luci: fix bugs
This commit is contained in:
xiaorouji
sbwml
parent
1387756d51
commit
80cff6eea2
@ -1206,7 +1206,7 @@ function gen_config(var)
|
|||||||
if node.iface then
|
if node.iface then
|
||||||
outbound = {
|
outbound = {
|
||||||
type = "direct",
|
type = "direct",
|
||||||
tag = "outbound",
|
tag = node_id,
|
||||||
bind_interface = node.iface,
|
bind_interface = node.iface,
|
||||||
routing_mark = 255,
|
routing_mark = 255,
|
||||||
}
|
}
|
||||||
@ -1241,9 +1241,8 @@ function gen_config(var)
|
|||||||
if outbound then
|
if outbound then
|
||||||
default_outTag = outbound.tag
|
default_outTag = outbound.tag
|
||||||
table.insert(outbounds, outbound)
|
table.insert(outbounds, outbound)
|
||||||
|
route.final = default_outTag
|
||||||
end
|
end
|
||||||
|
|
||||||
route.final = node_id
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@ -9,6 +9,10 @@ config global
|
|||||||
option dns_mode 'dns2tcp'
|
option dns_mode 'dns2tcp'
|
||||||
option remote_dns '1.1.1.1'
|
option remote_dns '1.1.1.1'
|
||||||
option use_default_dns 'direct'
|
option use_default_dns 'direct'
|
||||||
|
option use_direct_list '1'
|
||||||
|
option use_proxy_list '1'
|
||||||
|
option use_block_list '1'
|
||||||
|
option use_gfw_list '1'
|
||||||
option chn_list 'direct'
|
option chn_list 'direct'
|
||||||
option tcp_proxy_mode 'proxy'
|
option tcp_proxy_mode 'proxy'
|
||||||
option udp_proxy_mode 'proxy'
|
option udp_proxy_mode 'proxy'
|
||||||
|
|||||||
@ -1277,7 +1277,7 @@ start_dns() {
|
|||||||
lua $APP_PATH/helper_dnsmasq_add.lua -FLAG "default" -TMP_DNSMASQ_PATH ${TMP_DNSMASQ_PATH} \
|
lua $APP_PATH/helper_dnsmasq_add.lua -FLAG "default" -TMP_DNSMASQ_PATH ${TMP_DNSMASQ_PATH} \
|
||||||
-DNSMASQ_CONF_FILE "/tmp/dnsmasq.d/dnsmasq-passwall.conf" -DEFAULT_DNS ${DEFAULT_DNS} -LOCAL_DNS ${LOCAL_DNS} \
|
-DNSMASQ_CONF_FILE "/tmp/dnsmasq.d/dnsmasq-passwall.conf" -DEFAULT_DNS ${DEFAULT_DNS} -LOCAL_DNS ${LOCAL_DNS} \
|
||||||
-TUN_DNS ${TUN_DNS} -REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \
|
-TUN_DNS ${TUN_DNS} -REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \
|
||||||
-USE_DIRECT_LIST "${USE_BLOCK_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \
|
-USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \
|
||||||
-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE "${TCP_PROXY_MODE}" -NO_PROXY_IPV6 ${FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
|
-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE "${TCP_PROXY_MODE}" -NO_PROXY_IPV6 ${FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
|
||||||
-NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
|
-NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -325,7 +325,7 @@ load_acl() {
|
|||||||
|
|
||||||
[ "$tcp_no_redir_ports" != "disable" ] && {
|
[ "$tcp_no_redir_ports" != "disable" ] && {
|
||||||
nft "add rule inet fw4 $nft_prerouting_chain ${_ipt_source} ip protocol tcp $(factor $tcp_no_redir_ports "tcp dport") counter return comment \"$remarks\""
|
nft "add rule inet fw4 $nft_prerouting_chain ${_ipt_source} ip protocol tcp $(factor $tcp_no_redir_ports "tcp dport") counter return comment \"$remarks\""
|
||||||
nft "add rule inet fw4 PSW_MANGLE_V6 comment ${_ipt_source} meta l4proto tcp tcp dport {$tcp_no_redir_ports} counter return comment \"$remarks\""
|
nft "add rule inet fw4 PSW_MANGLE_V6 ${_ipt_source} meta l4proto tcp $(factor $tcp_no_redir_ports "tcp dport") counter return comment \"$remarks\""
|
||||||
msg2="${msg2}[$?]除${tcp_no_redir_ports}外的"
|
msg2="${msg2}[$?]除${tcp_no_redir_ports}外的"
|
||||||
}
|
}
|
||||||
msg2="${msg2}所有端口"
|
msg2="${msg2}所有端口"
|
||||||
@ -988,10 +988,10 @@ add_firewall_rule() {
|
|||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
if [ -z "${is_tproxy}" ]; then
|
if [ -z "${is_tproxy}" ]; then
|
||||||
nft add rule inet fw4 PSW_OUTPUT_NAT ip protocol tcp ip daddr ${2} tcp dport ${3} $(REDIRECT $TCP_REDIR_PORT)
|
nft insert rule inet fw4 PSW_OUTPUT_NAT ip protocol tcp ip daddr ${2} tcp dport ${3} $(REDIRECT $TCP_REDIR_PORT)
|
||||||
else
|
else
|
||||||
nft add rule inet fw4 PSW_OUTPUT_MANGLE ip protocol tcp ip daddr ${2} tcp dport ${3} counter jump PSW_RULE
|
nft insert rule inet fw4 PSW_OUTPUT_MANGLE ip protocol tcp ip daddr ${2} tcp dport ${3} counter jump PSW_RULE
|
||||||
nft add rule inet fw4 PSW_MANGLE iif lo tcp dport ${3} ip daddr ${2} $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\"
|
nft insert rule inet fw4 PSW_MANGLE iif lo tcp dport ${3} ip daddr ${2} $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\"
|
||||||
fi
|
fi
|
||||||
echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 TCP 转发链"
|
echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 TCP 转发链"
|
||||||
}
|
}
|
||||||
@ -1068,8 +1068,8 @@ add_firewall_rule() {
|
|||||||
echolog " - 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 UDP 代理转发对该服务器 UDP/${3} 端口的访问"
|
echolog " - 上游 DNS 服务器 ${2} 已在直接访问的列表中,不强制向 UDP 代理转发对该服务器 UDP/${3} 端口的访问"
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
nft "add rule inet fw4 PSW_OUTPUT_MANGLE ip protocol udp ip daddr ${2} udp dport ${3} counter jump PSW_RULE"
|
nft "insert rule inet fw4 PSW_OUTPUT_MANGLE ip protocol udp ip daddr ${2} udp dport ${3} counter jump PSW_RULE"
|
||||||
nft "add rule inet fw4 PSW_MANGLE iif lo meta l4proto udp ip daddr ${2} $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\""
|
nft "insert rule inet fw4 PSW_MANGLE iif lo meta l4proto udp ip daddr ${2} $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\""
|
||||||
echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链"
|
echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链"
|
||||||
}
|
}
|
||||||
[ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
|
[ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user