Skip to content

Commit

Permalink
chore: refine subscribe code
Browse files Browse the repository at this point in the history
  • Loading branch information
@vernesong
vernesong committed Dec 13, 2023
1 parent 12afbe8 commit d7fd2a1
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 185 deletions.
2 changes: 1 addition & 1 deletion luci-app-openclash/luasrc/controller/openclash.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -875,7 +875,7 @@ function action_toolbar_show()
if not daip or not cn_port then return end
traffic = json.parse(luci.sys.exec(string.format('curl -sL -m 3 -H "Content-Type: application/json" -H "Authorization: Bearer %s" -XGET http://"%s":"%s"/traffic', dase, daip, cn_port)))
connections = json.parse(luci.sys.exec(string.format('curl -sL -m 3 -H "Content-Type: application/json" -H "Authorization: Bearer %s" -XGET http://"%s":"%s"/connections', dase, daip, cn_port)))
if traffic and connections then
if traffic and connections and connections.connections then
connection = #(connections.connections)
up = s(traffic.up)
down = s(traffic.down)
Expand Down
16 changes: 16 additions & 0 deletions luci-app-openclash/root/etc/init.d/openclash
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3281,6 +3281,22 @@ reload()
SLOG_CLEAN
del_lock
fi
if pidof clash >/dev/null && [ "$enable" == "1" ] && [ "$1" == "revert" ]; then
set_lock
revert_firewall 2>/dev/null
/etc/init.d/dnsmasq restart >/dev/null 2>&1
SLOG_CLEAN
del_lock
fi
if pidof clash >/dev/null && [ "$enable" == "1" ] && [ "$1" == "restore" ]; then
set_lock
do_run_mode 2>/dev/null
get_config 2>/dev/null
set_firewall 2>/dev/null
/etc/init.d/dnsmasq restart >/dev/null 2>&1
SLOG_CLEAN
del_lock
fi
}

boot()
Expand Down
179 changes: 2 additions & 177 deletions luci-app-openclash/root/usr/share/openclash/openclash.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,27 +20,10 @@ CFG_FILE="/tmp/yaml_sub_tmp_config.yaml"
CRON_FILE="/etc/crontabs/root"
CONFIG_PATH=$(uci -q get openclash.config.config_path)
servers_update=$(uci -q get openclash.config.servers_update)
dns_port=$(uci -q get openclash.config.dns_port)
enable_redirect_dns=$(uci -q get openclash.config.enable_redirect_dns)
disable_masq_cache=$(uci -q get openclash.config.disable_masq_cache)
default_resolvfile=$(uci -q get openclash.config.default_resolvfile)
en_mode=$(uci -q get openclash.config.en_mode)
china_ip_route=$(uci -q get openclash.config.china_ip_route)
disable_udp_quic=$(uci -q get openclash.config.disable_udp_quic)
ipv6_enable=$(uci -q get openclash.config.ipv6_enable)
router_self_proxy=$(uci -q get openclash.config.router_self_proxy || echo 1)
DNSPORT=$(uci -q get dhcp.@dnsmasq[0].port)
DNSMASQ_CONF_DIR=$(uci -q get dhcp.@dnsmasq[0].confdir || echo '/tmp/dnsmasq.d')
DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
custom_china_domain_dns_server=$(uci -q get openclash.config.custom_china_domain_dns_server || echo "114.114.114.114")
FW4=$(command -v fw4)
CLASH="/etc/openclash/clash"
CLASH_CONFIG="/tmp"


if [ -z "$DNSPORT" ]; then
DNSPORT=$(netstat -nlp |grep -E '127.0.0.1:.*dnsmasq' |awk -F '127.0.0.1:' '{print $2}' |awk '{print $1}' |head -1 || echo 53)
fi
restart=0
only_download=0
set_lock
Expand Down Expand Up @@ -247,117 +230,7 @@ config_error()
change_dns()
{
if pidof clash >/dev/null; then
if [ "$enable_redirect_dns" = "1" ]; then
uci -q del dhcp.@dnsmasq[-1].server
uci -q add_list dhcp.@dnsmasq[0].server=127.0.0.1#"$dns_port"
uci -q delete dhcp.@dnsmasq[0].resolvfile
uci -q set dhcp.@dnsmasq[0].noresolv=1
[ "$disable_masq_cache" -eq 1 ] && {
uci -q set dhcp.@dnsmasq[0].cachesize=0
}
uci commit dhcp
fi

