update 04-13 20:35
This commit is contained in:
github-actions[bot]
parent
cceca1dd69
commit
83b7bbe8ba
|
|
@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=luci-app-passwall2
|
||||
PKG_VERSION:=1.3
|
||||
PKG_RELEASE:=4
|
||||
PKG_RELEASE:=5
|
||||
|
||||
PKG_CONFIG_DEPENDS:= \
|
||||
CONFIG_PACKAGE_$(PKG_NAME)_Transparent_Proxy \
|
||||
|
|
|
|||
|
|
@ -26,6 +26,8 @@ local direct_dns_doh_url = var["-direct_dns_doh_url"]
|
|||
local direct_dns_doh_host = var["-direct_dns_doh_host"]
|
||||
local remote_dns_server = var["-remote_dns_server"]
|
||||
local remote_dns_port = var["-remote_dns_port"]
|
||||
local remote_dns_udp_server = var["-remote_dns_udp_server"]
|
||||
local remote_dns_udp_local = var["-remote_dns_udp_local"]
|
||||
local remote_dns_tcp_server = var["-remote_dns_tcp_server"]
|
||||
local remote_dns_doh_url = var["-remote_dns_doh_url"]
|
||||
local remote_dns_doh_host = var["-remote_dns_doh_host"]
|
||||
|
|
@ -483,6 +485,7 @@ if true then
|
|||
end)
|
||||
end
|
||||
local rule = {
|
||||
_flag = e.remarks,
|
||||
type = "field",
|
||||
outboundTag = outboundTag,
|
||||
network = e["network"] or "tcp,udp",
|
||||
|
|
@ -493,11 +496,13 @@ if true then
|
|||
}
|
||||
if domains then
|
||||
local _rule = api.clone(rule)
|
||||
_rule["_flag"] = _rule["_flag"] .. "_domains"
|
||||
_rule.domains = domains
|
||||
table.insert(rules, _rule)
|
||||
end
|
||||
if ip then
|
||||
local _rule = api.clone(rule)
|
||||
_rule["_flag"] = _rule["_flag"] .. "_ip"
|
||||
_rule.ip = ip
|
||||
table.insert(rules, _rule)
|
||||
end
|
||||
|
|
@ -510,6 +515,7 @@ if true then
|
|||
|
||||
if default_outboundTag then
|
||||
table.insert(rules, {
|
||||
_flag = "defalut",
|
||||
type = "field",
|
||||
outboundTag = default_outboundTag,
|
||||
network = "tcp,udp"
|
||||
|
|
@ -547,105 +553,153 @@ if true then
|
|||
domainMatcher = "hybrid",
|
||||
rules = {}
|
||||
}
|
||||
table.insert(routing.rules, {
|
||||
_flag = "defalut",
|
||||
type = "field",
|
||||
outboundTag = node_id,
|
||||
network = "tcp,udp"
|
||||
})
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
if remote_dns_server or remote_dns_fake then
|
||||
if remote_dns_server or remote_dns_doh_url or remote_dns_fake then
|
||||
local rules = {}
|
||||
|
||||
if not routing then
|
||||
routing = {
|
||||
domainStrategy = "IPOnDemand",
|
||||
rules = {}
|
||||
}
|
||||
end
|
||||
|
||||
dns = {
|
||||
tag = "dns-in1",
|
||||
hosts = {},
|
||||
disableCache = (dns_cache and dns_cache == "0") and true or false,
|
||||
disableFallback = true,
|
||||
disableFallbackIfMatch = true,
|
||||
servers = {
|
||||
--remote_dns_server
|
||||
},
|
||||
servers = {},
|
||||
clientIp = (remote_dns_client_ip and remote_dns_client_ip ~= "") and remote_dns_client_ip or nil,
|
||||
queryStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or nil
|
||||
queryStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or "UseIPv4"
|
||||
}
|
||||
if remote_dns_doh_url and remote_dns_doh_host then
|
||||
if remote_dns_doh_host ~= remote_dns_server and not api.is_ip(remote_dns_doh_host) then
|
||||
table.insert(dns.hosts, {
|
||||
