diff --git a/sing-box.sh b/sing-box.sh index 01055de..ff31fd8 100644 --- a/sing-box.sh +++ b/sing-box.sh @@ -257,6 +257,8 @@ cat > "${config_dir}" << EOF { "tag": "hysteria2", "type": "hysteria2", + "sniff":true, + "sniff_override_destination":true, "listen": "::", "listen_port": $hy2_port, "users": [ @@ -264,15 +266,19 @@ cat > "${config_dir}" << EOF "password": "$uuid" } ], + "ignore_client_bandwidth":false, "masquerade": "https://bing.com", "tls": { "enabled": true, "alpn": [ "h3" ], + "min_version":"1.3", + "max_version":"1.3", "certificate_path": "$work_dir/cert.pem", "key_path": "$work_dir/private.key" } + }, { @@ -535,14 +541,18 @@ get_info() { isp=$(curl -s --max-time 2 https://speed.cloudflare.com/meta | awk -F\" '{print $26"-"$18}' | sed -e 's/ /_/g' || echo "vps") if [ -f "${work_dir}/argo.log" ]; then - argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log") - [ -z "$argodomain" ] && sleep 2 && argodomain=$(grep -oP '(?<=https://)[^\s]+trycloudflare\.com' "${work_dir}/argo.log") - [ -z "$argodomain" ] && restart_argo && sleep 6 && argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log") - [ -z "$argodomain" ] && red "未能获取到Argo临时域名,请运行完毕后进入${yellow}Argo管理${re}菜单重新获取" + for i in {1..5}; do + argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log") + [ -n "$argodomain" ] && break + sleep 2 + done else - restart_argo && sleep 6 && argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log") + restart_argo + sleep 6 + argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log") fi - green "ArgoDomain:${purple}$argodomain${re}\n" + + green "\nArgoDomain:${purple}$argodomain${re}\n" yellow "\n温馨提醒:如节点不通,请打开V2rayN里的 “跳过证书验证”,或将节点的跳过证书验证设置为“true”\n" @@ -843,6 +853,7 @@ uninstall_singbox() { # 删除配置文件和日志 rm -rf "${work_dir}" || true rm -f "${log_dir}" || true + rm -rf /etc/systemd/system/sing-box.service /etc/systemd/system/argo.service > /dev/null 2>&1 # 卸载Nginx reading "\n是否卸载 Nginx?${green}(卸载请输入 ${yellow}y${re} ${green}回车将跳过卸载Nginx) (y/n): ${re}" choice @@ -897,7 +908,9 @@ if [ ${check_singbox} -eq 0 ]; then skyblue "------------" green "3. 修改Reality伪装域名" skyblue "------------" - purple "${purple}4. 返回主菜单" + green "4. 添加hysteria2端口跳跃" + skyblue "------------" + purple "${purple}5. 返回主菜单" skyblue "------------" reading "请输入选择: " choice case "${choice}" in @@ -998,7 +1011,31 @@ if [ ${check_singbox} -eq 0 ]; then echo "" green "\nReality sni已修改为:${purple}${new_sni}${re} ${green}请更新订阅或手动更改reality节点的sni域名${re}\n" ;; - 4) menu ;; + 4) + purple "端口跳跃需确保跳跃区间的端口没有被占用,nat鸡请注意可用端口范围,否则可能造成节点不通\n" + reading "请输入起始端口 (回车跳过将使用随机端口): " min_port + [ -z "$min_port" ] && min_port=$(shuf -i 50000-65000 -n 1) + yellow "你的起始端口为:$min_port" + reading "\n请输入结束端口 (需大于起始端口): " max_port + [ -z "$max_port" ] && max_port=$(($min_port + 100)) + yellow "你的结束端口为:$max_port\n" + manage_packages install iptables6 > /dev/null 2>&1 + listen_port=$(sed -n '/"tag": "hysteria2"/,/}/s/.*"listen_port": \([0-9]*\).