OpenWrt/kiddin9-packages
1
0
Fork 0
mirror of https://github.com/kiddin9/openwrt-packages.git synced 2025-01-09 10:37:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

🎉 Sync 2023-02-08 20:22:06

Browse Source
This commit is contained in:
github-actions[bot] 2023-02-08 20:22:06 +08:00
parent 8efbd603c0
commit cb875eb0f3
15 changed files with 386 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cloudreve/Makefile
View File

@ -5,12 +5,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=cloudreve
PKG_VERSION:=3.6.2
PKG_RELEASE:=23
PKG_VERSION:=3.6.1
PKG_RELEASE:=24
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cloudreve/Cloudreve.git
PKG_SOURCE_VERSION:=42a31f2fd1c8f14c14762a6b1c2b67b4bb498ad2
PKG_SOURCE_VERSION:=73d0f2db9b3ba2fcb441cad7174698359b78b9ad
PKG_MIRROR_HASH:=skip
PKG_LICENSE:=GPL-3.0-only

6
ddnsgo/Makefile
View File

@ -10,13 +10,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ddnsgo
PKG_VERSION:=4.5.1
PKG_RELEASE:=30
PKG_VERSION:=4.5.2
PKG_RELEASE:=31
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/jeessy2/ddns-go.git
PKG_SOURCE_VERSION:=4724613a11586ba6a599e4272ea5fbb46c2a3399
PKG_SOURCE_VERSION:=0eaa6935faa65fba026069f8717f3478e629c12c
PKG_MIRROR_HASH:=skip
PKG_LICENSE:=AGPL-3.0-only

4
haproxy/Makefile
View File

@ -11,11 +11,11 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
PKG_VERSION:=2.6.8
PKG_RELEASE:=17
PKG_RELEASE:=18
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.6/src
PKG_HASH:=skip
PKG_HASH:=a02ad64550dd30a94b25fd0e225ba699649d0c4037bca3b36b20e8e3235bb86f
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
Christian Lachner <gladiac@gmail.com>

2
homeproxy/Makefile
View File

@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-homeproxy
PKG_VERSION:=1.0-alpha
PKG_RELEASE:=17
PKG_RELEASE:=18
LUCI_TITLE:=The modern ImmortalWrt proxy platform for ARM64/AMD64
LUCI_PKGARCH:=all

2
homeproxy/README
View File

@ -1,6 +1,6 @@
TODO:
- Support ACL for regular mode
- Refactor resources management
- Tproxy UDP is almost broken (nat4), need ask sing-box for help
- Tproxy UDP performs nat4 due to incorrect firewall rules
- Rewrite existing lua scripts into ucode
- Any other improvements

