luci-app-ssr-plus:bump to 182-4

Improve Trojan-Go support
Add port 9418 for cloning repositories using git://protocol
Fix vmess URL import
Fix udp router mode bug

luci-app-ssr-plus/Makefile

@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-ssr-plus
 PKG_VERSION:=182
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 define Package/$(PKG_NAME)/conffiles
 /etc/config/shadowsocksr

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua

@@ -7,12 +7,8 @@ local m, s, o, kcp_enable
 local sid = arg[1]
 local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid")
 
-local function isKcptun(file)
-	if not nixio.fs.access(file, "rwx", "rx", "rx") then
-		nixio.fs.chmod(file, 755)
-	end
-	local str = luci.sys.exec(file .. " -v | awk '{printf $1}'")
-	return (str:lower() == "kcptun")
+function is_finded(e)
+	return luci.sys.exec('type -t -p "%s"' % e) ~= "" and true or false
 end
 
 local server_table = {}
@@ -129,23 +125,27 @@ o.template = "shadowsocksr/ssrurl"
 o.value = sid
 
 o = s:option(ListValue, "type", translate("Server Node Type"))
-if nixio.fs.access("/usr/bin/ssr-redir") then
+if is_finded("ssr-redir") then
 	o:value("ssr", translate("ShadowsocksR"))
 end
-if nixio.fs.access("/usr/bin/ss-redir") then
+if is_finded("ss-redir") then
 	o:value("ss", translate("Shadowsocks New Version"))
 end
-if nixio.fs.access("/usr/bin/xray") or nixio.fs.access("/usr/bin/v2ray") then
+if is_finded("xray") or is_finded("v2ray") then
 	o:value("vmess", translate("Vmess"))
 	o:value("vless", translate("VLESS"))
 end
-if nixio.fs.access("/usr/sbin/trojan") or nixio.fs.access("/usr/bin/trojan-go") then
+if is_finded("trojan")then
+	o:value("trojan", translate("Trojan"))
+end
+if is_finded("trojan-go") then
 	o:value("trojan", translate("Trojan"))
+	o:value("trojan-go", translate("Trojan-Go"))
 end
-if nixio.fs.access("/usr/bin/naive") then
+if is_finded("naive") then
 	o:value("naiveproxy", translate("NaiveProxy"))
 end
-if nixio.fs.access("/usr/sbin/redsocks2") then
+if is_finded("redsocks2") then
 	o:value("socks5", translate("Socks5"))
 	o:value("tun", translate("Network Tunnel"))
 end
@@ -172,6 +172,7 @@ o:depends("type", "vless")
 o:depends("type", "trojan")
 o:depends("type", "naiveproxy")
 o:depends("type", "socks5")
+o:depends("type", "trojan-go")
 
 o = s:option(Value, "server_port", translate("Server Port"))
 o.datatype = "port"
@@ -183,6 +184,7 @@ o:depends("type", "vless")
 o:depends("type", "trojan")
 o:depends("type", "naiveproxy")
 o:depends("type", "socks5")
+o:depends("type", "trojan-go")
 
 o = s:option(Flag, "auth_enable", translate("Enable Authentication"))
 o.rmempty = false
@@ -202,6 +204,7 @@ o:depends("type", "ss")
 o:depends("type", "trojan")
 o:depends("type", "naiveproxy")
 o:depends({type = "socks5", auth_enable = true})
+o:depends("type", "trojan-go")
 
 o = s:option(ListValue, "encrypt_method", translate("Encrypt Method"))
 for _, v in ipairs(encrypt_methods) do
@@ -220,10 +223,10 @@ o:depends("type", "ss")
 -- Shadowsocks Plugin
 o = s:option(ListValue, "plugin", translate("Obfs"))
 o:value("none", translate("None"))
-if nixio.fs.access("/usr/bin/obfs-local") then
+if is_finded("obfs-local") then
 	o:value("obfs-local", translate("simple-obfs"))
 end
-if nixio.fs.access("/usr/bin/v2ray-plugin") then
+if is_finded("v2ray-plugin") then
 	o:value("v2ray-plugin", translate("v2ray-plugin"))
 end
 o.rmempty = true
@@ -293,6 +296,14 @@ o.rmempty = true
 o:depends("type", "vmess")
 o:depends("type", "vless")
 
