luci-app-mosdns: update mosdns v5.x support

luci-app-mosdns/root/etc/init.d/mosdns

@@ -51,7 +51,7 @@ init_yaml() {
 	tmpdir=$(mktemp -d) || exit 1
 	adlist=$(/usr/share/mosdns/mosdns.sh ad)
 	[ $enable_pipeline = 1 ] && enable_pipeline=true || enable_pipeline=false
-	local_dns=$(/usr/share/mosdns/mosdns.sh dns | xargs -n1 echo "        - addr:")
+	local_dns=$(/usr/share/mosdns/mosdns.sh dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: %s\n%s  bootstrap: '${bootstrap_dns}'\n",s,$i,s}' s='        ')
 	remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: %s\n%s  enable_pipeline: '${enable_pipeline}'\n",s,$i,s}' s='        ')
 	sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \
 	s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \
@@ -61,7 +61,6 @@ init_yaml() {
 	s,adblock,$adlist,g;s,remote_dns_pipeline,$enable_pipeline,g" \
 	/usr/share/mosdns/default.yaml > $CONF
 	[ "$custom_local_dns" -eq 0 ] && sed -i "/bootstrap/d" $CONF || \
-	sed -i "s,bootstrap_dns,$bootstrap_dns,g" $CONF
 	echo "${local_dns}" > $tmpdir/local_dns.txt
 	echo "${remote_dns}" > $tmpdir/remote_dns.txt
 	sed -i -e '/- addr: local_dns/{r '$tmpdir/local_dns.txt -e';d};/- addr: remote_dns/{r '$tmpdir/remote_dns.txt -e';d}' \
@@ -91,7 +90,7 @@ redirect_setting() {
 		uci commit dhcp
 	else
 		sed -i "/list server/d" /etc/config/dhcp
-		uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#$(cat /etc/mosdns/config_custom.yaml | awk -F'[:" ]+' '/^\s+addr:/{for(i=1;i<=NF;i++){if($i~/^[0-9]+$/){print $i;exit}}}')"
+		uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#$(cat /etc/mosdns/config_custom.yaml | awk -F'[:" ]+' '/^\s+listen:/{for(i=1;i<=NF;i++){if($i~/^[0-9]+$/){print $i;exit}}}')"
 		uci set dhcp.@dnsmasq[0].rebind_protection='0'
 		uci set dhcp.@dnsmasq[0].noresolv="1"
 		uci set dhcp.@dnsmasq[0].cachesize='0'

luci-app-mosdns/root/etc/mosdns/config_custom.yaml

@@ -2,161 +2,232 @@ log:
   level: info
   file: "/tmp/mosdns.log"
 
-include: []
-
-data_providers:
-  - tag: geoip
-    file: "/usr/share/v2ray/geoip.dat"
-    auto_reload: true
-
-  - tag: geosite
-    file: "/usr/share/v2ray/geosite.dat"
-    auto_reload: true
-
-  - tag: whitelist
-    file: "/etc/mosdns/rule/whitelist.txt"
-    auto_reload: true
-
-  - tag: blocklist
-    file: "/etc/mosdns/rule/blocklist.txt"
-    auto_reload: true
-
-  - tag: hosts
-    file: "/etc/mosdns/rule/hosts.txt"
-    auto_reload: true
-
-  - tag: redirect
-    file: "/etc/mosdns/rule/redirect.txt"
-    auto_reload: true
-
 plugins:
-  - tag: lazy_cache
+  # 国内域名
+  - tag: geosite_cn
+    type: domain_set
+    args:
+      files:
+        - "/var/mosdns/geosite_cn.txt"
+
+  # 国内ip
+  - tag: geoip_cn
+    type: ip_set
+    args:
+      files:
+        - "/var/mosdns/geoip_cn.txt"
+
+  # 国外域名
+  - tag: geosite_no_cn
+    type: domain_set
+    args:
+      files:
+        - "/var/mosdns/geosite_geolocation-!cn.txt"
+
+  # 白名单 加入的域名始终允许使用 “本地 DNS” 进行解析
+  - tag: whitelist
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/whitelist.txt"
+
+  # 黑名单 加入的域名将屏蔽 DNS 解析
+  - tag: blocklist
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/blocklist.txt"
+
+  # 灰名单 加入的域名始终使用 “远程 DNS” 进行解析
+  - tag: greylist
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/greylist.txt"
+
+  # 自定义 Hosts 重写
+  - tag: hosts
+    type: hosts
+    args:
+      files:
+        - "/etc/mosdns/rule/hosts.txt"
+
+  # 重定向请求的域名
+  - tag: redirect
+    type: redirect
+    args:
+      files:
+        - "/etc/mosdns/rule/redirect.txt"
+
+  # PTR 黑名单 加入的域名将阻止 PTR 请求
+  - tag: local_ptr
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/local-ptr.txt"
+
+  # 屏蔽失效/威胁 URL
+  - tag: sp_low
+    type: domain_set
+    args:
+      files:
+        - "/usr/share/mosdns/sp_low.tdata"
+
+  # 缓存
+  - tag: cache
     type: cache
     args:
       size: 200000
       lazy_cache_ttl: 259200
 
