mirror of
https://github.com/kenzok8/small-package
synced 2025-01-08 13:27:36 +08:00
update 2024-09-02 20:36:43
This commit is contained in:
kenzok8
parent
72bc4d03b3
commit
bf89f89c2a
@ -1,6 +1,6 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_VERSION:=1.7.6
|
||||
PKG_VERSION:=1.7.8
|
||||
|
||||
LUCI_TITLE:=LuCI Support for mihomo
|
||||
LUCI_DEPENDS:=+luci-base +mihomo
|
||||
|
||||
@ -269,16 +269,6 @@ return view.extend({
|
||||
o.value('1-65535', _('All Port'));
|
||||
o.value('123 443 8443', _('Commonly Used Port'));
|
||||
|
||||
o = s.taboption('bypass', widgets.NetworkSelect, 'wan_interfaces', _('WAN Interfaces'));
|
||||
o.multiple = true;
|
||||
o.optional = false;
|
||||
o.rmempty = false;
|
||||
|
||||
o = s.taboption('bypass', widgets.NetworkSelect, 'wan6_interfaces', _('WAN6 Interfaces'));
|
||||
o.multiple = true;
|
||||
o.optional = true;
|
||||
o.rmempty = false;
|
||||
|
||||
s = m.section(form.GridSection, 'subscription', _('Subscription Config'));
|
||||
s.addremove = true;
|
||||
s.anonymous = true;
|
||||
|
||||
@ -1,13 +1,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=mihomo
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=4
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://github.com/MetaCubeX/mihomo.git
|
||||
PKG_SOURCE_DATE:=2024-08-30
|
||||
PKG_SOURCE_VERSION:=08ac9a3fae545d521626ecb6cb9b290e51a394b0
|
||||
PKG_MIRROR_HASH:=f0bd68ecd2930f2ca20956900df7766a97a9f493bd794743e9bba170ef415321
|
||||
PKG_SOURCE_DATE:=2024-09-01
|
||||
PKG_SOURCE_VERSION:=802267fb5b0a17bf7915b78abbb80afa407d8815
|
||||
PKG_MIRROR_HASH:=171e068ed2f567efe481e5f18a0f00f37fec4aa6772076228533fec254066a56
|
||||
|
||||
PKG_LICENSE:=MIT
|
||||
PKG_MAINTAINER:=Joseph Mory <morytyann@gmail.com>
|
||||
@ -80,6 +80,9 @@ define Package/mihomo/install
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/capabilities
|
||||
$(INSTALL_DATA) $(CURDIR)/files/capabilities.json $(1)/etc/capabilities/mihomo.json
|
||||
|
||||
$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
|
||||
$(INSTALL_DATA) $(CURDIR)/files/mihomo.upgrade $(1)/lib/upgrade/keep.d/mihomo
|
||||
endef
|
||||
|
||||
define Build/Prepare
|
||||
|
||||
@ -25,8 +25,6 @@ config proxy 'proxy'
|
||||
option 'bypass_china_mainland_ip' '0'
|
||||
option 'acl_tcp_dport' '1-65535'
|
||||
option 'acl_udp_dport' '1-65535'
|
||||
option 'wan_interfaces' ''
|
||||
option 'wan6_interfaces' ''
|
||||
|
||||
config subscription 'subscription'
|
||||
option 'name' 'default'
|
||||
|
||||
@ -353,9 +353,6 @@ start_service() {
|
||||
for acl_dport in $acl_udp_dport; do
|
||||
nft add element inet "$FW_TABLE" acl_dport \{ "udp" . "$acl_dport" \}
|
||||
done
|
||||
# exclusion
|
||||
log "Transparent Proxy: Add exclusions."
|
||||
add_wan_inbound_exclusions
|
||||
# router proxy
|
||||
if [ "$router_proxy" == 1 ]; then
|
||||
log "Transparent Proxy: Router Proxy is enabled, set proxy for router."
