luci: optimize and improve

Signed-off-by: sbwml <admin@cooluc.com>

luci-app-passwall/root/etc/uci-defaults/luci-passwall

@@ -31,35 +31,10 @@ EOF
 touch /etc/config/passwall_show >/dev/null 2>&1
 [ ! -s "/etc/config/passwall" ] && cp -f /usr/share/passwall/0_default_config /etc/config/passwall
 
-global_xray=$(uci -q get passwall.@global_xray[0])
-[ -z "${global_xray}" ] && {
-	cfgid=$(uci add passwall global_xray)
-	uci -q set passwall.${cfgid}.sniffing=$(uci -q get passwall.@global_forwarding[0].sniffing || echo "1")
-	uci -q set passwall.${cfgid}.route_only=$(uci -q get passwall.@global_forwarding[0].route_only || echo "0")
-	uci -q set passwall.${cfgid}.buffer_size=$(uci -q get passwall.@global_forwarding[0].buffer_size || echo "")
-
-	uci -q delete passwall.@global_forwarding[0].sniffing
-	uci -q delete passwall.@global_forwarding[0].route_only
-	uci -q delete passwall.@global_forwarding[0].buffer_size
-	uci -q commit passwall
-}
-
-sed -i "s#option tlsflow#option flow#g" /etc/config/passwall
-
-global_singbox=$(uci -q get passwall.@global_singbox[0])
-[ -z "${global_singbox}" ] && {
-	cfgid=$(uci add passwall global_singbox)
-	uci -q set passwall.${cfgid}.sniff_override_destination=0
-	uci -q set passwall.${cfgid}.geoip_path="/tmp/singbox/geoip.db"
-	uci -q set passwall.${cfgid}.geoip_url="https://github.com/SagerNet/sing-geoip/releases/latest/download/geoip.db"
-	uci -q set passwall.${cfgid}.geosite_path="/tmp/singbox/geosite.db"
-	uci -q set passwall.${cfgid}.geosite_url="https://github.com/SagerNet/sing-geosite/releases/latest/download/geosite.db"
-	uci -q commit passwall
-}
-
 chmod +x /usr/share/passwall/*.sh
 
 rm -f /tmp/luci-indexcache
 rm -rf /tmp/luci-modulecache/
 killall -HUP rpcd 2>/dev/null
+
 exit 0

luci-app-passwall/root/usr/share/passwall/app.sh

@@ -1597,14 +1597,13 @@ start() {
 		if [ -n "$(command -v iptables-legacy || command -v iptables)" ] && [ -n "$(command -v ipset)" ] && [ -n "$(dnsmasq --version | grep 'Compile time options:.* ipset')" ]; then
 			USE_TABLES="iptables"
 		else
+			echolog "系统未安装iptables或ipset或Dnsmasq没有开启ipset支持，无法使用iptables+ipset透明代理！"
 			if [ -n "$(command -v fw4)" ] && [ -n "$(command -v nft)" ] && [ -n "$(dnsmasq --version | grep 'Compile time options:.* nftset')" ]; then
 				echolog "检测到fw4，使用nftables进行透明代理。"
 				USE_TABLES="nftables"
 				nftflag=1
 				config_t_set global_forwarding use_nft 1
 				uci commit ${CONFIG}
-			else
-				echolog "系统未安装iptables或ipset或Dnsmasq没有开启ipset支持，无法透明代理！"
 			fi
 		fi
 	else

luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua

@@ -149,8 +149,9 @@ local function check_excluded_domain(domain)
 end
 
 local cache_text = ""
+local nodes_address_md5 = luci.sys.exec("echo -n $(uci show passwall | grep '\\.address') | md5sum")
 local new_rules = luci.sys.exec("echo -n $(find /usr/share/passwall/rules -type f | xargs md5sum)")
-local new_text = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. USE_DEFAULT_DNS .. CHINADNS_DNS .. USE_DIRECT_LIST .. USE_PROXY_LIST .. USE_BLOCK_LIST .. USE_GFW_LIST .. CHN_LIST .. DEFAULT_PROXY_MODE .. NO_PROXY_IPV6 .. new_rules .. NFTFLAG
+local new_text = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. USE_DEFAULT_DNS .. CHINADNS_DNS .. USE_DIRECT_LIST .. USE_PROXY_LIST .. USE_BLOCK_LIST .. USE_GFW_LIST .. CHN_LIST .. DEFAULT_PROXY_MODE .. NO_PROXY_IPV6 .. nodes_address_md5 .. new_rules .. NFTFLAG
 if fs.access(CACHE_TEXT_FILE) then
 	for line in io.lines(CACHE_TEXT_FILE) do
 		cache_text = line

luci-app-passwall/root/usr/share/passwall/iptables.sh

@@ -1172,7 +1172,7 @@ del_firewall_rule() {
 	destroy_ipset $IPSET_BLOCKLIST6
 	destroy_ipset $IPSET_WHITELIST6
 
-	$DIR/app.sh echolog "删除相关防火墙规则完成。"
+	$DIR/app.sh echolog "删除iptables防火墙规则完成。"
 }
 
 flush_ipset() {

luci-app-passwall/root/usr/share/passwall/nftables.sh

@@ -1214,7 +1214,7 @@ del_firewall_rule() {
 	destroy_nftset $NFTSET_BLOCKLIST6
 	destroy_nftset $NFTSET_WHITELIST6
 
-	$DIR/app.sh echolog "删除相关防火墙规则完成。"
+	$DIR/app.sh echolog "删除nftables防火墙规则完成。"
 }
 
 flush_nftset() {