From 39c9008c30c2307644465222b54af5f19011bf37 Mon Sep 17 00:00:00 2001
From: sbwml <admin@cooluc.com>
Date: Tue, 16 May 2023 21:58:13 +0800
Subject: [PATCH] luci-app-mosdns: add `Prevent DNS Leaks` options, fix #85

---
 luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua |  5 +++++
 luci-app-mosdns/po/zh-cn/mosdns.po                | 10 ++++++++--
 luci-app-mosdns/root/etc/config/mosdns            |  1 +
 luci-app-mosdns/root/etc/init.d/mosdns            |  4 +++-
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
index f3c0ac8..2db4b25 100644
--- a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
+++ b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
@@ -123,6 +123,11 @@ o.rmempty = false
 o.default = false
 o:depends("configfile", "/etc/mosdns/config.yaml")
 
+o = s:taboption("advanced", Flag, "dns_leak", translate("Prevent DNS Leaks"), translate("Enable this option fallback policy forces forwarding to remote DNS"))
+o.rmempty = false
+o.default = false
+o:depends("configfile", "/etc/mosdns/config.yaml")
+
 o = s:taboption("advanced", Value, "cache_size", translate("DNS Cache Size"))
 o.datatype = "and(uinteger,min(0))"
 o.default = "20000"
diff --git a/luci-app-mosdns/po/zh-cn/mosdns.po b/luci-app-mosdns/po/zh-cn/mosdns.po
index c0e92cc..9d61a55 100644
--- a/luci-app-mosdns/po/zh-cn/mosdns.po
+++ b/luci-app-mosdns/po/zh-cn/mosdns.po
@@ -199,12 +199,18 @@ msgstr "启用 EDNS 客户端子网"
 msgid "Add the EDNS Client Subnet option (ECS) to Remote DNS"
 msgstr "在远程 DNS 请求中加入 EDNS 客户端子网（即 ECS）选项（需要上游 DNS 服务器支持）"
 
-msgid "MosDNS will auto identify the IP address subnet segment of your remote connection (.0/24)"
-msgstr "MosDNS 将会自动获取您访问远程连接时使用的 IP 子网段（.0/24）"
+msgid "MosDNS will auto identify the IP address subnet segment of your remote connection (0/24)"
+msgstr "MosDNS 将会自动获取您访问远程连接时使用的 IP 子网段（0/24）"
 
 msgid "If your remote access network changes, May need restart MosDNS to update the ECS request address"
 msgstr "如果您的远程访问网络发生改变时可能需要重启 MosDNS 以更新 ECS 请求地址"
 
+msgid "Prevent DNS Leaks"
+msgstr "防止 DNS 泄漏"
+
+msgid "Enable this option fallback policy forces forwarding to remote DNS"
+msgstr "启用此选项 fallback 策略会强制转发到远程 DNS"
+
 msgid "DNS Cache Size"
 msgstr "DNS 缓存大小（条）"
 
diff --git a/luci-app-mosdns/root/etc/config/mosdns b/luci-app-mosdns/root/etc/config/mosdns
index a7e31a7..3aa4ef0 100644
--- a/luci-app-mosdns/root/etc/config/mosdns
+++ b/luci-app-mosdns/root/etc/config/mosdns
@@ -22,6 +22,7 @@ config mosdns 'config'
 	option enable_pipeline '0'
 	option insecure_skip_verify '0'
 	option enable_http3 '0'
+	option dns_leak '0'
 	option listen_port_api '9091'
 	option bootstrap_dns '119.29.29.29'
 	list remote_dns 'tls://8.8.8.8'
diff --git a/luci-app-mosdns/root/etc/init.d/mosdns b/luci-app-mosdns/root/etc/init.d/mosdns
index 5025aa9..ab89efb 100755
--- a/luci-app-mosdns/root/etc/init.d/mosdns
+++ b/luci-app-mosdns/root/etc/init.d/mosdns
@@ -59,6 +59,7 @@ get_config() {
     config_get idle_timeout $1 idle_timeout 30
     config_get enable_http3 $1 enable_http3 0
     config_get enable_ecs_remote $1 enable_ecs_remote 0
+    config_get dns_leak $1 dns_leak 0
 }
 
 init_yaml() {
@@ -85,11 +86,12 @@ init_yaml() {
     [ "$dump_file" -eq 1 ] && [ ! -f $DUMP_FILE ] && cp -a $DUMP_FILE_DEFAULT $DUMP_FILE
     [ "$dump_file" -eq 0 ] && \cp -a $DUMP_FILE_DEFAULT $DUMP_FILE
     if [ "$enable_ecs_remote" -eq 1 ]; then
-        ecs_remote=$(sh /usr/share/mosdns/mosdns.sh ecs_remote)
+        ecs_remote=$(sh $MOSDNS_SCRIPT ecs_remote)
         sed -i "s,ecs_remote,$ecs_remote,g" $CONF
     else
         sed -i "/ecs_remote/d;" $CONF
     fi
+    [ $dns_leak -eq 1 ] && sed -i "s,primary: query_is_local_ip,primary: query_is_remote,g" $CONF
     rm -rf $TMPDIR
 }