OpenWrt
/
small-package
mirror of https://github.com/kenzok8/small-package
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update-02.20

This commit is contained in:
github-actions[bot] 2022-02-20 09:13:03 +08:00
parent c897bafedc
commit c3b82c23be
24 changed files with 550 additions and 413 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cups/files/etc/cups/cupsd.conf
View File

@ -46,7 +46,7 @@ ServerAlias *
<Location /> <Location />
Order Allow,Deny Order Allow,Deny
Allow From 127.0.0.1 Allow From 127.0.0.1
Allow From 192.168.1.0/24 #Allow From 192.168.1.0/24
Allow all Allow all
</Location> </Location>
@ -55,6 +55,6 @@ AuthType Basic
AuthClass System AuthClass System
Order Allow,Deny Order Allow,Deny
Allow From 127.0.0.1 Allow From 127.0.0.1
Allow From 192.168.1.0/24 #Allow From 192.168.1.0/24
Allow all Allow all
</Location> </Location>

41
luci-app-mosdns/root/etc/mosdns/serverlist.txt
View File

@ -794,6 +794,7 @@
5faad595f4.com 5faad595f4.com
5fst22.cn 5fst22.cn
5glyqw.com 5glyqw.com
5ibanma.com
5ijo.01net.com 5ijo.01net.com
5ijs.vip 5ijs.vip
5imoney.com 5imoney.com
@ -4591,6 +4592,7 @@ beaubitternessapplication.com
beautylamp.cn beautylamp.cn
beavertron.com beavertron.com
bebadu.com bebadu.com
bebaytowns.com
bebelait.com bebelait.com
bebi.com bebi.com
bebreloomr.com bebreloomr.com
@ -4608,6 +4610,7 @@ bedsbreath.com
bedsideseller.com bedsideseller.com
bedsitetrypa.com bedsitetrypa.com
bedspursueclueless.com bedspursueclueless.com
bedumbserugate.com
beeaimaid.com beeaimaid.com
beefymartpronunciation.com beefymartpronunciation.com
beegmove.com beegmove.com
@ -5784,6 +5787,7 @@ cdgfa.ifeng.com
cdgxq.com cdgxq.com
cdhhbyy.cn cdhhbyy.cn
cdiah.com cdiah.com
cdikrxknopf.com
cdjkngs.cn cdjkngs.cn
cdlinli.com cdlinli.com
cdlkzb.com cdlkzb.com
@ -5954,6 +5958,7 @@ changedcombustible.com
changement.pro changement.pro
changhehengqi.com changhehengqi.com
chango.com chango.com
chanmao.online
channelintelligence.com channelintelligence.com
chaoge.club chaoge.club
chaogej.com chaogej.com
@ -6449,6 +6454,7 @@ cntrafficpro.com
cnxad.net cnxad.net
cnxdztpgjyc.com cnxdztpgjyc.com
cnxmyb.cn cnxmyb.cn
cnxscqqgjf.top
cnxunkewang.info cnxunkewang.info
cny.yoyo.org cny.yoyo.org
cnyibs.com cnyibs.com
@ -8030,6 +8036,7 @@ disapprovalhardwareenvy.com
disarrayanticipatedversion.com disarrayanticipatedversion.com
disavowmigration.com disavowmigration.com
disbandcrumena.com disbandcrumena.com
dischargedecent.com
discordclosure.com discordclosure.com
discountclick.com discountclick.com
discountryvc.club discountryvc.club
@ -8163,6 +8170,7 @@ dlski.space
dltenjy.cn dltenjy.cn
dltinaozs.com dltinaozs.com
dlvds9i67c60j.cloudfront.net dlvds9i67c60j.cloudfront.net
dlvjmr.cn
dlxgm.cn dlxgm.cn
dlxrlc2ni2.com dlxrlc2ni2.com
dlyukun.cn dlyukun.cn
@ -9042,6 +9050,7 @@ engagesrvr.filefactory.com
engageya.com engageya.com
engine.eroge.com engine.eroge.com
engine.espace.netavenir.com engine.espace.netavenir.com
engine.fxempire.com
engine.laweekly.com engine.laweekly.com
enginedriverflexible.com enginedriverflexible.com
enginedriverhaw.com enginedriverhaw.com
@ -9869,6 +9878,7 @@ flashclicks.com
flashinginvolvementmatches.com flashinginvolvementmatches.com
flashtalking.com flashtalking.com
flashymass.com flashymass.com
flasknstall.click
flaskstationsubsequent.com flaskstationsubsequent.com
flatcapspriggy.cam flatcapspriggy.cam
flatepicbats.com flatepicbats.com
@ -11847,6 +11857,7 @@ holdierpriv.club
holdspreoccupation.com holdspreoccupation.com
holidayhappy.online holidayhappy.online
hollowafterthought.com hollowafterthought.com
holydelicatessen.com
holyyjs.xyz holyyjs.xyz
homchang.site homchang.site
home-prize-winner-ma2d.live home-prize-winner-ma2d.live
@ -11876,6 +11887,7 @@ hongtefm.com
hongwenge.com hongwenge.com
hongyangbg.com hongyangbg.com
honhon.top honhon.top
honoka.design
honorablehall.com honorablehall.com
honorableland.com honorableland.com
honorablesimilar.com honorablesimilar.com
@ -12140,6 +12152,7 @@ hw6.com
hwanjia.com hwanjia.com
hxadt.com hxadt.com
hxbt.alading123.com hxbt.alading123.com
hxbylm.vip
hxclove.club hxclove.club
hxf1688.xyz hxf1688.xyz
hxfree.vip hxfree.vip
@ -13235,6 +13248,7 @@ jltzknvw.com
jlvqhftliz.com jlvqhftliz.com
jlwljym.com jlwljym.com
jlxzt.com jlxzt.com
jlyayxz.cn
jlys.fun jlys.fun
jm166.cn jm166.cn
jmdardu.cn jmdardu.cn
@ -13257,6 +13271,7 @@ jnffgawh.com
jngapkf.cn jngapkf.cn
jnhofgrcmsqw.xyz jnhofgrcmsqw.xyz
jnjcxx.com jnjcxx.com
jnkangnuo.com
jnkqds.cn jnkqds.cn
jnmqym4.cn jnmqym4.cn
jnrtavp2x66u.com jnrtavp2x66u.com
@ -13973,6 +13988,7 @@ kronosspell.com
krouekal.com krouekal.com
krxd.net krxd.net
ks67.com ks67.com
ksaggspp.xyz
ksdqhiaythajdv.com ksdqhiaythajdv.com
ksdr.xyz ksdr.xyz
ksharu.com ksharu.com
@ -14481,6 +14497,7 @@ linghangshouji.com
linglingccc.xyz linglingccc.xyz
lingqinga.cn lingqinga.cn
lingquan.vip lingquan.vip
lingquanba.wang
lingzhushijie.cn lingzhushijie.cn
linicom.co.il linicom.co.il
linicom.co.uk linicom.co.uk
@ -14890,6 +14907,7 @@ lw88.site
lwgadm.com lwgadm.com
lwlscy.com lwlscy.com
lx2rv.com lx2rv.com
lx52168.online
lxanimation.cn lxanimation.cn
lxgmgalmrxqlj.xyz lxgmgalmrxqlj.xyz
lxhjaq.cn lxhjaq.cn
@ -16092,6 +16110,7 @@ myfastcdn.com
myfengyi.xyz myfengyi.xyz
myfineartde.biz myfineartde.biz
mygoodlives.com mygoodlives.com
mygqhvz.cn
mykhtesikvuz.com mykhtesikvuz.com
mykiger.com mykiger.com
mykpkyvtuqmonij.com mykpkyvtuqmonij.com
@ -16708,6 +16727,7 @@ nrgat.com
nrnma.com nrnma.com
nrnwubdanwl.com nrnwubdanwl.com
nryceuula.com nryceuula.com
ns-zhy.com
ns003.com ns003.com
ns1.chinayms.com ns1.chinayms.com
ns1p.net ns1p.net
@ -18083,6 +18103,8 @@ pjtymy.cn
pjx1ky4xhwip.com pjx1ky4xhwip.com
pk965.com pk965.com
pkbook.com.cn pkbook.com.cn
pkfyelxxpbisf.com
pkfyelxxpbisf.top
pkgebysm.com pkgebysm.com
pkhhyool.com pkhhyool.com
pkk1.zuimeiniwo.com pkk1.zuimeiniwo.com
@ -18477,6 +18499,7 @@ prevotch.com
prfctmney.com prfctmney.com
prfqcdfws.com prfqcdfws.com
prfuxl.xyz prfuxl.xyz
prgznhukaoggg.com
prheoxpdoqmjou.com prheoxpdoqmjou.com
priceplaneadulthood.com priceplaneadulthood.com
pricestern.top pricestern.top
@ -19211,6 +19234,7 @@ qscwdv.top
qservz.com qservz.com
qshxc.com qshxc.com
qslychhjeo.com qslychhjeo.com
qsnyswg.cn
qtbb6.com qtbb6.com
qtmojo.cn qtmojo.cn
qtrwwov.cn qtrwwov.cn
@ -19338,6 +19362,7 @@ qzkxt.com
qzlglizfy.com qzlglizfy.com
qzmixun.com qzmixun.com
qzqyw.cn qzqyw.cn
qzvlbjatsgzgn.com
qzxmtyy.com qzxmtyy.com
qzy123.ink qzy123.ink
qzyfpfyy.com qzyfpfyy.com
@ -19458,6 +19483,7 @@ rauwoafe.com
ravalads.com ravalads.com
ravaquinal.com ravaquinal.com
rawasy.com rawasy.com
rawjeansadvertising.com
rawoarsy.com rawoarsy.com
rayjump.com rayjump.com
razdvabm.com razdvabm.com
@ -19743,6 +19769,7 @@ republika.onet.pl
requentlyfths.club requentlyfths.club
requested.cn requested.cn
requestvirginity.com requestvirginity.com
requial.com
requiresdetached.com requiresdetached.com
rereddit.com rereddit.com
rereegny.net rereegny.net
@ -19837,6 +19864,7 @@ reversionconceivedremarks.com
revfusion.net revfusion.net
reviabiliseriez.site reviabiliseriez.site
revimedia.com revimedia.com
revincenizam.com
revive.docmatic.org revive.docmatic.org
revive.dubcnm.com revive.dubcnm.com
revive.haskovo.net revive.haskovo.net
@ -20751,10 +20779,12 @@ sfhyojoctcry.com
sfixretarum.com sfixretarum.com
sfjviolrukaysn.xyz sfjviolrukaysn.xyz
sflywdvzyh.com sflywdvzyh.com
sflywfcanq.com
sfoimvwyyf.com sfoimvwyyf.com
sftapi.com sftapi.com
sfxl.com.cn sfxl.com.cn
sfz023.com sfz023.com
sfzover.com
sg01.top sg01.top
sg2rgnza7k9t.com sg2rgnza7k9t.com
sgaga.xyz sgaga.xyz
@ -21467,6 +21497,7 @@ spitzerpfunde.com
spjxwlkj.com spjxwlkj.com
spkcmgydiuin.com spkcmgydiuin.com
spkoevngk.com spkoevngk.com
splakesmutty.com
splashfloating.com splashfloating.com
splashforgodm.com splashforgodm.com
splashsjewels.com splashsjewels.com
@ -21907,6 +21938,7 @@ sudahj.com
suddensidewalk.com suddensidewalk.com
suecubrearrange.com suecubrearrange.com
sueencumberpiggy.com sueencumberpiggy.com
sufferingslippery.com
sufficient.cn sufficient.cn
suffocatepremise.com suffocatepremise.com
sugarcurtain.com sugarcurtain.com
@ -22073,6 +22105,7 @@ sxmutan.com
sxmyyx.com sxmyyx.com
sxouyada.cn sxouyada.cn
sxrgd.com sxrgd.com
sxrs.shop
sxsui.cn sxsui.cn
sxswjkgs.com sxswjkgs.com
sxtcdjy.com sxtcdjy.com
@ -22406,6 +22439,7 @@ teracreative.com
terats.com terats.com
teresacd.cn teresacd.cn
termadodad.com termadodad.com
termitekalinga.com
terningpail.com terningpail.com
terra8nb.com terra8nb.com
terraclicks.com terraclicks.com
@ -22600,6 +22634,7 @@ throattrees.com
throbbingmill.com throbbingmill.com
throposehodger.pro throposehodger.pro
throtle.io throtle.io
throughlavish.com
thruport.com thruport.com
thrustdeadconsiderably.com thrustdeadconsiderably.com
thrustlumpypulse.com thrustlumpypulse.com
@ -22679,6 +22714,7 @@ tingeffukec.one
tingfengyu.top tingfengyu.top
tinglian.com tinglian.com
tingthenee.biz tingthenee.biz
tingyusw.xyz
tinkerta.com tinkerta.com
tinkerwidth.com tinkerwidth.com
tinkshop.cn tinkshop.cn
@ -23445,6 +23481,7 @@ uaxyutpxh.xyz
ub1.job592.com ub1.job592.com
ubalh.com ubalh.com
uballcc.com uballcc.com
ubgkvsjnbjtk.com
ubilox.com ubilox.com
ubjectsandie.biz ubjectsandie.biz
ubmcvideo.baidustatic.com ubmcvideo.baidustatic.com
@ -24515,6 +24552,7 @@ waust.at
wauthaik.net wauthaik.net
wauthaum.com wauthaum.com
wautoosa.net wautoosa.net
wavail.com
waveclks.com waveclks.com
wavysumatone.cam wavysumatone.cam
waxpigbaa.com waxpigbaa.com
@ -25452,6 +25490,7 @@ xingnu.site
xingpingmaoyi.cn xingpingmaoyi.cn
xingsky.cn xingsky.cn
xingtu.ltd xingtu.ltd
xingxingdd.com
xingxingdm.com xingxingdm.com
xingyou46.icu xingyou46.icu
xingzhu.top xingzhu.top
@ -25603,6 +25642,7 @@ xrfabakydcwngov.xyz
xroynaxvqvouy.com xroynaxvqvouy.com
xs.houyi.baofeng.net xs.houyi.baofeng.net
xsdizch.cn xsdizch.cn
xsdlt.top
xsgkjsb.cn xsgkjsb.cn
xsjyun.cn xsjyun.cn
xsrs.com xsrs.com
@ -26302,6 +26342,7 @@ yzftqx.cn
yzh360.com yzh360.com
yzjihang.cn yzjihang.cn
yzjlsb.com yzjlsb.com
yzjy.pro
yzlwuuzzehjh.com yzlwuuzzehjh.com
yzt001.com yzt001.com
yzus09by.com yzus09by.com

