Nanako/immortalwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge Mainline

Browse Source
This commit is contained in:
AmadeusGhost
2021-02-10 12:28:03 +08:00
parent 0d6e831f2c dcb54c420b
commit 5a34d8d677
49 changed files with 1121 additions and 415 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/download.mk
View File

@@ -27,7 +27,7 @@ define dl_method
$(strip \
$(if $(filter git,$(2)),$(call dl_method_git,$(1),$(2)),
$(if $(2),$(2), \
$(if $(filter @APACHE/% @GITHUB/% @GNOME/% @GNU/% @KERNEL/% @SF/% @SAVANNAH/% ftp://% http://% https://% file://%,$(1)),default, \
$(if $(filter @OPENWRT @APACHE/% @GITHUB/% @GNOME/% @GNU/% @KERNEL/% @SF/% @SAVANNAH/% ftp://% http://% https://% file://%,$(1)),default, \
$(if $(filter git://%,$(1)),$(call dl_method_git,$(1),$(2)), \
$(if $(filter svn://%,$(1)),svn, \
$(if $(filter cvs://%,$(1)),cvs, \

2
package/boot/fconfig/Makefile
View File

@@ -12,7 +12,7 @@ PKG_VERSION:=20080329
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://downloads.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=4ff0e8f07e35e46b705c0dbe9d9544ede01ea092a69e3f7db03e55a3f2bb8eb7
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)

2
package/boot/uboot-sunxi/Makefile
View File

@@ -340,7 +340,7 @@ UBOOT_TARGETS := \
nanopi_neo_plus2 \
nanopi_neo2 \
nanopi_r1 \
nanopi_r1s_h5 \
nanopi_r1s_h5 \
orangepi_zero \
orangepi_r1 \
orangepi_one \

77
package/ctcgfw/cdnspeedtest/Makefile Normal file
View File

@@ -0,0 +1,77 @@
#
# Copyright (C) 2021 ImmortalWrt
# <https://project-openwrt.eu.org>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=CloudflareSpeedTest
PKG_VERSION:=1.4.8
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/XIU2/CloudflareSpeedTest/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=5e822fb24348dbb75aeb33c3e9f558d629892089bc918186d5e68c3341e70049
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILE:=LICENSE
PKG_MAINTAINER:=CN_SZTL <cnsztl@project-openwrt.eu.org>
PKG_CONFIG_DEPENDS:= \
CONFIG_CDNSPEEDTEST_COMPRESS_GOPROXY \
CONFIG_CDNSPEEDTEST_COMPRESS_UPX
PKG_BUILD_DEPENDS:=golang/host
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
GO_PKG:=CloudflareSpeedTest
GO_PKG_LDFLAGS:=-s -w
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk
define Package/cdnspeedtest
SECTION:=net
CATEGORY:=Network
TITLE:=Getting the fastest ips to your network of CDN
URL:=https://github.com/XIU2/CloudflareSpeedTest
DEPENDS:=$(GO_ARCH_DEPENDS)
endef
define Package/cdnspeedtest/config
config CDNSPEEDTEST_COMPRESS_GOPROXY
bool "Compiling with GOPROXY proxy"
default n
config CDNSPEEDTEST_COMPRESS_UPX
bool "Compress executable files with UPX"
default y
endef
ifeq ($(CONFIG_CDNSPEEDTEST_COMPRESS_GOPROXY),y)
export GO111MODULE=on
export GOPROXY=https://goproxy.io
endif
define Build/Compile
$(call GoPackage/Build/Compile)
ifeq ($(CONFIG_CDNSPEEDTEST_COMPRESS_UPX),y)
$(STAGING_DIR_HOST)/bin/upx --lzma --best $(GO_PKG_BUILD_BIN_DIR)/CloudflareSpeedTest
endif
endef
define Package/cdnspeedtest/install
$(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR))
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/CloudflareSpeedTest $(1)/usr/bin/cdnspeedtest
$(INSTALL_DIR) $(1)/usr/share/CloudflareSpeedTest
$(INSTALL_DATA) $(PKG_BUILD_DIR)/ip.txt $(1)/usr/share/CloudflareSpeedTest/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/ipv6.txt $(1)/usr/share/CloudflareSpeedTest/
endef
$(eval $(call BuildPackage,cdnspeedtest))

74
package/ctcgfw/go-nats/Makefile Normal file
View File

@@ -0,0 +1,74 @@
#
# Copyright (C) 2021 ImmortalWrt
# <https://project-openwrt.eu.org>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=go-nats
PKG_VERSION:=0.0.1
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/enobufs/go-nats.git
PKG_SOURCE_DATE:=2019-09-23
PKG_SOURCE_VERSION:=4effc32e0f4006da0636b24f4468cf32ce494d71
PKG_MIRROR_HASH:=52156d096ba21fdc18316040749b20868e500d7bd785a0d33533610ba7f7169b
PKG_LICENSE:=MIT
PKG_LICENSE_FILE:=LICENSE
PKG_MAINTAINER:=CN_SZTL <cnsztl@project-openwrt.eu.org>
PKG_CONFIG_DEPENDS:= \
CONFIG_GO_NATS_COMPRESS_GOPROXY \
CONFIG_GO_NATS_COMPRESS_UPX
PKG_BUILD_DEPENDS:=golang/host
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
GO_PKG:=github.com/enobufs/go-nats
GO_PKG_LDFLAGS:=-s -w
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk
define Package/go-nats
SECTION:=net
CATEGORY:=Network
TITLE:=A NAT type discovery tool
URL:=https://github.com/enobufs/go-nats
DEPENDS:=$(GO_ARCH_DEPENDS)
endef
define Package/go-nats/description
A NAT type discovery tool using STUN written purely in Go.
endef
define Package/go-nats/config
config GO_NATS_COMPRESS_GOPROXY
bool "Compiling with GOPROXY proxy"
default n
config GO_NATS_COMPRESS_UPX
bool "Compress executable files with UPX"
default y
endef
ifeq ($(CONFIG_GO_NATS_COMPRESS_GOPROXY),y)
export GO111MODULE=on
export GOPROXY=https://goproxy.io
endif
define Build/Compile
$(call GoPackage/Build/Compile)
ifeq ($(CONFIG_GO_NATS_COMPRESS_UPX),y)
$(STAGING_DIR_HOST)/bin/upx --lzma --best $(GO_PKG_BUILD_BIN_DIR)/go-nats
endif
endef
$(eval $(call GoBinPackage,go-nats))
$(eval $(call BuildPackage,go-nats))

8
package/ctcgfw/gotop/Makefile
View File

@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=gotop
PKG_VERSION:=4.1.0
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/xxxserxxx/gotop/tar.gz/v$(PKG_VERSION)?
@@ -29,10 +29,8 @@ PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
GO_PKG:=github.com/xxxserxxx/gotop
GO_PKG_BUILD_PKG:=github.com/xxxserxxx/gotop/cmd/gotop
GO_PKG_LDFLAGS:=-s -w
GO_PKG_LDFLAGS_X:= \
main.Version=$(PKG_VERSION)
GO_PKG_LDFLAGS_X:=main.Version=$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk
@@ -73,4 +71,4 @@ endif
endef
$(eval $(call GoBinPackage,gotop))
$(eval $(call BuildPackage,gotop))
$(eval $(call BuildPackage,gotop))

74
package/ctcgfw/rtl8188eu/Makefile Normal file
View File

@@ -0,0 +1,74 @@
#
# Copyright (C) 2021 ImmortalWrt
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=rtl8188eu
PKG_RELEASE=1
PKG_SOURCE_URL:=https://github.com/aircrack-ng/rtl8188eus.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2020-08-01
PKG_SOURCE_VERSION:=ae1d233fe6a34a321ca1da2202bec34b1a4b41cd
PKG_MIRROR_HASH:=995d021dec4bef7ce5227239b64aee88ea6d1002464bc7a62cc2ed766607ea89
PKG_MAINTAINTER:=ImmortalWrt
PKG_BUILD_PARALLEL:=1
STAMP_CONFIGURED_DEPENDS := $(STAGING_DIR)/usr/include/mac80211-backport/backport/autoconf.h
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/package.mk
define KernelPackage/rtl8188eu
SUBMENU:=Wireless Drivers
TITLE:=Realtek 8188EU(S)/8188ETV support
DEPENDS:=+kmod-cfg80211 +kmod-usb-core +@DRIVER_11N_SUPPORT +@DRIVER_11AC_SUPPORT
FILES:=$(PKG_BUILD_DIR)/rtl8188eu.ko
AUTOLOAD:=$(call AutoProbe,rtl8188eu)
endef
NOSTDINC_FLAGS = \
-I$(PKG_BUILD_DIR) \
-I$(PKG_BUILD_DIR)/include \
-I$(STAGING_DIR)/usr/include/mac80211-backport \
-I$(STAGING_DIR)/usr/include/mac80211-backport/uapi \
-I$(STAGING_DIR)/usr/include/mac80211 \
-I$(STAGING_DIR)/usr/include/mac80211/uapi \
-include backport/autoconf.h \
-include backport/backport.h
EXTRA_CFLAGS:= \
-DRTW_SINGLE_WIPHY \
-DRTW_USE_CFG80211_STA_EVENT \
-DCONFIG_IOCTL_CFG80211 \
-DCONFIG_CONCURRENT_MODE
ifeq ($(CONFIG_BIG_ENDIAN),y)
EXTRA_CFLAGS += -DCONFIG_BIG_ENDIAN
else
EXTRA_CFLAGS += -DCONFIG_LITTLE_ENDIAN
endif
EXTRA_KCONFIG:= \
CONFIG_RTL8188EU=m \
USER_MODULE_NAME=rtl8188eu
MAKE_OPTS:= \
$(KERNEL_MAKE_FLAGS) \
M="$(PKG_BUILD_DIR)" \
NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" \
USER_EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \
$(EXTRA_KCONFIG)
define Build/Compile
+$(MAKE) $(PKG_JOBS) -C "$(LINUX_DIR)" \
$(MAKE_OPTS) \
modules
endef
$(eval $(call KernelPackage,rtl8188eu))

15
package/ctcgfw/rtl8188eu/patches/001-use-kernel-byteorder.patch Normal file
View File

@@ -0,0 +1,15 @@
Fix compile problem when rtw_byteorder.h and asm/byteorder.h gets
included in addition for example indirectly, do not use realtek own copy
of the byteorder headers.
--- a/include/drv_types.h
+++ b/include/drv_types.h
@@ -24,7 +24,7 @@
#include <drv_conf.h>
#include <basic_types.h>
#include <osdep_service.h>
-#include <rtw_byteorder.h>
+#include <asm/byteorder.h>
#include <wlan_bssdef.h>
#include <wifi.h>
#include <ieee80211.h>

11
package/ctcgfw/rtl8188eu/patches/010-disable-default-build-x86.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/Makefile
+++ b/Makefile
@@ -91,7 +91,7 @@ CONFIG_RTW_SDIO_PM_KEEP_POWER = y
###################### MP HW TX MODE FOR VHT #######################
CONFIG_MP_VHT_HW_TX_MODE = n
###################### Platform Related #######################
-CONFIG_PLATFORM_I386_PC = y
+CONFIG_PLATFORM_I386_PC = n
CONFIG_PLATFORM_ARM_RPI = n
CONFIG_PLATFORM_ARM64_RPI = n
CONFIG_PLATFORM_ANDROID_X86 = n

39
package/ctcgfw/rtl8188eu/patches/020-remove-repeat-flies.patch Normal file
View File

