
-server=/.wordpress.com/127.0.0.1#5335
-ipset=/.wordpress.com/gfwlist
 server=/.workatruna.com/127.0.0.1#5335
 ipset=/.workatruna.com/gfwlist
 server=/.workerdemo.org.hk/127.0.0.1#5335
@ -9846,8 +9672,6 @@ server=/.woyaolian.org/127.0.0.1#5335
 ipset=/.woyaolian.org/gfwlist
 server=/.wozy.in/127.0.0.1#5335
 ipset=/.wozy.in/gfwlist
-server=/.wp.com/127.0.0.1#5335
-ipset=/.wp.com/gfwlist
 server=/.wpoforum.com/127.0.0.1#5335
 ipset=/.wpoforum.com/gfwlist
 server=/.wqyd.org/127.0.0.1#5335
@ -9890,8 +9714,6 @@ server=/.wuyanblog.com/127.0.0.1#5335
 ipset=/.wuyanblog.com/gfwlist
 server=/.wwitv.com/127.0.0.1#5335
 ipset=/.wwitv.com/gfwlist
-server=/.www.abclite.net/127.0.0.1#5335
-ipset=/.www.abclite.net/gfwlist
 server=/.www.ajsands.com/127.0.0.1#5335
 ipset=/.www.ajsands.com/gfwlist
 server=/.www.americorps.gov/127.0.0.1#5335
@ -9948,8 +9770,6 @@ server=/.www.websnapr.com/127.0.0.1#5335
 ipset=/.www.websnapr.com/gfwlist
 server=/.www1.biz/127.0.0.1#5335
 ipset=/.www1.biz/gfwlist
-server=/.wwwhost.biz/127.0.0.1#5335
-ipset=/.wwwhost.biz/gfwlist
 server=/.x-art.com/127.0.0.1#5335
 ipset=/.x-art.com/gfwlist
 server=/.x-berry.com/127.0.0.1#5335
@ -10052,6 +9872,8 @@ server=/.xmovies.com/127.0.0.1#5335
 ipset=/.xmovies.com/gfwlist
 server=/.xn--4gq171p.com/127.0.0.1#5335
 ipset=/.xn--4gq171p.com/gfwlist
+server=/.xn--90wwvt03e.com/127.0.0.1#5335
+ipset=/.xn--90wwvt03e.com/gfwlist
 server=/.xn--czq75pvv1aj5c.org/127.0.0.1#5335
 ipset=/.xn--czq75pvv1aj5c.org/gfwlist
 server=/.xn--i2ru8q2qg.com/127.0.0.1#5335
@ -10244,8 +10066,6 @@ server=/.youtubegaming.com/127.0.0.1#5335
 ipset=/.youtubegaming.com/gfwlist
 server=/.youversion.com/127.0.0.1#5335
 ipset=/.youversion.com/gfwlist
-server=/.youwin.com/127.0.0.1#5335
-ipset=/.youwin.com/gfwlist
 server=/.youxu.info/127.0.0.1#5335
 ipset=/.youxu.info/gfwlist
 server=/.yt.be/127.0.0.1#5335
@ -10254,8 +10074,6 @@ server=/.ytht.net/127.0.0.1#5335
 ipset=/.ytht.net/gfwlist
 server=/.ytimg.com/127.0.0.1#5335
 ipset=/.ytimg.com/gfwlist
-server=/.ytn.co.kr/127.0.0.1#5335
-ipset=/.ytn.co.kr/gfwlist
 server=/.yuanming.net/127.0.0.1#5335
 ipset=/.yuanming.net/gfwlist
 server=/.yuanzhengtang.org/127.0.0.1#5335
@ -10398,10 +10216,10 @@ server=/.zoozle.net/127.0.0.1#5335
 ipset=/.zoozle.net/gfwlist
 server=/.zorrovpn.com/127.0.0.1#5335
 ipset=/.zorrovpn.com/gfwlist
-server=/.zozotown.com/127.0.0.1#5335
-ipset=/.zozotown.com/gfwlist
 server=/.zpn.im/127.0.0.1#5335
 ipset=/.zpn.im/gfwlist
+server=/.zsdxzk.com/127.0.0.1#5335
+ipset=/.zsdxzk.com/gfwlist
 server=/.zspeeder.me/127.0.0.1#5335
 ipset=/.zspeeder.me/gfwlist
 server=/.zsrhao.com/127.0.0.1#5335
--- a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
+++ b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
--- a/package/lean/luci-app-ssr-plus/root/etc/ssr/china_ssr.txt
+++ b/package/lean/luci-app-ssr-plus/root/etc/ssr/china_ssr.txt
@ -1030,7 +1030,8 @@
 45.65.28.0/22
 45.112.132.0/22
 45.112.188.0/22
-45.112.208.0/21
+45.112.208.0/22
+45.112.212.0/22
 45.112.216.0/22
 45.112.220.0/22
 45.112.228.0/22
@ -1471,6 +1472,9 @@
 45.253.232.0/22
 45.253.236.0/22
 45.253.240.0/22
+45.253.244.0/22
+45.253.248.0/22
+45.253.252.0/22
 45.254.0.0/22
 45.254.4.0/22
 45.254.8.0/22
@ -1782,6 +1786,7 @@
 61.29.128.0/18
 61.29.192.0/19
 61.29.224.0/20
+61.29.240.0/20
 61.45.128.0/18
 61.45.224.0/20
 61.47.128.0/18
@ -4004,6 +4009,11 @@
 103.149.210.0/23
 103.149.214.0/23
 103.149.220.0/23
+103.149.242.0/23
+103.149.244.0/23
+103.149.246.0/23
+103.149.248.0/23
+103.150.24.0/23
 103.192.0.0/22
 103.192.4.0/22
 103.192.8.0/22
@ -5062,8 +5072,7 @@
 106.4.0.0/14
 106.8.0.0/15
 106.11.0.0/16
-106.12.0.0/15
-106.14.0.0/15
+106.12.0.0/14
 106.16.0.0/12
 106.32.0.0/12
 106.48.0.0/15
@ -5401,10 +5410,7 @@
 117.32.0.0/13
 117.40.0.0/14
 117.44.0.0/15
-117.48.0.0/17
-117.48.128.0/17
-117.49.0.0/16
-117.50.0.0/15
+117.48.0.0/14
 117.53.48.0/20
 117.53.176.0/20
 117.57.0.0/16
@ -5832,8 +5838,7 @@
 124.64.0.0/15
 124.66.0.0/17
 124.67.0.0/16
-124.68.0.0/15
-124.70.0.0/15
+124.68.0.0/14
 124.72.0.0/16
 124.73.0.0/16
 124.74.0.0/15
--- a/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list
--- a/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list
+++ b/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list
--- a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
+++ b/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
@ -13,11 +13,11 @@ uci -q batch <<-EOF >/dev/null
 	commit firewall
 EOF