3
luci-app-mosdns/root/etc/mosdns/whitelist.txt
View File

@ -1 +1,2 @@
example.example example.example
stat.xiaomi.com

22
luci-app-passwall/Makefile
View File

@ -6,15 +6,16 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall PKG_NAME:=luci-app-passwall
PKG_VERSION:=4.49 PKG_VERSION:=4.50
PKG_RELEASE:=1 PKG_RELEASE:=1
#20220207 #20220219
PKG_CONFIG_DEPENDS:= \ PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Brook \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Brook \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ChinaDNS_NG \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ChinaDNS_NG \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD \
@ -30,8 +31,7 @@ PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat
LUCI_TITLE:=LuCI support for PassWall LUCI_TITLE:=LuCI support for PassWall
LUCI_PKGARCH:=all LUCI_PKGARCH:=all
@ -43,6 +43,7 @@ LUCI_DEPENDS:=+coreutils +coreutils-base64 +coreutils-nohup +curl \
+PACKAGE_$(PKG_NAME)_INCLUDE_ChinaDNS_NG:chinadns-ng \ +PACKAGE_$(PKG_NAME)_INCLUDE_ChinaDNS_NG:chinadns-ng \
+PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy:haproxy \ +PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy:haproxy \
+PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria:hysteria \ +PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria:hysteria \
+PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat:ip6tables-mod-nat \
+PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \ +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \
+PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \ +PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \
+PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD:pdnsd-alt \ +PACKAGE_$(PKG_NAME)_INCLUDE_PDNSD:pdnsd-alt \
@ -59,8 +60,7 @@ LUCI_DEPENDS:=+coreutils +coreutils-base64 +coreutils-nohup +curl \
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray-core \ +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray-core \
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin:v2ray-plugin \ +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin:v2ray-plugin \
+PACKAGE_$(PKG_NAME)_INCLUDE_Xray:xray-core \ +PACKAGE_$(PKG_NAME)_INCLUDE_Xray:xray-core \
+PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin:xray-plugin \ +PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin:xray-plugin
+PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat:ip6tables-mod-nat
define Package/$(PKG_NAME)/config define Package/$(PKG_NAME)/config
menu "Configuration" menu "Configuration"
@ -81,6 +81,11 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria
bool "Include Hysteria" bool "Include Hysteria"
default n default n
config PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat
depends on PACKAGE_ip6tables
bool "Include IPv6 Nat"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun
bool "Include Kcptun" bool "Include Kcptun"
default n default n
@ -143,11 +148,6 @@ config PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin
bool "Include Xray-Plugin (Shadowsocks Plugin)" bool "Include Xray-Plugin (Shadowsocks Plugin)"
default n default n
config PACKAGE_$(PKG_NAME)_INCLUDE_IPv6_Nat
depends on PACKAGE_ip6tables
bool "Include IPv6 Nat"
default n
endmenu endmenu
endef endef

3
luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua
View File

@ -6,6 +6,7 @@ local node_section = var["-node"]
local proto = var["-proto"] local proto = var["-proto"]
local proxy_way = var["-proxy_way"] local proxy_way = var["-proxy_way"]
local redir_port = var["-redir_port"] local redir_port = var["-redir_port"]
local sniffing = var["-sniffing"]
local route_only = var["-route_only"] local route_only = var["-route_only"]
local local_socks_address = var["-local_socks_address"] or "0.0.0.0" local local_socks_address = var["-local_socks_address"] or "0.0.0.0"
local local_socks_port = var["-local_socks_port"] local local_socks_port = var["-local_socks_port"]
@ -280,7 +281,7 @@ if node_section then
protocol = "dokodemo-door", protocol = "dokodemo-door",
settings = {network = proto, followRedirect = true}, settings = {network = proto, followRedirect = true},
streamSettings = {sockopt = {tproxy = proxy_way}}, streamSettings = {sockopt = {tproxy = proxy_way}},
sniffing = {enabled = true, destOverride = {"http", "tls", (dns_fakedns) and "fakedns"}, metadataOnly = false, routeOnly = route_only and true or nil} sniffing = {enabled = sniffing and true or false, destOverride = {"http", "tls", (dns_fakedns) and "fakedns"}, metadataOnly = false, routeOnly = route_only and true or nil}
}) })
end end

21
luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua
View File

@ -179,6 +179,19 @@ o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default")) o:value("default", translate("Default"))
o:value("1:65535", translate("All")) o:value("1:65535", translate("All"))
---- TCP Proxy Drop Ports
o = s:option(Value, "tcp_proxy_drop_ports", translate("TCP Proxy Drop Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
---- UDP Proxy Drop Ports
o = s:option(Value, "udp_proxy_drop_ports", translate("UDP Proxy Drop Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("80,443", translate("QUIC"))
---- TCP Redir Ports ---- TCP Redir Ports
o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports")) o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports"))
o.default = "default" o.default = "default"
@ -280,12 +293,4 @@ o = s:option(Value, "dns_client_ip", translate("EDNS Client Subnet"))
o.datatype = "ipaddr" o.datatype = "ipaddr"
o:depends("v2ray_dns_mode", "doh") o:depends("v2ray_dns_mode", "doh")
o = s:option(ListValue, "dns_query_strategy", translate("Query Strategy"))
o.default = "UseIPv4"
o:value("UseIPv4")
o:value("UseIPv6")
o:value("UseIP")
o:depends("dns_mode", "v2ray")
o:depends("dns_mode", "xray")
return m return m

13
luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
View File

@ -187,9 +187,6 @@ if api.is_finded("smartdns") then
group_domestic.description = translate("You only need to configure domestic DNS packets in SmartDNS and set it redirect or as Dnsmasq upstream, and fill in the domestic DNS group name here.") group_domestic.description = translate("You only need to configure domestic DNS packets in SmartDNS and set it redirect or as Dnsmasq upstream, and fill in the domestic DNS group name here.")
end end
o = s:taboption("DNS", Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
o.default = "0"
---- DNS Forward Mode ---- DNS Forward Mode
dns_mode = s:taboption("DNS", ListValue, "dns_mode", translate("Filter Mode")) dns_mode = s:taboption("DNS", ListValue, "dns_mode", translate("Filter Mode"))
dns_mode.rmempty = false dns_mode.rmempty = false
@ -279,16 +276,6 @@ o.datatype = "ipaddr"
o:depends("v2ray_dns_mode", "tcp") o:depends("v2ray_dns_mode", "tcp")
o:depends("v2ray_dns_mode", "doh") o:depends("v2ray_dns_mode", "doh")
o = s:taboption("DNS", ListValue, "dns_query_strategy", translate("Query Strategy"))
o.default = "UseIPv4"
o:value("UseIPv4")
o:value("UseIPv6")
o:value("UseIP")
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
o = s:taboption("DNS", Flag, "dns_cache", translate("Cache Resolved")) o = s:taboption("DNS", Flag, "dns_cache", translate("Cache Resolved"))
o.default = "1" o.default = "1"
o:depends({dns_mode = "dns2socks"}) o:depends({dns_mode = "dns2socks"})

18
luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua
View File

@ -68,6 +68,17 @@ o.default = "disable"
o:value("disable", translate("No patterns are used")) o:value("disable", translate("No patterns are used"))
o:value("1:65535", translate("All")) o:value("1:65535", translate("All"))
---- TCP Proxy Drop Ports
o = s:option(Value, "tcp_proxy_drop_ports", translate("TCP Proxy Drop Ports"))
o.default = "disable"
o:value("disable", translate("No patterns are used"))
---- UDP Proxy Drop Ports
o = s:option(Value, "udp_proxy_drop_ports", translate("UDP Proxy Drop Ports"))
o.default = "80,443"
o:value("disable", translate("No patterns are used"))
o:value("80,443", translate("QUIC"))
---- TCP Redir Ports ---- TCP Redir Ports
o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports")) o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports"))
o.default = "22,25,53,143,465,587,853,993,995,80,443" o.default = "22,25,53,143,465,587,853,993,995,80,443"
@ -114,8 +125,13 @@ o = s:option(Flag, "accept_icmpv6", translate("Hijacking ICMPv6 (IPv6 PING)"))
o:depends("ipv6_tproxy", true) o:depends("ipv6_tproxy", true)
o.default = 0 o.default = 0
o = s:option(Flag, "route_only", translate("Sniffing Route Only (V2Ray/Xray)")) o = s:option(Flag, "sniffing", translate("Sniffing (V2Ray/Xray)"), translate("When using the V2ray/Xray shunt, must be enabled, otherwise the shunt will invalid."))
o.default = 1
o.rmempty = false
o = s:option(Flag, "route_only", translate("Sniffing Route Only (Xray)"), translate("When enabled, the server not will resolve the domain name again."))
o.default = "1" o.default = "1"
o:depends("sniffing", true)
--[[ --[[
---- TCP Redir Port ---- TCP Redir Port

8
luci-app-passwall/luasrc/view/passwall/node_list/link_add_node.htm
View File

@ -48,11 +48,13 @@ local api = require "luci.model.cbi.passwall.api.api"
function add_node() { function add_node() {
var nodes_link = document.getElementById("nodes_link").value; var nodes_link = document.getElementById("nodes_link").value;
if (nodes_link.trim() != "") { if (nodes_link.trim() != "") {
if (nodes_link.indexOf("ss://") == 0 || nodes_link.indexOf("ssr://") == 0 || nodes_link.indexOf("vmess://") == 0 || nodes_link.indexOf("vless://") == 0 || nodes_link.indexOf("trojan://") == 0 || nodes_link.indexOf("trojan-go://") == 0) { var supports = "ss ssr vmess vless trojan trojan-go hysteria";
var itype = nodes_link.split('://')[0];
if (itype.trim() != "" && supports.indexOf(itype) > 0) {
ajax_add_node(nodes_link); ajax_add_node(nodes_link);
} }
else { else {
alert("<%:Please enter the correct link, ss:// ssr:// vmess:// vless:// trojan://%>"); alert("<%:Please enter the correct link.%>");
} }
} }
else { else {
@ -79,7 +81,7 @@ local api = require "luci.model.cbi.passwall.api.api"
<div id="add_link_div"> <div id="add_link_div">
<div class="cbi-value"> <div class="cbi-value">
<label class="cbi-value-title"><%:SS/SSR/Vmess/VLESS/Trojan Link%></label> <label class="cbi-value-title"><%:SS/SSR/Vmess/VLESS/Trojan/Hysteria Link%></label>
<div class="cbi-value-field"> <div class="cbi-value-field">
<textarea id="nodes_link" rows="5" cols="50"></textarea> <textarea id="nodes_link" rows="5" cols="50"></textarea>
</div> </div>

