# mkdir $HOME/.wgcf cd !$ wget git.io/warp.sh && chmod +x warp.sh mv ../wgcf-* . ./warp.sh wgd # ipv4和ipv6都变成wireguard # 有问题就重启一遍 warp.sh retart
Contents
hide
比较 – 之前和之后
git.io/warp.sh 源代码
#!/usr/bin/env bash # # https://github.com/P3TERX/warp.sh # Description: Cloudflare WARP configuration script # System Required: Debian, Ubuntu, CentOS # Version: beta17 # # MIT License # # Copyright (c) 2021 P3TERX <https://p3terx.com> # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # shVersion='beta17' FontColor_Red="\033[31m" FontColor_Red_Bold="\033[1;31m" FontColor_Green="\033[32m" FontColor_Green_Bold="\033[1;32m" FontColor_Yellow="\033[33m" FontColor_Yellow_Bold="\033[1;33m" FontColor_Purple="\033[35m" FontColor_Purple_Bold="\033[1;35m" FontColor_Suffix="\033[0m" log() { local LEVEL="$1" local MSG="$2" case "${LEVEL}" in INFO) local LEVEL="[${FontColor_Green}${LEVEL}${FontColor_Suffix}]" local MSG="${LEVEL} ${MSG}" ;; WARN) local LEVEL="[${FontColor_Yellow}${LEVEL}${FontColor_Suffix}]" local MSG="${LEVEL} ${MSG}" ;; ERROR) local LEVEL="[${FontColor_Red}${LEVEL}${FontColor_Suffix}]" local MSG="${LEVEL} ${MSG}" ;; *) ;; esac echo -e "${MSG}" } if [[ $(uname -s) != Linux ]]; then log ERROR "This operating system is not supported." exit 1 fi if [[ $(id -u) != 0 ]]; then log ERROR "This script must be run as root." exit 1 fi if [[ -z $(command -v curl) ]]; then log ERROR "cURL is not installed." exit 1 fi OS_ID=$(cat /etc/os-release | grep ^ID=) WireGuard_table='51888' WireGuard_fwmark='51888' WireGuard_Interface='wgcf' WireGuardConfPath="/etc/wireguard/${WireGuard_Interface}.conf" WGCF_Profile='wgcf-profile.conf' WGCF_SavePath="${HOME}/.wgcf" WGCF_Profile_Path="${WGCF_SavePath}/${WGCF_Profile}" WGCF_DNS_IPv4='8.8.8.8,8.8.4.4' WGCF_DNS_IPv6='2001:4860:4860::8888,2001:4860:4860::8844' WGCF_DNS_46="${WGCF_DNS_IPv4},${WGCF_DNS_IPv6}" WGCF_DNS_64="${WGCF_DNS_IPv6},${WGCF_DNS_IPv4}" WGCF_Endpoint_IP4='162.159.192.1' WGCF_Endpoint_IP6='2606:4700:d0::a29f:c001' WGCF_Endpoint_IPv4="${WGCF_Endpoint_IP4}:2408" WGCF_Endpoint_IPv6="[${WGCF_Endpoint_IP6}]:2408" WGCF_Endpoint_Domain='engage.cloudflareclient.com:2408' WGCF_AllowedIPs_IPv4='0.0.0.0/0' WGCF_AllowedIPs_IPv6='::/0' WGCF_AllowedIPs_DualStack='0.0.0.0/0,::/0' TestIPv4_1='8.8.8.8' TestIPv4_2='9.9.9.9' TestIPv6_1='2001:4860:4860::8888' TestIPv6_2='2620:fe::fe' CF_Trace_URL='https://www.cloudflare.com/cdn-cgi/trace' Install_Requirements_Debian() { if [[ ! $(command -v lsb_release) ]]; then apt update apt install lsb-release -y fi if [[ ! $(command -v gpg) ]]; then apt update apt install gnupg -y fi if [[ ! $(apt list 2>/dev/null | grep apt-transport-https | grep installed) ]]; then apt update apt install apt-transport-https -y fi } Instal_WARP_Client_Debian() { Install_Requirements_Debian curl https://pkg.cloudflareclient.com/pubkey.gpg | apt-key add - echo "deb http://pkg.cloudflareclient.com/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/cloudflare-client.list apt update apt install cloudflare-warp -y } Instal_WARP_Client_Ubuntu() { Install_Requirements_Debian curl https://pkg.cloudflareclient.com/pubkey.gpg | apt-key add - #echo "deb http://pkg.cloudflareclient.com/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/cloudflare-client.list echo "deb http://pkg.cloudflareclient.com/ focal main" | tee /etc/apt/sources.list.d/cloudflare-client.list apt update apt install cloudflare-warp -y } Instal_WARP_Client_CentOS() { CentOS_Version=$(cat /etc/redhat-release | sed -r 's/.* ([0-9]+)\..