-touch /etc/china_ssr.txt
-touch /etc/config/white.list
-touch /etc/config/black.list
-touch /etc/config/netflix.list
-touch /etc/config/netflixip.list
+touch /etc/ssr/china_ssr.txt
+touch /etc/ssr/white.list
+touch /etc/ssr/black.list
+touch /etc/ssr/netflix.list
+touch /etc/ssr/netflixip.list
 touch /etc/dnsmasq.ssr/ad.conf
 touch /etc/dnsmasq.ssr/gfw_list.conf

--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad
@ -1,9 +1,9 @@
 #!/bin/sh -e
 if [ -f /tmp/adnew.conf ]; then
-  if (grep -wq "address=" /tmp/adnew.conf) ; then
-    cp /tmp/adnew.conf /tmp/ad.conf
-  else
-    cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/ad.conf
-  fi
+	if (grep -wq "address=" /tmp/adnew.conf); then
+		cp /tmp/adnew.conf /tmp/ssr-update.$1
+	else
+		cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' >/tmp/ssr-update.$1
+	fi
 fi
 rm -f /tmp/adnew.conf
--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw
@ -1,5 +1,4 @@
 #!/bin/sh -e
-
 generate_china_banned() {
 	cat $1 | base64 -d >/tmp/gfwlist.txt
 	rm -f $1
@ -19,7 +18,7 @@ generate_china_banned() {
 		}' | sort -u
 }

-generate_china_banned /tmp/gfw.b64 >/tmp/gfw.txt
+generate_china_banned /tmp/ssr-update.$1 >/tmp/gfw.txt
 rm -f /tmp/gfwlist.txt
-sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt
+sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/ssr-update.$1
 rm -f /tmp/gfw.txt
--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor
@ -6,6 +6,9 @@
 # This is free software, licensed under the GNU General Public License v3.
 # See /LICENSE for more information.
 #
+LOCK_FILE="/var/lock/ssr-monitor.lock"
+[ -f "$LOCK_FILE" ] && exit 2
+touch "$LOCK_FILE"

 NAME=shadowsocksr

@ -19,6 +22,23 @@ uci_get_by_type() {
 	echo ${ret:=$3}
 }

+get_host_ip() {
+	local host=$1
+	local isip=""
+	local ip=$host
+	isip=$(echo $host | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")
+	if [ -z "$isip" ]; then
+		if [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then
+			ip=$host
+		else
+			local ip=$(resolveip -4 -t 3 $host | awk 'NR==1{print}')
+			# local hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1)
+			[ -z "$ip" ] && ip=$(wget -q -O- http://119.29.29.29/d?dn=$1 | awk -F ';' '{print $1}')
+		fi
+	fi
+	echo ${ip:="127.0.0.1"}
+}
+
 server_process_count=$1
 redir_tcp_process=$2
 redir_udp_process=$3
@ -29,25 +49,18 @@ pdnsd_process=$7
 if [ -z "$pdnsd_process" ]; then
 	pdnsd_process=0
 fi
-
 i=0
-
 GLOBAL_SERVER=$(uci_get_by_type global global_server)
-server=$(uci_get_by_name $GLOBAL_SERVER server)
+server=$(get_host_ip $(uci_get_by_name $GLOBAL_SERVER server))
+[ "$server" == "127.0.0.1" ] && hostip=$(uci_get_by_name $GLOBAL_SERVER ip)
 lkcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port)
 server_port=$(uci_get_by_name $GLOBAL_SERVER server_port)
 password=$(uci_get_by_name $GLOBAL_SERVER kcp_password)
 kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param)
 [ "$password" != "" ] && password="--key "${password}

