zhao/luci-app-mosdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-mosdns: update mosdns v5.x support

Browse Source
This commit is contained in:
sbwml 2023-02-07 00:01:48 +08:00
parent 5597a6c306
commit 91756c87f5
6 changed files with 3883 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
luci-app-mosdns/root/etc/init.d/mosdns
View File

@ -51,7 +51,7 @@ init_yaml() {
tmpdir=$(mktemp -d) || exit 1 tmpdir=$(mktemp -d) || exit 1
adlist=$(/usr/share/mosdns/mosdns.sh ad) adlist=$(/usr/share/mosdns/mosdns.sh ad)
[ $enable_pipeline = 1 ] && enable_pipeline=true || enable_pipeline=false [ $enable_pipeline = 1 ] && enable_pipeline=true || enable_pipeline=false
local_dns=$(/usr/share/mosdns/mosdns.sh dns | xargs -n1 echo " - addr:") local_dns=$(/usr/share/mosdns/mosdns.sh dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: %s\n%s bootstrap: '${bootstrap_dns}'\n",s,$i,s}' s=' ')
remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: %s\n%s enable_pipeline: '${enable_pipeline}'\n",s,$i,s}' s=' ') remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: %s\n%s enable_pipeline: '${enable_pipeline}'\n",s,$i,s}' s=' ')
sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \ sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \
s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \ s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \
@ -61,7 +61,6 @@ init_yaml() {
s,adblock,$adlist,g;s,remote_dns_pipeline,$enable_pipeline,g" \ s,adblock,$adlist,g;s,remote_dns_pipeline,$enable_pipeline,g" \
/usr/share/mosdns/default.yaml > $CONF /usr/share/mosdns/default.yaml > $CONF
[ "$custom_local_dns" -eq 0 ] && sed -i "/bootstrap/d" $CONF || \ [ "$custom_local_dns" -eq 0 ] && sed -i "/bootstrap/d" $CONF || \
sed -i "s,bootstrap_dns,$bootstrap_dns,g" $CONF
echo "${local_dns}" > $tmpdir/local_dns.txt echo "${local_dns}" > $tmpdir/local_dns.txt
echo "${remote_dns}" > $tmpdir/remote_dns.txt echo "${remote_dns}" > $tmpdir/remote_dns.txt
sed -i -e '/- addr: local_dns/{r '$tmpdir/local_dns.txt -e';d};/- addr: remote_dns/{r '$tmpdir/remote_dns.txt -e';d}' \ sed -i -e '/- addr: local_dns/{r '$tmpdir/local_dns.txt -e';d};/- addr: remote_dns/{r '$tmpdir/remote_dns.txt -e';d}' \
@ -91,7 +90,7 @@ redirect_setting() {
uci commit dhcp uci commit dhcp
else else
sed -i "/list server/d" /etc/config/dhcp sed -i "/list server/d" /etc/config/dhcp
uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#$(cat /etc/mosdns/config_custom.yaml | awk -F'[:" ]+' '/^\s+addr:/{for(i=1;i<=NF;i++){if($i~/^[0-9]+$/){print $i;exit}}}')" uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#$(cat /etc/mosdns/config_custom.yaml | awk -F'[:" ]+' '/^\s+listen:/{for(i=1;i<=NF;i++){if($i~/^[0-9]+$/){print $i;exit}}}')"
uci set dhcp.@dnsmasq[0].rebind_protection='0' uci set dhcp.@dnsmasq[0].rebind_protection='0'
uci set dhcp.@dnsmasq[0].noresolv="1" uci set dhcp.@dnsmasq[0].noresolv="1"
uci set dhcp.@dnsmasq[0].cachesize='0' uci set dhcp.@dnsmasq[0].cachesize='0'