+trojan_transport = s:option(ListValue, "trojan_transport", translate("Transport"))
+trojan_transport:value("original", "Original")
+trojan_transport:value("ws", "WebSocket")
+trojan_transport:value("h2", "HTTP/2")
+trojan_transport:value("h2+ws", "HTTP/2 & WebSocket")
+trojan_transport.default = "original"
+trojan_transport:depends("type", "trojan-go")
+
 -- [[ TCP部分 ]]--
 -- TCP伪装
 o = s:option(ListValue, "tcp_guise", translate("Camouflage Type"))
@@ -315,11 +326,16 @@ o.rmempty = true
 -- WS域名
 o = s:option(Value, "ws_host", translate("WebSocket Host"))
 o:depends({transport = "ws", tls = false})
+o:depends("trojan_transport", "h2+ws")
+o:depends("trojan_transport", "ws")
+o.datatype = "hostname"
 o.rmempty = true
 
 -- WS路径
 o = s:option(Value, "ws_path", translate("WebSocket Path"))
 o:depends("transport", "ws")
+o:depends("trojan_transport", "h2+ws")
+o:depends("trojan_transport", "ws")
 o.rmempty = true
 
 -- [[ H2部分 ]]--
@@ -411,6 +427,44 @@ o = s:option(Flag, "congestion", translate("Congestion"))
 o:depends("transport", "kcp")
 o.rmempty = true
 
+o = s:option(ListValue, "plugin_type", translate("Plugin Type"))
+o:value("plaintext", translate("Plain Text"))
+o:value("shadowsocks", translate("ShadowSocks"))
+o:value("other", translate("Other"))
+o.default = "plaintext"
+o:depends({tls = false, trojan_transport = "original"})
+
+o = s:option(Value, "plugin_cmd", translate("Plugin Binary"))
+o.placeholder = "eg: /usr/bin/v2ray-plugin"
+o:depends({plugin_type = "shadowsocks"})
+o:depends({plugin_type = "other"})
+
+o = s:option(Value, "plugin_option", translate("Plugin Option"))
+o.placeholder = "eg: obfs=http;obfs-host=www.baidu.com"
+o:depends({plugin_type = "shadowsocks"})
+o:depends({plugin_type = "other"})
+
+o = s:option(DynamicList, "plugin_arg", translate("Plugin Option Args"))
+o.placeholder = "eg: [\"-config\", \"test.json\"]"
+o:depends({plugin_type = "shadowsocks"})
+o:depends({plugin_type = "other"})
+
+-- [[ Trojan-Go Shadowsocks2 ]] --
+o = s:option(Flag, "ss_aead", translate("Shadowsocks2"))
+o:depends("type", "trojan-go")
+o.default = "0"
+
+o = s:option(ListValue, "ss_aead_method", translate("Encrypt Method"))
+o:value("aes-128-gcm")
+o:value("aes-256-gcm")
+o:value("chacha20-ietf-poly1305")
+o.default = "aes-128-gcm"
+o:depends("ss_aead", "1")
+
+o = s:option(Value, "ss_aead_pwd", translate("Password"))
+o.password = true
+o:depends("ss_aead", "1")
+
 -- [[ TLS ]]--
 o = s:option(Flag, "tls", translate("TLS"))
 o.rmempty = true
@@ -418,9 +472,10 @@ o.default = "0"
 o:depends("type", "vmess")
 o:depends({type = "vless", xtls = false})
 o:depends("type", "trojan")
+o:depends("type", "trojan-go")
 
