Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: chongshengB/Padavan-build
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: wangziyingwen/Padavan-build
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 11 commits
  • 4 files changed
  • 1 contributor

Commits on Aug 10, 2020

  1. Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    Copy the full SHA
    8c1cf93 View commit details

Commits on Aug 12, 2020

  1. Copy the full SHA
    fea6d94 View commit details

Commits on Aug 15, 2020

  1. Copy the full SHA
    d4e4ea0 View commit details
  2. Copy the full SHA
    db86805 View commit details
  3. Create log.txt

    wangziyingwen authored Aug 15, 2020
    Copy the full SHA
    1fd081e View commit details
  4. Add files via upload

    wangziyingwen authored Aug 15, 2020
    Copy the full SHA
    d313d8c View commit details
  5. Add files via upload

    wangziyingwen authored Aug 15, 2020
    Copy the full SHA
    7fbaf7f View commit details
  6. Copy the full SHA
    58e6526 View commit details

Commits on Aug 16, 2020

  1. Copy the full SHA
    0d5460e View commit details
  2. Copy the full SHA
    d30fbc4 View commit details

Commits on Oct 21, 2022

  1. Update shadowsocks.sh

    wangziyingwen authored Oct 21, 2022
    Copy the full SHA
    6980c7e View commit details
Showing with 919 additions and 11 deletions.
  1. +25 −11 .github/workflows/build-padavan.yml
  2. +269 −0 public/PSG1218_hzn.config
  3. +1 −0 public/log.txt
  4. +624 −0 public/shadowsocks.sh
36 changes: 25 additions & 11 deletions .github/workflows/build-padavan.yml
Original file line number Diff line number Diff line change
@@ -36,14 +36,27 @@ jobs:
cd /opt/rt-n56u/toolchain-mipsel
sh dl_toolchain.sh
mkdir -p /opt/images/
- name: Build Firmware
env:
TNAME: K2P-5.0
TNAME: PSG1218_hzn
run: |
if [ -f public/shadowsocks.sh ] ; then
mv -f public/shadowsocks.sh /opt/rt-n56u/trunk/user/shadowsocks/scripts/shadowsocks.sh
echo "shadowsocks SH copy success"
else
exit 1
fi
if [ -f public/PSG1218_hzn.config ] ; then
mv -f public/PSG1218_hzn.config /opt/rt-n56u/trunk/configs/templates/PSG1218_hzn.config
echo "config file copy success"
else
exit 2
fi
cd /opt/rt-n56u/trunk
if [ ! -f configs/templates/$TNAME.config ] ; then
echo "configs/templates/$TNAME.config not found "
exit 1
exit 3
fi
cp -f configs/templates/$TNAME.config .config
sed -i 's/CONFIG_FIRMWARE_INCLUDE_OPENSSL_EXE=n/CONFIG_FIRMWARE_INCLUDE_OPENSSL_EXE=y/g' .config
@@ -53,6 +66,7 @@ jobs:
sed -i '/CONFIG_FIRMWARE_INCLUDE_MENTOHUST/d' .config #删除配置项MENTOHUST
sed -i '/CONFIG_FIRMWARE_INCLUDE_SCUTCLIENT/d' .config #删除配置项SCUTCLIENT
sed -i '/CONFIG_FIRMWARE_INCLUDE_SHADOWSOCKS/d' .config #删除配置项SS plus+
sed -i '/CONFIG_FIRMWARE_INCLUDE_SSOBFS/d' .config # 删除配置项simple-obfs混淆插件
