WindyMadman/pack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

2023.08.07 Upload

Browse Source
This commit is contained in:
WindyMadman 2023-08-07 01:26:18 +08:00
parent 910810469f
commit d407ddb1a1
394 changed files with 133562 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
luci-app-passwall/Makefile Normal file
View File

@ -0,0 +1,190 @@
# Copyright (C) 2018-2020 L-WRT Team
# Copyright (C) 2021-2023 xiaorouji
#
# This is free software, licensed under the GNU General Public License v3.
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_$(PKG_NAME)_Iptables_Transparent_Proxy \
CONFIG_PACKAGE_$(PKG_NAME)_Nftables_Transparent_Proxy \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Brook \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Client \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Server \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Client \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Server \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Simple_Obfs \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_GO \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_Plus \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_tuic_client \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Geodata \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray \
CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin
LUCI_TITLE:=LuCI support for PassWall
LUCI_PKGARCH:=all
LUCI_DEPENDS:=+coreutils +coreutils-base64 +coreutils-nohup +curl \
+lua-maxminddb +ipset +ipt2socks +iptables-mod-conntrack-extra +iptables-mod-iprange +iptables-mod-socket +iptables-mod-tproxy +kmod-ipt-nat \
+chinadns-ng +dns2socks +dns2tcp +ip-full +libuci-lua +lua +luci-compat +luci-lib-jsonc \
+microsocks +resolveip +tcping +unzip \
+PACKAGE_$(PKG_NAME)_INCLUDE_Brook:brook \
+PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy:haproxy \
+PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria:hysteria \
+PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy:naiveproxy \
+PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client:shadowsocks-libev-ss-local \
+PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client:shadowsocks-libev-ss-redir \
+PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server:shadowsocks-libev-ss-server \
+PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Client:shadowsocks-rust-sslocal \
+PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Server:shadowsocks-rust-ssserver \
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Client:shadowsocksr-libev-ssr-local \
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Client:shadowsocksr-libev-ssr-redir \
+PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Server:shadowsocksr-libev-ssr-server \
+PACKAGE_$(PKG_NAME)_INCLUDE_Simple_Obfs:simple-obfs \
+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_GO:trojan-go \
+PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_Plus:trojan-plus \
+PACKAGE_$(PKG_NAME)_INCLUDE_tuic_client:tuic-client \
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray-core \
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Geodata:v2ray-geoip \
+v2ray-geosite \
+PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin:v2ray-plugin \
+PACKAGE_$(PKG_NAME)_INCLUDE_Xray:xray-core \
+PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin:xray-plugin
define Package/$(PKG_NAME)/config
menu "Configuration"
config PACKAGE_$(PKG_NAME)_Iptables_Transparent_Proxy
bool "Iptables Transparent Proxy"
select PACKAGE_dnsmasq-full
select PACKAGE_ipset
select PACKAGE_ipt2socks
select PACKAGE_iptables
select PACKAGE_iptables-zz-legacy
select PACKAGE_iptables-mod-conntrack-extra
select PACKAGE_iptables-mod-iprange
select PACKAGE_iptables-mod-socket
select PACKAGE_iptables-mod-tproxy
select PACKAGE_kmod-ipt-nat
depends on PACKAGE_$(PKG_NAME)
default y if ! PACKAGE_firewall4
config PACKAGE_$(PKG_NAME)_Nftables_Transparent_Proxy
bool "Nftables Transparent Proxy"
select PACKAGE_dnsmasq-full
select PACKAGE_ipt2socks
select PACKAGE_nftables
select PACKAGE_kmod-nft-socket
select PACKAGE_kmod-nft-tproxy
select PACKAGE_kmod-nft-nat
depends on PACKAGE_$(PKG_NAME)
default y if PACKAGE_firewall4
config PACKAGE_$(PKG_NAME)_INCLUDE_Brook
bool "Include Brook"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_Haproxy
bool "Include Haproxy"
default y if aarch64||arm||i386||x86_64
config PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria
bool "Include Hysteria"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_NaiveProxy
bool "Include NaiveProxy"
depends on !(arc||(arm&&TARGET_gemini)||armeb||mips||mips64||powerpc)
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Client
bool "Include Shadowsocks Libev Client"
default y
config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Libev_Server
bool "Include Shadowsocks Libev Server"
default y if aarch64||arm||i386||x86_64
config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Client
bool "Include Shadowsocks Rust Client"
depends on aarch64||arm||i386||mips||mipsel||x86_64
default y if aarch64
config PACKAGE_$(PKG_NAME)_INCLUDE_Shadowsocks_Rust_Server
bool "Include Shadowsocks Rust Server"
depends on aarch64||arm||i386||mips||mipsel||x86_64
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Client
bool "Include ShadowsocksR Libev Client"
default y
config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Libev_Server
bool "Include ShadowsocksR Libev Server"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_Simple_Obfs
bool "Include Simple-Obfs (Shadowsocks Plugin)"
default y
config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_GO
bool "Include Trojan-GO"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan_Plus
bool "Include Trojan-Plus"
default y
config PACKAGE_$(PKG_NAME)_INCLUDE_tuic_client
bool "Include tuic-client"
depends on aarch64||arm||i386||x86_64
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray
bool "Include V2ray"
default n
config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Geodata
bool "Include V2ray_Geodata"
default y if aarch64||i386||x86_64
config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_Plugin
bool "Include V2ray-Plugin (Shadowsocks Plugin)"
default y if aarch64||arm||i386||x86_64
config PACKAGE_$(PKG_NAME)_INCLUDE_Xray
bool "Include Xray"
default y
config PACKAGE_$(PKG_NAME)_INCLUDE_Xray_Plugin
bool "Include Xray-Plugin (Shadowsocks Plugin)"
default n
endmenu
endef
define Package/$(PKG_NAME)/conffiles
/etc/config/passwall
/etc/config/passwall_server
/usr/share/passwall/rules/direct_host
/usr/share/passwall/rules/direct_ip
/usr/share/passwall/rules/proxy_host
/usr/share/passwall/rules/proxy_ip
/usr/share/passwall/rules/block_host
/usr/share/passwall/rules/block_ip
/usr/share/passwall/rules/lanlist_ipv4
/usr/share/passwall/rules/lanlist_ipv6
/usr/share/passwall/rules/domains_excluded
endef
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

482
luci-app-passwall/luasrc/controller/passwall.lua Normal file
View File

@ -0,0 +1,482 @@
-- Copyright (C) 2018-2020 L-WRT Team
-- Copyright (C) 2021-2023 xiaorouji
module("luci.controller.passwall", package.seeall)
local api = require "luci.passwall.api"
local appname = api.appname
local ucic = luci.model.uci.cursor()
local http = require "luci.http"
local util = require "luci.util"
local i18n = require "luci.i18n"
function index()
appname = require "luci.passwall.api".appname
entry({"admin", "services", appname}).dependent = true
entry({"admin", "services", appname, "reset_config"}, call("reset_config")).leaf = true
entry({"admin", "services", appname, "show"}, call("show_menu")).leaf = true
entry({"admin", "services", appname, "hide"}, call("hide_menu")).leaf = true
entry({"admin", "services", appname, "ip"}, call('check_ip')).leaf = true
if not nixio.fs.access("/etc/config/passwall") then return end
if nixio.fs.access("/etc/config/passwall_show") then
e = entry({"admin", "services", appname}, alias("admin", "services", appname, "settings"), _("Pass Wall"), -1)
e.dependent = true
e.acl_depends = { "luci-app-passwall" }
end
--[[ Client ]]
entry({"admin", "services", appname, "settings"}, cbi(appname .. "/client/global"), _("Basic Settings"), 1).dependent = true
entry({"admin", "services", appname, "node_list"}, cbi(appname .. "/client/node_list"), _("Node List"), 2).dependent = true
entry({"admin", "services", appname, "node_subscribe"}, cbi(appname .. "/client/node_subscribe"), _("Node Subscribe"), 3).dependent = true
entry({"admin", "services", appname, "auto_switch"}, cbi(appname .. "/client/auto_switch"), _("Auto Switch"), 4).leaf = true
entry({"admin", "services", appname, "other"}, cbi(appname .. "/client/other", {autoapply = true}), _("Other Settings"), 92).leaf = true
if nixio.fs.access("/usr/sbin/haproxy") then
entry({"admin", "services", appname, "haproxy"}, cbi(appname .. "/client/haproxy"), _("Load Balancing"), 93).leaf = true
end
entry({"admin", "services", appname, "app_update"}, cbi(appname .. "/client/app_update"), _("App Update"), 95).leaf = true
entry({"admin", "services", appname, "rule"}, cbi(appname .. "/client/rule"), _("Rule Manage"), 96).leaf = true
entry({"admin", "services", appname, "rule_list"}, cbi(appname .. "/client/rule_list"), _("Rule List"), 97).leaf = true
entry({"admin", "services", appname, "node_subscribe_config"}, cbi(appname .. "/client/node_subscribe_config")).leaf = true
entry({"admin", "services", appname, "node_config"}, cbi(appname .. "/client/node_config")).leaf = true
entry({"admin", "services", appname, "shunt_rules"}, cbi(appname .. "/client/shunt_rules")).leaf = true
entry({"admin", "services", appname, "acl"}, cbi(appname .. "/client/acl"), _("Access control"), 98).leaf = true
entry({"admin", "services", appname, "acl_config"}, cbi(appname .. "/client/acl_config")).leaf = true
entry({"admin", "services", appname, "log"}, form(appname .. "/client/log"), _("Watch Logs"), 999).leaf = true
--[[ Server ]]
entry({"admin", "services", appname, "server"}, cbi(appname .. "/server/index"), _("Server-Side"), 99).leaf = true
entry({"admin", "services", appname, "server_user"}, cbi(appname .. "/server/user")).leaf = true
--[[ API ]]
entry({"admin", "services", appname, "server_user_status"}, call("server_user_status")).leaf = true
entry({"admin", "services", appname, "server_user_log"}, call("server_user_log")).leaf = true
entry({"admin", "services", appname, "server_get_log"}, call("server_get_log")).leaf = true
entry({"admin", "services", appname, "server_clear_log"}, call("server_clear_log")).leaf = true
entry({"admin", "services", appname, "link_add_node"}, call("link_add_node")).leaf = true
entry({"admin", "services", appname, "autoswitch_add_node"}, call("autoswitch_add_node")).leaf = true
entry({"admin", "services", appname, "autoswitch_remove_node"}, call("autoswitch_remove_node")).leaf = true
entry({"admin", "services", appname, "get_now_use_node"}, call("get_now_use_node")).leaf = true
entry({"admin", "services", appname, "get_redir_log"}, call("get_redir_log")).leaf = true
entry({"admin", "services", appname, "get_log"}, call("get_log")).leaf = true
entry({"admin", "services", appname, "clear_log"}, call("clear_log")).leaf = true
entry({"admin", "services", appname, "status"}, call("status")).leaf = true
entry({"admin", "services", appname, "haproxy_status"}, call("haproxy_status")).leaf = true
entry({"admin", "services", appname, "socks_status"}, call("socks_status")).leaf = true
entry({"admin", "services", appname, "connect_status"}, call("connect_status")).leaf = true
entry({"admin", "services", appname, "ping_node"}, call("ping_node")).leaf = true
entry({"admin", "services", appname, "urltest_node"}, call("urltest_node")).leaf = true
entry({"admin", "services", appname, "set_node"}, call("set_node")).leaf = true
entry({"admin", "services", appname, "copy_node"}, call("copy_node")).leaf = true
entry({"admin", "services", appname, "clear_all_nodes"}, call("clear_all_nodes")).leaf = true
entry({"admin", "services", appname, "delete_select_nodes"}, call("delete_select_nodes")).leaf = true
entry({"admin", "services", appname, "update_rules"}, call("update_rules")).leaf = true
--[[Components update]]
entry({"admin", "services", appname, "check_passwall"}, call("app_check")).leaf = true
local coms = require "luci.passwall.com"
local com
for com, _ in pairs(coms) do
entry({"admin", "services", appname, "check_" .. com}, call("com_check", com)).leaf = true
entry({"admin", "services", appname, "update_" .. com}, call("com_update", com)).leaf = true
end
end
local function http_write_json(content)
http.prepare_content("application/json")
http.write_json(content or {code = 1})
end
function reset_config()
luci.sys.call('/etc/init.d/passwall stop')
luci.sys.call('[ -f "/usr/share/passwall/0_default_config" ] && cp -f /usr/share/passwall/0_default_config /etc/config/passwall')
luci.http.redirect(api.url())
end
function show_menu()
luci.sys.call("touch /etc/config/passwall_show")
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(api.url())
end
function hide_menu()
luci.sys.call("rm -rf /etc/config/passwall_show")
luci.sys.call("rm -rf /tmp/luci-*")
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
end
function link_add_node()
local lfile = "/tmp/links.conf"
local link = luci.http.formvalue("link")
luci.sys.call('echo \'' .. link .. '\' > ' .. lfile)
luci.sys.call("lua /usr/share/passwall/subscribe.lua add log")
end
function autoswitch_add_node()
local key = luci.http.formvalue("key")
if key and key ~= "" then
local new_list = ucic:get(appname, "@auto_switch[0]", "tcp_node") or {}
for i = #new_list, 1, -1 do
if (ucic:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
for k, e in ipairs(api.get_valid_nodes()) do
if e.node_type == "normal" and e["remark"]:find(key) then
table.insert(new_list, e.id)
end
end
ucic:set_list(appname, "@auto_switch[0]", "tcp_node", new_list)
ucic:commit(appname)
end
luci.http.redirect(api.url("auto_switch"))
end
function autoswitch_remove_node()
local key = luci.http.formvalue("key")
if key and key ~= "" then
local new_list = ucic:get(appname, "@auto_switch[0]", "tcp_node") or {}
for i = #new_list, 1, -1 do
if (ucic:get(appname, new_list[i], "remarks") or ""):find(key) then
table.remove(new_list, i)
end
end
ucic:set_list(appname, "@auto_switch[0]", "tcp_node", new_list)
ucic:commit(appname)
end
luci.http.redirect(api.url("auto_switch"))
end
function get_now_use_node()
local e = {}
local data, code, msg = nixio.fs.readfile("/tmp/etc/passwall/id/TCP")
if data then
e["TCP"] = util.trim(data)
end
local data, code, msg = nixio.fs.readfile("/tmp/etc/passwall/id/UDP")
if data then
e["UDP"] = util.trim(data)
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function get_redir_log()
local proto = luci.http.formvalue("proto")
proto = proto:upper()
if proto == "UDP" and (ucic:get(appname, "@global[0]", "udp_node") or "nil") == "tcp" and not nixio.fs.access("/tmp/etc/passwall/" .. proto .. ".log") then
proto = "TCP"
end
if nixio.fs.access("/tmp/etc/passwall/" .. proto .. ".log") then
local content = luci.sys.exec("cat /tmp/etc/passwall/" .. proto .. ".log")
content = content:gsub("\n", "<br />")
luci.http.write(content)
else
luci.http.write(string.format("<script>alert('%s');window.close();</script>", i18n.translate("Not enabled log")))
end
end
function get_log()
-- luci.sys.exec("[ -f /tmp/log/passwall.log ] && sed '1!G;h;$!d' /tmp/log/passwall.log > /tmp/log/passwall_show.log")
luci.http.write(luci.sys.exec("[ -f '/tmp/log/passwall.log' ] && cat /tmp/log/passwall.log"))
end
function clear_log()
luci.sys.call("echo '' > /tmp/log/passwall.log")
end
function status()
-- local dns_mode = ucic:get(appname, "@global[0]", "dns_mode")
local e = {}
e.dns_mode_status = luci.sys.call("netstat -apn | grep ':15353 ' >/dev/null") == 0
e.haproxy_status = luci.sys.call(string.format("top -bn1 | grep -v grep | grep '%s/bin/' | grep haproxy >/dev/null", appname)) == 0
e["tcp_node_status"] = luci.sys.call(string.format("top -bn1 | grep -v -E 'grep|acl/|acl_' | grep '%s/bin/' | grep -i 'TCP' >/dev/null", appname)) == 0
if (ucic:get(appname, "@global[0]", "udp_node") or "nil") == "tcp" then
e["udp_node_status"] = e["tcp_node_status"]
else
e["udp_node_status"] = luci.sys.call(string.format("top -bn1 | grep -v -E 'grep|acl/|acl_' | grep '%s/bin/' | grep -i 'UDP' >/dev/null", appname)) == 0
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function get_iso(ip)
local mm = require 'maxminddb'
local db = mm.open('/usr/share/passwall/GeoLite2-Country.mmdb')
local res = db:lookup(ip)
return string.lower(res:get('country', 'iso_code'))
end
function get_cname(ip)
local mm = require 'maxminddb'
local db = mm.open('/usr/share/passwall/GeoLite2-Country.mmdb')
local res = db:lookup(ip)
return string.lower(res:get('country', 'names', 'zh-CN'))
end
function check_site(host, port)
local nixio = require "nixio"
local socket = nixio.socket("inet", "stream")
socket:setopt("socket", "rcvtimeo", 2)
socket:setopt("socket", "sndtimeo", 2)
local ret = socket:connect(host, port)
socket:close()
return ret
end
-- 获取当前代理状态 与节点ip
function check_ip()
local e = {}
local d = {}
local port = 80
local ip = luci.sys.exec('curl --retry 3 -m 10 -LfsA "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36" http://api.ipify.org/')
d.flag = 'un'
d.country = 'Unknown'
if (ip ~= '') then
local status, code = pcall(get_iso, ip)
if (status) then
d.flag = code
end
local status1, country = pcall(get_cname, ip)
if (status1) then
d.country = country
end
end
e.outboard = ip
e.outboardip = d
e.baidu = check_site('www.baidu.com', port)
e.taobao = check_site('www.taobao.com', port)
e.google = check_site('www.google.com', port)
e.youtube = check_site('www.youtube.com', port)
luci.http.prepare_content('application/json')
luci.http.write_json(e)
end
function haproxy_status()
local e = luci.sys.call(string.format("top -bn1 | grep -v grep | grep '%s/bin/' | grep haproxy >/dev/null", appname)) == 0
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function socks_status()
local e = {}
local index = luci.http.formvalue("index")
local id = luci.http.formvalue("id")
e.index = index
e.socks_status = luci.sys.call(string.format("top -bn1 | grep -v -E 'grep|acl/|acl_' | grep '%s/bin/' | grep '%s' | grep 'SOCKS_' > /dev/null", appname, id)) == 0
local use_http = ucic:get(appname, id, "http_port") or 0
e.use_http = 0
if tonumber(use_http) > 0 then
e.use_http = 1
e.http_status = luci.sys.call(string.format("top -bn1 | grep -v -E 'grep|acl/|acl_' | grep '%s/bin/' | grep '%s' | grep -E 'HTTP_|HTTP2SOCKS' > /dev/null", appname, id)) == 0
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function connect_status()
local e = {}
e.use_time = ""
local url = luci.http.formvalue("url")
local result = luci.sys.exec('curl --connect-timeout 3 -o /dev/null -I -sk -w "%{http_code}:%{time_starttransfer}" ' .. url)
local code = tonumber(luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $1}'") or "0")
if code ~= 0 then
local use_time = luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $2}'")
if use_time:find("%.") then
e.use_time = string.format("%.2f", use_time * 1000)
else
e.use_time = string.format("%.2f", use_time / 1000)
end
e.ping_type = "curl"
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function ping_node()
local index = luci.http.formvalue("index")
local address = luci.http.formvalue("address")
local port = luci.http.formvalue("port")
local e = {}
e.index = index
local nodes_ping = ucic:get(appname, "@global_other[0]", "nodes_ping") or ""
if nodes_ping:find("tcping") and luci.sys.exec("echo -n $(command -v tcping)") ~= "" then
if api.is_ipv6(address) then
address = api.get_ipv6_only(address)
end
e.ping = luci.sys.exec(string.format("echo -n $(tcping -q -c 1 -i 1 -t 2 -p %s %s 2>&1 | grep -o 'time=[0-9]*' | awk -F '=' '{print $2}') 2>/dev/null", port, address))
end
if e.ping == nil or tonumber(e.ping) == 0 then
e.ping = luci.sys.exec("echo -n $(ping -c 1 -W 1 %q 2>&1 | grep -o 'time=[0-9]*' | awk -F '=' '{print $2}') 2>/dev/null" % address)
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function urltest_node()
local index = luci.http.formvalue("index")
local id = luci.http.formvalue("id")
local e = {}
e.index = index
local result = luci.sys.exec(string.format("/usr/share/passwall/test.sh url_test_node %s %s", id, "urltest_node"))
local code = tonumber(luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $1}'") or "0")
if code ~= 0 then
local use_time = luci.sys.exec("echo -n '" .. result .. "' | awk -F ':' '{print $2}'")
if use_time:find("%.") then
e.use_time = string.format("%.2f", use_time * 1000)
else
e.use_time = string.format("%.2f", use_time / 1000)
end
end
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
function set_node()
local protocol = luci.http.formvalue("protocol")
local section = luci.http.formvalue("section")
ucic:set(appname, "@global[0]", protocol .. "_node", section)
ucic:commit(appname)
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
function copy_node()
local section = luci.http.formvalue("section")
local uuid = api.gen_short_uuid()
ucic:section(appname, "nodes", uuid)
for k, v in pairs(ucic:get_all(appname, section)) do
local filter = k:find("%.")
if filter and filter == 1 then
else
xpcall(function()
ucic:set(appname, uuid, k, v)
end,
function(e)
end)
end
end
ucic:delete(appname, uuid, "add_from")
ucic:set(appname, uuid, "add_mode", 1)
ucic:commit(appname)
luci.http.redirect(api.url("node_config", uuid))
end
function clear_all_nodes()
ucic:set(appname, '@global[0]', "enabled", "0")
ucic:set(appname, '@global[0]', "tcp_node", "nil")
ucic:set(appname, '@global[0]', "udp_node", "nil")
ucic:set_list(appname, "@auto_switch[0]", "tcp_node", {})
ucic:foreach(appname, "socks", function(t)
ucic:delete(appname, t[".name"])
end)
ucic:foreach(appname, "haproxy_config", function(t)
ucic:delete(appname, t[".name"])
end)
ucic:foreach(appname, "acl_rule", function(t)
ucic:set(appname, t[".name"], "tcp_node", "default")
ucic:set(appname, t[".name"], "udp_node", "default")
end)
ucic:foreach(appname, "nodes", function(node)
ucic:delete(appname, node['.name'])
end)
ucic:commit(appname)
luci.sys.call("/etc/init.d/" .. appname .. " stop")
end
function delete_select_nodes()
local ids = luci.http.formvalue("ids")
local auto_switch_tcp_node_list = ucic:get(appname, "@auto_switch[0]", "tcp_node") or {}
string.gsub(ids, '[^' .. "," .. ']+', function(w)
for i = #auto_switch_tcp_node_list, 1, -1 do
if w == auto_switch_tcp_node_list[i] then
table.remove(auto_switch_tcp_node_list, i)
end
end
ucic:set_list(appname, "@auto_switch[0]", "tcp_node", auto_switch_tcp_node_list)
if (ucic:get(appname, "@global[0]", "tcp_node") or "nil") == w then
ucic:set(appname, '@global[0]', "tcp_node", "nil")
end
if (ucic:get(appname, "@global[0]", "udp_node") or "nil") == w then
ucic:set(appname, '@global[0]', "udp_node", "nil")
end
ucic:foreach(appname, "socks", function(t)
if t["node"] == w then
ucic:delete(appname, t[".name"])
end
end)
ucic:foreach(appname, "haproxy_config", function(t)
if t["lbss"] == w then
ucic:delete(appname, t[".name"])
end
end)
ucic:foreach(appname, "acl_rule", function(t)
if t["tcp_node"] == w then
ucic:set(appname, t[".name"], "tcp_node", "default")
end
if t["udp_node"] == w then
ucic:set(appname, t[".name"], "udp_node", "default")
end
end)
ucic:delete(appname, w)
end)
ucic:commit(appname)
luci.sys.call("/etc/init.d/" .. appname .. " restart > /dev/null 2>&1 &")
end
function update_rules()
local update = luci.http.formvalue("update")
luci.sys.call("lua /usr/share/passwall/rule_update.lua log '" .. update .. "' > /dev/null 2>&1 &")
http_write_json()
end
function server_user_status()
local e = {}
e.index = luci.http.formvalue("index")
e.status = luci.sys.call(string.format("top -bn1 | grep -v 'grep' | grep '%s/bin/' | grep -i '%s' >/dev/null", appname .. "_server", luci.http.formvalue("id"))) == 0
http_write_json(e)
end
function server_user_log()
local id = luci.http.formvalue("id")
if nixio.fs.access("/tmp/etc/passwall_server/" .. id .. ".log") then
local content = luci.sys.exec("cat /tmp/etc/passwall_server/" .. id .. ".log")
content = content:gsub("\n", "<br />")
luci.http.write(content)
else
luci.http.write(string.format("<script>alert('%s');window.close();</script>", i18n.translate("Not enabled log")))
end
end
function server_get_log()
luci.http.write(luci.sys.exec("[ -f '/tmp/log/passwall_server.log' ] && cat /tmp/log/passwall_server.log"))
end
function server_clear_log()
luci.sys.call("echo '' > /tmp/log/passwall_server.log")
end
function app_check()
local json = api.to_check_self()
http_write_json(json)
end
function com_check(comname)
local json = api.to_check("",comname)
http_write_json(json)
end
function com_update(comname)
local json = nil
local task = http.formvalue("task")
if task == "extract" then
json = api.to_extract(comname, http.formvalue("file"), http.formvalue("subfix"))
elseif task == "move" then
json = api.to_move(comname, http.formvalue("file"))
else
json = api.to_download(comname, http.formvalue("url"), http.formvalue("size"))
end
http_write_json(json)
end

130
luci-app-passwall/luasrc/model/cbi/passwall/client/acl.lua Normal file
View File

@ -0,0 +1,130 @@
local api = require "luci.passwall.api"
local appname = api.appname
local sys = api.sys
local has_chnlist = api.fs.access("/usr/share/passwall/rules/chnlist")
m = Map(appname)
s = m:section(TypedSection, "global", translate("ACLs"), "<font color='red'>" .. translate("ACLs is a tools which used to designate specific IP proxy mode.") .. "</font>")
s.anonymous = true
o = s:option(Flag, "acl_enable", translate("Main switch"))
o.rmempty = false
o.default = false
local global_proxy_mode = (m:get("@global[0]", "tcp_proxy_mode") or "") .. (m:get("@global[0]", "udp_proxy_mode") or "")
-- [[ ACLs Settings ]]--
s = m:section(TypedSection, "acl_rule")
s.template = "cbi/tblsection"
s.sortable = true
s.anonymous = true
s.addremove = true
s.extedit = api.url("acl_config", "%s")
function s.create(e, t)
t = TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
function s.remove(e, t)
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_" .. t .. "*")
TypedSection.remove(e, t)
end
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))
o.default = 1
o.rmempty = false
---- Remarks
o = s:option(Value, "remarks", translate("Remarks"))
o.rmempty = true
local mac_t = {}
sys.net.mac_hints(function(e, t)
mac_t[e] = {
ip = t,
mac = e
}
end)
o = s:option(DummyValue, "sources", translate("Source"))
o.rawhtml = true
o.cfgvalue = function(t, n)
local e = ''
local v = Value.cfgvalue(t, n) or ''
string.gsub(v, '[^' .. " " .. ']+', function(w)
local a = w
if mac_t[w] then
a = a .. ' (' .. mac_t[w].ip .. ')'
end
if #e > 0 then
e = e .. "<br />"
end
e = e .. a
end)
return e
end
---- TCP Proxy Mode
tcp_proxy_mode = s:option(ListValue, "tcp_proxy_mode", "TCP " .. translate("Proxy Mode"))
tcp_proxy_mode.default = "default"
tcp_proxy_mode.rmempty = false
tcp_proxy_mode:value("default", translate("Default"))
tcp_proxy_mode:value("disable", translate("No Proxy"))
tcp_proxy_mode:value("global", translate("Global Proxy"))
if has_chnlist and global_proxy_mode:find("returnhome") then
tcp_proxy_mode:value("returnhome", translate("China List"))
else
tcp_proxy_mode:value("gfwlist", translate("GFW List"))
tcp_proxy_mode:value("chnroute", translate("Not China List"))
end
tcp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
---- UDP Proxy Mode
udp_proxy_mode = s:option(ListValue, "udp_proxy_mode", "UDP " .. translate("Proxy Mode"))
udp_proxy_mode.default = "default"
udp_proxy_mode.rmempty = false
udp_proxy_mode:value("default", translate("Default"))
udp_proxy_mode:value("disable", translate("No Proxy"))
udp_proxy_mode:value("global", translate("Global Proxy"))
if has_chnlist and global_proxy_mode:find("returnhome") then
udp_proxy_mode:value("returnhome", translate("China List"))
else
udp_proxy_mode:value("gfwlist", translate("GFW List"))
udp_proxy_mode:value("chnroute", translate("Not China List"))
end
udp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
--[[
---- TCP No Redir Ports
o = s:option(Value, "tcp_no_redir_ports", translate("TCP No Redir Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
---- UDP No Redir Ports
o = s:option(Value, "udp_no_redir_ports", translate("UDP No Redir Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
---- TCP Redir Ports
o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports"))
o.default = "default"
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
o:value("80,443", "80,443")
o:value("80:65535", "80 " .. translate("or more"))
o:value("1:443", "443 " .. translate("or less"))
---- UDP Redir Ports
o = s:option(Value, "udp_redir_ports", translate("UDP Redir Ports"))
o.default = "default"
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
o:value("53", "53")
]]--
return m

329
luci-app-passwall/luasrc/model/cbi/passwall/client/acl_config.lua Normal file
View File

@ -0,0 +1,329 @@
local api = require "luci.passwall.api"
local appname = api.appname
local sys = api.sys
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
local has_chnlist = api.fs.access("/usr/share/passwall/rules/chnlist")
m = Map(appname)
local nodes_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
nodes_table[#nodes_table + 1] = e
end
local global_proxy_mode = (m:get("@global[0]", "tcp_proxy_mode") or "") .. (m:get("@global[0]", "udp_proxy_mode") or "")
local dynamicList_write = function(self, section, value)
local t = {}
local t2 = {}
if type(value) == "table" then
local x
for _, x in ipairs(value) do
if x and #x > 0 then
if not t2[x] then
t2[x] = x
t[#t+1] = x
end
end
end
else
t = { value }
end
t = table.concat(t, " ")
return DynamicList.write(self, section, t)
end
-- [[ ACLs Settings ]]--
s = m:section(NamedSection, arg[1], translate("ACLs"), translate("ACLs"))
s.addremove = false
s.dynamic = false
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))
o.default = 1
o.rmempty = false
---- Remarks
o = s:option(Value, "remarks", translate("Remarks"))
o.default = arg[1]
o.rmempty = true
local mac_t = {}
sys.net.mac_hints(function(e, t)
mac_t[#mac_t + 1] = {
ip = t,
mac = e
}
end)
table.sort(mac_t, function(a,b)
if #a.ip < #b.ip then
return true
elseif #a.ip == #b.ip then
if a.ip < b.ip then
return true
else
return #a.ip < #b.ip
end
end
return false
end)
---- Source
sources = s:option(DynamicList, "sources", translate("Source"))
sources.description = "<ul><li>" .. translate("Example:")
.. "</li><li>" .. translate("MAC") .. ": 00:00:00:FF:FF:FF"
.. "</li><li>" .. translate("IP") .. ": 192.168.1.100"
.. "</li><li>" .. translate("IP CIDR") .. ": 192.168.1.0/24"
.. "</li><li>" .. translate("IP range") .. ": 192.168.1.100-192.168.1.200"
.. "</li><li>" .. translate("IPSet") .. ": ipset:lanlist"
.. "</li></ul>"
sources.cast = "string"
for _, key in pairs(mac_t) do
sources:value(key.mac, "%s (%s)" % {key.mac, key.ip})
end
sources.cfgvalue = function(self, section)
local value
if self.tag_error[section] then
value = self:formvalue(section)
else
value = self.map:get(section, self.option)
if type(value) == "string" then
local value2 = {}
string.gsub(value, '[^' .. " " .. ']+', function(w) table.insert(value2, w) end)
value = value2
end
end
return value
end
sources.validate = function(self, value, t)
local err = {}
for _, v in ipairs(value) do
local flag = false
if v:find("ipset:") and v:find("ipset:") == 1 then
local ipset = v:gsub("ipset:", "")
if ipset and ipset ~= "" then
flag = true
end
end
if flag == false and datatypes.macaddr(v) then
flag = true
end
if flag == false and datatypes.ip4addr(v) then
flag = true
end
if flag == false and api.iprange(v) then
flag = true
end
if flag == false then
err[#err + 1] = v
end
end
if #err > 0 then
self:add_error(t, "invalid", translate("Not true format, please re-enter!"))
for _, v in ipairs(err) do
self:add_error(t, "invalid", v)
end
end
return value
end
sources.write = dynamicList_write
---- TCP No Redir Ports
o = s:option(Value, "tcp_no_redir_ports", translate("TCP No Redir Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
---- UDP No Redir Ports
o = s:option(Value, "udp_no_redir_ports", translate("UDP No Redir Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
---- TCP Proxy Drop Ports
o = s:option(Value, "tcp_proxy_drop_ports", translate("TCP Proxy Drop Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
---- UDP Proxy Drop Ports
o = s:option(Value, "udp_proxy_drop_ports", translate("UDP Proxy Drop Ports"))
o.default = "default"
o:value("disable", translate("No patterns are used"))
o:value("default", translate("Default"))
o:value("80,443", translate("QUIC"))
---- TCP Redir Ports
o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports"))
o.default = "default"
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
o:value("80,443", "80,443")
o:value("80:65535", "80 " .. translate("or more"))
o:value("1:443", "443 " .. translate("or less"))
---- UDP Redir Ports
o = s:option(Value, "udp_redir_ports", translate("UDP Redir Ports"))
o.default = "default"
o:value("default", translate("Default"))
o:value("1:65535", translate("All"))
o:value("53", "53")
---- TCP Proxy Mode
tcp_proxy_mode = s:option(ListValue, "tcp_proxy_mode", "TCP " .. translate("Proxy Mode"))
tcp_proxy_mode.default = "default"
tcp_proxy_mode.rmempty = false
tcp_proxy_mode:value("default", translate("Default"))
tcp_proxy_mode:value("disable", translate("No Proxy"))
tcp_proxy_mode:value("global", translate("Global Proxy"))
if has_chnlist and global_proxy_mode:find("returnhome") then
tcp_proxy_mode:value("returnhome", translate("China List"))
else
tcp_proxy_mode:value("gfwlist", translate("GFW List"))
tcp_proxy_mode:value("chnroute", translate("Not China List"))
end
tcp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
---- UDP Proxy Mode
udp_proxy_mode = s:option(ListValue, "udp_proxy_mode", "UDP " .. translate("Proxy Mode"))
udp_proxy_mode.default = "default"
udp_proxy_mode.rmempty = false
udp_proxy_mode:value("default", translate("Default"))
udp_proxy_mode:value("disable", translate("No Proxy"))
udp_proxy_mode:value("global", translate("Global Proxy"))
if has_chnlist and global_proxy_mode:find("returnhome") then
udp_proxy_mode:value("returnhome", translate("China List"))
else
udp_proxy_mode:value("gfwlist", translate("GFW List"))
udp_proxy_mode:value("chnroute", translate("Not China List"))
end
udp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
tcp_node = s:option(ListValue, "tcp_node", "<a style='color: red'>" .. translate("TCP Node") .. "</a>")
tcp_node.default = "default"
tcp_node:value("default", translate("Default"))
udp_node = s:option(ListValue, "udp_node", "<a style='color: red'>" .. translate("UDP Node") .. "</a>")
udp_node.default = "default"
udp_node:value("default", translate("Default"))
udp_node:value("tcp", translate("Same as the tcp node"))
for k, v in pairs(nodes_table) do
tcp_node:value(v.id, v["remark"])
udp_node:value(v.id, v["remark"])
end
o = s:option(Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
o.default = "0"
o:depends({ tcp_node = "default", ['!reverse'] = true })
---- DNS Forward Mode
o = s:option(ListValue, "dns_mode", translate("Filter Mode"))
o:depends({ tcp_node = "default", ['!reverse'] = true })
if api.is_finded("dns2socks") then
o:value("dns2socks", "dns2socks")
end
if has_xray then
o:value("xray", "Xray")
end
o = s:option(ListValue, "v2ray_dns_mode", " ")
o:value("tcp", "TCP")
o:value("doh", "DoH")
o:depends("dns_mode", "xray")
---- DNS Forward
o = s:option(Value, "remote_dns", translate("Remote DNS"))
o.default = "1.1.1.1"
o:value("1.1.1.1", "1.1.1.1 (CloudFlare)")
o:value("1.1.1.2", "1.1.1.2 (CloudFlare-Security)")
o:value("8.8.4.4", "8.8.4.4 (Google)")
o:value("8.8.8.8", "8.8.8.8 (Google)")
o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
o:value("208.67.220.220", "208.67.220.220 (OpenDNS)")
o:value("208.67.222.222", "208.67.222.222 (OpenDNS)")
o:depends("dns_mode", "dns2socks")
o:depends("v2ray_dns_mode", "tcp")
if has_v2ray or has_xray then
o = s:option(Value, "remote_dns_doh", translate("Remote DNS DoH"))
o:value("https://1.1.1.1/dns-query", "CloudFlare")
o:value("https://1.1.1.2/dns-query", "CloudFlare-Security")
o:value("https://8.8.4.4/dns-query", "Google 8844")
o:value("https://8.8.8.8/dns-query", "Google 8888")
o:value("https://9.9.9.9/dns-query", "Quad9-Recommended")
o:value("https://208.67.222.222/dns-query", "OpenDNS")
o:value("https://dns.adguard.com/dns-query,176.103.130.130", "AdGuard")
o:value("https://doh.libredns.gr/dns-query,116.202.176.26", "LibreDNS")
o:value("https://doh.libredns.gr/ads,116.202.176.26", "LibreDNS (No Ads)")
o.default = "https://1.1.1.1/dns-query"
o.validate = function(self, value, t)
if value ~= "" then
value = api.trim(value)
local flag = 0
local util = require "luci.util"
local val = util.split(value, ",")
local url = val[1]
val[1] = nil
for i = 1, #val do
local v = val[i]
if v then
if not api.datatypes.ipmask4(v) then
flag = 1
end
end
end
if flag == 0 then
return value
end
end
return nil, translate("DoH request address") .. " " .. translate("Format must be:") .. " URL,IP"
end
o:depends("v2ray_dns_mode", "doh")
end
o = s:option(Value, "dns_client_ip", translate("EDNS Client Subnet"))
o.datatype = "ipaddr"
o:depends("v2ray_dns_mode", "doh")
if api.is_finded("chinadns-ng") then
o = s:option(Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
o.default = "0"
o:depends({ tcp_proxy_mode = "gfwlist", dns_mode = "dns2socks"})
o:depends({ tcp_proxy_mode = "gfwlist", dns_mode = "xray"})
o:depends({ tcp_proxy_mode = "chnroute", dns_mode = "dns2socks"})
o:depends({ tcp_proxy_mode = "chnroute", dns_mode = "xray"})
end
if has_chnlist then
when_chnroute_default_dns = s:option(ListValue, "when_chnroute_default_dns", translate("When using the chnroute list the default DNS"))
when_chnroute_default_dns.default = "direct"
when_chnroute_default_dns:value("remote", translate("Remote DNS"))
when_chnroute_default_dns:value("direct", translate("Direct DNS"))
when_chnroute_default_dns.description = "<ul>"
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
.. "</ul>"
local _depends = {
{ dns_mode = "dns2socks" },
{ dns_mode = "xray" }
}
for i, d in ipairs(_depends) do
d["tcp_proxy_mode"] = "chnroute"
if api.is_finded("chinadns-ng") then
d["chinadns_ng"] = false
end
when_chnroute_default_dns:depends(d)
end
end
return m

28
luci-app-passwall/luasrc/model/cbi/passwall/client/app_update.lua Normal file
View File

@ -0,0 +1,28 @@
local api = require "luci.passwall.api"
local appname = api.appname
m = Map(appname)
-- [[ App Settings ]]--
s = m:section(TypedSection, "global_app", translate("App Update"),
"<font color='red'>" ..
translate("Please confirm that your firmware supports FPU.") ..
"</font>")
s.anonymous = true
s:append(Template(appname .. "/app_update/app_version"))
local k, v
local com = require "luci.passwall.com"
for k, v in pairs(com) do
o = s:option(Value, k:gsub("%-","_") .. "_file", translatef("%s App Path", v.name))
o.default = v.default_path or ("/usr/bin/" .. k)
o.rmempty = false
end
o = s:option(DummyValue, "tips", " ")
o.rawhtml = true
o.cfgvalue = function(t, n)
return string.format('<font color="red">%s</font>', translate("if you want to run from memory, change the path, /tmp beginning then save the application and update it manually."))
end
return m

66
luci-app-passwall/luasrc/model/cbi/passwall/client/auto_switch.lua Normal file
View File

@ -0,0 +1,66 @@
local api = require "luci.passwall.api"
local appname = api.appname
local nodes_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
nodes_table[#nodes_table + 1] = e
end
m = Map(appname)
-- [[ Auto Switch Settings ]]--
s = m:section(TypedSection, "auto_switch")
s.anonymous = true
---- Enable
o = s:option(Flag, "enable", translate("Enable"))
o.default = 0
o.rmempty = false
o = s:option(Value, "testing_time", translate("How often to test"), translate("Units:minutes"))
o.datatype = "uinteger"
o.default = 1
o = s:option(Value, "connect_timeout", translate("Timeout seconds"), translate("Units:seconds"))
o.datatype = "uinteger"
o.default = 3
o = s:option(Value, "retry_num", translate("Timeout retry num"))
o.datatype = "uinteger"
o.default = 3
o = s:option(DynamicList, "tcp_node", "TCP " .. translate("List of backup nodes"))
for k, v in pairs(nodes_table) do
if v.node_type == "normal" then
o:value(v.id, v["remark"])
end
end
function o.write(self, section, value)
local t = {}
local t2 = {}
if type(value) == "table" then
local x
for _, x in ipairs(value) do
if x and #x > 0 then
if not t2[x] then
t2[x] = x
t[#t+1] = x
end
end
end
else
t = { value }
end
return DynamicList.write(self, section, t)
end
o = s:option(Flag, "restore_switch", "TCP " .. translate("Restore Switch"), translate("When detects main node is available, switch back to the main node."))
o = s:option(ListValue, "shunt_logic", "TCP " .. translate("If the main node is V2ray/Xray shunt"))
o:value("0", translate("Switch it"))
o:value("1", translate("Applying to the default node"))
o:value("2", translate("Applying to the preproxy node"))
m:append(Template(appname .. "/auto_switch/footer"))
return m

565
luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua Normal file
View File

