298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-19 14:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove obsoleted ssr-pro and v2ray-pro

Browse Source
This commit is contained in:
coolsnowwolf 2019-04-19 11:13:12 +08:00
parent 75099ddcf6
commit bfe704cfc8
30 changed files with 0 additions and 8185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
package/lean/luci-app-ssr-pro/Makefile
View File

@ -1,18 +0,0 @@
# Copyright (C) 2016 Openwrt.org
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI support for SSR Pro
LUCI_DEPENDS:=+iptables-mod-tproxy +kmod-ipt-tproxy +ip +ipset-lists +shadowsocksr-libev-alt +shadowsocks-libev-ss-redir +pdnsd-alt +coreutils +coreutils-base64 +coreutils-nohup +dnsmasq-full
LUCI_PKGARCH:=all
PKG_VERSION:=2
PKG_RELEASE:=32
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

17
package/lean/luci-app-ssr-pro/luasrc/controller/ssrpro.lua
View File

@ -1,17 +0,0 @@
module("luci.controller.ssrpro", package.seeall)
function index()
if not nixio.fs.access("/etc/config/ssrpro") then
return
end
local page
page = entry({"admin", "services", "ssrpro"}, cbi("ssrpro"), _("ShadowsocksR Pro"))
page.dependent = true
entry({"admin","services","ssrpro","status"},call("act_status")).leaf=true
end
function act_status()
local e={}
e.running=luci.sys.call("pgrep ssr-redir >/dev/null")==0
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end

229
package/lean/luci-app-ssr-pro/luasrc/model/cbi/ssrpro.lua
View File

@ -1,229 +0,0 @@
local fs = require "nixio.fs"
local NXFS = require "nixio.fs"
local WLFS = require "nixio.fs"
local SYS = require "luci.sys"
local ND = SYS.exec("cat /etc/gfwlist/china-banned | wc -l")
local conf = "/etc/shadowsocksr/base-gfwlist.txt"
local watch = "/tmp/shadowsocksr_watchdog.log"
local dog = "/tmp/ssrpro.log"
m = Map("ssrpro")
m.title = translate("Shadowsocksr Transparent Proxy")
m.description = translate("A fast secure tunnel proxy that help you get through firewalls on your router")
m:section(SimpleSection).template = "ssrpro/ssrpro_status"
s = m:section(TypedSection, "ssrpro")
s.anonymous = true
-- ---------------------------------------------------
s:tab("basic", translate("Base Setting"))
switch = s:taboption("basic",Flag, "enabled", translate("Enable"))
switch.rmempty = false
proxy_mode = s:taboption("basic",ListValue, "proxy_mode", translate("Proxy Mode"))
proxy_mode:value("M", translate("Base on GFW-List Auto Proxy Mode(Recommend)"))
proxy_mode:value("S", translate("Bypassing China Manland IP Mode(Be caution when using P2P download)"))
proxy_mode:value("G", translate("Global Mode"))
proxy_mode:value("V", translate("Overseas users watch China video website Mode"))
cronup = s:taboption("basic", Flag, "cron_mode", translate("Auto Update GFW-List"),
translate(string.format("GFW-List Lines <strong><font color=\"blue\">%s</font></strong> Lines", ND)))
cronup.default = 0
cronup.rmempty = false
updatead = s:taboption("basic", Button, "updatead", translate("Manually force update GFW-List"), translate("Note: It needs to download and convert the rules. The background process may takes 60-120 seconds to run. <br / > After completed it would automatically refresh, please do not duplicate click!"))
updatead.inputtitle = translate("Manually force update GFW-List")
updatead.inputstyle = "apply"
updatead.write = function()
SYS.call("nohup sh /etc/shadowsocksr/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1 &")
end
safe_dns_tcp = s:taboption("basic",Flag, "safe_dns_tcp", translate("DNS uses TCP"),
translate("Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"))
safe_dns_tcp.rmempty = false
-- safe_dns_tcp:depends("more", "1")
-- timeout = s:taboption("basic",Value, "timeout", translate("Timeout"))
-- timeout.datatype = "range(0,10000)"
-- timeout.placeholder = "60"
-- timeout.optional = false
-- timeout:depends("more", "1")
-- safe_dns = s:taboption("basic",Value, "safe_dns", translate("Safe DNS"),
-- translate("8.8.8.8 or 8.8.4.4 is recommended"))
-- safe_dns.datatype = "ip4addr"
-- safe_dns.optional = false
-- safe_dns:depends("more", "1")
-- safe_dns_port = s:taboption("basic",Value, "safe_dns_port", translate("Safe DNS Port"),
-- translate("Foreign DNS on UDP port 53 might be polluted"))
-- safe_dns_port.datatype = "range(1,65535)"
-- safe_dns_port.placeholder = "53"
-- safe_dns_port.optional = false
-- safe_dns_port:depends("more", "1")
--fast_open =s:taboption("basic",Flag, "fast_open", translate("TCP Fast Open"),
-- translate("Enable TCP fast open, only available on kernel > 3.7.0"))
s:tab("main", translate("Server Setting"))
more = s:taboption("main",ListValue, "more", translate("Tool Select"))
more:value("0", translate("ShadowsockR"))
more:value("1", translate("Shadowsocks New Vesion"))
more.description = translate("Using incorrect encryption mothod may causes service fail to start")
server = s:taboption("main",Value, "server", translate("Server Address"))
server.optional = false
server.datatype = "host"
server.rmempty = false
server_port = s:taboption("main",Value, "server_port", translate("Server Port"))
server_port.datatype = "range(1,65535)"
server_port.optional = false
server_port.rmempty = false
password = s:taboption("main",Value, "password", translate("Password"))
password.password = true
method = s:taboption("main",ListValue, "method", translate("Encryption Method"))
method:value("none")
method:value("aes-128-ctr")
method:value("aes-192-ctr")
method:value("aes-256-ctr")
method:value("aes-128-cfb")
method:value("aes-192-cfb")
method:value("aes-256-cfb")
method:value("aes-128-gcm")
method:value("aes-192-gcm")
method:value("aes-256-gcm")
method:value("rc4")
method:value("rc4-md5")
method:value("rc4-md5-6")
method:value("salsa20")
method:value("chacha20")
method:value("chacha20-ietf")
method:value("camellia-128-cfb")
method:value("camellia-192-cfb")
method:value("camellia-256-cfb")
method:value("bf-cfb")
method:value("chacha20-ietf-poly1305")
method:value("xchacha20-ietf-poly1305")
protocol = s:taboption("main",ListValue, "protocol", translate("Protocol"))
protocol:value("origin")
protocol:value("verify_deflate")
protocol:value("auth_sha1_v4")
protocol:value("auth_aes128_md5")
protocol:value("auth_aes128_sha1")
protocol:value("auth_chain_a")
protocol:value("auth_chain_b")
protocol:value("auth_chain_c")
protocol:value("auth_chain_d")
protocol:value("auth_chain_e")
protocol:value("auth_chain_f")
protoparam = s:taboption("main",Value, "protoparam", translate("Protocol Param"))
protoparam.optional = true
protoparam.rmempty = true
obfs = s:taboption("main",ListValue, "obfs", translate("Obfs Param"))
obfs:value("plain")
obfs:value("http_simple")
obfs:value("http_post")
obfs:value("random_head")
obfs:value("tls1.2_ticket_auth")
obfs:value("tls1.2_ticket_fastauth")
plugin_param = s:taboption("main",Flag, "plugin_param", translate("Plug-in parameters"),
translate("Incorrect use of this parameter will cause IP to be blocked. Please use it with care"))
plugin_param:depends("obfs", "http_simple")
plugin_param:depends("obfs", "http_post")
plugin_param:depends("obfs", "tls1.2_ticket_auth")
plugin_param:depends("obfs", "tls1.2_ticket_fastauth")
obfs_param = s:taboption("main",Value, "obfs_param", translate("Confusing plug-in parameters"))
obfs_param.rmempty = true
obfs_param:depends("plugin_param", "1")
s:tab("list", translate("User-defined GFW-List"))
gfwlist = s:taboption("list", TextValue, "conf")
gfwlist.description = translate("<br />!Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying.")
gfwlist.rows = 13
gfwlist.wrap = "off"
gfwlist.cfgvalue = function(self, section)
return NXFS.readfile(conf) or ""
end
gfwlist.write = function(self, section, value)
NXFS.writefile(conf, value:gsub("\r\n", "\n"))
end
local addipconf = "/etc/shadowsocksr/addinip.txt"
s:tab("addip", translate("GFW-List Add-in IP"))
gfwaddin = s:taboption("addip", TextValue, "addipconf")
gfwaddin.description = translate("<br />!Note: IP add-in to GFW-List. Such as Telegram Messenger")
gfwaddin.rows = 13
gfwaddin.wrap = "off"
gfwaddin.cfgvalue = function(self, section)
return NXFS.readfile(addipconf) or ""
end
gfwaddin.write = function(self, section, value)
NXFS.writefile(addipconf, value:gsub("\r\n", "\n"))
end
s:tab("status", translate("Status and Tools"))
s:taboption("status", DummyValue,"opennewwindow" ,
translate("<input type=\"button\" class=\"cbi-button cbi-button-apply\" value=\"IP111.CN\" onclick=\"window.open('http://www.ip111.cn/')\" />"))
s:tab("watchdog", translate("Watchdog Log"))
log = s:taboption("watchdog", TextValue, "sylogtext")
log.template = "cbi/tvalue"
log.rows = 13
log.wrap = "off"
log.readonly="readonly"
function log.cfgvalue(self, section)
SYS.exec("[ -f /tmp/shadowsocksr_watchdog.log ] && sed '1!G;h;$!d' /tmp/shadowsocksr_watchdog.log > /tmp/ssrpro.log")
return nixio.fs.readfile(dog)
end
function log.write(self, section, value)
value = value:gsub("\r\n?", "\n")
nixio.fs.writefile(dog, value)
end
t=m:section(TypedSection,"acl_rule",translate("<strong>Client Proxy Mode Settings</strong>"),
translate("Proxy mode settings can be set to specific LAN clients ( <font color=blue> No Proxy, Global Proxy, Game Mode</font>) . Does not need to be set by default."))
t.template="cbi/tblsection"
t.sortable=true
t.anonymous=true
t.addremove=true
e=t:option(Value,"ipaddr",translate("IP Address"))
e.width="40%"
e.datatype="ip4addr"
e.placeholder="0.0.0.0/0"
luci.ip.neighbors({ family = 4 }, function(entry)
if entry.reachable then
e:value(entry.dest:string())
end
end)
e=t:option(ListValue,"filter_mode",translate("Proxy Mode"))
e.width="40%"
e.default="disable"
e.rmempty=false
e:value("disable",translate("No Proxy"))
e:value("global",translate("Global Proxy"))
e:value("game",translate("Game Mode"))
return m

