diff --git a/package/ctcgfw/luci-app-vssr/Makefile b/package/ctcgfw/luci-app-vssr/Makefile index 1c6ec47218..16624f87c3 100644 --- a/package/ctcgfw/luci-app-vssr/Makefile +++ b/package/ctcgfw/luci-app-vssr/Makefile @@ -1,8 +1,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-vssr -PKG_VERSION:=1.19 -PKG_RELEASE:=20201205 +PKG_VERSION:=1.20 +PKG_RELEASE:=20201209 include $(INCLUDE_DIR)/package.mk diff --git a/package/ctcgfw/luci-app-vssr/luasrc/controller/vssr.lua b/package/ctcgfw/luci-app-vssr/luasrc/controller/vssr.lua index 662cbfc169..55c4eef4fe 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/controller/vssr.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/controller/vssr.lua @@ -13,10 +13,11 @@ function index() entry({'admin', 'services', 'vssr', 'servers'}, cbi('vssr/servers'), _('Severs Nodes'), 11).leaf = true -- 服务器节点 entry({'admin', 'services', 'vssr', 'servers'}, arcombine(cbi('vssr/servers'), cbi('vssr/client-config')), _('Severs Nodes'), 11).leaf = true -- 编辑节点 entry({'admin', 'services', 'vssr', 'control'}, cbi('vssr/control'), _('Access Control'), 12).leaf = true -- 访问控制 - if nixio.fs.access('/usr/bin/v2ray/v2ray') then - entry({'admin', 'services', 'vssr', 'socks5'}, cbi('vssr/socks5'), _('Socks5'), 13).leaf = true -- Socks5代理 + entry({'admin', 'services', 'vssr', 'router'}, cbi('vssr/router'), _('Router Config'), 13).leaf = true -- 访问控制 + if nixio.fs.access('/usr/bin/v2ray/v2ray') or nixio.fs.access('/usr/bin/v2ray') or nixio.fs.access('/usr/bin/xray') or nixio.fs.access('/usr/bin/xray/xray') then + entry({'admin', 'services', 'vssr', 'socks5'}, cbi('vssr/socks5'), _('Socks5'), 14).leaf = true -- Socks5代理 end - entry({'admin', 'services', 'vssr', 'advanced'}, cbi('vssr/advanced'), _('Advanced Settings'), 14).leaf = true -- 高级设置 + entry({'admin', 'services', 'vssr', 'advanced'}, cbi('vssr/advanced'), _('Advanced Settings'), 15).leaf = true -- 高级设置 elseif nixio.fs.access('/usr/bin/ssr-server') then entry({'admin', 'services', 'vssr'}, alias('admin', 'services', 'vssr', 'server'), _('vssr'), 10).dependent = true else @@ -39,6 +40,7 @@ function index() entry({'admin', 'services', 'vssr', 'flag'}, call('get_flag')) -- 获取节点国旗 iso code entry({'admin', 'services', 'vssr', 'ip'}, call('check_ip')) -- 获取ip情况 entry({'admin', 'services', 'vssr', 'switch'}, call('switch')) -- 设置节点为自动切换 + entry({'admin', 'services', 'vssr', 'delnode'}, call('del_node')) -- 删除某个节点 end -- 执行订阅 @@ -86,6 +88,23 @@ function get_servers() luci.http.write_json(server_table) end +-- 删除指定节点 +function del_node() + local e = {} + local uci = luci.model.uci.cursor() + local node = luci.http.formvalue('node') + e.status = false + e.node = node + if node ~= '' then + uci:delete('vssr', node) + uci:save('vssr') + uci:commit('vssr') + e.status = true + end + luci.http.prepare_content('application/json') + luci.http.write_json(e) +end + -- 切换节点 function change_node() local sockets = require 'socket' @@ -246,7 +265,7 @@ function refresh_data() retstring = '-1' end elseif set == 'ip_data' then - refresh_cmd = "wget -O- 'https://ispip.clang.cn/all_cn.txt' > /tmp/china_ssr.txt" + refresh_cmd ="wget -O- 'https://ispip.clang.cn/all_cn.txt' > /tmp/china_ssr.txt 2>/dev/null" sret = luci.sys.call(refresh_cmd) icount = luci.sys.exec('cat /tmp/china_ssr.txt | wc -l') if sret == 0 and tonumber(icount) > 1000 then @@ -300,4 +319,4 @@ function refresh_data() end luci.http.prepare_content('application/json') luci.http.write_json({ret = retstring, retcount = icount}) -end +end \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua index 33aec5600b..f5452ecd3e 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client-config.lua @@ -129,7 +129,7 @@ o:value('ssr', translate('ShadowsocksR')) if nixio.fs.access('/usr/bin/ss-redir') then o:value('ss', translate('Shadowsocks New Version')) end -if nixio.fs.access('/usr/bin/v2ray/v2ray') or nixio.fs.access('/usr/bin/v2ray') then +if nixio.fs.access('/usr/bin/v2ray/v2ray') or nixio.fs.access('/usr/bin/v2ray') or nixio.fs.access('/usr/bin/xray') or nixio.fs.access('/usr/bin/xray/xray') then o:value('v2ray', translate('V2Ray')) o:value('vless', translate('VLESS')) end diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua index 0c016becd4..9d77400f59 