|
||||
@ -400,14 +397,6 @@ reload_service() {
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger "mihomo"
|
||||
|
||||
config_load mihomo
|
||||
config_list_foreach "proxy" "wan_interfaces" add_reload_interface_trigger
|
||||
config_list_foreach "proxy" "wan6_interfaces" add_reload_interface_trigger
|
||||
}
|
||||
|
||||
add_reload_interface_trigger() {
|
||||
procd_add_reload_interface_trigger "$1"
|
||||
}
|
||||
|
||||
cleanup() {
|
||||
@ -567,35 +556,3 @@ add_acl_ip6() {
|
||||
add_acl_mac() {
|
||||
nft add element inet "$FW_TABLE" acl_mac \{ "$1" \}
|
||||
}
|
||||
|
||||
add_wan_inbound_exclusions() {
|
||||
config_list_foreach "proxy" "wan_interfaces" add_wan_inbound_exclusion
|
||||
config_list_foreach "proxy" "wan6_interfaces" add_wan6_inbound_exclusion
|
||||
}
|
||||
|
||||
add_wan_inbound_exclusion() {
|
||||
local wan; wan=$1
|
||||
local wan_ip
|
||||
network_get_ipaddr wan_ip "$wan"
|
||||
if [ -n "$wan_ip" ]; then
|
||||
nft add element inet "$FW_TABLE" wan_ip \{ "$wan_ip" \}
|
||||
fi
|
||||
}
|
||||
|
||||
add_wan6_inbound_exclusion() {
|
||||
local wan6; wan6=$1
|
||||
local wan6_subnets wan6_subnet
|
||||
network_get_subnets6 wan6_subnets "$wan6"
|
||||
if [ -n "$wan6_subnets" ]; then
|
||||
for wan6_subnet in $wan6_subnets; do
|
||||
nft add element inet "$FW_TABLE" wan_ip6 \{ "$wan6_subnet" \}
|
||||
done
|
||||
fi
|
||||
local wan6_prefixes wan6_prefix
|
||||
network_get_prefixes6 wan6_prefixes "$wan6"
|
||||
if [ -n "$wan6_prefixes" ]; then
|
||||
for wan6_prefix in $wan6_prefixes; do
|
||||
nft add element inet "$FW_TABLE" wan_ip6 \{ "$wan6_prefix" \}
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
1
mihomo/files/mihomo.upgrade
Normal file
1
mihomo/files/mihomo.upgrade
Normal file
@ -0,0 +1 @@
|
||||
/etc/mihomo
|
||||
@ -33,18 +33,6 @@ table inet mihomo {
|
||||
auto-merge
|
||||
}
|
||||
|
||||
set wan_ip {
|
||||
type ipv4_addr
|
||||
flags interval
|
||||
auto-merge
|
||||
}
|
||||
|
||||
set wan_ip6 {
|
||||
type ipv6_addr
|
||||
flags interval
|
||||
auto-merge
|
||||
}
|
||||
|
||||
set fake_ip {
|
||||
type ipv4_addr
|
||||
flags interval
|
||||
@ -96,41 +84,41 @@ table inet mihomo {
|
||||
}
|
||||
|
||||
chain all_tproxy {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark xor $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark ^ $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
}
|
||||
|
||||
chain allow_tproxy {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip meta mark set mark xor $FW_MARK tproxy ip to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 meta mark set mark xor $FW_MARK tproxy ip6 to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac meta mark set mark xor $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip meta mark set mark ^ $FW_MARK tproxy ip to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 meta mark set mark ^ $FW_MARK tproxy ip6 to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac meta mark set mark ^ $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
}
|
||||
|
||||
chain block_tproxy {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark xor $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark ^ $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
}
|
||||
|
||||
chain all_tun {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark xor $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark ^ $FW_MARK counter
|
||||
}
|
||||
|
||||
chain allow_tun {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip meta mark set mark xor $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 meta mark set mark xor $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac meta mark set mark xor $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip meta mark set mark ^ $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 meta mark set mark ^ $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac meta mark set mark ^ $FW_MARK counter
|
||||
}
|
||||
|
||||
chain block_tun {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip saddr @acl_ip counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ip6 saddr @acl_ip6 counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } ether saddr @acl_mac counter return
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark xor $FW_MARK counter