[remote_dns_doh_host] = remote_dns_server
|
||||
})
|
||||
|
||||
local dns_host = ""
|
||||
if flag == "global" then
|
||||
dns_host = uci:get(appname, "@global[0]", "dns_hosts") or ""
|
||||
else
|
||||
flag = flag:gsub("acl_", "")
|
||||
local dns_hosts_mode = uci:get(appname, flag, "dns_hosts_mode") or "default"
|
||||
if dns_hosts_mode == "default" then
|
||||
dns_host = uci:get(appname, "@global[0]", "dns_hosts") or ""
|
||||
elseif dns_hosts_mode == "disable" then
|
||||
dns_host = ""
|
||||
elseif dns_hosts_mode == "custom" then
|
||||
dns_host = uci:get(appname, flag, "dns_hosts") or ""
|
||||
end
|
||||
table.insert(dns.servers, {
|
||||
tag = "remote",
|
||||
address = remote_dns_doh_url,
|
||||
port = tonumber(remote_dns_port) or 443,
|
||||
domains = #dns_remote_domains > 0 and dns_remote_domains or nil,
|
||||
--expectIPs = #dns_remote_expectIPs > 0 and dns_remote_expectIPs or nil
|
||||
})
|
||||
end
|
||||
if #dns_host > 0 then
|
||||
string.gsub(dns_host, '[^' .. "\r\n" .. ']+', function(w)
|
||||
local host = sys.exec(string.format("echo -n $(echo %s | awk -F ' ' '{print $1}')", w))
|
||||
local key = sys.exec(string.format("echo -n $(echo %s | awk -F ' ' '{print $2}')", w))
|
||||
if host ~= "" and key ~= "" then
|
||||
dns.hosts[host] = key
|
||||
end
|
||||
end)
|
||||
end
|
||||
|
||||
if remote_dns_tcp_server then
|
||||
table.insert(dns.servers, {
|
||||
tag = "remote",
|
||||
address = remote_dns_tcp_server,
|
||||
port = tonumber(remote_dns_port) or 53,
|
||||
domains = #dns_remote_domains > 0 and dns_remote_domains or nil,
|
||||
--expectIPs = #dns_remote_expectIPs > 0 and dns_remote_expectIPs or nil
|
||||
})
|
||||
end
|
||||
|
||||
if remote_dns_fake then
|
||||
fakedns = {}
|
||||
fakedns[#fakedns + 1] = {
|
||||
ipPool = "198.18.0.0/16",
|
||||
poolSize = 65535
|
||||
}
|
||||
remote_dns_server = "1.1.1.1"
|
||||
table.insert(dns.servers, {
|
||||
tag = "remote",
|
||||
address = "fakedns",
|
||||
if true then
|
||||
local _remote_dns = {
|
||||
_flag = "remote",
|
||||
domains = #dns_remote_domains > 0 and dns_remote_domains or nil
|
||||
})
|
||||
--expectIPs = #dns_remote_expectIPs > 0 and dns_remote_expectIPs or nil
|
||||
}
|
||||
|
||||
if remote_dns_udp_server then
|
||||
_remote_dns.address = remote_dns_udp_server
|
||||
_remote_dns.port = tonumber(remote_dns_port) or 53
|
||||
if remote_dns_udp_local == "1" then
|
||||
table.insert(routing.rules, 1, {
|
||||
type = "field",
|
||||
ip = {
|
||||
remote_dns_udp_server
|
||||
},
|
||||
outboundTag = "direct"
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
if remote_dns_tcp_server then
|
||||
_remote_dns.address = remote_dns_tcp_server
|
||||
_remote_dns.port = tonumber(remote_dns_port) or 53
|
||||
end
|
||||
|
||||
if remote_dns_doh_url and remote_dns_doh_host then
|
||||
if remote_dns_server and remote_dns_doh_host ~= remote_dns_server and not api.is_ip(remote_dns_doh_host) then
|
||||
dns.hosts[remote_dns_doh_host] = remote_dns_server
|
||||
end
|
||||
_remote_dns.address = remote_dns_doh_url
|
||||
_remote_dns.port = tonumber(remote_dns_port) or 443
|
||||
end
|
||||
|
||||
if remote_dns_fake then
|
||||
