new: add tunnel service

2024-01-29 21:55:01 +01:00
parent 25d5b8a1c5
commit 5fa28220b4
28 changed files with 364 additions and 231 deletions
--- a/admin_service/service.go
+++ b/admin_service/service.go
@@ -0,0 +1,74 @@
+package admin_service
+
+import (
+	"log"
+
+	"github.com/hiddify/libcore/global"
+	"github.com/kardianos/service"
+)
+
+var logger service.Logger
+
+type hiddifyNext struct{}
+
+var port int = 18020
+
+func (m *hiddifyNext) Start(s service.Service) error {
+	go m.run()
+	return nil
+}
+func (m *hiddifyNext) Stop(s service.Service) error {
+	err := global.StopService()
+	if err != nil {
+		return err
+	}
+	// Stop should not block. Return with a few seconds.
+	// <-time.After(time.Second * 1)
+	return nil
+}
+func (m *hiddifyNext) run() {
+	StartWebServer(port, false)
+}
+
+func StartService(goArg string) {
+	svcConfig := &service.Config{
+		Name:        "Hiddify Tunnel Service",
+		DisplayName: "Hiddify Tunnel Service",
+		Description: "This is a bridge for tunnel",
+	}
+
+	prg := &hiddifyNext{}
+	s, err := service.New(prg, svcConfig)
+	if err != nil {
+		log.Fatal(err)
+	}
+	if len(goArg) > 0 {
+		if goArg == "uninstall" {
+			err = s.Stop()
+			if err != nil {
+				log.Fatal(err)
+			}
+		}
+		err = service.Control(s, goArg)
+		if err != nil {
+			log.Fatal(err)
+		}
+		if goArg == "install" {
+			err = s.Start()
+			if err != nil {
+				log.Fatal(err)
+			}
+		}
+
+		return
+	}
+
+	logger, err = s.Logger(nil)
+	if err != nil {
+		log.Fatal(err)
+	}
+	err = s.Run()
+	if err != nil {
+		logger.Error(err)
+	}
+}
--- a/admin_service/web.go
+++ b/admin_service/web.go
@@ -1,12 +1,13 @@
-package web
+package admin_service

 import (
 	"crypto/tls"
 	"fmt"
-	"github.com/hiddify/libcore/global"
-	"github.com/hiddify/libcore/utils"
 	"net/http"
 	"strconv"
+
+	"github.com/hiddify/libcore/global"
+	"github.com/hiddify/libcore/utils"
 )

 const (
@@ -16,65 +17,61 @@ const (
 	clientKeyPath  = "cert/client-key.pem"
 )

-func StartWebServer(Port int) {
+func StartWebServer(Port int, TLS bool) {
 	http.HandleFunc("/start", startHandler)
 	http.HandleFunc("/stop", StopHandler)
 	server := &http.Server{
 		Addr: "127.0.0.1:" + fmt.Sprintf("%d", Port),
-		TLSConfig: &tls.Config{
+	}
+	var err error
+	if TLS {
+		server.TLSConfig = &tls.Config{
 			MinVersion:   tls.VersionTLS12,
 			Certificates: []tls.Certificate{utils.LoadCertificate(serverCertPath, serverKeyPath)},
 			ClientAuth:   tls.RequireAndVerifyClientCert,
 			ClientCAs:    utils.LoadClientCA(clientCertPath),
-		},
+		}
+		err = server.ListenAndServeTLS(serverCertPath, serverKeyPath)
+	} else {
+		err = server.ListenAndServe()
 	}
-	err := server.ListenAndServeTLS(serverCertPath, serverKeyPath)
 	if err != nil {
 		panic("Error: " + err.Error())
 	}
 }
 func startHandler(w http.ResponseWriter, r *http.Request) {
 	queryParams := r.URL.Query()
-	Ipv6 := queryParams.Get("Ipv6")
-	ServerPort := queryParams.Get("ServerPort")
-	StrictRoute := queryParams.Get("StrictRoute")
-	EndpointIndependentNat := queryParams.Get("EndpointIndependentNat")
-	TheStack := queryParams.Get("Stack")
+	ipv6, err := strconv.ParseBool(queryParams.Get("Ipv6"))
+	if err != nil {
+		fmt.Printf("ipv6 Error: %v ==>using false\n", err)
+		ipv6 = false
+	}
+	serverPort, err := strconv.Atoi(queryParams.Get("ServerPort"))
+	if err != nil {
+		fmt.Printf("serverPort Error: %v ==>using 2334\n", err)
+		serverPort = 2334
+	}
+	strictRoute, err := strconv.ParseBool(queryParams.Get("StrictRoute"))
+	if err != nil {
+		fmt.Printf("strictRoute Error: %v ==>using false\n", err)
+		strictRoute = false
+	}
+	endpointIndependentNat, err := strconv.ParseBool(queryParams.Get("EndpointIndependentNat"))
+	if err != nil {
+		fmt.Printf("endpointIndependentNat Error: %v ==>using false\n", err)
+		endpointIndependentNat = false
+	}
+	theStack := GetStack(queryParams.Get("Stack"))

