From 809c0cfa7c9e54384f174130d9db29b5edd071e9 Mon Sep 17 00:00:00 2001 From: actions-user Date: Mon, 18 Nov 2024 00:14:20 +0800 Subject: [PATCH] update 2024-11-18 00:14:20 --- .../share/passwall/helper_chinadns_add.lua | 100 +++++++++++------- luci-app-ssr-plus/Makefile | 2 +- .../root/etc/init.d/shadowsocksr | 7 +- .../root/usr/share/shadowsocksr/update.lua | 18 +++- 4 files changed, 81 insertions(+), 46 deletions(-) diff --git a/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua b/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua index 11bdd550..9622d268 100644 --- a/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua +++ b/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua @@ -53,12 +53,36 @@ local function insert_unique(dest_table, value, lookup_table) end end -local function merge_array(lines1, lines2) - for i, line in ipairs(lines2) do - table.insert(lines1, #lines1 + 1, line) +local function merge_array(array1, array2) + for i, line in ipairs(array2) do + table.insert(array1, #array1 + 1, line) end end +local function insert_array_before(array1, array2, target) --将array2插入到array1的target前面,target不存在则追加 + for i, line in ipairs(array1) do + if line == target then + for j = #array2, 1, -1 do + table.insert(array1, i, array2[j]) + end + return + end + end + merge_array(array1, array2) +end + +local function insert_array_after(array1, array2, target) --将array2插入到array1的target后面,target不存在则追加 + for i, line in ipairs(array1) do + if line == target then + for j = 1, #array2 do + table.insert(array1, i + j, array2[j]) + end + return + end + end + merge_array(array1, array2) +end + if not fs.access(TMP_ACL_PATH) then fs.mkdir(TMP_ACL_PATH, 493) end @@ -74,6 +98,7 @@ config_lines = { "filter-qtype 65" } +--内置组(chn/gfw)优先级在自定义组后 --GFW列表 if GFWLIST == "1" and is_file_nonzero(RULES_PATH .. "/gfwlist") then tmp_lines = { @@ -114,35 +139,6 @@ if CHNLIST ~= "0" and is_file_nonzero(RULES_PATH .. "/chnlist") then end --自定义规则组,后声明的组具有更高优先级 ---直连(白名单)列表 -local file_direct_host = TMP_ACL_PATH .. "/direct_host" -if USE_DIRECT_LIST == "1" and not fs.access(file_direct_host) then --对自定义列表进行清洗 - local direct_domain, lookup_direct_domain = {}, {} - for line in io.lines(RULES_PATH .. "/direct_host") do - line = api.get_std_domain(line) - if line ~= "" and not line:find("#") then - insert_unique(direct_domain, line, lookup_direct_domain) - end - end - if #direct_domain > 0 then - local f_out = io.open(file_direct_host, "w") - for i = 1, #direct_domain do - f_out:write(direct_domain[i] .. "\n") - end - f_out:close() - end -end -if USE_DIRECT_LIST == "1" and is_file_nonzero(file_direct_host) then - tmp_lines = { - "group directlist", - "group-dnl " .. file_direct_host, - "group-upstream " .. DNS_LOCAL, - "group-ipset " .. setflag .. "passwall_whitelist," .. setflag .. "passwall_whitelist6" - } - merge_array(config_lines, tmp_lines) - log(string.format(" - 域名白名单(whitelist):%s", DNS_LOCAL or "默认")) -end - --代理(黑名单)列表 local file_proxy_host = TMP_ACL_PATH .. "/proxy_host" if USE_PROXY_LIST == "1" and not fs.access(file_proxy_host) then --对自定义列表进行清洗 @@ -173,6 +169,35 @@ if USE_PROXY_LIST == "1" and is_file_nonzero(file_proxy_host) then log(string.format(" - 代理域名表(blacklist):%s", DNS_TRUST or "默认")) end +--直连(白名单)列表 +local file_direct_host = TMP_ACL_PATH .. "/direct_host" +if USE_DIRECT_LIST == "1" and not fs.access(file_direct_host) then --对自定义列表进行清洗 + local direct_domain, lookup_direct_domain = {}, {} + for line in io.lines(RULES_PATH .. "/direct_host") do + line = api.get_std_domain(line) + if line ~= "" and not line:find("#") then + insert_unique(direct_domain, line, lookup_direct_domain) + end + end + if #direct_domain > 0 then + local f_out = io.open(file_direct_host, "w") + for i = 1, #direct_domain do + f_out:write(direct_domain[i] .. "\n") + end + f_out:close() + end +end +if USE_DIRECT_LIST == "1" and is_file_nonzero(file_direct_host) then + tmp_lines = { + "group directlist", + "group-dnl " .. file_direct_host, + "group-upstream " .. DNS_LOCAL, + "group-ipset " .. setflag .. "passwall_whitelist," .. setflag .. "passwall_whitelist6" + } + merge_array(config_lines, tmp_lines) + log(string.format(" - 域名白名单(whitelist):%s", DNS_LOCAL