luci-app-passwall: update to 24.12.08

applications/luci-app-passwall/Makefile

@@ -6,7 +6,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-passwall
-PKG_VERSION:=24.12.1
+PKG_VERSION:=24.12.08
 PKG_RELEASE:=1
 
 PKG_CONFIG_DEPENDS:= \

applications/luci-app-passwall/luasrc/controller/passwall.lua

@@ -216,9 +216,12 @@ function index_status()
 	local dns_shunt = uci:get(appname, "@global[0]", "dns_shunt") or "dnsmasq"
 	if dns_shunt == "smartdns" then
 		e.dns_mode_status = luci.sys.call("pidof smartdns >/dev/null") == 0
+	elseif dns_shunt == "chinadns-ng" then
+		e.dns_mode_status = luci.sys.call("/bin/busybox top -bn1 | grep -v 'grep' | grep '/tmp/etc/passwall/bin/' | grep 'default' | grep 'chinadns_ng' >/dev/null") == 0
 	else
 		e.dns_mode_status = luci.sys.call("netstat -apn | grep ':15353 ' >/dev/null") == 0
 	end
+
 	e.haproxy_status = luci.sys.call(string.format("/bin/busybox top -bn1 | grep -v grep | grep '%s/bin/' | grep haproxy >/dev/null", appname)) == 0
 	e["tcp_node_status"] = luci.sys.call("/bin/busybox top -bn1 | grep -v 'grep' | grep '/tmp/etc/passwall/bin/' | grep 'default' | grep 'TCP' >/dev/null") == 0
 
@@ -258,19 +261,17 @@ function connect_status()
 	e.use_time = ""
 	local url = luci.http.formvalue("url")
 	local baidu = string.find(url, "baidu")
-	local enabled = uci:get(appname, "@global[0]", "enabled") or "0"
 	local chn_list = uci:get(appname, "@global[0]", "chn_list") or "direct"
 	local gfw_list = uci:get(appname, "@global[0]", "use_gfw_list") or "1"
 	local proxy_mode = uci:get(appname, "@global[0]", "tcp_proxy_mode") or "proxy"
-	local socks_port = uci:get(appname, "@global[0]", "tcp_node_socks_port") or "1070"
-	local local_proxy = uci:get(appname, "@global[0]", "localhost_proxy") or "1"
-	if enabled == "1" and local_proxy == "0" then
+	local socks_server = luci.sys.exec("[ -f /tmp/etc/passwall/acl/default/TCP_SOCKS_server ] && echo -n $(cat /tmp/etc/passwall/acl/default/TCP_SOCKS_server) || echo -n ''")
+	if socks_server ~= "" then
 		if (chn_list == "proxy" and gfw_list == "0" and proxy_mode ~= "proxy" and baidu ~= nil) or (chn_list == "0" and gfw_list == "0" and proxy_mode == "proxy") then
 		-- 中国列表+百度 or 全局
-			url = "-x socks5h://127.0.0.1:" .. socks_port .. " " .. url
+			url = "-x socks5h://" .. socks_server .. " " .. url
 		elseif baidu == nil then
 		-- 其他代理模式+百度以外网站
-			url = "-x socks5h://127.0.0.1:" .. socks_port .. " " .. url
+			url = "-x socks5h://" .. socks_server .. " " .. url
 		end
 	end
 	local result = luci.sys.exec('curl --connect-timeout 3 -o /dev/null -I -sk -w "%{http_code}:%{time_appconnect}" ' .. url)

applications/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua

@@ -94,7 +94,8 @@ if has_xray or has_singbox then
 		o.rmempty = false
 		o.description = "<ul>"
 			.. "<li>" .. translate("Experimental feature.") .. "</li>"
-			.. "<li>" .. translate("Analyzes and preloads GeoIP/Geosite data to enhance the shunt performance of Sing-box/Xray.") .. "</li>"
+			.. "<li>" .. "1." .. translate("Analyzes and preloads GeoIP/Geosite data to enhance the shunt performance of Sing-box/Xray.") .. "</li>"
+			.. "<li>" .. "2." .. translate("Once enabled, the rule list can support GeoIP/Geosite rules.") .. "</li>"
 			.. "<li>" .. translate("Note: Increases resource usage; Geosite analysis is only supported in ChinaDNS-NG and SmartDNS modes.") .. "</li>"
 			.. "</ul>"
 	end

