dns_server: ignore non-matched record.

At present, it is only updated daily, and under normal circumstances, the data updated daily is not large, so the addition can be updated weekly or daily.

.clang-format

@@ -1,9 +1,10 @@
-#http://clang.llvm.org/docs/ClangFormatStyleOptions.html
-
-BasedOnStyle: LLVM
-IndentWidth: 4
-TabWidth: 4
-UseTab: ForContinuationAndIndentation
-MaxEmptyLinesToKeep: 1
-AllowShortFunctionsOnASingleLine: Empty
-BreakBeforeBraces: Linux
+#http://clang.llvm.org/docs/ClangFormatStyleOptions.html
+
+BasedOnStyle: LLVM
+IndentWidth: 4
+TabWidth: 4
+UseTab: ForContinuationAndIndentation
+MaxEmptyLinesToKeep: 1
+AllowShortFunctionsOnASingleLine: Empty
+BreakBeforeBraces: Linux
+ColumnLimit: 120

.clang-tidy

@@ -0,0 +1,45 @@
+Checks: >
+  -*,
+  modernize-*,
+  bugprone-*,
+  concurrency-*,
+  misc-*,
+  readability-*,
+  performance-*,
+  portability-*,
+  google-*,
+  linuxkernel-*,
+  -bugprone-narrowing-conversions,
+  -bugprone-branch-clone,
+  -bugprone-reserved-identifier,
+  -bugprone-easily-swappable-parameters,
+  -bugprone-sizeof-expression,
+  -bugprone-implicit-widening-of-multiplication-result,
+  -bugprone-suspicious-memory-comparison,
+  -bugprone-not-null-terminated-result,
+  -bugprone-signal-handler,
+  -bugprone-assignment-in-if-condition,
+  -concurrency-mt-unsafe,
+  -modernize-macro-to-enum,
+  -misc-unused-parameters,
+  -misc-misplaced-widening-cast,
+  -misc-no-recursion,
+  -readability-magic-numbers,
+  -readability-use-anyofallof,
+  -readability-identifier-length,
+  -readability-function-cognitive-complexity,
+  -readability-named-parameter,
+  -readability-isolate-declaration,
+  -readability-else-after-return,
+  -readability-redundant-control-flow,
+  -readability-suspicious-call-argument,
+  -google-readability-casting,
+  -google-readability-todo,
+  -performance-no-int-to-ptr,
+#   clang-analyzer-*,
+#   clang-analyzer-deadcode.DeadStores,
+#   clang-analyzer-optin.performance.Padding,
+#   -clang-analyzer-security.insecureAPI.*
+
+# Turn all the warnings from the checks above into errors.
+FormatStyle: file

.github/ISSUE_TEMPLATE/feature.md

@@ -0,0 +1,20 @@
+---
+name: 需求建议
+about: 需求建议描述
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**需求应用场景**
+请描述需求应用的场景和方式。
+
+**建议的方案**
+实现上述场景建议的方案。
+
+**设备信息**
+1. 设备信息（CPU，厂家）  
+
+2. 固件信息
+

.github/ISSUE_TEMPLATE/issue.md

@@ -0,0 +1,34 @@
+---
+name: 问题报告
+about: 问题现象描述
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**问题现象**  
+简要描述问题出现的现象
+
+**运行环境**
+1. 固件型号  
+
+2. 运营商  
+
+3. smartdns来源以及版本
+
+4. 涉及的配置(注意去除个人相关信息)
+
+
+**重现步骤**
+1. 上游DNS配置。  
+
+2. 访问的域名。  
+
+
+**信息收集**  
+1. 将/var/log/smrtdns.log日志作为附件上传(注意去除个人相关信息)。  
+2. 如进程异常，请将coredump功能开启，上传coredump信息文件，同时上传配套的smartdns进程文件。  
+在自定义界面，开启设置->自定义设置->生成coredump配置，重现问题后提交coredump文件
+coredump文件在/tmp目录下
+

.github/workflows/c-cpp.yml

@@ -0,0 +1,26 @@
+name: C/C++ CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: prepare
+      run: |
+        sudo apt update
+        sudo apt install libgtest-dev dnsperf
+    - name: make
+      run: |
+        make all -j4
+        make clean
+    - name: test
+      run: |
+        make -C test test -j8

.github/workflows/docker.yml

@@ -0,0 +1,35 @@
+name: Publish Docker Image
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'new image tag(e.g. v1.1.0)'
+        required: true
+        default: 'latest'
+
+concurrency: 
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+   docker:
+     runs-on: ubuntu-latest
+     steps:
+       - name: Checkout repository
+         uses: actions/checkout@v3
+       - name: Set up QEMU
+         uses: docker/setup-qemu-action@v2
+       - name: Set up Docker Buildx
+         uses: docker/setup-buildx-action@v2
+       - name: Login to DockerHub
+         uses: docker/login-action@v2
+         with:
+           username: ${{ secrets.DOCKERHUB_USERNAME }}
+           password: ${{ secrets.DOCKERHUB_TOKEN }}
+       - name: Build and push
+         uses: docker/build-push-action@v3
+         with:
+           platforms: linux/amd64,linux/arm64
+           push: true
+           tags: ${{vars.DOCKERHUB_REPO}}:${{ github.event.inputs.version }}

.gitignore

@@ -1,4 +1,7 @@
 .vscode
-.o
+*.o
+*.pem
 .DS_Store
-.swp.
+*.swp.
+systemd/smartdns.service
+test.bin

Dockerfile

@@ -0,0 +1,45 @@
+FROM ubuntu:latest as smartdns-builder
+LABEL previous-stage=smartdns-builder
+
+# prepare builder
+ARG OPENSSL_VER=3.0.10
+RUN apt update && \
+    apt install -y perl curl make musl-tools musl-dev && \
+    ln -s /usr/include/linux /usr/include/$(uname -m)-linux-musl && \
+    ln -s /usr/include/asm-generic /usr/include/$(uname -m)-linux-musl && \
+    ln -s /usr/include/$(uname -m)-linux-gnu/asm /usr/include/$(uname -m)-linux-musl && \
+    \
+    mkdir -p /build/openssl && \
+    cd /build/openssl && \
+    curl -sSL http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_${OPENSSL_VER}.orig.tar.gz | tar --strip-components=1 -zxv && \
+    \
+    export CC=musl-gcc && \
+    if [ "$(uname -m)" = "aarch64" ]; then \
+        ./config --prefix=/opt/build no-tests -mno-outline-atomics ; \
+    else \ 
+        ./config --prefix=/opt/build no-tests ; \
+    fi && \
+    make all -j8 && make install_sw && \
+    cd / && rm -rf /build
+
+# do make
+COPY . /build/smartdns/
+RUN cd /build/smartdns && \
+    export CC=musl-gcc && \
+    export CFLAGS="-I /opt/build/include" && \
+    export LDFLAGS="-L /opt/build/lib -L /opt/build/lib64" && \
+    sh ./package/build-pkg.sh --platform linux --arch `dpkg --print-architecture` --static && \
+    \
+    ( cd package && tar -xvf *.tar.gz && chmod a+x smartdns/etc/init.d/smartdns ) && \
+    \
+    mkdir -p /release/var/log /release/run && \
+    cp package/smartdns/etc /release/ -a && \
+    cp package/smartdns/usr /release/ -a && \
+    cd / && rm -rf /build
+
+FROM busybox:stable-musl
+COPY --from=smartdns-builder /release/ /
+EXPOSE 53/udp
+VOLUME ["/etc/smartdns/"]
+
+CMD ["/usr/sbin/smartdns", "-f", "-x"]

LICENSE

@@ -1,21 +1,23 @@
-                    GNU AFFERO GENERAL PUBLIC LICENSE
-                       Version 3, 19 November 2007
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
 
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
                             Preamble
 
-  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works, specifically designed to ensure
-cooperation with the community in the case of network server software.
+  The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
 
   The licenses for most software and other practical works are designed
 to take away your freedom to share and change the works.  By contrast,
-our General Public Licenses are intended to guarantee your freedom to
+the GNU General Public License is intended to guarantee your freedom to
 share and change all versions of a program--to make sure it remains free
-software for all its users.
+software for all its users.  We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors.  You can apply it to
+your programs, too.
 
   When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
@@ -24,34 +26,44 @@ them if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new
 free programs, and that you know you can do these things.
 
-  Developers that use our General Public Licenses protect your rights
-with two steps: (1) assert copyright on the software, and (2) offer
-you this License which gives you legal permission to copy, distribute
-and/or modify the software.
+  To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights.  Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
 
-  A secondary benefit of defending all users' freedom is that
-improvements made in alternate versions of the program, if they
-receive widespread use, become available for other developers to
-incorporate.  Many developers of free software are heartened and
-encouraged by the resulting cooperation.  However, in the case of
-software used on network servers, this result may fail to come about.
-The GNU General Public License permits making a modified version and
-letting the public access it on a server without ever releasing its
-source code to the public.
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received.  You must make sure that they, too, receive
+or can get the source code.  And you must show them these terms so they
+know their rights.
 
-  The GNU Affero General Public License is designed specifically to
-ensure that, in such cases, the modified source code becomes available
-to the community.  It requires the operator of a network server to
-provide the source code of the modified version running there to the
-users of that server.  Therefore, public use of a modified version, on
-a publicly accessible server, gives the public access to the source
-code of the modified version.
+  Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
 
-  An older license, called the Affero General Public License and
-published by Affero, was designed to accomplish similar goals.  This is
-a different license, not a version of the Affero GPL, but Affero has
-released a new version of the Affero GPL which permits relicensing under
-this license.
+  For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software.  For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+  Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so.  This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software.  The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable.  Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products.  If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+  Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary.  To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
 
   The precise terms and conditions for copying, distribution and
 modification follow.
@@ -60,7 +72,7 @@ modification follow.
 
   0. Definitions.
 
-  "This License" refers to version 3 of the GNU Affero General Public License.
+  "This License" refers to version 3 of the GNU General Public License.
 
   "Copyright" also means copyright-like laws that apply to other kinds of
 works, such as semiconductor masks.
@@ -537,45 +549,35 @@ to collect a royalty for further conveying from those to whom you convey
 the Program, the only way you could satisfy both those terms and this
 License would be to refrain entirely from conveying the Program.
 
-  13. Remote Network Interaction; Use with the GNU General Public License.
-
-  Notwithstanding any other provision of this License, if you modify the
-Program, your modified version must prominently offer all users
-interacting with it remotely through a computer network (if your version
-supports such interaction) an opportunity to receive the Corresponding
-Source of your version by providing access to the Corresponding Source
-from a network server at no charge, through some standard or customary
-means of facilitating copying of software.  This Corresponding Source
-shall include the Corresponding Source for any work covered by version 3
-of the GNU General Public License that is incorporated pursuant to the
-following paragraph.
+  13. Use with the GNU Affero General Public License.
 
   Notwithstanding any other provision of this License, you have
 permission to link or combine any covered work with a work licensed
-under version 3 of the GNU General Public License into a single
+under version 3 of the GNU Affero General Public License into a single
 combined work, and to convey the resulting work.  The terms of this
 License will continue to apply to the part which is the covered work,
-but the work with which it is combined will remain governed by version
-3 of the GNU General Public License.
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
 
   14. Revised Versions of this License.
 
   The Free Software Foundation may publish revised and/or new versions of
-the GNU Affero General Public License from time to time.  Such new versions
-will be similar in spirit to the present version, but may differ in detail to
+the GNU General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 
   Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU Affero General
+Program specifies that a certain numbered version of the GNU General
 Public License "or any later version" applies to it, you have the
 option of following the terms and conditions either of that numbered
 version or of any later version published by the Free Software
 Foundation.  If the Program does not specify a version number of the
-GNU Affero General Public License, you may choose any version ever published
+GNU General Public License, you may choose any version ever published
 by the Free Software Foundation.
 
   If the Program specifies that a proxy can decide which future
-versions of the GNU Affero General Public License can be used, that proxy's
+versions of the GNU General Public License can be used, that proxy's
 public statement of acceptance of a version permanently authorizes you
 to choose that version for the Program.
 
@@ -633,29 +635,40 @@ the "copyright" line and a pointer to where the full notice is found.
     Copyright (C) <year>  <name of author>
 
     This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published
-    by the Free Software Foundation, either version 3 of the License, or
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
     (at your option) any later version.
 
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
+    GNU General Public License for more details.
 
-    You should have received a copy of the GNU Affero General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 Also add information on how to contact you by electronic and paper mail.
 
-  If your software can interact with users remotely through a computer
-network, you should also make sure that it provides a way for users to
-get its source.  For example, if your program is a web application, its
-interface could display a "Source" link that leads users to an archive
-of the code.  There are many ways you could offer source, and different
-solutions will be better for different programs; see section 13 for the
-specific requirements.
+  If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+    <program>  Copyright (C) <year>  <name of author>
+    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
 
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU AGPL, see
-<http://www.gnu.org/licenses/>.
+For more information on this, and how to apply and follow the GNU GPL, see
+<https://www.gnu.org/licenses/>.
+
+  The GNU General Public License does not permit incorporating your program
+into proprietary programs.  If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.  But first, please read
+<https://www.gnu.org/licenses/why-not-lgpl.html>.

Makefile

@@ -0,0 +1,47 @@
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+#
+# smartdns is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# smartdns is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+PKG_CONFIG := pkg-config
+DESTDIR :=
+PREFIX := /usr
+SBINDIR := $(PREFIX)/sbin
+SYSCONFDIR := /etc
+RUNSTATEDIR := /run
+SYSTEMDSYSTEMUNITDIR := $(shell ${PKG_CONFIG} --variable=systemdsystemunitdir systemd)
+SMARTDNS_SYSTEMD = systemd/smartdns.service
+
+.PHONY: all clean install SMARTDNS_BIN
+all: SMARTDNS_BIN 
+
+SMARTDNS_BIN: $(SMARTDNS_SYSTEMD)
+	$(MAKE) $(MFLAGS) -C src all 
+
+$(SMARTDNS_SYSTEMD): systemd/smartdns.service.in
+	cp $< $@
+	sed -i 's|@SBINDIR@|$(SBINDIR)|' $@
+	sed -i 's|@SYSCONFDIR@|$(SYSCONFDIR)|' $@
+	sed -i 's|@RUNSTATEDIR@|$(RUNSTATEDIR)|' $@
+
+clean:
+	$(MAKE) $(MFLAGS) -C src clean  
+	$(RM) $(SMARTDNS_SYSTEMD)
+
+install: SMARTDNS_BIN 
+	install -v -m 0640 -D -t $(DESTDIR)$(SYSCONFDIR)/default etc/default/smartdns
+	install -v -m 0755 -D -t $(DESTDIR)$(SYSCONFDIR)/init.d etc/init.d/smartdns
+	install -v -m 0640 -D -t $(DESTDIR)$(SYSCONFDIR)/smartdns etc/smartdns/smartdns.conf
+	install -v -m 0755 -D -t $(DESTDIR)$(SBINDIR) src/smartdns
+	install -v -m 0644 -D -t $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) systemd/smartdns.service
+

ReadMe.md

@@ -1,705 +1,149 @@
-# SmartDNS
-
-**[English](ReadMe_en.md)**
-
-![SmartDNS](doc/smartdns-banner.png)  
-SmartDNS是一个运行在本地的DNS服务器，SmartDNS接受本地客户端的DNS查询请求，从多个上游DNS服务器获取DNS查询结果，并将访问速度最快的结果返回给客户端，提高网络访问速度。
-同时支持指定特定域名IP地址，并高性匹配，达到过滤广告的效果。  
-与dnsmasq的all-servers不同，smartdns返回的是访问速度最快的解析结果。 (详细差异请看[FAQ](#faq)) 
-
-支持树莓派，openwrt，华硕路由器，windows等设备。  
-
-## 目录
-
-1. [软件效果展示](#软件效果展示)
-1. [特性](#特性)
-1. [架构](#架构)
-1. [使用](#使用)  
-    1. [下载配套安装包](#下载配套安装包)
-    1. [标准Linux系统安装](#标准linux系统安装树莓派x86_64系统)
-    1. [openwrt/LEDE](#openwrtlede)
-    1. [华硕路由器原生固件/梅林固件](#华硕路由器原生固件梅林固件)
-    1. [optware/entware](#optwareentware)
-    1. [Windows 10 WSL安装/WSL ubuntu](#windows-10-wsl安装wsl-ubuntu)
-1. [配置参数](#配置参数)
-1. [捐助](#donate)
-1. [FAQ](#faq)
-
-## 软件效果展示
-
-**阿里DNS**  
-使用阿里DNS查询百度IP，并检测结果。  
-
-```shell
-pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com 223.5.5.5
-Server:         223.5.5.5
-Address:        223.5.5.5#53
-
-Non-authoritative answer:
-www.baidu.com   canonical name = www.a.shifen.com.
-Name:   www.a.shifen.com
-Address: 180.97.33.108
-Name:   www.a.shifen.com
-Address: 180.97.33.107
-
-pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.107 -c 2
-PING 180.97.33.107 (180.97.33.107) 56(84) bytes of data.
-64 bytes from 180.97.33.107: icmp_seq=1 ttl=55 time=24.3 ms
-64 bytes from 180.97.33.107: icmp_seq=2 ttl=55 time=24.2 ms
-
---- 180.97.33.107 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 24.275/24.327/24.380/0.164 ms
-pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.108 -c 2
-PING 180.97.33.108 (180.97.33.108) 56(84) bytes of data.
-64 bytes from 180.97.33.108: icmp_seq=1 ttl=55 time=31.1 ms
-64 bytes from 180.97.33.108: icmp_seq=2 ttl=55 time=31.0 ms
-
---- 180.97.33.108 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 31.014/31.094/31.175/0.193 ms
-```
-
-**smartdns**  
-使用SmartDNS查询百度IP，并检测结果。
-
-```shell
-pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com
-Server:         192.168.1.1
-Address:        192.168.1.1#53
-
-Non-authoritative answer:
-www.baidu.com   canonical name = www.a.shifen.com.
-Name:   www.a.shifen.com
-Address: 14.215.177.39
-
-pi@raspberrypi:~/code/smartdns_build $ ping 14.215.177.39 -c 2
-PING 14.215.177.39 (14.215.177.39) 56(84) bytes of data.
-64 bytes from 14.215.177.39: icmp_seq=1 ttl=56 time=6.31 ms
-64 bytes from 14.215.177.39: icmp_seq=2 ttl=56 time=5.95 ms
-
---- 14.215.177.39 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms
-
-```
-
-从对比看出，smartdns找到访问www.baidu.com最快的IP地址，这样访问百度比阿里DNS速度快5倍。
-
-## 特性
-
-1. **多DNS上游服务器**  
-   支持配置多个上游DNS服务器，并同时进行查询，即使其中有DNS服务器异常，也不会影响查询。  
-
-1. **返回最快IP地址**  
-   支持从域名所属IP地址列表中查找到访问速度最快的IP地址，并返回给客户端，提高网络访问速度。
-
-1. **支持多种查询协议**  
-   支持UDP，TCP，TLS, HTTPS查询，以及非53端口查询。
-
-1. **特定域名IP地址指定**  
-   支持指定域名的IP地址，达到广告过滤效果，避免恶意网站的效果。
-
-1. **域名高性能后缀匹配**  
-   支持域名后缀匹配模式，简化过滤配置，过滤20万条记录时间<1ms
-
-1. **域名分流**  
-   支持域名分流，不同类型的域名到不同的DNS服务器查询。
-
-1. **Linux/Windows多平台支持**  
-   支持标准Linux系统（树莓派），openwrt系统各种固件，华硕路由器原生固件。以及支持Windows 10 WSL (Windows Subsystem for Linux)。
-
-1. **支持IPV4, IPV6双栈**  
-   支持IPV4，IPV6网络，支持查询A, AAAA记录，支持双栈IP速度优化，并支持完全禁用IPV6 AAAA解析。
-
-1. **高性能，占用资源少**  
-   多线程异步IO模式，cache缓存查询结果。
-
-## 架构
-
-![Architecture](doc/architecture.png)
-
-1. SmartDNS接收本地网络设备的DNS查询请求，如PC，手机的查询请求。  
-2. SmartDNS将查询请求发送到多个上游DNS服务器，可采用标准UDP查询，非标准端口UDP查询，及TCP查询。  
-3. 上游DNS服务器返回域名对应的Server IP地址列表。SmartDNS检测与本地网络访问速度最快的Server IP。  
-4. 将访问速度最快的Server IP返回给本地客户端。  
-
-## 使用
-
-### 下载配套安装包  
-
---------------
-
-下载配套版本的SmartDNS安装包，对应安装包配套关系如下。
-
-|系统 |安装包|说明
-|-----|-----|-----
-|标准Linux系统(树莓派)| smartdns.xxxxxxxx.armhf.deb|支持树莓派Raspbian stretch，Debian 9系统。
-|标准Linux系统(Armbian arm64)| smartdns.xxxxxxxx.arm64.deb|支持ARM64的Debian stretch，Debian 9系统。
-|标准Linux系统(x86_64)| smartdns.xxxxxxxx.x86_64.tar.gz|支持x86_64 Linux 系统。
-|Windows 10 WSL (ubuntu)| smartdns.xxxxxxxx.x86_64.tar.gz|支持Windows 10 WSL ubuntu系统。
-|标准Linux系统(x86)| smartdns.xxxxxxxx.x86.tar.gz|支持x86系统。
-|华硕原生固件(optware)|smartdns.xxxxxxx.mipsbig.ipk|支持MIPS大端架构的系统，如RT-AC55U, RT-AC66U.
-|华硕原生固件(optware)|smartdns.xxxxxxx.mipsel.ipk|支持MIPS小端架构的系统。
-|华硕原生固件(optware)|smartdns.xxxxxxx.arm.ipk|支持arm小端架构的系统，如RT-AC68U。
-|Padavan|smartdns.xxxxxxx.mipselsf.ipk|padavan固件。
-|openwrt 15.01|smartdns.xxxxxxxx.ar71xx.ipk|支持AR71XX MIPS系统。
-|openwrt 15.01|smartdns.xxxxxxxx.ramips_24kec.ipk|支持MT762X等小端路由器
-|openwrt 15.01(潘多拉)|smartdns.xxxxxxxx.mipsel_24kec_dsp.ipk|支持MT7620系列的潘多拉固件
-|openwrt 15.01(潘多拉)|smartdns.xxxxxxxx.mips_74kc_dsp2.ipk|支持AR71xx系列的潘多拉固件
-|openwrt 18.06|smartdns.xxxxxxxx.mips_24kc.ipk|支持AR71XX MIPS系统。
-|openwrt 18.06|smartdns.xxxxxxxx.mipsel_24kc.ipk|支持MT726X等小端路由器
-|openwrt 18.06|smartdns.xxxxxxxx.x86_64.ipk|支持x86_64路由器
-|openwrt 18.06|smartdns.xxxxxxxx.i386_pentium4.ipk|支持x86路由器
-|openwrt 18.06|smartdns.xxxxxxxxxxx.arm_cortex-a9.ipk|支持arm A9核心CPU的路由器
-|openwrt 18.06|smartdns.xxxxxxxxx.arm_cortex-a7_neon-vfpv4.ipk|支持arm A7核心CPU的路由器
-|openwrt LUCI|luci-app-smartdns.xxxxxxxxx.xxxx.all.ipk|openwrt管理统一界面
-
-* openwrt系统CPU架构比较多，上述表格未列出所有支持系统，请查看CPU架构后下载。
-* merlin梅林固件理论和华硕固件一致，所以根据硬件类型安装相应的ipk包即可。（梅林暂时未验证，有问题提交issue）
-* CPU架构可在路由器管理界面找到，查看方法：
-    登录路由器，点击`System`->`Software`，点击`Configuration` Tab页面，在opkg安装源中可找到对应软件架构，下载路径中可找到，如下，架构为ar71xx
-
-    ```shell
-    src/gz chaos_calmer_base http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/packages/base
-    ```
-
-* 或ssh登录系统后通过如下命令查询软件架构：
-
-  * **openwrt系列命令**
-
-    ```shell
-    opkg print_architecture
-    ```
-
-  * **optware系列命令**
-
-    ```shell
-    ipkg print_architecture
-    ```
-
-  * **debian系列命令**
-
-    ```shell
-    dpkg --print-architecture
-    ```
-
-  * **例如**
-
-    下面的查询结果`arch ar71xx 10`表示ar71xx系列架构，选择`smartdns.xxxxxxxx.ar71xx.ipk`安装包
-
-    ```shell
-    root@OpenWrt:~# opkg print_architecture
-    arch all 1
-    arch noarch 1
-    arch ar71xx 10
-    ```
-
-* **请在Release页面下载：[点击此处下载](https://github.com/pymumu/smartdns/releases)**
-
-```shell
-https://github.com/pymumu/smartdns/releases
-```
-
-* 各种设备的安装步骤，请参考后面的章节。
-
-### 标准Linux系统安装/树莓派/X86_64系统
-
---------------
-
-1. 安装
-
-    下载配套安装包`smartdns.xxxxxxxx.armhf.deb`，并上传到Linux系统中。 执行如下命令安装
-
-    ```shell
-    dpkg -i smartdns.xxxxxxxx.armhf.deb
-    ```
-
-    x86系统下载配套安装包`smartdns.xxxxxxxx.x86-64.tar.gz`, 并上传到Linux系统中。 执行如下命令安装
-
-    ```shell
-    tar zxf smartdns.xxxxxxxx.x86-64.tar.gz
-    cd smartdns
-    chmod +x ./install
-    ./install -i
-    ```
-
-1. 修改配置
-
-    安装完成后，可配置smartdns的上游服务器信息。具体配置参数参考`配置参数`说明。  
-    一般情况下，只需要增加`server [IP]:port`, `server-tcp [IP]:port`配置项，
-    尽可能配置多个上游DNS服务器，包括国内外的服务器。配置参数请查看`配置参数`章节。
-
-    ```shell
-    vi /etc/smartdns/smartdns.conf
-    ```
-
-1. 启动服务
-
-    ```shell
-    systemctl enable smartdns
-    systemctl start smartdns
-    ```
-
-1. 将DNS请求转发的SmartDNS解析。
-
-    修改本地路由器的DNS服务器，将DNS服务器配置为SmartDNS。
-    * 登录到本地网络的路由器中，配置树莓派分配静态IP地址。
-    * 修改WAN口或者DHCP DNS为树莓派IP地址。  
-    注意：  
-    I. 每款路由器配置方法不尽相同，请百度搜索相关的配置方法。  
-    II.华为等路由器可能不支持配置DNS为本地IP，请修改PC端，手机端DNS服务器为树莓派IP。
-
-1. 检测服务是否配置成功。
-
-    使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-    看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-### openwrt/LEDE
-
---------------
-
-1. 安装
-
-    将软件使用winscp上传到路由器的/root目录，执行如下命令安装  
-
-    ```shell
-    opkg install smartdns.xxxxxxxx.xxxx.ipk
-    opkg install luci-app-smartdns.xxxxxxxx.xxxx.all.ipk
-    ```
-
-1. 修改配置
-
-    登录openwrt管理页面，打开`Services`->`SmartDNS`进行配置。
-    * 在`Upstream Servers`增加上游DNS服务器配置，建议配置多个国内外DNS服务器。
-    * 在`Domain Address`指定特定域名的IP地址，可用于广告屏蔽。
-
-1. 启用服务
-
-   SmartDNS服务生效方法有两种，`一种是直接作为主DNS服务`；`另一种是作为dnsmasq的上游`。  
-   默认情况下，SmartDNS采用第一种方式。如下两种方式根据需求选择即可。
-
-1. 启用方法一：作为主DNS(默认方案)
-
-    * **启用smartdns的53端口重定向**
-
-        登录路由器，点击`Services`->`SmartDNS`->`redirect`，选择`重定向53端口到SmartDNS`启用53端口转发。
-
-    * **检测转发服务是否配置成功**
-
-        使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-        看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-        ```shell
-        pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        0.0.0.0.in-addr.arpa  name = smartdns.
-        ```
-
-    * **界面提示重定向失败**
-
-        * 检查iptable，ip6table命令是否正确安装。
-        * openwrt 15.01系统不支持IPV6重定向，如网络需要支持IPV6，请将DNSMASQ上游改为smartdns，或者将smartdns的端口改为53，并停用dnsmasq。
-        * LEDE之后系统，请安装IPV6的nat转发驱动。点击`system`->`Software`，点击`update lists`更新软件列表后，安装`ip6tables-mod-nat`
-        * 使用如下命令检查路由规则是否生效。  
-
-        ```shell
-        iptables -t nat -L PREROUTING | grep REDIRECT
-        ```
-
-        * 如转发功能不正常，请使用方法二：作为DNSMASQ的上游。
-
-1. 方法二：作为DNSMASQ的上游
-
-    * **将dnsmasq的请求发送到smartdns**
-
-        登录路由器，点击`Services`->`SmartDNS`->`redirect`，选择`作为dnsmasq的上游服务器`设置dnsmasq的上游服务器为smartdns。
-
-    * **检测上游服务是否配置成功**
-
-        * 方法一：使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-        看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-        ```shell
-        pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        0.0.0.0.in-addr.arpa  name = smartdns.
-        ```
-
-        * 方法二：使用`nslookup`查询`www.baidu.com`域名，查看结果中百度的IP地址是否`只有一个`，如有多个IP地址返回，则表示未生效，请多尝试几个域名检查。
-
-        ```shell
-        pi@raspberrypi:~ $ nslookup www.baidu.com 192.168.1.1
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        www.baidu.com   canonical name = www.a.shifen.com.
-        Name:   www.a.shifen.com
-        Address: 14.215.177.38
-        ```
-
-1. 启动服务
-
-    勾选配置页面中的`Enable(启用)`来启动SmartDNS
-
-1. 注意：
-
-    * 如已经安装chinaDNS，建议将chinaDNS的上游配置为SmartDNS。
-    * SmartDNS默认情况，将53端口的请求转发到SmartDNS的本地端口，由`Redirect`配置选项控制。
-
-### 华硕路由器原生固件/梅林固件
-
---------------
-
-说明：梅林固件派生自华硕固件，理论上可以直接使用华硕配套的安装包使用。但目前未经验证，如有问题，请提交issue。
-
-1. 准备
-
-    在使用此软件时，需要确认路由器是否支持U盘，并准备好U盘一个。
-
-1. 启用SSH登录
-
-    登录管理界面，点击`系统管理`->点击`系统设置`，配置`Enable SSH`为`Lan Only`。  
-    SSH登录用户名密码与管理界面相同。
-
-1. 下载`Download Master`
-
-    在管理界面点击`USB相关应用`->点击`Download Master`下载。  
-    下载完成后，启用`Download Master`，如果不需要下载功能，此处可以卸载`Download Master`，但要保证卸载前Download Master是启用的。  
-
-1. 安装SmartDNS
-
-    将软件使用winscp上传到路由器的`/tmp/mnt/sda1`目录。（或网上邻居复制到sda1共享目录）
-
-    ```shell
-    ipkg install smartdns.xxxxxxx.mipsbig.ipk
-    ```
-
-1. 重启路由器生效服务
-
-    待路由器启动后，使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-    看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-1. 额外说明
-
-    上述过程，smartdns将安装到U盘根目录，采用optware的模式运行。
-    其目录结构如下： （此处仅列出smartdns相关文件）  
-
-    ```shell
-    U盘
-    └── asusware.mipsbig
-            ├── bin
-            ├── etc
-            |    ├── smartdns
-            |    |     └── smartdns.conf
-            |    └── init.d
-            |          └── S50smartdns
-            ├── lib
-            ├── sbin
-            ├── usr
-            |    └── sbin
-            |          └── smartdns
-            ....
-    ```
-
-    如要修改配置，可以ssh登录路由器，使用vi命令修改  
-
-    ```shell
-    vi /opt/etc/smartdns/smartdns.conf
-    ```
-
-    也可以通过网上邻居修改，网上邻居共享目录`sda1`看不到`asusware.mipsbig`目录，但可以直接在`文件管理器`中输入`asusware.mipsbig\etc\init.d`访问
-
-    ```shell
-    \\192.168.1.1\sda1\asusware.mipsbig\etc\init.d
-    ```
-
-### optware/entware
-
---------------
-
-1. 准备
-
-    在使用此软件时，需要确认路由器是否支持U盘，并准备好U盘一个。
-
-1. 安装SmartDNS
-
-    将软件使用winscp上传到路由器的`/tmp`目录。
-
-    ```shell
-    ipkg install smartdns.xxxxxxx.mipsbig.ipk
-    ```
-
-1. 修改smartdns配置
-
-    ```shell
-    vi /opt/etc/smartdns/smartdns.conf
-    ```
-
-    另外，如需支持IPV6，可设置工作模式为`2`，将dnsmasq的DNS服务禁用，smartdns为主用DNS服务器。将文件`/opt/etc/smartdns/smartdns-opt.conf`，中的`SMARTDNS_WORKMODE`修改为2.
-
-    ```shell
-    SMARTDNS_WORKMODE="2"
-    ```
-
-1. 重启路由器生效服务
-
-    待路由器启动后，使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-    看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-    注意：若服务没有自动启动，则需要设置optwre/entware自动启动，具体方法参考optware/entware的文档。
-
-### Windows 10 WSL安装/WSL ubuntu
-
---------------
-
-1. 安装Windows 10 WSL ubuntu系统
-
-    安装Windows 10 WSL运行环境，发行版本选择ubuntu系统。安装步骤请参考[WSL安装说明](https://docs.microsoft.com/en-us/windows/wsl/install-win10)
-
-1. 安装smartdns
-
-    下载安装包`smartdns.xxxxxxxx.x86_64.tar.gz`，并解压到D盘根目录。解压后目录如下：
-
-    ```shell
-    D:\SMARTDNS
-    ├─etc
-    │  ├─default
-    │  ├─init.d
-    │  └─smartdns
-    ├─package
-    │  └─windows
-    ├─src
-    └─systemd
-
-    ```
-
-    双击`D:\smartdns\package\windows`目录下的`install.bat`进行安装。要求输入密码时，请输入`WLS ubuntu`的密码。
-
-1. 修改配置
-
-    记事本打开`D:\smartdns\etc\smartdns`目录中的`smartdns.conf`配置文件配置smartdns。具体配置参数参考`配置参数`说明。  
-    一般情况下，只需要增加`server [IP]:port`, `server-tcp [IP]:port`配置项，
-    尽可能配置多个上游DNS服务器，包括国内外的服务器。配置参数请查看`配置参数`章节。
-
-1. 重新加载配置
-
-    双击`D:\smartdns\package\windows`目录下的`reload.bat`进行安装。要求输入密码时，请输入`WLS ubuntu`的密码。
-
-1. 将DNS请求转发的SmartDNS解析。
-
-    将Windows的默认DNS服务器修改为`127.0.0.1`，具体步骤参考[IP配置](https://support.microsoft.com/zh-cn/help/15089/windows-change-tcp-ip-settings)
-
-1. 检测服务是否配置成功。
-
-    使用`nslookup -querytype=ptr 0.0.0.0`查询域名  
-    看命令结果中的`name`项目是否显示为`smartdns`或`主机名`，如`smartdns`则表示生效  
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-## 配置参数
-
-|参数|  功能  |默认值|配置值|例子|
-|--|--|--|--|--|
-|server-name|DNS服务器名称|操作系统主机名/smartdns|符合主机名规格的字符串|server-name smartdns
-|bind|DNS监听端口号|[::]:53|可绑定多个端口<br>`IP:PORT`: 服务器IP，端口号。<br>`[-group]`: 请求时使用的DNS服务器组。<br>`[-no-rule-addr]`：跳过address规则。<br>`[-no-rule-nameserver]`：跳过Nameserver规则。<br>`[-no-rule-ipset]`：跳过Ipset规则。<br>`[no-rule-soa]`：跳过SOA(#)规则.<br>`[no-dualstack-selection]`：停用双栈测速。<br>`[-no-speed-check]`：停用测速。<br>`[-no-cache]`：停止缓存|bind :53
-|bind|TCP DNS监听端口号|[::]:53|可绑定多个端口<br>`IP:PORT`: 服务器IP，端口号。<br>`[-group]`: 请求时使用的DNS服务器组。<br>`[-no-rule-addr]`：跳过address规则。<br>`[-no-rule-nameserver]`：跳过Nameserver规则。<br>`[-no-rule-ipset]`：跳过Ipset规则。<br>`[no-rule-soa]`：跳过SOA(#)规则.<br>`[no-dualstack-selection]`：停用双栈测速。<br>`[-no-speed-check]`：停用测速。<br>`[-no-cache]`：停止缓存|bind-tcp :53
-|cache-size|域名结果缓存个数|512|数字|cache-size 512
-|tcp-idle-time|TCP链接空闲超时时间|120|数字|tcp-idle-time 120
-|rr-ttl|域名结果TTL|远程查询结果|大于0的数字|rr-ttl 600
-|rr-ttl-min|允许的最小TTL值|远程查询结果|大于0的数字|rr-ttl-min 60
-|rr-ttl-max|允许的最大TTL值|远程查询结果|大于0的数字|rr-ttl-max 600
-|log-level|设置日志级别|error|fatal,error,warn,notice,info,debug|log-level error
-|log-file|日志文件路径|/var/log/smartdns.log|路径|log-file /var/log/smartdns.log
-|log-size|日志大小|128K|数字+K,M,G|log-size 128K
-|log-num|日志归档个数|2|数字|log-num 2
-|audit-enable|设置审计启用|no|[yes\|no]|audit-enable yes
-|audit-file|审计文件路径|/var/log/smartdns-audit.log|路径|audit-file /var/log/smartdns-audit.log
-|audit-size|审计大小|128K|数字+K,M,G|audit-size 128K
-|audit-num|审计归档个数|2|数字|audit-num 2
-|conf-file|附加配置文件|无|文件路径|conf-file /etc/smartdns/smartdns.more.conf
-|server|上游UDP DNS|无|可重复<br>`[ip][:port]`：服务器IP，端口可选。<br>`[-blacklist-ip]`：blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`：whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`：DNS服务器所属组，比如office, foreign，和nameserver配套使用。<br>`[-exclude-default-group]`：将DNS服务器从默认组中排除| server 8.8.8.8:53 -blacklist-ip -group g1
-|server-tcp|上游TCP DNS|无|可重复<br>`[ip][:port]`：服务器IP，端口可选。<br>`[-blacklist-ip]`：blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`：whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`：DNS服务器所属组，比如office, foreign，和nameserver配套使用。<br>`[-exclude-default-group]`：将DNS服务器从默认组中排除| server-tcp 8.8.8.8:53
-|server-tls|上游TLS DNS|无|可重复<br>`[ip][:port]`：服务器IP，端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值，base64编码的sha256 SPKI pin值<br>`[-host-name]`：TLS SNI名称。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br>`[-blacklist-ip]`：blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`：whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`：DNS服务器所属组，比如office, foreign，和nameserver配套使用。<br>`[-exclude-default-group]`：将DNS服务器从默认组中排除| server-tls 8.8.8.8:853
-|server-https|上游HTTPS DNS|无|可重复<br>`https://[host][:port]/path`：服务器IP，端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值，base64编码的sha256 SPKI pin值<br>`[-host-name]`：TLS SNI名称<br>`[-http-host]`：http协议头主机名。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br>`[-blacklist-ip]`：blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`：whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`：DNS服务器所属组，比如office, foreign，和nameserver配套使用。<br>`[-exclude-default-group]`：将DNS服务器从默认组中排除| server-https https://cloudflare-dns.com/dns-query
-|speed-check-mode|测速模式选择|无|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:80
-|address|指定域名IP地址|无|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6] <br>`-`表示忽略 <br>`#`表示返回SOA <br>`4`表示IPV4 <br>`6`表示IPV6| address /www.example.com/1.2.3.4
-|nameserver|指定域名使用server组解析|无|nameserver /domain/[group\|-], `group`为组名，`-`表示忽略此规则，配套server中的`-group`参数使用| nameserver /www.example.com/office
-|ipset|域名IPSET|None|ipset /domain/[ipset\|-], `-`表示忽略|ipset /www.example.com/pass
-|ipset-timeout|设置IPSET超时功能启用|auto|[yes]|ipset-timeout yes
-|bogus-nxdomain|假冒IP地址过滤|无|[ip/subnet]，可重复| bogus-nxdomain 1.2.3.4/16
-|ignore-ip|忽略IP地址|无|[ip/subnet]，可重复| ignore-ip 1.2.3.4/16
-|whitelist-ip|白名单IP地址|无|[ip/subnet]，可重复| whitelist-ip 1.2.3.4/16
-|blacklist-ip|黑名单IP地址|无|[ip/subnet]，可重复| blacklist-ip 1.2.3.4/16
-|force-AAAA-SOA|强制AAAA地址返回SOA|no|[yes\|no]|force-AAAA-SOA yes
-|prefetch-domain|域名预先获取功能|no|[yes\|no]|prefetch-domain yes
-|dualstack-ip-selection|双栈IP优选|no|[yes\|no]|dualstack-ip-selection yes
-|dualstack-ip-selection-threshold|双栈IP优选阈值|30ms|毫秒|dualstack-ip-selection-threshold [0-1000]
-
-## FAQ
-
-1. SmartDNS和DNSMASQ有什么区别  
-    SMARTDNS在设计上并不是替换DNSMASQ的，SMARTDNS主要功能集中在DNS解析增强上，增强部分有：
-    * 多上游服务器并发请求，对结果进行测速后，返回最佳结果；
-    * address，ipset域名匹配采用高效算法，查询匹配更加快速高效，路由器设备依然高效。
-    * 域名匹配支持忽略特定域名，可单独匹配IPv4， IPV6，支持多样化定制。
-    * 针对广告屏蔽功能做增强，返回SOA，屏蔽广告效果更佳；
-    * IPV4，IPV6双栈IP优选机制，在双网情况下，选择最快的网络通讯。
-    * 支持最新的TLS, HTTPS协议，提供安全的DNS查询能力。
-    * ECS支持，是查询结果更佳准确。
-    * IP黑名单，忽略IP机制，使域名查询更佳准确。
-    * 域名预查询，访问常用网站更加快速。
-    * 域名TTL可指定，使访问更快速。
-    * 高速缓存机制，使访问更快速。
-    * 异步日志，审计机制，在记录信息的同时不影响DNS查询性能。
-    * 域名组（group）机制，特定域名使用特定上游服务器组查询，避免隐私泄漏。
-    * 第二DNS支持自定义更多行为。
-
-1. 如何配置上游服务器最佳。  
-    smartdns有测速机制，在配置上游服务器时，建议配置多个上游DNS服务器，包含多个不同区域的服务器，但总数建议在10个左右。推荐配置  
-    * 运营商DNS。
-    * 国内公共DNS，如`119.29.29.29`, `223.5.5.5`。
-    * 国外公共DNS，如`8.8.8.8`, `8.8.4.4`。
-
-1. 如何启用审计日志  
-    审计日志记录客户端请求的域名，记录信息包括，请求时间，请求IP，请求域名，请求类型，如果要启用审计日志，在配置界面配置`audit-enable yes`启用，`audit-size`, `audit-file`, `audit-num`分别配置审计日志文件大小，审计日志文件路径，和审计日志文件个数。审计日志文件将会压缩存储以节省空间。
-
-1. 如何避免隐私泄漏  
-    smartdns默认情况下，会将请求发送到所有配置的DNS服务器，若上游DNS服务器使用DNS，或记录日志，将会导致隐私泄漏。为避免隐私泄漏，请尽量：  
-    * 配置使用可信的DNS服务器。
-    * 优先使用TLS查询。
-    * 设置上游DNS服务器组。
-
-1. 如何屏蔽广告  
-    smartdns具备高性能域名匹配算法，通过域名方式过滤广告非常高效，如要屏蔽广告，只需要配置类似如下记录即可，如，屏蔽`*.ad.com`，则配置：
-
-    ```sh
-    address /ad.com/#
-    ```
-
-    域名的使后缀模式，过滤*.ad.com，`#`表示返回SOA，使屏蔽广告更加高效，如果要单独屏蔽IPV4， 或IPV6， 在`#`后面增加数字，如`#4`表示对IPV4生效。若想忽略特定子域名的屏蔽，可配置如下，如忽略`pass.ad.com`，可配置如下：
-
-    ```sh
-    address /pass.ad.com/-
-    ```
-
-1. 如何使用DNS查询分流  
-    某些情况下，需要将有些域名使用特定的DNS服务器来查询来做到DNS分流。比如。
-
-    ```sh
-    .home -> 192.168.1.1
-    .office -> 10.0.0.1
-    ```
-
-    .home 结尾的域名发送到192.168.1.1解析  
-    .office 结尾的域名发送到10.0.0.1解析
-    其他域名采用默认的模式解析。
-    这种情况的分流配置如下：
-
-    ```sh
-    #配置上游，用-group指定组名，用-exclude-default-group将服务器从默认组中排除。
-    server 192.168.1.1 -group home -exclude-default-group
-    server 10.0.0.1 -group office -exclude-default-group
-    server 8.8.8.8
-
-    #配置解析的域名
-    nameserver /.home/home
-    nameserver /.office/office
-    ```
-
-    通过上述配置即可实现DNS解析分流，如果需要实现按请求端端口分流，可以配置第二DNS服务器，bind配置增加--group参数指定分流名称。
-
-    ```sh
-    bind :7053 -group office
-    bind :8053 -group home
-    ```
-
-1. IPV4, IPV6双栈IP优选功能如何使用  
-    目前IPV6已经开始普及，但IPV6网络在速度上，某些情况下还不如IPV4，为在双栈网络下获得较好的体验，smartdns提供来双栈IP优选机制，同一个域名，若IPV4的速度远快与IPV6，那么smartdns就会阻止IPV6的解析，让PC使用IPV4访问，具体配置文件通过`dualstack-ip-selection yes`启用此功能，通过`dualstack-ip-selection-threshold [time]`来修改阈值。如果要完全禁止IPV6 AAAA记录解析，可设置`force-AAAA-SOA yes`。
-
-1. 如何提高cache效率，加快访问速度  
-    smartdns提供了域名缓存机制，对查询的域名，进行缓存，缓存时间符合DNS TTL规范。为提高缓存命中率，可采用如下措施：  
-    * 适当增大cache的记录数  
-    通过`cache-size`来设置缓存记录数。  
-    查询压力大的环境下，并且有内存大的机器的情况下，可适当调大。  
-
-    * 适当设置最小TTL值  
-    通过`rr-ttl-min`将最低DNS TTL时间设置为一个合理值，延长缓存时间。  
-    建议是超时时间设置在10～30分钟，避免服务器域名变化时，查询到失效域名。
-
-    * 开启域名预获取功能  
-    通过`prefetch-domain yes`来启用域名预先获取功能，提高查询命中率。  
-    配合上述ttl超时时间，smartdns将在域名ttl即将超时使，再次发送查询请求，并缓存查询结果供后续使用。频繁访问的域名将会持续缓存。此功能将在空闲时消耗更多的CPU。
-
-1. 第二DNS如何自定义更多行为  
-    第二DNS可以作为其他DNS服务器的上游，提供更多的查询行为，通过bind配置支持可以绑定多个端口，不同端口可设置不同的标志，实现不同的功能，如
-
-    ```sh
-    # 绑定 6053端口，6053端口的请求将采用配置office组的上游查询，且不对结果进行测速，忽略address的配置地址。
-    bind [::]:6053 -no-speed-check -group office -no-rule-addr
-    ```
-
-## 编译
-
-smartdns包含了编译软件包的脚本，支持编译luci，debian，openwrt，optare安装包，可执行`package/build-pkg.sh`编译。
-
-## Donate
-
-如果你觉得此项目对你有帮助，请捐助我们，以使项目能持续发展，更加完善。
-
-### PayPal
-
-[![Support via PayPal](https://cdn.rawgit.com/twolfson/paypal-github-button/1.0.0/dist/button.svg)](https://paypal.me/PengNick/)
-
-### Alipay 支付宝
-
-![alipay](doc/alipay_donate.jpg)
-
-### Wechat 微信
-  
-![wechat](doc/wechat_donate.jpg)
-
-## 开源声明
-
-Smartdns 基于GPL V3协议开源。
+# SmartDNS
+
+**[English](ReadMe_en.md)**
+
+![SmartDNS](doc/smartdns-banner.png)
+SmartDNS 是一个运行在本地的 DNS 服务器，它接受来自本地客户端的 DNS 查询请求，然后从多个上游 DNS 服务器获取 DNS 查询结果，并将访问速度最快的结果返回给客户端，以此提高网络访问速度。
+SmartDNS 同时支持指定特定域名 IP 地址，并高性匹配，可达到过滤广告的效果; 支持DOT(DNS over TLS)和DOH(DNS over HTTPS)，更好的保护隐私。  
+
+与 DNSmasq 的 all-servers 不同，SmartDNS 返回的是访问速度最快的解析结果。
+
+支持树莓派、OpenWrt、华硕路由器原生固件和 Windows 系统等。
+
+## 使用指导
+
+SmartDNS官网：[https://pymumu.github.io/smartdns](https://pymumu.github.io/smartdns)
+
+## 软件效果展示
+
+**阿里 DNS**  
+使用阿里 DNS 查询百度IP，并检测结果。  
+
+```shell
+$ nslookup www.baidu.com 223.5.5.5
+Server:         223.5.5.5
+Address:        223.5.5.5#53
+
+Non-authoritative answer:
+www.baidu.com   canonical name = www.a.shifen.com.
+Name:   www.a.shifen.com
+Address: 180.97.33.108
+Name:   www.a.shifen.com
+Address: 180.97.33.107
+
+$ ping 180.97.33.107 -c 2
+PING 180.97.33.107 (180.97.33.107) 56(84) bytes of data.
+64 bytes from 180.97.33.107: icmp_seq=1 ttl=55 time=24.3 ms
+64 bytes from 180.97.33.107: icmp_seq=2 ttl=55 time=24.2 ms
+
+--- 180.97.33.107 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 24.275/24.327/24.380/0.164 ms
+pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.108 -c 2
+PING 180.97.33.108 (180.97.33.108) 56(84) bytes of data.
+64 bytes from 180.97.33.108: icmp_seq=1 ttl=55 time=31.1 ms
+64 bytes from 180.97.33.108: icmp_seq=2 ttl=55 time=31.0 ms
+
+--- 180.97.33.108 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 31.014/31.094/31.175/0.193 ms
+```
+
+**SmartDNS**  
+使用 SmartDNS 查询百度 IP，并检测结果。
+
+```shell
+$ nslookup www.baidu.com
+Server:         192.168.1.1
+Address:        192.168.1.1#53
+
+Non-authoritative answer:
+www.baidu.com   canonical name = www.a.shifen.com.
+Name:   www.a.shifen.com
+Address: 14.215.177.39
+
+$ ping 14.215.177.39 -c 2
+PING 14.215.177.39 (14.215.177.39) 56(84) bytes of data.
+64 bytes from 14.215.177.39: icmp_seq=1 ttl=56 time=6.31 ms
+64 bytes from 14.215.177.39: icmp_seq=2 ttl=56 time=5.95 ms
+
+--- 14.215.177.39 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms
+```
+
+从对比看出，SmartDNS 找到了访问 www.baidu.com 最快的 IP 地址，比阿里 DNS 速度快了 5 倍。
+
+## 特性
+
+1. **多 DNS 上游服务器**  
+   支持配置多个上游 DNS 服务器，并同时进行查询，即使其中有 DNS 服务器异常，也不会影响查询。  
+
+1. **返回最快 IP 地址**  
+   支持从域名所属 IP 地址列表中查找到访问速度最快的 IP 地址，并返回给客户端，提高网络访问速度。
+
+1. **支持多种查询协议**  
+   支持 UDP、TCP、DOT 和 DOH 查询及服务，以及非 53 端口查询；支持通过socks5，HTTP代理查询;
+
+1. **特定域名 IP 地址指定**  
+   支持指定域名的 IP 地址，达到广告过滤效果、避免恶意网站的效果。
+
+1. **域名高性能后缀匹配**  
+   支持域名后缀匹配模式，简化过滤配置，过滤 20 万条记录时间 < 1ms。
+
+1. **域名分流**  
+   支持域名分流，不同类型的域名向不同的 DNS 服务器查询，支持iptable和nftable更好的分流；支持测速失败的情况下设置域名结果到对应ipset和nftset集合。
+
+1. **Windows / Linux 多平台支持**  
+   支持标准 Linux 系统（树莓派）、OpenWrt 系统各种固件和华硕路由器原生固件。同时还支持 WSL（Windows Subsystem for Linux，适用于 Linux 的 Windows 子系统）。
+
+1. **支持 IPv4、IPv6 双栈**  
+   支持 IPv4 和 IPV 6网络，支持查询 A 和 AAAA 记录，支持双栈 IP 速度优化，并支持完全禁用 IPv6 AAAA 解析。
+
+1. **支持DNS64**  
+   支持DNS64转换。
+
+1. **高性能、占用资源少**  
+   多线程异步 IO 模式，cache 缓存查询结果。
+
+1. **主流系统官方支持**  
+   主流路由系统官方软件源安装smartdns。
+
+## 架构
+
+![Architecture](https://github.com/pymumu/test/releases/download/blob/architecture.png)
+
+1. SmartDNS 接收本地网络设备的DNS 查询请求，如 PC、手机的查询请求；
+1. 然后将查询请求发送到多个上游 DNS 服务器，可支持 UDP 标准端口或非标准端口查询，以及 TCP 查询；
+1. 上游 DNS 服务器返回域名对应的服务器 IP 地址列表，SmartDNS 则会检测从本地网络访问速度最快的服务器 IP；
+1. 最后将访问速度最快的服务器 IP 返回给本地客户端。
+
+## 编译
+
+- 代码编译：
+
+  SmartDNS 提供了编译软件包的脚本（`package/build-pkg.sh`），支持编译 LuCI、Debian、OpenWrt 和 Optware 安装包。
+
+- 文档编译：
+
+  文档分支为`doc`，安装`mkdocs`工具后，执行`mkdocs build`编译。
+
+## 捐赠
+
+如果你觉得此项目对你有帮助，请捐助我们，使项目能持续发展和更加完善。
+
+### PayPal 贝宝
+
+[![Support via PayPal](https://cdn.rawgit.com/twolfson/paypal-github-button/1.0.0/dist/button.svg)](https://paypal.me/PengNick/)
+
+### AliPay 支付宝
+
+![alipay](doc/alipay_donate.jpg)
+
+### WeChat Pay 微信支付
+
+![wechat](doc/wechat_donate.jpg)
+
+## 开源声明
+
+SmartDNS 基于 GPL V3 协议开源。

