him411/UA3F
1
0
Fork 0
mirror of https://github.com/SunBK201/UA3F.git synced 2025-12-17 01:06:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add TTL settings

Browse Source
This commit is contained in:
SunBK201 2025-11-05 14:23:12 +08:00
parent a6fb5a65d4
commit 383d7edabd
7 changed files with 74 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ipkg/CONTROL/control
View File

@ -1,6 +1,6 @@
Package: ua3f Package: ua3f
Version: 1.2.1-1 Version: 1.2.1-1
Depends: luci-compat, ipset, iptables, iptables-mod-tproxy, iptables-mod-extra, iptables-mod-nat-extra, kmod-ipt-conntrack Depends: luci-compat, ipset, iptables, iptables-mod-tproxy, iptables-mod-extra, iptables-mod-nat-extra, kmod-ipt-conntrack, iptables-mod-ipopt
Source: /feed/openwrt Source: /feed/openwrt
SourceName: UA3F SourceName: UA3F
License: GPL-3.0-only License: GPL-3.0-only

2
ipkg/CONTROL/control-e
View File

@ -1,6 +1,6 @@
Package: ua3f Package: ua3f
Version: 1.2.1-1 Version: 1.2.1-1
Depends: luci-compat, ipset, iptables, iptables-mod-tproxy, iptables-mod-extra, iptables-mod-nat-extra, kmod-ipt-conntrack Depends: luci-compat, ipset, iptables, iptables-mod-tproxy, iptables-mod-extra, iptables-mod-nat-extra, kmod-ipt-conntrack, iptables-mod-ipopt
Source: /feed/openwrt Source: /feed/openwrt
SourceName: UA3F SourceName: UA3F
License: GPL-3.0-only License: GPL-3.0-only

2
openwrt/Makefile
View File

@ -28,7 +28,7 @@ define Package/ua3f
SUBMENU:=Web Servers/Proxies SUBMENU:=Web Servers/Proxies
TITLE:=A SOCKS5 Server for User-Agent Rewriting TITLE:=A SOCKS5 Server for User-Agent Rewriting
URL:=https://github.com/SunBK201/UA3F URL:=https://github.com/SunBK201/UA3F
DEPENDS:=$(GO_ARCH_DEPENDS) +luci-compat +ipset +iptables +iptables-mod-tproxy +iptables-mod-extra +iptables-mod-nat-extra +kmod-ipt-conntrack DEPENDS:=$(GO_ARCH_DEPENDS) +luci-compat +ipset +iptables +iptables-mod-tproxy +iptables-mod-extra +iptables-mod-nat-extra +kmod-ipt-conntrack +iptables-mod-ipopt
endef endef
define Package/ua3f/description define Package/ua3f/description

6
openwrt/files/luci/cbi.lua
View File

@ -30,6 +30,7 @@ end
general:tab("general", translate("Settings")) general:tab("general", translate("Settings"))
general:tab("stats", translate("Statistics")) general:tab("stats", translate("Statistics"))
general:tab("log", translate("Log")) general:tab("log", translate("Log"))
general:tab("others", translate("Others"))
server_mode = general:taboption("general", ListValue, "server_mode", translate("Server Mode")) server_mode = general:taboption("general", ListValue, "server_mode", translate("Server Mode"))
server_mode:value("SOCKS5", "SOCKS5") server_mode:value("SOCKS5", "SOCKS5")
@ -55,7 +56,7 @@ log_level.description = translate(
ua = general:taboption("general", Value, "ua", translate("User-Agent")) ua = general:taboption("general", Value, "ua", translate("User-Agent"))
ua.placeholder = "FFF" ua.placeholder = "FFF"
ua.description = translate("User-Agent to be rewritten") ua.description = translate("User-Agent after rewrite")
uaRegexPattern = general:taboption("general", Value, "ua_regex", translate("User-Agent Regex Pattern")) uaRegexPattern = general:taboption("general", Value, "ua_regex", translate("User-Agent Regex Pattern"))
uaRegexPattern.description = translate("Regular expression pattern for matching User-Agent") uaRegexPattern.description = translate("Regular expression pattern for matching User-Agent")
@ -131,4 +132,7 @@ end
stats = general:taboption("stats", DummyValue, "") stats = general:taboption("stats", DummyValue, "")
stats.template = "ua3f/statistics" stats.template = "ua3f/statistics"
ttl = general:taboption("others", Flag, "set_ttl", translate("Set TTL"))
ttl.description = translate("Set the TTL 64 for packets")
return ua3f return ua3f