if [ -z "$(echo "$en_mode" |grep "redir-host")" ] && [ "$china_ip_route" -eq 1 ] && [ "$enable_redirect_dns" != "2" ]; then
cat "/etc/openclash/accelerated-domains.china.conf" |awk -v dns="${custom_china_domain_dns_server}" -F '/' '!/^$/&&!/^#/{print $1"/"$2"/"dns}' >${DNSMASQ_CONF_DIR}/dnsmasq_accelerated-domains.china.conf 2>/dev/null
for i in `awk '!/^$/&&!/^#/&&!/(^([1-9]|1[0-9]|1[1-9]{2}|2[0-4][0-9]|25[0-5])\.)(([0-9]{1,2}|1[1-9]{2}|2[0-4][0-9]|25[0-5])\.){2}([1-9]|[1-9][0-9]|1[0-9]{2}|2[0-5][0-9]|25[0-4])((\/[0-9][0-9])?)$/{printf("%s\n",$0)}' /etc/openclash/custom/openclash_custom_chnroute_pass.list`
do
sed -i "/server=\/${i}\//d" ${DNSMASQ_CONF_DIR}/dnsmasq_accelerated-domains.china.conf 2>/dev/null
done 2>/dev/null
fi

/etc/init.d/dnsmasq restart >/dev/null 2>&1

if [ -n "$FW4" ]; then
for nft in "nat_output" "mangle_output"; do
local handles=$(nft -a list chain inet fw4 ${nft} |grep -E "openclash|OpenClash" |grep -v "OpenClash DNS Hijack" |awk -F '# handle ' '{print$2}')
for handle in $handles; do
nft delete rule inet fw4 ${nft} handle ${handle}
done
done >/dev/null 2>&1
echo "$nat_output_rules" |while read line
do
if [ -n "$(echo "$line" |grep "OpenClash DNS Hijack")" ]; then
continue
fi
nft add rule inet fw4 nat_output ${line}
done >/dev/null 2>&1
echo "$mangle_output_rules" |while read line
do
if [ -n "$(echo "$line" |grep "OpenClash DNS Hijack")" ]; then
continue
fi
nft add rule inet fw4 mangle_output ${line}
done >/dev/null 2>&1