*/\1/') rpm -ivh http://pkg.cloudflareclient.com/cloudflare-release-el${CentOS_Version}.rpm if [[ $? = 0 ]]; then yum install cloudflare-warp -y else log ERROR "This operating system is not supported." exit 1 fi } Check_WARP_Client() { WARP_Client_Status=$(systemctl is-active warp-svc) WARP_Client_SelfStart=$(systemctl is-enabled warp-svc 2>/dev/null) } Instal_WARP_Client() { log INFO "Installing Cloudflare WARP Client..." case ${OS_ID} in *debian*) Instal_WARP_Client_Debian ;; *ubuntu*) Instal_WARP_Client_Ubuntu ;; *centos* | *rhel*) Instal_WARP_Client_CentOS ;; *) log ERROR "This operating system is not supported." exit 1 ;; esac Check_WARP_Client if [[ ${WARP_Client_Status} = active ]]; then log INFO "Cloudflare WARP Client installed successfully!" else log ERROR "warp-svc failure to run!" journalctl -u warp-svc --no-pager exit 1 fi } Uninstall_WARP_Client() { log INFO "Uninstalling Cloudflare WARP Client..." case ${OS_ID} in *debian* | *ubuntu*) apt purge cloudflare-warp -y ;; *centos* | *rhel*) yum remove cloudflare-warp -y ;; *) log ERROR "This operating system is not supported." exit 1 ;; esac } Restart_WARP_Client() { log INFO "Restarting Cloudflare WARP Client..." systemctl restart warp-svc Check_WARP_Client if [[ ${WARP_Client_Status} = active ]]; then log INFO "Cloudflare WARP Client has been restarted." else log ERROR "Cloudflare WARP Client failure to run!" journalctl -u warp-svc --no-pager exit 1 fi } Init_WARP_Client() { Check_WARP_Client if [[ ${WARP_Client_SelfStart} != enabled || ${WARP_Client_Status} != active ]]; then Instal_WARP_Client fi yes | warp-cli if [[ $(warp-cli account) = MissingRegistration ]]; then log INFO "Cloudflare WARP Account Registration in progress..." warp-cli register fi } Connect_WARP() { log INFO "Connecting to WARP..." warp-cli connect log INFO "Enable WARP Always-On..." warp-cli enable-always-on } Disconnect_WARP() { log INFO "Disable WARP Always-On..." warp-cli disable-always-on log INFO "Disconnect from WARP..." warp-cli disconnect } Set_WARP_Mode_Proxy() { log INFO "Setting up WARP Proxy Mode..." warp-cli set-mode proxy } Enable_WARP_Client_Proxy() { Init_WARP_Client Set_WARP_Mode_Proxy Connect_WARP Print_WARP_Client_Status } Get_WARP_Proxy_Port() { WARP_Proxy_Port='40000' } Print_Delimiter() { printf '=%.0s' $(seq $(tput cols)) echo } Install_wgcf() { curl -fsSL git.io/wgcf.sh | bash } Uninstall_wgcf() { rm -f /usr/local/bin/wgcf } Register_WARP_Account() { while [[ ! -f wgcf-account.toml ]]; do Install_wgcf log INFO "Cloudflare WARP Account registration in progress..." yes | wgcf register sleep 5 done } Generate_WGCF_Profile() { while [[ ! -f ${WGCF_Profile} ]]; do Register_WARP_Account log INFO "WARP WireGuard profile (wgcf-profile.conf) generation in progress..." wgcf generate done } Backup_WGCF_Profile() { mkdir -p ${WGCF_SavePath} mv -f wgcf* ${WGCF_SavePath} } Read_WGCF_Profile() { WGCF_PrivateKey=$(cat ${WGCF_Profile_Path} | grep ^PrivateKey | cut -d= -f2- | awk '$1=$1') WGCF_Address=$(cat ${WGCF_Profile_Path} | grep ^Address | cut -d= -f2- | awk '$1=$1' | sed ":a;N;s/\n/,/g;ta") WGCF_PublicKey=$(cat ${WGCF_Profile_Path} | grep ^PublicKey | cut -d= -f2- | awk '$1=$1') WGCF_Address_IPv4=$(echo ${WGCF_Address} | cut -d, -f1 | cut -d'/' -f1) WGCF_Address_IPv6=$(echo ${WGCF_Address} | cut -d, -f2 | cut -d'/' -f1) } Load_WGCF_Profile() { if [[ -f ${WGCF_Profile} ]]; then Backup_WGCF_Profile Read_WGCF_Profile elif [[ -f ${WGCF_Profile_Path} ]]; then Read_WGCF_Profile else Generate_WGCF_Profile Backup_WGCF_Profile Read_WGCF_Profile fi } Install_WireGuardTools_Debian() { if [[ ! $(command -v lsb_release) ]]; then apt update apt install lsb-release -y fi DebianVer=$(lsb_release -sr | cut -d. -f1) case ${DebianVer} in 10) if [[ -z $(grep "^deb.*buster-backports.*main" /etc/apt/sources.list{,.d/*}) ]]; then echo "deb http://deb.debian.org/debian buster-backports main" | tee /etc/apt/sources.list.d/backports.list fi ;; 9) if [[ -z $(grep "^deb.