luci-app-passwall2: sync upstream
This commit is contained in:
actions
parent
a75f35d1f8
commit
fad1ba3537
@ -5,7 +5,7 @@
|
|||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=luci-app-passwall2
|
PKG_NAME:=luci-app-passwall2
|
||||||
PKG_VERSION:=1.20-15
|
PKG_VERSION:=1.20-17
|
||||||
PKG_RELEASE:=
|
PKG_RELEASE:=
|
||||||
|
|
||||||
PKG_CONFIG_DEPENDS:= \
|
PKG_CONFIG_DEPENDS:= \
|
||||||
|
|||||||
@ -232,6 +232,14 @@ o.datatype = "ipaddr"
|
|||||||
o:depends("remote_dns_protocol", "tcp")
|
o:depends("remote_dns_protocol", "tcp")
|
||||||
o:depends("remote_dns_protocol", "doh")
|
o:depends("remote_dns_protocol", "doh")
|
||||||
|
|
||||||
|
o = s:option(ListValue, "remote_dns_detour", translate("Remote DNS Outbound"))
|
||||||
|
o.default = "remote"
|
||||||
|
o:value("remote", translate("Remote"))
|
||||||
|
o:value("direct", translate("Direct"))
|
||||||
|
o:depends("remote_dns_protocol", "tcp")
|
||||||
|
o:depends("remote_dns_protocol", "doh")
|
||||||
|
o:depends("remote_dns_protocol", "udp")
|
||||||
|
|
||||||
o = s:option(Flag, "remote_fakedns", "FakeDNS", translate("Use FakeDNS work in the shunt domain that proxy."))
|
o = s:option(Flag, "remote_fakedns", "FakeDNS", translate("Use FakeDNS work in the shunt domain that proxy."))
|
||||||
o.default = "0"
|
o.default = "0"
|
||||||
o.rmempty = false
|
o.rmempty = false
|
||||||
|
|||||||
@ -257,6 +257,11 @@ o.description = translate("Notify the DNS server when the DNS query is notified,
|
|||||||
o.datatype = "ipaddr"
|
o.datatype = "ipaddr"
|
||||||
o:depends({ __hide = true })
|
o:depends({ __hide = true })
|
||||||
|
|
||||||
|
o = s:taboption("DNS", ListValue, "remote_dns_detour", translate("Remote DNS Outbound"))
|
||||||
|
o.default = "remote"
|
||||||
|
o:value("remote", translate("Remote"))
|
||||||
|
o:value("direct", translate("Direct"))
|
||||||
|
|
||||||
o = s:taboption("DNS", Flag, "remote_fakedns", "FakeDNS", translate("Use FakeDNS work in the shunt domain that proxy."))
|
o = s:taboption("DNS", Flag, "remote_fakedns", "FakeDNS", translate("Use FakeDNS work in the shunt domain that proxy."))