@ -0,0 +1,565 @@
local api = require "luci.passwall.api"
local appname = api.appname
local uci = api.uci
local datatypes = api.datatypes
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
local has_chnlist = api.fs.access("/usr/share/passwall/rules/chnlist")
m = Map(appname)
local nodes_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
nodes_table[#nodes_table + 1] = e
end
local tcp_socks_server = "127.0.0.1" .. ":" .. (uci:get(appname, "@global[0]", "tcp_node_socks_port") or "1070")
local socks_table = {}
socks_table[#socks_table + 1] = {
id = tcp_socks_server,
remarks = tcp_socks_server .. " - " .. translate("TCP Node")
}
uci:foreach(appname, "socks", function(s)
if s.enabled == "1" and s.node then
local id, remarks
for k, n in pairs(nodes_table) do
if (s.node == n.id) then
remarks = n["remark"]; break
end
end
id = "127.0.0.1" .. ":" .. s.port
socks_table[#socks_table + 1] = {
id = id,
remarks = id .. " - " .. (remarks or translate("Misconfigured"))
}
end
end)
local doh_validate = function(self, value, t)
if value ~= "" then
value = api.trim(value)
local flag = 0
local util = require "luci.util"
local val = util.split(value, ",")
local url = val[1]
val[1] = nil
for i = 1, #val do
local v = val[i]
if v then
if not datatypes.ipmask4(v) then
flag = 1
end
end
end
if flag == 0 then
return value
end
end
return nil, translate("DoH request address") .. " " .. translate("Format must be:") .. " URL,IP"
end
local redir_mode_validate = function(self, value, t)
local tcp_proxy_mode_v = tcp_proxy_mode:formvalue(t) or ""
local udp_proxy_mode_v = udp_proxy_mode:formvalue(t) or ""
local localhost_tcp_proxy_mode_v = localhost_tcp_proxy_mode:formvalue(t) or ""
local localhost_udp_proxy_mode_v = localhost_udp_proxy_mode:formvalue(t) or ""
local s = tcp_proxy_mode_v .. udp_proxy_mode_v .. localhost_tcp_proxy_mode_v .. localhost_udp_proxy_mode_v
if s:find("returnhome") then
if s:find("chnroute") or s:find("gfwlist") then
return nil, translate("China list or gfwlist cannot be used together with outside China list!")
end
end
return value
end
m:append(Template(appname .. "/global/status"))
s = m:section(TypedSection, "global")
s.anonymous = true
s.addremove = false
s:tab("Main", translate("Main"))
-- [[ Global Settings ]]--
o = s:taboption("Main", Flag, "enabled", translate("Main switch"))
o.rmempty = false
local auto_switch_tip
local shunt_remark
local current_tcp_node = luci.sys.exec(string.format("[ -f '/tmp/etc/%s/id/TCP' ] && echo -n $(cat /tmp/etc/%s/id/TCP)", appname, appname))
if current_tcp_node and current_tcp_node ~= "" and current_tcp_node ~= "nil" then
local n = uci:get_all(appname, current_tcp_node)
if n then
if tonumber(m:get("@auto_switch[0]", "enable") or 0) == 1 then
if n.protocol == "_shunt" then
local shunt_logic = tonumber(m:get("@auto_switch[0]", "shunt_logic"))
if shunt_logic == 1 or shunt_logic == 2 then
if shunt_logic == 1 then
shunt_remark = "default"
elseif shunt_logic == 2 then
shunt_remark = "main"
end
current_tcp_node = luci.sys.exec(string.format("[ -f '/tmp/etc/%s/id/TCP_%s' ] && echo -n $(cat /tmp/etc/%s/id/TCP_%s)", appname, shunt_remark, appname, shunt_remark))
if current_tcp_node and current_tcp_node ~= "" and current_tcp_node ~= "nil" then
n = uci:get_all(appname, current_tcp_node)
end
end
end
if n then
local remarks = api.get_node_remarks(n)
local url = api.url("node_config", n[".name"])
auto_switch_tip = translatef("Current node: %s", string.format('<a href="%s">%s</a>', url, remarks)) .. "<br />"
end
end
end
end
---- TCP Node
tcp_node = s:taboption("Main", ListValue, "tcp_node", "<a style='color: red'>" .. translate("TCP Node") .. "</a>")
tcp_node:value("nil", translate("Close"))
if not shunt_remark and auto_switch_tip then
tcp_node.description = auto_switch_tip
end
---- UDP Node
udp_node = s:taboption("Main", ListValue, "udp_node", "<a style='color: red'>" .. translate("UDP Node") .. "</a>")
udp_node:value("nil", translate("Close"))
udp_node:value("tcp", translate("Same as the tcp node"))
-- 分流
if (has_v2ray or has_xray) and #nodes_table > 0 then
local normal_list = {}
local balancing_list = {}
local shunt_list = {}
for k, v in pairs(nodes_table) do
if v.node_type == "normal" then
normal_list[#normal_list + 1] = v
end
if v.protocol and v.protocol == "_balancing" then
balancing_list[#balancing_list + 1] = v
end
if v.protocol and v.protocol == "_shunt" then
shunt_list[#shunt_list + 1] = v
end
end
local function get_cfgvalue(shunt_node_id, option)
return function(self, section)
return m:get(shunt_node_id, option) or "nil"
end
end
local function get_write(shunt_node_id, option)
return function(self, section, value)
m:set(shunt_node_id, option, value)
end
end
if #normal_list > 0 then
for k, v in pairs(shunt_list) do
local vid = v.id
-- shunt node type, V2ray or Xray
local type = s:taboption("Main", ListValue, vid .. "-type", translate("Type"))
if has_v2ray then
type:value("V2ray", translate("V2ray"))
end
if has_xray then
type:value("Xray", translate("Xray"))
end
type.cfgvalue = get_cfgvalue(v.id, "type")
type.write = get_write(v.id, "type")
-- pre-proxy
o = s:taboption("Main", Flag, vid .. "-preproxy_enabled", translate("Preproxy"))
o:depends("tcp_node", v.id)
o.rmempty = false
o.cfgvalue = get_cfgvalue(v.id, "preproxy_enabled")
o.write = get_write(v.id, "preproxy_enabled")
o = s:taboption("Main", Value, vid .. "-main_node", string.format('<a style="color:red">%s</a>', translate("Preproxy Node")), translate("Set the node to be used as a pre-proxy. Each rule (including <code>Default</code>) has a separate switch that controls whether this rule uses the pre-proxy or not."))
o:depends(vid .. "-preproxy_enabled", "1")
for k1, v1 in pairs(balancing_list) do
o:value(v1.id, v1.remark)
end
for k1, v1 in pairs(normal_list) do
o:value(v1.id, v1.remark)
end
o.cfgvalue = get_cfgvalue(v.id, "main_node")
o.write = get_write(v.id, "main_node")
if shunt_remark == "main" and auto_switch_tip then
o.description = auto_switch_tip
end
if (has_v2ray and has_xray) or (v.type == "V2ray" and not has_v2ray) or (v.type == "Xray" and not has_xray) then
type:depends("tcp_node", v.id)
else
type:depends("tcp_node", "hide") --不存在的依赖,即始终隐藏
end
uci:foreach(appname, "shunt_rules", function(e)
local id = e[".name"]
local node_option = vid .. "-" .. id .. "_node"
if id and e.remarks then
o = s:taboption("Main", Value, node_option, string.format('* <a href="%s" target="_blank">%s</a>', api.url("shunt_rules", id), e.remarks))
o.cfgvalue = get_cfgvalue(v.id, id)
o.write = get_write(v.id, id)
o:depends("tcp_node", v.id)
o:value("nil", translate("Close"))
o:value("_default", translate("Default"))
o:value("_direct", translate("Direct Connection"))
o:value("_blackhole", translate("Blackhole"))
local pt = s:taboption("Main", ListValue, vid .. "-".. id .. "_proxy_tag", string.format('* <a style="color:red">%s</a>', e.remarks .. " " .. translate("Preproxy")))
pt.cfgvalue = get_cfgvalue(v.id, id .. "_proxy_tag")
pt.write = get_write(v.id, id .. "_proxy_tag")
pt:value("nil", translate("Close"))
pt:value("main", translate("Preproxy Node"))
pt.default = "nil"
for k1, v1 in pairs(balancing_list) do
o:value(v1.id, v1.remark)
end
for k1, v1 in pairs(normal_list) do
o:value(v1.id, v1.remark)
pt:depends({ [node_option] = v1.id, [vid .. "-preproxy_enabled"] = "1" })
end
end
end)
local id = "default_node"
o = s:taboption("Main", Value, vid .. "-" .. id, string.format('* <a style="color:red">%s</a>', translate("Default")))
o.cfgvalue = get_cfgvalue(v.id, id)
o.write = get_write(v.id, id)
o:depends("tcp_node", v.id)
o:value("_direct", translate("Direct Connection"))
o:value("_blackhole", translate("Blackhole"))
for k1, v1 in pairs(balancing_list) do
o:value(v1.id, v1.remark)
end
for k1, v1 in pairs(normal_list) do
o:value(v1.id, v1.remark)
end
if shunt_remark == "default" and auto_switch_tip then
o.description = auto_switch_tip
end
local id = "default_proxy_tag"
o = s:taboption("Main", ListValue, vid .. "-" .. id, string.format('* <a style="color:red">%s</a>', translate("Default Preproxy")), translate("When using, localhost will connect this node first and then use this node to connect the default node."))
o.cfgvalue = get_cfgvalue(v.id, id)
o.write = get_write(v.id, id)
o:value("nil", translate("Close"))
o:value("main", translate("Preproxy Node"))
for k1, v1 in pairs(normal_list) do
if v1.protocol ~= "_balancing" then
o:depends({ [vid .. "-default_node"] = v1.id, [vid .. "-preproxy_enabled"] = "1" })
end
end
end
else
local tips = s:taboption("Main", DummyValue, "tips", " ")
tips.rawhtml = true
tips.cfgvalue = function(t, n)
return string.format('<a style="color: red">%s</a>', translate("There are no available nodes, please add or subscribe nodes first."))
end
tips:depends({ tcp_node = "nil", ["!reverse"] = true })
for k, v in pairs(shunt_list) do
tips:depends("udp_node", v.id)
end
for k, v in pairs(balancing_list) do
tips:depends("udp_node", v.id)
end
end
end
tcp_node_socks_port = s:taboption("Main", Value, "tcp_node_socks_port", translate("TCP Node") .. " Socks " .. translate("Listen Port"))
tcp_node_socks_port.default = 1070
tcp_node_socks_port.datatype = "port"
tcp_node_socks_port:depends({ tcp_node = "nil", ["!reverse"] = true })
--[[
if has_v2ray or has_xray then
tcp_node_http_port = s:taboption("Main", Value, "tcp_node_http_port", translate("TCP Node") .. " HTTP " .. translate("Listen Port") .. " " .. translate("0 is not use"))
tcp_node_http_port.default = 0
tcp_node_http_port.datatype = "port"
end
]]--
s:tab("DNS", translate("DNS"))
o = s:taboption("DNS", Flag, "filter_proxy_ipv6", translate("Filter Proxy Host IPv6"), translate("Experimental feature."))
o.default = "0"
---- DNS Forward Mode
dns_mode = s:taboption("DNS", ListValue, "dns_mode", translate("Filter Mode"))
dns_mode.rmempty = false
dns_mode:reset_values()
if api.is_finded("dns2tcp") then
dns_mode:value("dns2tcp", translatef("Requery DNS By %s", "TCP"))
end
if api.is_finded("dns2socks") then
dns_mode:value("dns2socks", "dns2socks")
end
if has_xray then
dns_mode:value("xray", "Xray")
end
dns_mode:value("udp", translatef("Requery DNS By %s", "UDP"))
o = s:taboption("DNS", ListValue, "v2ray_dns_mode", " ")
o:value("tcp", "TCP")
o:value("doh", "DoH")
o:value("fakedns", "FakeDNS")
o:depends("dns_mode", "xray")
o.validate = function(self, value, t)
if value == "fakedns" then
local _dns_mode = dns_mode:formvalue(t)
local _tcp_node = tcp_node:formvalue(t)
if m:get(_tcp_node, "type"):lower() ~= _dns_mode then
return nil, translatef("TCP node must be '%s' type to use FakeDNS.", _dns_mode)
end
end
return value
end
o = s:taboption("DNS", Value, "socks_server", translate("Socks Server"), translate("Make sure socks service is available on this address."))
for k, v in pairs(socks_table) do o:value(v.id, v.remarks) end
o.default = socks_table[1].id
o.validate = function(self, value, t)
if not datatypes.ipaddrport(value) then
return nil, translate("Socks Server") .. " " .. translate("Not valid IP format, please re-enter!")
end
return value
end
o:depends({dns_mode = "dns2socks"})
---- DNS Forward
o = s:taboption("DNS", Value, "remote_dns", translate("Remote DNS"))
o.datatype = "or(ipaddr,ipaddrport)"
o.default = "1.1.1.1"
o:value("1.1.1.1", "1.1.1.1 (CloudFlare)")
o:value("1.1.1.2", "1.1.1.2 (CloudFlare-Security)")
o:value("8.8.4.4", "8.8.4.4 (Google)")
o:value("8.8.8.8", "8.8.8.8 (Google)")
o:value("9.9.9.9", "9.9.9.9 (Quad9-Recommended)")
o:value("208.67.220.220", "208.67.220.220 (OpenDNS)")
o:value("208.67.222.222", "208.67.222.222 (OpenDNS)")
o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "dns2tcp"})
o:depends({dns_mode = "udp"})
o:depends({v2ray_dns_mode = "tcp"})
---- DoH
o = s:taboption("DNS", Value, "remote_dns_doh", translate("Remote DNS DoH"))
o.default = "https://1.1.1.1/dns-query"
o:value("https://1.1.1.1/dns-query", "CloudFlare")
o:value("https://1.1.1.2/dns-query", "CloudFlare-Security")
o:value("https://8.8.4.4/dns-query", "Google 8844")
o:value("https://8.8.8.8/dns-query", "Google 8888")
o:value("https://9.9.9.9/dns-query", "Quad9-Recommended")
o:value("https://208.67.222.222/dns-query", "OpenDNS")
o:value("https://dns.adguard.com/dns-query,176.103.130.130", "AdGuard")
o:value("https://doh.libredns.gr/dns-query,116.202.176.26", "LibreDNS")
o:value("https://doh.libredns.gr/ads,116.202.176.26", "LibreDNS (No Ads)")
o.validate = doh_validate
o:depends("v2ray_dns_mode", "doh")
o = s:taboption("DNS", Value, "dns_client_ip", translate("EDNS Client Subnet"))
o.description = translate("Notify the DNS server when the DNS query is notified, the location of the client (cannot be a private IP address).") .. "<br />" ..
translate("This feature requires the DNS server to support the Edns Client Subnet (RFC7871).")
o.datatype = "ipaddr"
o:depends("v2ray_dns_mode", "tcp")
o:depends("v2ray_dns_mode", "doh")
o = s:taboption("DNS", Flag, "dns_cache", translate("Cache Resolved"))
o.default = "1"
o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
o.rmempty = false
if api.is_finded("chinadns-ng") then
o = s:taboption("DNS", Flag, "chinadns_ng", translate("ChinaDNS-NG"), translate("The effect is better, but will increase the memory."))
o.default = "0"
o:depends({dns_mode = "dns2socks"})
o:depends({dns_mode = "dns2tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "tcp"})
o:depends({dns_mode = "xray", v2ray_dns_mode = "doh"})
o:depends({dns_mode = "udp"})
end
if has_chnlist then
when_chnroute_default_dns = s:taboption("DNS", ListValue, "when_chnroute_default_dns", translate("When using the chnroute list the default DNS"))
when_chnroute_default_dns.default = "direct"
when_chnroute_default_dns:value("remote", translate("Remote DNS"))
when_chnroute_default_dns:value("direct", translate("Direct DNS"))
when_chnroute_default_dns.description = "<ul>"
.. "<li>" .. translate("Remote DNS can avoid more DNS leaks, but some domestic domain names maybe to proxy!") .. "</li>"
.. "<li>" .. translate("Direct DNS Internet experience may be better, but DNS will be leaked!") .. "</li>"
.. "</ul>"
if api.is_finded("chinadns-ng") then
when_chnroute_default_dns:depends("chinadns_ng", false)
end
end
o = s:taboption("DNS", Button, "clear_ipset", translate("Clear IPSET"), translate("Try this feature if the rule modification does not take effect."))
o.inputstyle = "remove"
function o.write(e, e)
luci.sys.call("[ -n \"$(nft list sets 2>/dev/null | grep \"passwall_\")\" ] && sh /usr/share/" .. appname .. "/nftables.sh flush_nftset || sh /usr/share/" .. appname .. "/iptables.sh flush_ipset > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
s:tab("Proxy", translate("Mode"))
---- TCP Default Proxy Mode
tcp_proxy_mode = s:taboption("Proxy", ListValue, "tcp_proxy_mode", "TCP " .. translate("Default Proxy Mode"))
tcp_proxy_mode:value("disable", translate("No Proxy"))
tcp_proxy_mode:value("global", translate("Global Proxy"))
tcp_proxy_mode:value("gfwlist", translate("GFW List"))
tcp_proxy_mode:value("chnroute", translate("Not China List"))
if has_chnlist then
tcp_proxy_mode:value("returnhome", translate("China List"))
end
tcp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
tcp_proxy_mode.default = "chnroute"
--tcp_proxy_mode.validate = redir_mode_validate
---- UDP Default Proxy Mode
udp_proxy_mode = s:taboption("Proxy", ListValue, "udp_proxy_mode", "UDP " .. translate("Default Proxy Mode"))
udp_proxy_mode:value("disable", translate("No Proxy"))
udp_proxy_mode:value("global", translate("Global Proxy"))
udp_proxy_mode:value("gfwlist", translate("GFW List"))
udp_proxy_mode:value("chnroute", translate("Not China List"))
if has_chnlist then
udp_proxy_mode:value("returnhome", translate("China List"))
end
udp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
udp_proxy_mode.default = "chnroute"
--udp_proxy_mode.validate = redir_mode_validate
---- Localhost TCP Proxy Mode
localhost_tcp_proxy_mode = s:taboption("Proxy", ListValue, "localhost_tcp_proxy_mode", translate("Router Localhost") .. " TCP " .. translate("Proxy Mode"))
localhost_tcp_proxy_mode:value("default", translatef("Same as the %s default proxy mode", "TCP"))
localhost_tcp_proxy_mode:value("global", translate("Global Proxy"))
localhost_tcp_proxy_mode:value("gfwlist", translate("GFW List"))
localhost_tcp_proxy_mode:value("chnroute", translate("Not China List"))
if has_chnlist then
localhost_tcp_proxy_mode:value("returnhome", translate("China List"))
end
localhost_tcp_proxy_mode:value("disable", translate("No Proxy"))
localhost_tcp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
localhost_tcp_proxy_mode.default = "default"
--localhost_tcp_proxy_mode.validate = redir_mode_validate
---- Localhost UDP Proxy Mode
localhost_udp_proxy_mode = s:taboption("Proxy", ListValue, "localhost_udp_proxy_mode", translate("Router Localhost") .. " UDP " .. translate("Proxy Mode"))
localhost_udp_proxy_mode:value("default", translatef("Same as the %s default proxy mode", "UDP"))
localhost_udp_proxy_mode:value("global", translate("Global Proxy"))
localhost_udp_proxy_mode:value("gfwlist", translate("GFW List"))
localhost_udp_proxy_mode:value("chnroute", translate("Not China List"))
if has_chnlist then
localhost_udp_proxy_mode:value("returnhome", translate("China List"))
end
localhost_udp_proxy_mode:value("disable", translate("No Proxy"))
localhost_udp_proxy_mode:value("direct/proxy", translate("Only use direct/proxy list"))
localhost_udp_proxy_mode.default = "default"
localhost_udp_proxy_mode.validate = redir_mode_validate
tips = s:taboption("Proxy", DummyValue, "tips", " ")
tips.rawhtml = true
tips.cfgvalue = function(t, n)
return string.format('<a style="color: red" href="%s">%s</a>', api.url("acl"), translate("Want different devices to use different proxy modes/ports/nodes? Please use access control."))
end
s:tab("log", translate("Log"))
o = s:taboption("log", Flag, "close_log_tcp", translatef("%s Node Log Close", "TCP"))
o.rmempty = false
o = s:taboption("log", Flag, "close_log_udp", translatef("%s Node Log Close", "UDP"))
o.rmempty = false
loglevel = s:taboption("log", ListValue, "loglevel", "V2ray/Xray " .. translate("Log Level"))
loglevel.default = "warning"
loglevel:value("debug")
loglevel:value("info")
loglevel:value("warning")
loglevel:value("error")
trojan_loglevel = s:taboption("log", ListValue, "trojan_loglevel", "Trojan " .. translate("Log Level"))
trojan_loglevel.default = "2"
trojan_loglevel:value("0", "all")
trojan_loglevel:value("1", "info")
trojan_loglevel:value("2", "warn")
trojan_loglevel:value("3", "error")
trojan_loglevel:value("4", "fatal")
o = s:taboption("log", Flag, "advanced_log_feature", translate("Advanced log feature"), translate("For professionals only."))
o.default = "0"
o.rmempty = false
local syslog = s:taboption("log", Flag, "sys_log", translate("Logging to system log"), translate("Logging to the system log for more advanced functions. For example, send logs to a dedicated log server."))
syslog:depends("advanced_log_feature", "1")
syslog.default = "0"
syslog.rmempty = false
local logpath = s:taboption("log", Value, "persist_log_path", translate("Persist log file directory"), translate("The path to the directory used to store persist log files, the \"/\" at the end can be omitted. Leave it blank to disable this feature."))
logpath:depends({ ["advanced_log_feature"] = 1, ["sys_log"] = 0 })
s:tab("faq", "FAQ")
o = s:taboption("faq", DummyValue, "")
o.template = appname .. "/global/faq"
-- [[ Socks Server ]]--
o = s:taboption("Main", Flag, "socks_enabled", "Socks " .. translate("Main switch"))
o.rmempty = false
s = m:section(TypedSection, "socks", translate("Socks Config"))
s.anonymous = true
s.addremove = true
s.template = "cbi/tblsection"
function s.create(e, t)
TypedSection.create(e, api.gen_short_uuid())
end
o = s:option(DummyValue, "status", translate("Status"))
o.rawhtml = true
o.cfgvalue = function(t, n)
return string.format('<div class="_status" socks_id="%s"></div>', n)
end
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))
o.default = 1
o.rmempty = false
socks_node = s:option(ListValue, "node", translate("Socks Node"))
local n = 1
uci:foreach(appname, "socks", function(s)
if s[".name"] == section then
return false
end
n = n + 1
end)
o = s:option(Value, "port", "Socks " .. translate("Listen Port"))
o.default = n + 1080
o.datatype = "port"
o.rmempty = false
if has_v2ray or has_xray then
o = s:option(Value, "http_port", "HTTP " .. translate("Listen Port") .. " " .. translate("0 is not use"))
o.default = 0
o.datatype = "port"
end
for k, v in pairs(nodes_table) do
tcp_node:value(v.id, v["remark"])
udp_node:value(v.id, v["remark"])
if v.type == "Socks" then
if has_v2ray or has_xray then
socks_node:value(v.id, v["remark"])
end
else
socks_node:value(v.id, v["remark"])
end
end
m:append(Template(appname .. "/global/status_bottom"))
m:append(Template(appname .. "/global/footer"))
return m

140
luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua Normal file
View File

@ -0,0 +1,140 @@
local api = require "luci.passwall.api"
local appname = api.appname
local sys = api.sys
local net = require "luci.model.network".init()
local datatypes = api.datatypes
local nodes_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
if e.node_type == "normal" then
nodes_table[#nodes_table + 1] = {
id = e[".name"],
obj = e,
remarks = e["remark"]
}
end
end
m = Map(appname)
-- [[ Haproxy Settings ]]--
s = m:section(TypedSection, "global_haproxy")
s.anonymous = true
s:append(Template(appname .. "/haproxy/status"))
---- Balancing Enable
o = s:option(Flag, "balancing_enable", translate("Enable Load Balancing"))
o.rmempty = false
o.default = false
---- Console Username
o = s:option(Value, "console_user", translate("Console Username"))
o.default = ""
o:depends("balancing_enable", true)
---- Console Password
o = s:option(Value, "console_password", translate("Console Password"))
o.password = true
o.default = ""
o:depends("balancing_enable", true)
---- Console Port
o = s:option(Value, "console_port", translate("Console Port"), translate(
"In the browser input routing IP plus port access, such as:192.168.1.1:1188"))
o.default = "1188"
o:depends("balancing_enable", true)
---- Health Check Type
o = s:option(ListValue, "health_check_type", translate("Health Check Type"))
o.default = "passwall_logic"
o:value("tcp", "TCP")
o:value("passwall_logic", translate("Availability test") .. string.format("(passwall %s)", translate("Inner implement")))
o:depends("balancing_enable", true)
---- Health Check Inter
o = s:option(Value, "health_check_inter", translate("Health Check Inter"), translate("Units:seconds"))
o.default = "60"
o:depends("balancing_enable", true)
o = s:option(DummyValue, "health_check_tips", " ")
o.rawhtml = true
o.cfgvalue = function(t, n)
return string.format('<span style="color: red">%s</span>', translate("When the availability test is used, the load balancing node will be converted into a Socks node. when node list set customizing, must be a Socks node, otherwise the health check will be invalid."))
end
o:depends("health_check_type", "passwall_logic")
-- [[ Balancing Settings ]]--
s = m:section(TypedSection, "haproxy_config", "",
"<font color='red'>" ..
translate("Add a node, Export Of Multi WAN Only support Multi Wan. Load specific gravity range 1-256. Multiple primary servers can be load balanced, standby will only be enabled when the primary server is offline! Multiple groups can be set, Haproxy port same one for each group.") ..
"\n" .. translate("Note that the node configuration parameters for load balancing must be consistent when use TCP health check type, otherwise it cannot be used normally!") ..
"</font>")
s.template = "cbi/tblsection"
s.sortable = true
s.anonymous = true
s.addremove = true
s.create = function(e, t)
TypedSection.create(e, api.gen_short_uuid())
end
s.remove = function(self, section)
for k, v in pairs(self.children) do
v.rmempty = true
v.validate = nil
end
TypedSection.remove(self, section)
end
---- Enable
o = s:option(Flag, "enabled", translate("Enable"))
o.default = 1
o.rmempty = false
---- Node Address
o = s:option(Value, "lbss", translate("Node Address"))
for k, v in pairs(nodes_table) do o:value(v.id, v.remarks) end
o.rmempty = false
o.validate = function(self, value)
if not value then return nil end
local t = m:get(value) or nil
if t and t[".type"] == "nodes" then
return value
end
if datatypes.hostport(value) or datatypes.ip4addrport(value) then
return value
end
if api.is_ipv6addrport(value) then
return value
end
return nil, value
end
---- Haproxy Port
o = s:option(Value, "haproxy_port", translate("Haproxy Port"))
o.datatype = "port"
o.default = 1181
o.rmempty = false
---- Node Weight
o = s:option(Value, "lbweight", translate("Node Weight"))
o.datatype = "uinteger"
o.default = 5
o.rmempty = false
---- Export
o = s:option(ListValue, "export", translate("Export Of Multi WAN"))
o:value(0, translate("Auto"))
local wa = require "luci.tools.webadmin"
wa.cbi_add_networks(o)
o.default = 0
o.rmempty = false
---- Mode
o = s:option(ListValue, "backup", translate("Mode"))
o:value(0, translate("Primary"))
o:value(1, translate("Standby"))
o.rmempty = false
return m

8
luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua Normal file
View File

@ -0,0 +1,8 @@
local api = require "luci.passwall.api"
local appname = api.appname
f = SimpleForm(appname)
f.reset = false
f.submit = false
f:append(Template(appname .. "/log/log"))
return f

1104
luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua Normal file
View File

File diff suppressed because it is too large Load Diff

151
luci-app-passwall/luasrc/model/cbi/passwall/client/node_list.lua Normal file
View File

@ -0,0 +1,151 @@
local api = require "luci.passwall.api"
local appname = api.appname
local sys = api.sys
local datatypes = api.datatypes
m = Map(appname)
-- [[ Other Settings ]]--
s = m:section(TypedSection, "global_other")
s.anonymous = true
o = s:option(MultiValue, "nodes_ping", " ")
o:value("auto_ping", translate("Auto Ping"), translate("This will automatically ping the node for latency"))
o:value("tcping", translate("Tcping"), translate("This will use tcping replace ping detection of node"))
o:value("info", translate("Show server address and port"), translate("Show server address and port"))
-- [[ Add the node via the link ]]--
s:append(Template(appname .. "/node_list/link_add_node"))
local nodes_ping = m:get("@global_other[0]", "nodes_ping") or ""
-- [[ Node List ]]--
s = m:section(TypedSection, "nodes")
s.anonymous = true
s.addremove = true
s.template = "cbi/tblsection"
s.extedit = api.url("node_config", "%s")
function s.create(e, t)
local uuid = api.gen_short_uuid()
t = uuid
TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
function s.remove(e, t)
m.uci:foreach(appname, "socks", function(s)
if s["node"] == t then
m:del(s[".name"])
end
end)
m.uci:foreach(appname, "haproxy_config", function(s)
if s["lbss"] and s["lbss"] == t then
m:del(s[".name"])
end
end)
m.uci:foreach(appname, "acl_rule", function(s)
if s["tcp_node"] and s["tcp_node"] == t then
m:set(s[".name"], "tcp_node", "default")
end
if s["udp_node"] and s["udp_node"] == t then
m:set(s[".name"], "udp_node", "default")
end
end)
for k, v in ipairs(m:get("@auto_switch[0]", "tcp_node") or {}) do
if v and v == t then
sys.call(string.format("uci -q del_list %s.@auto_switch[0].tcp_node='%s'", appname, v))
end
end
TypedSection.remove(e, t)
local new_node = "nil"
local node0 = m:get("@nodes[0]") or nil
if node0 then
new_node = node0[".name"]
end
if (m:get("@global[0]", "tcp_node") or "nil") == t then
m:set('@global[0]', "tcp_node", new_node)
end
if (m:get("@global[0]", "udp_node") or "nil") == t then
m:set('@global[0]', "udp_node", new_node)
end
end
s.sortable = true
-- 简洁模式
o = s:option(DummyValue, "add_from", "")
o.cfgvalue = function(t, n)
local v = Value.cfgvalue(t, n)
if v and v ~= '' then
local group = m:get(n, "group") or ""
if group ~= "" then
v = v .. " " .. group
end
return v
else
return ''
end
end
o = s:option(DummyValue, "remarks", translate("Remarks"))
o.rawhtml = true
o.cfgvalue = function(t, n)
local str = ""
local is_sub = m:get(n, "is_sub") or ""
local group = m:get(n, "group") or ""
local remarks = m:get(n, "remarks") or ""
local type = m:get(n, "type") or ""
str = str .. string.format("<input type='hidden' id='cbid.%s.%s.type' value='%s'/>", appname, n, type)
if type == "V2ray" or type == "Xray" then
local protocol = m:get(n, "protocol")
if protocol == "_balancing" then
protocol = translate("Balancing")
elseif protocol == "_shunt" then
protocol = translate("Shunt")
elseif protocol == "vmess" then
protocol = "VMess"
elseif protocol == "vless" then
protocol = "VLESS"
else
protocol = protocol:gsub("^%l",string.upper)
end
type = type .. " " .. protocol
end
local address = m:get(n, "address") or ""
local port = m:get(n, "port") or ""
str = str .. translate(type) .. "" .. remarks
if address ~= "" and port ~= "" then
if nodes_ping:find("info") then
if datatypes.ip6addr(address) then
str = str .. string.format("[%s]:%s", address, port)
else
str = str .. string.format("%s:%s", address, port)
end
end
str = str .. string.format("<input type='hidden' id='cbid.%s.%s.address' value='%s'/>", appname, n, address)
str = str .. string.format("<input type='hidden' id='cbid.%s.%s.port' value='%s'/>", appname, n, port)
end
return str
end
---- Ping
o = s:option(DummyValue, "ping")
o.width = "8%"
o.rawhtml = true
o.cfgvalue = function(t, n)
local result = "---"
if not nodes_ping:find("auto_ping") then
result = string.format('<span class="ping"><a href="javascript:void(0)" onclick="javascript:ping_node(\'%s\',this)">Ping</a></span>', n)
else
result = string.format('<span class="ping_value" cbiid="%s">---</span>', n)
end
return result
end
o = s:option(DummyValue, "_url_test")
o.rawhtml = true
o.cfgvalue = function(t, n)
return string.format('<input type="button" class="cbi-button" value="%s" onclick="javascript:urltest_node(\'%s\',this)"', translate("Availability test"), n)
end
m:append(Template(appname .. "/node_list/node_list"))
return m

137
luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe.lua Normal file
View File

@ -0,0 +1,137 @@
local api = require "luci.passwall.api"
local appname = api.appname
local has_ss = api.is_finded("ss-redir")
local has_ss_rust = api.is_finded("sslocal")
local has_trojan_plus = api.is_finded("trojan-plus")
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
local has_trojan_go = api.is_finded("trojan-go")
local ss_aead_type = {}
local trojan_type = {}
if has_ss then
ss_aead_type[#ss_aead_type + 1] = "shadowsocks-libev"
end
if has_ss_rust then
ss_aead_type[#ss_aead_type + 1] = "shadowsocks-rust"
end
if has_trojan_plus then
trojan_type[#trojan_type + 1] = "trojan-plus"
end
if has_v2ray then
trojan_type[#trojan_type + 1] = "v2ray"
ss_aead_type[#ss_aead_type + 1] = "v2ray"
end
if has_xray then
trojan_type[#trojan_type + 1] = "xray"
ss_aead_type[#ss_aead_type + 1] = "xray"
end
if has_trojan_go then
trojan_type[#trojan_type + 1] = "trojan-go"
end
m = Map(appname)
-- [[ Subscribe Settings ]]--
s = m:section(TypedSection, "global_subscribe", "")
s.anonymous = true
o = s:option(ListValue, "filter_keyword_mode", translate("Filter keyword Mode"))
o:value("0", translate("Close"))
o:value("1", translate("Discard List"))
o:value("2", translate("Keep List"))
o:value("3", translate("Discard List,But Keep List First"))
o:value("4", translate("Keep List,But Discard List First"))
o = s:option(DynamicList, "filter_discard_list", translate("Discard List"))
o = s:option(DynamicList, "filter_keep_list", translate("Keep List"))
if #ss_aead_type > 0 then
o = s:option(ListValue, "ss_aead_type", translate("SS AEAD Node Use Type"))
for key, value in pairs(ss_aead_type) do
o:value(value, translate(value:gsub("^%l",string.upper)))
end
end
if #trojan_type > 0 then
o = s:option(ListValue, "trojan_type", translate("Trojan Node Use Type"))
for key, value in pairs(trojan_type) do
o:value(value, translate(value:gsub("^%l",string.upper)))
end
end
---- Subscribe Delete All
o = s:option(Button, "_stop", translate("Delete All Subscribe Node"))
o.inputstyle = "remove"
function o.write(e, e)
luci.sys.call("lua /usr/share/" .. appname .. "/subscribe.lua truncate > /dev/null 2>&1")
end
o = s:option(Button, "_update", translate("Manual subscription All"))
o.inputstyle = "apply"
function o.write(t, n)
luci.sys.call("lua /usr/share/" .. appname .. "/subscribe.lua start > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
s = m:section(TypedSection, "subscribe_list", "", "<font color='red'>" .. translate("Please input the subscription url first, save and submit before manual subscription.") .. "</font>")
s.addremove = true
s.anonymous = true
s.sortable = true
s.template = "cbi/tblsection"
s.extedit = api.url("node_subscribe_config", "%s")
function s.create(e, t)
local id = TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(id))
end
o = s:option(Value, "remark", translate("Remarks"))
o.width = "auto"
o.rmempty = false
o.validate = function(self, value, t)
if value then
local count = 0
m.uci:foreach(appname, "subscribe_list", function(e)
if e[".name"] ~= t and e["remark"] == value then
count = count + 1
end
end)
if count > 0 then
return nil, translate("This remark already exists, please change a new remark.")
end
return value
end
end
o = s:option(DummyValue, "_node_count")
o.rawhtml = true
o.cfgvalue = function(t, n)
local remark = m:get(n, "remark") or ""
local num = 0
m.uci:foreach(appname, "nodes", function(s)
if s["add_from"] ~= "" and s["add_from"] == remark then
num = num + 1
end
end)
return string.format("<span title='%s' style='color:red'>%s</span>", remark .. " " .. translate("Node num") .. ": " .. num, num)
end
o = s:option(Value, "url", translate("Subscribe URL"))
o.width = "auto"
o.rmempty = false
o = s:option(Button, "_remove", translate("Delete the subscribed node"))
o.inputstyle = "remove"
function o.write(t, n)
local remark = m:get(n, "remark") or ""
luci.sys.call("lua /usr/share/" .. appname .. "/subscribe.lua truncate " .. remark .. " > /dev/null 2>&1")
end
o = s:option(Button, "_update", translate("Manual subscription"))
o.inputstyle = "apply"
function o.write(t, n)
luci.sys.call("lua /usr/share/" .. appname .. "/subscribe.lua start " .. n .. " > /dev/null 2>&1 &")
luci.http.redirect(api.url("log"))
end
return m

110
luci-app-passwall/luasrc/model/cbi/passwall/client/node_subscribe_config.lua Normal file
View File

@ -0,0 +1,110 @@
local api = require "luci.passwall.api"
local appname = api.appname
local sys = api.sys
local has_ss = api.is_finded("ss-redir")
local has_ss_rust = api.is_finded("sslocal")
local has_trojan_plus = api.is_finded("trojan-plus")
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
local has_trojan_go = api.is_finded("trojan-go")
local ss_aead_type = {}
local trojan_type = {}
if has_ss then
ss_aead_type[#ss_aead_type + 1] = "shadowsocks-libev"
end
if has_ss_rust then
ss_aead_type[#ss_aead_type + 1] = "shadowsocks-rust"
end
if has_trojan_plus then
trojan_type[#trojan_type + 1] = "trojan-plus"
end
if has_v2ray then
trojan_type[#trojan_type + 1] = "v2ray"
ss_aead_type[#ss_aead_type + 1] = "v2ray"
end
if has_xray then
trojan_type[#trojan_type + 1] = "xray"
ss_aead_type[#ss_aead_type + 1] = "xray"
end
if has_trojan_go then
trojan_type[#trojan_type + 1] = "trojan-go"
end
m = Map(appname)
m.redirect = api.url("node_subscribe")
s = m:section(NamedSection, arg[1])
s.addremove = false
s.dynamic = false
o = s:option(Value, "remark", translate("Subscribe Remark"))
o.rmempty = false
o = s:option(TextValue, "url", translate("Subscribe URL"))
o.rows = 5
o.rmempty = false
o = s:option(Flag, "allowInsecure", translate("allowInsecure"), translate("Whether unsafe connections are allowed. When checked, Certificate validation will be skipped."))
o.default = "0"
o.rmempty = false
o = s:option(ListValue, "filter_keyword_mode", translate("Filter keyword Mode"))
o.default = "5"
o:value("0", translate("Close"))
o:value("1", translate("Discard List"))
o:value("2", translate("Keep List"))
o:value("3", translate("Discard List,But Keep List First"))
o:value("4", translate("Keep List,But Discard List First"))
o:value("5", translate("Use global config"))
o = s:option(DynamicList, "filter_discard_list", translate("Discard List"))
o:depends("filter_keyword_mode", "1")
o:depends("filter_keyword_mode", "3")
o:depends("filter_keyword_mode", "4")
o = s:option(DynamicList, "filter_keep_list", translate("Keep List"))
o:depends("filter_keyword_mode", "2")
o:depends("filter_keyword_mode", "3")
o:depends("filter_keyword_mode", "4")
if #ss_aead_type > 0 then
o = s:option(ListValue, "ss_aead_type", translate("SS AEAD Node Use Type"))
o.default = "global"
o:value("global", translate("Use global config"))
for key, value in pairs(ss_aead_type) do
o:value(value, translate(value:gsub("^%l",string.upper)))
end
end
if #trojan_type > 0 then
o = s:option(ListValue, "trojan_type", translate("Trojan Node Use Type"))
o.default = "global"
o:value("global", translate("Use global config"))
for key, value in pairs(trojan_type) do
o:value(value, translate(value:gsub("^%l",string.upper)))
end
end
---- Enable auto update subscribe
o = s:option(Flag, "auto_update", translate("Enable auto update subscribe"))
o.default = 0
o.rmempty = false
---- Week update rules
o = s:option(ListValue, "week_update", translate("Week update rules"))
o:value(7, translate("Every day"))
for e = 1, 6 do o:value(e, translate("Week") .. e) end
o:value(0, translate("Week") .. translate("day"))
o.default = 0
o:depends("auto_update", true)
---- Day update rules
o = s:option(ListValue, "time_update", translate("Day update rules"))
for e = 0, 23 do o:value(e, e .. translate("oclock")) end
o.default = 0
o:depends("auto_update", true)
o = s:option(Value, "user_agent", translate("User-Agent"))
o.default = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
return m

171
luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua Normal file
View File

@ -0,0 +1,171 @@
local api = require "luci.passwall.api"
local appname = api.appname
local fs = api.fs
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
local has_fw3 = api.is_finded("fw3")
local has_fw4 = api.is_finded("fw4")
m = Map(appname)
-- [[ Delay Settings ]]--
s = m:section(TypedSection, "global_delay", translate("Delay Settings"))
s.anonymous = true
s.addremove = false
---- Delay Start
o = s:option(Value, "start_delay", translate("Delay Start"),
translate("Units:seconds"))
o.default = "1"
o.rmempty = true
---- Open and close Daemon
o = s:option(Flag, "start_daemon", translate("Open and close Daemon"))
o.default = 1
o.rmempty = false
--[[
---- Open and close automatically
o = s:option(Flag, "auto_on", translate("Open and close automatically"))
o.default = 0
o.rmempty = false
---- Automatically turn off time
o = s:option(ListValue, "time_off", translate("Automatically turn off time"))
o.default = nil
o:depends("auto_on", true)
o:value(nil, translate("Disable"))
for e = 0, 23 do o:value(e, e .. translate("oclock")) end
---- Automatically turn on time
o = s:option(ListValue, "time_on", translate("Automatically turn on time"))
o.default = nil
o:depends("auto_on", true)
o:value(nil, translate("Disable"))
for e = 0, 23 do o:value(e, e .. translate("oclock")) end
---- Automatically restart time
o = s:option(ListValue, "time_restart", translate("Automatically restart time"))
o.default = nil
o:depends("auto_on", true)
o:value(nil, translate("Disable"))
for e = 0, 23 do o:value(e, e .. translate("oclock")) end
--]]
-- [[ Forwarding Settings ]]--
s = m:section(TypedSection, "global_forwarding",
translate("Forwarding Settings"))
s.anonymous = true
s.addremove = false
---- TCP No Redir Ports
o = s:option(Value, "tcp_no_redir_ports", translate("TCP No Redir Ports"))
o.default = "disable"
o:value("disable", translate("No patterns are used"))
o:value("1:65535", translate("All"))
---- UDP No Redir Ports
o = s:option(Value, "udp_no_redir_ports", translate("UDP No Redir Ports"),
"<font color='red'>" .. translate(
"Fill in the ports you don't want to be forwarded by the agent, with the highest priority.") ..
"</font>")
o.default = "disable"
o:value("disable", translate("No patterns are used"))
o:value("1:65535", translate("All"))
---- TCP Proxy Drop Ports
o = s:option(Value, "tcp_proxy_drop_ports", translate("TCP Proxy Drop Ports"))
o.default = "disable"
o:value("disable", translate("No patterns are used"))
---- UDP Proxy Drop Ports
o = s:option(Value, "udp_proxy_drop_ports", translate("UDP Proxy Drop Ports"))
o.default = "80,443"
o:value("disable", translate("No patterns are used"))
o:value("80,443", translate("QUIC"))
---- TCP Redir Ports
o = s:option(Value, "tcp_redir_ports", translate("TCP Redir Ports"))
o.default = "22,25,53,143,465,587,853,993,995,80,443"
o:value("1:65535", translate("All"))
o:value("22,25,53,143,465,587,853,993,995,80,443", translate("Common Use"))
o:value("80,443", translate("Only Web"))
---- UDP Redir Ports
o = s:option(Value, "udp_redir_ports", translate("UDP Redir Ports"))
o.default = "1:65535"
o:value("1:65535", translate("All"))
o:value("53", "DNS")
---- Use nftables
o = s:option(ListValue, "use_nft", translate("Firewall tools"))
o.default = "0"
if has_fw3 then
o:value("0", "IPtables")
end
if has_fw4 then
o:value("1", "NFtables")
end
if (os.execute("lsmod | grep -i REDIRECT >/dev/null") == 0 and os.execute("lsmod | grep -i TPROXY >/dev/null") == 0) or (os.execute("lsmod | grep -i nft_redir >/dev/null") == 0 and os.execute("lsmod | grep -i nft_tproxy >/dev/null") == 0) then
o = s:option(ListValue, "tcp_proxy_way", translate("TCP Proxy Way"))
o.default = "redirect"
o:value("redirect", "REDIRECT")
o:value("tproxy", "TPROXY")
o:depends("ipv6_tproxy", false)
o = s:option(ListValue, "_tcp_proxy_way", translate("TCP Proxy Way"))
o.default = "tproxy"
o:value("tproxy", "TPROXY")
o:depends("ipv6_tproxy", true)
o.write = function(self, section, value)
return self.map:set(section, "tcp_proxy_way", value)
end
if os.execute("lsmod | grep -i ip6table_mangle >/dev/null") == 0 or os.execute("lsmod | grep -i nft_tproxy >/dev/null") == 0 then
---- IPv6 TProxy
o = s:option(Flag, "ipv6_tproxy", translate("IPv6 TProxy"),
"<font color='red'>" .. translate(
"Experimental feature. Make sure that your node supports IPv6.") ..
"</font>")
o.default = 0
o.rmempty = false
end
end
o = s:option(Flag, "accept_icmp", translate("Hijacking ICMP (PING)"))
o.default = 0
o = s:option(Flag, "accept_icmpv6", translate("Hijacking ICMPv6 (IPv6 PING)"))
o:depends("ipv6_tproxy", true)
o.default = 0
if has_v2ray or has_xray then
o = s:option(Flag, "sniffing", translate("Sniffing (V2Ray/Xray)"), translate("When using the V2ray/Xray shunt, must be enabled, otherwise the shunt will invalid."))
o.default = 1
o.rmempty = false
if has_xray then
route_only = s:option(Flag, "route_only", translate("Sniffing Route Only (Xray)"), translate("When enabled, the server not will resolve the domain name again."))
route_only.default = 0
route_only:depends("sniffing", true)
local domains_excluded = string.format("/usr/share/%s/rules/domains_excluded", appname)
o = s:option(TextValue, "no_sniffing_hosts", translate("No Sniffing Lists"), translate("Hosts added into No Sniffing Lists will not resolve again on server (Xray only)."))
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section) return fs.readfile(domains_excluded) or "" end
o.write = function(self, section, value) fs.writefile(domains_excluded, value:gsub("\r\n", "\n")) end
o.remove = function(self, section, value)
if route_only:formvalue(section) == "0" then
fs.writefile(domains_excluded, "")
end
end
o:depends({sniffing = true, route_only = false})
o = s:option(Value, "buffer_size", translate("Buffer Size (Xray)"), translate("Buffer size for every connection (kB)"))
o.rmempty = true
o.datatype = "uinteger"
end
end
return m

91
luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua Normal file
View File

@ -0,0 +1,91 @@
local api = require "luci.passwall.api"
local appname = api.appname
local has_v2ray = api.is_finded("v2ray")
local has_xray = api.is_finded("xray")
m = Map(appname)
-- [[ Rule Settings ]]--
s = m:section(TypedSection, "global_rules", translate("Rule status"))
s.anonymous = true
--[[
o = s:option(Flag, "adblock", translate("Enable adblock"))
o.rmempty = false
]]--
---- gfwlist URL
o = s:option(DynamicList, "gfwlist_url", translate("GFW domains(gfwlist) Update URL"))
o:value("https://fastly.jsdelivr.net/gh/YW5vbnltb3Vz/domain-list-community@release/gfwlist.txt", translate("v2fly/domain-list-community"))
o:value("https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt", translate("Loyalsoldier/v2ray-rules-dat"))
o:value("https://fastly.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt", translate("Loukky/gfwlist-by-loukky"))
o:value("https://fastly.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt", translate("gfwlist/gfwlist"))
o.default = "https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"
----chnroute URL
o = s:option(DynamicList, "chnroute_url", translate("China IPs(chnroute) Update URL"))
o:value("https://fastly.jsdelivr.net/gh/gaoyifan/china-operator-ip@ip-lists/china.txt", translate("gaoyifan/china-operator-ip/china"))
o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN"))
o:value("https://ispip.clang.cn/all_cn_cidr.txt", translate("Clang.CN.CIDR"))
o:value("https://fastly.jsdelivr.net/gh/soffchen/GeoIP2-CN@release/CN-ip-cidr.txt", translate("soffchen/GeoIP2-CN"))
o:value("https://fastly.jsdelivr.net/gh/Hackl0us/GeoIP2-CN@release/CN-ip-cidr.txt", translate("Hackl0us/GeoIP2-CN"))
----chnroute6 URL
o = s:option(DynamicList, "chnroute6_url", translate("China IPv6s(chnroute6) Update URL"))
o:value("https://fastly.jsdelivr.net/gh/gaoyifan/china-operator-ip@ip-lists/china6.txt", translate("gaoyifan/china-operator-ip/china6"))
o:value("https://ispip.clang.cn/all_cn_ipv6.txt", translate("Clang.CN.IPv6"))
----chnlist URL
o = s:option(DynamicList, "chnlist_url", translate("China List(Chnlist) Update URL"))
o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf", translate("felixonmars/domains.china"))
o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf", translate("felixonmars/apple.china"))
o:value("https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf", translate("felixonmars/google.china"))
s:append(Template(appname .. "/rule/rule_version"))
---- Auto Update
o = s:option(Flag, "auto_update", translate("Enable auto update rules"))
o.default = 0
o.rmempty = false
---- Week Update
o = s:option(ListValue, "week_update", translate("Week update rules"))
o:value(7, translate("Every day"))
for e = 1, 6 do o:value(e, translate("Week") .. e) end
o:value(0, translate("Week") .. translate("day"))
o.default = 0
o:depends("auto_update", true)
---- Time Update
o = s:option(ListValue, "time_update", translate("Day update rules"))
for e = 0, 23 do o:value(e, e .. translate("oclock")) end
o.default = 0
o:depends("auto_update", true)
if has_v2ray or has_xray then
o = s:option(Value, "v2ray_location_asset", translate("Location of V2ray/Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are."))
o.default = "/usr/share/v2ray/"
o.rmempty = false
s = m:section(TypedSection, "shunt_rules", "V2ray/Xray " .. translate("Shunt Rule"), "<a style='color: red'>" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "</a>")
s.template = "cbi/tblsection"
s.anonymous = false
s.addremove = true
s.sortable = true
s.extedit = api.url("shunt_rules", "%s")
function s.create(e, t)
TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
function s.remove(e, t)
m.uci:foreach(appname, "nodes", function(s)
if s["protocol"] and s["protocol"] == "_shunt" then
m:del(s[".name"], t)
end
end)
TypedSection.remove(e, t)
end
o = s:option(DummyValue, "remarks", translate("Remarks"))
end
return m

