From 450da26917688788a3e402b724e7c3814902bfe3 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Mon, 28 Aug 2023 19:16:45 +0000
Subject: [PATCH] Fixes and add trojan, socks and vmess protocol support for
 V2Ray

---
 debian9-x86_64.sh                 |  19 ++++--
 omr-service                       |   2 +-
 openmptcprouter-shorewall6.tar.gz | Bin 3803 -> 3814 bytes
 shorewall6/shorewall6.conf        |   6 +-
 v2ray-server.json                 |  99 +++++++++++++++++++++++++++++-
 5 files changed, 117 insertions(+), 9 deletions(-)

diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh
index 6836e2e..8e155d1 100755
--- a/debian9-x86_64.sh
+++ b/debian9-x86_64.sh
@@ -61,8 +61,8 @@ MLVPN_BINARY_VERSION="3.0.0+20211028.git.ddafba3"
 UBOND_VERSION="31af0f69ebb6d07ed9348dca2fced33b956cedee"
 OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4"
 OBFS_BINARY_VERSION="0.0.5-1"
-OMR_ADMIN_VERSION="c4374c28594517231190e320020cb20d9dd1bcb2"
-OMR_ADMIN_BINARY_VERSION="0.3+20230823"
+OMR_ADMIN_VERSION="d77ffb62084271a388a09d1b0d17e42aae0514ab"
+OMR_ADMIN_BINARY_VERSION="0.3+20230828"
 #OMR_ADMIN_BINARY_VERSION="0.3+20220827"
 DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a"
 DSVPN_BINARY_VERSION="0.1.4-2"
@@ -914,10 +914,13 @@ if [ "$V2RAY" = "yes" ]; then
 	else
 		apt-get -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-overwrite" -y install v2ray=${V2RAY_VERSION}
 	fi
-	if [ ! -f /etc/v2ray/v2ray-server.json ]; then
+	if [ -f /etc/v2ray/v2ray-server.json ]; then
+		V2RAY_UUID=$(grep -Po '"'"id"'"\s*:\s*"\K([^"]*)' v2ray-server.json | head -n 1 | tr -d "\n")
+	fi
+	#if [ ! -f /etc/v2ray/v2ray-server.json ]; then
 		wget -O /etc/v2ray/v2ray-server.json ${VPSURL}${VPSPATH}/v2ray-server.json
 		sed -i "s:V2RAY_UUID:$V2RAY_UUID:g" /etc/v2ray/v2ray-server.json
-	fi
+	#fi
 	if ([ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]) && [ -z "$(grep mptcp /etc/v2ray/v2ray-server.json | grep true)" ]; then
 		sed -i 's/"sockopt": {/&\n                    "mptcp": true,/' /etc/v2ray/v2ray-server.json
 	fi
@@ -1199,6 +1202,7 @@ if [ "$OPENVPN" = "yes" ]; then
 		cp ${DIR}/openvpn-bonding8.conf /etc/openvpn/bonding8.conf
 	fi
 	mkdir -p /etc/openvpn/ccd
+	
 	systemctl enable openvpn@tun0.service
 	systemctl enable openvpn@tun1.service
 	if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then
@@ -1246,6 +1250,7 @@ if [ "$SOURCES" = "yes" ]; then
 	else
 		cp ${DIR}/glorytun-udp@.service.in /lib/systemd/system/glorytun-udp@.service
 	fi
+	chmod 644 /lib/systemd/system/glorytun-udp@.service
 	#wget -O /lib/systemd/network/glorytun-udp.network ${VPSURL}${VPSPATH}/glorytun-udp.network
 	rm -f /lib/systemd/network/glorytun-udp.network