22
package/lean/luci-app-ssr-pro/luasrc/view/ssrpro/ssrpro_status.htm
View File

@ -1,22 +0,0 @@
<script type="text/javascript">//<![CDATA[
XHR.poll(3, '<%=url([[admin]], [[services]], [[ssrpro]], [[status]])%>', null,
function(x, data) {
var tb = document.getElementById('ssrpro_status');
if (data && tb) {
if (data.running) {
var links = '<em><b><font color=green>ShadowsocksR Pro <%:RUNNING%></font></b></em>';
tb.innerHTML = links;
} else {
tb.innerHTML = '<em><b><font color=red>ShadowsocksR Pro <%:NOT RUNNING%></font></b></em>';
}
}
}
);
//]]>
</script>
<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
<fieldset class="cbi-section">
<p id="ssrpro_status">
<em><%:Collecting data...%></em>
</p>
</fieldset>

120
package/lean/luci-app-ssr-pro/po/zh-cn/ssrpro.po
View File

@ -1,120 +0,0 @@
msgid "<strong><font color=\"green\">ShadowsocksR is Running</font></strong>"
msgstr "<strong><font color=\"green\">ShadowsocksR 正在运行</font></strong>"
msgid "<strong><font color=\"red\">ShadowsocksR is Not Running</font></strong>"
msgstr "<strong><font color=\"red\">ShadowsocksR 没有运行</font></strong>"
msgid "Shadowsocksr Transparent Proxy"
msgstr "ShadowsocksR 透明代理"
msgid "A fast secure tunnel proxy that help you get through firewalls on your router"
msgstr "一个快速安全隧道代理,帮助您穿过防火墙"
msgid "Base Setting"
msgstr "基本设置"
msgid "Proxy Mode"
msgstr "代理模式"
msgid "Base on GFW-List Auto Proxy Mode(Recommend)"
msgstr "基于GFW-List自动代理(推荐)"
msgid "Bypassing China Manland IP Mode(Be caution when using P2P download)"
msgstr "绕过中国大陆IP地址(P2P 下载慎用!)"
msgid "Global Mode"
msgstr "全局代理"
msgid "Overseas users watch China video website Mode"
msgstr "海外用户回国看视频"
msgid "Auto Update GFW-List"
msgstr "自动更新GFW-List"
msgid "Manually force update GFW-List"
msgstr "手动强制更新GFW-List"
msgid "DNS uses TCP"
msgstr "启用DNS TCP防污染"
msgid "Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"
msgstr "往国外的DNS请求将通过服务器中转发出更安全推荐"
msgid "Server Setting"
msgstr "服务器设置"
msgid "Server Address"
msgstr "服务器地址(支持域名)"
msgid "Server Port"
msgstr "服务器端口"
msgid "Password"
msgstr "密码"
msgid "Encryption Method"
msgstr "加密"
msgid "Protocol"
msgstr "协议"
msgid "Protocol Param"
msgstr "协议参数"
msgid "Obfs Param"
msgstr "混淆"
msgid "Plug-in parameters"
msgstr "插件参数"
msgid "Confusing plug-in parameters"
msgstr "混淆参数"
msgid "Incorrect use of this parameter will cause IP to be blocked. Please use it with care"
msgstr "不正确的使用参数可能会导致IP被封请注意使用"
msgid "User-defined GFW-List"
msgstr "用户自定义GFW-List"
msgid "<br />!Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying."
msgstr "用户自定义GFW-List将会和自动更新的自动合并。如果要新加入域名马上生效请应用后点击手动强制更新GFW-List"
msgid "Status and Tools"
msgstr "状态与工具"
msgid "Watchdog Log"
msgstr "守护日志"
msgid "<strong>Client Proxy Mode Settings</strong>"
msgstr "<strong>客户端代理模式设置</strong>"
msgid "Proxy mode settings can be set to specific LAN clients ( <font color=blue> No Proxy, Global Proxy, Game Mode</font>) . Does not need to be set by default."
msgstr "可以为局域网客户端分别设置不同的代理模式 ( <font color=blue> 不代理, 全局代理, 游戏模式</font>).默认无需设置"
msgid "GFW-List Add-in IP"
msgstr "GFW-List附加IP"
msgid "<br />!Note: IP add-in to GFW-List. Such as Telegram Messenger"
msgstr "<br />!注意有些应用使用IP而不是域名例如 Telegram Messenger 您需要把IP地址加入这里"
msgid "No Proxy"
msgstr "不代理"
msgid "Global Proxy"
msgstr "全局代理"
msgid "Game Mode"
msgstr "游戏模式"
msgid "Using SS instead of SSR"
msgstr "使用SS新版代替SSR"
msgid "Using incorrect encryption mothod may causes service fail to start"
msgstr "设置不正确的加密方法可能会导致SS/SSR服务无法启动"
msgid "Shadowsocks New Vesion"
msgstr "Shadowsocks 原版(支持新增协议)"
msgid "Tool Select"
msgstr "SS/SSR 版本选择"

15
package/lean/luci-app-ssr-pro/root/etc/config/ssrpro
View File

@ -1,15 +0,0 @@
config ssrpro
option gfwlist 'china-banned'
option server_port '23143'
option password 'test.TEST'
option protocol 'origin'
option obfs 'plain'
option proxy_mode 'M'
option safe_dns_tcp '1'
option cron_mode '1'
option method 'rc4-md5'
option server '4.4.4.4'
option enabled '0'
option more '0'

