OpenWrt
/
small-package
mirror of https://github.com/kenzok8/small-package
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update 2023-09-15 09:11:25

This commit is contained in:
github-actions[bot] 2023-09-15 09:11:25 +08:00
parent 2009ac8d00
commit cb69ed763a
16 changed files with 409 additions and 490 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
filebrowser/Makefile
View File

@ -5,13 +5,13 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=filebrowser PKG_NAME:=filebrowser
PKG_VERSION:=2.24.2 PKG_VERSION:=2.25.0
PKG_RELEASE:=$(AUTORELEASE) PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=02db83c72ef3e14bac8df085a49f873261c6fb69 PKG_SOURCE_VERSION:=02db83c72ef3e14bac8df085a49f873261c6fb69
PKG_SOURCE_URL:=https://github.com/filebrowser/filebrowser PKG_SOURCE_URL:=https://github.com/filebrowser/filebrowser
PKG_HASH:=4889c0efd1abfdb3a717c5c906db4fa36dd6a2b01754e4124c9d870147df2682 PKG_HASH:=e6d83a869454a1b90768917809f76673acc9752999faf2d6ba50766d7d8a7d38
PKG_LICENSE:=Apache-2.0 PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE PKG_LICENSE_FILES:=LICENSE

2
luci-app-passwall2/Makefile
View File

@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall2 PKG_NAME:=luci-app-passwall2
PKG_VERSION:=1.20-10 PKG_VERSION:=1.20-11
PKG_RELEASE:= PKG_RELEASE:=
PKG_CONFIG_DEPENDS:= \ PKG_CONFIG_DEPENDS:= \

38
luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/hysteria.lua → luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/hysteria2.lua
View File

@ -6,22 +6,20 @@ if not api.finded_com("hysteria") then
return return
end end
local type_name = "Hysteria" local type_name = "Hysteria2"
local option_prefix = "hysteria_" local option_prefix = "hysteria2_"
local function option_name(name) local function option_name(name)
return option_prefix .. name return option_prefix .. name
end end
-- [[ Hysteria ]] -- [[ Hysteria2 ]]
s.fields["type"]:value(type_name, translate("Hysteria")) s.fields["type"]:value(type_name, "Hysteria2")
o = s:option(ListValue, option_name("protocol"), translate("Protocol")) o = s:option(ListValue, option_name("protocol"), translate("Protocol"))
o:value("udp", "UDP") o:value("udp", "UDP")
o:value("faketcp", "faketcp")
o:value("wechat-video", "wechat-video")
o = s:option(Value, option_name("address"), translate("Address (Support Domain Name)")) o = s:option(Value, option_name("address"), translate("Address (Support Domain Name)"))
@ -34,19 +32,8 @@ o.rewrite_option = o.option
o = s:option(Value, option_name("obfs"), translate("Obfs Password")) o = s:option(Value, option_name("obfs"), translate("Obfs Password"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(ListValue, option_name("auth_type"), translate("Auth Type"))
o:value("disable", translate("Disable"))
o:value("string", translate("STRING"))
o:value("base64", translate("BASE64"))
o.rewrite_option = o.option
o = s:option(Value, option_name("auth_password"), translate("Auth Password")) o = s:option(Value, option_name("auth_password"), translate("Auth Password"))
o.password = true o.password = true
o:depends({ [option_name("auth_type")] = "string"})
o:depends({ [option_name("auth_type")] = "base64"})
o.rewrite_option = o.option
o = s:option(Value, option_name("alpn"), translate("QUIC TLS ALPN"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Flag, option_name("fast_open"), translate("Fast Open")) o = s:option(Flag, option_name("fast_open"), translate("Fast Open"))
@ -58,11 +45,14 @@ o = s:option(Flag, option_name("tls_allowInsecure"), translate("allowInsecure"),
o.default = "0" o.default = "0"
o = s:option(Value, option_name("up_mbps"), translate("Max upload Mbps")) o = s:option(Value, option_name("up_mbps"), translate("Max upload Mbps"))
o.default = "10" o.default = "100"
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("down_mbps"), translate("Max download Mbps")) o = s:option(Value, option_name("down_mbps"), translate("Max download Mbps"))
o.default = "50" o.default = "100"
o.rewrite_option = o.option
o = s:option(Value, option_name("hop_interval"), translate("Hop Interval"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("recv_window_conn"), translate("QUIC stream receive window")) o = s:option(Value, option_name("recv_window_conn"), translate("QUIC stream receive window"))
@ -71,19 +61,11 @@ o.rewrite_option = o.option
o = s:option(Value, option_name("recv_window"), translate("QUIC connection receive window")) o = s:option(Value, option_name("recv_window"), translate("QUIC connection receive window"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("handshake_timeout"), translate("Handshake Timeout"))
o.rewrite_option = o.option
o = s:option(Value, option_name("idle_timeout"), translate("Idle Timeout")) o = s:option(Value, option_name("idle_timeout"), translate("Idle Timeout"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("hop_interval"), translate("Hop Interval"))
o.rewrite_option = o.option
o = s:option(Flag, option_name("disable_mtu_discovery"), translate("Disable MTU detection")) o = s:option(Flag, option_name("disable_mtu_discovery"), translate("Disable MTU detection"))
o.rewrite_option = o.option o.default = "0"
o = s:option(Flag, option_name("lazy_start"), translate("Lazy Start"))
o.rewrite_option = o.option o.rewrite_option = o.option
api.luci_types(arg[1], m, s, type_name, option_prefix) api.luci_types(arg[1], m, s, type_name, option_prefix)

52
luci-app-passwall2/luasrc/model/cbi/passwall2/server/type/hysteria.lua → luci-app-passwall2/luasrc/model/cbi/passwall2/server/type/hysteria2.lua
View File

@ -6,40 +6,26 @@ if not api.finded_com("hysteria") then
return return
end end
local type_name = "Hysteria" local type_name = "Hysteria2"
local option_prefix = "hysteria_" local option_prefix = "hysteria2_"
local function option_name(name) local function option_name(name)
return option_prefix .. name return option_prefix .. name
end end
-- [[ Hysteria ]] -- [[ Hysteria2 ]]
s.fields["type"]:value(type_name, translate("Hysteria")) s.fields["type"]:value(type_name, "Hysteria2")
o = s:option(Value, option_name("port"), translate("Listen Port")) o = s:option(Value, option_name("port"), translate("Listen Port"))
o.datatype = "port" o.datatype = "port"
o = s:option(ListValue, option_name("protocol"), translate("Protocol"))
o:value("udp", "UDP")
o:value("faketcp", "faketcp")
o:value("wechat-video", "wechat-video")
o = s:option(Value, option_name("obfs"), translate("Obfs Password")) o = s:option(Value, option_name("obfs"), translate("Obfs Password"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(ListValue, option_name("auth_type"), translate("Auth Type"))
o:value("disable", translate("Disable"))
o:value("string", translate("STRING"))
o.rewrite_option = o.option
o = s:option(Value, option_name("auth_password"), translate("Auth Password")) o = s:option(Value, option_name("auth_password"), translate("Auth Password"))
o.password = true o.password = true
o:depends({ [option_name("auth_type")] = "string" })
o.rewrite_option = o.option
o = s:option(Value, option_name("alpn"), translate("QUIC TLS ALPN"))
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Flag, option_name("udp"), translate("UDP")) o = s:option(Flag, option_name("udp"), translate("UDP"))
@ -47,40 +33,19 @@ o.default = "1"
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("up_mbps"), translate("Max upload Mbps")) o = s:option(Value, option_name("up_mbps"), translate("Max upload Mbps"))
o.default = "10" o.default = "100"
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("down_mbps"), translate("Max download Mbps")) o = s:option(Value, option_name("down_mbps"), translate("Max download Mbps"))
o.default = "50" o.default = "100"
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("recv_window_conn"), translate("QUIC stream receive window")) o = s:option(Flag, option_name("ignoreClientBandwidth"), translate("ignoreClientBandwidth"))
o.default = "0"
o.rewrite_option = o.option o.rewrite_option = o.option
o = s:option(Value, option_name("recv_window"), translate("QUIC connection receive window"))
o.rewrite_option = o.option
o = s:option(Flag, option_name("disable_mtu_discovery"), translate("Disable MTU detection"))
o.rewrite_option = o.option
o = s:option(Flag, option_name("tls"), translate("TLS"))
o.default = 0
o.validate = function(self, value, t)
if value then
if value == "1" then
local ca = s.fields[option_name("tls_certificateFile")]:formvalue(t) or ""
local key = s.fields[option_name("tls_keyFile")]:formvalue(t) or ""
if ca == "" or key == "" then
return nil, translate("Public key and Private key path can not be empty!")
end
end
return value
end
end
o = s:option(FileUpload, option_name("tls_certificateFile"), translate("Public key absolute path"), translate("as:") .. "/etc/ssl/fullchain.pem") o = s:option(FileUpload, option_name("tls_certificateFile"), translate("Public key absolute path"), translate("as:") .. "/etc/ssl/fullchain.pem")
o.default = m:get(s.section, "tls_certificateFile") or "/etc/config/ssl/" .. arg[1] .. ".pem" o.default = m:get(s.section, "tls_certificateFile") or "/etc/config/ssl/" .. arg[1] .. ".pem"
o:depends({ [option_name("tls")] = true })
o.validate = function(self, value, t) o.validate = function(self, value, t)
if value and value ~= "" then if value and value ~= "" then
if not nixio.fs.access(value) then if not nixio.fs.access(value) then
@ -94,7 +59,6 @@ end
o = s:option(FileUpload, option_name("tls_keyFile"), translate("Private key absolute path"), translate("as:") .. "/etc/ssl/private.key") o = s:option(FileUpload, option_name("tls_keyFile"), translate("Private key absolute path"), translate("as:") .. "/etc/ssl/private.key")
o.default = m:get(s.section, "tls_keyFile") or "/etc/config/ssl/" .. arg[1] .. ".key" o.default = m:get(s.section, "tls_keyFile") or "/etc/config/ssl/" .. arg[1] .. ".key"
o:depends({ [option_name("tls")] = true })
o.validate = function(self, value, t) o.validate = function(self, value, t)
if value and value ~= "" then if value and value ~= "" then
if not nixio.fs.access(value) then if not nixio.fs.access(value) then

