zhao/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-passwall: sync upstream

Browse Source 
last commit: b2bd36ea2d
This commit is contained in:
gitea-action 2025-05-03 16:30:23 +08:00
parent 04af12378c
commit 8919e81827
2 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -1412,7 +1412,7 @@ start_dns() {
[ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && {
LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}" LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
local china_ng_c_dns="tcp://$(get_first_dns DIRECT_DNS 53 | sed 's/:/#/g')" local china_ng_c_dns="tcp://$(get_first_dns DIRECT_DNS 53 | sed 's/:/#/g')"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${china_ng_c_dns} -d chn ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${NEXT_DNS_LISTEN_PORT} -c ${china_ng_c_dns} -d chn
echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${china_ng_c_dns}" echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${china_ng_c_dns}"
echolog " * 请确保上游直连 DNS 支持 TCP 查询。" echolog " * 请确保上游直连 DNS 支持 TCP 查询。"
NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1) NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
@ -1427,7 +1427,7 @@ start_dns() {
#当全局包括访问控制节点开启chinadns-ng时不启动新进程。 #当全局包括访问控制节点开启chinadns-ng时不启动新进程。
[ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && {
LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}" LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${DIRECT_DNS} -d chn ${cert_verify} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${NEXT_DNS_LISTEN_PORT} -c ${DIRECT_DNS} -d chn ${cert_verify}
echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}" echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}"
echolog " * 请确保上游直连 DNS 支持 DoT 查询。" echolog " * 请确保上游直连 DNS 支持 DoT 查询。"
NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1) NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
@ -1550,7 +1550,7 @@ start_dns() {
REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}" REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}"
[ "$DNS_SHUNT" != "chinadns-ng" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N" [ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ${cert_verify} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ${cert_verify}
echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}"
} }
else else
@ -1560,7 +1560,7 @@ start_dns() {
local china_ng_trust_dns="tcp://${REMOTE_DNS}" local china_ng_trust_dns="tcp://${REMOTE_DNS}"
[ "$DNS_SHUNT" != "chinadns-ng" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N" [ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust}
echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}"
} }
fi fi
@ -1572,7 +1572,7 @@ start_dns() {
if [ "$DNS_SHUNT" != "chinadns-ng" ] && [ "$FILTER_PROXY_IPV6" = "1" ]; then if [ "$DNS_SHUNT" != "chinadns-ng" ] && [ "$FILTER_PROXY_IPV6" = "1" ]; then
DNSMASQ_FILTER_PROXY_IPV6=0 DNSMASQ_FILTER_PROXY_IPV6=0
local no_ipv6_trust="-N" local no_ipv6_trust="-N"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust}
echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}"
else else
TUN_DNS="$(echo ${REMOTE_DNS} | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')" TUN_DNS="$(echo ${REMOTE_DNS} | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')"
@ -1585,7 +1585,7 @@ start_dns() {
local china_ng_trust_dns="tcp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')" local china_ng_trust_dns="tcp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')"
[ "$DNS_SHUNT" != "chinadns-ng" ] && { [ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N" [ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust} ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b :: -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw ${no_ipv6_trust}
echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}"
} }
;; ;;
@ -1635,6 +1635,8 @@ start_dns() {
echolog " - ChinaDNS-NG(${china_ng_listen})直连DNS${china_ng_local_dns}可信DNS${china_ng_trust_dns}" echolog " - ChinaDNS-NG(${china_ng_listen})直连DNS${china_ng_local_dns}可信DNS${china_ng_trust_dns}"
china_ng_listen="${china_ng_listen},::1#${china_ng_listen_port}"
run_chinadns_ng \ run_chinadns_ng \
_flag="default" \ _flag="default" \
_listen_port=${china_ng_listen_port} \ _listen_port=${china_ng_listen_port} \
@ -1876,7 +1878,7 @@ acl_app() {
[ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0 [ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0
chinadns_port=$(expr $chinadns_port + 1) chinadns_port=$(expr $chinadns_port + 1)
_china_ng_listen="127.0.0.1#${chinadns_port}" _china_ng_listen="127.0.0.1#${chinadns_port},::1#${chinadns_port}"
_chinadns_local_dns=$(IFS=','; set -- $LOCAL_DNS; [ "${1%%[#:]*}" = "127.0.0.1" ] && echo "$1" || ([ -n "$2" ] && echo "$1,$2" || echo "$1")) _chinadns_local_dns=$(IFS=','; set -- $LOCAL_DNS; [ "${1%%[#:]*}" = "127.0.0.1" ] && echo "$1" || ([ -n "$2" ] && echo "$1,$2" || echo "$1"))
_direct_dns_mode=$(config_t_get global direct_dns_mode "auto") _direct_dns_mode=$(config_t_get global direct_dns_mode "auto")

2
luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
View File

@ -108,7 +108,7 @@ local only_global = (DEFAULT_MODE == "proxy" and CHNLIST == "0" and GFWLIST == "
config_lines = { config_lines = {
LOG_FILE ~= "/dev/null" and "verbose" or "", LOG_FILE ~= "/dev/null" and "verbose" or "",
"bind-addr 127.0.0.1", "bind-addr ::",
"bind-port " .. LISTEN_PORT, "bind-port " .. LISTEN_PORT,
"china-dns " .. DNS_LOCAL, "china-dns " .. DNS_LOCAL,
"trust-dns " .. DNS_TRUST, "trust-dns " .. DNS_TRUST,