diff --git a/.github/update.log b/.github/update.log
index 5dd044fde9..b171a9225b 100644
--- a/.github/update.log
+++ b/.github/update.log
@@ -870,3 +870,4 @@ Update On Sun Dec 29 19:30:34 CET 2024
Update On Mon Dec 30 19:34:06 CET 2024
Update On Tue Dec 31 19:31:50 CET 2024
Update On Wed Jan 1 19:33:17 CET 2025
+Update On Thu Jan 2 19:33:11 CET 2025
diff --git a/clash-nyanpasu/backend/Cargo.lock b/clash-nyanpasu/backend/Cargo.lock
index c5c04f07b8..8b89d618dd 100644
--- a/clash-nyanpasu/backend/Cargo.lock
+++ b/clash-nyanpasu/backend/Cargo.lock
@@ -358,7 +358,7 @@ checksum = "0ae92a5119aa49cdbcf6b9f893fe4e1d98b04ccbf82ee0584ad948a44a734dea"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -548,7 +548,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -583,7 +583,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -623,7 +623,7 @@ checksum = "99e1aca718ea7b89985790c94aad72d77533063fe00bc497bb79a7c2dae6a661"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -859,7 +859,7 @@ dependencies = [
"regex",
"rustc-hash 1.1.0",
"shlex",
- "syn 2.0.93",
+ "syn 2.0.94",
"which 4.4.2",
]
@@ -1048,7 +1048,7 @@ checksum = "9fd3f870829131332587f607a7ff909f1af5fc523fd1b192db55fbbdf52e8d3c"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"synstructure",
]
@@ -1169,7 +1169,7 @@ checksum = "bcfcc3cd946cb52f0bbfdbbcfa2f4e24f75ebb6c0e1002f7c25904fada18b9ec"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -1463,7 +1463,7 @@ dependencies = [
"heck 0.5.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -1731,7 +1731,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f76990911f2267d837d9d0ad060aa63aaad170af40904b29461734c339030d4d"
dependencies = [
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -1996,7 +1996,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13b588ba4ac1a99f7f2964d24b3d896ddc6bf847ee3855dbd4366f058cfcd331"
dependencies = [
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2006,7 +2006,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32a2785755761f3ddc1492979ce1e48d2c00d09311c39e4466429188f3dd6501"
dependencies = [
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2077,7 +2077,7 @@ dependencies = [
"proc-macro2",
"quote",
"strsim",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2088,7 +2088,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806"
dependencies = [
"darling_core",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2179,7 +2179,7 @@ checksum = "30542c1ad912e0e3d22a1935c290e12e8a29d704a420177a31faad4a601a0800"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2200,7 +2200,7 @@ dependencies = [
"darling",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2210,7 +2210,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ab63b0e2bf4d5928aff72e83a7dace85d7bba5fe12dcc3c5a572d78caffd3f3c"
dependencies = [
"derive_builder_core",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2223,7 +2223,7 @@ dependencies = [
"proc-macro2",
"quote",
"rustc_version",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2355,7 +2355,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2387,7 +2387,7 @@ checksum = "f2b99bf03862d7f545ebc28ddd33a665b50865f4dfd84031a393823879bd4c54"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2658,7 +2658,7 @@ checksum = "f282cfdfe92516eb26c2af8589c274c7c17681f5ecc03c18255fe741c6aa64eb"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2679,7 +2679,7 @@ checksum = "de0d48a183585823424a4ce1aa132d174a6a81bd540895822eb4c8373a8e49e8"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -2974,7 +2974,7 @@ checksum = "1a5c6c585bc94aaf2c7b51dd4c2ba22680844aba4c687be581871a6f518c5742"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -3098,7 +3098,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -3386,7 +3386,7 @@ dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -3660,7 +3660,7 @@ dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -4114,7 +4114,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -4309,7 +4309,7 @@ checksum = "c34819042dc3d3971c46c2190835914dfbe0c3c13f61449b2997f4e9722dfa60"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5346,7 +5346,7 @@ checksum = "ed3955f1a9c7c0c15e092f9c887db08b1fc683305fdf6eb6684f22555355e202"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5406,7 +5406,7 @@ dependencies = [
"proc-macro-crate 3.2.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5463,7 +5463,7 @@ version = "0.1.0"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5792,7 +5792,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5931,7 +5931,7 @@ checksum = "e21f680e8c5f1900297d394627d495351b9e37761f7bbf90116bd5eeb6e80967"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -5971,7 +5971,7 @@ checksum = "453922e0b0c402ff4f94d277d9c99c8f60757ed5a84458133758f8142b8707cf"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6207,7 +6207,7 @@ dependencies = [
"pest_meta",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6345,7 +6345,7 @@ dependencies = [
"phf_shared 0.11.2",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6398,7 +6398,7 @@ checksum = "3c0f5fad0874fc7abcd4d750e76917eaebbecaa2c20bde22e1dbeeba8beb758c"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6549,7 +6549,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033"
dependencies = [
"proc-macro2",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6635,7 +6635,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a65f2e60fbf1063868558d69c6beacf412dc755f9fc020f514b7955fc914fe30"
dependencies = [
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -6975,7 +6975,7 @@ checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7040,9 +7040,9 @@ checksum = "19b30a45b0cd0bcca8037f3d0dc3421eaf95327a17cad11964fb8179b4fc4832"
[[package]]
name = "reqwest"
-version = "0.12.11"
+version = "0.12.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7fe060fe50f524be480214aba758c71f99f90ee8c83c5a36b5e9e1d568eb4eb3"
+checksum = "43e734407157c3c2034e0258f5e4473ddb361b1e85f95a66690d67264d7cd1da"
dependencies = [
"base64 0.22.1",
"bytes",
@@ -7224,7 +7224,7 @@ dependencies = [
"serde",
"serde_json",
"serde_yml",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7412,7 +7412,7 @@ dependencies = [
"proc-macro2",
"quote",
"serde_derive_internals",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7554,7 +7554,7 @@ checksum = "5a9bf7cf98d04a2b28aead066b7496853d4779c9cc183c440dbac457641e19a0"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7565,7 +7565,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7598,7 +7598,7 @@ checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -7649,7 +7649,7 @@ dependencies = [
"darling",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8149,7 +8149,7 @@ dependencies = [
"proc-macro2",
"quote",
"rustversion",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8202,9 +8202,9 @@ dependencies = [
[[package]]
name = "syn"
-version = "2.0.93"
+version = "2.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c786062daee0d6db1132800e623df74274a0a87322d8e183338e01b3d98d058"
+checksum = "987bc0be1cdea8b10216bd06e2ca407d40b9543468fafd3ddfb02f36e77f71f3"
dependencies = [
"proc-macro2",
"quote",
@@ -8228,7 +8228,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8363,7 +8363,7 @@ checksum = "f4e16beb8b2ac17db28eab8bca40e62dbfbb34c0fcdc6d9826b11b7b5d047dfd"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8480,7 +8480,7 @@ dependencies = [
"serde",
"serde_json",
"sha2 0.10.8",
- "syn 2.0.93",
+ "syn 2.0.94",
"tauri-utils",
"thiserror 2.0.9",
"time",
@@ -8498,7 +8498,7 @@ dependencies = [
"heck 0.5.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"tauri-codegen",
"tauri-utils",
]
@@ -8913,7 +8913,7 @@ checksum = "5999e24eaa32083191ba4e425deb75cdf25efefabe5aaccb7446dd0d4122a3f5"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8965,7 +8965,7 @@ checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -8976,7 +8976,7 @@ checksum = "7b50fa271071aae2e6ee85f842e2e28ba8cd2c5fb67f11fcb1fd70b276f9e7d4"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -9132,7 +9132,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -9311,7 +9311,7 @@ checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -9939,7 +9939,7 @@ dependencies = [
"log",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"wasm-bindgen-shared",
]
@@ -9974,7 +9974,7 @@ checksum = "30d7a95b763d3c45903ed6c81f156801839e5ee968bb07e534c44df0fcd330c2"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]
@@ -10245,7 +10245,7 @@ checksum = "1d228f15bba3b9d56dde8bddbee66fa24545bd17b48d5128ccf4a8742b18e431"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -10542,7 +10542,7 @@ checksum = "f6fc35f58ecd95a9b71c4f2329b911016e6bec66b3f2e6a4aad86bd2e99e2f9b"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -10553,7 +10553,7 @@ checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -10564,7 +10564,7 @@ checksum = "08990546bf4edef8f431fa6326e032865f27138718c587dc21bc0265bbcb57cc"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -10575,7 +10575,7 @@ checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -11144,7 +11144,7 @@ checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"synstructure",
]
@@ -11234,7 +11234,7 @@ checksum = "709ab20fc57cb22af85be7b360239563209258430bccf38d8b979c5a2ae3ecce"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"zbus-lockstep",
"zbus_xml",
"zvariant 4.2.0",
@@ -11249,7 +11249,7 @@ dependencies = [
"proc-macro-crate 3.2.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"zvariant_utils 2.1.0",
]
@@ -11262,7 +11262,7 @@ dependencies = [
"proc-macro-crate 3.2.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"zbus_names 4.1.0",
"zvariant 5.1.0",
"zvariant_utils 3.0.2",
@@ -11322,7 +11322,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -11342,7 +11342,7 @@ checksum = "595eed982f7d355beb85837f651fa22e90b3c044842dc7f2c2842c086f295808"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"synstructure",
]
@@ -11363,7 +11363,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -11385,7 +11385,7 @@ checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -11530,7 +11530,7 @@ dependencies = [
"proc-macro-crate 3.2.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"zvariant_utils 2.1.0",
]
@@ -11543,7 +11543,7 @@ dependencies = [
"proc-macro-crate 3.2.0",
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
"zvariant_utils 3.0.2",
]
@@ -11555,7 +11555,7 @@ checksum = "c51bcff7cc3dbb5055396bcf774748c3dab426b4b8659046963523cee4808340"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.93",
+ "syn 2.0.94",
]
[[package]]
@@ -11568,6 +11568,6 @@ dependencies = [
"quote",
"serde",
"static_assertions",
- "syn 2.0.93",
+ "syn 2.0.94",
"winnow 0.6.20",
]
diff --git a/clash-nyanpasu/frontend/nyanpasu/package.json b/clash-nyanpasu/frontend/nyanpasu/package.json
index 95b35e4a32..6103496ba9 100644
--- a/clash-nyanpasu/frontend/nyanpasu/package.json
+++ b/clash-nyanpasu/frontend/nyanpasu/package.json
@@ -52,7 +52,7 @@
"@csstools/normalize.css": "12.1.1",
"@emotion/babel-plugin": "11.13.5",
"@emotion/react": "11.14.0",
- "@iconify/json": "2.2.290",
+ "@iconify/json": "2.2.291",
"@monaco-editor/react": "4.6.0",
"@tanstack/react-query": "5.62.11",
"@tanstack/react-router": "1.89.2",
diff --git a/clash-nyanpasu/pnpm-lock.yaml b/clash-nyanpasu/pnpm-lock.yaml
index e814d4df05..7c0a54c557 100644
--- a/clash-nyanpasu/pnpm-lock.yaml
+++ b/clash-nyanpasu/pnpm-lock.yaml
@@ -315,8 +315,8 @@ importers:
specifier: 11.14.0
version: 11.14.0(@types/react@19.0.2)(react@19.0.0)
'@iconify/json':
- specifier: 2.2.290
- version: 2.2.290
+ specifier: 2.2.291
+ version: 2.2.291
'@monaco-editor/react':
specifier: 4.6.0
version: 4.6.0(monaco-editor@0.52.2)(react-dom@19.0.0(react@19.0.0))(react@19.0.0)
@@ -1751,8 +1751,8 @@ packages:
'@vue/compiler-sfc':
optional: true
- '@iconify/json@2.2.290':
- resolution: {integrity: sha512-M2puR3K4RPN8CoZR+X3o/5n0stfZBap7N7nSTnldNkdG9mN8RaOCZ4QO9OcuQpjIh8ouEMKJB8xES/owvby9gQ==}
+ '@iconify/json@2.2.291':
+ resolution: {integrity: sha512-RlSZWRx72ZClQ4U5lgdylvlEsECda7wsVY2EreICL0/lnOWIiqyXeYOpy1V5+pD2TLzaHiY+Uae1PU0eLePxPw==}
'@iconify/types@2.0.0':
resolution: {integrity: sha512-+wluvCrRhXrhyOmRDJ3q8mux9JkKy5SJ/v8ol2tu4FVjyYvtEzkc/3pK15ET6RKg4b4w4BmTk1+gsCUhf21Ykg==}
@@ -9503,7 +9503,7 @@ snapshots:
transitivePeerDependencies:
- supports-color
- '@iconify/json@2.2.290':
+ '@iconify/json@2.2.291':
dependencies:
'@iconify/types': 2.0.0
pathe: 1.1.2
diff --git a/lede/README.md b/lede/README.md
index 9bebaaf333..e18ad9f649 100644
--- a/lede/README.md
+++ b/lede/README.md
@@ -37,12 +37,12 @@ ArmSoM-Sige 系列:软路由、单板计算机、小型服务器与智能家
sudo apt update -y
sudo apt full-upgrade -y
sudo apt install -y ack antlr3 asciidoc autoconf automake autopoint binutils bison build-essential \
- bzip2 ccache clang cmake cpio curl device-tree-compiler flex gawk gettext gcc-multilib g++-multilib \
- git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libfuse-dev libglib2.0-dev libgmp3-dev \
- libltdl-dev libmpc-dev libmpfr-dev libncurses-dev libncurses-dev libpython3-dev libreadline-dev \
- libssl-dev libtool llvm lrzsz genisoimage msmtp ninja-build p7zip p7zip-full patch pkgconf python3 \
- python3-pyelftools python3-setuptools qemu-utils rsync scons squashfs-tools subversion swig texinfo \
- uglifyjs upx-ucl unzip vim wget xmlto xxd zlib1g-dev
+ bzip2 ccache clang cmake cpio curl device-tree-compiler flex gawk gcc-multilib g++-multilib gettext \
+ genisoimage git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libfuse-dev libglib2.0-dev \
+ libgmp3-dev libltdl-dev libmpc-dev libmpfr-dev libncurses5-dev libncursesw5-dev libpython3-dev \
+ libreadline-dev libssl-dev libtool llvm lrzsz msmtp ninja-build p7zip p7zip-full patch pkgconf \
+ python3 python3-pyelftools python3-setuptools qemu-utils rsync scons squashfs-tools subversion \
+ swig texinfo uglifyjs upx-ucl unzip vim wget xmlto xxd zlib1g-dev
```
3. 下载源代码,更新 feeds 并选择配置
diff --git a/lede/README_EN.md b/lede/README_EN.md
index 66f1f8aa4e..026ba32e18 100644
--- a/lede/README_EN.md
+++ b/lede/README_EN.md
@@ -38,12 +38,12 @@ Buy Link :
sudo apt update -y
sudo apt full-upgrade -y
sudo apt install -y ack antlr3 asciidoc autoconf automake autopoint binutils bison build-essential \
- bzip2 ccache cmake cpio curl device-tree-compiler fastjar flex gawk gettext gcc-multilib g++-multilib \
- git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libglib2.0-dev libgmp3-dev libltdl-dev \
- libmpc-dev libmpfr-dev libncurses5-dev libncursesw5-dev libreadline-dev libssl-dev libtool lrzsz \
- mkisofs msmtp nano ninja-build p7zip p7zip-full patch pkgconf python2.7 python3 python3-pyelftools \
- libpython3-dev qemu-utils rsync scons squashfs-tools subversion swig texinfo uglifyjs upx-ucl unzip \
- vim wget xmlto xxd zlib1g-dev python3-setuptools
+ bzip2 ccache clang cmake cpio curl device-tree-compiler flex gawk gcc-multilib g++-multilib gettext \
+ git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libfuse-dev libglib2.0-dev libgmp3-dev \
+ libltdl-dev libmpc-dev libmpfr-dev libncurses5-dev libncursesw5-dev libpython3-dev libreadline-dev \
+ libssl-dev libtool llvm lrzsz mkisofs msmtp nano ninja-build p7zip p7zip-full patch pkgconf python3 \
+ python3-pyelftools python3-setuptools qemu-utils rsync scons squashfs-tools subversion swig texinfo \
+ uglifyjs upx-ucl unzip vim wget xmlto xxd zlib1g-dev
```
3. Clone the source code, update `feeds` and configure:
@@ -193,11 +193,6 @@ Yingku R2 - N95/N300 Mini Four-Network HomeLab Server
## Donation
-
If this project did helped you, please consider donating to support the development of this project.
diff --git a/lede/README_JA.md b/lede/README_JA.md
index 0ac6152e8b..c646668c25 100644
--- a/lede/README_JA.md
+++ b/lede/README_JA.md
@@ -28,12 +28,12 @@ I18N: [English](README_EN.md) | [简体中文](README.md) | [日本語](README_J
sudo apt update -y
sudo apt full-upgrade -y
sudo apt install -y ack antlr3 asciidoc autoconf automake autopoint binutils bison build-essential \
- bzip2 ccache cmake cpio curl device-tree-compiler fastjar flex gawk gettext gcc-multilib g++-multilib \
- git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libglib2.0-dev libgmp3-dev libltdl-dev \
- libmpc-dev libmpfr-dev libncurses5-dev libncursesw5-dev libreadline-dev libssl-dev libtool lrzsz \
- mkisofs msmtp nano ninja-build p7zip p7zip-full patch pkgconf python2.7 python3 python3-pyelftools \
- libpython3-dev qemu-utils rsync scons squashfs-tools subversion swig texinfo uglifyjs upx-ucl unzip \
- vim wget xmlto xxd zlib1g-dev python3-setuptools
+ bzip2 ccache clang cmake cpio curl device-tree-compiler flex gawk gcc-multilib g++-multilib gettext \
+ git gperf haveged help2man intltool libc6-dev-i386 libelf-dev libfuse-dev libglib2.0-dev libgmp3-dev \
+ libltdl-dev libmpc-dev libmpfr-dev libncurses5-dev libncursesw5-dev libpython3-dev libreadline-dev \
+ libssl-dev libtool llvm lrzsz mkisofs msmtp nano ninja-build p7zip p7zip-full patch pkgconf python3 \
+ python3-pyelftools python3-setuptools qemu-utils rsync scons squashfs-tools subversion swig texinfo \
+ uglifyjs upx-ucl unzip vim wget xmlto xxd zlib1g-dev
```
3. ソースコードをクローンし、`feeds` を更新し、設定する:
diff --git a/lede/package/lean/aic8800/Makefile b/lede/package/lean/aic8800/Makefile
index 2ff6ea4aad..863863a53e 100644
--- a/lede/package/lean/aic8800/Makefile
+++ b/lede/package/lean/aic8800/Makefile
@@ -9,10 +9,10 @@ PKG_NAME:=aic8800
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2024-03-04
+PKG_SOURCE_DATE:=2024-06-20
PKG_SOURCE_URL:=https://github.com/radxa-pkg/aic8800.git
-PKG_SOURCE_VERSION:=6a7ec8536a1688a785740d98ca96a4d00b274c56
-PKG_MIRROR_HASH:=75bbd6f410089d8301663aebdeeb79027420ec45dd054b5851c408dfeef23776
+PKG_SOURCE_VERSION:=8ad987876a6220fffb40a755e0454250ce2c5fdd
+PKG_MIRROR_HASH:=4a22e28a4341eb7516f03ea7e6c1c0523013e1aaf72c17428eb3749c8f553856
MAKE_PATH:=src/SDIO/driver_fw/driver/aic8800
PKG_EXTMOD_SUBDIRS:=$(MAKE_PATH)
diff --git a/lede/package/lean/aic8800/patches/010-fixes-build.patch b/lede/package/lean/aic8800/patches/010-fixes-build.patch
index 7237486dfa..dc31ac45f7 100644
--- a/lede/package/lean/aic8800/patches/010-fixes-build.patch
+++ b/lede/package/lean/aic8800/patches/010-fixes-build.patch
@@ -1,6 +1,6 @@
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
-@@ -2932,7 +2932,7 @@ static struct rwnx_vif *rwnx_interface_a
+@@ -2997,7 +2997,7 @@ static struct rwnx_vif *rwnx_interface_a
vif->ap.generation = 0;
vif->ap.mesh_pm = NL80211_MESH_POWER_ACTIVE;
vif->ap.next_mesh_pm = NL80211_MESH_POWER_ACTIVE;
@@ -9,7 +9,7 @@
case NL80211_IFTYPE_AP:
INIT_LIST_HEAD(&vif->ap.sta_list);
memset(&vif->ap.bcn, 0, sizeof(vif->ap.bcn));
-@@ -3349,7 +3349,7 @@ static int rwnx_cfg80211_change_iface(st
+@@ -3414,7 +3414,7 @@ static int rwnx_cfg80211_change_iface(st
INIT_LIST_HEAD(&vif->ap.proxy_list);
vif->ap.create_path = false;
vif->ap.generation = 0;
@@ -18,7 +18,7 @@
case NL80211_IFTYPE_AP:
case NL80211_IFTYPE_P2P_GO:
INIT_LIST_HEAD(&vif->ap.sta_list);
-@@ -5257,6 +5257,7 @@ static int rwnx_cfg80211_mgmt_tx(struct
+@@ -5333,6 +5333,7 @@ static int rwnx_cfg80211_mgmt_tx(struct
switch (RWNX_VIF_TYPE(rwnx_vif)) {
case NL80211_IFTYPE_AP_VLAN:
rwnx_vif = rwnx_vif->ap_vlan.master;
@@ -26,7 +26,7 @@
case NL80211_IFTYPE_AP:
case NL80211_IFTYPE_P2P_GO:
case NL80211_IFTYPE_MESH_POINT:
-@@ -5569,7 +5570,7 @@ rwnx_cfg80211_tdls_mgmt(struct wiphy *wi
+@@ -5645,7 +5646,7 @@ rwnx_cfg80211_tdls_mgmt(struct wiphy *wi
printk("%s: only one TDLS link is supported!\n", __func__);
status_code = WLAN_STATUS_REQUEST_DECLINED;
}
@@ -35,7 +35,7 @@
case WLAN_TDLS_SETUP_REQUEST:
case WLAN_TDLS_TEARDOWN:
case WLAN_TDLS_DISCOVERY_REQUEST:
-@@ -5889,6 +5890,7 @@ static int rwnx_fill_station_info(struct
+@@ -5965,6 +5966,7 @@ static int rwnx_fill_station_info(struct
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 19, 0)
case FORMATMOD_HE_MU:
sinfo->rxrate.he_ru_alloc = rx_vect1->he.ru_size;
@@ -104,7 +104,7 @@
{
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_txq.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_txq.c
-@@ -635,6 +635,7 @@ static inline void rwnx_txq_vif_for_each
+@@ -640,6 +640,7 @@ static inline void rwnx_txq_vif_for_each
}
case NL80211_IFTYPE_AP_VLAN:
rwnx_vif = rwnx_vif->ap_vlan.master;
diff --git a/lede/package/lean/aic8800/patches/030-wireless-5.15.patch b/lede/package/lean/aic8800/patches/030-wireless-5.15.patch
index ba3337dd49..038af5210f 100644
--- a/lede/package/lean/aic8800/patches/030-wireless-5.15.patch
+++ b/lede/package/lean/aic8800/patches/030-wireless-5.15.patch
@@ -11,7 +11,7 @@
#define IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMER_FB IEEE80211_HE_PHY_CAP6_TRIG_SU_BEAMFORMING_FB
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
-@@ -2998,7 +2998,7 @@ static struct rwnx_vif *rwnx_interface_a
+@@ -3063,7 +3063,7 @@ static struct rwnx_vif *rwnx_interface_a
} else
vif->use_4addr = false;
@@ -20,7 +20,7 @@
if (cfg80211_register_netdevice(ndev))
#else
if (register_netdevice(ndev))
-@@ -3271,7 +3271,7 @@ static int rwnx_cfg80211_del_iface(struc
+@@ -3336,7 +3336,7 @@ static int rwnx_cfg80211_del_iface(struc
if (dev->reg_state == NETREG_REGISTERED) {
/* Will call rwnx_close if interface is UP */
diff --git a/lede/package/lean/aic8800/patches/031-wireless-6.1.patch b/lede/package/lean/aic8800/patches/031-wireless-6.1.patch
index a3a9421995..735984bdea 100644
--- a/lede/package/lean/aic8800/patches/031-wireless-6.1.patch
+++ b/lede/package/lean/aic8800/patches/031-wireless-6.1.patch
@@ -1,6 +1,6 @@
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
-@@ -776,7 +776,7 @@ static void rwnx_csa_finish(struct work_
+@@ -783,7 +783,7 @@ static void rwnx_csa_finish(struct work_
spin_unlock_bh(&rwnx_hw->cb_lock);
#if (LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION3)
cfg80211_ch_switch_notify(vif->ndev, &csa->chandef, 0, 0);
@@ -9,7 +9,7 @@
cfg80211_ch_switch_notify(vif->ndev, &csa->chandef, 0);
#else
cfg80211_ch_switch_notify(vif->ndev, &csa->chandef);
-@@ -3540,7 +3540,7 @@ bool key_flag = false;
+@@ -3605,7 +3605,7 @@ bool key_flag = false;
* when adding a group key.
*/
static int rwnx_cfg80211_add_key(struct wiphy *wiphy, struct net_device *netdev,
@@ -18,7 +18,7 @@
int link_id,
#endif
u8 key_index, bool pairwise, const u8 *mac_addr,
-@@ -3637,7 +3637,7 @@ bool key_flag = false;
+@@ -3702,7 +3702,7 @@ bool key_flag = false;
*
*/
static int rwnx_cfg80211_get_key(struct wiphy *wiphy, struct net_device *netdev,
@@ -27,7 +27,7 @@
int link_id,
#endif
u8 key_index, bool pairwise, const u8 *mac_addr,
-@@ -3655,7 +3655,7 @@ static int rwnx_cfg80211_get_key(struct
+@@ -3720,7 +3720,7 @@ static int rwnx_cfg80211_get_key(struct
* and @key_index, return -ENOENT if the key doesn't exist.
*/
static int rwnx_cfg80211_del_key(struct wiphy *wiphy, struct net_device *netdev,
@@ -36,7 +36,7 @@
int link_id,
#endif
u8 key_index, bool pairwise, const u8 *mac_addr)
-@@ -3694,7 +3694,7 @@ static int rwnx_cfg80211_del_key(struct
+@@ -3759,7 +3759,7 @@ static int rwnx_cfg80211_del_key(struct
*/
static int rwnx_cfg80211_set_default_key(struct wiphy *wiphy,
struct net_device *netdev,
@@ -45,7 +45,7 @@
int link_id,
#endif
u8 key_index, bool unicast, bool multicast)
-@@ -3709,7 +3709,7 @@ static int rwnx_cfg80211_set_default_key
+@@ -3774,7 +3774,7 @@ static int rwnx_cfg80211_set_default_key
*/
static int rwnx_cfg80211_set_default_mgmt_key(struct wiphy *wiphy,
struct net_device *netdev,
@@ -54,7 +54,7 @@
int link_id,
#endif
u8 key_index)
-@@ -3796,7 +3796,7 @@ static int rwnx_cfg80211_connect(struct
+@@ -3861,7 +3861,7 @@ static int rwnx_cfg80211_connect(struct
key_params.seq_len = 0;
key_params.cipher = sme->crypto.cipher_group;
rwnx_cfg80211_add_key(wiphy, dev,
@@ -63,7 +63,7 @@
0,
#endif
sme->key_idx, false, NULL, &key_params);
-@@ -4063,7 +4063,7 @@ static int rwnx_cfg80211_add_station(str
+@@ -4128,7 +4128,7 @@ static int rwnx_cfg80211_add_station(str
sta->vif_idx = rwnx_vif->vif_index;
sta->vlan_idx = sta->vif_idx;
sta->qos = (params->sta_flags_set & BIT(NL80211_STA_FLAG_WME)) != 0;
@@ -72,7 +72,7 @@
sta->ht = params->link_sta_params.ht_capa ? 1 : 0;
sta->vht = params->link_sta_params.vht_capa ? 1 : 0;
#else
-@@ -4469,7 +4469,7 @@ static int rwnx_cfg80211_change_station(
+@@ -4534,7 +4534,7 @@ static int rwnx_cfg80211_change_station(
sta->vif_idx = rwnx_vif->vif_index;
sta->vlan_idx = sta->vif_idx;
sta->qos = (params->sta_flags_set & BIT(NL80211_STA_FLAG_WME)) != 0;
@@ -81,7 +81,7 @@
sta->ht = params->link_sta_params.ht_capa ? 1 : 0;
sta->vht = params->link_sta_params.vht_capa ? 1 : 0;
#else
-@@ -4716,7 +4716,7 @@ static int rwnx_cfg80211_change_beacon(s
+@@ -4781,7 +4781,7 @@ static int rwnx_cfg80211_change_beacon(s
/**
* * @stop_ap: Stop being an AP, including stopping beaconing.
