update 2024-03-06 16:14:42

2024-03-06 16:14:42 +08:00 · 2024-03-06 16:14:42 +08:00 · a82289ebe0
parent d2f5fd15be
commit a82289ebe0
8 changed files with 169 additions and 37 deletions
--- a/brook/Makefile
+++ b/brook/Makefile
@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=brook
-PKG_VERSION:=20240214
+PKG_VERSION:=20240404
 PKG_RELEASE:=1
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/txthinking/brook/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=d3c77b8069b21cfdb14f3282eba26b7b4860cd741462e4d6b6929ad07fa55153
+PKG_HASH:=6eda9a348f9c3555a1c27711e81c0982ea9999bf2878e73cf2eaaee90e8cc2e7
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=GPL-3.0
--- a/daed-next/Makefile
+++ b/daed-next/Makefile
@ -69,8 +69,8 @@ endef
 define Build/Prepare
 	( \
 	$(TAR) --strip-components=1 -C $(PKG_BUILD_DIR)/../ -xzf $(DL_DIR)/$(PKG_NAME)-$(PKG_VERSION).tar.gz ; \
-	rm -rf $(PKG_BUILD_DIR) && git clone https://github.com/daeuniverse/dae-wing $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing ; \
+	rm -rf $(PKG_BUILD_DIR) && git clone https://github.com/daeuniverse/dae-wing $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing && cd $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/wing && git reset --hard 8b766fe61eb51c13808e73cecc6d686baeeb534b ; \
-	rm -rf $(PKG_BUILD_DIR)/dae-core && git clone https://github.com/daeuniverse/dae $(PKG_BUILD_DIR)/dae-core ; \
+	rm -rf $(PKG_BUILD_DIR)/dae-core && git clone https://github.com/daeuniverse/dae $(PKG_BUILD_DIR)/dae-core && cd $(PKG_BUILD_DIR)/dae-core && git reset --hard e02d7b84738cb73149e93914e23ec3957f91fe42 ; \
 	rm -rf $(PKG_BUILD_DIR)/dae-core/control/kern/headers && git clone https://github.com/daeuniverse/dae_bpf_headers $(PKG_BUILD_DIR)/dae-core/control/kern/headers ; \
 	)
 endef
--- a/luci-app-amlogic/Makefile
+++ b/luci-app-amlogic/Makefile
@ -16,7 +16,7 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=luci-app-amlogic
-PKG_VERSION:=3.1.220
+PKG_VERSION:=3.1.221
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-2.0 License
--- a/luci-app-amlogic/root/usr/sbin/openwrt-kernel
+++ b/luci-app-amlogic/root/usr/sbin/openwrt-kernel
@ -29,6 +29,14 @@ AUTO_MAINLINE_UBOOT="no"
 # Set the release check file
 release_file="/etc/flippy-openwrt-release"
 #
 # Set font color
 STEPS="[\033[95m STEPS \033[0m]"
 INFO="[\033[94m INFO \033[0m]"
 SUCCESS="[\033[92m SUCCESS \033[0m]"
 FINISH="[\033[93m FINISH \033[0m]"
 PROMPT="[\033[93m PROMPT \033[0m]"
 ERROR="[\033[91m ERROR \033[0m]"
 #
 #====================================================================================
 # Encountered a serious error, abort the script execution
@ -113,7 +121,7 @@ init_var() {
    # Current device model
    MYDEVICE_NAME="$(cat /proc/device-tree/model | tr -d '\000')"
    [[ "${PLATFORM}" == "qemu-aarch64" ]] && MYDEVICE_NAME="KVM Virtual Machine"
-    echo -e "Current device: ${MYDEVICE_NAME} [ ${PLATFORM} ], Use in [ ${EMMC_NAME} ]"
+    echo -e "${INFO} Current device: ${MYDEVICE_NAME} [ ${PLATFORM} ], Use in [ ${EMMC_NAME} ]"
    sync && echo ""
 }
@ -344,20 +352,138 @@ update_uboot() {
    sync && echo ""
 }
-echo -e "Start update the openwrt kernel."
+# Rescue the kernel
 sos_kernel() {
    echo -e "${STEPS} Start rescuing kernel..."
