luci-app-passwall: bump to 4-14

Co-authored-by: tritu <tri_tu@163.com> Co-authored-by: ShanStone <31815718+ShanStone@users.noreply.github.com> Signed-off-by: CN_SZTL <cnsztl@project-openwrt.eu.org>
2025-01-10 11:09:57 +08:00 · 2021-02-08 01:21:45 +08:00 · 2021-02-08 01:21:45 +08:00 · c858201705
commit c858201705
parent 181392e4a6
18 changed files with 740 additions and 369 deletions
--- a/package/lienol/luci-app-passwall/Makefile
+++ b/package/lienol/luci-app-passwall/Makefile
@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=luci-app-passwall
 PKG_VERSION:=4
-PKG_RELEASE:=13
+PKG_RELEASE:=14
-PKG_DATE:=20210207
+PKG_DATE:=20210209
 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_xray.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_xray.lua
@ -226,61 +226,71 @@ if node_section then
        local rules = {}
        ucursor:foreach(appname, "shunt_rules", function(e)
            local name = e[".name"]
-            local _node_id = node[name] or nil
+            local _node_id = node[name] or "nil"
-            if _node_id and _node_id ~= "nil" then
+            local outboundTag
-                local _node = ucursor:get_all(appname, _node_id)
+            if _node_id == "_direct" then
-                local is_proxy = node[name .. "_proxy"]
+                outboundTag = "direct"
-                local relay_port
+            elseif _node_id == "_blackhole" then
-                if is_proxy and is_proxy == "1" then
+                outboundTag = "blackhole"
-                    new_port = get_new_port()
+            else
-                    relay_port = new_port
+                if _node_id ~= "nil" then
-                    table.insert(inbounds, {
+                    local _node = ucursor:get_all(appname, _node_id)
-                        tag = "proxy_" .. name,
+                    local is_proxy = node[name .. "_proxy"]
-                        listen = "127.0.0.1",
+                    local relay_port
                        port = new_port,
                        protocol = "dokodemo-door",
                        settings = {network = "tcp,udp", address = _node.address, port = tonumber(_node.port)}
                    })
                    if _node.tls_serverName == nil then
                        _node.tls_serverName = _node.address
                    end
                    _node.address = "127.0.0.1"
                    _node.port = new_port
                end
                local _outbound = gen_outbound(_node, name, relay_port)
                if _outbound then
                    table.insert(outbounds, _outbound)
                    if is_proxy and is_proxy == "1" then
-                        table.insert(rules, {
+                        new_port = get_new_port()
-                            type = "field",
+                        relay_port = new_port
-                            inboundTag = {"proxy_" .. name},
+                        table.insert(inbounds, {
-                            outboundTag = "default"
+                            tag = "proxy_" .. name,
                            listen = "127.0.0.1",
                            port = new_port,
                            protocol = "dokodemo-door",
                            settings = {network = "tcp,udp", address = _node.address, port = tonumber(_node.port)}
                        })
                        if _node.tls_serverName == nil then
                            _node.tls_serverName = _node.address
                        end
                        _node.address = "127.0.0.1"
                        _node.port = new_port
                    end
-                    if e.domain_list then
+                    local _outbound = gen_outbound(_node, name, relay_port)
-                        local _domain = {}
+                    if _outbound then
-                        string.gsub(e.domain_list, '[^' .. "\r\n" .. ']+', function(w)
+                        table.insert(outbounds, _outbound)
-                            table.insert(_domain, w)
+                        if is_proxy and is_proxy == "1" then
-                        end)
+                            table.insert(rules, {
-                        table.insert(rules, {
+                                type = "field",
-                            type = "field",
+                                inboundTag = {"proxy_" .. name},
-                            outboundTag = name,
+                                outboundTag = "default"
-                            domain = _domain
+                            })
-                        })
+                        end
-                    end
+                        outboundTag = name
                    if e.ip_list then
                        local _ip = {}
                        string.gsub(e.ip_list, '[^' .. "\r\n" .. ']+', function(w)
                            table.insert(_ip, w)
                        end)
                        table.insert(rules, {
                            type = "field",
                            outboundTag = name,
                            ip = _ip
                        })
                    end
                end
            end
            if outboundTag then
                if e.domain_list then
                    local _domain = {}
                    string.gsub(e.domain_list, '[^' .. "\r\n" .. ']+', function(w)
                        table.insert(_domain, w)
                    end)
                    table.insert(rules, {
                        type = "field",
                        outboundTag = outboundTag,
                        domain = _domain
                    })
                end
                if e.ip_list then
                    local _ip = {}
                    string.gsub(e.ip_list, '[^' .. "\r\n" .. ']+', function(w)
                        table.insert(_ip, w)
                    end)
                    table.insert(rules, {
                        type = "field",
                        outboundTag = outboundTag,
                        ip = _ip
                    })
                end
            end
        end)
        local default_node_id = node.default_node or nil
@ -448,6 +458,10 @@ if inbounds or outbounds then
        tag = "direct",
        settings = {domainStrategy = "UseIPv4"}
    })
    table.insert(outbounds, {
        protocol = "blackhole",
        tag = "blackhole"
    })
    local xray = {
        log = {
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@ -115,56 +115,52 @@ if has_xray and #nodes_table > 0 then
            shunt_list[#shunt_list + 1] = v
        end
    end
-    if #normal_list > 0 and #shunt_list > 0 then
+    for k, v in pairs(shunt_list) do
        uci:foreach(appname, "shunt_rules", function(e)
            local id = e[".name"]
-            o = s:taboption("Main", ListValue, id .. "_node", string.format('* <a href="%s">%s</a>', api.url("shunt_rules", id), translate(e.remarks)))
+            o = s:taboption("Main", ListValue, v.id .. "." .. id .. "_node", string.format('* <a href="%s" target="_blank">%s</a>', api.url("shunt_rules", id), translate(e.remarks)))
-            for k, v in pairs(shunt_list) do
+            o:depends("tcp_node", v.id)
                o:depends("tcp_node", v.id)
                o.cfgvalue = function(self, section)
                    return m:get(v.id, id) or "nil"
                end
                o.write = function(self, section, value)
                    m:set(v.id, id, value)
                end
            end
            o:value("nil", translate("Close"))
            o:value("_direct", translate("Direct Connection"))
            o:value("_blackhole", translate("Blackhole"))
            for k, v in pairs(normal_list) do
                o:value(v.id, v.remarks_name)
            end
            o.cfgvalue = function(self, section)
                return m:get(v.id, id) or "nil"
            end
            o.write = function(self, section, value)
                m:set(v.id, id, value)
            end
        end)
        local id = "default_node"
-        o = s:taboption("Main", ListValue, id, "* " .. translate("Default"))
+        o = s:taboption("Main", ListValue, v.id .. "." .. id, "* " .. translate("Default"))
-        for k, v in pairs(shunt_list) do
+        o:depends("tcp_node", v.id)
            o:depends("tcp_node", v.id)
            o.cfgvalue = function(self, section)
                return m:get(v.id, id) or "nil"
            end
            o.write = function(self, section, value)
                m:set(v.id, id, value)
            end
        end
        o:value("nil", translate("Close"))
        for k, v in pairs(normal_list) do
            o:value(v.id, v.remarks_name)
        end
        o.cfgvalue = function(self, section)
            return m:get(v.id, id) or "nil"
        end
        o.write = function(self, section, value)
            m:set(v.id, id, value)
        end
        local id = "main_node"
-        o = s:taboption("Main", ListValue, id, "* " .. translate("Default") .. translate("Preproxy"))
+        o = s:taboption("Main", ListValue, v.id .. "." .. id, "* " .. translate("Default") .. translate("Preproxy"))
-        for k, v in pairs(shunt_list) do
+        o:depends("tcp_node", v.id)
            o:depends("tcp_node", v.id)
            o.cfgvalue = function(self, section)
                return m:get(v.id, id) or "nil"
            end
            o.write = function(self, section, value)
                m:set(v.id, id, value)
            end
        end
        o:value("nil", translate("Close"))
        for k, v in pairs(normal_list) do
            o:value(v.id, v.remarks_name)
        end
        o.cfgvalue = function(self, section)
            return m:get(v.id, id) or "nil"
        end
        o.write = function(self, section, value)
            m:set(v.id, id, value)
        end
    end
 end
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua
@ -82,7 +82,6 @@ o.default = "5"
 o.rmempty = false
 ---- Export
 --[[
 o = s:option(ListValue, "export", translate("Export Of Multi WAN"))
 o:value(0, translate("Auto"))
 local ifaces = e.net:devices()
@ -97,7 +96,6 @@ for _, iface in ipairs(ifaces) do
 end
 o.default = 0
 o.rmempty = false
 ]]--
 ---- Mode
 o = s:option(ListValue, "backup", translate("Mode"))
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
@ -128,14 +128,21 @@ balancing_node:depends("protocol", "_balancing")
 -- 分流
 uci:foreach(appname, "shunt_rules", function(e)
-    o = s:option(ListValue, e[".name"], '<a href="../shunt_rules/' .. e[".name"] .. '">' .. translate(e.remarks) .. "</a>")
+    o = s:option(ListValue, e[".name"], string.format('* <a href="%s" target="_blank">%s</a>', api.url("shunt_rules", e[".name"]), translate(e.remarks)))
    o:value("nil", translate("Close"))
-    for k, v in pairs(nodes_table) do o:value(v.id, v.remarks) end
+    o:value("_direct", translate("Direct Connection"))
    o:value("_blackhole", translate("Blackhole"))
    o:depends("protocol", "_shunt")
-    o = s:option(Flag, e[".name"] .. "_proxy", translate(e.remarks) .. translate("Preproxy"), translate("Use the default node for the transit."))
