From fb3e8631904f600f1956cc4ad11515ccc92748c9 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
<41898282+github-actions[bot]@users.noreply.github.com>
Date: Tue, 12 Apr 2022 09:33:58 +0800
Subject: [PATCH] update 04-12 09:33
---
.../root/etc/mosdns/serverlist.txt | 197 +++++---
luci-app-passwall/Makefile | 4 +-
.../luasrc/model/cbi/passwall/client/acl.lua | 4 +
.../model/cbi/passwall/client/global.lua | 24 +-
.../model/cbi/passwall/client/rule_list.lua | 116 +++--
.../root/usr/share/passwall/app.sh | 5 +-
.../root/usr/share/passwall/helper_dnsmasq.sh | 234 +---------
.../usr/share/passwall/helper_dnsmasq_add.lua | 430 ++++++++++++++++++
.../usr/share/passwall/helper_smartdns.sh | 194 +-------
.../share/passwall/helper_smartdns_add.lua | 394 ++++++++++++++++
.../root/usr/share/passwall/iptables.sh | 4 +-
.../root/usr/share/passwall/rules/chnlist | 133 +++---
.../root/usr/share/passwall/rules/chnroute | 1 +
.../root/usr/share/passwall/rules/chnroute6 | 2 +-
.../root/usr/share/passwall/rules/gfwlist | 1 +
natflow/Makefile | 2 +-
16 files changed, 1163 insertions(+), 582 deletions(-)
create mode 100644 luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
create mode 100644 luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
diff --git a/luci-app-mosdns/root/etc/mosdns/serverlist.txt b/luci-app-mosdns/root/etc/mosdns/serverlist.txt
index ede1e01d8..e7b449b3e 100644
--- a/luci-app-mosdns/root/etc/mosdns/serverlist.txt
+++ b/luci-app-mosdns/root/etc/mosdns/serverlist.txt
@@ -367,6 +367,7 @@
14a3d6c4df.com
14nuzznszbdp.com
15.taboola.com
+150075.com
1503.net
151c1501b0fa.com
152media.com
@@ -1023,6 +1024,7 @@
42fd278b95.com
42r.cn
42ye.com
+42yenxh.cn
431.red
43137c93a82b0e81da.com
43242.zh1144.com
@@ -1302,6 +1304,7 @@
5dm6ghn.cn
5dydk.com
5e01f27136.com
+5ef80ae889.com
5egk.com
5etv.com
5eyz.flzee.com
@@ -1829,7 +1832,6 @@
91ad.bestvogue.com
91adv.com
91adv.com.cn
-91cy.top
91effa509f8f15a.com
91eto.xyz
91feiyong.com
@@ -2147,7 +2149,6 @@ a.qchannel03.cn
a.qiao024.com
a.qinghua5.com
a.qncye.net
-a.qsjiajiao.com
a.quangushi.com
a.qunzou.com
a.raasnet.com
@@ -2966,7 +2967,7 @@ aagon.actonservice.com
aahqiyum.com
aaid.umeng.com
aaktao.entel.cl
-aakxxebotrofi.top
+aalbbh84.info
aaliyaheartha.com
aamapi.com
aamcompany.actonservice.com
@@ -3291,6 +3292,7 @@ ac.mmstat.com
ac.rnm.ca
ac0c95f18a59.com
ac1.786ip.com
+ac1.pingpingw.com
ac3.msn.com
ac56.xyz
ac7d539d732.com
@@ -4629,6 +4631,7 @@ adplexmedia.adk2x.com
adplexo.com
adplugg.com
adplus.co.id
+adplusplus.fr
adplxmd.com
adpm.app.qq.com
adpmbglobal.com
@@ -4663,6 +4666,7 @@ adqic.com
adquality.ch
adquan.com
adquantix.com
+adquery.io
adquest3d.com
adqy6rzwcs.com
adrank24.de
@@ -5966,6 +5970,7 @@ afd.baidu.cn
afd.baidu.com
afd.l.google.com
afdads.com
+afdjljiyagf.ru
aff-handler.com
aff-jp.dxlive.com
aff-online.com
@@ -6393,6 +6398,7 @@ aj1716.online
aj1907.online
aj1913.online
aj2208.online
+aj2373.online
ajapk.com
ajaralarm.com
ajarsubscriber.com
@@ -6747,7 +6753,6 @@ amethyst.zappos.com
amexcadrillon.com
amfi.gou.sogou.com
amgdgt.com
-amghais.cn
amghvzn.cn
amhpbhyxfgvd.com
amiablebackscertified.com
@@ -7417,6 +7422,7 @@ api.24kidea.com
api.51sxzz.com
api.557400.com
api.5eln.cn
+api.aalbbh84.info
api.abcxs.org
api.ad-locus.com
api.ad-stir.com
@@ -7936,6 +7942,7 @@ armedgroin.com
armiesgaspclue.com
armlyemoan.com
armpitarticle.com
+armpitstamnos.com
arms-retcode.aliyuncs.com
arnt.xyz
aromamirror.com
@@ -7984,7 +7991,6 @@ as.baidu.com
as.bjmama.net
as.casalemedia.com
as.cf
-as.cfcnet.top
as.inbox.com
as.jdkic.com
as.kejet.com
@@ -8145,6 +8151,7 @@ astarboka.com
astat.bugly.qq.com
astat.nikkei.com
astep.info
+aster18prx.nl
asterilivestream.com
asteriresearch.com
asterpix.com
@@ -8342,6 +8349,7 @@ augrezoa.net
augu3yhd485st.com
augur.io
august15download.com
+auiehechoulh.ru
aujaujoa.net
aujooxoo.com
aukalerim.com
@@ -8756,6 +8764,7 @@ b477.life
b49.xyz
b4q982rbqdsw.com
b4xuj.zzhhts.com
+b5332556b5.com
b588866.com
b59812ee54afcabd.com
b5ae848728034caddca.com
@@ -9842,7 +9851,6 @@ beusable.net
bewailbeforelibrarian.com
bewailindigestionunhappy.com
bewaslac.com
-bewhoyouare.gq
bewilderedbattle.com
bewilderedblade.com
bexakezi.com
@@ -9861,6 +9869,8 @@ bfdtt.com
bfe4e6d364be199.com
bff6b409f7.com
bfgg365.com
+bfhxivpij.com
+bfjl.ink
bfmio.com
bfoleyinteractive.com
bfp.capitalone.com
@@ -10462,6 +10472,7 @@ boffoadsfeeds.com
boftogro.net
bofyshaphi.com
bogads.com
+bogginunstill.com
bogglecool.club
bogrodius.com
bogscarcely.com
@@ -10572,6 +10583,7 @@ boriskink.com
bororango.com
borotango.com
borrowedbananaspite.com
+borrowedheating.com
borsendental.com
bosatria.cn
bosctrl32.com
@@ -10610,6 +10622,7 @@ bourremokihi.com
boustahe.com
boutiqueal.carte-gr.total.fr
boutiquerestless.com
+bowbackcoyote.com
bowcompetitionbesides.com
bowei666.xyz
boweineng.cn
@@ -10885,6 +10898,7 @@ bsshw.net
bst-offers.com
bstn-14-ma.com
bsv.atm.youku.com
+bsyauqwerd.party
bsytjc.com
bszmpfaj.com
bt-xd.com
@@ -11233,6 +11247,7 @@ c.cnzz.com
c.codeonclick.com
c.cqpsf.cn
c.cyhx98.com
+c.cyto-biotherapy.com
c.danangmo.cn
c.data.mob.com
c.dengbaozx.cn
@@ -11509,6 +11524,7 @@ caiyugang.com
cal.meizu.com
calabeshes.xyz
calarm.info
+calcoh.com
calculated.cn
calculatingcircle.com
calculatingtoothbrush.com
@@ -11516,6 +11532,7 @@ calculatorcamera.com
calculatorconceivenonetheless.com
calculatorstatement.com
calendarrate.com
+calistabeverly.com
call-ad-network-api.marchex.com
call-tracking.by
call-tracking.co.uk
@@ -11603,7 +11620,6 @@ camsoda1.com
camzap.com
canalandco.com
canalprone.com
-canalstat.com
cancellingteddyinch.com
canddi.com
candid.zone
@@ -11695,6 +11711,7 @@ carl.pubsvs.com
carlseb.xyz
caroda.io
carolina.actonservice.com
+carolinebeverly.com
carotolbhavan.com
carpcw.com
carpentercomparison.com
@@ -11765,6 +11782,7 @@ catalogdiscovery.com
catastrophetray.com
catbeardx.com
cathaycentury.com
+catherinebeverly.com
catherineembankmentbouquet.com
cathodecreped.com
catiligh.ru
@@ -11921,7 +11939,6 @@ cdn-7n-pt.zbwowo.com
cdn-ads.oss-cn-shanghai.aliyuncs.com
cdn-alliancegravity.s3.amazonaws.com
cdn-analytics.ladmedia.fr
-cdn-analytics.pl
cdn-channels-pixel.ex.co
cdn-code.host
cdn-haokanapk.baidu.com
@@ -12330,7 +12347,6 @@ cfcdist.gdn
cfceu.duckdns.org
cfcloudcdn.com
cfcnet.to
-cfcnet.top
cfcs1.duckdns.org
cfdac.8g0ymk.cn
cfdanet.com
@@ -12766,6 +12782,7 @@ cjroq.bealge.sogou.com
cjsossrbji.xyz
cjt1.net
cjvdfw.com
+cjwyvwbxpbo.com
ck-cdn.com
ck.1o26.com
ck.connatix.com
@@ -12799,7 +12816,6 @@ claiks.com
claimbit.tk
clairedikio.club
clairiose.pro
-clairvoyantvigourcelebrity.com
clamcelery.com
clammytree.com
clamskeined.com
@@ -13613,6 +13629,7 @@ coiner.site
coinerra.com
coinever.net
coingive.com
+coinhive-proxy.party
coinhive.com
coinhive.info
coinhive.net
@@ -13639,6 +13656,7 @@ coinsicmp.com
cointraffic.io
coinverti.com
coinwebmining.com
+coinworker.com
coinzilla.io
coinzillatag.com
cojia.net
@@ -14026,6 +14044,7 @@ constintptr.com
constraintscenteredsociety.com
constraintsdiscuss.com
constrongyfe.site
+construment.com
consult.americanexpress.com
consulting.guidehouse.com
consulting.ramboll.com
@@ -14545,6 +14564,7 @@ coveredbetting.com
covetoussyndrome.com
cowardlymissinggranulated.com
cowbumply.com
+cowyardstulm.com
coxmt.com
coysotown.com
cp.003store.com
@@ -14872,6 +14892,7 @@ crypto.csgocpu.com
cryptoads.space
cryptobara.com
cryptoblocks.site
+cryptocoinabout.com
cryptoloot.pro
cryptomine.pro
cryptonote.club
@@ -15038,6 +15059,7 @@ cumbersomecloud.com
cumydixy.com
cuntador.com
cuoss.com
+cupcognatekaleidoscope.com
cupid.iqiyi.com
cupid.jebe.renren.com
cupidonmedia.com
@@ -15198,6 +15220,7 @@ cysd.7kww.net
cytcm.com
cyteed.com
cythusheju.com
+cyto-biotherapy.com
cytoclause.com
cytron.videojj.com
cytroncdn.videojj.com
@@ -15259,7 +15282,6 @@ d.agkn.com
d.applovin.com
d.beigedi.com
d.biboi.cn
-d.cfcnet.top
d.clkservice.youdao.com
d.cntv.cn
d.cpufan.club
@@ -15722,6 +15744,7 @@ d869381a42af33b.com
d870bc20cc.com
d87c82a1da.com
d8885.com
+d8962a.xyz
d8af4fb8c1.com
d8d4ab7673.com
d9.mobaders.com
@@ -15884,6 +15907,7 @@ darendaisuki.com
darersan.co
daringprobablywithin.com
darkenedshrine.com
+darking04.tk
darren01.oss-cn-beijing.aliyuncs.com
dart.clearchannel.com
dartoverboardcoupon.com
@@ -15896,7 +15920,6 @@ dashantechan.cn
dashaowu.com
dashbida.com
dashboard.io
-dashboardad.net
dasheducation.cn
dashet.com
dashgreen.online
@@ -16043,6 +16066,7 @@ datinggold.com
datingidol.com
datingstyle.top
dationxperi.club
+datismelysee.com
datouniao.com
datum.appfleet.com
datum0.blockchair.io
@@ -16542,6 +16566,7 @@ df8c5028a1fad1.com
df9377.com
dfanalytics.dealerfire.com
dfapvmql-q.global.ssl.fastly.net
+dfb79196408612f1.com
dfc1.benbaisteel.com
dfcwg.com
dfdjilnzqgtow.com
@@ -16666,7 +16691,6 @@ dialoguehostcreepy.com
dialoguetramppayoff.com
diamages.carte-gr.total.fr
diamondtraff.com
-diampokusy.com
dian500.com
dian5000.com
diandongchetoukui.com
@@ -17678,6 +17702,7 @@ dspmy.ge95.com
dspserver.ad.cmvideo.cn
dspultra.com
dspwin.adsame.com
+dsqzk.cn
dsrjpcjgb.xyz
dss8l0f.cn
dssdr.top
@@ -17884,6 +17909,7 @@ dxdx.shop
dxe2.heip.fr
dxgo95ahe73e8.cloudfront.net
dxkkb5tytkivf.cloudfront.net
+dxmhkisurxxxhm.ru
dxp.baidu.com
dxpmedia.com
dxprla.m.qxs.la
@@ -17927,6 +17953,7 @@ dynamicdn.com
dynamicoxygen.com
dynamitedata.com
dynamitedepressionweapons.com
+dynatrace-managed.com
dynatracesaas.com
dynpaa.com
dynpuqtsjpgqjv.com
@@ -18731,6 +18758,7 @@ eazyleads.com
eb.bewithyou.jp
eb.endeavorb2b.com
eb.informabi.com
+ebahpya.com
ebannertraffic.com
ebayadvertising.com
ebayclassifiedsgroup.com
@@ -19380,7 +19408,6 @@ eltex.co.jp
eluxer.net
elvfdnj.cn
elvirahedwig.com
-elvx.top
elxis-downloads.com
elxpywhuj.com
elyconsisterj.club
@@ -19998,7 +20025,6 @@ ethereum-pocket.eu
ethereumads.com
ethicalads.io
ethinconfid.club
-ethmedialab.info
ethn.io
ethnicbrotherhoodunmoved.com
ethnio.com
@@ -20043,7 +20069,6 @@ eu-gmtdmp.gd1.mookie1.com
eu-survey.com
eu.business.samsung.com
eu.cf
-eu.cfcnet.top
eu.groupondata.com
eu.vortex-win.data.microsft.com
eu.vortex-win.data.microsoft.com
@@ -20222,6 +20247,7 @@ evergreensame.com
eversales.space
eversource.actonservice.com
everut.com
+everybodyfebruary.com
everybodynaturedeclaration.com
everydayporn.co
eveteaemo.com
@@ -20992,7 +21018,6 @@ ffcbynqble.xyz
ffg34fg.877zw.com
ffhre.com
ffhwzaenzoue.com
-ffinwwfpqi.gq
ffjk.space
ffkdxymyji.com
fflsn.com
@@ -21276,6 +21301,8 @@ flexlinkspro.com
flexnoseassist.com
flexpod.ynsecureserver.net
fliedridgin.com
+flightsy.bi
+flightzy.bi
flightzy.bid
flightzy.date
flimsycircle.com
@@ -21670,12 +21697,10 @@ freebiesurveys.com
freebitco.in
freebloghitcounter.com
freecodecs.us.intellitxt.com
-freecontent.bid
freecontent.com
freecontent.date
freecontent.net
freecontent.party
-freecontent.science
freecontent.stream
freecontent.trade
freecounter.it
