298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-16 04:13:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

luci ssr plus: add port control

Browse Source
This commit is contained in:
LEAN-ESX 2019-09-29 19:36:22 -07:00
parent 65b25ceb18
commit ef6133ce6c
6 changed files with 43 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/lean/luci-app-ssr-plus/Makefile
View File

@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-ssr-plus PKG_NAME:=luci-app-ssr-plus
PKG_VERSION:=1 PKG_VERSION:=1
PKG_RELEASE:=99 PKG_RELEASE:=100
PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks \ PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \

5
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua
View File

@ -59,6 +59,11 @@ o:value("all", translate("Global Mode"))
o:value("oversea", translate("Oversea Mode")) o:value("oversea", translate("Oversea Mode"))
o.default = gfw o.default = gfw
o = s:option(ListValue, "dports", translate("Proxy Ports"))
o:value("1", translate("All Ports"))
o:value("2", translate("Only Common Ports"))
o.default = 1
o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode")) o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
o:value("1", translate("Use Pdnsd tcp query and cache")) o:value("1", translate("Use Pdnsd tcp query and cache"))
o:value("0", translate("Use Local DNS Service listen port 5335")) o:value("0", translate("Use Local DNS Service listen port 5335"))

9
package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po
View File

@ -499,3 +499,12 @@ msgstr "4 线程"
msgid "8 Threads" msgid "8 Threads"
msgstr "8 线程" msgstr "8 线程"
msgid "Proxy Ports"
msgstr "需要代理的端口"
msgid "All Ports"
msgstr "所有端口(默认)"
msgid "Only Common Ports"
msgstr "仅常用端口不走P2P流量到代理"

8
package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
View File

@ -188,6 +188,12 @@ start_rules() {
gfwmode="-z" gfwmode="-z"
fi fi
local dports=$(uci_get_by_type global dports 1)
if [ $dports = "1" ] ;then
proxyport=" "
else
proxyport="-m multiport --dports 22,53,80,443 "
fi
/usr/bin/ssr-rules \ /usr/bin/ssr-rules \
-s "$server" \ -s "$server" \
@ -200,6 +206,7 @@ start_rules() {
-w "$(uci_get_by_type access_control wan_fw_ips)" \ -w "$(uci_get_by_type access_control wan_fw_ips)" \
-p "$(uci_get_by_type access_control lan_fp_ips)" \ -p "$(uci_get_by_type access_control lan_fp_ips)" \
-G "$(uci_get_by_type access_control lan_gm_ips)" \ -G "$(uci_get_by_type access_control lan_gm_ips)" \
-D "$proxyport" \
$(get_arg_out) $gfwmode $ARG_UDP $(get_arg_out) $gfwmode $ARG_UDP
return $? return $?
@ -474,6 +481,7 @@ start() {
GLOBAL_SERVER=$switch_server GLOBAL_SERVER=$switch_server
switch_enable=1 switch_enable=1
fi fi
if rules ;then if rules ;then
start_redir start_redir