*/
@@ -90,7 +90,7 @@
static int rwnx_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *dev, unsigned int link_id)
#else
static int rwnx_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
-@@ -5190,7 +5190,7 @@ static int rwnx_cfg80211_dump_survey(str
+@@ -5266,7 +5266,7 @@ static int rwnx_cfg80211_dump_survey(str
*/
static int rwnx_cfg80211_get_channel(struct wiphy *wiphy,
struct wireless_dev *wdev,
@@ -99,7 +99,7 @@
unsigned int link_id,
#endif
struct cfg80211_chan_def *chandef)
-@@ -5487,7 +5487,7 @@ int rwnx_cfg80211_channel_switch (struct
+@@ -5563,7 +5563,7 @@ int rwnx_cfg80211_channel_switch (struct
INIT_WORK(&csa->work, rwnx_csa_finish);
#if LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION4
cfg80211_ch_switch_started_notify(dev, &csa->chandef, 0, params->count, false, 0);
@@ -110,7 +110,7 @@
cfg80211_ch_switch_started_notify(dev, &csa->chandef, params->count, params->block_tx);
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_msg_rx.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_msg_rx.c
-@@ -836,7 +836,7 @@ static inline int rwnx_rx_sm_connect_ind
+@@ -851,7 +851,7 @@ static inline int rwnx_rx_sm_connect_ind
do {
bss = cfg80211_get_bss(wdev->wiphy, NULL, rwnx_vif->sta.bssid,
@@ -119,7 +119,7 @@
wdev->u.client.ssid, wdev->u.client.ssid_len,
#else
wdev->ssid, wdev->ssid_len,
-@@ -866,7 +866,7 @@ static inline int rwnx_rx_sm_connect_ind
+@@ -881,7 +881,7 @@ static inline int rwnx_rx_sm_connect_ind
#else
WLAN_CAPABILITY_ESS,
#endif
@@ -128,7 +128,7 @@
(int)wdev->u.client.ssid_len,
wdev->u.client.ssid,
#else
-@@ -887,7 +887,7 @@ static inline int rwnx_rx_sm_connect_ind
+@@ -902,7 +902,7 @@ static inline int rwnx_rx_sm_connect_ind
rwnx_vif->sta.bssid[0], rwnx_vif->sta.bssid[1], rwnx_vif->sta.bssid[2],
rwnx_vif->sta.bssid[3], rwnx_vif->sta.bssid[4], rwnx_vif->sta.bssid[5]);
@@ -137,7 +137,7 @@
wdev->u.client.ssid_len = (int)rwnx_vif->sta.ssid_len;
memcpy(wdev->u.client.ssid, rwnx_vif->sta.ssid, wdev->u.client.ssid_len);
#else
-@@ -927,7 +927,7 @@ static inline int rwnx_rx_sm_connect_ind
+@@ -942,7 +942,7 @@ static inline int rwnx_rx_sm_connect_ind
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
struct cfg80211_roam_info info;
memset(&info, 0, sizeof(info));
@@ -148,7 +148,7 @@
info.links[0].bssid = (const u8 *)ind->bssid.array;
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_msg_tx.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_msg_tx.c
-@@ -1941,7 +1941,7 @@ int rwnx_send_me_sta_add(struct rwnx_hw
+@@ -2076,7 +2076,7 @@ int rwnx_send_me_sta_add(struct rwnx_hw
{
struct me_sta_add_req *req;
diff --git a/lede/package/lean/aic8800/patches/032-wireless-6.6.patch b/lede/package/lean/aic8800/patches/032-wireless-6.6.patch
index 4962b62d5e..457a1169ea 100644
--- a/lede/package/lean/aic8800/patches/032-wireless-6.6.patch
+++ b/lede/package/lean/aic8800/patches/032-wireless-6.6.patch
@@ -1,13 +1,20 @@
---- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_compat.h
-+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_compat.h
-@@ -47,8 +47,8 @@
- #else
- #define HIGH_KERNEL_VERSION KERNEL_VERSION(6, 0, 0)
- #define HIGH_KERNEL_VERSION2 KERNEL_VERSION(6, 1, 0)
--#define HIGH_KERNEL_VERSION3 KERNEL_VERSION(6, 3, 0)
--#define HIGH_KERNEL_VERSION4 KERNEL_VERSION(6, 3, 0)
-+#define HIGH_KERNEL_VERSION3 KERNEL_VERSION(6, 9, 0)
-+#define HIGH_KERNEL_VERSION4 KERNEL_VERSION(6, 9, 0)
- #endif
-
-
+--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
++++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
+@@ -781,7 +781,7 @@ static void rwnx_csa_finish(struct work_
+ } else
+ rwnx_txq_vif_stop(vif, RWNX_TXQ_STOP_CHAN, rwnx_hw);
+ spin_unlock_bh(&rwnx_hw->cb_lock);
+-#if (LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION3)
++#if (LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION3) && !defined(BUILD_OPENWRT)
+ cfg80211_ch_switch_notify(vif->ndev, &csa->chandef, 0, 0);
+ #elif (LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION) || defined(BUILD_OPENWRT)
+ cfg80211_ch_switch_notify(vif->ndev, &csa->chandef, 0);
+@@ -5561,7 +5561,7 @@ int rwnx_cfg80211_channel_switch (struct
+ goto end;
+ } else {
+ INIT_WORK(&csa->work, rwnx_csa_finish);
+-#if LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION4
++#if LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION4 && !defined(BUILD_OPENWRT)
+ cfg80211_ch_switch_started_notify(dev, &csa->chandef, 0, params->count, false, 0);
+ #elif LINUX_VERSION_CODE >= HIGH_KERNEL_VERSION2 || defined(BUILD_OPENWRT)
+ cfg80211_ch_switch_started_notify(dev, &csa->chandef, 0, params->count, false);
diff --git a/lede/package/lean/aic8800/patches/040-disable-log.patch b/lede/package/lean/aic8800/patches/040-disable-log.patch
index 7c0b132375..0a967598f9 100644
--- a/lede/package/lean/aic8800/patches/040-disable-log.patch
+++ b/lede/package/lean/aic8800/patches/040-disable-log.patch
@@ -11,7 +11,7 @@
--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_main.c
-@@ -503,7 +503,7 @@ static const int rwnx_hwq2uapsd[NL80211_
+@@ -510,7 +510,7 @@ static const int rwnx_hwq2uapsd[NL80211_
extern uint8_t scanning;
@@ -20,13 +20,3 @@
module_param(aicwf_dbg_level, int, 0660);
int testmode = 0;
char aic_fw_path[200];
---- a/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_tx.c
-+++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_fdrv/rwnx_tx.c
-@@ -169,7 +169,6 @@ void rwnx_ps_bh_traffic_req(struct rwnx_
- // sta->mac_addr))
- // return;
- if (!sta->ps.active) {
-- printk("sta %pM is not in Power Save mode", sta->mac_addr);
- return;
- }
- #ifdef CREATE_TRACE_POINTS
diff --git a/lede/package/lean/aic8800/patches/050-memcpy.patch b/lede/package/lean/aic8800/patches/050-memcpy.patch
new file mode 100644
index 0000000000..0c27dbc135
--- /dev/null
+++ b/lede/package/lean/aic8800/patches/050-memcpy.patch
@@ -0,0 +1,20 @@
+--- a/src/SDIO/driver_fw/driver/aic8800/aic8800_bsp/aic_bsp_driver.c
++++ b/src/SDIO/driver_fw/driver/aic8800/aic8800_bsp/aic_bsp_driver.c
+@@ -16,6 +16,7 @@
+ #include
+ #include
+ #include
++#include
+
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 12, 0)
+ #include
+@@ -1364,7 +1365,8 @@ int aicbt_patch_info_unpack(struct aicbt
+ patch_info->info_len = head_t->len;
+ if(patch_info->info_len == 0)
+ return 0;
+- memcpy(&patch_info->adid_addrinf, head_t->data, patch_info->info_len * sizeof(uint32_t) * 2);
++ unsafe_memcpy(&patch_info->adid_addrinf, head_t->data,
++ patch_info->info_len * sizeof(uint32_t) * 2, /* justification */);
+ }
+ return 0;
+ }
diff --git a/mieru/Makefile b/mieru/Makefile
index 281ad01212..63821f08be 100644
--- a/mieru/Makefile
+++ b/mieru/Makefile
@@ -32,7 +32,7 @@ PROJECT_NAME=$(shell basename "${ROOT}")
# - pkg/version/current.go
#
# Use `tools/bump_version.sh` script to change all those files at one shot.
-VERSION="3.9.0"
+VERSION="3.10.0"
# Build binaries and installation packages.
.PHONY: build
diff --git a/mieru/build/package/mieru/amd64/debian/DEBIAN/control b/mieru/build/package/mieru/amd64/debian/DEBIAN/control
index 3366e2a0d6..cdaa8aedd2 100755
--- a/mieru/build/package/mieru/amd64/debian/DEBIAN/control
+++ b/mieru/build/package/mieru/amd64/debian/DEBIAN/control
@@ -1,5 +1,5 @@
Package: mieru
-Version: 3.9.0
+Version: 3.10.0
Section: net
Priority: optional
Architecture: amd64
diff --git a/mieru/build/package/mieru/amd64/rpm/mieru.spec b/mieru/build/package/mieru/amd64/rpm/mieru.spec
index 5fc0b62bc5..525313c86f 100644
--- a/mieru/build/package/mieru/amd64/rpm/mieru.spec
+++ b/mieru/build/package/mieru/amd64/rpm/mieru.spec
@@ -1,5 +1,5 @@
Name: mieru
-Version: 3.9.0
+Version: 3.10.0
Release: 1%{?dist}
Summary: Mieru proxy client
License: GPLv3+
diff --git a/mieru/build/package/mieru/arm64/debian/DEBIAN/control b/mieru/build/package/mieru/arm64/debian/DEBIAN/control
index 04cb43e6e1..29792b9fb2 100755
--- a/mieru/build/package/mieru/arm64/debian/DEBIAN/control
+++ b/mieru/build/package/mieru/arm64/debian/DEBIAN/control
@@ -1,5 +1,5 @@
Package: mieru
-Version: 3.9.0
+Version: 3.10.0
Section: net
Priority: optional
Architecture: arm64
diff --git a/mieru/build/package/mieru/arm64/rpm/mieru.spec b/mieru/build/package/mieru/arm64/rpm/mieru.spec
index 5fc0b62bc5..525313c86f 100644
--- a/mieru/build/package/mieru/arm64/rpm/mieru.spec
+++ b/mieru/build/package/mieru/arm64/rpm/mieru.spec
@@ -1,5 +1,5 @@
Name: mieru
-Version: 3.9.0
+Version: 3.10.0
Release: 1%{?dist}
Summary: Mieru proxy client
License: GPLv3+
diff --git a/mieru/build/package/mita/amd64/debian/DEBIAN/control b/mieru/build/package/mita/amd64/debian/DEBIAN/control
index c42364fb81..948a1f603f 100755
--- a/mieru/build/package/mita/amd64/debian/DEBIAN/control
+++ b/mieru/build/package/mita/amd64/debian/DEBIAN/control
@@ -1,5 +1,5 @@
Package: mita
-Version: 3.9.0
+Version: 3.10.0
Section: net
Priority: optional
Architecture: amd64
diff --git a/mieru/build/package/mita/amd64/rpm/mita.spec b/mieru/build/package/mita/amd64/rpm/mita.spec
index 3f43a42e27..babe5d71b2 100644
--- a/mieru/build/package/mita/amd64/rpm/mita.spec
+++ b/mieru/build/package/mita/amd64/rpm/mita.spec
@@ -1,5 +1,5 @@
Name: mita
-Version: 3.9.0
+Version: 3.10.0
Release: 1%{?dist}
Summary: Mieru proxy server
License: GPLv3+
diff --git a/mieru/build/package/mita/arm64/debian/DEBIAN/control b/mieru/build/package/mita/arm64/debian/DEBIAN/control
index 3154e360f3..1fdf7717fb 100755
--- a/mieru/build/package/mita/arm64/debian/DEBIAN/control
+++ b/mieru/build/package/mita/arm64/debian/DEBIAN/control
@@ -1,5 +1,5 @@
Package: mita
-Version: 3.9.0
+Version: 3.10.0
Section: net
Priority: optional
Architecture: arm64
diff --git a/mieru/build/package/mita/arm64/rpm/mita.spec b/mieru/build/package/mita/arm64/rpm/mita.spec
index 9976f051ee..3c749a056c 100644
--- a/mieru/build/package/mita/arm64/rpm/mita.spec
+++ b/mieru/build/package/mita/arm64/rpm/mita.spec
@@ -1,5 +1,5 @@
Name: mita
-Version: 3.9.0
+Version: 3.10.0
Release: 1%{?dist}
Summary: Mieru proxy server
License: GPLv3+
diff --git a/mieru/docs/client-install.md b/mieru/docs/client-install.md
index 5882c9cf6e..c6cb9c0f33 100644
--- a/mieru/docs/client-install.md
+++ b/mieru/docs/client-install.md
@@ -151,3 +151,86 @@ Applications can choose any user and password in the `socks5Authentication` list
**socks5 username and password authentication is not compatible with HTTP / HTTPS proxy.** Since HTTP / HTTPS proxy does not require username and password authentication, based on threat model, mieru prohibits the use of HTTP / HTTPS proxy in conjunction with socks5 username and password authentication.
If you need to delete an existing HTTP / HTTPS proxy configuration, please run the `mieru delete http proxy` command. If you want to delete the socks5 username and password authentication settings, please run the `mieru delete socks5 authentication` command.
+
+## Sharing Client Settings
+
+Users can use commands `mieru export config` or `mieru export config simple` to generate URL links to share the client's configuration. These URL links can be imported into other clients using command `mieru import config `.
+
+### Standard Sharing Link
+
+Use command `mieru export config` to generate a standard sharing link. For example:
+
+```
+mieru://CpsBCgdkZWZhdWx0ElgKBWJhb3ppEg1tYW5saWFucGVuZmVuGkA0MGFiYWM0MGY1OWRhNTVkYWQ2YTk5ODMxYTUxMTY1MjJmYmM4MGUzODViYjFhYjE0ZGM1MmRiMzY4ZjczOGE0Gi8SCWxvY2FsaG9zdBoFCIo0EAIaDRACGgk5OTk5LTk5OTkaBQjZMhABGgUIoCYQASD4CioCCAQSB2RlZmF1bHQYnUYguAgwBTgA
+```
+
+A standard sharing link starts with `mieru://` and uses base64 encoding for the full client configuration. Users can use the standard sharing link to replicate the client configuration on a brand new device.
+
+### Simple Sharing Link
+
+Use command `mieru export config simple` to generate human-readable simple sharing links. For example:
+
+```
+mierus://baozi:manlianpenfen@1.2.3.4?mtu=1400&multiplexing=MULTIPLEXING_HIGH&port=6666&port=9998-9999&port=6489&port=4896&profile=default&protocol=TCP&protocol=TCP&protocol=UDP&protocol=UDP
+```
+
+The format of the simple sharing link is as follows:
+
+`mierus://username:password@server_address?parameter_list`
+
+A simple sharing link starts with `mierus://`, where `s` stands for `simple`.
+
+The username and password can only use uppercase letters `A-Z`, lowercase letters `a-z`, numbers `0-9`, underscores `_`, and hyphens `-`. Otherwise, a simple sharing link cannot be generated.
+
+There is only one server address in a simple sharing link. If the client's configuration contains multiple servers, multiple links will be generated.
+
+The supported parameters are:
+
+- `profile`
+- `mtu`
+- `multiplexing`
+- `port`
+- `protocol`
+
+Among them, `profile` must appear once, `mtu` and `multiplexing` can appear at most once, `port` and `protocol` can appear multiple times, and they must appear the same number of times, such that the `port` and `protocol` at the same position can be associated. Additionally, `port` can also be used to specify a port range.
+
+The simple sharing link above is equivalent to the following client configuration fragment:
+
+```json
+{
+ "profileName": "default",
+ "user": {
+ "name": "baozi",
+ "password": "manlianpenfen"
+ },
+ "servers": [
+ {
+ "ipAddress": "1.2.3.4",
+ "portBindings": [
+ {
+ "port": 6666,
+ "protocol": "TCP"
+ },
+ {
+ "protocol": "TCP",
+ "portRange": "9998-9999"
+ },
+ {
+ "port": 6489,
+ "protocol": "UDP"
+ },
+ {
+ "port": 4896,
+ "protocol": "UDP"
+ }
+ ]
+ }
+ ],
+ "mtu": 1400,
+ "multiplexing": {
+ "level": "MULTIPLEXING_HIGH"
+ }
+}
+```
+
+Note: a simple sharing link does not contain necessary client configurations such as `socks5Port`. Therefore, importing a simple sharing link on a brand new device will fail.
diff --git a/mieru/docs/client-install.zh_CN.md b/mieru/docs/client-install.zh_CN.md
index 6a35584a22..db862b0a9a 100644
--- a/mieru/docs/client-install.zh_CN.md
+++ b/mieru/docs/client-install.zh_CN.md
@@ -151,3 +151,86 @@ mieru 不使用 socks5 用户名和密码进行身份验证。
**socks5 用户名和密码验证与 HTTP / HTTPS 代理不兼容。** 因为 HTTP / HTTPS 代理不需要用户名和密码验证,根据威胁模型,mieru 禁止在使用 socks5 用户名和密码验证的同时使用 HTTP / HTTPS 代理。
如果需要删除已有的 HTTP / HTTPS 代理配置,请运行 `mieru delete http proxy` 指令。如果想要删除 socks5 用户名和密码验证的设置,请运行 `mieru delete socks5 authentication` 指令。
+
+## 分享客户端的设置
+
+用户可以使用 `mieru export config` 或者 `mieru export config simple` 指令生成 URL 链接,来分享客户端的配置。这些 URL 链接可以使用 `mieru import config ` 指令导入至其他客户端。
+
+### 标准分享链接
+
+使用指令 `mieru export config` 生成一个标准分享链接。例如:
+
+```
+mieru://CpsBCgdkZWZhdWx0ElgKBWJhb3ppEg1tYW5saWFucGVuZmVuGkA0MGFiYWM0MGY1OWRhNTVkYWQ2YTk5ODMxYTUxMTY1MjJmYmM4MGUzODViYjFhYjE0ZGM1MmRiMzY4ZjczOGE0Gi8SCWxvY2FsaG9zdBoFCIo0EAIaDRACGgk5OTk5LTk5OTkaBQjZMhABGgUIoCYQASD4CioCCAQSB2RlZmF1bHQYnUYguAgwBTgA
+```
+
+标准分享链接以 `mieru://` 开始,使用 base64 编码完整的客户端配置。用户可以使用标准分享链接在一台全新的设备上复刻客户端配置。
+
+### 简单分享链接
+
+使用指令 `mieru export config simple` 生成人类可读的简单分享链接。例如:
+
+```
+mierus://baozi:manlianpenfen@1.2.3.4?mtu=1400&multiplexing=MULTIPLEXING_HIGH&port=6666&port=9998-9999&port=6489&port=4896&profile=default&protocol=TCP&protocol=TCP&protocol=UDP&protocol=UDP
+```
+
+简单分享链接的格式如下:
+
+`mierus://用户名:密码@服务器地址?参数列表`
+
+简单分享链接以 `mierus://` 开始,其中 `s` 表示 `simple`。
+
+用户名和密码只能使用大写字母 `A-Z`,小写字母 `a-z`,数字 `0-9`,下划线 `_` 和横杠 `-`,否则将无法生成简单分享链接。
+
+简单分享链接中只有一个服务器地址。如果客户端的设置含有多台服务器,则会生成多个链接。
+
+链接中支持的参数列表如下:
+
+- `profile`
+- `mtu`
+- `multiplexing`
+- `port`
+- `protocol`
+
+其中 `profile` 必须出现一次,`mtu` 以及 `multiplexing` 最多出现一次,`port` 和 `protocol` 可以出现多次,且他们出现的次数必须相同,以便将同一位置上的 `port` 和 `protocol` 联系起来。另外 `port` 也可以用来指定一段连续的端口。
+
+上面的简单分享链接等同于如下的客户端配置片段:
+
+```json
+{
+ "profileName": "default",
+ "user": {
+ "name": "baozi",
+ "password": "manlianpenfen"
+ },
+ "servers": [
+ {
+ "ipAddress": "1.2.3.4",
+ "portBindings": [
+ {
+ "port": 6666,
+ "protocol": "TCP"
+ },
+ {
+ "protocol": "TCP",
+ "portRange": "9998-9999"
+ },
+ {
+ "port": 6489,
+ "protocol": "UDP"
+ },
+ {
+ "port": 4896,
+ "protocol": "UDP"
+ }
+ ]
+ }
+ ],
+ "mtu": 1400,
+ "multiplexing": {
+ "level": "MULTIPLEXING_HIGH"
+ }
+}
+```
+
+注意,简单分享链接不含有 `socks5Port` 等必要的客户端配置。因此,在全新的设备上导入简单分享链接会失败。
diff --git a/mieru/docs/compile.md b/mieru/docs/compile.md
index 8e6e6cd6a6..9823a4785a 100644
--- a/mieru/docs/compile.md
+++ b/mieru/docs/compile.md
@@ -32,13 +32,13 @@ The `make` command will only generate the officially supported executables. If y
```sh
# Compile the mita server software, which runs on a Linux system with Loongson processor
-env GOOS=linux GOARCH=loong64 CGO_ENABLED=0 go build -ldflags="-s -w" -o mita cmd/mita/mita.go
+env GOOS=linux GOARCH=loong64 CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mita cmd/mita/mita.go
# Compile the mieru client software, which runs on a FreeBSD system with x86_64 processor
-env GOOS=freebsd GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
+env GOOS=freebsd GOARCH=amd64 CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
# Compile the mieru client software, which runs on an OpenWRT system with MIPS processor
-env GOOS=linux GOARCH=mips CGO_ENABLED=0 go build -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
+env GOOS=linux GOARCH=mips CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
```
**Note: The `mita` server software may not run on operating systems other than Linux.**
diff --git a/mieru/docs/compile.zh_CN.md b/mieru/docs/compile.zh_CN.md
index d67dc900db..7f236954e4 100644
--- a/mieru/docs/compile.zh_CN.md
+++ b/mieru/docs/compile.zh_CN.md
@@ -32,13 +32,13 @@
```sh
# 编译可以在龙芯处理器 Linux 系统上运行的 mita 服务器软件
-env GOOS=linux GOARCH=loong64 CGO_ENABLED=0 go build -ldflags="-s -w" -o mita cmd/mita/mita.go
+env GOOS=linux GOARCH=loong64 CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mita cmd/mita/mita.go
# 编译可以在 x86_64 处理器 FreeBSD 系统上运行的 mieru 客户端软件
-env GOOS=freebsd GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
+env GOOS=freebsd GOARCH=amd64 CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
# 编译可以在 MIPS 处理器 OpenWRT 系统上运行的 mieru 客户端软件
-env GOOS=linux GOARCH=mips CGO_ENABLED=0 go build -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
+env GOOS=linux GOARCH=mips CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o mieru cmd/mieru/mieru.go
```
**注意,`mita` 服务器软件可能无法在 Linux 之外的操作系统中运行。**
diff --git a/mieru/docs/server-install.md b/mieru/docs/server-install.md
index 56f8a3f035..0dc3e46238 100644
--- a/mieru/docs/server-install.md
+++ b/mieru/docs/server-install.md
@@ -8,32 +8,32 @@ Before installation and configuration, connect to the server via SSH and then ex
```sh
# Debian / Ubuntu - X86_64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita_3.9.0_amd64.deb
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita_3.10.0_amd64.deb
# Debian / Ubuntu - ARM 64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita_3.9.0_arm64.deb
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita_3.10.0_arm64.deb
# RedHat / CentOS / Rocky Linux - X86_64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita-3.9.0-1.x86_64.rpm
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita-3.10.0-1.x86_64.rpm
# RedHat / CentOS / Rocky Linux - ARM 64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita-3.9.0-1.aarch64.rpm
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita-3.10.0-1.aarch64.rpm
```
## Install mita package
```sh
# Debian / Ubuntu - X86_64
-sudo dpkg -i mita_3.9.0_amd64.deb
+sudo dpkg -i mita_3.10.0_amd64.deb
# Debian / Ubuntu - ARM 64
-sudo dpkg -i mita_3.9.0_arm64.deb
+sudo dpkg -i mita_3.10.0_arm64.deb
# RedHat / CentOS / Rocky Linux - X86_64
-sudo rpm -Uvh --force mita-3.9.0-1.x86_64.rpm
+sudo rpm -Uvh --force mita-3.10.0-1.x86_64.rpm
# RedHat / CentOS / Rocky Linux - ARM 64
-sudo rpm -Uvh --force mita-3.9.0-1.aarch64.rpm
+sudo rpm -Uvh --force mita-3.10.0-1.aarch64.rpm
```
Those instructions can also be used to upgrade the version of mita software package.
diff --git a/mieru/docs/server-install.zh_CN.md b/mieru/docs/server-install.zh_CN.md
index 5ee90c24c3..10b1e25e47 100644
--- a/mieru/docs/server-install.zh_CN.md
+++ b/mieru/docs/server-install.zh_CN.md
@@ -8,32 +8,32 @@
```sh
# Debian / Ubuntu - X86_64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita_3.9.0_amd64.deb
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita_3.10.0_amd64.deb
# Debian / Ubuntu - ARM 64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita_3.9.0_arm64.deb
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita_3.10.0_arm64.deb
# RedHat / CentOS / Rocky Linux - X86_64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita-3.9.0-1.x86_64.rpm
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita-3.10.0-1.x86_64.rpm
# RedHat / CentOS / Rocky Linux - ARM 64
-curl -LSO https://github.com/enfein/mieru/releases/download/v3.9.0/mita-3.9.0-1.aarch64.rpm
+curl -LSO https://github.com/enfein/mieru/releases/download/v3.10.0/mita-3.10.0-1.aarch64.rpm
```
## 安装 mita 软件包
```sh
# Debian / Ubuntu - X86_64
-sudo dpkg -i mita_3.9.0_amd64.deb
+sudo dpkg -i mita_3.10.0_amd64.deb
# Debian / Ubuntu - ARM 64
-sudo dpkg -i mita_3.9.0_arm64.deb
+sudo dpkg -i mita_3.10.0_arm64.deb
# RedHat / CentOS / Rocky Linux - X86_64
-sudo rpm -Uvh --force mita-3.9.0-1.x86_64.rpm
+sudo rpm -Uvh --force mita-3.10.0-1.x86_64.rpm
# RedHat / CentOS / Rocky Linux - ARM 64
-sudo rpm -Uvh --force mita-3.9.0-1.aarch64.rpm
+sudo rpm -Uvh --force mita-3.10.0-1.aarch64.rpm
```
上述指令也可以用来升级 mita 软件包的版本。
diff --git a/mieru/pkg/version/current.go b/mieru/pkg/version/current.go
index 600bfeb0f1..e48cb1153d 100644
--- a/mieru/pkg/version/current.go
+++ b/mieru/pkg/version/current.go
@@ -16,5 +16,5 @@
package version
const (
- AppVersion = "3.9.0"
+ AppVersion = "3.10.0"
)
diff --git a/mieru/test/deploy/httptest/test_mix_udp_associate.sh b/mieru/test/deploy/httptest/test_mix_udp_associate.sh
index 6a9a58cc75..99061a935a 100755
--- a/mieru/test/deploy/httptest/test_mix_udp_associate.sh
+++ b/mieru/test/deploy/httptest/test_mix_udp_associate.sh
@@ -52,9 +52,13 @@ sleep 1
sleep 1
./mieru export config > client.url.txt
rm ~/.config/mieru/client.conf.pb
+sleep 1
echo "mieru client config before import:"
./mieru describe config
sleep 1
+echo "mieru client config URL:"
+cat client.url.txt
+sleep 1
./mieru import config $(cat client.url.txt)
echo "mieru client config after import:"
./mieru describe config
diff --git a/openwrt-passwall/luci-app-passwall/Makefile b/openwrt-passwall/luci-app-passwall/Makefile
index 7b625eaed6..6653f5f741 100644
--- a/openwrt-passwall/luci-app-passwall/Makefile
+++ b/openwrt-passwall/luci-app-passwall/Makefile
@@ -1,5 +1,5 @@
# Copyright (C) 2018-2020 L-WRT Team
-# Copyright (C) 2021-2023 xiaorouji
+# Copyright (C) 2021-2025 xiaorouji
#
# This is free software, licensed under the GNU General Public License v3.
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua b/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua
index 2ed0db4016..4a46e1eb99 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua
@@ -1,10 +1,10 @@
-- Copyright (C) 2018-2020 L-WRT Team
--- Copyright (C) 2021-2023 xiaorouji
+-- Copyright (C) 2021-2025 xiaorouji
module("luci.controller.passwall", package.seeall)
local api = require "luci.passwall.api"
-local appname = "passwall" -- not available
-local uci = api.libuci -- in funtion index()
+local appname = "passwall" -- not available
+local uci = api.uci -- in funtion index()
local fs = api.fs
local http = require "luci.http"
local util = require "luci.util"
@@ -17,8 +17,8 @@ function index()
else return end
end
local api = require "luci.passwall.api"
- local appname = "passwall" -- global definitions not available
- local uci = api.libuci -- in function index()
+ local appname = "passwall" -- global definitions not available
+ local uci = api.uci -- in function index()
local fs = api.fs
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
@@ -110,7 +110,7 @@ end
function show_menu()
uci:delete(appname, "@global[0]", "hide_from_luci")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url())
@@ -118,7 +118,7 @@ end
function hide_menu()
uci:set(appname, "@global[0]", "hide_from_luci","1")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
@@ -135,6 +135,7 @@ function socks_autoswitch_add_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
@@ -146,8 +147,8 @@ function socks_autoswitch_add_node()
table.insert(new_list, e.id)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -156,14 +157,15 @@ function socks_autoswitch_remove_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -287,6 +289,12 @@ function connect_status()
local gfw_list = uci:get(appname, "@global[0]", "use_gfw_list") or "1"
local proxy_mode = uci:get(appname, "@global[0]", "tcp_proxy_mode") or "proxy"
local socks_server = api.get_cache_var("GLOBAL_TCP_SOCKS_server")
+
+ -- 兼容 curl 8.6 time_starttransfer 错误
+ local curl_ver = luci.sys.exec("curl -V 2>/dev/null | head -n 1 | awk '{print $2}' | cut -d. -f1,2") or "0"
+ url = (curl_ver == "8.6") and "-w %{http_code}:%{time_appconnect} https://" .. url
+ or "-w %{http_code}:%{time_starttransfer} http://" .. url
+
if socks_server and socks_server ~= "" then
if (chn_list == "proxy" and gfw_list == "0" and proxy_mode ~= "proxy" and baidu ~= nil) or (chn_list == "0" and gfw_list == "0" and proxy_mode == "proxy") then
-- 中国列表+百度 or 全局
@@ -296,7 +304,7 @@ function connect_status()
url = "-x socks5h://" .. socks_server .. " " .. url
end
end
- local result = luci.sys.exec('curl --connect-timeout 3 -o /dev/null -I -sk -w "%{http_code}:%{time_appconnect}" ' .. url)
+ local result = luci.sys.exec('curl --connect-timeout 3 -o /dev/null -I -sk ' .. url)
local code = tonumber(luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $1}'") or "0")
if code ~= 0 then
local use_time = luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $2}'")
@@ -353,7 +361,7 @@ function set_node()
local protocol = luci.http.formvalue("protocol")
local section = luci.http.formvalue("section")
uci:set(appname, "@global[0]", protocol .. "_node", section)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
@@ -361,7 +369,7 @@ end
function copy_node()
local section = luci.http.formvalue("section")
local uuid = api.gen_short_uuid()
- api.uci_section(uci, appname, "nodes", uuid)
+ uci:section(appname, "nodes", uuid)
for k, v in pairs(uci:get_all(appname, section)) do
local filter = k:find("%.")
if filter and filter == 1 then
@@ -375,7 +383,7 @@ function copy_node()
end
uci:delete(appname, uuid, "add_from")
uci:set(appname, uuid, "add_mode", 1)
- uci:commit(appname)
+ api.uci_save(uci, appname)
luci.http.redirect(api.url("node_config", uuid))
end
@@ -385,7 +393,7 @@ function clear_all_nodes()
uci:delete(appname, '@global[0]', "udp_node")
uci:foreach(appname, "socks", function(t)
uci:delete(appname, t[".name"])
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", {})
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", {})
end)
uci:foreach(appname, "haproxy_config", function(t)
uci:delete(appname, t[".name"])
@@ -398,7 +406,7 @@ function clear_all_nodes()
uci:delete(appname, node['.name'])
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " stop")
end
@@ -421,7 +429,7 @@ function delete_select_nodes()
table.remove(auto_switch_node_list, i)
end
end
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
end)
uci:foreach(appname, "haproxy_config", function(t)
if t["lbss"] == w then
@@ -448,7 +456,7 @@ function delete_select_nodes()
end)
uci:delete(appname, w)
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " restart > /dev/null 2>&1 &")
end
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
index bc1ab22d87..1e70f23fa2 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
@@ -123,6 +123,8 @@ for k, v in pairs(nodes_table) do
socks_node:value(v.id, v["remark"])
end
-m:append(Template(appname .. "/socks_auto_switch/footer"))
+o = s:option(DummyValue, "btn", " ")
+o.template = appname .. "/socks_auto_switch/btn"
+o:depends("enable_autoswitch", true)
return m
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/api.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/api.lua
index c866607ce0..1dbeb84ad7 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/api.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/api.lua
@@ -3,6 +3,7 @@ local com = require "luci.passwall.com"
bin = require "nixio".bin
fs = require "nixio.fs"
sys = require "luci.sys"
+uci = require "luci.model.uci".cursor()
libuci = require "uci".cursor()
util = require "luci.util"
datatypes = require "luci.cbi.datatypes"
@@ -30,6 +31,10 @@ function log(...)
