mirror of
https://github.com/coolsnowwolf/lede.git
synced 2025-04-16 04:13:31 +00:00
luci ssr plus: add port control
This commit is contained in:
LEAN-ESX
parent
65b25ceb18
commit
ef6133ce6c
@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-ssr-plus
|
||||
PKG_VERSION:=1
|
||||
PKG_RELEASE:=99
|
||||
PKG_RELEASE:=100
|
||||
|
||||
PKG_CONFIG_DEPENDS:= CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
|
||||
|
||||
@ -59,6 +59,11 @@ o:value("all", translate("Global Mode"))
|
||||
o:value("oversea", translate("Oversea Mode"))
|
||||
o.default = gfw
|
||||
|
||||
o = s:option(ListValue, "dports", translate("Proxy Ports"))
|
||||
o:value("1", translate("All Ports"))
|
||||
o:value("2", translate("Only Common Ports"))
|
||||
o.default = 1
|
||||
|
||||
o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
|
||||
o:value("1", translate("Use Pdnsd tcp query and cache"))
|
||||
o:value("0", translate("Use Local DNS Service listen port 5335"))
|
||||
|
||||
@ -499,3 +499,12 @@ msgstr "4 线程"
|
||||
|
||||
msgid "8 Threads"
|
||||
msgstr "8 线程"
|
||||
|
||||
msgid "Proxy Ports"
|
||||
msgstr "需要代理的端口"
|
||||
|
||||
msgid "All Ports"
|
||||
msgstr "所有端口(默认)"
|
||||
|
||||
msgid "Only Common Ports"
|
||||
msgstr "仅常用端口(不走P2P流量到代理)"
|
||||
|
||||
@ -188,6 +188,12 @@ start_rules() {
|
||||
gfwmode="-z"
|
||||
fi
|
||||
|
||||
local dports=$(uci_get_by_type global dports 1)
|
||||
if [ $dports = "1" ] ;then
|
||||
proxyport=" "
|
||||
else
|
||||
proxyport="-m multiport --dports 22,53,80,443 "
|
||||
fi
|
||||
|
||||
/usr/bin/ssr-rules \
|
||||
-s "$server" \
|
||||
@ -200,6 +206,7 @@ start_rules() {
|
||||
-w "$(uci_get_by_type access_control wan_fw_ips)" \
|
||||
-p "$(uci_get_by_type access_control lan_fp_ips)" \
|
||||
-G "$(uci_get_by_type access_control lan_gm_ips)" \
|
||||
-D "$proxyport" \
|
||||
$(get_arg_out) $gfwmode $ARG_UDP
|
||||
|
||||
return $?
|
||||
@ -474,6 +481,7 @@ start() {
|
||||
GLOBAL_SERVER=$switch_server
|
||||
switch_enable=1
|
||||
fi
|
||||
|
||||
if rules ;then
|
||||
start_redir
|
||||
|
||||
|
||||
@ -28,6 +28,7 @@ usage() {
|
||||
-w <wan_ips> wan ip of will be forwarded
|
||||
-p <fp_lan_ips> lan ip of will be global proxy
|
||||
-G <gm_lan_ips> lan ip of will be game mode proxy
|
||||
-D <proxy_ports> proxy ports
|
||||
-e <extra_options> extra options for iptables
|
||||
-o apply the rules to the OUTPUT chain
|
||||
-O apply the global rules to the OUTPUT chain
|
||||
@ -71,6 +72,9 @@ flush_r() {
|
||||
}
|
||||
|
||||
ipset_r() {
|
||||
ipset -N gmlan hash:net 2>/dev/null
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
|
||||
|
||||
if [ "$RUNMODE" = "router" ] ;then
|
||||
ipset -! -R <<-EOF || return 1
|
||||
create ss_spec_wan_ac hash:net
|
||||
@ -88,8 +92,6 @@ EOF
|
||||
for ip in $WAN_FW_IP; do ipset -! add gfwlist $ip ; done
|
||||
$IPT -N SS_SPEC_WAN_AC
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
|
||||
ipset -N gmlan hash:net 2>/dev/null
|
||||
for ip in $LAN_GM_IP; do ipset -! add gmlan $ip ; done
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
|
||||
$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
|
||||
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
|
||||
@ -126,7 +128,7 @@ fw_rule() {
|
||||
$IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN
|
||||
$IPT -A SS_SPEC_WAN_FW -p tcp \
|
||||
$IPT -A SS_SPEC_WAN_FW -p tcp $PROXY_PORTS \
|
||||
-j REDIRECT --to-ports $local_port 2>/dev/null || {
|
||||
loger 3 "Can't redirect, please check the iptables."
|
||||
exit 1
|
||||
@ -189,26 +191,28 @@ tp_rule() {
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
|
||||
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set fplan src \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
if [ "$RUNMODE" = "router" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set ! --match-set ss_spec_wan_ac dst \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "gfw" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gfwlist dst \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "oversea" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst \
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
|
||||
-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
|
||||
elif [ "$RUNMODE" = "all" ] ;then
|
||||
$ipt -A SS_SPEC_TPROXY -p udp -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
|
||||
fi
|
||||
|
||||
$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
|
||||
@ -288,7 +292,7 @@ EOF
|
||||
return 0
|
||||
}
|
||||
|
||||
while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgrczh" arg; do
|
||||
while getopts ":s:l:S:L:i:e:a:b:w:p:G:D:oOuUfgrczh" arg; do
|
||||
case "$arg" in
|
||||
s)
|
||||
server=$OPTARG
|
||||
@ -323,6 +327,9 @@ while getopts ":s:l:S:L:i:e:a:b:w:p:G:oOuUfgrczh" arg; do
|
||||
G)
|
||||
LAN_GM_IP=$OPTARG
|
||||
;;
|
||||
D)
|
||||
PROXY_PORTS=$OPTARG
|
||||
;;
|
||||
o)
|
||||
OUTPUT=1
|
||||
;;
|
||||
|
||||
@ -11,9 +11,9 @@ PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL=$(PROJECT_GIT)/project/iwinfo.git
|
||||
PKG_SOURCE_DATE:=2018-12-25
|
||||
PKG_SOURCE_VERSION:=dd508af481406bbbe42eaa20a54226645f0301cc
|
||||
PKG_MIRROR_HASH:=1137b2bc2bdb8157b0ed7dfd6902453285df765358469accc4916a79a7aab989
|
||||
PKG_SOURCE_DATE:=2019-09-22
|
||||
PKG_SOURCE_VERSION:=313e82709ba90f3a966f0dd348bcad007ca316be
|
||||
PKG_MIRROR_HASH:=9d81fbc867eadb91ae6045aef334146c3928c0d353e4aa271f83b55bfa37999d
|
||||
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
|
||||
@ -33,7 +33,7 @@ define Package/libiwinfo
|
||||
CATEGORY:=Libraries
|
||||
TITLE:=Generalized Wireless Information Library (iwinfo)
|
||||
DEPENDS:=+PACKAGE_kmod-cfg80211:libnl-tiny +libuci +libubus
|
||||
ABI_VERSION:=$(PKG_RELEASE)
|
||||
ABI_VERSION:=20181126
|
||||
endef
|
||||
|
||||
define Package/libiwinfo/description
|
||||
|
||||
Loading…
Reference in New Issue
Block a user