Update On Thu Dec 26 19:33:33 CET 2024

2026-04-23 00:17:16 +08:00 · 2024-12-26 19:33:33 +01:00
parent 90e70c28fa
commit a0cfaf9dfb
139 changed files with 6956 additions and 978 deletions
@@ -1,12 +1,12 @@
 #!/usr/bin/lua

-require 'nixio'
-require 'luci.sys'
-local luci = luci
-local ucic = luci.model.uci.cursor()
-local jsonc = require "luci.jsonc"
-local name = 'passwall'
 local api = require ("luci.passwall.api")
+local name = api.appname
+local uci = api.libuci
+local sys = api.sys
+local jsonc = api.jsonc
+local fs = api.fs
+
 local arg1 = arg[1]
 local arg2 = arg[2]
 local arg3 = arg[3]
@@ -14,12 +14,12 @@ local arg3 = arg[3]
 local nftable_name = "inet passwall"
 local rule_path = "/usr/share/" .. name .. "/rules"
 local reboot = 0
-local gfwlist_update = 0
-local chnroute_update = 0
-local chnroute6_update = 0
-local chnlist_update = 0
-local geoip_update = 0
-local geosite_update = 0
+local gfwlist_update = "0"
+local chnroute_update = "0"
+local chnroute6_update = "0"
+local chnlist_update = "0"
+local geoip_update = "0"
+local geosite_update = "0"

 -- match comments/title/whitelist/ip address/excluded_domain
 local comment_pattern = "^[#!\\[@]+"
@@ -29,14 +29,14 @@ local ip6_ipset_pattern = ":-[%x]+%:+[%x]-[%/][%d]+$"
 local domain_pattern = "([%w%-%_]+%.[%w%.%-%_]+)[%/%*]*"
 local excluded_domain = {"apple.com","sina.cn","sina.com.cn","baidu.com","byr.cn","jlike.com","weibo.com","zhongsou.com","youdao.com","sogou.com","so.com","soso.com","aliyun.com","taobao.com","jd.com","qq.com","bing.com"}

-local gfwlist_url = ucic:get(name, "@global_rules[0]", "gfwlist_url") or {"https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"}
-local chnroute_url = ucic:get(name, "@global_rules[0]", "chnroute_url") or {"https://ispip.clang.cn/all_cn.txt"}
-local chnroute6_url =  ucic:get(name, "@global_rules[0]", "chnroute6_url") or {"https://ispip.clang.cn/all_cn_ipv6.txt"}
-local chnlist_url = ucic:get(name, "@global_rules[0]", "chnlist_url") or {"https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf"}
+local gfwlist_url = uci:get(name, "@global_rules[0]", "gfwlist_url") or {"https://fastly.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/gfw.txt"}
+local chnroute_url = uci:get(name, "@global_rules[0]", "chnroute_url") or {"https://ispip.clang.cn/all_cn.txt"}
+local chnroute6_url =  uci:get(name, "@global_rules[0]", "chnroute6_url") or {"https://ispip.clang.cn/all_cn_ipv6.txt"}
+local chnlist_url = uci:get(name, "@global_rules[0]", "chnlist_url") or {"https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/accelerated-domains.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/apple.china.conf","https://fastly.jsdelivr.net/gh/felixonmars/dnsmasq-china-list/google.china.conf"}
 local geoip_api =  "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest"
 local geosite_api =  "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest"
-local asset_location = ucic:get_first(name, 'global_rules', "v2ray_location_asset", "/usr/share/v2ray/")
-local use_nft = ucic:get(name, "@global_forwarding[0]", "use_nft") or "0"
+local asset_location = uci:get(name, "@global_rules[0]", "v2ray_location_asset") or "/usr/share/v2ray/"
+local use_nft = uci:get(name, "@global_forwarding[0]", "use_nft") or "0"

