zhao/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-passwall: sync upstream

Browse Source 
last commit: 69fb2d4bc6
This commit is contained in:
gitea-action 2025-01-08 01:00:22 +08:00
parent f662cca045
commit 3274b6d612
7 changed files with 38 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
luci-app-passwall/luasrc/controller/passwall.lua
View File

@ -42,7 +42,7 @@ function index()
end end
entry({"admin", "services", appname, "app_update"}, cbi(appname .. "/client/app_update"), _("App Update"), 95).leaf = true entry({"admin", "services", appname, "app_update"}, cbi(appname .. "/client/app_update"), _("App Update"), 95).leaf = true
entry({"admin", "services", appname, "rule"}, cbi(appname .. "/client/rule"), _("Rule Manage"), 96).leaf = true entry({"admin", "services", appname, "rule"}, cbi(appname .. "/client/rule"), _("Rule Manage"), 96).leaf = true
entry({"admin", "services", appname, "rule_list"}, cbi(appname .. "/client/rule_list"), _("Rule List"), 97).leaf = true entry({"admin", "services", appname, "rule_list"}, cbi(appname .. "/client/rule_list", {autoapply = true}), _("Rule List"), 97).leaf = true
entry({"admin", "services", appname, "node_subscribe_config"}, cbi(appname .. "/client/node_subscribe_config")).leaf = true entry({"admin", "services", appname, "node_subscribe_config"}, cbi(appname .. "/client/node_subscribe_config")).leaf = true
entry({"admin", "services", appname, "node_config"}, cbi(appname .. "/client/node_config")).leaf = true entry({"admin", "services", appname, "node_config"}, cbi(appname .. "/client/node_config")).leaf = true
entry({"admin", "services", appname, "shunt_rules"}, cbi(appname .. "/client/shunt_rules")).leaf = true entry({"admin", "services", appname, "shunt_rules"}, cbi(appname .. "/client/shunt_rules")).leaf = true
@ -109,16 +109,14 @@ function reset_config()
end end
function show_menu() function show_menu()
uci:delete(appname, "@global[0]", "hide_from_luci") api.sh_uci_del(appname, "@global[0]", "hide_from_luci", true)
api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*") luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null") luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url()) luci.http.redirect(api.url())
end end
function hide_menu() function hide_menu()
uci:set(appname, "@global[0]", "hide_from_luci","1") api.sh_uci_set(appname, "@global[0]", "hide_from_luci", "1", true)
api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*") luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null") luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview")) luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
@ -361,8 +359,7 @@ function set_node()
local protocol = luci.http.formvalue("protocol") local protocol = luci.http.formvalue("protocol")
local section = luci.http.formvalue("section") local section = luci.http.formvalue("section")
uci:set(appname, "@global[0]", protocol .. "_node", section) uci:set(appname, "@global[0]", protocol .. "_node", section)
api.uci_save(uci, appname, true) api.uci_save(uci, appname, true, true)
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log")) luci.http.redirect(api.url("log"))
end end

3
luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
View File

@ -607,7 +607,8 @@ else
end end
o.inputstyle = "remove" o.inputstyle = "remove"
function o.write(e, e) function o.write(e, e)
luci.sys.call('[ -n "$(nft list sets 2>/dev/null | grep \"passwall_\")" ] && sh /usr/share/passwall/nftables.sh flush_nftset_reload || sh /usr/share/passwall/iptables.sh flush_ipset_reload > /dev/null 2>&1 &') m:set("@global[0]", "flush_set", "1")
api.uci_save(m.uci, appname, true, true)
luci.http.redirect(api.url("log")) luci.http.redirect(api.url("log"))
end end

