luci-app-passwall: sync upstream
This commit is contained in:
actions
parent
149bd66b4b
commit
c72707a190
@ -6,7 +6,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-passwall
|
||||
PKG_VERSION:=4.77-2
|
||||
PKG_VERSION:=4.77-3
|
||||
PKG_RELEASE:=
|
||||
|
||||
PKG_CONFIG_DEPENDS:= \
|
||||
|
||||
@ -362,33 +362,33 @@ if has_singbox or has_xray then
|
||||
end
|
||||
|
||||
if api.is_finded("chinadns-ng") then
|
||||
o = s:option(Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
|
||||
o = s:option(Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, recommend."))
|
||||
o.default = "0"
|
||||
o:depends({ use_gfw_list = true })
|
||||
o:depends({ chn_list = "direct" })
|
||||
o:depends({ dns_mode = "", ['!reverse'] = true })
|
||||
|
||||
o = s:option(ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "smart"
|
||||
o:value("smart", translate("Smart DNS"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("Forward to both remote and direct DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends("chinadns_ng", true)
|
||||
o:depends({chinadns_ng = true, chn_list = "direct"})
|
||||
end
|
||||
|
||||
o = s:option(ListValue, "use_default_dns", translate("Default DNS"))
|
||||
o.default = "direct"
|
||||
o:value("remote", translate("Remote DNS"))
|
||||
o:value("direct", translate("Direct DNS"))
|
||||
o.description = translate("The default DNS used when not in the domain name rules list.")
|
||||
.. "<ul>"
|
||||
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
local _depends = {tcp_proxy_mode = "proxy"}
|
||||
if api.is_finded("chinadns-ng") then
|
||||
_depends["chinadns_ng"] = false
|
||||
|
||||
@ -388,33 +388,33 @@ o:depends({dns_mode = "xray"})
|
||||
o.rmempty = false
|
||||
|
||||
if api.is_finded("chinadns-ng") then
|
||||
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
|
||||
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, recommend."))
|
||||
o.default = "0"
|
||||
o:depends({remote_fakedns = false, use_gfw_list = true})
|
||||
o:depends({remote_fakedns = false, chn_list = "direct"})
|
||||
o:depends({remote_fakedns = false})
|
||||
|
||||
o = s:taboption("DNS", ListValue, "chinadns_ng_default_tag", translate("ChinaDNS-NG Domain Default Tag"))
|
||||
o.default = "smart"
|
||||
o:value("smart", translate("Smart DNS"))
|
||||
o.default = "none"
|
||||
o:value("none", translate("Default"))
|
||||
o:value("gfw", translate("Remote DNS"))
|
||||
o:value("chn", translate("Direct DNS"))
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("Forward to both remote and direct DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result.") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o:depends("chinadns_ng", true)
|
||||
o:depends({chinadns_ng = true, chn_list = "direct"})
|
||||
end
|
||||
|
||||
o = s:taboption("DNS", ListValue, "use_default_dns", translate("Default DNS"))
|
||||
o.default = "direct"
|
||||
o:value("remote", translate("Remote DNS"))
|
||||
o:value("direct", translate("Direct DNS"))
|
||||
o.description = translate("The default DNS used when not in the domain name rules list.")
|
||||
.. "<ul>"
|
||||
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
o.description = "<ul>"
|
||||
.. "<li>" .. translate("When not matching any domain name list:") .. "</li>"
|
||||
.. "<li>" .. translate("Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
|
||||
.. "<li>" .. translate("Direct DNS: Internet experience may be better, but DNS will be leaked!") .. "</li>"
|
||||
.. "</ul>"
|
||||
local _depends = {tcp_proxy_mode = "proxy"}
|
||||
if api.is_finded("chinadns-ng") then
|
||||
_depends["chinadns_ng"] = false
|
||||
@ -482,10 +482,12 @@ o.cfgvalue = function(t, n)
|
||||
end
|
||||
|
||||
s:tab("log", translate("Log"))
|
||||
o = s:taboption("log", Flag, "close_log_tcp", translatef("%s Node Log Close", "TCP"))
|
||||
o = s:taboption("log", Flag, "log_tcp", translate("Enable") .. " " .. translatef("%s Node Log", "TCP"))
|
||||
o.default = "1"
|
||||
o.rmempty = false
|
||||
|
||||
o = s:taboption("log", Flag, "close_log_udp", translatef("%s Node Log Close", "UDP"))
|
||||
o = s:taboption("log", Flag, "log_udp", translate("Enable") .. " " .. translatef("%s Node Log", "UDP"))
|
||||
o.default = "1"
|
||||
o.rmempty = false
|
||||
|
||||
loglevel = s:taboption("log", ListValue, "loglevel", "Sing-Box/Xray " .. translate("Log Level"))
|
||||
|
||||
@ -157,29 +157,26 @@ msgstr "用于 DNS 查询时通知 DNS 服务器,客户端所在的地理位
|
||||
msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)."
