lede/package/lean/luci-app-flowoffload/root/etc/init.d/flowoffload

#!/bin/sh /etc/rc.common
# Copyright (c) 2011-2015 OpenWrt.org

START=60

DNSMASQ_RESTART=N
DNS_SERVER="114.114.114.114,114.114.115.115"

start_pdnsd() {
  DNS_SERVER=$(uci get flowoffload.@flow[0].dns_server 2>/dev/null)

	[ -d /var/etc ] || mkdir -p /var/etc
	
  if [ ! -f /var/dnscache/pdnsd.cache ]; then
    mkdir -p /var/dnscache
    echo -ne "pd13\000\000\000\000" > /var/dnscache/pdnsd.cache
    chown -R nobody.nogroup /var/dnscache
	fi
	
	cat > /var/etc/dnscache.conf <<EOF
global {
    perm_cache=1024;        # dns缓存大小，单位KB，建议不要写的太大
    cache_dir="/var/dnscache";     # 缓存文件的位置
    pid_file = /var/run/dnscache.pid;
    server_ip = 0.0.0.0;        # pdnsd监听的网卡，0.0.0.0是全部网卡
    server_port=5333;           # pdnsd监听的端口，不要和别的服务冲突即可
    status_ctl = on;
    paranoid=on;                  # 二次请求模式，如果请求主DNS服务器返回的是垃圾地址，就向备用服务器请求
    query_method=udp_only;      
    neg_domain_pol = off;  
    par_queries = 400;          # 最多同时请求数
    min_ttl = 1h;               # DNS结果最短缓存时间
    max_ttl = 1w;               # DNS结果最长缓存时间
    timeout = 10;               # DNS请求超时时间，单位秒
}

server {  
    label = "routine";         
    ip = $DNS_SERVER;     # 这里为主要上级 dns 的 ip 地址，建议填写一个当地最快的DNS地址  
    timeout = 5;              # DNS请求超时时间
    reject = 74.125.127.102,  # 以下是脏IP，也就是DNS污染一般会返回的结果，如果收到如下DNS结果会触发二次请求（TCP协议一般不会碰到脏IP）
        74.125.155.102,  
        74.125.39.102,  
        74.125.39.113,  
        209.85.229.138,  
        128.121.126.139,  
        159.106.121.75,  
        169.132.13.103,  
        192.67.198.6,  
        202.106.1.2,  
        202.181.7.85,  
        203.161.230.171,  
        203.98.7.65,  
        207.12.88.98,  
        208.56.31.43,  
        209.145.54.50,  
        209.220.30.174,  
        209.36.73.33,  
        211.94.66.147,  
        213.169.251.35,  
        216.221.188.182,  
        216.234.179.13,  
        243.185.187.39,  
        37.61.54.158,  
        4.36.66.178,  
        46.82.174.68,  
        59.24.3.173,  
        64.33.88.161,  
        64.33.99.47,  
        64.66.163.251,  
        65.104.202.252,  
        65.160.219.113,  
        66.45.252.237,  
        69.55.52.253,  
        72.14.205.104,  
        72.14.205.99,  
        78.16.49.15,  
        8.7.198.45,  
        93.46.8.89,  
        37.61.54.158,  
        243.185.187.39,  
        190.93.247.4,  
        190.93.246.4,  
        190.93.245.4,  
        190.93.244.4,  
        65.49.2.178,  
        189.163.17.5,  
        23.89.5.60,  
        49.2.123.56,  
        54.76.135.1,  
        77.4.7.92,  
        118.5.49.6,  
        159.24.3.173,  
        188.5.4.96,  
        197.4.4.12,  
        220.250.64.24,  
        243.185.187.30,  
        249.129.46.48,  
        253.157.14.165;  
    reject_policy = fail;  
}

server {  
    label = "special";                  # 这个随便写  
    ip = 208.67.222.222,208.67.220.220; # 这里为备用DNS服务器的 ip 地址  
    port = 5353;                        # 推荐使用53以外的端口（DNS服务器必须支持） 
    proxy_only = on;
    timeout = 5;  
}  

source {
	owner=localhost;
//	serve_aliases=on;
	file="/etc/hosts";
}

rr {
	name=localhost;
	reverse=on;
	a=127.0.0.1;
	owner=localhost;
	soa=localhost,root.localhost,42,86400,900,86400,86400;
}
EOF

	/usr/sbin/dnscache -c /var/etc/dnscache.conf -d && echo "Start DNS Cache"
}

stop_pdnsd() {
  kill $(pidof dnscache) >/dev/null 2>&1 || killall -9 dnscache >/dev/null 2>&1 
  echo "Stop DNS Cache"
}

change_dns() {
 	uci delete dhcp.@dnsmasq[0].server >/dev/null 2>&1
	uci add_list dhcp.@dnsmasq[0].server=127.0.0.1#5333
	uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
	uci set dhcp.@dnsmasq[0].noresolv=0
	uci commit dhcp
}

revert_dns() {
	uci del_list dhcp.@dnsmasq[0].server=127.0.0.1#5333 >/dev/null 2>&1
	uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
	uci set dhcp.@dnsmasq[0].noresolv=0
	uci commit dhcp
}

start(){
  dns=$(uci get flowoffload.@flow[0].dns 2>/dev/null)
  if [ $dns -eq 1 ];  then
    start_pdnsd
    change_dns
  fi
  uci set firewall.@defaults[0].flow_offloading=$(uci get flowoffload.@flow[0].flow_offloading)
  uci set firewall.@defaults[0].flow_offloading_hw=$(uci get flowoffload.@flow[0].flow_offloading_hw)
  uci commit firewall
  if [ "$DNSMASQ_RESTART" = N ]; then
    /etc/init.d/dnsmasq restart && echo "DNSMASQ change"
    /etc/init.d/firewall restart
  fi
}

stop(){
    dns=$(uci get firewall.@defaults[0].dns 2>/dev/null)
	  stop_pdnsd
    revert_dns
    uci set firewall.@defaults[0].flow_offloading=$(uci get flowoffload.@flow[0].flow_offloading)
    uci set firewall.@defaults[0].flow_offloading_hw=$(uci get flowoffload.@flow[0].flow_offloading_hw)
    uci commit firewall
	  if [ "$DNSMASQ_RESTART" = N ]; then
      /etc/init.d/dnsmasq restart && echo "DNSMASQ revert"
      /etc/init.d/firewall restart
    fi
}

restart(){
    DNSMASQ_RESTART=Y
    stop
    start
	  /etc/init.d/dnsmasq restart && echo "DNSMASQ restart"
    /etc/init.d/firewall restart
}