 if arg3 == "cron" then
 	arg2 = nil
@@ -61,12 +61,12 @@ local function gen_nftset(set_name, ip_type, tmp_file, input_file)
 	nft_file, err = io.open(tmp_file, "w")
 	nft_file:write('#!/usr/sbin/nft -f\n')
 	nft_file:write(string.format('define %s = {%s}\n', set_name, string.gsub(element, "%s*%c+", " timeout 3650d, ")))
-	if luci.sys.call(string.format('nft "list set %s %s" >/dev/null 2>&1', nftable_name, set_name)) ~= 0 then
+	if sys.call(string.format('nft "list set %s %s" >/dev/null 2>&1', nftable_name, set_name)) ~= 0 then
 		nft_file:write(string.format('add set %s %s { type %s; flags interval, timeout; timeout 2d; gc-interval 2d; auto-merge; }\n', nftable_name, set_name, ip_type))
 	end
 	nft_file:write(string.format('add element %s %s $%s\n', nftable_name, set_name, set_name))
 	nft_file:close()
-	luci.sys.call(string.format('nft -f %s &>/dev/null',tmp_file))
+	sys.call(string.format('nft -f %s &>/dev/null',tmp_file))
 	os.remove(tmp_file)
 end

@@ -76,9 +76,9 @@ local function gen_cache(set_name, ip_type, input_file, output_file)
 	local tmp_file = output_file .. "_tmp"
 	local tmp_set_name = set_name .. "_tmp"
 	gen_nftset(tmp_set_name, ip_type, tmp_file, input_file)
-	luci.sys.call(string.format('nft list set %s %s | sed "s/%s/%s/g" | cat > %s', nftable_name, tmp_set_name, tmp_set_name, set_name, output_file))
-	luci.sys.call(string.format('nft flush set %s %s', nftable_name, tmp_set_name))
-	luci.sys.call(string.format('nft delete set %s %s', nftable_name, tmp_set_name))
+	sys.call(string.format('nft list set %s %s | sed "s/%s/%s/g" | cat > %s', nftable_name, tmp_set_name, tmp_set_name, set_name, output_file))
+	sys.call(string.format('nft flush set %s %s', nftable_name, tmp_set_name))
+	sys.call(string.format('nft delete set %s %s', nftable_name, tmp_set_name))
 end

 -- curl
@@ -114,9 +114,9 @@ local function line_count(file_path)
 end

 local function non_file_check(file_path, vali_file)
-	if nixio.fs.readfile(file_path, 10) then
-		local remote_file_size = tonumber(luci.sys.exec("cat " .. vali_file .. " | grep -i 'Content-Length' | awk '{print $2}'"))
-		local local_file_size = tonumber(nixio.fs.stat(file_path, "size"))
+	if fs.readfile(file_path, 10) then
+		local remote_file_size = tonumber(sys.exec("cat " .. vali_file .. " | grep -i 'Content-Length' | awk '{print $2}'"))
+		local local_file_size = tonumber(fs.stat(file_path, "size"))
 		if remote_file_size and local_file_size then
 			if remote_file_size == local_file_size then
 				return nil;
@@ -227,11 +227,11 @@ local function fetch_rule(rule_name,rule_type,url,exclude_domain)
 			end
 			out:close()
 		end
-		luci.sys.call("cat " ..unsort_file_tmp.. " | sort -u > "..file_tmp)
+		sys.call("cat " ..unsort_file_tmp.. " | sort -u > "..file_tmp)
 		os.remove(unsort_file_tmp)

-		local old_md5 = luci.sys.exec("echo -n $(md5sum " .. rule_path .. "/" ..rule_name.. " | awk '{print $1}')")
-		local new_md5 = luci.sys.exec("echo -n $([ -f '" ..file_tmp.. "' ] && md5sum " ..file_tmp.." | awk '{print $1}')")
+		local old_md5 = sys.exec("echo -n $(md5sum " .. rule_path .. "/" ..rule_name.. " | awk '{print $1}')")
+		local new_md5 = sys.exec("echo -n $([ -f '" ..file_tmp.. "' ] && md5sum " ..file_tmp.." | awk '{print $1}')")
 		if old_md5 ~= new_md5 then
 			local count = line_count(file_tmp)
 			if use_nft == "1" and (rule_type == "ip6" or rule_type == "ip4") then
@@ -249,10 +249,10 @@ local function fetch_rule(rule_name,rule_type,url,exclude_domain)
 					end
 					gen_cache(set_name, "ipv6_addr", file_tmp, output_file)
 				end
-				luci.sys.exec(string.format('mv -f %s %s', output_file, rule_path .. "/" ..rule_name.. ".nft"))
+				sys.exec(string.format('mv -f %s %s', output_file, rule_path .. "/" ..rule_name.. ".nft"))
 				os.remove(output_file)
 			end
-			luci.sys.exec("mv -f "..file_tmp .. " " ..rule_path .. "/" ..rule_name)
+			sys.exec("mv -f "..file_tmp .. " " ..rule_path .. "/" ..rule_name)
 			reboot = 1
 			log(rule_name.. " 更新成功，总规则数 " ..count.. " 条。")
 		else
@@ -299,9 +299,9 @@ local function fetch_geoip()
 						f:write(content:gsub("geoip.dat", "/tmp/geoip.dat"), "")
 						f:close()

