298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-16 04:13:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Dnsforwarder fix

Browse Source 
* 升级dnsforwarder ui

* fix
This commit is contained in:
TossPig 2018-12-10 00:04:10 +08:00 committed by coolsnowwolf
parent 0fa6fb8334
commit 368eb8cce0
7 changed files with 6040 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
package/lean/dnsforwarder/Makefile
View File

@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dnsforwarder
PKG_VERSION:=6.1.15
PKG_RELEASE:=5
PKG_RELEASE:=8
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/holmium/dnsforwarder.git
@ -27,11 +27,6 @@ define Package/$(PKG_NAME)/description
Forwarding queries to customized domains (and their subdomains) to specified servers over a specified protocol (UDP or TCP). non-standard ports are supported.
endef
define Package/$(PKG_NAME)/conffiles
/etc/dnsforwarder/dnsforwarder.conf
endef
CONFIGURE_ARGS += --enable-downloader=wget
define Package/$(PKG_NAME)/install
@ -42,7 +37,9 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) files/etc/config/dnsforwarder $(1)/etc/config/dnsforwarder
$(INSTALL_DIR) $(1)/etc/dnsforwarder
$(INSTALL_CONF) $(PKG_BUILD_DIR)/default.config $(1)/etc/dnsforwarder/dnsforwarder.conf
$(INSTALL_CONF) files/etc/dnsforwarder/gfw.txt $(1)/etc/dnsforwarder/gfw.txt
$(INSTALL_DIR) $(1)/usr/share/dnsforwarder
$(INSTALL_BIN) files/usr/share/dnsforwarder/gfwlist.sh $(1)/usr/share/dnsforwarder/gfwlist.sh
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

3
package/lean/dnsforwarder/files/etc/config/dnsforwarder
View File

@ -6,7 +6,8 @@ config arguments
config config
option cache 'true'
option cache_size '102400'
option cache_ignore 'false'
option cache_ignore 'false'
option gfw 'true'
list block_ip '74.125.127.102'
list block_ip '74.125.155.102'
list block_ip '74.125.39.102'

5604
package/lean/dnsforwarder/files/etc/dnsforwarder/gfw.txt Normal file
View File

