diff --git a/mihomo/Makefile b/mihomo/Makefile index 2bbfe8a92..9284ee5cb 100644 --- a/mihomo/Makefile +++ b/mihomo/Makefile @@ -5,9 +5,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/MetaCubeX/mihomo.git -PKG_SOURCE_DATE:=2024-09-28 -PKG_SOURCE_VERSION:=264713571d349d214ec938911de0de033b8673af -PKG_MIRROR_HASH:=1df27333ff05ab29e1e01b1623b6f526de0191c4dc82762fe0ac31b1a4bc52cf +PKG_SOURCE_DATE:=2024-09-29 +PKG_SOURCE_VERSION:=fc9d5cfee944a75b989d17c637a321e73c52093a +PKG_MIRROR_HASH:=47c8d16a3bd5536bc4659c0827e5cf561fc6682cbbd4af0b07f065ee930a38dc PKG_LICENSE:=MIT PKG_MAINTAINER:=Joseph Mory @@ -16,7 +16,7 @@ PKG_BUILD_DEPENDS:=golang/host PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 -PKG_BUILD_VERSION:=alpha-2647135 +PKG_BUILD_VERSION:=alpha-fc9d5cf PKG_BUILD_TIME:=$(shell date -u -Iseconds) GO_PKG:=github.com/metacubex/mihomo @@ -85,6 +85,26 @@ define Package/mihomo/install $(INSTALL_DATA) $(CURDIR)/files/mihomo.upgrade $(1)/lib/upgrade/keep.d/mihomo endef +define Package/mihomo/postinst +#!/bin/sh +uci -q batch <<-EOF > /dev/null + del firewall.mihomo + set firewall.mihomo=include + set firewall.mihomo.type=script + set firewall.mihomo.path=/etc/mihomo/scripts/tun.sh + set firewall.mihomo.fw4_compatible=1 + commit firewall +EOF +endef + +define Package/mihomo/postrm +#!/bin/sh +uci -q batch <<-EOF > /dev/null + del firewall.mihomo + commit firewall +EOF +endef + define Build/Prepare $(Build/Prepare/Default) $(RM) -r $(PKG_BUILD_DIR)/rules/logic_test diff --git a/mihomo/files/mihomo.conf b/mihomo/files/mihomo.conf index 4984ac310..ca8cfcaef 100644 --- a/mihomo/files/mihomo.conf +++ b/mihomo/files/mihomo.conf @@ -30,7 +30,7 @@ config proxy 'proxy' config subscription 'subscription' option 'name' 'default' option 'url' 'http://example.com/default.yaml' - option 'user_agent' 'mihomo' + option 'user_agent' 'clash' config mixin 'mixin' option 'log_level' 'info' diff --git a/mihomo/files/mihomo.init b/mihomo/files/mihomo.init index 26911b108..1639742d7 100644 --- a/mihomo/files/mihomo.init +++ b/mihomo/files/mihomo.init @@ -9,7 +9,7 @@ USE_PROCD=1 start_service() { # clear log - clear_all_log + clear_log # load config config_load mihomo # check if enabled @@ -135,6 +135,8 @@ start_service() { fi log "Use Subscription: $subscription_name" else + log "No profile/subscription selected." + log "Exiting..." return fi # mixin @@ -215,7 +217,7 @@ start_service() { # test profile if [ "$test_profile" == 1 ]; then log "Profile testing..." - if ($PROG -d "$RUN_DIR" -t >> "$RUN_CORE_LOG_PATH" 2>&1); then + if ($PROG -d "$RUN_DIR" -t >> "$CORE_LOG_PATH" 2>&1); then log "Profile test passed!" else log "Profile test failed!" @@ -227,7 +229,7 @@ start_service() { log "Start Core" procd_open_instance mihomo - procd_set_param command /bin/sh -c "$PROG -d $RUN_DIR >> $RUN_CORE_LOG_PATH 2>&1" + procd_set_param command /bin/sh -c "$PROG -d $RUN_DIR >> $CORE_LOG_PATH 2>&1" procd_set_param file "$RUN_PROFILE_PATH" if [ "$fast_reload" == 1 ]; then procd_set_param reload_signal HUP @@ -241,7 +243,7 @@ start_service() { procd_add_jail mihomo requirejail procfs procd_add_jail_mount "$PROG" /etc/TZ /etc/localtime /etc/hosts /etc/ssl/certs - procd_add_jail_mount_rw "$RUN_DIR" /dev/net + procd_add_jail_mount_rw "$RUN_DIR" "$LOG_DIR" /dev/net procd_set_param capabilities /etc/capabilities/mihomo.json procd_set_param no_new_privs 1 @@ -249,7 +251,7 @@ start_service() { # transparent proxy if [ "$transparent_proxy" == 1 ]; then log "Transparent Proxy is enabled." - log "Transparent Proxy: Start hijack." + log "Transparent Proxy: Start." # prepare if [ "$tproxy_enable" == 1 ]; then if [ "$ipv4_proxy" == 1 ]; then @@ -417,11 +419,11 @@ cleanup() { # delete