    # Supports specifying disks, such as: [ openwrt-kernel -s mmcblk1 ]
    box_disk="${2}"
    if [[ -n "${box_disk}" ]]; then
        # Format the disk names
        box_disk="${box_disk//\/dev\//}"
        # Check if the disk exists
        [[ -b "/dev/${box_disk}" ]] || error_msg "The specified disk [ ${box_disk} ] does not exist."
        # Check if the disk is the same as the current system disk
        [[ "${box_disk}" == "${EMMC_NAME}" ]] && error_msg "The specified disk [ ${box_disk} ] is the same as the current system disk [ ${EMMC_NAME} ]."
        echo -e "${INFO} The device name of the specified disk: [ ${box_disk} ]"
    else
        # Find emmc disk, first find emmc containing boot0 partition
        box_disk="$(lsblk -l -o NAME | grep -oE '(mmcblk[0-9]?|nvme[0-9]?n[0-9]?|[hsv]d[a-z])' | grep -vE ^${EMMC_NAME} | sort -u | head -n 1)"
        # Check if disk exists
        [[ -z "${box_disk}" ]] && error_msg "Unable to locate the storage requiring rescue."
        echo -e "${INFO} The device name of the target disk: [ ${box_disk} ]"
    fi
    rescue_disk="/dev/${box_disk}"
    echo -e "${INFO} The current OpenWrt is running on [ /dev/${EMMC_NAME} ], and the target disk for restoration is [ ${rescue_disk} ]."
    # Create a temporary mount directory
    umount ${P4_PATH}/bootfs 2>/dev/null
    umount ${P4_PATH}/rootfs 2>/dev/null
    rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs 2>/dev/null
    mkdir -p ${P4_PATH}/{bootfs/,rootfs/} && sync
    [[ "${?}" -ne "0" ]] && error_msg "Failed to create temporary mount directory [ ${P4_PATH} ]"
    # Mount target bootfs partition
    [[ "${box_disk}" =~ ^([hsv]d[a-z]) ]] && rescue_disk_partition_name="" || rescue_disk_partition_name="p"
    mount ${rescue_disk}${rescue_disk_partition_name}1 ${P4_PATH}/bootfs
    [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}1 failed!"
    echo -e "${INFO} The [ ${rescue_disk}${rescue_disk_partition_name}1 ] partition is mounted on [ ${P4_PATH}/bootfs ]."
    # Search uuid file
    if [[ -f "${P4_PATH}/bootfs/uEnv.txt" ]]; then
        search_file="uEnv.txt"
    elif [[ -f "${P4_PATH}/bootfs/armbianEnv.txt" ]]; then
        search_file="armbianEnv.txt"
    elif [[ -f "${P4_PATH}/bootfs/extlinux/extlinux.conf" ]]; then
        search_file="extlinux/extlinux.conf"
    else
        error_msg "The [ uEnv.txt, armbianEnv.txt, extlinux/extlinux.conf ] file does not exist, stop rescuing."
    fi
    # Get the target partition uuid and rootfs
    target_parttion_uuid="$(grep '=UUID=' ${P4_PATH}/bootfs/${search_file} | sed -n 's/.*=UUID=\([a-f0-9-]*\).*/\1/p')"
    [[ -z "${target_parttion_uuid}" ]] && error_msg "The [ ${search_file} ] file does not contain the UUID value."
    target_rootfs="$(blkid | grep ${target_parttion_uuid} | awk -F':' '{print $1;}')"
    [[ -z "${target_rootfs}" ]] && error_msg "The [ ${target_parttion_uuid} ] UUID does not exist in the system."
    # Mount target rootfs partition
    mount ${target_rootfs} ${P4_PATH}/rootfs
    [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}2 failed!"
    echo -e "${INFO} The [ ${target_rootfs} ] partition is mounted on [ ${P4_PATH}/rootfs ]."
    # Identify the current kernel files
    kernel_signature="$(uname -r)"
    # 01. For /boot files
    [[ -d "${P4_PATH}/bootfs" ]] && {
        cd ${P4_PATH}/bootfs
        rm -rf config-* initrd.img-* System.map-* vmlinuz-* uInitrd* *Image dtb* u-boot.ext u-boot.emmc
        [[ -f "/boot/u-boot.ext" ]] && {
            cp -f /boot/u-boot.ext .
            cp -f /boot/u-boot.ext u-boot.emmc
            chmod +x u-boot.ext u-boot.emmc
        }
        cp -rf /boot/{*-${kernel_signature},uInitrd,*Image,dtb} .
