From 168e0019b354eeff14b974e872682d4fcc769343 Mon Sep 17 00:00:00 2001 From: "github-action[bot]" Date: Sat, 21 Dec 2024 19:32:06 +0100 Subject: [PATCH] Update On Sat Dec 21 19:32:05 CET 2024 --- .github/update.log | 1 + clash-nyanpasu/backend/Cargo.lock | 47 +- clash-nyanpasu/backend/tauri/Cargo.toml | 10 +- clash-nyanpasu/frontend/nyanpasu/package.json | 4 +- clash-nyanpasu/package.json | 2 +- clash-nyanpasu/pnpm-lock.yaml | 44 +- glider/.Dockerfile | 6 +- glider/.goreleaser.yml | 2 +- glider/config.go | 4 +- glider/go.mod | 16 +- glider/go.sum | 37 +- lede/target/linux/generic/config-6.1 | 5 + lede/target/linux/generic/config-6.12 | 73 +- lede/target/linux/generic/config-6.6 | 18 + .../luasrc/controller/passwall.lua | 32 +- .../luasrc/model/cbi/passwall/client/log.lua | 66 +- .../luasrc/view/passwall/global/faq.htm | 8 - .../view/passwall/log/backup_restore.htm | 130 ++ .../luci-app-passwall/po/zh-cn/passwall.po | 48 +- .../root/usr/share/passwall/app.sh | 11 +- .../usr/share/passwall/helper_dnsmasq.lua | 23 +- openwrt-passwall2/luci-app-passwall2/Makefile | 2 +- .../root/usr/share/passwall2/app.sh | 35 +- .../usr/share/passwall2/helper_dnsmasq.lua | 24 +- .../root/usr/share/passwall2/iptables.sh | 120 +- .../root/usr/share/passwall2/nftables.sh | 132 +- .../.github/workflows/build-and-test.yml | 3 + shadowsocks-rust/Cargo.lock | 10 +- sing-box/.github/workflows/build.yml | 57 +- sing-box/adapter/network.go | 1 + sing-box/clients/android/app/build.gradle | 10 +- sing-box/clients/android/version.properties | 4 +- .../apple/sing-box.xcodeproj/project.pbxproj | 24 +- .../cmd/internal/app_store_connect/main.go | 8 +- sing-box/docs/changelog.md | 2 +- sing-box/experimental/libbox/config.go | 4 + sing-box/experimental/libbox/platform.go | 8 + .../experimental/libbox/platform/interface.go | 1 + .../libbox/raw_network_android.go | 3 + .../experimental/libbox/raw_network_stub.go | 7 + sing-box/experimental/libbox/service.go | 7 + sing-box/route/network.go | 12 + .../luasrc/controller/passwall.lua | 32 +- .../model/cbi/passwall/client/global.lua | 8 +- .../luasrc/model/cbi/passwall/client/log.lua | 66 +- .../luasrc/view/passwall/global/faq.htm | 8 - .../view/passwall/log/backup_restore.htm | 130 ++ .../view/passwall/node_list/node_list.htm | 30 +- small/luci-app-passwall/po/zh-cn/passwall.po | 48 +- .../root/usr/share/passwall/app.sh | 11 +- .../usr/share/passwall/helper_dnsmasq.lua | 23 +- .../root/usr/share/passwall/iptables.sh | 8 +- .../root/usr/share/passwall/nftables.sh | 8 +- small/luci-app-passwall2/Makefile | 4 +- .../model/cbi/passwall2/client/global.lua | 8 +- .../view/passwall2/node_list/node_list.htm | 11 +- .../root/usr/share/passwall2/app.sh | 81 +- .../usr/share/passwall2/helper_dnsmasq.lua | 6 +- .../root/usr/share/passwall2/iptables.sh | 9 +- .../root/usr/share/passwall2/nftables.sh | 9 +- small/sing-box/Makefile | 4 +- small/v2ray-geodata/Makefile | 4 +- v2rayng/.github/workflows/build.yml | 103 +- v2rayng/V2rayNG/app/build.gradle.kts | 101 +- .../app/libs/arm64-v8a/libtun2socks.so | Bin 152232 -> 0 bytes .../app/libs/armeabi-v7a/libtun2socks.so | Bin 102532 -> 0 bytes v2rayng/V2rayNG/app/libs/x86/libtun2socks.so | Bin 154864 -> 0 bytes .../V2rayNG/app/libs/x86_64/libtun2socks.so | Bin 158960 -> 0 bytes .../src/main/assets/open_source_licenses.html | 1285 +++++++++++++++++ .../main/java/com/v2ray/ang/extension/_Ext.kt | 2 +- .../v2ray/ang/handler/V2rayConfigManager.kt | 2 +- .../com/v2ray/ang/plugin/PluginManager.kt | 2 +- .../v2ray/ang/service/V2RayServiceManager.kt | 8 +- .../java/com/v2ray/ang/ui/AboutActivity.kt | 8 +- .../java/com/v2ray/ang/ui/MainActivity.kt | 6 +- .../com/v2ray/ang/ui/MainRecyclerAdapter.kt | 2 +- .../com/v2ray/ang/ui/RoutingEditActivity.kt | 2 +- .../v2ray/ang/ui/RoutingSettingActivity.kt | 6 +- .../java/com/v2ray/ang/ui/ServerActivity.kt | 2 +- .../ang/ui/ServerCustomConfigActivity.kt | 2 +- .../java/com/v2ray/ang/ui/SubEditActivity.kt | 2 +- .../com/v2ray/ang/ui/UserAssetActivity.kt | 2 +- .../com/v2ray/ang/ui/UserAssetUrlActivity.kt | 2 +- v2rayng/V2rayNG/build.gradle.kts | 2 +- v2rayng/V2rayNG/gradle.properties | 2 +- v2rayng/V2rayNG/gradle/libs.versions.toml | 12 +- v2rayng/V2rayNG/settings.gradle.kts | 1 - 87 files changed, 2639 insertions(+), 484 deletions(-) create mode 100644 openwrt-passwall/luci-app-passwall/luasrc/view/passwall/log/backup_restore.htm create mode 100644 sing-box/experimental/libbox/raw_network_android.go create mode 100644 sing-box/experimental/libbox/raw_network_stub.go create mode 100644 small/luci-app-passwall/luasrc/view/passwall/log/backup_restore.htm delete mode 100644 v2rayng/V2rayNG/app/libs/arm64-v8a/libtun2socks.so delete mode 100644 v2rayng/V2rayNG/app/libs/armeabi-v7a/libtun2socks.so delete mode 100644 v2rayng/V2rayNG/app/libs/x86/libtun2socks.so delete mode 100644 v2rayng/V2rayNG/app/libs/x86_64/libtun2socks.so create mode 100644 v2rayng/V2rayNG/app/src/main/assets/open_source_licenses.html diff --git a/.github/update.log b/.github/update.log index 7db0ecf9d0..e23d8483ab 100644 --- a/.github/update.log +++ b/.github/update.log @@ -858,3 +858,4 @@ Update On Tue Dec 17 19:39:30 CET 2024 Update On Wed Dec 18 19:36:24 CET 2024 Update On Thu Dec 19 19:34:25 CET 2024 Update On Fri Dec 20 19:32:48 CET 2024 +Update On Sat Dec 21 19:31:56 CET 2024 diff --git a/clash-nyanpasu/backend/Cargo.lock b/clash-nyanpasu/backend/Cargo.lock index 67e6fad899..d9effea1e7 100644 --- a/clash-nyanpasu/backend/Cargo.lock +++ b/clash-nyanpasu/backend/Cargo.lock @@ -1666,7 +1666,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c" dependencies = [ "lazy_static", - "windows-sys 0.48.0", + "windows-sys 0.59.0", ] [[package]] @@ -4702,7 +4702,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" dependencies = [ "cfg-if", - "windows-targets 0.48.5", + "windows-targets 0.52.6", ] [[package]] @@ -5936,19 +5936,20 @@ dependencies = [ [[package]] name = "oxc_allocator" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "129dbe2e90c53fc6bba5d8fed442afaba6ae82efa158b194834a34068cd7f2c9" +checksum = "976149f05de0a4b51ac5b10a408db597e6c95268e29ef0f09204475ca0c42830" dependencies = [ "allocator-api2", "bumpalo", + "simdutf8", ] [[package]] name = "oxc_ast" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "621f3fa2668c640c96cde64c51f5de7f583137c9e7dafcafc699d510975403d7" +checksum = "ecee7578bc2eba24c1f30ca3e2eaa496e5448e0c08f4b53d84148040e48cf037" dependencies = [ "bitflags 2.6.0", "cow-utils", @@ -5964,9 +5965,9 @@ dependencies = [ [[package]] name = "oxc_ast_macros" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "033622153c0d50ee87c9bdbb8010416cb0ecbc8c673bd2bfda31de8fa2d8a1e3" +checksum = "a67bbb9e762397c69e1b21bea50225145fd5dc391f05c65fb8f57c227b5fd799" dependencies = [ "proc-macro2", "quote", @@ -5975,9 +5976,9 @@ dependencies = [ [[package]] name = "oxc_diagnostics" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bab5a0abb4d0fcd900f125f13890d5c4ddb5b4a99a5b4d9fb419385c9448453d" +checksum = "72057eef849a7ef203f8d06c434b46758c3eb68f0e7687bade236370c4b6aacf" dependencies = [ "oxc-miette", "rustc-hash 2.1.0", @@ -5985,9 +5986,9 @@ dependencies = [ [[package]] name = "oxc_ecmascript" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e07b49fdd327cc3da2b80b60ea399aec2232b170d8b9ed6cb048c4eb27ea8e71" +checksum = "859aa965b338b4758d609e524b53a29bed3071a252994fc8d41b08c17a1a32bc" dependencies = [ "num-bigint", "num-traits", @@ -5998,9 +5999,9 @@ dependencies = [ [[package]] name = "oxc_estree" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c333d3664b489ff8016b34ca3e99f09ed61b0af7dce1970906d2102452c40ccb" +checksum = "57fc3b874dd6c2bf1399bee70464023d482c4d9b92d9b6596fbf5401f1aae6a6" [[package]] name = "oxc_index" @@ -6010,9 +6011,9 @@ checksum = "5eca5d9726cd0a6e433debe003b7bc88b2ecad0bb6109f0cef7c55e692139a34" [[package]] name = "oxc_parser" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd7f5468e1af367f51119631d934ab425901ab6edaedf9907dd7d929f9739431" +checksum = "42b9ffdf1fd1fac4e96315b3d200093223507038fcd22ff4ef6d21f3674640a7" dependencies = [ "assert-unchecked", "bitflags 2.6.0", @@ -6033,9 +6034,9 @@ dependencies = [ [[package]] name = "oxc_regular_expression" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "560153d371d20b23a6e97bee0766f77d5d8ae2f66a280cf273dfe3031925a7c5" +checksum = "63084df3c8432e87f5e241f3dd4a45e2f009dcfd08db4131c89ca88280fa5aeb" dependencies = [ "oxc_allocator", "oxc_ast_macros", @@ -6049,9 +6050,9 @@ dependencies = [ [[package]] name = "oxc_span" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ff5ad82ecf54bd33c27b2ad7279f6e5ffaf2f86544e31394b3a56ce0eb14179" +checksum = "ad2094100a1f1d4cac1d7ac22e95b13f18643e1381447fd354df45c3dbc62ccb" dependencies = [ "compact_str", "oxc-miette", @@ -6062,9 +6063,9 @@ dependencies = [ [[package]] name = "oxc_syntax" -version = "0.41.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2f32b5c30e2637c2533f133e0c0500e1531a3b991b9876d0bcc7ae1d31f0898" +checksum = "6c293839b37b16105210bc76b13417e4239f49670de91d41d70a3e69f41f6f7b" dependencies = [ "assert-unchecked", "bitflags 2.6.0", @@ -10445,7 +10446,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.48.0", + "windows-sys 0.59.0", ] [[package]] diff --git a/clash-nyanpasu/backend/tauri/Cargo.toml b/clash-nyanpasu/backend/tauri/Cargo.toml index c14529b63d..eecce776a8 100644 --- a/clash-nyanpasu/backend/tauri/Cargo.toml +++ b/clash-nyanpasu/backend/tauri/Cargo.toml @@ -149,11 +149,11 @@ display-info = "0.5.0" # should be removed after upgrading to tauri v2 # OXC (The Oxidation Compiler) # We use it to parse and transpile the old script profile to esm based script profile -oxc_parser = "0.41" -oxc_allocator = "0.41" -oxc_span = "0.41" -oxc_ast = "0.41" -oxc_syntax = "0.41" +oxc_parser = "0.43" +oxc_allocator = "0.43" +oxc_span = "0.43" +oxc_ast = "0.43" +oxc_syntax = "0.43" # Lua Integration mlua = { version = "0.10", features = [ diff --git a/clash-nyanpasu/frontend/nyanpasu/package.json b/clash-nyanpasu/frontend/nyanpasu/package.json index e436cba922..32bd0f9e11 100644 --- a/clash-nyanpasu/frontend/nyanpasu/package.json +++ b/clash-nyanpasu/frontend/nyanpasu/package.json @@ -29,7 +29,7 @@ "country-code-emoji": "2.3.0", "dayjs": "1.11.13", "framer-motion": "12.0.0-alpha.2", - "i18next": "24.1.2", + "i18next": "24.2.0", "jotai": "2.10.4", "json-schema": "0.4.0", "material-react-table": "3.0.3", @@ -52,7 +52,7 @@ "@csstools/normalize.css": "12.1.1", "@emotion/babel-plugin": "11.13.5", "@emotion/react": "11.14.0", - "@iconify/json": "2.2.286", + "@iconify/json": "2.2.287", "@monaco-editor/react": "4.6.0", "@tanstack/react-router": "1.89.2", "@tanstack/router-devtools": "1.89.2", diff --git a/clash-nyanpasu/package.json b/clash-nyanpasu/package.json index 87b4c23b0e..d6ca932408 100644 --- a/clash-nyanpasu/package.json +++ b/clash-nyanpasu/package.json @@ -87,7 +87,7 @@ "knip": "5.41.1", "lint-staged": "15.2.11", "neostandard": "0.12.0", - "npm-run-all2": "7.0.1", + "npm-run-all2": "7.0.2", "postcss": "8.4.49", "postcss-html": "1.7.0", "postcss-import": "16.1.0", diff --git a/clash-nyanpasu/pnpm-lock.yaml b/clash-nyanpasu/pnpm-lock.yaml index 24dfdc0022..933eac0ec6 100644 --- a/clash-nyanpasu/pnpm-lock.yaml +++ b/clash-nyanpasu/pnpm-lock.yaml @@ -109,8 +109,8 @@ importers: specifier: 0.12.0 version: 0.12.0(eslint-plugin-import@2.31.0(@typescript-eslint/parser@8.18.1(eslint@9.17.0(jiti@2.4.1))(typescript@5.7.2))(eslint@9.17.0(jiti@2.4.1)))(eslint@9.17.0(jiti@2.4.1))(typescript@5.7.2) npm-run-all2: - specifier: 7.0.1 - version: 7.0.1 + specifier: 7.0.2 + version: 7.0.2 postcss: specifier: 8.4.49 version: 8.4.49 @@ -251,8 +251,8 @@ importers: specifier: 12.0.0-alpha.2 version: 12.0.0-alpha.2(@emotion/is-prop-valid@1.3.0)(react-dom@19.0.0(react@19.0.0))(react@19.0.0) i18next: - specifier: 24.1.2 - version: 24.1.2(typescript@5.7.2) + specifier: 24.2.0 + version: 24.2.0(typescript@5.7.2) jotai: specifier: 2.10.4 version: 2.10.4(@types/react@19.0.2)(react@19.0.0) @@ -285,7 +285,7 @@ importers: version: 7.4.1(vsxmc45kw5ykhcshxfgehxm6sy) react-i18next: specifier: 15.2.0 - version: 15.2.0(i18next@24.1.2(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0) + version: 15.2.0(i18next@24.2.0(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0) react-markdown: specifier: 9.0.1 version: 9.0.1(@types/react@19.0.2)(react@19.0.0) @@ -315,8 +315,8 @@ importers: specifier: 11.14.0 version: 11.14.0(@types/react@19.0.2)(react@19.0.0) '@iconify/json': - specifier: 2.2.286 - version: 2.2.286 + specifier: 2.2.287 + version: 2.2.287 '@monaco-editor/react': specifier: 4.6.0 version: 4.6.0(monaco-editor@0.52.2)(react-dom@19.0.0(react@19.0.0))(react@19.0.0) @@ -478,7 +478,7 @@ importers: version: 4.1.2(react@19.0.0) react-i18next: specifier: 15.2.0 - version: 15.2.0(i18next@24.1.2(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0) + version: 15.2.0(i18next@24.2.0(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0) react-use: specifier: 17.6.0 version: 17.6.0(react-dom@19.0.0(react@19.0.0))(react@19.0.0) @@ -1743,8 +1743,8 @@ packages: '@vue/compiler-sfc': optional: true - '@iconify/json@2.2.286': - resolution: {integrity: sha512-tVl/fYvCyU5flYl4zfuJgig+ZEnpG3DJdTTTIjsiPu7xsk4s0gT1BktWvcFGr2B4UUiTRdb+XHWzW8Eu9WwhKQ==} + '@iconify/json@2.2.287': + resolution: {integrity: sha512-JMph4En1aR9acnmlIl0c8ZAQy47G7pmHw/AWpTWAKAzqlOVubCxjWI9b1KzDr/BxF/f3BjXtnFBDz5eKWg9FSA==} '@iconify/types@2.0.0': resolution: {integrity: sha512-+wluvCrRhXrhyOmRDJ3q8mux9JkKy5SJ/v8ol2tu4FVjyYvtEzkc/3pK15ET6RKg4b4w4BmTk1+gsCUhf21Ykg==} @@ -4898,8 +4898,8 @@ packages: hyphenate-style-name@1.1.0: resolution: {integrity: sha512-WDC/ui2VVRrz3jOVi+XtjqkDjiVjTtFaAGiW37k6b+ohyQ5wYDOGkvCZa8+H0nx3gyvv0+BST9xuOgIyGQ00gw==} - i18next@24.1.2: - resolution: {integrity: sha512-th/075GW0Ub1gYDMHLiZXMGSfGv1aP1VqjT3fma/12hNHCNlH8oJMftvlDzycT/R+KoULWk+xLU8H1JRwV85qw==} + i18next@24.2.0: + resolution: {integrity: sha512-ArJJTS1lV6lgKH7yEf4EpgNZ7+THl7bsGxxougPYiXRTJ/Fe1j08/TBpV9QsXCIYVfdE/HWG/xLezJ5DOlfBOA==} peerDependencies: typescript: ^5 peerDependenciesMeta: @@ -5858,8 +5858,8 @@ packages: resolution: {integrity: sha512-TZKxPvItzai9kN9H/TkmCtx/ZN/hvr3vUycjlfmH0ootY9yFBzNOpiXAdIn1Iteqsvk4lQn6B5PTrt+n6h8k/w==} engines: {node: ^18.17.0 || >=20.5.0} - npm-run-all2@7.0.1: - resolution: {integrity: sha512-Adbv+bJQ8UTAM03rRODqrO5cx0YU5KCG2CvHtSURiadvdTjjgGJXdbc1oQ9CXBh9dnGfHSoSB1Web/0Dzp6kOQ==} + npm-run-all2@7.0.2: + resolution: {integrity: sha512-7tXR+r9hzRNOPNTvXegM+QzCuMjzUIIq66VDunL6j60O4RrExx32XUhlrS7UK4VcdGw5/Wxzb3kfNcFix9JKDA==} engines: {node: ^18.17.0 || >=20.5.0, npm: '>= 