dotfiles

commit 862e643637e08bdb8cf3bf8d398f4b26e88b8f0c
parent b9cfaabcf4fa71c6fa4b2ffd36bbb863a587d746
Author: Dash Eclipse <dash@ezup.dev>
Date:   Tue, 22 Sep 2020 14:18:44 +0000

Add trt-fzf.sh

Diffstat:
A
.local/bin/trt-fzf.sh
 | 
225
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1 file changed, 225 insertions(+), 0 deletions(-)
diff --git a/.local/bin/trt-fzf.sh b/.local/bin/trt-fzf.sh
@@ -0,0 +1,225 @@
+#!/bin/bash
+
+: "${progname:="${0##*/}"}"
+TROJAN_SUBURL=""
+CSV="/home/user/.local/share/data/trojan/trojan.csv" # use absolute path
+
+urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
+
+country_zh2code() {
+	sed -e '
+	s/,俄羅斯 /,RU /
+	s/,印度 /,IN /
+	s/,土耳其 /,TR /
+	s/,巴西 /,BR /
+	s/,德國 /,DE /
+	s/,新加坡 /,SG /
+	s/,日本 /,JP /
+	s/,法國 /,FR /
+	s/,澳大利亞 /,AU /
+	s/,美國 /,US /
+	s/,臺灣 /,TW /
+	s/,英國 /,GB /
+	s/,菲律賓 /,PH /
+	s/,韓國 /,KR /
+	s/,香港 /,HK /
+	#s/,阿聯酋 /,AE /
+	'
+}
+
+country_code2name() {
+	sed -e '
+	s/AU/Australia/
+	s/BR/Brazil/
+	s/DE/Germany/
+	s/FR/Frace/
+	s/GB/United Kingdom/
+	s/HK/Hong Kong/
+	s/IN/India/
+	s/JP/Japan/
+	s/KR/South Korea/
+	s/PH/Philippines/
+	s/RU/Russia/
+	s/SG/Singapore/
+	s/TR/Turkey/
+	s/TW/Taiwan/
+	s/US/United States/
+	'
+}
+
+query_ipv4() {
+	all_servers=$1
+	while true; do
+		servers=$(printf "$all_servers" | grep '[[:alpha:]]')
+		if [[ -z "$servers" ]]; then
+			all_servers=$(echo "$all_servers" | sort | uniq | paste -s -d' ')
+			break
+		fi
+		servers_ip=$(dig +short -t A $servers)
+		all_servers=$(echo "$all_servers" | sed "/[[:alpha:]]/d")
+		all_servers+=$(echo -e "\n$servers_ip")
+	done
+	echo $all_servers
+}
+
+query_ipv6() {
+	all_servers=$1
+	while true; do
+		servers=$(printf "$all_servers" | grep -v ':' | grep '[[:alpha:]]')
+		if [[ -z "$servers" ]]; then
+			all_servers=$(echo "$all_servers" | sort | uniq | paste -s -d' ')
+			break
+		fi
+		servers_ip=$(dig +short -t AAAA $servers)
+		all_servers=$(echo "$all_servers" | sed "/\./d")
+		all_servers+=$(echo -e "\n$servers_ip")
+	done
+	echo $all_servers
+}
+
+url2csv() {
+	: >$CSV
+	#      1        2           3           4            5            6        7      8               9              10
+	#echo "password,remote_addr,remote_port,country_code,country_name,provider,number,time_appconnect,speed_download,ipv4" >>$CSV
+	total=$(cat $BASE64_URLS | base64 -d | wc -l)
+	local i=0
+	while IFS=, read -r password remote_addr remote_port mark; do
+		local i=$(($i + 1))
+		mark=${mark//,}
+		#mark=${mark/ /,}
+		#country=${mark%% *}; mark=${mark#*$country}; mark=${mark/ /}
+		#provider=${mark%% *}; mark=${mark#*$provider}; number=${mark/ /}
+		IFS=" " read -r country_code provider number <<<$(echo "$mark")
+		country_name=$(echo "$country_code" | country_code2name)
+		CONFIG=$HOME/.local/service/trojan-client/client.json switch_proxy
+		local ipv4=$(query_ipv4 $remote_addr)
+		sv restart $HOME/.local/service/trojan-client >/dev/null
