root/jiaoben
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新 gost.sh

Browse Source
This commit is contained in:
root 2024-11-05 12:09:08 +08:00
parent 6683f941b8
commit 38df9b5f2c
1 changed files with 727 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

736
gost.sh
View File

@ -63,7 +63,7 @@ function check_root() {
}
function check_new_ver() {
# deprecated
ct_new_ver=$(wget --no-check-certificate -qO- -t2 -T3 https://gitproxy.ozoo.top/https://api.github.com/repos/ginuerzh/gost/releases/latest | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g;s/v//g')
ct_new_ver=$(wget --no-check-certificate -qO- -t2 -T3 https://api.github.com/repos/ginuerzh/gost/releases/latest | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g;s/v//g')
if [[ -z ${ct_new_ver} ]]; then
ct_new_ver="2.11.2"
echo -e "${Error} gost 最新版本获取失败正在下载v${ct_new_ver}"
@ -97,7 +97,7 @@ function Install_ct() {
[[ -z ${addyn} ]] && addyn="n"
if [[ ${addyn} == [Yy] ]]; then
rm -rf gost-linux-"$bit"-"$ct_new_ver".gz
wget --no-check-certificate https://gotunnel.oss-cn-shenzhen.aliyuncs.com/gost-linux-"$bit"-"$ct_new_ver".gz
wget --no-check-certificate https://gitea.ozoo.top/root/jiaoben/src/branch/main/gost-linux-"$bit"-"$ct_new_ver".gz
gunzip gost-linux-"$bit"-"$ct_new_ver".gz
mv gost-linux-"$bit"-"$ct_new_ver" gost
mv gost /usr/bin/gost
@ -106,13 +106,13 @@ function Install_ct() {
mkdir /etc/gost && wget --no-check-certificate https://gotunnel.oss-cn-shenzhen.aliyuncs.com/config.json && mv config.json /etc/gost && chmod -R 777 /etc/gost
else
rm -rf gost-linux-"$bit"-"$ct_new_ver".gz
wget --no-check-certificate https://gitproxy.ozoo.top/https://github.com/ginuerzh/gost/releases/download/v"$ct_new_ver"/gost-linux-"$bit"-"$ct_new_ver".gz
wget --no-check-certificate https://github.com/ginuerzh/gost/releases/download/v"$ct_new_ver"/gost-linux-"$bit"-"$ct_new_ver".gz
gunzip gost-linux-"$bit"-"$ct_new_ver".gz
mv gost-linux-"$bit"-"$ct_new_ver" gost
mv gost /usr/bin/gost
chmod -R 777 /usr/bin/gost
wget --no-check-certificate https://gitproxy.ozoo.top/https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.service && chmod -R 777 gost.service && mv gost.service /usr/lib/systemd/system
mkdir /etc/gost && wget --no-check-certificate https://gitproxy.ozoo.top/https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/config.json && mv config.json /etc/gost && chmod -R 777 /etc/gost
wget --no-check-certificate https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.service && chmod -R 777 gost.service && mv gost.service /usr/lib/systemd/system
mkdir /etc/gost && wget --no-check-certificate https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/config.json && mv config.json /etc/gost && chmod -R 777 /etc/gost
fi
systemctl enable gost && systemctl restart gost
@ -153,15 +153,733 @@ function Restart_ct() {
systemctl restart gost
echo "已重读配置并重启"
}
function update_sh() {
ol_version=$(curl -L -s --connect-timeout 5 https://gitproxy.ozoo.top/https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh | grep "shell_version=" | head -1 | awk -F '=|"' '{print $3}')
function read_protocol() {
echo -e "请问您要设置哪种功能: "
echo -e "-----------------------------------"