ReadMe_en.md

@@ -1,702 +1,139 @@
-# SmartDNS
-
-![SmartDNS](doc/smartdns-banner.png)  
-SmartDNS is a local DNS server. SmartDNS accepts DNS query requests from local clients, obtains DNS query results from multiple upstream DNS servers, and returns the fastest access results to clients.  
-Avoiding DNS pollution and improving network access speed, supports high-performance ad filtering.  
-Unlike dnsmasq's all-servers, smartdns returns the fastest access resolution. （[read more](#faq)）
-
-Support Raspberry Pi, openwrt, ASUS router, Windows and other devices.  
-
-## Table Of Content
-
-1. [Software Show](#software-show)
-1. [Features](#features)
-1. [Architecture](#architecture)
-1. [Usage](#usage)  
-    1. [Download the package](#download-the-package)
-    1. [Standard Linux system installation/Raspberry Pi, X86_64 system](#standard-linux-system-installation/raspberry-pi,-x86_64-system)
-    1. [openwrt/LEDE](#openwrt/lede)
-    1. [ASUS router native firmware / Merlin firmware](#asus-router-native-firmware-/-merlin-firmware)
-    1. [optware/entware](#optware/entware)
-    1. [Windows 10 WSL Installation/WSL ubuntu](#windows-10-wsl-installation/wsl-ubuntu)
-1. [Configuration parameter](#configuration-parameter)
-1. [Donate](#Donate)
-1. [FAQ](#FAQ)
-
-## Software Show
-
-**Ali DNS**  
-Use Ali DNS to query Baidu's IP and test the results.  
-
-```shell
-pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com 223.5.5.5
-Server:         223.5.5.5
-Address:        223.5.5.5#53
-
-Non-authoritative answer:
-www.baidu.com   canonical name = www.a.shifen.com.
-Name:   www.a.shifen.com
-Address: 180.97.33.108
-Name:   www.a.shifen.com
-Address: 180.97.33.107
-
-pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.107 -c 2
-PING 180.97.33.107 (180.97.33.107) 56(84) bytes of data.
-64 bytes from 180.97.33.107: icmp_seq=1 ttl=55 time=24.3 ms
-64 bytes from 180.97.33.107: icmp_seq=2 ttl=55 time=24.2 ms
-
---- 180.97.33.107 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 24.275/24.327/24.380/0.164 ms
-pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.108 -c 2
-PING 180.97.33.108 (180.97.33.108) 56(84) bytes of data.
-64 bytes from 180.97.33.108: icmp_seq=1 ttl=55 time=31.1 ms
-64 bytes from 180.97.33.108: icmp_seq=2 ttl=55 time=31.0 ms
-
---- 180.97.33.108 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 31.014/31.094/31.175/0.193 ms
-```
-
-**smartdns**  
-Use SmartDNS to query Baidu IP and test the results.
-
-```shell
-pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com
-Server:         192.168.1.1
-Address:        192.168.1.1#53
-
-Non-authoritative answer:
-www.baidu.com   canonical name = www.a.shifen.com.
-Name:   www.a.shifen.com
-Address: 14.215.177.39
-
-pi@raspberrypi:~/code/smartdns_build $ ping 14.215.177.39 -c 2
-PING 14.215.177.39 (14.215.177.39) 56(84) bytes of data.
-64 bytes from 14.215.177.39: icmp_seq=1 ttl=56 time=6.31 ms
-64 bytes from 14.215.177.39: icmp_seq=2 ttl=56 time=5.95 ms
-
---- 14.215.177.39 ping statistics ---
-2 packets transmitted, 2 received, 0% packet loss, time 1001ms
-rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms
-
-```
-
-From the comparison, smartdns found the fastest IP address to visit www.baidu.com, so accessing Baidu's DNS is 5 times faster than Ali DNS.
-
-## Features
-
-1. **Multiple upstream DNS servers**  
-   Support configuring multiple upstream DNS servers and query at the same time.the query will not be affected, Even if there is a DNS server exception.  
-
-2. **Return the fastest IP address**  
-   Supports finding the fastest access IP address from the IP address list of the domain name and returning it to the client to avoid DNS pollution and improve network access speed.
-
-3. **Support for multiple query protocols**  
-   Support UDP, TCP, TLS, HTTPS queries, and non-53 port queries, effectively avoiding DNS pollution.
-
-4. **Domain IP address specification**  
-   Support configuring IP address of specific domain to achieve the effect of advertising filtering, and avoid malicious websites.
-
-5. **Domain name high performance rule filtering**  
-   Support domain name suffix matching mode, simplify filtering configuration, filter 200,000 recording and take time <1ms.
-
-6. **Linux/Windows multi-platform support**  
-   Support standard Linux system (Raspberry Pi), openwrt system various firmware, ASUS router native firmware. Support Windows 10 WSL (Windows Subsystem for Linux).
-
-7. **Support IPV4, IPV6 dual stack**  
-   Support IPV4, IPV6 network, support query A, AAAA record, dual-stack IP selection, and disale IPV6 AAAA record.
-
-8. **High performance, low resource consumption**  
-   Multi-threaded asynchronous IO mode, cache cache query results.
-
-## Architecture
-
-![Architecture](doc/architecture.png)
-
-1. SmartDNS receives DNS query requests from local network devices, such as PCs and mobile phone query requests.
-2. SmartDNS sends query requests to multiple upstream DNS servers, using standard UDP queries, non-standard port UDP queries, and TCP queries.
-3. The upstream DNS server returns a list of Server IP addresses corresponding to the domain name. SmartDNS detects the fastest Server IP with local network access.
-4. Return the fastest accessed Server IP to the local client.
-
-## Usage
-
-### Download the package
-
---------------
-
-Download the matching version of the SmartDNS installation package. The corresponding installation package is as follows.
-
-|system |package|Description
-|-----|-----|-----
-|Standard Linux system (Raspberry Pi)| smartdns.xxxxxxxx.armhf.deb|Support Raspberry Pi Raspbian stretch, Debian 9 system.
-|Standard Linux system (Armbian arm64)| smartdns.xxxxxxxx.arm64.deb|Support Armbian debian stretch, Debian 9 system.
-|Standard Linux system (x86_64)| smartdns.xxxxxxxx.x86_64.tar.gz|Support for x86_64 Linux systems.
-|Windows 10 WSL (Ubuntu)| smartdns.xxxxxxxx.x86_64.tar.gz|Windows 10 WSL ubuntu.
-|Standard Linux system (x86)| smartdns.xxxxxxxx.x86.tar.gz|Support for x86_64 systems.
-|ASUS native firmware (optware)|smartdns.xxxxxxx.mipsbig.ipk|Systems that support the MIPS big-end architecture, such as RT-AC55U, RT-AC66U.
-|ASUS native firmware (optware)|smartdns.xxxxxxx.mipsel.ipk|System that supports the MIPS little endian architecture.
-|ASUS native firmware (optware)|smartdns.xxxxxxx.arm.ipk|System that supports the ARM small endian architecture, such as the RT-AC88U, RT-AC68U.
-|Padavan|smartdns.xxxxxxx.mipselsf.ipk|padavan Firmware.
-|openwrt 15.01|smartdns.xxxxxxxx.ar71xx.ipk|Support AR71XX MIPS system.
-|openwrt 15.01|smartdns.xxxxxxxx.ramips_24kec.ipk|Support small-end routers such as MT762X
-|openwrt 15.01(Pandora)|smartdns.xxxxxxxx.mipsel_24kec_dsp.ipk|Support for Pandora firmware of MT7620 series
-|openwrt 15.01(Pandora)|smartdns.xxxxxxxx.mips_74kc_dsp2.ipk|Support for Pandora firmware of AR71xx series
-|openwrt 18.06|smartdns.xxxxxxxx.mips_24kc.ipk|Support AR71XX MIPS system.
-|openwrt 18.06|smartdns.xxxxxxxx.mipsel_24kc.ipk|Support small-end routers such as MT726X
-|openwrt 18.06|smartdns.xxxxxxxx.x86_64.ipk|Support x86_64 router
-|openwrt 18.06|smartdns.xxxxxxxx.i386_pentium4.ipk|Support x86_64 router
-|openwrt 18.06|smartdns.xxxxxxxxxxx.arm_cortex-a9.ipk|Router supporting arm A9 core CPU
-|openwrt 18.06|smartdns.xxxxxxxxx.arm_cortex-a7_neon-vfpv4.ipk|Router supporting arm A7 core CPU
-|openwrt LUCI|luci-app-smartdns.xxxxxxxxx.xxxx.all.ipk|Openwrt management interface
-
-* The openwrt system supports a lot of CPU architecture. The above table does not list all the supported systems. Please check the CPU architecture and download it.
-* The merlin Merlin firmware theory is the same as the ASUS firmware, so install the corresponding ipk package according to the hardware type. (Merlin is not verified yet, and has a problem to submit an issue)
-* The CPU architecture can be found in the router management interface:  
-    Log in to the router, click `System`->`Software`, click the `Configuration` tab page, and find the corresponding software architecture in the opkg installation source. The download path can be found, as follows, the architecture is ar71xx
-
-    ```shell
-    src/gz chaos_calmer_base http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/packages/base
-    ```
-
-* Or after login to the system, you can query the architecture with the following commands:
-
-  * **Openwrt series commands**
-
-    ```shell
-    opkg print_architecture
-    ```
-
-  * **Optiware series commands**
-
-    ```shell
-    ipkg print_architecture
-    ```
-
-  * **Dedebian Series Order**
-
-    ```shell
-    dpkg -- print-architecture
-    ```
-
-  * **for example**
-
-    The following query result `arch ar71xx 10` represents the ar71xx series architecture, so select the `smartdns.xxxxxxx.ar71xx.ipk` installation package.
-
-    ```shell
-    Root@OpenWrt:# opkg print_architecture
-    Arch all 1
-    Arch noarch 1
-    Arch ar71xx 10
-    ```
-
-* **Please download from the Release page: [Download here](https://github.com/pymu/smartdns/releases)**
-
-```shell
-https://github.com/pymumu/smartdns/releases
-```
-
-* For the installation procedure, please refer to the following sections.
-
-### Standard Linux system installation/Raspberry Pi, X86_64 system
-
---------------
-
-1. Installation
-
-    Download the installation package like `smartdns.xxxxxxxx.armhf.deb` and upload it to the Linux system. Run the following command to install
-
-    ```shell
-    dpkg -i smartdns.xxxxxxxx.armhf.deb
-    ```
-
-    For X86-64 system, download the installation package like `smartdns.xxxxxxxx.x86-64.tar.gz` and upload it to the Linux system. Run the following command to install
-
-    ```shell
-    tar zxf smartdns.xxxxxxxx.x86-64.tar.gz
-    cd smartdns
-    chmod +x ./install
-    ./install -i
-    ```
-
-1. Configuration
-
-    After the installation is complete, you can configure the upstream server to  smartdns. Refer to the `Configuration Parameters` for specific configuration parameters.  
-    In general, you only need to add `server [IP]:port`, `server-tcp [IP]:port` configuration items.  
-    Configure as many upstream DNS servers as possible, including servers at home and abroad. Please refer to the `Configuration Parameters` section for configuration parameters.  
-
-    ```shell
-    vi /etc/smartdns/smartdns.conf
-    ```
-
-1. Start Service
-
-    ```shell
-    systemctl enable smartdns
-    systemctl start smartdns
-    ```
-
-1. Forwarding DNS request to SmartDNS
-
-    Modify the DNS server of the local router and configure the DNS server as SmartDNS.
-    * Log in to the router on the local network and configure the Raspberry Pi to assign a static IP address.
-    * Modify the WAN port or DHCP DNS to the Raspberry Pi IP address.
-    Note:
-    I. Each router configuration method is different. Please search Baidu for related configuration methods.
-    II. some routers may not support configuring custom DNS server. in this case, please modify the PC's, mobile phone's DNS server to the ip of Raspberry Pi.
-
-1. Check if the service is configured successfully
-
-    Query domain name with `nslookup -querytype=ptr 0.0.0.0`  
-    Check if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-### openwrt/LEDE
-
---------------
-
-1. Installation
-
-    Upload the software to the /root directory of the router with winscp or other tool, and execute the following command to install it.
-
-    ```shell
-    opkg install smartdns.xxxxxxxx.xxxx.ipk
-    opkg install luci-app-smartdns.xxxxxxxx.xxxx.all.ipk
-    ```
-
-1. Configuration
-
-    Log in to the openwrt management page and open `Services`->`SmartDNS` to configure SmartDNS.
-    * Add upstream DNS server configuration to `Upstream Servers`. It is recommended to configure multiple DNS servers at home and abroad.
-    * Specify the IP address of a specific domain name in `Domain Address`, which can be used for ad blocking.
-
-1. Start Service
-
-   There are two ways to use the SmartDNS service, `one is directly as the primary DNS service`, `the other is as the upstream of dnsmasq`.  
-   By default, SmartDNS uses the first method. You can choose according to your needs in the following two ways.
-
-1. Method 1: SmartDNS as primary DNS Server (default scheme)
-
-    * **Enable SmartDNS port 53 port redirection**
-
-        Log in to the router, click on `Services`->`SmartDNS`->`redirect`, select `Redirect 53 port to SmartDNS` option to enable port 53 forwarding.
-
-    * **Check if the service is configured successfully**
-
-        Query domain name with `nslookup -querytype=ptr 0.0.0.0`
-        See if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-        ```shell
-        pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        0.0.0.0.in-addr.arpa  name = smartdns.
-        ```
-
-    * **The interface prompts that the redirect failed**
-
-        * Check if iptable, ip6table command is installed correctly.
-        * The openwrt 15.01 system does not support IPV6 redirection. If the network needs to support IPV6, please change DNSMASQ upstream to smartdns, or change the smartdns port to 53, and disable dnsmasq.
-        * After LEDE system, please install IPV6 nat forwarding driver. Click `system`->`Software`, click `update lists` to update the software list, install `ip6tables-mod-nat`
-        * Use the following command to check whether the routing rule takes effect.
-
-        ```shell
-        iptables -t nat -L PREROUTING | grep REDIRECT
-        ```
-
-        * If the forwarding function is abnormal, please use Method 2: As the upstream of DNSMASQ.
-
-1. Method 2: SmartDNS as upstream DNS Server of DNSMASQ
-
-    * **Forward dnsmasq's request to SmartDNS**
-
-        Log in to the router, click on `Services`->`SmartDNS`->`redirect`, select `Run as dnsmasq upstream server` option to forwarding dnsmasq request to Smartdns.
-
-    * **Check if the service is configured successfully**
-
-        * Method 1: Query domain name with `nslookup -querytype=ptr 0.0.0.1`
-        See if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-        ```shell
-        pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        0.0.0.0.in-addr.arpa  name = smartdns.
-        ```
-
-        * Method 2: Use `nslookup` to query the `www.baidu.com` domain name to see if the IP address of Baidu in the result is `only one. If there are multiple IP addresses returned, it means that it is not valid. Please try to check several domain names.
-
-        ```shell
-        pi@raspberrypi:~ $ nslookup www.baidu.com 192.168.1.1
-        Server:         192.168.1.1
-        Address:        192.168.1.1#53
-
-        Non-authoritative answer:
-        www.baidu.com   canonical name = www.a.shifen.com.
-        Name:   www.a.shifen.com
-        Address: 14.215.177.38
-        ```
-
-1. Start Service
-
-    Check the `Enable' in the configuration page to start SmartDNS server.
-
-1. Note
-
-    * If chinaDNS is already installed, it is recommended to configure the upstream of chinaDNS as SmartDNS.
-    * SmartDNS defaults to forwarding port 53 requests to the local port of SmartDNS, controlled by the `Redirect` configuration option.
-
-### ASUS router native firmware / Merlin firmware
-
---------------
-
-Note: Merlin firmware is derived from ASUS firmware and can theoretically be used directly with the ASUS package. However, it is currently unverified. If you have any questions, please submit an issue.
-
-1. Prepare
-
-    When using this software, you need to confirm whether the router supports U disk and prepare a USB disk.
-
-1. Enable SSH login
-
-    Log in to the management interface, click `System Management`-> Click `System Settings` and configure `Enable SSH` to `Lan Only`.  
-    The SSH login username and password are the same as the management interface.
-
-1. Insstall `Download Master`
-
-    In the management interface, click `USB related application`-> click `Download Master` to download.  
-    After the download is complete, enable `Download Master`. If you do not need the download function, you can uninstall `Download Master` here, but make sure that Download Master is enabled before uninstalling.  
-
-1. Install SmartDNS
-
-    Upload the software to the router's `/tmp/mnt/sda1` directory using winscp. (or copy the network neighborhood to the sda1 shared directory)
-
-    ```shell
-    ipkg install smartdns.xxxxxxx.mipsbig.ipk
-    ```
-
-1. Restart router
-
-    After the router is started, use `nslookup -querytype=ptr 0.0.0.0` to query the domain name.  
-    See if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-1. Note
-
-    In the above process, smartdns will be installed to the root directory of the U disk and run in optware mode.  
-    Its directory structure is as follows: (only smartdns related files are listed here)
-
-    ```shell
-    USB DISK
-    └── asusware.mipsbig
-            ├── bin
-            ├── etc
-            |    ├── smartdns
-            |    |     └── smartdns.conf
-            |    └── init.d
-            |          └── S50smartdns
-            ├── lib
-            ├── sbin
-            ├── usr
-            |    └── sbin
-            |          └── smartdns
-            ....
-    ```
-
-    To modify the configuration, you can use ssh to login to the router and use the vi command to modify it.
-
-    ```shell
-    vi /opt/etc/smartdns/smartdns.conf
-    ```
-
-    It can also be modified from Network Neighborhood. From the neighbor sharing directory `sda1` you can't see the `asusware.mipsbig` directory, but you can directly enter `asusware.mipsbig\etc\init.d` in `File Manager` to modify it.
-
-    ```shell
-    \\192.168.1.1\sda1\asusware.mipsbig\etc\init.d
-    ```
-
-### optware/entware
-
---------------
-
-1. Prepare
-
-    When using this software, you need to confirm whether the router supports USB disk and prepare a USB disk.
-
-1. Install SmartDNS
-
-    Upload the software to `/tmp` directory of the router using winscp, and run the flollowing command to install.
-
-    ```shell
-    ipkg install smartdns.xxxxxxx.mipsbig.ipk
-    ```
-
-1. Modify the smartdns configuration
-
-    ```shell
-    Vi /opt/etc/smartdns/smartdns.conf
-    ```
-
-    Note: if you need to support IPV6, you can set the worke-mode to `2`, this will disable the DNS service of dnsmasq, and smartdns run as the primary DNS server. Change `SMARTDNS_WORKMODE` in the file `/opt/etc/smartdns/smartdns-opt.conf` to 2.
-
-    ```shell
-    SMARTDNS_WORKMODE="2"
-    ```
-
-1. Restart the router to take effect
-
-    After the router is started, use `nslookup -querytype=ptr 0.0.0.0` to query the domain name.
-    See if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-    ```shell
-    Pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server: 192.168.1.1
-    Address: 192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa name = smartdns.
-    ```
-
-    Note: If the service does not start automatically, you need to set optwre/entware to start automatically. For details, see the optware/entware documentation.
-
-### Windows 10 WSL Installation/WSL ubuntu
-
---------------
-
-1. Install Windows 10 WSL ubuntu
-
-   Install the Windows 10 WSL environment and select Ubuntu as default distribution. Please refer to [WSL installation instructions](https://docs.microsoft.com/en-us/windows/wsl/install-win10) for installation steps
-
-1. Install smartdns
-
-    download install package `smartdns.xxxxxxxx.x86_64.tar.gz`，and unzip to the `D:\` directory, after decompression, the directory is as follows: 
-
-    ```shell
-    D:\SMARTDNS
-    ├─etc
-    │  ├─default
-    │  ├─init.d
-    │  └─smartdns
-    ├─package
-    │  └─windows
-    ├─src
-    └─systemd
-
-    ```
-
-    Double-click `install.bat` in the `D:\smartdns\package\windows` directory for installation. Please enter the password for `WLS ubuntu` when input password.
-
-1. Configuration
-
-    Edit `smartdns.conf` configuration file in `D:\smartdns\etc\smartdns` directory, you can configure the upstream server to  smartdns. Refer to the `Configuration Parameters` for specific configuration parameters.  
-    In general, you only need to add `server [IP]:port`, `server-tcp [IP]:port` configuration items.  
-    Configure as many upstream DNS servers as possible, including servers at home and abroad. Please refer to the `Configuration Parameters` section for configuration parameters.  
-
-1. Start Service
-
-    Double-click `reload.bat` in the `D:\smartdns\package\windows` directory for reload.
-
-1. Forwarding DNS request to SmartDNS
-
-    Modify the default DNS server for Windows to `127.0.0.1`, with these steps referred to [IP configuration](https://support.microsoft.com/en-us/help/15089/windows-change-tcp-ip-settings)
-
-1. Check if the service is configured successfully
-
-    Query domain name with `nslookup -querytype=ptr 0.0.0.0`  
-    Check if the `name` item in the command result is displayed as `smartdns` or `hostname`, such as `smartdns`
-
-    ```shell
-    pi@raspberrypi:~/code/smartdns_build $ nslookup -querytype=ptr 0.0.0.0
-    Server:         192.168.1.1
-    Address:        192.168.1.1#53
-
-    Non-authoritative answer:
-    0.0.0.0.in-addr.arpa  name = smartdns.
-    ```
-
-## Configuration parameter
-
-|parameter|Parameter function|Default value|Value type|Example|
-|--|--|--|--|--|
-|server-name|DNS name|host name/smartdns|any string like hosname|server-name smartdns
-|bind|DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind :53
-|bind-tcp|TCP mode DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind-tcp :53
-|cache-size|Domain name result cache number|512|integer|cache-size 512
-|tcp-idle-time|TCP connection idle timeout|120|integer|tcp-idle-time 120
-|rr-ttl|Domain name TTL|Remote query result|number greater than 0|rr-ttl 600
-|rr-ttl-min|Domain name Minimum TTL|Remote query result|number greater than 0|rr-ttl-min 60
-|rr-ttl-max|Domain name Maximum TTL|Remote query result|number greater than 0|rr-ttl-max 600
-|log-level|log level|error|fatal,error,warn,notice,info,debug|log-level error
-|log-file|log path|/var/log/smartdns.log|File Pah|log-file /var/log/smartdns.log
-|log-size|log size|128K|number+K,M,G|log-size 128K
-|log-num|archived log number|2|Integer|log-num 2
-|audit-enable|audit log enable|no|[yes\|no]|audit-enable yes
-|audit-file|audit log file|/var/log/smartdns-audit.log|File Path|audit-file /var/log/smartdns-audit.log
-|audit-size|audit log size|128K|number+K,M,G|audit-size 128K
-|audit-num|archived audit log number|2|Integer|audit-num 2
-|conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf
-|server|Upstream UDP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server 8.8.8.8:53 -blacklist-ip
-|server-tcp|Upstream TCP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tcp 8.8.8.8:53
-|server-tls|Upstream TLS DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name. <br>`[-tls-host-verify]`: TLS cert hostname to verify.<br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tls 8.8.8.8:853
-|server-https|Upstream HTTPS DNS server|None|Repeatable <br>`https://[host][:port]/path`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name<br>`[-http-host]`：http header host. <br>`[-tls-host-verify]`: TLS cert hostname to verify.<br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-https https://cloudflare-dns.com/dns-query
-|speed-check-mode|Speed ​​mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:443
-|address|Domain IP address|None|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4
-|nameserver|To query domain with specific server group|None|nameserver /domain/[group\|-], `group` is the group name, `-` means ignore this rule, use the `-group` parameter in the related server|nameserver /www.example.com/office
-|ipset|Domain IPSet|None|ipset /domain/[ipset\|-], `-` for ignore|ipset /www.example.com/pass
-|ipset-timeout|ipset timeout enable|auto|[yes]|ipset-timeout yes
-|bogus-nxdomain|bogus IP address|None|[IP/subnet], Repeatable| bogus-nxdomain 1.2.3.4/16
-|ignore-ip|ignore ip address|None|[ip/subnet], Repeatable| ignore-ip 1.2.3.4/16
-|whitelist-ip|ip whitelist|None|[ip/subnet], Repeatable，When the filtering server responds IPs in the IP whitelist, only result in whitelist will be accepted| whitelist-ip 1.2.3.4/16
-|blacklist-ip|ip blacklist|None|[ip/subnet], Repeatable，When the filtering server responds IPs in the IP blacklist, The result will be discarded directly| blacklist-ip 1.2.3.4/16
-|force-AAAA-SOA|force AAAA query return SOA|no|[yes\|no]|force-AAAA-SOA yes
-|prefetch-domain|domain prefetch feature|no|[yes\|no]|prefetch-domain yes
-|dualstack-ip-selection|Dualstack ip selection|no|[yes\|no]|dualstack-ip-selection yes
-|dualstack-ip-selection-threshold|Dualstack ip select threadhold|30ms|millisecond|dualstack-ip-selection-threshold [0-1000]
-
-## FAQ
-
-1. What is the difference between SmartDNS and DNSMASQ?  
-    Smartdns is not designed to replace DNSMASQ. The main function of Smartdns is focused on DNS resolution enhancement, the difference are:  
-    * Multiple upstream server concurrent requests, after the results are measured, return the best results;
-    * `address`, `ipset` domain name matching uses efficient algorithms, query matching is faster and more efficient, and router devices are still efficient.
-    * Domain name matching supports ignoring specific domain names, and can be individually matched to IPv4, IPV6, and supports diversified customization.
-    * Enhance the ad blocking feature, return SOA record, this block ads better;
-    * IPV4, IPV6 dual stack IP optimization mechanism, in the case of dual network, choose the fastest network.
-    * Supports the latest TLS, HTTPS protocol and provides secure DNS query capabilities.
-    * DNS anti-poison mechanism, and a variety of mechanisms to avoid DNS pollution.
-    * ECS support, the query results are better and more accurate.
-    * IP blacklist support, ignoring the blacklist IP to make domain name queries better and more accurate.
-    * Domain name pre-fetch, more faster to access popular websites.
-    * Domain name TTL can be specified to make access faster.
-    * Cache mechanism to make access faster.
-    * Asynchronous log, audit log mechanism, does not affect DNS query performance while recording information.
-    * Domain group mechanism, specific domain names use specific upstream server group queries to avoid privacy leakage.
-    * The second DNS supports customizing more behavior.
-
-1. What is the best practices for upstream server configuration?  
-    Smartdns has a speed measurement mechanism. When configuring an upstream server, it is recommended to configure multiple upstream DNS servers, including servers in different regions, but the total number is recommended to be around 10. Recommended configuration
-    * Carrier DNS.
-    * Public DNS, such as `8.8.8.8`, `8.8.4.4`, `1.1.1.1`.
-
-    For specific domain names, if there is a pollution, you can enable the anti-pollution mechanism.
-
-1. How to enable the audit log  
-    The audit log records the domain name requested by the client. The record information includes the request time, the request IP address, the request domain name, and the request type. If you want to enable the audit log, configure `audit-enable yes` in the configuration file, `audit-size`, `Audit-file`, `audit-num` configure the audit log file size, the audit log file path, and the number of audit log files. The audit log file will be compressed to save space.
-
-1. How to avoid DNS privacy leaks
-    By default, smartdns will send requests to all configured DNS servers. If the upstream DNS servers record DNS logs, it will result in a DNS privacy leak. To avoid privacy leaks, try the following steps:
-    * Use trusted DNS servers.
-    * Use TLS servers.
-    * Set up an upstream DNS server group.
-
-1. How to block ads
-    Smartdns has a high-performance domain name matching algorithm. It is very efficient to filter advertisements by domain name. To block ads, you only need to configure records like the following configure. For example, if you block `*.ad.com`, configure as follows:
-
-    ```sh
-    Address /ad.com/#
-    ```
-
-    The suffix mode of the domain name, filtering *.ad.com, `#` means returning SOA record. If you want to only block IPV4 or IPV6 separately, add a number after `#`, such as `#4` is for IPV4 blocking. If you want to ignore some specific subdomains, you can configure it as follows. e.g., if you ignore `pass.ad.com`, you can configure it as follows:
-
-    ```sh
-    Address /pass.ad.com/-
-    ```
-
-1. DNS query diversion
-    In some cases, some domain names need to be queried using a specific DNS server to do DNS diversion. such as.
-
-    ```sh
-    .home -> 192.168.1.1
-    .office -> 10.0.0.1
-    ```
-
-    The domain name ending in .home is sent to 192.168.1.1 for resolving
-    The domain name ending in .office is sent to 10.0.0.1 for resolving
-    Other domain names are resolved using the default mode.
-    The diversion configuration for this case is as follows:
-
-    ```sh
-    # Upstream configuration, use -group to specify the group name, and -exclude-default-group to exclude the server from the default group.
-    Server 192.168.1.1 -group home -exclude-default-group
-    Server 10.0.0.1 -group office -exclude-default-group
-    Server 8.8.8.8
-
-    #Configure the resolved domain name with specific group
-    Nameserver /.home/home
-    Nameserver /.office/office
-    ```
-
-    You can use the above configuration to implement DNS resolution and offload. If you need to implement traffic distribution on the requesting port, you can configure the second DNS server. The bind configuration is added. The group parameter specifies the traffic distribution name.
-
-    ```sh
-    Bind :7053 -group office
-    Bind :8053 -group home
-    ```
-
-1. How to use the IPV4, IPV6 dual stack IP optimization feature  
-    At present, IPV6 network is not as fast as IPV4 in some cases. In order to get a better experience in the dual-stack network, SmartDNS provides a dual-stack IP optimization mechanism, the same domain name, and the speed of IPV4. Far faster than IPV6, then SmartDNS will block the resolution of IPV6, let the PC use IPV4, the feature is enabled by `dualstack-ip-selection yes`, `dualstack-ip-selection-threshold [time]` is for threshold. if you want to disable IPV6 AAAA record complete, please try `force-AAAA-SOA yes`.
-
-1. How to improve cache performace  
-    Smartdns provides a domain name caching mechanism to cache the queried domain name, and the caching time is in accordance with the DNS TTL specification. To increase the cache hit rate, the following configuration can be taken:
-    * Increase the number of cache records appropriately  
-    Set the number of cache records by `cache-size`.
-    In the case of a query with a high pressure environment and a machine with a large memory, it can be appropriately adjusted.
-
-    * Set the minimum TTL value as appropriate  
-    Set the minimum DNS TTL time to a appropriate value by `rr-ttl-min` to extend the cache time.
-    It is recommended that the timeout period be set to 10 to 30 minutes to avoid then invalid domain names when domain ip changes.
-
-    * Enable domain pre-acquisition  
-    Enable pre-fetching of domain names with `prefetch-domain yes` to improve query hit rate.
-    by default, Smartdns will send domain query request again before cache expire, and cache the result for the next query. Frequently accessed domain names will continue to be cached. This feature will consume more CPU when idle.
-
-1. How does the second DNS customize more behavior?
-    The second DNS can be used as the upstream of other DNS servers to provide more query behaviors. Bind configuration support can bind multiple ports. Different ports can be set with different flags to implement different functions, such as
-
-    ```sh
-    # Binding 6053 port, request for port 6053 will be configured with the upstream query of the office group, and the result will not be measured. The address configuration address is ignored.
-    bind [::]:6053 -no-speed-check -group office -no-rule-addr
-    ```
-
-## Compile
-
-smartdns contains scripts for compiling packages, supports compiling luci, debian, openwrt, opare installation packages, and can execute `package/build-pkg.sh` compilation.
-
-## [Donate](#Donate)  
-
-If you feel that this project is helpful to you, please donate to us so that the project can continue to develop and be more perfect.
-
-### PayPal
-
-[![Support via PayPal](https://cdn.rawgit.com/twolfson/paypal-github-button/1.0.0/dist/button.svg)](https://paypal.me/PengNick/)
-
-### Alipay
-
-![alipay](doc/alipay_donate.jpg)
-
-### Wechat
-  
-![wechat](doc/wechat_donate.jpg)
-
-## Open Source License
-
-Smartdns is licensed to the public under the GPL V3 License.
+# SmartDNS
+
+![SmartDNS](doc/smartdns-banner.png)  
+SmartDNS is a local DNS server. SmartDNS accepts DNS query requests from local clients, obtains DNS query results from multiple upstream DNS servers, and returns the fastest access results to clients. supports secure DNS protocols like DoT (DNS over TLS), DoH (DNS over HTTPS), better protect privacy,  
+Avoiding DNS pollution and improving network access speed, supports high-performance ad filtering.
+
+Unlike dnsmasq's all-servers, smartdns returns the fastest access resolution.
+
+Support Raspberry Pi, openwrt, ASUS router, Windows and other devices.  
+
+## Usage
+
+Please visit website: [https://pymumu.github.io/smartdns](https://pymumu.github.io/smartdns/en)
+
+## Software Show
+
+**Ali DNS**  
+Use Ali DNS to query Baidu's IP and test the results.  
+
+```shell
+pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com 223.5.5.5
+Server:         223.5.5.5
+Address:        223.5.5.5#53
+
+Non-authoritative answer:
+www.baidu.com   canonical name = www.a.shifen.com.
+Name:   www.a.shifen.com
+Address: 180.97.33.108
+Name:   www.a.shifen.com
+Address: 180.97.33.107
+
+pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.107 -c 2
+PING 180.97.33.107 (180.97.33.107) 56(84) bytes of data.
+64 bytes from 180.97.33.107: icmp_seq=1 ttl=55 time=24.3 ms
+64 bytes from 180.97.33.107: icmp_seq=2 ttl=55 time=24.2 ms
+
+--- 180.97.33.107 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 24.275/24.327/24.380/0.164 ms
+pi@raspberrypi:~/code/smartdns_build $ ping 180.97.33.108 -c 2
+PING 180.97.33.108 (180.97.33.108) 56(84) bytes of data.
+64 bytes from 180.97.33.108: icmp_seq=1 ttl=55 time=31.1 ms
+64 bytes from 180.97.33.108: icmp_seq=2 ttl=55 time=31.0 ms
+
+--- 180.97.33.108 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 31.014/31.094/31.175/0.193 ms
+```
+
+**smartdns**  
+Use SmartDNS to query Baidu IP and test the results.
+
+```shell
+pi@raspberrypi:~/code/smartdns_build $ nslookup www.baidu.com
+Server:         192.168.1.1
+Address:        192.168.1.1#53
+
+Non-authoritative answer:
+www.baidu.com   canonical name = www.a.shifen.com.
+Name:   www.a.shifen.com
+Address: 14.215.177.39
+
+pi@raspberrypi:~/code/smartdns_build $ ping 14.215.177.39 -c 2
+PING 14.215.177.39 (14.215.177.39) 56(84) bytes of data.
+64 bytes from 14.215.177.39: icmp_seq=1 ttl=56 time=6.31 ms
+64 bytes from 14.215.177.39: icmp_seq=2 ttl=56 time=5.95 ms
+
+--- 14.215.177.39 ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms
+
+```
+
+From the comparison, smartdns found the fastest IP address to visit www.baidu.com, so accessing Baidu's DNS is 5 times faster than Ali DNS.
+
+## Features
+
+1. **Multiple upstream DNS servers**  
+   Support configuring multiple upstream DNS servers and query at the same time.the query will not be affected, Even if there is a DNS server exception.  
+
+1. **Return the fastest IP address**  
+   Supports finding the fastest access IP address from the IP address list of the domain name and returning it to the client to avoid DNS pollution and improve network access speed.
+
+1. **Support for multiple query protocols**  
+   Support UDP, TCP, DOT(DNS over TLS), DOH(DNS over HTTPS) queries and service, and non-53 port queries, effectively avoiding DNS pollution and protect privacy, and support query DNS over socks5, http proxy.
+
+1. **Domain IP address specification**  
+   Support configuring IP address of specific domain to achieve the effect of advertising filtering, and avoid malicious websites.
+
+1. **Domain name high performance rule filtering**  
+   Support domain name suffix matching mode, simplify filtering configuration, filter 200,000 recording and take time <1ms.
+
+1. **Linux/Windows multi-platform support**  
+   Support standard Linux system (Raspberry Pi), openwrt system various firmware, ASUS router native firmware. Support Windows 10 WSL (Windows Subsystem for Linux).
+
+1. **Support IPV4, IPV6 dual stack**  
+   Support IPV4, IPV6 network, support query A, AAAA record, dual-stack IP selection, and filter IPV6 AAAA record.
+
+1. **DNS64**  
+   Support DNS64 translation.
+
+1. **High performance, low resource consumption**  
+   Multi-threaded asynchronous IO mode, cache cache query results.
+
+1. **DNS domain forwarding**  
+   Support DNS forwarding, ipset and nftables. Support setting the domain result to ipset and nftset set when speed check fails.
+
+## Architecture
+
+![Architecture](doc/architecture.png)
+
+1. SmartDNS receives DNS query requests from local network devices, such as PCs and mobile phone query requests.
+1. SmartDNS sends query requests to multiple upstream DNS servers, using standard UDP queries, non-standard port UDP queries, and TCP queries.
+1. The upstream DNS server returns a list of Server IP addresses corresponding to the domain name. SmartDNS detects the fastest Server IP with local network access.
+1. Return the fastest accessed Server IP to the local client.
+
+## Compile
+
+smartdns contains scripts for compiling packages, supports compiling luci, debian, openwrt, optware installation packages, and can execute `package/build-pkg.sh` compilation.
+
+## [Donate](#donate)  
+
+If you feel that this project is helpful to you, please donate to us so that the project can continue to develop and be more perfect.
+
+### PayPal
+
+[![Support via PayPal](https://cdn.rawgit.com/twolfson/paypal-github-button/1.0.0/dist/button.svg)](https://paypal.me/PengNick/)
+
+### Alipay
+
+![alipay](doc/alipay_donate.jpg)
+
+### Wechat
+  
+![wechat](doc/wechat_donate.jpg)
+
+## Open Source License
+
+Smartdns is licensed to the public under the GPL V3 License.

etc/init.d/smartdns

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -28,20 +28,23 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
 
 . /etc/default/smartdns
 SMARTDNS=/usr/sbin/smartdns
-PIDFILE=/var/run/smartdns.pid
+PIDFILE=/run/smartdns.pid
+if [ ! -d "/run" ]; then
+	PIDFILE=/var/run/smartdns.pid
+fi
 
 test -x $SMARTDNS || exit 5
 
 case $1 in
 	start)
-		$SMARTDNS $SMART_DNS_OPTS
+		$SMARTDNS "$SMART_DNS_OPTS" -R
 		while true; do
 			if [ -e "$PIDFILE" ]; then
 				break;
 			fi
 			sleep .5
 		done
-		PID="`cat $PIDFILE 2>/dev/null`"
+		PID="$(cat $PIDFILE 2>/dev/null)"
 		if [ -z "$PID" ]; then
 			echo "start smartdns server failed."
 			exit 1
@@ -57,31 +60,43 @@ case $1 in
 			echo "smartdns server is stopped."
 			exit 0
 		fi
-		PID="`cat $PIDFILE 2>/dev/null`"
+		PID="$(cat $PIDFILE 2>/dev/null)"
 		if [ ! -e "/proc/$PID" ] || [ -z "$PID" ]; then
 			echo "smartdns server is stopped"
 			exit 0
 		fi
 
-		kill -TERM $PID
+		kill -TERM "$PID"
 		if [ $? -ne 0 ]; then
 			echo "Stop smartdns server failed."
 			exit 1;
 		fi
-		rm -f $PIDFILE
+		LOOP=1
+		while true; do
+			if [ ! -d "/proc/$PID" ]; then
+				break;
+			fi
+
+			if [ $LOOP -gt 12 ]; then
+				kill -9 "$PID"
+				break;
+			fi
+			LOOP=$((LOOP+1))
+			sleep .5
+		done
 		echo "Stop smartdns server success."
 		;;
 	restart)
-		$0 stop && sleep 1 && $0 start
+		"$0" stop && "$0" start
 		;;
 	status)
-		PID="`cat $PIDFILE 2>/dev/null`"
+		PID="$(cat "$PIDFILE" 2>/dev/null)"
 		if [ ! -e "/proc/$PID" ] || [ -z "$PID" ]; then
 			echo "smartdns server is not running."
 			exit 1
 		fi
 		echo "smartdns server is running."
-		status=$?
+		status=0
 		;;
 	*)
 		echo "Usage: $0 {start|stop|restart|status}"

etc/smartdns/smartdns.conf

@@ -1,33 +1,59 @@
-# dns server name, defaut is host name
+# dns server name, default is host name
 # server-name, 
 # example:
 #   server-name smartdns
 #
 
+# whether resolv local hostname to ip address
+# resolv-hostname yes
+
+# dns server run user
+# user [username]
+# example: run as nobody
+#   user nobody
+#
+
 # Include another configuration options
 # conf-file [file]
 # conf-file blacklist-ip.conf
+# conf-file *.conf
 
 # dns server bind ip and port, default dns server port is 53, support binding multi ip and port
 # bind udp server
-#   bind [IP]:[port] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
+#   bind [IP]:[port][@device] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
 # bind tcp server
-#   bind-tcp [IP]:[port] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
+#   bind-tcp [IP]:[port][@device] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
+# bind tls server
+#   bind-tls [IP]:[port][@device] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
+#   bind-cert-key-file [path to file]
+#      tls private key file
+#   bind-cert-file [path to file]
+#      tls cert file
+#   bind-cert-key-pass [password]
+#      tls private key password
+# bind-https server
+#   bind-https [IP]:[port][@device] [-group [group]] [-no-rule-addr] [-no-rule-nameserver] [-no-rule-ipset] [-no-speed-check] [-no-cache] [-no-rule-soa] [-no-dualstack-selection]
 # option:
 #   -group: set domain request to use the appropriate server group.
 #   -no-rule-addr: skip address rule.
 #   -no-rule-nameserver: skip nameserver rule.
-#   -no-rule-ipset: skip ipset rule.
+#   -no-rule-ipset: skip ipset rule or nftset rule.
 #   -no-speed-check: do not check speed.
 #   -no-cache: skip cache.
 #   -no-rule-soa: Skip address SOA(#) rules.
 #   -no-dualstack-selection: Disable dualstack ip selection.
+#   -no-ip-alias: ignore ip alias.
+#   -force-aaaa-soa: force AAAA query return SOA.
+#   -ipset ipsetname: use ipset rule.
+#   -nftset nftsetname: use nftset rule.
 # example: 
 #  IPV4: 
 #    bind :53
+#    bind :53@eth0
 #    bind :6053 -group office -no-speed-check
 #  IPV6:
 #    bind [::]:53
+#    bind [::]:53@eth0
 #    bind-tcp [::]:53
 bind [::]:53
 
@@ -37,12 +63,35 @@ bind [::]:53
 # dns cache size
 # cache-size [number]
 #   0: for no cache
-cache-size 512
+#   -1: auto set cache size
+# cache-size 32768
+
+# enable persist cache when restart
+# cache-persist no
+
+# cache persist file
+# cache-file /tmp/smartdns.cache
+
+# cache persist time
+# cache-checkpoint-time [second]
+# cache-checkpoint-time 86400
 
 # prefetch domain
 # prefetch-domain [yes|no]
 # prefetch-domain yes
 
+# cache serve expired 
+# serve-expired [yes|no]
+# serve-expired yes
+
+# cache serve expired TTL
+# serve-expired-ttl [num]
+# serve-expired-ttl 0
+
+# reply TTL value to use when replying with expired data
+# serve-expired-reply-ttl [num]
+# serve-expired-reply-ttl 30
+
 # List of hosts that supply bogus NX domain results 
 # bogus-nxdomain [ip/subnet]
 
@@ -55,63 +104,108 @@ cache-size 512
 # List of IPs that will be ignored
 # ignore-ip [ip/subnet]
 
+# alias of IPs
+# ip-alias [ip/subnet] [ip1[,ip2]...]
+# ip-alias 192.168.0.1/24 10.9.0.1,10.9.0.2
+
 # speed check mode
 # speed-check-mode [ping|tcp:port|none|,]
 # example:
-#   speed-check-mode ping,tcp:80
+#   speed-check-mode ping,tcp:80,tcp:443
 #   speed-check-mode tcp:443,ping
 #   speed-check-mode none
 
 # force AAAA query return SOA
 # force-AAAA-SOA [yes|no]
 
+# force specific qtype return soa
+# force-qtype-SOA [qtypeid |...]
