sing-box: update to 1.12.5

.github/workflows/Auto cache software release jsons.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
 
       - name: Initialization environment
         run: |
@@ -26,12 +26,15 @@ jobs:
       - name: Install GitHub CLI
         run: sudo apt-get update && sudo apt-get install -y gh
 
-      - name: Fetch GitHub release JSONs
+      - name: Delete old release and tag
+        run: |
+          gh release delete api-cache --cleanup-tag -y || echo "No existing release to delete"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          mkdir -p output old_json
 
+      - name: Fetch GitHub release JSONs
+        run: |
+          mkdir -p output
           declare -A repos
           repos["geoview"]="snowie2000/geoview"
           repos["chinadns-ng"]="zfl9/chinadns-ng"
@@ -39,62 +42,14 @@ jobs:
           repos["sing-box"]="SagerNet/sing-box"
           repos["hysteria"]="HyNetwork/hysteria"
 
-          echo "Downloading previous api-cache release assets (if exists)..."
-          gh release download api-cache --dir old_json --pattern "*.json" || echo "No previous release found"
-
           for name in "${!repos[@]}"; do
             repo="${repos[$name]}"
-            echo "Processing $name from $repo ..."
-
-            for t in release pre-release; do
-              old="old_json/${name}-${t}-api.json"
-              if [ -f "$old" ]; then
-                cp "$old" "output/${name}-${t}-api.json.bak"
-              fi
-            done
-
+            echo "Fetching release JSONs for $name from $repo ..."
             curl -sL "https://api.github.com/repos/$repo/releases/latest" -o "output/${name}-release-api.json"
             curl -sL "https://api.github.com/repos/$repo/releases?per_page=1" -o "output/${name}-pre-release-api.json"
-
-            for t in release pre-release; do
-              file="output/${name}-${t}-api.json"
-
-              TAG_NAME=$(grep -oP '"tag_name": "\K[^"]+' "$file" || true)
-
-              if [ -z "$TAG_NAME" ]; then
-                echo "❌ ${file} No tag_name, restore old files..."
-                rm -f "$file"
-
-                if [ -f "${file}.bak" ]; then
-                  mv "${file}.bak" "$file"
-                fi
-              else
-                echo "✅ ${file} Verification successful, delete bak."
-                rm -f "${file}.bak"
-              fi
-            done
           done
 
-      - name: Check output directory
-        id: check_output
-        run: |
-          if [ -z "$(ls -A output 2>/dev/null)" ]; then
-            echo "empty=true" >> $GITHUB_OUTPUT
-            echo "⚠️ The output directory is empty, and subsequent Upload/Release steps will be skipped."
-          else
-            echo "empty=false" >> $GITHUB_OUTPUT
-            echo "✔ The output directory contains files."
-          fi
-
-      - name: Delete old release and tag
-        if: steps.check_output.outputs.empty == 'false'
-        run: |
-          gh release delete api-cache --cleanup-tag -y || echo "No existing release to delete."
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Upload to release
-        if: steps.check_output.outputs.empty == 'false'
         uses: softprops/action-gh-release@v2
         with:
           tag_name: api-cache

.github/workflows/Auto compilation testing.yml

@@ -189,11 +189,6 @@ jobs:
         cp -r temp_resp/lang/rust feeds/packages/lang
         rm -rf temp_resp
 
-        git clone -b main --single-branch https://github.com/openwrt/openwrt.git temp_resp
-        cp -f temp_resp/scripts/patch-kernel.sh scripts/
-        rm -rf temp_resp
-
-
         echo "fixed rust host build error"
         sed -i 's/--set=llvm\.download-ci-llvm=false/--set=llvm.download-ci-llvm=true/' feeds/packages/lang/rust/Makefile
         grep -q -- '--ci false \\' feeds/packages/lang/rust/Makefile || sed -i '/x\.py \\/a \        --ci false \\' feeds/packages/lang/rust/Makefile