402
package/lean/luci-app-ssr-pro/root/etc/init.d/ssrpro
View File

@ -1,402 +0,0 @@
#!/bin/sh /etc/rc.common
#
#
START=99
STOP=10
EXTRA_COMMANDS="reload_rule"
SS_REDIR_PORT=7070
SS_REDIR_PIDFILE=/var/run/ssr-redir-go.pid
PDNSD_LOCAL_PORT=7453
SSRCONF=/etc/shadowsocksr.json
CRON_FILE=/etc/crontabs/root
CONFIG=ssrpro
KEEP_GFWLIST=Y
vt_np_ipset="china"
get_config()
{
config_get_bool vt_enabled $1 enabled 0
config_get vt_server_addr $1 server
config_get vt_server_port $1 server_port
config_get vt_password $1 password
config_get vt_method $1 method
config_get vt_protocol $1 protocol
config_get vt_protoparam $1 protoparam
config_get vt_obfs $1 obfs
config_get obfs_param $1 obfs_param
config_get vt_proxy_mode $1 proxy_mode
config_get vt_timeout $1 timeout
config_get vt_safe_dns $1 safe_dns
config_get vt_timeout $1 timeout
config_get vt_safe_dns $1 safe_dns
config_get vt_safe_dns_port $1 safe_dns_port
config_get vt_safe_dns_tcp $1 safe_dns_tcp
config_get cron_mode $1 cron_mode 1
config_get_bool vt_more $1 more 0
}
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Get LAN settings as default parameters
[ -f /lib/functions/network.sh ] && . /lib/functions/network.sh
network_get_subnet covered_subnets lan
network_get_ipaddr local_addresses lan
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
__gfwlist_by_mode()
{
case "$1" in
V) echo unblock-youku;;
*) echo china-banned;;
esac
}
start()
{
config_load ssrpro
config_foreach get_config ssrpro
[ -f /etc/init.d/pdnsd ] && /etc/init.d/pdnsd disable 2>/dev/null
if [ "$vt_enabled" = 0 ]; then
echo "WARNING: Shadowsocksr is disabled."
exit 0
fi
if [ -z "$vt_server_addr" -o -z "$vt_server_port" ]; then
echo "WARNING: Shadowsocksr not fully configured, not starting."
exit 0
fi
local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
[ -z "$vt_proxy_mode" ] && vt_proxy_mode=M
[ -z "$vt_method" ] && vt_method=table
[ -z "$vt_timeout" ] && vt_timeout=60
case "$vt_proxy_mode" in
M|S|G)
[ -z "$vt_safe_dns" ] && vt_safe_dns="8.8.8.8"
[ -z "$vt_safe_dns_tcp" ] && vt_safe_dns_tcp=1
;;
esac
[ -z "$vt_safe_dns_port" ] && vt_safe_dns_port=53
# -----------------------------------------------------------------
###### shadowsocksr ######
cat > $SSRCONF <<EOF
{
"server": "$vt_server_addr",
"server_port": $vt_server_port,
"password": "$vt_password",
"method": "$vt_method",
"local_address": "0.0.0.0",
"local_port": $SS_REDIR_PORT,
"timeout": $vt_timeout,
"protocol": "$vt_protocol",
"protocol_param": "$vt_protoparam",
"obfs": "$vt_obfs",
"obfs_param": "$obfs_param",
"fast_open": false
}
EOF
if [ "$vt_more" = 0 ]; then
ln -sf /usr/bin/ssr-redir /usr/sbin/ssr-redir
else
ln -sf /usr/bin/ss-redir /usr/sbin/ssr-redir
fi
/usr/sbin/ssr-redir -u -c $SSRCONF -f $SS_REDIR_PIDFILE || return 1
# IPv4 firewall rules
add_rule
# -----------------------------------------------------------------
mkdir -p /var/etc/dnsmasq-go.d
###### Anti-pollution configuration ######
if [ -n "$vt_safe_dns" ]; then
if [ "$vt_safe_dns_tcp" = 1 ]; then
start_pdnsd "$vt_safe_dns"
awk -vs="127.0.0.1#$PDNSD_LOCAL_PORT" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
else
awk -vs="$vt_safe_dns#$vt_safe_dns_port" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
fi
else
echo "WARNING: Not using secure DNS, DNS resolution might be polluted if you are in China."
fi
###### dnsmasq-to-ipset configuration ######
case "$vt_proxy_mode" in
M|V)
awk '!/^$/&&!/^#/{printf("ipset=/%s/'"$vt_gfwlist"'\n",$0)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/02-ipset.conf
;;
esac
# -----------------------------------------------------------------
###### Restart main 'dnsmasq' service if needed ######
if ls /var/etc/dnsmasq-go.d/* >/dev/null 2>&1; then
mkdir -p /tmp/dnsmasq.d
cat > /tmp/dnsmasq.d/dnsmasq-go.conf <<EOF
conf-dir=/var/etc/dnsmasq-go.d
EOF
/etc/init.d/dnsmasq restart
fi
add_cron
}
stop()
{
# -----------------------------------------------------------------
rm -rf /var/etc/dnsmasq-go.d
if [ -f /tmp/dnsmasq.d/dnsmasq-go.conf ]; then
rm -f /tmp/dnsmasq.d/dnsmasq-go.conf
/etc/init.d/dnsmasq restart
fi
stop_pdnsd
# --STOP IPv4 firewall---------------------------------------------------------------
del_rule
# -----------------------------------------------------------------
if [ -f $SS_REDIR_PIDFILE ]; then
kill -9 `cat $SS_REDIR_PIDFILE`
rm -f $SS_REDIR_PIDFILE
fi
killall -9 ssr-redir 2>/dev/null
del_cron
}
reload_rule()
{
config_load ssrpro
config_foreach get_config ssrpro
local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
KEEP_GFWLIST=Y
del_rule
add_rule
if [ "$vt_safe_dns_tcp" = 1 ]; then
stop_pdnsd
start_pdnsd
fi
}
restart()
{
KEEP_GFWLIST=Y
stop
start
}
# $1: upstream DNS server
start_pdnsd()
{
local safe_dns="$1"
local tcp_dns_list="208.67.222.222, 208.67.220.220"
[ -n "$safe_dns" ] && tcp_dns_list="$safe_dns,$tcp_dns_list"
#killall -9 pdnsd 2>/dev/null && sleep 1
kill -9 $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
mkdir -p /var/etc /var/pdnsd
if ! test -f "/var/pdnsd/pdnsd.cache"; then
echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache
chown -R nobody.nogroup /var/pdnsd
fi
cat > /var/etc/pdnsd.conf <<EOF
global {
perm_cache=1024;
cache_dir="/var/pdnsd";
pid_file = /var/run/pdnsd.pid;
run_as="nobody";
server_ip = 127.0.0.1;
server_port = $PDNSD_LOCAL_PORT;
status_ctl = on;
query_method = tcp_only;
min_ttl=1h;
max_ttl=1w;
timeout=10;
neg_domain_pol=on;
proc_limit=40;
procq_limit=60;
}
server {
label= "fwxxx";
ip = $tcp_dns_list;
port = 53;
timeout=6;
uptest=none;
interval=10m;
purge_cache=off;
}
EOF
/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d
# Access TCP DNS server through Shadowsocksr tunnel
if iptables -t nat -N pdnsd_output; then
iptables -t nat -A pdnsd_output -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -A pdnsd_output -p tcp -j REDIRECT --to $SS_REDIR_PORT
fi
iptables -t nat -I OUTPUT -p tcp --dport 53 -j pdnsd_output
}
stop_pdnsd()
{
if iptables -t nat -F pdnsd_output 2>/dev/null; then
while iptables -t nat -D OUTPUT -p tcp --dport 53 -j pdnsd_output 2>/dev/null; do :; done
iptables -t nat -X pdnsd_output
fi
kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 || killall -9 pdnsd >/dev/null 2>&1
rm -rf /var/pdnsd
rm -f /var/etc/pdnsd.conf
}
add_cron()
{
sed -i '/up-gfwlist.sh/d' $CRON_FILE
sed -i '/shadowsocksr_watchdog.log/d' $CRON_FILE
if [ $cron_mode -eq 1 ]; then
echo '0 5 * * * /etc/shadowsocksr/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1' >> $CRON_FILE
fi
echo '0 */1 * * * /etc/shadowsocksr/ssr-watchdog >> /tmp/shadowsocksr_watchdog.log 2>&1' >> $CRON_FILE
echo '0 1 * * 0 echo "" > /tmp/shadowsocksr_watchdog.log' >> $CRON_FILE
crontab $CRON_FILE
}
del_cron()
{
sed -i '/up-gfwlist.sh/d' $CRON_FILE
sed -i '/shadowsocksr_watchdog.log/d' $CRON_FILE
/etc/init.d/cron restart
}
uci_get_by_name() {
local ret=$(uci get $CONFIG.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
uci_get_by_type() {
local index=0
if [ -n $4 ]; then
index=$4
fi
local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
add_rule()
{
iptables -t nat -N shadowsocksr_pre
iptables -t nat -F shadowsocksr_pre
iptables -t nat -A shadowsocksr_pre -m set --match-set local dst -j RETURN || {
iptables -t nat -A shadowsocksr_pre -d 10.0.0.0/8 -j RETURN
iptables -t nat -A shadowsocksr_pre -d 127.0.0.0/8 -j RETURN
iptables -t nat -A shadowsocksr_pre -d 172.16.0.0/12 -j RETURN
iptables -t nat -A shadowsocksr_pre -d 192.168.0.0/16 -j RETURN
iptables -t nat -A shadowsocksr_pre -d 127.0.0.0/8 -j RETURN
iptables -t nat -A shadowsocksr_pre -d 224.0.0.0/3 -j RETURN
}
iptables -t nat -A shadowsocksr_pre -d $vt_server_addr -j RETURN
iptables -N gameboost -t mangle
ipset -! create gameuser hash:ip maxelem 65536 2>/dev/null
/usr/bin/ip rule add fwmark 0x01/0x01 table 100
/usr/bin/ip route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -A gameboost -p udp -m set --match-set local dst -j RETURN
iptables -t mangle -A gameboost -p udp -m set --match-set china dst -j RETURN
iptables -t mangle -A gameboost -p udp --dport 53 -j RETURN
iptables -t mangle -A gameboost -p udp -j TPROXY --on-port 7070 --tproxy-mark 0x01/0x01
iptables -t mangle -A PREROUTING -m set --match-set gameuser src -j gameboost
for i in $(seq 0 100)
do
local ip=$(uci_get_by_type acl_rule ipaddr '' $i)
local mode=$(uci_get_by_type acl_rule filter_mode '' $i)
case "$mode" in
disable)
iptables -t nat -A shadowsocksr_pre -s $ip -j RETURN
;;
global)
iptables -t nat -A shadowsocksr_pre -s $ip -p tcp -j REDIRECT --to $SS_REDIR_PORT
iptables -t nat -A shadowsocksr_pre -s $ip -j RETURN
;;
game)
iptables -t nat -A shadowsocksr_pre -p tcp -s $ip -m set ! --match-set china dst -j REDIRECT --to $SS_REDIR_PORT
ipset -! add gameuser $ip
;;
esac
done
case "$vt_proxy_mode" in
G) : ;;
S)
iptables -t nat -A shadowsocksr_pre -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $SS_REDIR_PORT
;;
M)
ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
awk '!/^$/&&!/^#/{printf("add vt_gfwlist %s'" "'\n",$0)}' /etc/shadowsocksr/addinip.txt > /tmp/addinip.ipset
sed -i "s/vt_gfwlist/$vt_gfwlist/g" /tmp/addinip.ipset
ipset -! restore < /tmp/addinip.ipset
iptables -t nat -A shadowsocksr_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
iptables -t nat -A shadowsocksr_pre -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set $vt_gfwlist dst -j REDIRECT --to $SS_REDIR_PORT
;;
V)
vt_np_ipset=""
ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
iptables -t nat -A shadowsocksr_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
;;
esac
local subnet
for subnet in $covered_subnets; do
iptables -t nat -A shadowsocksr_pre -s $subnet -p tcp -j REDIRECT --to $SS_REDIR_PORT
done
iptables -t nat -I PREROUTING -p tcp -j shadowsocksr_pre
}
del_rule()
{
if iptables -t nat -F shadowsocksr_pre 2>/dev/null; then
while iptables -t nat -D PREROUTING -p tcp -j shadowsocksr_pre 2>/dev/null; do :; done
iptables -t nat -X shadowsocksr_pre 2>/dev/null
fi
iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set china-banned dst -j REDIRECT --to $SS_REDIR_PORT 2>/dev/null
iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $SS_REDIR_PORT 2>/dev/null
/usr/bin/ip rule del fwmark 0x01/0x01 table 100
/usr/bin/ip route del local 0.0.0.0/0 dev lo table 100
if iptables -t mangle -F gameboost 2>/dev/null; then
while iptables -t mangle -D PREROUTING -m set --match-set gameuser src -j gameboost 2>/dev/null; do :; done
iptables -t mangle -X gameboost 2>/dev/null
fi
ipset destroy gameuser 2>/dev/null
# -----------------------------------------------------------------
[ "$KEEP_GFWLIST" = Y ] || ipset destroy "$vt_gfwlist" 2>/dev/null
}

7
package/lean/luci-app-ssr-pro/root/etc/shadowsocksr/addinip.txt
View File

@ -1,7 +0,0 @@
149.154.160.0/20
149.154.164.0/22
149.154.168.0/21
67.198.55.0/24
91.108.4.0/22
91.108.56.0/22
109.239.140.0/24

2940
package/lean/luci-app-ssr-pro/root/etc/shadowsocksr/base-gfwlist.txt
View File

File diff suppressed because it is too large Load Diff

29
package/lean/luci-app-ssr-pro/root/etc/shadowsocksr/gen-gfwlist.sh
View File

@ -1,29 +0,0 @@
#!/bin/sh -e
generate_china_banned()
{
if [ ! -f /tmp/gfwlist.txt ]; then
wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfwlist.b64 >&2
cat /tmp/gfwlist.b64 | base64 -d > /tmp/gfwlist.txt
rm -f /tmp/gfwlist.b64
fi
cat /tmp/gfwlist.txt | sort -u |
sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
awk '
BEGIN { prev = "________"; } {
cur = $0;
if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
} else {
print cur;
prev = cur;
}
}' | sort -u
}
generate_china_banned

35
package/lean/luci-app-ssr-pro/root/etc/shadowsocksr/ssr-watchdog
View File

@ -1,35 +0,0 @@
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
#GOOGLE=$(ping -4 www.gstatic.com -c 1 -w 5| sed '1{s/[^(]*(//;s/).*//;q}')
#iptables -t nat -I OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
#sleep 3
/usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.gstatic.com/generate_204
if [ "$?" == "0" ]; then
echo '['$LOGTIME'] ShadowsocksR No Problem.'
else
/usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.baidu.com
if [ "$?" == "0" ]; then
echo '['$LOGTIME'] Problem decteted, restarting ShadowsocksR...'
/etc/init.d/ssrpro restart
else
echo '['$LOGTIME'] Network Problem. Do nothing.'
fi
fi
#sleep 3
#iptables -t nat -D OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070

