From fb876b7ddd264bb1d403f7daf991878c40ffde17 Mon Sep 17 00:00:00 2001 From: CN_SZTL Date: Sun, 15 Mar 2020 01:09:24 +0800 Subject: [PATCH] luci-app-passwall: sync with upstream source --- package/lienol/luci-app-passwall/Makefile | 4 +- .../luasrc/view/passwall/global/tips.htm | 6 ++- .../luci-app-passwall/po/zh-cn/passwall.po | 4 +- .../root/etc/config/passwall | 2 +- .../root/usr/share/passwall/app.sh | 49 +++++++++++++------ .../root/usr/share/passwall/config.default | 2 +- .../root/usr/share/passwall/iptables.sh | 15 +++--- .../root/usr/share/passwall/subscribe.lua | 14 +++--- 8 files changed, 57 insertions(+), 39 deletions(-) diff --git a/package/lienol/luci-app-passwall/Makefile b/package/lienol/luci-app-passwall/Makefile index a324e0f8bd..a0cacab8d4 100644 --- a/package/lienol/luci-app-passwall/Makefile +++ b/package/lienol/luci-app-passwall/Makefile @@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall PKG_VERSION:=3.6 -PKG_RELEASE:=21 -PKG_DATE:=20200311 +PKG_RELEASE:=22 +PKG_DATE:=20200314 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) diff --git a/package/lienol/luci-app-passwall/luasrc/view/passwall/global/tips.htm b/package/lienol/luci-app-passwall/luasrc/view/passwall/global/tips.htm index e9d114f217..c71b0f7da4 100644 --- a/package/lienol/luci-app-passwall/luasrc/view/passwall/global/tips.htm +++ b/package/lienol/luci-app-passwall/luasrc/view/passwall/global/tips.htm @@ -3,6 +3,10 @@
<%:Tips%>:<%:You can use load balancing for failover.%>
- <%:Restore the default configuration method. Input example in the address bar: %>http://192.168.1.1/cgi-bin/luci/admin/vpn/passwall/reset_config + <%:Restore the default configuration method. Input example in the address bar:%> http://192.168.1.1/cgi-bin/luci/admin/vpn/passwall/reset_config +
+ <%:Hide menu method, input example in the address bar:%> http://192.168.1.1/cgi-bin/luci/admin/vpn/passwall/hide +
+ <%:After the hidden to the display, input example in the address bar:%> http://192.168.1.1/cgi-bin/luci/admin/vpn/passwall/show
diff --git a/package/lienol/luci-app-passwall/po/zh-cn/passwall.po b/package/lienol/luci-app-passwall/po/zh-cn/passwall.po index 1d8c51bed5..18b2be91e5 100644 --- a/package/lienol/luci-app-passwall/po/zh-cn/passwall.po +++ b/package/lienol/luci-app-passwall/po/zh-cn/passwall.po @@ -814,8 +814,8 @@ msgstr "状态信息显示节点检测" msgid "Status Show IP111" msgstr "状态信息显示IP111" -msgid "Hide Menu" -msgstr "隐藏菜单" +msgid "Hide menu method, input example in the address bar:" +msgstr "隐藏菜单方法,地址栏输入例:" msgid "After the hidden to the display, input example in the address bar:" msgstr "当你隐藏后想再次显示,地址栏输入例:" diff --git a/package/lienol/luci-app-passwall/root/etc/config/passwall b/package/lienol/luci-app-passwall/root/etc/config/passwall index d448eaf6a7..bab4f7bff8 100644 --- a/package/lienol/luci-app-passwall/root/etc/config/passwall +++ b/package/lienol/luci-app-passwall/root/etc/config/passwall @@ -20,7 +20,7 @@ config global_delay option start_delay '1' config global_forwarding - option process '1' + option process '0' option tcp_no_redir_ports 'disable' option udp_no_redir_ports '80,443' option tcp_redir_ports '22,25,53,143,465,587,993,995,80,443' diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh