mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-02-15 03:51:51 +00:00
Fix firewall rules and use v2ray
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
81e5665c76
commit
f3917ea9b7
1 changed files with 20 additions and 111 deletions
|
|
@ -313,6 +313,7 @@ _get_vps_config() {
|
||||||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
||||||
uci -q batch <<-EOF >/dev/null
|
uci -q batch <<-EOF >/dev/null
|
||||||
set v2ray.omrout.s_vmess_address="$vpsip"
|
set v2ray.omrout.s_vmess_address="$vpsip"
|
||||||
|
set v2ray.omrout.s_vless_address="$vpsip"
|
||||||
commit v2ray
|
commit v2ray
|
||||||
EOF
|
EOF
|
||||||
if [ "$(uci -q get v2ray.main.enabled)" = "1" ]; then
|
if [ "$(uci -q get v2ray.main.enabled)" = "1" ]; then
|
||||||
|
|
@ -715,151 +716,56 @@ _vps_firewall_redirect_port() {
|
||||||
#uci -q delete firewall.$1
|
#uci -q delete firewall.$1
|
||||||
#return
|
#return
|
||||||
fi
|
fi
|
||||||
|
[ "$proto" = "all" ] && proto="tcp udp"
|
||||||
[ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && {
|
[ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && {
|
||||||
if [ "$proto" = "tcp udp" ] || [ "$proto" = "all" ]; then
|
for protoi in $proto; do
|
||||||
checkfw=""
|
checkfw=""
|
||||||
if [ "$family" = "ipv4" ]; then
|
if [ "$family" = "ipv4" ]; then
|
||||||
if [ "$src_dip" = "" ]; then
|
if [ "$src_dip" = "" ]; then
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||||
else
|
else
|
||||||
comment=""
|
comment=""
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [ "$src_dip" = "" ]; then
|
if [ "$src_dip" = "" ]; then
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||||
else
|
else
|
||||||
comment=""
|
comment=""
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
if [ "$checkfw" = "" ]; then
|
if [ "$checkfw" = "" ]; then
|
||||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "tcp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","protoi" : "'$protoi'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||||
_set_json "shorewallopen" "$settings"
|
_set_json "shorewallopen" "$settings"
|
||||||
fi
|
fi
|
||||||
if [ "$family" = "ipv4" ]; then
|
if [ "$family" = "ipv4" ]; then
|
||||||
if [ "$src_dip" = "" ]; then
|
if [ "$src_dip" = "" ]; then
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp")
|
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||||
else
|
else
|
||||||
comment=""
|
comment=""
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [ "$src_dip" = "" ]; then
|
if [ "$src_dip" = "" ]; then
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp")
|
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||||
else
|
else
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
done
|
||||||
checkfw=""
|
|
||||||
if [ "$family" = "ipv4" ]; then
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port udp${comment}")
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port udp to${comment}")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if [ "$checkfw" = "" ]; then
|
|
||||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "udp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
|
||||||
_set_json "shorewallopen" "$settings"
|
|
||||||
fi
|
|
||||||
if [ "$family" = "ipv4" ]; then
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
checkfw=""
|
|
||||||
if [ "$family" = "ipv4" ]; then
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if [ "$checkfw" = "" ]; then
|
|
||||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$proto'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
|
||||||
_set_json "shorewallopen" "$settings"
|
|
||||||
fi
|
|
||||||
if [ "$family" = "ipv4" ]; then
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
|
||||||
else
|
|
||||||
comment=""
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [ "$src_dip" = "" ]; then
|
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
|
||||||
else
|
|
||||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
|
||||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
|
||||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
|
||||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1095,9 +1001,12 @@ _set_config_from_vps() {
|
||||||
uci -q batch <<-EOF >/dev/null
|
uci -q batch <<-EOF >/dev/null
|
||||||
set v2ray.omrout.s_vmess_user_id="$v2ray_key"
|
set v2ray.omrout.s_vmess_user_id="$v2ray_key"
|
||||||
set v2ray.omrout.s_vmess_port="$v2ray_port"
|
set v2ray.omrout.s_vmess_port="$v2ray_port"
|
||||||
|
set v2ray.omrout.s_vless_user_id="$v2ray_key"
|
||||||
|
set v2ray.omrout.s_vless_port="$v2ray_port"
|
||||||
EOF
|
EOF
|
||||||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ]; then
|
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ]; then
|
||||||
uci -q set v2ray.omrout.s_vmess_address="$vpsip"
|
uci -q set v2ray.omrout.s_vmess_address="$vpsip"
|
||||||
|
uci -q set v2ray.omrout.s_vless_address="$vpsip"
|
||||||
fi
|
fi
|
||||||
uci -q commit v2ray
|
uci -q commit v2ray
|
||||||
logger -t "OMR-VPS" "V2ray restart..."
|
logger -t "OMR-VPS" "V2ray restart..."
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue