OpenWrt/kenzok8-small
1
0
Fork 0
mirror of https://github.com/kenzok8/small.git synced 2025-01-08 12:08:21 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

update 2024-02-21 20:15:15

Browse Source
This commit is contained in:
github-actions[bot] 2024-02-21 20:15:15 +08:00
parent f80536a9fd
commit 3277d4ff30
13 changed files with 117 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua
View File

@ -156,6 +156,23 @@ if has_xray then
s_xray.anonymous = true
s_xray.addremove = false
o = s_xray:option(Flag, "fragment", translate("Fragment"), translate("TCP fragments, which can deceive the censorship system in some cases, such as bypassing SNI blacklists."))
o.default = 0
o = s_xray:option(ListValue, "fragment_packets", translate("Fragment Packets"), translate(" \"1-3\" is for segmentation at TCP layer, applying to the beginning 1 to 3 data writes by the client. \"tlshello\" is for TLS client hello packet fragmentation."))
o.default = "tlshello"
o:value("1-3", "1-3")
o:value("tlshello", "tlshello")
o:depends("fragment", true)
o = s_xray:option(Value, "fragment_length", translate("Fragment Length"), translate("Fragmented packet length (byte)"))
o.default = "10-20"
o:depends("fragment", true)
o = s_xray:option(Value, "fragment_interval", translate("Fragment Interval"), translate("Fragmentation interval (ms)"))
o.default = "10-20"
o:depends("fragment", true)
o = s_xray:option(Flag, "sniffing", translate("Sniffing"), translate("When using the shunt, must be enabled, otherwise the shunt will invalid."))
o.default = 1
o.rmempty = false

7
luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua
View File

@ -514,4 +514,11 @@ o = s:option(Value, option_name("xudp_concurrency"), translate("XUDP Mux concurr
o.default = 8
o:depends({ [option_name("xmux")] = true })
--[[tcpMptcp]]
o = s:option(Flag, option_name("tcpMptcp"), "tcpMptcp", translate("Enable Multipath TCP, need to be enabled in both server and client configuration."))
o.default = 0
o = s:option(Flag, option_name("tcpNoDelay"), "tcpNoDelay")
o.default = 0
api.luci_types(arg[1], m, s, type_name, option_prefix)

46
luci-app-passwall/luasrc/passwall/util_xray.lua
View File

@ -42,9 +42,11 @@ function gen_outbound(flag, node, tag, proxy_table)
local proxy = 0
local proxy_tag = "nil"
local fragment = nil
if proxy_table ~= nil and type(proxy_table) == "table" then
proxy = proxy_table.proxy or 0
proxy_tag = proxy_table.tag or "nil"
fragment = proxy_table.fragment or nil
end
if node.type == "Xray" then
@ -130,7 +132,10 @@ function gen_outbound(flag, node, tag, proxy_table)
-- 底层传输配置
streamSettings = (node.streamSettings or node.protocol == "vmess" or node.protocol == "vless" or node.protocol == "socks" or node.protocol == "shadowsocks" or node.protocol == "trojan") and {
sockopt = {
mark = 255
mark = 255,
tcpMptcp = (node.tcpMptcp == "1") and true or nil,
tcpNoDelay = (node.tcpNoDelay == "1") and true or nil,
dialerProxy = fragment and "fragment" or nil
},
network = node.transport,
security = node.stream_security,
@ -644,7 +649,7 @@ function gen_config(var)
end
if is_new_blc_node then
local blc_node = uci:get_all(appname, blc_node_id)
local outbound = gen_outbound(flag, blc_node, blc_node_tag)
local outbound = gen_outbound(flag, blc_node, blc_node_tag, { fragment = xray_settings.fragment == "1" or nil })
if outbound then
table.insert(outbounds, outbound)
valid_nodes[#valid_nodes + 1] = blc_node_tag
@ -716,7 +721,7 @@ function gen_config(var)
preproxy_enabled = false
end
elseif preproxy_node and api.is_normal_node(preproxy_node) then
local preproxy_outbound = gen_outbound(flag, preproxy_node, preproxy_tag)
local preproxy_outbound = gen_outbound(flag, preproxy_node, preproxy_tag, { fragment = xray_settings.fragment == "1" or nil })
if preproxy_outbound then
table.insert(outbounds, preproxy_outbound)
else
@ -818,7 +823,14 @@ function gen_config(var)
})
end
end
local _outbound = gen_outbound(flag, _node, rule_name, { proxy = proxy and 1 or 0, tag = proxy and preproxy_tag or nil })
local proxy_table = {
proxy = proxy and 1 or 0,
tag = proxy and preproxy_tag or nil
}
if xray_settings.fragment == "1" and not proxy_table.tag then
proxy_table.fragment = true
end
local _outbound = gen_outbound(flag, _node, rule_name, proxy_table)
if _outbound then
table.insert(outbounds, _outbound)
if proxy then preproxy_used = true end
@ -989,7 +1001,7 @@ function gen_config(var)
sys.call("touch /tmp/etc/passwall/iface/" .. node.iface)
end
else
outbound = gen_outbound(flag, node)
outbound = gen_outbound(flag, node, nil, { fragment = xray_settings.fragment == "1" or nil })
end
if outbound then table.insert(outbounds, outbound) end
routing = {
@ -1122,7 +1134,7 @@ function gen_config(var)
address = remote_dns_tcp_server,
port = tonumber(remote_dns_tcp_port),
network = "tcp",
nonIPQuery = "skip"
nonIPQuery = "drop"
}
})
@ -1229,6 +1241,28 @@ function gen_config(var)
-- }
}
}
if xray_settings.fragment == "1" then
table.insert(outbounds, {
protocol = "freedom",
tag = "fragment",
settings = {
domainStrategy = (direct_dns_query_strategy and direct_dns_query_strategy ~= "") and direct_dns_query_strategy or "UseIP",
fragments = {
packets = (xray_settings.fragment_packets and xray_settings.fragment_packets ~= "") and xray_settings.fragment_packets,
length = (xray_settings.fragment_length and xray_settings.fragment_length ~= "") and xray_settings.fragment_length,
interval = (xray_settings.fragment_interval and xray_settings.fragment_interval ~= "") and xray_settings.fragment_interval
}
},
streamSettings = {
sockopt = {
mark = 255,
tcpNoDelay = true
}
}
})
end
table.insert(outbounds, {
protocol = "freedom",
tag = "direct",