echo -e "[1] tcp+udp流量转发, 不加密"
echo -e "说明: 一般设置在国内中转机上"
echo -e "-----------------------------------"
echo -e "[2] 加密隧道流量转发"
echo -e "说明: 用于转发原本加密等级较低的流量, 一般设置在国内中转机上"
echo -e " 选择此协议意味着你还有一台机器用于接收此加密流量, 之后须在那台机器上配置协议[3]进行对接"
echo -e "-----------------------------------"
echo -e "[3] 解密由gost传输而来的流量并转发"
echo -e "说明: 对于经由gost加密中转的流量, 通过此选项进行解密并转发给本机的代理服务端口或转发给其他远程机器"
echo -e " 一般设置在用于接收中转流量的国外机器上"
echo -e "-----------------------------------"
echo -e "[4] 一键安装ss/socks5/http代理"
echo -e "说明: 使用gost内置的代理协议轻量且易于管理"
echo -e "-----------------------------------"
echo -e "[5] 进阶:多落地均衡负载"
echo -e "说明: 支持各种加密方式的简单均衡负载"
echo -e "-----------------------------------"
echo -e "[6] 进阶转发CDN自选节点"
echo -e "说明: 只需在中转机设置"
echo -e "-----------------------------------"
read -p "请选择: " numprotocol
if [ "$numprotocol" == "1" ]; then
flag_a="nonencrypt"
elif [ "$numprotocol" == "2" ]; then
encrypt
elif [ "$numprotocol" == "3" ]; then
decrypt
elif [ "$numprotocol" == "4" ]; then
proxy
elif [ "$numprotocol" == "5" ]; then
enpeer
elif [ "$numprotocol" == "6" ]; then
cdn
else
echo "type error, please try again"
exit
fi
}
function read_s_port() {
if [ "$flag_a" == "ss" ]; then
echo -e "-----------------------------------"
read -p "请输入ss密码: " flag_b
elif [ "$flag_a" == "socks" ]; then
echo -e "-----------------------------------"
read -p "请输入socks密码: " flag_b
elif [ "$flag_a" == "http" ]; then
echo -e "-----------------------------------"
read -p "请输入http密码: " flag_b
else
echo -e "------------------------------------------------------------------"
echo -e "请问你要将本机哪个端口接收到的流量进行转发?"
read -p "请输入: " flag_b
fi
}
function read_d_ip() {
if [ "$flag_a" == "ss" ]; then
echo -e "------------------------------------------------------------------"
echo -e "请问您要设置的ss加密(仅提供常用的几种): "
echo -e "-----------------------------------"
echo -e "[1] aes-256-gcm"
echo -e "[2] aes-256-cfb"
echo -e "[3] chacha20-ietf-poly1305"
echo -e "[4] chacha20"
echo -e "[5] rc4-md5"
echo -e "[6] AEAD_CHACHA20_POLY1305"
echo -e "-----------------------------------"
read -p "请选择ss加密方式: " ssencrypt
if [ "$ssencrypt" == "1" ]; then
flag_c="aes-256-gcm"
elif [ "$ssencrypt" == "2" ]; then
flag_c="aes-256-cfb"
elif [ "$ssencrypt" == "3" ]; then
flag_c="chacha20-ietf-poly1305"
elif [ "$ssencrypt" == "4" ]; then
flag_c="chacha20"
elif [ "$ssencrypt" == "5" ]; then
flag_c="rc4-md5"
elif [ "$ssencrypt" == "6" ]; then
flag_c="AEAD_CHACHA20_POLY1305"
else
echo "type error, please try again"
exit
fi
elif [ "$flag_a" == "socks" ]; then
echo -e "-----------------------------------"
read -p "请输入socks用户名: " flag_c
elif [ "$flag_a" == "http" ]; then
echo -e "-----------------------------------"
read -p "请输入http用户名: " flag_c
elif [[ "$flag_a" == "peer"* ]]; then
echo -e "------------------------------------------------------------------"
echo -e "请输入落地列表文件名"
read -e -p "自定义但不同配置应不重复不用输入后缀例如ips1、iplist2: " flag_c
touch $flag_c.txt
echo -e "------------------------------------------------------------------"
echo -e "请依次输入你要均衡负载的落地ip与端口"
while true; do
echo -e "请问你要将本机从${flag_b}接收到的流量转发向的IP或域名?"
read -p "请输入: " peer_ip
echo -e "请问你要将本机从${flag_b}接收到的流量转发向${peer_ip}的哪个端口?"
