actions
parent
97763452a5
commit
afc2744208
@ -259,6 +259,12 @@ o = s:option(DummyValue, "switch_mode", " ")
|
||||
o.template = appname .. "/global/proxy"
|
||||
o:depends({ tcp_node = "", ['!reverse'] = true })
|
||||
|
||||
---- DNS
|
||||
o = s:option(ListValue, "dns_shunt", "DNS " .. translate("Shunt"))
|
||||
o:depends({ tcp_node = "", ['!reverse'] = true })
|
||||
o:value("dnsmasq", "Dnsmasq")
|
||||
o:value("chinadns-ng", "Dnsmasq + ChinaDNS-NG")
|
||||
|
||||
o = s:option(Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
|
||||
o.default = "0"
|
||||
o:depends({ tcp_node = "", ['!reverse'] = true })
|
||||
@ -361,24 +367,18 @@ if has_singbox or has_xray then
|
||||
end
|
||||
end
|
||||
|
||||
if api.is_finded("chinadns-ng") then
|
||||
o = s:option(Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, recommend."))
|
||||
o.default = "0"
|
||||
o:depends({ dns_mode = "", ['!reverse'] = true })
|
||||
|
||||
o = s:option(ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends({chinadns_ng = true, chn_list = "direct"})
|
||||
end
|
||||
o = s:option(ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends({dns_shunt = "chinadns-ng", tcp_proxy_mode = "proxy", chn_list = "direct"})
|
||||
|
||||
o = s:option(ListValue, "use_default_dns", translate("Default DNS"))
|
||||
o.default = "direct"
|
||||
@ -389,10 +389,6 @@ o.description = "<ul>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
local _depends = {tcp_proxy_mode = "proxy"}
|
||||
if api.is_finded("chinadns-ng") then
|
||||
_depends["chinadns_ng"] = false
|
||||
end
|
||||
o:depends(_depends)
|
||||
o:depends({dns_shunt = "dnsmasq", tcp_proxy_mode = "proxy", chn_list = "direct"})
|
||||
|
||||
return m
|
||||
|
||||
@ -260,13 +260,17 @@ end
|
||||
|
||||
s:tab("DNS", translate("DNS"))
|
||||
|
||||
dns_shunt = s:taboption("DNS", ListValue, "dns_shunt", "DNS " .. translate("Shunt"))
|
||||
dns_shunt:value("dnsmasq", "Dnsmasq")
|
||||
dns_shunt:value("chinadns-ng", "Dnsmasq + ChinaDNS-NG")
|
||||
|
||||
o = s:taboption("DNS", Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
|
||||
o.default = "0"
|
||||
|
||||
---- DNS Forward Mode
|
||||
dns_mode = s:taboption("DNS", ListValue, "dns_mode", translate("Filter Mode"))
|
||||
dns_mode:value("tcp", translatef("Requery DNS By %s", "TCP"))
|
||||
dns_mode:value("udp", translatef("Requery DNS By %s", "UDP"))
|
||||
dns_mode:value("tcp", translatef("Requery DNS By %s", "TCP"))
|
||||
if api.is_finded("dns2socks") then
|
||||
dns_mode:value("dns2socks", "dns2socks")
|
||||
end
|
||||
@ -362,7 +366,7 @@ o:depends({dns_mode = "xray"})
|
||||
|
||||
o = s:taboption("DNS", Flag, "remote_fakedns", "FakeDNS", translate("Use FakeDNS work in the shunt domain that proxy."))
|
||||
o.default = "0"
|
||||
o:depends({dns_mode = "sing-box"})
|
||||
o:depends({dns_mode = "sing-box", dns_shunt = "dnsmasq"})
|
||||
o.validate = function(self, value, t)
|
||||
if value and value == "1" then
|
||||
local _dns_mode = dns_mode:formvalue(t)
|
||||
@ -376,24 +380,18 @@ o.validate = function(self, value, t)
|
||||
return value
|
||||
end
|
||||
|
||||
if api.is_finded("chinadns-ng") then
|
||||
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, recommend."))
|
||||
o.default = "0"
|
||||
o:depends({remote_fakedns = false})
|
||||
|
||||
o = s:taboption("DNS", ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends({chinadns_ng = true, chn_list = "direct"})
|
||||
end
|
||||
o = s:taboption("DNS", ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends({dns_shunt = "chinadns-ng", tcp_proxy_mode = "proxy", chn_list = "direct"})
|
||||
|
||||
o = s:taboption("DNS", ListValue, "use_default_dns", translate("Default DNS"))
|
||||
o.default = "direct"
|
||||
@ -404,11 +402,7 @@ o.description = "<ul>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
local _depends = {tcp_proxy_mode = "proxy"}
|
||||
if api.is_finded("chinadns-ng") then
|
||||
_depends["chinadns_ng"] = false
|
||||
end
|
||||
o:depends(_depends)
|
||||
o:depends({dns_shunt = "dnsmasq", tcp_proxy_mode = "proxy", chn_list = "direct"})
|
||||
|
||||
o = s:taboption("DNS", Button, "clear_ipset", translate("Clear IPSET"), translate("Try this feature if the rule modification does not take effect."))
