From c2010b482d77eeaf31bf7f892c499126fa2a7524 Mon Sep 17 00:00:00 2001
From: xiaorouji <60100640+xiaorouji@users.noreply.github.com>
Date: Thu, 10 Aug 2023 18:06:45 +0800
Subject: [PATCH] luci: shunt mode add iface support
---
luci-app-passwall/Makefile | 2 +-
.../model/cbi/passwall/client/global.lua | 10 ++++++++++
.../model/cbi/passwall/client/node_config.lua | 16 ++++++++++++++++
luci-app-passwall/luasrc/passwall/api.lua | 4 ++--
.../luasrc/passwall/util_xray.lua | 17 +++++++++++++++++
luci-app-passwall/po/zh-cn/passwall.po | 19 ++++++++-----------
.../root/usr/share/passwall/app.sh | 7 ++-----
.../root/usr/share/passwall/iptables.sh | 2 +-
.../root/usr/share/passwall/nftables.sh | 2 +-
9 files changed, 58 insertions(+), 21 deletions(-)
diff --git a/luci-app-passwall/Makefile b/luci-app-passwall/Makefile
index c98bb770a..335e6282c 100644
--- a/luci-app-passwall/Makefile
+++ b/luci-app-passwall/Makefile
@@ -6,7 +6,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
-PKG_VERSION:=4.67-1
+PKG_VERSION:=4.67-2
PKG_RELEASE:=
PKG_CONFIG_DEPENDS:= \
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
index a59d7ba52..02e6ac075 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@@ -131,6 +131,7 @@ if (has_v2ray or has_xray) and #nodes_table > 0 then
local normal_list = {}
local balancing_list = {}
local shunt_list = {}
+ local iface_list = {}
for k, v in pairs(nodes_table) do
if v.node_type == "normal" then
normal_list[#normal_list + 1] = v
@@ -141,6 +142,9 @@ if (has_v2ray or has_xray) and #nodes_table > 0 then
if v.protocol and v.protocol == "_shunt" then
shunt_list[#shunt_list + 1] = v
end
+ if v.protocol and v.protocol == "_iface" then
+ iface_list[#iface_list + 1] = v
+ end
end
local function get_cfgvalue(shunt_node_id, option)
@@ -216,6 +220,9 @@ if (has_v2ray or has_xray) and #nodes_table > 0 then
for k1, v1 in pairs(balancing_list) do
o:value(v1.id, v1.remark)
end
+ for k1, v1 in pairs(iface_list) do
+ o:value(v1.id, v1.remark)
+ end
for k1, v1 in pairs(normal_list) do
o:value(v1.id, v1.remark)
pt:depends({ [node_option] = v1.id, [vid .. "-preproxy_enabled"] = "1" })
@@ -233,6 +240,9 @@ if (has_v2ray or has_xray) and #nodes_table > 0 then
for k1, v1 in pairs(balancing_list) do
o:value(v1.id, v1.remark)
end
+ for k1, v1 in pairs(iface_list) do
+ o:value(v1.id, v1.remark)
+ end
for k1, v1 in pairs(normal_list) do
o:value(v1.id, v1.remark)
end
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
index 51a2b9d5f..508a362da 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
@@ -137,6 +137,7 @@ iface:depends("protocol", "_iface")
local nodes_table = {}
local balancers_table = {}
+local iface_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
if e.node_type == "normal" then
nodes_table[#nodes_table + 1] = {
@@ -150,6 +151,12 @@ for k, e in ipairs(api.get_valid_nodes()) do
remarks = e["remark"]
}
end
+ if e.protocol == "_iface" then
+ iface_table[#iface_table + 1] = {
+ id = e[".name"],
+ remarks = e["remark"]
+ }
+ end
end
-- 负载均衡列表
@@ -184,6 +191,9 @@ if #nodes_table > 0 then
for k, v in pairs(balancers_table) do
o:value(v.id, v.remarks)
end
+ for k, v in pairs(iface_table) do
+ o:value(v.id, v.remarks)
+ end
for k, v in pairs(nodes_table) do
o:value(v.id, v.remarks)
end
@@ -202,6 +212,9 @@ uci:foreach(appname, "shunt_rules", function(e)
for k, v in pairs(balancers_table) do
o:value(v.id, v.remarks)
end
+ for k, v in pairs(iface_table) do
+ o:value(v.id, v.remarks)
+ end
local pt = s:option(ListValue, e[".name"] .. "_proxy_tag", string.format('* %s', e.remarks .. " " .. translate("Preproxy")))
pt:value("nil", translate("Close"))
pt:value("main", translate("Preproxy Node"))
@@ -230,6 +243,9 @@ if #nodes_table > 0 then
for k, v in pairs(balancers_table) do
default_node:value(v.id, v.remarks)
end
+ for k, v in pairs(iface_table) do
+ default_node:value(v.id, v.remarks)
+ end
local dpt = s:option(ListValue, "default_proxy_tag", string.format('* %s', translate("Default Preproxy")), translate("When using, localhost will connect this node first and then use this node to connect the default node."))
