add faster tunnel for mainlanders.

chntunnel/chntunnel.sh

@@ -0,0 +1,208 @@
+#!/usr/bin/env bash
+#
+# Description: Add faster tunnel for mainlanders.
+#
+# Copyright (C) 2023 liveJQ <cloud@livejq.fun>
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[0;33m'
+SKYBLUE='\033[0;36m'
+PLAIN='\033[0m'
+
+DIR='/tmp/chntunnel'
+C_DIR="$(dirname $(readlink -f "$0"))"
+FILEPATH=$0
+FILENAME=${FILEPATH#*/}
+URL=ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest
+APNIC=${URL##*/}
+MATCH_IP='\([[:digit:]]\+\.\)\{3\}[[:digit:]]\+'
+MATCH_MASK='[[:digit:]]\+'
+NOW=`date +'%Y-%m-%d %H:%M'`
+WHITELIST="$DIR/whitelist.txt"
+GFWLIST="$DIR/GFWlist.txt"
+RUNPATH="/usr/local/sbin/chntunnel"
+
+msg() {
+	echo $1
+}
+
+msg_pass() {
+	echo -e "${GREEN}$1${PLAIN}"
+}
+
+msg_err() {
+	echo -e "${RED}$1${PLAIN}"
+}
+
+help() {
+	cat << EOF
+Usage: chntunnel [OPTION...]
+
+	options:
+	-c, --collect         genrate route files from apnic.
+	-g, --gre-tunnel      create a gre tunnel.
+	-w, --white-list      whitelist mode.[TODO]
+	-f, --gfw-list        gfwlist mode.
+EOF
+}
+
+chkmd5() {
+	msg 'Check MD5:'
+	md5sum -c $APNIC.md5
+}
+
+download() {
+	msg "Download $APNIC:"
+	curl -O $URL -O $URL.md5
+}
+
+cidr() {
+	case $1 in 256) echo 24;;
+				512) echo 23;;
+				1024) echo 22;;
+				2048) echo 21;;
+				4096) echo 20;;
+				8192) echo 19;;
+				16384) echo 18;;
+				32768) echo 17;;
+				65536) echo 16;;
+				131072) echo 15;;
+				262144) echo 14;;
+				524288) echo 13;;
+				1048576) echo 12;;
+				2097152) echo 11;;
+				4194304) echo 10;;
+				8388608) echo 9;;
+				16777216) echo 8
+	esac
+}
+
+newGre() {
+	cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$4
+	DEVICE=$4
+	BOOTPROTO=none
+	ONBOOT=yes
+	DEVICETYPE=tunnel
+	TYPE=GRE
+	PEER_INNER_IPADDR=$2
+	PEER_OUTER_IPADDR=$3
+	MY_INNER_IPADDR=$1
+EOF
+}
+
+addRoutes() {
+	cat << EOF > /etc/rc.local
+	#!/bin/bash
+	# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
+	#
+	# It is highly advisable to create own systemd services or udev rules
+	# to run scripts during boot instead of using this file.
+	#
+	# In contrast to previous versions due to parallel execution during boot
+	# this script will NOT be run after all other services.
+	#
+	# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
+	# that this script will be executed during boot.
+	touch /var/lock/subsys/local
+	ip route flush table $1
+	ip route add default via $2 dev $3 src $4 table $1               
+	ip rule add from $4 table $1
+EOF
+}
+
+collecting() {
+	i=0
+    while [ $i -le 25 ]
+    do
+		for j in '\\' '|' '/' '-'
+		do
+			printf "Collecting, a little long %c%c%c%c%c\r" \
+			"$j" "$j" "$j" "$j" "$j"
+			sleep 0.1
+		done
+		let i=i+4
+    done
+}
+
+source /etc/os-release || source /usr/lib/os-release
+[[ $ID = 'centos' ]] || error=1
+[[ $error -eq 1 ]] && msg_err "Sorry! current system is not supported." && exit 1
+[[ ! -f $RUNPATH || `find $RUNPATH -mtime +1` ]] && cp $C_DIR/$FILENAME $RUNPATH && chmod 755 $RUNPATH
+if [ $# != 0 ]; then
+	for param in {$1,$2,$3}
+	do
+		if [[ $param = '-c' || $param = '--collect' ]]; then
+			mkdir -p $DIR && cd $_
+			if [[ ! -f $APNIC || ! -f $APNIC.md5 || `find $APNIC -mtime +0` ]]; then
+				download && chkmd5 || exit
+			else
+				chkmd5 || { download && chkmd5; } || exit
+			fi
+			collecting
+			grep "apnic|CN|ipv4|" $APNIC | awk -F'|' '{print $4"/"32-log($5)/log(2)}' >$WHITELIST
+			grep '|ipv4|' $APNIC | grep -v '|CN|' | awk -F'|' '{print $4"/"32-log($5)/log(2)}' >$GFWLIST
+			msg_pass "Collection complete!"
