OpenWrt/kenzok8-package
1
0
Fork 0
mirror of https://github.com/kenzok8/small-package synced 2025-01-07 07:06:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

update 2023-10-01 21:16:14

Browse Source
This commit is contained in:
github-actions[bot] 2023-10-01 21:16:15 +08:00
parent 7494764306
commit c031f17bd0
9 changed files with 105 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
luci-app-xray/README.md
View File

@ -38,6 +38,7 @@ Then find `luci-app-xray` under `Extra Packages`.
* 2023-09-26 Version 3.0.0 merge master
* 2023-09-27 fix: sniffing inboundTag; fix: upstream_domain_names
* 2023-10-01 fix: default configuration
## Star History

2
luci-app-xray/core/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-xray
PKG_VERSION:=3.0.2
PKG_VERSION:=3.0.3
PKG_RELEASE:=1
PKG_LICENSE:=MPLv2

67
luci-app-xray/core/root/etc/config/xray_core
View File

@ -1,53 +1,26 @@
config general
option xray_bin '/usr/bin/xray'
option mark '255'
option tproxy_port_tcp '1080'
option tproxy_port_udp '1081'
option socks_port '1082'
option http_port '1083'
option transparent_proxy_enable '1'
option transparent_proxy_udp '1'
option xray_api '1'
list blocked_domain_rules 'geosite:category-ads'
list bypassed_domain_rules 'geosite:cn'
option dns_count '3'
option routing_domain_strategy 'AsIs'
list forwarded_domain_rules 'geosite:geolocation-!cn'
list geoip_direct_code_list 'cn'
list geoip_direct_code_list_v6 'cn'
list gids_direct '101'
list lan_ifaces 'br-lan'
list uids_direct '1'
list vless_xtls_alpn 'h2'
list vless_xtls_alpn 'http/1.1'
option dns_port '5300'
option secure_dns '8.8.8.8:53'
option handshake '4'
option conn_idle '300'
option uplink_only '2'
option downlink_only '5'
option metrics_server_enable '1'
option metrics_server_port '18888'
option stats '1'
option observatory '1'
option buffer_size '512'
option web_server_cert_file '/etc/luci-uploads/xray/fullchain.pem'
option web_server_key_file '/etc/luci-uploads/xray/privkey.pem'
list geoip_direct_code_list 'cn'
list uids_direct '1'
list gids_direct '101'
option fast_dns '223.5.5.5:53'
option default_dns '1.1.1.1:53'
option loglevel 'warning'
option transparent_default_port_policy 'forwarded'
option fw4_counter '1'
option blocked_as_nxdomain '1'
list lan_ifaces 'br-lan'
list wan_bp_tcp_ports '655'
list wan_bp_udp_ports '655'
option dynamic_direct '1'
option firewall_priority '10'
option tproxy_port_tcp_ff '1084'
option tproxy_port_udp_ff '1085'
option socks_port_ff '1086'
option http_port_ff '1087'
option tproxy_port_tcp_ms '1088'
option tproxy_port_udp_ms '1089'
option tproxy_port_tcp_v6 '1084'
option tproxy_port_udp_v6 '1085'
list geoip_direct_code_list_v6 'cn'
list forwarded_domain_rules 'geosite:geolocation-!cn'
list blocked_domain_rules 'geosite:category-ads'
option blocked_as_nxdomain '1'
option fw4_counter '1'
option loglevel 'warning'
option metrics_server_enable '1'
option observatory '1'
option routing_domain_strategy 'AsIs'
option stats '1'
option transparent_default_port_policy 'forwarded'
option transparent_proxy_enable '1'
option web_server_cert_file '/etc/luci-uploads/xray/fullchain.pem'
option web_server_key_file '/etc/luci-uploads/xray/privkey.pem'
option xray_api '1'
option xray_bin '/usr/bin/xray'