319
luci-app-mosdns/root/etc/mosdns/config_custom.yaml
View File

@ -2,161 +2,232 @@ log:
level: info level: info
file: "/tmp/mosdns.log" file: "/tmp/mosdns.log"
include: []
data_providers:
- tag: geoip
file: "/usr/share/v2ray/geoip.dat"
auto_reload: true
- tag: geosite
file: "/usr/share/v2ray/geosite.dat"
auto_reload: true
- tag: whitelist
file: "/etc/mosdns/rule/whitelist.txt"
auto_reload: true
- tag: blocklist
file: "/etc/mosdns/rule/blocklist.txt"
auto_reload: true
- tag: hosts
file: "/etc/mosdns/rule/hosts.txt"
auto_reload: true
- tag: redirect
file: "/etc/mosdns/rule/redirect.txt"
auto_reload: true
plugins: plugins:
- tag: lazy_cache # 国内域名
- tag: geosite_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_cn.txt"
# 国内ip
- tag: geoip_cn
type: ip_set
args:
files:
- "/var/mosdns/geoip_cn.txt"
# 国外域名
- tag: geosite_no_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_geolocation-!cn.txt"
# 白名单 加入的域名始终允许使用 “本地 DNS” 进行解析
- tag: whitelist
type: domain_set
args:
files:
- "/etc/mosdns/rule/whitelist.txt"
# 黑名单 加入的域名将屏蔽 DNS 解析
- tag: blocklist
type: domain_set
args:
files:
- "/etc/mosdns/rule/blocklist.txt"
# 灰名单 加入的域名始终使用 “远程 DNS” 进行解析
- tag: greylist
type: domain_set
args:
files:
- "/etc/mosdns/rule/greylist.txt"
# 自定义 Hosts 重写
- tag: hosts
type: hosts
args:
files:
- "/etc/mosdns/rule/hosts.txt"
# 重定向请求的域名
- tag: redirect
type: redirect
args:
files:
- "/etc/mosdns/rule/redirect.txt"
# PTR 黑名单 加入的域名将阻止 PTR 请求
- tag: local_ptr
type: domain_set
args:
files:
- "/etc/mosdns/rule/local-ptr.txt"
# 屏蔽失效/威胁 URL
- tag: sp_low
type: domain_set
args:
files:
- "/usr/share/mosdns/sp_low.tdata"
# 缓存
- tag: cache
type: cache type: cache
args: args:
size: 200000 size: 200000
lazy_cache_ttl: 259200 lazy_cache_ttl: 259200
- tag: modify_ttl # 转发至本地服务器
type: ttl - tag: forward_local
type: forward
args: args:
minimal_ttl: 0 upstreams:
maximum_ttl: 0 - addr: "https://doh.pub/dns-query"
bootstrap: 180.76.76.76
- tag: "forward_local"
type: fast_forward
args:
upstream:
- addr: 119.29.29.29 - addr: 119.29.29.29
- addr: 114.114.114.114
- tag: "forward_remote" # 转发至远程服务器
type: fast_forward - tag: forward_remote
type: forward
args: args:
upstream: upstreams:
- addr: tls://8.8.8.8 - addr: tls://8.8.8.8
- addr: tls://1.1.1.1 enable_pipeline: false
- tag: query_is_whitelist_domain # 修改ttl
type: query_matcher - tag: modify_ttl
type: sequence
args: args:
domain: - exec: ttl 0-0
- "provider:whitelist"
- tag: query_is_blocklist_domain # 国内解析
type: query_matcher - tag: local_sequence
type: sequence
args: args:
domain: - exec: metrics_collector $forward_local
- "provider:blocklist" - exec: $forward_local
- tag: query_is_hosts_domain # 国外解析
type: hosts - tag: remote_sequence
type: sequence
args: args:
hosts: - exec: prefer_ipv4
- "provider:hosts" - exec: metrics_collector $forward_remote
- exec: $forward_remote
- tag: query_is_redirect_domain # 有响应终止返回
type: redirect - tag: has_resp_sequence
type: sequence
args: args:
rule: - exec: $modify_ttl
- "provider:redirect" - matches: has_resp
exec: accept
# fallback 用本地服务器 sequence
# 返回不包含本地 ip 则 reject
- tag: query_is_local_ip
type: sequence
args:
- exec: $local_sequence
- matches: resp_ip $geoip_cn
exec: accept
- exec: reject
# fallback 用远程服务器 sequence
- tag: query_is_remote
type: sequence
args:
- exec: $remote_sequence
- exec: accept
# fallback 用远程服务器 sequence
- tag: fallback
type: fallback
args:
primary: query_is_local_ip
secondary: query_is_remote
threshold: 500
always_standby: false
# 查询国内域名
- tag: query_is_local_domain - tag: query_is_local_domain
type: query_matcher type: sequence
args: args:
domain: - matches: qname $geosite_cn
- "provider:geosite:cn" exec: $local_sequence
- tag: query_is_non_local_domain # 查询国外域名
type: query_matcher - tag: query_is_no_local_domain
type: sequence
args: args:
domain: - matches: qname $geosite_no_cn
- "provider:geosite:geolocation-!cn" exec: $remote_sequence
- tag: response_has_local_ip # 查询白名单
type: response_matcher - tag: query_is_whitelist_domain
type: sequence
args: args:
ip: - matches: qname $whitelist
- "provider:geoip:cn" exec: $local_sequence
- exec: jump has_resp_sequence
- tag: query_is_ad_domain # 查询灰名单
type: query_matcher - tag: query_is_greylist_domain
type: sequence
args: args:
domain: - matches: qname $greylist
- "provider:geosite:category-ads-all" exec: $remote_sequence
- tag: match_qtype65 # 拒绝名单
type: query_matcher - tag: query_is_reject_domain
type: sequence
args: args:
qtype: [65] - matches: qname $blocklist
exec: reject 3
- matches: qname $sp_low
exec: reject 3
- matches:
- qtype 12
- qname $local_ptr
exec: reject 3
- matches: qtype 65
exec: reject 3
- tag: "main_sequence" # 主要的运行逻辑插件
type: "sequence" # sequence 插件中调用的插件 tag 必须在 sequence 前定义,
# 否则 sequence 找不到对应插件。
- tag: main_sequence
type: sequence
args: args:
exec: - exec: $hosts
- _misc_optm - exec: jump has_resp_sequence
- query_is_hosts_domain - exec: $redirect
- query_is_redirect_domain - exec: jump has_resp_sequence
- exec: $query_is_whitelist_domain
- exec: $query_is_reject_domain
- exec: $cache
- exec: jump has_resp_sequence
- exec: $query_is_greylist_domain
- exec: jump has_resp_sequence
- exec: $query_is_local_domain
- exec: jump has_resp_sequence
- exec: $query_is_no_local_domain
- exec: jump has_resp_sequence
- exec: $fallback
- if: query_is_whitelist_domain # 启动 udp 服务器。
exec: - tag: udp_server
- forward_local type: udp_server
- modify_ttl args:
- _return entry: main_sequence
listen: ":5335"
- if: "query_is_blocklist_domain || query_is_ad_domain || match_qtype65" # 启动 tcp 服务器。
exec: - tag: tcp_server
- _new_nxdomain_response type: tcp_server
- _return args:
entry: main_sequence
- lazy_cache listen: ":5335"
- if: query_is_local_domain
exec:
- forward_local
- modify_ttl
- _return
- if: query_is_non_local_domain
exec:
- _prefer_ipv4
- forward_remote
- modify_ttl
- _return
- primary:
- forward_local
- if: "(! response_has_local_ip) && [_response_valid_answer]"
exec:
- _drop_response
secondary:
- _prefer_ipv4
- forward_remote
- modify_ttl
fast_fallback: 200
servers:
- exec: main_sequence
listeners:
- protocol: udp
addr: ":5335"
- protocol: tcp
addr: ":5335"

