projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #4825 from nxhack/node-hid_fix_depends
[feed/packages.git] / net / shadowsocks-libev / files / shadowsocks-libev.init
1 #!/bin/sh /etc/rc.common
2 #
3 # Copyright (C) 2017 Yousong Zhou <yszhou4tech@gmail.com>
4 #
5 # This is free software, licensed under the GNU General Public License v3.
6 # See /LICENSE for more information.
7 #
8
9 USE_PROCD=1
10 START=99
11
12 ss_confdir=/var/etc/shadowsocks-libev
13 ss_bindir=/usr/bin
14 q='"'
15
16 ss_mkjson() {
17 echo "{" >"$confjson"
18 if ss_mkjson_ "$@" >>$confjson; then
19 sed -i -e '/^\s*$/d' -e '2,$s/^/\t/' -e '$s/,$//' "$confjson"
20 echo "}" >>"$confjson"
21 else
22 rm -f "$confjson"
23 return 1
24 fi
25 }
26
27 ss_mkjson_() {
28 local func
29
30 for func in "$@"; do
31 "$func" || return 1
32 done
33 }
34
35 ss_mkjson_server_conf() {
36 local cfgserver
37
38 config_get cfgserver "$cfg" server
39 [ -n "$cfgserver" ] || return 1
40 eval "$(validate_server_section "$cfg" ss_validate_mklocal)"
41 validate_server_section "$cfgserver" || return 1
42 [ "$disabled" = 0 ] || return 1
43 ss_mkjson_server_conf_ "$cfgserver"
44 }
45
46 ss_mkjson_server_conf_() {
47 [ -n "$server_port" ] || return 1
48 password="${password//\"/\\\"}"
49 cat <<-EOF
50 ${server:+${q}server${q}: ${q}$server${q},}
51 "server_port": $server_port,
52 ${method:+${q}method${q}: ${q}$method${q},}
53 ${key:+${q}key${q}: ${q}$key${q},}
54 ${password:+${q}password${q}: ${q}$password${q},}
55 EOF
56 }
57
58 ss_mkjson_common_conf() {
59 [ "$ipv6_first" = 0 ] && ipv6_first=false || ipv6_first=true
60 [ "$fast_open" = 0 ] && fast_open=false || fast_open=true
61 [ "$reuse_port" = 0 ] && reuse_port=false || reuse_port=true
62 cat <<-EOF
63 "use_syslog": true,
64 "ipv6_first": $ipv6_first,
65 "fast_open": $fast_open,
66 "reuse_port": $reuse_port,
67 ${local_address:+${q}local_address${q}: ${q}$local_address${q},}
68 ${local_port:+${q}local_port${q}: $local_port,}
69 ${mode:+${q}mode${q}: ${q}$mode${q},}
70 ${mtu:+${q}mtu${q}: $mtu,}
71 ${timeout:+${q}timeout${q}: $timeout,}
72 ${user:+${q}user${q}: ${q}$user${q},}
73 EOF
74 }
75
76 ss_mkjson_ss_local_conf() {
77 ss_mkjson_server_conf
78 }
79
80 ss_mkjson_ss_redir_conf() {
81 ss_mkjson_server_conf || return 1
82 [ "$disable_sni" = 0 ] && disable_sni=false || disable_sni=true
83 cat <<-EOF
84 "disable_sni": $disable_sni,
85 EOF
86 }
87
88 ss_mkjson_ss_server_conf() {
89 ss_mkjson_server_conf_
90 }
91
92 ss_mkjson_ss_tunnel_conf() {
93 ss_mkjson_server_conf || return 1
94 [ -n "$tunnel_address" ] || return 1
95 cat <<-EOF
96 ${tunnel_address:+${q}tunnel_address${q}: ${q}$tunnel_address${q},}
97 EOF
98 }
99
100 ss_xxx() {
101 local cfg="$1"
102 local cfgtype="$2"
103 local bin="$ss_bindir/${cfgtype/_/-}"
104 local confjson="$ss_confdir/$cfgtype.$cfg.json"
105
106 [ -x "$bin" ] || return
107 eval "$("validate_${cfgtype}_section" "$cfg" ss_validate_mklocal)"
108 "validate_${cfgtype}_section" "$cfg" || return 1
109 [ "$disabled" = 0 ] || return
110
111 if ss_mkjson \
112 ss_mkjson_common_conf \