File diff suppressed because it is too large Load Diff

150
package/lean/dnsforwarder/files/etc/init.d/dnsforwarder
View File

@ -1,12 +1,25 @@
#!/bin/sh /etc/rc.common
START=97
START=60
DNSFORWARDER_CONF=/etc/dnsforwarder/dnsforwarder.conf
PID_PATH=/var/run/dnsforwarder/
DNSFORWARDER_CONF=/tmp/dnsforwarder.conf
PID_PATH=/var/run/dnsforwarder
PID_FILE=dns.pid
CRON_FILE=/etc/crontabs/root
add_cron()
{
sed -i '/dnsforwarder/d' $CRON_FILE
echo '0 */1 * * * /etc/init.d/dnsforwarder health' >> $CRON_FILE
echo '0 1 * * 0 /etc/init.d/dnsforwarder makelist' >> $CRON_FILE
crontab $CRON_FILE
}
del_cron()
{
sed -i '/dnsforwarder/d' $CRON_FILE
/etc/init.d/cron restart
}
fixflowoffload(){
dns=$(uci get flowoffload.@flow[0].dns 2>/dev/null)
@ -26,13 +39,59 @@ makelist() {
done
}
health(){
rm /var/log/dnsforwarder.log.* 2>/dev/null
pid=$(cat ${PID_PATH}/${PID_FILE} 2>/dev/null)
[ -n "$pid" ] && {
echo "[health] There is dnsforwarder pid ${pid}"
logger -t "[health] There is dnsforwarder pid ${pid}"
} || {
echo '[health] Dnsforwarder is not running'
logger -t '[health] Dnsforwarder is not running'
start
}
}
makegfwlist(){
local GFW_FILE='/etc/dnsforwarder/gfw.txt'
local GFW_TMP_FILE='/tmp/dnsforwarder-gfw.old'
local TSTIME=`date '+%Y-%m-%d %H:%M:%S'`
touch ${GFW_TMP_FILE}
/usr/share/dnsforwarder/gfwlist.sh -i -l -o /tmp/dnsforwarder-gfw.tmp --extra-domain-file /etc/config/gfw.list
if [ $? != 0 ]; then
echo 'Failed to fetch gfwlist'
logger -t Failed to fetch gfwlist
return 2
fi
local gfw=$(cat /tmp/dnsforwarder-gfw.tmp)
echo "# GenerationAt TS_BUILD_TIME" > ${GFW_TMP_FILE}.new
echo "protocol tcp" >> ${GFW_TMP_FILE}.new
echo "server 8.8.8.8,8.8.4.4,1.1.1.1,1.0.0.1,208.67.222.222,208.67.220.220,209.244.0.3,209.244.0.4,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1,199.85.126.10" >> ${GFW_TMP_FILE}.new
echo -e 'proxy no\n\n\n' >> ${GFW_TMP_FILE}.new
echo "${gfw}" >> ${GFW_TMP_FILE}.new
if [ "`cat ${GFW_TMP_FILE}.new | md5sum`" == "`cat ${GFW_TMP_FILE} | md5sum`" ]; then
printf "[\e[32m%s\e[0m]\n" "hold"
else
cp ${GFW_TMP_FILE}.new ${GFW_TMP_FILE}
cp ${GFW_TMP_FILE} ${GFW_FILE}
sed -i "s/TS_BUILD_TIME/${TSTIME}/g" ${GFW_FILE}
printf "[\e[33m%s\e[0m]" "PID"
restart
fi
}
makeconfig () {
config_load dnsforwarder
[ -e /tmp/dnsforwarder-gfw.old ] || makegfwlist
local log=$(uci get dnsforwarder.@config[0].log 2>/dev/null)
local log_size=$(uci get dnsforwarder.@config[0].log_size 2>/dev/null)
local gfw=$(uci get dnsforwarder.@config[0].gfw 2>/dev/null)
local udp_local=$(uci -d ',' get dnsforwarder.@config[0].udp_local 2>/dev/null)
local udp_local_list=$(uci get dnsforwarder.@config[0].udp_local 2>/dev/null)
local tcp_group=$(uci get dnsforwarder.@config[0].tcp_group 2>/dev/null)
local udp_group=$(uci get dnsforwarder.@config[0].udp_group 2>/dev/null)
local group_file=$(uci get dnsforwarder.@config[0].group_file 2>/dev/null)
@ -48,17 +107,28 @@ makeconfig () {
local cache_control=$(uci get dnsforwarder.@config[0].cache_control 2>/dev/null)
local domain_statistic=$(uci get dnsforwarder.@config[0].domain_statistic 2>/dev/null)
local udp_local_addr=$(uci get dnsforwarder.@arguments[0].addr 2>/dev/null)
udp_local_addr=${udp_local_addr/:/#}
echo "LogOn ${log}" > $DNSFORWARDER_CONF
if [ $log = "true" ]; then
rm /var/log/dnsforwarder.log.* 2>/dev/null
echo '' > /var/log/dnsforwarder.log
echo "LogFileThresholdLength ${log_size}" >> $DNSFORWARDER_CONF
echo "LogFileFolder /var/log" >> $DNSFORWARDER_CONF
fi
[ -n "$udp_local" ] && echo "UDPLocal ${udp_local}" >> $DNSFORWARDER_CONF
[ -n "$udp_local_addr" ] && eval "makelist 'server=' $udp_local_addr" > /tmp/dnsmasq.dnsforwarder.conf
sed -i "s/ //g" /tmp/dnsmasq.dnsforwarder.conf
eval "makelist 'TCPGroup' $tcp_group" >> $DNSFORWARDER_CONF
eval "makelist 'UDPGroup' $udp_group" >> $DNSFORWARDER_CONF
eval "makelist 'GroupFile' $group_file" >> $DNSFORWARDER_CONF
if [ $gfw = "true" ]; then
echo 'GroupFile /etc/dnsforwarder/gfw.txt' >> $DNSFORWARDER_CONF
fi
echo "BlockIP ${block_ip}" >> $DNSFORWARDER_CONF
eval "makelist 'IPSubstituting' $ip_substituting" >> $DNSFORWARDER_CONF