 -- XTLS
-if nixio.fs.access("/usr/bin/xray") then
+if is_finded("xray") then
 	o = s:option(Flag, "xtls", translate("XTLS"))
 	o.rmempty = true
 	o.default = "0"
@@ -430,14 +485,29 @@ end
 -- Flow
 o = s:option(Value, "vless_flow", translate("Flow"))
 for _, v in ipairs(flows) do
-	o:value(v, v)
+	o:value(v, translate(v))
 end
 o.rmempty = true
 o.default = "xtls-rprx-splice"
 o:depends("xtls", true)
 
+-- [[ TLS部分 ]] --
+o = s:option(Flag, "tls_sessionTicket", translate("Session Ticket"))
+o:depends({type = "trojan", tls = true})
+o:depends({type = "trojan-go", tls = true})
+o.default = "0"
+
+-- [[ Trojan TLS ]]--
+o = s:option(ListValue, "fingerprint", translate("Finger Print"))
+o:value("disable", translate("disable"))
+o:value("firefox", translate("firefox"))
+o:value("chrome", translate("chrome"))
+o:value("ios", translate("ios"))
+o:depends({type = "trojan-go", tls = true})
+o.default = "firefox"
+
 o = s:option(Value, "tls_host", translate("TLS Host"))
-o:depends("type", "trojan")
+o.datatype = "hostname"
 o:depends("tls", true)
 o:depends("xtls", true)
 o.rmempty = true
@@ -465,9 +535,12 @@ o:depends("mux", "1")
 o = s:option(Flag, "certificate", translate("Self-signed Certificate"))
 o.rmempty = true
 o.default = "0"
-o:depends("type", "trojan")
-o:depends("type", "vmess")
-o:depends("type", "vless")
+o:depends({type = "trojan", tls = true, insecure = false})
+o:depends({type = "trojan-go", tls = true, insecure = false})
+o:depends({type = "vmess", tls = true, insecure = false})
+o:depends({type = "vless", tls = true, insecure = false})
+o:depends({type = "vmess", xtls = true, insecure = false})
+o:depends({type = "vless", xtls = true, insecure = false})
 o.description = translate("If you have a self-signed certificate,please check the box")
 
 o = s:option(DummyValue, "upload", translate("Upload"))
@@ -516,6 +589,7 @@ o.default = "0"
 o:depends("type", "ssr")
 o:depends("type", "ss")
 o:depends("type", "trojan")
+o:depends("type", "trojan-go")
 
 o = s:option(Flag, "switch_enable", translate("Enable Auto Switch"))
 o.rmempty = false
@@ -526,8 +600,8 @@ o.datatype = "port"
 o.default = 1234
 o.rmempty = false
 
-if nixio.fs.access("/usr/bin/kcptun-client") then
-	kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client"))
+if is_finded("kcptun-client") then
+	kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"))
 	kcp_enable.rmempty = true
 	kcp_enable.default = "0"
 	kcp_enable:depends("type", "ssr")
@@ -536,19 +610,6 @@ if nixio.fs.access("/usr/bin/kcptun-client") then
 	o = s:option(Value, "kcp_port", translate("KcpTun Port"))
 	o.datatype = "port"
 	o.default = 4000
-	function o.validate(self, value, section)
-		local kcp_file = "/usr/bin/kcptun-client"
-		local enable = kcp_enable:formvalue(section) or kcp_enable.disabled
-		if enable == kcp_enable.enabled then
-			if not nixio.fs.access(kcp_file) then
-				return nil, translate("Haven't a Kcptun executable file")
-			elseif not isKcptun(kcp_file) then
-				return nil, translate("Not a Kcptun executable file")
-			end
-		end
-
-		return value
-	end
 	o:depends("type", "ssr")
 	o:depends("type", "ss")
 

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua

@@ -104,6 +104,7 @@ o:value("114.114.115.115:53", translate("Oversea Mode DNS-2 (114.114.115.115)"))
 o:depends("pdnsd_enable", "1")
 o:depends("pdnsd_enable", "2")
 o.description = translate("Custom DNS Server format as IP:PORT (default: 8.8.4.4:53)")
+o.datatype = "hostport"
 
 return m
 

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua

@@ -14,7 +14,7 @@ o.template = "cbi/network_netlist"
 o.widget = "checkbox"
 o.nocreate = true
 o.unspecified = true
-o.description = translate("Select the interface that needs to transmit data. If unchecked, all interfaces will pass data by default!")
+o.description = translate("Listen only on the given interface or, if unspecified, on all")
 