-if echo "$server" | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
-	server=${server}
-else
-	server=$(cat /etc/ssr_ip)
-fi
-
 while [ "1" == "1" ]; do #死循环
-	sleep 30
+	sleep 30s
 	#redir tcp
 	if [ "$redir_tcp_process" -gt 0 ]; then
 		icount=$(busybox ps -w | grep ssr-retcp | grep -v grep | wc -l)
@ -82,6 +95,7 @@ while [ "1" == "1" ]; do #死循环
 			logger -t "$NAME" "ssr server error.restart!"
 			kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			/etc/init.d/shadowsocksr restart
+			exit 0
 		fi
 	fi
 	#kcptun
@ -100,6 +114,7 @@ while [ "1" == "1" ]; do #死循环
 			logger -t "$NAME" "global socks server error.restart!"
 			kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			/etc/init.d/shadowsocksr restart
+			exit 0
 		fi
 	fi
 	#pdnsd
@ -119,14 +134,14 @@ while [ "1" == "1" ]; do #死循环
 	if [ "$pdnsd_process" -eq 2 ]; then
 		icount=$(busybox ps -w | grep -e ssr-dns -e dns2socks | grep -v grep | wc -l)
 		if [ "$icount" -lt 2 ]; then #如果进程挂掉就重启它
-      logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!"
+			logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!"
 			dnsstr=$(uci_get_by_type global tunnel_forward 8.8.4.4:53)
 			dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}')
 			dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}')
 			killall -q -9 dns2socks
 			kill -9 $(busybox ps -w | grep ssr-dns | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 &
-      dns2socks 127.0.0.1:10802  $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 &
+			dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 &
 		fi
 	fi
 done
--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
@ -33,6 +33,7 @@ Valid options are:
    -F                      netflix mode
    -N                      netflix server IP
    -M                      netflix proxy mode
+    -I <ip_list_file>       a file content is bypassed netflix ip list
    -e <extra_options>      extra options for iptables
    -o                      apply the rules to the OUTPUT chain
    -O                      apply the global rules to the OUTPUT chain
@ -82,7 +83,8 @@ flush_r() {
 ipset_r() {
 	ipset -N gmlan hash:net 2>/dev/null
 	for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
-	if [ "$RUNMODE" == "router" ]; then
+	case "$RUNMODE" in
+	router)
 		ipset -! -R <<-EOF || return 1
 			create ss_spec_wan_ac hash:net
 			$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
@ -92,25 +94,29 @@ ipset_r() {
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
 		$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
-	elif [ "$RUNMODE" == "gfw" ]; then
+		;;
+	gfw)
 		ipset -N gfwlist hash:net 2>/dev/null
 		$IPT -N SS_SPEC_WAN_AC
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	elif [ "$RUNMODE" == "oversea" ]; then
+		;;
+	oversea)
 		ipset -N oversea hash:net 2>/dev/null
 		$IPT -N SS_SPEC_WAN_AC
 		ipset -N gmlan hash:net 2>/dev/null
 		for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	elif [ "$RUNMODE" == "all" ]; then
+		;;
+	all)
 		$IPT -N SS_SPEC_WAN_AC
 		$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	fi
+		;;
+	esac
 	ipset -N fplan hash:net 2>/dev/null
 	for ip in $LAN_FP_IP; do ipset -! add fplan $ip; done
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
@ -123,23 +129,25 @@ ipset_r() {
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set whitelist dst -j RETURN
 	for ip in $WAN_BP_IP; do ipset -! add whitelist $ip; done
 	for ip in $WAN_FW_IP; do ipset -! add blacklist $ip; done
-
-	if [ "$NETFLIX" == "1" ]; then
+	if [ "$NETFLIX" != "0" ]; then
+		ipset -N netflix hash:net 2>/dev/null
+		for ip in $(cat ${NETFLIX_LIST:=/dev/null} 2>/dev/null); do ipset -! add netflix $ip; done
+	fi
+	case "$NETFLIX" in
+	1)
 		$IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports 4321
 		if [ "$NETFLIX_PROXY" == "1" ]; then
 			$IPT -I SS_SPEC_WAN_AC -p tcp -d $NETFLIX_IP -j REDIRECT --to-ports $local_port
 		else
 			ipset -! add whitelist $NETFLIX_IP
 		fi
-	elif [ "$NETFLIX" == "2" ]; then
-		$IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port
-	fi
-
+		;;
+	2) $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port ;;
+	esac
 	return $?
 }

 fw_rule() {
-  ipset -N netflix hash:net 2>/dev/null
 	$IPT -N SS_SPEC_WAN_FW
 	$IPT -A SS_SPEC_WAN_FW -d 0.0.0.0/8 -j RETURN
 	$IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN
@ -216,23 +224,26 @@ tp_rule() {
 	$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set bplan src -j RETURN
 	$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
 	-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	if [ "$RUNMODE" == "router" ]; then
+	case "$RUNMODE" in
+	router)
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "gfw" ]; then
+		;;
+	gfw)
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 		$ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "oversea" ]; then
+		;;
+	oversea)
 		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "all" ]; then
-		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	fi
+		;;
+	all) $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 ;;
+	esac
 	$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
 	-m comment --comment "$TAG" -j SS_SPEC_TPROXY
 	return $?
@ -309,7 +320,7 @@ gen_include() {
 	return 0
 }

-while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do
+while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:I:oOuUfgrczh" arg; do
 	case "$arg" in
 	s)
 		server=$OPTARG
@ -359,6 +370,9 @@ while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do
 	M)
 		NETFLIX_PROXY=$OPTARG
 		;;
+	I)
+		NETFLIX_LIST=$OPTARG
+		;;
 	o)
 		OUTPUT=1
 		;;
@ -403,4 +417,3 @@ fi
 flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
 [ "$?" == 0 ] || loger 3 "Start failed!"
 exit $?
-
--- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch
+++ b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch
@ -1,4 +1,4 @@
-#!/bin/sh  /etc/rc.common
+#!/bin/sh /etc/rc.common
 #
 # Copyright (C) 2017 openwrt-ssr
 # Copyright (C) 2017 yushi studio <ywb94@qq.com>
@ -6,6 +6,9 @@
 # This is free software, licensed under the GNU General Public License v3.
 # See /LICENSE for more information.
 #
+LOCK_FILE="/var/lock/ssr-switch.lock"
+[ -f "$LOCK_FILE" ] && exit 2
+touch "$LOCK_FILE"

