diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/type/hysteria2.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/type/hysteria2.lua index a8826ca38..ae4c2a80f 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/type/hysteria2.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/type/hysteria2.lua @@ -53,7 +53,7 @@ o.rewrite_option = o.option o = s:option(Value, option_name("down_mbps"), translate("Max download Mbps")) o.rewrite_option = o.option -o = s:option(Value, option_name("hop_interval"), translate("Hop Interval")) +o = s:option(Value, option_name("hop_interval"), translate("Hop Interval"), translate("Example:") .. "30s (≥5s)") o.rewrite_option = o.option o = s:option(Value, option_name("recv_window"), translate("QUIC stream receive window")) @@ -63,7 +63,7 @@ o = s:option(Value, option_name("recv_window_conn"), translate("QUIC connection o.rewrite_option = o.option -o = s:option(Value, option_name("idle_timeout"), translate("Idle Timeout")) +o = s:option(Value, option_name("idle_timeout"), translate("Idle Timeout"), translate("Example:") .. "30s (4s-120s)") o.rewrite_option = o.option o = s:option(Flag, option_name("disable_mtu_discovery"), translate("Disable MTU detection")) diff --git a/luci-app-passwall/luasrc/passwall/util_hysteria2.lua b/luci-app-passwall/luasrc/passwall/util_hysteria2.lua index 54f723f85..b818aadbf 100644 --- a/luci-app-passwall/luasrc/passwall/util_hysteria2.lua +++ b/luci-app-passwall/luasrc/passwall/util_hysteria2.lua @@ -65,7 +65,14 @@ function gen_config(var) transport = { type = node.protocol or "udp", udp = { - hopInterval = node.hysteria2_hop_interval and node.hysteria2_hop_interval .. "s" or "30s" + hopInterval = (function() + local HopIntervalStr = tostring(node.hysteria2_hop_interval or "30s") + local HopInterval = tonumber(HopIntervalStr:match("^%d+")) + if HopInterval and HopInterval >= 5 then + return tostring(HopInterval) .. "s" + end + return "30s" + end)(), } }, obfs = (node.hysteria2_obfs) and { @@ -83,7 +90,14 @@ function gen_config(var) quic = { initStreamReceiveWindow = (node.hysteria2_recv_window) and tonumber(node.hysteria2_recv_window) or nil, initConnReceiveWindow = (node.hysteria2_recv_window_conn) and tonumber(node.hysteria2_recv_window_conn) or nil, - maxIdleTimeout = (node.hysteria2_idle_timeout) and tonumber(node.hysteria2_idle_timeout) or nil, + maxIdleTimeout = (function() + local timeoutStr = tostring(node.hysteria2_idle_timeout or "") + local timeout = tonumber(timeoutStr:match("^%d+")) + if timeout and timeout >= 4 and timeout <= 120 then + return tostring(timeout) .. "s" + end + return nil + end)(), disablePathMTUDiscovery = (node.hysteria2_disable_mtu_discovery) and true or false, }, bandwidth = (node.hysteria2_up_mbps or node.hysteria2_down_mbps) and { diff --git a/luci-app-passwall/root/usr/share/passwall/iptables.sh b/luci-app-passwall/root/usr/share/passwall/iptables.sh index d3a8c909c..d520053f7 100755 --- a/luci-app-passwall/root/usr/share/passwall/iptables.sh +++ b/luci-app-passwall/root/usr/share/passwall/iptables.sh @@ -761,9 +761,7 @@ add_firewall_rule() { local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') for shunt_id in $shunt_ids; do config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_SHUNTLIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - [ "$PROXY_IPV6" = "1" ] && { - config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_SHUNTLIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - } + config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_SHUNTLIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R done } diff --git a/luci-app-passwall/root/usr/share/passwall/nftables.sh b/luci-app-passwall/root/usr/share/passwall/nftables.sh index 60b2049dd..646c6316f 100755 --- a/luci-app-passwall/root/usr/share/passwall/nftables.sh +++ b/luci-app-passwall/root/usr/share/passwall/nftables.sh @@ -846,9 +846,7 @@ add_firewall_rule() { local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') for shunt_id in $shunt_ids; do insert_nftset $NFTSET_SHUNTLIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - [ "$PROXY_IPV6" = "1" ] && { - insert_nftset $NFTSET_SHUNTLIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - } + insert_nftset $NFTSET_SHUNTLIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") done }