index 3f6fe7c875..101a842820 100755 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh @@ -51,6 +51,8 @@ config_t_get() { get_host_ip() { local host=$2 + local count=$3 + [ -z "$count" ] && count=3 local isip="" local ip=$host if [ "$1" == "ipv6" ]; then @@ -66,7 +68,7 @@ get_host_ip() { [ -z "$isip" ] && { local t=4 [ "$1" == "ipv6" ] && t=6 - local vpsrip=$(resolveip -$t -t 3 $host | awk 'NR==1{print}') + local vpsrip=$(resolveip -$t -t $count $host | awk 'NR==1{print}') ip=$vpsrip } echo $ip @@ -200,12 +202,10 @@ load_config() { [ ! -f "$RESOLVFILE" -o ! -s "$RESOLVFILE" ] && RESOLVFILE=/tmp/resolv.conf.auto if [ "$UP_CHINA_DNS" == "dnsbyisp" -o "$UP_CHINA_DNS" == "default" ]; then UP_CHINA_DNS1=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | grep -v 0.0.0.0 | grep -v 127.0.0.1 | sed -n '1P') - if [ -n "$UP_CHINA_DNS1" ]; then - UP_CHINA_DNS=$UP_CHINA_DNS1 - else - UP_CHINA_DNS="119.29.29.29" - fi - local UP_CHINA_DNS2=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | grep -v 0.0.0.0 | grep -v 127.0.0.1 | sed -n '2P') + DEFAULT_DNS1="$UP_CHINA_DNS1" + [ -z "$UP_CHINA_DNS1" ] && UP_CHINA_DNS1="119.29.29.29" + UP_CHINA_DNS="$UP_CHINA_DNS1" + UP_CHINA_DNS2=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | grep -v 0.0.0.0 | grep -v 127.0.0.1 | sed -n '2P') [ -n "$UP_CHINA_DNS1" -a -n "$UP_CHINA_DNS2" ] && UP_CHINA_DNS="$UP_CHINA_DNS1,$UP_CHINA_DNS2" else UP_CHINA_DNS1=$(echo $UP_CHINA_DNS | sed "s/:/#/g" | awk -F ',' '{print $1}') @@ -213,7 +213,8 @@ load_config() { UP_CHINA_DNS2=$(echo $UP_CHINA_DNS | sed "s/:/#/g" | awk -F ',' '{print $2}') [ -n "$UP_CHINA_DNS2" ] && UP_CHINA_DNS="${UP_CHINA_DNS1},${UP_CHINA_DNS2}" else - UP_CHINA_DNS="114.114.114.114" + UP_CHINA_DNS1="119.29.29.29" + UP_CHINA_DNS=$UP_CHINA_DNS1 fi fi PROXY_IPV6=$(config_t_get global_forwarding proxy_ipv6 0) @@ -632,16 +633,20 @@ add_dnsmasq() { } [ "$DNS_MODE" != "nonuse" ] && { - local dns2="$UP_CHINA_DNS2" - [ -z "$dns2" ] && dns2="114.114.114.114" - [ -f "$RULES_PATH/whitelist_host" -a -s "$RULES_PATH/whitelist_host" ] && cat $RULES_PATH/whitelist_host | sed -e "/^$/d" | sort | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nserver=/."$1"/'$dns2'\nipset=/."$1"/whitelist"}' > $TMP_DNSMASQ_PATH/whitelist_host.conf + if [ -n "$UP_CHINA_DNS2" ]; then + [ -f "$RULES_PATH/whitelist_host" -a -s "$RULES_PATH/whitelist_host" ] && cat $RULES_PATH/whitelist_host | sed -e "/^$/d" | sort | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nserver=/."$1"/'$UP_CHINA_DNS2'\nipset=/."$1"/whitelist"}' > $TMP_DNSMASQ_PATH/whitelist_host.conf + uci show $CONFIG | grep "@nodes" | grep "address" | cut -d "'" -f 2 | sed 's/^\(https:\/\/\|http:\/\/\)//g' | awk -F '/' '{print $1}' | grep -E '.*\..*$' | grep '[a-zA-Z]$' | sort | uniq | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nserver=/."$1"/'$UP_CHINA_DNS2'\nipset=/."$1"/vpsiplist"}' > $TMP_DNSMASQ_PATH/vpsiplist_host.conf + else + [ -f "$RULES_PATH/whitelist_host" -a -s "$RULES_PATH/whitelist_host" ] && cat $RULES_PATH/whitelist_host | sed -e "/^$/d" | sort | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nipset=/."$1"/whitelist"}' > $TMP_DNSMASQ_PATH/whitelist_host.conf + uci show $CONFIG | grep "@nodes" | grep "address" | cut -d "'" -f 2 | sed 's/^\(https:\/\/\|http:\/\/\)//g' | awk -F '/' '{print $1}' | grep -E '.