+# force-qtype-SOA [qtypeid|start_id-end_id|,...]
+# force-qtype-SOA 65 28
+# force-qtype-SOA 65,28
+force-qtype-SOA 65
+
 # Enable IPV4, IPV6 dual stack IP optimization selection strategy
 # dualstack-ip-selection-threshold [num] (0~1000)
+# dualstack-ip-allow-force-AAAA [yes|no]
 # dualstack-ip-selection [yes|no]
-# dualstack-ip-selection yes
+# dualstack-ip-selection no
 
 # edns client subnet
 # edns-client-subnet [ip/subnet]
 # edns-client-subnet 192.168.1.1/24
-# edns-client-subnet [8::8]/56
+# edns-client-subnet 8::8/56
 
 # ttl for all resource record
 # rr-ttl: ttl for all record
 # rr-ttl-min: minimum ttl for resource record
 # rr-ttl-max: maximum ttl for resource record
+# rr-ttl-reply-max: maximum reply ttl for resource record
 # example:
 # rr-ttl 300
 # rr-ttl-min 60
 # rr-ttl-max 86400
+# rr-ttl-reply-max 60
+
+# Maximum number of IPs returned to the client|8|number of IPs, 1~16
+# example:
+# max-reply-ip-num 1
+
+# response mode
+# Experimental feature
+# response-mode [first-ping|fastest-ip|fastest-response]
 
 # set log level
-# log-level: [level], level=fatal, error, warn, notice, info, debug
+# log-level: [level], level=off, fatal, error, warn, notice, info, debug
 # log-file: file path of log file.
+# log-console [yes|no]: output log to console.
 # log-size: size of each log file, support k,m,g
-# log-num: number of logs
+# log-num: number of logs, 0 means disable log
 log-level info
-# log-file /var/log/smartdns.log
+
+# log-file /var/log/smartdns/smartdns.log
 # log-size 128k
 # log-num 2
+# log-file-mode [mode]: file mode of log file.
 
 # dns audit
 # audit-enable [yes|no]: enable or disable audit.
 # audit-enable yes
-# audit-SOA [yes|no]: enable or disalbe log soa result.
+# audit-SOA [yes|no]: enable or disable log soa result.
 # audit-size size of each audit file, support k,m,g
 # audit-file /var/log/smartdns-audit.log
+# audit-console [yes|no]: output audit log to console.
+# audit-file-mode [mode]: file mode of audit file.
 # audit-size 128k
 # audit-num 2
 
+# Support reading dnsmasq dhcp file to resolve local hostname
+# dnsmasq-lease-file /var/lib/misc/dnsmasq.leases
+
+# certificate file
+# ca-file [file]
+# ca-file /etc/ssl/certs/ca-certificates.crt
+
+# certificate path
+# ca-path [path]
+# ca-path /etc/ss/certs
+
 # remote udp dns server list
-# server [IP]:[PORT] [-blacklist-ip] [-whitelist-ip] [-check-edns] [-group [group] ...] [-exclude-default-group]
+# server [IP]:[PORT]|URL [-blacklist-ip] [-whitelist-ip] [-check-edns] [-group [group] ...] [-exclude-default-group]
 # default port is 53
 #   -blacklist-ip: filter result with blacklist ip
-#   -whitelist-ip: filter result whth whitelist ip,  result in whitelist-ip will be accepted.
+#   -whitelist-ip: filter result with whitelist ip,  result in whitelist-ip will be accepted.
 #   -check-edns: result must exist edns RR, or discard result.
-#   -group [group]: set server to group, use with nameserver /domain/group.
-#   -exclude-default-group: exclude this server from default group.
+#   g|-group [group]: set server to group, use with nameserver /domain/group.
+#   e|-exclude-default-group: exclude this server from default group.
+#   p|-proxy [proxy-name]: use proxy to connect to server.
+#   b|-bootstrap-dns: set as bootstrap dns server.
+#   -set-mark: set mark on packets.
+#   -subnet [ip/subnet]: set edns client subnet.
+#   -host-ip [ip]: set dns server host ip.
 # server 8.8.8.8 -blacklist-ip -check-edns -group g1 -group g2
+# server tls://dns.google:853 
+# server https://dns.google/dns-query
 
 # remote tcp dns server list
 # server-tcp [IP]:[PORT] [-blacklist-ip] [-whitelist-ip] [-group [group] ...] [-exclude-default-group]
@@ -121,8 +215,11 @@ log-level info
 # remote tls dns server list
 # server-tls [IP]:[PORT] [-blacklist-ip] [-whitelist-ip] [-spki-pin [sha256-pin]] [-group [group] ...] [-exclude-default-group]
 #   -spki-pin: TLS spki pin to verify.
-#   -tls-host-check: cert hostname to verify.
-#   -hostname: TLS sni hostname.
+#   -tls-host-verify: cert hostname to verify.
+#   -host-name: TLS sni hostname.
+#   k|-no-check-certificate: no check certificate.
+#   p|-proxy [proxy-name]: use proxy to connect to server.
+#   -bootstrap-dns: set as bootstrap dns server.
 # Get SPKI with this command:
 #    echo | openssl s_client -connect '[ip]:853' | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
 # default port is 853
@@ -132,23 +229,51 @@ log-level info
 # remote https dns server list
 # server-https https://[host]:[port]/path [-blacklist-ip] [-whitelist-ip] [-spki-pin [sha256-pin]] [-group [group] ...] [-exclude-default-group]
 #   -spki-pin: TLS spki pin to verify.
-#   -tls-host-check: cert hostname to verify.
-#   -hostname: TLS sni hostname.
+#   -tls-host-verify: cert hostname to verify.
+#   -host-name: TLS sni hostname.
 #   -http-host: http host.
+#   k|-no-check-certificate: no check certificate.
+#   p|-proxy [proxy-name]: use proxy to connect to server.
+#   -bootstrap-dns: set as bootstrap dns server.
 # default port is 443
 # server-https https://cloudflare-dns.com/dns-query
 
+# socks5 and http proxy list
+# proxy-server URL -name [proxy name]
+#   URL: socks5://[username:password@]host:port
+#        http://[username:password@]host:port
+#   -name: proxy name, use with server -proxy [proxy-name]
+# example:
+#   proxy-server socks5://user:pass@1.2.3.4:1080 -name proxy
+#   proxy-server http://user:pass@1.2.3.4:3128 -name proxy
+
 # specific nameserver to domain
 # nameserver /domain/[group|-]
 # nameserver /www.example.com/office, Set the domain name to use the appropriate server group.
 # nameserver /www.example.com/-, ignore this domain
 
+# expand ptr record from address record
+# expand-ptr-from-address yes
+
 # specific address to domain
-# address /domain/[ip|-|-4|-6|#|#4|#6]
+# address /domain/[ip1,ip2|-|-4|-6|#|#4|#6]
 # address /www.example.com/1.2.3.4, return ip 1.2.3.4 to client
+# address /www.example.com/1.2.3.4,5.6.7.8, return multiple ip addresses
 # address /www.example.com/-, ignore address, query from upstream, suffix 4, for ipv4, 6 for ipv6, none for all
 # address /www.example.com/#, return SOA to client, suffix 4, for ipv4, 6 for ipv6, none for all
 
+# specific cname to domain
+# cname /domain/target
+
+# add srv record, support multiple srv record.
+# srv-record /domain/[target][,port][,priority][,weight]
+# srv-record /_ldap._tcp.example.com/ldapserver.example.com,389
+# srv-record /_ldap._tcp.example.com/
+
+# enalbe DNS64 feature
+# dns64 [ip/subnet]
+# dns64 64:ff9b::/96
+
 # enable ipset timeout by ttl feature
 # ipset-timeout [yes]
 
@@ -156,3 +281,83 @@ log-level info
 # ipset /domain/[ipset|-]
 # ipset /www.example.com/block, set ipset with ipset name of block 
 # ipset /www.example.com/-, ignore this domain
+
+# add to ipset when ping is unreachable
+# ipset-no-speed ipsetname
+# ipset-no-speed pass
+
+# enable nftset timeout by ttl feature
+# nftset-timeout [yes|no]
+# nftset-timeout yes
+
+# add to nftset when ping is unreachable
+# nftset-no-speed [#4:ip#table#set,#6:ipv6#table#setv6]
+# nftset-no-speed #4:ip#table#set
+
+# enable nftset debug, check nftset setting result, output log when error.
+# nftset-debug [yes|no]
+# nftset-debug yes
+
+# specific nftset to domain
+# nftset /domain/[#4:ip#table#set,#6:ipv6#table#setv6]
+# nftset /www.example.com/ip#table#set, equivalent to 'nft add element ip table set { ... }'
+# nftset /www.example.com/-, ignore this domain
+# nftset /www.example.com/#6:-, ignore ipv6
+
+# set ddns domain
+# ddns-domain domain
+
+# lookup local network hostname or ip address from mdns
+# mdns-lookup [yes|no]
+# mdns-lookup no
+
+# set domain rules
+# domain-rules /domain/ [-speed-check-mode [...]]
+# rules:
+#   [-c] -speed-check-mode [mode]: speed check mode
+#                             speed-check-mode [ping|tcp:port|none|,]
+#   [-a] -address [address|-]: same as address option
+#   [-n] -nameserver [group|-]: same as nameserver option
+#   [-p] -ipset [ipset|-]: same as ipset option
+#   [-t] -nftset [nftset|-]: same as nftset option
+#   [-d] -dualstack-ip-selection [yes|no]: same as dualstack-ip-selection option
+#   -no-serve-expired: ignore expired domain
+#   -delete: delete domain rule
+#   -no-ip-alias: ignore ip alias
+#   -no-cache: ignore cache
+
+# collection of domains 
+# the domain-set can be used with /domain/ for address, nameserver, ipset, etc.
+# domain-set -name [set-name] -type list -file [/path/to/file]
+#   [-n] -name [set name]: domain set name
+#   [-t] -type [list]: domain set type, list only now
+#   [-f] -file [path/to/set]: file path of domain set
+# 
+# example:
+# domain-set -name domain-list -type list -file /etc/smartdns/domain-list.conf
+# address /domain-set:domain-list/1.2.3.4
+# nameserver /domain-set:domain-list/server-group
+# ipset /domain-set:domain-list/ipset
+# domain-rules /domain-set:domain-list/ -speed-check-mode ping
+
+# set ip rules
+# ip-rules ip-cidrs [-ip-alias [...]]
+# rules:
+#   [-c] -ip-alias [ip1,ip2]: same as ip-alias option
+#   [-a] -whitelist-ip: same as whitelist-ip option
+#   [-n] -blacklist-ip: same as blacklist-ip option
+#   [-p] -bogus-nxdomain: same as bogus-nxdomain option
+#   [-t] -ignore-ip: same as ignore-ip option
+
+# collection of IPs 
+# the ip-set can be used with /ip-cidr/ for ip-alias, ignore-ip, etc.
+# ip-set -name [set-name] -type list -file [/path/to/file]
+#   [-n] -name [set name]: ip set name
+#   [-t] -type [list]: ip set type, list only now
+#   [-f] -file [path/to/set]: file path of ip set
+# 
+# example:
+# ip-set -name ip-list -file /etc/smartdns/ip-list.conf
+# bogus-nxdomain ip-set:ip-list
+# ip-alias ip-set:ip-list 1.2.3.4
+# ip-alias ip-set:ip-list ip-set:ip-map-list

package/build-pkg.sh

@@ -13,8 +13,8 @@ showhelp()
 {
 	echo "Usage: $0 [OPTION]"
 	echo "Options:"
-	echo " --platform [luci|debian|openwrt|optware|linux]    build for platform. "
-	echo " --arch [all|armhf|arm64|x86_64|...]               build for architecture, e.g. "
+	echo " --platform [luci|luci-compat|debian|openwrt|optware|linux]    build for platform. "
+	echo " --arch [all|armhf|arm64|x86-64|...]               build for architecture, e.g. "
 	echo " --cross-tool [cross-tool]                         cross compiler, e.g. mips-openwrt-linux-"
 	echo ""
 	echo "Advance Options:"
@@ -26,8 +26,10 @@ showhelp()
 	echo "Example:"
 	echo " build luci:"
 	echo "   $0 --platform luci"
+	echo " build luci:"
+	echo "   $0 --platform luci-compat"
 	echo " build debian:"
-	echo "   $0 --platform debian --arch x86_64"
+	echo "   $0 --platform debian --arch x86-64"
 	echo " build raspbian pi:"
 	echo "   $0 --platform debian --arch armhf"
 	echo " build optware mips:"
@@ -35,14 +37,14 @@ showhelp()
 	echo " build openwrt mips:"
 	echo "   $0 --platform openwrt --arch mips_24kc"
 	echo " build generic linux:"
-	echo "   $0 --platform linux --arch x86_64"
+	echo "   $0 --platform linux --arch x86-64"
 }
 
 build_smartdns()
 {
 	if [ "$PLATFORM" != "luci" ]; then
-		make -C $CODE_DIR/src clean 
-		make -C $CODE_DIR/src all -j8 VER=$VER $MAKE_ARGS
+		make -C $CODE_DIR clean $MAKE_ARGS
+		make -C $CODE_DIR all -j8 VER=$VER $MAKE_ARGS
 		if [ $? -ne 0 ]; then
 			echo "make smartdns failed"
 			exit 1
@@ -79,7 +81,7 @@ build()
 
 main()
 {
-	OPTS=`getopt -o o:h --long arch:,filearch:,ver:,platform:,cross-tool:,static,only-package,outputdir: \
+	OPTS=`getopt -o o:h --long arch:,filearch:,ver:,platform:,cross-tool:,with-nftables,static,only-package,outputdir: \
 		-n  "" -- "$@"`
 
 	if [ "$#" -le "1" ]; then

package/debian/DEBIAN/changelog

@@ -1,4 +1,4 @@
-smartdns (1.2018.7.9) stable; urgency=low
+smartdns (1:1.2022.04.05) stable; urgency=low
 
   * Initial build
 

package/debian/make.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -43,7 +43,9 @@ build()
 	mkdir $ROOT/etc/default/ -p
 	mkdir $ROOT/lib/systemd/system/ -p
 
-	sed -i "s/Version:.*/Version: $VER/" $ROOT/DEBIAN/control
+
+	pkgver=$(echo ${VER}| sed 's/^1\.//g')
+	sed -i "s/Version:.*/Version: ${pkgver}/" $ROOT/DEBIAN/control
 	sed -i "s/Architecture:.*/Architecture: $ARCH/" $ROOT/DEBIAN/control
 	chmod 0755 $ROOT/DEBIAN/prerm
 

package/linux/install

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -65,9 +65,31 @@ clean_service()
 
 get_systemd_path()
 {
-	service="`systemctl --no-legend| grep .service | head -n 1 | awk '{print $1}'`"
-	SERVICE_PATH="`systemctl show $service | grep FragmentPath | awk -F'=' '{print $2}'`"
-	dirname $SERVICE_PATH
+	service="`systemctl --no-legend| grep '\.service' | head -n 1 | awk '{print $1}' 2>/dev/null`"
+	SERVICE_PATH="`systemctl show $service | grep FragmentPath | awk -F'=' '{print $2}' 2>/dev/null`"
+	if [ ! -z "$SERVICE_PATH" ]; then
+		SERVICE_PATH="`dirname $SERVICE_PATH 2>/dev/null`"
+		if [ -d "$SERVICE_PATH" ]; then
+			echo "$SERVICE_PATH"
+			return 0
+		fi 
+	fi
+
+	SERVICE_PATH="`pkg-config systemd --variable=systemdsystemunitdir 2>/dev/null`"
+	if [ ! -z "$SERVICE_PATH" ]; then
+		if [ -d "$SERVICE_PATH" ]; then
+			echo "$SERVICE_PATH"
+			return 0
+		fi 
+	fi
+
+	SERVICE_PATH="/lib/systemd/system"
+	if [ -d "$SERVICE_PATH" ]; then
+		echo "$SERVICE_PATH"
+		return 0
+	fi
+
+	return 1
 }
 
 install_files()
@@ -77,14 +99,18 @@ install_files()
 		return 1
 	fi
 
-	install -v -m 0755 -t $PREFIX/usr/sbin src/smartdns
+	install -v -m 0755 -t $PREFIX/usr/sbin usr/sbin/smartdns
 	if [ $? -ne 0 ]; then
 		return 1
 	fi
 
-	install -v -m 0640 -t  $PREFIX$SMARTDNS_CONF_DIR etc/smartdns/smartdns.conf
-	if [ $? -ne 0 ]; then
-		return 1
+	if [ -e "$PREFIX$SMARTDNS_CONF_DIR/smartdns.conf" ]; then
+		cp etc/smartdns/smartdns.conf $PREFIX$SMARTDNS_CONF_DIR/smartdns.conf.pkg
+	else 
+		install -v -m 0640 -t  $PREFIX$SMARTDNS_CONF_DIR etc/smartdns/smartdns.conf
+		if [ $? -ne 0 ]; then
+			return 1
+		fi
 	fi
 
 	install -v -m 0640 -t  $PREFIX/etc/default etc/default/smartdns
@@ -102,6 +128,7 @@ install_files()
 	if [ $ISSYSTEMD -eq 0 ]; then
 		SYSTEM_UNIT_PATH="`get_systemd_path`"
 		if [ -z "$SYSTEM_UNIT_PATH" ]; then
+			echo "cannot find systemd path"
 			return 1
 		fi
 		install -v -m 0644 -t $PREFIX$SYSTEM_UNIT_PATH systemd/smartdns.service 
@@ -118,7 +145,6 @@ uninstall_smartdns()
 	if [ -z "$PREFIX" ]; then
 		stop_service 2>/dev/null
 	fi	
-	rm -f $PREFIX$SMARTDNS_CONF_DIR/smartdns.conf
 	rmdir $PREFIX$SMARTDNS_CONF_DIR 2>/dev/null
 	rm -f $PREFIX/usr/sbin/smartdns
 	rm -f $PREFIX/etc/default/smartdns
@@ -184,7 +210,7 @@ init_dir()
 	which systemctl >/dev/null 2>&1
 	ISSYSTEMD="$?"
 	# Running under WSL (Windows Subsystem for Linux)?
-	cat /proc/version | grep Microsoft >/dev/null 2>&1; 
+	cat /proc/version | grep -E '[Mm]icrosoft' >/dev/null 2>&1; 
 	if [ $? -eq 0 ]; then
 		ISSYSTEMD=1
 		ISWSL=0

package/linux/make.sh

@@ -23,12 +23,17 @@ build()
 	cd $PKG_ROOT/
 
 	# Generic x86_64
-	mkdir $PKG_ROOT/smartdns/src -p
+	mkdir $PKG_ROOT/smartdns/usr/sbin -p
 	mkdir $PKG_ROOT/smartdns/package -p
+	mkdir $PKG_ROOT/smartdns/systemd -p 
+	
 	cd $SMARTDNS_DIR
 	cp package/windows $PKG_ROOT/smartdns/package/ -a
-	cp etc systemd *.md LICENSE install $PKG_ROOT/smartdns/ -a
-	cp src/smartdns $PKG_ROOT/smartdns/src -a
+	cp etc *.md LICENSE package/linux/install $PKG_ROOT/smartdns/ -a
+	cp systemd/smartdns.service $PKG_ROOT/smartdns/systemd
+	cp src/smartdns $PKG_ROOT/smartdns/usr/sbin -a
+	chmod +x $PKG_ROOT/smartdns/install
+
 	if [ $? -ne 0 ]; then
 		echo "copy smartdns file failed"
 		rm -fr $PKG_ROOT

package/luci-compat/control/control

@@ -0,0 +1,7 @@
+Package: luci-app-smartdns
+Version: git-18.201.27126-7bf0367-1
+Depends: libc, smartdns
+Source: feeds/luci/applications/luci-app-smartdns
+Section: luci
+Architecture: all
+Description:  A smartdns server

package/luci-compat/control/postinst

@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+#
+# smartdns is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# smartdns is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+[ "${IPKG_NO_SCRIPT}" = "1" ] && exit 0
+[ -x ${IPKG_INSTROOT}/lib/functions.sh ] || exit 0
+. ${IPKG_INSTROOT}/lib/functions.sh
+default_postinst $0 $@

package/luci-compat/control/postinst-pkg

@@ -0,0 +1,4 @@
+[ -n "${IPKG_INSTROOT}" ] || {
+	(. /etc/uci-defaults/50_luci-smartdns) && rm -f /etc/uci-defaults/50_luci-smartdns
+	exit 0
+}

package/luci-compat/control/prerm

@@ -0,0 +1,20 @@
+#!/bin/sh
+#
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+#
+# smartdns is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# smartdns is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+[ -x ${IPKG_INSTROOT}/lib/functions.sh ] || exit 0
+. ${IPKG_INSTROOT}/lib/functions.sh
+default_prerm $0 $@

package/luci-compat/debian-binary

@@ -0,0 +1 @@
+2.0

package/luci-compat/files/etc/uci-defaults/50_luci-smartdns

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/luci-compat/files/luci/controller/smartdns.lua

@@ -1,5 +1,5 @@
 --
--- Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+-- Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 --
 -- smartdns is free software: you can redistribute it and/or modify
 -- it under the terms of the GNU General Public License as published by
@@ -38,46 +38,20 @@ end
 function act_status()
 	local e={}
 	local ipv6_server;
-	local redirect_mode="none";
-
-	e.ipv6_works = 2;
-	e.ipv4_works = 2;
-	e.ipv6_server = 1;
-	e.dnsmasq_forward = 0;
-	redirect_mode = smartdns.get_config_option("smartdns", "smartdns", "redirect", nil);
-	if redirect_mode == "redirect" then
-		e.redirect = 1
-	elseif redirect_mode == "dnsmasq-upstream" then
-		e.redirect = 2
-	else
-		e.redirect = 0
-	end
-
+	local dnsmasq_server = smartdns.get_config_option("dhcp", "dnsmasq", "server", {nil})[1]
+	local auto_set_dnsmasq = smartdns.get_config_option("smartdns", "smartdns", "auto_set_dnsmasq", nil);
+	
+	e.auto_set_dnsmasq = auto_set_dnsmasq
+	e.dnsmasq_server = dnsmasq_server
 	e.local_port = smartdns.get_config_option("smartdns", "smartdns", "port", nil);
-	ipv6_server = smartdns.get_config_option("smartdns", "smartdns", "ipv6_server", nil);
-	if e.redirect == 1 then 
-		if e.local_port ~= nil and e.local_port ~= "53" then
-			e.ipv4_works = luci.sys.call("iptables -t nat -nL PREROUTING 2>/dev/null | grep REDIRECT | grep dpt:53 | grep %q >/dev/null 2>&1" % e.local_port) == 0
-			if ipv6_server == "1" then
-				e.ipv6_works = luci.sys.call("ip6tables -t nat -nL PREROUTING 2>/dev/null| grep REDIRECT | grep dpt:53 | grep %q >/dev/null 2>&1" % e.local_port) == 0
-			else 
-				e.ipv6_works = 2
-			end
-		else
-			e.redirect = 0
-		end
-	elseif e.redirect == 2 then
+	if e.local_port ~= nil and e.local_port ~= "53" and auto_set_dnsmasq ~= nil and auto_set_dnsmasq == "1" then
 		local str;
-		local dnsmasq_server = luci.sys.exec("uci get dhcp.@dnsmasq[0].server")
-		if e.local_port ~= nil then
-			str = "127.0.0.1#" .. e.local_port 
-			if  string.sub(dnsmasq_server,1,string.len(str)) == str then 
-				e.dnsmasq_forward = 1
-			end
+		str = "127.0.0.1#" .. e.local_port 
+		if dnsmasq_server ~= str then
+			e.dnsmasq_redirect_failure = 1
 		end
 	end
 	e.running = is_running()
-
 	luci.http.prepare_content("application/json")
 	luci.http.write_json(e)
 end

package/luci-compat/files/luci/i18n/smartdns.zh-cn.po

@@ -0,0 +1,729 @@
+
+msgid "Additional Args for upstream dns servers"
+msgstr "额外的上游 DNS 服务器参数"
+
+msgid ""
+"Additional Flags for rules, read help on domain-rule for more information."
+msgstr "额外的规则标识，具体参考domain-rule的帮助说明。"
+
+msgid "Additional Rule Flag"
+msgstr "额外规则标识"
+
+msgid "Additional Server Args"
+msgstr "额外的服务器参数"
+
+msgid "Additional server args, refer to the help description of the bind option."
+msgstr "额外的服务器参数，参考bind选项的帮助说明。"
+
+msgid "Advanced Settings"
+msgstr "高级设置"
+
+msgid ""
+"Attempts to serve old responses from cache with a TTL of 0 in the response "
+"without waiting for the actual resolution to finish."
+msgstr "查询性能优化，有请求时尝试回应TTL为0的过期记录，以避免查询等待。"
+
+msgid "Automatically Set Dnsmasq"
+msgstr "自动设置Dnsmasq"
+
+msgid "Automatically set as upstream of dnsmasq when port changes."
+msgstr "端口更改时自动设为 dnsmasq 的上游。"
+
+msgid "Bind Device"
+msgstr "绑定到设备"
+
+msgid "Bind Device Name"
+msgstr "绑定的设备名称"
+
+msgid "Block domain"
+msgstr "屏蔽域名"
+
+msgid "Block domain."
+msgstr "屏蔽域名。"
+
+msgid "Cache Persist"
+msgstr "持久化缓存"
+
+msgid "Cache Size"
+msgstr "缓存大小"
+
+msgid "Collecting data ..."
+msgstr "正在收集数据..."
+
+msgid ""
+"Configure IP blacklists that will be filtered from the results of specific "
+"DNS server."
+msgstr "配置需要从指定域名服务器结果过滤的IP黑名单。"
+
+msgid "Configure block domain list."
+msgstr "配置屏蔽域名列表"
+
+msgid "Configure domain rule list."
+msgstr "配置域名规则列表"
+
+msgid "Configure forwarding domain name list."
+msgstr "配置分流域名列表"
+
+msgid "Custom Settings"
+msgstr "自定义设置"
+
+msgid "DOH Server"
+msgstr "DOH服务器"
+
+msgid "DOH Server Port"
+msgstr "DOH服务器端口"
+
+msgid "DOT Server"
+msgstr "DOT服务器"
+
+msgid "DOT Server Port"
+msgstr "DOT服务器端口"
+
+msgid "DNS Block Setting"
+msgstr "域名屏蔽设置"
+
+msgid "DNS Forwarding Setting"
+msgstr "域名分流设置"
+
+msgid "DNS Server Name"
+msgstr "DNS服务器名称"
+
+msgid "DNS Server group"
+msgstr "服务器组"
+
+msgid "DNS Server group belongs to, such as office, home."
+msgstr "设置服务器组，例如office，home"
+
+msgid "DNS Server ip"
+msgstr "DNS服务器IP"
+
+msgid "DNS Server port"
+msgstr "DNS服务器端口"
+
+msgid "DNS Server type"
+msgstr "协议类型"
+
+msgid "DNS domain result cache size"
+msgstr "缓存DNS的结果，缓存大小，配置零则不缓存。"
+
+msgid "DNS64"
+msgstr "DNS64"
+
+msgid "DNS64 Server Settings"
+msgstr "DNS64服务器配置"
+
+msgid "default"
+msgstr "默认"
+
+msgid "Description"
+msgstr "描述"
+
+msgid "Dnsmasq Forwarded To Smartdns Failure"
+msgstr "重定向dnsmasq到smartdns失败"
+
+msgid "Do not check certificate."
+msgstr "不校验证书的合法性。"
+
+msgid "Do not check speed."
+msgstr "禁用测速。"
+
+msgid "Domain Address"
+msgstr "域名地址"
+
+msgid "Domain List"
+msgstr "域名列表"
+
+msgid "Domain List File"
+msgstr "域名列表文件"
+
+msgid "Domain Rule List"
+msgstr "域名规则列表"
+
+msgid "Domain Rule Name"
+msgstr "域名规则名称"
+
+msgid "Domain Rules"
+msgstr "域名规则"
+
+msgid "Domain Rules Settings"
+msgstr "域名规则设置"
+
+msgid "Domain TTL"
+msgstr "域名TTL"
+
+msgid "Domain TTL Max"
+msgstr "域名TTL最大值"
+
+msgid "Domain TTL Min"
+msgstr "域名TTL最小值"
+
+msgid "Domain prefetch"
+msgstr "域名预加载"
+
+msgid "Donate"
+msgstr "捐助"
+
+msgid "Donate to smartdns"
+msgstr "捐助smartdns项目"
+
+msgid "Download Files"
+msgstr "下载文件"
+
+msgid "Download Files Setting"
+msgstr "下载文件设置"
+
+msgid ""
+"Download domain list files for domain-rule and include config files, please "
+"refresh the page after download to take effect."
+msgstr ""
+"下载域名规则所需要的域名列表文件和smartdns配置文件，下载完成后刷新页面。"
+
+msgid "Dual-stack IP Selection"
+msgstr "双栈IP优选"
+
+msgid "Enable"
+msgstr "启用"
+
+msgid "Enable Auto Update"
+msgstr "启用自动更新"
+
+msgid "Enable IP selection between IPV4 and IPV6"
+msgstr "启用 IPV4 和 IPV6 间的 IP 优选策略。"
+
+msgid "Enable IPV6 DNS Server"
+msgstr "启用IPV6服务器。"
+
+msgid "Enable TCP DNS Server"
+msgstr "启用TCP服务器。"
+
+msgid "Enable daily(week) auto update."
+msgstr "启用每天（每周）自动更新。"
+
+msgid "Enable DOH DNS Server"
+msgstr "启用DOH服务器。"
+
+msgid "Enable DOT DNS Server"
+msgstr "启用DOT服务器。"
+
+msgid "Update Time (Every Week)"
+msgstr "更新时间(每周)"
+
+msgid "Every Day"
+msgstr "每天"
+
+msgid "Every Monday"
+msgstr "每周一"
+
+msgid "Every Tuesday"
+msgstr "每周二"
+
+msgid "Every Wednesday"
+msgstr "每周三"
+
+msgid "Every Thursday"
+msgstr "每周四"
+
+msgid "Every Friday"
+msgstr "每周五"
+
+msgid "Every Saturday"
+msgstr "每周六"
+
+msgid "Every Sunday"
+msgstr "每周日"
+
+msgid "Update Time (Every Day)"
+msgstr "更新时间(每天)"
+
+msgid "Enable domain prefetch, accelerate domain response speed."
+msgstr "启用域名预加载，加速域名响应速度。"
+
+msgid "Enable or disable second DNS server."
+msgstr "是否启用第二DNS服务器。"
+
+msgid "Enable or disable smartdns server"
+msgstr "启用或禁用SmartDNS服务"
+
+msgid "Exclude DNS Server from default group."
+msgstr "从default默认服务器组中排除。"
+
+msgid "Exclude Default Group"
+msgstr "从默认组中排除"
+
+msgid "Fastest IP"
+msgstr "最快IP"
+
+msgid "Fastest Response"
+msgstr "最快响应"
+
+msgid "File Name"
+msgstr "文件名"
+
+msgid "File Type"
+msgstr "文件类型"
+
+msgid "Filtering IP with blacklist"
+msgstr "使用IP黑名单过滤"
+
+msgid "First Ping"
+msgstr "最快PING"
+
+msgid "Force AAAA SOA"
+msgstr "停用IPV6地址解析"
+
+msgid "Force AAAA SOA."
+msgstr "停用IPV6地址解析。"
+
+msgid "Force HTTPS SOA"
+msgstr "停用HTTPS地址解析"
+
+msgid "Force HTTPS SOA."
+msgstr "停用HTTPS地址解析。"
+
+msgid "General Settings"
+msgstr "常规设置"
+
+msgid "Generate Coredump"
+msgstr "生成coredump"
+
+msgid ""
+"Generate Coredump file when smartdns crash, coredump file is located at /tmp/"
+"smartdns.xxx.core."
+msgstr ""
+"当smartdns异常时生成coredump文件，coredump文件在/tmp/smartdns.xxx.core."
+
+msgid "Grant access to LuCI app smartdns"
+msgstr "授予访问 LuCI 应用 smartdns 的权限"
+
+msgid "HTTP Host"
+msgstr "HTTP主机"
+
+msgid "IP Blacklist"
+msgstr "IP黑名单"
+
+msgid "IP Blacklist Filtering"
+msgstr "IP黑名单过滤"
+
+msgid "IPV6 Server"
+msgstr "IPV6服务器"
+
+msgid "IPset Name"
+msgstr "IPset名称"
+
+msgid "IPset name."
+msgstr "IPset名称。"
+
+msgid "If you like this software, please buy me a cup of coffee."
+msgstr "如果本软件对你有帮助，请给作者加个蛋。"
+
+msgid "Include Config Files<br>/etc/smartdns/conf.d"
+msgstr "包含配置文件<br>/etc/smartdns/conf.d"
+
+msgid ""
+"Include other config files from /etc/smartdns/conf.d or custom path, can be "
+"downloaded from the download page."
+msgstr ""
+"包含配置文件，路径为/etc/smartdns/conf.d，或自定义配置文件路径，可以从下载页"
+"配置自动下载。面配置自动下载。"
+
+msgid "Ipset name, Add domain result to ipset when speed check fails."
+msgstr "IPset名称，当测速失败时，将查询到的结果添加到对应的IPSet集合中。"
+
+msgid "List of files to download."
+msgstr "下载文件列表。"
+
+msgid "Listen only on the specified interfaces."
+msgstr "监听在指定的设备上，避免非本地网络的DNS查询请求。"
+
+msgid "Local Port"
+msgstr "本地端口"
+
+msgid "Log Size"
+msgstr "日志大小"
+
+msgid "Log Level"
+msgstr "日志级别"
+
+msgid "Log Number"
+msgstr "日志数量"
+
+msgid "Log File"
+msgstr "日志文件路径"
+
+msgid "mDNS Lookup"
+msgstr "mDNS查询"
+
+msgid "Marking Packets"
+msgstr "数据包标记"
+
+msgid "Maximum TTL for all domain result."
+msgstr "所有域名的最大 TTL 值。"
+
+msgid "Minimum TTL for all domain result."
+msgstr "所有域名的最小 TTL 值。"
+
+msgid "NFTset Name"
+msgstr "NFTSet名称"
+
+msgid "NFTset name format error, format: [#[4|6]:[family#table#set]]"
+msgstr "NFTSet名称格式错误，格式：[#[4|6]:[family#table#set]]"
+
+msgid "NFTset name, format: [#[4|6]:[family#table#set]]"
+msgstr "NFTSet名称，格式：[#[4|6]:[family#table#set]]"
+
+msgid "NOT RUNNING"
+msgstr "未运行"
+
+msgid "Name of device name listen on."
+msgstr "绑定的设备名称。"
+
+msgid ""
+"Nftset name, Add domain result to nftset when speed check fails, format: "
+"[#[4|6]:[family#table#set]]"
+msgstr "NFTset名称，当测速失败时，将查询到的结果添加到对应的NFTSet集合中。"
+
+msgid "No"
+msgstr "否"
+
+msgid "No Speed IPset Name"
+msgstr "无速度时IPSet名称"
+
+msgid "No Speed NFTset Name"
+msgstr "无速度时NFTSet名称"
+
+msgid "No check certificate"
+msgstr "停用证书校验"
+
+msgid "None"
+msgstr "无"
+
+msgid "Only socks5 proxy support udp server."
+msgstr "仅SOCKS5代理支持UDP服务器。"
+
+msgid "Please set proxy server first."
+msgstr "请先设置代理服务器。"
+
+msgid "Proxy Server"
+msgstr "代理服务器"
+
+msgid "Proxy Server Settings"
+msgstr "代理服务器设置"
+
+msgid "Proxy Server URL, format: [socks5|http]://user:pass@ip:port."
+msgstr "代理服务器地址，格式：[socks5|http]://user:pass@ip:port。"
+
+msgid ""
+"Proxy server URL format error, format: [socks5|http]://user:pass@ip:port."
+msgstr "代理服务器地址格式错误，格式：[socks5|http]://user:pass@ip:port。"
+
+msgid "Query DNS through specific dns server group, such as office, home."
+msgstr "使用指定服务器组查询，比如office, home。"
+
+msgid "RUNNING"
+msgstr "运行中"
+
+msgid "Reply Domain TTL Max"
+msgstr "回应的域名TTL最大值"
+
+msgid "Reply maximum TTL for all domain result."
+msgstr "设置返回给客户端的域名TTL最大值。"
+
+msgid "Report bugs"
+msgstr "报告BUG"
+
+msgid "Resolve Local Hostnames"
+msgstr "解析本地主机名"
+
+msgid "Resolve local hostnames by reading Dnsmasq lease file."
+msgstr "读取Dnsmasq的租约文件解析本地主机名。"
+
+msgid "Resolve local network hostname via mDNS protocol."
+msgstr "使用mDNS协议解析本地网络主机名。"
+
+msgid "Response Mode"
+msgstr "响应模式"
+
+msgid "Restart"
+msgstr "重启"
+
+msgid "Restart Service"
+msgstr "重启服务"
+
+msgid "Second Server Settings"
+msgstr "第二DNS服务器"
+
+msgid "Server certificate file path."
+msgstr "服务器证书文件路径。"
+
+msgid "Server certificate key file path."
+msgstr "服务器证书私钥文件路径。"
+
+msgid "Server certificate key file password."
+msgstr "服务器证书私钥文件密码。"
+
+msgid "Serve expired"
+msgstr "缓存过期服务"
+
+msgid "Server Group"
+msgstr "服务器组"
+
+msgid "Server Group %s not exists"
+msgstr "服务器组%s不存在"
+
+msgid "Server Name"
+msgstr "服务器名称"
+
+msgid "Server Cert"
+msgstr "服务器证书"
+
+msgid "Server Cert Key"
+msgstr "服务器证书私钥"
+
+msgid "Server Cert Key Pass"
+msgstr "服务器证书私钥密码"
+
+msgid "Set Specific domain ip address."
+msgstr "设置指定域名的IP地址。"
+
+msgid "Set Specific domain rule list."
+msgstr "设置指定域名的规则列表。"
+
+msgid "Set Specific ip blacklist."
+msgstr "设置指定的 IP 黑名单列表。"
+
+msgid "Set TLS hostname to verify."
+msgstr "设置校验TLS主机名。"
+
+msgid "Set mark on packets."
+msgstr "设置数据包标记。"
+
+msgid ""
+"Set the HTTP host used for the query. Use this parameter when the host of "
+"the URL address is an IP address."
+msgstr "设置查询时使用的HTTP主机，当URL地址的host是IP地址时，使用此参数。"
+
+msgid "Sets the server name indication for query. '-' for disable SNI name."
+msgstr "设置服务器SNI名称，‘-’表示禁用SNI名称。"
+
+msgid "Settings"
+msgstr "设置"
+
+msgid "Skip Address Rules"
+msgstr "跳过address规则"
+
+msgid "Skip Cache"
+msgstr "跳过cache"
+
+msgid "Skip Cache."
+msgstr "跳过cache。"
+
+msgid "Skip Dualstack Selection"
+msgstr "跳过双栈优选"
+
+msgid "Skip Dualstack Selection."
+msgstr "跳过双栈优选。"
+
+msgid "Skip Ipset Rule"
+msgstr "跳过ipset规则"
+
+msgid "Skip Nameserver Rule"
+msgstr "跳过Nameserver规则"
+
+msgid "Skip SOA Address Rule"
+msgstr "跳过address SOA(#)规则"
+
+msgid "Skip SOA address rules."
+msgstr "跳过address SOA(#)规则。"
+
+msgid "Skip Speed Check"
+msgstr "跳过测速"
+
+msgid "Skip address rules."
+msgstr "跳过address规则。"
+
+msgid "Skip ipset rules."
+msgstr "跳过ipset规则。"
+
+msgid "Skip nameserver rules."
+msgstr "跳过Nameserver规则。"
+
+msgid "SmartDNS"
+msgstr "SmartDNS"
+
+msgid "Smartdns DOH server port."
+msgstr "Smartdns DOH服务器端口号。
+
+msgid "Smartdns DOT server port."
+msgstr "Smartdns DOT服务器端口号。"
+
+msgid "SmartDNS Server"
+msgstr "SmartDNS 服务器"
+
+msgid ""
+"SmartDNS is a local high-performance DNS server, supports finding fastest "
+"IP, supports ad filtering, and supports avoiding DNS poisoning."
+msgstr "SmartDNS是一个本地高性能DNS服务器，支持返回最快IP，支持广告过滤。"
+
+msgid "SmartDNS official website"
+msgstr "SmartDNS官方网站"
+
+msgid "Smartdns local server port"
+msgstr "SmartDNS本地服务端口"
+
+msgid ""
+"Smartdns local server port, smartdns will be automatically set as main dns "
+"when the port is 53."
+msgstr ""
+"SmartDNS本地服务端口，当端口号设置为53时，smartdns将会自动配置为主dns。"
+
+msgid ""
+"Smartdns response mode, First Ping: return the first ping IP, Fastest IP: "
+"return the fastest IP, Fastest Response: return the fastest DNS response."
+msgstr ""
+"SmartDNS响应模式，最快PING： 返回最早有ping结果的IP，速度适中；最快IP： 返回"
+"最快IP，查询请求可能延长； 最快响应：返回最快响应的结果，查询请求时间短。"
+
+msgid "Smartdns server name"
+msgstr "SmartDNS的服务器名称，默认为smartdns，留空为主机名"
+
+msgid "Smartdns speed check mode."
+msgstr "SmartDNS测速模式。"
+
+msgid ""
+"Specify an IP address to return for any host in the given domains, Queries "
+"in the domains are never forwarded and always replied to with the specified "
+"IP address which may be IPv4 or IPv6."
+msgstr ""
+"配置特定域名返回特定的IP地址，域名查询将不到上游服务器请求，直接返回配置的IP"
+"地址，可用于广告屏蔽。"
+
+msgid "Speed Check Mode"
+msgstr "测速模式"
+
+msgid "Speed check mode is invalid."
+msgstr "测速模式无效。"
+
+msgid "TCP Server"
+msgstr "TCP服务器"
+
+msgid "TCP port is empty"
+msgstr "TCP端口号为空"
+
+msgid "TLS Hostname Verify"
+msgstr "校验TLS主机名"
+
+msgid "TLS SNI name"
+msgstr "TLS SNI名称"
+
+msgid "TLS SPKI Pinning"
+msgstr "TLS SPKI 指纹"
+
+msgid "TTL for all domain result."
+msgstr "设置所有域名的 TTL 值。"
+
+msgid "Technical Support"
+msgstr "技术支持"
+
+msgid "URL"
+msgstr "URL"
+
+msgid "URL format error, format: http:// or https://"
+msgstr "URL格式错误，格式：http://或https://"
+
+msgid "Update"
+msgstr "更新"
+
+msgid "Update Files"
+msgstr "更新文件"
+
+msgid "Upload Config File"
+msgstr "上传配置文件"
+
+msgid "Upload Domain List File"
+msgstr "上传域名列表文件"
+
+msgid "Upload domain list file to /etc/smartdns/domain-set"
+msgstr "上传域名列表文件到/etc/smartdns/domain-set"
+
+msgid ""
+"Upload domain list file, or configure auto download from Download File "
+"Setting page."
+msgstr "上传域名列表文件，或在下载文件设置页面设置自动下载。"
+
+msgid "Upload domain list file."
+msgstr "上传域名列表文件"
+
+msgid "Upload smartdns config file to /etc/smartdns/conf.d"
+msgstr "上传配置文件到/etc/smartdns/conf.d"
+
+msgid "Upstream DNS Server Configuration"
+msgstr "上游DNS服务器配置"
+
+msgid "Upstream Servers"
+msgstr "上游服务器"
+
+msgid ""
+"Upstream Servers, support UDP, TCP protocol. Please configure multiple DNS "
+"servers, including multiple foreign DNS servers."
+msgstr ""
+"上游 DNS 服务器，支持 UDP，TCP 协议。请配置多个上游 DNS 服务器，包括多个国内"
+"外服务器。"
+
+msgid "Use Proxy"
+msgstr "使用代理"
+
+msgid "Use proxy to connect to upstream DNS server."
+msgstr "使用代理连接上游DNS服务器。"
+
+msgid ""
+"Used to verify the validity of the TLS server, The value is Base64 encoded "
+"SPKI fingerprint, leaving blank to indicate that the validity of TLS is not "
+"verified."
+msgstr ""
+"用于校验 TLS 服务器的有效性，数值为 Base64 编码的 SPKI 指纹，留空表示不验证 "
+"TLS 的合法性。"
+
+msgid "Write cache to disk on exit and load on startup."
+msgstr "退出时保存cache到磁盘，启动时加载。"
+
+msgid "Yes"
+msgstr "是"
+
+msgid "default"
+msgstr "默认"
+
+msgid "domain list (/etc/smartdns/domain-set)"
+msgstr "域名列表（/etc/smartdns/domain-set）"
+
+msgid "https"
+msgstr "https"
+
+msgid "ip"
+msgstr "ip"
+
+msgid "ipset name format error, format: [#[4|6]:]ipsetname"
+msgstr "IPset名称格式错误，格式：[#[4|6]:]ipsetname"
+
+msgid "open website"
+msgstr "打开网站"
+
+msgid "port"
+msgstr "端口"
+
+msgid "smartdns config (/etc/smartdns/conf.d)"
+msgstr "smartdns 配置文件（/etc/smartdns/conf.d）"
+
+msgid "smartdns custom settings"
+msgstr "smartdns 自定义设置，具体配置参数参考指导"
+
+msgid "tcp"
+msgstr "tcp"
+
+msgid "tls"
+msgstr "tls"
+
+msgid "type"
+msgstr "类型"
+
+msgid "udp"
+msgstr "udp"

package/luci-compat/files/luci/model/cbi/smartdns/smartdns.lua

@@ -0,0 +1,855 @@
+--
+-- Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+--
+-- smartdns is free software: you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation, either version 3 of the License, or
+-- (at your option) any later version.
+--
+-- smartdns is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require ("nixio.fs")
+require ("luci.http")
+require ("luci.dispatcher")
+require ("nixio.fs")
+
+local uci = require "luci.model.uci".cursor()
+
+m = Map("smartdns")
+m.title	= translate("SmartDNS Server")
+m.description = translate("SmartDNS is a local high-performance DNS server, supports finding fastest IP, supports ad filtering, and supports avoiding DNS poisoning.")
+
+m:section(SimpleSection).template  = "smartdns/smartdns_status"
+
+-- Basic
+s = m:section(TypedSection, "smartdns", translate("Settings"), translate("General Settings"))
+s.anonymous = true
+
+s:tab("settings", translate("General Settings"))
+s:tab("advanced", translate('Advanced Settings'))
+s:tab("seconddns", translate("Second Server Settings"))
+s:tab("dns64", translate("DNS64 Server Settings"))
+s:tab("proxy", translate("Proxy Server Settings"))
+s:tab("custom", translate("Custom Settings"))
+
+---- Eanble
+o = s:taboption("settings", Flag, "enabled", translate("Enable"), translate("Enable or disable smartdns server"))
+o.default     = o.disabled
+o.rempty      = false
+
+---- server name
+o = s:taboption("settings", Value, "server_name", translate("Server Name"), translate("Smartdns server name"))
+o.default     = "smartdns"
+o.datatype    = "hostname"
+o.rempty      = false
+
+---- Port
+o = s:taboption("settings", Value, "port", translate("Local Port"), 
+    translate("Smartdns local server port, smartdns will be automatically set as main dns when the port is 53."))
+o.placeholder = 53
+o.default     = 53
+o.datatype    = "port"
+o.rempty      = false
+
+-- Automatically Set Dnsmasq
+o = s:taboption("settings", Flag, "auto_set_dnsmasq", translate("Automatically Set Dnsmasq"), translate("Automatically set as upstream of dnsmasq when port changes."))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- Speed check mode;
+o = s:taboption("advanced", Value, "speed_check_mode", translate("Speed Check Mode"), translate("Smartdns speed check mode."));
+o.rmempty = true;
+o.placeholder = "default";
+o.default = o.enabled;
+o:value("", translate("default"))
+o:value("ping,tcp:80,tcp:443");
+o:value("ping,tcp:443,tcp:80");
+o:value("tcp:80,tcp:443,ping");
+o:value("tcp:443,tcp:80,ping");
+o:value("none", translate("None"));
+function o.validate (section_id, value) 
+    if value == "" then
+        return value
+    end
+
+    if value == nil then
+        return nil, translate("Speed check mode is invalid.")
+    end
+
+    if value == "none" then
+        return value
+    end
+
+    local mode = value:split(",");
+    for _, v in ipairs(mode) do repeat
+        if v == "ping" then
+            break
+        end
+
+        if v == nil then
+            return nil, translate("Speed check mode is invalid.")
+        end
+        
+        local port = v:split(":");
+        if "tcp" == port[1] then
+            if tonumber(port[2]) then
+                break
+            end
+        end
+        
+        return nil, translate("Speed check mode is invalid.")
+    until true end
+
+    return value
+end
+
+---- response mode;
+o = s:taboption("advanced", ListValue, "response_mode", translate("Response Mode"), 
+    translate("Smartdns response mode, First Ping: return the first ping IP, Fastest IP: return the fastest IP, Fastest Response: return the fastest DNS response."))
+o.rmempty     = true
+o.placeholder = "default"
+o:value("", translate("default"))
+o:value("first-ping", translate("First Ping"))
+o:value("fastest-ip", translate("Fastest IP"))
+o:value("fastest-response", translate("Fastest Response"))
+
+---- Enable TCP server
+o = s:taboption("advanced", Flag, "tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- Enable DOT server;
+o = s:taboption("advanced", Flag, "tls_server", translate("DOT Server"), translate("Enable DOT DNS Server"))
+o.rmempty = false
+o.default = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+o = s:taboption("advanced", Value, "tls_server_port", translate("DOT Server Port"), translate("Smartdns DOT server port."))
+o.placeholder = 853
+o.default = 853
+o.datatype = "port"
+o.rempty = false
+o:depends('tls_server', '1')
+
+---- Enable DOH server;
+o = s:taboption("advanced", Flag, "doh_server", translate("DOH Server"), translate("Enable DOH DNS Server"))
+o.rmempty = false
+o.default = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+o = s:taboption("advanced", Value, "doh_server_port", translate("DOH Server Port"), translate("Smartdns DOH server port."))
+o.placeholder = 843
+o.default = 843
+o.datatype = "port"
+o.rempty = false
+o:depends('doh_server', '1')
+
+o = s:taboption("advanced", Value, "bind_cert", translate("Server Cert"), translate("Server certificate file path."))
+o.datatype = "string"
+o.placeholder = "/var/etc/smartdns/smartdns/smartdns-cert.pem"
+o.rempty = true
+o:depends('tls_server', '1')
+o:depends('doh_server', '1')
+
+o = s:taboption("advanced", Value, "bind_cert_key", translate("Server Cert Key"), translate("Server certificate key file path."))
+o.datatype = "string"
+o.placeholder = "/var/etc/smartdns/smartdns/smartdns-key.pem"
+o.rempty = false
+o:depends('tls_server', '1')
+o:depends('doh_server', '1')
+
+o = s:taboption("advanced", Value, "bind_cert_key_pass", translate("Server Cert Key Pass"), translate("Server certificate key file password."))
+o.datatype = "string"
+o.rempty = false
+o:depends('tls_server', '1')
+o:depends('doh_server', '1')
+
+---- Support IPV6
+o = s:taboption("advanced", Flag, "ipv6_server", translate("IPV6 Server"), translate("Enable IPV6 DNS Server"))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- bind to device;
+o = s:taboption("advanced", Flag, "bind_device", translate("Bind Device"), translate("Listen only on the specified interfaces."))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- bind device name;
+o = s:taboption("advanced", Value, "bind_device_name", translate("Bind Device Name"), translate("Name of device name listen on."))
+o.placeholder = "default"
+o.rempty      = true
+o.datatype    = "string"
+
+---- Support DualStack ip selection
+o = s:taboption("advanced", Flag, "dualstack_ip_selection", translate("Dual-stack IP Selection"), translate("Enable IP selection between IPV4 and IPV6"))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- Domain prefetch load 
+o = s:taboption("advanced", Flag, "prefetch_domain", translate("Domain prefetch"), translate("Enable domain prefetch, accelerate domain response speed."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- Domain Serve expired
+o = s:taboption("advanced", Flag, "serve_expired", translate("Serve expired"), 
+	translate("Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish."))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- cache-size
+o = s:taboption("advanced", Value, "cache_size", translate("Cache Size"), translate("DNS domain result cache size"))
+o.rempty      = true
+
+---- cache-persist;
+o = s:taboption("advanced", Flag, "cache_persist", translate("Cache Persist"), translate("Write cache to disk on exit and load on startup."))
+o.rmempty      = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+-- resolve local hostname
+o = s:taboption("advanced", Flag, "resolve_local_hostnames", translate("Resolve Local Hostnames"), translate("Resolve local hostnames by reading Dnsmasq lease file."))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+-- resolve local network hostname via mDNS
+o = s:taboption("advanced", Flag, "mdns_lookup", translate("mDNS Lookup"), translate("Resolve local network hostname via mDNS protocol."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+-- Force AAAA SOA
+o = s:taboption("advanced", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+-- Force HTTPS SOA
+o = s:taboption("advanced", Flag, "force_https_soa", translate("Force HTTPS SOA"), translate("Force HTTPS SOA."))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- Ipset no speed.
+o = s:taboption("advanced", Value, "ipset_no_speed", translate("No Speed IPset Name"), 
+    translate("Ipset name, Add domain result to ipset when speed check fails."));
+o.rmempty = true;
+o.datatype = "hostname";
+o.rempty = true;
+
+---- NFTset no speed.
+o = s:taboption("advanced", Value, "nftset_no_speed", translate("No Speed NFTset Name"), 
+    translate("Nftset name, Add domain result to nftset when speed check fails, format: [#[4|6]:[family#table#set]]"));
+o.rmempty    = true;
+o.datatype   = "string";
+o.rempty     = true;
+function o.validate(self, value) 
+    if (value == "") then
+        return value
+    end
+
+    if (value:match("#[4|6]:[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+$")) then
+        return value
+    end
+
+    return nil, translate("NFTset name format error, format: [#[4|6]:[family#table#set]]")
+end
+
+---- rr-ttl
+o = s:taboption("advanced", Value, "rr_ttl", translate("Domain TTL"), translate("TTL for all domain result."))
+o.rempty      = true
+
+---- rr-ttl-min
+o = s:taboption("advanced", Value, "rr_ttl_min", translate("Domain TTL Min"), translate("Minimum TTL for all domain result."))
+o.rempty      = true
+o.placeholder = "600"
+o.default     = 600
+o.optional    = true
+
+---- rr-ttl-max
+o = s:taboption("advanced", Value, "rr_ttl_max", translate("Domain TTL Max"), translate("Maximum TTL for all domain result."))
+o.rempty      = true
+
+---- rr-ttl-reply-max
+o = s:taboption("advanced", Value, "rr_ttl_reply_max", translate("Reply Domain TTL Max"), translate("Reply maximum TTL for all domain result."))
+o.rempty      = true
+
+o = s:taboption("advanced", DynamicList, "conf_files", translate("Include Config Files<br>/etc/smartdns/conf.d"),
+    translate("Include other config files from /etc/smartdns/conf.d or custom path, can be downloaded from the download page."));