-	ipv6, err := strconv.ParseBool(Ipv6)
-	if err != nil {
-		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
-		return
-	}
-	serverPort, err := strconv.Atoi(ServerPort)
-	if err != nil {
-		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
-		return
-	}
-	strictRoute, err := strconv.ParseBool(StrictRoute)
-	if err != nil {
-		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
-		return
-	}
-	endpointIndependentNat, err := strconv.ParseBool(EndpointIndependentNat)
-	if err != nil {
-		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
-		return
-	}
-	theStack := GetStack(TheStack)
-	if theStack == "UNKNOWN" {
-		http.Error(w, fmt.Sprintf("Error: %s", "Stack is not valid"), http.StatusBadRequest)
-		return
-	}
-
-	parameters := global.Parameters{Ipv6: ipv6, ServerPort: serverPort, StrictRoute: strictRoute, EndpointIndependentNat: endpointIndependentNat, Stack: GetStack(TheStack)}
+	parameters := global.Parameters{Ipv6: ipv6, ServerPort: serverPort, StrictRoute: strictRoute, EndpointIndependentNat: endpointIndependentNat, Stack: theStack}

 	err = global.WriteParameters(parameters.Ipv6, parameters.ServerPort, parameters.StrictRoute, parameters.EndpointIndependentNat, GetStringFromStack(parameters.Stack))
 	if err != nil {
 		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
 		return
 	}
-	err = global.SetupC("./", "./work", "./tmp", false)
+	err = global.SetupC("./", "./", "./tmp", false)
+
 	if err != nil {
 		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
 		return
@@ -84,7 +81,7 @@ func startHandler(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, fmt.Sprintf("Error: %v", err), http.StatusBadRequest)
 		return
 	}
-
+	http.Error(w, fmt.Sprintf("Ok"), http.StatusOK)
 }
 func StopHandler(w http.ResponseWriter, r *http.Request) {
 	err := global.StopService()
@@ -94,17 +91,19 @@ func StopHandler(w http.ResponseWriter, r *http.Request) {
 	}
 }
 func GetStack(stack string) global.Stack {
+
 	switch stack {
 	case "system":
 		return global.System
-	case "gVisor":
+	case "gvisor":
 		return global.GVisor
 	case "mixed":
 		return global.Mixed
-	case "LWIP":
-		return global.LWIP
+	// case "LWIP":
+	// 	return global.LWIP
 	default:
-		return "UNKNOWN"
+		fmt.Printf("Stack Error: %s is not valid==> using GVisor\n", stack)
+		return global.GVisor
 	}
 }
 func GetStringFromStack(stack global.Stack) string {
@@ -112,11 +111,11 @@ func GetStringFromStack(stack global.Stack) string {
 	case global.System:
 		return "system"
 	case global.GVisor:
-		return "gVisor"
+		return "gvisor"
 	case global.Mixed:
 		return "mixed"
-	case global.LWIP:
-		return "LWIP"
+	// case global.LWIP:
+	// 	return "LWIP"
 	default:
 		return "UNKNOWN"
 	}
--- a/admin_service_cmd/admin_service.manifest
+++ b/admin_service_cmd/admin_service.manifest
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
+<!-- <assemblyIdentity
+    version="1.0.0.0"
