OSDN Git Service

luci-app-ssr-plus: bump to 186-1
authorTianling Shen <cnsztl@immortalwrt.org>
Mon, 6 Jun 2022 16:57:00 +0000 (00:57 +0800)
committerTianling Shen <cnsztl@immortalwrt.org>
Mon, 6 Jun 2022 16:57:00 +0000 (00:57 +0800)
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
applications/luci-app-ssr-plus/Makefile
applications/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua
applications/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
applications/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
applications/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
applications/luci-app-ssr-plus/po/zh_Hans/ssr-plus.po
applications/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
applications/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
applications/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua
applications/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua

index 3068ca8..42a4238 100644 (file)
@@ -1,8 +1,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-ssr-plus
-PKG_VERSION:=185
-PKG_RELEASE:=5
+PKG_VERSION:=186
+PKG_RELEASE:=1
 
 PKG_CONFIG_DEPENDS:= \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \
@@ -10,6 +10,7 @@ PKG_CONFIG_DEPENDS:= \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Redsocks2 \
+       CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_SagerNet_Core \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Client \
@@ -18,21 +19,22 @@ PKG_CONFIG_DEPENDS:= \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Server \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Simple_Obfs \
        CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Trojan \
-       CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin \
-       CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray
+       CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin
 
 LUCI_TITLE:=SS/SSR/V2Ray/XRay/Trojan/NaiveProxy/Socks5/Tun LuCI interface
 LUCI_PKGARCH:=all
 LUCI_DEPENDS:= \
        @(PACKAGE_libustream-mbedtls||PACKAGE_libustream-openssl||PACKAGE_libustream-wolfssl) \
        +coreutils +coreutils-base64 +dns2socks +dns2tcp +dnsmasq-full +ipset +ip-full \
-       +iptables +iptables-mod-tproxy +lua +libuci-lua +microsocks +tcping +resolveip \
-       +shadowsocksr-libev-ssr-check +uclient-fetch \
+       +iptables +iptables-mod-tproxy +lua +libuci-lua +luci-lib-ipkg +microsocks \
+       +tcping +resolveip +shadowsocksr-libev-ssr-check +uclient-fetch \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \
        +PACKAGE_$(PKG_NAME)_INCLUDE_IPT2Socks:ipt2socks \
        +PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \
        +PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD:pdnsd-alt \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Redsocks2:redsocks2 \
+       +PACKAGE_$(PKG_NAME)_INCLUDE_SagerNet_Core:curl \
+       +PACKAGE_$(PKG_NAME)_INCLUDE_SagerNet_Core:sagernet-core \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client:shadowsocks-libev-ss-local \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client:shadowsocks-libev-ss-redir \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server:shadowsocks-libev-ss-server \
@@ -43,9 +45,7 @@ LUCI_DEPENDS:= \
        +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Server:shadowsocksr-libev-ssr-server \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Simple_Obfs:simple-obfs \
        +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \
-       +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin:v2ray-plugin \
-       +PACKAGE_$(PKG_NAME)_INCLUDE_Xray:curl \
-       +PACKAGE_$(PKG_NAME)_INCLUDE_Xray:xray-core
+       +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin:v2ray-plugin
 
 define Package/$(PKG_NAME)/config
 config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun
@@ -69,9 +69,13 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_Redsocks2
        bool "Include Redsocks2"
        default n
 