.github/workflows/Auto update packages v2.yml

@@ -344,35 +344,20 @@ jobs:
       - name: Create Pull Request
         id: cpr
         if: steps.check.outputs.status == 'success' && steps.check.outputs.New_PKG_VERSION != '' && steps.update.outputs.branch_exists == '' && !cancelled()
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          branch="patches-${{ matrix.pakcages }}-${{ steps.update.outputs.version }}"
-          title="${{ matrix.pakcages }}: update to ${{ steps.update.outputs.version }}"
-          EXISTING=$(gh pr list \
-            --state open \
-            --base main \
-            --json number,title \
-            --jq ".[] | select(.title == \"$title\") | .number" \
-            || echo "")
+        uses: peter-evans/create-pull-request@v7
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          commit-message: "${{ matrix.pakcages }}: update to ${{ steps.update.outputs.version }}"
+          committer: smallprogram <smallprogram@foxmail.com>
+          author: smallprogram <smallprogram@foxmail.com>
+          signoff: false
+          branch: patches-${{ matrix.pakcages }}-${{ steps.update.outputs.version }}
+          base: main
+          delete-branch: true
+          body: |
+            ${{ matrix.pakcages }}: update to ${{ steps.update.outputs.version }}
+          title: "${{ matrix.pakcages }}: update to ${{ steps.update.outputs.version }}"
+          labels: |
+            automated-pr
+          draft: false
 
-          if [ -n "$EXISTING" ]; then
-            echo "Duplicate PR with title '$TITLE' already exists: #$EXISTING"
-          else
-            git config --global user.email "smallprogram@foxmail.com"
-            git config --global user.name "smallprogram"
-
-            
-            echo "No duplicate found, will create PR."
-            git checkout -b "$branch"
-            git add .
-            git commit -m "${{ matrix.pakcages }}: update to ${{ steps.update.outputs.version }}"
-            git push origin $branch
-
-            gh pr create \
-            --title "$title" \
-            --body "$title" \
-            --base main \
-            --head "$branch" \
-            --label "automated-pr"
-          fi

.github/workflows/Close stale issues and Prs.yml

@@ -7,7 +7,7 @@ jobs:
   stale:
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v7.0.0
         with:
           stale-issue-message: "Stale Issue"
           stale-pr-message: "Stale PR"

dns2socks/Makefile

@@ -8,8 +8,8 @@ PKG_NAME:=dns2socks
 PKG_VERSION:=2.1
 PKG_RELEASE:=2
 
-PKG_SOURCE:=SourceCode.zip
-PKG_SOURCE_URL:=https://github.com/xiaorouji/openwrt-passwall-packages/releases/download/dns2socks
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
+PKG_SOURCE_URL:=@SF/dns2socks/SourceCode.zip?
 PKG_SOURCE_DATE:=2020-02-18
 PKG_HASH:=406b5003523577d39da66767adfe54f7af9b701374363729386f32f6a3a995f4
 

geoview/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=geoview
-PKG_VERSION:=0.2.2
+PKG_VERSION:=0.1.10
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/snowie2000/geoview/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=3cdec7da60d5ec84f71e086fdc77f43287d064371f51d49bcfe09abd50604343
+PKG_HASH:=9221df928df68030893125a60bdf6d8a1fef2b199fa58ed80772cb3c17225fc5
 
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE

hysteria/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hysteria
-PKG_VERSION:=2.6.5
+PKG_VERSION:=2.6.2
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/apernet/hysteria/tar.gz/app/v$(PKG_VERSION)?
-PKG_HASH:=21a04ef8ce640d7c60c3b8678500b6e6481862d9af62f9ce2663b772211718d0
+PKG_HASH:=4699431f0bc826da2bbd3939c0a78c4e7bfc02773fc3a62b24615c37ee89b266
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-app-v$(PKG_VERSION)
 
 PKG_LICENSE:=MIT

microsocks/Makefile

@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=microsocks
 PKG_VERSION:=1.0.5
-PKG_RELEASE:=2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/rofl0r/microsocks/tar.gz/v$(PKG_VERSION)?
@@ -25,7 +25,7 @@ define Package/microsocks
   SECTION:=net
   CATEGORY:=Network
   SUBMENU:=Web Servers/Proxies
-  TITLE:=Tiny, portable SOCKS5 server. Support forwarding rules
+  TITLE:=Tiny, portable SOCKS5 server
   URL:=https://github.com/rofl0r/microsocks
   DEPENDS:=+libpthread
 endef
@@ -33,7 +33,6 @@ endef
 define Package/microsocks/description
   A SOCKS5 service that you can run on your remote boxes to tunnel connections
   through them, if for some reason SSH doesn't cut it for you.
-  This version supports forwarding rules.
 endef
 