read -p "请输入: " peer_port
echo -e "$peer_ip:$peer_port" >>$flag_c.txt
read -e -p "是否继续添加落地?[Y/n]:" addyn
[[ -z ${addyn} ]] && addyn="y"
if [[ ${addyn} == [Nn] ]]; then
echo -e "------------------------------------------------------------------"
echo -e "已在root目录创建$flag_c.txt您可以随时编辑该文件修改落地信息重启gost即可生效"
echo -e "------------------------------------------------------------------"
break
else
echo -e "------------------------------------------------------------------"
echo -e "继续添加均衡负载落地配置"
fi
done
elif [[ "$flag_a" == "cdn"* ]]; then
echo -e "------------------------------------------------------------------"
echo -e "将本机从${flag_b}接收到的流量转发向的自选ip:"
read -p "请输入: " flag_c
echo -e "请问你要将本机从${flag_b}接收到的流量转发向${flag_c}的哪个端口?"
echo -e "[1] 80"
echo -e "[2] 443"
echo -e "[3] 自定义端口如8080等"
read -p "请选择端口: " cdnport
if [ "$cdnport" == "1" ]; then
flag_c="$flag_c:80"
elif [ "$cdnport" == "2" ]; then
flag_c="$flag_c:443"
elif [ "$cdnport" == "3" ]; then
read -p "请输入自定义端口: " customport
flag_c="$flag_c:$customport"
else
echo "type error, please try again"
exit
fi
else
echo -e "------------------------------------------------------------------"
echo -e "请问你要将本机从${flag_b}接收到的流量转发向哪个IP或域名?"
echo -e "注: IP既可以是[远程机器/当前机器]的公网IP, 也可是以本机本地回环IP(即127.0.0.1)"
echo -e "具体IP地址的填写, 取决于接收该流量的服务正在监听的IP(详见: https://github.com/KANIKIG/Multi-EasyGost)"
if [[ ${is_cert} == [Yy] ]]; then
echo -e "注意: 落地机开启自定义tls证书务必填写${Red_font_prefix}域名${Font_color_suffix}"
fi
read -p "请输入: " flag_c
fi
}
function read_d_port() {
if [ "$flag_a" == "ss" ]; then
echo -e "------------------------------------------------------------------"
echo -e "请问你要设置ss代理服务的端口?"
read -p "请输入: " flag_d
elif [ "$flag_a" == "socks" ]; then
echo -e "------------------------------------------------------------------"
echo -e "请问你要设置socks代理服务的端口?"
read -p "请输入: " flag_d
elif [ "$flag_a" == "http" ]; then
echo -e "------------------------------------------------------------------"
echo -e "请问你要设置http代理服务的端口?"
read -p "请输入: " flag_d
elif [[ "$flag_a" == "peer"* ]]; then
echo -e "------------------------------------------------------------------"
echo -e "您要设置的均衡负载策略: "
echo -e "-----------------------------------"
echo -e "[1] round - 轮询"
echo -e "[2] random - 随机"
echo -e "[3] fifo - 自上而下"
echo -e "-----------------------------------"
read -p "请选择均衡负载类型: " numstra
if [ "$numstra" == "1" ]; then
flag_d="round"
elif [ "$numstra" == "2" ]; then
flag_d="random"
elif [ "$numstra" == "3" ]; then
flag_d="fifo"
else
echo "type error, please try again"
exit
fi
elif [[ "$flag_a" == "cdn"* ]]; then
echo -e "------------------------------------------------------------------"
read -p "请输入host:" flag_d
else
echo -e "------------------------------------------------------------------"
echo -e "请问你要将本机从${flag_b}接收到的流量转发向${flag_c}的哪个端口?"
