From 6ea14f4faa5606a6f68ada340b9833e942dfbd0f Mon Sep 17 00:00:00 2001 From: kenzok8 Date: Thu, 12 Dec 2024 09:41:32 +0800 Subject: [PATCH] update 2024-12-12 09:41:32 --- adguardhome/Makefile | 6 +- .../luasrc/passwall/util_xray.lua | 5 +- .../root/usr/share/passwall2/app.sh | 129 ++++++++++-------- 3 files changed, 79 insertions(+), 61 deletions(-) diff --git a/adguardhome/Makefile b/adguardhome/Makefile index adfeb24df..24846de1d 100644 --- a/adguardhome/Makefile +++ b/adguardhome/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adguardhome -PKG_VERSION:=0.107.54 +PKG_VERSION:=0.107.55 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/AdGuardHome/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=2700549a8bcec151ebc25ae80c77956dda995ac3a7866aee0a187ed0b4bc39d0 +PKG_HASH:=557bfd8bae53361ba453ba2703a47f1b23fcf0a2141a96c0802d283c183073b2 PKG_BUILD_DIR:=$(BUILD_DIR)/AdGuardHome-$(PKG_VERSION) PKG_LICENSE:=GPL-3.0-only @@ -58,7 +58,7 @@ define Download/adguardhome-frontend URL:=https://github.com/AdguardTeam/AdGuardHome/releases/download/v$(PKG_VERSION)/ URL_FILE:=AdGuardHome_frontend.tar.gz FILE:=$(FRONTEND_FILE) - HASH:=2fe20a76b877aeff3b88cb454274030a9d917d6d6d7f32e573e979bfd8bbe444 + HASH:=e50faeb054d7e978b105942be188311acf4ccd99495941a9ed683b7fc7f4596d endef define Build/Prepare diff --git a/luci-app-passwall/luasrc/passwall/util_xray.lua b/luci-app-passwall/luasrc/passwall/util_xray.lua index 05a9f1ddb..67e473325 100644 --- a/luci-app-passwall/luasrc/passwall/util_xray.lua +++ b/luci-app-passwall/luasrc/passwall/util_xray.lua @@ -186,8 +186,7 @@ function gen_outbound(flag, node, tag, proxy_table) } or nil, wsSettings = (node.transport == "ws") and { path = node.ws_path or "/", - headers = (node.ws_host ~= nil) and - {Host = node.ws_host} or nil, + host = node.ws_host or nil, maxEarlyData = tonumber(node.ws_maxEarlyData) or nil, earlyDataHeaderName = (node.ws_earlyDataHeaderName) and node.ws_earlyDataHeaderName or nil, heartbeatPeriod = tonumber(node.ws_heartbeatPeriod) or nil @@ -486,7 +485,7 @@ function gen_config_server(node) header = {type = node.mkcp_guise} } or nil, wsSettings = (node.transport == "ws") and { - headers = (node.ws_host) and {Host = node.ws_host} or nil, + host = node.ws_host or nil, path = node.ws_path } or nil, httpSettings = (node.transport == "h2") and { diff --git a/luci-app-passwall2/root/usr/share/passwall2/app.sh b/luci-app-passwall2/root/usr/share/passwall2/app.sh index b2834441a..991ee546d 100755 --- a/luci-app-passwall2/root/usr/share/passwall2/app.sh +++ b/luci-app-passwall2/root/usr/share/passwall2/app.sh @@ -730,30 +730,11 @@ run_global() { elif [ "${TYPE}" = "sing-box" ] && [ -n "${SINGBOX_BIN}" ]; then run_func="run_singbox" fi - + ${run_func} $V2RAY_ARGS GLOBAL_DNSMASQ_PORT=$(get_new_port 11400) - mkdir -p $TMP_ACL_PATH/default/dnsmasq.d - local GLOBAL_DNSMASQ_CONF=$TMP_ACL_PATH/default/dnsmasq.conf - [ -s "/tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID}" ] && { - cp -r /tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID} $GLOBAL_DNSMASQ_CONF - sed -i "/ubus/d" $GLOBAL_DNSMASQ_CONF - sed -i "/dhcp/d" $GLOBAL_DNSMASQ_CONF - sed -i "/port=/d" $GLOBAL_DNSMASQ_CONF - sed -i "/conf-dir/d" $GLOBAL_DNSMASQ_CONF - sed -i "/no-poll/d" $GLOBAL_DNSMASQ_CONF - sed -i "/no-resolv/d" $GLOBAL_DNSMASQ_CONF - } - cat <<-EOF >> $GLOBAL_DNSMASQ_CONF - port=${GLOBAL_DNSMASQ_PORT} - conf-dir=${TMP_ACL_PATH}/default/dnsmasq.d - server=${TUN_DNS} - no-poll - no-resolv - EOF - ln_run "$(first_type dnsmasq)" "dnsmasq_default" "/dev/null" -C $GLOBAL_DNSMASQ_CONF -x $TMP_ACL_PATH/default/dnsmasq.pid - echo "${GLOBAL_DNSMASQ_PORT}" > $TMP_ACL_PATH/default/var_redirect_dns_port + run_copy_dnsmasq flag="default" listen_port=$GLOBAL_DNSMASQ_PORT tun_dns="${TUN_DNS}" } start_socks() { @@ -957,27 +938,69 @@ run_ipset_dns_server() { fi } -run_ipset_dnsmasq() { - local listen_port server_dns ipset nftset cache_size dns_forward_max config_file +gen_dnsmasq_items() { + local dnss settype setnames outf ipsetoutf eval_set_val $@ - cat <<-EOF > $config_file + + awk -v dnss="${dnss}" -v settype="${settype}" -v setnames="${setnames}" -v outf="${outf}" -v ipsetoutf="${ipsetoutf}" ' + BEGIN { + if(outf == "") outf="/dev/stdout"; + if(ipsetoutf == "") ipsetoutf=outf; + split(dnss, dns, ","); setdns=length(dns)>0; setlist=length(setnames)>0; + if(setdns) for(i in dns) if(length(dns[i])==0) delete dns[i]; + fail=1; + } + ! /^$/&&!/^#/ { + fail=0 + if(setdns) for(i in dns) printf("server=/.%s/%s\n", $0, dns[i]) >>outf; + if(setlist) printf("%s=/.%s/%s\n", settype, $0, setnames) >>ipsetoutf; + } + END {fflush(outf); close(outf); fflush(ipsetoutf); close(ipsetoutf); exit(fail);} + ' +} + +run_copy_dnsmasq() { + local flag listen_port tun_dns + eval_set_val $@ + local dnsmasq_conf=$TMP_ACL_PATH/$flag/dnsmasq.conf + local dnsmasq_conf_path=$TMP_ACL_PATH/$flag/dnsmasq.d + mkdir -p $dnsmasq_conf_path + [ -s "/tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID}" ] && { + cp -r /tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID} $dnsmasq_conf + sed -i "/ubus/d" $dnsmasq_conf + sed -i "/dhcp/d" $dnsmasq_conf + sed -i "/port=/d" $dnsmasq_conf + sed -i "/conf-dir/d" $dnsmasq_conf + sed -i "/no-poll/d" $dnsmasq_conf + sed -i "/no-resolv/d" $dnsmasq_conf + } + local set_type="ipset" + [ "${nftflag}" = "1" ] && { + set_type="nftset" + local setflag_4="4#inet#passwall2#" + local setflag_6="6#inet#passwall2#" + } + cat <<-EOF >> $dnsmasq_conf port=${listen_port} + conf-dir=${dnsmasq_conf_path} + server=${tun_dns} no-poll no-resolv - cache-size=${cache_size:-0} - dns-forward-max=${dns_forward_max:-1000} EOF - for i in $(echo ${server_dns} | sed "s#,# #g"); do - echo "server=${i}" >> $config_file - done - [ -n "${ipset}" ] && echo "ipset=${ipset}" >> $config_file - [ -n "${nftset}" ] && echo "nftset=${nftset}" >> $config_file - ln_run "$(first_type dnsmasq)" "dnsmasq" "/dev/null" -C $config_file + node_servers=$(uci show "${CONFIG}" | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2) + hosts_foreach "node_servers" host_from_url | grep '[a-zA-Z]$' | sort -u | grep -v "engage.cloudflareclient.com" | gen_dnsmasq_items settype="${set_type}" setnames="${setflag_4}passwall2_vpslist,${setflag_6}passwall2_vpslist6" dnss="${LOCAL_DNS:-${AUTO_DNS}}" outf="${dnsmasq_conf_path}/10-vpslist_host.conf" ipsetoutf="${dnsmasq_conf_path}/ipset.conf" + ln_run "$(first_type dnsmasq)" "dnsmasq_${flag}" "/dev/null" -C $dnsmasq_conf -x $TMP_ACL_PATH/$flag/dnsmasq.pid + echo "${listen_port}" > $TMP_ACL_PATH/$flag/var_redirect_dns_port } run_ipset_chinadns_ng() { local listen_port server_dns ipset nftset config_file eval_set_val $@ + [ ! -s "$TMP_ACL_PATH/vpslist" ] && { + node_servers=$(uci show "${CONFIG}" | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2) + hosts_foreach "node_servers" host_from_url | grep '[a-zA-Z]$' | sort -u | grep -v "engage.cloudflareclient.com" > $TMP_ACL_PATH/vpslist + } + [ -n "${ipset}" ] && { set_names=$ipset vps_set_names="passwall2_vpslist,passwall2_vpslist6" @@ -1002,6 +1025,24 @@ run_ipset_chinadns_ng() { ln_run "$(first_type chinadns-ng)" "chinadns-ng" "/dev/null" -C $config_file -v } +run_ipset_dnsmasq() { + local listen_port server_dns ipset nftset cache_size dns_forward_max config_file + eval_set_val $@ + cat <<-EOF > $config_file + port=${listen_port} + no-poll + no-resolv + cache-size=${cache_size:-0} + dns-forward-max=${dns_forward_max:-1000} + EOF + for i in $(echo ${server_dns} | sed "s#,# #g"); do + echo "server=${i}" >> $config_file + done + [ -n "${ipset}" ] && echo "ipset=${ipset}" >> $config_file + [ -n "${nftset}" ] && echo "nftset=${nftset}" >> $config_file + ln_run "$(first_type dnsmasq)" "dnsmasq" "/dev/null" -C $config_file +} + kill_all() { kill -9 $(pidof "$@") >/dev/null 2>&1 } @@ -1089,23 +1130,7 @@ acl_app() { ${run_func} flag=acl_$sid node=$node redir_port=$redir_port socks_address=127.0.0.1 socks_port=$acl_socks_port dns_listen_port=${dns_port} direct_dns_query_strategy=${direct_dns_query_strategy} remote_dns_protocol=${remote_dns_protocol} remote_dns_tcp_server=${remote_dns} remote_dns_udp_server=${remote_dns} remote_dns_doh="${remote_dns}" remote_dns_client_ip=${remote_dns_client_ip} remote_dns_detour=${remote_dns_detour} remote_fakedns=${remote_fakedns} remote_dns_query_strategy=${remote_dns_query_strategy} write_ipset_direct=${write_ipset_direct} config_file=${config_file} fi dnsmasq_port=$(get_new_port $(expr $dnsmasq_port + 1)) - redirect_dns_port=$dnsmasq_port - mkdir -p $TMP_ACL_PATH/$sid/dnsmasq.d - [ -s "/tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID}" ] && { - cp -r /tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID} $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/ubus/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/dhcp/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/port=/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/conf-dir/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/no-poll/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - sed -i "/no-resolv/d" $TMP_ACL_PATH/$sid/dnsmasq.conf - } - echo "port=${dnsmasq_port}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf - echo "conf-dir=${TMP_ACL_PATH}/${sid}/dnsmasq.d" >> $TMP_ACL_PATH/$sid/dnsmasq.conf - echo "server=127.0.0.1#${dns_port}" >> $TMP_ACL_PATH/$sid/dnsmasq.conf - echo "no-poll" >> $TMP_ACL_PATH/$sid/dnsmasq.conf - echo "no-resolv" >> $TMP_ACL_PATH/$sid/dnsmasq.conf - ln_run "$(first_type dnsmasq)" "dnsmasq_${sid}" "/dev/null" -C $TMP_ACL_PATH/$sid/dnsmasq.conf -x $TMP_ACL_PATH/$sid/dnsmasq.pid + run_copy_dnsmasq flag="$sid" listen_port=$dnsmasq_port tun_dns="127.0.0.1#${dns_port}" eval node_${node}_$(echo -n "${tcp_proxy_mode}${remote_dns}" | md5sum | cut -d " " -f1)=${dnsmasq_port} filter_node $node TCP > /dev/null 2>&1 & filter_node $node UDP > /dev/null 2>&1 & @@ -1115,10 +1140,8 @@ acl_app() { fi echo "${redir_port}" > $TMP_ACL_PATH/$sid/var_port } - [ -n "$redirect_dns_port" ] && echo "${redirect_dns_port}" > $TMP_ACL_PATH/$sid/var_redirect_dns_port unset enabled sid remarks sources interface node direct_dns_query_strategy remote_dns_protocol remote_dns remote_dns_doh remote_dns_client_ip remote_dns_detour remote_fakedns remote_dns_query_strategy unset _ip _mac _iprange _ipset _ip_or_mac source_list config_file - unset redirect_dns_port done unset redir_port dns_port dnsmasq_port } @@ -1168,10 +1191,6 @@ start() { [ "$ENABLED_DEFAULT_ACL" == 1 ] && run_global [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh start if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then - [ -n "$(first_type chinadns-ng)" ] && { - node_servers=$(uci show "${CONFIG}" | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2) - hosts_foreach "node_servers" host_from_url | grep '[a-zA-Z]$' | sort -u | grep -v "engage.cloudflareclient.com" > $TMP_ACL_PATH/vpslist - } bridge_nf_ipt=$(sysctl -e -n net.bridge.bridge-nf-call-iptables) echo -n $bridge_nf_ipt > $TMP_PATH/bridge_nf_ipt sysctl -w net.bridge.bridge-nf-call-iptables=0 >/dev/null 2>&1