sed -i '/CONFIG_FIRMWARE_INCLUDE_SSSERVER/d' .config #删除配置项SS server
sed -i '/CONFIG_FIRMWARE_INCLUDE_DNSFORWARDER/d' .config #删除配置项DNSFORWARDER
sed -i '/CONFIG_FIRMWARE_INCLUDE_ADBYBY/d' .config #删除配置项adbyby plus+
@@ -69,24 +83,24 @@ jobs:
echo "CONFIG_FIRMWARE_INCLUDE_MENTOHUST=n" >> .config #MENTOHUST
echo "CONFIG_FIRMWARE_INCLUDE_SCUTCLIENT=n" >> .config #SCUTCLIENT
echo "CONFIG_FIRMWARE_INCLUDE_SHADOWSOCKS=y" >> .config #SS plus+
echo "CONFIG_FIRMWARE_INCLUDE_SSOBFS=n" >> .config # simple-obfs混淆插件
echo "CONFIG_FIRMWARE_INCLUDE_SSOBFS=y" >> .config # simple-obfs混淆插件
echo "CONFIG_FIRMWARE_INCLUDE_SSSERVER=n" >> .config #SS server
echo "CONFIG_FIRMWARE_INCLUDE_DNSFORWARDER=n" >> .config #DNSFORWARDER
echo "CONFIG_FIRMWARE_INCLUDE_ADBYBY=y" >> .config #adbyby plus+
echo "CONFIG_FIRMWARE_INCLUDE_ADBYBY=n" >> .config #去广告adbyby plus+
echo "CONFIG_FIRMWARE_INCLUDE_FRPC=n" >> .config #内网穿透FRPC
echo "CONFIG_FIRMWARE_INCLUDE_FRPS=n" >> .config #内网穿透FRPS
echo "CONFIG_FIRMWARE_INCLUDE_TUNSAFE=n" >> .config #TUNSAFE
echo "CONFIG_FIRMWARE_INCLUDE_ALIDDNS=y" >> .config #阿里DDNS
echo "CONFIG_FIRMWARE_INCLUDE_SMARTDNS=y" >> .config #smartdns
echo "CONFIG_FIRMWARE_INCLUDE_SMARTDNSBIN=y" >> .config #smartdns二进制文件
echo "CONFIG_FIRMWARE_INCLUDE_ALIDDNS=n" >> .config #阿里DDNS
echo "CONFIG_FIRMWARE_INCLUDE_SMARTDNS=n" >> .config #smartdns
echo "CONFIG_FIRMWARE_INCLUDE_SMARTDNSBIN=n" >> .config #smartdns二进制文件
echo "CONFIG_FIRMWARE_INCLUDE_V2RAY=n" >> .config #集成v2ray执行文件(3.8M左右),如果不集成,会从网上下载下来执行,不影响正常使用
echo "CONFIG_FIRMWARE_INCLUDE_TROJAN=n" >> .config #集成trojan执行文件(1.1M左右),如果不集成,会从网上下载下来执行,不影响正常使用
echo "CONFIG_FIRMWARE_INCLUDE_KOOLPROXY=y" >> .config #KP广告过滤
echo "CONFIG_FIRMWARE_INCLUDE_CADDY=y" >> .config #在线文件管理服务
echo "CONFIG_FIRMWARE_INCLUDE_KOOLPROXY=n" >> .config #KP广告过滤
echo "CONFIG_FIRMWARE_INCLUDE_CADDY=n" >> .config #在线文件管理服务
echo "CONFIG_FIRMWARE_INCLUDE_CADDYBIN=n" >> .config #集成caddu执行文件,此文件有13M,请注意固件大小。如果不集成,会从网上下载下来执行,不影响正常使用
echo "CONFIG_FIRMWARE_INCLUDE_ADGUARDHOME=y" >> .config
echo "CONFIG_FIRMWARE_INCLUDE_ADGUARDHOME=n" >> .config
echo "CONFIG_FIRMWARE_INCLUDE_SRELAY=n" >> .config #可以不集成
echo "CONFIG_FIRMWARE_INCLUDE_WYY=y" >> .config #网易云解锁
echo "CONFIG_FIRMWARE_INCLUDE_WYY=n" >> .config #网易云解锁
echo "CONFIG_FIRMWARE_INCLUDE_WYYBIN=n" >> .config #网易云解锁GO版本执行文件(4M多)注意固件超大小,不集成会自动下载
echo "CONFIG_FIRMWARE_INCLUDE_ZEROTIER=n" >> .config #zerotier ~1.3M
#########################################################################################
269 changes: 269 additions & 0 deletions public/PSG1218_hzn.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,269 @@
### Target Vendor/Product (support only Ralink RT3883/MT7620/MT7621/MT7628)
CONFIG_VENDOR=Ralink
CONFIG_PRODUCT=MT7620

