From b5c42d4d3472a11eac90975a3db64398a643ac19 Mon Sep 17 00:00:00 2001 From: TossPig Date: Sun, 18 Nov 2018 19:01:52 +0800 Subject: [PATCH] add pkg dnsforwarder luci-app-dnsforwarder --- package/lean/dnsforwarder/Makefile | 48 +++++ .../files/etc/config/dnsforwarder | 78 ++++++++ .../files/etc/init.d/dnsforwarder | 185 +++++++++++++++++ package/lean/luci-app-dnsforwarder/Makefile | 19 ++ .../luasrc/controller/dnsforwarder.lua | 10 + .../luasrc/model/cbi/dnsforwarder/general.lua | 187 ++++++++++++++++++ .../luasrc/model/cbi/dnsforwarder/log.lua | 31 +++ .../po/zh-cn/dnsforwarder.zh-cn.po | 8 + 8 files changed, 566 insertions(+) create mode 100644 package/lean/dnsforwarder/Makefile create mode 100644 package/lean/dnsforwarder/files/etc/config/dnsforwarder create mode 100644 package/lean/dnsforwarder/files/etc/init.d/dnsforwarder create mode 100644 package/lean/luci-app-dnsforwarder/Makefile create mode 100644 package/lean/luci-app-dnsforwarder/luasrc/controller/dnsforwarder.lua create mode 100644 package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/general.lua create mode 100644 package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/log.lua create mode 100644 package/lean/luci-app-dnsforwarder/po/zh-cn/dnsforwarder.zh-cn.po diff --git a/package/lean/dnsforwarder/Makefile b/package/lean/dnsforwarder/Makefile new file mode 100644 index 000000000..1e9aac20e --- /dev/null +++ b/package/lean/dnsforwarder/Makefile @@ -0,0 +1,48 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=dnsforwarder +PKG_VERSION:=6.1.15 +PKG_RELEASE:=5 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/holmium/dnsforwarder.git +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=587e61ae4d75dc976f538088b715a3c8ee26c144 +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_MAINTAINER:=Dennis +PKG_LICENSE:=GPL-3.0 + +include $(INCLUDE_DIR)/package.mk + +define Package/$(PKG_NAME) + SECTION:=net + CATEGORY:=Network + TITLE:=A simple DNS forwarder + URL:=https://github.com/holmium/dnsforwarder + DEPENDS:=+wget +dnsmasq-full +libpthread +coreutils-base64 +endef + +define Package/$(PKG_NAME)/description +Forwarding queries to customized domains (and their subdomains) to specified servers over a specified protocol (UDP or TCP). non-standard ports are supported. +endef + + +define Package/$(PKG_NAME)/conffiles +/etc/dnsforwarder/dnsforwarder.conf +endef + +CONFIGURE_ARGS += --enable-downloader=wget + +define Package/$(PKG_NAME)/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/dnsforwarder $(1)/usr/bin/dnsforwarder + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) files/etc/init.d/dnsforwarder $(1)/etc/init.d/dnsforwarder + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) files/etc/config/dnsforwarder $(1)/etc/config/dnsforwarder + $(INSTALL_DIR) $(1)/etc/dnsforwarder + $(INSTALL_CONF) $(PKG_BUILD_DIR)/default.config $(1)/etc/dnsforwarder/dnsforwarder.conf +endef + +$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/package/lean/dnsforwarder/files/etc/config/dnsforwarder