*unstable.*main" /etc/apt/sources.list{,.d/*}) ]]; then echo "deb http://deb.debian.org/debian/ unstable main" | tee /etc/apt/sources.list.d/unstable.list echo -e "Package: *\nPin: release a=unstable\nPin-Priority: 150\n" | tee /etc/apt/preferences.d/limit-unstable fi ;; *) if [[ ${DebianVer} -lt 9 ]]; then log ERROR "This operating system is not supported." exit 1 fi ;; esac apt update apt install iproute2 openresolv -y apt install wireguard-tools --no-install-recommends -y } Install_WireGuardTools_Ubuntu() { apt update apt install iproute2 openresolv -y apt install wireguard-tools --no-install-recommends -y } Install_WireGuardTools_CentOS() { yum install epel-release -y yum install iproute wireguard-tools -y } Install_WireGuardTools_Fedora() { dnf install iproute openresolv wireguard-tools -y chmod +x /usr/sbin/resolvconf.openresolv } Install_WireGuardTools_Arch() { pacman -Sy iproute2 openresolv wireguard-tools --noconfirm } Install_WireGuardTools() { log INFO "Installing wireguard-tools..." case ${OS_ID} in *debian*) Install_WireGuardTools_Debian ;; *ubuntu*) Install_WireGuardTools_Ubuntu ;; *centos* | *rhel*) Install_WireGuardTools_CentOS ;; *fedora*) Install_WireGuardTools_Fedora ;; *arch*) Install_WireGuardTools_Arch ;; *) log ERROR "This operating system is not supported." exit 1 ;; esac } Install_WireGuardGo() { KernelVer1=$(uname -r | awk -F . '{print $1}') KernelVer2=$(uname -r | awk -F . '{print $2}') if [[ ${KernelVer1} -lt 5 || ${KernelVer2} -lt 6 ]]; then curl -fsSL git.io/wireguard-go.sh | bash fi } Check_WireGuard() { WireGuard_Status=$(systemctl is-active wg-quick@${WireGuard_Interface}) WireGuard_SelfStart=$(systemctl is-enabled wg-quick@${WireGuard_Interface} 2>/dev/null) } Install_WireGuard() { Check_WireGuard if [[ ${WireGuard_SelfStart} != enabled || ${WireGuard_Status} != active ]]; then Install_WireGuardTools Install_WireGuardGo fi } Start_WireGuard() { Check_WARP_Client log INFO "Starting WireGuard..." if [[ ${WARP_Client_Status} = active ]]; then systemctl stop warp-svc systemctl enable wg-quick@${WireGuard_Interface} --now systemctl start warp-svc else systemctl enable wg-quick@${WireGuard_Interface} --now fi Check_WireGuard if [[ ${WireGuard_Status} = active ]]; then log INFO "WireGuard is running." else log ERROR "WireGuard failure to run!" journalctl -u wg-quick@${WireGuard_Interface} --no-pager exit 1 fi } Restart_WireGuard() { Check_WARP_Client log INFO "Restarting WireGuard..." if [[ ${WARP_Client_Status} = active ]]; then systemctl stop warp-svc systemctl restart wg-quick@${WireGuard_Interface} systemctl start warp-svc else systemctl restart wg-quick@${WireGuard_Interface} fi Check_WireGuard if [[ ${WireGuard_Status} = active ]]; then log INFO "WireGuard has been restarted." else log ERROR "WireGuard failure to run!" journalctl -u wg-quick@${WireGuard_Interface} --no-pager exit 1 fi } Enable_IPv6_Support() { if [[ $(sysctl -a | grep 'disable_ipv6.*=.*1') || $(cat /etc/sysctl.{conf,d/*} | grep 'disable_ipv6.*=.*1') ]]; then sed -i '/disable_ipv6/d' /etc/sysctl.{conf,d/*} echo 'net.ipv6.conf.all.disable_ipv6 = 0' >/etc/sysctl.d/ipv6.conf sysctl -w net.ipv6.conf.all.disable_ipv6=0 fi } Enable_WireGuard() { Enable_IPv6_Support Check_WireGuard if [[ ${WireGuard_SelfStart} = enabled ]]; then Restart_WireGuard else Start_WireGuard fi } Stop_WireGuard() { Check_WARP_Client if [[ ${WireGuard_Status} = active ]]; then log INFO "Stoping WireGuard..." if [[ ${WARP_Client_Status} = active ]]; then systemctl stop warp-svc systemctl stop wg-quick@${WireGuard_Interface} systemctl start warp-svc else systemctl stop wg-quick@${WireGuard_Interface} fi Check_WireGuard