end
end
+function is_js_luci()
+ return sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0
+end
+
function uci_set_list(cursor, config, section, option, value)
if config and section and option then
if not value or #value == 0 then
@@ -55,24 +60,48 @@ function uci_section(cursor, config, type, name, values)
return stat and name
end
+function uci_save(cursor, config, commit, apply)
+ if is_js_luci() then
+ commit = true
+ if commit then
+ if apply then
+ cursor:commit(config)
+ else
+ sh_uci_commit(config)
+ end
+ end
+ else
+ cursor:save(config)
+ if commit then
+ cursor:commit(config)
+ if apply then
+ sys.call("/etc/init.d/" .. config .. " reload > /dev/null 2>&1 &")
+ end
+ end
+ end
+end
+
function sh_uci_get(config, section, option)
exec_call(string.format("uci -q get %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
end
-function sh_uci_set(config, section, option, val)
+function sh_uci_set(config, section, option, val, commit)
exec_call(string.format("uci -q set %s.%s.%s=\"%s\"", config, section, option, val))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_del(config, section, option)
+function sh_uci_del(config, section, option, commit)
exec_call(string.format("uci -q delete %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_add_list(config, section, option, val)
+function sh_uci_add_list(config, section, option, val, commit)
exec_call(string.format("uci -q del_list %s.%s.%s=\"%s\"", config, section, option, val))
exec_call(string.format("uci -q add_list %s.%s.%s=\"%s\"", config, section, option, val))
+ if commit then sh_uci_commit(config) end
+end
+
+function sh_uci_commit(config)
exec_call(string.format("uci -q commit %s", config))
end
@@ -175,7 +204,7 @@ end
function curl_direct(url, file, args)
--直连访问
- local chn_list = libuci:get(appname, "@global[0]", "chn_list") or "direct"
+ local chn_list = uci:get(appname, "@global[0]", "chn_list") or "direct"
local Dns = (chn_list == "proxy") and "1.1.1.1" or "223.5.5.5"
if not args then args = {} end
local tmp_args = clone(args)
@@ -419,30 +448,10 @@ function get_domain_from_url(url)
return url
end
-function get_node_name(node_id)
- local e
- if type(node_id) == "table" then
- e = node_id
- else
- e = libuci:get_all(appname, node_id)
- end
- if e then
- if e.type and e.remarks then
- if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
- local type = e.type
- if type == "sing-box" then type = "Sing-Box" end
- local remark = "%s:[%s] " % {type .. " " .. i18n.translatef(e.protocol), e.remarks}
- return remark
- end
- end
- end
- return ""
-end
-
function get_valid_nodes()
local show_node_info = uci_get_type("@global_other[0]", "show_node_info", "0")
local nodes = {}
- libuci:foreach(appname, "nodes", function(e)
+ uci:foreach(appname, "nodes", function(e)
e.id = e[".name"]
if e.type and e.remarks then
if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
@@ -539,7 +548,7 @@ function gen_short_uuid()
end
function uci_get_type(type, config, default)
- local value = libuci:get(appname, type, config) or default
+ local value = uci:get(appname, type, config) or default
if (value == nil or value == "") and (default and default ~= "") then
value = default
end
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/server_app.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/server_app.lua
index ef267c649a..50357056b6 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/server_app.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/server_app.lua
@@ -3,7 +3,7 @@
local action = arg[1]
local api = require "luci.passwall.api"
local sys = api.sys
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
local CONFIG = "passwall_server"
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_hysteria2.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
index 12afe6874b..b818aadbfb 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_hysteria2", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
index b6ef39b3bf..ee095c1e6c 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_naiveproxy", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config(var)
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
index 5e724e77ba..e6080001b8 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_shadowsocks", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_sing-box.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_sing-box.lua
index e6cdbc7d35..bfa24b46ce 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_sing-box.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_sing-box.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_sing-box", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = "passwall"
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_trojan.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_trojan.lua
index 31bd67a4a3..848b689a56 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_trojan.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_trojan.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_trojan", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local json = api.jsonc
function gen_config_server(node)
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_tuic.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_tuic.lua
index be00dcb8cf..e138b6da56 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_tuic.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_tuic.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_tuic", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local json = api.jsonc
function gen_config(var)
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua
index c3ac56c205..828b7681f7 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua
+++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_xray", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = "passwall"
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/status.htm b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/status.htm
index e8d76ec4ce..eb5527e57b 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/status.htm
+++ b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/status.htm
@@ -138,7 +138,7 @@ https://github.com/pure-css/pure/blob/master/LICENSE.md
-
+
@@ -150,7 +150,7 @@ https://github.com/pure-css/pure/blob/master/LICENSE.md
-
+
@@ -162,7 +162,7 @@ https://github.com/pure-css/pure/blob/master/LICENSE.md
-
+
@@ -174,7 +174,7 @@ https://github.com/pure-css/pure/blob/master/LICENSE.md
-
+
diff --git a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
similarity index 63%
rename from openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm
rename to openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
index 067b978765..287c1d2f48 100644
--- a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm
+++ b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
@@ -19,5 +19,7 @@ local api = require "luci.passwall.api"
}
//]]>
-
-
\ No newline at end of file
+
" data-index="<%=self.index%>" data-depends="<%=pcdata(self:deplist2json(section))%>">
+
\ No newline at end of file
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh
index eafa625918..57b989bd2a 100755
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -1,6 +1,6 @@
#!/bin/sh
# Copyright (C) 2018-2020 L-WRT Team
-# Copyright (C) 2021-2023 xiaorouji
+# Copyright (C) 2021-2025 xiaorouji
. $IPKG_INSTROOT/lib/functions.sh
. $IPKG_INSTROOT/lib/functions/service.sh
@@ -417,8 +417,8 @@ run_ipt2socks() {
}
run_singbox() {
- local flag type node tcp_redir_port udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
- local dns_listen_port direct_dns_port direct_dns_udp_server direct_dns_tcp_server direct_dns_dot_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
+ local flag type node tcp_redir_port tcp_proxy_way udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local dns_listen_port direct_dns_query_strategy direct_dns_port direct_dns_udp_server direct_dns_tcp_server direct_dns_dot_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
local loglevel log_file config_file server_host server_port
local _extra_param=""
eval_set_val $@
@@ -448,6 +448,7 @@ run_singbox() {
[ -n "$server_host" ] && _extra_param="${_extra_param} -server_host $server_host"
[ -n "$server_port" ] && _extra_param="${_extra_param} -server_port $server_port"
[ -n "$tcp_redir_port" ] && _extra_param="${_extra_param} -tcp_redir_port $tcp_redir_port"
+ [ -n "$tcp_proxy_way" ] && _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
[ -n "$udp_redir_port" ] && _extra_param="${_extra_param} -udp_redir_port $udp_redir_port"
[ -n "$socks_address" ] && _extra_param="${_extra_param} -local_socks_address $socks_address"
[ -n "$socks_port" ] && _extra_param="${_extra_param} -local_socks_port $socks_port"
@@ -474,7 +475,8 @@ run_singbox() {
direct_dns_port=$(echo ${local_dns} | awk -F '#' '{print $2}')
fi
_extra_param="${_extra_param} -direct_dns_port ${direct_dns_port:-53}"
- _extra_param="${_extra_param} -direct_dns_query_strategy ${DIRECT_DNS_QUERY_STRATEGY}"
+ direct_dns_query_strategy=${direct_dns_query_strategy:-UseIP}
+ _extra_param="${_extra_param} -direct_dns_query_strategy ${direct_dns_query_strategy}"
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
case "$remote_dns_protocol" in
@@ -493,14 +495,13 @@ run_singbox() {
esac
[ -n "$remote_dns_client_ip" ] && _extra_param="${_extra_param} -remote_dns_client_ip ${remote_dns_client_ip}"
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
- _extra_param="${_extra_param} -tcp_proxy_way ${TCP_PROXY_WAY}"
lua $UTIL_SINGBOX gen_config ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" $log_file run -c "$config_file"
}
run_xray() {
- local flag type node tcp_redir_port udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
- local dns_listen_port remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
+ local flag type node tcp_redir_port tcp_proxy_way udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local dns_listen_port direct_dns_query_strategy remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
local loglevel log_file config_file server_host server_port
local _extra_param=""
eval_set_val $@
@@ -519,6 +520,7 @@ run_xray() {
[ -n "$server_host" ] && _extra_param="${_extra_param} -server_host $server_host"
[ -n "$server_port" ] && _extra_param="${_extra_param} -server_port $server_port"
[ -n "$tcp_redir_port" ] && _extra_param="${_extra_param} -tcp_redir_port $tcp_redir_port"
+ [ -n "$tcp_proxy_way" ] && _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
[ -n "$udp_redir_port" ] && _extra_param="${_extra_param} -udp_redir_port $udp_redir_port"
[ -n "$socks_address" ] && _extra_param="${_extra_param} -local_socks_address $socks_address"
[ -n "$socks_port" ] && _extra_param="${_extra_param} -local_socks_port $socks_port"
@@ -528,7 +530,8 @@ run_xray() {
[ -n "$http_username" ] && [ -n "$http_password" ] && _extra_param="${_extra_param} -local_http_username $http_username -local_http_password $http_password"
[ -n "$dns_socks_address" ] && [ -n "$dns_socks_port" ] && _extra_param="${_extra_param} -dns_socks_address ${dns_socks_address} -dns_socks_port ${dns_socks_port}"
[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
- _extra_param="${_extra_param} -direct_dns_query_strategy ${DIRECT_DNS_QUERY_STRATEGY}"
+ direct_dns_query_strategy=${direct_dns_query_strategy:-UseIP}
+ _extra_param="${_extra_param} -direct_dns_query_strategy ${direct_dns_query_strategy}"
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
[ -n "$remote_dns_client_ip" ] && _extra_param="${_extra_param} -remote_dns_client_ip ${remote_dns_client_ip}"
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
@@ -545,7 +548,6 @@ run_xray() {
[ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -remote_dns_doh_ip ${_doh_bootstrap}"
_extra_param="${_extra_param} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
}
- _extra_param="${_extra_param} -tcp_proxy_way ${TCP_PROXY_WAY}"
_extra_param="${_extra_param} -loglevel $loglevel"
lua $UTIL_XRAY gen_config ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app ${type}_file) ${type})" ${type} $log_file run -c "$config_file"
@@ -924,7 +926,7 @@ run_redir() {
}
NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
- run_singbox flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
+ run_singbox flag=$_flag node=$node tcp_redir_port=$local_port tcp_proxy_way=$TCP_PROXY_WAY config_file=$config_file log_file=$log_file ${_args}
;;
xray)
local _flag="TCP"
@@ -982,7 +984,7 @@ run_redir() {
}
NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
- run_xray flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
+ run_xray flag=$_flag node=$node tcp_redir_port=$local_port tcp_proxy_way=$TCP_PROXY_WAY config_file=$config_file log_file=$log_file ${_args}
;;
trojan*)
[ "${TCP_PROXY_WAY}" = "tproxy" ] && lua_tproxy_arg="-use_tproxy true"
@@ -1424,6 +1426,7 @@ start_dns() {
local log_file=/dev/null
local _args="type=$DNS_MODE config_file=$config_file log_file=$log_file"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
+ _args="${_args} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY}"
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
@@ -1459,6 +1462,7 @@ start_dns() {
local log_file=/dev/null
local _args="type=$DNS_MODE config_file=$config_file log_file=$log_file"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
+ _args="${_args} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY}"
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/haproxy.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/haproxy.lua
index 7efaaeb78f..67366ae1f3 100644
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/haproxy.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/haproxy.lua
@@ -4,7 +4,7 @@ local api = require ("luci.passwall.api")
local appname = "passwall"
local fs = api.fs
local jsonc = api.jsonc
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local log = function(...)
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
index 981578adbd..061615370f 100644
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
@@ -21,7 +21,7 @@ local NFTFLAG = var["-NFTFLAG"]
local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
local LOG_FILE = var["-LOG_FILE"]
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
index b168d73e11..165ed51fcd 100644
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
@@ -1,6 +1,6 @@
local api = require "luci.passwall.api"
local appname = "passwall"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
@@ -25,7 +25,7 @@ local function backup_servers()
local DNSMASQ_DNS = uci:get("dhcp", "@dnsmasq[0]", "server")
if DNSMASQ_DNS and #DNSMASQ_DNS > 0 then
uci:set(appname, "@global[0]", "dnsmasq_servers", DNSMASQ_DNS)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
end
@@ -43,11 +43,11 @@ local function restore_servers()
tinsert(dns_table, v)
end
uci:delete(appname, "@global[0]", "dnsmasq_servers")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if dns_table and #dns_table > 0 then
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -76,7 +76,7 @@ function stretch()
end
end
uci:set("dhcp", "@dnsmasq[0]", "resolvfile", RESOLVFILE)
- uci:commit("dhcp")
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -102,8 +102,8 @@ function logic_restart(var)
tinsert(dns_table, v)
end
end
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1")
restore_servers()
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
index 16e1419d90..ed0fa0bfc8 100644
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
@@ -28,7 +28,7 @@ local CACHE_FLAG = "smartdns_" .. FLAG
local CACHE_DNS_PATH = CACHE_PATH .. "/" .. CACHE_FLAG
local CACHE_DNS_FILE = CACHE_DNS_PATH .. ".conf"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/rule_update.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/rule_update.lua
index e399a70e8c..f0ffc645e1 100755
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/rule_update.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/rule_update.lua
@@ -2,7 +2,7 @@
local api = require ("luci.passwall.api")
local name = api.appname
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local fs = api.fs
@@ -469,7 +469,7 @@ uci:set(name, "@global_rules[0]", "chnroute6_update", chnroute6_update)
uci:set(name, "@global_rules[0]", "chnlist_update", chnlist_update)
uci:set(name, "@global_rules[0]", "geoip_update", geoip_update)
uci:set(name, "@global_rules[0]", "geosite_update", geosite_update)
-uci:commit(name)
+api.uci_save(uci, name, true)
if reboot == 1 then
if arg3 == "cron" then
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/subscribe.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/subscribe.lua
index 8f66cef704..696c18e78a 100755
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/subscribe.lua
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/subscribe.lua
@@ -1312,7 +1312,7 @@ local function truncate_nodes(add_from)
end
end
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
local function select_node(nodes, config)
@@ -1464,7 +1464,7 @@ local function update_node(manual)
end
end
end
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
if next(CONFIG) then
local nodes = {}
@@ -1499,7 +1499,7 @@ local function update_node(manual)
end
]]--
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if arg[3] == "cron" then
diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/test.sh b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/test.sh
index 1f596e9292..30d4ac34b3 100755
--- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/test.sh
+++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/test.sh
@@ -72,11 +72,16 @@ url_test_node() {
/usr/share/${CONFIG}/app.sh run_socks flag="url_test_${node_id}" node=${node_id} bind=127.0.0.1 socks_port=${_tmp_port} config_file=url_test_${node_id}.json
local curlx="socks5h://127.0.0.1:${_tmp_port}"
fi
- sleep 1s
+ # sleep 1s
+ # 兼容 curl 8.6 time_starttransfer 错误
+ local curl_ver=$(curl -V 2>/dev/null | head -n 1 | awk '{print $2}' | cut -d. -f1,2)
+ local curl_arg="-w %{http_code}:%{time_starttransfer} http://"
+ [ "${curl_ver}" = "8.6" ] && curl_arg="-w %{http_code}:%{time_appconnect} https://"
+
local chn_list=$(config_n_get @global[0] chn_list direct)
- local probeUrl="https://www.google.com/generate_204"
- [ "${chn_list}" = "proxy" ] && probeUrl="https://www.baidu.com"
- result=$(curl --connect-timeout 3 -o /dev/null -I -skL -w "%{http_code}:%{time_appconnect}" -x $curlx "${probeUrl}")
+ local probeUrl="www.google.com/generate_204"
+ [ "${chn_list}" = "proxy" ] && probeUrl="www.baidu.com"
+ result=$(curl --connect-timeout 3 -o /dev/null -I -skL -x $curlx ${curl_arg}${probeUrl})
pgrep -af "url_test_${node_id}" | awk '! /test\.sh/{print $1}' | xargs kill -9 >/dev/null 2>&1
rm -rf "/tmp/etc/${CONFIG}/url_test_${node_id}.json"
}
diff --git a/openwrt-passwall2/luci-app-passwall2/Makefile b/openwrt-passwall2/luci-app-passwall2/Makefile
index a6d87a8dab..2ef577c367 100644
--- a/openwrt-passwall2/luci-app-passwall2/Makefile
+++ b/openwrt-passwall2/luci-app-passwall2/Makefile
@@ -1,4 +1,4 @@
-# Copyright (C) 2022-2023 xiaorouji
+# Copyright (C) 2022-2025 xiaorouji
#
# This is free software, licensed under the GNU General Public License v3.
diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/controller/passwall2.lua b/openwrt-passwall2/luci-app-passwall2/luasrc/controller/passwall2.lua
index 56b59097b1..7cd9e82521 100644
--- a/openwrt-passwall2/luci-app-passwall2/luasrc/controller/passwall2.lua
+++ b/openwrt-passwall2/luci-app-passwall2/luasrc/controller/passwall2.lua
@@ -1,9 +1,9 @@
--- Copyright (C) 2022-2023 xiaorouji
+-- Copyright (C) 2022-2025 xiaorouji
module("luci.controller.passwall2", package.seeall)
local api = require "luci.passwall2.api"
-local appname = api.appname -- not available
-local uci = api.libuci -- in funtion index()
+local appname = api.appname -- not available
+local uci = api.uci -- in funtion index()
local http = require "luci.http"
local util = require "luci.util"
local i18n = require "luci.i18n"
@@ -15,8 +15,8 @@ function index()
else return end
end
local api = require "luci.passwall2.api"
- local appname = "passwall2" -- global definitions not available
- local uci = api.libuci -- in function index()
+ local appname = api.appname -- global definitions not available
+ local uci = api.uci -- in function index()
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
entry({"admin", "services", appname, "show"}, call("show_menu")).leaf = true
@@ -99,7 +99,7 @@ end
function show_menu()
uci:delete(appname, "@global[0]", "hide_from_luci")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url())
@@ -107,7 +107,7 @@ end
function hide_menu()
uci:set(appname, "@global[0]", "hide_from_luci","1")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
@@ -124,6 +124,7 @@ function socks_autoswitch_add_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
@@ -135,8 +136,8 @@ function socks_autoswitch_add_node()
table.insert(new_list, e.id)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -145,14 +146,15 @@ function socks_autoswitch_remove_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -292,7 +294,7 @@ function set_node()
local config = luci.http.formvalue("config")
local section = luci.http.formvalue("section")
uci:set(appname, type, config, section)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/passwall2 restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
@@ -300,7 +302,7 @@ end
function copy_node()
local section = luci.http.formvalue("section")
local uuid = api.gen_short_uuid()
- api.uci_section(uci, appname, "nodes", uuid)
+ uci:section(appname, "nodes", uuid)
for k, v in pairs(uci:get_all(appname, section)) do
local filter = k:find("%.")
if filter and filter == 1 then
@@ -314,7 +316,7 @@ function copy_node()
end
uci:delete(appname, uuid, "add_from")
uci:set(appname, uuid, "add_mode", 1)
- uci:commit(appname)
+ api.uci_save(uci, appname)
luci.http.redirect(api.url("node_config", uuid))
end
@@ -323,7 +325,7 @@ function clear_all_nodes()
uci:delete(appname, '@global[0]', "node")
uci:foreach(appname, "socks", function(t)
uci:delete(appname, t[".name"])
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", {})
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", {})
end)
uci:foreach(appname, "haproxy_config", function(t)
uci:delete(appname, t[".name"])
@@ -334,8 +336,7 @@ function clear_all_nodes()
uci:foreach(appname, "nodes", function(node)
uci:delete(appname, node['.name'])
end)
-
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " stop")
end
@@ -355,7 +356,7 @@ function delete_select_nodes()
table.remove(auto_switch_node_list, i)
end
end
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
end)
uci:foreach(appname, "haproxy_config", function(t)
if t["lbss"] == w then
@@ -379,7 +380,7 @@ function delete_select_nodes()
end)
uci:delete(appname, w)
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " restart > /dev/null 2>&1 &")
end
diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
index e5bc0ca9de..fa87ec0452 100644
--- a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
+++ b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
@@ -118,6 +118,8 @@ for k, v in pairs(nodes_table) do
socks_node:value(v.id, v["remark"])
end
-m:append(Template(appname .. "/socks_auto_switch/footer"))
+o = s:option(DummyValue, "btn", " ")
+o.template = appname .. "/socks_auto_switch/btn"
+o:depends("enable_autoswitch", true)
return m
diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/passwall2/api.lua b/openwrt-passwall2/luci-app-passwall2/luasrc/passwall2/api.lua
index 855194b41c..25a96da5e4 100644
--- a/openwrt-passwall2/luci-app-passwall2/luasrc/passwall2/api.lua
+++ b/openwrt-passwall2/luci-app-passwall2/luasrc/passwall2/api.lua
@@ -55,24 +55,48 @@ function uci_section(cursor, config, type, name, values)
return stat and name
end
+function uci_save(cursor, config, commit, apply)
+ if is_js_luci() then
+ commit = true
+ if commit then
+ if apply then
+ cursor:commit(config)
+ else
+ sh_uci_commit(config)
+ end
+ end
+ else
+ cursor:save(config)
+ if commit then
+ cursor:commit(config)
+ if apply then
+ sys.call("/etc/init.d/" .. config .. " reload > /dev/null 2>&1 &")
+ end
+ end
+ end
+end
+
function sh_uci_get(config, section, option)
exec_call(string.format("uci -q get %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
end
-function sh_uci_set(config, section, option, val)
+function sh_uci_set(config, section, option, val, commit)
exec_call(string.format("uci -q set %s.%s.%s=\"%s\"", config, section, option, val))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_del(config, section, option)
+function sh_uci_del(config, section, option, commit)
exec_call(string.format("uci -q delete %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_add_list(config, section, option, val)
+function sh_uci_add_list(config, section, option, val, commit)
exec_call(string.format("uci -q del_list %s.%s.%s=\"%s\"", config, section, option, val))
exec_call(string.format("uci -q add_list %s.%s.%s=\"%s\"", config, section, option, val))
+ if commit then sh_uci_commit(config) end
+end
+
+function sh_uci_commit(config)
exec_call(string.format("uci -q commit %s", config))
end
diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm b/openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
similarity index 63%
rename from openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm
rename to openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
index b4f629d412..f5bc740c13 100644
--- a/openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm
+++ b/openwrt-passwall2/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
@@ -19,5 +19,7 @@ local api = require "luci.passwall2.api"
}
//]]>
-
-
\ No newline at end of file
+
" data-index="<%=self.index%>" data-depends="<%=pcdata(self:deplist2json(section))%>">
+
\ No newline at end of file
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh
index 905007dd17..e31fc1db00 100755
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (C) 2022-2023 xiaorouji
+# Copyright (C) 2022-2025 xiaorouji
. $IPKG_INSTROOT/lib/functions.sh
. $IPKG_INSTROOT/lib/functions/service.sh
@@ -16,13 +16,6 @@ GLOBAL_ACL_PATH=${TMP_ACL_PATH}/default
LOG_FILE=/tmp/log/$CONFIG.log
APP_PATH=/usr/share/$CONFIG
RULES_PATH=/usr/share/${CONFIG}/rules
-TUN_DNS_PORT=15353
-TUN_DNS="127.0.0.1#${TUN_DNS_PORT}"
-DEFAULT_DNS=
-ENABLED_DEFAULT_ACL=0
-ENABLED_ACLS=0
-PROXY_IPV6=0
-PROXY_IPV6_UDP=0
LUA_UTIL_PATH=/usr/lib/lua/luci/passwall2
UTIL_SINGBOX=$LUA_UTIL_PATH/util_sing-box.lua
UTIL_SS=$LUA_UTIL_PATH/util_shadowsocks.lua
@@ -30,8 +23,6 @@ UTIL_XRAY=$LUA_UTIL_PATH/util_xray.lua
UTIL_NAIVE=$LUA_UTIL_PATH/util_naiveproxy.lua
UTIL_HYSTERIA2=$LUA_UTIL_PATH/util_hysteria2.lua
UTIL_TUIC=$LUA_UTIL_PATH/util_tuic.lua
-V2RAY_ARGS=""
-V2RAY_CONFIG=""
echolog() {
local d="$(date "+%Y-%m-%d %H:%M:%S")"
@@ -218,7 +209,11 @@ check_depends() {
get_new_port() {
port=$1
- [ "$port" == "auto" ] && port=2082
+ [ "$port" == "auto" ] && {
+ port=2082
+ local GET_NEW_PORT=$(get_cache_var "get_new_port")
+ [ -n "${GET_NEW_PORT}" ] && port=${GET_NEW_PORT}
+ }
protocol=$(echo $2 | tr 'A-Z' 'a-z')
result=$(check_port_exists $port $protocol)
if [ "$result" != 0 ]; then
@@ -230,6 +225,7 @@ get_new_port() {
fi
get_new_port $temp $protocol
else
+ set_cache_var "get_new_port" "$port"
echo $port
fi
}
@@ -328,7 +324,11 @@ set_cache_var() {
local key="${1}"
shift 1
local val="$@"
- [ -n "${key}" ] && [ -n "${val}" ] && echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ [ -n "${key}" ] && [ -n "${val}" ] && {
+ sed -i "/${key}=/d" $TMP_PATH/var >/dev/null 2>&1
+ echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ eval ${key}=\"${val}\"
+ }
}
get_cache_var() {
local key="${1}"
@@ -337,8 +337,12 @@ get_cache_var() {
}
}
+eval_cache_var() {
+ [ -s "$TMP_PATH/var" ] && eval $(cat "$TMP_PATH/var")
+}
+
run_xray() {
- local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local flag node redir_port tcp_proxy_way socks_address socks_port socks_username socks_password http_address http_port http_username http_password
local dns_listen_port direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache write_ipset_direct
local loglevel log_file config_file
local _extra_param=""
@@ -440,15 +444,18 @@ run_xray() {
_extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1 -remote_dns_query_strategy ${remote_dns_query_strategy}"
fi
}
+ [ -n "${redir_port}" ] && {
+ _extra_param="${_extra_param} -redir_port ${redir_port}"
+ set_cache_var "node_${node}_redir_port" "${redir_port}"
+ [ -n "${tcp_proxy_way}" ] && _extra_param="${_extra_param} -tcp_proxy_way ${tcp_proxy_way}"
+ }
- lua $UTIL_XRAY gen_config -node $node -redir_port $redir_port -tcp_proxy_way $tcp_proxy_way -loglevel $loglevel ${_extra_param} > $config_file
+ lua $UTIL_XRAY gen_config -node $node -loglevel $loglevel ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app ${type}_file) ${type})" ${type} $log_file run -c "$config_file"
-
- [ -n "${redir_port}" ] && set_cache_var "node_${node}_redir_port" "${redir_port}"
}
run_singbox() {
- local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local flag node redir_port tcp_proxy_way socks_address socks_port socks_username socks_password http_address http_port http_username http_password
local dns_listen_port direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache write_ipset_direct
local loglevel log_file config_file
local _extra_param=""
@@ -543,10 +550,14 @@ run_singbox() {
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
}
- lua $UTIL_SINGBOX gen_config -node $node -redir_port $redir_port -tcp_proxy_way $tcp_proxy_way ${_extra_param} > $config_file
- ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "${log_file}" run -c "$config_file"
+ [ -n "${redir_port}" ] && {
+ _extra_param="${_extra_param} -redir_port ${redir_port}"
+ set_cache_var "node_${node}_redir_port" "${redir_port}"
+ [ -n "${tcp_proxy_way}" ] && _extra_param="${_extra_param} -tcp_proxy_way ${tcp_proxy_way}"
+ }
- [ -n "${redir_port}" ] && set_cache_var "node_${node}_redir_port" "${redir_port}"
+ lua $UTIL_SINGBOX gen_config -node $node ${_extra_param} > $config_file
+ ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "${log_file}" run -c "$config_file"
}
run_socks() {
@@ -714,9 +725,12 @@ run_global() {
if [ $PROXY_IPV6 == "1" ]; then
echolog "开启实验性IPv6透明代理(TProxy),请确认您的节点及类型支持IPv6!"
- PROXY_IPV6_UDP=1
fi
- V2RAY_ARGS="flag=global node=$NODE redir_port=$REDIR_PORT"
+
+ TUN_DNS_PORT=15353
+ TUN_DNS="127.0.0.1#${TUN_DNS_PORT}"
+
+ V2RAY_ARGS="flag=global node=$NODE redir_port=$REDIR_PORT tcp_proxy_way=${TCP_PROXY_WAY}"
V2RAY_ARGS="${V2RAY_ARGS} dns_listen_port=${TUN_DNS_PORT} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY} dns_cache=${DNS_CACHE}"
local msg="${TUN_DNS} (直连DNS:${AUTO_DNS}"
@@ -774,7 +788,7 @@ run_global() {
run_func="run_singbox"
fi
- ${run_func} $V2RAY_ARGS
+ ${run_func} ${V2RAY_ARGS}
local RUN_NEW_DNSMASQ=1
RUN_NEW_DNSMASQ=${DNS_REDIRECT}
@@ -1202,7 +1216,7 @@ acl_app() {
elif [ "${type}" = "sing-box" ] && [ -n "${SINGBOX_BIN}" ]; then
run_func="run_singbox"
fi
- ${run_func} flag=acl_$sid node=$node redir_port=$redir_port socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} write_ipset_direct=${write_ipset_direct} config_file=${config_file}
+ ${run_func} flag=acl_$sid node=$node redir_port=$redir_port tcp_proxy_way=${TCP_PROXY_WAY} socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} write_ipset_direct=${write_ipset_direct} config_file=${config_file}
fi
dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1))
run_copy_dnsmasq flag="$sid" listen_port=$dnsmasq_port tun_dns="127.0.0.1#${dns_port}"
@@ -1222,10 +1236,13 @@ acl_app() {
start() {
pgrep -f /tmp/etc/passwall2/bin > /dev/null 2>&1 && {
- echolog "程序已启动,先停止再重新启动!"
+ #echolog "程序已启动,先停止再重新启动!"
