luci: support DOH, DOT server
This commit is contained in:
Nick Peng
@@ -86,6 +86,18 @@ msgstr "自定义设置"
|
||||
msgid "Do not use these IP addresses."
|
||||
msgstr "忽略这些IP地址"
|
||||
|
||||
msgid "DOH Server"
|
||||
msgstr "DOH服务器"
|
||||
|
||||
msgid "DOH Server Port"
|
||||
msgstr "DOH服务器端口"
|
||||
|
||||
msgid "DOT Server"
|
||||
msgstr "DOT服务器"
|
||||
|
||||
msgid "DOT Server Port"
|
||||
msgstr "DOT服务器端口"
|
||||
|
||||
msgid "DNS Block Setting"
|
||||
msgstr "域名屏蔽设置"
|
||||
|
||||
@@ -206,6 +218,12 @@ msgstr "启用TCP服务器。"
|
||||
msgid "Enable daily (weekly) auto update."
|
||||
msgstr "启用每日(每周)自动更新"
|
||||
|
||||
msgid "Enable DOH DNS Server"
|
||||
msgstr "启用DOH服务器"
|
||||
|
||||
msgid "Enable DOT DNS Server"
|
||||
msgstr "启用DOT服务器"
|
||||
|
||||
msgid "Update time (every day)"
|
||||
msgstr "更新时间(每天)"
|
||||
|
||||
@@ -477,6 +495,15 @@ msgstr "重启服务"
|
||||
msgid "Second Server Settings"
|
||||
msgstr "第二DNS服务器"
|
||||
|
||||
msgid "Server certificate file path."
|
||||
msgstr "服务器证书文件路径。"
|
||||
|
||||
msgid "Server certificate key file path."
|
||||
msgstr "服务器证书私钥文件路径。"
|
||||
|
||||
msgid "Server certificate key file password."
|
||||
msgstr "服务器证书私钥文件密码。"
|
||||
|
||||
msgid "Serve expired"
|
||||
msgstr "缓存过期服务"
|
||||
|
||||
@@ -489,6 +516,15 @@ msgstr "服务器组%s不存在"
|
||||
msgid "Server Name"
|
||||
msgstr "服务器名称"
|
||||
|
||||
msgid "Server Cert"
|
||||
msgstr "服务器证书"
|
||||
|
||||
msgid "Server Cert Key"
|
||||
msgstr "服务器证书私钥"
|
||||
|
||||
msgid "Server Cert Key Pass"
|
||||
msgstr "服务器证书私钥密码"
|
||||
|
||||
msgid "Set Specific domain ip address."
|
||||
msgstr "设置指定域名的IP地址。"
|
||||
|
||||
@@ -560,6 +596,12 @@ msgstr "跳过Nameserver规则。"
|
||||
msgid "SmartDNS"
|
||||
msgstr "SmartDNS"
|
||||
|
||||
msgid "Smartdns DOH server port."
|
||||
msgstr "Smartdns DOH服务器端口号。
|
||||
|
||||
msgid "Smartdns DOT server port."
|
||||
msgstr "Smartdns DOT服务器端口号。"
|
||||
|
||||
msgid "SmartDNS Server"
|
||||
msgstr "SmartDNS 服务器"
|
||||
|
||||
|
||||
@@ -242,11 +242,31 @@ return view.extend({
|
||||
o.default = o.disabled;
|
||||
|
||||
o = s.taboption("advanced", form.Value, "doh_server_port", _("DOH Server Port"), _("Smartdns DOH server port."));
|
||||
o.placeholder = 443;
|
||||
o.default = 443;
|
||||
o.placeholder = 843;
|
||||
o.default = 843;
|
||||
o.datatype = "port";
|
||||
o.rempty = false;
|
||||
o.depends('https_server', '1');
|
||||
o.depends('doh_server', '1');
|
||||
|
||||
o = s.taboption("advanced", form.Value, "bind_cert", _("Server Cert"), _("Server certificate file path."));
|
||||
o.datatype = "string";
|
||||
o.placeholder = "/var/etc/smartdns/smartdns/smartdns-cert.pem"
|
||||
o.rempty = true;
|
||||
o.depends('tls_server', '1');
|
||||
o.depends('doh_server', '1');
|
||||
|
||||
o = s.taboption("advanced", form.Value, "bind_cert_key", _("Server Cert Key"), _("Server certificate key file path."));
|
||||
o.datatype = "string";
|
||||
o.placeholder = "/var/etc/smartdns/smartdns/smartdns-key.pem"
|
||||
o.rempty = false;
|
||||
o.depends('tls_server', '1');
|
||||
o.depends('doh_server', '1');
|
||||
|
||||
o = s.taboption("advanced", form.Value, "bind_cert_key_pass", _("Server Cert Key Pass"), _("Server certificate key file password."));
|
||||
o.datatype = "string";
|
||||
o.rempty = false;
|
||||
o.depends('tls_server', '1');
|
||||
o.depends('doh_server', '1');
|
||||
|
||||
// Support IPV6;
|
||||
o = s.taboption("advanced", form.Flag, "ipv6_server", _("IPV6 Server"), _("Enable IPV6 DNS Server"));
|
||||
|
||||
@@ -310,11 +310,11 @@ load_domain_rules()
|
||||
[ ! -z "$block_domain_set_file" ] && {
|
||||
[ ! -e "$block_domain_set_file" ] && touch $block_domain_set_file
|
||||
conf_append "domain-set" "-name ${domain_set_name}-block-file -file '$block_domain_set_file'"
|
||||
