luci-app-passwall: sync upstream

last commit: 6f3f2ac6ce
2024-11-12 14:00:21 +08:00 · 2024-11-12 14:00:21 +08:00 · 0a315983a1
commit 0a315983a1
parent 10e2c58ee5
3 changed files with 3 additions and 34 deletions
--- a/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
+++ b/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
@ -224,10 +224,8 @@ end
 if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
 	local white_domain, lookup_white_domain = {}, {}
 	local shunt_domain, lookup_shunt_domain = {}, {}
-	local blackhole_domain, lookup_blackhole_domain = {}, {}
 	local file_white_host = TMP_ACL_PATH .. "/white_host"
 	local file_shunt_host = TMP_ACL_PATH .. "/shunt_host"
-	local file_blackhole_host = TMP_ACL_PATH .. "/blackhole_host"

 	local t = uci:get_all(appname, TCP_NODE)
 	local default_node_id = t["default_node"] or "_direct"
@ -246,11 +244,7 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
 					end
 					line = api.get_std_domain(line)

-					if _node_id == "_blackhole" then
-						if line ~= "" and not line:find("#") then
-							insert_unique(blackhole_domain, line, lookup_blackhole_domain)
-						end
-					elseif _node_id == "_direct" then
+					if _node_id == "_direct" then
 						if line ~= "" and not line:find("#") then
 							insert_unique(white_domain, line, lookup_white_domain)
 						end
@ -268,16 +262,6 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
 		end
 	end)

-	if is_file_nonzero(file_blackhole_host) == nil then
-		if #blackhole_domain > 0 then
-			local f_out = io.open(file_blackhole_host, "w")
-			for i = 1, #blackhole_domain do
-				f_out:write(blackhole_domain[i] .. "\n")
-			end
-			f_out:close()
-		end
-	end
-
 	if is_file_nonzero(file_white_host) == nil then
 		if #white_domain > 0 then
 			local f_out = io.open(file_white_host, "w")
@ -298,15 +282,6 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
 		end
 	end

-	if is_file_nonzero(file_blackhole_host) then
-		for i, v in ipairs(config_lines) do   --添加到屏蔽组一同处理
-			if v == "group-dnl " .. file_block_host then
-				config_lines[i] = "group-dnl " .. file_block_host .. "," .. file_blackhole_host
-				break
-			end
-		end
-	end
-
 	if is_file_nonzero(file_white_host) then
 		for i, v in ipairs(config_lines) do   --添加到白名单组一同处理
 			if v == "group-dnl " .. file_direct_host then
--- a/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/iptables.sh
@ -751,10 +751,7 @@ add_firewall_rule() {
 			local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil")
 			[ "$_node_id" != "nil" ] && {
 				[ "$_node_id" = "_default" ] && _node_id=$default_node_id
-				if [ "$_node_id" = "_blackhole" ]; then
-					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_BLOCKLIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_BLOCKLIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-				elif [ "$_node_id" = "_direct" ]; then
+				if [ "$_node_id" = "_direct" ]; then
 					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_WHITELIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_WHITELIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 				else
--- a/luci-app-passwall/root/usr/share/passwall/nftables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/nftables.sh
@ -837,10 +837,7 @@ add_firewall_rule() {
 			local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil")
 			[ "$_node_id" != "nil" ] && {
 				[ "$_node_id" = "_default" ] && _node_id=$default_node_id
-				if [ "$_node_id" = "_blackhole" ]; then
-					insert_nftset $NFTSET_BLOCKLIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
-					insert_nftset $NFTSET_BLOCKLIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
-				elif [ "$_node_id" = "_direct" ]; then
+				if [ "$_node_id" = "_direct" ]; then
 					insert_nftset $NFTSET_WHITELIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
 					insert_nftset $NFTSET_WHITELIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
 				else