diff --git a/1.25.3.1.tar.gz b/1.25.3.1.tar.gz new file mode 100644 index 0000000..757f126 Binary files /dev/null and b/1.25.3.1.tar.gz differ diff --git a/99nginx.sh b/99nginx.sh new file mode 100644 index 0000000..72cc4ba --- /dev/null +++ b/99nginx.sh @@ -0,0 +1,372 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH + +RED_COLOR="\033[0;31m" +NO_COLOR="\033[0m" +GREEN="\033[32m\033[01m" +BLUE="\033[0;36m" +FUCHSIA="\033[0;35m" + +nginx_v=1.25.3.1 + +install_nginx(){ +apt update -y && apt install vim curl lsof wget -y +apt install build-essential libpcre3 libpcre3-dev zlib1g-dev openssl libssl-dev linux-image-amd64 linux-headers-amd64 -y +wget -N --no-check-certificate https://git.igewu.org/yanglc/tunnel/raw/branch/main/$nginx_v.tar.gz && tar -xvzf $nginx_v.tar.gz +cd openresty-$nginx_v +./configure \ +--prefix=/etc/nginx \ +--sbin-path=/usr/sbin/nginx \ +--conf-path=/etc/nginx/nginx.conf \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--with-file-aio \ +--with-threads \ +--with-stream \ +--with-stream_realip_module \ +--with-stream_ssl_module \ +--with-stream_ssl_preread_module +make && make install +cd +rm -rf $nginx_v.tar.gz openresty-$nginx_v +wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf" +wget -N --no-check-certificate -P /usr/lib/systemd/system/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.service" +systemctl enable nginx --now +systemctl daemon-reload +install_wireguard +99_menu +} + +install_wireguard(){ +apt install linux-image-amd64 -y && apt install wireguard -y +systemctl enable wg-quick@wg0 +} + +nginx_conf(){ +echo -e " + ${GREEN} 1.跳板机 + ${GREEN} 2.中转机 + " +read -p "输入选项:" aNum +echo -e " + ${GREEN} 1.隧道1(tunnel1) + ${GREEN} 2.隧道2(tunnel2) + ${GREEN} 3.隧道3(tunnel3) + " +read -p "请输入括号里的代号:" mplsdh +if [ "$aNum" = "1" ];then +rm -rf /etc/nginx/nginx.conf +wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/luodi/nginx.txt" +wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/luodi/ca1.crt" +wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf" +nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'` +echo -e " +stream {" >> /etc/nginx/nginx.conf +for((i=1;i<=$nginx_rows;i++)); +do +listen_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $1}'` +listen_port=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $2}'` +remote_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $3}'` +remote_port=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $4}'` +lan_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $5}'` +echo -e " +server { + listen $listen_ip:$listen_port ssl; + listen $lan_ip:$listen_port udp; + ssl_protocols TLSv1.3; + ssl_conf_command MinProtocol TLSv1.3; + ssl_conf_command Ciphersuites TLS_CHACHA20_POLY1305_SHA256; + ssl_certificate /etc/nginx/ssl/server.crt; + ssl_certificate_key /etc/nginx/ssl/server.key; + ssl_client_certificate /etc/nginx/ssl/ca1.crt; + ssl_verify_client on; + ssl_session_cache shared:SSL:15m; + ssl_session_timeout 3h; + ssl_session_tickets off; + tcp_nodelay on; + proxy_pass $remote_ip:$remote_port; + proxy_protocol off; + access_log off; +}" >> /etc/nginx/nginx.conf +done +elif [ "$aNum" = "2" ];then +rm -rf /etc/nginx/nginx.conf +wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/zhongzhuan/nginx.txt" +wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/ca1.crt" +wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf" +nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'` +echo -e " +stream {" >> /etc/nginx/nginx.conf +for((i=1;i<=$nginx_rows;i++)); +do +listen_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $1}'` +listen_port=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $2}'` +remote_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $3}'` +remote_port=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $4}'` +lan_ip=`sed -n "$i, 1p" /etc/nginx/nginx.txt | awk '{print $5}'` +echo -e " +server { + listen $listen_ip:$listen_port; + proxy_ssl_certificate /etc/nginx/ssl/server.crt; + proxy_ssl_certificate_key /etc/nginx/ssl/server.key; + proxy_ssl_trusted_certificate /etc/nginx/ssl/ca1.crt; + proxy_ssl_protocols TLSv1.3; + proxy_ssl_server_name on; + proxy_ssl_verify on; + proxy_ssl on; + ssl_session_tickets off; + tcp_nodelay on; + proxy_ssl_name $remote_ip; + proxy_pass $remote_ip:$remote_port; + proxy_protocol off; + access_log off; +} +server { + listen $listen_ip:$listen_port udp; + proxy_pass $lan_ip:$remote_port; + proxy_protocol off; + access_log off; +}" >> /etc/nginx/nginx.conf +done +fi +echo -e " +}" >> /etc/nginx/nginx.conf +wireguard_conf +systemctl restart nginx +99_menu +} + +wireguard_conf(){ +if [ "$aNum" = "1" ];then +wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/luodi/wg0.conf" +elif [ "$aNum" = "2" ];then +wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/wg0.conf" +fi +wg-quick down wg0 +wg-quick up wg0 +} + +delete_firewall(){ +if [[ "$EUID" -ne 0 ]]; then + echo "false" + else + echo "true" + fi +if [[ -f /etc/redhat-release ]]; then + release="centos" + elif cat /etc/issue | grep -q -E -i "debian"; then + release="debian" + elif cat /etc/issue | grep -q -E -i "ubuntu"; then + release="ubuntu" + elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then + release="centos" + elif cat /proc/version | grep -q -E -i "debian"; then + release="debian" + elif cat /proc/version | grep -q -E -i "ubuntu"; then + release="ubuntu" + elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then + release="centos" + fi + + if [[ $release = "ubuntu" || $release = "debian" ]]; then +ufw disable +apt-get remove ufw +apt-get purge ufw + elif [[ $release = "centos" ]]; then + systemctl stop firewalld.service + systemctl disable firewalld.service + else + exit 1 + fi + 99_menu +} + +create_ssl(){ +mkdir -p /etc/nginx/ssl +cd /etc/nginx/ssl +servername=`curl -s http://ipv4.icanhazip.com` +cat > my-openssl.cnf << EOF +[ ca ] +default_ca = CA_default +[ CA_default ] +x509_extensions = usr_cert +[ req ] +default_bits = 2048 +default_md = sha256 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca +string_mask = utf8only +[ req_distinguished_name ] +[ req_attributes ] +[ usr_cert ] +basicConstraints = CA:FALSE +nsComment = "OpenSSL Generated Certificate" +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer +[ v3_ca ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer +basicConstraints = CA:true +EOF +openssl genrsa -out ca.key 2048 +openssl req -x509 -new -nodes -key ca.key -subj "/CN=${servername}" -days 5000 -out ca.crt +openssl genrsa -out server.key 2048 +openssl req -new -sha256 -key server.key \ + -subj "/C=CN/ST=lj/L=lj/O=ljfxz/CN=${servername}" \ + -reqexts SAN \ + -config <(cat my-openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:${servername},IP:${servername}")) \ + -out server.csr +openssl x509 -req -days 365 -sha256 \ + -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial \ + -extfile <(printf "subjectAltName=DNS:${servername},IP:${servername}") \ + -out server.crt +cat /etc/nginx/ssl/ca.crt +} + +install_kernel(){ +wget -N --no-check-certificate "https://git.igewu.org/yanglc/tunnel/raw/branch/main/tcp.sh" && chmod +x tcp.sh && ./tcp.sh +} + +install_v2ray(){ +bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/soga/master/install.sh) +rm -rf /etc/soga/soga.conf +read -p "输入对接域名(例如www.baidu.com):" ym +read -p "输入节点id:" nodeid +read -p "输入mukey:" mukey +read -p "输入soga授权码:" sogakey +echo " +# 基础配置 +type=sspanel-uim +server_type=v2ray +node_id=${nodeid} +soga_key=${sogakey} + +# webapi 或 db 对接任选一个 +api=webapi + +# webapi 对接信息 +webapi_url=https://${ym} +webapi_key=${mukey} + +# db 对接信息 +db_host= +db_port= +db_name= +db_user= +db_password= + +# 手动证书配置 +cert_file= +key_file= + +# 自动证书配置 +cert_mode= +cert_domain= +cert_key_length=ec-256 +dns_provider= + +# dns 配置 +default_dns= +dns_cache_time=10 +dns_strategy=ipv4_first + +# v2ray 特殊配置 +v2ray_reduce_memory=false +vless=false +vless_flow= + +# proxy protocol 中转配置 +proxy_protocol=false + +# 全局限制用户 IP 数配置 +redis_enable=false +redis_addr= +redis_password= +redis_db=0 +conn_limit_expiry=60 + +# 其它杂项 +user_conn_limit=0 +user_speed_limit=0 +node_speed_limit=0 +check_interval=60 +force_close_ssl=false +forbidden_bit_torrent=true +log_level=info + +# 更多配置项如有需要自行添加 +" > /etc/soga/soga.conf +soga restart +} + +manage_nginx(){ +echo -e " + ${GREEN} 1.停止隧道 + ${GREEN} 2.启动隧道 + ${GREEN} 3.重启隧道 +" +read -p "请输入选项:" bNum +if [ "$bNum" = "1" ];then +wg-quick down wg0 +systemctl stop nginx +elif [ "$bNum" = "2" ];then +wg-quick up wg0 +systemctl start nginx +elif [ "$bNum" = "3" ];then +wg-quick down wg0 +wg-quick up wg0 +systemctl restart nginx +fi +99_menu +} + +99_menu(){ +clear +echo -e " + ${GREEN} 1.安装隧道工具 + ${GREEN} 2.获取隧道配置 + ${GREEN} 3.对接v2ray + ${GREEN} 4.删除防火墙 + ${GREEN} 5.管理隧道 + ${GREEN} 6.自签ssl + ${GREEN} 7.安装内核 + ${GREEN} 0.