|
||||
msgstr "此功能需要 DNS 服务器支持 EDNS Client Subnet(RFC7871)。"
|
||||
|
||||
msgid "The effect is better, but will increase the memory."
|
||||
msgstr "效果更好,但会增加内存使用。"
|
||||
msgid "The effect is better, recommend."
|
||||
msgstr "效果更好,推荐使用。"
|
||||
|
||||
msgid "Default DNS"
|
||||
msgstr "默认DNS"
|
||||
|
||||
msgid "The default DNS used when not in the domain name rules list."
|
||||
msgstr "当域名不在规则列表中时使用的默认DNS。"
|
||||
msgid "When not matching any domain name list:"
|
||||
msgstr "当不匹配任何域名列表时:"
|
||||
|
||||
msgid "Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!"
|
||||
msgstr "远程DNS可以避免更多的DNS泄露,但会导致规则列表外的某些国内域名可能会走代理!"
|
||||
msgid "Remote DNS: Can avoid more DNS leaks, but some domestic domain names maybe to proxy!"
|
||||
msgstr "远程DNS:可以避免更多的DNS泄露,但会导致规则列表外的某些国内域名可能会走代理!"
|
||||
|
||||
msgid "Direct DNS Internet experience may be better, but DNS will be leaked!"
|
||||
msgstr "直连DNS上网体验可能会更佳,但是会泄露DNS!"
|
||||
msgid "Direct DNS: Internet experience may be better, but DNS will be leaked!"
|
||||
msgstr "直连DNS:上网体验可能会更佳,但是会泄露DNS!"
|
||||
|
||||
msgid "ChinaDNS-NG Domain Default Tag"
|
||||
msgstr "ChinaDNS-NG 域名默认标签"
|
||||
|
||||
msgid "Smart DNS"
|
||||
msgstr "智能 DNS"
|
||||
|
||||
msgid "Forward to both remote and direct DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result"
|
||||
msgstr "同时转发给远程和直连DNS,如果直连DNS解析结果是大陆ip,则使用直连结果,否则使用远程结果"
|
||||
msgid "Default: Forward to both direct and remote DNS, if the direct DNS resolution result is a mainland China ip, then use the direct result, otherwise use the remote result."
|
||||
msgstr "默认:同时转发给直连和远程DNS,如果直连DNS解析结果是大陆ip,则使用直连结果,否则使用远程结果。"
|
||||
|
||||
msgid "Filter Proxy Host IPv6"
|
||||
msgstr "过滤代理域名 IPv6"
|
||||
|
||||
@ -10,7 +10,7 @@ config global
|
||||
option remote_dns '1.1.1.1'
|
||||
option use_default_dns 'direct'
|
||||
option chinadns_ng '1'
|
||||
option chinadns_ng_default_tag 'smart'
|
||||
option chinadns_ng_default_tag 'none'
|
||||
option use_direct_list '1'
|
||||
option use_proxy_list '1'
|
||||
option use_block_list '1'
|
||||
@ -21,8 +21,8 @@ config global
|
||||
option localhost_proxy '1'
|
||||
option client_proxy '1'
|
||||
option acl_enable '0'
|
||||
option close_log_tcp '0'
|
||||
option close_log_udp '0'
|
||||
option log_tcp '1'
|
||||
option log_udp '1'
|
||||
option loglevel 'error'
|
||||
option trojan_loglevel '4'
|
||||
|
||||
|
||||
@ -10,7 +10,7 @@ config global
|
||||
option remote_dns '1.1.1.1'
|
||||
option use_default_dns 'direct'
|
||||
option chinadns_ng '1'
|
||||
option chinadns_ng_default_tag 'smart'
|
||||
option chinadns_ng_default_tag 'none'
|
||||
option use_direct_list '1'
|
||||
option use_proxy_list '1'
|
||||
option use_block_list '1'
|
||||
@ -21,8 +21,8 @@ config global
|
||||
option localhost_proxy '1'
|
||||
option client_proxy '1'
|
||||
option acl_enable '0'
|
||||
option close_log_tcp '0'
|
||||
option close_log_udp '0'
|
||||
option log_tcp '1'