+    if #nodes_table > 0 then
-    o.default = 0
+        _proxy = s:option(Flag, e[".name"] .. "_proxy", translate(e.remarks) .. translate("Preproxy"), translate("Use the default node for the transit."))
-    o:depends("protocol", "_shunt")
+        _proxy.default = 0
        for k, v in pairs(nodes_table) do
            o:value(v.id, v.remarks)
            _proxy:depends(e[".name"], v.id)
        end
    end
 end)
 shunt_tips = s:option(DummyValue, "shunt_tips", " ")
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua
@ -8,6 +8,12 @@ s = m:section(TypedSection, "global_delay", translate("Delay Settings"))
 s.anonymous = true
 s.addremove = false
 ---- Delay Start
 o = s:option(Value, "start_delay", translate("Delay Start"),
             translate("Units:seconds"))
 o.default = "1"
 o.rmempty = true
 ---- Open and close Daemon
 o = s:option(Flag, "start_daemon", translate("Open and close Daemon"))
 o.default = 1
@ -109,6 +115,14 @@ s = m:section(TypedSection, "global_other", translate("Other Settings"))
 s.anonymous = true
 s.addremove = false
 ---- IPv6 TProxy
 o = s:option(Flag, "ipv6_tproxy", translate("IPv6 TProxy"),
             "<font color='red'>" .. translate(
                 "Experimental feature.Make sure that your node supports IPv6.") ..
                 "</font>")
 o.default = 0
 o.rmempty = false
 o = s:option(MultiValue, "status", translate("Status info"))
 o:value("big_icon", translate("Big icon")) -- 大图标
 o:value("show_check_port", translate("Show node check")) -- 显示节点检测
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua
@ -49,6 +49,10 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end
 o.default = 0
 o:depends("auto_update", 1)
 o = s:option(Value, "xray_location_asset", translate("Location of Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are."))
 o.default = "/usr/share/xray/"
 o.rmempty = false
 s = m:section(TypedSection, "shunt_rules", "Xray" .. translate("Shunt") .. translate("Rule"))
 s.template = "cbi/tblsection"
 s.anonymous = false
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
@ -45,7 +45,7 @@ o.validate = function(self, value)
    local ipmasks= {}
    string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
    for index, ipmask in ipairs(ipmasks) do
-        if not datatypes.ipmask4(ipmask) then
+        if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
            return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
        end
    end
@ -83,7 +83,7 @@ o.validate = function(self, value)
    local ipmasks= {}
    string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
    for index, ipmask in ipairs(ipmasks) do
-        if not datatypes.ipmask4(ipmask) then
+        if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
            return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
        end
    end
--- a/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/app.lua
+++ b/package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/app.lua
@ -155,7 +155,7 @@ local function start()
 end
 local function stop()
-    cmd(string.format("ps -w | grep -v 'grep' | grep '%s/' | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &", CONFIG_PATH))
+    cmd(string.format("top -bn1 | grep -v 'grep' | grep '%s/' | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1", CONFIG_PATH))
    cmd("iptables -D INPUT -j PSW-SERVER 2>/dev/null")
    cmd("iptables -F PSW-SERVER 2>/dev/null")
    cmd("iptables -X PSW-SERVER 2>/dev/null")
--- a/package/lienol/luci-app-passwall/luasrc/view/passwall/global/footer.htm
+++ b/package/lienol/luci-app-passwall/luasrc/view/passwall/global/footer.htm
@ -4,111 +4,144 @@ local auto_switch = api.uci_get_type("auto_switch", "enable", 0)
 -%>
 <script type="text/javascript">
 	//<![CDATA[
-	var _status = document.getElementsByClassName('_status');
+	function go() {
-	for (var i = 0; i < _status.length; i++) {
+		var _status = document.getElementsByClassName('_status');
-		var id = _status[i].getAttribute("socks_id");
+		for (var i = 0; i < _status.length; i++) {
-		XHR.get('<%=api.url("socks_status")%>', {
+			var id = _status[i].getAttribute("socks_id");
-				index: i,
+			XHR.get('<%=api.url("socks_status")%>', {
-				id: id
+					index: i,
-			},
+					id: id
-			function(x, result) {
+				},
-				var index = result.index;
+				function(x, result) {
-				var div = '';
+					var index = result.index;
-				var div1 = '<font style="font-weight:bold;" color="green">✓</font>&nbsp';
+					var div = '';
-				var div2 = '<font style="font-weight:bold;" color="red">X</font>&nbsp';
+					var div1 = '<font style="font-weight:bold;" color="green">✓</font>&nbsp';
-				
+					var div2 = '<font style="font-weight:bold;" color="red">X</font>&nbsp';
-				if (result.socks_status) {
+					
-					div += div1;
+					if (result.socks_status) {
 				} else {
 					div += div2;
 				}
 				if (result.use_http) {
 					if (result.http_status) {
 						div += div1;
 					} else {
 						div += div2;
 					}
 					if (result.use_http) {
 						if (result.http_status) {
 							div += div1;
 						} else {
 							div += div2;
 						}
 					}
 					_status[index].innerHTML = div;
 				}
-				_status[index].innerHTML = div;
+			);
 			}
 		);
 	}
 	var global_id = null;
 	var global = document.getElementById("cbi-passwall-global");
 	if (global) {
 		var node = global.getElementsByClassName("cbi-section-node")[0];
 		var node_id = node.getAttribute("id");
 		global_id = node_id;
 		for (var i = 0; i <= 1; i++) {
 			var proto = "udp";
 			if (i == 0) {
 				proto = "tcp";
 			}
 			var dom_id = node_id + "-" + proto + "_node";
 			dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
 			var node_select = document.getElementById(dom_id);
 			var node_select_value = node_select.value;
 			if (node_select_value && node_select_value != "nil") {
 				var v = document.getElementById(dom_id + "-" + node_select_value);
 				node_select.title = v.text;
 				var new_a = document.createElement("a");
 				new_a.innerHTML = "<%:Edit%>";
 				new_a.href = "#";
 				new_a.setAttribute("onclick", "location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
 				var log_a = document.createElement("a");
 				log_a.innerHTML = "<%:Log%>";
 				log_a.href = "#";
 				log_a.setAttribute("onclick", "window.open('" + '<%=api.url("get_redir_log")%>' + "?proto=" + proto + "', '_blank')");
 				node_select.outerHTML = node_select.outerHTML + "&nbsp&nbsp" + new_a.outerHTML + "&nbsp&nbsp" + log_a.outerHTML;
 				//node_select.parentNode.insertBefore(new_a, node_select.nextSibling);
 			}
 		}
-	}
+		
-	
+		var global_id = null;
-	var socks = document.getElementById("cbi-passwall-socks");
+		var global = document.getElementById("cbi-passwall-global");
-	if (socks) {
+		if (global) {
-		var socks_enabled_dom = document.getElementById(global_id + "-socks_enabled");
+			var node = global.getElementsByClassName("cbi-section-node")[0];
-		socks_enabled_dom.parentNode.removeChild(socks_enabled_dom);
+			var node_id = node.getAttribute("id");
-		var descr = socks.getElementsByClassName("cbi-section-descr")[0];
+			global_id = node_id;
-		descr.outerHTML = socks_enabled_dom.outerHTML;
+			var reg1 = new RegExp("(?<=" + node_id + "-).*?(?=(_node))")