|
||||||
o.default = "0"
|
o.default = "0"
|
||||||
o.rmempty = false
|
o.rmempty = false
|
||||||
|
|||||||
@ -720,6 +720,7 @@ function gen_config(var)
|
|||||||
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
||||||
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
||||||
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
||||||
|
local remote_dns_detour = var["-remote_dns_detour"]
|
||||||
local remote_dns_query_strategy = var["-remote_dns_query_strategy"]
|
local remote_dns_query_strategy = var["-remote_dns_query_strategy"]
|
||||||
local remote_dns_fake = var["-remote_dns_fake"]
|
local remote_dns_fake = var["-remote_dns_fake"]
|
||||||
local dns_cache = var["-dns_cache"]
|
local dns_cache = var["-dns_cache"]
|
||||||
@ -1195,6 +1196,10 @@ function gen_config(var)
|
|||||||
remote_strategy = "ipv6_only"
|
remote_strategy = "ipv6_only"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if remote_dns_detour == "direct" then
|
||||||
|
default_outTag = "direct"
|
||||||
|
end
|
||||||
|
|
||||||
local remote_server = {
|
local remote_server = {
|
||||||
tag = "remote",
|
tag = "remote",
|
||||||
address_strategy = "prefer_ipv4",
|
address_strategy = "prefer_ipv4",
|
||||||
@ -1304,7 +1309,7 @@ function gen_config(var)
|
|||||||
}
|
}
|
||||||
if value.outboundTag ~= "block" and value.outboundTag ~= "direct" then
|
if value.outboundTag ~= "block" and value.outboundTag ~= "direct" then
|
||||||
dns_rule.server = "remote"
|
dns_rule.server = "remote"
|
||||||
if value.outboundTag ~= "default" and remote_server.address then
|
if value.outboundTag ~= "default" and remote_server.address and remote_server.detour ~= "direct" then
|
||||||
local remote_dns_server = api.clone(remote_server)
|
local remote_dns_server = api.clone(remote_server)
|
||||||
remote_dns_server.tag = value.outboundTag
|
remote_dns_server.tag = value.outboundTag
|
||||||
remote_dns_server.detour = value.outboundTag
|
remote_dns_server.detour = value.outboundTag
|
||||||
@ -1485,6 +1490,7 @@ function gen_dns_config(var)
|
|||||||
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
||||||
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
||||||
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
||||||
|
local remote_dns_detour = var["-remote_dns_detour"]
|
||||||
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
|
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
|
||||||
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
|
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
|
||||||
local dns_cache = var["-dns_cache"]
|
local dns_cache = var["-dns_cache"]
|
||||||
@ -1510,13 +1516,34 @@ function gen_dns_config(var)
|
|||||||
independent_cache = false, --使每个 DNS 服务器的缓存独立,以满足特殊目的。如果启用,将轻微降低性能。
|
independent_cache = false, --使每个 DNS 服务器的缓存独立,以满足特殊目的。如果启用,将轻微降低性能。
|
||||||
reverse_mapping = true, --在响应 DNS 查询后存储 IP 地址的反向映射以为路由目的提供域名。
|
reverse_mapping = true, --在响应 DNS 查询后存储 IP 地址的反向映射以为路由目的提供域名。
|
||||||
}
|
}
|
||||||
|
|
||||||
if dns_out_tag == "remote" then
|
if dns_out_tag == "remote" then
|
||||||
|
local out_tag = nil
|
||||||
|
if remote_dns_detour == "direct" then
|
||||||
|
out_tag = "direct-out"
|
||||||
|
table.insert(outbounds, 1, {
|
||||||
|
type = "direct",
|
||||||
|
tag = out_tag,
|
||||||
|
routing_mark = 255,
|
||||||
|
domain_strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
||||||
|
})
|
||||||
|
else
|
||||||
|
if remote_dns_outbound_socks_address and remote_dns_outbound_socks_port then
|
||||||
|
out_tag = "remote-out"
|
||||||
|
table.insert(outbounds, 1, {
|
||||||
|
type = "socks",
|
||||||
|
tag = out_tag,
|
||||||
|
server = remote_dns_outbound_socks_address,
|
||||||
|
server_port = tonumber(remote_dns_outbound_socks_port),
|
||||||
|
})