115
homeproxy/htdocs/luci-static/resources/view/homeproxy/client.js
View File

@ -224,8 +224,8 @@ return view.extend({
/* Interface control start */
ss.tab('interface', _('Interface Control'));
so = ss.taboption('interface', widgets.DeviceSelect, 'listen_interface', _('Listen interface'),
_('Only process traffic from specific interface(s). Leave empty for all.'));
so = ss.taboption('interface', widgets.DeviceSelect, 'listen_interfaces', _('Listen interfaces'),
_('Only process traffic from specific interfaces. Leave empty for all.'));
so.multiple = true;
so.noaliases = true;
@ -253,7 +253,7 @@ return view.extend({
});
so = ss.taboption('lan_ip_policy', form.ListValue, 'lan_proxy_mode', _('Proxy filter mode'));
so.value('disabled', _('Disabled'));
so.value('disabled', _('Disable'));
so.value('listed_only', _('Proxy listed only'));
so.value('except_listed', _('Proxy all except listed'));
so.default = 'disabled';
@ -303,25 +303,6 @@ return view.extend({
so.value(ipv6, '%s (%s)'.format(ipv6, ip6addrs[ipv6]));
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_mac_addrs', _('Global proxy MAC addresses'));
so.datatype = 'macaddr';
Object.keys(hosts).forEach(function(mac) {
var hint = hosts[mac].name || L.toArray(hosts[mac].ipaddrs || hosts[mac].ipv4)[0];
so.value(mac, hint ? '%s (%s)'.format(mac, hint) : mac);
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_ipv4_ips', _('Global proxy IPv4 IP-s'));
so.datatype = 'or(ip4addr, cidr4)';
L.sortedKeys(ipaddrs, null, 'addr').forEach(function(ipv4) {
so.value(ipv4, '%s (%s)'.format(ipv4, ipaddrs[ipv4]));
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_ipv6_ips', _('Global proxy IPv6 IP-s'));
so.datatype = 'or(ip6addr, cidr6)';
L.sortedKeys(ip6addrs, null, 'addr').forEach(function(ipv6) {
so.value(ipv6, '%s (%s)'.format(ipv6, ip6addrs[ipv6]));
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_gaming_mode_mac_addrs', _('Gaming mode MAC addresses'));
so.datatype = 'macaddr';
Object.keys(hosts).forEach(function(mac) {
@ -340,24 +321,73 @@ return view.extend({
L.sortedKeys(ip6addrs, null, 'addr').forEach(function(ipv6) {
so.value(ipv6, '%s (%s)'.format(ipv6, ip6addrs[ipv6]));
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_mac_addrs', _('Global proxy MAC addresses'));
so.datatype = 'macaddr';
Object.keys(hosts).forEach(function(mac) {
var hint = hosts[mac].name || L.toArray(hosts[mac].ipaddrs || hosts[mac].ipv4)[0];
so.value(mac, hint ? '%s (%s)'.format(mac, hint) : mac);
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_ipv4_ips', _('Global proxy IPv4 IP-s'));
so.datatype = 'or(ip4addr, cidr4)';
L.sortedKeys(ipaddrs, null, 'addr').forEach(function(ipv4) {
so.value(ipv4, '%s (%s)'.format(ipv4, ipaddrs[ipv4]));
});
so = ss.taboption('lan_ip_policy', form.DynamicList, 'lan_global_proxy_ipv6_ips', _('Global proxy IPv6 IP-s'));
so.datatype = 'or(ip6addr, cidr6)';