b/package/lean/dnsforwarder/files/etc/config/dnsforwarder new file mode 100644 index 000000000..e66499c2e --- /dev/null +++ b/package/lean/dnsforwarder/files/etc/config/dnsforwarder @@ -0,0 +1,78 @@ + +config arguments + option enabled '0' + option addr '127.0.0.1:5053' + +config config + option cache 'true' + option cache_size '102400' + option cache_ignore 'false' + list block_ip '74.125.127.102' + list block_ip '74.125.155.102' + list block_ip '74.125.39.102' + list block_ip '74.125.39.113' + list block_ip '209.85.229.138' + list block_ip '128.121.126.139' + list block_ip '159.106.121.75' + list block_ip '169.132.13.103' + list block_ip '192.67.198.6' + list block_ip '202.106.1.2' + list block_ip '202.181.7.85' + list block_ip '203.161.230.171' + list block_ip '203.98.7.65' + list block_ip '207.12.88.98' + list block_ip '208.56.31.43' + list block_ip '209.145.54.50' + list block_ip '209.220.30.174' + list block_ip '209.36.73.33' + list block_ip '211.94.66.147' + list block_ip '213.169.251.35' + list block_ip '216.221.188.182' + list block_ip '216.234.179.13' + list block_ip '243.185.187.39' + list block_ip '37.61.54.158' + list block_ip '4.36.66.178' + list block_ip '46.82.174.68' + list block_ip '59.24.3.173' + list block_ip '64.33.88.161' + list block_ip '64.33.99.47' + list block_ip '64.66.163.251' + list block_ip '65.104.202.252' + list block_ip '65.160.219.113' + list block_ip '66.45.252.237' + list block_ip '69.55.52.253' + list block_ip '72.14.205.104' + list block_ip '72.14.205.99' + list block_ip '78.16.49.15' + list block_ip '8.7.198.45' + list block_ip '93.46.8.89' + list block_ip '37.61.54.158' + list block_ip '243.185.187.39' + list block_ip '190.93.247.4' + list block_ip '190.93.246.4' + list block_ip '190.93.245.4' + list block_ip '190.93.244.4' + list block_ip '65.49.2.178' + list block_ip '189.163.17.5' + list block_ip '23.89.5.60' + list block_ip '49.2.123.56' + list block_ip '54.76.135.1' + list block_ip '77.4.7.92' + list block_ip '118.5.49.6' + list block_ip '159.24.3.173' + list block_ip '188.5.4.96' + list block_ip '197.4.4.12' + list block_ip '220.250.64.24' + list block_ip '243.185.187.30' + list block_ip '249.129.46.48' + list block_ip '253.157.14.165' + option block_ipv6 'false' + list cache_control 'tossp.com $orig' + list cache_control '* fixed 3600' + option log 'false' + list udp_group '9.9.9.9,119.29.29.29,223.5.5.5,114.114.114.114 * on' + option block_negative_resp 'true' + list udp_local '0.0.0.0:5053' + list udp_local '[::0]:5053' + option domain_statistic 'false' + diff --git a/package/lean/dnsforwarder/files/etc/init.d/dnsforwarder b/package/lean/dnsforwarder/files/etc/init.d/dnsforwarder new file mode 100644 index 000000000..cca133a9a --- /dev/null +++ b/package/lean/dnsforwarder/files/etc/init.d/dnsforwarder @@ -0,0 +1,185 @@ +#!/bin/sh /etc/rc.common + +START=97 + +DNSFORWARDER_CONF=/etc/dnsforwarder/dnsforwarder.conf +PID_PATH=/var/run/dnsforwarder/ +PID_FILE=dns.pid + + + +fixflowoffload(){ + dns=$(uci get flowoffload.@flow[0].dns 2>/dev/null) + if [ $dns -eq 1 ]; then + uci set flowoffload.