+config PACKAGE_$(PKG_NAME)_INCLUDE_SagerNet_Core
+       bool "Include sagernet-core (An enhanced edition of v2ray-core)"
+       default y if aarch64||arm||i386||x86_64
+
 config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client
        bool "Include Shadowsocks Libev Client"
-       default y if !aarch64
+       default y if !(aarch64||i386||x86_64)
 
 config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server
        bool "Include Shadowsocks Libev Server"
@@ -80,11 +84,13 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server
 config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Client
        bool "Include Shadowsocks Rust Client"
        depends on aarch64||arm||i386||mips||mipsel||x86_64
+       depends on !(TARGET_x86_geode||TARGET_x86_legacy)
        default y if aarch64
 
 config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Server
        bool "Include Shadowsocks Rust Server"
        depends on aarch64||arm||i386||mips||mipsel||x86_64
+       depends on !(TARGET_x86_geode||TARGET_x86_legacy)
        default y if aarch64
 
 config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Client
@@ -107,10 +113,6 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan
 config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin
        bool "Include Shadowsocks V2ray Plugin"
        default n
-
-config PACKAGE_$(PKG_NAME)_INCLUDE_Xray
-       bool "Include Xray"
-       default y if aarch64||arm||i386||x86_64
 endef
 
 define Package/$(PKG_NAME)/conffiles
index 26e1db6..6de68df 100644 (file)
@@ -56,6 +56,12 @@ o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN"))
 o:value("https://ispip.clang.cn/all_cn_cidr.txt", translate("Clang.CN.CIDR"))
 o.default = "https://ispip.clang.cn/all_cn.txt"
 
+o = s:option(ListValue, "default_packet_encoding", translate("Default Packet Encoding"))
+o:value("none", translate("none"))
+o:value("packet", translate("packet (v2ray-core v5+)"))
+o:value("xudp", translate("xudp (Xray-core)"))
+o.default = "xudp"
+
 o = s:option(Flag, "netflix_enable", translate("Enable Netflix Mode"))
 o.rmempty = false
 
index 4d44558..8ceb48c 100644 (file)
@@ -1,16 +1,23 @@
 -- Copyright (C) 2017 yushi studio <ywb94@qq.com> github.com/ywb94
 -- Licensed to the public under the GNU General Public License v3.
+
 require "nixio.fs"
 require "luci.sys"
 require "luci.http"
-local m, s, o, kcp_enable
+require "luci.model.ipkg"
+
+local m, s, o
 local sid = arg[1]
 local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid")
 
-function is_finded(e)
+local function is_finded(e)
        return luci.sys.exec('type -t -p "%s"' % e) ~= "" and true or false
 end
 
+local function is_installed(e)
+       return luci.model.ipkg.installed(e)
+end
+
 local server_table = {}
 local encrypt_methods = {
        -- ssr
@@ -40,12 +47,19 @@ local encrypt_methods = {
 }
 
 local encrypt_methods_ss = {
+       -- plain
+       "none",
+       "plain",
        -- aead
        "aes-128-gcm",
        "aes-192-gcm",
        "aes-256-gcm",
        "chacha20-ietf-poly1305",
-       "xchacha20-ietf-poly1305"
+       "xchacha20-ietf-poly1305",
+       -- aead 2022
+       "2022-blake3-aes-128-gcm",
+       "2022-blake3-aes-256-gcm",
+       "2022-blake3-chacha20-poly1305"
        --[[ stream
        "none",
        "plain",
@@ -67,22 +81,6 @@ local encrypt_methods_ss = {
        "chacha20-ietf" ]]
 }
 
-local encrypt_methods_v2ray_ss = {
-       -- xray_ss
-       "none",
-       "plain",
-       -- aead
-       "aes-128-gcm",
-       "aes-256-gcm",
-       "chacha20-poly1305",
-       "chacha20-ietf-poly1305",
-       "xchacha20-ietf-poly1305",
-       "aead_aes_128_gcm",
-       "aead_aes_256_gcm",
-       "aead_chacha20_poly1305",
-       "aead_xchacha20_poly1305"
-}
-
 local protocol = {
        -- ssr
        "origin",
@@ -98,7 +96,7 @@ local protocol = {
        "auth_chain_f"
 }
 