or "默认")) +end + --屏蔽列表 local file_block_host = TMP_ACL_PATH .. "/block_host" if USE_BLOCK_LIST == "1" and not fs.access(file_block_host) then --对自定义列表进行清洗 @@ -299,15 +324,8 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then "group-ipset " .. setflag .. "passwall_shuntlist," .. setflag .. "passwall_shuntlist6" } if NO_IPV6_TRUST == "1" then table.insert(tmp_lines, "no-ipv6 tag:shuntlist") end - -- 在 "filter-qtype 65" 后插入 tmp_lines (shuntlist优先级最低) - for i, line in ipairs(config_lines) do - if line == "filter-qtype 65" then - for j, tmp_line in ipairs(tmp_lines) do - table.insert(config_lines, i + j, tmp_line) - end - break - end - end + -- 在 "filter-qtype 65" 后插入 tmp_lines (shuntlist在自定义组中优先级最低) + insert_array_after(config_lines, tmp_lines, "filter-qtype 65") end end diff --git a/luci-app-ssr-plus/Makefile b/luci-app-ssr-plus/Makefile index 04875d49..b469328e 100644 --- a/luci-app-ssr-plus/Makefile +++ b/luci-app-ssr-plus/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-ssr-plus PKG_VERSION:=189 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_CONFIG_DEPENDS:= \ CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NONE_V2RAY \ diff --git a/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/luci-app-ssr-plus/root/etc/init.d/shadowsocksr index 4029a074..740bdce3 100755 --- a/luci-app-ssr-plus/root/etc/init.d/shadowsocksr +++ b/luci-app-ssr-plus/root/etc/init.d/shadowsocksr @@ -17,14 +17,17 @@ LOCK_FILE=/var/lock/ssrplus.lock LOG_FILE=/var/log/ssrplus.log TMP_PATH=/var/etc/ssrplus TMP_BIN_PATH=$TMP_PATH/bin +# 设置 DNSMASQ_CONF_DIR 和 TMP_DNSMASQ_PATH +[ -f /etc/openwrt_release ] && { # 获取默认的 DNSMasq 配置 ID -DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}' | head -1) +DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] | awk -F '.' '{print $2}' | awk -F '=' '{print $1}' | head -n 1) # 查找包含 conf-dir 选项的 dnsmasq.conf 文件路径 DNSMASQ_CONF_PATH=$(grep -l "^conf-dir=" "/tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID}") # 从 conf-dir 行中提取目录路径 DNSMASQ_CONF_DIR=$(grep '^conf-dir=' "$DNSMASQ_CONF_PATH" | cut -d'=' -f2 | head -n 1) # 设置 TMP_DNSMASQ_PATH,并去除路径末尾的斜杠 -TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR%*/}/dnsmasq-ssrplus.d +TMP_DNSMASQ_PATH="${DNSMASQ_CONF_DIR%*/}/dnsmasq-ssrplus.d" +} chain_config_file= #generate shadowtls chain proxy config file tcp_config_file= diff --git a/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua b/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua index d9fa0806..33ca9fef 100755 --- a/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua +++ b/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua @@ -9,13 +9,27 @@ require "luci.model.uci" local icount = 0 local args = arg[1] local uci = luci.model.uci.cursor() -local TMP_DNSMASQ_PATH = luci.sys.exec("find /tmp/dnsmasq.*/dnsmasq-ssrplus.d -type d -print 2>/dev/null"):gsub("%s+", "") + +-- 以下设置更新数据库至 DNSMASQ 路径 +-- 获取 DEFAULT_DNSMASQ_CFGID +local DEFAULT_DNSMASQ_CFGID = uci:get_first("dhcp", "dnsmasq", ".name") +-- 查找包含 conf-dir 选项的 dnsmasq.conf 文件路径 +local DNSMASQ_CONF_PATH = string.format("grep -l '^conf-dir=' /tmp/etc/dnsmasq.conf.%s*", DEFAULT_DNSMASQ_CFGID):gsub("%s+", "") -- 去除空白字符 +-- 获取 DNSMASQ_CONF_DIR +local DNSMASQ_CONF_DIR = string.format("grep '^conf-dir=' %s | cut -d'=' -f2 | head -n 1", DNSMASQ_CONF_PATH):gsub("%s+", "") -- 去除空白字符 +-- 设置 TMP_DNSMASQ_PATH 路径 +local TMP_DNSMASQ_PATH = DNSMASQ_CONF_DIR .. "/dnsmasq-ssrplus.d" + local TMP_PATH = "/var/etc/ssrplus" -- match comments/title/whitelist/ip address/excluded_domain local comment_pattern = "^[!\\[@]+" local ip_pattern = "^%d+%.%d+%.%d+%.%d+" local domain_pattern = "([%w%-%_]+%.[%w%.%-%_]+)[%/%*]*" -local excluded_domain = {"apple.com", "sina.cn", "sina.com.cn", "baidu.com", "byr.cn", "jlike.com", "weibo.com", "zhongsou.com", "youdao.com", "sogou.com", "so.com", "soso.com", "aliyun.com", "taobao.com", "jd.com", "qq.com"} +local excluded_domain = { + "apple.com", "sina.cn", "sina.com.cn", "baidu.com", "byr.cn", "jlike.com", + "weibo.com", "zhongsou.com", "youdao.com", "sogou.com", "so.com", "soso.com", + "aliyun.com", "taobao.com", "jd.com", "qq.com" +} -- gfwlist parameter local mydnsip = '127.0.0.1' local mydnsport = '5335'