-  - tag: modify_ttl
-    type: ttl
+  # 转发至本地服务器
+  - tag: forward_local
+    type: forward
     args:
-      minimal_ttl: 0
-      maximum_ttl: 0
-
-  - tag: "forward_local"
-    type: fast_forward
-    args:
-      upstream:
+      upstreams:
+        - addr: "https://doh.pub/dns-query"
+          bootstrap: 180.76.76.76
         - addr: 119.29.29.29
-        - addr: 114.114.114.114
 
-  - tag: "forward_remote"
-    type: fast_forward
+  # 转发至远程服务器
+  - tag: forward_remote
+    type: forward
     args:
-      upstream:
+      upstreams:
         - addr: tls://8.8.8.8
-        - addr: tls://1.1.1.1
+          enable_pipeline: false
 
-  - tag: query_is_whitelist_domain
-    type: query_matcher
+  # 修改ttl
+  - tag: modify_ttl
+    type: sequence
     args:
-      domain:
-        - "provider:whitelist"
+      - exec: ttl 0-0
 
-  - tag: query_is_blocklist_domain
-    type: query_matcher
+  # 国内解析
+  - tag: local_sequence
+    type: sequence
     args:
-      domain:
-        - "provider:blocklist"
+      - exec: metrics_collector $forward_local
+      - exec: $forward_local
 
-  - tag: query_is_hosts_domain
-    type: hosts
+  # 国外解析
+  - tag: remote_sequence
+    type: sequence
     args:
-      hosts:
-        - "provider:hosts"
+      - exec: prefer_ipv4
+      - exec: metrics_collector $forward_remote
+      - exec: $forward_remote
 
-  - tag: query_is_redirect_domain
-    type: redirect
+  # 有响应终止返回
+  - tag: has_resp_sequence
+    type: sequence
     args:
-      rule:
-        - "provider:redirect"
+      - exec: $modify_ttl
+      - matches: has_resp
+        exec: accept
 
+  # fallback 用本地服务器 sequence
+  # 返回不包含本地 ip 则 reject
+  - tag: query_is_local_ip
+    type: sequence
+    args:
+      - exec: $local_sequence
+      - matches: resp_ip $geoip_cn
+        exec: accept
+      - exec: reject
+
+  # fallback 用远程服务器 sequence
+  - tag: query_is_remote
+    type: sequence
+    args:
+      - exec: $remote_sequence
+      - exec: accept
+
+  # fallback 用远程服务器 sequence
+  - tag: fallback
+    type: fallback
+    args:
+      primary: query_is_local_ip
+      secondary: query_is_remote
+      threshold: 500
+      always_standby: false
+
+  # 查询国内域名
   - tag: query_is_local_domain
-    type: query_matcher
+    type: sequence
     args:
-      domain:
-        - "provider:geosite:cn"
+      - matches: qname $geosite_cn
+        exec: $local_sequence
 