applications/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua

@@ -41,7 +41,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
 	for index, host in ipairs(hosts) do
-		if host:sub(1, 1) == "#" then
+		if host:sub(1, 1) == "#" or host:sub(1, 8) == "geosite:" then
 			return value
 		end
 		if not datatypes.hostname(host) then
@@ -70,7 +70,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
 	for index, ipmask in ipairs(ipmasks) do
-		if ipmask:sub(1, 1) == "#" then
+		if ipmask:sub(1, 1) == "#" or ipmask:sub(1, 6) == "geoip:" then
 			return value
 		end
 		if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
@@ -101,7 +101,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
 	for index, host in ipairs(hosts) do
-		if host:sub(1, 1) == "#" then
+		if host:sub(1, 1) == "#" or host:sub(1, 8) == "geosite:" then
 			return value
 		end
 		if not datatypes.hostname(host) then
@@ -130,7 +130,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
 	for index, ipmask in ipairs(ipmasks) do
-		if ipmask:sub(1, 1) == "#" then
+		if ipmask:sub(1, 1) == "#" or ipmask:sub(1, 6) == "geoip:" then
 			return value
 		end
 		if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
@@ -159,7 +159,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(hosts, w) end)
 	for index, host in ipairs(hosts) do
-		if host:sub(1, 1) == "#" then
+		if host:sub(1, 1) == "#" or host:sub(1, 8) == "geosite:" then
 			return value
 		end
 		if not datatypes.hostname(host) then
@@ -188,7 +188,7 @@ o.validate = function(self, value)
 	value = value:gsub("^%s+", ""):gsub("%s+$","\n"):gsub("\r\n","\n"):gsub("[ \t]*\n[ \t]*", "\n")
 	string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
 	for index, ipmask in ipairs(ipmasks) do
-		if ipmask:sub(1, 1) == "#" then
+		if ipmask:sub(1, 1) == "#" or ipmask:sub(1, 6) == "geoip:" then
 			return value
 		end
 		if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
@@ -278,8 +278,20 @@ if api.fs.access(gfwlist_path) then
 	o.rows = 45
 	o.wrap = "off"
 	o.cfgvalue = function(self, section)
-		return fs.readfile(gfwlist_path) or ""
+		local limit = 100 -- 限制行数
+		local cmd = string.format("head -n %d %s", limit, gfwlist_path)
+		return api.sys.exec(cmd) or ""
+		-- return fs.readfile(gfwlist_path) or ""
 	end
+    local total_lines_cmd = string.format("wc -l < %s", gfwlist_path)
+    local total_lines = tonumber(api.sys.exec(total_lines_cmd)) or 0
+    local displayed_lines = 100
+
+    local total_lines_label = s:taboption("gfw_list", DummyValue, "total_lines", translate("Total Lines"))
+    total_lines_label.value = translatef("%d lines", total_lines)
+
+    local displayed_lines_label = s:taboption("gfw_list", DummyValue, "displayed_lines", translate("Displayed Lines"))
+    displayed_lines_label.value = translatef("%d lines", displayed_lines)
 end
 
 if api.fs.access(chnlist_path) then
@@ -289,8 +301,20 @@ if api.fs.access(chnlist_path) then
 	o.rows = 45
 	o.wrap = "off"
 	o.cfgvalue = function(self, section)
-		return fs.readfile(chnlist_path) or ""
+		local limit = 100 -- 限制行数
+		local cmd = string.format("head -n %d %s", limit, chnlist_path)
+		return api.sys.exec(cmd) or ""
+		-- return fs.readfile(chnlist_path) or ""
 	end
+	local total_lines_cmd = string.format("wc -l < %s", chnlist_path)
+    local total_lines = tonumber(api.sys.exec(total_lines_cmd)) or 0
+    local displayed_lines = 100
+
+    local total_lines_label = s:taboption("chn_list", DummyValue, "total_lines", translate("Total Lines"))
+    total_lines_label.value = translatef("%d lines", total_lines)
+
+    local displayed_lines_label = s:taboption("chn_list", DummyValue, "displayed_lines", translate("Displayed Lines"))
+    displayed_lines_label.value = translatef("%d lines", displayed_lines)
 end
 
