luci-app-ssr-plus: Fix link failure for latest Xray version.

Re-open PR: 1、已完美修复Xray更新到2024.9.30版本后，无法连接服务器导致不能科学上网问题； 2、本次修改已完美兼容1.8.24及以下版本，即使服务端节点为旧版本也正常使用。 3、本次修改已完美修改socks 的配置用以适配新旧Xray版本。 4、WireGuard 配置：替换kernelMode为noKernelTun，见：XTLS/Xray-core@9bdf72d
fw876 · Oct 26, 2024 · 8de52f1 · 8de52f1
1 parent 03a65be
commit 8de52f1
Show file tree

Hide file tree

Showing 2 changed files with 171 additions and 157 deletions.
diff --git a/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/luci-app-ssr-plus/root/etc/init.d/shadowsocksr
@@ -422,7 +422,7 @@ start_udp() {
 		;;
 	v2ray)
 		gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_port
-		ln_start_bin $(first_type xray v2ray) v2ray run -config $udp_config_file
+		ln_start_bin $(first_type xray v2ray) v2ray run -c $udp_config_file
 		echolog "UDP TPROXY Relay:$($(first_type "xray" "v2ray") version | head -1) Started!"
 		;;
 	trojan) #client
@@ -531,7 +531,7 @@ start_shunt() {
 	v2ray)
 		local tmp_port=${tmp_local_port:-$tmp_shunt_local_port}
 		gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port $tmp_port
-		ln_start_bin $(first_type xray v2ray) v2ray run -config $shunt_config_file
+		ln_start_bin $(first_type xray v2ray) v2ray run -c $shunt_config_file
 		shunt_dns_command
 		echolog "shunt:$($(first_type xray v2ray) version | head -1) Started!"
 		;;
@@ -651,7 +651,7 @@ start_local() {
 	v2ray)
 		if [ "$_local" == "2" ]; then
 			gen_config_file $LOCAL_SERVER $type 4 0 $local_port
-			ln_start_bin $(first_type xray v2ray) v2ray run -config $local_config_file
+			ln_start_bin $(first_type xray v2ray) v2ray run -c $local_config_file
 		fi
 		echolog "Global_Socks5:$($(first_type "xray" "v2ray") version | head -1) Started!"
 		;;
@@ -746,7 +746,7 @@ Start_Run() {
 		;;
 	v2ray)
 		gen_config_file $GLOBAL_SERVER $type 1 $tcp_port $socks_port
-		ln_start_bin $(first_type xray v2ray) v2ray run -config $tcp_config_file
+		ln_start_bin $(first_type xray v2ray) v2ray run -c $tcp_config_file
 		echolog "Main node:$($(first_type xray v2ray) version | head -1) Started!"
 		;;
 	trojan)

diff --git a/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua b/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua
@@ -77,7 +77,7 @@ function wireguard()
 				allowedIPs = (server.allowedips) or nil,
 			}
 		},
-		kernelMode = (server.kernelmode == "1") and true or false,
+		noKernelTun = (server.kernelmode == "1") and true or false,
 		reserved = {server.reserved} or nil,
 		mtu = tonumber(server.mtu)
 	}
@@ -124,165 +124,179 @@ local Xray = {
 		-- error = "/var/ssrplus.log",
 		loglevel = "warning"
 	},
+
+	-- 初始化 inbounds 表
+	inbounds = {},
+
+}
 	-- 传入连接
-	inbound = (local_port ~= "0") and {
-		-- listening
-		port = tonumber(local_port),
-		protocol = "dokodemo-door",
-		settings = {network = proto, followRedirect = true},
-		sniffing = {
-			enabled = true,
-			destOverride = {"http", "tls", "quic"},
-			domainsExcluded = {
-				"courier.push.apple.com",
-				"rbsxbxp-mim.vivox.com",
-				"rbsxbxp.www.vivox.com",
-				"rbsxbxp-ws.vivox.com",
-				"rbspsxp.www.vivox.com",
-				"rbspsxp-mim.vivox.com",
-				"rbspsxp-ws.vivox.com",
-				"rbswxp.www.vivox.com",
-				"rbswxp-mim.vivox.com",
-				"disp-rbspsp-5-1.vivox.com",
-				"disp-rbsxbp-5-1.vivox.com",
-				"proxy.rbsxbp.vivox.com",
-				"proxy.rbspsp.vivox.com",
-				"proxy.rbswp.vivox.com",
-				"rbswp.vivox.com",
-				"rbsxbp.vivox.com",
-				"rbspsp.vivox.com",
-				"rbspsp.www.vivox.com",
-				"rbswp.www.vivox.com",
-				"rbsxbp.www.vivox.com",
-				"rbsxbxp.vivox.com",
-				"rbspsxp.vivox.com",
-				"rbswxp.vivox.com",
-				"Mijia Cloud",
-				"dlg.io.mi.com"
+	-- 添加 dokodemo-door 配置，如果 local_port 不为 0