### Target ProductID (board select, max 12 symbols)
CONFIG_FIRMWARE_PRODUCT_ID="PSG1218"

### Linux kernel and toolchain
CONFIG_LINUXDIR=linux-3.4.x
CONFIG_TOOLCHAIN_DIR=/opt/rt-n56u/toolchain-mipsel

############################################################
### Linux kernel configuration
############################################################

### Build ROOTFS_IN_RAM firmware mode (kernel+initramfs).
### Decreased firmware size, but more RAM used, slow boot.
### Also allow build image for load w/o flash from UART console
#CONFIG_FIRMWARE_TYPE_ROOTFS_IN_RAM=y

### Force MT7620 CPU clock to 600MHz (override Uboot settings)
#CONFIG_FIRMWARE_CPU_600MHZ=y

### Enable MT7620 CPU sleep mode (downclock to 200MHz on idle)
#CONFIG_FIRMWARE_CPU_SLEEP=y

### Kernel driver select for WiFi AP 2.4GHz
### 2.7 = MT7620 v2.7.2.0
### 3.0 = MT7620 v3.0.4.0
CONFIG_FIRMWARE_WIFI2_DRIVER=2.7

### Kernel driver select for WiFi AP 5GHz
### 3.0 = MT7612E v3.0.4.0
CONFIG_FIRMWARE_WIFI5_DRIVER=3.0

### Enable IPv6 support
CONFIG_FIRMWARE_ENABLE_IPV6=y

### Enable USB support
CONFIG_FIRMWARE_ENABLE_USB=n

### Enable NTFS filesystem support via Paragon "ufsd" driver. ~0.4MB
CONFIG_FIRMWARE_ENABLE_UFSD=n

### Enable FAT/FAT32 filesystem support. ~0.1MB
CONFIG_FIRMWARE_ENABLE_FAT=n

### Enable exFAT (FAT/FAT32 too) filesystem support. ~0.12MB
CONFIG_FIRMWARE_ENABLE_EXFAT=n

### Enable EXT2 filesystem support. ~0.1MB
CONFIG_FIRMWARE_ENABLE_EXT2=n

### Enable EXT3 filesystem support. ~0.2MB
CONFIG_FIRMWARE_ENABLE_EXT3=n

### Enable EXT4 (EXT3/2 too) filesystem support. ~0.4MB
CONFIG_FIRMWARE_ENABLE_EXT4=n

### Enable XFS filesystem support. ~0.6MB
CONFIG_FIRMWARE_ENABLE_XFS=n

### Enable FUSE (filesystems in userspace) support. ~0.1MB
CONFIG_FIRMWARE_ENABLE_FUSE=n

### Enable swap files/partitions support. ~0.05MB
CONFIG_FIRMWARE_ENABLE_SWAP=n

### Include UVC camera modules. ~0.2MB
CONFIG_FIRMWARE_INCLUDE_UVC=n

### Include USB-HID modules. ~0.2MB
CONFIG_FIRMWARE_INCLUDE_HID=n

### Include USB-Serial modules (e.g. pl2303). ~0.03MB
CONFIG_FIRMWARE_INCLUDE_SERIAL=n

### Include USB-Audio modules ~0.46MB
CONFIG_FIRMWARE_INCLUDE_AUDIO=n

### Include network QoS scheduling modules. ~0.2MB
CONFIG_FIRMWARE_INCLUDE_QOS=n

### Include IMQ module for shapers (a bit of performance degradation). ~0.02MB
CONFIG_FIRMWARE_INCLUDE_IMQ=n

### Include IFB module for shapers. ~0.03MB
CONFIG_FIRMWARE_INCLUDE_IFB=n

### Include IPSet utility and kernel modules. ~0.4MB
CONFIG_FIRMWARE_INCLUDE_IPSET=y

### Include NFSv3 server. ~0.6MB
CONFIG_FIRMWARE_INCLUDE_NFSD=n

### Include NFSv3 client. ~0.5MB
CONFIG_FIRMWARE_INCLUDE_NFSC=n

### Include CIFS (SMB) client. ~0.2MB
CONFIG_FIRMWARE_INCLUDE_CIFS=n

############################################################
### Userspace configuration
############################################################

### Include WebUI international resources. Increased firmware size
CONFIG_FIRMWARE_INCLUDE_LANG_CN=y
#CONFIG_FIRMWARE_INCLUDE_LANG_BR=y
#CONFIG_FIRMWARE_INCLUDE_LANG_CZ=y
#CONFIG_FIRMWARE_INCLUDE_LANG_DA=y
#CONFIG_FIRMWARE_INCLUDE_LANG_DE=y
#CONFIG_FIRMWARE_INCLUDE_LANG_ES=y
#CONFIG_FIRMWARE_INCLUDE_LANG_FI=y
#CONFIG_FIRMWARE_INCLUDE_LANG_FR=y
#CONFIG_FIRMWARE_INCLUDE_LANG_NO=y
#CONFIG_FIRMWARE_INCLUDE_LANG_PL=y
#CONFIG_FIRMWARE_INCLUDE_LANG_RU=y
#CONFIG_FIRMWARE_INCLUDE_LANG_SV=y
#CONFIG_FIRMWARE_INCLUDE_LANG_UK=y

### Include NTFS-3G FUSE driver (instead of Paragon "ufsd"). ~0.4MB
CONFIG_FIRMWARE_INCLUDE_NTFS_3G=n

### Include LPR printer daemon. ~0.12MB
CONFIG_FIRMWARE_INCLUDE_LPRD=n

### Include USB-over-Ethernet printer daemon. ~0.05MB
CONFIG_FIRMWARE_INCLUDE_U2EC=n

### Include "tcpdump" utility. ~0.6MB
CONFIG_FIRMWARE_INCLUDE_TCPDUMP=n

### Include "hdparm" utility (allow set HDD spindown timeout and APM). ~0.1MB
CONFIG_FIRMWARE_INCLUDE_HDPARM=n

### Include "parted" utility (allow make GPT partitions). ~0.3MB
CONFIG_FIRMWARE_INCLUDE_PARTED=n

### Include SMB (and WINS) server. ~1.5MB
CONFIG_FIRMWARE_INCLUDE_SMBD=n

### using samba3.6 instead of samba3
CONFIG_FIRMWARE_INCLUDE_SMBD36=n

### Include WINS server only. ~0.4MB
CONFIG_FIRMWARE_INCLUDE_WINS=n

### Include syslog for SMB and WINS server. ~0.3MB
CONFIG_FIRMWARE_INCLUDE_SMBD_SYSLOG=n

### Include FTP server. ~0.2MB
CONFIG_FIRMWARE_INCLUDE_FTPD=n

### Include alternative L2TP control client RP-L2TP. ~0.1MB
CONFIG_FIRMWARE_INCLUDE_RPL2TP=n

### Include EAP-TTLS and EAP-PEAP authentication support. openssl ~1.2MB, wpa_supplicant +0.04MB
CONFIG_FIRMWARE_INCLUDE_EAP_PEAP=n