+		sleep 0.8
+		time_appconnect=$(curl --connect-timeout 2 -x socks5h://127.0.0.1:51837 -o/dev/null -sw '%{time_appconnect}' 'https://connectivitycheck.gstatic.com/generate_204')
+		time_appconnect=$(printf "%.0f ms" "$(bc<<<${time_appconnect}*1000)")
+		speed_download=$(curl -x socks5h://127.0.0.1:51837 http://speedtest-sgp1.digitalocean.com/10mb.test --progress-bar -o/dev/null --write-out '%{speed_download}' | numfmt --to=iec-i --suffix=B/s)
+		echo "$i/$total | $country_code $provider $number | $time_appconnect $speed_download | $ipv4"
+		echo "$password,$remote_addr,$remote_port,$country_code,$country_name,$provider,$number,$time_appconnect,$speed_download,$ipv4" >>$CSV
+		sleep 2
+	done < <(urldecode "$(curl -s "$TROJAN_SUBURL" | base64 -d | sed 's#^trojan://##' | sed 's/?allowInsecure=1&tfo=1//' | sed 's/@/,/; s/:/,/; s/#/,/')" | country_zh2code)
+}
+
+switch_proxy() {
+	#jo run_type=client local_addr=0.0.0.0 local_port=51837 remote_addr=$remote_addr remote_port=$remote_port password=$(jo -a $password) log_level=0 ssl=$(jo verify=false verify_hostname=true cert= cipher="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA" sni= alpn=$(jo -a h2 "http/1.1") reuse_session=true session_ticket=false curse=) tcp=$(jo no_delay=true keep_alive=true reuse_port=false fast_open=false fast_open_qlen=20) >$CONFIG
+	#jo run_type=nat local_addr=127.0.0.1 local_port=16280 remote_addr=$remote_addr remote_port=$remote_port password=$(jo -a $password) log_level=0 ssl=$(jo verify=false verify_hostname=true cert= cipher="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA" sni= alpn=$(jo -a h2 "http/1.1") reuse_session=true session_ticket=false curse=) tcp=$(jo no_delay=true keep_alive=true reuse_port=false fast_open=false fast_open_qlen=20) >$CONFIG
+	jj -v "$remote_addr" -p -i $CONFIG -o $CONFIG 'remote_addr'
+	jj -v "$remote_port" -p -i $CONFIG -o $CONFIG 'remote_port'
+	jj -v "$password" -p -i $CONFIG -o $CONFIG 'password.0'
+}
+
+select_srv() {
+	while true; do
+		local SORTED_CSV=$(cat $CSV | awk 'BEGIN{FS=OFS=","}{print $9,$0}' | sort -hr)
+		local NUM=$(while IFS=, read -r speed password remote_addr remote_port country_code country_name provider number time_appconnect speed_download ipv4; do
+			echo "$speed_download,$time_appconnect,$country_code,$provider,$number,$remote_addr,$remote_port,$country_name"
+		done < <(echo "$SORTED_CSV") | sed '1iSpeed,Time,Country code,Provider,Number,Address,Port,Country name' | awk 'BEGIN{FS=OFS=","}{print i++","$0}' | column -s, -t | fzf | cut -d' ' -f1)
+		[ -z "$NUM" ] && exit 0
+		if [ "$NUM" -ne 0 ]; then
+			IFS=, read speed password remote_addr remote_port country_code country_name provider number time_appconnect speed_download ipv4 <<<$(echo "$SORTED_CSV" | sed "${NUM}q;d")
+			break
+		fi
+	done
+}
+
+reset_iptables_rules() {
+	#[ "$EUID" -ne 0 ] && { echo "Please run as root" && exit 1; }