remote_dns_server = "1.1.1.1"
|
||||
fakedns = {}
|
||||
fakedns[#fakedns + 1] = {
|
||||
ipPool = "198.18.0.0/16",
|
||||
poolSize = 65535
|
||||
}
|
||||
if dns_query_strategy == "UseIP" then
|
||||
fakedns[#fakedns + 1] = {
|
||||
ipPool = "fc00::/18",
|
||||
poolSize = 65535
|
||||
}
|
||||
end
|
||||
_remote_dns.address = "fakedns"
|
||||
end
|
||||
|
||||
table.insert(dns.servers, _remote_dns)
|
||||
end
|
||||
|
||||
local nodes_domain = {}
|
||||
local nodes_domain_text = sys.exec('uci show passwall2 | grep ".address=" | cut -d "\'" -f 2 | grep "[a-zA-Z]$" | sort -u')
|
||||
string.gsub(nodes_domain_text, '[^' .. "\r\n" .. ']+', function(w)
|
||||
table.insert(nodes_domain, w)
|
||||
table.insert(dns_direct_domains, w)
|
||||
end)
|
||||
if true then
|
||||
local nodes_domain_text = sys.exec('uci show passwall2 | grep ".address=" | cut -d "\'" -f 2 | grep "[a-zA-Z]$" | sort -u')
|
||||
string.gsub(nodes_domain_text, '[^' .. "\r\n" .. ']+', function(w)
|
||||
table.insert(dns_direct_domains, "full:" .. w)
|
||||
end)
|
||||
|
||||
if direct_dns_udp_server then
|
||||
table.insert(dns.servers, {
|
||||
tag = "direct",
|
||||
address = direct_dns_udp_server,
|
||||
port = tonumber(direct_dns_port) or 53,
|
||||
domains = #dns_direct_domains > 0 and dns_direct_domains or nil,
|
||||
local _direct_dns = {
|
||||
_flag = "direct",
|
||||
domains = #dns_direct_domains > 0 and dns_direct_domains or nil
|
||||
--expectIPs = #dns_direct_expectIPs > 0 and dns_direct_expectIPs or nil
|
||||
})
|
||||
end
|
||||
}
|
||||
|
||||
if direct_dns_tcp_server then
|
||||
table.insert(dns.servers, {
|
||||
tag = "direct",
|
||||
address = direct_dns_tcp_server:gsub("tcp://", "tcp+local://"),
|
||||
port = tonumber(direct_dns_port) or 53,
|
||||
domains = #dns_direct_domains > 0 and dns_direct_domains or nil,
|
||||
--expectIPs = #dns_direct_expectIPs > 0 and dns_direct_expectIPs or nil
|
||||
})
|
||||
end
|
||||
|
||||
if direct_dns_doh_url and direct_dns_doh_host then
|
||||
if direct_dns_doh_host ~= direct_dns_server and not api.is_ip(direct_dns_doh_host) then
|
||||
table.insert(dns.hosts, {
|
||||
[direct_dns_doh_host] = direct_dns_server
|
||||
if direct_dns_udp_server then
|
||||
_direct_dns.address = direct_dns_udp_server
|
||||
_direct_dns.port = tonumber(direct_dns_port) or 53
|
||||
table.insert(routing.rules, 1, {
|
||||
type = "field",
|
||||
ip = {
|
||||
direct_dns_udp_server
|
||||
},
|
||||
outboundTag = "direct"
|
||||
})
|
||||
end
|
||||
table.insert(dns.servers, {
|
||||
tag = "direct",
|
||||
address = direct_dns_doh_url:gsub("https://", "https+local://"),
|
||||
port = tonumber(direct_dns_port) or 443,
|
||||
domains = #dns_direct_domains > 0 and dns_direct_domains or nil,
|
||||
--expectIPs = #dns_direct_expectIPs > 0 and dns_direct_expectIPs or nil
|
||||
})
|
||||
|
||||
if direct_dns_tcp_server then
|
||||
_direct_dns.address = direct_dns_tcp_server:gsub("tcp://", "tcp+local://")
|
||||
_direct_dns.port = tonumber(direct_dns_port) or 53
|
||||
end
|
||||
|
||||
if direct_dns_doh_url and direct_dns_doh_host then
|
||||
if direct_dns_doh_host ~= direct_dns_server and not api.is_ip(direct_dns_doh_host) then
