From e54ea869ba39b53ced114f650ea8e6a6a25d1397 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 31 May 2023 09:45:52 +0800 Subject: [PATCH] update 2023-05-31 09:45:52 --- .../luasrc/model/cbi/bypass/client-config.lua | 210 ++++++++++-------- luci-app-bypass/luasrc/view/bypass/ssrurl.htm | 27 ++- .../root/usr/share/bypass/gen_config | 115 +++++----- .../root/usr/share/bypass/subscribe | 28 +-- 4 files changed, 205 insertions(+), 175 deletions(-) diff --git a/luci-app-bypass/luasrc/model/cbi/bypass/client-config.lua b/luci-app-bypass/luasrc/model/cbi/bypass/client-config.lua index fb88038ca..228fb8c21 100644 --- a/luci-app-bypass/luasrc/model/cbi/bypass/client-config.lua +++ b/luci-app-bypass/luasrc/model/cbi/bypass/client-config.lua @@ -114,16 +114,6 @@ local securitys = { "chacha20-poly1305" } -local flows = { - -- xtls - "xtls-rprx-origin", - "xtls-rprx-origin-udp443", - "xtls-rprx-direct", - "xtls-rprx-direct-udp443", - "xtls-rprx-splice", - "xtls-rprx-splice-udp443" -} - local tls_flows = { -- tls "xtls-rprx-vision", @@ -166,6 +156,9 @@ end if is_finded("hysteria") then o:value("hysteria", translate("Hysteria")) end +if is_finded("tuic-client") then + o:value("tuic", translate("TUIC")) +end if is_finded("ipt2socks") then o:value("socks5", translate("Socks5")) end @@ -191,8 +184,7 @@ o:value("vless", translate("VLESS")) o:value("vmess", translate("VMess")) o:value("trojan", translate("Trojan")) o:value("shadowsocks", translate("Shadowsocks")) -if is_installed("sagernet-core") then - o:value("shadowsocksr", translate("ShadowsocksR")) +if is_finded("xray") then o:value("wireguard", translate("WireGuard")) end o:value("socks", translate("Socks")) @@ -208,6 +200,7 @@ o:depends("type", "v2ray") o:depends("type", "trojan") o:depends("type", "naiveproxy") o:depends("type", "hysteria") +o:depends("type", "tuic") o:depends("type", "socks5") o = s:option(Value, "server_port", translate("Server Port")) @@ -219,6 +212,7 @@ o:depends("type", "v2ray") o:depends("type", "trojan") o:depends("type", "naiveproxy") o:depends("type", "hysteria") +o:depends("type", "tuic") o:depends("type", "socks5") o = s:option(Flag, "auth_enable", translate("Enable Authentication")) @@ -242,11 +236,11 @@ o:depends("type", "ssr") o:depends("type", "ss") o:depends("type", "trojan") o:depends("type", "naiveproxy") +o:depends("type", "tuic") o:depends({type = "socks5", auth_enable = true}) o:depends({type = "v2ray", v2ray_protocol = "http", auth_enable = true}) o:depends({type = "v2ray", v2ray_protocol = "socks", socks_ver = "5", auth_enable = true}) o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"}) -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) o:depends({type = "v2ray", v2ray_protocol = "trojan"}) o = s:option(ListValue, "encrypt_method", translate("Encrypt Method")) @@ -255,7 +249,6 @@ for _, v in ipairs(encrypt_methods) do end o.rmempty = true o:depends("type", "ssr") -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) o = s:option(ListValue, "encrypt_method_ss", translate("Encrypt Method")) for _, v in ipairs(encrypt_methods_ss) do @@ -279,10 +272,10 @@ o.default = "1" -- Shadowsocks Plugin o = s:option(Value, "plugin", translate("Obfs")) o:value("none", translate("None")) -if is_finded("obfs-local") or is_installed("sagernet-core") then +if is_finded("obfs-local") then o:value("obfs-local", translate("obfs-local")) end -if is_finded("v2ray-plugin") or is_installed("sagernet-core") then +if is_finded("v2ray-plugin") then o:value("v2ray-plugin", translate("v2ray-plugin")) end if is_finded("xray-plugin") then @@ -290,16 +283,10 @@ if is_finded("xray-plugin") then end o.rmempty = true o:depends("type", "ss") -if is_installed("sagernet-core") then - o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"}) -end o = s:option(Value, "plugin_opts", translate("Plugin Opts")) o.rmempty = true o:depends("type", "ss") -if is_installed("sagernet-core") then - o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"}) -end o = s:option(ListValue, "protocol", translate("Protocol")) for _, v in ipairs(protocol) do @@ -307,11 +294,9 @@ for _, v in ipairs(protocol) do end o.rmempty = true o:depends("type", "ssr") -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) o = s:option(Value, "protocol_param", translate("Protocol param (optional)")) o:depends("type", "ssr") -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) o = s:option(ListValue, "obfs", translate("Obfs")) for _, v in ipairs(obfs) do @@ -319,11 +304,9 @@ for _, v in ipairs(obfs) do end o.rmempty = true o:depends("type", "ssr") -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) o = s:option(Value, "obfs_param", translate("Obfs param (optional)")) o:depends("type", "ssr") -o:depends({type = "v2ray", v2ray_protocol = "shadowsocksr"}) -- [[ Hysteria ]]-- o = s:option(ListValue, "hysteria_protocol", translate("Protocol")) @@ -360,6 +343,49 @@ o = s:option(Flag, "disable_mtu_discovery", translate("Disable Path MTU discover o:depends("type", "hysteria") o.rmempty = true +o = s:option(Flag, "lazy_start", translate("Lazy Start")) +o:depends("type", "hysteria") +o.rmempty = true +o.default = "0" + +-- [[ TUIC ]] +o = s:option(ListValue, "udp_relay_mode", translate("UDP relay mode")) +o:depends("type", "tuic") +o:value("native", translate("native")) +o:value("quic", translate("QUIC")) +o.default = "native" +o.rmempty = true + +o = s:option(ListValue, "congestion_controller", translate("Congestion control algorithm")) +o:depends("type", "tuic") +o:value("bbr", translate("BBR")) +o:value("cubic", translate("CUBIC")) +o:value("new_reno", translate("New Reno")) +o.default = "cubic" +o.rmempty = true + +o = s:option(Value, "heartbeat_interval", translate("Heartbeat interval")) +o:depends("type", "tuic") +o.datatype = "uinteger" +o.default = "10000" +o.rmempty = true + +o = s:option(Flag, "disable_sni", translate("Disable SNI")) +o:depends("type", "tuic") +o.default = 0 +o.rmempty = true + +o = s:option(Flag, "reduce_rtt", translate("Enable 0-RTT QUIC handshake")) +o:depends("type", "tuic") +o.default = 0 +o.rmempty = true + +o = s:option(Value, "max_udp_relay_packet_size", translate("Max UDP relay packet size")) +o:depends("type", "tuic") +o.datatype = "uinteger" +o.default = "1500" +o.rmempty = true + -- VmessId o = s:option(Value, "vmess_id", translate("Vmess/VLESS ID (UUID)")) o.rmempty = true @@ -437,21 +463,17 @@ o:depends("transport", "ws") o.rmempty = true if is_finded("v2ray") then - -- 启用WS前置数据 - o = s:option(Flag, "ws_ed_enable", translate("Enable early data")) - o:depends("transport", "ws") - -- WS前置数据 o = s:option(Value, "ws_ed", translate("Max Early Data")) o:depends("ws_ed_enable", true) o.datatype = "uinteger" - o.default = 2048 + o:value("2048") o.rmempty = true -- WS前置数据标头 o = s:option(Value, "ws_ed_header", translate("Early Data Header Name")) o:depends("ws_ed_enable", true) - o.default = "Sec-WebSocket-Protocol" + o:value("Sec-WebSocket-Protocol") o.rmempty = true end @@ -472,19 +494,16 @@ o = s:option(Value, "serviceName", translate("gRPC Service Name")) o:depends("transport", "grpc") o.rmempty = true -if is_finded("xray") or is_installed("sagernet-core") then +if is_finded("xray") then -- gPRC模式 o = s:option(ListValue, "grpc_mode", translate("gRPC Mode")) o:depends("transport", "grpc") o:value("gun", translate("Gun")) o:value("multi", translate("Multi")) - if is_installed("sagernet-core") then - o:value("raw", translate("Raw")) - end o.rmempty = true end -if is_finded("xray") or is_installed("sagernet-core") then +if is_finded("xray") then -- gRPC初始窗口 o = s:option(Value, "initial_windows_size", translate("Initial Windows Size")) o.datatype = "uinteger" @@ -604,6 +623,7 @@ o.rmempty = true -- [[ WireGuard 部分 ]]-- o = s:option(DynamicList, "local_addresses", translate("Local addresses")) +o.datatype = "cidr" o:depends({type = "v2ray", v2ray_protocol = "wireguard"}) o.rmempty = true @@ -625,66 +645,76 @@ o.rmempty = true o = s:option(Flag, "tls", translate("TLS")) o.rmempty = true o.default = "0" -o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "socks", socks_ver = "5", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false}) +o:depends({type = "v2ray", v2ray_protocol = "vless", reality = false}) +o:depends({type = "v2ray", v2ray_protocol = "vmess", reality = false}) +o:depends({type = "v2ray", v2ray_protocol = "trojan", reality = false}) +o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", reality = false}) +o:depends({type = "v2ray", v2ray_protocol = "socks", socks_ver = "5", reality = false}) +o:depends({type = "v2ray", v2ray_protocol = "http", reality = false}) o:depends("type", "trojan") --- XTLS -if is_finded("xray") then - o = s:option(Flag, "xtls", translate("XTLS")) - o.rmempty = true - o.default = "0" - o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", tls = false}) - o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "kcp", tls = false}) - o:depends({type = "v2ray", v2ray_protocol = "trojan", transport = "tcp", tls = false}) - o:depends({type = "v2ray", v2ray_protocol = "trojan", transport = "kcp", tls = false}) - - -- Flow - o = s:option(Value, "vless_flow", translate("Flow")) - for _, v in ipairs(flows) do - o:value(v, translate(v)) - end - o.rmempty = true - o.default = "xtls-rprx-splice" - o:depends("xtls", true) - - o = s:option(Value, "tls_flow", translate("Flow")) - for _, v in ipairs(tls_flows) do - o:value(v, translate(v)) - end - o.rmempty = true - o:depends({type = "v2ray", v2ray_protocol = "vless", tls = true}) -end - -- [[ TLS部分 ]] -- o = s:option(Flag, "tls_sessionTicket", translate("Session Ticket")) o:depends({type = "trojan", tls = true}) o.default = "0" if is_finded("xray") then + -- [[ REALITY ]] + o = s:option(Flag, "reality", translate("REALITY")) + o.rmempty = true + o.default = "0" + o:depends({type = "v2ray", v2ray_protocol = "vless", tls = false}) + + o = s:option(Value, "reality_publickey", translate("Public key")) + o.rmempty = true + o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true}) + + o = s:option(Value, "reality_shortid", translate("Short ID")) + o.rmempty = true + o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true}) + + o = s:option(Value, "reality_spiderx", translate("spiderX")) + o.rmempty = true + o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true}) + + -- [[ XTLS ]]-- + o = s:option(Value, "tls_flow", translate("Flow")) + for _, v in ipairs(tls_flows) do + o:value(v, translate(v)) + end + o.rmempty = true + o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", tls = true}) + o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", reality = true}) + -- [[ uTLS ]]-- - o = s:option(ListValue, "fingerprint", translate("Finger Print")) - o:value("disable", translate("disable")) - o:value("firefox", translate("firefox")) + o = s:option(Value, "fingerprint", translate("Finger Print")) + o:value("", translate("disable")) o:value("chrome", translate("chrome")) + o:value("firefox", translate("firefox")) o:value("safari", translate("safari")) + o:value("ios", translate("ios")) + o:value("android", translate("android")) + o:value("edge", translate("edge")) + o:value("360", translate("360")) + o:value("qq", translate("qq")) + o:value("random", translate("random")) o:value("randomized", translate("randomized")) o:depends({type = "v2ray", tls = true}) - o:depends({type = "v2ray", xtls = true}) - o.default = "disable" + o:depends({type = "v2ray", reality = true}) end o = s:option(Value, "tls_host", translate("TLS Host")) o.datatype = "hostname" o:depends("tls", true) -o:depends("xtls", true) +o:depends("reality", true) o:depends("type", "hysteria") o.rmempty = true +o = s:option(DynamicList, "tls_alpn", translate("TLS ALPN")) +o:depends("tls", true) +o:depends("type", "tuic") +o.rmempty = true + o = s:option(Value, "quic_tls_alpn", translate("QUIC TLS ALPN")) o:depends("type", "hysteria") o.rmempty = true @@ -693,19 +723,18 @@ o.rmempty = true o = s:option(Flag, "insecure", translate("allowInsecure")) o.rmempty = false o:depends("tls", true) -o:depends("xtls", true) o:depends("type", "hysteria") o.description = translate("If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.") -- [[ Mux ]]-- o = s:option(Flag, "mux", translate("Mux")) o.rmempty = false -o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "socks", xtls = false}) -o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false}) +o:depends({type = "v2ray", v2ray_protocol = "vless"}) +o:depends({type = "v2ray", v2ray_protocol = "vmess"}) +o:depends({type = "v2ray", v2ray_protocol = "trojan"}) +o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"}) +o:depends({type = "v2ray", v2ray_protocol = "socks"}) +o:depends({type = "v2ray", v2ray_protocol = "http"}) o = s:option(Value, "concurrency", translate("Concurrency")) o.datatype = "uinteger" @@ -718,12 +747,11 @@ o:depends("type", "naiveproxy") o = s:option(Flag, "certificate", translate("Self-signed Certificate")) o.rmempty = true o.default = "0" +o:depends("type", "tuic") o:depends({type = "hysteria", insecure = false}) o:depends({type = "trojan", tls = true, insecure = false}) o:depends({type = "v2ray", v2ray_protocol = "vmess", tls = true, insecure = false}) o:depends({type = "v2ray", v2ray_protocol = "vless", tls = true, insecure = false}) -o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = true, insecure = false}) -o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = true, insecure = false}) o.description = translate("If you have a self-signed certificate,please check the box") o = s:option(DummyValue, "upload", translate("Upload")) @@ -772,17 +800,7 @@ o.default = "0" o:depends("type", "ssr") o:depends("type", "ss") o:depends("type", "trojan") - -if is_installed("sagernet-core") then - o = s:option(ListValue, "packet_encoding", translate("Packet Encoding")) - o:value("none", translate("none")) - o:value("packet", translate("packet (v2ray-core v5+)")) - o:value("xudp", translate("xudp (Xray-core)")) - o.default = "xudp" - o.rmempty = true - o:depends({type = "v2ray", v2ray_protocol = "vless"}) - o:depends({type = "v2ray", v2ray_protocol = "vmess"}) -end +o:depends("type", "hysteria") o = s:option(Flag, "switch_enable", translate("Enable Auto Switch")) o.rmempty = false diff --git a/luci-app-bypass/luasrc/view/bypass/ssrurl.htm b/luci-app-bypass/luasrc/view/bypass/ssrurl.htm index 0f2c7e396..ef2f80c49 100644 --- a/luci-app-bypass/luasrc/view/bypass/ssrurl.htm +++ b/luci-app-bypass/luasrc/view/bypass/ssrurl.htm @@ -107,7 +107,7 @@ function import_ssr_url(btn, urlname, sid) { document.getElementsByName('cbid.bypass.' + sid + '.server')[0].value = url.hostname; document.getElementsByName('cbid.bypass.' + sid + '.server_port')[0].value = url.port || "80"; document.getElementsByName('cbid.bypass.' + sid + '.hysteria_protocol')[0].value = params.get("protocol") || "udp"; - document.getElementsByName('cbid.bypass.' + sid + '.auth_type')[0].value = params.get("auth") ? "1" : "0"; + document.getElementsByName('cbid.bypass.' + sid + '.auth_type')[0].value = params.get("auth") ? "2" : "0"; document.getElementsByName('cbid.bypass.' + sid + '.auth_type')[0].dispatchEvent(event); document.getElementsByName('cbid.bypass.' + sid + '.auth_payload')[0].value = params.get("auth") || ""; document.getElementsByName('cbid.bypass.' + sid + '.uplink_capacity')[0].value = params.get("upmbps") || ""; @@ -115,7 +115,7 @@ function import_ssr_url(btn, urlname, sid) { document.getElementsByName('cbid.bypass.' + sid + '.seed')[0].value = params.get("obfsParam") || ""; document.getElementsByName('cbid.bypass.' + sid + '.tls_host')[0].value = params.get("peer") || ""; document.getElementsByName('cbid.bypass.' + sid + '.quic_tls_alpn')[0].value = params.get("alpn") || ""; - document.getElementsByName('cbid.bypass.' + sid + '.insecure')[0].checked = (params.get("insecure") === "1"); + document.getElementsByName('cbid.bypass.' + sid + '.insecure')[0].checked = params.get("insecure") ? true : false; document.getElementsByName('cbid.bypass.' + sid + '.alias')[0].value = url.hash ? decodeURIComponent(url.hash.slice(1)) : ""; s.innerHTML = "<%:Import configuration information successfully.