### Include HTTPS support for DDNS client. openssl ~1.2MB
CONFIG_FIRMWARE_INCLUDE_DDNS_SSL=y

### Include HTTPS support. openssl ~1.2MB
CONFIG_FIRMWARE_INCLUDE_HTTPS=y

### Include sftp-server. openssl ~1.2MB, sftp-server ~0.06MB
CONFIG_FIRMWARE_INCLUDE_SFTP=y

### Include dropbear SSH. ~0.3MB
CONFIG_FIRMWARE_INCLUDE_DROPBEAR=y

### Make the dropbear symmetrical ciphers and hashes faster. ~0.06MB
CONFIG_FIRMWARE_INCLUDE_DROPBEAR_FAST_CODE=y

### Include OpenSSH instead of dropbear. openssl ~1.2MB, openssh ~1.0MB
CONFIG_FIRMWARE_INCLUDE_OPENSSH=n

### Include OpenVPN. IPv6 required. openssl ~1.2MB, openvpn ~0.4MB
CONFIG_FIRMWARE_INCLUDE_OPENVPN=n

### Include Elliptic Curves (EC) to openssl library. ~0.1MB
CONFIG_FIRMWARE_INCLUDE_OPENSSL_EC=y

### Include "openssl" executable for generate certificates. ~0.4MB
CONFIG_FIRMWARE_INCLUDE_OPENSSL_EXE=y

### Include xUPNPd IPTV mediaserver. ~0.3MB
CONFIG_FIRMWARE_INCLUDE_XUPNPD=n

### Include Minidlna UPnP mediaserver. ~1.6MB
CONFIG_FIRMWARE_INCLUDE_MINIDLNA=n

### Include Firefly iTunes mediaserver. ~1.0MB
CONFIG_FIRMWARE_INCLUDE_FIREFLY=n

### Include ffmpeg 0.11.x instead of 0.6.x for Minidlna and Firefly. ~0.1MB
CONFIG_FIRMWARE_INCLUDE_FFMPEG_NEW=n

### Include Transmission torrent. openssl ~1.2MB, transmission ~1.5MB
CONFIG_FIRMWARE_INCLUDE_TRANSMISSION=n

### Include Transmission-Web-Control (advanced WebUI). ~0.8MB
CONFIG_FIRMWARE_INCLUDE_TRANSMISSION_WEB_CONTROL=n

### Include Aria2 download manager. openssl ~1.2MB, aria2 ~3.5MB
CONFIG_FIRMWARE_INCLUDE_ARIA=n

### Include Aria2 WEB control. ~0.7MB
CONFIG_FIRMWARE_INCLUDE_ARIA_WEB_CONTROL=n

CONFIG_FIRMWARE_INCLUDE_CURL=y

CONFIG_FIRMWARE_INCLUDE_SCUTCLIENT=n

CONFIG_FIRMWARE_INCLUDE_GDUT_DRCOM=n

CONFIG_FIRMWARE_INCLUDE_DOGCOM=n

CONFIG_FIRMWARE_INCLUDE_MINIEAP=n

CONFIG_FIRMWARE_INCLUDE_NJIT_CLIENT=n

CONFIG_FIRMWARE_INCLUDE_NAPT66=n

CONFIG_FIRMWARE_INCLUDE_SHADOWSOCKS=y

CONFIG_FIRMWARE_INCLUDE_SSOBFS=y

CONFIG_FIRMWARE_INCLUDE_SSSERVER=n

CONFIG_FIRMWARE_INCLUDE_SOFTETHERVPN_SERVER=n

CONFIG_FIRMWARE_INCLUDE_SOFTETHERVPN_CLIENT=n

CONFIG_FIRMWARE_INCLUDE_SOFTETHERVPN_CMD=n

CONFIG_FIRMWARE_INCLUDE_DNSFORWARDER=n

CONFIG_FIRMWARE_INCLUDE_VLMCSD=n

CONFIG_FIRMWARE_INCLUDE_TTYD=n

CONFIG_FIRMWARE_INCLUDE_LRZSZ=n

CONFIG_FIRMWARE_INCLUDE_HTOP=n

CONFIG_FIRMWARE_INCLUDE_NANO=n

CONFIG_FIRMWARE_INCLUDE_IPERF3=n

CONFIG_FIRMWARE_INCLUDE_DUMP1090=n

CONFIG_FIRMWARE_INCLUDE_RTL_SDR=n

CONFIG_FIRMWARE_INCLUDE_MTR=n

CONFIG_FIRMWARE_INCLUDE_SOCAT=n

CONFIG_FIRMWARE_INCLUDE_SRELAY=n

CONFIG_FIRMWARE_INCLUDE_MENTOHUST=n

CONFIG_FIRMWARE_INCLUDE_FRPC=n

CONFIG_FIRMWARE_INCLUDE_FRPS=n

CONFIG_FIRMWARE_INCLUDE_TUNSAFE=n

CONFIG_FIRMWARE_CPU_600MHZ=y
1 change: 1 addition & 0 deletions public/log.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

624 changes: 624 additions & 0 deletions public/shadowsocks.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,624 @@
#!/bin/sh
#
# Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com>
# Copyright (C) 2018 lean <coolsnowwolf@gmail.com>
# Copyright (C) 2019 chongshengB <bkye@vip.qq.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
NAME=shadowsocksr
http_username=`nvram get http_username`
CONFIG_FILE=/tmp/${NAME}.json
CONFIG_UDP_FILE=/tmp/${NAME}_u.json
CONFIG_SOCK5_FILE=/tmp/${NAME}_s.json
CONFIG_KUMASOCKS_FILE=/tmp/kumasocks.toml
v2_json_file="/tmp/v2-redir.json"
trojan_json_file="/tmp/tj-redir.json"
server_count=0
redir_tcp=0
v2ray_enable=0
redir_udp=0
tunnel_enable=0
local_enable=0
pdnsd_enable_flag=0
wan_bp_ips="/tmp/whiteip.txt"
wan_fw_ips="/tmp/blackip.txt"
lan_fp_ips="/tmp/lan_ip.txt"
run_mode=`nvram get ss_run_mode`
ss_turn=`nvram get ss_turn`
lan_con=`nvram get lan_con`
GLOBAL_SERVER=`nvram get global_server`
socks=""

find_bin() {
case "$1" in
ss) ret="/usr/bin/ss-redir" ;;
ss-local) ret="/usr/bin/ss-local" ;;
ssr) ret="/usr/bin/ssr-redir" ;;
ssr-local) ret="/usr/bin/ssr-local" ;;
ssr-server) ret="/usr/bin/ssr-server" ;;
v2ray) ret="/tmp/v2ray" ;;
trojan) ret="/tmp/trojan" ;;
socks5) ret="/usr/bin/ipt2socks" ;;
esac
echo $ret
}