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/client.lua @@ -6,7 +6,7 @@ local vssr = 'vssr' local gfwmode = 0 -if nixio.fs.access('/etc/dnsmasq.ssr/gfw_list.conf') then +if nixio.fs.access('/etc/vssr/gfw_list.conf') then gfwmode = 1 end @@ -26,9 +26,12 @@ uci:foreach( 'vssr', 'servers', function(s) - s['name'] = s['.name'] - s['gname'] = '[%s]:%s' % {string.upper(s.type), s.alias} - table.insert(server_table, s) + if s.type ~= nil then + s['name'] = s['.name'] + local alias = (s.alias ~= nil) and s.alias or "未命名节点" + s['gname'] = '[%s]:%s' % {string.upper(s.type), alias} + table.insert(server_table, s) + end end ) function my_sort(a,b) @@ -52,7 +55,7 @@ local route_label = { 'Youtube Proxy', 'TaiWan Video Proxy', 'Netflix Proxy', - 'Diseny+ Proxy', + 'Disney+ Proxy', 'Prime Video Proxy', 'TVB Video Proxy', 'Custom Proxy' @@ -119,7 +122,6 @@ o:value('router', translate('IP Route Mode')) o:value('all', translate('Global Mode')) o:value('oversea', translate('Oversea Mode')) o.default = 'router' - o = s:option(ListValue, 'dports', translate('Proxy Ports')) o:value('1', translate('All Ports')) o:value('2', translate('Only Common Ports')) diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua index e537fd5596..2ee6581431 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua @@ -18,16 +18,21 @@ o.datatype = 'ip4addr' -- Part of LAN s:tab('lan_ac', translate('LAN IP AC')) -o = s:taboption('lan_ac', DynamicList, 'lan_ac_ips', translate('LAN Bypassed Host List')) -o.datatype = 'ipaddr' -luci.ip.neighbors( - {family = 4}, - function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end - end -) +o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("LAN Access Control")) +o:value("0", translate("Disable")) +o:value("w", translate("Allow listed only")) +o:value("b", translate("Allow all except listed")) +o.rmempty = false + +o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List")) +o.datatype = "ipaddr" +luci.ip.neighbors({ family = 4 }, function(entry) + if entry.reachable then + o:value(entry.dest:string()) + end +end) +o:depends("lan_ac_mode", "w") +o:depends("lan_ac_mode", "b") o = s:taboption('lan_ac', DynamicList, 'lan_fp_ips', translate('LAN Force Proxy Host List')) o.datatype = 'ipaddr' @@ -93,9 +98,4 @@ o.remove = function(self, section, value) NXFS.writefile(blockconf, '') end -s:tab('proxy', translate('Custom Proxy Domain Name')) - -o = s:taboption('proxy', DynamicList, 'proxy_domain_name', translate('Proxy Domain Name')) -o.datatype = 'hostname' - -return m +return m \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/router.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/router.lua new file mode 100644 index 0000000000..3ac396f22b --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/router.lua @@ -0,0 +1,55 @@ +local m, s, o +local NXFS = require 'nixio.fs' +local router_table = { + yotube = { + name = 'youtube', + des = 'Youtube Domain' + }, + tw_video = { + name = 'tw_video', + des = 'Tw Video Domain' + }, + netflix = { + name = 'netflix', + des = 'Netflix Domain' + }, + disney = { + name = 'disney', + des = 'Disney+ Domain' + }, + prime = { + name = 'prime', + des = 'Prime Video Domain' + }, + tvb = { + name = 'tvb', + des = 'TVB Domain' + }, + custom = { + name = 'custom', + des = 'Custom Domain' + } +} + +m = Map('vssr', translate('Router domain config')) +s = m:section(TypedSection, 'access_control') +s.anonymous = true +for _, v in pairs(router_table) do + s:tab(v.name, translate(v.des)) + local conf = '/etc/vssr/'.. v.name ..'_domain.list' + o = s:taboption(v.name, TextValue, v.name ..'conf') + o.rows = 13 + o.wrap = 'off' + o.rmempty = true + o.cfgvalue = function(self, section) + return NXFS.readfile(conf) or ' ' + end + o.write = function(self, section, value) + NXFS.writefile(conf, value:gsub('\r\n', '\n')) + end + o.remove = function(self, section, value) + NXFS.writefile(conf, '') + end +end + +return m diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/servers.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/servers.lua index 93e82b575c..5d2b0c6d50 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/servers.