diff --git a/luci-app-memos/Makefile b/luci-app-memos/Makefile
index 6e63e1c17..9bac7e38b 100644
--- a/luci-app-memos/Makefile
+++ b/luci-app-memos/Makefile
@@ -2,7 +2,7 @@
include $(TOPDIR)/rules.mk
-PKG_VERSION:=1.0.1-20230108
+PKG_VERSION:=1.0.2-20230412
PKG_RELEASE:=
LUCI_TITLE:=LuCI support for Memos
diff --git a/luci-app-memos/root/etc/uci-defaults/luci-app-memos-fix-bug1 b/luci-app-memos/root/etc/uci-defaults/luci-app-memos-fix-bug1
new file mode 100644
index 000000000..2c68e0901
--- /dev/null
+++ b/luci-app-memos/root/etc/uci-defaults/luci-app-memos-fix-bug1
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+if [[ "`docker container inspect -f '{{ (index .Mounts 0).Destination }}' memos`" = "/config" ]]; then
+ echo "fix script bug"
+ config_path="`docker container inspect -f '{{ (index .Mounts 0).Source }}' memos`"
+ echo "backup old data"
+ if [[ -z "$config_path" ]]; then
+ docker start memos 2>/dev/null
+ docker exec memos cp -a /var/opt/memos/. /config/
+ docker stop memos 2>/dev/null
+ else
+ mkdir -p "$config_path"
+ docker stop memos 2>/dev/null
+ docker cp -a memos:/var/opt/memos/. "${config_path%/}/"
+ fi
+ echo "remove old container"
+ docker rm -f memos
+ echo "you should deploy later"
+fi
+exit 0
diff --git a/luci-app-memos/root/usr/libexec/istorec/memos.sh b/luci-app-memos/root/usr/libexec/istorec/memos.sh
index 78fe5e4c3..629143ea9 100755
--- a/luci-app-memos/root/usr/libexec/istorec/memos.sh
+++ b/luci-app-memos/root/usr/libexec/istorec/memos.sh
@@ -23,7 +23,7 @@ do_install() {
[ -z "$http_port" ] && http_port=5230
local cmd="docker run --restart=unless-stopped -d \
- -v \"$config:/config\" \
+ -v \"$config:/var/opt/memos\" \
--dns=172.17.0.1 \
-p $http_port:5230 "
diff --git a/luci-app-passwall/Makefile b/luci-app-passwall/Makefile
index ce6748d75..fe78fc951 100644
--- a/luci-app-passwall/Makefile
+++ b/luci-app-passwall/Makefile
@@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
-PKG_VERSION:=4.63
-PKG_RELEASE:=5
+PKG_VERSION:=4.64-1
+PKG_RELEASE:=
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_Iptables_Transparent_Proxy \
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
index d557d12f7..93d7c73b0 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
@@ -313,7 +313,17 @@ if has_chnlist then
.. "" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. ""
.. "" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. ""
.. ""
- when_chnroute_default_dns:depends("tcp_proxy_mode", "chnroute")
+ local _depends = {
+ { dns_mode = "dns2socks" },
+ { dns_mode = "xray" }
+ }
+ for i, d in ipairs(_depends) do
+ d["tcp_proxy_mode"] = "chnroute"
+ if api.is_finded("chinadns-ng") then
+ d["chinadns_ng"] = false
+ end
+ when_chnroute_default_dns:depends(d)
+ end
end
return m
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
index 1e568e68c..97fd8997c 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@@ -389,6 +389,9 @@ if has_chnlist then
.. "" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. ""
.. "" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. ""
.. ""
+ if api.is_finded("chinadns-ng") then
+ when_chnroute_default_dns:depends("chinadns_ng", false)
+ end
end
o = s:taboption("DNS", Button, "clear_ipset", translate("Clear IPSET"), translate("Try this feature if the rule modification does not take effect."))
diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh
index 138d251bf..76fbb8948 100755
--- a/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -401,6 +401,40 @@ run_dns2socks() {
ln_run "$(first_type dns2socks)" "dns2socks${flag}" $log_file ${_extra_param} "${socks_address}:${socks_port}" "${dns}" "${listen_address}:${listen_port}"
}
+run_chinadns_ng() {
+ local _listen_port _dns_china _dns_trust _chnlist _gfwlist _no_ipv6_rules _log_path _no_logic_log
+ eval_set_val $@
+
+ local _LOG_FILE=$LOG_FILE
+ [ -n "$_no_logic_log" ] && LOG_FILE="/dev/null"
+
+ echolog " | - (chinadns-ng) 最高支持4级域名过滤..."