 	mkdir -p /etc/glorytun-udp
@@ -1269,6 +1274,7 @@ if [ "$SOURCES" = "yes" ]; then
 else
 	rm -f /usr/local/bin/glorytun
 	apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install --reinstall omr-glorytun=${GLORYTUN_UDP_BINARY_VERSION}
+	chmod 644 /lib/systemd/system/glorytun-udp@.service
 	GLORYTUN_PASS="$(cat /etc/glorytun-udp/tun0.key | tr -d '\n')"
 fi
 [ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /etc/glorytun-udp/tun0
@@ -1300,6 +1306,7 @@ if [ "$DSVPN" = "yes" ]; then
 		wget -O /usr/local/bin/dsvpn-run ${VPSURL}${VPSPATH}/dsvpn-run
 		chmod 755 /usr/local/bin/dsvpn-run
 		wget -O /lib/systemd/system/dsvpn-server@.service ${VPSURL}${VPSPATH}/dsvpn-server%40.service.in
+		chmod 644 /lib/systemd/system/dsvpn-server@.service
 		mkdir -p /etc/dsvpn
 		wget -O /etc/dsvpn/dsvpn0 ${VPSURL}${VPSPATH}/dsvpn0-config
 		if [ -f /etc/dsvpn/dsvpn.key ]; then
@@ -1313,6 +1320,7 @@ if [ "$DSVPN" = "yes" ]; then
 		rm -rf /tmp/dsvpn
 	else
 		apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn=${DSVPN_BINARY_VERSION}
+		chmod 644 /lib/systemd/system/dsvpn-server@.service
 		DSVPN_PASS=$(cat /etc/dsvpn/dsvpn0.key | tr -d "\n")
 	fi
 	if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then
@@ -1358,6 +1366,7 @@ if [ "$SOURCES" = "yes" ]; then
 	chmod 755 /usr/local/bin/glorytun-tcp-run
 	wget -O /lib/systemd/system/glorytun-tcp@.service ${VPSURL}${VPSPATH}/glorytun-tcp%40.service.in
 	#wget -O /lib/systemd/network/glorytun-tcp.network ${VPSURL}${VPSPATH}/glorytun.network
+	chmod 644 /lib/systemd/system/glorytun-tcp@.service
 	rm -f /lib/systemd/network/glorytun-tcp.network
 	mkdir -p /etc/glorytun-tcp
 	wget -O /etc/glorytun-tcp/post.sh ${VPSURL}${VPSPATH}/glorytun-tcp-post.sh
@@ -1410,6 +1419,8 @@ else
 	cp ${DIR}/omr-6in4-run /usr/local/bin/omr-6in4-run
 	cp ${DIR}/omr6in4@.service.in /lib/systemd/system/omr6in4@.service
 fi
+chmod 644 /lib/systemd/system/omr.service
+chmod 644 /lib/systemd/system/omr6in4@.service
 chmod 755 /usr/local/bin/omr-service
 chmod 755 /usr/local/bin/omr-6in4-run
 if systemctl -q is-active omr-6in4.service; then
diff --git a/omr-service b/omr-service
index afd1b9e..9c99994 100755
--- a/omr-service
+++ b/omr-service
@@ -42,7 +42,7 @@ _glorytun_tcp() {
 			localip="$(cat /etc/glorytun-tcp/tun0 | grep LOCALIP | cut -d '=' -f2)"
 			[ -z "$localip" ] && localip="10.255.255.1"
 			remoteip="$(echo $localip | sed 's/\.1/\.2/')"
-			if [ "$(ping -c 5 -w 5 $remoteip | grep '100%')" != "" ] && ([ -z "$(pgrep glorytun-tcp)" ] || [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep glorytun-tcp)/exe ))" -gt "300" ]); then