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/servers.lua @@ -12,6 +12,9 @@ uci:foreach( function(s) server_count = server_count + 1 s['name'] = s['.name'] + if(s.alias == nil) then + s.alias = "未命名节点" + end table.insert(server_table, s) end ) diff --git a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/socks5.lua b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/socks5.lua index 7f82219bbb..d477e3adc1 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/socks5.lua +++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/socks5.lua @@ -7,7 +7,7 @@ local sys = require 'luci.sys' m = Map(vssr) -- [[ SOCKS5 Proxy ]]-- -if nixio.fs.access('/usr/bin/v2ray/v2ray') then +if nixio.fs.access('/usr/bin/v2ray/v2ray') or nixio.fs.access('/usr/bin/v2ray') or nixio.fs.access('/usr/bin/xray') or nixio.fs.access('/usr/bin/xray/xray') then s = m:section(TypedSection, 'socks5_proxy', translate('V2ray SOCKS5 Proxy')) s.anonymous = true diff --git a/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/ssrurl.htm b/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/ssrurl.htm index 9d8075c515..f6b5bff640 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/ssrurl.htm +++ b/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/ssrurl.htm @@ -219,7 +219,7 @@ } el('.server').value = part2[0]; el('.server_port').value = others[0]; - el('.password').value = part1[1]; + el('.password').value = part1[0]; if (queryParam.peer || queryParam.sni) { el('.tls').checked = true; el('.peer').value = queryParam.peer || queryParam.sni; diff --git a/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/tblsection.htm b/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/tblsection.htm index 527055d268..c77c412093 100644 --- a/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/tblsection.htm +++ b/package/ctcgfw/luci-app-vssr/luasrc/view/vssr/tblsection.htm @@ -1,7 +1,6 @@ -
总计 @@ -39,10 +38,9 @@ %> onclick="location.href='<%=self:extedit(section.name)%>'" <%- end %> alt="<%:Edit%>" title="<%:Edit%>"> <%:Edit%> <%- end; if self.addremove then %> - + <%:Delete%> <%- end -%> <%- end -%> @@ -93,6 +91,7 @@ const CONFIG = '<%=self.config%>'; const CURRENT = '<%=self.current%>'; const CHANGE_NODE_URL = '<%=luci.dispatcher.build_url("admin", "services", "vssr","change")%>'; + const DELETE_NODE_URL = '<%=luci.dispatcher.build_url("admin", "services", "vssr","delnode")%>'; const CHECK_PING_URL = '<%=luci.dispatcher.build_url("admin", "services", "vssr","checkport")%>'; const SWITCH_NODE_URL = '<%=luci.dispatcher.build_url("admin", "services", "vssr","switch")%>'; @@ -166,6 +165,21 @@ } }) } + + //删除节点 + function delete_node(node){ + XHR.halt(); + $.each(ajaxArray, function (n, value) { value.abort(); }) //中断所有的ajax请求 + $.get(DELETE_NODE_URL, { node: node }, + function (data, status) { + if (data.status) { + var id = '#cbi-<%=self.config%>-' + node; + $(id).parent().remove(); + XHR.run(); + check() + } + }); + } //设定自动切换 $(".incon").click(function () { diff --git a/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po b/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po index 002061e298..ba0b7b14e2 100644 --- a/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po +++ b/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po @@ -630,8 +630,8 @@ msgstr "台湾视频服务代理" msgid "Netflix Proxy" msgstr "Netflix 代理" -msgid "Diseny+ Proxy" -msgstr "Diseny+ 代理" +msgid "Disney+ Proxy" +msgstr "Disney+ 代理" msgid "Prime Video Proxy" msgstr "Prime Video 代理" @@ -674,3 +674,30 @@ msgstr "VLESS 加密" msgid "You can manually add group names in front of the URL, splited by ," msgstr "你可以在URL前面手动添加组名,使用 , 分隔" + +msgid "Router Config" +msgstr "分流设置" + +msgid "Router domain config" +msgstr "分流域名设置" + +msgid "Youtube Domain" +msgstr "YouTube 域名" + +msgid "Tw Video Domain" +msgstr "台湾视频域名" + +msgid "Netflix Domain" +msgstr "Netflix 域名" + +msgid "Disney+ Domain" +msgstr "Disney+ 域名" + +msgid "Prime Video Domain" +msgstr "Prime Video 域名" + +msgid "TVB Domain" +msgstr "TVB 域名" + +msgid "Custom Domain" +msgstr "自定义域名" diff --git a/package/ctcgfw/luci-app-vssr/root/etc/config/vssr b/package/ctcgfw/luci-app-vssr/root/etc/config/vssr old mode 100644 new mode 100755 index b53257cdfa..088a72a5c5 --- a/package/ctcgfw/luci-app-vssr/root/etc/config/vssr +++ b/package/ctcgfw/luci-app-vssr/root/etc/config/vssr @@ -2,7 +2,7 @@ config global option tunnel_forward '8.8.4.4:53' option tunnel_address '0.0.0.0' - option run_mode 'gfw' + option run_mode 'router' option pdnsd_enable '1' option monitor_enable '1' option global_server 'nil' @@ -11,7 +11,7 @@ config global option switch_time '667' option switch_try_count '3' option adblock '0' - option dports '2' + option dports '1' config socks5_proxy option enable_server '0' @@ -38,6 +38,7 @@ config server_subscribe option proxy '0' option auto_update_time '2' option auto_update '1' + option filter_words '过期时间/剩余流量' diff --git a/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr b/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr index b40b5635a2..21271961a7 100755 --- a/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr +++ b/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr @@ -1,4 +1,4 @@ -#!/bin/bash /etc/rc.common +#!/bin/sh /etc/rc.common # # Copyright (C) 2017 openwrt-ssr # Copyright (C) 2017 yushi studio @@ -8,7 +8,7 @@ # See /LICENSE for more information. # -START=90 +START=99 STOP=15 extra_command "rules" @@ -35,9 +35,6 @@ switch_server=$1 MAXFD=32768 CRON_FILE=/etc/crontabs/root threads=1 -shunt_type=("global" "youtube" "tw_video" "netflix" "disney" "prime" "tvb" "custom") -shunt_port=(2080 2081 2082 2083 2084 2085 2086 2087) -shunt_array=("youtube" "tw_video" "netflix" "disney" "prime" "tvb" "custom") scount=0 uci_get_by_name() { local ret=$(uci get $NAME.$1.$2 2>/dev/null) @@ -63,14 +60,23 @@ del_cron() { } count_shunt() { scount=0 - for ((i = 0; i < ${#shunt_array[@]}; i++)); do - local server_index=$(uci_get_by_type global ${shunt_array[i]}_server) + eval shunt_array1="youtube" + eval shunt_array2="tw_video" + eval shunt_array3="netflix" + eval shunt_array4="disney" + eval shunt_array5="prime" + eval shunt_array6="tvb" + eval shunt_array7="custom" + for i in 1 2 3 4 5 6 7; do + a=$(eval echo "\$shunt_array$i") + local server_index=$(uci_get_by_type global ${a}_server) local server_type=$(uci_get_by_name $server_index type) if [ "$server_type" != "" ]; then scount=$(($scount + 1)) fi done } + count_shunt run_mode=$(uci_get_by_type global run_mode) is_xray=$(uci_get_by_type global use_xray) @@ -149,7 +155,7 @@ start_rules() { local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port) local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips) - local lan_ac_mode="b" + local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode) local router_proxy=$(uci_get_by_type access_control router_proxy) if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a $kcp_flag == 0 ]; then ARG_UDP="-u" @@ -228,43 +234,34 @@ start_pdnsd() { chown -R nobody:nogroup /var/pdnsd fi - cat >/var/etc/pdnsd.conf </var/etc/pdnsd.conf + global{ + perm_cache=1024; + cache_dir="/var/pdnsd"; + pid_file="/var/run/pdnsd.pid"; + run_as="nobody"; + server_ip=127.0.0.1; + server_port=5335; + status_ctl=on; + query_method=tcp_only; + min_ttl=1h; + max_ttl=1w; + timeout=10; + neg_domain_pol=on; + proc_limit=2; + procq_limit=8; + par_queries=1; + } + server{ + label="ssr-usrdns"; + ip=$usr_dns; + port=$usr_port; + timeout=6; + uptest=none; + interval=10m; + purge_cache=off; + } + EOF /usr/sbin/pdnsd -c /var/etc/pdnsd.conf & } @@ -275,30 +272,47 @@ find_bin() { ssr) ret="/usr/bin/ssr-redir" ;; ssr-local) ret="/usr/bin/ssr-local" ;; ssr-server) ret="/usr/bin/ssr-server" ;; - v2ray | vless) - ret="/usr/bin/v2ray/v2ray" && [ ! -f "$ret" ] && ret="/usr/bin/v2ray" + v2ray | vless) + ret="/usr/bin/v2ray/v2ray" && [ ! -f "$ret" ] && ret="/usr/bin/v2ray" if [ $is_xray = "1" ]; then - ret="/usr/bin/xray" && [ ! -f "$ret" ] && ret="/usr/bin/xray/xray" + ret="/usr/bin/xray" && [ ! -f "$ret" ] && ret="/usr/bin/xray/xray" fi ;; trojan) ret="/usr/sbin/trojan" ;; - socks5 | tun) ret="/usr/sbin/redsocks2" ;; esac echo $ret } #分流节点 start_shunt() { - for ((i = 0; i < ${#shunt_type[@]}; i++)); do - local server_index=$(uci_get_by_type global ${shunt_type[i]}_server) - local server_port=${shunt_port[i]} + eval shunt_type1="global" + eval shunt_type2="youtube" + eval shunt_type3="tw_video" + eval shunt_type4="netflix" + eval shunt_type5="disney" + eval shunt_type6="prime" + eval shunt_type7="tvb" + eval shunt_type8="custom" + eval shunt_port1=2080 + eval shunt_port2=2081 + eval shunt_port3=2082 + eval shunt_port4=2083 + eval