退出脚本" +read -p " 请输入数字后[0-7] 按回车键:" num +case "$num" in + 1) + install_nginx + ;; + 2) + nginx_conf + ;; + 3) + install_v2ray + ;; + 4) + delete_firewall + ;; + 5) + manage_nginx + ;; + 6) + create_ssl + ;; + 7) + install_kernel + ;; + 0) + exit 1 + ;; + *) + echo "请输入正确数字 [0-7] 按回车键" + sleep 1s + 99_menu + ;; +esac +} +99_menu diff --git a/README.md b/README.md index 3084ae6..72a7d77 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ -# tunnel +## tunnel +一个自用隧道 -自用隧道 \ No newline at end of file +#server为中转机配置 +#client为落地机配置 \ No newline at end of file diff --git a/checkmemnginx.sh b/checkmemnginx.sh new file mode 100644 index 0000000..f3505a7 --- /dev/null +++ b/checkmemnginx.sh @@ -0,0 +1,11 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +MemTotal=`free -t |grep "Mem:" | awk '{print $2}'` +MemUsed=`free -t |grep "Mem:" | awk '{print $3}'` +MemPercent=$((MemUsed*100/MemTotal)) +if [ $MemPercent -gt 80 ] +then + systemctl restart nginx +else +exit 1 +fi \ No newline at end of file diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..1255843 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,13 @@ +worker_priority -20; +worker_processes auto; +worker_cpu_affinity auto; +worker_rlimit_nofile 204800; +worker_shutdown_timeout 120s; +error_log /dev/null; + +events { + worker_connections 204800; + multi_accept on; + accept_mutex off; + use epoll; +} \ No newline at end of file diff --git a/nginx.service b/nginx.service new file mode 100644 index 0000000..ef65fd7 --- /dev/null +++ b/nginx.service @@ -0,0 +1,13 @@ +[Unit] +Description=nginx - high performance web server +Documentation=https://nginx.org/en/docs/ +After=wg-quick@wg0.service +Wants=network-online.target +[Service] +Type=forking +PIDFile=/var/run/nginx.pid +ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf +ExecReload=/bin/sh -c "/bin/kill -s HUP $(/bin/cat /var/run/nginx.pid)" +ExecStop=/bin/sh -c "/bin/kill -s TERM $(/bin/cat /var/run/nginx.pid)" +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/tcp.sh b/tcp.sh new file mode 100644 index 0000000..abd9cc2 --- /dev/null +++ b/tcp.sh @@ -0,0 +1,1902 @@ +#!/usr/bin/env bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH +#================================================= +# System Required: CentOS 7/8,Debian/ubuntu,oraclelinux +# Description: BBR+BBRplus+Lotserver +# Version: 100.0.1.25 +# Author: 千影,cx9208,YLX +# 更新内容及反馈: https://blog.ylx.me/archives/783.html +#================================================= + +# RED='\033[0;31m' +# GREEN='\033[0;32m' +# YELLOW='\033[0;33m' +# SKYBLUE='\033[0;36m' +# PLAIN='\033[0m' + +sh_ver="100.0.1.25" +github="raw.githubusercontent.com/ylx2016/Linux-NetSpeed/master" + +imgurl="" +headurl="" +github_network=1 + +Green_font_prefix="\033[32m" +Red_font_prefix="\033[31m" +Font_color_suffix="\033[0m" +Info="${Green_font_prefix}[信息]${Font_color_suffix}" +Error="${Red_font_prefix}[错误]${Font_color_suffix}" +Tip="${Green_font_prefix}[注意]${Font_color_suffix}" + +if [ -f "/etc/sysctl.d/bbr.conf" ]; then + rm -rf /etc/sysctl.d/bbr.conf +fi + +# 检查当前用户是否为 root 用户 +if [ "$EUID" -ne 0 ]; then + echo "请使用 root 用户身份运行此脚本" + exit +fi + +# 检查github网络 +check_github() { + # 检测域名的可访问性函数 + check_domain() { + local domain="$1" + if ! curl --head --silent --fail "$domain" >/dev/null; then + echo -e "${Error}无法访问 $domain,请检查网络或者本地DNS 或者访问频率过快而受限" + github_network=0 + fi + } + + # 检测所有域名的可访问性 + check_domain "https://raw.githubusercontent.com" + check_domain "https://api.github.com" + check_domain "https://github.com" + + if [ "$github_network" -eq 0 ]; then + echo -e "${Error}github网络访问受限,将影响内核的安装以及脚本的检查更新,5秒后继续运行脚本" + sleep 5 + else + # 所有域名均可访问,打印成功提示 + echo "${Green_font_prefix}github可访问${Font_color_suffix},继续执行脚本..." + fi +} + +#检查连接 +checkurl() { + local url="$1" + local maxRetries=3 + local retryDelay=2 + + if [[ -z "$url" ]]; then + echo "错误:缺少URL参数!" + exit 1 + fi + + local retries=0 + local responseCode="" + + while [[ -z "$responseCode" && $retries -lt $maxRetries ]]; do + responseCode=$(curl -s -L -m 10 --connect-timeout 5 -o /dev/null -w "%{http_code}" "$url") + + if [[ -z "$responseCode" ]]; then + ((retries++)) + sleep $retryDelay + fi + done + + if [[ -n "$responseCode" && ("$responseCode" == "200" || "$responseCode" =~ ^3[0-9]{2}$) ]]; then + echo "下载地址检查OK,继续!" + else + echo "下载地址检查出错,退出!" + exit 1 + fi +} + +#cn使用fastgit.org的github加速 +check_cn() { + # 检查是否安装了jq命令,如果没有安装则进行安装 + if ! command -v jq >/dev/null 2>&1; then + if command -v yum >/dev/null 2>&1; then + sudo yum install epel-release -y + sudo yum install -y jq + elif command -v apt-get >/dev/null 2>&1; then + sudo apt-get update + sudo apt-get install -y jq + else + echo "无法安装jq命令。请手动安装jq后再试。" + exit 1 + fi + fi + + # 获取当前IP地址,设置超时为3秒 + current_ip=$(curl -s --max-time 3 https://api.ipify.org) + + # 使用ip-api.com查询IP所在国家,设置超时为3秒 + response=$(curl -s --max-time 3 "http://ip-api.com/json/$current_ip") + + # 检查国家是否为中国 + country=$(echo "$response" | jq -r '.countryCode') + if [[ "$country" == "CN" ]]; then + echo "https://endpoint.fastgit.org/$1" + else + echo "$1" + fi +} + +#下载 +download_file() { + url="$1" + filename="$2" + + wget -N "$url" -O "$filename" + status=$? + + if [ $status -eq 0 ]; then + echo -e "\e[32m文件下载成功或已经是最新。\e[0m" + else + echo -e "\e[31m文件下载失败,退出状态码: $status\e[0m" + exit 1 + fi +} + +#檢查賦值 +check_empty() { + local var_value=$1 + + if [[ -z $var_value ]]; then + echo "$var_value 是空值,退出!" + exit 1 + fi +} + +#安装BBR内核 +installbbr() { + kernel_version="5.9.6" + bit=$(uname -m) + rm -rf bbr + mkdir bbr && cd bbr || exit + + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + if [[ ${bit} == "x86_64" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + #github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}' | awk -F '[_]' '{print $3}') + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Centos_Kernel' | grep '_latest_bbr_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}') + check_empty $github_ver + echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=$github_ver + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + #headurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/kernel-headers-${github_ver}-1.x86_64.rpm + #imgurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/kernel-${github_ver}-1.x86_64.rpm + + check_empty $imgurl + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl kernel-headers-c7.rpm + download_file $imgurl kernel-c7.rpm + yum install -y kernel-c7.rpm + yum install -y kernel-headers-c7.rpm + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + + elif [[ "${OS_type}" == "Debian" ]]; then + if [[ ${bit} == "x86_64" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Debian_Kernel' | grep '_latest_bbr_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + check_empty $github_ver + echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=$github_ver + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + #headurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/linux-headers-${github_ver}_${github_ver}-1_amd64.deb + #imgurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/linux-image-${github_ver}_${github_ver}-1_amd64.deb + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl linux-headers-d10.deb + download_file $imgurl linux-image-d10.deb + dpkg -i linux-image-d10.deb + dpkg -i linux-headers-d10.deb + elif [[ ${bit} == "aarch64" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Debian_Kernel' | grep '_arm64_' | grep '_bbr_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=$github_ver + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + #headurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/linux-headers-${github_ver}_${github_ver}-1_amd64.deb + #imgurl=https://github.com/ylx2016/kernel/releases/download/$github_tag/linux-image-${github_ver}_${github_ver}-1_amd64.deb + + check_empty $imgurl + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl linux-headers-d10.deb + download_file $imgurl linux-image-d10.deb + dpkg -i linux-image-d10.deb + dpkg -i linux-headers-d10.deb + else + echo -e "${Error} 不支持x86_64及arm64/aarch64以外的系统 !" && exit 1 + fi + fi + + cd .. && rm -rf bbr + + detele_kernel + BBR_grub + echo -e "${Tip} ${Red_font_prefix}请检查上面是否有内核信息,无内核千万别重启${Font_color_suffix}" + echo -e "${Tip} ${Red_font_prefix}rescue不是正常内核,要排除这个${Font_color_suffix}" + echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBR${Font_color_suffix}" + check_kernel + stty erase '^H' && read -p "需要重启VPS后,才能开启BBR,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi + #echo -e "${Tip} 内核安装完毕,请参考上面的信息检查是否安装成功及手动调整内核启动顺序" +} + +#安装BBRplus内核 4.14.129 +installbbrplus() { + kernel_version="4.14.160-bbrplus" + bit=$(uname -m) + rm -rf bbrplus + mkdir bbrplus && cd bbrplus || exit + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + if [[ ${bit} == "x86_64" ]]; then + kernel_version="4.14.129_bbrplus" + detele_kernel_head + headurl=https://github.com/cx9208/Linux-NetSpeed/raw/master/bbrplus/centos/7/kernel-headers-4.14.129-bbrplus.rpm + imgurl=https://github.com/cx9208/Linux-NetSpeed/raw/master/bbrplus/centos/7/kernel-4.14.129-bbrplus.rpm + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl kernel-headers-c7.rpm + download_file $imgurl kernel-c7.rpm + yum install -y kernel-c7.rpm + yum install -y kernel-headers-c7.rpm + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + + elif [[ "${OS_type}" == "Debian" ]]; then + if [[ ${bit} == "x86_64" ]]; then + kernel_version="4.14.129-bbrplus" + detele_kernel_head + headurl=https://github.com/cx9208/Linux-NetSpeed/raw/master/bbrplus/debian-ubuntu/x64/linux-headers-4.14.129-bbrplus.deb + imgurl=https://github.com/cx9208/Linux-NetSpeed/raw/master/bbrplus/debian-ubuntu/x64/linux-image-4.14.129-bbrplus.deb + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + wget -N -O linux-headers.deb $headurl + wget -N -O linux-image.deb $imgurl + + dpkg -i linux-image.deb + dpkg -i linux-headers.deb + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + + cd .. && rm -rf bbrplus + detele_kernel + BBR_grub + echo -e "${Tip} ${Red_font_prefix}请检查上面是否有内核信息,无内核千万别重启${Font_color_suffix}" + echo -e "${Tip} ${Red_font_prefix}rescue不是正常内核,要排除这个${Font_color_suffix}" + echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBRplus${Font_color_suffix}" + check_kernel + stty erase '^H' && read -p "需要重启VPS后,才能开启BBRplus,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi + #echo -e "${Tip} 内核安装完毕,请参考上面的信息检查是否安装成功及手动调整内核启动顺序" +} + +#安装Lotserver内核 +installlot() { + bit=$(uname -m) + if [[ ${bit} != "x86_64" ]]; then + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + if [[ ${bit} == "x86_64" ]]; then + bit='x64' + fi + if [[ ${bit} == "i386" ]]; then + bit='x32' + fi + if [[ "${OS_type}" == "CentOS" ]]; then + rpm --import http://${github}/lotserver/${release}/RPM-GPG-KEY-elrepo.org + yum remove -y kernel-firmware + yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-firmware-${kernel_version}.rpm + yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-${kernel_version}.rpm + yum remove -y kernel-headers + yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-headers-${kernel_version}.rpm + yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-devel-${kernel_version}.rpm + fi + + if [[ "${OS_type}" == "Debian" ]]; then + deb_issue="$(cat /etc/issue)" + deb_relese="$(echo $deb_issue | grep -io 'Ubuntu\|Debian' | sed -r 's/(.*)/\L\1/')" + os_ver="$(dpkg --print-architecture)" + [ -n "$os_ver" ] || exit 1 + if [ "$deb_relese" == 'ubuntu' ]; then + deb_ver="$(echo $deb_issue | grep -o '[0-9]*\.[0-9]*' | head -n1)" + if [ "$deb_ver" == "14.04" ]; then + kernel_version="3.16.0-77-generic" && item="3.16.0-77-generic" && ver='trusty' + elif [ "$deb_ver" == "16.04" ]; then + kernel_version="4.8.0-36-generic" && item="4.8.0-36-generic" && ver='xenial' + elif [ "$deb_ver" == "18.04" ]; then + kernel_version="4.15.0-30-generic" && item="4.15.0-30-generic" && ver='bionic' + else + exit 1 + fi + url='archive.ubuntu.com' + urls='security.ubuntu.com' + elif [ "$deb_relese" == 'debian' ]; then + deb_ver="$(echo $deb_issue | grep -o '[0-9]*' | head -n1)" + if [ "$deb_ver" == "7" ]; then + kernel_version="3.2.0-4-${os_ver}" && item="3.2.0-4-${os_ver}" && ver='wheezy' && url='archive.debian.org' && urls='archive.debian.org' + elif [ "$deb_ver" == "8" ]; then + kernel_version="3.16.0-4-${os_ver}" && item="3.16.0-4-${os_ver}" && ver='jessie' && url='archive.debian.org' && urls='archive.debian.org' + elif [ "$deb_ver" == "9" ]; then + kernel_version="4.9.0-4-${os_ver}" && item="4.9.0-4-${os_ver}" && ver='stretch' && url='archive.debian.org' && urls='archive.debian.org' + else + exit 1 + fi + fi + [ -n "$item" ] && [ -n "$urls" ] && [ -n "$url" ] && [ -n "$ver" ] || exit 1 + if [ "$deb_relese" == 'ubuntu' ]; then + echo "deb http://${url}/${deb_relese} ${ver} main restricted universe multiverse" >/etc/apt/sources.list + echo "deb http://${url}/${deb_relese} ${ver}-updates main restricted universe multiverse" >>/etc/apt/sources.list + echo "deb http://${url}/${deb_relese} ${ver}-backports main restricted universe multiverse" >>/etc/apt/sources.list + echo "deb http://${urls}/${deb_relese} ${ver}-security main restricted universe multiverse" >>/etc/apt/sources.list + + apt-get update || apt-get --allow-releaseinfo-change update + apt-get install --no-install-recommends -y linux-image-${item} + elif [ "$deb_relese" == 'debian' ]; then + echo "deb http://${url}/${deb_relese} ${ver} main" >/etc/apt/sources.list + echo "deb-src http://${url}/${deb_relese} ${ver} main" >>/etc/apt/sources.list + echo "deb http://${urls}/${deb_relese}-security ${ver}/updates main" >>/etc/apt/sources.list + echo "deb-src http://${urls}/${deb_relese}-security ${ver}/updates main" >>/etc/apt/sources.list + + if [ "$deb_ver" == "8" ]; then + dpkg -l | grep -q 'linux-base' || { + wget --no-check-certificate -qO '/tmp/linux-base_3.5_all.deb' 'http://snapshot.debian.org/archive/debian/20120304T220938Z/pool/main/l/linux-base/linux-base_3.5_all.deb' + dpkg -i '/tmp/linux-base_3.5_all.deb' + } + wget --no-check-certificate -qO '/tmp/linux-image-3.16.0-4-amd64_3.16.43-2+deb8u5_amd64.deb' 'http://snapshot.debian.org/archive/debian/20171008T163152Z/pool/main/l/linux/linux-image-3.16.0-4-amd64_3.16.43-2+deb8u5_amd64.deb' + dpkg -i '/tmp/linux-image-3.16.0-4-amd64_3.16.43-2+deb8u5_amd64.deb' + + if [ $? -ne 0 ]; then + exit 1 + fi + elif [ "$deb_ver" == "9" ]; then + dpkg -l | grep -q 'linux-base' || { + wget --no-check-certificate -qO '/tmp/linux-base_4.5_all.deb' 'http://snapshot.debian.org/archive/debian/20160917T042239Z/pool/main/l/linux-base/linux-base_4.5_all.deb' + dpkg -i '/tmp/linux-base_4.5_all.deb' + } + wget --no-check-certificate -qO '/tmp/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb' 'http://snapshot.debian.org/archive/debian/20171224T175424Z/pool/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb' + dpkg -i '/tmp/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb' + ##备选 + #https://sys.if.ci/download/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #http://mirror.cs.uchicago.edu/debian-security/pool/updates/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #https://debian.sipwise.com/debian-security/pool/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #http://srv24.dsidata.sk/security.debian.org/pool/updates/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #https://pubmirror.plutex.de/debian-security/pool/updates/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #https://packages.mendix.com/debian/pool/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3_amd64.deb + #http://snapshot.debian.org/archive/debian/20171224T175424Z/pool/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3+deb9u1_amd64.deb + #http://snapshot.debian.org/archive/debian/20171231T180144Z/pool/main/l/linux/linux-image-4.9.0-4-amd64_4.9.65-3_amd64.deb + if [ $? -ne 0 ]; then + exit 1 + fi + else + exit 1 + fi + fi + apt-get autoremove -y + [ -d '/var/lib/apt/lists' ] && find /var/lib/apt/lists -type f -delete + fi + + detele_kernel + BBR_grub + echo -e "${Tip} ${Red_font_prefix}请检查上面是否有内核信息,无内核千万别重启${Font_color_suffix}" + echo -e "${Tip} ${Red_font_prefix}rescue不是正常内核,要排除这个${Font_color_suffix}" + echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}Lotserver${Font_color_suffix}" + check_kernel + stty erase '^H' && read -p "需要重启VPS后,才能开启Lotserver,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi + #echo -e "${Tip} 内核安装完毕,请参考上面的信息检查是否安装成功及手动调整内核启动顺序" +} + +#安装xanmod内核 from xanmod.org +installxanmod() { + kernel_version="5.5.1-xanmod1" + bit=$(uname -m) + if [[ ${bit} != "x86_64" ]]; then + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + rm -rf xanmod + mkdir xanmod && cd xanmod || exit + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + if [[ ${bit} == "x86_64" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Centos_Kernel' | grep '_lts_latest_' | grep 'xanmod' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}') + echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=$github_ver + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl kernel-headers-c7.rpm + download_file $imgurl kernel-c7.rpm + yum install -y kernel-c7.rpm + yum install -y kernel-headers-c7.rpm + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + elif [[ ${version} == "8" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Centos_Kernel' | grep '_lts_C8_latest_' | grep 'xanmod' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}') + echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=$github_ver + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + wget -N -O kernel-headers-c8.rpm $headurl + wget -N -O kernel-c8.rpm $imgurl + yum install -y kernel-c8.rpm + yum install -y kernel-headers-c8.rpm + fi + + elif [[ "${OS_type}" == "Debian" ]]; then + + if [[ ${bit} == "x86_64" ]]; then + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Debian_Kernel' | grep '_lts_latest_' | grep 'xanmod' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}') + + check_empty $github_ver + echo -e "获取的xanmod lts版本号为:${github_ver}" + + kernel_version=$github_ver + + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep -v 'headers' | grep -v 'devel' | awk -F '"' '{print $4}') + + check_empty $imgurl + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl linux-headers-d10.deb + download_file $imgurl linux-image-d10.deb + dpkg -i linux-image-d10.deb + dpkg -i linux-headers-d10.deb + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + + cd .. && rm -rf xanmod + detele_kernel + BBR_grub + echo -e "${Tip} ${Red_font_prefix}请检查上面是否有内核信息,无内核千万别重启${Font_color_suffix}" + echo -e "${Tip} ${Red_font_prefix}rescue不是正常内核,要排除这个${Font_color_suffix}" + echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBR${Font_color_suffix}" + check_kernel + stty erase '^H' && read -p "需要重启VPS后,才能开启BBR,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi + #echo -e "${Tip} 内核安装完毕,请参考上面的信息检查是否安装成功及手动调整内核启动顺序" +} + +#安装bbr2内核 集成到xanmod内核了 +#安装bbrplus 新内核 +#2021.3.15 开始由https://github.com/UJX6N/bbrplus-5.19 替换bbrplusnew +#2021.4.12 地址更新为https://github.com/ylx2016/kernel/releases +#2021.9.2 再次改为https://github.com/UJX6N/bbrplus +#2022.9.6 改为https://github.com/UJX6N/bbrplus-5.19 +#2022.11.24 改为https://github.com/UJX6N/bbrplus-6.x_stable + +installbbrplusnew() { + github_ver_plus=$(curl -s https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases | grep /bbrplus-6.x_stable/releases/tag/ | head -1 | awk -F "[/]" '{print $8}' | awk -F "[\"]" '{print $1}') + github_ver_plus_num=$(curl -s https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases | grep /bbrplus-6.x_stable/releases/tag/ | head -1 | awk -F "[/]" '{print $8}' | awk -F "[\"]" '{print $1}' | awk -F "[-]" '{print $1}') + echo -e "获取的UJX6N的bbrplus-6.x_stable版本号为:${Green_font_prefix}${github_ver_plus}${Font_color_suffix}" + echo -e "如果下载地址出错,可能当前正在更新,超过半天还是出错请反馈,大陆自行解决污染问题" + echo -e "${Green_font_prefix}安装失败这边反馈,内核问题给UJX6N反馈${Font_color_suffix}" + # kernel_version=$github_ver_plus + + bit=$(uname -m) + #if [[ ${bit} != "x86_64" ]]; then + # echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + #fi + rm -rf bbrplusnew + mkdir bbrplusnew && cd bbrplusnew || exit + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + if [[ ${bit} == "x86_64" ]]; then + #github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Centos_Kernel' | grep '_latest_bbrplus_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + #github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + #echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=${github_ver_plus_num}-bbrplus + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'rpm' | grep 'headers' | grep 'el7' | awk -F '"' '{print $4}' | grep 'http') + imgurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'rpm' | grep -v 'devel' | grep -v 'headers' | grep -v 'Source' | grep 'el7' | awk -F '"' '{print $4}' | grep 'http') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + wget -N -O kernel-c7.rpm $headurl + wget -N -O kernel-headers-c7.rpm $imgurl + yum install -y kernel-c7.rpm + yum install -y kernel-headers-c7.rpm + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + if [[ ${version} == "8" ]]; then + if [[ ${bit} == "x86_64" ]]; then + #github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Centos_Kernel' | grep '_latest_bbrplus_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + #github_ver=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'rpm' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + #echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=${github_ver_plus_num}-bbrplus + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'rpm' | grep 'headers' | grep 'el8.x86_64' | grep 'https' | awk -F '"' '{print $4}' | grep 'http') + imgurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'rpm' | grep -v 'devel' | grep -v 'headers' | grep -v 'Source' | grep 'el8.x86_64' | grep 'https' | awk -F '"' '{print $4}' | grep 'http') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + wget -N -O kernel-c8.rpm $headurl + wget -N -O kernel-headers-c8.rpm $imgurl + yum install -y kernel-c8.rpm + yum install -y kernel-headers-c8.rpm + else + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + fi + elif [[ "${OS_type}" == "Debian" ]]; then + if [[ ${bit} == "x86_64" ]]; then + #github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Ubuntu_Kernel' | grep '_latest_bbrplus_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + #github_ver=$(curl -s 'http s://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + #echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=${github_ver_plus_num}-bbrplus + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'https' | grep 'amd64.deb' | grep 'headers' | awk -F '"' '{print $4}' | grep 'http') + imgurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'https' | grep 'amd64.deb' | grep 'image' | awk -F '"' '{print $4}' | grep 'http') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl linux-headers-d10.deb + download_file $imgurl linux-image-d10.deb + dpkg -i linux-image-d10.deb + dpkg -i linux-headers-d10.deb + elif [[ ${bit} == "aarch64" ]]; then + #github_tag=$(curl -s 'https://api.github.com/repos/ylx2016/kernel/releases' | grep 'Ubuntu_Kernel' | grep '_latest_bbrplus_' | head -n 1 | awk -F '"' '{print $4}' | awk -F '[/]' '{print $8}') + #github_ver=$(curl -s 'http s://api.github.com/repos/ylx2016/kernel/releases' | grep ${github_tag} | grep 'deb' | grep 'headers' | awk -F '"' '{print $4}' | awk -F '[/]' '{print $9}' | awk -F '[-]' '{print $3}' | awk -F '[_]' '{print $1}') + #echo -e "获取的版本号为:${Green_font_prefix}${github_ver}${Font_color_suffix}" + kernel_version=${github_ver_plus_num}-bbrplus + detele_kernel_head + headurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'https' | grep 'arm64.deb' | grep 'headers' | awk -F '"' '{print $4}') + imgurl=$(curl -s 'https://api.github.com/repos/UJX6N/bbrplus-6.x_stable/releases' | grep ${github_ver_plus} | grep 'https' | grep 'arm64.deb' | grep 'image' | awk -F '"' '{print $4}') + + headurl=$(check_cn $headurl) + imgurl=$(check_cn $imgurl) + + download_file $headurl linux-headers-d10.deb + download_file $imgurl linux-image-d10.deb + dpkg -i linux-image-d10.deb + dpkg -i linux-headers-d10.deb + else + echo -e "${Error} 不支持x86_64及arm64/aarch64以外的系统 !" && exit 1 + fi + fi + + cd .. && rm -rf bbrplusnew + detele_kernel + BBR_grub + echo -e "${Tip} ${Red_font_prefix}请检查上面是否有内核信息,无内核千万别重启${Font_color_suffix}" + echo -e "${Tip} ${Red_font_prefix}rescue不是正常内核,要排除这个${Font_color_suffix}" + echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBRplus${Font_color_suffix}" + check_kernel + stty erase '^H' && read -p "需要重启VPS后,才能开启BBRplus,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi + #echo -e "${Tip} 内核安装完毕,请参考上面的信息检查是否安装成功及手动调整内核启动顺序" + +} + +#启用BBR+fq +startbbrfq() { + remove_bbr_lotserver + echo "net.core.default_qdisc=fq" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR+FQ修改成功,重启生效!" +} + +#启用BBR+fq_pie +startbbrfqpie() { + remove_bbr_lotserver + echo "net.core.default_qdisc=fq_pie" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR+FQ_PIE修改成功,重启生效!" +} + +#启用BBR+cake +startbbrcake() { + remove_bbr_lotserver + echo "net.core.default_qdisc=cake" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR+cake修改成功,重启生效!" +} + +#启用BBRplus +startbbrplus() { + remove_bbr_lotserver + echo "net.core.default_qdisc=fq" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbrplus" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBRplus修改成功,重启生效!" +} + +#启用Lotserver +startlotserver() { + remove_bbr_lotserver + if [[ "${OS_type}" == "CentOS" ]]; then + yum install ethtool -y + else + apt-get update || apt-get --allow-releaseinfo-change update + apt-get install ethtool -y + fi + #bash <(wget -qO- https://git.io/lotServerInstall.sh) install + #echo | bash <(wget --no-check-certificate -qO- https://raw.githubusercontent.com/1265578519/lotServer/main/lotServerInstall.sh) install + # echo | bash <(wget --no-check-certificate -qO- https://raw.githubusercontent.com/fei5seven/lotServer/master/lotServerInstall.sh) install + echo | bash <(wget --no-check-certificate -qO- https://raw.githubusercontent.com/wxlost/lotServer/master/lotServerInstall.sh) install + sed -i '/advinacc/d' /appex/etc/config + sed -i '/maxmode/d' /appex/etc/config + echo -e "advinacc=\"1\" +maxmode=\"1\"" >>/appex/etc/config + /appex/bin/lotServer.sh restart + start_menu +} + +#启用BBR2+FQ +startbbr2fq() { + remove_bbr_lotserver + echo "net.core.default_qdisc=fq" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr2" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR2修改成功,重启生效!" +} + +#启用BBR2+FQ_PIE +startbbr2fqpie() { + remove_bbr_lotserver + echo "net.core.default_qdisc=fq_pie" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr2" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR2修改成功,重启生效!" +} + +#启用BBR2+CAKE +startbbr2cake() { + remove_bbr_lotserver + echo "net.core.default_qdisc=cake" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr2" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}BBR2修改成功,重启生效!" +} + +#开启ecn +startecn() { + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.conf + + echo "net.ipv4.tcp_ecn=1" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}开启ecn结束!" +} + +#关闭ecn +closeecn() { + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.conf + + echo "net.ipv4.tcp_ecn=0" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}关闭ecn结束!" +} + +#卸载bbr+锐速 +remove_bbr_lotserver() { + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.default_qdisc/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.conf + sed -i '/net.core.default_qdisc/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.conf + sysctl --system + + rm -rf bbrmod + + if [[ -e /appex/bin/lotServer.sh ]]; then + echo | bash <(wget -qO- https://raw.githubusercontent.com/fei5seven/lotServer/master/lotServerInstall.sh) uninstall + fi + clear + # echo -e "${Info}:清除bbr/lotserver加速完成。" + # sleep 1s +} + +#卸载全部加速 +remove_all() { + rm -rf /etc/sysctl.d/*.conf + #rm -rf /etc/sysctl.conf + #touch /etc/sysctl.conf + if [ ! -f "/etc/sysctl.conf" ]; then + touch /etc/sysctl.conf + else + cat /dev/null >/etc/sysctl.conf + fi + sysctl --system + sed -i '/DefaultTimeoutStartSec/d' /etc/systemd/system.conf + sed -i '/DefaultTimeoutStopSec/d' /etc/systemd/system.conf + sed -i '/DefaultRestartSec/d' /etc/systemd/system.conf + sed -i '/DefaultLimitCORE/d' /etc/systemd/system.conf + sed -i '/DefaultLimitNOFILE/d' /etc/systemd/system.conf + sed -i '/DefaultLimitNPROC/d' /etc/systemd/system.conf + + sed -i '/soft nofile/d' /etc/security/limits.conf + sed -i '/hard nofile/d' /etc/security/limits.conf + sed -i '/soft nproc/d' /etc/security/limits.conf + sed -i '/hard nproc/d' /etc/security/limits.conf + + sed -i '/ulimit -SHn/d' /etc/profile + sed -i '/ulimit -SHn/d' /etc/profile + sed -i '/required pam_limits.so/d' /etc/pam.d/common-session + + systemctl daemon-reload + + rm -rf bbrmod + sed -i '/net.ipv4.tcp_retries2/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_slow_start_after_idle/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_fastopen/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.conf + sed -i '/net.core.default_qdisc/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.conf + sed -i '/fs.file-max/d' /etc/sysctl.conf + sed -i '/net.core.rmem_max/d' /etc/sysctl.conf + sed -i '/net.core.wmem_max/d' /etc/sysctl.conf + sed -i '/net.core.rmem_default/d' /etc/sysctl.conf + sed -i '/net.core.wmem_default/d' /etc/sysctl.conf + sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.conf + sed -i '/net.core.somaxconn/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_tw_recycle/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_keepalive_time/d' /etc/sysctl.conf + sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_rmem/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_wmem/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_mtu_probing/d' /etc/sysctl.conf + sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.conf + sed -i '/fs.inotify.max_user_instances/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf + sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf + sed -i '/net.ipv4.route.gc_timeout/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_syn_retries/d' /etc/sysctl.conf + sed -i '/net.core.somaxconn/d' /etc/sysctl.conf + sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_timestamps/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_orphans/d' /etc/sysctl.conf + if [[ -e /appex/bin/lotServer.sh ]]; then + bash <(wget -qO- https://raw.githubusercontent.com/fei5seven/lotServer/master/lotServerInstall.sh) uninstall + fi + clear + echo -e "${Info}:清除加速完成。" + sleep 1s +} + +#优化系统配置 +optimizing_system() { + if [ ! -f "/etc/sysctl.conf" ]; then + touch /etc/sysctl.conf + fi + sed -i '/net.ipv4.tcp_retries2/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_slow_start_after_idle/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_fastopen/d' /etc/sysctl.conf + sed -i '/fs.file-max/d' /etc/sysctl.conf + sed -i '/fs.inotify.max_user_instances/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf + sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf + sed -i '/net.ipv4.route.gc_timeout/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_syn_retries/d' /etc/sysctl.conf + sed -i '/net.core.somaxconn/d' /etc/sysctl.conf + sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_timestamps/d' /etc/sysctl.conf + sed -i '/net.ipv4.tcp_max_orphans/d' /etc/sysctl.conf + sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.conf + + echo "net.ipv4.tcp_retries2 = 8 +net.ipv4.tcp_slow_start_after_idle = 0 +fs.file-max = 1000000 +fs.inotify.max_user_instances = 8192 +net.ipv4.tcp_syncookies = 1 +net.ipv4.tcp_fin_timeout = 30 +net.ipv4.tcp_tw_reuse = 1 +net.ipv4.ip_local_port_range = 1024 65000 +net.ipv4.tcp_max_syn_backlog = 16384 +net.ipv4.tcp_max_tw_buckets = 6000 +net.ipv4.route.gc_timeout = 100 +net.ipv4.tcp_syn_retries = 1 +net.ipv4.tcp_synack_retries = 1 +net.core.somaxconn = 32768 +net.core.netdev_max_backlog = 32768 +net.ipv4.tcp_timestamps = 0 +net.ipv4.tcp_max_orphans = 32768 +# forward ipv4 +#net.ipv4.ip_forward = 1" >>/etc/sysctl.conf + sysctl -p + echo "* soft nofile 1000000 +* hard nofile 1000000" >/etc/security/limits.conf + echo "ulimit -SHn 1000000" >>/etc/profile + read -p "需要重启VPS后,才能生效系统优化配置,是否现在重启 ? [Y/n] :" yn + [ -z "${yn}" ] && yn="y" + if [[ $yn == [Yy] ]]; then + echo -e "${Info} VPS 重启中..." + reboot + fi +} + +optimizing_system_johnrosen1() { + if [ ! -f "/etc/sysctl.d/99-sysctl.conf" ]; then + touch /etc/sysctl.d/99-sysctl.conf + fi + sed -i '/net.ipv4.tcp_fack/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_early_retrans/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.neigh.default.unres_qlen/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_max_orphans/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_buckets/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/kernel.pid_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/vm.nr_hugepages/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.optmem_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.route_localnet/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.forwarding/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.forwarding/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.forwarding/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.forwarding/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.lo.forwarding/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.accept_ra/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.accept_ra/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.netdev_budget/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.netdev_budget_usecs/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/fs.file-max /d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.rmem_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.wmem_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.rmem_default/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.wmem_default/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.somaxconn/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.icmp_echo_ignore_all/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.icmp_echo_ignore_broadcasts/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.icmp_ignore_bogus_error_responses/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.accept_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.accept_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.secure_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.secure_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.send_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.send_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.rp_filter/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.rp_filter/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_keepalive_time/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_keepalive_intvl/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_keepalive_probes/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_rfc1337/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_timestamps/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_fastopen/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_rmem/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_wmem/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.udp_rmem_min/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.udp_wmem_min/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_mtu_probing/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.arp_ignore /d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.arp_ignore/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.all.arp_announce/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.conf.default.arp_announce/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_autocorking/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_slow_start_after_idle/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.core.default_qdisc/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_notsent_lowat/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_no_metrics_save/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_ecn/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_ecn_fallback/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_frto/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.accept_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.accept_redirects/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/vm.swappiness/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.ip_unprivileged_port_start/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/vm.overcommit_memory/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.neigh.default.gc_thresh3/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.neigh.default.gc_thresh2/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.neigh.default.gc_thresh1/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.neigh.default.gc_thresh3/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.neigh.default.gc_thresh2/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.neigh.default.gc_thresh1/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.nf_conntrack_max/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_tcp_timeout_fin_wait/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_tcp_timeout_time_wait/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_tcp_timeout_close_wait/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.netfilter.nf_conntrack_tcp_timeout_established/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/fs.inotify.max_user_instances/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/fs.inotify.max_user_watches/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_low_latency/d' /etc/sysctl.d/99-sysctl.conf + + cat >'/etc/sysctl.d/99-sysctl.conf' </sys/kernel/mm/transparent_hugepage/enabled + + cat >'/etc/systemd/system.conf' <'/etc/security/limits.conf' <>/etc/profile + + if grep -q "pam_limits.so" /etc/pam.d/common-session; then + : + else + sed -i '/required pam_limits.so/d' /etc/pam.d/common-session + echo "session required pam_limits.so" >>/etc/pam.d/common-session + fi + systemctl daemon-reload + echo -e "${Info}优化方案2应用结束,可能需要重启!" +} + +optimizing_ddcc() { + sed -i '/net.ipv4.conf.all.rp_filter/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.d/99-sysctl.conf + + echo "net.ipv4.conf.all.rp_filter = 1" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_syncookies = 1" >>/etc/sysctl.d/99-sysctl.conf + echo "net.ipv4.tcp_max_syn_backlog = 1024" >>/etc/sysctl.d/99-sysctl.conf + sysctl -p + sysctl --system +} + +#更新脚本 +Update_Shell() { + local shell_file + shell_file="$(readlink -f "$0")" + local shell_url="https://raw.githubusercontent.com/ylx2016/Linux-NetSpeed/master/tcp.sh" + + # 下载最新版本的脚本 + wget -O "/tmp/tcp.sh" "$shell_url" &>/dev/null + + # 比较本地和远程脚本的 md5 值 + local md5_local + local md5_remote + md5_local="$(md5sum "$shell_file" | awk '{print $1}')" + md5_remote="$(md5sum /tmp/tcp.sh | awk '{print $1}')" + + if [ "$md5_local" != "$md5_remote" ]; then + # 替换本地脚本文件 + cp "/tmp/tcp.sh" "$shell_file" + chmod +x "$shell_file" + + echo "脚本已更新,请重新运行。" + exit 0 + else + echo "脚本是最新版本,无需更新。" + fi +} + +#切换到不卸载内核版本 +gototcpx() { + clear + wget -O tcpx.sh "https://github.com/ylx2016/Linux-NetSpeed/raw/master/tcpx.sh" && chmod +x tcpx.sh && ./tcpx.sh +} + +#切换到秋水逸冰BBR安装脚本 +gototeddysun_bbr() { + clear + wget https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh +} + +#切换到一键DD安装系统脚本 新手勿入 +gotodd() { + clear + echo DD使用git.beta.gs的脚本,知悉 + sleep 1.5 + wget -O NewReinstall.sh https://github.com/fcurrk/reinstall/raw/master/NewReinstall.sh && chmod a+x NewReinstall.sh && bash NewReinstall.sh + #wget -qO ~/Network-Reinstall-System-Modify.sh 'https://github.com/ylx2016/reinstall/raw/master/Network-Reinstall-System-Modify.sh' && chmod a+x ~/Network-Reinstall-System-Modify.sh && bash ~/Network-Reinstall-System-Modify.sh -UI_Options +} + +#禁用IPv6 +closeipv6() { + clear + sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.conf + + echo "net.ipv6.conf.all.disable_ipv6 = 1 +net.ipv6.conf.default.disable_ipv6 = 1 +net.ipv6.conf.lo.disable_ipv6 = 1" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}禁用IPv6结束,可能需要重启!" +} + +#开启IPv6 +openipv6() { + clear + sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.d/99-sysctl.conf + sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.all.accept_ra/d' /etc/sysctl.conf + sed -i '/net.ipv6.conf.default.accept_ra/d' /etc/sysctl.conf + + echo "net.ipv6.conf.all.disable_ipv6 = 0 +net.ipv6.conf.default.disable_ipv6 = 0 +net.ipv6.conf.lo.disable_ipv6 = 0 +net.ipv6.conf.all.accept_ra = 2 +net.ipv6.conf.default.accept_ra = 2" >>/etc/sysctl.d/99-sysctl.conf + sysctl --system + echo -e "${Info}开启IPv6结束,可能需要重启!" +} + +#开始菜单 +start_menu() { + clear + echo && echo -e " TCP加速 一键安装管理脚本 ${Red_font_prefix}[v${sh_ver}]${Font_color_suffix} from blog.ylx.me 母鸡慎用 + ${Green_font_prefix}0.${Font_color_suffix} 升级脚本 + ${Green_font_prefix}9.${Font_color_suffix} 切换到不卸载内核版本 ${Green_font_prefix}10.${Font_color_suffix} 切换到一键DD系统脚本 + ${Green_font_prefix}1.${Font_color_suffix} 安装 BBR原版内核 + ${Green_font_prefix}2.${Font_color_suffix} 安装 BBRplus版内核 ${Green_font_prefix}5.${Font_color_suffix} 安装 BBRplus新版内核 + ${Green_font_prefix}3.${Font_color_suffix} 安装 Lotserver(锐速)内核 + ${Green_font_prefix}11.${Font_color_suffix} 使用BBR+FQ加速 ${Green_font_prefix}12.${Font_color_suffix} 使用BBR+FQ_PIE加速 + ${Green_font_prefix}13.${Font_color_suffix} 使用BBR+CAKE加速 + ${Green_font_prefix}14.${Font_color_suffix} 使用BBR2+FQ加速 ${Green_font_prefix}15.${Font_color_suffix} 使用BBR2+FQ_PIE加速 + ${Green_font_prefix}16.${Font_color_suffix} 使用BBR2+CAKE加速 + ${Green_font_prefix}17.${Font_color_suffix} 开启ECN ${Green_font_prefix}18.${Font_color_suffix} 关闭ECN + ${Green_font_prefix}19.${Font_color_suffix} 使用BBRplus+FQ版加速 + ${Green_font_prefix}20.${Font_color_suffix} 使用Lotserver(锐速)加速 + ${Green_font_prefix}21.${Font_color_suffix} 系统配置优化 ${Green_font_prefix}22.${Font_color_suffix} 应用优化方案2 + ${Green_font_prefix}23.${Font_color_suffix} 禁用IPv6 ${Green_font_prefix}24.${Font_color_suffix} 开启IPv6 + ${Green_font_prefix}25.${Font_color_suffix} 卸载全部加速 ${Green_font_prefix}99.${Font_color_suffix} 退出脚本 +————————————————————————————————————————————————————————————————" && + check_status + get_system_info + echo -e " 系统信息: ${Font_color_suffix}$opsy ${Green_font_prefix}$virtual${Font_color_suffix} $arch ${Green_font_prefix}$kern${Font_color_suffix} " + if [[ ${kernel_status} == "noinstall" ]]; then + echo -e " 当前状态: ${Green_font_prefix}未安装${Font_color_suffix} 加速内核 ${Red_font_prefix}请先安装内核${Font_color_suffix}" + else + echo -e " 当前状态: ${Green_font_prefix}已安装${Font_color_suffix} ${Red_font_prefix}${kernel_status}${Font_color_suffix} 加速内核 , ${Green_font_prefix}${run_status}${Font_color_suffix}" + + fi + echo -e " 当前拥塞控制算法为: ${Green_font_prefix}${net_congestion_control}${Font_color_suffix} 当前队列算法为: ${Green_font_prefix}${net_qdisc}${Font_color_suffix} " + + read -p " 请输入数字 :" num + case "$num" in + 0) + Update_Shell + ;; + 1) + check_sys_bbr + ;; + 2) + check_sys_bbrplus + ;; + 3) + check_sys_Lotsever + ;; + 5) + check_sys_bbrplusnew + ;; + 9) + gototcpx + ;; + 10) + gotodd + ;; + 11) + startbbrfq + ;; + 12) + startbbrfqpie + ;; + 13) + startbbrcake + ;; + 14) + startbbr2fq + ;; + 15) + startbbr2fqpie + ;; + 16) + startbbr2cake + ;; + 17) + startecn + ;; + 18) + closeecn + ;; + 19) + startbbrplus + ;; + 20) + startlotserver + ;; + 21) + optimizing_system + ;; + 22) + optimizing_system_johnrosen1 + ;; + 23) + closeipv6 + ;; + 24) + openipv6 + ;; + 25) + remove_all + ;; + 26) + optimizing_ddcc + ;; + 99) + exit 1 + ;; + *) + clear + echo -e "${Error}:请输入正确数字 [0-99]" + sleep 5s + start_menu + ;; + esac +} +#############内核管理组件############# + +#删除多余内核 +detele_kernel() { + if [[ "${OS_type}" == "CentOS" ]]; then + rpm_total=$(rpm -qa | grep kernel | grep -v "${kernel_version}" | grep -v "noarch" | wc -l) + if [ "${rpm_total}" ] >"1"; then + echo -e "检测到 ${rpm_total} 个其余内核,开始卸载..." + for ((integer = 1; integer <= ${rpm_total}; integer++)); do + rpm_del=$(rpm -qa | grep kernel | grep -v "${kernel_version}" | grep -v "noarch" | head -${integer}) + echo -e "开始卸载 ${rpm_del} 内核..." + rpm --nodeps -e ${rpm_del} + echo -e "卸载 ${rpm_del} 内核卸载完成,继续..." + done + echo --nodeps -e "内核卸载完毕,继续..." + else + echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + deb_total=$(dpkg -l | grep linux-image | awk '{print $2}' | grep -v "${kernel_version}" | wc -l) + if [ "${deb_total}" ] >"1"; then + echo -e "检测到 ${deb_total} 个其余内核,开始卸载..." + for ((integer = 1; integer <= ${deb_total}; integer++)); do + deb_del=$(dpkg -l | grep linux-image | awk '{print $2}' | grep -v "${kernel_version}" | head -${integer}) + echo -e "开始卸载 ${deb_del} 内核..." + apt-get purge -y ${deb_del} + apt-get autoremove -y + echo -e "卸载 ${deb_del} 内核卸载完成,继续..." + done + echo -e "内核卸载完毕,继续..." + else + echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1 + fi + fi +} + +detele_kernel_head() { + if [[ "${OS_type}" == "CentOS" ]]; then + rpm_total=$(rpm -qa | grep kernel-headers | grep -v "${kernel_version}" | grep -v "noarch" | wc -l) + if [ "${rpm_total}" ] >"1"; then + echo -e "检测到 ${rpm_total} 个其余head内核,开始卸载..." + for ((integer = 1; integer <= ${rpm_total}; integer++)); do + rpm_del=$(rpm -qa | grep kernel-headers | grep -v "${kernel_version}" | grep -v "noarch" | head -${integer}) + echo -e "开始卸载 ${rpm_del} headers内核..." + rpm --nodeps -e ${rpm_del} + echo -e "卸载 ${rpm_del} 内核卸载完成,继续..." + done + echo --nodeps -e "内核卸载完毕,继续..." + else + echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + deb_total=$(dpkg -l | grep linux-headers | awk '{print $2}' | grep -v "${kernel_version}" | wc -l) + if [ "${deb_total}" ] >"1"; then + echo -e "检测到 ${deb_total} 个其余head内核,开始卸载..." + for ((integer = 1; integer <= ${deb_total}; integer++)); do + deb_del=$(dpkg -l | grep linux-headers | awk '{print $2}' | grep -v "${kernel_version}" | head -${integer}) + echo -e "开始卸载 ${deb_del} headers内核..." + apt-get purge -y ${deb_del} + apt-get autoremove -y + echo -e "卸载 ${deb_del} 内核卸载完成,继续..." + done + echo -e "内核卸载完毕,继续..." + else + echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1 + fi + fi +} + +#更新引导 +BBR_grub() { + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "6" ]]; then + if [ -f "/boot/grub/grub.conf" ]; then + sed -i 's/^default=.