 define Package/microsocks/install

microsocks/patches/100-Add-SOCKS5-forwarding-rules-support.patch

@@ -1,428 +0,0 @@
---- a/sockssrv.c
-+++ b/sockssrv.c
-@@ -33,8 +33,10 @@
- #include <arpa/inet.h>
- #include <errno.h>
- #include <limits.h>
-+#include <sys/time.h>
- #include "server.h"
- #include "sblist.h"
-+#define MICROSOCKS_VERSION "1.0.5-forward"
- 
- /* timeout in microseconds on resource exhaustion to prevent excessive
-    cpu usage. */
-@@ -71,6 +73,7 @@
- static pthread_rwlock_t auth_ips_lock = PTHREAD_RWLOCK_INITIALIZER;
- static const struct server* server;
- static union sockaddr_union bind_addr = {.v4.sin_family = AF_UNSPEC};
-+static sblist *fwd_rules;
- 
- enum socksstate {
- 	SS_1_CONNECTED,
-@@ -97,6 +100,17 @@
- 	EC_ADDRESSTYPE_NOT_SUPPORTED = 8,
- };
- 
-+struct fwd_rule {
-+	char *match_name;
-+	short match_port;
-+	char *auth_buf; /* Username/Password request buffer (RFC-1929) */
-+	size_t auth_len;
-+	char *upstream_name;
-+	short upstream_port;
-+	char *req_buf; /* Client Connection Request buffer to send to upstream */
-+	size_t req_len;
-+};
-+
- struct thread {
- 	pthread_t pt;
- 	struct client client;
-@@ -116,6 +130,109 @@
- static void dolog(const char* fmt, ...) { }
- #endif
- 
-+static int upstream_handshake(const struct fwd_rule* rule, unsigned char *client_buf, size_t client_buf_len, 
-+							int client_fd, int upstream_fd, unsigned short client_port) {
-+	unsigned char sbuf[512];
-+	ssize_t r;
-+
-+	if(rule->auth_buf) {
-+		unsigned char handshake[4] = {5, 2, 0, 2};
-+		if (write(upstream_fd, handshake, 4) != 4) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	} else {
-+		unsigned char handshake[3] = {5, 1, 0};
-+		if (write(upstream_fd, handshake, 3) != 3) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	}
-+
-+	if (read(upstream_fd, sbuf, 2) != 2 || sbuf[0] != 5) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	if (sbuf[1] == 2) {
-+		if (!rule->auth_buf) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		if (write(upstream_fd, rule->auth_buf, rule->auth_len) != (ssize_t)rule->auth_len) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		if (read(upstream_fd, sbuf, 2) != 2 || sbuf[0] != 1 || sbuf[1] != 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	} else if (sbuf[1] != 0) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	if (write(upstream_fd, client_buf, client_buf_len) != (ssize_t)client_buf_len) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	size_t total = 0;
-+	size_t need = 4;
-+
-+	while (total < need) {
-+		r = read(upstream_fd, sbuf + total, need - total);
-+		if (r <= 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		total += r;
-+	}
-+
-+	if (sbuf[1] != 0) {
-+		close(upstream_fd);
-+		return -sbuf[1];
-+	}
-+
-+	size_t need_more = 0;
-+	switch (sbuf[3]) {
-+		case 1:
-+			need_more = 4 + 2;
-+			break;
-+		case 4:
-+			need_more = 16 + 2;
-+			break;
-+		case 3:
-+			r = read(upstream_fd, sbuf + total, 1);
-+			if (r != 1) {
-+				close(upstream_fd);
-+				return -1;
-+			}
-+			total += r;
-+			need_more = sbuf[4] + 2;
-+			break;
-+		default:
-+			close(upstream_fd);
-+			return -EC_ADDRESSTYPE_NOT_SUPPORTED;
-+	}
-+
-+	while (total < need + need_more) {
-+		r = read(upstream_fd, sbuf + total, (need + need_more) - total);
-+		if (r <= 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		total += r;
-+	}
-+
-+	if (write(client_fd, sbuf, total) != (ssize_t)total) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	return upstream_fd;
-+}
-+
- static struct addrinfo* addr_choose(struct addrinfo* list, union sockaddr_union* bindaddr) {
- 	int af = SOCKADDR_UNION_AF(bindaddr);
- 	if(af == AF_UNSPEC) return list;
-@@ -125,7 +242,9 @@
- 	return list;
- }
- 
--static int connect_socks_target(unsigned char *buf, size_t n, struct client *client) {
-+static int connect_socks_target(unsigned char *buf, size_t n, struct client *client, int *used_rule) {
-+	*used_rule = 0;
-+
- 	if(n < 5) return -EC_GENERAL_FAILURE;
- 	if(buf[0] != 5) return -EC_GENERAL_FAILURE;
- 	if(buf[1] != 1) return -EC_COMMAND_NOT_SUPPORTED; /* we support only CONNECT method */
-@@ -158,6 +277,29 @@
