OpenWrt
/
small-package
mirror of https://github.com/kenzok8/small-package
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update 2024-02-04 23:34:26

This commit is contained in:
github-actions[bot] 2024-02-04 23:34:26 +08:00
parent eea5e9bf49
commit d80262d823
8 changed files with 381 additions and 355 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
luci-app-nginx-pingos/root/resource/conf-template/nginx.conf
View File

@ -31,6 +31,7 @@ events {
#dynamic_conf conf/nginx_dynamic.conf 10; #dynamic_conf conf/nginx_dynamic.conf 10;
#dynamic_log logs/dynamic.log info; #dynamic_log logs/dynamic.log info;
rtmp { rtmp {
log_format log_bandwidth '{"app":"$app","name":"$name","bitrate":$bitrate,"args":"$args","timestamp":$ntp,"ts":"$time_local","type":"$command","remote_addr":"$remote_addr","domain":"$domain"}'; log_format log_bandwidth '{"app":"$app","name":"$name","bitrate":$bitrate,"args":"$args","timestamp":$ntp,"ts":"$time_local","type":"$command","remote_addr":"$remote_addr","domain":"$domain"}';
access_log logs/bandwidth.log log_bandwidth trunc=60s; access_log logs/bandwidth.log log_bandwidth trunc=60s;

2
luci-app-xray/README.md
View File

@ -39,6 +39,8 @@ Fork this repository and:
## Changelog since 3.3.0 ## Changelog since 3.3.0
* 2024-01-19 chore: bump version * 2024-01-19 chore: bump version
* 2024-01-24 feat: add alias to LAN Hosts Access Control
* 2024-02-04 fix: avoid firewall restart failure & some minor adjustments
## Changelog since 3.2.0 ## Changelog since 3.2.0

2
luci-app-xray/core/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-xray PKG_NAME:=luci-app-xray
PKG_VERSION:=3.3.0 PKG_VERSION:=3.3.1
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=MPLv2 PKG_LICENSE:=MPLv2

6
luci-app-xray/core/root/etc/init.d/xray_core
View File

@ -5,8 +5,6 @@ STOP=15
USE_PROCD=1 USE_PROCD=1
NAME=xray_core NAME=xray_core
FIREWALL_INCLUDE="/usr/share/xray/firewall_include.ut"
setup_firewall() { setup_firewall() {
ip rule add fwmark 251 lookup 251 ip rule add fwmark 251 lookup 251
ip route add local default dev lo table 251 ip route add local default dev lo table 251
@ -14,7 +12,7 @@ setup_firewall() {
ip -6 route add local default dev lo table 251 ip -6 route add local default dev lo table 251
logger -st xray[$$] -p4 "Generating firewall4 rules..." logger -st xray[$$] -p4 "Generating firewall4 rules..."
/usr/bin/utpl ${FIREWALL_INCLUDE} > /var/etc/xray/firewall_include.nft /usr/bin/utpl /usr/share/xray/firewall_include.ut > /var/etc/xray/01_firewall_include.nft
logger -st xray[$$] -p4 "Triggering firewall4 restart..." logger -st xray[$$] -p4 "Triggering firewall4 restart..."
/etc/init.d/firewall restart /etc/init.d/firewall restart
@ -27,7 +25,7 @@ flush_firewall() {
ip -6 route del local default dev lo table 251 ip -6 route del local default dev lo table 251
logger -st xray[$$] -p4 "Flushing firewall4 rules..." logger -st xray[$$] -p4 "Flushing firewall4 rules..."
rm -f /var/etc/xray/firewall_include.nft rm -f /var/etc/xray/*.nft
logger -st xray[$$] -p4 "Triggering firewall4 restart..." logger -st xray[$$] -p4 "Triggering firewall4 restart..."
/etc/init.d/firewall restart /etc/init.d/firewall restart