-obfs = {
+local obfs = {
        -- ssr
        "plain",
        "http_simple",
@@ -117,7 +115,7 @@ local securitys = {
 }
 
 local flows = {
-       -- xlts
+       -- xtls
        "xtls-rprx-origin",
        "xtls-rprx-origin-udp443",
        "xtls-rprx-direct",
@@ -184,6 +182,9 @@ o:value("vless", translate("VLESS"))
 o:value("vmess", translate("VMess"))
 o:value("trojan", translate("Trojan"))
 o:value("shadowsocks", translate("Shadowsocks"))
+if is_installed("sagernet-core") then
+       o:value("wireguard", translate("WireGuard"))
+end
 o:value("socks", translate("Socks"))
 o:value("http", translate("HTTP"))
 o:depends("type", "v2ray")
@@ -248,13 +249,13 @@ for _, v in ipairs(encrypt_methods_ss) do
 end
 o.rmempty = true
 o:depends("type", "ss")
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
 
-o = s:option(ListValue, "encrypt_method_v2ray_ss", translate("Encrypt Method"))
-for _, v in ipairs(encrypt_methods_v2ray_ss) do
-       o:value(v)
-end
+o = s:option(Flag, "uot", translate("UDP over TCP"))
+o.description = translate("Enable the SUoT protocol, requires server support.")
 o.rmempty = true
 o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
+o.default = "0"
 
 o = s:option(Flag, "ivCheck", translate("Bloom Filter"))
 o.rmempty = true
@@ -267,7 +268,7 @@ o:value("none", translate("None"))
 if is_finded("obfs-local") then
        o:value("obfs-local", translate("obfs-local"))
 end
-if is_finded("v2ray-plugin") then
+if is_finded("v2ray-plugin") or is_installed("sagernet-core") then
        o:value("v2ray-plugin", translate("v2ray-plugin"))
 end
 if is_finded("xray-plugin") then
@@ -275,12 +276,12 @@ if is_finded("xray-plugin") then
 end
 o.rmempty = true
 o:depends("type", "ss")
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
 
 o = s:option(Value, "plugin_opts", translate("Plugin Opts"))
 o.rmempty = true
-o:depends({type = "ss", plugin = "obfs-local"})
-o:depends({type = "ss", plugin = "v2ray-plugin"})
-o:depends({type = "ss", plugin = "xray-plugin"})
+o:depends("type", "ss")
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
 
 o = s:option(ListValue, "protocol", translate("Protocol"))
 for _, v in ipairs(protocol) do
@@ -332,7 +333,12 @@ o:value("h2", "HTTP/2")
 o:value("quic", "QUIC")
 o:value("grpc", "gRPC")
 o.rmempty = true
-o:depends("type", "v2ray")
+o:depends({type = "v2ray", v2ray_protocol = "vless"})
+o:depends({type = "v2ray", v2ray_protocol = "vmess"})
+o:depends({type = "v2ray", v2ray_protocol = "trojan"})
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
+o:depends({type = "v2ray", v2ray_protocol = "socks"})
+o:depends({type = "v2ray", v2ray_protocol = "http"})
 
 -- [[ TCP部分 ]]--
 -- TCP伪装
@@ -452,7 +458,8 @@ o.rmempty = true
 o = s:option(Value, "mtu", translate("MTU"))
 o.datatype = "uinteger"
 o:depends("transport", "kcp")
-o.default = 1350
+o:depends({type = "v2ray", v2ray_protocol = "wireguard"})
+-- o.default = 1350
 o.rmempty = true
 
 o = s:option(Value, "tti", translate("TTI"))
@@ -493,12 +500,35 @@ o = s:option(Flag, "congestion", translate("Congestion"))
 o:depends("transport", "kcp")
 o.rmempty = true
 
