From 17793d424f0b716d7e37957dbbcc6a012eecbeb9 Mon Sep 17 00:00:00 2001 From: kenzok8 Date: Sun, 29 Dec 2024 10:52:13 +0800 Subject: [PATCH] update 2024-12-29 10:52:13 --- luci-app-amlogic/Makefile | 2 +- luci-app-amlogic/root/etc/config/amlogic | 4 +- luci-app-mihomo/Makefile | 2 +- .../resources/view/mihomo/mixin.js | 3 + luci-app-mihomo/po/templates/mihomo.pot | 118 ++--- luci-app-mihomo/po/zh_Hans/mihomo.po | 118 ++--- luci-theme-argon/Makefile | 2 + mihomo/Makefile | 10 +- mihomo/files/mihomo.conf | 1 + mihomo/files/mihomo.init | 454 ++++++++++-------- mihomo/files/nftables/hijack.nft | 8 +- mihomo/files/scripts/firewall_include.sh | 7 +- mihomo/files/scripts/include.sh | 33 +- mihomo/files/uci-defaults/migrate.sh | 3 + 14 files changed, 426 insertions(+), 339 deletions(-) diff --git a/luci-app-amlogic/Makefile b/luci-app-amlogic/Makefile index 56ccc495c..0901462aa 100644 --- a/luci-app-amlogic/Makefile +++ b/luci-app-amlogic/Makefile @@ -16,7 +16,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-amlogic -PKG_VERSION:=3.1.247 +PKG_VERSION:=3.1.248 PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0 License diff --git a/luci-app-amlogic/root/etc/config/amlogic b/luci-app-amlogic/root/etc/config/amlogic index 640876e4a..1e2895f33 100644 --- a/luci-app-amlogic/root/etc/config/amlogic +++ b/luci-app-amlogic/root/etc/config/amlogic @@ -1,10 +1,10 @@ config amlogic 'config' option enable '1' - option amlogic_firmware_repo 'https://github.com/breakings/OpenWrt' + option amlogic_firmware_repo 'https://github.com/breakingbadboy/OpenWrt' option amlogic_firmware_tag 'ARMv8' option amlogic_firmware_suffix '.img.gz' - option amlogic_kernel_path 'https://github.com/breakings/OpenWrt' + option amlogic_kernel_path 'https://github.com/breakingbadboy/OpenWrt' option amlogic_kernel_branch '' option amlogic_firmware_config '1' option amlogic_write_bootloader '0' diff --git a/luci-app-mihomo/Makefile b/luci-app-mihomo/Makefile index f4a93255d..5ca55ee0d 100644 --- a/luci-app-mihomo/Makefile +++ b/luci-app-mihomo/Makefile @@ -1,6 +1,6 @@ include $(TOPDIR)/rules.mk -PKG_VERSION:=1.14.0 +PKG_VERSION:=1.15.0 LUCI_TITLE:=LuCI Support for mihomo LUCI_DEPENDS:=+luci-base +mihomo diff --git a/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js b/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js index 660a59009..0947605b9 100644 --- a/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js +++ b/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js @@ -128,6 +128,9 @@ return view.extend({ s.tab('tun', _('TUN Config')); + o = s.taboption('tun', form.Value, 'tun_device', '*' + ' ' + _('Device')); + o.rmempty = false; + o = s.taboption('tun', form.ListValue, 'tun_stack', '*' + ' ' + _('Stack')); o.value('system', 'System'); o.value('gvisor', 'gVisor'); diff --git a/luci-app-mihomo/po/templates/mihomo.pot b/luci-app-mihomo/po/templates/mihomo.pot index a48c21beb..f3549adf6 100644 --- a/luci-app-mihomo/po/templates/mihomo.pot +++ b/luci-app-mihomo/po/templates/mihomo.pot @@ -26,7 +26,7 @@ msgstr "" msgid "Allow Lan" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:181 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:184 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:65 msgid "Allow Mode" msgstr "" @@ -36,7 +36,7 @@ msgstr "" msgid "App Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:38 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:26 msgid "App Log" msgstr "" @@ -48,7 +48,7 @@ msgstr "" msgid "Auto" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:180 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:183 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:66 msgid "Block Mode" msgstr "" @@ -77,8 +77,8 @@ msgstr "" msgid "Choose Profile" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:42 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:75 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:30 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:63 msgid "Clear Log" msgstr "" @@ -91,7 +91,7 @@ msgstr "" msgid "Core Environment Variable Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:71 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:59 msgid "Core Log" msgstr "" @@ -107,15 +107,15 @@ msgstr "" msgid "Cron Expression" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:152 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:155 msgid "DNS Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:158 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:161 msgid "DNS Mode" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:154 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:157 msgid "DNS Port" msgstr "" @@ -127,6 +127,10 @@ msgstr "" msgid "Destination UDP Port to Proxy" msgstr "" +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:131 +msgid "Device" +msgstr "" + #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:40 msgid "Direct Mode" msgstr "" @@ -151,11 +155,11 @@ msgstr "" msgid "Disable Safe Path Check" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:192 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:195 msgid "DoH Prefer HTTP/3" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:218 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:221 msgid "Domain Name" msgstr "" @@ -163,19 +167,19 @@ msgstr "" msgid "Edit Authentications" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:174 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:177 msgid "Edit Fake-IP Filters" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:207 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:210 msgid "Edit Hosts" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:249 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:252 msgid "Edit Nameserver Policies" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:226 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:229 msgid "Edit Nameservers" msgstr "" @@ -192,15 +196,15 @@ msgstr "" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:23 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:44 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:119 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:215 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:234 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:257 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:298 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:218 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:237 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:260 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:301 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:31 msgid "Enable" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:149 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:152 msgid "Endpoint Independent NAT" msgstr "" @@ -212,15 +216,15 @@ msgstr "" msgid "External Control Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:184 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:187 