3
luci-app-passwall2/luasrc/passwall2/api.lua
View File

@ -719,6 +719,9 @@ function to_check(arch, app_name)
end end
local remote_version = json.tag_name local remote_version = json.tag_name
if com[app_name].remote_version_str_replace then
remote_version = remote_version:gsub(com[app_name].remote_version_str_replace, "")
end
local has_update = compare_versions(local_version:match("[^v]+"), "<", remote_version:match("[^v]+")) local has_update = compare_versions(local_version:match("[^v]+"), "<", remote_version:match("[^v]+"))
if not has_update then if not has_update then

3
luci-app-passwall2/luasrc/passwall2/com.lua
View File

@ -23,7 +23,8 @@ _M.hysteria = {
name = "Hysteria", name = "Hysteria",
repo = "HyNetwork/hysteria", repo = "HyNetwork/hysteria",
get_url = gh_release_url, get_url = gh_release_url,
cmd_version = "-v | awk '{print $3}'", cmd_version = "version | awk '/^Version:/ {print $2}'",
remote_version_str_replace = "app/",
zipped = false, zipped = false,
default_path = "/usr/bin/hysteria", default_path = "/usr/bin/hysteria",
match_fmt_str = "linux%%-%s$", match_fmt_str = "linux%%-%s$",

4
luci-app-passwall2/luasrc/passwall2/server_app.lua
View File

@ -159,8 +159,8 @@ local function start()
brook_path_arg = " --path " .. brook_path brook_path_arg = " --path " .. brook_path
end end
bin = ln_run(api.get_app_path("brook"), "brook_" .. id, string.format("--debug %s -l :%s -p %s%s", brook_protocol, port, brook_password, brook_path_arg), log_path) bin = ln_run(api.get_app_path("brook"), "brook_" .. id, string.format("--debug %s -l :%s -p %s%s", brook_protocol, port, brook_password, brook_path_arg), log_path)
elseif type == "Hysteria" then elseif type == "Hysteria2" then
config = require(require_dir .. "util_hysteria").gen_config_server(user) config = require(require_dir .. "util_hysteria2").gen_config_server(user)
bin = ln_run(api.get_app_path("hysteria"), "hysteria", "-c " .. config_file .. " server", log_path) bin = ln_run(api.get_app_path("hysteria"), "hysteria", "-c " .. config_file .. " server", log_path)
end end

104
luci-app-passwall2/luasrc/passwall2/util_hysteria.lua
View File

@ -1,104 +0,0 @@
module("luci.passwall2.util_hysteria", package.seeall)
local api = require "luci.passwall2.api"
local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
local config = {
listen = ":" .. node.port,
protocol = node.protocol or "udp",
obfs = node.hysteria_obfs,
cert = node.tls_certificateFile,
key = node.tls_keyFile,
auth = (node.hysteria_auth_type == "string") and {
mode = "password",
config = {
password = node.hysteria_auth_password
}
} or nil,
disable_udp = (node.hysteria_udp == "0") and true or false,
alpn = node.hysteria_alpn or nil,
up_mbps = tonumber(node.hysteria_up_mbps) or 10,
down_mbps = tonumber(node.hysteria_down_mbps) or 50,
recv_window_conn = (node.hysteria_recv_window_conn) and tonumber(node.hysteria_recv_window_conn) or nil,
recv_window = (node.hysteria_recv_window) and tonumber(node.hysteria_recv_window) or nil,
disable_mtu_discovery = (node.hysteria_disable_mtu_discovery) and true or false
}
return config
end
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall2", node_id)
local local_socks_address = var["-local_socks_address"] or "0.0.0.0"
local local_socks_port = var["-local_socks_port"]
local local_socks_username = var["-local_socks_username"]
local local_socks_password = var["-local_socks_password"]
local local_http_address = var["-local_http_address"] or "0.0.0.0"
local local_http_port = var["-local_http_port"]
local local_http_username = var["-local_http_username"]
local local_http_password = var["-local_http_password"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_full(server_host)
end
local server = server_host .. ":" .. server_port
if (node.hysteria_hop) then
server = server .. "," .. node.hysteria_hop
end
local config = {
server = server,
protocol = node.protocol or "udp",
obfs = node.hysteria_obfs,
auth = (node.hysteria_auth_type == "base64") and node.hysteria_auth_password or nil,
auth_str = (node.hysteria_auth_type == "string") and node.hysteria_auth_password or nil,
alpn = node.hysteria_alpn or nil,
server_name = node.tls_serverName,
insecure = (node.tls_allowInsecure == "1") and true or false,
up_mbps = tonumber(node.hysteria_up_mbps) or 10,
down_mbps = tonumber(node.hysteria_down_mbps) or 50,
retry = -1,
retry_interval = 5,
recv_window_conn = (node.hysteria_recv_window_conn) and tonumber(node.hysteria_recv_window_conn) or nil,
recv_window = (node.hysteria_recv_window) and tonumber(node.hysteria_recv_window) or nil,
handshake_timeout = (node.hysteria_handshake_timeout) and tonumber(node.hysteria_handshake_timeout) or nil,
idle_timeout = (node.hysteria_idle_timeout) and tonumber(node.hysteria_idle_timeout) or nil,
hop_interval = (node.hysteria_hop_interval) and tonumber(node.hysteria_hop_interval) or nil,
disable_mtu_discovery = (node.hysteria_disable_mtu_discovery) and true or false,
fast_open = (node.fast_open == "1") and true or false,
lazy_start = (node.hysteria_lazy_start) and true or false,
socks5 = (local_socks_address and local_socks_port) and {
listen = local_socks_address .. ":" .. local_socks_port,
timeout = 300,
disable_udp = false,
user = (local_socks_username and local_socks_password) and local_socks_username,
password = (local_socks_username and local_socks_password) and local_socks_password,
} or nil,
http = (local_http_address and local_http_port) and {
listen = local_http_address .. ":" .. local_http_port,
timeout = 300,
disable_udp = false,
user = (local_http_username and local_http_password) and local_http_username,
password = (local_http_username and local_http_password) and local_http_password,
} or nil
}
return jsonc.stringify(config, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

