Browse Source

shadowsocks-libev: bump version

Fix the multiple UDP source port issue.
Allow using different IP and ports for TCP and UDP

Signed-off-by: Jian Chang <aa65535@live.com>
lilik-openwrt-22.03
Jian Chang 9 years ago
parent
commit
a2a2d146bc
4 changed files with 96 additions and 39 deletions
  1. +4
    -4
      net/shadowsocks-libev/Makefile
  2. +1
    -1
      net/shadowsocks-libev/files/shadowsocks-libev.config
  3. +66
    -25
      net/shadowsocks-libev/files/shadowsocks-libev.init
  4. +25
    -9
      net/shadowsocks-libev/files/ss-rules

+ 4
- 4
net/shadowsocks-libev/Makefile View File

@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=shadowsocks-libev PKG_NAME:=shadowsocks-libev
PKG_VERSION:=2.2.2
PKG_VERSION:=2.2.3
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE) PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)
PKG_SOURCE_VERSION:=4883903e657095b93f88a3a3b9a0dccdffdaa397
PKG_SOURCE_VERSION:=2b1eef11973de3f7380401fd20f937e84bc2b756
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_MAINTAINER:=Jian Chang <aa65535@live.com> PKG_MAINTAINER:=Jian Chang <aa65535@live.com>
@ -36,14 +36,14 @@ define Package/shadowsocks-libev/Default
TITLE:=Lightweight Secured Socks5 Proxy $(2) TITLE:=Lightweight Secured Socks5 Proxy $(2)
URL:=https://github.com/shadowsocks/shadowsocks-libev URL:=https://github.com/shadowsocks/shadowsocks-libev
VARIANT:=$(1) VARIANT:=$(1)
DEPENDS:=$(3) +resolveip +ipset +ip +iptables-mod-tproxy
DEPENDS:=$(3) +libpthread +ipset +ip +iptables-mod-tproxy
endef endef
Package/shadowsocks-libev = $(call Package/shadowsocks-libev/Default,openssl,(OpenSSL),+libopenssl) Package/shadowsocks-libev = $(call Package/shadowsocks-libev/Default,openssl,(OpenSSL),+libopenssl)
Package/shadowsocks-libev-polarssl = $(call Package/shadowsocks-libev/Default,polarssl,(PolarSSL),+libpolarssl) Package/shadowsocks-libev-polarssl = $(call Package/shadowsocks-libev/Default,polarssl,(PolarSSL),+libpolarssl)
define Package/shadowsocks-libev/description define Package/shadowsocks-libev/description
Shadowsocks-libev is a lightweight secured scoks5 proxy for embedded devices and low end boxes.
Shadowsocks-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes.
endef endef
Package/shadowsocks-libev-polarssl/description = $(Package/shadowsocks-libev/description) Package/shadowsocks-libev-polarssl/description = $(Package/shadowsocks-libev/description)


+ 1
- 1
net/shadowsocks-libev/files/shadowsocks-libev.config View File

@ -8,7 +8,7 @@ config shadowsocks-libev
option timeout '60' option timeout '60'
option encrypt_method 'rc4-md5' option encrypt_method 'rc4-md5'
option ignore_list '/dev/null' option ignore_list '/dev/null'
option udp_relay '0'
option udp_mode '0'
option tunnel_enable '1' option tunnel_enable '1'
option tunnel_port '5300' option tunnel_port '5300'
option tunnel_forward '8.8.4.4:53' option tunnel_forward '8.8.4.4:53'