@ -78,6 +148,10 @@ makeconfig () {
fi
echo "DomainStatistic ${domain_statistic}" >> $DNSFORWARDER_CONF
if [ $domain_statistic = "true" ]; then
touch /tmp/dnsforwarder-statistic.html
mkdir -p /root/.dnsforwarder
rm /root/.dnsforwarder/statistic.html 2 > /dev/null
ln -s /tmp/dnsforwarder-statistic.html /root/.dnsforwarder/statistic.html
local domain_statistic_tag='<!-- TS DNSFORWARDER -->'
echo "DomainStatisticTempletFile /tmp/dnsforwarder-statistic.html" >> $DNSFORWARDER_CONF
echo "StatisticInsertionPosition ${domain_statistic_tag}" >> $DNSFORWARDER_CONF
@ -98,78 +172,72 @@ start()
exit
fi
makeconfig
fixflowoffload
fixflowoffload
dnsforwarder -f $DNSFORWARDER_CONF -d
mkdir -p $PID_PATH
sleep 10
mkdir -p ${PID_PATH}
pid=$(ps | awk '$5 ~ /\[dnsforwarder\]/ {print $1}')
echo dnsforwarder running pid is $pid
logger -t The pid of dnsforwarder is $PID_PATH/$PID_FILE $pid
echo $pid > $PID_PATH/$PID_FILE
echo "dnsforwarder running pid is ${pid}"
logger -t The pid of dnsforwarder is ${PID_PATH}/${PID_FILE} ${pid}
echo ${pid} > $PID_PATH/$PID_FILE
/etc/init.d/dnsforwarder enable
local redir=$(uci get dnsforwarder.@arguments[0].redir 2>/dev/null)
local port=$(uci get dnsforwarder.@arguments[0].port 2>/dev/null)
local dnsmasq=$(uci get dnsforwarder.@arguments[0].dnsmasq 2>/dev/null)
local addr=$(uci get dnsforwarder.@arguments[0].addr 2>/dev/null)
[ -n "$addr" ] && addr=${addr/:/#}
iptables -t nat -N DNSFORWARDER
iptables -t nat -F DNSFORWARDER
if [ $redir = 1 ]; then
iptables -t nat -A DNSFORWARDER -p udp --dport 53 -j REDIRECT --to-ports $port
iptables -t nat -I PREROUTING -j DNSFORWARDER
fi
if [ $dnsmasq = 1 ]; then
uci delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server=$addr
[ -n "${addr}" ] && addr=${addr/:/#}
if [ "${dnsmasq}" = "1" ]; then
uci delete dhcp.@dnsmasq[0].server 2>/dev/null
# uci add_list dhcp.@dnsmasq[0].server=$addr
uci delete dhcp.@dnsmasq[0].resolvfile
uci set dhcp.@dnsmasq[0].noresolv=1
uci set dhcp.@dnsmasq[0].serversfile=/tmp/dnsmasq.dnsforwarder.conf
uci commit dhcp
/etc/init.d/dnsmasq restart
fi
fi
add_cron
}
stop()
{
logger -t stopping dnsforwarder
del_cron
logger -t stopping dnsforwarder
local addr=$(uci get dnsforwarder.@arguments[0].addr 2>/dev/null)
addr=${addr/:/#}
uci del_list dhcp.@dnsmasq[0].server=$addr 2>/dev/null
uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto 2>/dev/null
uci delete dhcp.@dnsmasq[0].noresolv 2>/dev/null
uci delete dhcp.@dnsmasq[0].serversfile 2>/dev/null
uci commit dhcp
[ -e $PID_PATH/$PID_FILE ] && {
[ -e ${PID_PATH}/${PID_FILE} ] && {
pid=$(cat $PID_PATH/$PID_FILE)
logger -t killing dnsforwarder pid $pid
echo killing dnsforwarder pid $pid
kill $pid
rm -f $PID_PATH/$PID_FILE
logger -t killing dnsforwarder pid ${pid}
echo killing dnsforwarder pid ${pid}
kill ${pid}
rm -f ${PID_PATH}/${PID_FILE}
} || {
logger -t Cannot find dnsforwarder pid file
}
iptables -t nat -F DNSFORWARDER 2>/dev/null
while iptables -t nat -D PREROUTING -j DNSFORWARDER 2>/dev/null; do :; done
iptables -t nat -X DNSFORWARDER 2>/dev/null
/etc/init.d/dnsmasq restart
}
restart()
{
pid=$(cat $PID_PATH/$PID_FILE 2>/dev/null)
echo Dnsforwarder pid file is $pid
pid=$(cat ${PID_PATH}/${PID_FILE} 2>/dev/null)
echo Dnsforwarder pid file is ${pid}
[ -n "$pid" ] && {
echo stopping pid $pid
logger -t There is dnsforwarder pid $pid
echo stopping pid ${pid}
logger -t There is dnsforwarder pid ${pid}
stop
} || {
logger -t Dnsforwarder is not running
}
sleep 1s
sleep 7
local vt_enabled=$(uci get dnsforwarder.@arguments[0].enabled 2>/dev/null)
echo dnsforwarder status is $vt_enabled
logger -t Dnsforwarder is initializing enabled is $vt_enabled
if [ $vt_enabled = 1 ]; then
echo dnsforwarder status is ${vt_enabled}
logger -t Dnsforwarder is initializing enabled is ${vt_enabled}
if [ ${vt_enabled} = 1 ]; then
[ -n "$pid" ] && {
logger -t There is dnsforwarder pid $pid
logger -t There is dnsforwarder pid ${pid}
stop
} || {
logger -t Dnsforwarder is not running
@ -182,4 +250,4 @@ restart()
fi
}
EXTRA_COMMANDS="makeconfig"
EXTRA_COMMANDS="makeconfig makegfwlist health"