115
luci-app-passwall2/luasrc/passwall2/util_hysteria2.lua Normal file
View File

@ -0,0 +1,115 @@
module("luci.passwall2.util_hysteria2", package.seeall)
local api = require "luci.passwall2.api"
local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
local config = {
listen = ":" .. node.port,
tls = {
cert = node.tls_certificateFile,
key = node.tls_keyFile,
},
obfs = {
type = "salamander",
salamander = {
password = node.hysteria2_obfs
}
},
auth = {
type = "password",
password = node.hysteria2_auth_password
},
bandwidth = {
up = node.hysteria2_up_mbps and node.hysteria2_up_mbps .. " mbps" or "1 gbps",
down = node.hysteria2_down_mbps and node.hysteria2_down_mbps .. " mbps" or "1 gbps",
},
ignoreClientBandwidth = (node.hysteria2_ignoreClientBandwidth == "1") and true or false,
disable_udp = (node.hysteria2_udp == "0") and true or false,
}
return config
end
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall2", node_id)
local local_socks_address = var["-local_socks_address"] or "0.0.0.0"
local local_socks_port = var["-local_socks_port"]
local local_socks_username = var["-local_socks_username"]
local local_socks_password = var["-local_socks_password"]
local local_http_address = var["-local_http_address"] or "0.0.0.0"
local local_http_port = var["-local_http_port"]
local local_http_username = var["-local_http_username"]
local local_http_password = var["-local_http_password"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_full(server_host)
end
local server = server_host .. ":" .. server_port
if (node.hysteria2_hop) then
server = server .. "," .. node.hysteria2_hop
end
local config = {
server = server,
transport = {
type = node.protocol or "udp",
udp = {
hopInterval = node.hysteria2_hop_interval and node.hysteria2_hop_interval .. "s" or "30s"
}
},
obfs = {
type = "salamander",
salamander = {
password = node.hysteria2_obfs
}
},
auth = node.hysteria2_auth_password,
tls = {
sni = node.tls_serverName,
insecure = (node.tls_allowInsecure == "1") and true or false
},
quic = {
initStreamReceiveWindow = (node.hysteria2_recv_window) and tonumber(node.hysteria2_recv_window) or nil,
initConnReceiveWindow = (node.hysteria2_recv_window_conn) and tonumber(node.hysteria2_recv_window_conn) or nil,
maxIdleTimeout = (node.hysteria2_idle_timeout) and tonumber(node.hysteria2_idle_timeout) or nil,
disablePathMTUDiscovery = (node.hysteria2_disable_mtu_discovery) and true or false,
},
bandwidth = {
up = node.hysteria2_up_mbps and node.hysteria2_up_mbps .. " mbps" or "100 mbps",
down = node.hysteria2_down_mbps and node.hysteria2_down_mbps .. " mbps" or "100 mbps"
},
fast_open = (node.fast_open == "1") and true or false,
lazy = true,
socks5 = (local_socks_address and local_socks_port) and {
listen = local_socks_address .. ":" .. local_socks_port,
username = (local_socks_username and local_socks_password) and local_socks_username or nil,
password = (local_socks_username and local_socks_password) and local_socks_password or nil,
disable_udp = false,
} or nil,
http = (local_http_address and local_http_port) and {
listen = local_http_address .. ":" .. local_http_port,
username = (local_http_username and local_http_password) and local_http_username or nil,
password = (local_http_username and local_http_password) and local_http_password or nil,
disable_udp = false,
} or nil
}
return jsonc.stringify(config, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

