private/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update 2025-08-22 09:19:55

Browse Source
This commit is contained in:
actions-user 2025-08-22 09:19:55 +08:00
parent 75e46eea09
commit 32f4bb1b24
17 changed files with 149 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
chinadns-ng/Makefile
View File

@ -1,50 +1,50 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=chinadns-ng
PKG_VERSION:=2025.06.20
PKG_VERSION:=2025.08.09
PKG_RELEASE:=1
ifeq ($(ARCH),aarch64)
ifeq ($(BOARD),rockchip)
PKG_ARCH:=chinadns-ng+wolfssl@aarch64-linux-musl@generic+v8a@fast+lto
PKG_HASH:=224494b4505ac8dd347a70b298b853b677c0e247887d6edcf46b08bb153de017
PKG_HASH:=3fe0217615dd7060b7287d2b6b31d2a0b364137398bfb335a03bead322eac716
else
PKG_ARCH:=chinadns-ng+wolfssl_noasm@aarch64-linux-musl@generic+v8a@fast+lto
PKG_HASH:=7639fae8e77ea36e377352179acb19e2fdf9010c2c373a9e02f03f637e99140c
PKG_HASH:=42ddd494200ec6d88b35902927688d316bc23e06e6c08d9e01eb2412196ab845
endif
else ifeq ($(ARCH),arm)
ifeq ($(CONFIG_arm_v6),y)
PKG_ARCH:=chinadns-ng+wolfssl@arm-linux-musleabi@generic+v6+soft_float@fast+lto
PKG_HASH:=00fe09cf6309377a4bc90f3a5b909c5266c63181cc268912b4e32f92f58ec6cd
PKG_HASH:=0a401d1dc11129481b2baf86f847d55d66bd7e725cba4bf57875fdad27ef0052
else ifeq ($(CONFIG_arm_v7),y)
ifeq ($(CONFIG_HAS_FPU),y)
PKG_ARCH:=chinadns-ng+wolfssl@arm-linux-musleabihf@generic+v7a@fast+lto
PKG_HASH:=1acd9129d7efd99bf9952ac6dd932e10108fb27a2a059f03e80bf520300b3741
PKG_HASH:=dfa1f6ba80fb0925613822f4c4e00df8da68e7b8b772048d26a0d1a9d07d346b
else
PKG_ARCH:=chinadns-ng+wolfssl@arm-linux-musleabi@generic+v6+soft_float@fast+lto
PKG_HASH:=00fe09cf6309377a4bc90f3a5b909c5266c63181cc268912b4e32f92f58ec6cd
PKG_HASH:=0a401d1dc11129481b2baf86f847d55d66bd7e725cba4bf57875fdad27ef0052
endif
else
PKG_ARCH:=chinadns-ng+wolfssl@arm-linux-musleabi@generic+v5te+soft_float@fast+lto
PKG_HASH:=01b5209a662824bd1c7586dccd95c9999e703cbb4704c623211e09c98becdce4
PKG_HASH:=dc104953fcd95c1c98b7b2b54b0b6731565e0650f81230e6de127a486803f42f
endif
else ifeq ($(ARCH),mips)
PKG_ARCH:=chinadns-ng+wolfssl@mips-linux-musl@mips32+soft_float@fast+lto
PKG_HASH:=fa468c04e58b47d7f6bb893ed6bdc41f9929d5a2e500c768e82e0f4a459b047c
PKG_HASH:=b610821a8f61b0ed3c8c7e82e10d401348a9de17f900988589024a37c4099c8e
else ifeq ($(ARCH),mipsel)
ifeq ($(CONFIG_HAS_FPU),)
PKG_ARCH:=chinadns-ng+wolfssl@mipsel-linux-musl@mips32+soft_float@fast+lto
PKG_HASH:=294917a5009a315cf5ad04cdda8f66714c60c928e2186a6846323e04aa4a798f
PKG_HASH:=760544a88724e3b1b9eac79c9400231e81aa8786f8f00a979229e175811ffe6d
else
PKG_ARCH:=chinadns-ng+wolfssl@mipsel-linux-musl@mips32@fast+lto
PKG_HASH:=23c40248c3aa301a26c37cdb66e2141d2d73d4f0c5c03c066324263510d959ac
PKG_HASH:=ec547c31a884e0967437ceb90a5c270864efe81b0e40939e0ec2810c7bfd6653
endif
else ifeq ($(ARCH),mips64)
PKG_ARCH:=chinadns-ng+wolfssl@mips64-linux-musl@mips64+soft_float@fast+lto
PKG_HASH:=f65bf9e495384afaf8aadd35395a2b9cdb2eedecb2602a0c522039dc4707350d
PKG_HASH:=2d0fce18a7ef1d74fdc12738767e66998a52c2b30d8790da760933853fe8726e
else ifeq ($(ARCH),mips64el)
PKG_ARCH:=chinadns-ng+wolfssl@mips64el-linux-musl@mips64+soft_float@fast+lto
PKG_HASH:=44bd1a96d5a0ce02b8c5c5d941339958af2bf2d1c5e5d90ed87214ac0d900543
PKG_HASH:=a301d8d200d06582c60bbe0e487a28f5b41e6f0997a548cf882a7b078dab089c
else ifeq ($(ARCH),i386)
ifneq ($(CONFIG_TARGET_x86_geode)$(CONFIG_TARGET_x86_legacy),)
PKG_ARCH:=chinadns-ng+wolfssl@i386-linux-musl@i686@fast+lto