+if local_port ~= "0" then
+    table.insert(Xray.inbounds, {
+			-- listening
+			port = tonumber(local_port),
+			protocol = "dokodemo-door",
+			settings = {network = proto, followRedirect = true},
+			sniffing = {
+				enabled = true,
+				destOverride = {"http", "tls", "quic"},
+				metadataOnly = false,
+				domainsExcluded = {
+					"courier.push.apple.com",
+					"rbsxbxp-mim.vivox.com",
+					"rbsxbxp.www.vivox.com",
+					"rbsxbxp-ws.vivox.com",
+					"rbspsxp.www.vivox.com",
+					"rbspsxp-mim.vivox.com",
+					"rbspsxp-ws.vivox.com",
+					"rbswxp.www.vivox.com",
+					"rbswxp-mim.vivox.com",
+					"disp-rbspsp-5-1.vivox.com",
+					"disp-rbsxbp-5-1.vivox.com",
+					"proxy.rbsxbp.vivox.com",
+					"proxy.rbspsp.vivox.com",
+					"proxy.rbswp.vivox.com",
+					"rbswp.vivox.com",
+					"rbsxbp.vivox.com",
+					"rbspsp.vivox.com",
+					"rbspsp.www.vivox.com",
+					"rbswp.www.vivox.com",
+					"rbsxbp.www.vivox.com",
+					"rbsxbxp.vivox.com",
+					"rbspsxp.vivox.com",
+					"rbswxp.vivox.com",
+					"Mijia Cloud",
+					"dlg.io.mi.com"
+				}
 			}
-		}
-	} or nil,
+    })
+end
+
 	-- 开启 socks 代理
-	inboundDetour = (proto:find("tcp") and socks_port ~= "0") and {
-		{
-			-- socks
-			protocol = "socks",
-			port = tonumber(socks_port),
-			settings = {auth = "noauth", udp = true}
-		}
-	} or nil,
+	-- 检查是否启用 socks 代理
+if proto:find("tcp") and socks_port ~= "0" then
+    table.insert(Xray.inbounds, {
+	-- socks
+        protocol = "socks",
+        port = tonumber(socks_port),
+        settings = {auth = "noauth", udp = true}
+    })
+end
+
 	-- 传出连接
-	outbound = {
-		protocol = server.v2ray_protocol,
-		settings = outbound_settings,
-		-- 底层传输配置
-		streamSettings = (server.v2ray_protocol ~= "wireguard") and {
-			network = server.transport or "tcp",
-			security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil,
-			tlsSettings = (server.tls == '1') and (server.tls_host or server.fingerprint) and {
-				-- tls
-				alpn = server.tls_alpn,
-				fingerprint = server.fingerprint,
-				allowInsecure = (server.insecure == "1"),
-				serverName = server.tls_host,
-				certificates = server.certificate and {
-					usage = "verify",
-					certificateFile = server.certpath
+	Xray.outbounds = {
+		{
+			protocol = server.v2ray_protocol,
+			settings = outbound_settings,
+			-- 底层传输配置
+			streamSettings = (server.v2ray_protocol ~= "wireguard") and {
+				network = server.transport or "tcp",
+				security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil,
+				tlsSettings = (server.tls == '1') and {
+					-- tls
+					alpn = server.tls_alpn,
+					fingerprint = server.fingerprint,
+					allowInsecure = (server.insecure == "1"),
+					serverName = server.tls_host,
+					certificates = server.certificate and {
+						usage = "verify",
+						certificateFile = server.certpath
+					} or nil,
 				} or nil,
-			} or nil,
-			xtlsSettings = (server.xtls == '1') and server.tls_host and {
-				-- xtls
-				allowInsecure = (server.insecure == "1") and true or nil,
-				serverName = server.tls_host,
-				minVersion = "1.3"
-			} or nil,
-			realitySettings = (server.reality == '1') and {
-				publicKey = server.reality_publickey,
-				shortId = server.reality_shortid,
-				spiderX = server.reality_spiderx,
-				fingerprint = server.fingerprint,
-				serverName = server.tls_host
-			} or nil,
-			tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and {
-				-- tcp
-				header = {
-					type = server.tcp_guise,
-					request = {
-						-- request
-						path = {server.http_path} or {"/"},
-						headers = {Host = {server.http_host} or {}}
+				xtlsSettings = (server.xtls == '1') and server.tls_host and {
+					-- xtls