113 ss_mkjson_${cfgtype}_conf \
114 ; then
115 procd_open_instance "$cfgtype.$cfg"
116 procd_set_param command "$bin" -c "$confjson"
117 [ "$verbose" = 0 ] || procd_append_param command -v
118 [ -z "$bind_address" ] || procd_append_param command -b "$bind_address"
119 [ -z "$manager_address" ] || procd_append_param command --manager-address "$manager_address"
120 procd_set_param file "$confjson"
121 procd_set_param respawn
122 procd_close_instance
123 ss_rules_cb
124 fi
125 }
126
127 ss_rules_cb() {
128 local cfgserver server
129
130 if [ "$cfgtype" = ss_redir ]; then
131 config_get cfgserver "$cfg" server
132 config_get server "$cfgserver" server
133 ss_redir_servers="$ss_redir_servers $server"
134 if [ "$mode" = tcp_only -o "$mode" = "tcp_and_udp" ]; then
135 eval "ss_rules_redir_tcp_$cfg=$local_port"
136 fi
137 if [ "$mode" = udp_only -o "$mode" = "tcp_and_udp" ]; then
138 eval "ss_rules_redir_udp_$cfg=$local_port"
139 fi
140 fi
141 }
142
143 ss_rules() {
144 local cfg="ss_rules"
145 local bin="$ss_bindir/ss-rules"
146 local cfgtype
147 local local_port_tcp local_port_udp
148 local args
149
150 [ -x "$bin" ] || return 1
151 config_get cfgtype "$cfg" TYPE
152 [ "$cfgtype" = ss_rules ] || return 1
153
154 eval "$(validate_ss_rules_section "$cfg" ss_validate_mklocal)"
155 validate_ss_rules_section "$cfg" || return 1
156 [ "$disabled" = 0 ] || return 1
157
158 eval local_port_tcp="\$ss_rules_redir_tcp_$redir_tcp"
159 eval local_port_udp="\$ss_rules_redir_udp_$redir_udp"
160 [ -n "$local_port_tcp" -o -n "$local_port_udp" ] || return 1
161 ss_redir_servers="$(echo "$ss_redir_servers" | tr ' ' '\n' | sort -u)"
162 [ "$dst_forward_recentrst" = 0 ] || args="$args --dst-forward-recentrst"
163
164 "$bin" \
165 -s "$ss_redir_servers" \
166 -l "$local_port_tcp" \
167 -L "$local_port_udp" \
168 --src-default "$src_default" \
169 --dst-default "$dst_default" \
170 --local-default "$local_default" \
171 --dst-bypass-file "$dst_ips_bypass_file" \
172 --dst-forward-file "$dst_ips_forward_file" \
173 --dst-bypass "$dst_ips_bypass" \
174 --dst-forward "$dst_ips_forward" \
175 --src-bypass "$src_ips_bypass" \
176 --src-forward "$src_ips_forward" \
177 --src-checkdst "$src_ips_checkdst" \
178 --ifnames "$ifnames" \
179 --ipt-extra "$ipt_args" \
180 $args \
181 || "$bin" -f
182 }
183
184 start_service() {
185 local cfgtype
186
187 mkdir -p "$ss_confdir"
188 config_load shadowsocks-libev
189 for cfgtype in ss_local ss_redir ss_server ss_tunnel; do
190 config_foreach ss_xxx "$cfgtype" "$cfgtype"
191 done
192 ss_rules
193 }
194
195 stop_service() {
196 local bin="$ss_bindir/ss-rules"
197
198 [ -x "$bin" ] && "$bin" -f
199 rm -rf "$ss_confdir"
200 }
201
202 service_triggers() {
203 procd_add_reload_interface_trigger wan
204 procd_add_reload_trigger shadowsocks-libev
205 procd_open_validate
206 validate_server_section
207 validate_ss_local_section
208 validate_ss_redir_section
209 validate_ss_rules_section
210 validate_ss_server_section
211 validate_ss_tunnel_section
212 procd_close_validate
213 }
214
215 ss_validate_mklocal() {