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
local server = {
|
local server = {
|
||||||
tag = dns_out_tag,
|
tag = dns_out_tag,
|
||||||
address_strategy = "prefer_ipv4",
|
address_strategy = "prefer_ipv4",
|
||||||
strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
||||||
detour = "remote-out",
|
detour = out_tag,
|
||||||
}
|
}
|
||||||
|
|
||||||
if remote_dns_udp_server then
|
if remote_dns_udp_server then
|
||||||
@ -1535,21 +1562,21 @@ function gen_dns_config(var)
|
|||||||
|
|
||||||
table.insert(dns.servers, server)
|
table.insert(dns.servers, server)
|
||||||
|
|
||||||
|
route.final = out_tag
|
||||||
|
elseif dns_out_tag == "direct" then
|
||||||
|
local out_tag = "direct-out"
|
||||||
table.insert(outbounds, 1, {
|
table.insert(outbounds, 1, {
|
||||||
type = "socks",
|
type = "direct",
|
||||||
tag = "remote-out",
|
tag = out_tag,
|
||||||
server = remote_dns_outbound_socks_address,
|
routing_mark = 255,
|
||||||
server_port = tonumber(remote_dns_outbound_socks_port),
|
domain_strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
||||||
})
|
})
|
||||||
|
|
||||||
route.final = "remote-out"
|
|
||||||
|
|
||||||
elseif dns_out_tag == "direct" then
|
|
||||||
local server = {
|
local server = {
|
||||||
tag = dns_out_tag,
|
tag = dns_out_tag,
|
||||||
address_strategy = "prefer_ipv6",
|
address_strategy = "prefer_ipv6",
|
||||||
strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
||||||
detour = "direct-out",
|
detour = out_tag,
|
||||||
}
|
}
|
||||||
|
|
||||||
if direct_dns_udp_server then
|
if direct_dns_udp_server then
|
||||||
@ -1567,13 +1594,8 @@ function gen_dns_config(var)
|
|||||||
end
|
end
|
||||||
|
|
||||||
table.insert(dns.servers, server)
|
table.insert(dns.servers, server)
|
||||||
|
|
||||||
table.insert(outbounds, 1, {
|
route.final = out_tag
|
||||||
type = "direct",
|
|
||||||
tag = "direct-out",
|
|
||||||
routing_mark = 255,
|
|
||||||
domain_strategy = (dns_query_strategy and dns_query_strategy ~= "UseIP") and "ipv4_only" or "prefer_ipv6",
|
|
||||||
})
|
|
||||||
end
|
end
|
||||||
|
|
||||||
table.insert(inbounds, {
|
table.insert(inbounds, {
|
||||||
|
|||||||
@ -1409,6 +1409,7 @@ function gen_dns_config(var)
|
|||||||
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
||||||
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
|
||||||
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
local remote_dns_doh_port = var["-remote_dns_doh_port"]
|
||||||
|
local remote_dns_detour = var["-remote_dns_detour"]
|
||||||
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
|
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
|
||||||
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
|
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
|
||||||
local dns_cache = var["-dns_cache"]
|
local dns_cache = var["-dns_cache"]
|
||||||
@ -1439,6 +1440,41 @@ function gen_dns_config(var)
|
|||||||
local other_type_dns_proto, other_type_dns_server, other_type_dns_port
|
local other_type_dns_proto, other_type_dns_server, other_type_dns_port
|
||||||
|
|
||||||
if dns_out_tag == "remote" then
|
if dns_out_tag == "remote" then
|
||||||
|
if remote_dns_detour == "direct" then
|
||||||
|
dns_out_tag = "direct"
|
||||||
|
table.insert(outbounds, 1, {
|
||||||
|
tag = dns_out_tag,
|
||||||
|
protocol = "freedom",
|
||||||
|
settings = {
|
||||||
|
domainStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or "UseIPv4"
|
||||||
|
},
|
||||||
|
streamSettings = {
|
||||||
|
sockopt = {
|
||||||
|
mark = 255
|
||||||
|
}
|
||||||
|
}
|
||||||
|
})
|
||||||
|
else
|
||||||
|
if remote_dns_outbound_socks_address and remote_dns_outbound_socks_port then
|
||||||
|
table.insert(outbounds, 1, {
|
||||||
|
tag = dns_out_tag,
|
||||||
|
