|
|
|
|
@ -774,9 +774,33 @@ run_global() {
|
|
|
|
|
|
|
|
|
|
${run_func} $V2RAY_ARGS
|
|
|
|
|
|
|
|
|
|
GLOBAL_DNSMASQ_PORT=$(get_new_port 11400)
|
|
|
|
|
run_copy_dnsmasq flag="default" listen_port=$GLOBAL_DNSMASQ_PORT tun_dns="${TUN_DNS}"
|
|
|
|
|
DNS_REDIRECT_PORT=${GLOBAL_DNSMASQ_PORT}
|
|
|
|
|
local RUN_NEW_DNSMASQ=1
|
|
|
|
|
RUN_NEW_DNSMASQ=${DNS_REDIRECT}
|
|
|
|
|
if [ "${RUN_NEW_DNSMASQ}" == "0" ]; then
|
|
|
|
|
#The old logic will be removed in the future.
|
|
|
|
|
#Run a copy dnsmasq instance, DNS hijack that don't need a proxy devices.
|
|
|
|
|
[ "1" = "0" ] && {
|
|
|
|
|
DIRECT_DNSMASQ_PORT=$(get_new_port 11400)
|
|
|
|
|
DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf
|
|
|
|
|
lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF}
|
|
|
|
|
ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid
|
|
|
|
|
set_cache_var "DIRECT_DNSMASQ_PORT" "${DIRECT_DNSMASQ_PORT}"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#Rewrite the default DNS service configuration
|
|
|
|
|
#Modify the default dnsmasq service
|
|
|
|
|
lua $APP_PATH/helper_dnsmasq.lua stretch
|
|
|
|
|
lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG "default" -TMP_DNSMASQ_PATH ${GLOBAL_DNSMASQ_CONF_PATH} -DNSMASQ_CONF_FILE ${GLOBAL_DNSMASQ_CONF} \
|
|
|
|
|
-DEFAULT_DNS ${AUTO_DNS} -LOCAL_DNS ${LOCAL_DNS:-${AUTO_DNS}} -TUN_DNS ${TUN_DNS} \
|
|
|
|
|
-NFTFLAG ${nftflag:-0} \
|
|
|
|
|
-NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
|
|
|
|
|
/etc/init.d/dnsmasq restart >/dev/null 2>&1
|
|
|
|
|
else
|
|
|
|
|
#Run a copy dnsmasq instance, DNS hijack for that need proxy devices.
|
|
|
|
|
GLOBAL_DNSMASQ_PORT=$(get_new_port 11400)
|
|
|
|
|
run_copy_dnsmasq flag="default" listen_port=$GLOBAL_DNSMASQ_PORT tun_dns="${TUN_DNS}"
|
|
|
|
|
DNS_REDIRECT_PORT=${GLOBAL_DNSMASQ_PORT}
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
set_cache_var "ACL_GLOBAL_node" "$NODE"
|
|
|
|
|
set_cache_var "ACL_GLOBAL_redir_port" "$REDIR_PORT"
|
|
|
|
|
@ -1228,8 +1252,10 @@ start() {
|
|
|
|
|
|
|
|
|
|
if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then
|
|
|
|
|
[ "$(uci -q get dhcp.@dnsmasq[0].dns_redirect)" == "1" ] && {
|
|
|
|
|
uci -q set dhcp.@dnsmasq[0].dns_redirect='0' 2>/dev/null
|
|
|
|
|
uci commit dhcp 2>/dev/null
|
|
|
|
|
uci -q set ${CONFIG}.@global[0].dnsmasq_dns_redirect='1'
|
|
|
|
|
uci -q commit ${CONFIG}
|
|
|
|
|
uci -q set dhcp.@dnsmasq[0].dns_redirect='0'
|
|
|
|
|
uci -q commit dhcp
|
|
|
|
|
/etc/init.d/dnsmasq restart >/dev/null 2>&1
|
|
|
|
|
}
|
|
|
|
|
fi
|
|
|
|
|
@ -1238,11 +1264,11 @@ start() {
|
|
|
|
|
set_cache_var "USE_TABLES" "$USE_TABLES"
|
|
|
|
|
if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then
|
|
|
|
|
bridge_nf_ipt=$(sysctl -e -n net.bridge.bridge-nf-call-iptables)
|
|
|
|
|
set_cache_var "origin_bridge_nf_ipt" "$bridge_nf_ipt"
|
|
|
|
|
set_cache_var "bak_bridge_nf_ipt" "$bridge_nf_ipt"
|
|
|
|
|
sysctl -w net.bridge.bridge-nf-call-iptables=0 >/dev/null 2>&1
|
|
|
|
|
[ "$PROXY_IPV6" == "1" ] && {
|
|
|
|
|
bridge_nf_ip6t=$(sysctl -e -n net.bridge.bridge-nf-call-ip6tables)
|
|
|
|
|
set_cache_var "origin_bridge_nf_ip6t" "$bridge_nf_ip6t"
|
|
|
|
|
set_cache_var "bak_bridge_nf_ip6t" "$bridge_nf_ip6t"
|
|
|
|
|
sysctl -w net.bridge.bridge-nf-call-ip6tables=0 >/dev/null 2>&1