 if api.fs.access(chnroute_path) then
@@ -300,8 +324,20 @@ if api.fs.access(chnroute_path) then
 	o.rows = 45
 	o.wrap = "off"
 	o.cfgvalue = function(self, section)
-		return fs.readfile(chnroute_path) or ""
+		local limit = 100 -- 限制行数
+		local cmd = string.format("head -n %d %s", limit, chnroute_path)
+		return api.sys.exec(cmd) or ""
+		-- return fs.readfile(chnroute_path) or ""
 	end
+	local total_lines_cmd = string.format("wc -l < %s", chnroute_path)
+    local total_lines = tonumber(api.sys.exec(total_lines_cmd)) or 0
+    local displayed_lines = 100
+
+    local total_lines_label = s:taboption("chnroute_list", DummyValue, "total_lines", translate("Total Lines"))
+    total_lines_label.value = translatef("%d lines", total_lines)
+
+    local displayed_lines_label = s:taboption("chnroute_list", DummyValue, "displayed_lines", translate("Displayed Lines"))
+    displayed_lines_label.value = translatef("%d lines", displayed_lines)
 end
 
 m:append(Template(appname .. "/rule_list/js"))

applications/luci-app-passwall/po/zh_Hans/passwall.po

@@ -934,6 +934,9 @@ msgstr "开启 Geo 数据解析"
 msgid "Analyzes and preloads GeoIP/Geosite data to enhance the shunt performance of Sing-box/Xray."
 msgstr "分析和预加载 GeoIP/Geosite 数据，以增强 Sing-box/Xray 的分流效果。"
 
+msgid "Once enabled, the rule list can support GeoIP/Geosite rules."
+msgstr "启用后，规则列表可以支持 GeoIP/Geosite 规则。"
+
 msgid "Note: Increases resource usage; Geosite analysis is only supported in ChinaDNS-NG and SmartDNS modes."
 msgstr "注：会增加一些系统资源的开销，仅在 ChinaDNS-NG 和 SmartDNS 模式下支持分析 Geosite 。"
 
@@ -1722,3 +1725,12 @@ msgstr "与使用 %s 节点时生效。"
 
 msgid "Set the default domain resolution strategy for the sing-box node."
 msgstr "为 sing-box 节点设置默认的域名解析策略。"
+
+msgid "Total Lines"
+msgstr "总行数："
+
+msgid "Displayed Lines"
+msgstr "展示行数："
+
+msgid "%d lines"
+msgstr "%d 行"

applications/luci-app-passwall/root/usr/share/passwall/app.sh

@@ -359,17 +359,6 @@ parse_doh() {
 	eval "${__url_var}='${__url}' ${__host_var}='${__host}' ${__port_var}='${__port}' ${__bootstrap_var}='${__bootstrap}'"
 }
 
-get_dnsmasq_conf_dir() {
-	local dnsmasq_conf_path=$(grep -l "^conf-dir=" /tmp/etc/dnsmasq.conf.${DEFAULT_DNSMASQ_CFGID})
-	[ -n "$dnsmasq_conf_path" ] && {
-		local dnsmasq_conf_dir=$(grep '^conf-dir=' "$dnsmasq_conf_path" | cut -d'=' -f2 | head -n 1)
-		[ -n "$dnsmasq_conf_dir" ] && {
-			DNSMASQ_CONF_DIR=${dnsmasq_conf_dir%*/}
-			TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
-		}
-	}
-}
-
 run_ipt2socks() {
 	local flag proto tcp_tproxy local_port socks_address socks_port socks_username socks_password log_file
 	local _extra_param=""
@@ -2010,7 +1999,17 @@ RESOLVFILE=/tmp/resolv.conf.d/resolv.conf.auto
 ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
 ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u | grep -v -Fx ::1 | grep -v -Fx ::)
 