@@ -21909,6 +21934,7 @@ funnelytics.io
funnyairplane.com
funnyweb.fun
funstage.com
+funtikapa.info
funtoday.info
fuoo1.top
fupzhtvo.com
@@ -21987,6 +22013,7 @@ fx2lh9m.cn
fxbjg.com
fxbqag.znak.com
fxc.aiquxs.com
+fxc.ink
fxdepo.com
fxfhjs.com
fxhfxhf.cc
@@ -22192,6 +22219,7 @@ gacela.eu
gaconnector.com
gad.kugou.com
gadfaros.com
+gadsabs.com
gadsabz.com
gadsbee.com
gadsecs.com
@@ -22229,7 +22257,6 @@ gaizeissuer.com
gak.webtoons.com
gakinibe.pro
gakseeft.com
-gala.spiceworks.com
galacticmenueasier.com
galaks.io
galampgab.com
@@ -23455,7 +23482,6 @@ grayreceipt.com
grayrecruitbrainwash.com
grazeit.com
graziefootier.com
-grbandhlitu.top
greasegarden.com
greasemotion.com
greasysquare.com
@@ -23585,7 +23611,6 @@ grubfast.com
grubsoan.com
grudgeinjunctionretirement.com
grudreeb.com
-gruglooh.net
grumbleoh.com
grumpult.com
grumpyadzen.com
@@ -23876,6 +23901,7 @@ h-adashx.ut.taobao.com
h-adashx.ut.youku.com
h-adashx4yt.ut.taobao.com
h-bid.com
+h-cast.jp
h.atdmt.com
h.b5qpg.cn
h.domob.cn
@@ -24276,7 +24302,6 @@ hdjhsudhe.kuaizhan.com
hdjlkj.vip
hdkal67.cn
hdketang.cn
-hdmcqnkrl.top
hdminfeng.com
hdmtools.com
hdnagl.womensecret.com
@@ -24361,6 +24386,7 @@ hechaocheng.cn
heckagny.com
heckhaphanofres.info
hecticprofitable.com
+hedgehoghugsyou.com
hedmisrepu.co
hedmisrepu.com
hedressive.info
@@ -24708,6 +24734,7 @@ hitstatus.com
hitsteps.com
hittail.com
hittracker.com
+hitugou.com
hitwake.com
hitwebcounter.com
hiug862dj0.com
@@ -24822,6 +24849,7 @@ hk2wns1.wns.windows.com
hk2wns1b.wns.windows.com
hk50606.cn
hk9600.com
+hkbmsb.fun
hkbrrwxnijhnfg.com
hkdyys.cn
hkeynjiwpgvfzr.com
@@ -25117,6 +25145,7 @@ hot.browser.miui.com
hot.eastday.com
hot.m.shouji.360tpcdn.com
hot4k.org
+hotbanner.site
hotchat-im.iqiyi.com
hotcounter.de
hotdogsandads.com
@@ -25201,6 +25230,7 @@ hqs4.cnzz.com
hqs7.cnzz.com
hqs9.cnzz.com
hqsjc.com
+hqtlw.cn
hqtrnoqfvqao.xyz
hqvwniado.com
hqwlm.com
@@ -25245,6 +25275,7 @@ hsmkj.net
hsn.uqhv.net
hsoub.com
hspbotdetection.azurewebsites.net
+hspstudio.club
hsrvv.com
hsslx.com
hstpnetwork.com
@@ -26322,6 +26353,7 @@ imgwebfeed.com
imgxb.top
imhd.io
imho.ru
+imhvlhaelvvbrq.ru
imiclk.com
imiek.com
imim.me
@@ -27379,7 +27411,6 @@ istreamsche.com
istudyenglish.pro
isupopc.com
it.sharpmarketing.eu
-it028.net.cn
it760.com
it7645-blockchain-news.club
itadapi.ithome.com.tw
@@ -27510,6 +27541,7 @@ ixnp.com
ixqfughrynmfh.com
ixsgoy.getpenta.com
ixspublic.com
+ixvenhgwukn.ru
iy.com.cn
iyes.youku.com
iyfnz.com
@@ -27565,6 +27597,7 @@ j.yljiaoluo.com
j.ytbt.cc
j.zhdap.com
j.zlszw.com
+j05ot.online
j07773.com
j1.ax.xrea.com
j1.piaobing.com
@@ -27631,7 +27664,6 @@ japanbros.com
japheth.com.cn
japps.cn
japsulsa.com
-japveny.ru
jarailso.com
jarror.com
jarvispopsu.com
@@ -27881,6 +27913,7 @@ jiangjinghe.top
jianglishi.cn
jianglongjie.cn
jiangmg.com
+jiangsm.club
jiankang13.com
jiankongbao.com
jianly.top
@@ -27998,7 +28031,6 @@ jirafe.com
jirivsoxvdk.com
jirtb.top
jisbar.com
-jistaumt.com
jistenbefor.space
jistvotestabl.space
jisucn.com
@@ -28551,6 +28583,7 @@ juanbanji.biz
juandou.com
jubiitag.dk
jubileo-ppb.carte-gr.total.fr
+jubish.com
jubna.com
jubnaadserve.com
jubsouth.com
@@ -28912,7 +28945,6 @@ katoptristhemirr.com
kattepush.com
katurars.com
kaubapsy.com
-kaukoany.net
kauomod.cn
kaurouby.net
kavanga.ru
@@ -29344,6 +29376,7 @@ komoona.com
kompasads.com
komplett.me
komtrack.com
+komuxoe.ru
kon.mediaplatform.group
koncbabae.com
konduit.me
@@ -29444,6 +29477,7 @@ ksyrium0014.com
kszhmzp.cn
kt220.com
kt5850pjz0.com
+kta.etherscan.com
ktautdkiixlunl.com
ktbhboeaqw.com
ktdlsb.com
@@ -29491,10 +29525,12 @@ kucent.com
kuglijuthi.com
kugo.cc
kugqfhqi.com
+kugqfhqi.top
kuguopush.com
kuhou.com
kujrsivgg.com
kuk8.com
+kukanlm-youeryuan.com
kuku99.com
kukulm.com
kukury2hf8nd09.com
@@ -29872,7 +29908,6 @@ lcloc.com
lcmqyl.cn
lcodff.uta-net.com
lcr.kim
-lcrmm.top
lcrtltft.com
lcs.comico.jp
lcs.dev.surepush.cn
@@ -30009,6 +30044,7 @@ ledou.dl.uu.cc
ledradn.com
ledraumt.com
ledslevier.com
+lee2code.com
lee789.com
leeethical.com
leejongsuk.top
@@ -30162,6 +30198,7 @@ lgjygg.com
lglady.cn
lgm.averydennison.com
lgpdy.com
+lgpumcja.com
lgse.com
lgsmartad.com
lgygy.cn
@@ -31321,7 +31358,6 @@ lspzhtvstux.com
lsqswk.supersonicgolf.com
lsr62.qtd95fj.online
lsrvvoqobu.com
-lssmycvnaxf.top
lstat.youku.com
lsv5.belambra.fr
lsxc.shop
@@ -31475,6 +31511,7 @@ lx-upload-log.yidianzixun.com
lx167.com
lx2rv.com
lx52168.online
+lxanimation.cn
lxbjs.baidu.com
lxcdn.dl.files.xiaomi.net
lxdrddeomww.com
@@ -32747,7 +32784,6 @@ madsans.com
madsecs.com
madsecz.com
madserving.com
-madsimz.com
madsips.com
madskis.com
madskiz.com
@@ -33476,8 +33512,10 @@ maxymiser.net
mayhemabjure.com
mayi360.cn
mayiad.com
+mayib.xyz
mayie.xyz
mayif.xyz
+mayig.xyz
maymooth-stopic.com
mayordiminution.com
maysunmedia.com
@@ -34016,6 +34054,7 @@ mergerpep.com
meried.co
meriesbefor.fun
meritdeserved.com
+meritiny.top
merituckia.cam
merryemotionally.com
mersionbronze.cam
@@ -34438,7 +34477,6 @@ mhdufile.1391.com
mhebbkfyhsu.com
mhi9da.cn
mhidwg.elgiganten.se
-mhiobjnirs.gq
mhjk.1391.com
mhmetr.billabongstore.jp
mhtky.cn
@@ -34590,6 +34628,7 @@ miner-deu-7.inf.nimiq.network
miner-deu-8.inf.nimiq.network
miner.beeppool.org
miner.cryptobara.com
+miner.nablabee.com
miner.nimiq.com
miner.pr0gramm.com
minerad.com
@@ -34607,7 +34646,6 @@ minesage.com
minescripts.info
minessetion.info
minewhat.com
-minexmr.st
minexmr.stream
minfo.wps.cn
mingcidianzi162.cn
@@ -34890,6 +34928,7 @@ mng-ads.com
mngjrn.cn
mno.link
mnonqqitrpprh.xyz
+mnptinibfbv.com
mnrddc.journeys.com
mnrywnesslkmdy.com
mnsd.xyz
@@ -35029,6 +35068,7 @@ mocmubse.net
modelsgonebad.com
moderatewaterproof.com
modern.watson.data.microsoft.com.akadns.net
+moderningvigil.pro
modernpricing.com
modernus.is
modescrips.info
@@ -35106,11 +35146,14 @@ moneone.ga
monerise.com
monero-miner.com
monero-miner.net
+monerominer.ro
monerominer.rocks
moneroocean.stream
monetate.net
monetizer101.com
monetizze.com.br
+money-maker-default.info
+money-maker-script.info
money.qz828.com
moneycosmos.com
moneyexpert.co.uk
@@ -35166,6 +35209,7 @@ moonight.ltd
moonlightingapi-ads.com
moonmedias.biz
moons.66bhy.com
+moonsade.com
moontuftboy.com
moooginnumit.com
mooseway.com
@@ -35245,6 +35289,7 @@ mountainouspear.com
mountries.xyz
moupdate1.kingsoft-office-service.com
moupdate10332052.wps.cn
+mouruidesign.cn
mouse3k.com
mouseflow.com
mousescrupulousrow.com
@@ -35484,6 +35529,7 @@ mtlkwvaybo.com
mtlog.droid4x.cn
mtm.qdqmedia.com
mtmob.com
+mtnjdxrjamv.top
mto.multiopen.cn
mtoalv.cn
mtoor.com
@@ -35542,6 +35588,7 @@ munchkin.brightfunnel.com
munchkin.marketo.com
munchkin.marketo.net
mundanepollution.com
+munero.me
munnin.hicsuntdra.co
munori.com
muoo.xyz
@@ -35744,6 +35791,7 @@ mylikechat.com
myline1.club
mylink-today.com
mylinkbox.com
+mylovelymommy.tk
mylovesister.gq
mymm.zichenit.com
mynativeads.com
@@ -35753,6 +35801,7 @@ mynsystems.com
myntelligence.com
mynunu.net
myoffers.bid
+myoffers.party
myolnyr5bsk18.com
myomnistar.com
myopenads.com
@@ -35769,6 +35818,7 @@ mypush.online
mypushz.com
myqip.icu
myreferer.com
+myregeneaf.com
myrfdq.emmi.jp
myro.shop
myroitracking.com
@@ -35874,6 +35924,7 @@ nabalpal.com
nabaza.com
nabbr.com
nabeghlavi.com.cn
+nablabee.com
nabucuo.com
nacfuns.com
nachogunj.cam
@@ -35900,10 +35951,12 @@ naiadexports.com
naidafak.net
nailowhe.net
nailsimproved.com
+nainaimi.top
naj.sk
naj22.proasdf.com
najingyi.cn
najsdnkdqpsd.com
+najsiejfnc.win
najva.com
nakanohito.jp
nakedfulfilhairy.com
@@ -36184,6 +36237,7 @@ netgreatlyavailable.com
netincap.com
netinsight.co.kr
netizen.co
+netkantu.com
netliker.com
netloader.cc
netmera-web.com
@@ -36353,6 +36407,7 @@ newtueads.com
newweb.top
newwedads.com
newwiesdom.com.cn
+newyiba.top
newzheng.cn
nex.163.com
nex.corp.163.com
@@ -36534,6 +36589,7 @@ nitratory.com
nitroclicks.com
nitrogenpleahierarchy.com
nitropay.com
+nitsche.top
nitytolearnan.biz
niubiba.com
niuer-req.xy.huijitrans.com
@@ -36936,7 +36992,6 @@ nt.phpwind.com
ntalker.com
ntcontributio.biz
ntdddoz.cn
-ntdoaaoh.top
ntdumfipbfjudm.xyz
ntdvjlvau.com
ntebfvnpmf.xyz
@@ -36969,6 +37024,7 @@ ntvpforever.com
ntvpinp.com
ntvpwpush.com
ntvsw.com
+ntwaafv.cn
ntzfly.cn
nuaaad.cn
nuanqipian.pw
@@ -38263,6 +38319,7 @@ oxsm.top
oxsng.com
oxtracking.com
oxtrmw.marinarinaldi.com
+oxwwoeukjispema.ru
oxybe.com
oxydend2r5umarb8oreum.com
oxyphilsebkha.com
@@ -40183,6 +40240,7 @@ portedgatesfeel.com
portenttwinehypothetically.com
portfold.com
portkingric.net
+portoteamo.com
portoutsid.xyz
portprintingchecking.com
portscalculateappease.com
@@ -40408,6 +40466,7 @@ preferences.acspubs.org
preferences.deloitte.ca
preferences.la-lakers.com
preferences.lakersgaming.com
+preferredain.com
prefixpatriot.com
prefleks.com
pregamepluteal.com
@@ -40433,6 +40492,7 @@ preparesecretary.com
prepayproceedingsground.com
prepenseprepensecubicoperating.com
prepenseprepensedefiance.com
+preposterousgoody.com
preqoaojsdgmmc.xyz
preroot.xyz
presage.io
@@ -40778,6 +40838,7 @@ prtrackings.com
prudencewiserelapse.com
prudenttruthfulcarter.com
prudsys-rde.de
+prunesbin.com
prunesmuggy.com
prvizg.shurgard.be
prx6.destinia.ch
@@ -40881,7 +40942,6 @@ ptaughar.com
ptaulrou.net
ptauphie.com
ptauphiw.net
-ptaussee.net
ptauvuph.com
ptauxofi.net
ptavizap.net
@@ -41589,6 +41649,7 @@ qianfengwang.top
qianggou8.top
qiangren.biz
qiangzai.work
+qianhua.co
qianlong.adsame.com
qianmeiby.com
qiannian.biz
@@ -41637,6 +41698,7 @@ qingzhencai.net
qinmon.xyz
qinongyouxuan.cn
qinqiaotrade.com
+qintingapp.com
qinzhihao.com
qinzigenjudi.com
qipskd.cn
@@ -41679,6 +41741,7 @@ qjxszp.cn
qjyzj.cn
qkcl.o7z0k.cn
qkhhjm.autoscout24.nl
+qkixi.com
qkkjd.com
qkptx.com
qkspafpgg.com
@@ -42389,6 +42452,7 @@ readnos.com
readnotify.com
readpeak.com
readrboard.com
+readserv.com
readserver.net
ready-to-download.com
readymoon.com
@@ -42449,6 +42513,7 @@ rec.udn.com
rec5.visualwebsiteoptimizer.com
recapture.io
recastcompellease.com
+recdirectgo.biz
receiptfastestparameter.com
receitasefinancas.com
recentinteriorcrab.com
@@ -42664,6 +42729,7 @@ relann.com
relap.io
relappro.com
relapsereflectedreplace.com
+relaxtime24.biz
relay.fiverr.com
relead.com
release.baidu.com
@@ -42759,6 +42825,7 @@ reposetemptarraignment.com
repost.us
reprak.com
reprehensibleguarded.com
+representationfighter.com
representativeray.com
represented.cn
reprocautious.com
@@ -42823,7 +42890,6 @@ research.net
researchintel.com
reseau-pub.com
resentmentveneering.com
-reservedoffers.club
reservehearingmissing.com
reshin.de
residebroadly.com
@@ -43098,6 +43164,7 @@ rightstats.com
rigidrobin.com
rigourflickmarketing.com
rigxpadydyveja.com
+rihaschgj.com
rikobisti.com
rilelogicbuy.com
rilesticks.com
@@ -43324,6 +43391,7 @@ roofprison.com
roofrelation.com
roojouma.com
rookmemorizevoluntary.com
+roommatespacioushrs.com
roomspublisher.com
roomyreading.com
roost.me