@@ -0,0 +1,39 @@
From 9b2b0ec1bc2d31ddf93ed74d63fdfa6044e329a4 Mon Sep 17 00:00:00 2001
From: Ben Greear <greearb@candelatech.com>
Date: Fri, 9 Nov 2018 16:21:43 -0800
Subject: [PATCH] Fix build against openwrt backports tree.
Like breaks builds elsewhere, can fix it up later.
Signed-off-by: Ben Greear <greearb@candelatech.com>
---
include/drv_conf.h | 4 +++-
.../{wireless.h => old_unused_rtl_wireless.h} | 0
include/{autoconf.h => rtl_autoconf.h} | 0
3 files changed, 3 insertions(+), 1 deletions(-)
rename include/linux/{wireless.h => old_unused_rtl_wireless.h} (100%)
rename include/{autoconf.h => rtl_autoconf.h} (100%)
diff --git a/include/drv_conf.h b/include/drv_conf.h
index 0d20a7e..f0a9f88 100644
--- a/include/drv_conf.h
+++ b/include/drv_conf.h
@@ -14,7 +14,9 @@
*****************************************************************************/
#ifndef __DRV_CONF_H__
#define __DRV_CONF_H__
-#include "autoconf.h"
+
+#include <generated/autoconf.h>
+#include "rtl_autoconf.h"
#include "hal_ic_cfg.h"
#if defined(PLATFORM_LINUX) && defined (PLATFORM_WINDOWS)
diff --git a/include/linux/wireless.h b/include/linux/old_unused_rtl_wireless.h
similarity index 100%
rename from include/linux/wireless.h
rename to include/linux/old_unused_rtl_wireless.h
diff --git a/include/autoconf.h b/include/rtl_autoconf.h
similarity index 100%
rename from include/autoconf.h
rename to include/rtl_autoconf.h

7
package/ctcgfw/rtl8812au-ac/Makefile
View File

@@ -51,13 +51,6 @@ NOSTDINC_FLAGS = \
NOSTDINC_FLAGS += -DCONFIG_IOCTL_CFG80211 -DRTW_USE_CFG80211_STA_EVENT \
-DRTW_SINGLE_WIPHY -DCONFIG_CONCURRENT_MODE -D_LINUX_BYTEORDER_SWAB_H
ifeq ($(CONFIG_BIG_ENDIAN), y)
NOSTDINC_FLAGS += -DCONFIG_BIG_ENDIAN
endif
ifeq ($(CONFIG_LITTLE_ENDIAN), y)
NOSTDINC_FLAGS += -DCONFIG_LITTLE_ENDIAN
endif
PKG_MAKE_FLAGS += USER_MODULE_NAME=rtl8812au
KERNEL_MAKE_FLAGS += CONFIG_88XXAU=m

2
package/firmware/b43legacy-firmware/Makefile
View File

@@ -12,7 +12,7 @@ PKG_VERSION:=3.130.20.0
PKG_RELEASE:=1
PKG_SOURCE:=wl_apsta-$(PKG_VERSION).o
PKG_SOURCE_URL:=https://downloads.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=7dba610b1d96dd14e901bcbce14cd6ecd1b1ac6f5c0035b0d6b6dc46a7c3ef90
include $(INCLUDE_DIR)/package.mk

2
package/firmware/lantiq/dsl-vrx200-firmware-xdsl/Makefile
View File

@@ -10,7 +10,7 @@ PKG_NAME:=dsl_vr9_firmware_xdsl
PKG_VERSION:=05.08.01.08.01.06_05.08.00.0B.01.01_osc
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=44cd94130571fe42dfa8f0f9d44597d104e9e77962617fe38646b7a0b4184a2b
PKG_BUILD_DEPENDS:=bsdiff/host

18
package/kernel/acx-mac80211/Makefile
View File

@@ -114,55 +114,55 @@ endef
define Download/tiacx100
FILE:=tiacx100
URL:=http://acx100.erley.org/fw/acx100_1.9.8.b/
URL:=@OPENWRT
HASH:=4f05913c940c2455b267545b12d93ad81fa5eebb0cbee22a2c7588c50525b4f0
endef
define Download/tiacx100r0d
FILE:=tiacx100r0D
URL:=http://acx100.erley.org/fw/acx100_1.9.8.b/
URL:=@OPENWRT
HASH:=6a4a7fbb24a328a88261bc2a507b2a0bf63c91e831e3f1a8caa4f6599b2215e6
endef
define Download/tiacx100r11
FILE:=tiacx100r11
URL:=http://acx100.erley.org/fw/acx100_1.9.8.b/
URL:=@OPENWRT
HASH:=e005a93a0b463e01edba2b79038b54c29a7932efee61c851a2ac644b8a4e5dd4
endef
define Download/tiacx100r15
FILE:=tiacx100r15
URL:=http://acx100.erley.org/fw/acx100_1.9.8.b/
URL:=@OPENWRT
HASH:=c6f40bead5ef45720e2d72bbe4d998367c2c7857eb7716234aedeb2ad98bcdde
endef
define Download/tiacx111c16
FILE:=tiacx111c16
URL:=http://acx100.erley.org/fw/acx111_2.3.1.31/
URL:=@OPENWRT
HASH:=cc6108d577ebc55b924ff6bab44eeee3456d284c63819277cb5460338b2f1bd7
endef
define Download/tiacx111c16_1
FILE:=tiacx111c16_1.2.1_34
URL:=http://sites.google.com/site/atorkhov/files/
URL:=@OPENWRT
HASH:=672ed9d02565ab44da450c52f0ced3be99a3a3901f73454455da8e1f98ada220
endef
define Download/tiacx111c17
FILE:=tiacx111c17
URL:=http://acx100.erley.org/fw/acx111_2.3.1.31/
URL:=@OPENWRT
HASH:=2bb900a5886dbea2d3504623d9f3ac8abbb2e9fdfcf0fe233e77951dff748a40
endef
define Download/tiacx111c19
FILE:=tiacx111c19
URL:=http://acx100.erley.org/fw/acx111_2.3.1.31/
URL:=@OPENWRT
HASH:=383d86a8cfddf92400d661b4e43a9b855350fa656edd4f75b4aff7fab2d00e90
endef
define Download/tiacx111usbc1b
FILE:=tiacx111usbc1B
URL:=http://acx100.erley.org/fw/acx111_2.4.0.70-USB/
URL:=@OPENWRT
HASH:=f3c9e574de7073014ab6eef9a0f6412c53ae521b67723360af753c41401ed4d5
endef

2
package/kernel/broadcom-wl/Makefile
View File

@@ -13,7 +13,7 @@ PKG_VERSION:=5.10.56.27.3
PKG_RELEASE:=10
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(ARCH).tar.bz2
PKG_SOURCE_URL:=https://downloads.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
ifeq ($(ARCH),mipsel)
PKG_HASH:=26a8c370f48fc129d0731cfd751c36cae1419b0bc8ca35781126744e60eae009

2
package/kernel/lantiq/ltq-adsl/Makefile
View File

@@ -13,7 +13,7 @@ PKG_VERSION:=3.24.4.4
PKG_RELEASE:=3
PKG_SOURCE:=drv_dsl_cpe_api_danube-$(PKG_VERSION).tar.gz
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/ltq-dsl-$(BUILD_VARIANT)/drv_dsl_cpe_api-$(PKG_VERSION)
PKG_SOURCE_URL:=https://mirror2.openwrt.org/sources/
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=eb2ed59715d3bf4e8a1460bbbe2f1660039e0a9f9d72afb1b2b16590094eb33c
PKG_MAINTAINER:=John Crispin <john@phrozen.org>

2
package/kernel/lantiq/ltq-tapi/Makefile
View File

@@ -13,7 +13,7 @@ PKG_VERSION:=3.13.0
PKG_RELEASE:=4
PKG_SOURCE:=drv_tapi-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=109374d52872716570fca3fef3b93c9a93159a804dfd42484b19152b825af5c0
PKG_MAINTAINER:=John Crispin <john@phrozen.org>

2
package/kernel/lantiq/ltq-vdsl-mei/Makefile
View File

@@ -14,7 +14,7 @@ PKG_RELEASE:=4
PKG_BASE_NAME:=drv_mei_cpe
PKG_SOURCE:=$(PKG_BASE_NAME)-$(PKG_VERSION).tar.gz
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/$(PKG_BASE_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=94f6904364348b7f74087e721968abc28b2564fb9bd8899aa930d36490387662
PKG_FIXUP:=autoreconf
PKG_FLAGS:=nonshared

2
package/kernel/lantiq/ltq-vdsl/Makefile
View File

@@ -14,7 +14,7 @@ PKG_RELEASE:=3
PKG_BASE_NAME:=drv_dsl_cpe_api
PKG_SOURCE:=$(PKG_BASE_NAME)_vrx-$(PKG_VERSION).tar.gz
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/$(PKG_BASE_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=b4966a60653acc49254b168c6cc9c49eb36c54548e763617788aa4f252a29f21
PKG_LICENSE:=GPL-2.0 BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE

2
package/kernel/lantiq/ltq-vmmc/Makefile
View File

@@ -14,7 +14,7 @@ PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_HASH:=707f515eb727c032418c4da67d7e86884bb56cdc2a606e8f6ded6057d8767e57
PKG_SOURCE_URL:=https://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_MAINTAINER:=John Crispin <john@phrozen.org>
PKG_CHECK_FORMAT_SECURITY:=0

6
package/kernel/mac80211/broadcom.mk
View File

@@ -51,7 +51,7 @@ ifneq ($(CONFIG_B43_FW_5_10),)
PKG_B43_FWV4_VERSION:=5.10.56.27.3
PKG_B43_FWV4_OBJECT:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION)/driver/wl_apsta/wl_prebuilt.o
PKG_B43_FWV4_SOURCE:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION)_mipsel.tar.bz2
PKG_B43_FWV4_SOURCE_URL:=http://mirror2.openwrt.org/sources/
PKG_B43_FWV4_SOURCE_URL:=@OPENWRT
PKG_B43_FWV4_HASH:=26a8c370f48fc129d0731cfd751c36cae1419b0bc8ca35781126744e60eae009
else
ifneq ($(CONFIG_B43_FW_4_178),)
@@ -59,7 +59,7 @@ ifneq ($(CONFIG_B43_FW_4_178),)
PKG_B43_FWV4_VERSION:=4.178.10.4
PKG_B43_FWV4_OBJECT:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION)/linux/wl_apsta.o
PKG_B43_FWV4_SOURCE:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION).tar.bz2
PKG_B43_FWV4_SOURCE_URL:=http://mirror2.openwrt.org/sources/
PKG_B43_FWV4_SOURCE_URL:=@OPENWRT
PKG_B43_FWV4_HASH:=32f6ad98facbb9045646fdc8b54bb03086d204153253f9c65d0234a5d90ae53f
else
ifneq ($(CONFIG_B43_FW_5_100_138),)
@@ -74,7 +74,7 @@ else
PKG_B43_FWV4_VERSION:=4.150.10.5
PKG_B43_FWV4_OBJECT:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION)/driver/wl_apsta_mimo.o
PKG_B43_FWV4_SOURCE:=$(PKG_B43_FWV4_NAME)-$(PKG_B43_FWV4_VERSION).tar.bz2
PKG_B43_FWV4_SOURCE_URL:=http://mirror2.openwrt.org/sources/
PKG_B43_FWV4_SOURCE_URL:=@OPENWRT
PKG_B43_FWV4_HASH:=a9f4e276a4d8d3a1cd0f2eb87080ae89b77f0a7140f06d4e9e2135fc44fdd533
endif
endif

2
package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
View File

@@ -461,7 +461,7 @@ o.default = 2
o.rmempty = true
o = s:option(Value, "seed", translate("Obfuscate password (optional)"))
o:depends({type = "vless", transport = "kcp"})
o:depends({v2ray_protocol = "vless", transport = "kcp"})
o.rmempty = true
o = s:option(Flag, "congestion", translate("Congestion"))

2
package/libs/wolfssl/Makefile
View File

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=wolfssl
PKG_VERSION:=4.6.0-stable
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)

