Merge pull request #17 from Mattraks/dev4

4.Optimize code structure and optimize geting IP

luci-app-ssr-plus/Makefile

@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-ssr-plus
 PKG_VERSION:=177
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -32,10 +32,10 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server
 	default y if i386||x86_64||arm||aarch64
 endef
 
-LUCI_TITLE:=SS/SSR/V2Ray/Trojan LuCI interface
+LUCI_TITLE:=SS/SSR/V2Ray/Trojan/Socks5/Tun LuCI interface
 LUCI_PKGARCH:=all
 LUCI_DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +pdnsd-alt +wget +lua +libuci-lua \
-	+microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping \
+	+microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping +resolveip\
 	+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua

@@ -61,12 +61,13 @@ o.default = "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt"
 
 o = s:option(Value, "chnroute_url", translate("Chnroute Update url"))
 o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN"))
+o:value("https://ispip.clang.cn/all_cn_cidr.txt", translate("Clang.CN.CIDR"))
 o.default = "https://ispip.clang.cn/all_cn.txt"
 
 o = s:option(Value, "nfip_url", translate("nfip_url"))
-o:value("https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt", translate("Netflix IP Only"))
-o:value("https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/getflix.txt", translate("Netflix and AWS"))
-o.default = "https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt"
+o:value("https://cdn.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt", translate("Netflix IP Only"))
+o:value("https://cdn.jsdelivr.net/gh/QiuSimons/Netflix_IP/getflix.txt", translate("Netflix and AWS"))
+o.default = "https://cdn.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt"
 o.description = translate("Customize Netflix IP Url")
 
 -- [[ SOCKS5 Proxy ]]--

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua

@@ -246,8 +246,8 @@ o:depends("type", "v2ray")
 -- TCP伪装
 o = s:option(ListValue, "tcp_guise", translate("Camouflage Type"))
 o:depends("transport", "tcp")
-o:value("http", "HTTP")
 o:value("none", translate("None"))
+o:value("http", "HTTP")
 o.rmempty = true
 
 -- HTTP域名
@@ -288,10 +288,10 @@ o.rmempty = true
 
 o = s:option(ListValue, "quic_security", translate("QUIC Security"))
 o:depends("transport", "quic")
-o.rmempty = true
 o:value("none", translate("None"))
 o:value("aes-128-gcm", translate("aes-128-gcm"))
 o:value("chacha20-poly1305", translate("chacha20-poly1305"))
+o.rmempty = true
 
 o = s:option(Value, "quic_key", translate("QUIC Key"))
 o:depends("transport", "quic")

luci-app-ssr-plus/root/etc/config/shadowsocksr

@@ -6,25 +6,20 @@ config global
 	option dports '2'
 	option pdnsd_enable '1'
 	option monitor_enable '1'
-	option global_server 'nil'
 	option enable_switch '1'
 	option switch_timeout '5'
 	option switch_time '667'
 	option switch_try_count '3'
-	option gfwlist_url 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt'
+	option gfwlist_url 'https://cdn.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt'
 	option chnroute_url 'https://ispip.clang.cn/all_cn.txt'
-	option nfip_url 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt'
+	option nfip_url 'https://cdn.jsdelivr.net/gh/QiuSimons/Netflix_IP/NF_only.txt'
 	option adblock_url 'https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf'
-	option netflix_server 'nil'
 	option threads '0'
-
-config socks5_proxy
-	option socks '0'
-	option local_port '1080'
-	option local_address '0.0.0.0'
+	option global_server 'nil'
+	option netflix_server 'nil'
+	option netflix_proxy '0'
 
 config access_control
-	option wan_bp_list '/etc/ssr/china_ssr.txt'
 	option lan_ac_mode 'b'
 	option router_proxy '1'
 	list wan_fw_ips '149.154.160.0/20'
@@ -33,6 +28,11 @@ config access_control
 	list wan_fw_ips '91.108.56.0/22'
 	list wan_fw_ips '109.239.140.0/24'
 