*/default=0/g' /boot/grub/grub.conf + elif [ -f "/boot/grub/grub.cfg" ]; then + grub-mkconfig -o /boot/grub/grub.cfg + grub-set-default 0 + elif [ -f "/boot/efi/EFI/centos/grub.cfg" ]; then + grub-mkconfig -o /boot/efi/EFI/centos/grub.cfg + grub-set-default 0 + elif [ -f "/boot/efi/EFI/redhat/grub.cfg" ]; then + grub-mkconfig -o /boot/efi/EFI/redhat/grub.cfg + grub-set-default 0 + else + echo -e "${Error} grub.conf/grub.cfg 找不到,请检查." + exit + fi + elif [[ ${version} == "7" ]]; then + if [ -f "/boot/grub2/grub.cfg" ]; then + grub2-mkconfig -o /boot/grub2/grub.cfg + grub2-set-default 0 + elif [ -f "/boot/efi/EFI/centos/grub.cfg" ]; then + grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg + grub2-set-default 0 + elif [ -f "/boot/efi/EFI/redhat/grub.cfg" ]; then + grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg + grub2-set-default 0 + else + echo -e "${Error} grub.cfg 找不到,请检查." + exit + fi + elif [[ ${version} == "8" ]]; then + if [ -f "/boot/grub2/grub.cfg" ]; then + grub2-mkconfig -o /boot/grub2/grub.cfg + grub2-set-default 0 + elif [ -f "/boot/efi/EFI/centos/grub.cfg" ]; then + grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg + grub2-set-default 0 + elif [ -f "/boot/efi/EFI/redhat/grub.cfg" ]; then + grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg + grub2-set-default 0 + else + echo -e "${Error} grub.cfg 找不到,请检查." + exit + fi + grubby --info=ALL | awk -F= '$1=="kernel" {print i++ " : " $2}' + fi + elif [[ "${OS_type}" == "Debian" ]]; then + if _exists "update-grub"; then + update-grub + elif [ -f "/usr/sbin/update-grub" ]; then + /usr/sbin/update-grub + else + apt install grub2-common -y + update-grub + fi + #exit 1 + fi +} + +#简单的检查内核 +check_kernel() { + if [[ -z "$(find /boot -type f -name 'vmlinuz-*' ! -name 'vmlinuz-*rescue*')" ]]; then + echo -e "\033[0;31m警告: 未发现内核文件,请勿重启系统,不卸载内核版本选择30安装默认内核救急!\033[0m" + else + echo -e "\033[0;32m发现内核文件,看起来可以重启。\033[0m" + fi +} + +#############内核管理组件############# + +#############系统检测组件############# + +#检查系统 +check_sys() { + if [[ -f /etc/redhat-release ]]; then + release="centos" + elif grep -qi "debian" /etc/issue; then + release="debian" + elif grep -qi "ubuntu" /etc/issue; then + release="ubuntu" + elif grep -qi -E "centos|red hat|redhat" /etc/issue || grep -qi -E "centos|red hat|redhat" /proc/version; then + release="centos" + fi + + if [[ -f /etc/debian_version ]]; then + OS_type="Debian" + echo "检测为Debian通用系统,判断有误请反馈" + elif [[ -f /etc/redhat-release || -f /etc/centos-release || -f /etc/fedora-release ]]; then + OS_type="CentOS" + echo "检测为CentOS通用系统,判断有误请反馈" + else + echo "Unknown" + fi + + #from https://github.com/oooldking + + _exists() { + local cmd="$1" + if eval type type >/dev/null 2>&1; then + eval type "$cmd" >/dev/null 2>&1 + elif command >/dev/null 2>&1; then + command -v "$cmd" >/dev/null 2>&1 + else + which "$cmd" >/dev/null 2>&1 + fi + local rt=$? + return ${rt} + } + + get_opsy() { + if [ -f /etc/os-release ]; then + awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release + elif [ -f /etc/lsb-release ]; then + awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release + elif [ -f /etc/system-release ]; then + cat /etc/system-release | awk '{print $1,$2}' + fi + } + + get_system_info() { + opsy=$(get_opsy) + arch=$(uname -m) + kern=$(uname -r) + virt_check + } + # from LemonBench + virt_check() { + if [ -f "/usr/bin/systemd-detect-virt" ]; then + Var_VirtType="$(/usr/bin/systemd-detect-virt)" + # 虚拟机检测 + if [ "${Var_VirtType}" = "qemu" ]; then + virtual="QEMU" + elif [ "${Var_VirtType}" = "kvm" ]; then + virtual="KVM" + elif [ "${Var_VirtType}" = "zvm" ]; then + virtual="S390 Z/VM" + elif [ "${Var_VirtType}" = "vmware" ]; then + virtual="VMware" + elif [ "${Var_VirtType}" = "microsoft" ]; then + virtual="Microsoft Hyper-V" + elif [ "${Var_VirtType}" = "xen" ]; then + virtual="Xen Hypervisor" + elif [ "${Var_VirtType}" = "bochs" ]; then + virtual="BOCHS" + elif [ "${Var_VirtType}" = "uml" ]; then + virtual="User-mode Linux" + elif [ "${Var_VirtType}" = "parallels" ]; then + virtual="Parallels" + elif [ "${Var_VirtType}" = "bhyve" ]; then + virtual="FreeBSD Hypervisor" + # 容器虚拟化检测 + elif [ "${Var_VirtType}" = "openvz" ]; then + virtual="OpenVZ" + elif [ "${Var_VirtType}" = "lxc" ]; then + virtual="LXC" + elif [ "${Var_VirtType}" = "lxc-libvirt" ]; then + virtual="LXC (libvirt)" + elif [ "${Var_VirtType}" = "systemd-nspawn" ]; then + virtual="Systemd nspawn" + elif [ "${Var_VirtType}" = "docker" ]; then + virtual="Docker" + elif [ "${Var_VirtType}" = "rkt" ]; then + virtual="RKT" + # 特殊处理 + elif [ -c "/dev/lxss" ]; then # 处理WSL虚拟化 + Var_VirtType="wsl" + virtual="Windows Subsystem for Linux (WSL)" + # 未匹配到任何结果, 或者非虚拟机 + elif [ "${Var_VirtType}" = "none" ]; then + Var_VirtType="dedicated" + virtual="None" + local Var_BIOSVendor + Var_BIOSVendor="$(dmidecode -s bios-vendor)" + if [ "${Var_BIOSVendor}" = "SeaBIOS" ]; then + Var_VirtType="Unknown" + virtual="Unknown with SeaBIOS BIOS" + else + Var_VirtType="dedicated" + virtual="Dedicated with ${Var_BIOSVendor} BIOS" + fi + fi + elif [ ! -f "/usr/sbin/virt-what" ]; then + Var_VirtType="Unknown" + virtual="[Error: virt-what not found !]" + elif [ -f "/.dockerenv" ]; then # 处理Docker虚拟化 + Var_VirtType="docker" + virtual="Docker" + elif [ -c "/dev/lxss" ]; then # 处理WSL虚拟化 + Var_VirtType="wsl" + virtual="Windows Subsystem for Linux (WSL)" + else # 正常判断流程 + Var_VirtType="$(virt-what | xargs)" + local Var_VirtTypeCount + Var_VirtTypeCount="$(echo $Var_VirtTypeCount | wc -l)" + if [ "${Var_VirtTypeCount}" -gt "1" ]; then # 处理嵌套虚拟化 + virtual="echo ${Var_VirtType}" + Var_VirtType="$(echo ${Var_VirtType} | head -n1)" # 使用检测到的第一种虚拟化继续做判断 + elif [ "${Var_VirtTypeCount}" -eq "1" ] && [ "${Var_VirtType}" != "" ]; then # 只有一种虚拟化 + virtual="${Var_VirtType}" + else + local Var_BIOSVendor + Var_BIOSVendor="$(dmidecode -s bios-vendor)" + if [ "${Var_BIOSVendor}" = "SeaBIOS" ]; then + Var_VirtType="Unknown" + virtual="Unknown with SeaBIOS BIOS" + else + Var_VirtType="dedicated" + virtual="Dedicated with ${Var_BIOSVendor} BIOS" + fi + fi + fi + } + + #检查依赖 + if [[ "${OS_type}" == "CentOS" ]]; then + # 检查是否安装了 ca-certificates 包,如果未安装则安装 + if ! rpm -q ca-certificates >/dev/null; then + echo '正在安装 ca-certificates 包...' + yum install ca-certificates -y + update-ca-trust force-enable + fi + echo 'CA证书检查OK' + + # 检查并安装 curl、wget 和 dmidecode 包 + for pkg in curl wget dmidecode redhat-lsb-core; do + if ! type $pkg >/dev/null 2>&1; then + echo "未安装 $pkg,正在安装..." + yum install $pkg -y + else + echo "$pkg 已安装。" + fi + done + + if [ -x "$(command -v lsb_release)" ]; then + echo "lsb_release 已安装" + else + echo "lsb_release 未安装,现在开始安装..." + yum install epel-release -y + yum install redhat-lsb-core -y + fi + + elif [[ "${OS_type}" == "Debian" ]]; then + # 检查是否安装了 ca-certificates 包,如果未安装则安装 + if ! dpkg-query -W ca-certificates >/dev/null; then + echo '正在安装 ca-certificates 包...' + apt-get update || apt-get --allow-releaseinfo-change update && apt-get install ca-certificates -y + update-ca-certificates + fi + echo 'CA证书检查OK' + + # 检查并安装 curl、wget 和 dmidecode 包 + for pkg in curl wget dmidecode; do + if ! type $pkg >/dev/null 2>&1; then + echo "未安装 $pkg,正在安装..." + apt-get update || apt-get --allow-releaseinfo-change update && apt-get install $pkg -y + else + echo "$pkg 已安装。" + fi + done + + if [ -x "$(command -v lsb_release)" ]; then + echo "lsb_release 已安装" + else + echo "lsb_release 未安装,现在开始安装..." + apt-get install lsb-release -y + fi + + else + echo "不支持的操作系统发行版:${release}" + exit 1 + fi +} + +#检查Linux版本 +check_version() { + if [[ -s /etc/redhat-release ]]; then + version=$(grep -oE "[0-9.]+" /etc/redhat-release | cut -d . -f 1) + else + version=$(grep -oE "[0-9.]