- 	}
- 	unsigned short port;
- 	port = (buf[minlen-2] << 8) | buf[minlen-1];
-+
-+	size_t i;
-+	struct fwd_rule *rule = NULL;
-+	char original_name[256];
-+	unsigned short original_port = port;
-+	strncpy(original_name, namebuf, sizeof(original_name) - 1);
-+	original_name[sizeof(original_name) - 1] = '\0';
-+	if(fwd_rules) {
-+		for(i=0;i<sblist_getsize(fwd_rules);++i) {
-+			struct fwd_rule* r = (struct fwd_rule*)sblist_get(fwd_rules, i);
-+			int name_match = (r->match_name[0]=='\0' || strcmp(r->match_name, namebuf) == 0);
-+			int port_match = (r->match_port == 0 || r->match_port == port);
-+			if(name_match && port_match) {
-+				rule = r;
-+				*used_rule = 1;
-+				strncpy(namebuf, r->upstream_name, sizeof(namebuf)-1);
-+				namebuf[sizeof(namebuf)-1] = '\0';
-+				port = r->upstream_port;
-+				break;
-+			}
-+		}
-+	}
-+
- 	/* there's no suitable errorcode in rfc1928 for dns lookup failure */
- 	if(resolve(namebuf, port, &remote)) return -EC_GENERAL_FAILURE;
- 	struct addrinfo* raddr = addr_choose(remote, &bind_addr);
-@@ -186,6 +328,11 @@
- 			return -EC_GENERAL_FAILURE;
- 		}
- 	}
-+
-+	struct timeval tv = {5, 0};
-+	setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (const char*)&tv, sizeof(tv));
-+	setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (const char*)&tv, sizeof(tv));
-+
- 	if(SOCKADDR_UNION_AF(&bind_addr) == raddr->ai_family &&
- 	   bindtoip(fd, &bind_addr) == -1)
- 		goto eval_errno;
-@@ -198,9 +345,22 @@
- 		af = SOCKADDR_UNION_AF(&client->addr);
- 		void *ipdata = SOCKADDR_UNION_ADDRESS(&client->addr);
- 		inet_ntop(af, ipdata, clientname, sizeof clientname);
--		dolog("client[%d] %s: connected to %s:%d\n", client->fd, clientname, namebuf, port);
-+		if (rule) {
-+			dolog("client[%d] %s: %s:%d -> via %s:%d\n", client->fd, clientname, original_name, original_port, rule->upstream_name, rule->upstream_port);
-+		} else {
-+			dolog("client[%d] %s: connected to %s:%d\n", client->fd, clientname, namebuf, port);
-+		}
- 	}
--	return fd;
-+
-+	if (rule) {
-+		int result = upstream_handshake(rule, buf, n, client->fd, fd, original_port);
-+		if (result < 0) {
-+			close(fd);
-+			return result;
-+		}
-+		return result;
-+	}
-+    return fd;
- }
- 
- static int is_authed(union sockaddr_union *client, union sockaddr_union *authedip) {
-@@ -322,6 +482,7 @@
- 	ssize_t n;
- 	int ret;
- 	enum authmethod am;
-+	int used_rule = 0;
- 	t->state = SS_1_CONNECTED;
- 	while((n = recv(t->client.fd, buf, sizeof buf, 0)) > 0) {
- 		switch(t->state) {
-@@ -345,12 +506,14 @@
- 				}
- 				break;
- 			case SS_3_AUTHED:
--				ret = connect_socks_target(buf, n, &t->client);
-+				ret = connect_socks_target(buf, n, &t->client, &used_rule);
- 				if(ret < 0) {
- 					send_error(t->client.fd, ret*-1);
- 					return -1;
- 				}
--				send_error(t->client.fd, EC_SUCCESS);
-+				if (!used_rule) {
-+					send_error(t->client.fd, EC_SUCCESS);
-+				}
- 				return ret;
- 		}
- 	}
-@@ -382,11 +545,131 @@
- 	}
- }
- 
-+static short host_get_port(char *name) {
-+	int p,n;
-+	char *c;
-+	if((c = strrchr(name, ':')) && sscanf(c+1,"%d%n",&p, &n)==1 && n == (int)(strlen(c + 1)) && p >= 0 && p < USHRT_MAX)
-+		return (*c='\0'),(short)p;
-+	else
-+		return -1;
-+}
-+
-+static int fwd_rules_add(char *str) {
-+	char *match = NULL, *upstream = NULL, *remote = NULL;
-+	unsigned short match_port, upstream_port, remote_port;
-+	int ncred;
-+
-+	if(sscanf(str, "%m[^,],%n%m[^,],%ms\n", &match, &ncred, &upstream, &remote) != 3)
-+		return 1;
-+
-+	match_port = host_get_port(match);
-+	upstream_port = host_get_port(upstream);
-+	remote_port = host_get_port(remote);
-+
-+	if(match_port < 0 || upstream_port <= 0 || remote_port < 0) {
-+		free(match);
-+		free(upstream);
-+		free(remote);
-+		return 1;
-+	}
-+
-+	char *match_copy = strdup(match);
-+	char *upstream_copy = strdup(upstream);
-+	char *remote_copy = strdup(remote);
-+
-+	struct fwd_rule *rule = (struct fwd_rule*)malloc(sizeof(struct fwd_rule));
-+	if (!rule) {
-+		free(match_copy);
-+		free(upstream_copy);
-+		free(remote_copy);
-+		free(match);
-+		free(upstream);
-+		free(remote);
-+		return 1;
-+	}
-+