9
luci-app-nikki/htdocs/luci-static/resources/tools/nikki.js
View File

@ -107,6 +107,9 @@ return baseclass.extend({
const profile = await callNikkiProfile({ 'external-controller': null, 'secret': null });
const apiListen = profile['external-controller'];
const apiSecret = profile['secret'] ?? '';
if (!apiListen) {
return Promise.reject('API has not been configured');
}
const apiPort = apiListen.substring(apiListen.lastIndexOf(':') + 1);
const url = `http://${window.location.hostname}:${apiPort}${path}`;
return request.request(url, {
@ -114,7 +117,7 @@ return baseclass.extend({
headers: { 'Authorization': `Bearer ${apiSecret}` },
query: query,
content: body
})
});
},
openDashboard: async function () {
@ -122,6 +125,9 @@ return baseclass.extend({
const uiName = profile['external-ui-name'];
const apiListen = profile['external-controller'];
const apiSecret = profile['secret'] ?? '';
if (!apiListen) {
return Promise.reject('API has not been configured');
}
const apiPort = apiListen.substring(apiListen.lastIndexOf(':') + 1);
const params = {
host: window.location.hostname,
@ -137,6 +143,7 @@ return baseclass.extend({
url = `http://${window.location.hostname}:${apiPort}/ui/?${query}`;
}
setTimeout(function () { window.open(url, '_blank') }, 0);
return Promise.resolve();
},
updateDashboard: function () {

6
luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua
View File

@ -203,11 +203,11 @@ o:value("direct", translate("Direct Connection"))
o:value("proxy", translate("Proxy"))
o = s:option(Value, "user_agent", translate("User-Agent"))
o.default = "v2rayN/9.99"
o.default = "passwall"
o:value("passwall", "PassWall")
o:value("v2rayN/9.99", "v2rayN")
o:value("curl", "Curl")
o:value("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0", "Edge for Linux")
o:value("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0", "Edge for Windows")
o:value("Passwall/OpenWrt", "PassWall")
o:value("v2rayN/9.99", "v2rayN")
return m

8
luci-app-passwall/luasrc/model/cbi/passwall/client/type/hysteria2.lua
View File

@ -30,6 +30,11 @@ o = s:option(Value, _n("hop"), translate("Port hopping range"))
o.description = translate("Format as 1000:2000 or 1000-2000 Multiple groups are separated by commas (,).")
o.rewrite_option = o.option
o = s:option(Value, _n("hop_interval"), translate("Hop Interval"), translate("Example:") .. "30s (≥5s)")
o.placeholder = "30s"
o.default = "30s"
o.rewrite_option = o.option
o = s:option(Value, _n("obfs"), translate("Obfs Password"))
o.rewrite_option = o.option
@ -54,9 +59,6 @@ o.rewrite_option = o.option
o = s:option(Value, _n("down_mbps"), translate("Max download Mbps"))
o.rewrite_option = o.option
o = s:option(Value, _n("hop_interval"), translate("Hop Interval"), translate("Example:") .. "30s (≥5s)")
o.rewrite_option = o.option
o = s:option(Value, _n("recv_window"), translate("QUIC stream receive window"))
o.rewrite_option = o.option

13
luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua
View File

@ -58,7 +58,8 @@ for k, e in ipairs(api.get_valid_nodes()) do
nodes_table[#nodes_table + 1] = {
id = e[".name"],
remark = e["remark"],
type = e["type"]
type = e["type"],
chain_proxy = e["chain_proxy"]
}
end
if e.protocol == "_balancing" then
@ -331,6 +332,7 @@ o.default = ""
o:value("", translate("Disable"))
o:value("xtls-rprx-vision")
o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "raw" })
o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true, [_n("transport")] = "raw" })
o = s:option(Flag, _n("tls"), translate("TLS"))
o.default = 0
@ -386,6 +388,13 @@ o.validate = function(self, value)
return api.trim(value:gsub("[\r\n]", ""))
end
o = s:option(ListValue, _n("ech_ForceQuery"), translate("ECH Query Policy"), translate("Controls the policy used when performing DNS queries for ECH configuration."))
o.default = "none"
o:value("none")
o:value("half")
o:value("full")
o:depends({ [_n("ech")] = true })
-- [[ REALITY部分 ]] --
o = s:option(Value, _n("reality_publicKey"), translate("Public Key"))
o:depends({ [_n("tls")] = true, [_n("reality")] = true })
@ -688,7 +697,7 @@ o = s:option(ListValue, _n("to_node"), translate("Landing Node"), translate("Onl
o:depends({ [_n("chain_proxy")] = "2" })
for k, v in pairs(nodes_table) do
if v.type == "Xray" and v.id ~= arg[1] then
if v.type == "Xray" and v.id ~= arg[1] and (not v.chain_proxy or v.chain_proxy == "") then
s.fields[_n("preproxy_node")]:value(v.id, v.remark)
s.fields[_n("to_node")]:value(v.id, v.remark)
end