-DEFAULT_DNSMASQ_CFGID=$(uci show dhcp.@dnsmasq[0] |  awk -F '.' '{print $2}' | awk -F '=' '{print $1}'| head -1)
+DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
+if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
+        DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
+	if [ -n "$DNSMASQ_CONF_DIR" ]; then
+		DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
+		TMP_DNSMASQ_PATH=${DNSMASQ_CONF_DIR}/${CONFIG}
+	else
+		DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
+	fi
+fi
+
 DEFAULT_DNS=$(uci show dhcp.@dnsmasq[0] | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' '\n' | grep -v "\/" | head -2 | sed ':label;N;s/\n/,/;b label')
 [ -z "${DEFAULT_DNS}" ] && [ "$(echo $ISP_DNS | tr ' ' '\n' | wc -l)" -le 2 ] && DEFAULT_DNS=$(echo -n $ISP_DNS | tr ' ' '\n' | head -2 | tr '\n' ',')
 LOCAL_DNS="${DEFAULT_DNS:-119.29.29.29,223.5.5.5}"
@@ -2020,8 +2019,6 @@ DNS_QUERY_STRATEGY="UseIP"
 [ "$FILTER_PROXY_IPV6" = "1" ] && DNS_QUERY_STRATEGY="UseIPv4"
 DNSMASQ_FILTER_PROXY_IPV6=${FILTER_PROXY_IPV6}
 
-get_dnsmasq_conf_dir
-
 export V2RAY_LOCATION_ASSET=$(config_t_get global_rules v2ray_location_asset "/usr/share/v2ray/")
 export XRAY_LOCATION_ASSET=$V2RAY_LOCATION_ASSET
 mkdir -p /tmp/etc $TMP_PATH $TMP_BIN_PATH $TMP_SCRIPT_FUNC_PATH $TMP_ID_PATH $TMP_ROUTE_PATH $TMP_ACL_PATH $TMP_IFACE_PATH $TMP_PATH2

applications/luci-app-passwall/root/usr/share/passwall/helper_chinadns_add.lua

@@ -30,6 +30,7 @@ local RULES_PATH = "/usr/share/" .. appname .. "/rules"
 local FLAG_PATH = TMP_ACL_PATH .. "/" .. FLAG
 local config_lines = {}
 local tmp_lines = {}
+local USE_GEOVIEW = uci:get(appname, "@global_rules[0]", "enable_geoview")
 
 local function log(...)
 	if NO_LOGIC_LOG == "1" then
@@ -115,12 +116,18 @@ end
 --自定义规则组，后声明的组具有更高优先级
 --屏蔽列表
 local file_block_host = TMP_ACL_PATH .. "/block_host"
-if USE_BLOCK_LIST == "1" and not fs.access(file_block_host) then   --对自定义列表进行清洗
+if USE_BLOCK_LIST == "1" and not fs.access(file_block_host) then
 	local block_domain, lookup_block_domain = {}, {}
+	local geosite_arg = ""
 	for line in io.lines(RULES_PATH .. "/block_host") do
-		line = api.get_std_domain(line)
-		if line ~= "" and not line:find("#") then
-			insert_unique(block_domain, line, lookup_block_domain)
+		if not line:find("#") and line:find("geosite:") then
+			line = string.match(line, ":([^:]+)$")
+			geosite_arg = geosite_arg .. (geosite_arg ~= "" and "," or "") .. line
+		else
+			line = api.get_std_domain(line)
+			if line ~= "" and not line:find("#") then
+				insert_unique(block_domain, line, lookup_block_domain)
+			end
 		end
 	end
 	if #block_domain > 0 then
@@ -130,6 +137,10 @@ if USE_BLOCK_LIST == "1" and not fs.access(file_block_host) then   --对自定
 		end
 		f_out:close()
 	end
+	if USE_GEOVIEW == "1" and geosite_arg ~= "" and api.is_finded("geoview") then
+		get_geosite(geosite_arg, file_block_host)
+		log("  * 解析[屏蔽列表] Geosite 到屏蔽域名表(blocklist)完成")
+	end
 end
 if USE_BLOCK_LIST == "1" and is_file_nonzero(file_block_host) then
 	tmp_lines = {
@@ -168,12 +179,18 @@ end
 
