254 lines
10 KiB
Bash
254 lines
10 KiB
Bash
#!/bin/bash
|
|
. /lib/functions.sh
|
|
|
|
[ -e "/etc/config/ucitrack" ] && {
|
|
uci -q delete ucitrack.@openclash[-1]
|
|
uci -q add ucitrack openclash
|
|
uci -q set ucitrack.@openclash[-1].init=openclash
|
|
uci -q commit ucitrack
|
|
}
|
|
uci -q delete firewall.openclash
|
|
uci -q set firewall.openclash=include
|
|
uci -q set firewall.openclash.type=script
|
|
uci -q set firewall.openclash.path=/var/etc/openclash.include
|
|
[ -n "$(command -v fw4)" ] || uci -q set firewall.openclash.reload=1
|
|
uci -q commit firewall
|
|
|
|
mkdir -p /etc/openclash/config
|
|
mkdir -p /etc/openclash/proxy_provider
|
|
mkdir -p /etc/openclash/backup
|
|
mkdir -p /etc/openclash/core
|
|
mkdir -p /etc/openclash/history
|
|
mkdir -p /usr/share/openclash/backup
|
|
|
|
mkdir -p /lib/upgrade/keep.d
|
|
cat > "/lib/upgrade/keep.d/luci-app-openclash" <<-EOF
|
|
/etc/openclash/
|
|
EOF
|
|
|
|
#Set Chnroute Format
|
|
FW4=$(command -v fw4)
|
|
if [ -n "$FW4" ]; then
|
|
#v4
|
|
if [ -z "$(cat "/etc/openclash/china_ip_route.ipset" |grep "define china_ip_route")" ]; then
|
|
echo "define china_ip_route = {" >/tmp/china_ip_route.list
|
|
awk '!/^$/&&!/^#/{printf(" %s,'" "'\n",$0)}' /etc/openclash/china_ip_route.ipset >>/tmp/china_ip_route.list
|
|
echo "}" >>/tmp/china_ip_route.list
|
|
echo "add set inet fw4 china_ip_route { type ipv4_addr; flags interval; auto-merge; }" >>/tmp/china_ip_route.list
|
|
echo 'add element inet fw4 china_ip_route $china_ip_route' >>/tmp/china_ip_route.list
|
|
fi
|
|
#v6
|
|
if [ -z "$(cat "/etc/openclash/china_ip6_route.ipset" |grep "define china_ip6_route")" ]; then
|
|
echo "define china_ip6_route = {" >/tmp/china_ip6_route.list
|
|
awk '!/^$/&&!/^#/{printf(" %s,'" "'\n",$0)}' /etc/openclash/china_ip6_route.ipset >>/tmp/china_ip6_route.list
|
|
echo "}" >>/tmp/china_ip6_route.list
|
|
echo "add set inet fw4 china_ip6_route { type ipv6_addr; flags interval; auto-merge; }" >>/tmp/china_ip6_route.list
|
|
echo 'add element inet fw4 china_ip6_route $china_ip6_route' >>/tmp/china_ip6_route.list
|
|
fi
|
|
else
|
|
#v4
|
|
if [ -z "$(cat "/etc/openclash/china_ip_route.ipset" |grep "create china_ip_route")" ]; then
|
|
echo "create china_ip_route hash:net family inet hashsize 1024 maxelem 1000000" >/tmp/china_ip_route.list
|
|
awk '!/^$/&&!/^#/{printf("add china_ip_route %s'" "'\n",$0)}' /etc/openclash/china_ip_route.ipset >>/tmp/china_ip_route.list
|
|
fi
|
|
#v6
|
|
if [ -z "$(cat "/etc/openclash/china_ip6_route.ipset" |grep "create china_ip6_route")" ]; then
|
|
echo "create china_ip6_route hash:net family inet6 hashsize 1024 maxelem 1000000" >/tmp/china_ip6_route.list
|
|
awk '!/^$/&&!/^#/{printf("add china_ip6_route %s'" "'\n",$0)}' /etc/openclash/china_ip6_route.ipset >>/tmp/china_ip6_route.list
|
|
fi
|
|
fi
|
|
mv -f /tmp/china_ip_route.list /etc/openclash/china_ip_route.ipset >/dev/null 2>&1
|
|
mv -f /tmp/china_ip6_route.list /etc/openclash/china_ip6_route.ipset >/dev/null 2>&1
|
|
|
|
#Set Dashboard Secret
|
|
if [ -z "$(uci -q get openclash.config.dashboard_password)" ]; then
|
|
uci -q set openclash.config.dashboard_password="$(tr -cd 'a-zA-Z0-9' </dev/urandom 2>/dev/null| head -c8 || date +%N| md5sum |head -c8)"
|
|
fi
|
|
|
|
#Set Authentication
|
|
if [ -z "$(uci -q get openclash.@authentication[0])" ]; then
|
|
uci_name_tmp=$(uci -q add openclash authentication)
|
|
uci_set="uci -q set openclash.$uci_name_tmp."