-		rows = socks.getElementsByClassName("cbi-section-table-row");
+			for (var i = 0; i < node.childNodes.length; i++) {
-		for (var i = 0; i < rows.length; i++) {
+				if (node.childNodes[i].childNodes && node.childNodes[i].childNodes.length > 0) {
-			var row = rows[i];
+					for (var k = 0; k < node.childNodes[i].childNodes.length; k++) {
-			var id = row.id;
+						var dom = node.childNodes[i].childNodes[k];
-			var dom_id = id + "-node";
+						if (dom.id) {
-			var node = document.getElementById(dom_id);
+							var s = dom.id.match(reg1);
-			var dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
+							if (s) {
-			var node_select = document.getElementById(dom_id);
+								dom_id = dom.id.split("cbi-").join("cbid-").split("-").join(".");
-			var node_select_value = node_select.value;
+								var node_select = document.getElementsByName(dom_id)[0];
-			if (node_select_value && node_select_value != "nil") {
+								var node_select_value = node_select.value;
-				if (global_id != null && node_select_value.indexOf("tcp") == 0) {
+								if (node_select_value && node_select_value != "nil" && node_select_value.indexOf("_direct") != 0 && node_select_value.indexOf("_blackhole") != 0) {
-					var num = node_select_value.replace("tcp", "");
+									var v = document.getElementById(dom_id + "-" + node_select_value);
-					var d = global_id + "-tcp_node";
+									if (v) {
-					d = d.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
+										node_select.title = v.text;
-					var dom = document.getElementById(d);
+									} else {
-					var _node_select_value = dom.value;
+										node_select.title = node_select.options[node_select.options.selectedIndex].text;
-					if (_node_select_value && _node_select_value != "nil") {
+									}
-						node_select_value = _node_select_value;
+									
 									var new_html = "";
 									var new_a = document.createElement("a");
 									new_a.innerHTML = "<%:Edit%>";
 									new_a.href = "#";
 									new_a.setAttribute("onclick", "location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
 									new_html = new_a.outerHTML;
 									if (s[0] == "tcp" || s[0] == "udp") {
 										var log_a = document.createElement("a");
 										log_a.innerHTML = "<%:Log%>";
 										log_a.href = "#";
 										log_a.setAttribute("onclick", "window.open('" + '<%=api.url("get_redir_log")%>' + "?proto=" + s[0] + "', '_blank')");
 										new_html += "&nbsp&nbsp" + log_a.outerHTML;
 									}
 									node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_html);
 								}
 							}
 						}
 					}
 				}
-				var v = document.getElementById(dom_id + "-" + node_select_value);
+			}
-				node_select.title = v.text;
+		}
-				
+		
-				var new_a = document.createElement("a");
+		var socks = document.getElementById("cbi-passwall-socks");
-				new_a.innerHTML = "<%:Edit%>";
+		if (socks) {
-				new_a.href = "#";
+			var socks_enabled_dom = document.getElementById(global_id + "-socks_enabled");
-				new_a.setAttribute("onclick","location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
+			socks_enabled_dom.parentNode.removeChild(socks_enabled_dom);
-				
+			var descr = socks.getElementsByClassName("cbi-section-descr")[0];
-				node_select.outerHTML = node_select.outerHTML + "&nbsp&nbsp" + new_a.outerHTML;
+			descr.outerHTML = socks_enabled_dom.outerHTML;
-				//node_select.parentNode.insertBefore(new_a, node_select.nextSibling);
+			rows = socks.getElementsByClassName("cbi-section-table-row");
 			for (var i = 0; i < rows.length; i++) {
 				var row = rows[i];
 				var id = row.id;
 				if (!id) continue;
 				var dom_id = id + "-node";
 				var node = document.getElementById(dom_id);
 				var dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
 				var node_select = document.getElementsByName(dom_id)[0];
 				var node_select_value = node_select.value;
 				if (node_select_value && node_select_value != "nil") {
 					if (global_id != null && node_select_value.indexOf("tcp") == 0) {
 						var num = node_select_value.replace("tcp", "");
 						var d = global_id + "-tcp_node";
 						d = d.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
 						var dom = document.getElementsByName(d)[0];
 						var _node_select_value = dom.value;
 						if (_node_select_value && _node_select_value != "nil") {
 							node_select_value = _node_select_value;
 						}
 					}
 					var v = document.getElementById(dom_id + "-" + node_select_value);
 					if (v) {
 						node_select.title = v.text;
 					} else {
 						node_select.title = node_select.options[node_select.options.selectedIndex].text;
 					}
 					var new_a = document.createElement("a");
 					new_a.innerHTML = "<%:Edit%>";
 					new_a.href = "#";
 					new_a.setAttribute("onclick","location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
 					node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_a.outerHTML);
 				}
 			}
 		}
 	}
-	
+	 
 	function addLoadEvent(func) {
 		var oldonload = window.onload;
 		if (typeof window.onload != 'function') {
 			window.onload = func;
 		} else {
 			window.onload = function () {
 				oldonload();
 				func();
 			}
 		}
 	}
 	addLoadEvent(go);
 	//]]>
 </script>
--- a/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po
+++ b/package/lienol/luci-app-passwall/po/zh_Hans/passwall.po
@ -412,6 +412,12 @@ msgstr "V2ray 分流"
 msgid "Preproxy"
 msgstr "前置代理"
 msgid "Direct Connection"
 msgstr "直连"
 msgid "Blackhole"
 msgstr "黑洞"
 msgid "Use the default node for the transit."
 msgstr "使用默认节点代理转发。"
@ -742,6 +748,12 @@ msgstr "周"
 msgid "oclock"
 msgstr "点"
 msgid "Location of Xray asset"
 msgstr "Xray 资源文件目录"
 msgid "This variable specifies a directory where geoip.dat and geosite.dat files are."
 msgstr "此变量指定geoip.dat和geosite.dat文件所在的目录。"
 msgid "Update..."
 msgstr "更新中"
@ -1054,6 +1066,12 @@ msgstr "节点数量"
 msgid "You can only set up a maximum of %s nodes for the time being, Used for access control."
 msgstr "目前最多只能设置%s个节点，用于给访问控制使用。"
 msgid "IPv6 TProxy"
 msgstr "IPv6透明代理(TProxy)"
 msgid "Experimental feature.Make sure that your node supports IPv6."
 msgstr "实验特性，请确保你的节点支持IPv6"
 msgid "Status info"
 msgstr "状态信息"
--- a/package/lienol/luci-app-passwall/root/etc/config/passwall
+++ b/package/lienol/luci-app-passwall/root/etc/config/passwall
@ -36,6 +36,7 @@ config global_forwarding
 config global_other
 	option status 'big_icon show_check_port show_ip111'
 	option nodes_ping 'auto_ping tcping'
 	option ipv6_tproxy '0'
 config global_rules
 	option auto_update '0'
@ -66,6 +67,26 @@ config global_subscribe
 config auto_switch
 	option testing_time '1'
 	option enable '0'
 config nodes '696cd32c1d5149ee95fd1b3accbad6df'
 	option remarks '分流总节点'
 	option type 'Xray'
 	option protocol '_shunt'
 	option youtube 'nil'
 	option netflix 'nil'
 	option TVB 'nil'
 	option Telegram 'nil'
 	option default_node 'nil'
 	option default_proxy '0'
 	option domainStrategy 'IPIfNonMatch'
 config shunt_rules 'Telegram'
 	option remarks 'Telegram'
 	option ip_list '149.154.160.0/20
 91.108.4.0/22
 91.108.56.0/24
 109.239.140.0/24
 67.198.55.0/24'
 config shunt_rules 'youtube'
 	option remarks 'youtube'
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
@ -10,6 +10,7 @@ TMP_PATH=/var/etc/$CONFIG
 TMP_BIN_PATH=$TMP_PATH/bin