+config socks5_proxy
+	option socks '0'
+	option local_port '1080'
+	option local_address '0.0.0.0'
+
 config server_global
 	option enable_server '0'
 

luci-app-ssr-plus/root/usr/bin/ssr-monitor

@@ -6,7 +6,9 @@
 # This is free software, licensed under the GNU General Public License v3.
 # See /LICENSE for more information.
 #
-
+LOCK_FILE="/var/lock/ssr-monitor.lock"
+[ -f "$LOCK_FILE" ] && exit 2
+touch "$LOCK_FILE"
 NAME=shadowsocksr
 
 uci_get_by_name() {
@@ -19,6 +21,23 @@ uci_get_by_type() {
 	echo ${ret:=$3}
 }
 
+get_host_ip() {
+	local host=$1
+	local isip=""
+	local ip=$host
+	isip=$(echo $host | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}")
+	if [ -z "$isip" ]; then
+		if [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then
+			ip=$host
+		else
+			local ip=$(resolveip -4 -t 3 $host | awk 'NR==1{print}')
+			# local hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1)
+			[ -z "$ip" ] && ip=$(wget -q -O- http://119.29.29.29/d?dn=$1 | awk -F ';' '{print $1}')
+		fi
+	fi
+	echo ${ip:="127.0.0.1"}
+}
+
 server_process_count=$1
 redir_tcp_process=$2
 redir_udp_process=$3
@@ -29,30 +48,24 @@ pdnsd_process=$7
 if [ -z "$pdnsd_process" ]; then
 	pdnsd_process=0
 fi
-
 i=0
-
 GLOBAL_SERVER=$(uci_get_by_type global global_server)
-server=$(uci_get_by_name $GLOBAL_SERVER server)
+server=$(get_host_ip $(uci_get_by_name $GLOBAL_SERVER server))
+[ "$server" == "127.0.0.1" ] && hostip=$(uci_get_by_name $GLOBAL_SERVER ip)
 lkcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port)
 server_port=$(uci_get_by_name $GLOBAL_SERVER server_port)
 password=$(uci_get_by_name $GLOBAL_SERVER kcp_password)
 kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param)
 [ "$password" != "" ] && password="--key "${password}
 
-if echo "$server" | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then
-	server=${server}
-else
-	server=$(cat /etc/ssr_ip)
-fi
-
 while [ "1" == "1" ]; do #死循环
-	sleep 30
+	sleep 30s
 	#redir tcp
 	if [ "$redir_tcp_process" -gt 0 ]; then
 		icount=$(busybox ps -w | grep ssr-retcp | grep -v grep | wc -l)
 		if [ "$icount" == 0 ]; then
 			logger -t "$NAME" "ssr redir tcp error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") ssr redir tcp error.restart!" >>/tmp/ssrplus.log
 			/etc/init.d/shadowsocksr restart
 			exit 0
 		fi
@@ -62,6 +75,7 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep ssr-reudp | grep -v grep | wc -l)
 		if [ "$icount" == 0 ]; then
 			logger -t "$NAME" "ssr redir udp error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") ssr redir udp error.restart!" >>/tmp/ssrplus.log
 			/etc/init.d/shadowsocksr restart
 			exit 0
 		fi
@@ -71,6 +85,7 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep ssr-tunnel | grep -v grep | wc -l)
 		if [ "$icount" == 0 ]; then
 			logger -t "$NAME" "ssr tunnel error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") ssr tunnel error.restart!" >>/tmp/ssrplus.log