 --直连（白名单）列表
 local file_direct_host = TMP_ACL_PATH .. "/direct_host"
-if USE_DIRECT_LIST == "1" and not fs.access(file_direct_host) then   --对自定义列表进行清洗
+if USE_DIRECT_LIST == "1" and not fs.access(file_direct_host) then
 	local direct_domain, lookup_direct_domain = {}, {}
+	local geosite_arg = ""
 	for line in io.lines(RULES_PATH .. "/direct_host") do
-		line = api.get_std_domain(line)
-		if line ~= "" and not line:find("#") then
-			insert_unique(direct_domain, line, lookup_direct_domain)
+		if not line:find("#") and line:find("geosite:") then
+			line = string.match(line, ":([^:]+)$")
+			geosite_arg = geosite_arg .. (geosite_arg ~= "" and "," or "") .. line
+		else
+			line = api.get_std_domain(line)
+			if line ~= "" and not line:find("#") then
+				insert_unique(direct_domain, line, lookup_direct_domain)
+			end
 		end
 	end
 	if #direct_domain > 0 then
@@ -183,6 +200,10 @@ if USE_DIRECT_LIST == "1" and not fs.access(file_direct_host) then   --对自定
 		end
 		f_out:close()
 	end
+	if USE_GEOVIEW == "1" and geosite_arg ~= "" and api.is_finded("geoview") then
+		get_geosite(geosite_arg, file_direct_host)
+		log("  * 解析[直连列表] Geosite 到域名白名单(whitelist)完成")
+	end
 end
 if USE_DIRECT_LIST == "1" and is_file_nonzero(file_direct_host) then
 	tmp_lines = {
@@ -197,12 +218,18 @@ end
 
 --代理（黑名单）列表
 local file_proxy_host = TMP_ACL_PATH .. "/proxy_host"
-if USE_PROXY_LIST == "1" and not fs.access(file_proxy_host) then   --对自定义列表进行清洗
+if USE_PROXY_LIST == "1" and not fs.access(file_proxy_host) then
 	local proxy_domain, lookup_proxy_domain = {}, {}
+	local geosite_arg = ""
 	for line in io.lines(RULES_PATH .. "/proxy_host") do
-		line = api.get_std_domain(line)
-		if line ~= "" and not line:find("#") then
-			insert_unique(proxy_domain, line, lookup_proxy_domain)
+		if not line:find("#") and line:find("geosite:") then
+			line = string.match(line, ":([^:]+)$")
+			geosite_arg = geosite_arg .. (geosite_arg ~= "" and "," or "") .. line
+		else
+			line = api.get_std_domain(line)
+			if line ~= "" and not line:find("#") then
+				insert_unique(proxy_domain, line, lookup_proxy_domain)
+			end
 		end
 	end
 	if #proxy_domain > 0 then
@@ -212,6 +239,10 @@ if USE_PROXY_LIST == "1" and not fs.access(file_proxy_host) then   --对自定
 		end
 		f_out:close()
 	end
+	if USE_GEOVIEW == "1" and geosite_arg ~= "" and api.is_finded("geoview") then
+		get_geosite(geosite_arg, file_proxy_host)
+		log("  * 解析[代理列表] Geosite 到代理域名表(blacklist)完成")
+	end
 end
 if USE_PROXY_LIST == "1" and is_file_nonzero(file_proxy_host) then
 	tmp_lines = {
@@ -334,14 +365,14 @@ if uci:get(appname, TCP_NODE, "protocol") == "_shunt" then
 		end
 	end
 
-	local use_geoview = uci:get(appname, "@global_rules[0]", "enable_geoview")
-	if GFWLIST == "1" and CHNLIST == "0" and use_geoview == "1" then  --仅GFW模式解析geosite
+	if GFWLIST == "1" and CHNLIST == "0" and USE_GEOVIEW == "1" and api.is_finded("geoview") then  --仅GFW模式解析geosite
 		if geosite_white_arg ~= "" then
 			get_geosite(geosite_white_arg, file_white_host)
 		end
 		if geosite_shunt_arg ~= "" then
 			get_geosite(geosite_shunt_arg, file_shunt_host)
 		end
+		log("  * 解析[分流节点] Geosite 完成")
 	end
 
 	if is_file_nonzero(file_white_host) then
@@ -409,11 +440,11 @@ end
 table.insert(config_lines, "hosts")
 
 if DEFAULT_TAG == "chn" then
-	log(string.format("  - 默认：%s", DNS_LOCAL))
+	log(string.format("  - 默认 DNS ：%s", DNS_LOCAL))
 elseif  DEFAULT_TAG == "gfw" then
-	log(string.format("  - 默认：%s", DNS_TRUST))
+	log(string.format("  - 默认 DNS ：%s", DNS_TRUST))
 else
-	log(string.format("  - 默认：%s", "智能匹配"))
+	log(string.format("  - 默认 DNS ：%s", "智能匹配"))
 end
 
 --输出配置文件