OpenWrt
/
small-package
mirror of https://github.com/kenzok8/small-package
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update 04-12 09:33

This commit is contained in:
github-actions[bot] 2022-04-12 09:33:58 +08:00
parent ddaa30cd36
commit fb3e863190
16 changed files with 1163 additions and 582 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

197
luci-app-mosdns/root/etc/mosdns/serverlist.txt
View File

File diff suppressed because it is too large Load Diff

4
luci-app-passwall/Makefile
View File

@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
PKG_VERSION:=4.52
PKG_RELEASE:=3
PKG_VERSION:=4.53
PKG_RELEASE:=1
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_Transparent_Proxy \

4
luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua
View File

@ -18,6 +18,10 @@ function s.create(e, t)
t = TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
function s.remove(e, t)
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_" .. t .. "*")
TypedSection.remove(e, t)
end
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))

24
luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
View File

@ -282,13 +282,23 @@ o.rmempty = false
if has_chnlist and api.is_finded("chinadns-ng") then
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
o.default = "0"
o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "pdnsd"})
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "udp"})
if api.is_finded("smartdns") then
o:depends({dns_shunt = "dnsmasq", dns_mode = "dns2socks"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "pdnsd"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "v2ray", v2ray_dns_mode = "doh"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "xray", v2ray_dns_mode = "doh"})
o:depends({dns_shunt = "dnsmasq", dns_mode = "udp"})
else
o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "pdnsd"})
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "v2ray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "udp"})
end
end
o = s:taboption("DNS", Button, "clear_ipset", translate("Clear IPSET"), translate("Try this feature if the rule modification does not take effect."))

116
luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
View File

@ -1,11 +1,13 @@
local api = require "luci.model.cbi.passwall.api.api"
local appname = api.appname
local fs = api.fs
local sys = api.sys
local datatypes = api.datatypes
local path = string.format("/usr/share/%s/rules/", appname)
local route_hosts_path = "/etc/"
m = Map(appname)
m = SimpleForm(appname)
m.uci = api.uci
-- [[ Rule List Settings ]]--
s = m:section(TypedSection, "global_rules")
@ -22,9 +24,17 @@ local direct_host = path .. "direct_host"
o = s:taboption("direct_list", TextValue, "direct_host", "", "<font color='red'>" .. translate("Join the direct hosts list of domain names will not proxy.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(direct_host) or "" end
o.write = function(self, section, value) fs.writefile(direct_host, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(direct_host, "") end
o.cfgvalue = function(self, section)
return fs.readfile(direct_host) or ""
end
o.write = function(self, section, value)
fs.writefile(direct_host, value:gsub("\r\n", "\n"))
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.remove = function(self, section, value)
fs.writefile(direct_host, "")
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@ -44,9 +54,15 @@ local direct_ip = path .. "direct_ip"
o = s:taboption("direct_list", TextValue, "direct_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will not proxy. Please input the ip address or ip address segment,every line can input only one ip address. For example: 192.168.0.0/24 or 223.5.5.5.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(direct_ip) or "" end
o.write = function(self, section, value) fs.writefile(direct_ip, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(direct_ip, "") end
o.cfgvalue = function(self, section)
return fs.readfile(direct_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(direct_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(direct_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@ -66,9 +82,17 @@ local proxy_host = path .. "proxy_host"
o = s:taboption("proxy_list", TextValue, "proxy_host", "", "<font color='red'>" .. translate("These had been joined websites will use proxy. Please input the domain names of websites, every line can input only one website domain. For example: google.com.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(proxy_host) or "" end
o.write = function(self, section, value) fs.writefile(proxy_host, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(proxy_host, "") end
o.cfgvalue = function(self, section)
return fs.readfile(proxy_host) or ""
end
o.write = function(self, section, value)
fs.writefile(proxy_host, value:gsub("\r\n", "\n"))
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.remove = function(self, section, value)
fs.writefile(proxy_host, "")
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@ -88,9 +112,15 @@ local proxy_ip = path .. "proxy_ip"
o = s:taboption("proxy_list", TextValue, "proxy_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will use proxy. Please input the ip address or ip address segment, every line can input only one ip address. For example: 35.24.0.0/24 or 8.8.4.4.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(proxy_ip) or "" end
o.write = function(self, section, value) fs.writefile(proxy_ip, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(proxy_ip, "") end
o.cfgvalue = function(self, section)
return fs.readfile(proxy_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(proxy_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(proxy_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@ -110,9 +140,15 @@ local block_host = path .. "block_host"
o = s:taboption("block_list", TextValue, "block_host", "", "<font color='red'>" .. translate("These had been joined websites will be block. Please input the domain names of websites, every line can input only one website domain. For example: twitter.com.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(block_host) or "" end
o.write = function(self, section, value) fs.writefile(block_host, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(block_host, "") end
o.cfgvalue = function(self, section)
return fs.readfile(block_host) or ""
end
o.write = function(self, section, value)
fs.writefile(block_host, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(block_host, "")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@ -132,9 +168,15 @@ local block_ip = path .. "block_ip"
o = s:taboption("block_list", TextValue, "block_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will be block. Please input the ip address or ip address segment, every line can input only one ip address.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(block_ip) or "" end
o.write = function(self, section, value) fs.writefile(block_ip, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(block_ip, "") end
o.cfgvalue = function(self, section)
return fs.readfile(block_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(block_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(block_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@ -154,9 +196,15 @@ local lanlist_ipv4 = path .. "lanlist_ipv4"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv4", "", "<font color='red'>" .. translate("The list is the IPv4 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(lanlist_ipv4) or "" end
o.write = function(self, section, value) fs.writefile(lanlist_ipv4, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(lanlist_ipv4, "") end
o.cfgvalue = function(self, section)
return fs.readfile(lanlist_ipv4) or ""
end
o.write = function(self, section, value)
fs.writefile(lanlist_ipv4, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(lanlist_ipv4, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@ -176,9 +224,15 @@ local lanlist_ipv6 = path .. "lanlist_ipv6"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv6", "", "<font color='red'>" .. translate("The list is the IPv6 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(lanlist_ipv6) or "" end
o.write = function(self, section, value) fs.writefile(lanlist_ipv6, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(lanlist_ipv6, "") end
o.cfgvalue = function(self, section)
return fs.readfile(lanlist_ipv6) or ""
end
o.write = function(self, section, value)
fs.writefile(lanlist_ipv6, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(lanlist_ipv6, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@ -198,8 +252,14 @@ local hosts = route_hosts_path .. "hosts"
o = s:taboption("route_hosts", TextValue, "hosts", "", "<font color='red'>" .. translate("Configure routing etc/hosts file, if you don't know what you are doing, please don't change the content.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(hosts) or "" end
o.write = function(self, section, value) fs.writefile(hosts, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value) fs.writefile(hosts, "") end
o.cfgvalue = function(self, section)
return fs.readfile(hosts) or ""
end
o.write = function(self, section, value)
fs.writefile(hosts, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(hosts, "")
end
return m

5
luci-app-passwall/root/usr/share/passwall/app.sh
View File

@ -1143,7 +1143,7 @@ start_dns() {
smartdns)
local group_domestic=$(config_t_get global group_domestic)
CHINADNS_NG=0
source $APP_PATH/helper_smartdns.sh add DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
source $APP_PATH/helper_smartdns.sh add FLAG="default" DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
source $APP_PATH/helper_smartdns.sh restart
echolog " - 域名解析使用SmartDNS请确保配置正常。"
;;
@ -1178,7 +1178,7 @@ start_dns() {
[ "$DNS_SHUNT" = "dnsmasq" ] && {
source $APP_PATH/helper_dnsmasq.sh stretch
source $APP_PATH/helper_dnsmasq.sh add DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
source $APP_PATH/helper_dnsmasq.sh add FLAG="default" DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
}
}
@ -1434,7 +1434,6 @@ stop() {
unset XRAY_LOCATION_ASSET
stop_crontab
source $APP_PATH/helper_smartdns.sh del
source $APP_PATH/helper_smartdns.sh restart no_log=1
source $APP_PATH/helper_dnsmasq.sh del
source $APP_PATH/helper_dnsmasq.sh restart no_log=1
rm -rf ${TMP_PATH}