if [ "$enable_redirect_dns" = "2" ]; then
if [ "$router_self_proxy" = 1 ]; then
nft add rule inet fw4 nat_output position 0 tcp dport 53 ip daddr {127.0.0.1} meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 udp dport 53 ip daddr {127.0.0.1} meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
fi
if [ "$ipv6_enable" -eq 1 ]; then
if [ "$router_self_proxy" = 1 ]; then
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} tcp dport 53 ip daddr {::/0} meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} udp dport 53 ip daddr {::/0} meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
fi
fi
fi
if [ -z "$(echo "$en_mode" |grep "redir-host")" ] && [ "$china_ip_route" -eq 1 ] && [ "$enable_redirect_dns" != "2" ]; then
LOG_OUT "Tip: Bypass the China IP May Cause the Dnsmasq Load For a Long Time After Restart in FAKE-IP Mode, Hijack the DNS to Core Untill the Dnsmasq Works Well..."
nft insert rule inet fw4 dstnat position 0 tcp dport 53 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft insert rule inet fw4 dstnat position 0 udp dport 53 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft 'add chain inet fw4 nat_output { type nat hook output priority -1; }' 2>/dev/null
nft add rule inet fw4 nat_output position 0 tcp dport 53 meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 udp dport 53 meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 tcp dport 12353 meta skuid != 65534 counter redirect to "$DNSPORT" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 udp dport 12353 meta skuid != 65534 counter redirect to "$DNSPORT" comment \"OpenClash DNS Hijack\" 2>/dev/null
if [ "$ipv6_enable" -eq 1 ]; then
nft insert rule inet fw4 dstnat position 0 meta nfproto {ipv6} tcp dport 53 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft insert rule inet fw4 dstnat position 0 meta nfproto {ipv6} udp dport 53 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft 'add chain inet fw4 nat_output { type nat hook output priority -1; }' 2>/dev/null
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} tcp dport 53 meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} udp dport 53 meta skuid != 65534 counter redirect to "$dns_port" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} tcp dport 12353 meta skuid != 65534 counter redirect to "$DNSPORT" comment \"OpenClash DNS Hijack\" 2>/dev/null
nft add rule inet fw4 nat_output position 0 meta nfproto {ipv6} udp dport 12353 meta skuid != 65534 counter redirect to "$DNSPORT" comment \"OpenClash DNS Hijack\" 2>/dev/null
fi
fi
else
iptables -t nat -D OUTPUT -j openclash_output >/dev/null 2>&1
iptables -t mangle -D OUTPUT -j openclash_output >/dev/null 2>&1
ip6tables -t mangle -D OUTPUT -j openclash_output >/dev/null 2>&1
iptables -t nat -A OUTPUT -j openclash_output >/dev/null 2>&1
iptables -t mangle -A OUTPUT -j openclash_output >/dev/null 2>&1
ip6tables -t mangle -A OUTPUT -j openclash_output >/dev/null 2>&1
if [ "$enable_redirect_dns" = "2" ]; then
if [ "$router_self_proxy" = 1 ]; then
iptables -t nat -I OUTPUT -p udp --dport 53 -d 127.0.0.1 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I OUTPUT -p tcp --dport 53 -d 127.0.0.1 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
fi
if [ "$ipv6_enable" -eq 1 ]; then
if [ "$router_self_proxy" = 1 ]; then
ip6tables -t nat -I OUTPUT -p udp --dport 53 -d ::/0 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I OUTPUT -p tcp --dport 53 -d ::/0 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
fi
fi
fi
if [ -z "$(echo "$en_mode" |grep "redir-host")" ] && [ "$china_ip_route" -eq 1 ] && [ "$enable_redirect_dns" != "2" ]; then
LOG_OUT "Tip: Bypass the China IP May Cause the Dnsmasq Load For a Long Time After Restart in FAKE-IP Mode, Hijack the DNS to Core Untill the Dnsmasq Works Well..."
iptables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I OUTPUT -p udp --dport 53 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I OUTPUT -p tcp --dport 53 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I OUTPUT -p udp --dport 12353 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$DNSPORT" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
iptables -t nat -I OUTPUT -p tcp --dport 12353 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$DNSPORT" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
if [ "$ipv6_enable" -eq 1 ]; then
ip6tables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I OUTPUT -p udp --dport 53 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I OUTPUT -p tcp --dport 53 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$dns_port" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I OUTPUT -p udp --dport 12353 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$DNSPORT" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
ip6tables -t nat -I OUTPUT -p tcp --dport 12353 -m owner ! --uid-owner 65534 -j REDIRECT --to-ports "$DNSPORT" -m comment --comment "OpenClash DNS Hijack" 2>/dev/null
fi
fi
fi
/etc/init.d/openclash reload "restore" >/dev/null 2>&1
[ "$(unify_ps_status "openclash_watchdog.sh")" -eq 0 ] && [ "$(unify_ps_prevent)" -eq 0 ] && nohup /usr/share/openclash/openclash_watchdog.sh &
fi
}
Expand Down Expand Up @@ -397,55 +270,7 @@ config_download_direct()
{
if pidof clash >/dev/null && [ "$router_self_proxy" = 1 ]; then
kill_watchdog
if [ "$enable_redirect_dns" -eq 1 ]; then
uci -q del_list dhcp.@dnsmasq[0].server=127.0.0.1#"$dns_port"
if [ -n "$default_resolvfile" ]; then
uci -q set dhcp.@dnsmasq[0].resolvfile="$default_resolvfile"
elif [ -s "/tmp/resolv.conf.d/resolv.conf.auto" ] && [ -n "$(grep "nameserver" /tmp/resolv.conf.d/resolv.conf.auto)" ]; then
uci -q set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.d/resolv.conf.auto
elif [ -s "/tmp/resolv.conf.auto" ] && [ -n "$(grep "nameserver" /tmp/resolv.conf.auto)" ]; then
uci -q set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
else
rm -rf /tmp/resolv.conf.auto 2>/dev/null
touch /tmp/resolv.conf.auto 2>/dev/null
cat >> "/tmp/resolv.conf.auto" <<-EOF
# Interface lan
nameserver 114.114.114.114
nameserver 119.29.29.29
EOF
uci -q set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
fi
uci -q set dhcp.@dnsmasq[0].noresolv=0
uci -q delete dhcp.@dnsmasq[0].cachesize
uci commit dhcp
rm -rf ${DNSMASQ_CONF_DIR}/dnsmasq_accelerated-domains.china.conf >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1
fi
if [ -n "$FW4" ]; then
nat_output_rules=$(nft -a list chain inet fw4 nat_output |grep -E "openclash|OpenClash" |awk -F '# handle ' '{print$1}' |sed 's/^[ \t]*//g')
mangle_output_rules=$(nft -a list chain inet fw4 mangle_output |grep -E "openclash|OpenClash" |awk -F '# handle ' '{print$1}' |sed 's/^[ \t]*//g')
for nft in "nat_output" "mangle_output"; do
local handles=$(nft -a list chain inet fw4 ${nft} |grep -E "openclash|OpenClash" |awk -F '# handle ' '{print$2}')
for handle in $handles; do
nft delete rule inet fw4 ${nft} handle ${handle}
done
done >/dev/null 2>&1
else
iptables -t nat -D OUTPUT -j openclash_output >/dev/null 2>&1
iptables -t mangle -D OUTPUT -j openclash_output >/dev/null 2>&1
ip6tables -t mangle -D OUTPUT -j openclash_output >/dev/null 2>&1
for ipt in "iptables -nvL OUTPUT -t nat" "iptables -nvL OUTPUT -t mangle" "ip6tables -nvL OUTPUT -t mangle" "ip6tables -nvL OUTPUT -t nat"; do
for comment in "OpenClash DNS Hijack"; do
local lines=$($ipt |sed 1,2d |sed -n "/${comment}/=" 2>/dev/null |sort -rn)
if [ -n "$lines" ]; then
for line in $lines; do
$(echo "$ipt" |awk -v OFS=" " '{print $1,$4,$5}' |sed 's/[ ]*$//g') -D $(echo "$ipt" |awk '{print $3}') $line
done
fi
done
done >/dev/null 2>&1
fi