+uci:foreach("smartdns", "download-file", function(section)
+    local filetype = section.type
+    if (filetype ~= 'config') then
+        return
+    end
+
+    o:value(section.name);
+end)
+
+---- other args
+o = s:taboption("advanced", Value, "server_flags", translate("Additional Server Args"), translate("Additional server args, refer to the help description of the bind option."))
+o.default     = ""
+o.rempty      = true
+o.optional    = true
+
+---- second dns server
+---- Eanble
+o = s:taboption("seconddns", Flag, "seconddns_enabled", translate("Enable"), translate("Enable or disable second DNS server."))
+o.default     = o.disabled
+o.rempty      = false
+
+---- Port
+o = s:taboption("seconddns", Value, "seconddns_port", translate("Local Port"), translate("Smartdns local server port"))
+o.placeholder = 6553
+o.default     = 6553
+o.datatype    = "port"
+o.rempty      = false
+
+---- Enable TCP server
+o = s:taboption("seconddns", Flag, "seconddns_tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- dns server group
+o = s:taboption("seconddns", Value, "seconddns_server_group", translate("Server Group"), translate("Query DNS through specific dns server group, such as office, home."))
+o.rmempty     = true
+o.placeholder = "default"
+o.datatype    = "hostname"
+o.rempty      = true
+
+o = s:taboption("seconddns", Flag, "seconddns_no_speed_check", translate("Skip Speed Check"), translate("Do not check speed."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- skip address rules
+o = s:taboption("seconddns", Flag, "seconddns_no_rule_addr", translate("Skip Address Rules"), translate("Skip address rules."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- skip name server rules
+o = s:taboption("seconddns", Flag, "seconddns_no_rule_nameserver", translate("Skip Nameserver Rule"), translate("Skip nameserver rules."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- skip ipset rules
+o = s:taboption("seconddns", Flag, "seconddns_no_rule_ipset", translate("Skip Ipset Rule"), translate("Skip ipset rules."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- skip soa address rule
+o = s:taboption("seconddns", Flag, "seconddns_no_rule_soa", translate("Skip SOA Address Rule"), translate("Skip SOA address rules."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+o = s:taboption("seconddns", Flag, "seconddns_no_dualstack_selection", translate("Skip Dualstack Selection"), translate("Skip Dualstack Selection."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- skip cache
+o = s:taboption("seconddns", Flag, "seconddns_no_cache", translate("Skip Cache"), translate("Skip Cache."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+---- Force AAAA SOA
+o = s:taboption("seconddns", Flag, "seconddns_force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+o = s:taboption("seconddns", Value, "seconddns_ipset_name", translate("IPset Name"), translate("IPset name."))
+o.rmempty = true
+o.datatype = "hostname"
+o.rempty = true
+
+o = s:taboption("seconddns", Value, "seconddns_nftset_name", translate("NFTset Name"), translate("NFTset name, format: [#[4|6]:[family#table#set]]"))
+o.rmempty = true
+o.datatype = "string"
+o.rempty = true
+function o.validate(self, value) 
+    if (value == "") then
+        return value
+    end
+
+    if (value:match("#[4|6]:[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+$")) then
+        return value
+    end
+
+    return nil, translate("NFTset name format error, format: [#[4|6]:[family#table#set]]")
+end
+
+---- other args
+o = s:taboption("seconddns", Value, "seconddns_server_flags", translate("Additional Server Args"),  translate("Additional server args, refer to the help description of the bind option."))
+o.default     = ""
+o.rempty      = true
+o.optional    = true
+
+----- Proxy server settings
+o = s:taboption("proxy", Value, "proxy_server", translate("Proxy Server"), translate("Proxy Server URL, format: [socks5|http]://user:pass@ip:port."));
+o.datatype = 'string';
+function o.validate(self, value)
+    if (value == "") then
+        return true
+    end
+
+    if (not value:match("^http://") and not value:match("^socks5://")) then
+        return nil, translate("Proxy server URL format error, format: [socks5|http]://user:pass@ip:port.")
+    end
+
+    return value
+end
+
+----- dns64 server settings
+o = s:taboption("dns64", Value, "dns64", translate("DNS64"));
+o.placeholder = "64:ff9b::/96"
+o.datatype = 'ip6addr'
+o.rmempty = true
+
+----- custom settings
+custom = s:taboption("custom", Value, "Custom Settings",
+	translate(""), 
+	translate("smartdns custom settings"))
+
+custom.template = "cbi/tvalue"
+custom.rows = 20
+
+function custom.cfgvalue(self, section)
+	return nixio.fs.readfile("/etc/smartdns/custom.conf")
+end
+
+function custom.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile("/etc/smartdns/custom.conf", value)
+end
+
+o = s:taboption("custom", Flag, "coredump", translate("Generate Coredump"), translate("Generate Coredump file when smartdns crash, coredump file is located at /tmp/smartdns.xxx.core."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
+o = s:taboption("custom", Value, "log_size", translate("Log Size"))
+o.rmempty = true
+o.placeholder = "default"
+
+o = s:taboption("custom", ListValue, "log_level", translate("Log Level"))
+o.rmempty     = true
+o.placeholder = "default"
+o:value("", translate("default"))
+o:value("debug")
+o:value("info")
+o:value("notice")
+o:value("warn")
+o:value("error")
+o:value("fatal")
+o:value("off")
+
+o = s:taboption("custom", Value, "log_num", translate("Log Number"))
+o.rmempty = true
+o.placeholder = "default"
+
+o = s:taboption("custom", Value, "log_file", translate("Log File"))
+o.rmempty = true
+o.placeholder = "/var/log/smartdns/smartdns.log"
+
+-- Upstream servers
+s = m:section(TypedSection, "server", translate("Upstream Servers"), translate("Upstream Servers, support UDP, TCP protocol. " ..
+	"Please configure multiple DNS servers, including multiple foreign DNS servers."))
+	
+s.anonymous = true
+s.addremove = true
+s.template = "cbi/tblsection"
+s.extedit  = luci.dispatcher.build_url("admin/services/smartdns/upstream/%s")
+
+---- enable flag
+o = s:option(Flag, "enabled", translate("Enable"), translate("Enable"))
+o.rmempty     = false
+o.default     = o.enabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "1"
+end
+
+---- name
+s:option(Value, "name", translate("DNS Server Name"), translate("DNS Server Name"))
+
+---- IP address
+o = s:option(Value, "ip", translate("ip"), translate("DNS Server ip"))
+o.datatype = "or(ipaddr, string)"
+o.rmempty = false 
+---- port
+o = s:option(Value, "port", translate("port"), translate("DNS Server port"))
+o.placeholder = "default"
+o.datatype    = "port"
+o.rempty      = true
+o:depends("type", "udp")
+o:depends("type", "tcp")
+o:depends("type", "tls")
+
+---- type
+o = s:option(ListValue, "type", translate("type"), translate("DNS Server type"))
+o.placeholder = "udp"
+o:value("udp", translate("udp"))
+o:value("tcp", translate("tcp"))
+o:value("tls", translate("tls"))
+o:value("https", translate("https"))
+o.default     = "udp"
+o.rempty      = false
+
+---- domain rules;
+s = m:section(TypedSection, "domain-rule", translate("Domain Rules"), translate("Domain Rules Settings"))
+s.anonymous = true
+s.nodescriptions = true
+
+s:tab("forwarding", translate('DNS Forwarding Setting'))
+s:tab("block", translate("DNS Block Setting"))
+s:tab("domain-address", translate("Domain Address"), translate("Set Specific domain ip address."))
+s:tab("blackip-list", translate("IP Blacklist"), translate("Set Specific ip blacklist."))
+
+---- domain forwarding;
+o = s:taboption("forwarding", Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, such as office, home."))
+o.rmempty = true
+o.placeholder = "default"
+o.datatype = "hostname"
+o.rempty = true
+uci:foreach("smartdns", "server", function(section)
+    local server_group = section.server_group
+    if server_group == nil then
+        return
+    end
+    o:value(server_group);
+end)
+
+function o.validate (section_id, value) 
+    if value == "" then
+        return value
+    end
+
+    if value == nil then
+        return nil, translate('Server Group not exists')
+    end
+
+    local exists = false
+    uci:foreach("smartdns", "server", function(section)
+        local server_group = section.server_group
+        if (exists == true) then
+            return
+        end
+
+        if (value == server_group) then
+            exists = true
+        end
+    end)
+
+    if exists == false then
+        return nil, translate('Server Group not exists')
+    end
+
+    return value;
+
+end
+
+o = s:taboption("forwarding", Flag, "no_speed_check", translate("Skip Speed Check"),
+    translate("Do not check speed."))
+o.rmempty = true
+o.default = o.disabled
+
+o = s:taboption("forwarding", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
+o.rmempty = true
+o.default = o.disabled
+
+o = s:taboption("forwarding", Value, "ipset_name", translate("IPset Name"), translate("IPset name."))
+o.rmempty = true
+o.datatype = "hostname"
+o.rempty = true
+
+o = s:taboption("forwarding", Value, "nftset_name", translate("NFTset Name"), translate("NFTset name, format: [#[4|6]:[family#table#set]]"))
+o.rmempty = true
+o.datatype = "string"
+o.rempty = true
+function o.validate(self, value) 
+    if (value == "") then
+        return value
+    end
+
+    if (value:match("#[4|6]:[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+$")) then
+        return value
+    end
+
+    return nil, translate("NFTset name format error, format: [#[4|6]:[family#table#set]]")
+end
+
+---- other args
+o = s:taboption("forwarding", Value, "addition_flag", translate("Additional Rule Flag"), translate("Additional Flags for rules, read help on domain-rule for more information."))
+o.default = ""
+o.rempty = true
+o.modalonly = true;
+
+o = s:taboption("forwarding", FileUpload, "forwarding_domain_set_file", translate("Domain List File"),
+    translate("Upload domain list file, or configure auto download from Download File Setting page."))
+o.rmempty = true
+o.datatype = "file"
+o.rempty = true
+o.editable = true
+o.root_directory = "/etc/smartdns/domain-set"
+
+o = s:taboption("forwarding", TextValue, "domain_forwarding_list",
+    translate("Domain List"), translate("Configure forwarding domain name list."))
+o.rows = 10
+o.cols = 64
+o.monospace = true
+function o.cfgvalue(self, section)
+	return nixio.fs.readfile("/etc/smartdns/domain-forwarding.list")
+end
+function o.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile("/etc/smartdns/domain-forwarding.list", value)
+end
+
+---- domain block;
+o = s:taboption("block", FileUpload, "block_domain_set_file", translate("Domain List File"), translate("Upload domain list file."))
+o.rmempty = true
+o.datatype = "file"
+o.rempty = true
+o.editable = true
+o.root_directory = "/etc/smartdns/domain-set"
+
+o = s:taboption("block", TextValue, "domain_block_list",
+    translate("Domain List"), translate("Configure block domain list."))
+o.rows = 10
+o.cols = 64
+function o.cfgvalue(self, section)
+	return nixio.fs.readfile("/etc/smartdns/domain-block.list")
+end
+function o.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile("/etc/smartdns/domain-block.list", value)
+end
+
+-- Doman addresss
+addr = s:taboption("domain-address", Value, "address",
+	translate(""), 
+	translate("Specify an IP address to return for any host in the given domains, Queries in the domains are never forwarded and always replied to with the specified IP address which may be IPv4 or IPv6."))
+
+addr.template = "cbi/tvalue"
+addr.rows = 20
+
+function addr.cfgvalue(self, section)
+	return nixio.fs.readfile("/etc/smartdns/address.conf")
+end
+
+function addr.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile("/etc/smartdns/address.conf", value)
+end
+
+-- IP Blacklist
+addr = s:taboption("blackip-list", Value, "blacklist_ip",
+	translate(""), 
+	translate("Configure IP blacklists that will be filtered from the results of specific DNS server."))
+
+addr.template = "cbi/tvalue"
+addr.rows = 20
+
+function addr.cfgvalue(self, section)
+	return nixio.fs.readfile("/etc/smartdns/blacklist-ip.conf")
+end
+
+function addr.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile("/etc/smartdns/blacklist-ip.conf", value)
+end
+
+s = m:section(TypedSection, "smartdns", translate("Download Files Setting"), translate("Download domain list files for domain-rule and include config files, please refresh the page after download to take effect."))
+s.anonymous = true
+
+---- download Files Settings
+o = s:option(Flag, "enable_auto_update", translate("Enable Auto Update"), translate("Enable daily(week) auto update."))
+o.rmempty = true
+o.default = o.disabled
+o.rempty = true
+
+o = s:option(ListValue, "auto_update_week_time", translate("Update Time (Every Week)"))
+o:value("*", translate("Every Day"))
+o:value("1", translate("Every Monday"))
+o:value("2", translate("Every Tuesday"))
+o:value("3", translate("Every Wednesday"))
+o:value("4", translate("Every Thursday"))
+o:value("5", translate("Every Friday"))
+o:value("6", translate("Every Saturday"))
+o:value("0", translate("Every Sunday"))
+o.default = "*"
+
+o = s:option(ListValue, "auto_update_day_time", translate("Update Time (Every Day)"))
+for i = 0, 23 do o:value(i, i .. ":00") end
+o.default = 5
+
+o = s:option(FileUpload, "upload_conf_file", translate("Upload Config File"),
+    translate("Upload smartdns config file to /etc/smartdns/conf.d"))
+o.rmempty = true
+o.datatype = "file"
+o.rempty = true
+o.editable = true
+o.root_directory = "/etc/smartdns/conf.d"
+
+o = s:option(FileUpload, "upload_list_file", translate("Upload Domain List File"),
+    translate("Upload domain list file to /etc/smartdns/domain-set"))
+o.rmempty = true
+o.datatype = "file"
+o.rempty = true
+o.editable = true
+o.root_directory = "/etc/smartdns/domain-set"
+
+o = s:option(Button, "_updateate")
+o.title = translate("Update Files")
+o.inputtitle = translate("Update Files")
+o.inputstyle = "apply"
+o.write = function()
+	luci.sys.call("/etc/init.d/smartdns updatefiles >/dev/null 2>&1")
+end
+
+s = m:section(TypedSection, "download-file", translate("Download Files"), translate("List of files to download."))
+s.anonymous = true
+s.addremove = true
+s.template = "cbi/tblsection"
+
+o = s:option(Value, 'name', translate('File Name'), translate('File Name'))
+o.rmempty = true
+o.datatype = 'string'
+
+o = s:option(Value, 'url', translate('URL'), translate('URL'))
+o.rmempty = true
+o.datatype = 'string'
+function o.validate(self, value, section)
+    if value == "" then
+        return nil, translate("URL format error, format: http:// or https://")
+    end
+
+    if value == nil then
+        return nil, translate("URL format error, format: http:// or https://")
+    end
+
+    if value.find(value, "http://") then
+        return value
+    end
+
+    if value.find(value, "https://") then
+        return value
+    end
+
+    return nil, translate("URL format error, format: http:// or https://")
+end
+
+o = s:option(ListValue, "type", translate("type"), translate("File Type"))
+o:value("list", translate("domain list (/etc/smartdns/domain-set)"))
+o:value("config", translate("smartdns config (/etc/smartdns/conf.d)"))
+o.default = "list"
+o.rempty = false
+
+o = s:option(Value, 'desc', translate('Description'), translate('Description'))
+o.rmempty = true
+o.datatype = 'string'
+
+-- Technical Support
+s = m:section(TypedSection, "smartdns", translate("Technical Support"), 
+	translate("If you like this software, please buy me a cup of coffee."))
+s.anonymous = true
+
+o = s:option(Button, "web")
+o.title = translate("SmartDNS official website")
+o.inputtitle = translate("open website")
+o.inputstyle = "apply"
+o.write = function()
+	luci.http.redirect("https://pymumu.github.io/smartdns")
+end
+
+o = s:option(Button, "report")
+o.title = translate("Report bugs")
+o.inputtitle = translate("Report bugs")
+o.inputstyle = "apply"
+o.write = function()
+	luci.http.redirect("https://github.com/pymumu/smartdns/issues")
+end
+
+o = s:option(Button, "Donate")
+o.title = translate("Donate to smartdns")
+o.inputtitle = translate("Donate")
+o.inputstyle = "apply"
+o.write = function()
+	luci.http.redirect("https://pymumu.github.io/smartdns/#donate")
+end
+
+o = s:option(Button, "Restart")
+o.title = translate("Restart Service")
+o.inputtitle = translate("Restart")
+o.inputstyle = "apply"
+o.write = function()
+	luci.sys.call("/etc/init.d/smartdns restart >/dev/null 2>&1")
+end
+
+return m

package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua

@@ -1,5 +1,5 @@
 --
--- Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+-- Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 --
 -- smartdns is free software: you can redistribute it and/or modify
 -- it under the terms of the GNU General Public License as published by
@@ -55,6 +55,28 @@ o:value("https", translate("https"))
 o.default     = "udp"
 o.rempty      = false
 
+---- server group
+o = s:option(Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, such as office, home."))
+o.rmempty     = true
+o.placeholder = "default"
+o.datatype    = "hostname"
+o.rempty      = true
+
+---- exclude default group
+o = s:option(Flag, "exclude_default_group", translate("Exclude Default Group"), translate("Exclude DNS Server from default group."))
+o.rmempty = true
+o.default = o.disabled
+o.editable = true
+o.modalonly = true
+
+---- blacklist_ip
+o = s:option(Flag, "blacklist_ip", translate("IP Blacklist Filtering"), translate("Filtering IP with blacklist"))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+
 ---- TLS host verify
 o = s:option(Value, "tls_host_verify", translate("TLS Hostname Verify"), translate("Set TLS hostname to verify."))
 o.default     = ""
@@ -63,6 +85,16 @@ o.rempty      = true
 o:depends("type", "tls")
 o:depends("type", "https")
 
+---- certificate verify
+o = s:option(Flag, "no_check_certificate", translate("No check certificate"), translate("Do not check certificate."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+o:depends("type", "tls")
+o:depends("type", "https")
+
 ---- SNI host name
 o = s:option(Value, "host_name", translate("TLS SNI name"), translate("Sets the server name indication for query."))
 o.default     = ""
@@ -78,21 +110,6 @@ o.datatype    = "hostname"
 o.rempty      = true
 o:depends("type", "https")
 
----- server group
-o = s:option(Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, used with nameserver, such as office, home."))
-o.rmempty     = true
-o.placeholder = "default"
-o.datatype    = "hostname"
-o.rempty      = true
-
----- blacklist_ip
-o = s:option(Flag, "blacklist_ip", translate("IP Blacklist Filtering"), translate("Filtering IP with blacklist"))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
 ---- anti-Answer-Forgery
 -- o = s:option(Flag, "check_edns", translate("Anti Answer Forgery"), translate("Anti answer forgery, if DNS does not work properly after enabling, please turn off this feature"))
 -- o.rmempty     = false
@@ -110,11 +127,32 @@ o.rempty      = true
 o:depends("type", "tls")
 o:depends("type", "https")
 
+---- mark
+o = s:option(Value, "set_mark", translate("Marking Packets"), translate("Set mark on packets."))
+o.default     = ""
+o.rempty      = true
+o.datatype    = "uinteger"
+
+---- use proxy
+o = s:option(Flag, "use_proxy", translate("Use Proxy"), translate("Use proxy to connect to upstream DNS server."))
+o.rmempty     = true
+o.default     = o.disabled
+o.cfgvalue    = function(...)
+    return Flag.cfgvalue(...) or "0"
+end
+function o.validate(self, value, section)
+    if value == "1" then
+        local proxy = m.uci:get_first("smartdns", "smartdns", "proxy_server")
+        if proxy == nil or proxy == "" then
+            return nil, translate("Please set proxy server first.")
+        end
+    end
+    return value
+end
 
 ---- other args
 o = s:option(Value, "addition_arg", translate("Additional Server Args"), translate("Additional Args for upstream dns servers"))
 o.default     = ""
 o.rempty      = true
-o.optional    = true
 
 return m

package/luci-compat/files/luci/model/smartdns.lua

@@ -1,5 +1,5 @@
 --
--- Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+-- Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 --
 -- smartdns is free software: you can redistribute it and/or modify
 -- it under the terms of the GNU General Public License as published by

package/luci-compat/files/luci/view/smartdns/smartdns_status.htm

@@ -6,22 +6,8 @@ XHR.poll(3, '<%=luci.dispatcher.build_url("admin", "services", "smartdns", "stat
 			var links = "";
 			if (data.running) {
 				links = '<b><font color=green>SmartDNS - <%:RUNNING%></font></b></em>';
-				if (data.redirect) {
-					if (data.redirect == 1) {
-						if (data.ipv4_works == 0) {
-							links += "<br></br><b><font color=red><%:IPV4 53 Port Redirect Failure%></font></b>"
-						}
-						
-						if (data.ipv6_works != 2) {
-							if (data.ipv6_works == 0) {
-								links += "<br></br><b><font color=red><%:IPV6 53 Port Redirect Failure%></font></b>"
-							}
-						}
-					} else if (data.redirect == 2) {
-						if (data.dnsmasq_forward == 0) {
-							links += "<br></br><b><font color=red><%:Dnsmasq Forwared To Smartdns Failure%></font></b>"
-						}
-					}
+				if (data.dnsmasq_redirect_failure == 1) {
+					links += "<br></br><b><font color=red><%:Dnsmasq Forwarded To Smartdns Failure%></font></b>"
 				}
 			} else {
 				links = '<b><font color=red>SmartDNS - <%:NOT RUNNING%></font></b>';

package/luci-compat/files/usr/share/rpcd/acl.d/luci-app-smartdns.json

@@ -0,0 +1,22 @@
+{
+	"luci-app-smartdns": {
+		"description": "Grant access to LuCI app smartdns",
+		"read": {
+			"file": {
+				"/etc/smartdns/*": [ "read" ]
+			},
+			"ubus": {
+				"service": [ "list" ]
+			},
+			"uci": [ "smartdns" ]
+		},
+		"write": {
+			"file": {
+				"/etc/smartdns/*": [ "write" ],
+				"/etc/init.d/smartdns restart": [ "exec" ],
+				"/etc/init.d/smartdns updatefiles": [ "exec" ]
+			},
+			"uci": [ "smartdns" ]
+		}
+	}
+}

package/luci-compat/make.sh

@@ -0,0 +1,136 @@
+#!/bin/sh
+#
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+#
+# smartdns is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# smartdns is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+CURR_DIR=$(cd $(dirname $0);pwd)
+
+VER="`date +"1.%Y.%m.%d-%H%M"`"
+SMARTDNS_DIR=$CURR_DIR/../../
+PO2LMO=
+
+showhelp()
+{
+	echo "Usage: make [OPTION]"
+	echo "Options:"
+	echo " -o               output directory."
+	echo " --arch           archtecture."
+	echo " --ver            version."
+	echo " -h               show this message."
+}
+
+build_tool()
+{
+	make -C $ROOT/tool/po2lmo -j 
+	PO2LMO="$ROOT/tool/po2lmo/src/po2lmo"
+
+}
+
+clean_tool()
+{
+	make -C $ROOT/tool/po2lmo clean
+}
+
+build()
+{
+
+	ROOT=/tmp/luci-app-smartdns
+	rm -fr $ROOT
+
+	mkdir -p $ROOT
+	cp $CURR_DIR/* $ROOT/ -af
+	cd $ROOT/
+	build_tool
+	mkdir $ROOT/root/usr/lib/lua/ -p
+	cp $ROOT/files/luci $ROOT/root/usr/lib/lua/ -af
+	cp $ROOT/files/usr $ROOT/root/ -af
+	
+	#Generate Language
+	$PO2LMO $ROOT/files/luci/i18n/smartdns.zh-cn.po $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.lmo
+	rm $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.po
+
+	cp $ROOT/files/etc $ROOT/root/ -af
+	INST_SIZE="`du -sb $ROOT/root/ | awk '{print $1}'`"
+	
+	sed -i "s/^Architecture.*/Architecture: all/g" $ROOT/control/control
+	sed -i "s/Version:.*/Version: $VER/" $ROOT/control/control
+
+	if [ ! -z "$INST_SIZE" ]; then
+		echo "Installed-Size: $INST_SIZE" >> $ROOT/control/control
+	fi
+
+	cd $ROOT/control
+	chmod +x *
+	tar zcf ../control.tar.gz ./
+	cd $ROOT
+
+	tar zcf $ROOT/data.tar.gz -C root .
+	tar zcf $OUTPUTDIR/luci-app-smartdns.$VER.$FILEARCH.ipk ./control.tar.gz ./data.tar.gz ./debian-binary
+
+	rm -fr $ROOT/
+}
+
+main()
+{
+	OPTS=`getopt -o o:h --long arch:,ver:,filearch: \
+		-n  "" -- "$@"`
+
+	if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
+
+	# Note the quotes around `$TEMP': they are essential!
+	eval set -- "$OPTS"
+
+	while true; do
+		case "$1" in
+		--arch)
+			ARCH="$2"
+			shift 2;;
+		--filearch)
+			FILEARCH="$2"
+			shift 2;;
+		--ver)
+			VER="$2"
+			shift 2;;
+		-o )
+			OUTPUTDIR="$2"
+			shift 2;;
+		-h | --help )
+			showhelp
+			return 0
+			shift ;;
+		-- ) shift; break ;;
+		* ) break ;;
+		esac
+	done
+
+	if [ -z "$ARCH" ]; then
+		echo "please input arch."
+		return 1;
+	fi
+
+	if [ -z "$FILEARCH" ]; then
+		FILEARCH=$ARCH
+	fi
+
+	if [ -z "$OUTPUTDIR" ]; then
+		OUTPUTDIR=$CURR_DIR;
+	fi
+
+	build
+}
+
+main $@
+exit $?
+
+

package/luci-compat/tool/po2lmo/Makefile

@@ -0,0 +1,12 @@
+
+INSTALL = install
+PREFIX  = /usr/bin
+
+po2lmo: src/po2lmo.o src/template_lmo.o
+	$(CC) $(LDFLAGS) -o src/po2lmo src/po2lmo.o src/template_lmo.o
+
+install:
+	$(INSTALL) -m 755 src/po2lmo $(PREFIX)
+
+clean:
+	$(RM) src/po2lmo src/*.o

package/luci-compat/tool/po2lmo/src/po2lmo.c

@@ -0,0 +1,247 @@
+/*
+ * lmo - Lua Machine Objects - PO to LMO conversion tool
+ *
+ *   Copyright (C) 2009-2012 Jo-Philipp Wich <xm@subsignal.org>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include "template_lmo.h"
+
+static void die(const char *msg)
+{
+	fprintf(stderr, "Error: %s\n", msg);
+	exit(1);
+}
+
+static void usage(const char *name)
+{
+	fprintf(stderr, "Usage: %s input.po output.lmo\n", name);
+	exit(1);
+}
+
+static void print(const void *ptr, size_t size, size_t nmemb, FILE *stream)
+{
+	if( fwrite(ptr, size, nmemb, stream) == 0 )
+		die("Failed to write stdout");
+}
+
+static int extract_string(const char *src, char *dest, int len)
+{
+	int pos = 0;
+	int esc = 0;
+	int off = -1;
+
+	for( pos = 0; (pos < strlen(src)) && (pos < len); pos++ )
+	{
+		if( (off == -1) && (src[pos] == '"') )
+		{
+			off = pos + 1;
+		}
+		else if( off >= 0 )
+		{
+			if( esc == 1 )
+			{
+				switch (src[pos])
+				{
+				case '"':
+				case '\\':
+					off++;
+					break;
+				}
+				dest[pos-off] = src[pos];
+				esc = 0;
+			}
+			else if( src[pos] == '\\' )
+			{
+				dest[pos-off] = src[pos];
+				esc = 1;
+			}
+			else if( src[pos] != '"' )
+			{
+				dest[pos-off] = src[pos];
+			}
+			else
+			{
+				dest[pos-off] = '\0';
+				break;
+			}
+		}
+	}
+
+	return (off > -1) ? strlen(dest) : -1;
+}
+
+static int cmp_index(const void *a, const void *b)
+{
+	uint32_t x = ((const lmo_entry_t *)a)->key_id;
+	uint32_t y = ((const lmo_entry_t *)b)->key_id;
+
+	if (x < y)
+		return -1;
+	else if (x > y)
+		return 1;
+
+	return 0;
+}
+
+static void print_uint32(uint32_t x, FILE *out)
+{
+	uint32_t y = htonl(x);
+	print(&y, sizeof(uint32_t), 1, out);
+}
+
+static void print_index(void *array, int n, FILE *out)
+{
+	lmo_entry_t *e;
+
+	qsort(array, n, sizeof(*e), cmp_index);
+
+	for (e = array; n > 0; n--, e++)
+	{
+		print_uint32(e->key_id, out);
+		print_uint32(e->val_id, out);
+		print_uint32(e->offset, out);
+		print_uint32(e->length, out);
+	}
+}
+
+int main(int argc, char *argv[])
+{
+	char line[4096];
+	char key[4096];
+	char val[4096];
+	char tmp[4096];
+	int state  = 0;
+	int offset = 0;
+	int length = 0;
+	int n_entries = 0;
+	void *array = NULL;
+	lmo_entry_t *entry = NULL;
+	uint32_t key_id, val_id;
+
+	FILE *in;
+	FILE *out;
+
+	if( (argc != 3) || ((in = fopen(argv[1], "r")) == NULL) || ((out = fopen(argv[2], "w")) == NULL) )
+		usage(argv[0]);
+
+	memset(line, 0, sizeof(key));
+	memset(key, 0, sizeof(val));
+	memset(val, 0, sizeof(val));
+
+	while( (NULL != fgets(line, sizeof(line), in)) || (state >= 2 && feof(in)) )
+	{
+		if( state == 0 && strstr(line, "msgid \"") == line )
+		{
+			switch(extract_string(line, key, sizeof(key)))
+			{
+				case -1:
+					die("Syntax error in msgid");
+				case 0:
+					state = 1;
+					break;
+				default:
+					state = 2;
+			}
+		}
+		else if( state == 1 || state == 2 )
+		{
+			if( strstr(line, "msgstr \"") == line || state == 2 )
+			{
+				switch(extract_string(line, val, sizeof(val)))
+				{
+					case -1:
+						state = 4;
+						break;
+					default:
+						state = 3;
+				}
+			}
+			else
+			{
+				switch(extract_string(line, tmp, sizeof(tmp)))
+				{
+					case -1:
+						state = 2;
+						break;
+					default:
+						strcat(key, tmp);
+				}
+			}
+		}
+		else if( state == 3 )
+		{
+			switch(extract_string(line, tmp, sizeof(tmp)))
+			{
+				case -1:
+					state = 4;
+					break;
+				default:
+					strcat(val, tmp);
+			}
+		}
+
+		if( state == 4 )
+		{
+			if( strlen(key) > 0 && strlen(val) > 0 )
+			{
+				key_id = sfh_hash(key, strlen(key));
+				val_id = sfh_hash(val, strlen(val));
+
+				if( key_id != val_id )
+				{
+					n_entries++;
+					array = realloc(array, n_entries * sizeof(lmo_entry_t));
+					entry = (lmo_entry_t *)array + n_entries - 1;
+
+					if (!array)
+						die("Out of memory");
+
+					entry->key_id = key_id;
+					entry->val_id = val_id;
+					entry->offset = offset;
+					entry->length = strlen(val);
+
+					length = strlen(val) + ((4 - (strlen(val) % 4)) % 4);
+
+					print(val, length, 1, out);
+					offset += length;
+				}
+			}
+
+			state = 0;
+			memset(key, 0, sizeof(key));
+			memset(val, 0, sizeof(val));
+		}
+
+		memset(line, 0, sizeof(line));
+	}
+
+	print_index(array, n_entries, out);
+
+	if( offset > 0 )
+	{
+		print_uint32(offset, out);
+		fsync(fileno(out));
+		fclose(out);
+	}
+	else
+	{
+		fclose(out);
+		unlink(argv[2]);
+	}
+
+	fclose(in);
+	return(0);
+}

package/luci-compat/tool/po2lmo/src/template_lmo.c

@@ -0,0 +1,328 @@
+/*
+ * lmo - Lua Machine Objects - Base functions
+ *
+ *   Copyright (C) 2009-2010 Jo-Philipp Wich <xm@subsignal.org>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include "template_lmo.h"
+
+/*
+ * Hash function from http://www.azillionmonkeys.com/qed/hash.html
+ * Copyright (C) 2004-2008 by Paul Hsieh
+ */
+
+uint32_t sfh_hash(const char *data, int len)
+{
+	uint32_t hash = len, tmp;
+	int rem;
+
+	if (len <= 0 || data == NULL) return 0;
+
+	rem = len & 3;
+	len >>= 2;
+
+	/* Main loop */
+	for (;len > 0; len--) {
+		hash  += sfh_get16(data);
+		tmp    = (sfh_get16(data+2) << 11) ^ hash;
+		hash   = (hash << 16) ^ tmp;
+		data  += 2*sizeof(uint16_t);
+		hash  += hash >> 11;
+	}
+
+	/* Handle end cases */
+	switch (rem) {
+		case 3: hash += sfh_get16(data);
+			hash ^= hash << 16;
+			hash ^= data[sizeof(uint16_t)] << 18;
+			hash += hash >> 11;
+			break;
+		case 2: hash += sfh_get16(data);
+			hash ^= hash << 11;
+			hash += hash >> 17;
+			break;
+		case 1: hash += *data;
+			hash ^= hash << 10;
+			hash += hash >> 1;
+	}
+
+	/* Force "avalanching" of final 127 bits */
+	hash ^= hash << 3;
+	hash += hash >> 5;
+	hash ^= hash << 4;
+	hash += hash >> 17;
+	hash ^= hash << 25;
+	hash += hash >> 6;
+
+	return hash;
+}
+
+uint32_t lmo_canon_hash(const char *str, int len)
+{
+	char res[4096];
+	char *ptr, prev;
+	int off;
+
+	if (!str || len >= sizeof(res))
+		return 0;
+
+	for (prev = ' ', ptr = res, off = 0; off < len; prev = *str, off++, str++)
+	{
+		if (isspace(*str))
+		{
+			if (!isspace(prev))
+				*ptr++ = ' ';
+		}
+		else
+		{
+			*ptr++ = *str;
+		}
+	}
+
+	if ((ptr > res) && isspace(*(ptr-1)))
+		ptr--;
+
+	return sfh_hash(res, ptr - res);
+}
+
+lmo_archive_t * lmo_open(const char *file)
+{
+	int in = -1;
+	uint32_t idx_offset = 0;
+	struct stat s;
+
+	lmo_archive_t *ar = NULL;
+
+	if (stat(file, &s) == -1)
+		goto err;
+
+	if ((in = open(file, O_RDONLY)) == -1)
+		goto err;
+
+	if ((ar = (lmo_archive_t *)malloc(sizeof(*ar))) != NULL)
+	{
+		memset(ar, 0, sizeof(*ar));
+
+		ar->fd     = in;
+		ar->size = s.st_size;
+
+		fcntl(ar->fd, F_SETFD, fcntl(ar->fd, F_GETFD) | FD_CLOEXEC);
+
+		if ((ar->mmap = mmap(NULL, ar->size, PROT_READ, MAP_SHARED, ar->fd, 0)) == MAP_FAILED)
+			goto err;
+
+		idx_offset = ntohl(*((const uint32_t *)
+		                     (ar->mmap + ar->size - sizeof(uint32_t))));
+
+		if (idx_offset >= ar->size)
+			goto err;
+
+		ar->index  = (lmo_entry_t *)(ar->mmap + idx_offset);
+		ar->length = (ar->size - idx_offset - sizeof(uint32_t)) / sizeof(lmo_entry_t);
+		ar->end    = ar->mmap + ar->size;
+
+		return ar;
+	}
+
+err:
+	if (in > -1)
+		close(in);
+
+	if (ar != NULL)
+	{
+		if ((ar->mmap != NULL) && (ar->mmap != MAP_FAILED))
+			munmap(ar->mmap, ar->size);
+
+		free(ar);
+	}
+
+	return NULL;
+}
+
+void lmo_close(lmo_archive_t *ar)
+{
+	if (ar != NULL)
+	{
+		if ((ar->mmap != NULL) && (ar->mmap != MAP_FAILED))
+			munmap(ar->mmap, ar->size);
+
+		close(ar->fd);
+		free(ar);
+
+		ar = NULL;
+	}
+}
+
+
+lmo_catalog_t *_lmo_catalogs = NULL;
+lmo_catalog_t *_lmo_active_catalog = NULL;
+
+int lmo_load_catalog(const char *lang, const char *dir)
+{
+	DIR *dh = NULL;
+	char pattern[16];
+	char path[PATH_MAX];
+	struct dirent *de = NULL;
+
+	lmo_archive_t *ar = NULL;
+	lmo_catalog_t *cat = NULL;
+
+	if (!lmo_change_catalog(lang))
+		return 0;
+
+	if (!dir || !(dh = opendir(dir)))
+		goto err;
+
+	if (!(cat = malloc(sizeof(*cat))))
+		goto err;
+
+	memset(cat, 0, sizeof(*cat));
+
+	snprintf(cat->lang, sizeof(cat->lang), "%s", lang);
+	snprintf(pattern, sizeof(pattern), "*.%s.lmo", lang);
+
+	while ((de = readdir(dh)) != NULL)
+	{
+		if (!fnmatch(pattern, de->d_name, 0))
+		{
+			snprintf(path, sizeof(path), "%s/%s", dir, de->d_name);
+			ar = lmo_open(path);
+
+			if (ar)
+			{
+				ar->next = cat->archives;
+				cat->archives = ar;
+			}
+		}
+	}
+
+	closedir(dh);
+
+	cat->next = _lmo_catalogs;
+	_lmo_catalogs = cat;
+
+	if (!_lmo_active_catalog)
+		_lmo_active_catalog = cat;
+
+	return 0;
+
+err:
+	if (dh) closedir(dh);
+	if (cat) free(cat);
+
+	return -1;
+}
+
+int lmo_change_catalog(const char *lang)
+{
+	lmo_catalog_t *cat;
+
+	for (cat = _lmo_catalogs; cat; cat = cat->next)
+	{
+		if (!strncmp(cat->lang, lang, sizeof(cat->lang)))
+		{
+			_lmo_active_catalog = cat;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+static lmo_entry_t * lmo_find_entry(lmo_archive_t *ar, uint32_t hash)
+{
+	unsigned int m, l, r;
+	uint32_t k;
+
+	l = 0;
+	r = ar->length - 1;
+
+	while (1)
+	{
+		m = l + ((r - l) / 2);
+
+		if (r < l)
+			break;
+
+		k = ntohl(ar->index[m].key_id);
+
+		if (k == hash)
+			return &ar->index[m];
+
+		if (k > hash)
+		{
+			if (!m)
+				break;
+
+			r = m - 1;
+		}
+		else
+		{
+			l = m + 1;
+		}
+	}
+
+	return NULL;
+}
+
+int lmo_translate(const char *key, int keylen, char **out, int *outlen)
+{
+	uint32_t hash;
+	lmo_entry_t *e;
+	lmo_archive_t *ar;
+
+	if (!key || !_lmo_active_catalog)
+		return -2;
+
+	hash = lmo_canon_hash(key, keylen);
+
+	for (ar = _lmo_active_catalog->archives; ar; ar = ar->next)
+	{
+		if ((e = lmo_find_entry(ar, hash)) != NULL)
+		{
+			*out = ar->mmap + ntohl(e->offset);
+			*outlen = ntohl(e->length);
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+void lmo_close_catalog(const char *lang)
+{
+	lmo_archive_t *ar, *next;
+	lmo_catalog_t *cat, *prev;
+
+	for (prev = NULL, cat = _lmo_catalogs; cat; prev = cat, cat = cat->next)
+	{
+		if (!strncmp(cat->lang, lang, sizeof(cat->lang)))
+		{
+			if (prev)
+				prev->next = cat->next;
+			else
+				_lmo_catalogs = cat->next;
+
+			for (ar = cat->archives; ar; ar = next)
+			{
+				next = ar->next;
+				lmo_close(ar);
+			}
+
+			free(cat);
+			break;
+		}
+	}
+}

package/luci-compat/tool/po2lmo/src/template_lmo.h

@@ -0,0 +1,92 @@
+/*
+ * lmo - Lua Machine Objects - General header
+ *
+ *   Copyright (C) 2009-2012 Jo-Philipp Wich <xm@subsignal.org>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#ifndef _TEMPLATE_LMO_H_
+#define _TEMPLATE_LMO_H_
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <arpa/inet.h>
+#include <unistd.h>
+#include <errno.h>
+#include <fnmatch.h>
+#include <dirent.h>
+#include <ctype.h>
+#include <limits.h>
+
+#if (defined(__GNUC__) && defined(__i386__))
+#define sfh_get16(d) (*((const uint16_t *) (d)))
+#else
+#define sfh_get16(d) ((((uint32_t)(((const uint8_t *)(d))[1])) << 8)\
+					   +(uint32_t)(((const uint8_t *)(d))[0]) )
+#endif
+
+
+struct lmo_entry {
+	uint32_t key_id;
+	uint32_t val_id;
+	uint32_t offset;
+	uint32_t length;
+} __attribute__((packed));
+
+typedef struct lmo_entry lmo_entry_t;
+
+
+struct lmo_archive {
+	int         fd;
+	int	        length;
+	uint32_t    size;
+	lmo_entry_t *index;
+	char        *mmap;
+	char		*end;
+	struct lmo_archive *next;
+};
+
+typedef struct lmo_archive lmo_archive_t;
+
+
+struct lmo_catalog {
+	char lang[6];
+	struct lmo_archive *archives;
+	struct lmo_catalog *next;
+};
+
+typedef struct lmo_catalog lmo_catalog_t;
+
+
+uint32_t sfh_hash(const char *data, int len);
+uint32_t lmo_canon_hash(const char *data, int len);
+
+lmo_archive_t * lmo_open(const char *file);
+void lmo_close(lmo_archive_t *ar);
+
+
+extern lmo_catalog_t *_lmo_catalogs;
+extern lmo_catalog_t *_lmo_active_catalog;
+
+int lmo_load_catalog(const char *lang, const char *dir);
+int lmo_change_catalog(const char *lang);
+int lmo_translate(const char *key, int keylen, char **out, int *outlen);
+void lmo_close_catalog(const char *lang);
+
+#endif

package/luci/control/control

@@ -4,5 +4,4 @@ Depends: libc, smartdns
 Source: feeds/luci/applications/luci-app-smartdns
 Section: luci
 Architecture: all
-Installed-Size: 1040
-Description:  A smartdns server module
+Description:  A smartdns server

package/luci/control/postinst

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/luci/control/postinst-pkg

@@ -1,4 +0,0 @@
-[ -n "${IPKG_INSTROOT}" ] || {
-	(. /etc/uci-defaults/50_luci-smartdns) && rm -f /etc/uci-defaults/50_luci-smartdns
-	exit 0
-}

package/luci/control/prerm

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/luci/files/luci/model/cbi/smartdns/smartdns.lua

@@ -1,329 +0,0 @@
---
--- Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
---
--- smartdns is free software: you can redistribute it and/or modify
--- it under the terms of the GNU General Public License as published by
--- the Free Software Foundation, either version 3 of the License, or
--- (at your option) any later version.
---
--- smartdns is distributed in the hope that it will be useful,
--- but WITHOUT ANY WARRANTY; without even the implied warranty of
--- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--- GNU General Public License for more details.
---
--- You should have received a copy of the GNU General Public License
--- along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-require ("nixio.fs")
-require ("luci.http")
-require ("luci.dispatcher")
-require ("nixio.fs")
-
-m = Map("smartdns")
-m.title	= translate("SmartDNS Server")
-m.description = translate("SmartDNS is a local high-performance DNS server, supports finding fastest IP, supports ad filtering, and supports avoiding DNS poisoning.")
-
-m:section(SimpleSection).template  = "smartdns/smartdns_status"
-
--- Basic
-s = m:section(TypedSection, "smartdns", translate("Settings"), translate("General Settings"))
-s.anonymous = true
-
-s:tab("settings", translate("General Settings"))
-s:tab("seconddns", translate("Second Server Settings"))
-s:tab("custom", translate("Custom Settings"))
-
----- Eanble
-o = s:taboption("settings", Flag, "enabled", translate("Enable"), translate("Enable or disable smartdns server"))
-o.default     = o.disabled
-o.rempty      = false
-
----- server name
-o = s:taboption("settings", Value, "server_name", translate("Server Name"), translate("Smartdns server name"))
-o.default     = "smartdns"
-o.datatype    = "hostname"
-o.rempty      = false
-
----- Port
-o = s:taboption("settings", Value, "port", translate("Local Port"), translate("Smartdns local server port"))
-o.placeholder = 6053
-o.default     = 6053
-o.datatype    = "port"
-o.rempty      = false
-
----- Enable TCP server
-o = s:taboption("settings", Flag, "tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
-o.rmempty     = false
-o.default     = o.enabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "1"
-end
-
----- Support IPV6
-o = s:taboption("settings", Flag, "ipv6_server", translate("IPV6 Server"), translate("Enable IPV6 DNS Server"))
-o.rmempty     = false
-o.default     = o.enabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "1"
-end
-
----- Support DualStack ip selection
-o = s:taboption("settings", Flag, "dualstack_ip_selection", translate("Dual-stack IP Selection"), translate("Enable IP selection between IPV4 and IPV6"))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- Domain prefetch load 
-o = s:taboption("settings", Flag, "prefetch_domain", translate("Domain prefetch"), translate("Enable domain prefetch, accelerate domain response speed."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- Redirect
-o = s:taboption("settings", ListValue, "redirect", translate("Redirect"), translate("SmartDNS redirect mode"))
-o.placeholder = "none"
-o:value("none", translate("none"))
-o:value("dnsmasq-upstream", translate("Run as dnsmasq upstream server"))
-o:value("redirect", translate("Redirect 53 port to SmartDNS"))
-o.default     = "none"
-o.rempty      = false
-
----- cache-size
-o = s:taboption("settings", Value, "cache_size", translate("Cache Size"), translate("DNS domain result cache size"))
-o.rempty      = true
-
----- rr-ttl
-o = s:taboption("settings", Value, "rr_ttl", translate("Domain TTL"), translate("TTL for all domain result."))
-o.rempty      = true
-
----- rr-ttl-min
-o = s:taboption("settings", Value, "rr_ttl_min", translate("Domain TTL Min"), translate("Minimum TTL for all domain result."))
-o.rempty      = true
-o.placeholder = "300"
-o.default     = 300
-o.optional    = true
-
----- second dns server
----- rr-ttl-max
-o = s:taboption("settings", Value, "rr_ttl_max", translate("Domain TTL Max"), translate("Maximum TTL for all domain result."))
-o.rempty      = true
-
----- Eanble
-o = s:taboption("seconddns", Flag, "seconddns_enabled", translate("Enable"), translate("Enable or disable second DNS server."))
-o.default     = o.disabled
-o.rempty      = false
-
----- Port
-o = s:taboption("seconddns", Value, "seconddns_port", translate("Local Port"), translate("Smartdns local server port"))
-o.placeholder = 7053
-o.default     = 7053
-o.datatype    = "port"
-o.rempty      = false
-
----- Enable TCP server
-o = s:taboption("seconddns", Flag, "seconddns_tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
-o.rmempty     = false
-o.default     = o.enabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "1"
-end
-
-o = s:taboption("seconddns", Flag, "seconddns_no_speed_check", translate("Skip Speed Check"), translate("Do not check speed."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- dns server group
-o = s:taboption("seconddns", Value, "seconddns_server_group", translate("Server Group"), translate("Query DNS through specific dns server group, such as office, home."))
-o.rmempty     = true
-o.placeholder = "default"
-o.datatype    = "hostname"
-o.rempty      = true
-
----- skip address rules
-o = s:taboption("seconddns", Flag, "seconddns_no_rule_addr", translate("Skip Address Rules"), translate("Skip address rules."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- skip name server rules
-o = s:taboption("seconddns", Flag, "seconddns_no_rule_nameserver", translate("Skip Nameserver Rule"), translate("Skip nameserver rules."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- skip ipset rules
-o = s:taboption("seconddns", Flag, "seconddns_no_rule_ipset", translate("Skip Ipset Rule"), translate("Skip ipset rules."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- skip soa address rule
-o = s:taboption("seconddns", Flag, "seconddns_no_rule_soa", translate("Skip SOA Address Rule"), translate("Skip SOA address rules."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
-o = s:taboption("seconddns", Flag, "seconddns_no_dualstack_selection", translate("Skip Dualstack Selection"), translate("Skip Sualstack Selection."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
----- skip cache