234
luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh
View File

@ -45,10 +45,10 @@ logic_restart() {
for server in $(uci -q get dhcp.@dnsmasq[0].server); do
[ -n "$(echo $server | grep '\/')" ] || uci -q del_list dhcp.@dnsmasq[0].server="$server"
done
/etc/init.d/dnsmasq restart >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1 &
restore_servers
else
/etc/init.d/dnsmasq restart >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1 &
fi
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
@ -59,239 +59,15 @@ restart() {
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
/etc/init.d/dnsmasq restart >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1 &
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
}
gen_items() {
local ipsets dnss outf ipsetoutf
eval_set_val $@
awk -v ipsets="${ipsets}" -v dnss="${dnss}" -v outf="${outf}" -v ipsetoutf="${ipsetoutf}" '
BEGIN {
if(outf == "") outf="/dev/stdout";
if(ipsetoutf == "") ipsetoutf=outf;
split(dnss, dns, ","); setdns=length(dns)>0; setlist=length(ipsets)>0;
if(setdns) for(i in dns) if(length(dns[i])==0) delete dns[i];
fail=1;
}
! /^$/&&!/^#/ {
fail=0
if(setdns) for(i in dns) printf("server=/.%s/%s\n", $0, dns[i]) >>outf;
if(setlist) printf("ipset=/.%s/%s\n", $0, ipsets) >>ipsetoutf;
}
END {fflush(outf); close(outf); fflush(ipsetoutf); close(ipsetoutf); exit(fail);}
'
}
gen_address_items() {
local address outf
eval_set_val $@
awk -v address="${address}" -v outf="${outf}" '
BEGIN {
if(outf == "") outf="/dev/stdout";
if(address == "") address="0.0.0.0,::";
split(address, ad, ","); setad=length(ad)>0;
if(setad) for(i in ad) if(length(ad[i])==0) delete ad[i];
fail=1;
}
! /^$/&&!/^#/ {
fail=0
if(setad) for(i in ad) printf("address=/.%s/%s\n", $0, ad[i]) >>outf;
}
END {fflush(outf); close(outf); exit(fail);}
'
}
ipset_merge() {
awk '{gsub(/ipset=\//,""); gsub(/\//," ");key=$1;value=$2;if (sum[key] != "") {sum[key]=sum[key]","value} else {sum[key]=sum[key]value}} END{for(i in sum) print "ipset=/"i"/"sum[i]}' "${1}/ipset.conf" > "${1}/ipset.conf2"
mv -f "${1}/ipset.conf2" "${1}/ipset.conf"
}
add() {
local fwd_dns item servers msg
local DNS_MODE TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_DNS TUN_DNS REMOTE_FAKEDNS CHINADNS_DNS TCP_NODE PROXY_MODE NO_LOGIC_LOG NO_PROXY_IPV6
local FLAG TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_DNS TUN_DNS REMOTE_FAKEDNS CHINADNS_DNS TCP_NODE PROXY_MODE NO_PROXY_IPV6 NO_LOGIC_LOG
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$NO_LOGIC_LOG" ] && LOG_FILE="/dev/null"
global=$(echo "${PROXY_MODE}" | grep "global")
returnhome=$(echo "${PROXY_MODE}" | grep "returnhome")
chnlist=$(echo "${PROXY_MODE}" | grep "chnroute")
gfwlist=$(echo "${PROXY_MODE}" | grep "gfwlist")
mkdir -p "${TMP_DNSMASQ_PATH}" "${DNSMASQ_PATH}" "/tmp/dnsmasq.d"
count_hosts_str="!"
[ -n "$CHINADNS_DNS" ] && dnsmasq_default_dns="${CHINADNS_DNS}"
[ -n "$global" ] && [ -z "$returnhome" ] && [ -z "$chnlist" ] && [ -z "$gfwlist" ] && only_global=1 && dnsmasq_default_dns="${TUN_DNS}"
#屏蔽列表
[ -s "${RULES_PATH}/block_host" ] && {
cat "${RULES_PATH}/block_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="0.0.0.0" outf="${TMP_DNSMASQ_PATH}/00-block_host.conf"
}
#始终用国内DNS解析节点域名
fwd_dns="${LOCAL_DNS}"
servers=$(uci show "${CONFIG}" | grep ".address=" | cut -d "'" -f 2)
hosts_foreach "servers" host_from_url | grep '[a-zA-Z]$' | sort -u | gen_items ipsets="vpsiplist,vpsiplist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/10-vpsiplist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]节点列表中的域名(vpsiplist)${fwd_dns:-默认}"
#始终用国内DNS解析直连白名单列表
[ -s "${RULES_PATH}/direct_host" ] && {
fwd_dns="${LOCAL_DNS}"
#[ -n "$CHINADNS_DNS" ] && unset fwd_dns
cat "${RULES_PATH}/direct_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/11-direct_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]域名白名单(whitelist)${fwd_dns:-默认}"
}
subscribe_list=""
for item in $(get_enabled_anonymous_secs "@subscribe_list"); do
host=$(host_from_url "$(config_n_get ${item} url)")
subscribe_list="${subscribe_list}\n${host}"
done
[ -n "$subscribe_list" ] && {
if [ "$(config_t_get global_subscribe subscribe_proxy 0)" = "0" ]; then
#如果没有开启通过代理订阅
fwd_dns="${LOCAL_DNS}"
echo -e "$subscribe_list" | sort -u | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/12-subscribe.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]节点订阅域名(whitelist)${fwd_dns:-默认}"
else
#如果开启了通过代理订阅
local ipset_flag="blacklist,blacklist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="blacklist"
echo -e "$subscribe_list" | sort -u | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/91-subscribe-noipv6.conf"
fi
[ -z "${only_global}" ] && {
fwd_dns="${TUN_DNS}"
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
echo -e "$subscribe_list" | sort -u | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/91-subscribe.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]节点订阅域名(blacklist)${fwd_dns:-默认}"
}
fi
}
#始终使用远程DNS解析代理黑名单列表
[ -s "${RULES_PATH}/proxy_host" ] && {
local ipset_flag="blacklist,blacklist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="blacklist"
cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/97-proxy_host-noipv6.conf"
fi
[ -z "${only_global}" ] && {
fwd_dns="${TUN_DNS}"
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/97-proxy_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]代理域名表(blacklist)${fwd_dns:-默认}"
}
}
#分流规则
[ "$(config_n_get $TCP_NODE protocol)" = "_shunt" ] && {
local default_node_id=$(config_n_get $TCP_NODE default_node _direct)
local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for shunt_id in $shunt_ids; do
local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
[ "$shunt_node_id" = "nil" ] && continue
[ "$shunt_node_id" = "_default" ] && shunt_node_id=$default_node_id
[ "$shunt_node_id" = "_blackhole" ] && continue
local str=$(echo -n $(config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u) | sed "s/ /|/g")
[ -n "$str" ] && count_hosts_str="${count_hosts_str}|${str}"
fwd_dns="${LOCAL_DNS}"
[ "$shunt_node_id" = "_direct" ] && {
[ -n "$str" ] && echo $str | sed "s/|/\n/g" | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/13-shunt_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
continue
}
local shunt_node=$(config_n_get $shunt_node_id address nil)
[ "$shunt_node" = "nil" ] && continue
[ -n "$str" ] && {
local ipset_flag="shuntlist,shuntlist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="shuntlist"
echo $str | sed "s/|/\n/g" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/98-shunt_host-noipv6.conf"
fi
[ -z "${only_global}" ] && {
fwd_dns="${TUN_DNS}"
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
echo $str | sed "s/|/\n/g" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/98-shunt_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
}
}
done
echolog " - [$?]V2ray/Xray分流规则(shuntlist)${fwd_dns:-默认}"
}
[ -s "${RULES_PATH}/direct_host" ] && direct_hosts_str="$(echo -n $(cat ${RULES_PATH}/direct_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
[ -s "${RULES_PATH}/proxy_host" ] && proxy_hosts_str="$(echo -n $(cat ${RULES_PATH}/proxy_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
[ -n "$direct_hosts_str" ] && count_hosts_str="${count_hosts_str}|${direct_hosts_str}"
[ -n "$proxy_hosts_str" ] && count_hosts_str="${count_hosts_str}|${proxy_hosts_str}"
#如果没有使用回国模式
if [ -z "${returnhome}" ]; then
# GFW 模式
[ -s "${RULES_PATH}/gfwlist" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/gfwlist" > "${TMP_PATH}/gfwlist"
local ipset_flag="gfwlist,gfwlist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="gfwlist"
sort -u "${TMP_PATH}/gfwlist" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/99-gfwlist-noipv6.conf"
fi
[ -z "${only_global}" ] && {
fwd_dns="${TUN_DNS}"
[ -n "$CHINADNS_DNS" ] && unset fwd_dns
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
sort -u "${TMP_PATH}/gfwlist" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/99-gfwlist.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]防火墙域名表(gfwlist)${fwd_dns:-默认}"
}
rm -f "${TMP_PATH}/gfwlist"
}
# 中国列表以外 模式
[ -n "${CHINADNS_DNS}" ] && {
fwd_dns="${LOCAL_DNS}"
[ -n "$CHINADNS_DNS" ] && unset fwd_dns
[ -s "${RULES_PATH}/chnlist" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" | gen_items ipsets="chnroute,chnroute6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/19-chinalist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]中国域名表(chnroute)${fwd_dns:-默认}"
}
}
else
#回国模式
[ -s "${RULES_PATH}/chnlist" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" > "${TMP_PATH}/chnlist"
local ipset_flag="chnroute,chnroute6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="chnroute"
sort -u "${TMP_PATH}/chnlist" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/99-chinalist_host-noipv6.conf"
fi
[ -z "${only_global}" ] && {
fwd_dns="${TUN_DNS}"
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
sort -u "${TMP_PATH}/chnlist" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/99-chinalist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
echolog " - [$?]中国域名表(chnroute)${fwd_dns:-默认}"
}
rm -f "${TMP_PATH}/chnlist"
}
fi
ipset_merge ${TMP_DNSMASQ_PATH}
echo "conf-dir=${TMP_DNSMASQ_PATH}" > $DNSMASQ_CONF_FILE
[ -n "${dnsmasq_default_dns}" ] && {
echo "${DEFAULT_DNS}" > $TMP_PATH/default_DNS
cat <<-EOF >> $DNSMASQ_CONF_FILE
server=${dnsmasq_default_dns}
all-servers
no-poll
no-resolv
EOF
echolog " - [$?]以上所列以外及默认:${dnsmasq_default_dns}"
}
echolog " - PassWall必须依赖于Dnsmasq如果你自行配置了错误的DNS流程将会导致域名(直连/代理域名)分流失效!!!"
LOG_FILE=${_LOG_FILE}
lua $APP_PATH/helper_dnsmasq_add.lua -FLAG $FLAG -TMP_DNSMASQ_PATH $TMP_DNSMASQ_PATH -DNSMASQ_CONF_FILE $DNSMASQ_CONF_FILE -DEFAULT_DNS $DEFAULT_DNS -LOCAL_DNS $LOCAL_DNS -TUN_DNS $TUN_DNS -REMOTE_FAKEDNS ${REMOTE_FAKEDNS:-0} -CHINADNS_DNS ${CHINADNS_DNS:-0} -TCP_NODE $TCP_NODE -PROXY_MODE $PROXY_MODE -NO_PROXY_IPV6 ${NO_PROXY_IPV6:-0} -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
}
del() {