@flow[0].dns=0 && uci commit flowoffload + /etc/init.d/flowoffload restart + fi +} + +makelist() { + [ -z "$2" ] && return + local i + local t="$1"; shift + for i in "$@" + do + echo "$t $i" + done +} + +makeconfig () { + config_load dnsforwarder + + local log=$(uci get dnsforwarder.@config[0].log 2>/dev/null) + local log_size=$(uci get dnsforwarder.@config[0].log_size 2>/dev/null) + + local udp_local=$(uci -d ',' get dnsforwarder.@config[0].udp_local 2>/dev/null) + local tcp_group=$(uci get dnsforwarder.@config[0].tcp_group 2>/dev/null) + local udp_group=$(uci get dnsforwarder.@config[0].udp_group 2>/dev/null) + local group_file=$(uci get dnsforwarder.@config[0].group_file 2>/dev/null) + local block_ip=$(uci -d ',' get dnsforwarder.@config[0].block_ip 2>/dev/null) + local ip_substituting=$(uci -d ',' get dnsforwarder.@config[0].ip_substituting 2>/dev/null) + local block_negative_resp=$(uci get dnsforwarder.@config[0].block_negative_resp 2>/dev/null) + local append_host=$(uci get dnsforwarder.@config[0].append_host 2>/dev/null) + local block_ipv6=$(uci get dnsforwarder.@config[0].block_ipv6 2>/dev/null) + + local cache=$(uci get dnsforwarder.@config[0].cache 2>/dev/null) + local cache_size=$(uci get dnsforwarder.@config[0].cache_size 2>/dev/null) + local cache_ignore=$(uci get dnsforwarder.@config[0].cache_ignore 2>/dev/null) + local cache_control=$(uci get dnsforwarder.@config[0].cache_control 2>/dev/null) + + local domain_statistic=$(uci get dnsforwarder.@config[0].domain_statistic 2>/dev/null) + + echo "LogOn ${log}" > $DNSFORWARDER_CONF + if [ $log = "true" ]; then + echo "LogFileThresholdLength ${log_size}" >> $DNSFORWARDER_CONF + echo "LogFileFolder /var/log" >> $DNSFORWARDER_CONF + fi + [ -n "$udp_local" ] && echo "UDPLocal ${udp_local}" >> $DNSFORWARDER_CONF + + eval "makelist 'TCPGroup' $tcp_group" >> $DNSFORWARDER_CONF + eval "makelist 'UDPGroup' $udp_group" >> $DNSFORWARDER_CONF + eval "makelist 'GroupFile' $group_file" >> $DNSFORWARDER_CONF + + echo "BlockIP ${block_ip}" >> $DNSFORWARDER_CONF + eval "makelist 'IPSubstituting' $ip_substituting" >> $DNSFORWARDER_CONF + echo "BlockNegativeResponse ${block_negative_resp}" >> $DNSFORWARDER_CONF + eval "makelist 'AppendHosts' $append_host" >> $DNSFORWARDER_CONF + echo "BlockIpv6WhenIpv4Exists ${block_ipv6}" >> $DNSFORWARDER_CONF + + echo "UseCache ${cache}" >> $DNSFORWARDER_CONF + if [ $cache = "true" ]; then + echo "CacheSize ${cache_size}" >> $DNSFORWARDER_CONF + echo "MemoryCache false" >> $DNSFORWARDER_CONF + echo "CacheFile /tmp/dnsforwarder.cache" >> $DNSFORWARDER_CONF + echo "IgnoreTTL ${cache_ignore}" >> $DNSFORWARDER_CONF + eval "makelist 'CacheControl' $cache_control" >> $DNSFORWARDER_CONF + echo "ReloadCache true" >> $DNSFORWARDER_CONF + echo "OverwriteCache true" >> $DNSFORWARDER_CONF + fi + echo "DomainStatistic ${domain_statistic}" >> $DNSFORWARDER_CONF + if [ $domain_statistic = "true" ]; then + local domain_statistic_tag='' + echo "DomainStatisticTempletFile /tmp/dnsforwarder-statistic.html" >> $DNSFORWARDER_CONF + echo "StatisticInsertionPosition ${domain_statistic_tag}" >> $DNSFORWARDER_CONF + echo "StatisticUpdateInterval 60" >> $DNSFORWARDER_CONF + echo "${domain_statistic_tag}" > /tmp/dnsforwarder-statistic.html + fi + + + cat $DNSFORWARDER_CONF +} + +start() +{ + echo luci for dnsforwarder + local vt_enabled=$(uci get dnsforwarder.