|
|
${uci_set}enabled="1"
|
|
${uci_set}username="Clash"
|
|
${uci_set}password="$(tr -cd 'a-zA-Z0-9' </dev/urandom 2>/dev/null| head -c8 || date +%N| md5sum |head -c8)"
|
|
fi
|
|
|
|
#Set Core Model
|
|
source "/etc/openwrt_release"
|
|
case "${DISTRIB_ARCH}" in
|
|
aarch64_*)
|
|
CORE_ARCH="linux-arm64"
|
|
;;
|
|
arm_*_neon-vfp*)
|
|
CORE_ARCH="linux-armv7"
|
|
;;
|
|
arm_*_neon|arm_*_vfp*)
|
|
CORE_ARCH="linux-armv6"
|
|
;;
|
|
arm*)
|
|
CORE_ARCH="linux-armv5"
|
|
;;
|
|
i386_*)
|
|
CORE_ARCH="linux-386"
|
|
;;
|
|
mips64_*)
|
|
CORE_ARCH="linux-mips64"
|
|
;;
|
|
mips_*)
|
|
CORE_ARCH="linux-mips-softfloat"
|
|
;;
|
|
mipsel_*)
|
|
CORE_ARCH="linux-mipsle-softfloat"
|
|
;;
|
|
x86_64)
|
|
CORE_ARCH="linux-amd64"
|
|
;;
|
|
*)
|
|
CORE_ARCH="0"
|
|
;;
|
|
esac
|
|
uci -q set openclash.config.core_version="${CORE_ARCH}"
|
|
|
|
#Backup Resolvfile
|
|
if [ -n "$(uci -q get dhcp.@dnsmasq[0].resolvfile)" ]; then
|
|
uci -q set openclash.config.default_resolvfile=$(uci -q get dhcp.@dnsmasq[0].resolvfile)
|
|
fi
|
|
|
|
uci -q commit openclash
|
|
|
|
#Backup
|
|
cp -f "/etc/config/openclash" "/usr/share/openclash/backup/openclash" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_rules.list" "/usr/share/openclash/backup/openclash_custom_rules.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_rules_2.list" "/usr/share/openclash/backup/openclash_custom_rules_2.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_hosts.list" "/usr/share/openclash/backup/openclash_custom_hosts.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_fake_filter.list" "/usr/share/openclash/backup/openclash_custom_fake_filter.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_domain_dns.list" "/usr/share/openclash/backup/openclash_custom_domain_dns.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_domain_dns_policy.list" "/usr/share/openclash/backup/openclash_custom_domain_dns_policy.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_fallback_filter.yaml" "/usr/share/openclash/backup/openclash_custom_fallback_filter.yaml" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_sniffer.yaml" "/usr/share/openclash/backup/openclash_custom_sniffer.yaml" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_localnetwork_ipv4.list" "/usr/share/openclash/backup/openclash_custom_localnetwork_ipv4.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_localnetwork_ipv6.list" "/usr/share/openclash/backup/openclash_custom_localnetwork_ipv6.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_chnroute_pass.list" "/usr/share/openclash/backup/openclash_custom_chnroute_pass.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_chnroute6_pass.list" "/usr/share/openclash/backup/openclash_custom_chnroute6_pass.list" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_firewall_rules.sh" "/usr/share/openclash/backup/openclash_custom_firewall_rules.sh" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_overwrite.sh" "/usr/share/openclash/backup/openclash_custom_overwrite.sh" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/custom/openclash_custom_overwrite.sh" "/usr/share/openclash/backup/openclash_custom_overwrite.sh" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/china_ip_route.ipset" "/usr/share/openclash/backup/china_ip_route.ipset" >/dev/null 2>&1
|
|
cp -f "/etc/openclash/china_ip6_route.ipset" "/usr/share/openclash/backup/china_ip6_route.ipset" >/dev/null 2>&1
|
|
|
|
#Restore
|
|
if [ -f "/tmp/openclash.bak" ]; then
|
|
#delete old geosite database first
|
|
if [ "/etc/openclash/GeoSite.dat" -nt "/tmp/openclash/GeoSite.dat" ]; then
|
|
rm -rf "/tmp/openclash/GeoSite.dat" >/dev/null 2>&1
|
|
fi
|
|
#delete error china_ip_route first
|
|
if [ -n "$FW4" ]; then
|
|
if [ -z "$(cat "/tmp/openclash/china_ip_route.ipset" |grep "define china_ip_route")" ]; then
|
|
rm -f "/tmp/openclash/china_ip_route.ipset" >/dev/null 2>&1
|
|
rm -f "/tmp/openclash/china_ip6_route.ipset" >/dev/null 2>&1
|
|
fi
|
|
else
|
|