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-file/ --address #"
|
||||
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-file/ -address #"
|
||||
}
|
||||
|
||||
conf_append "domain-set" "-name ${domain_set_name}-block-list -file /etc/smartdns/domain-block.list"
|
||||
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-list/ --address #"
|
||||
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-list/ -address #"
|
||||
}
|
||||
|
||||
load_domain_rule_list()
|
||||
@@ -411,9 +411,10 @@ load_IP_rule_list()
|
||||
conf_append_bind()
|
||||
{
|
||||
local ADDR=""
|
||||
local port="$1"
|
||||
local devices="$2"
|
||||
local tcp_server="$3"
|
||||
local bind_type="$1"
|
||||
local port="$2"
|
||||
local devices="$3"
|
||||
local device=""
|
||||
local ipv6_server="$4"
|
||||
local ARGS="$5"
|
||||
|
||||
@@ -430,16 +431,8 @@ conf_append_bind()
|
||||
for device in $devices; do
|
||||
device="@$device"
|
||||
[ "$device" = "@-" ] && device=""
|
||||
conf_append "bind" "$ADDR:$port$device $ARGS"
|
||||
conf_append "$bind_type" "$ADDR:$port$device $ARGS"
|
||||
done
|
||||
|
||||
[ "$tcp_server" = "1" ] && {
|
||||
for device in $devices; do
|
||||
device="@$device"
|
||||
[ "$device" = "@-" ] && device=""
|
||||
conf_append "bind-tcp" "$ADDR:$port$device $ARGS"
|
||||
done
|
||||
}
|
||||
}
|
||||
|
||||
load_second_server()
|
||||
@@ -497,7 +490,8 @@ load_second_server()
|
||||
config_get seconddns_server_flags "$section" "seconddns_server_flags" ""
|
||||
[ -z "$seconddns_server_flags" ] || ARGS="$ARGS $seconddns_server_flags"
|
||||
|
||||
conf_append_bind "$seconddns_port" "$device" "$seconddns_tcp_server" "$ipv6_server" "$ARGS"
|
||||
conf_append_bind "bind" "$seconddns_port" "$device" "$ipv6_server" "$ARGS"
|
||||
[ "$seconddns_tcp_server" = "1" ] && conf_append_bind "bind-tcp" "$seconddns_port" "$device" "$ipv6_server" "$ARGS"
|
||||
}
|
||||
|
||||
conf_append_conf_files()
|
||||
@@ -545,6 +539,13 @@ load_service()
|
||||
config_get port "$section" "port" "53"
|
||||
config_get ipv6_server "$section" "ipv6_server" "1"
|
||||
config_get tcp_server "$section" "tcp_server" "1"
|
||||
config_get tls_server "$section" "tcp_server" "0"
|
||||
config_get tls_server_port "$section" "tls_server_port" "853"
|
||||
config_get doh_server "$section" "doh_server" "0"
|
||||
config_get doh_server_port "$section" "doh_server_port" "843"
|
||||
config_get bind_cert "$section" "bind_cert" ""
|
||||
config_get bind_cert_key "$section" "bind_cert_key" ""
|
||||
config_get bind_cert_key_pass "$section" "bind_cert_key_pass" ""
|
||||
config_get server_flags "$section" "server_flags" ""
|
||||
|
||||
config_get auto_update_week_time "$section" "auto_update_week_time" "*"
|
||||
@@ -701,7 +702,14 @@ load_service()
|
||||
[ "$auto_set_dnsmasq" = "0" ] && [ "$old_auto_set_dnsmasq" = "1" ] && stop_forward_dnsmasq "$old_port" "0"
|
||||
}
|
||||
|
||||
conf_append_bind "$port" "$device" "$tcp_server" "$ipv6_server" "$server_flags"
|
||||
conf_append_bind "bind" "$port" "$device" "$ipv6_server" "$server_flags"
|
||||
[ "$tcp_server" = "1" ] && conf_append_bind "bind-tcp" "$port" "$device" "$ipv6_server" "$server_flags"
|
||||
[ "$tls_server" = "1" ] && conf_append_bind "bind-tls" "$tls_server_port" "$device" "$ipv6_server" "$server_flags"
|
||||
[ "$doh_server" = "1" ] && conf_append_bind "bind-https" "$doh_server_port" "$device" "$ipv6_server" "$server_flags"
|
||||
|
||||
[ ! -z "$bind_cert" ] && conf_append "bind-cert-file" "$bind_cert"
|
||||
[ ! -z "$bind_cert_key" ] && conf_append "bind-cert-key-file" "$bind_cert_key"
|
||||
[ ! -z "$bind_cert_key_pass" ] && conf_append "bind-cert-key-pass" "$bind_cert_key_pass"
|
||||
|
||||
load_second_server "$section"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user