/etc/init.d/openclash reload "revert" >/dev/null 2>&1
sleep 3

config_download
Expand Down
14 changes: 7 additions & 7 deletions luci-app-openclash/root/usr/share/openclash/openclash_dler_checkin.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,19 @@ local function dler_checkin()
path = "/tmp/dler_checkin"
if token and email and passwd and enable == "1" then
checkin = string.format("curl -sL -H 'Content-Type: application/json' -d '{\"email\":\"%s\", \"passwd\":\"%s\", \"multiple\":\"%s\"}' -X POST https://dler.cloud/api/v1/checkin -o %s", email, passwd, multiple, path)
if not nixio.fs.access(path) then
if fs.readfile(path) == "" or not fs.readfile(path) then
luci.sys.exec(checkin)
else
if fs.readfile(path) == "" or not fs.readfile(path) then
if (os.time() - fs.mtime(path) > interval*3600+1) then
fs.unlink(path)
luci.sys.exec(checkin)
else
if (os.time() - fs.mtime(path) > interval*3600+1) then
luci.sys.exec(checkin)
else
os.exit(0)
end
os.exit(0)
end
end
if fs.readfile(path) == "" or not fs.readfile(path) then
fs.writefile(path, " ")
end
info = fs.readfile(path)
if info then
info = json.parse(info)
Expand Down

0 comments on commit d7fd2a1

Please sign in to comment.