shunt_port5=2084 + eval shunt_port6=2085 + eval shunt_port7=2086 + eval shunt_port8=2087 + for i in 1 2 3 4 5 6 7 8; do + shunt_type=$(eval echo "\$shunt_type$i") + shunt_port=$(eval echo "\$shunt_port$i") + local server_index=$(uci_get_by_type global ${shunt_type}_server) + local server_port=${shunt_port} local server_type=$(uci_get_by_name $server_index type) local server_ip=$(uci_get_by_name $server_index server) - if ["$server_type" == "vless"]; then + if [ "$server_type" = "vless" ]; then server_type="v2ray" fi - [ "$server_type" == "trojan" ] && re_type="client" || re_type="tcp" + [ "$server_type" = "trojan" ] && re_type="client" || re_type="tcp" if [ "$server_type" != "v2ray" -a "$server_type" != "" ]; then - local config_file=/var/etc/${NAME}_${shunt_type[i]}.json + local config_file=/var/etc/${NAME}_${shunt_type}.json local bin=$(find_bin $server_type) lua /usr/share/vssr/genconfig_${server_type}.lua ${server_index} ${re_type} ${server_port} ${server_ip} >${config_file} sed -i 's/\\//g' $config_file @@ -306,13 +320,13 @@ start_shunt() { ss | ssr) bin=$(find_bin "ss-local") [ "$server_type" == "ssr" ] && bin=$(find_bin "ssr-local") - $bin -c $config_file $ARG_OTA -f /var/run/vssr-${shunt_type[i]}.pid1 >/dev/null 2>&1 + $bin -c $config_file $ARG_OTA -f /var/run/vssr-${shunt_type}.pid1 >/dev/null 2>&1 ;; trojan) $bin --config $config_file >/dev/null 2>&1 & ;; esac - echo "$(date "+%Y-%m-%d %H:%M:%S") ${shunt_type[i]}: $server_type 分流服务已启动!" >>/tmp/vssr.log + echo "$(date "+%Y-%m-%d %H:%M:%S") ${shunt_type}: $server_type 分流服务已启动!" >>/tmp/vssr.log fi done return $? @@ -370,7 +384,6 @@ start_redir() { ;; v2ray | vless) $sscmd -config $last_config_file >/dev/null 2>&1 & - echo $sscmd echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) 已启动!" >>/tmp/vssr.log ;; trojan) @@ -479,8 +492,10 @@ start_service() { [ $(uci_get_by_name $1 enable) = "0" ] && return 1 let server_count=server_count+1 if [ $server_count = 1 ]; then - iptables -N SSR-SERVER-RULE && + if ! (iptables-save -t filter | grep SSR-SERVER-RULE >/dev/null); then + iptables -N SSR-SERVER-RULE && \ iptables -t filter -I INPUT -j SSR-SERVER-RULE + fi fi gen_service_file $1 /var/etc/${NAME}_${server_count}.json @@ -527,8 +542,9 @@ start_local() { lua /usr/share/vssr/genconfig_v2ray_s.lua >$CONFIG_SOCK5_FILE sed -i 's/\\//g' $config_file - - /usr/bin/v2ray/v2ray -config $CONFIG_SOCK5_FILE >/dev/null 2>&1 & + socksbin=$(find_bin "v2ray") + echo $socksbin + $socksbin -config $CONFIG_SOCK5_FILE >/dev/null 2>&1 & local_enable=1 } @@ -551,34 +567,39 @@ start() { GLOBAL_SERVER=$switch_server switch_enable=1 fi - if rules; then - start_redir - - mkdir -p /tmp/dnsmasq.d \ - && cp -a /etc/vssr/gfw_list.conf /tmp/dnsmasq.ssr \ - && cp -a /etc/vssr/gfw_base.conf /tmp/dnsmasq.ssr \ - && cp -a /etc/vssr/ad.conf /tmp/dnsmasq.ssr \ - && cp -a /etc/vssr/oversea_list.conf /tmp/dnsmasq.oversea - - if ! [ "$run_mode" = "oversea" ]; then - cat >/tmp/dnsmasq.d/dnsmasq-ssr.conf </tmp/dnsmasq.d/dnsmasq-ssr.conf </tmp/dnsmasq.d/dnsmasq-ssr.conf </tmp/dnsmasq.d/dnsmasq-ssr.conf </dev/null 2>&1 - fi + /etc/init.d/dnsmasq restart >/dev/null 2>&1 start_server start_local if [ $scount != "0" ]; then @@ -615,10 +636,10 @@ stop() { if [ $(uci_get_by_type global monitor_enable) = 1 ]; then kill -9 $(busybox ps -w | grep vssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1 fi - killall -q -9 ss-redir ss-local obfs-local ssr-redir ssr-local ssr-server v2ray v2ray-plugin trojan microsocks ipt2socks dns2socks redsocks2 pdnsd xray + killall -q -9 ss-redir ss-local obfs-local ssr-redir ssr-local ssr-server v2ray v2ray-plugin xray trojan microsocks ipt2socks dns2socks pdnsd if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then - rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf + rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf /tmp/dnsmasq.ssr /tmp/dnsmasq.oversea /etc/init.d/dnsmasq restart >/dev/null 2>&1 fi del_cron diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/black.