diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua index 402ba48ea..cc1f25a76 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua @@ -45,7 +45,7 @@ o.rows = 5 o.rmempty = false o = s:option(Flag, "allowInsecure", translate("allowInsecure"), translate("Whether unsafe connections are allowed. When checked, Certificate validation will be skipped.")) -o.default = "1" +o.default = "0" o.rmempty = false o = s:option(ListValue, "filter_keyword_mode", translate("Filter keyword Mode")) diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua index 1303ce6f2..b2591ec25 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua @@ -15,18 +15,18 @@ o.rmempty = false ---- gfwlist URL o = s:option(DynamicList, "gfwlist_url", translate("GFW domains(gfwlist) Update URL")) -o:value("https://cdn.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt", translate("v2fly/domain-list-community")) -o:value("https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt", translate("Loyalsoldier/v2ray-rules-dat")) -o:value("https://cdn.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt", translate("Loukky/gfwlist-by-loukky")) -o:value("https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt", translate("gfwlist/gfwlist")) -o.default = "https://cdn.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt" +o:value("https://fastly.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt", translate("v2fly/domain-list-community")) +o:value("https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt", translate("Loyalsoldier/v2ray-rules-dat")) +o:value("https://fastly.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt", translate("Loukky/gfwlist-by-loukky")) +o:value("https://fastly.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt", translate("gfwlist/gfwlist")) +o.default = "https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt" ----chnroute URL o = s:option(DynamicList, "chnroute_url", translate("China IPs(chnroute) Update URL")) o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN")) o:value("https://ispip.clang.cn/all_cn_cidr.txt", translate("Clang.CN.CIDR")) -o:value("https://cdn.jsdelivr.net/gh/soffchen/GeoIP2-CN@release/CN-ip-cidr.txt", translate("soffchen/GeoIP2-CN")) -o:value("https://cdn.jsdelivr.net/gh/Hackl0us/GeoIP2-CN@release/CN-ip-cidr.txt", translate("Hackl0us/GeoIP2-CN")) +o:value("https://fastly.jsdelivr.net/gh/soffchen/GeoIP2-CN@release/CN-ip-cidr.txt", translate("soffchen/GeoIP2-CN")) +o:value("https://fastly.jsdelivr.net/gh/Hackl0us/GeoIP2-CN@release/CN-ip-cidr.txt", translate("Hackl0us/GeoIP2-CN")) o.default = "https://ispip.clang.cn/all_cn.txt" ----chnroute6 URL @@ -36,9 +36,9 @@ o.default = "https://ispip.clang.cn/all_cn_ipv6.txt" ----chnlist URL o = s:option(DynamicList, "chnlist_url", translate("China List(Chnlist) Update URL")) -o:value("https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf", translate("felixonmars/domains.china")) -o:value("https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf", translate("felixonmars/apple.china")) -o:value("https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf", translate("felixonmars/google.china")) +o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf", translate("felixonmars/domains.china")) +o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf", translate("felixonmars/apple.china")) +o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf", translate("felixonmars/google.china")) s:append(Template(appname .. "/rule/rule_version")) diff --git a/luci-app-passwall/root/usr/share/passwall/0_default_config b/luci-app-passwall/root/usr/share/passwall/0_default_config index 7bf973448..f6233caed 100644 --- a/luci-app-passwall/root/usr/share/passwall/0_default_config +++ b/luci-app-passwall/root/usr/share/passwall/0_default_config @@ -48,12 +48,12 @@ config global_rules option gfwlist_update '1' option geosite_update '0' option geoip_update '0' - list gfwlist_url 'https://raw.cooluc.com/YW5vbnltb3Vz/domain-list-community/release/gfwlist.txt' + list gfwlist_url 'https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt' list chnroute_url 'https://ispip.clang.cn/all_cn.txt' list chnroute6_url 'https://ispip.clang.cn/all_cn_ipv6.txt' - list chnlist_url 'https://raw.cooluc.