gen_config_file() {

fastopen="false"
case "$2" in
0) config_file=$CONFIG_FILE && local stype=$(nvram get d_type) ;;
1) config_file=$CONFIG_UDP_FILE && local stype=$(nvram get ud_type) ;;
*) config_file=$CONFIG_SOCK5_FILE && local stype=$(nvram get s5_type) ;;
esac
local type=$stype
case "$type" in
ss)
lua /etc_ro/ss/genssconfig.lua $1 $3 >$config_file
sed -i 's/\\//g' $config_file
;;
ssr)
lua /etc_ro/ss/genssrconfig.lua $1 $3 >$config_file
sed -i 's/\\//g' $config_file
;;
trojan)
if [ ! -f "/tmp/trojan" ]; then
logger -t "SS" "trojan二进制文件下载失败,可能是地址失效或者网络异常!"
nvram set ss_enable=0
ssp_close
else
logger -t "SS" "trojan二进制文件下载成功或者已存在"
chmod -R 777 /tmp/trojan
fi
#tj_file=$trojan_json_file
if [ "$2" = "0" ]; then
lua /etc_ro/ss/gentrojanconfig.lua $1 nat 1080 >$trojan_json_file
sed -i 's/\\//g' $trojan_json_file
else
lua /etc_ro/ss/gentrojanconfig.lua $1 client 10801 >/tmp/trojan-ssr-reudp.json
sed -i 's/\\//g' /tmp/trojan-ssr-reudp.json
fi
;;
v2ray)
if [ ! -f "/tmp/v2ray" ]; then
logger -t "SS" "v2ray二进制文件下载失败,可能是地址失效或者网络异常!"
nvram set ss_enable=0
ssp_close
else
logger -t "SS" "v2ray二进制文件下载成功或者已存在"
chmod -R 777 /tmp/v2ray
fi
v2ray_enable=1
if [ "$2" = "1" ]; then
lua /etc_ro/ss/genv2config.lua $1 udp 1080 >/tmp/v2-ssr-reudp.json
sed -i 's/\\//g' /tmp/v2-ssr-reudp.json
else
lua /etc_ro/ss/genv2config.lua $1 tcp 1080 >$v2_json_file
sed -i 's/\\//g' $v2_json_file
fi
;;
esac
}

get_arg_out() {
router_proxy="1"
case "$router_proxy" in
1) echo "-o" ;;
2) echo "-O" ;;
esac
}

start_rules() {
local stype=$(nvram get d_type)
case "$stype" in
trojan)
if [ ! -f "/tmp/trojan" ];then
curl -k -s -o /tmp/trojan --connect-timeout 10 --retry 3 https://fastly.jsdelivr.net/gh/wangziyingwen/OutSide/trojan/trojan
fi
;;
v2ray)
if [ ! -f "/tmp/v2ray" ];then
curl -k -s -o /tmp/v2ray --connect-timeout 10 --retry 3 https://fastly.jsdelivr.net/gh/wangziyingwen/OutSide/v2ray/v2ray
fi
;;
esac
logger -t "SS" "正在添加防火墙规则..."
lua /etc_ro/ss/getconfig.lua $GLOBAL_SERVER > /tmp/server.txt
server=`cat /tmp/server.txt`
cat /etc/storage/ss_ip.sh | grep -v '^!' | grep -v "^$" >$wan_fw_ips
cat /etc/storage/ss_wan_ip.sh | grep -v '^!' | grep -v "^$" >$wan_bp_ips
#resolve name
if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
server=${server}
elif [ "$server" != "${server#*:[0-9a-fA-F]}" ]; then
server=${server}
else
server=$(ping ${server} -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1)
if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
echo $server >/etc/storage/ssr_ip
else
server=$(cat /etc/storage/ssr_ip)
fi
fi
local_port="1080"
lan_ac_ips=$lan_ac_ips
lan_ac_mode="b"
#if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" ]; then
# ARG_UDP="-u"
if [ "$UDP_RELAY_SERVER" != "nil" ]; then
ARG_UDP="-U"
lua /etc_ro/ss/getconfig.lua $UDP_RELAY_SERVER > /tmp/userver.txt
udp_server=`cat /tmp/userver.txt`
udp_local_port="1080"
fi
if [ -n "$lan_ac_ips" ]; then
case "$lan_ac_mode" in
w | W | b | B) ac_ips="$lan_ac_mode$lan_ac_ips" ;;
esac
fi
#ac_ips="b"
gfwmode=""
if [ "$run_mode" = "gfw" ]; then
gfwmode="-g"
elif [ "$run_mode" = "router" ]; then
gfwmode="-r"
elif [ "$run_mode" = "oversea" ]; then
gfwmode="-c"
elif [ "$run_mode" = "all" ]; then
gfwmode="-z"
fi
if [ "$lan_con" = "0" ]; then
rm -f $lan_fp_ips
lancon="all"
lancons="全部IP走代理"
cat /etc/storage/ss_lan_ip.sh | grep -v '^!' | grep -v "^$" >$lan_fp_ips
elif [ "$lan_con" = "1" ]; then
rm -f $lan_fp_ips
lancon="bip"
lancons="指定IP走代理,请到规则管理页面添加需要走代理的IP。"
cat /etc/storage/ss_lan_bip.sh | grep -v '^!' | grep -v "^$" >$lan_fp_ips
fi
dports=$(nvram get s_dports)
if [ $dports = "0" ]; then
proxyport=" "
else
proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443"
fi
/usr/bin/ss-rules \
-s "$server" \
-l "$local_port" \
-S "$udp_server" \
-L "$udp_local_port" \
-a "$ac_ips" \
-i "" \
-b "$wan_bp_ips" \
-w "$wan_fw_ips" \
-p "$lan_fp_ips" \
-G "$lan_gm_ips" \
-G "$lan_gm_ips" \
-D "$proxyport" \
-k "$lancon" \
$(get_arg_out) $gfwmode $ARG_UDP
return $?
}