read -p "请输入: " flag_d
if [[ ${is_cert} == [Yy] ]]; then
flag_d="$flag_d?secure=true"
fi
fi
}
function writerawconf() {
echo $flag_a"/""$flag_b""#""$flag_c""#""$flag_d" >>$raw_conf_path
}
function rawconf() {
read_protocol
read_s_port
read_d_ip
read_d_port
writerawconf
}
function eachconf_retrieve() {
d_server=${trans_conf#*#}
d_port=${d_server#*#}
d_ip=${d_server%#*}
flag_s_port=${trans_conf%%#*}
s_port=${flag_s_port#*/}
is_encrypt=${flag_s_port%/*}
}
function confstart() {
echo "{
\"Debug\": true,
\"Retries\": 0,
\"ServeNodes\": [" >>$gost_conf_path
}
function multiconfstart() {
echo " {
\"Retries\": 0,
\"ServeNodes\": [" >>$gost_conf_path
}
function conflast() {
echo " ]
}" >>$gost_conf_path
}
function multiconflast() {
if [ $i -eq $count_line ]; then
echo " ]
}" >>$gost_conf_path
else
echo " ]
}," >>$gost_conf_path
fi
}
function encrypt() {
echo -e "请问您要设置的转发传输类型: "
echo -e "-----------------------------------"
echo -e "[1] tls隧道"
echo -e "[2] ws隧道"
echo -e "[3] wss隧道"
echo -e "注意: 同一则转发中转与落地传输类型必须对应本脚本默认开启tcp+udp"
echo -e "-----------------------------------"
read -p "请选择转发传输类型: " numencrypt
if [ "$numencrypt" == "1" ]; then
flag_a="encrypttls"
echo -e "注意: 选择 是 将针对落地的自定义证书开启证书校验保证安全性,稍后落地机务必填写${Red_font_prefix}域名${Font_color_suffix}"
read -e -p "落地机是否开启了自定义tls证书[y/n]:" is_cert
elif [ "$numencrypt" == "2" ]; then
flag_a="encryptws"
elif [ "$numencrypt" == "3" ]; then
flag_a="encryptwss"
echo -e "注意: 选择 是 将针对落地的自定义证书开启证书校验保证安全性,稍后落地机务必填写${Red_font_prefix}域名${Font_color_suffix}"
read -e -p "落地机是否开启了自定义tls证书[y/n]:" is_cert
else
echo "type error, please try again"
exit
fi
}
function enpeer() {
echo -e "请问您要设置的均衡负载传输类型: "
echo -e "-----------------------------------"
echo -e "[1] 不加密转发"
echo -e "[2] tls隧道"
echo -e "[3] ws隧道"
echo -e "[4] wss隧道"
echo -e "注意: 同一则转发,中转与落地传输类型必须对应!本脚本默认同一配置的传输类型相同"
echo -e "此脚本仅支持简单型均衡负载,具体可参考官方文档"
echo -e "gost均衡负载官方文档https://docs.ginuerzh.xyz/gost/load-balancing"
echo -e "-----------------------------------"
read -p "请选择转发传输类型: " numpeer
if [ "$numpeer" == "1" ]; then
flag_a="peerno"
elif [ "$numpeer" == "2" ]; then
flag_a="peertls"
elif [ "$numpeer" == "3" ]; then
flag_a="peerws"
elif [ "$numpeer" == "4" ]; then
flag_a="peerwss"
else
echo "type error, please try again"
exit
fi
}
function cdn() {
echo -e "请问您要设置的CDN传输类型: "
echo -e "-----------------------------------"
echo -e "[1] 不加密转发"
echo -e "[2] ws隧道"
echo -e "[3] wss隧道"
echo -e "注意: 同一则转发,中转与落地传输类型必须对应!"
echo -e "此功能只需在中转机设置"
echo -e "-----------------------------------"
read -p "请选择CDN转发传输类型: " numcdn
if [ "$numcdn" == "1" ]; then
flag_a="cdnno"
elif [ "$numcdn" == "2" ]; then
flag_a="cdnws"
elif [ "$numcdn" == "3" ]; then
flag_a="cdnwss"
else
echo "type error, please try again"
exit
fi
}
function cert() {
echo -e "-----------------------------------"
echo -e "[1] ACME一键申请证书"
echo -e "[2] 手动上传证书"
echo -e "-----------------------------------"
echo -e "说明: 仅用于落地机配置默认使用的gost内置的证书可能带来安全问题使用自定义证书提高安全性"
echo -e " 配置后对本机所有tls/wss解密生效无需再次设置"
read -p "请选择证书生成方式: " numcert
if [ "$numcert" == "1" ]; then
check_sys
if [[ ${release} == "centos" ]]; then
yum install -y socat
else
apt-get install -y socat
fi
read -p "请输入ZeroSSL的账户邮箱(至 zerossl.com 注册即可)" zeromail
read -p "请输入解析到本机的域名:" domain
curl https://get.acme.sh | sh
"$HOME"/.acme.sh/acme.sh --set-default-ca --server zerossl
"$HOME"/.acme.sh/acme.sh --register-account -m "${zeromail}" --server zerossl
echo -e "ACME证书申请程序安装成功"
echo -e "-----------------------------------"
echo -e "[1] HTTP申请需要80端口未占用"
echo -e "[2] Cloudflare DNS API 申请需要输入APIKEY"
echo -e "-----------------------------------"