dpt:value("nil", translate("Close"))
dpt:value("main", translate("Preproxy Node"))
diff --git a/luci-app-passwall/luasrc/passwall/api.lua b/luci-app-passwall/luasrc/passwall/api.lua
index 604816526..b8d2af117 100644
--- a/luci-app-passwall/luasrc/passwall/api.lua
+++ b/luci-app-passwall/luasrc/passwall/api.lua
@@ -290,7 +290,7 @@ function get_valid_nodes()
e.id = e[".name"]
if e.type and e.remarks then
if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
- e["remark"] = "%s:[%s] " % {i18n.translatef(e.type .. e.protocol), e.remarks}
+ e["remark"] = "%s:[%s] " % {e.type .. " " .. i18n.translatef(e.protocol), e.remarks}
e["node_type"] = "special"
nodes[#nodes + 1] = e
end
@@ -327,7 +327,7 @@ function get_node_remarks(n)
local remarks = ""
if n then
if n.protocol and (n.protocol == "_balancing" or n.protocol == "_shunt" or n.protocol == "_iface") then
- remarks = "%s:[%s] " % {i18n.translatef(n.type .. n.protocol), n.remarks}
+ remarks = "%s:[%s] " % {n.type .. " " .. i18n.translatef(n.protocol), n.remarks}
else
local type2 = n.type
if (n.type == "V2ray" or n.type == "Xray") and n.protocol then
diff --git a/luci-app-passwall/luasrc/passwall/util_xray.lua b/luci-app-passwall/luasrc/passwall/util_xray.lua
index 862da58b6..37aef62b0 100644
--- a/luci-app-passwall/luasrc/passwall/util_xray.lua
+++ b/luci-app-passwall/luasrc/passwall/util_xray.lua
@@ -385,6 +385,7 @@ function gen_config_server(node)
}
}
}
+ sys.call("mkdir -p /tmp/etc/passwall/iface && touch /tmp/etc/passwall/iface/" .. node.outbound_node_iface)
else
local outbound_node_t = uci:get_all("passwall", node.outbound_node)
if node.outbound_node == "_socks" or node.outbound_node == "_http" then
@@ -819,6 +820,21 @@ function gen_config(var)
rule_balancerTag = balancer.tag
end
end
+ elseif _node.protocol == "_iface" then
+ if _node.iface then
+ local _outbound = {
+ protocol = "freedom",
+ tag = rule_name,
+ streamSettings = {
+ sockopt = {
+ interface = _node.iface
+ }
+ }
+ }
+ table.insert(outbounds, _outbound)
+ rule_outboundTag = rule_name
+ sys.call("touch /tmp/etc/passwall/iface/" .. _node.iface)
+ end
end
end
return rule_outboundTag, rule_balancerTag
@@ -916,6 +932,7 @@ function gen_config(var)
}
}
}
+ sys.call("touch /tmp/etc/passwall/iface/" .. node.iface)
end
else
outbound = gen_outbound(flag, node)
diff --git a/luci-app-passwall/po/zh-cn/passwall.po b/luci-app-passwall/po/zh-cn/passwall.po
index c70aa1153..1f20ff3aa 100644
--- a/luci-app-passwall/po/zh-cn/passwall.po
+++ b/luci-app-passwall/po/zh-cn/passwall.po
@@ -340,14 +340,17 @@ msgstr "添加方式"
msgid "Type"
msgstr "类型"
-msgid "Balancing"