271
luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua Normal file
View File

@ -0,0 +1,271 @@
local api = require "luci.passwall.api"
local appname = api.appname
local fs = api.fs
local sys = api.sys
local datatypes = api.datatypes
local path = string.format("/usr/share/%s/rules/", appname)
local route_hosts_path = "/etc/"
m = Map(appname)
-- [[ Rule List Settings ]]--
s = m:section(TypedSection, "global_rules")
s.anonymous = true
s:tab("direct_list", translate("Direct List"))
s:tab("proxy_list", translate("Proxy List"))
s:tab("block_list", translate("Block List"))
s:tab("lan_ip_list", translate("Lan IP List"))
s:tab("route_hosts", translate("Route Hosts"))
---- Direct Hosts
local direct_host = path .. "direct_host"
o = s:taboption("direct_list", TextValue, "direct_host", "", "<font color='red'>" .. translate("Join the direct hosts list of domain names will not proxy.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(direct_host) or ""
end
o.write = function(self, section, value)
fs.writefile(direct_host, value:gsub("\r\n", "\n"))
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.remove = function(self, section, value)
fs.writefile(direct_host, "")
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
for index, host in ipairs(hosts) do
if host:find("#") and host:find("#") == 1 then
return value
end
if not datatypes.hostname(host) then
return nil, host .. " " .. translate("Not valid domain name, please re-enter!")
end
end
return value
end
---- Direct IP
local direct_ip = path .. "direct_ip"
o = s:taboption("direct_list", TextValue, "direct_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will not proxy. Please input the ip address or ip address segment,every line can input only one ip address. For example: 192.168.0.0/24 or 223.5.5.5.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(direct_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(direct_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(direct_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("#") and ipmask:find("#") == 1 then
return value
end
if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end
return value
end
---- Proxy Hosts
local proxy_host = path .. "proxy_host"
o = s:taboption("proxy_list", TextValue, "proxy_host", "", "<font color='red'>" .. translate("These had been joined websites will use proxy. Please input the domain names of websites, every line can input only one website domain. For example: google.com.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(proxy_host) or ""
end
o.write = function(self, section, value)
fs.writefile(proxy_host, value:gsub("\r\n", "\n"))
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.remove = function(self, section, value)
fs.writefile(proxy_host, "")
sys.call("rm -rf /tmp/etc/passwall_tmp/dns_*")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
for index, host in ipairs(hosts) do
if host:find("#") and host:find("#") == 1 then
return value
end
if not datatypes.hostname(host) then
return nil, host .. " " .. translate("Not valid domain name, please re-enter!")
end
end
return value
end
---- Proxy IP
local proxy_ip = path .. "proxy_ip"
o = s:taboption("proxy_list", TextValue, "proxy_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will use proxy. Please input the ip address or ip address segment, every line can input only one ip address. For example: 35.24.0.0/24 or 8.8.4.4.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(proxy_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(proxy_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(proxy_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("#") and ipmask:find("#") == 1 then
return value
end
if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end
return value
end
---- Block Hosts
local block_host = path .. "block_host"
o = s:taboption("block_list", TextValue, "block_host", "", "<font color='red'>" .. translate("These had been joined websites will be block. Please input the domain names of websites, every line can input only one website domain. For example: twitter.com.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(block_host) or ""
end
o.write = function(self, section, value)
fs.writefile(block_host, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(block_host, "")
end
o.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
for index, host in ipairs(hosts) do
if host:find("#") and host:find("#") == 1 then
return value
end
if not datatypes.hostname(host) then
return nil, host .. " " .. translate("Not valid domain name, please re-enter!")
end
end
return value
end
---- Block IP
local block_ip = path .. "block_ip"
o = s:taboption("block_list", TextValue, "block_ip", "", "<font color='red'>" .. translate("These had been joined ip addresses will be block. Please input the ip address or ip address segment, every line can input only one ip address.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(block_ip) or ""
end
o.write = function(self, section, value)
fs.writefile(block_ip, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(block_ip, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("#") and ipmask:find("#") == 1 then
return value
end
if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end
return value
end
---- Lan IPv4
local lanlist_ipv4 = path .. "lanlist_ipv4"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv4", "", "<font color='red'>" .. translate("The list is the IPv4 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(lanlist_ipv4) or ""
end
o.write = function(self, section, value)
fs.writefile(lanlist_ipv4, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(lanlist_ipv4, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("#") and ipmask:find("#") == 1 then
return value
end
if not datatypes.ipmask4(ipmask) then
return nil, ipmask .. " " .. translate("Not valid IPv4 format, please re-enter!")
end
end
return value
end
---- Lan IPv6
local lanlist_ipv6 = path .. "lanlist_ipv6"
o = s:taboption("lan_ip_list", TextValue, "lanlist_ipv6", "", "<font color='red'>" .. translate("The list is the IPv6 LAN IP list, which represents the direct connection IP of the LAN. If you need the LAN IP in the proxy list, please clear it from the list. Do not modify this list by default.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(lanlist_ipv6) or ""
end
o.write = function(self, section, value)
fs.writefile(lanlist_ipv6, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(lanlist_ipv6, "")
end
o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("#") and ipmask:find("#") == 1 then
return value
end
if not datatypes.ipmask6(ipmask) then
return nil, ipmask .. " " .. translate("Not valid IPv6 format, please re-enter!")
end
end
return value
end
---- Route Hosts
local hosts = route_hosts_path .. "hosts"
o = s:taboption("route_hosts", TextValue, "hosts", "", "<font color='red'>" .. translate("Configure routing etc/hosts file, if you don't know what you are doing, please don't change the content.") .. "</font>")
o.rows = 15
o.wrap = "off"
o.cfgvalue = function(self, section)
return fs.readfile(hosts) or ""
end
o.write = function(self, section, value)
fs.writefile(hosts, value:gsub("\r\n", "\n"))
end
o.remove = function(self, section, value)
fs.writefile(hosts, "")
end
if sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0 then
m.apply_on_parse = true
function m.on_apply(self)
luci.sys.call("/etc/init.d/passwall reload > /dev/null 2>&1 &")
end
end
return m

79
luci-app-passwall/luasrc/model/cbi/passwall/client/shunt_rules.lua Normal file
View File

@ -0,0 +1,79 @@
local api = require "luci.passwall.api"
local appname = api.appname
local datatypes = api.datatypes
m = Map(appname, "V2ray/Xray " .. translate("Shunt Rule"))
m.redirect = api.url()
s = m:section(NamedSection, arg[1], "shunt_rules", "")
s.addremove = false
s.dynamic = false
remarks = s:option(Value, "remarks", translate("Remarks"))
remarks.default = arg[1]
remarks.rmempty = false
protocol = s:option(MultiValue, "protocol", translate("Protocol"))
protocol:value("http")
protocol:value("tls")
protocol:value("bittorrent")
domain_list = s:option(TextValue, "domain_list", translate("Domain"))
domain_list.rows = 10
domain_list.wrap = "off"
domain_list.validate = function(self, value)
local hosts= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
for index, host in ipairs(hosts) do
local flag = 1
local tmp_host = host
if host:find("regexp:") and host:find("regexp:") == 1 then
flag = 0
elseif host:find("domain:.") and host:find("domain:.") == 1 then
tmp_host = host:gsub("domain:", "")
elseif host:find("full:.") and host:find("full:.") == 1 then
tmp_host = host:gsub("full:", "")
elseif host:find("geosite:") and host:find("geosite:") == 1 then
flag = 0
elseif host:find("ext:") and host:find("ext:") == 1 then
flag = 0
end
if flag == 1 then
if not datatypes.hostname(tmp_host) then
return nil, tmp_host .. " " .. translate("Not valid domain name, please re-enter!")
end
end
end
return value
end
domain_list.description = "<br /><ul><li>" .. translate("Plaintext: If this string matches any part of the targeting domain, this rule takes effet. Example: rule 'sina.com' matches targeting domain 'sina.com', 'sina.com.cn' and 'www.sina.com', but not 'sina.cn'.")
.. "</li><li>" .. translate("Regular expression: Begining with 'regexp:', the rest is a regular expression. When the regexp matches targeting domain, this rule takes effect. Example: rule 'regexp:\\.goo.*\\.com$' matches 'www.google.com' and 'fonts.googleapis.com', but not 'google.com'.")
.. "</li><li>" .. translate("Subdomain (recommended): Begining with 'domain:' and the rest is a domain. When the targeting domain is exactly the value, or is a subdomain of the value, this rule takes effect. Example: rule 'domain:v2ray.com' matches 'www.v2ray.com', 'v2ray.com', but not 'xv2ray.com'.")
.. "</li><li>" .. translate("Full domain: Begining with 'full:' and the rest is a domain. When the targeting domain is exactly the value, the rule takes effect. Example: rule 'domain:v2ray.com' matches 'v2ray.com', but not 'www.v2ray.com'.")
.. "</li><li>" .. translate("Pre-defined domain list: Begining with 'geosite:' and the rest is a name, such as geosite:google or geosite:cn.")
.. "</li><li>" .. translate("Domains from file: Such as 'ext:file:tag'. The value must begin with ext: (lowercase), and followed by filename and tag. The file is placed in resource directory, and has the same format of geosite.dat. The tag must exist in the file.")
.. "</li></ul>"
ip_list = s:option(TextValue, "ip_list", "IP")
ip_list.rows = 10
ip_list.wrap = "off"
ip_list.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if ipmask:find("geoip:") and ipmask:find("geoip:") == 1 then
elseif ipmask:find("ext:") and ipmask:find("ext:") == 1 then
else
if not (datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask)) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end
end
return value
end
ip_list.description = "<br /><ul><li>" .. translate("IP: such as '127.0.0.1'.")
.. "</li><li>" .. translate("CIDR: such as '127.0.0.0/8'.")
.. "</li><li>" .. translate("GeoIP: such as 'geoip:cn'. It begins with geoip: (lower case) and followed by two letter of country code.")
.. "</li><li>" .. translate("IPs from file: Such as 'ext:file:tag'. The value must begin with ext: (lowercase), and followed by filename and tag. The file is placed in resource directory, and has the same format of geoip.dat. The tag must exist in the file.")
.. "</li></ul>"
return m

72
luci-app-passwall/luasrc/model/cbi/passwall/server/index.lua Normal file
View File

@ -0,0 +1,72 @@
local api = require "luci.passwall.api"
m = Map("passwall_server", translate("Server-Side"))
t = m:section(NamedSection, "global", "global")
t.anonymous = true
t.addremove = false
e = t:option(Flag, "enable", translate("Enable"))
e.rmempty = false
t = m:section(TypedSection, "user", translate("Users Manager"))
t.anonymous = true
t.addremove = true
t.sortable = true
t.template = "cbi/tblsection"
t.extedit = api.url("server_user", "%s")
function t.create(e, t)
local uuid = api.gen_uuid()
t = uuid
TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
function t.remove(e, t)
e.map.proceed = true
e.map:del(t)
luci.http.redirect(api.url("server"))
end
e = t:option(Flag, "enable", translate("Enable"))
e.width = "5%"
e.rmempty = false
e = t:option(DummyValue, "status", translate("Status"))
e.rawhtml = true
e.cfgvalue = function(t, n)
return string.format('<font class="_users_status">%s</font>', translate("Collecting data..."))
end
e = t:option(DummyValue, "remarks", translate("Remarks"))
e.width = "15%"
---- Type
e = t:option(DummyValue, "type", translate("Type"))
e.cfgvalue = function(t, n)
local v = Value.cfgvalue(t, n)
if v then
if v == "V2ray" or v == "Xray" then
local protocol = m:get(n, "protocol")
if protocol == "vmess" then
protocol = "VMess"
elseif protocol == "vless" then
protocol = "VLESS"
else
protocol = protocol:gsub("^%l",string.upper)
end
return v .. " -> " .. protocol
end
return v
end
end
e = t:option(DummyValue, "port", translate("Port"))
e = t:option(Flag, "log", translate("Log"))
e.default = "1"
e.rmempty = false
m:append(Template("passwall/server/log"))
m:append(Template("passwall/server/users_list_status"))
return m

746
luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua Normal file
View File

@ -0,0 +1,746 @@
local api = require "luci.passwall.api"
local ss_encrypt_method_list = {
"rc4-md5", "aes-128-cfb", "aes-192-cfb", "aes-256-cfb", "aes-128-ctr",
"aes-192-ctr", "aes-256-ctr", "bf-cfb", "camellia-128-cfb",
"camellia-192-cfb", "camellia-256-cfb", "salsa20", "chacha20",
"chacha20-ietf", -- aead
"aes-128-gcm", "aes-192-gcm", "aes-256-gcm", "chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305"
}
local ss_rust_encrypt_method_list = {
"plain", "none",
"aes-128-gcm", "aes-256-gcm", "chacha20-ietf-poly1305",
"2022-blake3-aes-128-gcm", "2022-blake3-aes-256-gcm", "2022-blake3-chacha8-poly1305", "2022-blake3-chacha20-poly1305"
}
local ssr_encrypt_method_list = {
"none", "table", "rc2-cfb", "rc4", "rc4-md5", "rc4-md5-6", "aes-128-cfb",
"aes-192-cfb", "aes-256-cfb", "aes-128-ctr", "aes-192-ctr", "aes-256-ctr",
"bf-cfb", "camellia-128-cfb", "camellia-192-cfb", "camellia-256-cfb",
"cast5-cfb", "des-cfb", "idea-cfb", "seed-cfb", "salsa20", "chacha20",
"chacha20-ietf"
}
local ssr_protocol_list = {
"origin", "verify_simple", "verify_deflate", "verify_sha1", "auth_simple",
"auth_sha1", "auth_sha1_v2", "auth_sha1_v4", "auth_aes128_md5",
"auth_aes128_sha1", "auth_chain_a", "auth_chain_b", "auth_chain_c",
"auth_chain_d", "auth_chain_e", "auth_chain_f"
}
local ssr_obfs_list = {
"plain", "http_simple", "http_post", "random_head", "tls_simple",
"tls1.0_session_auth", "tls1.2_ticket_auth"
}
local v_ss_encrypt_method_list = {
"aes-128-gcm", "aes-256-gcm", "chacha20-poly1305"
}
local x_ss_encrypt_method_list = {
"aes-128-gcm", "aes-256-gcm", "chacha20-poly1305", "xchacha20-poly1305", "2022-blake3-aes-128-gcm", "2022-blake3-aes-256-gcm", "2022-blake3-chacha20-poly1305"
}
local header_type_list = {
"none", "srtp", "utp", "wechat-video", "dtls", "wireguard"
}
local encrypt_methods_ss_aead = {
"chacha20-ietf-poly1305",
"aes-128-gcm",
"aes-256-gcm",
}
m = Map("passwall_server", translate("Server Config"))
m.redirect = api.url("server")
s = m:section(NamedSection, arg[1], "user", "")
s.addremove = false
s.dynamic = false
enable = s:option(Flag, "enable", translate("Enable"))
enable.default = "1"
enable.rmempty = false
remarks = s:option(Value, "remarks", translate("Remarks"))
remarks.default = translate("Remarks")
remarks.rmempty = false
type = s:option(ListValue, "type", translate("Type"))
if api.is_finded("microsocks") then
type:value("Socks", translate("Socks"))
end
if api.is_finded("ss-server") then
type:value("SS", translate("Shadowsocks"))
end
if api.is_finded("ssserver") then
type:value("SS-Rust", translate("Shadowsocks Rust"))
end
if api.is_finded("ssr-server") then
type:value("SSR", translate("ShadowsocksR"))
end
if api.is_finded("v2ray") then
type:value("V2ray", translate("V2ray"))
end
if api.is_finded("xray") then
type:value("Xray", translate("Xray"))
end
if api.is_finded("brook") then
type:value("Brook", translate("Brook"))
end
--[[
if api.is_finded("trojan-plus") or api.is_finded("trojan") then
type:value("Trojan", translate("Trojan"))
end
]]--
if api.is_finded("trojan-plus") then
type:value("Trojan-Plus", translate("Trojan-Plus"))
end
if api.is_finded("trojan-go") then
type:value("Trojan-Go", translate("Trojan-Go"))
end
if api.is_finded("hysteria") then
type:value("Hysteria", translate("Hysteria"))
end
protocol = s:option(ListValue, "protocol", translate("Protocol"))
protocol:value("vmess", "Vmess")
protocol:value("vless", "VLESS")
protocol:value("http", "HTTP")
protocol:value("socks", "Socks")
protocol:value("shadowsocks", "Shadowsocks")
protocol:value("trojan", "Trojan")
protocol:value("mtproto", "MTProto")
protocol:value("dokodemo-door", "dokodemo-door")
protocol:depends("type", "V2ray")
protocol:depends("type", "Xray")
-- Brook协议
brook_protocol = s:option(ListValue, "brook_protocol", translate("Protocol"))
brook_protocol:value("server", "Brook")
brook_protocol:value("wsserver", "WebSocket")
brook_protocol:depends("type", "Brook")
function brook_protocol.cfgvalue(self, section)
return m:get(section, "protocol")
end
function brook_protocol.write(self, section, value)
m:set(section, "protocol", value)
end
--brook_tls = s:option(Flag, "brook_tls", translate("Use TLS"))
--brook_tls:depends("brook_protocol", "wsserver")
port = s:option(Value, "port", translate("Listen Port"))
port.datatype = "port"
port.rmempty = false
auth = s:option(Flag, "auth", translate("Auth"))
auth.validate = function(self, value, t)
if value and value == "1" then
local user_v = username:formvalue(t) or ""
local pass_v = password:formvalue(t) or ""
if user_v == "" or pass_v == "" then
return nil, translate("Username and Password must be used together!")
end
end
return value
end
auth:depends("type", "Socks")
auth:depends({ type = "V2ray", protocol = "socks" })
auth:depends({ type = "V2ray", protocol = "http" })
auth:depends({ type = "Xray", protocol = "socks" })
auth:depends({ type = "Xray", protocol = "http" })
username = s:option(Value, "username", translate("Username"))
username:depends("auth", true)
password = s:option(Value, "password", translate("Password"))
password.password = true
password:depends("auth", true)
password:depends("type", "SS")
password:depends("type", "SS-Rust")
password:depends("type", "SSR")
password:depends("type", "Brook")
password:depends({ type = "V2ray", protocol = "shadowsocks" })
password:depends({ type = "Xray", protocol = "shadowsocks" })
mtproto_password = s:option(Value, "mtproto_password", translate("Password"), translate("The MTProto protocol must be 32 characters and can only contain characters from 0 to 9 and a to f."))
mtproto_password:depends({ type = "V2ray", protocol = "mtproto" })
mtproto_password:depends({ type = "Xray", protocol = "mtproto" })
mtproto_password.default = arg[1]
function mtproto_password.cfgvalue(self, section)
return m:get(section, "password")
end
function mtproto_password.write(self, section, value)
m:set(section, "password", value)
end
d_protocol = s:option(ListValue, "d_protocol", translate("Destination protocol"))
d_protocol:value("tcp", "TCP")
d_protocol:value("udp", "UDP")
d_protocol:value("tcp,udp", "TCP,UDP")
d_protocol:depends({ type = "V2ray", protocol = "dokodemo-door" })
d_protocol:depends({ type = "Xray", protocol = "dokodemo-door" })
d_address = s:option(Value, "d_address", translate("Destination address"))
d_address:depends({ type = "V2ray", protocol = "dokodemo-door" })
d_address:depends({ type = "Xray", protocol = "dokodemo-door" })
d_port = s:option(Value, "d_port", translate("Destination port"))
d_port.datatype = "port"
d_port:depends({ type = "V2ray", protocol = "dokodemo-door" })
d_port:depends({ type = "Xray", protocol = "dokodemo-door" })
decryption = s:option(Value, "decryption", translate("Encrypt Method"))
decryption.default = "none"
decryption:depends({ type = "V2ray", protocol = "vless" })
decryption:depends({ type = "Xray", protocol = "vless" })
hysteria_protocol = s:option(ListValue, "hysteria_protocol", translate("Protocol"))
hysteria_protocol:value("udp", "UDP")
hysteria_protocol:value("faketcp", "faketcp")
hysteria_protocol:value("wechat-video", "wechat-video")
hysteria_protocol:depends("type", "Hysteria")
function hysteria_protocol.cfgvalue(self, section)
return m:get(section, "protocol")
end
function hysteria_protocol.write(self, section, value)
m:set(section, "protocol", value)
end
hysteria_obfs = s:option(Value, "hysteria_obfs", translate("Obfs Password"))
hysteria_obfs:depends("type", "Hysteria")
hysteria_auth_type = s:option(ListValue, "hysteria_auth_type", translate("Auth Type"))
hysteria_auth_type:value("disable", translate("Disable"))
hysteria_auth_type:value("string", translate("STRING"))
hysteria_auth_type:depends("type", "Hysteria")
hysteria_auth_password = s:option(Value, "hysteria_auth_password", translate("Auth Password"))
hysteria_auth_password.password = true
hysteria_auth_password:depends("hysteria_auth_type", "string")
hysteria_alpn = s:option(Value, "hysteria_alpn", translate("QUIC TLS ALPN"))
hysteria_alpn:depends("type", "Hysteria")
hysteria_udp = s:option(Flag, "hysteria_udp", translate("UDP"))
hysteria_udp.default = "1"
hysteria_udp:depends("type", "Hysteria")
hysteria_up_mbps = s:option(Value, "hysteria_up_mbps", translate("Max upload Mbps"))
hysteria_up_mbps.default = "10"
hysteria_up_mbps:depends("type", "Hysteria")
hysteria_down_mbps = s:option(Value, "hysteria_down_mbps", translate("Max download Mbps"))
hysteria_down_mbps.default = "50"
hysteria_down_mbps:depends("type", "Hysteria")
hysteria_recv_window_conn = s:option(Value, "hysteria_recv_window_conn", translate("QUIC stream receive window"))
hysteria_recv_window_conn:depends("type", "Hysteria")
hysteria_recv_window = s:option(Value, "hysteria_recv_window", translate("QUIC connection receive window"))
hysteria_recv_window:depends("type", "Hysteria")
hysteria_disable_mtu_discovery = s:option(Flag, "hysteria_disable_mtu_discovery", translate("Disable MTU detection"))
hysteria_disable_mtu_discovery:depends("type", "Hysteria")
ss_encrypt_method = s:option(ListValue, "ss_encrypt_method", translate("Encrypt Method"))
for a, t in ipairs(ss_encrypt_method_list) do ss_encrypt_method:value(t) end
ss_encrypt_method:depends("type", "SS")
function ss_encrypt_method.cfgvalue(self, section)
return m:get(section, "method")
end
function ss_encrypt_method.write(self, section, value)
m:set(section, "method", value)
end
ss_rust_encrypt_method = s:option(ListValue, "ss_rust_encrypt_method", translate("Encrypt Method"))
for a, t in ipairs(ss_rust_encrypt_method_list) do ss_rust_encrypt_method:value(t) end
ss_rust_encrypt_method:depends("type", "SS-Rust")
function ss_rust_encrypt_method.cfgvalue(self, section)
return m:get(section, "method")
end
function ss_rust_encrypt_method.write(self, section, value)
m:set(section, "method", value)
end
ssr_encrypt_method = s:option(ListValue, "ssr_encrypt_method", translate("Encrypt Method"))
for a, t in ipairs(ssr_encrypt_method_list) do ssr_encrypt_method:value(t) end
ssr_encrypt_method:depends("type", "SSR")
function ssr_encrypt_method.cfgvalue(self, section)
return m:get(section, "method")
end
function ssr_encrypt_method.write(self, section, value)
m:set(section, "method", value)
end
v_ss_encrypt_method = s:option(ListValue, "v_ss_encrypt_method", translate("Encrypt Method"))
for a, t in ipairs(v_ss_encrypt_method_list) do v_ss_encrypt_method:value(t) end
v_ss_encrypt_method:depends({ type = "V2ray", protocol = "shadowsocks" })
function v_ss_encrypt_method.cfgvalue(self, section)
return m:get(section, "method")
end
function v_ss_encrypt_method.write(self, section, value)
m:set(section, "method", value)
end
x_ss_encrypt_method = s:option(ListValue, "x_ss_encrypt_method", translate("Encrypt Method"))
for a, t in ipairs(x_ss_encrypt_method_list) do x_ss_encrypt_method:value(t) end
x_ss_encrypt_method:depends({ type = "Xray", protocol = "shadowsocks" })
function x_ss_encrypt_method.cfgvalue(self, section)
return m:get(section, "method")
end
function x_ss_encrypt_method.write(self, section, value)
m:set(section, "method", value)
end
iv_check = s:option(Flag, "iv_check", translate("IV Check"))
iv_check:depends({ type = "V2ray", protocol = "shadowsocks" })
iv_check:depends({ type = "Xray", protocol = "shadowsocks" })
ss_network = s:option(ListValue, "ss_network", translate("Transport"))
ss_network.default = "tcp,udp"
ss_network:value("tcp", "TCP")
ss_network:value("udp", "UDP")
ss_network:value("tcp,udp", "TCP,UDP")
ss_network:depends({ type = "V2ray", protocol = "shadowsocks" })
ss_network:depends({ type = "Xray", protocol = "shadowsocks" })
ssr_protocol = s:option(ListValue, "ssr_protocol", translate("Protocol"))
for a, t in ipairs(ssr_protocol_list) do ssr_protocol:value(t) end
ssr_protocol:depends("type", "SSR")
function ssr_protocol.cfgvalue(self, section)
return m:get(section, "protocol")
end
function ssr_protocol.write(self, section, value)
m:set(section, "protocol", value)
end
protocol_param = s:option(Value, "protocol_param", translate("Protocol_param"))
protocol_param:depends("type", "SSR")
obfs = s:option(ListValue, "obfs", translate("Obfs"))
for a, t in ipairs(ssr_obfs_list) do obfs:value(t) end
obfs:depends("type", "SSR")
obfs_param = s:option(Value, "obfs_param", translate("Obfs_param"))
obfs_param:depends("type", "SSR")
timeout = s:option(Value, "timeout", translate("Connection Timeout"))
timeout.datatype = "uinteger"
timeout.default = 300
timeout:depends("type", "SS")
timeout:depends("type", "SS-Rust")
timeout:depends("type", "SSR")
udp_forward = s:option(Flag, "udp_forward", translate("UDP Forward"))
udp_forward.default = "1"
udp_forward.rmempty = false
udp_forward:depends("type", "SSR")
udp_forward:depends({ type = "V2ray", protocol = "socks" })
udp_forward:depends({ type = "Xray", protocol = "socks" })
uuid = s:option(DynamicList, "uuid", translate("ID") .. "/" .. translate("Password"))
for i = 1, 3 do
uuid:value(api.gen_uuid(1))
end
uuid:depends({ type = "V2ray", protocol = "vmess" })
uuid:depends({ type = "V2ray", protocol = "vless" })
uuid:depends({ type = "V2ray", protocol = "trojan" })
uuid:depends({ type = "Xray", protocol = "vmess" })
uuid:depends({ type = "Xray", protocol = "vless" })
uuid:depends({ type = "Xray", protocol = "trojan" })
uuid:depends("type", "Trojan")
uuid:depends("type", "Trojan-Go")
uuid:depends("type", "Trojan-Plus")
tls = s:option(Flag, "tls", translate("TLS"))
tls.default = 0
tls.validate = function(self, value, t)
if value then
local type = type:formvalue(t) or ""
if value == "0" and (type == "Trojan" or type == "Trojan-Plus") then
return nil, translate("Original Trojan only supported 'tls', please choose 'tls'.")
end
if value == "1" then
local ca = tls_certificateFile:formvalue(t) or ""
local key = tls_keyFile:formvalue(t) or ""
if ca == "" or key == "" then
return nil, translate("Public key and Private key path can not be empty!")
end
end
return value
end
end
tls:depends({ type = "V2ray", protocol = "vmess" })
tls:depends({ type = "V2ray", protocol = "vless" })
tls:depends({ type = "V2ray", protocol = "socks" })
tls:depends({ type = "V2ray", protocol = "shadowsocks" })
tls:depends({ type = "V2ray", protocol = "trojan" })
tls:depends({ type = "Xray", protocol = "vmess" })
tls:depends({ type = "Xray", protocol = "vless" })
tls:depends({ type = "Xray", protocol = "socks" })
tls:depends({ type = "Xray", protocol = "shadowsocks" })
tls:depends({ type = "Xray", protocol = "trojan" })
tls:depends("type", "Trojan")
tls:depends("type", "Trojan-Plus")
tls:depends("type", "Trojan-Go")
tlsflow = s:option(Value, "tlsflow", translate("flow"))
tlsflow.default = ""
tlsflow:value("", translate("Disable"))
tlsflow:value("xtls-rprx-vision")
tlsflow:value("xtls-rprx-vision-udp443")
tlsflow:depends({ type = "Xray", protocol = "vless", tls = true })
alpn = s:option(ListValue, "alpn", translate("alpn"))
alpn.default = "h2,http/1.1"
alpn:value("h2,http/1.1")
alpn:value("h2")
alpn:value("http/1.1")
alpn:depends({ type = "V2ray", tls = true })
alpn:depends({ type = "Xray", tls = true })
-- minversion = s:option(Value, "minversion", translate("minversion"))
-- minversion.default = "1.3"
-- minversion:value("1.3")
-- minversion:depends("tls", true)
-- [[ TLS部分 ]] --
tls_certificateFile = s:option(FileUpload, "tls_certificateFile", translate("Public key absolute path"), translate("as:") .. "/etc/ssl/fullchain.pem")
tls_certificateFile.validate = function(self, value, t)
if value and value ~= "" then
if not nixio.fs.access(value) then
return nil, translate("Can't find this file!")
else
return value
end
end
return nil
end
tls_certificateFile.default = "/etc/config/ssl/" .. arg[1] .. ".pem"
tls_certificateFile:depends("tls", true)
tls_certificateFile:depends("type", "Hysteria")
tls_keyFile = s:option(FileUpload, "tls_keyFile", translate("Private key absolute path"), translate("as:") .. "/etc/ssl/private.key")
tls_keyFile.validate = function(self, value, t)
if value and value ~= "" then
if not nixio.fs.access(value) then
return nil, translate("Can't find this file!")
else
return value
end
end
return nil
end
tls_keyFile.default = "/etc/config/ssl/" .. arg[1] .. ".key"
tls_keyFile:depends("tls", true)
tls_keyFile:depends("type", "Hysteria")
tls_sessionTicket = s:option(Flag, "tls_sessionTicket", translate("Session Ticket"))
tls_sessionTicket.default = "0"
tls_sessionTicket:depends({ type = "Trojan", tls = true })
tls_sessionTicket:depends({ type = "Trojan-Plus", tls = true })
tls_sessionTicket:depends({ type = "Trojan-Go", tls = true })
transport = s:option(ListValue, "transport", translate("Transport"))
transport:value("tcp", "TCP")
transport:value("mkcp", "mKCP")
transport:value("ws", "WebSocket")
transport:value("h2", "HTTP/2")
transport:value("ds", "DomainSocket")
transport:value("quic", "QUIC")
transport:value("grpc", "gRPC")
transport:depends({ type = "V2ray", protocol = "vmess" })
transport:depends({ type = "V2ray", protocol = "vless" })
transport:depends({ type = "V2ray", protocol = "socks" })
transport:depends({ type = "V2ray", protocol = "shadowsocks" })
transport:depends({ type = "V2ray", protocol = "trojan" })
transport:depends({ type = "Xray", protocol = "vmess" })
transport:depends({ type = "Xray", protocol = "vless" })
transport:depends({ type = "Xray", protocol = "socks" })
transport:depends({ type = "Xray", protocol = "shadowsocks" })
transport:depends({ type = "Xray", protocol = "trojan" })
trojan_transport = s:option(ListValue, "trojan_transport", translate("Transport"))
trojan_transport:value("original", translate("Original"))
trojan_transport:value("ws", "WebSocket")
trojan_transport.default = "original"
trojan_transport:depends("type", "Trojan-Go")
trojan_plugin = s:option(ListValue, "plugin_type", translate("Transport Plugin"))
trojan_plugin:value("plaintext", "Plain Text")
trojan_plugin:value("shadowsocks", "ShadowSocks")
trojan_plugin:value("other", "Other")
trojan_plugin.default = "plaintext"
trojan_plugin:depends({ tls = false, trojan_transport = "original" })
trojan_plugin_cmd = s:option(Value, "plugin_cmd", translate("Plugin Binary"))
trojan_plugin_cmd.placeholder = "eg: /usr/bin/v2ray-plugin"
trojan_plugin_cmd:depends({ plugin_type = "shadowsocks" })
trojan_plugin_cmd:depends({ plugin_type = "other" })
trojan_plugin_op = s:option(Value, "plugin_option", translate("Plugin Option"))
trojan_plugin_op.placeholder = "eg: obfs=http;obfs-host=www.baidu.com"
trojan_plugin_op:depends({ plugin_type = "shadowsocks" })
trojan_plugin_op:depends({ plugin_type = "other" })
trojan_plugin_arg = s:option(DynamicList, "plugin_arg", translate("Plugin Option Args"))
trojan_plugin_arg.placeholder = "eg: [\"-config\", \"test.json\"]"
trojan_plugin_arg:depends({ plugin_type = "shadowsocks" })
trojan_plugin_arg:depends({ plugin_type = "other" })
-- [[ WebSocket部分 ]]--
ws_host = s:option(Value, "ws_host", translate("WebSocket Host"))
ws_host:depends("transport", "ws")
ws_host:depends("ss_transport", "ws")
ws_host:depends("trojan_transport", "ws")
ws_path = s:option(Value, "ws_path", translate("WebSocket Path"))
ws_path:depends("transport", "ws")
ws_path:depends("ss_transport", "ws")
ws_path:depends("trojan_transport", "ws")
ws_path:depends({ type = "Brook", brook_protocol = "wsserver" })
-- [[ HTTP/2部分 ]]--
h2_host = s:option(Value, "h2_host", translate("HTTP/2 Host"))
h2_host:depends("transport", "h2")
h2_host:depends("ss_transport", "h2")
h2_host:depends("trojan_transport", "h2")
h2_path = s:option(Value, "h2_path", translate("HTTP/2 Path"))
h2_path:depends("transport", "h2")
h2_path:depends("ss_transport", "h2")
h2_path:depends("trojan_transport", "h2")
-- [[ TCP部分 ]]--
-- TCP伪装
tcp_guise = s:option(ListValue, "tcp_guise", translate("Camouflage Type"))
tcp_guise:value("none", "none")
tcp_guise:value("http", "http")
tcp_guise:depends("transport", "tcp")
-- HTTP域名
tcp_guise_http_host = s:option(DynamicList, "tcp_guise_http_host", translate("HTTP Host"))
tcp_guise_http_host:depends("tcp_guise", "http")
-- HTTP路径
tcp_guise_http_path = s:option(DynamicList, "tcp_guise_http_path", translate("HTTP Path"))
tcp_guise_http_path:depends("tcp_guise", "http")
-- [[ mKCP部分 ]]--
mkcp_guise = s:option(ListValue, "mkcp_guise", translate("Camouflage Type"), translate('<br />none: default, no masquerade, data sent is packets with no characteristics.<br />srtp: disguised as an SRTP packet, it will be recognized as video call data (such as FaceTime).<br />utp: packets disguised as uTP will be recognized as bittorrent downloaded data.<br />wechat-video: packets disguised as WeChat video calls.<br />dtls: disguised as DTLS 1.2 packet.<br />wireguard: disguised as a WireGuard packet. (not really WireGuard protocol)'))
for a, t in ipairs(header_type_list) do mkcp_guise:value(t) end
mkcp_guise:depends("transport", "mkcp")
mkcp_mtu = s:option(Value, "mkcp_mtu", translate("KCP MTU"))
mkcp_mtu.default = "1350"
mkcp_mtu:depends("transport", "mkcp")
mkcp_tti = s:option(Value, "mkcp_tti", translate("KCP TTI"))
mkcp_tti.default = "20"
mkcp_tti:depends("transport", "mkcp")
mkcp_uplinkCapacity = s:option(Value, "mkcp_uplinkCapacity", translate("KCP uplinkCapacity"))
mkcp_uplinkCapacity.default = "5"
mkcp_uplinkCapacity:depends("transport", "mkcp")
mkcp_downlinkCapacity = s:option(Value, "mkcp_downlinkCapacity", translate("KCP downlinkCapacity"))
mkcp_downlinkCapacity.default = "20"
mkcp_downlinkCapacity:depends("transport", "mkcp")
mkcp_congestion = s:option(Flag, "mkcp_congestion", translate("KCP Congestion"))
mkcp_congestion:depends("transport", "mkcp")
mkcp_readBufferSize = s:option(Value, "mkcp_readBufferSize", translate("KCP readBufferSize"))
mkcp_readBufferSize.default = "1"
mkcp_readBufferSize:depends("transport", "mkcp")
mkcp_writeBufferSize = s:option(Value, "mkcp_writeBufferSize", translate("KCP writeBufferSize"))
mkcp_writeBufferSize.default = "1"
mkcp_writeBufferSize:depends("transport", "mkcp")
mkcp_seed = s:option(Value, "mkcp_seed", translate("KCP Seed"))
mkcp_seed:depends("transport", "mkcp")
-- [[ DomainSocket部分 ]]--
ds_path = s:option(Value, "ds_path", "Path", translate("A legal file path. This file must not exist before running."))
ds_path:depends("transport", "ds")
-- [[ QUIC部分 ]]--
quic_security = s:option(ListValue, "quic_security", translate("Encrypt Method"))
quic_security:value("none")
quic_security:value("aes-128-gcm")
quic_security:value("chacha20-poly1305")
quic_security:depends("transport", "quic")
quic_key = s:option(Value, "quic_key", translate("Encrypt Method") .. translate("Key"))
quic_key:depends("transport", "quic")
quic_guise = s:option(ListValue, "quic_guise", translate("Camouflage Type"))
for a, t in ipairs(header_type_list) do quic_guise:value(t) end
quic_guise:depends("transport", "quic")
-- [[ gRPC部分 ]]--
grpc_serviceName = s:option(Value, "grpc_serviceName", "ServiceName")
grpc_serviceName:depends("transport", "grpc")
acceptProxyProtocol = s:option(Flag, "acceptProxyProtocol", translate("acceptProxyProtocol"), translate("Whether to receive PROXY protocol, when this node want to be fallback or forwarded by proxy, it must be enable, otherwise it cannot be used."))
acceptProxyProtocol:depends({ type = "V2ray", transport = "tcp" })
acceptProxyProtocol:depends({ type = "V2ray", transport = "ws" })
acceptProxyProtocol:depends({ type = "Xray", transport = "tcp" })
acceptProxyProtocol:depends({ type = "Xray", transport = "ws" })
-- [[ Fallback部分 ]]--
fallback = s:option(Flag, "fallback", translate("Fallback"))
fallback:depends({ type = "V2ray", protocol = "vless", transport = "tcp" })
fallback:depends({ type = "V2ray", protocol = "trojan", transport = "tcp" })
fallback:depends({ type = "Xray", protocol = "vless", transport = "tcp" })
fallback:depends({ type = "Xray", protocol = "trojan", transport = "tcp" })
--[[
fallback_alpn = s:option(Value, "fallback_alpn", "Fallback alpn")
fallback_alpn:depends("fallback", true)
fallback_path = s:option(Value, "fallback_path", "Fallback path")
fallback_path:depends("fallback", true)
fallback_dest = s:option(Value, "fallback_dest", "Fallback dest")
fallback_dest:depends("fallback", true)
fallback_xver = s:option(Value, "fallback_xver", "Fallback xver")
fallback_xver.default = 0
fallback_xver:depends("fallback", true)
]]--
fallback_list = s:option(DynamicList, "fallback_list", "Fallback", translate("dest,path"))
fallback_list:depends("fallback", true)
ss_aead = s:option(Flag, "ss_aead", translate("Shadowsocks secondary encryption"))
ss_aead:depends("type", "Trojan-Go")
ss_aead.default = "0"
ss_aead_method = s:option(ListValue, "ss_aead_method", translate("Encrypt Method"))
for _, v in ipairs(encrypt_methods_ss_aead) do ss_aead_method:value(v, v) end
ss_aead_method.default = "aes-128-gcm"
ss_aead_method:depends("ss_aead", true)
ss_aead_pwd = s:option(Value, "ss_aead_pwd", translate("Password"))
ss_aead_pwd.password = true
ss_aead_pwd:depends("ss_aead", true)
tcp_fast_open = s:option(Flag, "tcp_fast_open", translate("TCP Fast Open"))
tcp_fast_open.default = "0"
tcp_fast_open:depends("type", "SS")
tcp_fast_open:depends("type", "SS-Rust")
tcp_fast_open:depends("type", "SSR")
tcp_fast_open:depends("type", "Trojan")
tcp_fast_open:depends("type", "Trojan-Plus")
tcp_fast_open:depends("type", "Trojan-Go")
remote_enable = s:option(Flag, "remote_enable", translate("Enable Remote"), translate("You can forward to Nginx/Caddy/V2ray/Xray WebSocket and more."))
remote_enable.default = "1"
remote_enable.rmempty = false
remote_enable:depends("type", "Trojan")
remote_enable:depends("type", "Trojan-Plus")
remote_enable:depends("type", "Trojan-Go")
remote_address = s:option(Value, "remote_address", translate("Remote Address"))
remote_address.default = "127.0.0.1"
remote_address:depends("remote_enable", 1)
remote_port = s:option(Value, "remote_port", translate("Remote Port"))
remote_port.datatype = "port"
remote_port.default = "80"
remote_port:depends("remote_enable", 1)
bind_local = s:option(Flag, "bind_local", translate("Bind Local"), translate("When selected, it can only be accessed locally, It is recommended to turn on when using reverse proxies or be fallback."))
bind_local.default = "0"
bind_local:depends("type", "V2ray")
bind_local:depends("type", "Xray")
accept_lan = s:option(Flag, "accept_lan", translate("Accept LAN Access"), translate("When selected, it can accessed lan , this will not be safe!"))
accept_lan.default = "0"
accept_lan:depends("type", "V2ray")
accept_lan:depends("type", "Xray")
local nodes_table = {}
for k, e in ipairs(api.get_valid_nodes()) do
if e.node_type == "normal" and (e.type == "V2ray" or e.type == "Xray") then
nodes_table[#nodes_table + 1] = {
id = e[".name"],
remarks = e["remark"]
}
end
end
outbound_node = s:option(ListValue, "outbound_node", translate("outbound node"))
outbound_node:value("nil", translate("Close"))
outbound_node:value("_socks", translate("Custom Socks"))
outbound_node:value("_http", translate("Custom HTTP"))
outbound_node:value("_iface", translate("Custom Interface") .. " (Only Support Xray)")
for k, v in pairs(nodes_table) do outbound_node:value(v.id, v.remarks) end
outbound_node.default = "nil"
outbound_node:depends("type", "V2ray")
outbound_node:depends("type", "Xray")
outbound_node_address = s:option(Value, "outbound_node_address", translate("Address (Support Domain Name)"))
outbound_node_address:depends("outbound_node", "_socks")
outbound_node_address:depends("outbound_node", "_http")
outbound_node_port = s:option(Value, "outbound_node_port", translate("Port"))
outbound_node_port.datatype = "port"
outbound_node_port:depends("outbound_node", "_socks")
outbound_node_port:depends("outbound_node", "_http")
outbound_node_username = s:option(Value, "outbound_node_username", translate("Username"))
outbound_node_username:depends("outbound_node", "_socks")
outbound_node_username:depends("outbound_node", "_http")
outbound_node_password = s:option(Value, "outbound_node_password", translate("Password"))
outbound_node_password.password = true
outbound_node_password:depends("outbound_node", "_socks")
outbound_node_password:depends("outbound_node", "_http")
outbound_node_iface = s:option(Value, "outbound_node_iface", translate("Interface"))
outbound_node_iface.default = "eth1"
outbound_node_iface:depends("outbound_node", "_iface")
log = s:option(Flag, "log", translate("Log"))
log.default = "1"
log.rmempty = false
loglevel = s:option(ListValue, "loglevel", translate("Log Level"))
loglevel.default = "warning"
loglevel:value("debug")
loglevel:value("info")
loglevel:value("warning")
loglevel:value("error")
loglevel:depends({ type = "V2ray", log = true })
loglevel:depends({ type = "Xray", log = true })
trojan_loglevel = s:option(ListValue, "trojan_loglevel", translate("Log Level"))
trojan_loglevel.default = "2"
trojan_loglevel:value("0", "all")
trojan_loglevel:value("1", "info")
trojan_loglevel:value("2", "warn")
trojan_loglevel:value("3", "error")
trojan_loglevel:value("4", "fatal")
function trojan_loglevel.cfgvalue(self, section)
return m:get(section, "loglevel")
end
function trojan_loglevel.write(self, section, value)
m:set(section, "loglevel", value)
end
trojan_loglevel:depends({ type = "Trojan", log = true })
trojan_loglevel:depends({ type = "Trojan-Plus", log = true })
trojan_loglevel:depends({ type = "Trojan-Go", log = true })
return m