-  - tag: query_is_non_local_domain
-    type: query_matcher
+  # 查询国外域名
+  - tag: query_is_no_local_domain
+    type: sequence
     args:
-      domain:
-        - "provider:geosite:geolocation-!cn"
+      - matches: qname $geosite_no_cn
+        exec: $remote_sequence
 
-  - tag: response_has_local_ip
-    type: response_matcher
+  # 查询白名单
+  - tag: query_is_whitelist_domain
+    type: sequence
     args:
-      ip:
-        - "provider:geoip:cn"
+      - matches: qname $whitelist
+        exec: $local_sequence
+      - exec: jump has_resp_sequence
 
-  - tag: query_is_ad_domain
-    type: query_matcher
+  # 查询灰名单
+  - tag: query_is_greylist_domain
+    type: sequence
     args:
-      domain:
-        - "provider:geosite:category-ads-all"
+      - matches: qname $greylist
+        exec: $remote_sequence
 
-  - tag: match_qtype65
-    type: query_matcher
+  # 拒绝名单
+  - tag: query_is_reject_domain
+    type: sequence
     args:
-      qtype: [65]
+      - matches: qname $blocklist
+        exec: reject 3
+      - matches: qname $sp_low
+        exec: reject 3
+      - matches:
+        - qtype 12
+        - qname $local_ptr
+        exec: reject 3
+      - matches: qtype 65
+        exec: reject 3
 
-  - tag: "main_sequence"
-    type: "sequence"
+  # 主要的运行逻辑插件
+  # sequence 插件中调用的插件 tag 必须在 sequence 前定义，
+  # 否则 sequence 找不到对应插件。
+  - tag: main_sequence
+    type: sequence
     args:
-      exec:
-        - _misc_optm
-        - query_is_hosts_domain
-        - query_is_redirect_domain
+      - exec: $hosts
+      - exec: jump has_resp_sequence
+      - exec: $redirect
+      - exec: jump has_resp_sequence
+      - exec: $query_is_whitelist_domain
+      - exec: $query_is_reject_domain
+      - exec: $cache
+      - exec: jump has_resp_sequence
+      - exec: $query_is_greylist_domain
+      - exec: jump has_resp_sequence
+      - exec: $query_is_local_domain
+      - exec: jump has_resp_sequence
+      - exec: $query_is_no_local_domain
+      - exec: jump has_resp_sequence
+      - exec: $fallback
 
-        - if: query_is_whitelist_domain
-          exec:
-            - forward_local
-            - modify_ttl
-            - _return
+  # 启动 udp 服务器。
+  - tag: udp_server
+    type: udp_server
+    args:
+      entry: main_sequence
+      listen: ":5335"
 
-        - if: "query_is_blocklist_domain || query_is_ad_domain || match_qtype65"
-          exec:
-            - _new_nxdomain_response
-            - _return
-
-        - lazy_cache
-
-        - if: query_is_local_domain
-          exec:
-            - forward_local
-            - modify_ttl
-            - _return
-
-        - if: query_is_non_local_domain
-          exec:
-            - _prefer_ipv4
-            - forward_remote
-            - modify_ttl
-            - _return
-        - primary:
-            - forward_local
-            - if: "(! response_has_local_ip) && [_response_valid_answer]"
-              exec:
-                - _drop_response
-          secondary:
-            - _prefer_ipv4
-            - forward_remote
-            - modify_ttl
-          fast_fallback: 200
-
-servers:
-  - exec: main_sequence
-    listeners:
-      - protocol: udp
-        addr: ":5335"
-      - protocol: tcp
-        addr: ":5335"
+  # 启动 tcp 服务器。
+  - tag: tcp_server
+    type: tcp_server
+    args:
+      entry: main_sequence
+      listen: ":5335"