protocol = "socks",
|
||||||
|
streamSettings = {
|
||||||
|
network = "tcp",
|
||||||
|
security = "none"
|
||||||
|
},
|
||||||
|
settings = {
|
||||||
|
servers = {
|
||||||
|
{
|
||||||
|
address = remote_dns_outbound_socks_address,
|
||||||
|
port = tonumber(remote_dns_outbound_socks_port)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
})
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
local _remote_dns = {
|
local _remote_dns = {
|
||||||
_flag = "remote"
|
_flag = "remote"
|
||||||
}
|
}
|
||||||
@ -1470,23 +1506,20 @@ function gen_dns_config(var)
|
|||||||
end
|
end
|
||||||
|
|
||||||
table.insert(dns.servers, _remote_dns)
|
table.insert(dns.servers, _remote_dns)
|
||||||
|
elseif dns_out_tag == "direct" then
|
||||||
table.insert(outbounds, 1, {
|
table.insert(outbounds, 1, {
|
||||||
tag = "remote",
|
tag = dns_out_tag,
|
||||||
protocol = "socks",
|
protocol = "freedom",
|
||||||
streamSettings = {
|
|
||||||
network = "tcp",
|
|
||||||
security = "none"
|
|
||||||
},
|
|
||||||
settings = {
|
settings = {
|
||||||
servers = {
|
domainStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or "UseIPv4"
|
||||||
{
|
},
|
||||||
address = remote_dns_outbound_socks_address,
|
streamSettings = {
|
||||||
port = tonumber(remote_dns_outbound_socks_port)
|
sockopt = {
|
||||||
}
|
mark = 255
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
elseif dns_out_tag == "direct" then
|
|
||||||
local _direct_dns = {
|
local _direct_dns = {
|
||||||
_flag = "direct"
|
_flag = "direct"
|
||||||
}
|
}
|
||||||
@ -1527,19 +1560,6 @@ function gen_dns_config(var)
|
|||||||
end
|
end
|
||||||
|
|
||||||
table.insert(dns.servers, _direct_dns)
|
table.insert(dns.servers, _direct_dns)
|
||||||
|
|
||||||
table.insert(outbounds, 1, {
|
|
||||||
protocol = "freedom",
|
|
||||||
tag = "direct",
|
|
||||||
settings = {
|
|
||||||
domainStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or "UseIPv4"
|
|
||||||
},
|
|
||||||
streamSettings = {
|
|
||||||
sockopt = {
|
|
||||||
mark = 255
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
end
|
end
|
||||||
|
|
||||||
local dns_hosts_len = 0
|
local dns_hosts_len = 0
|
||||||
|
|||||||
@ -139,6 +139,15 @@ msgstr "用于 DNS 查询时通知 DNS 服务器,客户端所在的地理位
|
|||||||
msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)."
|
msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)."
|
||||||
msgstr "此功能需要 DNS 服务器支持 EDNS Client Subnet(RFC7871)。"
|
msgstr "此功能需要 DNS 服务器支持 EDNS Client Subnet(RFC7871)。"
|
||||||
|
|
||||||
|
msgid "Remote DNS Outbound"
|
||||||
|
msgstr "远程 DNS 出站"
|
||||||
|
|
||||||
|
msgid "Remote"
|
||||||
|
msgstr "远程"
|
||||||
|
|
||||||
|
msgid "Direct"
|
||||||
|
msgstr "直连"
|
||||||
|
|
||||||
msgid "Direct Query Strategy"
|
msgid "Direct Query Strategy"
|
||||||
msgstr "直连查询策略"
|
msgstr "直连查询策略"
|
||||||
|
|
||||||
|
|||||||
@ -286,7 +286,7 @@ lua_api() {
|
|||||||
|
|
||||||
run_xray() {
|
run_xray() {
|
||||||
local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
|
local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
|
||||||
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache
|
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache
|
||||||
local loglevel log_file config_file
|
local loglevel log_file config_file
|
||||||
local _extra_param=""
|
local _extra_param=""
|
||||||
eval_set_val $@
|
eval_set_val $@
|
||||||
@ -388,6 +388,7 @@ run_xray() {
|
|||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
|
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
[ -n "$remote_dns_detour" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_detour ${remote_dns_detour}"
|
||||||
|
|
||||||
[ -n "$remote_dns_query_strategy" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_query_strategy ${remote_dns_query_strategy}"