+			# grep '^apnic|CN|ipv4|' $APNIC | grep -o "$MATCH_IP|$MATCH_MASK" | while read line
+			# 	do
+			# 		IPADDR=${line%|*}
+			# 		CIDR=`cidr ${line#*|}`
+			# 		echo $IPADDR/$CIDR >> $WHITELIST || exit
+			# 	done
+			# grep '|ipv4|' $APNIC | grep -v '|CN|' | grep -o "$MATCH_IP|$MATCH_MASK" | while read line
+			# 	do
+			# 		IPADDR=${line%|*}
+			# 		CIDR=`cidr ${line#*|}`
+			# 		echo $IPADDR/$CIDR >> $GFWLIST || exit
+			# 	done
+		elif [[ $param = '-g' || $param = '--gre-tunnel' ]]; then
+			lsmod | grep ip_gre && result=$? && [[ $result != '0' ]] && modprobe ip_gre
+			lsmod | grep ip_gre && result=$? && [[ $result != '0' ]] && msg_err "The current system does not support GRE tunnel." && exit 1
+			msg "Prepare to establish a gre tunnel"
+			read -rp "TUNNEL_NAME (default: tun0)" TUNNEL_NAME
+			[[ -f "/etc/sysconfig/network-scripts/ifcfg-${TUNNEL_NAME:-tun0}" ]] &&  msg_err "This tunnel already exists, please do not create it again." && exit 1
+			read -rp "MY_INNER_IPADDR: " MY_INNER_IPADDR
+			read -rp "PEER_INNER_IPADDR: " PEER_INNER_IPADDR
+			read -rp "PEER_OUTER_IPADDR: " PEER_OUTER_IPADDR
+			newGre $MY_INNER_IPADDR $PEER_INNER_IPADDR $PEER_OUTER_IPADDR ${TUNNEL_NAME:-tun0}
+			ifup ${TUNNEL_NAME:-tun0}
+			ping -c 3 $PEER_INNER_IPADDR && result=$?
+			[[ $result -eq 0 ]] && msg_pass "Tunnel created successfully!" && exit 0
+		elif [[ $param = '-f' || $param = '--gfw-list' ]]; then
+			peer=$(ip addr | grep peer | grep inet | awk -F ' ' {'print $4'})
+			PEER_INNER_IPADDR=${peer%%/*}
+			:>/etc/sysconfig/static-routes
+			cat $GFWLIST | while read line
+				do
+					ip route add $line via $PEER_INNER_IPADDR
+					echo "any net $line gw $PEER_INNER_IPADDR" >>/etc/sysconfig/static-routes || exit
+				done
+			msg_pass "GFWlist is active, enjoy~"
+		elif [[ $param = '-w' || $param = '--white-list' ]]; then
+			local_gw=$(ip route | grep default | awk -F ' ' {'print $3'})
+			local_dev=$(ip route | grep src | awk -F ' ' {'print $3'})
+			local_addr=$(ip route | grep src | awk -F ' ' {'print $9'})
+			local_table='cn'
+			peer=$(ip addr | grep peer | grep inet | awk -F ' ' {'print $4'})
+			PEER_INNER_IPADDR=${peer%%/*}
+			:>/etc/sysconfig/static-routes
+			grep $local_table /etc/iproute2/rt_tables && result=$?
+			[[ $result != '0' ]] && echo "200 $local_table" >>/etc/iproute2/rt_tables
+			grep $local_table /etc/rc.local && result=$?
+			[[ $result != '0' ]] && addRoutes $local_table $local_gw $local_dev $local_addr && chmod +x /etc/rc.local && /etc/rc.local && 
+			cat $WHITELIST | while read line
+				do
+					ip route add $line via $local_gw
+					echo "any net $line gw $local_gw" >>/etc/sysconfig/static-routes || exit
+				done
+			ip route del default via $local_gw
+			ip route add default via $PEER_INNER_IPADDR
+		else
+			help
+		fi
+	done
+else
+	help
+fi
+#TODO:白名单
+#TODO:设置DNS