diff --git a/brook/Makefile b/brook/Makefile index 4e2e15ab5..fbb5b287c 100644 --- a/brook/Makefile +++ b/brook/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=brook -PKG_VERSION:=20240214 +PKG_VERSION:=20240404 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/txthinking/brook/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=d3c77b8069b21cfdb14f3282eba26b7b4860cd741462e4d6b6929ad07fa55153 +PKG_HASH:=6eda9a348f9c3555a1c27711e81c0982ea9999bf2878e73cf2eaaee90e8cc2e7 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=GPL-3.0 diff --git a/daed-next/Makefile b/daed-next/Makefile index 702f8411c..b8fb0fc91 100644 --- a/daed-next/Makefile +++ b/daed-next/Makefile @@ -69,8 +69,8 @@ endef define Build/Prepare ( \ $(TAR) --strip-components=1 -C $(PKG_BUILD_DIR)/../ -xzf $(DL_DIR)/$(PKG_NAME)-$(PKG_VERSION).tar.gz ; \ - rm -rf $(PKG_BUILD_DIR) && git clone https://github.com/daeuniverse/dae-wing $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing ; \ - rm -rf $(PKG_BUILD_DIR)/dae-core && git clone https://github.com/daeuniverse/dae $(PKG_BUILD_DIR)/dae-core ; \ + rm -rf $(PKG_BUILD_DIR) && git clone https://github.com/daeuniverse/dae-wing $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing && cd $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing && git reset --hard 8b766fe61eb51c13808e73cecc6d686baeeb534b ; \ + rm -rf $(PKG_BUILD_DIR)/dae-core && git clone https://github.com/daeuniverse/dae $(PKG_BUILD_DIR)/dae-core && cd $(PKG_BUILD_DIR)/dae-core && git reset --hard e02d7b84738cb73149e93914e23ec3957f91fe42 ; \ rm -rf $(PKG_BUILD_DIR)/dae-core/control/kern/headers && git clone https://github.com/daeuniverse/dae_bpf_headers $(PKG_BUILD_DIR)/dae-core/control/kern/headers ; \ ) endef diff --git a/luci-app-amlogic/Makefile b/luci-app-amlogic/Makefile index 69f9db4df..7c308011a 100644 --- a/luci-app-amlogic/Makefile +++ b/luci-app-amlogic/Makefile @@ -16,7 +16,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-amlogic -PKG_VERSION:=3.1.220 +PKG_VERSION:=3.1.221 PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0 License diff --git a/luci-app-amlogic/root/usr/sbin/openwrt-kernel b/luci-app-amlogic/root/usr/sbin/openwrt-kernel index 0f792d59f..347e5d1e1 100755 --- a/luci-app-amlogic/root/usr/sbin/openwrt-kernel +++ b/luci-app-amlogic/root/usr/sbin/openwrt-kernel @@ -29,6 +29,14 @@ AUTO_MAINLINE_UBOOT="no" # Set the release check file release_file="/etc/flippy-openwrt-release" # +# Set font color +STEPS="[\033[95m STEPS \033[0m]" +INFO="[\033[94m INFO \033[0m]" +SUCCESS="[\033[92m SUCCESS \033[0m]" +FINISH="[\033[93m FINISH \033[0m]" +PROMPT="[\033[93m PROMPT \033[0m]" +ERROR="[\033[91m ERROR \033[0m]" +# #==================================================================================== # Encountered a serious error, abort the script execution @@ -113,7 +121,7 @@ init_var() { # Current device model MYDEVICE_NAME="$(cat /proc/device-tree/model | tr -d '\000')" [[ "${PLATFORM}" == "qemu-aarch64" ]] && MYDEVICE_NAME="KVM Virtual Machine" - echo -e "Current device: ${MYDEVICE_NAME} [ ${PLATFORM} ], Use in [ ${EMMC_NAME} ]" + echo -e "${INFO} Current device: ${MYDEVICE_NAME} [ ${PLATFORM} ], Use in [ ${EMMC_NAME} ]" sync && echo "" } @@ -344,20 +352,138 @@ update_uboot() { sync && echo "" } -echo -e "Start update the openwrt kernel." +# Rescue the kernel +sos_kernel() { + echo -e "${STEPS} Start rescuing kernel..." + + # Supports