430
luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua Normal file
View File

@ -0,0 +1,430 @@
local api = require "luci.model.cbi.passwall.api.api"
local var = api.get_args(arg)
local FLAG = var["-FLAG"]
local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"]
local DNSMASQ_CONF_FILE = var["-DNSMASQ_CONF_FILE"]
local DEFAULT_DNS = var["-DEFAULT_DNS"]
local LOCAL_DNS = var["-LOCAL_DNS"]
local TUN_DNS = var["-TUN_DNS"]
local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
local CHINADNS_DNS = var["-CHINADNS_DNS"]
local TCP_NODE = var["-TCP_NODE"]
local PROXY_MODE = var["-PROXY_MODE"]
local NO_PROXY_IPV6 = var["-NO_PROXY_IPV6"]
local NO_LOGIC_LOG = var["-NO_LOGIC_LOG"]
local LOG_FILE = "/tmp/log/passwall.log"
local CACHE_PATH = "/tmp/etc/passwall_tmp"
local CACHE_FLAG = "dns_" .. FLAG
local CACHE_DNS_PATH = CACHE_PATH .. "/" .. CACHE_FLAG
local CACHE_MD5_FILE = CACHE_DNS_PATH .. ".md5"
local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = api.appname
local fs = api.fs
local datatypes = api.datatypes
local list1 = {}
local excluded_domain = {}
local excluded_domain_str = "!"
local function log(...)
if NO_LOGIC_LOG == "1" then
return
end
local f, err = io.open(LOG_FILE, "a")
if f and err == nil then
local str = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
f:write(str .. "\n")
f:close()
end
end
--从url获取域名
local function get_domain_from_url(url)
if url then
if datatypes.hostname(url) then
return url
end
local domain = url:match("//([^/]+)")
if domain then
return domain
end
end
return ""
end
local function check_dns(domain, dns)
if domain == "" or domain:find("#") then
return false
end
if not dns then
return
end
for k,v in ipairs(list1[domain].dns) do
if dns == v then
return true
end
end
return false
end
local function check_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return false
end
if not ipset then
return
end
for k,v in ipairs(list1[domain].ipsets) do
if ipset == v then
return true
end
end
return false
end
local function set_domain_address(domain, address)
if domain == "" or domain:find("#") then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
if not list1[domain].address then
list1[domain].address = address
end
end
local function set_domain_dns(domain, dns)
if domain == "" or domain:find("#") then
return
end
if not dns then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
for line in string.gmatch(dns, '[^' .. "," .. ']+') do
if not check_dns(domain, line) then
table.insert(list1[domain].dns, line)
end
end
end
local function set_domain_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return
end
if not ipset then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
for line in string.gmatch(ipset, '[^' .. "," .. ']+') do
if not check_ipset(domain, line) then
table.insert(list1[domain].ipsets, line)
end
end
end
local function add_excluded_domain(domain)
if domain == "" or domain:find("#") then
return
end
table.insert(excluded_domain, domain)
excluded_domain_str = excluded_domain_str .. "|" .. domain
end
local function check_excluded_domain(domain)
if domain == "" or domain:find("#") then
return false
end
for k,v in ipairs(excluded_domain) do
if domain:find(v) then
return true
end
end
return false
end
local dnsmasq_default_dns
local cache_md5 = ""
local str = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. CHINADNS_DNS .. PROXY_MODE .. NO_PROXY_IPV6
local md5 = luci.sys.exec("echo -n $(echo '" .. str .. "' | md5sum | awk '{print $1}')")
if fs.access(CACHE_MD5_FILE) then
for line in io.lines(CACHE_MD5_FILE) do
cache_md5 = line
end
end
if cache_md5 ~= md5 then
sys.call("rm -rf " .. CACHE_PATH .. "/" .. CACHE_FLAG .. "*")
end
local global = PROXY_MODE:find("global")
local returnhome = PROXY_MODE:find("returnhome")
local chnlist = PROXY_MODE:find("chnroute")
local gfwlist = PROXY_MODE:find("gfwlist")
local only_global
if CHINADNS_DNS ~= "0" then
dnsmasq_default_dns = CHINADNS_DNS
end
if global and (not returnhome and not chnlist and not gfwlist) then
dnsmasq_default_dns = TUN_DNS
only_global = 1
end
if not fs.access(CACHE_DNS_PATH) then
fs.mkdir("/tmp/dnsmasq.d")
fs.mkdir(CACHE_DNS_PATH)
--屏蔽列表
for line in io.lines("/usr/share/passwall/rules/block_host") do
if line ~= "" and not line:find("#") then
set_domain_address(line, "0.0.0.0")
end
end
--始终用国内DNS解析节点域名
uci:foreach(appname, "nodes", function(t)
local address = t.address
if datatypes.hostname(address) then
set_domain_dns(address, LOCAL_DNS)
set_domain_ipset(address, "vpsiplist,vpsiplist6")
end
end)
log(string.format(" - 节点列表中的域名(vpsiplist)%s", LOCAL_DNS or "默认"))
--始终用国内DNS解析直连白名单列表
for line in io.lines("/usr/share/passwall/rules/direct_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
set_domain_dns(line, LOCAL_DNS)
set_domain_ipset(line, "whitelist,whitelist6")
end
end
log(string.format(" - 域名白名单(whitelist)%s", LOCAL_DNS or "默认"))
local fwd_dns = LOCAL_DNS
local ipset_flag = "whitelist,whitelist6"
local no_ipv6
if uci:get(appname, "@global_subscribe[0]", "subscribe_proxy") or "0" == "1" then
fwd_dns = TUN_DNS
ipset_flag = "blacklist,blacklist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "blacklist"
no_ipv6 = true
end
if not only_global then
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
end
uci:foreach(appname, "subscribe_list", function(t)
local domain = get_domain_from_url(t.url)
if domain then
if no_ipv6 then
set_domain_address(domain, "::")
end
set_domain_dns(domain, fwd_dns)
set_domain_ipset(domain, ipset_flag)
end
end)
log(string.format(" - 节点订阅域名(blacklist)%s", fwd_dns or "默认"))
--始终使用远程DNS解析代理黑名单列表
for line in io.lines("/usr/share/passwall/rules/proxy_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
local ipset_flag = "blacklist,blacklist6"
if NO_PROXY_IPV6 == "1" then
set_domain_address(line, "::")
ipset_flag = "blacklist"
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_dns(line, TUN_DNS)
set_domain_ipset(line, ipset_flag)
end
end
log(string.format(" - 代理域名表(blacklist)%s", TUN_DNS or "默认"))
--分流规则
if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
local t = uci:get_all(appname, TCP_NODE)
local default_node_id = t["default_node"] or "_direct"
uci:foreach(appname, "shunt_rules", function(s)
local _node_id = t[s[".name"]] or "nil"
if _node_id ~= "nil" and _node_id ~= "_blackhole" then
if _node_id == "_default" then
_node_id = default_node_id
end
fwd_dns = nil
ipset_flag = nil
no_ipv6 = nil
if _node_id == "_direct" then
fwd_dns = LOCAL_DNS
ipset_flag = "whitelist,whitelist6"
else
fwd_dns = TUN_DNS
ipset_flag = "shuntlist,shuntlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "shuntlist"
no_ipv6 = true
end
if not only_global then
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
end
local domain_list = s.domain_list or ""
for line in string.gmatch(domain_list, "[^\r\n]+") do
if line ~= "" and not line:find("#") and not line:find("regexp:") and not line:find("geosite:") and not line:find("ext:") then
if line:find("domain:") or line:find("full:") then
line = string.match(line, ":([^:]+)$")
end
add_excluded_domain(line)
if no_ipv6 then
set_domain_address(line, "::")
end
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, ipset_flag)
end
end
if _node_id ~= "_direct" then
log(string.format(" - V2ray/Xray分流规则(%s)%s", s.remarks, fwd_dns or "默认"))
end
end
end)
end
--如果没有使用回国模式
if not returnhome then
if fs.access("/usr/share/passwall/rules/gfwlist") then
local gfwlist_str = sys.exec('cat /usr/share/passwall/rules/gfwlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(gfwlist_str, "[^\r\n]+") do
if line ~= "" then
local ipset_flag = "gfwlist,gfwlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "gfwlist"
set_domain_address(line, "::")
end
if not only_global then
fwd_dns = TUN_DNS
if CHINADNS_DNS ~= "0" then
fwd_dns = nil
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, ipset_flag)
end
end
end
log(string.format(" - 防火墙域名表(gfwlist)%s", fwd_dns or "默认"))
end
if CHINADNS_DNS ~= "0" then
if fs.access("/usr/share/passwall/rules/chnlist") then
fwd_dns = nil
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, "chnroute,chnroute6")
end
end
end
log(string.format(" - 中国域名表(chnroute)%s", fwd_dns or "默认"))
end
else
if fs.access("/usr/share/passwall/rules/chnlist") then
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
local ipset_flag = "chnroute,chnroute6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "chnroute"
set_domain_address(line, "::")
end
if not only_global then
set_domain_dns(line, TUN_DNS)
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_ipset(line, ipset_flag)
end
end
end
log(string.format(" - 中国域名表(chnroute)%s", TUN_DNS or "默认"))
end
end
local address_out = io.open(CACHE_DNS_PATH .. "/000-address.conf", "a")
local server_out = io.open(CACHE_DNS_PATH .. "/001-server.conf", "a")
local ipset_out = io.open(CACHE_DNS_PATH .. "/ipset.conf", "a")
for key, value in pairs(list1) do
if value.address and #value.address > 0 then
address_out:write(string.format("address=/.%s/%s\n", key, value.address))
end
if value.dns and #value.dns > 0 then
for i, dns in ipairs(value.dns) do
server_out:write(string.format("server=/.%s/%s\n", key, dns))
end
end
if value.ipsets and #value.ipsets > 0 then
local ipsets_str = ""
for i, ipset in ipairs(value.ipsets) do
ipsets_str = ipsets_str .. ipset .. ","
end
ipsets_str = ipsets_str:sub(1, #ipsets_str - 1)
ipset_out:write(string.format("ipset=/.%s/%s\n", key, ipsets_str))
end
end
address_out:close()
server_out:close()
ipset_out:close()
local f_out = io.open(CACHE_MD5_FILE, "a")
f_out:write(md5)
f_out:close()
end
fs.symlink(CACHE_DNS_PATH, TMP_DNSMASQ_PATH)
local conf_out = io.open(DNSMASQ_CONF_FILE, "a")
conf_out:write(string.format("conf-dir=%s\n", TMP_DNSMASQ_PATH))
if dnsmasq_default_dns then
local f_out = io.open("/tmp/etc/passwall/default_DNS", "a")
f_out:write(DEFAULT_DNS)
f_out:close()
conf_out:write(string.format("server=%s\n", dnsmasq_default_dns))
conf_out:write("all-servers\n")
conf_out:write("no-poll\n")
conf_out:write("no-resolv\n")
log(string.format(" - 以上所列以外及默认:%s", dnsmasq_default_dns))
end
conf_out:close()
log(" - PassWall必须依赖于Dnsmasq如果你自行配置了错误的DNS流程将会导致域名(直连/代理域名)分流失效!!!")

