From aa9b5627f8b8a41b9b92a43a972c10ba4c91a41b Mon Sep 17 00:00:00 2001
From: sbwml <admin@cooluc.com>
Date: Tue, 19 Sep 2023 18:04:51 +0800
Subject: [PATCH] luci-app-mosdns: add custom Cloudflare IP support

* #121
---
 luci-app-mosdns/Makefile                      |  2 +-
 .../luasrc/model/cbi/mosdns/basic.lua         | 24 +++++++++++++++++++
 luci-app-mosdns/po/zh-cn/mosdns.po            | 12 ++++++++++
 luci-app-mosdns/root/etc/config/mosdns        |  1 +
 luci-app-mosdns/root/etc/init.d/mosdns        |  7 ++++++
 .../root/etc/mosdns/rule/cloudflare-cidr.txt  | 22 +++++++++++++++++
 .../root/usr/share/mosdns/default.yaml        |  8 +++++++
 .../root/usr/share/mosdns/mosdns.sh           |  7 ++++++
 8 files changed, 82 insertions(+), 1 deletion(-)
 create mode 100644 luci-app-mosdns/root/etc/mosdns/rule/cloudflare-cidr.txt

diff --git a/luci-app-mosdns/Makefile b/luci-app-mosdns/Makefile
index d5cf6b6..3d95706 100644
--- a/luci-app-mosdns/Makefile
+++ b/luci-app-mosdns/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-mosdns
-PKG_VERSION:=1.5.7
+PKG_VERSION:=1.5.8
 PKG_RELEASE:=1
 
 LUCI_TITLE:=LuCI Support for mosdns
diff --git a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
index f5674e3..5eff955 100644
--- a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
+++ b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
@@ -199,6 +199,30 @@ function o.write(self, section, value)
     fs.writefile("/etc/mosdns/config_custom.yaml", value)
 end
 
+s:tab("cloudflare", translate("Cloudflare Options"))
+o = s:taboption("cloudflare", Flag, "cloudflare", translate("Enabled"), translate("Match the parsing result with the Cloudflare IP ranges, and when there is a successful match, use the 'Custom IP' as the parsing result (experimental feature)"))
+o.rmempty = false
+o.default = false
+o:depends("configfile", "/etc/mosdns/config.yaml")
+
+o = s:taboption("cloudflare", DynamicList, "cloudflare_ip", translate("Custom IP"))
+o.rmempty = false
+o.datatype = "ipaddr"
+o:depends("configfile", "/etc/mosdns/config.yaml")
+
+o = s:taboption("cloudflare", TextValue, "cloudflare_cidr", translate("Cloudflare IP Ranges"))
+o.description = translate("IPv4 CIDR：") .. [[<a href="https://www.cloudflare.com/ips-v4" target="_blank">https://www.cloudflare.com/ips-v4</a>]] .. '<br />' .. translate("IPv6 CIDR：") .. [[<a href="https://www.cloudflare.com/ips-v6" target="_blank">https://www.cloudflare.com/ips-v6</a>]]
+o.template = "cbi/tvalue"
+o.rows = 15
+o:depends("configfile", "/etc/mosdns/config.yaml")
+function o.cfgvalue(self, section)
+    return fs.readfile("/etc/mosdns/rule/cloudflare-cidr.txt")
+end
+function o.write(self, section, value)
+    value = value:gsub("\r\n?", "\n")
+    fs.writefile("/etc/mosdns/rule/cloudflare-cidr.txt", value)
+end
+
 s:tab("api", translate("API Options"))
 
 o = s:taboption("api", Value, "listen_port_api", translate("API Listen port"))
diff --git a/luci-app-mosdns/po/zh-cn/mosdns.po b/luci-app-mosdns/po/zh-cn/mosdns.po
index 76ad2c1..7c9beca 100644
--- a/luci-app-mosdns/po/zh-cn/mosdns.po
+++ b/luci-app-mosdns/po/zh-cn/mosdns.po
@@ -7,6 +7,9 @@ msgstr "基本选项"
 msgid "Advanced Options"
 msgstr "高级选项"
 
+msgid "Cloudflare Options"
+msgstr "Cloudflare 选项"
+
 msgid "API Options"
 msgstr "API 选项"
 
@@ -46,6 +49,15 @@ msgstr "刷新成功"
 msgid "Flushing Failed, Please check if MosDNS is enabled"
 msgstr "刷新失败，请检查 MosDNS 是否已启用"
 