19
luci-app-xray/core/root/usr/share/xray/feature/dns.mjs
View File

@ -4,6 +4,9 @@ import { lsdir } from "fs";
import { balancer } from "./system.mjs";
import { fake_dns_domains } from "./fake_dns.mjs";
const fallback_fast_dns = "223.5.5.5:53";
const fallback_secure_dns = "8.8.8.8:53";
const fallback_default_dns = "1.1.1.1:53";
const share_dir = lsdir("/usr/share/xray");
const geosite_existence = index(share_dir, "geosite.dat") > 0;
@ -61,10 +64,10 @@ export function blocked_domain_rules(proxy) {
};
export function dns_server_inbounds(proxy) {
const default_dns = split_ipv4_host_port(proxy["default_dns"], 53);
let result = [];
const dns_port = int(proxy["dns_port"]);
const dns_count = int(proxy["dns_count"] || 0);
const dns_port = int(proxy["dns_port"] || 5300);
const dns_count = int(proxy["dns_count"] || 3);
const default_dns = split_ipv4_host_port(proxy["default_dns"] || fallback_default_dns, 53);
for (let i = dns_port; i <= dns_port + dns_count; i++) {
push(result, {
port: i,
@ -82,8 +85,8 @@ export function dns_server_inbounds(proxy) {
export function dns_server_tags(proxy) {
let result = [];
const dns_port = int(proxy["dns_port"]);
const dns_count = int(proxy["dns_count"] || 0);
const dns_port = int(proxy["dns_port"] || 5300);
const dns_count = int(proxy["dns_count"] || 3);
for (let i = dns_port; i <= dns_port + dns_count; i++) {
push(result, sprintf("dns_server_inbound:%d", i));
}
@ -106,8 +109,8 @@ export function dns_server_outbound() {
};
export function dns_conf(proxy, config, manual_tproxy, fakedns) {
const fast_dns_object = split_ipv4_host_port(proxy["fast_dns"], 53);
const default_dns_object = split_ipv4_host_port(proxy["default_dns"], 53);
const fast_dns_object = split_ipv4_host_port(proxy["fast_dns"] || fallback_fast_dns, 53);
const default_dns_object = split_ipv4_host_port(proxy["default_dns"] || fallback_default_dns, 53);
let servers = [
default_dns_object,
...fake_dns_domains(fakedns),
@ -120,7 +123,7 @@ export function dns_conf(proxy, config, manual_tproxy, fakedns) {
];
if (length(secure_domain_rules(proxy)) > 0) {
const secure_dns_object = split_ipv4_host_port(proxy["secure_dns"], 53);
const secure_dns_object = split_ipv4_host_port(proxy["secure_dns"] || fallback_secure_dns, 53);
push(servers, {
address: secure_dns_object["address"],
port: secure_dns_object["port"],

10
luci-app-xray/core/root/usr/share/xray/feature/system.mjs
View File

@ -36,11 +36,11 @@ export function policy(proxy) {
return {
levels: {
"0": {
handshake: proxy["handshake"] == null ? 4 : int(proxy["handshake"]),
connIdle: proxy["conn_idle"] == null ? 300 : int(proxy["conn_idle"]),
uplinkOnly: proxy["uplink_only"] == null ? 2 : int(proxy["uplink_only"]),
downlinkOnly: proxy["downlink_only"] == null ? 5 : int(proxy["downlink_only"]),
bufferSize: proxy["buffer_size"] == null ? 4 : int(proxy["buffer_size"]),
handshake: int(proxy["handshake"] || 4),
connIdle: int(proxy["conn_idle"] || 300),
uplinkOnly: int(proxy["uplink_only"] || 2),
downlinkOnly: int(proxy["downlink_only"] || 5),
bufferSize: int(proxy["buffer_size"] || 4),
statsUserUplink: stats,
statsUserDownlink: stats,
}