|
||||
option log_udp '1'
|
||||
option loglevel 'error'
|
||||
option trojan_loglevel '4'
|
||||
|
||||
|
||||
@ -483,7 +483,7 @@ run_dns2socks() {
|
||||
}
|
||||
|
||||
run_chinadns_ng() {
|
||||
local _flag _listen_port _dns_china _dns_trust _use_direct_list _use_proxy_list _chnlist _gfwlist _no_ipv6_dns
|
||||
local _flag _listen_port _dns_local _dns_trust _no_ipv6_trust _use_direct_list _use_proxy_list _gfwlist _chnlist _default_mode _default_tag
|
||||
eval_set_val $@
|
||||
|
||||
local _CONF_FILE=$TMP_ACL_PATH/$_flag/chinadns_ng.conf
|
||||
@ -494,7 +494,7 @@ run_chinadns_ng() {
|
||||
verbose
|
||||
bind-addr 127.0.0.1
|
||||
bind-port ${_listen_port}@udp
|
||||
china-dns ${_dns_china}
|
||||
china-dns ${_dns_local}
|
||||
trust-dns udp://${_dns_trust}
|
||||
filter-qtype 65
|
||||
EOF
|
||||
@ -509,10 +509,9 @@ run_chinadns_ng() {
|
||||
cat <<-EOF >> ${_CONF_FILE}
|
||||
group directlist
|
||||
group-dnl ${RULES_PATH}/direct_host
|
||||
group-upstream ${_dns_china}
|
||||
group-upstream ${_dns_local}
|
||||
group-ipset ${whitelist4_set},${whitelist6_set}
|
||||
EOF
|
||||
[ "${_no_ipv6_dns}" = "china" ] && echo "no-ipv6 tag:directlist" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
[ "${_use_proxy_list}" = "1" ] && [ -s "${RULES_PATH}/proxy_host" ] && {
|
||||
@ -528,18 +527,32 @@ run_chinadns_ng() {
|
||||
group-upstream udp://${_dns_trust}
|
||||
group-ipset ${blacklist4_set},${blacklist6_set}
|
||||
EOF
|
||||
[ "${_no_ipv6_dns}" = "trust" ] && echo "no-ipv6 tag:proxylist" >> ${_CONF_FILE}
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:proxylist" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
[ "${_gfwlist}" = "1" ] && [ -s "${RULES_PATH}/gfwlist" ] && {
|
||||
local gfwlist4_set="passwall_gfwlist"
|
||||
local gfwlist6_set="passwall_gfwlist6"
|
||||
[ "$nftflag" = "1" ] && {
|
||||
gfwlist4_set="inet@fw4@${gfwlist4_set}"
|
||||
gfwlist6_set="inet@fw4@${gfwlist6_set}"
|
||||
}
|
||||
cat <<-EOF >> ${_CONF_FILE}
|
||||
gfwlist-file ${RULES_PATH}/gfwlist
|
||||
add-taggfw-ip ${gfwlist4_set},${gfwlist6_set}
|
||||
EOF
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:gfw" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
[ "${_chnlist}" != "0" ] && [ -s "${RULES_PATH}/chnlist" ] && {
|
||||
local chnroute4_set="passwall_chnroute"
|
||||
local chnroute6_set="passwall_chnroute6"
|
||||
[ "$nftflag" = "1" ] && {
|
||||
chnroute4_set="inet@fw4@${chnroute4_set}"
|
||||
chnroute6_set="inet@fw4@${chnroute6_set}"
|
||||
}
|
||||
|
||||
local _default_tag=$(config_t_get global chinadns_ng_default_tag smart)
|
||||
[ "${_chnlist}" = "direct" ] && {
|
||||
[ -s "${RULES_PATH}/chnlist" ] && {
|
||||
local chnroute4_set="passwall_chnroute"
|
||||
local chnroute6_set="passwall_chnroute6"
|
||||
[ "$nftflag" = "1" ] && {
|
||||
chnroute4_set="inet@fw4@${chnroute4_set}"
|
||||
chnroute6_set="inet@fw4@${chnroute6_set}"
|
||||
}
|
||||