+-- [[ WireGuard 部分 ]]--
+o = s:option(DynamicList, "local_addresses", translate("Local addresses"))
+o:depends({type = "v2ray", v2ray_protocol = "wireguard"})
+o.rmempty = true
+
+o = s:option(Value, "private_key", translate("Private key"))
+o:depends({type = "v2ray", v2ray_protocol = "wireguard"})
+o.password = true
+o.rmempty = true
+
+o = s:option(Value, "peer_pubkey", translate("Peer public key"))
+o:depends({type = "v2ray", v2ray_protocol = "wireguard"})
+o.rmempty = true
+
+o = s:option(Value, "preshared_key", translate("Pre-shared key"))
+o:depends({type = "v2ray", v2ray_protocol = "wireguard"})
+o.password = true
+o.rmempty = true
+
 -- [[ TLS ]]--
 o = s:option(Flag, "tls", translate("TLS"))
 o.rmempty = true
 o.default = "0"
-o:depends({type = "v2ray", xtls = false})
--- o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "socks", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false})
 o:depends("type", "trojan")
 
 -- XTLS
@@ -552,7 +582,12 @@ o.description = translate("If true, allowss insecure connection at TLS client, e
 -- [[ Mux ]]--
 o = s:option(Flag, "mux", translate("Mux"))
 o.rmempty = false
-o:depends({type = "v2ray", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "socks", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false})
 
 o = s:option(Value, "concurrency", translate("Concurrency"))
 o.datatype = "uinteger"
@@ -619,6 +654,17 @@ o:depends("type", "ssr")
 o:depends("type", "ss")
 o:depends("type", "trojan")
 
+if is_installed("sagernet-core") then
+       o = s:option(ListValue, "packet_encoding", translate("Packet Encoding"))
+       o:value("none", translate("none"))
+       o:value("packet", translate("packet (v2ray-core v5+)"))
+       o:value("xudp", translate("xudp (Xray-core)"))
+       o.default = "xudp"
+       o.rmempty = true
+       o:depends({type = "v2ray", v2ray_protocol = "vless"})
+       o:depends({type = "v2ray", v2ray_protocol = "vmess"})
+end
+
 o = s:option(Flag, "switch_enable", translate("Enable Auto Switch"))
 o.rmempty = false
 o.default = "1"
@@ -629,11 +675,11 @@ o.default = 1234
 o.rmempty = false
 
 if is_finded("kcptun-client") then
-       kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"))
-       kcp_enable.rmempty = true
-       kcp_enable.default = "0"
-       kcp_enable:depends("type", "ssr")
-       kcp_enable:depends("type", "ss")
+       o = s:option(Flag, "kcp_enable", translate("KcpTun Enable"))
+       o.rmempty = true
+       o.default = "0"
+       o:depends("type", "ssr")
+       o:depends("type", "ss")
 
        o = s:option(Value, "kcp_port", translate("KcpTun Port"))
        o.datatype = "port"
index fe3fc4b..f9ac268 100644 (file)
@@ -38,7 +38,11 @@ local encrypt_methods_ss = {
        "aes-192-gcm",
        "aes-256-gcm",
        "chacha20-ietf-poly1305",
-       "xchacha20-ietf-poly1305"
+       "xchacha20-ietf-poly1305",
+       -- aead 2022
+       "2022-blake3-aes-128-gcm",
+       "2022-blake3-aes-256-gcm",
+       "2022-blake3-chacha20-poly1305"
        --[[ stream
        "table",
        "rc4",
index 9af220c..6ef44c0 100644 (file)
@@ -34,7 +34,11 @@ local encrypt_methods_ss = {
        "aes-192-gcm",
        "aes-256-gcm",
        "chacha20-ietf-poly1305",
-       "xchacha20-ietf-poly1305"
+       "xchacha20-ietf-poly1305",
+       -- aead 2022
+       "2022-blake3-aes-128-gcm",
+       "2022-blake3-aes-256-gcm",
+       "2022-blake3-chacha20-poly1305"
        --[[ stream
        "table",
        "rc4",
index e1ee40d..a6e3a5f 100644 (file)
@@ -61,6 +61,12 @@ msgstr "密码"
 msgid "Encrypt Method"
 msgstr "加密方式"
 