59
openwrt/files/ua3f.init
View File

@ -13,6 +13,7 @@ SERVER_PORT="1080"
FW_BACKEND="" FW_BACKEND=""
NFT_TABLE="UA3F" NFT_TABLE="UA3F"
UA3F_TTL_TABLE="UA3F_TTL"
UA3F_CHAIN="UA3F" UA3F_CHAIN="UA3F"
UA3F_OUT_CHAIN="UA3F_OUTPUT" UA3F_OUT_CHAIN="UA3F_OUTPUT"
UA3F_LANSET="ua3f_localnetwork" UA3F_LANSET="ua3f_localnetwork"
@ -25,6 +26,7 @@ SKIP_GIDS=""
SIDECAR="OC" SIDECAR="OC"
FAKEIP_RANGE="198.18.0.0/16, 198.18.0.1/15, 28.0.0.1/8" FAKEIP_RANGE="198.18.0.0/16, 198.18.0.1/15, 28.0.0.1/8"
SKIP_PORTS="22,51080,51090" SKIP_PORTS="22,51080,51090"
SET_TTL="0"
LOG_FILE="/var/log/ua3f/ua3f.log" LOG_FILE="/var/log/ua3f/ua3f.log"
@ -162,7 +164,10 @@ cleanup_tproxy_route() {
ip rule del fwmark 0x1c9 table "$ROUTE_TABLE" >/dev/null 2>&1 ip rule del fwmark 0x1c9 table "$ROUTE_TABLE" >/dev/null 2>&1
} }
nft_drop_table() { nft delete table ip "$NFT_TABLE" 2>/dev/null; } nft_drop_table() {
nft delete table ip "$NFT_TABLE" 2>/dev/null
nft delete table inet "$UA3F_TTL_TABLE" 2>/dev/null
}
nft_reinit_table() { nft_reinit_table() {
nft_drop_table nft_drop_table
@ -240,11 +245,6 @@ fw_setup_nft_redirect_tcp() {
nft add rule ip $NFT_TABLE output tcp dport != {22} counter redirect to :$SERVER_PORT comment '"cap scc"' nft add rule ip $NFT_TABLE output tcp dport != {22} counter redirect to :$SERVER_PORT comment '"cap scc"'
} }
fw_revert_nft() {
nft_drop_table
cleanup_tproxy_route
}
setup_ipset_ipt() { setup_ipset_ipt() {
cleanup_ipset_ipt cleanup_ipset_ipt
ipset create $UA3F_LANSET hash:net || return 1 ipset create $UA3F_LANSET hash:net || return 1
@ -349,6 +349,31 @@ cleanup_ipset_ipt() {
ipset destroy $UA3F_LANSET 2>/dev/null ipset destroy $UA3F_LANSET 2>/dev/null
} }
set_ttl_nft() {
nft drop table inet $UA3F_TTL_TABLE 2>/dev/null
nft add table inet $UA3F_TTL_TABLE || return 1
nft add chain inet $UA3F_TTL_TABLE postrouting '{ type filter hook postrouting priority -150; policy accept; }' || return 1
nft add rule inet $UA3F_TTL_TABLE postrouting ip ttl set 64 || return 1
}
unset_ttl_nft() {
nft delete table inet $UA3F_TTL_TABLE 2>/dev/null
}
set_ttl_ipt() {
iptables -t mangle -A POSTROUTING -j TTL --ttl-set 64 || return 1
}
unset_ttl_ipt() {
iptables -t mangle -D POSTROUTING -j TTL --ttl-set 64 2>/dev/null
}
fw_revert_nft() {
nft_drop_table
cleanup_tproxy_route
unset_ttl_nft
}
fw_revert_ipt() { fw_revert_ipt() {
# sidecar # sidecar
iptables -t mangle -F SIDECAR 2>/dev/null iptables -t mangle -F SIDECAR 2>/dev/null
@ -371,6 +396,8 @@ fw_revert_ipt() {
# ipset # ipset
cleanup_ipset_ipt cleanup_ipset_ipt
cleanup_tproxy_route cleanup_tproxy_route
# ttl
unset_ttl_ipt
} }
start_service() { start_service() {
@ -388,7 +415,7 @@ start_service() {
LOG "Starting $NAME service..." LOG "Starting $NAME service..."
local server_mode port bind ua log_level ua_regex partial_replace local server_mode port bind ua log_level ua_regex partial_replace set_ttl
config_get server_mode "main" "server_mode" "SOCKS5" config_get server_mode "main" "server_mode" "SOCKS5"
config_get port "main" "port" "1080" config_get port "main" "port" "1080"
config_get bind "main" "bind" "127.0.0.1" config_get bind "main" "bind" "127.0.0.1"
@ -396,10 +423,13 @@ start_service() {
config_get ua_regex "main" "ua_regex" "" config_get ua_regex "main" "ua_regex" ""
config_get_bool partial_replace "main" "partial_replace" 0 config_get_bool partial_replace "main" "partial_replace" 0
config_get log_level "main" "log_level" "info" config_get log_level "main" "log_level" "info"
config_get_bool set_ttl "main" "set_ttl" 0
SERVER_MODE="$(echo "$server_mode" | tr '[:lower:]' '[:upper:]')" SERVER_MODE="$(echo "$server_mode" | tr '[:lower:]' '[:upper:]')"
SERVER_MODE="$server_mode" SERVER_MODE="$server_mode"
SET_TTL="$set_ttl"
LOG "Server Mode: $SERVER_MODE" LOG "Server Mode: $SERVER_MODE"
LOG "Port: $port" LOG "Port: $port"
LOG "Bind: $bind" LOG "Bind: $bind"
@ -407,6 +437,7 @@ start_service() {
LOG "User-Agent Regex: $ua_regex" LOG "User-Agent Regex: $ua_regex"
LOG "Log level: $log_level" LOG "Log level: $log_level"
LOG "Partial Replace: $partial_replace" LOG "Partial Replace: $partial_replace"
LOG "Set TTL: $SET_TTL"
set_ua3f_group set_ua3f_group
LOG "Run as GID: $UA3F_GID, Group: $UA3F_GROUP" LOG "Run as GID: $UA3F_GID, Group: $UA3F_GROUP"
@ -464,6 +495,20 @@ start_service() {
;; ;;
esac esac
if [ "$SET_TTL" = "1" ]; then
if [ "$FW_BACKEND" = "nft" ]; then
set_ttl_nft || {
LOG "set_ttl_nft setup failed"
}
LOG "Set TTL 64 via nftables"
else
set_ttl_ipt || {
LOG "set_ttl_ipt setup failed"
}
LOG "Set TTL 64 via iptables"
fi
fi
# dump all fw rules for debug # dump all fw rules for debug
if [ "$log_level" = "debug" ]; then if [ "$log_level" = "debug" ]; then
if [ "$FW_BACKEND" = "nft" ]; then if [ "$FW_BACKEND" = "nft" ]; then