specifying disks, such as: [ openwrt-kernel -s mmcblk1 ] + box_disk="${2}" + + if [[ -n "${box_disk}" ]]; then + # Format the disk names + box_disk="${box_disk//\/dev\//}" + + # Check if the disk exists + [[ -b "/dev/${box_disk}" ]] || error_msg "The specified disk [ ${box_disk} ] does not exist." + + # Check if the disk is the same as the current system disk + [[ "${box_disk}" == "${EMMC_NAME}" ]] && error_msg "The specified disk [ ${box_disk} ] is the same as the current system disk [ ${EMMC_NAME} ]." + + echo -e "${INFO} The device name of the specified disk: [ ${box_disk} ]" + else + # Find emmc disk, first find emmc containing boot0 partition + box_disk="$(lsblk -l -o NAME | grep -oE '(mmcblk[0-9]?|nvme[0-9]?n[0-9]?|[hsv]d[a-z])' | grep -vE ^${EMMC_NAME} | sort -u | head -n 1)" + + # Check if disk exists + [[ -z "${box_disk}" ]] && error_msg "Unable to locate the storage requiring rescue." + + echo -e "${INFO} The device name of the target disk: [ ${box_disk} ]" + fi + + rescue_disk="/dev/${box_disk}" + echo -e "${INFO} The current OpenWrt is running on [ /dev/${EMMC_NAME} ], and the target disk for restoration is [ ${rescue_disk} ]." + + # Create a temporary mount directory + umount ${P4_PATH}/bootfs 2>/dev/null + umount ${P4_PATH}/rootfs 2>/dev/null + rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs 2>/dev/null + mkdir -p ${P4_PATH}/{bootfs/,rootfs/} && sync + [[ "${?}" -ne "0" ]] && error_msg "Failed to create temporary mount directory [ ${P4_PATH} ]" + + # Mount target bootfs partition + [[ "${box_disk}" =~ ^([hsv]d[a-z]) ]] && rescue_disk_partition_name="" || rescue_disk_partition_name="p" + mount ${rescue_disk}${rescue_disk_partition_name}1 ${P4_PATH}/bootfs + [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}1 failed!" + echo -e "${INFO} The [ ${rescue_disk}${rescue_disk_partition_name}1 ] partition is mounted on [ ${P4_PATH}/bootfs ]." + + # Search uuid file + if [[ -f "${P4_PATH}/bootfs/uEnv.txt" ]]; then + search_file="uEnv.txt" + elif [[ -f "${P4_PATH}/bootfs/armbianEnv.txt" ]]; then + search_file="armbianEnv.txt" + elif [[ -f "${P4_PATH}/bootfs/extlinux/extlinux.conf" ]]; then + search_file="extlinux/extlinux.conf" + else + error_msg "The [ uEnv.txt, armbianEnv.txt, extlinux/extlinux.conf ] file does not exist, stop rescuing." + fi + + # Get the target partition uuid and rootfs + target_parttion_uuid="$(grep '=UUID=' ${P4_PATH}/bootfs/${search_file} | sed -n 's/.*=UUID=\([a-f0-9-]*\).*/\1/p')" + [[ -z "${target_parttion_uuid}" ]] && error_msg "The [ ${search_file} ] file does not contain the UUID value." + target_rootfs="$(blkid | grep ${target_parttion_uuid} | awk -F':' '{print $1;}')" + [[ -z "${target_rootfs}" ]] && error_msg "The [ ${target_parttion_uuid} ] UUID does not exist in the system." + + # Mount target rootfs partition + mount ${target_rootfs} ${P4_PATH}/rootfs + [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}2 failed!" + echo -e "${INFO} The [ ${target_rootfs} ] partition is mounted on [ ${P4_PATH}/rootfs ]." + + # Identify the current kernel files + kernel_signature="$(uname -r)" + + # 01. For /boot files + [[ -d "${P4_PATH}/bootfs" ]] && { + cd ${P4_PATH}/bootfs + rm -rf config-* initrd.img-* System.map-* vmlinuz-* uInitrd* *Image dtb* u-boot.ext u-boot.emmc + [[ -f "/boot/u-boot.ext" ]] && { + cp -f /boot/u-boot.ext . + cp -f /boot/u-boot.ext u-boot.emmc + chmod +x u-boot.ext u-boot.emmc + } + cp -rf /boot/{*-${kernel_signature},uInitrd,*Image,dtb} . + [[ "${?