+ 66
- 25
net/shadowsocks-libev/files/shadowsocks-libev.init View File

@ -14,11 +14,17 @@ get_config() {
config_get server $1 server config_get server $1 server
config_get server_port $1 server_port config_get server_port $1 server_port
config_get local_port $1 local_port config_get local_port $1 local_port
config_get password $1 password
config_get timeout $1 timeout config_get timeout $1 timeout
config_get password $1 password
config_get encrypt_method $1 encrypt_method config_get encrypt_method $1 encrypt_method
config_get ignore_list $1 ignore_list config_get ignore_list $1 ignore_list
config_get udp_relay $1 udp_relay
config_get udp_mode $1 udp_mode
config_get udp_server $1 udp_server
config_get udp_server_port $1 udp_server_port
config_get udp_local_port $1 udp_local_port
config_get udp_timeout $1 udp_timeout
config_get udp_password $1 udp_password
config_get udp_encrypt_method $1 udp_encrypt_method
config_get_bool tunnel_enable $1 tunnel_enable config_get_bool tunnel_enable $1 tunnel_enable
config_get tunnel_port $1 tunnel_port config_get tunnel_port $1 tunnel_port
config_get tunnel_forward $1 tunnel_forward config_get tunnel_forward $1 tunnel_forward
@ -27,6 +33,8 @@ get_config() {
config_get wan_bp_ip $1 wan_bp_ip config_get wan_bp_ip $1 wan_bp_ip
config_get wan_fw_ip $1 wan_fw_ip config_get wan_fw_ip $1 wan_fw_ip
config_get ipt_ext $1 ipt_ext config_get ipt_ext $1 ipt_ext
: ${timeout:=60}
: ${udp_timeout:=60}
: ${tunnel_port:=5300} : ${tunnel_port:=5300}
: ${tunnel_forward:=8.8.4.4:53} : ${tunnel_forward:=8.8.4.4:53}
} }
@ -45,6 +53,8 @@ start_rules() {
/usr/bin/ss-rules \ /usr/bin/ss-rules \
-s "$server" \ -s "$server" \
-l "$local_port" \ -l "$local_port" \
-S "$udp_server" \
-L "$udp_local_port" \
-i "$ignore_list" \ -i "$ignore_list" \
-a "$ac_args" \ -a "$ac_args" \
-b "$wan_bp_ip" \ -b "$wan_bp_ip" \
@ -55,17 +65,48 @@ start_rules() {
} }
start_redir() { start_redir() {
service_start /usr/bin/ss-redir \
-c "$CONFIG_FILE" $udp
cat <<-EOF >$CONFIG_FILE
{
"server": "$server",
"server_port": $server_port,
"local_address": "0.0.0.0",
"local_port": $local_port,
"password": "$password",
"timeout": $timeout,
"method": "$encrypt_method"
}
EOF
if [ "$udp_mode" = 2 ]; then
/usr/bin/ss-redir \
-c $CONFIG_FILE \
-f /var/run/ss-redir_t.pid
cat <<-EOF >$CONFIG_FILE
{
"server": "$udp_server",
"server_port": $udp_server_port,
"local_address": "0.0.0.0",
"local_port": $udp_local_port,
"password": "$udp_password",
"timeout": $udp_timeout,
"method": "$udp_encrypt_method"
}
EOF
fi
/usr/bin/ss-redir \
-c $CONFIG_FILE \
-f /var/run/ss-redir.pid \
$udp
return $? return $?
} }
start_tunnel() { start_tunnel() {
service_start /usr/bin/ss-tunnel \
-c "$CONFIG_FILE" \
-l "$tunnel_port" \
-L "$tunnel_forward" \
-u
: ${udp:="-u"}
/usr/bin/ss-tunnel \
-c $CONFIG_FILE \
-l $tunnel_port \
-L $tunnel_forward \
-f /var/run/ss-tunnel.pid \
$udp
return $? return $?
} }
@ -73,25 +114,26 @@ rules() {
config_load shadowsocks-libev config_load shadowsocks-libev
config_foreach get_config shadowsocks-libev config_foreach get_config shadowsocks-libev
[ "$enable" = 1 ] || exit 0 [ "$enable" = 1 ] || exit 0
[ "$udp_relay" = 1 ] && udp="-u"
mkdir -p $(dirname $CONFIG_FILE)
mkdir -p /var/run /var/etc
: ${server:?} : ${server:?}
: ${server_port:?} : ${server_port:?}
: ${local_port:?} : ${local_port:?}
: ${password:?} : ${password:?}
: ${encrypt_method:?} : ${encrypt_method:?}
cat <<-EOF >$CONFIG_FILE
{
"server": "$server",
"server_port": $server_port,
"local_address": "0.0.0.0",
"local_port": $local_port,
"password": "$password",
"timeout": $timeout,
"method": "$encrypt_method"
}
EOF
case $udp_mode in
1) udp="-u"
;;
2)
udp="-U"
: ${udp_server:?}
: ${udp_server_port:?}
: ${udp_local_port:?}
: ${udp_password:?}
: ${udp_encrypt_method:?}
;;
esac
start_rules start_rules
} }
@ -109,7 +151,6 @@ start() {
stop() { stop() {
/usr/bin/ss-rules -f /usr/bin/ss-rules -f
service_stop /usr/bin/ss-redir
service_stop /usr/bin/ss-tunnel
rm -f $CONFIG_FILE
killall -q -9 ss-redir
killall -q -9 ss-tunnel
} }