-+	if(strcmp(match_copy, "0.0.0.0") == 0 || strcmp(match_copy, "*") == 0) {
-+		free(match_copy);
-+		rule->match_name = strdup("");
-+	} else {
-+		rule->match_name = match_copy;
-+	}
-+	rule->match_port = match_port;
-+	rule->auth_buf = NULL;
-+	rule->auth_len = 0;
-+
-+	char *at_sign = strchr(upstream_copy, '@');
-+	if (at_sign) {
-+		*at_sign = '\0';
-+		char *auth_part = upstream_copy;
-+		char *host_part = at_sign + 1;
-+		char *colon = strchr(auth_part, ':');
-+		if (!colon) {
-+			free(rule);
-+			free(upstream_copy);
-+			free(remote_copy);
-+			free(match);
-+			free(upstream);
-+			free(remote);
-+			return 1;
-+		}
-+		*colon++ = '\0';
-+		char *username = auth_part;
-+		char *password = colon;
-+		size_t ulen = strlen(username);
-+		size_t plen = strlen(password);
-+		if (ulen > 255 || plen > 255) {
-+			free(rule);
-+			free(upstream_copy);
-+			free(remote_copy);
-+			free(match);
-+			free(upstream);
-+			free(remote);
-+			return 1;
-+		}
-+		rule->auth_len = 1 + 1 + ulen + 1 + plen;
-+		rule->auth_buf = malloc(rule->auth_len);
-+		rule->auth_buf[0] = 1;
-+		rule->auth_buf[1] = ulen;
-+		memcpy(&rule->auth_buf[2], username, ulen);
-+		rule->auth_buf[2 + ulen] = plen;
-+		memcpy(&rule->auth_buf[3 + ulen], password, plen);
-+		rule->upstream_name = strdup(host_part);
-+		rule->upstream_port = upstream_port;
-+		/* hide from ps */
-+		memset(str+ncred, '*', ulen+1+plen);
-+	} else {
-+		rule->upstream_name = strdup(upstream_copy);
-+		rule->upstream_port = upstream_port;
-+	}
-+
-+	free(upstream_copy);
-+	short rlen = strlen(remote_copy);
-+	rule->req_len = 3 + 1 + 1 + rlen + 2;
-+	rule->req_buf = (char*)malloc(rule->req_len);
-+	rule->req_buf[0] = 5;
-+	rule->req_buf[1] = 1;
-+	rule->req_buf[2] = 0;
-+	rule->req_buf[3] = 3;
-+	rule->req_buf[4] = rlen;
-+	memcpy(&rule->req_buf[5], remote_copy, rlen);
-+	unsigned short rport = remote_port ? remote_port : 0;
-+	rule->req_buf[5 + rlen]     = (rport >> 8) & 0xFF;
-+	rule->req_buf[5 + rlen + 1] = (rport & 0xFF);
-+	free(remote_copy);
-+	sblist_add(fwd_rules, rule);
-+	free(match);
-+	free(upstream);
-+	free(remote);
-+
-+	return 0;
-+}
-+
- static int usage(void) {
- 	dprintf(2,
- 		"MicroSocks SOCKS5 Server\n"
- 		"------------------------\n"
--		"usage: microsocks -1 -q -i listenip -p port -u user -P pass -b bindaddr -w ips\n"
-+		"usage: microsocks -1 -q -i listenip -p port -u user -P pass -b bindaddr -w ips -f fwdrule\n"
- 		"all arguments are optional.\n"
- 		"by default listenip is 0.0.0.0 and port 1080.\n\n"
- 		"option -q disables logging.\n"
-@@ -401,6 +684,12 @@
- 		" this is handy for programs like firefox that don't support\n"
- 		" user/pass auth. for it to work you'd basically make one connection\n"
- 		" with another program that supports it, and then you can use firefox too.\n"
-+		"option -f specifies a forwarding rule of the form\n"
-+		"  match_name:match_port,[user:password@]upstream_name:upstream_port,remote_name:remote_port\n"
-+		" this will cause requests that /match/ to be renamed to /remote/\n"
-+		" and sent to the /upstream/ SOCKS5 proxy server.\n"
-+		" this option may be specified multiple times.\n"
-+		"option -V prints version information and exits.\n"
- 	);
- 	return 1;
- }
-@@ -416,7 +705,7 @@
- 	const char *listenip = "0.0.0.0";
- 	char *p, *q;
- 	unsigned port = 1080;
--	while((ch = getopt(argc, argv, ":1qb:i:p:u:P:w:")) != -1) {
-+	while((ch = getopt(argc, argv, ":1qb:i:p:u:P:w:f:V")) != -1) {
- 		switch(ch) {
- 			case 'w': /* fall-through */
- 			case '1':
-@@ -456,11 +745,20 @@
- 			case 'p':
- 				port = atoi(optarg);
- 				break;
-+			case 'f':
-+				if(!fwd_rules)
-+					fwd_rules = sblist_new(sizeof(struct fwd_rule), 16);
-+				if(fwd_rules_add(optarg))
-+					return dprintf(2, "error: could not parse forwarding rule %s\n", optarg), 1;
-+				break;
- 			case ':':
- 				dprintf(2, "error: option -%c requires an operand\n", optopt);
- 				/* fall through */
- 			case '?':
- 				return usage();
-+			case 'V':
-+				dprintf(1, "MicroSocks %s\n", MICROSOCKS_VERSION);
-+				return 0;
- 		}
- 	}
- 	if((auth_user && !auth_pass) || (!auth_user && auth_pass)) {