stop
}
-
+ mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ get_config
+ export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
+ export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
ulimit -n 65535
start_haproxy
start_socks
@@ -1289,8 +1306,8 @@ start() {
stop() {
clean_log
- [ -n "$($(source $APP_PATH/iptables.sh get_ipt_bin) -t mangle -t nat -L -nv 2>/dev/null | grep "PSW2")" ] && source $APP_PATH/iptables.sh stop
- [ -n "$(nft list sets 2>/dev/null | grep "${CONFIG}_")" ] && source $APP_PATH/nftables.sh stop
+ eval_cache_var
+ [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh stop
delete_ip2route
kill_all v2ray-plugin obfs-local
pgrep -f "sleep.*(6s|9s|58s)" | xargs kill -9 >/dev/null 2>&1
@@ -1309,14 +1326,12 @@ stop() {
uci -q delete ${CONFIG}.@global[0].dnsmasq_dns_redirect
uci -q commit ${CONFIG}
}
- if [ -z "$(get_cache_var "ACL_default_dns_port")" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
+ if [ -z "${ACL_default_dns_port}" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
uci -q del_list dhcp.@dnsmasq[0].addnmount="${GLOBAL_DNSMASQ_CONF_PATH}"
uci -q commit dhcp
lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0
fi
- bak_bridge_nf_ipt=$(get_cache_var "bak_bridge_nf_ipt")
[ -n "${bak_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${bak_bridge_nf_ipt} >/dev/null 2>&1
- bak_bridge_nf_ip6t=$(get_cache_var "bak_bridge_nf_ip6t")
[ -n "${bak_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${bak_bridge_nf_ip6t} >/dev/null 2>&1
}
rm -rf $TMP_PATH
@@ -1325,68 +1340,66 @@ stop() {
exit 0
}
-ENABLED=$(config_t_get global enabled 0)
-NODE=$(config_t_get global node)
-[ "$ENABLED" == 1 ] && {
- [ -n "$NODE" ] && [ "$(config_get_type $NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
-}
-ENABLED_ACLS=$(config_t_get global acl_enable 0)
-[ "$ENABLED_ACLS" == 1 ] && {
- [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
-}
-SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
-REDIR_PORT=$(echo $(get_new_port 1041 tcp,udp))
-tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
-TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
-UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
-TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443')
-UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
-TCP_PROXY_MODE="global"
-UDP_PROXY_MODE="global"
-LOCALHOST_PROXY=$(config_t_get global localhost_proxy '1')
-CLIENT_PROXY=$(config_t_get global client_proxy '1')
-DIRECT_DNS_QUERY_STRATEGY=$(config_t_get global direct_dns_query_strategy UseIP)
-REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
-REMOTE_DNS_DETOUR=$(config_t_get global remote_dns_detour remote)
-REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
-REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
-REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
-WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1)
-DNS_CACHE=$(config_t_get global dns_cache 1)
-DNS_REDIRECT=$(config_t_get global dns_redirect 1)
+get_config() {
+ ENABLED_DEFAULT_ACL=0
+ ENABLED=$(config_t_get global enabled 0)
+ NODE=$(config_t_get global node)
+ [ "$ENABLED" == 1 ] && {
+ [ -n "$NODE" ] && [ "$(config_get_type $NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
+ }
+ ENABLED_ACLS=$(config_t_get global acl_enable 0)
+ [ "$ENABLED_ACLS" == 1 ] && {
+ [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
+ }
+ SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
+ REDIR_PORT=$(echo $(get_new_port 1041 tcp,udp))
+ TCP_PROXY_WAY=$(config_t_get global_forwarding tcp_proxy_way redirect)
+ TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
+ UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
+ TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443')
+ UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
+ PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
+ TCP_PROXY_MODE="global"
+ UDP_PROXY_MODE="global"
+ LOCALHOST_PROXY=$(config_t_get global localhost_proxy '1')
+ CLIENT_PROXY=$(config_t_get global client_proxy '1')
+ DIRECT_DNS_QUERY_STRATEGY=$(config_t_get global direct_dns_query_strategy UseIP)
+ REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
+ REMOTE_DNS_DETOUR=$(config_t_get global remote_dns_detour remote)
+ REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
+ REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
+ REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
+ WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1)
+ DNS_CACHE=$(config_t_get global dns_cache 1)
+ DNS_REDIRECT=$(config_t_get global dns_redirect 1)
-RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
-[ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
+ RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
+ [ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
-ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
-ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
+ ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
+ ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
-DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}'| head -1)
-DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
-[ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
-AUTO_DNS=${DEFAULT_DNS:-119.29.29.29}
+ DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}'| head -1)
+ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
+ [ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
+ AUTO_DNS=${DEFAULT_DNS:-119.29.29.29}
-DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
-DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
-if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
- DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
- if [ -n "$DNSMASQ_CONF_DIR" ]; then
- DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
- else
- DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+ DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
+ DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
+ if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
+ DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
+ if [ -n "$DNSMASQ_CONF_DIR" ]; then
+ DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
+ else
+ DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+ fi
fi
-fi
-GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
-GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d
+ set_cache_var GLOBAL_DNSMASQ_CONF ${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
+ set_cache_var GLOBAL_DNSMASQ_CONF_PATH ${GLOBAL_ACL_PATH}/dnsmasq.d
-PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
-
-XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray)
-SINGBOX_BIN=$(first_type $(config_t_get global_app singbox_file) sing-box)
-
-export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
-export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
-mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray)
+ SINGBOX_BIN=$(first_type $(config_t_get global_app singbox_file) sing-box)
+}
arg1=$1
shift
@@ -1394,28 +1407,28 @@ case $arg1 in
add_ip2route)
add_ip2route $@
;;
-get_new_port)
- get_new_port $@
- ;;
-run_socks)
- run_socks $@
- ;;
-socks_node_switch)
- socks_node_switch $@
- ;;
echolog)
echolog $@
;;
+get_new_port)
+ get_new_port $@
+ ;;
get_cache_var)
get_cache_var $@
;;
set_cache_var)
set_cache_var $@
;;
-stop)
- stop
+run_socks)
+ run_socks $@
+ ;;
+socks_node_switch)
+ socks_node_switch $@
;;
start)
start
;;
+stop)
+ stop
+ ;;
esac
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
index 8870c3f8c4..879c67b4de 100644
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
@@ -1,6 +1,6 @@
local api = require "luci.passwall2.api"
local appname = "passwall2"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
@@ -25,7 +25,7 @@ local function backup_servers()
local DNSMASQ_DNS = uci:get("dhcp", "@dnsmasq[0]", "server")
if DNSMASQ_DNS and #DNSMASQ_DNS > 0 then
uci:set(appname, "@global[0]", "dnsmasq_servers", DNSMASQ_DNS)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
end
@@ -43,11 +43,11 @@ local function restore_servers()
tinsert(dns_table, v)
end
uci:delete(appname, "@global[0]", "dnsmasq_servers")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if dns_table and #dns_table > 0 then
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -76,7 +76,7 @@ function stretch()
end
end
uci:set("dhcp", "@dnsmasq[0]", "resolvfile", RESOLVFILE)
- uci:commit("dhcp")
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -102,8 +102,8 @@ function logic_restart(var)
tinsert(dns_table, v)
end
end
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1")
restore_servers()
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
index 4f6039adb8..c6e5aa4584 100755
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
@@ -204,47 +204,51 @@ gen_shunt_list() {
NODE_PROTOCOL=$(config_n_get $node protocol)
[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
[ "$USE_SHUNT_NODE" = "1" ] && {
- local default_node=$(config_n_get ${node} default_node _direct)
- local default_outbound="redirect"
- [ "$default_node" = "_direct" ] && default_outbound="direct"
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node=$(config_n_get ${node} "${shunt_id}")
- [ -n "$shunt_node" ] && {
- local ipset_v4="passwall2_${node}_${shunt_id}"
- local ipset_v6="passwall2_${node}_${shunt_id}6"
- ipset -! create $ipset_v4 nethash maxelem 1048576
- ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
- local outbound="redirect"
- [ "$shunt_node" = "_direct" ] && outbound="direct"
- [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
- _SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
- _SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
+ local enable_geoview=$(config_t_get global_rules enable_geoview 0)
+ [ -z "$(first_type geoview)" ] && enable_geoview=0
+ local preloading=0
+ preloading=$enable_geoview
+ [ "${preloading}" = "1" ] && {
+ local default_node=$(config_n_get ${node} default_node _direct)
+ local default_outbound="redirect"
+ [ "$default_node" = "_direct" ] && default_outbound="direct"
+ local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+ for shunt_id in $shunt_ids; do
+ local shunt_node=$(config_n_get ${node} "${shunt_id}")
+ [ -n "$shunt_node" ] && {
+ local ipset_v4="passwall2_${node}_${shunt_id}"
+ local ipset_v6="passwall2_${node}_${shunt_id}6"
+ ipset -! create $ipset_v4 nethash maxelem 1048576
+ ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
+ local outbound="redirect"
+ [ "$shunt_node" = "_direct" ] && outbound="direct"
+ [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+ _SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
+ _SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
- config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- [ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
- local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
- [ -n "$_geoip_code" ] && {
- if [ "$(config_n_get $node type)" = "sing-box" ]; then
- get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- else
- if type geoview &> /dev/null; then
+ config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ [ "${enable_geoview}" = "1" ] && {
+ local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+ [ -n "$_geoip_code" ] && {
+ if [ "$(config_n_get $node type)" = "sing-box" ]; then
+ get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ else
get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
fi
- fi
- echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
+ echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
+ }
}
}
- }
- done
+ done
+ }
[ "${_write_ipset_direct}" = "1" ] && {
_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
}
- [ -n "$default_node" ] && {
+ [ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
local ipset_v4="passwall2_${node}_default"
local ipset_v6="passwall2_${node}_default6"
ipset -! create $ipset_v4 nethash maxelem 1048576
@@ -452,7 +456,7 @@ load_acl() {
$ipt_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") -j PSW2_RULE
$ipt_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(REDIRECT $redir_port TPROXY)
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} -d $FAKE_IP_6 -j PSW2_RULE 2>/dev/null
add_shunt_t_rule "${shunt_list6}" "$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport")" "-j PSW2_RULE" 2>/dev/null
$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") -j PSW2_RULE 2>/dev/null
@@ -551,12 +555,12 @@ load_acl() {
$ipt_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ipt_m -A PSW2 $(comment "默认") -p udp $(REDIRECT $REDIR_PORT TPROXY)
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2 $(comment "默认") -p udp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "默认") -p udp $(REDIRECT $REDIR_PORT TPROXY)
- fi
+ }
echolog "${msg2}"
fi
@@ -696,10 +700,9 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
fi
@@ -884,14 +887,14 @@ add_firewall_rule() {
insert_rule_before "$ipt_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p tcp -j PSW2_OUTPUT"
}
- if [ "$PROXY_IPV6" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2_OUTPUT -p tcp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "本机") -p tcp -i lo $(REDIRECT $REDIR_PORT TPROXY)
$ip6t_m -A PSW2 $(comment "本机") -p tcp -i lo -j RETURN
insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p tcp -j PSW2_OUTPUT"
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
@@ -910,14 +913,14 @@ add_firewall_rule() {
$ipt_m -A PSW2 $(comment "本机") -p udp -i lo -j RETURN
insert_rule_before "$ipt_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p udp -j PSW2_OUTPUT"
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2_OUTPUT -p udp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "本机") -p udp -i lo $(REDIRECT $REDIR_PORT TPROXY)
$ip6t_m -A PSW2 $(comment "本机") -p udp -i lo -j RETURN
insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p udp -j PSW2_OUTPUT"
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
index 1066ea6a65..64305bf568 100755
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
@@ -258,46 +258,50 @@ gen_shunt_list() {
NODE_PROTOCOL=$(config_n_get $node protocol)
[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
[ "$USE_SHUNT_NODE" = "1" ] && {
- local default_node=$(config_n_get ${node} default_node _direct)
- local default_outbound="redirect"
- [ "$default_node" = "_direct" ] && default_outbound="direct"
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node=$(config_n_get ${node} "${shunt_id}")
- [ -n "$shunt_node" ] && {
- local nftset_v4="passwall2_${node}_${shunt_id}"
- local nftset_v6="passwall2_${node}_${shunt_id}6"
- gen_nftset $nftset_v4 ipv4_addr 0 0
- gen_nftset $nftset_v6 ipv6_addr 0 0
- local outbound="redirect"
- [ "$shunt_node" = "_direct" ] && outbound="direct"
- [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
- _SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
- _SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
- insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
- insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
- [ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
- local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
- [ -n "$_geoip_code" ] && {
- if [ "$(config_n_get $node type)" = "sing-box" ]; then
- insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
- insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
- else
- if type geoview &> /dev/null; then
+ local enable_geoview=$(config_t_get global_rules enable_geoview 0)
+ [ -z "$(first_type geoview)" ] && enable_geoview=0
+ local preloading=0
+ preloading=$enable_geoview
+ [ "${preloading}" = "1" ] && {
+ local default_node=$(config_n_get ${node} default_node _direct)
+ local default_outbound="redirect"
+ [ "$default_node" = "_direct" ] && default_outbound="direct"
+ local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+ for shunt_id in $shunt_ids; do
+ local shunt_node=$(config_n_get ${node} "${shunt_id}")
+ [ -n "$shunt_node" ] && {
+ local nftset_v4="passwall2_${node}_${shunt_id}"
+ local nftset_v6="passwall2_${node}_${shunt_id}6"
+ gen_nftset $nftset_v4 ipv4_addr 0 0
+ gen_nftset $nftset_v6 ipv6_addr 0 0
+ local outbound="redirect"
+ [ "$shunt_node" = "_direct" ] && outbound="direct"
+ [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+ _SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
+ _SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
+ insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+ insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+ [ "${enable_geoview}" = "1" ] && {
+ local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+ [ -n "$_geoip_code" ] && {
+ if [ "$(config_n_get $node type)" = "sing-box" ]; then
+ insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+ insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+ else
insert_nftset $nftset_v4 "0" $(get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
insert_nftset $nftset_v6 "0" $(get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
fi
- fi
- echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
+ echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
+ }
}
}
- }
- done
+ done
+ }
[ "${_write_ipset_direct}" = "1" ] && {
_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
}
- [ -n "$default_node" ] && {
+ [ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
local nftset_v4="passwall2_${node}_default"
local nftset_v6="passwall2_${node}_default6"
gen_nftset $nftset_v4 ipv4_addr 0 0
@@ -503,7 +507,7 @@ load_acl() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") counter jump PSW2_RULE comment \"$remarks\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp ${_ipt_source} $(REDIRECT $redir_port TPROXY4) comment \"$remarks\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} ip6 daddr $FAKE_IP_6 counter jump PSW2_RULE comment \"$remarks\""
add_shunt_t_rule "${shunt_list6}" "nft add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") ip6 daddr" "counter jump PSW2_RULE" "$remarks"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") counter jump PSW2_RULE comment \"$remarks\"" 2>/dev/null
@@ -604,7 +608,7 @@ load_acl() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE comment \"默认\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp $(REDIRECT $REDIR_PORT TPROXY4) comment \"默认\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ip6 daddr $FAKE_IP_6 jump PSW2_RULE comment \"默认\""
add_shunt_t_rule "${SHUNT_LIST6}" "nft add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr" "counter jump PSW2_RULE" "默认"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE comment \"默认\""
@@ -744,12 +748,11 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
nft_prerouting_chain="PSW2_NAT"
nft_output_chain="PSW2_OUTPUT_NAT"
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
nft_prerouting_chain="PSW2_MANGLE"
nft_output_chain="PSW2_OUTPUT_MANGLE"
@@ -964,13 +967,13 @@ add_firewall_rule() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp iif lo counter return comment \"本机\""
nft "add rule $NFTABLE_NAME mangle_output ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\""
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp ip6 daddr $FAKE_IP_6 jump PSW2_RULE"
add_shunt_t_rule "${SHUNT_LIST6}" "nft add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr" "counter jump PSW2_RULE"
nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp iif lo $(REDIRECT $REDIR_PORT TPROXY) comment \"本机\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp iif lo counter return comment \"本机\""
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
index b51c2181ea..f23283c476 100755
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
@@ -1,12 +1,12 @@
#!/usr/bin/lua
-require 'nixio'
-require 'luci.sys'
-local luci = luci
-local ucic = luci.model.uci.cursor()
-local jsonc = require "luci.jsonc"
-local name = 'passwall2'
local api = require "luci.passwall2.api"
+local name = api.appname
+local fs = api.fs
+local sys = api.sys
+local uci = api.uci
+local jsonc = api.jsonc
+
local arg1 = arg[1]
local arg2 = arg[2]
local arg3 = arg[3]
@@ -14,13 +14,13 @@ local arg3 = arg[3]
local reboot = 0
local geoip_update = 0
local geosite_update = 0
-local asset_location = ucic:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
+local asset_location = uci:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
-- Custom geo file
-local geoip_api = ucic:get_first(name, 'global_rules', "geoip_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
-local geosite_api = ucic:get_first(name, 'global_rules', "geosite_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
+local geoip_api = uci:get_first(name, 'global_rules', "geoip_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
+local geosite_api = uci:get_first(name, 'global_rules', "geosite_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
--
-local use_nft = ucic:get(name, "@global_forwarding[0]", "use_nft") or "0"
+local use_nft = uci:get(name, "@global_forwarding[0]", "use_nft") or "0"
if arg3 == "cron" then
arg2 = nil
@@ -67,9 +67,9 @@ local function fetch_geoip()
f:write(content:gsub("geoip.dat", "/tmp/geoip.dat"), "")
f:close()
- if nixio.fs.access(asset_location .. "geoip.dat") then
- luci.sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
- if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+ if fs.access(asset_location .. "geoip.dat") then
+ sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
+ if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geoip 版本一致,无需更新。")
return 1
end
@@ -77,8 +77,8 @@ local function fetch_geoip()
for _2, v2 in ipairs(json.assets) do
if v2.name and v2.name == "geoip.dat" then
sret = curl(v2.browser_download_url, "/tmp/geoip.dat")
- if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
- luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
+ if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+ sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
reboot = 1
log("geoip 更新成功。")
return 1
@@ -118,9 +118,9 @@ local function fetch_geosite()
f:write(content:gsub("[^%s]+.dat", "/tmp/geosite.dat"), "")
f:close()
- if nixio.fs.access(asset_location .. "geosite.dat") then
- luci.sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
- if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+ if fs.access(asset_location .. "geosite.dat") then
+ sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
+ if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geosite 版本一致,无需更新。")
return 1
end
@@ -128,8 +128,8 @@ local function fetch_geosite()
for _2, v2 in ipairs(json.assets) do
if v2.name and (v2.name == "geosite.dat" or v2.name == "dlc.dat") then
sret = curl(v2.browser_download_url, "/tmp/geosite.dat")
- if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
- luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
+ if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+ sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
reboot = 1
log("geosite 更新成功。")
return 1
@@ -161,8 +161,8 @@ if arg2 then
end
end)
else
- geoip_update = ucic:get_first(name, 'global_rules', "geoip_update", 1)
- geosite_update = ucic:get_first(name, 'global_rules', "geosite_update", 1)
+ geoip_update = uci:get_first(name, 'global_rules', "geoip_update", 1)
+ geosite_update = uci:get_first(name, 'global_rules', "geosite_update", 1)
end
if geoip_update == 0 and geosite_update == 0 then
os.exit(0)
@@ -184,23 +184,22 @@ if tonumber(geosite_update) == 1 then
os.remove("/tmp/geosite.dat.sha256sum")
end
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geoip_update", geoip_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geosite_update", geosite_update)
-ucic:save(name)
-luci.sys.call("uci commit " .. name)
+uci:set(name, uci:get_first(name, 'global_rules'), "geoip_update", geoip_update)
+uci:set(name, uci:get_first(name, 'global_rules'), "geosite_update", geosite_update)
+api.uci_save(uci, name, true)
if reboot == 1 then
if arg3 == "cron" then
- if not nixio.fs.access("/var/lock/" .. name .. ".lock") then
- luci.sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
+ if not fs.access("/var/lock/" .. name .. ".lock") then
+ sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
end
end
log("重启服务,应用新的规则。")
if use_nft == "1" then
- luci.sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
+ sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
else
- luci.sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
+ sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
end
end
log("规则更新完毕...")
diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
index 57d928caff..3aabb321eb 100755
--- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
+++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
@@ -3,8 +3,6 @@
------------------------------------------------
-- @author William Chan
------------------------------------------------
-require 'nixio'
-require 'luci.model.uci'
require 'luci.util'
require 'luci.jsonc'
require 'luci.sys'
@@ -20,6 +18,7 @@ local split = api.split
local jsonParse, jsonStringify = luci.jsonc.parse, luci.jsonc.stringify
local base64Decode = api.base64Decode
local uci = api.libuci
+local fs = api.fs
uci:revert(appname)
local has_ss = api.is_finded("ss-redir")
@@ -1282,7 +1281,7 @@ local function truncate_nodes(add_from)
end
end
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
local function select_node(nodes, config)
@@ -1434,7 +1433,7 @@ local function update_node(manual)
end
end
end
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
if next(CONFIG) then
local nodes = {}
@@ -1469,11 +1468,11 @@ local function update_node(manual)
end
]]--
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if arg[3] == "cron" then
- if not nixio.fs.access("/var/lock/" .. appname .. ".lock") then
+ if not fs.access("/var/lock/" .. appname .. ".lock") then
luci.sys.call("touch /tmp/lock/" .. appname .. "_cron.lock")
end
end
diff --git a/shadowsocks-rust/Cargo.lock b/shadowsocks-rust/Cargo.lock
index b3fcdb2f0e..4522d9b20a 100644
--- a/shadowsocks-rust/Cargo.lock
+++ b/shadowsocks-rust/Cargo.lock
@@ -170,9 +170,9 @@ dependencies = [
[[package]]
name = "anyhow"
-version = "1.0.93"
+version = "1.0.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c95c10ba0b00a02636238b814946408b1322d5ac4760326e6fb8ec956d85775"
+checksum = "34ac096ce696dc2fcabef30516bb13c0a68a11d30131d3df6f04711467681b04"
[[package]]
name = "arc-swap"
@@ -212,7 +212,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -229,7 +229,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -404,7 +404,7 @@ dependencies = [
"once_cell",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -463,9 +463,9 @@ dependencies = [
[[package]]
name = "cc"
-version = "1.2.2"
+version = "1.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f34d93e62b03caf570cccc334cbc6c2fceca82f39211051345108adcba3eebdc"
+checksum = "8d6dbb628b8f8555f86d0323c2eb39e3ec81901f4b83e091db8a6a76d316a333"
dependencies = [
"jobserver",
"libc",
@@ -522,9 +522,9 @@ dependencies = [
[[package]]
name = "chrono"
-version = "0.4.38"
+version = "0.4.39"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401"
+checksum = "7e36cc9d416881d2e24f9a963be5fb1cd90966419ac844274161d10488b3e825"
dependencies = [
"android-tzdata",
"iana-time-zone",
@@ -653,9 +653,9 @@ dependencies = [
[[package]]
name = "crossbeam-channel"
-version = "0.5.13"
+version = "0.5.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2"
+checksum = "06ba6d68e24814cb8de6bb986db8222d3a027d15872cabc0d18817bc3c0e4471"
dependencies = [
"crossbeam-utils",
]
@@ -671,9 +671,9 @@ dependencies = [
[[package]]
name = "crossbeam-utils"
-version = "0.8.20"
+version = "0.8.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80"
+checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28"
[[package]]
name = "crypto-bigint"
@@ -742,7 +742,7 @@ dependencies = [
"proc-macro-error2",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -830,7 +830,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -851,7 +851,7 @@ checksum = "16c187d1e575ef546d24f0fcd7701cc04abfe6b5e7e2758aabc450b99e835ac3"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -911,14 +911,14 @@ dependencies = [
"heck",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
name = "env_filter"
-version = "0.1.2"
+version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f2c92ceda6ceec50f43169f9ee8424fe2db276791afde7b2cd8bc084cb376ab"
+checksum = "186e05a59d4c50738528153b83b0b0194d3a29507dfec16eccd4b342903397d0"
dependencies = [
"log",
"regex",
@@ -985,9 +985,9 @@ dependencies = [
[[package]]
name = "fastrand"
-version = "2.2.0"
+version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "486f806e73c5707928240ddc295403b1b93c96a02038563881c4a2fd84b81ac4"
+checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
[[package]]
name = "ff"
@@ -1142,7 +1142,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -1184,6 +1184,19 @@ dependencies = [
"byteorder",
]
+[[package]]
+name = "generator"
+version = "0.8.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cc6bd114ceda131d3b1d665eba35788690ad37f5916457286b32ab6fd3c438dd"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "log",
+ "rustversion",
+ "windows",
+]
+
[[package]]
name = "generic-array"
version = "0.14.7"
@@ -1490,9 +1503,9 @@ dependencies = [
[[package]]
name = "hyper-rustls"
-version = "0.27.3"
+version = "0.27.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08afdbb5c31130e3034af566421053ab03787c640246a446327f550d11bcb333"
+checksum = "2d191583f3da1305256f22463b9bb0471acad48a4e534a5218b9963e9c1f59b2"
dependencies = [
"futures-util",
"http",
@@ -1553,7 +1566,7 @@ dependencies = [
"iana-time-zone-haiku",
"js-sys",
"wasm-bindgen",
- "windows-core",
+ "windows-core 0.52.0",
]
[[package]]
@@ -1680,7 +1693,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -1822,9 +1835,9 @@ dependencies = [
[[package]]
name = "js-sys"
-version = "0.3.74"
+version = "0.3.76"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a865e038f7f6ed956f788f0d7d60c541fff74c7bd74272c5d4cf15c63743e705"
+checksum = "6717b6b5b077764fb5966237269cb3c64edddde4b14ce42647430a78ced9e7b7"
dependencies = [
"once_cell",
"wasm-bindgen",
@@ -1880,7 +1893,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34"
dependencies = [
"cfg-if",
- "windows-targets 0.48.5",
+ "windows-targets 0.52.6",
]
[[package]]
@@ -1901,7 +1914,7 @@ checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d"
dependencies = [
"bitflags 2.6.0",
"libc",
- "redox_syscall 0.5.7",
+ "redox_syscall 0.5.8",
]
[[package]]
@@ -1969,6 +1982,19 @@ dependencies = [
"winapi",
]
+[[package]]
+name = "loom"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "419e0dc8046cb947daa77eb95ae174acfbddb7673b4151f56d1eed8e93fbfaca"
+dependencies = [
+ "cfg-if",
+ "generator",
+ "scoped-tls",
+ "tracing",
+ "tracing-subscriber",
+]
+
[[package]]
name = "lru_time_cache"
version = "0.11.11"
@@ -2029,9 +2055,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
[[package]]
name = "miniz_oxide"
-version = "0.8.0"
+version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1"
+checksum = "4ffbe83022cedc1d264172192511ae958937694cd57ce297164951b8b3568394"
dependencies = [
"adler2",
]
@@ -2050,21 +2076,20 @@ dependencies = [
[[package]]
name = "moka"
-version = "0.12.8"
+version = "0.12.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "32cf62eb4dd975d2dde76432fb1075c49e3ee2331cf36f1f8fd4b66550d32b6f"
+checksum = "23db87a7f248211f6a7c8644a1b750541f8a4c68ae7de0f908860e44c0c201f6"
dependencies = [
"crossbeam-channel",
"crossbeam-epoch",
"crossbeam-utils",
- "once_cell",
+ "loom",
"parking_lot 0.12.3",
"quanta",
"rustc_version",
"smallvec",
"tagptr",
"thiserror 1.0.69",
- "triomphe",
"uuid",
]
@@ -2118,9 +2143,9 @@ dependencies = [
[[package]]
name = "notify-types"
-version = "1.0.0"
+version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7393c226621f817964ffb3dc5704f9509e107a8b024b489cc2c1b217378785df"
+checksum = "585d3cb5e12e01aed9e8a1f70d5c6b5e86fe2a6e48fc8cd0b3e0b8df6f6eb174"
dependencies = [
"instant",
]
@@ -2161,9 +2186,9 @@ dependencies = [
[[package]]
name = "object"
-version = "0.36.5"
+version = "0.36.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aedf0a2d09c573ed1d8d85b30c119153926a2b36dce0ab28322c09a117a4683e"
+checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87"
dependencies = [
"memchr",
]
@@ -2203,7 +2228,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -2325,7 +2350,7 @@ checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8"
dependencies = [
"cfg-if",
"libc",
- "redox_syscall 0.5.7",
+ "redox_syscall 0.5.8",
"smallvec",
"windows-targets 0.52.6",
]
@@ -2338,20 +2363,20 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
[[package]]
name = "pest"
-version = "2.7.14"
+version = "2.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "879952a81a83930934cbf1786752d6dedc3b1f29e8f8fb2ad1d0a36f377cf442"
+checksum = "8b7cafe60d6cf8e62e1b9b2ea516a089c008945bb5a275416789e7db0bc199dc"
dependencies = [
"memchr",
- "thiserror 1.0.69",
+ "thiserror 2.0.9",
"ucd-trie",
]
[[package]]
name = "pest_derive"
-version = "2.7.14"
+version = "2.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d214365f632b123a47fd913301e14c946c61d1c183ee245fa76eb752e59a02dd"
+checksum = "816518421cfc6887a0d62bf441b6ffb4536fcc926395a69e1a85852d4363f57e"
dependencies = [
"pest",
"pest_generator",
@@ -2359,22 +2384,22 @@ dependencies = [
[[package]]
name = "pest_generator"
-version = "2.7.14"
+version = "2.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eb55586734301717aea2ac313f50b2eb8f60d2fc3dc01d190eefa2e625f60c4e"
+checksum = "7d1396fd3a870fc7838768d171b4616d5c91f6cc25e377b673d714567d99377b"
dependencies = [
"pest",
"pest_meta",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
name = "pest_meta"
-version = "2.7.14"
+version = "2.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b75da2a70cf4d9cb76833c990ac9cd3923c9a8905a8929789ce347c84564d03d"
+checksum = "e1e58089ea25d717bfd31fb534e4f3afcc2cc569c70de3e239778991ea3b7dea"
dependencies = [
"once_cell",
"pest",
@@ -2398,7 +2423,7 @@ checksum = "3c0f5fad0874fc7abcd4d750e76917eaebbecaa2c20bde22e1dbeeba8beb758c"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -2506,7 +2531,7 @@ dependencies = [
"proc-macro-error-attr2",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -2526,9 +2551,9 @@ checksum = "d68782463e408eb1e668cf6152704bd856c78c5b6417adaee3203d8f4c1fc9ec"
[[package]]
name = "quanta"
-version = "0.12.3"
+version = "0.12.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8e5167a477619228a0b284fac2674e3c388cba90631d7b7de620e6f1fcd08da5"
+checksum = "3bd1fe6824cea6538803de3ff1bc0cf3949024db3d43c9643024bfb33a807c0e"
dependencies = [
"crossbeam-utils",
"libc",
@@ -2586,9 +2611,9 @@ dependencies = [
[[package]]
name = "quinn-udp"
-version = "0.5.7"
+version = "0.5.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7d5a626c6807713b15cac82a6acaccd6043c9a5408c24baae07611fec3f243da"
+checksum = "1c40286217b4ba3a71d644d752e6a0b71f13f1b6a2c5311acfcbe0c2418ed904"
dependencies = [
"cfg_aliases",
"libc",
@@ -2600,9 +2625,9 @@ dependencies = [
[[package]]
name = "quote"
-version = "1.0.37"
+version = "1.0.38"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
+checksum = "0e4dccaaaf89514f546c693ddc140f729f958c247918a13380cccc6078391acc"
dependencies = [
"proc-macro2",
]
@@ -2663,9 +2688,9 @@ dependencies = [
[[package]]
name = "redox_syscall"
-version = "0.5.7"
+version = "0.5.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9b6dfecf2c74bce2466cabf93f6664d6998a69eb21e39f4207930065b27b771f"
+checksum = "03a862b389f93e68874fbf580b9de08dd02facb9a788ebadaf4a3fd33cf58834"
dependencies = [
"bitflags 2.6.0",
]
@@ -2884,22 +2909,22 @@ dependencies = [
[[package]]
name = "rustix"
-version = "0.38.41"
+version = "0.38.42"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d7f649912bc1495e167a6edee79151c84b1bad49748cb4f1f1167f459f6224f6"
+checksum = "f93dc38ecbab2eb790ff964bb77fa94faf256fd3e73285fd7ba0903b76bedb85"
dependencies = [
"bitflags 2.6.0",
"errno",
"libc",
"linux-raw-sys",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
]
[[package]]
name = "rustls"
-version = "0.23.19"
+version = "0.23.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "934b404430bb06b3fae2cba809eb45a1ab1aecd64491213d7c3301b88393f8d1"
+checksum = "5065c3f250cbd332cd894be57c40fa52387247659b14a2d6041d121547903b1b"
dependencies = [
"log",
"once_cell",
@@ -2919,7 +2944,7 @@ dependencies = [
"openssl-probe",
"rustls-pki-types",
"schannel",
- "security-framework 3.0.1",
+ "security-framework 3.1.0",
]
[[package]]
@@ -2933,9 +2958,9 @@ dependencies = [
[[package]]
name = "rustls-pki-types"
-version = "1.10.0"
+version = "1.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b"
+checksum = "d2bf47e6ff922db3825eb750c4e2ff784c6ff8fb9e13046ef6a1d1c5401b0b37"
dependencies = [
"web-time",
]
@@ -2951,6 +2976,12 @@ dependencies = [
"untrusted",
]
+[[package]]
+name = "rustversion"
+version = "1.0.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f7c45b9784283f1b2e7fb61b42047c2fd678ef0960d4f6f1eba131594cc369d4"
+
[[package]]
name = "ryu"
version = "1.0.18"
@@ -2975,6 +3006,12 @@ dependencies = [
"windows-sys 0.59.0",
]
+[[package]]
+name = "scoped-tls"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294"
+
[[package]]
name = "scopeguard"
version = "1.2.0"
@@ -3009,9 +3046,9 @@ dependencies = [
[[package]]
name = "security-framework"
-version = "3.0.1"
+version = "3.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e1415a607e92bec364ea2cf9264646dcce0f91e6d65281bd6f2819cca3bf39c8"
+checksum = "81d3f8c9bfcc3cbb6b0179eb57042d75b1582bdc65c3cb95f3fa999509c03cbc"
dependencies = [
"bitflags 2.6.0",
"core-foundation 0.10.0",
@@ -3022,9 +3059,9 @@ dependencies = [
[[package]]
name = "security-framework-sys"
-version = "2.12.1"
+version = "2.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fa39c7303dc58b5543c94d22c1766b0d31f2ee58306363ea622b10bbc075eaa2"
+checksum = "1863fd3768cd83c56a7f60faa4dc0d403f1b6df0a38c3c25f44b7894e45370d5"
dependencies = [
"core-foundation-sys",
"libc",
@@ -3032,9 +3069,9 @@ dependencies = [
[[package]]
name = "semver"
-version = "1.0.23"
+version = "1.0.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b"
+checksum = "3cb6eb87a131f756572d7fb904f6e7b68633f09cca868c5df1c4b8d1a694bbba"
[[package]]
name = "sendfd"
@@ -3082,7 +3119,7 @@ checksum = "5a9bf7cf98d04a2b28aead066b7496853d4779c9cc183c440dbac457641e19a0"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3477,9 +3514,9 @@ dependencies = [
[[package]]
name = "syn"
-version = "2.0.90"
+version = "2.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "919d3b74a5dd0ccd15aeb8f93e7006bd9e14c295087c9896a110f490752bcf31"
+checksum = "987bc0be1cdea8b10216bd06e2ca407d40b9543468fafd3ddfb02f36e77f71f3"
dependencies = [
"proc-macro2",
"quote",
@@ -3503,7 +3540,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3609,7 +3646,7 @@ checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3620,7 +3657,7 @@ checksum = "7b50fa271071aae2e6ee85f842e2e28ba8cd2c5fb67f11fcb1fd70b276f9e7d4"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3688,9 +3725,9 @@ dependencies = [
[[package]]
name = "tinyvec"
-version = "1.8.0"
+version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938"
+checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8"
dependencies = [
"tinyvec_macros",
]
@@ -3727,7 +3764,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3769,9 +3806,9 @@ dependencies = [
[[package]]
name = "tokio-util"
-version = "0.7.12"
+version = "0.7.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "61e7c3654c13bcd040d4a03abee2c75b1d14a37b423cf5a813ceae1cc903ec6a"
+checksum = "d7fcaa8d55a2bdd6b83ace262b016eca0d79ee02818c5c1bcdf0305114081078"
dependencies = [
"bytes",
"futures-core",
@@ -3827,7 +3864,7 @@ checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -3878,15 +3915,9 @@ checksum = "70977707304198400eb4835a78f6a9f928bf41bba420deb8fdb175cd965d77a7"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
-[[package]]
-name = "triomphe"
-version = "0.1.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "859eb650cfee7434994602c3a68b25d77ad9e68c8a6cd491616ef86661382eb3"
-
[[package]]
name = "try-lock"
version = "0.2.5"
@@ -4057,9 +4088,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasm-bindgen"
-version = "0.2.97"
+version = "0.2.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d15e63b4482863c109d70a7b8706c1e364eb6ea449b201a76c5b89cedcec2d5c"
+checksum = "a474f6281d1d70c17ae7aa6a613c87fce69a127e2624002df63dcb39d6cf6396"
dependencies = [
"cfg-if",
"once_cell",
@@ -4068,24 +4099,23 @@ dependencies = [
[[package]]
name = "wasm-bindgen-backend"
-version = "0.2.97"
+version = "0.2.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8d36ef12e3aaca16ddd3f67922bc63e48e953f126de60bd33ccc0101ef9998cd"
+checksum = "5f89bb38646b4f81674e8f5c3fb81b562be1fd936d84320f3264486418519c79"
dependencies = [
"bumpalo",
"log",
- "once_cell",
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-futures"
-version = "0.4.47"
+version = "0.4.49"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9dfaf8f50e5f293737ee323940c7d8b08a66a95a419223d9f41610ca08b0833d"
+checksum = "38176d9b44ea84e9184eff0bc34cc167ed044f816accfe5922e54d84cf48eca2"
dependencies = [
"cfg-if",
"js-sys",
@@ -4096,9 +4126,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
-version = "0.2.97"
+version = "0.2.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "705440e08b42d3e4b36de7d66c944be628d579796b8090bfa3471478a2260051"
+checksum = "2cc6181fd9a7492eef6fef1f33961e3695e4579b9872a6f7c83aee556666d4fe"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@@ -4106,28 +4136,28 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
-version = "0.2.97"
+version = "0.2.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "98c9ae5a76e46f4deecd0f0255cc223cfa18dc9b261213b8aa0c7b36f61b3f1d"
+checksum = "30d7a95b763d3c45903ed6c81f156801839e5ee968bb07e534c44df0fcd330c2"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-shared"
-version = "0.2.97"
+version = "0.2.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ee99da9c5ba11bd675621338ef6fa52296b76b83305e9b6e5c77d4c286d6d49"
+checksum = "943aab3fdaaa029a6e0271b35ea10b72b943135afe9bffca82384098ad0e06a6"
[[package]]
name = "web-sys"
-version = "0.3.74"
+version = "0.3.76"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a98bc3c33f0fe7e59ad7cd041b89034fa82a7c2d4365ca538dda6cdaf513863c"
+checksum = "04dd7223427d52553d3702c004d3b2fe07c148165faa56313cb00211e31c12bc"
dependencies = [
"js-sys",
"wasm-bindgen",
@@ -4180,7 +4210,7 @@ version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
dependencies = [
- "windows-sys 0.48.0",
+ "windows-sys 0.59.0",
]
[[package]]
@@ -4189,6 +4219,16 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+[[package]]
+name = "windows"
+version = "0.58.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dd04d41d93c4992d421894c18c8b43496aa748dd4c081bac0dc93eb0489272b6"
+dependencies = [
+ "windows-core 0.58.0",
+ "windows-targets 0.52.6",
+]
+
[[package]]
name = "windows-core"
version = "0.52.0"
@@ -4198,6 +4238,41 @@ dependencies = [
"windows-targets 0.52.6",
]
+[[package]]
+name = "windows-core"
+version = "0.58.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6ba6d44ec8c2591c134257ce647b7ea6b20335bf6379a27dac5f1641fcf59f99"
+dependencies = [
+ "windows-implement",
+ "windows-interface",
+ "windows-result",
+ "windows-strings",
+ "windows-targets 0.52.6",
+]
+
+[[package]]
+name = "windows-implement"
+version = "0.58.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.94",
+]
+
+[[package]]
+name = "windows-interface"
+version = "0.58.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.94",
+]
+
[[package]]
name = "windows-registry"
version = "0.2.0"
@@ -4470,7 +4545,7 @@ checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
"synstructure",
]
@@ -4492,7 +4567,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
@@ -4512,7 +4587,7 @@ checksum = "595eed982f7d355beb85837f651fa22e90b3c044842dc7f2c2842c086f295808"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
"synstructure",
]
@@ -4541,7 +4616,7 @@ checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.90",
+ "syn 2.0.94",
]
[[package]]
diff --git a/shadowsocks-rust/Cargo.toml b/shadowsocks-rust/Cargo.toml
index 6877369354..f852c1bedd 100644
--- a/shadowsocks-rust/Cargo.toml
+++ b/shadowsocks-rust/Cargo.toml
@@ -55,21 +55,7 @@ panic = "abort"
strip = true
[features]
-default = [
- "logging",
- "hickory-dns",
- "local",
- "server",
- "manager",
- "utility",
- "service",
- "local-http",
- "local-tunnel",
- "local-socks4",
- "multi-threaded",
- "aead-cipher",
- "aead-cipher-2022",
-]
+default = ["full"]
# Basic Features
basic = [
diff --git a/shadowsocks-rust/crates/shadowsocks-service/Cargo.toml b/shadowsocks-rust/crates/shadowsocks-service/Cargo.toml
index c27fa095cb..b8a57fd9a9 100644
--- a/shadowsocks-rust/crates/shadowsocks-service/Cargo.toml
+++ b/shadowsocks-rust/crates/shadowsocks-service/Cargo.toml
@@ -15,8 +15,7 @@ rust-version = "1.80"
maintenance = { status = "passively-maintained" }
[features]
-# WARN: Just for compatible. May be removed in the future releases.
