From f871b5b8ce1eceab92343c48b24ac04a4515ee14 Mon Sep 17 00:00:00 2001 From: zxl hhyccc <45259624+zxlhhyccc@users.noreply.github.com> Date: Tue, 22 Oct 2024 23:52:46 +0800 Subject: [PATCH 1/2] luci-app-ssr-plus: Fix link failure for latest Xray version. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1、修复Xray更新到2024.9.30版本后,无法连接服务器导致不能科学上网; 2、本次修改兼容1.8.24及以下版本,包括服务端节点为旧版本。 3、socks 的配置适配最新版本。 --- luci-app-ssr-plus/root/etc/init.d/shadowsocksr | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/luci-app-ssr-plus/root/etc/init.d/shadowsocksr index d62f5ab37c5..cd5ced12bb6 100755 --- a/luci-app-ssr-plus/root/etc/init.d/shadowsocksr +++ b/luci-app-ssr-plus/root/etc/init.d/shadowsocksr @@ -422,7 +422,7 @@ start_udp() { ;; v2ray) gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_port - ln_start_bin $(first_type xray v2ray) v2ray run -config $udp_config_file + ln_start_bin $(first_type xray v2ray) v2ray run -c $udp_config_file echolog "UDP TPROXY Relay:$($(first_type "xray" "v2ray") version | head -1) Started!" ;; trojan) #client @@ -531,7 +531,7 @@ start_shunt() { v2ray) local tmp_port=${tmp_local_port:-$tmp_shunt_local_port} gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port $tmp_port - ln_start_bin $(first_type xray v2ray) v2ray run -config $shunt_config_file + ln_start_bin $(first_type xray v2ray) v2ray run -c $shunt_config_file shunt_dns_command echolog "shunt:$($(first_type xray v2ray) version | head -1) Started!" ;; @@ -651,7 +651,7 @@ start_local() { v2ray) if [ "$_local" == "2" ]; then gen_config_file $LOCAL_SERVER $type 4 0 $local_port - ln_start_bin $(first_type xray v2ray) v2ray run -config $local_config_file + ln_start_bin $(first_type xray v2ray) v2ray run -c $local_config_file fi echolog "Global_Socks5:$($(first_type "xray" "v2ray") version | head -1) Started!" ;; @@ -745,8 +745,13 @@ Start_Run() { echolog "Main node:$(get_name $type) $threads Threads Started!" ;; v2ray) + local version=$($(first_type xray v2ray) version | head -1 | awk '{print $2}') + local xray_protocol=$(uci_get_by_name $GLOBAL_SERVER v2ray_protocol) gen_config_file $GLOBAL_SERVER $type 1 $tcp_port $socks_port - ln_start_bin $(first_type xray v2ray) v2ray run -config $tcp_config_file + ln_start_bin $(first_type xray v2ray) v2ray run -c $tcp_config_file + if [ "$xray_protocol" = "vless" ] && [ "$(echo -e "$version\n1.18.24" | sort -V)" ]; then + ARG_UDP="" + fi echolog "Main node:$($(first_type xray v2ray) version | head -1) Started!" ;; trojan) From 30a4abaca4710cf3ba24ca08e36224e9349336b0 Mon Sep 17 00:00:00 2001 From: zxl hhyccc <45259624+zxlhhyccc@users.noreply.github.com> Date: Tue, 22 Oct 2024 23:57:15 +0800 Subject: [PATCH 2/2] luci-app-ssr-plus: Fix link failure for latest Xray version. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1、修复Xray更新到2024.9.30版本后,无法连接服务器导致不能科学上网; 2、本次修改兼容1.8.24及以下版本,包括服务端节点为旧版本。 3、socks 的配置适配最新版本。 --- .../usr/share/shadowsocksr/gen_config.lua | 286 +++++++++--------- 1 file changed, 146 insertions(+), 140 deletions(-) diff --git a/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua b/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua index 8102cd3859d..10166a8ac13 100755 --- a/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua +++ b/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua @@ -125,40 +125,43 @@ local Xray = { loglevel = "warning" }, -- 传入连接 - inbound = (local_port ~= "0") and { - -- listening - port = tonumber(local_port), - protocol = "dokodemo-door", - settings = {network = proto, followRedirect = true}, - sniffing = { - enabled = true, - destOverride = {"http", "tls", "quic"}, - domainsExcluded = { - "courier.push.apple.com", - "rbsxbxp-mim.vivox.com", - "rbsxbxp.www.vivox.com", - "rbsxbxp-ws.vivox.com", - "rbspsxp.www.vivox.com", - "rbspsxp-mim.vivox.com", - "rbspsxp-ws.vivox.com", - "rbswxp.www.vivox.com", - "rbswxp-mim.vivox.com", - "disp-rbspsp-5-1.vivox.com", - "disp-rbsxbp-5-1.vivox.com", - "proxy.rbsxbp.vivox.com", - "proxy.rbspsp.vivox.com", - "proxy.rbswp.vivox.com", - "rbswp.vivox.com", - "rbsxbp.vivox.com", - "rbspsp.vivox.com", - "rbspsp.www.vivox.com", - "rbswp.www.vivox.com", - "rbsxbp.www.vivox.com", - "rbsxbxp.vivox.com", - "rbspsxp.vivox.com", - "rbswxp.vivox.com", - "Mijia Cloud", - "dlg.io.mi.com" + inbounds = (local_port ~= "0") and { + { + -- listening + port = tonumber(local_port), + protocol = "dokodemo-door", + settings = {network = proto, followRedirect = true}, + sniffing = { + enabled = true, + destOverride = {"http", "tls", "quic"}, + metadataOnly = false, + domainsExcluded = { + "courier.push.apple.com", + "rbsxbxp-mim.vivox.com", + "rbsxbxp.www.vivox.com", + "rbsxbxp-ws.vivox.com", + "rbspsxp.www.vivox.com", + "rbspsxp-mim.vivox.com", + "rbspsxp-ws.vivox.com", + "rbswxp.www.vivox.com", + "rbswxp-mim.vivox.com", + "disp-rbspsp-5-1.vivox.com", + "disp-rbsxbp-5-1.vivox.com", + "proxy.rbsxbp.vivox.com", + "proxy.rbspsp.vivox.com", + "proxy.rbswp.vivox.com", + "rbswp.vivox.com", + "rbsxbp.vivox.com", + "rbspsp.vivox.com", + "rbspsp.www.vivox.com", + "rbswp.www.vivox.com", + "rbsxbp.www.vivox.com", + "rbsxbxp.vivox.com", + "rbspsxp.vivox.com", + "rbswxp.vivox.com", + "Mijia Cloud", + "dlg.io.mi.com" + } } } } or nil, @@ -172,115 +175,118 @@ local Xray = { } } or nil, -- 传出连接 - outbound = { - protocol = server.v2ray_protocol, - settings = outbound_settings, - -- 底层传输配置 - streamSettings = (server.v2ray_protocol ~= "wireguard") and { - network = server.transport or "tcp", - security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil, - tlsSettings = (server.tls == '1') and (server.tls_host or server.fingerprint) and { - -- tls - alpn = server.tls_alpn, - fingerprint = server.fingerprint, - allowInsecure = (server.insecure == "1"), - serverName = server.tls_host, - certificates = server.certificate and { - usage = "verify", - certificateFile = server.certpath + outbounds = { + { + protocol = server.v2ray_protocol, + settings = outbound_settings, + -- 底层传输配置 + streamSettings = (server.v2ray_protocol ~= "wireguard") and { + network = server.transport or "tcp", + security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil, + tlsSettings = (server.tls == '1') and { + -- tls + alpn = server.tls_alpn, + fingerprint = server.fingerprint, + allowInsecure = (server.insecure == "1"), + serverName = server.tls_host, + certificates = server.certificate and { + usage = "verify", + certificateFile = server.certpath + } or nil, } or nil, - } or nil, - xtlsSettings = (server.xtls == '1') and server.tls_host and { - -- xtls - allowInsecure = (server.insecure == "1") and true or nil, - serverName = server.tls_host, - minVersion = "1.3" - } or nil, - realitySettings = (server.reality == '1') and { - publicKey = server.reality_publickey, - shortId = server.reality_shortid, - spiderX = server.reality_spiderx, - fingerprint = server.fingerprint, - serverName = server.tls_host - } or nil, - tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and { - -- tcp - header = { - type = server.tcp_guise, - request = { - -- request - path = {server.http_path} or {"/"}, - headers = {Host = {server.http_host} or {}} + xtlsSettings = (server.xtls == '1') and server.tls_host and { + -- xtls + allowInsecure = (server.insecure == "1") and true or nil, + serverName = server.tls_host, + minVersion = "1.3" + } or nil, + realitySettings = (server.reality == '1') and { + publicKey = server.reality_publickey, + shortId = server.reality_shortid, + spiderX = server.reality_spiderx, + fingerprint = server.fingerprint, + serverName = server.tls_host + } or nil, + tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and { + -- tcp + header = { + type = server.tcp_guise, + request = { + -- request + path = {server.http_path} or {"/"}, + headers = {Host = {server.http_host} or {}} + } } - } - } or nil, - kcpSettings = (server.transport == "kcp") and { - -- kcp - mtu = tonumber(server.mtu), - tti = tonumber(server.tti), - uplinkCapacity = tonumber(server.uplink_capacity), - downlinkCapacity = tonumber(server.downlink_capacity), - congestion = (server.congestion == "1") and true or false, - readBufferSize = tonumber(server.read_buffer_size), - writeBufferSize = tonumber(server.write_buffer_size), - header = {type = server.kcp_guise}, - seed = server.seed or nil - } or nil, - wsSettings = (server.transport == "ws") and (server.ws_path or server.ws_host or server.tls_host) and { - -- ws - headers = (server.ws_host or server.tls_host) and { - -- headers - Host = server.ws_host or server.tls_host } or nil, - path = server.ws_path, - maxEarlyData = tonumber(server.ws_ed) or nil, - earlyDataHeaderName = server.ws_ed_header or nil - } or nil, - httpupgradeSettings = (server.transport == "httpupgrade") and { - -- httpupgrade - host = (server.httpupgrade_host or server.tls_host) or nil, - path = server.httpupgrade_path or "" - } or nil, - splithttpSettings = (server.transport == "splithttp") and { - -- splithttp - host = (server.splithttp_host or server.tls_host) or nil, - path = server.splithttp_path or "" - } or nil, - httpSettings = (server.transport == "h2") and { - -- h2 - path = server.h2_path or "", - host = {server.h2_host} or nil, - read_idle_timeout = tonumber(server.read_idle_timeout) or nil, - health_check_timeout = tonumber(server.health_check_timeout) or nil - } or nil, - quicSettings = (server.transport == "quic") and { - -- quic - security = server.quic_security, - key = server.quic_key, - header = {type = server.quic_guise} + kcpSettings = (server.transport == "kcp") and { + -- kcp + mtu = tonumber(server.mtu), + tti = tonumber(server.tti), + uplinkCapacity = tonumber(server.uplink_capacity), + downlinkCapacity = tonumber(server.downlink_capacity), + congestion = (server.congestion == "1") and true or false, + readBufferSize = tonumber(server.read_buffer_size), + writeBufferSize = tonumber(server.write_buffer_size), + header = {type = server.kcp_guise}, + seed = server.seed or nil + } or nil, + wsSettings = (server.transport == "ws") and (server.ws_path or server.ws_host or server.tls_host) and { + -- ws + headers = (server.ws_host or server.tls_host) and { + -- headers + Host = server.ws_host or server.tls_host + } or nil, + path = server.ws_path, + maxEarlyData = tonumber(server.ws_ed) or nil, + earlyDataHeaderName = server.ws_ed_header or nil + } or nil, + httpupgradeSettings = (server.transport == "httpupgrade") and { + -- httpupgrade + host = (server.httpupgrade_host or server.tls_host) or nil, + path = server.httpupgrade_path or "" + } or nil, + splithttpSettings = (server.transport == "splithttp") and { + -- splithttp + host = (server.splithttp_host or server.tls_host) or nil, + path = server.splithttp_path or "/" + } or nil, + httpSettings = (server.transport == "h2") and { + -- h2 + path = server.h2_path or "", + host = {server.h2_host} or nil, + read_idle_timeout = tonumber(server.read_idle_timeout) or nil, + health_check_timeout = tonumber(server.health_check_timeout) or nil + } or nil, + quicSettings = (server.transport == "quic") and { + -- quic + security = server.quic_security, + key = server.quic_key, + header = {type = server.quic_guise} + } or nil, + grpcSettings = (server.transport == "grpc") and { + -- grpc + serviceName = server.serviceName or "", + multiMode = (server.grpc_mode == "multi") and true or false, + idle_timeout = tonumber(server.idle_timeout) or nil, + health_check_timeout = tonumber(server.health_check_timeout) or nil, + permit_without_stream = (server.permit_without_stream == "1") and true or nil, + initial_windows_size = tonumber(server.initial_windows_size) or nil + } or nil, + sockopt = { + mark = 255, + tcpMptcp = (server.mptcp == "1") and true or false, -- MPTCP + tcpNoDelay = (server.mptcp == "1") and true or false, -- MPTCP + tcpcongestion = server.custom_tcpcongestion -- 连接服务器节点的 TCP 拥塞控制算法 + } } or nil, - grpcSettings = (server.transport == "grpc") and { - -- grpc - serviceName = server.serviceName or "", - multiMode = (server.grpc_mode == "multi") and true or false, - idle_timeout = tonumber(server.idle_timeout) or nil, - health_check_timeout = tonumber(server.health_check_timeout) or nil, - permit_without_stream = (server.permit_without_stream == "1") and true or nil, - initial_windows_size = tonumber(server.initial_windows_size) or nil + mux = (server.v2ray_protocol ~= "wireguard") and { + -- mux + enabled = (server.mux == "1") and true or false, -- Mux + concurrency = tonumber(server.concurrency), -- TCP 最大并发连接数 + xudpConcurrency = tonumber(server.xudpConcurrency), -- UDP 最大并发连接数 + xudpProxyUDP443 = server.xudpProxyUDP443 -- 对被代理的 UDP/443 流量处理方式 } or nil, - sockopt = { - tcpMptcp = (server.mptcp == "1") and true or false, -- MPTCP - tcpNoDelay = (server.mptcp == "1") and true or false, -- MPTCP - tcpcongestion = server.custom_tcpcongestion -- 连接服务器节点的 TCP 拥塞控制算法 - } - } or nil, - mux = (server.v2ray_protocol ~= "wireguard") and { - -- mux - enabled = (server.mux == "1") and true or false, -- Mux - concurrency = tonumber(server.concurrency), -- TCP 最大并发连接数 - xudpConcurrency = tonumber(server.xudpConcurrency), -- UDP 最大并发连接数 - xudpProxyUDP443 = server.xudpProxyUDP443 -- 对被代理的 UDP/443 流量处理方式 - } or nil + } } } local cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA" @@ -351,7 +357,7 @@ local hysteria = { hopInterval = (server.port_range and (tonumber(server.hopinterval) .. "s") or nil) } or nil) } or nil, ---[[ +--[[ tcpTProxy = (proto:find("tcp") and local_port ~= "0") and { listen = "0.0.0.0:" .. tonumber(local_port) } or nil, @@ -488,7 +494,7 @@ local tuic = { }, ["local"] = { server = tonumber(socks_port) and "[::]:" .. (socks_port == "0" and local_port or tonumber(socks_port)), - dual_stack = (server.tuic_dual_stack == "1") and true or nil, + dual_stack = (server.tuic_dual_stack == "1") and true or nil, max_packet_size = tonumber(server.tuic_max_package_size) } }