9'} hasBin: true @@ -9151,7 +9151,7 @@ snapshots: transitivePeerDependencies: - supports-color - '@iconify/json@2.2.286': + '@iconify/json@2.2.287': dependencies: '@iconify/types': 2.0.0 pathe: 1.1.2 @@ -12216,7 +12216,7 @@ snapshots: execa@5.1.1: dependencies: - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 get-stream: 6.0.1 human-signals: 2.1.0 is-stream: 2.0.1 @@ -12228,7 +12228,7 @@ snapshots: execa@8.0.1: dependencies: - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 get-stream: 8.0.1 human-signals: 5.0.0 is-stream: 3.0.0 @@ -12680,7 +12680,7 @@ snapshots: hyphenate-style-name@1.1.0: {} - i18next@24.1.2(typescript@5.7.2): + i18next@24.2.0(typescript@5.7.2): dependencies: '@babel/runtime': 7.26.0 optionalDependencies: @@ -13690,10 +13690,10 @@ snapshots: npm-normalize-package-bin@4.0.0: {} - npm-run-all2@7.0.1: + npm-run-all2@7.0.2: dependencies: ansi-styles: 6.2.1 - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 memorystream: 0.3.1 minimatch: 9.0.5 pidtree: 0.6.0 @@ -14210,11 +14210,11 @@ snapshots: dependencies: react: 19.0.0 - react-i18next@15.2.0(i18next@24.1.2(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0): + react-i18next@15.2.0(i18next@24.2.0(typescript@5.7.2))(react-dom@19.0.0(react@19.0.0))(react@19.0.0): dependencies: '@babel/runtime': 7.26.0 html-parse-stringify: 3.0.1 - i18next: 24.1.2(typescript@5.7.2) + i18next: 24.2.0(typescript@5.7.2) react: 19.0.0 optionalDependencies: react-dom: 19.0.0(react@19.0.0) diff --git a/glider/.Dockerfile b/glider/.Dockerfile index 84d0912744..3cc6d68e71 100644 --- a/glider/.Dockerfile +++ b/glider/.Dockerfile @@ -7,7 +7,7 @@ RUN apk add --no-cache ca-certificates ARG TARGETPLATFORM RUN case $TARGETPLATFORM in \ 'linux/386') \ - export FOLDER='default_linux_386'; \ + export FOLDER='default_linux_386_sse2'; \ ;; \ 'linux/amd64') \ export FOLDER='default_linux_amd64_v1'; \ @@ -19,10 +19,10 @@ RUN case $TARGETPLATFORM in \ export FOLDER='default_linux_arm_7'; \ ;; \ 'linux/arm64') \ - export FOLDER='default_linux_arm64'; \ + export FOLDER='default_linux_arm64_v8.0'; \ ;; \ 'linux/riscv64') \ - export FOLDER='default_linux_riscv64'; \ + export FOLDER='default_linux_riscv64_rva20u64'; \ ;; \ *) echo >&2 "error: unsupported architecture '$TARGETPLATFORM'"; exit 1 ;; \ esac \ diff --git a/glider/.goreleaser.yml b/glider/.goreleaser.yml index ff7fb1b0cc..9ba10bcbd9 100644 --- a/glider/.goreleaser.yml +++ b/glider/.goreleaser.yml @@ -49,7 +49,7 @@ archives: - systemd/* snapshot: - name_template: '{{ incpatch .Version }}-dev-{{.ShortCommit}}' + version_template: '{{ incpatch .Version }}-dev-{{.ShortCommit}}' checksum: name_template: "{{ .ProjectName }}_{{ .Version }}_checksums.txt" diff --git a/glider/config.go b/glider/config.go index 275bacc8c7..bf816b846a 100644 --- a/glider/config.go +++ b/glider/config.go @@ -99,12 +99,12 @@ check=disable: disable health check`) } if *scheme != "" { - fmt.Fprintf(flag.Output(), proxy.Usage(*scheme)) + fmt.Fprint(flag.Output(), proxy.Usage(*scheme)) os.Exit(0) } if *example { - fmt.Fprintf(flag.Output(), examples) + fmt.Fprint(flag.Output(), examples) os.Exit(0) } diff --git a/glider/go.mod b/glider/go.mod index 51fe5559ea..8130a46613 100644 --- a/glider/go.mod +++ b/glider/go.mod @@ -7,23 +7,23 @@ require ( github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d github.com/dgryski/go-idea v0.0.0-20170306091226-d2fb45a411fb github.com/dgryski/go-rc2 v0.0.0-20150621095337-8a9021637152 - github.com/insomniacslk/dhcp v0.0.0-20240812123929-b105c29bd1b5 + github.com/insomniacslk/dhcp v0.0.0-20241219180459-a662cc47d412 github.com/nadoo/conflag v0.3.1 github.com/nadoo/ipset v0.5.0 - github.com/xtaci/kcp-go/v5 v5.6.13 - golang.org/x/crypto v0.26.0 - golang.org/x/sys v0.24.0 + github.com/xtaci/kcp-go/v5 v5.6.18 + golang.org/x/crypto v0.31.0 + golang.org/x/sys v0.28.0 ) require ( github.com/ebfe/rc2 v0.0.0-20131011165748-24b9757f5521 // indirect - github.com/klauspost/cpuid/v2 v2.2.8 // indirect - github.com/klauspost/reedsolomon v1.12.3 // indirect - github.com/pierrec/lz4/v4 v4.1.21 // indirect + github.com/klauspost/cpuid/v2 v2.2.9 // indirect + github.com/klauspost/reedsolomon v1.12.4 // indirect + github.com/pierrec/lz4/v4 v4.1.22 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/templexxx/cpu v0.1.1 // indirect github.com/templexxx/xorsimd v0.4.3 // indirect github.com/tjfoc/gmsm v1.4.1 // indirect github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/net v0.33.0 // indirect ) diff --git a/glider/go.sum b/glider/go.sum index e072a06419..0b25550ef2 100644 --- a/glider/go.sum +++ b/glider/go.sum @@ -33,14 +33,14 @@ github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5a github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/insomniacslk/dhcp v0.0.0-20240812123929-b105c29bd1b5 h1:GkMacU5ftc+IEg1449N3UEy2XLDz58W4fkrRu2fibb8= -github.com/insomniacslk/dhcp v0.0.0-20240812123929-b105c29bd1b5/go.mod h1:KclMyHxX06VrVr0DJmeFSUb1ankt7xTfoOA35pCkoic= +github.com/insomniacslk/dhcp v0.0.0-20241219180459-a662cc47d412 h1:Gpj5alZpJhmJYx8Gljb+SxScp5+smvPA9SmajG4RenY= +github.com/insomniacslk/dhcp v0.0.0-20241219180459-a662cc47d412/go.mod h1:VvGYjkZoJyKqlmT1yzakUs4mfKMNB0XdODP0+rdml6k= github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA= github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w= -github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM= -github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= -github.com/klauspost/reedsolomon v1.12.3 h1:tzUznbfc3OFwJaTebv/QdhnFf2Xvb7gZ24XaHLBPmdc= -github.com/klauspost/reedsolomon v1.12.3/go.mod h1:3K5rXwABAvzGeR01r6pWZieUALXO/Tq7bFKGIb4m4WI= +github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY= +github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8= +github.com/klauspost/reedsolomon v1.12.4 h1:5aDr3ZGoJbgu/8+j45KtUJxzYm8k08JGtB9Wx1VQ4OA= +github.com/klauspost/reedsolomon v1.12.4/go.mod h1:d3CzOMOt0JXGIFZm1StgkyF14EYr3xneR2rNWo7NcMU= github.com/mdlayher/packet v1.1.2 h1:3Up1NG6LZrsgDVn6X4L9Ge/iyRyxFEFD9o6Pr3Q1nQY= github.com/mdlayher/packet v1.1.2/go.mod h1:GEu1+n9sG5VtiRE4SydOmX5GTwyyYlteZiFU+x0kew4= github.com/mdlayher/socket v0.4.1 h1:eM9y2/jlbs1M615oshPQOHZzj6R6wMT7bX5NPiQvn2U= @@ -49,8 +49,8 @@ github.com/nadoo/conflag v0.3.1 h1:4pHkLIz8PUsfg6ajNYRRSY3bt6m2LPsu6KOzn5uIXQw= github.com/nadoo/conflag v0.3.1/go.mod h1:dzFfDUpXdr2uS2oV+udpy5N2vfNOu/bFzjhX1WI52co= github.com/nadoo/ipset v0.5.0 h1:5GJUAuZ7ITQQQGne5J96AmFjRtI8Avlbk6CabzYWVUc= github.com/nadoo/ipset v0.5.0/go.mod h1:rYF5DQLRGGoQ8ZSWeK+6eX5amAuPqwFkWjhQlEITGJQ= -github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ= -github.com/pierrec/lz4/v4 v4.1.21/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/pierrec/lz4/v4 v4.1.22 h1:cKFw6uJDK+/gfw5BcDL0JL5aBsAFdsIT18eRtLj7VIU= +github.com/pierrec/lz4/v4 v4.1.22/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -66,15 +66,15 @@ github.com/tjfoc/gmsm v1.4.1 h1:aMe1GlZb+0bLjn+cKTPEvvn9oUEBlJitaZiiBwsbgho= github.com/tjfoc/gmsm v1.4.1/go.mod h1:j4INPkHWMrhJb38G+J6W4Tw0AbuN8Thu3PbdVYhVcTE= github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 h1:pyC9PaHYZFgEKFdlp3G8RaCKgVpHZnecvArXvPXcFkM= github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701/go.mod h1:P3a5rG4X7tI17Nn3aOIAYr5HbIMukwXG0urG0WuL8OA= -github.com/xtaci/kcp-go/v5 v5.6.13 h1:FEjtz9+D4p8t2x4WjciGt/jsIuhlWjjgPCCWjrVR4Hk= -github.com/xtaci/kcp-go/v5 v5.6.13/go.mod h1:75S1AKYYzNUSXIv30h+jPKJYZUwqpfvLshu63nCNSOM= +github.com/xtaci/kcp-go/v5 v5.6.18 h1:7oV4mc272pcnn39/13BB11Bx7hJM4ogMIEokJYVWn4g= +github.com/xtaci/kcp-go/v5 v5.6.18/go.mod h1:75S1AKYYzNUSXIv30h+jPKJYZUwqpfvLshu63nCNSOM= github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae h1:J0GxkO96kL4WF+AIT3M4mfUVinOCPgf2uUWYFUzN0sM= github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae/go.mod h1:gXtu8J62kEgmN++bm9BVICuT/e8yiLI2KFobd/TRFsE= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201012173705-84dcc777aaee/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= -golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= @@ -85,8 +85,8 @@ golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -97,11 +97,10 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= -golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= diff --git a/lede/target/linux/generic/config-6.1 b/lede/target/linux/generic/config-6.1 index f4fee0f102..406710a8dc 100644 --- a/lede/target/linux/generic/config-6.1 +++ b/lede/target/linux/generic/config-6.1 @@ -369,6 +369,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 # CONFIG_ARM64_ERRATUM_2441009 is not set # CONFIG_ARM64_ERRATUM_2658417 is not set # CONFIG_ARM64_ERRATUM_2966298 is not set +# CONFIG_ARM64_ERRATUM_3194386 is not set # CONFIG_ARM64_ERRATUM_819472 is not set # CONFIG_ARM64_ERRATUM_824069 is not set # CONFIG_ARM64_ERRATUM_826319 is not set @@ -4841,6 +4842,7 @@ CONFIG_PCI_SYSCALL=y # CONFIG_PCMCIA_XIRC2PS is not set # CONFIG_PCMCIA_XIRCOM is not set # CONFIG_PCNET32 is not set +CONFIG_PCP_BATCH_SCALE_MAX=5 # CONFIG_PCPU_DEV_REFCNT is not set # CONFIG_PCSPKR_PLATFORM is not set # CONFIG_PCS_MTK_USXGMII is not set @@ -5024,6 +5026,9 @@ CONFIG_PRINT_STACK_DEPTH=64 # CONFIG_PROC_CHILDREN is not set CONFIG_PROC_FS=y # CONFIG_PROC_KCORE is not set +CONFIG_PROC_MEM_ALWAYS_FORCE=y +# CONFIG_PROC_MEM_FORCE_PTRACE is not set +# CONFIG_PROC_MEM_NO_FORCE is not set # CONFIG_PROC_PAGE_MONITOR is not set # CONFIG_PROC_STRIPPED is not set CONFIG_PROC_SYSCTL=y diff --git a/lede/target/linux/generic/config-6.12 b/lede/target/linux/generic/config-6.12 index 8b22cc4035..6a9a3dcb49 100644 --- a/lede/target/linux/generic/config-6.12 +++ b/lede/target/linux/generic/config-6.12 @@ -178,6 +178,7 @@ CONFIG_ALLOW_DEV_COREDUMP=y # CONFIG_AMD8111_ETH is not set # CONFIG_AMD_MEM_ENCRYPT is not set # CONFIG_AMD_PHY is not set +# CONFIG_AMD_QDMA is not set # CONFIG_AMD_XGBE is not set # CONFIG_AMD_XGBE_DCB is not set # CONFIG_AMD_XGBE_HAVE_ECC is not set @@ -280,6 +281,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 # CONFIG_ARCH_OMAP3 is not set # CONFIG_ARCH_OMAP4 is not set # CONFIG_ARCH_ORION5X is not set +# CONFIG_ARCH_PENSANDO is not set # CONFIG_ARCH_PXA is not set # CONFIG_ARCH_QCOM is not set # CONFIG_ARCH_RDA is not set @@ -326,6 +328,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 # CONFIG_ARM64_AMU_EXTN is not set # CONFIG_ARM64_BTI is not set CONFIG_ARM64_CNP=y +# CONFIG_ARM64_CONTPTE is not set # CONFIG_ARM64_E0PD is not set # CONFIG_ARM64_EPAN is not set # CONFIG_ARM64_ERRATUM_1024718 is not set @@ -362,7 +365,9 @@ CONFIG_ARM64_CNP=y # CONFIG_ARM64_LSE_ATOMICS is not set # CONFIG_ARM64_MTE is not set CONFIG_ARM64_PAN=y +# CONFIG_ARM64_PLATFORM_DEVICES is not set # CONFIG_ARM64_PMEM is not set +# CONFIG_ARM64_POE is not set # CONFIG_ARM64_PSEUDO_NMI is not set # CONFIG_ARM64_PTR_AUTH is not set # CONFIG_ARM64_RAS_EXTN is not set @@ -535,12 +540,15 @@ CONFIG_ATM_CLIP_NO_ICMP=y # CONFIG_BACKLIGHT_CLASS_DEVICE is not set # CONFIG_BACKLIGHT_GPIO is not set # CONFIG_BACKLIGHT_KTD253 is not set +# CONFIG_BACKLIGHT_KTD2801 is not set # CONFIG_BACKLIGHT_KTZ8866 is not set # CONFIG_BACKLIGHT_LED is not set +# CONFIG_BACKLIGHT_LM3509 is not set # CONFIG_BACKLIGHT_LM3630A is not set # CONFIG_BACKLIGHT_LM3639 is not set # CONFIG_BACKLIGHT_LP855X is not set # CONFIG_BACKLIGHT_LV5207LP is not set +# CONFIG_BACKLIGHT_MP3309C is not set # CONFIG_BACKLIGHT_PANDORA is not set # CONFIG_BACKLIGHT_PWM is not set # CONFIG_BACKLIGHT_QCOM_WLED is not set @@ -549,7 +557,7 @@ CONFIG_ATM_CLIP_NO_ICMP=y # CONFIG_BACKTRACE_VERBOSE is not set # CONFIG_BAREUDP is not set CONFIG_BASE_FULL=y -CONFIG_BASE_SMALL=0 +# CONFIG_BASE_SMALL is not set # CONFIG_BATMAN_ADV is not set # CONFIG_BATTERY_BQ27XXX is not set # CONFIG_BATTERY_BQ27XXX_HDQ is not set @@ -563,6 +571,7 @@ CONFIG_BASE_SMALL=0 # CONFIG_BATTERY_LEGO_EV3 is not set # CONFIG_BATTERY_MAX17040 is not set # CONFIG_BATTERY_MAX17042 is not set +# CONFIG_BATTERY_MAX1720X is not set # CONFIG_BATTERY_MAX1721X is not set # CONFIG_BATTERY_RT5033 is not set # CONFIG_BATTERY_SAMSUNG_SDI is not set @@ -573,6 +582,7 @@ CONFIG_BASE_SMALL=0 # CONFIG_BAYCOM_SER_FDX is not set # CONFIG_BAYCOM_SER_HDX is not set # CONFIG_BCACHE is not set +# CONFIG_BCACHEFS_FS is not set # CONFIG_BCM47XX is not set # CONFIG_BCM54140_PHY is not set # CONFIG_BCM63XX is not set @@ -637,6 +647,7 @@ CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 # CONFIG_BLK_DEV_SR is not set # CONFIG_BLK_DEV_THROTTLING is not set # CONFIG_BLK_DEV_UBLK is not set +CONFIG_BLK_DEV_WRITE_MOUNTED=y # CONFIG_BLK_DEV_ZONED is not set # CONFIG_BLK_INLINE_ENCRYPTION is not set # CONFIG_BLK_SED_OPAL is not set @@ -961,6 +972,7 @@ CONFIG_COMPACTION=y # CONFIG_COMPAT is not set # CONFIG_COMPAT_BRK is not set # CONFIG_COMPILE_TEST is not set +# CONFIG_COMPRESSED_INSTALL is not set # CONFIG_CONFIGFS_FS is not set # CONFIG_CONNECTOR is not set CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 @@ -1425,6 +1437,7 @@ CONFIG_DMA_NONCOHERENT_MMAP=y # CONFIG_DP83869_PHY is not set # CONFIG_DP83TC811_PHY is not set # CONFIG_DP83TD510_PHY is not set +# CONFIG_DP83TG720_PHY is not set # CONFIG_DPM_WATCHDOG is not set # CONFIG_DPOT_DAC is not set # CONFIG_DPS310 is not set @@ -1864,6 +1877,7 @@ CONFIG_EXT4_USE_FOR_EXT2=y # CONFIG_EXTCON_FSA9480 is not set # CONFIG_EXTCON_GPIO is not set # CONFIG_EXTCON_INTEL_INT3496 is not set +# CONFIG_EXTCON_LC824206XA is not set # CONFIG_EXTCON_MAX3355 is not set # CONFIG_EXTCON_PTN5150 is not set # CONFIG_EXTCON_QCOM_SPMI_MISC is not set @@ -2061,6 +2075,7 @@ CONFIG_FSNOTIFY=y # CONFIG_FTRACE_STARTUP_TEST is not set # CONFIG_FTR_FIXUP_SELFTEST is not set # CONFIG_FTWDT010_WATCHDOG is not set +# CONFIG_FUEL_GAUGE_MM8013 is not set # CONFIG_FUJITSU_ERRATUM_010001 is not set # CONFIG_FUJITSU_ES is not set # CONFIG_FUJITSU_LAPTOP is not set @@ -2186,6 +2201,7 @@ CONFIG_GPIOLIB_FASTPATH_LIMIT=512 # CONFIG_GPIO_SCH311X is not set # CONFIG_GPIO_SIFIVE is not set # CONFIG_GPIO_SIM is not set +# CONFIG_GPIO_SLOPPY_LOGIC_ANALYZER is not set # CONFIG_GPIO_SYSCON is not set CONFIG_GPIO_SYSFS=y # CONFIG_GPIO_TPIC2810 is not set @@ -2267,6 +2283,7 @@ CONFIG_HARDEN_BRANCH_HISTORY=y # CONFIG_HID_GENERIC is not set # CONFIG_HID_GFRM is not set # CONFIG_HID_GLORIOUS is not set +# CONFIG_HID_GOODIX_SPI is not set # CONFIG_HID_GOOGLE_HAMMER is not set # CONFIG_HID_GOOGLE_STADIA_FF is not set # CONFIG_HID_GREENASIA is not set @@ -2343,6 +2360,7 @@ CONFIG_HARDEN_BRANCH_HISTORY=y # CONFIG_HID_WACOM is not set # CONFIG_HID_WALTOP is not set # CONFIG_HID_WIIMOTE is not set +# CONFIG_HID_WINWING is not set # CONFIG_HID_XIAOMI is not set # CONFIG_HID_XINMO is not set # CONFIG_HID_ZEROPLUS is not set @@ -2354,6 +2372,7 @@ CONFIG_HIGH_RES_TIMERS=y # CONFIG_HIPPI is not set # CONFIG_HISILICON_ERRATUM_161010101 is not set # CONFIG_HISILICON_ERRATUM_161600802 is not set +# CONFIG_HISILICON_ERRATUM_162100801 is not set # CONFIG_HISI_DMA is not set # CONFIG_HISI_FEMAC is not set # CONFIG_HISI_HIKEY_USB is not set @@ -2459,6 +2478,7 @@ CONFIG_HZ_100=y # CONFIG_I2C_DEBUG_BUS is not set # CONFIG_I2C_DEBUG_CORE is not set # CONFIG_I2C_DEMUX_PINCTRL is not set +# CONFIG_I2C_DESIGNWARE_CORE is not set # CONFIG_I2C_DESIGNWARE_PCI is not set # CONFIG_I2C_DESIGNWARE_PLATFORM is not set # CONFIG_I2C_DESIGNWARE_SLAVE is not set @@ -2597,6 +2617,8 @@ CONFIG_IIO_CONSUMERS_PER_TRIGGER=2 # CONFIG_IMX8QXP_ADC is not set # CONFIG_IMX93_ADC is not set # CONFIG_IMX_IPUV3_CORE is not set +# CONFIG_IMX_SCMI_BBM_EXT is not set +# CONFIG_IMX_SCMI_MISC_EXT is not set # CONFIG_IMX_THERMAL is not set # CONFIG_INA2XX_ADC is not set # CONFIG_INDIRECT_PIO is not set @@ -2924,6 +2946,7 @@ CONFIG_KASAN_STACK=y # CONFIG_KCOV is not set CONFIG_KCOV_IRQ_AREA_SIZE=0x40000 # CONFIG_KCSAN is not set +# CONFIG_KEBA_CP500 is not set # CONFIG_KERNEL_BZIP2 is not set # CONFIG_KERNEL_GZIP is not set # CONFIG_KERNEL_LZ4 is not set @@ -3006,6 +3029,8 @@ CONFIG_KUSER_HELPERS=y # CONFIG_L2TP_IP is not set # CONFIG_L2TP_V3 is not set # CONFIG_LAN743X is not set +# CONFIG_LAN865X is not set +# CONFIG_LAN966X_OIC is not set # CONFIG_LAN966X_SWITCH is not set # CONFIG_LANTIQ is not set # CONFIG_LAPB is not set @@ -3048,6 +3073,7 @@ CONFIG_LEDS_CLASS_MULTICOLOR=y # CONFIG_LEDS_INTEL_SS4200 is not set # CONFIG_LEDS_IS31FL319X is not set # CONFIG_LEDS_IS31FL32XX is not set +# CONFIG_LEDS_KTD202X is not set # CONFIG_LEDS_LM3530 is not set # CONFIG_LEDS_LM3532 is not set # CONFIG_LEDS_LM355x is not set @@ -3066,6 +3092,7 @@ CONFIG_LEDS_CLASS_MULTICOLOR=y # CONFIG_LEDS_LT3593 is not set # CONFIG_LEDS_MLXCPLD is not set # CONFIG_LEDS_MLXREG is not set +# CONFIG_LEDS_NCP5623 is not set # CONFIG_LEDS_NIC78BX is not set # CONFIG_LEDS_NS2 is not set # CONFIG_LEDS_OT200 is not set @@ -3091,6 +3118,7 @@ CONFIG_LEDS_TRIGGER_DEFAULT_ON=y # CONFIG_LEDS_TRIGGER_DISK is not set # CONFIG_LEDS_TRIGGER_GPIO is not set CONFIG_LEDS_TRIGGER_HEARTBEAT=y +# CONFIG_LEDS_TRIGGER_INPUT_EVENTS is not set # CONFIG_LEDS_TRIGGER_MTD is not set CONFIG_LEDS_TRIGGER_NETDEV=y # CONFIG_LEDS_TRIGGER_ONESHOT is not set @@ -3176,6 +3204,7 @@ CONFIG_LTO_NONE=y # CONFIG_LTR501 is not set # CONFIG_LTRF216A is not set # CONFIG_LV0104CS is not set +# CONFIG_LWQ_TEST is not set # CONFIG_LWTUNNEL is not set # CONFIG_LXT_PHY is not set # CONFIG_LZ4HC_COMPRESS is not set @@ -3347,15 +3376,18 @@ CONFIG_MEMFD_CREATE=y # CONFIG_MEMORY_HOTPLUG is not set # CONFIG_MEMSTICK is not set # CONFIG_MEMTEST is not set +# CONFIG_MEM_ALLOC_PROFILING is not set # CONFIG_MEN_A21_WDT is not set # CONFIG_MESON_SM is not set CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_MFD_88PM800 is not set # CONFIG_MFD_88PM805 is not set # CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_88PM886_PMIC is not set # CONFIG_MFD_AAT2870_CORE is not set # CONFIG_MFD_AC100 is not set # CONFIG_MFD_ACT8945A is not set +# CONFIG_MFD_ADP5585 is not set # CONFIG_MFD_ARIZONA_I2C is not set # CONFIG_MFD_ARIZONA_SPI is not set # CONFIG_MFD_AS3711 is not set @@ -3369,6 +3401,8 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_MFD_BD9571MWV is not set # CONFIG_MFD_CORE is not set # CONFIG_MFD_CPCAP is not set +# CONFIG_MFD_CS40L50_I2C is not set +# CONFIG_MFD_CS40L50_SPI is not set # CONFIG_MFD_CS42L43_I2C is not set # CONFIG_MFD_CS5535 is not set # CONFIG_MFD_DA9052_I2C is not set @@ -3428,6 +3462,7 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_MFD_ROHM_BD71828 is not set # CONFIG_MFD_ROHM_BD718XX is not set # CONFIG_MFD_ROHM_BD957XMUF is not set +# CONFIG_MFD_ROHM_BD96801 is not set # CONFIG_MFD_RSMU_I2C is not set # CONFIG_MFD_RSMU_SPI is not set # CONFIG_MFD_RT4831 is not set @@ -3595,6 +3630,7 @@ CONFIG_MMU_GATHER_TABLE_FREE=y CONFIG_MODPROBE_PATH="/sbin/modprobe" CONFIG_MODULES=y # CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set +# CONFIG_MODULE_COMPRESS is not set # CONFIG_MODULE_COMPRESS_GZIP is not set CONFIG_MODULE_COMPRESS_NONE=y # CONFIG_MODULE_COMPRESS_XZ is not set @@ -3918,6 +3954,7 @@ CONFIG_NETDEVICES=y # CONFIG_NETFILTER_XT_TARGET_TPROXY is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set # CONFIG_NETFS_STATS is not set +# CONFIG_NETKIT is not set # CONFIG_NETLABEL is not set # CONFIG_NETLINK_DIAG is not set # CONFIG_NETPOLL is not set @@ -4119,6 +4156,7 @@ CONFIG_NET_VENDOR_INTEL=y # CONFIG_NET_VENDOR_LITEX is not set CONFIG_NET_VENDOR_MARVELL=y CONFIG_NET_VENDOR_MELLANOX=y +# CONFIG_NET_VENDOR_META is not set CONFIG_NET_VENDOR_MICREL=y CONFIG_NET_VENDOR_MICROCHIP=y CONFIG_NET_VENDOR_MICROSEMI=y @@ -4356,11 +4394,13 @@ CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NXP_TJA11XX_PHY is not set # CONFIG_N_GSM is not set # CONFIG_OABI_COMPAT is not set +# CONFIG_OA_TC6 is not set # CONFIG_OBS600 is not set # CONFIG_OCFS2_FS is not set # CONFIG_OCTEONTX2_AF is not set # CONFIG_OCTEONTX2_PF is not set # CONFIG_OCTEON_EP is not set +# CONFIG_OCTEON_EP_VF is not set # CONFIG_OF_OVERLAY is not set CONFIG_OF_PARTITION=y CONFIG_OF_RESERVED_MEM=y @@ -4525,6 +4565,7 @@ CONFIG_PCIE_BUS_DEFAULT=y # CONFIG_PCI_LAYERSCAPE is not set # CONFIG_PCI_MESON is not set # CONFIG_PCI_MSI is not set +# CONFIG_PCI_NPEM is not set # CONFIG_PCI_PASID is not set # CONFIG_PCI_PF_STUB is not set # CONFIG_PCI_PRI is not set @@ -4613,11 +4654,13 @@ CONFIG_PCP_BATCH_SCALE_MAX=5 CONFIG_PINCONF=y # CONFIG_PINCTRL is not set # CONFIG_PINCTRL_AMD is not set +# CONFIG_PINCTRL_AW9523 is not set # CONFIG_PINCTRL_AXP209 is not set # CONFIG_PINCTRL_CEDARFORK is not set # CONFIG_PINCTRL_CY8C95X0 is not set # CONFIG_PINCTRL_EXYNOS is not set # CONFIG_PINCTRL_ICELAKE is not set +# CONFIG_PINCTRL_IMX_SCMI is not set # CONFIG_PINCTRL_INGENIC is not set # CONFIG_PINCTRL_LPASS_LPI is not set # CONFIG_PINCTRL_MCP23S08 is not set @@ -4684,6 +4727,7 @@ CONFIG_POSIX_TIMERS=y # CONFIG_POWER_RESET_SYSCON_POWEROFF is not set # CONFIG_POWER_RESET_VERSATILE is not set # CONFIG_POWER_RESET_XGENE is not set +# CONFIG_POWER_SEQUENCING is not set # CONFIG_POWER_SUPPLY is not set # CONFIG_POWER_SUPPLY_DEBUG is not set # CONFIG_POWER_SUPPLY_HWMON is not set @@ -4722,6 +4766,7 @@ CONFIG_PPP_MULTILINK=y # CONFIG_PREEMPTIRQ_DELAY_TEST is not set # CONFIG_PREEMPT_DYNAMIC is not set CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_RT is not set # CONFIG_PREEMPT_TRACER is not set # CONFIG_PREEMPT_VOLUNTARY is not set # CONFIG_PRESTERA is not set @@ -4779,6 +4824,7 @@ CONFIG_PSTORE_DEFAULT_KMSG_BYTES=10240 # CONFIG_PWM_DEBUG is not set # CONFIG_PWM_DWC is not set # CONFIG_PWM_FSL_FTM is not set +# CONFIG_PWM_GPIO is not set # CONFIG_PWM_IMG is not set # CONFIG_PWM_JZ4740 is not set # CONFIG_PWM_MEDIATEK is not set @@ -4923,6 +4969,7 @@ CONFIG_RCU_STALL_COMMON=y # CONFIG_REGULATOR_MAX1586 is not set # CONFIG_REGULATOR_MAX20086 is not set # CONFIG_REGULATOR_MAX20411 is not set +# CONFIG_REGULATOR_MAX77503 is not set # CONFIG_REGULATOR_MAX77620 is not set # CONFIG_REGULATOR_MAX77826 is not set # CONFIG_REGULATOR_MAX77857 is not set @@ -4939,6 +4986,7 @@ CONFIG_RCU_STALL_COMMON=y # CONFIG_REGULATOR_MT6311 is not set # CONFIG_REGULATOR_MT6315 is not set # CONFIG_REGULATOR_MT6359 is not set +# CONFIG_REGULATOR_NETLINK_EVENTS is not set # CONFIG_REGULATOR_PCA9450 is not set # CONFIG_REGULATOR_PF8X00 is not set # CONFIG_REGULATOR_PFUZE100 is not set @@ -5039,6 +5087,7 @@ CONFIG_RFKILL=y # CONFIG_RPR0521 is not set # CONFIG_RSEQ is not set # CONFIG_RT2X00 is not set +# CONFIG_RTASE is not set # CONFIG_RTC_CLASS is not set # CONFIG_RTC_DEBUG is not set # CONFIG_RTC_DRV_ABB5ZES3 is not set @@ -5084,6 +5133,7 @@ CONFIG_RTC_DRV_CMOS=y # CONFIG_RTC_DRV_M48T35 is not set # CONFIG_RTC_DRV_M48T59 is not set # CONFIG_RTC_DRV_M48T86 is not set +# CONFIG_RTC_DRV_MAX31335 is not set # CONFIG_RTC_DRV_MAX6900 is not set # CONFIG_RTC_DRV_MAX6902 is not set # CONFIG_RTC_DRV_MAX6916 is not set @@ -5118,8 +5168,10 @@ CONFIG_RTC_DRV_CMOS=y # CONFIG_RTC_DRV_RX6110 is not set # CONFIG_RTC_DRV_RX8010 is not set # CONFIG_RTC_DRV_RX8025 is not set +# CONFIG_RTC_DRV_RX8111 is not set # CONFIG_RTC_DRV_RX8581 is not set # CONFIG_RTC_DRV_S35390A is not set +# CONFIG_RTC_DRV_SD2405AL is not set # CONFIG_RTC_DRV_SD3078 is not set # CONFIG_RTC_DRV_SNVS is not set # CONFIG_RTC_DRV_STK17TA8 is not set @@ -5354,12 +5406,14 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_ASB100 is not set # CONFIG_SENSORS_ASC7621 is not set # CONFIG_SENSORS_ASPEED is not set +# CONFIG_SENSORS_ASUS_ROG_RYUJIN is not set # CONFIG_SENSORS_ATK0110 is not set # CONFIG_SENSORS_ATXP1 is not set # CONFIG_SENSORS_AXI_FAN_CONTROL is not set # CONFIG_SENSORS_BEL_PFE is not set # CONFIG_SENSORS_BH1770 is not set # CONFIG_SENSORS_BPA_RS600 is not set +# CONFIG_SENSORS_CHIPCAP2 is not set # CONFIG_SENSORS_CORETEMP is not set # CONFIG_SENSORS_CORSAIR_CPRO is not set # CONFIG_SENSORS_CORSAIR_PSU is not set @@ -5383,6 +5437,7 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_FTSTEUTATES is not set # CONFIG_SENSORS_G760A is not set # CONFIG_SENSORS_G762 is not set +# CONFIG_SENSORS_GIGABYTE_WATERFORCE is not set # CONFIG_SENSORS_GL518SM is not set # CONFIG_SENSORS_GL520SM is not set # CONFIG_SENSORS_GPIO_FAN is not set @@ -5440,6 +5495,7 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_LTC2947_SPI is not set # CONFIG_SENSORS_LTC2978 is not set # CONFIG_SENSORS_LTC2990 is not set +# CONFIG_SENSORS_LTC2991 is not set # CONFIG_SENSORS_LTC2992 is not set # CONFIG_SENSORS_LTC3815 is not set # CONFIG_SENSORS_LTC4151 is not set @@ -5448,6 +5504,7 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_LTC4245 is not set # CONFIG_SENSORS_LTC4260 is not set # CONFIG_SENSORS_LTC4261 is not set +# CONFIG_SENSORS_LTC4282 is not set # CONFIG_SENSORS_LTQ_CPUTEMP is not set # CONFIG_SENSORS_MAX1111 is not set # CONFIG_SENSORS_MAX127 is not set @@ -5489,6 +5546,7 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_NSA320 is not set # CONFIG_SENSORS_NTC_THERMISTOR is not set # CONFIG_SENSORS_NZXT_KRAKEN2 is not set +# CONFIG_SENSORS_NZXT_KRAKEN3 is not set # CONFIG_SENSORS_NZXT_SMART2 is not set # CONFIG_SENSORS_OCC_P8_I2C is not set # CONFIG_SENSORS_PC87360 is not set @@ -5498,7 +5556,9 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_PLI1209BC is not set # CONFIG_SENSORS_PM6764TR is not set # CONFIG_SENSORS_PMBUS is not set +# CONFIG_SENSORS_POWERZ is not set # CONFIG_SENSORS_POWR1220 is not set +# CONFIG_SENSORS_PT5161L is not set # CONFIG_SENSORS_PWM_FAN is not set # CONFIG_SENSORS_PXE1610 is not set # CONFIG_SENSORS_Q54SJ108A2 is not set @@ -5518,6 +5578,7 @@ CONFIG_SELECT_MEMORY_MODEL=y # CONFIG_SENSORS_SMSC47B397 is not set # CONFIG_SENSORS_SMSC47M1 is not set # CONFIG_SENSORS_SMSC47M192 is not set +# CONFIG_SENSORS_SPD5118 is not set # CONFIG_SENSORS_STPDDC60 is not set # CONFIG_SENSORS_STTS751 is not set # CONFIG_SENSORS_TC654 is not set @@ -5651,6 +5712,7 @@ CONFIG_SERIAL_EARLYCON=y # CONFIG_SG_SPLIT is not set # CONFIG_SHADOW_CALL_STACK is not set CONFIG_SHMEM=y +# CONFIG_SHORTCUT_FE is not set # CONFIG_SHRINKER_DEBUG is not set # CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set # CONFIG_SH_ETH is not set @@ -5675,6 +5737,7 @@ CONFIG_SIGNALFD=y # CONFIG_SKGE is not set # CONFIG_SKY2 is not set # CONFIG_SKY2_DEBUG is not set +# CONFIG_SLAB_BUCKETS is not set # CONFIG_SLAB_DEPRECATED is not set CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SLAB_FREELIST_RANDOM=y @@ -6210,6 +6273,7 @@ CONFIG_SND_X86=y # CONFIG_SPI_CADENCE is not set # CONFIG_SPI_CADENCE_QUADSPI is not set # CONFIG_SPI_CADENCE_XSPI is not set +# CONFIG_SPI_CH341 is not set # CONFIG_SPI_DEBUG is not set # CONFIG_SPI_DESIGNWARE is not set # CONFIG_SPI_FSL_DSPI is not set @@ -6390,6 +6454,7 @@ CONFIG_SYSVIPC_SYSCTL=y # CONFIG_TCG_VTPM_PROXY is not set # CONFIG_TCG_XEN is not set # CONFIG_TCIC is not set +# CONFIG_TCP_AO is not set CONFIG_TCP_CONG_ADVANCED=y # CONFIG_TCP_CONG_BBR is not set # CONFIG_TCP_CONG_BIC is not set @@ -6414,6 +6479,7 @@ CONFIG_TCP_CONG_CUBIC=y # CONFIG_TEGRA_AHB is not set # CONFIG_TEGRA_HOST1X is not set # CONFIG_TEHUTI is not set +# CONFIG_TEHUTI_TN40 is not set # CONFIG_TERANETICS_PHY is not set # CONFIG_TEST_ASYNC_DRIVER_PROBE is not set # CONFIG_TEST_BITMAP is not set @@ -6458,6 +6524,8 @@ CONFIG_TEXTSEARCH=y # CONFIG_TEXTSEARCH_FSM is not set # CONFIG_TEXTSEARCH_KMP is not set # CONFIG_THERMAL is not set +# CONFIG_THERMAL_CORE_TESTING is not set +# CONFIG_THERMAL_DEBUGFS is not set # CONFIG_THERMAL_DEFAULT_GOV_BANG_BANG is not set # CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set # CONFIG_THERMAL_DEFAULT_GOV_POWER_ALLOCATOR is not set @@ -6795,6 +6863,7 @@ CONFIG_USB_BELKIN=y # CONFIG_USB_CXACRU is not set # CONFIG_USB_CYPRESS_CY7C63 is not set # CONFIG_USB_CYTHERM is not set +CONFIG_USB_DEFAULT_AUTHORIZATION_MODE=1 CONFIG_USB_DEFAULT_PERSIST=y # CONFIG_USB_DSBR is not set # CONFIG_USB_DUMMY_HCD is not set @@ -6985,6 +7054,7 @@ CONFIG_USB_GADGET_VBUS_DRAW=2 # CONFIG_USB_OHCI_HCD_PPC_OF_LE is not set # CONFIG_USB_OHCI_HCD_SSB is not set CONFIG_USB_OHCI_LITTLE_ENDIAN=y +# CONFIG_USB_ONBOARD_DEV is not set # CONFIG_USB_ONBOARD_HUB is not set # CONFIG_USB_OTG is not set # CONFIG_USB_OTG_DISABLE_EXTERNAL_HUB is not set @@ -7509,6 +7579,7 @@ CONFIG_XZ_DEC=y # CONFIG_XZ_DEC_IA64 is not set # CONFIG_XZ_DEC_MICROLZMA is not set # CONFIG_XZ_DEC_POWERPC is not set +# CONFIG_XZ_DEC_RISCV is not set # CONFIG_XZ_DEC_SPARC is not set # CONFIG_XZ_DEC_TEST is not set # CONFIG_XZ_DEC_X86 is not set diff --git a/lede/target/linux/generic/config-6.6 b/lede/target/linux/generic/config-6.6 index 3da281e599..1da5697ed6 100644 --- a/lede/target/linux/generic/config-6.6 +++ b/lede/target/linux/generic/config-6.6 @@ -326,6 +326,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 # CONFIG_ARM64_AMU_EXTN is not set # CONFIG_ARM64_BTI is not set # CONFIG_ARM64_E0PD is not set +# CONFIG_ARM64_EPAN is not set # CONFIG_ARM64_ERRATUM_1024718 is not set # CONFIG_ARM64_ERRATUM_1165522 is not set # CONFIG_ARM64_ERRATUM_1286807 is not set @@ -346,6 +347,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 # CONFIG_ARM64_ERRATUM_2658417 is not set # CONFIG_ARM64_ERRATUM_2966298 is not set # CONFIG_ARM64_ERRATUM_3117295 is not set +# CONFIG_ARM64_ERRATUM_3194386 is not set # CONFIG_ARM64_ERRATUM_819472 is not set # CONFIG_ARM64_ERRATUM_824069 is not set # CONFIG_ARM64_ERRATUM_826319 is not set @@ -726,6 +728,7 @@ CONFIG_BROKEN_ON_SMP=y # CONFIG_BTRFS_ASSERT is not set # CONFIG_BTRFS_DEBUG is not set # CONFIG_BTRFS_FS is not set +# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set # CONFIG_BTRFS_FS_POSIX_ACL is not set # CONFIG_BTRFS_FS_REF_VERIFY is not set # CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set @@ -1242,6 +1245,7 @@ CONFIG_CRYPTO_SKCIPHER2=y # CONFIG_CXL_BASE is not set # CONFIG_CXL_BUS is not set # CONFIG_CYPRESS_FIRMWARE is not set +# CONFIG_CZNIC_PLATFORMS is not set # CONFIG_DA280 is not set # CONFIG_DA311 is not set # CONFIG_DAMON is not set @@ -1388,6 +1392,7 @@ CONFIG_DMA_DECLARE_COHERENT=y CONFIG_DMA_NONCOHERENT_MMAP=y # CONFIG_DMA_RESTRICTED_POOL is not set # CONFIG_DMA_SHARED_BUFFER is not set +# CONFIG_DM_AUDIT is not set # CONFIG_DM_CACHE is not set # CONFIG_DM_CLONE is not set # CONFIG_DM_DEBUG is not set @@ -1494,6 +1499,7 @@ CONFIG_DQL=y # CONFIG_DRM_NOUVEAU is not set # CONFIG_DRM_NWL_MIPI_DSI is not set # CONFIG_DRM_NXP_PTN3460 is not set +# CONFIG_DRM_OFDRM is not set # CONFIG_DRM_OMAP is not set # CONFIG_DRM_PANEL_ABT_Y030XX067A is not set # CONFIG_DRM_PANEL_ARM_VERSATILE is not set @@ -1920,6 +1926,7 @@ CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" # CONFIG_FB_IBM_GXT4500 is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_IMX is not set +# CONFIG_FB_INTEL is not set # CONFIG_FB_KYRO is not set # CONFIG_FB_LE80578 is not set # CONFIG_FB_LITTLE_ENDIAN is not set @@ -2708,7 +2715,10 @@ CONFIG_INPUT_MISC=y # CONFIG_INTEL_IOATDMA is not set # CONFIG_INTEL_ISH_HID is not set # CONFIG_INTEL_MEI is not set +# CONFIG_INTEL_MEI_GSC_PROXY is not set +# CONFIG_INTEL_MEI_HDCP is not set # CONFIG_INTEL_MEI_ME is not set +# CONFIG_INTEL_MEI_PXP is not set # CONFIG_INTEL_MEI_TXE is not set # CONFIG_INTEL_OAKTRAIL is not set # CONFIG_INTEL_PMC_CORE is not set @@ -4331,6 +4341,7 @@ CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NVMEM_IMX_OCOTP is not set # CONFIG_NVMEM_LAYOUT_ONIE_TLV is not set # CONFIG_NVMEM_LAYOUT_SL28_VPD is not set +# CONFIG_NVMEM_LAYOUT_U_BOOT_ENV is not set # CONFIG_NVMEM_REBOOT_MODE is not set # CONFIG_NVMEM_RMEM is not set # CONFIG_NVMEM_SYSFS is not set @@ -4549,6 +4560,7 @@ CONFIG_PCI_SYSCALL=y # CONFIG_PCMCIA_XIRCOM is not set # CONFIG_PCNET32 is not set # CONFIG_PCPU_DEV_REFCNT is not set +CONFIG_PCP_BATCH_SCALE_MAX=5 # CONFIG_PCSPKR_PLATFORM is not set # CONFIG_PCS_MTK_USXGMII is not set # CONFIG_PCS_XPCS is not set @@ -4725,6 +4737,9 @@ CONFIG_PRINT_STACK_DEPTH=64 # CONFIG_PROC_CHILDREN is not set CONFIG_PROC_FS=y # CONFIG_PROC_KCORE is not set +CONFIG_PROC_MEM_ALWAYS_FORCE=y +# CONFIG_PROC_MEM_FORCE_PTRACE is not set +# CONFIG_PROC_MEM_NO_FORCE is not set # CONFIG_PROC_PAGE_MONITOR is not set # CONFIG_PROC_STRIPPED is not set CONFIG_PROC_SYSCTL=y @@ -5140,6 +5155,7 @@ CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTS5208 is not set CONFIG_RT_MUTEXES=y CONFIG_RUNTIME_TESTING_MENU=y +# CONFIG_RUST is not set # CONFIG_RV is not set CONFIG_RXKAD=y # CONFIG_RXPERF is not set @@ -6793,6 +6809,7 @@ CONFIG_USB_DEFAULT_PERSIST=y # CONFIG_USB_DWC3_EXYNOS is not set # CONFIG_USB_DWC3_HAPS is not set # CONFIG_USB_DWC3_KEYSTONE is not set +# CONFIG_USB_DWC3_OCTEON is not set # CONFIG_USB_DWC3_OF_SIMPLE is not set # CONFIG_USB_DWC3_PCI is not set # CONFIG_USB_DWC3_QCOM is not set @@ -6997,6 +7014,7 @@ CONFIG_USB_OHCI_LITTLE_ENDIAN=y # CONFIG_USB_SERIAL_ARK3116 is not set # CONFIG_USB_SERIAL_BELKIN is not set # CONFIG_USB_SERIAL_CH341 is not set +# CONFIG_USB_SERIAL_CH348 is not set # CONFIG_USB_SERIAL_CP210X is not set # CONFIG_USB_SERIAL_CYBERJACK is not set # CONFIG_USB_SERIAL_CYPRESS_M8 is not set diff --git a/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua b/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua index 6851861399..ae0617a663 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/controller/passwall.lua @@ -8,6 +8,7 @@ local uci = luci.model.uci.cursor() -- in funtion index() local http = require "luci.http" local util = require "luci.util" local i18n = require "luci.i18n" +local fs = require "nixio.fs" function index() if not nixio.fs.access("/etc/config/passwall") then @@ -46,7 +47,7 @@ function index() entry({"admin", "services", appname, "socks_config"}, cbi(appname .. "/client/socks_config")).leaf = true entry({"admin", "services", appname, "acl"}, cbi(appname .. "/client/acl"), _("Access control"), 98).leaf = true entry({"admin", "services", appname, "acl_config"}, cbi(appname .. "/client/acl_config")).leaf = true - entry({"admin", "services", appname, "log"}, form(appname .. "/client/log"), _("Watch Logs"), 999).leaf = true + entry({"admin", "services", appname, "log"}, form(appname .. "/client/log"), _("Log Maint"), 999).leaf = true --[[ Server ]] entry({"admin", "services", appname, "server"}, cbi(appname .. "/server/index"), _("Server-Side"), 99).leaf = true @@ -90,6 +91,9 @@ function index() entry({"admin", "services", appname, "check_" .. com}, call("com_check", com)).leaf = true entry({"admin", "services", appname, "update_" .. com}, call("com_update", com)).leaf = true end + + --[[Backup]] + entry({"admin", "services", appname, "backup"}, call("create_backup")).leaf = true end local function http_write_json(content) @@ -500,9 +504,29 @@ function read_rulelist(list) else rule_path = "/usr/share/passwall/rules/chnroute" end - if api.fs.access(rule_path) then - luci.http.prepare_content("text/plain") - luci.http.write(api.fs.readfile(rule_path)) + if fs.access(rule_path) then + http.prepare_content("text/plain") + http.write(fs.readfile(rule_path)) end end +function create_backup() + local backup_files = { + "/etc/config/passwall", + "/etc/config/passwall_server", + "/usr/share/passwall/rules/block_host", + "/usr/share/passwall/rules/block_ip", + "/usr/share/passwall/rules/direct_host", + "/usr/share/passwall/rules/direct_ip", + "/usr/share/passwall/rules/proxy_host", + "/usr/share/passwall/rules/proxy_ip" + } + local tar_file = "/tmp/passwall-backup.tar.gz" + fs.remove(tar_file) + local cmd = "tar -czf " .. tar_file .. " " .. table.concat(backup_files, " ") + api.sys.call(cmd) + http.header("Content-Disposition", "attachment; filename=passwall-backup.tar.gz") + http.prepare_content("application/octet-stream") + http.write(fs.readfile(tar_file)) + fs.remove(tar_file) +end diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua index ef8c9be0bd..8abea56c89 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua @@ -1,8 +1,72 @@ local api = require "luci.passwall.api" +local http = require "luci.http" local appname = "passwall" +local fs = api.fs +local sys = api.sys f = SimpleForm(appname) f.reset = false f.submit = false f:append(Template(appname .. "/log/log")) -return f + +fb = SimpleForm('backup-restore') +fb.reset = false +fb.submit = false +s = fb:section(SimpleSection, translate("Backup and Restore"), translate("Backup or Restore Client and Server Configurations.")) +o = s:option(DummyValue, '', nil) +o.template = appname .. "/log/backup_restore" + + +local backup_files = { + "/etc/config/passwall", + "/etc/config/passwall_server", + "/usr/share/passwall/rules/block_host", + "/usr/share/passwall/rules/block_ip", + "/usr/share/passwall/rules/direct_host", + "/usr/share/passwall/rules/direct_ip", + "/usr/share/passwall/rules/proxy_host", + "/usr/share/passwall/rules/proxy_ip" +} + +local file_path = '/tmp/passwall_upload.tar.gz' +local temp_dir = '/tmp/passwall_bak' +local fd +http.setfilehandler(function(meta, chunk, eof) + if not fd and meta and meta.name == "ulfile" and chunk then + sys.call("rm -rf " .. temp_dir) + fs.remove(file_path) + fd = nixio.open(file_path, "w") + sys.call("echo '' > /tmp/log/passwall.log") + end + if fd and chunk then + fd:write(chunk) + end + if eof and fd then + fd:close() + fd = nil + if fs.access(file_path) then + api.log(" * PassWall 配置文件上传成功…") + sys.call("mkdir -p " .. temp_dir) + if sys.call("tar -xzf " .. file_path .. " -C " .. temp_dir) == 0 then + for _, backup_file in ipairs(backup_files) do + local temp_file = temp_dir .. backup_file + if fs.access(temp_file) then + sys.call("cp -f " .. temp_file .. " " .. backup_file) + end + end + api.log(" * PassWall 配置还原成功…") + api.log(" * 重启 PassWall 服务中…\n") + sys.call('/etc/init.d/passwall restart > /dev/null 2>&1 &') + sys.call('/etc/init.d/passwall_server restart > /dev/null 2>&1 &') + else + api.log(" * PassWall 配置文件解压失败,请重试!") + end + else + api.log(" * PassWall 配置文件上传失败,请重试!") + end + sys.call("rm -rf " .. temp_dir) + fs.remove(file_path) + end +end) + +return f, fb diff --git a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/faq.htm b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/faq.htm index ca92ed61b0..ccb0f4e402 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/faq.htm +++ b/openwrt-passwall/luci-app-passwall/luasrc/view/passwall/global/faq.htm @@ -47,16 +47,9 @@ local api = require "luci.passwall.api" +<%+cbi/valuefooter%> diff --git a/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po b/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po index a845a9a0d0..b02db4bf9e 100644 --- a/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po +++ b/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po @@ -52,9 +52,6 @@ msgstr "规则列表" msgid "Access control" msgstr "访问控制" -msgid "Watch Logs" -msgstr "查看日志" - msgid "Node Config" msgstr "节点配置" @@ -238,9 +235,6 @@ msgstr "清空 NFTSET" msgid "Try this feature if the rule modification does not take effect." msgstr "如果修改规则后没有生效,请尝试此功能。" -msgid "Are you sure to reset?" -msgstr "你确定要恢复吗?" - msgid "Are you sure to hide?" msgstr "你确定要隐藏吗?" @@ -265,9 +259,6 @@ msgstr "对于移动设备,可通过重新接入网络的方式清除。比如 msgid "Please make sure your device's network settings point both the DNS server and default gateway to this router, to ensure DNS queries are properly routed." msgstr "请确认您设备的网络设置,客户端 DNS 服务器和默认网关应均指向本路由器,以确保 DNS 查询正确路由。" -msgid "Restore to default configuration:" -msgstr "恢复默认配置:" - msgid "Browser access:" msgstr "浏览器访问:" @@ -1758,3 +1749,42 @@ msgstr "总行数:" msgid "Read List" msgstr "读取列表" + +msgid "Log Maint" +msgstr "日志维护" + +msgid "Backup and Restore" +msgstr "备份还原" + +msgid "Backup or Restore Client and Server Configurations." +msgstr "备份或还原客户端及服务端配置。" + +msgid "Create Backup File" +msgstr "创建备份文件" + +msgid "Restore Backup File" +msgstr "恢复备份文件" + +msgid "DL Backup" +msgstr "下载备份" + +msgid "RST Backup" +msgstr "恢复备份" + +msgid "UL Restore" +msgstr "上传恢复" + +msgid "CLOSE WIN" +msgstr "关闭窗口" + +msgid "Restore to default configuration" +msgstr "恢复默认配置" + +msgid "Do Reset" +msgstr "执行重置" + +msgid "Do you want to restore the client to default settings?" +msgstr "是否要恢复客户端默认配置?" + +msgid "Are you sure you want to restore the client to default settings?" +msgstr "是否真的要恢复客户端默认配置?" diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh index 57f52f094f..752930837b 100755 --- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1598,7 +1598,9 @@ start_dns() { [ "1" = "0" ] && { DIRECT_DNSMASQ_PORT=$(get_new_port 11400) DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf - lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} + DIRECT_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/direct_dnsmasq.d + mkdir -p ${DIRECT_DNSMASQ_CONF_PATH} + lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} -TMP_DNSMASQ_PATH ${DIRECT_DNSMASQ_CONF_PATH} ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid echo "${DIRECT_DNSMASQ_PORT}" > ${GLOBAL_ACL_PATH}/direct_dnsmasq_port } @@ -1612,7 +1614,7 @@ start_dns() { -USE_DIRECT_LIST "${USE_DIRECT_LIST}" -USE_PROXY_LIST "${USE_PROXY_LIST}" -USE_BLOCK_LIST "${USE_BLOCK_LIST}" -USE_GFW_LIST "${USE_GFW_LIST}" -CHN_LIST "${CHN_LIST}" \ -TCP_NODE ${TCP_NODE} -DEFAULT_PROXY_MODE ${TCP_PROXY_MODE} -NO_PROXY_IPV6 ${DNSMASQ_FILTER_PROXY_IPV6:-0} -NFTFLAG ${nftflag:-0} \ -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0} - /etc/init.d/dnsmasq restart >/dev/null 2>&1 + lua $APP_PATH/helper_dnsmasq.lua logic_restart -LOG 1 else #Run a copy dnsmasq instance, DNS hijack for that need proxy devices. GLOBAL_DNSMASQ_PORT=$(get_new_port 11400) @@ -2017,7 +2019,6 @@ start() { } [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh start set_cache_var "USE_TABLES" "$USE_TABLES" - [ -z "$(get_cache_var "ACL_default_dns_port")" ] && lua $APP_PATH/helper_dnsmasq.lua logic_restart -LOG 1 if [ "$ENABLED_DEFAULT_ACL" == 1 ] || [ "$ENABLED_ACLS" == 1 ]; then bridge_nf_ipt=$(sysctl -e -n net.bridge.bridge-nf-call-iptables) set_cache_var "bak_bridge_nf_ipt" "$bridge_nf_ipt" @@ -2139,19 +2140,17 @@ LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}" IPT_APPEND_DNS=${LOCAL_DNS} DNSMASQ_CONF_DIR=/tmp/dnsmasq.d -TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')" if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")" if [ -n "$DNSMASQ_CONF_DIR" ]; then DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/} - TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} else DNSMASQ_CONF_DIR="/tmp/dnsmasq.d" fi fi GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf -GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH} +GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d DNS_QUERY_STRATEGY="UseIP" [ "$FILTER_PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIPv4" diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua index 18d01d14b3..990c90396c 100644 --- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua +++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/helper_dnsmasq.lua @@ -102,10 +102,8 @@ function logic_restart(var) tinsert(dns_table, v) end end - if dns_table and #dns_table > 0 then - uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table) - uci:commit("dhcp") - end + uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table) + uci:commit("dhcp") end sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1") restore_servers() @@ -119,6 +117,7 @@ end function copy_instance(var) local LISTEN_PORT = var["-LISTEN_PORT"] + local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"] local conf_lines = {} local DEFAULT_DNSMASQ_CFGID = sys.exec("echo -n $(uci -q show dhcp.