-default = ["aead-cipher"]
+default = ["hickory-dns", "aead-cipher"]
full = [
"local",
@@ -181,7 +180,7 @@ http-body-util = { version = "0.1", optional = true }
http = { version = "1.1", optional = true }
httparse = { version = "1.9", optional = true }
-hickory-resolver = { version = "0.25.0-alpha", optional = true, features = [
+hickory-resolver = { version = "=0.25.0-alpha.4", optional = true, features = [
"serde",
] }
diff --git a/shadowsocks-rust/crates/shadowsocks/Cargo.toml b/shadowsocks-rust/crates/shadowsocks/Cargo.toml
index 7c8ea5434c..efbf9c8255 100644
--- a/shadowsocks-rust/crates/shadowsocks/Cargo.toml
+++ b/shadowsocks-rust/crates/shadowsocks/Cargo.toml
@@ -86,7 +86,7 @@ tokio = { version = "1.9.0", features = [
"time",
] }
-hickory-resolver = { version = "0.25.0-alpha", optional = true }
+hickory-resolver = { version = "=0.25.0-alpha.4", optional = true }
arc-swap = { version = "1.7", optional = true }
notify = { version = "7.0", optional = true }
diff --git a/shadowsocks-rust/debian/changelog b/shadowsocks-rust/debian/changelog
index 554518f09e..cd4a107b5b 100644
--- a/shadowsocks-rust/debian/changelog
+++ b/shadowsocks-rust/debian/changelog
@@ -1,3 +1,28 @@
+shadowsocks-rust (1.22.0) unstable; urgency=medium
+
+ ## Features, Breaking Changes
+
+ - `ServerConfig::new` returns a `Result`, fails if `password` doesn't match `method`'s requirements
+ - `ConnectOpts::bind_local_addr` supports binding to a specific port
+ - Uses `async` in trait, bump MSRV to v1.75
+ - #1790 `outbound_udp_allow_fragmentation` new option for allowing UDP outbound sockets to enable IP fragmentation
+ - `tun2` has been merged back to `meh/rust-tun`
+ - #1810 `UdpSocket::bind`
+ - `shadowsocks-rust` binary crate "default" feature set to `full`
+
+ ## Bug Fixes
+
+ - Method `none` (`plain`) skips key derivation process.
+ - #1762 Do not crash in `ServerConfig::from_url()` on unknown method
+ - #1759 Flush `local-tun` tcp writer half before close
+ - #1765 Disallow HTTP/SOCKS4a in `socks` protocol handler when authentication is required
+ - `ConnectOpts`'s per-server options should not be shared globally
+ - #1814 `local-dns` upstream udp packet buffer size 256
+
+ ## Miscellaneous
+
+ - Make cryptographic dependencies optional in default build of `shadowsocks` crate.
+
shadowsocks-rust (1.21.2) unstable; urgency=medium
## Bug Fixes
diff --git a/sing-box/clients/android/version.properties b/sing-box/clients/android/version.properties
index bfe1e278cf..6d29f809fc 100644
--- a/sing-box/clients/android/version.properties
+++ b/sing-box/clients/android/version.properties
@@ -1,3 +1,3 @@
-VERSION_CODE=456
+VERSION_CODE=458
VERSION_NAME=1.10.6
GO_VERSION=go1.23.4
diff --git a/small/luci-app-mihomo/Makefile b/small/luci-app-mihomo/Makefile
index 196f40d4c4..c930c382b4 100644
--- a/small/luci-app-mihomo/Makefile
+++ b/small/luci-app-mihomo/Makefile
@@ -1,6 +1,6 @@
include $(TOPDIR)/rules.mk
-PKG_VERSION:=1.16.0
+PKG_VERSION:=1.17.0
LUCI_TITLE:=LuCI Support for mihomo
LUCI_DEPENDS:=+luci-base +mihomo
diff --git a/small/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js b/small/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js
index 6264ef3d76..8c631f8817 100644
--- a/small/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js
+++ b/small/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js
@@ -140,6 +140,10 @@ return view.extend({
o.rmempty = false;
o.value('0-65535', _('All Port'));
o.value('123 443 8443', _('Commonly Used Port'));
+
+ o = s.taboption('bypass', form.DynamicList, 'bypass_dscp', _('Bypass DSCP'));
+ o.datatype = 'range(0, 63)';
+
return m.render();
}
});
diff --git a/small/luci-app-mihomo/po/templates/mihomo.pot b/small/luci-app-mihomo/po/templates/mihomo.pot
index 43d9ac58e1..68d3bb72f5 100644
--- a/small/luci-app-mihomo/po/templates/mihomo.pot
+++ b/small/luci-app-mihomo/po/templates/mihomo.pot
@@ -61,6 +61,10 @@ msgstr ""
msgid "Bypass China Mainland IP"
msgstr ""
+#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:144
+msgid "Bypass DSCP"
+msgstr ""
+
#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:124
msgid "Bypass Group"
msgstr ""
diff --git a/small/luci-app-mihomo/po/zh_Hans/mihomo.po b/small/luci-app-mihomo/po/zh_Hans/mihomo.po
index b3afaadd07..a9b62478a9 100644
--- a/small/luci-app-mihomo/po/zh_Hans/mihomo.po
+++ b/small/luci-app-mihomo/po/zh_Hans/mihomo.po
@@ -68,6 +68,10 @@ msgstr "绕过"
msgid "Bypass China Mainland IP"
msgstr "绕过中国大陆 IP"
+#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:144
+msgid "Bypass DSCP"
+msgstr "绕过 DSCP"
+
#: applications/luci-app-mihomo/htdocs/luci-static/resources/view/mihomo/proxy.js:124
msgid "Bypass Group"
msgstr "绕过用户组"
diff --git a/small/luci-app-passwall/Makefile b/small/luci-app-passwall/Makefile
index 7b625eaed6..6653f5f741 100644
--- a/small/luci-app-passwall/Makefile
+++ b/small/luci-app-passwall/Makefile
@@ -1,5 +1,5 @@
# Copyright (C) 2018-2020 L-WRT Team
-# Copyright (C) 2021-2023 xiaorouji
+# Copyright (C) 2021-2025 xiaorouji
#
# This is free software, licensed under the GNU General Public License v3.
diff --git a/small/luci-app-passwall/luasrc/controller/passwall.lua b/small/luci-app-passwall/luasrc/controller/passwall.lua
index 2ed0db4016..c01e5ef27d 100644
--- a/small/luci-app-passwall/luasrc/controller/passwall.lua
+++ b/small/luci-app-passwall/luasrc/controller/passwall.lua
@@ -1,10 +1,10 @@
-- Copyright (C) 2018-2020 L-WRT Team
--- Copyright (C) 2021-2023 xiaorouji
+-- Copyright (C) 2021-2025 xiaorouji
module("luci.controller.passwall", package.seeall)
local api = require "luci.passwall.api"
-local appname = "passwall" -- not available
-local uci = api.libuci -- in funtion index()
+local appname = "passwall" -- not available
+local uci = api.uci -- in funtion index()
local fs = api.fs
local http = require "luci.http"
local util = require "luci.util"
@@ -17,8 +17,8 @@ function index()
else return end
end
local api = require "luci.passwall.api"
- local appname = "passwall" -- global definitions not available
- local uci = api.libuci -- in function index()
+ local appname = "passwall" -- global definitions not available
+ local uci = api.uci -- in function index()
local fs = api.fs
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
@@ -110,7 +110,7 @@ end
function show_menu()
uci:delete(appname, "@global[0]", "hide_from_luci")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url())
@@ -118,7 +118,7 @@ end
function hide_menu()
uci:set(appname, "@global[0]", "hide_from_luci","1")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
@@ -135,6 +135,7 @@ function socks_autoswitch_add_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
@@ -146,8 +147,8 @@ function socks_autoswitch_add_node()
table.insert(new_list, e.id)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -156,14 +157,15 @@ function socks_autoswitch_remove_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -353,7 +355,7 @@ function set_node()
local protocol = luci.http.formvalue("protocol")
local section = luci.http.formvalue("section")
uci:set(appname, "@global[0]", protocol .. "_node", section)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
@@ -361,7 +363,7 @@ end
function copy_node()
local section = luci.http.formvalue("section")
local uuid = api.gen_short_uuid()
- api.uci_section(uci, appname, "nodes", uuid)
+ uci:section(appname, "nodes", uuid)
for k, v in pairs(uci:get_all(appname, section)) do
local filter = k:find("%.")
if filter and filter == 1 then
@@ -375,7 +377,7 @@ function copy_node()
end
uci:delete(appname, uuid, "add_from")
uci:set(appname, uuid, "add_mode", 1)
- uci:commit(appname)
+ api.uci_save(uci, appname)
luci.http.redirect(api.url("node_config", uuid))
end
@@ -385,7 +387,7 @@ function clear_all_nodes()
uci:delete(appname, '@global[0]', "udp_node")
uci:foreach(appname, "socks", function(t)
uci:delete(appname, t[".name"])
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", {})
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", {})
end)
uci:foreach(appname, "haproxy_config", function(t)
uci:delete(appname, t[".name"])
@@ -398,7 +400,7 @@ function clear_all_nodes()
uci:delete(appname, node['.name'])
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " stop")
end
@@ -421,7 +423,7 @@ function delete_select_nodes()
table.remove(auto_switch_node_list, i)
end
end
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
end)
uci:foreach(appname, "haproxy_config", function(t)
if t["lbss"] == w then
@@ -448,7 +450,7 @@ function delete_select_nodes()
end)
uci:delete(appname, w)
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " restart > /dev/null 2>&1 &")
end
diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
index bc1ab22d87..1e70f23fa2 100644
--- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
+++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/socks_config.lua
@@ -123,6 +123,8 @@ for k, v in pairs(nodes_table) do
socks_node:value(v.id, v["remark"])
end
-m:append(Template(appname .. "/socks_auto_switch/footer"))
+o = s:option(DummyValue, "btn", " ")
+o.template = appname .. "/socks_auto_switch/btn"
+o:depends("enable_autoswitch", true)
return m
diff --git a/small/luci-app-passwall/luasrc/passwall/api.lua b/small/luci-app-passwall/luasrc/passwall/api.lua
index c866607ce0..1dbeb84ad7 100644
--- a/small/luci-app-passwall/luasrc/passwall/api.lua
+++ b/small/luci-app-passwall/luasrc/passwall/api.lua
@@ -3,6 +3,7 @@ local com = require "luci.passwall.com"
bin = require "nixio".bin
fs = require "nixio.fs"
sys = require "luci.sys"
+uci = require "luci.model.uci".cursor()
libuci = require "uci".cursor()
util = require "luci.util"
datatypes = require "luci.cbi.datatypes"
@@ -30,6 +31,10 @@ function log(...)
end
end
+function is_js_luci()
+ return sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0
+end
+
function uci_set_list(cursor, config, section, option, value)
if config and section and option then
if not value or #value == 0 then
@@ -55,24 +60,48 @@ function uci_section(cursor, config, type, name, values)
return stat and name
end
+function uci_save(cursor, config, commit, apply)
+ if is_js_luci() then
+ commit = true
+ if commit then
+ if apply then
+ cursor:commit(config)
+ else
+ sh_uci_commit(config)
+ end
+ end
+ else
+ cursor:save(config)
+ if commit then
+ cursor:commit(config)
+ if apply then
+ sys.call("/etc/init.d/" .. config .. " reload > /dev/null 2>&1 &")
+ end
+ end
+ end
+end
+
function sh_uci_get(config, section, option)
exec_call(string.format("uci -q get %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
end
-function sh_uci_set(config, section, option, val)
+function sh_uci_set(config, section, option, val, commit)
exec_call(string.format("uci -q set %s.%s.%s=\"%s\"", config, section, option, val))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_del(config, section, option)
+function sh_uci_del(config, section, option, commit)
exec_call(string.format("uci -q delete %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_add_list(config, section, option, val)
+function sh_uci_add_list(config, section, option, val, commit)
exec_call(string.format("uci -q del_list %s.%s.%s=\"%s\"", config, section, option, val))
exec_call(string.format("uci -q add_list %s.%s.%s=\"%s\"", config, section, option, val))
+ if commit then sh_uci_commit(config) end
+end
+
+function sh_uci_commit(config)
exec_call(string.format("uci -q commit %s", config))
end
@@ -175,7 +204,7 @@ end
function curl_direct(url, file, args)
--直连访问
- local chn_list = libuci:get(appname, "@global[0]", "chn_list") or "direct"
+ local chn_list = uci:get(appname, "@global[0]", "chn_list") or "direct"
local Dns = (chn_list == "proxy") and "1.1.1.1" or "223.5.5.5"
if not args then args = {} end
local tmp_args = clone(args)
@@ -419,30 +448,10 @@ function get_domain_from_url(url)
return url
end
-function get_node_name(node_id)
- local e
- if type(node_id) == "table" then
- e = node_id
- else
- e = libuci:get_all(appname, node_id)
- end
- if e then
- if e.type and e.remarks then
- if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
- local type = e.type
- if type == "sing-box" then type = "Sing-Box" end
- local remark = "%s:[%s] " % {type .. " " .. i18n.translatef(e.protocol), e.remarks}
- return remark
- end
- end
- end
- return ""
-end
-
function get_valid_nodes()
local show_node_info = uci_get_type("@global_other[0]", "show_node_info", "0")
local nodes = {}
- libuci:foreach(appname, "nodes", function(e)
+ uci:foreach(appname, "nodes", function(e)
e.id = e[".name"]
if e.type and e.remarks then
if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
@@ -539,7 +548,7 @@ function gen_short_uuid()
end
function uci_get_type(type, config, default)
- local value = libuci:get(appname, type, config) or default
+ local value = uci:get(appname, type, config) or default
if (value == nil or value == "") and (default and default ~= "") then
value = default
end
diff --git a/small/luci-app-passwall/luasrc/passwall/server_app.lua b/small/luci-app-passwall/luasrc/passwall/server_app.lua
index ef267c649a..50357056b6 100644
--- a/small/luci-app-passwall/luasrc/passwall/server_app.lua
+++ b/small/luci-app-passwall/luasrc/passwall/server_app.lua
@@ -3,7 +3,7 @@
local action = arg[1]
local api = require "luci.passwall.api"
local sys = api.sys
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
local CONFIG = "passwall_server"
diff --git a/small/luci-app-passwall/luasrc/passwall/util_hysteria2.lua b/small/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
index 12afe6874b..b818aadbfb 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_hysteria2.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_hysteria2", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
diff --git a/small/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua b/small/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
index b6ef39b3bf..ee095c1e6c 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_naiveproxy.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_naiveproxy", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config(var)
diff --git a/small/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua b/small/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
index 5e724e77ba..e6080001b8 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_shadowsocks.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_shadowsocks", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
diff --git a/small/luci-app-passwall/luasrc/passwall/util_sing-box.lua b/small/luci-app-passwall/luasrc/passwall/util_sing-box.lua
index e6cdbc7d35..bfa24b46ce 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_sing-box.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_sing-box.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_sing-box", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = "passwall"
diff --git a/small/luci-app-passwall/luasrc/passwall/util_trojan.lua b/small/luci-app-passwall/luasrc/passwall/util_trojan.lua
index 31bd67a4a3..848b689a56 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_trojan.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_trojan.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_trojan", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local json = api.jsonc
function gen_config_server(node)
diff --git a/small/luci-app-passwall/luasrc/passwall/util_tuic.lua b/small/luci-app-passwall/luasrc/passwall/util_tuic.lua
index be00dcb8cf..e138b6da56 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_tuic.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_tuic.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_tuic", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local json = api.jsonc
function gen_config(var)
diff --git a/small/luci-app-passwall/luasrc/passwall/util_xray.lua b/small/luci-app-passwall/luasrc/passwall/util_xray.lua
index c3ac56c205..828b7681f7 100644
--- a/small/luci-app-passwall/luasrc/passwall/util_xray.lua
+++ b/small/luci-app-passwall/luasrc/passwall/util_xray.lua
@@ -1,6 +1,6 @@
module("luci.passwall.util_xray", package.seeall)
local api = require "luci.passwall.api"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local appname = "passwall"
diff --git a/small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm b/small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
similarity index 63%
rename from small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm
rename to small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
index 067b978765..287c1d2f48 100644
--- a/small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/footer.htm
+++ b/small/luci-app-passwall/luasrc/view/passwall/socks_auto_switch/btn.htm
@@ -19,5 +19,7 @@ local api = require "luci.passwall.api"
}
//]]>
-" data-index="<%=self.index%>" data-depends="<%=pcdata(self:deplist2json(section))%>">
+
\ No newline at end of file
diff --git a/small/luci-app-passwall/root/usr/share/passwall/app.sh b/small/luci-app-passwall/root/usr/share/passwall/app.sh
index 803b6eede8..57b989bd2a 100755
--- a/small/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/small/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -1,6 +1,6 @@
#!/bin/sh
# Copyright (C) 2018-2020 L-WRT Team
-# Copyright (C) 2021-2023 xiaorouji
+# Copyright (C) 2021-2025 xiaorouji
. $IPKG_INSTROOT/lib/functions.sh
. $IPKG_INSTROOT/lib/functions/service.sh
@@ -17,17 +17,6 @@ GLOBAL_ACL_PATH=${TMP_ACL_PATH}/default
LOG_FILE=/tmp/log/$CONFIG.log
APP_PATH=/usr/share/$CONFIG
RULES_PATH=/usr/share/${CONFIG}/rules
-DNS_PORT=15353
-TUN_DNS="127.0.0.1#${DNS_PORT}"
-LOCAL_DNS=119.29.29.29,223.5.5.5
-DEFAULT_DNS=
-IPT_APPEND_DNS=
-ENABLED_DEFAULT_ACL=0
-PROXY_IPV6=0
-PROXY_IPV6_UDP=0
-resolve_dns=0
-use_tcp_node_resolve_dns=0
-use_udp_node_resolve_dns=0
LUA_UTIL_PATH=/usr/lib/lua/luci/passwall
UTIL_SINGBOX=$LUA_UTIL_PATH/util_sing-box.lua
UTIL_SS=$LUA_UTIL_PATH/util_shadowsocks.lua
@@ -244,7 +233,11 @@ check_ver() {
get_new_port() {
port=$1
- [ "$port" == "auto" ] && port=2082
+ [ "$port" == "auto" ] && {
+ port=2082
+ local GET_NEW_PORT=$(get_cache_var "get_new_port")
+ [ -n "${GET_NEW_PORT}" ] && port=${GET_NEW_PORT}
+ }
protocol=$(echo $2 | tr 'A-Z' 'a-z')
result=$(check_port_exists $port $protocol)
if [ "$result" != 0 ]; then
@@ -256,6 +249,7 @@ get_new_port() {
fi
get_new_port $temp $protocol
else
+ set_cache_var "get_new_port" "$port"
echo $port
fi
}
@@ -379,7 +373,11 @@ set_cache_var() {
local key="${1}"
shift 1
local val="$@"
- [ -n "${key}" ] && [ -n "${val}" ] && echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ [ -n "${key}" ] && [ -n "${val}" ] && {
+ sed -i "/${key}=/d" $TMP_PATH/var >/dev/null 2>&1
+ echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ eval ${key}=\"${val}\"
+ }
}
get_cache_var() {
@@ -389,6 +387,10 @@ get_cache_var() {
}
}
+eval_cache_var() {
+ [ -s "$TMP_PATH/var" ] && eval $(cat "$TMP_PATH/var")
+}
+
run_ipt2socks() {
local flag proto tcp_tproxy local_port socks_address socks_port socks_username socks_password log_file
local _extra_param=""
@@ -415,8 +417,8 @@ run_ipt2socks() {
}
run_singbox() {
- local flag type node tcp_redir_port udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
- local dns_listen_port direct_dns_port direct_dns_udp_server direct_dns_tcp_server direct_dns_dot_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
+ local flag type node tcp_redir_port tcp_proxy_way udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local dns_listen_port direct_dns_query_strategy direct_dns_port direct_dns_udp_server direct_dns_tcp_server direct_dns_dot_server remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
local loglevel log_file config_file server_host server_port
local _extra_param=""
eval_set_val $@
@@ -446,6 +448,7 @@ run_singbox() {
[ -n "$server_host" ] && _extra_param="${_extra_param} -server_host $server_host"
[ -n "$server_port" ] && _extra_param="${_extra_param} -server_port $server_port"
[ -n "$tcp_redir_port" ] && _extra_param="${_extra_param} -tcp_redir_port $tcp_redir_port"
+ [ -n "$tcp_proxy_way" ] && _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
[ -n "$udp_redir_port" ] && _extra_param="${_extra_param} -udp_redir_port $udp_redir_port"
[ -n "$socks_address" ] && _extra_param="${_extra_param} -local_socks_address $socks_address"
[ -n "$socks_port" ] && _extra_param="${_extra_param} -local_socks_port $socks_port"
@@ -472,7 +475,8 @@ run_singbox() {
direct_dns_port=$(echo ${local_dns} | awk -F '#' '{print $2}')
fi
_extra_param="${_extra_param} -direct_dns_port ${direct_dns_port:-53}"
- _extra_param="${_extra_param} -direct_dns_query_strategy ${DIRECT_DNS_QUERY_STRATEGY}"
+ direct_dns_query_strategy=${direct_dns_query_strategy:-UseIP}
+ _extra_param="${_extra_param} -direct_dns_query_strategy ${direct_dns_query_strategy}"
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
case "$remote_dns_protocol" in
@@ -491,14 +495,13 @@ run_singbox() {
esac
[ -n "$remote_dns_client_ip" ] && _extra_param="${_extra_param} -remote_dns_client_ip ${remote_dns_client_ip}"
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
- _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
lua $UTIL_SINGBOX gen_config ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" $log_file run -c "$config_file"
}
run_xray() {
- local flag type node tcp_redir_port udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
- local dns_listen_port remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
+ local flag type node tcp_redir_port tcp_proxy_way udp_redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local dns_listen_port direct_dns_query_strategy remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_fakedns remote_dns_query_strategy dns_cache dns_socks_address dns_socks_port
local loglevel log_file config_file server_host server_port
local _extra_param=""
eval_set_val $@
@@ -517,6 +520,7 @@ run_xray() {
[ -n "$server_host" ] && _extra_param="${_extra_param} -server_host $server_host"
[ -n "$server_port" ] && _extra_param="${_extra_param} -server_port $server_port"
[ -n "$tcp_redir_port" ] && _extra_param="${_extra_param} -tcp_redir_port $tcp_redir_port"
+ [ -n "$tcp_proxy_way" ] && _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
[ -n "$udp_redir_port" ] && _extra_param="${_extra_param} -udp_redir_port $udp_redir_port"
[ -n "$socks_address" ] && _extra_param="${_extra_param} -local_socks_address $socks_address"
[ -n "$socks_port" ] && _extra_param="${_extra_param} -local_socks_port $socks_port"
@@ -526,7 +530,8 @@ run_xray() {
[ -n "$http_username" ] && [ -n "$http_password" ] && _extra_param="${_extra_param} -local_http_username $http_username -local_http_password $http_password"
[ -n "$dns_socks_address" ] && [ -n "$dns_socks_port" ] && _extra_param="${_extra_param} -dns_socks_address ${dns_socks_address} -dns_socks_port ${dns_socks_port}"
[ -n "$dns_listen_port" ] && _extra_param="${_extra_param} -dns_listen_port ${dns_listen_port}"
- _extra_param="${_extra_param} -direct_dns_query_strategy ${DIRECT_DNS_QUERY_STRATEGY}"
+ direct_dns_query_strategy=${direct_dns_query_strategy:-UseIP}
+ _extra_param="${_extra_param} -direct_dns_query_strategy ${direct_dns_query_strategy}"
[ -n "$remote_dns_query_strategy" ] && _extra_param="${_extra_param} -remote_dns_query_strategy ${remote_dns_query_strategy}"
[ -n "$remote_dns_client_ip" ] && _extra_param="${_extra_param} -remote_dns_client_ip ${remote_dns_client_ip}"
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
@@ -543,7 +548,6 @@ run_xray() {
[ -n "$_doh_bootstrap" ] && _extra_param="${_extra_param} -remote_dns_doh_ip ${_doh_bootstrap}"
_extra_param="${_extra_param} -remote_dns_doh_port ${_doh_port} -remote_dns_doh_url ${_doh_url} -remote_dns_doh_host ${_doh_host}"
}
- _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
_extra_param="${_extra_param} -loglevel $loglevel"
lua $UTIL_XRAY gen_config ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app ${type}_file) ${type})" ${type} $log_file run -c "$config_file"
@@ -762,7 +766,6 @@ run_redir() {
}
}
[ "$bind" != "127.0.0.1" ] && echolog "${PROTO}节点:[$remarks],监听端口:$local_port"
- set_cache_var "${PROTO}_NODE_PORT" "${port}"
case "$PROTO" in
UDP)
@@ -820,12 +823,11 @@ run_redir() {
[ "$tcp_node_http_port" != "0" ] && tcp_node_http=1
if [ $PROXY_IPV6 == "1" ]; then
echolog "开启实验性IPv6透明代理(TProxy),请确认您的节点及类型支持IPv6!"
- PROXY_IPV6_UDP=1
fi
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
can_ipt=$(echo "$REDIRECT_LIST" | grep "$type")
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
can_ipt=$(echo "$TPROXY_LIST" | grep "$type")
fi
[ -z "$can_ipt" ] && type="socks"
@@ -879,14 +881,14 @@ run_redir() {
}
[ "${DNS_MODE}" = "sing-box" ] && {
- resolve_dns=1
+ NO_PLUGIN_DNS=1
config_file=$(echo $config_file | sed "s/.json/_DNS.json/g")
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
[ -n "${_remote_dns_client_ip}" ] && _args="${_args} remote_dns_client_ip=${_remote_dns_client_ip}"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
- resolve_dns_port=${dns_listen_port}
+ resolve_dns_port=${NEXT_DNS_LISTEN_PORT}
_args="${_args} dns_listen_port=${resolve_dns_port}"
case "$(config_t_get global direct_dns_mode "auto")" in
@@ -922,9 +924,9 @@ run_redir() {
_args="${_args} remote_fakedns=1"
resolve_dns_log="${resolve_dns_log} + FakeDNS"
}
- dns_listen_port=$(expr $dns_listen_port + 1)
+ NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
- run_singbox flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
+ run_singbox flag=$_flag node=$node tcp_redir_port=$local_port tcp_proxy_way=$TCP_PROXY_WAY config_file=$config_file log_file=$log_file ${_args}
;;
xray)
local _flag="TCP"
@@ -957,14 +959,14 @@ run_redir() {
}
[ "${DNS_MODE}" = "xray" ] && {
- resolve_dns=1
+ NO_PLUGIN_DNS=1
config_file=$(echo $config_file | sed "s/.json/_DNS.json/g")
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
[ -n "${_remote_dns_client_ip}" ] && _args="${_args} remote_dns_client_ip=${_remote_dns_client_ip}"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
- resolve_dns_port=${dns_listen_port}
+ resolve_dns_port=${NEXT_DNS_LISTEN_PORT}
_args="${_args} dns_listen_port=${resolve_dns_port}"
_args="${_args} remote_dns_tcp_server=${REMOTE_DNS}"
if [ "$v2ray_dns_mode" = "tcp+doh" ]; then
@@ -980,12 +982,12 @@ run_redir() {
_args="${_args} remote_fakedns=1"
resolve_dns_log="${resolve_dns_log} + FakeDNS"
}
- dns_listen_port=$(expr $dns_listen_port + 1)
+ NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
- run_xray flag=$_flag node=$node tcp_redir_port=$local_port config_file=$config_file log_file=$log_file ${_args}
+ run_xray flag=$_flag node=$node tcp_redir_port=$local_port tcp_proxy_way=$TCP_PROXY_WAY config_file=$config_file log_file=$log_file ${_args}
;;
trojan*)
- [ "$tcp_proxy_way" = "tproxy" ] && lua_tproxy_arg="-use_tproxy true"
+ [ "${TCP_PROXY_WAY}" = "tproxy" ] && lua_tproxy_arg="-use_tproxy true"
[ "$TCP_UDP" = "1" ] && {
config_file=$(echo $config_file | sed "s/TCP/TCP_UDP/g")
UDP_REDIR_PORT=$TCP_REDIR_PORT
@@ -1000,7 +1002,7 @@ run_redir() {
ln_run "$(first_type naive)" naive $log_file "$config_file"
;;
ssr)
- [ "$tcp_proxy_way" = "tproxy" ] && lua_tproxy_arg="-tcp_tproxy true"
+ [ "${TCP_PROXY_WAY}" = "tproxy" ] && lua_tproxy_arg="-tcp_tproxy true"
[ "$TCP_UDP" = "1" ] && {
config_file=$(echo $config_file | sed "s/TCP/TCP_UDP/g")
UDP_REDIR_PORT=$TCP_REDIR_PORT
@@ -1011,7 +1013,7 @@ run_redir() {
ln_run "$(first_type ssr-redir)" "ssr-redir" $log_file -c "$config_file" -v ${_extra_param}
;;
ss)
- [ "$tcp_proxy_way" = "tproxy" ] && lua_tproxy_arg="-tcp_tproxy true"
+ [ "${TCP_PROXY_WAY}" = "tproxy" ] && lua_tproxy_arg="-tcp_tproxy true"
lua_mode_arg="-mode tcp_only"
[ "$TCP_UDP" = "1" ] && {
config_file=$(echo $config_file | sed "s/TCP/TCP_UDP/g")
@@ -1024,7 +1026,7 @@ run_redir() {
;;
ss-rust)
local _extra_param="-local_tcp_redir_port $local_port"
- [ "$tcp_proxy_way" = "tproxy" ] && _extra_param="${_extra_param} -tcp_tproxy true"
+ [ "${TCP_PROXY_WAY}" = "tproxy" ] && _extra_param="${_extra_param} -tcp_tproxy true"
[ "$tcp_node_socks" = "1" ] && {
tcp_node_socks_flag=1
config_file=$(echo $config_file | sed "s/TCP/TCP_SOCKS/g")
@@ -1062,7 +1064,7 @@ run_redir() {
unset UDP_NODE
_extra_param="${_extra_param} -local_udp_redir_port $local_port"
}
- _extra_param="${_extra_param} -tcp_proxy_way $tcp_proxy_way"
+ _extra_param="${_extra_param} -tcp_proxy_way ${TCP_PROXY_WAY}"
lua $UTIL_HYSTERIA2 gen_config -node $node ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app hysteria_file))" "hysteria" $log_file -c "$config_file" client
;;
@@ -1075,7 +1077,7 @@ run_redir() {
unset UDP_NODE
}
local _socks_tproxy=""
- [ "$tcp_proxy_way" = "tproxy" ] && _socks_tproxy="1"
+ [ "${TCP_PROXY_WAY}" = "tproxy" ] && _socks_tproxy="1"
run_ipt2socks flag=default proto=${_flag} tcp_tproxy=${_socks_tproxy} local_port=${local_port} socks_address=${_socks_address} socks_port=${_socks_port} socks_username=${_socks_username} socks_password=${_socks_password} log_file=${log_file}
fi
@@ -1356,12 +1358,12 @@ start_dns() {
#当全局(包括访问控制节点)开启chinadns-ng时,不启动新进程。
[ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && {
- LOCAL_DNS="127.0.0.1#${dns_listen_port}"
+ LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
local china_ng_c_dns="tcp://$(get_first_dns DIRECT_DNS 53 | sed 's/:/#/g')"
- ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${dns_listen_port} -c ${china_ng_c_dns} -d chn
+ ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${china_ng_c_dns} -d chn
echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${china_ng_c_dns}"
echolog " * 请确保上游直连 DNS 支持 TCP 查询。"
- dns_listen_port=$(expr $dns_listen_port + 1)
+ NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
;;
dot)
@@ -1371,11 +1373,11 @@ start_dns() {
#当全局(包括访问控制节点)开启chinadns-ng时,不启动新进程。
[ "$DNS_SHUNT" != "chinadns-ng" ] || [ "$ACL_RULE_DNSMASQ" = "1" ] && {
- LOCAL_DNS="127.0.0.1#${dns_listen_port}"
- ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${dns_listen_port} -c ${DIRECT_DNS} -d chn
+ LOCAL_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
+ ln_run "$(first_type chinadns-ng)" chinadns-ng "/dev/null" -b 127.0.0.1 -l ${NEXT_DNS_LISTEN_PORT} -c ${DIRECT_DNS} -d chn
echolog " - ChinaDNS-NG(${LOCAL_DNS}) -> ${DIRECT_DNS}"
echolog " * 请确保上游直连 DNS 支持 DoT 查询。"
- dns_listen_port=$(expr $dns_listen_port + 1)
+ NEXT_DNS_LISTEN_PORT=$(expr $NEXT_DNS_LISTEN_PORT + 1)
}
local tmp_dot_ip=$(echo "$DIRECT_DNS" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p')
@@ -1407,30 +1409,31 @@ start_dns() {
# 排除127.0.0.1的条目
IPT_APPEND_DNS=$(echo "$IPT_APPEND_DNS" | awk -F',' '{for(i=1;i<=NF;i++) if($i !~ /^127\.0\.0\.1/) printf (i>1?",":"") $i; print ""}' | sed 's/^,\|,$//g')
- TUN_DNS="127.0.0.1#${dns_listen_port}"
- [ "${resolve_dns}" == "1" ] && TUN_DNS="127.0.0.1#${resolve_dns_port}"
+ TUN_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
+ [ -n "${NO_PLUGIN_DNS}" ] && TUN_DNS="127.0.0.1#${resolve_dns_port}"
case "$DNS_MODE" in
dns2socks)
local dns2socks_socks_server=$(echo $(config_t_get global socks_server 127.0.0.1:1080) | sed "s/#/:/g")
local dns2socks_forward=$(get_first_dns REMOTE_DNS 53 | sed 's/#/:/g')
- run_dns2socks socks=$dns2socks_socks_server listen_address=127.0.0.1 listen_port=${dns_listen_port} dns=$dns2socks_forward cache=$DNS_CACHE
+ run_dns2socks socks=$dns2socks_socks_server listen_address=127.0.0.1 listen_port=${NEXT_DNS_LISTEN_PORT} dns=$dns2socks_forward cache=$DNS_CACHE
echolog " - dns2socks(${TUN_DNS}),${dns2socks_socks_server} -> tcp://${dns2socks_forward}"
;;
sing-box)
- [ "${resolve_dns}" == "0" ] && {
+ [ -z "${NO_PLUGIN_DNS}" ] && {
local config_file=$TMP_PATH/DNS.json
local log_file=$TMP_PATH/DNS.log
local log_file=/dev/null
local _args="type=$DNS_MODE config_file=$config_file log_file=$log_file"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
+ _args="${_args} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY}"
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
[ -n "${_remote_dns_client_ip}" ] && _args="${_args} remote_dns_client_ip=${_remote_dns_client_ip}"
- use_tcp_node_resolve_dns=1
+ TCP_PROXY_DNS=1
local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp)
- _args="${_args} dns_listen_port=${dns_listen_port}"
+ _args="${_args} dns_listen_port=${NEXT_DNS_LISTEN_PORT}"
_args="${_args} remote_dns_protocol=${v2ray_dns_mode}"
case "$v2ray_dns_mode" in
tcp)
@@ -1453,18 +1456,19 @@ start_dns() {
}
;;
xray)
- [ "${resolve_dns}" == "0" ] && {
+ [ -z "${NO_PLUGIN_DNS}" ] && {
local config_file=$TMP_PATH/DNS.json
local log_file=$TMP_PATH/DNS.log
local log_file=/dev/null
local _args="type=$DNS_MODE config_file=$config_file log_file=$log_file"
[ "${DNS_CACHE}" == "0" ] && _args="${_args} dns_cache=0"
+ _args="${_args} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY}"
_args="${_args} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY}"
DNSMASQ_FILTER_PROXY_IPV6=0
local _remote_dns_client_ip=$(config_t_get global remote_dns_client_ip)
[ -n "${_remote_dns_client_ip}" ] && _args="${_args} remote_dns_client_ip=${_remote_dns_client_ip}"
- use_tcp_node_resolve_dns=1
- _args="${_args} dns_listen_port=${dns_listen_port}"
+ TCP_PROXY_DNS=1
+ _args="${_args} dns_listen_port=${NEXT_DNS_LISTEN_PORT}"
_args="${_args} remote_dns_tcp_server=${REMOTE_DNS}"
local v2ray_dns_mode=$(config_t_get global v2ray_dns_mode tcp)
if [ "$v2ray_dns_mode" = "tcp+doh" ]; then
@@ -1483,9 +1487,9 @@ start_dns() {
}
;;
dot)
- use_tcp_node_resolve_dns=1
+ TCP_PROXY_DNS=1
if [ "$chinadns_tls" != "nil" ]; then
- local china_ng_listen_port=${dns_listen_port}
+ local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT}
local china_ng_trust_dns=$(config_t_get global remote_dns_dot "tls://dns.google@8.8.4.4")
local tmp_dot_ip=$(echo "$china_ng_trust_dns" | sed -n 's/.*:\/\/\([^@#]*@\)*\([^@#]*\).*/\2/p')
local tmp_dot_port=$(echo "$china_ng_trust_dns" | sed -n 's/.*#\([0-9]\+\).*/\1/p')
@@ -1498,7 +1502,7 @@ start_dns() {
else
echolog " - 你的ChinaDNS-NG版本不支持DoT,远程DNS将默认使用tcp://1.1.1.1"
REMOTE_DNS="1.1.1.1"
- local china_ng_listen_port=${dns_listen_port}
+ local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT}
local china_ng_trust_dns="tcp://${REMOTE_DNS}"
[ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
@@ -1508,8 +1512,8 @@ start_dns() {
fi
;;
udp)
- use_udp_node_resolve_dns=1
- local china_ng_listen_port=${dns_listen_port}
+ UDP_PROXY_DNS=1
+ local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT}
local china_ng_trust_dns="udp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')"
if [ "$DNS_SHUNT" != "chinadns-ng" ] && [ "$FILTER_PROXY_IPV6" = "1" ]; then
DNSMASQ_FILTER_PROXY_IPV6=0
@@ -1522,8 +1526,8 @@ start_dns() {
fi
;;
tcp)
- use_tcp_node_resolve_dns=1
- local china_ng_listen_port=${dns_listen_port}
+ TCP_PROXY_DNS=1
+ local china_ng_listen_port=${NEXT_DNS_LISTEN_PORT}
local china_ng_trust_dns="tcp://$(get_first_dns REMOTE_DNS 53 | sed 's/:/#/g')"
[ "$DNS_SHUNT" != "chinadns-ng" ] && {
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0 && local no_ipv6_trust="-N"
@@ -1535,8 +1539,8 @@ start_dns() {
[ -n "${resolve_dns_log}" ] && echolog " - ${resolve_dns_log}"
- [ "${use_tcp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 TCP/DoT/DoH 查询,如非直连地址,确保 TCP 代理打开,并且已经正确转发!"