*/\1/p' $config_dir) + iptables -A FORWARD -p udp --dport $min_port:$max_port -j ACCEPT > /dev/null 2>&1 + iptables -t nat -A PREROUTING -p udp --dport $min_port:$max_port -j REDIRECT --to-port $listen_port > /dev/null 2>&1 + command -v ip6tables &> /dev/null && ip6tables -A FORWARD -p udp --dport $min_port:$max_port -j ACCEPT > /dev/null 2>&1 && ip6tables -t nat -A PREROUTING -p tcp --dport $min_port:$max_port -j REDIRECT --to-port $listen_port > /dev/null 2>&1 + restart_singbox + ip=$(get_realip) + uuid=$(sed -n 's/.*hysteria2:\/\/\([^@]*\)@.*/\1/p' $client_dir) + line_number=$(grep -n 'hysteria2://' $client_dir | cut -d':' -f1) + isp=$(curl -s --max-time 2 https://speed.cloudflare.com/meta | awk -F\" '{print $26"-"$18}' | sed -e 's/ /_/g' || echo "vps") + sed -i.bak "/hysteria2:/d" $client_dir + sed -i "${line_number}i hysteria2://$uuid@$ip:$listen_port?peer=www.bing.com&insecure=1&alpn=h3&obfs=none&mport=$listen_port,$min_port-$max_port#$isp" $client_dir + base64 -w0 $client_dir > /etc/sing-box/sub.txt + while IFS= read -r line; do yellow "$line"; done < ${work_dir}/url.txt + green "\nhysteria2端口跳跃已开启,跳跃端口为:${purple}$min_port-$max_port${re} ${green}请更新订阅或手动复制以上hysteria2节点${re}\n" + ;; + 5) menu ;; *) read "无效的选项!" ;; esac else @@ -1207,14 +1244,17 @@ fi get_quick_tunnel() { restart_argo yellow "获取临时argo域名中,请稍等...\n" -sleep 6 +sleep 3 if [ -f /etc/sing-box/argo.log ]; then - get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log) - [ -z "$get_argodomain" ] && sleep 2 && get_argodomain=$(grep -oP '(?<=https://)[^\s]+trycloudflare\.com' /etc/sing-box/argo.log) - [ -z "$get_argodomain" ] && restart_argo && sleep 6 && get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log) - [ -z "$get_argodomain" ] && red "未能获取到Argo临时域名,请重新获取" + for i in {1..5}; do + get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log) + [ -n "$get_argodomain" ] && break + sleep 2 + done else - restart_argo && sleep 6 && get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log) + restart_argo + sleep 6 + get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log) fi green "ArgoDomain:${purple}$get_argodomain${re}\n" ArgoDomain=$get_argodomain @@ -1241,10 +1281,10 @@ purple "$new_vmess_url\n" check_nodes() { if [ ${check_singbox} -eq 0 ]; then while IFS= read -r line; do purple "${purple}$line"; done < ${work_dir}/url.txt - echo "" server_ip=$(get_realip) lujing=$(grep -oP 'location /\K[^ ]+' "/etc/nginx/nginx.conf") - green "\n节点订阅链接:http://${server_ip}/${lujing}\n" + sub_port=$(sed -n 's/^\s*listen \([0-9]\+\);/\1/p' /etc/nginx/nginx.conf) + green "\n节点订阅链接:http://${server_ip}:${sub_port}/${lujing}\n" else yellow "sing-box 尚未安装或未运行,请先安装或启动sing-box" sleep 1 @@ -1297,6 +1337,7 @@ while true; do else fix_nginx manage_packages install nginx jq tar iptables openssl coreutils + [ -n "$(curl -s --max-time 1 ipv6.ip.sb)" ] && manage_packages install ip6tables install_singbox if [ -x "$(command -v systemctl)" ]; then @@ -1311,7 +1352,7 @@ while true; do exit 1 fi - sleep 6 + sleep 3 get_info add_nginx_conf create_shortcut