 cycle_time=60
 switch_time=3
@ -162,7 +165,7 @@ start() {
 			fi
 		else
 			normal_flag=0
-			echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log
+			# echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log
 		fi
 	done
 }
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh
@ -1,5 +1,9 @@
+#!/bin/sh
+LOCK_FILE="/var/lock/ssr-chinaipset.lock"
+[ -f "$LOCK_FILE" ] && exit 2
+touch "$LOCK_FILE"
 echo "create china hash:net family inet hashsize 1024 maxelem 65536" > /tmp/china.ipset
 awk '!/^$/&&!/^#/{printf("add china %s'" "'\n",$0)}' /etc/china_ssr.txt >> /tmp/china.ipset
 ipset -! flush china
 ipset -! restore < /tmp/china.ipset 2>/dev/null
-rm -f /tmp/china.ipset
+rm -f /tmp/china.ipset $LOCK_FILE
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh
@ -1,72 +1,71 @@
 #!/bin/sh
-
 cat <<-EOF >$1
-base {
-	log_debug = off;
-	log_info = off;
-	log = stderr;
-	daemon = on;
-	redirector = iptables;
-	reuseport = on;
-}
+  base {
+  log_debug = off;
+  log_info = off;
+  log = stderr;
+  daemon = on;
+  redirector = iptables;
+  reuseport = on;
+  }
 EOF

 if [ "$2" == "socks5" ]; then
  if [ "$3" == "tcp" ]; then
    if [ "$7" == "0" ]; then
-    cat <<-EOF >>$1
-redsocks {
-  bind = "0.0.0.0:$4";
-  relay = "$5:$6";
-  type = socks5;
-  autoproxy = 0;
-  timeout = 10;
-}
-EOF
-  else
-    cat <<-EOF >>$1
-redsocks {
-  bind = "0.0.0.0:$4";
-  relay = "$5:$6";
-  type = socks5;
-  autoproxy = 0;
-  timeout = 10;
-  login = "$8";
-  password = "$9";
-}
-EOF
+      cat <<-EOF >>$1
+        redsocks {
+        bind = "0.0.0.0:$4";
+        relay = "$5:$6";
+        type = socks5;
+        autoproxy = 0;
+        timeout = 10;
+        }
+      EOF
+    else
+      cat <<-EOF >>$1
+        redsocks {
+        bind = "0.0.0.0:$4";
+        relay = "$5:$6";
+        type = socks5;
+        autoproxy = 0;
+        timeout = 10;
+        login = "$8";
+        password = "$9";
+        }
+      EOF
    fi
  else
-   if [ "$7" == "0" ]; then
-    cat <<-EOF >>$1
-redudp {
-  bind = "0.0.0.0:$4";
-  relay = "$5:$6";
-  type = socks5;
-  udp_timeout = 10;
-}
-EOF
-  else
-    cat <<-EOF >>$1
-redudp {
-  bind = "0.0.0.0:$4";
-  relay = "$5:$6";
-  type = socks5;
-  udp_timeout = 10;
-  login = "$8";
-  password = "$9";
-}
-EOF
+    if [ "$7" == "0" ]; then
+      cat <<-EOF >>$1
+        redudp {
+        bind = "0.0.0.0:$4";
+        relay = "$5:$6";
+        type = socks5;
+        udp_timeout = 10;
+        }
+      EOF
+    else
+      cat <<-EOF >>$1
+        redudp {
+        bind = "0.0.0.0:$4";
+        relay = "$5:$6";
+        type = socks5;
+        udp_timeout = 10;
+        login = "$8";
+        password = "$9";
+        }
+      EOF
    fi
  fi
 else
-    cat <<-EOF >>$1
-redsocks {
-  bind = "0.0.0.0:$4";
-  type = direct;
-  interface = $3;
-  autoproxy = 0;
-  timeout = 10;
-}
-EOF
+  cat <<-EOF >>$1
+    redsocks {
+    bind = "0.0.0.0:$4";
+    type = direct;
+    interface = $3;
+    autoproxy = 0;
+    timeout = 10;
+    }
+  EOF
 fi
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua
@ -1,9 +1,8 @@
-local ucursor = require "luci.model.uci".cursor()
+local ucursor = require "uci".cursor()
 local json = require "luci.jsonc"
 local server_section = arg[1]
 local proto = arg[2]
 local local_port = arg[3]
-
 local server = ucursor:get_all("shadowsocksr", server_section)

 local trojan = {
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua
@ -1,10 +1,9 @@
-local ucursor = require "luci.model.uci".cursor()
+local ucursor = require "uci".cursor()
 local json = require "luci.jsonc"
 local server_section = arg[1]
 local proto = arg[2]
 local local_port = arg[3] or "0"
 local socks_port = arg[4] or "0"
-
 local server = ucursor:get_all("shadowsocksr", server_section)