933
luci-app-passwall/luasrc/passwall/api.lua Normal file
View File

@ -0,0 +1,933 @@
module("luci.passwall.api", package.seeall)
local com = require "luci.passwall.com"
bin = require "nixio".bin
fs = require "nixio.fs"
sys = require "luci.sys"
uci = require"luci.model.uci".cursor()
util = require "luci.util"
datatypes = require "luci.cbi.datatypes"
jsonc = require "luci.jsonc"
i18n = require "luci.i18n"
appname = "passwall"
curl_args = { "-skfL", "--connect-timeout 3", "--retry 3", "-m 60" }
command_timeout = 300
OPENWRT_ARCH = nil
DISTRIB_ARCH = nil
LOG_FILE = "/tmp/log/" .. appname .. ".log"
CACHE_PATH = "/tmp/etc/" .. appname .. "_tmp"
function log(...)
local result = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
local f, err = io.open(LOG_FILE, "a")
if f and err == nil then
f:write(result .. "\n")
f:close()
end
end
function exec_call(cmd)
local process = io.popen(cmd .. '; echo -e "\n$?"')
local lines = {}
local result = ""
local return_code
for line in process:lines() do
lines[#lines + 1] = line
end
process:close()
if #lines > 0 then
return_code = lines[#lines]
for i = 1, #lines - 1 do
result = result .. lines[i] .. ((i == #lines - 1) and "" or "\n")
end
end
return tonumber(return_code), trim(result)
end
function base64Decode(text)
local raw = text
if not text then return '' end
text = text:gsub("%z", "")
text = text:gsub("%c", "")
text = text:gsub("_", "/")
text = text:gsub("-", "+")
local mod4 = #text % 4
text = text .. string.sub('====', mod4 + 1)
local result = nixio.bin.b64decode(text)
if result then
return result:gsub("%z", "")
else
return raw
end
end
function curl_base(url, file, args)
if not args then args = {} end
if file then
args[#args + 1] = "-o " .. file
end
local cmd = string.format('curl %s "%s"', table_join(args), url)
return exec_call(cmd)
end
function curl_proxy(url, file, args)
--使用代理
local socks_server = luci.sys.exec("[ -f /tmp/etc/passwall/TCP_SOCKS_server ] && echo -n $(cat /tmp/etc/passwall/TCP_SOCKS_server) || echo -n ''")
if socks_server ~= "" then
if not args then args = {} end
local tmp_args = clone(args)
tmp_args[#tmp_args + 1] = "-x socks5h://" .. socks_server
return curl_base(url, file, tmp_args)
end
return nil, nil
end
function curl_logic(url, file, args)
local return_code, result = curl_proxy(url, file, args)
if not return_code or return_code ~= 0 then
return_code, result = curl_base(url, file, args)
end
return return_code, result
end
function url(...)
local url = string.format("admin/services/%s", appname)
local args = { ... }
for i, v in pairs(args) do
if v ~= "" then
url = url .. "/" .. v
end
end
return require "luci.dispatcher".build_url(url)
end
function trim(s)
return (s:gsub("^%s*(.-)%s*$", "%1"))
end
function is_exist(table, value)
for index, k in ipairs(table) do
if k == value then
return true
end
end
return false
end
function repeat_exist(table, value)
local count = 0
for index, k in ipairs(table) do
if k:find("-") and k == value then
count = count + 1
end
end
if count > 1 then
return true
end
return false
end
function remove(...)
for index, value in ipairs({...}) do
if value and #value > 0 and value ~= "/" then
sys.call(string.format("rm -rf %s", value))
end
end
end
function is_install(package)
if package and #package > 0 then
return sys.call(string.format('opkg list-installed | grep "%s" > /dev/null 2>&1', package)) == 0
end
return false
end
function get_args(arg)
local var = {}
for i, arg_k in pairs(arg) do
if i > 0 then
local v = arg[i + 1]
if v then
if repeat_exist(arg, v) == false then
var[arg_k] = v
end
end
end
end
return var
end
function get_function_args(arg)
local var = nil
if arg and #arg > 1 then
local param = {}
for i = 2, #arg do
param[#param + 1] = arg[i]
end
var = get_args(param)
end
return var
end
function strToTable(str)
if str == nil or type(str) ~= "string" then
return {}
end
return loadstring("return " .. str)()
end
function is_normal_node(e)
if e and e.type and e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
return false
end
return true
end
function is_special_node(e)
return is_normal_node(e) == false
end
function is_ip(val)
if is_ipv6(val) then
val = get_ipv6_only(val)
end
return datatypes.ipaddr(val)
end
function is_ipv6(val)
local str = val
local address = val:match('%[(.*)%]')
if address then
str = address
end
if datatypes.ip6addr(str) then
return true
end
return false
end
function is_ipv6addrport(val)
if is_ipv6(val) then
local address, port = val:match('%[(.*)%]:([^:]+)$')
if port then
return datatypes.port(port)
end
end
return false
end
function get_ipv6_only(val)
local result = ""
if is_ipv6(val) then
result = val
if val:match('%[(.*)%]') then
result = val:match('%[(.*)%]')
end
end
return result
end
function get_ipv6_full(val)
local result = ""
if is_ipv6(val) then
result = val
if not val:match('%[(.*)%]') then
result = "[" .. result .. "]"
end
end
return result
end
function get_ip_type(val)
if is_ipv6(val) then
return "6"
elseif datatypes.ip4addr(val) then
return "4"
end
return ""
end
function is_mac(val)
return datatypes.macaddr(val)
end
function ip_or_mac(val)
if val then
if get_ip_type(val) == "4" then
return "ip"
end
if is_mac(val) then
return "mac"
end
end
return ""
end
function iprange(val)
if val then
local ipStart, ipEnd = val:match("^([^/]+)-([^/]+)$")
if (ipStart and datatypes.ip4addr(ipStart)) and (ipEnd and datatypes.ip4addr(ipEnd)) then
return true
end
end
return false
end
function get_domain_from_url(url)
local domain = string.match(url, "//([^/]+)")
if domain then
return domain
end
return url
end
function get_valid_nodes()
local nodes_ping = uci_get_type("global_other", "nodes_ping") or ""
local nodes = {}
uci:foreach(appname, "nodes", function(e)
e.id = e[".name"]
if e.type and e.remarks then
if e.protocol and (e.protocol == "_balancing" or e.protocol == "_shunt" or e.protocol == "_iface") then
e["remark"] = "%s[%s] " % {i18n.translatef(e.type .. e.protocol), e.remarks}
e["node_type"] = "special"
nodes[#nodes + 1] = e
end
if e.port and e.address then
local address = e.address
if is_ip(address) or datatypes.hostname(address) then
local type = e.type
if (type == "V2ray" or type == "Xray") and e.protocol then
local protocol = e.protocol
if protocol == "vmess" then
protocol = "VMess"
elseif protocol == "vless" then
protocol = "VLESS"
else
protocol = protocol:gsub("^%l",string.upper)
end
type = type .. " " .. protocol
end
if is_ipv6(address) then address = get_ipv6_full(address) end
e["remark"] = "%s[%s]" % {type, e.remarks}
if nodes_ping:find("info") then
e["remark"] = "%s[%s] %s:%s" % {type, e.remarks, address, e.port}
end
e.node_type = "normal"
nodes[#nodes + 1] = e
end
end
end
end)
return nodes
end
function get_node_remarks(n)
local remarks = ""
if n then
if n.protocol and (n.protocol == "_balancing" or n.protocol == "_shunt" or n.protocol == "_iface") then
remarks = "%s[%s] " % {i18n.translatef(n.type .. n.protocol), n.remarks}
else
local type2 = n.type
if (n.type == "V2ray" or n.type == "Xray") and n.protocol then
local protocol = n.protocol
if protocol == "vmess" then
protocol = "VMess"
elseif protocol == "vless" then
protocol = "VLESS"
else
protocol = protocol:gsub("^%l",string.upper)
end
type2 = type2 .. " " .. protocol
end
remarks = "%s[%s]" % {type2, n.remarks}
end
end
return remarks
end
function get_full_node_remarks(n)
local remarks = get_node_remarks(n)
if #remarks > 0 then
if n.address and n.port then
remarks = remarks .. " " .. n.address .. ":" .. n.port
end
end
return remarks
end
function gen_uuid(format)
local uuid = sys.exec("echo -n $(cat /proc/sys/kernel/random/uuid)")
if format == nil then
uuid = string.gsub(uuid, "-", "")
end
return uuid
end
function gen_short_uuid()
return sys.exec("echo -n $(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8)")
end
function uci_get_type(type, config, default)
local value = uci:get_first(appname, type, config, default) or sys.exec("echo -n $(uci -q get " .. appname .. ".@" .. type .."[0]." .. config .. ")")
if (value == nil or value == "") and (default and default ~= "") then
value = default
end
return value
end
function uci_get_type_id(id, config, default)
local value = uci:get(appname, id, config, default) or sys.exec("echo -n $(uci -q get " .. appname .. "." .. id .. "." .. config .. ")")
if (value == nil or value == "") and (default and default ~= "") then
value = default
end
return value
end
local function chmod_755(file)
if file and file ~= "" then
if not fs.access(file, "rwx", "rx", "rx") then
fs.chmod(file, 755)
end
end
end
function get_customed_path(e)
return uci_get_type("global_app", e .. "_file")
end
function is_finded(e)
return luci.sys.exec('type -t -p "/bin/%s" -p "/usr/bin/%s" -p "%s" "%s"' % {e, e, get_customed_path(e), e}) ~= "" and true or false
end
function clone(org)
local function copy(org, res)
for k,v in pairs(org) do
if type(v) ~= "table" then
res[k] = v;
else
res[k] = {};
copy(v, res[k])
end
end
end
local res = {}
copy(org, res)
return res
end
local function get_bin_version_cache(file, cmd)
sys.call("mkdir -p /tmp/etc/passwall_tmp")
if fs.access(file) then
chmod_755(file)
local md5 = sys.exec("echo -n $(md5sum " .. file .. " | awk '{print $1}')")
if fs.access("/tmp/etc/passwall_tmp/" .. md5) then
return sys.exec("echo -n $(cat /tmp/etc/passwall_tmp/%s)" % md5)
else
local version = sys.exec(string.format("echo -n $(%s %s)", file, cmd))
if version and version ~= "" then
sys.call("echo '" .. version .. "' > " .. "/tmp/etc/passwall_tmp/" .. md5)
return version
end
end
end
return ""
end
function get_app_path(app_name)
local def_path = com[app_name].default_path
local path = uci_get_type("global_app", app_name:gsub("%-","_") .. "_file")
path = path and (#path>0 and path or def_path) or def_path
return path
end
function get_app_version(app_name, file)
if file == nil then file = get_app_path(app_name) end
return get_bin_version_cache(file, com[app_name].cmd_version)
end
local function is_file(path)
if path and #path > 1 then
if sys.exec('[ -f "%s" ] && echo -n 1' % path) == "1" then
return true
end
end
return nil
end
local function is_dir(path)
if path and #path > 1 then
if sys.exec('[ -d "%s" ] && echo -n 1' % path) == "1" then
return true
end
end
return nil
end
local function get_final_dir(path)
if is_dir(path) then
return path
else
return get_final_dir(fs.dirname(path))
end
end
local function get_free_space(dir)
if dir == nil then dir = "/" end
if sys.call("df -k " .. dir .. " >/dev/null 2>&1") == 0 then
return tonumber(sys.exec("echo -n $(df -k " .. dir .. " | awk 'NR>1' | awk '{print $4}')"))
end
return 0
end
local function get_file_space(file)
if file == nil then return 0 end
if fs.access(file) then
return tonumber(sys.exec("echo -n $(du -k " .. file .. " | awk '{print $1}')"))
end
return 0
end
function _unpack(t, i)
i = i or 1
if t[i] ~= nil then return t[i], _unpack(t, i + 1) end
end
function table_join(t, s)
if not s then
s = " "
end
local str = ""
for index, value in ipairs(t) do
str = str .. t[index] .. (index == #t and "" or s)
end
return str
end
local function exec(cmd, args, writer, timeout)
local os = require "os"
local nixio = require "nixio"
local fdi, fdo = nixio.pipe()
local pid = nixio.fork()
if pid > 0 then
fdo:close()
if writer or timeout then
local starttime = os.time()
while true do
if timeout and os.difftime(os.time(), starttime) >= timeout then
nixio.kill(pid, nixio.const.SIGTERM)
return 1
end
if writer then
local buffer = fdi:read(2048)
if buffer and #buffer > 0 then
writer(buffer)
end
end
local wpid, stat, code = nixio.waitpid(pid, "nohang")
if wpid and stat == "exited" then return code end
if not writer and timeout then nixio.nanosleep(1) end
end
else
local wpid, stat, code = nixio.waitpid(pid)
return wpid and stat == "exited" and code
end
elseif pid == 0 then
nixio.dup(fdo, nixio.stdout)
fdi:close()
fdo:close()
nixio.exece(cmd, args, nil)
nixio.stdout:close()
os.exit(1)
end
end
function compare_versions(ver1, comp, ver2)
local table = table
if not ver1 then ver1 = "" end
if not ver2 then ver2 = "" end
local av1 = util.split(ver1, "[%.%-]", nil, true)
local av2 = util.split(ver2, "[%.%-]", nil, true)
local max = table.getn(av1)
local n2 = table.getn(av2)
if (max < n2) then max = n2 end
for i = 1, max, 1 do
local s1 = tonumber(av1[i] or 0) or 0
local s2 = tonumber(av2[i] or 0) or 0
if comp == "~=" and (s1 ~= s2) then return true end
if (comp == "<" or comp == "<=") and (s1 < s2) then return true end
if (comp == ">" or comp == ">=") and (s1 > s2) then return true end
if (s1 ~= s2) then return false end
end
return not (comp == "<" or comp == ">")
end
local function auto_get_arch()
local arch = nixio.uname().machine or ""
if not OPENWRT_ARCH and fs.access("/usr/lib/os-release") then
OPENWRT_ARCH = sys.exec("echo -n $(grep 'OPENWRT_ARCH' /usr/lib/os-release | awk -F '[\\042\\047]' '{print $2}')")
if OPENWRT_ARCH == "" then OPENWRT_ARCH = nil end
end
if not DISTRIB_ARCH and fs.access("/etc/openwrt_release") then
DISTRIB_ARCH = sys.exec("echo -n $(grep 'DISTRIB_ARCH' /etc/openwrt_release | awk -F '[\\042\\047]' '{print $2}')")
if DISTRIB_ARCH == "" then DISTRIB_ARCH = nil end
end
if arch:match("^i[%d]86$") then
arch = "x86"
elseif arch:match("armv5") then -- armv5l
arch = "armv5"
elseif arch:match("armv6") then
arch = "armv6"
elseif arch:match("armv7") then -- armv7l
arch = "armv7"
end
if OPENWRT_ARCH or DISTRIB_ARCH then
if arch == "mips" then
if OPENWRT_ARCH and OPENWRT_ARCH:match("mipsel") == "mipsel"
or DISTRIB_ARCH and DISTRIB_ARCH:match("mipsel") == "mipsel" then
arch = "mipsel"
end
elseif arch == "armv7" then
if OPENWRT_ARCH and not OPENWRT_ARCH:match("vfp") and not OPENWRT_ARCH:match("neon")
or DISTRIB_ARCH and not DISTRIB_ARCH:match("vfp") and not DISTRIB_ARCH:match("neon") then
arch = "armv5"
end
end
end
return util.trim(arch)
end
function parseURL(url)
if not url or url == "" then
return nil
end
local pattern = "^(%w+)://"
local protocol = url:match(pattern)
if not protocol then
--error("Invalid URL: " .. url)
return nil
end
local auth_host_port = url:sub(#protocol + 4)
local auth_pattern = "^([^@]+)@"
local auth = auth_host_port:match(auth_pattern)
local username, password
if auth then
username, password = auth:match("^([^:]+):([^:]+)$")
auth_host_port = auth_host_port:sub(#auth + 2)
end
local host, port = auth_host_port:match("^([^:]+):(%d+)$")
if not host or not port then
--error("Invalid URL: " .. url)
return nil
end
return {
protocol = protocol,
username = username,
password = password,
host = host,
port = tonumber(port)
}
end
local default_file_tree = {
x86_64 = "amd64",
x86 = "386",
aarch64 = "arm64",
mips = "mips",
mipsel = "mipsle",
armv5 = "arm.*5",
armv6 = "arm.*6[^4]*",
armv7 = "arm.*7",
armv8 = "arm64"
}
local function get_api_json(url)
local jsonc = require "luci.jsonc"
local return_code, content = curl_logic(url, nil, curl_args)
if return_code ~= 0 or content == "" then return {} end
return jsonc.parse(content) or {}
end
local function check_path(app_name)
local path = get_app_path(app_name) or ""
if path == "" then
return {
code = 1,
error = i18n.translatef("You did not fill in the %s path. Please save and apply then update manually.", app_name)
}
end
return {
code = 0,
app_path = path
}
end
function to_check(arch, app_name)
local result = check_path(app_name)
if result.code ~= 0 then
return result
end
if not arch or arch == "" then arch = auto_get_arch() end
local file_tree = com[app_name].file_tree[arch] or default_file_tree[arch] or ""
if file_tree == "" then
return {
code = 1,
error = i18n.translate("Can't determine ARCH, or ARCH not supported.")
}
end
local local_version = get_app_version(app_name)
local match_file_name = string.format(com[app_name].match_fmt_str, file_tree)
local json = get_api_json(com[app_name]:get_url())
if #json > 0 then
json = json[1]
end
if json.tag_name == nil then
return {
code = 1,
error = i18n.translate("Get remote version info failed.")
}
end
local remote_version = json.tag_name
local has_update = compare_versions(local_version:match("[^v]+"), "<", remote_version:match("[^v]+"))
if not has_update then
return {
code = 0,
local_version = local_version,
remote_version = remote_version
}
end
local asset = {}
for _, v in ipairs(json.assets) do
if v.name and v.name:match(match_file_name) then
asset = v
break
end
end
if not asset.browser_download_url then
return {
code = 1,
local_version = local_version,
remote_version = remote_version,
html_url = json.html_url,
data = asset,
error = i18n.translate("New version found, but failed to get new version download url.")
}
end
return {
code = 0,
has_update = true,
local_version = local_version,
remote_version = remote_version,
html_url = json.html_url,
data = asset
}
end
function to_download(app_name, url, size)
local result = check_path(app_name)
if result.code ~= 0 then
return result
end
if not url or url == "" then
return {code = 1, error = i18n.translate("Download url is required.")}
end
sys.call("/bin/rm -f /tmp/".. app_name .."_download.*")
local tmp_file = util.trim(util.exec("mktemp -u -t ".. app_name .."_download.XXXXXX"))
if size then
local kb1 = get_free_space("/tmp")
if tonumber(size) > tonumber(kb1) then
return {code = 1, error = i18n.translatef("%s not enough space.", "/tmp")}
end
end
local return_code, result = curl_logic(url, tmp_file, curl_args)
result = return_code == 0
if not result then
exec("/bin/rm", {"-f", tmp_file})
return {
code = 1,
error = i18n.translatef("File download failed or timed out: %s", url)
}
end
return {code = 0, file = tmp_file, zip = com[app_name].zipped }
end
function to_extract(app_name, file, subfix)
local result = check_path(app_name)
if result.code ~= 0 then
return result
end
if not file or file == "" or not fs.access(file) then
return {code = 1, error = i18n.translate("File path required.")}
end
if sys.exec("echo -n $(opkg list-installed | grep -c unzip)") ~= "1" then
exec("/bin/rm", {"-f", file})
return {
code = 1,
error = i18n.translate("Not installed unzip, Can't unzip!")
}
end
sys.call("/bin/rm -rf /tmp/".. app_name .."_extract.*")
local new_file_size = get_file_space(file)
local tmp_free_size = get_free_space("/tmp")
if tmp_free_size <= 0 or tmp_free_size <= new_file_size then
return {code = 1, error = i18n.translatef("%s not enough space.", "/tmp")}
end
local tmp_dir = util.trim(util.exec("mktemp -d -t ".. app_name .."_extract.XXXXXX"))
local output = {}
exec("/usr/bin/unzip", {"-o", file, app_name, "-d", tmp_dir},
function(chunk) output[#output + 1] = chunk end)
local files = util.split(table.concat(output))
exec("/bin/rm", {"-f", file})
return {code = 0, file = tmp_dir}
end
function to_move(app_name,file)
local result = check_path(app_name)
if result.code ~= 0 then
return result
end
local app_path = result.app_path
local bin_path = file
local cmd_rm_tmp = "/bin/rm -rf /tmp/" .. app_name .. "_download.*"
if fs.stat(file, "type") == "dir" then
bin_path = file .. "/" .. app_name
cmd_rm_tmp = "/bin/rm -rf /tmp/" .. app_name .. "_extract.*"
end
if not file or file == "" then
sys.call(cmd_rm_tmp)
return {code = 1, error = i18n.translate("Client file is required.")}
end
local new_version = get_app_version(app_name, bin_path)
if new_version == "" then
sys.call(cmd_rm_tmp)
return {
code = 1,
error = i18n.translate("The client file is not suitable for current device.")..app_name.."__"..bin_path
}
end
local flag = sys.call('pgrep -af "passwall/.*'.. app_name ..'" >/dev/null')
if flag == 0 then
sys.call("/etc/init.d/passwall stop")
end
local old_app_size = 0
if fs.access(app_path) then
old_app_size = get_file_space(app_path)
end
local new_app_size = get_file_space(bin_path)
local final_dir = get_final_dir(app_path)
local final_dir_free_size = get_free_space(final_dir)
if final_dir_free_size > 0 then
final_dir_free_size = final_dir_free_size + old_app_size
if new_app_size > final_dir_free_size then
sys.call(cmd_rm_tmp)
return {code = 1, error = i18n.translatef("%s not enough space.", final_dir)}
end
end
result = exec("/bin/mv", { "-f", bin_path, app_path }, nil, command_timeout) == 0
sys.call(cmd_rm_tmp)
if flag == 0 then
sys.call("/etc/init.d/passwall restart >/dev/null 2>&1 &")
end
if not result or not fs.access(app_path) then
return {
code = 1,
error = i18n.translatef("Can't move new file to path: %s", app_path)
}
end
return {code = 0}
end
function get_version()
return sys.exec("echo -n $(opkg info luci-app-passwall |grep 'Version'|awk '{print $2}')")
end
function to_check_self()
local url = "https://raw.githubusercontent.com/xiaorouji/openwrt-passwall/luci/luci-app-passwall/Makefile"
local tmp_file = "/tmp/passwall_makefile"
local return_code, result = curl_logic(url, tmp_file, curl_args)
result = return_code == 0
if not result then
exec("/bin/rm", {"-f", tmp_file})
return {
code = 1,
error = i18n.translatef("Failed")
}
end
local local_version = get_version()
local remote_version = sys.exec("echo -n $(grep 'PKG_VERSION' /tmp/passwall_makefile|awk -F '=' '{print $2}')")
local has_update = compare_versions(local_version, "<", remote_version)
if not has_update then
return {
code = 0,
local_version = local_version,
remote_version = remote_version
}
end
return {
code = 1,
has_update = true,
local_version = local_version,
remote_version = remote_version,
error = i18n.translatef("The latest version: %s, currently does not support automatic update, if you need to update, please compile or download the ipk and then manually install.", remote_version)
}
end

99
luci-app-passwall/luasrc/passwall/com.lua Normal file
View File

@ -0,0 +1,99 @@
local _M = {}
local function gh_release_url(self)
return "https://api.github.com/repos/" .. self.repo .. "/releases/latest"
end
local function gh_pre_release_url(self)
return "https://api.github.com/repos/" .. self.repo .. "/releases?per_page=1"
end
_M.brook = {
name = "Brook",
repo = "txthinking/brook",
get_url = gh_release_url,
cmd_version = "-v | awk '{print $3}'",
zipped = false,
default_path = "/usr/bin/brook",
match_fmt_str = "linux_%s$",
file_tree = {}
}
_M.hysteria = {
name = "Hysteria",
repo = "HyNetwork/hysteria",
get_url = gh_release_url,
cmd_version = "-v | awk '{print $3}'",
zipped = false,
default_path = "/usr/bin/hysteria",
match_fmt_str = "linux%%-%s$",
file_tree = {
armv6 = "arm",
armv7 = "arm"
}
}
_M["trojan-go"] = {
name = "Trojan-Go",
repo = "p4gefau1t/trojan-go",
get_url = gh_release_url,
cmd_version = "-version | awk '{print $2}' | sed -n 1P",
zipped = true,
default_path = "/usr/bin/trojan-go",
match_fmt_str = "linux%%-%s%%.zip",
file_tree = {
aarch64 = "armv8",
armv8 = "armv8",
mips = "mips%-hardfloat",
mipsel = "mipsle%-hardfloat"
}
}
_M.v2ray = {
name = "V2ray",
repo = "v2fly/v2ray-core",
get_url = gh_pre_release_url,
cmd_version = "version | awk '{print $2}' | sed -n 1P",
zipped = true,
default_path = "/usr/bin/v2ray",
match_fmt_str = "linux%%-%s",
file_tree = {
x86_64 = "64",
x86 = "32",
mips = "mips32",
mipsel = "mips32le"
}
}
_M.xray = {
name = "Xray",
repo = "XTLS/Xray-core",
get_url = gh_pre_release_url,
cmd_version = _M.v2ray.cmd_version,
zipped = true,
default_path = "/usr/bin/xray",
match_fmt_str = _M.v2ray.match_fmt_str,
file_tree = _M.v2ray.file_tree
}
_M["chinadns-ng"] = {
name = "ChinaDNS-NG",
repo = "zfl9/chinadns-ng",
get_url = gh_release_url,
cmd_version = "-V | awk '{print $2}'",
zipped = false,
default_path = "/usr/bin/chinadns-ng",
match_fmt_str = "%s$",
file_tree = {
x86_64 = "x86_64",
x86 = "i686",
mipsel = "mipsel",
aarch64 = "aarch64",
armv5 = "arm%-eabi",
armv6 = "armv6%-eabihf",
armv7 = "armv7l%-eabihf",
armv8 = "aarch64"
}
}
return _M

235
luci-app-passwall/luasrc/passwall/server_app.lua Normal file
View File

@ -0,0 +1,235 @@
#!/usr/bin/lua
local action = arg[1]
local api = require "luci.passwall.api"
local sys = api.sys
local uci = api.uci
local jsonc = api.jsonc
local CONFIG = "passwall_server"
local CONFIG_PATH = "/tmp/etc/" .. CONFIG
local NFT_INCLUDE_FILE = CONFIG_PATH .. "/" .. CONFIG .. ".nft"
local LOG_APP_FILE = "/tmp/log/" .. CONFIG .. ".log"
local TMP_BIN_PATH = CONFIG_PATH .. "/bin"
local require_dir = "luci.passwall."
local ipt_bin = sys.exec("echo -n $(/usr/share/passwall/iptables.sh get_ipt_bin)")
local ip6t_bin = sys.exec("echo -n $(/usr/share/passwall/iptables.sh get_ip6t_bin)")
local nft_flag = api.is_finded("fw4") and "1" or "0"
local function log(...)
local f, err = io.open(LOG_APP_FILE, "a")
if f and err == nil then
local str = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
f:write(str .. "\n")
f:close()
end
end
local function cmd(cmd)
sys.call(cmd)
end
local function ipt(arg)
cmd(ipt_bin .. " -w " .. arg)
end
local function ip6t(arg)
cmd(ip6t_bin .. " -w " .. arg)
end
local function ln_run(s, d, command, output)
if not output then
output = "/dev/null"
end
d = TMP_BIN_PATH .. "/" .. d
cmd(string.format('[ ! -f "%s" ] && ln -s %s %s 2>/dev/null', d, s, d))
return string.format("%s >%s 2>&1 &", d .. " " .. command, output)
end
local function gen_include()
cmd(string.format("echo '#!/bin/sh' > /tmp/etc/%s.include", CONFIG))
local function extract_rules(n, a)
local _ipt = ipt_bin
if n == "6" then
_ipt = ip6t_bin
end
local result = "*" .. a
result = result .. "\n" .. sys.exec(_ipt .. '-save -t ' .. a .. ' | grep "PSW-SERVER" | sed -e "s/^-A \\(INPUT\\)/-I \\1 1/"')
result = result .. "COMMIT"
return result
end
local f, err = io.open("/tmp/etc/" .. CONFIG .. ".include", "a")
if f and err == nil then
if nft_flag == "0" then
f:write(ipt_bin .. '-save -c | grep -v "PSW-SERVER" | ' .. ipt_bin .. '-restore -c' .. "\n")
f:write(ipt_bin .. '-restore -n <<-EOT' .. "\n")
f:write(extract_rules("4", "filter") .. "\n")
f:write("EOT" .. "\n")
f:write(ip6t_bin .. '-save -c | grep -v "PSW-SERVER" | ' .. ip6t_bin .. '-restore -c' .. "\n")
f:write(ip6t_bin .. '-restore -n <<-EOT' .. "\n")
f:write(extract_rules("6", "filter") .. "\n")
f:write("EOT" .. "\n")
f:close()
else
f:write("nft -f " .. NFT_INCLUDE_FILE .. "\n")
f:close()
end
end
end
local function start()
local enabled = tonumber(uci:get(CONFIG, "@global[0]", "enable") or 0)
if enabled == nil or enabled == 0 then
return
end
cmd(string.format("mkdir -p %s %s", CONFIG_PATH, TMP_BIN_PATH))
cmd(string.format("touch %s", LOG_APP_FILE))
if nft_flag == "0" then
ipt("-N PSW-SERVER")
ipt("-I INPUT -j PSW-SERVER")
ip6t("-N PSW-SERVER")
ip6t("-I INPUT -j PSW-SERVER")
else
nft_file, err = io.open(NFT_INCLUDE_FILE, "w")
nft_file:write('#!/usr/sbin/nft -f\n')
nft_file:write('add chain inet fw4 PSW-SERVER\n')
nft_file:write('flush chain inet fw4 PSW-SERVER\n')
nft_file:write('insert rule inet fw4 input position 0 jump PSW-SERVER comment "PSW-SERVER"\n')
end
uci:foreach(CONFIG, "user", function(user)
local id = user[".name"]
local enable = user.enable
if enable and tonumber(enable) == 1 then
local enable_log = user.log
local log_path = nil
if enable_log and enable_log == "1" then
log_path = CONFIG_PATH .. "/" .. id .. ".log"
else
log_path = nil
end
local remarks = user.remarks
local port = tonumber(user.port)
local bin
local config = {}
local config_file = CONFIG_PATH .. "/" .. id .. ".json"
local udp_forward = 1
local type = user.type or ""
if type == "Socks" then
local auth = ""
if user.auth and user.auth == "1" then
local username = user.username or ""
local password = user.password or ""
if username ~= "" and password ~= "" then
username = "-u " .. username
password = "-P " .. password
auth = username .. " " .. password
end
end
bin = ln_run("/usr/bin/microsocks", "microsocks_" .. id, string.format("-i :: -p %s %s", port, auth), log_path)
elseif type == "SS" or type == "SSR" then
config = require(require_dir .. "util_shadowsocks").gen_config_server(user)
local udp_param = ""
udp_forward = tonumber(user.udp_forward) or 1
if udp_forward == 1 then
udp_param = "-u"
end
type = type:lower()
bin = ln_run("/usr/bin/" .. type .. "-server", type .. "-server", "-c " .. config_file .. " " .. udp_param, log_path)
elseif type == "SS-Rust" then
config = require(require_dir .. "util_shadowsocks").gen_config_server(user)
bin = ln_run("/usr/bin/ssserver", "ssserver", "-c " .. config_file, log_path)
elseif type == "V2ray" then
config = require(require_dir .. "util_xray").gen_config_server(user)
bin = ln_run(api.get_app_path("v2ray"), "v2ray", "run -c " .. config_file, log_path)
elseif type == "Xray" then
config = require(require_dir .. "util_xray").gen_config_server(user)
bin = ln_run(api.get_app_path("xray"), "xray", "run -c " .. config_file, log_path)
elseif type == "Trojan" then
config = require(require_dir .. "util_trojan").gen_config_server(user)
bin = ln_run("/usr/sbin/trojan", "trojan", "-c " .. config_file, log_path)
elseif type == "Trojan-Plus" then
config = require(require_dir .. "util_trojan").gen_config_server(user)
bin = ln_run("/usr/sbin/trojan-plus", "trojan-plus", "-c " .. config_file, log_path)
elseif type == "Trojan-Go" then
config = require(require_dir .. "util_trojan").gen_config_server(user)
bin = ln_run(api.get_app_path("trojan-go"), "trojan-go", "-config " .. config_file, log_path)
elseif type == "Brook" then
local brook_protocol = user.protocol
local brook_password = user.password
local brook_path = user.ws_path or "/ws"
local brook_path_arg = ""
if brook_protocol == "wsserver" and brook_path then
brook_path_arg = " --path " .. brook_path
end
bin = ln_run(api.get_app_path("brook"), "brook_" .. id, string.format("--debug %s -l :%s -p %s%s", brook_protocol, port, brook_password, brook_path_arg), log_path)
elseif type == "Hysteria" then
config = require(require_dir .. "util_hysteria").gen_config_server(user)
bin = ln_run(api.get_app_path("hysteria"), "hysteria", "-c " .. config_file .. " server", log_path)
end
if next(config) then
local f, err = io.open(config_file, "w")
if f and err == nil then
f:write(jsonc.stringify(config, 1))
f:close()
end
log(string.format("%s %s 生成配置文件并运行 - %s", remarks, port, config_file))
end
if bin then
cmd(bin)
end
local bind_local = user.bind_local or 0
if bind_local and tonumber(bind_local) ~= 1 then
if nft_flag == "0" then
ipt(string.format('-A PSW-SERVER -p tcp --dport %s -m comment --comment "%s" -j ACCEPT', port, remarks))
ip6t(string.format('-A PSW-SERVER -p tcp --dport %s -m comment --comment "%s" -j ACCEPT', port, remarks))
if udp_forward == 1 then
ipt(string.format('-A PSW-SERVER -p udp --dport %s -m comment --comment "%s" -j ACCEPT', port, remarks))
ip6t(string.format('-A PSW-SERVER -p udp --dport %s -m comment --comment "%s" -j ACCEPT', port, remarks))
end
else
nft_file:write(string.format('add rule inet fw4 PSW-SERVER meta l4proto tcp tcp dport {%s} counter accept comment "%s"\n', port, remarks))
if udp_forward == 1 then
nft_file:write(string.format('add rule inet fw4 PSW-SERVER meta l4proto udp udp dport {%s} counter accept comment "%s"\n', port, remarks))
end
end
end
end
end)
if nft_flag == "1" then
nft_file:write("add rule inet fw4 PSW-SERVER return\n")
nft_file:close()
cmd("nft -f " .. NFT_INCLUDE_FILE)
end
gen_include()
end
local function stop()
cmd(string.format("top -bn1 | grep -v 'grep' | grep '%s/' | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1", CONFIG_PATH))
if nft_flag == "0" then
ipt("-D INPUT -j PSW-SERVER 2>/dev/null")
ipt("-F PSW-SERVER 2>/dev/null")
ipt("-X PSW-SERVER 2>/dev/null")
ip6t("-D INPUT -j PSW-SERVER 2>/dev/null")
ip6t("-F PSW-SERVER 2>/dev/null")
ip6t("-X PSW-SERVER 2>/dev/null")
else
local nft_cmd = "handles=$(nft -a list chain inet fw4 input | grep -E \"PSW-SERVER\" | awk -F '# handle ' '{print$2}')\n for handle in $handles; do\n nft delete rule inet fw4 input handle ${handle} 2>/dev/null\n done"
cmd(nft_cmd)
cmd("nft flush chain inet fw4 PSW-SERVER 2>/dev/null")
cmd("nft delete chain inet fw4 PSW-SERVER 2>/dev/null")
end
cmd(string.format("rm -rf %s %s /tmp/etc/%s.include", CONFIG_PATH, LOG_APP_FILE, CONFIG))
end
if action then
if action == "start" then
start()
elseif action == "stop" then
stop()
end
end

119
luci-app-passwall/luasrc/passwall/util_hysteria.lua Normal file
View File

@ -0,0 +1,119 @@
module("luci.passwall.util_hysteria", package.seeall)
local api = require "luci.passwall.api"
local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
local config = {
listen = ":" .. node.port,
protocol = node.protocol or "udp",
obfs = node.hysteria_obfs,
cert = node.tls_certificateFile,
key = node.tls_keyFile,
auth = (node.hysteria_auth_type == "string") and {
mode = "password",
config = {
password = node.hysteria_auth_password
}
} or nil,
disable_udp = (node.hysteria_udp == "0") and true or false,
alpn = node.hysteria_alpn or nil,
up_mbps = tonumber(node.hysteria_up_mbps) or 10,
down_mbps = tonumber(node.hysteria_down_mbps) or 50,
recv_window_conn = (node.hysteria_recv_window_conn) and tonumber(node.hysteria_recv_window_conn) or nil,
recv_window = (node.hysteria_recv_window) and tonumber(node.hysteria_recv_window) or nil,
disable_mtu_discovery = (node.hysteria_disable_mtu_discovery) and true or false
}
return config
end
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall", node_id)
local local_tcp_redir_port = var["-local_tcp_redir_port"]
local local_udp_redir_port = var["-local_udp_redir_port"]
local local_socks_address = var["-local_socks_address"] or "0.0.0.0"
local local_socks_port = var["-local_socks_port"]
local local_socks_username = var["-local_socks_username"]
local local_socks_password = var["-local_socks_password"]
local local_http_address = var["-local_http_address"] or "0.0.0.0"
local local_http_port = var["-local_http_port"]
local local_http_username = var["-local_http_username"]
local local_http_password = var["-local_http_password"]
local tcp_proxy_way = var["-tcp_proxy_way"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_full(server_host)
end
local server = server_host .. ":" .. server_port
if (node.hysteria_hop) then
server = server .. "," .. node.hysteria_hop
end
local config = {
server = server,
protocol = node.protocol or "udp",
obfs = node.hysteria_obfs,
auth = (node.hysteria_auth_type == "base64") and node.hysteria_auth_password or nil,
auth_str = (node.hysteria_auth_type == "string") and node.hysteria_auth_password or nil,
alpn = node.hysteria_alpn or nil,
server_name = node.tls_serverName,
insecure = (node.tls_allowInsecure == "1") and true or false,
up_mbps = tonumber(node.hysteria_up_mbps) or 10,
down_mbps = tonumber(node.hysteria_down_mbps) or 50,
retry = -1,
retry_interval = 5,
recv_window_conn = (node.hysteria_recv_window_conn) and tonumber(node.hysteria_recv_window_conn) or nil,
recv_window = (node.hysteria_recv_window) and tonumber(node.hysteria_recv_window) or nil,
handshake_timeout = (node.hysteria_handshake_timeout) and tonumber(node.hysteria_handshake_timeout) or nil,
idle_timeout = (node.hysteria_idle_timeout) and tonumber(node.hysteria_idle_timeout) or nil,
hop_interval = (node.hysteria_hop_interval) and tonumber(node.hysteria_hop_interval) or nil,
disable_mtu_discovery = (node.hysteria_disable_mtu_discovery) and true or false,
fast_open = (node.fast_open == "1") and true or false,
lazy_start = (node.hysteria_lazy_start) and true or false,
socks5 = (local_socks_address and local_socks_port) and {
listen = local_socks_address .. ":" .. local_socks_port,
timeout = 300,
disable_udp = false,
user = (local_socks_username and local_socks_password) and local_socks_username,
password = (local_socks_username and local_socks_password) and local_socks_password,
} or nil,
http = (local_http_address and local_http_port) and {
listen = local_http_address .. ":" .. local_http_port,
timeout = 300,
disable_udp = false,
user = (local_http_username and local_http_password) and local_http_username,
password = (local_http_username and local_http_password) and local_http_password,
} or nil,
redirect_tcp = ("redirect" == tcp_proxy_way and local_tcp_redir_port) and {
listen = "0.0.0.0:" .. local_tcp_redir_port,
timeout = 300
} or nil,
tproxy_tcp = ("tproxy" == tcp_proxy_way and local_tcp_redir_port) and {
listen = "0.0.0.0:" .. local_tcp_redir_port,
timeout = 300
} or nil,
tproxy_udp = (local_udp_redir_port) and {
listen = "0.0.0.0:" .. local_udp_redir_port,
timeout = 60
} or nil
}
return jsonc.stringify(config, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

39
luci-app-passwall/luasrc/passwall/util_naiveproxy.lua Normal file
View File

@ -0,0 +1,39 @@
module("luci.passwall.util_naiveproxy", package.seeall)
local api = require "luci.passwall.api"
local uci = api.uci
local jsonc = api.jsonc
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall", node_id)
local run_type = var["-run_type"]
local local_addr = var["-local_addr"]
local local_port = var["-local_port"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_full(server_host)
end
local server = server_host .. ":" .. server_port
local config = {
listen = run_type .. "://" .. local_addr .. ":" .. local_port,
proxy = node.protocol .. "://" .. node.username .. ":" .. node.password .. "@" .. server
}
return jsonc.stringify(config, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

144
luci-app-passwall/luasrc/passwall/util_shadowsocks.lua Normal file
View File

@ -0,0 +1,144 @@
module("luci.passwall.util_shadowsocks", package.seeall)
local api = require "luci.passwall.api"
local uci = api.uci
local jsonc = api.jsonc
function gen_config_server(node)
local config = {}
config.server_port = tonumber(node.port)
config.password = node.password
config.timeout = tonumber(node.timeout)
config.fast_open = (node.tcp_fast_open and node.tcp_fast_open == "1") and true or false
config.method = node.method
if node.type == "SS-Rust" then
config.server = "::"
config.mode = "tcp_and_udp"
else
config.server = {"[::0]", "0.0.0.0"}
end
if node.type == "SSR" then
config.protocol = node.protocol
config.protocol_param = node.protocol_param
config.obfs = node.obfs
config.obfs_param = node.obfs_param
end
return config
end
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall", node_id)
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
local local_addr = var["-local_addr"]
local local_port = var["-local_port"]
local mode = var["-mode"]
local local_socks_address = var["-local_socks_address"] or "0.0.0.0"
local local_socks_port = var["-local_socks_port"]
local local_socks_username = var["-local_socks_username"]
local local_socks_password = var["-local_socks_password"]
local local_http_address = var["-local_http_address"] or "0.0.0.0"
local local_http_port = var["-local_http_port"]
local local_http_username = var["-local_http_username"]
local local_http_password = var["-local_http_password"]
local local_tcp_redir_port = var["-local_tcp_redir_port"]
local local_tcp_redir_address = var["-local_tcp_redir_address"] or "0.0.0.0"
local local_udp_redir_port = var["-local_udp_redir_port"]
local local_udp_redir_address = var["-local_udp_redir_address"] or "0.0.0.0"
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_only(server_host)
end
local server = server_host
local config = {
server = server,
server_port = tonumber(server_port),
local_address = local_addr,
local_port = tonumber(local_port),
password = node.password,
method = node.method,
timeout = tonumber(node.timeout),
fast_open = (node.tcp_fast_open and node.tcp_fast_open == "true") and true or false,
reuse_port = true,
tcp_tproxy = var["-tcp_tproxy"] and true or nil
}
if node.type == "SS" then
if node.plugin and node.plugin ~= "none" then
config.plugin = node.plugin
config.plugin_opts = node.plugin_opts or nil
end
config.mode = mode
elseif node.type == "SSR" then
config.protocol = node.protocol
config.protocol_param = node.protocol_param
config.obfs = node.obfs
config.obfs_param = node.obfs_param
elseif node.type == "SS-Rust" then
config = {
servers = {
{
address = server,
port = tonumber(server_port),
method = node.method,
password = node.password,
timeout = tonumber(node.timeout),
plugin = (node.plugin and node.plugin ~= "none") and node.plugin or nil,
plugin_opts = (node.plugin and node.plugin ~= "none") and node.plugin_opts or nil
}
},
locals = {},
fast_open = (node.tcp_fast_open and node.tcp_fast_open == "true") and true or false
}
if local_socks_address and local_socks_port then
table.insert(config.locals, {
local_address = local_socks_address,
local_port = tonumber(local_socks_port),
mode = "tcp_and_udp"
})
end
if local_http_address and local_http_port then
table.insert(config.locals, {
protocol = "http",
local_address = local_http_address,
local_port = tonumber(local_http_port)
})
end
if local_tcp_redir_address and local_tcp_redir_port then
table.insert(config.locals, {
protocol = "redir",
mode = "tcp_only",
tcp_redir = var["-tcp_tproxy"] and "tproxy" or nil,
local_address = local_tcp_redir_address,
local_port = tonumber(local_tcp_redir_port)
})
end
if local_udp_redir_address and local_udp_redir_port then
table.insert(config.locals, {
protocol = "redir",
mode = "udp_only",
local_address = local_udp_redir_address,
local_port = tonumber(local_udp_redir_port)
})
end
end
return jsonc.stringify(config, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