+    processorArchitecture="*"
+    name="hiddify-service.exe"
+    type="win32"
+/> -->
+<description>Hiddify Tunnel Service</description>
+<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
+    <security>
+        <requestedPrivileges>
+            <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>
+        </requestedPrivileges>
+    </security>
+</trustInfo>
+</assembly>
--- a/admin_service_cmd/admin_service.syso
+++ b/admin_service_cmd/admin_service.syso
--- a/admin_service_cmd/main.go
+++ b/admin_service_cmd/main.go
@@ -0,0 +1,33 @@
+package main
+
+/*
+#cgo LDFLAGS: bin/libcore.dll
+#include <stdlib.h>
+#include <stdint.h>
+
+// Import the function from the DLL
+extern void AdminServiceStart(char *arg);
+
+*/
+import "C"
+import (
+	"os"
+)
+
+func main() {
+	args := os.Args
+	// Check if there is at least one command-line argument
+	if len(args) < 2 {
+		println("Usage: hiddify-service.exe empty/start/stop/uninstall/install")
+		// os.Exit(1)
+		args = append(args, "")
+	}
+	// fmt.Printf("os.Args: %+v", args)
+	os.Chdir(os.Args[0])
+	// Convert the Go string to a C string
+	arg := C.CString(args[1])
+	// defer C.free(unsafe.Pointer(arg))
+
+	// Call AdminServiceStart with the C string
+	C.AdminServiceStart(arg)
+}
--- a/build_windows.bat
+++ b/build_windows.bat
@@ -4,3 +4,7 @@ set GOARCH=amd64
 set CC=x86_64-w64-mingw32-gcc
 set CGO_ENABLED=1
 go build -trimpath -tags with_gvisor,with_quic,with_wireguard,with_ech,with_utls,with_clash_api,with_grpc -ldflags="-w -s" -buildmode=c-shared -o bin/libcore.dll ./custom
+
+rsrc -manifest admin_service_cmd\admin_service.manifest -ico ..\assets\images\tray_icon_connected.ico -o admin_service_cmd\admin_service.syso
+go build  -o bin/hiddify-service.exe ./admin_service_cmd
+@REM copy .\admin_service_cmd\admin_service.manifest bin\hiddify-service.exe.manifest
--- a/cmd/cmd_admin_service.go
+++ b/cmd/cmd_admin_service.go
@@ -0,0 +1,19 @@
+package main
+
+import (
+	"github.com/hiddify/libcore/admin_service"
+
+	"github.com/spf13/cobra"
+)
+
+var commandService = &cobra.Command{
+	Use:   "admin-service",
+	Short: "Sign box service start/stop/install/uninstall",
+	Args:  cobra.MaximumNArgs(1),
+	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) < 2 {
+			admin_service.StartService("")
+		}
+		admin_service.StartService(args[1])
+	},
+}
--- a/cmd/cmd_config.go
+++ b/cmd/cmd_config.go
@@ -75,7 +75,7 @@ func build(path string, optionsPath string) error {
 	}
 	if commandBuildOutputPath != "" {
 		outputPath, _ := filepath.Abs(filepath.Join(workingDir, commandBuildOutputPath))
-		err = os.WriteFile(outputPath, []byte(config), 0777)
+		err = os.WriteFile(outputPath, []byte(config), 0644)
 		if err != nil {
 			return err
 		}
--- a/cmd/cmd_gen_cert.go
+++ b/cmd/cmd_gen_cert.go
@@ -1,16 +1,17 @@
 package main

 import (
+	"os"
+
 	"github.com/hiddify/libcore/utils"
 	"github.com/spf13/cobra"
-	"os"
 )