[ "${_chnlist}" = "direct" ] && {
|
||||
cat <<-EOF >> ${_CONF_FILE}
|
||||
chnlist-file ${RULES_PATH}/chnlist
|
||||
ipset-name4 ${chnroute4_set}
|
||||
@ -547,28 +560,32 @@ run_chinadns_ng() {
|
||||
add-tagchn-ip
|
||||
chnlist-first
|
||||
EOF
|
||||
[ "${_no_ipv6_dns}" = "china" ] && echo "no-ipv6 tag:chn" >> ${_CONF_FILE}
|
||||
}
|
||||
}
|
||||
[ "${_gfwlist}" = "1" ] && {
|
||||
[ -s "${RULES_PATH}/gfwlist" ] && {
|
||||
local gfwlist4_set="passwall_gfwlist"
|
||||
local gfwlist6_set="passwall_gfwlist6"
|
||||
[ "$nftflag" = "1" ] && {
|
||||
gfwlist4_set="inet@fw4@${gfwlist4_set}"
|
||||
gfwlist6_set="inet@fw4@${gfwlist6_set}"
|
||||
}
|
||||
cat <<-EOF >> ${_CONF_FILE}
|
||||
gfwlist-file ${RULES_PATH}/gfwlist
|
||||
add-taggfw-ip ${gfwlist4_set},${gfwlist6_set}
|
||||
EOF
|
||||
[ "${_no_ipv6_dns}" = "trust" ] && echo "no-ipv6 tag:gfw" >> ${_CONF_FILE}
|
||||
#当只有使用gfwlist模式时设置默认DNS为本地直连
|
||||
[ "${_chnlist}" = "0" ] && _default_tag="chn"
|
||||
}
|
||||
}
|
||||
|
||||
[ -n "$_default_tag" ] && [ "$_default_tag" != "smart" ] && echo "default-tag ${_default_tag}" >> ${_CONF_FILE}
|
||||
#回中国模式
|
||||
[ "${_chnlist}" = "proxy" ] && {
|
||||
cat <<-EOF >> ${_CONF_FILE}
|
||||
group chn_proxy
|
||||
group-dnl ${RULES_PATH}/chnlist
|
||||
group-upstream udp://${_dns_trust}
|
||||
group-ipset ${chnroute4_set},${chnroute6_set}
|
||||
EOF
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6 tag:chn_proxy" >> ${_CONF_FILE}
|
||||
}
|
||||
}
|
||||
|
||||
#只使用gfwlist模式,GFW列表以外的域名及默认使用本地DNS
|
||||
[ "${_gfwlist}" = "1" ] && [ "${_chnlist}" = "0" ] && _default_tag="chn"
|
||||
#回中国模式,中国列表以外的域名及默认使用本地DNS
|
||||
[ "${_chnlist}" = "proxy" ] && _default_tag="chn"
|
||||
#全局模式,默认使用远程DNS
|
||||
[ "${_default_mode}" = "proxy" ] && [ "${_chnlist}" = "0" ] && [ "${_gfwlist}" = "0" ] && {
|
||||
_default_tag="gfw"
|
||||
[ "${_no_ipv6_trust}" = "1" ] && echo "no-ipv6" >> ${_CONF_FILE}
|
||||
}
|
||||
|
||||
([ -z "${_default_tag}" ] || [ "${_default_tag}" = "smart" ]) && _default_tag="none"
|
||||
echo "default-tag ${_default_tag}" >> ${_CONF_FILE}
|
||||
|
||||
ln_run "$(first_type chinadns-ng)" chinadns-ng "${_LOG_FILE}" -C ${_CONF_FILE}
|
||||
}
|
||||
@ -734,8 +751,8 @@ run_redir() {
|
||||
local proto=$(echo $proto | tr 'A-Z' 'a-z')
|
||||
local PROTO=$(echo $proto | tr 'a-z' 'A-Z')
|
||||
local type=$(echo $(config_n_get $node type) | tr 'A-Z' 'a-z')
|
||||
local close_log=$(config_t_get global close_log_${proto} 1)
|
||||
[ "$close_log" = "1" ] && log_file="/dev/null"
|
||||
local enable_log=$(config_t_get global log_${proto} 1)
|
||||
[ "$enable_log" != "1" ] && log_file="/dev/null"
|
||||
local remarks=$(config_n_get $node remarks)
|
||||
local server_host=$(config_n_get $node address)
|
||||
local port=$(config_n_get $node port)
|
||||
@ -1303,25 +1320,25 @@ start_dns() {
|
||||
[ "${use_tcp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 TCP 查询,如非直连地址,确保 TCP 代理打开,并且已经正确转发!"
