luci-app-passwall: sync upstream

last commit: 4dbb164492
2024-07-18 01:00:07 +08:00 · 2024-07-18 01:00:07 +08:00 · 9ed9b3c51f
commit 9ed9b3c51f
parent e2c5b48222
12 changed files with 7981 additions and 1998 deletions
--- a/luci-app-passwall/Makefile
+++ b/luci-app-passwall/Makefile
@ -6,7 +6,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=luci-app-passwall
-PKG_VERSION:=4.77-6
+PKG_VERSION:=4.78-1
 PKG_RELEASE:=

 PKG_CONFIG_DEPENDS:= \
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@ -266,6 +266,20 @@ dns_shunt = s:taboption("DNS", ListValue, "dns_shunt", "DNS " .. translate("Shun
 dns_shunt:value("dnsmasq", "Dnsmasq")
 dns_shunt:value("chinadns-ng", "Dnsmasq + ChinaDNS-NG")

+o = s:taboption("DNS", Value, "direct_dns", translate("Direct DNS"))
+o.datatype = "or(ipaddr,ipaddrport)"
+o.default = ""
+o:value("", translate("Auto"))
+o:value("223.5.5.5")
+o:value("223.6.6.6")
+o:value("114.114.114.114")
+o:value("119.29.29.29")
+o:value("180.76.76.76")
+o:value("1.12.12.12")
+o:value("120.53.53.53")
+o:depends({dns_shunt = "dnsmasq"})
+o:depends({dns_shunt = "chinadns-ng"})
+
 o = s:taboption("DNS", Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
 o.default = "0"

--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua
@ -47,6 +47,7 @@ o:depends("balancing_enable", true)

 o = s:option(Flag, "bind_local", translate("Haproxy Port") .. " " .. translate("Bind Local"), translate("When selected, it can only be accessed localhost."))
 o.default = "0"
+o:depends("balancing_enable", true)

 ---- Health Check Type
 o = s:option(ListValue, "health_check_type", translate("Health Check Type"))
--- a/luci-app-passwall/luasrc/passwall/util_sing-box.lua
+++ b/luci-app-passwall/luasrc/passwall/util_sing-box.lua
@ -1167,8 +1167,7 @@ function gen_config(var)
 							elseif w:find("full:") == 1 then
 								table.insert(domain_table.domain, w:sub(1 + #"full:"))
 							elseif w:find("domain:") == 1 then
-								table.insert(domain_table.domain, w:sub(1 + #"domain:"))
-								table.insert(domain_table.domain_suffix, "." .. w:sub(1 + #"domain:"))
+								table.insert(domain_table.domain_suffix, w:sub(1 + #"domain:"))
 							else
 								table.insert(domain_table.domain_keyword, w)
 							end
--- a/luci-app-passwall/root/etc/init.d/passwall
+++ b/luci-app-passwall/root/etc/init.d/passwall
@ -32,7 +32,7 @@ unlock() {
 	done
 }

-boot() {
+boot_func() {
 	local delay=$(uci -q get ${CONFIG}.@global_delay[0].start_delay || echo 1)
 	if [ "$delay" -gt 0 ]; then
 		$APP_FILE echolog "执行启动延时 $delay 秒后再启动!"
@ -42,6 +42,10 @@ boot() {
 	touch ${LOCK_FILE_DIR}/${CONFIG}_ready.lock
 }

+boot() {
+	boot_func >/dev/null 2>&1 &
+}
+
 start() {
 	set_lock
 	[ $? == 1 ] && $APP_FILE echolog "脚本已经在运行，不重复运行，退出." && exit 0
--- a/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/luci-app-passwall/root/usr/share/passwall/app.sh
@ -330,7 +330,7 @@ run_ipt2socks() {

 run_singbox() {
 	local flag type node tcp_redir_port udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
-	local dns_listen_port direct_dns_port direct_dns_udp_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
+	local dns_listen_port direct_dns_port direct_dns_udp_server direct_dns_tcp_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
 	local loglevel log_file config_file server_host server_port
 	local _extra_param=""
 	eval_set_val $@
@ -371,11 +371,16 @@ run_singbox() {
 	[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
 	[ -n "$dns_cache" ] && _extra_param="${_extra_param} -dns_cache ${dns_cache}"