40
luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua
View File

@ -75,7 +75,8 @@ for k, e in ipairs(api.get_valid_nodes()) do
nodes_table[#nodes_table + 1] = {
id = e[".name"],
remark = e["remark"],
type = e["type"]
type = e["type"],
chain_proxy = e["chain_proxy"]
}
end
if e.protocol == "_iface" then
@ -296,12 +297,18 @@ o.default = ""
o:value("", translate("Disable"))
o:value("xtls-rprx-vision")
o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true })
if singbox_tags:find("with_quic") then
o = s:option(Value, _n("hysteria_hop"), translate("Port hopping range"))
o.description = translate("Format as 1000:2000 or 1000-2000 Multiple groups are separated by commas (,).")
o:depends({ [_n("protocol")] = "hysteria" })
o = s:option(Value, _n("hysteria_hop_interval"), translate("Hop Interval"), translate("Example:") .. "30s (≥5s)")
o.placeholder = "30s"
o.default = "30s"
o:depends({ [_n("protocol")] = "hysteria" })
o = s:option(Value, _n("hysteria_obfs"), translate("Obfs Password"))
o:depends({ [_n("protocol")] = "hysteria" })
@ -382,6 +389,11 @@ if singbox_tags:find("with_quic") then
o.description = translate("Format as 1000:2000 or 1000-2000 Multiple groups are separated by commas (,).")
o:depends({ [_n("protocol")] = "hysteria2" })
o = s:option(Value, _n("hysteria2_hop_interval"), translate("Hop Interval"), translate("Example:") .. "30s (≥5s)")
o.placeholder = "30s"
o.default = "30s"
o:depends({ [_n("protocol")] = "hysteria2" })
o = s:option(Value, _n("hysteria2_up_mbps"), translate("Max upload Mbps"))
o:depends({ [_n("protocol")] = "hysteria2" })
@ -475,30 +487,30 @@ if singbox_tags:find("with_utls") then
o:value("firefox")
o:value("edge")
o:value("safari")
-- o:value("360")
o:value("360")
o:value("qq")
o:value("ios")
-- o:value("android")
o:value("android")
o:value("random")
-- o:value("randomized")
o:value("randomized")
o.default = "chrome"
o:depends({ [_n("tls")] = true, [_n("utls")] = true })
o:depends({ [_n("utls")] = true })
-- [[ REALITY部分 ]] --
o = s:option(Flag, _n("reality"), translate("REALITY"))
o.default = 0
o:depends({ [_n("protocol")] = "vless", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "vmess", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "shadowsocks", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "socks", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "trojan", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "anytls", [_n("utls")] = true })
o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "vmess", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "shadowsocks", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "socks", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true })
o:depends({ [_n("protocol")] = "anytls", [_n("tls")] = true })
o = s:option(Value, _n("reality_publicKey"), translate("Public Key"))
o:depends({ [_n("utls")] = true, [_n("reality")] = true })
o:depends({ [_n("reality")] = true })
o = s:option(Value, _n("reality_shortId"), translate("Short Id"))
o:depends({ [_n("utls")] = true, [_n("reality")] = true })
o:depends({ [_n("reality")] = true })
end
o = s:option(ListValue, _n("transport"), translate("Transport"))
@ -742,7 +754,7 @@ o = s:option(ListValue, _n("to_node"), translate("Landing Node"), translate("Onl
o:depends({ [_n("chain_proxy")] = "2" })
for k, v in pairs(nodes_table) do
if v.type == "sing-box" and v.id ~= arg[1] then
if v.type == "sing-box" and v.id ~= arg[1] and (not v.chain_proxy or v.chain_proxy == "") then
s.fields[_n("preproxy_node")]:value(v.id, v.remark)
s.fields[_n("to_node")]:value(v.id, v.remark)
end

12
luci-app-passwall/luasrc/passwall/util_sing-box.lua
View File

@ -366,7 +366,11 @@ function gen_outbound(flag, node, tag, proxy_table)
end
protocol_table = {
server_ports = next(server_ports) and server_ports or nil,
hop_interval = next(server_ports) and "30s" or nil,
hop_interval = (function()
if not next(server_ports) then return nil end
local v = tonumber((node.hysteria_hop_interval or "30s"):match("^%d+"))
return (v and v >= 5) and (v .. "s") or "30s"
end)(),
up_mbps = tonumber(node.hysteria_up_mbps),
down_mbps = tonumber(node.hysteria_down_mbps),
obfs = node.hysteria_obfs,
@ -438,7 +442,11 @@ function gen_outbound(flag, node, tag, proxy_table)
end
protocol_table = {
server_ports = next(server_ports) and server_ports or nil,
hop_interval = next(server_ports) and "30s" or nil,
hop_interval = (function()
if not next(server_ports) then return nil end
local v = tonumber((node.hysteria2_hop_interval or "30s"):match("^%d+"))
return (v and v >= 5) and (v .. "s") or "30s"
end)(),
up_mbps = (node.hysteria2_up_mbps and tonumber(node.hysteria2_up_mbps)) and tonumber(node.hysteria2_up_mbps) or nil,
down_mbps = (node.hysteria2_down_mbps and tonumber(node.hysteria2_down_mbps)) and tonumber(node.hysteria2_down_mbps) or nil,
obfs = {