L.sortedKeys(ip6addrs, null, 'addr').forEach(function(ipv6) {
so.value(ipv6, '%s (%s)'.format(ipv6, ip6addrs[ipv6]));
});
/* LAN IP policy end */
/* WAN IP policy start */
ss.tab('wan_ip_policy', _('WAN IP Policy'));
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_direct_ipv4_ips', _('Direct IPv4 IP-s'));
so.datatype = 'or(ip4addr, cidr4)';
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_direct_ipv6_ips', _('Direct IPv6 IP-s'));
so.datatype = 'or(ip6addr, cidr6)';
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_proxy_ipv4_ips', _('Proxy IPv4 IP-s'));
so.datatype = 'or(ip4addr, cidr4)';
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_proxy_ipv6_ips', _('Proxy IPv6 IP-s'));
so.datatype = 'or(ip6addr, cidr6)';
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_direct_ipv4_ips', _('Direct IPv4 IP-s'));
so.datatype = 'or(ip4addr, cidr4)';
so = ss.taboption('wan_ip_policy', form.DynamicList, 'wan_direct_ipv6_ips', _('Direct IPv6 IP-s'));
so.datatype = 'or(ip6addr, cidr6)';
/* WAN IP policy end */
/* Proxy domain list start */
ss.tab('proxy_domain_list', _('Proxy Domain List'));
so = ss.taboption('proxy_domain_list', form.TextValue, '_proxy_domain_list');
so.rows = 10;
so.monospace = true;
so.datatype = 'hostname';
so.load = function(section_id) {
return L.resolveDefault(callReadDomainList('proxy_list')).then((res) => {
return res.content;
}, {});
}
so.write = function(section_id, value) {
return callWriteDomainList('proxy_list', value);
}
so.remove = function(section_id, value) {
return callWriteDomainList('proxy_list', '');
}
so.validate = function(section_id, value) {
if (section_id && value) {
for (var i of value.split('\n')) {
if (!stubValidator.apply('hostname', i))
return _('Expecting: %s').format(_('valid hostname'));
}
}
return true;
}
/* Proxy domain list end */
/* Direct domain list start */
ss.tab('direct_domain_list', _('Direct Domain List'));
@ -387,35 +417,6 @@ return view.extend({
return true;
}
/* Direct domain list end */
/* Proxy domain list start */
ss.tab('proxy_domain_list', _('Proxy Domain List'));
so = ss.taboption('proxy_domain_list', form.TextValue, '_proxy_domain_list');
so.rows = 10;
so.monospace = true;
so.datatype = 'hostname';
so.load = function(section_id) {
return L.resolveDefault(callReadDomainList('proxy_list')).then((res) => {
return res.content;
}, {});
}
so.write = function(section_id, value) {
return callWriteDomainList('proxy_list', value);
}
so.remove = function(section_id, value) {
return callWriteDomainList('proxy_list', '');
}
so.validate = function(section_id, value) {
if (section_id && value) {
for (var i of value.split('\n')) {
if (!stubValidator.apply('hostname', i))
return _('Expecting: %s').format(_('valid hostname'));
}
}
return true;
}
/* Proxy domain list end */
/* Regular mode ACL settings end */
/* Custom routing settings start */

