#!/bin/bash # ==================================================== # Tailscale 流量监控 - 最终修复版 (解决网卡识别错误) # ==================================================== if [ "$EUID" -ne 0 ]; then echo "错误:请使用 root 权限运行此脚本。" exit 1 fi MONITOR_SCRIPT="/root/tailscale_monitor.sh" SERVICE_FILE="/etc/systemd/system/ts-monitor.service" install_service() { echo "--- 正在清理旧规则并重新部署 ---" # 1. 检测真实网卡 (排查 tailscale0 和 1 这种错误干扰) INTERFACES=$(ip -o link show | awk -F': ' '{print $2}' | grep -vE "lo|tailscale|docker|veth|br-") echo "检测到可用物理网卡: $INTERFACES" read -p "请输入物理网卡名 (通常是 eth0): " SELECTED_IFACE SELECTED_IFACE=${SELECTED_IFACE:-$(echo $INTERFACES | awk '{print $1}')} read -p "请输入 Bark Key: " BARK_KEY [ -z "$BARK_KEY" ] && return 1 # 2. 清理所有旧的 ts-exit-traffic 规则,防止规则堆叠 iptables -L FORWARD --line-numbers | grep "ts-exit-traffic" | awk '{print $1}' | xargs -r -n1 iptables -D FORWARD 2>/dev/null # 3. 插入正确的规则 (注意:这里严格控制空格和参数) iptables -I FORWARD 1 -i tailscale0 -o "$SELECTED_IFACE" -m comment --comment "ts-exit-traffic" -j ACCEPT # 确保 NAT 开启 iptables -t nat -A POSTROUTING -o "$SELECTED_IFACE" -j MASQUERADE 2>/dev/null || true iptables-save > /etc/iptables/rules.v4 # 4. 生成监控脚本 cat << 'EOF' > "$MONITOR_SCRIPT" #!/bin/bash BARK_KEY="REPLACE_WITH_KEY" BARK_TITLE="Tailscale流量报告" JITTER_THRESHOLD=204800 # 200KB IDLE_LIMIT=12 # 2分钟 CHECK_INTERVAL=10 MIN_REPORT_BYTES=1048576 # 1MB STATE=0 IDLE_COUNT=0 SESSION_START_BYTES=0 get_bytes() { # 修复获取逻辑:直接取总字节数 VAL=$(/usr/sbin/iptables -L FORWARD -n -v -x | grep "ts-exit-traffic" | awk '{print $2}') echo "${VAL:-0}" } LAST_BYTES=$(get_bytes) echo "监控已启动。当前基准流量: $LAST_BYTES bytes" while true; do CURRENT_TOTAL=$(get_bytes) # 处理计数器重置情况 if [ "$CURRENT_TOTAL" -lt "$LAST_BYTES" ]; then LAST_BYTES=$CURRENT_TOTAL fi GROWTH=$((CURRENT_TOTAL - LAST_BYTES)) # --- 调试日志:只要有流量,就在 journalctl 里闪一下 --- if [ "$GROWTH" -gt 1024 ]; then echo "$(date '+%H:%M:%S') - [流量探测] 当前波动: $((GROWTH/1024)) KB" fi if [ "$GROWTH" -gt "$JITTER_THRESHOLD" ]; then if [ "$STATE" -eq 0 ]; then STATE=1 SESSION_START_BYTES=$LAST_BYTES echo "$(date '+%Y-%m-%d %H:%M:%S') - [会话激活] 有效流量进入..." fi IDLE_COUNT=0 else if [ "$STATE" -eq 1 ]; then ((IDLE_COUNT++)) if [ "$IDLE_COUNT" -ge "$IDLE_LIMIT" ]; then DIFF_BYTES=$((CURRENT_TOTAL - SESSION_START_BYTES)) if [ "$DIFF_BYTES" -ge "$MIN_REPORT_BYTES" ]; then VALUE=$(echo "scale=2; $DIFF_BYTES / 1024 / 1024" | bc | sed 's/^\./0./') curl -s -X POST "https://api.day.app/push" -d "title=$BARK_TITLE&body=本次消耗: ${VALUE}MB&device_key=$BARK_KEY&group=Tailscale" echo "$(date '+%Y-%m-%d %H:%M:%S') - [通知发送] 消耗: $VALUE MB" else echo "$(date '+%Y-%m-%d %H:%M:%S') - [结算忽略] 累计 $((DIFF_BYTES/1024)) KB,未达1MB" fi STATE=0 IDLE_COUNT=0 fi fi fi LAST_BYTES=$CURRENT_TOTAL sleep $CHECK_INTERVAL done EOF sed -i "s/REPLACE_WITH_KEY/$BARK_KEY/" "$MONITOR_SCRIPT" chmod +x "$MONITOR_SCRIPT" # 5. 重启服务 cat << EOF > "$SERVICE_FILE" [Unit] Description=Tailscale Monitor Fix After=network.target [Service] ExecStart=/bin/bash $MONITOR_SCRIPT Restart=always User=root [Install] WantedBy=multi-user.target EOF systemctl daemon-reload && systemctl enable ts-monitor && systemctl restart ts-monitor echo "✅ 修复版部署完成!" echo "请执行:journalctl -u ts-monitor -f 查看实时波动。" } # 简单菜单 echo "1. 安装/修复监控" echo "2. 查看日志" echo "3. 卸载" read -p "选择: " c case $c in 1) install_service ;; 2) journalctl -u ts-monitor -f ;; 3) systemctl stop ts-monitor && rm -f "$SERVICE_FILE" "$MONITOR_SCRIPT" && echo "已卸载" ;; esac