msgid "Fake-IP Cache" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:178 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:181 msgid "Fake-IP Filter Mode" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:163 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:166 msgid "Fake-IP Range" msgstr "" @@ -245,11 +249,11 @@ msgstr "" msgid "File:" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:140 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:143 msgid "GSO" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:143 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:146 msgid "GSO Max Size" msgstr "" @@ -257,39 +261,39 @@ msgstr "" msgid "General Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:271 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:274 msgid "GeoData Loader" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:267 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:270 msgid "GeoIP Format" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:284 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:287 msgid "GeoIP(ASN) Url" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:281 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:284 msgid "GeoIP(DAT) Url" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:278 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:281 msgid "GeoIP(MMDB) Url" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:275 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:278 msgid "GeoSite Url" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:287 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:290 msgid "GeoX Auto Update" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:265 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:268 msgid "GeoX Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:290 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:293 msgid "GeoX Update Interval" msgstr "" @@ -309,7 +313,7 @@ msgstr "" msgid "How To Use" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:221 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:224 msgid "IP" msgstr "" @@ -322,7 +326,7 @@ msgid "IPv4 Proxy" msgstr "" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:50 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:195 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:198 msgid "IPv6" msgstr "" @@ -350,7 +354,7 @@ msgstr "" msgid "Local" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:36 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:24 #: applications/luci-app-mihomo/root/usr/share/luci/menu.d/luci-app-mihomo.json:53 msgid "Log" msgstr "" @@ -359,7 +363,7 @@ msgstr "" msgid "Log Level" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:136 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:139 msgid "MTU" msgstr "" @@ -367,11 +371,11 @@ msgstr "" msgid "Match Process" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:260 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:263 msgid "Matcher" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:273 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:276 msgid "Memory Conservative Loader" msgstr "" @@ -389,7 +393,7 @@ msgstr "" msgid "Mixin Config" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:296 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:299 msgid "Mixin File Content" msgstr "" @@ -402,13 +406,12 @@ msgstr "" msgid "Mode" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:244 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:263 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:247 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:266 msgid "Nameserver" msgstr "" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/app.js:15 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:15 msgid "Not Running" msgstr "" @@ -424,19 +427,19 @@ msgstr "" msgid "Overwrite Authentication" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:169 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:172 msgid "Overwrite Fake-IP Filter" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:204 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:207 msgid "Overwrite Hosts" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:223 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:226 msgid "Overwrite Nameserver" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:246 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:249 msgid "Overwrite Nameserver Policy" msgstr "" @@ -444,7 +447,7 @@ msgstr "" msgid "Password" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:298 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:301 msgid "Please go to the editor tab to edit the file for mixin" msgstr "" @@ -482,7 +485,7 @@ msgstr "" msgid "Remote" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:189 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:192 msgid "Respect Rules" msgstr "" @@ -499,7 +502,6 @@ msgid "Rule Mode" msgstr "" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/app.js:15 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:15 msgid "Running" msgstr "" @@ -515,8 +517,8 @@ msgstr "" msgid "Scheduled Restart" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:65 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:98 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:53 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:86 msgid "Scroll To Bottom" msgstr "" @@ -525,11 +527,11 @@ msgstr "" msgid "Service is not running." msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:131 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:134 msgid "Stack" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:272 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:275 msgid "Standard Loader" msgstr "" @@ -604,7 +606,7 @@ msgstr "" msgid "Transparent Proxy with Mihomo on OpenWrt." msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:237 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:240 msgid "Type" msgstr "" @@ -641,11 +643,11 @@ msgstr "" msgid "Upload Profile" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:201 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:204 msgid "Use Hosts" msgstr "" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:198 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:201 msgid "Use System Hosts" msgstr "" diff --git a/luci-app-mihomo/po/zh_Hans/mihomo.po b/luci-app-mihomo/po/zh_Hans/mihomo.po index be5cadcc8..9dba7f64e 100644 --- a/luci-app-mihomo/po/zh_Hans/mihomo.po +++ b/luci-app-mihomo/po/zh_Hans/mihomo.po @@ -33,7 +33,7 @@ msgstr "全部端口" msgid "Allow Lan" msgstr "允许局域网访问" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:181 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:184 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:65 msgid "Allow Mode" msgstr "白名单模式" @@ -43,7 +43,7 @@ msgstr "白名单模式" msgid "App Config" msgstr "插件配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:38 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:26 