88
luci-app-mosdns/root/etc/mosdns/rule/local-ptr.txt
View File

@ -1,87 +1,3 @@
0.in-addr.arpa # block all PTR requests
10.in-addr.arpa domain:in-addr.arpa
127.in-addr.arpa
16.172.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
64.100.in-addr.arpa
65.100.in-addr.arpa
66.100.in-addr.arpa
67.100.in-addr.arpa
68.100.in-addr.arpa
69.100.in-addr.arpa
70.100.in-addr.arpa
71.100.in-addr.arpa
72.100.in-addr.arpa
73.100.in-addr.arpa
74.100.in-addr.arpa
75.100.in-addr.arpa
76.100.in-addr.arpa
77.100.in-addr.arpa
78.100.in-addr.arpa
79.100.in-addr.arpa
80.100.in-addr.arpa
81.100.in-addr.arpa
82.100.in-addr.arpa
83.100.in-addr.arpa
84.100.in-addr.arpa
85.100.in-addr.arpa
86.100.in-addr.arpa
87.100.in-addr.arpa
88.100.in-addr.arpa
89.100.in-addr.arpa
90.100.in-addr.arpa
91.100.in-addr.arpa
92.100.in-addr.arpa
93.100.in-addr.arpa
94.100.in-addr.arpa
95.100.in-addr.arpa
96.100.in-addr.arpa
97.100.in-addr.arpa
98.100.in-addr.arpa
99.100.in-addr.arpa
100.100.in-addr.arpa
101.100.in-addr.arpa
102.100.in-addr.arpa
103.100.in-addr.arpa
104.100.in-addr.arpa
105.100.in-addr.arpa
106.100.in-addr.arpa
107.100.in-addr.arpa
108.100.in-addr.arpa
109.100.in-addr.arpa
110.100.in-addr.arpa
111.100.in-addr.arpa
112.100.in-addr.arpa
113.100.in-addr.arpa
114.100.in-addr.arpa
115.100.in-addr.arpa
116.100.in-addr.arpa
117.100.in-addr.arpa
118.100.in-addr.arpa
119.100.in-addr.arpa
120.100.in-addr.arpa
121.100.in-addr.arpa
122.100.in-addr.arpa
123.100.in-addr.arpa
124.100.in-addr.arpa
125.100.in-addr.arpa
126.100.in-addr.arpa
127.100.in-addr.arpa
2.0.192.in-addr.arpa
168.192.in-addr.arpa
255.255.255.255.in-addr.arpa
domain:ip6.arpa domain:ip6.arpa