read -p "请选择证书申请方式: " certmethod
if [ "$certmethod" == "1" ]; then
echo -e "请确认本机${Red_font_prefix}80${Font_color_suffix}端口未被占用, 否则会申请失败"
if "$HOME"/.acme.sh/acme.sh --issue -d "${domain}" --standalone -k ec-256 --force; then
echo -e "SSL 证书生成成功默认申请高安全性的ECC证书"
if [ ! -d "$HOME/gost_cert" ]; then
mkdir $HOME/gost_cert
fi
if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath $HOME/gost_cert/cert.pem --keypath $HOME/gost_cert/key.pem --ecc --force; then
echo -e "SSL 证书配置成功,且会自动续签,证书及秘钥位于用户目录下的 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录"
echo -e "证书目录名与证书文件名请勿更改; 删除 gost_cert 目录后用脚本重启,即自动启用gost内置证书"
echo -e "-----------------------------------"
fi
else
echo -e "SSL 证书生成失败"
exit 1
fi
else
read -p "请输入Cloudflare账户邮箱" cfmail
read -p "请输入Cloudflare Global API Key" cfkey
export CF_Key="${cfkey}"
export CF_Email="${cfmail}"
if "$HOME"/.acme.sh/acme.sh --issue --dns dns_cf -d "${domain}" --standalone -k ec-256 --force; then
echo -e "SSL 证书生成成功默认申请高安全性的ECC证书"
if [ ! -d "$HOME/gost_cert" ]; then
mkdir $HOME/gost_cert
fi
if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath $HOME/gost_cert/cert.pem --keypath $HOME/gost_cert/key.pem --ecc --force; then
echo -e "SSL 证书配置成功,且会自动续签,证书及秘钥位于用户目录下的 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录"
echo -e "证书目录名与证书文件名请勿更改; 删除 gost_cert 目录后使用脚本重启, 即重新启用gost内置证书"
echo -e "-----------------------------------"
fi
else
echo -e "SSL 证书生成失败"
exit 1
fi
fi
elif [ "$numcert" == "2" ]; then
if [ ! -d "$HOME/gost_cert" ]; then
mkdir $HOME/gost_cert
fi
echo -e "-----------------------------------"
echo -e "已在用户目录建立 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录,请将证书文件 cert.pem 与秘钥文件 key.pem 上传到该目录"
echo -e "证书与秘钥文件名必须与上述一致,目录名也请勿更改"
echo -e "上传成功后用脚本重启gost会自动启用无需再设置; 删除 gost_cert 目录后用脚本重启,即重新启用gost内置证书"
echo -e "-----------------------------------"
else
echo "type error, please try again"
exit
fi
}
function decrypt() {
echo -e "请问您要设置的解密传输类型: "
echo -e "-----------------------------------"
echo -e "[1] tls"
echo -e "[2] ws"
echo -e "[3] wss"
echo -e "注意: 同一则转发中转与落地传输类型必须对应本脚本默认开启tcp+udp"
echo -e "-----------------------------------"
read -p "请选择解密传输类型: " numdecrypt
if [ "$numdecrypt" == "1" ]; then
flag_a="decrypttls"
elif [ "$numdecrypt" == "2" ]; then
flag_a="decryptws"
elif [ "$numdecrypt" == "3" ]; then
flag_a="decryptwss"
else
echo "type error, please try again"
exit
fi
}
function proxy() {
echo -e "------------------------------------------------------------------"
echo -e "请问您要设置的代理类型: "
echo -e "-----------------------------------"
echo -e "[1] shadowsocks"
echo -e "[2] socks5(强烈建议加隧道用于Telegram代理)"
echo -e "[3] http"
echo -e "-----------------------------------"
read -p "请选择代理类型: " numproxy
if [ "$numproxy" == "1" ]; then
flag_a="ss"
elif [ "$numproxy" == "2" ]; then
flag_a="socks"
elif [ "$numproxy" == "3" ]; then
flag_a="http"
else
echo "type error, please try again"
exit
fi
}
function method() {
if [ $i -eq 1 ]; then
if [ "$is_encrypt" == "nonencrypt" ]; then
echo " \"tcp://:$s_port/$d_ip:$d_port\",
\"udp://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnno" ]; then
echo " \"tcp://:$s_port/$d_ip?host=$d_port\",
\"udp://:$s_port/$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerno" ]; then
echo " \"tcp://:$s_port?ip=/root/$d_ip.txt&strategy=$d_port\",
\"udp://:$s_port?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encrypttls" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+tls://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encryptws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encryptwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peertls" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+tls://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "decrypttls" ]; then