313
package/lean/dnsforwarder/files/usr/share/dnsforwarder/gfwlist.sh Normal file
View File

@ -0,0 +1,313 @@
#/bin/sh
# Name: gfwlist2dnsmasq.sh
# Desription: A shell script which convert gfwlist into dnsmasq rules.
# Version: 0.8.0 (2017.12.25)
# Author: Cokebar Chi
# Website: https://github.com/cokebar
_green() {
printf '\033[1;31;32m'
printf -- "%b" "$1"
printf '\033[0m'
}
_red() {
printf '\033[1;31;31m'
printf -- "%b" "$1"
printf '\033[0m'
}
_yellow() {
printf '\033[1;31;33m'
printf -- "%b" "$1"
printf '\033[0m'
}
usage() {
cat <<-EOF
Name: gfwlist2dnsmasq.sh
Desription: A shell script which convert gfwlist into dnsmasq rules.
Version: 0.8.0 (2017.12.25)
Author: Cokebar Chi
Website: https://github.com/cokebar
Usage: sh gfwlist2dnsmasq.sh [options] -o FILE
Valid options are:
-d, --dns <dns_ip>
DNS IP address for the GfwList Domains (Default: 127.0.0.1)
-p, --port <dns_port>
DNS Port for the GfwList Domains (Default: 5353)
-s, --ipset <ipset_name>
Ipset name for the GfwList domains
(If not given, ipset rules will not be generated.)
-o, --output <FILE>
/path/to/output_filename
-i, --insecure
Force bypass certificate validation (insecure)
-l, --domain-list
Convert Gfwlist into domain list instead of dnsmasq rules
(If this option is set, DNS IP/Port & ipset are not needed)
--exclude-domain-file <FILE>
Delete specific domains in the result from a domain list text file
Please put one domain per line
--extra-domain-file <FILE>
Include extra domains to the result from a domain list text file
This file will be processed after the exclude-domain-file
Please put one domain per line
-h, --help
Usage
EOF
exit $1
}
clean_and_exit(){
# Clean up temp files
printf 'Cleaning up... '
rm -rf $TMP_DIR
_green 'Done\n\n'
[ $1 -eq 0 ] && _green 'Job Finished.\n\n' || _red 'Exit with Error code '$1'.\n'
exit $1
}
check_depends(){
which sed base64 curl >/dev/null
if [ $? != 0 ]; then
_red 'Error: Missing Dependency.\nPlease check whether you have the following binaries on you system:\nwhich, sed, base64, curl.\n'
exit 3
fi
SYS_KERNEL=`uname -s`
if [ $SYS_KERNEL = "Darwin" -o $SYS_KERNEL = "FreeBSD" ]; then
BASE64_DECODE='base64 -D'
SED_ERES='sed -E'
else
BASE64_DECODE='base64 -d'
SED_ERES='sed -r'
fi
}
get_args(){
OUT_TYPE='DNSMASQ_RULES'
DNS_IP='127.0.0.1'
DNS_PORT='5353'
IPSET_NAME=''
FILE_FULLPATH=''
CURL_EXTARG=''
WITH_IPSET=0
EXTRA_DOMAIN_FILE=''
EXCLUDE_DOMAIN_FILE=''
IPV4_PATTERN='^((2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)\.){3}(2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)$'
IPV6_PATTERN='^((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:)))(%.+)?$'
while [ ${#} -gt 0 ]; do
case "${1}" in
--help | -h)
usage 0
;;
--domain-list | -l)
OUT_TYPE='DOMAIN_LIST'
;;
--insecure | -i)
CURL_EXTARG='--insecure'
;;
--dns | -d)
DNS_IP="$2"
shift
;;
--port | -p)
DNS_PORT="$2"
shift
;;
--ipset | -s)
IPSET_NAME="$2"
shift
;;
--output | -o)
OUT_FILE="$2"
shift
;;
--extra-domain-file)
EXTRA_DOMAIN_FILE="$2"
shift
;;
--exclude-domain-file)
EXCLUDE_DOMAIN_FILE="$2"
shift
