You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

156 lines
3.1 KiB

  1. #!/bin/sh /etc/rc.common
  2. START=90
  3. STOP=15
  4. SERVICE_USE_PID=1
  5. SERVICE_WRITE_PID=1
  6. SERVICE_DAEMONIZE=1
  7. EXTRA_COMMANDS="rules"
  8. CONFIG_FILE=/var/etc/shadowsocks-libev.json
  9. get_config() {
  10. config_get_bool enable $1 enable
  11. config_get server $1 server
  12. config_get server_port $1 server_port
  13. config_get local_port $1 local_port
  14. config_get timeout $1 timeout
  15. config_get password $1 password
  16. config_get encrypt_method $1 encrypt_method
  17. config_get ignore_list $1 ignore_list
  18. config_get udp_mode $1 udp_mode
  19. config_get udp_server $1 udp_server
  20. config_get udp_server_port $1 udp_server_port
  21. config_get udp_local_port $1 udp_local_port
  22. config_get udp_timeout $1 udp_timeout
  23. config_get udp_password $1 udp_password
  24. config_get udp_encrypt_method $1 udp_encrypt_method
  25. config_get_bool tunnel_enable $1 tunnel_enable
  26. config_get tunnel_port $1 tunnel_port
  27. config_get tunnel_forward $1 tunnel_forward
  28. config_get lan_ac_mode $1 lan_ac_mode
  29. config_get lan_ac_ip $1 lan_ac_ip
  30. config_get wan_bp_ip $1 wan_bp_ip
  31. config_get wan_fw_ip $1 wan_fw_ip
  32. config_get ipt_ext $1 ipt_ext
  33. : ${timeout:=60}
  34. : ${udp_timeout:=60}
  35. : ${tunnel_port:=5300}
  36. : ${tunnel_forward:=8.8.4.4:53}
  37. }
  38. start_rules() {
  39. local ac_args
  40. if [ -n "$lan_ac_ip" ]; then
  41. case $lan_ac_mode in
  42. 1) ac_args="w$lan_ac_ip"
  43. ;;
  44. 2) ac_args="b$lan_ac_ip"
  45. ;;
  46. esac
  47. fi
  48. /usr/bin/ss-rules \
  49. -s "$server" \
  50. -l "$local_port" \
  51. -S "$udp_server" \
  52. -L "$udp_local_port" \
  53. -i "$ignore_list" \
  54. -a "$ac_args" \
  55. -b "$wan_bp_ip" \
  56. -w "$wan_fw_ip" \
  57. -e "$ipt_ext" \
  58. -o $udp
  59. return $?
  60. }
  61. start_redir() {
  62. cat <<-EOF >$CONFIG_FILE
  63. {
  64. "server": "$server",
  65. "server_port": $server_port,
  66. "local_address": "0.0.0.0",
  67. "local_port": $local_port,
  68. "password": "$password",
  69. "timeout": $timeout,
  70. "method": "$encrypt_method"
  71. }
  72. EOF
  73. if [ "$udp_mode" = 2 ]; then
  74. /usr/bin/ss-redir \
  75. -c $CONFIG_FILE \
  76. -f /var/run/ss-redir_t.pid
  77. cat <<-EOF >$CONFIG_FILE
  78. {
  79. "server": "$udp_server",
  80. "server_port": $udp_server_port,
  81. "local_address": "0.0.0.0",
  82. "local_port": $udp_local_port,
  83. "password": "$udp_password",
  84. "timeout": $udp_timeout,
  85. "method": "$udp_encrypt_method"
  86. }
  87. EOF
  88. fi
  89. /usr/bin/ss-redir \
  90. -c $CONFIG_FILE \
  91. -f /var/run/ss-redir.pid \
  92. $udp
  93. return $?
  94. }
  95. start_tunnel() {
  96. : ${udp:="-u"}
  97. /usr/bin/ss-tunnel \
  98. -c $CONFIG_FILE \
  99. -l $tunnel_port \
  100. -L $tunnel_forward \
  101. -f /var/run/ss-tunnel.pid \
  102. $udp
  103. return $?
  104. }
  105. rules() {
  106. config_load shadowsocks-libev
  107. config_foreach get_config shadowsocks-libev
  108. [ "$enable" = 1 ] || exit 0
  109. mkdir -p /var/run /var/etc
  110. : ${server:?}
  111. : ${server_port:?}
  112. : ${local_port:?}
  113. : ${password:?}
  114. : ${encrypt_method:?}
  115. case $udp_mode in
  116. 1) udp="-u"
  117. ;;
  118. 2)
  119. udp="-U"
  120. : ${udp_server:?}
  121. : ${udp_server_port:?}
  122. : ${udp_local_port:?}
  123. : ${udp_password:?}
  124. : ${udp_encrypt_method:?}
  125. ;;
  126. esac
  127. start_rules
  128. }
  129. boot() {
  130. until iptables-save -t nat | grep -q "^:zone_lan_prerouting"; do
  131. sleep 1
  132. done
  133. start
  134. }
  135. start() {
  136. rules && start_redir
  137. [ "$tunnel_enable" = 1 ] && start_tunnel
  138. }
  139. stop() {
  140. /usr/bin/ss-rules -f
  141. killall -q -9 ss-redir
  142. killall -q -9 ss-tunnel
  143. }