From 28f03a8a2e7b0da4dbc1431ca2468b23f5b6423a Mon Sep 17 00:00:00 2001
From: xiaorouji <60100640+xiaorouji@users.noreply.github.com>
Date: Mon, 12 Feb 2024 18:00:46 +0800
Subject: [PATCH] luci: set Xray DNS nonIPQuery = drop

Xray DNS only basic IP queries (A and AAAA records) are supported. We should drop other queried types, otherwise the so-called "DNS leak" may appear.
---
 luci-app-passwall/luasrc/passwall/util_xray.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/luci-app-passwall/luasrc/passwall/util_xray.lua b/luci-app-passwall/luasrc/passwall/util_xray.lua
index 37ee5f9d4..229b014b0 100644
--- a/luci-app-passwall/luasrc/passwall/util_xray.lua
+++ b/luci-app-passwall/luasrc/passwall/util_xray.lua
@@ -1122,7 +1122,7 @@ function gen_config(var)
 					address = remote_dns_tcp_server,
 					port = tonumber(remote_dns_tcp_port),
 					network = "tcp",
-					nonIPQuery = "skip"
+					nonIPQuery = "drop"
 				}
 			})