-	local local_dns=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n1) | tr " " ",")
-	[ -z "$direct_dns_udp_server" ] && direct_dns_udp_server=$(echo ${local_dns} | awk -F '#' '{print $1}')
-	[ -z "$direct_dns_port" ] && direct_dns_port=$(echo ${local_dns} | awk -F '#' '{print $2}')
+	[ -n "$direct_dns_udp_server" ] && direct_dns_port=$(echo ${direct_dns_udp_server} | awk -F '#' '{print $2}')
+	[ -n "$direct_dns_tcp_server" ] && direct_dns_port=$(echo ${direct_dns_tcp_server} | awk -F '#' '{print $2}')
+	[ -z "$direct_dns_udp_server" ] && [ -z "$direct_dns_tcp_server" ] && {
+		local local_dns=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n1) | tr " " ",")
+		direct_dns_udp_server=$(echo ${local_dns} | awk -F '#' '{print $1}')
+		direct_dns_port=$(echo ${local_dns} | awk -F '#' '{print $2}')
+	}
 	[ -z "$direct_dns_port" ] && direct_dns_port=53
 	[ -n "$direct_dns_udp_server" ] && _extra_param="${_extra_param} -direct_dns_udp_server ${direct_dns_udp_server}"
+	[ -n "$direct_dns_tcp_server" ] && _extra_param="${_extra_param} -direct_dns_tcp_server ${direct_dns_tcp_server}"
 	[ -n "$direct_dns_port" ] && _extra_param="${_extra_param} -direct_dns_port ${direct_dns_port}"
 	_extra_param="${_extra_param} -direct_dns_query_strategy UseIP"