61
luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm
View File

@ -104,14 +104,17 @@ local has_xray = api.is_finded("xray")
} }
return ret; return ret;
}, },
query: function(param, src, tval = "1", fval = "0") { query: function(param, src, default_value, tval = "1", fval = "0") {
var ret = "&" + param + "="; var ret = "&" + param + "=";
var obj = this.get(src); var obj = this.get(src);
if (obj) { if (obj) {
if (obj.type === "checkbox") { if (obj.type === "checkbox") {
return ret + (obj.checked === true ? tval : fval); return ret + (obj.checked === true ? tval : fval);
} else { } else {
return ret + encodeURIComponent(obj.value); var result = encodeURIComponent(obj.value);
if ((result == null || result.trim() == "") && default_value)
result = default_value;
return ret + result;
} }
} }
return "" return ""
@ -352,6 +355,23 @@ local has_xray = api.is_finded("xray")
} }
url += url_protocol; url += url_protocol;
url += params; url += params;
} else if (v_type === "Hysteria") {
var v_server = opt.get("address");
var v_port = opt.get("port");
var params = "";
params += opt.query("protocol", "hysteria_protocol");
params += opt.query("auth", "hysteria_auth_password");
params += opt.query("peer", "tls_serverName");
params += opt.query("insecure", "tls_allowInsecure");
params += opt.query("upmbps", "hysteria_up_mbps", 1000);
params += opt.query("downmbps", "hysteria_down_mbps", 1000);
params += opt.query("alpn", "hysteria_alpn");
params += opt.query("obfsParam", "hysteria_obfs");
var url =
v_server.value + ":" +
v_port.value + "?" +
params +
"#" + encodeURI(v_alias.value);
} }
if (url) { if (url) {
url = v_type.toLowerCase() + "://" + url; url = v_type.toLowerCase() + "://" + url;
@ -456,7 +476,6 @@ local has_xray = api.is_finded("xray")
} else { } else {
var url0 = sstr; var url0 = sstr;
} }
console.log(param);
var ssm = url0.match(/^(.+):([^:]+):([^:]*):([^:]+):([^:]*):([^:]+)/); var ssm = url0.match(/^(.+):([^:]+):([^:]*):([^:]+):([^:]*):([^:]+)/);
if (!ssm || ssm.length < 7) { if (!ssm || ssm.length < 7) {
s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>"; s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>";
@ -543,7 +562,6 @@ local has_xray = api.is_finded("xray")
} else if (ssu[0] === "trojan" || ssu[0] === "trojan-plus") { } else if (ssu[0] === "trojan" || ssu[0] === "trojan-plus") {
var stype = "Trojan-Plus"; var stype = "Trojan-Plus";
var m = parseNodeUrl(ssrurl); var m = parseNodeUrl(ssrurl);
console.log(m.search);
var password = m.passwd; var password = m.passwd;
if (password === "") { if (password === "") {
s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>"; s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>";
@ -614,7 +632,6 @@ local has_xray = api.is_finded("xray")
} }
} else if (ssu[0] === "trojan-go") { } else if (ssu[0] === "trojan-go") {
var m = parseNodeUrl(ssrurl); var m = parseNodeUrl(ssrurl);
console.log(m.search);
var password = m.passwd; var password = m.passwd;
if (password === "") { if (password === "") {
s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>"; s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>";
@ -705,7 +722,6 @@ local has_xray = api.is_finded("xray")
param = sstr.substr(ploc + 2); param = sstr.substr(ploc + 2);
} }
var ssm = JSON.parse(sstr); var ssm = JSON.parse(sstr);
console.log(ssm);
opt.set('remarks', ssm.ps); opt.set('remarks', ssm.ps);
opt.set('address', ssm.add); opt.set('address', ssm.add);
opt.set('port', ssm.port); opt.set('port', ssm.port);
@ -750,7 +766,6 @@ local has_xray = api.is_finded("xray")
<% end %> <% end %>
opt.set('protocol', "vless"); opt.set('protocol', "vless");
var m = parseNodeUrl(ssrurl); var m = parseNodeUrl(ssrurl);
console.log(m.search);
var password = m.passwd; var password = m.passwd;
if (password === "") { if (password === "") {
s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>"; s.innerHTML = "<font color='red'><%:Invalid Share URL Format%></font>";
@ -820,7 +835,6 @@ local has_xray = api.is_finded("xray")
} else if (ssu[0] === "brook") { } else if (ssu[0] === "brook") {
var stype = "Brook"; var stype = "Brook";
var m = parseNodeUrl(ssrurl); var m = parseNodeUrl(ssrurl);
console.log(m);
var from_protocol = m.host; var from_protocol = m.host;
var protocol = from_protocol.split('server').join('client'); var protocol = from_protocol.split('server').join('client');
@ -869,6 +883,37 @@ local has_xray = api.is_finded("xray")
opt.set('port', server[1]); opt.set('port', server[1]);
} }
if (m.hash) {
opt.set('remarks', decodeURI(m.hash.substr(1)));
}
} else if (ssu[0] === "hysteria") {
var stype = "Hysteria";
var m = parseNodeUrl(ssrurl);
var queryParam = {};
if (m.search.length > 1) {
var query = m.search.split('?');
var queryParams = query[1];
var queryArray = queryParams.split('&');
var params;
for (i = 0; i < queryArray.length; i++) {
params = queryArray[i].split('=');
queryParam[decodeURIComponent(params[0])] = decodeURIComponent(params[1] || '');
}
}
opt.set('address', m.hostname);
opt.set('port', m.port || "443");
opt.set('type', stype);
opt.set('hysteria_protocol', queryParam.protocol);
opt.set('hysteria_obfs', queryParam.obfsParam);
opt.set('hysteria_auth_type', "string");
opt.set('hysteria_auth_password', queryParam.auth);
opt.set('tls_serverName', queryParam.peer);
if (queryParam.insecure && queryParam.insecure == "1") {
opt.set('tls_allowInsecure', true);
}
opt.set('hysteria_alpn', queryParam.alpn);
opt.set('hysteria_up_mbps', queryParam.upmbps);
opt.set('hysteria_down_mbps', queryParam.downmbps);
if (m.hash) { if (m.hash) {
opt.set('remarks', decodeURI(m.hash.substr(1))); opt.set('remarks', decodeURI(m.hash.substr(1)));
} }

36
luci-app-passwall/po/zh-cn/passwall.po
View File

@ -205,21 +205,12 @@ msgstr "用于 DNS 查询时通知 DNS 服务器,客户端所在的地理位
msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)." msgid "This feature requires the DNS server to support the Edns Client Subnet (RFC7871)."
msgstr "此功能需要 DNS 服务器支持 EDNS Client SubnetRFC7871。" msgstr "此功能需要 DNS 服务器支持 EDNS Client SubnetRFC7871。"
msgid "Query Strategy"
msgstr "查询策略"
msgid "When the accessed domain name does not exist in the rule list, the default DNS used." msgid "When the accessed domain name does not exist in the rule list, the default DNS used."
msgstr "当访问的域名不存在规则列表中使用的默认DNS。" msgstr "当访问的域名不存在规则列表中使用的默认DNS。"
msgid "The effect is better, but will increase the memory." msgid "The effect is better, but will increase the memory."
msgstr "效果更好,但会增加内存使用。" msgstr "效果更好,但会增加内存使用。"
msgid "Filter Proxy Host IPv6"
msgstr "过滤代理域名 IPv6"
msgid "Experimental feature."
msgstr "实验性功能。"
msgid "Clear IPSET" msgid "Clear IPSET"
msgstr "清空 IPSET" msgstr "清空 IPSET"
@ -337,11 +328,11 @@ msgstr "添加节点"
msgid "Add the node via the link" msgid "Add the node via the link"
msgstr "通过链接添加节点" msgstr "通过链接添加节点"
msgid "SS/SSR/Vmess/VLESS/Trojan Link" msgid "SS/SSR/Vmess/VLESS/Trojan/Hysteria Link"
msgstr "SS/SSR/Vmess/VLESS/Trojan链接" msgstr "SS/SSR/Vmess/VLESS/Trojan/Hysteria 链接"
msgid "Please enter the correct link, ss:// ssr:// vmess:// vless:// trojan://" msgid "Please enter the correct link."
msgstr "请输入正确的链接ss:// ssr:// vmess:// vless:// trojan://" msgstr "请输入正确的链接"
msgid "Clear all nodes" msgid "Clear all nodes"
msgstr "清空所有节点" msgstr "清空所有节点"
@ -622,6 +613,12 @@ msgstr "UDP不转发端口"
msgid "Fill in the ports you don't want to be forwarded by the agent, with the highest priority." msgid "Fill in the ports you don't want to be forwarded by the agent, with the highest priority."
msgstr "填写你不希望被代理转发的端口,优先级最高。" msgstr "填写你不希望被代理转发的端口,优先级最高。"
msgid "TCP Proxy Drop Ports"
msgstr "TCP转发屏蔽端口"
msgid "UDP Proxy Drop Ports"
msgstr "UDP转发屏蔽端口"
msgid "TCP Redir Ports" msgid "TCP Redir Ports"
msgstr "TCP转发端口" msgstr "TCP转发端口"
@ -658,8 +655,17 @@ msgstr "劫持ICMP (PING)"
msgid "Hijacking ICMPv6 (IPv6 PING)" msgid "Hijacking ICMPv6 (IPv6 PING)"
msgstr "劫持ICMPv6 (IPv6 PING)" msgstr "劫持ICMPv6 (IPv6 PING)"
msgid "Sniffing Route Only (V2Ray/Xray)" msgid "Sniffing (V2Ray/Xray)"
msgstr "流量嗅探只供路由使用 (V2Ray/Xray)" msgstr "流量嗅探 (V2ray/Xray)"
msgid "When using the V2ray/Xray shunt, must be enabled, otherwise the shunt will invalid."
msgstr "使用 V2Ray/Xray 分流时,必须启用,否则分流将无效。"
msgid "Sniffing Route Only (Xray)"
msgstr "流量嗅探只供路由使用 (Xray)"
msgid "When enabled, the server not will resolve the domain name again."
msgstr "启用后,服务器不会再次解析域名。"
msgid "TCP Proxy Way" msgid "TCP Proxy Way"
msgstr "TCP代理方式" msgstr "TCP代理方式"

6
luci-app-passwall/root/usr/share/passwall/0_default_config
View File

@ -6,7 +6,6 @@ config global
option udp_node 'nil' option udp_node 'nil'
option dns_mode 'pdnsd' option dns_mode 'pdnsd'
option dns_forward '1.1.1.1' option dns_forward '1.1.1.1'
option filter_proxy_ipv6 '0'
option tcp_proxy_mode 'chnroute' option tcp_proxy_mode 'chnroute'
option udp_proxy_mode 'chnroute' option udp_proxy_mode 'chnroute'
option localhost_tcp_proxy_mode 'default' option localhost_tcp_proxy_mode 'default'
@ -27,12 +26,15 @@ config global_delay
config global_forwarding config global_forwarding
option process '0' option process '0'
option tcp_no_redir_ports 'disable' option tcp_no_redir_ports 'disable'
option udp_no_redir_ports '53,80,443' option udp_no_redir_ports '53'
option tcp_proxy_drop_ports 'disable'
option udp_proxy_drop_ports '80,443'
option tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443' option tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443'
option udp_redir_ports '1:65535' option udp_redir_ports '1:65535'
option accept_icmp '0' option accept_icmp '0'
option tcp_proxy_way 'redirect' option tcp_proxy_way 'redirect'
option ipv6_tproxy '0' option ipv6_tproxy '0'
option sniffing '1'
option route_only '1' option route_only '1'
config global_other config global_other