|
[ -n "$remote_dns_query_strategy" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_query_strategy ${remote_dns_query_strategy}"
|
||||||
[ -n "$remote_dns_client_ip" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_client_ip ${remote_dns_client_ip}"
|
[ -n "$remote_dns_client_ip" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_client_ip ${remote_dns_client_ip}"
|
||||||
@ -410,7 +411,7 @@ run_xray() {
|
|||||||
|
|
||||||
run_singbox() {
|
run_singbox() {
|
||||||
local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
|
local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
|
||||||
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache
|
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache
|
||||||
local loglevel log_file config_file
|
local loglevel log_file config_file
|
||||||
local _extra_param=""
|
local _extra_param=""
|
||||||
eval_set_val $@
|
eval_set_val $@
|
||||||
@ -480,51 +481,6 @@ run_singbox() {
|
|||||||
|
|
||||||
_extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1 -direct_dns_query_strategy ${direct_dns_query_strategy}"
|
_extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1 -direct_dns_query_strategy ${direct_dns_query_strategy}"
|
||||||
|
|
||||||
:<<eof
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="-dns_out_tag remote"
|
|
||||||
V2RAY_DNS_REMOTE_CONFIG="${TMP_PATH}/${flag}_dns_remote.json"
|
|
||||||
V2RAY_DNS_REMOTE_LOG="${TMP_PATH}/${flag}_dns_remote.log"
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -log 1 -logfile ${V2RAY_DNS_REMOTE_LOG}"
|
|
||||||
dns_remote_listen_port=$(get_new_port $(expr $direct_dnsmasq_listen_port + 1) udp)
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_listen_port ${dns_remote_listen_port}"
|
|
||||||
case "$remote_dns_protocol" in
|
|
||||||
udp)
|
|
||||||
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
|
|
||||||
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
|
|
||||||
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_udp_port ${_dns_port} -remote_dns_udp_server ${_dns_address}"
|
|
||||||
;;
|
|
||||||
tcp)
|
|
||||||
local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g')
|
|
||||||
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
|
|
||||||
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_tcp_port ${_dns_port} -remote_dns_tcp_server ${_dns_address}"
|
|
||||||
;;
|
|
||||||
doh)
|
|
||||||
local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}')
|
|
||||||
local _doh_host_port=$(lua_api "get_domain_from_url(\"${_doh_url}\")")
|
|
||||||
#local _doh_host_port=$(echo $_doh_url | sed "s/https:\/\///g" | awk -F '/' '{print $1}')
|
|
||||||
local _doh_host=$(echo $_doh_host_port | awk -F ':' '{print $1}')
|
|
||||||
local is_ip=$(lua_api "is_ip(\"${_doh_host}\")")
|
|
||||||
local _doh_port=$(echo $_doh_host_port | awk -F ':' '{print $2}')
|
|
||||||
[ -z "${_doh_port}" ] && _doh_port=443
|
|
||||||
local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-)
|
|
||||||
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
|
|
||||||
[ -n "$_doh_bootstrap" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_ip ${_doh_bootstrap}"
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
[ -n "$remote_dns_query_strategy" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_query_strategy ${remote_dns_query_strategy}"
|
|
||||||
[ -n "$remote_dns_client_ip" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -dns_client_ip ${remote_dns_client_ip}"
|
|
||||||
|
|
||||||
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_outbound_socks_address 127.0.0.1 -remote_dns_outbound_socks_port ${socks_port}"
|
|
||||||
lua $UTIL_SINGBOX gen_dns_config ${V2RAY_DNS_REMOTE_ARGS} > $V2RAY_DNS_REMOTE_CONFIG
|