 var commandGenerateCertification = &cobra.Command{
 	Use:   "gen-cert",
 	Short: "Generate certification for web server",
 	Run: func(cmd *cobra.Command, args []string) {
-		err := os.MkdirAll("cert", 600)
+		err := os.MkdirAll("cert", 0644)
 		if err != nil {
 			panic("Error: " + err.Error())
 		}
--- a/cmd/cmd_parse.go
+++ b/cmd/cmd_parse.go
@@ -39,7 +39,7 @@ func parse(path string) error {
 	}
 	if commandParseOutputPath != "" {
 		outputPath, _ := filepath.Abs(filepath.Join(workingDir, commandParseOutputPath))
-		err = os.WriteFile(outputPath, config, 0777)
+		err = os.WriteFile(outputPath, config, 0644)
 		if err != nil {
 			return err
 		}
--- a/cmd/cmd_run.go
+++ b/cmd/cmd_run.go
@@ -0,0 +1,53 @@
+package main
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/hiddify/libcore/config"
+	"github.com/hiddify/libcore/global"
+	"github.com/sagernet/sing-box/log"
+
+	"github.com/spf13/cobra"
+)
+
+var commandRunInputPath string
+
+var commandRun = &cobra.Command{
+	Use:   "run",
+	Short: "run",
+	Args:  cobra.ExactArgs(0),
+	Run: func(cmd *cobra.Command, args []string) {
+		err := runSingbox(commandRunInputPath)
+		if err != nil {
+			log.Fatal(err)
+		}
+	},
+}
+
+func init() {
+	commandRun.Flags().StringVarP(&commandRunInputPath, "config", "c", "", "read config")
+	mainCommand.AddCommand(commandRun)
+
+}
+
+func runSingbox(configPath string) error {
+	options, err := readConfigAt(configPath)
+	options.Log.Disabled = false
+	options.Log.Level = "trace"
+	options.Log.Output = ""
+	options.Log.DisableColor = false
+
+	err = global.SetupC("./", "./", "./tmp", false)
+	if err != nil {
+		return err
+	}
+	configStr, err := config.ToJson(*options)
+	if err != nil {
+		return err
+	}
+	go global.StartServiceC(false, configStr)
+	fmt.Printf("Waiting for 30 seconds\n")
+	<-time.After(time.Second * 30)
+	return err
+}
--- a/cmd/cmd_service.go
+++ b/cmd/cmd_service.go
@@ -1,10 +0,0 @@
-package main
-
-import (
-	"github.com/spf13/cobra"
-)
-
-var commandService = &cobra.Command{
-	Use:   "service",
-	Short: "Sign box service",
-}
--- a/cmd/cmd_service_install.go
+++ b/cmd/cmd_service_install.go
@@ -1,12 +0,0 @@
-package main
-
-import (
-	"github.com/hiddify/libcore/service"
-	"github.com/spf13/cobra"
-)
-
-var commandServiceInstall = &cobra.Command{
-	Use:   "install",
-	Short: "install the service",
-	Run:   service.InstallService,
-}
--- a/cmd/cmd_service_start.go
+++ b/cmd/cmd_service_start.go
@@ -1,12 +0,0 @@
-package main
-
-import (
-	"github.com/hiddify/libcore/service"
-	"github.com/spf13/cobra"
-)
-
-var commandServiceStart = &cobra.Command{
-	Use:   "start",
-	Short: "Start a sign box instance",
-	Run:   service.StartService,
-}
--- a/cmd/cmd_service_stop.go
+++ b/cmd/cmd_service_stop.go
@@ -1,12 +0,0 @@
-package main
-
-import (
-	"github.com/hiddify/libcore/service"
-	"github.com/spf13/cobra"
-)
-
-var commandServiceStop = &cobra.Command{
-	Use:   "stop",
-	Short: "stop sign box",
-	Run:   service.StopService,
-}
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -25,12 +25,6 @@ func init() {
 	mainCommand.AddCommand(commandService)
 	mainCommand.AddCommand(commandGenerateCertification)