@dnsmasq[0] | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')") for line in io.lines("/tmp/etc/dnsmasq.conf." .. DEFAULT_DNSMASQ_CFGID) do @@ -128,19 +127,30 @@ function copy_instance(var) if line:find("dhcp") then filter = true end if line:find("server=") == 1 then filter = true end if line:find("port=") == 1 then filter = true end + if line:find("conf%-dir=") == 1 then + filter = true + if TMP_DNSMASQ_PATH then + local tmp_path = line:sub(1 + #"conf-dir=") + sys.call(string.format("cp -r %s/* %s/ 2>/dev/null", tmp_path, TMP_DNSMASQ_PATH)) + end + end if line:find("address=") == 1 or (line:find("server=") == 1 and line:find("/")) then filter = nil end if not filter then tinsert(conf_lines, line) end end tinsert(conf_lines, "port=" .. LISTEN_PORT) - if var["-return_table"] == "1" then + if TMP_DNSMASQ_PATH then + sys.call("rm -rf " .. TMP_DNSMASQ_PATH .. "/*passwall*") + end + if var["-return"] == "1" then return conf_lines end if #conf_lines > 0 then local DNSMASQ_CONF = var["-DNSMASQ_CONF"] local conf_out = io.open(DNSMASQ_CONF, "a") conf_out:write(table.concat(conf_lines, "\n")) + conf_out:write("\n") conf_out:close() end end @@ -619,7 +629,7 @@ function add_rule(var) local conf_lines = {} if LISTEN_PORT then --Copy dnsmasq instance - conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-return_table"] = "1"}) + conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-TMP_DNSMASQ_PATH"] = TMP_DNSMASQ_PATH, ["-return"] = "1"}) else --Modify the default dnsmasq service end @@ -644,6 +654,7 @@ function add_rule(var) if #conf_lines > 0 then local conf_out = io.open(DNSMASQ_CONF_FILE, "a") conf_out:write(table.concat(conf_lines, "\n")) + conf_out:write("\n") conf_out:close() end end diff --git a/openwrt-passwall2/luci-app-passwall2/Makefile b/openwrt-passwall2/luci-app-passwall2/Makefile index 6fac8b3847..b1e68741fc 100644 --- a/openwrt-passwall2/luci-app-passwall2/Makefile +++ b/openwrt-passwall2/luci-app-passwall2/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall2 -PKG_VERSION:=24.12.21 +PKG_VERSION:=24.12.22 PKG_RELEASE:=1 PKG_CONFIG_DEPENDS:= \ diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh index 3a67fcae41..f2531161a1 100755 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh @@ -12,6 +12,7 @@ TMP_ROUTE_PATH=$TMP_PATH/route TMP_ACL_PATH=$TMP_PATH/acl TMP_IFACE_PATH=$TMP_PATH/iface TMP_PATH2=/tmp/etc/${CONFIG}_tmp +GLOBAL_ACL_PATH=${TMP_ACL_PATH}/default LOG_FILE=/tmp/log/$CONFIG.log APP_PATH=/usr/share/$CONFIG RULES_PATH=/usr/share/${CONFIG}/rules @@ -373,15 +374,15 @@ run_xray() { [ "${write_ipset_direct}" = "1" ] && { direct_dnsmasq_listen_port=$(get_new_port $(expr $dns_listen_port + 1) udp) local set_flag="${flag}" - local direct_ipset_conf=${TMP_ACL_PATH}/default/dns_${flag}_direct.conf + local direct_ipset_conf=${GLOBAL_ACL_PATH}/dns_${flag}_direct.conf [ -n "$(echo ${flag} | grep '^acl')" ] && { direct_ipset_conf=${TMP_ACL_PATH}/${sid}/dns_${flag}_direct.conf set_flag=$(echo ${flag} | awk -F '_' '{print $2}') } if [ "${nftflag}" = "1" ]; then - local direct_nftset="4#inet#passwall2#passwall2_${set_flag}_whitelist,6#inet#passwall2#passwall2_${set_flag}_whitelist6" + local direct_nftset="4#inet#passwall2#passwall2_${set_flag}_white,6#inet#passwall2#passwall2_${set_flag}_white6" else - local direct_ipset="passwall2_${set_flag}_whitelist,passwall2_${set_flag}_whitelist6" + local direct_ipset="passwall2_${set_flag}_white,passwall2_${set_flag}_white6" fi run_ipset_dns_server listen_port=${direct_dnsmasq_listen_port} server_dns=${AUTO_DNS} ipset="${direct_ipset}" nftset="${direct_nftset}" config_file=${direct_ipset_conf} DIRECT_DNS_UDP_PORT=${direct_dnsmasq_listen_port} @@ -487,15 +488,15 @@ run_singbox() { [ "${write_ipset_direct}" = "1" ] && { direct_dnsmasq_listen_port=$(get_new_port $(expr $dns_listen_port + 1) udp) local set_flag="${flag}" - local direct_ipset_conf=${TMP_ACL_PATH}/default/dns_${flag}_direct.conf + local direct_ipset_conf=${GLOBAL_ACL_PATH}/dns_${flag}_direct.conf [ -n "$(echo ${flag} | grep '^acl')" ] && { direct_ipset_conf=${TMP_ACL_PATH}/${sid}/dns_${flag}_direct.conf set_flag=$(echo ${flag} | awk -F '_' '{print $2}') } if [ "${nftflag}" = "1" ]; then - local direct_nftset="4#inet#passwall2#passwall2_${set_flag}_whitelist,6#inet#passwall2#passwall2_${set_flag}_whitelist6" + local direct_nftset="4#inet#passwall2#passwall2_${set_flag}_white,6#inet#passwall2#passwall2_${set_flag}_white6" else - local direct_ipset="passwall2_${set_flag}_whitelist,passwall2_${set_flag}_whitelist6" + local direct_ipset="passwall2_${set_flag}_white,passwall2_${set_flag}_white6" fi run_ipset_dns_server listen_port=${direct_dnsmasq_listen_port} server_dns=${AUTO_DNS} ipset="${direct_ipset}" nftset="${direct_nftset}" config_file=${direct_ipset_conf} DIRECT_DNS_UDP_PORT=${direct_dnsmasq_listen_port} @@ -708,7 +709,7 @@ run_global() { [ -z "$NODE" ] && return 1 TYPE=$(echo $(config_n_get $NODE type) | tr 'A-Z' 'a-z') [ -z "$TYPE" ] && return 1 - mkdir -p $TMP_ACL_PATH/default + mkdir -p ${GLOBAL_ACL_PATH} if [ $PROXY_IPV6 == "1" ]; then echolog "开启实验性IPv6透明代理(TProxy),请确认您的节点及类型支持IPv6!" @@ -746,8 +747,8 @@ run_global() { msg="${msg})" echolog ${msg} - V2RAY_CONFIG=$TMP_ACL_PATH/default/global.json - V2RAY_LOG=$TMP_ACL_PATH/default/global.log + V2RAY_CONFIG=${GLOBAL_ACL_PATH}/global.json + V2RAY_LOG=${GLOBAL_ACL_PATH}/global.log [ "$(config_t_get global log_node 1)" != "1" ] && V2RAY_LOG="/dev/null" V2RAY_ARGS="${V2RAY_ARGS} log_file=${V2RAY_LOG} config_file=${V2RAY_CONFIG}" @@ -782,7 +783,9 @@ run_global() { [ "1" = "0" ] && { DIRECT_DNSMASQ_PORT=$(get_new_port 11400) DIRECT_DNSMASQ_CONF=${GLOBAL_ACL_PATH}/direct_dnsmasq.conf - lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} + DIRECT_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/direct_dnsmasq.d + mkdir -p ${DIRECT_DNSMASQ_CONF_PATH} + lua $APP_PATH/helper_dnsmasq.lua copy_instance -LISTEN_PORT ${DIRECT_DNSMASQ_PORT} -DNSMASQ_CONF ${DIRECT_DNSMASQ_CONF} -TMP_DNSMASQ_PATH ${DIRECT_DNSMASQ_CONF_PATH} ln_run "$(first_type dnsmasq)" "dnsmasq_direct" "/dev/null" -C ${DIRECT_DNSMASQ_CONF} -x ${GLOBAL_ACL_PATH}/direct_dnsmasq.pid set_cache_var "DIRECT_DNSMASQ_PORT" "${DIRECT_DNSMASQ_PORT}" } @@ -794,7 +797,7 @@ run_global() { -DEFAULT_DNS ${AUTO_DNS} -LOCAL_DNS ${LOCAL_DNS:-${AUTO_DNS}} -TUN_DNS ${TUN_DNS} \ -NFTFLAG ${nftflag:-0} \ -NO_LOGIC_LOG ${NO_LOGIC_LOG:-0} - /etc/init.d/dnsmasq restart >/dev/null 2>&1 + lua $APP_PATH/helper_dnsmasq.lua logic_restart -LOG 1 else #Run a copy dnsmasq instance, DNS hijack for that need proxy devices. GLOBAL_DNSMASQ_PORT=$(get_new_port 11400) @@ -1052,11 +1055,11 @@ run_ipset_chinadns_ng() { [ -n "${ipset}" ] && { set_names=$ipset - vps_set_names="passwall2_vpslist,passwall2_vpslist6" + vps_set_names="passwall2_vps,passwall2_vps6" } [ -n "${nftset}" ] && { set_names=$(echo ${nftset} | awk -F, '{printf "%s,%s", substr($1,3), substr($2,3)}' | sed 's/#/@/g') - vps_set_names="inet@passwall2@passwall2_vpslist,inet@passwall2@passwall2_vpslist6" + vps_set_names="inet@passwall2@passwall2_vps,inet@passwall2@passwall2_vps6" } cat <<-EOF > $config_file bind-addr 127.0.0.1 @@ -1256,7 +1259,7 @@ start() { uci -q commit ${CONFIG} uci -q set dhcp.@dnsmasq[0].dns_redirect='0' uci -q commit dhcp - /etc/init.d/dnsmasq restart >/dev/null 2>&1 + lua $APP_PATH/helper_dnsmasq.lua restart -LOG 0 } fi [ "$ENABLED_DEFAULT_ACL" == 1 ] && run_global @@ -1354,19 +1357,17 @@ DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print AUTO_DNS=${DEFAULT_DNS:-119.29.29.29} DNSMASQ_CONF_DIR=/tmp/dnsmasq.d -TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')" if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")" if [ -n "$DNSMASQ_CONF_DIR" ]; then DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/} - TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG} else DNSMASQ_CONF_DIR="/tmp/dnsmasq.d" fi fi GLOBAL_DNSMASQ_CONF=${DNSMASQ_CONF_DIR}/dnsmasq-${CONFIG}.conf -GLOBAL_DNSMASQ_CONF_PATH=${TMP_DNSMASQ_PATH} +GLOBAL_DNSMASQ_CONF_PATH=${GLOBAL_ACL_PATH}/dnsmasq.d PROXY_IPV6=$(config_t_get global_forwarding ipv6_tproxy 0) diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua index 9e93b68ef7..95ccebdc94 100644 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/helper_dnsmasq.lua @@ -102,10 +102,8 @@ function logic_restart(var) tinsert(dns_table, v) end end - if dns_table and #dns_table > 0 then - uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table) - uci:commit("dhcp") - end + uci:set_list("dhcp", "@dnsmasq[0]", "server", dns_table) + uci:commit("dhcp") end sys.call("/etc/init.d/dnsmasq restart >/dev/null 2>&1") restore_servers() @@ -119,6 +117,7 @@ end function copy_instance(var) local LISTEN_PORT = var["-LISTEN_PORT"] + local TMP_DNSMASQ_PATH = var["-TMP_DNSMASQ_PATH"] local conf_lines = {} local DEFAULT_DNSMASQ_CFGID = sys.exec("echo -n $(uci -q show dhcp.@dnsmasq[0] | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')") for line in io.lines("/tmp/etc/dnsmasq.conf." .. DEFAULT_DNSMASQ_CFGID) do @@ -128,13 +127,23 @@ function copy_instance(var) if line:find("dhcp") then filter = true end if line:find("server=") == 1 then filter = true end if line:find("port=") == 1 then filter = true end + if line:find("conf%-dir=") == 1 then + filter = true + if TMP_DNSMASQ_PATH then + local tmp_path = line:sub(1 + #"conf-dir=") + sys.call(string.format("cp -r %s/* %s/ 2>/dev/null", tmp_path, TMP_DNSMASQ_PATH)) + end + end if line:find("address=") == 1 or (line:find("server=") == 1 and line:find("/")) then filter = nil end if not filter then tinsert(conf_lines, line) end end tinsert(conf_lines, "port=" .. LISTEN_PORT) - if var["-return_table"] == "1" then + if TMP_DNSMASQ_PATH then + sys.call("rm -rf " .. TMP_DNSMASQ_PATH .. "/*passwall*") + end + if var["-return"] == "1" then return conf_lines end if #conf_lines > 0 then @@ -266,7 +275,7 @@ function add_rule(var) if address == "engage.cloudflareclient.com" then return end if datatypes.hostname(address) then set_domain_dns(address, fwd_dns) - set_domain_ipset(address, setflag_4 .. "passwall2_vpslist," .. setflag_6 .. "passwall2_vpslist6") + set_domain_ipset(address, setflag_4 .. "passwall2_vps," .. setflag_6 .. "passwall2_vps6") end end process_address(t.address) @@ -316,7 +325,7 @@ function add_rule(var) local conf_lines = {} if LISTEN_PORT then --Copy dnsmasq instance - conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-return_table"] = "1"}) + conf_lines = copy_instance({["-LISTEN_PORT"] = LISTEN_PORT, ["-TMP_DNSMASQ_PATH"] = TMP_DNSMASQ_PATH, ["-return"] = "1"}) else --Modify the default dnsmasq service end @@ -336,6 +345,7 @@ function add_rule(var) if #conf_lines > 0 then local conf_out = io.open(DNSMASQ_CONF_FILE, "a") conf_out:write(table.concat(conf_lines, "\n")) + conf_out:write("\n") conf_out:close() end end diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh index 97e64ebf8f..9f352ee577 100755 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/iptables.sh @@ -2,13 +2,13 @@ DIR="$(cd "$(dirname "$0")" && pwd)" MY_PATH=$DIR/iptables.sh -IPSET_LOCALLIST="passwall2_locallist" -IPSET_LANLIST="passwall2_lanlist" -IPSET_VPSLIST="passwall2_vpslist" +IPSET_LOCAL="passwall2_local" +IPSET_LAN="passwall2_lan" +IPSET_VPS="passwall2_vps" -IPSET_LOCALLIST6="passwall2_locallist6" -IPSET_LANLIST6="passwall2_lanlist6" -IPSET_VPSLIST6="passwall2_vpslist6" +IPSET_LOCAL6="passwall2_local6" +IPSET_LAN6="passwall2_lan6" +IPSET_VPS6="passwall2_vps6" FORCE_INDEX=2 @@ -301,18 +301,18 @@ load_acl() { write_ipset_direct=${write_ipset_direct:-1} [ "${write_ipset_direct}" = "1" ] && { if [ -n "$(get_cache_var "ACL_${sid}_default")" ]; then - local ipset_whitelist=${ipset_global_whitelist} - local ipset_whitelist6=${ipset_global_whitelist6} + local ipset_white=${ipset_global_white} + local ipset_white6=${ipset_global_white6} shunt_list4=${SHUNT_LIST4} shunt_list6=${SHUNT_LIST6} else - local ipset_whitelist="passwall2_${sid}_whitelist" - local ipset_whitelist6="passwall2_${sid}_whitelist6" - ipset -! create $ipset_whitelist nethash maxelem 1048576 - ipset -! create $ipset_whitelist6 nethash family inet6 maxelem 1048576 + local ipset_white="passwall2_${sid}_white" + local ipset_white6="passwall2_${sid}_white6" + ipset -! create $ipset_white nethash maxelem 1048576 + ipset -! create $ipset_white6 nethash family inet6 maxelem 1048576 #分流规则的IP列表(使用分流节点时导入) - gen_shunt_list ${node} shunt_list4 shunt_list6 ${write_ipset_direct} ${ipset_whitelist} ${ipset_whitelist6} + gen_shunt_list ${node} shunt_list4 shunt_list6 ${write_ipset_direct} ${ipset_white} ${ipset_white6} fi } @@ -562,16 +562,16 @@ load_acl() { filter_haproxy() { for item in $(uci show $CONFIG | grep ".lbss=" | cut -d "'" -f 2); do local ip=$(get_host_ip ipv4 $(echo $item | awk -F ":" '{print $1}') 1) - [ -n "$ip" ] && ipset -q add $IPSET_VPSLIST $ip + [ -n "$ip" ] && ipset -q add $IPSET_VPS $ip done - echolog "加入负载均衡的节点到ipset[$IPSET_VPSLIST]直连完成" + echolog "加入负载均衡的节点到ipset[$IPSET_VPS]直连完成" } filter_vpsip() { - uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | grep -v "^127\.0\.0\.1$" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - echolog " - [$?]加入所有IPv4节点到ipset[$IPSET_VPSLIST]直连完成" - uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSLIST6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R - echolog " - [$?]加入所有IPv6节点到ipset[$IPSET_VPSLIST6]直连完成" + uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | grep -v "^127\.0\.0\.1$" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPS &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R + echolog " - [$?]加入所有IPv4节点到ipset[$IPSET_VPS]直连完成" + uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPS6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R + echolog " - [$?]加入所有IPv6节点到ipset[$IPSET_VPS6]直连完成" } filter_server_port() { @@ -620,27 +620,27 @@ filter_direct_node_list() { add_firewall_rule() { echolog "开始加载防火墙规则..." - ipset -! create $IPSET_LOCALLIST nethash maxelem 1048576 - ipset -! create $IPSET_LANLIST nethash maxelem 1048576 - ipset -! create $IPSET_VPSLIST nethash maxelem 1048576 + ipset -! create $IPSET_LOCAL nethash maxelem 1048576 + ipset -! create $IPSET_LAN nethash maxelem 1048576 + ipset -! create $IPSET_VPS nethash maxelem 1048576 - ipset -! create $IPSET_LOCALLIST6 nethash family inet6 maxelem 1048576 - ipset -! create $IPSET_LANLIST6 nethash family inet6 maxelem 1048576 - ipset -! create $IPSET_VPSLIST6 nethash family inet6 maxelem 1048576 + ipset -! create $IPSET_LOCAL6 nethash family inet6 maxelem 1048576 + ipset -! create $IPSET_LAN6 nethash family inet6 maxelem 1048576 + ipset -! create $IPSET_VPS6 nethash family inet6 maxelem 1048576 ipset -! -R <<-EOF - $(ip address show | grep -w "inet" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/^/add $IPSET_LOCALLIST /") + $(ip address show | grep -w "inet" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/^/add $IPSET_LOCAL /") EOF ipset -! -R <<-EOF - $(ip address show | grep -w "inet6" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/^/add $IPSET_LOCALLIST6 /") + $(ip address show | grep -w "inet6" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/^/add $IPSET_LOCAL6 /") EOF ipset -! -R <<-EOF - $(gen_lanlist | sed -e "s/^/add $IPSET_LANLIST /") + $(gen_lanlist | sed -e "s/^/add $IPSET_LAN /") EOF ipset -! -R <<-EOF - $(gen_lanlist_6 | sed -e "s/^/add $IPSET_LANLIST6 /") + $(gen_lanlist_6 | sed -e "s/^/add $IPSET_LAN6 /") EOF # 忽略特殊IP段 @@ -653,18 +653,18 @@ add_firewall_rule() { #echolog "本机IPv6网段互访直连:${lan_ip6}" [ -n "$lan_ip" ] && ipset -! -R <<-EOF - $(echo $lan_ip | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANLIST /") + $(echo $lan_ip | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LAN /") EOF [ -n "$lan_ip6" ] && ipset -! -R <<-EOF - $(echo $lan_ip6 | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANLIST6 /") + $(echo $lan_ip6 | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LAN6 /") EOF } [ -n "$ISP_DNS" ] && { #echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do - ipset -! add $IPSET_LANLIST $ispip + ipset -! add $IPSET_LAN $ispip echolog " - [$?]