naiveproxy/Makefile

@@ -1,8 +1,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=naiveproxy
-PKG_VERSION:=143.0.7499.109
-PKG_RELEASE:=2
+PKG_VERSION:=139.0.7258.62
+PKG_RELEASE:=1
 
 ARCH_PREBUILT:=$(ARCH_PACKAGES)
 
@@ -25,47 +25,47 @@ PKG_SOURCE:=naiveproxy-v$(PKG_VERSION)-$(PKG_RELEASE)-openwrt-$(ARCH_PREBUILT).t
 PKG_SOURCE_URL:=https://github.com/klzgrad/naiveproxy/releases/download/v$(PKG_VERSION)-$(PKG_RELEASE)/
 
 ifeq ($(ARCH_PREBUILT),aarch64_cortex-a53)
-  PKG_HASH:=e5eec05d7e799c4b6f93adb02129246142a88e427d76d6275a0312872031a1db
+  PKG_HASH:=88b631884518ad25eaee00350445824bb962283cf7665519d4d7b242605a95a4
 else ifeq ($(ARCH_PREBUILT),aarch64_cortex-a72)
-  PKG_HASH:=ca7975f7b711d1936d44b7a3676d4ddec59dd84339da0e28aa8bbc1fa738523a
+  PKG_HASH:=c8196e4ac5e60c933cdce968b1e630abf3577de1258a4c330eb99ea8649a177a
 else ifeq ($(ARCH_PREBUILT),aarch64_generic)
-  PKG_HASH:=a4b34126901ad577a018332dd8cfa015ca5de1dcbbcf445465fb5a89a29a6b29
+  PKG_HASH:=7fa990948c429c36fd0778cd9125e08aed79d5e92be6675951540ddd7069b2fb
 else ifeq ($(ARCH_PREBUILT),arm_arm1176jzf-s_vfp)
-  PKG_HASH:=ec0a9a76bc51d7608897db9d87c3e52a889989856b3456cf1b35c4a42891fc40
+  PKG_HASH:=51db374620c21797a732d11e17b7ddc31e9be681804ea3145938a24320aaa66a
 else ifeq ($(ARCH_PREBUILT),arm_arm926ej-s)
-  PKG_HASH:=bdd03cdec1f7215369cafdc7922f3d78ecd570a59d5cd04e829cab33c6dbc68e
+  PKG_HASH:=abf5db455d57de10dec4b5e5d37903293bcbbe80a3baeb33aded53fb4d503db1
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a15_neon-vfpv4)
-  PKG_HASH:=fce86759321a06cc373ceef1a38fee456cf0383cc466a3762671b9a0fc4e13ba
+  PKG_HASH:=4ea19599f0287da886c79b93d3ac7ae03727402587fa3af5fdd3d12ad2e2a58e
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a5_vfpv4)
-  PKG_HASH:=3bb0eef45955ccb656c0b074db40024e35a96c0588250534d25468242b21e067
+  PKG_HASH:=6824c79925f5cc9c3a8fd8a2090c982a0b30c0ce014aa90f99a2f36ed68ada9d
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7)
-  PKG_HASH:=42c95ce44d9abb1472f4817b5839252fc418cecd3b1d683a0211ca98e7e9a21f
+  PKG_HASH:=456c896ac9a26d41a6bc0aea74262780516203a143cfb530906ac9a580d35ab5
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_neon-vfpv4)
-  PKG_HASH:=7222d40cc5b0f29e5858e6023e713cc69174672b2489a8c8525d031822b38230
+  PKG_HASH:=0ac6f60ba0b90ef38aa88f1172b7119e07ec775b1776594afb51452f5b4af125
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_vfpv4)