15
luci-app-xray/core/root/usr/share/xray/firewall_include.ut
View File

@ -6,6 +6,7 @@
const ignore_tp_spec_def_gw = stat("/usr/share/xray/ignore_tp_spec_def_gw");
const config = load_config();
const general = config[filter(keys(config), k => config[k][".type"] == "general")[0]];
const general_mark = general.mark || 255;
const tcp4_enabled = length(general.tcp_balancer_v4 || []) > 0;
const udp4_enabled = length(general.udp_balancer_v4 || []) > 0;
const tcp6_enabled = length(general.tcp_balancer_v6 || []) > 0;
@ -14,8 +15,8 @@
const gids_direct = uniq(general.gids_direct || []);
let wan_bp_ips_no_dns = general.wan_bp_ips || [];
let wan_fw_ips_no_dns = general.wan_fw_ips || [];
push(wan_bp_ips_no_dns, split(general.fast_dns, ":")[0]);
push(wan_fw_ips_no_dns, split(general.secure_dns, ":")[0]);
push(wan_bp_ips_no_dns, split(general.fast_dns || "223.5.5.5:53", ":")[0]);
push(wan_fw_ips_no_dns, split(general.secure_dns || "8.8.8.8:53", ":")[0]);
const wan_bp_ips_v4 = filter(uniq(wan_bp_ips_no_dns), v => index(v, ":") == -1);
const wan_bp_ips_v6 = filter(uniq(wan_bp_ips_no_dns), v => index(v, ":") != -1);
const wan_fw_ips_v4 = filter(uniq(wan_fw_ips_no_dns), v => index(v, ":") == -1);
@ -324,22 +325,22 @@
{% if (tcp4_enabled): %}
ip protocol tcp {{ counter }} tproxy ip to :{{ general.tproxy_port_tcp_v4 || 1082 }} accept
{% else %}
ip protocol tcp {{ counter }} meta mark set {{ sprintf("0x%08x", general.mark) }} accept
ip protocol tcp {{ counter }} meta mark set {{ sprintf("0x%08x", general_mark) }} accept
{% endif %}
{% if (udp4_enabled): %}
ip protocol udp {{ counter }} tproxy ip to :{{ general.tproxy_port_udp_v4 || 1084 }} accept
{% else %}
ip protocol udp {{ counter }} meta mark set {{ sprintf("0x%08x", general.mark) }} accept
ip protocol udp {{ counter }} meta mark set {{ sprintf("0x%08x", general_mark) }} accept
{% endif %}
{% if (tcp6_enabled): %}
ip6 nexthdr tcp {{ counter }} tproxy ip6 to :{{ general.tproxy_port_tcp_v6 || 1083 }} accept
{% else %}
ip6 nexthdr tcp {{ counter }} meta mark set {{ sprintf("0x%08x", general.mark) }} accept
ip6 nexthdr tcp {{ counter }} meta mark set {{ sprintf("0x%08x", general_mark) }} accept
{% endif %}
{% if (udp6_enabled): %}
ip6 nexthdr udp {{ counter }} tproxy ip6 to :{{ general.tproxy_port_udp_v6 || 1085 }} accept
{% else %}
ip6 nexthdr udp {{ counter }} meta mark set {{ sprintf("0x%08x", general.mark) }} accept
ip6 nexthdr udp {{ counter }} meta mark set {{ sprintf("0x%08x", general_mark) }} accept
{% endif %}
{{ counter }} accept
}
@ -403,7 +404,7 @@
ip6 nexthdr udp mark 0x000000fc {{ counter }} {{ dynamic_direct_udp6 }} accept comment "Xray direct outbound UDP6"
meta mark 0x000000fd {{ counter }} accept comment "Xray transparent proxy outbound"
meta mark 0x000000fe {{ counter }} accept comment "Xray non-IP DNS query outbound"
meta mark {{ sprintf("0x%08x", general.mark) }} {{ counter }} accept comment "Xray specified mark {{ general.mark }} outbound"
meta mark {{ sprintf("0x%08x", general_mark) }} {{ counter }} accept comment "Xray specified mark {{ general_mark }} outbound"
{{ counter }} goto tp_spec_lan_ac
}