|
||||
[ "${use_udp_node_resolve_dns}" = "1" ] && echolog " * 要求代理 DNS 请求,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!"
|
||||
|
||||
[ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && ([ "${CHN_LIST}" = "direct" ] || [ "${USE_GFW_LIST}" = "1" ]) && {
|
||||
[ "$FILTER_PROXY_IPV6" = "1" ] && {
|
||||
local _no_ipv6_dns="trust"
|
||||
DNSMASQ_FILTER_PROXY_IPV6=0
|
||||
}
|
||||
[ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0
|
||||
local china_ng_listen_port=$(expr $dns_listen_port + 1)
|
||||
local china_ng_listen="127.0.0.1#${china_ng_listen_port}"
|
||||
|
||||
run_chinadns_ng \
|
||||
_flag="default" \
|
||||
_listen_port=${china_ng_listen_port} \
|
||||
_dns_china=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
|
||||
_dns_trust="${TUN_DNS}" \
|
||||
_use_direct_list="${USE_DIRECT_LIST}" \
|
||||
_use_proxy_list="${USE_PROXY_LIST}" \
|
||||
_chnlist="${CHN_LIST}" \
|
||||
_gfwlist="${USE_GFW_LIST}" \
|
||||
_no_ipv6_dns="${_no_ipv6_dns}"
|
||||
|
||||
echolog " - ChinaDNS-NG(127.0.0.1#${china_ng_listen_port}):国内DNS:$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ","),可信DNS:${TUN_DNS}"
|
||||
_dns_local=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
|
||||
_dns_trust=${TUN_DNS} \
|
||||
_no_ipv6_trust=${FILTER_PROXY_IPV6} \
|
||||
_use_direct_list=${USE_DIRECT_LIST} \
|
||||
_use_proxy_list=${USE_PROXY_LIST} \
|
||||
_gfwlist=${USE_GFW_LIST} \
|
||||
_chnlist=${CHN_LIST} \
|
||||
_default_mode=${TCP_PROXY_MODE} \
|
||||
_default_tag=$(config_t_get global chinadns_ng_default_tag smart)
|
||||
|
||||
echolog " - ChinaDNS-NG(127.0.0.1#${china_ng_listen_port}):直连DNS:$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ","),可信DNS:${TUN_DNS}"
|
||||
|
||||
USE_DEFAULT_DNS="chinadns_ng"
|
||||
}
|
||||
@ -1335,7 +1352,7 @@ start_dns() {
|
||||
-DNSMASQ_CONF_FILE "/tmp/dnsmasq.d/dnsmasq-passwall.conf" -DEFAULT_DNS ${DEFAULT_DNS} -LOCAL_DNS ${LOCAL_DNS} \
|
||||
-TUN_DNS ${TUN_DNS} -REMOTE_FAKEDNS ${fakedns:-0} -USE_DEFAULT_DNS "${USE_DEFAULT_DNS:-direct}" -CHINADNS_DNS ${china_ng_listen:-0} \
|
||||
-USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \
|
||||
-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE "${TCP_PROXY_MODE}" -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
|
||||
-TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \
|
||||
-NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
|
||||
}
|
||||
|
||||
@ -1471,24 +1488,23 @@ acl_app() {
|
||||
eval node_${tcp_node}_$(echo -n "${remote_dns}" | md5sum | cut -d " " -f1)=${_dns_port}
|
||||
}
|
||||
|
||||
[ "$chinadns_ng" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && ([ "${chn_list}" = "direct" ] || [ "${use_gfw_list}" = "1" ]) && {
|
||||
[ "$filter_proxy_ipv6" = "1" ] && {
|
||||
local _no_ipv6_dns="trust"
|
||||
dnsmasq_filter_proxy_ipv6=0
|
||||
}
|
||||
[ "$chinadns_ng" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && {
|
||||
[ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0
|
||||
chinadns_port=$(expr $chinadns_port + 1)
|
||||
_china_ng_listen="127.0.0.1#${chinadns_port}"
|
||||
|
||||
run_chinadns_ng \
|
||||
_flag="$sid" \
|
||||
_listen_port=${chinadns_port} \
|
||||
_dns_china=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
|
||||
_dns_trust="127.0.0.1#${_dns_port}" \
|
||||