@@ -44026,6 +44094,7 @@ s2.huoying666.com
s2.kuaibaopay.com
s2.leshi123.cc
s2.mingmingtehui.com
+s2.myregeneaf.com
s2.yandui.com
s2.zdface.com
s2.zdmimg.com
@@ -44054,6 +44123,7 @@ s3.cnzz.com
s3.flowplayer.space
s3.joexl.com
s3.minexmr.com
+s3.myregeneaf.com
s3.pampopholf.com
s3.pfp.sina.net
s3.phluant.com
@@ -44276,7 +44346,6 @@ salync.com
salzwerk.viessmann.de
samage-bility.icu
samantharegina.com
-samanthyean.com
samba.adsame.com
sambaads.com
sambaclk.adsame.com
@@ -44563,6 +44632,8 @@ schemas.android.com
schemas.microsoft.akadns.net
schicksalnvi.cn
schjmp.com
+schlaftabletten.cn
+scholarshipidol.com
schoolyeargo.com
schprompt.dangdang.com
schwacke.autovistagroup.com
@@ -45757,6 +45828,7 @@ shihualandun.cn
shijiezhidao.com
shijixinrui.cn
shijuezhongguo.cdn.bcebos.com
+shikarshexace.com
shikroux.net
shilian168.cn
shillivee.pro
@@ -45787,6 +45859,7 @@ shiwan.dl.gxpan.cn
shixiaofei864.cn
shixiong.xyz
shixunjs.th21333.com
+shiyaokejishanghai.com
shizen-no-megumi.com
shj.tjawst.com
shjk.xyz
@@ -46490,6 +46563,7 @@ smetrics.autodesk.com.cn
smetrics.automobilemag.com
smetrics.avnet.com
smetrics.babycenter.ca
+smetrics.babycenter.com
smetrics.bankinter.com
smetrics.bankofamerica.com
smetrics.bankwest.com.au
@@ -47860,6 +47934,7 @@ song.fanxing.kugou.com
songcan.me
songlongtech.com
songrfid.com
+songshijiazu.cn
songssmoke.com
sonlessmagmata.com
sonnerie.net
@@ -48183,6 +48258,7 @@ spiffymachine.com
spigotsmetonym.cam
spillsackterrified.com
spinachtighten.com
+spinaleighth.com
spinbox.net
spinbox.techtracker.com
spinbox.versiontracker.com
@@ -49161,7 +49237,6 @@ stats.breadtube.tv
stats.breathly.app
stats.briskoda.net
stats.broddin.be
-stats.brousse.info
stats.buildingtheelite.com
stats.bungeefit.co.uk
stats.buysellads.com
@@ -49407,6 +49482,7 @@ stats.patriot.win
stats.paulbutler.org
stats.paysagistes.pro
stats.pebkac.io
+stats.personalkollen.se
stats.pflexads.com
stats.phelsumagrandis.de
stats.phoenix-widget.com
@@ -49464,7 +49540,6 @@ stats.sexemodel.com
stats.sexplore.app
stats.share.link
stats.shareup.app
-stats.shell-tips.com
stats.shepherd.com
stats.shopify.com
stats.shoutout.so
@@ -50105,7 +50180,6 @@ suvset.sohu.com
suwoj.com
suxhap.com
suzanne.pro
-suzihaza.com
sv2.biz
svacdnjutk.com
svarcom.actonservice.com
@@ -50251,7 +50325,6 @@ sxtyhl.top
sxxfmc.com
sxxjdz.com
sxybjjz.cn
-sxying.top
sxympy.com
sxyunyou.cn
sxyyedu.cn
@@ -50797,7 +50870,6 @@ talaropa.com
talent.aonunited.com
talentedsteel.com
talenteq.intuit.com
-talentropes.com
talk.nz.igexin.com
talk.nz4.gepush.com
talk.nz4.getui.com
@@ -51529,7 +51601,6 @@ thirstyswing.com
thirstytwig.com
this-is-living.cn
thiscdn.com
-thishare.com
thisisacoolthing.com
thisiswaldo.com
thisisyourprize.site
@@ -51617,6 +51688,7 @@ tiandi.com
tianfus.com
tiangu99.com
tianhenggo.xyz
+tianhong.mobi
tianhuafund.cn
tianhuicun.com.cn
tianii.top
@@ -51632,6 +51704,7 @@ tianqi777.com
tianshilv.cn
tianshu-x.gtimg.cn
tianshu.gtimg.cn
+tiantai.ink
tiantiansoft.com
tiantianwl.cn
tiantianyinyue.cn
@@ -51900,6 +51973,7 @@ tlvmedia.com
tlwl1.cn
tlwl2.cn
tm-banners.gamingadult.com
+tm-core.net
tm-offers.gamingadult.com
tm.br.de
tm.jsuol.com.br
@@ -51963,7 +52037,6 @@ to.getnitropack.com
to335.cn
to8to.com
toadassuagevolatile.com
-toagluji.com
toapsira.net
toateeli.net
tob-cms.bj.bcebos.com
@@ -52212,9 +52285,8 @@ totemwebr.carte-gr.total.fr
totentacruelor.com
tothisimpo.biz
totlnkbn.com
-totoc.top
+totlnkcl.com
totogetica.com
-totoh.top
totoro.link
totorogyring.com
totreatwith.co
@@ -52883,6 +52955,7 @@ tracker.bongngo.bar
tracker.bt.uol.com.br
tracker.cauly.co.kr
tracker.cdnbye.com
+tracker.comagic.ru
tracker.comunidadmarriott.com
tracker.data-vp.com
tracker.digitalcamp.co.kr
@@ -53474,7 +53547,6 @@ trapteaching.com
traq.li
trasholita.com
trathy.com
-traumasister.tk
traveladvertising.com
travelingoutcomeautomatic.com
travelingturtleharmonious.com
@@ -53506,6 +53578,7 @@ trcka8net.irobot-jp.com
trcked.me
trcklion.com
trckr.nordiskemedier.dk
+trdnewsnow.net
trdyx.cn
treacherousaccentbruise.com
treacherouslongingjunkie.com
@@ -53738,6 +53811,7 @@ trustx.org
trustyfine.com
truthfulstem.com
trw12.com
+trx-hub.com
trx3.famousfix.com
try.abtasty.com
try9.com
@@ -54143,6 +54217,7 @@ u.xcy8.com
u.xogu.cn
u.yiiwoo.com
u.yizuya.com
+u.zuoyesou.com
u0.s.minisplat.cn
u034024.nr1234.com
u07k3pqfw5jh.com
@@ -54329,6 +54404,7 @@ ugg66.com
ughhimtoy.com
ugishdff.xyz
ugmarketing.smu.edu.sg
+ugmfvqsu.ru
ugmovxfikvhct.com
ugmvoys.cn
ugonwcxwo.com
@@ -54413,6 +54489,7 @@ ulink.cc
ulmdb.cn
ulminicbawty.com
ulmoyc.com
+ulnawoyyzbljc.ru
ulngtppm.com
ulog.imap.baidu.com
ulog.umengcloud.com
@@ -54425,6 +54502,7 @@ ulqihfr.cn
ult-blk-cbl.com
ultimateclixx.com
ultimowraxle.com
+ultra-cdn.pl
ultralove.net
ultramercial.com
ultranote.org
@@ -54847,7 +54925,6 @@ us.adserver.yahoo.com
us.bannyat.com
us.bs.serving-sys.com
us.cf
-us.cfcnet.top
us.l.qq.com
us.onkyo.actonservice.com
us.vortex-win.data.microsft.com
@@ -55633,7 +55710,6 @@ vip-vip-vup.com
vip.51.la
vip.cainiaofx.com
vip.catcs.cn
-vip.cfcnet.top
vip.gophersport.com
vip.hyz86.com
vip.id528.com
@@ -55706,6 +55782,7 @@ visite.scambi.org
visitingtoelargely.com
visitor-analytics.io
visitor-analytics.net
+visitor-microservice.ext.p-a.im
visitor-service.tealiumiq.com
visitor-stats.de
visitor-track.com
@@ -55961,6 +56038,7 @@ vps.inte.sogou.com
vptbn.com
vptlrn.sportspar.de
vpvbojamkoxo.com
+vpvbojamkoxo.top
vpyqdlrweoc.com
vq1qi.pw
vq7736.com
@@ -56007,7 +56085,6 @@ vseenmtdmcqssv.com
vsexshop.ru
vsfius.aranzulla.it
vsgwsk.bergzeit.at
-vsheying.top
vsjxqhfkccx.xyz
vskoedps.com
vsnoon.com
@@ -56295,6 +56372,7 @@ wangxingkui.online
wangxuan.pw
wangyao.pro
wangyasen.link
+wangye.icu
wangyeshij.top
wangyh.icu
wangyouxs.cn
@@ -56578,6 +56656,8 @@ webassembly.stream
webatam.com
webbc.fivecdm.com
webbridcar.xyz
+webcache-eu.datareporter.eu
+webcache.datareporter.eu
webcampromo.com
webcampromotions.com
webcare.byside.com
@@ -56777,6 +56857,7 @@ weixinxx.com
weixisiwang.com
weiyajz.cn
weizhenwx.com
+weiziqiang.top
weizjzg.com
wejibk.com.cn
wekb.club
@@ -56927,7 +57008,6 @@ wherabygry.com
where.com
whereasplaid.com
wheredoyoucomefrom.ovh
-whereismommy.gq
wheripsupi.com
whexamipta.com
whezogrewha.com
@@ -57016,6 +57096,7 @@ whzxpm.cn
wi3brxwr2b3v.com
wickedlongingbelfry.com
wickedreports.com
+widdiesbrawns.com
widerplanet.com
widespace.com
widget.adviceiq.com
@@ -57182,6 +57263,7 @@ withoughstors.club
withoused.club
withoutmotivation.com
witmorningmuscles.com
+witthethim.com
wivo2gaza.com
wiyun.com
wiz.ghostbed.com
@@ -57633,6 +57715,7 @@ wsp.marketgid.com
wspeed.qq.com
wsrrfoa.cn
wss.cnzz.com
+wss.nablabee.com
wss.rand.com.ru
wssgmstats.vibbo.com
wsstats.coches.net
@@ -58155,10 +58238,8 @@ www.flipf.cn
www.flstudiochina.com
www.flurry.com
www.fr
-www.freecontent.bid
www.freecontent.date
www.freecontent.party
-www.freecontent.science
www.freecontent.stream
www.freecontent.trade
www.freedrive.cn
@@ -59660,6 +59741,7 @@ xvideosharing.site
xvika.com
xviperonec.com
xvqdfwy.cn
+xvstvids.com
xvwebllndr.com
xvxxbrzhjunco.com
xvyljkr.com
@@ -59978,6 +60060,7 @@ yellowacorn.net
yellowbrix.com
yellowto.com
yema.shop
+yemingxing.top
yemisleol.xyz
yemnn.cn
yempid.com
@@ -60140,7 +60223,6 @@ yingjiawm.com
yingshidaquan.cc
yingxiao.baidu.com
yingxunkeji.net
-yingyeping.com
yini.link
yini8.com
yinlt.com
@@ -60216,6 +60298,7 @@ ykccgrmto.com
ykcoijcfpzda.com
ykhqhe.domain.com.au
ykktwv.titivate.jp
+yklmwnhokfse.xyz
ykpbgqc.top
ykrec.youku.com
ykrectab.youku.com
@@ -60280,6 +60363,7 @@ ynevxkx.cn
ynfzxh.com
ynhuya.cn
ynjkkj.com
+ynklendr.online
ynlsgw.com
ynmpzs.cn
ynnpmcpswews.com
@@ -60395,6 +60479,7 @@ yourfreshposts.com
yourhealmyheal.com
yourkadspunew.com
yourlegacy.club
+yourloganalytics.com
yourquickads.com
yourtubetvs.site
yourwebbars.com
@@ -60605,6 +60690,7 @@ yuppads.com
yuppyads.com
yuqhtlry.xyz
yuqnibpyn.com
+yuquad.com
yuriaftereleven.com
yurivideo.com
yushengyuancaishui.com
@@ -60656,6 +60742,7 @@ yxcpm.com
yxdyk.com
yxgfcj.com
yxhjt.com
+yxhkonfmbe.com
yxhxs.com
yxiqqh.dealchecker.co.uk
yxjibph.cn
@@ -60693,11 +60780,11 @@ yymmsd.cn
yynkhgfromul.xyz
yyp17.com
yypd.top
+yyshow.top
yyslate.com
yystzl.cn
yysvzaodorhv.com
yyt.irs01.com
-yyy6999.com
yyys.shop
yzaosite.com
yzbqz.com
@@ -61514,6 +61601,7 @@ zyjy.ink
zykxjt.com
zymbrlgu.cn
zymerget.bid
+zymerget.party
zymo.mps.weibo.com
zymro.com
zypenetwork.com
@@ -61582,3 +61670,4 @@ zzy1.mipujia.com
zzy1.quyaoya.com
zzyanhushi.com
zzyonghao.com
+zzyytt.top
diff --git a/luci-app-passwall/Makefile b/luci-app-passwall/Makefile
index 1686e775a..49375acaf 100644
--- a/luci-app-passwall/Makefile
+++ b/luci-app-passwall/Makefile
@@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
-PKG_VERSION:=4.52
-PKG_RELEASE:=3
+PKG_VERSION:=4.53
+PKG_RELEASE:=1
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_Transparent_Proxy \
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua
index 4a9dd675e..661fcbff4 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua
@@ -18,6 +18,10 @@ function s.create(e, t)
t = TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
+function s.remove(e, t)
+ sys.call("rm -rf /tmp/etc/passwall_tmp/dns_" .. t .. "*")
+ TypedSection.remove(e, t)
+end
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
index 8c43dc476..2b6e13eda 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
@@ -282,13 +282,23 @@ o.rmempty = false
if has_chnlist and api.is_finded("chinadns-ng") then
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
o.default = "0"
- o:depends({dns_mode = "dns2socks"})
- o:depends({dns_mode = "pdnsd"})
- o:depends({dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
- o:depends({dns_mode = "v2ray", v2ray_dns_mode = "doh"})
- o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
- o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
- o:depends({dns_mode = "udp"})
+ if api.is_finded("smartdns") then
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "dns2socks"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "pdnsd"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "v2ray", v2ray_dns_mode = "doh"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "xray", v2ray_dns_mode = "tcp"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "xray", v2ray_dns_mode = "doh"})
+ o:depends({dns_shunt = "dnsmasq", dns_mode = "udp"})
+ else
+ o:depends({dns_mode = "dns2socks"})
+ o:depends({dns_mode = "pdnsd"})
+ o:depends({dns_mode = "v2ray", v2ray_dns_mode = "tcp"})
+ o:depends({dns_mode = "v2ray", v2ray_dns_mode = "doh"})
+ o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
+ o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
+ o:depends({dns_mode = "udp"})
+ end
end
o = s:taboption("DNS", Button, "clear_ipset", translate("Clear IPSET"), translate("Try this feature if the rule modification does not take effect."))