|
||||||
ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "/dev/null" run -c "$V2RAY_DNS_REMOTE_CONFIG"
|
|
||||||
|
|
||||||
_extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1"
|
|
||||||
eof
|
|
||||||
|
|
||||||
case "$remote_dns_protocol" in
|
case "$remote_dns_protocol" in
|
||||||
udp)
|
udp)
|
||||||
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
|
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
|
||||||
@ -553,6 +509,7 @@ eof
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
[ -n "$remote_dns_detour" ] && _extra_param="${_extra_param} -remote_dns_detour ${remote_dns_detour}"
|
||||||
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
|
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
|
||||||
|
|
||||||
[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
|
[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
|
||||||
@ -766,7 +723,7 @@ run_global() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
[ -n "$REMOTE_DNS_PROTOCOL" ] && {
|
[ -n "$REMOTE_DNS_PROTOCOL" ] && {
|
||||||
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_protocol=${REMOTE_DNS_PROTOCOL}"
|
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_protocol=${REMOTE_DNS_PROTOCOL} remote_dns_detour=${REMOTE_DNS_DETOUR}"
|
||||||
case "$REMOTE_DNS_PROTOCOL" in
|
case "$REMOTE_DNS_PROTOCOL" in
|
||||||
udp*)
|
udp*)
|
||||||
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_udp_server=${REMOTE_DNS}"
|
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_udp_server=${REMOTE_DNS}"
|
||||||
@ -1012,7 +969,7 @@ acl_app() {
|
|||||||
dnsmasq_port=11400
|
dnsmasq_port=11400
|
||||||
for item in $items; do
|
for item in $items; do
|
||||||
index=$(expr $index + 1)
|
index=$(expr $index + 1)
|
||||||
local enabled sid remarks sources node direct_dns_protocol direct_dns direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy
|
local enabled sid remarks sources node direct_dns_protocol direct_dns direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy
|
||||||
local _ip _mac _iprange _ipset _ip_or_mac rule_list config_file
|
local _ip _mac _iprange _ipset _ip_or_mac rule_list config_file
|
||||||
sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
|
sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
|
||||||
eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
|
eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
|
||||||
@ -1048,6 +1005,7 @@ acl_app() {
|
|||||||
remote_dns_protocol=${remote_dns_protocol:-tcp}
|
remote_dns_protocol=${remote_dns_protocol:-tcp}
|
||||||
remote_dns=${remote_dns:-1.1.1.1}
|
remote_dns=${remote_dns:-1.1.1.1}
|
||||||
[ "$remote_dns_protocol" = "doh" ] && remote_dns=${remote_dns_doh:-https://1.1.1.1/dns-query}
|
[ "$remote_dns_protocol" = "doh" ] && remote_dns=${remote_dns_doh:-https://1.1.1.1/dns-query}
|
||||||
|
remote_dns_detour=${remote_dns_detour:-remote}
|
||||||
remote_fakedns=${remote_fakedns:-0}
|
remote_fakedns=${remote_fakedns:-0}
|
||||||
remote_dns_query_strategy=${remote_dns_query_strategy:-UseIPv4}
|
remote_dns_query_strategy=${remote_dns_query_strategy:-UseIPv4}
|
||||||
|
|
||||||
@ -1076,7 +1034,7 @@ acl_app() {
|
|||||||
elif [ "${type}" = "sing-box" ] && [ -n "${SINGBOX_BIN}" ]; then
|
elif [ "${type}" = "sing-box" ] && [ -n "${SINGBOX_BIN}" ]; then
|
||||||
run_func="run_singbox"
|
run_func="run_singbox"
|
||||||
fi
|
fi
|
||||||
${run_func} flag=acl_$sid node=$node redir_port=$redir_port socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_protocol=${direct_dns_protocol} direct_dns_udp_server=${direct_dns} direct_dns_tcp_server=${direct_dns} direct_dns_doh="${direct_dns}" direct_dns_client_ip=${direct_dns_client_ip} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} config_file=${config_file}