 TMP_ID_PATH=$TMP_PATH/id
 TMP_PORT_PATH=$TMP_PATH/port
 TMP_ROUTE_PATH=$TMP_PATH/route
 LOCK_FILE=/var/lock/$CONFIG.lock
 LOG_FILE=/var/log/$CONFIG.log
 APP_PATH=/usr/share/$CONFIG
@ -305,7 +306,7 @@ load_config() {
 	DNS_CACHE=$(config_t_get global dns_cache 0)
 	LOCAL_DNS=$(config_t_get global up_china_dns default | sed 's/:/#/g')
 	if [ "${LOCAL_DNS}" = "default" ]; then
-		DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep ".server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' ',')
+		DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' ',')
 		if [ -z "${DEFAULT_DNS}" ]; then
 			DEFAULT_DNS=$(echo -n $(sed -n 's/^nameserver[ \t]*\([^ ]*\)$/\1/p' "${RESOLVFILE}" | grep -v "0.0.0.0" | grep -v "127.0.0.1" | grep -v "^::$" | head -2) | tr ' ' ',')
 		fi
@ -313,7 +314,8 @@ load_config() {
 		IS_DEFAULT_DNS=1
 	fi
 	PROXY_IPV6=$(config_t_get global_forwarding proxy_ipv6 0)
-	mkdir -p /var/etc $TMP_PATH $TMP_BIN_PATH $TMP_ID_PATH $TMP_PORT_PATH
+	export XRAY_LOCATION_ASSET=$(config_t_get global_rules xray_location_asset "/usr/share/xray/")
 	mkdir -p /var/etc $TMP_PATH $TMP_BIN_PATH $TMP_ID_PATH $TMP_PORT_PATH $TMP_ROUTE_PATH
 	return 0
 }
@ -595,8 +597,36 @@ node_switch() {
 		local log_file=$TMP_PATH/${1}.log
 		eval current_port=\$${1}_REDIR_PORT
 		local port=$(cat $TMP_PORT_PATH/${1})
 		local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
 		for id in $ids; do
 			[ "$(config_n_get $id enabled 0)" == "0" ] && continue
 			[ "$(config_n_get $id node nil)" != "tcp" ] && continue
 			local socks_port=$(config_n_get $id port)
 			local http_port=$(config_n_get $id http_port 0)
 			top -bn1 | grep -E "$TMP_PATH" | grep -i "SOCKS" | grep "$id" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
 			tcp_node_socks=1
 			tcp_node_socks_port=$socks_port
 			tcp_node_socks_id=$id
 			[ "$http_port" != "0" ] && {
 				tcp_node_http=1
 				tcp_node_http_port=$http_port
 				tcp_node_http_id=$id
 			}
 			break
 		done
 		run_redir $node "0.0.0.0" $port $config_file $1 $log_file
 		echo $node > $TMP_ID_PATH/${1}
 		[ "$1" = "TCP" ] && {
 			[ "$(config_t_get global udp_node nil)" = "tcp_" ] && {
 				top -bn1 | grep -E "$TMP_PATH" | grep -i "UDP" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
 				UDP_NODE=$node
 				start_redir UDP
 			}
 		}
 		#local node_net=$(echo $1 | tr 'A-Z' 'a-z')
 		#uci set $CONFIG.@global[0].${node_net}_node=$node
 		#uci commit $CONFIG
@ -658,10 +688,10 @@ clean_log() {
 clean_crontab() {
 	touch /etc/crontabs/root
-	#sed -i "/${CONFIG}/d" /etc/crontabs/root >/dev/null 2>&1 &
+	#sed -i "/${CONFIG}/d" /etc/crontabs/root >/dev/null 2>&1
-	sed -i "/$(echo "/etc/init.d/${CONFIG}" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
+	sed -i "/$(echo "/etc/init.d/${CONFIG}" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
-	sed -i "/$(echo "lua ${APP_PATH}/rule_update.lua log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
+	sed -i "/$(echo "lua ${APP_PATH}/rule_update.lua log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
-	sed -i "/$(echo "lua ${APP_PATH}/subscribe.lua start log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
+	sed -i "/$(echo "lua ${APP_PATH}/subscribe.lua start log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
 }
 start_crontab() {
@ -721,7 +751,6 @@ start_crontab() {
 stop_crontab() {
 	clean_crontab
 	ps | grep "$APP_PATH/test.sh" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
 	/etc/init.d/cron restart
 	#echolog "清除定时执行命令。"
 }
@ -914,7 +943,9 @@ add_dnsmasq() {
 			local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
 			for shunt_id in $shunt_ids; do
 				local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
-				[ "$shunt_node_id" = "nil" ] && continue
+				if [ "$shunt_node_id" = "nil" ] || [ "$shunt_node_id" = "_direct" ] || [ "$shunt_node_id" = "_blackhole" ]; then
 					continue
 				fi
 				local shunt_node=$(config_n_get $shunt_node_id address nil)
 				[ "$shunt_node" = "nil" ] && continue
 				config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u | gen_dnsmasq_items "shuntlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/998-shunt_host.conf"
@ -928,8 +959,8 @@ add_dnsmasq() {
 			[ -n "$CHINADNS_NG" ] && fwd_dns="${china_ng_gfw}"
 			[ -n "$CHINADNS_NG" ] && unset fwd_dns
 			[ ! -f "${TMP_PATH}/gfwlist.txt" ] && sed -n 's/^ipset=\/\.\?\([^/]*\).*$/\1/p' "${RULES_PATH}/gfwlist.conf" | sort -u > "${TMP_PATH}/gfwlist.txt"
-			sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
+			#sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
-			#sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist,gfwlist6" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
+			sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist,gfwlist6" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
 			echolog "  - [$?]防火墙域名表(gfwlist)：${fwd_dns:-默认}"
 		else
 			#回国模式
@ -1035,6 +1066,44 @@ del_dnsmasq() {
 	rm -rf $TMP_DNSMASQ_PATH
 }
 add_ip2route() {
 	local ip=$(get_host_ip "ipv4" $1)
 	[ -z "$ip" ] && {
 		echolog "  - 无法解析${1}，路由表添加失败！"
 		return 1
 	}
 	local remarks="${1}"
 	[ "$remarks" != "$ip" ] && remarks="${1}(${ip})"
 	local interface=$2
 	local retries=5
 	local failcount=0
 	while [ "$failcount" -lt $retries ]; do
 		unset msg
 		ip route show dev ${interface} >/dev/null 2>&1
 		if [ $? -ne 0 ]; then
 			let "failcount++"
 			echolog "  - 找不到出口接口：$interface，1分钟后再重试(${failcount}/${retries})，${ip}"
 			[ "$failcount" -ge $retries ] && return 1
 			sleep 1m
 		else
 			route add -host ${ip} dev ${interface} >/dev/null 2>&1
 			echolog "  - ${remarks}添加路由表${interface}接口成功！"
 			echo "$ip" >> $TMP_ROUTE_PATH/${interface}
 			break
 		fi
 	done
 }
 delete_ip2route() {
 	[ -d "${TMP_ROUTE_PATH}" ] && {
 		for interface in $(ls ${TMP_ROUTE_PATH}); do
 			for ip in $(cat ${TMP_ROUTE_PATH}/${interface}); do
 				route del -host ${ip} dev ${interface} >/dev/null 2>&1
 			done
 		done
 	}
 }
 start_haproxy() {
 	local haproxy_path haproxy_file item items lport sort_items
@ -1109,28 +1178,10 @@ start_haproxy() {
 			    server $bip:$bport $bip:$bport weight $lbweight check inter 1500 rise 1 fall 3 $bbackup
 		EOF
 		#暂时不开启此功能，以后抽时间改成后台执行，防止卡luci。
 :<<!
 		if [ "$export" != "0" ]; then
-			unset msg
+			add_ip2route ${bip} ${export} > /dev/null 2>&1 &
 			failcount=0
 			while [ "$failcount" -lt "3" ]; do
 				ip route show dev ${export} >/dev/null 2>&1
 				if [ $? -ne 0 ]; then
 					let "failcount++"
 					echolog "  - 找不到出口接口：$export，1分钟后再重试(${failcount}/3)，${bip}"
 					[ "$failcount" -ge 3 ] && exit 0
 					sleep 1m
 				else
 					route add -host ${bip} dev ${export}
 					msg="[$?] 从 ${export} 接口路由，"
 					echo "$bip" >>/tmp/balancing_ip
 					break
 				fi
 			done
 		fi
-		echolog "  | - ${msg}出口节点：${bip}:${bport}，权重：${lbweight}"
+		echolog "  | - 出口节点：${bip}:${bport}，权重：${lbweight}"
 !
 	done
 	# 控制台配置
@ -1156,7 +1207,7 @@ start_haproxy() {
 }
 kill_all() {
-	kill -9 $(pidof "$@") >/dev/null 2>&1 &
+	kill -9 $(pidof "$@") >/dev/null 2>&1
 }
 force_stop() {
@ -1195,7 +1246,15 @@ restart_dnsmasq() {
 }
 boot() {
-	[ "$ENABLED" == 1 ] && start
+	[ "$ENABLED" == 1 ] && {
 		local delay=$(config_t_get global_delay start_delay 1)
 		if [ "$delay" -gt 0 ]; then
 			echolog "执行启动延时 $delay 秒后再启动!"