;;
*)
_red "Invalid argument: $1"
usage 1
;;
esac
shift 1
done
# Check path & file name
if [ -z $OUT_FILE ]; then
_red 'Error: Please specify the path to the output file(using -o/--output argument).\n'
exit 1
else
if [ -z ${OUT_FILE##*/} ]; then
_red 'Error: '$OUT_FILE' is a path, not a file.\n'
exit 1
else
if [ ${OUT_FILE}a != ${OUT_FILE%/*}a ] && [ ! -d ${OUT_FILE%/*} ]; then
_red 'Error: Folder do not exist: '${OUT_FILE%/*}'\n'
exit 1
fi
fi
fi
if [ $OUT_TYPE = 'DNSMASQ_RULES' ]; then
# Check DNS IP
IPV4_TEST=$(echo $DNS_IP | grep -E $IPV4_PATTERN)
IPV6_TEST=$(echo $DNS_IP | grep -E $IPV6_PATTERN)
if [ "$IPV4_TEST" != "$DNS_IP" -a "$IPV6_TEST" != "$DNS_IP" ]; then
_red 'Error: Please enter a valid DNS server IP address.\n'
exit 1
fi
# Check DNS port
if [ $DNS_PORT -lt 1 -o $DNS_PORT -gt 65535 ]; then
_red 'Error: Please enter a valid DNS server port.\n'
exit 1
fi
# Check ipset name
if [ -z $IPSET_NAME ]; then
WITH_IPSET=0
else
IPSET_TEST=$(echo $IPSET_NAME | grep -E '^\w+$')
if [ "$IPSET_TEST" != "$IPSET_NAME" ]; then
_red 'Error: Please enter a valid IP set name.\n'
exit 1
else
WITH_IPSET=1
fi
fi
fi
if [ ! -z $EXTRA_DOMAIN_FILE ] && [ ! -f $EXTRA_DOMAIN_FILE ]; then
_yellow 'WARNING:\nExtra domain file does not exist, ignored.\n\n'
EXTRA_DOMAIN_FILE=''
fi
if [ ! -z $EXCLUDE_DOMAIN_FILE ] && [ ! -f $EXCLUDE_DOMAIN_FILE ]; then
_yellow 'WARNING:\nExclude domain file does not exist, ignored.\n\n'
EXCLUDE_DOMAIN_FILE=''
fi
}
process(){
# Set Global Var
BASE_URL='https://github.com/gfwlist/gfwlist/raw/master/gfwlist.txt'
TMP_DIR=`mktemp -d /tmp/gfwlist2dnsmasq.XXXXXX`
BASE64_FILE="$TMP_DIR/base64.txt"
GFWLIST_FILE="$TMP_DIR/gfwlist.txt"
DOMAIN_TEMP_FILE="$TMP_DIR/gfwlist2domain.tmp"
DOMAIN_FILE="$TMP_DIR/gfwlist2domain.txt"
CONF_TMP_FILE="$TMP_DIR/gfwlist.conf.tmp"
OUT_TMP_FILE="$TMP_DIR/gfwlist.out.tmp"
# Fetch GfwList and decode it into plain text
printf 'Fetching GfwList... '
local tscurl='curl -L --connect-timeout 5 -m 300 --retry 3 --retry-delay 1'
$tscurl $CURL_EXTARG -o$BASE64_FILE $BASE_URL \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE https://gitlab.com/gfwlist/gfwlist/raw/master/gfwlist.txt \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE https://git.tuxfamily.org/gfwlist/gfwlist.git/plain/gfwlist.txt \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE https://pagure.io/gfwlist/raw/master/f/gfwlist.txt \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE http://repo.or.cz/gfwlist.git/blob_plain/HEAD:/gfwlist.txt \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE https://bitbucket.org/gfwlist/gfwlist/raw/HEAD/gfwlist.txt \
|| $tscurl $CURL_EXTARG -o$BASE64_FILE $BASE_URL
if [ $? != 0 ]; then
_red '\nFailed to fetch gfwlist.txt. Please check your Internet connection.\n'
clean_and_exit 2
fi
$BASE64_DECODE $BASE64_FILE > $GFWLIST_FILE || ( _red 'Failed to decode gfwlist.txt. Quit.\n'; clean_and_exit 2 )
_green 'Done.\n\n'
# Convert
IGNORE_PATTERN='^\!|\[|^@@|(https?://){0,1}[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'