+					allowInsecure = (server.insecure == "1") and true or nil,
+					serverName = server.tls_host,
+					minVersion = "1.3"
+				} or nil,
+				realitySettings = (server.reality == '1') and {
+					publicKey = server.reality_publickey,
+					shortId = server.reality_shortid,
+					spiderX = server.reality_spiderx,
+					fingerprint = server.fingerprint,
+					serverName = server.tls_host
+				} or nil,
+				tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and {
+					-- tcp
+					header = {
+						type = server.tcp_guise,
+						request = {
+							-- request
+							path = {server.http_path} or {"/"},
+							headers = {Host = {server.http_host} or {}}
+						}
 					}
-				}
-			} or nil,
-			kcpSettings = (server.transport == "kcp") and {
-				-- kcp
-				mtu = tonumber(server.mtu),
-				tti = tonumber(server.tti),
-				uplinkCapacity = tonumber(server.uplink_capacity),
-				downlinkCapacity = tonumber(server.downlink_capacity),
-				congestion = (server.congestion == "1") and true or false,
-				readBufferSize = tonumber(server.read_buffer_size),
-				writeBufferSize = tonumber(server.write_buffer_size),
-				header = {type = server.kcp_guise},
-				seed = server.seed or nil
-			} or nil,
-			wsSettings = (server.transport == "ws") and (server.ws_path or server.ws_host or server.tls_host) and {
-				-- ws
-				headers = (server.ws_host or server.tls_host) and {
-					-- headers
-					Host = server.ws_host or server.tls_host
 				} or nil,
-				path = server.ws_path,
-				maxEarlyData = tonumber(server.ws_ed) or nil,
-				earlyDataHeaderName = server.ws_ed_header or nil
-			} or nil,
-			httpupgradeSettings = (server.transport == "httpupgrade") and {
-				-- httpupgrade
-				host = (server.httpupgrade_host or server.tls_host) or nil,
-                                path = server.httpupgrade_path or ""
-			} or nil,
-			splithttpSettings = (server.transport == "splithttp") and {
-				-- splithttp
-				host = (server.splithttp_host or server.tls_host) or nil,
-                                path = server.splithttp_path or ""
-			} or nil,
-			httpSettings = (server.transport == "h2") and {
-				-- h2
-				path = server.h2_path or "",
-				host = {server.h2_host} or nil,
-				read_idle_timeout = tonumber(server.read_idle_timeout) or nil,
-				health_check_timeout = tonumber(server.health_check_timeout) or nil
-			} or nil,
-			quicSettings = (server.transport == "quic") and {
-				-- quic
-				security = server.quic_security,
-				key = server.quic_key,
-				header = {type = server.quic_guise}
-			} or nil,
-			grpcSettings = (server.transport == "grpc") and {
-				-- grpc
-				serviceName = server.serviceName or "",
-				multiMode = (server.grpc_mode == "multi") and true or false,
-				idle_timeout = tonumber(server.idle_timeout) or nil,
-				health_check_timeout = tonumber(server.health_check_timeout) or nil,
-				permit_without_stream = (server.permit_without_stream == "1") and true or nil,
-				initial_windows_size = tonumber(server.initial_windows_size) or nil
+				kcpSettings = (server.transport == "kcp") and {
+					-- kcp
+					mtu = tonumber(server.mtu),
+					tti = tonumber(server.tti),
+					uplinkCapacity = tonumber(server.uplink_capacity),
+					downlinkCapacity = tonumber(server.downlink_capacity),
+					congestion = (server.congestion == "1") and true or false,
+					readBufferSize = tonumber(server.read_buffer_size),
+					writeBufferSize = tonumber(server.write_buffer_size),
+					header = {type = server.kcp_guise},
+					seed = server.seed or nil
+				} or nil,
+				wsSettings = (server.transport == "ws") and (server.ws_path or server.ws_host or server.tls_host) and {
+					-- ws
+					headers = (server.ws_host or server.tls_host) and {