 -- Part of WAN
 s:tab("wan_ac", translate("WAN IP AC"))

luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm

@@ -123,7 +123,7 @@ function import_ssr_url(btn, urlname, sid) {
 					method = userInfo.substr(0, userInfoSplitIndex);
 					password = userInfo.substr(userInfoSplitIndex + 1);
 				}
-				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "ss";
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = server;
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port;
@@ -138,7 +138,7 @@ function import_ssr_url(btn, urlname, sid) {
 				s.innerHTML = "<font color='green'><%:Import configuration information successfully.%></font>";
 			} else {
 				var sstr = b64decsafe(url0);
-				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "ss";
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 				var team = sstr.split('@');
 				console.log(param);
@@ -157,7 +157,7 @@ function import_ssr_url(btn, urlname, sid) {
 		case "ssr":
 			var sstr = b64decsafe(ssu[1]);
 			var ploc = sstr.indexOf("/?");
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "ssr";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 			var url0, param = "";
 			if (ploc > 0) {
@@ -196,13 +196,13 @@ function import_ssr_url(btn, urlname, sid) {
 				url0 = ssu[1]
 			}
 			var sstr = url0;
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "trojan";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 			var team = sstr.split('@');
 			var password = team[0]
-			var serverPart = team[1].split(':');
+			var serverPart = team[1].split(':');		
 			var others = serverPart[1].split('?');
-			var port = others[0]
+			var port = parseInt(others[0]);
 			var queryParam = {}
 			if (others.length > 1) {
 				var queryParams = others[1]
@@ -213,7 +213,7 @@ function import_ssr_url(btn, urlname, sid) {
 				}
 			}
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = serverPart[0];
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port;
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port || '443';
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.password')[0].value = password;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].checked = true;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].dispatchEvent(event);
@@ -224,10 +224,62 @@ function import_ssr_url(btn, urlname, sid) {
 			}
 			s.innerHTML = "<font color='green'><%:Import configuration information successfully.%></font>";
 			return false;
+		case "trojan-go":
+			var url0, param = "";
+			var ploc = ssu[1].indexOf("#");
+			if (ploc > 0) {
+				url0 = ssu[1].substr(0, ploc);
+				param = ssu[1].substr(ploc + 1);
+			} else {
+				url0 = ssu[1]
+			}
+			var sstr = url0;
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
+			var team = sstr.split('@');
+			var password = team[0]
+			var serverPart = team[1].split(':');
+			var others = serverPart[1].split('?');
+			var port = parseInt(others[0]);
+			var queryParam = {}
+			if (others.length > 1) {
+				var queryParams = others[1]
+				var queryArray = queryParams.split('&');
+				for (i = 0; i < queryArray.length; i++) {
+					var params = queryArray[i].split('=');
+					queryParam[decodeURIComponent(params[0])] = decodeURIComponent(params[1] || '');
+				}
+			}
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = serverPart[0];
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = port || '443';
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.password')[0].value = password;
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.trojan_transport')[0].value = queryParam.type || 'original';
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.trojan_transport')[0].dispatchEvent(event);
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.ws_host')[0].value = queryParam.host;
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.ws_path')[0].value = queryParam.path;
+			if (queryParam.encryption)
+			{
+				var ss_aead = queryParam.encryption.split(';');
+				var ss_aead_method = ss_aead[1].split(':');
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.ss_aead')[0].checked = ss_aead[0] == 'ss';
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.ss_aead')[0].dispatchEvent(event);
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.ss_aead_method')[0].value = ss_aead_method[0];
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.ss_aead_pwd')[0].value = ss_aead_method[1];
+			}
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].checked = true;
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls')[0].dispatchEvent(event);
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls_host')[0].value = queryParam.sni || '';
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].checked = queryParam.allowInsecure == '1';
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].dispatchEvent(event);
+			if (param != undefined) {
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURI(param);
+			}
+			s.innerHTML = "<font color='green'><%:Import configuration information successfully.%></font>";
+			return false;
 		case "vmess":
 			var sstr = b64DecodeUnicode(ssu[1]);
 			var ploc = sstr.indexOf("/?");
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "vmess";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 			var url0, param = "";
 			if (ploc > 0) {
@@ -247,6 +299,7 @@ function import_ssr_url(btn, urlname, sid) {
 					ssm.type = "none"
 				}
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.tcp_guise')[0].value = ssm.type;
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.tcp_guise')[0].dispatchEvent(event);
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.http_host')[0].value = ssm.host;
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.http_path')[0].value = ssm.path;
 			}
@@ -284,7 +337,7 @@ function import_ssr_url(btn, urlname, sid) {
 				url0 = ssu[1]
 			}
 			var sstr = url0;
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = "vless";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].value = ssu[0];
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.type')[0].dispatchEvent(event);
 			var team = sstr.split('@');
 			var uuid = team[0]