+msgid "_balancing"
msgstr "负载均衡"
-msgid "Xray_balancing"
-msgstr "Xray 负载均衡"
+msgid "_shunt"
+msgstr "分流"
-msgid "V2ray_balancing"
-msgstr "V2ray 负载均衡"
+msgid "_iface"
+msgstr "接口"
+
+msgid "Balancing"
+msgstr "负载均衡"
msgid "Balancing Strategy"
msgstr "负载均衡策略"
@@ -373,12 +376,6 @@ msgstr "发起探测的间隔。每经过这个时间,就会对一个服务器
msgid "Shunt"
msgstr "分流"
-msgid "Xray_shunt"
-msgstr "Xray 分流"
-
-msgid "V2ray_shunt"
-msgstr "V2ray 分流"
-
msgid "Preproxy"
msgstr "前置代理"
diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh
index 45a4f4f8c..5fc14780e 100755
--- a/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -13,6 +13,7 @@ TMP_ID_PATH=$TMP_PATH/id
TMP_PORT_PATH=$TMP_PATH/port
TMP_ROUTE_PATH=$TMP_PATH/route
TMP_ACL_PATH=$TMP_PATH/acl
+TMP_IFACE_PATH=$TMP_PATH/iface
TMP_PATH2=/tmp/etc/${CONFIG}_tmp
DNSMASQ_PATH=/etc/dnsmasq.d
TMP_DNSMASQ_PATH=/tmp/dnsmasq.d/passwall
@@ -396,10 +397,6 @@ run_v2ray() {
_extra_param="${_extra_param} -loglevel $loglevel"
lua $UTIL_XRAY gen_config ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app ${type}_file) ${type})" ${type} $log_file run -c "$config_file"
- local protocol=$(config_n_get $node protocol)
- [ "$protocol" == "_iface" ] && {
- IFACES="$IFACES $(config_n_get $node iface)"
- }
}
run_dns2socks() {
@@ -1682,7 +1679,7 @@ DNS_QUERY_STRATEGY="UseIPv4"
export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
-mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ID_PATH $TMP_PORT_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ID_PATH $TMP_PORT_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_IFACE_PATH $TMP_PATH2
arg1=$1
shift
diff --git a/luci-app-passwall/root/usr/share/passwall/iptables.sh b/luci-app-passwall/root/usr/share/passwall/iptables.sh
index 61a92b259..48fa8679a 100755
--- a/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/iptables.sh
@@ -1061,7 +1061,7 @@ add_firewall_rule() {
# 加载ACLS
load_acl
- for iface in $IFACES; do
+ for iface in $(ls ${TMP_IFACE_PATH}); do
$ipt_n -I PSW_OUTPUT -o $iface -j RETURN
$ipt_m -I PSW_OUTPUT -o $iface -j RETURN
done
diff --git a/luci-app-passwall/root/usr/share/passwall/nftables.sh b/luci-app-passwall/root/usr/share/passwall/nftables.sh
index e963b733e..3fe68c576 100755
--- a/luci-app-passwall/root/usr/share/passwall/nftables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/nftables.sh
@@ -1082,7 +1082,7 @@ add_firewall_rule() {
# 加载ACLS
load_acl
- for iface in $IFACES; do
+ for iface in $(ls ${TMP_IFACE_PATH}); do
nft "insert rule inet fw4 $nft_output_chain oif $iface counter return"
nft "insert rule inet fw4 PSW_OUTPUT_MANGLE_V6 oif $iface counter return"
done