+msgid "Match the parsing result with the Cloudflare IP ranges, and when there is a successful match, use the 'Custom IP' as the parsing result (experimental feature)"
+msgstr "将解析结果与 Cloudflare IP 范围进行匹配，当匹配成功时，使用 “自选 IP” 作为解析结果（实验性功能）"
+
+msgid "Custom IP"
+msgstr "自选 IP"
+
+msgid "Cloudflare IP Ranges"
+msgstr "Cloudflare IP 范围"
+
 msgid "Log Level"
 msgstr "日志等级"
 
diff --git a/luci-app-mosdns/root/etc/config/mosdns b/luci-app-mosdns/root/etc/config/mosdns
index ebcbcd5..b49dd84 100644
--- a/luci-app-mosdns/root/etc/config/mosdns
+++ b/luci-app-mosdns/root/etc/config/mosdns
@@ -24,6 +24,7 @@ config mosdns 'config'
 	option enable_http3_local '0'
 	option enable_http3_remote '0'
 	option dns_leak '0'
+	option cloudflare '0'
 	option listen_port_api '9091'
 	option bootstrap_dns '119.29.29.29'
 	list remote_dns 'tls://8.8.8.8'
diff --git a/luci-app-mosdns/root/etc/init.d/mosdns b/luci-app-mosdns/root/etc/init.d/mosdns
index c6e3f05..6646b72 100755
--- a/luci-app-mosdns/root/etc/init.d/mosdns
+++ b/luci-app-mosdns/root/etc/init.d/mosdns
@@ -62,6 +62,7 @@ get_config() {
     config_get enable_http3_remote $1 enable_http3_remote 0
     config_get enable_ecs_remote $1 enable_ecs_remote 0
     config_get dns_leak $1 dns_leak 0
+    config_get cloudflare $1 cloudflare 0
 }
 
 init_yaml() {
@@ -103,6 +104,12 @@ init_yaml() {
         sed -i "/ecs_remote/d;" $CONF
     fi
     [ $dns_leak -eq 1 ] && sed -i "s,primary: query_is_local_ip,primary: query_is_remote,g" $CONF
+    if [ $cloudflare -eq 1 ]; then
+        cloudflare_ip=$(sh $MOSDNS_SCRIPT cloudflare)
+        sed -i "s/CLOUDFLARE_IP/$cloudflare_ip/g" $CONF
+    else
+        sed -i '/\$cloudflare_cidr\|CLOUDFLARE_IP/d' $CONF
+    fi
     rm -rf $TMPDIR
 }
 
diff --git a/luci-app-mosdns/root/etc/mosdns/rule/cloudflare-cidr.txt b/luci-app-mosdns/root/etc/mosdns/rule/cloudflare-cidr.txt
new file mode 100644
index 0000000..ca50c34
--- /dev/null
+++ b/luci-app-mosdns/root/etc/mosdns/rule/cloudflare-cidr.txt
@@ -0,0 +1,22 @@
+173.245.48.0/20
+103.21.244.0/22
+103.22.200.0/22
+103.31.4.0/22
+141.101.64.0/18
+108.162.192.0/18
+190.93.240.0/20
+188.114.96.0/20
+197.234.240.0/22
+198.41.128.0/17
+162.158.0.0/15
+104.16.0.0/13
+104.24.0.0/14
+172.64.0.0/13
+131.0.72.0/22
+2400:cb00::/32
+2606:4700::/32
+2803:f800::/32
+2405:b500::/32
+2405:8100::/32
+2a06:98c0::/29
+2c0f:f248::/32
diff --git a/luci-app-mosdns/root/usr/share/mosdns/default.yaml b/luci-app-mosdns/root/usr/share/mosdns/default.yaml
index db2543a..ca9b65c 100644
--- a/luci-app-mosdns/root/usr/share/mosdns/default.yaml
+++ b/luci-app-mosdns/root/usr/share/mosdns/default.yaml
@@ -74,6 +74,12 @@ plugins:
       files:
         - "/etc/mosdns/rule/local-ptr.txt"
 
+  - tag: cloudflare_cidr
+    type: ip_set
+    args:
+      files:
+        - "/etc/mosdns/rule/cloudflare-cidr.txt"
+
   - tag: lazy_cache
     type: cache
     args:
@@ -123,6 +129,8 @@ plugins:
         exec: $modify_ddns_ttl
       - matches: "!qname $ddnslist"
         exec: $modify_ttl
+      - matches: "resp_ip $cloudflare_cidr"
+        exec: black_hole CLOUDFLARE_IP
       - matches: has_resp
         exec: accept
 
diff --git a/luci-app-mosdns/root/usr/share/mosdns/mosdns.sh b/luci-app-mosdns/root/usr/share/mosdns/mosdns.sh
index 0715838..e93fc71 100755
--- a/luci-app-mosdns/root/usr/share/mosdns/mosdns.sh
+++ b/luci-app-mosdns/root/usr/share/mosdns/mosdns.sh
@@ -136,6 +136,10 @@ v2dat_dump() {
     fi
 }
 
+cloudflare_ip() {
+    uci -q get mosdns.config.cloudflare_ip
+}
+
 case $script_action in
     "dns")
         interface_dns
@@ -161,6 +165,9 @@ case $script_action in
     "v2dat_dump")
         v2dat_dump
     ;;
+    "cloudflare")
+        cloudflare_ip
+    ;;
     "version")
         mosdns version
     ;;