43
luci-app-xray/core/root/usr/share/xray/default_gateway.uc
View File

@ -1,7 +1,7 @@
#!/usr/bin/ucode #!/usr/bin/ucode
"use strict"; "use strict";
import { popen, stat } from "fs"; import { open, popen, stat } from "fs";
import { connect } from "ubus"; import { connect } from "ubus";
function network_dump() { function network_dump() {
@ -48,24 +48,44 @@ function gen_tp_spec_dv4_dg(dg) {
return ""; return "";
} }
if (length(dg) > 0) { if (length(dg) > 0) {
return `flush set inet fw4 tp_spec_dv4_dg\nadd element inet fw4 tp_spec_dv4_dg { ${join(", ", dg)} }\n`; return `set tp_spec_dv4_dg {
type ipv4_addr
size 16
flags interval
elements = { ${join(", ", dg)} }
}\n`;
} }
return ""; return "";
} }
function gen_tp_spec_dv6_dg(pd) { function gen_tp_spec_dv6_dg(pd) {
if (length(pd) > 0) { if (length(pd) > 0) {
return `flush set inet fw4 tp_spec_dv6_dg\nadd element inet fw4 tp_spec_dv6_dg { ${join(", ", pd)} }\n`; return `set tp_spec_dv6_dg {
type ipv6_addr
size 16
flags interval
elements = { ${join(", ", pd)} }
}\n`;
} }
return ""; return "";
} }
function update_nft(dg, pd) { function generate_include(rule_dg, rule_pd, file_path) {
const process = popen("nft -f -", "w"); const handle = open(file_path, "w");
process.write(gen_tp_spec_dv4_dg(dg)); handle.write(rule_dg);
process.write(gen_tp_spec_dv6_dg(pd)); handle.write(rule_pd);
process.flush(); handle.flush();
process.close(); handle.close();
}
function update_nft(rule_dg, rule_pd) {
const handle = popen("nft -f -", "w");
handle.write(`table inet fw4 {
${rule_dg}
${rule_pd}
}`);
handle.flush();
handle.close();
} }
function restart_dnsmasq_if_necessary() { function restart_dnsmasq_if_necessary() {
@ -82,6 +102,9 @@ if (log == "") {
print("default gateway not available, please wait for interface ready"); print("default gateway not available, please wait for interface ready");
} else { } else {
print(`default gateway available at ${log}\n`); print(`default gateway available at ${log}\n`);
update_nft(dg, pd); const rule_dg = gen_tp_spec_dv4_dg(dg);
const rule_pd = gen_tp_spec_dv6_dg(pd);
update_nft(rule_dg, rule_pd);
generate_include(rule_dg, rule_pd, "/var/etc/xray/02_default_gateway_include.nft");
} }
restart_dnsmasq_if_necessary(); restart_dnsmasq_if_necessary();