_use_direct_list="${use_direct_list}" \
|
||||
_use_proxy_list="${use_proxy_list}" \
|
||||
_chnlist=${chn_list} \
|
||||
_dns_local=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
|
||||
_dns_trust=127.0.0.1#${_dns_port} \
|
||||
_no_ipv6_trust=${filter_proxy_ipv6} \
|
||||
_use_direct_list=${use_direct_list} \
|
||||
_use_proxy_list=${use_proxy_list} \
|
||||
_gfwlist=${use_gfw_list} \
|
||||
_no_ipv6_dns="${_no_ipv6_dns}"
|
||||
_chnlist=${chn_list} \
|
||||
_default_mode=${tcp_proxy_mode} \
|
||||
_default_tag=${chinadns_ng_default_tag:-smart}
|
||||
|
||||
use_default_dns="chinadns_ng"
|
||||
}
|
||||
@ -1628,7 +1644,7 @@ acl_app() {
|
||||
[ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port
|
||||
unset enabled sid remarks sources use_global_config tcp_node udp_node use_direct_list use_proxy_list use_block_list use_gfw_list chn_list tcp_proxy_mode udp_proxy_mode filter_proxy_ipv6 dns_mode remote_dns v2ray_dns_mode remote_dns_doh dns_client_ip
|
||||
unset _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port config_file _extra_param
|
||||
unset _china_ng_listen _china_ng_chn _china_ng_gfw _gfwlist_file _chnlist_file _china_ng_log_file _no_ipv6_dns _china_ng_extra_param dnsmasq_filter_proxy_ipv6
|
||||
unset _china_ng_listen chinadns_ng_default_tag dnsmasq_filter_proxy_ipv6
|
||||
unset redirect_dns_port
|
||||
done
|
||||
unset socks_port redir_port dns_port dnsmasq_port chinadns_port
|
||||
|
||||
@ -162,8 +162,6 @@ if cache_text ~= new_text then
|
||||
api.remove(CACHE_DNS_PATH .. "*")
|
||||
end
|
||||
|
||||
local only_global
|
||||
|
||||
local dnsmasq_default_dns
|
||||
if USE_DEFAULT_DNS ~= "nil" then
|
||||
if USE_DEFAULT_DNS == "direct" then
|
||||
@ -175,16 +173,17 @@ if USE_DEFAULT_DNS ~= "nil" then
|
||||
if USE_DEFAULT_DNS == "remote" and CHN_LIST == "direct" then
|
||||
dnsmasq_default_dns = TUN_DNS
|
||||
end
|
||||
if USE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" and (CHN_LIST == "direct" or USE_GFW_LIST == "1") then
|
||||
dnsmasq_default_dns = CHINADNS_DNS
|
||||
end
|
||||
end
|
||||
|
||||
local only_global
|
||||
if DEFAULT_PROXY_MODE == "proxy" and CHN_LIST == "0" and USE_GFW_LIST == "0" then
|
||||
--没有启用中国列表和GFW列表时
|
||||
dnsmasq_default_dns = TUN_DNS
|
||||
only_global = 1
|
||||
end
|
||||
if USE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
|
||||
dnsmasq_default_dns = CHINADNS_DNS
|
||||
end
|
||||
|
||||
local setflag_4= (NFTFLAG == "1") and "4#inet#fw4#" or ""
|
||||
local setflag_6= (NFTFLAG == "1") and "6#inet#fw4#" or ""
|
||||
@ -304,15 +303,16 @@ if not fs.access(CACHE_DNS_PATH) then
|
||||
--中国列表
|
||||
if CHN_LIST ~= "0" then
|
||||
if fs.access("/usr/share/passwall/rules/chnlist") then
|
||||
fwd_dns = LOCAL_DNS
|
||||
fwd_dns = nil
|
||||
if CHN_LIST == "direct" then
|
||||
if USE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
|
||||
fwd_dns = nil
|
||||
end
|
||||
fwd_dns = LOCAL_DNS
|
||||
end
|
||||
if CHN_LIST == "proxy" then
|
||||
fwd_dns = TUN_DNS
|
||||
end
|
||||
if USE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
|
||||
fwd_dns = nil
|
||||
end
|
||||
if fwd_dns then
|
||||
local ipset_flag = setflag_4 .. "passwall_chnroute," .. setflag_6 .. "passwall_chnroute6"
|
||||
if CHN_LIST == "proxy" then
|
||||
|
||||
Loading…
Reference in New Issue
Block a user