53
package/libs/wolfssl/patches/010-CVE-2021-3336.patch Normal file
View File

@@ -0,0 +1,53 @@
From fad1e67677bf7797b6bd6e1f21a513c289d963a7 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Thu, 21 Jan 2021 08:24:38 +1000
Subject: [PATCH] TLS 1.3: ensure key for signature in CertificateVerify
---
src/tls13.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -5624,28 +5624,36 @@ static int DoTls13CertificateVerify(WOLF
#ifdef HAVE_ED25519
if (args->sigAlgo == ed25519_sa_algo &&
!ssl->peerEd25519KeyPresent) {
- WOLFSSL_MSG("Oops, peer sent ED25519 key but not in verify");
+ WOLFSSL_MSG("Peer sent ED22519 sig but not ED22519 cert");
+ ret = SIG_VERIFY_E;
+ goto exit_dcv;
}
#endif
#ifdef HAVE_ED448
if (args->sigAlgo == ed448_sa_algo && !ssl->peerEd448KeyPresent) {
- WOLFSSL_MSG("Oops, peer sent ED448 key but not in verify");
+ WOLFSSL_MSG("Peer sent ED448 sig but not ED448 cert");
+ ret = SIG_VERIFY_E;
+ goto exit_dcv;
}
#endif
#ifdef HAVE_ECC
if (args->sigAlgo == ecc_dsa_sa_algo &&
!ssl->peerEccDsaKeyPresent) {
- WOLFSSL_MSG("Oops, peer sent ECC key but not in verify");
+ WOLFSSL_MSG("Peer sent ECC sig but not ECC cert");
+ ret = SIG_VERIFY_E;
+ goto exit_dcv;
}
#endif
#ifndef NO_RSA
if (args->sigAlgo == rsa_sa_algo) {
- WOLFSSL_MSG("Oops, peer sent PKCS#1.5 signature");
+ WOLFSSL_MSG("Peer sent PKCS#1.5 algo but not in certificate");
ERROR_OUT(INVALID_PARAMETER, exit_dcv);
}
if (args->sigAlgo == rsa_pss_sa_algo &&
(ssl->peerRsaKey == NULL || !ssl->peerRsaKeyPresent)) {
- WOLFSSL_MSG("Oops, peer sent RSA key but not in verify");
+ WOLFSSL_MSG("Peer sent RSA sig but not RSA cert");
+ ret = SIG_VERIFY_E;
+ goto exit_dcv;
}
#endif

4
package/lienol/luci-app-passwall/Makefile
View File

@@ -7,8 +7,8 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-passwall
PKG_VERSION:=4
PKG_RELEASE:=13
PKG_DATE:=20210207
PKG_RELEASE:=14
PKG_DATE:=20210209
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)

112
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_xray.lua
View File

@@ -226,61 +226,71 @@ if node_section then
local rules = {}
ucursor:foreach(appname, "shunt_rules", function(e)
local name = e[".name"]
local _node_id = node[name] or nil
if _node_id and _node_id ~= "nil" then
local _node = ucursor:get_all(appname, _node_id)
local is_proxy = node[name .. "_proxy"]
local relay_port
if is_proxy and is_proxy == "1" then
new_port = get_new_port()
relay_port = new_port
table.insert(inbounds, {
tag = "proxy_" .. name,
listen = "127.0.0.1",
port = new_port,
protocol = "dokodemo-door",
settings = {network = "tcp,udp", address = _node.address, port = tonumber(_node.port)}
})
if _node.tls_serverName == nil then
_node.tls_serverName = _node.address
end
_node.address = "127.0.0.1"
_node.port = new_port
end
local _outbound = gen_outbound(_node, name, relay_port)
if _outbound then
table.insert(outbounds, _outbound)
local _node_id = node[name] or "nil"
local outboundTag
if _node_id == "_direct" then
outboundTag = "direct"
elseif _node_id == "_blackhole" then
outboundTag = "blackhole"
else
if _node_id ~= "nil" then
local _node = ucursor:get_all(appname, _node_id)
local is_proxy = node[name .. "_proxy"]
local relay_port
if is_proxy and is_proxy == "1" then
table.insert(rules, {
type = "field",
inboundTag = {"proxy_" .. name},
outboundTag = "default"
new_port = get_new_port()
relay_port = new_port
table.insert(inbounds, {
tag = "proxy_" .. name,
listen = "127.0.0.1",
port = new_port,
protocol = "dokodemo-door",
settings = {network = "tcp,udp", address = _node.address, port = tonumber(_node.port)}
})
if _node.tls_serverName == nil then
_node.tls_serverName = _node.address
end
_node.address = "127.0.0.1"
_node.port = new_port
end
if e.domain_list then
local _domain = {}
string.gsub(e.domain_list, '[^' .. "\r\n" .. ']+', function(w)
table.insert(_domain, w)
end)
table.insert(rules, {
type = "field",
outboundTag = name,
domain = _domain
})
end
if e.ip_list then
local _ip = {}
string.gsub(e.ip_list, '[^' .. "\r\n" .. ']+', function(w)
table.insert(_ip, w)
end)
table.insert(rules, {
type = "field",
outboundTag = name,
ip = _ip
})
local _outbound = gen_outbound(_node, name, relay_port)
if _outbound then
table.insert(outbounds, _outbound)
if is_proxy and is_proxy == "1" then
table.insert(rules, {
type = "field",
inboundTag = {"proxy_" .. name},
outboundTag = "default"
})
end
outboundTag = name
end
end
end
if outboundTag then
if e.domain_list then
local _domain = {}
string.gsub(e.domain_list, '[^' .. "\r\n" .. ']+', function(w)
table.insert(_domain, w)
end)
table.insert(rules, {
type = "field",
outboundTag = outboundTag,
domain = _domain
})
end
if e.ip_list then
local _ip = {}
string.gsub(e.ip_list, '[^' .. "\r\n" .. ']+', function(w)
table.insert(_ip, w)
end)
table.insert(rules, {
type = "field",
outboundTag = outboundTag,
ip = _ip
})
end
end
end)
local default_node_id = node.default_node or nil
@@ -448,6 +458,10 @@ if inbounds or outbounds then
tag = "direct",
settings = {domainStrategy = "UseIPv4"}
})
table.insert(outbounds, {
protocol = "blackhole",
tag = "blackhole"
})
local xray = {
log = {

58
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
View File

@@ -115,56 +115,52 @@ if has_xray and #nodes_table > 0 then
shunt_list[#shunt_list + 1] = v
end
end
if #normal_list > 0 and #shunt_list > 0 then
for k, v in pairs(shunt_list) do
uci:foreach(appname, "shunt_rules", function(e)
local id = e[".name"]
o = s:taboption("Main", ListValue, id .. "_node", string.format('* <a href="%s">%s</a>', api.url("shunt_rules", id), translate(e.remarks)))
for k, v in pairs(shunt_list) do
o:depends("tcp_node", v.id)
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
end
o = s:taboption("Main", ListValue, v.id .. "." .. id .. "_node", string.format('* <a href="%s" target="_blank">%s</a>', api.url("shunt_rules", id), translate(e.remarks)))
o:depends("tcp_node", v.id)
o:value("nil", translate("Close"))
o:value("_direct", translate("Direct Connection"))
o:value("_blackhole", translate("Blackhole"))
for k, v in pairs(normal_list) do
o:value(v.id, v.remarks_name)
end
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
end)
local id = "default_node"
o = s:taboption("Main", ListValue, id, "* " .. translate("Default"))
for k, v in pairs(shunt_list) do
o:depends("tcp_node", v.id)
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
end
o = s:taboption("Main", ListValue, v.id .. "." .. id, "* " .. translate("Default"))
o:depends("tcp_node", v.id)
o:value("nil", translate("Close"))
for k, v in pairs(normal_list) do
o:value(v.id, v.remarks_name)
end
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
local id = "main_node"
o = s:taboption("Main", ListValue, id, "* " .. translate("Default") .. translate("Preproxy"))
for k, v in pairs(shunt_list) do
o:depends("tcp_node", v.id)
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
end
o = s:taboption("Main", ListValue, v.id .. "." .. id, "* " .. translate("Default") .. translate("Preproxy"))
o:depends("tcp_node", v.id)
o:value("nil", translate("Close"))
for k, v in pairs(normal_list) do
o:value(v.id, v.remarks_name)
end
o.cfgvalue = function(self, section)
return m:get(v.id, id) or "nil"
end
o.write = function(self, section, value)
m:set(v.id, id, value)
end
end
end

2
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/haproxy.lua
View File

@@ -82,7 +82,6 @@ o.default = "5"
o.rmempty = false
---- Export
--[[
o = s:option(ListValue, "export", translate("Export Of Multi WAN"))
o:value(0, translate("Auto"))
local ifaces = e.net:devices()
@@ -97,7 +96,6 @@ for _, iface in ipairs(ifaces) do
end
o.default = 0
o.rmempty = false
]]--
---- Mode
o = s:option(ListValue, "backup", translate("Mode"))

17
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua
View File

@@ -128,14 +128,21 @@ balancing_node:depends("protocol", "_balancing")
-- 分流
uci:foreach(appname, "shunt_rules", function(e)
o = s:option(ListValue, e[".name"], '<a href="../shunt_rules/' .. e[".name"] .. '">' .. translate(e.remarks) .. "</a>")
o = s:option(ListValue, e[".name"], string.format('* <a href="%s" target="_blank">%s</a>', api.url("shunt_rules", e[".name"]), translate(e.remarks)))
o:value("nil", translate("Close"))
for k, v in pairs(nodes_table) do o:value(v.id, v.remarks) end
o:value("_direct", translate("Direct Connection"))
o:value("_blackhole", translate("Blackhole"))
o:depends("protocol", "_shunt")
o = s:option(Flag, e[".name"] .. "_proxy", translate(e.remarks) .. translate("Preproxy"), translate("Use the default node for the transit."))
o.default = 0
o:depends("protocol", "_shunt")
if #nodes_table > 0 then
_proxy = s:option(Flag, e[".name"] .. "_proxy", translate(e.remarks) .. translate("Preproxy"), translate("Use the default node for the transit."))
_proxy.default = 0
for k, v in pairs(nodes_table) do
o:value(v.id, v.remarks)
_proxy:depends(e[".name"], v.id)
end
end
end)
shunt_tips = s:option(DummyValue, "shunt_tips", " ")

14
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/other.lua
View File

@@ -8,6 +8,12 @@ s = m:section(TypedSection, "global_delay", translate("Delay Settings"))
s.anonymous = true
s.addremove = false
---- Delay Start
o = s:option(Value, "start_delay", translate("Delay Start"),
translate("Units:seconds"))
o.default = "1"
o.rmempty = true
---- Open and close Daemon
o = s:option(Flag, "start_daemon", translate("Open and close Daemon"))
o.default = 1
@@ -109,6 +115,14 @@ s = m:section(TypedSection, "global_other", translate("Other Settings"))
s.anonymous = true
s.addremove = false
---- IPv6 TProxy
o = s:option(Flag, "ipv6_tproxy", translate("IPv6 TProxy"),
"<font color='red'>" .. translate(
"Experimental feature.Make sure that your node supports IPv6.") ..
"</font>")
o.default = 0
o.rmempty = false
o = s:option(MultiValue, "status", translate("Status info"))
o:value("big_icon", translate("Big icon")) -- 大图标
o:value("show_check_port", translate("Show node check")) -- 显示节点检测

4
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua
View File

@@ -49,6 +49,10 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end
o.default = 0
o:depends("auto_update", 1)
o = s:option(Value, "xray_location_asset", translate("Location of Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are."))
o.default = "/usr/share/xray/"
o.rmempty = false
s = m:section(TypedSection, "shunt_rules", "Xray" .. translate("Shunt") .. translate("Rule"))
s.template = "cbi/tblsection"
s.anonymous = false

4
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/client/rule_list.lua
View File

@@ -45,7 +45,7 @@ o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if not datatypes.ipmask4(ipmask) then
if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end
@@ -83,7 +83,7 @@ o.validate = function(self, value)
local ipmasks= {}
string.gsub(value, '[^' .. "\r\n" .. ']+', function(w) table.insert(ipmasks, w) end)
for index, ipmask in ipairs(ipmasks) do
if not datatypes.ipmask4(ipmask) then
if not ( datatypes.ipmask4(ipmask) or datatypes.ipmask6(ipmask) ) then
return nil, ipmask .. " " .. translate("Not valid IP format, please re-enter!")
end
end

2
package/lienol/luci-app-passwall/luasrc/model/cbi/passwall/server/api/app.lua
View File

