luci-app-vssr: sync with upstream source

2020-02-18 23:26:53 +08:00 · 2020-02-18 23:26:53 +08:00 · 023f263cba
commit 023f263cba
parent 4f9ac5d252
4 changed files with 42 additions and 18 deletions
--- a/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua
+++ b/package/ctcgfw/luci-app-vssr/luasrc/model/cbi/vssr/control.lua
@ -18,28 +18,44 @@ o.datatype = "ip4addr"
 -- Part of LAN
 s:tab("lan_ac", translate("LAN IP AC"))

-o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Bypassed Host List"))
+o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("LAN Access Control"))
+o:value("0", translate("Disable"))
+o:value("w", translate("Allow listed only"))
+o:value("b", translate("Allow all except listed"))
+o.rmempty = false
+
+o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-       if entry.reachable then
-               o:value(entry.dest:string())
-       end
+		if entry.reachable then
+			o:value(entry.dest:string())
+		end
+end)
+o:depends("lan_ac_mode", "w")
+o:depends("lan_ac_mode", "b")
+
+o = s:taboption("lan_ac", DynamicList, "lan_bp_ips", translate("LAN Bypassed Host List"))
+o.datatype = "ipaddr"
+luci.ip.neighbors({ family = 4 }, function(entry)
+		if entry.reachable then
+			o:value(entry.dest:string())
+		end
 end)

 o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-       if entry.reachable then
-               o:value(entry.dest:string())
-       end
+		if entry.reachable then
+			o:value(entry.dest:string())
+		end
 end)

 o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List"))
 o.datatype = "ipaddr"
 luci.ip.neighbors({ family = 4 }, function(entry)
-       if entry.reachable then
-               o:value(entry.dest:string())
-       end
+		if entry.reachable then
+			o:value(entry.dest:string())
+		end
 end)

 -- Part of Self
@ -85,4 +101,4 @@ o.remove = function(self, section, value)
 	NXFS.writefile(blockconf, "")
 end

-return m
+return m
--- a/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po
+++ b/package/ctcgfw/luci-app-vssr/po/zh_Hans/vssr.po
@ -234,13 +234,13 @@ msgid "Interfaces - LAN"
 msgstr "接口 - LAN"

 msgid "LAN Access Control"
-msgstr "内网访问控制"
+msgstr "内网客户端分流代理控制"

 msgid "Allow listed only"
-msgstr "仅允许列表内"
+msgstr "仅允许列表内主机"

 msgid "Allow all except listed"
-msgstr "仅允许列表外"
+msgstr "除列表外主机皆允许"

 msgid "LAN Host List"
 msgstr "内网主机列表"
--- a/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr
+++ b/package/ctcgfw/luci-app-vssr/root/etc/init.d/vssr
@ -188,7 +188,7 @@ start_rules() {

 	local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port)
 	local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips)
-	local lan_ac_mode="b"
+	local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode)
 	local router_proxy=$(uci_get_by_type access_control router_proxy)
 	if [ "$GLOBAL_SERVER" = "$UDP_RELAY_SERVER" -a $kcp_flag = 0 ]; then
 		ARG_UDP="-u"
@ -232,6 +232,7 @@ start_rules() {
 		-i "$(uci_get_by_type access_control wan_bp_list)" \
 		-b "$(uci_get_by_type access_control wan_bp_ips)" \
 		-w "$(uci_get_by_type access_control wan_fw_ips)" \
+		-B "$(uci_get_by_type access_control lan_bp_ips)" \
 		-p "$(uci_get_by_type access_control lan_fp_ips)" \
 		-G "$(uci_get_by_type access_control lan_gm_ips)" \
 		-D "$proxyport" \
--- a/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules
+++ b/package/ctcgfw/luci-app-vssr/root/usr/bin/vssr-rules
@ -24,6 +24,7 @@ usage() {
 		                            define access control mode
 		    -b <wan_ips>            wan ip of will be bypassed
 		    -w <wan_ips>            wan ip of will be forwarded
+		    -B <bp_lan_ips>         lan ip of will be bypassed proxy
 		    -p <fp_lan_ips>         lan ip of will be global proxy
 		    -G <gm_lan_ips>         lan ip of will be game mode proxy
 		    -D <proxy_ports>        proxy ports
@ -63,6 +64,7 @@ flush_r() {
 	ipset -X ss_spec_wan_ac 2>/dev/null
 	ipset -X ssr_gen_router 2>/dev/null
 	ipset -X fplan 2>/dev/null
+	ipset -X bplan 2>/dev/null
 	ipset -X gmlan 2>/dev/null
 	ipset -X oversea 2>/dev/null
 	ipset -X whitelist 2>/dev/null
@ -112,7 +114,9 @@ EOF
 	ipset -N fplan hash:net 2>/dev/null
 	for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
-	
+	ipset -N bplan hash:net 2>/dev/null
+	for ip in $LAN_BP_IP; do ipset -! add bplan $ip; done
+	$IPT -I SS_SPEC_WAN_AC -m set --match-set bplan src -j RETURN
 	ipset -N whitelist hash:net 2>/dev/null
 	ipset -N blacklist hash:net 2>/dev/null
 	$IPT -I SS_SPEC_WAN_AC -m set --match-set blacklist dst -j SS_SPEC_WAN_FW
@ -196,7 +200,7 @@ tp_rule() {
  $ipt -A SS_SPEC_TPROXY -p udp -d 224.0.0.0/4 -j RETURN
  $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN
  $ipt -A SS_SPEC_TPROXY -p udp -d $SERVER -j RETURN
-  
+  $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set bplan src -j RETURN
  $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \
 		-j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01
  
@ -298,7 +302,7 @@ EOF
 	return 0
 }

-while getopts ":s:l:S:L:i:e:a:b:w:p:G:D:oOuUfgrczh" arg; do
+while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:oOuUfgrczh" arg; do
 	case "$arg" in
 		s)
 			server=$OPTARG
@ -321,6 +325,9 @@ while getopts ":s:l:S:L:i:e:a:b:w:p:G:D:oOuUfgrczh" arg; do
 		a)
 			LAN_AC_IP=$OPTARG
 			;;
+		B)
+		        LAN_BP_IP=$OPTARG
+		        ;;
 		b)
 			WAN_BP_IP=$(for ip in $OPTARG; do echo $ip; done)
 			;;