@ -500,6 +505,26 @@ run_chinadns_ng() {
 		filter-qtype 65
 	EOF

+	# This function may be called multiple times, so add a condition here to avoid repeated execution.
+	[ ! -f "${TMP_PATH}/vpslist" ] && {
+		servers=$(uci show "${CONFIG}" | grep ".address=" | cut -d "'" -f 2 | grep -v "engage.cloudflareclient.com")
+		hosts_foreach "servers" host_from_url | grep '[a-zA-Z]$' | sort -u > "${TMP_PATH}/vpslist"
+	}
+	[ -s "${TMP_PATH}/vpslist" ] && {
+		local vpslist4_set="passwall_vpslist"
+		local vpslist6_set="passwall_vpslist6"
+		[ "$nftflag" = "1" ] && {
+			vpslist4_set="inet@fw4@${vpslist4_set}"
+			vpslist6_set="inet@fw4@${vpslist6_set}"
+		}
+		cat <<-EOF >> ${_CONF_FILE}
+			group vpslist
+			group-dnl ${TMP_PATH}/vpslist
+			group-upstream ${_dns_local}
+			group-ipset ${vpslist4_set},${vpslist6_set}
+		EOF
+	}
+
 	[ "${_use_direct_list}" = "1" ] && [ -s "${RULES_PATH}/direct_host" ] && {
 		local whitelist4_set="passwall_whitelist"
 		local whitelist6_set="passwall_whitelist6"
@ -879,18 +904,23 @@ run_redir() {
 				_args="${_args} remote_dns_query_strategy=${DNS_QUERY_STRATEGY}"
 				DNSMASQ_FILTER_PROXY_IPV6=0
 				[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
+				resolve_dns_port=${dns_listen_port}
+				_args="${_args} dns_listen_port=${resolve_dns_port}"
+
+				local local_dns=$(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n1)
+				_args="${_args} direct_dns_udp_server=${local_dns}"
+
 				local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp)
 				_args="${_args} remote_dns_protocol=${v2ray_dns_mode}"
-				_args="${_args} dns_listen_port=${dns_listen_port}"
 				case "$v2ray_dns_mode" in
 					tcp)
 						_args="${_args} remote_dns_tcp_server=${REMOTE_DNS}"
-						resolve_dns_log="Sing-Box DNS(127.0.0.1#${dns_listen_port}) -> tcp://${REMOTE_DNS}"
+						resolve_dns_log="Sing-Box DNS(127.0.0.1#${resolve_dns_port}) -> tcp://${REMOTE_DNS}"
 					;;
 					doh)
 						remote_dns_doh=$(config_t_get global remote_dns_doh "https://1.1.1.1/dns-query")
 						_args="${_args} remote_dns_doh=${remote_dns_doh}"
-						resolve_dns_log="Sing-Box DNS(127.0.0.1#${dns_listen_port}) -> ${remote_dns_doh}"
+						resolve_dns_log="Sing-Box DNS(127.0.0.1#${resolve_dns_port}) -> ${remote_dns_doh}"
 					;;
 				esac
 				local remote_fakedns=$(config_t_get global remote_fakedns 0)
@ -899,6 +929,7 @@ run_redir() {
 					_args="${_args} remote_fakedns=1"
 					resolve_dns_log="${resolve_dns_log} + FakeDNS"
 				}
+				dns_listen_port=$(expr $dns_listen_port + 1)
 			}
 			run_singbox flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
 		;;
@ -930,16 +961,18 @@ run_redir() {
 				local _dns_client_ip=$(config_t_get global dns_client_ip)
 				[ -n "${_dns_client_ip}" ] && _args="${_args} dns_client_ip=${_dns_client_ip}"
 				[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
-				_args="${_args} dns_listen_port=${dns_listen_port}"
+				resolve_dns_port=${dns_listen_port}
+				_args="${_args} dns_listen_port=${resolve_dns_port}"
 				_args="${_args} remote_dns_tcp_server=${REMOTE_DNS}"
 				local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp)
 				if [ "$v2ray_dns_mode" = "tcp+doh" ]; then
 					remote_dns_doh=$(config_t_get global remote_dns_doh "https://1.1.1.1/dns-query")
 					_args="${_args} remote_dns_doh=${remote_dns_doh}"
-					resolve_dns_log="Xray DNS(127.0.0.1#${dns_listen_port}) -> (${remote_dns_doh})(A/AAAA) + tcp://${REMOTE_DNS}"
+					resolve_dns_log="Xray DNS(127.0.0.1#${resolve_dns_port}) -> (${remote_dns_doh})(A/AAAA) + tcp://${REMOTE_DNS}"
 				else
-					resolve_dns_log="Xray DNS(127.0.0.1#${dns_listen_port}) -> tcp://${REMOTE_DNS}"
+					resolve_dns_log="Xray DNS(127.0.0.1#${resolve_dns_port}) -> tcp://${REMOTE_DNS}"
 				fi
+				dns_listen_port=$(expr $dns_listen_port + 1)
 			}
 			run_xray flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
 		;;
@ -1262,6 +1295,7 @@ start_dns() {
 	echolog "DNS域名解析："

 	TUN_DNS="127.0.0.1#${dns_listen_port}"
+	[ "${resolve_dns}" == "1" ] && TUN_DNS="127.0.0.1#${resolve_dns_port}"

 	case "$DNS_MODE" in
 	dns2socks)
@ -1369,6 +1403,8 @@ start_dns() {
 			echolog "  * 注意：当前 ChinaDNS-NG 版本为[ ${chinadns_ng_now//-/.} ]，请更新到[ ${chinadns_ng_min//-/.} ]或以上版本，否则 DNS 有可能无法正常工作！"
 		fi
 		
