From 58326c877033f30888c18f6cea19f25c0d8d3d88 Mon Sep 17 00:00:00 2001 From: actions Date: Sun, 28 Apr 2024 17:00:07 +0800 Subject: [PATCH] luci-app-passwall2: sync upstream last commit: https://github.com/xiaorouji/openwrt-passwall2/commit/6ba43389f626a7ead0a3f80c2d1187b56f4a4363 --- .../luasrc/model/cbi/passwall2/client/type/sing-box.lua | 7 +++++++ luci-app-passwall2/luasrc/passwall2/util_sing-box.lua | 4 ++-- luci-app-passwall2/po/zh-cn/passwall2.po | 6 ++++++ luci-app-passwall2/root/usr/share/passwall2/nftables.sh | 2 ++ 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua index e4c1e161c..887857e9b 100644 --- a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua +++ b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua @@ -477,6 +477,13 @@ if singbox_tags:find("with_wireguard") then o.default = "1420" o:depends({ [option_name("protocol")] = "wireguard" }) + o = s:option(Flag, option_name("wireguard_system_interface"), translate("System interface")) + o.default = 0 + o:depends({ [option_name("protocol")] = "wireguard" }) + + o = s:option(Value, option_name("wireguard_interface_name"), translate("System interface name")) + o:depends({ [option_name("protocol")] = "wireguard" }) + o = s:option(Value, option_name("wireguard_reserved"), translate("Reserved"), translate("Decimal numbers separated by \",\" or Base64-encoded strings.")) o:depends({ [option_name("protocol")] = "wireguard" }) end diff --git a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua index 05f9f8657..66fb3b6ff 100644 --- a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua +++ b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua @@ -277,8 +277,8 @@ function gen_outbound(flag, node, tag, proxy_table) node.wireguard_reserved = #bytes > 0 and bytes or nil end protocol_table = { - system_interface = nil, - interface_name = nil, + system_interface = (node.wireguard_system_interface == "1") and true or false, + interface_name = node.wireguard_interface_name, local_address = node.wireguard_local_address, private_key = node.wireguard_secret_key, peer_public_key = node.wireguard_public_key, diff --git a/luci-app-passwall2/po/zh-cn/passwall2.po b/luci-app-passwall2/po/zh-cn/passwall2.po index fabe10e8e..82446882e 100644 --- a/luci-app-passwall2/po/zh-cn/passwall2.po +++ b/luci-app-passwall2/po/zh-cn/passwall2.po @@ -1084,6 +1084,12 @@ msgstr "额外的对称加密密钥" msgid "Local Address" msgstr "本地地址" +msgid "System interface" +msgstr "系统接口" + +msgid "System interface name" +msgstr "系统接口名称" + msgid "Decimal numbers separated by \",\" or Base64-encoded strings." msgstr "用“,”隔开的十进制数字或 Base64 编码字符串。" diff --git a/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/luci-app-passwall2/root/usr/share/passwall2/nftables.sh index a96fae3eb..7242b7071 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/nftables.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/nftables.sh @@ -710,10 +710,12 @@ add_firewall_rule() { nft "flush chain inet fw4 PSW2_ICMP_REDIRECT" nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip daddr @$NFTSET_LANLIST counter return" nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip daddr @$NFTSET_VPSLIST counter return" + [ "${WRITE_IPSET_DIRECT}" = "1" ] && nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip daddr @$nftset_global_whitelist counter return" [ "$accept_icmpv6" = "1" ] && { nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_LANLIST6 counter return" nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_VPSLIST6 counter return" + [ "${WRITE_IPSET_DIRECT}" = "1" ] && nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip6 daddr @$nftset_global_whitelist6 counter return" } nft "add rule inet fw4 dstnat meta l4proto {icmp,icmpv6} counter jump PSW2_ICMP_REDIRECT"