3
luci-app-passwall/luasrc/passwall/util_xray.lua
View File

@ -158,7 +158,8 @@ function gen_outbound(flag, node, tag, proxy_table)
serverName = node.tls_serverName,
allowInsecure = (node.tls_allowInsecure == "1") and true or false,
fingerprint = (node.type == "Xray" and node.utls == "1" and node.fingerprint and node.fingerprint ~= "") and node.fingerprint or nil,
echConfigList = (node.ech == "1") and node.ech_config or nil
echConfigList = (node.ech == "1") and node.ech_config or nil,
echForceQuery = (node.ech == "1") and (node.ech_ForceQuery or "none") or nil
} or nil,
realitySettings = (node.stream_security == "reality") and {
serverName = node.tls_serverName,

24
luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm
View File

@ -288,10 +288,6 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
params += opt.query("spx", dom_prefix + "reality_spiderX");
params += opt.query("pqv", dom_prefix + "reality_mldsa65Verify");
}
if (opt.get(dom_prefix + "flow") && opt.get(dom_prefix + "flow").value) {
let v_flow = opt.get(dom_prefix + "flow").value;
params += "&flow=" + v_flow;
}
params += "&security=" + v_security;
params += opt.query("alpn", dom_prefix + "alpn");
params += opt.query("sni", dom_prefix + "tls_serverName");
@ -964,11 +960,10 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "tls") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', false);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
opt.set(dom_prefix + 'tls_allowInsecure', true);
if (queryParam.allowinsecure === '0' || queryParam.insecure === '0') {
if ((queryParam.allowinsecure ?? '0') === '0' && (queryParam.insecure ?? '0') === '0') {
opt.set(dom_prefix + 'tls_allowInsecure', false);
}
if (queryParam.fp && queryParam.fp.trim() != "") {
@ -982,7 +977,6 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "reality") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', true);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
if (queryParam.fp && queryParam.fp.trim() != "") {
@ -1211,9 +1205,11 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
}
tls_serverName = tls_serverName || "";
opt.set(dom_prefix + 'tls_serverName', tls_serverName);
opt.set(dom_prefix + 'flow', (queryParam.flow || '').replace('-udp443', ''));
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
}
opt.set(dom_prefix + 'tls_allowInsecure', true);
if (queryParam.allowinsecure === '0' || queryParam.insecure === '0') {
if ((queryParam.allowinsecure ?? '0') === '0' && (queryParam.insecure ?? '0') === '0') {
opt.set(dom_prefix + 'tls_allowInsecure', false);
}
@ -1347,11 +1343,11 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "tls") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', false);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'flow', (queryParam.flow || '').replace('-udp443', ''));
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
opt.set(dom_prefix + 'tls_allowInsecure', true);
if (queryParam.allowinsecure === '0' || queryParam.insecure === '0') {
if ((queryParam.allowinsecure ?? '0') === '0' && (queryParam.insecure ?? '0') === '0') {
opt.set(dom_prefix + 'tls_allowInsecure', false);
}
if (queryParam.fp && queryParam.fp.trim() != "") {
@ -1365,7 +1361,7 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "reality") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', true);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'flow', (queryParam.flow || '').replace('-udp443', ''));
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
if (queryParam.fp && queryParam.fp.trim() != "") {
@ -1547,7 +1543,7 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
opt.set(dom_prefix + 'tuic_alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
opt.set(dom_prefix + 'tls_allowInsecure', true);
if (queryParam.allowinsecure === '0' || queryParam.insecure === '0') {
if ((queryParam.allowinsecure ?? '0') === '0' && (queryParam.insecure ?? '0') === '0') {
opt.set(dom_prefix + 'tls_allowInsecure', false);
}
if (hash) {
@ -1587,11 +1583,10 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "tls") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', false);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
opt.set(dom_prefix + 'tls_allowInsecure', true);
if (queryParam.allowinsecure === '0' || queryParam.insecure === '0') {
if ((queryParam.allowinsecure ?? '0') === '0' && (queryParam.insecure ?? '0') === '0') {
opt.set(dom_prefix + 'tls_allowInsecure', false);
}
if (queryParam.fp && queryParam.fp.trim() != "") {
@ -1602,7 +1597,6 @@ local hysteria2_type = map:get("@global_subscribe[0]", "hysteria2_type") or "sin
if (queryParam.security == "reality") {
opt.set(dom_prefix + 'tls', true);
opt.set(dom_prefix + 'reality', true);
opt.set(dom_prefix + 'flow', queryParam.flow || '');
opt.set(dom_prefix + 'alpn', queryParam.alpn || 'default');
opt.set(dom_prefix + 'tls_serverName', queryParam.sni || '');
if (queryParam.fp && queryParam.fp.trim() != "") {

