rmscripts/SS5/dynamic.sh

#!/usr/bin/env bash
#
# Description: Polling and realize multi-exit dynamic IP.
#
# Copyright (C) 2023 liveJQ <cloud@livejq.fun>

RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
SKYBLUE='\033[0;36m'
PLAIN='\033[0m'

defaultGate=$(ip route | awk -F ' ' '/default/{print $3}')
matchAddr=${defaultGate%.*}
OLD_IFS="$IFS"
IFS=$'\n'
allAddr=($(ip route | grep src | awk -F ' ' {'print $9'}))
IFS="$OLD_IFS"
sumAddr=${#allAddr[@]}
echo -e "${GREEN}此主机共配置了 $sumAddr 个IP地址${PLAIN}"
snat=""
for address in ${allAddr[@]}
do
    if [ $matchAddr = ${address%.*} ]
    then
        snat=$address
    fi
done

if [ -z $snat ]
then
    echo -e "${RED}请先配置好 IP 地址再运行此程序${PLAIN}" && exit 1
elif [ ! -x /usr/sbin/ss5 ]
then
    echo -e "${RED}请先安装好 Socks5 再运行此程序${PLAIN}" && exit 1
fi

if [ $(iptables -t nat -L | grep SNAT | wc -l) -gt 0 ]
then
    lastAddr=$(iptables -t nat -L | grep SNAT | awk -F: '{print $NF}')
    for((mark=0;mark<sumAddr;mark++))
    do
        address=${allAddr[mark]}
        newMark=$(( mark + 1 ))
        if [[ $lastAddr = $address && $newMark -lt $sumAddr ]]
        then  
            lastAddr=${allAddr[newMark]}
            break
        fi
        if [ $newMark -eq $sumAddr ]
        then
            lastAddr=${allAddr[0]}
            break
        fi
    done
    uid=$(id $(cat /etc/opt/ss5/ss5_proc_user.txt) | awk -F '(' '{print $1}' | awk -F '=' '{print $2}')
    ruleNum=$(iptables -t nat -L -n --line-number | grep SNAT | awk -F ' ' '/all/{print $NR}')
    iptables -t nat -D POSTROUTING $ruleNum
    iptables -t nat -A POSTROUTING -m mark --mark $uid -j SNAT --to-source $lastAddr
    echo -e "${GREEN}出口已更新！当前为 $lastAddr${PLAIN}" && exit 0
else
    read -rp "请输入一个 Socks5 用户名(默认user1)：" user
    read -rp "请输入此用户密码(默认password1)：" password
    read -rp "请输入 Socks5 端口(默认10001)：" port
    read -rp "请输入出口轮训间隔时间, 单位分钟(默认5)：" min
    echo "${user:-user1} ${password:-password1}" >>/etc/opt/ss5/ss5.passwd
    echo "${user:-user1}" >/etc/opt/ss5/ss5_proc_user.txt
    useradd ${user:-user1} -s /bin/false -p ${password:-password1}
    uid=$(id ${user:-user1} | awk -F '(' '{print $1}' | awk -F '=' '{print $2}')

    iptables -A INPUT -p tcp --dport ${port:-10001} -j ACCEPT
    iptables -t mangle -A OUTPUT -m owner --uid-owner $uid -j MARK --set-mark $uid
    iptables -t nat -A POSTROUTING -m mark --mark $uid -j SNAT --to-source ${allAddr[0]}
    iptables-save >/etc/sysconfig/iptables_ss5.ipv4
    cp $(dirname $(readlink -f "$0"))/dynamic.sh /opt
    echo "*/${min:-5} * * * * root bash /opt/dynamic.sh" >>/etc/crontab
    echo "iptables-restore </etc/sysconfig/iptables_ss5.ipv4" >>/etc/rc.local
    ss5 -u ${user:-user1} -b $snat:${port:-10001} 
    [[ $(netstat -tnlp | grep ${port:-10001} | wc -l) -gt 0 ]] && echo -e "${GREEN}配置成功！${PLAIN}" && exit 0
fi