+		local china_ng_local_dns=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2  | awk -v prefix="udp://" '{ for (i=1; i<=NF; i++) print prefix $i }') | tr " " ",")
+
 		[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0
 		[ -z "${china_ng_listen_port}" ] && local china_ng_listen_port=$(expr $dns_listen_port + 1)
 		local china_ng_listen="127.0.0.1#${china_ng_listen_port}"
@ -1377,7 +1413,7 @@ start_dns() {
 		run_chinadns_ng \
 			_flag="default" \
 			_listen_port=${china_ng_listen_port} \
-			_dns_local=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
+			_dns_local=${china_ng_local_dns} \
 			_dns_trust=${china_ng_trust_dns} \
 			_no_ipv6_trust=${FILTER_PROXY_IPV6} \
 			_use_direct_list=${USE_DIRECT_LIST} \
@ -1387,7 +1423,7 @@ start_dns() {
 			_default_mode=${TCP_PROXY_MODE} \
 			_default_tag=$(config_t_get global chinadns_ng_default_tag smart)

-		echolog "  - ChinaDNS-NG(${china_ng_listen})：直连DNS：$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",")，可信DNS：${china_ng_trust_dns}"
+		echolog "  - ChinaDNS-NG(${china_ng_listen})：直连DNS：${china_ng_local_dns}，可信DNS：${china_ng_trust_dns}"

 		USE_DEFAULT_DNS="chinadns_ng"
 	}
@ -1547,11 +1583,12 @@ acl_app() {
 								[ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0
 								chinadns_port=$(expr $chinadns_port + 1)
 								_china_ng_listen="127.0.0.1#${chinadns_port}"
+								_chinadns_local_dns=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2  | awk -v prefix="udp://" '{ for (i=1; i<=NF; i++) print prefix $i }') | tr " " ",")

 								run_chinadns_ng \
 									_flag="$sid" \
 									_listen_port=${chinadns_port} \
-									_dns_local=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
+									_dns_local=${_chinadns_local_dns} \
 									_dns_trust=127.0.0.1#${_dns_port} \
 									_no_ipv6_trust=${filter_proxy_ipv6} \
 									_use_direct_list=${use_direct_list} \
@ -1699,7 +1736,7 @@ acl_app() {
 			[ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port
 			unset enabled sid remarks sources use_global_config tcp_node udp_node use_direct_list use_proxy_list use_block_list use_gfw_list chn_list tcp_proxy_mode udp_proxy_mode filter_proxy_ipv6 dns_mode remote_dns v2ray_dns_mode remote_dns_doh dns_client_ip
 			unset _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port config_file _extra_param
-			unset _china_ng_listen chinadns_ng_default_tag dnsmasq_filter_proxy_ipv6
+			unset _china_ng_listen _chinadns_local_dns chinadns_ng_default_tag dnsmasq_filter_proxy_ipv6
 			unset redirect_dns_port
 		done
 		unset socks_port redir_port dns_port dnsmasq_port chinadns_port
@ -1839,6 +1876,9 @@ DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] |  awk -F '.' '{print $2}' | a
 DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
 [ -z "${DEFAULT_DNS}" ] && [ "$(echo $ISP_DNS | tr ' ' '\n' | wc -l)" -le 2 ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',')
 LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}"
+DIRECT_DNS=$(config_t_get global direct_dns "auto")
+#Automatic logic is already done by default
+[ "${DIRECT_DNS}" != "auto" ] && LOCAL_DNS=$(echo ${DIRECT_DNS} | sed 's/:/#/g')

 DNS_QUERY_STRATEGY="UseIP"
 [ "$FILTER_PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIPv4"
--- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
+++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
@ -202,15 +202,20 @@ if not fs.access(CACHE_DNS_PATH) then
 	end

 	--始终用国内DNS解析节点域名
-	uci:foreach(appname, "nodes", function(t)
-		local address = t.address
-		if address == "engage.cloudflareclient.com" then return end
-		if datatypes.hostname(address) then
-			set_domain_dns(address, LOCAL_DNS)
-			set_domain_ipset(address, setflag_4 .. "passwall_vpslist," .. setflag_6 .. "passwall_vpslist6")
+	if true then
+		if USE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
+		else
+			uci:foreach(appname, "nodes", function(t)
+				local address = t.address
+				if address == "engage.cloudflareclient.com" then return end
+				if datatypes.hostname(address) then
+					set_domain_dns(address, LOCAL_DNS)
+					set_domain_ipset(address, setflag_4 .. "passwall_vpslist," .. setflag_6 .. "passwall_vpslist6")
+				end
+			end)
 		end
-	end)
-	log(string.format("  - 节点列表中的域名(vpslist)：%s", LOCAL_DNS or "默认"))
+		log(string.format("  - 节点列表中的域名(vpslist)：%s", LOCAL_DNS or "默认"))
+	end

 	local fwd_dns
 	local ipset_flag
@ -406,38 +411,40 @@ if not fs.access(CACHE_DNS_PATH) then
 		}
 	end