113
luci-app-passwall2/luasrc/passwall2/util_sing-box.lua
View File

@ -150,7 +150,7 @@ function gen_outbound(flag, node, tag, proxy_table)
if node.transport == "grpc" then if node.transport == "grpc" then
v2ray_transport = { v2ray_transport = {
type = "grpc", type = "grpc",
serviceName = node.grpc_serviceName, service_name = node.grpc_serviceName,
idle_timeout = tonumber(node.grpc_idle_timeout) or nil, idle_timeout = tonumber(node.grpc_idle_timeout) or nil,
ping_timeout = tonumber(node.grpc_health_check_timeout) or nil, ping_timeout = tonumber(node.grpc_health_check_timeout) or nil,
permit_without_stream = (node.grpc_permit_without_stream == "1") and true or nil, permit_without_stream = (node.grpc_permit_without_stream == "1") and true or nil,
@ -676,14 +676,17 @@ function gen_config(var)
local local_http_username = var["-local_http_username"] local local_http_username = var["-local_http_username"]
local local_http_password = var["-local_http_password"] local local_http_password = var["-local_http_password"]
local dns_listen_port = var["-dns_listen_port"] local dns_listen_port = var["-dns_listen_port"]
local direct_dns_port = var["-direct_dns_port"]
local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_server = var["-direct_dns_udp_server"]
local direct_dns_udp_port = var["-direct_dns_udp_port"]
local direct_dns_query_strategy = var["-direct_dns_query_strategy"] local direct_dns_query_strategy = var["-direct_dns_query_strategy"]
local remote_dns_port = var["-remote_dns_port"]
local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_server = var["-remote_dns_udp_server"]
local remote_dns_udp_port = var["-remote_dns_udp_port"]
local remote_dns_tcp_server = var["-remote_dns_tcp_server"] local remote_dns_tcp_server = var["-remote_dns_tcp_server"]
local remote_dns_tcp_port = var["-remote_dns_tcp_port"]
local remote_dns_doh_url = var["-remote_dns_doh_url"] local remote_dns_doh_url = var["-remote_dns_doh_url"]
local remote_dns_doh_host = var["-remote_dns_doh_host"] local remote_dns_doh_host = var["-remote_dns_doh_host"]
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
local remote_dns_doh_port = var["-remote_dns_doh_port"]
local remote_dns_query_strategy = var["-remote_dns_query_strategy"] local remote_dns_query_strategy = var["-remote_dns_query_strategy"]
local remote_dns_fake = var["-remote_dns_fake"] local remote_dns_fake = var["-remote_dns_fake"]
local dns_cache = var["-dns_cache"] local dns_cache = var["-dns_cache"]
@ -1089,7 +1092,6 @@ function gen_config(var)
fakeip = nil, fakeip = nil,
} }
if true then
local dns_tag = "remote" local dns_tag = "remote"
local domain = {} local domain = {}
@ -1135,18 +1137,17 @@ function gen_config(var)
detour = dns_outTag, detour = dns_outTag,
} }
local rule_server = dns_tag
if remote_dns_udp_server then if remote_dns_udp_server then
local server_port = tonumber(remote_dns_port) or 53 local server_port = tonumber(remote_dns_udp_port) or 53
server.address = "udp://" .. remote_dns_udp_server .. ":" .. server_port server.address = "udp://" .. remote_dns_udp_server .. ":" .. server_port
end end
if remote_dns_tcp_server then if remote_dns_tcp_server then
server.address = remote_dns_tcp_server local server_port = tonumber(remote_dns_tcp_port) or 53
server.address = "tcp://" .. remote_dns_tcp_server .. ":" .. server_port
end end
if remote_dns_doh_url and remote_dns_doh_host then if remote_dns_doh_url then
server.address = remote_dns_doh_url server.address = remote_dns_doh_url
end end
@ -1154,6 +1155,7 @@ function gen_config(var)
table.insert(dns.servers, server) table.insert(dns.servers, server)
end end
local fakedns_tag = dns_tag .. "_fakeip"
if remote_dns_fake then if remote_dns_fake then
dns.fakeip = { dns.fakeip = {
enabled = true, enabled = true,
@ -1161,20 +1163,12 @@ function gen_config(var)
inet6_range = "fc00::/18", inet6_range = "fc00::/18",
} }
local fakedns_tag = dns_tag .. "_fakeip"
if not server.address then
fakedns_tag = dns_tag
end
table.insert(dns.servers, { table.insert(dns.servers, {
tag = fakedns_tag, tag = fakedns_tag,
address = "fakeip", address = "fakeip",
strategy = remote_strategy, strategy = remote_strategy,
}) })
rule_server = fakedns_tag
if tags and tags:find("with_clash_api") then if tags and tags:find("with_clash_api") then
if not experimental then if not experimental then
experimental = {} experimental = {}
@ -1188,9 +1182,14 @@ function gen_config(var)
if remote_rule.domain or remote_rule.domain_suffix or remote_rule.domain_keyword or remote_rule.domain_regex or remote_rule.geosite then if remote_rule.domain or remote_rule.domain_suffix or remote_rule.domain_keyword or remote_rule.domain_regex or remote_rule.geosite then
local rule = api.clone(remote_rule) local rule = api.clone(remote_rule)
rule.server = rule_server rule.server = dns_tag
table.insert(dns.rules, rule) if remote_dns_fake then
rule.query_type = {
"A", "AAAA"
}
rule.server = fakedns_tag
end end
table.insert(dns.rules, rule)
end end
if direct_dns_udp_server then if direct_dns_udp_server then
@ -1221,14 +1220,16 @@ function gen_config(var)
end end
local direct_rule = { local direct_rule = {
server = dns_tag, server = dns_tag,
domain = domain, domain = #domain > 0 and domain or nil,
domain_suffix = #domain_suffix > 0 and domain_suffix or nil, domain_suffix = #domain_suffix > 0 and domain_suffix or nil,
domain_keyword = #domain_keyword > 0 and domain_keyword or nil, domain_keyword = #domain_keyword > 0 and domain_keyword or nil,
domain_regex = #domain_regex > 0 and domain_regex or nil, domain_regex = #domain_regex > 0 and domain_regex or nil,
geosite = #geosite > 0 and geosite or nil, geosite = #geosite > 0 and geosite or nil,
disable_cache = false, disable_cache = false,
} }
if direct_rule.domain or direct_rule.domain_suffix or direct_rule.domain_keyword or direct_rule.domain_regex or direct_rule.geosite then
table.insert(dns.rules, direct_rule) table.insert(dns.rules, direct_rule)
end
local direct_strategy = "prefer_ipv6" local direct_strategy = "prefer_ipv6"
if direct_dns_query_strategy == "UseIPv4" then if direct_dns_query_strategy == "UseIPv4" then
@ -1237,7 +1238,7 @@ function gen_config(var)
direct_strategy = "ipv6_only" direct_strategy = "ipv6_only"
end end
local port = tonumber(direct_dns_port) or 53 local port = tonumber(direct_dns_udp_port) or 53
table.insert(dns.servers, { table.insert(dns.servers, {
tag = dns_tag, tag = dns_tag,
@ -1253,6 +1254,18 @@ function gen_config(var)
address = "rcode://refused", address = "rcode://refused",
}) })
local default_dns_flag = "remote"
if node_id and redir_port then
local node = uci:get_all(appname, node_id)
if node.protocol == "_shunt" then
if node.default_node == "_direct" then
default_dns_flag = "direct"
end
end
else default_dns_flag = "direct"
end
dns.final = default_dns_flag
table.insert(inbounds, { table.insert(inbounds, {
type = "direct", type = "direct",
tag = "dns-in", tag = "dns-in",
@ -1271,18 +1284,6 @@ function gen_config(var)
}, },
outbound = "dns-out" outbound = "dns-out"
}) })
local default_dns_flag = "remote"
if node_id and redir_port then
local node = uci:get_all(appname, node_id)
if node.protocol == "_shunt" then
if node.default_node == "_direct" then
default_dns_flag = "direct"
end
end
else default_dns_flag = "direct"
end
dns.final = default_dns_flag
end end
if inbounds or outbounds then if inbounds or outbounds then
@ -1408,22 +1409,24 @@ function gen_dns_config(var)
local dns_listen_port = var["-dns_listen_port"] local dns_listen_port = var["-dns_listen_port"]
local dns_query_strategy = var["-dns_query_strategy"] local dns_query_strategy = var["-dns_query_strategy"]
local dns_out_tag = var["-dns_out_tag"] local dns_out_tag = var["-dns_out_tag"]
local dns_client_ip = var["-dns_client_ip"]
local direct_dns_server = var["-direct_dns_server"]
local direct_dns_port = var["-direct_dns_port"]
local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_server = var["-direct_dns_udp_server"]
local direct_dns_udp_port = var["-direct_dns_udp_port"]
local direct_dns_tcp_server = var["-direct_dns_tcp_server"] local direct_dns_tcp_server = var["-direct_dns_tcp_server"]
local direct_dns_tcp_port = var["-direct_dns_tcp_port"]
local direct_dns_doh_url = var["-direct_dns_doh_url"] local direct_dns_doh_url = var["-direct_dns_doh_url"]
local direct_dns_doh_host = var["-direct_dns_doh_host"] local direct_dns_doh_host = var["-direct_dns_doh_host"]
local remote_dns_server = var["-remote_dns_server"] local direct_dns_doh_ip = var["-direct_dns_doh_ip"]
local remote_dns_port = var["-remote_dns_port"] local direct_dns_doh_port = var["-direct_dns_doh_port"]
local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_server = var["-remote_dns_udp_server"]
local remote_dns_udp_port = var["-remote_dns_udp_port"]
local remote_dns_tcp_server = var["-remote_dns_tcp_server"] local remote_dns_tcp_server = var["-remote_dns_tcp_server"]
local remote_dns_tcp_port = var["-remote_dns_tcp_port"]
local remote_dns_doh_url = var["-remote_dns_doh_url"] local remote_dns_doh_url = var["-remote_dns_doh_url"]
local remote_dns_doh_host = var["-remote_dns_doh_host"] local remote_dns_doh_host = var["-remote_dns_doh_host"]
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
local remote_dns_doh_port = var["-remote_dns_doh_port"]
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"] local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"] local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
local remote_dns_fake = var["-remote_dns_fake"]
local dns_cache = var["-dns_cache"] local dns_cache = var["-dns_cache"]
local log = var["-log"] or "0" local log = var["-log"] or "0"
local loglevel = var["-loglevel"] or "warn" local loglevel = var["-loglevel"] or "warn"
@ -1446,7 +1449,6 @@ function gen_dns_config(var)
disable_expire = false, --禁用 DNS 缓存过期。 disable_expire = false, --禁用 DNS 缓存过期。
independent_cache = false, --使每个 DNS 服务器的缓存独立,以满足特殊目的。如果启用,将轻微降低性能。 independent_cache = false, --使每个 DNS 服务器的缓存独立,以满足特殊目的。如果启用,将轻微降低性能。
reverse_mapping = true, --在响应 DNS 查询后存储 IP 地址的反向映射以为路由目的提供域名。 reverse_mapping = true, --在响应 DNS 查询后存储 IP 地址的反向映射以为路由目的提供域名。
fakeip = nil,
} }
if dns_out_tag == "remote" then if dns_out_tag == "remote" then
@ -1457,25 +1459,17 @@ function gen_dns_config(var)
detour = "remote-out", detour = "remote-out",
} }
if remote_dns_fake then
server.address = "fakeip"
dns.fakeip = {
enabled = true,
inet4_range = "198.18.0.0/16",
inet6_range = "fc00::/18",
}
end
if remote_dns_udp_server then if remote_dns_udp_server then
local server_port = tonumber(remote_dns_port) or 53 local server_port = tonumber(remote_dns_udp_port) or 53
server.address = "udp://" .. remote_dns_udp_server .. ":" .. server_port server.address = "udp://" .. remote_dns_udp_server .. ":" .. server_port
end end
if remote_dns_tcp_server then if remote_dns_tcp_server then
server.address = remote_dns_tcp_server local server_port = tonumber(remote_dns_tcp_port) or 53
server.address = "tcp://" .. remote_dns_tcp_server .. ":" .. server_port
end end
if remote_dns_doh_url and remote_dns_doh_host then if remote_dns_doh_url then
server.address = remote_dns_doh_url server.address = remote_dns_doh_url
end end
@ -1488,10 +1482,8 @@ function gen_dns_config(var)
server_port = tonumber(remote_dns_outbound_socks_port), server_port = tonumber(remote_dns_outbound_socks_port),
}) })
table.insert(route.rules, { route.final = "remote-out"
network = {"tcp", "udp"},
outbound = "remote-out"
})
elseif dns_out_tag == "direct" then elseif dns_out_tag == "direct" then
local server = { local server = {
tag = dns_out_tag, tag = dns_out_tag,
@ -1501,17 +1493,16 @@ function gen_dns_config(var)
} }
if direct_dns_udp_server then if direct_dns_udp_server then
local server_port = tonumber(direct_dns_port) or 53 local server_port = tonumber(direct_dns_udp_port) or 53
server.address = "udp://" .. direct_dns_udp_server .. ":" .. server_port server.address = "udp://" .. direct_dns_udp_server .. ":" .. server_port
end end
if direct_dns_tcp_server then if direct_dns_tcp_server then
local server_port = tonumber(direct_dns_port) or 53 local server_port = tonumber(direct_dns_tcp_port) or 53
server.address = direct_dns_tcp_server .. ":" .. server_port server.address = "tcp://" .. direct_dns_tcp_server .. ":" .. server_port
end end
if direct_dns_doh_url and direct_dns_doh_host then if direct_dns_doh_url then
local server_port = tonumber(direct_dns_port) or 443
server.address = direct_dns_doh_url server.address = direct_dns_doh_url
end end