start_redir_tcp() {
ARG_OTA=""
gen_config_file $GLOBAL_SERVER 0 1080
stype=$(nvram get d_type)
local bin=$(find_bin $stype)
[ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Main node:Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1
if [ "$(nvram get ss_threads)" = "0" ]; then
threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l)
else
threads=$(nvram get ss_threads)
fi
logger -t "SS" "启动$stype主服务器..."
case "$stype" in
ss | ssr)
last_config_file=$CONFIG_FILE
pid_file="/tmp/ssr-retcp.pid"
for i in $(seq 1 $threads); do
$bin -c $CONFIG_FILE $ARG_OTA -f /tmp/ssr-retcp_$i.pid >/dev/null 2>&1
usleep 500000
done
redir_tcp=1
echo "$(date "+%Y-%m-%d %H:%M:%S") Shadowsocks/ShadowsocksR $threads 线程启动成功!" >>/tmp/ssrplus.log
;;
trojan)
for i in $(seq 1 $threads); do
$bin --config $trojan_json_file >>/tmp/ssrplus.log 2>&1 &
usleep 500000
done
echo "$(date "+%Y-%m-%d %H:%M:%S") $($bin --version 2>&1 | head -1) Started!" >>/tmp/ssrplus.log
;;
v2ray)
$bin -config $v2_json_file >/dev/null 2>&1 &
echo "$(date "+%Y-%m-%d %H:%M:%S") $($bin -version | head -1) 启动成功!" >>/tmp/ssrplus.log
;;
socks5)
for i in $(seq 1 $threads); do
lua /etc_ro/ss/gensocks.lua $GLOBAL_SERVER 1080 >/dev/null 2>&1 &
usleep 500000
done
;;
esac
return 0
}

start_redir_udp() {
if [ "$UDP_RELAY_SERVER" != "nil" ]; then
redir_udp=1
logger -t "SS" "启动$utype游戏UDP中继服务器"
utype=$(nvram get ud_type)
local bin=$(find_bin $utype)
[ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") UDP TPROXY Relay:Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1
case "$utype" in
ss | ssr)
ARG_OTA=""
gen_config_file $UDP_RELAY_SERVER 1 1080
last_config_file=$CONFIG_UDP_FILE
pid_file="/var/run/ssr-reudp.pid"
$bin -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1
;;
v2ray)
gen_config_file $UDP_RELAY_SERVER 1
$bin -config /tmp/v2-ssr-reudp.json >/dev/null 2>&1 &
;;
trojan)
gen_config_file $UDP_RELAY_SERVER 1
$bin --config /tmp/trojan-ssr-reudp.json >/dev/null 2>&1 &
ipt2socks -U -b 0.0.0.0 -4 -s 127.0.0.1 -p 10801 -l 1080 >/dev/null 2>&1 &
;;
socks5)
echo "1"
;;
esac
fi
return 0
}
ss_switch=$(nvram get backup_server)
if [ $ss_switch != "nil" ]; then
switch_time=$(nvram get ss_turn_s)
switch_timeout=$(nvram get ss_turn_ss)
#/usr/bin/ssr-switch start $switch_time $switch_timeout &
socks="-o"
fi
#return $?



start_dns() {
case "$run_mode" in
router)
echo "create china hash:net family inet hashsize 1024 maxelem 65536" >/tmp/china.ipset
awk '!/^$/&&!/^#/{printf("add china %s'" "'\n",$0)}' /etc/storage/chinadns/chnroute.txt >>/tmp/china.ipset
ipset -! flush china
ipset -! restore </tmp/china.ipset 2>/dev/null
rm -f /tmp/china.ipset
if [ $(nvram get ss_chdns) = 1 ]; then
logger -t "SS" "下载cdn域名文件..."
wget --no-check-certificate --timeout=8 -qO - https://gitee.com/bkye/rules/raw/master/cdn.txt > /tmp/cdn.txt
if [ ! -f "/tmp/cdn.txt" ]; then
logger -t "SS" "cdn域名文件下载失败,可能是地址失效或者网络异常!可能会影响部分国内域名解析了国外的IP!"
else
logger -t "SS" "cdn域名文件下载成功"
fi
logger -st "SS" "启动chinadns..."
dns2tcp -L"127.0.0.1#5353" -R"$(nvram get tunnel_forward)" >/dev/null 2>&1 &
chinadns-ng -b 0.0.0.0 -l 65353 -c $(nvram get china_dns) -t 127.0.0.1#5353 -4 china -m /tmp/cdn.txt >/dev/null 2>&1 &
sed -i '/no-resolv/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/server=127.0.0.1/d' /etc/storage/dnsmasq/dnsmasq.conf
cat >> /etc/storage/dnsmasq/dnsmasq.conf << EOF
no-resolv
server=127.0.0.1#65353
EOF
fi
;;
gfw)
if [ $(nvram get pdnsd_enable) = 0 ]; then
dnsstr="$(nvram get tunnel_forward)"
dnsserver=$(echo "$dnsstr" | awk -F '#' '{print $1}')
#dnsport=$(echo "$dnsstr" | awk -F '#' '{print $2}')
ipset add gfwlist $dnsserver 2>/dev/null
logger -st "SS" "启动dns2tcp:5353端口..."
dns2tcp -L"127.0.0.1#5353" -R"$dnsstr" >/dev/null 2>&1 &
pdnsd_enable_flag=0
logger -st "SS" "开始处理gfwlist..."
fi
;;
oversea)
ipset add gfwlist $dnsserver 2>/dev/null
mkdir -p /etc/storage/dnsmasq.oversea
sed -i '/dnsmasq-ss/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/dnsmasq.oversea/d' /etc/storage/dnsmasq/dnsmasq.conf
cat >>/etc/storage/dnsmasq/dnsmasq.conf <<EOF
conf-dir=/etc/storage/dnsmasq.oversea
EOF
;;
*)
ipset -N ss_spec_wan_ac hash:net 2>/dev/null
ipset add ss_spec_wan_ac $dnsserver 2>/dev/null
;;
esac
/sbin/restart_dhcpd
}