-o = s:taboption("seconddns", Flag, "seconddns_no_cache", translate("Skip Cache"), translate("Skip Cache."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
------ custom settings
-custom = s:taboption("custom", Value, "Custom Settings",
-	translate(""), 
-	translate("smartdns custom settings"))
-
-custom.template = "cbi/tvalue"
-custom.rows = 20
-
-function custom.cfgvalue(self, section)
-	return nixio.fs.readfile("/etc/smartdns/custom.conf")
-end
-
-function custom.write(self, section, value)
-	value = value:gsub("\r\n?", "\n")
-	nixio.fs.writefile("/etc/smartdns/custom.conf", value)
-end
-
-o = s:taboption("custom", Flag, "coredump", translate("Generate Coredump"), translate("Generate Coredump file when smartdns crash, coredump file is located at /tmp/smartdns.xxx.core."))
-o.rmempty     = false
-o.default     = o.disabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "0"
-end
-
--- Upstream servers
-s = m:section(TypedSection, "server", translate("Upstream Servers"), translate("Upstream Servers, support UDP, TCP protocol. " ..
-	"Please configure multiple DNS servers, including multiple foreign DNS servers."))
-	
-s.anonymous = true
-s.addremove = true
-s.template = "cbi/tblsection"
-s.extedit  = luci.dispatcher.build_url("admin/services/smartdns/upstream/%s")
-
----- enable flag
-o = s:option(Flag, "enabled", translate("Enable"), translate("Enable"))
-o.rmempty     = false
-o.default     = o.enabled
-o.cfgvalue    = function(...)
-    return Flag.cfgvalue(...) or "1"
-end
-
----- name
-s:option(Value, "name", translate("DNS Server Name"), translate("DNS Server Name"))
-
----- IP address
-o = s:option(Value, "ip", translate("ip"), translate("DNS Server ip"))
-o.datatype = "or(ipaddr, string)"
-o.rmempty = false 
----- port
-o = s:option(Value, "port", translate("port"), translate("DNS Server port"))
-o.placeholder = "default"
-o.datatype    = "port"
-o.rempty      = true
-o:depends("type", "udp")
-o:depends("type", "tcp")
-o:depends("type", "tls")
-
----- type
-o = s:option(ListValue, "type", translate("type"), translate("DNS Server type"))
-o.placeholder = "udp"
-o:value("udp", translate("udp"))
-o:value("tcp", translate("tcp"))
-o:value("tls", translate("tls"))
-o:value("https", translate("https"))
-o.default     = "udp"
-o.rempty      = false
-
--- Doman addresss
-s = m:section(TypedSection, "smartdns", translate("Domain Address"), 
-	translate("Set Specific domain ip address."))
-s.anonymous = true
-
----- address
-addr = s:option(Value, "address",
-	translate(""), 
-	translate("Specify an IP address to return for any host in the given domains, Queries in the domains are never forwarded and always replied to with the specified IP address which may be IPv4 or IPv6."))
-
-addr.template = "cbi/tvalue"
-addr.rows = 20
-
-function addr.cfgvalue(self, section)
-	return nixio.fs.readfile("/etc/smartdns/address.conf")
-end
-
-function addr.write(self, section, value)
-	value = value:gsub("\r\n?", "\n")
-	nixio.fs.writefile("/etc/smartdns/address.conf", value)
-end
-
--- IP Blacklist
-s = m:section(TypedSection, "smartdns", translate("IP Blacklist"), 
-	translate("Set Specific ip blacklist."))
-s.anonymous = true
-
----- blacklist
-addr = s:option(Value, "blacklist_ip",
-	translate(""), 
-	translate("Configure IP blacklists that will be filtered from the results of specific DNS server."))
-
-addr.template = "cbi/tvalue"
-addr.rows = 20
-
-function addr.cfgvalue(self, section)
-	return nixio.fs.readfile("/etc/smartdns/blacklist-ip.conf")
-end
-
-function addr.write(self, section, value)
-	value = value:gsub("\r\n?", "\n")
-	nixio.fs.writefile("/etc/smartdns/blacklist-ip.conf", value)
-end
-
--- Doman addresss
-s = m:section(TypedSection, "smartdns", translate("Technical Support"), 
-	translate("If you like this software, please buy me a cup of coffee."))
-s.anonymous = true
-
-o = s:option(Button, "web")
-o.title = translate("SmartDNS official website")
-o.inputtitle = translate("open website")
-o.inputstyle = "apply"
-o.write = function()
-	luci.http.redirect("https://pymumu.github.io/smartdns")
-end
-
-o = s:option(Button, "Donate")
-o.title = translate("Donate to smartdns")
-o.inputtitle = translate("Donate")
-o.inputstyle = "apply"
-o.write = function()
-	luci.http.redirect("https://pymumu.github.io/smartdns/#donate")
-end
-
-return m
-

package/luci/files/root/usr/share/luci/menu.d/luci-app-smartdns.json

@@ -0,0 +1,13 @@
+{
+	"admin/services/smartdns": {
+		"title": "SmartDNS",
+		"action": {
+			"type": "view",
+			"path": "smartdns/smartdns"
+		},
+		"depends": {
+			"acl": [ "luci-app-smartdns" ],
+			"uci": { "smartdns": true }
+		}
+	}
+}

package/luci/files/root/usr/share/rpcd/acl.d/luci-app-smartdns.json

@@ -0,0 +1,22 @@
+{
+	"luci-app-smartdns": {
+		"description": "Grant access to LuCI app smartdns",
+		"read": {
+			"file": {
+				"/etc/smartdns/*": [ "read" ]
+			},
+			"ubus": {
+				"service": [ "list" ]
+			},
+			"uci": [ "smartdns" ]
+		},
+		"write": {
+			"file": {
+				"/etc/smartdns/*": [ "write" ],
+				"/etc/init.d/smartdns restart": [ "exec" ],
+				"/etc/init.d/smartdns updatefiles": [ "exec" ]
+			},
+			"uci": [ "smartdns" ]
+		}
+	}
+}

package/luci/make.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -52,14 +52,16 @@ build()
 	cp $CURR_DIR/* $ROOT/ -af
 	cd $ROOT/
 	build_tool
-	mkdir $ROOT/root/usr/lib/lua/ -p
-	cp $ROOT/files/luci $ROOT/root/usr/lib/lua/ -af
 	
+	mkdir $ROOT/root/usr/lib/lua/luci -p
+	mkdir $ROOT/root/usr/share/rpcd/acl.d/ -p
+	cp $ROOT/files/luci/i18n $ROOT/root/usr/lib/lua/luci/ -avf
+
 	#Generate Language
 	$PO2LMO $ROOT/files/luci/i18n/smartdns.zh-cn.po $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.lmo
 	rm $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.po
 
-	cp $ROOT/files/etc $ROOT/root/ -af
+	cp $ROOT/files/root/* $ROOT/root/ -avf
 	INST_SIZE="`du -sb $ROOT/root/ | awk '{print $1}'`"
 	
 	sed -i "s/^Architecture.*/Architecture: all/g" $ROOT/control/control
@@ -75,7 +77,7 @@ build()
 	cd $ROOT
 
 	tar zcf $ROOT/data.tar.gz -C root .
-	tar zcf $OUTPUTDIR/luci-app-smartdns.$VER.$FILEARCH.ipk control.tar.gz data.tar.gz debian-binary
+	tar zcf $OUTPUTDIR/luci-app-smartdns.$VER.$FILEARCH.ipk ./control.tar.gz ./data.tar.gz ./debian-binary
 
 	rm -fr $ROOT/
 }

package/openwrt/Makefile

@@ -1,58 +1,42 @@
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (c) 2018-2023 Nick Peng (pymumu@gmail.com)
+# This is free software, licensed under the GNU General Public License v3.
 #
-# smartdns is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# smartdns is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=smartdns
+PKG_VERSION:=1.2023.41
+PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/pymumu/smartdns.git
+PKG_SOURCE_URL:=https://www.github.com/pymumu/smartdns.git
+PKG_MIRROR_HASH:=skip
+PKG_SOURCE_VERSION:=60a3719ec739be2cc1e11724ac049b09a75059cb
 
-PKG_REV:=d51f5e6eeba7bfde1b108fe32d540bd429550573
-PKG_VERSION:=1.2019.11.02-1102
-PKG_RELEASE:=1
-PKG_LICENSE:=GPL-3.0
+PKG_MAINTAINER:=Nick Peng <pymumu@gmail.com>
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_LICENSE_FILES:=LICENSE
 
-PKG_SOURCE_VERSION:=$(PKG_REV)
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_SOURCE_SUBDIR).tar.gz
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
+PKG_BUILD_PARALLEL:=1
 
 include $(INCLUDE_DIR)/package.mk
 
-MAKE_ARGS := CFLAGS="$(TARGET_CFLAGS)" CC=$(TARGET_CC)
+MAKE_VARS += VER=$(PKG_VERSION) 
+MAKE_PATH:=src
 
 define Package/smartdns
   SECTION:=net
   CATEGORY:=Network
   TITLE:=smartdns server
-  URL:=http://github.com/pymumu/smartdns/
-  MAINTAINER:=Nick Peng <pymumu@gmail.com>
-  DEPENDS:=+libopenssl
+  DEPENDS:=+libpthread +libopenssl
+  URL:=https://www.github.com/pymumu/smartdns/
 endef
 
 define Package/smartdns/description
-SmartDNS is a local DNS server. SmartDNS accepts DNS query requests from local clients, obtains DNS query results from multiple upstream DNS servers, and returns the fastest access results to clients.
-endef
-
-define Build/Configure
-	mkdir -p $(PKG_INSTALL_DIR)
-endef
-
-define Build/Compile
-	$(MAKE) -C $(PKG_BUILD_DIR)/src $(MAKE_ARGS) all
+SmartDNS is a local DNS server which accepts DNS query requests from local network clients,
+gets DNS query results from multiple upstream DNS servers concurrently, and returns the fastest IP to clients.
+Unlike dnsmasq's all-servers, smartdns returns the fastest IP, and encrypt DNS queries with DoT or DoH. 
 endef
 
 define Package/smartdns/conffiles
@@ -60,15 +44,20 @@ define Package/smartdns/conffiles
 /etc/smartdns/address.conf
 /etc/smartdns/blacklist-ip.conf
 /etc/smartdns/custom.conf
+/etc/smartdns/domain-block.list
+/etc/smartdns/domain-forwarding.list
 endef
 
 define Package/smartdns/install
-	$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d $(1)/etc/smartdns
+	$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d 
+	$(INSTALL_DIR) $(1)/etc/smartdns $(1)/etc/smartdns/domain-set $(1)/etc/smartdns/conf.d/ $(1)/etc/smartdns/ip-set
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/smartdns $(1)/usr/sbin/smartdns
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/package/openwrt/files/etc/init.d/smartdns $(1)/etc/init.d/smartdns
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/address.conf $(1)/etc/smartdns/address.conf
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/blacklist-ip.conf $(1)/etc/smartdns/blacklist-ip.conf
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/custom.conf $(1)/etc/smartdns/custom.conf
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/domain-block.list $(1)/etc/smartdns/domain-block.list
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/domain-forwarding.list $(1)/etc/smartdns/domain-forwarding.list
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/files/etc/config/smartdns $(1)/etc/config/smartdns
 endef
 

package/openwrt/address.conf

@@ -1,16 +1,16 @@
-# Add domains which you want to force to an IP address here.
-# The example below send any host in example.com to a local webserver.
-# address /domain/[ip|-|-4|-6|#|#4|#6]
-# address /www.example.com/1.2.3.4, return ip 1.2.3.4 to client
-# address /www.example.com/-, ignore address, query from upstream, suffix 4, for ipv4, 6 for ipv6, none for all
-# address /www.example.com/#, return SOA to client, suffix 4, for ipv4, 6 for ipv6, none for all
-
-# specific ipset to domain
-# ipset /domain/[ipset|-]
-# ipset /www.example.com/block, set ipset with ipset name of block 
-# ipset /www.example.com/-, ignore this domain
-
-# specific nameserver to domain
-# nameserver /domain/[group|-]
-# nameserver /www.example.com/office, Set the domain name to use the appropriate server group.
-# nameserver /www.example.com/-, ignore this domain
+# Add domains which you want to force to an IP address here.
+# The example below send any host in example.com to a local webserver.
+# address /domain/[ip|-|-4|-6|#|#4|#6]
+# address /www.example.com/1.2.3.4, return ip 1.2.3.4 to client
+# address /www.example.com/-, ignore address, query from upstream, suffix 4, for ipv4, 6 for ipv6, none for all
+# address /www.example.com/#, return SOA to client, suffix 4, for ipv4, 6 for ipv6, none for all
+
+# specific ipset to domain
+# ipset /domain/[ipset|-]
+# ipset /www.example.com/block, set ipset with ipset name of block 
+# ipset /www.example.com/-, ignore this domain
+
+# specific nameserver to domain
+# nameserver /domain/[group|-]
+# nameserver /www.example.com/office, Set the domain name to use the appropriate server group.
+# nameserver /www.example.com/-, ignore this domain

package/openwrt/blacklist-ip.conf

@@ -1,4 +1,4 @@
-# Add IP blacklist which you want to filtering from some DNS server here.
-# The example below filtering ip from the result of DNS server which is configured with -blacklist-ip.
-# blacklist-ip [ip/subnet]
+# Add IP blacklist which you want to filtering from some DNS server here.
+# The example below filtering ip from the result of DNS server which is configured with -blacklist-ip.
+# blacklist-ip [ip/subnet]
 # blacklist-ip 254.0.0.1/16

package/openwrt/control/conffiles

@@ -2,3 +2,5 @@
 /etc/smartdns/address.conf
 /etc/smartdns/blacklist-ip.conf
 /etc/smartdns/custom.conf
+/etc/smartdns/domain-block.list
+/etc/smartdns/domain-forwarding.list

package/openwrt/control/postinst

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/openwrt/control/prerm

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -17,6 +17,9 @@
 
 . ${IPKG_INSTROOT}/lib/functions.sh
 default_prerm $0 $@
+/etc/init.d/smartdns disable
 rm /var/etc/smartdns.conf -f
 rm /var/etc/smartdns/smartdns.conf -f
+rm /var/log/smartdns/ -fr
+rm /etc/smartdns/smartdns.cache -f
 exit 0

package/openwrt/custom.conf

@@ -1,14 +1,2 @@
-# Add custom settings here.
-
-# set log level
-# log-level [level], level=fatal, error, warn, notice, info, debug
-# log-level error
-
-# log-size k,m,g
-# log-size 128k
-
-# log-file /var/log/smartdns.log
-# log-num 2
-
-# List of hosts that supply bogus NX domain results 
-# bogus-nxdomain [ip/subnet]
+# Add custom settings here.
+# please read https://pymumu.github.io/smartdns/config/basic-config/

package/openwrt/domain-block.list

@@ -0,0 +1,4 @@
+# domain block list, one domain name per line.
+# example: block a.com, and b.com
+# a.com
+# b.com

package/openwrt/domain-forwarding.list

@@ -0,0 +1,4 @@
+# domain forwarding list, one domain name per line.
+# example: forwarding a.com, and b.com
+# a.com
+# b.com

package/openwrt/files/etc/config/smartdns

@@ -1,3 +1,4 @@
 config 'smartdns'
 	option 'enabled' '0'
-	
+	
+config 'domain-rule'

package/openwrt/make.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -23,6 +23,8 @@ SMARTDNS_CONF=$SMARTDNS_DIR/etc/smartdns/smartdns.conf
 ADDRESS_CONF=$CURR_DIR/address.conf
 BLACKLIST_IP_CONF=$CURR_DIR/blacklist-ip.conf
 CUSTOM_CONF=$CURR_DIR/custom.conf
+DOMAIN_BLOCK_LIST=$CURR_DIR/domain-block.list
+DOMAIN_FORWARDING_LIST=$CURR_DIR/domain-forwarding.list
 
 showhelp()
 {
@@ -45,11 +47,16 @@ build()
 	mkdir $ROOT/root/usr/sbin -p
 	mkdir $ROOT/root/etc/init.d -p
 	mkdir $ROOT/root/etc/smartdns/ -p
+	mkdir $ROOT/root/etc/smartdns/domain-set/ -p 
+	mkdir $ROOT/root/etc/smartdns/ip-set/ -p 
+	mkdir $ROOT/root/etc/smartdns/conf.d/ -p 
 
 	cp $SMARTDNS_CONF  $ROOT/root/etc/smartdns/
 	cp $ADDRESS_CONF $ROOT/root/etc/smartdns/
 	cp $BLACKLIST_IP_CONF $ROOT/root/etc/smartdns/
 	cp $CUSTOM_CONF $ROOT/root/etc/smartdns/
+	cp $DOMAIN_BLOCK_LIST $ROOT/root/etc/smartdns/
+	cp $DOMAIN_FORWARDING_LIST $ROOT/root/etc/smartdns/
 	cp $CURR_DIR/files/etc $ROOT/root/ -af
 	cp $SMARTDNS_BIN $ROOT/root/usr/sbin
 	if [ $? -ne 0 ]; then
@@ -68,13 +75,17 @@ build()
 		echo "Installed-Size: $INST_SIZE" >> $ROOT/control/control
 	fi
 
+	if [ "$STATIC" = "yes" ]; then
+		sed -i "s/Depends:.*/Depends: libc/" $ROOT/control/control
+	fi
+
 	cd $ROOT/control
 	chmod +x *
 	tar zcf ../control.tar.gz --owner=0 --group=0 ./
 	cd $ROOT
 
 	tar zcf $ROOT/data.tar.gz -C root --owner=0 --group=0 .
-	tar zcf $OUTPUTDIR/smartdns.$VER.$FILEARCH.ipk --owner=0 --group=0 control.tar.gz data.tar.gz debian-binary
+	tar zcf $OUTPUTDIR/smartdns.$VER.$FILEARCH.ipk --owner=0 --group=0 ./control.tar.gz ./data.tar.gz ./debian-binary
 	rm -fr $ROOT/
 }
 

package/optware/S50smartdns

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,17 +18,21 @@
 SMARTDNS_BIN=/opt/usr/sbin/smartdns
 SMARTDNS_CONF=/opt/etc/smartdns/smartdns.conf
 DNSMASQ_CONF="/etc/dnsmasq.conf /var/etc/dnsmasq.conf /etc/storage/dnsmasq/dnsmasq.conf"
-SMARTDNS_PID=/var/run/smartdns.pid
+SMARTDNS_PID=/run/smartdns.pid
+if [ ! -d "/run" ]; then
+	SMARTDNS_PID=/var/run/smartdns.pid
+fi
 SMARTDNS_PORT=535
 SMARTDNS_OPT=/opt/etc/smartdns/smartdns-opt.conf
 # workmode 
+# DO NOT CHANGE THIS, CHANGE MODE IN smartdns-opt.conf
 # 0: run as port only
 # 1: redirect port
 # 2: replace 
 SMARTDNS_WORKMODE="1"
 
 if [ -f "$SMARTDNS_OPT" ]; then
-. $SMARTDNS_OPT
+. "$SMARTDNS_OPT"
 fi
 
 
@@ -36,63 +40,63 @@ set_iptable()
 {
 	local redirect_tcp
 
-	redirect_tcp=0;
+	redirect_tcp=0
 
 	grep ^bind-tcp $SMARTDNS_CONF > /dev/null 2>&1
 	if [ $? -eq 0 ]; then
 		redirect_tcp=1;
 	fi
 
-	IPS="`ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}'`"
+	IPS="$(ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}')"
 	for IP in $IPS
 	do
 		if [ $redirect_tcp -eq 1 ]; then
-			iptables -t nat -A PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT > /dev/null 2>&1
+			iptables -t nat -A PREROUTING -p tcp -d "$IP" --dport 53 -j REDIRECT --to-ports "$SMARTDNS_PORT" > /dev/null 2>&1
 		fi
-		iptables -t nat -A PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT > /dev/null 2>&1
+		iptables -t nat -A PREROUTING -p udp -d "$IP" --dport 53 -j REDIRECT --to-ports "$SMARTDNS_PORT" > /dev/null 2>&1
 	done
 
 }
 
 clear_iptable()
 {
-	IPS="`ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}'`"
+	IPS="$(ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}')"
 	for IP in $IPS
 	do
-		iptables -t nat -D PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT > /dev/null 2>&1
-		iptables -t nat -D PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT > /dev/null 2>&1
+		iptables -t nat -D PREROUTING -p tcp -d "$IP" --dport 53 -j REDIRECT --to-ports "$SMARTDNS_PORT" > /dev/null 2>&1
+		iptables -t nat -D PREROUTING -p udp -d "$IP" --dport 53 -j REDIRECT --to-ports "$SMARTDNS_PORT" > /dev/null 2>&1
 	done
 	
 }
 
 get_dnsmasq_cmd()
 {
-	CMD="`ps | grep -e '[a-zA-Z]\{0,2\} \{1,\}dnsmasq' | grep -v grep 2>/dev/null`"
+	CMD="$(ps 2>/dev/null | grep -e '[a-zA-Z]\{0,2\} \{1,\}dnsmasq' | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi
 
-	CMD="`ps | grep '/usr/sbin/dnsmasq' | grep -v grep 2>/dev/null`"
+	CMD="$(ps 2>/dev/null | grep '/usr/sbin/dnsmasq' | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi
 
-	CMD="`ps | grep 'dnsmasq' | grep -v grep 2>/dev/null`"
+	CMD="$(ps 2>/dev/null | grep 'dnsmasq' | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi
 
-	CMD="`ps ax | grep -e '[a-zA-Z]\{0,2\} \{1,\}dnsmasq' | grep -v grep 2>/dev/null`"
+	CMD="$(ps ax 2>/dev/null | grep -e '[a-zA-Z]\{0,2\} \{1,\}dnsmasq' | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi
 
-	CMD="`ps ax | grep /usr/sbin/dnsmasq | grep -v grep 2>/dev/null`"
+	CMD="$(ps ax 2>/dev/null | grep /usr/sbin/dnsmasq | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi
 
-	CMD="`ps ax | grep 'dnsmasq' | grep -v grep 2>/dev/null`"
+	CMD="$(ps ax 2>/dev/null | grep 'dnsmasq' | grep -v grep 2>/dev/null)"
 	if [ ! -z "$CMD" ]; then
 		return
 	fi	
@@ -108,38 +112,85 @@ restart_dnsmasq()
 		return 1
 	fi
 
-	PID=`echo "$CMD" | awk '{print $1}'`
+	# check multiple dnsmasq
+	linecount="$(echo "$CMD" | wc -l)"
+	if [ $linecount -eq 1 ]; then
+		PID="$(echo "$CMD" | awk '{print $1}')"
+	elif [ $linecount -gt 1 ]; then
+		PID1="$(echo "$CMD" | awk 'NR==1{print $1}')"
+		PID2="$(echo "$CMD" | awk 'NR==2{print $1}')"
+		PID2_PPID="$(grep 'PPid:' /proc/$PID2/status | awk '{print $2}' 2>/dev/null)"
+		if [ "$PID2_PPID" != "$PID1" ]; then
+			kill -9 "$PID2"
+		fi
+		PID=$PID1
+	else
+		echo "find multiple dnsmasq, but not started by the same process"
+		return 1
+	fi
+
 	if [ ! -d "/proc/$PID" ]; then
 		echo "dnsmasq is not running"
 		return 1
 	fi
 
-	kill -9 $PID
+	kill -9 "$PID"
 
-	DNSMASQ_CMD="`echo $CMD | awk '{for(i=5; i<=NF;i++)printf \$i " "}'`"
+	# get dnsmasq command
+	CMD="$(echo "$CMD" | head -n 1)"
+	DNSMASQ_CMD="$(echo "$CMD" | awk '{for(i=5; i<=NF;i++)printf $i " "}')"
 
 	$DNSMASQ_CMD
 }
 
-get_server_ip()
+add_dhcp_options6()
 {
 	CONF_FILE=$1
-	IPS="`ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}'`"
-	LOCAL_SERVER_IP=""
+	IPS="$(ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}')"
 	for IP in $IPS
 	do
-		N=3
-		while [ $N -gt 0 ]
-		do
-			ADDR=`echo $IP | awk -F. "{for(i=1;i<=$N;i++)printf \\$i\".\"}"`
-			grep "dhcp-range=" $CONF_FILE | grep $ADDR >/dev/null 2>&1
-			if [ $? -eq 0 ]; then
-					SERVER_TAG="`grep "^dhcp-range *=" $CONF_FILE | grep $ADDR | awk -F= '{print $2}' | awk -F, '{print $1}'`"
-					LOCAL_SERVER_IP="$IP"
-					return 0
-			fi
-			N="`expr $N - 1`"
-		done
+		DHCP_OPTION="$(grep "dhcp-option=" "$CONF_FILE" | grep "$IP" | head -n 1)"
+		if [ -z "$DHCP_OPTION" ]; then
+			continue
+		fi
+
+		SERVER_TAG="$(echo "$DHCP_OPTION" | awk -F= '{print $2}' | awk -F, '{print $1}')"
+		LOCAL_SERVER_IP="$IP"
+
+		grep "dhcp-option *= *$SERVER_TAG, *6 *, *$LOCAL_SERVER_IP" "$CONF_FILE" 1>/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			continue
+		fi
+		
+		DHCP_OPTION="dhcp-option=$SERVER_TAG,6,$LOCAL_SERVER_IP"
+		echo "$DHCP_OPTION" >> "$CONF_FILE"
+		RESTART_DNSMASQ=1
+	done
+
+	return 1
+}
+
+clear_dhcp_options6()
+{
+	CONF_FILE=$1
+	IPS="$(ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F: '{print $2}')"
+	for IP in $IPS
+	do
+		DHCP_OPTION="$(grep "dhcp-option=" "$CONF_FILE" | grep "$IP" | head -n 1)"
+		if [ -z "$DHCP_OPTION" ]; then
+			continue
+		fi
+
+		SERVER_TAG="$(echo "$DHCP_OPTION" | awk -F= '{print $2}' | awk -F, '{print $1}')"
+		LOCAL_SERVER_IP="$IP"
+
+		grep "dhcp-option *= *$SERVER_TAG, *6 *, *$LOCAL_SERVER_IP" "$CONF_FILE" 1>/dev/null 2>&1
+		if [ $? -ne 0 ]; then
+			continue
+		fi
+		
+		sed -i "/^dhcp-option *=$SERVER_TAG,6,/d" "$CONF_FILE"
+		RESTART_DNSMASQ=1
 	done
 
 	return 1
@@ -150,21 +201,14 @@ set_dnsmasq_conf()
 	local LOCAL_SERVER_IP=""
 	local SERVER_TAG=""
 	local CONF_FILE=$1
+	local DHCP_OPTIONS=""
 
-	get_server_ip $CONF_FILE
-	if [ "$LOCAL_SERVER_IP" ] && [ "$SERVER_TAG" ]; then
-		grep "dhcp-option *=" $CONF_FILE | grep "$SERVER_TAG,6,$LOCAL_SERVER_IP" > /dev/null 2>&1
-		if [ $? -ne 0 ]; then
-			sed -i "/^dhcp-option *=$SERVER_TAG,6,/d" $CONF_FILE
-			echo "dhcp-option=$SERVER_TAG,6,$LOCAL_SERVER_IP" >> $CONF_FILE
-			RESTART_DNSMASQ=1
-		fi
-	fi
+	add_dhcp_options6 "$CONF_FILE"
 
-	grep "^port *=0" $CONF_FILE > /dev/null 2>&1
+	grep "^port *=0" "$CONF_FILE" > /dev/null 2>&1
 	if [ $? -ne 0 ]; then
-		sed -i "/^port *=/d" $CONF_FILE
-		echo "port=0" >> $CONF_FILE
+		sed -i "/^port *=/d" "$CONF_FILE"
+		echo "port=0" >> "$CONF_FILE"
 		RESTART_DNSMASQ=1
 	fi
 }
@@ -179,7 +223,7 @@ set_dnsmasq()
 			continue
 		fi
 
-		set_dnsmasq_conf $conf
+		set_dnsmasq_conf "$conf"
 	done
 	
 	if [ $RESTART_DNSMASQ -ne 0 ]; then
@@ -193,18 +237,11 @@ clear_dnsmasq_conf()
 	local SERVER_TAG=""
 	local CONF_FILE=$1
 	
-	get_server_ip $CONF_FILE
-	if [ "$LOCAL_SERVER_IP" ] && [ "$SERVER_TAG" ]; then
-		grep "dhcp-option *=" $CONF_FILE | grep "$SERVER_TAG,6,$LOCAL_SERVER_IP" > /dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			sed -i "/^dhcp-option *=$SERVER_TAG,6,/d" $CONF_FILE
-			RESTART_DNSMASQ=1
-		fi
-	fi
+	clear_dhcp_options6 "$CONF_FILE"
 
-	grep "^port *=" $CONF_FILE > /dev/null 2>&1
+	grep "^port *=" "$CONF_FILE" > /dev/null 2>&1
 	if [ $? -eq 0 ]; then
-		sed -i "/^port *=/d" $CONF_FILE
+		sed -i "/^port *=/d" "$CONF_FILE"
 		RESTART_DNSMASQ=1
 	fi
 }
@@ -219,7 +256,7 @@ clear_dnsmasq()
 			continue
 		fi
 
-		clear_dnsmasq_conf $conf
+		clear_dnsmasq_conf "$conf"
 	done
 
 	if [ $RESTART_DNSMASQ -ne 0 ]; then
@@ -232,11 +269,11 @@ set_smartdns_port()
 	if [ "$SMARTDNS_WORKMODE" = "0" ]; then
 		return 0
 	elif [ "$SMARTDNS_WORKMODE" = "1" ]; then
-		sed -i "s/^\(bind .*\):53 *\(.*\)\$/\1:$SMARTDNS_PORT \2/g" $SMARTDNS_CONF
-		sed -i "s/^\(bind-tcp .*\):53 *\(.*\)\$/\1:$SMARTDNS_PORT \2/g" $SMARTDNS_CONF
+		sed -i "s/^\(bind .*\):53\( .*\)\?$/\1:$SMARTDNS_PORT \2/g" $SMARTDNS_CONF
+		sed -i "s/^\(bind-tcp .*\):53\( .*\)\?$/\1:$SMARTDNS_PORT \2/g" $SMARTDNS_CONF
 	elif [ "$SMARTDNS_WORKMODE" = "2" ]; then
-		sed -i "s/^\(bind .*\):$SMARTDNS_PORT *\(.*\)\$/\1:53 \2/g" $SMARTDNS_CONF
-		sed -i "s/^\(bind-tcp .*\):$SMARTDNS_PORT *\(.*\)\$/\1:53 \2/g" $SMARTDNS_CONF
+		sed -i "s/^\(bind .*\):$SMARTDNS_PORT\( .*\)\?$/\1:53 \2/g" $SMARTDNS_CONF
+		sed -i "s/^\(bind-tcp .*\):$SMARTDNS_PORT\( .*\)\?$/\1:53 \2/g" $SMARTDNS_CONF
 	else
 		return 1
 	fi	
@@ -286,7 +323,7 @@ get_tz()
 			continue
 		fi
 		
-		tz="`cat $tzfile 2>/dev/null`"
+		tz="$(cat $tzfile 2>/dev/null)"
 	done
 	
 	if [ -z "$tz" ]; then
@@ -303,45 +340,77 @@ case "$1" in
 		exit 1
 	fi
 
+	SMARTDNS_OPTION=""
+	[ "$SMARTDNS_CRASH_RESTART" = "1" ] && SMARTDNS_OPTION="$SMARTDNS_OPTION -R"
+
 	set_smartdns_port
 	get_tz
-	$SMARTDNS_BIN -c $SMARTDNS_CONF -p $SMARTDNS_PID
+	$SMARTDNS_BIN -c "$SMARTDNS_CONF" -p $SMARTDNS_PID $SMARTDNS_OPTION
 	if [ $? -ne 0 ]; then
 		clear_rule
+		exit 1
 	fi
 	;;
 	status)
-	pid="`cat $SMARTDNS_PID |head -n 1 2>/dev/null`"
+	pid="$(cat $SMARTDNS_PID |head -n 1 2>/dev/null)"
 	if [ -z "$pid" ]; then
 		echo "smartdns not running."
-		return 0
+		exit 0
 	fi
 
 	if [ -d "/proc/$pid" ]; then
-		echo "smartdns running"
-		return 0;
+		echo "smartdns is running"
+		exit 0
 	fi
 	echo "smartdns not running."
-	return 0;
+	exit 0
 	;;
 	stop)
-	clear_rule
-	pid="`cat $SMARTDNS_PID | head -n 1 2>/dev/null`"
+	pid="$(cat "$SMARTDNS_PID" | head -n 1 2>/dev/null)"
 	if [ -z "$pid" ]; then
 		echo "smartdns not running."
-		return 0
+		exit 0
 	fi
 
-	if [ ! -d "/proc/$pid" ]; then
-		return 0;
+	kill -15 "$pid" 2>/dev/null
+	SLEEP=$(which usleep 2>/dev/null)
+	SLEEPTIME=200000
+	if [ -z "$SLEEP" ]; then
+		SLEEP="sleep"
+		SLEEPTIME=0.2
 	fi
+	N=300
+	while [ $N -gt 0 ]
+	do
+		pid="$(cat "$SMARTDNS_PID" | head -n 1 2>/dev/null)"
+		if [ -z "$pid" ]; then
+			break
+		fi
 
-	kill -9 $pid 2>/dev/null
+		if [ ! -d "/proc/$pid" ]; then
+			break
+		fi
+
+		stat="$(cat /proc/${pid}/stat | awk '{print $3}' 2>/dev/null)"
+		if [ "$stat" = "Z" ]; then
+			$SLEEP $SLEEPTIME
+			break
+		fi
+
+		$SLEEP $SLEEPTIME 2>/dev/null
+		N=$((N-1))
+	done
+
+	kill -9 "$pid" 2>/dev/null
+	clear_rule
+	exit 0
 	;;
 	restart)
 	$0 stop
 	$0 start
 	;;
+	reload)
+	;;
 	enable)
 	nvram set apps_state_enable=2
 	nvram set apps_state_error=0

package/optware/control/postinst

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/optware/control/prerm

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/optware/make.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
 #
 # smartdns is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

package/optware/smartdns-opt.conf

@@ -5,4 +5,7 @@
 SMARTDNS_WORKMODE="1"
 
 # smartdns port
-SMARTDNS_PORT="535"
+SMARTDNS_PORT="535"
+
+# restart when crash
+SMARTDNS_CRASH_RESTART="1"

package/redhat/smartdns.spec

@@ -0,0 +1,66 @@
+Name:           smartdns
+Version:        1.2020.09.08
+Release:        2235%{?dist}
+Summary:        smartdns
+
+License:        GPL 3.0
+URL:            https://github.com/pymumu/smartdns
+Source0:        %{name}-%{version}.tar.gz
+
+BuildRequires:  glibc
+BuildRequires:  centos-release >= 7
+BuildRequires:  openssl-devel
+Requires:       glibc
+Requires:       openssl
+Requires:       systemd
+
+%description
+A local DNS server to obtain the fastest website IP for the best Internet experience.
+
+%prep
+%setup -q
+
+%build
+cd src
+make %{?_smp_mflags}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__install} -D -m 755 src/smartdns $RPM_BUILD_ROOT%{_sbindir}/smartdns
+%{__install} -D -m 644 etc/smartdns/smartdns.conf $RPM_BUILD_ROOT%{_sysconfdir}/smartdns/smartdns.conf
+%{__install} -D -m 644 systemd/smartdns.service.in $RPM_BUILD_ROOT%{_unitdir}/smartdns.service
+
+
+cat > $RPM_BUILD_ROOT%{_unitdir}/smartdns.service <<EOF
+[Unit]
+Description=smartdns
+ConditionFileIsExecutable=/usr/sbin/smartdns
+After=syslog.target network-online.target
+
+[Service]
+Type=simple
+ExecStart=/usr/sbin/smartdns -c /etc/smartdns/smartdns.conf -f
+PIDFile=/run/smartdns.pid
+Restart=on-failure
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+
+%files
+%defattr(-,root,root,-)
+%{_sbindir}/smartdns
+%config(noreplace) %{_sysconfdir}/smartdns/smartdns.conf
+%{_unitdir}/smartdns.service
+
+%post
+%systemd_post %{name}.service
+
+%preun
+%systemd_preun %{name}.service
+
+%postun
+%systemd_postun_with_restart %{name}.service

package/windows/install.bat

@@ -12,7 +12,7 @@ IF NOT %ERRORLEVEL% == 0 (
 
 copy %CURR_PATH%\wsl-run.vbs "%STARTUP_PATH%/"
 IF NOT %ERRORLEVEL% == 0 (
-  echo Install startupt script failed.
+  echo Install startup script failed.
   pause
   exit 1
 )

src/.gitignore

@@ -0,0 +1,5 @@
+.vscode
+.o
+.DS_Store
+.swp.
+smartdns

src/Makefile

@@ -1,42 +1,69 @@
-
-# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
-#
-# smartdns is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# smartdns is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-BIN=smartdns 
-OBJS_LIB=lib/rbtree.o lib/art.o lib/bitops.o lib/radix.o lib/conf.o
-OBJS=smartdns.o fast_ping.o dns_client.o dns_server.o dns.o util.o tlog.o dns_conf.o dns_cache.o http_parse.o $(OBJS_LIB)
-CFLAGS +=-O2 -g -Wall -Wstrict-prototypes -fno-omit-frame-pointer -Wstrict-aliasing 
-override CFLAGS +=-Iinclude
-override CFLAGS += -DBASE_FILE_NAME=\"$(notdir $<)\"
-ifdef VER
-override CFLAGS += -DSMARTDNS_VERION=\"$(VER)\"
-endif
-CXXFLAGS=-O2 -g -Wall -std=c++11 
-override CXXFLAGS +=-Iinclude
-ifeq ($(STATIC), yes)
-LDFLAGS += -lssl -lcrypto -Wl,--whole-archive -lpthread -Wl,--no-whole-archive -ldl -static
-else
-LDFLAGS += -lssl -lcrypto -lpthread 
-endif
-
-.PHONY: all
-
-all: $(BIN)
- 
-$(BIN) : $(OBJS)
-	$(CC) $(OBJS) -o $@ $(LDFLAGS)
-
-clean:
-	$(RM) $(OBJS) $(BIN)
+
+# Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+#
+# smartdns is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# smartdns is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+BIN=smartdns 
+OBJS_LIB=$(patsubst %.c,%.o,$(wildcard lib/*.c))
+OBJS_MAIN=$(patsubst %.c,%.o,$(wildcard *.c))
+OBJS=$(OBJS_MAIN) $(OBJS_LIB)
+
+# cflags
+ifndef CFLAGS
+ ifdef DEBUG
+  CFLAGS = -g -DDEBUG
+ else
+  CFLAGS = -O2
+ endif
+ CFLAGS +=-Wall -Wstrict-prototypes -fno-omit-frame-pointer -Wstrict-aliasing -funwind-tables -Wmissing-prototypes -Wshadow -Wextra -Wno-unused-parameter -Wno-implicit-fallthrough
+endif
+
+override CFLAGS +=-Iinclude
+override CFLAGS += -DBASE_FILE_NAME='"$(notdir $<)"'
+override CFLAGS += $(EXTRA_CFLAGS)
+
+ifdef VER
+ override CFLAGS += -DSMARTDNS_VERION='"$(VER)"'
+else
+ HAS_GIT := $(shell command -v git 2> /dev/null)
+ ifdef HAS_GIT
+  IS_GIT_REPO := $(shell git rev-parse --is-inside-work-tree 2>/dev/null)
+  ifdef IS_GIT_REPO
+   override CFLAGS += -DSMARTDNS_VERION='"$(shell git describe --tags --always --dirty)"'
+  endif
+ endif
+endif
+
+CXXFLAGS=-O2 -g -Wall -std=c++11 
+override CXXFLAGS +=-Iinclude
+
+# ldflags
+ifeq ($(STATIC), yes)
+ override LDFLAGS += -lssl -lcrypto -Wl,--whole-archive -lpthread -Wl,--no-whole-archive -ldl -lm -static
+else
+ override LDFLAGS += -lssl -lcrypto -lpthread -ldl -lm
+endif
+
+.PHONY: all clean
+
+all: $(BIN)
+
+$(BIN) : $(OBJS)
+	$(CC) $(OBJS) -o $@ $(LDFLAGS)
+
+clang-tidy:
+	clang-tidy -p=. $(OBJS_MAIN:.o=.c) -- $(CFLAGS)
+
+clean:
+	$(RM) $(OBJS) $(BIN)

src/dns.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -19,17 +19,30 @@
 #ifndef _DNS_HEAD_H
 #define _DNS_HEAD_H
 
+#ifdef __cplusplus
+extern "C" {
+#endif /*__cplusplus */
+
 #define DNS_RR_A_LEN 4
 #define DNS_RR_AAAA_LEN 16
 #define DNS_MAX_CNAME_LEN 256
 #define DNS_MAX_OPT_LEN 256
-#define DNS_IN_PACKSIZE (512 * 4)
-#define DNS_PACKSIZE (512 * 10)
+#define DNS_IN_PACKSIZE (512 * 8)
+#define DNS_PACKSIZE (512 * 16)
 #define DNS_DEFAULT_PACKET_SIZE 512
+#define DNS_MAX_ALPN_LEN 32
+#define DNS_MAX_ECH_LEN 256
+
+#define DNS_OPT_FLAG_DO 0x8000
 
 #define DNS_ADDR_FAMILY_IP 1
 #define DNS_ADDR_FAMILY_IPV6 2
 
+/*
+DNS parameters:
+https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
+*/
+
 typedef enum dns_qr {
 	DNS_QR_QUERY = 0,
 	DNS_QR_ANSWER = 1,
@@ -44,7 +57,10 @@ typedef enum dns_rr_type {
 	DNS_RRS_END,
 } dns_rr_type;
 
-typedef enum dns_class { DNS_C_IN = 1, DNS_C_ANY = 255 } dns_class_t;
+typedef enum dns_class {
+	DNS_C_IN = 1, // DNS C IN
+	DNS_C_ANY = 255
+} dns_class_t;
 
 typedef enum dns_type {
 	DNS_T_A = 1,
@@ -58,17 +74,33 @@ typedef enum dns_type {
 	DNS_T_SRV = 33,
 	DNS_T_OPT = 41,
 	DNS_T_SSHFP = 44,
+	DNS_T_SVCB = 64,
+	DNS_T_HTTPS = 65,
 	DNS_T_SPF = 99,
 	DNS_T_AXFR = 252,
 	DNS_T_ALL = 255
 } dns_type_t;
 
-typedef enum dns_opt_code { 
-	DNS_OPT_T_ECS = 8, 
+typedef enum dns_opt_code {
+	DNS_OPT_T_ECS = 8,     // OPT ECS
+	DNS_OPT_T_COOKIE = 10, // OPT Cookie
 	DNS_OPT_T_TCP_KEEPALIVE = 11,
-	DNS_OPT_T_ALL = 255 
+	DNS_OPT_T_PADDING = 12,
+	DNS_OPT_T_ALL = 255
 } dns_opt_code_t;
 
+/* https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/11/ */
+typedef enum dns_https_svcparam {
+	DNS_HTTPS_T_MANDATORY = 0,
+	DNS_HTTPS_T_ALPN = 1,
+	DNS_HTTPS_T_NO_DEFAULT_ALPN = 2,
+	DNS_HTTPS_T_PORT = 3,
+	DNS_HTTPS_T_IPV4HINT = 4,
+	DNS_HTTPS_T_ECH = 5,
+	DNS_HTTPS_T_IPV6HINT = 6,
+	DNS_HTTPS_T_ALL = 255
+} dns_https_svcparam_t;
+
 typedef enum dns_opcode {
 	DNS_OP_QUERY = 0,
 	DNS_OP_IQUERY = 1,
@@ -102,21 +134,29 @@ struct dns_head {
 	unsigned char tc;       /* Truncation Flag */
 	unsigned char rd;       /* Recursion Desired */
 	unsigned char ra;       /* Recursion Available */
+	unsigned char z;        /* Reserved for future use.  Must be Zero! */
+	unsigned char ad;       /* Authentic Data Flag */
+	unsigned char cd;       /* Checking Disabled Flag */
+	unsigned char padding;  /* Padding */
 	unsigned short rcode;   /* Response Code */
 	unsigned short qdcount; /* number of question entries */
 	unsigned short ancount; /* number of answer entries */
 	unsigned short nscount; /* number of authority entries */
-	unsigned short nrcount; /* number of addititional resource entries */
-} __attribute__((packed));
+	unsigned short nrcount; /* number of additional resource entries */
+} __attribute__((packed, aligned(2)));
 
-struct dns_rrs {
-	unsigned short next;
-	unsigned short len;
-	dns_type_t type;
-	unsigned char data[0];
+#define DNS_PACKET_DICT_SIZE 16
+struct dns_packet_dict_item {
+	unsigned short pos;
+	unsigned int hash;
 };
 
-/* packet haed */
+struct dns_packet_dict {
+	short dict_count;
+	struct dns_packet_dict_item names[DNS_PACKET_DICT_SIZE];
+};
+
+/* packet head */
 struct dns_packet {
 	struct dns_head head;
 	unsigned short questions;
@@ -126,23 +166,27 @@ struct dns_packet {
 	unsigned short optcount;
 	unsigned short optional;
 	unsigned short payloadsize;
+	unsigned int opt_option;
+	struct dns_packet_dict namedict;
 	int size;
 	int len;
 	unsigned char data[0];
 };
 
-/* RRS encode/decode context */
-struct dns_data_context {
-	unsigned char *data;
-	unsigned char *ptr;
-	unsigned int maxsize;
+struct dns_rrs {
+	struct dns_packet *packet;
+	unsigned short next;
+	unsigned short len;
+	int type;
+	unsigned char data[0];
 };
 
 /* packet encode/decode context */
 struct dns_context {
 	struct dns_packet *packet;
+	struct dns_packet_dict *namedict;
 	unsigned char *data;
-	unsigned int maxsize;
+	int maxsize;
 	unsigned char *ptr;
 };
 
@@ -166,6 +210,13 @@ struct dns_opt_ecs {
 	unsigned char source_prefix;
 	unsigned char scope_prefix;
 	unsigned char addr[DNS_RR_AAAA_LEN];
+} __attribute__((packed));
+
+/* OPT COOKIE */
+struct dns_opt_cookie {
+	char server_cookie_len;
+	unsigned char client_cookie[8];
+	unsigned char server_cookie[32];
 };
 
 /* OPT */
@@ -175,44 +226,102 @@ struct dns_opt {
 	unsigned char data[0];
 } __attribute__((packed));
 
+struct dns_rr_nested {
+	struct dns_context context;
+	unsigned char *rr_start;
+	unsigned char *rr_len_ptr;
+	unsigned short rr_head_len;
+	dns_rr_type type;
+};
+
+struct dns_https_param {
+	unsigned short key;
+	unsigned short len;
+	unsigned char value[0];
+};
+
 struct dns_rrs *dns_get_rrs_next(struct dns_packet *packet, struct dns_rrs *rrs);
 struct dns_rrs *dns_get_rrs_start(struct dns_packet *packet, dns_rr_type type, int *count);
 
+struct dns_rr_nested *dns_add_rr_nested_start(struct dns_rr_nested *rr_nested_buffer, struct dns_packet *packet,
+											  dns_rr_type type, dns_type_t rtype, const char *domain, int ttl);
+int dns_add_rr_nested_end(struct dns_rr_nested *rr_nested, dns_type_t rtype);
+int dns_add_rr_nested_memcpy(struct dns_rr_nested *rr_nested, const void *data, int data_len);
+
+void *dns_get_rr_nested_start(struct dns_rrs *rrs, char *domain, int maxsize, int *qtype, int *ttl, int *rr_len);
+void *dns_get_rr_nested_next(struct dns_rrs *rrs, void *rr_nested, int rr_nested_len);
+
 /*
  * Question
  */
-int dns_add_domain(struct dns_packet *packet, char *domain, int qtype, int qclass);
+int dns_add_domain(struct dns_packet *packet, const char *domain, int qtype, int qclass);
 int dns_get_domain(struct dns_rrs *rrs, char *domain, int maxsize, int *qtype, int *qclass);
 
 /*
  * Answers
  */
-int dns_add_CNAME(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, char *cname);
+int dns_add_CNAME(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, const char *cname);
 int dns_get_CNAME(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *cname, int cname_size);
 
-int dns_add_A(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, unsigned char addr[DNS_RR_A_LEN]);
+int dns_add_A(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl,
+			  unsigned char addr[DNS_RR_A_LEN]);
 int dns_get_A(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, unsigned char addr[DNS_RR_A_LEN]);
 
-int dns_add_PTR(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, char *cname);
+int dns_add_PTR(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, const char *cname);
 int dns_get_PTR(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *cname, int cname_size);
 
-int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, unsigned char addr[DNS_RR_AAAA_LEN]);
+int dns_add_TXT(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, const char *text);
+int dns_get_TXT(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *text, int txt_size);
+
+int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl,
+				 unsigned char addr[DNS_RR_AAAA_LEN]);
 int dns_get_AAAA(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, unsigned char addr[DNS_RR_AAAA_LEN]);
 
-int dns_add_SOA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, struct dns_soa *soa);
+int dns_add_SOA(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, struct dns_soa *soa);
 int dns_get_SOA(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, struct dns_soa *soa);
 
-int dns_add_NS(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, char *cname);
+int dns_add_NS(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, const char *cname);
 int dns_get_NS(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *cname, int cname_size);
 
+int dns_set_OPT_option(struct dns_packet *packet, unsigned int option);
+unsigned int dns_get_OPT_option(struct dns_packet *packet);
+
 int dns_set_OPT_payload_size(struct dns_packet *packet, int payload_size);
 int dns_get_OPT_payload_size(struct dns_packet *packet);
 
 int dns_add_OPT_ECS(struct dns_packet *packet, struct dns_opt_ecs *ecs);
-int dns_get_OPT_ECS(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, struct dns_opt_ecs *ecs);
+int dns_get_OPT_ECS(struct dns_rrs *rrs, struct dns_opt_ecs *ecs);
+
+int dns_add_OPT_TCP_KEEPALIVE(struct dns_packet *packet, unsigned short timeout);
+int dns_get_OPT_TCP_KEEPALIVE(struct dns_rrs *rrs, unsigned short *timeout);
+
+int dns_add_SRV(struct dns_packet *packet, dns_rr_type type, const char *domain, int ttl, int priority, int weight,
+				int port, const char *target);
+int dns_get_SRV(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, unsigned short *priority,
+				unsigned short *weight, unsigned short *port, char *target, int target_size);
+
+/* the key must be added in orders, or dig will report FORMERR */
+int dns_add_HTTPS_start(struct dns_rr_nested *svcparam_buffer, struct dns_packet *packet, dns_rr_type type,
+						const char *domain, int ttl, int priority, const char *target);
+int dns_HTTPS_add_raw(struct dns_rr_nested *svcparam, unsigned short key, unsigned char *value, unsigned short len);
+/* key 1, alph */
+int dns_HTTPS_add_alpn(struct dns_rr_nested *svcparam, const char *alpn, int alpn_len);
+/* key 2, no default alph */
+int dns_HTTPS_add_no_default_alpn(struct dns_rr_nested *svcparam);
+/* key 3, port */
+int dns_HTTPS_add_port(struct dns_rr_nested *svcparam, unsigned short port);
+/* key 4, ipv4 */
+int dns_HTTPS_add_ipv4hint(struct dns_rr_nested *svcparam, unsigned char *addr[], int addr_num);
+/* key 5, ech */
+int dns_HTTPS_add_ech(struct dns_rr_nested *svcparam, void *ech, int ech_len);
+/* key 6, ipv6*/
+int dns_HTTPS_add_ipv6hint(struct dns_rr_nested *svcparam, unsigned char *addr[], int addr_num);
+int dns_add_HTTPS_end(struct dns_rr_nested *svcparam);
+
+int dns_get_HTTPS_svcparm_start(struct dns_rrs *rrs, struct dns_https_param **https_param, char *domain, int maxsize,
+								int *ttl, int *priority, char *target, int target_size);
+struct dns_https_param *dns_get_HTTPS_svcparm_next(struct dns_rrs *rrs, struct dns_https_param *param);
 
-int dns_add_OPT_TCP_KEEYALIVE(struct dns_packet *packet, unsigned short timeout);
-int dns_get_OPT_TCP_KEEYALIVE(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, unsigned short *timeout);
 /*
  * Packet operation
  */
@@ -221,4 +330,15 @@ int dns_encode(unsigned char *data, int size, struct dns_packet *packet);
 
 int dns_packet_init(struct dns_packet *packet, int size, struct dns_head *head);
 
+struct dns_update_param {
+	int id;
+	int ip_ttl;
+	int cname_ttl;
+};
+
+int dns_packet_update(unsigned char *data, int size, struct dns_update_param *param);
+
+#ifdef __cplusplus
+}
+#endif /*__cplusplus */
 #endif

src/dns_cache.h

@@ -1,87 +1,182 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef _SMARTDNS_CACHE_H
-#define _SMARTDNS_CACHE_H
-
-#include "atomic.h"
-#include "dns.h"
-#include "hash.h"
-#include "hashtable.h"
-#include "list.h"
-#include <stdlib.h>
-#include <time.h>
-
-#ifdef __cpluscplus
-extern "C" {
-#endif
-
-#define DNS_CACHE_TTL_MIN 30
-
-struct dns_cache {
-	struct hlist_node node;
-	struct list_head list;
-	struct list_head check_list;
-	atomic_t ref;
-	char domain[DNS_MAX_CNAME_LEN];
-	char cname[DNS_MAX_CNAME_LEN];
-	unsigned int cname_ttl;
-	unsigned int ttl;
-	int speed;
-	atomic_t hitnum;
-	int hitnum_update_add;
-	int del_pending;
-	time_t insert_time;
-	dns_type_t qtype;
-	union {
-		unsigned char ipv4_addr[DNS_RR_A_LEN];
-		unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
-		unsigned char addr[0];
-	};
-};
-
-int dns_cache_init(int size);
-
-int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed);
-
-int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed);
-
-struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype);
-
-void dns_cache_delete(struct dns_cache *dns_cache);
-
-void dns_cache_get(struct dns_cache *dns_cache);
-
-void dns_cache_release(struct dns_cache *dns_cache);
-
-int dns_cache_hitnum_dec_get(struct dns_cache *dns_cache);
-
-void dns_cache_update(struct dns_cache *dns_cache);
-
-typedef void dns_cache_preinvalid_callback(struct dns_cache *dns_cache);
-
-void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre);
-
-int dns_cache_get_ttl(struct dns_cache *dns_cache);
-
-void dns_cache_destroy(void);
-
-#ifdef __cpluscplus
-}
-#endif
-#endif // !_SMARTDNS_CACHE_H
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _SMARTDNS_CACHE_H
+#define _SMARTDNS_CACHE_H
+
+#include "atomic.h"
+#include "dns.h"
+#include "dns_conf.h"
+#include "hash.h"
+#include "hashtable.h"
+#include "list.h"
+#include "timer.h"
+#include <stdlib.h>
+#include <time.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define DNS_CACHE_TTL_MIN 1
+#define DNS_CACHE_VERSION_LEN 32
+#define DNS_CACHE_GROUP_NAME_LEN 32
+#define MAGIC_NUMBER 0x6548634163536e44
+#define MAGIC_CACHE_DATA 0x61546144
+#define MAGIC_RECORD 0x64526352
+
+struct dns_cache_data_head {
+	atomic_t ref;
+	ssize_t size;
+	uint32_t magic;
+};
+
+struct dns_cache_data {
+	struct dns_cache_data_head head;
+	unsigned char data[0];
+};
+
+struct dns_cache_addr {
+	struct dns_cache_data_head head;
+	struct dns_cache_addr_data {
+		unsigned int cname_ttl;
+		char soa;
+		char cname[DNS_MAX_CNAME_LEN];
+		union {
+			unsigned char ipv4_addr[DNS_RR_A_LEN];