HEAD_FILTER_PATTERN='s#^(\|\|?)?(https?://)?##g'
TAIL_FILTER_PATTERN='s#/.*$|%2F.*$##g'
DOMAIN_PATTERN='([a-zA-Z0-9][-a-zA-Z0-9]*(\.[a-zA-Z0-9][-a-zA-Z0-9]*)+)'
HANDLE_WILDCARD_PATTERN='s#^(([a-zA-Z0-9]*\*[-a-zA-Z0-9]*)?(\.))?([a-zA-Z0-9][-a-zA-Z0-9]*(\.[a-zA-Z0-9][-a-zA-Z0-9]*)+)(\*)?#\4#g'
printf 'Converting GfwList to ' && _green $OUT_TYPE && printf ' ...\n'
_yellow '\nWARNING:\nThe following lines in GfwList contain regex, and might be ignored:\n\n'
cat $GFWLIST_FILE | grep -n '^/.*$'
_yellow "\nThis script will try to convert some of the regex rules. But you should know this may not be a equivalent conversion.\nIf there's regex rules which this script do not deal with, you should add the domain manually to the list.\n\n"
grep -vE $IGNORE_PATTERN $GFWLIST_FILE | $SED_ERES $HEAD_FILTER_PATTERN | $SED_ERES $TAIL_FILTER_PATTERN | grep -E $DOMAIN_PATTERN | $SED_ERES $HANDLE_WILDCARD_PATTERN > $DOMAIN_TEMP_FILE
printf 'google.com\ngoogle.ad\ngoogle.ae\ngoogle.com.af\ngoogle.com.ag\ngoogle.com.ai\ngoogle.al\ngoogle.am\ngoogle.co.ao\ngoogle.com.ar\ngoogle.as\ngoogle.at\ngoogle.com.au\ngoogle.az\ngoogle.ba\ngoogle.com.bd\ngoogle.be\ngoogle.bf\ngoogle.bg\ngoogle.com.bh\ngoogle.bi\ngoogle.bj\ngoogle.com.bn\ngoogle.com.bo\ngoogle.com.br\ngoogle.bs\ngoogle.bt\ngoogle.co.bw\ngoogle.by\ngoogle.com.bz\ngoogle.ca\ngoogle.cd\ngoogle.cf\ngoogle.cg\ngoogle.ch\ngoogle.ci\ngoogle.co.ck\ngoogle.cl\ngoogle.cm\ngoogle.cn\ngoogle.com.co\ngoogle.co.cr\ngoogle.com.cu\ngoogle.cv\ngoogle.com.cy\ngoogle.cz\ngoogle.de\ngoogle.dj\ngoogle.dk\ngoogle.dm\ngoogle.com.do\ngoogle.dz\ngoogle.com.ec\ngoogle.ee\ngoogle.com.eg\ngoogle.es\ngoogle.com.et\ngoogle.fi\ngoogle.com.fj\ngoogle.fm\ngoogle.fr\ngoogle.ga\ngoogle.ge\ngoogle.gg\ngoogle.com.gh\ngoogle.com.gi\ngoogle.gl\ngoogle.gm\ngoogle.gp\ngoogle.gr\ngoogle.com.gt\ngoogle.gy\ngoogle.com.hk\ngoogle.hn\ngoogle.hr\ngoogle.ht\ngoogle.hu\ngoogle.co.id\ngoogle.ie\ngoogle.co.il\ngoogle.im\ngoogle.co.in\ngoogle.iq\ngoogle.is\ngoogle.it\ngoogle.je\ngoogle.com.jm\ngoogle.jo\ngoogle.co.jp\ngoogle.co.ke\ngoogle.com.kh\ngoogle.ki\ngoogle.kg\ngoogle.co.kr\ngoogle.com.kw\ngoogle.kz\ngoogle.la\ngoogle.com.lb\ngoogle.li\ngoogle.lk\ngoogle.co.ls\ngoogle.lt\ngoogle.lu\ngoogle.lv\ngoogle.com.ly\ngoogle.co.ma\ngoogle.md\ngoogle.me\ngoogle.mg\ngoogle.mk\ngoogle.ml\ngoogle.com.mm\ngoogle.mn\ngoogle.ms\ngoogle.com.mt\ngoogle.mu\ngoogle.mv\ngoogle.mw\ngoogle.com.mx\ngoogle.com.my\ngoogle.co.mz\ngoogle.com.na\ngoogle.com.nf\ngoogle.com.ng\ngoogle.com.ni\ngoogle.ne\ngoogle.nl\ngoogle.no\ngoogle.com.np\ngoogle.nr\ngoogle.nu\ngoogle.co.nz\ngoogle.com.om\ngoogle.com.pa\ngoogle.com.pe\ngoogle.com.pg\ngoogle.com.ph\ngoogle.com.pk\ngoogle.pl\ngoogle.pn\ngoogle.com.pr\ngoogle.ps\ngoogle.pt\ngoogle.com.py\ngoogle.com.qa\ngoogle.ro\ngoogle.ru\ngoogle.rw\ngoogle.com.sa\ngoogle.com.sb\ngoogle.sc\ngoogle.se\ngoogle.com.sg\ngoogle.sh\ngoogle.si\ngoogle.sk\ngoogle.com.sl\ngoogle.sn\ngoogle.so\ngoogle.sm\ngoogle.sr\ngoogle.st\ngoogle.com.sv\ngoogle.td\ngoogle.tg\ngoogle.co.th\ngoogle.com.tj\ngoogle.tk\ngoogle.tl\ngoogle.tm\ngoogle.tn\ngoogle.to\ngoogle.com.tr\ngoogle.tt\ngoogle.com.tw\ngoogle.co.tz\ngoogle.com.ua\ngoogle.co.ug\ngoogle.co.uk\ngoogle.com.uy\ngoogle.co.uz\ngoogle.com.vc\ngoogle.co.ve\ngoogle.vg\ngoogle.co.vi\ngoogle.com.vn\ngoogle.vu\ngoogle.ws\ngoogle.rs\ngoogle.co.za\ngoogle.co.zm\ngoogle.co.zw\ngoogle.cat\n' >> $DOMAIN_TEMP_FILE