if [ -d "$HOME/gost_cert" ]; then
echo " \"relay+tls://:$s_port/$d_ip:$d_port?cert=/root/gost_cert/cert.pem&key=/root/gost_cert/key.pem\"" >>$gost_conf_path
else
echo " \"relay+tls://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
fi
elif [ "$is_encrypt" == "decryptws" ]; then
echo " \"relay+ws://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "decryptwss" ]; then
if [ -d "$HOME/gost_cert" ]; then
echo " \"relay+wss://:$s_port/$d_ip:$d_port?cert=/root/gost_cert/cert.pem&key=/root/gost_cert/key.pem\"" >>$gost_conf_path
else
echo " \"relay+wss://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
fi
elif [ "$is_encrypt" == "ss" ]; then
echo " \"ss://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "socks" ]; then
echo " \"socks5://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "http" ]; then
echo " \"http://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
else
echo "config error"
fi
elif [ $i -gt 1 ]; then
if [ "$is_encrypt" == "nonencrypt" ]; then
echo " \"tcp://:$s_port/$d_ip:$d_port\",
\"udp://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerno" ]; then
echo " \"tcp://:$s_port?ip=/root/$d_ip.txt&strategy=$d_port\",
\"udp://:$s_port?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnno" ]; then
echo " \"tcp://:$s_port/$d_ip?host=$d_port\",
\"udp://:$s_port/$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encrypttls" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+tls://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encryptws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "encryptwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peertls" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+tls://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "peerwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://:?ip=/root/$d_ip.txt&strategy=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnws" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+ws://$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "cdnwss" ]; then
echo " \"tcp://:$s_port\",
\"udp://:$s_port\"
],
\"ChainNodes\": [
\"relay+wss://$d_ip?host=$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "decrypttls" ]; then
if [ -d "$HOME/gost_cert" ]; then
echo " \"relay+tls://:$s_port/$d_ip:$d_port?cert=/root/gost_cert/cert.pem&key=/root/gost_cert/key.pem\"" >>$gost_conf_path
else
echo " \"relay+tls://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
fi
elif [ "$is_encrypt" == "decryptws" ]; then
echo " \"relay+ws://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "decryptwss" ]; then
if [ -d "$HOME/gost_cert" ]; then
echo " \"relay+wss://:$s_port/$d_ip:$d_port?cert=/root/gost_cert/cert.pem&key=/root/gost_cert/key.pem\"" >>$gost_conf_path
else
echo " \"relay+wss://:$s_port/$d_ip:$d_port\"" >>$gost_conf_path
fi
elif [ "$is_encrypt" == "ss" ]; then
echo " \"ss://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "socks" ]; then
echo " \"socks5://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
elif [ "$is_encrypt" == "http" ]; then
echo " \"http://$d_ip:$s_port@:$d_port\"" >>$gost_conf_path
else
echo "config error"
fi
else
echo "config error"
exit
fi
}
function writeconf() {
count_line=$(awk 'END{print NR}' $raw_conf_path)
for ((i = 1; i <= $count_line; i++)); do
if [ $i -eq 1 ]; then
trans_conf=$(sed -n "${i}p" $raw_conf_path)
eachconf_retrieve
method
elif [ $i -gt 1 ]; then