+			unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
+			unsigned char addr[0];
+		};
+	} addr_data;
+};
+
+struct dns_cache_packet {
+	struct dns_cache_data_head head;
+	unsigned char data[0];
+};
+
+struct dns_cache_info {
+	char domain[DNS_MAX_CNAME_LEN];
+	dns_type_t qtype;
+	char dns_group_name[DNS_GROUP_NAME_LEN];
+	uint32_t query_flag;
+	int ttl;
+	int rcode;
+	int hitnum;
+	int speed;
+	int timeout;
+	int hitnum_update_add;
+	int is_visited;
+	time_t insert_time;
+	time_t replace_time;
+};
+
+struct dns_cache_record {
+	uint32_t magic;
+	struct dns_cache_info info;
+};
+
+struct dns_cache {
+	struct hlist_node node;
+	struct list_head list;
+	struct list_head check_list;
+
+	atomic_t ref;
+	int del_pending;
+
+	struct dns_cache_info info;
+	struct dns_cache_data *cache_data;
+
+	struct tw_timer_list timer;
+};
+
+struct dns_cache_file {
+	uint64_t magic;
+	char version[DNS_CACHE_VERSION_LEN];
+	uint32_t cache_number;
+};
+
+struct dns_cache_key {
+	const char *domain;
+	dns_type_t qtype;
+	const char *dns_group_name;
+	uint32_t query_flag;
+};
+
+uint32_t dns_cache_get_query_flag(struct dns_cache *dns_cache);
+
+const char *dns_cache_get_dns_group_name(struct dns_cache *dns_cache);
+
+struct dns_cache_data *dns_cache_new_data_packet(void *packet, size_t packet_len);
+
+typedef enum DNS_CACHE_TMOUT_ACTION {
+	DNS_CACHE_TMOUT_ACTION_OK = 0,
+	DNS_CACHE_TMOUT_ACTION_DEL = 1,
+	DNS_CACHE_TMOUT_ACTION_RETRY = 2,
+} dns_cache_tmout_action_t;
+
+typedef dns_cache_tmout_action_t (*dns_cache_callback)(struct dns_cache *dns_cache);
+
+int dns_cache_init(int size, dns_cache_callback timeout_callback);
+
+int dns_cache_replace(struct dns_cache_key *key, int rcode, int ttl, int speed, int timeout, int update_time,
+					  struct dns_cache_data *cache_data);
+
+int dns_cache_insert(struct dns_cache_key *key, int rcode, int ttl, int speed, int timeout,
+					 struct dns_cache_data *cache_data);
+
+struct dns_cache *dns_cache_lookup(struct dns_cache_key *key);
+
+int dns_cache_total_num(void);
+
+int dns_cache_update_timer(struct dns_cache_key *key, int timeout);
+
+void dns_cache_delete(struct dns_cache *dns_cache);
+
+void dns_cache_get(struct dns_cache *dns_cache);
+
+void dns_cache_release(struct dns_cache *dns_cache);
+
+int dns_cache_hitnum_dec_get(struct dns_cache *dns_cache);
+
+int dns_cache_is_visited(struct dns_cache *dns_cache);
+
+void dns_cache_update(struct dns_cache *dns_cache);
+
+int dns_cache_get_ttl(struct dns_cache *dns_cache);
+
+struct dns_cache_data *dns_cache_get_data(struct dns_cache *dns_cache);
+
+void dns_cache_data_get(struct dns_cache_data *cache_data);
+
+void dns_cache_data_put(struct dns_cache_data *cache_data);
+
+void dns_cache_destroy(void);
+
+int dns_cache_load(const char *file);
+
+int dns_cache_save(const char *file, int check_lock);
+
+int dns_cache_print(const char *file);
+
+const char *dns_cache_file_version(void);
+
+#ifdef __cplusplus
+}
+#endif
+#endif // !_SMARTDNS_CACHE_H

src/dns_client.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -21,18 +21,21 @@
 
 #include "dns.h"
 
-#ifdef __cpluscplus
+#ifdef __cplusplus
 extern "C" {
 #endif
 
 #define DNS_SERVER_SPKI_LEN 64
 #define DNS_SERVER_GROUP_DEFAULT "default"
+#define DNS_SERVER_GROUP_MDNS "mdns"
+#define DNS_SERVER_GROUP_LOCAL "local"
 
 typedef enum {
 	DNS_SERVER_UDP,
 	DNS_SERVER_TCP,
 	DNS_SERVER_TLS,
 	DNS_SERVER_HTTPS,
+	DNS_SERVER_MDNS,
 	DNS_SERVER_TYPE_END,
 } dns_server_type_t;
 
@@ -47,16 +50,42 @@ typedef enum dns_result_type {
 #define DNSSERVER_FLAG_CHECK_EDNS (0x1 << 2)
 #define DNSSERVER_FLAG_CHECK_TTL (0x1 << 3)
 
+#define DNS_QUEY_OPTION_ECS_DNS (1 << 0)
+#define DNS_QUEY_OPTION_ECS_IP (1 << 1)
+#define DNS_QUEY_OPTION_EDNS0_DO (1 << 2)
+
 int dns_client_init(void);
 
 int dns_client_set_ecs(char *ip, int subnet);
 
+struct dns_server_info;
 /* query result notify function */
-typedef int (*dns_client_callback)(char *domain, dns_result_type rtype, unsigned int result_flag, struct dns_packet *packet, unsigned char *inpacket,
-								   int inpacket_len, void *user_ptr);
+typedef int (*dns_client_callback)(const char *domain, dns_result_type rtype, struct dns_server_info *server_info,
+								   struct dns_packet *packet, unsigned char *inpacket, int inpacket_len,
+								   void *user_ptr);
+
+unsigned int dns_client_server_result_flag(struct dns_server_info *server_info);
+
+const char *dns_client_get_server_ip(struct dns_server_info *server_info);
+
+int dns_client_get_server_port(struct dns_server_info *server_info);
+
+dns_server_type_t dns_client_get_server_type(struct dns_server_info *server_info);
+
+struct dns_query_ecs_ip {
+	char ip[DNS_MAX_CNAME_LEN];
+	int subnet;
+};
+
+struct dns_query_options {
+	unsigned long long enable_flag;
+	struct dns_opt_ecs ecs_dns;
+	struct dns_query_ecs_ip ecs_ip;
+};
 
 /* query domain */
-int dns_client_query(char *domain, int qtype, dns_client_callback callback, void *user_ptr, const char *group_name);
+int dns_client_query(const char *domain, int qtype, dns_client_callback callback, void *user_ptr,
+					 const char *group_name, struct dns_query_options *options);
 
 void dns_client_exit(void);
 
@@ -64,11 +93,16 @@ struct client_dns_server_flag_udp {
 	int ttl;
 };
 
+struct client_dns_server_flag_mdns {
+	char ifname[DNS_MAX_CNAME_LEN];
+};
+
 struct client_dns_server_flag_tls {
 	char spki[DNS_SERVER_SPKI_LEN];
 	int spi_len;
 	char hostname[DNS_MAX_CNAME_LEN];
 	char tls_host_verify[DNS_MAX_CNAME_LEN];
+	char skip_check_cert;
 };
 
 struct client_dns_server_flag_https {
@@ -76,41 +110,60 @@ struct client_dns_server_flag_https {
 	int spi_len;
 	char hostname[DNS_MAX_CNAME_LEN];
 	char httphost[DNS_MAX_CNAME_LEN];
+	char proxyname[DNS_MAX_CNAME_LEN];
 	char path[DNS_MAX_CNAME_LEN];
 	char tls_host_verify[DNS_MAX_CNAME_LEN];
+	char skip_check_cert;
+};
+
+struct client_dns_server_flag_ecs {
+	int enable;
+	char ip[DNS_MAX_CNAME_LEN];
+	int subnet;
 };
 
 struct client_dns_server_flags {
 	dns_server_type_t type;
 	unsigned int server_flag;
 	unsigned int result_flag;
+	long long set_mark;
+	int drop_packet_latency_ms;
+	char proxyname[DNS_MAX_CNAME_LEN];
+	struct client_dns_server_flag_ecs ipv4_ecs;
+	struct client_dns_server_flag_ecs ipv6_ecs;
 
 	union {
 		struct client_dns_server_flag_udp udp;
 		struct client_dns_server_flag_tls tls;
 		struct client_dns_server_flag_https https;
+		struct client_dns_server_flag_mdns mdns;
 	};
 };
 
 int dns_client_spki_decode(const char *spki, unsigned char *spki_data_out);
 
 /* add remote dns server */
-int dns_client_add_server(char *server_ip, int port, dns_server_type_t server_type, struct client_dns_server_flags *flags);
+int dns_client_add_server(char *server_ip, int port, dns_server_type_t server_type,
+						  struct client_dns_server_flags *flags);
 
 /* remove remote dns server */
 int dns_client_remove_server(char *server_ip, int port, dns_server_type_t server_type);
 
-int dns_client_add_group(char *group_name);
+int dns_client_add_group(const char *group_name);
 
-int dns_client_add_to_group(char *group_name, char *server_ip, int port, dns_server_type_t server_type);
+int dns_client_add_to_group(const char *group_name, char *server_ip, int port, dns_server_type_t server_type,
+							struct client_dns_server_flags *flags);
 
-int dns_client_remove_from_group(char *group_name, char *server_ip, int port, dns_server_type_t server_type);
+int dns_client_remove_from_group(const char *group_name, char *server_ip, int port, dns_server_type_t server_type,
+								 struct client_dns_server_flags *flags);
 
-int dns_client_remove_group(char *group_name);
+int dns_client_remove_group(const char *group_name);
+
+int dns_server_alive_num(void);
 
 int dns_server_num(void);
 
-#ifdef __cpluscplus
+#ifdef __cplusplus
 }
 #endif
 #endif

src/dns_conf.h

@@ -1,247 +1,616 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef _DNS_CONF
-#define _DNS_CONF
-
-#include "art.h"
-#include "conf.h"
-#include "dns.h"
-#include "dns_client.h"
-#include "hash.h"
-#include "hashtable.h"
-#include "list.h"
-#include "radix.h"
-
-#ifdef __cpluscplus
-extern "C" {
-#endif
-
-#define DNS_MAX_BIND_IP 16
-#define DNS_MAX_SERVERS 64
-#define DNS_MAX_SERVER_NAME_LEN 128
-#define DNS_MAX_IPSET_NAMELEN 32
-#define DNS_GROUP_NAME_LEN 32
-#define DNS_NAX_GROUP_NUMBER 16
-#define DNS_MAX_IPLEN 64
-#define DNS_MAX_SPKI_LEN 64
-#define DNS_MAX_URL_LEN 256
-#define DNS_MAX_PATH 1024
-#define DEFAULT_DNS_PORT 53
-#define DEFAULT_DNS_TLS_PORT 853
-#define DEFAULT_DNS_HTTPS_PORT 443
-#define DNS_MAX_CONF_CNAME_LEN 256
-#define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf"
-#define SMARTDNS_LOG_FILE "/var/log/smartdns.log"
-#define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log"
-
-enum domain_rule {
-	DOMAIN_RULE_FLAGS = 0,
-	DOMAIN_RULE_ADDRESS_IPV4,
-	DOMAIN_RULE_ADDRESS_IPV6,
-	DOMAIN_RULE_IPSET,
-	DOMAIN_RULE_NAMESERVER,
-	DOMAIN_RULE_MAX,
-};
-
-typedef enum {
-	DNS_BIND_TYPE_UDP,
-	DNS_BIND_TYPE_TCP,
-	DNS_BIND_TYPE_TLS,
-} DNS_BIND_TYPE;
-
-#define DOMAIN_CHECK_NONE 0
-#define DOMAIN_CHECK_ICMP 1
-#define DOMAIN_CHECK_TCP 2
-#define DOMAIN_CHECK_NUM 2
-
-#define DOMAIN_FLAG_ADDR_SOA (1 << 0)
-#define DOMAIN_FLAG_ADDR_IPV4_SOA (1 << 1)
-#define DOMAIN_FLAG_ADDR_IPV6_SOA (1 << 2)
-#define DOMAIN_FLAG_ADDR_IGN (1 << 3)
-#define DOMAIN_FLAG_ADDR_IPV4_IGN (1 << 4)
-#define DOMAIN_FLAG_ADDR_IPV6_IGN (1 << 5)
-#define DOMAIN_FLAG_IPSET_IGNORE (1 << 6)
-#define DOMAIN_FLAG_NAMESERVER_IGNORE (1 << 7)
-
-#define SERVER_FLAG_EXCLUDE_DEFAULT (1 << 0)
-
-#define BIND_FLAG_NO_RULE_ADDR (1 << 0)
-#define BIND_FLAG_NO_RULE_NAMESERVER (1 << 1)
-#define BIND_FLAG_NO_RULE_IPSET (1 << 2)
-#define BIND_FLAG_NO_RULE_SNIPROXY (1 << 3)
-#define BIND_FLAG_NO_RULE_SOA (1 << 4)
-#define BIND_FLAG_NO_SPEED_CHECK (1 << 5)
-#define BIND_FLAG_NO_CACHE (1 << 6)
-#define BIND_FLAG_NO_DUALSTACK_SELECTION (1 << 7)
-
-struct dns_rule_flags {
-	unsigned int flags;
-};
-
-struct dns_address_IPV4 {
-	unsigned char ipv4_addr[DNS_RR_A_LEN];
-};
-
-struct dns_address_IPV6 {
-	unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
-};
-
-struct dns_ipset_name {
-	struct hlist_node node;
-	char ipsetname[DNS_MAX_IPSET_NAMELEN];
-};
-
-struct dns_ipset_rule {
-	const char *ipsetname;
-};
-
-struct dns_domain_rule {
-	void *rules[DOMAIN_RULE_MAX];
-};
-
-struct dns_nameserver_rule {
-	const char *group_name;
-};
-
-struct dns_server_groups {
-	struct hlist_node node;
-	char group_name[DNS_GROUP_NAME_LEN];
-	int server_num;
-	struct dns_servers *servers[DNS_MAX_SERVERS];
-};
-
-struct dns_domain_check_order {
-	char order[DOMAIN_CHECK_NUM];
-	unsigned short tcp_port;
-};
-
-struct dns_group_table {
-	DECLARE_HASHTABLE(group, 8);
-};
-extern struct dns_group_table dns_group_table;
-
-struct dns_servers {
-	char server[DNS_MAX_IPLEN];
-	unsigned short port;
-	unsigned int result_flag;
-	unsigned int server_flag;
-	int ttl;
-	dns_server_type_t type;
-	char spki[DNS_MAX_SPKI_LEN];
-	char hostname[DNS_MAX_CNAME_LEN];
-	char httphost[DNS_MAX_CNAME_LEN];
-	char tls_host_verify[DNS_MAX_CNAME_LEN];
-	char path[DNS_MAX_URL_LEN];
-};
-
-/* ip address lists of domain */
-struct dns_bogus_ip_address {
-	struct hlist_node node;
-	dns_type_t addr_type;
-	union {
-		unsigned char ipv4_addr[DNS_RR_A_LEN];
-		unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
-		unsigned char addr[0];
-	};
-};
-
-enum address_rule {
-	ADDRESS_RULE_BLACKLIST = 1,
-	ADDRESS_RULE_WHITELIST = 2,
-	ADDRESS_RULE_BOGUS = 3,
-	ADDRESS_RULE_IP_IGNORE = 4,
-};
-
-struct dns_ip_address_rule {
-	unsigned int blacklist : 1;
-	unsigned int whitelist : 1;
-	unsigned int bogus : 1;
-	unsigned int ip_ignore : 1;
-};
-
-struct dns_edns_client_subnet {
-	int enable;
-	char ip[DNS_MAX_IPLEN];
-	int subnet;
-};
-
-struct dns_conf_address_rule {
-	radix_tree_t *ipv4;
-	radix_tree_t *ipv6;
-};
-
-struct dns_bind_ip {
-	DNS_BIND_TYPE type;
-	uint32_t flags;
-	char ip[DNS_MAX_IPLEN];
-	const char *group;
-};
-
-extern struct dns_bind_ip dns_conf_bind_ip[DNS_MAX_BIND_IP];
-extern int dns_conf_bind_ip_num;
-
-extern int dns_conf_tcp_idle_time;
-extern int dns_conf_cachesize;
-extern int dns_conf_prefetch;
-extern struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
-extern int dns_conf_server_num;
-
-extern int dns_conf_log_level;
-extern char dns_conf_log_file[DNS_MAX_PATH];
-extern size_t dns_conf_log_size;
-extern int dns_conf_log_num;
-
-extern struct dns_domain_check_order dns_conf_check_order;
-
-extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];
-extern int dns_conf_server_group_num;
-
-extern int dns_conf_audit_enable;
-extern int dns_conf_audit_log_SOA;
-extern char dns_conf_audit_file[DNS_MAX_PATH];
-extern size_t dns_conf_audit_size;
-extern int dns_conf_audit_num;
-
-extern char dns_conf_server_name[DNS_MAX_SERVER_NAME_LEN];
-extern art_tree dns_conf_domain_rule;
-extern struct dns_conf_address_rule dns_conf_address_rule;
-
-extern int dns_conf_dualstack_ip_selection;
-extern int dns_conf_dualstack_ip_selection_threshold;
-
-extern int dns_conf_rr_ttl;
-extern int dns_conf_rr_ttl_min;
-extern int dns_conf_rr_ttl_max;
-extern int dns_conf_force_AAAA_SOA;
-extern int dns_conf_ipset_timeout_enable;
-
-extern struct dns_edns_client_subnet dns_conf_ipv4_ecs;
-extern struct dns_edns_client_subnet dns_conf_ipv6_ecs;
-
-extern char dns_conf_sni_proxy_ip[DNS_MAX_IPLEN];
-
-void dns_server_load_exit(void);
-
-int dns_server_load_conf(const char *file);
-
-extern int config_addtional_file(void *data, int argc, char *argv[]);
-#ifdef __cpluscplus
-}
-#endif
-#endif // !_DNS_CONF
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _DNS_CONF
+#define _DNS_CONF
+
+#include "art.h"
+#include "atomic.h"
+#include "conf.h"
+#include "dns.h"
+#include "dns_client.h"
+#include "hash.h"
+#include "hashtable.h"
+#include "list.h"
+#include "proxy.h"
+#include "radix.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define DNS_MAX_BIND_IP 16
+#define DNS_MAX_SERVERS 64
+#define DNS_MAX_SERVER_NAME_LEN 128
+#define DNS_MAX_PTR_LEN 128
+#define DNS_MAX_IPSET_NAMELEN 32
+#define DNS_MAX_NFTSET_FAMILYLEN 8
+#define DNS_MAX_NFTSET_NAMELEN 256
+#define DNS_GROUP_NAME_LEN 32
+
+#define PROXY_NAME_LEN 32
+#define PROXY_MAX_SERVERS 128
+
+#define DNS_NAX_GROUP_NUMBER 16
+#define DNS_MAX_IPLEN 64
+#define DNS_PROXY_MAX_LEN 128
+#define DNS_CONF_USERNAME_LEN 32
+#define DNS_MAX_SPKI_LEN 64
+#define DNS_MAX_URL_LEN 256
+#define DNS_MAX_PATH 1024
+#define DEFAULT_DNS_PORT 53
+#define DEFAULT_DNS_TLS_PORT 853
+#define DEFAULT_DNS_HTTPS_PORT 443
+#define DNS_MAX_CONF_CNAME_LEN 256
+#define MAX_QTYPE_NUM 65535
+#define DNS_MAX_REPLY_IP_NUM 8
+#define DNS_DEFAULT_CHECKPOINT_TIME (3600 * 24)
+
+#define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf"
+#define SMARTDNS_LOG_FILE "/var/log/smartdns/smartdns.log"
+#define SMARTDNS_AUDIT_FILE "/var/log/smartdns/smartdns-audit.log"
+#define SMARTDNS_CACHE_FILE "/var/cache/smartdns/smartdns.cache"
+#define SMARTDNS_TMP_CACHE_FILE "/tmp/smartdns.cache"
+#define SMARTDNS_DEBUG_DIR "/tmp/smartdns"
+#define DNS_RESOLV_FILE "/etc/resolv.conf"
+
+enum domain_rule {
+	DOMAIN_RULE_FLAGS = 0,
+	DOMAIN_RULE_ADDRESS_IPV4,
+	DOMAIN_RULE_ADDRESS_IPV6,
+	DOMAIN_RULE_IPSET,
+	DOMAIN_RULE_IPSET_IPV4,
+	DOMAIN_RULE_IPSET_IPV6,
+	DOMAIN_RULE_NFTSET_IP,
+	DOMAIN_RULE_NFTSET_IP6,
+	DOMAIN_RULE_NAMESERVER,
+	DOMAIN_RULE_CHECKSPEED,
+	DOMAIN_RULE_RESPONSE_MODE,
+	DOMAIN_RULE_CNAME,
+	DOMAIN_RULE_TTL,
+	DOMAIN_RULE_MAX,
+};
+
+enum ip_rule {
+	IP_RULE_FLAGS = 0,
+	IP_RULE_ALIAS = 1,
+	IP_RULE_MAX,
+};
+
+typedef enum {
+	DNS_BIND_TYPE_UDP,
+	DNS_BIND_TYPE_TCP,
+	DNS_BIND_TYPE_TLS,
+	DNS_BIND_TYPE_HTTPS,
+} DNS_BIND_TYPE;
+
+typedef enum {
+	DOMAIN_CHECK_NONE = 0,
+	DOMAIN_CHECK_ICMP = 1,
+	DOMAIN_CHECK_TCP = 2,
+	DOMAIN_CHECK_NUM = 3,
+} DOMAIN_CHECK_TYPE;
+
+#define DOMAIN_FLAG_ADDR_SOA (1 << 0)
+#define DOMAIN_FLAG_ADDR_IPV4_SOA (1 << 1)
+#define DOMAIN_FLAG_ADDR_IPV6_SOA (1 << 2)
+#define DOMAIN_FLAG_ADDR_IGN (1 << 3)
+#define DOMAIN_FLAG_ADDR_IPV4_IGN (1 << 4)
+#define DOMAIN_FLAG_ADDR_IPV6_IGN (1 << 5)
+#define DOMAIN_FLAG_IPSET_IGN (1 << 6)
+#define DOMAIN_FLAG_IPSET_IPV4_IGN (1 << 7)
+#define DOMAIN_FLAG_IPSET_IPV6_IGN (1 << 8)
+#define DOMAIN_FLAG_NAMESERVER_IGNORE (1 << 9)
+#define DOMAIN_FLAG_DUALSTACK_SELECT (1 << 10)
+#define DOMAIN_FLAG_SMARTDNS_DOMAIN (1 << 11)
+#define DOMAIN_FLAG_NFTSET_INET_IGN (1 << 12)
+#define DOMAIN_FLAG_NFTSET_IP_IGN (1 << 13)
+#define DOMAIN_FLAG_NFTSET_IP6_IGN (1 << 14)
+#define DOMAIN_FLAG_NO_SERVE_EXPIRED (1 << 15)
+#define DOMAIN_FLAG_CNAME_IGN (1 << 16)
+#define DOMAIN_FLAG_NO_CACHE (1 << 17)
+#define DOMAIN_FLAG_NO_IPALIAS (1 << 18)
+
+#define IP_RULE_FLAG_BLACKLIST (1 << 0)
+#define IP_RULE_FLAG_WHITELIST (1 << 1)
+#define IP_RULE_FLAG_BOGUS (1 << 2)
+#define IP_RULE_FLAG_IP_IGNORE (1 << 3)
+
+#define SERVER_FLAG_EXCLUDE_DEFAULT (1 << 0)
+#define SERVER_FLAG_HITCHHIKING (1 << 1)
+
+#define BIND_FLAG_NO_RULE_ADDR (1 << 0)
+#define BIND_FLAG_NO_RULE_NAMESERVER (1 << 1)
+#define BIND_FLAG_NO_RULE_IPSET (1 << 2)
+#define BIND_FLAG_NO_RULE_SNIPROXY (1 << 3)
+#define BIND_FLAG_NO_RULE_SOA (1 << 4)
+#define BIND_FLAG_NO_SPEED_CHECK (1 << 5)
+#define BIND_FLAG_NO_CACHE (1 << 6)
+#define BIND_FLAG_NO_DUALSTACK_SELECTION (1 << 7)
+#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
+#define BIND_FLAG_NO_RULE_CNAME (1 << 9)
+#define BIND_FLAG_NO_RULE_NFTSET (1 << 10)
+#define BIND_FLAG_NO_IP_ALIAS (1 << 11)
+
+enum response_mode_type {
+	DNS_RESPONSE_MODE_FIRST_PING_IP = 0,
+	DNS_RESPONSE_MODE_FASTEST_IP,
+	DNS_RESPONSE_MODE_FASTEST_RESPONSE,
+};
+
+struct dns_rule {
+	atomic_t refcnt;
+	enum domain_rule rule;
+};
+
+struct dns_rule_flags {
+	struct dns_rule head;
+	unsigned int flags;
+	unsigned int is_flag_set;
+};
+
+struct dns_rule_address_IPV4 {
+	struct dns_rule head;
+	char addr_num;
+	unsigned char ipv4_addr[][DNS_RR_A_LEN];
+};
+
+struct dns_rule_address_IPV6 {
+	struct dns_rule head;
+	char addr_num;
+	unsigned char ipv6_addr[][DNS_RR_AAAA_LEN];
+};
+
+struct dns_ipset_name {
+	struct hlist_node node;
+	char ipsetname[DNS_MAX_IPSET_NAMELEN];
+};
+
+struct dns_ipset_rule {
+	struct dns_rule head;
+	const char *ipsetname;
+};
+
+struct dns_ipset_names {
+	char ipv4_enable;
+	char ipv6_enable;
+	struct dns_ipset_rule ipv4;
+	struct dns_ipset_rule ipv6;
+};
+extern struct dns_ipset_names dns_conf_ipset_no_speed;
+
+struct dns_cname_rule {
+	struct dns_rule head;
+	char cname[DNS_MAX_CNAME_LEN];
+};
+
+struct dns_ttl_rule {
+	struct dns_rule head;
+	int ttl;
+	int ttl_max;
+	int ttl_min;
+};
+
+struct dns_nftset_name {
+	struct hlist_node node;
+	char nftfamilyname[DNS_MAX_NFTSET_FAMILYLEN];
+	char nfttablename[DNS_MAX_NFTSET_NAMELEN];
+	char nftsetname[DNS_MAX_NFTSET_NAMELEN];
+};
+
+struct dns_nftset_rule {
+	struct dns_rule head;
+	const char *familyname;
+	const char *nfttablename;
+	const char *nftsetname;
+};
+
+struct dns_nftset_names {
+	char inet_enable;
+	char ip_enable;
+	char ip6_enable;
+	struct dns_nftset_rule inet;
+	struct dns_nftset_rule ip;
+	struct dns_nftset_rule ip6;
+};
+extern struct dns_nftset_names dns_conf_nftset_no_speed;
+
+struct dns_domain_rule {
+	struct dns_rule head;
+	unsigned char sub_rule_only : 1;
+	unsigned char root_rule_only : 1;
+	struct dns_rule *rules[DOMAIN_RULE_MAX];
+};
+
+struct dns_nameserver_rule {
+	struct dns_rule head;
+	const char *group_name;
+};
+
+struct dns_server_groups {
+	struct hlist_node node;
+	char group_name[DNS_GROUP_NAME_LEN];
+	int server_num;
+	struct dns_servers *servers[DNS_MAX_SERVERS];
+};
+
+struct dns_domain_check_order {
+	DOMAIN_CHECK_TYPE type;
+	unsigned short tcp_port;
+};
+
+struct dns_domain_check_orders {
+	struct dns_rule head;
+	struct dns_domain_check_order orders[DOMAIN_CHECK_NUM];
+};
+
+struct dns_response_mode_rule {
+	struct dns_rule head;
+	enum response_mode_type mode;
+};
+
+struct dns_group_table {
+	DECLARE_HASHTABLE(group, 8);
+};
+extern struct dns_group_table dns_group_table;
+
+struct dns_ptr {
+	struct hlist_node node;
+	char ptr_domain[DNS_MAX_PTR_LEN];
+	char hostname[DNS_MAX_CNAME_LEN];
+	char is_dynamic;
+	char is_soa;
+};
+
+struct dns_ptr_table {
+	DECLARE_HASHTABLE(ptr, 16);
+};
+extern struct dns_ptr_table dns_ptr_table;
+
+typedef enum dns_hosts_type {
+	DNS_HOST_TYPE_HOST = 0,
+	DNS_HOST_TYPE_DNSMASQ = 1,
+} dns_hosts_type;
+
+struct dns_hosts {
+	struct hlist_node node;
+	char domain[DNS_MAX_CNAME_LEN];
+	dns_hosts_type host_type;
+	int dns_type;
+	char is_soa;
+	char is_dynamic;
+	union {
+		unsigned char ipv4_addr[DNS_RR_A_LEN];
+		unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
+	};
+};
+
+struct dns_hosts_table {
+	DECLARE_HASHTABLE(hosts, 16);
+};
+extern struct dns_hosts_table dns_hosts_table;
+extern int dns_hosts_record_num;
+
+struct dns_proxy_names {
+	struct hlist_node node;
+	char proxy_name[PROXY_NAME_LEN];
+	struct list_head server_list;
+};
+
+struct dns_proxy_table {
+	DECLARE_HASHTABLE(proxy, 4);
+};
+extern struct dns_proxy_table dns_proxy_table;
+
+struct dns_edns_client_subnet {
+	int enable;
+	char ip[DNS_MAX_IPLEN];
+	int subnet;
+};
+
+struct dns_servers {
+	char server[DNS_MAX_CNAME_LEN];
+	unsigned short port;
+	unsigned int result_flag;
+	unsigned int server_flag;
+	int ttl;
+	dns_server_type_t type;
+	long long set_mark;
+	unsigned int drop_packet_latency_ms;
+	char skip_check_cert;
+	char spki[DNS_MAX_SPKI_LEN];
+	char hostname[DNS_MAX_CNAME_LEN];
+	char httphost[DNS_MAX_CNAME_LEN];
+	char tls_host_verify[DNS_MAX_CNAME_LEN];
+	char path[DNS_MAX_URL_LEN];
+	char proxyname[PROXY_NAME_LEN];
+	struct dns_edns_client_subnet ipv4_ecs;
+	struct dns_edns_client_subnet ipv6_ecs;
+};
+
+struct dns_proxy_servers {
+	struct list_head list;
+	char server[DNS_MAX_IPLEN];
+	proxy_type_t type;
+	unsigned short port;
+	char username[DNS_PROXY_MAX_LEN];
+	char password[DNS_PROXY_MAX_LEN];
+	int use_domain;
+};
+
+/* ip address lists of domain */
+struct dns_bogus_ip_address {
+	struct hlist_node node;
+	dns_type_t addr_type;
+	union {
+		unsigned char ipv4_addr[DNS_RR_A_LEN];
+		unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
+		unsigned char addr[0];
+	};
+};
+
+struct dns_iplist_ip_address {
+	int addr_len;
+	union {
+		unsigned char ipv4_addr[DNS_RR_A_LEN];
+		unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
+		unsigned char addr[0];
+	};
+};
+
+struct dns_iplist_ip_addresses {
+	int ipaddr_num;
+	struct dns_iplist_ip_address *ipaddr;
+};
+
+struct dns_conf_address_rule {
+	radix_tree_t *ipv4;
+	radix_tree_t *ipv6;
+};
+
+struct nftset_ipset_rules {
+	struct dns_ipset_rule *ipset;
+	struct dns_ipset_rule *ipset_ip;
+	struct dns_ipset_rule *ipset_ip6;
+	struct dns_nftset_rule *nftset_ip;
+	struct dns_nftset_rule *nftset_ip6;
+};
+
+struct dns_bind_ip {
+	DNS_BIND_TYPE type;
+	uint32_t flags;
+	char ip[DNS_MAX_IPLEN];
+	const char *ssl_cert_file;
+	const char *ssl_cert_key_file;
+	const char *ssl_cert_key_pass;
+	const char *group;
+	struct nftset_ipset_rules nftset_ipset_rule;
+};
+
+extern uint8_t *dns_qtype_soa_table;
+
+struct dns_domain_set_rule {
+	struct list_head list;
+	enum domain_rule type;
+	void *rule;
+	unsigned int flags;
+	unsigned int is_clear_flag;
+};
+
+enum dns_domain_set_type {
+	DNS_DOMAIN_SET_LIST = 0,
+	DNS_DOMAIN_SET_GEOSITE = 1,
+};
+
+struct dns_domain_set_name {
+	struct list_head list;
+	enum dns_domain_set_type type;
+	char file[DNS_MAX_PATH];
+};
+
+struct dns_domain_set_name_list {
+	struct hlist_node node;
+	char name[DNS_MAX_CNAME_LEN];
+	struct list_head set_name_list;
+};
+struct dns_domain_set_name_table {
+	DECLARE_HASHTABLE(names, 4);
+};
+extern struct dns_domain_set_name_table dns_domain_set_name_table;
+
+struct dns_ip_rule {
+	atomic_t refcnt;
+	enum ip_rule rule;
+};
+
+enum dns_ip_set_type {
+	DNS_IP_SET_LIST = 0,
+};
+
+struct dns_ip_rules {
+	struct dns_ip_rule *rules[IP_RULE_MAX];
+};
+
+struct ip_rule_flags {
+	struct dns_ip_rule head;
+	unsigned int flags;
+	unsigned int is_flag_set;
+};
+
+struct ip_rule_alias {
+	struct dns_ip_rule head;
+	struct dns_iplist_ip_addresses ip_alias;
+};
+
+struct dns_ip_set_name {
+	struct list_head list;
+	enum dns_ip_set_type type;
+	char file[DNS_MAX_PATH];
+};
+
+struct dns_ip_set_name_list {
+	struct hlist_node node;
+	char name[DNS_MAX_CNAME_LEN];
+	struct list_head set_name_list;
+};
+struct dns_ip_set_name_table {
+	DECLARE_HASHTABLE(names, 4);
+};
+extern struct dns_ip_set_name_table dns_ip_set_name_table;
+
+struct dns_set_rule_add_callback_args {
+	int type;
+	void *rule;
+};
+
+struct dns_set_rule_flags_callback_args {
+	unsigned int flags;
+	int is_clear_flag;
+};
+
+struct dns_dns64 {
+	unsigned char prefix[DNS_RR_AAAA_LEN];
+	uint32_t prefix_len;
+};
+
+struct dns_srv_record {
+	struct list_head list;
+	char host[DNS_MAX_CNAME_LEN];
+	unsigned short priority;
+	unsigned short weight;
+	unsigned short port;
+};
+
+struct dns_srv_records {
+	char domain[DNS_MAX_CNAME_LEN];
+	struct hlist_node node;
+	struct list_head list;
+};
+
+struct dns_srv_record_table {
+	DECLARE_HASHTABLE(srv, 4);
+};
+extern struct dns_srv_record_table dns_conf_srv_record_table;
+
+extern struct dns_dns64 dns_conf_dns_dns64;
+
+extern struct dns_bind_ip dns_conf_bind_ip[DNS_MAX_BIND_IP];
+extern int dns_conf_bind_ip_num;
+
+extern char dns_conf_bind_ca_file[DNS_MAX_PATH];
+extern char dns_conf_bind_ca_key_file[DNS_MAX_PATH];
+extern char dns_conf_bind_ca_key_pass[DNS_MAX_PATH];
+extern char dns_conf_need_cert;
+
+extern int dns_conf_tcp_idle_time;
+extern ssize_t dns_conf_cachesize;
+extern int dns_conf_prefetch;
+extern int dns_conf_serve_expired;
+extern int dns_conf_serve_expired_ttl;
+extern int dns_conf_serve_expired_prefetch_time;
+extern int dns_conf_serve_expired_reply_ttl;
+extern struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
+extern int dns_conf_server_num;
+
+/* proxy servers */
+extern struct dns_proxy_servers dns_conf_proxy_servers[PROXY_MAX_SERVERS];
+extern int dns_conf_proxy_server_num;
+
+extern int dns_conf_log_level;
+extern char dns_conf_log_file[DNS_MAX_PATH];
+extern size_t dns_conf_log_size;
+extern int dns_conf_log_num;
+extern int dns_conf_log_file_mode;
+extern int dns_conf_log_console;
+
+extern char dns_conf_ca_file[DNS_MAX_PATH];
+extern char dns_conf_ca_path[DNS_MAX_PATH];
+
+extern char dns_conf_cache_file[DNS_MAX_PATH];
+extern int dns_conf_cache_persist;
+extern int dns_conf_cache_checkpoint_time;
+
+extern struct dns_domain_check_orders dns_conf_check_orders;
+
+extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];
+extern int dns_conf_server_group_num;
+
+extern int dns_conf_audit_enable;
+extern int dns_conf_audit_log_SOA;
+extern char dns_conf_audit_file[DNS_MAX_PATH];
+extern size_t dns_conf_audit_size;
+extern int dns_conf_audit_num;
+extern int dns_conf_audit_file_mode;
+extern int dns_conf_audit_console;
+
+extern char dns_conf_server_name[DNS_MAX_SERVER_NAME_LEN];
+extern art_tree dns_conf_domain_rule;
+extern struct dns_conf_address_rule dns_conf_address_rule;
+
+extern int dns_conf_dualstack_ip_selection;
+extern int dns_conf_dualstack_ip_allow_force_AAAA;
+extern int dns_conf_dualstack_ip_selection_threshold;
+
+extern int dns_conf_max_reply_ip_num;
+extern enum response_mode_type dns_conf_response_mode;
+
+extern int dns_conf_rr_ttl;
+extern int dns_conf_rr_ttl_reply_max;
+extern int dns_conf_rr_ttl_min;
+extern int dns_conf_rr_ttl_max;
+extern int dns_conf_force_AAAA_SOA;
+extern int dns_conf_ipset_timeout_enable;
+extern int dns_conf_nftset_timeout_enable;
+extern int dns_conf_nftset_debug_enable;
+extern int dns_conf_local_ttl;
+extern int dns_conf_mdns_lookup;
+
+extern int dns_conf_force_no_cname;
+
+extern char dns_conf_user[DNS_CONF_USERNAME_LEN];
+
+extern struct dns_edns_client_subnet dns_conf_ipv4_ecs;
+extern struct dns_edns_client_subnet dns_conf_ipv6_ecs;
+
+extern char dns_conf_sni_proxy_ip[DNS_MAX_IPLEN];
+
+extern int dns_save_fail_packet;
+extern char dns_save_fail_packet_dir[DNS_MAX_PATH];
+extern char dns_resolv_file[DNS_MAX_PATH];
+
+extern int dns_no_pidfile;
+extern int dns_no_daemon;
+
+void dns_server_load_exit(void);
+
+int dns_server_load_conf(const char *file);
+
+int dns_server_check_update_hosts(void);
+
+struct dns_proxy_names *dns_server_get_proxy_nams(const char *proxyname);
+
+struct dns_srv_records *dns_server_get_srv_record(const char *domain);
+
+extern int config_additional_file(void *data, int argc, char *argv[]);
+
+const char *dns_conf_get_cache_dir(void);
+
+#ifdef __cplusplus
+}
+#endif
+#endif // !_DNS_CONF

src/dns_server.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -20,11 +20,25 @@
 #define _SMART_DNS_SERVER_H
 
 #include "dns.h"
+#include "dns_client.h"
+#include <stdint.h>
 
-#ifdef __cpluscplus
+#ifdef __cplusplus
 extern "C" {
 #endif
 
+struct dns_server_query_option {
+	uint32_t server_flags;
+	const char *dns_group_name;
+	unsigned long ecs_enable_flag;
+	struct dns_opt_ecs ecs_dns;
+	struct dns_query_ecs_ip ecs_ip;
+};
+
+int dns_is_ipv6_ready(void);
+
+void dns_server_check_ipv6_ready(void);
+
 int dns_server_init(void);
 
 int dns_server_run(void);
@@ -35,13 +49,27 @@ void dns_server_stop(void);
 
 void dns_server_exit(void);
 
+#define MAX_IP_NUM 16
+
+struct dns_result {
+	const char *domain;
+	dns_rtcode_t rtcode;
+	dns_type_t addr_type;
+	const char *ip;
+	const unsigned char *ip_addr[MAX_IP_NUM];
+	int ip_num;
+	int has_soa;
+	unsigned int ping_time;
+};
+
 /* query result notify function */
-typedef int (*dns_result_callback)(char *domain, dns_rtcode_t rtcode, dns_type_t addr_type, char *ip, unsigned int ping_time, void *user_ptr);
+typedef int (*dns_result_callback)(const struct dns_result *result, void *user_ptr);
 
 /* query domain */
-int dns_server_query(char *domain, int qtype, dns_result_callback callback, void *user_ptr);
+int dns_server_query(const char *domain, int qtype, struct dns_server_query_option *server_query_option,
+					 dns_result_callback callback, void *user_ptr);
 
-#ifdef __cpluscplus
+#ifdef __cplusplus
 }
 #endif
 #endif

src/fast_ping.h

@@ -1,58 +1,65 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef FAST_PING_H
-#define FAST_PING_H
-
-#include <netdb.h>
-#include <sys/time.h>
-#ifdef __cpluscplus
-extern "C" {
-#endif
-
-typedef enum {
-	PING_TYPE_ICMP = 1,
-	PING_TYPE_TCP = 2,
-	PING_TYPE_DNS = 3,
-} PING_TYPE;
-
-typedef enum {
-	PING_RESULT_RESPONSE = 1,
-	PING_RESULT_TIMEOUT = 2,
-	PING_RESULT_END = 3,
-} FAST_PING_RESULT;
-
-struct ping_host_struct;
-typedef void (*fast_ping_result)(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result, struct sockaddr *addr, socklen_t addr_len,
-								 int seqno, int ttl, struct timeval *tv, void *userptr);
-
-/* start ping */
-struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout, fast_ping_result ping_callback, void *userptr);
-
-/* stop ping */
-int fast_ping_stop(struct ping_host_struct *ping_host);
-
-int fast_ping_init(void);
-
-void fast_ping_exit(void);
-
-#ifdef __cpluscplus
-}
-#endif
-
-#endif // !FAST_PING_H
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef FAST_PING_H
+#define FAST_PING_H
+
+#include <netdb.h>
+#include <sys/time.h>
+#ifdef __cplusplus
+extern "C" {
+#endif /*__cplusplus */
+
+typedef enum {
+	PING_TYPE_ICMP = 1,
+	PING_TYPE_TCP = 2,
+	PING_TYPE_DNS = 3,
+} PING_TYPE;
+
+typedef enum {
+	PING_RESULT_RESPONSE = 1,
+	PING_RESULT_TIMEOUT = 2,
+	PING_RESULT_ERROR = 3,
+	PING_RESULT_END = 4,
+} FAST_PING_RESULT;
+
+struct ping_host_struct;
+typedef void (*fast_ping_result)(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result,
+								 struct sockaddr *addr, socklen_t addr_len, int seqno, int ttl, struct timeval *tv,
+								 int error, void *userptr);
+
+/* start ping */
+struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout,
+										 fast_ping_result ping_callback, void *userptr);
+
+int fast_ping_fake_ip_add(PING_TYPE type, const char *host, int ttl, float time);
+
+int fast_ping_fake_ip_remove(PING_TYPE type, const char *host);
+
+/* stop ping */
+int fast_ping_stop(struct ping_host_struct *ping_host);
+
+int fast_ping_init(void);
+
+void fast_ping_exit(void);
+
+#ifdef __cplusplus
+}
+#endif /*__cplusplus */
+
+#endif // !FAST_PING_H

src/http_parse.c

@@ -1,463 +1,484 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "http_parse.h"
-#include "hash.h"
-#include "hashtable.h"
-#include "jhash.h"
-#include "list.h"
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-struct http_head_fields {
-	struct hlist_node node;
-	struct list_head list;
-
-	char *name;
-	char *value;
-};
-
-struct http_head {
-	HTTP_HEAD_TYPE head_type;
-	HTTP_METHOD method;
-	char *url;
-	char *version;
-	int code;
-	char *code_msg;
-	int buff_size;
-	int buff_len;
-	char *buff;
-	int head_ok;
-	int head_len;
-	char *data;
-	int data_len;
-	int expect_data_len;
-	struct http_head_fields field_head;
-	DECLARE_HASHTABLE(field_map, 4);
-};
-
-/*
- * Returns:
- *  >=0  - success http data len
- *  -1   - Incomplete request
- *  -2   - parse failed
- */
-struct http_head *http_head_init(int buffsize)
-{
-	struct http_head *http_head = NULL;
-	char *buffer = NULL;
-
-	http_head = malloc(sizeof(*http_head));
-	if (http_head == NULL) {
-		goto errout;
-	}
-	memset(http_head, 0, sizeof(*http_head));
-	INIT_LIST_HEAD(&http_head->field_head.list);
-	hash_init(http_head->field_map);
-
-	buffer = malloc(buffsize);
-	if (buffer == NULL) {
-		goto errout;
-	}
-
-	http_head->buff = buffer;
-	http_head->buff_size = buffsize;
-
-	return http_head;
-
-errout:
-	if (buffer) {
-		free(buffer);
-	}
-
-	if (http_head) {
-		free(http_head);
-	}
-
-	return NULL;
-}
-
-struct http_head_fields *http_head_first_fields(struct http_head *http_head)
-{
-	struct http_head_fields *first = NULL;
-	first = list_first_entry(&http_head->field_head.list, struct http_head_fields, list);
-
-	if (first->name == NULL && first->value == NULL) {
-		return NULL;
-	}
-
-	return first;
-}
-
-const char *http_head_get_fields_value(struct http_head *http_head, const char *name)
-{
-	unsigned long key;
-	struct http_head_fields *filed;
-
-	key = hash_string(name);
-	hash_for_each_possible(http_head->field_map, filed, node, key)
-	{
-		if (strncmp(filed->name, name, 128) == 0) {
-			return filed->value;
-		}
-	}
-
-	return NULL;
-}
-
-struct http_head_fields *http_head_next_fields(struct http_head_fields *fields)
-{
-	struct http_head_fields *next = NULL;
-	next = list_next_entry(fields, list);
-
-	if (next->name == NULL && next->value == NULL) {
-		return NULL;
-	}
-
-	return next;
-}
-
-int http_head_lookup_fields(struct http_head_fields *fields, const char **name, const char **value)
-{
-	if (fields == NULL) {
-		return -1;
-	}
-
-	if (name) {
-		*name = fields->name;
-	}
-
-	if (value) {
-		*value = fields->value;
-	}
-
-	return 0;
-}
-
-HTTP_METHOD http_head_get_method(struct http_head *http_head)
-{
-	return http_head->method;
-}
-
-const char *http_head_get_url(struct http_head *http_head)
-{
-	return http_head->url;
-}
-
-const char *http_head_get_httpversion(struct http_head *http_head)
-{
-	return http_head->version;
-}
-
-int http_head_get_httpcode(struct http_head *http_head)
-{
-	return http_head->code;
-}
-
-char *http_head_get_httpcode_msg(struct http_head *http_head)
-{
-	return http_head->code_msg;
-}
-
-HTTP_HEAD_TYPE http_head_get_head_type(struct http_head *http_head)
-{
-	return http_head->head_type;
-}
-
-char *http_head_get_data(struct http_head *http_head)
-{
-	return http_head->data;
-}
-
-int http_head_get_data_len(struct http_head *http_head)
-{
-	return http_head->data_len;
-}
-
-static int _http_head_add_fields(struct http_head *http_head, char *name, char *value)
-{
-	unsigned long key = 0;
-	struct http_head_fields *fields = NULL;
-	fields = malloc(sizeof(*fields));
-	if (fields == NULL) {
-		return -1;
-	}
-	memset(fields, 0, sizeof(*fields));
-
-	fields->name = name;
-	fields->value = value;
-
-	list_add_tail(&fields->list, &http_head->field_head.list);
-	key = hash_string(name);
-	hash_add(http_head->field_map, &fields->node, key);
-
-	return 0;
-}
-
-static int _http_head_parse_response(struct http_head *http_head, char *key, char *value)
-{
-	char *field_start = NULL;
-	char *tmp_ptr = NULL;
-	char *result = NULL;
-	char *ret_code = NULL;
-
-	if (strstr(key, "HTTP/") == NULL) {
-		return -1;
-	}
-
-	for (tmp_ptr = value; *tmp_ptr != 0; tmp_ptr++) {
-		if (field_start == NULL) {
-			field_start = tmp_ptr;
-		}
-
-		if (*tmp_ptr == ' ') {
-			*tmp_ptr = '\0';
-			if (ret_code == NULL) {
-				ret_code = field_start;
-			} else if (result == NULL) {
-				result = field_start;
-				break;
-			}
-
-			field_start = NULL;
-		}
-	}
-
-	if (field_start && result == NULL) {
-		result = field_start;
-	}
-
-	if (ret_code == NULL || result == NULL) {
-		return -1;
-	}
-
-	http_head->code = atol(ret_code);
-	http_head->code_msg = result;
-	http_head->version = key;
-	http_head->head_type = HTTP_HEAD_RESPONSE;
-
-	return 0;
-}
-
-static int _http_head_parse_request(struct http_head *http_head, char *key, char *value)
-{
-	int method = HTTP_METHOD_INVALID;
-	char *url = NULL;
-	char *version = NULL;
-	char *tmp_ptr = value;
-	char *field_start = NULL;
-
-	if (strncmp(key, "GET", sizeof("GET")) == 0) {
-		method = HTTP_METHOD_GET;
-	} else if (strncmp(key, "POST", sizeof("POST")) == 0) {
-		method = HTTP_METHOD_POST;
-	} else if (strncmp(key, "PUT", sizeof("PUT")) == 0) {
-		method = HTTP_METHOD_PUT;
-	} else if (strncmp(key, "DELETE", sizeof("DELETE")) == 0) {
-		method = HTTP_METHOD_DELETE;
-	} else if (strncmp(key, "TRACE", sizeof("TRACE")) == 0) {
-		method = HTTP_METHOD_TRACE;
-	} else if (strncmp(key, "CONNECT", sizeof("CONNECT")) == 0) {
-		method = HTTP_METHOD_CONNECT;
-	} else {
-		return _http_head_parse_response(http_head, key, value);
-	}
-
-	for (tmp_ptr = value; *tmp_ptr != 0; tmp_ptr++) {
-		if (field_start == NULL) {
-			field_start = tmp_ptr;
-		}
-		if (*tmp_ptr == ' ') {
-			*tmp_ptr = '\0';
-			if (url == NULL) {
-				url = field_start;
-			}
-
-			field_start = NULL;
-		}
-	}
-
-	if (field_start && version == NULL) {
-		version = field_start;
-	}
-
-	http_head->method = method;
-	http_head->url = url;
-	http_head->version = version;
-	http_head->head_type = HTTP_HEAD_REQUEST;
-
-	return 0;
-}
-
-static int _http_head_parse(struct http_head *http_head)
-{
-	int i = 0;
-	char *key = NULL;
-	char *value = NULL;
-	char *data;
-	int has_first_line = 0;
-
-	int inkey = 1;
-	int invalue = 0;
-
-	data = http_head->buff;
-	for (i = 0; i < http_head->head_len; i++, data++) {
-		if (inkey) {
-			if (key == NULL && *data != ' ' && *data != '\r' && *data != '\n') {
-				key = data;
-				continue;
-			}
-
-			if (*data == ':' || *data == ' ') {
-				*data = '\0';
-				inkey = 0;
-				invalue = 1;
-				continue;
-			}
-		}
-
-		if (invalue) {
-			if (value == NULL && *data != ' ') {
-				value = data;
-				continue;
-			}
-
-			if (*data == '\r' || *data == '\n') {
-				*data = '\0';
-				inkey = 1;
-				invalue = 0;
-			}
-		}
-
-		if (key && value && invalue == 0) {
-			if (has_first_line == 0) {
-				if (_http_head_parse_request(http_head, key, value) != 0) {
-					return -2;
-				}
-
-				has_first_line = 1;
-			} else {
-				if (_http_head_add_fields(http_head, key, value) != 0) {
-					return -2;
-				}
-			}
-
-			key = NULL;
-			value = NULL;
-			inkey = 1;
-			invalue = 0;
-		}
-	}
-
-	return 0;
-}
-
-int http_head_parse(struct http_head *http_head, const char *data, int data_len)
-{
-	int i = 0;
-	char *buff_end = NULL;
-	int left_size = 0;
-	int process_data_len = 0;
-
-	left_size = http_head->buff_size - http_head->buff_len;
-
-	if (left_size < data_len) {
-		return -3;
-	}
-
-	buff_end = http_head->buff + http_head->buff_len;
-	if (http_head->head_ok == 0) {
-		for (i = 0; i < data_len; i++, data++) {
-			*(buff_end + i) = *data;
-			if (*data == '\n') {
-				if (http_head->buff_len + i < 2) {
-					continue;
-				}
-
-				if (*(buff_end + i - 2) == '\n') {
-					http_head->head_ok = 1;
-					http_head->head_len = http_head->buff_len + i - 2;
-					i++;
-					buff_end += i;
-					data_len -= i;
-					data++;
-					if (_http_head_parse(http_head) != 0) {
-						return -2;
-					}
-
-					const char *content_len = NULL;
-					content_len = http_head_get_fields_value(http_head, "Content-Length");
-					if (content_len) {
-						http_head->expect_data_len = atol(content_len);
-					} else {
-						http_head->expect_data_len = 0;
-					}
-
-					if (http_head->expect_data_len < 0) {
-						return -2;
-					}
-
-					break;
-				}
-			}
-		}
-
-		process_data_len += i;
-		if (http_head->head_ok == 0) {
-			// Read data again */
-			http_head->buff_len += process_data_len;
-			return -1;
-		}
-	}
-
-	if (http_head->head_ok == 1) {
-		int get_data_len = (http_head->expect_data_len > data_len) ? data_len : http_head->expect_data_len;
-		if (http_head->data == NULL) {
-			http_head->data = buff_end;
-		}
-
-		memcpy(buff_end, data, get_data_len);
-		process_data_len += get_data_len;
-		http_head->data_len += get_data_len;
-	}
-
-	http_head->buff_len += process_data_len;
-	if (http_head->data_len < http_head->expect_data_len) {
-		return -1;
-	}
-
-	return process_data_len;
-}
-
-void http_head_destroy(struct http_head *http_head)
-{
-	struct http_head_fields *fields, *tmp;
-
-	list_for_each_entry_safe(fields, tmp, &http_head->field_head.list, list)
-	{
-		list_del(&fields->list);
-		free(fields);
-	}
-
-	if (http_head->buff) {
-		free(http_head->buff);
-	}
-
-	free(http_head);
-}
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "http_parse.h"
+#include "hash.h"
+#include "hashtable.h"
+#include "jhash.h"
+#include "list.h"
+#include "util.h"
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+struct http_head_fields {
+	struct hlist_node node;
+	struct list_head list;
+
+	char *name;
+	char *value;
+};
+
+struct http_head {
+	HTTP_HEAD_TYPE head_type;
+	HTTP_METHOD method;
+	char *url;
+	char *version;
+	int code;
+	char *code_msg;
+	int buff_size;
+	int buff_len;
+	char *buff;
+	int head_ok;
+	int head_len;
+	char *data;
+	int data_len;
+	int expect_data_len;
+	struct http_head_fields field_head;
+	DECLARE_HASHTABLE(field_map, 4);
+};
+
+/*
+ * Returns:
+ *  >=0  - success http data len
+ *  -1   - Incomplete request
+ *  -2   - parse failed
+ */
+struct http_head *http_head_init(int buffsize)
+{
+	struct http_head *http_head = NULL;
+	char *buffer = NULL;
+
+	http_head = malloc(sizeof(*http_head));
+	if (http_head == NULL) {
+		goto errout;
+	}
+	memset(http_head, 0, sizeof(*http_head));
+	INIT_LIST_HEAD(&http_head->field_head.list);
+	hash_init(http_head->field_map);
+
+	buffer = malloc(buffsize);
+	if (buffer == NULL) {
+		goto errout;
+	}
+
+	http_head->buff = buffer;
+	http_head->buff_size = buffsize;
+
+	return http_head;
+
+errout:
+	if (buffer) {
+		free(buffer);
+	}
+
+	if (http_head) {
+		free(http_head);
+	}
+
+	return NULL;
+}
+
+struct http_head_fields *http_head_first_fields(struct http_head *http_head)
+{
+	struct http_head_fields *first = NULL;
+	first = list_first_entry(&http_head->field_head.list, struct http_head_fields, list);
+
+	if (first->name == NULL && first->value == NULL) {
+		return NULL;
+	}
+
+	return first;
+}
+
+const char *http_head_get_fields_value(struct http_head *http_head, const char *name)
+{
+	uint32_t key;
+	struct http_head_fields *filed;
+
+	key = hash_string_case(name);
+	hash_for_each_possible(http_head->field_map, filed, node, key)
+	{
+		if (strncasecmp(filed->name, name, 128) == 0) {
+			return filed->value;
+		}
+	}
+
+	return NULL;
+}
+
+struct http_head_fields *http_head_next_fields(struct http_head_fields *fields)
+{
+	struct http_head_fields *next = NULL;
+	next = list_next_entry(fields, list);
+
+	if (next->name == NULL && next->value == NULL) {
+		return NULL;
+	}
+
+	return next;
+}
+
+const char *http_head_fields_get_name(struct http_head_fields *fields)
+{
+	if (fields == NULL) {
+		return NULL;
+	}
+
+	return fields->name;
+}
+
+const char *http_head_fields_get_value(struct http_head_fields *fields)