 			/etc/init.d/shadowsocksr restart
 			exit 0
 		fi
@@ -80,8 +95,10 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep ssr-server | grep -v grep | wc -l)
 		if [ "$icount" -lt "$server_process_count" ]; then #如果进程挂掉就重启它
 			logger -t "$NAME" "ssr server error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") ssr server error.restart!" >>/tmp/ssrplus.log
 			kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			/etc/init.d/shadowsocksr restart
+			exit 0
 		fi
 	fi
 	#kcptun
@@ -89,6 +106,7 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep kcptun-client | grep -v grep | wc -l)
 		if [ "$icount" -lt "$kcp_process" ]; then #如果进程挂掉就重启它
 			logger -t "$NAME" "ssr kcptun error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") ssr kcptun error.restart!" >>/tmp/ssrplus.log
 			killall -q -9 kcptun-client
 			(/usr/bin/kcptun-client -r $server:$kcp_port -l :$server_port $password $kcp_param &)
 		fi
@@ -98,8 +116,10 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep ssr-local | grep -v grep | wc -l)
 		if [ "$icount" -lt "$local_process" ]; then #如果进程挂掉就重启它
 			logger -t "$NAME" "global socks server error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") global socks server error.restart!" >>/tmp/ssrplus.log
 			kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			/etc/init.d/shadowsocksr restart
+			exit 0
 		fi
 	fi
 	#pdnsd
@@ -107,26 +127,28 @@ while [ "1" == "1" ]; do #死循环
 		icount=$(busybox ps -w | grep pdnsd | grep -v grep | wc -l)
 		if [ "$icount" -lt "$pdnsd_process" ]; then #如果进程挂掉就重启它
 			logger -t "$NAME" "pdnsd tunnel error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") pdnsd tunnel error.restart!" >>/tmp/ssrplus.log
 			if [ -f /var/run/pdnsd.pid ]; then
 				kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1
 			else
 				kill -9 $(ps | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			fi
-			(/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d &)
+			(/usr/sbin/pdnsd -c /var/etc/pdnsd.conf &)
 		fi
 	fi
 	#dns2socks
 	if [ "$pdnsd_process" -eq 2 ]; then
 		icount=$(busybox ps -w | grep -e ssr-dns -e dns2socks | grep -v grep | wc -l)
 		if [ "$icount" -lt 2 ]; then #如果进程挂掉就重启它
-      logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!"
+			logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!"
+			echo "$(date "+%Y-%m-%d %H:%M:%S") dns2socks $dnsstr tunnel error.restart!" >>/tmp/ssrplus.log
 			dnsstr=$(uci_get_by_type global tunnel_forward 8.8.4.4:53)
 			dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}')
 			dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}')
 			killall -q -9 dns2socks
 			kill -9 $(busybox ps -w | grep ssr-dns | grep -v grep | awk '{print $1}') >/dev/null 2>&1
 			microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 &
-      dns2socks 127.0.0.1:10802  $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 &
+			dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 &
 		fi
 	fi
 done