+
+ local _default_tag
+ local _extra_param=""
+ [ -n "$_chnlist" ] && {
+ [ -s "${RULES_PATH}/chnlist" ] && {
+ local _chnlist_file="${TMP_PATH}/chinadns_chnlist"
+ cp -a "${RULES_PATH}/chnlist" "${_chnlist_file}"
+ _extra_param="${_extra_param} -m ${_chnlist_file} -M -a"
+ }
+ }
+
+ ([ -n "$_chnlist" ] || [ -n "$_gfwlist" ]) && [ -s "${RULES_PATH}/gfwlist" ] && {
+ local _gfwlist_file="${TMP_PATH}/chinadns_gfwlist"
+ cp -a "${RULES_PATH}/gfwlist" "${_gfwlist_file}"
+ _extra_param="${_extra_param} -g ${_gfwlist_file}"
+ #当只有使用gfwlist模式时设置默认DNS为本地直连
+ [ -n "$_gfwlist" ] && [ -z "$_chnlist" ] && _default_tag="chn"
+ }
+ [ -n "$_default_tag" ] && _extra_param="${_extra_param} -d ${_default_tag}"
+
+ _log_path="/dev/null"
+ ln_run "$(first_type chinadns-ng)" chinadns-ng "$_log_path" -v -b 127.0.0.1 -l "${_listen_port}" ${_dns_china:+-c "${_dns_china}"} ${_dns_trust:+-t "${_dns_trust}"} ${_extra_param} -f ${_no_ipv6_rules:+-N=${_no_ipv6_rules}}
+ echolog " + 过滤服务:ChinaDNS-NG(:${_listen_port}):国内DNS:${_dns_china},可信DNS:${_dns_trust}"
+ LOG_FILE=${_LOG_FILE}
+}
+
run_socks() {
local flag node bind socks_port config_file http_port http_config_file relay_port log_file
eval_set_val $@
@@ -1153,41 +1187,21 @@ start_dns() {
[ "${use_udp_node_resolve_dns}" = "1" ] && echolog " * 要求代理 DNS 请求,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!"
[ "$CHINADNS_NG" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && ([ -n "$chnlist" ] || [ -n "$gfwlist" ]) && {
- china_ng_listen_port=$(expr $dns_listen_port + 1)
- china_ng_listen="127.0.0.1#${china_ng_listen_port}"
- china_ng_chn=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",")
- china_ng_gfw="${TUN_DNS}"
- echolog " | - (chinadns-ng) 最高支持4级域名过滤..."
-
- local china_ng_extra_param=""
- [ -n "$chnlist" ] && {
- [ -s "${RULES_PATH}/chnlist" ] && {
- local chnlist_file="${TMP_PATH}/chinadns_chnlist"
- cp -a "${RULES_PATH}/chnlist" "${chnlist_file}"
- china_ng_extra_param="${china_ng_extra_param} -m ${chnlist_file} -M"
- }
- #当使用中国列表外时的默认DNS
- [ "$WHEN_CHNROUTE_DEFAULT_DNS" = "remote" ] && china_ng_default_tag="gfw"
- [ "$WHEN_CHNROUTE_DEFAULT_DNS" = "direct" ] && china_ng_default_tag="chn"
- }
-
- ([ -n "$chnlist" ] || [ -n "$gfwlist" ]) && [ -s "${RULES_PATH}/gfwlist" ] && {
- local gfwlist_file="${TMP_PATH}/chinadns_gfwlist"
- cp -a "${RULES_PATH}/gfwlist" "${gfwlist_file}"
- china_ng_extra_param="${china_ng_extra_param} -g ${gfwlist_file}"
- #当只有使用gfwlist模式时设置默认DNS为本地直连
- [ -n "$gfwlist" ] && [ -z "$chnlist" ] && china_ng_default_tag="chn"
- }
- [ -n "$china_ng_default_tag" ] && china_ng_extra_param="${china_ng_extra_param} -d ${china_ng_default_tag}"
-
- local log_path="${TMP_PATH}/chinadns-ng.log"
- log_path="/dev/null"
[ "$FILTER_PROXY_IPV6" = "1" ] && {
- noipv6="-N=gt"
+ local _no_ipv6_rules="gt"
DNSMASQ_FILTER_IPV6=0
}
- ln_run "$(first_type chinadns-ng)" chinadns-ng "$log_path" -v -b 0.0.0.0 -l "${china_ng_listen_port}" ${china_ng_chn:+-c "${china_ng_chn}"} ${china_ng_gfw:+-t "${china_ng_gfw}"} ${china_ng_extra_param} -f ${noipv6}