luci-app-ssr-plus/po/zh-cn/ssr-plus.po

@@ -157,9 +157,6 @@ msgstr "服务端配置"
 msgid "KcpTun Enable"
 msgstr "KcpTun 启用"
 
-msgid "bin:/usr/bin/kcptun-client"
-msgstr "二进制文件：/usr/bin/kcptun-client"
-
 msgid "KcpTun Port"
 msgstr "KcpTun 端口"
 
@@ -169,12 +166,6 @@ msgstr "KcpTun 参数"
 msgid "KcpTun Password"
 msgstr "KcpTun 密码"
 
-msgid "Haven't a Kcptun executable file"
-msgstr "不存在Kcptun可执行文件，请下载Kcptun可执行文件并改名放入/usr/bin/kcptun-client"
-
-msgid "Not a Kcptun executable file"
-msgstr "Kcptun可执行文件格式不正确，请确认是否正确下载了路由器对应的可执行文件"
-
 msgid "Enable Process Monitor"
 msgstr "启用进程监控"
 
@@ -688,9 +679,6 @@ msgstr "禁止连接的域名"
 msgid "Obfuscate password (optional)"
 msgstr "混淆密码（可选）"
 
-msgid "Select the interface that needs to transmit data. If unchecked, all interfaces will pass data by default!"
-msgstr "选择需要传递数据的接口。如果未选择，则默认情况下所有接口都将传递数据！"
-
 msgid "Camouflage Type"
 msgstr "伪装类型"
 
@@ -741,3 +729,9 @@ msgstr "输入的内容不正确！"
 
 msgid "Reset complete"
 msgstr "重置完成"
+
+msgid "Shadowsocks2"
+msgstr "二次加密"
+
+msgid "Finger Print"
+msgstr "指纹伪造"