13
luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
View File

@ -312,15 +312,18 @@ end
m:append(Template(appname .. "/rule_list/js")) m:append(Template(appname .. "/rule_list/js"))
if sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0 then function m.on_before_save(self)
m:set("@global[0]", "flush_set", "1")
end
if api.is_js_luci() then
function m.on_before_save(self)
api.sh_uci_set(appname, "@global[0]", "flush_set", "1", true)
end
m.apply_on_parse = true m.apply_on_parse = true
function m.on_apply(self) function m.on_apply(self)
luci.sys.call("/etc/init.d/passwall reload > /dev/null 2>&1 &") luci.sys.call("/etc/init.d/passwall reload > /dev/null 2>&1 &")
end end
end end
function m.on_commit(self)
luci.sys.call('[ -n "$(nft list sets 2>/dev/null | grep \"passwall_\")" ] && sh /usr/share/passwall/nftables.sh flush_nftset || sh /usr/share/passwall/iptables.sh flush_ipset > /dev/null 2>&1 &')
end
return m return m

36
luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -1254,15 +1254,6 @@ add_firewall_rule() {
} }
del_firewall_rule() { del_firewall_rule() {
# 10秒内禁止重复运行
local time_file="/tmp/etc/passwall_tmp/del_fw_rule_time"
local current_time=$(date +%s)
if [ -f "$time_file" ]; then
local last_time=$(head -n 1 "$time_file" 2>/dev/null | tr -d ' \t' | grep -E '^[0-9]+$' || echo 0)
[ $((current_time - last_time)) -le 10 ] && return 0
fi
echo "$current_time" > "$time_file"
for ipt in "$ipt_n" "$ipt_m" "$ip6t_n" "$ip6t_m"; do for ipt in "$ipt_n" "$ipt_m" "$ip6t_n" "$ip6t_m"; do
for chain in "PREROUTING" "OUTPUT"; do for chain in "PREROUTING" "OUTPUT"; do
for i in $(seq 1 $($ipt -nL $chain | grep -c PSW)); do for i in $(seq 1 $($ipt -nL $chain | grep -c PSW)); do
@ -1302,25 +1293,16 @@ del_firewall_rule() {
destroy_ipset $IPSET_BLOCK6 destroy_ipset $IPSET_BLOCK6
destroy_ipset $IPSET_WHITE6 destroy_ipset $IPSET_WHITE6
$DIR/app.sh echolog "删除iptables防火墙规则完成。" $DIR/app.sh echolog "删除 iptables 规则完成。"
} }
flush_ipset() { flush_ipset() {
$DIR/app.sh echolog "清空 IPSET。" $DIR/app.sh echolog "清空 IPSet。"
for _name in $(ipset list | grep "Name: " | grep "passwall_" | awk '{print $2}'); do for _name in $(ipset list | grep "Name: " | grep "passwall_" | awk '{print $2}'); do
destroy_ipset ${_name} destroy_ipset ${_name}
done done
} }
flush_ipset_reload() {
del_firewall_rule
flush_ipset
rm -rf /tmp/etc/passwall_tmp/singbox*
rm -rf /tmp/etc/passwall_tmp/smartdns*
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
/etc/init.d/passwall reload
}
flush_include() { flush_include() {
echo '#!/bin/sh' >$FWI echo '#!/bin/sh' >$FWI
} }
@ -1421,6 +1403,14 @@ start() {
stop() { stop() {
del_firewall_rule del_firewall_rule
[ $(config_t_get global flush_set "0") = "1" ] && {
uci -q delete ${CONFIG}.@global[0].flush_set
uci -q commit ${CONFIG}
flush_ipset
rm -rf /tmp/etc/passwall_tmp/singbox*
rm -rf /tmp/etc/passwall_tmp/smartdns*
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
}
flush_include flush_include
} }
@ -1436,12 +1426,6 @@ insert_rule_before)
insert_rule_after) insert_rule_after)
insert_rule_after "$@" insert_rule_after "$@"
;; ;;
flush_ipset)
flush_ipset
;;
flush_ipset_reload)
flush_ipset_reload
;;
get_ipt_bin) get_ipt_bin)
get_ipt_bin get_ipt_bin
;; ;;