+			if [ "$(ping -c 5 -w 15 $remoteip | grep '100%')" != "" ] && ([ -z "$(pgrep glorytun-tcp)" ] || [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep glorytun-tcp)/exe ))" -gt "300" ]); then
 				logger -t "OMR-Service" "No answer from VPN client end, restart Glorytun-TCP"
 				systemctl restart glorytun-tcp@tun0
 				sleep 10
diff --git a/openmptcprouter-shorewall6.tar.gz b/openmptcprouter-shorewall6.tar.gz
index eeb36f255423786ff3502b03dab8b9a259e435a2..e1869464c37b2ac1ee943b37e5d5e1bc361db667 100644
GIT binary patch
delta 3773
zcmV;u4npzU9p)W>ABzY80SM=000Zq@ZF8eW65g-qS4_#iWVg<;UM$I3r*t_CBZ)Ht
z0?3Y2S4Ck7+f*dr0IlQO+W&st!;28|t~a}qlS^p3B$%0=>6z(yx@TxK^F1#P?b$D{
z_D3zCez(iMfy&?Q{%Pk``{cCU?Q~oHlhaqNcDsApe??k<dz2}sRTSGHA+JK;k3UuJ
zx%~fAI;b5G<K7RQ2Ya#TlSYFyop{!a@}%Z0(~ugL9r_`0y<0zA+Og|<#J=%YF>#=T
z>qL-4;(IqDx9-9@BJpG3kowa0$hx{lUR@pP`(dc+6W$~zwS&D<?SL0dNmV$GGt{Xr
zP>vI+VRD>*rmLpPiJGdLoWVY)2Gu#^N-~9Ut@eX^OAh&|sg9|vQQaWld_yctFfEhU
zN7PITSQbCw6_K}+LN&oWyLT3W6Q0@7_qlzhsa%7@|J6L;+O5`it=bQcH+OF{{-LRD
zGvCI+nlqjST&G=P8=rJew)u44D7ARnep|@@@%Zh3Nqe*A_GzaqlB5gURlDJAld<3L
zpOzREYMx7~VJXHozvsj^t{*kLs3hS@xfV@(YDj{hJSHIdNr~0q6}rtD*`8C9z1Q!T
zS*0f$joe^U+Fq+)9xX$eJjLlPORVjFc@E7d=RV$;eB|uET{9-%yIKFP7dzptJ#(Vn
z)b|vBJ&XS*y)ypyPb&O>5!%3i^3Dk(MD^}*i!_K~FN1|cq+CVF5OAFU_>=g-Z{(^&
z0Ml>XyH&_c!ZFk+_`zf7-rdLKweW^?VEP-KR=Z1X9>G31g$7N>UNXC4qS;uuH=!Lq
z60{(p<B-U|jUVjL`JO!bD>4H^5;}7?0$X!`vx*(!#su)S>4(6-^kGdrV$#Z+J0WWZ
z#9KzhzhyTgWlCfxiXd;~cur_9h_<>}xHDju-I?P>4zVK=U|MwV%rjYsD2R~?0_G2@
zXWjgsI4<O4+u5jfj@wylX^lq&#_F{lqx>Q917v&yLO+s)4bo+t$7~1;Xb5@HcoLm|
z^5TRZ$G^sGyl+<_Hb&-7Y`cpH7#cgJuea=Lb%^S_w&uB?(Ajy-2S2L{C4@+dN%bKw
z;5Cw}p}%0%z+`cUVACwAkjZF%KMRh)klZfpyXYtkU}Rtbj$i;mQ|5#AQ3&Jb+@Rz1
zF7P;i88-T^*KMpo1^=E^lJh^swj+p>cmooD>-4l;;r~m}^ZtLLAq=7TD01&ShF|aO
z(6w(CfDG|{f^Wog05t)moCMCK7;!vW-Q77+3^}Y^#zs7Q3A{JX9RSM%04Y>TRsr}v
z0P}#v3nz{lw#Gg|#CN^B6~Hp$;}UFxzbps<3u;an`gkDlBdd<Vm9yEmAoTC@uFzk9
znQ=SA8!lPj11G+3rFZG_AFxI4`O$I}-fl3G*X40q;~!Y5nIF#IB$XEs1iiV#LiMTT
zbATaQEn<)yOyW&q1tJ(AG)Qh@P?9Riy$y!RabV0s7e>g-TR_>d`YnNXjF*xk$WxJ$
zL@SP=>2eZ)-Ae#hMLVJOJnpZJXYd~~cK~Jozt=md@c$(!cWoH@{oc}4^wP8j?ftd!
z?E3G({=a*2dV1P9X`d$h|5mmBUxbsl1R;OD4y^xHzuoHtwQ&8n+TCjXzXW~8`JcvA
zq&oYn&i+1n_Lrc@?$7-WlBad~nHxT|E1tn=sw@fD>w8%p5t&|6IlGr8l6iJM)eW<T
zr*K7Hf;w0vUJ$5e)@~oj=M;k-(<h6Gx~idWk0}|dvaDW7$|#d}GKFrOQzG*qSDAmY
ze6Q1gQNi5TVPLpg?DNqNqi68H+wHW<=YRcftHS@6pwGa69aZFO;r|G(PAePmC$<3$
zNp@}mekaNTMsgG`8KP}Vgn=Z5^m2JsmqwDpXNHOByt(l-3ByjB@IB%63%nOpMPb$}
z%{QgVM)@)52L`0%^0A1OVm=EgI3RytMi>f{eZMx|<mu&Z7ez!G>FQLg{b0~!^mtib
z-vBFrE=$Ikit9w3$}kdz1WCE%WvP%bRZN{1E{bIodR5E2Ci>pDF<MRk0nx~FW=wqp
zclOIFNS+nos=|}%gPP>Mvls6CHCkuv)pJ%no&{`eCdAKXP7o7OF$yh3>o$LG-4xbh
zKWp>B4>52GSY9WNLo$|!!>f&U66x}GSZ6fXyJK}X)9NlY1qvnAa2!5V<e(mobAxyN
zhC5pZn|b(H;E6oO!V0YOKHBs%-P)+L)E?F;hJH}0tbSw9>ulWr>wC`eF+w;ALgyVI