@@ -155,7 +155,7 @@ local function start()
end
local function stop()
cmd(string.format("ps -w | grep -v 'grep' | grep '%s/' | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &", CONFIG_PATH))
cmd(string.format("top -bn1 | grep -v 'grep' | grep '%s/' | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1", CONFIG_PATH))
cmd("iptables -D INPUT -j PSW-SERVER 2>/dev/null")
cmd("iptables -F PSW-SERVER 2>/dev/null")
cmd("iptables -X PSW-SERVER 2>/dev/null")

223
package/lienol/luci-app-passwall/luasrc/view/passwall/global/footer.htm
View File

@@ -4,111 +4,144 @@ local auto_switch = api.uci_get_type("auto_switch", "enable", 0)
-%>
<script type="text/javascript">
//<![CDATA[
var _status = document.getElementsByClassName('_status');
for (var i = 0; i < _status.length; i++) {
var id = _status[i].getAttribute("socks_id");
XHR.get('<%=api.url("socks_status")%>', {
index: i,
id: id
},
function(x, result) {
var index = result.index;
var div = '';
var div1 = '<font style="font-weight:bold;" color="green">✓</font>&nbsp';
var div2 = '<font style="font-weight:bold;" color="red">X</font>&nbsp';
if (result.socks_status) {
div += div1;
} else {
div += div2;
}
if (result.use_http) {
if (result.http_status) {
function go() {
var _status = document.getElementsByClassName('_status');
for (var i = 0; i < _status.length; i++) {
var id = _status[i].getAttribute("socks_id");
XHR.get('<%=api.url("socks_status")%>', {
index: i,
id: id
},
function(x, result) {
var index = result.index;
var div = '';
var div1 = '<font style="font-weight:bold;" color="green"></font>&nbsp';
var div2 = '<font style="font-weight:bold;" color="red">X</font>&nbsp';
if (result.socks_status) {
div += div1;
} else {
div += div2;
}
if (result.use_http) {
if (result.http_status) {
div += div1;
} else {
div += div2;
}
}
_status[index].innerHTML = div;
}
_status[index].innerHTML = div;
}
);
}
var global_id = null;
var global = document.getElementById("cbi-passwall-global");
if (global) {
var node = global.getElementsByClassName("cbi-section-node")[0];
var node_id = node.getAttribute("id");
global_id = node_id;
for (var i = 0; i <= 1; i++) {
var proto = "udp";
if (i == 0) {
proto = "tcp";
}
var dom_id = node_id + "-" + proto + "_node";
dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var node_select = document.getElementById(dom_id);
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil") {
var v = document.getElementById(dom_id + "-" + node_select_value);
node_select.title = v.text;
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick", "location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
var log_a = document.createElement("a");
log_a.innerHTML = "<%:Log%>";
log_a.href = "#";
log_a.setAttribute("onclick", "window.open('" + '<%=api.url("get_redir_log")%>' + "?proto=" + proto + "', '_blank')");
node_select.outerHTML = node_select.outerHTML + "&nbsp&nbsp" + new_a.outerHTML + "&nbsp&nbsp" + log_a.outerHTML;
//node_select.parentNode.insertBefore(new_a, node_select.nextSibling);
}
);
}
}
var socks = document.getElementById("cbi-passwall-socks");
if (socks) {
var socks_enabled_dom = document.getElementById(global_id + "-socks_enabled");
socks_enabled_dom.parentNode.removeChild(socks_enabled_dom);
var descr = socks.getElementsByClassName("cbi-section-descr")[0];
descr.outerHTML = socks_enabled_dom.outerHTML;
rows = socks.getElementsByClassName("cbi-section-table-row");
for (var i = 0; i < rows.length; i++) {
var row = rows[i];
var id = row.id;
var dom_id = id + "-node";
var node = document.getElementById(dom_id);
var dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var node_select = document.getElementById(dom_id);
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil") {
if (global_id != null && node_select_value.indexOf("tcp") == 0) {
var num = node_select_value.replace("tcp", "");
var d = global_id + "-tcp_node";
d = d.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var dom = document.getElementById(d);
var _node_select_value = dom.value;
if (_node_select_value && _node_select_value != "nil") {
node_select_value = _node_select_value;
var global_id = null;
var global = document.getElementById("cbi-passwall-global");
if (global) {
var node = global.getElementsByClassName("cbi-section-node")[0];
var node_id = node.getAttribute("id");
global_id = node_id;
var reg1 = new RegExp("(?<=" + node_id + "-).*?(?=(_node))")
for (var i = 0; i < node.childNodes.length; i++) {
if (node.childNodes[i].childNodes && node.childNodes[i].childNodes.length > 0) {
for (var k = 0; k < node.childNodes[i].childNodes.length; k++) {
var dom = node.childNodes[i].childNodes[k];
if (dom.id) {
var s = dom.id.match(reg1);
if (s) {
dom_id = dom.id.split("cbi-").join("cbid-").split("-").join(".");
var node_select = document.getElementsByName(dom_id)[0];
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil" && node_select_value.indexOf("_direct") != 0 && node_select_value.indexOf("_blackhole") != 0) {
var v = document.getElementById(dom_id + "-" + node_select_value);
if (v) {
node_select.title = v.text;
} else {
node_select.title = node_select.options[node_select.options.selectedIndex].text;
}
var new_html = "";
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick", "location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
new_html = new_a.outerHTML;
if (s[0] == "tcp" || s[0] == "udp") {
var log_a = document.createElement("a");
log_a.innerHTML = "<%:Log%>";
log_a.href = "#";
log_a.setAttribute("onclick", "window.open('" + '<%=api.url("get_redir_log")%>' + "?proto=" + s[0] + "', '_blank')");
new_html += "&nbsp&nbsp" + log_a.outerHTML;
}
node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_html);
}
}
}
}
}
var v = document.getElementById(dom_id + "-" + node_select_value);
node_select.title = v.text;
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick","location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
node_select.outerHTML = node_select.outerHTML + "&nbsp&nbsp" + new_a.outerHTML;
//node_select.parentNode.insertBefore(new_a, node_select.nextSibling);
}
}
var socks = document.getElementById("cbi-passwall-socks");
if (socks) {
var socks_enabled_dom = document.getElementById(global_id + "-socks_enabled");
socks_enabled_dom.parentNode.removeChild(socks_enabled_dom);
var descr = socks.getElementsByClassName("cbi-section-descr")[0];
descr.outerHTML = socks_enabled_dom.outerHTML;
rows = socks.getElementsByClassName("cbi-section-table-row");
for (var i = 0; i < rows.length; i++) {
var row = rows[i];
var id = row.id;
if (!id) continue;
var dom_id = id + "-node";
var node = document.getElementById(dom_id);
var dom_id = dom_id.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var node_select = document.getElementsByName(dom_id)[0];
var node_select_value = node_select.value;
if (node_select_value && node_select_value != "nil") {
if (global_id != null && node_select_value.indexOf("tcp") == 0) {
var num = node_select_value.replace("tcp", "");
var d = global_id + "-tcp_node";
d = d.replace("cbi-", "cbid-").replace(new RegExp("-", 'g'), ".");
var dom = document.getElementsByName(d)[0];
var _node_select_value = dom.value;
if (_node_select_value && _node_select_value != "nil") {
node_select_value = _node_select_value;
}
}
var v = document.getElementById(dom_id + "-" + node_select_value);
if (v) {
node_select.title = v.text;
} else {
node_select.title = node_select.options[node_select.options.selectedIndex].text;
}
var new_a = document.createElement("a");
new_a.innerHTML = "<%:Edit%>";
new_a.href = "#";
new_a.setAttribute("onclick","location.href='" + '<%=api.url("node_config")%>' + "/" + node_select_value + "'");
node_select.insertAdjacentHTML("afterend", "&nbsp&nbsp" + new_a.outerHTML);
}
}
}
}
function addLoadEvent(func) {
var oldonload = window.onload;
if (typeof window.onload != 'function') {
window.onload = func;
} else {
window.onload = function () {
oldonload();
func();
}
}
}
addLoadEvent(go);
//]]>
</script>

18
package/lienol/luci-app-passwall/po/zh-cn/passwall.po
View File

@@ -412,6 +412,12 @@ msgstr "V2ray 分流"
msgid "Preproxy"
msgstr "前置代理"
msgid "Direct Connection"
msgstr "直连"
msgid "Blackhole"
msgstr "黑洞"
msgid "Use the default node for the transit."
msgstr "使用默认节点代理转发。"
@@ -742,6 +748,12 @@ msgstr "周"
msgid "oclock"
msgstr "点"
msgid "Location of Xray asset"
msgstr "Xray 资源文件目录"
msgid "This variable specifies a directory where geoip.dat and geosite.dat files are."
msgstr "此变量指定geoip.dat和geosite.dat文件所在的目录。"
msgid "Update..."
msgstr "更新中"
@@ -1054,6 +1066,12 @@ msgstr "节点数量"
msgid "You can only set up a maximum of %s nodes for the time being, Used for access control."
msgstr "目前最多只能设置%s个节点用于给访问控制使用。"
msgid "IPv6 TProxy"
msgstr "IPv6透明代理(TProxy)"
msgid "Experimental feature.Make sure that your node supports IPv6."
msgstr "实验特性请确保你的节点支持IPv6"
msgid "Status info"
msgstr "状态信息"

21
package/lienol/luci-app-passwall/root/etc/config/passwall
View File

@@ -36,6 +36,7 @@ config global_forwarding
config global_other
option status 'big_icon show_check_port show_ip111'
option nodes_ping 'auto_ping tcping'
option ipv6_tproxy '0'
config global_rules
option auto_update '0'
@@ -66,6 +67,26 @@ config global_subscribe
config auto_switch
option testing_time '1'
option enable '0'
config nodes '696cd32c1d5149ee95fd1b3accbad6df'
option remarks '分流总节点'
option type 'Xray'
option protocol '_shunt'
option youtube 'nil'
option netflix 'nil'
option TVB 'nil'
option Telegram 'nil'
option default_node 'nil'
option default_proxy '0'
option domainStrategy 'IPIfNonMatch'
config shunt_rules 'Telegram'
option remarks 'Telegram'
option ip_list '149.154.160.0/20
91.108.4.0/22
91.108.56.0/24
109.239.140.0/24
67.198.55.0/24'
config shunt_rules 'youtube'
option remarks 'youtube'

