zhao/luci-app-mosdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-mosdns: enable http/3 protocol only for DNS with h3:// prefix

Browse Source 
* example: h3://dns.alidns.com/dns-query
* according #138
This commit is contained in:
sbwml 2023-09-29 03:26:17 +08:00
parent 3078047cdb
commit e31521dd01
4 changed files with 30 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
View File

@ -66,6 +66,7 @@ o:value("180.76.76.76", translate("Baidu Public DNS (180.76.76.76)"))
o:value("https://doh.pub/dns-query", translate("Tencent Public DNS (DNS over HTTPS)")) o:value("https://doh.pub/dns-query", translate("Tencent Public DNS (DNS over HTTPS)"))
o:value("quic://dns.alidns.com", translate("Aliyun Public DNS (DNS over QUIC)")) o:value("quic://dns.alidns.com", translate("Aliyun Public DNS (DNS over QUIC)"))
o:value("https://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS)")) o:value("https://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS)"))
o:value("h3://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS/3)"))
o:value("https://doh.360.cn/dns-query", translate("360 Public DNS (DNS over HTTPS)")) o:value("https://doh.360.cn/dns-query", translate("360 Public DNS (DNS over HTTPS)"))
o:depends("custom_local_dns", "1") o:depends("custom_local_dns", "1")
@ -120,16 +121,6 @@ o.rmempty = false
o.default = false o.default = false
o:depends("configfile", "/etc/mosdns/config.yaml") o:depends("configfile", "/etc/mosdns/config.yaml")
o = s:taboption("advanced", Flag, "enable_http3_local", translate("China DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"))
o.rmempty = false
o.default = false
o:depends("custom_local_dns", "1")
o = s:taboption("advanced", Flag, "enable_http3_remote", translate("Remote DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"))
o.rmempty = false
o.default = false
o:depends("configfile", "/etc/mosdns/config.yaml")
o = s:taboption("advanced", Flag, "enable_ecs_remote", translate("Enable EDNS client subnet"), translate("Add the EDNS Client Subnet option (ECS) to Remote DNS") .. '<br />' .. translate("MosDNS will auto identify the IP address subnet segment of your remote connection (0/24)") .. '<br />' .. translate("If your remote access network changes, May need restart MosDNS to update the ECS request address")) o = s:taboption("advanced", Flag, "enable_ecs_remote", translate("Enable EDNS client subnet"), translate("Add the EDNS Client Subnet option (ECS) to Remote DNS") .. '<br />' .. translate("MosDNS will auto identify the IP address subnet segment of your remote connection (0/24)") .. '<br />' .. translate("If your remote access network changes, May need restart MosDNS to update the ECS request address"))
o.rmempty = false o.rmempty = false
o.default = false o.default = false

15
luci-app-mosdns/po/zh-cn/mosdns.po
View File

@ -208,6 +208,9 @@ msgstr "阿里云公共 DNSDNS over QUIC"
msgid "Aliyun Public DNS (DNS over HTTPS)" msgid "Aliyun Public DNS (DNS over HTTPS)"
msgstr "阿里云公共 DNSDNS over HTTPS" msgstr "阿里云公共 DNSDNS over HTTPS"
msgid "Aliyun Public DNS (DNS over HTTPS/3)"
msgstr "阿里云公共 DNSDNS over HTTPS/3"
msgid "360 Public DNS (DNS over HTTPS)" msgid "360 Public DNS (DNS over HTTPS)"
msgstr "360 安全 DNSDNS over HTTPS" msgstr "360 安全 DNSDNS over HTTPS"
@ -265,18 +268,6 @@ msgstr "禁用 TLS 证书"
msgid "Disable TLS Servers certificate validation, Can be useful if system CA certificate expires or the system time is out of order" msgid "Disable TLS Servers certificate validation, Can be useful if system CA certificate expires or the system time is out of order"
msgstr "禁用 TLS 服务器证书验证,当系统 CA 证书过期或系统时间错乱时,本选项可能会有用" msgstr "禁用 TLS 服务器证书验证,当系统 CA 证书过期或系统时间错乱时,本选项可能会有用"
msgid "China DNS Enable HTTP/3"
msgstr "国内 DNS 启用 HTTP/3"
msgid "Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"
msgstr "国内 DNS 启用 DoH HTTP/3 协议,需要上游 DNS 服务器支持(实验性功能)"
msgid "Remote DNS Enable HTTP/3"
msgstr "远程 DNS 启用 HTTP/3"
msgid "Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"
msgstr "远程 DNS 启用 DoH HTTP/3 协议,需要上游 DNS 服务器支持(实验性功能)"
msgid "Enable EDNS client subnet" msgid "Enable EDNS client subnet"
msgstr "启用 EDNS 客户端子网" msgstr "启用 EDNS 客户端子网"