|
||||
dns.hosts[remote_dns_doh_host] = direct_dns_server
|
||||
end
|
||||
_direct_dns.address = direct_dns_doh_url:gsub("https://", "https+local://")
|
||||
_direct_dns.port = tonumber(direct_dns_port) or 443
|
||||
end
|
||||
|
||||
table.insert(dns.servers, _direct_dns)
|
||||
end
|
||||
|
||||
if dns_listen_port then
|
||||
|
|
@ -655,20 +709,29 @@ if remote_dns_server or remote_dns_fake then
|
|||
protocol = "dokodemo-door",
|
||||
tag = "dns-in",
|
||||
settings = {
|
||||
address = remote_dns_server,
|
||||
address = remote_dns_server or "1.1.1.1",
|
||||
port = 53,
|
||||
network = "tcp,udp"
|
||||
}
|
||||
})
|
||||
end
|
||||
|
||||
table.insert(rules, {
|
||||
type = "field",
|
||||
inboundTag = {
|
||||
"dns-in"
|
||||
},
|
||||
outboundTag = "dns-out"
|
||||
})
|
||||
table.insert(outbounds, {
|
||||
tag = "dns-out",
|
||||
protocol = "dns",
|
||||
settings = {
|
||||
address = remote_dns_server or "1.1.1.1",
|
||||
network = "tcp"
|
||||
}
|
||||
})
|
||||
|
||||
table.insert(routing.rules, 1, {
|
||||
type = "field",
|
||||
inboundTag = {
|
||||
"dns-in"
|
||||
},
|
||||
outboundTag = "dns-out"
|
||||
})
|
||||
end
|
||||
|
||||
local default_dns_flag = "remote"
|
||||
if node_id and redir_port then
|
||||
|
|
@ -691,32 +754,16 @@ if remote_dns_server or remote_dns_fake then
|
|||
end
|
||||
end
|
||||
|
||||
if nodes_domain and #nodes_domain > 0 then
|
||||
table.insert(rules, {
|
||||
type = "field",
|
||||
domains = nodes_domain,
|
||||
outboundTag = "direct"
|
||||
})
|
||||
end
|
||||
|
||||
if direct_dns_udp_server then
|
||||
table.insert(rules, {
|
||||
type = "field",
|
||||
ip = {
|
||||
direct_dns_udp_server
|
||||
},
|
||||
outboundTag = "direct"
|
||||
})
|
||||
end
|
||||
|
||||
if dns.servers and #dns.servers > 0 then
|
||||
local dns_servers = nil
|
||||
for index, value in ipairs(dns.servers) do
|
||||
if not dns_servers and value.tag == default_dns_flag then
|
||||
if not dns_servers and value["_flag"] == default_dns_flag then
|
||||
dns_servers = {
|
||||
_flag = "default",
|
||||
address = value.address,
|
||||
port = value.port
|
||||
}
|
||||
break
|
||||
end
|
||||
end
|
||||
if dns_servers then
|
||||
|
|
@ -724,18 +771,24 @@ if remote_dns_server or remote_dns_fake then
|
|||
end
|
||||
end
|
||||
|
||||
if not routing then
|
||||
routing = {
|
||||
domainStrategy = "IPOnDemand",
|
||||
rules = rules
|
||||
}
|
||||
else
|
||||
for index, value in ipairs(rules) do
|
||||
table.insert(routing.rules, 1, value)
|
||||
local default_rule_index = #routing.rules > 0 and #routing.rules or 1
|
||||
for index, value in ipairs(routing.rules) do
|
||||
if value["_flag"] == "default" then
|
||||
default_rule_index = index
|
||||
break
|
||||
end
|
||||
end
|
||||
for index, value in ipairs(rules) do
|
||||
local t = rules[#rules + 1 - index]
|
||||
table.insert(routing.rules, default_rule_index, t)
|
||||
end
|
||||
|
||||
if #dns.hosts == 0 then
|
||||
local dns_hosts_len = 0
|
||||
for key, value in pairs(dns.hosts) do
|
||||
dns_hosts_len = dns_hosts_len + 1
|
||||
end
|
||||
|
||||
if dns_hosts_len == 0 then
|
||||