*\..*$' | grep '[a-zA-Z]$' | sort | uniq | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nipset=/."$1"/vpsiplist"}' > $TMP_DNSMASQ_PATH/vpsiplist_host.conf + fi [ -f "$RULES_PATH/blacklist_host" -a -s "$RULES_PATH/blacklist_host" ] && cat $RULES_PATH/blacklist_host | sed -e "/^$/d" | sort | awk '{print "server=/."$1"/127.0.0.1#'$DNS_PORT'\nipset=/."$1"/blacklist"}' > $TMP_DNSMASQ_PATH/blacklist_host.conf [ -f "$RULES_PATH/gfwlist.conf" -a -s "$RULES_PATH/gfwlist.conf" ] && ln -s $RULES_PATH/gfwlist.conf $TMP_DNSMASQ_PATH/gfwlist.conf subscribe_proxy=$(config_t_get global_subscribe subscribe_proxy 0) [ "$subscribe_proxy" -eq 1 ] && { local count=$(uci show $CONFIG | grep "@subscribe_list" | sed -n '$p' | cut -d '[' -f 2 | cut -d ']' -f 1) - [ -n "$count" -a "$count" -ge 0 ] && { + [ -n "$count" ] && [ "$count" -ge 0 ] && { u_get() { local ret=$(uci -q get $CONFIG.@subscribe_list[$1].$2) echo ${ret:=$3} @@ -664,7 +669,7 @@ add_dnsmasq() { } } - [ -z "$IS_DEFAULT_CHINA_DNS" -o "$IS_DEFAULT_CHINA_DNS" == 0 ] && { + if [ -z "$IS_DEFAULT_CHINA_DNS" -o "$IS_DEFAULT_CHINA_DNS" == 0 ]; then server="server=127.0.0.1#$DNS_PORT" [ "$DNS_MODE" != "chinadns-ng" ] && { [ -n "$UP_CHINA_DNS1" ] && server="server=$UP_CHINA_DNS1" @@ -676,7 +681,21 @@ add_dnsmasq() { no-poll no-resolv EOF - } + else + # 如果有某些人DNS设置了默认,但是没有设置上级DNS会上不了网,做个防呆...(真是服了你们这些xxx) + [ -z "$DEFAULT_DNS1" ] && { + local tmp=$(get_host_ip ipv4 www.baidu.com 1) + [ -z "$tmp" ] && { + cat <<-EOF > /var/dnsmasq.d/dnsmasq-$CONFIG.conf + server=$UP_CHINA_DNS1 + no-poll + no-resolv + EOF + echolog "你没有设置接口DNS,请前往设置!" + /etc/init.d/dnsmasq restart >/dev/null 2>&1 & + } + } + fi echo "conf-dir=$TMP_DNSMASQ_PATH" >> /var/dnsmasq.d/dnsmasq-$CONFIG.conf cp -rf /var/dnsmasq.d/dnsmasq-$CONFIG.conf $DNSMASQ_PATH/dnsmasq-$CONFIG.conf @@ -797,7 +816,7 @@ start_haproxy() { mode tcp EOF local count=$(uci show $CONFIG | grep "@balancing" | sed -n '$p' | cut -d '[' -f 2 | cut -d ']' -f 1) - [ -n "$count" -a "$count" -ge 0 ] && { + [ -n "$count" ] && [ "$count" -ge 0 ] && { u_get() { local ret=$(uci -q get $CONFIG.@balancing[$1].$2) echo ${ret:=$3} diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/config.default b/package/lienol/luci-app-passwall/root/usr/share/passwall/config.default index 4b53fbeecf..76afb424a9 100644 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/config.default +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/config.default @@ -20,7 +20,7 @@ config global_delay option start_delay '1' config global_forwarding - option process '1' + option process '0' option tcp_no_redir_ports 'disable' option udp_no_redir_ports '80,443' option tcp_redir_ports '22,25,53,143,465,587,993,995,80,443' diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh index 598d33960a..0e64e1be87 100755 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh @@ -171,9 +171,6 @@ load_acl() { filter_vpsip() { echolog "开始过滤所有IPV4节点到白名单" uci show $CONFIG | grep "@nodes" | grep "address" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - local dns2="$UP_CHINA_DNS2" - [ -z "$dns2" ] && dns2="114.114.114.114" - uci show $CONFIG | grep "@nodes" | grep "address" | cut -d "'" -f 2 | sed 's/^\(https:\/\/\|http:\/\/\)//g' | awk -F '/' '{print $1}' | grep -E '.