-	commandService.AddCommand(commandServiceStart)
-	commandService.AddCommand(commandServiceStop)
-	commandService.AddCommand(commandServiceInstall)
-
-	commandServiceStart.Flags().Int("port", 8080, "Webserver port number")
-
 	mainCommand.PersistentFlags().StringVarP(&workingDir, "directory", "D", "", "set working directory")
 	mainCommand.PersistentFlags().BoolVarP(&disableColor, "disable-color", "", false, "disable color output")

@@ -49,7 +43,7 @@ func preRun(cmd *cobra.Command, args []string) {
 	if workingDir != "" {
 		_, err := os.Stat(workingDir)
 		if err != nil {
-			os.MkdirAll(workingDir, 0o777)
+			os.MkdirAll(workingDir, 0o0644)
 		}
 		if err := os.Chdir(workingDir); err != nil {
 			log.Fatal(err)
--- a/config/debug.go
+++ b/config/debug.go
@@ -12,15 +12,29 @@ import (
 )

 func SaveCurrentConfig(path string, options option.Options) error {
-	var buffer bytes.Buffer
-	json.NewEncoder(&buffer)
-	encoder := json.NewEncoder(&buffer)
-	encoder.SetIndent("", "  ")
-	err := encoder.Encode(options)
+	json, err := ToJson(options)
 	if err != nil {
 		return err
 	}
-	return os.WriteFile(filepath.Join(path, "current-config.json"), buffer.Bytes(), 0777)
+	p, err := filepath.Abs(filepath.Join(path, "current-config.json"))
+	fmt.Printf("Saving config to %v %+v\n", p, err)
+	if err != nil {
+		return err
+	}
+	return os.WriteFile(p, []byte(json), 0644)
+}
+
+func ToJson(options option.Options) (string, error) {
+	var buffer bytes.Buffer
+	encoder := json.NewEncoder(&buffer)
+	encoder.SetIndent("", "  ")
+	// fmt.Printf("%+v\n", options)
+	err := encoder.Encode(options)
+	if err != nil {
+		fmt.Printf("ERROR in coding:%+v\n", err)
+		return "", err
+	}
+	return buffer.String(), nil
 }

 func DeferPanicToError(name string, err func(error)) {
--- a/custom/command_admin_service.go
+++ b/custom/command_admin_service.go
@@ -0,0 +1,15 @@
+// Copyright 2015 Daniel Theophanes.
+// Use of this source code is governed by a zlib-style
+// license that can be found in the LICENSE file.
+
+// simple does nothing except block while running the service.
+package main
+
+import "C"
+import "github.com/hiddify/libcore/admin_service"
+
+//export AdminServiceStart
+func AdminServiceStart(arg *C.char) {
+	goArg := C.GoString(arg)
+	admin_service.StartService(goArg)
+}
--- a/custom/custom.go
+++ b/custom/custom.go
@@ -66,7 +66,7 @@ func parse(path *C.char, tempPath *C.char, debug bool) (CErr *C.char) {
 	if err != nil {
 		return C.CString(err.Error())
 	}
-	err = os.WriteFile(C.GoString(path), config, 0777)
+	err = os.WriteFile(C.GoString(path), config, 0644)
 	if err != nil {
 		return C.CString(err.Error())
 	}
--- a/custom/status.go
+++ b/custom/status.go
@@ -3,6 +3,7 @@ package main
 import "C"
 import (
 	"encoding/json"
+	"fmt"

 	"github.com/hiddify/libcore/bridge"
 )
@@ -26,7 +27,7 @@ func propagateStatus(newStatus string) {
 func stopAndAlert(alert string, err error) error {
 	status = Stopped
 	message := err.Error()
-
+	fmt.Printf("Error: %s: %v\n", alert, err)
 	msg, _ := json.Marshal(StatusMessage{Status: status, Alert: &alert, Message: &message})
 	bridge.SendStringToPort(statusPropagationPort, string(msg))
 	return nil
--- a/global/global.go
+++ b/global/global.go
@@ -4,16 +4,17 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/hiddify/libcore/config"
-	"github.com/sagernet/sing-box/experimental/libbox"
-	"github.com/sagernet/sing-box/log"
-	"github.com/sagernet/sing-box/option"
 	"io"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/hiddify/libcore/config"
+	"github.com/sagernet/sing-box/experimental/libbox"
+	"github.com/sagernet/sing-box/log"
+	"github.com/sagernet/sing-box/option"
 )