start_AD() {
mkdir -p /tmp/dnsmasq.dom
curl -k -s -o /tmp/adnew.conf --connect-timeout 10 --retry 3 $(nvram get ss_adblock_url)
if [ ! -f "/tmp/adnew.conf" ]; then
logger -t "SS" "AD文件下载失败,可能是地址失效或者网络异常!"
else
logger -t "SS" "AD文件下载成功"
if [ -f "/tmp/adnew.conf" ]; then
check = `grep -wq "address=" /tmp/adnew.conf`
if [ ! -n "$check" ] ; then
cp /tmp/adnew.conf /tmp/dnsmasq.dom/ad.conf
else
cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/dnsmasq.dom/ad.conf
fi
fi
fi
rm -f /tmp/adnew.conf
}


# ================================= 启动 Socks5代理 ===============================
start_local() {
local s5_port=$(nvram get socks5_port)
local local_server=$(nvram get socks5_enable)
[ "$local_server" == "nil" ] && return 1
[ "$local_server" == "same" ] && local_server=$GLOBAL_SERVER
local type=$(nvram get s5_type)
local bin=$(find_bin $type)
[ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1
case "$type" in
ss | ssr)
local name="Shadowsocks"
local bin=$(find_bin ss-local)
[ ! -f "$bin" ] && echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:Can't find $bin program, can't start!" >>/tmp/ssrplus.log && return 1
[ "$type" == "ssr" ] && name="ShadowsocksR"
gen_config_file $local_server 3 $s5_port
$bin -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1
echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$name Started!" >>/tmp/ssrplus.log
;;
v2ray)
lua /etc_ro/ss/genv2config.lua $local_server tcp 0 $s5_port >/tmp/v2-ssr-local.json
sed -i 's/\\//g' /tmp/v2-ssr-local.json
$bin -config /tmp/v2-ssr-local.json >/dev/null 2>&1 &
echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$($bin -version | head -1) Started!" >>/tmp/ssrplus.log
;;
trojan)
lua /etc_ro/ss/gentrojanconfig.lua $local_server client $s5_port >/tmp/trojan-ssr-local.json
sed -i 's/\\//g' /tmp/trojan-ssr-local.json
$bin --config /tmp/trojan-ssr-local.json >/dev/null 2>&1 &
echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$($bin --version 2>&1 | head -1) Started!" >>/tmp/ssrplus.log
;;
*)
[ -e /proc/sys/net/ipv6 ] && local listenip='-i ::'
microsocks $listenip -p $s5_port ssr-local >/dev/null 2>&1 &
echo "$(date "+%Y-%m-%d %H:%M:%S") Global_Socks5:$type Started!" >>/tmp/ssrplus.log
;;
esac
local_enable=1
return 0
}

rules() {
[ "$GLOBAL_SERVER" = "nil" ] && return 1
UDP_RELAY_SERVER=$(nvram get udp_relay_server)
if [ "$UDP_RELAY_SERVER" = "same" ]; then
UDP_RELAY_SERVER=$GLOBAL_SERVER
fi
if start_rules; then
return 0
else
return 1
fi
}

start_watchcat() {
if [ $(nvram get ss_watchcat) = 1 ]; then
let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+v2ray_enable+local_enable+pdnsd_enable_flag
if [ $total_count -gt 0 ]; then
#param:server(count) redir_tcp(0:no,1:yes) redir_udp tunnel kcp local gfw
/usr/bin/ssr-monitor $server_count $redir_tcp $redir_udp $tunnel_enable $v2ray_enable $local_enable $pdnsd_enable_flag >/dev/null 2>&1 &
fi
fi
}

auto_update() {
sed -i '/update_chnroute/d' /etc/storage/cron/crontabs/$http_username
sed -i '/update_gfwlist/d' /etc/storage/cron/crontabs/$http_username
sed -i '/ss-watchcat/d' /etc/storage/cron/crontabs/$http_username
if [ $(nvram get ss_update_chnroute) = "1" ]; then
cat >>/etc/storage/cron/crontabs/$http_username <<EOF
0 8 */10 * * /usr/bin/update_chnroute.sh > /dev/null 2>&1
EOF
fi
if [ $(nvram get ss_update_gfwlist) = "1" ]; then
cat >>/etc/storage/cron/crontabs/$http_username <<EOF
0 7 */10 * * /usr/bin/update_gfwlist.sh > /dev/null 2>&1
EOF
fi
}