114
luci-app-passwall2/luasrc/passwall2/util_xray.lua
View File

@ -521,10 +521,10 @@ function gen_config(var)
local local_http_password = var["-local_http_password"] local local_http_password = var["-local_http_password"]
local dns_listen_port = var["-dns_listen_port"] local dns_listen_port = var["-dns_listen_port"]
local dns_query_strategy = var["-dns_query_strategy"] local dns_query_strategy = var["-dns_query_strategy"]
local direct_dns_port = var["-direct_dns_port"]
local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_server = var["-direct_dns_udp_server"]
local remote_dns_port = var["-remote_dns_port"] local direct_dns_udp_port = var["-direct_dns_udp_port"]
local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_server = var["-remote_dns_udp_server"]
local remote_dns_udp_port = var["-remote_dns_udp_port"]
local remote_dns_fake = var["-remote_dns_fake"] local remote_dns_fake = var["-remote_dns_fake"]
local remote_dns_fake_strategy = var["-remote_dns_fake_strategy"] local remote_dns_fake_strategy = var["-remote_dns_fake_strategy"]
local dns_cache = var["-dns_cache"] local dns_cache = var["-dns_cache"]
@ -1034,12 +1034,11 @@ function gen_config(var)
end) end)
end end
if true then
if remote_dns_udp_server then if remote_dns_udp_server then
local _remote_dns = { local _remote_dns = {
_flag = "remote", _flag = "remote",
address = remote_dns_udp_server, address = remote_dns_udp_server,
port = tonumber(remote_dns_port) or 53 port = tonumber(remote_dns_udp_port) or 53
} }
if not remote_dns_fake then if not remote_dns_fake then
_remote_dns.domains = #dns_remote_domains > 0 and dns_remote_domains or nil _remote_dns.domains = #dns_remote_domains > 0 and dns_remote_domains or nil
@ -1053,7 +1052,7 @@ function gen_config(var)
ip = { ip = {
remote_dns_udp_server remote_dns_udp_server
}, },
port = tonumber(remote_dns_port) or 53, port = tonumber(remote_dns_udp_port) or 53,
network = "udp", network = "udp",
outboundTag = "direct" outboundTag = "direct"
}) })
@ -1084,7 +1083,6 @@ function gen_config(var)
} }
table.insert(dns.servers, _remote_dns) table.insert(dns.servers, _remote_dns)
end end
end
if true then if true then
local nodes_domain_text = sys.exec('uci show passwall2 | grep ".address=" | cut -d "\'" -f 2 | grep "[a-zA-Z]$" | sort -u') local nodes_domain_text = sys.exec('uci show passwall2 | grep ".address=" | cut -d "\'" -f 2 | grep "[a-zA-Z]$" | sort -u')
@ -1100,13 +1098,13 @@ function gen_config(var)
if direct_dns_udp_server then if direct_dns_udp_server then
_direct_dns.address = direct_dns_udp_server _direct_dns.address = direct_dns_udp_server
_direct_dns.port = tonumber(direct_dns_port) or 53 _direct_dns.port = tonumber(direct_dns_udp_port) or 53
table.insert(routing.rules, 1, { table.insert(routing.rules, 1, {
type = "field", type = "field",
ip = { ip = {
direct_dns_udp_server direct_dns_udp_server
}, },
port = tonumber(direct_dns_port) or 53, port = tonumber(direct_dns_udp_port) or 53,
network = "udp", network = "udp",
outboundTag = "direct" outboundTag = "direct"
}) })
@ -1130,8 +1128,9 @@ function gen_config(var)
local direct_type_dns = { local direct_type_dns = {
settings = { settings = {
address = direct_dns_udp_server, address = direct_dns_udp_server,
port = tonumber(direct_dns_port) or 53, port = tonumber(direct_dns_udp_port) or 53,
network = "udp" network = "udp",
nonIPQuery = "skip"
}, },
proxySettings = { proxySettings = {
tag = "direct" tag = "direct"
@ -1140,20 +1139,14 @@ function gen_config(var)
local remote_type_dns = { local remote_type_dns = {
settings = { settings = {
address = remote_dns_udp_server, address = remote_dns_udp_server,
port = tonumber(remote_dns_port) or 53, port = tonumber(remote_dns_udp_port) or 53,
network = _remote_dns_proto or "tcp" network = _remote_dns_proto or "tcp",
nonIPQuery = "skip"
}, },
proxySettings = { proxySettings = {
tag = "direct" tag = "direct"
} }
} }
local custom_type_dns = {
settings = {
address = "1.1.1.1",
port = 53,
network = "tcp",
}
}
local type_dns = remote_type_dns local type_dns = remote_type_dns
table.insert(outbounds, { table.insert(outbounds, {
tag = "dns-out", tag = "dns-out",
@ -1400,28 +1393,30 @@ function gen_dns_config(var)
local dns_query_strategy = var["-dns_query_strategy"] local dns_query_strategy = var["-dns_query_strategy"]
local dns_out_tag = var["-dns_out_tag"] local dns_out_tag = var["-dns_out_tag"]
local dns_client_ip = var["-dns_client_ip"] local dns_client_ip = var["-dns_client_ip"]
local direct_dns_server = var["-direct_dns_server"]
local direct_dns_port = var["-direct_dns_port"]
local direct_dns_udp_server = var["-direct_dns_udp_server"] local direct_dns_udp_server = var["-direct_dns_udp_server"]
local direct_dns_udp_port = var["-direct_dns_udp_port"]
local direct_dns_tcp_server = var["-direct_dns_tcp_server"] local direct_dns_tcp_server = var["-direct_dns_tcp_server"]
local direct_dns_tcp_port = var["-direct_dns_tcp_port"]
local direct_dns_doh_url = var["-direct_dns_doh_url"] local direct_dns_doh_url = var["-direct_dns_doh_url"]
local direct_dns_doh_host = var["-direct_dns_doh_host"] local direct_dns_doh_host = var["-direct_dns_doh_host"]
local remote_dns_server = var["-remote_dns_server"] local direct_dns_doh_ip = var["-direct_dns_doh_ip"]
local remote_dns_port = var["-remote_dns_port"] local direct_dns_doh_port = var["-direct_dns_doh_port"]
local remote_dns_udp_server = var["-remote_dns_udp_server"] local remote_dns_udp_server = var["-remote_dns_udp_server"]
local remote_dns_udp_port = var["-remote_dns_udp_port"]
local remote_dns_tcp_server = var["-remote_dns_tcp_server"] local remote_dns_tcp_server = var["-remote_dns_tcp_server"]
local remote_dns_tcp_port = var["-remote_dns_tcp_port"]
local remote_dns_doh_url = var["-remote_dns_doh_url"] local remote_dns_doh_url = var["-remote_dns_doh_url"]
local remote_dns_doh_host = var["-remote_dns_doh_host"] local remote_dns_doh_host = var["-remote_dns_doh_host"]
local remote_dns_doh_ip = var["-remote_dns_doh_ip"]
local remote_dns_doh_port = var["-remote_dns_doh_port"]
local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"] local remote_dns_outbound_socks_address = var["-remote_dns_outbound_socks_address"]
local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"] local remote_dns_outbound_socks_port = var["-remote_dns_outbound_socks_port"]
local remote_dns_fake = var["-remote_dns_fake"]
local dns_cache = var["-dns_cache"] local dns_cache = var["-dns_cache"]
local loglevel = var["-loglevel"] or "warning" local loglevel = var["-loglevel"] or "warning"
local inbounds = {} local inbounds = {}
local outbounds = {} local outbounds = {}
local dns = nil local dns = nil
local fakedns = nil
local routing = nil local routing = nil
if dns_listen_port then if dns_listen_port then
@ -1448,45 +1443,30 @@ function gen_dns_config(var)
_flag = "remote" _flag = "remote"
} }
if remote_dns_fake then
remote_dns_server = "1.1.1.1"
fakedns = {}
fakedns[#fakedns + 1] = {
ipPool = "198.18.0.0/16",
poolSize = 65535
}
if dns_query_strategy == "UseIP" then
fakedns[#fakedns + 1] = {
ipPool = "fc00::/18",
poolSize = 65535
}
end
_remote_dns.address = "fakedns"
end
other_type_dns_port = tonumber(remote_dns_port) or 53
other_type_dns_server = remote_dns_server
if remote_dns_udp_server then if remote_dns_udp_server then
_remote_dns.address = remote_dns_udp_server _remote_dns.address = remote_dns_udp_server
_remote_dns.port = tonumber(remote_dns_port) or 53 _remote_dns.port = tonumber(remote_dns_udp_port) or 53
other_type_dns_proto = "udp" other_type_dns_proto = "udp"
other_type_dns_server = remote_dns_udp_server
other_type_dns_port = _remote_dns.port
end end
if remote_dns_tcp_server then if remote_dns_tcp_server then
_remote_dns.address = remote_dns_tcp_server _remote_dns.address = "tcp://" .. remote_dns_tcp_server
_remote_dns.port = tonumber(remote_dns_port) or 53 _remote_dns.port = tonumber(remote_dns_tcp_port) or 53
other_type_dns_proto = "tcp" other_type_dns_proto = "tcp"
other_type_dns_server = remote_dns_tcp_server
other_type_dns_port = _remote_dns.port
end end
if remote_dns_doh_url and remote_dns_doh_host then if remote_dns_doh_url and remote_dns_doh_host then
if remote_dns_server and remote_dns_doh_host ~= remote_dns_server and not api.is_ip(remote_dns_doh_host) then if remote_dns_doh_ip and remote_dns_doh_host ~= remote_dns_doh_ip and not api.is_ip(remote_dns_doh_host) then
dns.hosts[remote_dns_doh_host] = remote_dns_server dns.hosts[remote_dns_doh_host] = remote_dns_doh_ip
end end
_remote_dns.address = remote_dns_doh_url _remote_dns.address = remote_dns_doh_url
_remote_dns.port = tonumber(remote_dns_port) or 443 _remote_dns.port = tonumber(remote_dns_doh_port) or 443
other_type_dns_proto = "tcp"
other_type_dns_port = 53
end end
table.insert(dns.servers, _remote_dns) table.insert(dns.servers, _remote_dns)
@ -1511,43 +1491,39 @@ function gen_dns_config(var)
_flag = "direct" _flag = "direct"
} }
other_type_dns_proto = tonumber(direct_dns_port) or 53
other_type_dns_server = direct_dns_server
if direct_dns_udp_server then if direct_dns_udp_server then
_direct_dns.address = direct_dns_udp_server _direct_dns.address = direct_dns_udp_server
_direct_dns.port = tonumber(direct_dns_port) or 53 _direct_dns.port = tonumber(direct_dns_udp_port) or 53
table.insert(routing.rules, 1, { table.insert(routing.rules, 1, {
type = "field", type = "field",
ip = { ip = {
direct_dns_udp_server direct_dns_udp_server
}, },
port = tonumber(direct_dns_port) or 53, port = tonumber(direct_dns_udp_port) or 53,
network = "udp", network = "udp",
outboundTag = "direct" outboundTag = "direct"
}) })
end
if direct_dns_udp_server then
_direct_dns.address = direct_dns_udp_server
_direct_dns.port = tonumber(direct_dns_port) or 53
other_type_dns_proto = "udp" other_type_dns_proto = "udp"
other_type_dns_server = direct_dns_udp_server
other_type_dns_port = _direct_dns.port
end end
if direct_dns_tcp_server then if direct_dns_tcp_server then
_direct_dns.address = direct_dns_tcp_server:gsub("tcp://", "tcp+local://") _direct_dns.address = "tcp+local://" .. direct_dns_tcp_server
_direct_dns.port = tonumber(direct_dns_port) or 53 _direct_dns.port = tonumber(direct_dns_tcp_port) or 53
other_type_dns_proto = "tcp" other_type_dns_proto = "tcp"
other_type_dns_server = direct_dns_tcp_server
other_type_dns_port = _direct_dns.port
end end
if direct_dns_doh_url and direct_dns_doh_host then if direct_dns_doh_url and direct_dns_doh_host then
if direct_dns_server and direct_dns_doh_host ~= direct_dns_server and not api.is_ip(direct_dns_doh_host) then if direct_dns_doh_ip and direct_dns_doh_host ~= direct_dns_doh_ip and not api.is_ip(direct_dns_doh_host) then
dns.hosts[direct_dns_doh_host] = direct_dns_server dns.hosts[direct_dns_doh_host] = direct_dns_doh_ip
end end
_direct_dns.address = direct_dns_doh_url:gsub("https://", "https+local://") _direct_dns.address = direct_dns_doh_url:gsub("https://", "https+local://")
_direct_dns.port = tonumber(direct_dns_port) or 443 _direct_dns.port = tonumber(direct_dns_doh_port) or 443
other_type_dns_proto = "tcp"
other_type_dns_port = 53
end end
table.insert(dns.servers, _direct_dns) table.insert(dns.servers, _direct_dns)
@ -1597,6 +1573,7 @@ function gen_dns_config(var)
address = other_type_dns_server or "1.1.1.1", address = other_type_dns_server or "1.1.1.1",
port = other_type_dns_port or 53, port = other_type_dns_port or 53,
network = other_type_dns_proto or "tcp", network = other_type_dns_proto or "tcp",
nonIPQuery = "skip"
} }
}) })
@ -1625,7 +1602,6 @@ function gen_dns_config(var)
}, },
-- DNS -- DNS
dns = dns, dns = dns,
fakedns = fakedns,
-- 传入连接 -- 传入连接
inbounds = inbounds, inbounds = inbounds,
-- 传出连接 -- 传出连接