-	local address_out = io.open(CACHE_DNS_PATH .. "/000-address.conf", "a")
-	local server_out = io.open(CACHE_DNS_PATH .. "/001-server.conf", "a")
-	local ipset_out = io.open(CACHE_DNS_PATH .. "/ipset.conf", "a")
-	local set_name = "ipset"
-	if NFTFLAG == "1" then
-		set_name = "nftset"
+	if list1 and next(list1) then
+		local address_out = io.open(CACHE_DNS_PATH .. "/000-address.conf", "a")
+		local server_out = io.open(CACHE_DNS_PATH .. "/001-server.conf", "a")
+		local ipset_out = io.open(CACHE_DNS_PATH .. "/ipset.conf", "a")
+		local set_name = "ipset"
+		if NFTFLAG == "1" then
+			set_name = "nftset"
+		end
+		for key, value in pairs(list1) do
+			if value.address then
+				local domain = "." .. key
+				if key == "#" then
+					domain = key
+				end
+				address_out:write(string.format("address=/%s/%s\n", domain, value.address))
+			end
+			if value.dns and #value.dns > 0 then
+				for i, dns in ipairs(value.dns) do
+					server_out:write(string.format("server=/.%s/%s\n", key, dns))
+				end
+			end
+			if value.ipsets and #value.ipsets > 0 then
+				local ipsets_str = ""
+				for i, ipset in ipairs(value.ipsets) do
+					ipsets_str = ipsets_str .. ipset .. ","
+				end
+				ipsets_str = ipsets_str:sub(1, #ipsets_str - 1)
+				ipset_out:write(string.format("%s=/.%s/%s\n", set_name, key, ipsets_str))
+			end
+		end
+		address_out:close()
+		server_out:close()
+		ipset_out:close()
 	end
-	for key, value in pairs(list1) do
-		if value.address then
-			local domain = "." .. key
-			if key == "#" then
-				domain = key
-			end
-			address_out:write(string.format("address=/%s/%s\n", domain, value.address))
-		end
-		if value.dns and #value.dns > 0 then
-			for i, dns in ipairs(value.dns) do
-				server_out:write(string.format("server=/.%s/%s\n", key, dns))
-			end
-		end
-		if value.ipsets and #value.ipsets > 0 then
-			local ipsets_str = ""
-			for i, ipset in ipairs(value.ipsets) do
-				ipsets_str = ipsets_str .. ipset .. ","
-			end
-			ipsets_str = ipsets_str:sub(1, #ipsets_str - 1)
-			ipset_out:write(string.format("%s=/.%s/%s\n", set_name, key, ipsets_str))
-		end
-	end
-	address_out:close()
-	server_out:close()
-	ipset_out:close()