6
luci-app-passwall/po/zh-cn/passwall.po
View File

@ -1726,6 +1726,12 @@ msgstr "ECH 配置"
msgid "ECH Key"
msgstr "ECH 密钥"
msgid "ECH Query Policy"
msgstr "ECH 查询策略"
msgid "Controls the policy used when performing DNS queries for ECH configuration."
msgstr "控制使用 DNS 查询 ECH 配置时的策略。"
msgid "Enable Multipath TCP, need to be enabled in both server and client configuration."
msgstr "启用 Multipath TCP需在服务端和客户端配置中同时启用。"

24
luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -389,6 +389,15 @@ eval_cache_var() {
[ -s "$TMP_PATH/var" ] && eval $(cat "$TMP_PATH/var")
}
has_1_65535() {
local val="$1"
val=${val//:/-}
case ",$val," in
*,1-65535,*) return 0 ;;
*) return 1 ;;
esac
}
run_ipt2socks() {
local flag proto tcp_tproxy local_port socks_address socks_port socks_username socks_password log_file
local _extra_param=""
@ -1798,11 +1807,10 @@ acl_app() {
dnsmasq_port=${GLOBAL_DNSMASQ_PORT:-11400}
chinadns_port=11500
for item in $items; do
sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
local sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
[ "$(config_n_get $sid enabled)" = "1" ] || continue
eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
[ "$enabled" = "1" ] || continue
if [ -n "${sources}" ]; then
for s in $sources; do
local s2
@ -1837,7 +1845,7 @@ acl_app() {
}
tcp_no_redir_ports=${tcp_no_redir_ports:-${TCP_NO_REDIR_PORTS}}
udp_no_redir_ports=${udp_no_redir_ports:-${UDP_NO_REDIR_PORTS}}
if [ "$tcp_no_redir_ports" == "1:65535" ] && [ "$udp_no_redir_ports" == "1:65535" ]; then
if has_1_65535 "$tcp_no_redir_ports" && has_1_65535 "$udp_no_redir_ports"; then
unset use_global_config
unset tcp_node
unset udp_node
@ -2015,7 +2023,7 @@ acl_app() {
run_dns ${_dns_port}
fi
set_cache_var "ACL_${sid}_tcp_node" "${tcp_node}"
set_cache_var "ACL_${sid}_tcp_redir_port" "${redir_port}"
set_cache_var "ACL_${sid}_tcp_redir_port" "${tcp_port}"
fi
}
fi
@ -2031,9 +2039,9 @@ acl_app() {
else
echolog " - 全局节点未启用,跳过【${remarks}"
fi
elif [ "$udp_node" = "tcp" ]; then
elif [ "$udp_node" = "tcp" ] || [ "$udp_node" = "$tcp_node" ]; then
udp_node=$(get_cache_var "ACL_${sid}_tcp_node")
udp_port=$(get_cache_var "ACL_${sid}_tcp_port")
udp_port=$(get_cache_var "ACL_${sid}_tcp_redir_port")
set_cache_var "ACL_${sid}_udp_node" "${udp_node}"
set_cache_var "ACL_${sid}_udp_redir_port" "${udp_port}"
else
@ -2070,7 +2078,7 @@ acl_app() {
fi
fi
set_cache_var "ACL_${sid}_udp_node" "${udp_node}"
set_cache_var "ACL_${sid}_udp_redir_port" "${redir_port}"
set_cache_var "ACL_${sid}_udp_redir_port" "${udp_port}"
fi
}
fi