+msgid "Enable the SUoT protocol, requires server support."
+msgstr "启用 SUoT 协议,需要服务端支持。"
+
+msgid "Bloom Filter"
+msgstr "布隆过滤器"
+
 msgid "VLESS Encryption"
 msgstr "VLESS 加密"
 
@@ -706,9 +712,6 @@ msgstr "微信视频通话"
 msgid "DTLS 1.2"
 msgstr "DTLS 1.2 数据包"
 
-msgid "WireGuard"
-msgstr "WireGuard 数据包"
-
 msgid "MTU"
 msgstr "最大传输单元"
 
@@ -730,6 +733,21 @@ msgstr "写入缓冲区大小"
 msgid "Congestion"
 msgstr "拥塞控制"
 
+msgid "Local addresses"
+msgstr "本地地址"
+
+msgid "Private key"
+msgstr "私钥"
+
+msgid "Peer public key"
+msgstr "节点公钥"
+
+msgid "Pre-shared key"
+msgstr "预共享密钥"
+
+msgid "Packet Encoding"
+msgstr "数据包编码"
+
 msgid "Network interface to use"
 msgstr "使用的网络接口"
 
@@ -757,5 +775,8 @@ msgstr "重新应用"
 msgid "Apply"
 msgstr "应用"
 
+msgid "Default Packet Encoding"
+msgstr "默认数据包编码"
+
 msgid "Enable Netflix Mode"
 msgstr "启用 Netflix 分流模式"
index ef1dc5a..a14160e 100755 (executable)
@@ -365,8 +365,8 @@ start_udp() {
                ;;
        v2ray)
                gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_port
-               ln_start_bin $(first_type xray v2ray) v2ray run -config $udp_config_file
-               echolog "UDP TPROXY Relay:$($(first_type "xray" "v2ray") version | head -1) Started!"
+               ln_start_bin $(first_type v2ray xray) v2ray run -config $udp_config_file
+               echolog "UDP TPROXY Relay:$($(first_type "v2ray" "xray") version | head -1) Started!"
                ;;
        trojan) #client
                gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_local_port
@@ -415,9 +415,9 @@ start_shunt() {
        v2ray)
                local tmp_port=${tmp_local_port:-$tmp_shunt_local_port}
                gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port $tmp_port
-               ln_start_bin $(first_type xray v2ray) v2ray run -config $shunt_config_file
+               ln_start_bin $(first_type v2ray xray) v2ray run -config $shunt_config_file
                ln_start_bin $(first_type dns2socks) dns2socks 127.0.0.1:$tmp_port 8.8.8.8:53 127.0.0.1:$tmp_shunt_dns_port -q
-               echolog "shunt:$($(first_type xray v2ray) version | head -1) Started!"
+               echolog "shunt:$($(first_type v2ray xray) version | head -1) Started!"
                ;;
        trojan)
                gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port
@@ -491,9 +491,9 @@ start_local() {
        v2ray)
                if [ "$_local" == "2" ]; then
                        gen_config_file $LOCAL_SERVER $type 4 0 $local_port
-                       ln_start_bin $(first_type xray v2ray) v2ray run -config $local_config_file
+                       ln_start_bin $(first_type v2ray xray) v2ray run -config $local_config_file
                fi
-               echolog "Global_Socks5:$($(first_type "xray" "v2ray") version | head -1) Started!"
+               echolog "Global_Socks5:$($(first_type "v2ray" "xray") version | head -1) Started!"
                ;;
        trojan) #client
                gen_config_file $LOCAL_SERVER $type 4 $local_port
@@ -553,8 +553,8 @@ Start_Run() {
                ;;
        v2ray)
                gen_config_file $GLOBAL_SERVER $type 1 $tcp_port $socks_port
-               ln_start_bin $(first_type xray v2ray) v2ray run -config $tcp_config_file
-               echolog "Main node:$($(first_type xray v2ray) version | head -1) Started!"
+               ln_start_bin $(first_type v2ray xray) v2ray run -config $tcp_config_file
+               echolog "Main node:$($(first_type v2ray xray) version | head -1) Started!"
                ;;
        trojan)
                gen_config_file $GLOBAL_SERVER $type 1 $tcp_port
@@ -908,9 +908,10 @@ reset() {
                set shadowsocksr.@global[0].switch_time='667'
                set shadowsocksr.@global[0].switch_timeout='5'
                set shadowsocksr.@global[0].switch_try_count='3'
-               set shadowsocksr.@global[0].gfwlist_url='https://cdn.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt'
+               set shadowsocksr.@global[0].default_packet_encoding='xudp'
