Mirror/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2025-12-07 20:16:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

refactor: use get_first_outbound_section to determine outbound tag, remove SB_MAIN_OUTBOUND_TAG constant

Browse Source
This commit is contained in:
Andrey Petelin
2025-10-19 19:17:50 +05:00
parent 9d4c37b9a2
commit 08615b6f04
2 changed files with 194 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

219
podkop/files/usr/bin/podkop
View File

@@ -91,8 +91,8 @@ has_outbound_section() {
config_get outbound_json "$section" "outbound_json"
config_get urltest_proxy_links "$section" "urltest_proxy_links"
if [ -n "$proxy_string" ] || [ -n "$interface" ] || \
[ -n "$outbound_json" ] || [ -n "$urltest_proxy_links" ]; then
if [ -n "$proxy_string" ] || [ -n "$interface" ] ||
[ -n "$outbound_json" ] || [ -n "$urltest_proxy_links" ]; then
section_exists=0
fi
}
@@ -751,9 +751,10 @@ sing_box_configure_route() {
config=$(sing_box_cf_add_single_key_reject_rule "$config" "$SB_TPROXY_INBOUND_TAG" "protocol" "quic")
fi
config=$(
sing_box_cf_proxy_domain "$config" "$SB_TPROXY_INBOUND_TAG" "$CHECK_PROXY_IP_DOMAIN" "$SB_MAIN_OUTBOUND_TAG"
)
local first_outbound_section
first_outbound_section="$(get_first_outbound_section)"
first_outbound_tag="$(get_outbound_tag_by_section "$first_outbound_section")"
config=$(sing_box_cf_proxy_domain "$config" "$SB_TPROXY_INBOUND_TAG" "$CHECK_PROXY_IP_DOMAIN" "$first_outbound_tag")
config=$(sing_box_cf_override_domain_port "$config" "$FAKEIP_TEST_DOMAIN" 8443)
config_foreach include_source_ips_in_routing_handler "section"
@@ -1392,6 +1393,25 @@ get_download_detour_tag() {
fi
}
_determine_first_outbound_section() {
local section="$1"
local connection_type
config_get connection_type "$section" "connection_type"
if [ "$connection_type" = "proxy" ] || [ "$connection_type" = "vpn" ]; then
[ -z "$first_section" ] && first_section="$1"
fi
}
get_first_outbound_section() {
local first_section=""
config_foreach _determine_first_outbound_section "section"
echo "$first_section"
}
get_block_sections() {
uci show podkop | grep "\.connection_type='block'" | cut -d'.' -f2
}
@@ -1769,8 +1789,8 @@ get_system_info() {
luci_app_version="not installed"
fi
if command -v sing-box >/dev/null 2>&1; then
sing_box_version=$(sing-box version 2>/dev/null | head -n 1 | awk '{print $3}')
if command -v sing-box > /dev/null 2>&1; then
sing_box_version=$(sing-box version 2> /dev/null | head -n 1 | awk '{print $3}')
[ -z "$sing_box_version" ] && sing_box_version="unknown"
else
sing_box_version="not installed"
@@ -1955,8 +1975,8 @@ check_nft_rules() {
curl -m 3 -s "https://$FAKEIP_TEST_DOMAIN/check" > /dev/null 2>&1 &
local pid2=$!
wait $pid1 2>/dev/null
wait $pid2 2>/dev/null
wait $pid1 2> /dev/null
wait $pid2 2> /dev/null
sleep 1
# Check if PodkopTable exists
@@ -2004,12 +2024,12 @@ check_nft_rules() {
fi
# Check for other mark rules outside PodkopTable
nft list tables 2>/dev/null | while read -r _ family table_name; do
nft list tables 2> /dev/null | while read -r _ family table_name; do
[ -z "$table_name" ] && continue
[ "$table_name" = "$NFT_TABLE_NAME" ] && continue