230
homeproxy/root/etc/homeproxy/scripts/firewall_post.ut
View File

@ -1,27 +1,38 @@
#!/usr/bin/utpl -S
{%-
/* Utilities config start */
import { readfile } from 'fs';
const resources_dir = '/etc/homeproxy/resources';
/* Utilities config end */
/* UCI config start */
import { cursor } from 'uci';
function array_to_nftstr(array) {
if (type(array) !== 'array')
return array;
return join(', ', array);
}
/* Misc config */
const resources_dir = '/etc/homeproxy/resources';
/* UCI config start */
const cfgname = 'homeproxy';
const uci = cursor();
uci.load(cfgname);
const routing_mode = uci.get(cfgname, 'config', 'routing_mode') || 'bypass_mainland_china';
let ipv6_support, outbound_node, outbound_udp_node, routing_port;
let self_mark, redirect_port, tproxy_port, tproxy_mark;
let tun_name, tun_mark;
let outbound_node, outbound_udp_node, routing_port,
self_mark, redirect_port, tproxy_port, tproxy_mark,
ipv6_support, listen_interfaces, tun_name, tun_mark;
const control_options = [ "lan_proxy_mode",
"lan_direct_mac_addrs", "lan_direct_ipv4_ips", "lan_direct_ipv6_ips",
"lan_proxy_mac_addrs", "lan_proxy_ipv4_ips", "lan_proxy_ipv6_ips",
"lan_gaming_mode_mac_addrs", "lan_gaming_mode_ipv4_ips", "lan_gaming_mode_ipv6_ips",
"lan_global_proxy_mac_addrs", "lan_global_proxy_ipv4_ips", "lan_global_proxy_ipv6_ips",
"wan_proxy_ipv4_ips", "wan_proxy_ipv6_ips", "wan_direct_ipv4_ips", "wan_direct_ipv6_ips"];
let control_info = {};
if (routing_mode !== 'custom') {
ipv6_support = uci.get(cfgname, 'config', 'ipv6_support') || '0';
outbound_node = uci.get(cfgname, 'config', 'main_node') || 'nil';
if (outbound_node !== 'nil') {
self_mark = uci.get(cfgname, 'infra', 'self_mark') || '100';
@ -36,7 +47,12 @@ if (routing_mode !== 'custom') {
routing_port = uci.get(cfgname, 'config', 'routing_port') || 'common';
if (routing_port === 'common')
routing_port = uci.get(cfgname, 'infra', 'common_port') || '22,53,80,143,443,465,587,853,993,995,8080,8443,9418'
routing_port = uci.get(cfgname, 'infra', 'common_port') || '22,53,80,143,443,465,587,853,993,995,8080,8443,9418';
ipv6_support = uci.get(cfgname, 'config', 'ipv6_support') || '0';
listen_interfaces = uci.get(cfgname, 'control', 'listen_interfaces');
for (let i in control_options)
control_info[i] = uci.get(cfgname, 'control', i);
} else {
tun_name = uci.get(cfgname, 'infra', 'tun_name') || 'singtun0';
tun_mark = uci.get(cfgname, 'infra', 'tun_mark') || '102';
@ -132,16 +148,88 @@ set homeproxy_mainland_addr_v6 {
{% endif %}
{% endif %}
{% if (routing_mode !== 'custom'): %}
set homeproxy_proxy_addr_v4 {
type ipv4_addr
flags interval
auto-merge
}
{% if (ipv6_support === '1'): %}
set homeproxy_proxy_addr_v6 {
type ipv6_addr
flags interval
auto-merge
}
{% endif %}
{% endif %}
{% if (routing_mode !== 'custom'): %}
{# Regular mode -#}
{# TCP redirect -#}
chain homeproxy_redirect {
meta mark {{ self_mark }} counter return
{% if (routing_port !== 'all'): %}
tcp dport != { {{ routing_port }} } counter return
{% endif %}
{% if (control_info['lan_proxy_mode'] === 'listed_only'): %}
{% if (control_info['lan_proxy_mac_addrs']): %}
ether saddr != { {{ array_to_nftstr(control_info['lan_proxy_mac_addrs']) }} } counter return
{% endif %}
{% if (control_info['lan_proxy_ipv4_ips']): %}
ip saddr != { {{ array_to_nftstr(control_info['lan_proxy_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_proxy_ipv6_ips']): %}
ip6 saddr != { {{ array_to_nftstr(control_info['lan_proxy_ipv6_ips']) }} } counter return
{% endif %}
{% elif (control_info['lan_proxy_mode'] === 'except_listed'): %}
{% if (control_info['lan_direct_mac_addrs']): %}
ether saddr { {{ array_to_nftstr(control_info['lan_direct_mac_addrs']) }} } counter return
{% endif %}
{% if (control_info['lan_proxy_ipv4_ips']): %}
ip saddr { {{ array_to_nftstr(control_info['lan_direct_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_direct_ipv6_ips']): %}
ip6 saddr { {{ array_to_nftstr(control_info['lan_direct_ipv6_ips']) }} } counter return
{% endif %}
{% endif %}
{% if (control_info['wan_proxy_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv4_ips']) }} } meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_proxy_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv6_ips']) }} } meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