+               set shadowsocksr.@global[0].gfwlist_url='https://fastly.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt'
                set shadowsocksr.@global[0].chnroute_url='https://ispip.clang.cn/all_cn.txt'
-               set shadowsocksr.@global[0].nfip_url='https://cdn.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt'
+               set shadowsocksr.@global[0].nfip_url='https://fastly.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt'
                set shadowsocksr.@global[0].adblock_url='https://anti-ad.net/anti-ad-for-dnsmasq.conf'
                add shadowsocksr server_subscribe
                set shadowsocksr.@server_subscribe[0].proxy='0'
index 3ff99ae..736c05b 100755 (executable)
@@ -1,16 +1,19 @@
 #!/bin/sh
+
 uci -q batch <<-EOF >/dev/null
-delete ucitrack.@shadowsocksr[-1]
-add ucitrack shadowsocksr
-set ucitrack.@shadowsocksr[-1].init=shadowsocksr
-commit ucitrack
-delete firewall.shadowsocksr
-set firewall.shadowsocksr=include
-set firewall.shadowsocksr.type=script
-set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
-set firewall.shadowsocksr.reload=1
-commit firewall
+       delete ucitrack.@shadowsocksr[-1]
+       add ucitrack shadowsocksr
+       set ucitrack.@shadowsocksr[-1].init=shadowsocksr
+       commit ucitrack
+
+       delete firewall.shadowsocksr
+       set firewall.shadowsocksr=include
+       set firewall.shadowsocksr.type=script
+       set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
+       set firewall.shadowsocksr.reload=1
+       commit firewall
 EOF
+
 rm -rf /etc/config/shadowsocksr-opkg /etc/ssrplus/*opkg
 touch /etc/ssrplus/china_ssr.txt
 touch /etc/ssrplus/deny.list
@@ -23,15 +26,17 @@ touch /etc/ssrplus/gfw_list.conf
 touch /etc/ssrplus/oversea_list.conf
 touch /etc/ssrplus/ad.conf
 touch /etc/config/shadowsocksr
-if [ ! -s "/etc/config/shadowsocksr" ]; then
-/etc/init.d/shadowsocksr reset
-fi
-sed -i "s/option type 'vmess'"/"option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr
-sed -i "s/option type 'vless'"/"option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr
+[ -s "/etc/config/shadowsocksr" ] || /etc/init.d/shadowsocksr reset
+
+sed -i "s/option type 'vmess'/option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr
+sed -i "s/option type 'vless'/option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr
+sed -i "s/option encrypt_method_v2ray_ss/option encrypt_method_ss/g" /etc/config/shadowsocksr
+
 if [ -s "/etc/uwsgi/vassals/luci-webui.ini" ];then
        limit=$(cat /etc/uwsgi/vassals/luci-webui.ini  | grep -Eo "limit-as.*"|grep -Eo "[0-9]+")
        [ $limit -lt 5000 ] && sed -i '/limit-as/c\limit-as = 5000' /etc/uwsgi/vassals/luci-webui.ini && \
        /etc/init.d/uwsgi restart
 fi
+
 rm -rf /tmp/luci-modulecache /tmp/luci-indexcache
 exit 0
index e7f1a0c..45d6cbc 100755 (executable)
@@ -1,11 +1,16 @@
-local ucursor = require"luci.model.uci".cursor()
+#!/usr/bin/lua
+
+local ucursor = require "luci.model.uci".cursor()
 local json = require "luci.jsonc"
+
 local server_section = arg[1]
 local proto = arg[2]
 local local_port = arg[3] or "0"
 local socks_port = arg[4] or "0"
+
 local server = ucursor:get_all("shadowsocksr", server_section)
 local outbound_settings = nil
+
 function vmess_vless()
        outbound_settings = {
                vnext = {
@@ -21,22 +26,31 @@ function vmess_vless()
                                        }
                                }
                        }
-               }
+               },
+               packetEncoding = server.packet_encoding or nil
        }
 end
 function trojan_shadowsocks()
        outbound_settings = {
+               plugin = (server.v2ray_protocol == "shadowsocks") and server.plugin ~= "none" and server.plugin or nil,
+               pluginOpts = (server.v2ray_protocol == "shadowsocks") and server.plugin_opts or nil,
                servers = {
                        {
                                address = server.server,