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/black.list index cb58ecb1db..dd852d6fb5 100644 --- a/package/ctcgfw/luci-app-vssr/root/etc/vssr/black.list +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/black.list @@ -1,25 +1,4 @@ api.ipify.org -fast.com -netflix.ca -netflix.com -netflix.net -netflixinvestor.com -netflixtechblog.com -nflxext.com -nflximg.com -nflximg.net -nflxsearch.net -nflxso.net -nflxvideo.net -amazonprimevideos.com -amazonvideo.cc -amazonvideo.com -prime-video.com -primevideo.cc -primevideo.com -primevideo.info -primevideo.org -primevideo.tv v2fly.org github.com -raw.githubusercontent.com +raw.githubusercontent.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/custom_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/custom_domain.list new file mode 100644 index 0000000000..e69de29bb2 diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/disney_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/disney_domain.list new file mode 100644 index 0000000000..08a6f52dcd --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/disney_domain.list @@ -0,0 +1,6 @@ +cdn.registerdisney.go.com +disneyplus.com +disney-plus.net +dssott.com +bamgrid.com +execute-api.us-east-1.amazonaws.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/netflix_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/netflix_domain.list new file mode 100644 index 0000000000..40ad124b30 --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/netflix_domain.list @@ -0,0 +1,22 @@ +fast.com +netflix.ca +netflix.com +netflix.net +netflixinvestor.com +netflixtechblog.com +nflxext.com +nflximg.com +nflximg.net +nflxsearch.net +nflxso.net +nflxvideo.net +netflixdnstest0.com +netflixdnstest1.com +netflixdnstest2.com +netflixdnstest3.com +netflixdnstest4.com +netflixdnstest5.com +netflixdnstest6.com +netflixdnstest7.com +netflixdnstest8.com +netflixdnstest9.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/prime_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/prime_domain.list new file mode 100644 index 0000000000..a5d1446e6c --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/prime_domain.list @@ -0,0 +1,12 @@ +aiv-cdn.net +amazonaws.com +amazonvideo.com +llnwd.net +amazonprimevideos.com +amazonvideo.cc +prime-video.com +primevideo.cc +primevideo.com +primevideo.info +primevideo.org +primevideo.tv \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/tvb_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/tvb_domain.list new file mode 100644 index 0000000000..7e7accf408 --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/tvb_domain.list @@ -0,0 +1,2 @@ +tvsuper.com +tvb.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/tw_video_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/tw_video_domain.list new file mode 100644 index 0000000000..854bf3a531 --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/tw_video_domain.list @@ -0,0 +1,12 @@ +vidol.tv +hinet.net +books.com +litv.tv +pstatic.net +app-measurement.com +kktv.com.tw +gamer.com.tw +wetv.vip +kktv.me +myvideo.net.tw +kk.stream \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/etc/vssr/youtube_domain.list b/package/ctcgfw/luci-app-vssr/root/etc/vssr/youtube_domain.list new file mode 100644 index 0000000000..4b309748e5 --- /dev/null +++ b/package/ctcgfw/luci-app-vssr/root/etc/vssr/youtube_domain.list @@ -0,0 +1,14 @@ +youtube +ggpht.com +googlevideo.com +withyoutube.com +youtu.be +youtube-nocookie.com +youtube.com +youtubeeducation.com +youtubegaming.com +youtubei.googleapis.com +youtubekids.com +youtubemobilesupport.com +yt.be +ytimg.com \ No newline at end of file diff --git a/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules b/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules index c11cc1430e..ddf79f2206 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules +++ b/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules @@ -75,6 +75,8 @@ flush_r() { ipset_r() { ipset -N gmlan hash:net 2>/dev/null + $IPT -N SS_SPEC_WAN_AC + $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done case "$RUNMODE" in router) @@ -83,31 +85,25 @@ ipset_r() { $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") EOF ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN - $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN + $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW ;; gfw) ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN ;; oversea) ipset -N oversea hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - ipset -N gmlan