 local v2ray = {
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh
@ -1,5 +1,34 @@
 #!/bin/sh
-mkdir -p /tmp/dnsmasq.ssr
-awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/config/black.list > /tmp/dnsmasq.ssr/blacklist_forward.conf
-awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/config/black.list >> /tmp/dnsmasq.ssr/blacklist_forward.conf
-awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/config/white.list > /tmp/dnsmasq.ssr/whitelist_forward.conf
+NAME=shadowsocksr
+uci_get_by_type() {
+	local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
+	echo ${ret:=$3}
+}
+cp -a /etc/dnsmasq.ssr /tmp/
+cp -a /etc/dnsmasq.oversea /tmp/
+GLOBAL_SERVER=$(uci_get_by_type global global_server)
+NETFLIX_SERVER=$(uci_get_by_type global netflix_server nil)
+[ "$NETFLIX_SERVER" == "same" ] && NETFLIX_SERVER=$GLOBAL_SERVER
+if [ "$NETFLIX_SERVER" != "nil" ]; then
+	netflix() {
+		for line in $(cat /etc/ssr/netflix.list); do sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf; done
+		awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/ssr/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf
+		awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#$1"'\n",$0)}' /etc/ssr/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf
+	}
+	if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then
+		netflix 5555
+	else
+		netflix 5335
+	fi
+else
+	rm -f /tmp/dnsmasq.ssr/netflix_forward.conf
+fi
+if [ "$1" == "" ]; then
+	awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/ssr/black.list >/tmp/dnsmasq.ssr/blacklist_forward.conf
+	awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/ssr/black.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf
+	awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/ssr/white.list >/tmp/dnsmasq.ssr/whitelist_forward.conf
+	if [ "$(uci_get_by_type global adblock 0)" == "0" ]; then
+		rm -f /tmp/dnsmasq.ssr/ad.conf
+	fi
+fi
+/etc/init.d/dnsmasq restart >/dev/null 2>&1
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh
@ -1,6 +1,6 @@
 #!/bin/sh
-
 /usr/bin/lua /usr/share/shadowsocksr/update.lua
+sleep 2s
+/usr/share/shadowsocksr/chinaipset.sh
+sleep 2s
 /usr/bin/lua /usr/share/shadowsocksr/subscribe.lua
-sleep 10
-/etc/init.d/shadowsocksr restart
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
@ -10,27 +10,56 @@ require 'luci.sys'
 require 'uci'
 -- these global functions are accessed all the time by the event handler
 -- so caching them is worth the effort
-local luci = luci
 local tinsert = table.insert
 local ssub, slen, schar, sbyte, sformat, sgsub = string.sub, string.len, string.char, string.byte, string.format, string.gsub
 local jsonParse, jsonStringify = luci.jsonc.parse, luci.jsonc.stringify
 local b64decode = nixio.bin.b64decode
-local cache = {}
-local nodeResult = setmetatable({}, { __index = cache })  -- update result
-local name = 'shadowsocksr'
+local nodeResult = {} -- update result
+local application = 'shadowsocksr'
 local uciType = 'servers'
-local ucic = luci.model.uci.cursor()
-local proxy = ucic:get_first(name, 'server_subscribe', 'proxy', '0')
-local switch = ucic:get_first(name, 'server_subscribe', 'switch', '1')
-local subscribe_url = ucic:get_first(name, 'server_subscribe', 'subscribe_url', {})
-local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', 'QQ群')
+local ucic2 = uci.cursor()
+local proxy = ucic2:get(application, '@server_subscribe[0]', 'proxy') or '0'
+local switch = ucic2:get(application, '@server_subscribe[0]', 'switch') or '1'
+local subscribe_url = ucic2:get(application, '@server_subscribe[0]', 'subscribe_url') or {}
+local filter_words = ucic2:get(application, '@server_subscribe[0]', 'filter_words') or '过期时间/剩余流量'
+ucic2:revert(application)

 local log = function(...)
 	print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " "))
 end
+
+-- 获取各项动态配置的当前服务器，可以用 get 和 set， get必须要获取到节点表
+local CONFIG = {
+	GLOBAL_SERVER = {
+	remarks = '主节点',
+	type = "global", option = "global_server",
+	set = function(server)
+		ucic2:set(application, '@global[0]', "global_server", server)
+	end
+	}
+}
+do
+	for k, v in pairs(CONFIG) do
+		local currentNode
+		if v.get then
+			currentNode = v.get()
+		else
+			local cfgid = ucic2:get(application, '@' .. v.type .. '[0]', v.option)
+			if cfgid then
+				currentNode = ucic2:get_all(application, cfgid)
+			end
+		end
+		if currentNode then
+			CONFIG[k].currentNode = currentNode
+		else
+			CONFIG[k] = nil
+		end
+	end
+end
+
 -- 分割字符串
 local function split(full, sep)
-	full = full:gsub("%z", "")  -- 这里不是很清楚 有时候结尾带个\0
+	full = full:gsub("%z", "") -- 这里不是很清楚 有时候结尾带个\0
 	local off, result = 1, {}
 	while true do
 		local nStart, nEnd = full:find(sep, off)
@ -48,15 +77,15 @@ local function split(full, sep)
 	return result
 end
 -- urlencode
-local function get_urlencode(c)
-	return sformat("%%%02X", sbyte(c))
-end
+-- local function get_urlencode(c)
+-- return sformat("%%%02X", sbyte(c))
+-- end

-local function urlEncode(szText)
-	local str = szText:gsub("([^0-9a-zA-Z ])", get_urlencode)
-	str = str:gsub(" ", "+")
-	return str
-end
+-- local function urlEncode(szText)
+-- local str = szText:gsub("([^0-9a-zA-Z ])", get_urlencode)
+-- str = str:gsub(" ", "+")
+-- return str
+-- end

