mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-02-14 19:41:51 +00:00
Fix firewall rules and use v2ray
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
81e5665c76
commit
f3917ea9b7
1 changed files with 20 additions and 111 deletions
|
|
@ -313,6 +313,7 @@ _get_vps_config() {
|
|||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set v2ray.omrout.s_vmess_address="$vpsip"
|
||||
set v2ray.omrout.s_vless_address="$vpsip"
|
||||
commit v2ray
|
||||
EOF
|
||||
if [ "$(uci -q get v2ray.main.enabled)" = "1" ]; then
|
||||
|
|
@ -715,151 +716,56 @@ _vps_firewall_redirect_port() {
|
|||
#uci -q delete firewall.$1
|
||||
#return
|
||||
fi
|
||||
[ "$proto" = "all" ] && proto="tcp udp"
|
||||
[ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && {
|
||||
if [ "$proto" = "tcp udp" ] || [ "$proto" = "all" ]; then
|
||||
for protoi in $proto; do
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "tcp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","protoi" : "'$protoi'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp")
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp")
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port udp to${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "udp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
fi
|
||||
else
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$proto'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
||||
else
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1095,9 +1001,12 @@ _set_config_from_vps() {
|
|||
uci -q batch <<-EOF >/dev/null
|
||||
set v2ray.omrout.s_vmess_user_id="$v2ray_key"
|
||||
set v2ray.omrout.s_vmess_port="$v2ray_port"
|
||||
set v2ray.omrout.s_vless_user_id="$v2ray_key"
|
||||
set v2ray.omrout.s_vless_port="$v2ray_port"
|
||||
EOF
|
||||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ]; then
|
||||
uci -q set v2ray.omrout.s_vmess_address="$vpsip"
|
||||
uci -q set v2ray.omrout.s_vless_address="$vpsip"
|
||||
fi
|
||||
uci -q commit v2ray
|
||||
logger -t "OMR-VPS" "V2ray restart..."
|
||||
|
|
|
|||
Loading…
Reference in a new issue