21
package/lean/luci-app-ssr-pro/root/etc/shadowsocksr/up-gfwlist.sh
View File

@ -1,21 +0,0 @@
#!/bin/sh
/etc/shadowsocksr/gen-gfwlist.sh > /tmp/ol-gfw.txt
if [ -s "/tmp/ol-gfw.txt" ];then
sort -u /etc/shadowsocksr/base-gfwlist.txt /tmp/ol-gfw.txt > /tmp/china-banned
if ( ! cmp -s /tmp/china-banned /etc/gfwlist/china-banned );then
if [ -s "/tmp/china-banned" ];then
mv /tmp/china-banned /etc/gfwlist/china-banned
echo "Update GFW-List Done!"
fi
else
echo "GFW-List No Change!"
fi
fi
rm -f /tmp/gfwlist.txt
rm -f /tmp/ol-gfw.txt
/etc/init.d/ssrpro restart

11
package/lean/luci-app-ssr-pro/root/etc/ssrpro.include
View File

@ -1,11 +0,0 @@
#!/bin/sh
ssr_enable=$(uci get ssrpro.@ssrpro[0].enabled 2>/dev/null)
if [ $ssr_enable -eq 1 ]; then
if pidof ssr-redir>/dev/null; then
/etc/init.d/ssrpro reload_rule
else
/etc/init.d/ssrpro restart
fi
fi

20
package/lean/luci-app-ssr-pro/root/etc/uci-defaults/ssrpro
View File

@ -1,20 +0,0 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete ucitrack.@ssrpro[-1]
add ucitrack ssrpro
set ucitrack.@ssrpro[-1].init=ssrpro
commit ucitrack
delete firewall.ssrpro
set firewall.ssrpro=include
set firewall.ssrpro.type=script
set firewall.ssrpro.path=/etc/ssrpro.include
set firewall.ssrpro.reload=1
commit firewall
EOF
/etc/init.d/ssrpro stop
/etc/init.d/ssrpro enable
rm -f /tmp/luci-indexcache
exit 0

16
package/lean/luci-app-v2ray-pro/Makefile
View File

@ -1,16 +0,0 @@
# Copyright (C) 2016 Openwrt.org
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI support for V2Ray
LUCI_DEPENDS:=+iptables-mod-tproxy +kmod-ipt-tproxy +ip +ipset-lists +pdnsd-alt +coreutils +coreutils-base64 +coreutils-nohup +dnsmasq-full +v2ray +ca-certificates +lua-cjson
LUCI_PKGARCH:=all
PKG_VERSION:=1.0
PKG_RELEASE:=11
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

17
package/lean/luci-app-v2ray-pro/luasrc/controller/v2raypro.lua
View File

@ -1,17 +0,0 @@
module("luci.controller.v2raypro", package.seeall)
function index()
if not nixio.fs.access("/etc/config/v2raypro") then
return
end
local page
page = entry({"admin", "services", "v2raypro"}, cbi("v2raypro"), _("V2Ray Pro"))
page.dependent = true
entry({"admin","services","v2raypro","status"},call("act_status")).leaf=true
end
function act_status()
local e={}
e.running=luci.sys.call("pgrep v2ray >/dev/null")==0
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end