luci-app-mosdns/root/etc/mosdns/rule/local-ptr.txt

@@ -1,87 +1,3 @@
-0.in-addr.arpa
-10.in-addr.arpa
-127.in-addr.arpa
-16.172.in-addr.arpa
-17.172.in-addr.arpa
-18.172.in-addr.arpa
-19.172.in-addr.arpa
-20.172.in-addr.arpa
-21.172.in-addr.arpa
-22.172.in-addr.arpa
-23.172.in-addr.arpa
-24.172.in-addr.arpa
-25.172.in-addr.arpa
-26.172.in-addr.arpa
-27.172.in-addr.arpa
-28.172.in-addr.arpa
-29.172.in-addr.arpa
-30.172.in-addr.arpa
-31.172.in-addr.arpa
-64.100.in-addr.arpa
-65.100.in-addr.arpa
-66.100.in-addr.arpa
-67.100.in-addr.arpa
-68.100.in-addr.arpa
-69.100.in-addr.arpa
-70.100.in-addr.arpa
-71.100.in-addr.arpa
-72.100.in-addr.arpa
-73.100.in-addr.arpa
-74.100.in-addr.arpa
-75.100.in-addr.arpa
-76.100.in-addr.arpa
-77.100.in-addr.arpa
-78.100.in-addr.arpa
-79.100.in-addr.arpa
-80.100.in-addr.arpa
-81.100.in-addr.arpa
-82.100.in-addr.arpa
-83.100.in-addr.arpa
-84.100.in-addr.arpa
-85.100.in-addr.arpa
-86.100.in-addr.arpa
-87.100.in-addr.arpa
-88.100.in-addr.arpa
-89.100.in-addr.arpa
-90.100.in-addr.arpa
-91.100.in-addr.arpa
-92.100.in-addr.arpa
-93.100.in-addr.arpa
-94.100.in-addr.arpa
-95.100.in-addr.arpa
-96.100.in-addr.arpa
-97.100.in-addr.arpa
-98.100.in-addr.arpa
-99.100.in-addr.arpa
-100.100.in-addr.arpa
-101.100.in-addr.arpa
-102.100.in-addr.arpa
-103.100.in-addr.arpa
-104.100.in-addr.arpa
-105.100.in-addr.arpa
-106.100.in-addr.arpa
-107.100.in-addr.arpa
-108.100.in-addr.arpa
-109.100.in-addr.arpa
-110.100.in-addr.arpa
-111.100.in-addr.arpa
-112.100.in-addr.arpa
-113.100.in-addr.arpa
-114.100.in-addr.arpa
-115.100.in-addr.arpa
-116.100.in-addr.arpa
-117.100.in-addr.arpa
-118.100.in-addr.arpa
-119.100.in-addr.arpa
-120.100.in-addr.arpa
-121.100.in-addr.arpa
-122.100.in-addr.arpa
-123.100.in-addr.arpa
-124.100.in-addr.arpa
-125.100.in-addr.arpa
-126.100.in-addr.arpa
-127.100.in-addr.arpa
-2.0.192.in-addr.arpa
-168.192.in-addr.arpa
-255.255.255.255.in-addr.arpa
+# block all PTR requests
+domain:in-addr.arpa
 domain:ip6.arpa

luci-app-mosdns/root/usr/share/mosdns/default.yaml

@@ -2,192 +2,206 @@ log:
   level: log_level
   file: "log_file"
 
-include: []
+plugins:
+  - tag: geosite_cn
+    type: domain_set
+    args:
+      files:
+        - "/var/mosdns/geosite_cn.txt"
 
-data_providers:
-  - tag: geoip
-    file: "/usr/share/v2ray/geoip.dat"
-    auto_reload: true
+  - tag: geoip_cn
+    type: ip_set
+    args:
+      files:
+        - "/var/mosdns/geoip_cn.txt"
 
-  - tag: geosite
-    file: "/usr/share/v2ray/geosite.dat"
-    auto_reload: true
+  - tag: geosite_no_cn
+    type: domain_set
+    args:
+      files:
+        - "/var/mosdns/geosite_geolocation-!cn.txt"
 
   - tag: whitelist
-    file: "/etc/mosdns/rule/whitelist.txt"
-    auto_reload: true
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/whitelist.txt"
 
   - tag: blocklist
-    file: "/etc/mosdns/rule/blocklist.txt"
-    auto_reload: true
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/blocklist.txt"
 
   - tag: greylist
-    file: "/etc/mosdns/rule/greylist.txt"
-    auto_reload: true
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/greylist.txt"
 