 local function get_urldecode(h)
 	return schar(tonumber(h, 16))
@ -72,12 +101,7 @@ local function trim(text)
 	end
 	return (sgsub(text, "^%s*(.-)%s*$", "%1"))
 end
-- md5
-local function md5(content)
-	local stdout = luci.sys.exec('echo \"' .. urlEncode(content) .. '\" | md5sum | cut -d \" \"  -f1')
-	-- assert(nixio.errno() == 0)
-	return trim(stdout)
-end
+
 -- base64
 local function base64Decode(text)
 	local raw = text
@ -99,7 +123,8 @@ local function processData(szType, content)
 	local result = {
 	type = szType,
 	local_port = 1234,
-	kcp_param = '--nocomp'
+	kcp_param = '--nocomp',
+	isSubscribe = 1,
 	}
 	if szType == 'ssr' then
 		local dat = split(content, "/%?")
@ -119,7 +144,7 @@ local function processData(szType, content)
 		result.protocol_param = base64Decode(params.protoparam)
 		local group = base64Decode(params.group)
 		if group then
-			result.alias = "["  .. group .. "] "
+			result.alias = "[" .. group .. "] "
 		end
 		result.alias = result.alias .. base64Decode(params.remarks)
 	elseif szType == 'vmess' then
@ -263,14 +288,6 @@ local function processData(szType, content)
 	if not result.alias then
 		result.alias = result.server .. ':' .. result.server_port
 	end
-	-- alias 不参与 hashkey 计算
-	local alias = result.alias
-	result.alias = nil
-	local switch_enable = result.switch_enable
-	result.switch_enable = nil
-	result.hashkey = md5(jsonStringify(result))
-	result.alias = alias
-	result.switch_enable = switch_enable
 	return result
 end
 -- wget
@ -280,15 +297,67 @@ local function wget(url)
 end

 local function check_filer(result)
-  do 
-    local filter_word = split(filter_words, "/")
-    for i, v in pairs(filter_word) do
-        if result.alias:find(v) then
-          log('订阅节点关键字过滤:“' .. v ..'” ，该节点被丢弃')
-          return true
-        end
-    end 
-  end
+	do
+		local filter_word = split(filter_words, "/")
+		for i, v in pairs(filter_word) do
+			if result.alias:find(v) then
+				log('订阅节点关键字过滤:“' .. v ..'” ，该节点被丢弃')
+				return true
+			end
+		end
+	end
+end
+
+local function select_node(nodes, config)
+	local server
+	-- 第一优先级 IP + 端口
+	for id, node in pairs(nodes) do
+		if node.server .. ':' .. node.server_port == config.currentNode.server .. ':' .. config.currentNode.server_port then
+			log('选择【' .. config.remarks .. '】第一匹配节点：' .. node.alias)
+			server = id
+			break
+		end
+	end
+	-- 第二优先级 IP
+	if not server then
+		for id, node in pairs(nodes) do
+			if node.server == config.currentNode.server then
+				log('选择【' .. config.remarks .. '】第二匹配节点：' .. node.alias)
+				server = id
+				break
+			end
+		end
+	end
+	-- 第三优先级备注
+	if not server then
+		for id, node in pairs(nodes) do
+			if node.alias == config.currentNode.alias then
+				log('选择【' .. config.remarks .. '】第三匹配节点：' .. node.alias)
+				server = id
+				break
+			end
+		end
+	end
+	-- 第四 cfgid
+	if not server then
+		for id, node in pairs(nodes) do
+			if id == config.currentNode['.name'] then
+				log('选择【' .. config.remarks .. '】第四匹配节点：' .. node.alias)
+				server = id
+				break
+			end
+		end
+	end
+	-- 还不行 随便找一个
+	if not server then
+		server = ucic2:get(application, '@'.. uciType .. '[0]')
+		if server then
+			log('无法找到最匹配的节点，当前已更换为' .. ucic2:get_all(application, server).alias)
+		end
+	end
+	if server then
+		config.set(server)
+	end
 end