msgid "App Log" msgstr "插件日志" @@ -55,7 +55,7 @@ msgstr "插件版本" msgid "Auto" msgstr "自动" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:180 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:183 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:66 msgid "Block Mode" msgstr "黑名单模式" @@ -84,8 +84,8 @@ msgstr "选择文件" msgid "Choose Profile" msgstr "选择配置文件" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:42 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:75 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:30 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:63 msgid "Clear Log" msgstr "清空日志" @@ -98,7 +98,7 @@ msgstr "常用端口" msgid "Core Environment Variable Config" msgstr "核心环境变量配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:71 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:59 msgid "Core Log" msgstr "核心日志" @@ -114,15 +114,15 @@ msgstr "核心版本" msgid "Cron Expression" msgstr "Cron 表达式" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:152 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:155 msgid "DNS Config" msgstr "DNS 配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:158 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:161 msgid "DNS Mode" msgstr "DNS 模式" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:154 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:157 msgid "DNS Port" msgstr "DNS 端口" @@ -134,6 +134,10 @@ msgstr "要代理的 TCP 目标端口" msgid "Destination UDP Port to Proxy" msgstr "要代理的 UDP 目标端口" +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:131 +msgid "Device" +msgstr "设备名称" + #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:40 msgid "Direct Mode" msgstr "直连模式" @@ -158,11 +162,11 @@ msgstr "禁用回环检测" msgid "Disable Safe Path Check" msgstr "禁用安全路径检查" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:192 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:195 msgid "DoH Prefer HTTP/3" msgstr "DoH 优先 HTTP/3" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:218 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:221 msgid "Domain Name" msgstr "域名" @@ -170,19 +174,19 @@ msgstr "域名" msgid "Edit Authentications" msgstr "编辑身份验证" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:174 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:177 msgid "Edit Fake-IP Filters" msgstr "编辑 Fake-IP 过滤列表" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:207 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:210 msgid "Edit Hosts" msgstr "编辑 Hosts" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:249 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:252 msgid "Edit Nameserver Policies" msgstr "编辑 DNS 服务器查询策略" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:226 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:229 msgid "Edit Nameservers" msgstr "编辑 DNS 服务器" @@ -199,15 +203,15 @@ msgstr "编辑器" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:23 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:44 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:119 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:215 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:234 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:257 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:298 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:218 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:237 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:260 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:301 #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:31 msgid "Enable" msgstr "启用" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:149 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:152 msgid "Endpoint Independent NAT" msgstr "独立于端点的 NAT" @@ -219,15 +223,15 @@ msgstr "到期时间" msgid "External Control Config" msgstr "外部控制配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:184 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:187 msgid "Fake-IP Cache" msgstr "Fake-IP 缓存" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:178 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:181 msgid "Fake-IP Filter Mode" msgstr "Fake-IP 过滤模式" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:163 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:166 msgid "Fake-IP Range" msgstr "Fake-IP 范围" @@ -252,11 +256,11 @@ msgstr "IPv6 保留地址" msgid "File:" msgstr "文件:" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:140 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:143 msgid "GSO" msgstr "通用分段卸载" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:143 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:146 msgid "GSO Max Size" msgstr "分段最大长度" @@ -264,39 +268,39 @@ msgstr "分段最大长度" msgid "General Config" msgstr "全局配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:271 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:274 msgid "GeoData Loader" msgstr "GeoData 加载器" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:267 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:270 msgid "GeoIP Format" msgstr "GeoIP 格式" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:284 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:287 msgid "GeoIP(ASN) Url" msgstr "GeoIP(ASN) 下载地址" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:281 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:284 msgid "GeoIP(DAT) Url" msgstr "GeoIP(DAT) 下载地址" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:278 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:281 msgid "GeoIP(MMDB) Url" msgstr "GeoIP(MMDB) 下载地址" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:275 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:278 msgid "GeoSite Url" msgstr "GeoSite 下载地址" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:287 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:290 msgid "GeoX Auto Update" msgstr "定时更新GeoX文件" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:265 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:268 msgid "GeoX Config" msgstr "GeoX 配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:290 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:293 msgid "GeoX Update Interval" msgstr "GeoX 文件更新间隔" @@ -316,7 +320,7 @@ msgstr "HTTP 端口" msgid "How To Use" msgstr "使用说明" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:221 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:224 msgid "IP" msgstr "" @@ -329,7 +333,7 @@ msgid "IPv4 Proxy" msgstr "IPv4 代理" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:50 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:195 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:198 msgid "IPv6" msgstr "" @@ -357,7 +361,7 @@ msgstr "局域网代理" msgid "Local" msgstr "本地" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:36 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:24 #: applications/luci-app-mihomo/root/usr/share/luci/menu.d/luci-app-mihomo.json:53 msgid "Log" msgstr "日志" @@ -366,7 +370,7 @@ msgstr "日志" msgid "Log Level" msgstr "日志级别" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:136 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:139 msgid "MTU" msgstr "最大传输单元" @@ -374,11 +378,11 @@ msgstr "最大传输单元" msgid "Match Process" msgstr "匹配进程" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:260 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:263 msgid "Matcher" msgstr "匹配" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:273 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:276 msgid "Memory Conservative Loader" msgstr "为内存受限设备优化的加载器" @@ -396,7 +400,7 @@ msgstr "混合端口" msgid "Mixin Config" msgstr "混入配置" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:296 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:299 msgid "Mixin File Content" msgstr "混入文件内容" @@ -409,13 +413,12 @@ msgstr "混入选项" msgid "Mode" msgstr "模式" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:244 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:263 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:247 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:266 msgid "Nameserver" msgstr "DNS 服务器" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/app.js:15 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:15 msgid "Not Running" msgstr "未在运行" @@ -431,19 +434,19 @@ msgstr "出站接口" msgid "Overwrite Authentication" msgstr "覆盖身份验证" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:169 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:172 msgid "Overwrite Fake-IP Filter" msgstr "覆盖 Fake-IP 过滤列表" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:204 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:207 msgid "Overwrite Hosts" msgstr "覆盖 Hosts" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:223 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:226 msgid "Overwrite Nameserver" msgstr "覆盖 DNS 服务器" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:246 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:249 msgid "Overwrite Nameserver Policy" msgstr "覆盖 DNS 服务器查询策略" @@ -451,7 +454,7 @@ msgstr "覆盖 DNS 服务器查询策略" msgid "Password" msgstr "密码" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:298 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:301 msgid "Please go to the editor tab to edit the file for mixin" msgstr "请前往编辑器标签编辑用于混入的文件" @@ -489,7 +492,7 @@ msgstr "重载服务" msgid "Remote" msgstr "远程" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:189 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:192 msgid "Respect Rules" msgstr "遵循分流规则" @@ -506,7 +509,6 @@ msgid "Rule Mode" msgstr "规则模式" #: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/app.js:15 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:15 msgid "Running" msgstr "运行中" @@ -522,8 +524,8 @@ msgstr "保存节点/策略组选择" msgid "Scheduled Restart" msgstr "定时重启" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:65 -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:98 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:53 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/log.js:86 msgid "Scroll To Bottom" msgstr "滚动到底部" @@ -532,11 +534,11 @@ msgstr "滚动到底部" msgid "Service is not running." msgstr "服务未在运行。" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:131 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:134 msgid "Stack" msgstr "栈" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:272 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:275 msgid "Standard Loader" msgstr "标准加载器" @@ -611,7 +613,7 @@ msgstr "透明代理" msgid "Transparent Proxy with Mihomo on OpenWrt." msgstr "在 OpenWrt 上使用 Mihomo 进行透明代理。" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:237 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:240 msgid "Type" msgstr "类型" @@ -648,11 +650,11 @@ msgstr "更新面板" msgid "Upload Profile" msgstr "上传配置文件" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:201 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:204 msgid "Use Hosts" msgstr "使用 Hosts" -#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:198 +#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/mixin.js:201 msgid "Use System Hosts" msgstr "使用系统的 Hosts" diff --git a/luci-theme-argon/Makefile b/luci-theme-argon/Makefile index 8d0409ef9..89b7966ec 100644 --- a/luci-theme-argon/Makefile +++ b/luci-theme-argon/Makefile @@ -8,6 +8,8 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Argon Theme LUCI_DEPENDS:=+curl +jsonfilter +PKG_VERSION:=2.3.1 +PKG_RELEASE:=20230420 CONFIG_LUCI_CSSTIDY:= diff --git a/mihomo/Makefile b/mihomo/Makefile index 61c0ccf30..0764dd6ca 100644 --- a/mihomo/Makefile +++ b/mihomo/Makefile @@ -1,13 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mihomo -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/MetaCubeX/mihomo.git -PKG_SOURCE_DATE:=2024-12-19 -PKG_SOURCE_VERSION:=89dfabe9b36b22df896dcd1ab03c67c667ec20f3 -PKG_MIRROR_HASH:=5d2e9fe03dffa573af6bc300e39e21d95e7cde964f54d531e040e104780abd08 +PKG_SOURCE_DATE:=2024-12-28 +PKG_SOURCE_VERSION:=a9ce5da09d38f6057bd248cd146cbd8c05dc9fd6 +PKG_MIRROR_HASH:=b893642d6bb24d64d6c36c722d44f821340027c5aa0a56e2f62d3c70bf2ea059 PKG_LICENSE:=MIT PKG_MAINTAINER:=Joseph Mory @@ -16,7 +16,7 @@ PKG_BUILD_DEPENDS:=golang/host PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 -PKG_BUILD_VERSION:=alpha-89dfabe +PKG_BUILD_VERSION:=alpha-a9ce5da PKG_BUILD_TIME:=$(shell date -u -Iseconds) GO_PKG:=github.com/metacubex/mihomo diff --git a/mihomo/files/mihomo.conf b/mihomo/files/mihomo.conf index 570955b49..1b6011e8a 100644 --- a/mihomo/files/mihomo.conf +++ b/mihomo/files/mihomo.conf @@ -68,6 +68,7 @@ config mixin 'mixin' option 'redir_port' '7891' option 'tproxy_port' '7892' option 'authentication' '1' + option 'tun_device' 'mihomo' option 'tun_stack' 'system' option 'tun_mtu' '9000' option 'tun_gso' '1' diff --git a/mihomo/files/mihomo.init b/mihomo/files/mihomo.init index ba113d7a0..a088bbd13 100644 --- a/mihomo/files/mihomo.init +++ b/mihomo/files/mihomo.init @@ -10,8 +10,8 @@ USE_PROCD=1 extra_command 'update_subscription' 'Update subscription by section id' boot() { - # prepare log - prepare_log + # prepare files + prepare_files # load config config_load mihomo # start delay @@ -27,8 +27,8 @@ boot() { } start_service() { - # prepare log - prepare_log + # prepare files + prepare_files # load config config_load mihomo # check if enabled @@ -53,22 +53,10 @@ start_service() { config_get_bool fast_reload "config" "fast_reload" 0 ## proxy config ### transparent proxy - local transparent_proxy tcp_transparent_proxy_mode udp_transparent_proxy_mode ipv4_dns_hijack ipv6_dns_hijack ipv4_proxy ipv6_proxy router_proxy lan_proxy + local tcp_transparent_proxy_mode udp_transparent_proxy_mode config_get_bool transparent_proxy "proxy" "transparent_proxy" 0 config_get tcp_transparent_proxy_mode "proxy" "tcp_transparent_proxy_mode" "tproxy" config_get udp_transparent_proxy_mode "proxy" "udp_transparent_proxy_mode" "tproxy" - config_get_bool ipv4_dns_hijack "proxy" "ipv4_dns_hijack" 0 - config_get_bool ipv6_dns_hijack "proxy" "ipv6_dns_hijack" 0 - config_get_bool ipv4_proxy "proxy" "ipv4_proxy" 0 - config_get_bool ipv6_proxy "proxy" "ipv6_proxy" 0 - config_get_bool router_proxy "proxy" "router_proxy" 0 - config_get_bool lan_proxy "proxy" "lan_proxy" 0 - ### access control - local access_control_mode bypass_china_mainland_ip proxy_tcp_dport proxy_udp_dport - config_get access_control_mode "proxy" "access_control_mode" - config_get_bool bypass_china_mainland_ip "proxy" "bypass_china_mainland_ip" 0 - config_get proxy_tcp_dport "proxy" "proxy_tcp_dport" "0-65535" - config_get proxy_udp_dport "proxy" "proxy_udp_dport" "0-65535" ## mixin config ### general local mode match_process outbound_interface ipv6 tcp_keep_alive_idle tcp_keep_alive_interval log_level @@ -96,7 +84,8 @@ start_service() { config_get tproxy_port "mixin" "tproxy_port" "7892" config_get_bool authentication "mixin" "authentication" 0 ### tun - local tun_stack tun_mtu tun_gso tun_gso_max_size tun_endpoint_independent_nat + local tun_device tun_stack tun_mtu tun_gso tun_gso_max_size tun_endpoint_independent_nat + config_get tun_device "mixin" "tun_device" "mihomo" config_get tun_stack "mixin" "tun_stack" "system" config_get tun_mtu "mixin" "tun_mtu" "9000" config_get_bool tun_gso "mixin" "tun_gso" 0 @@ -186,7 +175,7 @@ start_service() { log_level="$log_level" ipv6="$ipv6" \ ui_path="ui" ui_name="$ui_name" ui_url="$ui_url" api_listen="0.0.0.0:$api_port" api_secret="$api_secret" \ allow_lan="$allow_lan" http_port="$http_port" socks_port="$socks_port" mixed_port="$mixed_port" redir_port="$redir_port" tproxy_port="$tproxy_port" \ - tun_enable="$tun_enable" tun_stack="$tun_stack" tun_device="$TUN_DEVICE" tun_mtu="$tun_mtu" tun_gso="$tun_gso" tun_gso_max_size="$tun_gso_max_size" tun_endpoint_independent_nat="$tun_endpoint_independent_nat" \ + tun_enable="$tun_enable" tun_stack="$tun_stack" tun_device="$tun_device" tun_mtu="$tun_mtu" tun_gso="$tun_gso" tun_gso_max_size="$tun_gso_max_size" tun_endpoint_independent_nat="$tun_endpoint_independent_nat" \ dns_enable="true" dns_listen="0.0.0.0:$dns_port" dns_mode="$dns_mode" fake_ip_range="$fake_ip_range" \ yq -M -i ' .log-level = strenv(log_level) | .ipv6 = env(ipv6) == 1 | @@ -202,7 +191,7 @@ start_service() { log_level="$log_level" mode="$mode" match_process="$match_process" tcp_keep_alive_idle="$tcp_keep_alive_idle" tcp_keep_alive_interval="$tcp_keep_alive_interval" ipv6="$ipv6" \ ui_path="ui" ui_name="$ui_name" ui_url="$ui_url" api_listen="0.0.0.0:$api_port" api_secret="$api_secret" selection_cache="$selection_cache" \ allow_lan="$allow_lan" http_port="$http_port" socks_port="$socks_port" mixed_port="$mixed_port" redir_port="$redir_port" tproxy_port="$tproxy_port" \ - tun_enable="$tun_enable" tun_stack="$tun_stack" tun_device="$TUN_DEVICE" tun_mtu="$tun_mtu" tun_gso="$tun_gso" tun_gso_max_size="$tun_gso_max_size" tun_endpoint_independent_nat="$tun_endpoint_independent_nat" \ + tun_enable="$tun_enable" tun_stack="$tun_stack" tun_device="$tun_device" tun_mtu="$tun_mtu" tun_gso="$tun_gso" tun_gso_max_size="$tun_gso_max_size" tun_endpoint_independent_nat="$tun_endpoint_independent_nat" \ dns_enable="true" dns_listen="0.0.0.0:$dns_port" dns_mode="$dns_mode" fake_ip_range="$fake_ip_range" fake_ip_cache="$fake_ip_cache" \ dns_respect_rules="$dns_respect_rules" dns_doh_prefer_http3="$dns_doh_prefer_http3" dns_ipv6="$dns_ipv6" dns_system_hosts="$dns_system_hosts" dns_hosts="$dns_hosts" \ geoip_format="$geoip_format" geodata_loader="$geodata_loader" geosite_url="$geosite_url" geoip_mmdb_url="$geoip_mmdb_url" geoip_dat_url="$geoip_dat_url" geoip_asn_url="$geoip_asn_url" \ @@ -285,164 +274,239 @@ start_service() { procd_set_param limits nofile="1048576 1048576" procd_close_instance - # transparent proxy - if [ "$transparent_proxy" == 1 ]; then - log "Transparent Proxy" "Enabled." - log "Transparent Proxy" "TCP Mode: $tcp_transparent_proxy_mode." - log "Transparent Proxy" "UDP Mode: $udp_transparent_proxy_mode." - # prepare - if [ "$tproxy_enable" == 1 ]; then - if [ "$ipv4_proxy" == 1 ]; then - ip route add local default dev lo table "$TPROXY_ROUTE_TABLE" - fi - if [ "$ipv6_proxy" == 1 ]; then - ip -6 route add local default dev lo table "$TPROXY_ROUTE_TABLE" - fi - fi - if [ "$tun_enable" == 1 ]; then - ip tuntap add dev "$TUN_DEVICE" mode tun vnet_hdr - ip link set "$TUN_DEVICE" up - if [ "$ipv4_proxy" == 1 ]; then - ip route add unicast default dev "$TUN_DEVICE" table "$TUN_ROUTE_TABLE" - fi - if [ "$ipv6_proxy" == 1 ]; then - ip -6 route add unicast default dev "$TUN_DEVICE" table "$TUN_ROUTE_TABLE" - fi - $FIREWALL_INCLUDE_SH - fi - local tcp_route_table - if [ "$tcp_transparent_proxy_mode" == "tproxy" ]; then - tcp_route_table="$TPROXY_ROUTE_TABLE" - elif [ "$tcp_transparent_proxy_mode" == "tun" ]; then - tcp_route_table="$TUN_ROUTE_TABLE" - fi - if [ -n "$tcp_route_table" ]; then - if [ "$ipv4_proxy" == 1 ]; then - ip rule add pref "$TCP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto tcp table "$tcp_route_table" - fi - if [ "$ipv6_proxy" == 1 ]; then - ip -6 rule add pref "$TCP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto tcp table "$tcp_route_table" - fi - fi - local udp_route_table - if [ "$udp_transparent_proxy_mode" == "tproxy" ]; then - udp_route_table="$TPROXY_ROUTE_TABLE" - elif [ "$udp_transparent_proxy_mode" == "tun" ]; then - udp_route_table="$TUN_ROUTE_TABLE" - fi - if [ -n "$udp_route_table" ]; then - if [ "$ipv4_proxy" == 1 ]; then - ip rule add pref "$UDP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto udp table "$udp_route_table" - fi - if [ "$ipv6_proxy" == 1 ]; then - ip -6 rule add pref "$UDP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto udp table "$udp_route_table" - fi - fi - nft -f "$HIJACK_NFT" -D MIHOMO_GROUP="$MIHOMO_GROUP" -D FW_MARK="$FW_MARK" -D FW_MARK_MASK="$FW_MARK_MASK" -D TUN_DEVICE="$TUN_DEVICE" -D FAKE_IP="$fake_ip_range" -D DNS_PORT="$dns_port" -D REDIR_PORT="$redir_port" -D TPROXY_PORT="$tproxy_port" - nft -f "$RESERVED_IP_NFT" - nft -f "$RESERVED_IP6_NFT" - # dns hijack - if [ "$ipv4_dns_hijack" == 1 ]; then - log "Transparent Proxy" "Hijack IPv4 dns request." - nft add element inet "$FW_TABLE" dns_hijack_nfproto \{ ipv4 \} - fi - if [ "$ipv6_dns_hijack" == 1 ]; then - log "Transparent Proxy" "Hijack IPv6 dns request." - nft add element inet "$FW_TABLE" dns_hijack_nfproto \{ ipv6 \} - fi - # proxy - if [ "$ipv4_proxy" == 1 ]; then - log "Transparent Proxy" "Proxy IPv4 traffic." - nft add element inet "$FW_TABLE" proxy_nfproto \{ ipv4 \} - fi - if [ "$ipv6_proxy" == 1 ]; then - log "Transparent Proxy" "Proxy IPv6 traffic." - nft add element inet "$FW_TABLE" proxy_nfproto \{ ipv6 \} - fi - # bypass - config_list_foreach "proxy" "bypass_user" add_bypass_user - config_list_foreach "proxy" "bypass_group" add_bypass_group - if [ "$bypass_china_mainland_ip" == 1 ]; then - log "Transparent Proxy" "Bypass china mainland ip." - if [ "$ipv4_proxy" == 