194
luci-app-passwall/root/usr/share/passwall/helper_smartdns.sh
View File

@ -6,207 +6,21 @@ restart() {
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
rm -rf /tmp/smartdns.cache
/etc/init.d/smartdns reload >/dev/null 2>&1
/etc/init.d/dnsmasq restart >/dev/null 2>&1
/etc/init.d/smartdns reload >/dev/null 2>&1 &
LOG_FILE=${_LOG_FILE}
}
gen_items() {
local ipsets group address speed_check_mode outf
eval_set_val $@
awk -v ipsets="${ipsets}" -v group="${group}" -v speed_check_mode="${speed_check_mode}" -v address="${address}" -v outf="${outf}" '
BEGIN {
if(outf == "") outf="/dev/stdout";
if(group != "") group=" -n " group;
if(ipsets != "") ipsets=" -p " ipsets;
if(speed_check_mode != "") speed_check_mode=" -c " speed_check_mode;
if(address != "") address=" -a " address;
fail=1;
}
! /^$/&&!/^#/ {
fail=0
printf("domain-rules /%s/ %s%s%s%s\n", $0, group, ipsets, address, speed_check_mode) >>outf;
}
END {fflush(outf); close(outf); exit(fail);}
'
}
gen_address_items() {
local address outf
eval_set_val $@
awk -v address="${address}" -v outf="${outf}" '
BEGIN {
if(outf == "") outf="/dev/stdout";
setaddress=length(address)>0;
fail=1;
}
! /^$/&&!/^#/ {
fail=0
if(setaddress) printf("address /%s/%s\n", $0, address) >>outf;
}
END {fflush(outf); close(outf); exit(fail);}
'
}
add() {
local fwd_dns fwd_group item servers msg
local DNS_MODE SMARTDNS_CONF DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_GROUP REMOTE_GROUP REMOTE_FAKEDNS TUN_DNS TCP_NODE PROXY_MODE NO_LOGIC_LOG NO_PROXY_IPV6
local FLAG SMARTDNS_CONF LOCAL_GROUP REMOTE_GROUP REMOTE_FAKEDNS TUN_DNS TCP_NODE PROXY_MODE NO_PROXY_IPV6 NO_LOGIC_LOG
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$NO_LOGIC_LOG" ] && LOG_FILE="/dev/null"
global=$(echo "${PROXY_MODE}" | grep "global")
returnhome=$(echo "${PROXY_MODE}" | grep "returnhome")
chnlist=$(echo "${PROXY_MODE}" | grep "chnroute")
gfwlist=$(echo "${PROXY_MODE}" | grep "gfwlist")
touch ${SMARTDNS_CONF}
count_hosts_str="!"
[ -z "${REMOTE_GROUP}" ] && {
REMOTE_GROUP="${CONFIG}_proxy"
[ -n "${TUN_DNS}" ] && TUN_DNS="$(echo ${TUN_DNS} | sed 's/#/:/g')"
sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1
echo "server ${TUN_DNS} -group ${REMOTE_GROUP} -exclude-default-group" >> ${SMARTDNS_CONF}
}
#屏蔽列表
[ -s "${RULES_PATH}/block_host" ] && {
cat "${RULES_PATH}/block_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="-" outf="${SMARTDNS_CONF}"
}
#始终用国内DNS解析节点域名
servers=$(uci show "${CONFIG}" | grep ".address=" | cut -d "'" -f 2)
hosts_foreach "servers" host_from_url | grep '[a-zA-Z]$' | sort -u | gen_items ipsets="#4:vpsiplist,#6:vpsiplist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
echolog " - [$?]节点列表中的域名(vpsiplist)使用分组:${LOCAL_GROUP:-默认}"
#始终用国内DNS解析直连白名单列表
[ -s "${RULES_PATH}/direct_host" ] && {
cat "${RULES_PATH}/direct_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
echolog " - [$?]域名白名单(whitelist)使用分组:${LOCAL_GROUP:-默认}"
}
subscribe_list=""
for item in $(get_enabled_anonymous_secs "@subscribe_list"); do
host=$(host_from_url "$(config_n_get ${item} url)")
subscribe_list="${subscribe_list}\n${host}"
done
[ -n "$subscribe_list" ] && {
if [ "$(config_t_get global_subscribe subscribe_proxy 0)" = "0" ]; then
#如果没有开启通过代理订阅
echo -e "$subscribe_list" | sort -u | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
echolog " - [$?]节点订阅域名(whitelist)使用分组:${LOCAL_GROUP:-默认}"
else
#如果开启了通过代理订阅
local ipset_flag="#4:blacklist,#6:blacklist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="#4:blacklist"
address="#6"
fi
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
echo -e "$subscribe_list" | sort -u | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
echolog " - [$?]节点订阅域名(blacklist)使用分组:${REMOTE_GROUP}"
fi
}
#始终使用远程DNS解析代理黑名单列表
[ -s "${RULES_PATH}/proxy_host" ] && {
local ipset_flag="#4:blacklist,#6:blacklist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="#4:blacklist"
address="#6"
fi
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
echolog " - [$?]代理域名表(blacklist)使用分组:${REMOTE_GROUP}"
}
#分流规则
[ "$(config_n_get $TCP_NODE protocol)" = "_shunt" ] && {
local default_node_id=$(config_n_get $TCP_NODE default_node _direct)
local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for shunt_id in $shunt_ids; do
local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
[ "$shunt_node_id" = "nil" ] && continue
[ "$shunt_node_id" = "_default" ] && shunt_node_id=$default_node_id
[ "$shunt_node_id" = "_blackhole" ] && continue
local str=$(echo -n $(config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u) | sed "s/ /|/g")
[ -n "$str" ] && count_hosts_str="${count_hosts_str}|${str}"
[ "$shunt_node_id" = "_direct" ] && {
[ -n "$str" ] && echo $str | sed "s/|/\n/g" | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
msg_dns="${LOCAL_GROUP}"
continue
}
local shunt_node=$(config_n_get $shunt_node_id address nil)
[ "$shunt_node" = "nil" ] && continue
[ -n "$str" ] && {
local ipset_flag="#4:shuntlist,#6:shuntlist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="#4:shuntlist"
address="#6"
fi
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
echo $str | sed "s/|/\n/g" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
msg_dns="${REMOTE_GROUP}"
}
done
echolog " - [$?]V2ray/Xray分流规则(shuntlist)${msg_dns:-默认}"
}
[ -s "${RULES_PATH}/direct_host" ] && direct_hosts_str="$(echo -n $(cat ${RULES_PATH}/direct_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
[ -s "${RULES_PATH}/proxy_host" ] && proxy_hosts_str="$(echo -n $(cat ${RULES_PATH}/proxy_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
[ -n "$direct_hosts_str" ] && count_hosts_str="${count_hosts_str}|${direct_hosts_str}"
[ -n "$proxy_hosts_str" ] && count_hosts_str="${count_hosts_str}|${proxy_hosts_str}"
#如果没有使用回国模式
if [ -z "${returnhome}" ]; then
# GFW 模式
[ -s "${RULES_PATH}/gfwlist" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/gfwlist" > "${TMP_PATH}/gfwlist"
local ipset_flag="#4:gfwlist,#6:gfwlist6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="#4:gfwlist"
address="#6"
fi
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
sort -u "${TMP_PATH}/gfwlist" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
echolog " - [$?]防火墙域名表(gfwlist)使用分组:${REMOTE_GROUP}"
rm -f "${TMP_PATH}/gfwlist"
}
# 中国列表以外 模式
[ -s "${RULES_PATH}/chnlist" ] && [ -n "${chnlist}" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" | gen_items ipsets="#4:chnroute,#6:chnroute6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
echolog " - [$?]中国域名表(chnroute)使用分组:${LOCAL_GROUP:-默认}"
}
else
#回国模式
[ -s "${RULES_PATH}/chnlist" ] && {
grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" > "${TMP_PATH}/chnlist"
local ipset_flag="#4:chnroute,#6:chnroute6"
if [ "${NO_PROXY_IPV6}" = "1" ]; then
ipset_flag="#4:chnroute"
address="#6"
fi
[ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
sort -u "${TMP_PATH}/chnlist" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
echolog " - [$?]中国域名表(chnroute)使用分组:${REMOTE_GROUP}"
rm -f "${TMP_PATH}/chnlist"
}
fi
echo "conf-file ${SMARTDNS_CONF}" >> /etc/smartdns/custom.conf
echolog " - 请让SmartDNS作为Dnsmasq的上游或重定向"
LOG_FILE=${_LOG_FILE}
lua $APP_PATH/helper_smartdns_add.lua -FLAG $FLAG -SMARTDNS_CONF $SMARTDNS_CONF -LOCAL_GROUP ${LOCAL_GROUP:-nil} -REMOTE_GROUP ${REMOTE_GROUP:-nil} -REMOTE_FAKEDNS ${REMOTE_FAKEDNS:-0} -TUN_DNS $TUN_DNS -TCP_NODE $TCP_NODE -PROXY_MODE $PROXY_MODE -NO_PROXY_IPV6 ${NO_PROXY_IPV6:-0} -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
}
del() {
rm -rf /tmp/etc/smartdns/passwall.conf
sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1
rm -rf /tmp/smartdns.cache
/etc/init.d/smartdns reload >/dev/null 2>&1
/etc/init.d/smartdns reload >/dev/null 2>&1 &
}
arg1=$1