zO#+h(KP`UaFwTYV&z<=(14)0JH`da|=zU}qm_VgGd|r}HV?kM1bAcbm<R7Hp1D}L}
zZgg+Y{fEe({Sq-L?-qXe7_U6ydmH1D55&fNmL)9f75iq5HTu2YN$)q;v6^q!@rmvk
z#yFe6oe19PbXarZSkOrN_?oOWbz6PP`oeUO1yr3pp}1)VwxEO2521f6Y<03(Vs*E%
zwSM>Q+qcDLXA2iKskrV_WjzoTKGO<l=d9g2#=lMyNY-FA{pF6n)(<d`(Usdv8=v<7
z+wD`hZg;z<c<PJSt#+r^?o|H&OVG~!CbT4L|Nb&{jeAc;7L;@^;eFZ-WlzMN7~=pw
zC(4-BS5GRO*j`}YfpdSqh<rfqh3mm}j5+sl9Go?q4-XH=IV(O1Z7vg*XiLQ7`*^w7
z{V4~>rRZu9lkh}`&neO1o)Yk($T^YWO5Az7HE_subE;WX0mqDrgKH<M?W1=|_b#Cm
zI&?;bZc5O_>)m(glIrKGA(_{M_8vO|q`|a|us^%+gT{}jKG=Vw_(K?d9b~_PKFCDg
zeGi6`POrfA-)ARa>j8>1f<Fn?$Y}SSIG1750lO8`lGTyL4i%w4>F#7B4X@8}hoXq-
z-C7MhECI#>wk%2JP?G7O`OXfT;O91%P81>1Bv~xTaZu0U^XzXC{?}P9+iE3snEXgp
z<m-Xr*J=}9C`o^b=vk|!8><aTbq!iKslHX%_*nX6st>nQQ`ms?bx#Vfc(|S$A46KL
zW(t}$l=+ddRY$(7+YoTqvv|OvmI$EeCg_Pu6i^<O3^`l^h^e@L=0Sf%_!iS;AwXFb
zt|ZLgy<Wk_ekhGBjW@@G`r&)L6(#*cVf@aTt0;tfJ9K}FsfX{4F|X6j!k`)>s!AH9
z4hn3)#@3zVyFpW?ptD*ZH{R4h{nglqK@&|9E|@xk7OCPCN?<j$nlc1;91Cbvmy>F5
zT(228;R4|a1#d=>a@J%Ytl9i3zgYM)dr`i{a&=Tr!&G(38V{W)hTec$jnxD<EMrUo
zJy@gBJ!F4O&y8yXr5)7ks8ss_77-?V2<k8e)i9Z22$|Y|qBO~brRZqCcCQx62FMcW
zke|xtz=OSU0fMsRI@_L0!bFRX&O_gx&+I5p4l|A>t3~V<?&q-gR{Yp_^v(|RHO5lY
zLy%%JZq!A^2%VsiTCZVEU($FTbm+$^ozl$?J&}KuJl*)RHuhs(beQZhOt%h`t#JZO
z_k>M7qQo91UI&O2)Cs;pHuyGz-Sy#n^lPIJaDjV{5C1%TA3a8~v-|)MFn2H(mU+e>
zzOCuTxWF6TZ?izk%wOVbXi$7F<5lt|7{F@lb+eb1qJs61lu_cZuJ0`dbAu!hA2P&=
zq)2}Te{N94giA5=aPfsc95zT^C!}xqtrI5v1!WfYoHr!FN-U(2q+|<oPzSqylsW}R
zxlKdW6vn)yScafWnwi!r$oxc`7)c$1OnKb`EMqt7M3bqRv<GVeOfjrR3t&=}r+DO<
zR3K6;WSL{CV9-vQs48gvd2~L+YlWYHuxoz-SrPh^1}b8)r;idf@<dfPQ{YdMhCG;d
z21HB{@JFtAU9=KW@nkwFmJJnHl92+KJyk9g^$G?-ml8XJ%o6knS~EdGadM_f-wq^2
zmJ|w=nZh_LiRQ?HmK2!7R1yjNhNN|zXVt6KE-2M3-Lz6umTXn9+v(eLhQ(YWmY#q4
zM4S4Mr<&+$z@iz+baU&2U9@1<@{Z#iCSDdBCd-%(htf}jUod5A(w{6mmRG0dpx>(1
zFsOSX{Y-K1kzHE_ZB>|8#^5e_xPTrR{c#H3vX#Gnl9pmF7Bh`@80YrV(xEMiQl<l7
z@Rz`g<ChGjDdZi>ZhwNYF|#{Omq357wL!f@PS_uQx8bj|`G-~(RT&u6OG(W1K1tK3
z*&I)e9L-^B5|J=X8(+hc;bjZ7u}~CdZ=I0%$e;<-Fkr`%b_lgVl|_NqAm7Lp|4P*_
zc<8($Cd@xmUA2;NV7ID5JNPkZ><8pDX8JDx=FHSnGyvqXjVyz@eeOU+$<TjrKY`=H
z;tKM8NHHf{XlqR`=4N38*}kBdmxeUt+kox%@}0wWR<cLfPG9@}+j(p6|LG3wcr2fo
z#0fiRxxj5CPp)ACr^MWSv$*EYB@>}CTS;5@>TsC2;}hPv$Z}Dclj|139N;oR+{9Bf
z5tL0eiB2c#CH?C2>Ij^PU7UX-eu|!n|LC+@<@bME-Ch;{@glSt|B=Uh7z%GTCwBCo
zl@r=?$N9?ekA4;T@h6V_Kn$tp9Z65spFUA<ZgR2nbk@x!Bo~GFBgK(C@#`Vnlkp!M
z`vnp7#{>?&lj4twa2Nr?eslzip7ZCDESc9ZXn^{#E!KGvYE5GBo9%zr(Z6fZ#_ha?
zx8HGvH;{3VVQnVQH}QEVs5R&k8$<TMC4U4O)ef-a>vdp%`whoIeJ!r^GV)*Up=U)o
zMX?_Q&U~+7pwGqs_j={`|2my+_4^+$LLZC&>=k^0f{J{xAJFbpF2JAJ1t{pq9$o|Z
z%3#b*zOM?3ECxfS_b6yy61|j}Rj#p4Ypj!B<Oe-|BViEU?;QW%?sdA`@&6V6zX*Ls
z{Qu9WBGv0(75aY^{TYbt0ru11W-_le2KMQ%rflJ|q--TIQm5u;WBteK&VH#Sdn+st
nX3YX+F|;^;wT#{T0a3n_u?`)RzYYuxKP&wY2M>hc0C)fZ(Is@Z