1 ]; then - nft -f "$GEOIP_CN_NFT" - fi - if [ "$ipv6_proxy" == 1 ]; then - nft -f "$GEOIP6_CN_NFT" - fi - fi - log "Transparent Proxy" "Destination TCP Port to Proxy: $proxy_tcp_dport." - log "Transparent Proxy" "Destination UDP Port to Proxy: $proxy_udp_dport." - local proxy_dport - for proxy_dport in $proxy_tcp_dport; do - nft add element inet "$FW_TABLE" proxy_dport \{ "tcp" . "$proxy_dport" \} - done - for proxy_dport in $proxy_udp_dport; do - nft add element inet "$FW_TABLE" proxy_dport \{ "udp" . "$proxy_dport" \} - done - # router proxy - if [ "$router_proxy" == 1 ]; then - log "Transparent Proxy" "Set proxy for router." - if [ "$tcp_transparent_proxy_mode" == "redirect" ]; then - nft insert rule inet "$FW_TABLE" nat_output jump router_dns_hijack - nft add rule inet "$FW_TABLE" nat_output meta l4proto tcp jump router_${tcp_transparent_proxy_mode} - else - nft flush chain inet "$FW_TABLE" nat_output - nft add rule inet "$FW_TABLE" nat_output jump router_dns_hijack - nft add rule inet "$FW_TABLE" mangle_output meta l4proto tcp jump router_reroute - fi - nft add rule inet "$FW_TABLE" mangle_output meta l4proto udp jump router_reroute - fi - # lan proxy - if [ "$lan_proxy" == 1 ]; then - log "Transparent Proxy" "Set proxy for lan." - # access control - if [ "$access_control_mode" == "all" ]; then - log "Transparent Proxy" "Access Control is using all mode, set proxy for all client." - elif [ "$access_control_mode" == "allow" ]; then - log "Transparent Proxy" "Access Control is using allow mode, set proxy for client which is in acl." - elif [ "$access_control_mode" == "block" ]; then - log "Transparent Proxy" "Access Control is using block mode, set proxy for client which is not in acl." - fi - config_list_foreach "proxy" "acl_ip" add_acl_ip - config_list_foreach "proxy" "acl_ip6" add_acl_ip6 - config_list_foreach "proxy" "acl_mac" add_acl_mac - config_list_foreach "proxy" "acl_interface" add_acl_interface - if [ "$tcp_transparent_proxy_mode" == "redirect" ]; then - nft insert rule inet "$FW_TABLE" dstnat jump "${access_control_mode}_dns_hijack" - nft add rule inet "$FW_TABLE" dstnat meta l4proto tcp jump "${access_control_mode}_${tcp_transparent_proxy_mode}" - else - nft flush chain inet "$FW_TABLE" dstnat - nft add rule inet "$FW_TABLE" dstnat jump "${access_control_mode}_dns_hijack" - nft add rule inet "$FW_TABLE" mangle_prerouting meta l4proto tcp jump "${access_control_mode}_${tcp_transparent_proxy_mode}" - fi - nft add rule inet "$FW_TABLE" mangle_prerouting meta l4proto udp jump "${access_control_mode}_${udp_transparent_proxy_mode}" - fi - # fix compatible between tproxy and dockerd (kmod-br-netfilter) - if [ "$tproxy_enable" == 1 ] && (lsmod | grep -q br_netfilter); then - if [ "$ipv4_proxy" == 1 ]; then - local bridge_nf_call_iptables; bridge_nf_call_iptables=$(sysctl -e -n net.bridge.bridge-nf-call-iptables) - if [ "$bridge_nf_call_iptables" == 1 ]; then - touch /tmp/bridge_nf_call_iptables.flag - sysctl -q -w net.bridge.bridge-nf-call-iptables=0 - fi - fi - if [ "$ipv6_proxy" == 1 ]; then - local bridge_nf_call_ip6tables; bridge_nf_call_ip6tables=$(sysctl -e -n net.bridge.bridge-nf-call-ip6tables) - if [ "$bridge_nf_call_ip6tables" == 1 ]; then - touch /tmp/bridge_nf_call_ip6tables.flag - sysctl -q -w net.bridge.bridge-nf-call-ip6tables=0 - fi - fi - fi - fi # cron if [[ "$scheduled_restart" == 1 && -n "$cron_expression" ]]; then log "App" "Set scheduled restart." echo "$cron_expression /etc/init.d/mihomo restart #mihomo" >> "/etc/crontabs/root" /etc/init.d/cron restart fi - log "App" "Start Successful." + # set started flag + touch "$STARTED_FLAG" +} + +service_started() { + # check if started + if [ ! -f "$STARTED_FLAG" ]; then + return + fi + # load config + config_load mihomo + # check if transparent proxy enabled + local transparent_proxy + config_get_bool transparent_proxy "proxy" "transparent_proxy" 0 + if [ "$transparent_proxy" == 0 ]; then + log "Transparent Proxy" "Disabled." + return + fi + # get config + ### inbound + local http_port socks_port mixed_port redir_port tproxy_port + config_get http_port "mixin" "http_port" "8080" + config_get socks_port "mixin" "socks_port" "1080" + config_get mixed_port "mixin" "mixed_port" "7890" + config_get redir_port "mixin" "redir_port" "7891" + config_get tproxy_port "mixin" "tproxy_port" "7892" + ### dns + local dns_port fake_ip_range + config_get dns_port "mixin" "dns_port" "1053" + config_get fake_ip_range "mixin" "fake_ip_range" "198.18.0.1/16" + ### tun + local tun_device + config_get tun_device "mixin" "tun_device" "mihomo" + ## proxy config + ### transparent proxy + local tcp_transparent_proxy_mode udp_transparent_proxy_mode ipv4_dns_hijack ipv6_dns_hijack ipv4_proxy ipv6_proxy router_proxy lan_proxy + config_get tcp_transparent_proxy_mode "proxy" "tcp_transparent_proxy_mode" "redirect" + config_get udp_transparent_proxy_mode "proxy" "udp_transparent_proxy_mode" "tun" + config_get_bool ipv4_dns_hijack "proxy" "ipv4_dns_hijack" 0 + config_get_bool ipv6_dns_hijack "proxy" "ipv6_dns_hijack" 0 + config_get_bool ipv4_proxy "proxy" "ipv4_proxy" 0 + config_get_bool ipv6_proxy "proxy" "ipv6_proxy" 0 + config_get_bool router_proxy "proxy" "router_proxy" 0 + config_get_bool lan_proxy "proxy" "lan_proxy" 0 + ### access control + local access_control_mode bypass_china_mainland_ip proxy_tcp_dport proxy_udp_dport + config_get access_control_mode "proxy" "access_control_mode" + config_get_bool bypass_china_mainland_ip "proxy" "bypass_china_mainland_ip" 0 + config_get proxy_tcp_dport "proxy" "proxy_tcp_dport" "0-65535" + config_get proxy_udp_dport "proxy" "proxy_udp_dport" "0-65535" + # prepare + local tproxy_enable; tproxy_enable=0 + if [[ "$tcp_transparent_proxy_mode" == "tproxy" || "$udp_transparent_proxy_mode" == "tproxy" ]]; then + tproxy_enable=1 + fi + local tun_enable; tun_enable=0 + if [[ "$tcp_transparent_proxy_mode" == "tun" || "$udp_transparent_proxy_mode" == "tun" ]]; then + tun_enable=1 + fi + # transparent proxy + log "Transparent Proxy" "Enabled." + log "Transparent Proxy" "TCP Mode: $tcp_transparent_proxy_mode." + log "Transparent Proxy" "UDP Mode: $udp_transparent_proxy_mode." + # wait for tun device online + if [ "$tun_enable" == 1 ]; then + log "Transparent Proxy" "Waiting for tun device online..." + local tun_timeout; tun_timeout=60 + local tun_interval; tun_interval=1 + while [ "$tun_timeout" -gt 0 ]; do + if (ip link show dev "$tun_device" > /dev/null 2>&1); then + if [ $(ip -json addr show dev mihomo | yq '.