From f7a88bb759993cb298aabd448bd10a09f8bb0259 Mon Sep 17 00:00:00 2001 From: actions Date: Tue, 10 Oct 2023 01:24:11 +0800 Subject: [PATCH] luci-app-passwall2: sync upstream --- luci-app-passwall2/Makefile | 2 +- luci-app-passwall2/luasrc/passwall2/api.lua | 25 +++++++++++++++++++ .../luasrc/passwall2/util_sing-box.lua | 24 ++++++++++++++++++ .../luasrc/passwall2/util_xray.lua | 24 ++++++++++++++++++ .../root/usr/share/passwall2/0_default_config | 25 ++++++------------- .../root/usr/share/passwall2/app.sh | 4 +++ 6 files changed, 85 insertions(+), 19 deletions(-) diff --git a/luci-app-passwall2/Makefile b/luci-app-passwall2/Makefile index 50b5f7f2b..e360ea76c 100644 --- a/luci-app-passwall2/Makefile +++ b/luci-app-passwall2/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall2 -PKG_VERSION:=1.21-1 +PKG_VERSION:=1.21-2 PKG_RELEASE:= PKG_CONFIG_DEPENDS:= \ diff --git a/luci-app-passwall2/luasrc/passwall2/api.lua b/luci-app-passwall2/luasrc/passwall2/api.lua index 6bb885a7d..b9a6f11d1 100644 --- a/luci-app-passwall2/luasrc/passwall2/api.lua +++ b/luci-app-passwall2/luasrc/passwall2/api.lua @@ -16,6 +16,7 @@ OPENWRT_ARCH = nil DISTRIB_ARCH = nil LOG_FILE = "/tmp/log/passwall2.log" +CACHE_PATH = "/tmp/etc/passwall2_tmp" function log(...) local result = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ") @@ -921,6 +922,30 @@ function to_move(app_name,file) return {code = 0} end +function cacheFileCompareToLogic(file, str) + local result = nil + if file and str then + local file_str = "" + if fs.access(file) then + file_str = sys.exec("cat " .. file) + end + + if file_str ~= str then + sys.call("rm -f " .. file) + result = false + else + result = true + end + + local f_out = io.open(file, "w") + if f_out then + f_out:write(str) + f_out:close() + end + end + return result +end + function is_js_luci() return sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0 end diff --git a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua index b73b5c45b..a070b1929 100644 --- a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua +++ b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua @@ -5,6 +5,7 @@ local sys = api.sys local jsonc = api.jsonc local appname = api.appname local fs = api.fs +local CACHE_PATH = api.CACHE_PATH local new_port @@ -712,6 +713,8 @@ function gen_config(var) local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_port = var["-direct_dns_udp_port"] local direct_dns_query_strategy = var["-direct_dns_query_strategy"] + local direct_ipset = var["-direct_ipset"] + local direct_nftset = var["-direct_nftset"] local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_port = var["-remote_dns_udp_port"] local remote_dns_tcp_server = var["-remote_dns_tcp_server"] @@ -731,6 +734,8 @@ function gen_config(var) local inbounds = {} local outbounds = {} + local CACHE_TEXT_FILE = CACHE_PATH .. "/cache_" .. flag .. ".txt" + local singbox_settings = uci:get_all(appname, "@global_singbox[0]") or {} local route = { @@ -1349,6 +1354,25 @@ function gen_config(var) }, outbound = "dns-out" }) + + local content = flag .. node_id .. jsonc.stringify(dns) + if api.cacheFileCompareToLogic(CACHE_TEXT_FILE, content) == false then + --clear ipset/nftset + if direct_ipset then + string.gsub(direct_ipset, '[^' .. "," .. ']+', function(w) + sys.call("ipset -q -F " .. w) + end) + end + if direct_nftset then + string.gsub(direct_nftset, '[^' .. "," .. ']+', function(w) + local s = string.reverse(w) + local _, i = string.find(s, "#") + local m = string.len(s) - i + 1 + local n = w:sub(m + 1) + sys.call("nft flush set inet fw4 " .. n .. "2>/dev/null") + end) + end + end end if inbounds or outbounds then diff --git a/luci-app-passwall2/luasrc/passwall2/util_xray.lua b/luci-app-passwall2/luasrc/passwall2/util_xray.lua index 89ae42534..ad2510de4 100644 --- a/luci-app-passwall2/luasrc/passwall2/util_xray.lua +++ b/luci-app-passwall2/luasrc/passwall2/util_xray.lua @@ -5,6 +5,7 @@ local sys = api.sys local jsonc = api.jsonc local appname = api.appname local fs = api.fs +local CACHE_PATH = api.CACHE_PATH local new_port @@ -520,6 +521,8 @@ function gen_config(var) local dns_query_strategy = var["-dns_query_strategy"] local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_port = var["-direct_dns_udp_port"] + local direct_ipset = var["-direct_ipset"] + local direct_nftset = var["-direct_nftset"] local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_port = var["-remote_dns_udp_port"] local remote_dns_fake = var["-remote_dns_fake"] @@ -537,6 +540,8 @@ function gen_config(var) local routing = nil local observatory = nil + local CACHE_TEXT_FILE = CACHE_PATH .. "/cache_" .. flag .. ".txt" + local xray_settings = uci:get_all(appname, "@global_xray[0]") or {} local nodes = {} @@ -1228,6 +1233,25 @@ function gen_config(var) if dns_hosts_len == 0 then dns.hosts = nil end + + local content = flag .. node_id .. jsonc.stringify(dns) + if api.cacheFileCompareToLogic(CACHE_TEXT_FILE, content) == false then + --clear ipset/nftset + if direct_ipset then + string.gsub(direct_ipset, '[^' .. "," .. ']+', function(w) + sys.call("ipset -q -F " .. w) + end) + end + if direct_nftset then + string.gsub(direct_nftset, '[^' .. "," .. ']+', function(w) + local s = string.reverse(w) + local _, i = string.find(s, "#") + local m = string.len(s) - i + 1 + local n = w:sub(m + 1) + sys.call("nft flush set inet fw4 " .. n .. "2>/dev/null") + end) + end + end end if inbounds or outbounds then diff --git a/luci-app-passwall2/root/usr/share/passwall2/0_default_config b/luci-app-passwall2/root/usr/share/passwall2/0_default_config index 142563062..41b06348d 100644 --- a/luci-app-passwall2/root/usr/share/passwall2/0_default_config +++ b/luci-app-passwall2/root/usr/share/passwall2/0_default_config @@ -74,11 +74,9 @@ config nodes 'myshunt' option DirectGame '_direct' option ProxyGame '_default' option Direct '_direct' - option AD 'nil' - option BT '_direct' + option GooglePlay '_default' option Netflix 'nil' option OpenAI 'nil' - option TVB 'nil' option Proxy '_default' option China '_direct' option QUIC '_blackhole' @@ -175,15 +173,12 @@ cdn-qc.content.steamchina.com cdn-ali.content.steamchina.com epicgames-download1-1251447533.file.myqcloud.com' -config shunt_rules 'AD' - option remarks 'AD' - option domain_list 'geosite:category-ads-all' - option network 'tcp,udp' - -config shunt_rules 'BT' - option remarks 'BT' - option protocol 'bittorrent' +config shunt_rules 'GooglePlay' + option remarks 'GooglePlay' option network 'tcp,udp' + option domain_list 'domain:googleapis.cn +domain:googleapis.com +domain:xn--ngstr-lra8j.com' config shunt_rules 'Netflix' option remarks 'Netflix' @@ -192,14 +187,8 @@ config shunt_rules 'Netflix' config shunt_rules 'OpenAI' option remarks 'OpenAI' - option domain_list 'geosite:openai' - -config shunt_rules 'TVB' - option remarks 'TVB' option network 'tcp,udp' - option domain_list 'geosite:tvb -geosite:mytvsuper -' + option domain_list 'geosite:openai' config shunt_rules 'Proxy' option network 'tcp,udp' diff --git a/luci-app-passwall2/root/usr/share/passwall2/app.sh b/luci-app-passwall2/root/usr/share/passwall2/app.sh index 3eb36d406..37fd168ad 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/app.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/app.sh @@ -393,6 +393,8 @@ run_xray() { [ -n "$dns_cache" ] && _extra_param="${_extra_param} -dns_cache ${dns_cache}" _extra_param="${_extra_param} -dns_query_strategy UseIP" _extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1" + [ -n "${direct_ipset}" ] && _extra_param="${_extra_param} -direct_ipset ${direct_ipset}" + [ -n "${direct_nftset}" ] && _extra_param="${_extra_param} -direct_nftset ${direct_nftset}" _extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1" [ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1 -remote_dns_fake_strategy ${remote_dns_query_strategy}" } @@ -472,6 +474,8 @@ run_singbox() { run_ipset_dnsmasq listen_port=${direct_dnsmasq_listen_port} server_dns=127.0.0.1#${dns_direct_listen_port} ipset="${direct_ipset}" nftset="${direct_nftset}" config_file=${direct_ipset_conf} _extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1 -direct_dns_query_strategy ${direct_dns_query_strategy}" + [ -n "${direct_ipset}" ] && _extra_param="${_extra_param} -direct_ipset ${direct_ipset}" + [ -n "${direct_nftset}" ] && _extra_param="${_extra_param} -direct_nftset ${direct_nftset}" case "$remote_dns_protocol" in udp)