luci-app-ssr-plus/root/etc/init.d/shadowsocksr

@@ -282,7 +282,7 @@ gen_config_file() { #server1 type2 code3 local_port4 socks_port5 threads5
 	vmess | vless)
 		lua /usr/share/shadowsocksr/gen_config.lua $1 $mode $4 $5 >$config_file
 		;;
-	trojan)
+	trojan | trojan-go)
 		case "$3" in
 		1)
 			lua /usr/share/shadowsocksr/gen_config.lua $1 nat $4 >$config_file
@@ -341,11 +341,11 @@ start_udp() {
 		ln_start_bin $(first_type xray v2ray) v2ray -config $udp_config_file
 		echolog "UDP TPROXY Relay:$($(first_type "xray" "v2ray") -version | head -1) Started!"
 		;;
-	trojan) #client
+	trojan | trojan-go) #client
 		gen_config_file $UDP_RELAY_SERVER $type 2 $tmp_udp_local_port
-		ln_start_bin $(first_type ${type}-go ${type}) $type --config $udp_config_file
+		ln_start_bin $(first_type trojan-go trojan) $type --config $udp_config_file
 		ln_start_bin $(first_type ipt2socks) ipt2socks -U -b 0.0.0.0 -4 -s 127.0.0.1 -p $tmp_udp_local_port -l $tmp_udp_port
-		echolog "UDP TPROXY Relay:$($(first_type ${type}-go ${type}) --version 2>&1 | head -1) Started!"
+		echolog "UDP TPROXY Relay:$($(first_type trojan-go trojan) --version 2>&1 | head -1) Started!"
 		;;
 	naiveproxy)
 		echolog "NaïveProxy UDP TPROXY Relay not supported!"
@@ -392,17 +392,17 @@ start_shunt() {
 		ln_start_bin $(first_type dns2socks) dns2socks 127.0.0.1:$tmp_port 8.8.8.8:53 127.0.0.1:$tmp_shunt_dns_port -q
 		echolog "shunt:$($(first_type xray v2ray) -version | head -1) Started!"
 		;;
-	trojan)
+	trojan | trojan-go)
 		gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port
-		ln_start_bin $(first_type ${type}-go ${type}) $type --config $shunt_config_file
+		ln_start_bin $(first_type trojan-go trojan) $type --config $shunt_config_file
 		if [ -n "$tmp_local_port" ]; then
 			local tmp_port=$tmp_local_port
 		else
 			local tmp_port=$tmp_shunt_local_port
-			ln_start_bin $(first_type ${type}-go ${type}) $type --config $shunt_dns_config_file
+			ln_start_bin $(first_type trojan-go trojan) $type --config $shunt_dns_config_file
 		fi
 		ln_start_bin $(first_type dns2socks) dns2socks 127.0.0.1:$tmp_port 8.8.8.8:53 127.0.0.1:$tmp_shunt_dns_port -q
-		echolog "shunt:$($(first_type ${type}-go ${type}) --version 2>&1 | head -1) Started!"
+		echolog "shunt:$($(first_type trojan-go trojan) --version 2>&1 | head -1) Started!"
 		;;
 	naiveproxy)
 		gen_config_file $SHUNT_SERVER $type 3 $tmp_shunt_port
@@ -450,10 +450,10 @@ start_local() {
 			echolog "Global_Socks5:$($(first_type "xray" "v2ray") -version | head -1) Started!"
 		fi
 		;;
-	trojan) #client
+	trojan | trojan-go) #client
 		gen_config_file $LOCAL_SERVER $type 4 $local_port
-		ln_start_bin $(first_type ${type}-go ${type}) $type --config $local_config_file
-		echolog "Global_Socks5:$($(first_type ${type}-go ${type}) --version 2>&1 | head -1) Started!"
+		ln_start_bin $(first_type trojan-go trojan) $type --config $local_config_file
+		echolog "Global_Socks5:$($(first_type trojan-go trojan) --version 2>&1 | head -1) Started!"
 		;;
 	naiveproxy)
 		gen_config_file $LOCAL_SERVER $type 4 $local_port
@@ -510,9 +510,9 @@ Start_Run() {
 		ln_start_bin $(first_type xray v2ray) v2ray -config $tcp_config_file
 		echolog "Main node:$($(first_type xray v2ray) -version | head -1) Started!"
 		;;
-	trojan)
+	trojan | trojan-go)
 		gen_config_file $GLOBAL_SERVER $type 1 $tcp_port
-		ln_start_bin $(first_type ${type}-go ${type}) $type --config $tcp_config_file
+		ln_start_bin $(first_type trojan-go trojan) $type --config $tcp_config_file
 		echolog "Main node:$($(first_type $type) --version 2>&1 | head -1) Started!"
 		;;
 	naiveproxy)
@@ -738,7 +738,7 @@ start_rules() {
 		esac
 	}
 	if [ "$(uci_get_by_type global dports 1)" == "2" ]; then
-		local proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443,853"
+		local proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443,853,9418"
 	fi
 	get_arg_out() {
 		case "$(uci_get_by_type access_control router_proxy 1)" in

