From c08e28d1554fee3b721cac235b1a7602ca0cf237 Mon Sep 17 00:00:00 2001 From: gitea-action Date: Sat, 21 Dec 2024 01:30:27 +0800 Subject: [PATCH] luci-app-passwall2: sync upstream last commit: https://github.com/xiaorouji/openwrt-passwall2/commit/e6ca8e93f84bf8f7fba3226c6580e03385ccf4ea --- luci-app-passwall2/Makefile | 4 +- .../model/cbi/passwall2/client/global.lua | 8 +- .../view/passwall2/node_list/node_list.htm | 11 ++- .../root/usr/share/passwall2/app.sh | 79 ++++++++++++++++--- .../root/usr/share/passwall2/iptables.sh | 1 + .../root/usr/share/passwall2/nftables.sh | 1 + 6 files changed, 83 insertions(+), 21 deletions(-) diff --git a/luci-app-passwall2/Makefile b/luci-app-passwall2/Makefile index 2ec6533cf..6fac8b384 100644 --- a/luci-app-passwall2/Makefile +++ b/luci-app-passwall2/Makefile @@ -5,8 +5,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall2 -PKG_VERSION:=24.12.19 -PKG_RELEASE:=2 +PKG_VERSION:=24.12.21 +PKG_RELEASE:=1 PKG_CONFIG_DEPENDS:= \ CONFIG_PACKAGE_$(PKG_NAME)_Iptables_Transparent_Proxy \ diff --git a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/global.lua b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/global.lua index bf77992e9..e499c5388 100644 --- a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/global.lua +++ b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/global.lua @@ -91,12 +91,16 @@ if (has_singbox or has_xray) and #nodes_table > 0 then end local function get_write(shunt_node_id, option) return function(self, section, value) - m:set(shunt_node_id, option, value) + if s.fields["node"]:formvalue(section) == shunt_node_id then + m:set(shunt_node_id, option, value) + end end end local function get_remove(shunt_node_id, option) return function(self, section) - m:del(shunt_node_id, option) + if s.fields["node"]:formvalue(section) == shunt_node_id then + m:del(shunt_node_id, option) + end end end if #normal_list > 0 then diff --git a/luci-app-passwall2/luasrc/view/passwall2/node_list/node_list.htm b/luci-app-passwall2/luasrc/view/passwall2/node_list/node_list.htm index 7069f8bad..70db75fc1 100644 --- a/luci-app-passwall2/luasrc/view/passwall2/node_list/node_list.htm +++ b/luci-app-passwall2/luasrc/view/passwall2/node_list/node_list.htm @@ -43,7 +43,7 @@ table td, .table .td { } ._now_use { - background: #94e1ff !important; + color: red !important; } .ping a:hover{ @@ -227,13 +227,12 @@ table td, .table .td { if (id) { var dom = document.getElementById("cbi-passwall2-" + id); if (dom) { - dom.classList.add("_now_use"); - dom.title = "当前节点"; + dom.title = "当前使用的节点"; //var v = "当前节点:" + document.getElementById("cbid.passwall2." + id + ".remarks").value; //document.getElementById("cbi-passwall2-" + id + "-remarks").innerHTML = v; - var tds = dom.getElementsByTagName("td") - for (var j = 0; j < tds.length; j++) { - tds[j].classList.add("_now_use"); + var dom_remarks = document.getElementById("cbi-passwall2-" + id + "-remarks"); + if (dom_remarks) { + dom_remarks.classList.add("_now_use"); } } } diff --git a/luci-app-passwall2/root/usr/share/passwall2/app.sh b/luci-app-passwall2/root/usr/share/passwall2/app.sh index 3ea4c2fde..3a67fcae4 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/app.