+" /etc/issue | cut -d . -f 1) + fi + bit=$(uname -m) + check_github +} + +#检查安装bbr的系统要求 +check_sys_bbr() { + check_version + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + installbbr + else + echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + apt-get --fix-broken install -y && apt-get autoremove -y + installbbr + else + echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi +} + +check_sys_bbrplus() { + check_version + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" ]]; then + installbbrplus + else + echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + apt-get --fix-broken install -y && apt-get autoremove -y + installbbrplus + else + echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi +} + +check_sys_bbrplusnew() { + check_version + if [[ "${OS_type}" == "CentOS" ]]; then + #if [[ ${version} == "7" ]]; then + if [[ ${version} == "7" || ${version} == "8" ]]; then + installbbrplusnew + else + echo -e "${Error} BBRplusNew内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + apt-get --fix-broken install -y && apt-get autoremove -y + installbbrplusnew + else + echo -e "${Error} BBRplusNew内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi +} + +check_sys_xanmod() { + check_version + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "7" || ${version} == "8" ]]; then + installxanmod + else + echo -e "${Error} xanmod内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${OS_type}" == "Debian" ]]; then + apt-get --fix-broken install -y && apt-get autoremove -y + installxanmod + else + echo -e "${Error} xanmod内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi +} + +#检查安装Lotsever的系统要求 +check_sys_Lotsever() { + check_version + bit=$(uname -m) + if [[ ${bit} != "x86_64" ]]; then + echo -e "${Error} 不支持x86_64以外的系统 !" && exit 1 + fi + if [[ "${OS_type}" == "CentOS" ]]; then + if [[ ${version} == "6" ]]; then + kernel_version="2.6.32-504" + installlot + elif [[ ${version} == "7" ]]; then + yum -y install net-tools + kernel_version="4.11.2-1" + installlot + else + echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${release}" == "debian" ]]; then + if [[ ${version} == "7" || ${version} == "8" ]]; then + if [[ ${bit} == "x86_64" ]]; then + kernel_version="3.16.0-4" + installlot + elif [[ ${bit} == "i386" ]]; then + kernel_version="3.2.0-4" + installlot + fi + elif [[ ${version} == "9" ]]; then + if [[ ${bit} == "x86_64" ]]; then + kernel_version="4.9.0-4" + installlot + fi + else + echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + elif [[ "${release}" == "ubuntu" ]]; then + if [[ ${version} -ge "12" ]]; then + if [[ ${bit} == "x86_64" ]]; then + kernel_version="4.4.0-47" + installlot + elif [[ ${bit} == "i386" ]]; then + kernel_version="3.13.0-29" + installlot + fi + else + echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi + else + echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1 + fi +} + +#检查系统当前状态 +check_status() { + kernel_version=$(uname -r | awk -F "-" '{print $1}') + kernel_version_full=$(uname -r) + net_congestion_control=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + net_qdisc=$(cat /proc/sys/net/core/default_qdisc | awk '{print $1}') + if [[ ${kernel_version_full} == *bbrplus* ]]; then + kernel_status="BBRplus" + elif [[ ${kernel_version_full} == *4.9.0-4* || ${kernel_version_full} == *4.15.0-30* || ${kernel_version_full} == *4.8.0-36* || ${kernel_version_full} == *3.16.0-77* || ${kernel_version_full} == *3.16.0-4* || ${kernel_version_full} == *3.2.0-4* || ${kernel_version_full} == *4.11.2-1* || ${kernel_version_full} == *2.6.32-504* || ${kernel_version_full} == *4.4.0-47* || ${kernel_version_full} == *3.13.0-29 || ${kernel_version_full} == *4.4.0-47* ]]; then + kernel_status="Lotserver" + elif [[ $(echo ${kernel_version} | awk -F'.' '{print $1}') == "4" ]] && [[ $(echo ${kernel_version} | awk -F'.' '{print $2}') -ge 9 ]] || [[ $(echo ${kernel_version} | awk -F'.' '{print $1}') == "5" ]] || [[ $(echo ${kernel_version} | awk -F'.' '{print $1}') == "6" ]]; then + kernel_status="BBR" + else + kernel_status="noinstall" + fi + + if [[ ${kernel_status} == "BBR" ]]; then + run_status=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + if [[ ${run_status} == "bbr" ]]; then + run_status=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + if [[ ${run_status} == "bbr" ]]; then + run_status="BBR启动成功" + else + run_status="BBR启动失败" + fi + elif [[ ${run_status} == "bbr2" ]]; then + run_status=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + if [[ ${run_status} == "bbr2" ]]; then + run_status="BBR2启动成功" + else + run_status="BBR2启动失败" + fi + elif [[ ${run_status} == "tsunami" ]]; then + run_status=$(lsmod | grep "tsunami" | awk '{print $1}') + if [[ ${run_status} == "tcp_tsunami" ]]; then + run_status="BBR魔改版启动成功" + else + run_status="BBR魔改版启动失败" + fi + elif [[ ${run_status} == "nanqinlang" ]]; then + run_status=$(lsmod | grep "nanqinlang" | awk '{print $1}') + if [[ ${run_status} == "tcp_nanqinlang" ]]; then + run_status="暴力BBR魔改版启动成功" + else + run_status="暴力BBR魔改版启动失败" + fi + else + run_status="未安装加速模块" + fi + + elif [[ ${kernel_status} == "Lotserver" ]]; then + if [[ -e /appex/bin/lotServer.sh ]]; then + run_status=$(bash /appex/bin/lotServer.sh status | grep "LotServer" | awk '{print $3}') + if [[ ${run_status} == "running!" ]]; then + run_status="启动成功" + else + run_status="启动失败" + fi + else + run_status="未安装加速模块" + fi + elif [[ ${kernel_status} == "BBRplus" ]]; then + run_status=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + if [[ ${run_status} == "bbrplus" ]]; then + run_status=$(cat /proc/sys/net/ipv4/tcp_congestion_control | awk '{print $1}') + if [[ ${run_status} == "bbrplus" ]]; then + run_status="BBRplus启动成功" + else + run_status="BBRplus启动失败" + fi + elif [[ ${run_status} == "bbr" ]]; then + run_status="BBR启动成功" + else + run_status="未安装加速模块" + fi + fi +} + +#############系统检测组件############# +check_sys +check_version +[[ "${OS_type}" == "Debian" ]] && [[ "${OS_type}" == "CentOS" ]] && echo -e "${Error} 本脚本不支持当前系统 ${release} !" && exit 1 +check_github +start_menu diff --git a/tunnel1/client/ca1 (1).crt b/tunnel1/client/ca1 (1).crt new file mode 100644 index 0000000..8430b63 --- /dev/null +++ b/tunnel1/client/ca1 (1).crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEzCCAfugAwIBAgIUBRGBexnWPL/hvRezaOdjdD2Kvs4wDQYJKoZIhvcNAQEL +BQAwGTEXMBUGA1UEAwwOMjIzLjExMy4xMzAuNTEwHhcNMjMxMjAyMTExNDAyWhcN +MzcwODEwMTExNDAyWjAZMRcwFQYDVQQDDA4yMjMuMTEzLjEzMC41MTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2REeBhYpYQLOIwqoTQY+2ojUlvp5tn +4U1yGh3UKwKzULg2+ZpZTYp06hJzeh4UadCC17FF4wuM47pTDTG+beD00ZkvBnt+ +sqAwjRHa8g2rfu8GXga+OEK/GyRYyipQ2c2/nK8jqpATdikW3/nHBwLzKYj8GM9h +GkB/i808UEuetmhYhcuBMpz8/iHpx3CrxKQqAgEPA33wBAcoio721ldKYMo+qKW9 +gB+UtUkbSkL8nQBTsoAJmrNXD5D4GoqBWujyqrYdYcdpKZuwT+i3lgAm8l//dQ/G +9g07HGvhYIl4ITDcSqFr+vSbJLrflIwvvGv7vkgEApxpOTFnHems1iUCAwEAAaNT +MFEwHQYDVR0OBBYEFENtzpA9rsHVdKT1C1GrCdxHTgSQMB8GA1UdIwQYMBaAFENt +zpA9rsHVdKT1C1GrCdxHTgSQMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL +BQADggEBADpFCRuNOgqmZjTNCy2cnuUEU3CIAwP+G1luz13PyrAGBk+SksIDloOB +xxcIFfpkyLkMNFKC7/X5BCe1w39G7Y35TJubaeAES3uXbWDfSAkd1ex+myLSAnKx +pxvR9gfHIAt3S2B9iOQfn/gnGA10vXQ2QsFi2DvweWE5PEMtHW8krm/sGC4bK83F +wAsWATq3vMvqvzfJfaplzmyrSrCSieRCP4NB2ZjDi2ISYLPTaqiE9IFqe7zL9G+J +0NOmrM58aH8/1iO4pREafYsGNWyjG2eBOXwzTopBfebBYPToEhrSHzJMBX8Mz/nm +F3/0S2IYWyshvT+GShMLxUOKSUrUHn8= +-----END CERTIFICATE----- diff --git a/tunnel1/client/nginx.txt b/tunnel1/client/nginx.txt new file mode 100644 index 0000000..e69de29 diff --git a/tunnel1/client/wg0.conf b/tunnel1/client/wg0.conf new file mode 100644 index 0000000..61ae55c --- /dev/null +++ b/tunnel1/client/wg0.conf @@ -0,0 +1,9 @@ +[Interface] +PrivateKey = KBXJNg06K+ZCH9lHlqVVr71TXkmMzRZb3mE2iImnu2A= +Address = 10.10.7.2/32 + +[Peer] +PublicKey = AUeWgJQ+Kx8METeyNE1tVVwmH7yjwxW5ll/E+TkNOUQ= +AllowedIPs = 10.10.7.1 +Endpoint = 223.113.130.51:15791 +PersistentKeepalive = 10 \ No newline at end of file diff --git a/tunnel1/server/ca1.crt b/tunnel1/server/ca1.crt new file mode 100644 index 0000000..d9e24d9 --- /dev/null +++ b/tunnel1/server/ca1.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEzCCAfugAwIBAgIULTwbAO68zpnWEE319k+6EQTzaBswDQYJKoZIhvcNAQEL +BQAwGTEXMBUGA1UEAwwOMTg1LjI0NC4yMDguODQwHhcNMjMxMjE5MTM1NTQ2WhcN +MzcwODI3MTM1NTQ2WjAZMRcwFQYDVQQDDA4xODUuMjQ0LjIwOC44NDCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBANGX3ocFQtorCS0WkoI8JqYRw6i8PJ0F +LhnRC/eSXfBWYFe3wRyPW2D9IDEKS0yoHOPRu5BVzb+G+IduAjkbizhf6hJgC5UF +D6y0OeJJWx1/+UQRmDcdYHCB9xHQTfY1JvN3YpK90XTrohI7HmhsHLoAIVFn1Txi +fylNmgfKqFZDswWylxY6JO8JNyvxgpOuCBHDNFSD/8HfBOKt/BlXqRCWeWKfamKO +n2Zbp+KK59Fk2wPshEgRkVczRGbHMrPpTPQDxqew0+DHX7C5akRpaIeM+JfGD0Uj +Z1gaVjgobibL7PHDzgSdKks0ADy60ZJsY0pSFAQsemGXG6U7Sqheq8kCAwEAAaNT +MFEwHQYDVR0OBBYEFObh6Pgjh0DcCyL9YLHDrSW9RVo0MB8GA1UdIwQYMBaAFObh +6Pgjh0DcCyL9YLHDrSW9RVo0MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL +BQADggEBAE8FKWyUM+xlomqL+KJwqR5gqVShzuFg5sQtT3j6pmGmbq0/bKlcJWhn +Ky6x9jc/1rG9YyhuRFLB7QuNWE5bO0VMnqjaPIjBXl3verUWNhrLgPbxNBULBnZt +BGA//sl0R8JGlt5E5LPq6sE0I/SkHWHpkbldaoubXHJQo/8boe5HN0sXekebru98 +QY7aLGuIla5gEdyh+F6IhYrdU0UBwJLMaYtXJBAY8dJn+2OVml/3auP120r0ly8M +OG7CoY6c2DO28TOIzraIHFcBQxCtyWrCt6xEZrCFckOBeaUi+oNZwSKlA4zhgtlM +vXUnJoaJnv4ZCQ89I3UKNY2ZWCBigqc= +-----END CERTIFICATE----- diff --git a/tunnel1/server/nginx.txt b/tunnel1/server/nginx.txt new file mode 100644 index 0000000..e69de29 diff --git a/tunnel1/server/wg0.conf b/tunnel1/server/wg0.conf new file mode 100644 index 0000000..4d40e81 --- /dev/null +++ b/tunnel1/server/wg0.conf @@ -0,0 +1,8 @@ +[Interface] +Address = 10.10.7.1/32 +ListenPort = 15791 +PrivateKey = 8KHcT9x0ylFVYc49US2cWjQrTMvjrXgYhGEdRMYFiUA= + +[Peer] +PublicKey = ZsCSutmxHTumEBPJaxJiZ7B8yfdSVig2DnEtBYiF7jw= +AllowedIPs = 10.10.7.2 \ No newline at end of file