- echolog " + 过滤服务:ChinaDNS-NG(:${china_ng_listen_port}):国内DNS:${china_ng_chn},可信DNS:${china_ng_gfw}"
+ local china_ng_listen_port=$(expr $dns_listen_port + 1)
+ local china_ng_listen="127.0.0.1#${china_ng_listen_port}"
+ run_chinadns_ng \
+ _listen_port=${china_ng_listen_port} \
+ _dns_china=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
+ _dns_trust="${TUN_DNS}" \
+ _chnlist="${chnlist}" \
+ _gfwlist="${gfwlist}" \
+ _no_ipv6_rules="${_no_ipv6_rules}" \
+ _log_path="${TMP_PATH}/chinadns-ng.log"
+
WHEN_CHNROUTE_DEFAULT_DNS="chinadns_ng"
}
@@ -1327,39 +1341,23 @@ acl_app() {
local _dnsmasq_filter_ipv6=$filter_proxy_ipv6
[ "$chinadns_ng" = "1" ] && [ -n "$(first_type chinadns-ng)" ] && ([ "$tcp_proxy_mode" = "chnroute" ] || [ "$tcp_proxy_mode" = "gfwlist" ]) && {
- chinadns_port=$(expr $chinadns_port + 1)
- _china_ng_listen="127.0.0.1#${chinadns_port}"
- local _china_ng_chn=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",")
- local _china_ng_gfw="127.0.0.1#${_dns_port}"
-
- local _china_ng_extra_param=""
- [ "$tcp_proxy_mode" = "chnroute" ] && {
- [ -s "${RULES_PATH}/chnlist" ] && {
- local _chnlist_file="${TMP_PATH}/chinadns_chnlist"
- cp -a "${RULES_PATH}/chnlist" "${_chnlist_file}"
- _china_ng_extra_param="${_china_ng_extra_param} -m ${_chnlist_file} -M"
- }
- #当使用中国列表外时的默认DNS
- [ "$when_chnroute_default_dns" = "remote" ] && _china_ng_default_tag="gfw"
- [ "$when_chnroute_default_dns" = "direct" ] && _china_ng_default_tag="chn"
- }
-
- ([ "$tcp_proxy_mode" = "chnroute" ] || [ "$tcp_proxy_mode" = "gfwlist" ]) && [ -s "${RULES_PATH}/gfwlist" ] && {
- local _gfwlist_file="${TMP_PATH}/chinadns_gfwlist"
- cp -a "${RULES_PATH}/gfwlist" "${_gfwlist_file}"
- _china_ng_extra_param="${_china_ng_extra_param} -g ${_gfwlist_file}"
- #当使用gfwlist模式时设置默认DNS为本地直连
- [ "$tcp_proxy_mode" = "gfwlist" ] && _china_ng_default_tag="chn"
- }
- [ -n "$_china_ng_default_tag" ] && _china_ng_extra_param="${_china_ng_extra_param} -d ${_china_ng_default_tag}"
-
- #local _china_ng_log_file="${TMP_ACL_PATH}/${sid}/chinadns-ng.log"
- local _china_ng_log_file="/dev/null"
[ "$filter_proxy_ipv6" = "1" ] && {
- local _china_ng_noipv6="-N=gt"
+ local _no_ipv6_rules="gt"
_dnsmasq_filter_ipv6=0
}
- ln_run "$(first_type chinadns-ng)" chinadns-ng "$_china_ng_log_file" -v -b 0.0.0.0 -l "${chinadns_port}" ${_china_ng_chn:+-c "${_china_ng_chn}"} ${_china_ng_gfw:+-t "${_china_ng_gfw}"} ${_china_ng_extra_param} -f ${_china_ng_noipv6}
+ chinadns_port=$(expr $chinadns_port + 1)
+ _china_ng_listen="127.0.0.1#${chinadns_port}"
+
+ run_chinadns_ng \
+ _listen_port=${chinadns_port} \
+ _dns_china=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2) | tr " " ",") \
+ _dns_trust="127.0.0.1#${_dns_port}" \
+ _chnlist=$(echo "${tcp_proxy_mode}" | grep "chnroute") \
+ _gfwlist=$(echo "${tcp_proxy_mode}" | grep "gfwlist") \
+ _no_ipv6_rules="${_no_ipv6_rules}" \
+ _log_path="${TMP_ACL_PATH}/${sid}/chinadns-ng.log" \
+ _no_logic_log=1
+
when_chnroute_default_dns="chinadns_ng"