ip daddr @homeproxy_proxy_addr_v4 meta l4proto tcp counter redirect to :{{ redirect_port }}
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_proxy_addr_v6 meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
ip daddr @homeproxy_localaddr_v4 counter return
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_localaddr_v6 counter return
{% endif %}
{% if (control_info['lan_global_proxy_mac_addrs']): %}
ether saddr { {{ array_to_nftstr(control_info['lan_global_proxy_mac_addrs']) }} } meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
{% if (control_info['lan_global_proxy_ipv4_ips']): %}
ip saddr { {{ array_to_nftstr(control_info['lan_global_proxy_ipv4_ips']) }} } meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_global_proxy_ipv6_ips']): %}
ip6 saddr { {{ array_to_nftstr(control_info['lan_global_proxy_ipv6_ips']) }} } meta l4proto tcp counter redirect to :{{ redirect_port }}
{% endif %}
{% if (control_info['wan_direct_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_direct_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_direct_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_direct_ipv6_ips']) }} } counter return
{% endif %}
{% if (routing_mode === 'gfwlist'): %}
ip daddr != @homeproxy_gfwlist_v4 counter return
{% if (ipv6_support === '1'): %}
@ -159,42 +247,103 @@ chain homeproxy_redirect {
{% endif %}
{% endif %}
{% if (routing_port !== 'all'): %}
tcp dport != { {{ routing_port }} } counter return
{% endif %}
meta l4proto tcp counter redirect to :{{ redirect_port }}
}
chain dstnat {
meta nfproto { {{ (ipv6_support === '1') ? 'ipv4, ipv6' : 'ipv4' }} } meta l4proto tcp jump homeproxy_redirect
chain homeproxy_dstnat_redir {
{% if (listen_interfaces): %}
meta iifname != { {{ array_to_nftstr(listen_interfaces) }} } counter return
{% endif %}
meta l4proto tcp jump homeproxy_redirect
}
chain homeproxy_output_redir {
type nat hook output priority filter -105; policy accept
meta nfproto { {{ (ipv6_support === '1') ? 'ipv4, ipv6' : 'ipv4' }} } meta l4proto tcp jump homeproxy_redirect
}
chain dstnat {
meta nfproto { {{ (ipv6_support === '1') ? 'ipv4, ipv6' : 'ipv4' }} } meta l4proto tcp jump homeproxy_dstnat_redir
}
{% if (outbound_udp_node !== 'nil'): %}
{# UDP tproxy #}
chain homeproxy_mangle_prerouting {
{% if (listen_interfaces): %}
meta iifname != { {{ array_to_nftstr(listen_interfaces) }}, lo } counter return
{% endif %}
meta mark {{ self_mark }} counter return
{% if (control_info['lan_proxy_mode'] === 'listed_only'): %}
{% if (control_info['lan_proxy_mac_addrs']): %}
ether saddr != { {{ array_to_nftstr(control_info['lan_proxy_mac_addrs']) }} } counter return
{% endif %}
{% if (control_info['lan_proxy_ipv4_ips']): %}
ip saddr != { {{ array_to_nftstr(control_info['lan_proxy_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_proxy_ipv6_ips']): %}
ip6 saddr != { {{ array_to_nftstr(control_info['lan_proxy_ipv6_ips']) }} } counter return
{% endif %}
{% elif (control_info['lan_proxy_mode'] === 'except_listed'): %}
{% if (control_info['lan_direct_mac_addrs']): %}
ether saddr { {{ array_to_nftstr(control_info['lan_direct_mac_addrs']) }} } counter return
{% endif %}
{% if (control_info['lan_proxy_ipv4_ips']): %}
ip saddr { {{ array_to_nftstr(control_info['lan_direct_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_direct_ipv6_ips']): %}
ip6 saddr { {{ array_to_nftstr(control_info['lan_direct_ipv6_ips']) }} } counter return
{% endif %}
{% endif %}
{% if (control_info['wan_proxy_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv4_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_proxy_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv6_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
{% endif %}
ip daddr @homeproxy_proxy_addr_v4 meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_proxy_addr_v6 meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
{% endif %}
ip daddr @homeproxy_localaddr_v4 counter return
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_localaddr_v6 counter return
{% endif %}
{% if (control_info['lan_global_proxy_mac_addrs']): %}