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf' - list chnlist_url 'https://raw.cooluc.com/felixonmars/dnsmasq-china-list/master/apple.china.conf' - list chnlist_url 'https://raw.cooluc.com/felixonmars/dnsmasq-china-list/master/google.china.conf' + list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf' + list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf' + list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf' option v2ray_location_asset '/usr/share/v2ray/' config global_app diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua index 192886d15..3c61de030 100644 --- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua +++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua @@ -1,3 +1,4 @@ +require "luci.sys" local api = require "luci.model.cbi.passwall.api.api" local var = api.get_args(arg) @@ -164,7 +165,8 @@ end local dnsmasq_default_dns local cache_text = "" -local new_text = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. CHINADNS_DNS .. PROXY_MODE .. NO_PROXY_IPV6 +local new_rules = luci.sys.exec("echo -n $(find /usr/share/passwall/rules -type f | xargs md5sum)") +local new_text = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. CHINADNS_DNS .. PROXY_MODE .. NO_PROXY_IPV6 .. new_rules if fs.access(CACHE_TEXT_FILE) then for line in io.lines(CACHE_TEXT_FILE) do cache_text = line diff --git a/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua index 39e0213e2..615268633 100644 --- a/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua +++ b/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua @@ -1,3 +1,4 @@ +require "luci.sys" local api = require "luci.model.cbi.passwall.api.api" local var = api.get_args(arg) @@ -145,7 +146,8 @@ local function check_excluded_domain(domain) end local cache_text = "" -local new_text = SMARTDNS_CONF .. LOCAL_GROUP .. REMOTE_GROUP .. REMOTE_FAKEDNS .. TUN_DNS .. PROXY_MODE .. NO_PROXY_IPV6 +local new_rules = luci.sys.exec("echo -n $(find /usr/share/passwall/rules -type f | xargs md5sum)") +local new_text = SMARTDNS_CONF .. LOCAL_GROUP .. REMOTE_GROUP .. REMOTE_FAKEDNS .. TUN_DNS .. PROXY_MODE .. NO_PROXY_IPV6 ..new_rules if fs.access(CACHE_TEXT_FILE) then for line in io.lines(CACHE_TEXT_FILE) do cache_text = line diff --git a/luci-app-passwall/root/usr/share/passwall/rule_update.lua b/luci-app-passwall/root/usr/share/passwall/rule_update.lua index 40ee66608..2784505c4 100755 --- a/luci-app-passwall/root/usr/share/passwall/rule_update.lua +++ b/luci-app-passwall/root/usr/share/passwall/rule_update.lua @@ -26,10 +26,10 @@ local ip6_ipset_pattern = ":-[%x]+%:+[%x]-[%/][%d]+$" local domain_pattern = "([%w%-%_]+%.[%w%.%-%_]+)[%/%*]*" local excluded_domain = {"apple.com","sina.cn","sina.com.cn","baidu.com","byr.cn","jlike.com","weibo.com","zhongsou.com","youdao.com","sogou.com","so.com","soso.com","aliyun.com","taobao.com","jd.com","qq.com","bing.com"} -local gfwlist_url = ucic:get(name, "@global_rules[0]", "gfwlist_url") or {"https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"} +local gfwlist_url = ucic:get(name, "@global_rules[0]", "gfwlist_url") or {"https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"} local chnroute_url = ucic:get(name, "@global_rules[0]", "chnroute_url") or {"https://ispip.clang.cn/all_cn.txt"} local chnroute6_url = ucic:get(name, "@global_rules[0]", "chnroute6_url") or {"https://ispip.clang.cn/all_cn_ipv6.txt"} -local chnlist_url = ucic:get(name, "@global_rules[0]", "chnlist_url") or {"https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf","https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf","https://cdn.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf"} +local chnlist_url = ucic:get(name, "@global_rules[0]", "chnlist_url") or {"https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf"} local geoip_api = "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest" local geosite_api = "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest" local v2ray_asset_location = ucic:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/") @@ -87,6 +87,14 @@ local function line_count(file_path) return num; end +local function non_file_check(file_path) + if nixio.fs.readfile(file_path, 1000) then + return nil; + else + return true; + end +end + --fetch rule local function fetch_rule(rule_name,rule_type,url,exclude_domain) local sret = 200 @@ -99,7 +107,10 @@ local function fetch_rule(rule_name,rule_type,url,exclude_domain) log(rule_name.. " 开始更新...") for k,v in ipairs(url) do sret_tmp = curl(v, download_file_tmp..k) - if sret_tmp == 200 then + if sret_tmp == 200 and non_file_check(download_file_tmp..k) then + sret = 0 + log(rule_name.. " 第" ..k.. "条规则:" ..v.. "下载文件读取出错,请检查网络或下载链接后重试!") + elseif sret_tmp == 200 