if [[ ${WireGuard_Status} != active ]]; then log INFO "WireGuard has been stopped." else log ERROR "WireGuard stop failure!" fi else log INFO "WireGuard is stopped." fi } Disable_WireGuard() { Check_WARP_Client Check_WireGuard if [[ ${WireGuard_SelfStart} = enabled || ${WireGuard_Status} = active ]]; then log INFO "Disabling WireGuard..." if [[ ${WARP_Client_Status} = active ]]; then systemctl stop warp-svc systemctl disable wg-quick@${WireGuard_Interface} --now systemctl start warp-svc else systemctl disable wg-quick@${WireGuard_Interface} --now fi Check_WireGuard if [[ ${WireGuard_SelfStart} != enabled && ${WireGuard_Status} != active ]]; then log INFO "Wireguard has been disabled." else log ERROR "WireGuard disable failure!" fi else log INFO "WireGuard is disabled." fi } Print_WireGuard_Log() { journalctl -u wg-quick@${WireGuard_Interface} -f } Check_Network_Status_IPv4() { if ping -c1 -W1 ${TestIPv4_1} >/dev/null 2>&1 || ping -c1 -W1 ${TestIPv4_2} >/dev/null 2>&1; then IPv4Status='on' else IPv4Status='off' fi } Check_Network_Status_IPv6() { if ping6 -c1 -W1 ${TestIPv6_1} >/dev/null 2>&1 || ping6 -c1 -W1 ${TestIPv6_2} >/dev/null 2>&1; then IPv6Status='on' else IPv6Status='off' fi } Check_Network_Status() { Disable_WireGuard Check_Network_Status_IPv4 Check_Network_Status_IPv6 } Check_IPv4_addr() { IPv4_addr=$( ip route get ${TestIPv4_1} 2>/dev/null | grep -oP 'src \K\S+' || ip route get ${TestIPv4_2} 2>/dev/null | grep -oP 'src \K\S+' ) } Check_IPv6_addr() { IPv6_addr=$( ip route get ${TestIPv6_1} 2>/dev/null | grep -oP 'src \K\S+' || ip route get ${TestIPv6_2} 2>/dev/null | grep -oP 'src \K\S+' ) } Get_IP_addr() { Check_Network_Status if [[ ${IPv4Status} = on ]]; then log INFO "Checking IPv4 Address..." Check_IPv4_addr if [[ ${IPv4_addr} ]]; then log INFO "IPv4 Address: ${FontColor_Purple}${IPv4_addr}${FontColor_Suffix}" else log WARN "IPv4 Address not obtained." fi fi if [[ ${IPv6Status} = on ]]; then log INFO "Checking IPv6 Address..." Check_IPv6_addr if [[ ${IPv6_addr} ]]; then log INFO "IPv6 Address: ${FontColor_Purple}${IPv6_addr}${FontColor_Suffix}" else log WARN "IPv6 Address not obtained." fi fi } Get_IPv4_addr() { log INFO "正在检测 IPv4 地址..." Check_IPv4_addr if [[ -z ${IPv4_addr} ]]; then log ERROR "IPv4 地址自动检测失败!" Input_IPv4_addr else log INFO "检测到 IPv4 地址:${FontColor_Purple}${IPv4_addr}${FontColor_Suffix}" unset answer_YN read -p "是否需要修改?[y/N] " answer_YN case ${answer_YN:-n} in Y | y) Input_IPv4_addr ;; N | n) echo ;; *) log ERROR "无效输入!" Get_IPv4_addr ;; esac fi } Get_IPv6_addr() { log INFO "正在检测 IPv6 地址..." Check_IPv6_addr if [[ -z ${IPv6_addr} ]]; then log ERROR "IPv6 地址自动检测失败!" Input_IPv6_addr else log INFO "检测到 IPv6 地址:${FontColor_Purple}${IPv6_addr}${FontColor_Suffix}" unset answer_YN read -p "是否需要修改?[y/N] " answer_YN case ${answer_YN:-n} in Y | y) Input_IPv6_addr ;; N | n) echo ;; *) log ERROR "无效输入!" Get_IPv6_addr ;; esac fi } Input_IPv4_addr() { read -p "请输入 IPv4 地址:" IPv4_addr if [[ -z ${IPv4_addr} ]]; then log ERROR "无效输入!" Get_IPv4_addr fi } Input_IPv6_addr() { read -p "请输入 IPv6 地址:" IPv6_addr if [[ -z ${IPv6_addr} ]]; then log ERROR "无效输入!" Get_IPv6_addr fi } Generate_WireGuardProfile_Interface() { log INFO "WireGuard profile (${WireGuardConfPath}) generation in progress..." cat <<EOF >${WireGuardConfPath} [Interface] PrivateKey = ${WGCF_PrivateKey} Address = ${WGCF_Address} DNS = ${WGCF_DNS} MTU = 1280 EOF } Generate_WireGuardProfile_Interface_Rule_TableOff() { cat <<EOF >>${WireGuardConfPath} Table = off EOF } Generate_WireGuardProfile_Interface_Rule_IPv4_nonGlobal() { cat <<EOF >>${WireGuardConfPath} PostUP = ip -4 route add default dev ${WireGuard_Interface} table ${WireGuard_table} PostUP = ip -4 