 var box *libbox.BoxService
@@ -47,7 +48,7 @@ func parse(path string, tempPath string, debug bool) error {
 	if err != nil {
 		return err
 	}
-	err = os.WriteFile(path, config, 0777)
+	err = os.WriteFile(path, config, 0644)
 	if err != nil {
 		return err
 	}
@@ -235,45 +236,48 @@ func urlTest(groupTag string) error {
 }

 func StartServiceC(delayStart bool, content string) error {
-	options, err := parseConfig(content)
-	if err != nil {
-		return stopAndAlert(EmptyConfiguration, err)
-	}
-	configOptions = &config.ConfigOptions{}
-	patchedOptions, err := config.BuildConfig(*configOptions, options)

-	options = *patchedOptions
+	options, err := parseConfig(content)
+	// if err != nil {
+	// 	return stopAndAlert(EmptyConfiguration, err)
+	// }
+	// configOptions = &config.ConfigOptions{}
+	// patchedOptions, err := config.BuildConfig(*configOptions, options)
+
+	// options = *patchedOptions

 	err = config.SaveCurrentConfig(sWorkingPath, options)
 	if err != nil {
+		fmt.Printf("Error in saving config: %v\n", err)
 		return err
 	}

-	err = startCommandServer(*logFactory)
-	if err != nil {
-		return stopAndAlert(StartCommandServer, err)
-	}
+	// err = startCommandServer(*logFactory)
+	// if err != nil {
+	// 	return stopAndAlert(StartCommandServer, err)
+	// }

 	instance, err := NewService(options)
-	if err != nil {
-		return stopAndAlert(CreateService, err)
-	}
+	// if err != nil {
+	// 	return stopAndAlert(CreateService, err)
+	// }

-	if delayStart {
-		time.Sleep(250 * time.Millisecond)
-	}
+	// if delayStart {
+	// 	time.Sleep(250 * time.Millisecond)
+	// }

 	err = instance.Start()
 	if err != nil {
-		return stopAndAlert(StartService, err)
+		// return stopAndAlert(StartService, err)
+		fmt.Printf("String Service Error: %v\n", err)
+		return err
 	}
-	box = instance
-	commandServer.SetService(box)
+	// box = instance
+	// commandServer.SetService(box)

-	propagateStatus(Started)
+	// propagateStatus(Started)
 	return nil
 }
-
 func StopService() error {
 	if status != Started {
 		return nil
@@ -301,15 +305,15 @@ func StopService() error {
 }