dns.hosts = nil
|
||||
end
|
||||
end
|
||||
|
|
@ -778,15 +831,11 @@ if inbounds or outbounds then
|
|||
}
|
||||
]]--
|
||||
}
|
||||
table.insert(outbounds, {
|
||||
protocol = "dns",
|
||||
tag = "dns-out"
|
||||
})
|
||||
table.insert(outbounds, {
|
||||
protocol = "freedom",
|
||||
tag = "direct",
|
||||
settings = {
|
||||
domainStrategy = "UseIPv4"
|
||||
domainStrategy = (dns_query_strategy and dns_query_strategy ~= "") and dns_query_strategy or "UseIPv4"
|
||||
},
|
||||
streamSettings = {
|
||||
sockopt = {
|
||||
|
|
|
|||
|
|
@ -233,4 +233,25 @@ o.datatype = "ipaddr"
|
|||
o:depends("remote_dns_protocol", "tcp")
|
||||
o:depends("remote_dns_protocol", "doh")
|
||||
|
||||
o = s:option(ListValue, "dns_query_strategy", translate("Query Strategy"))
|
||||
o.default = "UseIPv4"
|
||||
o:value("UseIP")
|
||||
o:value("UseIPv4")
|
||||
--o:value("UseIPv6")
|
||||
o:depends("remote_dns_protocol", "tcp")
|
||||
o:depends("remote_dns_protocol", "doh")
|
||||
|
||||
o = s:option(ListValue, "dns_hosts_mode", translate("Domain Override"))
|
||||
o.default = "default"
|
||||
o:value("default", translate("Default"))
|
||||
o:value("disable", translate("Disable"))
|
||||
o:value("custom", translate("Custom"))
|
||||
o:depends("remote_dns_protocol", "tcp")
|
||||
o:depends("remote_dns_protocol", "doh")
|
||||
|
||||
hosts = s:option(TextValue, "dns_hosts", translate("Domain Override"))
|
||||
hosts.rows = 5
|
||||
hosts.wrap = "off"
|
||||
hosts:depends("dns_hosts_mode", "custom")
|
||||
|
||||
return m
|
||||
|
|
|
|||
|
|
@ -175,6 +175,8 @@ o:depends("direct_dns_protocol", "doh")
|
|||
o = s:taboption("DNS", ListValue, "remote_dns_protocol", translate("Remote DNS Protocol"))
|
||||
o:value("tcp", "TCP")
|
||||
o:value("doh", "DoH")
|
||||
o:value("udp", "UDP")
|
||||
o:value("udp+local", "UDP+Local")
|
||||
o:value("fakedns", "FakeDNS")
|
||||
|
||||
---- DNS Forward
|
||||
|
|
@ -189,6 +191,8 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
|
|||
o:value("208.67.220.220", "208.67.220.220 (OpenDNS)")
|
||||
o:value("208.67.222.222", "208.67.222.222 (OpenDNS)")
|
||||
o:depends("remote_dns_protocol", "tcp")
|
||||
o:depends("remote_dns_protocol", "udp")
|
||||
o:depends("remote_dns_protocol", "udp+local")
|
||||
|
||||
---- DoH
|
||||
o = s:taboption("DNS", Value, "remote_dns_doh", translate("Remote DNS DoH"))
|
||||
|
|
@ -212,6 +216,16 @@ o.datatype = "ipaddr"
|
|||
o:depends("remote_dns_protocol", "tcp")
|
||||
o:depends("remote_dns_protocol", "doh")
|
||||
|
||||
o = s:taboption("DNS", ListValue, "dns_query_strategy", translate("Query Strategy"))
|
||||
o.default = "UseIPv4"
|
||||
o:value("UseIP")
|
||||
o:value("UseIPv4")
|
||||
--o:value("UseIPv6")
|
||||
|
||||
hosts = s:taboption("DNS", TextValue, "dns_hosts", translate("Domain Override"))
|
||||
hosts.rows = 5
|
||||
hosts.wrap = "off"
|
||||
|
||||
s:tab("log", translate("Log"))
|
||||
o = s:taboption("log", Flag, "close_log", translate("Close Node Log"))
|
||||
o.rmempty = false
|
||||
|
|
|
|||
|
|
@ -124,6 +124,12 @@ msgstr "用于 DNS 查询时通知 DNS 服务器,客户端所在的地理位
|
|||
msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)."