[] | select(.ifname = "mihomo") | .addr_info | length') -gt 0 ]; then + log "Transparent Proxy" "Tun device is online." + break + fi + fi + tun_timeout=$((tun_timeout - tun_interval)) + sleep "$tun_interval" + done + if [ "$tun_timeout" -le 0 ]; then + log "Transparent Proxy" "Waiting timeout, tun device is not online." + log "App" "Exit." + return + fi + fi + # prepare + if [ "$tproxy_enable" == 1 ]; then + if [ "$ipv4_proxy" == 1 ]; then + ip -4 route add local default dev lo table "$TPROXY_ROUTE_TABLE" + fi + if [ "$ipv6_proxy" == 1 ]; then + ip -6 route add local default dev lo table "$TPROXY_ROUTE_TABLE" + fi + fi + if [ "$tun_enable" == 1 ]; then + if [ "$ipv4_proxy" == 1 ]; then + ip -4 route add unicast default dev "$tun_device" table "$TUN_ROUTE_TABLE" + fi + if [ "$ipv6_proxy" == 1 ]; then + ip -6 route add unicast default dev "$tun_device" table "$TUN_ROUTE_TABLE" + fi + $FIREWALL_INCLUDE_SH + fi + local tcp_route_table + if [ "$tcp_transparent_proxy_mode" == "tproxy" ]; then + tcp_route_table="$TPROXY_ROUTE_TABLE" + elif [ "$tcp_transparent_proxy_mode" == "tun" ]; then + tcp_route_table="$TUN_ROUTE_TABLE" + fi + if [ -n "$tcp_route_table" ]; then + if [ "$ipv4_proxy" == 1 ]; then + ip -4 rule add pref "$TCP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto tcp table "$tcp_route_table" + fi + if [ "$ipv6_proxy" == 1 ]; then + ip -6 rule add pref "$TCP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto tcp table "$tcp_route_table" + fi + fi + local udp_route_table + if [ "$udp_transparent_proxy_mode" == "tproxy" ]; then + udp_route_table="$TPROXY_ROUTE_TABLE" + elif [ "$udp_transparent_proxy_mode" == "tun" ]; then + udp_route_table="$TUN_ROUTE_TABLE" + fi + if [ -n "$udp_route_table" ]; then + if [ "$ipv4_proxy" == 1 ]; then + ip -4 rule add pref "$UDP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto udp table "$udp_route_table" + fi + if [ "$ipv6_proxy" == 1 ]; then + ip -6 rule add pref "$UDP_RULE_PREF" fwmark "$FW_MARK/$FW_MARK_MASK" ipproto udp table "$udp_route_table" + fi + fi + nft -f "$HIJACK_NFT" -D MIHOMO_GROUP="$MIHOMO_GROUP" -D FW_MARK="$FW_MARK" -D FW_MARK_MASK="$FW_MARK_MASK" -D TUN_DEVICE="$tun_device" -D FAKE_IP="$fake_ip_range" -D DNS_PORT="$dns_port" -D REDIR_PORT="$redir_port" -D TPROXY_PORT="$tproxy_port" + nft -f "$RESERVED_IP_NFT" + nft -f "$RESERVED_IP6_NFT" + # dns hijack + if [ "$ipv4_dns_hijack" == 1 ]; then + log "Transparent Proxy" "Hijack IPv4 dns request." + nft add element inet "$FW_TABLE" dns_hijack_nfproto \{ ipv4 \} + fi + if [ "$ipv6_dns_hijack" == 1 ]; then + log "Transparent Proxy" "Hijack IPv6 dns request." + nft add element inet "$FW_TABLE" dns_hijack_nfproto \{ ipv6 \} + fi + # proxy + if [ "$ipv4_proxy" == 1 ]; then + log "Transparent Proxy" "Proxy IPv4 traffic." + nft add element inet "$FW_TABLE" proxy_nfproto \{ ipv4 \} + fi + if [ "$ipv6_proxy" == 1 ]; then + log "Transparent Proxy" "Proxy IPv6 traffic." + nft add element inet "$FW_TABLE" proxy_nfproto \{ ipv6 \} + fi + # bypass + config_list_foreach "proxy" "bypass_user" add_bypass_user + config_list_foreach "proxy" "bypass_group" add_bypass_group + if [ "$bypass_china_mainland_ip" == 1 ]; then + log "Transparent Proxy" "Bypass china mainland ip." + if [ "$ipv4_proxy" == 1 ]; then + nft -f "$GEOIP_CN_NFT" + fi + if [ "$ipv6_proxy" == 1 ]; then + nft -f "$GEOIP6_CN_NFT" + fi + fi + log "Transparent Proxy" "Destination TCP Port to Proxy: $proxy_tcp_dport." + log "Transparent Proxy" "Destination UDP Port to Proxy: $proxy_udp_dport." + local proxy_dport + for proxy_dport in $proxy_tcp_dport; do + nft add element inet "$FW_TABLE" proxy_dport \{ "tcp" . "$proxy_dport" \} + done + for proxy_dport in $proxy_udp_dport; do + nft add element inet "$FW_TABLE" proxy_dport \{ "udp" . "$proxy_dport" \} + done + # router proxy + if [ "$router_proxy" == 1 ]; then + log "Transparent Proxy" "Set proxy for router." + if [ "$tcp_transparent_proxy_mode" == "redirect" ]; then + nft insert rule inet "$FW_TABLE" nat_output jump router_dns_hijack + nft add rule inet "$FW_TABLE" nat_output meta l4proto tcp jump router_${tcp_transparent_proxy_mode} + else + nft flush chain inet "$FW_TABLE" nat_output + nft add rule inet "$FW_TABLE" nat_output jump router_dns_hijack + nft add rule inet "$FW_TABLE" mangle_output meta l4proto tcp jump router_reroute + fi + nft add rule inet "$FW_TABLE" mangle_output meta l4proto udp jump router_reroute + fi + # lan proxy + if [ "$lan_proxy" == 1 ]; then + log "Transparent Proxy" "Set proxy for lan." + # access control + if [ "$access_control_mode" == "all" ]; then + log "Transparent Proxy" "Access Control is using all mode, set proxy for all client." + elif [ "$access_control_mode" == "allow" ]; then + log "Transparent Proxy" "Access Control is using allow mode, set proxy for client which is in acl." + elif [ "$access_control_mode" == "block" ]; then + log "Transparent Proxy" "Access Control is using block mode, set proxy for client which is not in acl." + fi + config_list_foreach "proxy" "acl_ip" add_acl_ip + config_list_foreach "proxy" "acl_ip6" add_acl_ip6 + config_list_foreach "proxy" "acl_mac" add_acl_mac + config_list_foreach "proxy" "acl_interface" add_acl_interface + if [ "$tcp_transparent_proxy_mode" == "redirect" ]; then + nft insert rule inet "$FW_TABLE" dstnat jump "${access_control_mode}_dns_hijack" + nft add rule inet "$FW_TABLE" dstnat meta l4proto tcp jump "${access_control_mode}_${tcp_transparent_proxy_mode}" + else + nft flush chain inet "$FW_TABLE" dstnat + nft add rule inet "$FW_TABLE" dstnat jump "${access_control_mode}_dns_hijack" + nft add rule inet "$FW_TABLE" mangle_prerouting meta l4proto tcp jump "${access_control_mode}_${tcp_transparent_proxy_mode}" + fi + nft add rule inet "$FW_TABLE" mangle_prerouting meta l4proto udp jump "${access_control_mode}_${udp_transparent_proxy_mode}" + fi + # fix compatible between tproxy and dockerd (kmod-br-netfilter) + if [ "$tproxy_enable" == 1 ] && (lsmod | grep -q br_netfilter); then + if [ "$ipv4_proxy" == 1 ]; then + local bridge_nf_call_iptables; bridge_nf_call_iptables=$(sysctl -e -n net.bridge.bridge-nf-call-iptables) + if [ "$bridge_nf_call_iptables" == 1 ]; then + touch "$BRIDGE_NF_CALL_IPTABLES_FLAG" + sysctl -q -w net.bridge.bridge-nf-call-iptables=0 + fi + fi + if [ "$ipv6_proxy" == 1 ]; then + local bridge_nf_call_ip6tables; bridge_nf_call_ip6tables=$(sysctl -e -n net.bridge.bridge-nf-call-ip6tables) + if [ "$bridge_nf_call_ip6tables" == 1 ]; then + touch "$BRIDGE_NF_CALL_IP6TABLES_FLAG" + sysctl -q -w net.bridge.bridge-nf-call-ip6tables=0 + fi + fi + fi } service_stopped() { @@ -462,22 +526,19 @@ cleanup() { # clear log clear_log # delete routing policy - ip rule del ipproto tcp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 - ip rule del ipproto udp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 - ip rule del ipproto tcp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 - ip rule del ipproto udp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 rule del ipproto tcp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 rule del ipproto udp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 rule del ipproto tcp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 rule del ipproto udp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 ip -6 rule del ipproto tcp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 ip -6 rule del ipproto