                                port = tonumber(server.server_port),
                                password = server.password,
-                               method = (server.v2ray_protocol == "shadowsocks") and server.encrypt_method_v2ray_ss or nil,
-                               flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil,
-                               ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil
+                               method = (server.v2ray_protocol == "shadowsocks") and server.encrypt_method_ss or nil,
+                               uot = (server.v2ray_protocol == "shadowsocks") and server.uot or nil,
+                               ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil,
+                               flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil
                        }
                }
        }
+
+       if (not outbound_settings.plugin) and (not server.transport or server.transport == "tcp") and (not server.xtls) then
+               server.v2ray_protocol = server.v2ray_protocol .. "_sing"
+               outbound_settings = outbound_settings.servers[1]
+       end
 end
 function socks_http()
        outbound_settings = {
@@ -54,6 +68,17 @@ function socks_http()
                }
        }
 end
+function wireguard()
+       outbound_settings = {
+               address = server.server,
+               port = tonumber(server.server_port),
+               localAddresses = server.local_addresses,
+               privateKey = server.private_key,
+               peerPublicKey = server.peer_pubkey,
+               preSharedKey = server.preshared_key or nil,
+               mtu = tonumber(server.mtu) or 1500
+       }
+end
 local outbound = {}
 function outbound:new(o)
        o = o or {}
@@ -80,6 +105,9 @@ function outbound:handleIndex(index)
                end,
                http = function()
                        socks_http()
+               end,
+               wireguard = function()
+                       wireguard()
                end
        }
        if switch[index] then
@@ -185,7 +213,8 @@ local Xray = {
                mux = (server.mux == "1" and server.xtls ~= "1" and server.transport ~= "grpc") and {
                        -- mux
                        enabled = true,
-                       concurrency = tonumber(server.concurrency)
+                       concurrency = tonumber(server.concurrency),
+                       packetEncoding = (server.v2ray_protocol == "vmess" or server.v2ray_protocol == "vless") and server.packet_encoding or nil
                } or nil
        } or nil
 }
index 8e76f24..cc4c87a 100755 (executable)
@@ -9,6 +9,7 @@ require "nixio"
 require "luci.util"
 require "luci.sys"
 require "luci.jsonc"
+require "luci.model.ipkg"
 -- these global functions are accessed all the time by the event handler
 -- so caching them is worth the effort
 local tinsert = table.insert
@@ -25,18 +26,26 @@ local switch = ucic:get_first(name, 'server_subscribe', 'switch', '1')
 local subscribe_url = ucic:get_first(name, 'server_subscribe', 'subscribe_url', {})
 local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', '过期时间/剩余流量')
 local save_words = ucic:get_first(name, 'server_subscribe', 'save_words', '')
+local packet_encoding = luci.model.ipkg.installed("sagernet-core") and ucic:get_first(name, 'global', 'default_packet_encoding', 'xudp') or nil
 local v2_ss = luci.sys.exec('type -t -p ss-redir sslocal') ~= "" and "ss" or "v2ray"
 local v2_tj = luci.sys.exec('type -t -p trojan') ~= "" and "trojan" or "v2ray"
 local log = function(...)
        print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({...}, " "))
 end
 local encrypt_methods_ss = {
+       -- plain
+       "none",
+       "plain",
        -- aead
        "aes-128-gcm",
        "aes-192-gcm",
        "aes-256-gcm",
        "chacha20-ietf-poly1305",
-       "xchacha20-ietf-poly1305"
+       "xchacha20-ietf-poly1305",
+       -- aead 2022
+       "2022-blake3-aes-128-gcm",
+       "2022-blake3-aes-256-gcm",