27
luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -647,15 +647,18 @@ run_redir() {
UDP_NODE="nil" UDP_NODE="nil"
} }
_extra_param="${_extra_param} ${proto}" _extra_param="${_extra_param} ${proto}"
local route_only=$(config_t_get global_forwarding route_only 1) local sniffing=$(config_t_get global_forwarding sniffing 1)
[ "${route_only}" = "1" ] && _extra_param="${_extra_param} -route_only 1" [ "${sniffing}" = "1" ] && {
_extra_param="${_extra_param} -sniffing 1"
local route_only=$(config_t_get global_forwarding route_only 1)
[ "${route_only}" = "1" ] && _extra_param="${_extra_param} -route_only 1"
}
[ "${DNS_MODE}" = "v2ray" -o "${DNS_MODE}" = "xray" ] && { [ "${DNS_MODE}" = "v2ray" -o "${DNS_MODE}" = "xray" ] && {
local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp) local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp)
[ "$(config_t_get global dns_by)" = "tcp" -o "${v2ray_dns_mode}" = "fakedns" ] && { [ "$(config_t_get global dns_by)" = "tcp" -o "${v2ray_dns_mode}" = "fakedns" ] && {
config_file=$(echo $config_file | sed "s/.json/_DNS.json/g") config_file=$(echo $config_file | sed "s/.json/_DNS.json/g")
resolve_dns=1 resolve_dns=1
local dns_query_strategy=$(config_t_get global dns_query_strategy UseIPv4) _extra_param="${_extra_param} -dns_query_strategy ${DNS_QUERY_STRATEGY}"
_extra_param="${_extra_param} -dns_query_strategy ${dns_query_strategy}"
local _dns_client_ip=$(config_t_get global dns_client_ip) local _dns_client_ip=$(config_t_get global dns_client_ip)
[ -n "${_dns_client_ip}" ] && _extra_param="${_extra_param} -dns_client_ip ${_dns_client_ip}" [ -n "${_dns_client_ip}" ] && _extra_param="${_extra_param} -dns_client_ip ${_dns_client_ip}"
[ "${DNS_CACHE}" == "0" ] && _extra_param="${_extra_param} -dns_cache 0" [ "${DNS_CACHE}" == "0" ] && _extra_param="${_extra_param} -dns_cache 0"
@ -1060,8 +1063,7 @@ start_dns() {
xray) xray)
[ "${resolve_dns}" == "0" ] && { [ "${resolve_dns}" == "0" ] && {
[ "${DNS_CACHE}" == "0" ] && local _extra_param="-dns_cache 0" [ "${DNS_CACHE}" == "0" ] && local _extra_param="-dns_cache 0"
local dns_query_strategy=$(config_t_get global dns_query_strategy UseIPv4) _extra_param="${_extra_param} -dns_query_strategy ${DNS_QUERY_STRATEGY}"
_extra_param="${_extra_param} -dns_query_strategy ${dns_query_strategy}"
local _dns_client_ip=$(config_t_get global dns_client_ip) local _dns_client_ip=$(config_t_get global dns_client_ip)
[ -n "${_dns_client_ip}" ] && _extra_param="${_extra_param} -dns_client_ip ${_dns_client_ip}" [ -n "${_dns_client_ip}" ] && _extra_param="${_extra_param} -dns_client_ip ${_dns_client_ip}"
local dns_by=$(config_t_get global dns_by "tcp") local dns_by=$(config_t_get global dns_by "tcp")
@ -1127,7 +1129,7 @@ start_dns() {
smartdns) smartdns)
local group_domestic=$(config_t_get global group_domestic) local group_domestic=$(config_t_get global group_domestic)
CHINADNS_NG=0 CHINADNS_NG=0
source $APP_PATH/helper_smartdns.sh add DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6} source $APP_PATH/helper_smartdns.sh add DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE} NO_PROXY_IPV6=${NO_PROXY_IPV6}
source $APP_PATH/helper_smartdns.sh restart source $APP_PATH/helper_smartdns.sh restart
echolog " - 域名解析使用SmartDNS请确保配置正常。" echolog " - 域名解析使用SmartDNS请确保配置正常。"
;; ;;
@ -1162,7 +1164,7 @@ start_dns() {
[ "$DNS_SHUNT" = "dnsmasq" ] && { [ "$DNS_SHUNT" = "dnsmasq" ] && {
source $APP_PATH/helper_dnsmasq.sh stretch source $APP_PATH/helper_dnsmasq.sh stretch
source $APP_PATH/helper_dnsmasq.sh add DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6} source $APP_PATH/helper_dnsmasq.sh add DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE} NO_PROXY_IPV6=${NO_PROXY_IPV6}
} }
} }
@ -1451,6 +1453,8 @@ TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '80,443')
UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535') UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable') TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable') UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
TCP_PROXY_DROP_PORTS=$(config_t_get global_forwarding tcp_proxy_drop_ports 'disable')
UDP_PROXY_DROP_PORTS=$(config_t_get global_forwarding udp_proxy_drop_ports '80,443')
TCP_PROXY_MODE=$(config_t_get global tcp_proxy_mode chnroute) TCP_PROXY_MODE=$(config_t_get global tcp_proxy_mode chnroute)
UDP_PROXY_MODE=$(config_t_get global udp_proxy_mode chnroute) UDP_PROXY_MODE=$(config_t_get global udp_proxy_mode chnroute)
LOCALHOST_TCP_PROXY_MODE=$(config_t_get global localhost_tcp_proxy_mode default) LOCALHOST_TCP_PROXY_MODE=$(config_t_get global localhost_tcp_proxy_mode default)
@ -1467,7 +1471,6 @@ DNS_MODE=$(config_t_get global dns_mode pdnsd)
DNS_FORWARD=$(config_t_get global dns_forward 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g') DNS_FORWARD=$(config_t_get global dns_forward 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
DNS_CACHE=$(config_t_get global dns_cache 0) DNS_CACHE=$(config_t_get global dns_cache 0)
CHINADNS_NG=$(config_t_get global chinadns_ng 0) CHINADNS_NG=$(config_t_get global chinadns_ng 0)
filter_proxy_ipv6=$(config_t_get global filter_proxy_ipv6 0)
dns_listen_port=${DNS_PORT} dns_listen_port=${DNS_PORT}
DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label') DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
@ -1475,6 +1478,12 @@ DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{
LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29}" LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29}"
PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0) PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
NO_PROXY_IPV6=1
DNS_QUERY_STRATEGY="UseIPv4"
[ "$PROXY_IPV6" = "1" ] && {
NO_PROXY_IPV6=0
DNS_QUERY_STRATEGY="UseIP"
}
export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/") export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET

93
luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -85,6 +85,20 @@ REDIRECT() {
echo $s echo $s
} }
get_ipset_ipt() {
case "$1" in
gfwlist)
echo "$(dst $IPSET_GFW)"
;;
chnroute)
echo "$(dst $IPSET_CHN !)"
;;
returnhome)
echo "$(dst $IPSET_CHN)"
;;
esac
}
get_redirect_ipt() { get_redirect_ipt() {
case "$1" in case "$1" in
disable) disable)
@ -196,7 +210,7 @@ load_acl() {
dnsmasq_port=11400 dnsmasq_port=11400
echolog "访问控制:" echolog "访问控制:"
for item in $items; do for item in $items; do
local enabled sid remarks sources tcp_proxy_mode udp_proxy_mode tcp_no_redir_ports udp_no_redir_ports tcp_redir_ports udp_redir_ports tcp_node udp_node dns_mode dns_forward v2ray_dns_mode dns_doh dns_client_ip dns_query_strategy local enabled sid remarks sources tcp_proxy_mode udp_proxy_mode tcp_no_redir_ports udp_no_redir_ports tcp_proxy_drop_ports udp_proxy_drop_ports tcp_redir_ports udp_redir_ports tcp_node udp_node dns_mode dns_forward v2ray_dns_mode dns_doh dns_client_ip
local _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port tcp_node_remark udp_node_remark config_file local _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port tcp_node_remark udp_node_remark config_file
sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}') sid=$(uci -q show "${CONFIG}.${item}" | grep "=acl_rule" | awk -F '=' '{print $1}' | awk -F '.' '{print $2}')
eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-) eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
@ -224,6 +238,8 @@ load_acl() {
udp_proxy_mode=${udp_proxy_mode:-default} udp_proxy_mode=${udp_proxy_mode:-default}
tcp_no_redir_ports=${tcp_no_redir_ports:-default} tcp_no_redir_ports=${tcp_no_redir_ports:-default}
udp_no_redir_ports=${udp_no_redir_ports:-default} udp_no_redir_ports=${udp_no_redir_ports:-default}
tcp_proxy_drop_ports=${tcp_proxy_drop_ports:-default}
udp_proxy_drop_ports=${udp_proxy_drop_ports:-default}
tcp_redir_ports=${tcp_redir_ports:-default} tcp_redir_ports=${tcp_redir_ports:-default}
udp_redir_ports=${udp_redir_ports:-default} udp_redir_ports=${udp_redir_ports:-default}
tcp_node=${tcp_node:-default} tcp_node=${tcp_node:-default}
@ -237,6 +253,8 @@ load_acl() {
[ "$udp_proxy_mode" = "default" ] && udp_proxy_mode=$UDP_PROXY_MODE [ "$udp_proxy_mode" = "default" ] && udp_proxy_mode=$UDP_PROXY_MODE
[ "$tcp_no_redir_ports" = "default" ] && tcp_no_redir_ports=$TCP_NO_REDIR_PORTS [ "$tcp_no_redir_ports" = "default" ] && tcp_no_redir_ports=$TCP_NO_REDIR_PORTS
[ "$udp_no_redir_ports" = "default" ] && udp_no_redir_ports=$UDP_NO_REDIR_PORTS [ "$udp_no_redir_ports" = "default" ] && udp_no_redir_ports=$UDP_NO_REDIR_PORTS
[ "$tcp_proxy_drop_ports" = "default" ] && tcp_proxy_drop_ports=$TCP_PROXY_DROP_PORTS
[ "$udp_proxy_drop_ports" = "default" ] && udp_proxy_drop_ports=$UDP_PROXY_DROP_PORTS
[ "$tcp_redir_ports" = "default" ] && tcp_redir_ports=$TCP_REDIR_PORTS [ "$tcp_redir_ports" = "default" ] && tcp_redir_ports=$TCP_REDIR_PORTS
[ "$udp_redir_ports" = "default" ] && udp_redir_ports=$UDP_REDIR_PORTS [ "$udp_redir_ports" = "default" ] && udp_redir_ports=$UDP_REDIR_PORTS
[ "$tcp_node" != "nil" ] && { [ "$tcp_node" != "nil" ] && {
@ -255,7 +273,7 @@ load_acl() {
run_dns2socks flag=acl_${sid} socks_address=127.0.0.1 socks_port=$socks_port listen_address=0.0.0.0 listen_port=${_dns_port} dns=$dns_forward cache=1 run_dns2socks flag=acl_${sid} socks_address=127.0.0.1 socks_port=$socks_port listen_address=0.0.0.0 listen_port=${_dns_port} dns=$dns_forward cache=1
elif [ "$dns_mode" = "v2ray" -o "$dns_mode" = "xray" ]; then elif [ "$dns_mode" = "v2ray" -o "$dns_mode" = "xray" ]; then
config_file=$TMP_ACL_PATH/${tcp_node}_SOCKS_${socks_port}_DNS.json config_file=$TMP_ACL_PATH/${tcp_node}_SOCKS_${socks_port}_DNS.json
run_v2ray_dns_socks flag=acl_${sid} type=$dns_mode socks_address=127.0.0.1 socks_port=$socks_port listen_address=0.0.0.0 listen_port=${_dns_port} dns_proto=${v2ray_dns_mode} dns_tcp_server=${dns_forward} doh="${dns_forward}" dns_client_ip=${dns_client_ip} dns_query_strategy=${dns_query_strategy} config_file=$config_file run_v2ray_dns_socks flag=acl_${sid} type=$dns_mode socks_address=127.0.0.1 socks_port=$socks_port listen_address=0.0.0.0 listen_port=${_dns_port} dns_proto=${v2ray_dns_mode} dns_tcp_server=${dns_forward} doh="${dns_forward}" dns_client_ip=${dns_client_ip} dns_query_strategy=${DNS_QUERY_STRATEGY} config_file=$config_file
fi fi
eval node_${tcp_node}_$(echo -n "${dns_forward}" | md5sum | cut -d " " -f1)=${_dns_port} eval node_${tcp_node}_$(echo -n "${dns_forward}" | md5sum | cut -d " " -f1)=${_dns_port}
} }
@ -268,7 +286,7 @@ load_acl() {
d_server=127.0.0.1 d_server=127.0.0.1
[ "$tcp_proxy_mode" = "global" ] && d_server=${d_server}#${_dns_port} [ "$tcp_proxy_mode" = "global" ] && d_server=${d_server}#${_dns_port}
echo "server=${d_server}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf echo "server=${d_server}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf
source $APP_PATH/helper_${DNS_N}.sh add DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${filter_proxy_ipv6} source $APP_PATH/helper_${DNS_N}.sh add DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${NO_PROXY_IPV6}
ln_run "$(first_type dnsmasq)" "dnsmasq_${sid}" "/dev/null" -C $TMP_ACL_PATH/$sid/dnsmasq.conf -x $TMP_ACL_PATH/$sid/dnsmasq.pid ln_run "$(first_type dnsmasq)" "dnsmasq_${sid}" "/dev/null" -C $TMP_ACL_PATH/$sid/dnsmasq.conf -x $TMP_ACL_PATH/$sid/dnsmasq.pid
eval node_${tcp_node}_$(echo -n "${tcp_proxy_mode}${dns_forward}" | md5sum | cut -d " " -f1)=${dnsmasq_port} eval node_${tcp_node}_$(echo -n "${tcp_proxy_mode}${dns_forward}" | md5sum | cut -d " " -f1)=${dnsmasq_port}
} }
@ -391,12 +409,22 @@ load_acl() {
else else
msg2="${msg2}(REDIRECT:${tcp_port})代理" msg2="${msg2}(REDIRECT:${tcp_port})代理"
fi fi
[ "$tcp_no_redir_ports" != "disable" ] && { [ "$tcp_no_redir_ports" != "disable" ] && {
$ipt_tmp -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN $ipt_tmp -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
$ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN 2>/dev/null $ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN 2>/dev/null
msg2="${msg2}[$?]除${tcp_no_redir_ports}外的" msg2="${msg2}[$?]除${tcp_no_redir_ports}外的"
} }
msg2="${msg2}所有端口" msg2="${msg2}所有端口"
[ "$tcp_proxy_drop_ports" != "disable" ] && {
$ipt_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_proxy_drop_ports "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_proxy_drop_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_proxy_drop_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$tcp_proxy_mode" != "direct/proxy" ] && $ipt_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_proxy_drop_ports "-m multiport --dport") $(get_ipset_ipt $tcp_proxy_mode) -j DROP
msg2="${msg2}[$?]屏蔽代理TCP 端口:${tcp_proxy_drop_ports}"
}
$ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} -d $FAKE_IP $(REDIRECT $tcp_port $is_tproxy) $ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} -d $FAKE_IP $(REDIRECT $tcp_port $is_tproxy)
$ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $tcp_port $is_tproxy) $ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $tcp_port $is_tproxy)
$ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy) $ipt_tmp -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy)
@ -410,13 +438,13 @@ load_acl() {
} }
if [ "$PROXY_IPV6" == "1" ]; then if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST6) $(REDIRECT $tcp_port TPROXY) $ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST6) $(REDIRECT $tcp_port TPROXY) 2>/dev/null
$ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST6) $(REDIRECT $tcp_port TPROXY) $ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST6) $(REDIRECT $tcp_port TPROXY) 2>/dev/null
$ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $tcp_proxy_mode $tcp_port TPROXY) $ip6t_m -A PSW $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $tcp_proxy_mode $tcp_port TPROXY) 2>/dev/null
[ "$accept_icmpv6" = "1" ] && { [ "$accept_icmpv6" = "1" ] && {
$ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(dst $IPSET_SHUNTLIST6) $(REDIRECT) $ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(dst $IPSET_SHUNTLIST6) $(REDIRECT) 2>/dev/null
$ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(dst $IPSET_BLACKLIST6) $(REDIRECT) $ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(dst $IPSET_BLACKLIST6) $(REDIRECT) 2>/dev/null
$ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(get_redirect_ip6t $tcp_proxy_mode) $ip6t_n -A PSW $(comment "$remarks") -p ipv6-icmp ${_ipt_source} $(get_redirect_ip6t $tcp_proxy_mode) 2>/dev/null
} }
fi fi
else else
@ -427,6 +455,14 @@ load_acl() {
$ipt_tmp -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -j RETURN $ipt_tmp -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -j RETURN
$ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -j RETURN 2>/dev/null $ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p tcp -j RETURN 2>/dev/null
[ "$udp_proxy_drop_ports" != "disable" ] && {
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_proxy_drop_ports "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_proxy_drop_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_proxy_drop_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$udp_proxy_mode" != "direct/proxy" ] && $ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_proxy_drop_ports "-m multiport --dport") $(get_ipset_ipt $udp_proxy_mode) -j DROP
msg2="${msg2}[$?]屏蔽代理UDP 端口:${udp_proxy_drop_ports}"
}
[ -n "$udp_port" ] && { [ -n "$udp_port" ] && {
if [ "$udp_proxy_mode" != "disable" ]; then if [ "$udp_proxy_mode" != "disable" ]; then
@ -438,6 +474,7 @@ load_acl() {
msg2="${msg2}[$?]除${udp_no_redir_ports}外的" msg2="${msg2}[$?]除${udp_no_redir_ports}外的"
} }
msg2="${msg2}所有端口" msg2="${msg2}所有端口"
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} -d $FAKE_IP $(REDIRECT $udp_port TPROXY) $ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} -d $FAKE_IP $(REDIRECT $udp_port TPROXY)
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $udp_port TPROXY) $ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $udp_port TPROXY)
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY) $ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY)
@ -456,7 +493,7 @@ load_acl() {
$ipt_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp -j RETURN $ipt_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp -j RETURN
$ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp -j RETURN 2>/dev/null $ip6t_m -A PSW $(comment "$remarks") ${_ipt_source} -p udp -j RETURN 2>/dev/null
done done
unset enabled sid remarks sources tcp_proxy_mode udp_proxy_mode tcp_no_redir_ports udp_no_redir_ports tcp_redir_ports udp_redir_ports tcp_node udp_node dns_mode dns_forward v2ray_dns_mode dns_doh dns_client_ip dns_query_strategy unset enabled sid remarks sources tcp_proxy_mode udp_proxy_mode tcp_no_redir_ports udp_no_redir_ports tcp_proxy_drop_ports udp_proxy_drop_ports tcp_redir_ports udp_redir_ports tcp_node udp_node dns_mode dns_forward v2ray_dns_mode dns_doh dns_client_ip
unset _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port tcp_node_remark udp_node_remark config_file unset _ip _mac _iprange _ipset _ip_or_mac rule_list tcp_port udp_port tcp_node_remark udp_node_remark config_file
unset ipt_tmp msg msg2 unset ipt_tmp msg msg2
unset redirect_dns_port unset redirect_dns_port
@ -466,6 +503,12 @@ load_acl() {
} }
# 加载TCP默认代理模式 # 加载TCP默认代理模式
[ "$TCP_PROXY_DROP_PORTS" != "disable" ] && {
$ipt_m -A PSW $(comment "默认") -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW $(comment "默认") -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW $(comment "默认") -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$TCP_PROXY_MODE" != "direct/proxy" ] && $ipt_m -A PSW $(comment "默认") -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(get_ipset_ipt $TCP_PROXY_MODE) -j DROP
}
local ipt_tmp=$ipt_n local ipt_tmp=$ipt_n
if [ "$TCP_PROXY_MODE" != "disable" ]; then if [ "$TCP_PROXY_MODE" != "disable" ]; then
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && { [ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
@ -482,8 +525,10 @@ load_acl() {
else else
msg="${msg}(REDIRECT:${TCP_REDIR_PORT})代理" msg="${msg}(REDIRECT:${TCP_REDIR_PORT})代理"
fi fi
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的" [ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的"
msg="${msg}所有端口" msg="${msg}所有端口"
$ipt_tmp -A PSW $(comment "默认") -p tcp -d $FAKE_IP $(REDIRECT $TCP_REDIR_PORT $is_tproxy) $ipt_tmp -A PSW $(comment "默认") -p tcp -d $FAKE_IP $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy) $ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy) $ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
@ -515,6 +560,12 @@ load_acl() {
$ip6t_m -A PSW $(comment "默认") -p tcp -j RETURN $ip6t_m -A PSW $(comment "默认") -p tcp -j RETURN
# 加载UDP默认代理模式 # 加载UDP默认代理模式
[ "$UDP_PROXY_DROP_PORTS" != "disable" ] && {
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$UDP_PROXY_MODE" != "direct/proxy" ] && $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(get_ipset_ipt $UDP_PROXY_MODE) -j DROP
}
if [ "$UDP_PROXY_MODE" != "disable" ]; then if [ "$UDP_PROXY_MODE" != "disable" ]; then
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && { [ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_m -A PSW $(comment "默认") -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN $ipt_m -A PSW $(comment "默认") -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN
@ -524,8 +575,10 @@ load_acl() {
[ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && { [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && {
[ "$TCP_UDP" = "1" ] && [ "$UDP_NODE" = "nil" ] && UDP_NODE=$TCP_NODE [ "$TCP_UDP" = "1" ] && [ "$UDP_NODE" = "nil" ] && UDP_NODE=$TCP_NODE
msg="UDP默认代理使用UDP节点[$(config_n_get $UDP_NODE remarks)] [$(get_action_chain_name $UDP_PROXY_MODE)](TPROXY:${UDP_REDIR_PORT})代理" msg="UDP默认代理使用UDP节点[$(config_n_get $UDP_NODE remarks)] [$(get_action_chain_name $UDP_PROXY_MODE)](TPROXY:${UDP_REDIR_PORT})代理"
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${UDP_NO_REDIR_PORTS}外的" [ "$UDP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${UDP_NO_REDIR_PORTS}外的"
msg="${msg}所有端口" msg="${msg}所有端口"
$ipt_m -A PSW $(comment "默认") -p udp -d $FAKE_IP $(REDIRECT $UDP_REDIR_PORT TPROXY) $ipt_m -A PSW $(comment "默认") -p udp -d $FAKE_IP $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY) $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY) $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
@ -814,6 +867,7 @@ add_firewall_rule() {
$ipt_m -A PSW_OUTPUT $(dst $IPSET_WHITELIST) -j RETURN $ipt_m -A PSW_OUTPUT $(dst $IPSET_WHITELIST) -j RETURN
$ipt_m -A PSW_OUTPUT -m mark --mark 0xff -j RETURN $ipt_m -A PSW_OUTPUT -m mark --mark 0xff -j RETURN
$ipt_m -A PSW_OUTPUT $(dst $IPSET_BLOCKLIST) -j DROP $ipt_m -A PSW_OUTPUT $(dst $IPSET_BLOCKLIST) -j DROP
$ipt_m -A OUTPUT -j PSW_OUTPUT
ip rule add fwmark 1 lookup 100 ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100 ip route add local 0.0.0.0/0 dev lo table 100
@ -878,6 +932,8 @@ add_firewall_rule() {
ipt_tmp=$ipt_m ipt_tmp=$ipt_m
blist_r=$(REDIRECT 1 MARK) blist_r=$(REDIRECT 1 MARK)
p_r=$(get_redirect_ipt $LOCALHOST_TCP_PROXY_MODE 1 MARK) p_r=$(get_redirect_ipt $LOCALHOST_TCP_PROXY_MODE 1 MARK)
else
$ipt_n -A OUTPUT -p tcp -j PSW_OUTPUT
fi fi
[ "$accept_icmp" = "1" ] && { [ "$accept_icmp" = "1" ] && {
@ -912,7 +968,6 @@ add_firewall_rule() {
} }
[ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_tcp_access 53 [ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_tcp_access 53
$ipt_tmp -A OUTPUT -p tcp -j PSW_OUTPUT
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && { [ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN $ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
$ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --sport $TCP_NO_REDIR_PORTS -j RETURN $ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --sport $TCP_NO_REDIR_PORTS -j RETURN
@ -920,6 +975,13 @@ add_firewall_rule() {
$ip6t_m -A PSW_OUTPUT -p tcp -m multiport --sport $TCP_NO_REDIR_PORTS -j RETURN $ip6t_m -A PSW_OUTPUT -p tcp -m multiport --sport $TCP_NO_REDIR_PORTS -j RETURN
echolog " - [$?]不代理TCP 端口:$TCP_NO_REDIR_PORTS" echolog " - [$?]不代理TCP 端口:$TCP_NO_REDIR_PORTS"
} }
[ "$TCP_PROXY_DROP_PORTS" != "disable" ] && {
$ipt_m -A PSW_OUTPUT -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW_OUTPUT -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW_OUTPUT -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$LOCALHOST_TCP_PROXY_MODE" != "direct/proxy" ] && $ipt_m -A PSW_OUTPUT -p tcp $(factor $TCP_PROXY_DROP_PORTS "-m multiport --dport") $(get_ipset_ipt $LOCALHOST_TCP_PROXY_MODE) -j DROP
echolog " - [$?]屏蔽代理TCP 端口:$TCP_PROXY_DROP_PORTS"
}
$ipt_tmp -A PSW_OUTPUT -p tcp -d $FAKE_IP $blist_r $ipt_tmp -A PSW_OUTPUT -p tcp -d $FAKE_IP $blist_r
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $blist_r $ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $blist_r
@ -987,6 +1049,13 @@ add_firewall_rule() {
done done
# 加载路由器自身代理 UDP # 加载路由器自身代理 UDP
[ "$UDP_PROXY_DROP_PORTS" != "disable" ] && {
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") -d $FAKE_IP -j DROP
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) -j DROP
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) -j DROP
[ "$LOCALHOST_UDP_PROXY_MODE" != "direct/proxy" ] && $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_PROXY_DROP_PORTS "-m multiport --dport") $(get_ipset_ipt $LOCALHOST_UDP_PROXY_MODE) -j DROP
echolog " - [$?]屏蔽代理UDP 端口:$UDP_PROXY_DROP_PORTS"
}
if [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ]; then if [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ]; then
echolog "加载路由器自身 UDP 代理..." echolog "加载路由器自身 UDP 代理..."
_proxy_udp_access() { _proxy_udp_access() {
@ -1001,7 +1070,6 @@ add_firewall_rule() {
echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链" echolog " - [$?]将上游 DNS 服务器 ${2}:${3} 加入到路由器自身代理的 UDP 转发链"
} }
[ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_udp_access 53 [ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach DNS_FORWARD _proxy_udp_access 53
$ipt_m -A OUTPUT -p udp -j PSW_OUTPUT
[ "$UDP_NO_REDIR_PORTS" != "disable" ] && { [ "$UDP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN $ipt_m -A PSW_OUTPUT -p udp -m multiport --dport $UDP_NO_REDIR_PORTS -j RETURN
$ipt_m -A PSW_OUTPUT -p udp -m multiport --sport $UDP_NO_REDIR_PORTS -j RETURN $ipt_m -A PSW_OUTPUT -p udp -m multiport --sport $UDP_NO_REDIR_PORTS -j RETURN
@ -1009,6 +1077,7 @@ add_firewall_rule() {
$ip6t_m -A PSW_OUTPUT -p udp -m multiport --sport $UDP_NO_REDIR_PORTS -j RETURN $ip6t_m -A PSW_OUTPUT -p udp -m multiport --sport $UDP_NO_REDIR_PORTS -j RETURN
echolog " - [$?]不代理 UDP 端口:$UDP_NO_REDIR_PORTS" echolog " - [$?]不代理 UDP 端口:$UDP_NO_REDIR_PORTS"
} }
$ipt_m -A PSW_OUTPUT -p udp -d $FAKE_IP $(REDIRECT 1 MARK) $ipt_m -A PSW_OUTPUT -p udp -d $FAKE_IP $(REDIRECT 1 MARK)
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT 1 MARK) $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT 1 MARK)
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK) $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK)