delta 3761
zcmV;i4o>mr9orp$ABzY8C#?No00Zq@ZF8eW65g-qS4_#iWVg<;-YhxmlrD#1BymPS
z0NHWsswgaBn~DS+pmls(``@p7co9P0^=4OcatUph1T)h!Ju^K|_Y93@zURfEJ^SU=
z{-_1iKRIFFK;`dt|FrX}-90^Rb-SmnUi($6-99<(y&|oDJ<62RDvIrpkXNDa$Db<q
zT>k$l9n=npaqoxDgS}YvNuxoUPCRQyc~WzhX-Eyr4*ih0-mM=l?b!7_V&C|ym^e_v
zbt1?i@x2?7TX*3ck@zuiNPTI0WL;e&udWXD{V-JZ32%~a?O?A|JKzOVQWcKl40Wmt
zl;cEdm>j2n>8h!6qNeI5XRyzyL3Pf!l1yP-tNq~Kl0$xKs$(i^R5!>s-w?|ZOv~i;
z5jB$nmc>taMdYodP)#t;?wv*8gl9JNeQuv=D%arfe>D%dcB}PWtM-HA&E4CKe`spk
z%(ro{=8R_n*J+p7#@$YLn@{JBQj4eUw}t#4kKcBG+nY7FPdjCiBwg69+6`x$jQxK9
zw8W@T^ITF5OEI?jJtw|#{ixwZB?-IbS~TscAqj%=n1JNn605;0belD@J*Omluir1T
zN>4NzxxuEiy;i?GT81)tiql(`Slj*b9GXwgeY`RG$k~6pW=y_!v;JK#cEVeG=0v-x
z?<snJ7XQ1wGX7&yh5s)=8~9J&IbnpTesbI*4Pw~KVBrucR}nG<TqgkjB!2K4x#|$W
z^jr6C6*7}>3^fXV@EE#x_c3`bydfQ!{zj+OJ|Q=cU>}@9gQjCInO!l_Y%JWH&<-C7
zT9D9jNaWwf4|eE$PagdhnSmh*ow*x<t+`o$#SU>}0{GhWL*QTfuqGZcY30qGkTnD1
zEhFOJvYU}IC9)GmkT-HXC$twtTiq<&88FN4%<&?J*bxaZExLE+nXE$;#7G4J^9R+l
zZhlW37xJ;~Y}7i(?X0!5#v=k__1cb6{*d?qGQI(!AIZW7=`zk^HUtJVguG}xiB5Tc
zaYB#dUt>1jx2q5vBXcLV-9-cpjh)ihTlTd&MD<-;^W0D9?7ZfKpH+ntLL|kc`j8j!
z8cEgAUodK5vbaOAX_i#TWHi5@1xH{=ZWs1lbQA_KGB5x~Fo2*b^FjM4gz<B3&~bVf
zc$~is8-3S1X{<m6|DIKn^FPJ5BZ&W#dIJ%E3vMd>e+hct|4%f8Arv1)?w!Z*>zy6C
z_RRv2A-+%Wjd%{ACV-Taz?l>yjz_DzJ12@Ehn36Nh-WW>_r|#cV0i!_g-XdP0N)2-
z9*}t9#4*Fx*e8hiu6MTrSVnwYf^G1Z1p#0|%?U#v4+MT>)iJnoHv1NY{$1V``YSVk
zZfAJICF^_O#P_ZAE?xcuw#Yp{TCT#|4My_1JWgx;11mN2!}*(}@&baOH+NX5KDB%f
zFhr|G43dLMyh*G;1OtQy$xRGOQYE>!!7w=vj9KWy2zhx6C_7faCGd{%Qc?tYDpHbY
z#W6HpP6Dud3E-+|C$yf&{k8E7{^JfWpzQzmdYuaYUxISihN0i@Elou)O>5BJUmMS^
z{|@Z`Pr&EvcKR(W2kXD`|6YcZy96PBVC-T2_uKt$=cL=m_1|ipR_p&I=rhj$G^Qfe