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
index b2bfdf7ef..60ba9b3ff 100644
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
@@ -1,11 +1,13 @@
local api = require "luci.model.cbi.passwall.api.api"
local appname = api.appname
local fs = api.fs
+local sys = api.sys
local datatypes = api.datatypes
local path = string.format("/usr/share/%s/rules/", appname)
local route_hosts_path = "/etc/"
-m = Map(appname)
+m = SimpleForm(appname)
+m.uci = api.uci
-- [[ Rule List Settings ]]--
s = m:section(TypedSection, "global_rules")
@@ -22,9 +24,17 @@ local direct_host = path .. "direct_host"
o = s:taboption("direct_list", TextValue, "direct_host", "", "" .. translate("Join the direct hosts list of domain names will not proxy.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(direct_host) or "" end
-o.write = function(self, section, value) fs.writefile(direct_host, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(direct_host, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(direct_host) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(direct_host, value:gsub("\r\n", "\n"))
+ sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
+end
+o.remove = function(self, section, value)
+ fs.writefile(direct_host, "")
+ sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
+end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@@ -44,9 +54,15 @@ local direct_ip = path .. "direct_ip"
o = s:taboption("direct_list", TextValue, "direct_ip", "", "" .. translate("These had been joined ip addresses will not proxy. Please input the ip address or ip address segment,every line can input only one ip address. For example: 192.168.0.0/24 or 223.5.5.5.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(direct_ip) or "" end
-o.write = function(self, section, value) fs.writefile(direct_ip, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(direct_ip, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(direct_ip) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(direct_ip, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(direct_ip, "")
+end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@@ -66,9 +82,17 @@ local proxy_host = path .. "proxy_host"
o = s:taboption("proxy_list", TextValue, "proxy_host", "", "" .. translate("These had been joined websites will use proxy. Please input the domain names of websites, every line can input only one website domain. For example: google.com.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(proxy_host) or "" end
-o.write = function(self, section, value) fs.writefile(proxy_host, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(proxy_host, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(proxy_host) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(proxy_host, value:gsub("\r\n", "\n"))
+ sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
+end
+o.remove = function(self, section, value)
+ fs.writefile(proxy_host, "")
+ sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
+end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@@ -88,9 +112,15 @@ local proxy_ip = path .. "proxy_ip"
o = s:taboption("proxy_list", TextValue, "proxy_ip", "", "" .. translate("These had been joined ip addresses will use proxy. Please input the ip address or ip address segment, every line can input only one ip address. For example: 35.24.0.0/24 or 8.8.4.4.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(proxy_ip) or "" end
-o.write = function(self, section, value) fs.writefile(proxy_ip, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(proxy_ip, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(proxy_ip) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(proxy_ip, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(proxy_ip, "")
+end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@@ -110,9 +140,15 @@ local block_host = path .. "block_host"
o = s:taboption("block_list", TextValue, "block_host", "", "" .. translate("These had been joined websites will be block. Please input the domain names of websites, every line can input only one website domain. For example: twitter.com.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(block_host) or "" end
-o.write = function(self, section, value) fs.writefile(block_host, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(block_host, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(block_host) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(block_host, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(block_host, "")
+end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
@@ -132,9 +168,15 @@ local block_ip = path .. "block_ip"
o = s:taboption("block_list", TextValue, "block_ip", "", "" .. translate("These had been joined ip addresses will be block. Please input the ip address or ip address segment, every line can input only one ip address.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(block_ip) or "" end
-o.write = function(self, section, value) fs.writefile(block_ip, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(block_ip, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(block_ip) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(block_ip, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(block_ip, "")
+end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@@ -154,9 +196,15 @@ local lanlist_ipv4 = path .. "lanlist_ipv4"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv4", "", "" .. translate("The list is the IPv4 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(lanlist_ipv4) or "" end
-o.write = function(self, section, value) fs.writefile(lanlist_ipv4, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(lanlist_ipv4, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(lanlist_ipv4) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(lanlist_ipv4, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(lanlist_ipv4, "")
+end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@@ -176,9 +224,15 @@ local lanlist_ipv6 = path .. "lanlist_ipv6"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv6", "", "" .. translate("The list is the IPv6 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(lanlist_ipv6) or "" end
-o.write = function(self, section, value) fs.writefile(lanlist_ipv6, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(lanlist_ipv6, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(lanlist_ipv6) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(lanlist_ipv6, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(lanlist_ipv6, "")
+end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
@@ -198,8 +252,14 @@ local hosts = route_hosts_path .. "hosts"
o = s:taboption("route_hosts", TextValue, "hosts", "", "" .. translate("Configure routing etc/hosts file, if you don't know what you are doing, please don't change the content.") .. "")
o.rows = 15
o.wrap = "off"
-o.cfgvalue = function(self, section) return fs.readfile(hosts) or "" end
-o.write = function(self, section, value) fs.writefile(hosts, value:gsub("\r\n", "\n")) end
-o.remove = function(self, section, value) fs.writefile(hosts, "") end
+o.cfgvalue = function(self, section)
+ return fs.readfile(hosts) or ""
+end
+o.write = function(self, section, value)
+ fs.writefile(hosts, value:gsub("\r\n", "\n"))
+end
+o.remove = function(self, section, value)
+ fs.writefile(hosts, "")
+end
return m
diff --git a/luci-app-passwall/root/usr/share/passwall/app.sh b/luci-app-passwall/root/usr/share/passwall/app.sh
index 198edacd8..d2909639f 100755
--- a/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -1143,7 +1143,7 @@ start_dns() {
smartdns)
local group_domestic=$(config_t_get global group_domestic)
CHINADNS_NG=0
- source $APP_PATH/helper_smartdns.sh add DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
+ source $APP_PATH/helper_smartdns.sh add FLAG="default" DNS_MODE=$DNS_MODE SMARTDNS_CONF=/tmp/etc/smartdns/$CONFIG.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_GROUP=$group_domestic TUN_DNS=$TUN_DNS TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
source $APP_PATH/helper_smartdns.sh restart
echolog " - 域名解析:使用SmartDNS,请确保配置正常。"
;;
@@ -1178,7 +1178,7 @@ start_dns() {
[ "$DNS_SHUNT" = "dnsmasq" ] && {
source $APP_PATH/helper_dnsmasq.sh stretch
- source $APP_PATH/helper_dnsmasq.sh add DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
+ source $APP_PATH/helper_dnsmasq.sh add FLAG="default" DNS_MODE=$DNS_MODE TMP_DNSMASQ_PATH=$TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE=/tmp/dnsmasq.d/dnsmasq-passwall.conf REMOTE_FAKEDNS=$fakedns DEFAULT_DNS=$DEFAULT_DNS LOCAL_DNS=$LOCAL_DNS TUN_DNS=$TUN_DNS CHINADNS_DNS=$china_ng_listen TCP_NODE=$TCP_NODE PROXY_MODE=${TCP_PROXY_MODE}${LOCALHOST_TCP_PROXY_MODE}${ACL_TCP_PROXY_MODE} NO_PROXY_IPV6=${filter_proxy_ipv6}
}
}
@@ -1434,7 +1434,6 @@ stop() {
unset XRAY_LOCATION_ASSET
stop_crontab
source $APP_PATH/helper_smartdns.sh del
- source $APP_PATH/helper_smartdns.sh restart no_log=1
source $APP_PATH/helper_dnsmasq.sh del
source $APP_PATH/helper_dnsmasq.sh restart no_log=1
rm -rf ${TMP_PATH}
diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh
index 255b7faaa..cd35dd960 100755
--- a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh
+++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh
@@ -45,10 +45,10 @@ logic_restart() {
for server in $(uci -q get dhcp.@dnsmasq[0].server); do
[ -n "$(echo $server | grep '\/')" ] || uci -q del_list dhcp.@dnsmasq[0].server="$server"
done
- /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ /etc/init.d/dnsmasq restart >/dev/null 2>&1 &
restore_servers
else
- /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ /etc/init.d/dnsmasq restart >/dev/null 2>&1 &
fi
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
@@ -59,239 +59,15 @@ restart() {
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
- /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ /etc/init.d/dnsmasq restart >/dev/null 2>&1 &
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
}
-gen_items() {
- local ipsets dnss outf ipsetoutf
- eval_set_val $@
-
- awk -v ipsets="${ipsets}" -v dnss="${dnss}" -v outf="${outf}" -v ipsetoutf="${ipsetoutf}" '
- BEGIN {
- if(outf == "") outf="/dev/stdout";
- if(ipsetoutf == "") ipsetoutf=outf;
- split(dnss, dns, ","); setdns=length(dns)>0; setlist=length(ipsets)>0;
- if(setdns) for(i in dns) if(length(dns[i])==0) delete dns[i];
- fail=1;
- }
- ! /^$/&&!/^#/ {
- fail=0
- if(setdns) for(i in dns) printf("server=/.%s/%s\n", $0, dns[i]) >>outf;
- if(setlist) printf("ipset=/.%s/%s\n", $0, ipsets) >>ipsetoutf;
- }
- END {fflush(outf); close(outf); fflush(ipsetoutf); close(ipsetoutf); exit(fail);}
- '
-}
-
-gen_address_items() {
- local address outf
- eval_set_val $@
-
- awk -v address="${address}" -v outf="${outf}" '
- BEGIN {
- if(outf == "") outf="/dev/stdout";
- if(address == "") address="0.0.0.0,::";
- split(address, ad, ","); setad=length(ad)>0;
- if(setad) for(i in ad) if(length(ad[i])==0) delete ad[i];
- fail=1;
- }
- ! /^$/&&!/^#/ {
- fail=0
- if(setad) for(i in ad) printf("address=/.%s/%s\n", $0, ad[i]) >>outf;
- }
- END {fflush(outf); close(outf); exit(fail);}
- '
-}
-
-ipset_merge() {
- awk '{gsub(/ipset=\//,""); gsub(/\//," ");key=$1;value=$2;if (sum[key] != "") {sum[key]=sum[key]","value} else {sum[key]=sum[key]value}} END{for(i in sum) print "ipset=/"i"/"sum[i]}' "${1}/ipset.conf" > "${1}/ipset.conf2"
- mv -f "${1}/ipset.conf2" "${1}/ipset.conf"
-}
-
add() {
- local fwd_dns item servers msg
- local DNS_MODE TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_DNS TUN_DNS REMOTE_FAKEDNS CHINADNS_DNS TCP_NODE PROXY_MODE NO_LOGIC_LOG NO_PROXY_IPV6
+ local FLAG TMP_DNSMASQ_PATH DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_DNS TUN_DNS REMOTE_FAKEDNS CHINADNS_DNS TCP_NODE PROXY_MODE NO_PROXY_IPV6 NO_LOGIC_LOG
eval_set_val $@
- _LOG_FILE=$LOG_FILE
- [ -n "$NO_LOGIC_LOG" ] && LOG_FILE="/dev/null"
- global=$(echo "${PROXY_MODE}" | grep "global")
- returnhome=$(echo "${PROXY_MODE}" | grep "returnhome")
- chnlist=$(echo "${PROXY_MODE}" | grep "chnroute")
- gfwlist=$(echo "${PROXY_MODE}" | grep "gfwlist")
- mkdir -p "${TMP_DNSMASQ_PATH}" "${DNSMASQ_PATH}" "/tmp/dnsmasq.d"
- count_hosts_str="!"
-
- [ -n "$CHINADNS_DNS" ] && dnsmasq_default_dns="${CHINADNS_DNS}"
- [ -n "$global" ] && [ -z "$returnhome" ] && [ -z "$chnlist" ] && [ -z "$gfwlist" ] && only_global=1 && dnsmasq_default_dns="${TUN_DNS}"
-
- #屏蔽列表
- [ -s "${RULES_PATH}/block_host" ] && {
- cat "${RULES_PATH}/block_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="0.0.0.0" outf="${TMP_DNSMASQ_PATH}/00-block_host.conf"
- }
-
- #始终用国内DNS解析节点域名
- fwd_dns="${LOCAL_DNS}"
- servers=$(uci show "${CONFIG}" | grep ".address=" | cut -d "'" -f 2)
- hosts_foreach "servers" host_from_url | grep '[a-zA-Z]$' | sort -u | gen_items ipsets="vpsiplist,vpsiplist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/10-vpsiplist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]节点列表中的域名(vpsiplist):${fwd_dns:-默认}"
-
- #始终用国内DNS解析直连(白名单)列表
- [ -s "${RULES_PATH}/direct_host" ] && {
- fwd_dns="${LOCAL_DNS}"
- #[ -n "$CHINADNS_DNS" ] && unset fwd_dns
- cat "${RULES_PATH}/direct_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/11-direct_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]域名白名单(whitelist):${fwd_dns:-默认}"
- }
-
- subscribe_list=""
- for item in $(get_enabled_anonymous_secs "@subscribe_list"); do
- host=$(host_from_url "$(config_n_get ${item} url)")
- subscribe_list="${subscribe_list}\n${host}"
- done
- [ -n "$subscribe_list" ] && {
- if [ "$(config_t_get global_subscribe subscribe_proxy 0)" = "0" ]; then
- #如果没有开启通过代理订阅
- fwd_dns="${LOCAL_DNS}"
- echo -e "$subscribe_list" | sort -u | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/12-subscribe.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]节点订阅域名(whitelist):${fwd_dns:-默认}"
- else
- #如果开启了通过代理订阅
- local ipset_flag="blacklist,blacklist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="blacklist"
- echo -e "$subscribe_list" | sort -u | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/91-subscribe-noipv6.conf"
- fi
- [ -z "${only_global}" ] && {
- fwd_dns="${TUN_DNS}"
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- echo -e "$subscribe_list" | sort -u | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/91-subscribe.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]节点订阅域名(blacklist):${fwd_dns:-默认}"
- }
- fi
- }
-
- #始终使用远程DNS解析代理(黑名单)列表
- [ -s "${RULES_PATH}/proxy_host" ] && {
- local ipset_flag="blacklist,blacklist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="blacklist"
- cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/97-proxy_host-noipv6.conf"
- fi
- [ -z "${only_global}" ] && {
- fwd_dns="${TUN_DNS}"
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/97-proxy_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]代理域名表(blacklist):${fwd_dns:-默认}"
- }
- }
-
- #分流规则
- [ "$(config_n_get $TCP_NODE protocol)" = "_shunt" ] && {
- local default_node_id=$(config_n_get $TCP_NODE default_node _direct)
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
- [ "$shunt_node_id" = "nil" ] && continue
- [ "$shunt_node_id" = "_default" ] && shunt_node_id=$default_node_id
- [ "$shunt_node_id" = "_blackhole" ] && continue
- local str=$(echo -n $(config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u) | sed "s/ /|/g")
- [ -n "$str" ] && count_hosts_str="${count_hosts_str}|${str}"
- fwd_dns="${LOCAL_DNS}"
- [ "$shunt_node_id" = "_direct" ] && {
- [ -n "$str" ] && echo $str | sed "s/|/\n/g" | gen_items ipsets="whitelist,whitelist6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/13-shunt_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- continue
- }
- local shunt_node=$(config_n_get $shunt_node_id address nil)
- [ "$shunt_node" = "nil" ] && continue
-
- [ -n "$str" ] && {
- local ipset_flag="shuntlist,shuntlist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="shuntlist"
- echo $str | sed "s/|/\n/g" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/98-shunt_host-noipv6.conf"
- fi
- [ -z "${only_global}" ] && {
- fwd_dns="${TUN_DNS}"
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- echo $str | sed "s/|/\n/g" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/98-shunt_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- }
- }
- done
- echolog " - [$?]V2ray/Xray分流规则(shuntlist):${fwd_dns:-默认}"
- }
-
- [ -s "${RULES_PATH}/direct_host" ] && direct_hosts_str="$(echo -n $(cat ${RULES_PATH}/direct_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
- [ -s "${RULES_PATH}/proxy_host" ] && proxy_hosts_str="$(echo -n $(cat ${RULES_PATH}/proxy_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
- [ -n "$direct_hosts_str" ] && count_hosts_str="${count_hosts_str}|${direct_hosts_str}"
- [ -n "$proxy_hosts_str" ] && count_hosts_str="${count_hosts_str}|${proxy_hosts_str}"
-
- #如果没有使用回国模式
- if [ -z "${returnhome}" ]; then
- # GFW 模式
- [ -s "${RULES_PATH}/gfwlist" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/gfwlist" > "${TMP_PATH}/gfwlist"
-
- local ipset_flag="gfwlist,gfwlist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="gfwlist"
- sort -u "${TMP_PATH}/gfwlist" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/99-gfwlist-noipv6.conf"
- fi
- [ -z "${only_global}" ] && {
- fwd_dns="${TUN_DNS}"
- [ -n "$CHINADNS_DNS" ] && unset fwd_dns
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- sort -u "${TMP_PATH}/gfwlist" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/99-gfwlist.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]防火墙域名表(gfwlist):${fwd_dns:-默认}"
- }
- rm -f "${TMP_PATH}/gfwlist"
- }
-
- # 中国列表以外 模式
- [ -n "${CHINADNS_DNS}" ] && {
- fwd_dns="${LOCAL_DNS}"
- [ -n "$CHINADNS_DNS" ] && unset fwd_dns
- [ -s "${RULES_PATH}/chnlist" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" | gen_items ipsets="chnroute,chnroute6" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/19-chinalist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]中国域名表(chnroute):${fwd_dns:-默认}"
- }
- }
- else
- #回国模式
- [ -s "${RULES_PATH}/chnlist" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" > "${TMP_PATH}/chnlist"
-
- local ipset_flag="chnroute,chnroute6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="chnroute"
- sort -u "${TMP_PATH}/chnlist" | gen_address_items address="::" outf="${TMP_DNSMASQ_PATH}/99-chinalist_host-noipv6.conf"
- fi
- [ -z "${only_global}" ] && {
- fwd_dns="${TUN_DNS}"
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- sort -u "${TMP_PATH}/chnlist" | gen_items ipsets="${ipset_flag}" dnss="${fwd_dns}" outf="${TMP_DNSMASQ_PATH}/99-chinalist_host.conf" ipsetoutf="${TMP_DNSMASQ_PATH}/ipset.conf"
- echolog " - [$?]中国域名表(chnroute):${fwd_dns:-默认}"
- }
- rm -f "${TMP_PATH}/chnlist"
- }
- fi
-
- ipset_merge ${TMP_DNSMASQ_PATH}
-
- echo "conf-dir=${TMP_DNSMASQ_PATH}" > $DNSMASQ_CONF_FILE
- [ -n "${dnsmasq_default_dns}" ] && {
- echo "${DEFAULT_DNS}" > $TMP_PATH/default_DNS
- cat <<-EOF >> $DNSMASQ_CONF_FILE
- server=${dnsmasq_default_dns}
- all-servers
- no-poll
- no-resolv
- EOF
- echolog " - [$?]以上所列以外及默认:${dnsmasq_default_dns}"
- }
- echolog " - PassWall必须依赖于Dnsmasq,如果你自行配置了错误的DNS流程,将会导致域名(直连/代理域名)分流失效!!!"
