luci-app-passwall: sync upstream

last commit: 828938be2c

luci-app-passwall/root/usr/share/passwall/app.sh

@@ -1596,7 +1596,9 @@ start_dns() {
 		[ "1" = "0" ] && {
 			DIRECT_DNSMASQ_PORT=$(get_new_port 11400)
 			DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf
-			lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF}
+			DIRECT_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/direct_dnsmasq.d
+			mkdir -p ${DIRECT_DNSMASQ_CONF_PATH}
+			lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} -TMP_DNSMASQ_PATH ${DIRECT_DNSMASQ_CONF_PATH}
 			ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid
 			echo "${DIRECT_DNSMASQ_PORT}" > ${GLOBAL_ACL_PATH}/direct_dnsmasq_port
 		}
@@ -2123,19 +2125,17 @@ LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}"
 IPT_APPEND_DNS=${LOCAL_DNS}
 
 DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
-TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
 DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
 if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
 	DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
 	if [ -n "$DNSMASQ_CONF_DIR" ]; then
 		DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
-		TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
 	else
 		DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
 	fi
 fi
 GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
-GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH}
+GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d
 
 DNS_QUERY_STRATEGY="UseIP"
 [ "$FILTER_PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIPv4"

luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua

@@ -117,6 +117,7 @@ end
 
 function copy_instance(var)
 	local LISTEN_PORT = var["-LISTEN_PORT"]
+	local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"]
 	local conf_lines = {}
 	local DEFAULT_DNSMASQ_CFGID = sys.exec("echo -n $(uci -q show dhcp.@dnsmasq[0] | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')")
 	for line in io.lines("/tmp/etc/dnsmasq.conf." .. DEFAULT_DNSMASQ_CFGID) do
@@ -126,19 +127,30 @@ function copy_instance(var)
 		if line:find("dhcp") then filter = true end
 		if line:find("server=") == 1 then filter = true end
 		if line:find("port=") == 1 then filter = true end
+		if line:find("conf%-dir=") == 1 then
+			filter = true
+			if TMP_DNSMASQ_PATH then
+				local tmp_path = line:sub(1 + #"conf-dir=")
+				sys.call(string.format("cp -r %s/* %s/ 2>/dev/null", tmp_path, TMP_DNSMASQ_PATH))
+			end
+		end
 		if line:find("address=") == 1 or (line:find("server=") == 1 and line:find("/")) then filter = nil end
 		if not filter then
 			tinsert(conf_lines, line)
 		end
 	end
 	tinsert(conf_lines, "port=" .. LISTEN_PORT)
-	if var["-return_table"] == "1" then
+	if TMP_DNSMASQ_PATH then
+		sys.call("rm -rf " .. TMP_DNSMASQ_PATH .. "/*passwall*")
+	end
+	if var["-return"] == "1" then
 		return conf_lines
 	end
 	if #conf_lines > 0 then
 		local DNSMASQ_CONF = var["-DNSMASQ_CONF"]
 		local conf_out = io.open(DNSMASQ_CONF, "a")
 		conf_out:write(table.concat(conf_lines, "\n"))
+		conf_out:write("\n")
 		conf_out:close()
 	end
 end
@@ -617,7 +629,7 @@ function add_rule(var)
 		local conf_lines = {}
 		if LISTEN_PORT then
 			--Copy dnsmasq instance
-			conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-return_table"] = "1"})
+			conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-TMP_DNSMASQ_PATH"] = TMP_DNSMASQ_PATH, ["-return"] = "1"})
 		else
 			--Modify the default dnsmasq service
 		end
@@ -642,6 +654,7 @@ function add_rule(var)
 		if #conf_lines > 0 then
 			local conf_out = io.open(DNSMASQ_CONF_FILE, "a")
 			conf_out:write(table.concat(conf_lines, "\n"))
+			conf_out:write("\n")
 			conf_out:close()
 		end
 	end