rule add from ${WGCF_Address_IPv4} lookup ${WireGuard_table} PostDown = ip -4 rule delete from ${WGCF_Address_IPv4} lookup ${WireGuard_table} PostUP = ip -4 rule add fwmark ${WireGuard_fwmark} lookup ${WireGuard_table} PostDown = ip -4 rule delete fwmark ${WireGuard_fwmark} lookup ${WireGuard_table} PostUP = ip -4 rule add table main suppress_prefixlength 0 PostDown = ip -4 rule delete table main suppress_prefixlength 0 EOF } Generate_WireGuardProfile_Interface_Rule_IPv6_nonGlobal() { cat <<EOF >>${WireGuardConfPath} PostUP = ip -6 route add default dev ${WireGuard_Interface} table ${WireGuard_table} PostUP = ip -6 rule add from ${WGCF_Address_IPv6} lookup ${WireGuard_table} PostDown = ip -6 rule delete from ${WGCF_Address_IPv6} lookup ${WireGuard_table} PostUP = ip -6 rule add fwmark ${WireGuard_fwmark} lookup ${WireGuard_table} PostDown = ip -6 rule delete fwmark ${WireGuard_fwmark} lookup ${WireGuard_table} PostUP = ip -6 rule add table main suppress_prefixlength 0 PostDown = ip -6 rule delete table main suppress_prefixlength 0 EOF } Generate_WireGuardProfile_Interface_Rule_DualStack_nonGlobal() { Generate_WireGuardProfile_Interface_Rule_TableOff Generate_WireGuardProfile_Interface_Rule_IPv4_nonGlobal Generate_WireGuardProfile_Interface_Rule_IPv6_nonGlobal } Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP() { cat <<EOF >>${WireGuardConfPath} PostUp = ip -4 rule add from ${IPv4_addr} lookup main prio 18 PostDown = ip -4 rule delete from ${IPv4_addr} lookup main prio 18 EOF } Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP() { cat <<EOF >>${WireGuardConfPath} PostUp = ip -6 rule add from ${IPv6_addr} lookup main prio 18 PostDown = ip -6 rule delete from ${IPv6_addr} lookup main prio 18 EOF } Generate_WireGuardProfile_Peer() { cat <<EOF >>${WireGuardConfPath} [Peer] PublicKey = ${WGCF_PublicKey} AllowedIPs = ${WGCF_AllowedIPs} Endpoint = ${WGCF_Endpoint} EOF } Check_WARP_Client_Status() { Check_WARP_Client case ${WARP_Client_Status} in active) WARP_Client_Status_en="${FontColor_Green}Running${FontColor_Suffix}" WARP_Client_Status_zh="${FontColor_Green}运行中${FontColor_Suffix}" ;; *) WARP_Client_Status_en="${FontColor_Red}Stopped${FontColor_Suffix}" WARP_Client_Status_zh="${FontColor_Red}未运行${FontColor_Suffix}" ;; esac } Check_WARP_Proxy_Status() { Check_WARP_Client if [[ ${WARP_Client_Status} = active ]]; then Get_WARP_Proxy_Port WARP_Proxy_Status=$(curl -sx "socks5h://127.0.0.1:${WARP_Proxy_Port}" ${CF_Trace_URL} --connect-timeout 2 | grep warp | cut -d= -f2) else unset WARP_Proxy_Status fi case ${WARP_Proxy_Status} in on) WARP_Proxy_Status_en="${FontColor_Green}${WARP_Proxy_Port}${FontColor_Suffix}" WARP_Proxy_Status_zh="${WARP_Proxy_Status_en}" ;; plus) WARP_Proxy_Status_en="${FontColor_Green}${WARP_Proxy_Port}(WARP+)${FontColor_Suffix}" WARP_Proxy_Status_zh="${WARP_Proxy_Status_en}" ;; *) WARP_Proxy_Status_en="${FontColor_Red}Off${FontColor_Suffix}" WARP_Proxy_Status_zh="${FontColor_Red}未开启${FontColor_Suffix}" ;; esac } Check_WireGuard_Status() { Check_WireGuard case ${WireGuard_Status} in active) WireGuard_Status_en="${FontColor_Green}Running${FontColor_Suffix}" WireGuard_Status_zh="${FontColor_Green}运行中${FontColor_Suffix}" ;; *) WireGuard_Status_en="${FontColor_Red}Stopped${FontColor_Suffix}" WireGuard_Status_zh="${FontColor_Red}未运行${FontColor_Suffix}" ;; esac } Check_WARP_WireGuard_Status() { Check_Network_Status_IPv4 if [[ ${IPv4Status} = on ]]; then WARP_IPv4_Status=$(curl -s4 ${CF_Trace_URL} --connect-timeout 2 | grep warp | cut -d= -f2) else unset WARP_IPv4_Status fi case ${WARP_IPv4_Status} in