hash:net 2>/dev/null - for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done + $IPT -I SS_SPEC_WAN_AC -m set --match-set oversea dst -j SS_SPEC_WAN_FW + $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN ;; all) - $IPT -N SS_SPEC_WAN_AC $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN ;; esac diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua index e8a8223b5a..875813dc08 100644 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_trojan.lua @@ -19,7 +19,7 @@ local trojan = { -- 传出连接 ssl = { verify = (server.insecure == '0') and true or false, - verify_hostname = (server.tls == '1') and false or true, + verify_hostname = (server.tls == '1') and true or false, cert = '', cipher = 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA', cipher_tls13 = 'TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384', diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua index 2ad6641823..c1c8ccdc1b 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/genconfig_v2ray.lua @@ -7,31 +7,34 @@ local local_port = arg[3] local outbounds_table = {} local rules_table = {} +function read_conf(file) + local rfile = io.open(file, "r") + local ltable = {} + for line in rfile:lines() do + local re = string.gsub(line, "\r", "") + table.insert(ltable,re) + end + local rtable = next(ltable) ~= nil and ltable or nil + return rtable +end local v2ray_flow = ucursor:get_first(name, 'global', 'v2ray_flow', '0') -local proxy_domain_name = ucursor:get_list(name, '@access_control[0]', 'proxy_domain_name') + +local custom_domain = read_conf("/etc/vssr/custom_domain.list") +local youtube_domain = read_conf("/etc/vssr/youtube_domain.list") +local tw_video_domain = read_conf("/etc/vssr/tw_video_domain.list") +local netflix_domain = read_conf("/etc/vssr/netflix_domain.list") +local disney_domain = read_conf("/etc/vssr/disney_domain.list") +local prime_domain = read_conf("/etc/vssr/prime_domain.list") +local tvb_domain = read_conf("/etc/vssr/tvb_domain.list") + local flow_table = { yotube = { name = 'youtube', port = 2081, rules = { type = 'field', - domain = { - 'youtube', - 'ggpht.com', - 'googlevideo.com', - 'withyoutube.com', - 'youtu.be', - 'youtube-nocookie.com', - 'youtube.com', - 'youtubeeducation.com', - 'youtubegaming.com', - 'youtubei.googleapis.com', - 'youtubekids.com', - 'youtubemobilesupport.com', - 'yt.be', - 'ytimg.com' - }, + domain = youtube_domain, outboundTag = 'youtube' } }, @@ -40,19 +43,7 @@ local flow_table = { port = 2082, rules = { type = 'field', - domain = { - 'vidol.tv', - 'hinet.net', - 'books.com', - 'litv.tv', - 'pstatic.net', - 'app-measurement.com', - 'kktv.com.tw', - 'gamer.com.tw', - 'wetv.vip', - 'kktv.me', - 'myvideo.net.tw' - }, + domain = tw_video_domain, outboundTag = 'tw_video' } }, @@ -61,30 +52,7 @@ local flow_table = { port = 2083, rules = { type = 'field', - domain = { - 'fast.com', - 'netflix.ca', - 'netflix.com', - 'netflix.net', - 'netflixinvestor.com', - 'netflixtechblog.com', - 'nflxext.com', - 'nflximg.com', - 'nflximg.net', - 'nflxsearch.net', - 'nflxso.net', - 'nflxvideo.net', - 'netflixdnstest0.com', - 'netflixdnstest1.com', - 'netflixdnstest2.com', - 'netflixdnstest3.com', - 'netflixdnstest4.com', - 'netflixdnstest5.com', - 'netflixdnstest6.com', - 'netflixdnstest7.com', - 'netflixdnstest8.com', - 'netflixdnstest9.com' - }, + domain = netflix_domain, outboundTag = 'netflix' } }, @@ -93,14 +61,7 @@ local flow_table = { port = 2084, rules = { type = 'field', - domain = { - 'cdn.registerdisney.go.com', - 'disneyplus.com', - 'disney-plus.net', - 'dssott.com', - 'bamgrid.com', - 'execute-api.us-east-1.amazonaws.com' - }, + domain = disney_domain, outboundTag = 'disney' } }, @@ -109,20 +70,7 @@ local flow_table = { port = 2085, rules = { type = 'field', - domain = { - 'aiv-cdn.net', - 'amazonaws.com', - 'amazonvideo.com', - 'llnwd.net', - 'amazonprimevideos.com', - 'amazonvideo.cc', - 'prime-video.com', - 'primevideo.cc', - 'primevideo.com', - 'primevideo.info', - 'primevideo.org', - 'primevideo.tv' - }, + domain = prime_domain, outboundTag = 'prime' } }, @@ -131,7 +79,7 @@ local flow_table = { port = 2086, rules = { type = 'field', - domain = {'tvsuper.com', 'tvb.com'}, + domain = tvb_domain, outboundTag = 'tvb' } }, @@ -140,7 +88,7 @@ local