From 8e944269f7d1c9c61fb7fc3be7aed6692488c0ed Mon Sep 17 00:00:00 2001 From: 233boy <31657650+233boy@users.noreply.github.com> Date: Sun, 8 Nov 2020 18:19:44 +0800 Subject: [PATCH] add VLESS_WebSocket_TLS --- config/client/vless_ws_tls.json | 150 ++++++++++++++++++ config/server/vless_ws.json | 113 +++++++++++++ install.sh | 150 +++++------------- src/caddy-config.sh | 2 +- src/download-caddy.sh | 18 +-- src/mtproto.sh | 9 ++ src/ss-info.sh | 4 +- src/transport.sh | 1 + src/uninstall.sh | 88 +++++------ src/v2ray-info.sh | 34 +++- src/vmess-config.sh | 8 +- v2ray.sh | 270 ++++++++++++-------------------- 12 files changed, 503 insertions(+), 344 deletions(-) create mode 100644 config/client/vless_ws_tls.json create mode 100644 config/server/vless_ws.json diff --git a/config/client/vless_ws_tls.json b/config/client/vless_ws_tls.json new file mode 100644 index 0000000..f9881c9 --- /dev/null +++ b/config/client/vless_ws_tls.json @@ -0,0 +1,150 @@ +{ + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "233blog.com", + "port": 2333, + "users": [ + { + "id": "e55c8d17-2cf3-b21a-bcf1-eeacb011ed79", + "encryption": "none", + "security": "auto" + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "security": "tls", + "tlsSettings": { + "serverName": "233blog.com" + }, + "wsSettings": { + "path": "/233blog", + "headers": { + "Host": "233blog.com" + } + } + }, + "mux": { + "enabled": true + } + }, + { + "protocol": "freedom", + "settings": {}, + "tag": "direct" + }, + { + "protocol": "blackhole", + "settings": {}, + "tag": "blocked" + }, + { + "protocol": "dns", + "tag": "dns-out" + } + ], + "inbounds": [ + { + "port": "1099", + "protocol": "dokodemo-door", + "settings": { + "network": "tcp,udp", + "timeout": 0, + "followRedirect": true + }, + "sniffing": { + "enabled": true, + "destOverride": ["http", "tls"] + } + }, + { + "port": 2133, + "tag": "dns-in", + "protocol": "dokodemo-door", + "settings": { + "address": "119.29.29.29", + "port": 53, + "timeout": 0, + "network": "tcp,udp" + } + }, + { + "port": 2333, + "protocol": "socks", + "settings": { + "auth": "noauth", + "udp": true + } + }, + { + "port": 6666, + "protocol": "http", + "settings": { + "auth": "noauth", + "udp": true + } + } + ], + "dns": { + "servers": [ + { + "address": "119.29.29.29", + "port": 53, + "domains": [ + "geosite:cn" + ], + "expectIPs": [ + "geoip:cn" + ] + }, + { + "address": "1.1.1.1", + "port": 53, + "domains": [ + "geosite:geolocation-!cn" + ] + }, + "8.8.8.8", + "localhost" + ] + }, + "routing": { + "domainStrategy": "IPOnDemand", + "rules": [ + { + "type": "field", + "inboundTag": [ + "dns-in" + ], + "outboundTag": "dns-out" + }, + { + "type": "field", + "ip": [ + "geoip:private" + ], + "outboundTag": "blocked" + }, + { + "type": "field", + "ip": [ + "geoip:cn" + ], + "outboundTag": "direct" + }, + { + "type": "field", + "domain": [ + "geosite:cn" + ], + "outboundTag": "direct" + } + ] + } +} \ No newline at end of file diff --git a/config/server/vless_ws.json b/config/server/vless_ws.json new file mode 100644 index 0000000..fdb9a24 --- /dev/null +++ b/config/server/vless_ws.json @@ -0,0 +1,113 @@ +{ + "log": { + "access": "/var/log/v2ray/access.log", + "error": "/var/log/v2ray/error.log", + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 2333, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "e55c8d17-2cf3-b21a-bcf1-eeacb011ed79", + "level": 1, + "alterId": 233 + } + ], + "decryption": "none" + }, + "listen": "127.0.0.1", + "streamSettings": { + "network": "ws" + }, + "sniffing": { + "enabled": true, + "destOverride": [ + "http", + "tls" + ] + } + } + //include_ss + //include_socks + //include_mtproto + //include_in_config + // + ], + "outbounds": [ + { + "protocol": "freedom", + "settings": { + "domainStrategy": "UseIP" + }, + "tag": "direct" + }, + { + "protocol": "blackhole", + "settings": {}, + "tag": "blocked" + }, + { + "protocol": "mtproto", + "settings": {}, + "tag": "tg-out" + } + //include_out_config + // + ], + "dns": { + "servers": [ + "https+local://cloudflare-dns.com/dns-query", + "1.1.1.1", + "1.0.0.1", + "8.8.8.8", + "8.8.4.4", + "localhost" + ] + }, + "routing": { + "domainStrategy": "IPOnDemand", + "rules": [ + { + "type": "field", + "ip": [ + "0.0.0.0/8", + "10.0.0.0/8", + "100.64.0.0/10", + "127.0.0.0/8", + "169.254.0.0/16", + "172.16.0.0/12", + "192.0.0.0/24", + "192.0.2.0/24", + "192.168.0.0/16", + "198.18.0.0/15", + "198.51.100.0/24", + "203.0.113.0/24", + "::1/128", + "fc00::/7", + "fe80::/10" + ], + "outboundTag": "blocked" + }, + { + "type": "field", + "inboundTag": ["tg-in"], + "outboundTag": "tg-out" + } + //include_ban_xx + //include_ban_bt + //include_ban_ad + //include_rules + // + ] + }, + "transport": { + "kcpSettings": { + "uplinkCapacity": 100, + "downlinkCapacity": 100, + "congestion": true + } + } +} \ No newline at end of file diff --git a/install.sh b/install.sh index cb5655b..969af25 100644 --- a/install.sh +++ b/install.sh @@ -110,6 +110,7 @@ transport=( QUIC_wechat-video_dynamicPort QUIC_dtls_dynamicPort QUIC_wireguard_dynamicPort + VLESS_WebSocket_TLS ) ciphers=( @@ -175,7 +176,7 @@ v2ray_config() { read -p "$(echo -e "(默认协议: ${cyan}TCP$none)"):" v2ray_transport [ -z "$v2ray_transport" ] && v2ray_transport=1 case $v2ray_transport in - [1-9] | [1-2][0-9] | 3[0-2]) + [1-9] | [1-2][0-9] | 3[0-3]) echo echo echo -e "$yellow V2Ray 传输协议 = $cyan${transport[$v2ray_transport - 1]}$none" @@ -192,7 +193,7 @@ v2ray_config() { } v2ray_port_config() { case $v2ray_transport in - 4 | 5) + 4 | 5 | 33) tls_config ;; *) @@ -215,7 +216,7 @@ v2ray_port_config() { ;; esac done - if [[ $v2ray_transport -ge 18 ]]; then + if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then v2ray_dynamic_port_start fi ;; @@ -331,7 +332,7 @@ tls_config() { while :; do echo - echo -e "请输入一个 $magenta正确的域名$none,一定一定一定要正确,不!能!出!错!" + echo -e "请输入一个 ${magenta}正确的域名${none},一定一定一定要正确,不!能!出!错!" read -p "(例如:233blog.com): " domain [ -z "$domain" ] && error && continue echo @@ -343,11 +344,11 @@ tls_config() { get_ip echo echo - echo -e "$yellow 请将 $magenta$domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$domain$none $yellow 解析到: $cyan$ip$none" echo "----------------------------------------------------------------" echo @@ -372,7 +373,7 @@ tls_config() { done - if [[ $v2ray_transport -ne 5 ]]; then + if [[ $v2ray_transport -eq 4 ]]; then auto_tls_config else caddy=true @@ -442,7 +443,7 @@ path_config_ask() { N | n) echo echo - echo -e "$yellow 网站伪装 和 路径分流 = $cyan不想配置$none" + echo -e "$yellow 网站伪装 和 路径分流 = $cyan 不想配置 $none" echo "----------------------------------------------------------------" echo break @@ -456,7 +457,7 @@ path_config_ask() { path_config() { echo while :; do - echo -e "请输入想要 ${magenta}用来分流的路径$none , 例如 /233blog , 那么只需要输入 233blog 即可" + echo -e "请输入想要 ${magenta} 用来分流的路径 $none , 例如 /233blog , 那么只需要输入 233blog 即可" read -p "$(echo -e "(默认: [${cyan}233blog$none]):")" path [[ -z $path ]] && path="233blog" @@ -483,7 +484,7 @@ path_config() { proxy_site_config() { echo while :; do - echo -e "请输入 ${magenta}一个正确的$none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" + echo -e "请输入 ${magenta}一个正确的 $none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" echo -e "举例...你当前的域名是 $green$domain$none , 伪装的网址的是 https://liyafly.com" echo -e "然后打开你的域名时候...显示出来的内容就是来自 https://liyafly.com 的内容" echo -e "其实就是一个反代...明白就好..." @@ -532,7 +533,7 @@ blocked_hosts() { blocked_ad_info="关闭" echo echo - echo -e "$yellow 广告拦截 = $cyan关闭$none" + echo -e "$yellow 广告拦截 = $cyan 关闭 $none" echo "----------------------------------------------------------------" echo break @@ -683,7 +684,7 @@ install_info() { echo echo -e "$yellow V2Ray 传输协议 = $cyan${transport[$v2ray_transport - 1]}$none" - if [[ $v2ray_transport == [45] ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]]; then echo echo -e "$yellow V2Ray 端口 = $cyan$v2ray_port$none" echo @@ -701,7 +702,7 @@ install_info() { echo echo -e "$yellow 路径分流 = ${cyan}/${path}$none" fi - elif [[ $v2ray_transport -ge 18 ]]; then + elif [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then echo echo -e "$yellow V2Ray 端口 = $cyan$v2ray_port$none" echo @@ -826,74 +827,6 @@ install_v2ray() { _mkdir_dir } -open_port() { - if [[ $cmd == "apt-get" ]]; then - if [[ $1 != "multiport" ]]; then - - iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - iptables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - ip6tables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - ip6tables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - - # firewall-cmd --permanent --zone=public --add-port=$1/tcp - # firewall-cmd --permanent --zone=public --add-port=$1/udp - # firewall-cmd --reload - - else - - local multiport="${v2ray_dynamic_port_start_input}:${v2ray_dynamic_port_end_input}" - iptables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT - iptables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT - ip6tables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT - ip6tables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT - - # local multi_port="${v2ray_dynamic_port_start_input}-${v2ray_dynamic_port_end_input}" - # firewall-cmd --permanent --zone=public --add-port=$multi_port/tcp - # firewall-cmd --permanent --zone=public --add-port=$multi_port/udp - # firewall-cmd --reload - - fi - iptables-save >/etc/iptables.rules.v4 - ip6tables-save >/etc/iptables.rules.v6 - # else - # service iptables save >/dev/null 2>&1 - # service ip6tables save >/dev/null 2>&1 - fi -} -del_port() { - if [[ $cmd == "apt-get" ]]; then - if [[ $1 != "multiport" ]]; then - # if [[ $cmd == "apt-get" ]]; then - iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - iptables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - ip6tables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - ip6tables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - # else - # firewall-cmd --permanent --zone=public --remove-port=$1/tcp - # firewall-cmd --permanent --zone=public --remove-port=$1/udp - # fi - else - # if [[ $cmd == "apt-get" ]]; then - local ports="${v2ray_dynamicPort_start}:${v2ray_dynamicPort_end}" - iptables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT - iptables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT - ip6tables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT - ip6tables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT - # else - # local ports="${v2ray_dynamicPort_start}-${v2ray_dynamicPort_end}" - # firewall-cmd --permanent --zone=public --remove-port=$ports/tcp - # firewall-cmd --permanent --zone=public --remove-port=$ports/udp - # fi - fi - iptables-save >/etc/iptables.rules.v4 - ip6tables-save >/etc/iptables.rules.v6 - # else - # service iptables save >/dev/null 2>&1 - # service ip6tables save >/dev/null 2>&1 - fi - -} - config() { cp -f /etc/v2ray/233boy/v2ray/config/backup.conf $backup cp -f /etc/v2ray/233boy/v2ray/v2ray.sh $_v2ray_sh @@ -902,40 +835,29 @@ config() { v2ray_id=$uuid alterId=0 ban_bt=true - if [[ $v2ray_transport -ge 18 ]]; then + if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then v2ray_dynamicPort_start=${v2ray_dynamic_port_start_input} v2ray_dynamicPort_end=${v2ray_dynamic_port_end_input} fi _load config.sh - if [[ $cmd == "apt-get" ]]; then - cat >/etc/network/if-pre-up.d/iptables <<-EOF - #!/bin/sh - /sbin/iptables-restore < /etc/iptables.rules.v4 - /sbin/ip6tables-restore < /etc/iptables.rules.v6 - EOF - chmod +x /etc/network/if-pre-up.d/iptables - # else - # [ $(pgrep "firewall") ] && systemctl stop firewalld - # systemctl mask firewalld - # systemctl disable firewalld - # systemctl enable iptables - # systemctl enable ip6tables - # systemctl start iptables - # systemctl start ip6tables - fi - - [[ $shadowsocks ]] && open_port $ssport - if [[ $v2ray_transport == [45] ]]; then - open_port "80" - open_port "443" - open_port $v2ray_port - elif [[ $v2ray_transport -ge 18 ]]; then - open_port $v2ray_port - open_port "multiport" - else - open_port $v2ray_port - fi + # if [[ $cmd == "apt-get" ]]; then + # cat >/etc/network/if-pre-up.d/iptables <<-EOF + # #!/bin/sh + # /sbin/iptables-restore < /etc/iptables.rules.v4 + # /sbin/ip6tables-restore < /etc/iptables.rules.v6 + # EOF + # chmod +x /etc/network/if-pre-up.d/iptables + # # else + # # [ $(pgrep "firewall") ] && systemctl stop firewalld + # # systemctl mask firewalld + # # systemctl disable firewalld + # # systemctl enable iptables + # # systemctl enable ip6tables + # # systemctl start iptables + # # systemctl start ip6tables + # fi + # systemctl restart v2ray do_service restart v2ray backup_config @@ -944,13 +866,13 @@ config() { backup_config() { sed -i "18s/=1/=$v2ray_transport/; 21s/=2333/=$v2ray_port/; 24s/=$old_id/=$uuid/" $backup - if [[ $v2ray_transport -ge 18 ]]; then + if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then sed -i "30s/=10000/=$v2ray_dynamic_port_start_input/; 33s/=20000/=$v2ray_dynamic_port_end_input/" $backup fi if [[ $shadowsocks ]]; then sed -i "42s/=/=true/; 45s/=6666/=$ssport/; 48s/=233blog.com/=$sspass/; 51s/=chacha20-ietf/=$ssciphers/" $backup fi - [[ $v2ray_transport == [45] ]] && sed -i "36s/=233blog.com/=$domain/" $backup + [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && sed -i "36s/=233blog.com/=$domain/" $backup [[ $caddy ]] && sed -i "39s/=/=true/" $backup [[ $ban_ad ]] && sed -i "54s/=/=true/" $backup if [[ $is_path ]]; then @@ -979,7 +901,7 @@ error() { pause() { - read -rsp "$(echo -e "按$green Enter 回车键 $none继续....或按$red Ctrl + C $none取消.")" -d $'\n' + read -rsp "$(echo -e "按 $green Enter 回车键 $none 继续....或按 $red Ctrl + C $none 取消.")" -d $'\n' echo } do_service() { diff --git a/src/caddy-config.sh b/src/caddy-config.sh index b487bbb..b7ed92b 100644 --- a/src/caddy-config.sh +++ b/src/caddy-config.sh @@ -1,7 +1,7 @@ # local email=$(((RANDOM << 22))) # tls ${email}@gmail.com case $v2ray_transport in -4) +4|33) if [[ $is_path ]]; then cat >/etc/caddy/Caddyfile <<-EOF $domain { diff --git a/src/download-caddy.sh b/src/download-caddy.sh index 3dbd917..fe41a0d 100644 --- a/src/download-caddy.sh +++ b/src/download-caddy.sh @@ -24,7 +24,7 @@ _download_caddy_file() { fi } _install_caddy_service() { - setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/caddy + # setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/caddy if [[ $systemd ]]; then cp -f ${caddy_tmp}init/linux-systemd/caddy.service /lib/systemd/system/ @@ -35,7 +35,7 @@ _install_caddy_service() { if [[ ! $(grep "ReadWriteDirectories" /lib/systemd/system/caddy.service) ]]; then sed -i "/ReadWritePaths/a ReadWriteDirectories=/etc/ssl/caddy" /lib/systemd/system/caddy.service fi - # # sed -i "s/www-data/root/g" /lib/systemd/system/caddy.service + sed -i "s/www-data/root/g" /lib/systemd/system/caddy.service # sed -i "/on-abnormal/a RestartSec=3" /lib/systemd/system/caddy.service # sed -i "s/on-abnormal/always/" /lib/systemd/system/caddy.service @@ -67,23 +67,23 @@ _install_caddy_service() { systemctl enable caddy else cp -f ${caddy_tmp}init/linux-sysvinit/caddy /etc/init.d/caddy - # sed -i "s/www-data/root/g" /etc/init.d/caddy + sed -i "s/www-data/root/g" /etc/init.d/caddy chmod +x /etc/init.d/caddy update-rc.d -f caddy defaults fi - if [ -z "$(grep www-data /etc/passwd)" ]; then - useradd -M -s /usr/sbin/nologin www-data - fi + # if [ -z "$(grep www-data /etc/passwd)" ]; then + # useradd -M -s /usr/sbin/nologin www-data + # fi # chown -R www-data.www-data /etc/ssl/caddy # ref https://github.com/caddyserver/caddy/tree/master/dist/init/linux-systemd mkdir -p /etc/caddy - chown -R root:root /etc/caddy + # chown -R root:root /etc/caddy mkdir -p /etc/ssl/caddy - chown -R root:www-data /etc/ssl/caddy - chmod 0770 /etc/ssl/caddy + # chown -R root:www-data /etc/ssl/caddy + # chmod 0770 /etc/ssl/caddy ## create sites dir mkdir -p /etc/caddy/sites diff --git a/src/mtproto.sh b/src/mtproto.sh index a1f940f..0ce939f 100644 --- a/src/mtproto.sh +++ b/src/mtproto.sh @@ -1,3 +1,12 @@ +###---- +echo +echo -e "$red V2RAY Telegram MTProto 相关配置暂时不推荐使用 $none" +echo +echo -e "$green 推荐使用 https://github.com/cutelua/mtg-dist $none" +echo +exit +###---- + _view_mtproto_info() { if [[ $mtproto ]]; then _mtproto_info diff --git a/src/ss-info.sh b/src/ss-info.sh index 571091c..d3f6c17 100644 --- a/src/ss-info.sh +++ b/src/ss-info.sh @@ -14,9 +14,9 @@ if [[ $shadowsocks ]]; then echo echo -e "$yellow SS 链接 = ${cyan}$ss$none" echo - echo -e " 备注:$red Shadowsocks Win 4.0.6 $none客户端可能无法识别该 SS 链接" + echo -e " 备注: $red Shadowsocks Win 4.0.6 $none 客户端可能无法识别该 SS 链接" echo - echo -e "提示: 输入$cyan v2ray ssqr $none可生成 Shadowsocks 二维码链接" + echo -e "提示: 输入 $cyan v2ray ssqr $none 可生成 Shadowsocks 二维码链接" echo echo -e "${yellow}免被墙..推荐使用JMS: ${cyan}https://getjms.com${none}" echo diff --git a/src/transport.sh b/src/transport.sh index 20d4614..afc8d09 100644 --- a/src/transport.sh +++ b/src/transport.sh @@ -31,4 +31,5 @@ transport=( QUIC_wechat-video_dynamicPort QUIC_dtls_dynamicPort QUIC_wireguard_dynamicPort + VLESS_WebSocket_TLS ) diff --git a/src/uninstall.sh b/src/uninstall.sh index a2e881b..37fcef5 100644 --- a/src/uninstall.sh +++ b/src/uninstall.sh @@ -58,28 +58,28 @@ if [[ $is_uninstall_v2ray && $is_uninstall_caddy ]]; then pause echo - if [[ $shadowsocks ]]; then - del_port $ssport - fi - if [[ $socks ]]; then - del_port $socks_port - fi - if [[ $mtproto ]]; then - del_port $mtproto_port - fi - - if [[ $v2ray_transport == [45] ]]; then - del_port "80" - del_port "443" - del_port $v2ray_port - elif [[ $v2ray_transport -ge 18 ]]; then - del_port $v2ray_port - del_port "multiport" - else - del_port $v2ray_port - fi - - [ $cmd == "apt-get" ] && rm -rf /etc/network/if-pre-up.d/iptables + # if [[ $shadowsocks ]]; then + # del_port $ssport + # fi + # if [[ $socks ]]; then + # del_port $socks_port + # fi + # if [[ $mtproto ]]; then + # del_port $mtproto_port + # fi + + # if [[ $v2ray_transport == [45] ]]; then + # del_port "80" + # del_port "443" + # del_port $v2ray_port + # elif [[ $v2ray_transport -ge 18 ]]; then + # del_port $v2ray_port + # del_port "multiport" + # else + # del_port $v2ray_port + # fi + + [[ -f /etc/network/if-pre-up.d/iptables ]] && rm -rf /etc/network/if-pre-up.d/iptables # [ $v2ray_pid ] && systemctl stop v2ray [ $v2ray_pid ] && do_service stop v2ray @@ -121,28 +121,28 @@ elif [[ $is_uninstall_v2ray ]]; then pause echo - if [[ $shadowsocks ]]; then - del_port $ssport - fi - if [[ $socks ]]; then - del_port $socks_port - fi - if [[ $mtproto ]]; then - del_port $mtproto_port - fi - - if [[ $v2ray_transport == [45] ]]; then - del_port "80" - del_port "443" - del_port $v2ray_port - elif [[ $v2ray_transport -ge 18 ]]; then - del_port $v2ray_port - del_port "multiport" - else - del_port $v2ray_port - fi - - [ $cmd == "apt-get" ] && rm -rf /etc/network/if-pre-up.d/iptables + # if [[ $shadowsocks ]]; then + # del_port $ssport + # fi + # if [[ $socks ]]; then + # del_port $socks_port + # fi + # if [[ $mtproto ]]; then + # del_port $mtproto_port + # fi + + # if [[ $v2ray_transport == [45] ]]; then + # del_port "80" + # del_port "443" + # del_port $v2ray_port + # elif [[ $v2ray_transport -ge 18 ]]; then + # del_port $v2ray_port + # del_port "multiport" + # else + # del_port $v2ray_port + # fi + + [[ -f /etc/network/if-pre-up.d/iptables ]] && rm -rf /etc/network/if-pre-up.d/iptables # [ $v2ray_pid ] && systemctl stop v2ray [ $v2ray_pid ] && do_service stop v2ray diff --git a/src/v2ray-info.sh b/src/v2ray-info.sh index 18f6c2a..3386fa8 100644 --- a/src/v2ray-info.sh +++ b/src/v2ray-info.sh @@ -15,7 +15,7 @@ _v2_args() { header="http" host="www.baidu.com" ;; - 3 | 4 | 20) + 3 | 4 | 20 | 33) net="ws" ;; 5) @@ -96,7 +96,35 @@ _v2_info() { echo echo -e "$yellow 路径 (path) = ${cyan}${_path}$none" echo - echo -e "$yellow TLS (Enable TLS) = ${cyan}打开$none" + echo -e "$yellow 底层传输安全 (TLS) = ${cyan}tls$none" + echo + if [[ $ban_ad ]]; then + echo " 备注: 广告拦截已开启.." + echo + fi + elif [[ $v2ray_transport == 33 ]]; then + echo + echo -e "$green ---提示..