394
luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua Normal file
View File

@ -0,0 +1,394 @@
local api = require "luci.model.cbi.passwall.api.api"
local var = api.get_args(arg)
local FLAG = var["-FLAG"]
local SMARTDNS_CONF = var["-SMARTDNS_CONF"]
local LOCAL_GROUP = var["-LOCAL_GROUP"]
local REMOTE_GROUP = var["-REMOTE_GROUP"]
local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
local TUN_DNS = var["-TUN_DNS"]
local TCP_NODE = var["-TCP_NODE"]
local PROXY_MODE = var["-PROXY_MODE"]
local NO_PROXY_IPV6 = var["-NO_PROXY_IPV6"]
local NO_LOGIC_LOG = var["-NO_LOGIC_LOG"]
local LOG_FILE = "/tmp/log/passwall.log"
local CACHE_PATH = "/tmp/etc/passwall_tmp"
local CACHE_FLAG = "dns_" .. FLAG
local CACHE_DNS_FILE = CACHE_PATH .. "/" .. CACHE_FLAG .. ".conf"
local CACHE_MD5_FILE = CACHE_PATH .. "/" .. CACHE_FLAG .. ".md5"
local SMARTDNS_PATH = "/tmp/etc/smartdns"
local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = api.appname
local fs = api.fs
local datatypes = api.datatypes
local list1 = {}
local excluded_domain = {}
local excluded_domain_str = "!"
local function log(...)
if NO_LOGIC_LOG == "1" then
return
end
local f, err = io.open(LOG_FILE, "a")
if f and err == nil then
local str = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
f:write(str .. "\n")
f:close()
end
end
--从url获取域名
local function get_domain_from_url(url)
if url then
if datatypes.hostname(url) then
return url
end
local domain = url:match("//([^/]+)")
if domain then
return domain
end
end
return ""
end
local function check_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return false
end
if not ipset then
return
end
for k,v in ipairs(list1[domain].ipsets) do
if ipset == v then
return true
end
end
return false
end
local function set_domain_address(domain, address)
if domain == "" or domain:find("#") then
return
end
if not list1[domain] then
list1[domain] = {
ipsets = {}
}
end
if not list1[domain].address then
list1[domain].address = address
end
end
local function set_domain_group(domain, group)
if domain == "" or domain:find("#") then
return
end
if not group then
return
end
if not list1[domain] then
list1[domain] = {
ipsets = {}
}
end
if not list1[domain].group then
list1[domain].group = group
if group == REMOTE_GROUP then
list1[domain].speed_check_mode = "none"
end
end
end
local function set_domain_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return
end
if not ipset then
return
end
if not list1[domain] then
list1[domain] = {
ipsets = {}
}
end
for line in string.gmatch(ipset, '[^' .. "," .. ']+') do
if not check_ipset(domain, line) then
table.insert(list1[domain].ipsets, line)
end
end
end
local function add_excluded_domain(domain)
if domain == "" or domain:find("#") then
return
end
table.insert(excluded_domain, domain)
excluded_domain_str = excluded_domain_str .. "|" .. domain
end
local function check_excluded_domain(domain)
if domain == "" or domain:find("#") then
return false
end
for k,v in ipairs(excluded_domain) do
if domain:find(v) then
return true
end
end
return false
end
local cache_md5 = ""
local str = SMARTDNS_CONF .. LOCAL_GROUP .. REMOTE_GROUP .. REMOTE_FAKEDNS .. TUN_DNS .. PROXY_MODE .. NO_PROXY_IPV6
local md5 = luci.sys.exec("echo -n $(echo '" .. str .. "' | md5sum | awk '{print $1}')")
if fs.access(CACHE_MD5_FILE) then
for line in io.lines(CACHE_MD5_FILE) do
cache_md5 = line
end
end
if cache_md5 ~= md5 then
sys.call("rm -rf " .. CACHE_PATH .. "/" .. CACHE_FLAG .. "*")
end
local global = PROXY_MODE:find("global")
local returnhome = PROXY_MODE:find("returnhome")
local chnlist = PROXY_MODE:find("chnroute")
local gfwlist = PROXY_MODE:find("gfwlist")
if not REMOTE_GROUP or REMOTE_GROUP == "nil" then
REMOTE_GROUP = "passwall_proxy"
if TUN_DNS then
TUN_DNS = TUN_DNS:gsub("#", ":")
end
sys.call('sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1')
end
if not fs.access(CACHE_DNS_FILE) then
sys.call(string.format('echo "server %s -group %s -exclude-default-group" >> %s', TUN_DNS, REMOTE_GROUP, CACHE_DNS_FILE))
--屏蔽列表
for line in io.lines("/usr/share/passwall/rules/block_host") do
if line ~= "" and not line:find("#") then
set_domain_address(line, "-")
end
end
--始终用国内DNS解析节点域名
uci:foreach(appname, "nodes", function(t)
local address = t.address
if datatypes.hostname(address) then
set_domain_group(address, LOCAL_GROUP)
set_domain_ipset(address, "#4:vpsiplist,#6:vpsiplist6")
end
end)
log(string.format(" - 节点列表中的域名(vpsiplist)使用分组:%s", LOCAL_GROUP or "默认"))
--始终用国内DNS解析直连白名单列表
for line in io.lines("/usr/share/passwall/rules/direct_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
set_domain_group(line, LOCAL_GROUP)
set_domain_ipset(line, "#4:whitelist,#6:whitelist6")
end
end
log(string.format(" - 域名白名单(whitelist)使用分组:%s", LOCAL_GROUP or "默认"))
local fwd_group = LOCAL_GROUP
local ipset_flag = "#4:whitelist,#6:whitelist6"
local no_ipv6
if uci:get(appname, "@global_subscribe[0]", "subscribe_proxy") or "0" == "1" then
fwd_group = REMOTE_GROUP
ipset_flag = "#4:blacklist,#6:blacklist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "#4:blacklist"
no_ipv6 = true
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
uci:foreach(appname, "subscribe_list", function(t)
local domain = get_domain_from_url(t.url)
if domain then
if no_ipv6 then
set_domain_address(domain, "#6")
end
set_domain_group(domain, fwd_group)
set_domain_ipset(domain, ipset_flag)
end
end)
log(string.format(" - 节点订阅域名(blacklist)使用分组:%s", fwd_group or "默认"))
--始终使用远程DNS解析代理黑名单列表
for line in io.lines("/usr/share/passwall/rules/proxy_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
local ipset_flag = "#4:blacklist,#6:blacklist6"
if NO_PROXY_IPV6 == "1" then
set_domain_address(line, "#6")
ipset_flag = "#4:blacklist"
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_group(line, REMOTE_GROUP)
set_domain_ipset(line, ipset_flag)
end
end
log(string.format(" - 代理域名表(blacklist)使用分组:%s", REMOTE_GROUP or "默认"))
--分流规则
if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
local t = uci:get_all(appname, TCP_NODE)
local default_node_id = t["default_node"] or "_direct"
uci:foreach(appname, "shunt_rules", function(s)
local _node_id = t[s[".name"]] or "nil"
if _node_id ~= "nil" and _node_id ~= "_blackhole" then
if _node_id == "_default" then
_node_id = default_node_id
end
fwd_group = nil
ipset_flag = nil
no_ipv6 = nil
if _node_id == "_direct" then
fwd_group = LOCAL_GROUP
ipset_flag = "#4:whitelist,#6:whitelist6"
else
fwd_group = REMOTE_GROUP
ipset_flag = "#4:shuntlist,#6:shuntlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "shuntlist"
no_ipv6 = true
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
local domain_list = s.domain_list or ""
for line in string.gmatch(domain_list, "[^\r\n]+") do
if line ~= "" and not line:find("#") and not line:find("regexp:") and not line:find("geosite:") and not line:find("ext:") then
if line:find("domain:") or line:find("full:") then
line = string.match(line, ":([^:]+)$")
end
add_excluded_domain(line)
if no_ipv6 then
set_domain_address(line, "#6")
end
set_domain_group(line, fwd_group)
set_domain_ipset(line, ipset_flag)
end
end
if _node_id ~= "_direct" then
log(string.format(" - V2ray/Xray分流规则(%s)使用分组:%s", s.remarks, fwd_group or "默认"))
end
end
end)
end
--如果没有使用回国模式
if not returnhome then
if fs.access("/usr/share/passwall/rules/gfwlist") then
local gfwlist_str = sys.exec('cat /usr/share/passwall/rules/gfwlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(gfwlist_str, "[^\r\n]+") do
if line ~= "" then
local ipset_flag = "#4:gfwlist,#6:gfwlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "#4:gfwlist"
set_domain_address(line, "#6")
end
fwd_group = REMOTE_GROUP
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_group(line, fwd_group)
set_domain_ipset(line, ipset_flag)
end
end
log(string.format(" - 防火墙域名表(gfwlist)使用分组:%s", fwd_group or "默认"))
end
if fs.access("/usr/share/passwall/rules/chnlist") and chnlist then
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
set_domain_group(line, LOCAL_GROUP)
set_domain_ipset(line, "#4:chnroute,#6:chnroute6")
end
end
end
log(string.format(" - 中国域名表(chnroute)使用分组:%s", LOCAL_GROUP or "默认"))
else
if fs.access("/usr/share/passwall/rules/chnlist") then
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
local ipset_flag = "#4:chnroute,#6:chnroute6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = "#4:chnroute"
set_domain_address(line, "#6")
end
set_domain_group(line, REMOTE_GROUP)
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_ipset(line, ipset_flag)
end
end
log(string.format(" - 中国域名表(chnroute)使用分组:%s", REMOTE_GROUP or "默认"))
end
end
local f_out = io.open(CACHE_DNS_FILE, "a")
for key, value in pairs(list1) do
local group_str = ""
local ipset_str = ""
local speed_check_mode_str = ""
local address_str = ""
if value.group and #value.group > 0 then
group_str = group_str .. value.group
end
if group_str ~= "" then
group_str = " -n " .. group_str
end
if value.ipsets and #value.ipsets > 0 then
for i, ipset in ipairs(value.ipsets) do
ipset_str = ipset_str .. ipset .. ","
end
ipset_str = ipset_str:sub(1, #ipset_str - 1)
end
if ipset_str ~= "" then
ipset_str = " -p " .. ipset_str
end
if value.address and #value.address > 0 then
address_str = address_str .. value.address
end
if address_str ~= "" then
address_str = " -a " .. address_str
end
if value.speed_check_mode and #value.speed_check_mode > 0 then
speed_check_mode_str = value.speed_check_mode
end
if speed_check_mode_str ~= "" then
speed_check_mode_str = " -c " .. speed_check_mode_str
end
local str = string.format("domain-rules /%s/ %s%s%s%s\n", key, group_str, ipset_str, address_str, speed_check_mode_str)
f_out:write(str)
end
f_out:close()
f_out = io.open(CACHE_MD5_FILE, "a")
f_out:write(md5)
f_out:close()
end
fs.symlink(CACHE_DNS_FILE, SMARTDNS_CONF)
sys.call(string.format('echo "conf-file %s" >> /etc/smartdns/custom.conf', SMARTDNS_CONF))
log(" - 请让SmartDNS作为Dnsmasq的上游或重定向")