-  PKG_HASH:=1c15ceeb689d686e198afd0c1bb72b6c54ef89bde5b347205d6c2cedf359f37a
+  PKG_HASH:=361341cd9300e071f06545d92bf355bd83fe415af7392cffcd503e9207f273e5
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a8_vfpv3)
-  PKG_HASH:=a5f370df608aba401cb5a761c17f994d27d1a912be1aa9c7bcc0417314ecfb62
+  PKG_HASH:=04eaadc2c6cf300c788d8531cdf04821c91a751bae720c2fc4631ec6445a0cd8
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9)
-  PKG_HASH:=f5df82bd5d3a45e8869026977c2d30bac6ccc258dadb7046e3306d4e54395741
+  PKG_HASH:=523af9336b72da3a32f38d1975e86f15bdc859234f8e7f0a3c664fc31da2ce3f
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_neon)
-  PKG_HASH:=7600df27693dda5f43c7d38715b9d4664db77ed4488c77da822c690cb28fcf90
+  PKG_HASH:=b20c2e0c098503d8b57c6ab70d70de401bb642a474521ccf0e700756ad7ed8e1
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_vfpv3-d16)
-  PKG_HASH:=c010124d705e19da53e0df4658c23a5ad0ff71e89f8819e01f9e7011160042fa
+  PKG_HASH:=9658d4f6a9a7e753774b1b231808c5267addc7cea94e2e93e7f823ec84e279e3
 else ifeq ($(ARCH_PREBUILT),arm_mpcore)
-  PKG_HASH:=6ccbf7cf6b17b4cf4ab7b29b12a279b1fc79257f2fc569e81a5af6bda18819f4
+  PKG_HASH:=cfdcc0bfd70c689b01af8ebcc712f8a1431aeba77a4bc1522444268f9864d12d
 else ifeq ($(ARCH_PREBUILT),arm_xscale)
-  PKG_HASH:=5367433f1759aa0b947f6180c9d1944205629d7829db9f3466bd38d40da57ae0
+  PKG_HASH:=5c7706b1cb19e27d4c0135feea6af245e19af684b9e2bb38c3cea80c9adb970c
 else ifeq ($(ARCH_PREBUILT),mipsel_24kc)
-  PKG_HASH:=444a59288e3e7e80b2ca04fb4d6fb9a046a624cb01a9cea2314834c736561433
+  PKG_HASH:=70e248ffa44a067ced6c178f3aef09097e7bbd6030cb7d3776866880ad954eb6
 else ifeq ($(ARCH_PREBUILT),mipsel_mips32)
-  PKG_HASH:=fa568b8a8ed8505a99d5ca30568cbdb2539cc48d218c338a321fba116632daa1
+  PKG_HASH:=a49e6088ddb1af6135fa2a46ba5c55db66b4a2ecd46cb6daf3776181a2e62296
 else ifeq ($(ARCH_PREBUILT),riscv64)
-  PKG_HASH:=13c1a43e58cef7219baf828250afb9390fd2ed9379d30f7d7b182db61492fe69
+  PKG_HASH:=4f8163daea361188f8eec3c1794b78416b898aff226e33e82f8ae6f96d403ac3
 else ifeq ($(ARCH_PREBUILT),x86)
-  PKG_HASH:=8088dd1ea80321109248f68f6f1a7c45f5b4dc0982992aabde725c3503a5b442
+  PKG_HASH:=02e38a354b26ed8ebe7a753bac2f8a4a4b4210a23dcb430de0ab88b88b689f92
 else ifeq ($(ARCH_PREBUILT),x86_64)
-  PKG_HASH:=5681e13c833757cfb5769755fd93d1906c47448af190585067bde9de590bdb2e
+  PKG_HASH:=df910463af15f53b5540dcb23a9858ba73dd2bc336eea9625ba0360bd3b29042
 else
   PKG_HASH:=dummy
 endif