34
luci-app-passwall2/luasrc/view/passwall2/node_list/link_share_man.htm
View File

@ -139,9 +139,9 @@ local api = require "luci.passwall2.api"
} else if (v_type === "Brook") { } else if (v_type === "Brook") {
dom_prefix = "brook_" dom_prefix = "brook_"
protocol = "brook" protocol = "brook"
} else if (v_type === "Hysteria") { } else if (v_type === "Hysteria2") {
dom_prefix = "hysteria_" dom_prefix = "hysteria2_"
protocol = "hysteria" protocol = "hysteria2"
} else if (v_type === "Xray") { } else if (v_type === "Xray") {
dom_prefix = "xray_" dom_prefix = "xray_"
} else if (v_type === "sing-box") { } else if (v_type === "sing-box") {
@ -390,17 +390,14 @@ local api = require "luci.passwall2.api"
} }
url += url_protocol; url += url_protocol;
url += params; url += params;
} else if (v_type === "Hysteria") { } else if (v_type === "Hysteria2") {
var v_port = opt.get(dom_prefix + "port"); var v_port = opt.get(dom_prefix + "port");
var params = ""; var params = "";
params += opt.query("protocol", dom_prefix + "protocol");
params += opt.query("auth", dom_prefix + "auth_password"); params += opt.query("auth", dom_prefix + "auth_password");
params += opt.query("peer", dom_prefix + "tls_serverName"); params += opt.query("sni", dom_prefix + "tls_serverName");
params += opt.query("insecure", dom_prefix + "tls_allowInsecure"); params += opt.query("insecure", dom_prefix + "tls_allowInsecure");
params += opt.query("upmbps", dom_prefix + "up_mbps", 1000); params += opt.query("obfs", "salamander");
params += opt.query("downmbps", dom_prefix + "down_mbps", 1000); params += opt.query("obfs-password", dom_prefix + "obfs");
params += opt.query("alpn", dom_prefix + "alpn");
params += opt.query("obfsParam", dom_prefix + "obfs");
var url = var url =
_address + ":" + _address + ":" +
v_port.value + "?" + v_port.value + "?" +
@ -875,9 +872,9 @@ local api = require "luci.passwall2.api"
opt.set('remarks', decodeURI(m.hash.substr(1))); opt.set('remarks', decodeURI(m.hash.substr(1)));
} }
} }
if (ssu[0] === "hysteria") { if (ssu[0] === "hysteria2") {
dom_prefix = "hysteria_" dom_prefix = "hysteria2_"
var stype = "Hysteria"; var stype = "Hysteria2";
var m = parseNodeUrl(ssrurl); var m = parseNodeUrl(ssrurl);
var queryParam = {}; var queryParam = {};
if (m.search.length > 1) { if (m.search.length > 1) {
@ -893,17 +890,12 @@ local api = require "luci.passwall2.api"
opt.set('type', stype); opt.set('type', stype);
opt.set(dom_prefix + 'address', m.hostname); opt.set(dom_prefix + 'address', m.hostname);
opt.set(dom_prefix + 'port', m.port || "443"); opt.set(dom_prefix + 'port', m.port || "443");
opt.set(dom_prefix + 'protocol', queryParam.protocol); opt.set(dom_prefix + 'obfs', queryParam["obfs-password"]);
opt.set(dom_prefix + 'obfs', queryParam.obfsParam); opt.set(dom_prefix + 'auth', queryParam.auth);
opt.set(dom_prefix + 'auth_type', "string"); opt.set(dom_prefix + 'tls_serverName', queryParam.sni);
opt.set(dom_prefix + 'auth_password', queryParam.auth);
opt.set(dom_prefix + 'tls_serverName', queryParam.peer);
if (queryParam.insecure && queryParam.insecure == "1") { if (queryParam.insecure && queryParam.insecure == "1") {
opt.set(dom_prefix + 'tls_allowInsecure', true); opt.set(dom_prefix + 'tls_allowInsecure', true);
} }
opt.set(dom_prefix + 'alpn', queryParam.alpn);
opt.set(dom_prefix + 'up_mbps', queryParam.upmbps);
opt.set(dom_prefix + 'down_mbps', queryParam.downmbps);
if (m.hash) { if (m.hash) {
opt.set('remarks', decodeURI(m.hash.substr(1))); opt.set('remarks', decodeURI(m.hash.substr(1)));
} }