158
luci-app-passwall/luasrc/passwall/util_trojan.lua Normal file
View File

@ -0,0 +1,158 @@
module("luci.passwall.util_trojan", package.seeall)
local api = require "luci.passwall.api"
local uci = api.uci
local json = api.jsonc
function gen_config_server(node)
local cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
local cipher13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384"
local config = {
run_type = "server",
local_addr = "::",
local_port = tonumber(node.port),
remote_addr = (node.remote_enable == "1" and node.remote_address) and node.remote_address or nil,
remote_port = (node.remote_enable == "1" and node.remote_port) and tonumber(node.remote_port) or nil,
password = node.uuid,
log_level = (node.log and node.log == "1") and tonumber(node.loglevel) or 5,
ssl = {
cert = node.tls_certificateFile,
key = node.tls_keyFile,
key_password = "",
cipher = cipher,
cipher_tls13 = cipher13,
prefer_server_cipher = true,
reuse_session = true,
session_ticket = (node.tls_sessionTicket == "1") and true or false,
session_timeout = 600,
plain_http_response = "",
curves = "",
dhparam = ""
},
tcp = {
prefer_ipv4 = false,
no_delay = true,
keep_alive = true,
reuse_port = false,
fast_open = (node.tcp_fast_open and node.tcp_fast_open == "1") and true or false,
fast_open_qlen = 20
}
}
if node.type == "Trojan-Go" then
config.ssl.cipher = nil
config.ssl.cipher_tls13 = nil
config.udp_timeout = 60
config.disable_http_check = true
config.transport_plugin = ((node.tls == nil or node.tls ~= "1") and node.trojan_transport == "original") and {
enabled = node.plugin_type ~= nil,
type = node.plugin_type or "plaintext",
command = node.plugin_type ~= "plaintext" and node.plugin_cmd or nil,
option = node.plugin_type ~= "plaintext" and node.plugin_option or nil,
arg = node.plugin_type ~= "plaintext" and { node.plugin_arg } or nil,
env = {}
} or nil
config.websocket = (node.trojan_transport == 'ws') and {
enabled = true,
path = node.ws_path or "/",
host = node.ws_host or ""
} or nil
config.shadowsocks = (node.ss_aead == "1") and {
enabled = true,
method = node.ss_aead_method or "aes_128_gcm",
password = node.ss_aead_pwd or ""
} or nil
end
return config
end
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall", node_id)
local run_type = var["-run_type"]
local local_addr = var["-local_addr"]
local local_port = var["-local_port"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
local loglevel = var["-loglevel"] or 2
local cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
local cipher13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384"
if api.is_ipv6(server_host) then
server_host = api.get_ipv6_only(server_host)
end
local server = server_host
local trojan = {
run_type = run_type,
local_addr = local_addr,
local_port = tonumber(local_port),
remote_addr = server,
remote_port = tonumber(server_port),
password = {node.password},
log_level = tonumber(loglevel),
ssl = {
verify = (node.tls_allowInsecure ~= "1") and true or false,
verify_hostname = true,
cert = nil,
cipher = cipher,
cipher_tls13 = cipher13,
sni = node.tls_serverName or server,
alpn = {"h2", "http/1.1"},
reuse_session = true,
session_ticket = (node.tls_sessionTicket and node.tls_sessionTicket == "1") and true or false,
curves = ""
},
udp_timeout = 60,
tcp = {
use_tproxy = (node.type == "Trojan-Plus" and var["-use_tproxy"]) and true or nil,
no_delay = true,
keep_alive = true,
reuse_port = true,
fast_open = (node.tcp_fast_open == "true") and true or false,
fast_open_qlen = 20
}
}
if node.type == "Trojan-Go" then
trojan.ssl.cipher = nil
trojan.ssl.cipher_tls13 = nil
trojan.ssl.fingerprint = (node.fingerprint ~= "disable") and node.fingerprint or ""
trojan.ssl.alpn = (node.trojan_transport == 'ws') and {} or {"h2", "http/1.1"}
if node.tls ~= "1" and node.trojan_transport == "original" then trojan.ssl = nil end
trojan.transport_plugin = ((not node.tls or node.tls ~= "1") and node.trojan_transport == "original") and {
enabled = node.plugin_type ~= nil,
type = node.plugin_type or "plaintext",
command = node.plugin_type ~= "plaintext" and node.plugin_cmd or nil,
option = node.plugin_type ~= "plaintext" and node.plugin_option or nil,
arg = node.plugin_type ~= "plaintext" and { node.plugin_arg } or nil,
env = {}
} or nil
trojan.websocket = (node.trojan_transport == 'ws') and {
enabled = true,
path = node.ws_path or "/",
host = node.ws_host or (node.tls_serverName or server)
} or nil
trojan.shadowsocks = (node.ss_aead == "1") and {
enabled = true,
method = node.ss_aead_method or "aes_128_gcm",
password = node.ss_aead_pwd or ""
} or nil
trojan.mux = (node.smux == "1") and {
enabled = true,
concurrency = tonumber(node.mux_concurrency),
idle_timeout = tonumber(node.smux_idle_timeout)
} or nil
end
return json.stringify(trojan, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

57
luci-app-passwall/luasrc/passwall/util_tuic.lua Normal file
View File

@ -0,0 +1,57 @@
module("luci.passwall.util_tuic", package.seeall)
local api = require "luci.passwall.api"
local uci = api.uci
local json = api.jsonc
function gen_config(var)
local node_id = var["-node"]
if not node_id then
print("-node 不能为空")
return
end
local node = uci:get_all("passwall", node_id)
local local_addr = var["-local_addr"]
local local_port = var["-local_port"]
local server_host = var["-server_host"] or node.address
local server_port = var["-server_port"] or node.port
local loglevel = var["-loglevel"] or "warn"
local tuic= {
relay = {
server = server_host .. ":" .. server_port,
ip = node.tuic_ip,
uuid = node.uuid,
password = node.tuic_password,
-- certificates = node.tuic_certificate and { node.tuic_certpath } or nil,
udp_relay_mode = node.tuic_udp_relay_mode,
congestion_control = node.tuic_congestion_control,
heartbeat = node.tuic_heartbeat .. "s",
timeout = node.tuic_timeout .. "s",
gc_interval = node.tuic_gc_interval .. "s",
gc_lifetime = node.tuic_gc_lifetime .. "s",
alpn = node.tuic_tls_alpn,
disable_sni = (node.tuic_disable_sni == "1"),
zero_rtt_handshake = (node.tuic_zero_rtt_handshake == "1"),
send_window = tonumber(node.tuic_send_window),
receive_window = tonumber(node.tuic_receive_window)
},
["local"] = {
server = "[::]:" .. local_port,
username = node.tuic_socks_username,
password = node.tuic_socks_password,
dual_stack = (node.tuic_dual_stack == "1") and true or false,
max_packet_size = tonumber(node.tuic_max_package_size)
},
log_level = loglevel
}
return json.stringify(tuic, 1)
end
_G.gen_config = gen_config
if arg[1] then
local func =_G[arg[1]]
if func then
print(func(api.get_function_args(arg)))
end
end

1301
luci-app-passwall/luasrc/passwall/util_xray.lua Normal file
View File

File diff suppressed because it is too large Load Diff

204
luci-app-passwall/luasrc/view/passwall/app_update/app_version.htm Normal file
View File

@ -0,0 +1,204 @@
<%
local api = require "luci.passwall.api"
local com = require "luci.passwall.com"
local version = {}
-%>
<script type="text/javascript">
//<![CDATA[
var appInfoList = new Array();
var inProgressCount = 0;
var tokenStr = '<%=token%>';
var checkUpdateText = '<%:Check update%>';
var noUpdateText = '<%:It is the latest version%>';
var updateSuccessText = '<%:Update successful%>';
var clickToUpdateText = '<%:Click to update%>';
var inProgressText = '<%:Updating...%>';
var unexpectedErrorText = '<%:Unexpected error%>';
var updateInProgressNotice = '<%:Updating, are you sure to close?%>';
var downloadingText = '<%:Downloading...%>';
var decompressioningText = '<%:Unpacking...%>';
var movingText = '<%:Moving...%>';
//window.onload = function () {};
function addPageNotice() {
if (inProgressCount === 0) {
window.onbeforeunload = function (e) {
e.returnValue = updateInProgressNotice;
return updateInProgressNotice;
};
}
inProgressCount++;
}
function removePageNotice() {
inProgressCount--;
if (inProgressCount === 0) {
window.onbeforeunload = undefined;
}
}
function onUpdateSuccess(btn) {
if (btn) {
btn.value = updateSuccessText;
btn.placeholder = updateSuccessText;
btn.disabled = true;
}
if (inProgressCount === 0) {
window.setTimeout(function () {
window.location.reload();
}, 1000);
}
}
function onRequestError(btn, errorMessage) {
btn.disabled = false;
btn.value = checkUpdateText;
var ckeckDetailElm = document.getElementById(btn.id + '-detail');
if (errorMessage && ckeckDetailElm) {
ckeckDetailElm.textContent = errorMessage
}
}
function onBtnClick(btn, app) {
if (appInfoList[app] === undefined) {
checkUpdate(btn, app);
} else {
doUpdate(btn, app);
}
}
function checkUpdate(btn, app) {
btn.disabled = true;
btn.value = inProgressText;
addPageNotice();
var ckeckDetailElm = document.getElementById(btn.id + '-detail');
if (ckeckDetailElm) {
ckeckDetailElm.textContent = "";
}
XHR.get('<%=api.url("check_")%>' + app, {
token: tokenStr,
arch: ''
}, function (x, json) {
removePageNotice();
if (json.code) {
appInfoList[app] = undefined;
onRequestError(btn, json.error);
} else {
if (json.has_update) {
appInfoList[app] = json;
btn.disabled = false;
btn.value = clickToUpdateText;
btn.placeholder = clickToUpdateText;
if (ckeckDetailElm) {
var urlNode = '';
if (json.remote_version) {
urlNode = '<em style="color:red;">' + json.remote_version + '</em>';
if (json.html_url) {
urlNode = '<a href="' + json.html_url + '" target="_blank">' + urlNode + '</a>';
}
}
ckeckDetailElm.innerHTML = urlNode;
}
} else {
btn.disabled = true;
btn.value = noUpdateText;
}
}
}, 300);
}
function doUpdate(btn, app) {
btn.disabled = true;
btn.value = downloadingText;
addPageNotice();
var appUpdateUrl = '<%=api.url("update_")%>' + app;
var appInfo = appInfoList[app];
// Download file
XHR.get(appUpdateUrl, {
token: tokenStr,
url: appInfo ? appInfo.data.browser_download_url : '',
size: appInfo ? appInfo.data.size / 1024 : null
}, function (x, json) {
if (json.code) {
removePageNotice();
onRequestError(btn, json.error);
} else if (json.zip) {
btn.value = decompressioningText;
// Extract file
XHR.get(appUpdateUrl, {
token: tokenStr,
task: 'extract',
file: json.file,
subfix: appInfo ? appInfo.type : ''
}, function (x, json) {
if (json.code) {
removePageNotice();
onRequestError(btn, json.error);
} else {
move(btn, appUpdateUrl, json.file);
}
}, 300)
} else {
move(btn, appUpdateUrl, json.file);
}
}, 300)
}
function move(btn, url, file) {
btn.value = movingText;
// Move file to target dir
XHR.get(url, {
token: tokenStr,
task: 'move',
file: file
}, function (x, json) {
removePageNotice();
if (json.code) {
onRequestError(btn, json.error);
} else {
onUpdateSuccess(btn);
}
}, 300)
}
//]]>
</script>
<div class="cbi-value">
<label class="cbi-value-title">Passwall <%:Version%></label>
<div class="cbi-value-field">
<div class="cbi-value-description">
<span><%=api.get_version()%> 】</span>
<input class="btn cbi-button cbi-button-apply" type="button" id="passwall-check_btn"
onclick="onBtnClick(this,'passwall');" value="<%:Check update%>" />
<span id="passwall-check_btn-detail"></span>
</div>
</div>
</div>
<%for k, v in pairs(com) do
version[k] = api.get_app_version(k)%>
<div class="cbi-value">
<label class="cbi-value-title"><%=v.name%>
<%:Version%>
</label>
<div class="cbi-value-field">
<div class="cbi-value-description">
<span><%=version[k] ~="" and version[k] or translate("Null") %> 】</span>
<input class="btn cbi-button cbi-button-apply" type="button" id="_<%=k%>-check_btn"
onclick="onBtnClick(this,'<%=k%>');" value="<%:Check update%>" />
<span id="_<%=k%>-check_btn-detail"></span>
</div>
</div>
</div>
<%end%>

23
luci-app-passwall/luasrc/view/passwall/auto_switch/footer.htm Normal file
View File

@ -0,0 +1,23 @@
<%
local api = require "luci.passwall.api"
-%>
<script type="text/javascript">
//<![CDATA[
function add_node_by_key() {
var key = prompt("<%:Please enter the node keyword, pay attention to distinguish between spaces, uppercase and lowercase.%>", "");
if (key) {
window.location.href = '<%=api.url("autoswitch_add_node")%>' + "?key=" + key;
}
}
function remove_node_by_key() {
var key = prompt("<%:Please enter the node keyword, pay attention to distinguish between spaces, uppercase and lowercase.%>", "");
if (key) {
window.location.href = '<%=api.url("autoswitch_remove_node")%>' + "?key=" + key;
}
}
//]]>
</script>
<input class="btn cbi-button cbi-button-add" type="button" onclick="add_node_by_key()" value="<%:Add nodes to the standby node list by keywords%>" />
<input class="btn cbi-button cbi-button-remove" type="button" onclick="remove_node_by_key()" value="<%:Delete nodes in the standby node list by keywords%>" />

43
luci-app-passwall/luasrc/view/passwall/global/faq.htm Normal file
View File

@ -0,0 +1,43 @@
<%
local api = require "luci.passwall.api"
-%>
<div class="cbi-section cbi-tblsection">
<div id="dns_div">
<ul><b style="color:red"><%:About DNS issues:%></b>
<li style="color:red">1. <span><%:Some browsers may have built-in DNS, be sure to close. Example: Chrome. Settings - Security and Privacy - Security - Use secure DNS disabled.%></span></li>
<li style="color:red">2. <span><%:Sometimes after restart, you can not internet, especially the GFW mode. At this time, close all browsers (important), Windows Client, please `ipconfig /flushdns`. Please close the WiFi on the phone, cut the flight mode and then cut back.%></span></li>
<li style="color:red">3. <span><%:The client DNS and the default gateway must point to this router.%></span></li>
<li style="color:red">4. <span><%:If you have a wrong DNS process, the consequences are at your own risk!%></span></li>
</ul>
</div>
<div id="div2"></div>
</div>
<script>
var origin = window.location.origin;
var reset_url = origin + "<%=api.url("reset_config")%>";
var hide_url = origin + "<%=api.url("hide")%>";
var show_url = origin + "<%=api.url("show")%>";
function reset(url) {
if (confirm('<%:Are you sure to reset?%>') == true) {
window.location.href = reset_url;
}
}
function hide(url) {
if (confirm('<%:Are you sure to hide?%>') == true) {
window.location.href = hide_url;
}
}
var dom = document.getElementById("div2");
if (dom) {
var li = "";
li += "<%:You can use load balancing for failover.%>" + "<br />";
li += "<%:Restore the default configuration method. Input example in the address bar:%>" + "<a href='#' onclick='reset()'>" + reset_url + "</a>" + "<br />";
li += "<%:Hide menu method, input example in the address bar:%>" + "<a href='#' onclick='hide()'>" + hide_url + "</a>" + "<br />";
li += "<%:After the hidden to the display, input example in the address bar:%>" + "<a href='#'>" + show_url + "</a>" + "<br />";
dom.innerHTML = li;
}
</script>

137
luci-app-passwall/luasrc/view/passwall/global/footer.htm Normal file
View File

@ -0,0 +1,137 @@
<%
local api = require "luci.passwall.api"
local auto_switch = api.uci_get_type("auto_switch", "enable", 0)
-%>
<script type="text/javascript">
//<![CDATA[
function go() {
var _status = document.getElementsByClassName('_status');
for (var i = 0; i < _status.length; i++) {
var id = _status[i].getAttribute("socks_id");
XHR.get('<%=api.url("socks_status")%>', {
index: i,
id: id
},
function(x, result) {
var index = result.index;
var div = '';
var div1 = '<font style="font-weight:bold;" color="green"></font>&nbsp';
var div2 = '<font style="font-weight:bold;" color="red">X</font>&nbsp';
if (result.socks_status) {
div += div1;
} else {
div += div2;
}
if (result.use_http) {
if (result.http_status) {
div += div1;
} else {
div += div2;
}
}
_status[index].innerHTML = div;
}
);
}
var global_id = null;
var global = document.getElementById("cbi-passwall-global");
if (global) {
var node = global.getElementsByClassName("cbi-section-node")[0];
var node_id = node.getAttribute("id");
global_id = node_id;
var reg1 = new RegExp("(?<=" + node_id + "-).*?(?=(_node))")
for (var i = 0; i < node.childNodes.length; i++) {
if (node.childNodes[i].childNodes && node.childNodes[i].childNodes.length > 0) {
for (var k = 0; k < node.childNodes[i].childNodes.length; k++) {
try {
var dom = node.childNodes[i].childNodes[k];
if (dom.id) {
var s = dom.id.match(reg1);
if (s) {
var cbi_id = global_id + "-"
var dom_id = dom.id.split(cbi_id).join(cbi_id.split("-").join(".")).split("cbi.").join("cbid.")
var node_select = document.getElementsByName(dom_id)[0];
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil" && node_select_value.indexOf("socks://") != 0 && node_select_value.indexOf("_default") != 0 && node_select_value.indexOf("_direct") != 0 && node_select_value.indexOf("_blackhole") != 0) {
if (global_id != null && node_select_value.indexOf("tcp") == 0) {
var d = global_id + "-tcp_node";
d = d.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var dom = document.getElementsByName(d)[0];
var _node_select_value = dom.value;
if (_node_select_value && _node_select_value != "nil") {
node_select_value = _node_select_value;
}
}
if (node_select.tagName == "INPUT") {
node_select = document.getElementById("cbi.combobox." + dom_id);
}
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick", "location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
var new_html = new_a.outerHTML;
if (s[0] == "tcp" || s[0] == "udp") {
var log_a = document.createElement("a");
log_a.innerHTML = "<%:Log%>";
log_a.href = "#";
log_a.setAttribute("onclick", "window.open('" + '<%=api.url("get_redir_log")%>' + "?proto=" + s[0] + "', '_blank')");
new_html += "&nbsp&nbsp" + log_a.outerHTML;
}
node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_html);
}
}
}
} catch(err) {
}
}
}
}
}
var socks = document.getElementById("cbi-passwall-socks");
if (socks) {
var socks_enabled_dom = document.getElementById(global_id + "-socks_enabled");
socks_enabled_dom.parentNode.removeChild(socks_enabled_dom);
var descr = socks.getElementsByClassName("cbi-section-descr")[0];
descr.outerHTML = socks_enabled_dom.outerHTML;
rows = socks.getElementsByClassName("cbi-section-table-row");
for (var i = 0; i < rows.length; i++) {
try {
var row = rows[i];
var id = row.id;
if (!id) continue;
var dom_id = id + "-node";
var node = document.getElementById(dom_id);
var dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var node_select = document.getElementsByName(dom_id)[0];
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil") {
var v = document.getElementById(dom_id + "-" + node_select_value);
if (v) {
node_select.title = v.text;
} else {
node_select.title = node_select.options[node_select.options.selectedIndex].text;
}
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick","location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_a.outerHTML);
}
} catch(err) {
}
}
}
}
setTimeout("go()", 1000);
//]]>
</script>

278
luci-app-passwall/luasrc/view/passwall/global/status.htm Normal file
View File

File diff suppressed because one or more lines are too long

128
luci-app-passwall/luasrc/view/passwall/global/status_bottom.htm Normal file
View File

@ -0,0 +1,128 @@
<style>
.pure-img {
max-height: 100%;
width: auto;
}
.flag .pure-img {
max-height: none;
margin-top: -0.34rem;
}
.status-bar {
position: fixed;
bottom: 0;
right: 0;
box-shadow: 0 0 2rem 0 rgba(136, 152, 170, .3);
color: #525f7f;
background: #fff;
z-index: 5;
box-sizing: border-box;
}
.status-bar .inner {
margin: 0.5em;
}
.status-bar .inner .flag {
height: 2.6em;
display: block;
float: left;
margin-right: 1em;
}
.status-bar .inner .status-info {
font-weight: bold;
}
.status-bar .icon-con {
height: 2.6em;
text-align: right;
}
#cbi-passwall+.cbi-page-actions.control-group.fixed {
bottom: 3.3rem;
}
footer{
display:block !important;
}
@media screen and (max-width: 700px) {
.status-bar .icon-con {
height: 2.5em;
}
}
</style>
<script src="<%=media%>/js/jquery.min.js"></script>
<script>
if(typeof jQuery == 'undefined'){
document.write('<script src="https://cdn.staticfile.org/jquery/2.2.4/jquery.min.js"><\/script>');
}
</script>
<div class="status-bar">
<div class="inner">
<div class="pure-g">
<div class="pure-u-1-2">
<span class="flag"><img src="/luci-static/passwall/flags/loading.svg" class="pure-img"></span> <span
class="status-info">获取中...</span>
</div>
<div class="pure-u-1-2">
<div class="icon-con">
<img src="/luci-static/passwall/img/site_icon1_01.png" class="pure-img i1">
<img src="/luci-static/passwall/img/site_icon1_02.png" class="pure-img i2">
<img src="/luci-static/passwall/img/site_icon1_03.png" class="pure-img i3">
<img src="/luci-static/passwall/img/site_icon1_04.png" class="pure-img i4">
</div>
</div>
</div>
</div>
</div>
<script>
const _ASSETS = '/luci-static/passwall/';
const CHECK_IP_URL = '<%=url([[admin]], [[services]], [[passwall]], [[ip]])%>';
var wW = $(window).width();
function resize() {
wW = $(window).width();
lw = $(".main-left").width()
$(".status-bar").width(wW - lw);
$(".status-bar .flag").width($(".status-bar .flag").height() / 3 * 4);
$(".flag-icon").each(function (index, el) {
if ($(el).height < 60) {
$(el).parent.height(60);
$(el).width(60)
} else {
$(el).width($(el).height());
}
});
}
function wirte_status(data) {
if (data.outboard) {
json = data.outboardip;
$(".flag img").attr("src", _ASSETS + "flags/" + json.flag + ".svg");
$(".status-info").html(data.outboard + "<br>" + json.country);
}
data.baidu ? $(".i1").attr("src", _ASSETS + "img/site_icon_01.png") : $(".i1").attr("src", _ASSETS + "img/site_icon1_01.png");
data.taobao ? $(".i2").attr("src", _ASSETS + "img/site_icon_02.png") : $(".i2").attr("src", _ASSETS + "img/site_icon1_02.png");
data.google ? $(".i3").attr("src", _ASSETS + "img/site_icon_03.png") : $(".i3").attr("src", _ASSETS + "img/site_icon1_03.png");
data.youtube ? $(".i4").attr("src", _ASSETS + "img/site_icon_04.png") : $(".i4").attr("src", _ASSETS + "img/site_icon1_04.png");
setTimeout(function () { $("body").trigger("iploaded", [true]); }, 200);
}
XHR.poll(5, CHECK_IP_URL, null,
function (x, data) {
wirte_status(data);
}
);
$(document).ready(function () {
resize();
$.getJSON(CHECK_IP_URL, wirte_status);
});
$(window).resize(resize);
</script>

26
luci-app-passwall/luasrc/view/passwall/haproxy/status.htm Normal file
View File

@ -0,0 +1,26 @@
<%
local api = require "luci.passwall.api"
local console_port = api.uci_get_type("global_haproxy", "console_port", "")
-%>
<p id="_status"></p>
<script type="text/javascript">//<![CDATA[
XHR.poll(3, '<%=api.url("haproxy_status")%>', null,
function(x, result) {
if (x && x.status == 200) {
var _status = document.getElementById('_status');
if (_status) {
if (result) {
_status.innerHTML = '<input type="button" class="btn cbi-button cbi-button-apply" value="<%:Enter interface%>" onclick="openwebui()" />';
} else {
_status.innerHTML = '';
}
}
}
});
function openwebui(){
var url = window.location.hostname + ":<%=console_port%>";
window.open('http://' + url, 'target', '');
}
//]]></script>

31
luci-app-passwall/luasrc/view/passwall/log/log.htm Normal file
View File

@ -0,0 +1,31 @@
<%
local api = require "luci.passwall.api"
-%>
<script type="text/javascript">
//<![CDATA[
function clearlog(btn) {
XHR.get('<%=api.url("clear_log")%>', null,
function(x, data) {
if(x && x.status == 200) {
var log_textarea = document.getElementById('log_textarea');
log_textarea.innerHTML = "";
log_textarea.scrollTop = log_textarea.scrollHeight;
}
}
);
}
XHR.poll(5, '<%=api.url("get_log")%>', null,
function(x, data) {
if(x && x.status == 200) {
var log_textarea = document.getElementById('log_textarea');
log_textarea.innerHTML = x.responseText;
}
}
);
//]]>
</script>
<fieldset class="cbi-section" id="_log_fieldset">
<input class="btn cbi-button cbi-button-remove" type="button" onclick="clearlog()" value="<%:Clear logs%>" />
<textarea id="log_textarea" class="cbi-input-textarea" style="width: 100%;margin-top: 10px;" data-update="change" rows="40" wrap="off" readonly="readonly"></textarea>
</fieldset>

108
luci-app-passwall/luasrc/view/passwall/node_list/link_add_node.htm Normal file
View File

@ -0,0 +1,108 @@
<%
local api = require "luci.passwall.api"
-%>
<style>
#add_link_div{
display: none;
width: auto;
position: absolute;
left:50%;
top:50%;
transform: translate(-50%, -50%);
z-index: 99;
text-align: center;
background: white;
box-shadow: darkgrey 10px 10px 30px 5px;
padding: 30px 15px;
}
</style>
<script type="text/javascript">
//<![CDATA[
function ajax_add_node(link) {
if (link) {
XHR.get('<%=api.url("link_add_node")%>', {
'link': link
},
function(x, data) {
if(x && x.status == 200) {
window.location.href = '<%=api.url("node_list")%>';
}
else {
alert("<%:Error%>");
}
});
}
}
function open_add_link_div() {
document.getElementById("add_link_div").style.display = "block";
document.getElementById("nodes_link").focus();
}
function close_add_link_div() {
document.getElementById("add_link_div").style.display = "none";
}
function add_node() {
var nodes_link = document.getElementById("nodes_link").value;
if (nodes_link.trim() != "") {
var supports = "ss ssr vmess vless trojan trojan-go hysteria";
var itype = nodes_link.split('://')[0];
if (itype.trim() != "" && supports.indexOf(itype) >= 0) {
ajax_add_node(nodes_link);
}
else {
alert("<%:Please enter the correct link.%>");
}
}
else {
document.getElementById("nodes_link").focus();
}
}
function clear_all_nodes() {
if (confirm('<%:Are you sure to clear all nodes?%>') == true){
XHR.get('<%=api.url("clear_all_nodes")%>', null,
function(x, data) {
if(x && x.status == 200) {
window.location.href = '<%=api.url("node_list")%>';
}
else {
alert("<%:Error%>");
}
});
}
}
//]]>
</script>
<div id="add_link_div">
<div class="cbi-value">
<label class="cbi-value-title"><%:SS/SSR/Vmess/VLESS/Trojan/Hysteria Link%></label>
<div class="cbi-value-field">
<textarea id="nodes_link" rows="5" cols="50"></textarea>
</div>
</div>
<div class="cbi-value">
<div class="cbi-value-field" style="display: unset">
<input class="btn cbi-button cbi-button-add" type="button" onclick="add_node()" value="<%:Add%>" />
<input class="btn cbi-button cbi-button-remove" type="button" onclick="close_add_link_div()" value="<%:Close%>" />
</div>
</div>
</div>
<div class="cbi-value">
<label class="cbi-value-title"></label>
<div class="cbi-value-field">
<input class="btn cbi-button cbi-button-add" type="submit" name="cbi.cts.<%=api.appname%>.nodes." value="<%:Add%>" />
<input class="btn cbi-button cbi-button-add" type="button" onclick="open_add_link_div()" value="<%:Add the node via the link%>" />
<input class="btn cbi-button cbi-button-remove" type="button" onclick="clear_all_nodes()" value="<%:Clear all nodes%>" />
<input class="btn cbi-button cbi-button-remove" type="button" onclick="delete_select_nodes()" value="<%:Delete select nodes%>" />
<input class="btn cbi-button" type="button" onclick="checked_all_node(this)" value="<%:Select all%>" />
<input class="btn cbi-button cbi-button-apply" type="submit" name="cbi.apply" value="<%:Save & Apply%>" />
<div id="div_node_count"></div>
</div>
</div>

1029
luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm Normal file
View File

File diff suppressed because it is too large Load Diff

475
luci-app-passwall/luasrc/view/passwall/node_list/node_list.htm Normal file
View File

@ -0,0 +1,475 @@
<%
local api = require "luci.passwall.api"
-%>
<style>
table th, .table .th {
text-align: center;
}
table td, .table .td {
text-align: center;
/* white-space: nowrap; */
word-break: keep-all;
}
#set_node_div {
display: none;
width: 30rem;
position: fixed;
top:50%;
padding-top: 30px;
z-index: 99;
text-align: center;
background: white;
box-shadow: darkgrey 10px 10px 30px 5px;
}
._now_use {
background: #94e1ff !important;
}
.ping a:hover{
text-decoration : underline;
}
</style>
<script type="text/javascript">
//<![CDATA[
var node_list = {};
var node_count = 0;
var ajax = {
post: function(url, data, fn_success, timeout, fn_timeout) {
var xhr = new XMLHttpRequest();
var code = ajax.encode(data);
xhr.open("POST", url, true);
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
if (timeout && timeout > 1000) {
xhr.timeout = timeout;
}
if (fn_timeout) {
xhr.ontimeout = function() {
fn_timeout(xhr);
}
}
xhr.onreadystatechange = function() {
if(xhr.readyState == 4 && (xhr.status == 200 || xhr.status == 304)) {
var json = null;
if (xhr.getResponseHeader("Content-Type") == "application/json") {
try {
json = eval('(' + xhr.responseText + ')');
}
catch(e) {
json = null;
}
}
fn_success(xhr, json);
}
};
xhr.send(code);
},
encode: function(obj) {
obj = obj ? obj : { };
obj['_'] = Math.random();
if (typeof obj == 'object')
{
var code = '';
var self = this;
for (var k in obj)
code += (code ? '&' : '') +
k + '=' + encodeURIComponent(obj[k]);
return code;
}
return obj;
}
}
function copy_node(cbi_id) {
window.location.href = '<%=api.url("copy_node")%>' + "?section=" + cbi_id;
}
var section = "";
function open_set_node_div(cbi_id) {
section = cbi_id;
document.getElementById("set_node_div").style.display="block";
var node_name = document.getElementById("cbid.passwall." + cbi_id + ".remarks").value;
document.getElementById("set_node_name").innerHTML = node_name;
}
function close_set_node_div() {
document.getElementById("set_node_div").style.display="none";
document.getElementById("set_node_name").innerHTML = "";
}
function _cbi_row_top(id) {
var dom = document.getElementById("cbi-passwall-" + id);
if (dom) {
var trs = document.getElementById("cbi-passwall-nodes").getElementsByClassName("cbi-section-table-row");
if (trs && trs.length > 0) {
for (var i = 0; i < trs.length; i++) {
var up = dom.getElementsByClassName("cbi-button-up");
if (up) {
cbi_row_swap(up[0], true, 'cbi.sts.passwall.nodes');
}
}
}
}
}
function checked_all_node(btn) {
var doms = document.getElementById("cbi-passwall-nodes").getElementsByClassName("nodes_select");
if (doms && doms.length > 0) {
for (var i = 0 ; i < doms.length; i++) {
doms[i].checked = true;
}
btn.value = "<%:DeSelect all%>";
btn.setAttribute("onclick", "dechecked_all_node(this)");
}
}
function dechecked_all_node(btn) {
var doms = document.getElementById("cbi-passwall-nodes").getElementsByClassName("nodes_select");
if (doms && doms.length > 0) {
for (var i = 0 ; i < doms.length; i++) {
doms[i].checked = false;
}
btn.value = "<%:Select all%>";
btn.setAttribute("onclick", "checked_all_node(this)");
}
}
function delete_select_nodes() {
var ids = [];
var doms = document.getElementById("cbi-passwall-nodes").getElementsByClassName("nodes_select");
if (doms && doms.length > 0) {
for (var i = 0 ; i < doms.length; i++) {
if (doms[i].checked) {
ids.push(doms[i].getAttribute("cbid"))
}
}
if (ids.length > 0) {
if (confirm('<%:Are you sure to delete select nodes?%>') == true){
XHR.get('<%=api.url("delete_select_nodes")%>', {
ids: ids.join()
},
function(x, data) {
if (x && x.status == 200) {
/*
for (var i = 0 ; i < ids.length; i++) {
var box = document.getElementById("cbi-passwall-" + ids[i]);
box.remove();
}
*/
window.location.href = '<%=api.url("node_list")%>';
}
else {
alert("<%:Error%>");
}
});
}
}
}
if (ids.length <= 0) {
alert("<%:You no select nodes !%>");
}
}
function set_node(protocol) {
if (confirm('<%:Are you sure set to%> ' + protocol.toUpperCase() + '<%:the server?%>')==true){
window.location.href = '<%=api.url("set_node")%>?protocol=' + protocol + '&section=' + section;
}
}
function get_address_full(id) {
try {
var address = document.getElementById("cbid.passwall." + id + ".address").value;
var port = document.getElementById("cbid.passwall." + id + ".port").value;
}
catch(err){}
//判断是否含有汉字
var reg = new RegExp("[\\u4E00-\\u9FFF]+","g");
if ((address != null && address != "") && (port != null && port != "") && reg.test(address) == false) {
return { address: address, port: port };
} else {
return null;
}
}
//获取当前使用的节点
function get_now_use_node() {
XHR.get('<%=api.url("get_now_use_node")%>', null,
function(x, result) {
var id = result["TCP"];
if (id) {
var dom = document.getElementById("cbi-passwall-" + id);
if (dom) {
dom.classList.add("_now_use");
dom.title = "当前TCP节点";
//var v = "<a style='color: red'>当前TCP节点</a>" + document.getElementById("cbid.passwall." + id + ".remarks").value;
//document.getElementById("cbi-passwall-" + id + "-remarks").innerHTML = v;
}
}
id = result["UDP"];
if (id) {
var dom = document.getElementById("cbi-passwall-" + id);
if (dom) {
dom.classList.add("_now_use");
dom.title = "当前UDP节点";
}
}
}
);
}
function urltest_node(cbi_id, dom) {
if (cbi_id != null) {
dom.disabled = true;
dom.value = "<%:Check...%>";
XHR.get('<%=api.url("urltest_node")%>', {
id: cbi_id
},
function(x, result) {
if(x && x.status == 200) {
if (result.use_time == null || result.use_time.trim() == "") {
dom.outerHTML = "<font style='color:red'><%:Timeout%></font>";
} else {
var color = "red";
var use_time = result.use_time;
if (use_time < 1000) {
color = "green";
} else if (use_time < 2000) {
color = "#fb9a05";
} else {
color = "red";
}
dom.outerHTML = "<font style='color:" + color + "'>" + result.use_time + " ms" + "</font>";
}
}
}
);
}
}
function ping_node(cbi_id, dom) {
var full = get_address_full(cbi_id);
if (full != null) {
XHR.get('<%=api.url("ping_node")%>', {
address: full.address,
port: full.port
},
function(x, result) {
if(x && x.status == 200) {
if (result.ping == null || result.ping.trim() == "") {
dom.outerHTML = "<font style='color:red'><%:Timeout%></font>";
} else {
var ping = parseInt(result.ping);
if (ping < 100)
dom.outerHTML = "<font style='color:green'>" + result.ping + " ms" + "</font>";
else if (ping < 200)
dom.outerHTML = "<font style='color:#fb9a05'>" + result.ping + " ms" + "</font>";
else if (ping >= 200)
dom.outerHTML = "<font style='color:red'>" + result.ping + " ms" + "</font>";
}
}
}
);
}
}
/* 自动Ping */
var nodes = [];
const ping_value = document.getElementsByClassName('ping_value');
for (var i = 0; i < ping_value.length; i++) {
var cbi_id = ping_value[i].getAttribute("cbiid");
var full = get_address_full(cbi_id);
if (full != null) {
var flag = false;
//当有多个相同地址和端口时合在一起
for (var j = 0; j < nodes.length; j++) {
if (nodes[j].address == full.address && nodes[j].port == full.port) {
nodes[j].indexs = nodes[j].indexs + "," + i;
flag = true;
break;
}
}
if (flag)
continue;
nodes.push({
indexs: i + "",
address: full.address,
port: full.port
});
}
}
get_now_use_node();
const _xhr = (index) => {
return new Promise((res) => {
const dom = nodes[index];
if (!dom) res()
ajax.post('<%=api.url("ping_node")%>', {
index: dom.indexs,
address: dom.address,
port: dom.port
},
function(x, result) {
if (x && x.status == 200) {
var strs = dom.indexs.split(",");
for (var i = 0; i < strs.length; i++) {
if (result.ping == null || result.ping.trim() == "") {
ping_value[strs[i]].innerHTML = "<font style='color:red'><%:Timeout%></font>";
} else {
var ping = parseInt(result.ping);
if (ping < 100)
ping_value[strs[i]].innerHTML = "<font style='color:green'>" + result.ping + " ms" + "</font>";
else if (ping < 200)
ping_value[strs[i]].innerHTML = "<font style='color:#fb9a05'>" + result.ping + " ms" + "</font>";
else if (ping >= 200)
ping_value[strs[i]].innerHTML = "<font style='color:red'>" + result.ping + " ms" + "</font>";
}
}
}
res();
},
5000,
function(x) {
var strs = dom.indexs.split(",");
for (var i = 0; i < strs.length; i++) {
ping_value[strs[i]].innerHTML = "<font style='color:red'><%:Timeout%></font>";
}
res();
}
);
})
}
let task = -1;
const thread = () => {
task = task + 1
if (nodes[task]) {
_xhr(task).then(thread);
}
}
for (let i = 0; i < 20; i++) {
thread()
}
/* 递归单请求方法
var index = 0;
function auto_ping() {
if (index >= nodes.length) {
return;
}
var indexs = nodes[index].indexs;
var address = nodes[index].address;
var port = nodes[index].port;
ajax.post('<%=api.url("ping_node")%>', {
index: indexs,
address: address,
port: port
},
function(x, result) {
if (x && x.status == 200) {
var strs = indexs.split(",");
for (var i = 0; i < strs.length; i++) {
if (result.ping == null || result.ping.trim() == "") {
ping_value[strs[i]].innerHTML = "<font style='color:red'><%:Timeout%></font>";
} else {
var ping = parseInt(result.ping);
if (ping < 100)
ping_value[strs[i]].innerHTML = "<font style='color:green'>" + result.ping + " ms" + "</font>";
else if (ping < 200)
ping_value[strs[i]].innerHTML = "<font style='color:#fb9a05'>" + result.ping + " ms" + "</font>";
else if (ping >= 200)
ping_value[strs[i]].innerHTML = "<font style='color:red'>" + result.ping + " ms" + "</font>";
}
}
}
index++;
return auto_ping();
},
function(x) {
var strs = indexs.split(",");
for (var i = 0; i < strs.length; i++) {
ping_value[strs[i]].innerHTML = "<font style='color:red'><%:Timeout%></font>";
}
index++;
return auto_ping();
},
);
}
auto_ping();
*/
var edit_btn = document.getElementById("cbi-passwall-nodes").getElementsByClassName("cbi-button cbi-button-edit");
for (var i = 0; i < edit_btn.length; i++) {
try {
var onclick_str = edit_btn[i].getAttribute("onclick");
var id = onclick_str.substring(onclick_str.lastIndexOf('/') + 1, onclick_str.length - 1);
var td = edit_btn[i].parentNode;
var new_div = "";
//添加"勾选"框
new_div += '<input class="cbi-input-checkbox nodes_select" type="checkbox" cbid="' + id + '" />&nbsp;&nbsp;';
//添加"置顶"按钮
new_div += '<input class="btn cbi-button" type="button" value="<%:To Top%>" onclick="_cbi_row_top(\'' + id + '\')"/>&nbsp;&nbsp;';
//添加"应用"按钮
new_div += '<input class="btn cbi-button cbi-button-apply" type="button" value="<%:Use%>" id="apply_' + id + '" onclick="open_set_node_div(\'' + id + '\')"/>&nbsp;&nbsp;';
//添加"复制"按钮
new_div += '<input class="btn cbi-button cbi-button-add" type="button" value="<%:Copy%>" onclick="copy_node(\'' + id + '\')"/>&nbsp;&nbsp;';
td.innerHTML = new_div + td.innerHTML;
var obj = {};
obj.id = id;
obj.type = document.getElementById("cbid.passwall." + id + ".type").value;
var address_dom = document.getElementById("cbid.passwall." + id + ".address");
var port_dom = document.getElementById("cbid.passwall." + id + ".port");
if (address_dom && port_dom) {
obj.address = address_dom.value;
obj.port = port_dom.value;
}
node_count++;
var add_from = document.getElementById("cbid.passwall." + id + ".add_from").value;
if (node_list[add_from])
node_list[add_from].push(obj);
else
node_list[add_from] = [];
}
catch(err) {
console.error(err);
}
}
if (true) {
var str = "";
for (var add_from in node_list) {
var num = node_list[add_from].length + 1;
if (add_from == "") {
add_from = "<%:Self add%>";
}
str += add_from + " " + "<%:Node num%>: <a style='color: red'>" + num + "</a>&nbsp&nbsp&nbsp";
}
document.getElementById("div_node_count").innerHTML = "<div style='margin-top:5px'>" + str + "</div>";
}
//]]>
</script>
<div style="display: -webkit-flex; display: flex; -webkit-align-items: center; align-items: center; -webkit-justify-content: center; justify-content: center;">
<div id="set_node_div">
<div class="cbi-value"><%:You choose node is:%><a style="color: red" id="set_node_name"></a></div>
<div class="cbi-value">
<input class="btn cbi-button cbi-button-edit" type="button" onclick="set_node('tcp')" value="TCP" />
<input class="btn cbi-button cbi-button-edit" type="button" onclick="set_node('udp')" value="UDP" />
<input class="btn cbi-button cbi-button-remove" type="button" onclick="close_set_node_div()" value="<%:Close%>" />
</div>
</div>
</div>

76
luci-app-passwall/luasrc/view/passwall/rule/rule_version.htm Normal file
View File

@ -0,0 +1,76 @@
<%
local api = require "luci.passwall.api"
local gfwlist_update = api.uci_get_type("global_rules", "gfwlist_update", "1") == "1" and "checked='checked'" or ""
local chnroute_update = api.uci_get_type("global_rules", "chnroute_update", "1") == "1" and "checked='checked'" or ""
local chnroute6_update = api.uci_get_type("global_rules", "chnroute6_update", "1") == "1" and "checked='checked'" or ""
local chnlist_update = api.uci_get_type("global_rules", "chnlist_update", "1") == "1" and "checked='checked'" or ""
local geoip_update = api.uci_get_type("global_rules", "geoip_update", "1") == "1" and "checked='checked'" or ""
local geosite_update = api.uci_get_type("global_rules", "geosite_update", "1") == "1" and "checked='checked'" or ""
-%>
<script type="text/javascript">
//<![CDATA[
function update_rules(btn) {
btn.disabled = true;
btn.value = '<%:Updating...%>';
var div = document.getElementById('_rule_div');
var domList = div.getElementsByTagName('input');
var checkBoxList = [];
var len = domList.length;
while(len--) {
var dom = domList[len];  
if(dom.type == 'checkbox' && dom.checked) {  
checkBoxList.push(dom.name);  
}
}
XHR.get('<%=api.url("update_rules")%>', {
update: checkBoxList.join(",")
},
function(x, data) {
if(x && x.status == 200) {
window.location.href = '<%=api.url("log")%>';
} else {
alert("<%:Error%>");
btn.disabled = false;
btn.value = '<%:Manually update%>';
}
}
);
}
//]]>
</script>
<div class="cbi-value" id="_rule_div">
<label class="cbi-value-title">
<%:Manually update%>
</label>
<div class="cbi-value-field">
<div>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="gfwlist" value="1" <%=gfwlist_update%> />
gfwlist
</label>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="chnroute" value="1" <%=chnroute_update%> />
chnroute
</label>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="chnroute6" value="1" <%=chnroute6_update%> />
chnroute6
</label>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="chnlist" value="1" <%=chnlist_update%> />
chnlist
</label>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="geoip" value="1" <%=geoip_update%> />
geoip
</label>
<label>
<input class="cbi-input-checkbox" type="checkbox" name="geosite" value="1" <%=geosite_update%> />
geosite
</label>
<input class="btn cbi-button cbi-button-apply" type="button" id="update_rules_btn" onclick="update_rules(this)" value="<%:Manually update%>" />
</div>
</div>
</div>

35
luci-app-passwall/luasrc/view/passwall/server/log.htm Normal file
View File

@ -0,0 +1,35 @@
<%
local api = require "luci.passwall.api"
-%>
<script type="text/javascript">
//<![CDATA[
function clear_log(btn) {
XHR.get('<%=api.url("server_clear_log")%>', null,
function(x, data) {
if(x && x.status == 200) {
var log_textarea = document.getElementById('log_textarea');
log_textarea.innerHTML = "";
log_textarea.scrollTop = log_textarea.scrollHeight;
}
}
);
}
XHR.poll(3, '<%=api.url("server_get_log")%>', null,
function(x, data) {
if(x && x.status == 200) {
var log_textarea = document.getElementById('log_textarea');
log_textarea.innerHTML = x.responseText;
log_textarea.scrollTop = log_textarea.scrollHeight;
}
}
);
//]]>
</script>
<fieldset class="cbi-section" id="_log_fieldset">
<legend>
<%:Logs%>
</legend>
<input class="btn cbi-button cbi-button-remove" type="button" onclick="clear_log()" value="<%:Clear logs%>" />
<textarea id="log_textarea" class="cbi-input-textarea" style="width: 100%;margin-top: 10px;" data-update="change" rows="20" wrap="off" readonly="readonly"></textarea>
</fieldset>

38
luci-app-passwall/luasrc/view/passwall/server/users_list_status.htm Normal file
View File

@ -0,0 +1,38 @@
<%
local api = require "luci.passwall.api"
-%>
<script type="text/javascript">
//<![CDATA[
var _users_status = document.getElementsByClassName('_users_status');
for(var i = 0; i < _users_status.length; i++) {
var id = _users_status[i].parentElement.parentElement.parentElement.id;
id = id.substr(id.lastIndexOf("-") + 1);
XHR.get('<%=api.url("server_user_status")%>', {
index: i,
id: id
},
function(x, result) {
_users_status[result.index].setAttribute("style","font-weight:bold;");
_users_status[result.index].setAttribute("color",result.status ? "green":"red");
_users_status[result.index].innerHTML = (result.status ? '✓' : 'X');
}
);
}
var edit_btn = document.getElementById("cbi-passwall_server-user").getElementsByClassName("cbi-button cbi-button-edit");
for (var i = 0; i < edit_btn.length; i++) {
try {
var onclick_str = edit_btn[i].getAttribute("onclick");
var id = onclick_str.substring(onclick_str.lastIndexOf('/') + 1, onclick_str.length - 1);
var td = edit_btn[i].parentNode;
var new_div = "";
//添加"日志"按钮
new_div += '<input class="btn cbi-button cbi-button-add" type="button" value="<%:Log%>" onclick="window.open(\'' + '<%=api.url("server_user_log")%>' + '?id=' + id + '\', \'_blank\')"/>&nbsp;&nbsp;';
td.innerHTML = new_div + td.innerHTML;
}
catch(err) {
console.error(err);
}
}
//]]>
</script>

1469
luci-app-passwall/po/zh-cn/passwall.po Normal file
View File

File diff suppressed because it is too large Load Diff

1
luci-app-passwall/po/zh_Hans Normal file
View File

@ -0,0 +1 @@
zh-cn

4
luci-app-passwall/root/etc/config/passwall_server Normal file
View File

@ -0,0 +1,4 @@
config global 'global'
option enable '0'