@arguments[0].enabled 2>/dev/null) + if [ $vt_enabled = 0 ]; then + echo dnsforwarder is not enabled + exit + fi + makeconfig + fixflowoffload + dnsforwarder -f $DNSFORWARDER_CONF -d + mkdir -p $PID_PATH + pid=$(ps | awk '$5 ~ /\[dnsforwarder\]/ {print $1}') + echo dnsforwarder running pid is $pid + logger -t The pid of dnsforwarder is $PID_PATH/$PID_FILE $pid + echo $pid > $PID_PATH/$PID_FILE + /etc/init.d/dnsforwarder enable + local redir=$(uci get dnsforwarder.@arguments[0].redir 2>/dev/null) + local port=$(uci get dnsforwarder.@arguments[0].port 2>/dev/null) + local dnsmasq=$(uci get dnsforwarder.@arguments[0].dnsmasq 2>/dev/null) + local addr=$(uci get dnsforwarder.@arguments[0].addr 2>/dev/null) + [ -n "$addr" ] && addr=${addr/:/#} + iptables -t nat -N DNSFORWARDER + iptables -t nat -F DNSFORWARDER + if [ $redir = 1 ]; then + iptables -t nat -A DNSFORWARDER -p udp --dport 53 -j REDIRECT --to-ports $port + iptables -t nat -I PREROUTING -j DNSFORWARDER + fi + + if [ $dnsmasq = 1 ]; then + uci delete dhcp.@dnsmasq[0].server + uci add_list dhcp.@dnsmasq[0].server=$addr + uci delete dhcp.@dnsmasq[0].resolvfile + uci set dhcp.@dnsmasq[0].noresolv=1 + uci commit dhcp + /etc/init.d/dnsmasq restart + fi +} + +stop() +{ + logger -t stopping dnsforwarder + local addr=$(uci get dnsforwarder.@arguments[0].addr 2>/dev/null) + addr=${addr/:/#} + uci del_list dhcp.@dnsmasq[0].server=$addr 2>/dev/null + uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto 2>/dev/null + uci delete dhcp.@dnsmasq[0].noresolv 2>/dev/null + uci commit dhcp + [ -e $PID_PATH/$PID_FILE ] && { + pid=$(cat $PID_PATH/$PID_FILE) + logger -t killing dnsforwarder pid $pid + echo killing dnsforwarder pid $pid + kill $pid + rm -f $PID_PATH/$PID_FILE + } || { + logger -t Cannot find dnsforwarder pid file + } + iptables -t nat -F DNSFORWARDER 2>/dev/null + while iptables -t nat -D PREROUTING -j DNSFORWARDER 2>/dev/null; do :; done + iptables -t nat -X DNSFORWARDER 2>/dev/null + /etc/init.d/dnsmasq restart +} + +restart() +{ + pid=$(cat $PID_PATH/$PID_FILE 2>/dev/null) + echo Dnsforwarder pid file is $pid + [ -n "$pid" ] && { + echo stopping pid $pid + logger -t There is dnsforwarder pid $pid + stop + } || { + logger -t Dnsforwarder is not running + } + sleep 1s + local vt_enabled=$(uci get dnsforwarder.