        [[ "${?}" -ne "0" ]] && error_msg "(1/2) [ boot ] kernel files rescue failed."
        echo -e "${INFO} (1/2) [ boot ] kernel files rescue succeeded."
    } || error_msg "(1/2) The [ ${P4_PATH}/bootfs ] folder does not exist, stop rescuing."
    # 02. For /lib/modules/${kernel_signature}
    [[ -d "${P4_PATH}/rootfs/lib/modules" ]] && {
        cd ${P4_PATH}/rootfs/lib/modules
        rm -rf *
        cp -rf /lib/modules/${kernel_signature} .
        [[ "${?}" -ne "0" ]] && error_msg "(2/2) [ modules ] kernel files rescue failed."
        echo -e "${INFO} (2/2) [ modules ] kernel files rescue succeeded."
    } || error_msg "(2/2) The [ ${P4_PATH}/rootfs/lib/modules ] folder does not exist, stop rescuing."
    # Unmount the emmc partition
    cd ${P4_PATH}
    umount -f ${P4_PATH}/bootfs
    [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/bootfs ]"
    umount -f ${P4_PATH}/rootfs
    [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/rootfs ]"
    # Remove the temporary mount directory
    rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs
    sync && echo ""
 }
 echo -e "${STEPS} Welcome to the OpenWrt Kernel Management Tool."
 # Operation environment check
 [[ -x "/usr/sbin/openwrt-kernel" ]] || error_msg "Please grant execution permission: chmod +x /usr/sbin/openwrt-kernel"
-#
+
-# Initialize all variables
+# Execute relevant functions based on the options
-init_var "${@}"
+if [[ "${@}" =~ ^-s(\s)* ]]; then
-# Check kernel files list
+    # Initialize all variables
-check_kernel
+    init_var "${@}"
-# Update the kernel
+    # Start rescuing the kernel
-update_kernel
+    sos_kernel "${@}"
-# Update the uboot
+
-update_uboot
+    # Kernel restore successful
-#
+    sync && sleep 3
-sync && sleep 3
+    echo -e "${SUCCESS} Kernel rescue successful, please remove the disk and restart the OpenWrt system."
-echo "Successfully updated, automatic restarting..."
+    exit 0
-reboot
+else
-exit 0
+    # Initialize all variables
    init_var "${@}"
    # Check kernel files list
    check_kernel
    # Update the kernel
    update_kernel
    # Update the uboot
    update_uboot
    # Kernel update successful
    sync && sleep 3
    echo "Successfully updated, automatic restarting..."
    reboot
    exit 0
 fi
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua
@ -1,6 +1,7 @@
 local api = require "luci.passwall.api"
 local appname = api.appname
 local has_xray = api.finded_com("xray")
 local has_singbox = api.finded_com("sing-box")
 m = Map(appname)
 api.set_apply_on_parse(m)
@ -62,12 +63,12 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end
 o.default = 0
 o:depends("auto_update", true)
-if has_xray then
+if has_xray or has_singbox then
 	o = s:option(Value, "v2ray_location_asset", translate("Location of V2ray/Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are."))