+{
+	if (fields == NULL) {
+		return NULL;
+	}
+
+	return fields->value;
+}
+
+int http_head_lookup_fields(struct http_head_fields *fields, const char **name, const char **value)
+{
+	if (fields == NULL) {
+		return -1;
+	}
+
+	if (name) {
+		*name = fields->name;
+	}
+
+	if (value) {
+		*value = fields->value;
+	}
+
+	return 0;
+}
+
+HTTP_METHOD http_head_get_method(struct http_head *http_head)
+{
+	return http_head->method;
+}
+
+const char *http_head_get_url(struct http_head *http_head)
+{
+	return http_head->url;
+}
+
+const char *http_head_get_httpversion(struct http_head *http_head)
+{
+	return http_head->version;
+}
+
+int http_head_get_httpcode(struct http_head *http_head)
+{
+	return http_head->code;
+}
+
+char *http_head_get_httpcode_msg(struct http_head *http_head)
+{
+	return http_head->code_msg;
+}
+
+HTTP_HEAD_TYPE http_head_get_head_type(struct http_head *http_head)
+{
+	return http_head->head_type;
+}
+
+char *http_head_get_data(struct http_head *http_head)
+{
+	return http_head->data;
+}
+
+int http_head_get_data_len(struct http_head *http_head)
+{
+	return http_head->data_len;
+}
+
+static int _http_head_add_fields(struct http_head *http_head, char *name, char *value)
+{
+	uint32_t key = 0;
+	struct http_head_fields *fields = NULL;
+	fields = malloc(sizeof(*fields));
+	if (fields == NULL) {
+		return -1;
+	}
+	memset(fields, 0, sizeof(*fields));
+
+	fields->name = name;
+	fields->value = value;
+
+	list_add_tail(&fields->list, &http_head->field_head.list);
+	key = hash_string_case(name);
+	hash_add(http_head->field_map, &fields->node, key);
+
+	return 0;
+}
+
+static int _http_head_parse_response(struct http_head *http_head, char *key, char *value)
+{
+	char *field_start = NULL;
+	char *tmp_ptr = NULL;
+	char *ret_msg = NULL;
+	char *ret_code = NULL;
+
+	if (strstr(key, "HTTP/") == NULL) {
+		return -1;
+	}
+
+	for (tmp_ptr = value; *tmp_ptr != 0; tmp_ptr++) {
+		if (field_start == NULL) {
+			field_start = tmp_ptr;
+		}
+
+		if (*tmp_ptr != ' ') {
+			continue;
+		}
+
+		*tmp_ptr = '\0';
+		ret_code = field_start;
+		ret_msg = tmp_ptr + 1;
+		field_start = NULL;
+		break;
+	}
+
+	if (ret_code == NULL || ret_msg == NULL) {
+		return -1;
+	}
+
+	if (is_numeric(ret_code) != 0) {
+		return -1;
+	}
+
+	http_head->code = atol(ret_code);
+	http_head->code_msg = ret_msg;
+	http_head->version = key;
+	http_head->head_type = HTTP_HEAD_RESPONSE;
+
+	return 0;
+}
+
+static int _http_head_parse_request(struct http_head *http_head, char *key, char *value)
+{
+	int method = HTTP_METHOD_INVALID;
+	char *url = NULL;
+	char *version = NULL;
+	char *tmp_ptr = value;
+	char *field_start = NULL;
+
+	if (strncmp(key, "GET", sizeof("GET")) == 0) {
+		method = HTTP_METHOD_GET;
+	} else if (strncmp(key, "POST", sizeof("POST")) == 0) {
+		method = HTTP_METHOD_POST;
+	} else if (strncmp(key, "PUT", sizeof("PUT")) == 0) {
+		method = HTTP_METHOD_PUT;
+	} else if (strncmp(key, "DELETE", sizeof("DELETE")) == 0) {
+		method = HTTP_METHOD_DELETE;
+	} else if (strncmp(key, "TRACE", sizeof("TRACE")) == 0) {
+		method = HTTP_METHOD_TRACE;
+	} else if (strncmp(key, "CONNECT", sizeof("CONNECT")) == 0) {
+		method = HTTP_METHOD_CONNECT;
+	} else {
+		return _http_head_parse_response(http_head, key, value);
+	}
+
+	for (tmp_ptr = value; *tmp_ptr != 0; tmp_ptr++) {
+		if (field_start == NULL) {
+			field_start = tmp_ptr;
+		}
+		if (*tmp_ptr == ' ') {
+			*tmp_ptr = '\0';
+			if (url == NULL) {
+				url = field_start;
+			}
+
+			field_start = NULL;
+		}
+	}
+
+	if (field_start && version == NULL) {
+		version = field_start;
+	}
+
+	http_head->method = method;
+	http_head->url = url;
+	http_head->version = version;
+	http_head->head_type = HTTP_HEAD_REQUEST;
+
+	return 0;
+}
+
+static int _http_head_parse(struct http_head *http_head)
+{
+	int i = 0;
+	char *key = NULL;
+	char *value = NULL;
+	char *data;
+	int has_first_line = 0;
+
+	int inkey = 1;
+	int invalue = 0;
+
+	data = http_head->buff;
+	for (i = 0; i < http_head->head_len; i++, data++) {
+		if (inkey) {
+			if (key == NULL && *data != ' ' && *data != '\r' && *data != '\n') {
+				key = data;
+				continue;
+			}
+
+			if (*data == ':' || *data == ' ') {
+				*data = '\0';
+				inkey = 0;
+				invalue = 1;
+				continue;
+			}
+		}
+
+		if (invalue) {
+			if (value == NULL && *data != ' ') {
+				value = data;
+				continue;
+			}
+
+			if (*data == '\r' || *data == '\n') {
+				*data = '\0';
+				inkey = 1;
+				invalue = 0;
+			}
+		}
+
+		if (key && value && invalue == 0) {
+			if (has_first_line == 0) {
+				if (_http_head_parse_request(http_head, key, value) != 0) {
+					return -2;
+				}
+
+				has_first_line = 1;
+			} else {
+				if (_http_head_add_fields(http_head, key, value) != 0) {
+					return -2;
+				}
+			}
+
+			key = NULL;
+			value = NULL;
+			inkey = 1;
+			invalue = 0;
+		}
+	}
+
+	return 0;
+}
+
+int http_head_parse(struct http_head *http_head, const char *data, int data_len)
+{
+	int i = 0;
+	char *buff_end = NULL;
+	int left_size = 0;
+	int process_data_len = 0;
+
+	left_size = http_head->buff_size - http_head->buff_len;
+
+	if (left_size < data_len) {
+		return -3;
+	}
+
+	buff_end = http_head->buff + http_head->buff_len;
+	if (http_head->head_ok == 0) {
+		for (i = 0; i < data_len; i++, data++) {
+			*(buff_end + i) = *data;
+			if (isprint(*data) == 0 && isspace(*data) == 0) {
+				return -2;
+			}
+
+			if (*data == '\n') {
+				if (http_head->buff_len + i < 2) {
+					continue;
+				}
+
+				if (*(buff_end + i - 2) == '\n') {
+					http_head->head_ok = 1;
+					http_head->head_len = http_head->buff_len + i - 2;
+					i++;
+					buff_end += i;
+					data_len -= i;
+					data++;
+					if (_http_head_parse(http_head) != 0) {
+						return -2;
+					}
+
+					const char *content_len = NULL;
+					content_len = http_head_get_fields_value(http_head, "Content-Length");
+					if (content_len) {
+						http_head->expect_data_len = atol(content_len);
+					} else {
+						http_head->expect_data_len = 0;
+					}
+
+					if (http_head->expect_data_len < 0) {
+						return -2;
+					}
+
+					break;
+				}
+			}
+		}
+
+		process_data_len += i;
+		if (http_head->head_ok == 0) {
+			// Read data again */
+			http_head->buff_len += process_data_len;
+			return -1;
+		}
+	}
+
+	if (http_head->head_ok == 1) {
+		int get_data_len = (http_head->expect_data_len > data_len) ? data_len : http_head->expect_data_len;
+		if (http_head->data == NULL) {
+			http_head->data = buff_end;
+		}
+
+		memcpy(buff_end, data, get_data_len);
+		process_data_len += get_data_len;
+		http_head->data_len += get_data_len;
+	}
+
+	http_head->buff_len += process_data_len;
+	if (http_head->data_len < http_head->expect_data_len) {
+		return -1;
+	}
+
+	return process_data_len;
+}
+
+void http_head_destroy(struct http_head *http_head)
+{
+	struct http_head_fields *fields, *tmp;
+
+	list_for_each_entry_safe(fields, tmp, &http_head->field_head.list, list)
+	{
+		list_del(&fields->list);
+		free(fields);
+	}
+
+	if (http_head->buff) {
+		free(http_head->buff);
+	}
+
+	free(http_head);
+}

src/http_parse.h

@@ -1,87 +1,91 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef HTTP_PARSER_H
-#define HTTP_PARSER_H
-
-#ifdef __cpluscplus
-extern "C" {
-#endif
-
-struct http_head;
-struct http_head_fields;
-
-typedef enum HTTP_METHOD {
-	HTTP_METHOD_INVALID = 0,
-	HTTP_METHOD_GET,
-	HTTP_METHOD_HEAD,
-	HTTP_METHOD_POST,
-	HTTP_METHOD_PUT,
-	HTTP_METHOD_DELETE,
-	HTTP_METHOD_TRACE,
-	HTTP_METHOD_CONNECT,
-} HTTP_METHOD;
-
-typedef enum HTTP_HEAD_TYPE {
-	HTTP_HEAD_INVALID = 0,
-	HTTP_HEAD_REQUEST = 1,
-	HTTP_HEAD_RESPONSE = 2,
-} HTTP_HEAD_TYPE;
-
-struct http_head *http_head_init(int buffsize);
-
-HTTP_HEAD_TYPE http_head_get_head_type(struct http_head *http_head);
-
-HTTP_METHOD http_head_get_method(struct http_head *http_head);
-
-const char *http_head_get_url(struct http_head *http_head);
-
-const char *http_head_get_httpversion(struct http_head *http_head);
-
-int http_head_get_httpcode(struct http_head *http_head);
-
-char *http_head_get_httpcode_msg(struct http_head *http_head);
-
-char *http_head_get_data(struct http_head *http_head);
-
-int http_head_get_data_len(struct http_head *http_head);
-
-struct http_head_fields *http_head_first_fields(struct http_head *http_head);
-
-struct http_head_fields *http_head_next_fields(struct http_head_fields *fields);
-
-const char *http_head_get_fields_value(struct http_head *http_head, const char *name);
-
-int http_head_lookup_fields(struct http_head_fields *fields, const char **name, const char **value);
-
-/*
- * Returns:
- *  >=0  - success http data len
- *  -1   - Incomplete request
- *  -2   - parse failed
- *  -3   - buffer is small
- */
-int http_head_parse(struct http_head *http_head, const char *data, int data_len);
-
-void http_head_destroy(struct http_head *http_head);
-
-#ifdef __cpluscplus
-}
-#endif
-
-#endif // !HTTP_PARSER_H
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef HTTP_PARSER_H
+#define HTTP_PARSER_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct http_head;
+struct http_head_fields;
+
+typedef enum HTTP_METHOD {
+	HTTP_METHOD_INVALID = 0,
+	HTTP_METHOD_GET,
+	HTTP_METHOD_HEAD,
+	HTTP_METHOD_POST,
+	HTTP_METHOD_PUT,
+	HTTP_METHOD_DELETE,
+	HTTP_METHOD_TRACE,
+	HTTP_METHOD_CONNECT,
+} HTTP_METHOD;
+
+typedef enum HTTP_HEAD_TYPE {
+	HTTP_HEAD_INVALID = 0,
+	HTTP_HEAD_REQUEST = 1,
+	HTTP_HEAD_RESPONSE = 2,
+} HTTP_HEAD_TYPE;
+
+struct http_head *http_head_init(int buffsize);
+
+HTTP_HEAD_TYPE http_head_get_head_type(struct http_head *http_head);
+
+HTTP_METHOD http_head_get_method(struct http_head *http_head);
+
+const char *http_head_get_url(struct http_head *http_head);
+
+const char *http_head_get_httpversion(struct http_head *http_head);
+
+int http_head_get_httpcode(struct http_head *http_head);
+
+char *http_head_get_httpcode_msg(struct http_head *http_head);
+
+char *http_head_get_data(struct http_head *http_head);
+
+int http_head_get_data_len(struct http_head *http_head);
+
+struct http_head_fields *http_head_first_fields(struct http_head *http_head);
+
+struct http_head_fields *http_head_next_fields(struct http_head_fields *fields);
+
+const char *http_head_get_fields_value(struct http_head *http_head, const char *name);
+
+const char *http_head_fields_get_name(struct http_head_fields *fields);
+
+const char *http_head_fields_get_value(struct http_head_fields *fields);
+
+int http_head_lookup_fields(struct http_head_fields *fields, const char **name, const char **value);
+
+/*
+ * Returns:
+ *  >=0  - success http data len
+ *  -1   - Incomplete request
+ *  -2   - parse failed
+ *  -3   - buffer is small
+ */
+int http_head_parse(struct http_head *http_head, const char *data, int data_len);
+
+void http_head_destroy(struct http_head *http_head);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // !HTTP_PARSER_H

src/include/art.h

@@ -1,251 +1,252 @@
-/*
-Copyright (c) 2012, Armon Dadgar
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-    * Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-    * Neither the name of the organization nor the
-      names of its contributors may be used to endorse or promote products
-      derived from this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL ARMON DADGAR BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-#include <stdint.h>
-#ifndef ART_H
-#define ART_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define NODE4   1
-#define NODE16  2
-#define NODE48  3
-#define NODE256 4
-
-#define MAX_PREFIX_LEN 10
-
-#if defined(__GNUC__) && !defined(__clang__)
-# if __STDC_VERSION__ >= 199901L && 402 == (__GNUC__ * 100 + __GNUC_MINOR__)
-/*
- * GCC 4.2.2's C99 inline keyword support is pretty broken; avoid. Introduced in
- * GCC 4.2.something, fixed in 4.3.0. So checking for specific major.minor of
- * 4.2 is fine.
- */
-#  define BROKEN_GCC_C99_INLINE
-# endif
-#endif
-
-typedef int(*art_callback)(void *data, const unsigned char *key, uint32_t key_len, void *value);
-
-/**
- * This struct is included as part
- * of all the various node sizes
- */
-typedef struct {
-    uint8_t type;
-    uint8_t num_children;
-    uint32_t partial_len;
-    unsigned char partial[MAX_PREFIX_LEN];
-} art_node;
-
-/**
- * Small node with only 4 children
- */
-typedef struct {
-    art_node n;
-    unsigned char keys[4];
-    art_node *children[4];
-} art_node4;
-
-/**
- * Node with 16 children
- */
-typedef struct {
-    art_node n;
-    unsigned char keys[16];
-    art_node *children[16];
-} art_node16;
-
-/**
- * Node with 48 children, but
- * a full 256 byte field.
- */
-typedef struct {
-    art_node n;
-    unsigned char keys[256];
-    art_node *children[48];
-} art_node48;
-
-/**
- * Full node with 256 children
- */
-typedef struct {
-    art_node n;
-    art_node *children[256];
-} art_node256;
-
-/**
- * Represents a leaf. These are
- * of arbitrary size, as they include the key.
- */
-typedef struct {
-    void *value;
-    uint32_t key_len;
-    unsigned char key[0];
-} art_leaf;
-
-/**
- * Main struct, points to root.
- */
-typedef struct {
-    art_node *root;
-    uint64_t size;
-} art_tree;
-
-/**
- * Initializes an ART tree
- * @return 0 on success.
- */
-int art_tree_init(art_tree *t);
-
-/**
- * DEPRECATED
- * Initializes an ART tree
- * @return 0 on success.
- */
-#define init_art_tree(...) art_tree_init(__VA_ARGS__)
-
-/**
- * Destroys an ART tree
- * @return 0 on success.
- */
-int art_tree_destroy(art_tree *t);
-
-/**
- * DEPRECATED
- * Initializes an ART tree
- * @return 0 on success.
- */
-#define destroy_art_tree(...) art_tree_destroy(__VA_ARGS__)
-
-/**
- * Returns the size of the ART tree.
- */
-#ifdef BROKEN_GCC_C99_INLINE
-# define art_size(t) ((t)->size)
-#else
-static inline uint64_t art_size(art_tree *t) {
-    return t->size;
-}
-#endif
-
-/**
- * Inserts a new value into the ART tree
- * @arg t The tree
- * @arg key The key
- * @arg key_len The length of the key
- * @arg value Opaque value.
- * @return NULL if the item was newly inserted, otherwise
- * the old value pointer is returned.
- */
-void* art_insert(art_tree *t, const unsigned char *key, int key_len, void *value);
-
-/**
- * Deletes a value from the ART tree
- * @arg t The tree
- * @arg key The key
- * @arg key_len The length of the key
- * @return NULL if the item was not found, otherwise
- * the value pointer is returned.
- */
-void* art_delete(art_tree *t, const unsigned char *key, int key_len);
-
-/**
- * Searches for a value in the ART tree
- * @arg t The tree
- * @arg key The key
- * @arg key_len The length of the key
- * @return NULL if the item was not found, otherwise
- * the value pointer is returned.
- */
-void* art_search(const art_tree *t, const unsigned char *key, int key_len);
-
-/**
- * Searches substring for a value in the ART tree
- * @arg t The tree
- * @arg str The key
- * @arg str_len The length of the key
- * @return NULL if the item was not found, otherwise
- * the value pointer is returned.
- */
-void *art_substring(const art_tree *t, const unsigned char *str, int str_len, unsigned char *key, int *key_len);
-
-/**
- * Wakk substring for a value in the ART tree
- * @arg t The tree
- * @arg str The key
- * @arg str_len The length of the key
- * @return NULL if the item was not found, otherwise
- * the value pointer is returned.
- */
-typedef int (*walk_func)(unsigned char *key, uint32_t key_len, void *value, void *arg);
-void art_substring_walk(const art_tree *t, const unsigned char *str, int str_len, walk_func func, void *arg);
-
-/**
- * Returns the minimum valued leaf
- * @return The minimum leaf or NULL
- */
-art_leaf* art_minimum(art_tree *t);
-
-/**
- * Returns the maximum valued leaf
- * @return The maximum leaf or NULL
- */
-art_leaf* art_maximum(art_tree *t);
-
-/**
- * Iterates through the entries pairs in the map,
- * invoking a callback for each. The call back gets a
- * key, value for each and returns an integer stop value.
- * If the callback returns non-zero, then the iteration stops.
- * @arg t The tree to iterate over
- * @arg cb The callback function to invoke
- * @arg data Opaque handle passed to the callback
- * @return 0 on success, or the return of the callback.
- */
-int art_iter(art_tree *t, art_callback cb, void *data);
-
-/**
- * Iterates through the entries pairs in the map,
- * invoking a callback for each that matches a given prefix.
- * The call back gets a key, value for each and returns an integer stop value.
- * If the callback returns non-zero, then the iteration stops.
- * @arg t The tree to iterate over
- * @arg prefix The prefix of keys to read
- * @arg prefix_len The length of the prefix
- * @arg cb The callback function to invoke
- * @arg data Opaque handle passed to the callback
- * @return 0 on success, or the return of the callback.
- */
-int art_iter_prefix(art_tree *t, const unsigned char *prefix, int prefix_len, art_callback cb, void *data);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+/*
+Copyright (c) 2012, Armon Dadgar
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the organization nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL ARMON DADGAR BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+#include <stdint.h>
+#ifndef ART_H
+#define ART_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define NODE4   1
+#define NODE16  2
+#define NODE48  3
+#define NODE256 4
+
+#define MAX_PREFIX_LEN 10
+
+#if defined(__GNUC__) && !defined(__clang__)
+# if __STDC_VERSION__ >= 199901L && 402 == (__GNUC__ * 100 + __GNUC_MINOR__)
+/*
+ * GCC 4.2.2's C99 inline keyword support is pretty broken; avoid. Introduced in
+ * GCC 4.2.something, fixed in 4.3.0. So checking for specific major.minor of
+ * 4.2 is fine.
+ */
+#  define BROKEN_GCC_C99_INLINE
+# endif
+#endif
+
+typedef int(*art_callback)(void *data, const unsigned char *key, uint32_t key_len, void *value);
+
+/**
+ * This struct is included as part
+ * of all the various node sizes
+ */
+typedef struct {
+    uint8_t type;
+    uint8_t num_children;
+    uint32_t partial_len;
+    unsigned char partial[MAX_PREFIX_LEN];
+} art_node;
+
+/**
+ * Small node with only 4 children
+ */
+typedef struct {
+    art_node n;
+    unsigned char keys[4];
+    art_node *children[4];
+} art_node4;
+
+/**
+ * Node with 16 children
+ */
+typedef struct {
+    art_node n;
+    unsigned char keys[16];
+    art_node *children[16];
+} art_node16;
+
+/**
+ * Node with 48 children, but
+ * a full 256 byte field.
+ */
+typedef struct {
+    art_node n;
+    unsigned char keys[256];
+    art_node *children[48];
+} art_node48;
+
+/**
+ * Full node with 256 children
+ */
+typedef struct {
+    art_node n;
+    art_node *children[256];
+} art_node256;
+
+/**
+ * Represents a leaf. These are
+ * of arbitrary size, as they include the key.
+ */
+typedef struct {
+    void *value;
+    uint32_t key_len;
+    unsigned char key[0];
+} art_leaf;
+
+/**
+ * Main struct, points to root.
+ */
+typedef struct {
+    art_node *root;
+    uint64_t size;
+} art_tree;
+
+/**
+ * Initializes an ART tree
+ * @return 0 on success.
+ */
+int art_tree_init(art_tree *t);
+
+/**
+ * DEPRECATED
+ * Initializes an ART tree
+ * @return 0 on success.
+ */
+#define init_art_tree(...) art_tree_init(__VA_ARGS__)
+
+/**
+ * Destroys an ART tree
+ * @return 0 on success.
+ */
+int art_tree_destroy(art_tree *t);
+
+/**
+ * DEPRECATED
+ * Initializes an ART tree
+ * @return 0 on success.
+ */
+#define destroy_art_tree(...) art_tree_destroy(__VA_ARGS__)
+
+/**
+ * Returns the size of the ART tree.
+ */
+#ifdef BROKEN_GCC_C99_INLINE
+# define art_size(t) ((t)->size)
+#else
+static inline uint64_t art_size(art_tree *t) {
+    return t->size;
+}
+#endif
+
+/**
+ * Inserts a new value into the ART tree
+ * @arg t The tree
+ * @arg key The key
+ * @arg key_len The length of the key
+ * @arg value Opaque value.
+ * @return NULL if the item was newly inserted, otherwise
+ * the old value pointer is returned.
+ */
+void* art_insert(art_tree *t, const unsigned char *key, int key_len, void *value);
+
+/**
+ * Deletes a value from the ART tree
+ * @arg t The tree
+ * @arg key The key
+ * @arg key_len The length of the key
+ * @return NULL if the item was not found, otherwise
+ * the value pointer is returned.
+ */
+void* art_delete(art_tree *t, const unsigned char *key, int key_len);
+
+/**
+ * Searches for a value in the ART tree
+ * @arg t The tree
+ * @arg key The key
+ * @arg key_len The length of the key
+ * @return NULL if the item was not found, otherwise
+ * the value pointer is returned.
+ */
+void* art_search(const art_tree *t, const unsigned char *key, int key_len);
+
+/**
+ * Searches substring for a value in the ART tree
+ * @arg t The tree
+ * @arg str The key
+ * @arg str_len The length of the key
+ * @return NULL if the item was not found, otherwise
+ * the value pointer is returned.
+ */
+void *art_substring(const art_tree *t, const unsigned char *str, int str_len, unsigned char *key, int *key_len);
+
+/**
+ * Wakk substring for a value in the ART tree
+ * @arg t The tree
+ * @arg str The key
+ * @arg str_len The length of the key
+ * @arg is_subkey is sub key or not
+ * @return NULL if the item was not found, otherwise
+ * the value pointer is returned.
+ */
+typedef int (*walk_func)(unsigned char *key, uint32_t key_len, int is_subkey, void *value, void *arg);
+void art_substring_walk(const art_tree *t, const unsigned char *str, int str_len, walk_func func, void *arg);
+
+/**
+ * Returns the minimum valued leaf
+ * @return The minimum leaf or NULL
+ */
+art_leaf* art_minimum(art_tree *t);
+
+/**
+ * Returns the maximum valued leaf
+ * @return The maximum leaf or NULL
+ */
+art_leaf* art_maximum(art_tree *t);
+
+/**
+ * Iterates through the entries pairs in the map,
+ * invoking a callback for each. The call back gets a
+ * key, value for each and returns an integer stop value.
+ * If the callback returns non-zero, then the iteration stops.
+ * @arg t The tree to iterate over
+ * @arg cb The callback function to invoke
+ * @arg data Opaque handle passed to the callback
+ * @return 0 on success, or the return of the callback.
+ */
+int art_iter(art_tree *t, art_callback cb, void *data);
+
+/**
+ * Iterates through the entries pairs in the map,
+ * invoking a callback for each that matches a given prefix.
+ * The call back gets a key, value for each and returns an integer stop value.
+ * If the callback returns non-zero, then the iteration stops.
+ * @arg t The tree to iterate over
+ * @arg prefix The prefix of keys to read
+ * @arg prefix_len The length of the prefix
+ * @arg cb The callback function to invoke
+ * @arg data Opaque handle passed to the callback
+ * @return 0 on success, or the return of the callback.
+ */
+int art_iter_prefix(art_tree *t, const unsigned char *prefix, int prefix_len, art_callback cb, void *data);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif

src/include/atomic.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -20,11 +20,10 @@
 #ifndef _GENERIC_ATOMIC_H
 #define _GENERIC_ATOMIC_H
 
+#define ACCESS_ONCE(x) (*(volatile typeof(x) *)&(x))
 
-/* Check GCC version, just to be safe */
-#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC_MINOR__ < 1)
-# error atomic.h works only with GCC newer than version 4.1
-#endif /* GNUC >= 4.1 */
+#define READ_ONCE(x) \
+({ typeof(x) ___x = ACCESS_ONCE(x); ___x; })
 
 /**
  * Atomic type.
@@ -41,14 +40,20 @@ typedef struct {
  *
  * Atomically reads the value of @v.
  */
-#define atomic_read(v) ((v)->counter)
+static inline int atomic_read(const atomic_t *v)
+{
+	return READ_ONCE((v)->counter);
+}
 
 /**
  * Set atomic variable
  * @param v pointer of type atomic_t
  * @param i required value
  */
-#define atomic_set(v,i) (((v)->counter) = (i))
+static inline void atomic_set(atomic_t *v, int i)
+{
+    v->counter = i;
+}
 
 /**
  * Add to the atomic variable

src/include/bitmap.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/bitops.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/conf.h

@@ -1,142 +1,198 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-
-#ifndef _GENERIC_CONF_H
-#define _GENERIC_CONF_H
-
-#include <unistd.h>
-
-#define MAX_LINE_LEN 1024
-#define MAX_KEY_LEN 64
-#define CONF_INT_MAX (~(1 << 31))
-#define CONF_INT_MIN (1 << 31)
-
-#define CONF_RET_OK     0
-#define CONF_RET_ERR   -1
-#define CONF_RET_WARN  -2
-#define CONF_RET_NOENT -3
-
-struct config_item {
-	const char *item;
-	int (*item_func)(const char *item, void *data, int argc, char *argv[]);
-	void *data;
-};
-
-struct config_item_custom {
-	void *custom_data;
-	int (*custom_func)(void *data, int argc, char *argv[]);
-};
-
-struct config_item_int {
-	int *data;
-	int min;
-	int max;
-};
-
-struct config_item_string {
-	char *data;
-	size_t size;
-};
-
-struct config_item_yesno {
-	int *data;
-};
-
-struct config_item_size {
-	size_t *data;
-	size_t min;
-	size_t max;
-};
-
-#define CONF_INT(key, value, min_value, max_value)                                                                                                             \
-	{                                                                                                                                                          \
-		key, conf_int, &(struct config_item_int)                                                                                                               \
-		{                                                                                                                                                      \
-			.data = value, .min = min_value, .max = max_value                                                                                                  \
-		}                                                                                                                                                      \
-	}
-#define CONF_STRING(key, value, len_value)                                                                                                                     \
-	{                                                                                                                                                          \
-		key, conf_string, &(struct config_item_string)                                                                                                         \
-		{                                                                                                                                                      \
-			.data = value, .size = len_value                                                                                                                   \
-		}                                                                                                                                                      \
-	}
-#define CONF_YESNO(key, value)                                                                                                                                 \
-	{                                                                                                                                                          \
-		key, conf_yesno, &(struct config_item_yesno)                                                                                                           \
-		{                                                                                                                                                      \
-			.data = value                                                                                                                                      \
-		}                                                                                                                                                      \
-	}
-#define CONF_SIZE(key, value, min_value, max_value)                                                                                                            \
-	{                                                                                                                                                          \
-		key, conf_size, &(struct config_item_size)                                                                                                             \
-		{                                                                                                                                                      \
-			.data = value, .min = min_value, .max = max_value                                                                                                  \
-		}                                                                                                                                                      \
-	}
-/*
- * func: int (*func)(void *data, int argc, char *argv[]);
- */
-#define CONF_CUSTOM(key, func, data)                                                                                                                           \
-	{                                                                                                                                                          \
-		key, conf_custom, &(struct config_item_custom)                                                                                                         \
-		{                                                                                                                                                      \
-			.custom_data = data, .custom_func = func                                                                                                           \
-		}                                                                                                                                                      \
-	}
-
-#define CONF_END()                                                                                                                                             \
-	{                                                                                                                                                          \
-		NULL, NULL, NULL                                                                                                                                                \
-	}
-
-extern int conf_custom(const char *item, void *data, int argc, char *argv[]);
-
-extern int conf_int(const char *item, void *data, int argc, char *argv[]);
-
-extern int conf_string(const char *item, void *data, int argc, char *argv[]);
-
-extern int conf_yesno(const char *item, void *data, int argc, char *argv[]);
-
-extern int conf_size(const char *item, void *data, int argc, char *argv[]);
-
-/*
- * Example:
- *  int num = 0;
- *
- *  struct config_item itmes [] = {
- *       CONF_INT("CONF_NUM", &num, -1, 10),
- *       CONF_END();
- *  }
- *
- *  load_conf(file, items);
- *
- */
-
-typedef int(conf_error_handler)(const char *file, int lineno, int ret);
-
-int load_conf(const char *file, struct config_item items[], conf_error_handler handler);
-
-void load_exit(void);
-
-const char *conf_get_conf_file(void);
-
-#endif // !_GENERIC_CONF_H
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _GENERIC_CONF_H
+#define _GENERIC_CONF_H
+
+#include <unistd.h>
+
+#define MAX_LINE_LEN 8192
+#define MAX_KEY_LEN 64
+#define CONF_INT_MAX (~(1 << 31))
+#define CONF_INT_MIN (1 << 31)
+
+#define CONF_RET_OK 0
+#define CONF_RET_ERR -1
+#define CONF_RET_WARN -2
+#define CONF_RET_NOENT -3
+#define CONF_RET_BADCONF -4
+
+struct config_item {
+	const char *item;
+	int (*item_func)(const char *item, void *data, int argc, char *argv[]);
+	void *data;
+};
+
+struct config_item_custom {
+	void *custom_data;
+	int (*custom_func)(void *data, int argc, char *argv[]);
+};
+
+struct config_item_int {
+	int *data;
+	int min;
+	int max;
+};
+
+struct config_item_int_base {
+	int *data;
+	int min;
+	int max;
+	int base;
+};
+
+struct config_item_string {
+	char *data;
+	size_t size;
+};
+
+struct config_item_yesno {
+	int *data;
+};
+
+struct config_item_size {
+	size_t *data;
+	size_t min;
+	size_t max;
+};
+
+struct config_item_ssize {
+	ssize_t *data;
+	ssize_t min;
+	ssize_t max;
+};
+
+struct config_enum_list {
+	char *name;
+	int id;
+};
+
+struct config_enum {
+	int *data;
+	struct config_enum_list *list;
+};
+
+#define CONF_INT(key, value, min_value, max_value)                                                                     \
+	{                                                                                                                  \
+		key, conf_int, &(struct config_item_int)                                                                       \
+		{                                                                                                              \
+			.data = value, .min = min_value, .max = max_value                                                          \
+		}                                                                                                              \
+	}
+#define CONF_INT_BASE(key, value, min_value, max_value, base_value)                                                    \
+	{                                                                                                                  \
+		key, conf_int_base, &(struct config_item_int_base)                                                             \
+		{                                                                                                              \
+			.data = value, .min = min_value, .max = max_value, .base = base_value                                      \
+		}                                                                                                              \
+	}
+#define CONF_STRING(key, value, len_value)                                                                             \
+	{                                                                                                                  \
+		key, conf_string, &(struct config_item_string)                                                                 \
+		{                                                                                                              \
+			.data = value, .size = len_value                                                                           \
+		}                                                                                                              \
+	}
+#define CONF_YESNO(key, value)                                                                                         \
+	{                                                                                                                  \
+		key, conf_yesno, &(struct config_item_yesno)                                                                   \
+		{                                                                                                              \
+			.data = value                                                                                              \
+		}                                                                                                              \
+	}
+#define CONF_SIZE(key, value, min_value, max_value)                                                                    \
+	{                                                                                                                  \
+		key, conf_size, &(struct config_item_size)                                                                     \
+		{                                                                                                              \
+			.data = value, .min = min_value, .max = max_value                                                          \
+		}                                                                                                              \
+	}
+#define CONF_SSIZE(key, value, min_value, max_value)                                                                   \
+	{                                                                                                                  \
+		key, conf_ssize, &(struct config_item_ssize)                                                                   \
+		{                                                                                                              \
+			.data = value, .min = min_value, .max = max_value                                                          \
+		}                                                                                                              \
+	}
+
+#define CONF_ENUM(key, value, enum)                                                                                    \
+	{                                                                                                                  \
+		key, conf_enum, &(struct config_enum)                                                                          \
+		{                                                                                                              \
+			.data = (int *)value, .list = (struct config_enum_list *)enum                                              \
+		}                                                                                                              \
+	}
+
+/*
+ * func: int (*func)(void *data, int argc, char *argv[]);
+ */
+#define CONF_CUSTOM(key, func, data)                                                                                   \
+	{                                                                                                                  \
+		key, conf_custom, &(struct config_item_custom)                                                                 \
+		{                                                                                                              \
+			.custom_data = data, .custom_func = func                                                                   \
+		}                                                                                                              \
+	}
+
+#define CONF_END()                                                                                                     \
+	{                                                                                                                  \
+		NULL, NULL, NULL                                                                                               \
+	}
+
+extern int conf_custom(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_int(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_int_base(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_string(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_yesno(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_size(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_ssize(const char *item, void *data, int argc, char *argv[]);
+
+extern int conf_enum(const char *item, void *data, int argc, char *argv[]);
+
+/*
+ * Example:
+ *  int num = 0;
+ *
+ *  struct config_item items [] = {
+ *       CONF_INT("CONF_NUM", &num, -1, 10),
+ *       CONF_END();
+ *  }
+ *
+ *  load_conf(file, items);
+ *
+ */
+
+typedef int(conf_error_handler)(const char *file, int lineno, int ret);
+
+int load_conf(const char *file, struct config_item items[], conf_error_handler handler);
+
+void load_exit(void);
+
+int conf_get_current_lineno(void);
+
+const char *conf_get_conf_file(void);
+
+const char *conf_get_conf_fullpath(const char *path, char *fullpath, size_t path_len);
+
+#endif // !_GENERIC_CONF_H

src/include/findbit.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/gcc_builtin.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/hash.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -16,12 +16,12 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-
 #ifndef _GENERIC_HASH_H
 #define _GENERIC_HASH_H
 
 #include "bitmap.h"
 #include "jhash.h"
+#include <ctype.h>
 
 /* Fast hashing routine for ints,  longs and pointers.
    (C) 2002 Nadia Yvette Chambers, IBM */
@@ -30,7 +30,7 @@
 #endif
 
 #ifndef BITS_PER_LONG
-# define BITS_PER_LONG __WORDSIZE
+#define BITS_PER_LONG __WORDSIZE
 #endif
 
 /*
@@ -39,14 +39,12 @@
  *   more efficiently than using fls() and fls64()
  * - the arch is not required to handle n==0 if implementing the fallback
  */
-static inline __attribute__((const))
-int __ilog2_u32(uint32_t n)
+static inline __attribute__((const)) int __ilog2_u32(uint32_t n)
 {
 	return fls(n) - 1;
 }
 
-static inline __attribute__((const))
-int __ilog2_u64(uint64_t n)
+static inline __attribute__((const)) int __ilog2_u64(uint64_t n)
 {
 	return fls64(n) - 1;
 }
@@ -61,78 +59,73 @@ int __ilog2_u64(uint64_t n)
  *
  * selects the appropriately-sized optimised version depending on sizeof(n)
  */
-#define ilog2(n)				\
-(						\
-	__builtin_constant_p(n) ? (		\
-		(n) < 2 ? 0 :			\
-		(n) & (1ULL << 63) ? 63 :	\
-		(n) & (1ULL << 62) ? 62 :	\
-		(n) & (1ULL << 61) ? 61 :	\
-		(n) & (1ULL << 60) ? 60 :	\
-		(n) & (1ULL << 59) ? 59 :	\
-		(n) & (1ULL << 58) ? 58 :	\
-		(n) & (1ULL << 57) ? 57 :	\
-		(n) & (1ULL << 56) ? 56 :	\
-		(n) & (1ULL << 55) ? 55 :	\
-		(n) & (1ULL << 54) ? 54 :	\
-		(n) & (1ULL << 53) ? 53 :	\
-		(n) & (1ULL << 52) ? 52 :	\
-		(n) & (1ULL << 51) ? 51 :	\
-		(n) & (1ULL << 50) ? 50 :	\
-		(n) & (1ULL << 49) ? 49 :	\
-		(n) & (1ULL << 48) ? 48 :	\
-		(n) & (1ULL << 47) ? 47 :	\
-		(n) & (1ULL << 46) ? 46 :	\
-		(n) & (1ULL << 45) ? 45 :	\
-		(n) & (1ULL << 44) ? 44 :	\
-		(n) & (1ULL << 43) ? 43 :	\
-		(n) & (1ULL << 42) ? 42 :	\
-		(n) & (1ULL << 41) ? 41 :	\
-		(n) & (1ULL << 40) ? 40 :	\
-		(n) & (1ULL << 39) ? 39 :	\
-		(n) & (1ULL << 38) ? 38 :	\
-		(n) & (1ULL << 37) ? 37 :	\
-		(n) & (1ULL << 36) ? 36 :	\
-		(n) & (1ULL << 35) ? 35 :	\
-		(n) & (1ULL << 34) ? 34 :	\
-		(n) & (1ULL << 33) ? 33 :	\
-		(n) & (1ULL << 32) ? 32 :	\
-		(n) & (1ULL << 31) ? 31 :	\
-		(n) & (1ULL << 30) ? 30 :	\
-		(n) & (1ULL << 29) ? 29 :	\
-		(n) & (1ULL << 28) ? 28 :	\
-		(n) & (1ULL << 27) ? 27 :	\
-		(n) & (1ULL << 26) ? 26 :	\
-		(n) & (1ULL << 25) ? 25 :	\
-		(n) & (1ULL << 24) ? 24 :	\
-		(n) & (1ULL << 23) ? 23 :	\
-		(n) & (1ULL << 22) ? 22 :	\
-		(n) & (1ULL << 21) ? 21 :	\
-		(n) & (1ULL << 20) ? 20 :	\
-		(n) & (1ULL << 19) ? 19 :	\
-		(n) & (1ULL << 18) ? 18 :	\
-		(n) & (1ULL << 17) ? 17 :	\
-		(n) & (1ULL << 16) ? 16 :	\
-		(n) & (1ULL << 15) ? 15 :	\
-		(n) & (1ULL << 14) ? 14 :	\
-		(n) & (1ULL << 13) ? 13 :	\
-		(n) & (1ULL << 12) ? 12 :	\
-		(n) & (1ULL << 11) ? 11 :	\
-		(n) & (1ULL << 10) ? 10 :	\
-		(n) & (1ULL <<  9) ?  9 :	\
-		(n) & (1ULL <<  8) ?  8 :	\
-		(n) & (1ULL <<  7) ?  7 :	\
-		(n) & (1ULL <<  6) ?  6 :	\
-		(n) & (1ULL <<  5) ?  5 :	\
-		(n) & (1ULL <<  4) ?  4 :	\
-		(n) & (1ULL <<  3) ?  3 :	\
-		(n) & (1ULL <<  2) ?  2 :	\
-		1 ) :				\
-	(sizeof(n) <= 4) ?			\
-	__ilog2_u32(n) :			\
-	__ilog2_u64(n)				\
- )
-
+#define ilog2(n)                                                                                                       \
+	(__builtin_constant_p(n) ? ((n) < 2              ? 0                                                               \
+								: (n) & (1ULL << 63) ? 63                                                              \
+								: (n) & (1ULL << 62) ? 62                                                              \
+								: (n) & (1ULL << 61) ? 61                                                              \
+								: (n) & (1ULL << 60) ? 60                                                              \
+								: (n) & (1ULL << 59) ? 59                                                              \
+								: (n) & (1ULL << 58) ? 58                                                              \
+								: (n) & (1ULL << 57) ? 57                                                              \
+								: (n) & (1ULL << 56) ? 56                                                              \
+								: (n) & (1ULL << 55) ? 55                                                              \
+								: (n) & (1ULL << 54) ? 54                                                              \