@arguments[0].enabled 2>/dev/null) + echo dnsforwarder status is $vt_enabled + logger -t Dnsforwarder is initializing enabled is $vt_enabled + if [ $vt_enabled = 1 ]; then + [ -n "$pid" ] && { + logger -t There is dnsforwarder pid $pid + stop + } || { + logger -t Dnsforwarder is not running + } + + logger -t Restarting dnsforwarder + start + else + /etc/init.d/dnsforwarder disable + fi +} + +EXTRA_COMMANDS="makeconfig" diff --git a/package/lean/luci-app-dnsforwarder/Makefile b/package/lean/luci-app-dnsforwarder/Makefile new file mode 100644 index 000000000..e33c45d52 --- /dev/null +++ b/package/lean/luci-app-dnsforwarder/Makefile @@ -0,0 +1,19 @@ +# +# Copyright (C) 2008-2014 The LuCI Team +# +# This is free software, licensed under the Apache License, Version 2.0 . +# + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=LuCI for Dnsforwarder +LUCI_DEPENDS:=+dnsforwarder +LUCI_PKGARCH:=all +PKG_VERSION:=2.0.0 +PKG_RELEASE:=2 +PKG_MAINTAINER:=Dennis +PKG_LICENSE:=GPL-3.0 + +include $(TOPDIR)/feeds/luci/luci.mk + +# call BuildPackage - OpenWrt buildroot signature \ No newline at end of file diff --git a/package/lean/luci-app-dnsforwarder/luasrc/controller/dnsforwarder.lua b/package/lean/luci-app-dnsforwarder/luasrc/controller/dnsforwarder.lua new file mode 100644 index 000000000..a04c8b1f3 --- /dev/null +++ b/package/lean/luci-app-dnsforwarder/luasrc/controller/dnsforwarder.lua @@ -0,0 +1,10 @@ +module("luci.controller.dnsforwarder", package.seeall) +function index() + if not nixio.fs.access("/etc/config/dnsforwarder") then + return + end + entry({"admin", "services", "dnsforwarder"},alias("admin", "services", "dnsforwarder","general"),_("Dnsforwarder")).dependent = true + entry({"admin", "services", "dnsforwarder","general"}, cbi("dnsforwarder/general"),_("General"),10).leaf = true + entry({"admin", "services", "dnsforwarder","log"}, cbi("dnsforwarder/log"),_("LOG"),30).leaf = true + +end \ No newline at end of file diff --git a/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/general.lua b/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/general.lua new file mode 100644 index 000000000..0f61edd0b --- /dev/null +++ b/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/general.lua @@ -0,0 +1,187 @@ +--Alex<1886090@gmail.com> +--Dennis +local fs = require "nixio.fs" +local CONFIG_FILE = "/etc/dnsforwarder/dnsforwarder.conf"; + +function sync_value_to_file(value, file) + value = value:gsub("\r\n?", "\n") + local old_value = nixio.fs.readfile(file) + if value ~= old_value then + nixio.fs.writefile(file, value) + end + +end +local state_msg = "" + +local dnsforwarder_on = (luci.sys.call("pidof dnsforwarder > /dev/null") == 0) +local resolv_file = luci.sys.exec("uci get dhcp.@dnsmasq[0].resolvfile") +local listen_port = luci.sys.exec("uci get dhcp.@dnsmasq[0].server") + +if dnsforwarder_on then + state_msg = "" .. translate("Running") .. "" +else + state_msg = "" .. translate("Not running") .. "" +end + + +if dnsforwarder_on and string.sub(listen_port,1,14) == "127.0.0.1#5053" then + state_msg=state_msg .. ",DNSmasq已经将流量定向至本软件" +elseif dnsforwarder_on then + state_msg=state_msg .. "" +end + +if resolv_file=="" then + +else if dnsforwarder_on then + state_msg=state_msg .. "" + end +end +m=Map("dnsforwarder",translate("dnsforwarder"),translate("Dnsforwarder是企业级DNS服务器,可以通过TCP协议进行DNS解析,可以方便的使用iptables进行透明代理,配合ipset、GFWList使用效果更佳。默认上游服务器为114DNS,SSR和Redsocks的GFWList模式要依赖本软件包提供的功能").. "