- LOG_FILE=${_LOG_FILE}
+ lua $APP_PATH/helper_dnsmasq_add.lua -FLAG $FLAG -TMP_DNSMASQ_PATH $TMP_DNSMASQ_PATH -DNSMASQ_CONF_FILE $DNSMASQ_CONF_FILE -DEFAULT_DNS $DEFAULT_DNS -LOCAL_DNS $LOCAL_DNS -TUN_DNS $TUN_DNS -REMOTE_FAKEDNS ${REMOTE_FAKEDNS:-0} -CHINADNS_DNS ${CHINADNS_DNS:-0} -TCP_NODE $TCP_NODE -PROXY_MODE $PROXY_MODE -NO_PROXY_IPV6 ${NO_PROXY_IPV6:-0} -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
}
del() {
diff --git a/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
new file mode 100644
index 000000000..f37e61cbb
--- /dev/null
+++ b/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua
@@ -0,0 +1,430 @@
+local api = require "luci.model.cbi.passwall.api.api"
+
+local var = api.get_args(arg)
+local FLAG = var["-FLAG"]
+local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"]
+local DNSMASQ_CONF_FILE = var["-DNSMASQ_CONF_FILE"]
+local DEFAULT_DNS = var["-DEFAULT_DNS"]
+local LOCAL_DNS = var["-LOCAL_DNS"]
+local TUN_DNS = var["-TUN_DNS"]
+local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
+local CHINADNS_DNS = var["-CHINADNS_DNS"]
+local TCP_NODE = var["-TCP_NODE"]
+local PROXY_MODE = var["-PROXY_MODE"]
+local NO_PROXY_IPV6 = var["-NO_PROXY_IPV6"]
+local NO_LOGIC_LOG = var["-NO_LOGIC_LOG"]
+local LOG_FILE = "/tmp/log/passwall.log"
+local CACHE_PATH = "/tmp/etc/passwall_tmp"
+local CACHE_FLAG = "dns_" .. FLAG
+local CACHE_DNS_PATH = CACHE_PATH .. "/" .. CACHE_FLAG
+local CACHE_MD5_FILE = CACHE_DNS_PATH .. ".md5"
+
+local uci = api.uci
+local sys = api.sys
+local jsonc = api.jsonc
+local appname = api.appname
+local fs = api.fs
+local datatypes = api.datatypes
+
+local list1 = {}
+local excluded_domain = {}
+local excluded_domain_str = "!"
+
+local function log(...)
+ if NO_LOGIC_LOG == "1" then
+ return
+ end
+ local f, err = io.open(LOG_FILE, "a")
+ if f and err == nil then
+ local str = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
+ f:write(str .. "\n")
+ f:close()
+ end
+end
+
+--从url获取域名
+local function get_domain_from_url(url)
+ if url then
+ if datatypes.hostname(url) then
+ return url
+ end
+ local domain = url:match("//([^/]+)")
+ if domain then
+ return domain
+ end
+ end
+ return ""
+end
+
+local function check_dns(domain, dns)
+ if domain == "" or domain:find("#") then
+ return false
+ end
+ if not dns then
+ return
+ end
+ for k,v in ipairs(list1[domain].dns) do
+ if dns == v then
+ return true
+ end
+ end
+ return false
+end
+
+local function check_ipset(domain, ipset)
+ if domain == "" or domain:find("#") then
+ return false
+ end
+ if not ipset then
+ return
+ end
+ for k,v in ipairs(list1[domain].ipsets) do
+ if ipset == v then
+ return true
+ end
+ end
+ return false
+end
+
+local function set_domain_address(domain, address)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ dns = {},
+ ipsets = {}
+ }
+ end
+ if not list1[domain].address then
+ list1[domain].address = address
+ end
+end
+
+local function set_domain_dns(domain, dns)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not dns then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ dns = {},
+ ipsets = {}
+ }
+ end
+ for line in string.gmatch(dns, '[^' .. "," .. ']+') do
+ if not check_dns(domain, line) then
+ table.insert(list1[domain].dns, line)
+ end
+ end
+end
+
+local function set_domain_ipset(domain, ipset)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not ipset then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ dns = {},
+ ipsets = {}
+ }
+ end
+ for line in string.gmatch(ipset, '[^' .. "," .. ']+') do
+ if not check_ipset(domain, line) then
+ table.insert(list1[domain].ipsets, line)
+ end
+ end
+end
+
+local function add_excluded_domain(domain)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ table.insert(excluded_domain, domain)
+ excluded_domain_str = excluded_domain_str .. "|" .. domain
+end
+
+local function check_excluded_domain(domain)
+ if domain == "" or domain:find("#") then
+ return false
+ end
+ for k,v in ipairs(excluded_domain) do
+ if domain:find(v) then
+ return true
+ end
+ end
+ return false
+end
+
+local dnsmasq_default_dns
+
+local cache_md5 = ""
+local str = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. CHINADNS_DNS .. PROXY_MODE .. NO_PROXY_IPV6
+local md5 = luci.sys.exec("echo -n $(echo '" .. str .. "' | md5sum | awk '{print $1}')")
+if fs.access(CACHE_MD5_FILE) then
+ for line in io.lines(CACHE_MD5_FILE) do
+ cache_md5 = line
+ end
+end
+
+if cache_md5 ~= md5 then
+ sys.call("rm -rf " .. CACHE_PATH .. "/" .. CACHE_FLAG .. "*")
+end
+
+local global = PROXY_MODE:find("global")
+local returnhome = PROXY_MODE:find("returnhome")
+local chnlist = PROXY_MODE:find("chnroute")
+local gfwlist = PROXY_MODE:find("gfwlist")
+local only_global
+
+if CHINADNS_DNS ~= "0" then
+ dnsmasq_default_dns = CHINADNS_DNS
+end
+if global and (not returnhome and not chnlist and not gfwlist) then
+ dnsmasq_default_dns = TUN_DNS
+ only_global = 1
+end
+
+if not fs.access(CACHE_DNS_PATH) then
+ fs.mkdir("/tmp/dnsmasq.d")
+ fs.mkdir(CACHE_DNS_PATH)
+
+ --屏蔽列表
+ for line in io.lines("/usr/share/passwall/rules/block_host") do
+ if line ~= "" and not line:find("#") then
+ set_domain_address(line, "0.0.0.0")
+ end
+ end
+
+ --始终用国内DNS解析节点域名
+ uci:foreach(appname, "nodes", function(t)
+ local address = t.address
+ if datatypes.hostname(address) then
+ set_domain_dns(address, LOCAL_DNS)
+ set_domain_ipset(address, "vpsiplist,vpsiplist6")
+ end
+ end)
+ log(string.format(" - 节点列表中的域名(vpsiplist):%s", LOCAL_DNS or "默认"))
+
+ --始终用国内DNS解析直连(白名单)列表
+ for line in io.lines("/usr/share/passwall/rules/direct_host") do
+ if line ~= "" and not line:find("#") then
+ add_excluded_domain(line)
+ set_domain_dns(line, LOCAL_DNS)
+ set_domain_ipset(line, "whitelist,whitelist6")
+ end
+ end
+ log(string.format(" - 域名白名单(whitelist):%s", LOCAL_DNS or "默认"))
+
+ local fwd_dns = LOCAL_DNS
+ local ipset_flag = "whitelist,whitelist6"
+ local no_ipv6
+ if uci:get(appname, "@global_subscribe[0]", "subscribe_proxy") or "0" == "1" then
+ fwd_dns = TUN_DNS
+ ipset_flag = "blacklist,blacklist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "blacklist"
+ no_ipv6 = true
+ end
+ if not only_global then
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ end
+ end
+ uci:foreach(appname, "subscribe_list", function(t)
+ local domain = get_domain_from_url(t.url)
+ if domain then
+ if no_ipv6 then
+ set_domain_address(domain, "::")
+ end
+ set_domain_dns(domain, fwd_dns)
+ set_domain_ipset(domain, ipset_flag)
+ end
+ end)
+ log(string.format(" - 节点订阅域名(blacklist):%s", fwd_dns or "默认"))
+
+ --始终使用远程DNS解析代理(黑名单)列表
+ for line in io.lines("/usr/share/passwall/rules/proxy_host") do
+ if line ~= "" and not line:find("#") then
+ add_excluded_domain(line)
+ local ipset_flag = "blacklist,blacklist6"
+ if NO_PROXY_IPV6 == "1" then
+ set_domain_address(line, "::")
+ ipset_flag = "blacklist"
+ end
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_dns(line, TUN_DNS)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ log(string.format(" - 代理域名表(blacklist):%s", TUN_DNS or "默认"))
+
+ --分流规则
+ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
+ local t = uci:get_all(appname, TCP_NODE)
+ local default_node_id = t["default_node"] or "_direct"
+ uci:foreach(appname, "shunt_rules", function(s)
+ local _node_id = t[s[".name"]] or "nil"
+ if _node_id ~= "nil" and _node_id ~= "_blackhole" then
+ if _node_id == "_default" then
+ _node_id = default_node_id
+ end
+
+ fwd_dns = nil
+ ipset_flag = nil
+ no_ipv6 = nil
+
+ if _node_id == "_direct" then
+ fwd_dns = LOCAL_DNS
+ ipset_flag = "whitelist,whitelist6"
+ else
+ fwd_dns = TUN_DNS
+ ipset_flag = "shuntlist,shuntlist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "shuntlist"
+ no_ipv6 = true
+ end
+ if not only_global then
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ end
+ end
+
+ local domain_list = s.domain_list or ""
+ for line in string.gmatch(domain_list, "[^\r\n]+") do
+ if line ~= "" and not line:find("#") and not line:find("regexp:") and not line:find("geosite:") and not line:find("ext:") then
+ if line:find("domain:") or line:find("full:") then
+ line = string.match(line, ":([^:]+)$")
+ end
+ add_excluded_domain(line)
+
+ if no_ipv6 then
+ set_domain_address(line, "::")
+ end
+ set_domain_dns(line, fwd_dns)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ if _node_id ~= "_direct" then
+ log(string.format(" - V2ray/Xray分流规则(%s):%s", s.remarks, fwd_dns or "默认"))
+ end
+ end
+ end)
+ end
+
+ --如果没有使用回国模式
+ if not returnhome then
+ if fs.access("/usr/share/passwall/rules/gfwlist") then
+ local gfwlist_str = sys.exec('cat /usr/share/passwall/rules/gfwlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(gfwlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ local ipset_flag = "gfwlist,gfwlist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "gfwlist"
+ set_domain_address(line, "::")
+ end
+ if not only_global then
+ fwd_dns = TUN_DNS
+ if CHINADNS_DNS ~= "0" then
+ fwd_dns = nil
+ end
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_dns(line, fwd_dns)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ end
+ log(string.format(" - 防火墙域名表(gfwlist):%s", fwd_dns or "默认"))
+ end
+
+ if CHINADNS_DNS ~= "0" then
+ if fs.access("/usr/share/passwall/rules/chnlist") then
+ fwd_dns = nil
+ local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(chnlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ set_domain_dns(line, fwd_dns)
+ set_domain_ipset(line, "chnroute,chnroute6")
+ end
+ end
+ end
+ log(string.format(" - 中国域名表(chnroute):%s", fwd_dns or "默认"))
+ end
+ else
+ if fs.access("/usr/share/passwall/rules/chnlist") then
+ local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(chnlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ local ipset_flag = "chnroute,chnroute6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "chnroute"
+ set_domain_address(line, "::")
+ end
+ if not only_global then
+ set_domain_dns(line, TUN_DNS)
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ end
+ log(string.format(" - 中国域名表(chnroute):%s", TUN_DNS or "默认"))
+ end
+ end
+
+ local address_out = io.open(CACHE_DNS_PATH .. "/000-address.conf", "a")
+ local server_out = io.open(CACHE_DNS_PATH .. "/001-server.conf", "a")
+ local ipset_out = io.open(CACHE_DNS_PATH .. "/ipset.conf", "a")
+ for key, value in pairs(list1) do
+ if value.address and #value.address > 0 then
+ address_out:write(string.format("address=/.%s/%s\n", key, value.address))
+ end
+ if value.dns and #value.dns > 0 then
+ for i, dns in ipairs(value.dns) do
+ server_out:write(string.format("server=/.%s/%s\n", key, dns))
+ end
+ end
+ if value.ipsets and #value.ipsets > 0 then
+ local ipsets_str = ""
+ for i, ipset in ipairs(value.ipsets) do
+ ipsets_str = ipsets_str .. ipset .. ","
+ end
+ ipsets_str = ipsets_str:sub(1, #ipsets_str - 1)
+ ipset_out:write(string.format("ipset=/.%s/%s\n", key, ipsets_str))
+ end
+ end
+ address_out:close()
+ server_out:close()
+ ipset_out:close()
+
+ local f_out = io.open(CACHE_MD5_FILE, "a")
+ f_out:write(md5)
+ f_out:close()
+end
+fs.symlink(CACHE_DNS_PATH, TMP_DNSMASQ_PATH)
+local conf_out = io.open(DNSMASQ_CONF_FILE, "a")
+conf_out:write(string.format("conf-dir=%s\n", TMP_DNSMASQ_PATH))
+if dnsmasq_default_dns then
+ local f_out = io.open("/tmp/etc/passwall/default_DNS", "a")
+ f_out:write(DEFAULT_DNS)
+ f_out:close()
+ conf_out:write(string.format("server=%s\n", dnsmasq_default_dns))
+ conf_out:write("all-servers\n")
+ conf_out:write("no-poll\n")
+ conf_out:write("no-resolv\n")
+ log(string.format(" - 以上所列以外及默认:%s", dnsmasq_default_dns))
+end
+conf_out:close()
+log(" - PassWall必须依赖于Dnsmasq,如果你自行配置了错误的DNS流程,将会导致域名(直连/代理域名)分流失效!!!")
diff --git a/luci-app-passwall/root/usr/share/passwall/helper_smartdns.sh b/luci-app-passwall/root/usr/share/passwall/helper_smartdns.sh
index ba51c04d6..b63f53beb 100755
--- a/luci-app-passwall/root/usr/share/passwall/helper_smartdns.sh
+++ b/luci-app-passwall/root/usr/share/passwall/helper_smartdns.sh
@@ -6,207 +6,21 @@ restart() {
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
rm -rf /tmp/smartdns.cache
- /etc/init.d/smartdns reload >/dev/null 2>&1
- /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ /etc/init.d/smartdns reload >/dev/null 2>&1 &
LOG_FILE=${_LOG_FILE}
}
-gen_items() {
- local ipsets group address speed_check_mode outf
- eval_set_val $@
-
- awk -v ipsets="${ipsets}" -v group="${group}" -v speed_check_mode="${speed_check_mode}" -v address="${address}" -v outf="${outf}" '
- BEGIN {
- if(outf == "") outf="/dev/stdout";
- if(group != "") group=" -n " group;
- if(ipsets != "") ipsets=" -p " ipsets;
- if(speed_check_mode != "") speed_check_mode=" -c " speed_check_mode;
- if(address != "") address=" -a " address;
- fail=1;
- }
- ! /^$/&&!/^#/ {
- fail=0
- printf("domain-rules /%s/ %s%s%s%s\n", $0, group, ipsets, address, speed_check_mode) >>outf;
- }
- END {fflush(outf); close(outf); exit(fail);}
- '
-}
-
-gen_address_items() {
- local address outf
- eval_set_val $@
-
- awk -v address="${address}" -v outf="${outf}" '
- BEGIN {
- if(outf == "") outf="/dev/stdout";
- setaddress=length(address)>0;
- fail=1;
- }
- ! /^$/&&!/^#/ {
- fail=0
- if(setaddress) printf("address /%s/%s\n", $0, address) >>outf;
- }
- END {fflush(outf); close(outf); exit(fail);}
- '
-}
-
add() {
- local fwd_dns fwd_group item servers msg
- local DNS_MODE SMARTDNS_CONF DNSMASQ_CONF_FILE DEFAULT_DNS LOCAL_GROUP REMOTE_GROUP REMOTE_FAKEDNS TUN_DNS TCP_NODE PROXY_MODE NO_LOGIC_LOG NO_PROXY_IPV6
+ local FLAG SMARTDNS_CONF LOCAL_GROUP REMOTE_GROUP REMOTE_FAKEDNS TUN_DNS TCP_NODE PROXY_MODE NO_PROXY_IPV6 NO_LOGIC_LOG
eval_set_val $@
- _LOG_FILE=$LOG_FILE
- [ -n "$NO_LOGIC_LOG" ] && LOG_FILE="/dev/null"
- global=$(echo "${PROXY_MODE}" | grep "global")
- returnhome=$(echo "${PROXY_MODE}" | grep "returnhome")
- chnlist=$(echo "${PROXY_MODE}" | grep "chnroute")
- gfwlist=$(echo "${PROXY_MODE}" | grep "gfwlist")
- touch ${SMARTDNS_CONF}
- count_hosts_str="!"
- [ -z "${REMOTE_GROUP}" ] && {
- REMOTE_GROUP="${CONFIG}_proxy"
- [ -n "${TUN_DNS}" ] && TUN_DNS="$(echo ${TUN_DNS} | sed 's/#/:/g')"
- sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1
- echo "server ${TUN_DNS} -group ${REMOTE_GROUP} -exclude-default-group" >> ${SMARTDNS_CONF}
- }
-
- #屏蔽列表
- [ -s "${RULES_PATH}/block_host" ] && {
- cat "${RULES_PATH}/block_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_address_items address="-" outf="${SMARTDNS_CONF}"
- }
-
- #始终用国内DNS解析节点域名
- servers=$(uci show "${CONFIG}" | grep ".address=" | cut -d "'" -f 2)
- hosts_foreach "servers" host_from_url | grep '[a-zA-Z]$' | sort -u | gen_items ipsets="#4:vpsiplist,#6:vpsiplist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
- echolog " - [$?]节点列表中的域名(vpsiplist)使用分组:${LOCAL_GROUP:-默认}"
-
- #始终用国内DNS解析直连(白名单)列表
- [ -s "${RULES_PATH}/direct_host" ] && {
- cat "${RULES_PATH}/direct_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
- echolog " - [$?]域名白名单(whitelist)使用分组:${LOCAL_GROUP:-默认}"
- }
-
- subscribe_list=""
- for item in $(get_enabled_anonymous_secs "@subscribe_list"); do
- host=$(host_from_url "$(config_n_get ${item} url)")
- subscribe_list="${subscribe_list}\n${host}"
- done
- [ -n "$subscribe_list" ] && {
- if [ "$(config_t_get global_subscribe subscribe_proxy 0)" = "0" ]; then
- #如果没有开启通过代理订阅
- echo -e "$subscribe_list" | sort -u | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
- echolog " - [$?]节点订阅域名(whitelist)使用分组:${LOCAL_GROUP:-默认}"
- else
- #如果开启了通过代理订阅
- local ipset_flag="#4:blacklist,#6:blacklist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="#4:blacklist"
- address="#6"
- fi
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- echo -e "$subscribe_list" | sort -u | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
- echolog " - [$?]节点订阅域名(blacklist)使用分组:${REMOTE_GROUP}"
- fi
- }
-
- #始终使用远程DNS解析代理(黑名单)列表
- [ -s "${RULES_PATH}/proxy_host" ] && {
- local ipset_flag="#4:blacklist,#6:blacklist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="#4:blacklist"
- address="#6"
- fi
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- cat "${RULES_PATH}/proxy_host" | tr -s '\n' | grep -v "^#" | sort -u | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
- echolog " - [$?]代理域名表(blacklist)使用分组:${REMOTE_GROUP}"
- }
-
- #分流规则
- [ "$(config_n_get $TCP_NODE protocol)" = "_shunt" ] && {
- local default_node_id=$(config_n_get $TCP_NODE default_node _direct)
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
- [ "$shunt_node_id" = "nil" ] && continue
- [ "$shunt_node_id" = "_default" ] && shunt_node_id=$default_node_id
- [ "$shunt_node_id" = "_blackhole" ] && continue
- local str=$(echo -n $(config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u) | sed "s/ /|/g")
- [ -n "$str" ] && count_hosts_str="${count_hosts_str}|${str}"
- [ "$shunt_node_id" = "_direct" ] && {
- [ -n "$str" ] && echo $str | sed "s/|/\n/g" | gen_items ipsets="#4:whitelist,#6:whitelist6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
- msg_dns="${LOCAL_GROUP}"
- continue
- }
- local shunt_node=$(config_n_get $shunt_node_id address nil)
- [ "$shunt_node" = "nil" ] && continue
-
- [ -n "$str" ] && {
- local ipset_flag="#4:shuntlist,#6:shuntlist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="#4:shuntlist"
- address="#6"
- fi
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- echo $str | sed "s/|/\n/g" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
- msg_dns="${REMOTE_GROUP}"
- }
- done
- echolog " - [$?]V2ray/Xray分流规则(shuntlist):${msg_dns:-默认}"
- }
-
- [ -s "${RULES_PATH}/direct_host" ] && direct_hosts_str="$(echo -n $(cat ${RULES_PATH}/direct_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
- [ -s "${RULES_PATH}/proxy_host" ] && proxy_hosts_str="$(echo -n $(cat ${RULES_PATH}/proxy_host | tr -s '\n' | grep -v "^#" | sort -u) | sed "s/ /|/g")"
- [ -n "$direct_hosts_str" ] && count_hosts_str="${count_hosts_str}|${direct_hosts_str}"
- [ -n "$proxy_hosts_str" ] && count_hosts_str="${count_hosts_str}|${proxy_hosts_str}"
-
- #如果没有使用回国模式
- if [ -z "${returnhome}" ]; then
- # GFW 模式
- [ -s "${RULES_PATH}/gfwlist" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/gfwlist" > "${TMP_PATH}/gfwlist"
-
- local ipset_flag="#4:gfwlist,#6:gfwlist6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="#4:gfwlist"
- address="#6"
- fi
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- sort -u "${TMP_PATH}/gfwlist" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
- echolog " - [$?]防火墙域名表(gfwlist)使用分组:${REMOTE_GROUP}"
- rm -f "${TMP_PATH}/gfwlist"
- }
-
- # 中国列表以外 模式
- [ -s "${RULES_PATH}/chnlist" ] && [ -n "${chnlist}" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" | gen_items ipsets="#4:chnroute,#6:chnroute6" group="${LOCAL_GROUP}" outf="${SMARTDNS_CONF}"
- echolog " - [$?]中国域名表(chnroute)使用分组:${LOCAL_GROUP:-默认}"
- }
- else
- #回国模式
- [ -s "${RULES_PATH}/chnlist" ] && {
- grep -v -E "$count_hosts_str" "${RULES_PATH}/chnlist" > "${TMP_PATH}/chnlist"
-
- local ipset_flag="#4:chnroute,#6:chnroute6"
- if [ "${NO_PROXY_IPV6}" = "1" ]; then
- ipset_flag="#4:chnroute"
- address="#6"
- fi
- [ -n "${REMOTE_FAKEDNS}" ] && unset ipset_flag
- sort -u "${TMP_PATH}/chnlist" | gen_items ipsets="${ipset_flag}" group="${REMOTE_GROUP}" address="${address}" speed_check_mode="none" outf="${SMARTDNS_CONF}"
- echolog " - [$?]中国域名表(chnroute)使用分组:${REMOTE_GROUP}"
- rm -f "${TMP_PATH}/chnlist"
- }
- fi
-
- echo "conf-file ${SMARTDNS_CONF}" >> /etc/smartdns/custom.conf
- echolog " - 请让SmartDNS作为Dnsmasq的上游或重定向!"
- LOG_FILE=${_LOG_FILE}
+ lua $APP_PATH/helper_smartdns_add.lua -FLAG $FLAG -SMARTDNS_CONF $SMARTDNS_CONF -LOCAL_GROUP ${LOCAL_GROUP:-nil} -REMOTE_GROUP ${REMOTE_GROUP:-nil} -REMOTE_FAKEDNS ${REMOTE_FAKEDNS:-0} -TUN_DNS $TUN_DNS -TCP_NODE $TCP_NODE -PROXY_MODE $PROXY_MODE -NO_PROXY_IPV6 ${NO_PROXY_IPV6:-0} -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0}
}
del() {
rm -rf /tmp/etc/smartdns/passwall.conf
sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1
rm -rf /tmp/smartdns.cache
- /etc/init.d/smartdns reload >/dev/null 2>&1
+ /etc/init.d/smartdns reload >/dev/null 2>&1 &
}
arg1=$1
diff --git a/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
new file mode 100644
index 000000000..35d860f40
--- /dev/null
+++ b/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
@@ -0,0 +1,394 @@
+local api = require "luci.model.cbi.passwall.api.api"
+
+local var = api.get_args(arg)
+local FLAG = var["-FLAG"]
+local SMARTDNS_CONF = var["-SMARTDNS_CONF"]
+local LOCAL_GROUP = var["-LOCAL_GROUP"]
+local REMOTE_GROUP = var["-REMOTE_GROUP"]
+local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
+local TUN_DNS = var["-TUN_DNS"]
+local TCP_NODE = var["-TCP_NODE"]
+local PROXY_MODE = var["-PROXY_MODE"]
+local NO_PROXY_IPV6 = var["-NO_PROXY_IPV6"]
+local NO_LOGIC_LOG = var["-NO_LOGIC_LOG"]
+local LOG_FILE = "/tmp/log/passwall.log"
+local CACHE_PATH = "/tmp/etc/passwall_tmp"
+local CACHE_FLAG = "dns_" .. FLAG
+local CACHE_DNS_FILE = CACHE_PATH .. "/" .. CACHE_FLAG .. ".conf"
+local CACHE_MD5_FILE = CACHE_PATH .. "/" .. CACHE_FLAG .. ".md5"
+local SMARTDNS_PATH = "/tmp/etc/smartdns"
+
+local uci = api.uci
+local sys = api.sys
+local jsonc = api.jsonc
+local appname = api.appname
+local fs = api.fs
+local datatypes = api.datatypes
+
+local list1 = {}
+local excluded_domain = {}
+local excluded_domain_str = "!"
+
+local function log(...)
+ if NO_LOGIC_LOG == "1" then
+ return
+ end
+ local f, err = io.open(LOG_FILE, "a")
+ if f and err == nil then
+ local str = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
+ f:write(str .. "\n")
+ f:close()
+ end
+end
+
+--从url获取域名
+local function get_domain_from_url(url)
+ if url then
+ if datatypes.hostname(url) then
+ return url
+ end
+ local domain = url:match("//([^/]+)")
+ if domain then
+ return domain
+ end
+ end
+ return ""
+end
+
+local function check_ipset(domain, ipset)
+ if domain == "" or domain:find("#") then
+ return false
+ end
+ if not ipset then
+ return
+ end
+ for k,v in ipairs(list1[domain].ipsets) do
+ if ipset == v then
+ return true
+ end
+ end
+ return false
+end
+
+local function set_domain_address(domain, address)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ ipsets = {}
+ }
+ end
+ if not list1[domain].address then
+ list1[domain].address = address
+ end
+end
+
+local function set_domain_group(domain, group)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not group then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ ipsets = {}
+ }
+ end
+ if not list1[domain].group then
+ list1[domain].group = group
+ if group == REMOTE_GROUP then
+ list1[domain].speed_check_mode = "none"
+ end
+ end
+end
+
+local function set_domain_ipset(domain, ipset)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ if not ipset then
+ return
+ end
+ if not list1[domain] then
+ list1[domain] = {
+ ipsets = {}
+ }
+ end
+ for line in string.gmatch(ipset, '[^' .. "," .. ']+') do
+ if not check_ipset(domain, line) then
+ table.insert(list1[domain].ipsets, line)
+ end
+ end
+end
+
+local function add_excluded_domain(domain)
+ if domain == "" or domain:find("#") then
+ return
+ end
+ table.insert(excluded_domain, domain)
+ excluded_domain_str = excluded_domain_str .. "|" .. domain
+end
+
+local function check_excluded_domain(domain)
+ if domain == "" or domain:find("#") then
+ return false
+ end
+ for k,v in ipairs(excluded_domain) do
+ if domain:find(v) then
+ return true
+ end
+ end
+ return false
+end
+
+local cache_md5 = ""
+local str = SMARTDNS_CONF .. LOCAL_GROUP .. REMOTE_GROUP .. REMOTE_FAKEDNS .. TUN_DNS .. PROXY_MODE .. NO_PROXY_IPV6
+local md5 = luci.sys.exec("echo -n $(echo '" .. str .. "' | md5sum | awk '{print $1}')")
+if fs.access(CACHE_MD5_FILE) then
+ for line in io.lines(CACHE_MD5_FILE) do
+ cache_md5 = line
+ end
+end
+
+if cache_md5 ~= md5 then
+ sys.call("rm -rf " .. CACHE_PATH .. "/" .. CACHE_FLAG .. "*")
+end
+
+local global = PROXY_MODE:find("global")
+local returnhome = PROXY_MODE:find("returnhome")
+local chnlist = PROXY_MODE:find("chnroute")
+local gfwlist = PROXY_MODE:find("gfwlist")
+
+if not REMOTE_GROUP or REMOTE_GROUP == "nil" then
+ REMOTE_GROUP = "passwall_proxy"
+ if TUN_DNS then
+ TUN_DNS = TUN_DNS:gsub("#", ":")
+ end
+ sys.call('sed -i "/passwall/d" /etc/smartdns/custom.conf >/dev/null 2>&1')
+end
+
+if not fs.access(CACHE_DNS_FILE) then
+ sys.call(string.format('echo "server %s -group %s -exclude-default-group" >> %s', TUN_DNS, REMOTE_GROUP, CACHE_DNS_FILE))
+ --屏蔽列表
+ for line in io.lines("/usr/share/passwall/rules/block_host") do
+ if line ~= "" and not line:find("#") then
+ set_domain_address(line, "-")
+ end
+ end
+
+ --始终用国内DNS解析节点域名
+ uci:foreach(appname, "nodes", function(t)
+ local address = t.address
+ if datatypes.hostname(address) then
+ set_domain_group(address, LOCAL_GROUP)
+ set_domain_ipset(address, "#4:vpsiplist,#6:vpsiplist6")
+ end
+ end)
+ log(string.format(" - 节点列表中的域名(vpsiplist)使用分组:%s", LOCAL_GROUP or "默认"))
+
+ --始终用国内DNS解析直连(白名单)列表
+ for line in io.lines("/usr/share/passwall/rules/direct_host") do
+ if line ~= "" and not line:find("#") then
+ add_excluded_domain(line)
+ set_domain_group(line, LOCAL_GROUP)
+ set_domain_ipset(line, "#4:whitelist,#6:whitelist6")
+ end
+ end
+ log(string.format(" - 域名白名单(whitelist)使用分组:%s", LOCAL_GROUP or "默认"))
+
+ local fwd_group = LOCAL_GROUP
+ local ipset_flag = "#4:whitelist,#6:whitelist6"
+ local no_ipv6
+ if uci:get(appname, "@global_subscribe[0]", "subscribe_proxy") or "0" == "1" then
+ fwd_group = REMOTE_GROUP
+ ipset_flag = "#4:blacklist,#6:blacklist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "#4:blacklist"
+ no_ipv6 = true
+ end
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ end
+ uci:foreach(appname, "subscribe_list", function(t)
+ local domain = get_domain_from_url(t.url)
+ if domain then
+ if no_ipv6 then
+ set_domain_address(domain, "#6")
+ end
+ set_domain_group(domain, fwd_group)
+ set_domain_ipset(domain, ipset_flag)
+ end
+ end)
+ log(string.format(" - 节点订阅域名(blacklist)使用分组:%s", fwd_group or "默认"))
+
+ --始终使用远程DNS解析代理(黑名单)列表
+ for line in io.lines("/usr/share/passwall/rules/proxy_host") do
+ if line ~= "" and not line:find("#") then
+ add_excluded_domain(line)
+ local ipset_flag = "#4:blacklist,#6:blacklist6"
+ if NO_PROXY_IPV6 == "1" then
+ set_domain_address(line, "#6")
+ ipset_flag = "#4:blacklist"
+ end
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_group(line, REMOTE_GROUP)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ log(string.format(" - 代理域名表(blacklist)使用分组:%s", REMOTE_GROUP or "默认"))
+
+ --分流规则
+ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
+ local t = uci:get_all(appname, TCP_NODE)
+ local default_node_id = t["default_node"] or "_direct"
+ uci:foreach(appname, "shunt_rules", function(s)
+ local _node_id = t[s[".name"]] or "nil"
+ if _node_id ~= "nil" and _node_id ~= "_blackhole" then
+ if _node_id == "_default" then
+ _node_id = default_node_id
+ end
+
+ fwd_group = nil
+ ipset_flag = nil
+ no_ipv6 = nil
+
+ if _node_id == "_direct" then
+ fwd_group = LOCAL_GROUP
+ ipset_flag = "#4:whitelist,#6:whitelist6"
+ else
+ fwd_group = REMOTE_GROUP
+ ipset_flag = "#4:shuntlist,#6:shuntlist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "shuntlist"
+ no_ipv6 = true
+ end
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ end
+
+ local domain_list = s.domain_list or ""
+ for line in string.gmatch(domain_list, "[^\r\n]+") do
+ if line ~= "" and not line:find("#") and not line:find("regexp:") and not line:find("geosite:") and not line:find("ext:") then
+ if line:find("domain:") or line:find("full:") then
+ line = string.match(line, ":([^:]+)$")
+ end
+ add_excluded_domain(line)
+
+ if no_ipv6 then
+ set_domain_address(line, "#6")
+ end
+ set_domain_group(line, fwd_group)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ if _node_id ~= "_direct" then
+ log(string.format(" - V2ray/Xray分流规则(%s)使用分组:%s", s.remarks, fwd_group or "默认"))
+ end
+ end
+ end)
+ end
+
+ --如果没有使用回国模式
+ if not returnhome then
+ if fs.access("/usr/share/passwall/rules/gfwlist") then
+ local gfwlist_str = sys.exec('cat /usr/share/passwall/rules/gfwlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(gfwlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ local ipset_flag = "#4:gfwlist,#6:gfwlist6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "#4:gfwlist"
+ set_domain_address(line, "#6")
+ end
+ fwd_group = REMOTE_GROUP
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_group(line, fwd_group)
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ log(string.format(" - 防火墙域名表(gfwlist)使用分组:%s", fwd_group or "默认"))
+ end
+
+ if fs.access("/usr/share/passwall/rules/chnlist") and chnlist then
+ local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(chnlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ set_domain_group(line, LOCAL_GROUP)
+ set_domain_ipset(line, "#4:chnroute,#6:chnroute6")
+ end
+ end
+ end
+ log(string.format(" - 中国域名表(chnroute)使用分组:%s", LOCAL_GROUP or "默认"))
+ else
+ if fs.access("/usr/share/passwall/rules/chnlist") then
+ local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
+ for line in string.gmatch(chnlist_str, "[^\r\n]+") do
+ if line ~= "" then
+ local ipset_flag = "#4:chnroute,#6:chnroute6"
+ if NO_PROXY_IPV6 == "1" then
+ ipset_flag = "#4:chnroute"
+ set_domain_address(line, "#6")
+ end
+ set_domain_group(line, REMOTE_GROUP)
+ if REMOTE_FAKEDNS == "1" then
+ ipset_flag = nil
+ end
+ set_domain_ipset(line, ipset_flag)
+ end
+ end
+ log(string.format(" - 中国域名表(chnroute)使用分组:%s", REMOTE_GROUP or "默认"))
+ end
+ end
+
+ local f_out = io.open(CACHE_DNS_FILE, "a")
+ for key, value in pairs(list1) do
+ local group_str = ""
+ local ipset_str = ""
+ local speed_check_mode_str = ""
+ local address_str = ""
+ if value.group and #value.group > 0 then
+ group_str = group_str .. value.group
+ end
+ if group_str ~= "" then
+ group_str = " -n " .. group_str
+ end
+ if value.ipsets and #value.ipsets > 0 then
+ for i, ipset in ipairs(value.ipsets) do
+ ipset_str = ipset_str .. ipset .. ","
+ end
+ ipset_str = ipset_str:sub(1, #ipset_str - 1)
+ end
+ if ipset_str ~= "" then
+ ipset_str = " -p " .. ipset_str
+ end
+ if value.address and #value.address > 0 then
+ address_str = address_str .. value.address
+ end
+ if address_str ~= "" then
+ address_str = " -a " .. address_str
+ end
+ if value.speed_check_mode and #value.speed_check_mode > 0 then
+ speed_check_mode_str = value.speed_check_mode
+ end
+ if speed_check_mode_str ~= "" then
+ speed_check_mode_str = " -c " .. speed_check_mode_str
+ end
+ local str = string.format("domain-rules /%s/ %s%s%s%s\n", key, group_str, ipset_str, address_str, speed_check_mode_str)
+ f_out:write(str)
+ end
+ f_out:close()
+
+ f_out = io.open(CACHE_MD5_FILE, "a")
+ f_out:write(md5)
+ f_out:close()
+end
+fs.symlink(CACHE_DNS_FILE, SMARTDNS_CONF)
+sys.call(string.format('echo "conf-file %s" >> /etc/smartdns/custom.conf', SMARTDNS_CONF))
+log(" - 请让SmartDNS作为Dnsmasq的上游或重定向!")