74
luci-app-xray/core/root/www/luci-static/resources/view/xray/core.js
View File

@ -627,29 +627,35 @@ return view.extend({
s.tab('proxy', _('Proxy Settings'));
o = s.taboption('proxy', form.Value, 'tproxy_port_tcp_v4', _('Transparent proxy port (TCP4)'));
o.datatype = 'port';
o.default = 1082;
o = s.taboption('proxy', form.Value, 'tproxy_port_udp_v4', _('Transparent proxy port (UDP4)'));
o.datatype = 'port';
o.default = 1084;
o = s.taboption('proxy', form.Value, 'tproxy_port_tcp_v6', _('Transparent proxy port (TCP6)'));
o.datatype = 'port';
o.default = 1083;
o = s.taboption('proxy', form.Value, 'tproxy_port_udp_v6', _('Transparent proxy port (UDP6)'));
o.datatype = 'port';
o.default = 1085;
o = s.taboption('proxy', form.Value, 'socks_port', _('Socks5 proxy port'));
o.datatype = 'port';
o.default = 1080;
o.placeholder = 1080;
o.rmempty = true;
o = s.taboption('proxy', form.Value, 'http_port', _('HTTP proxy port'));
o.datatype = 'port';
o.default = 1081;
o.placeholder = 1081;
o.rmempty = true;
o = s.taboption('proxy', form.Value, 'tproxy_port_tcp_v4', _('Transparent proxy port (TCP4)'));
o.datatype = 'port';
o.placeholder = 1082;
o.rmempty = true;
o = s.taboption('proxy', form.Value, 'tproxy_port_tcp_v6', _('Transparent proxy port (TCP6)'));
o.datatype = 'port';
o.placeholder = 1083;
o.rmempty = true;
o = s.taboption('proxy', form.Value, 'tproxy_port_udp_v4', _('Transparent proxy port (UDP4)'));
o.datatype = 'port';
o.placeholder = 1084;
o.rmempty = true;
o = s.taboption('proxy', form.Value, 'tproxy_port_udp_v6', _('Transparent proxy port (UDP6)'));
o.datatype = 'port';
o.placeholder = 1085;
o.rmempty = true;
o = s.taboption('proxy', form.DynamicList, 'uids_direct', _('Bypass tproxy for uids'), _("Processes started by users with these uids won't be forwarded through Xray."));
o.datatype = "integer";
@ -659,7 +665,8 @@ return view.extend({
o = s.taboption('proxy', form.Value, 'firewall_priority', _('Priority for firewall rules'), _('See firewall status page for rules Xray used and <a href="https://wiki.nftables.org/wiki-nftables/index.php/Netfilter_hooks#Priority_within_hook">Netfilter Internal Priority</a> for reference.'));
o.datatype = 'range(-49, 49)';
o.default = 10;
o.placeholder = 10;
o.rmempty = true;
o = s.taboption('proxy', widgets.DeviceSelect, 'lan_ifaces', _("Interfaces for tproxy"), _("Enable transparent proxy on these interfaces."));
o.noaliases = true;
@ -671,7 +678,8 @@ return view.extend({
o = s.taboption('dns', form.Value, 'fast_dns', _('Fast DNS'), _("DNS for resolving outbound domains and following bypassed domains"));
o.datatype = 'or(ip4addr, ip4addrport)';
o.placeholder = "223.5.5.5";
o.placeholder = "223.5.5.5:53";
o.rmempty = true;
if (geosite_existence) {
o = s.taboption('dns', form.DynamicList, "bypassed_domain_rules", _('Bypassed domain rules'), _('Specify rules like <code>geosite:cn</code> or <code>domain:bilibili.com</code>. See <a href="https://xtls.github.io/config/dns.html#dnsobject">documentation</a> for details.'));
@ -682,7 +690,8 @@ return view.extend({
o = s.taboption('dns', form.Value, 'secure_dns', _('Secure DNS'), _("DNS for resolving known polluted domains (specify forwarded domain rules here)"));
o.datatype = 'or(ip4addr, ip4addrport)';
o.placeholder = "1.1.1.1";
o.placeholder = "8.8.8.8:53";
o.rmempty = true;
if (geosite_existence) {
o = s.taboption('dns', form.DynamicList, "forwarded_domain_rules", _('Forwarded domain rules'), _('Specify rules like <code>geosite:geolocation-!cn</code> or <code>domain:youtube.com</code>. See <a href="https://xtls.github.io/config/dns.html#dnsobject">documentation</a> for details.'));
@ -693,7 +702,8 @@ return view.extend({
o = s.taboption('dns', form.Value, 'default_dns', _('Default DNS'), _("DNS for resolving other sites (not in the rules above) and DNS records other than A or AAAA (TXT and MX for example)"));
o.datatype = 'or(ip4addr, ip4addrport)';
o.placeholder = "8.8.8.8";
o.placeholder = "1.1.1.1:53";
o.rmempty = true;
if (geosite_existence) {