这是 VLESS 服务器配置--- $none" + echo + echo -e "$yellow 地址 (Address) = $cyan${domain}$none" + echo + echo -e "$yellow 端口 (Port) = ${cyan}443${none}" + echo + echo -e "$yellow 用户ID (User ID / UUID) = $cyan${v2ray_id}$none" + echo + echo -e "$yellow 流控 (Flow) = ${cyan}空${none}" + echo + echo -e "$yellow 加密 (Encryption) = ${cyan}none${none}" + echo + echo -e "$yellow 传输协议 (Network) = ${cyan}${net}$none" + echo + echo -e "$yellow 伪装类型 (header type) = ${cyan}${header}$none" + echo + echo -e "$yellow 伪装域名 (host) = ${cyan}${domain}$none" + echo + echo -e "$yellow 路径 (path) = ${cyan}${_path}$none" + echo + echo -e "$yellow 底层传输安全 (TLS) = ${cyan}tls$none" echo if [[ $ban_ad ]]; then echo " 备注: 广告拦截已开启.." @@ -131,7 +159,7 @@ _v2_info() { echo echo "V2Ray 客户端使用教程: https://233v2.com/post/4/" echo - echo -e "提示: 输入$cyan v2ray url $none可生成 vmess URL 链接 / 输入$cyan v2ray qr $none可生成二维码链接" + echo -e "提示: 输入 $cyan v2ray url $none 可生成 vmess URL 链接 / 输入 $cyan v2ray qr $none 可生成二维码链接" echo echo -e "${yellow}免被墙..推荐使用JMS: ${cyan}https://getjms.com${none}" echo diff --git a/src/vmess-config.sh b/src/vmess-config.sh index cb7e1f6..0654999 100644 --- a/src/vmess-config.sh +++ b/src/vmess-config.sh @@ -44,6 +44,10 @@ case $v2ray_transport in v2ray_server_config_file="/etc/v2ray/233boy/v2ray/config/server/dynamic/kcp.json" v2ray_client_config_file="/etc/v2ray/233boy/v2ray/config/client/kcp.json" ;; +33) + v2ray_server_config_file="/etc/v2ray/233boy/v2ray/config/server/vless_ws.json" + v2ray_client_config_file="/etc/v2ray/233boy/v2ray/config/client/vless_ws_tls.json" + ;; *) v2ray_server_config_file="/etc/v2ray/233boy/v2ray/config/server/dynamic/quic.json" v2ray_client_config_file="/etc/v2ray/233boy/v2ray/config/client/quic.json" @@ -58,7 +62,7 @@ cp -f $v2ray_client_config_file $v2ray_client_config sed -i "9s/2333/$v2ray_port/; 14s/$old_id/$v2ray_id/; 16s/233/$alterId/" $v2ray_server_config # change dynamic port -if [[ $v2ray_transport -ge 18 ]]; then +if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then local multi_port="${v2ray_dynamicPort_start}-${v2ray_dynamicPort_end}" sed -i "s/10000-20000/$multi_port/" $v2ray_server_config fi @@ -97,7 +101,7 @@ esac ## change client config file [[ -z $ip ]] && get_ip -if [[ $v2ray_transport == [45] ]]; then +if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]]; then sed -i "s/233blog.com/$domain/; 9s/2333/443/; 12s/$old_id/$v2ray_id/; 13s/233/$alterId/" $v2ray_client_config if [[ $is_path ]]; then sed -i "27s/233blog/$path/" $v2ray_client_config diff --git a/v2ray.sh b/v2ray.sh index c55ffa0..2ad0d8d 100644 --- a/v2ray.sh +++ b/v2ray.sh @@ -10,7 +10,7 @@ none='\e[0m' # Root [[ $(id -u) != 0 ]] && echo -e " 哎呀……请使用 ${red}root ${none}用户运行 ${yellow}~(^_^) ${none}" && exit 1 -_version="v3.37" +_version="v3.40" cmd="apt-get" @@ -69,7 +69,7 @@ fi if [[ $mark != "v3" ]]; then . /etc/v2ray/233boy/v2ray/tools/v3.sh fi -if [[ $v2ray_transport -ge 18 ]]; then +if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then dynamicPort=true port_range="${v2ray_dynamicPort_start}-${v2ray_dynamicPort_end}" fi @@ -103,7 +103,7 @@ if [ $v2ray_pid ]; then else v2ray_status="$red未在运行$none" fi -if [[ $v2ray_transport == [45] && $caddy ]] && [[ $caddy_pid ]]; then +if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy_pid && $caddy ]]; then caddy_run_status="$green正在运行$none" else caddy_run_status="$red未在运行$none" @@ -130,36 +130,36 @@ create_vmess_URL_config() { if [[ $v2ray_transport == [45] ]]; then cat >/etc/v2ray/vmess_qr.json <<-EOF - { - "v": "2", - "ps": "233v2.com_${domain}", - "add": "${domain}", - "port": "443", - "id": "${v2ray_id}", - "aid": "${alterId}", - "net": "${net}", - "type": "none", - "host": "${domain}", - "path": "$_path", - "tls": "tls" - } + { + "v": "2", + "ps": "233v2.com_${domain}", + "add": "${domain}", + "port": "443", + "id": "${v2ray_id}", + "aid": "${alterId}", + "net": "${net}", + "type": "none", + "host": "${domain}", + "path": "$_path", + "tls": "tls" + } EOF else [[ -z $ip ]] && get_ip cat >/etc/v2ray/vmess_qr.json <<-EOF - { - "v": "2", - "ps": "233v2.com_${ip}", - "add": "${ip}", - "port": "${v2ray_port}", - "id": "${v2ray_id}", - "aid": "${alterId}", - "net": "${net}", - "type": "${header}", - "host": "${host}", - "path": "", - "tls": "" - } + { + "v": "2", + "ps": "233v2.com_${ip}", + "add": "${ip}", + "port": "${v2ray_port}", + "id": "${v2ray_id}", + "aid": "${alterId}", + "net": "${net}", + "type": "${header}", + "host": "${host}", + "path": "", + "tls": "" + } EOF fi } @@ -301,7 +301,6 @@ shadowsocks_config() { shadowsocks_password_config shadowsocks_ciphers_config pause - open_port $new_ssport backup_config +ss ssport=$new_ssport sspass=$new_sspass @@ -337,7 +336,7 @@ shadowsocks_port_config() { error ;; [1-9] | [1-9][0-9] | [1-9][0-9][0-9] | [1-9][0-9][0-9][0-9] | [1-5][0-9][0-9][0-9][0-9] | 6[0-4][0-9][0-9][0-9] | 65[0-4][0-9][0-9] | 655[0-3][0-5]) - if [[ $v2ray_transport == [45] ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]]; then local tls=ture fi if [[ $tls && $new_ssport == "80" ]] || [[ $tls && $new_ssport == "443" ]]; then @@ -455,7 +454,7 @@ change_shadowsocks_port() { error ;; [1-9] | [1-9][0-9] | [1-9][0-9][0-9] | [1-9][0-9][0-9][0-9] | [1-5][0-9][0-9][0-9][0-9] | 6[0-4][0-9][0-9][0-9] | 65[0-4][0-9][0-9] | 655[0-3][0-5]) - if [[ $v2ray_transport == [45] ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]]; then local tls=ture fi if [[ $tls && $new_ssport == "80" ]] || [[ $tls && $new_ssport == "443" ]]; then @@ -488,8 +487,6 @@ change_shadowsocks_port() { echo pause backup_config ssport - del_port $ssport - open_port $new_ssport ssport=$new_ssport config clear @@ -601,7 +598,6 @@ disable_shadowsocks() { echo pause backup_config -ss - del_port $ssport shadowsocks='' config # clear @@ -757,8 +753,6 @@ change_v2ray_port() { echo pause backup_config v2ray_port - del_port $v2ray_port - open_port $v2ray_port_opt v2ray_port=$v2ray_port_opt config clear @@ -838,7 +832,7 @@ change_v2ray_transport() { echo " 哎呀...跟当前传输协议一毛一样呀...修改个鸡鸡哦" error ;; - 4 | 5) + 4 | 5 | 33) if [[ $v2ray_port == "80" || $v2ray_port == "443" ]]; then echo echo -e " 抱歉...如果你想要使用${cyan} ${transport[$v2ray_transport_opt - 1]} $none传输协议.. ${red}V2Ray 端口不能为 80 或者 443 ...$none" @@ -872,7 +866,7 @@ change_v2ray_transport() { break fi ;; - [1-9] | [1-2][0-9] | 3[0-2]) + [1-9] | [1-2][0-9] | 3[0-3]) echo echo echo -e "$yellow V2Ray 传输协议 = $cyan${transport[$v2ray_transport_opt - 1]}$none" @@ -889,14 +883,13 @@ change_v2ray_transport() { done pause - if [[ $v2ray_transport_opt == [45] ]]; then + if [[ $v2ray_transport_opt == [45] || $v2ray_transport_opt == 33 ]]; then tls_config - elif [[ $v2ray_transport_opt -ge 18 ]]; then + elif [[ $v2ray_transport_opt -ge 18 && $v2ray_transport_opt -ne 33 ]]; then v2ray_dynamic_port_start v2ray_dynamic_port_end pause old_transport - open_port "multiport" backup_config v2ray_transport v2ray_dynamicPort_start v2ray_dynamicPort_end port_range="${v2ray_dynamic_port_start_input}-${v2ray_dynamic_port_end_input}" v2ray_transport=$v2ray_transport_opt @@ -916,9 +909,7 @@ change_v2ray_transport() { } old_transport() { - if [[ $v2ray_transport == [45] ]]; then - del_port "80" - del_port "443" + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]]; then if [[ $caddy && $caddy_pid ]]; then do_service stop caddy if [[ $systemd ]]; then @@ -936,8 +927,6 @@ old_transport() { if [[ $is_path ]]; then backup_config -path fi - elif [[ $v2ray_transport -ge 18 ]]; then - del_port "multiport" fi } @@ -946,7 +935,7 @@ tls_config() { echo echo echo - echo -e "请输入一个 $magenta正确的域名$none,一定一定一定要正确,不!能!出!错!" + echo -e "请输入一个 ${magenta}正确的域名${none},一定一定一定要正确,不!能!出!错!" read -p "(例如:233blog.com): " new_domain [ -z "$new_domain" ] && error && continue echo @@ -958,11 +947,11 @@ tls_config() { get_ip echo echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo "----------------------------------------------------------------" echo @@ -999,13 +988,8 @@ tls_config() { is_path=true fi - if [[ $v2ray_transport -ge 18 ]]; then - del_port "multiport" - fi domain=$new_domain - open_port "80" - open_port "443" if [[ $systemd ]]; then systemctl enable caddy >/dev/null 2>&1 else @@ -1018,7 +1002,7 @@ tls_config() { view_v2ray_config_info # download_v2ray_config_ask else - if [[ $v2ray_transport_opt == 5 ]]; then + if [[ $v2ray_transport_opt -ne 4 ]]; then path_config_ask pause domain_check @@ -1029,13 +1013,8 @@ tls_config() { proxy_site=$new_proxy_site is_path=true fi - if [[ $v2ray_transport -ge 18 ]]; then - del_port "multiport" - fi domain=$new_domain install_caddy - open_port "80" - open_port "443" v2ray_transport=$v2ray_transport_opt caddy_config config @@ -1085,13 +1064,8 @@ auto_tls_config() { proxy_site=$new_proxy_site is_path=true fi - if [[ $v2ray_transport -ge 18 ]]; then - del_port "multiport" - fi domain=$new_domain install_caddy - open_port "80" - open_port "443" v2ray_transport=$v2ray_transport_opt caddy_config config @@ -1109,12 +1083,7 @@ auto_tls_config() { pause domain_check backup_config v2ray_transport domain - if [[ $v2ray_transport -ge 18 ]]; then - del_port "multiport" - fi domain=$new_domain - open_port "80" - open_port "443" v2ray_transport=$v2ray_transport_opt config clear @@ -1144,7 +1113,7 @@ path_config_ask() { N | n) echo echo - echo -e "$yellow 网站伪装 和 路径分流 = $cyan不想配置$none" + echo -e "$yellow 网站伪装 和 路径分流 = $cyan 不想配置 $none" echo "----------------------------------------------------------------" echo break @@ -1158,7 +1127,7 @@ path_config_ask() { path_config() { echo while :; do - echo -e "请输入想要 ${magenta}用来分流的路径$none , 例如 /233blog , 那么只需要输入 233blog 即可" + echo -e "请输入想要 ${magenta}用来分流的路径 $none , 例如 /233blog , 那么只需要输入 233blog 即可" read -p "$(echo -e "(默认: [${cyan}233blog$none]):")" new_path [[ -z $new_path ]] && new_path="233blog" @@ -1184,7 +1153,7 @@ path_config() { proxy_site_config() { echo while :; do - echo -e "请输入 ${magenta}一个正确的$none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" + echo -e "请输入 ${magenta}一个正确的 $none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" echo -e "举例...假设你当前的域名是$green $domain $none, 伪装的网址的是 https://liyafly.com" echo -e "然后打开你的域名时候...显示出来的内容就是来自 https://liyafly.com 的内容" echo -e "其实就是一个反代...明白就好..." @@ -1340,12 +1309,10 @@ v2ray_dynamic_port_end() { } change_v2ray_dynamicport() { - if [[ $v2ray_transport -ge 18 ]]; then + if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then change_v2ray_dynamic_port_start change_v2ray_dynamic_port_end pause - del_port "multiport" - open_port "multiport" backup_config v2ray_dynamicPort_start v2ray_dynamicPort_end port_range="${v2ray_dynamic_port_start_input}-${v2ray_dynamic_port_end_input}" config @@ -1534,10 +1501,10 @@ change_v2ray_id() { done } change_domain() { - if [[ $v2ray_transport == [45] ]] && [[ $caddy ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then while :; do echo - echo -e "请输入一个 $magenta正确的域名$none,一定一定一定要正确,不!能!出!错!" + echo -e "请输入一个 ${magenta}正确的域名${none},一定一定一定要正确,不!能!出!错!" read -p "$(echo -e "(当前域名: ${cyan}$domain$none):") " new_domain [ -z "$new_domain" ] && error && continue if [[ $new_domain == $domain ]]; then @@ -1555,11 +1522,11 @@ change_domain() { get_ip echo echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo - echo -e "$yellow 请将 $magenta$new_domain$none $yellow解析到: $cyan$ip$none" + echo -e "$yellow 请将 $magenta$new_domain$none $yellow 解析到: $cyan$ip$none" echo "----------------------------------------------------------------" echo @@ -1609,7 +1576,7 @@ change_domain() { fi } change_path_config() { - if [[ $v2ray_transport == [45] ]] && [[ $caddy && $is_path ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy && $is_path ]]; then echo while :; do echo -e "请输入想要 ${magenta}用来分流的路径$none , 例如 /233blog , 那么只需要输入 233blog 即可" @@ -1647,7 +1614,7 @@ change_path_config() { clear view_v2ray_config_info # download_v2ray_config_ask - elif [[ $v2ray_transport == [45] ]] && [[ $caddy ]]; then + elif [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then path_config_ask if [[ $new_path ]]; then backup_config +path @@ -1685,10 +1652,10 @@ change_path_config() { } change_proxy_site_config() { - if [[ $v2ray_transport == [45] ]] && [[ $caddy && $is_path ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy && $is_path ]]; then echo while :; do - echo -e "请输入 ${magenta}一个正确的$none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" + echo -e "请输入 ${magenta}一个正确的 $none ${cyan}网址$none 用来作为 ${cyan}网站的伪装$none , 例如 https://liyafly.com" echo -e "举例...你当前的域名是$green $domain $none, 伪装的网址的是 https://liyafly.com" echo -e "然后打开你的域名时候...显示出来的内容就是来自 https://liyafly.com 的内容" echo -e "其实就是一个反代...明白就好..." @@ -1724,7 +1691,7 @@ change_proxy_site_config() { echo -e " 赶紧打开你的域名 ${cyan}https://${domain}$none 检查一下看看" echo echo - elif [[ $v2ray_transport == [45] ]] && [[ $caddy ]]; then + elif [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then path_config_ask if [[ $new_path ]]; then backup_config +path @@ -1780,7 +1747,7 @@ domain_check() { fi } disable_path() { - if [[ $v2ray_transport == [45] ]] && [[ $caddy && $is_path ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy && $is_path ]]; then echo while :; do @@ -2201,7 +2168,35 @@ create_v2ray_config_text() { echo echo "路径 (path) = ${_path}" echo - echo "TLS (Enable TLS) = 打开" + echo "底层传输安全 (TLS) = tls" + echo + if [[ $ban_ad ]]; then + echo " 备注: 广告拦截已开启.." + echo + fi + elif [[ $v2ray_transport == 33 ]]; then + echo + echo '---提示..