23
luci-app-passwall/root/etc/hotplug.d/iface/98-passwall Normal file
View File

@ -0,0 +1,23 @@
#!/bin/sh
[[ "$ACTION" == "ifup" && $(uci get "passwall.@global[0].enabled") == "1" ]] && [ -f /var/lock/passwall_ready.lock ] && {
default_device=$(ip route | grep default | awk -F 'dev ' '{print $2}' | awk '{print $1}')
[ "$default_device" == "$DEVICE" ] && {
LOCK_FILE_DIR=/var/lock
[ ! -d ${LOCK_FILE_DIR} ] && mkdir -p ${LOCK_FILE_DIR}
LOCK_FILE="${LOCK_FILE_DIR}/passwall_ifup.lock"
if [ -s ${LOCK_FILE} ]; then
SPID=$(cat ${LOCK_FILE})
if [ -e /proc/${SPID}/status ]; then
exit 1
fi
cat /dev/null > ${LOCK_FILE}
fi
echo $$ > ${LOCK_FILE}
/etc/init.d/passwall restart
echo "passwall: restart when $INTERFACE ifup" > /dev/kmsg
rm -rf ${LOCK_FILE}
}
}

66
luci-app-passwall/root/etc/init.d/passwall Normal file
View File

@ -0,0 +1,66 @@
#!/bin/sh /etc/rc.common
START=99
STOP=15
CONFIG=passwall
APP_FILE=/usr/share/${CONFIG}/app.sh
LOCK_FILE_DIR=/var/lock
LOCK_FILE=${LOCK_FILE_DIR}/${CONFIG}.lock
set_lock() {
[ ! -d "$LOCK_FILE_DIR" ] && mkdir -p $LOCK_FILE_DIR
exec 999>"$LOCK_FILE"
flock -xn 999
}
unset_lock() {
flock -u 999
rm -rf "$LOCK_FILE"
}
unlock() {
failcount=1
while [ "$failcount" -le 10 ]; do
if [ -f "$LOCK_FILE" ]; then
let "failcount++"
sleep 1s
[ "$failcount" -ge 10 ] && unset_lock
else
break
fi
done
}
boot() {
local delay=$(uci -q get ${CONFIG}.@global_delay[0].start_delay || echo 1)
if [ "$delay" -gt 0 ]; then
$APP_FILE echolog "执行启动延时 $delay 秒后再启动!"
sleep $delay
fi
restart
touch ${LOCK_FILE_DIR}/${CONFIG}_ready.lock
}
start() {
set_lock
[ $? == 1 ] && $APP_FILE echolog "脚本已经在运行,不重复运行,退出." && exit 0
$APP_FILE start
unset_lock
}
stop() {
unlock
set_lock
[ $? == 1 ] && $APP_FILE echolog "停止脚本等待超时,不重复运行,退出." && exit 0
$APP_FILE stop
unset_lock
}
restart() {
set_lock
[ $? == 1 ] && $APP_FILE echolog "脚本已经在运行,不重复运行,退出." && exit 0
$APP_FILE stop
$APP_FILE start
unset_lock
}

16
luci-app-passwall/root/etc/init.d/passwall_server Normal file
View File

@ -0,0 +1,16 @@
#!/bin/sh /etc/rc.common
START=99
start() {
lua /usr/lib/lua/luci/passwall/server_app.lua start
}
stop() {
lua /usr/lib/lua/luci/passwall/server_app.lua stop
}
restart() {
stop
start
}

52
luci-app-passwall/root/etc/uci-defaults/luci-passwall Normal file
View File

@ -0,0 +1,52 @@
#!/bin/sh
grep -q api.ipify.org /usr/share/passwall/rules/proxy_host ||
sed -i '$a api.ipify.org' /usr/share/passwall/rules/proxy_host
uci -q batch <<-EOF >/dev/null
set dhcp.@dnsmasq[0].localuse=1
commit dhcp
delete ucitrack.@passwall[-1]
add ucitrack passwall
set ucitrack.@passwall[-1].init=passwall
commit ucitrack
delete firewall.passwall
set firewall.passwall=include
set firewall.passwall.type=script
set firewall.passwall.path=/var/etc/passwall.include
set firewall.passwall.reload=1
commit firewall
delete ucitrack.@passwall_server[-1]
add ucitrack passwall_server
set ucitrack.@passwall_server[-1].init=passwall_server
commit ucitrack
delete firewall.passwall_server
set firewall.passwall_server=include
set firewall.passwall_server.type=script
set firewall.passwall_server.path=/var/etc/passwall_server.include
set firewall.passwall_server.reload=1
commit firewall
set uhttpd.main.max_requests=50
commit uhttpd
EOF
touch /etc/config/passwall_show >/dev/null 2>&1
[ ! -s "/etc/config/passwall" ] && cp -f /usr/share/passwall/0_default_config /etc/config/passwall
use_nft=$(uci -q get passwall.@global_forwarding[0].use_nft || echo "0")
[ "${use_nft}" = "0" ] && {
if [ -z "$(command -v iptables-legacy || command -v iptables)" ] || [ -z "$(command -v ipset)" ] || [ -z "$(dnsmasq --version | grep 'Compile time options:.* ipset')" ]; then
[ "$(opkg list-installed | grep "firewall4")" ] && [ "$(opkg list-installed | grep "nftables")" ] && {
[ "$(opkg list-installed | grep "kmod\-nft\-socket")" ] && [ "$(opkg list-installed | grep "kmod\-nft\-tproxy")" ] && [ "$(opkg list-installed | grep "kmod\-nft\-nat")" ] && {
uci -q set passwall.@global_forwarding[0].use_nft=1
uci -q commit passwall
sed -i "s#use_nft '0'#use_nft '1'#g" /usr/share/passwall/0_default_config
}
}
fi
}
rm -f /tmp/luci-indexcache
rm -rf /tmp/luci-modulecache/
killall -HUP rpcd 2>/dev/null
exit 0

215
luci-app-passwall/root/usr/share/passwall/0_default_config Normal file
View File

@ -0,0 +1,215 @@
config global
option enabled '0'
option socks_enabled '0'
option tcp_node 'nil'
option udp_node 'nil'
option tcp_node_socks_port '1070'
option dns_mode 'dns2tcp'
option remote_dns '1.1.1.1'
option filter_proxy_ipv6 '1'
option chinadns_ng '1'
option when_chnroute_default_dns 'direct'
option tcp_proxy_mode 'chnroute'
option udp_proxy_mode 'chnroute'
option localhost_tcp_proxy_mode 'default'
option localhost_udp_proxy_mode 'default'
option acl_enable '0'
option close_log_tcp '0'
option close_log_udp '0'
option loglevel 'error'
option trojan_loglevel '4'
config global_haproxy
option balancing_enable '0'
config global_delay
option auto_on '0'
option start_daemon '1'
option start_delay '60'
config global_forwarding
option tcp_no_redir_ports 'disable'
option udp_no_redir_ports 'disable'
option tcp_proxy_drop_ports 'disable'
option udp_proxy_drop_ports '80,443'
option tcp_redir_ports '22,25,53,143,465,587,853,993,995,80,443'
option udp_redir_ports '1:65535'
option accept_icmp '0'
option use_nft '0'
option tcp_proxy_way 'redirect'
option ipv6_tproxy '0'
option sniffing '1'
option route_only '0'
config global_other
option nodes_ping 'auto_ping tcping'
config global_rules
option auto_update '1'
option chnlist_update '1'
option chnroute_update '1'
option chnroute6_update '1'
option gfwlist_update '1'
option geosite_update '1'
option geoip_update '0'
list gfwlist_url 'https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt'
list chnroute_url 'https://ispip.clang.cn/all_cn.txt'
list chnroute_url 'https://fastly.jsdelivr.net/gh/gaoyifan/china-operator-ip@ip-lists/china.txt'
list chnroute6_url 'https://ispip.clang.cn/all_cn_ipv6.txt'
list chnroute6_url 'https://fastly.jsdelivr.net/gh/gaoyifan/china-operator-ip@ip-lists/china6.txt'
list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf'
list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf'
list chnlist_url 'https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf'
option v2ray_location_asset '/usr/share/v2ray/'
config global_app
option v2ray_file '/usr/bin/v2ray'
option xray_file '/usr/bin/xray'
option trojan_go_file '/usr/bin/trojan-go'
option brook_file '/usr/bin/brook'
option hysteria_file '/usr/bin/hysteria'
option chinadns_ng '/usr/bin/chinadns-ng'
config global_subscribe
option filter_keyword_mode '1'
list filter_discard_list '过期时间'
list filter_discard_list '剩余流量'
list filter_discard_list 'QQ群'
list filter_discard_list '官网'
config auto_switch
option enable '1'
option restore_switch '1'
option testing_time '1'
option connect_timeout '3'
option retry_num '3'
option shunt_logic '1'
config nodes 'myshunt'
option remarks '分流总节点'
option type 'Xray'
option protocol '_shunt'
option DirectGame '_direct'
option ProxyGame '_default'
option AD '_blackhole'
option BT '_direct'
option Proxy '_default'
option Netflix '_default'
option OpenAI '_default'
option Direct '_direct'
option default_node 'nil'
option domainStrategy 'IPOnDemand'
config shunt_rules 'DirectGame'
option remarks 'DirectGame'
option domain_list 'api.steampowered.com
regexp:\.cm.steampowered.com$
regexp:\.steamserver.net$
geosite:category-games@cn
'
option ip_list '103.10.124.0/24
103.10.125.0/24
103.28.54.0/24
146.66.152.0/24
146.66.155.0/24
153.254.86.0/24
155.133.224.0/23
155.133.226.0/24
155.133.227.0/24
155.133.230.0/24
155.133.232.0/24
155.133.233.0/24
155.133.234.0/24
155.133.236.0/23
155.133.238.0/24
155.133.239.0/24
155.133.240.0/23
155.133.245.0/24
155.133.246.0/24
155.133.248.0/24
155.133.249.0/24
155.133.250.0/24
155.133.251.0/24
155.133.252.0/24
155.133.253.0/24
155.133.254.0/24
155.133.255.0/24
162.254.192.0/24
162.254.193.0/24
162.254.194.0/23
162.254.195.0/24
162.254.196.0/24
162.254.197.0/24
162.254.198.0/24
162.254.199.0/24
185.25.182.0/24
185.25.183.0/24
190.217.33.0/24
192.69.96.0/22
205.185.194.0/24
205.196.6.0/24
208.64.200.0/24
208.64.201.0/24
208.64.202.0/24
208.64.203.0/24
208.78.164.0/22'
config shunt_rules 'ProxyGame'
option remarks 'ProxyGame'
option domain_list 'geosite:category-games@!cn
domain:store.steampowered.com
'
config shunt_rules 'AD'
option remarks 'AD'
option domain_list 'geosite:category-ads-all'
config shunt_rules 'BT'
option remarks 'BT'
option protocol 'bittorrent'
config shunt_rules 'OpenAI'
option remarks 'OpenAI'
option domain_list 'geosite:openai'
config shunt_rules 'Proxy'
option remarks 'Proxy'
option domain_list 'geosite:geolocation-!cn'
option ip_list '149.154.160.0/20
91.108.4.0/22
91.108.56.0/24
109.239.140.0/24
67.198.55.0/24
8.8.4.4
8.8.8.8
208.67.222.222
208.67.220.220
1.1.1.1
1.1.1.2
1.0.0.1
9.9.9.9
149.112.112.112
2001:67c:4e8::/48
2001:b28:f23c::/48
2001:b28:f23d::/48
2001:b28:f23f::/48
2001:b28:f242::/48
2001:4860:4860::8888
2001:4860:4860::8844
2606:4700:4700::1111
2606:4700:4700::1001'
config shunt_rules 'Netflix'
option remarks 'Netflix'
option domain_list 'geosite:netflix'
config shunt_rules 'Direct'
option remarks 'Direct'
option domain_list 'geosite:cn'
option ip_list '223.5.5.5/32
119.29.29.29/32
180.76.76.76/32
114.114.114.114/32
geoip:cn
geoip:private'

BIN
luci-app-passwall/root/usr/share/passwall/GeoLite2-Country.mmdb Normal file
View File

Binary file not shown.

1704
luci-app-passwall/root/usr/share/passwall/app.sh Normal file
View File

File diff suppressed because it is too large Load Diff

219
luci-app-passwall/root/usr/share/passwall/haproxy.lua Normal file
View File

@ -0,0 +1,219 @@
#!/usr/bin/lua
local api = require ("luci.passwall.api")
local appname = api.appname
local fs = api.fs
local jsonc = api.jsonc
local uci = api.uci
local sys = api.sys
local log = function(...)
api.log(...)
end
function get_ip_port_from(str)
local result_port = sys.exec("echo -n " .. str .. " | sed -n 's/^.*[:#]\\([0-9]*\\)$/\\1/p'")
local result_ip = sys.exec(string.format("__host=%s;__varport=%s;", str, result_port) .. "echo -n ${__host%%${__varport:+[:#]${__varport}*}}")
return result_ip, result_port
end
local new_port
local function get_new_port()
if new_port then
new_port = tonumber(sys.exec(string.format("echo -n $(/usr/share/%s/app.sh get_new_port %s tcp)", appname, new_port + 1)))
else
new_port = tonumber(sys.exec(string.format("echo -n $(/usr/share/%s/app.sh get_new_port auto tcp)", appname)))
end
return new_port
end
local var = api.get_args(arg)
local haproxy_path = var["-path"]
local haproxy_conf = var["-conf"]
local haproxy_dns = var["-dns"] or "119.29.29.29:53,223.5.5.5:53"
local cpu_thread = sys.exec('echo -n $(cat /proc/cpuinfo | grep "processor" | wc -l)') or "1"
local health_check_type = uci:get(appname, "@global_haproxy[0]", "health_check_type") or "tcp"
local health_check_inter = uci:get(appname, "@global_haproxy[0]", "health_check_inter") or "10"
log("HAPROXY 负载均衡...")
fs.mkdir(haproxy_path)
local haproxy_file = haproxy_path .. "/" .. haproxy_conf
local f_out = io.open(haproxy_file, "a")
local haproxy_config = [[
global
daemon
log 127.0.0.1 local2
maxconn 60000
stats socket {{path}}/haproxy.sock
nbthread {{nbthread}}
external-check
insecure-fork-wanted
defaults
mode tcp
log global
option tcplog
option dontlognull
option http-server-close
#option forwardfor except 127.0.0.0/8
option redispatch
retries 2
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
resolvers mydns
resolve_retries 1
timeout resolve 5s
hold valid 600s
{{dns}}
]]
haproxy_config = haproxy_config:gsub("{{path}}", haproxy_path)
haproxy_config = haproxy_config:gsub("{{nbthread}}", cpu_thread)
local mydns = ""
local index = 0
string.gsub(haproxy_dns, '[^' .. "," .. ']+', function(w)
index = index + 1
local s = w:gsub("#", ":")
if not s:find(":") then
s = s .. ":53"
end
mydns = mydns .. (index > 1 and "\n" or "") .. " " .. string.format("nameserver dns%s %s", index, s)
end)
haproxy_config = haproxy_config:gsub("{{dns}}", mydns)
f_out:write(haproxy_config)
local listens = {}
uci:foreach(appname, "haproxy_config", function(t)
if t.enabled == "1" then
local server_remark
local server_address
local server_port
local lbss = t.lbss
local listen_port = tonumber(t.haproxy_port) or 0
local server_node = uci:get_all(appname, lbss)
if server_node and server_node.address and server_node.port then
server_remark = server_node.address .. ":" .. server_node.port
server_address = server_node.address
server_port = server_node.port
t.origin_address = server_address
t.origin_port = server_port
if health_check_type == "passwall_logic" then
if server_node.type ~= "Socks" then
local relay_port = server_node.port
new_port = get_new_port()
local config_file = string.format("haproxy_%s_%s.json", t[".name"], new_port)
sys.call(string.format('/usr/share/%s/app.sh run_socks "%s"> /dev/null',
appname,
string.format("flag=%s node=%s bind=%s socks_port=%s config_file=%s",
new_port, --flag
server_node[".name"], --node
"127.0.0.1", --bind
new_port, --socks port
config_file --config file
)
)
)
server_address = "127.0.0.1"
server_port = new_port
end
end
else
server_address, server_port = get_ip_port_from(lbss)
server_remark = server_address .. ":" .. server_port
t.origin_address = server_address
t.origin_port = server_port
end
if server_address and server_port and listen_port > 0 then
if not listens[listen_port] then
listens[listen_port] = {}
end
t.server_remark = server_remark
t.server_address = server_address
t.server_port = server_port
table.insert(listens[listen_port], t)
else
log(" - 丢弃1个明显无效的节点")
end
end
end)
local sortTable = {}
for i in pairs(listens) do
if i ~= nil then
table.insert(sortTable, i)
end
end
table.sort(sortTable, function(a,b) return (a < b) end)
for i, port in pairs(sortTable) do
log(" + 入口 0.0.0.0:%s..." % port)
f_out:write("\n" .. string.format([[
listen %s
bind 0.0.0.0:%s
mode tcp
balance roundrobin
]], port, port))
if health_check_type == "passwall_logic" then
f_out:write(string.format([[
option external-check
external-check command "/usr/share/passwall/haproxy_check.sh"
]], port, port))
end
for i, o in ipairs(listens[port]) do
local remark = o.server_remark
local server = o.server_address .. ":" .. o.server_port
local server_conf = "server {{remark}} {{server}} weight {{weight}} {{resolvers}} check inter {{inter}} rise 1 fall 3 {{backup}}"
server_conf = server_conf:gsub("{{remark}}", remark)
server_conf = server_conf:gsub("{{server}}", server)
server_conf = server_conf:gsub("{{weight}}", o.lbweight)
local resolvers = "resolvers mydns"
if api.is_ip(o.server_address) then
resolvers = ""
end
server_conf = server_conf:gsub("{{resolvers}}", resolvers)
server_conf = server_conf:gsub("{{inter}}", tonumber(health_check_inter) .. "s")
server_conf = server_conf:gsub("{{backup}}", o.backup == "1" and "backup" or "")
f_out:write(" " .. server_conf .. "\n")
if o.export ~= "0" then
sys.call(string.format("/usr/share/passwall/app.sh add_ip2route %s %s", o.origin_address, o.export))
end
log(string.format(" | - 出口节点:%s:%s权重%s", o.origin_address, o.origin_port, o.lbweight))
end
end
--控制台配置
local console_port = uci:get(appname, "@global_haproxy[0]", "console_port")
local console_user = uci:get(appname, "@global_haproxy[0]", "console_user")
local console_password = uci:get(appname, "@global_haproxy[0]", "console_password")
local str = [[
listen console
bind 0.0.0.0:%s
mode http
stats refresh 30s
stats uri /
stats admin if TRUE
%s
]]
f_out:write("\n" .. string.format(str, console_port, (console_user and console_user ~= "" and console_password and console_password ~= "") and "stats auth " .. console_user .. ":" .. console_password or ""))
log(string.format(" * 控制台端口:%s", console_port))
f_out:close()

18
luci-app-passwall/root/usr/share/passwall/haproxy_check.sh Normal file
View File

@ -0,0 +1,18 @@
#!/bin/sh
listen_address=$1
listen_port=$2
server_address=$3
server_port=$4
status=$(/usr/bin/curl -I -o /dev/null -skL -x socks5h://${server_address}:${server_port} --connect-timeout 3 --retry 3 -w %{http_code} "https://www.google.com/generate_204")
case "$status" in
204|\
200)
status=200
;;
esac
return_code=1
if [ "$status" = "200" ]; then
return_code=0
fi
exit ${return_code}

89
luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.sh Normal file
View File

@ -0,0 +1,89 @@
#!/bin/sh
stretch() {
#zhenduiluanshezhiDNSderen
local dnsmasq_server=$(uci -q get dhcp.@dnsmasq[0].server)
local dnsmasq_noresolv=$(uci -q get dhcp.@dnsmasq[0].noresolv)
local _flag
for server in $dnsmasq_server; do
[ -z "$(echo $server | grep '\/')" ] && _flag=1
done
[ -z "$_flag" ] && [ "$dnsmasq_noresolv" = "1" ] && {
uci -q delete dhcp.@dnsmasq[0].noresolv
uci -q set dhcp.@dnsmasq[0].resolvfile="$RESOLVFILE"
uci commit dhcp
}
}
backup_servers() {
DNSMASQ_DNS=$(uci show dhcp | grep "@dnsmasq" | grep ".server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' ',')
if [ -n "${DNSMASQ_DNS}" ]; then
uci -q set $CONFIG.@global[0].dnsmasq_servers="${DNSMASQ_DNS}"
uci commit $CONFIG
fi
}
restore_servers() {
OLD_SERVER=$(uci -q get $CONFIG.@global[0].dnsmasq_servers | tr "," " ")
for server in $OLD_SERVER; do
uci -q del_list dhcp.@dnsmasq[0].server=$server
uci -q add_list dhcp.@dnsmasq[0].server=$server
done
uci commit dhcp
uci -q delete $CONFIG.@global[0].dnsmasq_servers
uci commit $CONFIG
}
logic_restart() {
local no_log
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
if [ -f "$TMP_PATH/default_DNS" ]; then
backup_servers
#sed -i "/list server/d" /etc/config/dhcp >/dev/null 2>&1
for server in $(uci -q get dhcp.@dnsmasq[0].server); do
[ -n "$(echo $server | grep '\/')" ] || uci -q del_list dhcp.@dnsmasq[0].server="$server"
done
/etc/init.d/dnsmasq restart >/dev/null 2>&1
restore_servers
else
/etc/init.d/dnsmasq restart >/dev/null 2>&1
fi
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
}
restart() {
local no_log
eval_set_val $@
_LOG_FILE=$LOG_FILE
[ -n "$no_log" ] && LOG_FILE="/dev/null"
/etc/init.d/dnsmasq restart >/dev/null 2>&1
echolog "重启 dnsmasq 服务"
LOG_FILE=${_LOG_FILE}
}
del() {
rm -rf /tmp/dnsmasq.d/dnsmasq-$CONFIG.conf
rm -rf $DNSMASQ_PATH/dnsmasq-$CONFIG.conf
rm -rf $TMP_DNSMASQ_PATH
}
arg1=$1
shift
case $arg1 in
stretch)
stretch $@
;;
del)
del $@
;;
restart)
restart $@
;;
logic_restart)
logic_restart $@
;;
*) ;;
esac

421
luci-app-passwall/root/usr/share/passwall/helper_dnsmasq_add.lua Normal file
View File

@ -0,0 +1,421 @@
require "luci.sys"
local api = require "luci.passwall.api"
local var = api.get_args(arg)
local FLAG = var["-FLAG"]
local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"]
local DNSMASQ_CONF_FILE = var["-DNSMASQ_CONF_FILE"]
local DEFAULT_DNS = var["-DEFAULT_DNS"]
local LOCAL_DNS = var["-LOCAL_DNS"]
local TUN_DNS = var["-TUN_DNS"]
local REMOTE_FAKEDNS = var["-REMOTE_FAKEDNS"]
local CHNROUTE_MODE_DEFAULT_DNS = var["-CHNROUTE_MODE_DEFAULT_DNS"]
local CHINADNS_DNS = var["-CHINADNS_DNS"]
local TCP_NODE = var["-TCP_NODE"]
local PROXY_MODE = var["-PROXY_MODE"]
local NO_PROXY_IPV6 = var["-NO_PROXY_IPV6"]
local NO_LOGIC_LOG = var["-NO_LOGIC_LOG"]
local NFTFLAG = var["-NFTFLAG"]
local CACHE_PATH = api.CACHE_PATH
local CACHE_FLAG = "dnsmasq_" .. FLAG
local CACHE_DNS_PATH = CACHE_PATH .. "/" .. CACHE_FLAG
local CACHE_TEXT_FILE = CACHE_DNS_PATH .. ".txt"
local uci = api.uci
local sys = api.sys
local appname = api.appname
local fs = api.fs
local datatypes = api.datatypes
local list1 = {}
local excluded_domain = {}
local excluded_domain_str = "!"
local function log(...)
if NO_LOGIC_LOG == "1" then
return
end
api.log(...)
end
local function check_dns(domain, dns)
if domain == "" or domain:find("#") then
return false
end
if not dns then
return
end
for k,v in ipairs(list1[domain].dns) do
if dns == v then
return true
end
end
return false
end
local function check_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return false
end
if not ipset then
return
end
for k,v in ipairs(list1[domain].ipsets) do
if ipset == v then
return true
end
end
return false
end
local function set_domain_address(domain, address)
if domain == "" or domain:find("#") then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
if not list1[domain].address then
list1[domain].address = address
end
end
local function set_domain_dns(domain, dns)
if domain == "" or domain:find("#") then
return
end
if not dns then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
for line in string.gmatch(dns, '[^' .. "," .. ']+') do
if not check_dns(domain, line) then
table.insert(list1[domain].dns, line)
end
end
end
local function set_domain_ipset(domain, ipset)
if domain == "" or domain:find("#") then
return
end
if not ipset then
return
end
if not list1[domain] then
list1[domain] = {
dns = {},
ipsets = {}
}
end
for line in string.gmatch(ipset, '[^' .. "," .. ']+') do
if not check_ipset(domain, line) then
table.insert(list1[domain].ipsets, line)
end
end
end
local function add_excluded_domain(domain)
if domain == "" or domain:find("#") then
return
end
table.insert(excluded_domain, domain)
excluded_domain_str = excluded_domain_str .. "|" .. domain
end
local function check_excluded_domain(domain)
if domain == "" or domain:find("#") then
return false
end
for k,v in ipairs(excluded_domain) do
if domain:find(v) then
return true
end
end
return false
end
local cache_text = ""
local new_rules = luci.sys.exec("echo -n $(find /usr/share/passwall/rules -type f | xargs md5sum)")
local new_text = TMP_DNSMASQ_PATH .. DNSMASQ_CONF_FILE .. DEFAULT_DNS .. LOCAL_DNS .. TUN_DNS .. REMOTE_FAKEDNS .. CHNROUTE_MODE_DEFAULT_DNS .. CHINADNS_DNS .. PROXY_MODE .. NO_PROXY_IPV6 .. new_rules .. NFTFLAG
if fs.access(CACHE_TEXT_FILE) then
for line in io.lines(CACHE_TEXT_FILE) do
cache_text = line
end
end
if cache_text ~= new_text then
api.remove(CACHE_DNS_PATH .. "*")
end
local global = PROXY_MODE:find("global")
local returnhome = PROXY_MODE:find("returnhome")
local chnlist = PROXY_MODE:find("chnroute")
local gfwlist = PROXY_MODE:find("gfwlist")
local only_global
local dnsmasq_default_dns
if CHNROUTE_MODE_DEFAULT_DNS ~= "nil" then
if chnlist and CHNROUTE_MODE_DEFAULT_DNS == "remote" then
dnsmasq_default_dns = TUN_DNS
end
if (chnlist or gfwlist) and CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
dnsmasq_default_dns = CHINADNS_DNS
end
end
if global and (not returnhome and not chnlist and not gfwlist) then
--只有全局模式时
dnsmasq_default_dns = TUN_DNS
only_global = 1
end
local setflag_4= (NFTFLAG == "1") and "4#inet#fw4#" or ""
local setflag_6= (NFTFLAG == "1") and "6#inet#fw4#" or ""
if not fs.access(CACHE_DNS_PATH) then
fs.mkdir("/tmp/dnsmasq.d")
fs.mkdir(CACHE_DNS_PATH)
--屏蔽列表
for line in io.lines("/usr/share/passwall/rules/block_host") do
if line ~= "" and not line:find("#") then
set_domain_address(line, "0.0.0.0")
end
end
--始终用国内DNS解析节点域名
uci:foreach(appname, "nodes", function(t)
local address = t.address
if datatypes.hostname(address) then
set_domain_dns(address, LOCAL_DNS)
set_domain_ipset(address, setflag_4 .. "passwall_vpslist," .. setflag_6 .. "passwall_vpslist6")
end
end)
log(string.format(" - 节点列表中的域名(vpslist)%s", LOCAL_DNS or "默认"))
--始终用国内DNS解析直连白名单列表
for line in io.lines("/usr/share/passwall/rules/direct_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
set_domain_dns(line, LOCAL_DNS)
set_domain_ipset(line, setflag_4 .. "passwall_whitelist," .. setflag_6 .. "passwall_whitelist6")
end
end
log(string.format(" - 域名白名单(whitelist)%s", LOCAL_DNS or "默认"))
local fwd_dns
local ipset_flag
local no_ipv6
--始终使用远程DNS解析代理黑名单列表
for line in io.lines("/usr/share/passwall/rules/proxy_host") do
if line ~= "" and not line:find("#") then
add_excluded_domain(line)
local ipset_flag = setflag_4 .. "passwall_blacklist," .. setflag_6 .. "passwall_blacklist6"
if NO_PROXY_IPV6 == "1" then
set_domain_address(line, "::")
ipset_flag = setflag_4 .. "passwall_blacklist"
end
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_dns(line, TUN_DNS)
set_domain_ipset(line, ipset_flag)
end
end
log(string.format(" - 代理域名表(blacklist)%s", TUN_DNS or "默认"))
--分流规则
if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
local t = uci:get_all(appname, TCP_NODE)
local default_node_id = t["default_node"] or "_direct"
uci:foreach(appname, "shunt_rules", function(s)
local _node_id = t[s[".name"]] or "nil"
if _node_id ~= "nil" and _node_id ~= "_blackhole" then
if _node_id == "_default" then
_node_id = default_node_id
end
fwd_dns = nil
ipset_flag = nil
no_ipv6 = nil
if _node_id == "_direct" then
fwd_dns = LOCAL_DNS
ipset_flag = setflag_4 .. "passwall_whitelist," .. setflag_6 .. "passwall_whitelist6"
else
fwd_dns = TUN_DNS
ipset_flag = setflag_4 .. "passwall_shuntlist," .. setflag_6 .. "passwall_shuntlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = setflag_4 .. "passwall_shuntlist"
no_ipv6 = true
end
if not only_global then
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
end
local domain_list = s.domain_list or ""
for line in string.gmatch(domain_list, "[^\r\n]+") do
if line ~= "" and not line:find("#") and not line:find("regexp:") and not line:find("geosite:") and not line:find("ext:") then
if line:find("domain:") or line:find("full:") then
line = string.match(line, ":([^:]+)$")
end
add_excluded_domain(line)
if no_ipv6 then
set_domain_address(line, "::")
end
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, ipset_flag)
end
end
if _node_id ~= "_direct" then
log(string.format(" - V2ray/Xray分流规则(%s)%s", s.remarks, fwd_dns or "默认"))
end
end
end)
end
--如果没有使用回国模式
if not returnhome then
if fs.access("/usr/share/passwall/rules/gfwlist") then
fwd_dns = TUN_DNS
if CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
fwd_dns = nil
else
local ipset_flag = setflag_4 .. "passwall_gfwlist," .. setflag_6 .. "passwall_gfwlist6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = setflag_4 .. "passwall_gfwlist"
end
if not only_global then
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
end
local gfwlist_str = sys.exec('cat /usr/share/passwall/rules/gfwlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(gfwlist_str, "[^\r\n]+") do
if line ~= "" then
if NO_PROXY_IPV6 == "1" then
set_domain_address(line, "::")
end
if not only_global then
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, ipset_flag)
end
end
end
end
log(string.format(" - 防火墙域名表(gfwlist)%s", fwd_dns or "默认"))
end
if chnlist and fs.access("/usr/share/passwall/rules/chnlist") and (CHNROUTE_MODE_DEFAULT_DNS == "remote" or (CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0")) then
fwd_dns = LOCAL_DNS
if CHNROUTE_MODE_DEFAULT_DNS == "chinadns_ng" and CHINADNS_DNS ~= "0" then
fwd_dns = nil
else
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
set_domain_dns(line, fwd_dns)
set_domain_ipset(line, setflag_4 .. "passwall_chnroute," .. setflag_6 .. "passwall_chnroute6")
end
end
end
log(string.format(" - 中国域名表(chnroute)%s", fwd_dns or "默认"))
end
else
if fs.access("/usr/share/passwall/rules/chnlist") then
local chnlist_str = sys.exec('cat /usr/share/passwall/rules/chnlist | grep -v -E "^#" | grep -v -E "' .. excluded_domain_str .. '"')
for line in string.gmatch(chnlist_str, "[^\r\n]+") do
if line ~= "" then
local ipset_flag = setflag_4 .. "passwall_chnroute," .. setflag_6 .. "passwall_chnroute6"
if NO_PROXY_IPV6 == "1" then
ipset_flag = setflag_4 .. "passwall_chnroute"
set_domain_address(line, "::")
end
if not only_global then
set_domain_dns(line, TUN_DNS)
if REMOTE_FAKEDNS == "1" then
ipset_flag = nil
end
set_domain_ipset(line, ipset_flag)
end
end
end
log(string.format(" - 中国域名表(chnroute)%s", TUN_DNS or "默认"))
end
end
local address_out = io.open(CACHE_DNS_PATH .. "/000-address.conf", "a")
local server_out = io.open(CACHE_DNS_PATH .. "/001-server.conf", "a")
local ipset_out = io.open(CACHE_DNS_PATH .. "/ipset.conf", "a")
local set_name = "ipset"
if NFTFLAG == "1" then
set_name = "nftset"
end
for key, value in pairs(list1) do
if value.address and #value.address > 0 then
address_out:write(string.format("address=/.%s/%s\n", key, value.address))
end
if value.dns and #value.dns > 0 then
for i, dns in ipairs(value.dns) do
server_out:write(string.format("server=/.%s/%s\n", key, dns))
end
end
if value.ipsets and #value.ipsets > 0 then
local ipsets_str = ""
for i, ipset in ipairs(value.ipsets) do
ipsets_str = ipsets_str .. ipset .. ","
end
ipsets_str = ipsets_str:sub(1, #ipsets_str - 1)
ipset_out:write(string.format("%s=/.%s/%s\n", set_name, key, ipsets_str))
end
end
address_out:close()
server_out:close()
ipset_out:close()
local f_out = io.open(CACHE_TEXT_FILE, "a")
f_out:write(new_text)
f_out:close()
end
if api.is_install("procd\\-ujail") then
fs.copyr(CACHE_DNS_PATH, TMP_DNSMASQ_PATH)
else
api.remove(TMP_DNSMASQ_PATH)
fs.symlink(CACHE_DNS_PATH, TMP_DNSMASQ_PATH)
end
if DNSMASQ_CONF_FILE ~= "nil" then
local conf_out = io.open(DNSMASQ_CONF_FILE, "a")
conf_out:write(string.format("conf-dir=%s\n", TMP_DNSMASQ_PATH))
if dnsmasq_default_dns then
conf_out:write(string.format("server=%s\n", dnsmasq_default_dns))
conf_out:write("all-servers\n")
conf_out:write("no-poll\n")
conf_out:write("no-resolv\n")
conf_out:close()
log(string.format(" - 以上所列以外及默认:%s", dnsmasq_default_dns))
if FLAG == "default" then
local f_out = io.open("/tmp/etc/passwall/default_DNS", "a")
f_out:write(DEFAULT_DNS)
f_out:close()
end
end
end
log(" - PassWall必须依赖于Dnsmasq如果你自行配置了错误的DNS流程将会导致域名(直连/代理域名)分流失效!!!")

1269
luci-app-passwall/root/usr/share/passwall/iptables.sh Normal file
View File

File diff suppressed because it is too large Load Diff

48
luci-app-passwall/root/usr/share/passwall/monitor.sh Normal file
View File

@ -0,0 +1,48 @@
#!/bin/sh
CONFIG=passwall
TMP_PATH=/tmp/etc/$CONFIG
TMP_BIN_PATH=$TMP_PATH/bin
TMP_SCRIPT_FUNC_PATH=$TMP_PATH/script_func
TMP_ID_PATH=$TMP_PATH/id
LOCK_FILE_DIR=/tmp/lock
LOCK_FILE=${LOCK_FILE_DIR}/${CONFIG}_script.lock
config_n_get() {
local ret=$(uci -q get $CONFIG.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
config_t_get() {
local index=0
[ -n "$4" ] && index=$4
local ret=$(uci -q get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
ENABLED=$(config_t_get global enabled 0)
[ "$ENABLED" != 1 ] && return 1
ENABLED=$(config_t_get global_delay start_daemon 0)
[ "$ENABLED" != 1 ] && return 1
sleep 58s
while [ "$ENABLED" -eq 1 ]; do
[ -f "$LOCK_FILE" ] && {
sleep 6s
continue
}
touch $LOCK_FILE
for filename in $(ls ${TMP_SCRIPT_FUNC_PATH}); do
cmd=$(cat ${TMP_SCRIPT_FUNC_PATH}/${filename})
cmd_check=$(echo $cmd | awk -F '>' '{print $1}')
[ -n "$(echo $cmd_check | grep "dns2socks")" ] && cmd_check=$(echo $cmd_check | sed "s#:# #g")
icount=$(pgrep -f "$(echo $cmd_check)" | wc -l)
if [ $icount = 0 ]; then
#echo "${cmd} 进程挂掉,重启" >> /tmp/log/passwall.log
eval $(echo "nohup ${cmd} 2>&1 &") >/dev/null 2>&1 &
fi
done
rm -f $LOCK_FILE
sleep 58s
done

1267
luci-app-passwall/root/usr/share/passwall/nftables.sh Normal file
View File

File diff suppressed because it is too large Load Diff

469
luci-app-passwall/root/usr/share/passwall/rule_update.lua Normal file
View File

@ -0,0 +1,469 @@
#!/usr/bin/lua
require 'nixio'
require 'luci.sys'
local luci = luci
local ucic = luci.model.uci.cursor()
local jsonc = require "luci.jsonc"
local name = 'passwall'
local api = require ("luci.passwall.api")
local arg1 = arg[1]
local rule_path = "/usr/share/" .. name .. "/rules"
local reboot = 0
local gfwlist_update = 0
local chnroute_update = 0
local chnroute6_update = 0
local chnlist_update = 0
local geoip_update = 0
local geosite_update = 0
-- match comments/title/whitelist/ip address/excluded_domain
local comment_pattern = "^[!\\[@]+"
local ip_pattern = "^%d+%.%d+%.%d+%.%d+"
local ip4_ipset_pattern = "^%d+%.%d+%.%d+%.%d+[%/][%d]+$"
local ip6_ipset_pattern = ":-[%x]+%:+[%x]-[%/][%d]+$"
local domain_pattern = "([%w%-%_]+%.[%w%.%-%_]+)[%/%*]*"
local excluded_domain = {"apple.com","sina.cn","sina.com.cn","baidu.com","byr.cn","jlike.com","weibo.com","zhongsou.com","youdao.com","sogou.com","so.com","soso.com","aliyun.com","taobao.com","jd.com","qq.com","bing.com"}
local gfwlist_url = ucic:get(name, "@global_rules[0]", "gfwlist_url") or {"https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"}
local chnroute_url = ucic:get(name, "@global_rules[0]", "chnroute_url") or {"https://ispip.clang.cn/all_cn.txt"}
local chnroute6_url = ucic:get(name, "@global_rules[0]", "chnroute6_url") or {"https://ispip.clang.cn/all_cn_ipv6.txt"}
local chnlist_url = ucic:get(name, "@global_rules[0]", "chnlist_url") or {"https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf"}
local geoip_api = "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest"
local geosite_api = "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest"
local v2ray_asset_location = ucic:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
local use_nft = ucic:get(name, "@global_forwarding[0]", "use_nft") or "0"
local log = function(...)
if arg1 then
if arg1 == "log" then
api.log(...)
elseif arg1 == "print" then
local result = os.date("%Y-%m-%d %H:%M:%S: ") .. table.concat({...}, " ")
print(result)
end
end
end
local function gen_nftset(set_name, ip_type, tmp_file, input_file)
f = io.open(input_file, "r")
local element = f:read("*all")
f:close()
nft_file, err = io.open(tmp_file, "w")
nft_file:write('#!/usr/sbin/nft -f\n')
nft_file:write(string.format('define %s = {%s}\n', set_name, string.gsub(element, "%s*%c+", ", ")))
if luci.sys.call(string.format('nft "list set inet fw4 %s" >/dev/null 2>&1', set_name)) ~= 0 then
nft_file:write(string.format('add set inet fw4 %s { type %s; flags interval; auto-merge; }\n', set_name, ip_type))
end
nft_file:write(string.format('add element inet fw4 %s $%s\n', set_name, set_name))
nft_file:close()
luci.sys.call(string.format('nft -f %s &>/dev/null',tmp_file))
os.remove(tmp_file)
end
--gen cache for nftset from file
local function gen_cache(set_name, ip_type, input_file, output_file)
local tmp_dir = "/tmp/"
local tmp_file = output_file .. "_tmp"
local tmp_set_name = set_name .. "_tmp"
gen_nftset(tmp_set_name, ip_type, tmp_file, input_file)
luci.sys.call("nft list set inet fw4 " ..tmp_set_name.. " | sed 's/" ..tmp_set_name.. "/" ..set_name.. "/g' | cat > " ..output_file)
luci.sys.call("nft flush set inet fw4 " ..tmp_set_name)
luci.sys.call("nft delete set inet fw4 " ..tmp_set_name)
end
-- curl
local function curl(url, file, valifile)
local args = {
"-skL", "-w %{http_code}", "--retry 3", "--connect-timeout 3"
}
if file then
args[#args + 1] = "-o " .. file
end
if valifile then
args[#args + 1] = "--dump-header " .. valifile
end
local return_code, result = api.curl_logic(url, nil, args)
return tonumber(result)
end
--check excluded domain
local function check_excluded_domain(value)
for k,v in ipairs(excluded_domain) do
if value:find(v) then
return true
end
end
end
local function line_count(file_path)
local num = 0
for _ in io.lines(file_path) do
num = num + 1
end
return num;
end
local function non_file_check(file_path, vali_file)
if nixio.fs.readfile(file_path, 10) then
local remote_file_size = tonumber(luci.sys.exec("cat " .. vali_file .. " | grep -i 'Content-Length' | awk '{print $2}'"))
local local_file_size = tonumber(nixio.fs.stat(file_path, "size"))
if remote_file_size and local_file_size then
if remote_file_size == local_file_size then
return nil;
else
log("下载文件大小校验出错,原始文件大小" .. remote_file_size .. "B下载文件大小" .. local_file_size .. "B。")
return true;
end
else
return nil;
end
else
log("下载文件读取出错。")
return true;
end
end
--fetch rule
local function fetch_rule(rule_name,rule_type,url,exclude_domain)
local sret = 200
local sret_tmp = 0
local domains = {}
local file_tmp = "/tmp/" ..rule_name.. "_tmp"
local vali_file = "/tmp/" ..rule_name.. "_vali"
local download_file_tmp = "/tmp/" ..rule_name.. "_dl"
local unsort_file_tmp = "/tmp/" ..rule_name.. "_unsort"
log(rule_name.. " 开始更新...")
for k,v in ipairs(url) do
sret_tmp = curl(v, download_file_tmp..k, vali_file..k)
if sret_tmp == 200 and non_file_check(download_file_tmp..k, vali_file..k) then
log(rule_name.. "" ..k.. "条规则:" ..v.. "下载文件过程出错,尝试重新下载。")
os.remove(download_file_tmp..k)
os.remove(vali_file..k)
sret_tmp = curl(v, download_file_tmp..k, vali_file..k)
if sret_tmp == 200 and non_file_check(download_file_tmp..k, vali_file..k) then
sret = 0
sret_tmp = 0
log(rule_name.. "" ..k.. "条规则:" ..v.. "下载文件过程出错,请检查网络或下载链接后重试!")
end
end
if sret_tmp == 200 then
if rule_name == "gfwlist" then
local domains = {}
local gfwlist = io.open(download_file_tmp..k, "r")
local decode = api.base64Decode(gfwlist:read("*all"))
gfwlist:close()
gfwlist = io.open(download_file_tmp..k, "w")
gfwlist:write(decode)
gfwlist:close()
end
if rule_type == "domain" and exclude_domain == true then
for line in io.lines(download_file_tmp..k) do
if not (string.find(line, comment_pattern) or string.find(line, ip_pattern) or check_excluded_domain(line)) then
local start, finish, match = string.find(line, domain_pattern)
if (start) then
domains[match] = true
end
end
end
elseif rule_type == "domain" then
for line in io.lines(download_file_tmp..k) do
if not (string.find(line, comment_pattern) or string.find(line, ip_pattern)) then
local start, finish, match = string.find(line, domain_pattern)
if (start) then
domains[match] = true
end
end
end
elseif rule_type == "ip4" then
local out = io.open(unsort_file_tmp, "a")
for line in io.lines(download_file_tmp..k) do
local start, finish, match = string.find(line, ip4_ipset_pattern)
if (start) then
out:write(string.format("%s\n", line))
end
end
out:close()
elseif rule_type == "ip6" then
local out = io.open(unsort_file_tmp, "a")
for line in io.lines(download_file_tmp..k) do
local start, finish, match = string.find(line, ip6_ipset_pattern)
if (start) then
out:write(string.format("%s\n", line))
end
end
out:close()
end
else
sret = 0
log(rule_name.. "" ..k.. "条规则:" ..v.. "下载失败,请检查网络或下载链接后重试!")
end
os.remove(download_file_tmp..k)
os.remove(vali_file..k)
end
if sret == 200 then
if rule_type == "domain" then
local out = io.open(unsort_file_tmp, "w")
for k,v in pairs(domains) do
out:write(string.format("%s\n", k))
end
out:close()
end
luci.sys.call("cat " ..unsort_file_tmp.. " | sort -u > "..file_tmp)
os.remove(unsort_file_tmp)
local old_md5 = luci.sys.exec("echo -n $(md5sum " .. rule_path .. "/" ..rule_name.. " | awk '{print $1}')")
local new_md5 = luci.sys.exec("echo -n $([ -f '" ..file_tmp.. "' ] && md5sum " ..file_tmp.." | awk '{print $1}')")
if old_md5 ~= new_md5 then
local count = line_count(file_tmp)
if use_nft == "1" and (rule_type == "ip6" or rule_type == "ip4") then
local set_name = "passwall_" ..rule_name
local output_file = file_tmp.. ".nft"
if rule_type == "ip4" then
gen_cache(set_name, "ipv4_addr", file_tmp, output_file)
elseif rule_type == "ip6" then
gen_cache(set_name, "ipv6_addr", file_tmp, output_file)
end
luci.sys.exec(string.format('mv -f %s %s', output_file, rule_path .. "/" ..rule_name.. ".nft"))
os.remove(output_file)
end
luci.sys.exec("mv -f "..file_tmp .. " " ..rule_path .. "/" ..rule_name)
reboot = 1
log(rule_name.. " 更新成功,总规则数 " ..count.. " 条。")
else
log(rule_name.. " 版本一致,无需更新。")
end
else
log(rule_name.. " 文件下载失败!")
end
os.remove(file_tmp)
return 0
end
local function fetch_gfwlist()
fetch_rule("gfwlist","domain",gfwlist_url,true)
end
local function fetch_chnroute()
fetch_rule("chnroute","ip4",chnroute_url,false)
end
local function fetch_chnroute6()
fetch_rule("chnroute6","ip6",chnroute6_url,false)
end
local function fetch_chnlist()
fetch_rule("chnlist","domain",chnlist_url,false)
end
--获取geoip
local function fetch_geoip()
--请求geoip
xpcall(function()
local return_code, content = api.curl_logic(geoip_api)
local json = jsonc.parse(content)
if json.tag_name and json.assets then
for _, v in ipairs(json.assets) do
if v.name and v.name == "geoip.dat.sha256sum" then
local sret = curl(v.browser_download_url, "/tmp/geoip.dat.sha256sum")
if sret == 200 then
local f = io.open("/tmp/geoip.dat.sha256sum", "r")
local content = f:read()
f:close()
f = io.open("/tmp/geoip.dat.sha256sum", "w")
f:write(content:gsub("geoip.dat", "/tmp/geoip.dat"), "")
f:close()
if nixio.fs.access(v2ray_asset_location .. "geoip.dat") then
luci.sys.call(string.format("cp -f %s %s", v2ray_asset_location .. "geoip.dat", "/tmp/geoip.dat"))
if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geoip 版本一致,无需更新。")
return 1
end
end
for _2, v2 in ipairs(json.assets) do
if v2.name and v2.name == "geoip.dat" then
sret = curl(v2.browser_download_url, "/tmp/geoip.dat")
if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", v2ray_asset_location, "/tmp/geoip.dat", v2ray_asset_location .. "geoip.dat"))
reboot = 1
log("geoip 更新成功。")
return 1
else
log("geoip 更新失败,请稍后再试。")
end
break
end
end
end
break
end
end
end
end,
function(e)
end)
return 0
end
--获取geosite
local function fetch_geosite()
--请求geosite
xpcall(function()
local return_code, content = api.curl_logic(geosite_api)
local json = jsonc.parse(content)
if json.tag_name and json.assets then
for _, v in ipairs(json.assets) do
if v.name and v.name == "geosite.dat.sha256sum" then
local sret = curl(v.browser_download_url, "/tmp/geosite.dat.sha256sum")
if sret == 200 then
local f = io.open("/tmp/geosite.dat.sha256sum", "r")
local content = f:read()
f:close()
f = io.open("/tmp/geosite.dat.sha256sum", "w")
f:write(content:gsub("geosite.dat", "/tmp/geosite.dat"), "")
f:close()
if nixio.fs.access(v2ray_asset_location .. "geosite.dat") then
luci.sys.call(string.format("cp -f %s %s", v2ray_asset_location .. "geosite.dat", "/tmp/geosite.dat"))
if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
log("geosite 版本一致,无需更新。")
return 1
end
end
for _2, v2 in ipairs(json.assets) do
if v2.name and v2.name == "geosite.dat" then
sret = curl(v2.browser_download_url, "/tmp/geosite.dat")
if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", v2ray_asset_location, "/tmp/geosite.dat", v2ray_asset_location .. "geosite.dat"))
reboot = 1
log("geosite 更新成功。")
return 1
else
log("geosite 更新失败,请稍后再试。")
end
break
end
end
end
break
end
end
end
end,
function(e)
end)
return 0
end
if arg[2] then
string.gsub(arg[2], '[^' .. "," .. ']+', function(w)
if w == "gfwlist" then
gfwlist_update = 1
end
if w == "chnroute" then
chnroute_update = 1
end
if w == "chnroute6" then
chnroute6_update = 1
end
if w == "chnlist" then
chnlist_update = 1
end
if w == "geoip" then
geoip_update = 1
end
if w == "geosite" then
geosite_update = 1
end
end)
else
gfwlist_update = ucic:get_first(name, 'global_rules', "gfwlist_update", 1)
chnroute_update = ucic:get_first(name, 'global_rules', "chnroute_update", 1)
chnroute6_update = ucic:get_first(name, 'global_rules', "chnroute6_update", 1)
chnlist_update = ucic:get_first(name, 'global_rules', "chnlist_update", 1)
geoip_update = ucic:get_first(name, 'global_rules', "geoip_update", 1)
geosite_update = ucic:get_first(name, 'global_rules', "geosite_update", 1)
end
if gfwlist_update == 0 and chnroute_update == 0 and chnroute6_update == 0 and chnlist_update == 0 and geoip_update == 0 and geosite_update == 0 then
os.exit(0)
end
log("开始更新规则...")
if tonumber(gfwlist_update) == 1 then
xpcall(fetch_gfwlist,function(e)
log(e)
log(debug.traceback())
log('更新gfwlist发生错误...')
end)
end
if tonumber(chnroute_update) == 1 then
xpcall(fetch_chnroute,function(e)
log(e)
log(debug.traceback())
log('更新chnroute发生错误...')
end)
end
if tonumber(chnroute6_update) == 1 then
xpcall(fetch_chnroute6,function(e)
log(e)
log(debug.traceback())
log('更新chnroute6发生错误...')
end)
end
if tonumber(chnlist_update) == 1 then
xpcall(fetch_chnlist,function(e)
log(e)
log(debug.traceback())
log('更新chnlist发生错误...')
end)
end
if tonumber(geoip_update) == 1 then
log("geoip 开始更新...")
local status = fetch_geoip()
os.remove("/tmp/geoip.dat")
os.remove("/tmp/geoip.dat.sha256sum")
end
if tonumber(geosite_update) == 1 then
log("geosite 开始更新...")
local status = fetch_geosite()
os.remove("/tmp/geosite.dat")
os.remove("/tmp/geosite.dat.sha256sum")
end
ucic:set(name, ucic:get_first(name, 'global_rules'), "gfwlist_update", gfwlist_update)
ucic:set(name, ucic:get_first(name, 'global_rules'), "chnroute_update", chnroute_update)
ucic:set(name, ucic:get_first(name, 'global_rules'), "chnroute6_update", chnroute6_update)
ucic:set(name, ucic:get_first(name, 'global_rules'), "chnlist_update", chnlist_update)
ucic:set(name, ucic:get_first(name, 'global_rules'), "geoip_update", geoip_update)
ucic:set(name, ucic:get_first(name, 'global_rules'), "geosite_update", geosite_update)
ucic:save(name)
luci.sys.call("uci commit " .. name)
if reboot == 1 then
log("重启服务,应用新的规则。")
if use_nft == "1" then
luci.sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset > /dev/null 2>&1 &")
else
luci.sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset > /dev/null 2>&1 &")
end
end
log("规则更新完毕...")