+       "2022-blake3-chacha20-poly1305"
        --[[ stream
        "table",
        "rc4",
@@ -165,6 +174,7 @@ local function processData(szType, content)
                result.transport = info.net
                result.vmess_id = info.id
                result.alias = info.ps
+               result.packet_encoding = packet_encoding
                -- result.mux = 1
                -- result.concurrency = 8
                if info.net == 'ws' then
@@ -237,6 +247,8 @@ local function processData(szType, content)
                local password = userinfo:sub(userinfo:find(":") + 1, #userinfo)
                result.alias = UrlDecode(alias)
                result.type = v2_ss
+               result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
+               result.encrypt_method_ss = method
                result.password = password
                result.server = host[1]
                if host[2]:find("/%?") then
@@ -267,33 +279,27 @@ local function processData(szType, content)
                if not checkTabValue(encrypt_methods_ss)[method] then
                        -- 1202 年了还不支持 SS AEAD 的屑机场
                        result.server = nil
-               elseif v2_ss == "v2ray" then
-                       result.v2ray_protocol = "shadowsocks"
-                       result.encrypt_method_v2ray_ss = method
-               else
-                       result.encrypt_method_ss = method
                end
        elseif szType == "sip008" then
                result.type = v2_ss
+               result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
                result.server = content.server
                result.server_port = content.server_port
                result.password = content.password
+               result.encrypt_method_ss = content.method
                result.plugin = content.plugin
                result.plugin_opts = content.plugin_opts
                result.alias = content.remarks
                if not checkTabValue(encrypt_methods_ss)[content.method] then
                        result.server = nil
-               elseif v2_ss == "v2ray" then
-                       result.v2ray_protocol = "shadowsocks"
-                       result.encrypt_method_v2ray_ss = content.method
-               else
-                       result.encrypt_method_ss = content.method
                end
        elseif szType == "ssd" then
                result.type = v2_ss
+               result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
                result.server = content.server
                result.server_port = content.port
                result.password = content.password
+               result.encrypt_method_ss = content.method
                result.plugin_opts = content.plugin_options
                result.alias = "[" .. content.airport .. "] " .. content.remarks
                if content.plugin == "simple-obfs" then
@@ -303,11 +309,6 @@ local function processData(szType, content)
                end
                if not checkTabValue(encrypt_methods_ss)[content.encryption] then
                        result.server = nil
-               elseif v2_ss == "v2ray" then
-                       result.v2ray_protocol = "shadowsocks"
-                       result.encrypt_method_v2ray_ss = content.method
-               else
-                       result.encrypt_method_ss = content.method
                end
        elseif szType == "trojan" then
                local idx_sp = 0
@@ -370,6 +371,7 @@ local function processData(szType, content)
                        result.vmess_id = uuid
                        result.vless_encryption = params.encryption or "none"
                        result.transport = params.type and (params.type == 'http' and 'h2' or params.type) or "tcp"
+                       result.packet_encoding = packet_encoding
                        if not params.type or params.type == "tcp" then
                                if params.security == "xtls" then
                                        result.xtls = "1"