288
luci-app-mosdns/root/usr/share/mosdns/default.yaml
View File

@ -2,192 +2,206 @@ log:
level: log_level level: log_level
file: "log_file" file: "log_file"
include: [] plugins:
- tag: geosite_cn
type: domain_set
args:
files:
- "/var/mosdns/geosite_cn.txt"
data_providers: - tag: geoip_cn
- tag: geoip type: ip_set
file: "/usr/share/v2ray/geoip.dat" args:
auto_reload: true files:
- "/var/mosdns/geoip_cn.txt"
- tag: geosite - tag: geosite_no_cn
file: "/usr/share/v2ray/geosite.dat" type: domain_set
auto_reload: true args:
files:
- "/var/mosdns/geosite_geolocation-!cn.txt"
- tag: whitelist - tag: whitelist
file: "/etc/mosdns/rule/whitelist.txt" type: domain_set
auto_reload: true args:
files:
- "/etc/mosdns/rule/whitelist.txt"
- tag: blocklist - tag: blocklist
file: "/etc/mosdns/rule/blocklist.txt" type: domain_set
auto_reload: true args:
files:
- "/etc/mosdns/rule/blocklist.txt"
- tag: greylist - tag: greylist
file: "/etc/mosdns/rule/greylist.txt" type: domain_set
auto_reload: true args:
files:
- "/etc/mosdns/rule/greylist.txt"
- tag: hosts - tag: hosts
file: "/etc/mosdns/rule/hosts.txt" type: hosts
auto_reload: true args:
files:
- "/etc/mosdns/rule/hosts.txt"
- tag: redirect - tag: redirect
file: "/etc/mosdns/rule/redirect.txt" type: redirect
auto_reload: true args:
files:
- tag: local_ptr - "/etc/mosdns/rule/redirect.txt"
file: "/etc/mosdns/rule/local-ptr.txt"
auto_reload: true
- tag: adlist - tag: adlist
file: "/etc/mosdns/rule/adlist.txt" type: domain_set
auto_reload: true args:
files:
- "adblock"
plugins: - tag: local_ptr
- tag: lazy_cache type: domain_set
args:
files:
- "/etc/mosdns/rule/local-ptr.txt"
- tag: sp_low
type: domain_set
args:
files:
- "/usr/share/mosdns/sp_low.tdata"
- tag: cache
type: cache type: cache
args: args:
size: cache_size size: cache_size
lazy_cache_ttl: cache_survival_time lazy_cache_ttl: cache_survival_time
- tag: modify_ttl - tag: forward_local
type: ttl
args:
minimal_ttl: minimal_ttl_custom
maximum_ttl: maximum_ttl_custom
- tag: "forward_local"
type: forward type: forward
args: args:
upstream: upstreams:
- addr: local_dns - addr: local_dns
bootstrap:
- "bootstrap_dns"
- tag: "forward_remote" - tag: forward_remote
type: fast_forward type: forward
args: args:
upstream: upstreams:
- addr: remote_dns - addr: remote_dns
- tag: query_is_whitelist_domain - tag: modify_ttl
type: query_matcher type: sequence
args: args:
domain: - exec: ttl minimal_ttl_custom-maximum_ttl_custom
- "provider:whitelist"
- tag: query_is_blocklist_domain - tag: local_sequence
type: query_matcher type: sequence
args: args:
domain: - exec: metrics_collector $forward_local
- "provider:blocklist" - exec: $forward_local
- tag: query_is_greylist_domain - tag: remote_sequence
type: query_matcher type: sequence
args: args:
domain: - exec: prefer_ipv4
- "provider:greylist" - exec: metrics_collector $forward_remote
- exec: $forward_remote
- tag: query_is_hosts_domain - tag: has_resp_sequence
type: hosts type: sequence
args: args:
hosts: - exec: $modify_ttl
- "provider:hosts" - matches: has_resp
exec: accept
- tag: query_is_redirect_domain - tag: query_is_local_ip
type: redirect type: sequence
args: args:
rule: - exec: $local_sequence
- "provider:redirect" - matches: resp_ip $geoip_cn
exec: accept
- exec: reject
- tag: query_is_remote
type: sequence
args:
- exec: $remote_sequence
- exec: accept
- tag: fallback
type: fallback
args:
primary: query_is_local_ip
secondary: query_is_remote
threshold: 500
always_standby: false