diff --git a/luci-app-passwall/root/usr/share/passwall/iptables.sh b/luci-app-passwall/root/usr/share/passwall/iptables.sh
index 9ae87f419..cd5fcc636 100755
--- a/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/luci-app-passwall/root/usr/share/passwall/iptables.sh
@@ -312,7 +312,7 @@ load_acl() {
d_server=127.0.0.1
[ "$tcp_proxy_mode" = "global" ] && d_server=${d_server}#${_dns_port}
echo "server=${d_server}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf
- source $APP_PATH/helper_${DNS_N}.sh add DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${filter_proxy_ipv6}
+ source $APP_PATH/helper_${DNS_N}.sh add FLAG=${sid} DNS_MODE=$dns_mode TMP_DNSMASQ_PATH=$TMP_ACL_PATH/$sid/dnsmasq.d DNSMASQ_CONF_FILE=/dev/null LOCAL_DNS=$LOCAL_DNS TUN_DNS=127.0.0.1#${_dns_port} TCP_NODE=$tcp_node PROXY_MODE=${tcp_proxy_mode} NO_LOGIC_LOG=1 NO_PROXY_IPV6=${filter_proxy_ipv6}
ln_run "$(first_type dnsmasq)" "dnsmasq_${sid}" "/dev/null" -C $TMP_ACL_PATH/$sid/dnsmasq.conf -x $TMP_ACL_PATH/$sid/dnsmasq.pid
eval node_${tcp_node}_$(echo -n "${tcp_proxy_mode}${dns_forward}" | md5sum | cut -d " " -f1)=${dnsmasq_port}
}
@@ -1187,6 +1187,8 @@ flush_ipset() {
del_firewall_rule
destroy_ipset $IPSET_VPSIPLIST $IPSET_SHUNTLIST $IPSET_GFW $IPSET_CHN $IPSET_BLACKLIST $IPSET_BLOCKLIST $IPSET_WHITELIST $IPSET_LANIPLIST
destroy_ipset $IPSET_VPSIPLIST6 $IPSET_SHUNTLIST6 $IPSET_GFW6 $IPSET_CHN6 $IPSET_BLACKLIST6 $IPSET_BLOCKLIST6 $IPSET_WHITELIST6 $IPSET_LANIPLIST6
+ rm -rf /tmp/etc/passwall_tmp/smartdns*
+ rm -rf /tmp/etc/passwall_tmp/dnsmasq*
/etc/init.d/passwall reload
}
diff --git a/luci-app-passwall/root/usr/share/passwall/rules/chnlist b/luci-app-passwall/root/usr/share/passwall/rules/chnlist
index 23b849d5f..d4587eb02 100644
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnlist
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnlist
@@ -132,7 +132,6 @@
020.net
0208.com
020banjia.net
-020h.com
020job.com
020ym.com
020zp.net
@@ -199,7 +198,6 @@
0245.org
024888.net
02489.com
-024anfang.com
024bj.com
024bxkj.com
024eps.com
@@ -498,7 +496,6 @@
06peng.com
07.la
0701news.com
-070210.com
0704tv.com
07073.com
07073h5.com
@@ -693,6 +690,7 @@
09ge.com
09rw.com
09shijue.com
+0a.fit
0bug.org
0car0.com
0ctrl.com
@@ -984,7 +982,6 @@
114-91.com
114.114.114.114
1140086.com
-114160.com
11467.com
114best.com
114cb.com
@@ -1108,6 +1105,7 @@
1213.me
121314.com
121ask.com
+121down.com
121mai0098.com
121mu.com
121xia.com
@@ -1481,6 +1479,7 @@
168kk.com
168kn.com
168lyq.com
+168moliao.com
168pd.com
168rcw.com
168tcw.com
@@ -1776,7 +1775,6 @@
1884933.com
18856.com
188628.com
-1886zuche.com
1888.com.mo
188app.xyz
188bifen.com
@@ -2431,7 +2429,6 @@
258fuwu.com
258jituan.com
258sd.com
-258zw.com
25992.com
259go.com
25az.com
@@ -2998,7 +2995,6 @@
360chezhan.com
360cloudwaf.com
360daikuan.com
-360dao.com
360ddj.com
360doc.com
360doc1.net
@@ -3015,7 +3011,6 @@
360drift.com
360drm.com
360edu.com
-360eet.com
360eol.com
360fdc.com
360gann.com
@@ -3209,7 +3204,6 @@
3699.cc
36992.com
3699wan.com
-369beauty.com
369wenku.com
369xxw.com
36dianping.com
@@ -4915,7 +4909,6 @@
55779.xyz
5588.tv
5599.com
-55cc.cc
55dai.com
55dian.com
55doc.com
@@ -5084,14 +5077,12 @@
58dadi.com
58daojia.com
58display.com
-58dm.com
58fangdai.com
58fenlei.com
58food.com
58game.com
58gameup.com
58ganji.com
-58gush.com
58house.com
58huoban.com
58hzb.com
@@ -5173,7 +5164,6 @@
59881.com
598991.com
598g.com
-598rc.com
599.com
5999.tv
599ku.com
@@ -5698,6 +5688,7 @@
68pk10.com
68play.com
68team.com
+68tuku.com
68web.net
68websoft.com
68youhui.com
@@ -6280,7 +6271,6 @@
800you.com
800youhuo.com
801167.com
-802013.com
802203.com
807.com
80710.com
@@ -6641,7 +6631,6 @@
8977567.com
8979.com
898.travel
-8988sbd.com
8989118.com
898940.com
898984.com
@@ -7740,6 +7729,7 @@ abusi.net
abuyun.com
ac268.com
ac57.com
+academypublication.com
acadki.com
acc3.net
acc5.com
@@ -7843,7 +7833,6 @@ acumoxj.com
acuworld.net
acwifi.net
acwing.com
-acznw.com
ad-cn.net
ad-gone.com
ad-goods.com
@@ -8020,6 +8009,7 @@ aes01.com
aesdrink.com
aesml.com
aesucai.com
+aet21.com
aevit.xyz
aexpec.com
af360.com
@@ -8318,7 +8308,6 @@ aijishu.com
aiju.com
aik.com
aikac.com
-aikaitao.com
aikaixin.com
aikaiyuan.com
aikan.tv
@@ -8465,6 +8454,7 @@ aiuxdesign.com
aiuxian.com
aiuxstudio.com
aiviy.com
+aiviysoft.com
aiwall.com
aiwan4399.com
aiwan91.com
@@ -8613,7 +8603,6 @@ aledeco-hk.com
aleest.com
alenshaw.com
alertover.com
-alexa.sx
alexandraeden.com
alexyan.cc
aleyoo.com
@@ -9659,6 +9648,7 @@ asktao.com
askxt.org
aslzw.com
asm64.com
+asmrv.com
asnlab.com
asnlab.org
aso.ink
@@ -9739,7 +9729,6 @@ atitsc.com
atiyun.com
atjiang.com
atlas1688.com
-atm988.com
atmbox.com
atobo.com
atomhike.com
@@ -11456,6 +11445,7 @@ biqushu.com
biqusoso.com
biquter.xyz
biqutxt.com
+biquw.com
biquwo.com
biquwu.cc
biquwx.la
@@ -12023,6 +12013,7 @@ bmqy.net
bmrtech.com
bmshow.com
bmtcled.com
+bmvps.com
bmw021.com
bmw143.com
bmw8033.com
@@ -12126,6 +12117,7 @@ boldseas.com
bole.me
bolead.com
bolehu.net
+boleihg.com
bolejiang.com
bolelink.com
boll.me
@@ -12427,7 +12419,6 @@ btnotes.com
btoo3.com
btophr.com
btorange.com
-btpan.com
btpig.com
btplay.net
btrcsc.com
@@ -12805,7 +12796,6 @@ c51rf.com
c53911.com
c571.com
c5game.com
-c6.nz
c6c.com
c6n708.ren
c73160.com
@@ -12971,7 +12961,6 @@ caishenpo.com
caishenwang.online
caishimv.com
caishuixxi.com
-caispace.com
caistv.com
cait.com
caitlinbeverly.com
@@ -14108,7 +14097,6 @@ changyan.com
changyifan.com
changyin-lab.com
changyou.com
-changyouke.com
changyoyo.com
changyueba.com
changzhinews.com
@@ -14974,7 +14962,6 @@ chinapowerbi.com
chinapp.com
chinapptx.com
chinaprint.org
-chinaproaudio.com
chinapsy.com
chinapubmed.net
chinaqi.net
@@ -16541,6 +16528,7 @@ cntiaoliao.com
cntofu.com
cntopgear.com
cntoplead.com
+cntplus.com
cntrades.com
cntranslators.com
cntronics.com
@@ -16767,7 +16755,6 @@ cojia.net
cokemine.com
cokll.com
col.ink
-colabug.com
coladrive.com
colafile.com
colahotpot.com
@@ -17170,6 +17157,7 @@ cqsoft.org
cqsxedu.com
cqtally.co
cqtally.com
+cqtaotan.com
cqtea.com
cqtransit.com
cqtresearch.com
@@ -17294,6 +17282,7 @@ crs811.com
crsc.cc
crsky.com
crsn168.com
+cruelcoding.com
crvic.org
crxdl.com
cryptape.com
@@ -17548,6 +17537,7 @@ ctripcorp.com
ctripgslb.com
ctripins.com
ctripqa.com
+ctrlqq.com
ctrmi.com
ctsbw.com
ctsec.com
@@ -18035,7 +18025,6 @@ dai35.com
dai361.com
dai911.com
daibi.com
-daichanger.com
daichuqu.com
daicuo.cc
daicuo.co
@@ -18616,6 +18605,7 @@ ddzhj.com
ddztv.com
ddzuqin.com
de-moe.org
+de.net
de0.cc
de123.net
de1919.com
@@ -18746,7 +18736,8 @@ dengtadaka.com
dengxiaolong.com
dengxiaopingnet.com
dengyong.cc
-denocn.org
+denic.de
+denic.net
dentistshow.com
denuoexpo.com
deosin.com
@@ -19333,7 +19324,6 @@ diyifanwen.com
diyifanwen.net
diyigaokao.com
diyihuifu.com
-diyijuzi.com
diyinews.com
diyiredian.com
diyishijian.com
@@ -19599,6 +19589,7 @@ dnsff.com
dnsfwq.com
dnsgtm.com
dnsgulf.net
+dnsh6666.com
dnshot.net
dnshwx.com
dnsinside.net
@@ -20918,7 +20909,6 @@ eces66.com
ecgci.com
ecgoods.com
echanceyun.com
-echangwang.com
echangye.com
echao8.com
echargenet.com
@@ -21374,6 +21364,7 @@ elong.net
elongshine.com
elongstatic.com
elpcon.com
+elpwc.com
els001.com
elsenow.com
elsiehoney.com
@@ -21422,6 +21413,7 @@ emea.cdnetworks.com
emeixs.com
emeor.com
emepu.com
+emilhk.com
emjob.com
emlinix.com
emlog.net
@@ -21644,6 +21636,7 @@ errenzhuan.cc
ershenghuo.net
ershicimi.com
ershouhui.com
+ert295.com
ert7.com
ertongkongjian.com
ertongtuku.com
@@ -21749,7 +21742,6 @@ ethfans.org
etiantian.com
etiantian.net
etiantian.org
-etiaoliao.com
etimeusa.com
etiv.me
etjournals.com
@@ -21790,6 +21782,7 @@ etu6.com
etuan.com
etudu.com
etuonet.com
+etycx.com
etyy.com
etyyy.com
etz927.com
@@ -21851,6 +21844,7 @@ evideostb.com
evilbinary.org
evilcos.me
evileyesaint.com
+evilwind.fun
evketang.com
evlo.us
evlook.com
@@ -22614,6 +22608,7 @@ feiq18.com
feirar.com
feiren.com
feisan.net
+feishu-3rd-party-services.com
feishucdn.com
feisu.com
feitian001.com
@@ -22718,7 +22713,6 @@ fengqu.com
fengread.com
fengshangweekly.com
fengshui22.com
-fengshui86.com
fengsung.com
fengtai.tv
fengtalk.com
@@ -23164,6 +23158,7 @@ fmketang.com
fmpan.com
fmsh.com
fmtol.com
+fmtt6.xyz
fmwei.com
fmwhahaha.com
fmy90.com
@@ -23369,6 +23364,7 @@ fread.com
free-api.com
free-e.net
free-eyepro.com
+free-img.com
free.mk
free789.com
freebsdchina.org
@@ -23494,7 +23490,6 @@ ftqq.com
ftrsit.com
ftsafe.com
ftsfund.com
-ftsm-vip.com
ftt.me
ftuan.com
ftxad.com
@@ -23767,9 +23762,9 @@ fz0512.com
fz222.com
fz2sc.com
fz597.com
-fzbm.com
fzbtv.com
fzccpit.org
+fzchpos.com
fzcyjh.com
fzdmag.com
fzengine.com
@@ -24345,7 +24340,6 @@ geekjc.com
geekluo.com
geekmaker.com
geekman.vip
-geekmar.xyz
geekniu.com
geekori.com
geekotg.com
@@ -24469,7 +24463,6 @@ gexiaocloud.com
gexing.com
gexing.me
gexings.com
-gexingshuo.com
gexingzipai.com
geyan123.com
geyanw.com
@@ -24657,6 +24650,7 @@ gitcode.net
gitee.com
gitee.io
githang.com
+github.do
githubusercontents.com
gitissue.com
gitlib.com
@@ -25198,6 +25192,7 @@ gp88888.com
gp891.com
gpai.net
gpautobid.com
+gpbctv.com
gpbeta.com
gpcqjy.com
gpcxw.com
@@ -25589,7 +25584,6 @@ guiguzhongguo.com
guiheyue.com
guihua.com
guihuayun.com
-guihuazixun.com
guiji.com
guijinshu.com
guikeyun.com
@@ -25729,9 +25723,7 @@ guqiu.com
guqu.net
gurudigger.com
gurukeji.com
-gush88.com
gushequ.com
-gushfx.com
gushi.ci
gushi.com
gushicimingju.com
@@ -26326,7 +26318,6 @@ haituoqi.com
haitutech.com
haiwaimoney.com
haiwaioo.com
-haiwaituiguang.com
haiwaiyou.com
haiwaiyoujia.com
haiwanli.com
@@ -26863,6 +26854,7 @@ hbccpit.org