40
luci-app-xray/core/root/usr/share/xray/firewall_include.ut
View File

@ -127,7 +127,8 @@
set tp_spec_dv4_sp { set tp_spec_dv4_sp {
type ipv4_addr type ipv4_addr
flags constant,interval size 32
flags interval
elements = { 0.0.0.0/8, 10.0.0.0/8, elements = { 0.0.0.0/8, 10.0.0.0/8,
100.64.0.0/10, 127.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8,
169.254.0.0/16, 172.16.0.0/12, 169.254.0.0/16, 172.16.0.0/12,
@ -137,7 +138,8 @@
set tp_spec_dv6_sp { set tp_spec_dv6_sp {
type ipv6_addr type ipv6_addr
flags constant,interval size 32
flags interval
elements = { ::, elements = { ::,
::1, ::1,
::ffff:0.0.0.0/96, ::ffff:0.0.0.0/96,
@ -156,7 +158,7 @@
{% if (length(tp_spec_sm4_bp) > 0): %} {% if (length(tp_spec_sm4_bp) > 0): %}
set tp_spec_sm4_bp { set tp_spec_sm4_bp {
type ether_addr type ether_addr
flags constant size {{ length(tp_spec_sm4_bp) * 2 + 1 }}
elements = { {{ join(", ", tp_spec_sm4_bp) }} } elements = { {{ join(", ", tp_spec_sm4_bp) }} }
} }
{% endif %} {% endif %}
@ -164,7 +166,7 @@
{% if (length(tp_spec_sm6_bp) > 0): %} {% if (length(tp_spec_sm6_bp) > 0): %}
set tp_spec_sm6_bp { set tp_spec_sm6_bp {
type ether_addr type ether_addr
flags constant size {{ length(tp_spec_sm6_bp) * 2 + 1 }}
elements = { {{ join(", ", tp_spec_sm6_bp) }} } elements = { {{ join(", ", tp_spec_sm6_bp) }} }
} }
{% endif %} {% endif %}
@ -172,7 +174,7 @@
{% if (length(tp_spec_sm4_tp) > 0): %} {% if (length(tp_spec_sm4_tp) > 0): %}
set tp_spec_sm4_tp { set tp_spec_sm4_tp {
type ether_addr type ether_addr
flags constant size {{ length(tp_spec_sm4_tp) * 2 + 1 }}
elements = { {{ join(", ", tp_spec_sm4_tp) }} } elements = { {{ join(", ", tp_spec_sm4_tp) }} }
} }
{% endif %} {% endif %}
@ -180,7 +182,7 @@
{% if (length(tp_spec_sm6_tp) > 0): %} {% if (length(tp_spec_sm6_tp) > 0): %}
set tp_spec_sm6_tp { set tp_spec_sm6_tp {
type ether_addr type ether_addr
flags constant size {{ length(tp_spec_sm6_tp) * 2 + 1 }}
elements = { {{ join(", ", tp_spec_sm6_tp) }} } elements = { {{ join(", ", tp_spec_sm6_tp) }} }
} }
{% endif %} {% endif %}
@ -188,7 +190,7 @@
{% for (let i in extra_inbound_tcp_v4_map): %} {% for (let i in extra_inbound_tcp_v4_map): %}
set tp_spec_sm4_ft_{{ i }} { set tp_spec_sm4_ft_{{ i }} {
type ether_addr type ether_addr
flags constant size {{ length(extra_inbound_tcp_v4_map) * 2 + 1 }}
elements = { {{ join(", ", extra_inbound_tcp_v4_map[i]) }} } elements = { {{ join(", ", extra_inbound_tcp_v4_map[i]) }} }
} }
{% endfor %} {% endfor %}
@ -196,7 +198,7 @@
{% for (let i in extra_inbound_udp_v4_map): %} {% for (let i in extra_inbound_udp_v4_map): %}
set tp_spec_sm4_fu_{{ i }} { set tp_spec_sm4_fu_{{ i }} {
type ether_addr type ether_addr
flags constant size {{ length(extra_inbound_udp_v4_map) * 2 + 1 }}
elements = { {{ join(", ", extra_inbound_udp_v4_map[i]) }} } elements = { {{ join(", ", extra_inbound_udp_v4_map[i]) }} }
} }
{% endfor %} {% endfor %}
@ -204,7 +206,7 @@
{% for (let i in extra_inbound_tcp_v6_map): %} {% for (let i in extra_inbound_tcp_v6_map): %}
set tp_spec_sm6_ft_{{ i }} { set tp_spec_sm6_ft_{{ i }} {
type ether_addr type ether_addr
flags constant size {{ length(extra_inbound_tcp_v6_map) * 2 + 1 }}
elements = { {{ join(", ", extra_inbound_tcp_v6_map[i]) }} } elements = { {{ join(", ", extra_inbound_tcp_v6_map[i]) }} }
} }
{% endfor %} {% endfor %}
@ -212,7 +214,7 @@
{% for (let i in extra_inbound_udp_v6_map): %} {% for (let i in extra_inbound_udp_v6_map): %}
set tp_spec_sm6_fu_{{ i }} { set tp_spec_sm6_fu_{{ i }} {
type ether_addr type ether_addr
flags constant size {{ length(extra_inbound_udp_v6_map) * 2 + 1 }}
elements = { {{ join(", ", extra_inbound_udp_v6_map[i]) }} } elements = { {{ join(", ", extra_inbound_udp_v6_map[i]) }} }
} }
{% endfor %} {% endfor %}
@ -220,7 +222,7 @@
{% if (length(manual_tproxy_source_ips) > 0): %} {% if (length(manual_tproxy_source_ips) > 0): %}
set tp_spec_dv4_mt { set tp_spec_dv4_mt {
type ipv4_addr type ipv4_addr
flags constant, interval size {{ length(manual_tproxy_source_ips) * 2 + 1 }}
elements = { {{ join(", ", manual_tproxy_source_ips) }} } elements = { {{ join(", ", manual_tproxy_source_ips) }} }
} }
{% endif %} {% endif %}
@ -228,8 +230,8 @@
{% if (length(wan_bp_ips_v4) > 0): %} {% if (length(wan_bp_ips_v4) > 0): %}
set tp_spec_dv4_bp { set tp_spec_dv4_bp {
type ipv4_addr type ipv4_addr
size {{ length(wan_bp_ips_v4) }} size {{ length(wan_bp_ips_v4) * 2 + 1 }}
flags constant, interval flags interval
elements = { {{ join(", ", wan_bp_ips_v4)}} } elements = { {{ join(", ", wan_bp_ips_v4)}} }
} }
{% endif %} {% endif %}
@ -237,8 +239,8 @@
{% if (length(wan_bp_ips_v6) > 0): %} {% if (length(wan_bp_ips_v6) > 0): %}
set tp_spec_dv6_bp { set tp_spec_dv6_bp {
type ipv6_addr type ipv6_addr
size {{ length(wan_bp_ips_v6) }} size {{ length(wan_bp_ips_v6) * 2 + 1 }}
flags constant, interval flags interval
elements = { {{ join(", ", wan_bp_ips_v6)}} } elements = { {{ join(", ", wan_bp_ips_v6)}} }
} }
{% endif %} {% endif %}
@ -246,8 +248,8 @@
{% if (length(wan_fw_ips_v4) > 0): %} {% if (length(wan_fw_ips_v4) > 0): %}
set tp_spec_dv4_fw { set tp_spec_dv4_fw {
type ipv4_addr type ipv4_addr
size {{ length(wan_fw_ips_v4) }} size {{ length(wan_fw_ips_v4) * 2 + 1 }}
flags constant, interval flags interval
elements = { {{ join(", ", wan_fw_ips_v4)}} } elements = { {{ join(", ", wan_fw_ips_v4)}} }
} }
{% endif %} {% endif %}
@ -255,8 +257,8 @@
{% if (length(wan_fw_ips_v6) > 0): %} {% if (length(wan_fw_ips_v6) > 0): %}
set tp_spec_dv6_fw { set tp_spec_dv6_fw {
type ipv6_addr type ipv6_addr
size {{ length(wan_fw_ips_v6) }} size {{ length(wan_fw_ips_v6) * 2 + 1 }}
flags constant, interval flags interval
elements = { {{ join(", ", wan_fw_ips_v6)}} } elements = { {{ join(", ", wan_fw_ips_v6)}} }
} }
{% endif %} {% endif %}

2
luci-app-xray/status/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-xray-status PKG_NAME:=luci-app-xray-status
PKG_VERSION:=3.3.0 PKG_VERSION:=3.3.1
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=MPLv2 PKG_LICENSE:=MPLv2