|
||||
msgstr "此功能需要 DNS 服务器支持 EDNS Client Subnet(RFC7871)。"
|
||||
|
||||
msgid "Query Strategy"
|
||||
msgstr "查询策略"
|
||||
|
||||
msgid "Domain Override"
|
||||
msgstr "域名重写"
|
||||
|
||||
msgid "About DNS issues:"
|
||||
msgstr "关于DNS问题:"
|
||||
|
||||
|
|
|
|||
|
|
@ -6,6 +6,9 @@ config global
|
|||
option direct_dns_protocol 'auto'
|
||||
option remote_dns_protocol 'tcp'
|
||||
option remote_dns '1.1.1.1'
|
||||
option dns_query_strategy 'UseIPv4'
|
||||
option dns_hosts 'cloudflare-dns.com 1.1.1.1
|
||||
dns.google.com 8.8.8.8'
|
||||
option close_log '0'
|
||||
option loglevel 'error'
|
||||
|
||||
|
|
|
|||
|
|
@ -265,7 +265,7 @@ lua_api() {
|
|||
|
||||
run_v2ray() {
|
||||
local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
|
||||
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh remote_dns_protocol remote_dns_tcp_server remote_dns_doh remote_dns_client_ip dns_query_strategy dns_cache
|
||||
local dns_listen_port direct_dns_protocol direct_dns_udp_server direct_dns_tcp_server direct_dns_doh remote_dns_protocol remote_dns_udp_server remote_dns_udp_local remote_dns_tcp_server remote_dns_doh remote_dns_client_ip dns_query_strategy dns_cache
|
||||
local loglevel log_file config_file
|
||||
local _extra_param=""
|
||||
eval_set_val $@
|
||||
|
|
@ -327,10 +327,18 @@ run_v2ray() {
|
|||
[ -z "${_doh_port}" ] && _doh_port=443
|
||||
local _doh_bootstrap=$(echo $direct_dns_doh | cut -d ',' -sf 2-)
|
||||
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
|
||||
_extra_param="${_extra_param} -direct_dns_server ${_doh_bootstrap} -direct_dns_port ${_doh_port} -direct_dns_doh_url ${_doh_url} -direct_dns_doh_host ${_doh_host}"
|
||||
[ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -direct_dns_server ${_doh_bootstrap}"
|
||||
_extra_param="${_extra_param} -direct_dns_port ${_doh_port} -direct_dns_doh_url ${_doh_url} -direct_dns_doh_host ${_doh_host}"
|
||||
;;
|
||||
esac
|
||||
case "$remote_dns_protocol" in
|
||||
udp*)
|
||||
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
|
||||
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
|
||||
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
|
||||
_extra_param="${_extra_param} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_udp_server ${_dns_address}"
|
||||
[ "$remote_dns_protocol" = "udp+local" ] && _extra_param="${_extra_param} -remote_dns_udp_local 1"
|
||||
;;
|
||||
tcp)
|
||||
local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g')
|
||||
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
|
||||
|
|
@ -347,7 +355,8 @@ run_v2ray() {
|
|||
[ -z "${_doh_port}" ] && _doh_port=443
|
||||
local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-)
|
||||
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
|
||||
_extra_param="${_extra_param} -remote_dns_server ${_doh_bootstrap} -remote_dns_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
|
||||
[ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -remote_dns_server ${_doh_bootstrap}"
|
||||
_extra_param="${_extra_param} -remote_dns_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
|
||||
;;
|
||||
fakedns)
|
||||
_extra_param="${_extra_param} -remote_dns_fake 1"
|
||||
|
|
@ -559,6 +568,10 @@ run_global() {
|
|||
[ -n "$REMOTE_DNS_PROTOCOL" ] && {
|
||||
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_protocol=${REMOTE_DNS_PROTOCOL}"
|
||||
case "$REMOTE_DNS_PROTOCOL" in
|
||||
udp*)
|
||||
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_udp_server=${REMOTE_DNS}"
|
||||
msg="${msg} 远程DNS:${REMOTE_DNS}"
|
||||
;;
|
||||
tcp)
|
||||
V2RAY_ARGS="${V2RAY_ARGS} remote_dns_tcp_server=${REMOTE_DNS}"
|
||||
msg="${msg} 远程DNS:${REMOTE_DNS}"
|
||||
|
|
@ -783,14 +796,13 @@ DIRECT_DNS_PROTOCOL=$(config_t_get global direct_dns_protocol tcp)
|
|||
DIRECT_DNS=$(config_t_get global direct_dns 119.29.29.29:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