12
luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -341,7 +341,7 @@ load_acl() {
[ -n "${is_tproxy}" ] && ipt_tmp=$ipt_m
[ "$tcp_no_redir_ports" != "disable" ] && {
if [ "$tcp_no_redir_ports" != "1:65535" ]; then
if ! has_1_65535 "$tcp_no_redir_ports"; then
[ "$_ipv4" != "1" ] && add_port_rules "$ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p tcp" $tcp_no_redir_ports "-j RETURN" 2>/dev/null
add_port_rules "$ipt_tmp -A PSW $(comment "$remarks") ${_ipt_source} -p tcp" $tcp_no_redir_ports "-j RETURN"
echolog " - ${msg}不代理 TCP 端口[${tcp_no_redir_ports}]"
@ -353,7 +353,7 @@ load_acl() {
}
[ "$udp_no_redir_ports" != "disable" ] && {
if [ "$udp_no_redir_ports" != "1:65535" ]; then
if ! has_1_65535 "$udp_no_redir_ports"; then
[ "$_ipv4" != "1" ] && add_port_rules "$ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp" $udp_no_redir_ports "-j RETURN" 2>/dev/null
add_port_rules "$ipt_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp" $udp_no_redir_ports "-j RETURN"
echolog " - ${msg}不代理 UDP 端口[${udp_no_redir_ports}]"
@ -552,7 +552,7 @@ load_acl() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
add_port_rules "$ip6t_m -A PSW $(comment "默认") -p tcp" $TCP_NO_REDIR_PORTS "-j RETURN"
add_port_rules "$ipt_tmp -A PSW $(comment "默认") -p tcp" $TCP_NO_REDIR_PORTS "-j RETURN"
if [ "$TCP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$TCP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 TCP 端口[${TCP_NO_REDIR_PORTS}]"
else
unset TCP_PROXY_MODE
@ -563,7 +563,7 @@ load_acl() {
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
add_port_rules "$ip6t_m -A PSW $(comment "默认") -p udp" $UDP_NO_REDIR_PORTS "-j RETURN"
add_port_rules "$ipt_m -A PSW $(comment "默认") -p udp" $UDP_NO_REDIR_PORTS "-j RETURN"
if [ "$UDP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$UDP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 UDP 端口[${UDP_NO_REDIR_PORTS}]"
else
unset UDP_PROXY_MODE
@ -1100,7 +1100,7 @@ add_firewall_rule() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
add_port_rules "$ipt_tmp -A PSW_OUTPUT -p tcp" $TCP_NO_REDIR_PORTS "-j RETURN"
add_port_rules "$ip6t_m -A PSW_OUTPUT -p tcp" $TCP_NO_REDIR_PORTS "-j RETURN"
if [ "$TCP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$TCP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 TCP 端口[${TCP_NO_REDIR_PORTS}]"
else
unset LOCALHOST_TCP_PROXY_MODE
@ -1111,7 +1111,7 @@ add_firewall_rule() {
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
add_port_rules "$ipt_m -A PSW_OUTPUT -p udp" $UDP_NO_REDIR_PORTS "-j RETURN"
add_port_rules "$ip6t_m -A PSW_OUTPUT -p udp" $UDP_NO_REDIR_PORTS "-j RETURN"
if [ "$UDP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$UDP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 UDP 端口[${UDP_NO_REDIR_PORTS}]"
else
unset LOCALHOST_UDP_PROXY_MODE

12
luci-app-passwall/root/usr/share/passwall/nftables.sh
View File

@ -356,7 +356,7 @@ load_acl() {
msg="$remarks】,${msg}"
[ "$tcp_no_redir_ports" != "disable" ] && {
if [ "$tcp_no_redir_ports" != "1:65535" ]; then
if ! has_1_65535 "$tcp_no_redir_ports"; then
nft "add rule $NFTABLE_NAME $nft_prerouting_chain ${_ipt_source} ip protocol tcp $(factor $tcp_no_redir_ports "tcp dport") counter return comment \"$remarks\""
[ "$_ipv4" != "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 ${_ipt_source} meta l4proto tcp $(factor $tcp_no_redir_ports "tcp dport") counter return comment \"$remarks\""
echolog " - ${msg}不代理 TCP 端口[${tcp_no_redir_ports}]"
@ -368,7 +368,7 @@ load_acl() {
}
[ "$udp_no_redir_ports" != "disable" ] && {
if [ "$udp_no_redir_ports" != "1:65535" ]; then
if ! has_1_65535 "$udp_no_redir_ports"; then
nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp ${_ipt_source} $(factor $udp_no_redir_ports "udp dport") counter return comment \"$remarks\""
[ "$_ipv4" != "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_no_redir_ports "udp dport") counter return comment \"$remarks\"" 2>/dev/null
echolog " - ${msg}不代理 UDP 端口[${udp_no_redir_ports}]"
@ -571,7 +571,7 @@ load_acl() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
nft "add rule $NFTABLE_NAME $nft_prerouting_chain ip protocol tcp $(factor $TCP_NO_REDIR_PORTS "tcp dport") counter return comment \"默认\""
nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto tcp $(factor $TCP_NO_REDIR_PORTS "tcp dport") counter return comment \"默认\""
if [ "$TCP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$TCP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 TCP 端口[${TCP_NO_REDIR_PORTS}]"
else
unset TCP_PROXY_MODE
@ -582,7 +582,7 @@ load_acl() {
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
nft "add $NFTABLE_NAME PSW_MANGLE ip protocol udp $(factor $UDP_NO_REDIR_PORTS "udp dport") counter return comment \"默认\""
nft "add $NFTABLE_NAME PSW_MANGLE_V6 counter meta l4proto udp $(factor $UDP_NO_REDIR_PORTS "udp dport") counter return comment \"默认\""
if [ "$UDP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$UDP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 UDP 端口[${UDP_NO_REDIR_PORTS}]"
else
unset UDP_PROXY_MODE
@ -1125,7 +1125,7 @@ add_firewall_rule() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
nft "add rule $NFTABLE_NAME $nft_output_chain ip protocol tcp $(factor $TCP_NO_REDIR_PORTS "tcp dport") counter return"
nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE_V6 meta l4proto tcp $(factor $TCP_NO_REDIR_PORTS "tcp dport") counter return"
if [ "$TCP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$TCP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 TCP 端口[${TCP_NO_REDIR_PORTS}]"
else
unset LOCALHOST_TCP_PROXY_MODE
@ -1136,7 +1136,7 @@ add_firewall_rule() {
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE ip protocol udp $(factor $UDP_NO_REDIR_PORTS "udp dport") counter return"
nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE_V6 meta l4proto udp $(factor $UDP_NO_REDIR_PORTS "udp dport") counter return"
if [ "$UDP_NO_REDIR_PORTS" != "1:65535" ]; then
if ! has_1_65535 "$UDP_NO_REDIR_PORTS"; then
echolog " - ${msg}不代理 UDP 端口[${UDP_NO_REDIR_PORTS}]"
else
unset LOCALHOST_UDP_PROXY_MODE