131
package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
View File

@@ -10,6 +10,7 @@ TMP_PATH=/var/etc/$CONFIG
TMP_BIN_PATH=$TMP_PATH/bin
TMP_ID_PATH=$TMP_PATH/id
TMP_PORT_PATH=$TMP_PATH/port
TMP_ROUTE_PATH=$TMP_PATH/route
LOCK_FILE=/var/lock/$CONFIG.lock
LOG_FILE=/var/log/$CONFIG.log
APP_PATH=/usr/share/$CONFIG
@@ -305,7 +306,7 @@ load_config() {
DNS_CACHE=$(config_t_get global dns_cache 0)
LOCAL_DNS=$(config_t_get global up_china_dns default | sed 's/:/#/g')
if [ "${LOCAL_DNS}" = "default" ]; then
DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep ".server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' ',')
DEFAULT_DNS=$(uci show dhcp | grep "@dnsmasq" | grep "\.server=" | awk -F '=' '{print $2}' | sed "s/'//g" | tr ' ' ',')
if [ -z "${DEFAULT_DNS}" ]; then
DEFAULT_DNS=$(echo -n $(sed -n 's/^nameserver[ \t]*\([^ ]*\)$/\1/p' "${RESOLVFILE}" | grep -v "0.0.0.0" | grep -v "127.0.0.1" | grep -v "^::$" | head -2) | tr ' ' ',')
fi
@@ -313,7 +314,8 @@ load_config() {
IS_DEFAULT_DNS=1
fi
PROXY_IPV6=$(config_t_get global_forwarding proxy_ipv6 0)
mkdir -p /var/etc $TMP_PATH $TMP_BIN_PATH $TMP_ID_PATH $TMP_PORT_PATH
export XRAY_LOCATION_ASSET=$(config_t_get global_rules xray_location_asset "/usr/share/xray/")
mkdir -p /var/etc $TMP_PATH $TMP_BIN_PATH $TMP_ID_PATH $TMP_PORT_PATH $TMP_ROUTE_PATH
return 0
}
@@ -595,8 +597,36 @@ node_switch() {
local log_file=$TMP_PATH/${1}.log
eval current_port=\$${1}_REDIR_PORT
local port=$(cat $TMP_PORT_PATH/${1})
local ids=$(uci show $CONFIG | grep "=socks" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for id in $ids; do
[ "$(config_n_get $id enabled 0)" == "0" ] && continue
[ "$(config_n_get $id node nil)" != "tcp" ] && continue
local socks_port=$(config_n_get $id port)
local http_port=$(config_n_get $id http_port 0)
top -bn1 | grep -E "$TMP_PATH" | grep -i "SOCKS" | grep "$id" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
tcp_node_socks=1
tcp_node_socks_port=$socks_port
tcp_node_socks_id=$id
[ "$http_port" != "0" ] && {
tcp_node_http=1
tcp_node_http_port=$http_port
tcp_node_http_id=$id
}
break
done
run_redir $node "0.0.0.0" $port $config_file $1 $log_file
echo $node > $TMP_ID_PATH/${1}
[ "$1" = "TCP" ] && {
[ "$(config_t_get global udp_node nil)" = "tcp_" ] && {
top -bn1 | grep -E "$TMP_PATH" | grep -i "UDP" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
UDP_NODE=$node
start_redir UDP
}
}
#local node_net=$(echo $1 | tr 'A-Z' 'a-z')
#uci set $CONFIG.@global[0].${node_net}_node=$node
#uci commit $CONFIG
@@ -658,10 +688,10 @@ clean_log() {
clean_crontab() {
touch /etc/crontabs/root
#sed -i "/${CONFIG}/d" /etc/crontabs/root >/dev/null 2>&1 &
sed -i "/$(echo "/etc/init.d/${CONFIG}" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
sed -i "/$(echo "lua ${APP_PATH}/rule_update.lua log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
sed -i "/$(echo "lua ${APP_PATH}/subscribe.lua start log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1 &
#sed -i "/${CONFIG}/d" /etc/crontabs/root >/dev/null 2>&1
sed -i "/$(echo "/etc/init.d/${CONFIG}" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
sed -i "/$(echo "lua ${APP_PATH}/rule_update.lua log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
sed -i "/$(echo "lua ${APP_PATH}/subscribe.lua start log" | sed 's#\/#\\\/#g')/d" /etc/crontabs/root >/dev/null 2>&1
}
start_crontab() {
@@ -721,7 +751,6 @@ start_crontab() {
stop_crontab() {
clean_crontab
ps | grep "$APP_PATH/test.sh" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
/etc/init.d/cron restart
#echolog "清除定时执行命令。"
}
@@ -914,7 +943,9 @@ add_dnsmasq() {
local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for shunt_id in $shunt_ids; do
local shunt_node_id=$(config_n_get $TCP_NODE ${shunt_id} nil)
[ "$shunt_node_id" = "nil" ] && continue
if [ "$shunt_node_id" = "nil" ] || [ "$shunt_node_id" = "_direct" ] || [ "$shunt_node_id" = "_blackhole" ]; then
continue
fi
local shunt_node=$(config_n_get $shunt_node_id address nil)
[ "$shunt_node" = "nil" ] && continue
config_n_get $shunt_id domain_list | grep -v 'regexp:\|geosite:\|ext:' | sed 's/domain:\|full:\|//g' | tr -s "\r\n" "\n" | sort -u | gen_dnsmasq_items "shuntlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/998-shunt_host.conf"
@@ -928,8 +959,8 @@ add_dnsmasq() {
[ -n "$CHINADNS_NG" ] && fwd_dns="${china_ng_gfw}"
[ -n "$CHINADNS_NG" ] && unset fwd_dns
[ ! -f "${TMP_PATH}/gfwlist.txt" ] && sed -n 's/^ipset=\/\.\?\([^/]*\).*$/\1/p' "${RULES_PATH}/gfwlist.conf" | sort -u > "${TMP_PATH}/gfwlist.txt"
sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
#sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist,gfwlist6" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
#sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
sort -u "${TMP_PATH}/gfwlist.txt" | gen_dnsmasq_items "gfwlist,gfwlist6" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/999-gfwlist.conf"
echolog " - [$?]防火墙域名表(gfwlist)${fwd_dns:-默认}"
else
#回国模式
@@ -1035,6 +1066,44 @@ del_dnsmasq() {
rm -rf $TMP_DNSMASQ_PATH
}
add_ip2route() {
local ip=$(get_host_ip "ipv4" $1)
[ -z "$ip" ] && {
echolog " - 无法解析${1},路由表添加失败!"
return 1
}
local remarks="${1}"
[ "$remarks" != "$ip" ] && remarks="${1}(${ip})"
local interface=$2
local retries=5
local failcount=0
while [ "$failcount" -lt $retries ]; do
unset msg
ip route show dev ${interface} >/dev/null 2>&1
if [ $? -ne 0 ]; then
let "failcount++"
echolog " - 找不到出口接口:$interface1分钟后再重试(${failcount}/${retries})${ip}"
[ "$failcount" -ge $retries ] && return 1
sleep 1m
else
route add -host ${ip} dev ${interface} >/dev/null 2>&1
echolog " - ${remarks}添加路由表${interface}接口成功!"
echo "$ip" >> $TMP_ROUTE_PATH/${interface}
break
fi
done
}
delete_ip2route() {
[ -d "${TMP_ROUTE_PATH}" ] && {
for interface in $(ls ${TMP_ROUTE_PATH}); do
for ip in $(cat ${TMP_ROUTE_PATH}/${interface}); do
route del -host ${ip} dev ${interface} >/dev/null 2>&1
done
done
}
}
start_haproxy() {
local haproxy_path haproxy_file item items lport sort_items
@@ -1109,28 +1178,10 @@ start_haproxy() {
server $bip:$bport $bip:$bport weight $lbweight check inter 1500 rise 1 fall 3 $bbackup
EOF
#暂时不开启此功能以后抽时间改成后台执行防止卡luci。
:<<!
if [ "$export" != "0" ]; then
unset msg
failcount=0
while [ "$failcount" -lt "3" ]; do
ip route show dev ${export} >/dev/null 2>&1
if [ $? -ne 0 ]; then
let "failcount++"
echolog " - 找不到出口接口:$export1分钟后再重试(${failcount}/3)${bip}"
[ "$failcount" -ge 3 ] && exit 0
sleep 1m
else
route add -host ${bip} dev ${export}
msg="[$?] 从 ${export} 接口路由,"
echo "$bip" >>/tmp/balancing_ip
break
fi
done
add_ip2route ${bip} ${export} > /dev/null 2>&1 &
fi
echolog " | - ${msg}出口节点:${bip}:${bport},权重:${lbweight}"
!
echolog " | - 出口节点:${bip}:${bport},权重:${lbweight}"
done
# 控制台配置
@@ -1156,7 +1207,7 @@ start_haproxy() {
}
kill_all() {
kill -9 $(pidof "$@") >/dev/null 2>&1 &
kill -9 $(pidof "$@") >/dev/null 2>&1
}
force_stop() {
@@ -1195,7 +1246,15 @@ restart_dnsmasq() {
}
boot() {
[ "$ENABLED" == 1 ] && start
[ "$ENABLED" == 1 ] && {
local delay=$(config_t_get global_delay start_delay 1)
if [ "$delay" -gt 0 ]; then
echolog "执行启动延时 $delay 秒后再启动!"
sleep $delay && start >/dev/null 2>&1 &
else
start
fi
}
return 0
}
@@ -1226,12 +1285,12 @@ stop() {
set_lock
clean_log
source $APP_PATH/iptables.sh stop
delete_ip2route
kill_all v2ray-plugin obfs-local
top -bn1 | grep -v "grep" | grep $CONFIG/test.sh | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
top -bn1 | grep -v "grep" | grep $CONFIG/monitor.sh | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
top -bn1 | grep -v -E "grep|${TMP_PATH}_server" | grep -E "$TMP_PATH" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
top -bn1 | grep -v "grep" | grep "sleep 1m" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
top -bn1 | grep -v "grep" | grep "sleep" | grep -E "9s|58s" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
top -bn1 | grep -v "grep" | grep -v "app.sh" | grep "${CONFIG}/" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
rm -rf $TMP_DNSMASQ_PATH $TMP_PATH
unset XRAY_LOCATION_ASSET
stop_crontab
del_dnsmasq
/etc/init.d/dnsmasq restart >/dev/null 2>&1