- tag: query_is_local_domain - tag: query_is_local_domain
type: query_matcher type: sequence
args: args:
domain: - matches: qname $geosite_cn
- "provider:geosite:cn" exec: $local_sequence
- tag: query_is_non_local_domain - tag: query_is_no_local_domain
type: query_matcher type: sequence
args: args:
domain: - matches: qname $geosite_no_cn
- "provider:geosite:geolocation-!cn" exec: $remote_sequence
- tag: response_has_local_ip - tag: query_is_whitelist_domain
type: response_matcher type: sequence
args: args:
ip: - matches: qname $whitelist
- "provider:geoip:cn" exec: $local_sequence
- exec: jump has_resp_sequence
- tag: query_is_ad_domain - tag: query_is_greylist_domain
type: query_matcher type: sequence
args: args:
domain: - matches: qname $greylist
- "adblock" exec: $remote_sequence
- tag: match_local_ptr - tag: query_is_reject_domain
type: query_matcher type: sequence
args: args:
qtype: [12] - matches: qname $blocklist
domain: exec: reject 3
- "provider:local_ptr" - matches: qname $adlist
exec: reject 3
- matches: qname $sp_low
exec: reject 3
- matches:
- qtype 12
- qname $local_ptr
exec: reject 3
- matches: qtype 65
exec: reject 3
- tag: match_qtype65 - tag: main_sequence
type: query_matcher type: sequence
args: args:
qtype: [65] - exec: $hosts
- exec: jump has_resp_sequence
- exec: $redirect
- exec: jump has_resp_sequence
- exec: $query_is_whitelist_domain
- exec: $query_is_reject_domain
- exec: $cache
- exec: jump has_resp_sequence
- exec: $query_is_greylist_domain
- exec: jump has_resp_sequence
- exec: $query_is_local_domain
- exec: jump has_resp_sequence
- exec: $query_is_no_local_domain
- exec: jump has_resp_sequence
- exec: $fallback
- tag: "main_sequence" - tag: udp_server
type: "sequence" type: udp_server
args: args:
exec: entry: main_sequence
- _misc_optm listen: ":listen_port"
- query_is_hosts_domain
- query_is_redirect_domain
- if: query_is_whitelist_domain - tag: tcp_server
exec: type: tcp_server
- forward_local args:
- modify_ttl entry: main_sequence
- _return listen: ":listen_port"
- if: "query_is_blocklist_domain || query_is_ad_domain || match_local_ptr || match_qtype65"
exec:
- _new_nxdomain_response
- _return
- lazy_cache
- if: query_is_greylist_domain
exec:
- forward_remote
- modify_ttl
- _return
- if: query_is_local_domain
exec:
- forward_local
- modify_ttl
- _return
- if: query_is_non_local_domain
exec:
- _prefer_ipv4
- forward_remote
- modify_ttl
- _return
- primary:
- forward_local
- if: "(! response_has_local_ip) && [_response_valid_answer]"
exec:
- _drop_response
secondary:
- _prefer_ipv4
- forward_remote
- modify_ttl
fast_fallback: 200
servers:
- exec: main_sequence
listeners:
- protocol: udp
addr: ":listen_port"
- protocol: tcp
addr: ":listen_port"

6
luci-app-mosdns/root/usr/share/mosdns/mosdns.sh
View File

@ -34,12 +34,12 @@ ad_block() (
if [ "$adblock" -eq 1 ]; then if [ "$adblock" -eq 1 ]; then
ad_source=$(uci -q get mosdns.config.ad_source) ad_source=$(uci -q get mosdns.config.ad_source)
if [ "$ad_source" = "geosite.dat" ]; then if [ "$ad_source" = "geosite.dat" ]; then
echo "provider:geosite:category-ads-all" echo "/var/mosdns/geosite_category-ads-all.txt"
else else
echo "provider:adlist" echo "/etc/mosdns/rule/adlist.txt"
fi fi
else else
echo "full:disable-category-ads-all.null" touch /var/disable-ads.txt ; echo "/var/disable-ads.txt"
fi fi
) )

3530
luci-app-mosdns/root/usr/share/mosdns/sp_low.tdata Normal file
View File

File diff suppressed because it is too large Load Diff