 	local f_out = io.open(CACHE_TEXT_FILE, "a")
 	f_out:write(new_text)
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnlist
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnlist
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnroute
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnroute
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnroute6
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnroute6
--- a/luci-app-passwall/root/usr/share/passwall/rules/gfwlist
+++ b/luci-app-passwall/root/usr/share/passwall/rules/gfwlist
@ -325,6 +325,7 @@ apkmirror.com
 apkmonk.com
 apkplz.com
 apkpure.com
+apkpure.net
 aplusvpn.com
 app.box.com
 app.cloudcone.com
@ -626,7 +627,6 @@ blog.tiney.com
 blog.workflow.is
 blog.xuite.net
 blog.youthwant.com.tw
-blog.youxu.info
 blogblog.com
 blogcatalog.com
 blogcity.me
@ -938,6 +938,8 @@ changsa.net
 channelnewsasia.com
 chaoex.com
 chapm25.com
+chat.lmsys.org
+chatgpt.com
 chatnook.com
 chaturbate.com
 checkgfw.com
@ -1337,6 +1339,7 @@ deviantart.com
 deviantart.net
 devio.us
 devpn.com
+devv.ai
 dfas.mil
 dfn.org
 dharamsalanet.com
@ -3168,6 +3171,7 @@ liangzhichuanmei.com
 lianyue.net
 liaowangxizang.net
 liberal.org.hk
+libertysculpturepark.com
 libertytimes.com.tw
 library.usc.cuhk.edu.hk
 libredd.it
@ -3210,7 +3214,6 @@ livecoin.net
 livedoor.jp
 liveleak.com
 livemint.com
-livestation.com
 livestream.com
 livevideo.com
 livingonline.us
@ -3218,7 +3221,6 @@ livingstream.com
 liwangyang.com
 lizhizhuangbi.com
 lkcn.net
-llss.me
 lncn.org
 load.to
 lobsangwangyal.com
@ -4064,6 +4066,7 @@ pipii.tv
 piposay.com
 piraattilahti.org
 piring.com
+pixeldrain.com
 pixelqi.com
 pixiv.net
 pixnet.net
@ -4216,6 +4219,7 @@ python.com.tw
 pythonhackers.com
 pytorch.org
 qanote.com
+qbittorrent.org
 qgirl.com.tw
 qhigh.com
 qi-gong.me
@ -4250,9 +4254,9 @@ qxbbs.org
 qz.com
 r0.ru
 r18.com
-ra.gg
 radicalparty.org
 radiko.jp
+radio-canada.ca
 radio.garden
 radioaustralia.net.au
 radiohilight.net
@ -4862,6 +4866,7 @@ tahr.org.tw
 taipei.gov.tw
 taipeisociety.org
 taipeitimes.com
+taisounds.com
 taiwan-sex.com
 taiwanbible.com
 taiwancon.com
@ -5832,6 +5837,7 @@ wqyd.org
 wrchina.org
 wretch.cc
 writer.zoho.com
+writesonic.com
 wsj.com
 wsj.net
 wsjhk.com
@ -5897,6 +5903,7 @@ x-art.com
 x-berry.com
 x-wall.org
 x.co
+x.com
 x.company
 x1949x.com
 x24hr.com
@ -6024,7 +6031,6 @@ yilubbs.com
 yingsuoss.com
 yinlei.org
 yipub.com
-yiyechat.com
 yizhihongxing.com
 yobit.net
 yobt.com
@ -6072,13 +6078,13 @@ yuanming.net
 yuanzhengtang.org
 yulghun.com
 yunchao.net
-yuntipub.com
 yuvutu.com
 yvesgeleyn.com
 ywpw.com
 yx51.net
 yyii.org
 yyjlymb.xyz
+yysub.net
 yzzk.com
 z-lib.org
 zacebook.com
--- a/patch-luci-app-passwall.patch
+++ b/patch-luci-app-passwall.patch
@ -1,5 +1,5 @@
 diff --git a/luci-app-passwall/Makefile b/luci-app-passwall/Makefile
-index 7543450..6a4ce1e 100644
+index 4b41cee..b3e867e 100644
 --- a/luci-app-passwall/Makefile
 +++ b/luci-app-passwall/Makefile
@@ -171,7 +171,6 @@ define Package/$(PKG_NAME)/conffiles
@ -24,10 +24,10 @@ index 1440118..be9dd12 100644
 	if code ~= 0 then
 		local use_time = luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $2}'")
 diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
-index 2320472..788a8fd 100644
+index 5e3a0c6..f84f399 100644
 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
 +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
-@@ -332,6 +332,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
+@@ -346,6 +346,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
 o:value("149.112.112.112", "149.112.112.112 (Quad9-Recommended)")
 o:value("208.67.220.220", "208.67.220.220 (OpenDNS)")
 o:value("208.67.222.222", "208.67.222.222 (OpenDNS)")