printf 'Google search domains... ' && _green 'Added\n'
# Add blogspot domains
printf 'blogspot.ca\nblogspot.co.uk\nblogspot.com\nblogspot.com.ar\nblogspot.com.au\nblogspot.com.br\nblogspot.com.by\nblogspot.com.co\nblogspot.com.cy\nblogspot.com.ee\nblogspot.com.eg\nblogspot.com.es\nblogspot.com.mt\nblogspot.com.ng\nblogspot.com.tr\nblogspot.com.uy\nblogspot.de\nblogspot.gr\nblogspot.in\nblogspot.mx\nblogspot.ch\nblogspot.fr\nblogspot.ie\nblogspot.it\nblogspot.pt\nblogspot.ro\nblogspot.sg\nblogspot.be\nblogspot.no\nblogspot.se\nblogspot.jp\nblogspot.in\nblogspot.ae\nblogspot.al\nblogspot.am\nblogspot.ba\nblogspot.bg\nblogspot.ch\nblogspot.cl\nblogspot.cz\nblogspot.dk\nblogspot.fi\nblogspot.gr\nblogspot.hk\nblogspot.hr\nblogspot.hu\nblogspot.ie\nblogspot.is\nblogspot.kr\nblogspot.li\nblogspot.lt\nblogspot.lu\nblogspot.md\nblogspot.mk\nblogspot.my\nblogspot.nl\nblogspot.no\nblogspot.pe\nblogspot.qa\nblogspot.ro\nblogspot.ru\nblogspot.se\nblogspot.sg\nblogspot.si\nblogspot.sk\nblogspot.sn\nblogspot.tw\nblogspot.ug\nblogspot.cat\n' >> $DOMAIN_TEMP_FILE
printf 'Blogspot domains... ' && _green 'Added\n'
# Add twimg.edgesuite.net
printf 'twimg.edgesuite.net\n' >> $DOMAIN_TEMP_FILE
printf 'twimg.edgesuite.net... ' && _green 'Added\n'
# Delete exclude domains
if [ ! -z $EXCLUDE_DOMAIN_FILE ]; then
for line in $(cat $EXCLUDE_DOMAIN_FILE)
do
cat $DOMAIN_TEMP_FILE | grep -vF -f $EXCLUDE_DOMAIN_FILE > $DOMAIN_FILE
done
printf 'Domains in exclude domain file '$EXCLUDE_DOMAIN_FILE'... ' && _green 'Deleted\n'
else
cat $DOMAIN_TEMP_FILE > $DOMAIN_FILE
fi
# Add extra domains
if [ ! -z $EXTRA_DOMAIN_FILE ]; then
cat $EXTRA_DOMAIN_FILE >> $DOMAIN_FILE
printf 'Extra domain file '$EXTRA_DOMAIN_FILE'... ' && _green 'Added\n'
fi
if [ $OUT_TYPE = 'DNSMASQ_RULES' ]; then
# Convert domains into dnsmasq rules
if [ $WITH_IPSET -eq 1 ]; then
_green 'Ipset rules included.'
sort -u $DOMAIN_FILE | $SED_ERES 's#(.+)#server=/\1/'$DNS_IP'\#'$DNS_PORT'\
ipset=/\1/'$IPSET_NAME'#g' > $CONF_TMP_FILE
else
_green 'Ipset rules not included.'
sort -u $DOMAIN_FILE | $SED_ERES 's#(.+)#server=/\1/'$DNS_IP'\#'$DNS_PORT'#g' > $CONF_TMP_FILE
fi
# Generate output file
echo '# dnsmasq rules generated by gfwlist' > $OUT_TMP_FILE
echo "# Last Updated on $(date "+%Y-%m-%d %H:%M:%S")" >> $OUT_TMP_FILE
echo '# ' >> $OUT_TMP_FILE
cat $CONF_TMP_FILE >> $OUT_TMP_FILE
cp $OUT_TMP_FILE $OUT_FILE
else
sort -u $DOMAIN_FILE > $OUT_TMP_FILE
fi
cp $OUT_TMP_FILE $OUT_FILE
printf '\nConverting GfwList to '$OUT_TYPE'... ' && _green 'Done\n\n'
# Clean up
clean_and_exit 0
}
main() {
if [ -z "$1" ]; then
usage 0
else
check_depends
get_args "$@"
_green '\nJob Started.\n\n'
process
fi
}
main "$@"