ether saddr { {{ array_to_nftstr(control_info['lan_global_proxy_mac_addrs']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
ether saddr { {{ array_to_nftstr(control_info['lan_global_proxy_mac_addrs']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::]:{{ tproxy_port }} counter accept
{% endif %}
{% if (control_info['lan_global_proxy_ipv4_ips']): %}
ip saddr { {{ array_to_nftstr(control_info['lan_global_proxy_ipv4_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_global_proxy_ipv6_ips']): %}
ip6 saddr { {{ array_to_nftstr(control_info['lan_global_proxy_ipv6_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
{% endif %}
{% if (control_info['wan_direct_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_direct_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_direct_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_direct_ipv6_ips']) }} } counter return
{% endif %}
{% if (routing_mode === 'gfwlist'): %}
ip daddr != @homeproxy_gfwlist_v4 counter return
{% if (ipv6_support === '1'): %}
ip6 daddr != @homeproxy_gfwlist_v6 counter return
{% endif %}
udp dport { 80, 443 } counter reject comment "!{{ cfgname }}: Fuck you QUIC"
{% endif %}
{% elif (routing_mode === 'bypass_mainland_china'): %}
ip daddr @homeproxy_mainland_addr_v4 counter return
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_mainland_addr_v6 counter return
{% endif %}
udp dport { 80, 443 } counter reject comment "!{{ cfgname }}: Fuck you QUIC"
{% endif %}
{% elif (routing_mode === 'proxy_mainland_china'): %}
ip daddr != @homeproxy_mainland_addr_v4 counter return
{% if (ipv6_support === '1'): %}
@ -202,6 +351,17 @@ chain homeproxy_mangle_prerouting {
{% endif %}
{% endif %}
{% if (control_info['lan_gaming_mode_mac_addrs']): %}
ether saddr { {{ array_to_nftstr(control_info['lan_gaming_mode_mac_addrs']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
ether saddr { {{ array_to_nftstr(control_info['lan_gaming_mode_mac_addrs']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::]:{{ tproxy_port }} counter accept
{% endif %}
{% if (control_info['lan_gaming_mode_ipv4_ips']): %}
ip saddr { {{ array_to_nftstr(control_info['lan_gaming_mode_ipv4_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
{% endif %}
{% if (ipv6_support === '1' && control_info['lan_gaming_mode_ipv6_ips']): %}
ip6 saddr { {{ array_to_nftstr(control_info['lan_gaming_mode_ipv6_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
{% endif %}
{% if (routing_port !== 'all'): %}
udp dport != { {{ routing_port }} } counter return
{% endif %}
@ -214,8 +374,34 @@ chain homeproxy_mangle_prerouting {
chain homeproxy_mangle_output {
meta mark {{ self_mark }} counter return
{% if (routing_port !== 'all'): %}
udp dport != { {{ routing_port }} } counter return
{% endif %}
{% if (control_info['wan_proxy_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv4_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} counter accept
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_proxy_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_proxy_ipv6_ips']) }} } meta l4proto udp mark set {{ tproxy_mark }} counter accept
{% endif %}
ip daddr @homeproxy_proxy_addr_v4 meta l4proto udp mark set {{ tproxy_mark }} counter accept
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_proxy_addr_v6 meta l4proto udp mark set {{ tproxy_mark }} counter accept
{% endif %}
ip daddr @homeproxy_localaddr_v4 counter return
{% if (ipv6_support === '1'): %}
ip6 daddr @homeproxy_localaddr_v6 counter return
{% endif %}
{% if (control_info['wan_direct_ipv4_ips']): %}
ip daddr { {{ array_to_nftstr(control_info['wan_direct_ipv4_ips']) }} } counter return
{% endif %}
{% if (ipv6_support === '1' && control_info['wan_direct_ipv6_ips']): %}
ip6 daddr { {{ array_to_nftstr(control_info['wan_direct_ipv6_ips']) }} } counter return
{% endif %}
{% if (routing_mode === 'gfwlist'): %}
ip daddr != @homeproxy_gfwlist_v4 counter return
@ -234,10 +420,6 @@ chain homeproxy_mangle_output {
{% endif %}
{% endif %}
{% if (routing_port !== 'all'): %}
udp dport != { {{ routing_port }} } counter return
{% endif %}
meta l4proto udp mark set {{ tproxy_mark }} counter accept
}