这是 VLESS 服务器配置---' + echo + echo "地址 (Address) = ${domain}" + echo + echo "端口 (Port) = 443" + echo + echo "用户ID (User ID / UUID) = ${v2ray_id}" + echo + echo "流控 (Flow) = 空" + echo + echo "加密 (Encryption) = none" + echo + echo "传输协议 (Network) = ${net}" + echo + echo "伪装类型 (header type) = ${header}" + echo + echo "伪装域名 (host) = ${domain}" + echo + echo "路径 (path) = ${_path}" + echo + echo "底层传输安全 (TLS) = tls" echo if [[ $ban_ad ]]; then echo " 备注: 广告拦截已开启.." @@ -2223,10 +2218,10 @@ create_v2ray_config_text() { echo "伪装类型 (header type) = ${header}" echo fi - if [[ $v2ray_transport -ge 18 ]] && [[ $ban_ad ]]; then + if [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]] && [[ $ban_ad ]]; then echo "备注: 动态端口已启用...广告拦截已开启..." echo - elif [[ $v2ray_transport -ge 18 ]]; then + elif [[ $v2ray_transport -ge 18 && $v2ray_transport -ne 33 ]]; then echo "备注: 动态端口已启用..." echo elif [[ $ban_ad ]]; then @@ -2342,79 +2337,6 @@ uninstall_lotserver() { rm -rf /tmp/appex.sh } -open_port() { - if [[ $cmd == "apt-get" ]]; then - if [[ $1 != "multiport" ]]; then - # if [[ $cmd == "apt-get" ]]; then - iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - iptables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - ip6tables -I INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - ip6tables -I INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - - # iptables-save >/etc/iptables.rules.v4 - # ip6tables-save >/etc/iptables.rules.v6 - # else - # firewall-cmd --permanent --zone=public --add-port=$1/tcp - # firewall-cmd --permanent --zone=public --add-port=$1/udp - # firewall-cmd --reload - # fi - else - # if [[ $cmd == "apt-get" ]]; then - local multiport="${v2ray_dynamic_port_start_input}:${v2ray_dynamic_port_end_input}" - iptables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT - iptables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT - ip6tables -I INPUT -p tcp --match multiport --dports $multiport -j ACCEPT - ip6tables -I INPUT -p udp --match multiport --dports $multiport -j ACCEPT - - # iptables-save >/etc/iptables.rules.v4 - # ip6tables-save >/etc/iptables.rules.v6 - # else - # local multi_port="${v2ray_dynamic_port_start_input}-${v2ray_dynamic_port_end_input}" - # firewall-cmd --permanent --zone=public --add-port=$multi_port/tcp - # firewall-cmd --permanent --zone=public --add-port=$multi_port/udp - # firewall-cmd --reload - # fi - fi - iptables-save >/etc/iptables.rules.v4 - ip6tables-save >/etc/iptables.rules.v6 - # else - # service iptables save >/dev/null 2>&1 - # service ip6tables save >/dev/null 2>&1 - fi - -} -del_port() { - if [[ $cmd == "apt-get" ]]; then - if [[ $1 != "multiport" ]]; then - # if [[ $cmd == "apt-get" ]]; then - iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - iptables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - ip6tables -D INPUT -m state --state NEW -m tcp -p tcp --dport $1 -j ACCEPT - ip6tables -D INPUT -m state --state NEW -m udp -p udp --dport $1 -j ACCEPT - # else - # firewall-cmd --permanent --zone=public --remove-port=$1/tcp - # firewall-cmd --permanent --zone=public --remove-port=$1/udp - # fi - else - # if [[ $cmd == "apt-get" ]]; then - local ports="${v2ray_dynamicPort_start}:${v2ray_dynamicPort_end}" - iptables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT - iptables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT - ip6tables -D INPUT -p tcp --match multiport --dports $ports -j ACCEPT - ip6tables -D INPUT -p udp --match multiport --dports $ports -j ACCEPT - # else - # local ports="${v2ray_dynamicPort_start}-${v2ray_dynamicPort_end}" - # firewall-cmd --permanent --zone=public --remove-port=$ports/tcp - # firewall-cmd --permanent --zone=public --remove-port=$ports/udp - # fi - fi - iptables-save >/etc/iptables.rules.v4 - ip6tables-save >/etc/iptables.rules.v6 - # else - # service iptables save >/dev/null 2>&1 - # service ip6tables save >/dev/null 2>&1 - fi -} update() { while :; do echo @@ -2618,7 +2540,7 @@ error() { pause() { - read -rsp "$(echo -e "按$green Enter 回车键 $none继续....或按$red Ctrl + C $none取消.")" -d $'\n' + read -rsp "$(echo -e "按 $green Enter 回车键 $none 继续....或按 $red Ctrl + C $none 取消.")" -d $'\n' echo } do_service() { @@ -2819,7 +2741,7 @@ bt) ;; status) echo - if [[ $v2ray_transport == [45] && $caddy ]]; then + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then echo -e " V2Ray 状态: $v2ray_status / Caddy 状态: $caddy_run_status" else echo -e " V2Ray 状态: $v2ray_status" @@ -2833,12 +2755,16 @@ stop) stop_v2ray ;; restart) - [[ $v2ray_transport == [45] && $caddy ]] && do_service restart caddy + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then + do_service restart caddy + fi restart_v2ray ;; reload) config - [[ $v2ray_transport == [45] && $caddy ]] && caddy_config + if [[ $v2ray_transport == [45] || $v2ray_transport == 33 ]] && [[ $caddy ]]; then + caddy_config + fi clear view_v2ray_config_info ;; @@ -2849,6 +2775,12 @@ log) view_v2ray_log ;; url | URL) + if [[ $v2ray_transport == 33 ]]; then + echo + echo ' V2RAY VLESS 协议相关暂不支持生成 URL ....' + echo + exit + fi get_v2ray_vmess_URL_link ;; u | update)