 			sleep $delay && start >/dev/null 2>&1 &
 		else
 			start
 		fi
 	}
 	return 0
 }
@ -1226,12 +1285,12 @@ stop() {
 	set_lock
 	clean_log
 	source $APP_PATH/iptables.sh stop
 	delete_ip2route
 	kill_all v2ray-plugin obfs-local
-	top -bn1 | grep -v "grep" | grep $CONFIG/test.sh | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
+	top -bn1 | grep -v "grep" | grep "sleep" | grep -E "9s|58s" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
-	top -bn1 | grep -v "grep" | grep $CONFIG/monitor.sh | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
+	top -bn1 | grep -v "grep" | grep -v "app.sh" | grep "${CONFIG}/" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
 	top -bn1 | grep -v -E "grep|${TMP_PATH}_server" | grep -E "$TMP_PATH" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
 	top -bn1 | grep -v "grep" | grep "sleep 1m" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
 	rm -rf $TMP_DNSMASQ_PATH $TMP_PATH
 	unset XRAY_LOCATION_ASSET
 	stop_crontab
 	del_dnsmasq
 	/etc/init.d/dnsmasq restart >/dev/null 2>&1
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
@ -4,14 +4,24 @@ IPSET_LANIPLIST="laniplist"
 IPSET_VPSIPLIST="vpsiplist"
 IPSET_SHUNTLIST="shuntlist"
 IPSET_GFW="gfwlist"
 #IPSET_GFW6="gfwlist6"
 IPSET_CHN="chnroute"
 IPSET_CHN6="chnroute6"
 IPSET_BLACKLIST="blacklist"
 IPSET_BLACKLIST2="blacklist2"
 IPSET_BLACKLIST3="blacklist3"
 IPSET_WHITELIST="whitelist"
 IPSET_LANIPLIST_6="laniplist6"
 IPSET_VPSIPLIST_6="vpsiplist6"
 IPSET_SHUNTLIST_6="shuntlist6"
 IPSET_GFW6="gfwlist6"
 IPSET_CHN6="chnroute6"
 IPSET_BLACKLIST_6="blacklist_6"
 IPSET_BLACKLIST2_6="blacklist2_6"
 IPSET_BLACKLIST3_6="blacklist3_6"
 IPSET_WHITELIST_6="whitelist_6"
 PROXY_IPV6=0
 FORCE_INDEX=2
 ipt_n="iptables -t nat"
@ -79,6 +89,26 @@ get_redirect_ipt() {
 	esac
 }
 get_redirect_ip6t() {
 	case "$1" in
 	disable)
 		echo "-j RETURN"
 		;;
 	global)
 		echo "$(REDIRECT $2 $3)"
 		;;
 	gfwlist)
 		echo "$(dst $IPSET_GFW6) $(REDIRECT $2 $3)"
 		;;
 	chnroute)
 		echo "$(dst $IPSET_CHN6 !) $(REDIRECT $2 $3)"
 		;;
 	returnhome)
 		echo "$(dst $IPSET_CHN6) $(REDIRECT $2 $3)"
 		;;
 	esac
 }
 get_action_chain_name() {
 	case "$1" in
 	disable)
@ -113,6 +143,24 @@ gen_laniplist() {
 	EOF
 }
 gen_laniplist_6() {
 	cat <<-EOF
 		::/128
 		::1/128
 		::ffff:0:0/96
 		::ffff:0:0:0/96
 		64:ff9b::/96
 		100::/64
 		2001::/32
 		2001:20::/28
 		2001:db8::/32
 		2002::/16
 		fc00::/7
 		fe80::/10
 		ff00::/8
 	EOF
 }
 load_acl() {
 	local items=$(get_enabled_anonymous_secs "@acl_rule")
 	[ -n "$items" ] && {
@ -156,16 +204,24 @@ load_acl() {
 					fi
 					[ "$tcp_no_redir_ports" != "disable" ] && {
 						$ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
 						$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
 						msg2="${msg2}[$?]除${tcp_no_redir_ports}外的"
 					}
 					msg2="${msg2}所有端口"
 					$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $tcp_port $is_tproxy)
 					$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy)
 					$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ipt $tcp_proxy_mode $tcp_port $is_tproxy)
 					if [ "$PROXY_IPV6" == "1" ]; then
 						$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $tcp_port TPROXY)
 						$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $tcp_port TPROXY)
 						$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $tcp_proxy_mode $tcp_port TPROXY)
 					fi
 				}
 				echolog "  - ${msg2}"
 			}
 			$ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -j RETURN
 			$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -j RETURN
 			[ "$udp_proxy_mode" != "disable" ] && {
 				msg2="${msg}使用UDP节点 [$(get_action_chain_name $udp_proxy_mode)]"
@ -174,16 +230,24 @@ load_acl() {
 					msg2="${msg2}(TPROXY:${udp_port})代理"
 					[ "$udp_no_redir_ports" != "disable" ] && {
 						$ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN
 						$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN
 						msg2="${msg2}[$?]除${udp_no_redir_ports}外的"
 					}
 					msg2="${msg2}所有端口"
 					$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $udp_port TPROXY)
 					$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY)
 					$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(get_redirect_ipt $udp_proxy_mode $udp_port TPROXY)
 					if [ "$PROXY_IPV6" == "1" ]; then
 						$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $udp_port TPROXY)
 						$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $udp_port TPROXY)
 						$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $udp_proxy_mode $udp_port TPROXY)
 					fi
 				}
 				echolog "  - ${msg2}"
 			}
 			$ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -j RETURN
 			$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -j RETURN
 		done
 	}
@ -191,7 +255,11 @@ load_acl() {
 	local ipt_tmp=$ipt_n
 	local is_tproxy msg
 	if [ "$TCP_PROXY_MODE" != "disable" ]; then
-		[ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
+		[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
 			$ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
 			$ip6t_m -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
 		}
 		ipt_tmp=$ipt_n
 		unset is_tproxy msg
 		[ "$TCP_NODE" != "nil" ] && {
@ -210,11 +278,19 @@ load_acl() {
 			$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
 			$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
 			$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $TCP_PROXY_MODE $TCP_REDIR_PORT $is_tproxy)
 			if [ "$PROXY_IPV6" == "1" ]; then
 				$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $TCP_REDIR_PORT TPROXY)
 				$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $TCP_REDIR_PORT TPROXY)
 				$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $TCP_PROXY_MODE $TCP_REDIR_PORT TPROXY)
 			fi
 			echolog "${msg}"
 		}
 	fi
 	$ipt_n -A PSW $(comment "默认") -p tcp -j RETURN
 	$ipt_m -A PSW $(comment "默认") -p tcp -j RETURN
 	$ip6t_m -A PSW $(comment "默认") -p tcp -j RETURN
 	#  加载UDP默认代理模式
 	if [ "$UDP_PROXY_MODE" != "disable" ]; then
@ -226,10 +302,18 @@ load_acl() {
 			$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
 			$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
 			$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $UDP_PROXY_MODE $UDP_REDIR_PORT TPROXY)
 			if [ "$PROXY_IPV6" == "1" ]; then
 				$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $UDP_REDIR_PORT TPROXY)
 				$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $UDP_REDIR_PORT TPROXY)
 				$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $UDP_PROXY_MODE/6 $UDP_REDIR_PORT TPROXY)
 			fi
 			echolog "${msg}"
 		}
 	fi
 	$ipt_m -A PSW $(comment "默认") -p udp -j RETURN
 	$ip6t_m -A PSW $(comment "默认") -p udp -j RETURN
 	unset is_tproxy msg
 }
@ -243,7 +327,7 @@ filter_haproxy() {
 filter_vpsip() {
 	uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-	#uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIP6LIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+	uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	echolog "加入所有节点到ipset[$IPSET_VPSIPLIST]直连完成"
 }
@ -364,24 +448,37 @@ add_firewall_rule() {
 	ipset -! create $IPSET_VPSIPLIST nethash
 	ipset -! create $IPSET_SHUNTLIST nethash
 	ipset -! create $IPSET_GFW nethash
 	#ipset -! create $IPSET_GFW6 nethash family inet6
 	ipset -! create $IPSET_CHN nethash
 	ipset -! create $IPSET_CHN6 nethash family inet6
 	ipset -! create $IPSET_BLACKLIST nethash
 	ipset -! create $IPSET_BLACKLIST2 nethash
 	ipset -! create $IPSET_BLACKLIST3 nethash
 	ipset -! create $IPSET_WHITELIST nethash
 	ipset -! create $IPSET_LANIPLIST_6 nethash family inet6
 	ipset -! create $IPSET_VPSIPLIST_6 nethash family inet6
 	ipset -! create $IPSET_SHUNTLIST_6 nethash family inet6
 	ipset -! create $IPSET_GFW6 nethash family inet6
 	ipset -! create $IPSET_CHN6 nethash family inet6
 	ipset -! create $IPSET_BLACKLIST_6 nethash family inet6
 	ipset -! create $IPSET_BLACKLIST2_6 nethash family inet6
 	ipset -! create $IPSET_BLACKLIST3_6 nethash family inet6
 	ipset -! create $IPSET_WHITELIST_6 nethash family inet6
 	local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
 	for shunt_id in $shunt_ids; do
 		config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_SHUNTLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	done
 	cat $RULES_PATH/chnroute | sed -e "/^$/d" | sed -e "s/^/add $IPSET_CHN &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	cat $RULES_PATH/proxy_ip | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "s/^/add $IPSET_BLACKLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	cat $RULES_PATH/direct_ip | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "s/^/add $IPSET_WHITELIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	cat $RULES_PATH/chnroute6 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_CHN6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-	cat $RULES_PATH/proxy_ip | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+	cat $RULES_PATH/proxy_ip | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-	[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+	[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-	[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+	[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-	cat $RULES_PATH/direct_ip | sed -e "/^$/d" | sed -e "s/^/add $IPSET_WHITELIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+	cat $RULES_PATH/direct_ip | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_WHITELIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 	ipset -! -R <<-EOF
 		$(gen_laniplist | sed -e "s/^/add $IPSET_LANIPLIST /")
@ -390,14 +487,31 @@ add_firewall_rule() {
 		echolog "系统不兼容，终止执行！"
 		return 1
 	}
 	ipset -! -R <<-EOF
 		$(gen_laniplist_6 | sed -e "s/^/add $IPSET_LANIPLIST_6 /")
 	EOF
 #	[ $? -eq 0 ] || {
 #		echolog "系统不兼容IPv6，终止执行！"
 #		return 1
 #	}
 	# 忽略特殊IP段
 	local lan_ifname lan_ip
 	lan_ifname=$(uci -q -p /var/state get network.lan.ifname)
 	[ -n "$lan_ifname" ] && {
 		lan_ip=$(ip address show $lan_ifname | grep -w "inet" | awk '{print $2}')
-		#echolog "本机网段互访直连：${lan_ip}"
+		lan_ip6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}')
-		[ -n "$lan_ip" ] && ipset -! add $IPSET_LANIPLIST $lan_ip >/dev/null 2>&1 &
+		#echolog "本机IPv4网段互访直连：${lan_ip}"
 		#echolog "本机IPv6网段互访直连：${lan_ip6}"
 		[ -n "$lan_ip" ] && ipset -! -R <<-EOF
 			$(echo $lan_ip | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANIPLIST /")
 		EOF
 		[ -n "$lan_ip6" ] && ipset -! -R <<-EOF
 			$(echo $lan_ip6 | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANIPLIST_6 /")
 		EOF
 	}
 	local ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
@ -408,16 +522,25 @@ add_firewall_rule() {
 			#echolog "  - 追加到白名单：${ispip}"
 		done
 	}
-	
+
 	local ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u )
 	[ -n "$ISP_DNS" ] && {
 		#echolog "处理 ISP IPv6 DNS 例外..."