4
package/lean/luci-app-dnsforwarder/Makefile
View File

@ -9,8 +9,8 @@ include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI for Dnsforwarder
LUCI_DEPENDS:=+dnsforwarder
LUCI_PKGARCH:=all
PKG_VERSION:=2.0.0
PKG_RELEASE:=2
PKG_VERSION:=3.0.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Dennis <openwrt@tossp.com>
PKG_LICENSE:=GPL-3.0

14
package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/general.lua
View File

@ -1,7 +1,7 @@
--Alex<1886090@gmail.com>
--Dennis<code@tossp.com>
local fs = require "nixio.fs"
local CONFIG_FILE = "/etc/dnsforwarder/dnsforwarder.conf";
local CONFIG_FILE = "/tmp/dnsforwarder.conf";
function sync_value_to_file(value, file)
value = value:gsub("\r\n?", "\n")
@ -41,15 +41,8 @@ s=m:section(TypedSection,"arguments", translate("通用配置"))
s.addremove=false
s.anonymous=true
view_enable = s:option(Flag,"enabled",translate("Enable"))
view_redir = s:option(Flag,"redir",translate("劫持所有DNS请求"),translate("自动将所有客户端的DNS请求都劫持到dnsforwarder的端口"))
view_port = s:option(Value,"port",translate("dnsforwarder监听端口"),translate("请根据下面的配置文件填写端口默认5053"))
view_port:depends({redir=1})
view_port.default="5053"
view_port.datatype="uinteger"
view_dnsmasq = s:option(Flag,"dnsmasq",translate("设置成DNSmasq的上游服务器"),translate("让DNSMasq从本软件获得解析结果支持GFWList模式"))
view_dnsmasq:depends({redir=0})
view_addr = s:option(Value,"addr",translate("转发地址"),translate("请填写dnsforwarder的监听地址,默认127.0.0.1:5053,如果填写<b><font color=\"red\">208.67.222.222:5353</font></b>那么可不通过该软件获得无污染结果"))
view_addr:depends({dnsmasq=1})
view_addr.default = "127.0.0.1:5053"
-- ---------------------------------------------------
@ -70,6 +63,11 @@ s1.anonymous=true
log_path.default="/var/log/"
log_path.readonly=true
log_path:depends ({log="true"})
gfw_enable = s1:option(Flag,"gfw",translate("使用GFW列表"))
gfw_enable.rmempty=false
gfw_enable.default="true"
gfw_enable.disabled="false"
gfw_enable.enabled="true"
udp_local = s1:option(DynamicList,"udp_local",translate("本地监听"),translate("设置在本地开启的接口的IP地址和端口可以是本地回环地址 (127.0.0.1) ,本地局域网,以及互联网<br/>如果是 IPv6 地址请在IP两端加上方括号不包含端口部分例如 [::1]:53 (本地回环)、[fe80::699c:f79a:9bb6:1]:5353<br/>如果不指定端口,则默认为 53"))
tcp_group = s1:option(DynamicList,"tcp_group",translate("解析策略(TCP)"),translate([[&lt;IP1[:PORT],IP2[:PORT],...&gt; &lt;DOMAIN1,DOMAIN2,...&gt; &lt;on|PROXY1[:PORT],PROXY2[:PORT],...&gt;<br/>
TCP <br/>