+ 25
- 9
net/shadowsocks-libev/files/ss-rules View File

@ -16,6 +16,8 @@ usage() {
-e <extra_options> extra options for iptables -e <extra_options> extra options for iptables
-o apply the rules to the OUTPUT chain -o apply the rules to the OUTPUT chain
-u enable udprelay mode, TPROXY is required -u enable udprelay mode, TPROXY is required
-U enable udprelay mode, using different IP
and ports for TCP and UDP
-f flush the rules -f flush the rules
EOF EOF
} }
@ -69,7 +71,7 @@ EOF
fw_rule() { fw_rule() {
$ipt_n -N SS_SPEC_WAN_FW && \ $ipt_n -N SS_SPEC_WAN_FW && \
$ipt_n -A SS_SPEC_WAN_FW -p tcp \ $ipt_n -A SS_SPEC_WAN_FW -p tcp \
-j REDIRECT --to-ports $LOCAL_PORT 2>/dev/null || {
-j REDIRECT --to-ports $local_port 2>/dev/null || {
loger 3 "Can't redirect, please check the iptables." loger 3 "Can't redirect, please check the iptables."
exit 1 exit 1
} }
@ -111,7 +113,7 @@ EOF
} }
tp_rule() { tp_rule() {
[ "$TPROXY" = 1 ] || return 0
[ -n "$TPROXY" ] || return 0
ip rule add fwmark 0x01/0x01 table 100 ip rule add fwmark 0x01/0x01 table 100
ip route add local 0.0.0.0/0 dev lo table 100 ip route add local 0.0.0.0/0 dev lo table 100
$ipt_m -N SS_SPEC_TPROXY $ipt_m -N SS_SPEC_TPROXY
@ -123,12 +125,18 @@ tp_rule() {
return $? return $?
} }
while getopts ":s:l:c:i:e:a:b:w:ouf" arg; do
while getopts ":s:l:S:L:i:e:a:b:w:ouUf" arg; do
case $arg in case $arg in
s) s)
SERVER=$OPTARG
server=$OPTARG
;; ;;
l) l)
local_port=$OPTARG
;;
S)
SERVER=$OPTARG
;;
L)
LOCAL_PORT=$OPTARG LOCAL_PORT=$OPTARG
;; ;;
i) i)
@ -152,6 +160,9 @@ while getopts ":s:l:c:i:e:a:b:w:ouf" arg; do
u) u)
TPROXY=1 TPROXY=1
;; ;;
U)
TPROXY=2
;;
f) f)
flush_r flush_r
exit 0 exit 0
@ -159,16 +170,20 @@ while getopts ":s:l:c:i:e:a:b:w:ouf" arg; do
esac esac
done done
if [ -z "$SERVER" -o -z "$LOCAL_PORT" ]; then
if [ -z "$server" -o -z "$local_port" ]; then
usage usage
exit 2 exit 2
fi fi
SERVER=$(resolveip -t60 $SERVER)
if [ "$TPROXY" = 1 ]; then
SERVER=$server
LOCAL_PORT=$local_port
fi
if [ -z "$SERVER" ]; then
loger 3 "Can't resolve the server hostname."
exit 1
if [ "$TPROXY" = 2 ]; then
if [ -z "$SERVER" -o -z "$LOCAL_PORT" ]; then
loger 3 "Please use -S and -L specifies IP and port for UDP."
fi
fi fi
if [ -f "$IGNORE" ]; then if [ -f "$IGNORE" ]; then
@ -176,6 +191,7 @@ if [ -f "$IGNORE" ]; then
fi fi
IPLIST=$(cat <<-EOF | grep -E "^([0-9]{1,3}\.){3}[0-9]{1,3}" IPLIST=$(cat <<-EOF | grep -E "^([0-9]{1,3}\.){3}[0-9]{1,3}"
$server
$SERVER $SERVER
0.0.0.0/8 0.0.0.0/8
10.0.0.0/8 10.0.0.0/8


Loading…
Cancel
Save