445
luci-app-passwall/root/usr/share/passwall/rules/chnlist
View File

File diff suppressed because it is too large Load Diff

12
luci-app-passwall/root/usr/share/passwall/rules/chnroute
View File

@ -750,7 +750,6 @@
103.157.254.0/23 103.157.254.0/23
103.157.30.0/23 103.157.30.0/23
103.158.0.0/23 103.158.0.0/23
103.158.13.0/24
103.158.16.0/23 103.158.16.0/23
103.158.190.0/23 103.158.190.0/23
103.158.200.0/23 103.158.200.0/23
@ -862,6 +861,8 @@
103.18.224.0/22 103.18.224.0/22
103.180.108.0/23 103.180.108.0/23
103.180.226.0/23 103.180.226.0/23
103.181.164.0/23
103.181.234.0/23
103.19.12.0/22 103.19.12.0/22
103.19.232.0/22 103.19.232.0/22
103.19.40.0/22 103.19.40.0/22
@ -1161,7 +1162,6 @@
103.206.148.0/22 103.206.148.0/22
103.206.44.0/22 103.206.44.0/22
103.207.104.0/22 103.207.104.0/22
103.207.164.0/22
103.207.184.0/22 103.207.184.0/22
103.207.188.0/22 103.207.188.0/22
103.207.192.0/22 103.207.192.0/22
@ -3096,7 +3096,6 @@
103.83.64.0/22 103.83.64.0/22
103.83.72.0/22 103.83.72.0/22
103.84.0.0/22 103.84.0.0/22
103.84.108.0/22
103.84.12.0/22 103.84.12.0/22
103.84.136.0/22 103.84.136.0/22
103.84.16.0/22 103.84.16.0/22
@ -3825,7 +3824,10 @@
118.26.0.0/19 118.26.0.0/19
118.26.112.0/21 118.26.112.0/21
118.26.120.0/21 118.26.120.0/21
118.26.128.0/20 118.26.128.0/22
118.26.133.0/24
118.26.134.0/23
118.26.136.0/21
118.26.160.0/20 118.26.160.0/20
118.26.188.0/22 118.26.188.0/22
118.26.192.0/18 118.26.192.0/18
@ -4330,6 +4332,7 @@
140.75.0.0/16 140.75.0.0/16
142.70.0.0/16 142.70.0.0/16
142.86.0.0/16 142.86.0.0/16
143.64.0.0/16
144.0.0.0/16 144.0.0.0/16
144.12.0.0/16 144.12.0.0/16
144.123.0.0/16 144.123.0.0/16
@ -4547,7 +4550,6 @@
175.176.156.0/22 175.176.156.0/22
175.176.176.0/22 175.176.176.0/22
175.176.188.0/22 175.176.188.0/22
175.176.192.0/22
175.178.0.0/16 175.178.0.0/16
175.184.128.0/18 175.184.128.0/18
175.185.0.0/16 175.185.0.0/16

4
luci-app-passwall/root/usr/share/passwall/rules/chnroute6
View File

@ -190,6 +190,7 @@
2400:5840::/32 2400:5840::/32
2400:5a00::/32 2400:5a00::/32
2400:5a40::/32 2400:5a40::/32
2400:5a60::/32
2400:5ac0::/32 2400:5ac0::/32
2400:5b40::/32 2400:5b40::/32
2400:5bc0::/32 2400:5bc0::/32
@ -270,7 +271,6 @@
2400:9600::/32 2400:9600::/32
2400:98c0::/32 2400:98c0::/32
2400:9a00::/32 2400:9a00::/32
2400:9dc0::/32
2400:9e00::/32 2400:9e00::/32
2400:a040::/32 2400:a040::/32
2400:a380::/32 2400:a380::/32
@ -1666,7 +1666,6 @@
2406:aa80::/32 2406:aa80::/32
2406:aac0::/32 2406:aac0::/32
2406:ab80::/32 2406:ab80::/32
2406:abc0::/32
2406:ac80::/32 2406:ac80::/32
2406:acc0::/32 2406:acc0::/32
2406:ad40::/32 2406:ad40::/32
@ -1812,7 +1811,6 @@
2407:9f00::/32 2407:9f00::/32
2407:9f80::/32 2407:9f80::/32
2407:a040::/32 2407:a040::/32
2407:a480::/32
2407:a640::/32 2407:a640::/32
2407:a7c0::/32 2407:a7c0::/32
2407:a880::/32 2407:a880::/32

