From 8657fe1cebd695b870205990fe4589fa660203e9 Mon Sep 17 00:00:00 2001 From: kenzok8 Date: Wed, 31 Jul 2024 04:16:57 +0800 Subject: [PATCH] update 2024-07-31 04:16:57 --- .../model/cbi/passwall/client/global.lua | 84 +++++++++++++------ .../root/usr/share/passwall/app.sh | 42 ++++++++-- 2 files changed, 91 insertions(+), 35 deletions(-) diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua index 1606bd1a3..6df002153 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua @@ -86,32 +86,62 @@ local doh_validate = function(self, value, t) end local chinadns_dot_validate = function(self, value, t) - if value ~= "" then - value = api.trim(value) - -- Define patterns for IPv4, IPv6, domain, and port - local ipv4_pattern = "(%d+%.%d+%.%d+%.%d+)" - local ipv6_pattern = "([%[%]a-fA-F0-9:]+)" -- IPv6 addresses are wrapped in [] - local domain_pattern = "([%w-_%.]+)" - local port_pattern = "(%d+)" - -- Define patterns for the different formats - local patterns = { - "^tls://" .. domain_pattern .. "@" .. ipv4_pattern .. "#" .. port_pattern .. "$", -- tls://域名@ip#端口 - "^tls://" .. ipv4_pattern .. "#" .. port_pattern .. "$", -- tls://ip#端口 - "^tls://" .. domain_pattern .. "@" .. ipv4_pattern .. "$", -- tls://域名@ip - "^tls://" .. ipv4_pattern .. "$", -- tls://ip - "^tls://" .. domain_pattern .. "@" .. ipv6_pattern .. "#" .. port_pattern .. "$", -- tls://域名@[IPv6]#端口 - "^tls://" .. ipv6_pattern .. "#" .. port_pattern .. "$", -- tls://[IPv6]#端口 - "^tls://" .. domain_pattern .. "@" .. ipv6_pattern .. "$", -- tls://域名@[IPv6] - "^tls://" .. ipv6_pattern .. "$" -- tls://[IPv6] - } - -- Check if the string matches any of the patterns - for _, pattern in ipairs(patterns) do - if value:match(pattern) then - return value + local function isValidDoTString(s) + local prefix = "tls://" + if s:sub(1, #prefix) ~= prefix then + return false + end + local address = s:sub(#prefix + 1) + local at_index = address:find("@") + local hash_index = address:find("#") + local domain, ip, port + if at_index then + if hash_index then + domain = address:sub(1, at_index - 1) + ip = address:sub(at_index + 1, hash_index - 1) + port = address:sub(hash_index + 1) + else + domain = address:sub(1, at_index - 1) + ip = address:sub(at_index + 1) + port = nil + end + else + if hash_index then + ip = address:sub(1, hash_index - 1) + port = address:sub(hash_index + 1) + else + ip = address + port = nil end end - return nil, translate("Direct DNS") .. " DoT " .. translate("Format must be:") .. " tls://Domain@IP(#Port) or tls://IP(#Port)" + local function isValidPort(port) + if not port then return true end + local num = tonumber(port) + return num and num > 0 and num < 65536 + end + local function isValidDomain(domain) + if not domain then return true end + return #domain > 0 + end + local function isValidIP(ip) + return datatypes.ipaddr(ip) or datatypes.ip6addr(ip) + end + if not isValidIP(ip) or not isValidPort(port) then + return false + end + if not isValidDomain(domain) then + return false + end + return true end + + if value ~= "" then + value = api.trim(value) + if isValidDoTString(value) then + return value + end + end + return nil, translate("Direct DNS") .. " DoT " .. translate("Format must be:") .. " tls://Domain@IP(#Port) or tls://IP(#Port)" end m:append(Template(appname .. "/global/status")) @@ -298,10 +328,10 @@ dns_shunt:value("chinadns-ng", "Dnsmasq + ChinaDNS-NG") o = s:taboption("DNS", ListValue, "direct_dns_mode", translate("Direct DNS") .. " " .. translate("Request protocol")) o.default = "" o:value("", translate("Auto")) -o:value("udp", "UDP") -o:value("tcp", "TCP") +o:value("udp", translatef("Requery DNS By %s", "UDP")) +o:value("tcp", translatef("Requery DNS By %s", "TCP")) if