z*<W?`_tCSz1Vwg#?st$pt;^5c@S$Dt3{F#JNw{9$%j$^8^peWiy)==`v-7ELm^D0w
zEAkT5!6Na3KsB>=`#?UY80?rnSxnSb4Rw1=$xxML^-5AknY@!JbmN>7nFqOl%8ccE
zo&Jjo=DrRC!_{J+kA4_Ega0QdomTn$uivfk|3&CC@Lxw2`C9ltf~(WY2K<R_07H_U
zn}FYmvVf5sg-eEL+Y(_QNg=&lUe%?Mr0|(xB06twJWax|lO}vmc>MzJ1yxa)^-A+i
zX|hp%4EliqDY<+sVx^eRLJAIl$d?g@!ermCjW>CEx!Xk%kw&^Y)oMQ&G#Nc!me)7H
z%Ad=UF{a`=QKvGDL?J;^E_qohBuo`k=Y@-68HHZe@~(-#_ic<;(|<rT@|+n{-@u*y
zvI>%C1-Pp4r23#HdGG9nJAaMV8GH4d6^~~DTbl{-vzZgbL{yAIOVPT2jaxT`wb;+v
zeDFgIoC22DiQ|xr<>ByZqn$*$ydBmV&GqhB-OaSROHF}7Ni`gY4;4A6hvVGfUBBVZ
zmceEoJ{EW)kFl@<>%5OP{Y<wu>MXT~b&8=Mlq##=*z-CY_y78yb9{^tPJ+;R2S}5^
z<ibyj-#CnO;rnxEe#}6B66cMzv@v=g83iU#DG#5Qq|;bX7S>$ghcWpF>G!}VVW1n`
z+jIXR@@Kz9Ov<~3A3nw_kNDokxa0$|F`s1#%X-DWS!0cUuh;GU<~mmM?K(cuJ;NAh
z6Sxz>JDm<|P8<swNgrR6wWe;XPg!4>4zhr%?h}feW?&0C82u1`y24f`n<Z9v8(Zt2
zynXw&*z9cKq9zsBeX6VnqQYld0qvZ%TgUj<Ndn0ltfs%*(bxI`<}tc*duij-{(rmO
zKP|_9b$Z=)<^R6~?c8rdOS1OwFH_gJ_f%v-N%s=or`=HYMBIrn4&Za5j9Gp4q{4~q
z1@;{{_lw8}<X*Uc9$d$mb05dSS+n`@@Nk^7;*-$kGGU3fL_EHamy6w>a&TOVt_Cp)
zPjvX45)JMt0UwH-6B(|=owr*9hfFu8nne|G%&0iHcB0xodY5$X5;~znXH@8>1YNw|
zeTOcoey$plc|B<Fu_HhlOv?!Sv->`1{D|s<J&Hes(bqwL_ABUvOyu47U?}PI3S9qv
zb^^8@phzS5lVFXEcHfC}88#iTTQMzJ9a-#95&DzvPBzl;`W$yCikRN5)v&`7U@TzE
zl4K4gnGTxo?63)bZgc5G5h6{J#ey6M^&CFW{ubeXo#nEvR#Jz_k5omz9w>gTHsOVm
zl!%_STDq}++K^P&pmme#TZN5}rB9~%a62`H4M<=2r0|M|>$&kUq}6Jspjkti9~oP9
z<h!~J0e3x%2OMgN0E%vco~T3t<x$Cy!zF;2iu-3C^hbnmF<lk{lvUwM!u;Lq6>RK>
z(#X<yb3CXYzQ<cp(mxc&@2t6sLb$g>r<i*9-Wc<LI^8S`sxhLfq(SPS!1ilw-8sG+
zG-V1ptMzf?O%2pvjeQt2(Inx5sUv8SDo&vUR#U4fLvY8jfJSvWsrJV8nt>B85S~!*
zW&|l`P4>Z>&9Cx{g+H?w<y$OQN98n3Ri~`+(1~K`4XD*vO>o09#uU(lH5%PR#`N5{