}" -ne "0" ]] && error_msg "(1/2) [ boot ] kernel files rescue failed." + echo -e "${INFO} (1/2) [ boot ] kernel files rescue succeeded." + } || error_msg "(1/2) The [ ${P4_PATH}/bootfs ] folder does not exist, stop rescuing." + + # 02. For /lib/modules/${kernel_signature} + [[ -d "${P4_PATH}/rootfs/lib/modules" ]] && { + cd ${P4_PATH}/rootfs/lib/modules + rm -rf * + cp -rf /lib/modules/${kernel_signature} . + [[ "${?}" -ne "0" ]] && error_msg "(2/2) [ modules ] kernel files rescue failed." + echo -e "${INFO} (2/2) [ modules ] kernel files rescue succeeded." + } || error_msg "(2/2) The [ ${P4_PATH}/rootfs/lib/modules ] folder does not exist, stop rescuing." + + # Unmount the emmc partition + cd ${P4_PATH} + umount -f ${P4_PATH}/bootfs + [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/bootfs ]" + umount -f ${P4_PATH}/rootfs + [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/rootfs ]" + # Remove the temporary mount directory + rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs + + sync && echo "" +} + +echo -e "${STEPS} Welcome to the OpenWrt Kernel Management Tool." # Operation environment check [[ -x "/usr/sbin/openwrt-kernel" ]] || error_msg "Please grant execution permission: chmod +x /usr/sbin/openwrt-kernel" -# -# Initialize all variables -init_var "${@}" -# Check kernel files list -check_kernel -# Update the kernel -update_kernel -# Update the uboot -update_uboot -# -sync && sleep 3 -echo "Successfully updated, automatic restarting..." -reboot -exit 0 + +# Execute relevant functions based on the options +if [[ "${@}" =~ ^-s(\s)* ]]; then + # Initialize all variables + init_var "${@}" + # Start rescuing the kernel + sos_kernel "${@}" + + # Kernel restore successful + sync && sleep 3 + echo -e "${SUCCESS} Kernel rescue successful, please remove the disk and restart the OpenWrt system." + exit 0 +else + # Initialize all variables + init_var "${@}" + # Check kernel files list + check_kernel + # Update the kernel + update_kernel + # Update the uboot + update_uboot + + # Kernel update successful + sync && sleep 3 + echo "Successfully updated, automatic restarting..." + reboot + exit 0 +fi diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua index a90495ccc..93e164c6e 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua @@ -1,6 +1,7 @@ local api = require "luci.passwall.api" local appname = api.appname local has_xray = api.finded_com("xray") +local has_singbox = api.finded_com("sing-box") m = Map(appname) api.set_apply_on_parse(m) @@ -62,12 +63,12 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end o.default = 0 o:depends("auto_update", true) -if has_xray then +if has_xray or has_singbox then o = s:option(Value, "v2ray_location_asset", translate("Location of V2ray/Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are.")) o.default = "/usr/share/v2ray/" o.rmempty = false - s = m:section(TypedSection, "shunt_rules", "Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") + s = m:section(TypedSection, "shunt_rules", "Xray/Sing-Box " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") s.template = "cbi/tblsection" s.anonymous = false s.addremove = true diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh index ff6e02e57..2328554ff 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1610,6 +1610,11 @@ start() { check_depends $USE_TABLES + [ "$USE_TABLES" = "nftables" ] && { + dnsmasq_version=$(dnsmasq -v | grep -i "Dnsmasq version " | awk '{print $3}') + [ "$(expr $dnsmasq_version \>= 2.90)" == 0 ] && echolog "Dnsmasq版本低于2.90,建议升级至2.90及以上版本以避免部分情况下Dnsmasq崩溃问题!" + } + [ "$ENABLED_DEFAULT_ACL" == 1 ] && { start_redir TCP start_redir UDP diff --git a/luci-app-passwall/root/usr/share/passwall/nftables.sh b/luci-app-passwall/root/usr/share/passwall/nftables.sh index 2d8c6f988..125d4cb9a 100755 --- a/luci-app-passwall/root/usr/share/passwall/nftables.sh +++ b/luci-app-passwall/root/usr/share/passwall/nftables.sh @@ -747,9 +747,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN ipv4_addr "2d" 0 $(cat $RULES_PATH/chnroute | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_WHITELIST ipv4_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_BLOCKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLACKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_WHITELIST ipv4_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLOCKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") gen_nftset $NFTSET_SHUNTLIST ipv4_addr 0 0 gen_nftset $NFTSET_VPSLIST6 ipv6_addr 0 0 @@ -761,9 +761,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN6 ipv6_addr "2d" 0 $(cat $RULES_PATH/chnroute6 | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_WHITELIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLACKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_WHITELIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") gen_nftset $NFTSET_SHUNTLIST6 ipv6_addr 0 0 local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') @@ -792,7 +792,7 @@ add_firewall_rule() { [ -n "$ISP_DNS" ] && { #echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do - insert_nftset $NFTSET_WHITELIST "-1" $ispip + insert_nftset $NFTSET_WHITELIST 0 $ispip echolog " - [$?]追加ISP IPv4 DNS到白名单:${ispip}" done } @@ -800,7 +800,7 @@ add_firewall_rule() { [ -n "$ISP_DNS6" ] && { #echolog "处理 ISP IPv6 DNS 例外..." for ispip6 in $ISP_DNS6; do - insert_nftset $NFTSET_WHITELIST6 "-1" $ispip6 + insert_nftset $NFTSET_WHITELIST6 0 $ispip6 echolog " - [$?]追加ISP IPv6 DNS到白名单:${ispip6}" done } @@ -1059,7 +1059,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" fi [ "$PROXY_IPV6" == "1" ] && { @@ -1110,7 +1110,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && { [ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && { @@ -1253,11 +1253,11 @@ gen_include() { [ ! -z "\${WAN_IP}" ] && nft "replace rule inet fw4 PSW_MANGLE handle \$PR_INDEX ip daddr "\${WAN_IP}" counter return comment \"WAN_IP_RETURN\"" fi nft "add rule inet fw4 mangle_prerouting meta nfproto {ipv4} counter jump PSW_MANGLE" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" } \$(sh ${MY_PATH} insert_rule_before "inet fw4" "mangle_prerouting" "PSW_MANGLE" "counter jump PSW_DIVERT") - [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && { PR_INDEX=\$(sh ${MY_PATH} RULE_LAST_INDEX "inet fw4" PSW_MANGLE_V6 WAN6_IP_RETURN -1) diff --git a/sing-box/Makefile b/sing-box/Makefile index 9bf99d538..d2bae057c 100644 --- a/sing-box/Makefile +++ b/sing-box/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sing-box -PKG_VERSION:=1.8.7 +PKG_VERSION:=1.8.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=35db2a6953c04ea6301f242ba2d6c7ca7f6d52bae0b4927beca5255ee958b218 +PKG_HASH:=dfa64c1da309000998ff9c5fb35bac2795c9e88ce3c63ad47862ba6c3aeda74f PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=LICENSE