hesoyam/sing-warp-socks5
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add tun to wakeup whole vps or client machine

Browse Source
This commit is contained in:
hesoyam
2026-05-15 11:37:08 +03:00
parent 9fe7b901c1
commit beb72a417e
2 changed files with 228 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files
generate-config.sh
+200 -5
View File
@@ -1,7 +1,22 @@
#!/bin/sh
WARP_CONF="/app/warp.conf"
OUTPUT_CONFIG="/app/config.json"
WARP_CONF="${WARP_CONF:-/etc/sing-box-warp/warp.conf}"
OUTPUT_CONFIG="${OUTPUT_CONFIG:-/opt/sing-box-warp/config.json}"
ENABLE_TUN_FILE="${ENABLE_TUN_FILE:-/etc/sing-box-warp/enable-tun}"
load_enable_tun() {
local value
value=$(trim "${ENABLE_TUN:-}")
if [ -z "$value" ] && [ -f "$ENABLE_TUN_FILE" ]; then
value=$(trim "$(cat "$ENABLE_TUN_FILE")")
fi
case "$value" in
1|yes|true|y|Y|on|ON) ENABLE_TUN=1 ;;
*) ENABLE_TUN=0 ;;
esac
}
urldecode() {
echo "$1" | sed 's/%3[dD]/=/g; s/%2[bB]/+/g; s/%2[fF]/\//g; s/%2[cC]/,/g'
@@ -11,6 +26,43 @@ trim() {
echo "$1" | sed 's/^[[:space:]]*//; s/[[:space:]]*$//'
}
# Default-route NIC (eth0, ens3, enp0s3, …); override with TUN_EXCLUDE_INTERFACE
detect_default_interface() {
local iface
iface=$(trim "${TUN_EXCLUDE_INTERFACE:-}")
if [ -n "$iface" ]; then
echo "$iface"
return 0
fi
if command -v ip >/dev/null 2>&1; then
iface=$(ip -4 route show default 2>/dev/null \
| awk '/default/ { for (i = 1; i <= NF; i++) if ($i == "dev") { print $(i + 1); exit } }')
if [ -n "$iface" ]; then
echo "$iface"
return 0
fi
iface=$(ip -4 route get 1.1.1.1 2>/dev/null \
| awk '{ for (i = 1; i <= NF; i++) if ($i == "dev") { print $(i + 1); exit } }')
if [ -n "$iface" ]; then
echo "$iface"
return 0
fi
fi
if [ -r /proc/net/route ]; then
iface=$(awk '$2 == "00000000" && $1 != "Iface" { print $1; exit }' /proc/net/route)
if [ -n "$iface" ]; then
echo "$iface"
return 0
fi
fi
return 1
}
normalize_cidr() {
local addr
local suffix
@@ -83,7 +135,7 @@ parse_from_wg_url() {
ALLOWED_IPS="0.0.0.0/0"
TAG="wireguard-out"
LOG_LEVEL="debug"
LOG_LEVEL="error"
}
parse_from_ini() {
@@ -180,6 +232,56 @@ parse_from_ini() {
}
write_config() {
if [ "$ENABLE_TUN" = "1" ]; then
EXCLUDE_IFACE=$(detect_default_interface) || {
echo "Warning: could not detect default network interface, using eth0" >&2
EXCLUDE_IFACE="eth0"
}
echo "TUN enabled, exclude_interface: $EXCLUDE_IFACE" >&2
TUN_INBOUND_PART=$(cat <<TUNEOF
,
{
"type": "tun",
"tag": "tun-in",
"interface_name": "sing0",
"address": [
"172.42.0.1/30"
],
"mtu": 1500,
"auto_route": true,
"strict_route": false,
"auto_redirect": true,
"sniff": true,
"sniff_override_destination": true,
"endpoint_independent_nat": false,
"stack": "system",
"domain_strategy": "prefer_ipv4",
"exclude_interface": [
"$EXCLUDE_IFACE"
]
}
TUNEOF
)
TUN_ROUTE_RULE_PART=$(cat <<'RULEEOF'
,
{
"inbound": "tun-in",
"action": "sniff",
"timeout": "1s",
"network": [
"tcp",
"udp",
"quic"
]
}
RULEEOF
)
else
echo "TUN disabled (SOCKS5 only)" >&2
TUN_INBOUND_PART=""
TUN_ROUTE_RULE_PART=""
fi
if [ -n "$I1" ] || [ -n "$I2" ]; then
H4_COMMA=","
else
@@ -264,7 +366,7 @@ $I2_LINE
"type": "mixed",
"tag": "mixed-in",
"listen_port": 2080
}
}$TUN_INBOUND_PART
],
"outbounds": [
{
@@ -273,7 +375,97 @@ $I2_LINE
}
],
"route": {
"final": "$TAG",
"rules": [
{
"action": "sniff"
}$TUN_ROUTE_RULE_PART,
{
"ip_is_private": true,
"outbound": "direct"
},
{
"inbound": "mixed-in",
"outbound": "wireguard-out"
}
{
"protocol": "dns",
"action": "hijack-dns"
},
{
"domain_suffix": [
"myip.wtf",
"my-ip.io",
"ipify.org",
"myip.la",
"ip-api.com",
"ipleak.net",
"1e100.net",
"browserleaks.com",
"2ip.io",
"2ipcore.com",
"ipecho.net",
"ip.sb"
],
"outbound": "wireguard-out"
},
{
"rule_set": [
"antifilter_allyouneed",
"antizapret",
"cloudfront_ip_MetaCubeX",
"github_ip_you-oops-dev",
"github_karingx",
"telegram_MetaCubeX",
"refilter_ipsum"
],
"outbound": "wireguard-out"
}
],
"rule_set": [
{
"tag": "antifilter_allyouneed",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/antifilter_allyouneed.srs"
},
{
"tag": "antizapret",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/antizapret.srs"
},
{
"tag": "cloudfront_ip_MetaCubeX",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/cloudfront_ip_MetaCubeX.srs"
},
{
"tag": "github_ip_you-oops-dev",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/github_ip_you-oops-dev.srs"
},
{
"tag": "github_karingx",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/github_karingx.srs"
},
{
"tag": "telegram_MetaCubeX",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/telegram_MetaCubeX.srs"
},
{
"tag": "refilter_ipsum",
"type": "local",
"format": "binary",
"path": "/opt/sing-box-warp/rules/refilter_ipsum.srs"
}
],
"final": "direct",
"default_domain_resolver": "default",
"auto_detect_interface": true
}
@@ -295,10 +487,13 @@ parse_warp_conf() {
exit 1
fi
load_enable_tun
write_config
}
# Main
load_enable_tun
if [ ! -f "$WARP_CONF" ]; then
echo "Error: $WARP_CONF not found!"
exit 1