7
homeproxy/root/etc/homeproxy/scripts/generate_sing-box.lua
View File

@ -41,6 +41,7 @@ local uci = luci.model.uci.cursor()
local uciconfig = "homeproxy"
local uciinfra = "infra"
local ucimain = "config"
local ucicontrol = "control"
local ucidnssetting = "dns"
local ucidnsserver = "dns_server"
@ -67,17 +68,19 @@ local dns_port = uci:get(uciconfig, uciinfra, "dns_port") or "5333"
local enable_server = uci:get(uciconfig, uciserver, "enabled") or "0"
local ipv6_support, main_node, main_udp_node, default_outbound, default_interface
local main_node, main_udp_node, ipv6_support, default_outbound, default_interface
local dns_strategy, dns_default_server, dns_disable_cache, dns_disable_cache_expire
local redirect_port, tproxy_port, self_mark
local sniff_override, tun_name, tcpip_stack, endpoint_independent_nat
if routing_mode ~= "custom" then
ipv6_support = uci:get(uciconfig, ucimain, "ipv6_support") or "0"
main_node = uci:get(uciconfig, ucimain, "main_node") or "nil"
main_udp_node = uci:get(uciconfig, ucimain, "main_udp_node") or "nil"
redirect_port = uci:get(uciconfig, uciinfra, "redirect_port") or "5331"
tproxy_port = uci:get(uciconfig, uciinfra, "tproxy_port") or "5332"
self_mark = uci:get(uciconfig, uciinfra, "self_mark") or "100"
ipv6_support = uci:get(uciconfig, ucimain, "ipv6_support") or "0"
default_interface = uci:get(uciconfig, ucicontrol, "bind_interface")
else
-- DNS settings
dns_strategy = uci:get(uciconfig, ucidnssetting, "dns_strategy")

17
homeproxy/root/etc/init.d/homeproxy
View File

@ -69,9 +69,9 @@ start_service() {
config_get_bool ipv6_support "config" "ipv6_support" "0"
# DNSMasq rules
local dns_port
local dns_port nftset_v6
config_get dns_port "infra" "dns_port" "5333"
[ "$ipv6_support" -eq "0" ] || local nftset_v6=",6#inet#fw4#homeproxy_gfwlist_v6"
[ "$ipv6_support" -eq "0" ] || nftset_v6=",6#inet#fw4#homeproxy_gfwlist_v6"
mkdir -p "$DNSMASQ_DIR"
echo -e "conf-dir=$DNSMASQ_DIR" > "$DNSMASQ_DIR/../dnsmasq-homeproxy.conf"
if [ "$routing_mode" = "gfwlist" ]; then
@ -90,6 +90,12 @@ start_service() {
server=127.0.0.1#$dns_port
EOF
fi
if [ "$routing_mode" != "custom" ]; then
[ "$ipv6_support" -eq "0" ] || nftset_v6=",6#inet#fw4#homeproxy_proxylist_v6"
sed -r -e "s/(.*)/server=\/\1\/127.0.0.1#$dns_port\nnftset=\/\1\\/4#inet#fw4#homeproxy_proxylist_v4$nftset_v6/g" \
"$HP_DIR/resources/proxy_list.txt" > "$DNSMASQ_DIR/proxy_list.conf"
fi
/etc/init.d/dnsmasq restart >"/dev/null" 2>&1
# Setup firewall
@ -187,14 +193,15 @@ service_stopped() {
ip -6 rule del fwmark "$tun_mark" table "$table_mark" 2>"/dev/null"
# Nftables rules
for i in "homeproxy_output_redir" "homeproxy_redirect" \
"homeproxy_mangle_prerouting" "homeproxy_mangle_output"; do
for i in "homeproxy_dstnat_redir" "homeproxy_output_redir" "homeproxy_redirect" \
"homeproxy_mangle_mark" "homeproxy_mangle_prerouting" "homeproxy_mangle_output"; do
nft flush chain inet fw4 "$i" 2>"/dev/null"
nft delete chain inet fw4 "$i" 2>"/dev/null"
done
for i in "homeproxy_localaddr_v4" "homeproxy_localaddr_v6" \
"homeproxy_gfwlist_v4" "homeproxy_gfwlist_v6" \
"homeproxy_mainland_addr_v4" "homeproxy_mainland_addr_v6"; do
"homeproxy_mainland_addr_v4" "homeproxy_mainland_addr_v6" \
"homeproxy_proxy_addr_v4" "homeproxy_proxy_addr_v6"; do
nft flush set inet fw4 "$i" 2>"/dev/null"
nft delete set inet fw4 "$i" 2>"/dev/null"
done