3
luci-app-passwall2/po/zh-cn/passwall2.po
View File

@ -478,6 +478,9 @@ msgstr "QUIC 并发双向流的最大数量"
msgid "Disable MTU detection" msgid "Disable MTU detection"
msgstr "禁用 MTU 检测" msgstr "禁用 MTU 检测"
msgid "ignoreClientBandwidth"
msgstr "忽略客户端带宽设置"
msgid "Lazy Start" msgid "Lazy Start"
msgstr "延迟启动" msgstr "延迟启动"

42
luci-app-passwall2/root/usr/share/passwall2/app.sh
View File

@ -31,7 +31,7 @@ UTIL_SINGBOX=$LUA_UTIL_PATH/util_sing-box.lua
UTIL_SS=$LUA_UTIL_PATH/util_shadowsocks.lua UTIL_SS=$LUA_UTIL_PATH/util_shadowsocks.lua
UTIL_XRAY=$LUA_UTIL_PATH/util_xray.lua UTIL_XRAY=$LUA_UTIL_PATH/util_xray.lua
UTIL_NAIVE=$LUA_UTIL_PATH/util_naiveproxy.lua UTIL_NAIVE=$LUA_UTIL_PATH/util_naiveproxy.lua
UTIL_HYSTERIA=$LUA_UTIL_PATH/util_hysteria.lua UTIL_HYSTERIA2=$LUA_UTIL_PATH/util_hysteria2.lua
UTIL_TUIC=$LUA_UTIL_PATH/util_tuic.lua UTIL_TUIC=$LUA_UTIL_PATH/util_tuic.lua
V2RAY_ARGS="" V2RAY_ARGS=""
V2RAY_CONFIG="" V2RAY_CONFIG=""
@ -332,7 +332,7 @@ run_xray() {
local _dns=$(get_first_dns direct_dns_udp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns direct_dns_udp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -direct_dns_server ${_dns_address} -direct_dns_port ${_dns_port} -direct_dns_udp_server ${_dns_address}" V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -direct_dns_udp_port ${_dns_port} -direct_dns_udp_server ${_dns_address}"
;; ;;
esac esac
[ -n "$direct_dns_query_strategy" ] && V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -dns_query_strategy ${direct_dns_query_strategy}" [ -n "$direct_dns_query_strategy" ] && V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -dns_query_strategy ${direct_dns_query_strategy}"
@ -366,13 +366,13 @@ run_xray() {
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_udp_server ${_dns_address}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_udp_port ${_dns_port} -remote_dns_udp_server ${_dns_address}"
;; ;;
tcp) tcp)
local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_tcp_server tcp://${_dns}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_tcp_port ${_dns_port} -remote_dns_tcp_server ${_dns_address}"
;; ;;
doh) doh)
local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}') local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}')
@ -384,8 +384,8 @@ run_xray() {
[ -z "${_doh_port}" ] && _doh_port=443 [ -z "${_doh_port}" ] && _doh_port=443
local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-) local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-)
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host} [ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
[ -n "$_doh_bootstrap" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_doh_bootstrap}" [ -n "$_doh_bootstrap" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_ip ${_doh_bootstrap}"
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
;; ;;
esac esac
@ -399,8 +399,8 @@ run_xray() {
[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}" [ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
[ -n "$dns_cache" ] && _extra_param="${_extra_param} -dns_cache ${dns_cache}" [ -n "$dns_cache" ] && _extra_param="${_extra_param} -dns_cache ${dns_cache}"
_extra_param="${_extra_param} -dns_query_strategy UseIP" _extra_param="${_extra_param} -dns_query_strategy UseIP"
_extra_param="${_extra_param} -direct_dns_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1" _extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1"
_extra_param="${_extra_param} -remote_dns_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1" _extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1"
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1 -remote_dns_fake_strategy ${remote_dns_query_strategy}" [ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1 -remote_dns_fake_strategy ${remote_dns_query_strategy}"
} }
@ -455,7 +455,7 @@ run_singbox() {
local _dns=$(get_first_dns direct_dns_udp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns direct_dns_udp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -direct_dns_server ${_dns_address} -direct_dns_port ${_dns_port} -direct_dns_udp_server ${_dns_address}" V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -direct_dns_udp_port ${_dns_port} -direct_dns_udp_server ${_dns_address}"
;; ;;
esac esac
[ -n "$direct_dns_query_strategy" ] && V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -dns_query_strategy ${direct_dns_query_strategy}" [ -n "$direct_dns_query_strategy" ] && V2RAY_DNS_DIRECT_ARGS="${V2RAY_DNS_DIRECT_ARGS} -dns_query_strategy ${direct_dns_query_strategy}"
@ -478,7 +478,7 @@ run_singbox() {
fi fi
run_ipset_dnsmasq listen_port=${direct_dnsmasq_listen_port} server_dns=127.0.0.1#${dns_direct_listen_port} ipset="${direct_ipset}" nftset="${direct_nftset}" config_file=${direct_ipset_conf} run_ipset_dnsmasq listen_port=${direct_dnsmasq_listen_port} server_dns=127.0.0.1#${dns_direct_listen_port} ipset="${direct_ipset}" nftset="${direct_nftset}" config_file=${direct_ipset_conf}
_extra_param="${_extra_param} -direct_dns_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1 -direct_dns_query_strategy ${direct_dns_query_strategy}" _extra_param="${_extra_param} -direct_dns_udp_port ${direct_dnsmasq_listen_port} -direct_dns_udp_server 127.0.0.1 -direct_dns_query_strategy ${direct_dns_query_strategy}"
:<<eof :<<eof
V2RAY_DNS_REMOTE_ARGS="-dns_out_tag remote" V2RAY_DNS_REMOTE_ARGS="-dns_out_tag remote"
@ -492,13 +492,13 @@ run_singbox() {
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_udp_server ${_dns_address}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_udp_port ${_dns_port} -remote_dns_udp_server ${_dns_address}"
;; ;;
tcp) tcp)
local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_tcp_server tcp://${_dns}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_tcp_port ${_dns_port} -remote_dns_tcp_server ${_dns_address}"
;; ;;
doh) doh)
local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}') local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}')
@ -510,8 +510,8 @@ run_singbox() {
[ -z "${_doh_port}" ] && _doh_port=443 [ -z "${_doh_port}" ] && _doh_port=443
local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-) local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-)
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host} [ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
[ -n "$_doh_bootstrap" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_server ${_doh_bootstrap}" [ -n "$_doh_bootstrap" ] && V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_ip ${_doh_bootstrap}"
V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}" V2RAY_DNS_REMOTE_ARGS="${V2RAY_DNS_REMOTE_ARGS} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
;; ;;
esac esac
@ -522,7 +522,7 @@ run_singbox() {
lua $UTIL_SINGBOX gen_dns_config ${V2RAY_DNS_REMOTE_ARGS} > $V2RAY_DNS_REMOTE_CONFIG lua $UTIL_SINGBOX gen_dns_config ${V2RAY_DNS_REMOTE_ARGS} > $V2RAY_DNS_REMOTE_CONFIG
ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "/dev/null" run -c "$V2RAY_DNS_REMOTE_CONFIG" ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "/dev/null" run -c "$V2RAY_DNS_REMOTE_CONFIG"
_extra_param="${_extra_param} -remote_dns_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1" _extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1"
eof eof
case "$remote_dns_protocol" in case "$remote_dns_protocol" in
@ -530,13 +530,13 @@ eof
local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_udp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
_extra_param="${_extra_param} -remote_dns_port ${_dns_port} -remote_dns_udp_server ${_dns_address}" _extra_param="${_extra_param} -remote_dns_udp_port ${_dns_port} -remote_dns_udp_server ${_dns_address}"
;; ;;
tcp) tcp)
local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g') local _dns=$(get_first_dns remote_dns_tcp_server 53 | sed 's/#/:/g')
local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}') local _dns_address=$(echo ${_dns} | awk -F ':' '{print $1}')
local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}') local _dns_port=$(echo ${_dns} | awk -F ':' '{print $2}')
_extra_param="${_extra_param} -remote_dns_server ${_dns_address} -remote_dns_port ${_dns_port} -remote_dns_tcp_server tcp://${_dns}" _extra_param="${_extra_param} -remote_dns_tcp_port ${_dns_port} -remote_dns_tcp_server ${_dns_address}"
;; ;;
doh) doh)
local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}') local _doh_url=$(echo $remote_dns_doh | awk -F ',' '{print $1}')
@ -548,8 +548,8 @@ eof
[ -z "${_doh_port}" ] && _doh_port=443 [ -z "${_doh_port}" ] && _doh_port=443
local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-) local _doh_bootstrap=$(echo $remote_dns_doh | cut -d ',' -sf 2-)
[ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host} [ "${is_ip}" = "true" ] && _doh_bootstrap=${_doh_host}
[ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -remote_dns_server ${_doh_bootstrap}" [ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -remote_dns_doh_ip ${_doh_bootstrap}"
_extra_param="${_extra_param} -remote_dns_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}" _extra_param="${_extra_param} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
;; ;;
esac esac
@ -664,13 +664,13 @@ run_socks() {
lua $UTIL_SS gen_config -node $node -local_socks_port $socks_port -server_host $server_host -server_port $port ${_extra_param} > $config_file lua $UTIL_SS gen_config -node $node -local_socks_port $socks_port -server_host $server_host -server_port $port ${_extra_param} > $config_file
ln_run "$(first_type sslocal)" "sslocal" $log_file -c "$config_file" -v ln_run "$(first_type sslocal)" "sslocal" $log_file -c "$config_file" -v
;; ;;
hysteria) hysteria2)
[ "$http_port" != "0" ] && { [ "$http_port" != "0" ] && {
http_flag=1 http_flag=1
config_file=$(echo $config_file | sed "s/SOCKS/HTTP_SOCKS/g") config_file=$(echo $config_file | sed "s/SOCKS/HTTP_SOCKS/g")
local _extra_param="-local_http_port $http_port" local _extra_param="-local_http_port $http_port"
} }
lua $UTIL_HYSTERIA gen_config -node $node -local_socks_port $socks_port -server_host $server_host -server_port $port ${_extra_param} > $config_file lua $UTIL_HYSTERIA2 gen_config -node $node -local_socks_port $socks_port -server_host $server_host -server_port $port ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app hysteria_file))" "hysteria" $log_file -c "$config_file" client ln_run "$(first_type $(config_t_get global_app hysteria_file))" "hysteria" $log_file -c "$config_file" client
;; ;;
tuic) tuic)