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/app.sh @@ -774,9 +774,33 @@ run_global() { ${run_func} $V2RAY_ARGS - GLOBAL_DNSMASQ_PORT=$(get_new_port 11400) - run_copy_dnsmasq flag="default" listen_port=$GLOBAL_DNSMASQ_PORT tun_dns="${TUN_DNS}" - DNS_REDIRECT_PORT=${GLOBAL_DNSMASQ_PORT} + local RUN_NEW_DNSMASQ=1 + RUN_NEW_DNSMASQ=${DNS_REDIRECT} + if [ "${RUN_NEW_DNSMASQ}" == "0" ]; then + #The old logic will be removed in the future. + #Run a copy dnsmasq instance, DNS hijack that don't need a proxy devices. + [ "1" = "0" ] && { + DIRECT_DNSMASQ_PORT=$(get_new_port 11400) + DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf + lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} + ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid + set_cache_var "DIRECT_DNSMASQ_PORT" "${DIRECT_DNSMASQ_PORT}" + } + + #Rewrite the default DNS service configuration + #Modify the default dnsmasq service + lua $APP_PATH/helper_dnsmasq.lua stretch + lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \ + -DEFAULT_DNS ${AUTO_DNS} -LOCAL_DNS ${LOCAL_DNS:-${AUTO_DNS}} -TUN_DNS ${TUN_DNS} \ + -NFTFLAG ${nftflag:-0} \ + -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0} + /etc/init.d/dnsmasq restart >/dev/null 2>&1 + else + #Run a copy dnsmasq instance, DNS hijack for that need proxy devices. + GLOBAL_DNSMASQ_PORT=$(get_new_port 11400) + run_copy_dnsmasq flag="default" listen_port=$GLOBAL_DNSMASQ_PORT tun_dns="${TUN_DNS}" + DNS_REDIRECT_PORT=${GLOBAL_DNSMASQ_PORT} + fi set_cache_var "ACL_GLOBAL_node" "$NODE" set_cache_var "ACL_GLOBAL_redir_port" "$REDIR_PORT" @@ -1228,8 +1252,10 @@ start() { if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then [ "$(uci -q get dhcp.@dnsmasq[0].dns_redirect)" == "1" ] && { - uci -q set dhcp.@dnsmasq[0].dns_redirect='0' 2>/dev/null - uci commit dhcp 2>/dev/null + uci -q set ${CONFIG}.@global[0].dnsmasq_dns_redirect='1' + uci -q commit ${CONFIG} + uci -q set dhcp.@dnsmasq[0].dns_redirect='0' + uci -q commit dhcp /etc/init.d/dnsmasq restart >/dev/null 2>&1 } fi @@ -1238,11 +1264,11 @@ start() { set_cache_var "USE_TABLES" "$USE_TABLES" if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then bridge_nf_ipt=$(sysctl -e -n net.bridge.bridge-nf-call-iptables) - set_cache_var "origin_bridge_nf_ipt" "$bridge_nf_ipt" + set_cache_var "bak_bridge_nf_ipt" "$bridge_nf_ipt" sysctl -w net.bridge.bridge-nf-call-iptables=0 >/dev/null 2>&1 [ "$PROXY_IPV6" == "1" ] && { bridge_nf_ip6t=$(sysctl -e -n net.bridge.bridge-nf-call-ip6tables) - set_cache_var "origin_bridge_nf_ip6t" "$bridge_nf_ip6t" + set_cache_var "bak_bridge_nf_ip6t" "$bridge_nf_ip6t" sysctl -w net.bridge.bridge-nf-call-ip6tables=0 >/dev/null 2>&1 } fi @@ -1261,10 +1287,25 @@ stop() { unset V2RAY_LOCATION_ASSET unset XRAY_LOCATION_ASSET stop_crontab - origin_bridge_nf_ipt=$(get_cache_var "origin_bridge_nf_ipt") - [ -n "${origin_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${origin_bridge_nf_ipt} >/dev/null 2>&1 - origin_bridge_nf_ip6t=$(get_cache_var "origin_bridge_nf_ip6t") - [ -n "${origin_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${origin_bridge_nf_ip6t} >/dev/null 2>&1 + rm -rf $GLOBAL_DNSMASQ_CONF + rm -rf $GLOBAL_DNSMASQ_CONF_PATH + [ "1" = "1" ] && { + #restore logic + bak_dnsmasq_dns_redirect=$(config_t_get global dnsmasq_dns_redirect) + [ -n "${bak_dnsmasq_dns_redirect}" ] && { + uci -q set dhcp.@dnsmasq[0].dns_redirect="${bak_dnsmasq_dns_redirect}" + uci -q commit dhcp + uci -q delete ${CONFIG}.