状态 - " .. state_msg) +s=m:section(TypedSection,"arguments", translate("通用配置")) +s.addremove=false +s.anonymous=true + view_enable = s:option(Flag,"enabled",translate("Enable")) + view_redir = s:option(Flag,"redir",translate("劫持所有DNS请求"),translate("自动将所有客户端的DNS请求都劫持到dnsforwarder的端口")) + view_port = s:option(Value,"port",translate("dnsforwarder监听端口"),translate("请根据下面的配置文件填写端口,默认5053")) + view_port:depends({redir=1}) + view_port.default="5053" + view_port.datatype="uinteger" + view_dnsmasq = s:option(Flag,"dnsmasq",translate("设置成DNSmasq的上游服务器"),translate("让DNSMasq从本软件获得解析结果,支持GFWList模式")) + view_dnsmasq:depends({redir=0}) + view_addr = s:option(Value,"addr",translate("转发地址"),translate("请填写dnsforwarder的监听地址,默认127.0.0.1:5053,如果填写208.67.222.222:5353那么可不通过该软件获得无污染结果")) + view_addr:depends({dnsmasq=1}) + view_addr.default = "127.0.0.1:5053" + +-- --------------------------------------------------- +s1=m:section(TypedSection,"config",translate("标准配置")) +s1.addremove=false +s1.anonymous=true + log_enable = s1:option(Flag,"log",translate("打开文件日志")) + log_enable.rmempty=false + log_enable.default="false" + log_enable.disabled="false" + log_enable.enabled="true" + log_size = s1:option(Value,"log_size",translate("单个日志文件大小的临界值(字节)"),translate("当日志文件大小超过这个临界值后,当前的日志文件将会被重命名,然后建立一个新的日志文件,继续记录日志")) + log_size.datatype="uinteger" + log_size.default="102400" + log_size:depends ({log="true"}) + log_path = s1:option(Value,"log_path",translate("设定日志文件所在的文件夹"),translate("日志文件初始的文件名为 `dnsforwarder.log',当超过临界值之后,将会被重命名为 `dnsforwarder.log.1'、`dnsforwarder.log.2' 等等,然后重新建立一个 dnsforwarder.log' 文件")) + log_path.datatype="directory" + log_path.default="/var/log/" + log_path.readonly=true + log_path:depends ({log="true"}) + udp_local = s1:option(DynamicList,"udp_local",translate("本地监听"),translate("设置在本地开启的接口的IP地址和端口,可以是本地回环地址 (127.0.0.1) ,本地局域网,以及互联网
如果是 IPv6 地址,请在IP两端加上方括号(不包含端口部分),例如 [::1]:53 (本地回环)、[fe80::699c:f79a:9bb6:1]:5353
如果不指定端口,则默认为 53")) + tcp_group = s1:option(DynamicList,"tcp_group",translate("解析策略(TCP)"),translate([[格式:<IP1[:PORT],IP2[:PORT],...> <DOMAIN1,DOMAIN2,...> <on|PROXY1[:PORT],PROXY2[:PORT],...>
+ 设置一个 TCP 上游服务器组,并指定通过这些上游服务器查询的域名
+ 第一部分参数“<IP1[:PORT],IP2[:PORT],...>”,用于指定 TCP 上游服务器,不写端口则默认使用 53 端口
+ 第二部分参数“<DOMAIN1,DOMAIN2,...>”,用于指定通过这些 TCP 上游服务器查询的域名,可以包含通配符
+ 第三部分参数“<no|PROXY1[:PORT],PROXY2[:PORT],...>”,用于指定查询时使用的 Socks5 代理,不写端口则默认使用 1080 端口。`no' 代表不使用代理]])) + tcp_group.placeholder = "8.8.8.8 * on" + tcp_group.default=tcp_group.placeholder + udp_group = s1:option(DynamicList,"udp_group",translate("解析策略(UDP)"),translate([[格式:<IP1[:PORT],IP2[:PORT],...> <DOMAIN1,DOMAIN2,...> <on|off>
+ 设置一个 UDP 上游服务器组,并指定通过这些上游服务器查询的域名
+ 第一部分参数“<IP1[:PORT],IP2[:PORT],...>”,用于指定 UDP 上游服务器,不写端口则默认使用 53 端口
+ 第二部分参数“<DOMAIN1,DOMAIN2,...>”,用于指定通过这些 UDP 上游服务器查询的域名,可以包含通配符
+ 第三部分参数“<on|off>”,用于指定是否开启并发查询,`on' 为开启,`off' 为不开启