os.execute("chinadns-ng -V | grep -i wolfssl >/dev/null") == 0 then - o:value("dot", "DoT") + o:value("dot", translatef("Requery DNS By %s", "DoT")) end --TO DO --o:value("doh", "DoH") @@ -334,6 +364,8 @@ o:value("tls://dot.pub@1.12.12.12") o:value("tls://dot.pub@120.53.53.53") o:value("tls://dot.360.cn@36.99.170.86") o:value("tls://dot.360.cn@101.198.191.4") +o:value("tls://dns.alidns.com@2400:3200::1") +o:value("tls://dns.alidns.com@2400:3200:baba::1") o.validate = chinadns_dot_validate o:depends("direct_dns_mode", "dot") diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh index 27672a3e6..e03f734fd 100755 --- a/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/luci-app-passwall/root/usr/share/passwall/app.sh @@ -217,6 +217,30 @@ check_depends() { fi } +check_ver() { + local version1="$1" + local version2="$2" + local i v1 v1_1 v1_2 v1_3 v2 v2_1 v2_2 v2_3 + IFS='.'; set -- $version1; v1_1=${1:-0}; v1_2=${2:-0}; v1_3=${3:-0} + IFS='.'; set -- $version2; v2_1=${1:-0}; v2_2=${2:-0}; v2_3=${3:-0} + IFS= + for i in 1 2 3; do + eval v1=\$v1_$i + eval v2=\$v2_$i + if [ "$v1" -gt "$v2" ]; then + # $1 大于 $2 + echo 0 + return + elif [ "$v1" -lt "$v2" ]; then + # $1 小于 $2 + echo 1 + return + fi + done + # $1 等于 $2 + echo 255 +} + get_new_port() { port=$1 [ "$port" == "auto" ] && port=2082 @@ -1317,7 +1341,7 @@ start_dns() { local cdns_listen_port=${dns_listen_port} dns_listen_port=$(expr $dns_listen_port + 1) local DIRECT_DNS=$(config_t_get global direct_dns_dot "tls://dot.pub@1.12.12.12") - ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${cdns_listen_port}@udp -c ${DIRECT_DNS} -d chn + ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${cdns_listen_port} -c ${DIRECT_DNS} -d chn echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}" echolog " * 请确保上游直连 DNS 支持 DoT 查询。" else @@ -1433,10 +1457,10 @@ start_dns() { [ "${use_udp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 UDP 查询并已使用 UDP 节点,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!" [ "$DNS_SHUNT" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ] && { - chinadns_ng_min=2024-04-13 - chinadns_ng_now=$(chinadns-ng -V | grep -i "ChinaDNS-NG " | awk '{print $2}' | awk 'BEGIN{FS=".";OFS="-"};{print $1,$2,$3}') - if [ $(date -d "$chinadns_ng_now" +%s) -lt $(date -d "$chinadns_ng_min" +%s) ]; then - echolog " * 注意:当前 ChinaDNS-NG 版本为[ ${chinadns_ng_now//-/.} ],请更新到[ ${chinadns_ng_min//-/.} ]或以上版本,否则 DNS 有可能无法正常工作!" + chinadns_ng_min=2024.04.13 + chinadns_ng_now=$(chinadns-ng -V | grep -i "ChinaDNS-NG " | awk '{print $2}') + if [ $(check_ver "$chinadns_ng_now" "$chinadns_ng_min") = 1 ]; then + echolog " * 注意:当前 ChinaDNS-NG 版本为[ $chinadns_ng_now ],请更新到[ $chinadns_ng_min ]或以上版本,否则 DNS 有可能无法正常工作!" fi local china_ng_local_dns=$(echo -n $(echo "${LOCAL_DNS}" | sed "s/,/\n/g" | head -n2 | awk -v prefix="udp://" '{ for (i=1; i<=NF; i++) print prefix $i }') | tr " " ",") @@ -1610,10 +1634,10 @@ acl_app() { } [ "$dns_shunt" = "chinadns-ng" ] && [ -n "$(first_type chinadns-ng)" ] && { - chinadns_ng_min=2024-04-13 - chinadns_ng_now=$(chinadns-ng -V | grep -i "ChinaDNS-NG " | awk '{print $2}' | awk 'BEGIN{FS=".";OFS="-"};{print $1,$2,$3}') - if [ $(date -d "$chinadns_ng_now" +%s) -lt $(date -d "$chinadns_ng_min" +%s) ]; then - echolog " * 注意:当前 ChinaDNS-NG 版本为[ ${chinadns_ng_now//-/.} ],请更新到[ ${chinadns_ng_min//-/.} ]或以上版本,否则 DNS 有可能无法正常工作!" + chinadns_ng_min=2024.04.13 + chinadns_ng_now=$(chinadns-ng -V | grep -i "ChinaDNS-NG " | awk '{print $2}') + if [ $(check_ver "$chinadns_ng_now" "$chinadns_ng_min") = 1 ]; then + echolog " * 注意:当前 ChinaDNS-NG 版本为[ $chinadns_ng_now ],请更新到[ $chinadns_ng_min ]或以上版本,否则 DNS 有可能无法正常工作!" fi [ "$filter_proxy_ipv6" = "1" ] && dnsmasq_filter_proxy_ipv6=0