luci: optimize some problems

luci-app-passwall/Makefile

@@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-passwall
 PKG_VERSION:=4.53
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 PKG_CONFIG_DEPENDS:= \
 	CONFIG_PACKAGE_$(PKG_NAME)_Transparent_Proxy \

luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua

@@ -1,6 +1,8 @@
 local api = require "luci.model.cbi.passwall.api.api"
 local appname = api.appname
 local fs = api.fs
+local has_v2ray = api.is_finded("v2ray")
+local has_xray = api.is_finded("xray")
 
 m = Map(appname)
 
@@ -128,25 +130,28 @@ o = s:option(Flag, "accept_icmpv6", translate("Hijacking ICMPv6 (IPv6 PING)"))
 o:depends("ipv6_tproxy", true)
 o.default = 0
 
-o = s:option(Flag, "sniffing", translate("Sniffing (V2Ray/Xray)"), translate("When using the V2ray/Xray shunt, must be enabled, otherwise the shunt will invalid."))
-o.default = 1
-o.rmempty = false
+if has_v2ray or has_xray then
+    o = s:option(Flag, "sniffing", translate("Sniffing (V2Ray/Xray)"), translate("When using the V2ray/Xray shunt, must be enabled, otherwise the shunt will invalid."))
+    o.default = 1
+    o.rmempty = false
 
-o = s:option(Flag, "route_only", translate("Sniffing Route Only (Xray)"), translate("When enabled, the server not will resolve the domain name again."))
-o.default = 0
-o:depends("sniffing", true)
-
-o = s:option(Value, "buffer_size", translate("Buffer Size (Xray)"), translate("Buffer size for every connection (kB)"))
-o.rmempty = true
-o.datatype = "uinteger"
-
-local domains_excluded = string.format("/usr/share/%s/rules/domains_excluded", appname)
-o = s:option(TextValue, "no_sniffing_hosts", translate("No Sniffing Lists"), translate("Hosts added into No Sniffing Lists will not resolve again on server (Xray only)."))
-o.rows = 15
-o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(domains_excluded) or "" end
-o.write = function(self, section, value) fs.writefile(domains_excluded, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(domains_excluded, "") end
-o:depends({sniffing = true, route_only = false})
+    if has_xray then
+        route_only = s:option(Flag, "route_only", translate("Sniffing Route Only (Xray)"), translate("When enabled, the server not will resolve the domain name again."))
+        route_only.default = 0
+        route_only:depends("sniffing", true)
 
+        local domains_excluded = string.format("/usr/share/%s/rules/domains_excluded", appname)
+        o = s:option(TextValue, "no_sniffing_hosts", translate("No Sniffing Lists"), translate("Hosts added into No Sniffing Lists will not resolve again on server (Xray only)."))
+        o.rows = 15
+        o.wrap = "off"
+        o.cfgvalue = function(self, section) return fs.readfile(domains_excluded) or "" end
+        o.write = function(self, section, value) fs.writefile(domains_excluded, value:gsub("\r\n", "\n")) end
+        o.remove = function(self, section, value)
+            if route_only:formvalue(section) == "0" then
+                fs.writefile(domains_excluded, "")
+            end
+        end
+        o:depends({sniffing = true, route_only = false})
+    end
+end
 return m

luci-app-passwall/root/usr/share/passwall/iptables.sh

@@ -1182,14 +1182,16 @@ add_firewall_rule() {
 		}
 	fi
 
+	$ipt_m -A PSW -p udp --dport 53 -j RETURN
+	$ip6t_m -A PSW -p udp --dport 53 -j RETURN
 	#  加载ACLS
 	load_acl
 
 	# dns_hijack "force"
 
 	[ -n "${is_tproxy}" -o -n "${udp_flag}" ] && {
-		sysctl -w net.bridge.bridge-nf-call-iptables=0 2>/dev/null
-		[ "$PROXY_IPV6" == "1" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=0 2>/dev/null
+		sysctl -w net.bridge.bridge-nf-call-iptables=0 >/dev/null 2>&1
+		[ "$PROXY_IPV6" == "1" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=0 >/dev/null 2>&1
 	}
 	echolog "防火墙规则加载完成！"
 }