 func SetupC(baseDir string, workDir string, tempDir string, debug bool) error {
-	err := os.MkdirAll("./bin", 600)
+	err := os.MkdirAll(baseDir, 0644)
 	if err != nil {
 		return err
 	}
-	err = os.MkdirAll("./work", 600)
+	err = os.MkdirAll(workDir, 0644)
 	if err != nil {
 		return err
 	}
-	err = os.MkdirAll("./temp", 600)
+	err = os.MkdirAll(tempDir, 0644)
 	if err != nil {
 		return err
 	}
@@ -334,24 +338,49 @@ func SetupC(baseDir string, workDir string, tempDir string, debug bool) error {
 func MakeConfig(Ipv6 bool, ServerPort int, StrictRoute bool, EndpointIndependentNat bool, Stack string) string {
 	var ipv6 string
 	if Ipv6 {
-		ipv6 = "      \"inet6_address\": \"fdfe:dcba:9876::1/126\",\n"
+		ipv6 = `      "inet6_address": "fdfe:dcba:9876::1/126",`
 	} else {
 		ipv6 = ""
 	}
-	base := "{\n  \"inbounds\": [\n    {\n      \"type\": \"tun\",\n      \"tag\": \"tun-in\",\n      \"interface_name\": \"tun0\",\n      \"inet4_address\": \"172.19.0.1/30\",\n" + ipv6 + "      \"mtu\": 9000,\n      \"auto_route\": true,\n      \"strict_route\": " + fmt.Sprintf("%t", StrictRoute) + ",\n      \"endpoint_independent_nat\": " + fmt.Sprintf("%t", EndpointIndependentNat) + ",\n      \"stack\": \"" + Stack + "\"\n    }],\n  \"outbounds\": [\n    {\n      \"type\": \"socks\",\n      \"tag\": \"socks-out\",\n      \"server\": \"127.0.0.1\",\n      \"server_port\": " + fmt.Sprintf("%d", ServerPort) + ",\n      \"version\": \"5\"\n    }\n  ]\n}\n"
+	base := `{
+		"inbounds": [
+		  {
+			"type": "tun",
+			"tag": "tun-in",
+			"interface_name": "tun0",
+			"inet4_address": "172.19.0.1/30",
+			` + ipv6 + `
+			"mtu": 9000,
+			"auto_route": true,
+			"strict_route": ` + fmt.Sprintf("%t", StrictRoute) + `,
+			"endpoint_independent_nat": ` + fmt.Sprintf("%t", EndpointIndependentNat) + `,
+			"stack": "` + Stack + `"
+		  }
+		],
+		"outbounds": [
+		  {
+			"type": "socks",
+			"tag": "socks-out",
+			"server": "127.0.0.1",
+			"server_port": ` + fmt.Sprintf("%d", ServerPort) + `,
+			"version": "5"
+		  }
+		]
+	  }`
+
 	return base
 }

 func WriteParameters(Ipv6 bool, ServerPort int, StrictRoute bool, EndpointIndependentNat bool, Stack string) error {
 	parameters := fmt.Sprintf("%t,%d,%t,%t,%s", Ipv6, ServerPort, StrictRoute, EndpointIndependentNat, Stack)
-	err := os.WriteFile("bin/parameters.config", []byte(parameters), 600)
+	err := os.WriteFile("parameters.config", []byte(parameters), 0644)
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func ReadParameters() (bool, int, bool, bool, string, error) {
-	Data, err := os.ReadFile("bin/parameters.config")
+	Data, err := os.ReadFile("parameters.config")
 	if err != nil {
 		return false, 0, false, false, "", err
 	}
--- a/global/parameters.go
+++ b/global/parameters.go
@@ -4,9 +4,9 @@ type Stack string

 const (
 	System Stack = "system"
-	GVisor Stack = "gVisor"
+	GVisor Stack = "gvisor"
 	Mixed  Stack = "mixed"
-	LWIP   Stack = "LWIP"
+	// LWIP   Stack = "LWIP"
 )

 type Parameters struct {
--- a/go.mod
+++ b/go.mod
@@ -19,6 +19,7 @@ require (
 require (
 	berty.tech/go-libtor v1.0.385 // indirect
 	github.com/ajg/form v1.5.1 // indirect
+	github.com/akavel/rsrc v0.10.2 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/caddyserver/certmagic v0.20.0 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
--- a/go.sum
+++ b/go.sum
@@ -2,6 +2,8 @@ berty.tech/go-libtor v1.0.385 h1:RWK94C3hZj6Z2GdvePpHJLnWYobFr3bY/OdUJ5aoEXw=
 berty.tech/go-libtor v1.0.385/go.mod h1:9swOOQVb+kmvuAlsgWUK/4c52pm69AdbJsxLzk+fJEw=
 github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=
 github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
+github.com/akavel/rsrc v0.10.2 h1:Zxm8V5eI1hW4gGaYsJQUhxpjkENuG91ki8B4zCrvEsw=
+github.com/akavel/rsrc v0.10.2/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c=
 github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI=
 github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/caddyserver/certmagic v0.20.0 h1:bTw7LcEZAh9ucYCRXyCpIrSAGplplI0vGYJ4BpCQ/Fc=
--- a/mobile/mobile.go
+++ b/mobile/mobile.go
@@ -15,7 +15,7 @@ func Parse(path string, tempPath string, debug bool) error {
 	if err != nil {
 		return err
 	}
-	return os.WriteFile(path, config, 0777)
+	return os.WriteFile(path, config, 0644)
 }