flow_table = { port = 2087, rules = { type = 'field', - domain = proxy_domain_name, + domain = custom_domain, outboundTag = 'custom' } } @@ -174,14 +122,6 @@ function gen_outbound(server_node, tags, local_ports) bound = nil else local server = ucursor:get_all(name, server_node) - local outbound_security = "none" - if (server.xtls == '1') then - outbound_security = "xtls" - elseif (server.tls == '1') then - outbound_security = "tls" - elseif (server.tls == "0") then - outbound_security = "none" - end local node_type = server.type == "vless" and "vless" or "vmess" if server.type ~= 'v2ray' and server.type ~= 'vless' then @@ -218,9 +158,9 @@ function gen_outbound(server_node, tags, local_ports) -- 底层传输配置 streamSettings = { network = server.transport, - security = outbound_security, - tlsSettings = (outbound_security == "tls") and {allowInsecure = (server.insecure ~= "0") and true or false,serverName=server.tls_host,} or nil, - xtlsSettings = (outbound_security == "xtls") and {allowInsecure = (server.insecure ~= "0") and true or false,serverName=server.tls_host,} or nil, + security = (server.tls == '1') and ((server.xtls == '1') and "xtls" or "tls") or "none", + tlsSettings = (server.tls == '1' and server.xtls ~= '1') and {allowInsecure = (server.insecure ~= "0") and true or false,serverName=server.tls_host,} or nil, + xtlsSettings = (server.xtls == '1') and {allowInsecure = (server.insecure ~= "0") and true or false,serverName=server.tls_host,} or nil, kcpSettings = (server.transport == 'kcp') and { mtu = tonumber(server.mtu), @@ -271,10 +211,12 @@ end if v2ray_flow == '1' then table.insert(outbounds_table, gen_outbound(server_section, 'global', 2080)) - for i, v in pairs(flow_table) do - local server = ucursor:get_first(name, 'global', v.name .. '_server') - table.insert(outbounds_table, gen_outbound(server, v.name, v.port)) - table.insert(rules_table, (server ~= nil and server ~= 'nil') and v.rules or nil) + for _, v in pairs(flow_table) do + if(v.rules.domain ~= nil) then + local server = ucursor:get_first(name, 'global', v.name .. '_server') + table.insert(outbounds_table, gen_outbound(server, v.name, v.port)) + table.insert(rules_table, (server ~= nil and server ~= 'nil' ) and v.rules or nil) + end end else table.insert(outbounds_table, gen_outbound(server_section, 'main', local_port)) diff --git a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/gfw2ipset.sh b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/gfw2ipset.sh index 642ce61630..cce3006da1 100755 --- a/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/gfw2ipset.sh +++ b/package/ctcgfw/luci-app-vssr/root/usr/share/vssr/gfw2ipset.sh @@ -1,6 +1,12 @@ #!/bin/sh . /lib/functions.sh +uci_get_by_type() { + local ret=$(uci get vssr.@$1[0].$2 2>/dev/null) + echo ${ret:=$3} +} +v2ray_flow=$(uci_get_by_type global v2ray_flow) + mkdir -p /tmp/dnsmasq.ssr awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"gfwlist"'\n",$0)}' /etc/vssr/gfw.list >/tmp/dnsmasq.ssr/custom_forward.conf @@ -11,6 +17,27 @@ awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/blac awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/vssr/white.list >/tmp/dnsmasq.ssr/whitelist_forward.conf +if [ "$v2ray_flow" = "1" ]; then + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/tw_video_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/tw_video_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/netflix_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/netflix_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/disney_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/disney_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/prime_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/prime_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/tvb_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/tvb_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + + awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/vssr/custom_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf + awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/vssr/custom_domain.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf +fi + function valid_ip() { ip=$1 read_ip=$(echo $ip | awk -F. '$1<=255&&$2<=255&&$3<=255&&$4<=255{print "yes"}')