then if rule_name == "gfwlist" then local domains = {} local gfwlist = io.open(download_file_tmp..k, "r") @@ -152,11 +163,11 @@ local function fetch_rule(rule_name,rule_type,url,exclude_domain) out:close() end - os.remove(download_file_tmp..k) else sret = 0 - log(rule_name.. " 第" ..k.. "条规则:" ..v.. "下载失败!") + log(rule_name.. " 第" ..k.. "条规则:" ..v.. "下载失败,请检查网络或下载链接后重试!") end + os.remove(download_file_tmp..k) end if sret == 200 then @@ -169,9 +180,7 @@ local function fetch_rule(rule_name,rule_type,url,exclude_domain) end luci.sys.call("cat " ..unsort_file_tmp.. " | sort -u > "..file_tmp) os.remove(unsort_file_tmp) - end - if sret == 200 then local old_md5 = luci.sys.exec("echo -n $(md5sum " .. rule_path .. "/" ..rule_name.. " | awk '{print $1}')") local new_md5 = luci.sys.exec("echo -n $([ -f '" ..file_tmp.. "' ] && md5sum " ..file_tmp.." | awk '{print $1}')") if old_md5 ~= new_md5 then diff --git a/luci-app-passwall/root/usr/share/passwall/subscribe.lua b/luci-app-passwall/root/usr/share/passwall/subscribe.lua index e7f52c377..8425a416b 100755 --- a/luci-app-passwall/root/usr/share/passwall/subscribe.lua +++ b/luci-app-passwall/root/usr/share/passwall/subscribe.lua @@ -27,7 +27,7 @@ local has_trojan_plus = api.is_finded("trojan-plus") local has_v2ray = api.is_finded("v2ray") local has_xray = api.is_finded("xray") local has_trojan_go = api.is_finded("trojan-go") -local allowInsecure_default = true +local allowInsecure_default = nil local ss_aead_type_default = uci:get(appname, "@global_subscribe[0]", "ss_aead_type") or "shadowsocks-libev" local trojan_type_default = uci:get(appname, "@global_subscribe[0]", "trojan_type") or "trojan-plus" -- 判断是否过滤节点关键字 @@ -555,16 +555,12 @@ local function processData(szType, content, add_mode, add_from) result.address = hostInfo and hostInfo[1] or Info[2] end local peer, sni = nil, "" - local allowInsecure = allowInsecure_default local query = split(Info[2], "?") local params = {} for _, v in pairs(split(query[2], '&')) do local t = split(v, '=') params[string.lower(t[1])] = UrlDecode(t[2]) end - if params.allowinsecure then - allowInsecure = params.allowinsecure - end if params.peer then peer = params.peer end sni = params.sni and params.sni or "" if params.ws and params.ws == "1" then @@ -586,7 +582,16 @@ local function processData(szType, content, add_mode, add_from) end result.tls = '1' result.tls_serverName = peer and peer or sni - result.tls_allowInsecure = allowInsecure and "1" or "0" + if params.allowinsecure then + if params.allowinsecure == "1" or params.allowinsecure == "0" then + result.tls_allowInsecure = params.allowinsecure + else + result.tls_allowInsecure = string.lower(params.allowinsecure) == "true" and "1" or "0" + end + log(result.remarks .. ' 使用节点AllowInsecure设定: '.. result.tls_allowInsecure) + else + result.tls_allowInsecure = allowInsecure_default and "1" or "0" + end end if trojan_type_default == "trojan-plus" and has_trojan_plus then result.type = "Trojan-Plus" @@ -787,8 +792,11 @@ local function processData(szType, content, add_mode, add_from) result.hysteria_auth_type = "string" result.hysteria_auth_password = params.auth result.tls_serverName = params.peer - if params.insecure and params.insecure == "1" then - result.tls_allowInsecure = "1" + if params.insecure and (params.insecure == "1" or params.insecure == "0") then + result.tls_allowInsecure = params.insecure + log(result.remarks ..' 使用节点AllowInsecure设定: '.. result.tls_allowInsecure) + else + result.tls_allowInsecure = allowInsecure_default and "1" or "0" end result.hysteria_alpn = params.alpn result.hysteria_up_mbps = params.upmbps @@ -1138,8 +1146,8 @@ local execute = function() local cfgid = value[".name"] local remark = value.remark local url = value.url - if value.allowInsecure and value.allowInsecure ~= "1" then - allowInsecure_default = nil + if value.allowInsecure and value.allowInsecure == "1" then + allowInsecure_default = true end local filter_keyword_mode = value.filter_keyword_mode or "5" if filter_keyword_mode == "0" then @@ -1180,7 +1188,7 @@ local execute = function() else retry[#retry + 1] = value end - allowInsecure_default = true + allowInsecure_default = nil filter_keyword_mode_default = uci:get(appname, "@global_subscribe[0]", "filter_keyword_mode") or "0" filter_keyword_discard_list_default = uci:get(appname, "@global_subscribe[0]", "filter_discard_list") or {} filter_keyword_keep_list_default = uci:get(appname, "@global_subscribe[0]", "filter_keep_list") or {}