diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh index fb3f64db4..e66dae249 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1596,7 +1596,9 @@ start_dns() { [ "1" = "0" ] && { DIRECT_DNSMASQ_PORT=$(get_new_port 11400) DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf - lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} + DIRECT_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/direct_dnsmasq.d + mkdir -p ${DIRECT_DNSMASQ_CONF_PATH} + lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} -TMP_DNSMASQ_PATH ${DIRECT_DNSMASQ_CONF_PATH} ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid echo "${DIRECT_DNSMASQ_PORT}" > ${GLOBAL_ACL_PATH}/direct_dnsmasq_port } @@ -2123,19 +2125,17 @@ LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}" IPT_APPEND_DNS=${LOCAL_DNS} DNSMASQ_CONF_DIR=/tmp/dnsmasq.d -TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')" if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")" if [ -n "$DNSMASQ_CONF_DIR" ]; then DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/} - TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} else DNSMASQ_CONF_DIR="/tmp/dnsmasq.d" fi fi GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf -GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH} +GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d DNS_QUERY_STRATEGY="UseIP" [ "$FILTER_PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIPv4" diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua index 143d331c0..990c90396 100644 --- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua +++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua @@ -117,6 +117,7 @@ end function copy_instance(var) local LISTEN_PORT = var["-LISTEN_PORT"] + local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"] local conf_lines = {} local DEFAULT_DNSMASQ_CFGID = sys.exec("echo -n $(uci -q show dhcp.@dnsmasq[0] | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')") for line in io.lines("/tmp/etc/dnsmasq.conf." .. DEFAULT_DNSMASQ_CFGID) do @@ -126,19 +127,30 @@ function copy_instance(var) if line:find("dhcp") then filter = true end if line:find("server=") == 1 then filter = true end if line:find("port=") == 1 then filter = true end + if line:find("conf%-dir=") == 1 then + filter = true + if TMP_DNSMASQ_PATH then + local tmp_path = line:sub(1 + #"conf-dir=") + sys.call(string.format("cp -r %s/* %s/ 2>/dev/null", tmp_path, TMP_DNSMASQ_PATH)) + end + end if line:find("address=") == 1 or (line:find("server=") == 1 and line:find("/")) then filter = nil end if not filter then tinsert(conf_lines, line) end end tinsert(conf_lines, "port=" .. LISTEN_PORT) - if var["-return_table"] == "1" then + if TMP_DNSMASQ_PATH then + sys.call("rm -rf " .. TMP_DNSMASQ_PATH .. "/*passwall*") + end + if var["-return"] == "1" then return conf_lines end if #conf_lines > 0 then local DNSMASQ_CONF = var["-DNSMASQ_CONF"] local conf_out = io.open(DNSMASQ_CONF, "a") conf_out:write(table.concat(conf_lines, "\n")) + conf_out:write("\n") conf_out:close() end end @@ -617,7 +629,7 @@ function add_rule(var) local conf_lines = {} if LISTEN_PORT then --Copy dnsmasq instance - conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-return_table"] = "1"}) + conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-TMP_DNSMASQ_PATH"] = TMP_DNSMASQ_PATH, ["-return"] = "1"}) else --Modify the default dnsmasq service end @@ -642,6 +654,7 @@ function add_rule(var) if #conf_lines > 0 then local conf_out = io.open(DNSMASQ_CONF_FILE, "a") conf_out:write(table.concat(conf_lines, "\n")) + conf_out:write("\n") conf_out:close() end end diff --git a/patch-luci-app-passwall.patch b/patch-luci-app-passwall.patch index 84f7751f0..f04ea75e9 100644 --- a/patch-luci-app-passwall.patch +++ b/patch-luci-app-passwall.patch @@ -175,7 +175,7 @@ index 551c824..2a6a814 100644 config global_forwarding option tcp_no_redir_ports 'disable' diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh -index f5d7466..fb3f64d 100755 +index 7529308..e66dae2 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1589,9 +1589,7 @@ start_dns() { @@ -188,7 +188,7 @@ index f5d7466..fb3f64d 100755 if [ "${RUN_NEW_DNSMASQ}" == "0" ]; then #The old logic will be removed in the future. #Run a copy dnsmasq instance, DNS hijack that don't need a proxy devices. -@@ -1607,7 +1605,7 @@ start_dns() { +@@ -1609,7 +1607,7 @@ start_dns() { #Modify the default dnsmasq service lua $APP_PATH/helper_dnsmasq.lua stretch lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \ @@ -197,7 +197,7 @@ index f5d7466..fb3f64d 100755 -REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \ -USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \ -TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \ -@@ -1619,7 +1617,7 @@ start_dns() { +@@ -1621,7 +1619,7 @@ start_dns() { GLOBAL_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/dnsmasq.conf GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \ @@ -206,7 +206,7 @@ index f5d7466..fb3f64d 100755 -REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \ -USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \ -TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \ -@@ -1686,7 +1684,8 @@ acl_app() { +@@ -1688,7 +1686,8 @@ acl_app() { socks_port=11100 redir_port=11200 dns_port=11300 @@ -216,7 +216,7 @@ index f5d7466..fb3f64d 100755 chinadns_port=11500 for item in $items; do sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}') -@@ -1750,6 +1749,7 @@ acl_app() { +@@ -1752,6 +1751,7 @@ acl_app() { [ -n "$tcp_node" ] && { local GLOBAL_TCP_NODE=$(get_cache_var "ACL_GLOBAL_TCP_node") @@ -224,7 +224,7 @@ index f5d7466..fb3f64d 100755 [ -n "${GLOBAL_TCP_NODE}" ] && GLOBAL_TCP_redir_port=$(get_cache_var "ACL_GLOBAL_TCP_redir_port") if [ "$tcp_node" = "default" ]; then if [ -n "${GLOBAL_TCP_NODE}" ]; then -@@ -2001,10 +2001,8 @@ start() { +@@ -2003,10 +2003,8 @@ start() { if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then [ "$(uci -q get dhcp.@dnsmasq[0].dns_redirect)" == "1" ] && { @@ -237,7 +237,7 @@ index f5d7466..fb3f64d 100755 /etc/init.d/dnsmasq restart >/dev/null 2>&1 } fi -@@ -2046,23 +2044,11 @@ stop() { +@@ -2048,23 +2046,11 @@ stop() { source $APP_PATH/helper_smartdns.sh del rm -rf $GLOBAL_DNSMASQ_CONF rm -rf $GLOBAL_DNSMASQ_CONF_PATH @@ -266,7 +266,7 @@ index f5d7466..fb3f64d 100755 rm -rf $TMP_PATH rm -rf /tmp/lock/${CONFIG}_socks_auto_switch* echolog "清空并关闭相关程序和缓存完成。" -@@ -2121,7 +2107,6 @@ DNS_CACHE=0 +@@ -2123,7 +2109,6 @@ DNS_CACHE=0 REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g') USE_DEFAULT_DNS=$(config_t_get global use_default_dns direct) FILTER_PROXY_IPV6=$(config_t_get global filter_proxy_ipv6 0)