+ 并发查询指的是,向所有指定的 UDP 服务器发送查询请求,取最先接受到的未屏蔽的回复作为查询结果,并丢弃其余的回复]])) + udp_group.placeholder = "9.9.9.9,119.29.29.29,223.5.5.5,114.114.114.114 * on" + udp_group.default=udp_group.placeholder + group_file = s1:option(DynamicList,"group_file",translate("解析策略(文件)"),translate([[ + 从文件加载服务器组, + 服务器组文件的写法点击这里查看。]])) + group_file.datatype="file" + s1:option(DummyValue,"nothing"," ",translate([[ + 解析策略优先级:解析策略(TCP)>解析策略(UDP)>解析策略(文件)
+ 1.对于没有指定服务器的域名,会随机选择一个服务器组进行查询。
+ 2.如果某域名匹配多个服务器组,则选择的顺序如下:
+ 2.1 优先选择不含通配符的匹配项,如果仍然有多条匹配,则选择匹配度最高的那个, + 如果匹配度相同的情况下仍然有多条匹配,则选择最后一个。 + (例如 `ipv6.microsoft.com' 比 `microsoft.com' 对于域名 `teredo.ipv6.microsoft.com' 的匹配度更高)
+ 2.2 然后选择包含通配符的匹配项,如果有多条匹配,则选择第一个. + ]])) + block_ip = s1:option(DynamicList,"block_ip",translate("DNS黑名单"),translate("阻挡含有以上 IP 地址的 DNS 数据包,IPv6 地址不用加方括号")) + block_ip.datatype="ipaddr" + block_ip.delimiter = "," + ip_substituting = s1:option(DynamicList,"ip_substituting",translate("替换 DNS 数据包"),translate("替换 DNS 数据包中的 IP 地址(只支持 IPv4 地址),例如:
127.0.0.1 1.2.0.127的效果是把 DNS 数据包中所有的 127.0.0.1 地址替换为 1.2.0.127,仅替换通过服务器(TCP 和 UDP)查询而来的 DNS 数据包,对于缓存中和 Hosts 中的结果无效")) + ip_substituting.placeholder = "127.0.0.1 1.2.0.127" + block_negative_resp = s1:option(Flag,"block_negative_resp",translate("过滤失败请求"),translate("是否过滤来自上游服务器的查询未成功的响应。查询未成功指:格式错误、服务器错误、域名不存在和服务器拒绝请求等,参见 RFC 6895,`2.3. RCODE Assignment'")) + block_negative_resp.rmempty=false + block_negative_resp.default="false" + block_negative_resp.disabled="false" + block_negative_resp.enabled="true" + append_host = s1:option(DynamicList,"append_host",translate("附加hosts"),translate([[ + 写法与HOSTS文件中的一样,同样支持通配符,IPv6 地址不用加方括号
+ 也可以定义 CName 的 Hosts 项,例如:www.google.cn *.google.com,这样所有匹配 *.google.com 的域名都将指向 www.google.cn 的 IP 地址
+ 如果使某些域名跳过在 hosts 中的查询,可以@@ *.012345.com这样所有匹配 *.012345.com 的域名都不会在 hosts 中查询
+ 各种 hosts 的优先级从高到低:1.带 `@@' 的禁止项 2.一般 hosts 项 3.CName hosts 项
+ ]])) + block_ipv6 = s1:option(Flag,"block_ipv6",translate("拒绝IPv6 地址"),translate("如果一个域名在 Hosts 被指定了一个 IPv4 地址(包括文件 Hosts 和 `AppendHosts' 指定的 Hosts),那么拒绝对这个域名的 IPv6 地址查询")) + block_ipv6.rmempty=false + block_ipv6.default="false" + block_ipv6.disabled="false" + block_ipv6.enabled="true" + + cache = s1:option(Flag,"cache",translate("使用缓存"),translate("是否使用缓存")) + cache.rmempty=false + cache.default="false" + cache.disabled="false" + cache.enabled="true" + cache_size = s1:option(Value,"cache_size",translate("缓存大小 (字节)"),translate("缓存大小不能小于 102400 (100KB)")) + cache_size.datatype="min(102400)" + cache_size.default="1048576" + cache_size:depends ({cache="true"}) + cache_file = s1:option(Value,"cache_file",translate("缓存文件")) + cache_file.default="/tmp/dnsforwarder.cache" + cache_file.readonly=true + cache_file:depends ({cache="true"}) + cache_ignore = s1:option(Flag,"cache_ignore",translate("忽略TTL"),translate("为 `true' 时将忽略 TTL,此时所有的缓存条目将不会被移除,为 `false' 时不忽略 TTL,缓存条目将会按照 TTL 的时间来移除")) + cache_ignore.rmempty=false + cache_ignore.default="false" + cache_ignore.disabled="false" + cache_ignore.enabled="true" + cache_ignore:depends ({cache="true"}) + cache_control = s1:option(DynamicList,"cache_control",translate("控制域名的缓存行为"),translate([[ + 单条格式:<DOMAIN> [$ [$] ]<TYPE> [ARGUMENT]
+ <DOMAIN> 是域名;[$ [$] ] 是传染设定;<TYPE> 是类型;[ARGUMENT] 是参数