30
luci-app-passwall/po/zh-cn/passwall.po
View File

@ -265,6 +265,9 @@ msgstr "默认代理模式"
msgid "No Proxy"
msgstr "不代理"
msgid "Proxy"
msgstr "代理"
msgid "Global Proxy"
msgstr "全局代理"
@ -1536,3 +1539,30 @@ msgstr "后量子对等证书签名方案"
msgid "Disable adaptive sizing of TLS records"
msgstr "禁用 TLS 记录的自适应大小调整"
msgid "Enable Multipath TCP, need to be enabled in both server and client configuration."
msgstr "启用 Multipath TCP需在服务端和客户端配置中同时启用。"
msgid "Fragment"
msgstr "分片"
msgid "TCP fragments, which can deceive the censorship system in some cases, such as bypassing SNI blacklists."
msgstr "TCP 分片,在某些情况下可以欺骗审查系统,比如绕过 SNI 黑名单。"
msgid "Fragment Packets"
msgstr "分片方式"
msgid " \"1-3\" is for segmentation at TCP layer, applying to the beginning 1 to 3 data writes by the client. \"tlshello\" is for TLS client hello packet fragmentation."
msgstr " \"1-3\" 是 TCP 的流切片,应用于客户端第 1 至第 3 次写数据。\"tlshello\" 是 TLS 握手包切片。"
msgid "Fragment Length"
msgstr "分片包长"
msgid "Fragmented packet length (byte)"
msgstr "分片包长 (byte)"
msgid "Fragment Interval"
msgstr "分片间隔"
msgid "Fragmentation interval (ms)"
msgstr "分片间隔ms"

1
luci-app-passwall2/luasrc/model/cbi/passwall2/client/other.lua
View File

@ -160,6 +160,7 @@ if has_xray then
o = s_xray:option(Flag, "sniffing", translate("Sniffing"), translate("When using the shunt, must be enabled, otherwise the shunt will invalid."))
o.default = 1
o.rmempty = false
o = s_xray:option(Flag, "route_only", translate("Sniffing Route Only"))
o.default = 0

3
luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/hysteria2.lua
View File

@ -44,6 +44,9 @@ o = s:option(Value, option_name("tls_serverName"), translate("Domain"))
o = s:option(Flag, option_name("tls_allowInsecure"), translate("allowInsecure"), translate("Whether unsafe connections are allowed. When checked, Certificate validation will be skipped."))
o.default = "0"
o = s:option(Value, option_name("tls_pinSHA256"), translate("PinSHA256"),translate("Certificate fingerprint"))
o.rewrite_option = o.option
o = s:option(Value, option_name("up_mbps"), translate("Max upload Mbps"))
o.rewrite_option = o.option

3
luci-app-passwall2/luasrc/passwall2/util_hysteria2.lua
View File

@ -74,7 +74,8 @@ function gen_config(var)
auth = node.hysteria2_auth_password,
tls = {
sni = node.tls_serverName,
insecure = (node.tls_allowInsecure == "1") and true or false
insecure = (node.tls_allowInsecure == "1") and true or false,
pinSHA256 = (node.hysteria2_tls_pinSHA256) and node.hysteria2_tls_pinSHA256 or nil,
},
quic = {
initStreamReceiveWindow = (node.hysteria2_recv_window) and tonumber(node.hysteria2_recv_window) or nil,