25
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
View File

@ -28,6 +28,7 @@ usage() {
-w <wan_ips> wan ip of will be forwarded -w <wan_ips> wan ip of will be forwarded
-p <fp_lan_ips> lan ip of will be global proxy -p <fp_lan_ips> lan ip of will be global proxy
-G <gm_lan_ips> lan ip of will be game mode proxy -G <gm_lan_ips> lan ip of will be game mode proxy
-D <proxy_ports> proxy ports
-e <extra_options> extra options for iptables -e <extra_options> extra options for iptables
-o apply the rules to the OUTPUT chain -o apply the rules to the OUTPUT chain
-O apply the global rules to the OUTPUT chain -O apply the global rules to the OUTPUT chain
@ -71,6 +72,9 @@ flush_r() {
} }
ipset_r() { ipset_r() {
ipset -N gmlan hash:net 2>/dev/null
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
if [ "$RUNMODE" = "router" ] ;then if [ "$RUNMODE" = "router" ] ;then
ipset -! -R <<-EOF || return 1 ipset -! -R <<-EOF || return 1
create ss_spec_wan_ac hash:net create ss_spec_wan_ac hash:net
@ -88,8 +92,6 @@ EOF
for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done
$IPT -N SS_SPEC_WAN_AC $IPT -N SS_SPEC_WAN_AC
$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
ipset -N gmlan hash:net 2>/dev/null
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN $IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
@ -126,7 +128,7 @@ fw_rule() {
$IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN $IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN $IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN
$IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN $IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN
$IPT -A SS_SPEC_WAN_FW -p tcp \ $IPT -A SS_SPEC_WAN_FW -p tcp $PROXY_PORTS \
-j REDIRECT --to-ports $local_port 2>/dev/null || { -j REDIRECT --to-ports $local_port 2>/dev/null || {
loger 3 "Can't redirect, please check the iptables." loger 3 "Can't redirect, please check the iptables."
exit 1 exit 1
@ -189,26 +191,28 @@ tp_rule() {
$ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN
$ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set fplan src \ $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
if [ "$RUNMODE" = "router" ] ;then if [ "$RUNMODE" = "router" ] ;then
$ipt -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \ $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
elif [ "$RUNMODE" = "gfw" ] ;then elif [ "$RUNMODE" = "gfw" ] ;then
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gfwlist dst \ $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
elif [ "$RUNMODE" = "oversea" ] ;then elif [ "$RUNMODE" = "oversea" ] ;then
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst \ $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
elif [ "$RUNMODE" = "all" ] ;then elif [ "$RUNMODE" = "all" ] ;then
$ipt -A SS_SPEC_TPROXY -p udp -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
fi fi
$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \ $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
@ -288,7 +292,7 @@ EOF
return 0 return 0
} }
while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgrczh" arg; do while getopts ":s:l:S:L:i:e:a:b:w:p:G:D:oOuUfgrczh" arg; do
case "$arg" in case "$arg" in
s) s)
server=$OPTARG server=$OPTARG
@ -323,6 +327,9 @@ while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgrczh" arg; do
G) G)
LAN_GM_IP=$OPTARG LAN_GM_IP=$OPTARG
;; ;;
D)
PROXY_PORTS=$OPTARG
;;
o) o)
OUTPUT=1 OUTPUT=1
;; ;;

8
package/network/utils/iwinfo/Makefile
View File

@ -11,9 +11,9 @@ PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/iwinfo.git PKG_SOURCE_URL=$(PROJECT_GIT)/project/iwinfo.git
PKG_SOURCE_DATE:=2018-12-25 PKG_SOURCE_DATE:=2019-09-22
PKG_SOURCE_VERSION:=dd508af481406bbbe42eaa20a54226645f0301cc PKG_SOURCE_VERSION:=313e82709ba90f3a966f0dd348bcad007ca316be
PKG_MIRROR_HASH:=1137b2bc2bdb8157b0ed7dfd6902453285df765358469accc4916a79a7aab989 PKG_MIRROR_HASH:=9d81fbc867eadb91ae6045aef334146c3928c0d353e4aa271f83b55bfa37999d
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io> PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
PKG_LICENSE:=GPL-2.0 PKG_LICENSE:=GPL-2.0
@ -33,7 +33,7 @@ define Package/libiwinfo
CATEGORY:=Libraries CATEGORY:=Libraries
TITLE:=Generalized Wireless Information Library (iwinfo) TITLE:=Generalized Wireless Information Library (iwinfo)
DEPENDS:=+PACKAGE_kmod-cfg80211:libnl-tiny +libuci +libubus DEPENDS:=+PACKAGE_kmod-cfg80211:libnl-tiny +libuci +libubus
ABI_VERSION:=$(PKG_RELEASE) ABI_VERSION:=20181126
endef endef
define Package/libiwinfo/description define Package/libiwinfo/description