 		for ispip6 in $ISP_DNS; do
 			ipset -! add $IPSET_WHITELIST_6 $ispip6 >/dev/null 2>&1 &
 			#echolog "  - 追加到白名单：${ispip6}"
 		done
 	} 
 	#  过滤所有节点IP
 	filter_vpsip > /dev/null 2>&1 &
 	filter_haproxy > /dev/null 2>&1 &
-	
+
 	$ipt_n -N PSW
 	$ipt_n -A PSW $(dst $IPSET_LANIPLIST) -j RETURN
 	$ipt_n -A PSW $(dst $IPSET_VPSIPLIST) -j RETURN
 	$ipt_n -A PSW $(dst $IPSET_WHITELIST) -j RETURN
-	
+
 	$ipt_n -N PSW_OUTPUT
 	$ipt_n -A PSW_OUTPUT $(dst $IPSET_LANIPLIST) -j RETURN
 	$ipt_n -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST) -j RETURN
@ -427,7 +550,7 @@ add_firewall_rule() {
 	$ipt_m -A PSW $(dst $IPSET_LANIPLIST) -j RETURN
 	$ipt_m -A PSW $(dst $IPSET_VPSIPLIST) -j RETURN
 	$ipt_m -A PSW $(dst $IPSET_WHITELIST) -j RETURN
-	
+
 	$ipt_m -N PSW_OUTPUT
 	$ipt_m -A PSW_OUTPUT $(dst $IPSET_LANIPLIST) -j RETURN
 	$ipt_m -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST) -j RETURN
@ -435,7 +558,48 @@ add_firewall_rule() {
 	ip rule add fwmark 1 lookup 100
 	ip route add local 0.0.0.0/0 dev lo table 100
-	
+
 	local NODE_TYPE=$(echo $(config_n_get $TCP_NODE type) | tr 'A-Z' 'a-z')
 	local ipv6_tproxy=$(config_t_get global_other ipv6_tproxy 0)
 	if [ $NODE_TYPE == "xray" ] && [ $ipv6_tproxy == "1" ]; then
 		PROXY_IPV6=1
 		echolog "节点类型:$NODE_TYPE，开启实验性IPv6透明代理(TProxy)..."
 	else
 		[ $enble_ipv6=="1" ] && echolog "节点类型:$NODE_TYPE，暂不支持IPv6透明代理(TProxy)..."
 	fi
 	#$ip6t_n -N PSW
 	#$ip6t_n -A PREROUTING -j PSW
 	#$ip6t_n -N PSW_OUTPUT
 	#$ip6t_n -A OUTPUT -p tcp -j PSW_OUTPUT
 	$ip6t_m -N PSW
 	$ip6t_m -A PSW $(dst $IPSET_LANIPLIST_6) -j RETURN
 	$ip6t_m -A PSW $(dst $IPSET_VPSIPLIST_6) -j RETURN
 	$ip6t_m -A PSW $(dst $IPSET_WHITELIST_6) -j RETURN
 	$ip6t_m -A PREROUTING -j PSW
 	$ip6t_m -N PSW_OUTPUT
 	$ip6t_m -A PSW_OUTPUT $(dst $IPSET_LANIPLIST_6) -j RETURN
 	$ip6t_m -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST_6) -j RETURN
 	$ip6t_m -A PSW_OUTPUT $(dst $IPSET_WHITELIST_6) -j RETURN
 	$ip6t_m -A OUTPUT -p tcp -j PSW_OUTPUT
 	ip -6 rule add fwmark 1 table 100
 	ip -6 route add local ::/0 dev lo table 100
 	[ -n "$lan_ifname" ] && {
 		lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段
 		[ -n "$lan_ipv6" ] && {
 			for ip in $lan_ipv6; do
 				$ip6t_m -A PSW -d $ip -j RETURN
 				$ip6t_m -A PSW_OUTPUT -d $ip -j RETURN
 			done
 		}
 	}
 	# 加载路由器自身代理 TCP
 	if [ "$TCP_NODE" != "nil" ]; then
 		local ipt_tmp=$ipt_n
@ -469,11 +633,18 @@ add_firewall_rule() {
 		$ipt_tmp -A OUTPUT -p tcp -j PSW_OUTPUT
 		[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
 			$ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
 			$ip6t_m -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
 			echolog "  - [$?]不代理TCP 端口：$TCP_NO_REDIR_PORTS"
 		}
 		$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $blist_r
 		$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $blist_r
 		$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $p_r
 		if [ "$PROXY_IPV6" == "1" ]; then
 			$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT 1 MARK)
 			$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT 1 MARK)
 			$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $LOCALHOST_TCP_PROXY_MODE 1 MARK)
 		fi
 	fi
 	local PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING ADBYBY)
@ -485,33 +656,14 @@ add_firewall_rule() {
 	PR_INDEX=$((PR_INDEX + 1))
 	$ipt_n -I PREROUTING $PR_INDEX -p tcp -j PSW
 	echolog "使用链表 PREROUTING 排列索引${PR_INDEX}[$?]"
-	
+
-	$ip6t_n -N PSW
+#	if [ "$PROXY_IPV6" == "1" ]; then
-	$ip6t_n -A PREROUTING -j PSW
+#		local msg="IPv6 配置不当，无法代理"
-	$ip6t_n -N PSW_OUTPUT
+#		$ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT)
-	$ip6t_n -A OUTPUT -p tcp -j PSW_OUTPUT
+#		$ip6t_n -A PSW_OUTPUT -p tcp $(REDIRECT $TCP_REDIR_PORT)
-	
+#		msg="${msg}，转发 IPv6 TCP 流量到节点[$?]"
-	$ip6t_m -N PSW
+#		echolog "$msg"
-	$ip6t_m -A PREROUTING -j PSW
+#	fi
 	$ip6t_m -N PSW_OUTPUT
 	$ip6t_m -A OUTPUT -p tcp -j PSW_OUTPUT
 	[ -n "$lan_ifname" ] && {
 		lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段
 		[ -n "$lan_ipv6" ] && {
 			for ip in $lan_ipv6; do
 				$ip6t_n -A PSW -d $ip -j RETURN
 				$ip6t_n -A PSW_OUTPUT -d $ip -j RETURN
 			done
 		}
 	}
 	if [ "$PROXY_IPV6" == "1" ]; then
 		local msg="IPv6 配置不当，无法代理"
 		$ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT)
 		$ip6t_n -A PSW_OUTPUT -p tcp $(REDIRECT $TCP_REDIR_PORT)
 		msg="${msg}，转发 IPv6 TCP 流量到节点[$?]"
 		echolog "$msg"
 	fi
 	# 过滤Socks节点
 	[ "$SOCKS_ENABLED" = "1" ] && {
@ -551,7 +703,7 @@ add_firewall_rule() {
 			filter_node $node $stream $port > /dev/null 2>&1 &
 		fi
 	done
-	
+
 	# 加载路由器自身代理 UDP
 	if [ "$UDP_NODE" != "nil" ]; then
 		echolog "加载路由器自身 UDP 代理..."