+	## https://gist.github.com/jarek-przygodzki/29830f868e0c29e1dccb09beafbc4f72
+	iptables -P INPUT ACCEPT
+	iptables -P FORWARD ACCEPT
+	iptables -P OUTPUT ACCEPT
+	iptables -F INPUT
+	iptables -F OUTPUT
+	iptables -F FORWARD
+	iptables -F
+	iptables -t nat -F
+	iptables -t mangle -F
+	iptables -X
+	iptables -t nat -X
+	iptables -t mangle -X
+	echo "Resetted iptables rules"
+}
+add_iptables_rules() {
+	reset_iptables_rules
+	## https://github.com/shadowsocks/shadowsocks-libev#transparent-proxy
+	iptables -t nat -N TROJAN
+	for ip in $ipv4; do
+		iptables -t nat -A TROJAN -d $ip -j RETURN
+	done
+	iptables -t nat -A TROJAN -d 0.0.0.0/8 -j RETURN
+	iptables -t nat -A TROJAN -d 10.0.0.0/8 -j RETURN
+	iptables -t nat -A TROJAN -d 127.0.0.0/8 -j RETURN
+	iptables -t nat -A TROJAN -d 169.254.0.0/16 -j RETURN
+	iptables -t nat -A TROJAN -d 172.16.0.0/12 -j RETURN
+	iptables -t nat -A TROJAN -d 192.168.0.0/16 -j RETURN
+	iptables -t nat -A TROJAN -d 224.0.0.0/4 -j RETURN
+	iptables -t nat -A TROJAN -d 240.0.0.0/4 -j RETURN
+	iptables -t nat -A TROJAN -p tcp -j REDIRECT --to-ports 16280
+	iptables -t nat -A OUTPUT -j TROJAN
+	echo "Added iptables rules"
+}
+
+get_info() {
+	printf 'Clint: '
+	grep "^$(jq -r '.password[0] + "," + .remote_addr + "," + (.remote_port|tostring)' ~/.local/service/trojan-client/client.json)," $CSV | cut -d',' -f4,6,7 --output-delimiter=' '
+	printf 'Nat:   '
+	grep "^$(jq -r '.password[0] + "," + .remote_addr + "," + (.remote_port|tostring)' /etc/trojan/config.json)," $CSV | cut -d',' -f4,6,7 --output-delimiter=' '
+}
+
+usage() {
+	cat <<_EOF | GREP_COLORS='ms=1' egrep --color "$progname|$"
+Usage: $progname -f       get csv
+       $progname s        select node
+       $progname c        switch node for trojan client
+       $progname n        switch node for trojan NAT
+
+       $progname r        reset iptables rules
+       $progname a        add iptables rules
+
+_EOF
+	exit 1
+}
+
+
+case $1 in
+	-f)	url2csv;;
+	s)
+		select_srv
+		echo "$country_code $provider $number ($remote_addr)"
+		;;
+	c)
+		CONFIG=$HOME/.local/service/trojan-client/client.json
+		select_srv
+		echo "Cient: $country_code $provider $number ($remote_addr)"
+		switch_proxy
+		sv restart $HOME/.local/service/trojan-client >/dev/null
+		;;
+	n)
+		[ "$EUID" -ne 0 ] && { echo "Please run as root" && exit 1; }
+		CONFIG=/etc/trojan/config.json
+		select_srv
+		echo "NAT: $country_code $provider $number ($remote_addr)"
+		echo "IPv4: $ipv4"
+		switch_proxy
+		sv restart trojan
+		add_iptables_rules
+		;;
+	r)
+		[ "$EUID" -ne 0 ] && { echo "Please run as root" && exit 1; }
+		reset_iptables_rules
+		;;
+	a)
+		[ "$EUID" -ne 0 ] && { echo "Please run as root" && exit 1; }
+		ipv4=$(grep "^$(jq -r '.password[0] + "," + .remote_addr + "," + (.remote_port|tostring)' /etc/trojan/config.json)," $CSV | cut -d',' -f10 --output-delimiter=' ')
+		add_iptables_rules
+		;;
+	i)
+		get_info
+		;;
+	*) usage;;
+esac
+exit 0