361
package/lean/luci-app-v2ray-pro/luasrc/model/cbi/v2raypro.lua
View File

@ -1,361 +0,0 @@
local fs = require "nixio.fs"
local NXFS = require "nixio.fs"
local WLFS = require "nixio.fs"
local SYS = require "luci.sys"
local ND = SYS.exec("cat /etc/gfwlist/china-banned | wc -l")
local conf = "/etc/v2ray/base-gfwlist.txt"
local watch = "/tmp/v2ray_watchdog.log"
local dog = "/tmp/v2raypro.log"
local http = luci.http
local ucursor = require "luci.model.uci".cursor()
m = Map("v2raypro")
m.title = translate("V2Ray Transparent Proxy")
m.description = translate("A fast secure tunnel proxy that help you get through firewalls on your router")
m:section(SimpleSection).template = "v2raypro/v2raypro_status"
s = m:section(TypedSection, "v2raypro")
s.anonymous = true
-- ---------------------------------------------------
s:tab("basic", translate("Base Setting"))
switch = s:taboption("basic",Flag, "enabled", translate("Enable"))
switch.rmempty = false
proxy_mode = s:taboption("basic",ListValue, "proxy_mode", translate("Proxy Mode"))
proxy_mode:value("M", translate("Base on GFW-List Auto Proxy Mode(Recommend)"))
proxy_mode:value("S", translate("Bypassing China Manland IP Mode(Be caution when using P2P download)"))
proxy_mode:value("G", translate("Global Mode"))
proxy_mode:value("V", translate("Overseas users watch China video website Mode"))
cronup = s:taboption("basic", Flag, "cron_mode", translate("Auto Update GFW-List"),
translate(string.format("GFW-List Lines <strong><font color=\"blue\">%s</font></strong> Lines", ND)))
cronup.default = 0
cronup.rmempty = false
updatead = s:taboption("basic", Button, "updatead", translate("Manually force update GFW-List"), translate("Note: It needs to download and convert the rules. The background process may takes 60-120 seconds to run. <br / > After completed it would automatically refresh, please do not duplicate click!"))
updatead.inputtitle = translate("Manually force update GFW-List")
updatead.inputstyle = "apply"
updatead.write = function()
SYS.call("nohup sh /etc/v2ray/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1 &")
end
safe_dns_tcp = s:taboption("basic",Flag, "safe_dns_tcp", translate("DNS uses TCP"),
translate("Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"))
safe_dns_tcp.rmempty = false
-- safe_dns_tcp:depends("more", "1")
-- timeout = s:taboption("basic",Value, "timeout", translate("Timeout"))
-- timeout.datatype = "range(0,10000)"
-- timeout.placeholder = "60"
-- timeout.optional = false
-- timeout:depends("more", "1")
-- safe_dns = s:taboption("basic",Value, "safe_dns", translate("Safe DNS"),
-- translate("8.8.8.8 or 8.8.4.4 is recommended"))
-- safe_dns.datatype = "ip4addr"
-- safe_dns.optional = false
-- safe_dns:depends("more", "1")
-- safe_dns_port = s:taboption("basic",Value, "safe_dns_port", translate("Safe DNS Port"),
-- translate("Foreign DNS on UDP port 53 might be polluted"))
-- safe_dns_port.datatype = "range(1,65535)"
-- safe_dns_port.placeholder = "53"
-- safe_dns_port.optional = false
-- safe_dns_port:depends("more", "1")
--fast_open =s:taboption("basic",Flag, "fast_open", translate("TCP Fast Open"),
-- translate("Enable TCP fast open, only available on kernel > 3.7.0"))
s:tab("main", translate("Server Setting"))
server = s:taboption("main",Value, "address", translate("Server Address"))
server.datatype = "host"
server.rmempty = false
server_port = s:taboption("main",Value, "port", translate("Server Port"))
server_port.datatype = "range(0,65535)"
server_port.rmempty = false
id = s:taboption("main",Value, "id", translate("ID"))
id.password = true
alterId = s:taboption("main",Value, "alterId", translate("Alter ID"))
alterId.datatype = "range(1,65535)"
alterId.rmempty = false
security = s:taboption("main",ListValue, "security", translate("Security"))
security:value("none")
security:value("auto")
security:value("aes-128-cfb")
security:value("aes-128-gcm")
security:value("chacha20-poly1305")
network_type = s:taboption("main",ListValue, "network_type", translate("Network Type"))
network_type:value("tcp")
network_type:value("kcp")
network_type:value("ws")
network_type:value("h2")
-- tcp settings
tcp_obfs = s:taboption("main",ListValue, "tcp_obfs", translate("TCP Obfs"))
tcp_obfs:value("none")
tcp_obfs:value("http")
tcp_obfs:depends("network_type", "tcp")
tcp_path = s:taboption("main",DynamicList, "tcp_path", translate("TCP Obfs Path"))
tcp_path:depends("tcp_obfs", "http")
tcp_host = s:taboption("main",DynamicList, "tcp_host", translate("TCP Obfs Header"))
tcp_host:depends("tcp_obfs", "http")
tcp_host.datatype = "host"
-- kcp settings
kcp_obfs = s:taboption("main",ListValue, "kcp_obfs", translate("KCP Obfs"))
kcp_obfs:value("none")
kcp_obfs:value("srtp")
kcp_obfs:value("utp")
kcp_obfs:value("wechat-video")
kcp_obfs:value("dtls")
kcp_obfs:value("wireguard")
kcp_obfs:depends("network_type", "kcp")
kcp_mtu = s:taboption("main",Value, "kcp_mtu", translate("KCP MTU"))
kcp_mtu.datatype = "range(576,1460)"
kcp_mtu:depends("network_type", "kcp")
kcp_tti = s:taboption("main",Value, "kcp_tti", translate("KCP TTI"))
kcp_tti.datatype = "range(10,100)"
kcp_tti:depends("network_type", "kcp")
kcp_uplink = s:taboption("main",Value, "kcp_uplink", translate("KCP uplinkCapacity"))
kcp_uplink.datatype = "range(0,1000)"
kcp_uplink:depends("network_type", "kcp")
kcp_downlink = s:taboption("main",Value, "kcp_downlink", translate("KCP downlinkCapacity"))
kcp_downlink.datatype = "range(0,1000)"
kcp_downlink:depends("network_type", "kcp")
kcp_readbuf = s:taboption("main",Value, "kcp_readbuf", translate("KCP readBufferSize"))
kcp_readbuf.datatype = "range(0,100)"
kcp_readbuf:depends("network_type", "kcp")
kcp_writebuf = s:taboption("main",Value, "kcp_writebuf", translate("KCP writeBufferSize"))
kcp_writebuf.datatype = "range(0,100)"
kcp_writebuf:depends("network_type", "kcp")
kcp_congestion = s:taboption("main",Flag, "kcp_congestion", translate("KCP Congestion"))
kcp_congestion:depends("network_type", "kcp")
-- websocket settings
ws_path = s:taboption("main",Value, "ws_path", translate("WebSocket Path"))
ws_path:depends("network_type", "ws")
ws_headers = s:taboption("main",Value, "ws_headers", translate("WebSocket Header"))
ws_headers:depends("network_type", "ws")
ws_headers.datatype = "host"
-- http/2 settings
h2_path = s:taboption("main",Value, "h2_path", translate("HTTP Path"))
h2_path:depends("network_type", "h2")
h2_domain = s:taboption("main",Value, "h2_domain", translate("HTTP Domain"))
h2_domain:depends("network_type", "h2")
h2_domain.datatype = "host"
-- others
tls = s:taboption("main",Flag, "tls", translate("TLS"))
tls.rmempty = false
mux = s:taboption("main",Flag, "mux", translate("Mux"))
mux.rmempty = false
------------------------------------------------
s:tab("reverse", translate("Severse Setting"))
risen = s:taboption("reverse",Flag, "risen", translate("Enable"))
risen.rmempty = false
rserver = s:taboption("reverse",Value, "raddress", translate("Server Address"))
rserver.datatype = "host"
rserver.rmempty = ture
rserver_domain = s:taboption("reverse",Value, "rserver_domain", translate("Server domain"))
rserver_domain.datatype = "host"
rserver_domain.rmempty = ture
rserver_port = s:taboption("reverse",Value, "rport", translate("Server Port"))
rserver_port.datatype = "range(0,65535)"
rserver_port.rmempty = ture
rid = s:taboption("reverse",Value, "rid", translate("ID"))
rid.password = true
ralterId = s:taboption("reverse",Value, "ralterId", translate("Alter ID"))
ralterId.datatype = "range(1,65535)"
ralterId.rmempty = ture
rsecurity = s:taboption("reverse",ListValue, "rsecurity", translate("Security"))
rsecurity:value("none")
rsecurity:value("auto")
rsecurity:value("aes-128-cfb")
rsecurity:value("aes-128-gcm")
rsecurity:value("chacha20-poly1305")
rnetwork_type = s:taboption("reverse",ListValue, "rnetwork_type", translate("Network Type"))
rnetwork_type:value("tcp")
rnetwork_type:value("kcp")
rnetwork_type:value("ws")
rnetwork_type:value("h2")
-- tcp settings
rtcp_obfs = s:taboption("reverse",ListValue, "rtcp_obfs", translate("TCP Obfs"))
rtcp_obfs:value("none")
rtcp_obfs:value("http")
rtcp_obfs:depends("rnetwork_type", "tcp")
rtcp_path = s:taboption("reverse",DynamicList, "rtcp_path", translate("TCP Obfs Path"))
rtcp_path:depends("rtcp_obfs", "http")
rtcp_host = s:taboption("reverse",DynamicList, "rtcp_host", translate("TCP Obfs Header"))
rtcp_host:depends("rtcp_obfs", "http")
rtcp_host.datatype = "host"
-- kcp settings
rkcp_obfs = s:taboption("reverse",ListValue, "rkcp_obfs", translate("KCP Obfs"))
rkcp_obfs:value("none")
rkcp_obfs:value("srtp")
rkcp_obfs:value("utp")
rkcp_obfs:value("wechat-video")
rkcp_obfs:value("dtls")
rkcp_obfs:value("wireguard")
rkcp_obfs:depends("rnetwork_type", "kcp")
rkcp_mtu = s:taboption("reverse",Value, "rkcp_mtu", translate("KCP MTU"))
rkcp_mtu.datatype = "range(576,1460)"
rkcp_mtu:depends("rnetwork_type", "kcp")
rkcp_tti = s:taboption("reverse",Value, "rkcp_tti", translate("KCP TTI"))
rkcp_tti.datatype = "range(10,100)"
rkcp_tti:depends("rnetwork_type", "kcp")
rkcp_uplink = s:taboption("reverse",Value, "rkcp_uplink", translate("KCP uplinkCapacity"))
rkcp_uplink.datatype = "range(0,1000)"
rkcp_uplink:depends("rnetwork_type", "kcp")
rkcp_downlink = s:taboption("reverse",Value, "rkcp_downlink", translate("KCP downlinkCapacity"))
rkcp_downlink.datatype = "range(0,1000)"
rkcp_downlink:depends("rnetwork_type", "kcp")
rkcp_readbuf = s:taboption("reverse",Value, "rkcp_readbuf", translate("KCP readBufferSize"))
rkcp_readbuf.datatype = "range(0,100)"
rkcp_readbuf:depends("rnetwork_type", "kcp")
rkcp_writebuf = s:taboption("reverse",Value, "rkcp_writebuf", translate("KCP writeBufferSize"))
rkcp_writebuf.datatype = "range(0,100)"
rkcp_writebuf:depends("rnetwork_type", "kcp")
rkcp_congestion = s:taboption("reverse",Flag, "rkcp_congestion", translate("KCP Congestion"))
rkcp_congestion:depends("rnetwork_type", "kcp")
-- websocket settings
rws_path = s:taboption("reverse",Value, "rws_path", translate("WebSocket Path"))
rws_path:depends("rnetwork_type", "ws")
rws_headers = s:taboption("reverse",Value, "rws_headers", translate("WebSocket Header"))
rws_headers:depends("rnetwork_type", "ws")
rws_headers.datatype = "host"
-- http/2 settings
rh2_path = s:taboption("reverse",Value, "rh2_path", translate("HTTP Path"))
rh2_path:depends("rnetwork_type", "h2")
rh2_domain = s:taboption("reverse",Value, "rh2_domain", translate("HTTP Domain"))
rh2_domain:depends("rnetwork_type", "h2")
rh2_domain.datatype = "host"
-- others
rtls = s:taboption("reverse",Flag, "rtls", translate("TLS"))
rtls.rmempty = false
rmux = s:taboption("reverse",Flag, "rmux", translate("Mux"))
rmux.rmempty = false
--------------------------------------------------
s:tab("list", translate("User-defined GFW-List"))
gfwlist = s:taboption("list", TextValue, "conf")
gfwlist.description = translate("<br />!Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying.")
gfwlist.rows = 13
gfwlist.wrap = "off"
gfwlist.cfgvalue = function(self, section)
return NXFS.readfile(conf) or ""
end
gfwlist.write = function(self, section, value)
NXFS.writefile(conf, value:gsub("\r\n", "\n"))
end
local addipconf = "/etc/v2ray/addinip.txt"
s:tab("addip", translate("GFW-List Add-in IP"))
gfwaddin = s:taboption("addip", TextValue, "addipconf")
gfwaddin.description = translate("<br />!Note: IP add-in to GFW-List. Such as Telegram Messenger")
gfwaddin.rows = 13
gfwaddin.wrap = "off"
gfwaddin.cfgvalue = function(self, section)
return NXFS.readfile(addipconf) or ""
end
gfwaddin.write = function(self, section, value)
NXFS.writefile(addipconf, value:gsub("\r\n", "\n"))
end
s:tab("status", translate("Status and Tools"))
s:taboption("status", DummyValue,"opennewwindow" ,
translate("<input type=\"button\" class=\"cbi-button cbi-button-apply\" value=\"IP111.CN\" onclick=\"window.open('http://www.ip111.cn/')\" />"))
s:tab("watchdog", translate("Watchdog Log"))
log = s:taboption("watchdog", TextValue, "sylogtext")
log.template = "cbi/tvalue"
log.rows = 13
log.wrap = "off"
log.readonly="readonly"
function log.cfgvalue(self, section)
SYS.exec("[ -f /tmp/v2ray_watchdog.log ] && sed '1!G;h;$!d' /tmp/v2ray_watchdog.log > /tmp/v2raypro.log")
return nixio.fs.readfile(dog)
end
function log.write(self, section, value)
value = value:gsub("\r\n?", "\n")
nixio.fs.writefile(dog, value)
end
t=m:section(TypedSection,"acl_rule",translate("<strong>Client Proxy Mode Settings</strong>"),
translate("Proxy mode settings can be set to specific LAN clients ( <font color=blue> No Proxy, Global Proxy, Game Mode</font>) . Does not need to be set by default."))
t.template="cbi/tblsection"
t.sortable=true
t.anonymous=true
t.addremove=true
e=t:option(Value,"ipaddr",translate("IP Address"))
e.width="40%"
e.datatype="ip4addr"
e.placeholder="0.0.0.0/0"
luci.ip.neighbors({ family = 4 }, function(entry)
if entry.reachable then
e:value(entry.dest:string())
end
end)
e=t:option(ListValue,"filter_mode",translate("Proxy Mode"))
e.width="40%"
e.default="disable"
e.rmempty=false
e:value("disable",translate("No Proxy"))
e:value("global",translate("Global Proxy"))
e:value("game",translate("Game Mode"))
return m

6
package/lean/luci-app-v2ray-pro/luasrc/view/cbi/other_upload2.htm
View File

@ -1,6 +0,0 @@
<%+cbi/valueheader%>
<label class="cbi-value-title" style="display:inline-block; width: 180px" for="ulfile"><%:Choose local file:%></label>
<input class="cbi-input-file" style="width: 400px" type="file" id="ulfile" name="ulfile" />
<%+cbi/valuefooter%>

22
package/lean/luci-app-v2ray-pro/luasrc/view/v2raypro/v2raypro_status.htm
View File

@ -1,22 +0,0 @@
<script type="text/javascript">//<![CDATA[
XHR.poll(3, '<%=url([[admin]], [[services]], [[v2raypro]], [[status]])%>', null,
function(x, data) {
var tb = document.getElementById('v2raypro_status');
if (data && tb) {
if (data.running) {
var links = '<em><b><font color=green>V2Ray Pro <%:RUNNING%></font></b></em>';
tb.innerHTML = links;
} else {
tb.innerHTML = '<em><b><font color=red>V2Ray Pro <%:NOT RUNNING%></font></b></em>';
}
}
}
);
//]]>
</script>
<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
<fieldset class="cbi-section">
<p id="v2raypro_status">
<em><%:Collecting data...%></em>
</p>
</fieldset>

