From cd1765ab17b8eb0950ae89e37d2f782d527992f3 Mon Sep 17 00:00:00 2001 From: sbwml Date: Tue, 3 Sep 2024 23:00:10 +0800 Subject: [PATCH] luci-app-passwall: sync upstream last commit: https://github.com/xiaorouji/openwrt-passwall/commit/bb333cbe1e1ddb56df80fa61d11638fb97a6ad0c --- .../model/cbi/passwall/client/global.lua | 52 +++++++++++++------ luci-app-passwall/po/zh-cn/passwall.po | 6 +++ .../root/usr/share/passwall/app.sh | 36 ++++++++++++- patch-luci-app-passwall.patch | 6 +-- 4 files changed, 80 insertions(+), 20 deletions(-) diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua index fe5fa30db..070ed38e3 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua @@ -7,6 +7,7 @@ local has_xray = api.finded_com("xray") local has_gfwlist = api.fs.access("/usr/share/passwall/rules/gfwlist") local has_chnlist = api.fs.access("/usr/share/passwall/rules/chnlist") local has_chnroute = api.fs.access("/usr/share/passwall/rules/chnroute") +local chinadns_tls = os.execute("chinadns-ng -V | grep -i wolfssl >/dev/null") m = Map(appname) @@ -63,8 +64,8 @@ uci:foreach(appname, "socks", function(s) end) local doh_validate = function(self, value, t) + value = value:gsub("%s+", "") if value ~= "" then - value = api.trim(value) local flag = 0 local util = require "luci.util" local val = util.split(value, ",") @@ -103,8 +104,8 @@ local chinadns_dot_validate = function(self, value, t) end return true end + value = value:gsub("%s+", "") if value ~= "" then - value = api.trim(value) if isValidDoTString(value) then return value end @@ -298,7 +299,7 @@ o.default = "" o:value("", translate("Auto")) o:value("udp", translatef("Requery DNS By %s", "UDP")) o:value("tcp", translatef("Requery DNS By %s", "TCP")) -if os.execute("chinadns-ng -V | grep -i wolfssl >/dev/null") == 0 then +if chinadns_tls == 0 then o:value("dot", translatef("Requery DNS By %s", "DoT")) end --TO DO @@ -326,7 +327,7 @@ o:value("180.184.1.1") o:value("180.184.2.2") o:depends("direct_dns_mode", "tcp") -o = s:taboption("DNS", Value, "direct_dns_dot", translate("Direct DNS")) +o = s:taboption("DNS", Value, "direct_dns_dot", translate("Direct DNS DoT")) o.default = "tls://dot.pub@1.12.12.12" o:value("tls://dot.pub@1.12.12.12") o:value("tls://dot.pub@120.53.53.53") @@ -344,6 +345,9 @@ o.default = "0" dns_mode = s:taboption("DNS", ListValue, "dns_mode", translate("Filter Mode")) dns_mode:value("udp", translatef("Requery DNS By %s", "UDP")) dns_mode:value("tcp", translatef("Requery DNS By %s", "TCP")) +if chinadns_tls == 0 then + dns_mode:value("dot", translatef("Requery DNS By %s", "DoT")) +end if api.is_finded("dns2socks") then dns_mode:value("dns2socks", "dns2socks") end @@ -399,8 +403,8 @@ o:value("1.1.1.1", "1.1.1.1 (CloudFlare)") o:value("1.1.1.2", "1.1.1.2 (CloudFlare-Security)") o:value("8.8.4.4", "8.8.4.4 (Google)") o:value("8.8.8.8", "8.8.8.8 (Google)") -o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)") -o:value("149.112.112.112", "149.112.112.112 (Quad9-Recommended)") +o:value("9.9.9.9", "9.9.9.9 (Quad9)") +o:value("149.112.112.112", "149.112.112.112 (Quad9)") o:value("208.67.220.220", "208.67.220.220 (OpenDNS)") o:value("208.67.222.222", "208.67.222.222 (OpenDNS)") if nixio.fs.access("/usr/share/mosdns/mosdns.sh") then @@ -416,19 +420,35 @@ o:depends({xray_dns_mode = "tcp"}) o:depends({xray_dns_mode = "tcp+doh"}) o:depends({singbox_dns_mode = "tcp"}) +---- DoT +o = s:taboption("DNS", Value, "remote_dns_dot", translate("Remote DNS DoT")) +o.default = "tls://dns.google@8.8.4.4" +o:value("tls://1dot1dot1dot1.cloudflare-dns.com@1.0.0.1", "1.0.0.1 (CloudFlare)") +o:value("tls://1dot1dot1dot1.cloudflare-dns.com@1.1.1.1", "1.1.1.1 (CloudFlare)") +o:value("tls://dns.google@8.8.4.4", "8.8.4.4 (Google)") +o:value("tls://dns.google@8.8.8.8", "8.8.8.8 (Google)") +o:value("tls://dns.quad9.net@9.9.9.9", "9.9.9.9 (Quad9)") +o:value("tls://dns.quad9.net@149.112.112.112", "149.112.112.112 (Quad9)") +o:value("tls://dns.adguard.com@94.140.14.14", "94.140.14.14 (AdGuard)") +o:value("tls://dns.adguard.com@94.140.15.15", "94.140.15.15 (AdGuard)") +o:value("tls://dns.opendns.com@208.67.222.222", "208.67.222.222 (OpenDNS)") +o:value("tls://dns.opendns.com@208.67.220.220", "208.67.220.220 (OpenDNS)") +o.validate = chinadns_dot_validate +o:depends("dns_mode", "dot") + ---- DoH o = s:taboption("DNS", Value, "remote_dns_doh", translate("Remote DNS DoH")) o.default = "https://1.1.1.1/dns-query" -o:value("https://1.1.1.1/dns-query", "CloudFlare") -o:value("https://1.1.1.2/dns-query", "CloudFlare-Security") -o:value("https://8.8.4.4/dns-query", "Google 8844") -o:value("https://8.8.8.8/dns-query", "Google 8888") -o:value("https://9.9.9.9/dns-query", "Quad9-Recommended 9.9.9.9") -o:value("https://149.112.112.112/dns-query", "Quad9-Recommended 149.112.112.112") -o:value("https://208.67.222.222/dns-query", "OpenDNS") -o:value("https://dns.adguard.com/dns-query,176.103.130.130", "AdGuard") -o:value("https://doh.libredns.gr/dns-query,116.202.176.26", "LibreDNS") -o:value("https://doh.libredns.gr/ads,116.202.176.26", "LibreDNS (No Ads)") +o:value("https://1.1.1.1/dns-query", "1.1.1.1 (CloudFlare)") +o:value("https://1.1.1.2/dns-query", "1.1.1.2 (CloudFlare-Security)") +o:value("https://8.8.4.4/dns-query", "8.8.4.4 (Google)") +o:value("https://8.8.8.8/dns-query", "8.8.8.8 (Google)") +o:value("https://9.9.9.9/dns-query", "9.9.9.9 (Quad9)") +o:value("https://149.112.112.112/dns-query", "149.112.112.112 (Quad9)") +o:value("https://208.67.222.222/dns-query", "208.67.222.222 (OpenDNS)") +o:value("https://dns.adguard.com/dns-query,94.140.14.14", "94.140.14.14 (AdGuard)") +o:value("https://doh.libredns.gr/dns-query,116.202.176.26", "116.202.176.26 (LibreDNS)") +o:value("https://doh.libredns.gr/ads,116.202.176.26", "116.202.176.26 (LibreDNS-NoAds)") o.validate = doh_validate o:depends({xray_dns_mode = "tcp+doh"}) o:depends({singbox_dns_mode = "doh"}) diff --git a/luci-app-passwall/po/zh-cn/passwall.po b/luci-app-passwall/po/zh-cn/passwall.po index 962ad13b6..82f632561 100644 --- a/luci-app-passwall/po/zh-cn/passwall.po +++ b/luci-app-passwall/po/zh-cn/passwall.po @@ -124,6 +124,9 @@ msgstr "TCP 节点必须是 '%s' 类型才能使用 FakeDNS。" msgid "Direct DNS" msgstr "直连 DNS" +msgid "Direct DNS DoT" +msgstr "直连 DNS DoT" + msgid "Remote DNS" msgstr "远程 DNS" @@ -154,6 +157,9 @@ msgstr "请求协议" msgid "Remote DNS DoH" msgstr "远程 DNS DoH" +msgid "Remote DNS DoT" +msgstr "远程 DNS DoT" + msgid "Notify the DNS server when the DNS query is notified, the location of the client (cannot be a private IP address)." msgstr "用于 DNS 查询时通知 DNS 服务器,客户端所在的地理位置(不能是私有 IP 地址)。" diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh index 8a18ffabb..a1cc5bcb9 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1370,6 +1370,7 @@ stop_crontab() { start_dns() { echolog "DNS域名解析:" + local chinadns_tls=$(chinadns-ng -V | grep -i wolfssl) local china_ng_local_dns=$(IFS=','; set -- $LOCAL_DNS; [ "${1%%[#:]*}" = "127.0.0.1" ] && echo "$1" || ([ -n "$2" ] && echo "$1,$2" || echo "$1")) local sing_box_local_dns= local direct_dns_mode=$(config_t_get global direct_dns_mode "auto") @@ -1392,7 +1393,7 @@ start_dns() { echolog " * 请确保上游直连 DNS 支持 TCP 查询。" ;; dot) - if [ "$(chinadns-ng -V | grep -i wolfssl)" != "nil" ]; then + if [ "$chinadns_tls" != "nil" ]; then LOCAL_DNS="127.0.0.1#${dns_listen_port}" local cdns_listen_port=${dns_listen_port} dns_listen_port=$(expr $dns_listen_port + 1) @@ -1489,6 +1490,39 @@ start_dns() { run_xray ${_args} } ;; + dot) + use_tcp_node_resolve_dns=1 + if [ "$chinadns_tls" != "nil" ]; then + if [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ]; then + local china_ng_listen_port=${dns_listen_port} + local china_ng_trust_dns=$(config_t_get global remote_dns_dot "tls://dns.google@8.8.4.4") + local tmp_dot_ip=$(echo "$china_ng_trust_dns" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p') + local tmp_dot_port=$(echo "$china_ng_trust_dns" | sed -n 's/.*#\([0-9]\+\).*/\1/p') + REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}" + else + local china_ng_listen_port=${dns_listen_port} + local china_ng_trust_dns=$(config_t_get global remote_dns_dot "tls://dns.google@8.8.4.4") + ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${china_ng_listen_port} -t ${china_ng_trust_dns} -d gfw + echolog " - ChinaDNS-NG(${TUN_DNS}) -> ${china_ng_trust_dns}" + + local tmp_dot_ip=$(echo "$china_ng_trust_dns" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p') + local tmp_dot_port=$(echo "$china_ng_trust_dns" | sed -n 's/.*#\([0-9]\+\).*/\1/p') + REMOTE_DNS="$tmp_dot_ip#${tmp_dot_port:-853}" + fi + else + echolog " - 你的ChinaDNS-NG版本不支持DoT,远程DNS将默认使用tcp://1.1.1.1" + + if [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ]; then + local china_ng_listen_port=${dns_listen_port} + local china_ng_trust_dns="tcp://1.1.1.1" + REMOTE_DNS="1.1.1.1" + else + REMOTE_DNS="1.1.1.1" + ln_run "$(first_type dns2tcp)" dns2tcp "/dev/null" -L "${TUN_DNS}" -R "$(get_first_dns REMOTE_DNS 53)" -v + echolog " - dns2tcp(${TUN_DNS}) -> tcp://$(get_first_dns REMOTE_DNS 53 | sed 's/#/:/g')" + fi + fi + ;; udp) use_udp_node_resolve_dns=1 if [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ]; then diff --git a/patch-luci-app-passwall.patch b/patch-luci-app-passwall.patch index c241946d2..eaf9f0b41 100644 --- a/patch-luci-app-passwall.patch +++ b/patch-luci-app-passwall.patch @@ -24,11 +24,11 @@ index 03006a6..f384bbc 100644 if code ~= 0 then local use_time = luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $2}'") diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua -index 806095f..fe5fa30 100644 +index 4f8f1b9..070ed38 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua -@@ -403,6 +403,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)") - o:value("149.112.112.112", "149.112.112.112 (Quad9-Recommended)") +@@ -407,6 +407,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)") + o:value("149.112.112.112", "149.112.112.112 (Quad9)") o:value("208.67.220.220", "208.67.220.220 (OpenDNS)") o:value("208.67.222.222", "208.67.222.222 (OpenDNS)") +if nixio.fs.access("/usr/share/mosdns/mosdns.sh") then