o = s.taboption('dns', form.DynamicList, "blocked_domain_rules", _('Blocked domain rules'), _('Specify rules like <code>geosite:category-ads</code> or <code>domain:baidu.com</code>. See <a href="https://xtls.github.io/config/dns.html#dnsobject">documentation</a> for details.'));
@ -707,11 +717,13 @@ return view.extend({
o = s.taboption('dns', form.Value, 'dns_port', _('Xray DNS Server Port'), _("Do not use port 53 (dnsmasq), port 5353 (mDNS) or other common ports"));
o.datatype = 'port';
o.default = 5300;
o.placeholder = 5300;
o.rmempty = true;
o = s.taboption('dns', form.Value, 'dns_count', _('Extra DNS Server Ports'), _('Listen for DNS Requests on multiple ports (all of which serves as dnsmasq upstream servers).<br/>For example if Xray DNS Server Port is 5300 and use 3 extra ports, 5300 - 5303 will be used for DNS requests.<br/>Increasing this value may help reduce the possibility of temporary DNS lookup failures.'));
o.datatype = 'range(0, 50)';
o.default = 0;
o.placeholder = 3;
o.rmempty = true;
o = s.taboption('dns', form.ListValue, 'routing_domain_strategy', _('Routing Domain Strategy'), _("Domain resolution strategy when matching domain against rules. (For tproxy, this is effective only when sniffing is enabled.)"));
o.value("AsIs", "AsIs");
@ -779,7 +791,8 @@ return view.extend({
o = s.taboption('transparent_proxy_rules', form.Value, 'mark', _('Socket Mark Number'), _('Avoid proxy loopback problems with local (gateway) traffic'));
o.datatype = 'range(1, 255)';
o.default = 255;
o.placeholder = 255;
o.rmempty = true;
o = s.taboption('transparent_proxy_rules', form.SectionValue, "access_control_manual_tproxy", form.GridSection, 'manual_tproxy', _('Manual Transparent Proxy'), _('Compared to iptables REDIRECT, Xray could do NAT46 / NAT64 (for example accessing IPv6 only sites). See <a href="https://github.com/v2ray/v2ray-core/issues/2233">FakeDNS</a> for details.'));
@ -912,31 +925,32 @@ return view.extend({
o.depends("metrics_server_enable", "1");
o.datatype = 'port';
o.placeholder = '18888';
o.rmempty = true;
o = s.taboption('extra_options', form.Value, 'handshake', _('Handshake Timeout'), _('Policy: Handshake timeout when connecting to upstream. See <a href="https://xtls.github.io/config/policy.html#levelpolicyobject">here</a> for help.'));
o.datatype = 'uinteger';
o.placeholder = 4;
o.default = 4;
o.rmempty = true;
o = s.taboption('extra_options', form.Value, 'conn_idle', _('Connection Idle Timeout'), _('Policy: Close connection if no data is transferred within given timeout. See <a href="https://xtls.github.io/config/policy.html#levelpolicyobject">here</a> for help.'));
o.datatype = 'uinteger';
o.placeholder = 300;
o.default = 300;
o.rmempty = true;
o = s.taboption('extra_options', form.Value, 'uplink_only', _('Uplink Only Timeout'), _('Policy: How long to wait before closing connection after server closed connection. See <a href="https://xtls.github.io/config/policy.html#levelpolicyobject">here</a> for help.'));
o.datatype = 'uinteger';
o.placeholder = 2;
o.default = 2;
o.rmempty = true;
o = s.taboption('extra_options', form.Value, 'downlink_only', _('Downlink Only Timeout'), _('Policy: How long to wait before closing connection after client closed connection. See <a href="https://xtls.github.io/config/policy.html#levelpolicyobject">here</a> for help.'));
o.datatype = 'uinteger';
o.placeholder = 5;
o.default = 5;
o.rmempty = true;
o = s.taboption('extra_options', form.Value, 'buffer_size', _('Buffer Size'), _('Policy: Internal cache size per connection. See <a href="https://xtls.github.io/config/policy.html#levelpolicyobject">here</a> for help.'));
o.datatype = 'uinteger';
o.placeholder = 512;
o.default = 512;
o.rmempty = true;
o = s.taboption('extra_options', form.SectionValue, "xray_bridge", form.TableSection, 'bridge', _('Bridge'), _('Reverse proxy tool. Currently only client role (bridge) is supported. See <a href="https://xtls.github.io/config/reverse.html#bridgeobject">here</a> for help.'));

