🐶 Sync 2024-11-12 16:30

This commit is contained in:
github-actions[bot] 2024-11-12 16:30:41 +08:00
parent c179694832
commit da69f13b81
4 changed files with 5 additions and 36 deletions

View File

@ -5,12 +5,12 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=hysteria PKG_NAME:=hysteria
PKG_VERSION:=2.5.2 PKG_VERSION:=2.6.0
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/apernet/hysteria/tar.gz/app/v$(PKG_VERSION)? PKG_SOURCE_URL:=https://codeload.github.com/apernet/hysteria/tar.gz/app/v$(PKG_VERSION)?
PKG_HASH:=56acc2c3a795b9f9074d6ed3cf725d3fc491ebd45a10203d6afef927d7fe3c78 PKG_HASH:=c9d878ea81c78e71fcb07d47e3366cb4ae2ef5bce62f0ad81e58923db4995366
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-app-v$(PKG_VERSION) PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-app-v$(PKG_VERSION)
PKG_LICENSE:=MIT PKG_LICENSE:=MIT

View File

@ -224,10 +224,8 @@ end
if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
local white_domain, lookup_white_domain = {}, {} local white_domain, lookup_white_domain = {}, {}
local shunt_domain, lookup_shunt_domain = {}, {} local shunt_domain, lookup_shunt_domain = {}, {}
local blackhole_domain, lookup_blackhole_domain = {}, {}
local file_white_host = TMP_ACL_PATH .. "/white_host" local file_white_host = TMP_ACL_PATH .. "/white_host"
local file_shunt_host = TMP_ACL_PATH .. "/shunt_host" local file_shunt_host = TMP_ACL_PATH .. "/shunt_host"
local file_blackhole_host = TMP_ACL_PATH .. "/blackhole_host"
local t = uci:get_all(appname, TCP_NODE) local t = uci:get_all(appname, TCP_NODE)
local default_node_id = t["default_node"] or "_direct" local default_node_id = t["default_node"] or "_direct"
@ -246,11 +244,7 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
end end
line = api.get_std_domain(line) line = api.get_std_domain(line)
if _node_id == "_blackhole" then if _node_id == "_direct" then
if line ~= "" and not line:find("#") then
insert_unique(blackhole_domain, line, lookup_blackhole_domain)
end
elseif _node_id == "_direct" then
if line ~= "" and not line:find("#") then if line ~= "" and not line:find("#") then
insert_unique(white_domain, line, lookup_white_domain) insert_unique(white_domain, line, lookup_white_domain)
end end
@ -268,16 +262,6 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
end end
end) end)
if is_file_nonzero(file_blackhole_host) == nil then
if #blackhole_domain > 0 then
local f_out = io.open(file_blackhole_host, "w")
for i = 1, #blackhole_domain do
f_out:write(blackhole_domain[i] .. "\n")
end
f_out:close()
end
end
if is_file_nonzero(file_white_host) == nil then if is_file_nonzero(file_white_host) == nil then
if #white_domain > 0 then if #white_domain > 0 then
local f_out = io.open(file_white_host, "w") local f_out = io.open(file_white_host, "w")
@ -298,15 +282,6 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
end end
end end
if is_file_nonzero(file_blackhole_host) then
for i, v in ipairs(config_lines) do --添加到屏蔽组一同处理
if v == "group-dnl " .. file_block_host then
config_lines[i] = "group-dnl " .. file_block_host .. "," .. file_blackhole_host
break
end
end
end
if is_file_nonzero(file_white_host) then if is_file_nonzero(file_white_host) then
for i, v in ipairs(config_lines) do --添加到白名单组一同处理 for i, v in ipairs(config_lines) do --添加到白名单组一同处理
if v == "group-dnl " .. file_direct_host then if v == "group-dnl " .. file_direct_host then

View File

@ -751,10 +751,7 @@ add_firewall_rule() {
local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil") local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil")
[ "$_node_id" != "nil" ] && { [ "$_node_id" != "nil" ] && {
[ "$_node_id" = "_default" ] && _node_id=$default_node_id [ "$_node_id" = "_default" ] && _node_id=$default_node_id
if [ "$_node_id" = "_blackhole" ]; then if [ "$_node_id" = "_direct" ]; then
config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_BLOCKLIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_BLOCKLIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
elif [ "$_node_id" = "_direct" ]; then
config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_WHITELIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}" | sed -e "s/^/add $IPSET_WHITELIST &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_WHITELIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "s/^/add $IPSET_WHITELIST6 &/g" -e "s/$/ timeout 0/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
else else

View File

@ -837,10 +837,7 @@ add_firewall_rule() {
local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil") local _node_id=$(config_n_get $TCP_NODE $shunt_id "nil")
[ "$_node_id" != "nil" ] && { [ "$_node_id" != "nil" ] && {
[ "$_node_id" = "_default" ] && _node_id=$default_node_id [ "$_node_id" = "_default" ] && _node_id=$default_node_id
if [ "$_node_id" = "_blackhole" ]; then if [ "$_node_id" = "_direct" ]; then
insert_nftset $NFTSET_BLOCKLIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
insert_nftset $NFTSET_BLOCKLIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
elif [ "$_node_id" = "_direct" ]; then
insert_nftset $NFTSET_WHITELIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") insert_nftset $NFTSET_WHITELIST "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}")
insert_nftset $NFTSET_WHITELIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") insert_nftset $NFTSET_WHITELIST6 "0" $(config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}")
else else