|
|
|
|
|
}
|
|
|
|
|
fi
|
|
|
|
|
@ -1261,10 +1287,25 @@ stop() {
|
|
|
|
|
unset V2RAY_LOCATION_ASSET
|
|
|
|
|
unset XRAY_LOCATION_ASSET
|
|
|
|
|
stop_crontab
|
|
|
|
|
origin_bridge_nf_ipt=$(get_cache_var "origin_bridge_nf_ipt")
|
|
|
|
|
[ -n "${origin_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${origin_bridge_nf_ipt} >/dev/null 2>&1
|
|
|
|
|
origin_bridge_nf_ip6t=$(get_cache_var "origin_bridge_nf_ip6t")
|
|
|
|
|
[ -n "${origin_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${origin_bridge_nf_ip6t} >/dev/null 2>&1
|
|
|
|
|
rm -rf $GLOBAL_DNSMASQ_CONF
|
|
|
|
|
rm -rf $GLOBAL_DNSMASQ_CONF_PATH
|
|
|
|
|
[ "1" = "1" ] && {
|
|
|
|
|
#restore logic
|
|
|
|
|
bak_dnsmasq_dns_redirect=$(config_t_get global dnsmasq_dns_redirect)
|
|
|
|
|
[ -n "${bak_dnsmasq_dns_redirect}" ] && {
|
|
|
|
|
uci -q set dhcp.@dnsmasq[0].dns_redirect="${bak_dnsmasq_dns_redirect}"
|
|
|
|
|
uci -q commit dhcp
|
|
|
|
|
uci -q delete ${CONFIG}.@global[0].dnsmasq_dns_redirect
|
|
|
|
|
uci -q commit ${CONFIG}
|
|
|
|
|
}
|
|
|
|
|
if [ -z "$(get_cache_var "ACL_default_dns_port")" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
|
|
|
|
|
lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0
|
|
|
|
|
fi
|
|
|
|
|
bak_bridge_nf_ipt=$(get_cache_var "bak_bridge_nf_ipt")
|
|
|
|
|
[ -n "${bak_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${bak_bridge_nf_ipt} >/dev/null 2>&1
|
|
|
|
|
bak_bridge_nf_ip6t=$(get_cache_var "bak_bridge_nf_ip6t")
|
|
|
|
|
[ -n "${bak_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${bak_bridge_nf_ip6t} >/dev/null 2>&1
|
|
|
|
|
}
|
|
|
|
|
rm -rf $TMP_PATH
|
|
|
|
|
rm -rf /tmp/lock/${CONFIG}_socks_auto_switch*
|
|
|
|
|
echolog "清空并关闭相关程序和缓存完成。"
|
|
|
|
|
@ -1299,6 +1340,7 @@ REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
|
|
|
|
|
REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
|
|
|
|
|
WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1)
|
|
|
|
|
DNS_CACHE=$(config_t_get global dns_cache 1)
|
|
|
|
|
DNS_REDIRECT=$(config_t_get global dns_redirect 1)
|
|
|
|
|
|
|
|
|
|
RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
|
|
|
|
|
[ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
|
|
|
|
|
@ -1311,6 +1353,21 @@ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print
|
|
|
|
|
[ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',')
|
|
|
|
|
AUTO_DNS=${DEFAULT_DNS:-119.29.29.29}
|
|
|
|
|
|
|
|
|
|
DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
|
|
|
|
|
TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
|
|
|
|
|
DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
|
|
|
|
|
if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
|
|
|
|
|
DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
|
|
|
|
|
if [ -n "$DNSMASQ_CONF_DIR" ]; then
|
|
|
|
|
DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
|
|
|
|
|
TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
|
|
|
|
|
else
|
|
|
|
|
DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
|
|
|
|
|
GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH}
|
|
|
|
|
|
|
|
|
|
PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
|
|
|
|
|
|
|
|
|
|
XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray)
|
|
|
|
|
|
gitea-action