0
luci-app-passwall/root/usr/share/passwall/rules/block_host Normal file
View File

0
luci-app-passwall/root/usr/share/passwall/rules/block_ip Normal file
View File

64206
luci-app-passwall/root/usr/share/passwall/rules/chnlist Normal file
View File

File diff suppressed because it is too large Load Diff

8609
luci-app-passwall/root/usr/share/passwall/rules/chnroute Normal file
View File

File diff suppressed because it is too large Load Diff

2420
luci-app-passwall/root/usr/share/passwall/rules/chnroute.nft Normal file
View File

File diff suppressed because it is too large Load Diff

1974
luci-app-passwall/root/usr/share/passwall/rules/chnroute6 Normal file
View File

File diff suppressed because it is too large Load Diff

2540
luci-app-passwall/root/usr/share/passwall/rules/chnroute6.nft Normal file
View File

File diff suppressed because it is too large Load Diff

18
luci-app-passwall/root/usr/share/passwall/rules/direct_host Normal file
View File

@ -0,0 +1,18 @@
apple.com
microsoft.com
dyndns.com
douyucdn.cn
douyucdn2.cn
#steam
steamcontent.com
dl.steam.clngaa.com
dl.steam.ksyna.com
st.dl.bscstorage.net
st.dl.eccdnx.com
st.dl.pinyuncloud.com
cdn.mileweb.cs.steampowered.com.8686c.com
cdn-ws.content.steamchina.com
cdn-qc.content.steamchina.com
cdn-ali.content.steamchina.com
epicgames-download1-1251447533.file.myqcloud.com

6
luci-app-passwall/root/usr/share/passwall/rules/direct_ip Normal file
View File

@ -0,0 +1,6 @@
114.114.114.114
114.114.115.115
223.5.5.5
223.6.6.6
119.29.29.29
180.76.76.76

24
luci-app-passwall/root/usr/share/passwall/rules/domains_excluded Normal file
View File

@ -0,0 +1,24 @@
courier.push.apple.com
rbsxbxp-mim.vivox.com
rbsxbxp.www.vivox.com
rbsxbxp-ws.vivox.com
rbspsxp.www.vivox.com
rbspsxp-mim.vivox.com
rbspsxp-ws.vivox.com
rbswxp.www.vivox.com
rbswxp-mim.vivox.com
disp-rbspsp-5-1.vivox.com
disp-rbsxbp-5-1.vivox.com
proxy.rbsxbp.vivox.com
proxy.rbspsp.vivox.com
proxy.rbswp.vivox.com
rbswp.vivox.com
rbsxbp.vivox.com
rbspsp.vivox.com
rbspsp.www.vivox.com
rbswp.www.vivox.com
rbsxbp.www.vivox.com
rbsxbxp.vivox.com
rbspsxp.vivox.com
rbswxp.vivox.com
Mijia Cloud

6129
luci-app-passwall/root/usr/share/passwall/rules/gfwlist Normal file
View File

File diff suppressed because it is too large Load Diff

16
luci-app-passwall/root/usr/share/passwall/rules/lanlist_ipv4 Normal file
View File

@ -0,0 +1,16 @@
0.0.0.0/8
10.0.0.0/8
100.64.0.0/10
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.19.0.0/16
198.51.100.0/24
203.0.113.0/24
224.0.0.0/4
240.0.0.0/4
255.255.255.255/32

12
luci-app-passwall/root/usr/share/passwall/rules/lanlist_ipv6 Normal file
View File

@ -0,0 +1,12 @@
::/128
::1/128
::ffff:0:0:0/96
64:ff9b::/96
100::/64
2001::/32
2001:20::/28
2001:db8::/32
2002::/16
fc00::/7
fe80::/10
ff00::/8

16
luci-app-passwall/root/usr/share/passwall/rules/proxy_host Normal file
View File

@ -0,0 +1,16 @@
bing.com
sspanel.net
v2ex.com
#google
googleapis.cn
googleapis.com
google.com.tw
google.com.hk
gstatic.com
xn--ngstr-lra8j.com
#github
github.com
github.global.ssl.fastly.net
assets-cdn.github.com

19
luci-app-passwall/root/usr/share/passwall/rules/proxy_ip Normal file
View File

@ -0,0 +1,19 @@
149.154.160.0/20
91.108.4.0/22
91.108.56.0/24
109.239.140.0/24
67.198.55.0/24
8.8.4.4
8.8.8.8
208.67.222.222
208.67.220.220
1.1.1.1
1.1.1.2
1.0.0.1
9.9.9.9
149.112.112.112
2001:67c:4e8::/48
2001:b28:f23c::/48
2001:b28:f23d::/48
2001:b28:f23f::/48
2001:b28:f242::/48

1283
luci-app-passwall/root/usr/share/passwall/subscribe.lua Normal file
View File

File diff suppressed because it is too large Load Diff

274
luci-app-passwall/root/usr/share/passwall/test.sh Normal file
View File

@ -0,0 +1,274 @@
#!/bin/sh
CONFIG=passwall
LOG_FILE=/tmp/log/$CONFIG.log
LOCK_FILE_DIR=/tmp/lock
LOCK_FILE=${LOCK_FILE_DIR}/${CONFIG}_script.lock
echolog() {
local d="$(date "+%Y-%m-%d %H:%M:%S")"
#echo -e "$d: $1"
echo -e "$d: $1" >> $LOG_FILE
}
config_n_get() {
local ret=$(uci -q get "${CONFIG}.${1}.${2}" 2>/dev/null)
echo "${ret:=$3}"
}
config_t_get() {
local index=0
[ -n "$4" ] && index=$4
local ret=$(uci -q get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
test_url() {
local url=$1
local try=1
[ -n "$2" ] && try=$2
local timeout=2
[ -n "$3" ] && timeout=$3
local extra_params=$4
curl --help all | grep "\-\-retry-all-errors" > /dev/null
[ $? == 0 ] && extra_params="--retry-all-errors ${extra_params}"
status=$(/usr/bin/curl -I -o /dev/null -skL $extra_params --connect-timeout ${timeout} --retry ${try} -w %{http_code} "$url")
case "$status" in
204|\
200)
status=200
;;
esac
echo $status
}
test_proxy() {
result=0
status=$(test_url "https://www.google.com/generate_204" ${retry_num} ${connect_timeout})
if [ "$status" = "200" ]; then
result=0
else
status2=$(test_url "https://www.baidu.com" ${retry_num} ${connect_timeout})
if [ "$status2" = "200" ]; then
result=1
else
result=2
ping -c 3 -W 1 223.5.5.5 > /dev/null 2>&1
[ $? -eq 0 ] && {
result=1
}
fi
fi
echo $result
}
url_test_node() {
result=0
local node_id=$1
local _type=$(echo $(config_n_get ${node_id} type nil) | tr 'A-Z' 'a-z')
[ "${_type}" != "nil" ] && {
if [ "${_type}" == "socks" ]; then
local _address=$(config_n_get ${node_id} address)
local _port=$(config_n_get ${node_id} port)
[ -n "${_address}" ] && [ -n "${_port}" ] && {
local curlx="socks5h://${_address}:${_port}"
local _username=$(config_n_get ${node_id} username)
local _password=$(config_n_get ${node_id} password)
[ -n "${_username}" ] && [ -n "${_password}" ] && curlx="socks5h://${_username}:${_password}@${_address}:${_port}"
}
else
local _tmp_port=$(/usr/share/${CONFIG}/app.sh get_new_port 61080 tcp)
/usr/share/${CONFIG}/app.sh run_socks flag="url_test_${node_id}" node=${node_id} bind=127.0.0.1 socks_port=${_tmp_port} config_file=url_test_${node_id}.json
local curlx="socks5h://127.0.0.1:${_tmp_port}"
fi
sleep 1s
result=$(curl --connect-timeout 3 -o /dev/null -I -skL -w "%{http_code}:%{time_starttransfer}" -x $curlx "https://www.google.com/generate_204")
pgrep -af "url_test_${node_id}" | awk '! /test\.sh/{print $1}' | xargs kill -9 >/dev/null 2>&1
rm -rf "/tmp/etc/${CONFIG}/url_test_${node_id}.json"
}
echo $result
}
test_node() {
local node_id=$1
local _type=$(echo $(config_n_get ${node_id} type nil) | tr 'A-Z' 'a-z')
[ "${_type}" != "nil" ] && {
if [ "${_type}" == "socks" ]; then
local _address=$(config_n_get ${node_id} address)
local _port=$(config_n_get ${node_id} port)
[ -n "${_address}" ] && [ -n "${_port}" ] && {
local curlx="socks5h://${_address}:${_port}"
local _username=$(config_n_get ${node_id} username)
local _password=$(config_n_get ${node_id} password)
[ -n "${_username}" ] && [ -n "${_password}" ] && curlx="socks5h://${_username}:${_password}@${_address}:${_port}"
}
else
local _tmp_port=$(/usr/share/${CONFIG}/app.sh get_new_port 61080 tcp)
/usr/share/${CONFIG}/app.sh run_socks flag="test_node_${node_id}" node=${node_id} bind=127.0.0.1 socks_port=${_tmp_port} config_file=test_node_${node_id}.json
local curlx="socks5h://127.0.0.1:${_tmp_port}"
fi
sleep 1s
_proxy_status=$(test_url "https://www.google.com/generate_204" ${retry_num} ${connect_timeout} "-x $curlx")
pgrep -af "test_node_${node_id}" | awk '! /test\.sh/{print $1}' | xargs kill -9 >/dev/null 2>&1
rm -rf "/tmp/etc/${CONFIG}/test_node_${node_id}.json"
if [ "${_proxy_status}" -eq 200 ]; then
return 0
fi
}
return 1
}
flag=0
main_node=$(config_t_get global tcp_node nil)
test_auto_switch() {
flag=$(expr $flag + 1)
local TYPE=$1
local b_tcp_nodes=$2
local now_node=$3
[ -z "$now_node" ] && {
if [ -f "/tmp/etc/$CONFIG/id/${TYPE}" ]; then
now_node=$(cat /tmp/etc/$CONFIG/id/${TYPE})
if [ "$(config_n_get $now_node protocol nil)" = "_shunt" ]; then
if [ "$shunt_logic" == "1" ] && [ -f "/tmp/etc/$CONFIG/id/${TYPE}_default" ]; then
now_node=$(cat /tmp/etc/$CONFIG/id/${TYPE}_default)
elif [ "$shunt_logic" == "2" ] && [ -f "/tmp/etc/$CONFIG/id/${TYPE}_main" ]; then
now_node=$(cat /tmp/etc/$CONFIG/id/${TYPE}_main)
else
shunt_logic=0
fi
else
shunt_logic=0
fi
else
#echolog "自动切换检测:未知错误"
return 1
fi
}
[ $flag -le 1 ] && {
main_node=$now_node
}
status=$(test_proxy)
if [ "$status" == 2 ]; then
echolog "自动切换检测:无法连接到网络,请检查网络是否正常!"
return 2
fi
#检测主节点是否能使用
if [ "$restore_switch" == "1" ] && [ "$main_node" != "nil" ] && [ "$now_node" != "$main_node" ]; then
test_node ${main_node}
[ $? -eq 0 ] && {
#主节点正常,切换到主节点
echolog "自动切换检测:${TYPE}主节点【$(config_n_get $main_node type)[$(config_n_get $main_node remarks)]】正常,切换到主节点!"
/usr/share/${CONFIG}/app.sh node_switch flag=${TYPE} new_node=${main_node} shunt_logic=${shunt_logic}
[ $? -eq 0 ] && {
echolog "自动切换检测:${TYPE}节点切换完毕!"
[ "$shunt_logic" != "0" ] && {
local tcp_node=$(config_t_get global tcp_node nil)
[ "$(config_n_get $tcp_node protocol nil)" = "_shunt" ] && {
if [ "$shunt_logic" == "1" ]; then
uci set $CONFIG.$tcp_node.default_node="$main_node"
elif [ "$shunt_logic" == "2" ]; then
uci set $CONFIG.$tcp_node.main_node="$main_node"
fi
uci commit $CONFIG
}
}
}
return 0
}
fi
if [ "$status" == 0 ]; then
#echolog "自动切换检测:${TYPE}节点【$(config_n_get $now_node type)[$(config_n_get $now_node remarks)]】正常。"
return 0
elif [ "$status" == 1 ]; then
echolog "自动切换检测:${TYPE}节点【$(config_n_get $now_node type)[$(config_n_get $now_node remarks)]】异常,切换到下一个备用节点检测!"
local new_node
in_backup_nodes=$(echo $b_tcp_nodes | grep $now_node)
# 判断当前节点是否存在于备用节点列表里
if [ -z "$in_backup_nodes" ]; then
# 如果不存在,设置第一个节点为新的节点
new_node=$(echo $b_tcp_nodes | awk -F ' ' '{print $1}')
else
# 如果存在,设置下一个备用节点为新的节点
#local count=$(expr $(echo $b_tcp_nodes | grep -o ' ' | wc -l) + 1)
local next_node=$(echo $b_tcp_nodes | awk -F "$now_node" '{print $2}' | awk -F " " '{print $1}')
if [ -z "$next_node" ]; then
new_node=$(echo $b_tcp_nodes | awk -F ' ' '{print $1}')
else
new_node=$next_node
fi
fi
test_node ${new_node}
if [ $? -eq 0 ]; then
[ "$restore_switch" == "0" ] && {
[ "$shunt_logic" == "0" ] && uci set $CONFIG.@global[0].tcp_node=$new_node
[ -z "$(echo $b_tcp_nodes | grep $main_node)" ] && uci add_list $CONFIG.@auto_switch[0].tcp_node=$main_node
uci commit $CONFIG
}
echolog "自动切换检测:${TYPE}节点【$(config_n_get $new_node type)[$(config_n_get $new_node remarks)]】正常,切换到此节点!"
/usr/share/${CONFIG}/app.sh node_switch flag=${TYPE} new_node=${new_node} shunt_logic=${shunt_logic}
[ $? -eq 0 ] && {
[ "$restore_switch" == "1" ] && [ "$shunt_logic" != "0" ] && {
local tcp_node=$(config_t_get global tcp_node nil)
[ "$(config_n_get $tcp_node protocol nil)" = "_shunt" ] && {
if [ "$shunt_logic" == "1" ]; then
uci set $CONFIG.$tcp_node.default_node="$main_node"
elif [ "$shunt_logic" == "2" ]; then
uci set $CONFIG.$tcp_node.main_node="$main_node"
fi
uci commit $CONFIG
}
}
echolog "自动切换检测:${TYPE}节点切换完毕!"
}
return 0
else
test_auto_switch ${TYPE} "${b_tcp_nodes}" ${new_node}
fi
fi
}
start() {
ENABLED=$(config_t_get global enabled 0)
[ "$ENABLED" != 1 ] && return 1
ENABLED=$(config_t_get auto_switch enable 0)
[ "$ENABLED" != 1 ] && return 1
delay=$(config_t_get auto_switch testing_time 1)
#sleep 9s
connect_timeout=$(config_t_get auto_switch connect_timeout 3)
retry_num=$(config_t_get auto_switch retry_num 3)
restore_switch=$(config_t_get auto_switch restore_switch 0)
shunt_logic=$(config_t_get auto_switch shunt_logic 0)
while [ "$ENABLED" -eq 1 ]; do
[ -f "$LOCK_FILE" ] && {
sleep 6s
continue
}
touch $LOCK_FILE
TCP_NODE=$(config_t_get auto_switch tcp_node nil)
[ -n "$TCP_NODE" -a "$TCP_NODE" != "nil" ] && {
TCP_NODE=$(echo $TCP_NODE | tr -s ' ' '\n' | uniq | tr -s '\n' ' ')
test_auto_switch TCP "$TCP_NODE"
}
rm -f $LOCK_FILE
sleep ${delay}m
done
}
arg1=$1
shift
case $arg1 in
test_url)
test_url $@
;;
url_test_node)
url_test_node $@
;;
*)
start
;;
esac

11
luci-app-passwall/root/usr/share/rpcd/acl.d/luci-app-passwall.json Normal file
View File

@ -0,0 +1,11 @@
{
"luci-app-passwall": {
"description": "Grant UCI access for luci-app-passwall",
"read": {
"uci": [ "passwall", "passwall_server" ]
},
"write": {
"uci": [ "passwall", "passwall_server" ]
}
}
}

99
luci-app-passwall/root/www/luci-static/passwall/flags/ad.svg Normal file
View File

@ -0,0 +1,99 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#41479B;" d="M36.364,423.7h134.302V88.303H38.345C17.167,88.303,0,105.47,0,126.648v258.759 C0,405.919,16.108,422.67,36.364,423.7z"/>
<rect x="170.67" y="88.3" style="fill:#FFE15A;" width="170.67" height="335.39"/>
<path style="fill:#FF4B55;" d="M475.636,423.7C495.892,422.67,512,405.919,512,385.406V126.648 c0-21.177-17.167-38.345-38.345-38.345H341.334V423.7H475.636L475.636,423.7z"/>
<path style="fill:#DCBE82;" d="M316.023,284.667c0-2.562-2.077-4.64-4.64-4.64c-0.556,0-1.082,0.114-1.577,0.294 c-2.296-2.042-6.457-7.11-2.282-14.264c0.564,0.439,1.265,0.711,2.035,0.711c1.841,0,3.332-1.492,3.332-3.332 c0-1.454-0.937-2.678-2.236-3.133c3.431-1.75,8.324-5.465,8.072-12.412c-0.359-9.852-8.429-15.29-13.38-13.116 c0.018-0.138,0.042-0.274,0.042-0.416c0-1.815-1.471-3.286-3.286-3.286c-1.116,0-2.098,0.559-2.691,1.409 c-0.202-0.985-0.178-2.814,2.112-4.791c4.253-3.673,9.086-12.469,0.29-18.655c-4.871-3.425-14.182-5.066-17.301-0.386 c-1.353,2.029-0.268,4.945,1.277,5.6c-2.489,1.388-7.211,3.471-10.942,1.843c-5.316-2.319-2.246-6.926-1.063-8.989 c2.078-3.625,0.774-9.569-6.186-9.569c-4.64,0-6.959,4.64-11.598,4.64c-4.639,0-6.959-4.64-11.598-4.64 c-6.959,0-8.264,5.944-6.186,9.569c1.183,2.062,4.253,6.669-1.063,8.989c-3.731,1.629-8.452-0.455-10.942-1.843 c1.544-0.654,2.63-3.57,1.277-5.6c-3.119-4.679-12.43-3.039-17.301,0.386c-8.796,6.186-3.962,14.982,0.29,18.655 c2.29,1.977,2.314,3.807,2.112,4.791c-0.594-0.85-1.576-1.409-2.691-1.409c-1.815,0-3.286,1.471-3.286,3.286 c0,0.142,0.024,0.279,0.042,0.416c-4.951-2.175-13.022,3.264-13.38,13.116c-0.253,6.946,4.641,10.662,8.072,12.412 c-1.299,0.456-2.236,1.679-2.236,3.133c0,1.841,1.492,3.332,3.332,3.332c0.77,0,1.47-0.271,2.035-0.711 c4.175,7.155,0.015,12.222-2.282,14.264c-0.494-0.18-1.021-0.294-1.577-0.294c-2.562,0-4.64,2.077-4.64,4.64 c0,2.406,1.837,4.361,4.182,4.594c-3.198,3.285-6.067,10.525,0.168,18.749c6.814,8.989,23.052,8.264,30.881,8.554 c4.964,0.184,8.698,2.754,10.771,4.614c-1.325,0.817-2.217,2.269-2.217,3.94c0,2.343,1.743,4.26,4,4.575 c0.82,1.312,2.265,2.191,3.926,2.191c1.856,0,3.445-1.097,4.188-2.673c2.45,2.019,4.125,2.866,4.125,2.866s1.675-0.846,4.125-2.866 c0.742,1.575,2.332,2.673,4.188,2.673c1.661,0,3.106-0.879,3.926-2.191c2.257-0.314,4-2.232,4-4.575c0-1.672-0.892-3.124-2.217-3.94 c2.072-1.859,5.806-4.43,10.771-4.614c7.829-0.29,24.067,0.435,30.881-8.554c6.234-8.224,3.366-15.465,0.168-18.749 C314.186,289.027,316.023,287.073,316.023,284.667z"/>
<path style="fill:#D2AA73;" d="M214.246,225.079v67.273c0,7.687,6.231,13.919,13.919,13.919h18.558c6.959,0,9.279,4.64,9.279,4.64 s2.319-4.64,9.279-4.64h18.558c7.687,0,13.919-6.231,13.919-13.919v-67.273c0-1.281-1.038-2.319-2.319-2.319h-78.871 C215.284,222.758,214.246,223.798,214.246,225.079z"/>
<g>
<rect x="218.88" y="227.4" style="fill:#FF4B55;" width="34.796" height="34.796"/>
<path style="fill:#FF4B55;" d="M253.681,301.629L253.681,301.629c-19.218,0-34.796-15.578-34.796-34.796l0,0h34.796V301.629z"/>
</g>
<g>
<path style="fill:#FFE15A;" d="M258.321,301.629L258.321,301.629v-34.796h34.796l0,0 C293.116,286.051,277.537,301.629,258.321,301.629z"/>
<rect x="258.32" y="227.4" style="fill:#FFE15A;" width="4.971" height="34.796"/>
</g>
<rect x="263.29" y="227.4" style="fill:#FF4B55;" width="4.971" height="34.796"/>
<rect x="268.26" y="227.4" style="fill:#FFE15A;" width="4.971" height="34.796"/>
<rect x="273.24" y="227.4" style="fill:#FF4B55;" width="4.971" height="34.796"/>
<g>
<rect x="278.2" y="227.4" style="fill:#FFE15A;" width="4.971" height="34.796"/>
<rect x="288.14" y="227.4" style="fill:#FFE15A;" width="4.971" height="34.796"/>
</g>
<g>
<rect x="283.18" y="227.4" style="fill:#FF4B55;" width="4.971" height="34.796"/>
<rect x="230.48" y="266.84" style="fill:#FF4B55;" width="3.866" height="34.796"/>
</g>
<g>
<rect x="234.35" y="266.84" style="fill:#FFE15A;" width="3.866" height="34.796"/>
<rect x="242.09" y="266.84" style="fill:#FFE15A;" width="3.866" height="34.796"/>
</g>
<rect x="238.21" y="266.84" style="fill:#FF4B55;" width="3.866" height="34.796"/>
<rect x="249.81" y="266.84" style="fill:#FFE15A;" width="3.866" height="34.796"/>
<rect x="245.95" y="266.84" style="fill:#FF4B55;" width="3.866" height="34.796"/>
<path style="fill:#FFE15A;" d="M222.751,299.859v-33.026h-3.866v25.517C218.884,295.449,220.417,298.174,222.751,299.859z"/>
<path style="fill:#FF4B55;" d="M226.617,301.474v-34.641h-3.866v33.026C223.878,300.674,225.188,301.233,226.617,301.474z"/>
<path style="fill:#FFE15A;" d="M226.617,266.833v34.641c0.505,0.085,1.016,0.156,1.547,0.156h2.319v-34.796L226.617,266.833 L226.617,266.833z"/>
<g>
<path style="fill:#F5F5F5;" d="M224.071,260.218c-0.173,0-0.348-0.049-0.503-0.151c-2.281-1.509-2.414-3.082-2.29-3.884 c0.167-1.084,0.973-1.983,2.053-2.292c1.028-0.289,2.054,0.014,2.746,0.819c1.44,1.674,2.927,2.333,4.179,1.87 c0.991-0.367,1.582-1.344,1.582-2.074c0-0.505,0.408-0.914,0.914-0.914s0.914,0.408,0.914,0.914c0,1.598-1.166,3.191-2.774,3.787 c-1.175,0.434-3.538,0.702-6.2-2.391c-0.286-0.33-0.622-0.32-0.86-0.254c-0.324,0.093-0.683,0.381-0.749,0.812 c-0.097,0.63,0.447,1.388,1.492,2.081c0.422,0.278,0.536,0.846,0.258,1.267C224.658,260.073,224.367,260.218,224.071,260.218z"/>
<path style="fill:#F5F5F5;" d="M248.604,260.218c-0.296,0-0.587-0.145-0.762-0.408c-0.278-0.422-0.163-0.989,0.258-1.267 c1.045-0.693,1.589-1.451,1.492-2.081c-0.067-0.431-0.425-0.719-0.749-0.812c-0.238-0.066-0.575-0.077-0.86,0.254 c-2.662,3.095-5.026,2.827-6.2,2.391c-1.608-0.596-2.774-2.19-2.774-3.787c0-0.505,0.408-0.914,0.914-0.914 c0.505,0,0.914,0.408,0.914,0.914c0,0.73,0.591,1.706,1.582,2.074c1.252,0.465,2.74-0.196,4.179-1.87 c0.693-0.809,1.719-1.11,2.746-0.819c1.08,0.309,1.887,1.208,2.053,2.292c0.124,0.801-0.009,2.374-2.29,3.884 C248.952,260.168,248.777,260.218,248.604,260.218z"/>
</g>
<g>
<path style="fill:#FFE15A;" d="M223.567,261.304c-0.193,0-0.387-0.061-0.553-0.185c-0.402-0.307-0.479-0.879-0.174-1.281 l19.864-26.119c0.19-0.343,0.262-0.818,0.344-1.365c0.153-1.026,0.345-2.303,1.911-3.245c1.021-0.612,2.232-0.595,3.245,0.052 c1.118,0.714,1.777,2.044,1.641,3.309c-0.082,0.769-0.531,2.172-2.612,2.943c-0.476,0.177-1-0.067-1.174-0.538 c-0.175-0.473,0.066-1,0.538-1.174c0.607-0.225,1.348-0.655,1.43-1.425c0.063-0.584-0.269-1.229-0.808-1.575 c-0.301-0.193-0.774-0.358-1.319-0.025c-0.829,0.498-0.911,1.044-1.047,1.949c-0.096,0.641-0.205,1.367-0.633,2.106l-19.927,26.214 C224.117,261.178,223.843,261.304,223.567,261.304z"/>
<polygon style="fill:#FFE15A;" points="236.408,232.575 227.271,243.54 230.925,254.506 241.891,254.506 245.547,243.54 "/>
</g>
<path style="fill:#F5F5F5;" d="M236.408,231.148l-10.166,12.199l4.024,12.074h12.282l4.024-12.074L236.408,231.148z M228.298,243.736l7.197-8.636v18.493h-3.911L228.298,243.736z M241.233,253.593h-3.911V235.1l7.197,8.636L241.233,253.593z"/>
<path style="fill:#FF4B55;" d="M284.562,277.819l0.138-2.027c0,0,1.798-1.29,0.921-2.488c-0.875-1.198-1.889-1.429-4.009-1.152 c-2.12,0.277-5.438,0.231-6.866,0.322c-1.429,0.093-2.166,0.875-4.424,0.231l0.599-1.383c0,0-1.059,0.093-1.705,0.415 c-0.352,0.177-1.198-0.968-2.027-0.783c-0.826,0.183-1.659,1.889-2.95,2.765l0.691,1.383c0,0,0.783-0.369,1.383,0.046 c0.599,0.415,0.783,0.691,1.798,0.691l0.646,0.277c0,0-0.231,1.474,0.737,2.166c0,0-1.106,1.429-0.968,1.659 c0.138,0.231,1.059,1.982,1.429,2.995l0.83-1.567c0,0-1.245-1.106-1.014-1.245c0.231-0.138,1.059-0.322,0.921-0.691 c-0.138-0.369,0.646,0.046,1.521,0.184c0,0,0.046,1.383,0.231,1.567s0.461,0.921,0.415,1.705c-0.046,0.783-0.737,1.014-0.737,1.014 l1.245,0.369c0,0,0.322-0.461,0.553-0.415c0,0-0.093-3.825,0.415-4.424c0,0,2.995,0.599,4.377-0.138c0,0,0.177,0.223,0.522,0.435 c-0.138,0.321-0.255,0.641-0.203,0.735c0.116,0.209,0.486,0.185,0.578-0.046c0.035-0.087,0.089-0.266,0.143-0.451 c0.167,0.055,0.35,0.098,0.559,0.119c-0.02,0.291-0.022,0.559,0.045,0.621c0.174,0.161,0.519,0.024,0.535-0.225 c0.006-0.081,0.002-0.234-0.002-0.398c0.238-0.02,0.492-0.062,0.772-0.145l-1.567,2.581l-0.783,0.322l1.014,0.507l0.921-0.369 c0,0,0.875-2.212,2.304-2.857c0,0,0.968,2.304-0.231,3.549l1.059,0.599l0.507-1.059c0,0-0.184-2.073,0.507-3.41L284.562,277.819z"/>
<g>
<path style="fill:#4173CD;" d="M267.209,271.235c0,0-0.462-0.439-0.578-1.017s-0.255-0.833-0.764-0.994c0,0,0.323,0.37,0.278,0.948 c-0.046,0.578,0,1.365,0.323,1.619L267.209,271.235z"/>
<path style="fill:#4173CD;" d="M271.233,272.865c0,0-0.629,2.138-2.477,3.25l-0.646-0.277c0,0,1.973-1.686,2.212-3.134 L271.233,272.865z"/>
<path style="fill:#4173CD;" d="M268.087,271.743c-0.066-0.068,0.81-0.323,0.601-1.017c-0.209-0.694-0.209-1.203,0.209-1.526 c0,0,0.046,0.578,0.37,0.948c0.323,0.37,0.509,1.295-0.023,1.827C269.245,271.974,268.712,272.391,268.087,271.743z"/>
<path style="fill:#4173CD;" d="M268.188,278.049L268.188,278.049c-0.11-0.054-0.157-0.189-0.102-0.299l0.279-0.568 c0.163-0.333,0.055-0.747-0.266-0.932c-0.353-0.203-0.797-0.063-0.973,0.296l-0.29,0.59c-0.054,0.11-0.189,0.157-0.299,0.102 l-0.174,0.354c0,0,0.256,0.126,0.566,0.278l-0.007,0.013c-0.071,0.143-0.011,0.317,0.132,0.387 c0.143,0.071,0.317,0.011,0.387-0.132l0.007-0.013c0.31,0.152,0.566,0.278,0.566,0.278L268.188,278.049z"/>
<polygon style="fill:#4173CD;" points="270.424,281.944 271.117,282.083 270.539,283.864 269.954,282.935 "/>
<polygon style="fill:#4173CD;" points="272.12,283.902 271.697,284.65 273.362,284.65 273.365,284.271 "/>
<polygon style="fill:#4173CD;" points="280.322,283.35 280.322,283.794 278.433,283.794 279.347,282.881 "/>
<polygon style="fill:#4173CD;" points="283.318,283.672 282.385,284.605 284.349,284.605 284.377,284.271 "/>
</g>
<path style="fill:#FF4B55;" d="M284.562,292.258l0.138-2.027c0,0,1.798-1.29,0.921-2.488c-0.875-1.198-1.889-1.429-4.009-1.152 s-5.438,0.231-6.866,0.322c-1.429,0.093-2.166,0.875-4.424,0.231l0.599-1.383c0,0-1.059,0.093-1.705,0.415 c-0.352,0.177-1.198-0.968-2.027-0.783c-0.826,0.183-1.659,1.889-2.95,2.765l0.691,1.383c0,0,0.783-0.369,1.383,0.046 c0.599,0.415,0.783,0.691,1.798,0.691l0.646,0.277c0,0-0.231,1.474,0.737,2.166c0,0-1.106,1.429-0.968,1.658 c0.138,0.231,1.059,1.982,1.429,2.995l0.83-1.567c0,0-1.245-1.106-1.014-1.245s1.059-0.322,0.921-0.691s0.646,0.046,1.521,0.184 c0,0,0.046,1.383,0.231,1.567c0.184,0.184,0.461,0.921,0.415,1.705c-0.046,0.783-0.737,1.014-0.737,1.014l1.245,0.369 c0,0,0.322-0.461,0.553-0.415c0,0-0.093-3.825,0.415-4.424c0,0,2.995,0.599,4.377-0.138c0,0,0.177,0.223,0.522,0.435 c-0.138,0.321-0.255,0.641-0.203,0.735c0.116,0.209,0.486,0.185,0.578-0.046c0.035-0.087,0.089-0.266,0.143-0.451 c0.167,0.055,0.35,0.098,0.559,0.119c-0.02,0.291-0.022,0.559,0.045,0.621c0.174,0.161,0.519,0.024,0.535-0.225 c0.006-0.081,0.002-0.234-0.002-0.398c0.238-0.02,0.492-0.062,0.772-0.145l-1.567,2.581l-0.783,0.322l1.014,0.507l0.921-0.369 c0,0,0.875-2.212,2.304-2.857c0,0,0.968,2.304-0.231,3.549l1.059,0.599l0.507-1.059c0,0-0.184-2.073,0.507-3.41L284.562,292.258z"/>
<g>
<path style="fill:#4173CD;" d="M267.209,285.673c0,0-0.462-0.439-0.578-1.017s-0.255-0.833-0.764-0.994c0,0,0.323,0.37,0.278,0.948 c-0.046,0.578,0,1.365,0.323,1.619L267.209,285.673z"/>
<path style="fill:#4173CD;" d="M271.233,287.303c0,0-0.629,2.138-2.477,3.25l-0.646-0.277c0,0,1.973-1.686,2.212-3.134 L271.233,287.303z"/>
<path style="fill:#4173CD;" d="M268.087,286.182c-0.066-0.068,0.81-0.323,0.601-1.017c-0.209-0.694-0.209-1.203,0.209-1.527 c0,0,0.046,0.578,0.37,0.948s0.509,1.295-0.023,1.827C269.245,286.413,268.712,286.83,268.087,286.182z"/>
<path style="fill:#4173CD;" d="M268.188,292.487L268.188,292.487c-0.11-0.054-0.157-0.189-0.102-0.299l0.279-0.568 c0.163-0.333,0.055-0.747-0.266-0.932c-0.353-0.203-0.797-0.063-0.973,0.296l-0.29,0.59c-0.054,0.11-0.189,0.157-0.299,0.102 l-0.174,0.354c0,0,0.256,0.126,0.566,0.278l-0.007,0.013c-0.071,0.143-0.011,0.317,0.132,0.387 c0.143,0.071,0.317,0.011,0.387-0.132l0.007-0.013c0.31,0.152,0.566,0.278,0.566,0.278L268.188,292.487z"/>
<polygon style="fill:#4173CD;" points="270.424,296.382 271.117,296.521 270.539,298.302 269.954,297.373 "/>
<polygon style="fill:#4173CD;" points="272.12,298.341 271.697,299.089 273.362,299.089 273.365,298.71 "/>
<polygon style="fill:#4173CD;" points="280.322,297.788 280.322,298.233 278.433,298.233 279.347,297.319 "/>
<polygon style="fill:#4173CD;" points="283.318,298.11 282.385,299.044 284.349,299.044 284.377,298.71 "/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

38
luci-app-passwall/root/www/luci-static/passwall/flags/ae.svg Normal file
View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512.001 512.001" style="enable-background:new 0 0 512.001 512.001;" xml:space="preserve">
<path style="fill:#73AF00;" d="M473.655,88.276H158.897v111.816H512v-73.471C512,105.443,494.833,88.276,473.655,88.276z"/>
<path style="fill:#464655;" d="M158.897,423.724h314.759c21.177,0,38.345-17.167,38.345-38.345v-73.471H158.897V423.724z"/>
<rect x="158.9" y="200.09" style="fill:#F5F5F5;" width="353.1" height="111.81"/>
<path style="fill:#FF4B55;" d="M38.345,88.276C17.167,88.276,0,105.443,0,126.621V385.38c0,21.177,17.167,38.345,38.345,38.345 h120.552V88.276H38.345z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 985 B

68
luci-app-passwall/root/www/luci-static/passwall/flags/af.svg Normal file
View File