||||
REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
|
||||
REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
|
||||
DNS_QUERY_STRATEGY=$(config_t_get global dns_query_strategy UseIPv4)
|
||||
DNS_CACHE=$(config_t_get global dns_cache 1)
|
||||
|
||||
DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
|
||||
[ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $(sed -n 's/^nameserver[ \t]*\([^ ]*\)$/\1/p' "${RESOLVFILE}" | grep -v -E "0.0.0.0|127.0.0.1|::" | head -2) | tr ' ' ',')
|
||||
|
||||
PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
|
||||
DNS_QUERY_STRATEGY="UseIPv4"
|
||||
[ "$PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIP"
|
||||
|
||||
export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
|
||||
export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
|
||||
|
|
|
|||
|
|
@ -176,7 +176,7 @@ load_acl() {
|
|||
dnsmasq_port=11400
|
||||
echolog "访问控制:"
|
||||
for item in $items; do
|
||||
local enabled sid remarks sources tcp_no_redir_ports udp_no_redir_ports node direct_dns_protocol direct_dns direct_dns_doh remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip
|
||||
local enabled sid remarks sources tcp_no_redir_ports udp_no_redir_ports node direct_dns_protocol direct_dns direct_dns_doh remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip dns_query_strategy
|
||||
local _ip _mac _iprange _ipset _ip_or_mac rule_list node_remark config_file
|
||||
sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
|
||||
eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
|
||||
|
|
@ -205,6 +205,7 @@ load_acl() {
|
|||
tcp_proxy_mode="global"
|
||||
udp_proxy_mode="global"
|
||||
node=${node:-default}
|
||||
dns_query_strategy=${dns_query_strategy:-UseIPv4}
|
||||
direct_dns_protocol=${direct_dns_protocol:-auto}
|
||||
direct_dns=${direct_dns:-119.29.29.29}
|
||||
[ "$direct_dns_protocol" = "doh" ] && direct_dns=${direct_dns_doh:-https://223.5.5.5/dns-query}
|
||||
|
|
@ -231,7 +232,7 @@ load_acl() {
|
|||
if [ -n "${type}" ] && ([ "${type}" = "v2ray" ] || [ "${type}" = "xray" ]); then
|
||||
config_file=$TMP_ACL_PATH/${node}_TCP_UDP_DNS_${redir_port}.json
|
||||
dns_port=$(get_new_port $(expr $dns_port + 1))
|
||||
run_v2ray flag=acl_$sid node=$node redir_port=$redir_port dns_listen_port=${dns_port} direct_dns_protocol=${direct_dns_protocol} direct_dns_udp_server=${direct_dns} direct_dns_tcp_server=${direct_dns} direct_dns_doh="${direct_dns}" remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} dns_query_strategy=${DNS_QUERY_STRATEGY} config_file=${config_file}
|
||||
run_v2ray flag=acl_$sid node=$node redir_port=$redir_port dns_listen_port=${dns_port} direct_dns_protocol=${direct_dns_protocol} direct_dns_udp_server=${direct_dns} direct_dns_tcp_server=${direct_dns} direct_dns_doh="${direct_dns}" remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} dns_query_strategy=${dns_query_strategy} config_file=${config_file}
|
||||
fi
|
||||
dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1))
|
||||
redirect_dns_port=$dnsmasq_port
|
||||
|
|
@ -340,7 +341,7 @@ load_acl() {
|
|||
$ipt_m -A PSW2 $(comment "$remarks") ${_ipt_source} -p udp -j RETURN
|
||||
$ip6t_m -A PSW2 $(comment "$remarks") ${_ipt_source} -p udp -j RETURN 2>/dev/null
|
||||
done
|
||||
unset enabled sid remarks sources tcp_no_redir_ports udp_no_redir_ports node direct_dns_protocol direct_dns direct_dns_doh remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip
|
||||
unset enabled sid remarks sources tcp_no_redir_ports udp_no_redir_ports node direct_dns_protocol direct_dns direct_dns_doh remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip dns_query_strategy
|
||||
unset _ip _mac _iprange _ipset _ip_or_mac rule_list node_remark config_file
|
||||
unset ipt_tmp msg msg2
|
||||
unset redirect_dns_port
|
||||
|
|
|
|||
Loading…
Reference in New Issue