286
package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
View File

@@ -4,14 +4,24 @@ IPSET_LANIPLIST="laniplist"
IPSET_VPSIPLIST="vpsiplist"
IPSET_SHUNTLIST="shuntlist"
IPSET_GFW="gfwlist"
#IPSET_GFW6="gfwlist6"
IPSET_CHN="chnroute"
IPSET_CHN6="chnroute6"
IPSET_BLACKLIST="blacklist"
IPSET_BLACKLIST2="blacklist2"
IPSET_BLACKLIST3="blacklist3"
IPSET_WHITELIST="whitelist"
IPSET_LANIPLIST_6="laniplist6"
IPSET_VPSIPLIST_6="vpsiplist6"
IPSET_SHUNTLIST_6="shuntlist6"
IPSET_GFW6="gfwlist6"
IPSET_CHN6="chnroute6"
IPSET_BLACKLIST_6="blacklist_6"
IPSET_BLACKLIST2_6="blacklist2_6"
IPSET_BLACKLIST3_6="blacklist3_6"
IPSET_WHITELIST_6="whitelist_6"
PROXY_IPV6=0
FORCE_INDEX=2
ipt_n="iptables -t nat"
@@ -79,6 +89,26 @@ get_redirect_ipt() {
esac
}
get_redirect_ip6t() {
case "$1" in
disable)
echo "-j RETURN"
;;
global)
echo "$(REDIRECT $2 $3)"
;;
gfwlist)
echo "$(dst $IPSET_GFW6) $(REDIRECT $2 $3)"
;;
chnroute)
echo "$(dst $IPSET_CHN6 !) $(REDIRECT $2 $3)"
;;
returnhome)
echo "$(dst $IPSET_CHN6) $(REDIRECT $2 $3)"
;;
esac
}
get_action_chain_name() {
case "$1" in
disable)
@@ -113,6 +143,24 @@ gen_laniplist() {
EOF
}
gen_laniplist_6() {
cat <<-EOF
::/128
::1/128
::ffff:0:0/96
::ffff:0:0:0/96
64:ff9b::/96
100::/64
2001::/32
2001:20::/28
2001:db8::/32
2002::/16
fc00::/7
fe80::/10
ff00::/8
EOF
}
load_acl() {
local items=$(get_enabled_anonymous_secs "@acl_rule")
[ -n "$items" ] && {
@@ -156,16 +204,24 @@ load_acl() {
fi
[ "$tcp_no_redir_ports" != "disable" ] && {
$ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -m multiport --dport $tcp_no_redir_ports -j RETURN
msg2="${msg2}[$?]除${tcp_no_redir_ports}外的"
}
msg2="${msg2}所有端口"
$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $tcp_port $is_tproxy)
$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $tcp_port $is_tproxy)
$ipt_tmp -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ipt $tcp_proxy_mode $tcp_port $is_tproxy)
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $tcp_port TPROXY)
$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $tcp_port TPROXY)
$ip6t_m -A PSW $(comment "$remarks") -p tcp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $tcp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $tcp_proxy_mode $tcp_port TPROXY)
fi
}
echolog " - ${msg2}"
}
$ipt_tmp -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -j RETURN
$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p tcp -j RETURN
[ "$udp_proxy_mode" != "disable" ] && {
msg2="${msg}使用UDP节点 [$(get_action_chain_name $udp_proxy_mode)]"
@@ -174,16 +230,24 @@ load_acl() {
msg2="${msg2}(TPROXY:${udp_port})代理"
[ "$udp_no_redir_ports" != "disable" ] && {
$ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN
$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -m multiport --dport $udp_no_redir_ports -j RETURN
msg2="${msg2}[$?]除${udp_no_redir_ports}外的"
}
msg2="${msg2}所有端口"
$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $udp_port TPROXY)
$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $udp_port TPROXY)
$ipt_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(get_redirect_ipt $udp_proxy_mode $udp_port TPROXY)
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $udp_port TPROXY)
$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $udp_port TPROXY)
$ip6t_m -A PSW $(comment "$remarks") -p udp $(factor $ip "-s") $(factor $mac "-m mac --mac-source") $(factor $udp_redir_ports "-m multiport --dport") $(get_redirect_ip6t $udp_proxy_mode $udp_port TPROXY)
fi
}
echolog " - ${msg2}"
}
$ipt_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -j RETURN
$ip6t_m -A PSW $(comment "$remarks") $(factor $ip "-s") $(factor $mac "-m mac --mac-source") -p udp -j RETURN
done
}
@@ -191,7 +255,11 @@ load_acl() {
local ipt_tmp=$ipt_n
local is_tproxy msg
if [ "$TCP_PROXY_MODE" != "disable" ]; then
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && $ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_tmp -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
$ip6t_m -A PSW $(comment "默认") -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
}
ipt_tmp=$ipt_n
unset is_tproxy msg
[ "$TCP_NODE" != "nil" ] && {
@@ -210,11 +278,19 @@ load_acl() {
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $TCP_REDIR_PORT $is_tproxy)
$ipt_tmp -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $TCP_PROXY_MODE $TCP_REDIR_PORT $is_tproxy)
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $TCP_REDIR_PORT TPROXY)
$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $TCP_REDIR_PORT TPROXY)
$ip6t_m -A PSW $(comment "默认") -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $TCP_PROXY_MODE $TCP_REDIR_PORT TPROXY)
fi
echolog "${msg}"
}
fi
$ipt_n -A PSW $(comment "默认") -p tcp -j RETURN
$ipt_m -A PSW $(comment "默认") -p tcp -j RETURN
$ip6t_m -A PSW $(comment "默认") -p tcp -j RETURN
# 加载UDP默认代理模式
if [ "$UDP_PROXY_MODE" != "disable" ]; then
@@ -226,10 +302,18 @@ load_acl() {
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ipt_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $UDP_PROXY_MODE $UDP_REDIR_PORT TPROXY)
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT $UDP_REDIR_PORT TPROXY)
$ip6t_m -A PSW $(comment "默认") -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $UDP_PROXY_MODE/6 $UDP_REDIR_PORT TPROXY)
fi
echolog "${msg}"
}
fi
$ipt_m -A PSW $(comment "默认") -p udp -j RETURN
$ip6t_m -A PSW $(comment "默认") -p udp -j RETURN
unset is_tproxy msg
}
@@ -243,7 +327,7 @@ filter_haproxy() {
filter_vpsip() {
uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
#uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIP6LIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
uci show $CONFIG | grep ".address=" | cut -d "'" -f 2 | grep -E "([[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){0,7}::[a-f0-9]{0,4}(:[a-f0-9]{1,4}){0,7}])" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_VPSIPLIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
echolog "加入所有节点到ipset[$IPSET_VPSIPLIST]直连完成"
}
@@ -364,24 +448,37 @@ add_firewall_rule() {
ipset -! create $IPSET_VPSIPLIST nethash
ipset -! create $IPSET_SHUNTLIST nethash
ipset -! create $IPSET_GFW nethash
#ipset -! create $IPSET_GFW6 nethash family inet6
ipset -! create $IPSET_CHN nethash
ipset -! create $IPSET_CHN6 nethash family inet6
ipset -! create $IPSET_BLACKLIST nethash
ipset -! create $IPSET_BLACKLIST2 nethash
ipset -! create $IPSET_BLACKLIST3 nethash
ipset -! create $IPSET_WHITELIST nethash
ipset -! create $IPSET_LANIPLIST_6 nethash family inet6
ipset -! create $IPSET_VPSIPLIST_6 nethash family inet6
ipset -! create $IPSET_SHUNTLIST_6 nethash family inet6
ipset -! create $IPSET_GFW6 nethash family inet6
ipset -! create $IPSET_CHN6 nethash family inet6
ipset -! create $IPSET_BLACKLIST_6 nethash family inet6
ipset -! create $IPSET_BLACKLIST2_6 nethash family inet6
ipset -! create $IPSET_BLACKLIST3_6 nethash family inet6
ipset -! create $IPSET_WHITELIST_6 nethash family inet6
local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}')
for shunt_id in $shunt_ids; do
config_n_get $shunt_id ip_list | tr -s "\r\n" "\n" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_SHUNTLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
done
cat $RULES_PATH/chnroute | sed -e "/^$/d" | sed -e "s/^/add $IPSET_CHN &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/proxy_ip | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "s/^/add $IPSET_BLACKLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/direct_ip | sed -e "/^$/d" | grep -E "(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}" | sed -e "s/^/add $IPSET_WHITELIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/chnroute6 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_CHN6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/proxy_ip | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/direct_ip | sed -e "/^$/d" | sed -e "s/^/add $IPSET_WHITELIST &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/proxy_ip | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip2" ] && cat $RULES_PATH/proxy_ip2 | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST2_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
[ -f "$RULES_PATH/proxy_ip3" ] && cat $RULES_PATH/proxy_ip3 | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_BLACKLIST3_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
cat $RULES_PATH/direct_ip | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | sed -e "/^$/d" | sed -e "s/^/add $IPSET_WHITELIST_6 &/g" | awk '{print $0} END{print "COMMIT"}' | ipset -! -R
ipset -! -R <<-EOF
$(gen_laniplist | sed -e "s/^/add $IPSET_LANIPLIST /")
@@ -390,14 +487,31 @@ add_firewall_rule() {
echolog "系统不兼容,终止执行!"
return 1
}
ipset -! -R <<-EOF
$(gen_laniplist_6 | sed -e "s/^/add $IPSET_LANIPLIST_6 /")
EOF
# [ $? -eq 0 ] || {
# echolog "系统不兼容IPv6终止执行"
# return 1
# }
# 忽略特殊IP段
local lan_ifname lan_ip
lan_ifname=$(uci -q -p /var/state get network.lan.ifname)
[ -n "$lan_ifname" ] && {
lan_ip=$(ip address show $lan_ifname | grep -w "inet" | awk '{print $2}')
#echolog "本机网段互访直连:${lan_ip}"
[ -n "$lan_ip" ] && ipset -! add $IPSET_LANIPLIST $lan_ip >/dev/null 2>&1 &
lan_ip6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}')
#echolog "本机IPv4网段互访直连${lan_ip}"
#echolog "本机IPv6网段互访直连${lan_ip6}"
[ -n "$lan_ip" ] && ipset -! -R <<-EOF
$(echo $lan_ip | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANIPLIST /")
EOF
[ -n "$lan_ip6" ] && ipset -! -R <<-EOF
$(echo $lan_ip6 | sed -e "s/ /\n/g" | sed -e "s/^/add $IPSET_LANIPLIST_6 /")
EOF
}
local ISP_DNS=$(cat $RESOLVFILE 2>/dev/null | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort -u | grep -v 0.0.0.0 | grep -v 127.0.0.1)
@@ -408,16 +522,25 @@ add_firewall_rule() {
#echolog " - 追加到白名单:${ispip}"
done
}
local ISP_DNS6=$(cat $RESOLVFILE 2>/dev/null | grep -E "([A-Fa-f0-9]{0,4}::?){1,7}[A-Fa-f0-9]{1,4}" | awk -F % '{print $1}' | awk -F " " '{print $2}'| sort -u )
[ -n "$ISP_DNS" ] && {
#echolog "处理 ISP IPv6 DNS 例外..."
for ispip6 in $ISP_DNS; do
ipset -! add $IPSET_WHITELIST_6 $ispip6 >/dev/null 2>&1 &
#echolog " - 追加到白名单:${ispip6}"
done
}
# 过滤所有节点IP
filter_vpsip > /dev/null 2>&1 &
filter_haproxy > /dev/null 2>&1 &
$ipt_n -N PSW
$ipt_n -A PSW $(dst $IPSET_LANIPLIST) -j RETURN
$ipt_n -A PSW $(dst $IPSET_VPSIPLIST) -j RETURN
$ipt_n -A PSW $(dst $IPSET_WHITELIST) -j RETURN
$ipt_n -N PSW_OUTPUT
$ipt_n -A PSW_OUTPUT $(dst $IPSET_LANIPLIST) -j RETURN
$ipt_n -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST) -j RETURN
@@ -427,7 +550,7 @@ add_firewall_rule() {
$ipt_m -A PSW $(dst $IPSET_LANIPLIST) -j RETURN
$ipt_m -A PSW $(dst $IPSET_VPSIPLIST) -j RETURN
$ipt_m -A PSW $(dst $IPSET_WHITELIST) -j RETURN
$ipt_m -N PSW_OUTPUT
$ipt_m -A PSW_OUTPUT $(dst $IPSET_LANIPLIST) -j RETURN
$ipt_m -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST) -j RETURN
@@ -435,7 +558,48 @@ add_firewall_rule() {
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
local NODE_TYPE=$(echo $(config_n_get $TCP_NODE type) | tr 'A-Z' 'a-z')
local ipv6_tproxy=$(config_t_get global_other ipv6_tproxy 0)
if [ $NODE_TYPE == "xray" ] && [ $ipv6_tproxy == "1" ]; then
PROXY_IPV6=1
echolog "节点类型:$NODE_TYPE开启实验性IPv6透明代理(TProxy)..."
else
[ $enble_ipv6=="1" ] && echolog "节点类型:$NODE_TYPE暂不支持IPv6透明代理(TProxy)..."
fi
#$ip6t_n -N PSW
#$ip6t_n -A PREROUTING -j PSW
#$ip6t_n -N PSW_OUTPUT
#$ip6t_n -A OUTPUT -p tcp -j PSW_OUTPUT
$ip6t_m -N PSW
$ip6t_m -A PSW $(dst $IPSET_LANIPLIST_6) -j RETURN
$ip6t_m -A PSW $(dst $IPSET_VPSIPLIST_6) -j RETURN
$ip6t_m -A PSW $(dst $IPSET_WHITELIST_6) -j RETURN
$ip6t_m -A PREROUTING -j PSW
$ip6t_m -N PSW_OUTPUT
$ip6t_m -A PSW_OUTPUT $(dst $IPSET_LANIPLIST_6) -j RETURN
$ip6t_m -A PSW_OUTPUT $(dst $IPSET_VPSIPLIST_6) -j RETURN
$ip6t_m -A PSW_OUTPUT $(dst $IPSET_WHITELIST_6) -j RETURN
$ip6t_m -A OUTPUT -p tcp -j PSW_OUTPUT
ip -6 rule add fwmark 1 table 100
ip -6 route add local ::/0 dev lo table 100
[ -n "$lan_ifname" ] && {
lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段
[ -n "$lan_ipv6" ] && {
for ip in $lan_ipv6; do
$ip6t_m -A PSW -d $ip -j RETURN
$ip6t_m -A PSW_OUTPUT -d $ip -j RETURN
done
}
}
# 加载路由器自身代理 TCP
if [ "$TCP_NODE" != "nil" ]; then
local ipt_tmp=$ipt_n
@@ -469,11 +633,18 @@ add_firewall_rule() {
$ipt_tmp -A OUTPUT -p tcp -j PSW_OUTPUT
[ "$TCP_NO_REDIR_PORTS" != "disable" ] && {
$ipt_tmp -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
$ip6t_m -A PSW_OUTPUT -p tcp -m multiport --dport $TCP_NO_REDIR_PORTS -j RETURN
echolog " - [$?]不代理TCP 端口:$TCP_NO_REDIR_PORTS"
}
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $blist_r
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $blist_r
$ipt_tmp -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $p_r
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT 1 MARK)
$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT 1 MARK)
$ip6t_m -A PSW_OUTPUT -p tcp $(factor $TCP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $LOCALHOST_TCP_PROXY_MODE 1 MARK)
fi
fi
local PR_INDEX=$(RULE_LAST_INDEX "$ipt_n" PREROUTING ADBYBY)
@@ -485,33 +656,14 @@ add_firewall_rule() {
PR_INDEX=$((PR_INDEX + 1))
$ipt_n -I PREROUTING $PR_INDEX -p tcp -j PSW
echolog "使用链表 PREROUTING 排列索引${PR_INDEX}[$?]"
$ip6t_n -N PSW
$ip6t_n -A PREROUTING -j PSW
$ip6t_n -N PSW_OUTPUT
$ip6t_n -A OUTPUT -p tcp -j PSW_OUTPUT
$ip6t_m -N PSW
$ip6t_m -A PREROUTING -j PSW
$ip6t_m -N PSW_OUTPUT
$ip6t_m -A OUTPUT -p tcp -j PSW_OUTPUT
[ -n "$lan_ifname" ] && {
lan_ipv6=$(ip address show $lan_ifname | grep -w "inet6" | awk '{print $2}') #当前LAN IPv6段
[ -n "$lan_ipv6" ] && {
for ip in $lan_ipv6; do
$ip6t_n -A PSW -d $ip -j RETURN
$ip6t_n -A PSW_OUTPUT -d $ip -j RETURN
done
}
}
if [ "$PROXY_IPV6" == "1" ]; then
local msg="IPv6 配置不当,无法代理"
$ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT)
$ip6t_n -A PSW_OUTPUT -p tcp $(REDIRECT $TCP_REDIR_PORT)
msg="${msg},转发 IPv6 TCP 流量到节点[$?]"
echolog "$msg"
fi
# if [ "$PROXY_IPV6" == "1" ]; then
# local msg="IPv6 配置不当,无法代理"
# $ip6t_n -A PSW -p tcp $(REDIRECT $TCP_REDIR_PORT)
# $ip6t_n -A PSW_OUTPUT -p tcp $(REDIRECT $TCP_REDIR_PORT)
# msg="${msg},转发 IPv6 TCP 流量到节点[$?]"
# echolog "$msg"
# fi
# 过滤Socks节点
[ "$SOCKS_ENABLED" = "1" ] && {
@@ -551,7 +703,7 @@ add_firewall_rule() {
filter_node $node $stream $port > /dev/null 2>&1 &
fi
done
# 加载路由器自身代理 UDP
if [ "$UDP_NODE" != "nil" ]; then
echolog "加载路由器自身 UDP 代理..."
@@ -577,15 +729,21 @@ add_firewall_rule() {
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST) $(REDIRECT 1 MARK)
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST) $(REDIRECT 1 MARK)
$ipt_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ipt $LOCALHOST_UDP_PROXY_MODE 1 MARK)
if [ "$PROXY_IPV6" == "1" ]; then
$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_SHUNTLIST_6) $(REDIRECT 1 MARK)
$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(dst $IPSET_BLACKLIST_6) $(REDIRECT 1 MARK)
$ip6t_m -A PSW_OUTPUT -p udp $(factor $UDP_REDIR_PORTS "-m multiport --dport") $(get_redirect_ip6t $LOCALHOST_UDP_PROXY_MODE 1 MARK)
fi
fi
$ipt_m -A PREROUTING -j PSW
# 加载ACLS
load_acl
# dns_hijack "force"
echolog "防火墙规则加载完成!"
}
@@ -606,9 +764,11 @@ del_firewall_rule() {
$ip6t_m -D PREROUTING -j PSW 2>/dev/null
$ip6t_m -D OUTPUT -p tcp -j PSW_OUTPUT 2>/dev/null
$ip6t_m -D OUTPUT -p udp -j PSW_OUTPUT 2>/dev/null
ib_nat_exist=$(expr $ib_nat_exist - 1)
done
fi
$ipt_n -F PSW 2>/dev/null && $ipt_n -X PSW 2>/dev/null
$ipt_n -F PSW_OUTPUT 2>/dev/null && $ipt_n -X PSW_OUTPUT 2>/dev/null
@@ -622,17 +782,29 @@ del_firewall_rule() {
ip rule del fwmark 1 lookup 100 2>/dev/null
ip route del local 0.0.0.0/0 dev lo table 100 2>/dev/null
ip -6 rule del fwmark 1 table 100 2>/dev/null
ip -6 route del local ::/0 dev lo table 100 2>/dev/null
ipset -F $IPSET_LANIPLIST >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST >/dev/null 2>&1 &
ipset -F $IPSET_VPSIPLIST >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST >/dev/null 2>&1 &
#ipset -F $IPSET_SHUNTLIST >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST >/dev/null 2>&1 &
#ipset -F $IPSET_GFW >/dev/null 2>&1 && ipset -X $IPSET_GFW >/dev/null 2>&1 &
#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
#ipset -F $IPSET_CHN >/dev/null 2>&1 && ipset -X $IPSET_CHN >/dev/null 2>&1 &
#ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST2 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2 >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST3 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3 >/dev/null 2>&1 &
ipset -F $IPSET_WHITELIST >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST >/dev/null 2>&1 &
ipset -F $IPSET_LANIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST_6 >/dev/null 2>&1 &
ipset -F $IPSET_VPSIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST_6 >/dev/null 2>&1 &
#ipset -F $IPSET_SHUNTLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST_6 >/dev/null 2>&1 &
#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
#ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST_6 >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST2_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2_6 >/dev/null 2>&1 &
#ipset -F $IPSET_BLACKLIST3_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3_6 >/dev/null 2>&1 &
ipset -F $IPSET_WHITELIST_6 >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST_6 >/dev/null 2>&1 &
echolog "删除相关防火墙规则完成。"
}
@@ -641,13 +813,21 @@ flush_ipset() {
ipset -F $IPSET_VPSIPLIST >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST >/dev/null 2>&1 &
ipset -F $IPSET_SHUNTLIST >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST >/dev/null 2>&1 &
ipset -F $IPSET_GFW >/dev/null 2>&1 && ipset -X $IPSET_GFW >/dev/null 2>&1 &
#ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
ipset -F $IPSET_CHN >/dev/null 2>&1 && ipset -X $IPSET_CHN >/dev/null 2>&1 &
ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST2 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2 >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST3 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3 >/dev/null 2>&1 &
ipset -F $IPSET_WHITELIST >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST >/dev/null 2>&1 &
ipset -F $IPSET_LANIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_LANIPLIST_6 >/dev/null 2>&1 &
ipset -F $IPSET_VPSIPLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_VPSIPLIST_6 >/dev/null 2>&1 &
ipset -F $IPSET_SHUNTLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_SHUNTLIST_6 >/dev/null 2>&1 &
ipset -F $IPSET_GFW6 >/dev/null 2>&1 && ipset -X $IPSET_GFW6 >/dev/null 2>&1 &
ipset -F $IPSET_CHN6 >/dev/null 2>&1 && ipset -X $IPSET_CHN6 >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST_6 >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST2_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST2_6 >/dev/null 2>&1 &
ipset -F $IPSET_BLACKLIST3_6 >/dev/null 2>&1 && ipset -X $IPSET_BLACKLIST3_6 >/dev/null 2>&1 &
ipset -F $IPSET_WHITELIST_6 >/dev/null 2>&1 && ipset -X $IPSET_WHITELIST_6 >/dev/null 2>&1 &
}
flush_include() {