2
luci-app-mosdns/root/etc/config/mosdns
View File

@ -21,8 +21,6 @@ config mosdns 'config'
option custom_local_dns '0' option custom_local_dns '0'
option enable_pipeline '0' option enable_pipeline '0'
option insecure_skip_verify '0' option insecure_skip_verify '0'
option enable_http3_local '0'
option enable_http3_remote '0'
option dns_leak '0' option dns_leak '0'
option cloudflare '0' option cloudflare '0'
option listen_port_api '9091' option listen_port_api '9091'

35
luci-app-mosdns/root/etc/init.d/mosdns
View File

@ -58,8 +58,6 @@ get_config() {
config_get max_conns $1 max_conns 2 config_get max_conns $1 max_conns 2
config_get insecure_skip_verify $1 insecure_skip_verify 0 config_get insecure_skip_verify $1 insecure_skip_verify 0
config_get idle_timeout $1 idle_timeout 30 config_get idle_timeout $1 idle_timeout 30
config_get enable_http3_local $1 enable_http3_local 0
config_get enable_http3_remote $1 enable_http3_remote 0
config_get enable_ecs_remote $1 enable_ecs_remote 0 config_get enable_ecs_remote $1 enable_ecs_remote 0
config_get dns_leak $1 dns_leak 0 config_get dns_leak $1 dns_leak 0
config_get cloudflare $1 cloudflare 0 config_get cloudflare $1 cloudflare 0
@ -69,14 +67,31 @@ init_yaml() {
TMPDIR=$(mktemp -d) || exit 1 TMPDIR=$(mktemp -d) || exit 1
[ $enable_pipeline -eq 1 ] && enable_pipeline=true || enable_pipeline=false [ $enable_pipeline -eq 1 ] && enable_pipeline=true || enable_pipeline=false
[ $insecure_skip_verify -eq 1 ] && insecure_skip_verify=true || insecure_skip_verify=false [ $insecure_skip_verify -eq 1 ] && insecure_skip_verify=true || insecure_skip_verify=false
# HTTP/3 # China DNS
[ $enable_http3_local -eq 1 ] && enable_http3_local=true || enable_http3_local=false if [ "$custom_local_dns" -eq 1 ]; then
[ $enable_http3_remote -eq 1 ] && enable_http3_remote=true || enable_http3_remote=false local_dns=$($MOSDNS_SCRIPT dns | awk -v s=' ' '{
# Write parameters for(i=1; i<=NF; i++) {
[ "$custom_local_dns" -eq 1 ] && \ if ($i ~ /^h3:\/\//) {
local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n%s enable_http3: '${enable_http3_local}'\n",s,$i,s,s,s,s,s,s}' s=' ') || \ printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n%s enable_http3: true\n",s,$i,s,s,s,s,s,s
} else {
printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
}
}
}')
else
local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s=' ') local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s=' ')
remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n%s enable_http3: '${enable_http3_remote}'\n",s,$i,s,s,s,s,s,s}' s=' ') fi
# Remote DNS
remote_dns=$(echo $remote_dns | awk -v s=' ' '{
for(i=1; i<=NF; i++) {
if ($i ~ /^h3:\/\//) {
printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n%s enable_http3: true\n",s,$i,s,s,s,s,s,s
} else {
printf "%s- addr: \"%s\"\n%s bootstrap: '${bootstrap_dns}'\n%s enable_pipeline: '${enable_pipeline}'\n%s max_conns: '${max_conns}'\n%s insecure_skip_verify: '${insecure_skip_verify}'\n%s idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
}
}
}')
# Write parameters
sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \ sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \
s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \ s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \
s,cache_survival_time,$cache_survival_time,g; \ s,cache_survival_time,$cache_survival_time,g; \
@ -94,6 +109,8 @@ init_yaml() {
echo "${local_dns}" > $TMPDIR/local_dns.txt echo "${local_dns}" > $TMPDIR/local_dns.txt
echo "${remote_dns}" > $TMPDIR/remote_dns.txt echo "${remote_dns}" > $TMPDIR/remote_dns.txt
sed -i -e '/- addr: local_dns/{r '$TMPDIR/local_dns.txt -e';d};/- addr: remote_dns/{r '$TMPDIR/remote_dns.txt -e';d}' $CONF sed -i -e '/- addr: local_dns/{r '$TMPDIR/local_dns.txt -e';d};/- addr: remote_dns/{r '$TMPDIR/remote_dns.txt -e';d}' $CONF
# Convert HTTP/3 prefix format
sed -i 's/h3:\/\//https:\/\//g' $CONF
# Cache dump # Cache dump
[ "$dump_file" -eq 1 ] && sed -i "/lazy_cache_ttl/a\ dump_file: $DUMP_FILE\n dump_interval: $dump_interval" $CONF [ "$dump_file" -eq 1 ] && sed -i "/lazy_cache_ttl/a\ dump_file: $DUMP_FILE\n dump_interval: $dump_interval" $CONF
[ "$dump_file" -eq 1 ] && [ ! -f $DUMP_FILE ] && cp -a $DUMP_FILE_DEFAULT $DUMP_FILE [ "$dump_file" -eq 1 ] && [ ! -f $DUMP_FILE ] && cp -a $DUMP_FILE_DEFAULT $DUMP_FILE