   - tag: hosts
-    file: "/etc/mosdns/rule/hosts.txt"
-    auto_reload: true
+    type: hosts
+    args:
+      files:
+        - "/etc/mosdns/rule/hosts.txt"
 
   - tag: redirect
-    file: "/etc/mosdns/rule/redirect.txt"
-    auto_reload: true
-
-  - tag: local_ptr
-    file: "/etc/mosdns/rule/local-ptr.txt"
-    auto_reload: true
+    type: redirect
+    args:
+      files:
+        - "/etc/mosdns/rule/redirect.txt"
 
   - tag: adlist
-    file: "/etc/mosdns/rule/adlist.txt"
-    auto_reload: true
+    type: domain_set
+    args:
+      files:
+        - "adblock"
 
-plugins:
-  - tag: lazy_cache
+  - tag: local_ptr
+    type: domain_set
+    args:
+      files:
+        - "/etc/mosdns/rule/local-ptr.txt"
+
+  - tag: sp_low
+    type: domain_set
+    args:
+      files:
+        - "/usr/share/mosdns/sp_low.tdata"
+
+  - tag: cache
     type: cache
     args:
       size: cache_size
       lazy_cache_ttl: cache_survival_time
 
-  - tag: modify_ttl
-    type: ttl
-    args:
-      minimal_ttl: minimal_ttl_custom
-      maximum_ttl: maximum_ttl_custom
-
-  - tag: "forward_local"
+  - tag: forward_local
     type: forward
     args:
-      upstream:
+      upstreams:
         - addr: local_dns
-      bootstrap:
-        - "bootstrap_dns"
 
-  - tag: "forward_remote"
-    type: fast_forward
+  - tag: forward_remote
+    type: forward
     args:
-      upstream:
+      upstreams:
         - addr: remote_dns
 
-  - tag: query_is_whitelist_domain
-    type: query_matcher
+  - tag: modify_ttl
+    type: sequence
     args:
-      domain:
-        - "provider:whitelist"
+      - exec: ttl minimal_ttl_custom-maximum_ttl_custom
 
-  - tag: query_is_blocklist_domain
-    type: query_matcher
+  - tag: local_sequence
+    type: sequence
     args:
-      domain:
-        - "provider:blocklist"
+      - exec: metrics_collector $forward_local
+      - exec: $forward_local
 
-  - tag: query_is_greylist_domain
-    type: query_matcher
+  - tag: remote_sequence
+    type: sequence
     args:
-      domain:
-        - "provider:greylist"
+      - exec: prefer_ipv4
+      - exec: metrics_collector $forward_remote
+      - exec: $forward_remote
 
-  - tag: query_is_hosts_domain
-    type: hosts
+  - tag: has_resp_sequence
+    type: sequence
     args:
-      hosts:
-        - "provider:hosts"
+      - exec: $modify_ttl
+      - matches: has_resp
+        exec: accept
 
-  - tag: query_is_redirect_domain
-    type: redirect
+  - tag: query_is_local_ip
+    type: sequence
     args:
-      rule:
-        - "provider:redirect"
+      - exec: $local_sequence
+      - matches: resp_ip $geoip_cn
+        exec: accept
+      - exec: reject
+
+  - tag: query_is_remote
+    type: sequence
+    args:
+      - exec: $remote_sequence
+      - exec: accept
+
+  - tag: fallback
+    type: fallback
+    args:
+      primary: query_is_local_ip
+      secondary: query_is_remote
+      threshold: 500
+      always_standby: false
 
   - tag: query_is_local_domain
-    type: query_matcher
+    type: sequence
     args:
-      domain:
-        - "provider:geosite:cn"
+      - matches: qname $geosite_cn
+        exec: $local_sequence
 
-  - tag: query_is_non_local_domain
-    type: query_matcher
+  - tag: query_is_no_local_domain
+    type: sequence
     args:
-      domain:
-        - "provider:geosite:geolocation-!cn"
+      - matches: qname $geosite_no_cn
+        exec: $remote_sequence
 