-						if nixio.fs.access(asset_location .. "geoip.dat") then
-							luci.sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
-							if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+						if fs.access(asset_location .. "geoip.dat") then
+							sys.call(string.format("cp -f %s %s", asset_location .. "geoip.dat", "/tmp/geoip.dat"))
+							if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
 								log("geoip 版本一致，无需更新。")
 								return 1
 							end
@@ -309,8 +309,8 @@ local function fetch_geoip()
 						for _2, v2 in ipairs(json.assets) do
 							if v2.name and v2.name == "geoip.dat" then
 								sret = curl(v2.browser_download_url, "/tmp/geoip.dat")
-								if luci.sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
-									luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
+								if sys.call('sha256sum -c /tmp/geoip.dat.sha256sum > /dev/null 2>&1') == 0 then
+									sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geoip.dat", asset_location .. "geoip.dat"))
 									reboot = 1
 									log("geoip 更新成功。")
 									return 1
@@ -350,9 +350,9 @@ local function fetch_geosite()
 						f:write(content:gsub("[^%s]+.dat", "/tmp/geosite.dat"), "")
 						f:close()

-						if nixio.fs.access(asset_location .. "geosite.dat") then
-							luci.sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
-							if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+						if fs.access(asset_location .. "geosite.dat") then
+							sys.call(string.format("cp -f %s %s", asset_location .. "geosite.dat", "/tmp/geosite.dat"))
+							if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
 								log("geosite 版本一致，无需更新。")
 								return 1
 							end
@@ -360,8 +360,8 @@ local function fetch_geosite()
 						for _2, v2 in ipairs(json.assets) do
 							if v2.name and (v2.name == "geosite.dat" or v2.name == "dlc.dat") then
 								sret = curl(v2.browser_download_url, "/tmp/geosite.dat")
-								if luci.sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
-									luci.sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
+								if sys.call('sha256sum -c /tmp/geosite.dat.sha256sum > /dev/null 2>&1') == 0 then
+									sys.call(string.format("mkdir -p %s && cp -f %s %s", asset_location, "/tmp/geosite.dat", asset_location .. "geosite.dat"))
 									reboot = 1
 									log("geosite 更新成功。")
 									return 1
@@ -386,38 +386,38 @@ end
 if arg2 then
 	string.gsub(arg2, '[^' .. "," .. ']+', function(w)
 		if w == "gfwlist" then
-			gfwlist_update = 1
+			gfwlist_update = "1"
 		end
 		if w == "chnroute" then
-			chnroute_update = 1
+			chnroute_update = "1"
 		end
 		if w == "chnroute6" then
-			chnroute6_update = 1
+			chnroute6_update = "1"
 		end
 		if w == "chnlist" then
-			chnlist_update = 1
+			chnlist_update = "1"
 		end
 		if w == "geoip" then
-			geoip_update = 1
+			geoip_update = "1"
 		end
 		if w == "geosite" then
-			geosite_update = 1
+			geosite_update = "1"
 		end
 	end)
 else
-	gfwlist_update = ucic:get_first(name, 'global_rules', "gfwlist_update", 1)
-	chnroute_update = ucic:get_first(name, 'global_rules', "chnroute_update", 1)
-	chnroute6_update = ucic:get_first(name, 'global_rules', "chnroute6_update", 1)
-	chnlist_update = ucic:get_first(name, 'global_rules', "chnlist_update", 1)
-	geoip_update = ucic:get_first(name, 'global_rules', "geoip_update", 1)
-	geosite_update = ucic:get_first(name, 'global_rules', "geosite_update", 1)
+	gfwlist_update = uci:get(name, "@global_rules[0]", "gfwlist_update") or "1"
+	chnroute_update = uci:get(name, "@global_rules[0]", "chnroute_update") or "1"
+	chnroute6_update = uci:get(name, "@global_rules[0]", "chnroute6_update") or "1"
+	chnlist_update = uci:get(name, "@global_rules[0]", "chnlist_update") or "1"
+	geoip_update = uci:get(name, "@global_rules[0]", "geoip_update") or "1"
+	geosite_update = uci:get(name, "@global_rules[0]", "geosite_update") or "1"
 end
-if gfwlist_update == 0 and chnroute_update == 0 and chnroute6_update == 0 and chnlist_update == 0 and geoip_update == 0 and geosite_update == 0 then
+if gfwlist_update == "0" and chnroute_update == "0" and chnroute6_update == "0" and chnlist_update == "0" and geoip_update == "0" and geosite_update == "0" then
 	os.exit(0)
 end