udp table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 ip -6 rule del ipproto tcp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 ip -6 rule del ipproto udp table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 # delete routing table - ip route flush table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 - ip route flush table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 route flush table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 + ip -4 route flush table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 ip -6 route flush table "$TPROXY_ROUTE_TABLE" > /dev/null 2>&1 ip -6 route flush table "$TUN_ROUTE_TABLE" > /dev/null 2>&1 - # delete tun - ip link set "$TUN_DEVICE" down > /dev/null 2>&1 - ip tuntap del dev "$TUN_DEVICE" mode tun > /dev/null 2>&1 # delete hijack nft delete table inet "$FW_TABLE" > /dev/null 2>&1 local handles handle @@ -489,13 +550,15 @@ cleanup() { for handle in $handles; do nft delete rule inet fw4 forward handle "$handle" done + # delete started flag + rm -f "$STARTED_FLAG" # revert fix compatible between tproxy and dockerd (kmod-br-netfilter) - if [ -f "/tmp/bridge_nf_call_iptables.flag" ]; then - rm -f /tmp/bridge_nf_call_iptables.flag + if [ -f "$BRIDGE_NF_CALL_IPTABLES_FLAG" ]; then + rm -f "$BRIDGE_NF_CALL_IPTABLES_FLAG" sysctl -q -w net.bridge.bridge-nf-call-iptables=1 fi - if [ -f "/tmp/bridge_nf_call_ip6tables.flag" ]; then - rm -f /tmp/bridge_nf_call_ip6tables.flag + if [ -f "$BRIDGE_NF_CALL_IP6TABLES_FLAG" ]; then + rm -f "$BRIDGE_NF_CALL_IP6TABLES_FLAG" sysctl -q -w net.bridge.bridge-nf-call-ip6tables=1 fi # delete cron @@ -503,27 +566,6 @@ cleanup() { /etc/init.d/cron restart } -prepare_log() { - if [ ! -d "$LOG_DIR" ]; then - mkdir -p "$LOG_DIR" - fi - if [ ! -f "$APP_LOG_PATH" ]; then - touch "$APP_LOG_PATH" - fi - if [ ! -f "$CORE_LOG_PATH" ]; then - touch "$CORE_LOG_PATH" - fi -} - -clear_log() { - echo -n > "$APP_LOG_PATH" - echo -n > "$CORE_LOG_PATH" -} - -log() { - echo "[$(date "+%Y-%m-%d %H:%M:%S")] [$1] $2" >> "$APP_LOG_PATH" -} - mixin_authentications() { local section="$1" diff --git a/mihomo/files/nftables/hijack.nft b/mihomo/files/nftables/hijack.nft index a2940151a..2cd85091e 100644 --- a/mihomo/files/nftables/hijack.nft +++ b/mihomo/files/nftables/hijack.nft @@ -170,7 +170,7 @@ table inet mihomo { chain dstnat { type nat hook prerouting priority dstnat + 1; policy accept; - fib daddr type local counter return + fib daddr type { local, multicast, broadcast, anycast } counter return ct direction reply counter return ip daddr @reserved_ip counter return ip6 daddr @reserved_ip6 counter return @@ -184,7 +184,7 @@ table inet mihomo { type nat hook output priority filter; policy accept; meta skuid @bypass_user counter return meta skgid @bypass_group counter return - fib daddr type local counter return + fib daddr type { local, multicast, broadcast, anycast } counter return ct direction reply counter return ip daddr @reserved_ip counter return ip6 daddr @reserved_ip6 counter return @@ -198,7 +198,7 @@ table inet mihomo { type filter hook prerouting priority mangle; policy accept; meta l4proto { tcp, udp } iifname lo meta mark & $FW_MARK_MASK == $FW_MARK tproxy to :$TPROXY_PORT counter accept meta l4proto { tcp, udp } iifname $TUN_DEVICE counter accept - fib daddr type local counter return + fib daddr type { local, multicast, broadcast, anycast } counter return ct direction reply counter return ip daddr @reserved_ip counter return ip6 daddr @reserved_ip6 counter return @@ -213,7 +213,7 @@ table inet mihomo { type route hook output priority mangle; policy accept; meta skuid @bypass_user counter return meta skgid @bypass_group counter return - fib daddr type local counter return + fib daddr type { local, multicast, broadcast, anycast } counter return ct direction reply counter return ip daddr @reserved_ip counter return ip6 daddr @reserved_ip6 counter return diff --git a/mihomo/files/scripts/firewall_include.sh b/mihomo/files/scripts/firewall_include.sh index 9c8ae9605..b1ce87bb4 100644 --- a/mihomo/files/scripts/firewall_include.sh +++ b/mihomo/files/scripts/firewall_include.sh @@ -7,11 +7,12 @@ config_load mihomo config_get enabled "config" "enabled" 0 config_get tcp_transparent_proxy_mode "proxy" "tcp_transparent_proxy_mode" config_get udp_transparent_proxy_mode "proxy" "udp_transparent_proxy_mode" +config_get tun_device "mixin" "tun_device" if [ "$enabled" == 1 ] && [[ "$tcp_transparent_proxy_mode" == "tun" || "$udp_transparent_proxy_mode" == "tun" ]]; then - nft insert rule inet fw4 input iifname "$TUN_DEVICE" counter accept comment "mihomo" - nft insert rule inet fw4 forward oifname "$TUN_DEVICE" counter accept comment "mihomo" - nft insert rule inet fw4 forward iifname "$TUN_DEVICE" counter accept comment "mihomo" + nft insert rule inet fw4 input iifname "$tun_device" counter accept comment "mihomo" + nft insert rule inet fw4 forward oifname "$tun_device" counter accept comment "mihomo" + nft insert rule inet fw4 forward iifname "$tun_device" counter accept comment "mihomo" fi exit 0 diff --git a/mihomo/files/scripts/include.sh b/mihomo/files/scripts/include.sh index 3b12c7bc6..413b90172 100644 --- a/mihomo/files/scripts/include.sh +++ b/mihomo/files/scripts/include.sh @@ -12,7 +12,6 @@ TCP_RULE_PREF="1024" UDP_RULE_PREF="1025" TPROXY_ROUTE_TABLE="80" TUN_ROUTE_TABLE="81" -TUN_DEVICE="mihomo" # paths PROG="/usr/bin/mihomo" @@ -23,10 +22,18 @@ MIXIN_FILE_PATH="$HOME_DIR/mixin.yaml" RUN_DIR="$HOME_DIR/run" RUN_PROFILE_PATH="$RUN_DIR/config.yaml" RUN_UI_DIR="$RUN_DIR/ui" + +# log LOG_DIR="/var/log/mihomo" APP_LOG_PATH="$LOG_DIR/app.log" CORE_LOG_PATH="$LOG_DIR/core.log" +# flag +FLAG_DIR="/var/run/mihomo" +STARTED_FLAG="$FLAG_DIR/started.flag" +BRIDGE_NF_CALL_IPTABLES_FLAG="$FLAG_DIR/bridge_nf_call_iptables.flag" +BRIDGE_NF_CALL_IP6TABLES_FLAG="$FLAG_DIR/bridge_nf_call_ip6tables.flag" + # scripts SH_DIR="$HOME_DIR/scripts" INCLUDE_SH="$SH_DIR/include.sh" @@ -64,3 +71,27 @@ format_filesize() { echo "$(awk "BEGIN {print $size / $pb}") PB" fi } + +prepare_files() { + if [ ! -d "$LOG_DIR" ]; then + mkdir -p "$LOG_DIR" + fi + if [ ! -f "$APP_LOG_PATH" ]; then + touch "$APP_LOG_PATH" + fi + if [ ! -f "$CORE_LOG_PATH" ]; then + touch "$CORE_LOG_PATH" + fi + if [ ! -d "$FLAG_DIR" ]; then + mkdir -p "$FLAG_DIR" + fi +} + +clear_log() { + echo -n > "$APP_LOG_PATH" + echo -n > "$CORE_LOG_PATH" +} + +log() { + echo "[$(date "+%Y-%m-%d %H:%M:%S")] [$1] $2" >> "$APP_LOG_PATH" +} diff --git a/mihomo/files/uci-defaults/migrate.sh b/mihomo/files/uci-defaults/migrate.sh index ddfb78335..312dfe25e 100644 --- a/mihomo/files/uci-defaults/migrate.sh +++ b/mihomo/files/uci-defaults/migrate.sh @@ -50,6 +50,9 @@ env=$(uci -q get mihomo.env); [ -z "$env" ] && { uci set mihomo.env.disable_quic_go_ecn=0 } +# since v1.15.0 +tun_device=$(uci -q get mihomo.mixin.tun_device); [ -z "$tun_device" ] && uci set mihomo.mixin.tun_device=mihomo + # commit uci commit mihomo