mirrors/allinssl
1
0
Fork 0
mirror of https://github.com/allinssl/allinssl.git synced 2025-12-15 09:55:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

代码同步

Browse Source
This commit is contained in:
zhangchenhao
2025-05-10 16:45:46 +08:00
parent ad6b3cfa64
commit 8a9d766b50
103 changed files with 967 additions and 762 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
script/allinssl.sh
View File

@@ -50,7 +50,16 @@ if [ $# -eq 0 ]; then
fi
function update_allinssl() {
local url="https://download.allinssl.com/bin/allinssl.tar.gz"
ARCH=$(uname -m)
if [[ "$ARCH" == "x86_64" ]]; then
local url="https://download.allinssl.com/bin/allinssl-Linux-x86_64.tar.gz"
elif [[ "$ARCH" == "aarch64" ]]; then
local url="https://download.allinssl.com/bin/allinssl-Linux-aarch64.tar.gz"
else
echo "不支持$ARCH"
exit 1
fi
# local url="https://download.allinssl.com/bin/allinssl.tar.gz"
local target_dir="${WORK_DIR}"
local temp_file=$(mktemp)
local original_filename temp_file
@@ -134,6 +143,57 @@ function update_allinssl() {
fi
}
function get_pack_manager(){
if [ -f "/usr/bin/yum" ] && [ -d "/etc/yum.repos.d" ]; then
PM="yum"
elif [ -f "/usr/bin/apt-get" ] && [ -f "/usr/bin/dpkg" ]; then
PM="apt-get"
fi
}
function set_firewall(){
sshPort=$(cat /etc/ssh/sshd_config | grep 'Port '|awk '{print $2}')
if [ "${PM}" = "apt-get" ]; then
apt-get install -y ufw
if [ -f "/usr/sbin/ufw" ];then
ufw allow 22/tcp
ufw allow ${panelPort}/tcp
ufw allow ${sshPort}/tcp
ufw status
echo y|ufw enable
ufw default deny
ufw reload
fi
else
if [ -f "/etc/init.d/iptables" ];then
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ${panelPort} -j ACCEPT
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ${sshPort} -j ACCEPT
iptables -A INPUT -p icmp --icmp-type any -j ACCEPT
iptables -A INPUT -s localhost -d localhost -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P INPUT DROP
service iptables save
sed -i "s#IPTABLES_MODULES=\"\"#IPTABLES_MODULES=\"ip_conntrack_netbios_ns ip_conntrack_ftp ip_nat_ftp\"#" /etc/sysconfig/iptables-config
iptables_status=$(service iptables status | grep 'not running')
if [ "${iptables_status}" == '' ];then
service iptables restart
fi
else
AliyunCheck=$(cat /etc/redhat-release|grep "Aliyun Linux")
[ "${AliyunCheck}" ] && return
yum install firewalld -y
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --set-default-zone=public > /dev/null 2>&1
firewall-cmd --permanent --zone=public --add-port=22/tcp > /dev/null 2>&1
firewall-cmd --permanent --zone=public --add-port=${panelPort}/tcp > /dev/null 2>&1
firewall-cmd --permanent --zone=public --add-port=${sshPort}/tcp > /dev/null 2>&1
firewall-cmd --reload
fi
fi
}
# 判断特殊操作
if [ "$1" == "16" ]; then
echo "⚠️ 正在准备执行 ALLinSSL 更新操作..."
@@ -160,6 +220,24 @@ elif [ "$1" == "17" ]; then
# 删除工作目录
rm -rf "$WORK_DIR"
exit 0
elif [ "$1" == "7" ]; then
# 先调用二进制程序修改端口
"./$BINARY_FILE" "$@"
# 获取修改后的端口
panelPort=$("./$BINARY_FILE" 15 | grep -o ":[0-9]\+" | grep -o "[0-9]\+" | head -n 1)
echo "检测到新的端口: ${panelPort}"
# 放行新端口
get_pack_manager
echo "正在放行端口 ${panelPort}..."
set_firewall
echo "✅ 端口修改并放行完成!"
exit 0
elif [ "$1" == "status" ]; then
# 检查服务状态
exit 0
fi
# 运行二进制文件