*\..*$' | grep '[a-zA-Z]$' | sort | uniq | awk '{print "server=/."$1"/'$UP_CHINA_DNS1'\nserver=/."$1"/'$dns2'\nipset=/."$1"/'$IPSET_VPSIPLIST'"}' > $TMP_DNSMASQ_PATH/vpsiplist_host.conf echolog "过滤所有IPV4节点完成" } @@ -185,17 +182,17 @@ filter_node() { [ "$type" == "brook" -a "$(config_n_get $1 brook_protocol client)" == "client" ] && i=$ipt_m local address=$(config_n_get $1 address) local port=$(config_n_get $1 port) - is_exist=$($i -L PSW 2>/dev/null | grep -c "$address:$port") + is_exist=$($i -n -L PSW 2>/dev/null | grep -c "$address:$port") [ "$is_exist" == 0 ] && { local ADD_INDEX=2 - local INDEX=$($i -L PSW --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}') + local INDEX=$($i -n -L PSW --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}') [ -n "$INDEX" ] && ADD_INDEX=$INDEX $i -I PSW $ADD_INDEX -p tcp -d $address --dport $port $(comment "$address:$port") -j RETURN } - is_exist=$($i -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port") + is_exist=$($i -n -L PSW_OUTPUT 2>/dev/null | grep -c "$address:$port") [ "$is_exist" == 0 ] && { local ADD_INDEX=2 - local INDEX=$($i -L PSW_OUTPUT --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}') + local INDEX=$($i -n -L PSW_OUTPUT --line-numbers | grep "$IPSET_VPSIPLIST" | sed -n '$p' | awk '{print $1}') [ -n "$INDEX" ] && ADD_INDEX=$INDEX $i -I PSW_OUTPUT $ADD_INDEX -p tcp -d $address --dport $port $(comment "$address:$port") -j RETURN } @@ -531,10 +528,10 @@ add_firewall_rule() { } del_firewall_rule() { - ipv6_output_ss_exist=$($ip6t_n -L OUTPUT 2>/dev/null | grep -c "PSW") + ipv6_output_ss_exist=$($ip6t_n -n -L OUTPUT 2>/dev/null | grep -c "PSW") [ -n "$ipv6_output_ss_exist" ] && { until [ "$ipv6_output_ss_exist" = 0 ]; do - rules=$($ip6t_n -L OUTPUT --line-numbers | grep "PSW" | awk '{print $1}') + rules=$($ip6t_n -n -L OUTPUT --line-numbers | grep "PSW" | awk '{print $1}') for rule in $rules; do $ip6t_n -D OUTPUT $rule 2>/dev/null break diff --git a/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua b/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua index 98e0dfd2b2..97fbc83037 100644 --- a/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua +++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua @@ -401,14 +401,15 @@ local function select_node(nodes, config) end end -local function update_node() +local function update_node(manual) if next(nodeResult) == nil then log("更新失败,没有可用的节点信息") return end -- delet all for subscribe nodes ucic2:foreach(application, uciType, function(node) - if (node.is_sub or node.hashkey) and node.add_mode ~= '导入' then + -- 如果是手动导入的节点就不参与删除 + if manual == 0 and (node.is_sub or node.hashkey) and node.add_mode ~= '导入' then ucic2:delete(application, node['.name']) end end) @@ -531,7 +532,7 @@ local execute = function() end end) -- diff - update_node() + update_node(0) end end @@ -557,12 +558,9 @@ if arg[1] then for _, raw in ipairs(nodes) do parse_link(raw, nil, 1) end - update_node() + update_node(1) + luci.sys.call("rm -f /tmp/links.conf") elseif arg[1] == "truncate" then truncate_nodes() - elseif arg[1] == "test" then - for k, v in pairs(CONFIG) do - print(k, v) - end end end