-  - tag: response_has_local_ip
-    type: response_matcher
+  - tag: query_is_whitelist_domain
+    type: sequence
     args:
-      ip:
-        - "provider:geoip:cn"
+      - matches: qname $whitelist
+        exec: $local_sequence
+      - exec: jump has_resp_sequence
 
-  - tag: query_is_ad_domain
-    type: query_matcher
+  - tag: query_is_greylist_domain
+    type: sequence
     args:
-      domain:
-        - "adblock"
+      - matches: qname $greylist
+        exec: $remote_sequence
 
-  - tag: match_local_ptr
-    type: query_matcher
+  - tag: query_is_reject_domain
+    type: sequence
     args:
-      qtype: [12]
-      domain:
-        - "provider:local_ptr"
+      - matches: qname $blocklist
+        exec: reject 3
+      - matches: qname $adlist
+        exec: reject 3
+      - matches: qname $sp_low
+        exec: reject 3
+      - matches:
+        - qtype 12
+        - qname $local_ptr
+        exec: reject 3
+      - matches: qtype 65
+        exec: reject 3
 
-  - tag: match_qtype65
-    type: query_matcher
+  - tag: main_sequence
+    type: sequence
     args:
-      qtype: [65]
+      - exec: $hosts
+      - exec: jump has_resp_sequence
+      - exec: $redirect
+      - exec: jump has_resp_sequence
+      - exec: $query_is_whitelist_domain
+      - exec: $query_is_reject_domain
+      - exec: $cache
+      - exec: jump has_resp_sequence
+      - exec: $query_is_greylist_domain
+      - exec: jump has_resp_sequence
+      - exec: $query_is_local_domain
+      - exec: jump has_resp_sequence
+      - exec: $query_is_no_local_domain
+      - exec: jump has_resp_sequence
+      - exec: $fallback
 
-  - tag: "main_sequence"
-    type: "sequence"
+  - tag: udp_server
+    type: udp_server
     args:
-      exec:
-        - _misc_optm
-        - query_is_hosts_domain
-        - query_is_redirect_domain
+      entry: main_sequence
+      listen: ":listen_port"
 
-        - if: query_is_whitelist_domain
-          exec:
-            - forward_local
-            - modify_ttl
-            - _return
-
-        - if: "query_is_blocklist_domain || query_is_ad_domain || match_local_ptr || match_qtype65"
-          exec:
-            - _new_nxdomain_response
-            - _return
-
-        - lazy_cache
-
-        - if: query_is_greylist_domain
-          exec:
-            - forward_remote
-            - modify_ttl
-            - _return
-
-        - if: query_is_local_domain
-          exec:
-            - forward_local
-            - modify_ttl
-            - _return
-
-        - if: query_is_non_local_domain
-          exec:
-            - _prefer_ipv4
-            - forward_remote
-            - modify_ttl
-            - _return
-        - primary:
-            - forward_local
-            - if: "(! response_has_local_ip) && [_response_valid_answer]"
-              exec:
-                - _drop_response
-          secondary:
-            - _prefer_ipv4
-            - forward_remote
-            - modify_ttl
-          fast_fallback: 200
-
-servers:
-  - exec: main_sequence
-    listeners:
-      - protocol: udp
-        addr: ":listen_port"
-      - protocol: tcp
-        addr: ":listen_port"
+  - tag: tcp_server
+    type: tcp_server
+    args:
+      entry: main_sequence
+      listen: ":listen_port"

luci-app-mosdns/root/usr/share/mosdns/mosdns.sh

@@ -34,12 +34,12 @@ ad_block() (
 	if [ "$adblock" -eq 1 ]; then
 		ad_source=$(uci -q get mosdns.config.ad_source)
 		if [ "$ad_source" = "geosite.dat" ]; then
-			echo "provider:geosite:category-ads-all"
+			echo "/var/mosdns/geosite_category-ads-all.txt"
 		else
-			echo "provider:adlist"
+			echo "/etc/mosdns/rule/adlist.txt"
 		fi
 	else
-		echo "full:disable-category-ads-all.null"
+		touch /var/disable-ads.txt ; echo "/var/disable-ads.txt"
 	fi
 )