37
luci-app-passwall/root/usr/share/passwall/nftables.sh
View File

@ -1300,15 +1300,6 @@ add_firewall_rule() {
} }
del_firewall_rule() { del_firewall_rule() {
# 10秒内禁止重复运行
local time_file="/tmp/etc/passwall_tmp/del_fw_rule_time"
local current_time=$(date +%s)
if [ -f "$time_file" ]; then
local last_time=$(head -n 1 "$time_file" 2>/dev/null | tr -d ' \t' | grep -E '^[0-9]+$' || echo 0)
[ $((current_time - last_time)) -le 10 ] && return 0
fi
echo "$current_time" > "$time_file"
for nft in "dstnat" "srcnat" "nat_output" "mangle_prerouting" "mangle_output"; do for nft in "dstnat" "srcnat" "nat_output" "mangle_prerouting" "mangle_output"; do
local handles=$(nft -a list chain $NFTABLE_NAME ${nft} 2>/dev/null | grep -E "PSW_" | awk -F '# handle ' '{print$2}') local handles=$(nft -a list chain $NFTABLE_NAME ${nft} 2>/dev/null | grep -E "PSW_" | awk -F '# handle ' '{print$2}')
for handle in $handles; do for handle in $handles; do
@ -1349,11 +1340,11 @@ del_firewall_rule() {
destroy_nftset $NFTSET_BLOCK6 destroy_nftset $NFTSET_BLOCK6
destroy_nftset $NFTSET_WHITE6 destroy_nftset $NFTSET_WHITE6
$DIR/app.sh echolog "删除nftables防火墙规则完成。" $DIR/app.sh echolog "删除 nftables 规则完成。"
} }
flush_nftset() { flush_nftset() {
$DIR/app.sh echolog "清空 NFTSET。" $DIR/app.sh echolog "清空 NFTSet。"
for _name in $(nft -a list sets | grep -E "passwall" | awk -F 'set ' '{print $2}' | awk '{print $1}'); do for _name in $(nft -a list sets | grep -E "passwall" | awk -F 'set ' '{print $2}' | awk '{print $1}'); do
destroy_nftset ${_name} destroy_nftset ${_name}
done done
@ -1364,15 +1355,6 @@ flush_table() {
nft delete table $NFTABLE_NAME nft delete table $NFTABLE_NAME
} }
flush_nftset_reload() {
del_firewall_rule
flush_table
rm -rf /tmp/etc/passwall_tmp/singbox*
rm -rf /tmp/etc/passwall_tmp/smartdns*
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
/etc/init.d/passwall reload
}
flush_include() { flush_include() {
echo '#!/bin/sh' >$FWI echo '#!/bin/sh' >$FWI
} }
@ -1424,6 +1406,15 @@ start() {
stop() { stop() {
del_firewall_rule del_firewall_rule
[ $(config_t_get global flush_set "0") = "1" ] && {
uci -q delete ${CONFIG}.@global[0].flush_set
uci -q commit ${CONFIG}
#flush_table
flush_nftset
rm -rf /tmp/etc/passwall_tmp/singbox*
rm -rf /tmp/etc/passwall_tmp/smartdns*
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
}
flush_include flush_include
} }
@ -1439,12 +1430,6 @@ insert_rule_before)
insert_rule_after) insert_rule_after)
insert_rule_after "$@" insert_rule_after "$@"
;; ;;
flush_nftset)
flush_nftset
;;
flush_nftset_reload)
flush_nftset_reload
;;
get_wan_ip) get_wan_ip)
get_wan_ip get_wan_ip
;; ;;

7
luci-app-passwall/root/usr/share/passwall/rule_update.lua
View File

@ -479,10 +479,7 @@ if reboot == 1 then
end end
log("重启服务,应用新的规则。") log("重启服务,应用新的规则。")
if use_nft == "1" then uci:set(name, "@global[0]", "flush_set", "1")
sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &") api.uci_save(uci, name, true, true)
else
sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
end
end end
log("规则更新完毕...") log("规则更新完毕...")

2
patch-luci-app-passwall.patch
View File

@ -20,7 +20,7 @@ index 18cdd8d..44f5958 100644
define Package/$(PKG_NAME)/postrm define Package/$(PKG_NAME)/postrm
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
index 3f6dd8c..952e4c8 100644 index de67f1c..463bdff 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@@ -492,6 +492,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)") @@ -492,6 +492,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)")