3
openwrt/files/ua3f.uci
View File

@ -9,4 +9,5 @@ config 'ua3f' 'main'
option ua_regex '(Apple|iPhone|iPad|Macintosh|Mac OS X|Mac|Darwin|Microsoft|Windows|Linux|Android|OpenHarmony|HUAWEI|OPPO|Vivo|XiaoMi|Mobile|Dalvik)' option ua_regex '(Apple|iPhone|iPad|Macintosh|Mac OS X|Mac|Darwin|Microsoft|Windows|Linux|Android|OpenHarmony|HUAWEI|OPPO|Vivo|XiaoMi|Mobile|Dalvik)'
option partial_replace false option partial_replace false
option log_level 'error' option log_level 'error'
option log_lines '1000' option log_lines '1000'
option set_ttl '0'

12
openwrt/po/zh_cn/ua3f.po
View File

@ -41,6 +41,9 @@ msgstr "日志级别"
msgid "User-Agent" msgid "User-Agent"
msgstr "User-Agent" msgstr "User-Agent"
msgid "User-Agent after rewrite"
msgstr "重写后的 User-Agent"
msgid "User-Agent Regex Pattern" msgid "User-Agent Regex Pattern"
msgstr "User-Agent 正则表达式" msgstr "User-Agent 正则表达式"
@ -88,3 +91,12 @@ msgstr "下载日志"
msgid "Clear Logs" msgid "Clear Logs"
msgstr "清除日志" msgstr "清除日志"
msgid "Others"
msgstr "其他"
msgid "Set TTL"
msgstr "固定 TTL"
msgid "Set the TTL 64 for packets"
msgstr "固定数据包的 TTL"