88
package/lienol/luci-app-passwall/root/usr/share/passwall/monitor.sh
View File

@@ -1,7 +1,9 @@
#!/bin/sh
CONFIG=passwall
RUN_BIN_PATH=/var/etc/${CONFIG}/bin
TMP_PATH=/var/etc/$CONFIG
TMP_BIN_PATH=$TMP_PATH/bin
TMP_ID_PATH=$TMP_PATH/id
config_n_get() {
local ret=$(uci -q get $CONFIG.$1.$2 2>/dev/null)
@@ -23,59 +25,71 @@ ENABLED=$(config_t_get global enabled 0)
[ "$ENABLED" != 1 ] && return 1
ENABLED=$(config_t_get global_delay start_daemon 0)
[ "$ENABLED" != 1 ] && return 1
sleep 1m
sleep 58s
while [ "$ENABLED" -eq 1 ]
do
#tcp
TCP_NODE=$(config_t_get global tcp_node nil)
if [ "$TCP_NODE" != "nil" ]; then
#kcptun
use_kcp=$(config_n_get $TCP_NODE use_kcp 0)
if [ $use_kcp -gt 0 ]; then
icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH/kcptun" | grep -i "tcp" | wc -l)
#TCP
[ -f "$TMP_ID_PATH/TCP" ] && {
TCP_NODE=$(cat $TMP_ID_PATH/TCP)
if [ "$TCP_NODE" != "nil" ]; then
#kcptun
use_kcp=$(config_n_get $TCP_NODE use_kcp 0)
if [ $use_kcp -gt 0 ]; then
icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH/kcptun" | grep -i "tcp" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/$CONFIG restart
exit 0
fi
fi
icount=$(top -bn1 | grep -v -E 'grep|kcptun' | grep "$TMP_BIN_PATH" | grep -i "TCP" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/passwall restart
/etc/init.d/$CONFIG restart
exit 0
fi
fi
icount=$(top -bn1 | grep -v -E 'grep|kcptun' | grep "$RUN_BIN_PATH" | grep -i "TCP" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/passwall restart
exit 0
fi
fi
}
#udp
UDP_NODE=$(config_t_get global udp_node nil)
if [ "$UDP_NODE" != "nil" ]; then
[ "$UDP_NODE" == "tcp" ] && continue
[ "$UDP_NODE" == "tcp_" ] && UDP_NODE=$TCP_NODE1
icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH" | grep -i "UDP" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/passwall restart
exit 0
[ -f "$TMP_ID_PATH/UDP" ] && {
UDP_NODE=$(cat $TMP_ID_PATH/UDP)
if [ "$UDP_NODE" != "nil" ]; then
[ "$UDP_NODE" == "tcp" ] && continue
[ "$UDP_NODE" == "tcp_" ] && UDP_NODE=$TCP_NODE
icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH" | grep -i "UDP" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/$CONFIG restart
exit 0
fi
fi
fi
}
#dns
dns_mode=$(config_t_get global dns_mode)
if [ "$dns_mode" != "nonuse" ] && [ "$dns_mode" != "custom" ]; then
icount=$(netstat -apn | grep 7913 | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/passwall restart
exit 0
fi
fi
#haproxy
use_haproxy=$(config_t_get global_haproxy balancing_enable 0)
if [ $use_haproxy -gt 0 ]; then
icount=$(top -bn1 | grep -v grep | grep "$RUN_BIN_PATH/haproxy" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/passwall restart
/etc/init.d/$CONFIG restart
exit 0
fi
fi
sleep 1m
[ -f "$TMP_BIN_PATH/chinadns-ng" ] && {
icount=$(top -bn1 | grep -v grep | grep $TMP_BIN_PATH/chinadns-ng | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/$CONFIG restart
exit 0
fi
}
#haproxy
use_haproxy=$(config_t_get global_haproxy balancing_enable 0)
if [ $use_haproxy -gt 0 ]; then
icount=$(top -bn1 | grep -v grep | grep "$TMP_BIN_PATH/haproxy" | wc -l)
if [ $icount = 0 ]; then
/etc/init.d/$CONFIG restart
exit 0
fi
fi
sleep 58s
done

5
package/lienol/luci-app-passwall/root/usr/share/passwall/rules/proxy_ip
View File

@@ -11,3 +11,8 @@
1.0.0.1
9.9.9.9
149.112.112.112
2001:67c:4e8::/48
2001:b28:f23c::/48
2001:b28:f23d::/48
2001:b28:f23f::/48
2001:b28:f242::/48

104
package/lienol/luci-app-passwall/root/usr/share/passwall/subscribe.lua
View File