if nft list table "$family" "$table_name" 2>/dev/null | grep -q "meta mark set"; then
if nft list table "$family" "$table_name" 2> /dev/null | grep -q "meta mark set"; then
touch /tmp/podkop_mark_check.$$
break
fi
@@ -2037,7 +2057,7 @@ check_sing_box() {
# Check version (must be >= 1.12.4)
local version
version=$(sing-box version 2>/dev/null | head -n 1 | awk '{print $3}')
version=$(sing-box version 2> /dev/null | head -n 1 | awk '{print $3}')
if [ -n "$version" ]; then
version=$(echo "$version" | sed 's/^v//')
local major
@@ -2048,9 +2068,9 @@ check_sing_box() {
patch=$(echo "$version" | cut -d. -f3)
# Compare version: must be >= 1.12.4
if [ "$major" -gt 1 ] || \
[ "$major" -eq 1 ] && [ "$minor" -gt 12 ] || \
[ "$major" -eq 1 ] && [ "$minor" -eq 12 ] && [ "$patch" -ge 4 ]; then
if [ "$major" -gt 1 ] ||
[ "$major" -eq 1 ] && [ "$minor" -gt 12 ] ||
[ "$major" -eq 1 ] && [ "$minor" -eq 12 ] && [ "$patch" -ge 4 ]; then
sing_box_version_ok=1
fi
fi
@@ -2060,7 +2080,7 @@ check_sing_box() {
if [ -f /etc/init.d/sing-box ]; then
sing_box_service_exist=1
if ! /etc/init.d/sing-box enabled 2>/dev/null; then
if ! /etc/init.d/sing-box enabled 2> /dev/null; then
sing_box_autostart_disabled=1
fi
fi
@@ -2074,11 +2094,11 @@ check_sing_box() {
local port_53_ok=0
local port_1602_ok=0
if netstat -ln 2>/dev/null | grep -q "127.0.0.42:53"; then
if netstat -ln 2> /dev/null | grep -q "127.0.0.42:53"; then
port_53_ok=1
fi
if netstat -ln 2>/dev/null | grep -q "127.0.0.1:1602"; then
if netstat -ln 2> /dev/null | grep -q "127.0.0.1:1602"; then
port_1602_ok=1
fi
@@ -2115,93 +2135,92 @@ clash_api() {
local action="$1"
case "$action" in
get_proxies)
curl -s "$CLASH_URL/proxies" | jq .
get_proxies)
curl -s "$CLASH_URL/proxies" | jq .
;;
get_proxy_latency)
local proxy_tag="$2"
local timeout="${3:-2000}"
if [ -z "$proxy_tag" ]; then
echo '{"error":"proxy_tag required"}' | jq .
return 1
fi
curl -G -s "$CLASH_URL/proxies/$proxy_tag/delay" \
--data-urlencode "url=$TEST_URL" \
--data-urlencode "timeout=$timeout" | jq .
;;
get_group_latency)
local group_tag="$2"
local timeout="${3:-5000}"
if [ -z "$group_tag" ]; then
echo '{"error":"group_tag required"}' | jq .
return 1
fi
curl -G -s "$CLASH_URL/group/$group_tag/delay" \
--data-urlencode "url=$TEST_URL" \
--data-urlencode "timeout=$timeout" | jq .
;;
set_group_proxy)
local group_tag="$2"
local proxy_tag="$3"
if [ -z "$group_tag" ] || [ -z "$proxy_tag" ]; then
echo '{"error":"group_tag and proxy_tag required"}' | jq .
return 1
fi
local response
response=$(curl -X PUT -s -w "\n%{http_code}" "$CLASH_URL/proxies/$group_tag" \
--data-raw "{\"name\":\"$proxy_tag\"}")
local http_code
local body
http_code=$(echo "$response" | tail -n 1)
body=$(echo "$response" | sed '$d')
case "$http_code" in
204)
echo "{\"success\":true,\"group\":\"$group_tag\",\"proxy\":\"$proxy_tag\"}" | jq .
;;
get_proxy_latency)
local proxy_tag="$2"
local timeout="${3:-2000}"
if [ -z "$proxy_tag" ]; then
echo '{"error":"proxy_tag required"}' | jq .
return 1
fi
curl -G -s "$CLASH_URL/proxies/$proxy_tag/delay" \
--data-urlencode "url=$TEST_URL" \
--data-urlencode "timeout=$timeout" | jq .
;;
get_group_latency)