%>"; @@ -282,7 +282,7 @@ function import_ssr_url(btn, urlname, sid) { if (ssm.tls == "tls") { document.getElementsByName('cbid.bypass.' + sid + '.tls')[0].checked = true; document.getElementsByName('cbid.bypass.' + sid + '.tls')[0].dispatchEvent(event); - document.getElementsByName('cbid.bypass.' + sid + '.tls_host')[0].value = ssm.host; + document.getElementsByName('cbid.bypass.' + sid + '.tls_host')[0].value = ssm.sni || ssm.host; } document.getElementsByName('cbid.bypass.' + sid + '.mux')[0].checked = true; document.getElementsByName('cbid.bypass.' + sid + '.mux')[0].dispatchEvent(event); @@ -308,14 +308,19 @@ function import_ssr_url(btn, urlname, sid) { document.getElementsByName('cbid.bypass.' + sid + '.transport')[0].value = params.get("type") == "http" ? "h2" : params.get("type") || "tcp"; document.getElementsByName('cbid.bypass.' + sid + '.transport')[0].dispatchEvent(event); document.getElementsByName('cbid.bypass.' + sid + '.vless_encryption')[0].value = params.get("encryption") || "none"; - if ([ "tls", "xtls" ].includes(params.get("security"))) { + if ([ "tls", "reality" ].includes(params.get("security"))) { document.getElementsByName('cbid.bypass.' + sid + '.' + params.get("security"))[0].checked = true; document.getElementsByName('cbid.bypass.' + sid + '.' + params.get("security"))[0].dispatchEvent(event); - if (params.get("security") === "xtls") { - document.getElementsByName('cbid.bypass.' + sid + '.vless_flow')[0].value = params.get("flow") || "xtls-rprx-splice"; - document.getElementsByName('cbid.bypass.' + sid + '.vless_flow')[0].dispatchEvent(event); - } + + document.getElementsByName('cbid.bypass.' + sid + '.fingerprint')[0].value = params.get("fp") || ""; + document.getElementsByName('cbid.bypass.' + sid + '.tls_flow')[0].value = params.get("flow") || ""; document.getElementsByName('cbid.bypass.' + sid + '.tls_host')[0].value = params.get("sni") || ""; + + if (params.get("security") === "reality") { + document.getElementsByName('cbid.bypass.' + sid + '.reality_publickey')[0].value = params.get("pbk") ? decodeURIComponent(params.get("pbk")) : ""; + document.getElementsByName('cbid.bypass.' + sid + '.reality_shortid')[0].value = params.get("sid") || ""; + document.getElementsByName('cbid.bypass.' + sid + '.reality_spiderx')[0].value = params.get("spx") ? decodeURIComponent(params.get("spx")) : ""; + } } switch (params.get("type")) { case "ws": @@ -328,8 +333,10 @@ function import_ssr_url(btn, urlname, sid) { document.getElementsByName('cbid.bypass.' + sid + '.seed')[0].value = params.get("seed") || ""; break; case "http": - document.getElementsByName('cbid.bypass.' + sid + '.h2_host')[0].value = queryParam.host || serverPart[0]; - document.getElementsByName('cbid.bypass.' + sid + '.h2_path')[0].value = queryParam.path || "/"; + /* this is non-standard, bullshit */ + case "h2": + document.getElementsByName('cbid.bypass.' + sid + '.h2_host')[0].value = params.get("host") ? decodeURIComponent(params.get("host")) : ""; + document.getElementsByName('cbid.bypass.' + sid + '.h2_path')[0].value = params.get("path") ? decodeURIComponent(params.get("path")) : ""; break; case "quic": document.getElementsByName('cbid.bypass.' + sid + '.quic_guise')[0].value = params.get("headerType") || "none"; diff --git a/luci-app-bypass/root/usr/share/bypass/gen_config b/luci-app-bypass/root/usr/share/bypass/gen_config index c11ed9b88..7a421d1d8 100644 --- a/luci-app-bypass/root/usr/share/bypass/gen_config +++ b/luci-app-bypass/root/usr/share/bypass/gen_config @@ -12,8 +12,7 @@ local ip_addr = arg[5] local server = ucursor:get_all("bypass", server_section) local outbound_settings = nil -local tls_host = (server.tls_host) and server.tls_host or server.server - +local tls_host = (tls_host) and tls_host or server.server function vmess_vless() outbound_settings = { vnext = { @@ -25,49 +24,26 @@ function vmess_vless() id = server.vmess_id, security = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and server.security or nil, encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or nil, - flow = (server.xtls == '1') and (server.vless_flow or "xtls-rprx-splice") or (server.tls == '1') and server.tls_flow or nil + flow = ((server.tls == '1') or (server.reality == '1')) and server.tls_flow or nil } } } - }, - packetEncoding = server.packet_encoding or nil + } } end function trojan_shadowsocks() outbound_settings = { - plugin = ((server.v2ray_protocol == "shadowsocks") and server.plugin ~= "none" and server.plugin) or (server.v2ray_protocol == "shadowsocksr" and "shadowsocksr") or nil, - pluginOpts = (server.v2ray_protocol == "shadowsocks") and server.plugin_opts or nil, - pluginArgs = (server.v2ray_protocol == "shadowsocksr") and { - "--protocol=" .. server.protocol, - "--protocol-param=" .. (server.protocol_param or ""), - "--obfs=" .. server.obfs, - "--obfs-param=" .. (server.obfs_param or "") - } or nil, servers = { { address = ip_addr, port = tonumber(server.server_port), password = server.password, - method = ((server.v2ray_protocol == "shadowsocks") and server.encrypt_method_ss) or ((server.v2ray_protocol == "shadowsocksr") and server.encrypt_method) or nil, + method = ((server.v2ray_protocol == "shadowsocks") and server.encrypt_method_ss) or nil, uot = (server.v2ray_protocol == "shadowsocks") and (server.uot == '1') or nil, ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil, - flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow or "xtls-rprx-splice") or nil } } } - - if server.v2ray_protocol == "shadowsocksr" then - server.v2ray_protocol = "shadowsocks" - --[[ elseif (server.v2ray_protocol == "shadowsocks") and (server.mux ~= "1") and (not (outbound_settings.plugin or server.transport ~= "tcp" or server.tls or server.xtls)) then - server.v2ray_protocol = "shadowsocks_sing" - outbound_settings = outbound_settings.servers[1] - elseif (server.v2ray_protocol == "trojan") and (server.tls and server.mux ~= "1") and (not (server.transport ~= "tcp" or server.xtls)) then - server.v2ray_protocol = "trojan_sing" - outbound_settings = outbound_settings.servers[1] - outbound_settings.serverName = tls_host - outbound_settings.insecure = (server.insecure == "1") and true or false - ]] - end end function socks_http() outbound_settings = { @@ -88,13 +64,16 @@ function socks_http() end function wireguard() outbound_settings = { + secretKey = server.private_key, address = ip_addr, - port = tonumber(server.server_port), - localAddresses = server.local_addresses, - privateKey = server.private_key, - peerPublicKey = server.peer_pubkey, - preSharedKey = server.preshared_key or nil, - mtu = tonumber(server.mtu) or 1500 + peers = { + { + publicKey = server.peer_pubkey, + preSharedKey = server.preshared_key, + endpoint = server.server .. ":" .. server.server_port + } + }, + mtu = tonumber(server.mtu) } end local outbound = {} @@ -118,9 +97,6 @@ function outbound:handleIndex(index) shadowsocks = function() trojan_shadowsocks() end, - shadowsocksr = function() - trojan_shadowsocks() - end, socks = function() socks_http() end, @@ -164,21 +140,27 @@ local Xray = { protocol = server.v2ray_protocol, settings = outbound_settings, -- 底层传输配置 - streamSettings = (server.v2ray_protocol and server.v2ray_protocol:sub(-#"_sing") ~= "_sing") and { + streamSettings = { network = server.transport or "tcp", - security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or nil, - tlsSettings = (server.tls == '1' and (server.insecure == "1" or tls_host or server.fingerprint)) and { + security = (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil, + tlsSettings = (server.tls == '1') and { -- tls + alpn = server.tls_alpn, fingerprint = server.fingerprint, - allowInsecure = (server.insecure == "1") and true or nil, - serverName = tls_host - } or nil, - xtlsSettings = (server.xtls == '1' and (server.insecure == "1" or tls_host or server.fingerprint)) and { - -- xtls - fingerprint = server.fingerprint, - allowInsecure = (server.insecure == "1") and true or nil, + allowInsecure = (server.insecure == "1"), serverName = tls_host, - minVersion = "1.3" + certificates = server.certificate and { + usage = "verify", + certificateFile = server.certpath + } or nil + } or nil, + realitySettings = (server.reality == '1') and { + show = false, + publicKey = server.reality_publickey, + shortId = server.reality_shortid, + spiderX = server.reality_spiderx, + fingerprint = server.fingerprint, + serverName = tls_host } or nil, tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and { -- tcp @@ -228,19 +210,17 @@ local Xray = { grpcSettings = (server.transport == "grpc") and { -- grpc serviceName = server.serviceName or "", - mode = (server.grpc_mode ~= "gun") and server.grpc_mode or nil, multiMode = (server.grpc_mode == "multi") and true or false, idle_timeout = tonumber(server.idle_timeout) or nil, health_check_timeout = tonumber(server.health_check_timeout) or nil, permit_without_stream = (server.permit_without_stream == "1") and true or nil, initial_windows_size = tonumber(server.initial_windows_size) or nil } or nil - } or nil, - mux = (server.mux == "1" and server.xtls ~= "1" and server.transport ~= "grpc") and { + }, + mux = (server.mux == "1" and server.transport ~= "grpc") and { -- mux enabled = true, - concurrency = tonumber(server.concurrency), - packetEncoding = (server.v2ray_protocol == "vmess" or server.v2ray_protocol == "vless") and server.packet_encoding or nil + concurrency = tonumber(server.concurrency) } or nil } or nil } @@ -264,7 +244,7 @@ local trojan = { cipher = cipher, cipher_tls13 = cipher13, sni = tls_host, - alpn = {"h2", "http/1.1"}, + alpn = server.tls_alpn or {"h2", "http/1.1"}, curve = "", reuse_session = true, session_ticket = (server.tls_sessionTicket == "1") and true or false @@ -323,7 +303,29 @@ local hysteria = { ca = (server.certificate) and server.certpath or nil, recv_window_conn = tonumber(server.recv_window_conn), recv_window = tonumber(server.recv_window), - disable_mtu_discovery = (server.disable_mtu_discovery == "1") and true or false + disable_mtu_discovery = (server.disable_mtu_discovery == "1") and true or false, + fast_open = (server.fast_open == "1") and true or false, + lazy_start = (server.lazy_start == "1") and true or false +} +local tuic = { + relay = { + server = server.server, + port = tonumber(server.server_port), + token = server.password, + + certificates = server.certificate and { server.certpath } or nil, + udp_relay_mode = server.udp_relay_mode, + congestion_controller = server.congestion_controller, + heartbeat_interval = tonumber(server.heartbeat_interval), + alpn = server.tls_alpn, + disable_sni = (server.disable_sni == "1"), + reduce_rtt = (server.reduce_rtt == "1"), + max_udp_relay_packet_size = tonumber(server.max_udp_relay_packet_size) + }, + ["local"] = { + port = tonumber(local_port), + ip = "0.0.0.0" + } } local config = {} function config:new(o) @@ -361,6 +363,9 @@ function config:handleIndex(index) end, hysteria = function() print(json.stringify(hysteria, 1)) + end, + tuic = function() + print(json.stringify(tuic, 1)) end } if switch[index] then diff --git a/luci-app-bypass/root/usr/share/bypass/subscribe b/luci-app-bypass/root/usr/share/bypass/subscribe index 3d8825773..b5e0c8bd0 