update 2023-05-24 23:36:16

luci-app-xray/fw4/root/usr/share/xray/firewall_include.ut

@@ -17,6 +17,11 @@
     const wan_bp_ips = uniq(wan_bp_ips_no_dns);
     const wan_fw_ips = uniq(wan_fw_ips_no_dns);
     const ignore_tp_spec_def_gw = fs.stat("/usr/share/xray/ignore_tp_spec_def_gw");
+    const transparent_default_port_policy = general.transparent_default_port_policy || "forwarded";
+    const wan_fw_tcp_ports = general.wan_fw_tcp_ports || [];
+    const wan_fw_udp_ports = general.wan_fw_udp_ports || [];
+    const wan_bp_tcp_ports = general.wan_bp_tcp_ports || [];
+    const wan_bp_udp_ports = general.wan_bp_udp_ports || [];
 %}
     set tp_spec_src_ac {
         type ether_addr
@@ -103,7 +108,22 @@
     }
 
     chain tp_spec_lan_re {
+{% if (transparent_default_port_policy == "bypassed"): %}
+    {% if (length(wan_fw_tcp_ports) > 0): %}
+        tcp dport { {{ join(", ", wan_fw_tcp_ports) }} } goto tp_spec_lan_ac
+    {% endif %}
+    {% if (length(wan_fw_udp_ports) > 0): %}
+        udp dport { {{ join(", ", wan_fw_udp_ports) }} } goto tp_spec_lan_ac
+    {% endif %}
+{% else %}
+    {% if (length(wan_bp_tcp_ports) > 0): %}
+        tcp dport { {{ join(", ", wan_bp_tcp_ports) }} } return
+    {% endif %}
+    {% if (length(wan_bp_udp_ports) > 0): %}
+        udp dport { {{ join(", ", wan_bp_udp_ports) }} } return
+    {% endif %}
         meta l4proto { tcp, udp } goto tp_spec_lan_ac
+{% endif %}
     }
 
     chain tp_spec_wan_ac {
@@ -130,7 +150,22 @@
     }
 
     chain tp_spec_wan_re {
+{% if (transparent_default_port_policy == "bypassed"): %}
+    {% if (length(wan_fw_tcp_ports) > 0): %}
+        tcp dport { {{ join(", ", wan_fw_tcp_ports) }} } meta mark set 0x000000fc
+    {% endif %}
+    {% if (length(wan_fw_udp_ports) > 0): %}
+        udp dport { {{ join(", ", wan_fw_udp_ports) }} } meta mark set 0x000000fc
+    {% endif %}
+{% else %}
+    {% if (length(wan_bp_tcp_ports) > 0): %}
+        tcp dport { {{ join(", ", wan_bp_tcp_ports) }} } return
+    {% endif %}
+    {% if (length(wan_bp_udp_ports) > 0): %}
+        udp dport { {{ join(", ", wan_bp_udp_ports) }} } return
+    {% endif %}
         meta l4proto { tcp, udp } meta mark set 0x000000fc
+{% endif %}
     }
 
     chain tp_spec_wan_fw {

luci-app-xray/fw4/root/www/luci-static/resources/view/xray_fw4.js

@@ -737,6 +737,33 @@ return view.extend({
         o = s.taboption('transparent_proxy_rules', form.DynamicList, "wan_fw_ips", _("Forwarded IP"))
         o.datatype = "ip4addr"
         o.rmempty = true
+        
+        o = s.taboption('transparent_proxy_rules', form.ListValue, 'transparent_default_port_policy', _('Default Ports Policy'))
+        o.value("forwarded", _("Forwarded"))
+        o.value("bypassed", _("Bypassed"))
+        o.default = "forwarded"
+        o.datatype = "portrange"
+        o.rmempty = false
+
+        o = s.taboption('transparent_proxy_rules', form.DynamicList, "wan_fw_tcp_ports", _("Forwarded TCP Ports"), _("Requests to these TCP Ports will be forwarded through Xray.<br>80, 443, 853 is recommend."))
+        o.depends("transparent_default_port_policy", "bypassed")
+        o.datatype = "portrange"
+        o.rmempty = true
+
+        o = s.taboption('transparent_proxy_rules', form.DynamicList, "wan_fw_udp_ports", _("Forwarded UDP Ports"), _("Requests to these UDP Ports will be forwarded through Xray.<br>53, 443 is recommend."))
+        o.depends("transparent_default_port_policy", "bypassed")
+        o.datatype = "portrange"
+        o.rmempty = true
+
+        o = s.taboption('transparent_proxy_rules', form.DynamicList, "wan_bp_tcp_ports", _("Bypassed TCP Ports"), _("Requests to these TCP Ports won't be forwarded through Xray."))
+        o.depends("transparent_default_port_policy", "forwarded")
+        o.datatype = "portrange"
+        o.rmempty = true
+
+        o = s.taboption('transparent_proxy_rules', form.DynamicList, "wan_bp_udp_ports", _("Bypassed UDP Ports"), _("Requests to these UDP Ports won't be forwarded through Xray."))
+        o.depends("transparent_default_port_policy", "forwarded")
+        o.datatype = "portrange"
+        o.rmempty = true
 
         o = s.taboption('transparent_proxy_rules', form.SectionValue, "access_control_manual_tproxy", form.GridSection, 'manual_tproxy', _('Manual Transparent Proxy'), _('Compared to iptables REDIRECT, Xray could do NAT46 / NAT64 (for example accessing IPv6 only sites). See <a href="https://github.com/v2ray/v2ray-core/issues/2233">FakeDNS</a> for details.'))
 

luci-theme-design/README.md

@@ -85,7 +85,6 @@ make V=s
 
 ### Q&A
 
-- 资源接口icon未完善，如果有能力画图的欢迎pr，但请确保跟现有icon颜色风格一致
 - 有bug欢迎提issue
 - 主题个人配色可能会不符合大众胃口，欢迎提配色建议
 

v2ray-geodata/Makefile

@@ -21,13 +21,13 @@ define Download/geoip
   HASH:=4d0a5784471992dccc26e0ffd525f44cc9c9b8c6ab90fb922582b0bccb2613de
 endef
 
-GEOSITE_VER:=20230520144114
+GEOSITE_VER:=20230524020910
 GEOSITE_FILE:=dlc.dat.$(GEOSITE_VER)
 define Download/geosite
   URL:=https://github.com/v2fly/domain-list-community/releases/download/$(GEOSITE_VER)/
   URL_FILE:=dlc.dat
   FILE:=$(GEOSITE_FILE)
-  HASH:=6cf04fae7c49a7730b7955f18fc3ca390440584f56e42b2fec6bb00b8e169c4e
+  HASH:=ec69ba26c0b1007a159c1a4ae92bf142c46222fd7b65e1bf4e91f9472e1ef540
 endef
 
 define Package/v2ray-geodata/template