4
sing-box/Makefile
View File

@ -6,12 +6,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=sing-box
PKG_VERSION:=1.5.0
PKG_VERSION:=1.6.0-alpha.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=4e2447907a5891aaa5e8c8aa272bc530f7098449ef76e624a2e7c917d41c2a78
PKG_HASH:=34a43268e19e185e363952a0fe1ae4f711017984c39fa89c7e16f1c457a3bd72
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=LICENSE

18
v2ray-geodata/Makefile
View File

@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=v2ray-geodata
PKG_RELEASE:=2
PKG_RELEASE:=1
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
@ -21,13 +21,13 @@ define Download/geoip
HASH:=32ce0b6333d03234ad8c43c3c91645cb28fca4f6176e69f4d08bbbc7ea7b7835
endef
GEOSITE_VER:=20230930105558
GEOSITE_VER:=20231001063004
GEOSITE_FILE:=dlc.dat.$(GEOSITE_VER)
define Download/geosite
URL:=https://github.com/v2fly/domain-list-community/releases/download/$(GEOSITE_VER)/
URL_FILE:=dlc.dat
FILE:=$(GEOSITE_FILE)
HASH:=a4397dbc70bebba1d003829ced7c72cdbf2a2c85eee6497229567ac64a8a188c
HASH:=c126f8c26d17ca67080203619cdad3b613f8ada52b99253ac145e5ecd78e30e9
endef
define Package/v2ray-geodata/template
@ -52,6 +52,16 @@ define Package/v2ray-geosite
LICENSE:=MIT
endef
define Build/Prepare
$(call Build/Prepare/Default)
ifneq ($(CONFIG_PACKAGE_v2ray-geoip),)
$(call Download,geoip)
endif
ifneq ($(CONFIG_PACKAGE_v2ray-geosite),)
$(call Download,geosite)
endif
endef
define Build/Compile
endef
@ -65,7 +75,5 @@ define Package/v2ray-geosite/install
$(INSTALL_DATA) $(DL_DIR)/$(GEOSITE_FILE) $(1)/usr/share/v2ray/geosite.dat
endef
$(eval $(call Download,geoip))
$(eval $(call Download,geosite))
$(eval $(call BuildPackage,v2ray-geoip))
$(eval $(call BuildPackage,v2ray-geosite))