zHc;AsLA{PjwI5&+VZw)?4pUGKlPQLfsSPMflT28Oj`nN!YLRS!ERhcRsca5B*c%rh
zC`+!h?YSgOwCLzO^zHe~j^gAn<7l#4#BSk!4tsCKkBvv~>@Z(rEHym@DJJ7aT~v(F
z2@0w88rJkBjn_ekew@-N-R#g4Ny*cVFKc6eKh{Nu$sWUW>oD0GC%|-1*wiCR>|x?{
zfJi}|;2UIvZzI@UAHGMwHu?Y;xaaur&%^i8V-!2f4*&sk2V-HGXZ+#Ynr@5>ywUwO
z3#82aCBB9R#rHB^C2xWOthQb^ds!(eSPw}VCI0IA-eNE}NCNR8L!3y8Wbo$(RZO^l
z6f+MOU+BYOgXDEW`i9>+VZvWfW?|2HLlUgSLK;a*wlD{Eu<J*uQ*e~qG*C@p%u9-8
z2)d-1X{Cb9Pqc}VR3XTe*DZiDcB4)-nVLy+uoS=&!(y}mB~^KfC!R?KBE>?MIi?E6
z?4*gRg2tam-$T4s_zB3mmX8&oKWU(UAr^c1C{ZI%RCP1O{Um9~gJowp!~_9%<cilt
zD-jhBrjugXNP!_4DFE41<w8-fU<`CAF*C?4L64v{6Z8}3W}5U(Qe;V?P?sr;vw~=h
zENDo98B7I{z-vev$5~drTJ3^T&C*RPHDuR`$Ha^2t8<3M{2`W{IYgVvkf)k|=x4x+
z8Od~W--8{rV9xSx;|wM)78@kXm=1^1PlI1DWopu&EIgA}r{<vFs?{)}dm{ZzapRF)
zTLo2Bm`ld6E_t$m?il@X3a+x1zk8CFV*VAgi*^|2#?sQEEs9d6{Wtha;KkufM$#1W
z4rRAL!PuDDou*5m)Y_olAzk)=hu>}Z>umm^iA6mI2K7=BGo??`^l3K3QzM6Rn3+T*
zOw-2KuwHoC0$nT=g~?kdBn~nt0yPZS?xY<;B~WEi;5EoMa<#uw^$Q+4uZRir&s0~f
zWE|M7s?ZL83>y1EIE~r;3&1!tbrTIhxNH~8aBiR54^c8S+)Utju%Lo}d=pa4$(Gq#
z(~G%T3_-RjDCVW{4EY{lyS;qdu$`4`5Vq6Tj{kPv+Vy|B13MneCnj;i4p}a656P2j
zn7}D9ci$|oxpT=xpv+d%*1b9$CcgNDH!iYVROaLwfaL&#L<qtr9-)b#Y^q6gI#Dm_
zE)J_Ba3*$8%_r%Z_>WG1t5rV#ZJnG{@gFZjoADoc%!i@yW^-ak|5-VqJ$Ib14FBj?
zksp8J$PdJjdft)rRQ>4__2woQJ5OibTtaeDh(A&s$rHaG!aW)P!LeTuL6=P6&_OBw
zm<WdvAnZp+py)Y&F3FO44TA>258Gm$7opZ92EW;E9sRooZQRa(TX_2&S9k*%2N~98
z@_ZAYcY<1jF0nCW4_xv`pi%7rOTJzQ_P5_~9Msq1N-rb-<sN!glv5P@LEy~y8V34Y
z{C}@ke*dr2IjMgC<3;FW@t?hdFHlgCFZKi4oyrCHGrIr<9ofTc0ACr5xykocL6OB^
z$n+k?OQM%Dv&uDM)@hA(@{9bS$8RJI!uy@$|J%LJ$yWS-h5s)@pArB6Gpb1S`d5Yi
zA4Pu#B71=S^tYMJYmI?@`l~5hxGX7KNsQE~`Po?ivAVNgYRTRT%Y#|7Kv@he&R;EK
bH-A8suc(u;4kr!h&r1ITPlA_20C)fZ=n7sc