|
||||
o.inputstyle = "remove"
|
||||
|
||||
@ -6,10 +6,10 @@ config global
|
||||
option udp_node 'nil'
|
||||
option tcp_node_socks_port '1070'
|
||||
option filter_proxy_ipv6 '1'
|
||||
option dns_shunt 'chinadns-ng'
|
||||
option dns_mode 'tcp'
|
||||
option remote_dns '1.1.1.1'
|
||||
option use_default_dns 'direct'
|
||||
option chinadns_ng '1'
|
||||
option chinadns_ng_default_tag 'none'
|
||||
option use_direct_list '1'
|
||||
option use_proxy_list '1'
|
||||
|
||||
@ -485,7 +485,7 @@ run_dns2socks() {
|
||||
run_chinadns_ng() {
|
||||
local _flag _listen_port _dns_local _dns_trust _no_ipv6_trust _use_direct_list _use_proxy_list _gfwlist _chnlist _default_mode _default_tag
|
||||
eval_set_val $@
|
||||
|
||||
|
||||
local _CONF_FILE=$TMP_ACL_PATH/$_flag/chinadns_ng.conf
|
||||
local _LOG_FILE=$TMP_ACL_PATH/$_flag/chinadns_ng.log
|
||||
_LOG_FILE="/dev/null"
|
||||
@ -513,7 +513,7 @@ run_chinadns_ng() {
|
||||
group-ipset ${whitelist4_set},${whitelist6_set}
|
||||
EOF
|
||||
}
|
||||
|
||||
|
||||
[ "${_use_proxy_list}" = "1" ] && [ -s "${RULES_PATH}/proxy_host" ] && {
|
||||
local blacklist4_set="passwall_blacklist"
|
||||
local blacklist6_set="passwall_blacklist6"
|
||||
@ -529,7 +529,7 @@ run_chinadns_ng() {
|
||||
EOF
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:proxylist" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
|
||||
[ "${_gfwlist}" = "1" ] && [ -s "${RULES_PATH}/gfwlist" ] && {
|
||||
local gfwlist4_set="passwall_gfwlist"
|
||||
local gfwlist6_set="passwall_gfwlist6"
|
||||
@ -543,7 +543,7 @@ run_chinadns_ng() {
|
||||
EOF
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:gfw" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
|
||||
[ "${_chnlist}" != "0" ] && [ -s "${RULES_PATH}/chnlist" ] && {
|
||||
local chnroute4_set="passwall_chnroute"
|
||||
local chnroute6_set="passwall_chnroute6"
|
||||
@ -573,7 +573,7 @@ run_chinadns_ng() {
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:chn_proxy" >> ${_CONF_FILE}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#只使用gfwlist模式,GFW列表以外的域名及默认使用本地DNS
|
||||
[ "${_gfwlist}" = "1" ] && [ "${_chnlist}" = "0" ] && _default_tag="chn"
|
||||
#回中国模式,中国列表以外的域名及默认使用本地DNS
|
||||
@ -583,7 +583,7 @@ run_chinadns_ng() {
|
||||
_default_tag="gfw"
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
|
||||
([ -z "${_default_tag}" ] || [ "${_default_tag}" = "smart" ]) && _default_tag="none"
|
||||
echo "default-tag ${_default_tag}" >> ${_CONF_FILE}
|
||||
|
||||
@ -1297,7 +1297,7 @@ start_dns() {
|
||||
;;
|
||||
udp)
|
||||
use_udp_node_resolve_dns=1
|
||||
if [ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ]; then
|
||||
if [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ]; then
|
||||
local china_ng_listen_port=${dns_listen_port}
|
||||
local china_ng_trust_dns="udp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')"
|
||||
else
|
||||
@ -1307,7 +1307,7 @@ start_dns() {
|
||||
;;
|
||||
*)
|
||||
use_tcp_node_resolve_dns=1
|
||||
if [ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ]; then
|
||||
if [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ]; then
|
||||
local china_ng_listen_port=${dns_listen_port}
|
||||
local china_ng_trust_dns="tcp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')"
|
||||
else
|
||||
@ -1322,7 +1322,7 @@ start_dns() {
|
||||
[ "${use_tcp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 TCP 查询,如非直连地址,确保 TCP 代理打开,并且已经正确转发!"
|
||||
[ "${use_udp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 UDP 查询并已使用 UDP 节点,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!"