7
luci-app-passwall/root/usr/share/passwall/subscribe.lua
View File

@ -1036,8 +1036,8 @@ local function processData(szType, content, add_mode, add_from)
end
result.encryption = params.encryption or "none"
result.flow = params.flow or nil
result.flow = params.flow and params.flow:gsub("-udp443", "") or nil
result.alpn = params.alpn
if result.type == "sing-box" and (result.transport == "mkcp" or result.transport == "xhttp" or result.transport == "splithttp") then
log("跳过节点:" .. result.remarks .."因Sing-Box不支持" .. szType .. "协议的" .. result.transport .. "传输方式需更换Xray。")
@ -1191,7 +1191,7 @@ local function processData(szType, content, add_mode, add_from)
result.encryption = params.encryption or "none"
result.flow = params.flow or nil
result.flow = params.flow and params.flow:gsub("-udp443", "") or nil
result.tls = "0"
if params.security == "tls" or params.security == "reality" then
@ -1269,7 +1269,6 @@ local function processData(szType, content, add_mode, add_from)
else
result.address = host_port
end
result.protocol = params.protocol
result.hysteria_obfs = params.obfsParam
result.hysteria_auth_type = "string"
result.hysteria_auth_password = params.auth

44
naiveproxy/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=naiveproxy
PKG_VERSION:=138.0.7204.35
PKG_VERSION:=139.0.7258.62
PKG_RELEASE:=1
ARCH_PREBUILT:=$(ARCH_PACKAGES)
@ -25,47 +25,47 @@ PKG_SOURCE:=naiveproxy-v$(PKG_VERSION)-$(PKG_RELEASE)-openwrt-$(ARCH_PREBUILT).t
PKG_SOURCE_URL:=https://github.com/klzgrad/naiveproxy/releases/download/v$(PKG_VERSION)-$(PKG_RELEASE)/
ifeq ($(ARCH_PREBUILT),aarch64_cortex-a53)
PKG_HASH:=45c8b1f19d53f3e0c30bd591a0ba29e511295f7eb9c5ebeaee9dcb483e477d44
PKG_HASH:=88b631884518ad25eaee00350445824bb962283cf7665519d4d7b242605a95a4
else ifeq ($(ARCH_PREBUILT),aarch64_cortex-a72)
PKG_HASH:=2eb876e77a067f93e50370a1d7ebef497f948e76a732a698aac17b777c2e02da
PKG_HASH:=c8196e4ac5e60c933cdce968b1e630abf3577de1258a4c330eb99ea8649a177a
else ifeq ($(ARCH_PREBUILT),aarch64_generic)
PKG_HASH:=b0303b6c1147d563454605e3e2fda651aa40a8a7189b3c15245389557539b516
PKG_HASH:=7fa990948c429c36fd0778cd9125e08aed79d5e92be6675951540ddd7069b2fb
else ifeq ($(ARCH_PREBUILT),arm_arm1176jzf-s_vfp)
PKG_HASH:=11f3aa85008935a7bce61e69117d0fec66b31ce7a8394d1ccb47f1fb66d00c35
PKG_HASH:=51db374620c21797a732d11e17b7ddc31e9be681804ea3145938a24320aaa66a
else ifeq ($(ARCH_PREBUILT),arm_arm926ej-s)
PKG_HASH:=c5838f4149efbc7b2e01d6f2c94f7585edc3b51ebc072e88f4e8d6e709125b02
PKG_HASH:=abf5db455d57de10dec4b5e5d37903293bcbbe80a3baeb33aded53fb4d503db1
else ifeq ($(ARCH_PREBUILT),arm_cortex-a15_neon-vfpv4)
PKG_HASH:=a514d92010d2999ddbfe073e61dc9ea7f58414845077114979950ff5078a72ee
PKG_HASH:=4ea19599f0287da886c79b93d3ac7ae03727402587fa3af5fdd3d12ad2e2a58e
else ifeq ($(ARCH_PREBUILT),arm_cortex-a5_vfpv4)
PKG_HASH:=1e2677d68d9c81b7505ada6ed146177e53dca708fa878c5105b87812df20c797
PKG_HASH:=6824c79925f5cc9c3a8fd8a2090c982a0b30c0ce014aa90f99a2f36ed68ada9d
else ifeq ($(ARCH_PREBUILT),arm_cortex-a7)
PKG_HASH:=e9047f458ecba7cfc4c722d0180c1a4d823d9edbde41e4abce0f293c52712b0f
PKG_HASH:=456c896ac9a26d41a6bc0aea74262780516203a143cfb530906ac9a580d35ab5
else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_neon-vfpv4)
PKG_HASH:=954cea8e06240e6391d7057765335c6ac20fdbc42dcde9d20c2e4aa55a75a9e1