6
luci-app-passwall2/po/zh-cn/passwall2.po
View File

@ -472,6 +472,12 @@ msgstr "认证密码"
msgid "Commands the client to use the BBR flow control algorithm"
msgstr "命令客户端使用 BBR 流量控制算法"
msgid "PinSHA256"
msgstr "PinSHA256"
msgid "Certificate fingerprint"
msgstr "证书指纹"
msgid "Max upload Mbps"
msgstr "最大上行(Mbps)"

2
luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
View File

@ -355,7 +355,7 @@ o:depends("type", "hysteria")
o.rmempty = true
o.default = "0"
o = s:option(Flag, "lazy_mode", translate("Lazy Mode"))
o = s:option(Flag, "lazy_mode", translate("Enable Lazy Mode"))
o:depends("type", "hysteria")
o.rmempty = true
o.default = "0"

6
luci-app-ssr-plus/po/zh-cn/ssr-plus.po
View File

@ -79,6 +79,9 @@ msgstr "流控Flow"
msgid "Transport"
msgstr "传输协议"
msgid "Transport Protocol"
msgstr "传输协议"
msgid "Protocol"
msgstr "传输协议"
@ -261,9 +264,6 @@ msgstr "QUIC 流接收窗口"
msgid "Lazy Start"
msgstr "延迟启动"
msgid "Disable Path MTU discovery"
msgstr "禁用 MTU 探测"
msgid "Enable Tunnel(DNS)"
msgstr "启用隧道DNS转发"

8
luci-app-ssr-plus/root/etc/init.d/shadowsocksr
View File

@ -433,7 +433,7 @@ start_udp() {
hysteria)
gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_port
ln_start_bin $(first_type hysteria) hysteria client --config $udp_config_file
echolog "UDP TPROXY Relay:$($(first_type "hysteria") version | grep Version | awk '{print "Hysteria2:" $2}') Started!"
echolog "UDP TPROXY Relay:$($(first_type "hysteria") version | grep Version | awk '{print "Hysteria2: " $2}') Started!"
;;
tuic)
# FIXME: ipt2socks cannot handle udp reply from tuic
@ -564,7 +564,7 @@ start_shunt() {
fi
ln_start_bin $(first_type hysteria) hysteria client --config $shunt_config_file
shunt_dns_command
echolog "shunt:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2:" $2})' Started!"
echolog "shunt:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2: " $2}') Started!"
;;
tuic)
local chain_shunt_port="30${tmp_shunt_port}"
@ -663,7 +663,7 @@ start_local() {
if [ "$_local" == "2" ]; then
gen_config_file $LOCAL_SERVER $type 4 0 $local_port
ln_start_bin $(first_type hysteria) hysteria client --config $local_config_file
echolog "Global_Socks5:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2:" $2}') Started!"
echolog "Global_Socks5:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2: " $2}') Started!"
fi
;;
tuic)
@ -758,7 +758,7 @@ Start_Run() {
hysteria)
gen_config_file $GLOBAL_SERVER $type 1 $tcp_port $socks_port
ln_start_bin $(first_type hysteria) hysteria client --config $tcp_config_file
echolog "Main node:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2:" $2}') Started!"
echolog "Main node:$($(first_type hysteria) version | grep Version | awk '{print "Hysteria2: " $2}') Started!"
;;
tuic)
local PARAM

2
luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua
View File

@ -435,7 +435,7 @@ local hysteria = {
auth = server.hy2_auth,
tls = (server.tls_host) and {
sni = server.tls_host,
alpn = server.tls_alpn or nil,
--alpn = server.tls_alpn or nil,
insecure = (server.insecure == "1") and true or false,
pinSHA256 = (server.insecure == "1") and server.pinsha256 or nil
} or {

4
v2ray-geodata/Makefile
View File

@ -21,13 +21,13 @@ define Download/geoip
HASH:=d29a781c15da854f708b81c1838598f1a340b04ef3546cf128a57f44a27cdd42
endef
GEOSITE_VER:=20240217140518
GEOSITE_VER:=20240221053250
GEOSITE_FILE:=dlc.dat.$(GEOSITE_VER)
define Download/geosite
URL:=https://github.com/v2fly/domain-list-community/releases/download/$(GEOSITE_VER)/
URL_FILE:=dlc.dat
FILE:=$(GEOSITE_FILE)
HASH:=ebf75a4f97aee4d744a35c10513063ebd63d42fe8ec166ecd26893eff074d9f2
HASH:=d2ef9bd9cac2678088f5494b888bf9eecdad385dc2b5689e6c7d56e4d97173a3
endef
GEOSITE_IRAN_VER:=202402190026