# ================================= 启动 SS ===============================
ssp_start() {
ss_enable=`nvram get ss_enable`
if rules; then
if start_redir_tcp; then
start_redir_udp
#start_rules
#start_AD
start_dns
fi
fi
start_local
start_watchcat
auto_update
ENABLE_SERVER=$(nvram get global_server)
[ "$ENABLE_SERVER" = "-1" ] && return 1

logger -t "SS" "启动成功。"
logger -t "SS" "内网IP控制为:$lancons"
nvram set check_mode=0
}

# ================================= 关闭SS ===============================

ssp_close() {
rm -rf /tmp/cdn
/usr/bin/ss-rules -f
kill -9 $(ps | grep ssr-switch | grep -v grep | awk '{print $1}') >/dev/null 2>&1
kill -9 $(ps | grep ssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1
kill_process
sed -i '/no-resolv/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/server=127.0.0.1/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/cdn/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/gfwlist/d' /etc/storage/dnsmasq/dnsmasq.conf
sed -i '/dnsmasq.oversea/d' /etc/storage/dnsmasq/dnsmasq.conf
if [ -f "/etc/storage/dnsmasq-ss.d" ]; then
rm -f /etc/storage/dnsmasq-ss.d
fi
clear_iptable
/sbin/restart_dhcpd
}


clear_iptable()
{
s5_port=$(nvram get socks5_port)
iptables -t filter -D INPUT -p tcp --dport $s5_port -j ACCEPT
iptables -t filter -D INPUT -p tcp --dport $s5_port -j ACCEPT
ip6tables -t filter -D INPUT -p tcp --dport $s5_port -j ACCEPT
ip6tables -t filter -D INPUT -p tcp --dport $s5_port -j ACCEPT

}

kill_process() {
v2ray_process=$(pidof v2ray)
if [ -n "$v2ray_process" ]; then
logger -t "SS" "关闭V2Ray进程..."
killall v2ray >/dev/null 2>&1
kill -9 "$v2ray_process" >/dev/null 2>&1
fi
ssredir=$(pidof ss-redir)
if [ -n "$ssredir" ]; then
logger -t "SS" "关闭ss-redir进程..."
killall ss-redir >/dev/null 2>&1
kill -9 "$ssredir" >/dev/null 2>&1
fi

rssredir=$(pidof ssr-redir)
if [ -n "$rssredir" ]; then
logger -t "SS" "关闭ssr-redir进程..."
killall ssr-redir >/dev/null 2>&1
kill -9 "$rssredir" >/dev/null 2>&1
fi

sslocal_process=$(pidof ss-local)
if [ -n "$sslocal_process" ]; then
logger -t "SS" "关闭ss-local进程..."
killall ss-local >/dev/null 2>&1
kill -9 "$sslocal_process" >/dev/null 2>&1
fi

trojandir=$(pidof trojan)
if [ -n "$trojandir" ]; then
logger -t "SS" "关闭trojan进程..."
killall trojan >/dev/null 2>&1
kill -9 "$trojandir" >/dev/null 2>&1
fi

kumasocks_process=$(pidof kumasocks)
if [ -n "$kumasocks_process" ]; then
logger -t "SS" "关闭kumasocks进程..."
killall kumasocks >/dev/null 2>&1
kill -9 "$kumasocks_process" >/dev/null 2>&1
fi

ipt2socks_process=$(pidof ipt2socks)
if [ -n "$ipt2socks_process" ]; then
logger -t "SS" "关闭ipt2socks进程..."
killall ipt2socks >/dev/null 2>&1
kill -9 "$ipt2socks_process" >/dev/null 2>&1
fi

socks5_process=$(pidof srelay)
if [ -n "$socks5_process" ]; then
logger -t "SS" "关闭socks5进程..."
killall srelay >/dev/null 2>&1
kill -9 "$socks5_process" >/dev/null 2>&1
fi

ssrs_process=$(pidof ssr-server)
if [ -n "$ssrs_process" ]; then
logger -t "SS" "关闭ssr-server进程..."
killall ssr-server >/dev/null 2>&1
kill -9 "$ssrs_process" >/dev/null 2>&1
fi

cnd_process=$(pidof chinadns-ng)
if [ -n "$cnd_process" ]; then
logger -t "SS" "关闭chinadns-ng进程..."
killall chinadns-ng >/dev/null 2>&1
kill -9 "$cnd_process" >/dev/null 2>&1
fi

dns2tcp_process=$(pidof dns2tcp)
if [ -n "$dns2tcp_process" ]; then
logger -t "SS" "关闭dns2tcp进程..."
killall dns2tcp >/dev/null 2>&1
kill -9 "$dns2tcp_process" >/dev/null 2>&1
fi

microsocks_process=$(pidof microsocks)
if [ -n "$microsocks_process" ]; then
logger -t "SS" "关闭socks5服务端进程..."
killall microsocks >/dev/null 2>&1
kill -9 "$microsocks_process" >/dev/null 2>&1
fi
}


# ================================= 重启 SS ===============================
ressp() {
BACKUP_SERVER=$(nvram get backup_server)
start_redir $BACKUP_SERVER
start_rules $BACKUP_SERVER
start_dns
start_local
start_watchcat
auto_update
ENABLE_SERVER=$(nvram get global_server)
logger -t "SS" "备用服务器启动成功"
logger -t "SS" "内网IP控制为:$lancons"
}

case $1 in
start)
ssp_start
;;
stop)
killall -q -9 ssr-switch
ssp_close
;;
restart)
ssp_close
ssp_start
;;
reserver)
ssp_close
ressp
;;
*)
echo "check"
#exit 0
;;
esac