shadowsocks-rust/Makefile

@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shadowsocks-rust
-PKG_VERSION:=1.24.0
+PKG_VERSION:=1.23.5
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/shadowsocks/shadowsocks-rust/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=a89865d1c5203de1b732017dd032e85f943d1592e8d3152eb7d2c4f3fca387bf
+PKG_HASH:=edeef2408ae54108fa176b4e59cb04b4ef4dbe62da96d2459d9821b238ad94e8
 
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=MIT

sing-box/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sing-box
-PKG_VERSION:=1.12.14
+PKG_VERSION:=1.12.5
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=f19761d09f88e2d33aadfdb3c4ff471654f34b28561826e4786b9859654ca887
+PKG_HASH:=47171af120860b7367b64d6bd4fbf7cccb090c66e5d98b2b7abc292a0be20847
 
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_LICENSE_FILES:=LICENSE

v2ray-geodata/Makefile

@@ -5,29 +5,29 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=v2ray-geodata
-PKG_RELEASE:=1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_LICENSE_FILES:=LICENSE
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 
 include $(INCLUDE_DIR)/package.mk
 
-GEOIP_VER:=202512180020
+GEOIP_VER:=202508210019
 GEOIP_FILE:=geoip.dat.$(GEOIP_VER)
 define Download/geoip
   URL:=https://github.com/Loyalsoldier/geoip/releases/download/$(GEOIP_VER)/
   URL_FILE:=geoip.dat
   FILE:=$(GEOIP_FILE)
-  HASH:=63c20c159aeec8a13d61be9b89d0d1c82fecf4675f1c177db67e97477c89199d
+  HASH:=89661485a0a120c8da093b1a2870509486c799b7103c34855599629f93c0be51
 endef
 
-GEOSITE_VER:=202512202213
+GEOSITE_VER:=202508252213
 GEOSITE_FILE:=geosite.dat.$(GEOSITE_VER)
 define Download/geosite
   URL:=https://github.com/Loyalsoldier/v2ray-rules-dat/releases/download/$(GEOSITE_VER)/
   URL_FILE:=geosite.dat
   FILE:=$(GEOSITE_FILE)
-  HASH:=3f43687438bde815719ce0bcd9ed21c7fa807b69caa98ee1c7d6ed8954a8ff1a
+  HASH:=289d44df840ec6ea75e9276f6dc9a2ce0d0704f611ccce391a2321f92ab95ccb
 endef
 
 define Package/v2ray-geodata/template

v2ray-plugin/Makefile

@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=v2ray-plugin
-PKG_VERSION:=5.41.0
+PKG_VERSION:=5.37.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/teddysun/v2ray-plugin/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=75d83f24e60fb7e71e7774732f6ebcfbc00a1b3ae27f4702f75afb14055ce606
+PKG_HASH:=7796924dc2dbd1ec392953467b3ff432cdcd266bf8d1c61b5a693fdc9e9a9230
 
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=LICENSE

xray-core/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=Xray-core
-PKG_VERSION:=25.12.8
+PKG_VERSION:=25.8.29
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=d4519b2d9bb1871f4d7612aa7a8db1c451573b5a44ac824219bb44d63f404e61
+PKG_HASH:=609e56f62064101557cd8d29bd64c7354cadece9c04df645fb768789ab99932b
 
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=MPL-2.0