 log("开始更新规则...")
-if tonumber(gfwlist_update) == 1 then
+if gfwlist_update == "1" then
 	xpcall(fetch_gfwlist,function(e)
 		log(e)
 		log(debug.traceback())
@@ -425,7 +425,7 @@ if tonumber(gfwlist_update) == 1 then
 	end)
 end

-if tonumber(chnroute_update) == 1 then
+if chnroute_update == "1" then
 	xpcall(fetch_chnroute,function(e)
 		log(e)
 		log(debug.traceback())
@@ -433,7 +433,7 @@ if tonumber(chnroute_update) == 1 then
 	end)
 end

-if tonumber(chnroute6_update) == 1 then
+if chnroute6_update == "1" then
 	xpcall(fetch_chnroute6,function(e)
 		log(e)
 		log(debug.traceback())
@@ -441,7 +441,7 @@ if tonumber(chnroute6_update) == 1 then
 	end)
 end

-if tonumber(chnlist_update) == 1 then
+if chnlist_update == "1" then
 	xpcall(fetch_chnlist,function(e)
 		log(e)
 		log(debug.traceback())
@@ -449,41 +449,40 @@ if tonumber(chnlist_update) == 1 then
 	end)
 end

-if tonumber(geoip_update) == 1 then
+if geoip_update == "1" then
 	log("geoip 开始更新...")
 	local status = fetch_geoip()
 	os.remove("/tmp/geoip.dat")
 	os.remove("/tmp/geoip.dat.sha256sum")
 end

-if tonumber(geosite_update) == 1 then
+if geosite_update == "1" then
 	log("geosite 开始更新...")
 	local status = fetch_geosite()
 	os.remove("/tmp/geosite.dat")
 	os.remove("/tmp/geosite.dat.sha256sum")
 end

-ucic:set(name, ucic:get_first(name, 'global_rules'), "gfwlist_update", gfwlist_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "chnroute_update", chnroute_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "chnroute6_update", chnroute6_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "chnlist_update", chnlist_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geoip_update", geoip_update)
-ucic:set(name, ucic:get_first(name, 'global_rules'), "geosite_update", geosite_update)
-ucic:save(name)
-luci.sys.call("uci commit " .. name)
+uci:set(name, "@global_rules[0]", "gfwlist_update", gfwlist_update)
+uci:set(name, "@global_rules[0]", "chnroute_update", chnroute_update)
+uci:set(name, "@global_rules[0]", "chnroute6_update", chnroute6_update)
+uci:set(name, "@global_rules[0]", "chnlist_update", chnlist_update)
+uci:set(name, "@global_rules[0]", "geoip_update", geoip_update)
+uci:set(name, "@global_rules[0]", "geosite_update", geosite_update)
+uci:commit(name)

 if reboot == 1 then
 	if arg3 == "cron" then
-		if not nixio.fs.access("/var/lock/" .. name .. ".lock") then
-			luci.sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
+		if not fs.access("/var/lock/" .. name .. ".lock") then
+			sys.call("touch /tmp/lock/" .. name .. "_cron.lock")
 		end
 	end

 	log("重启服务，应用新的规则。")
 	if use_nft == "1" then
-		luci.sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
+		sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
 	else
-		luci.sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
+		sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
 	end
 end
 log("规则更新完毕...")