 local execute = function()
@ -296,15 +365,14 @@ local execute = function()
 	do
 		if proxy == '0' then -- 不使用代理更新的话先暂停
 			log('服务正在暂停')
-			luci.sys.init.stop(name)
+			luci.sys.init.stop(application)
 		end
 		for k, url in ipairs(subscribe_url) do
 			local raw = wget(url)
 			if #raw > 0 then
 				local nodes, szType
-				local groupHash = md5(url)
-				cache[groupHash] = {}
-				tinsert(nodeResult, {})
+				local all_odes = {}
+				tinsert(nodeResult, all_odes)
 				local index = #nodeResult
 				-- SSD 似乎是这种格式 ssd:// 开头的
 				if raw:find('ssd://') then
@ -313,10 +381,10 @@ local execute = function()
 					nodes = base64Decode(raw:sub(nEnd + 1, #raw))
 					nodes = jsonParse(nodes)
 					local extra = {
-						airport = nodes.airport,
-						port = nodes.port,
-						encryption = nodes.encryption,
-						password = nodes.password
+					airport = nodes.airport,
+					port = nodes.port,
+					encryption = nodes.encryption,
+					password = nodes.password
 					}
 					local servers = {}
 					-- SS里面包着 干脆直接这样
@ -349,16 +417,15 @@ local execute = function()
 						-- log(result)
 						if result then
 							if
-                not result.server or
-                check_filer(result) or
-                result.server:match("[^0-9a-zA-Z%-%.%s]") -- 中文做地址的 也没有人拿中文域名搞，就算中文域也有Puny Code SB 机场
-							then
+								not result.server or
+								not result.server_port or
+								check_filer(result) or
+								result.server:match("[^0-9a-zA-Z%-%.%s]") -- 中文做地址的 也没有人拿中文域名搞，就算中文域也有Puny Code SB 机场
+								then
 								log('丢弃无效节点: ' .. result.type ..' 节点, ' .. result.alias)
 							else
 								log('成功解析: ' .. result.type ..' 节点, ' .. result.alias)
-								result.grouphashkey = groupHash
-								tinsert(nodeResult[index], result)
-								cache[groupHash][result.hashkey] = nodeResult[index][#nodeResult[index]]
+								tinsert(all_odes, result)
 							end
 						end
 					end
@ -371,61 +438,45 @@ local execute = function()
 	end
 	-- diff
 	do
-		if next(nodeResult) == nil then
-			log("更新失败，没有可用的节点信息")
-			return
-		end
-		local add, del = 0, 0
-		ucic:foreach(name, uciType, function(old)
-			if old.grouphashkey or old.hashkey then -- 没有 hash 的不参与删除
-				if not nodeResult[old.grouphashkey] or not nodeResult[old.grouphashkey][old.hashkey] then
-					ucic:delete(name, old['.name'])
-					del = del + 1
-				else
-					local dat = nodeResult[old.grouphashkey][old.hashkey]
-					ucic:tset(name, old['.name'], dat)
-					-- 标记一下
-					setmetatable(nodeResult[old.grouphashkey][old.hashkey], { __index =  { _ignore = true } })
-				end
-			else
-				if not old.alias then
-					old.alias = old.server .. ':' .. old.server_port
-				end
-				log('忽略手动添加的节点: ' .. old.alias)
+		assert(next(nodeResult), '更新失败，没有可用的节点信息')
+		-- delete all for subscribe nodes
+		ucic2:foreach(application, uciType, function(node)
+			if node.isSubscribe or node.hashkey then -- 兼容之前的hashkey
+				ucic2:delete(application, node['.name'])
 			end
-
 		end)
-		for k, v in ipairs(nodeResult) do
-			for kk, vv in ipairs(v) do
-				if not vv._ignore then
-					local section = ucic:add(name, uciType)
-					ucic:tset(name, section, vv)
-					ucic:set(name, section, "switch_enable", switch)
-					add = add + 1
+		for _, v in ipairs(nodeResult) do
+			for _, vv in ipairs(v) do
+				vv.switch_enable = switch
+				local cfgid = ucic2:add(application, uciType)
+				for kkk, vvv in pairs(vv) do
+					ucic2:set(application, cfgid, kkk, vvv)
 				end
 			end
 		end
-		ucic:commit(name)
-		-- 如果原有服务器节点已经不见了就尝试换为第一个节点
-		local globalServer = ucic:get_first(name, 'global', 'global_server', '')
-		local firstServer = ucic:get_first(name, uciType)
-		if firstServer then
-			if not ucic:get(name, globalServer) then
-				luci.sys.call("/etc/init.d/" .. name .. " stop > /dev/null 2>&1 &")
-				ucic:commit(name)
-				ucic:set(name, ucic:get_first(name, 'global'), 'global_server', ucic:get_first(name, uciType))
-				ucic:commit(name)
-				log('当前主服务器节点已被删除，正在自动更换为第一个节点。')
-				luci.sys.call("/etc/init.d/" .. name .. " start > /dev/null 2>&1 &")
-			else
-				log('维持当前主服务器节点。')
-				luci.sys.call("/etc/init.d/" .. name .." restart > /dev/null 2>&1 &")
+		ucic2:commit(application)
+		local ucic3 = uci.cursor()
+		-- repair configuration
+		if next(CONFIG) then
+			local nodes = {}
+			ucic3:foreach(application, uciType, function(node)
+				if node.server and node.server_port and node.alias then
+					nodes[node['.name']] = node
+				end
+			end)
+			for _, config in pairs(CONFIG) do
+				select_node(nodes, config)
 			end
-		else
-			log('没有服务器节点了，停止服务')
-			luci.sys.call("/etc/init.d/" .. name .. " stop > /dev/null 2>&1 &")
+			ucic3:commit(application)
 		end
-		log('新增节点数量: ' ..add, '删除节点数量: ' .. del)
+		-- select first server
+		local globalServer = ucic3:get(application, '@global[0]', 'global_server') or ''
+		if not globalServer or not ucic3:get_all(application, globalServer) then
+			ucic3:set(application, '@global[0]', 'global_server', select(2, ucic3:get(application, '@' .. uciType .. '[0]')))
+			ucic3:commit(application)
+			log('当前没有主节点，自动选择第一个节点开启服务。')
+		end
+		luci.sys.call("/etc/init.d/" .. application .." restart > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早
 		log('订阅更新成功')
 	end
 end
@ -435,12 +486,11 @@ if subscribe_url and #subscribe_url > 0 then
 		log(e)
 		log(debug.traceback())
 		log('发生错误, 正在恢复服务')
-		local firstServer = ucic:get_first(name, uciType)
-		if firstServer then
-			luci.sys.call("/etc/init.d/" .. name .." restart > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早
+		if CONFIG.GLOBAL_SERVER and CONFIG.GLOBAL_SERVER.currentNode then
+			luci.sys.call("/etc/init.d/" .. application .." restart > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早
 			log('重启服务成功')
 		else
-			luci.sys.call("/etc/init.d/" .. name .." stop > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早
+			luci.sys.call("/etc/init.d/" .. application .." stop > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早
 			log('停止服务成功')
 		end
 	end)
--- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua
+++ b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua
@ -3,10 +3,8 @@
 -- This file is part of the luci-app-ssr-plus update.lua
 -- By Mattraks
 ------------------------------------------------
-require 'nixio'
-require 'luci.util'
-require 'luci.jsonc'
-require 'luci.sys'
+require "luci.sys"
+require "luci.model.uci"
 local icount = 0
 local uci = luci.model.uci.cursor()

@ -14,112 +12,41 @@ local log = function(...)
 	print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " "))
 end