+						-- headers
+						Host = server.ws_host or server.tls_host
+					} or nil,
+					path = server.ws_path,
+					maxEarlyData = tonumber(server.ws_ed) or nil,
+					earlyDataHeaderName = server.ws_ed_header or nil
+				} or nil,
+				httpupgradeSettings = (server.transport == "httpupgrade") and {
+					-- httpupgrade
+					host = (server.httpupgrade_host or server.tls_host) or nil,
+					path = server.httpupgrade_path or ""
+				} or nil,
+				splithttpSettings = (server.transport == "splithttp") and {
+					-- splithttp
+					host = (server.splithttp_host or server.tls_host) or nil,
+					path = server.splithttp_path or "/"
+				} or nil,
+				httpSettings = (server.transport == "h2") and {
+					-- h2
+					path = server.h2_path or "",
+					host = {server.h2_host} or nil,
+					read_idle_timeout = tonumber(server.read_idle_timeout) or nil,
+					health_check_timeout = tonumber(server.health_check_timeout) or nil
+				} or nil,
+				quicSettings = (server.transport == "quic") and {
+					-- quic
+					security = server.quic_security,
+					key = server.quic_key,
+					header = {type = server.quic_guise}
+				} or nil,
+				grpcSettings = (server.transport == "grpc") and {
+					-- grpc
+					serviceName = server.serviceName or "",
+					multiMode = (server.grpc_mode == "multi") and true or false,
+					idle_timeout = tonumber(server.idle_timeout) or nil,
+					health_check_timeout = tonumber(server.health_check_timeout) or nil,
+					permit_without_stream = (server.permit_without_stream == "1") and true or nil,
+					initial_windows_size = tonumber(server.initial_windows_size) or nil
+				} or nil,
+				sockopt = {
+					tcpMptcp = (server.mptcp == "1") and true or false, -- MPTCP
+					tcpNoDelay = (server.mptcp == "1") and true or false, -- MPTCP
+					tcpcongestion = server.custom_tcpcongestion -- 连接服务器节点的 TCP 拥塞控制算法
+				}
 			} or nil,
-			sockopt = {
-				tcpMptcp = (server.mptcp == "1") and true or false, -- MPTCP
-				tcpNoDelay = (server.mptcp == "1") and true or false, -- MPTCP
-				tcpcongestion = server.custom_tcpcongestion -- 连接服务器节点的 TCP 拥塞控制算法
-			}
-		} or nil,
-		mux = (server.v2ray_protocol ~= "wireguard") and {
-			-- mux
-			enabled = (server.mux == "1") and true or false, -- Mux
-			concurrency = tonumber(server.concurrency), -- TCP 最大并发连接数
-			xudpConcurrency = tonumber(server.xudpConcurrency), -- UDP 最大并发连接数
-			xudpProxyUDP443 = server.xudpProxyUDP443 -- 对被代理的 UDP/443 流量处理方式
-		} or nil
+			mux = (server.v2ray_protocol ~= "wireguard") and {
+				-- mux
+				enabled = (server.mux == "1") and true or false, -- Mux
+				concurrency = tonumber(server.concurrency), -- TCP 最大并发连接数
+				xudpConcurrency = tonumber(server.xudpConcurrency), -- UDP 最大并发连接数
+				xudpProxyUDP443 = server.xudpProxyUDP443 -- 对被代理的 UDP/443 流量处理方式
+			} or nil
+		}
 	}
-}
+
 local cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
 local cipher13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384"
 local trojan = {
@@ -351,7 +365,7 @@ local hysteria = {
                         hopInterval = (server.port_range and (tonumber(server.hopinterval) .. "s") or nil)
                 } or nil)
         } or nil,
---[[			
+--[[
 	tcpTProxy = (proto:find("tcp") and local_port ~= "0") and {
 					listen = "0.0.0.0:" .. tonumber(local_port)
 	} or nil,
@@ -488,7 +502,7 @@ local tuic = {
 		},
 		["local"] = {
 			server = tonumber(socks_port) and "[::]:" .. (socks_port == "0" and local_port or tonumber(socks_port)),
-			dual_stack = (server.tuic_dual_stack == "1") and true  or nil,
+			dual_stack = (server.tuic_dual_stack == "1") and true or nil,
 			max_packet_size = tonumber(server.tuic_max_package_size)
 		}
 }