zhao/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-passwall: sync upstream

Browse Source 
last commit: bc93d57628
This commit is contained in:
gitea-action 2025-04-18 18:01:43 +08:00
parent 0afc869158
commit 741691df89
3 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
View File

@ -612,8 +612,8 @@ end
o = s:taboption("DNS", Flag, "chinadns_ng_cert_verify", translate("DoT Cert verify"), translate("Verify DoT SSL cert. (May fail on some platforms!)")) o = s:taboption("DNS", Flag, "chinadns_ng_cert_verify", translate("DoT Cert verify"), translate("Verify DoT SSL cert. (May fail on some platforms!)"))
o.default = "0" o.default = "0"
o:depends({dns_shunt = "chinadns-ng", direct_dns_mode = "dot"}) o:depends({direct_dns_mode = "dot"})
o:depends({dns_shunt = "chinadns-ng", dns_mode = "dot"}) o:depends({dns_mode = "dot"})
o = s:taboption("DNS", Flag, "dns_redirect", translate("DNS Redirect"), translate("Force special DNS server to need proxy devices.")) o = s:taboption("DNS", Flag, "dns_redirect", translate("DNS Redirect"), translate("Force special DNS server to need proxy devices."))
o.default = "0" o.default = "0"

6
luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -1421,12 +1421,13 @@ start_dns() {
dot) dot)
if [ "$chinadns_tls" != "nil" ]; then if [ "$chinadns_tls" != "nil" ]; then
local DIRECT_DNS=$(config_t_get global direct_dns_dot "tls://dot.pub@1.12.12.12") local DIRECT_DNS=$(config_t_get global direct_dns_dot "tls://dot.pub@1.12.12.12")
local cert_verify=$([ "$(config_t_get global chinadns_ng_cert_verify 0)" = "1" ] && echo "--cert-verify")
china_ng_local_dns=${DIRECT_DNS} china_ng_local_dns=${DIRECT_DNS}
#当全局包括访问控制节点开启chinadns-ng时不启动新进程。 #当全局包括访问控制节点开启chinadns-ng时不启动新进程。
[ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && {
LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}" LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${DIRECT_DNS} -d chn ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${DIRECT_DNS} -d chn ${cert_verify}
echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}" echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}"
echolog " * 请确保上游直连 DNS 支持 DoT 查询。" echolog " * 请确保上游直连 DNS 支持 DoT 查询。"
NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1) NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
@ -1543,12 +1544,13 @@ start_dns() {
if [ "$chinadns_tls" != "nil" ]; then if [ "$chinadns_tls" != "nil" ]; then
local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT} local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT}
local china_ng_trust_dns=$(config_t_get global remote_dns_dot "tls://one.one.one.one@1.1.1.1") local china_ng_trust_dns=$(config_t_get global remote_dns_dot "tls://one.one.one.one@1.1.1.1")
local cert_verify=$([ "$(config_t_get global chinadns_ng_cert_verify 0)" = "1" ] && echo "--cert-verify")
local tmp_dot_ip=$(echo "$china_ng_trust_dns" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p') local tmp_dot_ip=$(echo "$china_ng_trust_dns" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p')
local tmp_dot_port=$(echo "$china_ng_trust_dns" | sed -n 's/.*#\([0-9]\+\).*/\1/p') local tmp_dot_port=$(echo "$china_ng_trust_dns" | sed -n 's/.*#\([0-9]\+\).*/\1/p')
REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}" REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}"
[ "$DNS_SHUNT" != "chinadns-ng" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N" [ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ${cert_verify}
echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}"
} }
else else

6
patch-luci-app-passwall.patch
View File

@ -20,7 +20,7 @@ index 485b59c..6d2ddf4 100644
define Package/$(PKG_NAME)/postrm define Package/$(PKG_NAME)/postrm
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
index 7aae40f..7e1353c 100644 index 9672c44..5d01c8f 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@@ -506,6 +506,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)") @@ -506,6 +506,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)")
@ -36,8 +36,8 @@ index 7aae40f..7e1353c 100644
o:depends({dns_mode = "dns2socks"}) o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "tcp"}) o:depends({dns_mode = "tcp"})
o:depends({dns_mode = "udp"}) o:depends({dns_mode = "udp"})
@@ -610,7 +616,7 @@ o:depends({dns_shunt = "chinadns-ng", direct_dns_mode = "dot"}) @@ -610,7 +616,7 @@ o:depends({direct_dns_mode = "dot"})
o:depends({dns_shunt = "chinadns-ng", dns_mode = "dot"}) o:depends({dns_mode = "dot"})
o = s:taboption("DNS", Flag, "dns_redirect", translate("DNS Redirect"), translate("Force special DNS server to need proxy devices.")) o = s:taboption("DNS", Flag, "dns_redirect", translate("DNS Redirect"), translate("Force special DNS server to need proxy devices."))
-o.default = "1" -o.default = "1"