@ -577,15 +729,21 @@ add_firewall_rule() {
 		$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT 1 MARK)
 		$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK)
 		$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $LOCALHOST_UDP_PROXY_MODE 1 MARK)
 		if [ "$PROXY_IPV6" == "1" ]; then
 			$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT 1 MARK)
 			$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT 1 MARK)
 			$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $LOCALHOST_UDP_PROXY_MODE 1 MARK)
 		fi
 	fi
-	
+
 	$ipt_m -A PREROUTING -j PSW
-	
+
 	#  加载ACLS
 	load_acl
-	
+
 	# dns_hijack "force"
-	
+
 	echolog "防火墙规则加载完成！"
 }
@ -606,9 +764,11 @@ del_firewall_rule() {
 		$ip6t_m -D PREROUTING -j PSW 2>/dev/null
 		$ip6t_m -D OUTPUT -p tcp -j PSW_OUTPUT 2>/dev/null
 		$ip6t_m -D OUTPUT -p udp -j PSW_OUTPUT 2>/dev/null
 		ib_nat_exist=$(expr $ib_nat_exist - 1)
 	done
 	fi
 	$ipt_n -F PSW 2>/dev/null && $ipt_n -X PSW 2>/dev/null
 	$ipt_n -F PSW_OUTPUT 2>/dev/null && $ipt_n -X PSW_OUTPUT 2>/dev/null
@ -622,17 +782,29 @@ del_firewall_rule() {
 	ip rule del fwmark 1 lookup 100 2>/dev/null
 	ip route del local 0.0.0.0/0 dev lo table 100 2>/dev/null
 	ip -6 rule del fwmark 1 table 100 2>/dev/null
 	ip -6 route del local ::/0 dev lo table 100 2>/dev/null
 	ipset -F $IPSET_LANIPLIST >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST >/dev/null 2>&1 &
 	ipset -F $IPSET_VPSIPLIST >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST >/dev/null 2>&1 &
 	#ipset -F $IPSET_SHUNTLIST >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST >/dev/null 2>&1 &
 	#ipset -F $IPSET_GFW >/dev/null 2>&1 && ipset -X $IPSET_GFW >/dev/null 2>&1 &
 	#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_CHN >/dev/null 2>&1 && ipset -X $IPSET_CHN >/dev/null 2>&1 &
 	#ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST2 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2 >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST3 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3 >/dev/null 2>&1 &
 	ipset -F $IPSET_WHITELIST >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST >/dev/null 2>&1 &
 	ipset -F $IPSET_LANIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_VPSIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST_6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_SHUNTLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST_6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST_6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST2_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2_6 >/dev/null 2>&1 &
 	#ipset -F $IPSET_BLACKLIST3_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_WHITELIST_6 >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST_6 >/dev/null 2>&1 &
 	echolog "删除相关防火墙规则完成。"
 }
@ -641,13 +813,21 @@ flush_ipset() {
 	ipset -F $IPSET_VPSIPLIST >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST >/dev/null 2>&1 &
 	ipset -F $IPSET_SHUNTLIST >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST >/dev/null 2>&1 &
 	ipset -F $IPSET_GFW >/dev/null 2>&1 && ipset -X $IPSET_GFW >/dev/null 2>&1 &
 	#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
 	ipset -F $IPSET_CHN >/dev/null 2>&1 && ipset -X $IPSET_CHN >/dev/null 2>&1 &
 	ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST2 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2 >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST3 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3 >/dev/null 2>&1 &
 	ipset -F $IPSET_WHITELIST >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST >/dev/null 2>&1 &
 	ipset -F $IPSET_LANIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_VPSIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_SHUNTLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
 	ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST2_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_BLACKLIST3_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3_6 >/dev/null 2>&1 &
 	ipset -F $IPSET_WHITELIST_6 >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST_6 >/dev/null 2>&1 &
 }
 flush_include() {
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/monitor.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/monitor.sh
@ -1,7 +1,9 @@
 #!/bin/sh
 CONFIG=passwall
-RUN_BIN_PATH=/var/etc/${CONFIG}/bin
+TMP_PATH=/var/etc/$CONFIG
 TMP_BIN_PATH=$TMP_PATH/bin
 TMP_ID_PATH=$TMP_PATH/id
 config_n_get() {
 	local ret=$(uci -q get $CONFIG.$1.$2 2>/dev/null)
@ -23,59 +25,71 @@ ENABLED=$(config_t_get global enabled 0)
 [ "$ENABLED" != 1 ] && return 1
 ENABLED=$(config_t_get global_delay start_daemon 0)
 [ "$ENABLED" != 1 ] && return 1
-sleep 1m
+sleep 58s
 while [ "$ENABLED" -eq 1 ]
 do
-	#tcp
+	#TCP
-	TCP_NODE=$(config_t_get global tcp_node nil)
+	[ -f "$TMP_ID_PATH/TCP" ] && {
-	if [ "$TCP_NODE" != "nil" ]; then
+		TCP_NODE=$(cat $TMP_ID_PATH/TCP)
-		#kcptun
+		if [ "$TCP_NODE" != "nil" ]; then
-		use_kcp=$(config_n_get $TCP_NODE use_kcp 0)
+			#kcptun
-		if [ $use_kcp -gt 0 ]; then
+			use_kcp=$(config_n_get $TCP_NODE use_kcp 0)
-			icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH/kcptun" | grep -i "tcp" | wc -l)
+			if [ $use_kcp -gt 0 ]; then
 				icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH/kcptun" | grep -i "tcp" | wc -l)
 				if [ $icount = 0 ]; then
 					/etc/init.d/$CONFIG restart
 					exit 0
 				fi
 			fi
 			icount=$(top -bn1 | grep -v -E 'grep|kcptun' | grep "$TMP_BIN_PATH" | grep -i "TCP" | wc -l)
 			if [ $icount = 0 ]; then
-				/etc/init.d/passwall restart
+				/etc/init.d/$CONFIG restart
 				exit 0
 			fi
 		fi
-		icount=$(top -bn1 | grep -v -E 'grep|kcptun' | grep "$RUN_BIN_PATH" | grep -i "TCP" | wc -l)
+	}
 		if [ $icount = 0 ]; then
 			/etc/init.d/passwall restart
 			exit 0
 		fi
 	fi
 	#udp
-	UDP_NODE=$(config_t_get global udp_node nil)
+	[ -f "$TMP_ID_PATH/UDP" ] && {
-	if [ "$UDP_NODE" != "nil" ]; then
+		UDP_NODE=$(cat $TMP_ID_PATH/UDP)
-		[ "$UDP_NODE" == "tcp" ] && continue
+		if [ "$UDP_NODE" != "nil" ]; then
-		[ "$UDP_NODE" == "tcp_" ] && UDP_NODE=$TCP_NODE1
+			[ "$UDP_NODE" == "tcp" ] && continue
-		icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH" | grep -i "UDP" | wc -l)
+			[ "$UDP_NODE" == "tcp_" ] && UDP_NODE=$TCP_NODE
-		if [ $icount = 0 ]; then
+			icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH" | grep -i "UDP" | wc -l)
-			/etc/init.d/passwall restart
+			if [ $icount = 0 ]; then
-			exit 0
+				/etc/init.d/$CONFIG restart
 				exit 0
 			fi
 		fi
-	fi
+	}
 	#dns
 	dns_mode=$(config_t_get global dns_mode)
 	if [ "$dns_mode" != "nonuse" ] && [ "$dns_mode" != "custom" ]; then
 		icount=$(netstat -apn | grep 7913 | wc -l)
 		if [ $icount = 0 ]; then
-			/etc/init.d/passwall restart
+			/etc/init.d/$CONFIG restart
 			exit 0
 		fi
 	fi
 	#haproxy
 	use_haproxy=$(config_t_get global_haproxy balancing_enable 0)
 	if [ $use_haproxy -gt 0 ]; then
 		icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH/haproxy" | wc -l)
 		if [ $icount = 0 ]; then
 			/etc/init.d/passwall restart
 			exit 0
 		fi
 	fi
-	sleep 1m
+	[ -f "$TMP_BIN_PATH/chinadns-ng" ] && {
 		icount=$(top -bn1 | grep -v grep | grep $TMP_BIN_PATH/chinadns-ng | wc -l)
 		if [ $icount = 0 ]; then
 			/etc/init.d/$CONFIG restart
 			exit 0
 		fi
 	}
 	#haproxy
 	use_haproxy=$(config_t_get global_haproxy balancing_enable 0)
 	if [ $use_haproxy -gt 0 ]; then
 		icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH/haproxy" | wc -l)
 		if [ $icount = 0 ]; then
 			/etc/init.d/$CONFIG restart
 			exit 0
 		fi
 	fi
 	sleep 58s
 done
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_ip
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_ip
@ -11,3 +11,8 @@
 1.0.0.1
 9.9.9.9
 149.112.112.112
 2001:67c:4e8::/48
 2001:b28:f23c::/48
 2001:b28:f23d::/48
 2001:b28:f23f::/48
 2001:b28:f242::/48
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua
@ -70,6 +70,7 @@ do
 		local node_id = t.node
 		CONFIG[#CONFIG + 1] = {
 			log = true,
 			id = t[".name"],
 			remarks = "Socks节点列表[" .. i .. "]",
 			currentNodeId = node_id,
 			currentNode = node_id and ucic2:get_all(application, node_id) or nil,
@ -106,7 +107,7 @@ do
 			set = function(o)
 				for kk, vv in pairs(CONFIG) do
 					if (vv.remarks == "TCP备用节点的列表") then
-						log("刷新自动切换的TCP备用节点的列表")