patch-luci-app-passwall.patch

@@ -175,7 +175,7 @@ index 551c824..2a6a814 100644
  config global_forwarding
  	option tcp_no_redir_ports 'disable'
 diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh
-index f5d7466..fb3f64d 100755
+index 7529308..e66dae2 100755
 --- a/luci-app-passwall/root/usr/share/passwall/app.sh
 +++ b/luci-app-passwall/root/usr/share/passwall/app.sh
 @@ -1589,9 +1589,7 @@ start_dns() {
@@ -188,7 +188,7 @@ index f5d7466..fb3f64d 100755
  	if [ "${RUN_NEW_DNSMASQ}" == "0" ]; then
  		#The old logic will be removed in the future.
  		#Run a copy dnsmasq instance, DNS hijack that don't need a proxy devices.
-@@ -1607,7 +1605,7 @@ start_dns() {
+@@ -1609,7 +1607,7 @@ start_dns() {
  		#Modify the default dnsmasq service
  		lua $APP_PATH/helper_dnsmasq.lua stretch
  		lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \
@@ -197,7 +197,7 @@ index f5d7466..fb3f64d 100755
  			-REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \
  			-USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \
  			-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
-@@ -1619,7 +1617,7 @@ start_dns() {
+@@ -1621,7 +1619,7 @@ start_dns() {
  		GLOBAL_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/dnsmasq.conf
  		GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d
  		lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \
@@ -206,7 +206,7 @@ index f5d7466..fb3f64d 100755
  			-REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \
  			-USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \
  			-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
-@@ -1686,7 +1684,8 @@ acl_app() {
+@@ -1688,7 +1686,8 @@ acl_app() {
  		socks_port=11100
  		redir_port=11200
  		dns_port=11300
@@ -216,7 +216,7 @@ index f5d7466..fb3f64d 100755
  		chinadns_port=11500
  		for item in $items; do
  			sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
-@@ -1750,6 +1749,7 @@ acl_app() {
+@@ -1752,6 +1751,7 @@ acl_app() {
  
  			[ -n "$tcp_node" ] && {
  				local GLOBAL_TCP_NODE=$(get_cache_var "ACL_GLOBAL_TCP_node")
@@ -224,7 +224,7 @@ index f5d7466..fb3f64d 100755
  				[ -n "${GLOBAL_TCP_NODE}" ] && GLOBAL_TCP_redir_port=$(get_cache_var "ACL_GLOBAL_TCP_redir_port")
  				if [ "$tcp_node" = "default" ]; then
  					if [ -n "${GLOBAL_TCP_NODE}" ]; then
-@@ -2001,10 +2001,8 @@ start() {
+@@ -2003,10 +2003,8 @@ start() {
  
  	if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then
  		[ "$(uci -q get dhcp.@dnsmasq[0].dns_redirect)" == "1" ] && {
@@ -237,7 +237,7 @@ index f5d7466..fb3f64d 100755
  			/etc/init.d/dnsmasq restart >/dev/null 2>&1
  		}
  	fi
-@@ -2046,23 +2044,11 @@ stop() {
+@@ -2048,23 +2046,11 @@ stop() {
  	source $APP_PATH/helper_smartdns.sh del
  	rm -rf $GLOBAL_DNSMASQ_CONF
  	rm -rf $GLOBAL_DNSMASQ_CONF_PATH
@@ -266,7 +266,7 @@ index f5d7466..fb3f64d 100755
  	rm -rf $TMP_PATH
  	rm -rf /tmp/lock/${CONFIG}_socks_auto_switch*
  	echolog "清空并关闭相关程序和缓存完成。"
-@@ -2121,7 +2107,6 @@ DNS_CACHE=0
+@@ -2123,7 +2109,6 @@ DNS_CACHE=0
  REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
  USE_DEFAULT_DNS=$(config_t_get global use_default_dns direct)
  FILTER_PROXY_IPV6=$(config_t_get global filter_proxy_ipv6 0)