|
||||
|
||||
[ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0
|
||||
[ -z "${china_ng_listen_port}" ] && local china_ng_listen_port=$(expr $dns_listen_port + 1)
|
||||
local china_ng_listen="127.0.0.1#${china_ng_listen_port}"
|
||||
@ -1453,9 +1453,9 @@ acl_app() {
|
||||
udp_proxy_mode=${udp_proxy_mode:-proxy}
|
||||
filter_proxy_ipv6=${filter_proxy_ipv6:-0}
|
||||
dnsmasq_filter_proxy_ipv6=${filter_proxy_ipv6}
|
||||
dns_shunt=${dns_shunt:-dnsmasq}
|
||||
dns_mode=${dns_mode:-dns2socks}
|
||||
remote_dns=${remote_dns:-1.1.1.1}
|
||||
chinadns_ng=${chinadns_ng:-0}
|
||||
use_default_dns=${use_default_dns:-direct}
|
||||
[ "$dns_mode" = "sing-box" ] && {
|
||||
[ "$v2ray_dns_mode" = "doh" ] && remote_dns=${remote_dns_doh:-https://1.1.1.1/dns-query}
|
||||
@ -1491,7 +1491,7 @@ acl_app() {
|
||||
eval node_${tcp_node}_$(echo -n "${remote_dns}" | md5sum | cut -d " " -f1)=${_dns_port}
|
||||
}
|
||||
|
||||
[ "$chinadns_ng" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$dns_shunt" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0
|
||||
chinadns_port=$(expr $chinadns_port + 1)
|
||||
_china_ng_listen="127.0.0.1#${chinadns_port}"
|
||||
@ -1766,10 +1766,11 @@ LOCALHOST_PROXY=$(config_t_get global localhost_proxy 1)
|
||||
LOCALHOST_UDP_PROXY_MODE=$UDP_PROXY_MODE
|
||||
}
|
||||
CLIENT_PROXY=$(config_t_get global client_proxy 1)
|
||||
DNS_SHUNT=$(config_t_get global dns_shunt dnsmasq)
|
||||
[ -z "$(first_type $DNS_SHUNT)" ] && DNS_SHUNT="dnsmasq"
|
||||
DNS_MODE=$(config_t_get global dns_mode tcp)
|
||||
DNS_CACHE=0
|
||||
REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
||||
CHINADNS_NG=$(config_t_get global chinadns_ng 0)
|
||||
USE_DEFAULT_DNS=$(config_t_get global use_default_dns direct)
|
||||
FILTER_PROXY_IPV6=$(config_t_get global filter_proxy_ipv6 0)
|
||||
dns_listen_port=${DNS_PORT}
|
||||
|
||||
@ -36,7 +36,7 @@ index c303efe..6b4319e 100644
|
||||
s = m:section(TypedSection, "global", translate("ACLs"), "<font color='red'>" .. translate("ACLs is a tools which used to designate specific IP proxy mode.") .. "</font>")
|
||||
s.anonymous = true
|
||||
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
|
||||
index 1b89532..7ea123f 100644
|
||||
index e355bc9..96e49cc 100644
|
||||
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
|
||||
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
|
||||
@@ -13,7 +13,6 @@ local port_validate = function(self, value, t)
|
||||
@ -60,7 +60,7 @@ index 8a59a43..9d47562 100644
|
||||
-- [[ App Settings ]]--
|
||||
s = m:section(TypedSection, "global_app", translate("App Update"),
|
||||
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
index 7f26ed7..ba3d2c0 100644
|
||||
index d96f550..7161187 100644
|
||||
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
@@ -9,7 +9,6 @@ local has_chnlist = api.fs.access("/usr/share/passwall/rules/chnlist")
|
||||
@ -71,7 +71,7 @@ index 7f26ed7..ba3d2c0 100644
|
||||
|
||||
local nodes_table = {}
|
||||
for k, e in ipairs(api.get_valid_nodes()) do
|
||||
@@ -326,6 +325,12 @@ o:value("8.8.8.8", "8.8.8.8 (Google)")
|
||||
@@ -330,6 +329,12 @@ o:value("8.8.8.8", "8.8.8.8 (Google)")
|
||||
o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
|
||||
o:value("208.67.220.220", "208.67.220.220 (OpenDNS)")
|
||||
o:value("208.67.222.222", "208.67.222.222 (OpenDNS)")
|
||||
@ -403,7 +403,7 @@ index 24662de..77b6a0b 100644
|
||||
</div>
|
||||
</div>
|
||||
diff --git a/luci-app-passwall/root/usr/share/passwall/0_default_config b/luci-app-passwall/root/usr/share/passwall/0_default_config
|
||||
index 67db6af..0a63147 100644
|
||||
index cfe606d..1601d03 100644
|
||||
--- a/luci-app-passwall/root/usr/share/passwall/0_default_config
|
||||
+++ b/luci-app-passwall/root/usr/share/passwall/0_default_config
|
||||
@@ -32,7 +32,7 @@ config global_haproxy
|
||||
|
||||
Loading…
Reference in New Issue
Block a user