diff --git a/shorewall6/shorewall6.conf b/shorewall6/shorewall6.conf
index 8ab80ab..699a0f2 100644
--- a/shorewall6/shorewall6.conf
+++ b/shorewall6/shorewall6.conf
@@ -138,7 +138,7 @@ BASIC_FILTERS=No
 
 BLACKLIST="NEW,INVALID,UNTRACKED"
 
-CHAIN_SCRIPTS=Yes
+#CHAIN_SCRIPTS=Yes
 
 CLAMPMSS=No
 
@@ -168,7 +168,7 @@ IGNOREUNKNOWNVARIABLES=No
 
 IMPLICIT_CONTINUE=No
 
-INLINE_MATCHES=No
+#INLINE_MATCHES=No
 
 IPSET_WARNINGS=Yes
 
@@ -176,7 +176,7 @@ IP_FORWARDING=On
 
 KEEP_RT_TABLES=Yes
 
-LOAD_HELPERS_ONLY=Yes
+#LOAD_HELPERS_ONLY=Yes
 
 MACLIST_TABLE=filter
 
diff --git a/v2ray-server.json b/v2ray-server.json
index 716b7f7..d605b3d 100644
--- a/v2ray-server.json
+++ b/v2ray-server.json
@@ -34,6 +34,7 @@
 			},
 			"streamSettings": {
 				"sockopt": {
+					"mptcp": true,
 					"mark": 0
 				},
 				"network": "tcp",
@@ -48,6 +49,99 @@
 				}
 			}
 		},
+		{
+			"tag": "omrin-vmess-tunnel",
+			"port": 65230,
+			"protocol": "vmess",
+			"settings": {
+				"decryption": "none",
+				"clients": [
+					{
+						"id": "V2RAY_UUID",
+						"level": 0,
+						"alterId": 0,
+						"email": "openmptcprouter"
+					}
+				]
+			},
+			"streamSettings": {
+				"sockopt": {
+					"mptcp": true,
+					"mark": 0
+				},
+				"network": "tcp",
+				"security": "tls",
+				"tlsSettings": {
+					"certificates": [
+						{
+							"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
+							"keyFile": "/etc/openvpn/ca/pki/private/server.key"
+						}
+					]
+				}
+			}
+		},
+		{
+			"tag": "omrin-socks-tunnel",
+			"port": 65231,
+			"protocol": "socks",
+			"settings": {
+				"auth": "password",
+				"accounts": [
+					{
+						"pass": "V2RAY_UUID",
+						"user": "openmptcprouter"
+					}
+				],
+				"udp": true
+			},
+			"streamSettings": {
+				"sockopt": {
+					"mptcp": true,
+					"mark": 0
+				},
+				"network": "tcp",
+				"security": "tls",
+				"tlsSettings": {
+					"certificates": [
+						{
+							"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
+							"keyFile": "/etc/openvpn/ca/pki/private/server.key"
+						}
+					]
+				}
+			}
+		},
+		{
+			"tag": "omrin-trojan-tunnel",
+			"port": 65229,
+			"protocol": "trojan",
+			"settings": {
+				"clients": [
+					{
+						"password": "V2RAY_UUID",
+						"email": "openmptcprouter",
+						"level": 0
+					}
+				]
+			},
+			"streamSettings": {
+				"sockopt": {
+					"mptcp": true,
+					"mark": 0
+				},
+				"network": "tcp",
+				"security": "tls",
+				"tlsSettings": {
+				"certificates": [
+						{
+							"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
+							"keyFile": "/etc/openvpn/ca/pki/private/server.key"
+						}
+					]
+				}
+			}
+		},
 		{
 			"listen": "127.0.0.1",
 			"port": 10085,
@@ -72,7 +166,10 @@
 			{
 				"type": "field",
 				"inboundTag": [
-					"omrin-tunnel"
+					"omrin-tunnel",
+					"omrin-vmess-tunnel",
+					"omrin-socks-tunnel",
+					"omrin-trojan-tunnel"
 				],
 				"outboundTag": "OMRLan",
 				"domain": [