追加ISP IPv4 DNS到白名单:${ispip}" done } @@ -672,18 +672,18 @@ add_firewall_rule() { [ -n "$ISP_DNS6" ] && { #echolog "处理 ISP IPv6 DNS 例外..." for ispip6 in $ISP_DNS6; do - ipset -! add $IPSET_LANLIST6 $ispip6 + ipset -! add $IPSET_LAN6 $ispip6 echolog " - [$?]追加ISP IPv6 DNS到白名单:${ispip6}" done } - local ipset_global_whitelist="passwall2_global_whitelist" - local ipset_global_whitelist6="passwall2_global_whitelist6" - ipset -! create $ipset_global_whitelist nethash maxelem 1048576 timeout 259200 - ipset -! create $ipset_global_whitelist6 nethash family inet6 maxelem 1048576 timeout 259200 + local ipset_global_white="passwall2_global_white" + local ipset_global_white6="passwall2_global_white6" + ipset -! create $ipset_global_white nethash maxelem 1048576 timeout 259200 + ipset -! create $ipset_global_white6 nethash family inet6 maxelem 1048576 timeout 259200 #分流规则的IP列表(使用分流节点时导入) - gen_shunt_list ${NODE} SHUNT_LIST4 SHUNT_LIST6 ${WRITE_IPSET_DIRECT} ${ipset_global_whitelist} ${ipset_global_whitelist6} + gen_shunt_list ${NODE} SHUNT_LIST4 SHUNT_LIST6 ${WRITE_IPSET_DIRECT} ${ipset_global_white} ${ipset_global_white6} # 过滤所有节点IP filter_vpsip > /dev/null 2>&1 & @@ -700,8 +700,8 @@ add_firewall_rule() { fi $ipt_n -N PSW2 - $ipt_n -A PSW2 $(dst $IPSET_LANLIST) -j RETURN - $ipt_n -A PSW2 $(dst $IPSET_VPSLIST) -j RETURN + $ipt_n -A PSW2 $(dst $IPSET_LAN) -j RETURN + $ipt_n -A PSW2 $(dst $IPSET_VPS) -j RETURN WAN_IP=$(get_wan_ip) [ ! -z "${WAN_IP}" ] && $ipt_n -A PSW2 $(comment "WAN_IP_RETURN") -d "${WAN_IP}" -j RETURN @@ -710,14 +710,14 @@ add_firewall_rule() { [ -z "${is_tproxy}" ] && insert_rule_after "$ipt_n" "PREROUTING" "prerouting_rule" "-p tcp -j PSW2" $ipt_n -N PSW2_OUTPUT - $ipt_n -A PSW2_OUTPUT $(dst $IPSET_LANLIST) -j RETURN - $ipt_n -A PSW2_OUTPUT $(dst $IPSET_VPSLIST) -j RETURN + $ipt_n -A PSW2_OUTPUT $(dst $IPSET_LAN) -j RETURN + $ipt_n -A PSW2_OUTPUT $(dst $IPSET_VPS) -j RETURN $ipt_n -A PSW2_OUTPUT -m mark --mark 0xff -j RETURN $ipt_n -N PSW2_DNS if [ $(config_t_get global dns_redirect "1") = "0" ]; then #Only hijack when dest address is local IP - $ipt_n -I PREROUTING $(dst $IPSET_LOCALLIST) -j PSW2_DNS + $ipt_n -I PREROUTING $(dst $IPSET_LOCAL) -j PSW2_DNS else $ipt_n -I PREROUTING -j PSW2_DNS fi @@ -734,8 +734,8 @@ add_firewall_rule() { $ipt_m -A PSW2_RULE -j CONNMARK --save-mark $ipt_m -N PSW2 - $ipt_m -A PSW2 $(dst $IPSET_LANLIST) -j RETURN - $ipt_m -A PSW2 $(dst $IPSET_VPSLIST) -j RETURN + $ipt_m -A PSW2 $(dst $IPSET_LAN) -j RETURN + $ipt_m -A PSW2 $(dst $IPSET_VPS) -j RETURN [ ! -z "${WAN_IP}" ] && $ipt_m -A PSW2 $(comment "WAN_IP_RETURN") -d "${WAN_IP}" -j RETURN unset WAN_IP @@ -744,8 +744,8 @@ add_firewall_rule() { insert_rule_before "$ipt_m" "PREROUTING" "PSW2" "-p tcp -m socket -j PSW2_DIVERT" $ipt_m -N PSW2_OUTPUT - $ipt_m -A PSW2_OUTPUT $(dst $IPSET_LANLIST) -j RETURN - $ipt_m -A PSW2_OUTPUT $(dst $IPSET_VPSLIST) -j RETURN + $ipt_m -A PSW2_OUTPUT $(dst $IPSET_LAN) -j RETURN + $ipt_m -A PSW2_OUTPUT $(dst $IPSET_VPS) -j RETURN [ -n "$AUTO_DNS" ] && { for auto_dns in $(echo $AUTO_DNS | tr ',' ' '); do local dns_address=$(echo $auto_dns | awk -F '#' '{print $1}') @@ -761,20 +761,20 @@ add_firewall_rule() { [ "$accept_icmpv6" = "1" ] && { $ip6t_n -N PSW2 - $ip6t_n -A PSW2 $(dst $IPSET_LANLIST6) -j RETURN - $ip6t_n -A PSW2 $(dst $IPSET_VPSLIST6) -j RETURN + $ip6t_n -A PSW2 $(dst $IPSET_LAN6) -j RETURN + $ip6t_n -A PSW2 $(dst $IPSET_VPS6) -j RETURN $ip6t_n -A PREROUTING -p ipv6-icmp -j PSW2 $ip6t_n -N PSW2_OUTPUT - $ip6t_n -A PSW2_OUTPUT $(dst $IPSET_LANLIST6) -j RETURN - $ip6t_n -A PSW2_OUTPUT $(dst $IPSET_VPSLIST6) -j RETURN + $ip6t_n -A PSW2_OUTPUT $(dst $IPSET_LAN6) -j RETURN + $ip6t_n -A PSW2_OUTPUT $(dst $IPSET_VPS6) -j RETURN $ip6t_n -A PSW2_OUTPUT -m mark --mark 0xff -j RETURN } $ip6t_n -N PSW2_DNS if [ $(config_t_get global dns_redirect "1") = "0" ]; then #Only hijack when dest address is local IP - $ip6t_n -I PREROUTING $(dst $IPSET_LOCALLIST6) -j PSW2_DNS + $ip6t_n -I PREROUTING $(dst $IPSET_LOCAL6) -j PSW2_DNS else $ip6t_n -I PREROUTING -j PSW2_DNS fi @@ -791,8 +791,8 @@ add_firewall_rule() { $ip6t_m -A PSW2_RULE -j CONNMARK --save-mark $ip6t_m -N PSW2 - $ip6t_m -A PSW2 $(dst $IPSET_LANLIST6) -j RETURN - $ip6t_m -A PSW2 $(dst $IPSET_VPSLIST6) -j RETURN + $ip6t_m -A PSW2 $(dst $IPSET_LAN6) -j RETURN + $ip6t_m -A PSW2 $(dst $IPSET_VPS6) -j RETURN WAN6_IP=$(get_wan6_ip) [ ! -z "${WAN6_IP}" ] && $ip6t_m -A PSW2 $(comment "WAN6_IP_RETURN") -d ${WAN6_IP} -j RETURN @@ -803,8 +803,8 @@ add_firewall_rule() { $ip6t_m -N PSW2_OUTPUT $ip6t_m -A PSW2_OUTPUT -m mark --mark 0xff -j RETURN - $ip6t_m -A PSW2_OUTPUT $(dst $IPSET_LANLIST6) -j RETURN - $ip6t_m -A PSW2_OUTPUT $(dst $IPSET_VPSLIST6) -j RETURN + $ip6t_m -A PSW2_OUTPUT $(dst $IPSET_LAN6) -j RETURN + $ip6t_m -A PSW2_OUTPUT $(dst $IPSET_VPS6) -j RETURN ip -6 rule add fwmark 1 table 100 ip -6 route add local ::/0 dev lo table 100 @@ -841,10 +841,10 @@ add_firewall_rule() { if [ -n "$NODE" ] && ([ "$TCP_LOCALHOST_PROXY" = "1" ] || [ "$UDP_LOCALHOST_PROXY" = "1" ]); then [ -n "$DNS_REDIRECT_PORT" ] && { - $ipt_n -A OUTPUT $(comment "PSW2") -p udp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT - $ip6t_n -A OUTPUT $(comment "PSW2") -p udp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT 2>/dev/null - $ipt_n -A OUTPUT $(comment "PSW2") -p tcp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT - $ip6t_n -A OUTPUT $(comment "PSW2") -p tcp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT 2>/dev/null + $ipt_n -A OUTPUT $(comment "PSW2_DNS") -p udp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT + $ip6t_n -A OUTPUT $(comment "PSW2_DNS") -p udp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT 2>/dev/null + $ipt_n -A OUTPUT $(comment "PSW2_DNS") -p tcp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT + $ip6t_n -A OUTPUT $(comment "PSW2_DNS") -p tcp -o lo --dport 53 -j REDIRECT --to-ports $DNS_REDIRECT_PORT 2>/dev/null } fi diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh index 52aa111ba7..3711b56cfa 100755 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh @@ -3,13 +3,13 @@ DIR="$(cd "$(dirname "$0")" && pwd)" MY_PATH=$DIR/nftables.sh NFTABLE_NAME="inet passwall2" -NFTSET_LOCALLIST="passwall2_locallist" -NFTSET_LANLIST="passwall2_lanlist" -NFTSET_VPSLIST="passwall2_vpslist" +NFTSET_LOCAL="passwall2_local" +NFTSET_LAN="passwall2_lan" +NFTSET_VPS="passwall2_vps" -NFTSET_LOCALLIST6="passwall2_locallist6" -NFTSET_LANLIST6="passwall2_lanlist6" -NFTSET_VPSLIST6="passwall2_vpslist6" +NFTSET_LOCAL6="passwall2_local6" +NFTSET_LAN6="passwall2_lan6" +NFTSET_VPS6="passwall2_vps6" FORCE_INDEX=0 @@ -356,18 +356,18 @@ load_acl() { write_ipset_direct=${write_ipset_direct:-1} [ "${write_ipset_direct}" = "1" ] && { if [ -n "$(get_cache_var "ACL_${sid}_default")" ]; then - local nftset_whitelist=${nftset_global_whitelist} - local nftset_whitelist6=${nftset_global_whitelist6} + local nftset_white=${nftset_global_white} + local nftset_white6=${nftset_global_white6} shunt_list4=${SHUNT_LIST4} shunt_list6=${SHUNT_LIST6} else - local nftset_whitelist="passwall2_${sid}_whitelist" - local nftset_whitelist6="passwall2_${sid}_whitelist6" - gen_nftset $nftset_whitelist ipv4_addr 3d 3d - gen_nftset $nftset_whitelist6 ipv6_addr 3d 3d + local nftset_white="passwall2_${sid}_white" + local nftset_white6="passwall2_${sid}_white6" + gen_nftset $nftset_white ipv4_addr 3d 3d + gen_nftset $nftset_white6 ipv6_addr 3d 3d #分流规则的IP列表(使用分流节点时导入) - gen_shunt_list ${node} shunt_list4 shunt_list6 ${write_ipset_direct} ${nftset_whitelist} ${nftset_whitelist6} + gen_shunt_list ${node} shunt_list4 shunt_list6 ${write_ipset_direct} ${nftset_white} ${nftset_white6} fi } @@ -616,25 +616,25 @@ load_acl() { filter_haproxy() { for item in $(uci show $CONFIG | grep ".lbss=" | cut -d "'" -f 2); do local ip=$(get_host_ip ipv4 $(echo $item | awk -F ":" '{print $1}') 1) - [ -n "$ip" ] && insert_nftset $NFTSET_VPSLIST "-1" $ip + [ -n "$ip" ] && insert_nftset $NFTSET_VPS "-1" $ip done - echolog "加入负载均衡的节点到nftset[$NFTSET_VPSLIST]直连完成" + echolog "加入负载均衡的节点到nftset[$NFTSET_VPS]直连完成" } filter_vps_addr() { for server_host in $@; do local vps_ip4=$(get_host_ip "ipv4" ${server_host}) local vps_ip6=$(get_host_ip "ipv6" ${server_host}) - [ -n "$vps_ip4" ] && insert_nftset $NFTSET_VPSLIST "-1" $vps_ip4 - [ -n "$vps_ip6" ] && insert_nftset $NFTSET_VPSLIST6 "-1" $vps_ip6 + [ -n "$vps_ip4" ] && insert_nftset $NFTSET_VPS "-1" $vps_ip4 + [ -n "$vps_ip6" ] && insert_nftset $NFTSET_VPS6 "-1" $vps_ip6 done } filter_vpsip() { - insert_nftset $NFTSET_VPSLIST "-1" $(uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | grep -v "^127\.0\.0\.1$" | sed -e "/^$/d") - echolog " - [$?]加入所有IPv4节点到nftset[$NFTSET_VPSLIST]直连完成" - insert_nftset $NFTSET_VPSLIST6 "-1" $(uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d") - echolog " - [$?]加入所有IPv6节点到nftset[$NFTSET_VPSLIST6]直连完成" + insert_nftset $NFTSET_VPS "-1" $(uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | grep -v "^127\.0\.0\.1$" | sed -e "/^$/d") + echolog " - [$?]加入所有IPv4节点到nftset[$NFTSET_VPS]直连完成" + insert_nftset $NFTSET_VPS6 "-1" $(uci show $CONFIG | grep -E "(.address=|.download_address=)" | cut -d "'" -f 2 | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d") + echolog " - [$?]加入所有IPv6节点到nftset[$NFTSET_VPS6]直连完成" } filter_server_port() { @@ -682,16 +682,16 @@ filter_direct_node_list() { add_firewall_rule() { echolog "开始加载防火墙规则..." gen_nft_tables - gen_nftset $NFTSET_LOCALLIST ipv4_addr 0 "-1" - gen_nftset $NFTSET_LANLIST ipv4_addr 0 "-1" $(gen_lanlist) - gen_nftset $NFTSET_VPSLIST ipv4_addr 0 0 + gen_nftset $NFTSET_LOCAL ipv4_addr 0 "-1" + gen_nftset $NFTSET_LAN ipv4_addr 0 "-1" $(gen_lanlist) + gen_nftset $NFTSET_VPS ipv4_addr 0 0 - gen_nftset $NFTSET_LOCALLIST6 ipv6_addr 0 "-1" - gen_nftset $NFTSET_LANLIST6 ipv6_addr 0 "-1" $(gen_lanlist_6) - gen_nftset $NFTSET_VPSLIST6 ipv6_addr 0 0 + gen_nftset $NFTSET_LOCAL6 ipv6_addr 0 "-1" + gen_nftset $NFTSET_LAN6 ipv6_addr 0 "-1" $(gen_lanlist_6) + gen_nftset $NFTSET_VPS6 ipv6_addr 0 0 - insert_nftset $NFTSET_LOCALLIST "-1" $(ip address show | grep -w "inet" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/ /\n/g") - insert_nftset $NFTSET_LOCALLIST6 "-1" $(ip address show | grep -w "inet6" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/ /\n/g") + insert_nftset $NFTSET_LOCAL "-1" $(ip address show | grep -w "inet" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/ /\n/g") + insert_nftset $NFTSET_LOCAL6 "-1" $(ip address show | grep -w "inet6" | awk '{print $2}' | awk -F '/' '{print $1}' | sed -e "s/ /\n/g") # 忽略特殊IP段 local lan_ifname lan_ip @@ -702,14 +702,14 @@ add_firewall_rule() { #echolog "本机IPv4网段互访直连:${lan_ip}" #echolog "本机IPv6网段互访直连:${lan_ip6}" - [ -n "$lan_ip" ] && insert_nftset $NFTSET_LANLIST "-1" $(echo $lan_ip | sed -e "s/ /\n/g") - [ -n "$lan_ip6" ] && insert_nftset $NFTSET_LANLIST6 "-1" $(echo $lan_ip6 | sed -e "s/ /\n/g") + [ -n "$lan_ip" ] && insert_nftset $NFTSET_LAN "-1" $(echo $lan_ip | sed -e "s/ /\n/g") + [ -n "$lan_ip6" ] && insert_nftset $NFTSET_LAN6 "-1" $(echo $lan_ip6 | sed -e "s/ /\n/g") } [ -n "$ISP_DNS" ] && { #echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do - insert_nftset $NFTSET_LANLIST "-1" $ispip + insert_nftset $NFTSET_LAN "-1" $ispip echolog " - [$?]追加ISP IPv4 DNS到白名单:${ispip}" done } @@ -717,18 +717,18 @@ add_firewall_rule() { [ -n "$ISP_DNS6" ] && { #echolog "处理 ISP IPv6 DNS 例外..." for ispip6 in $ISP_DNS6; do - insert_nftset $NFTSET_LANLIST6 "-1" $ispip6 + insert_nftset $NFTSET_LAN6 "-1" $ispip6 echolog " - [$?]