luci-app-ssr-plus/root/etc/ssrplus/china_ssr.txt

@@ -4112,6 +4112,9 @@
 103.160.112.0/23
 103.160.114.0/23
 103.160.244.0/23
+103.160.254.0/23
+103.161.14.0/23
+103.161.102.0/23
 103.192.0.0/22
 103.192.4.0/22
 103.192.8.0/22

luci-app-ssr-plus/root/usr/bin/ssr-rules

@@ -204,8 +204,8 @@ ac_rule() {
 			create ssr_gen_router hash:net
 			$(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /")
 		EOF
-		$IPT -N SS_SPEC_ROUTER
-		$IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN
+		$IPT -N SS_SPEC_ROUTER && \
+		$IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \
 		$IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW
 		$IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER
 		;;
@@ -236,7 +236,7 @@ tp_rule() {
 	$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 	case "$RUNMODE" in
 	router)
-		$IPT -A SS_SPEC_TPROXY -p udp -m set --match-set ss_spec_wan_ac dst -j RETURN
+		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set ss_spec_wan_ac dst -j RETURN
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN
 		$ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
 		$ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01

luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua

@@ -99,6 +99,8 @@ local Xray = {
 		} or nil
 	} or nil
 }
+local cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
+local cipher13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384"
 local trojan = {
 	log_level = 3,
 	run_type = (proto == "nat" or proto == "tcp") and "nat" or "client",
@@ -114,14 +116,20 @@ local trojan = {
 		verify = (server.insecure == "0") and true or false,
 		verify_hostname = (server.tls == "1") and true or false,
 		cert = "",
-		cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
-		cipher_tls13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
+		cipher = cipher,
+		cipher_tls13 = cipher13,
 		sni = server.tls_host,
 		alpn = {"h2", "http/1.1"},
 		curve = "",
 		reuse_session = true,
-		session_ticket = false
+		session_ticket = (server.tls_sessionTicket == "1") and true or false
 	},
+	udp_timeout = 60,
+    mux = (server.mux == "1") and {
+        enabled = true,
+        concurrency = tonumber(server.concurrency),
+        idle_timeout = 60,
+        } or nil,
 	tcp = {
 		no_delay = true,
 		keep_alive = true,
@@ -167,6 +175,34 @@ end
 if server.type == "trojan" then
 	print(json.stringify(trojan, 1))
 end
+if server.type == "trojan-go" then
+    trojan.ssl.cipher = server.fingerprint == nil and cipher or (server.fingerprint == "disable" and cipher13 .. ":" .. cipher or "")
+    trojan.ssl.cipher_tls13 = server.fingerprint == nil and cipher13 or nil
+    trojan.ssl.fingerprint = (server.fingerprint ~= nil and server.fingerprint ~= "disable" ) and server.fingerprint or ""
+    trojan.ssl.alpn = server.trojan_transport == 'ws' and {} or {"h2", "http/1.1"}
+	if server.tls ~= "1" and server.trojan_transport == "original" then
+		trojan.ssl = nil
+		trojan.transport_plugin = server.trojan_transport == "original" and {
+			enabled = server.plugin_type ~= nil,
+			type = server.plugin_type or "plaintext",
+			command = server.plugin_type ~= "plaintext" and server.plugin_cmd or nil,
+			option = server.plugin_type ~= "plaintext" and server.plugin_option or nil,
+			arg = server.plugin_type ~= "plaintext" and { server.plugin_arg } or nil,
+			env = {}
+		} or nil	
+	end
+    trojan.websocket = server.trojan_transport and server.trojan_transport:find('ws') and {
+        enabled = true,
+        path = server.ws_path or "/",
+        host = server.ws_host or (server.tls_host or server.server)
+    } or nil
+    trojan.shadowsocks = (server.ss_aead == "1") and {
+        enabled = true,
+        method = server.ss_aead_method or "aead_aes_128_gcm",
+        password = server.ss_aead_pwd or ""
+    } or nil
+	print(json.stringify(trojan, 1))
+end
 if server.type == "naiveproxy" then
 	print(json.stringify(naiveproxy, 1))
 end