- [ "${use_udp_node_resolve_dns}" = "1" ] && echolog " * 请确认上游 DNS 支持 UDP 查询并已使用 UDP 节点,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!"
+ [ -n "${TCP_PROXY_DNS}" ] && echolog " * 请确认上游 DNS 支持 TCP/DoT/DoH 查询,如非直连地址,确保 TCP 代理打开,并且已经正确转发!"
+ [ -n "${UDP_PROXY_DNS}" ] && echolog " * 请确认上游 DNS 支持 UDP 查询并已使用 UDP 节点,如上游 DNS 非直连地址,确保 UDP 代理打开,并且已经正确转发!"
[ "${DNS_SHUNT}" = "smartdns" ] && {
if command -v smartdns > /dev/null 2>&1; then
@@ -1572,7 +1576,7 @@ start_dns() {
fi
[ "$FILTER_PROXY_IPV6" = "1" ] && DNSMASQ_FILTER_PROXY_IPV6=0
- [ -z "${china_ng_listen_port}" ] && local china_ng_listen_port=$(expr $dns_listen_port + 1)
+ [ -z "${china_ng_listen_port}" ] && local china_ng_listen_port=$(expr $NEXT_DNS_LISTEN_PORT + 1)
local china_ng_listen="127.0.0.1#${china_ng_listen_port}"
[ -z "${china_ng_trust_dns}" ] && local china_ng_trust_dns=${TUN_DNS}
@@ -1861,7 +1865,7 @@ acl_app() {
local dnsmasq_conf=${acl_path}/dnsmasq.conf
local dnsmasq_conf_path=${acl_path}/dnsmasq.d
lua $APP_PATH/helper_dnsmasq.lua add_rule -FLAG ${sid} -TMP_DNSMASQ_PATH ${dnsmasq_conf_path} -DNSMASQ_CONF_FILE ${dnsmasq_conf} \
- -LISTEN_PORT ${dnsmasq_port} -DEFAULT_DNS $DEFAULT_DNS -LOCAL_DNS $LOCAL_DNS \
+ -LISTEN_PORT ${dnsmasq_port} -DEFAULT_DNS ${DEFAULT_DNS} -LOCAL_DNS $LOCAL_DNS \
-USE_DIRECT_LIST "${use_direct_list}" -USE_PROXY_LIST "${use_proxy_list}" -USE_BLOCK_LIST "${use_block_list}" -USE_GFW_LIST "${use_gfw_list}" -CHN_LIST "${chn_list}" \
-TUN_DNS "127.0.0.1#${_dns_port}" -REMOTE_FAKEDNS 0 -USE_DEFAULT_DNS "${use_default_dns:-direct}" -CHINADNS_DNS ${_china_ng_listen:-0} \
-TCP_NODE $tcp_node -DEFAULT_PROXY_MODE ${tcp_proxy_mode} -NO_PROXY_IPV6 ${dnsmasq_filter_proxy_ipv6:-0} -NFTFLAG ${nftflag:-0} \
@@ -1990,6 +1994,10 @@ acl_app() {
}
start() {
+ mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ get_config
+ export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
+ export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
ulimit -n 65535
start_haproxy
start_socks
@@ -2060,14 +2068,12 @@ start() {
stop() {
clean_log
- [ -n "$($(source $APP_PATH/iptables.sh get_ipt_bin) -t mangle -t nat -L -nv 2>/dev/null | grep "PSW")" ] && source $APP_PATH/iptables.sh stop
- [ -n "$(nft list chains 2>/dev/null | grep "PSW")" ] && source $APP_PATH/nftables.sh stop
+ eval_cache_var
+ [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh stop
delete_ip2route
kill_all v2ray-plugin obfs-local
pgrep -f "sleep.*(6s|9s|58s)" | xargs kill -9 >/dev/null 2>&1
pgrep -af "${CONFIG}/" | awk '! /app\.sh|subscribe\.lua|rule_update\.lua|tasks\.sh|ujail/{print $1}' | xargs kill -9 >/dev/null 2>&1
- unset V2RAY_LOCATION_ASSET
- unset XRAY_LOCATION_ASSET
stop_crontab
source $APP_PATH/helper_smartdns.sh del
rm -rf $GLOBAL_DNSMASQ_CONF
@@ -2081,14 +2087,12 @@ stop() {
uci -q delete ${CONFIG}.@global[0].dnsmasq_dns_redirect
uci -q commit ${CONFIG}
}
- if [ -z "$(get_cache_var "ACL_default_dns_port")" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
+ if [ -z "${ACL_default_dns_port}" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
uci -q del_list dhcp.@dnsmasq[0].addnmount="${GLOBAL_DNSMASQ_CONF_PATH}"
uci -q commit dhcp
lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0
fi
- bak_bridge_nf_ipt=$(get_cache_var "bak_bridge_nf_ipt")
[ -n "${bak_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${bak_bridge_nf_ipt} >/dev/null 2>&1
- bak_bridge_nf_ip6t=$(get_cache_var "bak_bridge_nf_ip6t")
[ -n "${bak_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${bak_bridge_nf_ip6t} >/dev/null 2>&1
}
rm -rf $TMP_PATH
@@ -2097,97 +2101,97 @@ stop() {
exit 0
}
-ENABLED=$(config_t_get global enabled 0)
-SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
-TCP_REDIR_PORT=1041
-TCP_NODE=$(config_t_get global tcp_node)
-UDP_REDIR_PORT=1051
-UDP_NODE=$(config_t_get global udp_node)
-TCP_UDP=0
-if [ "$UDP_NODE" == "tcp" ]; then
- UDP_NODE=$TCP_NODE
- TCP_UDP=1
-elif [ "$UDP_NODE" == "$TCP_NODE" ]; then
- TCP_UDP=1
-fi
-[ "$ENABLED" == 1 ] && {
- [ -n "$TCP_NODE" ] && [ "$(config_get_type $TCP_NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
- [ -n "$UDP_NODE" ] && [ "$(config_get_type $UDP_NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
-}
-ENABLED_ACLS=$(config_t_get global acl_enable 0)
-[ "$ENABLED_ACLS" == 1 ] && {
- [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
-}
-
-tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
-PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
-TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '80,443')
-UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
-TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
-UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
-TCP_PROXY_DROP_PORTS=$(config_t_get global_forwarding tcp_proxy_drop_ports 'disable')
-UDP_PROXY_DROP_PORTS=$(config_t_get global_forwarding udp_proxy_drop_ports '80,443')
-USE_DIRECT_LIST=$(config_t_get global use_direct_list 1)
-USE_PROXY_LIST=$(config_t_get global use_proxy_list 1)
-USE_BLOCK_LIST=$(config_t_get global use_block_list 1)
-USE_GFW_LIST=$(config_t_get global use_gfw_list 1)
-CHN_LIST=$(config_t_get global chn_list direct)
-TCP_PROXY_MODE=$(config_t_get global tcp_proxy_mode proxy)
-UDP_PROXY_MODE=$(config_t_get global udp_proxy_mode proxy)
-[ "${TCP_PROXY_MODE}" != "disable" ] && TCP_PROXY_MODE="proxy"
-[ "${UDP_PROXY_MODE}" != "disable" ] && UDP_PROXY_MODE="proxy"
-LOCALHOST_PROXY=$(config_t_get global localhost_proxy 1)
-[ "${LOCALHOST_PROXY}" == 1 ] && {
- LOCALHOST_TCP_PROXY_MODE=$TCP_PROXY_MODE
- LOCALHOST_UDP_PROXY_MODE=$UDP_PROXY_MODE
-}
-CLIENT_PROXY=$(config_t_get global client_proxy 1)
-DNS_SHUNT=$(config_t_get global dns_shunt dnsmasq)
-[ -z "$(first_type $DNS_SHUNT)" ] && DNS_SHUNT="dnsmasq"
-DNS_MODE=$(config_t_get global dns_mode tcp)
-SMARTDNS_DNS_MODE=$(config_t_get global smartdns_dns_mode socks)
-[ "$DNS_SHUNT" = "smartdns" ] && DNS_MODE=$SMARTDNS_DNS_MODE
-DNS_CACHE=0
-REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
-USE_DEFAULT_DNS=$(config_t_get global use_default_dns direct)
-FILTER_PROXY_IPV6=$(config_t_get global filter_proxy_ipv6 0)
-DNS_REDIRECT=$(config_t_get global dns_redirect 1)
-dns_listen_port=${DNS_PORT}
-
-REDIRECT_LIST="socks ss ss-rust ssr sing-box xray trojan-plus naiveproxy hysteria2"
-TPROXY_LIST="socks ss ss-rust ssr sing-box xray trojan-plus hysteria2"
-RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
-[ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
-
-ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
-ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
-
-DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
-[ -z "${DEFAULT_DNS}" ] && [ "$(echo $ISP_DNS | tr ' ' '\n' | wc -l)" -le 2 ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
-LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}"
-IPT_APPEND_DNS=${LOCAL_DNS}
-
-DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
-DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
-if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
- DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
- if [ -n "$DNSMASQ_CONF_DIR" ]; then
- DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
- else
- DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+get_config() {
+ ENABLED_DEFAULT_ACL=0
+ TCP_REDIR_PORT=1041
+ UDP_REDIR_PORT=1051
+ ENABLED=$(config_t_get global enabled 0)
+ SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
+ TCP_NODE=$(config_t_get global tcp_node)
+ UDP_NODE=$(config_t_get global udp_node)
+ TCP_UDP=0
+ if [ "$UDP_NODE" == "tcp" ]; then
+ UDP_NODE=$TCP_NODE
+ TCP_UDP=1
+ elif [ "$UDP_NODE" == "$TCP_NODE" ]; then
+ TCP_UDP=1
fi
-fi
-GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
-GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d
+ [ "$ENABLED" == 1 ] && {
+ [ -n "$TCP_NODE" ] && [ "$(config_get_type $TCP_NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
+ [ -n "$UDP_NODE" ] && [ "$(config_get_type $UDP_NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
+ }
+ ENABLED_ACLS=$(config_t_get global acl_enable 0)
+ [ "$ENABLED_ACLS" == 1 ] && {
+ [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
+ }
-DIRECT_DNS_QUERY_STRATEGY="UseIP"
-REMOTE_DNS_QUERY_STRATEGY="UseIP"
-[ "$FILTER_PROXY_IPV6" = "1" ] && REMOTE_DNS_QUERY_STRATEGY="UseIPv4"
-DNSMASQ_FILTER_PROXY_IPV6=${FILTER_PROXY_IPV6}
+ TCP_PROXY_WAY=$(config_t_get global_forwarding tcp_proxy_way redirect)
+ PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
+ TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '80,443')
+ UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
+ TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
+ UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
+ TCP_PROXY_DROP_PORTS=$(config_t_get global_forwarding tcp_proxy_drop_ports 'disable')
+ UDP_PROXY_DROP_PORTS=$(config_t_get global_forwarding udp_proxy_drop_ports '80,443')
+ USE_DIRECT_LIST=$(config_t_get global use_direct_list 1)
+ USE_PROXY_LIST=$(config_t_get global use_proxy_list 1)
+ USE_BLOCK_LIST=$(config_t_get global use_block_list 1)
+ USE_GFW_LIST=$(config_t_get global use_gfw_list 1)
+ CHN_LIST=$(config_t_get global chn_list direct)
+ TCP_PROXY_MODE=$(config_t_get global tcp_proxy_mode proxy)
+ UDP_PROXY_MODE=$(config_t_get global udp_proxy_mode proxy)
+ [ "${TCP_PROXY_MODE}" != "disable" ] && TCP_PROXY_MODE="proxy"
+ [ "${UDP_PROXY_MODE}" != "disable" ] && UDP_PROXY_MODE="proxy"
+ LOCALHOST_PROXY=$(config_t_get global localhost_proxy 1)
+ [ "${LOCALHOST_PROXY}" == 1 ] && {
+ LOCALHOST_TCP_PROXY_MODE=$TCP_PROXY_MODE
+ LOCALHOST_UDP_PROXY_MODE=$UDP_PROXY_MODE
+ }
+ CLIENT_PROXY=$(config_t_get global client_proxy 1)
+ DNS_SHUNT=$(config_t_get global dns_shunt dnsmasq)
+ [ -z "$(first_type $DNS_SHUNT)" ] && DNS_SHUNT="dnsmasq"
+ DNS_MODE=$(config_t_get global dns_mode tcp)
+ [ "$DNS_SHUNT" = "smartdns" ] && DNS_MODE=$(config_t_get global smartdns_dns_mode socks)
+ REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
+ USE_DEFAULT_DNS=$(config_t_get global use_default_dns direct)
+ FILTER_PROXY_IPV6=$(config_t_get global filter_proxy_ipv6 0)
+ DNS_REDIRECT=$(config_t_get global dns_redirect 1)
-export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
-export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
-mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ REDIRECT_LIST="socks ss ss-rust ssr sing-box xray trojan-plus naiveproxy hysteria2"
+ TPROXY_LIST="socks ss ss-rust ssr sing-box xray trojan-plus hysteria2"
+
+ NEXT_DNS_LISTEN_PORT=15353
+ TUN_DNS="127.0.0.1#${NEXT_DNS_LISTEN_PORT}"
+ DNS_CACHE=0
+ DIRECT_DNS_QUERY_STRATEGY="UseIP"
+ REMOTE_DNS_QUERY_STRATEGY="UseIP"
+ [ "$FILTER_PROXY_IPV6" = "1" ] && REMOTE_DNS_QUERY_STRATEGY="UseIPv4"
+ DNSMASQ_FILTER_PROXY_IPV6=${FILTER_PROXY_IPV6}
+
+ RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
+ [ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
+
+ ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
+ ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
+
+ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
+ [ -z "${DEFAULT_DNS}" ] && [ "$(echo $ISP_DNS | tr ' ' '\n' | wc -l)" -le 2 ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
+ LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}"
+ IPT_APPEND_DNS=${LOCAL_DNS}
+
+ DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
+ DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
+ if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
+ DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
+ if [ -n "$DNSMASQ_CONF_DIR" ]; then
+ DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
+ else
+ DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+ fi
+ fi
+ set_cache_var GLOBAL_DNSMASQ_CONF ${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
+ set_cache_var GLOBAL_DNSMASQ_CONF_PATH ${GLOBAL_ACL_PATH}/dnsmasq.d
+}
arg1=$1
shift
@@ -2195,31 +2199,28 @@ case $arg1 in
add_ip2route)
add_ip2route $@
;;
-get_new_port)
- get_new_port $@
- ;;
-run_socks)
- run_socks $@
- ;;
-run_redir)
- run_redir $@
- ;;
-socks_node_switch)
- socks_node_switch $@
- ;;
echolog)
echolog $@
;;
+get_new_port)
+ get_new_port $@
+ ;;
get_cache_var)
get_cache_var $@
;;
set_cache_var)
set_cache_var $@
;;
-stop)
- stop
+run_socks)
+ run_socks $@
+ ;;
+socks_node_switch)
+ socks_node_switch $@
;;
start)
start
;;
+stop)
+ stop
+ ;;
esac
diff --git a/small/luci-app-passwall/root/usr/share/passwall/haproxy.lua b/small/luci-app-passwall/root/usr/share/passwall/haproxy.lua
index 7efaaeb78f..67366ae1f3 100644
--- a/small/luci-app-passwall/root/usr/share/passwall/haproxy.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/haproxy.lua
@@ -4,7 +4,7 @@ local api = require ("luci.passwall.api")
local appname = "passwall"
local fs = api.fs
local jsonc = api.jsonc
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local log = function(...)
diff --git a/small/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua b/small/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
index 981578adbd..061615370f 100644
--- a/small/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua
@@ -21,7 +21,7 @@ local NFTFLAG = var["-NFTFLAG"]
local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
local LOG_FILE = var["-LOG_FILE"]
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
diff --git a/small/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua b/small/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
index b168d73e11..165ed51fcd 100644
--- a/small/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua
@@ -1,6 +1,6 @@
local api = require "luci.passwall.api"
local appname = "passwall"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
@@ -25,7 +25,7 @@ local function backup_servers()
local DNSMASQ_DNS = uci:get("dhcp", "@dnsmasq[0]", "server")
if DNSMASQ_DNS and #DNSMASQ_DNS > 0 then
uci:set(appname, "@global[0]", "dnsmasq_servers", DNSMASQ_DNS)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
end
@@ -43,11 +43,11 @@ local function restore_servers()
tinsert(dns_table, v)
end
uci:delete(appname, "@global[0]", "dnsmasq_servers")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if dns_table and #dns_table > 0 then
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -76,7 +76,7 @@ function stretch()
end
end
uci:set("dhcp", "@dnsmasq[0]", "resolvfile", RESOLVFILE)
- uci:commit("dhcp")
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -102,8 +102,8 @@ function logic_restart(var)
tinsert(dns_table, v)
end
end
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1")
restore_servers()
diff --git a/small/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua b/small/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
index 16e1419d90..ed0fa0bfc8 100644
--- a/small/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/helper_smartdns_add.lua
@@ -28,7 +28,7 @@ local CACHE_FLAG = "smartdns_" .. FLAG
local CACHE_DNS_PATH = CACHE_PATH .. "/" .. CACHE_FLAG
local CACHE_DNS_FILE = CACHE_DNS_PATH .. ".conf"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
diff --git a/small/luci-app-passwall/root/usr/share/passwall/iptables.sh b/small/luci-app-passwall/root/usr/share/passwall/iptables.sh
index aed4b4bbbe..95616152c4 100755
--- a/small/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/small/luci-app-passwall/root/usr/share/passwall/iptables.sh
@@ -476,7 +476,7 @@ load_acl() {
[ "${udp_proxy_mode}" != "disable" ] && $ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") -j PSW_RULE
$ipt_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(REDIRECT $udp_port TPROXY)
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ "${use_proxy_list}" = "1" ] && $ip6t_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $black6_set_name) -j PSW_RULE 2>/dev/null
[ "${use_gfw_list}" = "1" ] && $ip6t_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $gfw6_set_name) -j PSW_RULE 2>/dev/null
[ "${chn_list}" != "0" ] && $ip6t_m -A PSW $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_CHN6) $(get_jump_ipt ${chn_list} "-j PSW_RULE") 2>/dev/null
@@ -653,7 +653,7 @@ load_acl() {
[ "${UDP_PROXY_MODE}" != "disable" ] && $ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW_RULE
$ipt_m -A PSW $(comment "默认") -p udp $(REDIRECT $UDP_REDIR_PORT TPROXY)
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ "${USE_PROXY_LIST}" = "1" ] && $ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACK6) -j PSW_RULE
[ "${USE_GFW_LIST}" = "1" ] && $ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_GFW6) -j PSW_RULE
[ "${CHN_LIST}" != "0" ] && $ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_CHN6) $(get_jump_ipt ${CHN_LIST} "-j PSW_RULE")
@@ -899,10 +899,9 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
fi
@@ -1128,7 +1127,7 @@ add_firewall_rule() {
echolog " - [$?]将上游 DNS 服务器 [${2}]:${3} 加入到路由器自身代理的 TCP 转发链,请确保您的节点支持IPv6,并开启IPv6透明代理!"
fi
}
- [ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_tcp_access 53
+ [ -n "${TCP_PROXY_DNS}" ] && hosts_foreach REMOTE_DNS _proxy_tcp_access 53
[ "$accept_icmp" = "1" ] && {
$ipt_n -A OUTPUT -p icmp -j PSW_OUTPUT
@@ -1202,8 +1201,7 @@ add_firewall_rule() {
echolog " - [$?]将上游 DNS 服务器 [${2}]:${3} 加入到路由器自身代理的 UDP 转发链,请确保您的节点支持IPv6,并开启IPv6透明代理!"
fi
}
- [ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
-
+ [ -n "${UDP_PROXY_DNS}" ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
[ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && {
$ipt_m -A PSW_OUTPUT -p udp -d $FAKE_IP -j PSW_RULE
[ "${USE_PROXY_LIST}" = "1" ] && $ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACK) -j PSW_RULE
@@ -1216,7 +1214,7 @@ add_firewall_rule() {
$ipt_m -A PSW $(comment "本机") -p udp -i lo -j RETURN
insert_rule_before "$ipt_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW) -p udp -j PSW_OUTPUT"
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ -n "$LOCALHOST_UDP_PROXY_MODE" ] && {
[ "${USE_PROXY_LIST}" = "1" ] && $ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACK6) -j PSW_RULE
[ "${USE_GFW_LIST}" = "1" ] && $ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_GFW6) -j PSW_RULE
diff --git a/small/luci-app-passwall/root/usr/share/passwall/nftables.sh b/small/luci-app-passwall/root/usr/share/passwall/nftables.sh
index c4a3ded471..6d6d32fa76 100755
--- a/small/luci-app-passwall/root/usr/share/passwall/nftables.sh
+++ b/small/luci-app-passwall/root/usr/share/passwall/nftables.sh
@@ -521,7 +521,7 @@ load_acl() {
[ "${udp_proxy_mode}" != "disable" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") counter jump PSW_RULE comment \"$remarks\""
nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp ${_ipt_source} $(REDIRECT $udp_port TPROXY4) comment \"$remarks\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ "${use_proxy_list}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") ip6 daddr @$black6_set_name counter jump PSW_RULE comment \"$remarks\"" 2>/dev/null
[ "${use_gfw_list}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") ip6 daddr @$gfw6_set_name counter jump PSW_RULE comment \"$remarks\"" 2>/dev/null
[ "${chn_list}" != "0" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") ip6 daddr @$NFTSET_CHN6 $(get_jump_ipt ${chn_list} "counter jump PSW_RULE") comment \"$remarks\"" 2>/dev/null
@@ -704,7 +704,7 @@ load_acl() {
nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"默认\""
nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp counter return comment \"默认\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ "${USE_PROXY_LIST}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr @$NFTSET_BLACK6 counter jump PSW_RULE comment \"默认\""
[ "${USE_GFW_LIST}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr @$NFTSET_GFW6 counter jump PSW_RULE comment \"默认\""
[ "${CHN_LIST}" != "0" ] && nft "add rule $NFTABLE_NAME PSW_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr @$NFTSET_CHN6 $(get_jump_ipt ${CHN_LIST} "counter jump PSW_RULE") comment \"默认\""
@@ -948,12 +948,11 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
nft_prerouting_chain="PSW_NAT"
nft_output_chain="PSW_OUTPUT_NAT"
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
nft_prerouting_chain="PSW_MANGLE"
nft_output_chain="PSW_OUTPUT_MANGLE"
@@ -1176,7 +1175,7 @@ add_firewall_rule() {
echolog " - [$?]将上游 DNS 服务器 [${2}]:${3} 加入到路由器自身代理的 TCP 转发链,请确保您的节点支持IPv6,并开启IPv6透明代理!"
fi
}
- [ "$use_tcp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_tcp_access 53
+ [ "$TCP_PROXY_DNS" == 1 ] && hosts_foreach REMOTE_DNS _proxy_tcp_access 53
[ "$accept_icmp" = "1" ] && {
nft "add rule $NFTABLE_NAME PSW_ICMP_REDIRECT oif lo ip protocol icmp ip daddr $FAKE_IP counter redirect"
@@ -1255,7 +1254,7 @@ add_firewall_rule() {
echolog " - [$?]将上游 DNS 服务器 [${2}]:${3} 加入到路由器自身代理的 UDP 转发链,请确保您的节点支持IPv6,并开启IPv6透明代理!"
fi
}
- [ "$use_udp_node_resolve_dns" == 1 ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
+ [ -n "${UDP_PROXY_DNS}" ] && hosts_foreach REMOTE_DNS _proxy_udp_access 53
[ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && {
nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE ip protocol udp ip daddr $FAKE_IP counter jump PSW_RULE"
[ "${USE_PROXY_LIST}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE ip protocol udp ip daddr @$NFTSET_BLACK $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW_RULE"
@@ -1268,7 +1267,7 @@ add_firewall_rule() {
nft "add rule $NFTABLE_NAME PSW_MANGLE ip protocol udp iif lo counter return comment \"本机\""
nft "add rule $NFTABLE_NAME mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
[ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && {
[ "${USE_PROXY_LIST}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE_V6 meta l4proto udp ip6 daddr @$NFTSET_BLACK6 $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW_RULE"
[ "${USE_GFW_LIST}" = "1" ] && nft "add rule $NFTABLE_NAME PSW_OUTPUT_MANGLE_V6 meta l4proto udp ip6 daddr @$NFTSET_GFW6 $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW_RULE"
diff --git a/small/luci-app-passwall/root/usr/share/passwall/rule_update.lua b/small/luci-app-passwall/root/usr/share/passwall/rule_update.lua
index e399a70e8c..f0ffc645e1 100755
--- a/small/luci-app-passwall/root/usr/share/passwall/rule_update.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/rule_update.lua
@@ -2,7 +2,7 @@
local api = require ("luci.passwall.api")
local name = api.appname
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local jsonc = api.jsonc
local fs = api.fs
@@ -469,7 +469,7 @@ uci:set(name, "@global_rules[0]", "chnroute6_update", chnroute6_update)
uci:set(name, "@global_rules[0]", "chnlist_update", chnlist_update)
uci:set(name, "@global_rules[0]", "geoip_update", geoip_update)
uci:set(name, "@global_rules[0]", "geosite_update", geosite_update)
-uci:commit(name)
+api.uci_save(uci, name, true)
if reboot == 1 then
if arg3 == "cron" then
diff --git a/small/luci-app-passwall/root/usr/share/passwall/subscribe.lua b/small/luci-app-passwall/root/usr/share/passwall/subscribe.lua
index 8f66cef704..696c18e78a 100755
--- a/small/luci-app-passwall/root/usr/share/passwall/subscribe.lua
+++ b/small/luci-app-passwall/root/usr/share/passwall/subscribe.lua
@@ -1312,7 +1312,7 @@ local function truncate_nodes(add_from)
end
end
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
local function select_node(nodes, config)
@@ -1464,7 +1464,7 @@ local function update_node(manual)
end
end
end
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
if next(CONFIG) then
local nodes = {}
@@ -1499,7 +1499,7 @@ local function update_node(manual)
end
]]--
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if arg[3] == "cron" then
diff --git a/small/luci-app-passwall2/Makefile b/small/luci-app-passwall2/Makefile
index a6d87a8dab..2ef577c367 100644
--- a/small/luci-app-passwall2/Makefile
+++ b/small/luci-app-passwall2/Makefile
@@ -1,4 +1,4 @@
-# Copyright (C) 2022-2023 xiaorouji
+# Copyright (C) 2022-2025 xiaorouji
#
# This is free software, licensed under the GNU General Public License v3.
diff --git a/small/luci-app-passwall2/luasrc/controller/passwall2.lua b/small/luci-app-passwall2/luasrc/controller/passwall2.lua
index 56b59097b1..7cd9e82521 100644
--- a/small/luci-app-passwall2/luasrc/controller/passwall2.lua
+++ b/small/luci-app-passwall2/luasrc/controller/passwall2.lua
@@ -1,9 +1,9 @@
--- Copyright (C) 2022-2023 xiaorouji
+-- Copyright (C) 2022-2025 xiaorouji
module("luci.controller.passwall2", package.seeall)
local api = require "luci.passwall2.api"
-local appname = api.appname -- not available
-local uci = api.libuci -- in funtion index()
+local appname = api.appname -- not available
+local uci = api.uci -- in funtion index()
local http = require "luci.http"
local util = require "luci.util"
local i18n = require "luci.i18n"
@@ -15,8 +15,8 @@ function index()
else return end
end
local api = require "luci.passwall2.api"
- local appname = "passwall2" -- global definitions not available
- local uci = api.libuci -- in function index()
+ local appname = api.appname -- global definitions not available
+ local uci = api.uci -- in function index()
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
entry({"admin", "services", appname, "show"}, call("show_menu")).leaf = true
@@ -99,7 +99,7 @@ end
function show_menu()
uci:delete(appname, "@global[0]", "hide_from_luci")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url())
@@ -107,7 +107,7 @@ end
function hide_menu()
uci:set(appname, "@global[0]", "hide_from_luci","1")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
@@ -124,6 +124,7 @@ function socks_autoswitch_add_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
@@ -135,8 +136,8 @@ function socks_autoswitch_add_node()
table.insert(new_list, e.id)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -145,14 +146,15 @@ function socks_autoswitch_remove_node()
local id = luci.http.formvalue("id")
local key = luci.http.formvalue("key")
if id and id ~= "" and key and key ~= "" then
+ uci:set(appname, id, "enable_autoswitch", "1")
local new_list = uci:get(appname, id, "autoswitch_backup_node") or {}
for i = #new_list, 1, -1 do
if (uci:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
- api.uci_set_list(uci, appname, id, "autoswitch_backup_node", new_list)
- uci:commit(appname)
+ uci:set_list(appname, id, "autoswitch_backup_node", new_list)
+ api.uci_save(uci, appname)
end
luci.http.redirect(api.url("socks_config", id))
end
@@ -292,7 +294,7 @@ function set_node()
local config = luci.http.formvalue("config")
local section = luci.http.formvalue("section")
uci:set(appname, type, config, section)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/passwall2 restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
@@ -300,7 +302,7 @@ end
function copy_node()
local section = luci.http.formvalue("section")
local uuid = api.gen_short_uuid()
- api.uci_section(uci, appname, "nodes", uuid)
+ uci:section(appname, "nodes", uuid)
for k, v in pairs(uci:get_all(appname, section)) do
local filter = k:find("%.")