on) WARP_IPv4_Status_en="${FontColor_Green}WARP${FontColor_Suffix}" WARP_IPv4_Status_zh="${WARP_IPv4_Status_en}" ;; plus) WARP_IPv4_Status_en="${FontColor_Green}WARP+${FontColor_Suffix}" WARP_IPv4_Status_zh="${WARP_IPv4_Status_en}" ;; off) WARP_IPv4_Status_en="Normal" WARP_IPv4_Status_zh="正常" ;; *) Check_Network_Status_IPv4 if [[ ${IPv4Status} = on ]]; then WARP_IPv4_Status_en="Normal" WARP_IPv4_Status_zh="正常" else WARP_IPv4_Status_en="${FontColor_Red}Unconnected${FontColor_Suffix}" WARP_IPv4_Status_zh="${FontColor_Red}未连接${FontColor_Suffix}" fi ;; esac Check_Network_Status_IPv6 if [[ ${IPv6Status} = on ]]; then WARP_IPv6_Status=$(curl -s6 ${CF_Trace_URL} --connect-timeout 2 | grep warp | cut -d= -f2) else unset WARP_IPv6_Status fi case ${WARP_IPv6_Status} in on) WARP_IPv6_Status_en="${FontColor_Green}WARP${FontColor_Suffix}" WARP_IPv6_Status_zh="${WARP_IPv6_Status_en}" ;; plus) WARP_IPv6_Status_en="${FontColor_Green}WARP+${FontColor_Suffix}" WARP_IPv6_Status_zh="${WARP_IPv6_Status_en}" ;; off) WARP_IPv6_Status_en="Normal" WARP_IPv6_Status_zh="正常" ;; *) Check_Network_Status_IPv6 if [[ ${IPv6Status} = on ]]; then WARP_IPv6_Status_en="Normal" WARP_IPv6_Status_zh="正常" else WARP_IPv6_Status_en="${FontColor_Red}Unconnected${FontColor_Suffix}" WARP_IPv6_Status_zh="${FontColor_Red}未连接${FontColor_Suffix}" fi ;; esac } Check_ALL_Status() { Check_WARP_Client_Status Check_WARP_Proxy_Status Check_WireGuard_Status Check_WARP_WireGuard_Status } Print_WARP_Client_Status() { log INFO "Status check in progress..." Check_WARP_Client_Status Check_WARP_Proxy_Status echo -e " ---------------------------- WARP Client\t: ${WARP_Client_Status_en} SOCKS5 Port\t: ${WARP_Proxy_Status_en} ---------------------------- " log INFO "Done." } Print_WARP_WireGuard_Status() { log INFO "Status check in progress..." Check_WireGuard_Status Check_WARP_WireGuard_Status echo -e " ---------------------------- WireGuard\t: ${WireGuard_Status_en} IPv4 Network\t: ${WARP_IPv4_Status_en} IPv6 Network\t: ${WARP_IPv6_Status_en} ---------------------------- " log INFO "Done." } Print_ALL_Status() { log INFO "Status check in progress..." Check_ALL_Status echo -e " ---------------------------- WARP Client\t: ${WARP_Client_Status_en} SOCKS5 Port\t: ${WARP_Proxy_Status_en} ---------------------------- WireGuard\t: ${WireGuard_Status_en} IPv4 Network\t: ${WARP_IPv4_Status_en} IPv6 Network\t: ${WARP_IPv6_Status_en} ---------------------------- " } View_WireGuard_Profile() { Print_Delimiter cat ${WireGuardConfPath} Print_Delimiter } Check_WGCF_Endpoint() { if ping -c1 -W1 ${WGCF_Endpoint_IP4} >/dev/null 2>&1; then WGCF_Endpoint="${WGCF_Endpoint_IPv4}" elif ping6 -c1 -W1 ${WGCF_Endpoint_IP6} >/dev/null 2>&1; then WGCF_Endpoint="${WGCF_Endpoint_IPv6}" else WGCF_Endpoint="${WGCF_Endpoint_Domain}" fi } Set_WARP_IPv4() { Install_WireGuard Get_IP_addr Load_WGCF_Profile if [[ ${IPv4Status} = off && ${IPv6Status} = on ]]; then WGCF_DNS="${WGCF_DNS_64}" else WGCF_DNS="${WGCF_DNS_46}" fi WGCF_AllowedIPs="${WGCF_AllowedIPs_IPv4}" Check_WGCF_Endpoint Generate_WireGuardProfile_Interface if [[ -n ${IPv4_addr} ]]; then Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP fi Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Set_WARP_IPv6() { Install_WireGuard Get_IP_addr Load_WGCF_Profile if [[ ${IPv4Status} = off && ${IPv6Status} = on ]]; then WGCF_DNS="${WGCF_DNS_64}" else WGCF_DNS="${WGCF_DNS_46}" fi WGCF_AllowedIPs="${WGCF_AllowedIPs_IPv6}" Check_WGCF_Endpoint Generate_WireGuardProfile_Interface if [[ -n ${IPv6_addr} ]]; then Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP fi Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Set_WARP_DualStack() { Install_WireGuard Get_IP_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" Check_WGCF_Endpoint Generate_WireGuardProfile_Interface if [[ -n ${IPv4_addr} ]]; then Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP fi if [[ -n ${IPv6_addr} ]]; then Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP fi Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Set_WARP_DualStack_nonGlobal() { Install_WireGuard Get_IP_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" Check_WGCF_Endpoint Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_DualStack_nonGlobal Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Add_WARP_IPv4__Change_WARP_IPv6() { Install_WireGuard Get_IPv6_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_64}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" WGCF_Endpoint="${WGCF_Endpoint_IPv6}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Add_WARP_IPv6__Change_WARP_IPv4() { Install_WireGuard Get_IPv4_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" WGCF_Endpoint="${WGCF_Endpoint_IPv4}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Change_WARP_IPv6() { Install_WireGuard Get_IPv6_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_IPv6}" WGCF_Endpoint="${WGCF_Endpoint_IPv6}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Change_WARP_IPv4() { Install_WireGuard Get_IPv4_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_64}" WGCF_AllowedIPs="${WGCF_AllowedIPs_IPv4}" WGCF_Endpoint="${WGCF_Endpoint_IPv4}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Change_WARP_DualStack_IPv4Out() { Install_WireGuard Get_IPv4_addr Get_IPv6_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" WGCF_Endpoint="${WGCF_Endpoint_IPv4}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Change_WARP_DualStack_IPv6Out() { Install_WireGuard Get_IPv4_addr Get_IPv6_addr Load_WGCF_Profile WGCF_DNS="${WGCF_DNS_46}" WGCF_AllowedIPs="${WGCF_AllowedIPs_DualStack}" WGCF_Endpoint="${WGCF_Endpoint_IPv6}" Generate_WireGuardProfile_Interface Generate_WireGuardProfile_Interface_Rule_IPv4_Global_srcIP Generate_WireGuardProfile_Interface_Rule_IPv6_Global_srcIP Generate_WireGuardProfile_Peer View_WireGuard_Profile Enable_WireGuard Print_WARP_WireGuard_Status } Menu_Title="${FontColor_Yellow_Bold}Cloudflare WARP 一键配置脚本${FontColor_Suffix} ${FontColor_Red}[${shVersion}]${FontColor_Suffix} by ${FontColor_Purple_Bold}P3TERX.COM${FontColor_Suffix}" Menu_WARP_Client() { clear echo -e " ${Menu_Title} ------------------------- WARP 客户端状态 : ${WARP_Client_Status_zh} SOCKS5 代理端口 : ${WARP_Proxy_Status_zh} ------------------------- 管理 WARP 官方客户端: ${FontColor_Green_Bold}0${FontColor_Suffix}. 返回主菜单 - ${FontColor_Green_Bold}1${FontColor_Suffix}. 开启 SOCKS5 代理 ${FontColor_Green_Bold}2${FontColor_Suffix}. 关闭 SOCKS5 代理 ${FontColor_Green_Bold}3${FontColor_Suffix}. 重启 WARP 官方客户端 ${FontColor_Green_Bold}4${FontColor_Suffix}. 卸载 WARP 官方客户端 " unset MenuNumber read -p "请输入选项: " MenuNumber echo case ${MenuNumber} in 0) Start_Menu ;; 1) Enable_WARP_Client_Proxy ;; 2) Disconnect_WARP ;; 3) Restart_WARP_Client ;; 4) Uninstall_WARP_Client ;; *) log ERROR "无效输入!" sleep 2s Menu_WARP_Client ;; esac } Menu_WARP_WireGuard_Other() { clear echo -e " ${Menu_Title} ${FontColor_Green_Bold}0${FontColor_Suffix}. 返回主菜单 - ${FontColor_Green_Bold}1${FontColor_Suffix}. 置换 IPv4 为 WARP 网络 ${FontColor_Green_Bold}2${FontColor_Suffix}. 置换 IPv6 为 WARP 网络 ${FontColor_Green_Bold}3${FontColor_Suffix}. 置换 IPv4/IPv6 为 WARP 网络 (IPv4 节点) ${FontColor_Green_Bold}4${FontColor_Suffix}. 置换 IPv4/IPv6 为 WARP 网络 (IPv6 节点) ${FontColor_Green_Bold}5${FontColor_Suffix}. 添加 WARP IPv4 网络,置换 IPv6 为 WARP 网络 ${FontColor_Green_Bold}6${FontColor_Suffix}. 