diff --git a/luci-app-passwall/luasrc/passwall/api.lua b/luci-app-passwall/luasrc/passwall/api.lua index f80a9f01d..054c4686f 100644 --- a/luci-app-passwall/luasrc/passwall/api.lua +++ b/luci-app-passwall/luasrc/passwall/api.lua @@ -1079,3 +1079,24 @@ function luci_types(id, m, s, type_name, option_prefix) end end end + +function get_std_domain(domain) + domain = trim(domain) + if domain == "" or domain:find("#") then return "" end + -- 删除首尾所有的 . + domain = domain:gsub("^[%.]+", ""):gsub("[%.]+$", "") + -- 如果 domain 包含 '*',则分割并删除包含 '*' 的部分及其前面的部分 + if domain:find("%*") then + local parts = {} + for part in domain:gmatch("[^%.]+") do + table.insert(parts, part) + end + for i = #parts, 1, -1 do + if parts[i]:find("%*") then + -- 删除包含 '*' 的部分及其前面的部分 + return parts[i + 1] and parts[i + 1] .. "." .. table.concat(parts, ".", i + 2) or "" + end + end + end + return domain +end diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh index a41b9858c..49d2ad575 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -546,6 +546,8 @@ run_chinadns_ng() { local _flag _listen_port _dns_local _dns_trust _no_ipv6_trust _use_direct_list _use_proxy_list _gfwlist _chnlist _default_mode _default_tag eval_set_val $@ + lua $APP_PATH/helper_chinadns_add.lua -FLAG $_flag -USE_DIRECT_LIST $_use_direct_list -USE_PROXY_LIST $_use_proxy_list + local _CONF_FILE=$TMP_ACL_PATH/$_flag/chinadns_ng.conf local _LOG_FILE=$TMP_ACL_PATH/$_flag/chinadns_ng.log _LOG_FILE="/dev/null" @@ -579,7 +581,7 @@ run_chinadns_ng() { EOF } - [ "${_use_direct_list}" = "1" ] && [ -s "${RULES_PATH}/direct_host" ] && { + [ "${_use_direct_list}" = "1" ] && [ -s "${TMP_PATH}/direct_host" ] && { local whitelist4_set="passwall_whitelist" local whitelist6_set="passwall_whitelist6" [ "$nftflag" = "1" ] && { @@ -588,13 +590,13 @@ run_chinadns_ng() { } cat <<-EOF >> ${_CONF_FILE} group directlist - group-dnl ${RULES_PATH}/direct_host + group-dnl ${TMP_PATH}/direct_host group-upstream ${_dns_local} group-ipset ${whitelist4_set},${whitelist6_set} EOF } - [ "${_use_proxy_list}" = "1" ] && [ -s "${RULES_PATH}/proxy_host" ] && { + [ "${_use_proxy_list}" = "1" ] && [ -s "${TMP_PATH}/proxy_host" ] && { local blacklist4_set="passwall_blacklist" local blacklist6_set="passwall_blacklist6" [ "$nftflag" = "1" ] && { @@ -603,7 +605,7 @@ run_chinadns_ng() { } cat <<-EOF >> ${_CONF_FILE} group proxylist - group-dnl ${RULES_PATH}/proxy_host + group-dnl ${TMP_PATH}/proxy_host group-upstream ${_dns_trust} group-ipset ${blacklist4_set},${blacklist6_set} EOF diff --git a/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua new file mode 100644 index 000000000..b45ad507b --- /dev/null +++ b/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua @@ -0,0 +1,50 @@ +require 'nixio' +local api = require "luci.passwall.api" +local appname = "passwall" + +local var = api.get_args(arg) +local FLAG = var["-FLAG"] +local USE_DIRECT_LIST = var["-USE_DIRECT_LIST"] +local USE_PROXY_LIST = var["-USE_PROXY_LIST"] + +local TMP_PATH = "/tmp/etc/" .. appname + +if not nixio.fs.access(TMP_PATH) then + nixio.fs.mkdir(TMP_PATH, 493) +end + +local tmp_direct_host = TMP_PATH .. "/direct_host" +if USE_DIRECT_LIST == "1" and not nixio.fs.access(tmp_direct_host) then + local direct_domain = {} + for line in io.lines("/usr/share/passwall/rules/direct_host") do + line = api.get_std_domain(line) + if line ~= "" and not line:find("#") then + table.insert(direct_domain, line) + end + end + if #direct_domain > 0 then + local direct_out = io.open(tmp_direct_host, "a") + for i = 1, #direct_domain do + direct_out:write(direct_domain[i] .. "\n") + end + direct_out:close() + end +end + +local tmp_proxy_host = TMP_PATH .. "/proxy_host" +if USE_PROXY_LIST == "1" and not nixio.fs.access(tmp_proxy_host) then + local proxy_domain = {} + for line in io.lines("/usr/share/passwall/rules/proxy_host") do + line = api.get_std_domain(line) + if line ~= "" and not line:find("#") then + table.insert(proxy_domain, line) + end + end + if #proxy_domain > 0 then + local proxy_out = io.open(tmp_proxy_host, "a") + for i = 1, #proxy_domain do + proxy_out:write(proxy_domain[i] .. "\n") + end + proxy_out:close() + end +end diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua index 52a1f64da..f062657cf 100644 --- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua +++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua @@ -196,6 +196,7 @@ if not fs.access(CACHE_DNS_PATH) then --屏蔽列表 if USE_BLOCK_LIST == "1" then for line in io.lines("/usr/share/passwall/rules/block_host") do + line = api.get_std_domain(line) if line ~= "" and not line:find("#") then set_domain_address(line, "") end @@ -234,6 +235,7 @@ if not fs.access(CACHE_DNS_PATH) then if fwd_dns then --始终用国内DNS解析直连(白名单)列表 for line in io.lines("/usr/share/passwall/rules/direct_host") do + line = api.get_std_domain(line) if line ~= "" and not line:find("#") then add_excluded_domain(line) set_domain_dns(line, fwd_dns) @@ -255,6 +257,7 @@ if not fs.access(CACHE_DNS_PATH) then if fwd_dns then --始终使用远程DNS解析代理(黑名单)列表 for line in io.lines("/usr/share/passwall/rules/proxy_host") do + line = api.get_std_domain(line) if line ~= "" and not line:find("#") then add_excluded_domain(line) local ipset_flag = setflag_4 .. "passwall_blacklist," .. setflag_6 .. "passwall_blacklist6"