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark ^ $FW_MARK counter
|
||||
}
|
||||
|
||||
chain router_reroute {
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark xor $FW_MARK counter accept
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } meta mark set mark ^ $FW_MARK counter accept
|
||||
}
|
||||
|
||||
chain dstnat {
|
||||
@ -143,14 +131,12 @@ table inet mihomo {
|
||||
|
||||
chain mangle_prerouting {
|
||||
type filter hook prerouting priority mangle; policy accept;
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } iifname lo meta mark $FW_MARK tproxy to :$TPROXY_PORT counter accept comment "For Router TPROXY"
|
||||
meta nfproto @proxy_nfproto meta l4proto { tcp, udp } iifname $TUN_DEVICE meta mark $FW_MARK counter return comment "For Router TUN"
|
||||
meta l4proto { tcp, udp } iifname lo meta mark & $FW_MARK_MASK == $FW_MARK tproxy to :$TPROXY_PORT counter accept
|
||||
meta l4proto { tcp, udp } iifname $TUN_DEVICE counter return
|
||||
fib daddr type local counter return
|
||||
ct direction reply counter return
|
||||
ip daddr @reserved_ip counter return
|
||||
ip6 daddr @reserved_ip6 counter return
|
||||
ip daddr @wan_ip counter return
|
||||
ip6 daddr @wan_ip6 counter return
|
||||
ct reply ip saddr @wan_ip counter return
|
||||
ct reply ip6 saddr @wan_ip6 counter return
|
||||
ip daddr @china_ip counter return
|
||||
ip6 daddr @china_ip6 counter return
|
||||
meta l4proto . th dport != @acl_dport ip daddr != @fake_ip counter return
|
||||
@ -161,12 +147,10 @@ table inet mihomo {
|
||||
chain mangle_output {
|
||||
type route hook output priority mangle; policy accept;
|
||||
meta skuid $MIHOMO_USER counter return
|
||||
fib daddr type local counter return
|
||||
ct direction reply counter return
|
||||
ip daddr @reserved_ip counter return
|
||||
ip6 daddr @reserved_ip6 counter return
|
||||
ip daddr @wan_ip counter return
|
||||
ip6 daddr @wan_ip6 counter return
|
||||
ct reply ip saddr @wan_ip counter return
|
||||
ct reply ip6 saddr @wan_ip6 counter return
|
||||
ip daddr @china_ip counter return
|
||||
ip6 daddr @china_ip6 counter return
|
||||
meta l4proto . th dport != @acl_dport ip daddr != @fake_ip counter return
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "$IPKG_INSTROOT/lib/functions/network.sh"
|
||||
. "$IPKG_INSTROOT/etc/mihomo/scripts/constants.sh"
|
||||
|
||||
# add firewall include for tun
|
||||
@ -19,18 +18,12 @@ init=$(uci -q get mihomo.config.init); [ -z "$init" ] && return
|
||||
# generate random string for api secret and authentication password
|
||||
random=$(awk 'BEGIN{srand(); print int(rand() * 1000000)}')
|
||||
|
||||
# get wan interface
|
||||
network_find_wan wan_interface
|
||||
|
||||
# set mihomo.mixin.api_secret
|
||||
uci set mihomo.mixin.api_secret="$random"
|
||||
|
||||
# set mihomo.@authentication[0].password
|
||||
uci set mihomo.@authentication[0].password="$random"
|
||||
|
||||
# set mihomo.proxy.wan_interfaces
|
||||
uci add_list mihomo.proxy.wan_interfaces="$wan_interface"
|
||||
|
||||
# remove mihomo.config.init
|
||||
uci del mihomo.config.init
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "$IPKG_INSTROOT/lib/functions/network.sh"
|
||||
. "$IPKG_INSTROOT/etc/mihomo/scripts/constants.sh"
|
||||
|
||||
# delete mihomo.proxy.routing_mark
|
||||
routing_mark=$(uci -q get mihomo.proxy.routing_mark); [ -n "$routing_mark" ] && uci del mihomo.proxy.routing_mark
|
||||
@ -35,12 +35,6 @@ log=$(uci -q get mihomo.log); [ -z "$log" ] && uci set mihomo.log=log
|
||||
# add mihomo.proxy.bypass_china_mainland_ip
|
||||
bypass_china_mainland_ip=$(uci -q get mihomo.proxy.bypass_china_mainland_ip); [ -z "$bypass_china_mainland_ip" ] && uci set mihomo.proxy.bypass_china_mainland_ip=0
|
||||
|
||||
# get wan interface
|
||||
network_find_wan wan_interface
|
||||
|
||||
# add mihomo.proxy.wan_interfaces
|
||||
wan_interfaces=$(uci -q get mihomo.proxy.wan_interfaces); [ -z "$wan_interfaces" ] && uci add_list mihomo.proxy.wan_interfaces="$wan_interface"
|
||||
|
||||
# add mihomo.proxy.acl_tcp_dport
|
||||
acl_tcp_dport=$(uci -q get mihomo.proxy.acl_tcp_dport); [ -z "$acl_tcp_dport" ] && uci set mihomo.proxy.acl_tcp_dport="1-65535"
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user