-log('正在更新【GFW列表】数据库')
-refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. " > /tmp/gfw.b64"
-sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-if sret == 0 then
-	luci.sys.call("/usr/bin/ssr-gfw")
-	icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l")
-	if tonumber(icount) > 1000 then
-		if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then
-			oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l")
-		else
-			oldcount = "0"
-		end
-		if tonumber(icount) ~= tonumber(oldcount) then
-			luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf")
-			luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf")
-			log('更新成功！ 新的总纪录数：' .. tostring(tonumber(icount)/2))
-		else
-			log('你已经是最新数据，无需更新！')
-		end
-	else
-		log('更新失败！')
-	end
-	luci.sys.exec("rm -f /tmp/gfwnew.txt")
-else
-	log('更新失败！')
-end
-
-log('正在更新【国内IP段】数据库')
-refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url','https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt"
-sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-if sret == 0 then
-	icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l")
-	if tonumber(icount) > 1000 then
-		if nixio.fs.access("/etc/china_ssr.txt") then
-			oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l")
-		else
-			oldcount = "0"
-		end
-		if tonumber(icount) ~= tonumber(oldcount) then
-			luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt")
-			log('更新成功！ 新的总纪录数：' .. tostring(tonumber(icount)))
-		else
-			log('你已经是最新数据，无需更新！')
-		end
-	else
-		log('更新失败！')
-	end
-	luci.sys.exec("rm -f /tmp/china_ssr.txt")
-else
-	log('更新失败！')
-end
-
-if uci:get_first('shadowsocksr', 'global', 'adblock','0') == "1" then
-	log('正在更新【广告屏蔽】数据库')
-	refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .. " > /tmp/adnew.conf"
+local function update(url, file, type, file2)
+	local Num = 1
+	refresh_cmd = "wget-ssl --no-check-certificate -t 3 -T 10 -O- " .. url .. " > /tmp/ssr-update." .. type
 	sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
 	if sret == 0 then
-		luci.sys.call("/usr/bin/ssr-ad")
-		icount = luci.sys.exec("cat /tmp/ad.conf | wc -l")
-		if tonumber(icount) > 100 then
-			if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then
-				oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")
-			else
-				oldcount = "0"
-			end
-			if tonumber(icount) ~= tonumber(oldcount) then
-				luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf")
-				luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf")
-				log('更新成功！ 新的总纪录数：' .. tostring(tonumber(icount)))
-			else
-				log('你已经是最新数据，无需更新！')
-			end
-		else
-			log('更新失败！')
+		if type == "gfw_data" then
+			luci.sys.call("/usr/bin/ssr-gfw " .. type)
+			Num = 2
+		end
+		if type == "ad_data" then
+			luci.sys.call("/usr/bin/ssr-ad " .. type)
+		end
+		local new_md5 = luci.sys.exec("echo -n $([ -f '/tmp/ssr-update." .. type .. "' ] && md5sum /tmp/ssr-update." .. type .. " | awk '{print $1}')")
+		local old_md5 = luci.sys.exec("echo -n $([ -f '" .. file .. "' ] && md5sum " .. file .. " | awk '{print $1}')")
+		if new_md5 == old_md5 then
+			log("你已经是最新数据，无需更新！")
+		else
+			icount = luci.sys.exec("cat /tmp/ssr-update." .. type .. " | wc -l")
+			luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file)
+			if file2 then luci.sys.exec("cp -f /tmp/ssr-update." .. type .. " " .. file2) end
+			log("更新成功！ 新的总纪录数：" .. tostring(tonumber(icount)/Num))
 		end
-		luci.sys.exec("rm -f /tmp/ad.conf")
 	else
-		log('更新失败！')
+		log("更新失败！")
 	end
+	luci.sys.exec("rm -f /tmp/ssr-update." .. type)
 end

--[[
-log('正在更新【Netflix IP段】数据库')
-refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .. " > /tmp/netflixip.list"
-sret = luci.sys.call(refresh_cmd .. " 2>/dev/null")
-if sret == 0 then
-	luci.sys.call("/usr/bin/ssr-gfw")
-	icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l")
-	if tonumber(icount) > 5 then
-		if nixio.fs.access("/etc/config/netflixip.list") then
-			oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l")
-		else
-			oldcount = "0"
-		end
-		if tonumber(icount) ~= tonumber(oldcount) then
-			luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list")
-			log('更新成功！ 新的总纪录数：' .. tostring(tonumber(icount)))
-		else
-			log('你已经是最新数据，无需更新！')
-		end
-	else
-		log('更新失败！')
-	end
-	luci.sys.exec("rm -f /tmp/netflixip.list")
-else
-	log('更新失败！')
+log("正在更新【GFW列表】数据库")
+update(uci:get_first("shadowsocksr", "global", "gfwlist_url", "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt"), "/etc/dnsmasq.ssr/gfw_list.conf", "gfw_data", "/tmp/dnsmasq.ssr/gfw_list.conf")
+log("正在更新【国内IP段】数据库")
+update(uci:get_first("shadowsocksr", "global", "chnroute_url","https://ispip.clang.cn/all_cn.txt"), "/etc/ssr/china_ssr.txt", "cnip")
+if uci:get_first("shadowsocksr", "global", "adblock","0") == "1" then
+	log("正在更新【广告屏蔽】数据库")
+	update(uci:get_first("shadowsocksr", "global", "adblock_url","https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt"), "/etc/dnsmasq.ssr/ad.conf", "ad_data", "/tmp/dnsmasq.ssr/ad.conf")
 end
--]]
+-- log("正在更新【Netflix IP段】数据库")
+-- update(uci:get_first("shadowsocksr", "global", "nfip_url","https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"), "/etc/ssr/netflixip.list", "nfip_data")