8
luci-app-passwall2/root/usr/share/passwall2/iptables.sh
View File

@ -249,8 +249,7 @@ load_acl() {
msg2="${msg2}(REDIRECT:${redir_port})代理" msg2="${msg2}(REDIRECT:${redir_port})代理"
fi fi
$ipt_n -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist) ! -d $FAKE_IP -j RETURN $ipt_tmp -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist) ! -d $FAKE_IP -j RETURN
$ipt_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist) ! -d $FAKE_IP -j RETURN
[ "$accept_icmp" = "1" ] && { [ "$accept_icmp" = "1" ] && {
$ipt_n -A PSW2 $(comment "$remarks") -p icmp ${_ipt_source} -d $FAKE_IP $(REDIRECT) $ipt_n -A PSW2 $(comment "$remarks") -p icmp ${_ipt_source} -d $FAKE_IP $(REDIRECT)
@ -278,7 +277,6 @@ load_acl() {
$ipt_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(REDIRECT $redir_port TPROXY) $ipt_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(REDIRECT $redir_port TPROXY)
fi fi
[ "$PROXY_IPV6" == "1" ] && { [ "$PROXY_IPV6" == "1" ] && {
$ip6t_n -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist6) ! -d $FAKE_IP_6 -j RETURN
$ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist6) ! -d $FAKE_IP_6 -j RETURN $ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(dst $ipset_whitelist6) ! -d $FAKE_IP_6 -j RETURN
$ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} -d $FAKE_IP_6 -j PSW2_RULE 2>/dev/null $ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} -d $FAKE_IP_6 -j PSW2_RULE 2>/dev/null
$ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") -j PSW2_RULE 2>/dev/null $ip6t_m -A PSW2 $(comment "$remarks") -p tcp ${_ipt_source} $(factor $tcp_redir_ports "-m multiport --dport") -j PSW2_RULE 2>/dev/null
@ -350,8 +348,7 @@ load_acl() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的" [ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的"
msg="${msg}所有端口" msg="${msg}所有端口"
$ipt_n -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist) ! -d $FAKE_IP -j RETURN $ipt_tmp -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist) ! -d $FAKE_IP -j RETURN
$ipt_m -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist) ! -d $FAKE_IP -j RETURN
[ "$accept_icmp" = "1" ] && { [ "$accept_icmp" = "1" ] && {
$ipt_n -A PSW2 $(comment "默认") -p icmp -d $FAKE_IP $(REDIRECT) $ipt_n -A PSW2 $(comment "默认") -p icmp -d $FAKE_IP $(REDIRECT)
@ -373,7 +370,6 @@ load_acl() {
fi fi
[ "$PROXY_IPV6" == "1" ] && { [ "$PROXY_IPV6" == "1" ] && {
$ip6t_n -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist6) ! -d $FAKE_IP_6 -j RETURN
$ip6t_m -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist6) ! -d $FAKE_IP_6 -j RETURN $ip6t_m -A PSW2 $(comment "默认") -p tcp $(dst $ipset_global_whitelist6) ! -d $FAKE_IP_6 -j RETURN
$ip6t_m -A PSW2 $(comment "默认") -p tcp -d $FAKE_IP_6 -j PSW2_RULE $ip6t_m -A PSW2 $(comment "默认") -p tcp -d $FAKE_IP_6 -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE $ip6t_m -A PSW2 $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE

8
luci-app-passwall2/root/usr/share/passwall2/nftables.sh
View File

@ -271,8 +271,8 @@ load_acl() {
msg2="${msg2}(REDIRECT:${redir_port})代理" msg2="${msg2}(REDIRECT:${redir_port})代理"
fi fi
nft "add rule inet fw4 PSW2_NAT ip protocol tcp ${_ipt_source} ip daddr @$nftset_whitelist counter return comment \"$remarks\"" [ -z "${is_tproxy}" ] && nft "add rule inet fw4 PSW2_NAT ip protocol tcp ${_ipt_source} ip daddr @$nftset_whitelist counter return comment \"$remarks\""
nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp ${_ipt_source} ip daddr @$nftset_whitelist counter return comment \"$remarks\"" [ -n "${is_tproxy}" ] && nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp ${_ipt_source} ip daddr @$nftset_whitelist counter return comment \"$remarks\""
[ "$accept_icmp" = "1" ] && { [ "$accept_icmp" = "1" ] && {
nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip protocol icmp ${_ipt_source} ip daddr $FAKE_IP $(REDIRECT) comment \"$remarks\"" nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip protocol icmp ${_ipt_source} ip daddr $FAKE_IP $(REDIRECT) comment \"$remarks\""
@ -371,8 +371,8 @@ load_acl() {
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的" [ "$TCP_NO_REDIR_PORTS" != "disable" ] && msg="${msg}${TCP_NO_REDIR_PORTS}外的"
msg="${msg}所有端口" msg="${msg}所有端口"
nft "add rule inet fw4 PSW2_NAT ip protocol tcp ip daddr @$nftset_global_whitelist counter return comment \"$remarks\"" [ -z "${is_tproxy}" ] && nft "add rule inet fw4 PSW2_NAT ip protocol tcp ip daddr @$nftset_global_whitelist counter return comment \"$remarks\""
nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp ip daddr @$nftset_global_whitelist counter return comment \"$remarks\"" [ -n "${is_tproxy}" ] && nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp ip daddr @$nftset_global_whitelist counter return comment \"$remarks\""
[ "$accept_icmp" = "1" ] && { [ "$accept_icmp" = "1" ] && {
nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip protocol icmp ip daddr $FAKE_IP $(REDIRECT) comment \"默认\"" nft "add rule inet fw4 PSW2_ICMP_REDIRECT ip protocol icmp ip daddr $FAKE_IP $(REDIRECT) comment \"默认\""