luci-app-ssr-plus/root/usr/bin/ssr-rules

@@ -6,13 +6,11 @@
 # This is free software, licensed under the GNU General Public License v3.
 # See /LICENSE for more information.
 #
-
 TAG="_SS_SPEC_RULE_"                                  # comment tag
 IPT="iptables -t nat"                                 # alias of iptables
 FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) # firewall include file
-
 usage() {
-	cat <<-EOF
+cat <<-EOF
 Usage: ssr-rules [options]
 
 Valid options are:
@@ -33,6 +31,7 @@ Valid options are:
     -F                      netflix mode
     -N                      netflix server IP
     -M                      netflix proxy mode
+    -I <ip_list_file>       a file content is bypassed netflix ip list
     -e <extra_options>      extra options for iptables
     -o                      apply the rules to the OUTPUT chain
     -O                      apply the global rules to the OUTPUT chain
@@ -43,8 +42,8 @@ Valid options are:
     -g                      gfw list mode
     -r                      return china mode
     -h                      show this help message and exit
-	EOF
-	exit $1
+EOF
+exit $1
 }
 
 loger() {
@@ -82,7 +81,8 @@ flush_r() {
 ipset_r() {
 	ipset -N gmlan hash:net 2>/dev/null
 	for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
-	if [ "$RUNMODE" == "router" ]; then
+	case "$RUNMODE" in
+	router)
 		ipset -! -R <<-EOF || return 1
 			create ss_spec_wan_ac hash:net
 			$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
@@ -92,25 +92,29 @@ ipset_r() {
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
 		$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
-	elif [ "$RUNMODE" == "gfw" ]; then
+		;;
+	gfw)
 		ipset -N gfwlist hash:net 2>/dev/null
 		$IPT -N SS_SPEC_WAN_AC
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	elif [ "$RUNMODE" == "oversea" ]; then
+		;;
+	oversea)
 		ipset -N oversea hash:net 2>/dev/null
 		$IPT -N SS_SPEC_WAN_AC
 		ipset -N gmlan hash:net 2>/dev/null
 		for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done
 		$IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	elif [ "$RUNMODE" == "all" ]; then
+		;;
+	all)
 		$IPT -N SS_SPEC_WAN_AC
 		$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
 		$IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN
-	fi
+		;;
+	esac
 	ipset -N fplan hash:net 2>/dev/null
 	for ip in $LAN_FP_IP; do ipset -! add fplan $ip; done
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
@@ -123,23 +127,25 @@ ipset_r() {
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set whitelist dst -j RETURN
 	for ip in $WAN_BP_IP; do ipset -! add whitelist $ip; done
 	for ip in $WAN_FW_IP; do ipset -! add blacklist $ip; done
-
-	if [ "$NETFLIX" == "1" ]; then
+	if [ "$NETFLIX" != "0" ]; then
+		ipset -N netflix hash:net 2>/dev/null
+		for ip in $(cat ${NETFLIX_LIST:=/dev/null} 2>/dev/null); do ipset -! add netflix $ip; done
+	fi
+	case "$NETFLIX" in
+	1)
 		$IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports 4321
 		if [ "$NETFLIX_PROXY" == "1" ]; then
 			$IPT -I SS_SPEC_WAN_AC -p tcp -d $NETFLIX_IP -j REDIRECT --to-ports $local_port
 		else
 			ipset -! add whitelist $NETFLIX_IP
 		fi
-	elif [ "$NETFLIX" == "2" ]; then
-		$IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port
-	fi
-
+		;;
+	2) $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port ;;
+	esac
 	return $?
 }
 
 fw_rule() {
-  ipset -N netflix hash:net 2>/dev/null
 	$IPT -N SS_SPEC_WAN_FW
 	$IPT -A SS_SPEC_WAN_FW -d 0.0.0.0/8 -j RETURN
 	$IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN
@@ -216,23 +222,26 @@ tp_rule() {
 	$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set bplan src -j RETURN
 	$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
 	-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	if [ "$RUNMODE" == "router" ]; then
+	case "$RUNMODE" in
+	router)
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "gfw" ]; then
+		;;
+	gfw)
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 		$ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "oversea" ]; then
+		;;
+	oversea)
 		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	elif [ "$RUNMODE" == "all" ]; then
-		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
-	fi
+		;;
+	all) $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 ;;
+	esac
 	$ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \
 	-m comment --comment "$TAG" -j SS_SPEC_TPROXY
 	return $?
@@ -309,7 +318,7 @@ gen_include() {
 	return 0
 }
 
-while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do
+while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:I:oOuUfgrczh" arg; do
 	case "$arg" in
 	s)
 		server=$OPTARG
@@ -359,6 +368,9 @@ while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do
 	M)
 		NETFLIX_PROXY=$OPTARG
 		;;
+	I)
+		NETFLIX_LIST=$OPTARG
+		;;
 	o)
 		OUTPUT=1
 		;;
@@ -390,9 +402,11 @@ while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do
 	h) usage 0 ;;
 	esac
 done
+
 if [ -z "$server" -o -z "$local_port" ]; then
 	usage 2
 fi
+
 if [ "$TPROXY" == 1 ]; then
 	SERVER=$server
 	LOCAL_PORT=$local_port
@@ -400,7 +414,7 @@ elif [ "$TPROXY" == 2 ]; then
 	: ${SERVER:?"You must assign an ip for the udp relay server."}
 	: ${LOCAL_PORT:?"You must assign a port for the udp relay server."}
 fi
+
 flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include
 [ "$?" == 0 ] || loger 3 "Start failed!"
 exit $?
-

luci-app-ssr-plus/root/usr/bin/ssr-switch

@@ -1,4 +1,4 @@
-#!/bin/sh  /etc/rc.common
+#!/bin/sh /etc/rc.common
 #
 # Copyright (C) 2017 openwrt-ssr
 # Copyright (C) 2017 yushi studio <[email protected]>
@@ -7,6 +7,9 @@
 # See /LICENSE for more information.
 #
 