hbcdc.com
hbcg.cc
hbchen.com
+hbchy.net
hbciqtc.com
hbcjaq.com
hbcjh.net
@@ -27021,7 +27013,6 @@ hbsydw.org
hbszfw.com
hbsztv.com
hbszzd158.com
-hbszzdlssz.com
hbszzk.com
hbszzx.com
hbtcmu.com
@@ -29335,6 +29326,7 @@ huowan.com
huoxiaoer.net
huoxing24.com
huoxingba.com
+huoxingtan66.com
huoxingzi.com
huoxun.com
huoyan.com
@@ -30233,6 +30225,7 @@ idolranking.info
idolyx.com
idom.me
idomb.com
+idong.ren
idongde.com
idongdong.com
idongniu.com
@@ -30824,7 +30817,6 @@ imlcl.com
imlgm.com
imlianai.com
imliuyi.com
-imliyan.com
immi520.com
immiexpo.com
immivip.com
@@ -32762,7 +32754,6 @@ jilinpujiyiyuan.com
jilinwula.com
jiliyun.com
jillbanging.com
-jilong-chem.com
jimeng.mobi
jimi168.com
jimicn.com
@@ -32770,7 +32761,6 @@ jimifashion.com
jimilier.com
jimiru-bj.com
jimistore.com
-jimmylv.info
jimonet.cc
jimu.com
jimubox.com
@@ -32856,6 +32846,7 @@ jingkids.com
jinglawyer.com
jinglingbiaozhu.com
jinglong0769.com
+jinglongyu.link
jingmaoyuanxin.com
jingme.net
jingmeiti.com
@@ -35231,6 +35222,7 @@ kmail.com
kmapp.net
kmcaishui.com
kmcenter.org
+kmcha.com
kmcits.com
kmcits0655.com
kmcxedu.com
@@ -35620,7 +35612,6 @@ kuaisushu-cnd.com
kuaitijian.com
kuaitu666.com
kuaiwan.com
-kuaiwanwo.com
kuaixiazai.com
kuaiyan.com
kuaiyiad.com
@@ -35665,7 +35656,6 @@ kuashou.com
kubey.cc
kubicode.me
kubikeji.com
-kubiops.com
kubo-360-tudou.com
kubozy-cdn-baidu.com
kuche.com
@@ -35830,6 +35820,7 @@ kwin.wang
kwin.xyz
kwkf.com
kwtzn.com
+kwudor.com
kwx.gd
kwxjh.net
kx001.com
@@ -36259,6 +36250,7 @@ lapin365.com
lapland.name
laqiangu.com
laravel-admin.org
+laravelacademy.org
larenla.com
large.net
larkapp.com
@@ -36981,7 +36973,6 @@ lieguozhi.com
liehu.tv
liehunwang.com
liehuo.net
-liehuo.org
liejin99.com
lieju.com
lielb.com
@@ -37118,6 +37109,7 @@ linewell.com
linewow.com
linezing.com
linfan.com
+linfeicloud.com
lingaoren.com
lingb.net
lingbao-e.com
@@ -37691,6 +37683,7 @@ lnok.net
lnpjw.com
lnrcu.com
lnrsks.com
+lnsgczb.com
lnslymy.com
lntenghui.com
lntvu.com
@@ -37832,7 +37825,6 @@ longmarchspace.com
longmeng.com
longmenmingche.com
longmiao.wang
-longmotto.com
longmushengwu.com
longqikeji.com
longquan-baojian.com
@@ -38099,6 +38091,7 @@ lsoos.com
lspjy.com
lsq6.com
lsqifu.com
+lsqpay.com
lssen.com
lssggzy.com
lstazl.com
@@ -38765,7 +38758,6 @@ maijiaba.com
maijiabashi.com
maijiakan.com
maijichuang.net
-maijx.com
maikenu.com
mail-qq.com
mail163.com
@@ -39058,6 +39050,7 @@ marknum.com
markonreview.com
markorchem.com
marksmile.com
+marmot-cloud.com
maro6.com
maroon91.com
marry5.com
@@ -41116,6 +41109,7 @@ myhaowai.com
myhard.com
myhayo.com
myhexin.com
+myhithink.com
myhongzuan.com
myhostadmin.net
myhuahuo.com
@@ -41478,7 +41472,6 @@ nbdeli.com
nbdeli.net
nbdig.com
nbdisco.com
-nbdskj.com
nbegame.com
nbegame.net
nbenl.com
@@ -41861,6 +41854,7 @@ niba.com
nibaguai.com
nibaku.com
nibiye.com
+nic.de
nic.ren
nic.wang
nicaifu.com
@@ -42122,6 +42116,7 @@ nmzol.com
nmzzlhwlkj.com
nn.ci
nn.com
+nn12333.com
nn92.com
nncc626.com
nncgs.com
@@ -42701,6 +42696,7 @@ okinfo.org
okjike.com
okjk.co
okjoys.com
+okjx.cc
okki.com
okkkk.com
oklink.com
@@ -43122,6 +43118,7 @@ oujistore.com
oukan.online
ouklqd.com
oulvnet.com
+oumakspt.com
oumengke.com
ounh.org
ouo.us
@@ -43191,6 +43188,7 @@ oushangstyle.com
oushinet.com
oushivoyages.com
ousns.net
+outbrai.com
outlets365.com
ouvps.com
ouxutong.com
@@ -44935,6 +44933,7 @@ qdgw.com
qdgxqrc.com
qdgxzg.com
qdhantang.com
+qdhmsoft.com
qdhsty.com
qdingnet.com
qdjiejie.com
@@ -45273,7 +45272,6 @@ qidong.co
qidong.name
qidongyx.com
qidou.com
-qiduocloud.com
qiduowei.com
qiecdn.com
qieerxi.com
@@ -45734,7 +45732,6 @@ qmacro.com
qmail.com
qmango.com
qmcaifu.com
-qmcmw.com
qmconfig.com
qmei.me
qmei.vip
@@ -45785,7 +45782,6 @@ qpgame.com
qplus.com
qpoc.com
qpstar.com
-qpx.com
qpxiaoshuo.com
qpzq.net
qq-xmail.com
@@ -45866,7 +45862,6 @@ qqma.com
qqmail.com
qqmcc.org
qqmofasi.com
-qqmoke.com
qqmtc.com
qqmusic.com
qqnn.net
@@ -46476,6 +46471,7 @@ rajjzs.com
rakinda-xm.com
ralf.ren
ramadaplaza-ovwh.com
+ramboplay.com
ramostear.com
ran-wen.com
ran10.com
@@ -46674,7 +46670,6 @@ redocn.com
redoop.com
redpact.com
redphon.com
-redquan.com
redream.com
redrock.team
redsh.com
@@ -47831,6 +47826,7 @@ scw98.com
scweixiao.com
scwj.net
scwlylqx.com
+scwsf.com
scwy.net
scxdf.com
scxnyl.com
@@ -47893,7 +47889,6 @@ sdeqs.com
sderp.com
sdewj.com
sdey.net
-sdfcp.com
sdfcxw.com
sdfhyl.com
sdfll.com
@@ -48525,6 +48520,7 @@ shanpow.com
shanqb.com
shanqu.cc
shanse8.com
+shanshanku.com
shanshoufu.com
shantoumama.com
shanweinews.net
@@ -49751,6 +49747,7 @@ siqiquan.org
sique.com
sir3.com
sir66.com
+sirenvps.com
siryin.com
sisen.com
sishuok.com
@@ -50001,7 +49998,6 @@ slimtheme.com
slink8.com
slinli.com
slinuxer.com
-sliu.info
sljkj.com
sljypt.com
slkeq.com
@@ -50237,7 +50233,6 @@ sobeycloud.com
sobot.com
soboten.com
sobug.com
-sobuhu.com
socang.com
socansoft.com
socay.com
@@ -51028,6 +51023,7 @@ suanst.com
suanya.com
suaooo.com
suapp.me
+subangjia.com
subaonet.com
subaotuan.com
subingkang.com
@@ -51093,7 +51089,6 @@ sui.com
suibianla.com
suibianzhao.com
suibiji.com
-suicloud.com
suilengea.com
suileyoo.com
suinian.com
@@ -51484,6 +51479,7 @@ sxlcdn.com
sxldns.com
sxldtv.com
sxmaps.com
+sxmcwlw.com
sxmtdz.com
sxncb.com
sxnfss.com
@@ -52762,6 +52758,7 @@ thenburn.com
thenew123.com
theorychina.org
thepaintstore.net
+thesmartmelon.com
thestack.net
thethirdmedia.com
thetigerhood.com
@@ -52962,7 +52959,6 @@ tianyancha.com
tianyanqifu.com
tianyant.com
tianyaruanwen.com
-tianyashuku.com
tianyaui.com
tianyecollege.com
tianyi1368.com
@@ -53143,6 +53139,7 @@ titan24.com
titanar.com
titanmatrix.com
titapark.com
+tiwb.com
tixa.com
tixaapp.com
tixaclub.net
@@ -53383,7 +53380,6 @@ tol24.com
tom.cat
tom.com
tom163.net
-tom61.com
tomap.me
tomatogames.com
tomatolei.com
@@ -53579,6 +53575,7 @@ tou70.com
toubang.tv
toucdn.com
touch4.me
+touchealth.com
touchev.com
touchpal.com
touchrom.com
@@ -55714,7 +55711,6 @@ vocalmiku.com
voccdn.com
vocinno.com
vodjk.com
-vodxc.com
voguego.com
vohringer.com
voicedic.com
@@ -57333,6 +57329,7 @@ whmeigao.com
whmicrocredit.com
whmj.org
whmlcy.net
+whmnls.com
whmnrc.com
whmnx.com
whmoocs.com
@@ -58320,7 +58317,6 @@ wuage.com
wuaiso.com
wubaiyi.com
wubaiyi.net
-wubazx.online
wubiba.com
wubisheng.net
wubizi.net
@@ -58429,6 +58425,7 @@ wukur.com
wukypay.com
wul.ai
wulannews.com
+wuletv.com
wuliannanjing.com
wuliaoo.com
wuliaosi.com
@@ -59072,6 +59069,7 @@ xdnote.com
xdnphb.com
xdocin.com
xdoor.cc
+xdow.net
xdplt.com
xdpvp.com
xdressy.com
@@ -60251,7 +60249,6 @@ xiqinrc.com
xiqqq.com
xirang.com
xirenxuan.com
-xirikm.net
xishanju.com
xishaoye.com
xishiqu.com
@@ -60490,6 +60487,7 @@ xl5dd.com
xl5du.com
xl5dw.com
xl699.com
+xlb588.com
xlcidc.com
xlctyd.com
xlcz.com
@@ -60719,6 +60717,7 @@ xptt.com
xpu93.com
xpw888.com
xpxt.net
+xpykjsws.com
xpyx.net
xq0356.com
xq5.com
@@ -61448,7 +61447,6 @@ yafanpm.com
yafco.com
yafdev.com
yafeilinux.com
-yagaooem.xyz
yageo.tech
yago-mall.com
yahacode.com
@@ -62789,6 +62787,7 @@ ymatou.com
ymatou.hk
ymbq301.com
ymcall.com
+ymcart.com
ymd520.net
ymd88.com
ymeme.com
@@ -64949,6 +64948,7 @@ zgzyqcgw.com
zgzzs.com
zh-itone.com
zh.cc
+zh188.net
zh30.com
zh51home.com
zhai14.com
@@ -65048,7 +65048,6 @@ zhangzishi.net
zhangzs.com
zhanh.com
zhanhi.com
-zhanjindong.com
zhankoo.com
zhanlingol.com
zhanmazj.com
@@ -65487,6 +65486,7 @@ zhiyuan-group.com
zhiyuanit.com
zhiyuanyun.com
zhiyujit.com
+zhiyun-tech.com
zhizaoye.net
zhizaoyun.com
zhizhang.com
@@ -65854,7 +65854,6 @@ zhuliuwu.com
zhulixiaolie.com
zhulogic.com
zhulong.com
-zhulou.net
zhulu86.com
zhumengwl.com
zhumu.me
@@ -66246,6 +66245,7 @@ zjpubservice.com
zjqbj.com
zjqimeng.com
zjqk110.com
+zjqll.com
zjrc.com
zjrc.net
zjrcu.com
@@ -66443,6 +66443,7 @@ zmzapi.net
zmzjk.com
zmzjstu.com
zn8.com
+znb.me
znba.net
znbo.com
znczz.com
diff --git a/luci-app-passwall/root/usr/share/passwall/rules/chnroute b/luci-app-passwall/root/usr/share/passwall/rules/chnroute
index 051229dfc..b050abc91 100644
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnroute
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnroute
@@ -873,6 +873,7 @@
103.185.228.0/23
103.185.78.0/23
103.185.80.0/23
+103.186.4.0/23
103.19.12.0/22
103.19.232.0/22
103.19.40.0/22
diff --git a/luci-app-passwall/root/usr/share/passwall/rules/chnroute6 b/luci-app-passwall/root/usr/share/passwall/rules/chnroute6
index 609ce18e2..b562d356a 100644
--- a/luci-app-passwall/root/usr/share/passwall/rules/chnroute6
+++ b/luci-app-passwall/root/usr/share/passwall/rules/chnroute6
@@ -31,7 +31,6 @@
2001:df0:2e00::/48
2001:df0:2e80::/48
2001:df0:423::/48
-2001:df0:4500::/48
2001:df0:59c0::/48
2001:df0:85c0::/48
2001:df0:8d40::/48
@@ -230,6 +229,7 @@
2400:6c40::/32
2400:6cc0::/32
2400:6d40::/32
+2400:6da0::/32
2400:6dc0::/32
2400:6e00::/32
2400:6e40::/32
diff --git a/luci-app-passwall/root/usr/share/passwall/rules/gfwlist b/luci-app-passwall/root/usr/share/passwall/rules/gfwlist
index 16429d653..23806297a 100644
--- a/luci-app-passwall/root/usr/share/passwall/rules/gfwlist
+++ b/luci-app-passwall/root/usr/share/passwall/rules/gfwlist
@@ -7123,6 +7123,7 @@ mfg-inspector.com
mgo-images.com
mgo.com
mhshosting.com
+mhyurl.cn
mi9.com.au
mi9cdn.com
miamifintechfestival.com
diff --git a/natflow/Makefile b/natflow/Makefile
index 8ed5756d9..39882278e 100644
--- a/natflow/Makefile
+++ b/natflow/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=natflow
-PKG_VERSION:=20220415
+PKG_VERSION:=20220416
PKG_SOURCE_URL:=https://codeload.github.com/ptpt52/natflow/tar.gz/$(PKG_VERSION)?
PKG_HASH:=skip