4
luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@ -312,7 +312,7 @@ load_acl() {
d_server=127.0.0.1
[ "$tcp_proxy_mode" = "global" ] && d_server=${d_server}#${_dns_port}
echo "server=${d_server}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf
source $APP_PATH/helper_${DNS_N}.sh add DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${filter_proxy_ipv6}
source $APP_PATH/helper_${DNS_N}.sh add FLAG=${sid} DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${filter_proxy_ipv6}
ln_run "$(first_type dnsmasq)" "dnsmasq_${sid}" "/dev/null" -C $TMP_ACL_PATH/$sid/dnsmasq.conf -x $TMP_ACL_PATH/$sid/dnsmasq.pid
eval node_${tcp_node}_$(echo -n "${tcp_proxy_mode}${dns_forward}" | md5sum | cut -d " " -f1)=${dnsmasq_port}
}
@ -1187,6 +1187,8 @@ flush_ipset() {
del_firewall_rule
destroy_ipset $IPSET_VPSIPLIST $IPSET_SHUNTLIST $IPSET_GFW $IPSET_CHN $IPSET_BLACKLIST $IPSET_BLOCKLIST $IPSET_WHITELIST $IPSET_LANIPLIST
destroy_ipset $IPSET_VPSIPLIST6 $IPSET_SHUNTLIST6 $IPSET_GFW6 $IPSET_CHN6 $IPSET_BLACKLIST6 $IPSET_BLOCKLIST6 $IPSET_WHITELIST6 $IPSET_LANIPLIST6
rm -rf /tmp/etc/passwall_tmp/smartdns*
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
/etc/init.d/passwall reload
}