@ -0,0 +1,68 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#464655;" d="M38.345,423.721h132.322V88.273H38.345C17.167,88.273,0,105.44,0,126.618v258.759 C0,406.554,17.167,423.721,38.345,423.721z"/>
<rect x="170.67" y="88.277" style="fill:#FF4B55;" width="170.67" height="335.45"/>
<path style="fill:#73AF00;" d="M473.655,423.721c21.177,0,38.345-17.167,38.345-38.345V126.618 c0-21.177-17.167-38.345-38.345-38.345H341.334v335.448H473.655z"/>
<g>
<rect x="235.52" y="247.707" style="fill:#F5F5F5;" width="7.679" height="2.56"/>
<polygon style="fill:#F5F5F5;" points="279.038,273.303 232.962,273.303 235.522,268.185 276.478,268.185 "/>
<polygon style="fill:#F5F5F5;" points="279.038,232.348 232.962,232.348 235.522,237.468 276.478,237.468 "/>
<polygon style="fill:#F5F5F5;" points="268.799,234.908 243.201,234.908 248.321,229.788 263.68,229.788 "/>
<rect x="235.52" y="260.507" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="235.52" y="252.827" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="235.52" y="240.027" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="268.8" y="260.507" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="268.8" y="252.827" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="268.8" y="240.027" style="fill:#F5F5F5;" width="7.679" height="5.12"/>
<rect x="268.8" y="247.707" style="fill:#F5F5F5;" width="7.679" height="2.56"/>
<rect x="238.08" y="219.547" style="fill:#F5F5F5;" width="5.12" height="10.239"/>
<path style="fill:#F5F5F5;" d="M243.201,216.989h-5.12v-2.56c0-1.414,1.146-2.56,2.56-2.56l0,0c1.414,0,2.56,1.146,2.56,2.56 V216.989L243.201,216.989z"/>
<rect x="268.8" y="219.547" style="fill:#F5F5F5;" width="5.12" height="10.239"/>
<path style="fill:#F5F5F5;" d="M273.919,216.989h-5.12v-2.56c0-1.414,1.146-2.56,2.56-2.56l0,0c1.414,0,2.56,1.146,2.56,2.56 V216.989L273.919,216.989z"/>
<path style="fill:#F5F5F5;" d="M256,240.027L256,240.027c-5.655,0-10.239,4.584-10.239,10.239v15.359h20.478v-15.359 C266.239,244.612,261.655,240.027,256,240.027z"/>
<path style="fill:#F5F5F5;" d="M239.053,256.153l-13.937-16.259c0.09-0.263,0.167-0.533,0.167-0.826c0-1.414-1.146-2.56-2.56-2.56 s-2.56,1.146-2.56,2.56s1.146,2.56,2.56,2.56c0.154,0,0.288-0.062,0.434-0.087l1.442,1.683l-6.996,16.323l7.679,7.679l6.631-15.47 l5.197,6.063L239.053,256.153z M226.601,261.501l-6.127-6.127l2.764-6.451l6.127,6.127L226.601,261.501z"/>
<path style="fill:#F5F5F5;" d="M274.954,257.818l5.197-6.063l6.631,15.47l7.679-7.679l-6.996-16.323l1.442-1.683 c0.147,0.025,0.28,0.087,0.434,0.087c1.414,0,2.56-1.146,2.56-2.56s-1.146-2.56-2.56-2.56s-2.56,1.146-2.56,2.56 c0,0.294,0.076,0.564,0.167,0.826l-13.937,16.259L274.954,257.818z M282.699,255.05l6.127-6.127l2.764,6.451l-6.127,6.127 L282.699,255.05z"/>
<path style="fill:#F5F5F5;" d="M258.898,214.876c-0.804-0.237-1.522-0.676-1.976-1.38c-0.303-0.471-0.612-1.006-0.921-1.625 c-0.309,0.619-0.618,1.154-0.921,1.625c-0.455,0.705-1.172,1.144-1.976,1.38c-4.241,1.249-7.342,5.148-7.342,9.793 c0,0.889,0.149,1.737,0.362,2.56h19.754c0.213-0.823,0.362-1.671,0.362-2.56C266.239,220.023,263.138,216.125,258.898,214.876z"/>
<path style="fill:#F5F5F5;" d="M197.34,252.526c-0.13-1.591-0.214-3.194-0.214-4.819c0-3.288,0.298-6.522,0.826-9.695 c0.738,0.511,1.511,1.073,2.314,1.704c-0.375,2.625-0.582,5.291-0.582,7.991c0,1.892,0.097,3.763,0.28,5.608l5.411,1.625 c-0.338-2.37-0.572-4.772-0.572-7.233c0-1.224,0.073-2.433,0.17-3.638c2.826,3.134,5.056,6.92,5.056,11.104 c0,0.107,8.213-12.159-6.719-25.704l-0.107,5.759l-8.6-0.09c-0.775-0.008-1.457,0.542-1.592,1.305 c-0.654,3.679-1.006,7.441-1.006,11.264c0,1.087,0.029,2.167,0.082,3.241L197.34,252.526z"/>
<path style="fill:#F5F5F5;" d="M220.053,201.096c1.119-0.863,1.325-2.47,0.461-3.59c-0.866-1.12-2.472-1.322-3.591-0.46 c-11.585,8.947-19.535,21.239-22.978,35.008l5.276,0.068C202.541,219.936,209.726,209.072,220.053,201.096z"/>
<path style="fill:#F5F5F5;" d="M216.623,207.481c-5.567,5.452-9.781,11.869-12.648,18.839c1.583,1.301,2.88,2.615,3.957,3.922 c2.58-7.107,6.689-13.632,12.274-19.101c1.01-0.99,1.027-2.61,0.038-3.619C219.252,206.508,217.633,206.491,216.623,207.481z"/>
<path style="fill:#F5F5F5;" d="M207.727,281.267c-3.796-5.447-6.697-11.555-8.498-18.116l2.976,1.094 c1.859,5.987,4.68,11.555,8.292,16.516l5.65-1.034c-3.19-3.965-5.812-8.404-7.727-13.198l3.34,1.227 c1.906,4.185,4.346,8.033,7.255,11.447l5.879-1.077c-2.312-2.36-4.334-5.017-6.076-7.883l-3.406-6.812 c-1.052-2.104-2.925-3.68-5.178-4.355l-8.058-2.422l-1.863-0.559l-2.682-0.807l-5.335-1.603l-2.848-0.856l1.762,5.288 c0.387,1.161,1.17,2.13,2.188,2.766c1.629,7.735,4.65,14.962,8.8,21.4L207.727,281.267z"/>
<path style="fill:#F5F5F5;" d="M308.794,235.228l-0.107-5.759c-14.932,13.545-6.719,25.811-6.719,25.704 c0-4.184,2.23-7.97,5.056-11.104c0.097,1.205,0.17,2.415,0.17,3.638c0,2.462-0.234,4.864-0.572,7.233l5.411-1.625 c0.183-1.845,0.28-3.715,0.28-5.608c0-2.701-0.206-5.367-0.582-7.991c0.803-0.63,1.577-1.193,2.314-1.704 c0.529,3.172,0.826,6.408,0.826,9.695c0,1.624-0.084,3.228-0.214,4.819l5.251-1.578c0.054-1.074,0.082-2.154,0.082-3.241 c0-3.823-0.353-7.585-1.006-11.264c-0.136-0.764-0.818-1.313-1.592-1.305L308.794,235.228z"/>
<path style="fill:#F5F5F5;" d="M312.78,232.123l5.276-0.068c-3.444-13.769-11.393-26.061-22.978-35.008 c-1.119-0.863-2.724-0.66-3.591,0.46c-0.864,1.12-0.658,2.728,0.461,3.59C302.274,209.072,309.459,219.936,312.78,232.123z"/>
<path style="fill:#F5F5F5;" d="M308.025,226.32c-2.868-6.97-7.081-13.387-12.648-18.839c-1.01-0.99-2.628-0.972-3.619,0.04 c-0.99,1.01-0.972,2.63,0.038,3.619c5.585,5.469,9.694,11.993,12.274,19.101C305.145,228.935,306.442,227.62,308.025,226.32z"/>
<path style="fill:#F5F5F5;" d="M319.705,253.682l-5.335,1.603l-2.682,0.807l-1.863,0.559l-8.059,2.422 c-2.253,0.676-4.127,2.252-5.178,4.355l-3.406,6.812c-1.741,2.866-3.764,5.523-6.076,7.883l5.879,1.077 c2.909-3.414,5.35-7.261,7.255-11.447l3.34-1.227c-1.916,4.794-4.538,9.234-7.727,13.198l5.65,1.034 c3.614-4.962,6.433-10.529,8.292-16.516l2.976-1.094c-1.801,6.561-4.702,12.67-8.498,18.116l5.529,1.012 c4.15-6.439,7.17-13.665,8.8-21.4c1.018-0.637,1.801-1.606,2.188-2.766l1.762-5.288L319.705,253.682z"/>
<path style="fill:#F5F5F5;" d="M282.678,281.983l-0.132,0.117c-7.447,5.748-16.696,9.122-26.545,9.122 c-9.848,0-19.097-3.374-26.545-9.122l-0.132-0.117c-0.967-1.063-2.42-1.539-3.828-1.255l-25.81,5.375l5.727,5.02 c1.532,1.343,3.5,1.969,5.457,1.854c4.609,4.59,9.902,8.491,15.723,11.522l-1.677,3.095c9.247,5.028,19.838,7.887,31.084,7.887 c11.246,0,21.836-2.859,31.084-7.887l-1.677-3.095c5.821-3.031,11.114-6.933,15.723-11.522c1.958,0.115,3.926-0.512,5.458-1.854 l5.727-5.02l-25.81-5.375C285.098,280.444,283.644,280.919,282.678,281.983z M229.041,299.98c-4.64-2.414-8.888-5.463-12.711-8.97 l2.485-1.185c3.471,3.072,7.289,5.762,11.438,7.915L229.041,299.98z M295.67,291.01c-3.822,3.507-8.071,6.555-12.711,8.97 l-1.213-2.239c4.149-2.153,7.966-4.843,11.438-7.915L295.67,291.01z M256,298.901c-12.192,0-23.363-4.326-32.159-11.473 l2.554-1.218c8.305,6.397,18.625,10.131,29.603,10.131c10.978,0,21.299-3.734,29.603-10.131l2.554,1.218 C279.364,294.576,268.192,298.901,256,298.901z"/>
<path style="fill:#F5F5F5;" d="M227.912,278.355c1.099,0.93,2.239,1.81,3.427,2.628h49.322c1.188-0.819,2.328-1.698,3.427-2.628 l-2.49-2.49h-51.194L227.912,278.355z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 7.6 KiB

42
luci-app-passwall/root/www/luci-static/passwall/flags/ag.svg Normal file
View File

@ -0,0 +1,42 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#464655;" d="M473.651,88.256H38.292c-20.485,0-37.215,16.06-38.292,36.277v262.933 c1.077,20.215,17.807,36.277,38.292,36.277h435.359c21.18,0,38.349-17.169,38.349-38.349V126.605 C512,105.425,494.831,88.256,473.651,88.256z"/>
<polygon style="fill:#FFE15A;" points="256.029,105.913 267.224,164.401 299.95,114.649 287.911,172.97 337.184,139.529 303.744,188.803 362.064,176.764 312.312,209.49 370.8,220.685 312.312,231.88 362.064,264.606 303.744,252.567 337.184,301.84 287.911,268.399 299.95,326.719 267.224,276.968 256.029,335.456 244.834,276.968 212.108,326.719 224.148,268.399 174.873,301.84 208.315,252.567 149.994,264.606 199.745,231.88 141.257,220.685 199.745,209.49 149.994,176.764 208.315,188.803 174.873,139.529 224.148,172.97 212.108,114.649 244.834,164.401 "/>
<g>
<path style="fill:#FF4B55;" d="M9.737,101.014C4.08,107.322,0.48,115.512,0,124.533v262.933 c1.077,20.215,17.807,36.277,38.292,36.277h217.737L9.737,101.014z"/>
<path style="fill:#FF4B55;" d="M256.029,423.742h217.622c21.18,0,38.349-17.169,38.349-38.349V126.605 c0-9.802-3.683-18.741-9.732-25.52L256.029,423.742z"/>
</g>
<polygon style="fill:#4173CD;" points="154.965,291.313 357.093,291.313 410.993,220.685 101.064,220.685 "/>
<polygon style="fill:#F5F5F5;" points="154.965,291.313 256.029,423.742 357.093,291.313 "/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

51
luci-app-passwall/root/www/luci-static/passwall/flags/ai.svg Normal file
View File

@ -0,0 +1,51 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512.1 512.1" style="enable-background:new 0 0 512.1 512.1;" xml:space="preserve">
<path style="fill:#41479B;" d="M472.1,88.3H39.9c-22,0-39.9,17.8-39.9,39.9v255.7c0,22,17.8,39.9,39.9,39.9h432.3 c22,0,39.9-17.8,39.9-39.9V128.1C512,106.1,494.2,88.3,472.1,88.3z"/>
<path style="fill:#F5F5F5;" d="M8.8,256h15.3l81.8-53.6V256H150v-53.6l81.8,53.6h15.3c4.9,0,8.8-4,8.8-8.8v-7l-70.2-46H256v-44.1 h-70.2l70.2-46v-7c0-4.9-4-8.8-8.8-8.8h-15.3l-81.8,53.6V88.3H106v53.6L27.3,90.3c-9.2,3-16.8,9.3-21.7,17.5l64.6,42.3H0v44.1h70.2 L0,240.2v7C0,252,4,256,8.8,256z"/>
<g>
<polygon style="fill:#FF4B55;" points="256,158.9 141.2,158.9 141.2,88.3 114.8,88.3 114.8,158.9 0,158.9 0,185.4 114.8,185.4 114.8,256 141.2,256 141.2,185.4 256,185.4 "/>
<path style="fill:#FF4B55;" d="M8.7,103.2L80.8,150H97L15,96.8C12.8,98.7,10.6,100.9,8.7,103.2z"/>
<path style="fill:#FF4B55;" d="M166.3,150.1l88.4-57.4c-1.5-2.6-4.2-4.4-7.5-4.4h-1.9l-95.2,61.8H166.3z"/>
<path style="fill:#FF4B55;" d="M89.5,194.2L0,251.5c1.5,2.7,5.5,4.5,8.8,4.5h1.7l95.2-61.8H89.5z"/>
<path style="fill:#FF4B55;" d="M255.9,247.9l-82.7-53.7H157l93.9,60.9C253.7,253.8,255.6,251.1,255.9,247.9z"/>
</g>
<path style="fill:#F5F5F5;" d="M328.6,192.7c-1.2,15.8-6.1,116,57.5,138.7c63.6-22.7,58.7-122.9,57.5-138.7 c-7.7,3-35.6,12.2-57.5-3.4C364.2,204.8,336.3,195.7,328.6,192.7z"/>
<g>
<path style="fill:#FFA028;" d="M417.4,212.9c-3.5-2.7-9.9,2.3-17.2,1.8c-6.7-0.5-15-7.3-25.7-4.3c-3-2.7-1.5-9.1-1.5-9.1 c-7.5,4.8-8,11.4-7.5,15c-5.3,7-5,17.8-4,21c1.3,4.3,3.7,4.8,4.1,9.6c0.4,4.8,2.2,3.1,2.2,3.1c3.7-2.1,4.3-6,5.9-12.5 c6.1,0.8,10-4.7,10-4.7c-4,1.2-6.5-0.9-7.9-2.9c0.2-0.6,0.4-1.2,0.6-1.9c4.5-12.4,26.2-9,28.2-5.6c3.6,6.2,8.4,8.5,8.4,8.5 c0-6.5-4.8-12.1-4.8-12.1C415.5,217.5,417.4,212.9,417.4,212.9z M365.3,239.5c-0.7,0-1.3-0.6-1.3-1.3c0-0.7,0.6-1.3,1.3-1.3 c0.7,0,1.3,0.6,1.3,1.3C366.6,238.9,366.1,239.5,365.3,239.5z"/>
<path style="fill:#FFA028;" d="M396.1,292.2c4.2-1.3,3.7-9.5,8.3-15.2c4.2-5.3,14.5-8.2,18.2-18.7c3.9-0.9,8.4,3.9,8.4,3.9 c0.3-8.9-4.9-13.1-8.1-14.7c-2.8-8.4-11.8-14.2-15.1-15.2c-4.2-1.4-6.1,0.4-10.2-2s-3.8,0-3.8,0c-0.4,4.3,2.6,7,7,11.9 c-4.1,4.6-1.9,10.9-1.9,10.9c1.2-4,4.5-4.8,6.8-4.8c0.4,0.5,0.8,1,1.2,1.6c7.6,10.8-7.4,26.6-11.4,26.3c-7.2-0.5-11.8,2.1-11.8,2.1 c5.3,3.7,12.7,3,12.7,3C393.4,288,396.1,292.2,396.1,292.2z M403.7,234.3c0.4-0.6,1.2-0.7,1.8-0.3c0.6,0.4,0.7,1.2,0.3,1.8 c-0.4,0.6-1.2,0.7-1.8,0.3C403.5,235.7,403.3,234.9,403.7,234.3z"/>
<path style="fill:#FFA028;" d="M339.2,234.8c-0.6,4.4,7.1,7.4,10.3,13.9c3,6,1.3,16.6,9.3,24.4c-0.8,3.9-7,5.9-7,5.9 c7.9,4,13.9,1.1,16.7-1.1c8.8,1,17.8-4.8,20.1-7.3c3-3.3,2.2-5.7,6.1-8.4c3.9-2.8,1.6-3.5,1.6-3.5c-3.7-2.2-7.4-0.6-13.8,1.3 c-2.4-5.6-9.1-6.3-9.1-6.3c3.1,2.8,2.5,6.1,1.5,8.2c-0.7,0.1-1.3,0.3-2,0.4c-13,2.4-21-18-19.1-21.4c3.5-6.3,3.1-11.6,3.1-11.6 c-5.6,3.3-8,10.3-8,10.3C344.1,234.1,339.2,234.8,339.2,234.8z M388.5,266.1c0.4,0.6,0.2,1.4-0.5,1.8c-0.6,0.4-1.4,0.2-1.8-0.5 c-0.4-0.6-0.2-1.4,0.5-1.8C387.4,265.3,388.2,265.5,388.5,266.1z"/>
</g>
<path style="fill:#CDCE0C;" d="M386.1,334.7l-0.5-0.2c-71.6-24.9-60.1-143-59.9-144.2l0.2-2.1l2,0.9c0.3,0.2,33.6,14.9,57.3-2.9 l0.9-0.7l0.9,0.7c23.8,17.8,57,3.1,57.3,2.9l2-0.9l0.2,2.1c0.1,1.2,11.7,119.3-59.9,144.2L386.1,334.7z M328.6,192.7 c-1.2,15.8-6.1,116,57.5,138.7c63.6-22.7,58.7-122.9,57.5-138.7c-7.7,3-35.6,12.2-57.5-3.4C364.2,204.8,336.3,195.7,328.6,192.7z"/>
<path style="fill:#82AFFF;" d="M346.2,295.8c8.7,15.8,21.4,29,39.9,35.6c18.5-6.6,31.2-19.8,39.9-35.6H346.2z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.8 KiB

36
luci-app-passwall/root/www/luci-static/passwall/flags/al.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 7.1 KiB

37
luci-app-passwall/root/www/luci-static/passwall/flags/am.svg Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#FFB400;" d="M0,387.466c1.077,20.215,17.807,36.277,38.292,36.277h435.359c21.18,0,38.349-17.169,38.349-38.349 v-73.479H0V387.466z"/>
<path style="fill:#FF4B55;" d="M473.651,88.257H38.292c-20.485,0-37.215,16.062-38.292,36.277v75.552h512v-73.479 C512,105.427,494.831,88.257,473.651,88.257z"/>
<rect y="200.089" style="fill:#41479B;" width="512" height="111.83"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 874 B

43
luci-app-passwall/root/www/luci-static/passwall/flags/ao.svg Normal file
View File

@ -0,0 +1,43 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#FF4B55;" d="M512,126.621c0-21.177-17.167-38.345-38.345-38.345H38.345C17.167,88.276,0,105.443,0,126.621V256 h512V126.621z"/>
<path style="fill:#464655;" d="M38.345,423.724h435.31c21.177,0,38.345-17.167,38.345-38.345V256H0v129.379 C0,406.557,17.167,423.724,38.345,423.724z"/>
<g>
<path style="fill:#FFE15A;" d="M235.904,182.293l6.036,18.097l19.076,0.148c1.478,0.011,2.091,1.898,0.902,2.775l-15.346,11.332 l5.754,18.188c0.446,1.409-1.159,2.574-2.361,1.716l-15.52-11.093l-15.52,11.093c-1.203,0.86-2.807-0.307-2.361-1.716l5.754-18.188 l-15.346-11.332c-1.188-0.878-0.576-2.764,0.902-2.775l19.076-0.148l6.036-18.097C233.453,180.89,235.436,180.89,235.904,182.293z"/>
<path style="fill:#FFE15A;" d="M317.487,335.944c0,0-109.206-82.385-112.43-85.092c-4.983-4.185-8.828-11.586-9.012-20.598 c0,0-11.777,12.064-9.471,24.552c2.667,14.436,10.943,19.586,21.61,26.574c7.496,4.911,67.087,42.495,101.875,64.419 L317.487,335.944z"/>
<path style="fill:#FFE15A;" d="M350.162,360.092c-1.423-1.016-12.861-9.47-28.73-21.227l-5.759,10.472 c11.651,7.341,19.409,12.227,19.409,12.227s1.103,14.345,12.69,11.955C351.948,372.655,355.31,363.77,350.162,360.092z"/>
<path style="fill:#FFE15A;" d="M255.863,322.053c-8.256,2.905-17.097,4.567-26.346,4.567c-23.442,0-44.445-10.212-58.987-26.36 l-12.928,11.635c4.333,4.812,8.96,9.347,14.175,13.217l-2.574,4.459l19.112,11.034l2.53-4.383 c8.634,3.755,17.916,6.282,27.638,7.383v5.084h22.069v-5.084c9.722-1.101,19.004-3.628,27.638-7.383l2.53,4.383l7.595-4.385 C270.899,331.543,263.3,326.749,255.863,322.053z"/>
<path style="fill:#FFE15A;" d="M325.951,236.138c-1.101-9.722-3.628-19.004-7.383-27.637l4.383-2.53l-11.034-19.113l-4.459,2.574 c-5.708-7.691-12.509-14.492-20.201-20.2l2.574-4.459l-19.112-11.034l-2.53,4.383c-7.163-3.115-14.788-5.327-22.723-6.639 l-2.9,17.404c37.656,6.237,66.4,38.862,66.4,78.286c0,21.228-8.377,40.465-21.942,54.717c4.692,3.543,9.35,7.059,13.953,10.535 c2.23-2.442,4.504-4.847,6.482-7.511l4.459,2.574l11.034-19.112l-4.383-2.53c3.755-8.634,6.282-17.916,7.383-27.637h5.083V236.14 h-5.084L325.951,236.138L325.951,236.138z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.5 KiB

41
luci-app-passwall/root/www/luci-static/passwall/flags/ar.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

53
luci-app-passwall/root/www/luci-static/passwall/flags/as.svg Normal file
View File

@ -0,0 +1,53 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#41479B;" d="M473.655,423.724H38.345C17.167,423.724,0,406.557,0,385.379V126.621 c0-21.177,17.167-38.345,38.345-38.345h435.31c21.177,0,38.345,17.167,38.345,38.345V385.38 C512,406.557,494.833,423.724,473.655,423.724z"/>
<path style="fill:#FF4B55;" d="M507.384,403.634L56.713,256l450.671-147.634c-3.149-5.807-7.761-10.702-13.333-14.21L0,256 l494.051,161.844C499.624,414.336,504.234,409.441,507.384,403.634z"/>
<path style="fill:#F5F5F5;" d="M507.384,403.634c2.944-5.428,4.616-11.646,4.616-18.253V126.622c0-6.609-1.673-12.826-4.616-18.254 L56.713,256L507.384,403.634z"/>
<path style="fill:#FFF5DC;" d="M458.103,212.556c0,0,30.229,1.281,33.047-1.025c2.818-2.305,3.33-17.676-6.66-19.981 c-9.991-2.305-37.145,12.553-37.145,12.553L458.103,212.556z"/>
<g>
<path style="fill:#D27D69;" d="M398.926,236.381c0,0-0.342,0.854-0.512,4.611c-0.171,3.757,0.512,13.492,12.297,17.761 l-2.732,11.443l12.467,7.514c0,0,9.223-13.663,9.735-25.106C430.692,241.163,398.926,236.381,398.926,236.381z"/>
<path style="fill:#D27D69;" d="M361.525,228.695l4.867-4.867c0,0-9.964,6.079-13.748,0.598c-4.952-7.172,1.708-14.687,8.625-18.018 c6.916-3.33,20.75-0.768,20.75-0.768l8.71,22.287l-26.386,16.651L361.525,228.695z"/>
<path style="fill:#D27D69;" d="M443.245,186.17l23.569-2.818c0,0-6.916,9.991-20.494,17.42c0,0,14.09,0,18.188,4.867 c4.099,4.867-4.099,9.479-7.172,11.016c-3.074,1.537-29.716,17.932-29.716,17.932l-23.825-2.818L443.245,186.17z"/>
<path style="fill:#D27D69;" d="M460.75,168.067c0,0,5.123-11.955,4.952-20.323l-17.249,11.955c0,0,3.928-1.878,2.562-8.71 l-56.359,30.57l-11.443,20.323l34.84,10.76L460.75,168.067z"/>
</g>
<path style="fill:#FFE15A;" d="M418.268,261.229l-5.892,9.351c0,0-10.504-2.305-14.09,0.256c-3.586,2.562-3.97,12.169,2.305,12.937 c0,0,4.355,2.69,6.916,0.512c0,0,5.251,2.049,6.148-1.281c0.897-3.33-0.256-6.148-0.256-6.148h3.714l6.532-11.656L418.268,261.229z"/>
<path style="fill:#B95546;" d="M365.624,240.992c0,0,16.395-8.198,16.395-20.494c0-12.297-15.2-12.98-27.496-8.881 c0,0-7.343-5.806-1.195-11.614c8.428-7.96,45.087-24.593,45.087-24.593l-4.099,20.494c0,0,14.602,7.686,20.494,4.099 c4.951-3.014,53.284-40.988,53.284-40.988s-4.099,20.494-32.79,40.988l-3.04,15.201c-0.668,3.34-2.84,6.184-5.887,7.706 l-11.567,5.783c0,0,32.79,4.099,32.79,8.198c0,4.098-8.198,24.593-24.593,32.79l-8.197-8.198l4.099-12.297 c0,0-12.297-4.099-20.494-8.198c0,0-12.297,4.099-20.494,4.099C369.724,245.09,365.624,240.992,365.624,240.992z"/>
<path style="fill:#FFF5DC;" d="M341.032,261.486v-8.516c0-2.42,0.961-4.742,2.673-6.453l17.822-17.822l4.099,8.198h16.395 l-4.099,4.099v4.099l-20.494,12.297L341.032,261.486z"/>
<g>
<path style="fill:#FFE15A;" d="M349.229,257.387h-8.197c0,0-8.198,12.297,0,12.297c0,0,12.297-8.198,16.395-12.297 C357.427,257.387,357.427,253.288,349.229,257.387z"/>
<path style="fill:#FFE15A;" d="M449.21,275.569h-56.663c-0.467-0.503-1.12-0.828-1.86-0.828c0,0-9.926-4.114-11.337-4.114h-1.163 c-1.411,0-2.556,1.144-2.556,2.556v2.386h-12.953v-2.386c0-1.411-1.144-2.556-2.556-2.556h-1.163c-1.411,0-2.556,1.144-2.556,2.556 v0.043c-5.551-0.226-17.42-0.934-23.569-2.983l-32.79,8.198l32.79,8.198c6.147-2.049,18.016-2.758,23.569-2.984v0.043 c0,1.411,1.144,2.556,2.556,2.556h1.163c1.411,0,2.556-1.144,2.556-2.556v-2.386h12.953v2.386c0,1.411,1.144,2.556,2.556,2.556 h1.163c1.411,0,11.337-4.114,11.337-4.114c0.74,0,1.394-0.324,1.86-0.828h56.663c1.587,0,2.872-1.287,2.872-2.872 C452.083,276.855,450.797,275.569,449.21,275.569z"/>
<path style="fill:#FFE15A;" d="M446.746,286.591c-3.416-0.683-42.525,6.148-42.525,6.148s-2.391-2.391,4.781-9.052l-3.415-0.854 c0,0-7.514,5.294-10.589,5.977c-2.647,0.588-8.562,3.464-9.833,7.303l-23.812,3.969l0.512,2.049l23.357-2.738 c1.115,3.588,4.786,4.32,7.384,3.25c0,0,3.416,1.366,6.49-1.025c0,0,6.148,1.025,6.489-4.611l42.867-6.49 C448.454,290.519,450.162,287.274,446.746,286.591z"/>
<path style="fill:#FFE15A;" d="M422.495,315.454c0,0-3.245,4.269-11.272,0.512c-8.026-3.757-17.42,0.342-22.543-0.854 s-12.809-4.269-19.981-1.537c-7.172,2.732-11.101,2.562-9.564-0.854c1.537-3.415,2.391-5.977,0-7.172l2.732-3.416l-0.512-2.049 c0,0-13.663-5.294-22.884,2.049c-9.223,7.343-6.489,24.081,8.881,25.276c0,0,4.782,5.977,16.566,4.269 c0,0,7.686,5.294,20.835,2.903c0,0,0.512,1.537,9.052,0.854c8.54-0.683,18.103,0.342,16.395,6.148c0,0,6.319-1.195,2.562-7.003 c0,0,7.514-0.342,12.638,4.099c0,0,0.342-5.123-4.611-7.857c0,0,8.369-2.903,12.98,0c0,0-3.074-6.489-11.272-5.635 c0,0,5.977-4.782,8.71-3.586c0,0-2.562-3.074-10.077,0C421.129,321.601,425.911,318.698,422.495,315.454z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.9 KiB

39
luci-app-passwall/root/www/luci-static/passwall/flags/at.svg Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<g>
<path style="fill:#FF4B55;" d="M473.655,88.276H38.345C17.167,88.276,0,105.443,0,126.621v73.471h512v-73.471 C512,105.443,494.833,88.276,473.655,88.276z"/>
<path style="fill:#FF4B55;" d="M0,385.379c0,21.177,17.167,38.345,38.345,38.345h435.31c21.177,0,38.345-17.167,38.345-38.345 v-73.471H0V385.379z"/>
</g>
<rect y="200.09" style="fill:#F5F5F5;" width="512" height="111.81"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 878 B

51
luci-app-passwall/root/www/luci-static/passwall/flags/au.svg Normal file
View File

@ -0,0 +1,51 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#41479B;" d="M473.655,88.275H38.345C17.167,88.275,0,105.442,0,126.62V385.38 c0,21.177,17.167,38.345,38.345,38.345h435.31c21.177,0,38.345-17.167,38.345-38.345V126.62 C512,105.442,494.833,88.275,473.655,88.275z"/>
<path style="fill:#F5F5F5;" d="M8.828,255.999h15.334l81.77-53.574v53.574h44.138v-53.574l81.769,53.574h15.334 c4.875,0,8.828-3.953,8.828-8.828v-7.002l-70.155-45.963H256v-44.138h-70.155L256,104.105v-7.002c0-4.876-3.953-8.828-8.828-8.828 h-15.334l-81.77,53.574V88.275H105.93v53.574L26.844,90.033c-9.234,2.9-16.954,9.203-21.711,17.434l65.023,42.601H0v44.138h70.155 L0,240.169v7.002C0,252.046,3.951,255.999,8.828,255.999z"/>
<g>
<polygon style="fill:#FF4B55;" points="256,158.896 141.241,158.896 141.241,88.275 114.759,88.275 114.759,158.896 0,158.896 0,185.378 114.759,185.378 114.759,255.999 141.241,255.999 141.241,185.378 256,185.378 "/>
<path style="fill:#FF4B55;" d="M8.227,102.901l72.662,47.167h16.214l-82.496-53.55C12.238,98.388,10.097,100.531,8.227,102.901z"/>
<path style="fill:#FF4B55;" d="M166.283,150.068l88.374-57.366c-1.536-2.599-4.246-4.427-7.485-4.427h-1.91l-95.193,61.793H166.283 z"/>
<path style="fill:#FF4B55;" d="M89.474,194.206L1.269,251.462c1.521,2.662,4.273,4.537,7.559,4.537h1.665l95.196-61.793H89.474z"/>
<path style="fill:#FF4B55;" d="M255.86,247.865l-82.666-53.658H156.98l93.874,60.935 C253.666,253.837,255.595,251.102,255.86,247.865z"/>
</g>
<g>
<path style="fill:#F5F5F5;" d="M130.671,304.13l6.663,21.997l21.353-8.505c1.822-0.726,3.478,1.352,2.366,2.966l-13.044,18.924 l19.962,11.391c1.703,0.972,1.112,3.562-0.844,3.699l-22.929,1.601l3.541,22.709c0.302,1.938-2.092,3.091-3.418,1.646 l-15.548-16.928l-15.548,16.928c-1.326,1.444-3.72,0.291-3.418-1.646l3.541-22.709l-22.929-1.601 c-1.956-0.137-2.548-2.727-0.844-3.699l19.962-11.391l-13.044-18.924c-1.112-1.614,0.544-3.692,2.366-2.966l21.353,8.505 l6.663-21.997C127.446,302.253,130.103,302.253,130.671,304.13z"/>
<path style="fill:#F5F5F5;" d="M393.279,147.729l3.255,10.745l10.43-4.154c0.889-0.354,1.699,0.66,1.155,1.449l-6.371,9.245 l9.751,5.565c0.832,0.474,0.543,1.74-0.413,1.806l-11.2,0.782l1.729,11.093c0.148,0.947-1.022,1.51-1.67,0.804l-7.595-8.269 l-7.595,8.269c-0.648,0.705-1.817,0.142-1.67-0.804l1.729-11.093l-11.2-0.782c-0.956-0.067-1.245-1.332-0.413-1.806l9.751-5.565 l-6.371-9.245c-0.544-0.789,0.266-1.803,1.155-1.449l10.431,4.154l3.255-10.745C391.703,146.811,393.002,146.811,393.279,147.729z"/>
<path style="fill:#F5F5F5;" d="M320.702,230.204l3.255,10.745l10.431-4.154c0.889-0.354,1.699,0.66,1.155,1.449l-6.371,9.245 l9.751,5.565c0.832,0.474,0.543,1.74-0.413,1.806l-11.2,0.782l1.73,11.093c0.148,0.947-1.022,1.51-1.67,0.804l-7.595-8.269 l-7.595,8.269c-0.648,0.705-1.817,0.142-1.67-0.804l1.73-11.093l-11.2-0.782c-0.956-0.067-1.245-1.332-0.413-1.806l9.751-5.565 l-6.371-9.245c-0.544-0.789,0.266-1.803,1.155-1.449l10.431,4.154l3.255-10.745C319.126,229.287,320.424,229.287,320.702,230.204z"/>
<path style="fill:#F5F5F5;" d="M461.943,194.893l3.255,10.745l10.431-4.154c0.889-0.354,1.699,0.66,1.155,1.449l-6.371,9.245 l9.751,5.565c0.832,0.474,0.543,1.74-0.413,1.806l-11.2,0.782l1.73,11.093c0.148,0.947-1.022,1.51-1.67,0.804l-7.595-8.269 l-7.595,8.269c-0.648,0.705-1.817,0.142-1.669-0.804l1.73-11.093l-11.2-0.782c-0.956-0.067-1.245-1.332-0.413-1.806l9.751-5.565 l-6.371-9.245c-0.544-0.789,0.266-1.803,1.155-1.449l10.431,4.154l3.255-10.745C460.367,193.977,461.665,193.977,461.943,194.893z"/>
<path style="fill:#F5F5F5;" d="M393.279,336.135l3.255,10.745l10.43-4.155c0.889-0.354,1.699,0.66,1.155,1.449l-6.371,9.245 l9.751,5.565c0.832,0.474,0.543,1.74-0.413,1.806l-11.2,0.782l1.729,11.093c0.148,0.947-1.022,1.51-1.67,0.804l-7.595-8.269 l-7.595,8.269c-0.648,0.705-1.817,0.142-1.67-0.804l1.729-11.093l-11.2-0.782c-0.956-0.066-1.245-1.332-0.413-1.806l9.751-5.565 l-6.371-9.245c-0.544-0.789,0.266-1.803,1.155-1.449l10.431,4.155l3.255-10.745C391.703,335.219,393.002,335.219,393.279,336.135z"/>
<path style="fill:#F5F5F5;" d="M418.461,249.512l-2.613,7.836l-8.259,0.064c-1.069,0.009-1.513,1.373-0.652,2.008l6.644,4.907 l-2.492,7.875c-0.322,1.02,0.839,1.863,1.708,1.241l6.72-4.803l6.72,4.803c0.87,0.621,2.03-0.222,1.708-1.241l-2.492-7.875 l6.645-4.907c0.861-0.636,0.417-1.999-0.652-2.008l-8.259-0.064l-2.613-7.836C420.234,248.498,418.799,248.498,418.461,249.512z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.7 KiB

41
luci-app-passwall/root/www/luci-static/passwall/flags/aw.svg Normal file
View File

@ -0,0 +1,41 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 511.997 511.997" style="enable-background:new 0 0 511.997 511.997;" xml:space="preserve">
<path style="fill:#4173CD;" d="M473.601,423.703H38.34c-21.175,0-38.34-17.165-38.34-38.34V126.634 c0-21.175,17.165-38.34,38.34-38.34h435.261c21.175,0,38.34,17.165,38.34,38.34v258.729 C511.942,406.538,494.776,423.703,473.601,423.703z"/>
<g>
<rect x="0.057" y="317.789" style="fill:#FFE15A;" width="511.94" height="17.653"/>
<rect x="0.057" y="353.099" style="fill:#FFE15A;" width="511.94" height="17.653"/>
</g>
<polygon style="fill:#FF4B55;" points="65.282,175.949 32.438,164.734 65.282,153.519 76.498,120.678 87.713,153.519 120.557,164.734 87.713,175.949 76.498,208.791 "/>
<path style="fill:#F5F5F5;" d="M76.498,126.58l9.713,28.441l28.441,9.713l-28.441,9.713l-9.713,28.441l-9.713-28.441l-28.441-9.713 l28.441-9.713L76.498,126.58 M76.498,114.773l-3.611,10.573l-9.107,26.67l-26.67,9.107l-10.573,3.61l10.573,3.61l26.67,9.107 l9.107,26.67l3.611,10.573l3.611-10.573l9.107-26.67l26.67-9.107l10.573-3.61l-10.573-3.61l-26.67-9.107l-9.107-26.669 L76.498,114.773L76.498,114.773z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

37
luci-app-passwall/root/www/luci-static/passwall/flags/ax.svg Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#4173CD;" d="M473.654,423.724H38.345C17.167,423.724,0,406.556,0,385.379V126.621 c0-21.177,17.167-38.345,38.345-38.345h435.309c21.177,0,38.345,17.167,38.345,38.345v258.758 C511.999,406.556,494.831,423.724,473.654,423.724z"/>
<polygon style="fill:#FFE15A;" points="512,211.862 229.517,211.862 229.517,88.276 141.241,88.276 141.241,211.862 0,211.862 0,300.138 141.241,300.138 141.241,423.724 229.517,423.724 229.517,300.138 512,300.138 "/>
<polygon style="fill:#FF4B55;" points="512,238.345 203.034,238.345 203.034,88.276 167.724,88.276 167.724,238.345 0,238.345 0,273.655 167.724,273.655 167.724,423.724 203.034,423.724 203.034,273.655 512,273.655 "/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

41
luci-app-passwall/root/www/luci-static/passwall/flags/az.svg Normal file
View File

@ -0,0 +1,41 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#73AF00;" d="M0,387.466c1.077,20.215,17.807,36.277,38.292,36.277h435.359c21.18,0,38.349-17.169,38.349-38.349 v-73.479H0V387.466z"/>
<path style="fill:#82AFFF;" d="M473.651,88.257H38.292c-20.485,0-37.215,16.062-38.292,36.277v75.552h512v-73.479 C512,105.427,494.831,88.257,473.651,88.257z"/>
<rect y="200.089" style="fill:#FF4B55;" width="512" height="111.83"/>
<g>
<path style="fill:#F5F5F5;" d="M268.071,292.611c-19.812,0-35.885-16.072-35.885-35.903c0-19.795,16.072-35.903,35.885-35.903 c7.372,0,14.17,2.267,19.835,6.104c0.867,0.588,1.857-0.553,1.131-1.308c-8.467-8.802-20.45-14.173-33.736-13.72 c-22.826,0.779-41.723,19.08-43.182,41.873c-1.671,26.107,19.001,47.803,44.74,47.803c12.678,0,24.072-5.3,32.21-13.775 c0.718-0.748-0.274-1.872-1.132-1.289C282.265,290.341,275.456,292.611,268.071,292.611z"/>
<path style="fill:#F5F5F5;" d="M299.486,234.608l3.723,10.468l10.035-4.77c0.756-0.36,1.545,0.429,1.185,1.185l-4.771,10.035 l10.468,3.723c0.789,0.28,0.789,1.396,0,1.676l-10.468,3.723l4.771,10.035c0.36,0.756-0.429,1.545-1.185,1.185l-10.035-4.77 l-3.723,10.469c-0.28,0.789-1.396,0.789-1.676,0l-3.723-10.468l-10.035,4.77c-0.756,0.36-1.545-0.429-1.185-1.185l4.77-10.035 l-10.468-3.723c-0.789-0.28-0.789-1.396,0-1.676l10.468-3.723l-4.77-10.035c-0.36-0.756,0.429-1.545,1.185-1.185l10.035,4.77 l3.723-10.468C298.091,233.821,299.206,233.821,299.486,234.608z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

48
luci-app-passwall/root/www/luci-static/passwall/flags/ba.svg Normal file
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#41479B;" d="M473.655,423.724H38.345C17.167,423.724,0,406.557,0,385.379V126.621 c0-21.177,17.167-38.345,38.345-38.345h435.31c21.177,0,38.345,17.167,38.345,38.345V385.38 C512,406.557,494.833,423.724,473.655,423.724z"/>
<polygon style="fill:#FFE15A;" points="441.378,88.276 441.378,423.724 105.93,88.276 "/>
<g>
<path style="fill:#F5F5F5;" d="M207.351,213.176l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.17-1.991,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.724-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C205.286,211.994,206.957,211.994,207.351,213.176z"/>
<path style="fill:#F5F5F5;" d="M170.57,176.394l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.6,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.17-1.991,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.725-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C168.504,175.212,170.176,175.212,170.57,176.394z"/>
<path style="fill:#F5F5F5;" d="M133.789,139.613l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.17-1.991,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.725-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C131.722,138.431,133.394,138.431,133.789,139.613z"/>
<path style="fill:#F5F5F5;" d="M97.006,102.831l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.17-1.991,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.724-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C94.941,101.65,96.612,101.65,97.006,102.831z"/>
<path style="fill:#F5F5F5;" d="M354.478,360.302l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.171-1.99,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.724-2.366-0.258-1.99-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C352.413,359.121,354.084,359.121,354.478,360.302z"/>
<path style="fill:#F5F5F5;" d="M317.696,323.521l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.171-1.99,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.724-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C315.63,322.339,317.302,322.339,317.696,323.521z"/>
<path style="fill:#F5F5F5;" d="M280.915,286.74l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.171-1.99,1.446l-13.082-9.351l-13.082,9.351c-1.013,0.724-2.366-0.258-1.991-1.446l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C278.849,285.558,280.521,285.558,280.915,286.74z"/>
<path style="fill:#F5F5F5;" d="M244.134,249.958l5.088,15.254l16.079,0.125c1.246,0.01,1.762,1.599,0.76,2.339l-12.936,9.553 l4.851,15.331c0.376,1.187-0.977,2.17-1.991,1.445l-13.082-9.351l-13.082,9.351c-1.013,0.725-2.366-0.258-1.991-1.445l4.851-15.331 l-12.936-9.553c-1.002-0.74-0.486-2.329,0.76-2.339l16.079-0.125l5.088-15.254C242.068,248.776,243.738,248.776,244.134,249.958z"/>
<path style="fill:#F5F5F5;" d="M41.942,88.276l6.83,5.044l-4.851,15.331c-0.375,1.187,0.977,2.17,1.991,1.447l13.081-9.351 l13.082,9.351c1.013,0.724,2.366-0.258,1.99-1.447l-4.85-15.331l6.833-5.044H41.942z"/>
<path style="fill:#F5F5F5;" d="M412.427,412.463l-16.079-0.125l-5.087-15.254c-0.394-1.182-2.066-1.182-2.46,0l-5.087,15.254 l-16.079,0.125c-1.246,0.01-1.762,1.6-0.76,2.339l12.083,8.921h22.151l12.082-8.921 C414.189,414.062,413.673,412.472,412.427,412.463z"/>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.2 KiB

38
luci-app-passwall/root/www/luci-static/passwall/flags/bb.svg Normal file
View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#41479B;" d="M38.345,423.721h132.322V88.273H38.345C17.167,88.273,0,105.44,0,126.618v258.759 C0,406.554,17.167,423.721,38.345,423.721z"/>
<rect x="170.67" y="88.277" style="fill:#FFE15A;" width="170.67" height="335.45"/>
<path style="fill:#41479B;" d="M473.655,423.721c21.177,0,38.345-17.167,38.345-38.345V126.618 c0-21.177-17.167-38.345-38.345-38.345H341.334v335.448H473.655z"/>
<path style="fill:#464655;" d="M326.621,207.253c0,0-24.564,0-42.987,18.423h12.281c0,0-11.898,21.493-18.039,58.339l-12.665-2.068 v-56.455l12.281,4.021L256,176.549l-21.493,52.966l12.281-4.095v56.527l-12.665,2.068c-6.141-36.845-18.039-58.339-18.039-58.339 h12.281c-18.422-18.422-42.986-18.422-42.986-18.422c30.705,36.845,30.705,98.255,30.705,98.255l30.705-5.117v41.963h18.423v-41.963 l30.705,5.117C295.916,305.509,295.916,244.099,326.621,207.253z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

36
luci-app-passwall/root/www/luci-static/passwall/flags/bd.svg Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#73AF00;" d="M473.655,423.724H38.345C17.167,423.724,0,406.557,0,385.379V126.621 c0-21.177,17.167-38.345,38.345-38.345h435.31c21.177,0,38.345,17.167,38.345,38.345V385.38 C512,406.557,494.833,423.724,473.655,423.724z"/>
<circle style="fill:#FF4B55;" cx="220.69" cy="256" r="114.76"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 796 B

37
luci-app-passwall/root/www/luci-static/passwall/flags/be.svg Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 511.9 511.9" style="enable-background:new 0 0 511.9 511.9;" xml:space="preserve">
<path style="fill:#FFE15A;" d="M473.7,423.65H38.3c-21.1,0-38.3-17.1-38.3-38.3v-258.8c0-21.2,17.2-38.3,38.3-38.3h435.3 c21.2,0,38.3,17.2,38.3,38.3v258.8C512,406.55,494.8,423.65,473.7,423.65z"/>
<path style="fill:#464655;" d="M38.3,88.25c-21.1,0-38.3,17.1-38.3,38.3v258.8c0,21.2,17.2,38.3,38.3,38.3h132.3V88.25H38.3z"/>
<path style="fill:#FF4B55;" d="M473.7,88.25H341.3l0,0v335.4l0,0h132.3c21.2,0,38.3-17.2,38.3-38.3v-258.8 C512,105.35,494.8,88.25,473.7,88.25z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 966 B

37
luci-app-passwall/root/www/luci-static/passwall/flags/bf.svg Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#FF4B55;" d="M473.651,88.257H38.292c-20.485,0-37.215,16.061-38.292,36.277V256h512V126.606 C512,105.426,494.831,88.257,473.651,88.257z"/>
<path style="fill:#73AF00;" d="M0,387.466c1.077,20.215,17.807,36.277,38.292,36.277h435.359c21.18,0,38.349-17.169,38.349-38.349 V256H0V387.466z"/>
<path style="fill:#FFE15A;" d="M258.715,207.849l11.107,33.304l35.106,0.273c2.72,0.021,3.847,3.492,1.66,5.107l-28.242,20.855 l10.59,33.472c0.82,2.593-2.132,4.739-4.345,3.156l-28.563-20.414l-28.562,20.415c-2.213,1.581-5.166-0.564-4.345-3.156 l10.59-33.472l-28.242-20.855c-2.188-1.616-1.061-5.086,1.66-5.107l35.106-0.273l11.107-33.304 C254.204,205.269,257.854,205.269,258.715,207.849z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

37
luci-app-passwall/root/www/luci-static/passwall/flags/bg.svg Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#FF4B55;" d="M38.345,423.724h435.31c21.177,0,38.345-17.167,38.345-38.345v-73.471H0v73.471 C0,406.557,17.167,423.724,38.345,423.724z"/>
<path style="fill:#F5F5F5;" d="M512,126.621c0-21.177-17.167-38.345-38.345-38.345H38.345C17.167,88.276,0,105.443,0,126.621v73.471 h512V126.621z"/>
<rect y="200.09" style="fill:#73AF00;" width="512" height="111.81"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 864 B

36
luci-app-passwall/root/www/luci-static/passwall/flags/bh.svg Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">
<path style="fill:#F5F5F5;" d="M38.345,423.724h102.898l70.621-20.966l-70.621-20.966l70.621-20.966l-70.621-20.966l70.621-20.966 l-70.621-20.966l70.621-20.966L141.242,256l70.621-20.966l-70.621-20.966l70.621-20.966l-70.621-20.966l70.621-20.966 l-70.621-20.966l70.621-20.966l-70.621-20.966H38.345C17.167,88.276,0,105.443,0,126.621V385.38 C0,406.557,17.167,423.724,38.345,423.724z"/>
<path style="fill:#FF4B55;" d="M141.241,130.207l70.621,20.966l-70.621,20.966l70.621,20.966l-70.621,20.966l70.621,20.966 L141.241,256l70.621,20.966l-70.621,20.966l70.621,20.966l-70.621,20.966l70.621,20.966l-70.621,20.966l70.621,20.966 l-70.621,20.966h332.414c21.177,0,38.345-17.167,38.345-38.345V126.621c0-21.177-17.167-38.345-38.345-38.345H141.242l70.621,20.966 L141.241,130.207z"/>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
<g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

Some files were not shown because too many files have changed in this diff Show More