追加ISP IPv6 DNS到白名单:${ispip6}" done } - local nftset_global_whitelist="passwall2_global_whitelist" - local nftset_global_whitelist6="passwall2_global_whitelist6" - gen_nftset $nftset_global_whitelist ipv4_addr 0 0 - gen_nftset $nftset_global_whitelist6 ipv6_addr 0 0 + local nftset_global_white="passwall2_global_white" + local nftset_global_white6="passwall2_global_white6" + gen_nftset $nftset_global_white ipv4_addr 0 0 + gen_nftset $nftset_global_white6 ipv6_addr 0 0 #分流规则的IP列表(使用分流节点时导入) - gen_shunt_list ${NODE} SHUNT_LIST4 SHUNT_LIST6 ${WRITE_IPSET_DIRECT} ${nftset_global_whitelist} ${nftset_global_whitelist6} + gen_shunt_list ${NODE} SHUNT_LIST4 SHUNT_LIST6 ${WRITE_IPSET_DIRECT} ${nftset_global_white} ${nftset_global_white6} # 过滤所有节点IP filter_vpsip > /dev/null 2>&1 & @@ -759,8 +759,8 @@ add_firewall_rule() { nft "flush chain $NFTABLE_NAME PSW2_DNS" if [ $(config_t_get global dns_redirect "1") = "0" ]; then #Only hijack when dest address is local IP - nft "insert rule $NFTABLE_NAME dstnat ip daddr @${NFTSET_LOCALLIST} jump PSW2_DNS" - nft "insert rule $NFTABLE_NAME dstnat ip6 daddr @${NFTSET_LOCALLIST6} jump PSW2_DNS" + nft "insert rule $NFTABLE_NAME dstnat ip daddr @${NFTSET_LOCAL} jump PSW2_DNS" + nft "insert rule $NFTABLE_NAME dstnat ip6 daddr @${NFTSET_LOCAL6} jump PSW2_DNS" else nft "insert rule $NFTABLE_NAME dstnat jump PSW2_DNS" fi @@ -777,13 +777,13 @@ add_firewall_rule() { #ipv4 tproxy mode and udp nft "add chain $NFTABLE_NAME PSW2_MANGLE" nft "flush chain $NFTABLE_NAME PSW2_MANGLE" - nft "add rule $NFTABLE_NAME PSW2_MANGLE ip daddr @$NFTSET_LANLIST counter return" - nft "add rule $NFTABLE_NAME PSW2_MANGLE ip daddr @$NFTSET_VPSLIST counter return" + nft "add rule $NFTABLE_NAME PSW2_MANGLE ip daddr @$NFTSET_LAN counter return" + nft "add rule $NFTABLE_NAME PSW2_MANGLE ip daddr @$NFTSET_VPS counter return" nft "add chain $NFTABLE_NAME PSW2_OUTPUT_MANGLE" nft "flush chain $NFTABLE_NAME PSW2_OUTPUT_MANGLE" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE ip daddr @$NFTSET_LANLIST counter return" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE ip daddr @$NFTSET_VPSLIST counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE ip daddr @$NFTSET_LAN counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE ip daddr @$NFTSET_VPS counter return" [ -n "$AUTO_DNS" ] && { for auto_dns in $(echo $AUTO_DNS | tr ',' ' '); do local dns_address=$(echo $auto_dns | awk -F '#' '{print $1}') @@ -803,14 +803,14 @@ add_firewall_rule() { [ -z "${is_tproxy}" ] && { nft "add chain $NFTABLE_NAME PSW2_NAT" nft "flush chain $NFTABLE_NAME PSW2_NAT" - nft "add rule $NFTABLE_NAME PSW2_NAT ip daddr @$NFTSET_LANLIST counter return" - nft "add rule $NFTABLE_NAME PSW2_NAT ip daddr @$NFTSET_VPSLIST counter return" + nft "add rule $NFTABLE_NAME PSW2_NAT ip daddr @$NFTSET_LAN counter return" + nft "add rule $NFTABLE_NAME PSW2_NAT ip daddr @$NFTSET_VPS counter return" nft "add rule $NFTABLE_NAME dstnat ip protocol tcp counter jump PSW2_NAT" nft "add chain $NFTABLE_NAME PSW2_OUTPUT_NAT" nft "flush chain $NFTABLE_NAME PSW2_OUTPUT_NAT" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_NAT ip daddr @$NFTSET_LANLIST counter return" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_NAT ip daddr @$NFTSET_VPSLIST counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_NAT ip daddr @$NFTSET_LAN counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_NAT ip daddr @$NFTSET_VPS counter return" nft "add rule $NFTABLE_NAME PSW2_OUTPUT_NAT meta mark 0xff counter return" } @@ -818,12 +818,12 @@ add_firewall_rule() { if [ "$accept_icmp" = "1" ]; then nft "add chain $NFTABLE_NAME PSW2_ICMP_REDIRECT" nft "flush chain $NFTABLE_NAME PSW2_ICMP_REDIRECT" - nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip daddr @$NFTSET_LANLIST counter return" - nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip daddr @$NFTSET_VPSLIST counter return" + nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip daddr @$NFTSET_LAN counter return" + nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip daddr @$NFTSET_VPS counter return" [ "$accept_icmpv6" = "1" ] && { - nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_LANLIST6 counter return" - nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_VPSLIST6 counter return" + nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_LAN6 counter return" + nft "add rule $NFTABLE_NAME PSW2_ICMP_REDIRECT ip6 daddr @$NFTSET_VPS6 counter return" } nft "add rule $NFTABLE_NAME dstnat meta l4proto {icmp,icmpv6} counter jump PSW2_ICMP_REDIRECT" @@ -843,13 +843,13 @@ add_firewall_rule() { #ipv6 tproxy mode and udp nft "add chain $NFTABLE_NAME PSW2_MANGLE_V6" nft "flush chain $NFTABLE_NAME PSW2_MANGLE_V6" - nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 ip6 daddr @$NFTSET_LANLIST6 counter return" - nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 ip6 daddr @$NFTSET_VPSLIST6 counter return" + nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 ip6 daddr @$NFTSET_LAN6 counter return" + nft "add rule $NFTABLE_NAME PSW2_MANGLE_V6 ip6 daddr @$NFTSET_VPS6 counter return" nft "add chain $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6" nft "flush chain $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 ip6 daddr @$NFTSET_LANLIST6 counter return" - nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 ip6 daddr @$NFTSET_VPSLIST6 counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 ip6 daddr @$NFTSET_LAN6 counter return" + nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 ip6 daddr @$NFTSET_VPS6 counter return" nft "add rule $NFTABLE_NAME PSW2_OUTPUT_MANGLE_V6 meta mark 0xff counter return" # jump chains @@ -894,10 +894,10 @@ add_firewall_rule() { if [ -n "$NODE" ] && ([ "$TCP_LOCALHOST_PROXY" = "1" ] || [ "$UDP_LOCALHOST_PROXY" = "1" ]); then [ -n "$DNS_REDIRECT_PORT" ] && { - nft "add rule $NFTABLE_NAME nat_output ip protocol udp oif lo udp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2\"" - nft "add rule $NFTABLE_NAME nat_output ip protocol tcp oif lo tcp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2\"" - nft "add rule $NFTABLE_NAME nat_output meta l4proto udp oif lo udp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2\"" - nft "add rule $NFTABLE_NAME nat_output meta l4proto tcp oif lo tcp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2\"" + nft "add rule $NFTABLE_NAME nat_output ip protocol udp oif lo udp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2_DNS\"" + nft "add rule $NFTABLE_NAME nat_output ip protocol tcp oif lo tcp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2_DNS\"" + nft "add rule $NFTABLE_NAME nat_output meta l4proto udp oif lo udp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2_DNS\"" + nft "add rule $NFTABLE_NAME nat_output meta l4proto tcp oif lo tcp dport 53 counter redirect to :$DNS_REDIRECT_PORT comment \"PSW2_DNS\"" } fi @@ -1012,13 +1012,13 @@ del_firewall_rule() { ip -6 rule del fwmark 1 table 100 2>/dev/null ip -6 route del local ::/0 dev lo table 100 2>/dev/null - destroy_nftset $NFTSET_LOCALLIST - destroy_nftset $NFTSET_LANLIST - destroy_nftset $NFTSET_VPSLIST + destroy_nftset $NFTSET_LOCAL + destroy_nftset $NFTSET_LAN + destroy_nftset $NFTSET_VPS - destroy_nftset $NFTSET_LOCALLIST6 - destroy_nftset $NFTSET_LANLIST6 - destroy_nftset $NFTSET_VPSLIST6 + destroy_nftset $NFTSET_LOCAL6 + destroy_nftset $NFTSET_LAN6 + destroy_nftset $NFTSET_VPS6 $DIR/app.sh echolog "删除nftables防火墙规则完成。" } diff --git a/shadowsocks-rust/.github/workflows/build-and-test.yml b/shadowsocks-rust/.github/workflows/build-and-test.yml index 01699cbb9e..37c7de00c8 100644 --- a/shadowsocks-rust/.github/workflows/build-and-test.yml +++ b/shadowsocks-rust/.github/workflows/build-and-test.yml @@ -21,6 +21,9 @@ jobs: runs-on: ${{ matrix.platform }} steps: + - if: ${{ matrix.platform == 'ubuntu-latest' }} + name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - if: ${{ runner.os == 'Windows' }} diff --git a/shadowsocks-rust/Cargo.lock b/shadowsocks-rust/Cargo.lock index e1e2bac60b..e80ef1aba1 100644 --- a/shadowsocks-rust/Cargo.lock +++ b/shadowsocks-rust/Cargo.lock @@ -926,9 +926,9 @@ dependencies = [ [[package]] name = "env_logger" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e13fa619b91fb2381732789fc5de83b45675e882f66623b7d8cb4f643017018d" +checksum = "dcaee3d8e3cfc3fd92428d477bc97fc29ec8716d180c0d74c643bb26166660e0" dependencies = [ "anstream", "anstyle", @@ -1880,7 +1880,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" dependencies = [ "cfg-if", - "windows-targets 0.48.5", + "windows-targets 0.52.6", ] [[package]] @@ -3873,9 +3873,9 @@ checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" [[package]] name = "tun" -version = "0.7.5" +version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3c3f82bccbec181c56278683da7d915cf875a6cf8a450b3bcf1367de222775e" +checksum = "ba298d04c774b3c463237ccd60e33ad2ac5c0de5cb58cede79cdb3059d019a82" dependencies = [ "bytes", "cfg-if", diff --git a/sing-box/.github/workflows/build.yml b/sing-box/.github/workflows/build.yml index c37179ee6d..89ae06dd66 100644 --- a/sing-box/.github/workflows/build.yml +++ b/sing-box/.github/workflows/build.yml @@ -170,7 +170,8 @@ jobs: echo "HOME=$HOME" >> "$GITHUB_ENV" - name: Set tag run: |- - git tag v${{ needs.calculate_version.outputs.version }} + git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" + git tag v${{ needs.calculate_version.outputs.version }} -f - name: Build if: matrix.goos != 'android' run: |- @@ -230,7 +231,8 @@ jobs: /usr/lib/jvm/java-17-openjdk-amd64/bin/java --version - name: Set tag run: |- - git tag v${{ needs.calculate_version.outputs.version }} + git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" + git tag v${{ needs.calculate_version.outputs.version }} -f - name: Build library run: |- make lib_install @@ -254,7 +256,8 @@ jobs: with: path: ~/.gradle key: gradle-${{ hashFiles('**/*.gradle') }} - - name: Build + - name: Build release + if: github.event_name == 'workflow_dispatch' run: |- go run -v ./cmd/internal/update_android_version --ci mkdir clients/android/app/libs @@ -265,18 +268,45 @@ jobs: JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }} LOCAL_PROPERTIES: ${{ secrets.LOCAL_PROPERTIES }} - - name: Prepare upload + - name: Build debug + if: github.event_name != 'workflow_dispatch' + run: |- + go run -v ./cmd/internal/update_android_version --ci + mkdir clients/android/app/libs + cp libbox.aar clients/android/app/libs + cd clients/android + ./gradlew :app:assemblePlayRelease + env: + JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 + ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }} + LOCAL_PROPERTIES: ${{ secrets.LOCAL_PROPERTIES }} + - name: Prepare release upload if: github.event_name == 'workflow_dispatch' run: |- mkdir -p dist/release cp clients/android/app/build/outputs/apk/play/release/*.apk dist/release cp clients/android/app/build/outputs/apk/other/release/*-universal.apk dist/release + - name: Prepare debug upload + if: github.event_name != 'workflow_dispatch' + run: |- + mkdir -p dist/release + cp clients/android/app/build/outputs/apk/play/release/*.apk dist/release - name: Upload artifact if: github.event_name == 'workflow_dispatch' uses: actions/upload-artifact@v4 with: name: binary-android-apks path: 'dist' + - name: Upload debug apk (arm64-v8a) + if: github.event_name != 'workflow_dispatch' + uses: actions/upload-artifact@v4 + with: + path: 'dist/release/*-arm64-v8a.apk' + - name: Upload debug apk (universal) + if: github.event_name != 'workflow_dispatch' + uses: actions/upload-artifact@v4 + with: + path: 'dist/release/*-universal.apk' publish_android: name: Publish Android if: github.event_name == 'workflow_dispatch' && inputs.build == 'publish-android' @@ -304,7 +334,8 @@ jobs: /usr/lib/jvm/java-17-openjdk-amd64/bin/java --version - name: Set tag run: |- - git tag v${{ needs.calculate_version.outputs.version }} + git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" + git tag v${{ needs.calculate_version.outputs.version }} -f - name: Build library run: |- make lib_install @@ -401,7 +432,8 @@ jobs: - name: Set tag if: matrix.if run: |- - git tag v${{ needs.calculate_version.outputs.version }} + git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" + git tag v${{ needs.calculate_version.outputs.version }} -f echo "VERSION=${{ needs.calculate_version.outputs.version }}" >> "$GITHUB_ENV" - name: Checkout main branch if: matrix.if && github.ref == 'refs/heads/main-next' && github.event_name != 'workflow_dispatch' @@ -562,7 +594,8 @@ jobs: go install -v . - name: Set tag run: |- - git tag v${{ needs.calculate_version.outputs.version }} + git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" + git tag v${{ needs.calculate_version.outputs.version }} -f echo "VERSION=${{ needs.calculate_version.outputs.version }}" >> "$GITHUB_ENV" - name: Download builds uses: actions/download-artifact@v4 @@ -579,8 +612,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - name: Upload builds + if: ${{ env.PUBLISHED == 'false' }} run: |- export PATH="$PATH:$HOME/go/bin" ghr --replace --draft --prerelease -p 5 "v${VERSION}" dist/release env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Replace builds + if: ${{ env.PUBLISHED != 'false' }} + run: |- + export PATH="$PATH:$HOME/go/bin" + ghr --replace -p 5 "v${VERSION}" dist/release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/sing-box/adapter/network.go b/sing-box/adapter/network.go index 00ef54b8c0..22816f07ac 100644 --- a/sing-box/adapter/network.go +++ b/sing-box/adapter/network.go @@ -51,4 +51,5 @@ type NetworkInterface struct { DNSServers []string Expensive bool Constrained bool + RawNetwork any } diff --git a/sing-box/clients/android/app/build.gradle b/sing-box/clients/android/app/build.gradle index acfa36b5d6..5b294b712c 100644 --- a/sing-box/clients/android/app/build.gradle +++ b/sing-box/clients/android/app/build.gradle @@ -100,15 +100,15 @@ dependencies { implementation "androidx.constraintlayout:constraintlayout:2.2.0" implementation "androidx.lifecycle:lifecycle-livedata-ktx:2.8.7" implementation "androidx.lifecycle:lifecycle-viewmodel-ktx:2.8.7" - implementation "androidx.navigation:navigation-fragment-ktx:2.8.4" - implementation "androidx.navigation:navigation-ui-ktx:2.8.4" + implementation "androidx.navigation:navigation-fragment-ktx:2.8.5" + implementation "androidx.navigation:navigation-ui-ktx:2.8.5" implementation "com.google.zxing:core:3.5.3" implementation "androidx.room:room-runtime:2.6.1" implementation "androidx.coordinatorlayout:coordinatorlayout:1.2.0" implementation "androidx.preference:preference-ktx:1.2.1" - implementation "androidx.camera:camera-view:1.4.0" - implementation "androidx.camera:camera-lifecycle:1.4.0" - implementation "androidx.camera:camera-camera2:1.4.0" + implementation "androidx.camera:camera-view:1.4.1" + implementation "androidx.camera:camera-lifecycle:1.4.1" + implementation "androidx.camera:camera-camera2:1.4.1" ksp "androidx.room:room-compiler:2.6.1" implementation "androidx.work:work-runtime-ktx:2.10.0" implementation "androidx.browser:browser:1.8.0" diff --git a/sing-box/clients/android/version.properties b/sing-box/clients/android/version.properties index 2911da5812..7511c22c9a 100644 --- a/sing-box/clients/android/version.properties +++ b/sing-box/clients/android/version.properties @@ -1,3 +1,3 @@ -VERSION_CODE=443 -VERSION_NAME=1.10.4 +VERSION_CODE=447 +VERSION_NAME=1.10.5 GO_VERSION=go1.23.4 diff --git a/sing-box/clients/apple/sing-box.xcodeproj/project.pbxproj b/sing-box/clients/apple/sing-box.xcodeproj/project.pbxproj index 824f47fd24..9647bfdf05 100644 --- a/sing-box/clients/apple/sing-box.xcodeproj/project.pbxproj +++ b/sing-box/clients/apple/sing-box.xcodeproj/project.pbxproj @@ -2167,7 +2167,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; SDKROOT = appletvos; @@ -2202,7 +2202,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; SDKROOT = appletvos; @@ -2507,7 +2507,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; OTHER_CODE_SIGN_FLAGS = "--deep"; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; @@ -2549,7 +2549,7 @@ "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; OTHER_CODE_SIGN_FLAGS = "--deep"; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; @@ -2572,7 +2572,7 @@ CODE_SIGN_IDENTITY = "Apple Development"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 291; + CURRENT_PROJECT_VERSION = 297; DEAD_CODE_STRIPPING = YES; DEVELOPMENT_TEAM = 287TTNZF8L; ENABLE_HARDENED_RUNTIME = YES; @@ -2590,7 +2590,7 @@ "@executable_path/../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; OTHER_CODE_SIGN_FLAGS = ""; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; @@ -2612,7 +2612,7 @@ CODE_SIGN_IDENTITY = "Apple Development"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 291; + CURRENT_PROJECT_VERSION = 297; DEAD_CODE_STRIPPING = YES; DEVELOPMENT_TEAM = 287TTNZF8L; ENABLE_HARDENED_RUNTIME = YES; @@ -2630,7 +2630,7 @@ "@executable_path/../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; OTHER_CODE_SIGN_FLAGS = ""; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt; PRODUCT_NAME = "sing-box"; @@ -2758,7 +2758,7 @@ "@executable_path/../../../../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt.system; PRODUCT_NAME = "$(inherited)"; PROVISIONING_PROFILE_SPECIFIER = ""; @@ -2794,7 +2794,7 @@ "@executable_path/../../../../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt.system; PRODUCT_NAME = "$(inherited)"; PROVISIONING_PROFILE_SPECIFIER = ""; @@ -2836,7 +2836,7 @@ "@executable_path/../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt.standalone; PRODUCT_NAME = SFM; PROVISIONING_PROFILE_SPECIFIER = ""; @@ -2877,7 +2877,7 @@ "@executable_path/../Frameworks", ); MACOSX_DEPLOYMENT_TARGET = 13.0; - MARKETING_VERSION = 1.10.4; + MARKETING_VERSION = 1.10.5; PRODUCT_BUNDLE_IDENTIFIER = io.nekohasekai.sfavt.standalone; PRODUCT_NAME = SFM; PROVISIONING_PROFILE_SPECIFIER = ""; diff --git a/sing-box/cmd/internal/app_store_connect/main.go b/sing-box/cmd/internal/app_store_connect/main.go index 1fe347424b..ef00673835 100644 --- a/sing-box/cmd/internal/app_store_connect/main.go +++ b/sing-box/cmd/internal/app_store_connect/main.go @@ -359,7 +359,7 @@ func prepareAppStore(ctx context.Context) error { if localization.ID == "" { log.Info(string(platform), " ", tag, " no en-US localization found") } - if localization.Attributes.WhatsNew == nil && *localization.Attributes.WhatsNew == "" { + if localization.Attributes == nil || localization.Attributes.WhatsNew == nil || *localization.Attributes.WhatsNew == "" { log.Info(string(platform), " ", tag, " update localization") _, _, err = client.Apps.UpdateAppStoreVersionLocalization(ctx, localization.ID, &asc.AppStoreVersionLocalizationUpdateRequestAttributes{ PromotionalText: common.Ptr("Yet another distribution for sing-box, the universal proxy platform."), @@ -378,16 +378,14 @@ func prepareAppStore(ctx context.Context) error { case http.StatusInternalServerError: continue default: - response.Write(os.Stderr) - log.Info(string(platform), " ", tag, " unexpected response: ", response.Status) + return err } } switch response.StatusCode { case http.StatusCreated: break fixSubmit default: - response.Write(os.Stderr) - log.Info(string(platform), " ", tag, " unexpected response: ", response.Status) + return err } } } diff --git a/sing-box/docs/changelog.md b/sing-box/docs/changelog.md index 21caf556f8..293539c308 100644 --- a/sing-box/docs/changelog.md +++ b/sing-box/docs/changelog.md @@ -7,7 +7,7 @@ icon: material/alert-decagram * Add `rule-set merge` command * Fixes and improvements -### 1.10.4 +### 1.10.5 * Fixes and improvements diff --git a/sing-box/experimental/libbox/config.go b/sing-box/experimental/libbox/config.go index 159fd8f6a0..b27d34abfd 100644 --- a/sing-box/experimental/libbox/config.go +++ b/sing-box/experimental/libbox/config.go @@ -78,6 +78,10 @@ func (s *platformInterfaceStub) Interfaces() ([]adapter.NetworkInterface, error) return nil, os.ErrInvalid } +func (s *platformInterfaceStub) SetUnderlyingNetworks(networks []adapter.NetworkInterface) error { + return os.ErrInvalid +} + func (s *platformInterfaceStub) UnderNetworkExtension() bool { return false } diff --git a/sing-box/experimental/libbox/platform.go b/sing-box/experimental/libbox/platform.go index d5951cd38f..9b7423ad1d 100644 --- a/sing-box/experimental/libbox/platform.go +++ b/sing-box/experimental/libbox/platform.go @@ -17,6 +17,7 @@ type PlatformInterface interface { StartDefaultInterfaceMonitor(listener InterfaceUpdateListener) error CloseDefaultInterfaceMonitor(listener InterfaceUpdateListener) error GetInterfaces() (NetworkInterfaceIterator, error) + SetUnderlyingNetworks(networks RawNetworkIterator) error UnderNetworkExtension() bool IncludeAllNetworks() bool ReadWIFIState() *WIFIState @@ -50,6 +51,8 @@ type NetworkInterface struct { Type int32 DNSServer StringIterator Metered bool + + RawNetwork RawNetwork } type WIFIState struct { @@ -66,6 +69,11 @@ type NetworkInterfaceIterator interface { HasNext() bool } +type RawNetworkIterator interface { + Next() RawNetwork + HasNext() bool +} + type Notification struct { Identifier string TypeName string diff --git a/sing-box/experimental/libbox/platform/interface.go b/sing-box/experimental/libbox/platform/interface.go index ef37daea22..23849a3b83 100644 --- a/sing-box/experimental/libbox/platform/interface.go +++ b/sing-box/experimental/libbox/platform/interface.go @@ -15,6 +15,7 @@ type Interface interface { OpenTun(options *tun.Options, platformOptions option.TunPlatformOptions) (tun.Tun, error) CreateDefaultInterfaceMonitor(logger logger.Logger) tun.DefaultInterfaceMonitor Interfaces() ([]adapter.NetworkInterface, error) + SetUnderlyingNetworks(networks []adapter.NetworkInterface) error UnderNetworkExtension() bool IncludeAllNetworks() bool ClearDNSCache() diff --git a/sing-box/experimental/libbox/raw_network_android.go b/sing-box/experimental/libbox/raw_network_android.go new file mode 100644 index 0000000000..b8d38aaa9a --- /dev/null +++ b/sing-box/experimental/libbox/raw_network_android.go @@ -0,0 +1,3 @@ +package libbox + +type RawNetwork interface{} diff --git a/sing-box/experimental/libbox/raw_network_stub.go b/sing-box/experimental/libbox/raw_network_stub.go new file mode 100644 index 0000000000..6e23135c04 --- /dev/null +++ b/sing-box/experimental/libbox/raw_network_stub.go @@ -0,0 +1,7 @@ +//go:build !android + +package libbox + +type RawNetwork interface { + stub() +} diff --git a/sing-box/experimental/libbox/service.go b/sing-box/experimental/libbox/service.go index 2156beefcb..34c3af924a 100644 --- a/sing-box/experimental/libbox/service.go +++ b/sing-box/experimental/libbox/service.go @@ -206,11 +206,18 @@ func (w *platformInterfaceWrapper) Interfaces() ([]adapter.NetworkInterface, err DNSServers: iteratorToArray[string](netInterface.DNSServer), Expensive: netInterface.Metered || isDefault && w.isExpensive, Constrained: isDefault && w.isConstrained, + RawNetwork: netInterface.RawNetwork, }) } return interfaces, nil } +func (w *platformInterfaceWrapper) SetUnderlyingNetworks(networks []adapter.NetworkInterface) error { + return w.iif.SetUnderlyingNetworks(newIterator(common.Map(networks, func(it adapter.NetworkInterface) RawNetwork { + return it.RawNetwork.(RawNetwork) + }))) +} + func (w *platformInterfaceWrapper) UnderNetworkExtension() bool { return w.iif.UnderNetworkExtension() } diff --git a/sing-box/route/network.go b/sing-box/route/network.go index d82701feca..875b6e9326 100644 --- a/sing-box/route/network.go +++ b/sing-box/route/network.go @@ -240,6 +240,9 @@ func (r *NetworkManager) UpdateInterfaces() error { newInterfaces := common.Filter(interfaces, func(it adapter.NetworkInterface) bool { return it.Flags&net.FlagUp != 0 }) + for _, networkInterface := range newInterfaces { + networkInterface.RawNetwork = nil + } r.networkInterfaces.Store(newInterfaces) if len(newInterfaces) > 0 && !slices.EqualFunc(oldInterfaces, newInterfaces, func(oldInterface adapter.NetworkInterface, newInterface adapter.NetworkInterface) bool { return oldInterface.Interface.Index == newInterface.Interface.Index && @@ -260,6 +263,15 @@ func (r *NetworkManager) UpdateInterfaces() error { } return F.ToString(it.Name, " (", strings.Join(options, ", "), ")") }), ", ")) + if C.IsAndroid { + err = r.platformInterface.SetUnderlyingNetworks(newInterfaces) + if err != nil { + r.logger.Error("set underlying networks: ", err) + } + } + } + for _, networkInterface := range interfaces { + networkInterface.RawNetwork = nil } return nil } diff --git a/small/luci-app-passwall/luasrc/controller/passwall.lua b/small/luci-app-passwall/luasrc/controller/passwall.lua index 6851861399..ae0617a663 100644 --- a/small/luci-app-passwall/luasrc/controller/passwall.lua +++ b/small/luci-app-passwall/luasrc/controller/passwall.lua @@ -8,6 +8,7 @@ local uci = luci.model.uci.cursor() -- in funtion index() local http = require "luci.http" local util = require "luci.util" local i18n = require "luci.i18n" +local fs = require "nixio.fs" function index() if not nixio.fs.access("/etc/config/passwall") then @@ -46,7 +47,7 @@ function index() entry({"admin", "services", appname, "socks_config"}, cbi(appname .. "/client/socks_config")).leaf = true entry({"admin", "services", appname, "acl"}, cbi(appname .. "/client/acl"), _("Access control"), 98).leaf = true entry({"admin", "services", appname, "acl_config"}, cbi(appname .. "/client/acl_config")).leaf = true - entry({"admin", "services", appname, "log"}, form(appname .. "/client/log"), _("Watch Logs"), 999).leaf = true + entry({"admin", "services", appname, "log"}, form(appname .. "/client/log"), _("Log Maint"), 999).leaf = true --[[ Server ]] entry({"admin", "services", appname, "server"}, cbi(appname .. "/server/index"), _("Server-Side"), 99).leaf = true @@ -90,6 +91,9 @@ function index() entry({"admin", "services", appname, "check_" .. com}, call("com_check", com)).leaf = true entry({"admin", "services", appname, "update_" .. com}, call("com_update", com)).leaf = true end + + --[[Backup]] + entry({"admin", "services", appname, "backup"}, call("create_backup")).leaf = true end local function http_write_json(content) @@ -500,9 +504,29 @@ function read_rulelist(list) else rule_path = "/usr/share/passwall/rules/chnroute" end - if api.fs.access(rule_path) then - luci.http.prepare_content("text/plain") - luci.http.write(api.fs.readfile(rule_path)) + if fs.access(rule_path) then + http.prepare_content("text/plain") + http.write(fs.readfile(rule_path)) end end +function create_backup() + local backup_files = { + "/etc/config/passwall", + "/etc/config/passwall_server", + "/usr/share/passwall/rules/block_host", + "/usr/share/passwall/rules/block_ip", + "/usr/share/passwall/rules/direct_host", + "/usr/share/passwall/rules/direct_ip", + "/usr/share/passwall/rules/proxy_host", + "/usr/share/passwall/rules/proxy_ip" + } + local tar_file = "/tmp/passwall-backup.tar.gz" + fs.remove(tar_file) + local cmd = "tar -czf " .. tar_file .. " " .. table.concat(backup_files, " ") + api.sys.call(cmd) + http.header("Content-Disposition", "attachment; filename=passwall-backup.tar.gz") + http.prepare_content("application/octet-stream") + http.write(fs.readfile(tar_file)) + fs.remove(tar_file) +end diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua index 958ff0aa6f..9b0cdb3c37 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua @@ -143,12 +143,16 @@ if (has_singbox or has_xray) and #nodes_table > 0 then end local function get_write(shunt_node_id, option) return function(self, section, value) - m:set(shunt_node_id, option, value) + if s.fields["tcp_node"]:formvalue(section) == shunt_node_id then + m:set(shunt_node_id, option, value) + end end end local function get_remove(shunt_node_id, option) return function(self, section) - m:del(shunt_node_id, option) + if s.fields["tcp_node"]:formvalue(section) == shunt_node_id then + m:del(shunt_node_id, option) + end end end if #normal_list > 0 then diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua index ef8c9be0bd..8abea56c89 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/log.lua @@ -1,8 +1,72 @@ local api = require "luci.passwall.api" +local http = require "luci.http" local appname = "passwall" +local fs = api.fs +local sys = api.sys f = SimpleForm(appname) f.reset = false f.submit = false f:append(Template(appname .. "/log/log")) -return f + +fb = SimpleForm('backup-restore') +fb.reset = false +fb.submit = false +s = fb:section(SimpleSection, translate("Backup and Restore"), translate("Backup or Restore Client and Server Configurations.")) +o = s:option(DummyValue, '', nil) +o.template = appname .. "/log/backup_restore" + + +local backup_files = { + "/etc/config/passwall", + "/etc/config/passwall_server", + "/usr/share/passwall/rules/block_host", + "/usr/share/passwall/rules/block_ip", + "/usr/share/passwall/rules/direct_host", + "/usr/share/passwall/rules/direct_ip", + "/usr/share/passwall/rules/proxy_host", + "/usr/share/passwall/rules/proxy_ip" +} + +local file_path = '/tmp/passwall_upload.tar.gz' +local temp_dir = '/tmp/passwall_bak' +local fd +http.setfilehandler(function(meta, chunk, eof) + if not fd and meta and meta.name == "ulfile" and chunk then + sys.call("rm -rf " .. temp_dir) + fs.remove(file_path) + fd = nixio.open(file_path, "w") + sys.call("echo '' > /tmp/log/passwall.log") + end + if fd and chunk then + fd:write(chunk) + end + if eof and fd then + fd:close() + fd = nil + if fs.access(file_path) then + api.log(" * PassWall 配置文件上传成功…") + sys.call("mkdir -p " .. temp_dir) + if sys.call("tar -xzf " .. file_path .. " -C " .. temp_dir) == 0 then + for _, backup_file in ipairs(backup_files) do + local temp_file = temp_dir .. backup_file + if fs.access(temp_file) then + sys.call("cp -f " .. temp_file .. " " .. backup_file) + end + end + api.log(" * PassWall 配置还原成功…") + api.log(" * 重启 PassWall 服务中…\n") + sys.call('/etc/init.d/passwall restart > /dev/null 2>&1 &') + sys.call('/etc/init.d/passwall_server restart > /dev/null 2>&1 &') + else + api.log(" * PassWall 配置文件解压失败,请重试!") + end + else + api.log(" * PassWall 配置文件上传失败,请重试!") + end + sys.call("rm -rf " .. temp_dir) + fs.remove(file_path) + end +end) + +return f, fb diff --git a/small/luci-app-passwall/luasrc/view/passwall/global/faq.htm b/small/luci-app-passwall/luasrc/view/passwall/global/faq.htm index ca92ed61b0..ccb0f4e402 100644 --- a/small/luci-app-passwall/luasrc/view/passwall/global/faq.htm +++ b/small/luci-app-passwall/luasrc/view/passwall/global/faq.htm @@ -47,16 +47,9 @@ local api = require "luci.passwall.api" +<%+cbi/valuefooter%> diff --git a/small/luci-app-passwall/luasrc/view/passwall/node_list/node_list.htm b/small/luci-app-passwall/luasrc/view/passwall/node_list/node_list.htm index a00b943e35..304f254344 100644 --- a/small/luci-app-passwall/luasrc/view/passwall/node_list/node_list.htm +++ b/small/luci-app-passwall/luasrc/view/passwall/node_list/node_list.htm @@ -26,18 +26,12 @@ table td, .table .td { } ._now_use { - background: #5e72e445 !important; + color: red !important; } .ping a:hover{ text-decoration : underline; } - -@media (prefers-color-scheme: dark) { - ._now_use { - background: #4a90e2 !important; - } -}