100
luci-app-passwall/root/usr/share/passwall/rules/gfwlist
View File

@ -119,6 +119,7 @@ a.kslive.tv
a0pple.net a0pple.net
a2z.com a2z.com
aaagradeheadphones.com aaagradeheadphones.com
aacrjournals.org
aaex.uk aaex.uk
aanaan.com aanaan.com
aapl.tw aapl.tw
@ -147,6 +148,7 @@ aboutmcdonalds.com
aboutyourmini.com aboutyourmini.com
abow.jp abow.jp
ac-pocketcamp.com ac-pocketcamp.com
academic.eb.com
academynetriders.com academynetriders.com
accbusiness.com accbusiness.com
accessfacebookfromschool.com accessfacebookfromschool.com
@ -277,9 +279,11 @@ afpforum.com
agendaweek.com agendaweek.com
agzy1.com agzy1.com
ahmia.fi ahmia.fi
aiaa.org
aiasahi.jp aiasahi.jp
aibaobei.me aibaobei.me
aimei133.com aimei133.com
aimsciences.org
air-nike-shoes.com air-nike-shoes.com
air-watch.com air-watch.com
airav.cc airav.cc
@ -406,6 +410,7 @@ akatns.net
albeats.com albeats.com
alchemysynth.com alchemysynth.com
alexa.com alexa.com
alexanderstreet.com
alfera.com.hk alfera.com.hk
alfera.com.my alfera.com.my
alfera.in alfera.in
@ -551,6 +556,7 @@ amazonvideodirect.com
amazonworkdocs.com amazonworkdocs.com
amd.com amd.com
amdfanstore.com amdfanstore.com
amdigital.co.uk
ameba.jp ameba.jp
amebame.com amebame.com
amebaownd.com amebaownd.com
@ -570,6 +576,7 @@ amplifyframework.com
ampproject.com ampproject.com
ampproject.net ampproject.net
ampproject.org ampproject.org
ams.org
ams02.space ams02.space
amytele.com amytele.com
amzn.com amzn.com
@ -580,12 +587,14 @@ anaconda.com
anaconda.org anaconda.org
analytictech.com analytictech.com
anandtech.com anandtech.com
anatomy.tv
anb.org anb.org
android.com android.com
androidify.com androidify.com
andysparis.com andysparis.com
anfutong.com anfutong.com
angelbeats.jp angelbeats.jp
angle.com.tw
angulardart.org angulardart.org
anidom.com anidom.com
anigema.jp anigema.jp
@ -947,6 +956,7 @@ aps.org
aptoide.com aptoide.com
apture.com apture.com
apyle.com apyle.com
arabidopsis.org
aranzadi.es aranzadi.es
arcgis.com arcgis.com
arcgisonline.com arcgisonline.com
@ -966,6 +976,7 @@ arphic.com.cn
arphic.com.tw arphic.com.tw
artstation.com artstation.com
artstationmedia.com artstationmedia.com
artstor.org
arxiv.org arxiv.org
as-hp.ca as-hp.ca
asagaku.com asagaku.com
@ -973,20 +984,28 @@ asahi.com
asahicom.jp asahicom.jp
asahishimbun.sc.omtrdc.net asahishimbun.sc.omtrdc.net
asakonet.co.jp asakonet.co.jp
ascelibrary.org
asebay.com asebay.com
asha.org asha.org
asianpornmovies.com asianpornmovies.com
askfacebook.net askfacebook.net
askfacebook.org askfacebook.org
askubuntu.com askubuntu.com
asm.org
asme.org
asminternational.org
asn-online.org
asp-cc.com asp-cc.com
asp.net asp.net
aspbjournals.org
aspenpublishing.com
aspnetcdn.com aspnetcdn.com
asproex.com asproex.com
asproexapi.com asproexapi.com
assetsadobe.com assetsadobe.com
associates-amazon.com associates-amazon.com
assylum.com assylum.com
astm.org
asto.re asto.re
asus.com asus.com
atandt.com atandt.com
@ -1150,6 +1169,7 @@ babyzone.com
badaas.com badaas.com
badgen.net badgen.net
bag-glasses1.com bag-glasses1.com
bahamut.akamaized.net
bahamut.com.tw bahamut.com.tw
baicaonetwork.com baicaonetwork.com
baltimorebmw.com baltimorebmw.com
@ -1483,6 +1503,7 @@ beatswirelesscuffie.com
beatthatquote.com beatthatquote.com
beautyandthebeastmusical.co.uk beautyandthebeastmusical.co.uk
bebepremium3.com.bo bebepremium3.com.bo
beck-online.beck.de
becomeindex.com becomeindex.com
beddit.tv beddit.tv
beeg.com beeg.com
@ -1493,6 +1514,7 @@ beijingnike.com
bejeweledstars.com bejeweledstars.com
bejewled-stars.com bejewled-stars.com
bellsouth.net bellsouth.net
benghuai.com
benliton.com benliton.com
bentobox.tv bentobox.tv
berkanawireless.com berkanawireless.com
@ -1545,6 +1567,7 @@ bextbuy.com
beyondcore.com beyondcore.com
bgov.com bgov.com
bgr.in bgr.in
bh3.com
bidbay.com bidbay.com
bidi.net.uk bidi.net.uk
bidorbuyindia.com bidorbuyindia.com
@ -1603,7 +1626,9 @@ bingvisualsearch.com
bingworld.com bingworld.com
binoculus.com binoculus.com
bintray.com bintray.com
biologists.com
biomedcentral.com biomedcentral.com
bioone.org
biorxiv.org biorxiv.org
bioware.com bioware.com
biowarestore.com biowarestore.com
@ -1761,6 +1786,8 @@ bloombergtv.mn
bloombergvault.com bloombergvault.com
bloombergview.com bloombergview.com
bloommicroventures.com bloommicroventures.com
bloomsburycollections.com
bloomsburydesignlibrary.com
blpcareers.com blpcareers.com
blpevents.com blpevents.com
blpprofessional.com blpprofessional.com
@ -1776,6 +1803,7 @@ blzddistkr1-a.akamaihd.net
blzmedia-a.akamaihd.net blzmedia-a.akamaihd.net
blznav.akamaized.net blznav.akamaized.net
bmia.org bmia.org
bmj.com
bml.info bml.info
bmw-abudhabi.com bmw-abudhabi.com
bmw-adventskalender.com bmw-adventskalender.com
@ -2189,6 +2217,7 @@ booking.com
bookmybridgestonetyre.com bookmybridgestonetyre.com
bookonsky.net bookonsky.net
books.com.tw books.com.tw
booksinprint.com
bookstagram.com bookstagram.com
booth.pm booth.pm
bootstrapcdn.com bootstrapcdn.com
@ -2227,6 +2256,7 @@ brazilpartneruniversity.com
brazzers.com brazzers.com
breakdown.me breakdown.me
breitbart.com breitbart.com
brepolis.net
brew.sh brew.sh
brewmp.com brewmp.com
briantreepayments.net briantreepayments.net
@ -2369,6 +2399,7 @@ buypass.se
buyshoponly.com buyshoponly.com
buzzardflapper.com buzzardflapper.com
buzzav.com buzzav.com
bvdinfo.com
bwbx.io bwbx.io
bwh1.net bwh1.net
bwh8.net bwh8.net
@ -2386,6 +2417,7 @@ cabletvdirectv.com
cafr.ca cafr.ca
caijinglengyan.com caijinglengyan.com
caime.xyz caime.xyz
cairn.info
cairnspost.com.au cairnspost.com.au
calendarserver.org calendarserver.org
calgon.at calgon.at
@ -2492,6 +2524,7 @@ canonfoundation.org
canonical.com canonical.com
canonproprinters.com canonproprinters.com
capitalgames.com capitalgames.com
capitaliq.com
carbon.com carbon.com
carcare-and-tireshop.jp carcare-and-tireshop.jp
card.io card.io
@ -2502,6 +2535,7 @@ careersatfb.com
carekit.org carekit.org
cargigileads.com cargigileads.com
carstagram.com carstagram.com
cas.org
cash.app cash.app
cash2.com cash2.com
cashbycashapp.com cashbycashapp.com
@ -2547,6 +2581,7 @@ cbspressexpress.com
cbssports.com cbssports.com
cbsstatic.com cbsstatic.com
cbssvideo.com cbssvideo.com
ccdc.cam.ac.uk
cciernslabs.com cciernslabs.com
cciesecuritylabs.com cciesecuritylabs.com
ccievoicelabs.com ccievoicelabs.com
@ -2648,6 +2683,7 @@ cheapshoesvip.com
cheapwireless04.com cheapwireless04.com
cheapwirelessbeats.com cheapwirelessbeats.com
cheerwholesale.us cheerwholesale.us
chemnetbase.com
chicagolandbmw.com chicagolandbmw.com
chickstagram.com chickstagram.com
chihair-straightener.com chihair-straightener.com
@ -2664,6 +2700,7 @@ chinatimes.com
chinatimes.com.tw chinatimes.com.tw
chips.com chips.com
chocolatey.org chocolatey.org
choicereviews.org
chomp.com chomp.com
chrome.com chrome.com
chromebook.com chromebook.com
@ -2679,6 +2716,7 @@ ciattackers.com
cilk.com cilk.com
cilk.net cilk.net
cinemax.com cinemax.com
cios.org
cisco-returns.com cisco-returns.com
cisco-warrantyfinder.com cisco-warrantyfinder.com
cisco.com cisco.com
@ -2735,6 +2773,7 @@ clearlinux.org
click-url.com click-url.com
clickedu.co.uk clickedu.co.uk
clickserver.googleads.com clickserver.googleads.com
clinicalkey.com
clojure.org clojure.org
cloudapp.net cloudapp.net
cloudappsecurity.com cloudappsecurity.com
@ -2806,6 +2845,7 @@ cnshopin.com
cnyes.com cnyes.com
cobatt.com cobatt.com
cobrasearch.com cobrasearch.com
cochranelibrary.com
code.org code.org
codecademy.com codecademy.com
codei.sh codei.sh
@ -3001,6 +3041,7 @@ darwinsourcecode.com
dashwood360.com dashwood360.com
dat.foundation dat.foundation
data.com data.com
databank.worldbank.org
database.asahi.com database.asahi.com
dataliberation.org dataliberation.org
datalore.io datalore.io
@ -3318,12 +3359,14 @@ dkk37.com
dkr.com dkr.com
dkrecttv.com dkrecttv.com
dl-iphone.com dl-iphone.com
dl.begellhouse.com
dlercloud.com dlercloud.com
dlercloud.me dlercloud.me
dlercloud.org dlercloud.org
dleris.best dleris.best
dlfacebook.com dlfacebook.com
dlgarenanow-a.akamaihd.net dlgarenanow-a.akamaihd.net
dlib.eastview.com
dlmobilegarena-a.akamaihd.net dlmobilegarena-a.akamaihd.net
dmed.technology dmed.technology
dmgmediaprivacy.co.uk dmgmediaprivacy.co.uk
@ -3780,6 +3823,8 @@ ebayy.com
ebc.net.tw ebc.net.tw
ebi.ac.uk ebi.ac.uk
ebookforipad.com ebookforipad.com
ebsco.com
ebscohost.com
ebuyheadphones.com ebuyheadphones.com
ecapi-pchome.cdn.hinet.net ecapi-pchome.cdn.hinet.net
ecgapp.net ecgapp.net
@ -3819,11 +3864,13 @@ elasticbeanstalk.com
elderscrolls.com elderscrolls.com
electrek.co electrek.co
electricluxury.com electricluxury.com
electrochem.org
electronicarts.com electronicarts.com
electronicarts.fr electronicarts.fr
electronjs.org electronjs.org
element.io element.io
elephantsdream.org elephantsdream.org
elgaronline.com
elib.maruzen.co.jp elib.maruzen.co.jp
elifesciences.org elifesciences.org
elite.com elite.com
@ -3836,6 +3883,7 @@ elsevier.io
emac.co.in emac.co.in
emac.in emac.in
emagic.de emagic.de
embase.com
embed-cdn.com embed-cdn.com
embed.ly embed.ly
embedly.com embedly.com
@ -3847,8 +3895,10 @@ embl.org
emblstatic.net emblstatic.net
embs.org embs.org
emcs.org emcs.org
emerald.com
emojipedia.org emojipedia.org
emome.net emome.net
ems-ph.org
enablementadobe.com enablementadobe.com
enanyang.my enanyang.my
encoretvb.com encoretvb.com
@ -3968,6 +4018,7 @@ etvonline.hk
etwealth.com etwealth.com
eu-consumer-empowerment.com eu-consumer-empowerment.com
eubluecardvisa.com eubluecardvisa.com
eurekaselect.com
euroipad.com euroipad.com
europalibera.org europalibera.org
europepmc.org europepmc.org
@ -4231,6 +4282,7 @@ facnbook.com
facrbook.com facrbook.com
factograph.info factograph.info
factwire.org factwire.org
facultyopinions.com
facvebook.com facvebook.com
facwebook.com facwebook.com
facxebook.com facxebook.com
@ -4442,6 +4494,7 @@ firestonetire.ca
firestonetire.com firestonetire.com
firewire.cl firewire.cl
firewire.eu firewire.eu
firstsearch.oclc.org
fixtracking.com fixtracking.com
flathub.org flathub.org
flatmates.com.au flatmates.com.au
@ -4725,6 +4778,7 @@ fuchsia.dev
fujinkoron.jp fujinkoron.jp
fundaiphone5s.com fundaiphone5s.com
fundfire.com fundfire.com
fundinginstitutional.com
fundpaypal.com fundpaypal.com
fundraisingwithfacebook.com fundraisingwithfacebook.com
funimation.com funimation.com
@ -4920,6 +4974,7 @@ gitstar.net
gittigidiyor.net gittigidiyor.net
gittigidiyorsikayet.com gittigidiyorsikayet.com
glasamerike.net glasamerike.net
global-sci.org
globaledu.org globaledu.org
globalriskregulator.com globalriskregulator.com
globalsecurity.org globalsecurity.org
@ -5282,6 +5337,7 @@ gvt5.com
gvt6.com gvt6.com
gvt7.com gvt7.com
gvt9.com gvt9.com
gwiki.net
gwktravelex.nl gwktravelex.nl
hackday.com.au hackday.com.au
hackerfacebook.com hackerfacebook.com
@ -5358,6 +5414,7 @@ heaven-burns-red.com
heavy-r.com heavy-r.com
hebiphone.com hebiphone.com
hegre.com hegre.com
heinonline.org
hellokittybeats.com hellokittybeats.com
hellosmartbook.com hellosmartbook.com
hentaiathome.net hentaiathome.net
@ -5387,6 +5444,9 @@ hifacebook.info
highbolt.net highbolt.net
highdefinitionbeatsbydre.com highdefinitionbeatsbydre.com
hightopnikes.com hightopnikes.com
highwirepress.com
himalaya-exchange.zendesk.com
himalaya.exchange
hindawi.com hindawi.com
hindiweb.com hindiweb.com
hinet.net hinet.net
@ -5430,6 +5490,7 @@ homephoneplus.com
hometrack.com.au hometrack.com.au
honawalaan.com honawalaan.com
hongkongfp.com hongkongfp.com
honkaistarrail.com
hooloo.tv hooloo.tv
hoolu.com hoolu.com
hoolu.tv hoolu.tv
@ -5446,6 +5507,8 @@ housing.com
housingcdn.com housingcdn.com
howtogetmo.co.uk howtogetmo.co.uk
howtohackfacebook-account.com howtohackfacebook-account.com
hoyolab.com
hoyoverse.com
hp-imagine.com hp-imagine.com
hp-infolab.com hp-infolab.com
hp-invent.com hp-invent.com
@ -5674,6 +5737,7 @@ ibookpartner.com
ibooksauthor.com ibooksauthor.com
ic.ac.uk ic.ac.uk
icashpassport.com.mx icashpassport.com.mx
icevirtuallibrary.com
ichat.co.in ichat.co.in
ichineseporn.com ichineseporn.com
icloud-content.com icloud-content.com
@ -5713,6 +5777,7 @@ icloudos.net
icloudpay.net icloudpay.net
icloudsecure.net icloudsecure.net
icloudsetup.com icloudsetup.com
icsd.fiz-karlsruhe.de
idelreal.org idelreal.org
identrust.co.uk identrust.co.uk
identrust.com identrust.com
@ -5767,12 +5832,14 @@ ietf.org
ifontcloud.com ifontcloud.com
ig.me ig.me
igcdn.com igcdn.com
igi-global.com
ign.jp ign.jp
ignites.com ignites.com
ignitesasia.com ignitesasia.com
igniteseurope.com igniteseurope.com
igoogle.com igoogle.com
igoshopping.net igoshopping.net
igpublish.com
igsonar.com igsonar.com
igtv.com igtv.com
iijav.com iijav.com
@ -6294,6 +6361,7 @@ itunesu.com
itunesu.net itunesu.net
ius.io ius.io
iutunes.com iutunes.com
iwaponline.com
iwara.tv iwara.tv
iwork.com iwork.com
iwork.se iwork.se
@ -6367,6 +6435,7 @@ joinclubhouse.com
joinmaidez.com joinmaidez.com
joox.com joox.com
jos.com jos.com
jove.com
jquery.com jquery.com
jquerymobile.com jquerymobile.com
jqueryui.com jqueryui.com
@ -6399,6 +6468,7 @@ kamisama-maeda-lab.com
kannewyork.com kannewyork.com
kanzhongguo.com kanzhongguo.com
kanzhongguo.eu kanzhongguo.eu
karger.com
kastatic.org kastatic.org
kavkazr.com kavkazr.com
keepmovingwithmovefree.com keepmovingwithmovefree.com
@ -6527,6 +6597,7 @@ legaltracker.com
lencr.org lencr.org
letmejerk.com letmejerk.com
letsencrypt.org letsencrypt.org
lexisnexis.com
lexuemei.com lexuemei.com
lfai.foundation lfai.foundation
lg.com lg.com
@ -6957,6 +7028,7 @@ mediafiles-cisco.com
mediawiki.org mediawiki.org
medium.com medium.com
medium.systems medium.systems
medone-education.thieme.com
medrxiv.org medrxiv.org
meet.new meet.new
meetfasttrack.com meetfasttrack.com
@ -6967,6 +7039,7 @@ mega.io
mega.nz mega.nz
megaphone.fm megaphone.fm
meijinsen.jp meijinsen.jp
mendeley.com
menshin-channel.com menshin-channel.com
mepn.com mepn.com
meraki-go.com meraki-go.com
@ -7093,6 +7166,8 @@ microsoftuwp.com
micstl.com micstl.com
midatlanticbmwmotorcycles.com midatlanticbmwmotorcycles.com
midentsolutions.com midentsolutions.com
mihayou.com
mihoyo.com
miitomo.com miitomo.com
miiverse.com miiverse.com
miktex.org miktex.org
@ -7451,6 +7526,7 @@ monstershopcheapbeats.net
moodstocks.com moodstocks.com
moov.hk moov.hk
moreheadphones.com moreheadphones.com
morganclaypool.com
morisawa.co.jp morisawa.co.jp
morphcharts.com morphcharts.com
mortein.co.in mortein.co.in
@ -7538,6 +7614,7 @@ multicurrencycashpassport.com
multiplydiversity.com multiplydiversity.com
muncloud.dog muncloud.dog
muscdn.com muscdn.com
muse.jhu.edu
mushymush.tv mushymush.tv
musical.ly musical.ly
musicbay.net musicbay.net
@ -7661,6 +7738,7 @@ nationalgeographicpartners.com
nativeincolour.com.au nativeincolour.com.au
naturalvoices.com naturalvoices.com
nature.com nature.com
naturemag.org
naver.com naver.com
naver.jp naver.jp
naver.net naver.net
@ -7674,6 +7752,7 @@ nbcsports.com
nbcudigitaladops.com nbcudigitaladops.com
nbcuni.com nbcuni.com
nbcuniversal.com nbcuniversal.com
ncl.edu.tw
near.by near.by
nebay.net nebay.net
neborder.com neborder.com
@ -8164,6 +8243,7 @@ oculusforbusiness.com
oculusrift.com oculusrift.com
oculusvr.com oculusvr.com
odysee.com odysee.com
oecd-ilibrary.org
oed.com oed.com
offerairjordanlebron.com offerairjordanlebron.com
office.com office.com
@ -8255,6 +8335,7 @@ openwrt.org
opgg-static.akamaized.net opgg-static.akamaized.net
opinionjournal.com opinionjournal.com
optanedifference.com optanedifference.com
optica.org
opticsforthecloud.net opticsforthecloud.net
optimumssl.com optimumssl.com
oracle.com oracle.com
@ -8274,6 +8355,7 @@ orithegame.com
orl.ly orl.ly
orlandohurricane.com orlandohurricane.com
osakamotion.net osakamotion.net
osapublishing.org
osdn.net osdn.net
osm.org osm.org
osmfoundation.org osmfoundation.org
@ -8761,6 +8843,7 @@ polymer-project.org
polymerproject.org polymerproject.org
popcap.com popcap.com
popjav.tv popjav.tv
porn.com
pornacho.com pornacho.com
pornbest.org pornbest.org
pornbrb.com pornbrb.com
@ -8848,6 +8931,7 @@ product.co.jp
projectapex.com projectapex.com
projectara.com projectara.com
projectbaseline.com projectbaseline.com
projecteuclid.org
projectmurphy.net projectmurphy.net
projectsangam.com projectsangam.com
promonsterbeatsbydre.com promonsterbeatsbydre.com
@ -9071,6 +9155,7 @@ realtype.co.jp
realtype.jp realtype.jp
realvision.com realvision.com
reastatic.net reastatic.net
reaxys.com
rebates.jp rebates.jp
rebrandly.com rebrandly.com
reckitt.net reckitt.net
@ -9186,6 +9271,7 @@ rumble.com
run.app run.app
runnike.com runnike.com
runningnike.com runningnike.com
rupress.org
rust-lang.org rust-lang.org
rustup.rs rustup.rs
ruten.com.tw ruten.com.tw
@ -9201,6 +9287,7 @@ s.team
s2stagehance.com s2stagehance.com
s81c.com s81c.com
sa78gs.wpc.edgecastcdn.net sa78gs.wpc.edgecastcdn.net
sae.org
safechat.com safechat.com
saffrontech.com saffrontech.com
sagepub.com sagepub.com
@ -9359,6 +9446,7 @@ sci-hub.mksa.top
sci-hub.se sci-hub.se
sci-hub.st sci-hub.st
sci.hubg.org sci.hubg.org
science.com
science.org science.org
sciencedirect.com sciencedirect.com
sciencedirectassets.com sciencedirectassets.com
@ -9366,6 +9454,7 @@ sciencemag.org
scientificamerican.com scientificamerican.com
scientificlinux.org scientificlinux.org
scitation.org scitation.org
scival.com
scmp.com scmp.com
scnshop.cc scnshop.cc
scnsrc.me scnsrc.me
@ -9470,6 +9559,7 @@ shorturl.at
shotwithgeforce.com shotwithgeforce.com
shp.ee shp.ee
shuziyimin.org shuziyimin.org
siam.org
sibreal.org sibreal.org
siege-amazon.com siege-amazon.com
sign.new sign.new
@ -10194,6 +10284,9 @@ theuab.net
theverge.com theverge.com
theweek.in theweek.in
thewonderful101.com thewonderful101.com
thieme-connect.com
thieme-connect.de
thieme.de
thinkboxsoftware.com thinkboxsoftware.com
thinkdifferent.us thinkdifferent.us
thinkofliving.com thinkofliving.com
@ -10265,6 +10358,7 @@ torproject.org
torrentkitty.tv torrentkitty.tv
torrindex.net torrindex.net
tospo-keiba.jp tospo-keiba.jp
totalmateria.com
touchid.tv touchid.tv
touchid.wang touchid.wang
touchsmartpc.com touchsmartpc.com
@ -10409,6 +10503,7 @@ ukipad.com
ukwhoswho.com ukwhoswho.com
ulifestyle.com.hk ulifestyle.com.hk
ulol.com ulol.com
ulrichsweb.serialssolutions.com
ultimaforever.com ultimaforever.com
ultimaonline.com ultimaonline.com
umagazine.com.hk umagazine.com.hk
@ -11250,6 +11345,7 @@ welcometobestbuy.ca
weltweitwachsen.de weltweitwachsen.de
wenzhao.ca wenzhao.ca
westerndigital.com westerndigital.com
westlaw.com
weverse.io weverse.io
wfm.com wfm.com
what-fan.net what-fan.net
@ -11369,6 +11465,7 @@ woflthenewsstation.com
wogx.com wogx.com
wolfatbestbuy.com wolfatbestbuy.com
wolfatbestbuy.net wolfatbestbuy.net
wolterskluwer.com
womensnikeshox.com womensnikeshox.com
womenwill.com womenwill.com
womenwill.com.br womenwill.com.br
@ -11397,6 +11494,7 @@ worldflipper.akamaized.net
worldflipper.jp worldflipper.jp
worldhack.com worldhack.com
worldofwarcraft.com worldofwarcraft.com
worldscientific.com
worldsecureemail.com worldsecureemail.com
worldsecuresystems.com worldsecuresystems.com
worldsfastestgamer.net worldsfastestgamer.net
@ -11404,6 +11502,7 @@ wp-themes.com
wp.com wp.com
wpewebkit.org wpewebkit.org
wpvip.com wpvip.com
wrds-www.wharton.upenn.edu
wrenchead.com wrenchead.com
wsj.com wsj.com
wsj.jobs wsj.jobs
@ -11941,6 +12040,7 @@ youtubemobilesupport.com
ysm.yahoo.com ysm.yahoo.com
yt.be yt.be
ytimg.com ytimg.com
yuanshen.com
yzzk.com yzzk.com
z5.app z5.app
z5.com z5.com