+						--log("刷新自动切换的TCP备用节点的列表")
 						ucic2:set_list(application, "@auto_switch[0]", "tcp_node", vv.new_nodes)
 					end
 				end
@ -133,7 +134,7 @@ do
 			local default_node_id = node.default_node
 			CONFIG[#CONFIG + 1] = {
-				log = false,
+				log = true,
 				currentNodeId = default_node_id,
 				currentNode = default_node_id and ucic2:get_all(application, default_node_id) or nil,
 				remarks = "分流默认节点",
@ -145,7 +146,7 @@ do
 			local main_node_id = node.main_node
 			CONFIG[#CONFIG + 1] = {
-				log = false,
+				log = true,
 				currentNodeId = main_node_id,
 				currentNode = main_node_id and ucic2:get_all(application, main_node_id) or nil,
 				remarks = "分流默认前置代理节点",
@ -182,7 +183,7 @@ do
 				set = function(o)
 					for kk, vv in pairs(CONFIG) do
 						if (vv.remarks == "负载均衡节点列表" .. node_id) then
-							log("刷新负载均衡节点列表")
+							--log("刷新负载均衡节点列表")
 							ucic2:foreach(application, uciType, function(node2)
 								if node2[".name"] == node[".name"] then
 									local index = node2[".index"]
@ -586,31 +587,24 @@ local function curl(url)
 end
 local function truncate_nodes()
-	local function clear(type)
+	for _, config in pairs(CONFIG) do
-		local node_num = ucic2:get(application, "@global_other[0]", type .. "_node_num") or 1
+		if config.nodes and type(config.nodes) == "table" then
-		for i = 1, node_num, 1 do
+			for kk, vv in pairs(config.nodes) do
-			local node = ucic2:get(application, "@global[0]", type .. "_node" .. i)
+				if vv.currentNode.is_sub and vv.currentNode.is_sub == "1" then
-			if node then
+				else
-				local is_sub_node = ucic2:get(application, node, "is_sub") or 0
+					vv.set(vv, vv.currentNodeId)
-				if is_sub_node == "1" then
+				end
-					ucic2:set(application, '@global[0]', type .. "_node" .. i, "nil")
+			end
 			config.set(config)
 		else
 			if config.currentNode.is_sub and config.currentNode.is_sub == "1" then
 				config.set(config, "nil")
 				if config.id then
 					ucic2:delete(application, config.id)
 				end
 			end
 		end
 	end
 	clear("tcp")
 	clear("udp")
 	ucic2:foreach(application, "socks", function(t)
 		local node = t.node
 		if node then
 			local is_sub_node = ucic2:get(application, node, "is_sub") or 0
 			if is_sub_node == "1" then
 				ucic2:set(application, t[".name"], "node", "nil")
 			end
 		end
 	end)
 	ucic2:foreach(application, uciType, function(node)
 		if (node.is_sub or node.hashkey) and node.add_mode ~= '导入' then
 			ucic2:delete(application, node['.name'])
@ -624,84 +618,96 @@ end
 local function select_node(nodes, config)
 	local server
 	if config.currentNode then
-		for id, node in pairs(nodes) do
+		-- 特别优先级 分流 + 备注
-			-- 特别优先级 分流 + 备注
+		if config.currentNode.protocol and config.currentNode.protocol == '_shunt' then
-			if config.currentNode.protocol and config.currentNode.protocol == '_shunt' then
+			for index, node in pairs(nodes) do
 				if node.remarks == config.currentNode.remarks then
 					log('更新【' .. config.remarks .. '】分流匹配节点：' .. node.remarks)
-					server = id
+					server = node[".name"]
 					break
 				end
 			end
-			-- 特别优先级 负载均衡 + 备注
+		end
-			if config.currentNode.protocol and config.currentNode.protocol == '_balancing' then
+		-- 特别优先级 负载均衡 + 备注
 		if config.currentNode.protocol and config.currentNode.protocol == '_balancing' then
 			for index, node in pairs(nodes) do
 				if node.remarks == config.currentNode.remarks then
 					log('更新【' .. config.remarks .. '】负载均衡匹配节点：' .. node.remarks)
-					server = id
+					server = node[".name"]
 					break
 				end
 			end
-			-- 第一优先级 cfgid
+		end
-			if not server then
+		-- 第一优先级 cfgid
-				if id == config.currentNode['.name'] then
+		if not server then
 			for index, node in pairs(nodes) do
 				if node[".name"] == config.currentNode['.name'] then
 					if config.log == nil or config.log == true then
 						log('更新【' .. config.remarks .. '】第一匹配节点：' .. node.remarks)
 					end
-					server = id
+					server = node[".name"]
 					break
 				end
 			end
-			-- 第二优先级 类型 + IP + 端口
+		end
-			if not server then
+		-- 第二优先级 类型 + IP + 端口
 		if not server then
 			for index, node in pairs(nodes) do
 				if config.currentNode.type and config.currentNode.address and config.currentNode.port then
 					if node.type and node.address and node.port then
 						if node.type == config.currentNode.type and (node.address .. ':' .. node.port == config.currentNode.address .. ':' .. config.currentNode.port) then
 							if config.log == nil or config.log == true then
 								log('更新【' .. config.remarks .. '】第二匹配节点：' .. node.remarks)
 							end
-							server = id
+							server = node[".name"]
 							break
 						end
 					end
 				end
 			end
-			-- 第三优先级 IP + 端口
+		end
-			if not server then
+		-- 第三优先级 IP + 端口
 		if not server then
 			for index, node in pairs(nodes) do
 				if config.currentNode.address and config.currentNode.port then
 					if node.address and node.port then
 						if node.address .. ':' .. node.port == config.currentNode.address .. ':' .. config.currentNode.port then
 							if config.log == nil or config.log == true then
 								log('更新【' .. config.remarks .. '】第三匹配节点：' .. node.remarks)
 							end
-							server = id
+							server = node[".name"]
 							break
 						end
 					end
 				end
 			end
-			-- 第四优先级 IP
+		end
-			if not server then
+		-- 第四优先级 IP
 		if not server then
 			for index, node in pairs(nodes) do
 				if config.currentNode.address then
 					if node.address then
 						if node.address == config.currentNode.address then
 							if config.log == nil or config.log == true then
 								log('更新【' .. config.remarks .. '】第四匹配节点：' .. node.remarks)
 							end
-							server = id
+							server = node[".name"]
 							break
 						end
 					end
 				end
 			end
-			-- 第五优先级备注
+		end
-			if not server then
+		-- 第五优先级备注
 		if not server then
 			for index, node in pairs(nodes) do
 				if config.currentNode.remarks then
 					if node.remarks then
 						if node.remarks == config.currentNode.remarks then
 							if config.log == nil or config.log == true then
 								log('更新【' .. config.remarks .. '】第五匹配节点：' .. node.remarks)
 							end
-							server = id
+							server = node[".name"]
 							break
 						end
 					end
@ -752,7 +758,7 @@ local function update_node(manual)
 		local nodes = {}
 		local ucic3 = luci.model.uci.cursor()
 		ucic3:foreach(application, uciType, function(node)
-			nodes[node['.name']] = node
+			nodes[#nodes + 1] = node
 		end)
 		for _, config in pairs(CONFIG) do
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/test.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/test.sh
@ -88,12 +88,13 @@ test_auto_switch() {
 				}
 			else
 				local tmp_port=$(/usr/share/${CONFIG}/app.sh get_new_port 61080 tcp)
-				/usr/share/${CONFIG}/app.sh run_socks "auto_switch" "$main_node" "127.0.0.1" "$tmp_port" "/var/etc/${CONFIG}/auto_switch.json"
+				/usr/share/${CONFIG}/app.sh run_socks "auto_switch" "$main_node" "127.0.0.1" "$tmp_port" "/var/etc/${CONFIG}/test.json"
 				local curlx="socks5h://127.0.0.1:$tmp_port"
 			fi
-			sleep 10s
+			sleep 9s
 			proxy_status=$(test_url "https://www.google.com/generate_204" 3 3 "-x $curlx")
-			top -bn1 | grep -v "grep" | grep "/var/etc/${CONFIG}/auto_switch.json" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
+			top -bn1 | grep -v "grep" | grep "/var/etc/${CONFIG}/test.json" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
 			rm -rf "/var/etc/${CONFIG}/test.json"
 			if [ "$proxy_status" -eq 200 ]; then
 				#主节点正常，切换到主节点
 				echolog "自动切换检测：${TYPE}主节点正常，切换到主节点！"
@ -125,7 +126,7 @@ test_auto_switch() {
 			fi
 		fi
 		/usr/share/${CONFIG}/app.sh node_switch ${TYPE} ${new_node}
-		sleep 10s
+		sleep 9s
 		# 切换节点后等待10秒后再检测一次，如果还是不通继续切，直到可用为止
 		status2=$(test_proxy)
 		if [ "$status2" -eq 0 ]; then
@ -141,11 +142,12 @@ test_auto_switch() {
 start() {
 	ENABLED=$(config_t_get global enabled 0)
-	[ "$ENABLED" != 1 ] && _return 1
+	[ "$ENABLED" != 1 ] && return 1
 	ENABLED=$(config_t_get auto_switch enable 0)
-	[ "$ENABLED" != 1 ] && _return 1
+	[ "$ENABLED" != 1 ] && return 1
 	delay=$(config_t_get auto_switch testing_time 1)
-	sleep ${delay}m
+	#sleep ${delay}m
 	sleep 9s
 	while [ "$ENABLED" -eq 1 ]
 	do
 		TCP_NODE=$(config_t_get auto_switch tcp_node nil)