@global[0].dnsmasq_dns_redirect + uci -q commit ${CONFIG} + } + if [ -z "$(get_cache_var "ACL_default_dns_port")" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then + lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0 + fi + bak_bridge_nf_ipt=$(get_cache_var "bak_bridge_nf_ipt") + [ -n "${bak_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${bak_bridge_nf_ipt} >/dev/null 2>&1 + bak_bridge_nf_ip6t=$(get_cache_var "bak_bridge_nf_ip6t") + [ -n "${bak_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${bak_bridge_nf_ip6t} >/dev/null 2>&1 + } rm -rf $TMP_PATH rm -rf /tmp/lock/${CONFIG}_socks_auto_switch* echolog "清空并关闭相关程序和缓存完成。" @@ -1299,6 +1340,7 @@ REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0') REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4) WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1) DNS_CACHE=$(config_t_get global dns_cache 1) +DNS_REDIRECT=$(config_t_get global dns_redirect 1) RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto [ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto @@ -1311,6 +1353,21 @@ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print [ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',') AUTO_DNS=${DEFAULT_DNS:-119.29.29.29} +DNSMASQ_CONF_DIR=/tmp/dnsmasq.d +TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} +DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')" +if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then + DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")" + if [ -n "$DNSMASQ_CONF_DIR" ]; then + DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/} + TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} + else + DNSMASQ_CONF_DIR="/tmp/dnsmasq.d" + fi +fi +GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf +GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH} + PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0) XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray) diff --git a/luci-app-passwall2/root/usr/share/passwall2/iptables.sh b/luci-app-passwall2/root/usr/share/passwall2/iptables.sh index 9888930e3..97e64ebf8 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/iptables.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/iptables.sh @@ -394,6 +394,7 @@ load_acl() { $ip6t_n -A PSW2_DNS $(comment "$remarks") -p udp ${_ipt_source} --dport 53 -j REDIRECT --to-ports $dns_redirect_port 2>/dev/null $ipt_n -A PSW2_DNS $(comment "$remarks") -p tcp ${_ipt_source} --dport 53 -j REDIRECT --to-ports $dns_redirect_port $ip6t_n -A PSW2_DNS $(comment "$remarks") -p tcp ${_ipt_source} --dport 53 -j REDIRECT --to-ports $dns_redirect_port 2>/dev/null + [ -z "$(get_cache_var "ACL_${sid}_default")" ] && echolog " - ${msg}使用与全局配置不相同节点,已将DNS强制重定向到专用 DNS 服务器。" else $ipt_n -A PSW2_DNS $(comment "$remarks") -p udp ${_ipt_source} --dport 53 -j RETURN $ip6t_n -A PSW2_DNS $(comment "$remarks") -p udp ${_ipt_source} --dport 53 -j RETURN 2>/dev/null diff --git a/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/luci-app-passwall2/root/usr/share/passwall2/nftables.sh index a5d2e4851..52aa111ba 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/nftables.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/nftables.sh @@ -440,6 +440,7 @@ load_acl() { nft "add rule $NFTABLE_NAME PSW2_DNS ip protocol tcp ${_ipt_source} tcp dport 53 counter redirect to :$dns_redirect_port comment \"$remarks\"" nft "add rule $NFTABLE_NAME PSW2_DNS meta l4proto udp ${_ipt_source} udp dport 53 counter redirect to :$dns_redirect_port comment \"$remarks\"" nft "add rule $NFTABLE_NAME PSW2_DNS meta l4proto tcp ${_ipt_source} tcp dport 53 counter redirect to :$dns_redirect_port comment \"$remarks\"" + [ -z "$(get_cache_var "ACL_${sid}_default")" ] && echolog " - ${msg}使用与全局配置不相同节点,已将DNS强制重定向到专用 DNS 服务器。" } else nft "add rule $NFTABLE_NAME PSW2_DNS ip protocol udp ${_ipt_source} udp dport 53 counter return comment \"$remarks\""