133
luci-app-passwall/root/usr/share/passwall/rules/chnlist
View File

@ -132,7 +132,6 @@
020.net
0208.com
020banjia.net
020h.com
020job.com
020ym.com
020zp.net
@ -199,7 +198,6 @@
0245.org
024888.net
02489.com
024anfang.com
024bj.com
024bxkj.com
024eps.com
@ -498,7 +496,6 @@
06peng.com
07.la
0701news.com
070210.com
0704tv.com
07073.com
07073h5.com
@ -693,6 +690,7 @@
09ge.com
09rw.com
09shijue.com
0a.fit
0bug.org
0car0.com
0ctrl.com
@ -984,7 +982,6 @@
114-91.com
114.114.114.114
1140086.com
114160.com
11467.com
114best.com
114cb.com
@ -1108,6 +1105,7 @@
1213.me
121314.com
121ask.com
121down.com
121mai0098.com
121mu.com
121xia.com
@ -1481,6 +1479,7 @@
168kk.com
168kn.com
168lyq.com
168moliao.com
168pd.com
168rcw.com
168tcw.com
@ -1776,7 +1775,6 @@
1884933.com
18856.com
188628.com
1886zuche.com
1888.com.mo
188app.xyz
188bifen.com
@ -2431,7 +2429,6 @@
258fuwu.com
258jituan.com
258sd.com
258zw.com
25992.com
259go.com
25az.com
@ -2998,7 +2995,6 @@
360chezhan.com
360cloudwaf.com
360daikuan.com
360dao.com
360ddj.com
360doc.com
360doc1.net
@ -3015,7 +3011,6 @@
360drift.com
360drm.com
360edu.com
360eet.com
360eol.com
360fdc.com
360gann.com
@ -3209,7 +3204,6 @@
3699.cc
36992.com
3699wan.com
369beauty.com
369wenku.com
369xxw.com
36dianping.com
@ -4915,7 +4909,6 @@
55779.xyz
5588.tv
5599.com
55cc.cc
55dai.com
55dian.com
55doc.com
@ -5084,14 +5077,12 @@
58dadi.com
58daojia.com
58display.com
58dm.com
58fangdai.com
58fenlei.com
58food.com
58game.com
58gameup.com
58ganji.com
58gush.com
58house.com
58huoban.com
58hzb.com
@ -5173,7 +5164,6 @@
59881.com
598991.com
598g.com
598rc.com
599.com
5999.tv
599ku.com
@ -5698,6 +5688,7 @@
68pk10.com
68play.com
68team.com
68tuku.com
68web.net
68websoft.com
68youhui.com
@ -6280,7 +6271,6 @@
800you.com
800youhuo.com
801167.com
802013.com
802203.com
807.com
80710.com
@ -6641,7 +6631,6 @@
8977567.com
8979.com
898.travel
8988sbd.com
8989118.com
898940.com
898984.com
@ -7740,6 +7729,7 @@ abusi.net
abuyun.com
ac268.com
ac57.com
academypublication.com
acadki.com
acc3.net
acc5.com
@ -7843,7 +7833,6 @@ acumoxj.com
acuworld.net
acwifi.net
acwing.com
acznw.com
ad-cn.net
ad-gone.com
ad-goods.com
@ -8020,6 +8009,7 @@ aes01.com
aesdrink.com
aesml.com
aesucai.com
aet21.com
aevit.xyz
aexpec.com
af360.com
@ -8318,7 +8308,6 @@ aijishu.com
aiju.com
aik.com
aikac.com
aikaitao.com
aikaixin.com
aikaiyuan.com
aikan.tv
@ -8465,6 +8454,7 @@ aiuxdesign.com
aiuxian.com
aiuxstudio.com
aiviy.com
aiviysoft.com
aiwall.com
aiwan4399.com
aiwan91.com
@ -8613,7 +8603,6 @@ aledeco-hk.com
aleest.com
alenshaw.com
alertover.com
alexa.sx
alexandraeden.com
alexyan.cc
aleyoo.com
@ -9659,6 +9648,7 @@ asktao.com
askxt.org
aslzw.com
asm64.com
asmrv.com
asnlab.com
asnlab.org
aso.ink
@ -9739,7 +9729,6 @@ atitsc.com
atiyun.com
atjiang.com
atlas1688.com
atm988.com
atmbox.com
atobo.com
atomhike.com
@ -11456,6 +11445,7 @@ biqushu.com
biqusoso.com
biquter.xyz
biqutxt.com
biquw.com
biquwo.com
biquwu.cc
biquwx.la
@ -12023,6 +12013,7 @@ bmqy.net
bmrtech.com
bmshow.com
bmtcled.com
bmvps.com
bmw021.com
bmw143.com
bmw8033.com
@ -12126,6 +12117,7 @@ boldseas.com
bole.me
bolead.com
bolehu.net
boleihg.com
bolejiang.com
bolelink.com
boll.me
@ -12427,7 +12419,6 @@ btnotes.com
btoo3.com
btophr.com
btorange.com
btpan.com
btpig.com
btplay.net
btrcsc.com
@ -12805,7 +12796,6 @@ c51rf.com
c53911.com
c571.com
c5game.com
c6.nz
c6c.com
c6n708.ren
c73160.com
@ -12971,7 +12961,6 @@ caishenpo.com
caishenwang.online
caishimv.com
caishuixxi.com
caispace.com
caistv.com
cait.com
caitlinbeverly.com
@ -14108,7 +14097,6 @@ changyan.com
changyifan.com
changyin-lab.com
changyou.com
changyouke.com
changyoyo.com
changyueba.com
changzhinews.com
@ -14974,7 +14962,6 @@ chinapowerbi.com
chinapp.com
chinapptx.com
chinaprint.org
chinaproaudio.com
chinapsy.com
chinapubmed.net
chinaqi.net
@ -16541,6 +16528,7 @@ cntiaoliao.com
cntofu.com
cntopgear.com
cntoplead.com
cntplus.com
cntrades.com
cntranslators.com
cntronics.com
@ -16767,7 +16755,6 @@ cojia.net
cokemine.com
cokll.com
col.ink
colabug.com
coladrive.com
colafile.com
colahotpot.com
@ -17170,6 +17157,7 @@ cqsoft.org
cqsxedu.com
cqtally.co
cqtally.com
cqtaotan.com
cqtea.com
cqtransit.com
cqtresearch.com
@ -17294,6 +17282,7 @@ crs811.com
crsc.cc
crsky.com
crsn168.com
cruelcoding.com
crvic.org
crxdl.com
cryptape.com
@ -17548,6 +17537,7 @@ ctripcorp.com
ctripgslb.com
ctripins.com
ctripqa.com
ctrlqq.com
ctrmi.com
ctsbw.com
ctsec.com
@ -18035,7 +18025,6 @@ dai35.com
dai361.com
dai911.com
daibi.com
daichanger.com
daichuqu.com
daicuo.cc
daicuo.co
@ -18616,6 +18605,7 @@ ddzhj.com
ddztv.com
ddzuqin.com
de-moe.org
de.net
de0.cc
de123.net
de1919.com
@ -18746,7 +18736,8 @@ dengtadaka.com
dengxiaolong.com
dengxiaopingnet.com
dengyong.cc
denocn.org
denic.de
denic.net
dentistshow.com
denuoexpo.com
deosin.com
@ -19333,7 +19324,6 @@ diyifanwen.com
diyifanwen.net
diyigaokao.com
diyihuifu.com
diyijuzi.com
diyinews.com
diyiredian.com
diyishijian.com
@ -19599,6 +19589,7 @@ dnsff.com
dnsfwq.com
dnsgtm.com
dnsgulf.net
dnsh6666.com
dnshot.net
dnshwx.com
dnsinside.net
@ -20918,7 +20909,6 @@ eces66.com
ecgci.com
ecgoods.com
echanceyun.com
echangwang.com
echangye.com
echao8.com
echargenet.com
@ -21374,6 +21364,7 @@ elong.net
elongshine.com
elongstatic.com
elpcon.com
elpwc.com
els001.com
elsenow.com
elsiehoney.com
@ -21422,6 +21413,7 @@ emea.cdnetworks.com
emeixs.com
emeor.com
emepu.com
emilhk.com
emjob.com
emlinix.com
emlog.net
@ -21644,6 +21636,7 @@ errenzhuan.cc
ershenghuo.net
ershicimi.com
ershouhui.com
ert295.com
ert7.com
ertongkongjian.com
ertongtuku.com
@ -21749,7 +21742,6 @@ ethfans.org
etiantian.com
etiantian.net
etiantian.org
etiaoliao.com
etimeusa.com
etiv.me
etjournals.com
@ -21790,6 +21782,7 @@ etu6.com
etuan.com
etudu.com
etuonet.com
etycx.com
etyy.com
etyyy.com
etz927.com
@ -21851,6 +21844,7 @@ evideostb.com
evilbinary.org
evilcos.me
evileyesaint.com
evilwind.fun
evketang.com
evlo.us
evlook.com
@ -22614,6 +22608,7 @@ feiq18.com
feirar.com
feiren.com
feisan.net
feishu-3rd-party-services.com
feishucdn.com
feisu.com
feitian001.com
@ -22718,7 +22713,6 @@ fengqu.com
fengread.com
fengshangweekly.com
fengshui22.com
fengshui86.com
fengsung.com
fengtai.tv
fengtalk.com
@ -23164,6 +23158,7 @@ fmketang.com
fmpan.com
fmsh.com
fmtol.com
fmtt6.xyz
fmwei.com
fmwhahaha.com
fmy90.com
@ -23369,6 +23364,7 @@ fread.com
free-api.com
free-e.net
free-eyepro.com
free-img.com
free.mk
free789.com
freebsdchina.org
@ -23494,7 +23490,6 @@ ftqq.com
ftrsit.com
ftsafe.com
ftsfund.com
ftsm-vip.com
ftt.me
ftuan.com
ftxad.com
@ -23767,9 +23762,9 @@ fz0512.com
fz222.com
fz2sc.com
fz597.com
fzbm.com
fzbtv.com
fzccpit.org
fzchpos.com
fzcyjh.com
fzdmag.com
fzengine.com
@ -24345,7 +24340,6 @@ geekjc.com
geekluo.com
geekmaker.com
geekman.vip
geekmar.xyz
geekniu.com
geekori.com
geekotg.com
@ -24469,7 +24463,6 @@ gexiaocloud.com
gexing.com
gexing.me
gexings.com
gexingshuo.com
gexingzipai.com
geyan123.com
geyanw.com
@ -24657,6 +24650,7 @@ gitcode.net
gitee.com
gitee.io
githang.com
github.do
githubusercontents.com
gitissue.com
gitlib.com
@ -25198,6 +25192,7 @@ gp88888.com
gp891.com
gpai.net
gpautobid.com
gpbctv.com
gpbeta.com
gpcqjy.com
gpcxw.com
@ -25589,7 +25584,6 @@ guiguzhongguo.com
guiheyue.com
guihua.com
guihuayun.com
guihuazixun.com
guiji.com
guijinshu.com
guikeyun.com
@ -25729,9 +25723,7 @@ guqiu.com
guqu.net
gurudigger.com
gurukeji.com
gush88.com
gushequ.com
gushfx.com
gushi.ci
gushi.com
gushicimingju.com
@ -26326,7 +26318,6 @@ haituoqi.com
haitutech.com
haiwaimoney.com
haiwaioo.com
haiwaituiguang.com
haiwaiyou.com
haiwaiyoujia.com
haiwanli.com
@ -26863,6 +26854,7 @@ hbccpit.org
hbcdc.com
hbcg.cc
hbchen.com
hbchy.net
hbciqtc.com
hbcjaq.com
hbcjh.net
@ -27021,7 +27013,6 @@ hbsydw.org
hbszfw.com
hbsztv.com
hbszzd158.com
hbszzdlssz.com
hbszzk.com
hbszzx.com
hbtcmu.com
@ -29335,6 +29326,7 @@ huowan.com
huoxiaoer.net
huoxing24.com
huoxingba.com
huoxingtan66.com
huoxingzi.com
huoxun.com
huoyan.com
@ -30233,6 +30225,7 @@ idolranking.info
idolyx.com
idom.me
idomb.com
idong.ren
idongde.com
idongdong.com
idongniu.com
@ -30824,7 +30817,6 @@ imlcl.com
imlgm.com
imlianai.com
imliuyi.com
imliyan.com
immi520.com
immiexpo.com
immivip.com
@ -32762,7 +32754,6 @@ jilinpujiyiyuan.com
jilinwula.com
jiliyun.com
jillbanging.com
jilong-chem.com
jimeng.mobi
jimi168.com
jimicn.com
@ -32770,7 +32761,6 @@ jimifashion.com
jimilier.com
jimiru-bj.com
jimistore.com
jimmylv.info
jimonet.cc
jimu.com
jimubox.com
@ -32856,6 +32846,7 @@ jingkids.com
jinglawyer.com
jinglingbiaozhu.com
jinglong0769.com
jinglongyu.link
jingmaoyuanxin.com
jingme.net
jingmeiti.com
@ -35231,6 +35222,7 @@ kmail.com
kmapp.net
kmcaishui.com
kmcenter.org
kmcha.com
kmcits.com
kmcits0655.com
kmcxedu.com
@ -35620,7 +35612,6 @@ kuaisushu-cnd.com
kuaitijian.com
kuaitu666.com
kuaiwan.com
kuaiwanwo.com
kuaixiazai.com
kuaiyan.com
kuaiyiad.com
@ -35665,7 +35656,6 @@ kuashou.com
kubey.cc
kubicode.me
kubikeji.com
kubiops.com
kubo-360-tudou.com
kubozy-cdn-baidu.com
kuche.com
@ -35830,6 +35820,7 @@ kwin.wang
kwin.xyz
kwkf.com
kwtzn.com
kwudor.com
kwx.gd
kwxjh.net
kx001.com
@ -36259,6 +36250,7 @@ lapin365.com
lapland.name
laqiangu.com
laravel-admin.org
laravelacademy.org
larenla.com
large.net
larkapp.com
@ -36981,7 +36973,6 @@ lieguozhi.com
liehu.tv
liehunwang.com
liehuo.net
liehuo.org
liejin99.com
lieju.com
lielb.com
@ -37118,6 +37109,7 @@ linewell.com
linewow.com
linezing.com
linfan.com
linfeicloud.com
lingaoren.com
lingb.net
lingbao-e.com
@ -37691,6 +37683,7 @@ lnok.net
lnpjw.com
lnrcu.com
lnrsks.com
lnsgczb.com
lnslymy.com
lntenghui.com
lntvu.com
@ -37832,7 +37825,6 @@ longmarchspace.com
longmeng.com
longmenmingche.com
longmiao.wang
longmotto.com
longmushengwu.com
longqikeji.com
longquan-baojian.com
@ -38099,6 +38091,7 @@ lsoos.com
lspjy.com
lsq6.com
lsqifu.com
lsqpay.com
lssen.com
lssggzy.com
lstazl.com
@ -38765,7 +38758,6 @@ maijiaba.com
maijiabashi.com
maijiakan.com
maijichuang.net
maijx.com
maikenu.com
mail-qq.com
mail163.com
@ -39058,6 +39050,7 @@ marknum.com
markonreview.com
markorchem.com
marksmile.com
marmot-cloud.com
maro6.com
maroon91.com
marry5.com
@ -41116,6 +41109,7 @@ myhaowai.com
myhard.com
myhayo.com
myhexin.com
myhithink.com
myhongzuan.com
myhostadmin.net
myhuahuo.com
@ -41478,7 +41472,6 @@ nbdeli.com
nbdeli.net
nbdig.com
nbdisco.com
nbdskj.com
nbegame.com
nbegame.net
nbenl.com
@ -41861,6 +41854,7 @@ niba.com
nibaguai.com
nibaku.com
nibiye.com
nic.de
nic.ren
nic.wang
nicaifu.com
@ -42122,6 +42116,7 @@ nmzol.com
nmzzlhwlkj.com
nn.ci
nn.com
nn12333.com
nn92.com
nncc626.com
nncgs.com
@ -42701,6 +42696,7 @@ okinfo.org
okjike.com
okjk.co
okjoys.com
okjx.cc
okki.com
okkkk.com
oklink.com
@ -43122,6 +43118,7 @@ oujistore.com
oukan.online
ouklqd.com
oulvnet.com
oumakspt.com
oumengke.com
ounh.org
ouo.us
@ -43191,6 +43188,7 @@ oushangstyle.com
oushinet.com
oushivoyages.com
ousns.net
outbrai.com
outlets365.com
ouvps.com
ouxutong.com
@ -44935,6 +44933,7 @@ qdgw.com
qdgxqrc.com
qdgxzg.com
qdhantang.com
qdhmsoft.com
qdhsty.com
qdingnet.com
qdjiejie.com
@ -45273,7 +45272,6 @@ qidong.co
qidong.name
qidongyx.com
qidou.com
qiduocloud.com
qiduowei.com
qiecdn.com
qieerxi.com
@ -45734,7 +45732,6 @@ qmacro.com
qmail.com
qmango.com
qmcaifu.com
qmcmw.com
qmconfig.com
qmei.me
qmei.vip
@ -45785,7 +45782,6 @@ qpgame.com
qplus.com
qpoc.com
qpstar.com
qpx.com
qpxiaoshuo.com
qpzq.net
qq-xmail.com
@ -45866,7 +45862,6 @@ qqma.com
qqmail.com
qqmcc.org
qqmofasi.com
qqmoke.com
qqmtc.com
qqmusic.com
qqnn.net
@ -46476,6 +46471,7 @@ rajjzs.com
rakinda-xm.com
ralf.ren
ramadaplaza-ovwh.com
ramboplay.com
ramostear.com
ran-wen.com
ran10.com
@ -46674,7 +46670,6 @@ redocn.com
redoop.com
redpact.com
redphon.com
redquan.com
redream.com
redrock.team
redsh.com
@ -47831,6 +47826,7 @@ scw98.com
scweixiao.com
scwj.net
scwlylqx.com
scwsf.com
scwy.net
scxdf.com
scxnyl.com
@ -47893,7 +47889,6 @@ sdeqs.com
sderp.com
sdewj.com
sdey.net
sdfcp.com
sdfcxw.com
sdfhyl.com
sdfll.com
@ -48525,6 +48520,7 @@ shanpow.com
shanqb.com
shanqu.cc
shanse8.com
shanshanku.com
shanshoufu.com
shantoumama.com
shanweinews.net
@ -49751,6 +49747,7 @@ siqiquan.org
sique.com
sir3.com
sir66.com
sirenvps.com
siryin.com
sisen.com
sishuok.com
@ -50001,7 +49998,6 @@ slimtheme.com
slink8.com
slinli.com
slinuxer.com
sliu.info
sljkj.com
sljypt.com
slkeq.com
@ -50237,7 +50233,6 @@ sobeycloud.com
sobot.com
soboten.com
sobug.com
sobuhu.com
socang.com
socansoft.com
socay.com
@ -51028,6 +51023,7 @@ suanst.com
suanya.com
suaooo.com
suapp.me
subangjia.com
subaonet.com
subaotuan.com
subingkang.com
@ -51093,7 +51089,6 @@ sui.com
suibianla.com
suibianzhao.com
suibiji.com
suicloud.com
suilengea.com
suileyoo.com
suinian.com
@ -51484,6 +51479,7 @@ sxlcdn.com
sxldns.com
sxldtv.com
sxmaps.com
sxmcwlw.com
sxmtdz.com
sxncb.com
sxnfss.com
@ -52762,6 +52758,7 @@ thenburn.com
thenew123.com
theorychina.org
thepaintstore.net
thesmartmelon.com
thestack.net
thethirdmedia.com
thetigerhood.com
@ -52962,7 +52959,6 @@ tianyancha.com
tianyanqifu.com
tianyant.com
tianyaruanwen.com
tianyashuku.com
tianyaui.com
tianyecollege.com
tianyi1368.com
@ -53143,6 +53139,7 @@ titan24.com
titanar.com
titanmatrix.com
titapark.com
tiwb.com
tixa.com
tixaapp.com
tixaclub.net
@ -53383,7 +53380,6 @@ tol24.com
tom.cat
tom.com
tom163.net
tom61.com
tomap.me
tomatogames.com
tomatolei.com
@ -53579,6 +53575,7 @@ tou70.com
toubang.tv
toucdn.com
touch4.me
touchealth.com
touchev.com
touchpal.com
touchrom.com
@ -55714,7 +55711,6 @@ vocalmiku.com
voccdn.com
vocinno.com
vodjk.com
vodxc.com
voguego.com
vohringer.com
voicedic.com
@ -57333,6 +57329,7 @@ whmeigao.com
whmicrocredit.com
whmj.org
whmlcy.net
whmnls.com
whmnrc.com
whmnx.com
whmoocs.com
@ -58320,7 +58317,6 @@ wuage.com
wuaiso.com
wubaiyi.com
wubaiyi.net
wubazx.online
wubiba.com
wubisheng.net
wubizi.net
@ -58429,6 +58425,7 @@ wukur.com
wukypay.com
wul.ai
wulannews.com
wuletv.com
wuliannanjing.com
wuliaoo.com
wuliaosi.com
@ -59072,6 +59069,7 @@ xdnote.com
xdnphb.com
xdocin.com
xdoor.cc
xdow.net
xdplt.com
xdpvp.com
xdressy.com
@ -60251,7 +60249,6 @@ xiqinrc.com
xiqqq.com
xirang.com
xirenxuan.com
xirikm.net
xishanju.com
xishaoye.com
xishiqu.com
@ -60490,6 +60487,7 @@ xl5dd.com
xl5du.com
xl5dw.com
xl699.com
xlb588.com
xlcidc.com
xlctyd.com
xlcz.com
@ -60719,6 +60717,7 @@ xptt.com
xpu93.com
xpw888.com
xpxt.net
xpykjsws.com
xpyx.net
xq0356.com
xq5.com
@ -61448,7 +61447,6 @@ yafanpm.com
yafco.com
yafdev.com
yafeilinux.com
yagaooem.xyz
yageo.tech
yago-mall.com
yahacode.com
@ -62789,6 +62787,7 @@ ymatou.com
ymatou.hk
ymbq301.com
ymcall.com
ymcart.com
ymd520.net
ymd88.com
ymeme.com
@ -64949,6 +64948,7 @@ zgzyqcgw.com
zgzzs.com
zh-itone.com
zh.cc
zh188.net
zh30.com
zh51home.com
zhai14.com
@ -65048,7 +65048,6 @@ zhangzishi.net
zhangzs.com
zhanh.com
zhanhi.com
zhanjindong.com
zhankoo.com
zhanlingol.com
zhanmazj.com
@ -65487,6 +65486,7 @@ zhiyuan-group.com
zhiyuanit.com
zhiyuanyun.com
zhiyujit.com
zhiyun-tech.com
zhizaoye.net
zhizaoyun.com
zhizhang.com
@ -65854,7 +65854,6 @@ zhuliuwu.com
zhulixiaolie.com
zhulogic.com
zhulong.com
zhulou.net
zhulu86.com
zhumengwl.com
zhumu.me
@ -66246,6 +66245,7 @@ zjpubservice.com
zjqbj.com
zjqimeng.com
zjqk110.com
zjqll.com
zjrc.com
zjrc.net
zjrcu.com
@ -66443,6 +66443,7 @@ zmzapi.net
zmzjk.com
zmzjstu.com
zn8.com
znb.me
znba.net
znbo.com
znczz.com