32
luci-app-passwall/root/usr/share/passwall/subscribe.lua
View File

@ -766,6 +766,38 @@ local function processData(szType, content, add_mode, add_from)
result.port = port result.port = port
result.tls_allowInsecure = allowInsecure_default and "1" or "0" result.tls_allowInsecure = allowInsecure_default and "1" or "0"
end end
elseif szType == 'hysteria' then
local alias = ""
if content:find("#") then
local idx_sp = content:find("#")
alias = content:sub(idx_sp + 1, -1)
content = content:sub(0, idx_sp - 1)
end
result.remarks = UrlDecode(alias)
result.type = "Hysteria"
local dat = split(content, '%?')
local hostInfo = split(dat[1], ':')
result.address = hostInfo[1]
result.port = hostInfo[2]
local params = {}
for _, v in pairs(split(dat[2], '&')) do
local t = split(v, '=')
if #t > 0 then
params[t[1]] = t[2]
end
end
result.hysteria_protocol = params.protocol
result.hysteria_obfs = params.obfsParam
result.hysteria_auth_type = "string"
result.hysteria_auth_password = params.auth
result.tls_serverName = params.peer
if params.insecure and params.insecure == "1" then
result.tls_allowInsecure = "1"
end
result.hysteria_alpn = params.alpn
result.hysteria_up_mbps = params.upmbps
result.hysteria_down_mbps = params.downmbps
else else
log('暂时不支持' .. szType .. "类型的节点订阅,跳过此节点。") log('暂时不支持' .. szType .. "类型的节点订阅,跳过此节点。")
return nil return nil

4
luci-app-ssr-plus/Makefile
View File

@ -24,8 +24,8 @@ LUCI_TITLE:=SS/SSR/V2Ray/Trojan/NaiveProxy/Socks5/Tun LuCI interface
LUCI_PKGARCH:=all LUCI_PKGARCH:=all
LUCI_DEPENDS:= \ LUCI_DEPENDS:= \
@(PACKAGE_libustream-mbedtls||PACKAGE_libustream-openssl||PACKAGE_libustream-wolfssl) \ @(PACKAGE_libustream-mbedtls||PACKAGE_libustream-openssl||PACKAGE_libustream-wolfssl) \
+coreutils +coreutils-base64 +dns2socks +dnsmasq-full +ipset \ +coreutils +coreutils-base64 +dns2socks +dnsmasq-full +ipset +kmod-ipt-nat \
+kmod-ipt-nat +ip-full +iptables-mod-tproxy +lua +libuci-lua +microsocks \ +ip-full +iptables-mod-tproxy +lua +libuci-lua +microsocks +pdnsd-alt \
+tcping +resolveip +shadowsocksr-libev-ssr-check +uclient-fetch \ +tcping +resolveip +shadowsocksr-libev-ssr-check +uclient-fetch \
+PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \ +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \
+PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \ +PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \

7
luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
View File

@ -302,13 +302,6 @@ o:depends("type", "ssr")
o = s:option(Value, "obfs_param", translate("Obfs param(optional)")) o = s:option(Value, "obfs_param", translate("Obfs param(optional)"))
o:depends("type", "ssr") o:depends("type", "ssr")
-- AlterId
o = s:option(Value, "alter_id", translate("AlterId"))
o.datatype = "port"
o.default = 16
o.rmempty = true
o:depends({type = "v2ray", v2ray_protocol = "vmess"})
-- VmessId -- VmessId
o = s:option(Value, "vmess_id", translate("Vmess/VLESS ID (UUID)")) o = s:option(Value, "vmess_id", translate("Vmess/VLESS ID (UUID)"))
o.rmempty = true o.rmempty = true

1
luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm
View File

@ -242,7 +242,6 @@ function import_ssr_url(btn, urlname, sid) {
document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = ssm.ps; document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = ssm.ps;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = ssm.add; document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = ssm.add;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = ssm.port; document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = ssm.port;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.alter_id')[0].value = ssm.aid;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.vmess_id')[0].value = ssm.id; document.getElementsByName('cbid.shadowsocksr.' + sid + '.vmess_id')[0].value = ssm.id;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].value = ssm.net; document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].value = ssm.net;
document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].dispatchEvent(event); document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].dispatchEvent(event);

1
luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua
View File

@ -15,7 +15,6 @@ function vmess_vless()
users = { users = {
{ {
id = server.vmess_id, id = server.vmess_id,
alterId = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and tonumber(server.alter_id) or nil,
security = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and server.security or nil, security = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and server.security or nil,
encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or nil, encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or nil,
flow = (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil flow = (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil

1
luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
View File

@ -163,7 +163,6 @@ local function processData(szType, content)
result.server = info.add result.server = info.add
result.server_port = info.port result.server_port = info.port
result.transport = info.net result.transport = info.net
result.alter_id = info.aid
result.vmess_id = info.id result.vmess_id = info.id
result.alias = info.ps result.alias = info.ps
-- result.mux = 1 -- result.mux = 1