if [ $i -eq 2 ]; then
echo " ],
\"Routes\": [" >>$gost_conf_path
trans_conf=$(sed -n "${i}p" $raw_conf_path)
eachconf_retrieve
multiconfstart
method
multiconflast
else
trans_conf=$(sed -n "${i}p" $raw_conf_path)
eachconf_retrieve
multiconfstart
method
multiconflast
fi
fi
done
}
function show_all_conf() {
echo -e " GOST 配置 "
echo -e "--------------------------------------------------------"
echo -e "序号|方法\t |本地端口\t|目的地地址:目的地端口"
echo -e "--------------------------------------------------------"
count_line=$(awk 'END{print NR}' $raw_conf_path)
for ((i = 1; i <= $count_line; i++)); do
trans_conf=$(sed -n "${i}p" $raw_conf_path)
eachconf_retrieve
if [ "$is_encrypt" == "nonencrypt" ]; then
str="不加密中转"
elif [ "$is_encrypt" == "encrypttls" ]; then
str=" tls隧道 "
elif [ "$is_encrypt" == "encryptws" ]; then
str=" ws隧道 "
elif [ "$is_encrypt" == "encryptwss" ]; then
str=" wss隧道 "
elif [ "$is_encrypt" == "peerno" ]; then
str=" 不加密均衡负载 "
elif [ "$is_encrypt" == "peertls" ]; then
str=" tls隧道均衡负载 "
elif [ "$is_encrypt" == "peerws" ]; then
str=" ws隧道均衡负载 "
elif [ "$is_encrypt" == "peerwss" ]; then
str=" wss隧道均衡负载 "
elif [ "$is_encrypt" == "decrypttls" ]; then
str=" tls解密 "
elif [ "$is_encrypt" == "decryptws" ]; then
str=" ws解密 "
elif [ "$is_encrypt" == "decryptwss" ]; then
str=" wss解密 "
elif [ "$is_encrypt" == "ss" ]; then
str=" ss "
elif [ "$is_encrypt" == "socks" ]; then
str=" socks5 "
elif [ "$is_encrypt" == "http" ]; then
str=" http "
elif [ "$is_encrypt" == "cdnno" ]; then
str="不加密转发CDN"
elif [ "$is_encrypt" == "cdnws" ]; then
str="ws隧道转发CDN"
elif [ "$is_encrypt" == "cdnwss" ]; then
str="wss隧道转发CDN"
else
str=""
fi
echo -e " $i |$str |$s_port\t|$d_ip:$d_port"
echo -e "--------------------------------------------------------"
done
}
cron_restart() {
echo -e "------------------------------------------------------------------"
echo -e "gost定时重启任务: "
echo -e "-----------------------------------"
echo -e "[1] 配置gost定时重启任务"
echo -e "[2] 删除gost定时重启任务"
echo -e "-----------------------------------"
read -p "请选择: " numcron
if [ "$numcron" == "1" ]; then
echo -e "------------------------------------------------------------------"
echo -e "gost定时重启任务类型: "
echo -e "-----------------------------------"
echo -e "[1] 每?小时重启"
echo -e "[2] 每日?点重启"
echo -e "-----------------------------------"
read -p "请选择: " numcrontype
if [ "$numcrontype" == "1" ]; then
echo -e "-----------------------------------"
read -p "每?小时重启: " cronhr
echo "0 0 */$cronhr * * ? * systemctl restart gost" >>/etc/crontab
echo -e "定时重启设置成功!"
elif [ "$numcrontype" == "2" ]; then
echo -e "-----------------------------------"
read -p "每日?点重启: " cronhr
echo "0 0 $cronhr * * ? systemctl restart gost" >>/etc/crontab
echo -e "定时重启设置成功!"
else
echo "type error, please try again"
exit
fi
elif [ "$numcron" == "2" ]; then
sed -i "/gost/d" /etc/crontab
echo -e "定时重启任务删除完成!"
else
echo "type error, please try again"
exit
fi
}
update_sh() {
ol_version=$(curl -L -s --connect-timeout 5 https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh | grep "shell_version=" | head -1 | awk -F '=|"' '{print $3}')
if [ -n "$ol_version" ]; then
if [[ "$shell_version" != "$ol_version" ]]; then
echo -e "存在新版本,是否更新 [Y/N]?"
read -r update_confirm
case $update_confirm in
[yY][eE][sS] | [yY])
wget -N --no-check-certificate https://gitproxy.ozoo.top/https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh
wget -N --no-check-certificate https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh
echo -e "更新完成"
exit 0
;;
@ -258,4 +976,4 @@ case "$num" in
*)
echo "请输入正确数字 [1-9]"
;;
esac
esac