 func BuildConfig(path string, configOptionsJson string) (string, error) {
--- a/service/service.go
+++ b/service/service.go
@@ -1,76 +0,0 @@
-package service
-
-import (
-	"github.com/hiddify/libcore/global"
-	"github.com/hiddify/libcore/web"
-	"github.com/kardianos/service"
-	"github.com/spf13/cobra"
-)
-
-type hiddifyNext struct{}
-
-var port int
-
-func (m *hiddifyNext) Start(s service.Service) error {
-	go m.run()
-	return nil
-}
-func (m *hiddifyNext) Stop(s service.Service) error {
-	err := global.StopService()
-	if err != nil {
-		return err
-	}
-	return nil
-}
-func (m *hiddifyNext) run() {
-	web.StartWebServer(port)
-}
-func StartService(cmd *cobra.Command, args []string) {
-	port, _ = cmd.Flags().GetInt("port")
-	svcConfig := &service.Config{
-		Name:        "hiddify_next_core",
-		DisplayName: "hiddify next core",
-		Description: "@hiddify_com set this",
-	}
-	prg := &hiddifyNext{}
-	svc, err := service.New(prg, svcConfig)
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-	err = svc.Run()
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-}
-func StopService(cmd *cobra.Command, args []string) {
-	svcConfig := &service.Config{
-		Name:        "hiddify_next_core",
-		DisplayName: "hiddify next core",
-		Description: "@hiddify_com set this",
-	}
-	prg := &hiddifyNext{}
-	svc, err := service.New(prg, svcConfig)
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-	err = svc.Stop()
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-}
-func InstallService(cmd *cobra.Command, args []string) {
-	svcConfig := &service.Config{
-		Name:        "hiddify_next_core",
-		DisplayName: "hiddify next core",
-		Description: "@hiddify_com set this",
-	}
-	prg := &hiddifyNext{}
-	svc, err := service.New(prg, svcConfig)
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-	err = svc.Install()
-	if err != nil {
-		panic("Error: " + err.Error())
-	}
-}
--- a/utils/certificate_li.go
+++ b/utils/certificate_li.go
@@ -56,7 +56,7 @@ func GenerateCertificate(certPath, keyPath string, isServer bool) {
 		panic(err)
 	}
 	defer certFile.Close()
-	certFile.Chmod(600)
+	certFile.Chmod(0644)
 	pem.Encode(certFile, &pem.Block{Type: "CERTIFICATE", Bytes: certDER})

 	keyFile, err := os.Create(keyPath)
@@ -68,7 +68,7 @@ func GenerateCertificate(certPath, keyPath string, isServer bool) {
 	if err != nil {
 		panic(err)
 	}
-	keyFile.Chmod(600)
+	keyFile.Chmod(0644)
 	pem.Encode(keyFile, &pem.Block{Type: "EC PRIVATE KEY", Bytes: privBytes})
 }

--- a/utils/certificate_wi.go
+++ b/utils/certificate_wi.go
@@ -10,7 +10,6 @@ import (
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"encoding/pem"
-	"github.com/hectane/go-acl"
 	"io/ioutil"
 	"math/big"
 	"os"
@@ -57,7 +56,7 @@ func GenerateCertificate(certPath, keyPath string, isServer bool) {
 		panic(err)
 	}
 	defer certFile.Close()
-	acl.Chmod(certFile.Name(), 600)
+	// acl.Chmod(certFile.Name(), 0644)
 	pem.Encode(certFile, &pem.Block{Type: "CERTIFICATE", Bytes: certDER})

 	keyFile, err := os.Create(keyPath)
@@ -69,7 +68,7 @@ func GenerateCertificate(certPath, keyPath string, isServer bool) {
 	if err != nil {
 		panic(err)
 	}
-	acl.Chmod(keyFile.Name(), 600)
+	// acl.Chmod(keyFile.Name(), 0644)
 	pem.Encode(keyFile, &pem.Block{Type: "EC PRIVATE KEY", Bytes: privBytes})
 }