hijack nft delete table inet "$FW_TABLE" > /dev/null 2>&1 local handles handle - handles=$(nft --json list table inet fw4 | yq '.nftables[] | select(has("rule")) | .rule | select(.family == "inet" and .table == "fw4" and .chain == "input" and .expr[0].match.right == "tun") | .handle') + handles=$(nft --json list table inet fw4 | yq '.nftables[] | select(has("rule")) | .rule | select(.chain == "input" and .comment == "mihomo") | .handle') for handle in $handles; do nft delete rule inet fw4 input handle "$handle" done - handles=$(nft --json list table inet fw4 | yq '.nftables[] | select(has("rule")) | .rule | select(.family == "inet" and .table == "fw4" and .chain == "forward" and .expr[0].match.right == "tun") | .handle') + handles=$(nft --json list table inet fw4 | yq '.nftables[] | select(has("rule")) | .rule | select(.chain == "forward" and .comment == "mihomo") | .handle') for handle in $handles; do nft delete rule inet fw4 forward handle "$handle" done @@ -431,12 +433,14 @@ cleanup() { } log() { - echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$RUN_APP_LOG_PATH" + echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$APP_LOG_PATH" } -clear_all_log() { - echo -n > "$RUN_APP_LOG_PATH" - echo -n > "$RUN_CORE_LOG_PATH" +clear_log() { + if [ -d "$LOG_DIR" ]; then + rm -rf "$LOG_DIR" + fi + mkdir "$LOG_DIR" } mixin_authentications() { diff --git a/mihomo/files/scripts/constants.sh b/mihomo/files/scripts/constants.sh index adb81ecc4..97d2e1713 100644 --- a/mihomo/files/scripts/constants.sh +++ b/mihomo/files/scripts/constants.sh @@ -12,7 +12,7 @@ TCP_RULE_PREF="1024" UDP_RULE_PREF="1025" TPROXY_ROUTE_TABLE="80" TUN_ROUTE_TABLE="81" -TUN_DEVICE="tun" +TUN_DEVICE="mihomo" # paths PROG="/usr/bin/mihomo" @@ -20,10 +20,11 @@ HOME_DIR="/etc/mihomo" PROFILES_DIR="$HOME_DIR/profiles" MIXIN_FILE_PATH="$HOME_DIR/mixin.yaml" RUN_DIR="$HOME_DIR/run" -RUN_APP_LOG_PATH="$RUN_DIR/app.log" -RUN_CORE_LOG_PATH="$RUN_DIR/core.log" RUN_PROFILE_PATH="$RUN_DIR/config.yaml" RUN_UI_DIR="$RUN_DIR/ui" +LOG_DIR="/var/log/mihomo" +APP_LOG_PATH="$LOG_DIR/app.log" +CORE_LOG_PATH="$LOG_DIR/core.log" # scripts SH_DIR="$HOME_DIR/scripts" diff --git a/mihomo/files/scripts/tun.sh b/mihomo/files/scripts/tun.sh index af63d528a..9e99b03b8 100644 --- a/mihomo/files/scripts/tun.sh +++ b/mihomo/files/scripts/tun.sh @@ -9,9 +9,9 @@ config_get tcp_transparent_proxy_mode "proxy" "tcp_transparent_proxy_mode" config_get udp_transparent_proxy_mode "proxy" "udp_transparent_proxy_mode" if [ "$enabled" == 1 ] && [[ "$tcp_transparent_proxy_mode" == "tun" || "$udp_transparent_proxy_mode" == "tun" ]]; then - nft insert rule inet fw4 input iifname "$TUN_DEVICE" counter accept - nft insert rule inet fw4 forward oifname "$TUN_DEVICE" counter accept - nft insert rule inet fw4 forward iifname "$TUN_DEVICE" counter accept + nft insert rule inet fw4 input iifname "$TUN_DEVICE" counter accept comment "mihomo" + nft insert rule inet fw4 forward oifname "$TUN_DEVICE" counter accept comment "mihomo" + nft insert rule inet fw4 forward iifname "$TUN_DEVICE" counter accept comment "mihomo" fi exit 0 diff --git a/mihomo/files/uci-defaults/init.sh b/mihomo/files/uci-defaults/init.sh index 48b4f9b52..615b5a150 100644 --- a/mihomo/files/uci-defaults/init.sh +++ b/mihomo/files/uci-defaults/init.sh @@ -2,16 +2,6 @@ . "$IPKG_INSTROOT/etc/mihomo/scripts/constants.sh" -# add firewall include for tun -uci -q batch <<-EOF > /dev/null - delete firewall.mihomo - set firewall.mihomo=include - set firewall.mihomo.type=script - set firewall.mihomo.path=$TUN_SH - set firewall.mihomo.fw4_compatible=1 - commit firewall -EOF - # check mihomo.config.init init=$(uci -q get mihomo.config.init); [ -z "$init" ] && return