Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit b024322

Browse files
twnessstwnesss
committedJul 22, 2024·
Improved scripts box
1 parent 7394018 commit b024322

File tree

2 files changed

+30
-24
lines changed

2 files changed

+30
-24
lines changed
 

‎box/scripts/box.iptables

+6-5
Original file line numberDiff line numberDiff line change
@@ -9,12 +9,13 @@ pref="100"
99
# disable / enable quic using iptables rules
1010
quic="enable"
1111
tun_forward="enabled"
12+
fake_ip_range=""
1213

1314
iptables_version=$(iptables --version | busybox awk '/^iptables/ {print $2}')
1415
required_version="v1.6.1"
1516
if [ "$(printf '%s\n' "$required_version" "$iptables_version" | sort -V | head -n1)" = "$required_version" ]; then
16-
IPV="iptables -w 100"
17-
IP6V="ip6tables -w 100"
17+
IPV="iptables -w 32"
18+
IP6V="ip6tables -w 32"
1819
else
1920
IPV="iptables"
2021
IP6V="ip6tables"
@@ -25,7 +26,7 @@ case "${bin_name}" in
2526
"clash")
2627
clash_mode=$(busybox awk '!/^ *#/ && /mode: / { print $2;found=1; exit } END{ if(!found) print "rules" }' "${clash_config}" 2>/dev/null)
2728
clash_enhanced_mode=$(busybox awk '!/^ *#/ && /enhanced-mode: / { print $2;found=1; exit } END{ if(!found) print "fake-ip" }' "${clash_config}" 2>/dev/null)
28-
fake_ip_range=$(busybox awk '!/^ *#/ && /fake-ip-range:/ { print $2; found=1; exit } END { if (!found) print "198.18.0.1/16" }' "${clash_config}" 2>/dev/null)
29+
[ ${clash_enhanced_mode} != "fake-ip" ] && fake_ip_range=$(busybox awk '!/^ *#/ && /fake-ip-range:/ { print $2; found=1; exit } END { if (!found) print "198.18.0.1/16" }' "${clash_config}" 2>/dev/null)
2930
clash_dns_port=$(busybox awk '!/^ *#/ && /listen:/ { split($0, arr, ":"); print arr[3]; found=1; exit } END{ if(!found) print "1053" }' "${clash_config}" 2>/dev/null)
3031
if [[ "${network_mode}" == @(mixed|tun) ]]; then
3132
tun_device=$(busybox awk '!/^ *#/ && /device: / { print $2;found=1; exit } END{ if(!found) print "utun" }' "${clash_config}" 2>/dev/null)
@@ -43,8 +44,8 @@ case "${bin_name}" in
4344
;;
4445
"xray" | "v2fly" | "hysteria" )
4546
if [[ "${network_mode}" != "tproxy" ]]; then
46-
log Error "$bin_name does not support network_mode: $network_mode"
47-
exit 1
47+
log Warning "$bin_name does not support network_mode: $network_mode, return to TProxy"
48+
sed -i 's/\(network_mode=\)\"[^\"]*\"/\1"tproxy"/g' ${settings}
4849
fi
4950
;;
5051
*)

‎box/scripts/box.service

+24-19
Original file line numberDiff line numberDiff line change
@@ -215,12 +215,12 @@ prepare_singbox() {
215215
fi
216216

217217
# add exclude_package/include_package for tun
218-
# "${yq}" '(.inbounds[] | select(.type == "tun") | .include_package) = []' -i --output-format=json "${sing_config}"
219-
# "${yq}" '(.inbounds[] | select(.type == "tun") | .exclude_package) = []' -i --output-format=json "${sing_config}"
220-
# [ ${proxy_mode} = "blacklist" ] && local mode="exclude" || mode="include"
221-
# for package in "${packages_list[@]}"; do
222-
# "${yq}" eval '(.inbounds[] | select(.type == "tun") | .'${mode}'_package) += ["'${package}'"]' -i --output-format=json "${sing_config}"
223-
# done
218+
"${yq}" '(.inbounds[] | select(.type == "tun") | .include_package) = []' -i --output-format=json "${sing_config}"
219+
"${yq}" '(.inbounds[] | select(.type == "tun") | .exclude_package) = []' -i --output-format=json "${sing_config}"
220+
[ ${proxy_mode} = "blacklist" ] && local mode="exclude" || mode="include"
221+
for package in "${packages_list[@]}"; do
222+
"${yq}" eval '(.inbounds[] | select(.type == "tun") | .'${mode}'_package) += ["'${package}'"]' -i --output-format=json "${sing_config}"
223+
done
224224