local group_tag="$2"
local timeout="${3:-5000}"
if [ -z "$group_tag" ]; then
echo '{"error":"group_tag required"}' | jq .
return 1
fi
curl -G -s "$CLASH_URL/group/$group_tag/delay" \
--data-urlencode "url=$TEST_URL" \
--data-urlencode "timeout=$timeout" | jq .
;;
set_group_proxy)
local group_tag="$2"
local proxy_tag="$3"
if [ -z "$group_tag" ] || [ -z "$proxy_tag" ]; then
echo '{"error":"group_tag and proxy_tag required"}' | jq .
return 1
fi
local response
response=$(curl -X PUT -s -w "\n%{http_code}" "$CLASH_URL/proxies/$group_tag" \
--data-raw "{\"name\":\"$proxy_tag\"}")
local http_code
local body
http_code=$(echo "$response" | tail -n 1)
body=$(echo "$response" | sed '$d')
case "$http_code" in
204)
echo "{\"success\":true,\"group\":\"$group_tag\",\"proxy\":\"$proxy_tag\"}" | jq .
;;
404)
echo "{\"success\":false,\"error\":\"group_not_found\",\"message\":\"$group_tag does not exist\"}" | jq .
return 1
;;
400)
if echo "$body" | grep -q "not found"; then
echo "{\"success\":false,\"error\":\"proxy_not_found\",\"message\":\"$proxy_tag not found in group $group_tag\"}" | jq .
else
echo '{"success":false,"error":"bad_request","message":"Invalid request"}' | jq .
fi
return 1
;;
*)
if [ -n "$body" ]; then
local body_json
body_json=$(echo "$body" | jq -c .)
echo "{\"success\":false,\"http_code\":$http_code,\"body\":$body_json}" | jq .
else
echo "{\"success\":false,\"http_code\":$http_code}" | jq .
fi
return 1
;;
esac
;;
*)
echo '{"error":"unknown action","available":["get_proxies","get_proxy_latency","get_group_latency","set_group_proxy"]}' | jq .
404)
echo "{\"success\":false,\"error\":\"group_not_found\",\"message\":\"$group_tag does not exist\"}" | jq .
return 1
;;
400)
if echo "$body" | grep -q "not found"; then
echo "{\"success\":false,\"error\":\"proxy_not_found\",\"message\":\"$proxy_tag not found in group $group_tag\"}" | jq .
else
echo '{"success":false,"error":"bad_request","message":"Invalid request"}' | jq .
fi
return 1
;;
*)
if [ -n "$body" ]; then
local body_json
body_json=$(echo "$body" | jq -c .)
echo "{\"success\":false,\"http_code\":$http_code,\"body\":$body_json}" | jq .
else
echo "{\"success\":false,\"http_code\":$http_code}" | jq .
fi
return 1
;;
esac
;;
*)
echo '{"error":"unknown action","available":["get_proxies","get_proxy_latency","get_group_latency","set_group_proxy"]}' | jq .
return 1
;;
esac
}
print_global() {
local message="$1"
echo "$message"
@@ -2481,7 +2500,7 @@ global_check() {
if uci show network | grep -q route_allowed_ips; then
uci show network | grep "wireguard_.*\.route_allowed_ips='1'" | cut -d'.' -f1-2 | while read -r peer_section; do
local allowed_ips
allowed_ips=$(uci get "${peer_section}.allowed_ips" 2>/dev/null)
allowed_ips=$(uci get "${peer_section}.allowed_ips" 2> /dev/null)
if [ "$allowed_ips" = "0.0.0.0/0" ]; then
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"

1
podkop/files/usr/lib/constants.sh
View File

@@ -44,7 +44,6 @@ SB_SERVICE_MIXED_INBOUND_ADDRESS="127.0.0.1"
SB_SERVICE_MIXED_INBOUND_PORT=4534
# Outbounds
SB_DIRECT_OUTBOUND_TAG="direct-out"
SB_MAIN_OUTBOUND_TAG="main-out"
# Route
SB_REJECT_RULE_TAG="reject-rule-tag"
# Experimental