 	o.default = "/usr/share/v2ray/"
 	o.rmempty = false
-	s = m:section(TypedSection, "shunt_rules", "Xray " .. translate("Shunt Rule"), "<a style='color: red'>" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "</a>")
+	s = m:section(TypedSection, "shunt_rules", "Xray/Sing-Box " .. translate("Shunt Rule"), "<a style='color: red'>" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "</a>")
 	s.template = "cbi/tblsection"
 	s.anonymous = false
 	s.addremove = true
--- a/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/luci-app-passwall/root/usr/share/passwall/app.sh
@ -1610,6 +1610,11 @@ start() {
 	check_depends $USE_TABLES
 	[ "$USE_TABLES" = "nftables" ] && {
 		dnsmasq_version=$(dnsmasq -v | grep -i "Dnsmasq version " | awk '{print $3}')
 		[ "$(expr $dnsmasq_version \>= 2.90)" == 0 ] && echolog "Dnsmasq版本低于2.90，建议升级至2.90及以上版本以避免部分情况下Dnsmasq崩溃问题！"
 	}
 	[ "$ENABLED_DEFAULT_ACL" == 1 ] && {
 		start_redir TCP
 		start_redir UDP
--- a/luci-app-passwall/root/usr/share/passwall/nftables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/nftables.sh
@ -747,9 +747,9 @@ add_firewall_rule() {
 	else
 		gen_nftset $NFTSET_CHN ipv4_addr "2d" 0 $(cat $RULES_PATH/chnroute | tr -s '\n' | grep -v "^#")
 	fi
-	gen_nftset $NFTSET_BLACKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+	gen_nftset $NFTSET_BLACKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
-	gen_nftset $NFTSET_WHITELIST ipv4_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+	gen_nftset $NFTSET_WHITELIST ipv4_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
-	gen_nftset $NFTSET_BLOCKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+	gen_nftset $NFTSET_BLOCKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
 	gen_nftset $NFTSET_SHUNTLIST ipv4_addr 0 0
 	gen_nftset $NFTSET_VPSLIST6 ipv6_addr 0 0
@ -761,9 +761,9 @@ add_firewall_rule() {
 	else
 		gen_nftset $NFTSET_CHN6 ipv6_addr "2d" 0 $(cat $RULES_PATH/chnroute6 | tr -s '\n' | grep -v "^#")
 	fi
-	gen_nftset $NFTSET_BLACKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+	gen_nftset $NFTSET_BLACKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
-	gen_nftset $NFTSET_WHITELIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+	gen_nftset $NFTSET_WHITELIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
-	gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+	gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
 	gen_nftset $NFTSET_SHUNTLIST6 ipv6_addr 0 0
 	local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
@ -792,7 +792,7 @@ add_firewall_rule() {
 	[ -n "$ISP_DNS" ] && {
 		#echolog "处理 ISP DNS 例外..."
 		for ispip in $ISP_DNS; do
-			insert_nftset $NFTSET_WHITELIST "-1" $ispip
+			insert_nftset $NFTSET_WHITELIST 0 $ispip
 			echolog "  - [$?]追加ISP IPv4 DNS到白名单：${ispip}"
 		done
 	}
@ -800,7 +800,7 @@ add_firewall_rule() {
 	[ -n "$ISP_DNS6" ] && {
 		#echolog "处理 ISP IPv6 DNS 例外..."
 		for ispip6 in $ISP_DNS6; do
-			insert_nftset $NFTSET_WHITELIST6 "-1" $ispip6
+			insert_nftset $NFTSET_WHITELIST6 0 $ispip6
 			echolog "  - [$?]追加ISP IPv6 DNS到白名单：${ispip6}"
 		done
 	}
@ -1059,7 +1059,7 @@ add_firewall_rule() {
 					nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\""
 				}
 				nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo counter return comment \"本机\""
-				nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
+				nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
 			fi
 			[ "$PROXY_IPV6" == "1" ] && {
@ -1110,7 +1110,7 @@ add_firewall_rule() {
 				nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\""
 			}
 			nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo counter return comment \"本机\""
-			nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
+			nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
 			[ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
 				[ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && {
@ -1253,11 +1253,11 @@ gen_include() {
 				[ ! -z "\${WAN_IP}" ] && nft "replace rule inet fw4 PSW_MANGLE handle \$PR_INDEX ip daddr "\${WAN_IP}" counter return comment \"WAN_IP_RETURN\""
 			fi
 			nft "add rule inet fw4 mangle_prerouting meta nfproto {ipv4} counter jump PSW_MANGLE"
-			nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
+			nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
 		}
 		\$(sh ${MY_PATH} insert_rule_before "inet fw4" "mangle_prerouting" "PSW_MANGLE" "counter jump PSW_DIVERT")
-		[ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
+		[ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
 		[ "$PROXY_IPV6" == "1" ] && {
 			PR_INDEX=\$(sh ${MY_PATH} RULE_LAST_INDEX "inet fw4" PSW_MANGLE_V6 WAN6_IP_RETURN -1)
--- a/sing-box/Makefile
+++ b/sing-box/Makefile
@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=sing-box
-PKG_VERSION:=1.8.7
+PKG_VERSION:=1.8.8
 PKG_RELEASE:=1
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=35db2a6953c04ea6301f242ba2d6c7ca7f6d52bae0b4927beca5255ee958b218
+PKG_HASH:=dfa64c1da309000998ff9c5fb35bac2795c9e88ce3c63ad47862ba6c3aeda74f
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_LICENSE_FILES:=LICENSE