100755 --- a/luci-app-bypass/root/usr/share/bypass/subscribe +++ b/luci-app-bypass/root/usr/share/bypass/subscribe @@ -27,9 +27,7 @@ local switch = ucic:get_first(name, 'server_subscribe', 'switch', '1') local subscribe_url = ucic:get_first(name, 'server_subscribe', 'subscribe_url', {}) local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', '过期时间/剩余流量') local save_words = ucic:get_first(name, 'server_subscribe', 'save_words', '') -local packet_encoding = luci.model.ipkg.installed("sagernet-core") and ucic:get_first(name, 'global', 'default_packet_encoding', 'xudp') or nil local v2_ss = luci.sys.exec('type -t -p ss-redir sslocal') ~= "" and "ss" or "v2ray" -local v2_ssr = luci.sys.exec('type -t -p ssr-redir') ~= "" and "ssr" or "v2ray" local v2_tj = luci.sys.exec('type -t -p trojan') ~= "" and "trojan" or "v2ray" local log = function(...) print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({...}, " ")) @@ -149,8 +147,7 @@ local function processData(szType, content) if szType == 'ssr' then local dat = split(content, "/%?") local hostInfo = split(dat[1], ':') - result.type = v2_ssr - result.v2ray_protocol = (v2_ssr == "v2ray") and "shadowsocksr" or nil + result.type = 'ssr' result.server = hostInfo[1] result.server_port = hostInfo[2] result.protocol = hostInfo[3] @@ -178,7 +175,6 @@ local function processData(szType, content) result.transport = info.net result.vmess_id = info.id result.alias = info.ps - result.packet_encoding = packet_encoding -- result.mux = 1 -- result.concurrency = 8 if info.net == 'ws' then @@ -223,10 +219,10 @@ local function processData(szType, content) end if info.tls == "tls" or info.tls == "1" then result.tls = "1" - if info.host then - result.tls_host = info.host - elseif info.sni then + if info.sni and info.sni ~= "" then result.tls_host = info.sni + elseif info.host then + result.tls_host = info.host end result.insecure = 1 else @@ -361,15 +357,19 @@ local function processData(szType, content) result.vmess_id = url.user result.vless_encryption = params.encryption or "none" result.transport = params.type or "tcp" - result.packet_encoding = packet_encoding - result.tls = (params.security == "tls") and "1" or "0" + result.tls = (params.security == "tls" or params.security == "xtls") and "1" or "0" result.tls_host = params.sni - result.xtls = params.security == "xtls" and "1" or nil - result.vless_flow = params.flow + result.tls_flow = (params.security == "tls" or params.security == "reality") and params.flow or nil + result.fingerprint = params.fp + result.reality = (params.security == "reality") and "1" or "0" + result.reality_publickey = params.pbk and UrlDecode(params.pbk) or nil + result.reality_shortid = params.sid + result.reality_spiderx = params.spx and UrlDecode(params.spx) or nil if result.transport == "ws" then result.ws_host = (result.tls ~= "1") and (params.host and UrlDecode(params.host)) or nil result.ws_path = params.path and UrlDecode(params.path) or "/" - elseif result.transport == "http" then + -- make it compatible with bullshit, "h2" transport is non-existent at all + elseif result.transport == "http" or result.transport == "h2" then result.transport = "h2" result.h2_host = params.host and UrlDecode(params.host) or nil result.h2_path = params.path and UrlDecode(params.path) or nil @@ -525,7 +525,7 @@ local execute = function() -- log(result) if result then -- 中文做地址的 也没有人拿中文域名搞,就算中文域也有Puny Code SB 机场 - if not result.server or not result.server_port or result.alias == "NULL" or check_filer(result) or result.server:match("[^0-9a-zA-Z%-%.%s]") or cache[groupHash][result.hashkey] then + if not result.server or not result.server_port or result.alias == "NULL" or check_filer(result) or result.server:match("[^0-9a-zA-Z%-_%.%s]") or cache[groupHash][result.hashkey] then log('丢弃无效节点: ' .. result.type .. ' 节点, ' .. result.alias) else -- log('成功解析: ' .. result.type ..' 节点, ' .. result.alias)