if filter and filter == 1 then
@@ -314,7 +316,7 @@ function copy_node()
end
uci:delete(appname, uuid, "add_from")
uci:set(appname, uuid, "add_mode", 1)
- uci:commit(appname)
+ api.uci_save(uci, appname)
luci.http.redirect(api.url("node_config", uuid))
end
@@ -323,7 +325,7 @@ function clear_all_nodes()
uci:delete(appname, '@global[0]', "node")
uci:foreach(appname, "socks", function(t)
uci:delete(appname, t[".name"])
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", {})
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", {})
end)
uci:foreach(appname, "haproxy_config", function(t)
uci:delete(appname, t[".name"])
@@ -334,8 +336,7 @@ function clear_all_nodes()
uci:foreach(appname, "nodes", function(node)
uci:delete(appname, node['.name'])
end)
-
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " stop")
end
@@ -355,7 +356,7 @@ function delete_select_nodes()
table.remove(auto_switch_node_list, i)
end
end
- api.uci_set_list(uci, appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
+ uci:set_list(appname, t[".name"], "autoswitch_backup_node", auto_switch_node_list)
end)
uci:foreach(appname, "haproxy_config", function(t)
if t["lbss"] == w then
@@ -379,7 +380,7 @@ function delete_select_nodes()
end)
uci:delete(appname, w)
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
luci.sys.call("/etc/init.d/" .. appname .. " restart > /dev/null 2>&1 &")
end
diff --git a/small/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua b/small/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
index e5bc0ca9de..fa87ec0452 100644
--- a/small/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
+++ b/small/luci-app-passwall2/luasrc/model/cbi/passwall2/client/socks_config.lua
@@ -118,6 +118,8 @@ for k, v in pairs(nodes_table) do
socks_node:value(v.id, v["remark"])
end
-m:append(Template(appname .. "/socks_auto_switch/footer"))
+o = s:option(DummyValue, "btn", " ")
+o.template = appname .. "/socks_auto_switch/btn"
+o:depends("enable_autoswitch", true)
return m
diff --git a/small/luci-app-passwall2/luasrc/passwall2/api.lua b/small/luci-app-passwall2/luasrc/passwall2/api.lua
index 855194b41c..25a96da5e4 100644
--- a/small/luci-app-passwall2/luasrc/passwall2/api.lua
+++ b/small/luci-app-passwall2/luasrc/passwall2/api.lua
@@ -55,24 +55,48 @@ function uci_section(cursor, config, type, name, values)
return stat and name
end
+function uci_save(cursor, config, commit, apply)
+ if is_js_luci() then
+ commit = true
+ if commit then
+ if apply then
+ cursor:commit(config)
+ else
+ sh_uci_commit(config)
+ end
+ end
+ else
+ cursor:save(config)
+ if commit then
+ cursor:commit(config)
+ if apply then
+ sys.call("/etc/init.d/" .. config .. " reload > /dev/null 2>&1 &")
+ end
+ end
+ end
+end
+
function sh_uci_get(config, section, option)
exec_call(string.format("uci -q get %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
end
-function sh_uci_set(config, section, option, val)
+function sh_uci_set(config, section, option, val, commit)
exec_call(string.format("uci -q set %s.%s.%s=\"%s\"", config, section, option, val))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_del(config, section, option)
+function sh_uci_del(config, section, option, commit)
exec_call(string.format("uci -q delete %s.%s.%s", config, section, option))
- exec_call(string.format("uci -q commit %s", config))
+ if commit then sh_uci_commit(config) end
end
-function sh_uci_add_list(config, section, option, val)
+function sh_uci_add_list(config, section, option, val, commit)
exec_call(string.format("uci -q del_list %s.%s.%s=\"%s\"", config, section, option, val))
exec_call(string.format("uci -q add_list %s.%s.%s=\"%s\"", config, section, option, val))
+ if commit then sh_uci_commit(config) end
+end
+
+function sh_uci_commit(config)
exec_call(string.format("uci -q commit %s", config))
end
diff --git a/small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm b/small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
similarity index 63%
rename from small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm
rename to small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
index b4f629d412..f5bc740c13 100644
--- a/small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/footer.htm
+++ b/small/luci-app-passwall2/luasrc/view/passwall2/socks_auto_switch/btn.htm
@@ -19,5 +19,7 @@ local api = require "luci.passwall2.api"
}
//]]>
-" data-index="<%=self.index%>" data-depends="<%=pcdata(self:deplist2json(section))%>">
+
\ No newline at end of file
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/app.sh b/small/luci-app-passwall2/root/usr/share/passwall2/app.sh
index 905007dd17..e31fc1db00 100755
--- a/small/luci-app-passwall2/root/usr/share/passwall2/app.sh
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/app.sh
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (C) 2022-2023 xiaorouji
+# Copyright (C) 2022-2025 xiaorouji
. $IPKG_INSTROOT/lib/functions.sh
. $IPKG_INSTROOT/lib/functions/service.sh
@@ -16,13 +16,6 @@ GLOBAL_ACL_PATH=${TMP_ACL_PATH}/default
LOG_FILE=/tmp/log/$CONFIG.log
APP_PATH=/usr/share/$CONFIG
RULES_PATH=/usr/share/${CONFIG}/rules
-TUN_DNS_PORT=15353
-TUN_DNS="127.0.0.1#${TUN_DNS_PORT}"
-DEFAULT_DNS=
-ENABLED_DEFAULT_ACL=0
-ENABLED_ACLS=0
-PROXY_IPV6=0
-PROXY_IPV6_UDP=0
LUA_UTIL_PATH=/usr/lib/lua/luci/passwall2
UTIL_SINGBOX=$LUA_UTIL_PATH/util_sing-box.lua
UTIL_SS=$LUA_UTIL_PATH/util_shadowsocks.lua
@@ -30,8 +23,6 @@ UTIL_XRAY=$LUA_UTIL_PATH/util_xray.lua
UTIL_NAIVE=$LUA_UTIL_PATH/util_naiveproxy.lua
UTIL_HYSTERIA2=$LUA_UTIL_PATH/util_hysteria2.lua
UTIL_TUIC=$LUA_UTIL_PATH/util_tuic.lua
-V2RAY_ARGS=""
-V2RAY_CONFIG=""
echolog() {
local d="$(date "+%Y-%m-%d %H:%M:%S")"
@@ -218,7 +209,11 @@ check_depends() {
get_new_port() {
port=$1
- [ "$port" == "auto" ] && port=2082
+ [ "$port" == "auto" ] && {
+ port=2082
+ local GET_NEW_PORT=$(get_cache_var "get_new_port")
+ [ -n "${GET_NEW_PORT}" ] && port=${GET_NEW_PORT}
+ }
protocol=$(echo $2 | tr 'A-Z' 'a-z')
result=$(check_port_exists $port $protocol)
if [ "$result" != 0 ]; then
@@ -230,6 +225,7 @@ get_new_port() {
fi
get_new_port $temp $protocol
else
+ set_cache_var "get_new_port" "$port"
echo $port
fi
}
@@ -328,7 +324,11 @@ set_cache_var() {
local key="${1}"
shift 1
local val="$@"
- [ -n "${key}" ] && [ -n "${val}" ] && echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ [ -n "${key}" ] && [ -n "${val}" ] && {
+ sed -i "/${key}=/d" $TMP_PATH/var >/dev/null 2>&1
+ echo "${key}=\"${val}\"" >> $TMP_PATH/var
+ eval ${key}=\"${val}\"
+ }
}
get_cache_var() {
local key="${1}"
@@ -337,8 +337,12 @@ get_cache_var() {
}
}
+eval_cache_var() {
+ [ -s "$TMP_PATH/var" ] && eval $(cat "$TMP_PATH/var")
+}
+
run_xray() {
- local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local flag node redir_port tcp_proxy_way socks_address socks_port socks_username socks_password http_address http_port http_username http_password
local dns_listen_port direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache write_ipset_direct
local loglevel log_file config_file
local _extra_param=""
@@ -440,15 +444,18 @@ run_xray() {
_extra_param="${_extra_param} -remote_dns_udp_port ${dns_remote_listen_port} -remote_dns_udp_server 127.0.0.1 -remote_dns_query_strategy ${remote_dns_query_strategy}"
fi
}
+ [ -n "${redir_port}" ] && {
+ _extra_param="${_extra_param} -redir_port ${redir_port}"
+ set_cache_var "node_${node}_redir_port" "${redir_port}"
+ [ -n "${tcp_proxy_way}" ] && _extra_param="${_extra_param} -tcp_proxy_way ${tcp_proxy_way}"
+ }
- lua $UTIL_XRAY gen_config -node $node -redir_port $redir_port -tcp_proxy_way $tcp_proxy_way -loglevel $loglevel ${_extra_param} > $config_file
+ lua $UTIL_XRAY gen_config -node $node -loglevel $loglevel ${_extra_param} > $config_file
ln_run "$(first_type $(config_t_get global_app ${type}_file) ${type})" ${type} $log_file run -c "$config_file"
-
- [ -n "${redir_port}" ] && set_cache_var "node_${node}_redir_port" "${redir_port}"
}
run_singbox() {
- local flag node redir_port socks_address socks_port socks_username socks_password http_address http_port http_username http_password
+ local flag node redir_port tcp_proxy_way socks_address socks_port socks_username socks_password http_address http_port http_username http_password
local dns_listen_port direct_dns_query_strategy remote_dns_protocol remote_dns_udp_server remote_dns_tcp_server remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy dns_cache write_ipset_direct
local loglevel log_file config_file
local _extra_param=""
@@ -543,10 +550,14 @@ run_singbox() {
[ "$remote_fakedns" = "1" ] && _extra_param="${_extra_param} -remote_dns_fake 1"
}
- lua $UTIL_SINGBOX gen_config -node $node -redir_port $redir_port -tcp_proxy_way $tcp_proxy_way ${_extra_param} > $config_file
- ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "${log_file}" run -c "$config_file"
+ [ -n "${redir_port}" ] && {
+ _extra_param="${_extra_param} -redir_port ${redir_port}"
+ set_cache_var "node_${node}_redir_port" "${redir_port}"
+ [ -n "${tcp_proxy_way}" ] && _extra_param="${_extra_param} -tcp_proxy_way ${tcp_proxy_way}"
+ }
- [ -n "${redir_port}" ] && set_cache_var "node_${node}_redir_port" "${redir_port}"
+ lua $UTIL_SINGBOX gen_config -node $node ${_extra_param} > $config_file
+ ln_run "$(first_type $(config_t_get global_app singbox_file) sing-box)" "sing-box" "${log_file}" run -c "$config_file"
}
run_socks() {
@@ -714,9 +725,12 @@ run_global() {
if [ $PROXY_IPV6 == "1" ]; then
echolog "开启实验性IPv6透明代理(TProxy),请确认您的节点及类型支持IPv6!"
- PROXY_IPV6_UDP=1
fi
- V2RAY_ARGS="flag=global node=$NODE redir_port=$REDIR_PORT"
+
+ TUN_DNS_PORT=15353
+ TUN_DNS="127.0.0.1#${TUN_DNS_PORT}"
+
+ V2RAY_ARGS="flag=global node=$NODE redir_port=$REDIR_PORT tcp_proxy_way=${TCP_PROXY_WAY}"
V2RAY_ARGS="${V2RAY_ARGS} dns_listen_port=${TUN_DNS_PORT} direct_dns_query_strategy=${DIRECT_DNS_QUERY_STRATEGY} remote_dns_query_strategy=${REMOTE_DNS_QUERY_STRATEGY} dns_cache=${DNS_CACHE}"
local msg="${TUN_DNS} (直连DNS:${AUTO_DNS}"
@@ -774,7 +788,7 @@ run_global() {
run_func="run_singbox"
fi
- ${run_func} $V2RAY_ARGS
+ ${run_func} ${V2RAY_ARGS}
local RUN_NEW_DNSMASQ=1
RUN_NEW_DNSMASQ=${DNS_REDIRECT}
@@ -1202,7 +1216,7 @@ acl_app() {
elif [ "${type}" = "sing-box" ] && [ -n "${SINGBOX_BIN}" ]; then
run_func="run_singbox"
fi
- ${run_func} flag=acl_$sid node=$node redir_port=$redir_port socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} write_ipset_direct=${write_ipset_direct} config_file=${config_file}
+ ${run_func} flag=acl_$sid node=$node redir_port=$redir_port tcp_proxy_way=${TCP_PROXY_WAY} socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} write_ipset_direct=${write_ipset_direct} config_file=${config_file}
fi
dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1))
run_copy_dnsmasq flag="$sid" listen_port=$dnsmasq_port tun_dns="127.0.0.1#${dns_port}"
@@ -1222,10 +1236,13 @@ acl_app() {
start() {
pgrep -f /tmp/etc/passwall2/bin > /dev/null 2>&1 && {
- echolog "程序已启动,先停止再重新启动!"
+ #echolog "程序已启动,先停止再重新启动!"
stop
}
-
+ mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ get_config
+ export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
+ export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
ulimit -n 65535
start_haproxy
start_socks
@@ -1289,8 +1306,8 @@ start() {
stop() {
clean_log
- [ -n "$($(source $APP_PATH/iptables.sh get_ipt_bin) -t mangle -t nat -L -nv 2>/dev/null | grep "PSW2")" ] && source $APP_PATH/iptables.sh stop
- [ -n "$(nft list sets 2>/dev/null | grep "${CONFIG}_")" ] && source $APP_PATH/nftables.sh stop
+ eval_cache_var
+ [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh stop
delete_ip2route
kill_all v2ray-plugin obfs-local
pgrep -f "sleep.*(6s|9s|58s)" | xargs kill -9 >/dev/null 2>&1
@@ -1309,14 +1326,12 @@ stop() {
uci -q delete ${CONFIG}.@global[0].dnsmasq_dns_redirect
uci -q commit ${CONFIG}
}
- if [ -z "$(get_cache_var "ACL_default_dns_port")" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
+ if [ -z "${ACL_default_dns_port}" ] || [ -n "${bak_dnsmasq_dns_redirect}" ]; then
uci -q del_list dhcp.@dnsmasq[0].addnmount="${GLOBAL_DNSMASQ_CONF_PATH}"
uci -q commit dhcp
lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0
fi
- bak_bridge_nf_ipt=$(get_cache_var "bak_bridge_nf_ipt")
[ -n "${bak_bridge_nf_ipt}" ] && sysctl -w net.bridge.bridge-nf-call-iptables=${bak_bridge_nf_ipt} >/dev/null 2>&1
- bak_bridge_nf_ip6t=$(get_cache_var "bak_bridge_nf_ip6t")
[ -n "${bak_bridge_nf_ip6t}" ] && sysctl -w net.bridge.bridge-nf-call-ip6tables=${bak_bridge_nf_ip6t} >/dev/null 2>&1
}
rm -rf $TMP_PATH
@@ -1325,68 +1340,66 @@ stop() {
exit 0
}
-ENABLED=$(config_t_get global enabled 0)
-NODE=$(config_t_get global node)
-[ "$ENABLED" == 1 ] && {
- [ -n "$NODE" ] && [ "$(config_get_type $NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
-}
-ENABLED_ACLS=$(config_t_get global acl_enable 0)
-[ "$ENABLED_ACLS" == 1 ] && {
- [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
-}
-SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
-REDIR_PORT=$(echo $(get_new_port 1041 tcp,udp))
-tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
-TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
-UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
-TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443')
-UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
-TCP_PROXY_MODE="global"
-UDP_PROXY_MODE="global"
-LOCALHOST_PROXY=$(config_t_get global localhost_proxy '1')
-CLIENT_PROXY=$(config_t_get global client_proxy '1')
-DIRECT_DNS_QUERY_STRATEGY=$(config_t_get global direct_dns_query_strategy UseIP)
-REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
-REMOTE_DNS_DETOUR=$(config_t_get global remote_dns_detour remote)
-REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
-REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
-REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
-WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1)
-DNS_CACHE=$(config_t_get global dns_cache 1)
-DNS_REDIRECT=$(config_t_get global dns_redirect 1)
+get_config() {
+ ENABLED_DEFAULT_ACL=0
+ ENABLED=$(config_t_get global enabled 0)
+ NODE=$(config_t_get global node)
+ [ "$ENABLED" == 1 ] && {
+ [ -n "$NODE" ] && [ "$(config_get_type $NODE)" == "nodes" ] && ENABLED_DEFAULT_ACL=1
+ }
+ ENABLED_ACLS=$(config_t_get global acl_enable 0)
+ [ "$ENABLED_ACLS" == 1 ] && {
+ [ "$(uci show ${CONFIG} | grep "@acl_rule" | grep "enabled='1'" | wc -l)" == 0 ] && ENABLED_ACLS=0
+ }
+ SOCKS_ENABLED=$(config_t_get global socks_enabled 0)
+ REDIR_PORT=$(echo $(get_new_port 1041 tcp,udp))
+ TCP_PROXY_WAY=$(config_t_get global_forwarding tcp_proxy_way redirect)
+ TCP_NO_REDIR_PORTS=$(config_t_get global_forwarding tcp_no_redir_ports 'disable')
+ UDP_NO_REDIR_PORTS=$(config_t_get global_forwarding udp_no_redir_ports 'disable')
+ TCP_REDIR_PORTS=$(config_t_get global_forwarding tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443')
+ UDP_REDIR_PORTS=$(config_t_get global_forwarding udp_redir_ports '1:65535')
+ PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
+ TCP_PROXY_MODE="global"
+ UDP_PROXY_MODE="global"
+ LOCALHOST_PROXY=$(config_t_get global localhost_proxy '1')
+ CLIENT_PROXY=$(config_t_get global client_proxy '1')
+ DIRECT_DNS_QUERY_STRATEGY=$(config_t_get global direct_dns_query_strategy UseIP)
+ REMOTE_DNS_PROTOCOL=$(config_t_get global remote_dns_protocol tcp)
+ REMOTE_DNS_DETOUR=$(config_t_get global remote_dns_detour remote)
+ REMOTE_DNS=$(config_t_get global remote_dns 1.1.1.1:53 | sed 's/#/:/g' | sed -E 's/\:([^:]+)$/#\1/g')
+ REMOTE_FAKEDNS=$(config_t_get global remote_fakedns '0')
+ REMOTE_DNS_QUERY_STRATEGY=$(config_t_get global remote_dns_query_strategy UseIPv4)
+ WRITE_IPSET_DIRECT=$(config_t_get global write_ipset_direct 1)
+ DNS_CACHE=$(config_t_get global dns_cache 1)
+ DNS_REDIRECT=$(config_t_get global dns_redirect 1)
-RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
-[ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
+ RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
+ [ -f "${RESOLVFILE}" ] && [ -s "${RESOLVFILE}" ] || RESOLVFILE=/tmp/resolv.conf.auto
-ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
-ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
+ ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
+ ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
-DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}'| head -1)
-DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
-[ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
-AUTO_DNS=${DEFAULT_DNS:-119.29.29.29}
+ DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}'| head -1)
+ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
+ [ -z "${DEFAULT_DNS}" ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',' | sed 's/,$//')
+ AUTO_DNS=${DEFAULT_DNS:-119.29.29.29}
-DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
-DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
-if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
- DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
- if [ -n "$DNSMASQ_CONF_DIR" ]; then
- DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
- else
- DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+ DNSMASQ_CONF_DIR=/tmp/dnsmasq.d
+ DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
+ if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
+ DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
+ if [ -n "$DNSMASQ_CONF_DIR" ]; then
+ DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
+ else
+ DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+ fi
fi
-fi
-GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
-GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d
+ set_cache_var GLOBAL_DNSMASQ_CONF ${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf
+ set_cache_var GLOBAL_DNSMASQ_CONF_PATH ${GLOBAL_ACL_PATH}/dnsmasq.d
-PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0)
-
-XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray)
-SINGBOX_BIN=$(first_type $(config_t_get global_app singbox_file) sing-box)
-
-export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
-export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
-mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_PATH2
+ XRAY_BIN=$(first_type $(config_t_get global_app xray_file) xray)
+ SINGBOX_BIN=$(first_type $(config_t_get global_app singbox_file) sing-box)
+}
arg1=$1
shift
@@ -1394,28 +1407,28 @@ case $arg1 in
add_ip2route)
add_ip2route $@
;;
-get_new_port)
- get_new_port $@
- ;;
-run_socks)
- run_socks $@
- ;;
-socks_node_switch)
- socks_node_switch $@
- ;;
echolog)
echolog $@
;;
+get_new_port)
+ get_new_port $@
+ ;;
get_cache_var)
get_cache_var $@
;;
set_cache_var)
set_cache_var $@
;;
-stop)
- stop
+run_socks)
+ run_socks $@
+ ;;
+socks_node_switch)
+ socks_node_switch $@
;;
start)
start
;;
+stop)
+ stop
+ ;;
esac
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua b/small/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
index 8870c3f8c4..879c67b4de 100644
--- a/small/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua
@@ -1,6 +1,6 @@
local api = require "luci.passwall2.api"
local appname = "passwall2"
-local uci = api.libuci
+local uci = api.uci
local sys = api.sys
local fs = api.fs
local datatypes = api.datatypes
@@ -25,7 +25,7 @@ local function backup_servers()
local DNSMASQ_DNS = uci:get("dhcp", "@dnsmasq[0]", "server")
if DNSMASQ_DNS and #DNSMASQ_DNS > 0 then
uci:set(appname, "@global[0]", "dnsmasq_servers", DNSMASQ_DNS)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
end
@@ -43,11 +43,11 @@ local function restore_servers()
tinsert(dns_table, v)
end
uci:delete(appname, "@global[0]", "dnsmasq_servers")
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if dns_table and #dns_table > 0 then
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -76,7 +76,7 @@ function stretch()
end
end
uci:set("dhcp", "@dnsmasq[0]", "resolvfile", RESOLVFILE)
- uci:commit("dhcp")
+ api.uci_save(uci, "dhcp", true)
end
end
@@ -102,8 +102,8 @@ function logic_restart(var)
tinsert(dns_table, v)
end
end
- api.uci_set_list(uci, "dhcp", "@dnsmasq[0]", "server", dns_table)
- uci:commit("dhcp")
+ uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table)
+ api.uci_save(uci, "dhcp", true)
end
sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1")
restore_servers()
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/iptables.sh b/small/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
index 4f6039adb8..c6e5aa4584 100755
--- a/small/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/iptables.sh
@@ -204,47 +204,51 @@ gen_shunt_list() {
NODE_PROTOCOL=$(config_n_get $node protocol)
[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
[ "$USE_SHUNT_NODE" = "1" ] && {
- local default_node=$(config_n_get ${node} default_node _direct)
- local default_outbound="redirect"
- [ "$default_node" = "_direct" ] && default_outbound="direct"
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node=$(config_n_get ${node} "${shunt_id}")
- [ -n "$shunt_node" ] && {
- local ipset_v4="passwall2_${node}_${shunt_id}"
- local ipset_v6="passwall2_${node}_${shunt_id}6"
- ipset -! create $ipset_v4 nethash maxelem 1048576
- ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
- local outbound="redirect"
- [ "$shunt_node" = "_direct" ] && outbound="direct"
- [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
- _SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
- _SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
+ local enable_geoview=$(config_t_get global_rules enable_geoview 0)
+ [ -z "$(first_type geoview)" ] && enable_geoview=0
+ local preloading=0
+ preloading=$enable_geoview
+ [ "${preloading}" = "1" ] && {
+ local default_node=$(config_n_get ${node} default_node _direct)
+ local default_outbound="redirect"
+ [ "$default_node" = "_direct" ] && default_outbound="direct"
+ local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+ for shunt_id in $shunt_ids; do
+ local shunt_node=$(config_n_get ${node} "${shunt_id}")
+ [ -n "$shunt_node" ] && {
+ local ipset_v4="passwall2_${node}_${shunt_id}"
+ local ipset_v6="passwall2_${node}_${shunt_id}6"
+ ipset -! create $ipset_v4 nethash maxelem 1048576
+ ipset -! create $ipset_v6 nethash family inet6 maxelem 1048576
+ local outbound="redirect"
+ [ "$shunt_node" = "_direct" ] && outbound="direct"
+ [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+ _SHUNT_LIST4="${_SHUNT_LIST4} ${ipset_v4}:${outbound}"
+ _SHUNT_LIST6="${_SHUNT_LIST6} ${ipset_v6}:${outbound}"
- config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- [ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
- local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
- [ -n "$_geoip_code" ] && {
- if [ "$(config_n_get $node type)" = "sing-box" ]; then
- get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
- else
- if type geoview &> /dev/null; then
+ config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ [ "${enable_geoview}" = "1" ] && {
+ local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+ [ -n "$_geoip_code" ] && {
+ if [ "$(config_n_get $node type)" = "sing-box" ]; then
+ get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
+ else
get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $ipset_v4 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $ipset_v6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
fi
- fi
- echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
+ echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 IPSET 完成"
+ }
}
}
- }
- done
+ done
+ }
[ "${_write_ipset_direct}" = "1" ] && {
_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
}
- [ -n "$default_node" ] && {
+ [ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
local ipset_v4="passwall2_${node}_default"
local ipset_v6="passwall2_${node}_default6"
ipset -! create $ipset_v4 nethash maxelem 1048576
@@ -452,7 +456,7 @@ load_acl() {
$ipt_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") -j PSW2_RULE
$ipt_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(REDIRECT $redir_port TPROXY)
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} -d $FAKE_IP_6 -j PSW2_RULE 2>/dev/null
add_shunt_t_rule "${shunt_list6}" "$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport")" "-j PSW2_RULE" 2>/dev/null
$ip6t_m -A PSW2 $(comment "$remarks") -p udp ${_ipt_source} $(factor $udp_redir_ports "-m multiport --dport") -j PSW2_RULE 2>/dev/null
@@ -551,12 +555,12 @@ load_acl() {
$ipt_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ipt_m -A PSW2 $(comment "默认") -p udp $(REDIRECT $REDIR_PORT TPROXY)
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2 $(comment "默认") -p udp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2 $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "默认") -p udp $(REDIRECT $REDIR_PORT TPROXY)
- fi
+ }
echolog "${msg2}"
fi
@@ -696,10 +700,9 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
fi
@@ -884,14 +887,14 @@ add_firewall_rule() {
insert_rule_before "$ipt_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p tcp -j PSW2_OUTPUT"
}
- if [ "$PROXY_IPV6" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2_OUTPUT -p tcp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "本机") -p tcp -i lo $(REDIRECT $REDIR_PORT TPROXY)
$ip6t_m -A PSW2 $(comment "本机") -p tcp -i lo -j RETURN
insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p tcp -j PSW2_OUTPUT"
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
@@ -910,14 +913,14 @@ add_firewall_rule() {
$ipt_m -A PSW2 $(comment "本机") -p udp -i lo -j RETURN
insert_rule_before "$ipt_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p udp -j PSW2_OUTPUT"
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
$ip6t_m -A PSW2_OUTPUT -p udp -d $FAKE_IP_6 -j PSW2_RULE
add_shunt_t_rule "${SHUNT_LIST6}" "$ip6t_m -A PSW2_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport")" "-j PSW2_RULE"
$ip6t_m -A PSW2_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") -j PSW2_RULE
$ip6t_m -A PSW2 $(comment "本机") -p udp -i lo $(REDIRECT $REDIR_PORT TPROXY)
$ip6t_m -A PSW2 $(comment "本机") -p udp -i lo -j RETURN
insert_rule_before "$ip6t_m" "OUTPUT" "mwan3" "$(comment mangle-OUTPUT-PSW2) -p udp -j PSW2_OUTPUT"
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/small/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
index 1066ea6a65..64305bf568 100755
--- a/small/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/nftables.sh
@@ -258,46 +258,50 @@ gen_shunt_list() {
NODE_PROTOCOL=$(config_n_get $node protocol)
[ "$NODE_PROTOCOL" = "_shunt" ] && USE_SHUNT_NODE=1
[ "$USE_SHUNT_NODE" = "1" ] && {
- local default_node=$(config_n_get ${node} default_node _direct)
- local default_outbound="redirect"
- [ "$default_node" = "_direct" ] && default_outbound="direct"
- local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
- for shunt_id in $shunt_ids; do
- local shunt_node=$(config_n_get ${node} "${shunt_id}")
- [ -n "$shunt_node" ] && {
- local nftset_v4="passwall2_${node}_${shunt_id}"
- local nftset_v6="passwall2_${node}_${shunt_id}6"
- gen_nftset $nftset_v4 ipv4_addr 0 0
- gen_nftset $nftset_v6 ipv6_addr 0 0
- local outbound="redirect"
- [ "$shunt_node" = "_direct" ] && outbound="direct"
- [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
- _SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
- _SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
- insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
- insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
- [ "$(config_t_get global_rules enable_geoview)" = "1" ] && {
- local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
- [ -n "$_geoip_code" ] && {
- if [ "$(config_n_get $node type)" = "sing-box" ]; then
- insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
- insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
- else
- if type geoview &> /dev/null; then
+ local enable_geoview=$(config_t_get global_rules enable_geoview 0)
+ [ -z "$(first_type geoview)" ] && enable_geoview=0
+ local preloading=0
+ preloading=$enable_geoview
+ [ "${preloading}" = "1" ] && {
+ local default_node=$(config_n_get ${node} default_node _direct)
+ local default_outbound="redirect"
+ [ "$default_node" = "_direct" ] && default_outbound="direct"
+ local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
+ for shunt_id in $shunt_ids; do
+ local shunt_node=$(config_n_get ${node} "${shunt_id}")
+ [ -n "$shunt_node" ] && {
+ local nftset_v4="passwall2_${node}_${shunt_id}"
+ local nftset_v6="passwall2_${node}_${shunt_id}6"
+ gen_nftset $nftset_v4 ipv4_addr 0 0
+ gen_nftset $nftset_v6 ipv6_addr 0 0
+ local outbound="redirect"
+ [ "$shunt_node" = "_direct" ] && outbound="direct"
+ [ "$shunt_node" = "_default" ] && outbound="${default_outbound}"
+ _SHUNT_LIST4="${_SHUNT_LIST4} ${nftset_v4}:${outbound}"
+ _SHUNT_LIST6="${_SHUNT_LIST6} ${nftset_v6}:${outbound}"
+ insert_nftset $nftset_v4 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+ insert_nftset $nftset_v6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+ [ "${enable_geoview}" = "1" ] && {
+ local _geoip_code=$(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "^geoip:" | grep -v "^geoip:private" | sed -E 's/^geoip:(.*)/\1/' | sed ':a;N;$!ba;s/\n/,/g')
+ [ -n "$_geoip_code" ] && {
+ if [ "$(config_n_get $node type)" = "sing-box" ]; then
+ insert_nftset $nftset_v4 "0" $(get_singbox_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
+ insert_nftset $nftset_v6 "0" $(get_singbox_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
+ else
insert_nftset $nftset_v4 "0" $(get_geoip $_geoip_code ipv4 | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
insert_nftset $nftset_v6 "0" $(get_geoip $_geoip_code ipv6 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
fi
- fi
- echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
+ echolog " - [$?]解析分流规则[$shunt_id]-[geoip:${_geoip_code}]加入到 NFTSET 完成"
+ }
}
}
- }
- done
+ done
+ }
[ "${_write_ipset_direct}" = "1" ] && {
_SHUNT_LIST4="${_SHUNT_LIST4} ${_set_name4}:direct"
_SHUNT_LIST6="${_SHUNT_LIST6} ${_set_name6}:direct"
}
- [ -n "$default_node" ] && {
+ [ "${preloading}" = "1" ] && [ -n "$default_node" ] && {
local nftset_v4="passwall2_${node}_default"
local nftset_v6="passwall2_${node}_default6"
gen_nftset $nftset_v4 ipv4_addr 0 0
@@ -503,7 +507,7 @@ load_acl() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") counter jump PSW2_RULE comment \"$remarks\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp ${_ipt_source} $(REDIRECT $redir_port TPROXY4) comment \"$remarks\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} ip6 daddr $FAKE_IP_6 counter jump PSW2_RULE comment \"$remarks\""
add_shunt_t_rule "${shunt_list6}" "nft add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") ip6 daddr" "counter jump PSW2_RULE" "$remarks"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ${_ipt_source} $(factor $udp_redir_ports "udp dport") counter jump PSW2_RULE comment \"$remarks\"" 2>/dev/null
@@ -604,7 +608,7 @@ load_acl() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE comment \"默认\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp $(REDIRECT $REDIR_PORT TPROXY4) comment \"默认\""
- [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && {
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp ip6 daddr $FAKE_IP_6 jump PSW2_RULE comment \"默认\""
add_shunt_t_rule "${SHUNT_LIST6}" "nft add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr" "counter jump PSW2_RULE" "默认"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE comment \"默认\""
@@ -744,12 +748,11 @@ add_firewall_rule() {
accept_icmp=$(config_t_get global_forwarding accept_icmp 0)
accept_icmpv6=$(config_t_get global_forwarding accept_icmpv6 0)
- local tcp_proxy_way=$(config_t_get global_forwarding tcp_proxy_way redirect)
- if [ "$tcp_proxy_way" = "redirect" ]; then
+ if [ "${TCP_PROXY_WAY}" = "redirect" ]; then
unset is_tproxy
nft_prerouting_chain="PSW2_NAT"
nft_output_chain="PSW2_OUTPUT_NAT"
- elif [ "$tcp_proxy_way" = "tproxy" ]; then
+ elif [ "${TCP_PROXY_WAY}" = "tproxy" ]; then
is_tproxy="TPROXY"
nft_prerouting_chain="PSW2_MANGLE"
nft_output_chain="PSW2_OUTPUT_MANGLE"
@@ -964,13 +967,13 @@ add_firewall_rule() {
nft "add rule $NFTABLE_NAME PSW2_MANGLE ip protocol udp iif lo counter return comment \"本机\""
nft "add rule $NFTABLE_NAME mangle_output ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\""
- if [ "$PROXY_IPV6_UDP" == "1" ]; then
+ [ "$PROXY_IPV6" == "1" ] && {
nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp ip6 daddr $FAKE_IP_6 jump PSW2_RULE"
add_shunt_t_rule "${SHUNT_LIST6}" "nft add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") ip6 daddr" "counter jump PSW2_RULE"
nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta l4proto udp $(factor $UDP_REDIR_PORTS "udp dport") counter jump PSW2_RULE"
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp iif lo $(REDIRECT $REDIR_PORT TPROXY) comment \"本机\""
nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 meta l4proto udp iif lo counter return comment \"本机\""
- fi
+ }
[ -d "${TMP_IFACE_PATH}" ] && {
for iface in $(ls ${TMP_IFACE_PATH}); do
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua b/small/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
index b51c2181ea..f23283c476 100755
--- a/small/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/rule_update.lua
@@ -1,12 +1,12 @@
#!/usr/bin/lua
-require 'nixio'
-require 'luci.sys'
-local luci = luci
-local ucic = luci.model.uci.cursor()
-local jsonc = require "luci.jsonc"
-local name = 'passwall2'
local api = require "luci.passwall2.api"
+local name = api.appname
+local fs = api.fs
+local sys = api.sys
+local uci = api.uci
+local jsonc = api.jsonc
+
local arg1 = arg[1]
local arg2 = arg[2]
local arg3 = arg[3]
@@ -14,13 +14,13 @@ local arg3 = arg[3]
local reboot = 0
local geoip_update = 0
local geosite_update = 0
-local asset_location = ucic:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
+local asset_location = uci:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
-- Custom geo file
-local geoip_api = ucic:get_first(name, 'global_rules', "geoip_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
-local geosite_api = ucic:get_first(name, 'global_rules', "geosite_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
+local geoip_api = uci:get_first(name, 'global_rules', "geoip_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
+local geosite_api = uci:get_first(name, 'global_rules', "geosite_url", "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest")
--
-local use_nft = ucic:get(name, "@global_forwarding[0]", "use_nft") or "0"
+local use_nft = uci:get(name, "@global_forwarding[0]", "use_nft") or "0"
if arg3 == "cron" then
arg2 = nil
@@ -67,9 +67,9 @@ local function fetch_geoip()
f:write(content:gsub("geoip.dat", "/tmp/geoip.dat"), "")
f:close()
- if nixio.fs.access(asset_location .. "geoip.dat") then
- luci.sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
- if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+ if fs.access(asset_location .. "geoip.dat") then
+ sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
+ if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geoip 版本一致,无需更新。")
return 1
end
@@ -77,8 +77,8 @@ local function fetch_geoip()
for _2, v2 in ipairs(json.assets) do
if v2.name and v2.name == "geoip.dat" then
sret = curl(v2.browser_download_url, "/tmp/geoip.dat")
- if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
- luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
+ if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+ sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
reboot = 1
log("geoip 更新成功。")
return 1
@@ -118,9 +118,9 @@ local function fetch_geosite()
f:write(content:gsub("[^%s]+.dat", "/tmp/geosite.dat"), "")
f:close()
- if nixio.fs.access(asset_location .. "geosite.dat") then
- luci.sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
- if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+ if fs.access(asset_location .. "geosite.dat") then
+ sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
+ if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geosite 版本一致,无需更新。")
return 1
end
@@ -128,8 +128,8 @@ local function fetch_geosite()
for _2, v2 in ipairs(json.assets) do
if v2.name and (v2.name == "geosite.dat" or v2.name == "dlc.dat") then
sret = curl(v2.browser_download_url, "/tmp/geosite.dat")
- if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
- luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
+ if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+ sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
reboot = 1
log("geosite 更新成功。")
return 1
@@ -161,8 +161,8 @@ if arg2 then
end
end)
else
- geoip_update = ucic:get_first(name, 'global_rules', "geoip_update", 1)
- geosite_update = ucic:get_first(name, 'global_rules', "geosite_update", 1)
+ geoip_update = uci:get_first(name, 'global_rules', "geoip_update", 1)
+ geosite_update = uci:get_first(name, 'global_rules', "geosite_update", 1)
end
if geoip_update == 0 and geosite_update == 0 then
os.exit(0)
@@ -184,23 +184,22 @@ if tonumber(geosite_update) == 1 then
os.remove("/tmp/geosite.dat.sha256sum")
end
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geoip_update", geoip_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geosite_update", geosite_update)
-ucic:save(name)
-luci.sys.call("uci commit " .. name)
+uci:set(name, uci:get_first(name, 'global_rules'), "geoip_update", geoip_update)
+uci:set(name, uci:get_first(name, 'global_rules'), "geosite_update", geosite_update)
+api.uci_save(uci, name, true)
if reboot == 1 then
if arg3 == "cron" then
- if not nixio.fs.access("/var/lock/" .. name .. ".lock") then
- luci.sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
+ if not fs.access("/var/lock/" .. name .. ".lock") then
+ sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
end
end
log("重启服务,应用新的规则。")
if use_nft == "1" then
- luci.sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
+ sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
else
- luci.sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
+ sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
end
end
log("规则更新完毕...")