PKG_HASH:=0ac6f60ba0b90ef38aa88f1172b7119e07ec775b1776594afb51452f5b4af125
else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_vfpv4)
PKG_HASH:=6d739e11f4df930139744d982ee9e98050cf6778ff0af90bf5e128f789f26b61
PKG_HASH:=361341cd9300e071f06545d92bf355bd83fe415af7392cffcd503e9207f273e5
else ifeq ($(ARCH_PREBUILT),arm_cortex-a8_vfpv3)
PKG_HASH:=8f3de0015d28c341d8dd303bd770ffaf4cf05767a4af3612218da78a54d01c6e
PKG_HASH:=04eaadc2c6cf300c788d8531cdf04821c91a751bae720c2fc4631ec6445a0cd8
else ifeq ($(ARCH_PREBUILT),arm_cortex-a9)
PKG_HASH:=bf15aaaf307ac86cbd3fc9c9a8a107103d2682ba227f54fd2d2a2def252b8fca
PKG_HASH:=523af9336b72da3a32f38d1975e86f15bdc859234f8e7f0a3c664fc31da2ce3f
else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_neon)
PKG_HASH:=c5788e9ce8eef9d526390ef04966668ffd9e9f40af194257fb9600362585032f
PKG_HASH:=b20c2e0c098503d8b57c6ab70d70de401bb642a474521ccf0e700756ad7ed8e1
else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_vfpv3-d16)
PKG_HASH:=5c93593112ad72c75d35fc41b6d6ed3c1115dcf8aa30f9bc61303696f31fa551
PKG_HASH:=9658d4f6a9a7e753774b1b231808c5267addc7cea94e2e93e7f823ec84e279e3
else ifeq ($(ARCH_PREBUILT),arm_mpcore)
PKG_HASH:=ee481d71ff9735e221f8a58601690f11315613f4e77678bbe3ab25236d5ad36a
PKG_HASH:=cfdcc0bfd70c689b01af8ebcc712f8a1431aeba77a4bc1522444268f9864d12d
else ifeq ($(ARCH_PREBUILT),arm_xscale)
PKG_HASH:=3719a7d151c1d80250388cea32f74165772d8cc21b8bfa9c6a8db312ae19a0b8
PKG_HASH:=5c7706b1cb19e27d4c0135feea6af245e19af684b9e2bb38c3cea80c9adb970c
else ifeq ($(ARCH_PREBUILT),mipsel_24kc)
PKG_HASH:=1aa0c1fbe81242cf4c14a6c83fd32f8548a3691233c2078a640619c2b3bfd7c4
PKG_HASH:=70e248ffa44a067ced6c178f3aef09097e7bbd6030cb7d3776866880ad954eb6
else ifeq ($(ARCH_PREBUILT),mipsel_mips32)
PKG_HASH:=9f909d879602a0feeb2535e0859339a0496cdd948fb2f64c491bc5cf324f93f0
PKG_HASH:=a49e6088ddb1af6135fa2a46ba5c55db66b4a2ecd46cb6daf3776181a2e62296
else ifeq ($(ARCH_PREBUILT),riscv64)
PKG_HASH:=df183679a499ce65f3ff2e7561a551dd890c4acd6bfdeb97fdf729c97d195bac
PKG_HASH:=4f8163daea361188f8eec3c1794b78416b898aff226e33e82f8ae6f96d403ac3
else ifeq ($(ARCH_PREBUILT),x86)
PKG_HASH:=f9ca7ee068b2317c8a9e1155ed692cb99d3ba35f5ea4e0dcb56d63efa8764839
PKG_HASH:=02e38a354b26ed8ebe7a753bac2f8a4a4b4210a23dcb430de0ab88b88b689f92
else ifeq ($(ARCH_PREBUILT),x86_64)
PKG_HASH:=c6a6526432d76a2a19412869fd37a99ffa9f832c992791fc26983965ad3f0726
PKG_HASH:=df910463af15f53b5540dcb23a9858ba73dd2bc336eea9625ba0360bd3b29042
else
PKG_HASH:=dummy
endif

2
nikki/files/nikki.conf
View File

@ -38,11 +38,13 @@ config mixin 'mixin'
option 'redir_port' '7891'
option 'tproxy_port' '7892'
option 'authentication' '1'
option 'tun_enabled' '1'
option 'tun_device' 'nikki'
option 'tun_stack' 'mixed'
option 'tun_dns_hijack' '0'
list 'tun_dns_hijacks' 'tcp://any:53'
list 'tun_dns_hijacks' 'udp://any:53'
option 'dns_enabled' '1'
option 'dns_listen' '[::]:1053'
option 'dns_ipv6' '1'
option 'dns_mode' 'fake-ip'

4
sing-box/Makefile
View File

@ -5,12 +5,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=sing-box
PKG_VERSION:=1.12.2
PKG_VERSION:=1.12.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=95d902c008ed0b414ab29408dc565310fffe435a15753e02d10ca5c8e6837ce5
PKG_HASH:=3dce8ee383655908451f7f193714f0c8f90b8fd4baecb8e7e3948d263d766359
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=LICENSE