添加 WARP IPv6 网络,置换 IPv4 为 WARP 网络 " unset MenuNumber read -p "请输入选项: " MenuNumber echo case ${MenuNumber} in 0) Start_Menu ;; 1) Change_WARP_IPv4 ;; 2) Change_WARP_IPv6 ;; 3) Change_WARP_DualStack_IPv4Out ;; 4) Change_WARP_DualStack_IPv6Out ;; 5) Add_WARP_IPv4__Change_WARP_IPv6 ;; 6) Add_WARP_IPv6__Change_WARP_IPv4 ;; *) log ERROR "无效输入!" sleep 2s Menu_DualStack ;; esac } Menu_WARP_WireGuard() { clear echo -e " ${Menu_Title} ------------------------- WireGuard 状态 : ${WireGuard_Status_zh} IPv4 网络状态 : ${WARP_IPv4_Status_zh} IPv6 网络状态 : ${WARP_IPv6_Status_zh} ------------------------- 管理 WARP WireGuard: ${FontColor_Green_Bold}0${FontColor_Suffix}. 返回主菜单 - ${FontColor_Green_Bold}1${FontColor_Suffix}. 查看 WARP WireGuard 日志 ${FontColor_Green_Bold}2${FontColor_Suffix}. 重启 WARP WireGuard 服务 ${FontColor_Green_Bold}3${FontColor_Suffix}. 关闭 WARP WireGuard 网络 " unset MenuNumber read -p "请输入选项: " MenuNumber echo case ${MenuNumber} in 0) Start_Menu ;; 1) Print_WireGuard_Log ;; 2) Restart_WireGuard ;; 3) Disable_WireGuard ;; *) log ERROR "无效输入!" sleep 2s Menu_Other ;; esac } Start_Menu() { log INFO "正在检查状态..." Check_ALL_Status clear echo -e " ${Menu_Title} ------------------------- WARP 客户端状态 : ${WARP_Client_Status_zh} SOCKS5 代理端口 : ${WARP_Proxy_Status_zh} ------------------------- WireGuard 状态 : ${WireGuard_Status_zh} IPv4 网络状态 : ${WARP_IPv4_Status_zh} IPv6 网络状态 : ${WARP_IPv6_Status_zh} ------------------------- ${FontColor_Green_Bold}1${FontColor_Suffix}. 自动配置 WARP 官方客户端 SOCKS5 代理 ${FontColor_Green_Bold}2${FontColor_Suffix}. 管理 WARP 官方客户端 - ${FontColor_Green_Bold}3${FontColor_Suffix}. 自动配置 WARP WireGuard IPv4 网络 ${FontColor_Green_Bold}4${FontColor_Suffix}. 自动配置 WARP WireGuard IPv6 网络 ${FontColor_Green_Bold}5${FontColor_Suffix}. 自动配置 WARP WireGuard 双栈全局网络 ${FontColor_Green_Bold}6${FontColor_Suffix}. 选择其它 WARP WireGuard 配置方案 ${FontColor_Green_Bold}7${FontColor_Suffix}. 管理 WARP WireGuard 网络 " unset MenuNumber read -p "请输入选项: " MenuNumber echo case ${MenuNumber} in 1) Enable_WARP_Client_Proxy ;; 2) Menu_WARP_Client ;; 3) Set_WARP_IPv4 ;; 4) Set_WARP_IPv6 ;; 5) Set_WARP_DualStack ;; 6) Menu_WARP_WireGuard_Other ;; 7) Menu_WARP_WireGuard ;; *) log ERROR "无效输入!" sleep 2s Start_Menu ;; esac } Print_Usage() { echo -e " Cloudflare WARP configuration script USAGE: bash <(curl -fsSL git.io/warp.sh) [SUBCOMMAND] SUBCOMMANDS: install Install Cloudflare WARP Official Linux Client uninstall uninstall Cloudflare WARP Official Linux Client restart Restart Cloudflare WARP Official Linux Client proxy Enable WARP Client Proxy Mode (default SOCKS5 port: 40000) unproxy Disable WARP Client Proxy Mode wg Configuration WARP Non-Global Network (with WireGuard), set fwmark or interface IP Address to use the WARP network wg4 Configuration WARP IPv4 Global Network (with WireGuard), all IPv4 outbound data over the WARP network wg6 Configuration WARP IPv6 Global Network (with WireGuard), all IPv6 outbound data over the WARP network wgd Configuration WARP Dual Stack Global Network (with WireGuard), all outbound data over the WARP network rewg Restart WARP WireGuard service unwg Disable WARP WireGuard service status Prints status information version Prints version information help Prints this message or the help of the given subcommand(s) menu Chinese special features menu " } if [ $# -ge 1 ]; then case ${1} in install) Instal_WARP_Client ;; uninstall) Uninstall_WARP_Client ;; restart) Restart_WARP_Client ;; proxy | socks5 | s5) Enable_WARP_Client_Proxy ;; unproxy | unsocks5 | uns5) Disconnect_WARP ;; wg) Set_WARP_DualStack_nonGlobal ;; wg4 | 4) Set_WARP_IPv4 ;; wg6 | 6) Set_WARP_IPv6 ;; wgd | d) Set_WARP_DualStack ;; rewg) Restart_WireGuard ;; unwg) Disable_WireGuard ;; status) Print_ALL_Status ;; help) Print_Usage ;; version) echo "${shVersion}" ;; menu) Start_Menu ;; *) log ERROR "Invalid Parameters: $*" Print_Usage exit 1 ;; esac else Print_Usage fi {"mode":"full","isActive":false}