@@ -70,6 +70,7 @@ do
local node_id = t.node
CONFIG[#CONFIG + 1] = {
log = true,
id = t[".name"],
remarks = "Socks节点列表[" .. i .. "]",
currentNodeId = node_id,
currentNode = node_id and ucic2:get_all(application, node_id) or nil,
@@ -106,7 +107,7 @@ do
set = function(o)
for kk, vv in pairs(CONFIG) do
if (vv.remarks == "TCP备用节点的列表") then
log("刷新自动切换的TCP备用节点的列表")
--log("刷新自动切换的TCP备用节点的列表")
ucic2:set_list(application, "@auto_switch[0]", "tcp_node", vv.new_nodes)
end
end
@@ -133,7 +134,7 @@ do
local default_node_id = node.default_node
CONFIG[#CONFIG + 1] = {
log = false,
log = true,
currentNodeId = default_node_id,
currentNode = default_node_id and ucic2:get_all(application, default_node_id) or nil,
remarks = "分流默认节点",
@@ -145,7 +146,7 @@ do
local main_node_id = node.main_node
CONFIG[#CONFIG + 1] = {
log = false,
log = true,
currentNodeId = main_node_id,
currentNode = main_node_id and ucic2:get_all(application, main_node_id) or nil,
remarks = "分流默认前置代理节点",
@@ -182,7 +183,7 @@ do
set = function(o)
for kk, vv in pairs(CONFIG) do
if (vv.remarks == "负载均衡节点列表" .. node_id) then
log("刷新负载均衡节点列表")
--log("刷新负载均衡节点列表")
ucic2:foreach(application, uciType, function(node2)
if node2[".name"] == node[".name"] then
local index = node2[".index"]
@@ -586,31 +587,24 @@ local function curl(url)
end
local function truncate_nodes()
local function clear(type)
local node_num = ucic2:get(application, "@global_other[0]", type .. "_node_num") or 1
for i = 1, node_num, 1 do
local node = ucic2:get(application, "@global[0]", type .. "_node" .. i)
if node then
local is_sub_node = ucic2:get(application, node, "is_sub") or 0
if is_sub_node == "1" then
ucic2:set(application, '@global[0]', type .. "_node" .. i, "nil")
for _, config in pairs(CONFIG) do
if config.nodes and type(config.nodes) == "table" then
for kk, vv in pairs(config.nodes) do
if vv.currentNode.is_sub and vv.currentNode.is_sub == "1" then
else
vv.set(vv, vv.currentNodeId)
end
end
config.set(config)
else
if config.currentNode.is_sub and config.currentNode.is_sub == "1" then
config.set(config, "nil")
if config.id then
ucic2:delete(application, config.id)
end
end
end
end
clear("tcp")
clear("udp")
ucic2:foreach(application, "socks", function(t)
local node = t.node
if node then
local is_sub_node = ucic2:get(application, node, "is_sub") or 0
if is_sub_node == "1" then
ucic2:set(application, t[".name"], "node", "nil")
end
end
end)
ucic2:foreach(application, uciType, function(node)
if (node.is_sub or node.hashkey) and node.add_mode ~= '导入' then
ucic2:delete(application, node['.name'])
@@ -624,84 +618,96 @@ end
local function select_node(nodes, config)
local server
if config.currentNode then
for id, node in pairs(nodes) do
-- 特别优先级 分流 + 备注
if config.currentNode.protocol and config.currentNode.protocol == '_shunt' then
-- 特别优先级 分流 + 备注
if config.currentNode.protocol and config.currentNode.protocol == '_shunt' then
for index, node in pairs(nodes) do
if node.remarks == config.currentNode.remarks then
log('更新【' .. config.remarks .. '】分流匹配节点:' .. node.remarks)
server = id
server = node[".name"]
break
end
end
-- 特别优先级 负载均衡 + 备注
if config.currentNode.protocol and config.currentNode.protocol == '_balancing' then
end
-- 特别优先级 负载均衡 + 备注
if config.currentNode.protocol and config.currentNode.protocol == '_balancing' then
for index, node in pairs(nodes) do
if node.remarks == config.currentNode.remarks then
log('更新【' .. config.remarks .. '】负载均衡匹配节点:' .. node.remarks)
server = id
server = node[".name"]
break
end
end
-- 第一优先级 cfgid
if not server then
if id == config.currentNode['.name'] then
end
-- 第一优先级 cfgid
if not server then
for index, node in pairs(nodes) do
if node[".name"] == config.currentNode['.name'] then
if config.log == nil or config.log == true then
log('更新【' .. config.remarks .. '】第一匹配节点:' .. node.remarks)
end
server = id
server = node[".name"]
break
end
end
-- 第二优先级 类型 + IP + 端口
if not server then
end
-- 第二优先级 类型 + IP + 端口
if not server then
for index, node in pairs(nodes) do
if config.currentNode.type and config.currentNode.address and config.currentNode.port then
if node.type and node.address and node.port then
if node.type == config.currentNode.type and (node.address .. ':' .. node.port == config.currentNode.address .. ':' .. config.currentNode.port) then
if config.log == nil or config.log == true then
log('更新【' .. config.remarks .. '】第二匹配节点:' .. node.remarks)
end
server = id
server = node[".name"]
break
end
end
end
end
-- 第三优先级 IP + 端口
if not server then
end
-- 第三优先级 IP + 端口
if not server then
for index, node in pairs(nodes) do
if config.currentNode.address and config.currentNode.port then
if node.address and node.port then
if node.address .. ':' .. node.port == config.currentNode.address .. ':' .. config.currentNode.port then
if config.log == nil or config.log == true then
log('更新【' .. config.remarks .. '】第三匹配节点:' .. node.remarks)
end
server = id
server = node[".name"]
break
end
end
end
end
-- 第四优先级 IP
if not server then
end
-- 第四优先级 IP
if not server then
for index, node in pairs(nodes) do
if config.currentNode.address then
if node.address then
if node.address == config.currentNode.address then
if config.log == nil or config.log == true then
log('更新【' .. config.remarks .. '】第四匹配节点:' .. node.remarks)
end
server = id
server = node[".name"]
break
end
end
end
end
-- 第五优先级备注
if not server then
end
-- 第五优先级备注
if not server then
for index, node in pairs(nodes) do
if config.currentNode.remarks then
if node.remarks then
if node.remarks == config.currentNode.remarks then
if config.log == nil or config.log == true then
log('更新【' .. config.remarks .. '】第五匹配节点:' .. node.remarks)
end
server = id
server = node[".name"]
break
end
end
@@ -752,7 +758,7 @@ local function update_node(manual)
local nodes = {}
local ucic3 = luci.model.uci.cursor()
ucic3:foreach(application, uciType, function(node)
nodes[node['.name']] = node
nodes[#nodes + 1] = node
end)
for _, config in pairs(CONFIG) do

16
package/lienol/luci-app-passwall/root/usr/share/passwall/test.sh
View File

@@ -88,12 +88,13 @@ test_auto_switch() {
}
else
local tmp_port=$(/usr/share/${CONFIG}/app.sh get_new_port 61080 tcp)
/usr/share/${CONFIG}/app.sh run_socks "auto_switch" "$main_node" "127.0.0.1" "$tmp_port" "/var/etc/${CONFIG}/auto_switch.json"
/usr/share/${CONFIG}/app.sh run_socks "auto_switch" "$main_node" "127.0.0.1" "$tmp_port" "/var/etc/${CONFIG}/test.json"
local curlx="socks5h://127.0.0.1:$tmp_port"
fi
sleep 10s
sleep 9s
proxy_status=$(test_url "https://www.google.com/generate_204" 3 3 "-x $curlx")
top -bn1 | grep -v "grep" | grep "/var/etc/${CONFIG}/auto_switch.json" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
top -bn1 | grep -v "grep" | grep "/var/etc/${CONFIG}/test.json" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
rm -rf "/var/etc/${CONFIG}/test.json"
if [ "$proxy_status" -eq 200 ]; then
#主节点正常,切换到主节点
echolog "自动切换检测:${TYPE}主节点正常,切换到主节点!"
@@ -125,7 +126,7 @@ test_auto_switch() {
fi
fi
/usr/share/${CONFIG}/app.sh node_switch ${TYPE} ${new_node}
sleep 10s
sleep 9s
# 切换节点后等待10秒后再检测一次如果还是不通继续切直到可用为止
status2=$(test_proxy)
if [ "$status2" -eq 0 ]; then
@@ -141,11 +142,12 @@ test_auto_switch() {
start() {
ENABLED=$(config_t_get global enabled 0)
[ "$ENABLED" != 1 ] && _return 1
[ "$ENABLED" != 1 ] && return 1
ENABLED=$(config_t_get auto_switch enable 0)
[ "$ENABLED" != 1 ] && _return 1
[ "$ENABLED" != 1 ] && return 1
delay=$(config_t_get auto_switch testing_time 1)
sleep ${delay}m
#sleep ${delay}m
sleep 9s
while [ "$ENABLED" -eq 1 ]
do
TCP_NODE=$(config_t_get auto_switch tcp_node nil)

2
package/network/config/ltq-adsl-app/Makefile
View File

@@ -13,7 +13,7 @@ PKG_VERSION:=3.24.4.4
PKG_RELEASE:=10
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_BUILD_DIR:=$(BUILD_DIR)/dsl_cpe_control-$(PKG_VERSION)
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources/
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=af0bdf45cc7a62e2b38d39aad4924dd83c24fae170ae5bbd8190c2a3d9106257
PKG_MAINTAINER:=John Crispin <john@phrozen.org>
PKG_LICENSE:=BSD-3-Clause

2
package/network/config/ltq-vdsl-app/Makefile
View File

@@ -12,7 +12,7 @@ PKG_VERSION:=4.17.18.6
PKG_RELEASE:=6
PKG_BASE_NAME:=dsl_cpe_control
PKG_SOURCE:=$(PKG_BASE_NAME)_vrx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://mirror2.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=da8bb929526a61aea0e153ef524331fcd472a1ebbc6d88ca017735a4f82ece02
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/$(PKG_BASE_NAME)-$(PKG_VERSION)
PKG_LICENSE:=BSD-2-Clause

2
scripts/download.pl
View File

@@ -194,6 +194,8 @@ foreach my $mirror (@ARGV) {
for (1 .. 5) {
push @mirrors, "https://downloads.sourceforge.net/$1";
}
} elsif ($mirror =~ /^\@OPENWRT$/) {
# use OpenWrt source server directly
} elsif ($mirror =~ /^\@APACHE\/(.+)$/) {
push @mirrors, "https://mirrors.cloud.tencent.com/apache/$1";
push @mirrors, "https://mirrors.aliyun.com/apache/$1";

3
target/linux/ipq40xx/files/arch/arm/boot/dts/qcom-ipq4019-r619ac.dts
View File

@@ -6,7 +6,6 @@
#include <dt-bindings/soc/qcom,tcsr.h>
/ {
model = "P&W R619AC";
compatible = "p2w,r619ac";
@@ -222,7 +221,7 @@
status = "okay";
pinctrl-0 = <&pcie_pins>;
pinctrl-names = "default";
perst-gpio = <&tlmm 4 GPIO_ACTIVE_LOW>;
perst-gpio = <&tlmm 4 GPIO_ACTIVE_HIGH>;
wake-gpio = <&tlmm 40 GPIO_ACTIVE_HIGH>;
/* Free slot for use */

6
toolchain/glibc/common.mk
View File

@@ -7,13 +7,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=glibc
PKG_VERSION:=2.32
PKG_VERSION:=2.33
PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=760e1d287825fa91d4d5a0cc921340c740d803e2
PKG_MIRROR_HASH:=3ea50e679a241faec8d0e90c9db84a19a42e03dd08328aee406a9ec56393104d
PKG_SOURCE_VERSION:=17f0ff097887008b2d3dca270c8ffbb4b43a8749
PKG_MIRROR_HASH:=c208569b844f22a6fb446fb02b392c5f280d7a29263a4d5401c47157fc7ac169
PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz

2
tools/lzma-old/Makefile
View File

@@ -10,7 +10,7 @@ PKG_NAME:=lzma-old
PKG_VERSION:=4.32
PKG_SOURCE:=lzma-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=49053e4bb5e0646a841d250d9cb81f7714f5fff04a133216c4748163567acc3d
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/lzma-$(PKG_VERSION)

2
tools/lzma/Makefile
View File

@@ -10,7 +10,7 @@ PKG_NAME:=lzma
PKG_VERSION:=4.65
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.openwrt.org/sources
PKG_SOURCE_URL:=@OPENWRT
PKG_HASH:=dcbdb5f4843eff638e4a5e8be0e2486a3c5483df73c70823618db8e66f609ec2
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)