|
${run_func} flag=acl_$sid node=$node redir_port=$redir_port socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_protocol=${direct_dns_protocol} direct_dns_udp_server=${direct_dns} direct_dns_tcp_server=${direct_dns} direct_dns_doh="${direct_dns}" direct_dns_client_ip=${direct_dns_client_ip} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} config_file=${config_file}
|
||||||
fi
|
fi
|
||||||
dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1))
|
dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1))
|
||||||
redirect_dns_port=$dnsmasq_port
|
redirect_dns_port=$dnsmasq_port
|
||||||
@ -1108,7 +1066,7 @@ acl_app() {
|
|||||||
echo "${redir_port}" > $TMP_ACL_PATH/$sid/var_port
|
echo "${redir_port}" > $TMP_ACL_PATH/$sid/var_port
|
||||||
}
|
}
|
||||||
[ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port
|
[ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port
|
||||||
unset enabled sid remarks sources node direct_dns_protocol direct_dns direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy
|
unset enabled sid remarks sources node direct_dns_protocol direct_dns direct_dns_doh direct_dns_client_ip direct_dns_query_strategy remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy
|
||||||
unset _ip _mac _iprange _ipset _ip_or_mac rule_list config_file
|
unset _ip _mac _iprange _ipset _ip_or_mac rule_list config_file
|
||||||
unset redirect_dns_port
|
unset redirect_dns_port
|
||||||
done
|
done
|
||||||
@ -1214,6 +1172,7 @@ DIRECT_DNS_PROTOCOL=$(config_t_get global direct_dns_protocol tcp)
|
|||||||
DIRECT_DNS_PROTOCOL="auto"
|
DIRECT_DNS_PROTOCOL="auto"
|
||||||
DIRECT_DNS=$(config_t_get global direct_dns 119.29.29.29:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
DIRECT_DNS=$(config_t_get global direct_dns 119.29.29.29:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
||||||
REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
|
REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
|
||||||
|
REMOTE_DNS_DETOUR=$(config_t_get global remote_dns_detour remote)
|
||||||
REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
||||||
REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
|
REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
|
||||||
REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
|
REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
|
||||||
|
|||||||
@ -258,8 +258,8 @@ load_acl() {
|
|||||||
|
|
||||||
local nftset_whitelist="passwall2_${sid}_whitelist"
|
local nftset_whitelist="passwall2_${sid}_whitelist"
|
||||||
local nftset_whitelist6="passwall2_${sid}_whitelist6"
|
local nftset_whitelist6="passwall2_${sid}_whitelist6"
|
||||||
gen_nftset $nftset_whitelist 0 0 ipv4_addr
|
gen_nftset $nftset_whitelist ipv4_addr 0 0
|
||||||
gen_nftset $nftset_whitelist6 0 0 ipv6_addr
|
gen_nftset $nftset_whitelist6 ipv6_addr 0 0
|
||||||
|
|
||||||
[ -n "$redir_port" ] && {
|
[ -n "$redir_port" ] && {
|
||||||
if [ "$tcp_proxy_mode" != "disable" ]; then
|
if [ "$tcp_proxy_mode" != "disable" ]; then
|
||||||
@ -607,8 +607,8 @@ add_firewall_rule() {
|
|||||||
|
|
||||||
local nftset_global_whitelist="passwall2_global_whitelist"
|
local nftset_global_whitelist="passwall2_global_whitelist"
|
||||||
local nftset_global_whitelist6="passwall2_global_whitelist6"
|
local nftset_global_whitelist6="passwall2_global_whitelist6"
|
||||||
gen_nftset $nftset_global_whitelist 0 0 ipv4_addr
|
gen_nftset $nftset_global_whitelist ipv4_addr 0 0
|
||||||
gen_nftset $nftset_global_whitelist6 0 0 ipv6_addr
|
gen_nftset $nftset_global_whitelist6 ipv6_addr 0 0
|
||||||
|
|
||||||
# 过滤所有节点IP
|
# 过滤所有节点IP
|
||||||
filter_vpsip > /dev/null 2>&1 &
|
filter_vpsip > /dev/null 2>&1 &
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user