luci-app-passwall2: sync upstream

last commit: 00ce806f31
2025-01-02 23:30:20 +08:00 · 2025-01-02 23:30:20 +08:00 · dfa645029e
commit dfa645029e
parent 8668cee5dc
2 changed files with 70 additions and 62 deletions
--- a/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
+++ b/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
@ -204,47 +204,51 @@ gen_shunt_list() {
 	NODE_PROTOCOL=$(config_n_get $node protocol)
 	[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
 	[ "$USE_SHUNT_NODE" = "1" ] && {
-		local default_node=$(config_n_get ${node} default_node _direct)
+		local enable_geoview=$(config_t_get global_rules enable_geoview 0)
-		local default_outbound="redirect"
+		[ -z "$(first_type geoview)" ] && enable_geoview=0
-		[ "$default_node" = "_direct" ] && default_outbound="direct"
+		local preloading=0
-		local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+		preloading=$enable_geoview
-		for shunt_id in $shunt_ids; do
+		[ "${preloading}" = "1" ] && {
-			local shunt_node=$(config_n_get ${node} "${shunt_id}")
+			local default_node=$(config_n_get ${node} default_node _direct)
-			[ -n "$shunt_node" ] && {
+			local default_outbound="redirect"
-				local ipset_v4="passwall2_${node}_${shunt_id}"
+			[ "$default_node" = "_direct" ] && default_outbound="direct"
-				local ipset_v6="passwall2_${node}_${shunt_id}6"
+			local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
-				ipset -! create $ipset_v4 nethash maxelem 1048576
+			for shunt_id in $shunt_ids; do
-				ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
+				local shunt_node=$(config_n_get ${node} "${shunt_id}")
-				local outbound="redirect"
+				[ -n "$shunt_node" ] && {
-				[ "$shunt_node" = "_direct" ] && outbound="direct"
+					local ipset_v4="passwall2_${node}_${shunt_id}"
-				[ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+					local ipset_v6="passwall2_${node}_${shunt_id}6"
-				_SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
+					ipset -! create $ipset_v4 nethash maxelem 1048576
-				_SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
+					ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
 					local outbound="redirect"
 					[ "$shunt_node" = "_direct" ] && outbound="direct"
 					[ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
 					_SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
 					_SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
-				config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-				config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+					config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-				[ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
+					[ "${enable_geoview}" = "1" ] && {
-					local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+						local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
-					[ -n "$_geoip_code" ] && {
+						[ -n "$_geoip_code" ] && {
-						if [ "$(config_n_get $node type)" = "sing-box" ]; then
+							if [ "$(config_n_get $node type)" = "sing-box" ]; then
-							get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+								get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-							get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+								get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
-						else
+							else
 							if type geoview &> /dev/null; then
 								get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 								get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
 							fi
-						fi
+							echolog "  - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
-						echolog "  - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
+						}
 					}
 				}
-			}
+			done
-		done
+		}
 		[ "${_write_ipset_direct}" = "1" ] && {
 			_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
 			_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
 		}
-		[ -n "$default_node" ] && {
+		[ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
 			local ipset_v4="passwall2_${node}_default"
 			local ipset_v6="passwall2_${node}_default6"
 			ipset -! create $ipset_v4 nethash maxelem 1048576
--- a/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
+++ b/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
@ -258,46 +258,50 @@ gen_shunt_list() {
 	NODE_PROTOCOL=$(config_n_get $node protocol)
 	[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
 	[ "$USE_SHUNT_NODE" = "1" ] && {
-		local default_node=$(config_n_get ${node} default_node _direct)
+		local enable_geoview=$(config_t_get global_rules enable_geoview 0)
-		local default_outbound="redirect"
+		[ -z "$(first_type geoview)" ] && enable_geoview=0
-		[ "$default_node" = "_direct" ] && default_outbound="direct"
+		local preloading=0
-		local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+		preloading=$enable_geoview
-		for shunt_id in $shunt_ids; do
+		[ "${preloading}" = "1" ] && {
-			local shunt_node=$(config_n_get ${node} "${shunt_id}")
+			local default_node=$(config_n_get ${node} default_node _direct)
-			[ -n "$shunt_node" ] && {
+			local default_outbound="redirect"
-				local nftset_v4="passwall2_${node}_${shunt_id}"
+			[ "$default_node" = "_direct" ] && default_outbound="direct"
-				local nftset_v6="passwall2_${node}_${shunt_id}6"
+			local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
-				gen_nftset $nftset_v4 ipv4_addr 0 0
+			for shunt_id in $shunt_ids; do
-				gen_nftset $nftset_v6 ipv6_addr 0 0
+				local shunt_node=$(config_n_get ${node} "${shunt_id}")
-				local outbound="redirect"
+				[ -n "$shunt_node" ] && {
-				[ "$shunt_node" = "_direct" ] && outbound="direct"
+					local nftset_v4="passwall2_${node}_${shunt_id}"
-				[ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+					local nftset_v6="passwall2_${node}_${shunt_id}6"
-				_SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
+					gen_nftset $nftset_v4 ipv4_addr 0 0
-				_SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
+					gen_nftset $nftset_v6 ipv6_addr 0 0
-				insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+					local outbound="redirect"
-				insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+					[ "$shunt_node" = "_direct" ] && outbound="direct"
-				[ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
+					[ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
-					local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+					_SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
-					[ -n "$_geoip_code" ] && {
+					_SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
-						if [ "$(config_n_get $node type)" = "sing-box" ]; then
+					insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
-							insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+					insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
-							insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+					[ "${enable_geoview}" = "1" ] && {
-						else
+						local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
-							if type geoview &> /dev/null; then
+						[ -n "$_geoip_code" ] && {
 							if [ "$(config_n_get $node type)" = "sing-box" ]; then
 								insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
 								insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
 							else
 								insert_nftset $nftset_v4 "0" $(get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
 								insert_nftset $nftset_v6 "0" $(get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
 							fi
-						fi
+							echolog "  - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
-						echolog "  - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
+						}
 					}
 				}
-			}
+			done
-		done
+		}
 		[ "${_write_ipset_direct}" = "1" ] && {
 			_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
 			_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
 		}
-		[ -n "$default_node" ] && {
+		[ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
 			local nftset_v4="passwall2_${node}_default"
 			local nftset_v6="passwall2_${node}_default6"
 			gen_nftset $nftset_v4 ipv4_addr 0 0