+ <DOMAIN> 支持通配符,支持尾部匹配
+ <TYPE> 有以下可选项(均为小写):
+     orig : 使用原先的 TTL,即不改变指定域名记录的 TTL,此类型无需 [ARGUMENT] 参数
+     nocache : 不缓存指定域名记录,此类型无需 [ARGUMENT] 参数
+    fixed : 将指定域名记录的 TTL 修改为一个预先指定的常数值,这个值通过 [ARGUMENT] 参数指定
+     vari : 将指定域名记录的 TTL 修改为一个预先规定的变量,这个变量通过 [ARGUMENT] 参数指定,此时 [ARGUMENT] 参数的格式为 `ax+b',其中 a、b 为非负整数(需用户手工指定),x 为记录原先的 TTL 值(不需要用户指定)。此选项必须为 `ax+b' 的形式,不能是 `ax-b' 或者其它的变体形
+
传染机制:
+     主动传染 (此为默认情况):主动传染 : 所有的域名记录不论是否存在单独指定的控制条目,均使用上级域名控制条目
+     被动传染(<TYPE> 前加一个 `$'): 如果存在单独指定的控制条目,那么使用单独指定的控制条目,否则使用上级域名的控制条目
+     不传染( 前加两个 `$'): 如果存在单独指定的控制条目,那么使用单独指定的控制条目,如果没有则不修改记录的 TTL 值
+ 只有被查询的域名控制条目才具有传染性质
+
常见例子:
+ * fixed 300强制使所有缓存的条目的 TTL 为 300
+ * vari 2x+0将所有缓存条目的 TTL 加倍。即原来为300,现在为600
+ ]])) + cache_control:depends ({cache="true"}) + + domain_statistic = s1:option(Flag,"domain_statistic",translate("启用域名统计"),translate("域名信息统计会依照模板文件记录域名的查询情况目前只能生成到/root/.dnsforwarder/statistic.html会影响闪存寿命不建议开启")) + domain_statistic.rmempty=false + domain_statistic.default="false" + domain_statistic.disabled="false" + domain_statistic.enabled="true" + + view_cfg = s1:option(TextValue, "1", nil) + view_cfg.rmempty = false + view_cfg.rows = 24 + view_cfg.readonly=true + + function view_cfg.cfgvalue() + return nixio.fs.readfile(CONFIG_FILE) or "" + end + function view_cfg.write(self, section, value) + end + +-- --------------------------------------------------- +local apply = luci.http.formvalue("cbi.apply") +if apply then + os.execute("/etc/init.d/dnsforwarder makeconfig >/dev/null 2>&1 &") + os.execute("/etc/init.d/dnsforwarder restart >/dev/null 2>&1 &") +end + +return m diff --git a/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/log.lua b/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/log.lua new file mode 100644 index 000000000..9a4830e6b --- /dev/null +++ b/package/lean/luci-app-dnsforwarder/luasrc/model/cbi/dnsforwarder/log.lua @@ -0,0 +1,31 @@ +local fs = require "nixio.fs" +local log = "/var/log/dnsforwarder.log" + +function sync_value_to_file(value, file) + value = value:gsub("\r\n?", "\n") + local old_value = nixio.fs.readfile(file) + if value ~= old_value then + nixio.fs.writefile(file, value) + end +end + +m = Map("dnsforwarder", translate("运行日志"),translate("如果想观察日志,需要在配置文件中写明LogOn true 和 LogFileFolder /var/log")) +s=m:section(TypedSection,"arguments","") +s.addremove=false +s.anonymous=true + + + + +gfwlist = s:option(TextValue, "gfwlist",nil, nil) +gfwlist.description = translate("日志文件默认位置:" .. log) +gfwlist.rows = 26 +gfwlist.wrap = "off" +gfwlist.cfgvalue = function(self, section) + return fs.readfile(log) or "" +end + + + + +return m \ No newline at end of file diff --git a/package/lean/luci-app-dnsforwarder/po/zh-cn/dnsforwarder.zh-cn.po b/package/lean/luci-app-dnsforwarder/po/zh-cn/dnsforwarder.zh-cn.po new file mode 100644 index 000000000..dbd444848 --- /dev/null +++ b/package/lean/luci-app-dnsforwarder/po/zh-cn/dnsforwarder.zh-cn.po @@ -0,0 +1,8 @@ +msgid "Enable" +msgstr "启用" + +msgid "Running" +msgstr "运行中" + +msgid "Not running" +msgstr "未运行"