122
package/lean/luci-app-v2ray-pro/po/zh-cn/v2raypro.po
View File

@ -1,122 +0,0 @@
msgid "<strong><font color=\"green\">V2Ray is Running</font></strong>"
msgstr "<strong><font color=\"green\">V2Ray 正在运行</font></strong>"
msgid "<strong><font color=\"red\">V2Ray is Not Running</font></strong>"
msgstr "<strong><font color=\"red\">V2Ray 没有运行</font></strong>"
msgid "V2Ray Transparent Proxy"
msgstr "V2Ray 透明代理"
msgid "A fast secure tunnel proxy that help you get through firewalls on your router"
msgstr "一个快速安全隧道代理,帮助您穿过防火墙"
msgid "Base Setting"
msgstr "基本设置"
msgid "Proxy Mode"
msgstr "代理模式"
msgid "Base on GFW-List Auto Proxy Mode(Recommend)"
msgstr "基于GFW-List自动代理(推荐)"
msgid "Bypassing China Manland IP Mode(Be caution when using P2P download)"
msgstr "绕过中国大陆IP地址(P2P 下载慎用!)"
msgid "Global Mode"
msgstr "全局代理"
msgid "Overseas users watch China video website Mode"
msgstr "海外用户回国看视频"
msgid "Auto Update GFW-List"
msgstr "自动更新GFW-List"
msgid "Manually force update GFW-List"
msgstr "手动强制更新GFW-List"
msgid "DNS uses TCP"
msgstr "启用DNS TCP防污染"
msgid "Through the server transfer mode inquires DNS pollution prevention (Safer and recommended)"
msgstr "往国外的DNS请求将通过服务器中转发出更安全推荐"
msgid "Server Setting"
msgstr "服务器设置"
msgid "Server Address"
msgstr "服务器地址(支持域名)"
msgid "Server Port"
msgstr "服务器端口"
msgid "ID"
msgstr "ID"
msgid "Alter ID"
msgstr "额外ID"
msgid "Security"
msgstr "加密方式"
msgid "Network Type"
msgstr "传输协议"
msgid "User-defined GFW-List"
msgstr "用户自定义GFW-List"
msgid "<br />!Note: When the domain name is entered and will automatically merge with the online GFW-List. Please manually update the GFW-List list after applying."
msgstr "用户自定义GFW-List将会和自动更新的自动合并。如果要新加入域名马上生效请应用后点击手动强制更新GFW-List"
msgid "Status and Tools"
msgstr "状态与工具"
msgid "Watchdog Log"
msgstr "守护日志"
msgid "<strong>Client Proxy Mode Settings</strong>"
msgstr "<strong>客户端代理模式设置</strong>"
msgid "Proxy mode settings can be set to specific LAN clients ( <font color=blue> No Proxy, Global Proxy, Game Mode</font>) . Does not need to be set by default."
msgstr "可以为局域网客户端分别设置不同的代理模式 ( <font color=blue> 不代理, 全局代理, 游戏模式</font>).默认无需设置"
msgid "GFW-List Add-in IP"
msgstr "GFW-List附加IP"
msgid "<br />!Note: IP add-in to GFW-List. Such as Telegram Messenger"
msgstr "<br />!注意有些应用使用IP而不是域名例如 Telegram Messenger 您需要把IP地址加入这里"
msgid "No Proxy"
msgstr "不代理"
msgid "Global Proxy"
msgstr "全局代理"
msgid "Game Mode"
msgstr "游戏模式"
msgid "Config File Type"
msgstr "配置文件类型"
msgid "Use Config File"
msgstr "使用配置文件"
msgid "Warning: Can't find v2ctl. You can only choose Protobuf."
msgstr "注意:没有找到 v2ctl 可执行程序。你只能选择使用 Protobuf."
msgid "If you choose to upload a new file, please do not modify and this configuration will be overwritten automatically."
msgstr "如果你在下方选择了上传新的配置文件,那你不需要改动这个框框里的内容。上传完成后将会自动填充。"
msgid "Create upload file error."
msgstr "上传文件失败。"
msgid "File saved to"
msgstr "文件已保存到"
msgid "No specify upload file."
msgstr "未指定上传文件"
msgid "Severse Setting"
msgstr "反向代理设置"
msgid "Server domain"
msgstr "反向代理域名"

31
package/lean/luci-app-v2ray-pro/root/etc/config/v2raypro
View File

@ -1,31 +0,0 @@
config v2raypro 'v2raypro'
option gfwlist 'china-banned'
option proxy_mode 'M'
option safe_dns_tcp '1'
option cron_mode '1'
option address '4.4.4.4'
option port '443'
option id '00755892-0921-4433-bd92-04242abd92af'
option alterId '64'
option security 'aes-128-gcm'
option network_type 'tcp'
option tcp_obfs 'none'
option tls '0'
option mux '0'
option raddress '4.4.4.4'
option rport '455'
option ralterId '64'
option rsecurity 'none'
option rnetwork_type 'tcp'
option rtcp_obfs 'none'
option rtls '0'
option rmux '0'
option rid '00755892-0921-4433-bd92-04242abd92af'
option enabled '1'
option renable '1'
option rdomain 'abcd.com'
option renabled '0'
option risen '0'
option rserver_domain 'abc.com'