diff --git a/small/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua b/small/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
index 57d928caff..3aabb321eb 100755
--- a/small/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
+++ b/small/luci-app-passwall2/root/usr/share/passwall2/subscribe.lua
@@ -3,8 +3,6 @@
------------------------------------------------
-- @author William Chan
------------------------------------------------
-require 'nixio'
-require 'luci.model.uci'
require 'luci.util'
require 'luci.jsonc'
require 'luci.sys'
@@ -20,6 +18,7 @@ local split = api.split
local jsonParse, jsonStringify = luci.jsonc.parse, luci.jsonc.stringify
local base64Decode = api.base64Decode
local uci = api.libuci
+local fs = api.fs
uci:revert(appname)
local has_ss = api.is_finded("ss-redir")
@@ -1282,7 +1281,7 @@ local function truncate_nodes(add_from)
end
end
end)
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
local function select_node(nodes, config)
@@ -1434,7 +1433,7 @@ local function update_node(manual)
end
end
end
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
if next(CONFIG) then
local nodes = {}
@@ -1469,11 +1468,11 @@ local function update_node(manual)
end
]]--
- uci:commit(appname)
+ api.uci_save(uci, appname, true)
end
if arg[3] == "cron" then
- if not nixio.fs.access("/var/lock/" .. appname .. ".lock") then
+ if not fs.access("/var/lock/" .. appname .. ".lock") then
luci.sys.call("touch /tmp/lock/" .. appname .. "_cron.lock")
end
end
diff --git a/small/mihomo/Makefile b/small/mihomo/Makefile
index ecbfa6abb3..9723643f2b 100644
--- a/small/mihomo/Makefile
+++ b/small/mihomo/Makefile
@@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=mihomo
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/MetaCubeX/mihomo.git
diff --git a/small/mihomo/files/mihomo.init b/small/mihomo/files/mihomo.init
index 51494d81ab..e8fa3af9f1 100644
--- a/small/mihomo/files/mihomo.init
+++ b/small/mihomo/files/mihomo.init
@@ -350,11 +350,12 @@ service_started() {
config_get_bool router_proxy "proxy" "router_proxy" 0
config_get_bool lan_proxy "proxy" "lan_proxy" 0
### access control
- local access_control_mode bypass_china_mainland_ip proxy_tcp_dport proxy_udp_dport
+ local access_control_mode bypass_china_mainland_ip proxy_tcp_dport proxy_udp_dport bypass_dscp
config_get access_control_mode "proxy" "access_control_mode"
config_get_bool bypass_china_mainland_ip "proxy" "bypass_china_mainland_ip" 0
config_get proxy_tcp_dport "proxy" "proxy_tcp_dport" "0-65535"
config_get proxy_udp_dport "proxy" "proxy_udp_dport" "0-65535"
+ config_get bypass_dscp "proxy" "bypass_dscp"
# prepare
local tproxy_enable; tproxy_enable=0
if [[ "$tcp_transparent_proxy_mode" == "tproxy" || "$udp_transparent_proxy_mode" == "tproxy" ]]; then
@@ -477,6 +478,13 @@ service_started() {
for proxy_dport in $proxy_udp_dport; do
nft add element inet "$FW_TABLE" proxy_dport \{ "udp" . "$proxy_dport" \}
done
+ if [ -n "$bypass_dscp" ]; then
+ log "Transparent Proxy" "Bypass DSCP: $bypass_dscp."
+ local dscp
+ for dscp in $bypass_dscp; do
+ nft add element inet "$FW_TABLE" bypass_dscp \{ "$dscp" \}
+ done
+ fi
# router proxy
if [ "$router_proxy" == 1 ]; then
log "Transparent Proxy" "Set proxy for router."
diff --git a/small/mihomo/files/nftables/hijack.nft b/small/mihomo/files/nftables/hijack.nft
index 2cd85091eb..ab4388583c 100644
--- a/small/mihomo/files/nftables/hijack.nft
+++ b/small/mihomo/files/nftables/hijack.nft
@@ -16,6 +16,11 @@ table inet mihomo {
}
}
+ set bypass_dscp {
+ type dscp
+ flags interval
+ }
+
set dns_hijack_nfproto {
type nf_proto
flags interval
@@ -178,6 +183,8 @@ table inet mihomo {
ip6 daddr @china_ip6 counter return
meta nfproto ipv4 meta l4proto . th dport != @proxy_dport ip daddr != $FAKE_IP counter return
meta nfproto ipv6 meta l4proto . th dport != @proxy_dport counter return
+ meta l4proto { tcp, udp } ip dscp == @bypass_dscp counter return
+ meta l4proto { tcp, udp } ip6 dscp == @bypass_dscp counter return
}
chain nat_output {
@@ -192,6 +199,8 @@ table inet mihomo {
ip6 daddr @china_ip6 counter return
meta nfproto ipv4 meta l4proto . th dport != @proxy_dport ip daddr != $FAKE_IP counter return
meta nfproto ipv6 meta l4proto . th dport != @proxy_dport counter return
+ meta l4proto { tcp, udp } ip dscp == @bypass_dscp counter return
+ meta l4proto { tcp, udp } ip6 dscp == @bypass_dscp counter return
}
chain mangle_prerouting {
@@ -206,6 +215,8 @@ table inet mihomo {
ip6 daddr @china_ip6 counter return
meta nfproto ipv4 meta l4proto . th dport != @proxy_dport ip daddr != $FAKE_IP counter return
meta nfproto ipv6 meta l4proto . th dport != @proxy_dport counter return
+ meta l4proto { tcp, udp } ip dscp == @bypass_dscp counter return
+ meta l4proto { tcp, udp } ip6 dscp == @bypass_dscp counter return
meta l4proto udp th dport 53 counter return
}
@@ -221,6 +232,8 @@ table inet mihomo {
ip6 daddr @china_ip6 counter return
meta nfproto ipv4 meta l4proto . th dport != @proxy_dport ip daddr != $FAKE_IP counter return
meta nfproto ipv6 meta l4proto . th dport != @proxy_dport counter return
+ meta l4proto { tcp, udp } ip dscp == @bypass_dscp counter return
+ meta l4proto { tcp, udp } ip6 dscp == @bypass_dscp counter return
meta l4proto udp th dport 53 counter return
}
}
diff --git a/small/shadowsocks-rust/Makefile b/small/shadowsocks-rust/Makefile
index 320c2caba0..a3cd2407bf 100644
--- a/small/shadowsocks-rust/Makefile
+++ b/small/shadowsocks-rust/Makefile
@@ -6,7 +6,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=shadowsocks-rust
-PKG_VERSION:=1.21.2
+PKG_VERSION:=1.22.0
PKG_RELEASE:=1
PKG_SOURCE_HEADER:=shadowsocks-v$(PKG_VERSION)
@@ -21,23 +21,23 @@ endif
ifeq ($(ARCH),aarch64)
PKG_SOURCE:=$(PKG_SOURCE_HEADER).aarch64-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER)
- PKG_HASH:=19e11f39a1b1cd6f843d2d1b5e7759d557448bc82017ff87b9cfaeeff9814f8f
+ PKG_HASH:=4c20c76ff80e7671428068a1628b6269785fc0d22a127883ed82e2c79e6c332e
else ifeq ($(ARCH),arm)
# Referred to golang/golang-values.mk
ARM_CPU_FEATURES:=$(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE))))
ifeq ($(ARM_CPU_FEATURES),)
PKG_SOURCE:=$(PKG_SOURCE_HEADER).arm-$(PKG_SOURCE_BODY)eabi.$(PKG_SOURCE_FOOTER)
- PKG_HASH:=2873f227ad710cb206df1671d483f49207b7b0c1f234fe12bc470dde1930b555
+ PKG_HASH:=6724fcb42326b003e542fc2df6594dbd28259dc3df7644033844d6d7cba98b61
else
PKG_SOURCE:=$(PKG_SOURCE_HEADER).arm-$(PKG_SOURCE_BODY)eabihf.$(PKG_SOURCE_FOOTER)
- PKG_HASH:=fc775890cfe614dad7a7dcb4185b30088d4ea327235513ad59ca799e410d0327
+ PKG_HASH:=3af6c4e3e28b92957b869a6851296f882f906f30285cf9247ad59f163ce9d808
endif
else ifeq ($(ARCH),i386)
PKG_SOURCE:=$(PKG_SOURCE_HEADER).i686-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER)
- PKG_HASH:=5f8e8ca7923f44087a14e2146be7264a11f000a3822a32feb163236d9ea1e9ef
+ PKG_HASH:=01419d65ea1dcc41c103bc83601eda7dd7ce311f50097c826aa3262c539c3af3
else ifeq ($(ARCH),x86_64)
PKG_SOURCE:=$(PKG_SOURCE_HEADER).x86_64-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER)
- PKG_HASH:=53e6cc209ab9f925e5a59c9f43d75b8179551fc9e608846d7649b5e3aff22c16
+ PKG_HASH:=5e3f4a7c78ffeb612620c5cfd4a99a25d1eabffbe9e00ce5a92ee72e99d1310b
else ifeq ($(ARCH),mips)
PKG_SOURCE:=$(PKG_SOURCE_HEADER).mips-$(PKG_SOURCE_BODY).$(PKG_SOURCE_FOOTER)
PKG_HASH:=fa826d72de0c7713fe77570b56931f38e0bb575a370fd8de4e98b2bc29179e97
diff --git a/small/v2ray-geodata/Makefile b/small/v2ray-geodata/Makefile
index 7f4e019419..c2738cea8f 100644
--- a/small/v2ray-geodata/Makefile
+++ b/small/v2ray-geodata/Makefile
@@ -12,13 +12,13 @@ PKG_MAINTAINER:=Tianling Shen
include $(INCLUDE_DIR)/package.mk
-GEOIP_VER:=202412260052
+GEOIP_VER:=202501020052
GEOIP_FILE:=geoip.dat.$(GEOIP_VER)
define Download/geoip
URL:=https://github.com/v2fly/geoip/releases/download/$(GEOIP_VER)/
URL_FILE:=geoip.dat
FILE:=$(GEOIP_FILE)
- HASH:=139100814bdf9a6823b85783fdedce3a5e62d1432965b5c3f97541e117a7f83f
+ HASH:=dba9102d288936e3b9b6511c0d0b03e62865c130a2263cb4719ad80b7a9f69bf
endef
GEOSITE_VER:=20241221105938
diff --git a/v2rayn/v2rayN/ServiceLib/Common/SqliteHelper.cs b/v2rayn/v2rayN/ServiceLib/Common/SqliteHelper.cs
index 3fc84e6a09..3a8946bf95 100644
--- a/v2rayn/v2rayN/ServiceLib/Common/SqliteHelper.cs
+++ b/v2rayn/v2rayN/ServiceLib/Common/SqliteHelper.cs
@@ -73,5 +73,19 @@ namespace ServiceLib.Common
{
return _dbAsync.Table();
}
+
+ public async Task DisposeDbConnectionAsync()
+ {
+ await Task.Factory.StartNew(() =>
+ {
+ _db?.Close();
+ _db?.Dispose();
+ _db = null;
+
+ _dbAsync?.GetConnection()?.Close();
+ _dbAsync?.GetConnection()?.Dispose();
+ _dbAsync = null;
+ });
+ }
}
}
\ No newline at end of file
diff --git a/v2rayn/v2rayN/ServiceLib/Handler/CoreHandler.cs b/v2rayn/v2rayN/ServiceLib/Handler/CoreHandler.cs
index c8ff05dd51..0a212e0a1f 100644
--- a/v2rayn/v2rayN/ServiceLib/Handler/CoreHandler.cs
+++ b/v2rayn/v2rayN/ServiceLib/Handler/CoreHandler.cs
@@ -327,9 +327,10 @@ namespace ServiceLib.Handler
{
return null;
}
- try { proc?.Kill(true); } catch { }
- try { proc?.Close(); } catch { }
- try { proc?.Dispose(); } catch { }
+ try { proc?.Kill(true); } catch (Exception ex) { Logging.SaveLog(ex.Message, ex); }
+ try { proc?.Kill(); } catch (Exception ex) { Logging.SaveLog(ex.Message, ex); }
+ try { proc?.Close(); } catch (Exception ex) { Logging.SaveLog(ex.Message, ex); }
+ try { proc?.Dispose(); } catch (Exception ex) { Logging.SaveLog(ex.Message, ex); }
await Task.Delay(100);
return null;
diff --git a/v2rayn/v2rayN/ServiceLib/ViewModels/BackupAndRestoreViewModel.cs b/v2rayn/v2rayN/ServiceLib/ViewModels/BackupAndRestoreViewModel.cs
index 804d46ebc3..7723077059 100644
--- a/v2rayn/v2rayN/ServiceLib/ViewModels/BackupAndRestoreViewModel.cs
+++ b/v2rayn/v2rayN/ServiceLib/ViewModels/BackupAndRestoreViewModel.cs
@@ -141,7 +141,21 @@ namespace ServiceLib.ViewModels
var result = await CreateZipFileFromDirectory(fileBackup);
if (result)
{
- Locator.Current.GetService()?.UpgradeApp(fileName);
+ var service = Locator.Current.GetService();
+ await service?.MyAppExitAsync(true);
+ await SQLiteHelper.Instance.DisposeDbConnectionAsync();
+
+ var toPath = Utils.GetConfigPath();
+ FileManager.ZipExtractToFile(fileName, toPath, "");
+
+ if (Utils.IsWindows())
+ {
+ service?.RebootAsAdmin(false);
+ }
+ else
+ {
+ service?.Shutdown();
+ }
}
else
{
diff --git a/v2rayn/v2rayN/ServiceLib/ViewModels/MainWindowViewModel.cs b/v2rayn/v2rayN/ServiceLib/ViewModels/MainWindowViewModel.cs
index 4645200de7..cd1c2d13bd 100644
--- a/v2rayn/v2rayN/ServiceLib/ViewModels/MainWindowViewModel.cs
+++ b/v2rayn/v2rayN/ServiceLib/ViewModels/MainWindowViewModel.cs
@@ -343,6 +343,11 @@ namespace ServiceLib.ViewModels
_updateView?.Invoke(EViewAction.ShowHideWindow, blShow);
}
+ public void Shutdown()
+ {
+ _updateView?.Invoke(EViewAction.Shutdown, null);
+ }
+
#endregion Actions
#region Servers && Groups
@@ -509,7 +514,7 @@ namespace ServiceLib.ViewModels
}
}
- public async Task RebootAsAdmin()
+ public async Task RebootAsAdmin(bool blAdmin = true)
{
try
{
@@ -519,7 +524,7 @@ namespace ServiceLib.ViewModels
Arguments = Global.RebootAs,
WorkingDirectory = Utils.StartupPath(),
FileName = Utils.GetExePath().AppendQuotes(),
- Verb = "runas",
+ Verb = blAdmin ? "runas" : null,
};
Process.Start(startInfo);
await MyAppExitAsync(false);
diff --git a/v2rayn/v2rayN/v2rayN.Desktop/Views/CheckUpdateView.axaml b/v2rayn/v2rayN/v2rayN.Desktop/Views/CheckUpdateView.axaml
index 34916d2f00..f3c6c50e68 100644
--- a/v2rayn/v2rayN/v2rayN.Desktop/Views/CheckUpdateView.axaml
+++ b/v2rayn/v2rayN/v2rayN.Desktop/Views/CheckUpdateView.axaml
@@ -59,7 +59,7 @@
Grid.Column="0"
Margin="8"
HorizontalAlignment="Left"
- VerticalAlignment="Top"
+ VerticalAlignment="Center"
IsChecked="{Binding IsSelected}" />
جستجو
انتخاب همه
کلیدواژه ها را وارد کنید
- حالت Bypass
+ حالت دور زدن
انتخاب خودکار پروکسی برنامه
در حال دانلود محتوا
خروجی گرفتن در کلیپ بورد
@@ -136,7 +136,7 @@
تنظیمات پیشرفته
تنظیمات VPN
پروکسی به تفکیک برنامه
- عمومی: برنامه بررسی شده پروکسی است، اتصال مستقیم بدون بررسی است. \nحالت bypass: برنامه بررسی شده مستقیما متصل است، پراکسی بررسی نشده است. \nگزینهای برای انتخاب خودکار پروکسی برنامه در منو است.
+ عمومی: برنامه بررسی شده پروکسی است، اتصال مستقیم بدون بررسی است. \nحالت دور زدن: برنامه بررسی شده مستقیما متصل است، پراکسی بررسی نشده است. \nگزینهای برای انتخاب خودکار پروکسی برنامه در منو است.
اتصال خودکار هنگام راه اندازی
هنگام راه اندازی به طور خودکار به سرور انتخابی متصل می شود که ممکن است ناموفق باشد.
@@ -174,7 +174,7 @@
DNS
VPN DNS (فقط IPv4/v6)
- Does VPN bypass LAN
+ آیا VPN از LAN ؟عبور کند
DNS داخلی (اختیاری)
DNS
@@ -338,9 +338,9 @@
- - Follow config
- - Bypass
- - Not Bypass
+ - پیش فرض کانفیگ
+ - دور زده شود
+ - دور زده نشود
diff --git a/xray-core/infra/conf/freedom.go b/xray-core/infra/conf/freedom.go
index 693df1e3e8..15f1bcff69 100644
--- a/xray-core/infra/conf/freedom.go
+++ b/xray-core/infra/conf/freedom.go
@@ -2,6 +2,7 @@ package conf
import (
"encoding/base64"
+ "encoding/hex"
"net"
"strings"
@@ -152,8 +153,9 @@ func (c *FreedomConfig) Build() (proto.Message, error) {
func ParseNoise(noise *Noise) (*freedom.Noise, error) {
var err error
NConfig := new(freedom.Noise)
+ noise.Packet = strings.TrimSpace(noise.Packet)
- switch strings.ToLower(noise.Type) {
+ switch noise.Type {
case "rand":
min, max, err := ParseRangeString(noise.Packet)
if err != nil {
@@ -166,18 +168,25 @@ func ParseNoise(noise *Noise) (*freedom.Noise, error) {
}
case "str":
- //user input string
- NConfig.StrNoise = []byte(strings.TrimSpace(noise.Packet))
+ // user input string
+ NConfig.Packet = []byte(noise.Packet)
+
+ case "hex":
+ // user input hex
+ NConfig.Packet, err = hex.DecodeString(noise.Packet)
+ if err != nil {
+ return nil, errors.New("Invalid hex string").Base(err)
+ }
case "base64":
- //user input base64
- NConfig.StrNoise, err = base64.StdEncoding.DecodeString(strings.TrimSpace(noise.Packet))
+ // user input base64
+ NConfig.Packet, err = base64.RawURLEncoding.DecodeString(strings.NewReplacer("+", "-", "/", "_", "=", "").Replace(noise.Packet))
if err != nil {
- return nil, errors.New("Invalid base64 string")
+ return nil, errors.New("Invalid base64 string").Base(err)
}
default:
- return nil, errors.New("Invalid packet, only rand/str/base64 are supported")
+ return nil, errors.New("Invalid packet, only rand/str/hex/base64 are supported")
}
if noise.Delay != nil {
diff --git a/xray-core/proxy/freedom/config.pb.go b/xray-core/proxy/freedom/config.pb.go
index 03ce6a02b9..83bb15d6d2 100644
--- a/xray-core/proxy/freedom/config.pb.go
+++ b/xray-core/proxy/freedom/config.pb.go
@@ -233,7 +233,7 @@ type Noise struct {
LengthMax uint64 `protobuf:"varint,2,opt,name=length_max,json=lengthMax,proto3" json:"length_max,omitempty"`
DelayMin uint64 `protobuf:"varint,3,opt,name=delay_min,json=delayMin,proto3" json:"delay_min,omitempty"`
DelayMax uint64 `protobuf:"varint,4,opt,name=delay_max,json=delayMax,proto3" json:"delay_max,omitempty"`
- StrNoise []byte `protobuf:"bytes,5,opt,name=str_noise,json=strNoise,proto3" json:"str_noise,omitempty"`
+ Packet []byte `protobuf:"bytes,5,opt,name=packet,proto3" json:"packet,omitempty"`
}
func (x *Noise) Reset() {
@@ -294,9 +294,9 @@ func (x *Noise) GetDelayMax() uint64 {
return 0
}
-func (x *Noise) GetStrNoise() []byte {
+func (x *Noise) GetPacket() []byte {
if x != nil {
- return x.StrNoise
+ return x.Packet
}
return nil
}
@@ -412,7 +412,7 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{
0x6c, 0x5f, 0x6d, 0x69, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x69, 0x6e, 0x74,
0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x69, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x74, 0x65,
0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6d, 0x61, 0x78, 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b,
- 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0x9c, 0x01, 0x0a, 0x05,
+ 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0x97, 0x01, 0x0a, 0x05,
0x4e, 0x6f, 0x69, 0x73, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x5f,
0x6d, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x6c, 0x65, 0x6e, 0x67, 0x74,
0x68, 0x4d, 0x69, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x5f, 0x6d,
@@ -420,49 +420,49 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{
0x4d, 0x61, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x6d, 0x69, 0x6e,
0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x4d, 0x69, 0x6e,
0x12, 0x1b, 0x0a, 0x09, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x6d, 0x61, 0x78, 0x18, 0x04, 0x20,
- 0x01, 0x28, 0x04, 0x52, 0x08, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x4d, 0x61, 0x78, 0x12, 0x1b, 0x0a,
- 0x09, 0x73, 0x74, 0x72, 0x5f, 0x6e, 0x6f, 0x69, 0x73, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c,
- 0x52, 0x08, 0x73, 0x74, 0x72, 0x4e, 0x6f, 0x69, 0x73, 0x65, 0x22, 0x97, 0x04, 0x0a, 0x06, 0x43,
- 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x52, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f,
- 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29,
- 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65,
- 0x64, 0x6f, 0x6d, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69,
- 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69,
- 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x5a, 0x0a, 0x14, 0x64, 0x65, 0x73,
- 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64,
- 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70,
- 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x44, 0x65, 0x73,
+ 0x01, 0x28, 0x04, 0x52, 0x08, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x4d, 0x61, 0x78, 0x12, 0x16, 0x0a,
+ 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x70,
+ 0x61, 0x63, 0x6b, 0x65, 0x74, 0x22, 0x97, 0x04, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+ 0x12, 0x52, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74,
+ 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x78, 0x72, 0x61, 0x79,
+ 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x43,
+ 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61,
+ 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61,
+ 0x74, 0x65, 0x67, 0x79, 0x12, 0x5a, 0x0a, 0x14, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
+ 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01,
+ 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
+ 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
+ 0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x52, 0x13, 0x64, 0x65, 0x73,
0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65,
- 0x52, 0x13, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x76, 0x65,
- 0x72, 0x72, 0x69, 0x64, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6c, 0x65,
- 0x76, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, 0x4c,
- 0x65, 0x76, 0x65, 0x6c, 0x12, 0x38, 0x0a, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74,
- 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72,
- 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x46, 0x72, 0x61, 0x67,
- 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x25,
- 0x0a, 0x0e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
- 0x18, 0x06, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f,
- 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x31, 0x0a, 0x06, 0x6e, 0x6f, 0x69, 0x73, 0x65, 0x73, 0x18,
- 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f,
- 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x4e, 0x6f, 0x69, 0x73, 0x65,
- 0x52, 0x06, 0x6e, 0x6f, 0x69, 0x73, 0x65, 0x73, 0x22, 0xa9, 0x01, 0x0a, 0x0e, 0x44, 0x6f, 0x6d,
- 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x41,
- 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50,
- 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x02, 0x12,
- 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08,
- 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53,
- 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x05, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43,
- 0x45, 0x5f, 0x49, 0x50, 0x10, 0x06, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f,
- 0x49, 0x50, 0x34, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49,
- 0x50, 0x36, 0x10, 0x08, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50,
- 0x34, 0x36, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50,
- 0x36, 0x34, 0x10, 0x0a, 0x42, 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79,
- 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x50, 0x01,
- 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c,
- 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78,
- 0x79, 0x2f, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, 0x12, 0x58, 0x72, 0x61, 0x79,
- 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x62, 0x06,
- 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x04,
+ 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12,
+ 0x38, 0x0a, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66,
+ 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x52,
+ 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x72, 0x6f,
+ 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28,
+ 0x0d, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
+ 0x12, 0x31, 0x0a, 0x06, 0x6e, 0x6f, 0x69, 0x73, 0x65, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b,
+ 0x32, 0x19, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72,
+ 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x4e, 0x6f, 0x69, 0x73, 0x65, 0x52, 0x06, 0x6e, 0x6f, 0x69,
+ 0x73, 0x65, 0x73, 0x22, 0xa9, 0x01, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74,
+ 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10,
+ 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a,
+ 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53,
+ 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49,
+ 0x50, 0x34, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36,
+ 0x34, 0x10, 0x05, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10,
+ 0x06, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x07,
+ 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x08, 0x12,
+ 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x09, 0x12,
+ 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x0a, 0x42,
+ 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78,
+ 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x69, 0x74,
+ 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61,
+ 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x66, 0x72, 0x65,
+ 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, 0x12, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78,
+ 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+ 0x33,
}
var (
diff --git a/xray-core/proxy/freedom/config.proto b/xray-core/proxy/freedom/config.proto
index 5268598b9e..5d05ab9ee7 100644
--- a/xray-core/proxy/freedom/config.proto
+++ b/xray-core/proxy/freedom/config.proto
@@ -25,7 +25,7 @@ message Noise {
uint64 length_max = 2;
uint64 delay_min = 3;
uint64 delay_max = 4;
- bytes str_noise = 5;
+ bytes packet = 5;
}
message Config {
diff --git a/xray-core/proxy/freedom/freedom.go b/xray-core/proxy/freedom/freedom.go
index dcf012ae66..f1866915d8 100644
--- a/xray-core/proxy/freedom/freedom.go
+++ b/xray-core/proxy/freedom/freedom.go
@@ -407,8 +407,8 @@ func (w *NoisePacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
var err error
for _, n := range w.noises {
//User input string or base64 encoded string
- if n.StrNoise != nil {
- noise = n.StrNoise
+ if n.Packet != nil {
+ noise = n.Packet
} else {
//Random noise
noise, err = GenerateRandomBytes(randBetween(int64(n.LengthMin),