1
luci-app-passwall/root/usr/share/passwall/rules/chnroute
View File

@ -873,6 +873,7 @@
103.185.228.0/23
103.185.78.0/23
103.185.80.0/23
103.186.4.0/23
103.19.12.0/22
103.19.232.0/22
103.19.40.0/22

2
luci-app-passwall/root/usr/share/passwall/rules/chnroute6
View File

@ -31,7 +31,6 @@
2001:df0:2e00::/48
2001:df0:2e80::/48
2001:df0:423::/48
2001:df0:4500::/48
2001:df0:59c0::/48
2001:df0:85c0::/48
2001:df0:8d40::/48
@ -230,6 +229,7 @@
2400:6c40::/32
2400:6cc0::/32
2400:6d40::/32
2400:6da0::/32
2400:6dc0::/32
2400:6e00::/32
2400:6e40::/32

1
luci-app-passwall/root/usr/share/passwall/rules/gfwlist
View File

@ -7123,6 +7123,7 @@ mfg-inspector.com
mgo-images.com
mgo.com
mhshosting.com
mhyurl.cn
mi9.com.au
mi9cdn.com
miamifintechfestival.com

2
natflow/Makefile
View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=natflow
PKG_VERSION:=20220415
PKG_VERSION:=20220416
PKG_SOURCE_URL:=https://codeload.github.com/ptpt52/natflow/tar.gz/$(PKG_VERSION)?
PKG_HASH:=skip