378
package/lean/luci-app-v2ray-pro/root/etc/init.d/v2raypro
View File

@ -1,378 +0,0 @@
#!/bin/sh /etc/rc.common
#
#
START=99
STOP=10
EXTRA_COMMANDS="reload_rule"
V2RAY_REDIR_PORT=7070
V2RAY_REDIR_PIDFILE=/var/run/v2ray-redir-go.pid
PDNSD_LOCAL_PORT=7453
V2RAYCONF=/tmp/config.json
CRON_FILE=/etc/crontabs/root
V2_CONF_GENERATE_LUA=/etc/v2ray/gen_config.lua
CONFIG=v2raypro
KEEP_GFWLIST=Y
vt_np_ipset="china"
get_config()
{
config_get_bool vt_enabled $1 enabled 0
config_get vt_server_addr $1 address
config_get vt_server_port $1 server_port
config_get vt_password $1 password
config_get vt_method $1 method
config_get vt_protocol $1 protocol
config_get vt_protoparam $1 protoparam
config_get vt_obfs $1 obfs
config_get obfs_param $1 obfs_param
config_get vt_proxy_mode $1 proxy_mode
config_get vt_timeout $1 timeout
config_get vt_safe_dns $1 safe_dns
config_get vt_timeout $1 timeout
config_get vt_safe_dns $1 safe_dns
config_get vt_safe_dns_port $1 safe_dns_port
config_get vt_safe_dns_tcp $1 safe_dns_tcp
config_get cron_mode $1 cron_mode 1
}
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Get LAN settings as default parameters
[ -f /lib/functions/network.sh ] && . /lib/functions/network.sh
network_get_subnet covered_subnets lan
network_get_ipaddr local_addresses lan
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
__gfwlist_by_mode()
{
case "$1" in
V) echo unblock-youku;;
*) echo china-banned;;
esac
}
start()
{
config_load v2raypro
config_foreach get_config v2raypro
[ -f /etc/init.d/pdnsd ] && /etc/init.d/pdnsd disable 2>/dev/null
if [ "$vt_enabled" = 0 ]; then
echo "WARNING: v2ray is disabled."
exit 0
fi
local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
[ -z "$vt_proxy_mode" ] && vt_proxy_mode=M
[ -z "$vt_method" ] && vt_method=table
[ -z "$vt_timeout" ] && vt_timeout=60
case "$vt_proxy_mode" in
M|S|G)
[ -z "$vt_safe_dns" ] && vt_safe_dns="8.8.8.8"
[ -z "$vt_safe_dns_tcp" ] && vt_safe_dns_tcp=1
;;
esac
[ -z "$vt_safe_dns_port" ] && vt_safe_dns_port=53
# -----------------------------------------------------------------
###### v2ray ######
/usr/bin/lua $V2_CONF_GENERATE_LUA $CONFIG $V2RAYCONF
/usr/bin/v2ray/v2ray -config=$V2RAYCONF &
echo "V2Ray started"
# IPv4 firewall rules
add_rule
# -----------------------------------------------------------------
mkdir -p /var/etc/dnsmasq-go.d
###### Anti-pollution configuration ######
if [ -n "$vt_safe_dns" ]; then
if [ "$vt_safe_dns_tcp" = 1 ]; then
start_pdnsd "$vt_safe_dns"
awk -vs="127.0.0.1#$PDNSD_LOCAL_PORT" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
else
awk -vs="$vt_safe_dns#$vt_safe_dns_port" '!/^$/&&!/^#/{printf("server=/%s/%s\n",$0,s)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/01-pollution.conf
fi
else
echo "WARNING: Not using secure DNS, DNS resolution might be polluted if you are in China."
fi
###### dnsmasq-to-ipset configuration ######
case "$vt_proxy_mode" in
M|V)
awk '!/^$/&&!/^#/{printf("ipset=/%s/'"$vt_gfwlist"'\n",$0)}' \
/etc/gfwlist/$vt_gfwlist > /var/etc/dnsmasq-go.d/02-ipset.conf
;;
esac
# -----------------------------------------------------------------
###### Restart main 'dnsmasq' service if needed ######
if ls /var/etc/dnsmasq-go.d/* >/dev/null 2>&1; then
mkdir -p /tmp/dnsmasq.d
cat > /tmp/dnsmasq.d/dnsmasq-go.conf <<EOF
conf-dir=/var/etc/dnsmasq-go.d
EOF
/etc/init.d/dnsmasq restart
fi
add_cron
}
stop()
{
# -----------------------------------------------------------------
rm -rf /var/etc/dnsmasq-go.d
if [ -f /tmp/dnsmasq.d/dnsmasq-go.conf ]; then
rm -f /tmp/dnsmasq.d/dnsmasq-go.conf
/etc/init.d/dnsmasq restart
fi
stop_pdnsd
# --STOP IPv4 firewall---------------------------------------------------------------
del_rule
# -----------------------------------------------------------------
if [ -f $V2RAY_REDIR_PIDFILE ]; then
kill -9 `cat $V2RAY_REDIR_PIDFILE`
rm -f $V2RAY_REDIR_PIDFILE
fi
killall -9 v2ray 2>/dev/null
del_cron
}
reload_rule()
{
config_load v2raypro
config_foreach get_config v2raypro
local vt_gfwlist=`__gfwlist_by_mode $vt_proxy_mode`
KEEP_GFWLIST=Y
del_rule
add_rule
if [ "$vt_safe_dns_tcp" = 1 ]; then
stop_pdnsd
start_pdnsd
fi
}
restart()
{
KEEP_GFWLIST=Y
stop
start
}
# $1: upstream DNS server
start_pdnsd()
{
local safe_dns="$1"
local tcp_dns_list="208.67.222.222, 208.67.220.220"
[ -n "$safe_dns" ] && tcp_dns_list="$safe_dns,$tcp_dns_list"
#killall -9 pdnsd 2>/dev/null && sleep 1
kill -9 $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
mkdir -p /var/etc /var/pdnsd
if ! test -f "/var/pdnsd/pdnsd.cache"; then
dd if=/dev/zero of="/var/pdnsd/pdnsd.cache" bs=1 count=4 2> /dev/null
chown -R nobody.nogroup /var/pdnsd
fi
cat > /var/etc/pdnsd.conf <<EOF
global {
perm_cache=10240;
cache_dir="/var/pdnsd";
pid_file = /var/run/pdnsd.pid;
run_as="nobody";
server_ip = 127.0.0.1;
server_port = $PDNSD_LOCAL_PORT;
status_ctl = on;
query_method = tcp_only;
min_ttl=1h;
max_ttl=1w;
timeout=10;
neg_domain_pol=on;
proc_limit=2;
procq_limit=8;
}
server {
label= "fwxxx";
ip = $tcp_dns_list;
port = 53;
timeout=6;
uptest=none;
interval=10m;
purge_cache=off;
}
EOF
/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d
# Access TCP DNS server through v2ray tunnel
if iptables -t nat -N pdnsd_output; then
iptables -t nat -A pdnsd_output -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -A pdnsd_output -p tcp -j REDIRECT --to $V2RAY_REDIR_PORT
fi
iptables -t nat -I OUTPUT -p tcp --dport 53 -j pdnsd_output
}
stop_pdnsd()
{
if iptables -t nat -F pdnsd_output 2>/dev/null; then
while iptables -t nat -D OUTPUT -p tcp --dport 53 -j pdnsd_output 2>/dev/null; do :; done
iptables -t nat -X pdnsd_output
fi
killall -9 pdnsd 2>/dev/null
rm -rf /var/pdnsd
rm -f /var/etc/pdnsd.conf
}
add_cron()
{
sed -i '/up-gfwlist.sh/d' $CRON_FILE
sed -i '/v2ray_watchdog.log/d' $CRON_FILE
if [ $cron_mode -eq 1 ]; then
echo '0 5 * * * /etc/v2ray/up-gfwlist.sh > /tmp/gfwupdate.log 2>&1' >> $CRON_FILE
fi
echo '0 */1 * * * /etc/v2ray/v2ray-watchdog >> /tmp/v2ray_watchdog.log 2>&1' >> $CRON_FILE
echo '0 1 * * 0 echo "" > /tmp/v2ray_watchdog.log' >> $CRON_FILE
crontab $CRON_FILE
}
del_cron()
{
sed -i '/up-gfwlist.sh/d' $CRON_FILE
sed -i '/v2ray_watchdog.log/d' $CRON_FILE
/etc/init.d/cron restart
}
uci_get_by_name() {
local ret=$(uci get $CONFIG.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
uci_get_by_type() {
local index=0
if [ -n $4 ]; then
index=$4
fi
local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
add_rule()
{
iptables -t nat -N v2ray_pre
iptables -t nat -F v2ray_pre
iptables -t nat -A v2ray_pre -m set --match-set local dst -j RETURN || {
iptables -t nat -A v2ray_pre -d 10.0.0.0/8 -j RETURN
iptables -t nat -A v2ray_pre -d 127.0.0.0/8 -j RETURN
iptables -t nat -A v2ray_pre -d 172.16.0.0/12 -j RETURN
iptables -t nat -A v2ray_pre -d 192.168.0.0/16 -j RETURN
iptables -t nat -A v2ray_pre -d 127.0.0.0/8 -j RETURN
iptables -t nat -A v2ray_pre -d 224.0.0.0/3 -j RETURN
}
iptables -t nat -A v2ray_pre -d $vt_server_addr -j RETURN
iptables -N gameboost -t mangle
ipset -! create gameuser hash:ip maxelem 65536 2>/dev/null
ip rule add fwmark 0x100/0xfff table 100
ip route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -A gameboost -p udp -m set --match-set local dst -j RETURN
iptables -t mangle -A gameboost -p udp -m set --match-set china dst -j RETURN
iptables -t mangle -A gameboost -p udp --dport 53 -j RETURN
iptables -t mangle -A gameboost -p udp -j TPROXY --on-port 7070 --tproxy-mark 0x100/0xfff
iptables -t mangle -A PREROUTING -m set --match-set gameuser src -j gameboost
for i in $(seq 0 100)
do
local ip=$(uci_get_by_type acl_rule ipaddr '' $i)
local mode=$(uci_get_by_type acl_rule filter_mode '' $i)
case "$mode" in
disable)
iptables -t nat -A v2ray_pre -s $ip -j RETURN
;;
global)
iptables -t nat -A v2ray_pre -s $ip -p tcp -j REDIRECT --to $V2RAY_REDIR_PORT
iptables -t nat -A v2ray_pre -s $ip -j RETURN
;;
game)
iptables -t nat -A v2ray_pre -p tcp -s $ip -m set ! --match-set china dst -j REDIRECT --to $V2RAY_REDIR_PORT
ipset -! add gameuser $ip
;;
esac
done
case "$vt_proxy_mode" in
G) : ;;
S)
iptables -t nat -A v2ray_pre -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $V2RAY_REDIR_PORT
;;
M)
ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
awk '!/^$/&&!/^#/{printf("add vt_gfwlist %s'" "'\n",$0)}' /etc/v2ray/addinip.txt > /tmp/addinip.ipset
sed -i "s/vt_gfwlist/$vt_gfwlist/g" /tmp/addinip.ipset
ipset -! restore < /tmp/addinip.ipset
iptables -t nat -A v2ray_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
iptables -t nat -A v2ray_pre -m set --match-set $vt_np_ipset dst -j RETURN
iptables -t nat -I OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set $vt_gfwlist dst -j REDIRECT --to $V2RAY_REDIR_PORT
;;
V)
vt_np_ipset=""
ipset -! create $vt_gfwlist hash:ip maxelem 65536 2>/dev/null
iptables -t nat -A v2ray_pre -m set ! --match-set $vt_gfwlist dst -j RETURN
;;
esac
local subnet
for subnet in $covered_subnets; do
iptables -t nat -A v2ray_pre -s $subnet -p tcp -j REDIRECT --to $V2RAY_REDIR_PORT
done
iptables -t nat -I PREROUTING -p tcp -j v2ray_pre
}
del_rule()
{
if iptables -t nat -F v2ray_pre 2>/dev/null; then
while iptables -t nat -D PREROUTING -p tcp -j v2ray_pre 2>/dev/null; do :; done
iptables -t nat -X v2ray_pre 2>/dev/null
fi
iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set china-banned dst -j REDIRECT --to $V2RAY_REDIR_PORT 2>/dev/null
iptables -t nat -D OUTPUT -p tcp -m multiport --dports 80,443 -m set ! --match-set $vt_np_ipset dst -j REDIRECT --to $V2RAY_REDIR_PORT 2>/dev/null
/usr/bin/ip rule del fwmark 0x100/0xfff table 100
/usr/bin/ip route del local 0.0.0.0/0 dev lo table 100
if iptables -t mangle -F gameboost 2>/dev/null; then
while iptables -t mangle -D PREROUTING -m set --match-set gameuser src -j gameboost 2>/dev/null; do :; done
iptables -t mangle -X gameboost 2>/dev/null
fi
ipset destroy gameuser 2>/dev/null
# -----------------------------------------------------------------
[ "$KEEP_GFWLIST" = Y ] || ipset destroy "$vt_gfwlist" 2>/dev/null
}

20
package/lean/luci-app-v2ray-pro/root/etc/uci-defaults/v2raypro
View File

@ -1,20 +0,0 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete ucitrack.@v2raypro[-1]
add ucitrack v2raypro
set ucitrack.@v2raypro[-1].init=v2raypro
commit ucitrack
delete firewall.v2raypro
set firewall.v2raypro=include
set firewall.v2raypro.type=script
set firewall.v2raypro.path=/etc/v2raypro.include
set firewall.v2raypro.reload=1
commit firewall
EOF
/etc/init.d/v2raypro stop
/etc/init.d/v2raypro enable
rm -f /tmp/luci-indexcache
exit 0

7
package/lean/luci-app-v2ray-pro/root/etc/v2ray/addinip.txt
View File

@ -1,7 +0,0 @@
149.154.160.0/20
149.154.164.0/22
149.154.168.0/21
67.198.55.0/24
91.108.4.0/22
91.108.56.0/22
109.239.140.0/24

2940
package/lean/luci-app-v2ray-pro/root/etc/v2ray/base-gfwlist.txt
View File

File diff suppressed because it is too large Load Diff

29
package/lean/luci-app-v2ray-pro/root/etc/v2ray/gen-gfwlist.sh
View File

@ -1,29 +0,0 @@
#!/bin/sh -e
generate_china_banned()
{
if [ ! -f /tmp/gfwlist.txt ]; then
wget-ssl --no-check-certificate https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt -O /tmp/gfwlist.b64 >&2
cat /tmp/gfwlist.b64 | base64 -d > /tmp/gfwlist.txt
rm -f /tmp/gfwlist.b64
fi
cat /tmp/gfwlist.txt | sort -u |
sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' |
sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' |
sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' |
grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u |
awk '
BEGIN { prev = "________"; } {
cur = $0;
if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") {
} else {
print cur;
prev = cur;
}
}' | sort -u
}
generate_china_banned