+LOCK_FILE="/var/lock/ssr-switch.lock"
+[ -f "$LOCK_FILE" ] && exit 2
+touch "$LOCK_FILE"
 cycle_time=60
 switch_time=3
 normal_flag=0
@@ -79,7 +82,7 @@ test_proxy() {
 search_proxy() {
 	let server_count=server_count+1
 	[ "$normal_flag" == "1" -a "$server_count" -le "$server_locate" ] && return 0
-	[ "$(uci_get_by_name $1 switch_enable)" != "1" ] && return 1
+	[ "$(uci_get_by_name $1 switch_enable 0)" != "1" ] && return 1
 	[ $ENABLE_SERVER != nil ] && return 0
 	[ "$1" == "$CURRENT_SERVER" ] && return 0
 	local servername=$(uci_get_by_name $1 server)
@@ -98,8 +101,8 @@ search_proxy() {
 	else
 		return 1
 	fi
-
 }
+
 #选择可用的代理
 select_proxy() {
 	config_load $NAME
@@ -118,7 +121,6 @@ switch_proxy() {
 start() {
 	#不支持kcptun启用时的切换
 	[ $(uci_get_by_name $DEFAULT_SERVER kcp_enable) = "1" ] && return 1
-
 	while [ "1" == "1" ]; do #死循环
 		sleep $cycle_time
 		LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
@@ -133,7 +135,7 @@ start() {
 				#缺省服务器正常，切换回来
 				CURRENT_SERVER=$DEFAULT_SERVER
 				switch_proxy $CURRENT_SERVER
-				echo "$(date "+%Y-%m-%d %H:%M:%S") switch to default ["$(uci_get_by_name $CURRENT_SERVER server)"] proxy!" >>/tmp/ssrplus.log
+				echo "$(date "+%Y-%m-%d %H:%M:%S") switch to default "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" >>/tmp/ssrplus.log
 			else
 				echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is NOT avilable.Continue using current server." >>/tmp/ssrplus.log
 			fi
@@ -154,7 +156,7 @@ start() {
 				CURRENT_SERVER=$ENABLE_SERVER
 				switch_proxy $CURRENT_SERVER
 				normal_flag=1
-				echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR server switch OK" >>/tmp/ssrplus.log
+				echo "$(date "+%Y-%m-%d %H:%M:%S") Switch to "$(uci_get_by_name $CURRENT_SERVER alias)" proxy!" >>/tmp/ssrplus.log
 			else
 				switch_proxy $CURRENT_SERVER
 				normal_flag=1
@@ -162,7 +164,7 @@ start() {
 			fi
 		else
 			normal_flag=0
-			echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log
+			# echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log
 		fi
 	done
 }

luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh

@@ -1,5 +1,31 @@
 #!/bin/sh
-mkdir -p /tmp/dnsmasq.ssr
-awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/ssr/black.list > /tmp/dnsmasq.ssr/blacklist_forward.conf
-awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/ssr/black.list >> /tmp/dnsmasq.ssr/blacklist_forward.conf
-awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/ssr/white.list > /tmp/dnsmasq.ssr/whitelist_forward.conf
+NAME=shadowsocksr
+uci_get_by_type() {
+	local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null)
+	echo ${ret:=$3}
+}
+GLOBAL_SERVER=$(uci_get_by_type global global_server)
+NETFLIX_SERVER=$(uci_get_by_type global netflix_server nil)
+[ "$NETFLIX_SERVER" == "same" ] && NETFLIX_SERVER=$GLOBAL_SERVER
+if [ "$NETFLIX_SERVER" != "nil" ]; then
+	netflix() {
+		if [ -f "tmp/dnsmasq.ssr/gfw_list.conf" ]; then
+			for line in $(cat /etc/ssr/netflix.list); do sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf; done
+		fi
+		awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/ssr/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf
+		awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#$1"'\n",$0)}' /etc/ssr/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf
+	}
+	if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then
+		netflix 5555
+	else
+		netflix 5335
+	fi
+else
+	rm -f /tmp/dnsmasq.ssr/netflix_forward.conf
+fi
+if [ "$1" == "" ]; then
+	awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/ssr/black.list >/tmp/dnsmasq.ssr/blacklist_forward.conf
+	awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/ssr/black.list >>/tmp/dnsmasq.ssr/blacklist_forward.conf
+	awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/ssr/white.list >/tmp/dnsmasq.ssr/whitelist_forward.conf
+fi
+/etc/init.d/dnsmasq restart >/dev/null 2>&1