if [ -z "$(cat "/tmp/openclash/china_ip_route.ipset" |grep "create china_ip_route")" ]; then
|
|
rm -f "/tmp/openclash/china_ip_route.ipset" >/dev/null 2>&1
|
|
rm -f "/tmp/openclash/china_ip6_route.ipset" >/dev/null 2>&1
|
|
fi
|
|
fi
|
|
mv -f "/tmp/openclash.bak" "/etc/config/openclash" >/dev/null 2>&1
|
|
cp -rf "/tmp/openclash/." "/etc/openclash/" >/dev/null 2>&1
|
|
if [ -d "/tmp/openclash_dashboard/" ]; then
|
|
rm -rf "/usr/share/openclash/ui/dashboard/" >/dev/null 2>&1
|
|
cp -rf "/tmp/openclash_dashboard/." "/usr/share/openclash/ui/dashboard/" >/dev/null 2>&1
|
|
rm -rf "/tmp/openclash_dashboard/" >/dev/null 2>&1
|
|
fi
|
|
if [ -d "/tmp/openclash_yacd/" ]; then
|
|
rm -rf "/usr/share/openclash/ui/yacd/" >/dev/null 2>&1
|
|
cp -rf "/tmp/openclash_yacd/." "/usr/share/openclash/ui/yacd/" >/dev/null 2>&1
|
|
rm -rf "/tmp/openclash_yacd/" >/dev/null 2>&1
|
|
fi
|
|
rm -rf "/etc/openclash/openclash" >/dev/null 2>&1
|
|
rm -rf "/tmp/openclash" >/dev/null 2>&1
|
|
rm -rf "/tmp/openclash.bak" >/dev/null 2>&1
|
|
#old version files
|
|
rm -rf "/etc/openclash/fake_filter.list" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/openclash_servers_fake_filter.conf" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/core/clash" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/core/clash_tun" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/accelerated-domains.china.conf" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/custom/openclash_force_sniffing_domain.yaml" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/custom/openclash_sniffing_ports_filter.yaml" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/custom/openclash_sniffing_port_filter.yaml" >/dev/null 2>&1
|
|
rm -rf "/etc/openclash/custom/openclash_sniffing_domain_filter.yaml" >/dev/null 2>&1
|
|
fi
|
|
|
|
uci -q set openclash.config.enable=0
|
|
uci -q commit openclash
|
|
|
|
if [ -f "/usr/lib/lua/luci/model/network.lua" ]; then
|
|
sed -i '/OpenClash Append/,/OpenClash Append End/d' "/usr/lib/lua/luci/model/network.lua" >/dev/null 2>&1
|
|
cat >> "/usr/lib/lua/luci/model/network.lua" << EOF
|
|
-------------- OpenClash Append --------------
|
|
|
|
function get_all_wan_networks(self)
|
|
local k, v
|
|
local wan_nets = { }
|
|
local route_statuses = self:get_all_status_by_route("0.0.0.0", 0)
|
|
|
|
for k, v in pairs(route_statuses) do
|
|
wan_nets[#wan_nets+1] = network(k, v.proto)
|
|
end
|
|
|
|
return wan_nets
|
|
end
|
|
|
|
function get_all_wan6_networks(self)
|
|
local k, v
|
|
local wan6_nets = { }
|
|
local route_statuses = self:get_all_status_by_route("::", 0)
|
|
|
|
for k, v in pairs(route_statuses) do
|
|
wan6_nets[#wan6_nets+1] = network(k, v.proto)
|
|
end
|
|
|
|
return wan6_nets
|
|
end
|
|
|
|
function get_all_status_by_route(self, addr, mask)
|
|
local route_statuses = { }
|
|
local _, object
|
|
for _, object in ipairs(utl.ubus()) do
|
|
local net = object:match("^network%.interface%.(.+)")
|
|
if net then
|
|
local s = utl.ubus(object, "status", {})
|
|
if s and s.route then
|
|
local rt
|
|
for _, rt in ipairs(s.route) do
|
|
if not rt.table and rt.target == addr and rt.mask == mask then
|
|
route_statuses[net] = s
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
return route_statuses
|
|
end
|
|
|
|
-------------- OpenClash Append End --------------
|
|
EOF
|
|
fi
|
|
|
|
#set uhttpd && HTTP_MAX_CONTENT for large file edit
|
|
uci -q set uhttpd.main.max_requests=50
|
|
uci -q set uhttpd.main.max_connections=100
|
|
uci -q set uhttpd.main.script_timeout=3600
|
|
uci -q commit uhttpd
|
|
sed -i '/.*kB maximum content size*/c\HTTP_MAX_CONTENT = 1024*10240 -- 100 kB maximum content size' /usr/lib/lua/luci/http.lua >/dev/null 2>&1
|
|
sed -i '/.*kB maximum content size*/c\export let HTTP_MAX_CONTENT = 1024*10240; // 100 kB maximum content size' /usr/share/ucode/luci/http.uc >/dev/null 2>&1
|
|
|
|
/etc/init.d/uhttpd restart >/dev/null 2>&1
|
|
|
|
rm -f /tmp/luci-indexcache* >/dev/null 2>&1
|
|
exit 0
|