From bddc836caa134931a3d2b2ef946f72becf3ff577 Mon Sep 17 00:00:00 2001 From: actions-user Date: Mon, 19 Aug 2024 16:15:34 +0800 Subject: [PATCH] update 2024-08-19 16:15:34 --- .../root/usr/share/passwall/iptables.sh | 25 +++++++++---------- sing-box/Makefile | 4 +-- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/luci-app-passwall/root/usr/share/passwall/iptables.sh b/luci-app-passwall/root/usr/share/passwall/iptables.sh index 4cba79f5..4ae56cb9 100755 --- a/luci-app-passwall/root/usr/share/passwall/iptables.sh +++ b/luci-app-passwall/root/usr/share/passwall/iptables.sh @@ -698,8 +698,17 @@ filter_node() { } dns_hijack() { - $ipt_n -I PSW -p udp --dport 53 -j REDIRECT --to-ports 53 - echolog "强制转发本机DNS端口 UDP/53 的请求[$?]" + [ $(config_t_get global dns_redirect "0") = "1" ] && { + $ipt_m -A PSW -p udp --dport 53 -j RETURN + $ipt_m -A PSW -p tcp --dport 53 -j RETURN + $ip6t_m -A PSW -p udp --dport 53 -j RETURN + $ip6t_m -A PSW -p tcp --dport 53 -j RETURN + $ipt_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null + $ipt_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null + $ip6t_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null + $ip6t_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null + echolog " - 开启 DNS 重定向" + } } add_firewall_rule() { @@ -1121,17 +1130,7 @@ add_firewall_rule() { $ip6t_m -I OUTPUT $(comment "mangle-OUTPUT-PSW") -o lo -j RETURN insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW) -m mark --mark 1 -j RETURN" - [ $(config_t_get global dns_redirect "0") = "1" ] && { - $ipt_m -A PSW -p udp --dport 53 -j RETURN - $ipt_m -A PSW -p tcp --dport 53 -j RETURN - $ip6t_m -A PSW -p udp --dport 53 -j RETURN - $ip6t_m -A PSW -p tcp --dport 53 -j RETURN - $ipt_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null - $ipt_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null - $ip6t_n -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null - $ip6t_n -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53 -m comment --comment "PSW_DNS_Hijack" 2>/dev/null - echolog " - 开启 DNS 重定向" - } + dns_hijack } diff --git a/sing-box/Makefile b/sing-box/Makefile index 6426ce86..8c1fccc0 100644 --- a/sing-box/Makefile +++ b/sing-box/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sing-box -PKG_VERSION:=1.9.3 +PKG_VERSION:=1.9.4 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=ab3d321860f973151e773c0c4a1478ab31ed63d89e17c7ac618cf50b232dd1c4 +PKG_HASH:=30652ce0151ef46f314b25df74b402278dd7c540ba0b7f1c2c66209314afad09 PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=LICENSE