293
package/lean/luci-app-v2ray-pro/root/etc/v2ray/gen_config.lua
View File

@ -1,293 +0,0 @@
--[[
Auto generate config for Project V
Author: @libc0607
add reverse
use io write ,fix sequence(cjson.encode's sequence , reverse can't work )
@tqsi
]]--
local conf_path, json_path = ...
conf_path = conf_path or "v2raypro"
json_path = json_path or "/tmp/config.json"
local local_listen_port = 7070
local cjson = require "cjson.safe"
local ucursor = require "luci.model.uci".cursor()
local lip = require "luci.ip"
local v2ray_stream_mode = ucursor:get(conf_path, "v2raypro", "network_type") -- tcp/kcp/ws
local v2ray_enReverse = ucursor:get(conf_path, "v2raypro", "risen")=="1" and true or false
function v2ray_get_conf_list(op)
local t = {}
for k, v in pairs(ucursor:get_list(conf_path, 'v2ray', op)) do
table.insert(t, v)
end
return t
end
function check_addr_type(addr)
local ip = luci.ip.new(addr, 32)
if ip == nil then
return "domain"
elseif ip:is4() then
return "ipv4"
elseif ip:is6() then
return "ipv6"
end
end
function get_ip_list_by_domain(domain)
local domain_list = {}
local cmd = io.popen("nslookup " .. domain .. " |grep Address | awk {'print $3'}")
for cmd_line in cmd:lines() do
if check_addr_type(cmd_line) == "ipv4" then
table.insert(domain_list, cmd_line)
elseif check_addr_type(cmd_line) == "ipv6" then
table.insert(domain_list, cmd_line)
end
end
return domain_list
end
-- Generate config json to <json_path>
local json_file = io.open(json_path, "w+")
io.output(json_file)
io.write("{\"log\":{\"loglevel\":\"warning\",\"access\":\"\",\"error\":\"\"},\"dns\": {\"servers\": [\"localhost\"]},\"inbounds\":[{\"port\":7070,\"tag\": \"listen\",\"protocol\":\"dokodemo-door\",\"address\":\"\",\"settings\":{\"followRedirect\":true,\"network\":\"tcp,udp\",\"timeout\":50},\"domainOverride\":[\"tls\",\"http\"]}],")
if v2ray_enReverse then --reverse set
io.write("\"reverse\": {\"bridges\": [{\"tag\": \"bridge\",\"domain\": \"")
io.write(ucursor:get(conf_path, "v2raypro", "rserver_domain"))
io.write("\"}]},")
end
--outbound
v2ray_proxy={
tag = "proxy",
protocol = "vmess",
settings = {
vnext = {
[1] = {
address = ucursor:get(conf_path, "v2raypro", "address"),
port = tonumber(ucursor:get(conf_path, "v2raypro", "port")),
users = {
[1] = {
id = ucursor:get(conf_path, "v2raypro", "id"),
alterId = tonumber(ucursor:get(conf_path, "v2raypro", "alterId")),
security = ucursor:get(conf_path, "v2raypro", "security")
},
},
},
},
},
streamSettings = {
network = ucursor:get(conf_path, "v2raypro", "network_type"),
tlsSettings = { allowInsecure=true },
security = (ucursor:get(conf_path, "v2raypro", "tls") == '1') and "tls" or "none",
tcpSettings = (v2ray_stream_mode == "tcp" and ucursor:get(conf_path, "v2raypro", "tcp_obfs") == "http") and {
connectionReuse = true,
header = {
type = ucursor:get(conf_path, "v2raypro", "tcp_obfs"),
request = {
version = "1.1",
method = "GET",
path = v2ray_get_conf_list('tcp_path'),
headers = {
Host = v2ray_get_conf_list('tcp_host'),
User_Agent = {
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36",
"Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
},
Accept_Encoding = {"gzip, deflate"},
Connection = {"keep-alive"},
Pragma = "no-cache"
},
},
response = {
version = "1.1",
status = "200",
reason = "OK",
headers = {
Content_Type = {"application/octet-stream","video/mpeg"},
Transfer_Encoding = {"chunked"},
Connection= {"keep-alive"},
Pragma = "no-cache"
},
},
}
} or nil,
kcpSettings = (v2ray_stream_mode == "kcp") and {
mtu = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_mtu")),
tti = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_tti")),
uplinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_uplink")),
downlinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_downlink")),
congestion = (ucursor:get(conf_path, "v2raypro", "kcp_congestion") == "1") and true or false,
readBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_readbuf")),
writeBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "kcp_writebuf")),
header = {
type = ucursor:get(conf_path, "v2raypro", "kcp_obfs")
}
} or nil,
wsSettings = (v2ray_stream_mode == "ws") and {
connectionReuse = true,
path = ucursor:get(conf_path, "v2raypro", "ws_path"),
headers = (ucursor:get(conf_path, "v2raypro", "ws_headers") ~= nil) and {
Host = ucursor:get(conf_path, "v2raypro", "ws_headers")
} or nil,
} or nil,
httpSettings = (v2ray_stream_mode == "h2") and {
path = ucursor:get(conf_path, "v2raypro", "h2_path"),
host = (ucursor:get(conf_path, "v2raypro", "h2_domain") ~= nil) and {
ucursor:get(conf_path, "v2raypro", "h2_domain")
} or nil,
} or nil,
},
mux = (v2ray_enReverse==false) and{
enabled = (ucursor:get(conf_path, "v2raypro", "mux") == "1") and true or false
} or nil,
}
io.write("\"outbounds\": [")
if v2ray_enReverse then
local v2ray_stream_tunnel_mode = ucursor:get(conf_path, "v2raypro", "rnetwork_type") -- tcp/kcp/ws
local v2ray_tunnel= {
tag = "tunnel",
protocol = "vmess",
settings = {
vnext = {
[1] = {
address = ucursor:get(conf_path, "v2raypro", "raddress"),
port = tonumber(ucursor:get(conf_path, "v2raypro", "rport")),
users = {
[1] = {
id = ucursor:get(conf_path, "v2raypro", "rid"),
alterId = tonumber(ucursor:get(conf_path, "v2raypro", "ralterId")),
security = ucursor:get(conf_path, "v2raypro", "rsecurity")
},
},
},
},
},
streamSettings = {
network = ucursor:get(conf_path, "v2raypro", "rnetwork_type"),
tlsSettings = { allowInsecure=true },
security = (ucursor:get(conf_path, "v2raypro", "rtls") == '1') and "tls" or "none",
tcpSettings = (v2ray_stream_tunnel_mode == "tcp" and ucursor:get(conf_path, "v2raypro", "rtcp_obfs") == "http") and {
connectionReuse = true,
header = {
type = ucursor:get(conf_path, "v2raypro", "rtcp_obfs"),
request = {
version = "1.1",
method = "GET",
path = v2ray_get_conf_list('tcp_path'),
headers = {
Host = v2ray_get_conf_list('tcp_host'),
User_Agent = {
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36",
"Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
},
Accept_Encoding = {"gzip, deflate"},
Connection = {"keep-alive"},
Pragma = "no-cache"
},
},
response = {
version = "1.1",
status = "200",
reason = "OK",
headers = {
Content_Type = {"application/octet-stream","video/mpeg"},
Transfer_Encoding = {"chunked"},
Connection= {"keep-alive"},
Pragma = "no-cache"
},
},
}
} or nil,
kcpSettings = (v2ray_stream_tunnel_mode == "kcp") and {
mtu = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_mtu")),
tti = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_tti")),
uplinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_uplink")),
downlinkCapacity = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_downlink")),
congestion = (ucursor:get(conf_path, "v2raypro", "rkcp_congestion") == "1") and true or false,
readBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_readbuf")),
writeBufferSize = tonumber(ucursor:get(conf_path, "v2raypro", "rkcp_writebuf")),
header = {
type = ucursor:get(conf_path, "v2raypro", "rkcp_obfs")
}
} or nil,
wsSettings = (v2ray_stream_tunnel_mode == "ws") and {
connectionReuse = true,
path = ucursor:get(conf_path, "v2raypro", "rws_path"),
headers = (ucursor:get(conf_path, "v2raypro", "rws_headers") ~= nil) and {
Host = ucursor:get(conf_path, "v2raypro", "rws_headers")
} or nil,
} or nil,
httpSettings = (v2ray_stream_tunnel_mode == "h2") and {
path = ucursor:get(conf_path, "v2raypro", "rh2_path"),
host = (ucursor:get(conf_path, "v2raypro", "rh2_domain") ~= nil) and {
ucursor:get(conf_path, "v2raypro", "rh2_domain")
} or nil,
} or nil,
},
mux = (v2ray_enReverse==false) and{
enabled = (ucursor:get(conf_path, "v2raypro", "mux") == "1") and true or false
} or nil,
}
json_raw_t = cjson.encode(v2ray_tunnel)
io.write(json_raw_t..",")
io.write("{\"protocol\": \"freedom\",\"settings\": {},\"tag\": \"out\"},")
end
local json_raw = cjson.encode(v2ray_proxy)
io.write(json_raw.."],")
--io.write("]")
io.write("\"routing\": {\"strategy\": \"rules\",\"settings\": {\"rules\": [")--routing set
if v2ray_enReverse then
io.write("{\"type\": \"field\",\"inboundTag\": [\"bridge\"],\"domain\": [\"full:")
io.write(ucursor:get(conf_path, "v2raypro", "rserver_domain"))
io.write("\"],\"outboundTag\": \"tunnel\"},{\"type\": \"field\",\"inboundTag\": [\"bridge\"],\"outboundTag\": \"out\"},")
end
io.write("{\"domainStrategy\": \"IPIfNonMatch\",\"type\": \"field\",\"outboundTag\": \"proxy\",\"inboundTag\": [\"listen\"]}]}}")
io.write("}")--end
io.close(json_file)
-- change '_' to '-'
local keys_including_minus = {"User_Agent", "Content_Type", "Accept_Encoding", "Transfer_Encoding"}
local keys_corrected = {"User-Agent", "Content-Type", "Accept-Encoding", "Transfer-Encoding"}
for k, v in pairs(keys_including_minus) do
os.execute("sed -i 's/" ..v.. "/" ..keys_corrected[k].. "/g' " .. json_path)
end
-- change "\/" to "/"
os.execute("sed -i 's/\\\\\\//\\//g' ".. json_path)
print("V2ray config generated at " .. json_path)

20
package/lean/luci-app-v2ray-pro/root/etc/v2ray/up-gfwlist.sh
View File

@ -1,20 +0,0 @@
#!/bin/sh
/etc/v2ray/gen-gfwlist.sh > /tmp/ol-gfw.txt
if [ -s "/tmp/ol-gfw.txt" ];then
sort -u /etc/v2ray/base-gfwlist.txt /tmp/ol-gfw.txt > /tmp/china-banned
if ( ! cmp -s /tmp/china-banned /etc/gfwlist/china-banned );then
if [ -s "/tmp/china-banned" ];then
mv /tmp/china-banned /etc/gfwlist/china-banned
echo "Update GFW-List Done!"
fi
else
echo "GFW-List No Change!"
fi
fi
rm -f /tmp/gfwlist.txt
rm -f /tmp/ol-gfw.txt
/etc/init.d/v2raypro restart

26
package/lean/luci-app-v2ray-pro/root/etc/v2ray/v2ray-watchdog
View File

@ -1,26 +0,0 @@
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
#GOOGLE=$(ping -4 www.gstatic.com -c 1 -w 5| sed '1{s/[^(]*(//;s/).*//;q}')
#iptables -t nat -I OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070
#sleep 3
/usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.gstatic.com/generate_204
if [ "$?" == "0" ]; then
echo '['$LOGTIME'] V2Ray No Problem.'
else
/usr/bin/wget --spider --quiet --tries=1 --timeout=3 www.baidu.com
if [ "$?" == "0" ]; then
echo '['$LOGTIME'] Problem decteted, restarting V2Ray...'
/etc/init.d/v2raypro restart
else
echo '['$LOGTIME'] Network Problem. Do nothing.'
fi
fi
#sleep 3
#iptables -t nat -D OUTPUT -p tcp -d $GOOGLE -j REDIRECT --to-port 7070

11
package/lean/luci-app-v2ray-pro/root/etc/v2raypro.include
View File

@ -1,11 +0,0 @@
#!/bin/sh
v2ray_enable=$(uci get v2raypro.@v2raypro[0].enabled 2>/dev/null)
if [ $v2ray_enable -eq 1 ]; then
if pidof v2ray>/dev/null; then
/etc/init.d/v2raypro reload_rule
else
/etc/init.d/v2raypro restart
fi
fi