+								: (n) & (1ULL << 53) ? 53                                                              \
+								: (n) & (1ULL << 52) ? 52                                                              \
+								: (n) & (1ULL << 51) ? 51                                                              \
+								: (n) & (1ULL << 50) ? 50                                                              \
+								: (n) & (1ULL << 49) ? 49                                                              \
+								: (n) & (1ULL << 48) ? 48                                                              \
+								: (n) & (1ULL << 47) ? 47                                                              \
+								: (n) & (1ULL << 46) ? 46                                                              \
+								: (n) & (1ULL << 45) ? 45                                                              \
+								: (n) & (1ULL << 44) ? 44                                                              \
+								: (n) & (1ULL << 43) ? 43                                                              \
+								: (n) & (1ULL << 42) ? 42                                                              \
+								: (n) & (1ULL << 41) ? 41                                                              \
+								: (n) & (1ULL << 40) ? 40                                                              \
+								: (n) & (1ULL << 39) ? 39                                                              \
+								: (n) & (1ULL << 38) ? 38                                                              \
+								: (n) & (1ULL << 37) ? 37                                                              \
+								: (n) & (1ULL << 36) ? 36                                                              \
+								: (n) & (1ULL << 35) ? 35                                                              \
+								: (n) & (1ULL << 34) ? 34                                                              \
+								: (n) & (1ULL << 33) ? 33                                                              \
+								: (n) & (1ULL << 32) ? 32                                                              \
+								: (n) & (1ULL << 31) ? 31                                                              \
+								: (n) & (1ULL << 30) ? 30                                                              \
+								: (n) & (1ULL << 29) ? 29                                                              \
+								: (n) & (1ULL << 28) ? 28                                                              \
+								: (n) & (1ULL << 27) ? 27                                                              \
+								: (n) & (1ULL << 26) ? 26                                                              \
+								: (n) & (1ULL << 25) ? 25                                                              \
+								: (n) & (1ULL << 24) ? 24                                                              \
+								: (n) & (1ULL << 23) ? 23                                                              \
+								: (n) & (1ULL << 22) ? 22                                                              \
+								: (n) & (1ULL << 21) ? 21                                                              \
+								: (n) & (1ULL << 20) ? 20                                                              \
+								: (n) & (1ULL << 19) ? 19                                                              \
+								: (n) & (1ULL << 18) ? 18                                                              \
+								: (n) & (1ULL << 17) ? 17                                                              \
+								: (n) & (1ULL << 16) ? 16                                                              \
+								: (n) & (1ULL << 15) ? 15                                                              \
+								: (n) & (1ULL << 14) ? 14                                                              \
+								: (n) & (1ULL << 13) ? 13                                                              \
+								: (n) & (1ULL << 12) ? 12                                                              \
+								: (n) & (1ULL << 11) ? 11                                                              \
+								: (n) & (1ULL << 10) ? 10                                                              \
+								: (n) & (1ULL << 9)  ? 9                                                               \
+								: (n) & (1ULL << 8)  ? 8                                                               \
+								: (n) & (1ULL << 7)  ? 7                                                               \
+								: (n) & (1ULL << 6)  ? 6                                                               \
+								: (n) & (1ULL << 5)  ? 5                                                               \
+								: (n) & (1ULL << 4)  ? 4                                                               \
+								: (n) & (1ULL << 3)  ? 3                                                               \
+								: (n) & (1ULL << 2)  ? 2                                                               \
+													 : 1)                                                               \
+	 : (sizeof(n) <= 4)      ? __ilog2_u32(n)                                                                          \
+							 : __ilog2_u64(n))
 
 #if BITS_PER_LONG == 32
 #define GOLDEN_RATIO_PRIME GOLDEN_RATIO_32
@@ -219,14 +212,53 @@ static inline uint32_t hash32_ptr(const void *ptr)
 	return (uint32_t)val;
 }
 
-static inline unsigned long
-hash_string(const char *str)
+static inline uint32_t hash_string_initval(const char *s, uint32_t initval)
 {
-	unsigned long v = 0;
-    const char *c;
-	for (c = str; *c; )
-		v = (((v << 1) + (v >> 14)) ^ (*c++)) & 0x3fff;
-	return(v);
+	uint32_t h = initval;
+
+	while (*s) {
+		h = h * 31 + *s;
+		s++;
+	}
+
+	return h;
+}
+
+static inline uint32_t hash_string_case_initval(const char *s, uint32_t initval)
+{
+	uint32_t h = initval;
+
+	while (*s) {
+		h = h * 31 + tolower(*s);
+		s++;
+	}
+
+	return h;
+}
+
+static inline uint32_t hash_string(const char *s)
+{
+	return hash_string_initval(s, 0);
+}
+
+static inline uint32_t hash_string_case(const char *s)
+{
+	return hash_string_case_initval(s, 0);
+}
+
+static inline uint32_t hash_string_array(const char **a)
+{
+	uint32_t h = 0;
+
+	const char *s;
+	while ((s = *a++)) {
+		while (*s) {
+			h = h * 31 + *s;
+			s++;
+		}
+	}
+
+	return h;
 }
 
 #endif /* _GENERIC_HASH_H */

src/include/hashtable.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -29,6 +29,11 @@
 #define __must_be_array(a)	BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0]))
 #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
 
+struct hash_table {
+	struct hlist_head *table;
+	unsigned int size;
+};
+
 #define DEFINE_HASHTABLE(name, bits)						\
 	struct hlist_head name[1 << (bits)] =					\
 			{ [0 ... ((1 << (bits)) - 1)] = HLIST_HEAD_INIT }
@@ -38,6 +43,8 @@
 
 #define HASH_SIZE(name) (ARRAY_SIZE(name))
 #define HASH_BITS(name) ilog2(HASH_SIZE(name))
+#define HASH_TABLE_SIZE(name) (1 << ((name).size))
+#define HASH_TABLE_BITS(name) ((name).size)
 
 /* Use hash_32 when possible to allow for fast 32bit hashing in 64bit kernels. */
 #define hash_min(val, bits)							\
@@ -63,6 +70,16 @@ static inline void __hash_init(struct hlist_head *ht, unsigned int sz)
  */
 #define hash_init(hashtable) __hash_init(hashtable, HASH_SIZE(hashtable))
 
+#define hash_table_init(hashtable, bits, malloc_func)                 \
+	(hashtable).size = bits;                                         \
+	(hashtable).table = malloc_func(sizeof(struct hlist_head) * HASH_TABLE_SIZE((hashtable)));   \
+	__hash_init((hashtable).table, HASH_TABLE_SIZE((hashtable)))
+
+#define hash_table_free(hashtable, free_func)                       \
+	free_func((hashtable).table);                                  \
+	(hashtable).table = NULL;                                      \
+	(hashtable).size = 0;
+
 /**
  * hash_add - add an object to a hashtable
  * @hashtable: hashtable to add to
@@ -72,6 +89,9 @@ static inline void __hash_init(struct hlist_head *ht, unsigned int sz)
 #define hash_add(hashtable, node, key)						\
 	hlist_add_head(node, &hashtable[hash_min(key, HASH_BITS(hashtable))])
 
+#define hash_table_add(hashtable, node, key)						\
+	hlist_add_head(node, &(hashtable).table[hash_min(key, HASH_TABLE_BITS(hashtable))])
+
 /**
  * hash_hashed - check whether an object is in any hashtable
  * @node: the &struct hlist_node of the object to be checked
@@ -101,6 +121,8 @@ static inline bool __hash_empty(struct hlist_head *ht, unsigned int sz)
  */
 #define hash_empty(hashtable) __hash_empty(hashtable, HASH_SIZE(hashtable))
 
+#define hash_table_empty(hashtable) __hash_empty((hashtable).table, HASH_TABLE_SIZE(hashtable))
+
 /**
  * hash_del - remove an object from a hashtable
  * @node: &struct hlist_node of the object to remove
@@ -122,6 +144,11 @@ static inline void hash_del(struct hlist_node *node)
 			(bkt)++)\
 		hlist_for_each_entry(obj, &name[bkt], member)
 
+#define hash_table_for_each(name, bkt, obj, member)				\
+	for ((bkt) = 0, obj = NULL; obj == NULL && (bkt) < (HASH_TABLE_SIZE(name));\
+			(bkt)++)\
+		hlist_for_each_entry(obj, &((name).table)[bkt], member)
+
 /**
  * hash_for_each_safe - iterate over a hashtable safe against removal of
  * hash entry
@@ -136,6 +163,11 @@ static inline void hash_del(struct hlist_node *node)
 			(bkt)++)\
 		hlist_for_each_entry_safe(obj, tmp, &name[bkt], member)
 
+#define hash_table_for_each_safe(name, bkt, tmp, obj, member)			\
+	for ((bkt) = 0, obj = NULL; obj == NULL && (bkt) < (HASH_TABLE_SIZE(name));\
+			(bkt)++)\
+		hlist_for_each_entry_safe(obj, tmp, &((name).table)[bkt], member)
+
 /**
  * hash_for_each_possible - iterate over all possible objects hashing to the
  * same bucket
@@ -147,6 +179,9 @@ static inline void hash_del(struct hlist_node *node)
 #define hash_for_each_possible(name, obj, member, key)			\
 	hlist_for_each_entry(obj, &name[hash_min(key, HASH_BITS(name))], member)
 
+#define hash_table_for_each_possible(name, obj, member, key)			\
+	hlist_for_each_entry(obj, &((name).table)[hash_min(key, HASH_TABLE_BITS(name))], member)
+
 /**
  * hash_for_each_possible_safe - iterate over all possible objects hashing to the
  * same bucket safe against removals
@@ -160,4 +195,8 @@ static inline void hash_del(struct hlist_node *node)
 	hlist_for_each_entry_safe(obj, tmp,\
 		&name[hash_min(key, HASH_BITS(name))], member)
 
+#define hash_table_for_each_possible_safe(name, obj, tmp, member, key)	\
+	hlist_for_each_entry_safe(obj, tmp,\
+		&((name).table)[hash_min(key, HASH_TABLE_BITS(name))], member)
+
 #endif

src/include/idna.h

@@ -0,0 +1,32 @@
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _SMARTDNS_IDNA_H
+#define _SMARTDNS_IDNA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int utf8_to_punycode(const char *src, int src_len, char *dst, int dst_len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // !_SMARTDNS_IDNA_H

src/include/jhash.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/list.h

@@ -1,6 +1,6 @@
 /*************************************************************************
  *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
  *
  * smartdns is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

src/include/nftset.h

@@ -0,0 +1,36 @@
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2022 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _NFTSET_H
+#define _NFTSET_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int nftset_add(const char *familyname, const char *tablename, const char *setname, const unsigned char addr[],
+			   int addr_len, unsigned long timeout);
+
+int nftset_del(const char *familyname, const char *tablename, const char *setname, const unsigned char addr[],
+			   int addr_len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // !_NFTSET_H

src/include/radix.h

@@ -1,162 +1,162 @@
-/*
- * Copyright (c) 1999-2000
- * 
- * The Regents of the University of Michigan ("The Regents") and
- * Merit Network, Inc. All rights reserved.  Redistribution and use
- * in source and binary forms, with or without modification, are
- * permitted provided that the following conditions are met:
- * 
- * 1. Redistributions of source code must retain the above 
- * copyright notice, this list of conditions and the 
- * following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above 
- * copyright notice, this list of conditions and the 
- * following disclaimer in the documentation and/or other 
- * materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of 
- * this software must display the following acknowledgement:
- * 
- *   This product includes software developed by the University of
- *   Michigan, Merit Network, Inc., and their contributors.
- * 
- * 4. Neither the name of the University, Merit Network, nor the
- * names of their contributors may be used to endorse or 
- * promote products derived from this software without 
- * specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL TH E REGENTS
- * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HO WEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Portions Copyright (c) 2004,2005 Damien Miller <djm@mindrot.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: radix.h,v 1.9 2007/10/24 06:03:08 djm Exp $ */
-
-#ifndef _RADIX_H
-#define _RADIX_H
-
-#if defined(_MSC_VER)
-#include <winsock2.h>
-#include <ws2tcpip.h>
-#else
-# include <sys/types.h>
-# include <sys/socket.h>
-# include <netinet/in.h>
-# include <arpa/inet.h>
-# include <netdb.h>
-#endif
-
-#if defined(_MSC_VER)
-# define snprintf _snprintf
-typedef unsigned __int8		u_int8_t;
-typedef unsigned __int16	u_int16_t;
-typedef unsigned __int32	u_int32_t;
-const char *inet_ntop(int af, const void *src, char *dst, size_t size);
-size_t strlcpy(char *dst, const char *src, size_t size);
-#endif
-
-/*
- * Originally from MRT include/mrt.h
- * $MRTId: mrt.h,v 1.1.1.1 2000/08/14 18:46:10 labovit Exp $
- */
-typedef struct _prefix_t {
-	u_int family;			/* AF_INET | AF_INET6 */
-	u_int bitlen;			/* same as mask? */
-	int ref_count;			/* reference count */
-	union {
-		struct in_addr sin;
-		struct in6_addr sin6;
-	} add;
-} prefix_t;
-
-void Deref_Prefix(prefix_t *prefix);
-
-/*
- * Originally from MRT include/radix.h
- * $MRTId: radix.h,v 1.1.1.1 2000/08/14 18:46:10 labovit Exp $
- */
-typedef struct _radix_node_t {
-	u_int bit;			/* flag if this node used */
-	prefix_t *prefix;		/* who we are in radix tree */
-	struct _radix_node_t *l, *r;	/* left and right children */
-	struct _radix_node_t *parent;	/* may be used */
-	void *data;			/* pointer to data */
-} radix_node_t;
-
-typedef struct _radix_tree_t {
-	radix_node_t *head;
-	u_int maxbits;			/* for IP, 32 bit addresses */
-	int num_active_node;		/* for debug purpose */
-} radix_tree_t;
-
-/* Type of callback function */
-typedef void (*rdx_cb_t)(radix_node_t *, void *);
-
-radix_tree_t *New_Radix(void);
-void Destroy_Radix(radix_tree_t *radix, rdx_cb_t func, void *cbctx);
-radix_node_t *radix_lookup(radix_tree_t *radix, prefix_t *prefix);
-void radix_remove(radix_tree_t *radix, radix_node_t *node);
-radix_node_t *radix_search_exact(radix_tree_t *radix, prefix_t *prefix);
-radix_node_t *radix_search_best(radix_tree_t *radix, prefix_t *prefix);
-void radix_process(radix_tree_t *radix, rdx_cb_t func, void *cbctx);
-
-#define RADIX_MAXBITS 128
-
-#define RADIX_WALK(Xhead, Xnode) \
-	do { \
-		radix_node_t *Xstack[RADIX_MAXBITS+1]; \
-		radix_node_t **Xsp = Xstack; \
-		radix_node_t *Xrn = (Xhead); \
-		while ((Xnode = Xrn)) { \
-			if (Xnode->prefix)
-
-#define RADIX_WALK_END \
-			if (Xrn->l) { \
-				if (Xrn->r) { \
-					*Xsp++ = Xrn->r; \
-				} \
-				Xrn = Xrn->l; \
-			} else if (Xrn->r) { \
-				Xrn = Xrn->r; \
-			} else if (Xsp != Xstack) { \
-				Xrn = *(--Xsp); \
-			} else { \
-				Xrn = (radix_node_t *) 0; \
-			} \
-		} \
-	} while (0)
-
-/* Local additions */
-
-prefix_t *prefix_pton(const char *string, long len, prefix_t *prefix, const char **errmsg);
-prefix_t *prefix_from_blob(unsigned char *blob, int len, int prefixlen, prefix_t *prefix);
-const char *prefix_addr_ntop(prefix_t *prefix, char *buf, size_t len);
-const char *prefix_ntop(prefix_t *prefix, char *buf, size_t len);
-
-#endif /* _RADIX_H */
-
+/*
+ * Copyright (c) 1999-2000
+ * 
+ * The Regents of the University of Michigan ("The Regents") and
+ * Merit Network, Inc. All rights reserved.  Redistribution and use
+ * in source and binary forms, with or without modification, are
+ * permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above 
+ * copyright notice, this list of conditions and the 
+ * following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above 
+ * copyright notice, this list of conditions and the 
+ * following disclaimer in the documentation and/or other 
+ * materials provided with the distribution.
+ * 
+ * 3. All advertising materials mentioning features or use of 
+ * this software must display the following acknowledgement:
+ * 
+ *   This product includes software developed by the University of
+ *   Michigan, Merit Network, Inc., and their contributors.
+ * 
+ * 4. Neither the name of the University, Merit Network, nor the
+ * names of their contributors may be used to endorse or 
+ * promote products derived from this software without 
+ * specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL TH E REGENTS
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HO WEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * Portions Copyright (c) 2004,2005 Damien Miller <djm@mindrot.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: radix.h,v 1.9 2007/10/24 06:03:08 djm Exp $ */
+
+#ifndef _RADIX_H
+#define _RADIX_H
+
+#if defined(_MSC_VER)
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
+# include <sys/types.h>
+# include <sys/socket.h>
+# include <netinet/in.h>
+# include <arpa/inet.h>
+# include <netdb.h>
+#endif
+
+#if defined(_MSC_VER)
+# define snprintf _snprintf
+typedef unsigned __int8		u_int8_t;
+typedef unsigned __int16	u_int16_t;
+typedef unsigned __int32	u_int32_t;
+const char *inet_ntop(int af, const void *src, char *dst, size_t size);
+size_t strlcpy(char *dst, const char *src, size_t size);
+#endif
+
+/*
+ * Originally from MRT include/mrt.h
+ * $MRTId: mrt.h,v 1.1.1.1 2000/08/14 18:46:10 labovit Exp $
+ */
+typedef struct _prefix_t {
+	u_int family;			/* AF_INET | AF_INET6 */
+	u_int bitlen;			/* same as mask? */
+	int ref_count;			/* reference count */
+	union {
+		struct in_addr sin;
+		struct in6_addr sin6;
+	} add;
+} prefix_t;
+
+void Deref_Prefix(prefix_t *prefix);
+
+/*
+ * Originally from MRT include/radix.h
+ * $MRTId: radix.h,v 1.1.1.1 2000/08/14 18:46:10 labovit Exp $
+ */
+typedef struct _radix_node_t {
+	u_int bit;			/* flag if this node used */
+	prefix_t *prefix;		/* who we are in radix tree */
+	struct _radix_node_t *l, *r;	/* left and right children */
+	struct _radix_node_t *parent;	/* may be used */
+	void *data;			/* pointer to data */
+} radix_node_t;
+
+typedef struct _radix_tree_t {
+	radix_node_t *head;
+	u_int maxbits;			/* for IP, 32 bit addresses */
+	int num_active_node;		/* for debug purpose */
+} radix_tree_t;
+
+/* Type of callback function */
+typedef void (*rdx_cb_t)(radix_node_t *, void *);
+
+radix_tree_t *New_Radix(void);
+void Destroy_Radix(radix_tree_t *radix, rdx_cb_t func, void *cbctx);
+radix_node_t *radix_lookup(radix_tree_t *radix, prefix_t *prefix);
+void radix_remove(radix_tree_t *radix, radix_node_t *node);
+radix_node_t *radix_search_exact(radix_tree_t *radix, prefix_t *prefix);
+radix_node_t *radix_search_best(radix_tree_t *radix, prefix_t *prefix);
+void radix_process(radix_tree_t *radix, rdx_cb_t func, void *cbctx);
+
+#define RADIX_MAXBITS 128
+
+#define RADIX_WALK(Xhead, Xnode) \
+	do { \
+		radix_node_t *Xstack[RADIX_MAXBITS+1]; \
+		radix_node_t **Xsp = Xstack; \
+		radix_node_t *Xrn = (Xhead); \
+		while ((Xnode = Xrn)) { \
+			if (Xnode->prefix)
+
+#define RADIX_WALK_END \
+			if (Xrn->l) { \
+				if (Xrn->r) { \
+					*Xsp++ = Xrn->r; \
+				} \
+				Xrn = Xrn->l; \
+			} else if (Xrn->r) { \
+				Xrn = Xrn->r; \
+			} else if (Xsp != Xstack) { \
+				Xrn = *(--Xsp); \
+			} else { \
+				Xrn = (radix_node_t *) 0; \
+			} \
+		} \
+	} while (0)
+
+/* Local additions */
+
+prefix_t *prefix_pton(const char *string, long len, prefix_t *prefix, const char **errmsg);
+prefix_t *prefix_from_blob(unsigned char *blob, int len, int prefixlen, prefix_t *prefix);
+const char *prefix_addr_ntop(prefix_t *prefix, char *buf, size_t len);
+const char *prefix_ntop(prefix_t *prefix, char *buf, size_t len);
+
+#endif /* _RADIX_H */
+

src/include/rbtree.h

@@ -1,305 +1,305 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef _GENERIC_RBTREE_H
-#define _GENERIC_RBTREE_H
-
-#include <stddef.h>
-
-struct rb_node {
-	unsigned long __rb_parent_color;
-	struct rb_node *rb_right;
-	struct rb_node *rb_left;
-} __attribute__((aligned(sizeof(long))));
-/* The alignment might seem pointless, but allegedly CRIS needs it */
-
-struct rb_root {
-	struct rb_node *rb_node;
-};
-
-#define rb_parent(r) ((struct rb_node *)((r)->__rb_parent_color & ~3))
-
-#define RB_ROOT                                                                                                                                                \
-	(struct rb_root)                                                                                                                                           \
-	{                                                                                                                                                          \
-		NULL,                                                                                                                                                  \
-	}
-#define rb_entry(ptr, type, member) container_of(ptr, type, member)
-
-#define RB_EMPTY_ROOT(root) ((root)->rb_node == NULL)
-
-/* 'empty' nodes are nodes that are known not to be inserted in an rbtree */
-#define RB_EMPTY_NODE(node) ((node)->__rb_parent_color == (unsigned long)(node))
-#define RB_CLEAR_NODE(node) ((node)->__rb_parent_color = (unsigned long)(node))
-
-extern void rb_insert_color(struct rb_node *, struct rb_root *);
-extern void rb_erase(struct rb_node *, struct rb_root *);
-
-/* Find logical next and previous nodes in a tree */
-extern struct rb_node *rb_next(const struct rb_node *);
-extern struct rb_node *rb_prev(const struct rb_node *);
-extern struct rb_node *rb_first(const struct rb_root *);
-extern struct rb_node *rb_last(const struct rb_root *);
-
-/* Postorder iteration - always visit the parent after its children */
-extern struct rb_node *rb_first_postorder(const struct rb_root *);
-extern struct rb_node *rb_next_postorder(const struct rb_node *);
-
-/* Fast replacement of a single node without remove/rebalance/add/rebalance */
-extern void rb_replace_node(struct rb_node *victim, struct rb_node *new_node, struct rb_root *root);
-
-static inline void rb_link_node(struct rb_node *node, struct rb_node *parent, struct rb_node **rb_link)
-{
-	node->__rb_parent_color = (unsigned long)parent;
-	node->rb_left = node->rb_right = NULL;
-
-	*rb_link = node;
-}
-
-#define rb_entry_safe(ptr, type, member)                                                                                                                       \
-	({                                                                                                                                                         \
-		typeof(ptr) ____ptr = (ptr);                                                                                                                           \
-		____ptr ? rb_entry(____ptr, type, member) : NULL;                                                                                                      \
-	})
-
-/*
- * Handy for checking that we are not deleting an entry that is
- * already in a list, found in block/{blk-throttle,cfq-iosched}.c,
- * probably should be moved to lib/rbtree.c...
- */
-static inline void rb_erase_init(struct rb_node *n, struct rb_root *root)
-{
-	rb_erase(n, root);
-	RB_CLEAR_NODE(n);
-}
-
-
-/*
- * Please note - only struct rb_augment_callbacks and the prototypes for
- * rb_insert_augmented() and rb_erase_augmented() are intended to be public.
- * The rest are implementation details you are not expected to depend on.
- *
- * See Documentation/rbtree.txt for documentation and samples.
- */
-
-struct rb_augment_callbacks {
-	void (*propagate)(struct rb_node *node, struct rb_node *stop);
-	void (*copy)(struct rb_node *old_node, struct rb_node *new_node);
-	void (*rotate)(struct rb_node *old_node, struct rb_node *new_node);
-};
-
-extern void __rb_insert_augmented(struct rb_node *node, struct rb_root *root,
-	void (*augment_rotate)(struct rb_node *old_node, struct rb_node *new_node));
-/*
- * Fixup the rbtree and update the augmented information when rebalancing.
- *
- * On insertion, the user must update the augmented information on the path
- * leading to the inserted node, then call rb_link_node() as usual and
- * rb_augment_inserted() instead of the usual rb_insert_color() call.
- * If rb_augment_inserted() rebalances the rbtree, it will callback into
- * a user provided function to update the augmented information on the
- * affected subtrees.
- */
-static inline void
-rb_insert_augmented(struct rb_node *node, struct rb_root *root,
-		    const struct rb_augment_callbacks *augment)
-{
-	__rb_insert_augmented(node, root, augment->rotate);
-}
-
-#define RB_DECLARE_CALLBACKS(rbstatic, rbname, rbstruct, rbfield,	\
-			     rbtype, rbaugmented, rbcompute)		\
-static inline void							\
-rbname ## _propagate(struct rb_node *rb, struct rb_node *stop)		\
-{									\
-	while (rb != stop) {						\
-		rbstruct *node = rb_entry(rb, rbstruct, rbfield);	\
-		rbtype augmented = rbcompute(node);			\
-		if (node->rbaugmented == augmented)			\
-			break;						\
-		node->rbaugmented = augmented;				\
-		rb = rb_parent(&node->rbfield);				\
-	}								\
-}									\
-static inline void							\
-rbname ## _copy(struct rb_node *rb_old, struct rb_node *rb_new)		\
-{									\
-	rbstruct *old_node = rb_entry(rb_old, rbstruct, rbfield);		\
-	rbstruct *new_node = rb_entry(rb_new, rbstruct, rbfield);		\
-	new_node->rbaugmented = old_node->rbaugmented;				\
-}									\
-static void								\
-rbname ## _rotate(struct rb_node *rb_old, struct rb_node *rb_new)	\
-{									\
-	rbstruct *old_node = rb_entry(rb_old, rbstruct, rbfield);		\
-	rbstruct *new_node = rb_entry(rb_new, rbstruct, rbfield);		\
-	new_node->rbaugmented = old_node->rbaugmented;				\
-	old_node->rbaugmented = rbcompute(old_node);				\
-}									\
-rbstatic const struct rb_augment_callbacks rbname = {			\
-	rbname ## _propagate, rbname ## _copy, rbname ## _rotate	\
-};
-
-
-#define	RB_RED		0
-#define	RB_BLACK	1
-
-#define __rb_parent(pc)    ((struct rb_node *)(pc & ~3))
-
-#define __rb_color(pc)     ((pc) & 1)
-#define __rb_is_black(pc)  __rb_color(pc)
-#define __rb_is_red(pc)    (!__rb_color(pc))
-#define rb_color(rb)       __rb_color((rb)->__rb_parent_color)
-#define rb_is_red(rb)      __rb_is_red((rb)->__rb_parent_color)
-#define rb_is_black(rb)    __rb_is_black((rb)->__rb_parent_color)
-
-static inline void rb_set_parent(struct rb_node *rb, struct rb_node *p)
-{
-	rb->__rb_parent_color = rb_color(rb) | (unsigned long)p;
-}
-
-static inline void rb_set_parent_color(struct rb_node *rb,
-				       struct rb_node *p, int color)
-{
-	rb->__rb_parent_color = (unsigned long)p | color;
-}
-
-static inline void
-__rb_change_child(struct rb_node *old_node, struct rb_node *new_node,
-		  struct rb_node *parent, struct rb_root *root)
-{
-	if (parent) {
-		if (parent->rb_left == old_node)
-			parent->rb_left = new_node;
-		else
-			parent->rb_right = new_node;
-	} else
-		root->rb_node = new_node;
-}
-
-extern void __rb_erase_color(struct rb_node *parent, struct rb_root *root,
-	void (*augment_rotate)(struct rb_node *old_node, struct rb_node *new_node));
-
-static inline struct rb_node *
-__rb_erase_augmented(struct rb_node *node, struct rb_root *root,
-		     const struct rb_augment_callbacks *augment)
-{
-	struct rb_node *child = node->rb_right, *tmp = node->rb_left;
-	struct rb_node *parent, *rebalance;
-	unsigned long pc;
-
-	if (!tmp) {
-		/*
-		 * Case 1: node to erase has no more than 1 child (easy!)
-		 *
-		 * Note that if there is one child it must be red due to 5)
-		 * and node must be black due to 4). We adjust colors locally
-		 * so as to bypass __rb_erase_color() later on.
-		 */
-		pc = node->__rb_parent_color;
-		parent = __rb_parent(pc);
-		__rb_change_child(node, child, parent, root);
-		if (child) {
-			child->__rb_parent_color = pc;
-			rebalance = NULL;
-		} else
-			rebalance = __rb_is_black(pc) ? parent : NULL;
-		tmp = parent;
-	} else if (!child) {
-		/* Still case 1, but this time the child is node->rb_left */
-		tmp->__rb_parent_color = pc = node->__rb_parent_color;
-		parent = __rb_parent(pc);
-		__rb_change_child(node, tmp, parent, root);
-		rebalance = NULL;
-		tmp = parent;
-	} else {
-		struct rb_node *successor = child, *child2;
-		tmp = child->rb_left;
-		if (!tmp) {
-			/*
-			 * Case 2: node's successor is its right child
-			 *
-			 *    (n)          (s)
-			 *    / \          / \
-			 *  (x) (s)  ->  (x) (c)
-			 *        \
-			 *        (c)
-			 */
-			parent = successor;
-			child2 = successor->rb_right;
-			augment->copy(node, successor);
-		} else {
-			/*
-			 * Case 3: node's successor is leftmost under
-			 * node's right child subtree
-			 *
-			 *    (n)          (s)
-			 *    / \          / \
-			 *  (x) (y)  ->  (x) (y)
-			 *      /            /
-			 *    (p)          (p)
-			 *    /            /
-			 *  (s)          (c)
-			 *    \
-			 *    (c)
-			 */
-			do {
-				parent = successor;
-				successor = tmp;
-				tmp = tmp->rb_left;
-			} while (tmp);
-			parent->rb_left = child2 = successor->rb_right;
-			successor->rb_right = child;
-			rb_set_parent(child, successor);
-			augment->copy(node, successor);
-			augment->propagate(parent, successor);
-		}
-
-		successor->rb_left = tmp = node->rb_left;
-		rb_set_parent(tmp, successor);
-
-		pc = node->__rb_parent_color;
-		tmp = __rb_parent(pc);
-		__rb_change_child(node, successor, tmp, root);
-		if (child2) {
-			successor->__rb_parent_color = pc;
-			rb_set_parent_color(child2, parent, RB_BLACK);
-			rebalance = NULL;
-		} else {
-			unsigned long pc2 = successor->__rb_parent_color;
-			successor->__rb_parent_color = pc;
-			rebalance = __rb_is_black(pc2) ? parent : NULL;
-		}
-		tmp = successor;
-	}
-
-	augment->propagate(tmp, NULL);
-	return rebalance;
-}
-
-static inline void
-rb_erase_augmented(struct rb_node *node, struct rb_root *root,
-		   const struct rb_augment_callbacks *augment)
-{
-	struct rb_node *rebalance = __rb_erase_augmented(node, root, augment);
-	if (rebalance)
-		__rb_erase_color(rebalance, root, augment->rotate);
-}
-
-#endif /* _GENERIC_RBTREE_H */
-
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _GENERIC_RBTREE_H
+#define _GENERIC_RBTREE_H
+
+#include <stddef.h>
+
+struct rb_node {
+	unsigned long __rb_parent_color;
+	struct rb_node *rb_right;
+	struct rb_node *rb_left;
+} __attribute__((aligned(sizeof(long))));
+/* The alignment might seem pointless, but allegedly CRIS needs it */
+
+struct rb_root {
+	struct rb_node *rb_node;
+};
+
+#define rb_parent(r) ((struct rb_node *)((r)->__rb_parent_color & ~3))
+
+#define RB_ROOT                                                                                                                                                \
+	(struct rb_root)                                                                                                                                           \
+	{                                                                                                                                                          \
+		NULL,                                                                                                                                                  \
+	}
+#define rb_entry(ptr, type, member) container_of(ptr, type, member)
+
+#define RB_EMPTY_ROOT(root) ((root)->rb_node == NULL)
+
+/* 'empty' nodes are nodes that are known not to be inserted in an rbtree */
+#define RB_EMPTY_NODE(node) ((node)->__rb_parent_color == (unsigned long)(node))
+#define RB_CLEAR_NODE(node) ((node)->__rb_parent_color = (unsigned long)(node))
+
+extern void rb_insert_color(struct rb_node *, struct rb_root *);
+extern void rb_erase(struct rb_node *, struct rb_root *);
+
+/* Find logical next and previous nodes in a tree */
+extern struct rb_node *rb_next(const struct rb_node *);
+extern struct rb_node *rb_prev(const struct rb_node *);
+extern struct rb_node *rb_first(const struct rb_root *);
+extern struct rb_node *rb_last(const struct rb_root *);
+
+/* Postorder iteration - always visit the parent after its children */
+extern struct rb_node *rb_first_postorder(const struct rb_root *);
+extern struct rb_node *rb_next_postorder(const struct rb_node *);
+
+/* Fast replacement of a single node without remove/rebalance/add/rebalance */
+extern void rb_replace_node(struct rb_node *victim, struct rb_node *new_node, struct rb_root *root);
+
+static inline void rb_link_node(struct rb_node *node, struct rb_node *parent, struct rb_node **rb_link)
+{
+	node->__rb_parent_color = (unsigned long)parent;
+	node->rb_left = node->rb_right = NULL;
+
+	*rb_link = node;
+}
+
+#define rb_entry_safe(ptr, type, member)                                                                                                                       \
+	({                                                                                                                                                         \
+		typeof(ptr) ____ptr = (ptr);                                                                                                                           \
+		____ptr ? rb_entry(____ptr, type, member) : NULL;                                                                                                      \
+	})
+
+/*
+ * Handy for checking that we are not deleting an entry that is
+ * already in a list, found in block/{blk-throttle,cfq-iosched}.c,
+ * probably should be moved to lib/rbtree.c...
+ */
+static inline void rb_erase_init(struct rb_node *n, struct rb_root *root)
+{
+	rb_erase(n, root);
+	RB_CLEAR_NODE(n);
+}
+
+
+/*
+ * Please note - only struct rb_augment_callbacks and the prototypes for
+ * rb_insert_augmented() and rb_erase_augmented() are intended to be public.
+ * The rest are implementation details you are not expected to depend on.
+ *
+ * See Documentation/rbtree.txt for documentation and samples.
+ */
+
+struct rb_augment_callbacks {
+	void (*propagate)(struct rb_node *node, struct rb_node *stop);
+	void (*copy)(struct rb_node *old_node, struct rb_node *new_node);
+	void (*rotate)(struct rb_node *old_node, struct rb_node *new_node);
+};
+
+extern void __rb_insert_augmented(struct rb_node *node, struct rb_root *root,
+	void (*augment_rotate)(struct rb_node *old_node, struct rb_node *new_node));
+/*
+ * Fixup the rbtree and update the augmented information when rebalancing.
+ *
+ * On insertion, the user must update the augmented information on the path
+ * leading to the inserted node, then call rb_link_node() as usual and
+ * rb_augment_inserted() instead of the usual rb_insert_color() call.
+ * If rb_augment_inserted() rebalances the rbtree, it will callback into
+ * a user provided function to update the augmented information on the
+ * affected subtrees.
+ */
+static inline void
+rb_insert_augmented(struct rb_node *node, struct rb_root *root,
+		    const struct rb_augment_callbacks *augment)
+{
+	__rb_insert_augmented(node, root, augment->rotate);
+}
+
+#define RB_DECLARE_CALLBACKS(rbstatic, rbname, rbstruct, rbfield,	\
+			     rbtype, rbaugmented, rbcompute)		\
+static inline void							\
+rbname ## _propagate(struct rb_node *rb, struct rb_node *stop)		\
+{									\
+	while (rb != stop) {						\
+		rbstruct *node = rb_entry(rb, rbstruct, rbfield);	\
+		rbtype augmented = rbcompute(node);			\
+		if (node->rbaugmented == augmented)			\
+			break;						\
+		node->rbaugmented = augmented;				\
+		rb = rb_parent(&node->rbfield);				\
+	}								\
+}									\
+static inline void							\
+rbname ## _copy(struct rb_node *rb_old, struct rb_node *rb_new)		\
+{									\
+	rbstruct *old_node = rb_entry(rb_old, rbstruct, rbfield);		\
+	rbstruct *new_node = rb_entry(rb_new, rbstruct, rbfield);		\
+	new_node->rbaugmented = old_node->rbaugmented;				\
+}									\
+static void								\
+rbname ## _rotate(struct rb_node *rb_old, struct rb_node *rb_new)	\
+{									\
+	rbstruct *old_node = rb_entry(rb_old, rbstruct, rbfield);		\
+	rbstruct *new_node = rb_entry(rb_new, rbstruct, rbfield);		\
+	new_node->rbaugmented = old_node->rbaugmented;				\
+	old_node->rbaugmented = rbcompute(old_node);				\
+}									\
+rbstatic const struct rb_augment_callbacks rbname = {			\
+	rbname ## _propagate, rbname ## _copy, rbname ## _rotate	\
+};
+
+
+#define	RB_RED		0
+#define	RB_BLACK	1
+
+#define __rb_parent(pc)    ((struct rb_node *)(pc & ~3))
+
+#define __rb_color(pc)     ((pc) & 1)
+#define __rb_is_black(pc)  __rb_color(pc)
+#define __rb_is_red(pc)    (!__rb_color(pc))
+#define rb_color(rb)       __rb_color((rb)->__rb_parent_color)
+#define rb_is_red(rb)      __rb_is_red((rb)->__rb_parent_color)
+#define rb_is_black(rb)    __rb_is_black((rb)->__rb_parent_color)
+
+static inline void rb_set_parent(struct rb_node *rb, struct rb_node *p)
+{
+	rb->__rb_parent_color = rb_color(rb) | (unsigned long)p;
+}
+
+static inline void rb_set_parent_color(struct rb_node *rb,
+				       struct rb_node *p, int color)
+{
+	rb->__rb_parent_color = (unsigned long)p | color;
+}
+
+static inline void
+__rb_change_child(struct rb_node *old_node, struct rb_node *new_node,
+		  struct rb_node *parent, struct rb_root *root)
+{
+	if (parent) {
+		if (parent->rb_left == old_node)
+			parent->rb_left = new_node;
+		else
+			parent->rb_right = new_node;
+	} else
+		root->rb_node = new_node;
+}
+
+extern void __rb_erase_color(struct rb_node *parent, struct rb_root *root,
+	void (*augment_rotate)(struct rb_node *old_node, struct rb_node *new_node));
+
+static inline struct rb_node *
+__rb_erase_augmented(struct rb_node *node, struct rb_root *root,
+		     const struct rb_augment_callbacks *augment)
+{
+	struct rb_node *child = node->rb_right, *tmp = node->rb_left;
+	struct rb_node *parent, *rebalance;
+	unsigned long pc;
+
+	if (!tmp) {
+		/*
+		 * Case 1: node to erase has no more than 1 child (easy!)
+		 *
+		 * Note that if there is one child it must be red due to 5)
+		 * and node must be black due to 4). We adjust colors locally
+		 * so as to bypass __rb_erase_color() later on.
+		 */
+		pc = node->__rb_parent_color;
+		parent = __rb_parent(pc);
+		__rb_change_child(node, child, parent, root);
+		if (child) {
+			child->__rb_parent_color = pc;
+			rebalance = NULL;
+		} else
+			rebalance = __rb_is_black(pc) ? parent : NULL;
+		tmp = parent;
+	} else if (!child) {
+		/* Still case 1, but this time the child is node->rb_left */
+		tmp->__rb_parent_color = pc = node->__rb_parent_color;
+		parent = __rb_parent(pc);
+		__rb_change_child(node, tmp, parent, root);
+		rebalance = NULL;
+		tmp = parent;
+	} else {
+		struct rb_node *successor = child, *child2;
+		tmp = child->rb_left;
+		if (!tmp) {
+			/*
+			 * Case 2: node's successor is its right child
+			 *
+			 *    (n)          (s)
+			 *    / \          / \
+			 *  (x) (s)  ->  (x) (c)
+			 *        \
+			 *        (c)
+			 */
+			parent = successor;
+			child2 = successor->rb_right;
+			augment->copy(node, successor);
+		} else {
+			/*
+			 * Case 3: node's successor is leftmost under
+			 * node's right child subtree
+			 *
+			 *    (n)          (s)
+			 *    / \          / \
+			 *  (x) (y)  ->  (x) (y)
+			 *      /            /
+			 *    (p)          (p)
+			 *    /            /
+			 *  (s)          (c)
+			 *    \
+			 *    (c)
+			 */
+			do {
+				parent = successor;
+				successor = tmp;
+				tmp = tmp->rb_left;
+			} while (tmp);
+			parent->rb_left = child2 = successor->rb_right;
+			successor->rb_right = child;
+			rb_set_parent(child, successor);
+			augment->copy(node, successor);
+			augment->propagate(parent, successor);
+		}
+
+		successor->rb_left = tmp = node->rb_left;
+		rb_set_parent(tmp, successor);
+
+		pc = node->__rb_parent_color;
+		tmp = __rb_parent(pc);
+		__rb_change_child(node, successor, tmp, root);
+		if (child2) {
+			successor->__rb_parent_color = pc;
+			rb_set_parent_color(child2, parent, RB_BLACK);
+			rebalance = NULL;
+		} else {
+			unsigned long pc2 = successor->__rb_parent_color;
+			successor->__rb_parent_color = pc;
+			rebalance = __rb_is_black(pc2) ? parent : NULL;
+		}
+		tmp = successor;
+	}
+
+	augment->propagate(tmp, NULL);
+	return rebalance;
+}
+
+static inline void
+rb_erase_augmented(struct rb_node *node, struct rb_root *root,
+		   const struct rb_augment_callbacks *augment)
+{
+	struct rb_node *rebalance = __rb_erase_augmented(node, root, augment);
+	if (rebalance)
+		__rb_erase_color(rebalance, root, augment->rotate);
+}
+
+#endif /* _GENERIC_RBTREE_H */
+

src/include/stringutil.h

@@ -1,42 +1,51 @@
-/*************************************************************************
- *
- * Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
- *
- * smartdns is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * smartdns is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef _GENERIC_STRING_UITL_H
-#define _GENERIC_STRING_UITL_H
-
-#include <stddef.h>
-#include <string.h>
-
-static inline char *safe_strncpy(char *dest, const char *src, size_t n) 
-{
-#if __GNUC__  > 7
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wstringop-truncation"
-#endif
-	char *ret = strncpy(dest, src, n - 1);
-    if (n > 0) {
-	    dest[n - 1] = '\0';
-    }
-#if __GNUC__  > 7
-#pragma GCC diagnostic pop
-#endif
-	return ret;
-}
-
-
-#endif
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _GENERIC_STRING_UITL_H
+#define _GENERIC_STRING_UITL_H
+
+#include <stddef.h>
+#include <string.h>
+
+static inline char *safe_strncpy(char *dest, const char *src, size_t n) 
+{
+	if (src == NULL) {
+		dest[0] = '\0';
+		return dest;
+	}
+
+	if (n <= 0) {
+		return NULL;
+	}
+	
+#if __GNUC__  > 7
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-truncation"
+#endif
+	char *ret = strncpy(dest, src, n - 1);
+    if (n > 0) {
+	    dest[n - 1] = '\0';
+    }
+#if __GNUC__  > 7
+#pragma GCC diagnostic pop
+#endif
+	return ret;
+}
+
+
+#endif

src/include/timer_wheel.h

@@ -0,0 +1,57 @@
+/*************************************************************************
+ *
+ * Copyright (C) 2018-2023 Ruilin Peng (Nick) <pymumu@gmail.com>.
+ *
+ * smartdns is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * smartdns is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef __TIMER_WHEEL_H
+#define __TIMER_WHEEL_H
+
+#include "list.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct tw_base;
+struct tw_timer_list;
+
+typedef void (*tw_func)(struct tw_base *, struct tw_timer_list *, void *, unsigned long);
+typedef void (*tw_del_func)(struct tw_base *, struct tw_timer_list *, void *);
+
+struct tw_timer_list {
+	void *data;
+	unsigned long expires;
+	tw_func function;
+	tw_del_func del_function;
+	struct list_head entry;
+};
+
+struct tw_base *tw_init_timers(void);
+
+int tw_cleanup_timers(struct tw_base *);
+
+void tw_add_timer(struct tw_base *, struct tw_timer_list *);
+
+int tw_del_timer(struct tw_base *, struct tw_timer_list *);
+
+int tw_mod_timer_pending(struct tw_base *, struct tw_timer_list *, unsigned long);
+
+int tw_mod_timer(struct tw_base *, struct tw_timer_list *, unsigned long);
+
+#ifdef __cplusplus
+}
+#endif
+#endif