}
@@ -1502,7 +1500,7 @@ acl_app() {
[ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port
unset enabled sid remarks sources tcp_proxy_mode udp_proxy_mode tcp_node udp_node filter_proxy_ipv6 dns_mode remote_dns v2ray_dns_mode remote_dns_doh dns_client_ip
unset _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port config_file _extra_param
- unset _china_ng_listen _china_ng_chn _china_ng_gfw _gfwlist_file _chnlist_file _china_ng_log_file _china_ng_noipv6 _china_ng_extra_param _dnsmasq_filter_ipv6
+ unset _china_ng_listen _china_ng_chn _china_ng_gfw _gfwlist_file _chnlist_file _china_ng_log_file _no_ipv6_rules _china_ng_extra_param _dnsmasq_filter_ipv6
unset redirect_dns_port
done
unset socks_port redir_port dns_port dnsmasq_port chinadns_port
@@ -1519,7 +1517,6 @@ start() {
if [ "$use_nft" == 1 ] && [ -z "$(dnsmasq --version | grep 'Compile time options:.* nftset')" ]; then
echolog "Dnsmasq软件包不满足nftables透明代理要求,如需使用请确保dnsmasq版本在2.87以上并开启nftset支持。"
elif [ "$use_nft" == 1 ] && [ -n "$(dnsmasq --version | grep 'Compile time options:.* nftset')" ]; then
- echolog "使用nftables进行透明代理,一些不支持nftables的组件如chinadns-ng等可能不会正常工作。"
USE_TABLES="nftables"
nftflag=1
elif [ -z "$(command -v iptables-legacy || command -v iptables)" ] || [ -z "$(command -v ipset)" ]; then
diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
index 22359b94f..667d6ca80 100644
--- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
+++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
@@ -317,14 +317,15 @@ if not fs.access(CACHE_DNS_PATH) then
if chnlist and fs.access("/usr/share/passwall/rules/chnlist") and (CHNROUTE_MODE_DEFAULT_DNS == "remote" or (CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0")) then
fwd_dns = LOCAL_DNS
- local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
- for line in string.gmatch(chnlist_str, "[^\r\n]+") do
- if line ~= "" then
- if CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
- fwd_dns = nil
+ if CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
+ fwd_dns = nil
+ else
+ local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(chnlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ set_domain_dns(line, fwd_dns)
+ set_domain_ipset(line, setflag_4 .. "chnroute," .. setflag_6 .. "chnroute6")
end
- set_domain_dns(line, fwd_dns)
- set_domain_ipset(line, setflag_4 .. "chnroute," .. setflag_6 .. "chnroute6")
end
end
log(string.format(" - 中国域名表(chnroute):%s", fwd_dns or "默认"))
diff --git a/luci-app-store/Makefile b/luci-app-store/Makefile
index 965fc8625..60cc55831 100644
--- a/luci-app-store/Makefile
+++ b/luci-app-store/Makefile
@@ -16,8 +16,8 @@ PKG_VERSION:=0.1.13-2
PKG_RELEASE:=
ISTORE_UI_VERSION:=0.1.12
-ISTORE_UI_RELEASE:=5
-PKG_HASH:=23279d9fa532bbe6a66c4523cfee617d098a6e9a797e4c7e5c07c52b04434047
+ISTORE_UI_RELEASE:=6
+PKG_HASH:=bf43aef8b6635f7ad0de132cacdd8486ed8e4e33eeb0ae05be2ce56ab8aaff5e
PKG_SOURCE_URL_FILE:=v$(ISTORE_UI_VERSION)-$(ISTORE_UI_RELEASE).tar.gz
PKG_SOURCE:=istore-ui-$(PKG_SOURCE_URL_FILE)