216 local tuple opts
217
218 shift 2
219 for tuple in "$@"; do
220 opts="${tuple%%:*} $opts"
221 done
222 [ -z "$opts" ] || echo "local $opts"
223 }
224
225 ss_validate() {
226 uci_validate_section shadowsocks-libev "$@"
227 }
228
229 validate_common_server_options_() {
230 local cfgtype="$1"; shift
231 local cfg="$1"; shift
232 local func="$1"; shift
233 local stream_methods='"table", "rc4", "rc4-md5", "aes-128-cfb", "aes-192-cfb", "aes-256-cfb", "aes-128-ctr", "aes-192-ctr", "aes-256-ctr", "bf-cfb", "camellia-128-cfb", "camellia-192-cfb", "camellia-256-cfb", "salsa20", "chacha20", "chacha20-ietf"'
234 local aead_methods='"aes-128-gcm", "aes-192-gcm", "aes-256-gcm", "chacha20-ietf-poly1305", "xchacha20-ietf-poly1305"'
235
236 "${func:-ss_validate}" "$cfgtype" "$cfg" "$@" \
237 'disabled:bool:0' \
238 'server:host' \
239 'server_port:port' \
240 'password:string' \
241 'key:string' \
242 "method:or($stream_methods, $aead_methods)"
243 }
244
245 validate_common_client_options_() {
246 validate_common_options_ "$@" \
247 'server:uci("shadowsocks-libev", "@server")' \
248 'local_address:host:0.0.0.0' \
249 'local_port:port'
250 }
251
252 validate_common_options_() {
253 local cfgtype="$1"; shift
254 local cfg="$1"; shift
255 local func="$1"; shift
256
257 "${func:-ss_validate}" "$cfgtype" "$cfg" "$@" \
258 'disabled:bool:0' \
259 'fast_open:bool:0' \
260 'ipv6_first:bool:0' \
261 'reuse_port:bool:0' \
262 'verbose:bool:0' \
263 'mode:or("tcp_only", "udp_only", "tcp_and_udp"):tcp_only' \
264 'mtu:uinteger' \
265 'timeout:uinteger' \
266 'user:string'
267 }
268
269 validate_server_section() {
270 validate_common_server_options_ server "$1" "${2}"
271 }
272
273 validate_ss_local_section() {
274 validate_common_client_options_ ss_local "$1" "${2}"
275 }
276
277 validate_ss_redir_section() {
278 validate_common_client_options_ ss_redir "$1" \
279 "${2}" \
280 'disable_sni:bool:0'
281 }
282
283 validate_ss_rules_section() {
284 "${2:-ss_validate}" ss_rules "$1" \
285 'disabled:bool:0' \
286 'redir_tcp:uci("shadowsocks-libev", "@ss_redir")' \
287 'redir_udp:uci("shadowsocks-libev", "@ss_redir")' \
288 'src_ips_bypass:or(ip4addr,cidr4)' \
289 'src_ips_forward:or(ip4addr,cidr4)' \
290 'src_ips_checkdst:or(ip4addr,cidr4)' \
291 'dst_ips_bypass_file:file' \
292 'dst_ips_bypass:or(ip4addr,cidr4)' \
293 'dst_ips_forward_file:file' \
294 'dst_ips_forward:or(ip4addr,cidr4)' \
295 'src_default:or("bypass", "forward", "checkdst"):checkdst' \
296 'dst_default:or("bypass", "forward"):bypass' \
297 'local_default:or("bypass", "forward", "checkdst"):bypass' \
298 'dst_forward_recentrst:bool:0' \
299 'ifnames:maxlength(15)' \
300 'ipt_args:string'
301 }
302
303 validate_ss_server_section() {
304 validate_common_server_options_ ss_server "$1" \
305 validate_common_options_ \
306 "${2}" \
307 'bind_address:ipaddr' \
308 'manager_address:host'
309 }
310
311 validate_ss_tunnel_section() {
312 validate_common_client_options_ ss_tunnel "$1" \
313 "${2}" \
314 'tunnel_address:regex(".+\:[0-9]+")'
315 }
Mirror of packages feed