225225
# Add "redirect" configuration based on network_mode
226226
if [[ "${network_mode}" == @(mixed|enhance|redirect) ]]; then
@@ -296,12 +296,13 @@ prepare_clash() {
296296
' enable: true' \
297297
' mtu: 9000' \
298298
' device: utun' \
299-
' stack: system # mixed / gvisor / system / lwip' \
299+
' stack: mixed # system / gvisor / system / lwip' \
300300
' dns-hijack:' \
301301
' - any:53' \
302302
' - tcp://any:53' \
303303
' auto-route: true' \
304-
' strict-route: false' \
304+
' strict-route: true' \
305+
' auto-redirect: true' \
305306
' auto-detect-interface: true' \
306307
' include-android-user: [0, 10]' \
307308
' exclude-package: []' \
@@ -312,17 +313,19 @@ prepare_clash() {
312313
fi
313314

314315
# add exclude-package/include-package for tun
315-
# package=$(IFS=","; echo "${packages_list[*]}" | tr ' ' ',')
316-
# list_package="${package:-\"\"}"
317-
# if [ "${proxy_mode}" = "whitelist" ]; then
318-
# mode="include-package"
319-
# elif [ "${proxy_mode}" = "blacklist" ]; then
320-
# mode="exclude-package"
321-
# fi
322-
# sed -i "s/exclude-package:.*/exclude-package: []/g" "${clash_config}"
323-
# sed -i "s/include-package:.*/include-package: []/g" "${clash_config}"
324-
# sed -i "s/${mode}:.*/${mode}: [\"${list_package//,/\",\"}\"]/g" "${clash_config}"
325-
316+
package=$(IFS=","; echo "${packages_list[*]}" | tr ' ' ',')
317+
list_package="${package:-}"
318+
if [ "${proxy_mode}" = "whitelist" ]; then
319+
mode="include-package"
320+
elif [ "${proxy_mode}" = "blacklist" ]; then
321+
mode="exclude-package"
322+
fi
323+
sed -i "s/exclude-package:.*/exclude-package: []/g" "${clash_config}"
324+
sed -i "s/include-package:.*/include-package: []/g" "${clash_config}"
325+
# Add packages to the configuration if list_package is not empty
326+
if [ -n "${list_package}" ]; then
327+
sed -i "s/${mode}:.*/${mode}: [\"${list_package//,/\",\"}\"]/g" "${clash_config}"
328+
fi
326329
sed -i "/tun:/ {n;s/enable: false/enable: true/}" "${clash_config}"
327330
else
328331
sed -i "/tun:/ {n;s/enable: true/enable: false/}" "${clash_config}"
@@ -403,6 +406,7 @@ box_run_bin() {
403406

404407
# sync port
405408
# sed -i "s/port = [0-9]*\.[0-9]*/port = ${tproxy_port}.0/" ${box_dir}/$bin_name/config.toml
409+
${box_dir}/bin/yq '(.inbounds[] | select(.protocol == "dokodemo-door") | .port) = '"${tproxy_port}" -i --output-format=json "${box_dir}/${bin_name}/config.json"
406410

407411
# check configuration file
408412
if ! [ -f "${box_dir}/${bin_name}/config.toml" ] && ! [ -f "${box_dir}/${bin_name}/config.json" ]; then
@@ -435,6 +439,7 @@ box_run_bin() {
435439

436440
# sync port
437441
# sed -i "s/port = [0-9]*\.[0-9]*/port = ${tproxy_port}.0/" ${box_dir}/$bin_name/config.toml
442+
${box_dir}/bin/yq '(.inbounds[] | select(.protocol == "dokodemo-door") | .port) = '"${tproxy_port}" -i --output-format=json "${box_dir}/${bin_name}/config.json"
438443

439444
# check configuration file
440445
if ! [ -f "${box_dir}/${bin_name}/config.toml" ] && ! [ -f "${box_dir}/${bin_name}/config.json" ]; then

0 commit comments

Comments
 (0)
Please sign in to comment.