4
hysteria/Makefile
View File

@ -5,8 +5,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=hysteria
PKG_VERSION:=1.3.2
PKG_RELEASE:=40
PKG_VERSION:=1.3.3
PKG_RELEASE:=41
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/apernet/hysteria/tar.gz/v$(PKG_VERSION)?

86
luci-app-natmap/po/tr/natmap.po Normal file
View File

@ -0,0 +1,86 @@
msgid ""
msgstr ""
"Language: tr\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:93
msgid "Bind port"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:55
msgid "Enable"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:119
msgid "External IP"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:126
msgid "External Port"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:88
msgid "For TCP mode"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:97
msgid "Forward mode"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:105
msgid "Forward target"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:110
msgid "Forward target port"
msgstr ""
#: applications/luci-app-natmap/root/usr/share/rpcd/acl.d/luci-app-natmap.json:3
msgid "Grant access to LuCI app natmap"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:88
msgid "HTTP server"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:71
msgid "IPv4 and IPv6"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:72
msgid "IPv4 only"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:73
msgid "IPv6 only"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:75
msgid "Interface"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:78
msgid "Keep-alive interval"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:50
#: applications/luci-app-natmap/root/usr/share/luci/menu.d/luci-app-natmap.json:3
msgid "NATMap"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:115
msgid "Notify script"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:59
msgid "Protocol"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:69
msgid "Restrict to address family"
msgstr ""
#: applications/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js:82
msgid "STUN server"
msgstr ""

5
luci-base/htdocs/luci-static/resources/ui.js
View File

@ -820,7 +820,7 @@ var UISelect = UIElement.extend(/** @lends LuCI.ui.Select.prototype */ {
'type': this.options.multiple ? 'checkbox' : 'radio',
'class': this.options.multiple ? 'cbi-input-checkbox' : 'cbi-input-radio',
'value': keys[i],
'checked': ((!i && !this.values.length) || this.values.indexOf(keys[i]) > -1) ? '' : null,
'checked': (this.values.indexOf(keys[i]) > -1) ? '' : null,
'disabled': this.options.disabled ? '' : null
}),
E('label', { 'for': this.options.id ? 'widget.%s.%d'.format(this.options.id, i) : null }),
@ -832,9 +832,6 @@ var UISelect = UIElement.extend(/** @lends LuCI.ui.Select.prototype */ {
]));
frameEl.appendChild(brEl.cloneNode());
if (!frameEl.querySelector('> span > input[checked]')
frameEl.querySelector('> span > input').checked = true;
}
}

4
v2ray-core/Makefile
View File

@ -5,8 +5,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=v2ray-core
PKG_VERSION:=5.2.1
PKG_RELEASE:=49
PKG_VERSION:=5.3.0
PKG_RELEASE:=50
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/v2fly/v2ray-core/tar.gz/v$(PKG_VERSION)?

4
v2ray-plugin/Makefile
View File

@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=v2ray-plugin
PKG_VERSION:=5.2.0
PKG_RELEASE:=66
PKG_VERSION:=5.3.0
PKG_RELEASE:=67
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/teddysun/v2ray-plugin/tar.gz/v$(PKG_VERSION)?

4
xray-core/Makefile
View File

@ -1,8 +1,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=Xray-core
PKG_VERSION:=1.7.3
PKG_RELEASE:=62
PKG_VERSION:=1.7.5
PKG_RELEASE:=63
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)?