daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: daxi20:master
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18
...
pull from: daxi20:luci-dns-forwarding
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18

11 Commits
master ... luci-dns-f

Author SHA1 Message Date
Nick Peng
2f71fe2490 feature: support marking packet on upstream server 2022-12-19 22:41:43 +08:00
Nick Peng
fb1c5d2438 readme_en: fix link 2022-12-18 23:02:37 +08:00
Nick Peng
3d15810f48 conf: support disable expired cache on specific domain. 2022-12-18 22:33:01 +08:00
Nick Peng
745b734eab readme: update readme 2022-12-18 17:55:50 +08:00
Nick Peng
219bd39f66 luci: support config speed check mode 2022-12-17 09:43:38 +08:00
Nick Peng
2722140e47 luci: add domain rule list tab 2022-12-17 07:39:47 +08:00
Nick Peng
f76c46caa6 luci: add report bugs button 2022-12-15 22:36:51 +08:00
Nick Peng
f8f1a66abe conf: support space in filename 2022-12-14 21:05:20 +08:00
Nick Peng
90e0be932e dns_server: support force no cname for A,AAAA records 2022-12-12 23:30:42 +08:00
Nick Peng
baf7a37231 luci-compat: support dns forwarding feature 2022-12-12 23:18:26 +08:00
Nick Peng
e65e0e311a luci: support DNS forwarding and block 2022-12-12 23:17:01 +08:00
25 changed files with 1690 additions and 143 deletions
Expand all files Collapse all files

112
ReadMe.md
View File

@@ -112,7 +112,7 @@ rtt min/avg/max/mdev = 5.954/6.133/6.313/0.195 ms
支持域名后缀匹配模式,简化过滤配置,过滤 20 万条记录时间 < 1ms。
6. **域名分流**
支持域名分流,不同类型的域名向不同的 DNS 服务器查询。
支持域名分流,不同类型的域名向不同的 DNS 服务器查询支持iptable和nftable更好的分流
7. **Windows / Linux 多平台支持**
支持标准 Linux 系统树莓派、OpenWrt 系统各种固件和华硕路由器原生固件。同时还支持 WSLWindows Subsystem for Linux适用于 Linux 的 Windows 子系统)。
@@ -186,43 +186,55 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
1. 安装
下载配套安装包,并上传到 Linux 系统中。
标准 Linux 系统X86 / X86_64请执行如下命令安装
```shell
$ tar zxf smartdns.1.yyyy.MM.dd-REL.x86_64-linux-all.tar.gz
$ cd smartdns
$ chmod +x ./install
$ ./install -i
```
树莓派或其他 Debian 系系统ARM / ARM64请执行如下命令安装
```shell
# dpkg -i smartdns.1.yyyy.MM.dd-REL.arm-debian-all.deb
```
下载配套安装包,并上传到 Linux 系统中。
标准 Linux 系统X86 / X86_64请执行如下命令安装
```shell
$ tar zxf smartdns.1.yyyy.MM.dd-REL.x86_64-linux-all.tar.gz
$ cd smartdns
$ chmod +x ./install
$ ./install -i
```
树莓派或其他 Debian 系系统ARM / ARM64请执行如下命令安装
```shell
# dpkg -i smartdns.1.yyyy.MM.dd-REL.arm-debian-all.deb
```
2. 修改配置
安装完成后,可配置 SmartDNS 的上游服务器信息。
一般情况下,只需要增加 `server `[`IP`]`:port` 和 `server-tcp `[`IP`]`:port` 配置项。
请尽可能配置多个上游 DNS 服务器,包括国内外的服务器。
具体配置参数请参考[配置文件说明](#配置文件说明)。
```shell
# vi /etc/smartdns/smartdns.conf
```
```shell
# vi /etc/smartdns/smartdns.conf
```
`/etc/smartdns/smartdns.conf`配置包含如下基本内容:
```
# 指定监听的端口号
bind []:53
# 指定上游服务器
server 1.1.1.1
server-tls 8.8.8.8
# 指定域名规则
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
3. 启动服务
```shell
# systemctl enable smartdns
# systemctl start smartdns
```
```shell
# systemctl enable smartdns
# systemctl start smartdns
```
4. 将 DNS 请求转发到 SmartDNS 解析
@@ -390,6 +402,18 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
```shell
# vi /opt/etc/smartdns/smartdns.conf
```
`/opt/etc/smartdns/smartdns.conf`配置包含如下基本内容:
```
# 指定监听的端口号
bind []:53
# 指定上游服务器
server 1.1.1.1
server-tls 8.8.8.8
# 指定域名规则
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
也可以通过网上邻居修改,网上邻居共享目录 `sda1` 看不到 `asusware.mipsbig` 目录,但可以直接在`文件管理器`中输入 `asusware.mipsbig\etc\init.d` 访问
@@ -418,6 +442,18 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
```shell
# vi /opt/etc/smartdns/smartdns.conf
```
`/opt/etc/smartdns/smartdns.conf`配置包含如下基本内容:
```
# 指定监听的端口号
bind []:53
# 指定上游服务器
server 1.1.1.1
server-tls 8.8.8.8
# 指定域名规则
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
另外,如需支持 IPv6可设置工作模式为 `2`,将 DNSmasq 的 DNS 服务禁用,设置 SmartDNS 为主用 DNS 服务器。将文件 `/opt/etc/smartdns/smartdns-opt.conf` 中的 `SMARTDNS_WORKMODE` 的值修改为 `2`
@@ -480,6 +516,17 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
尽可能配置多个上游DNS服务器包括国内外的服务器。
具体配置请参考[配置文件说明](#配置文件说明)。
`smartdns.conf` 配置包含如下基本内容:
```
# 指定监听的端口号
bind []:53
# 指定上游服务器
server 1.1.1.1
server-tls 8.8.8.8
# 指定域名规则
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
4. 重新加载配置
@@ -508,6 +555,7 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
smartdns name = smartdns.
```
## 配置文件说明
配置建议:**smartdns默认已设置为最优模式适合大部分场景的DNS查询体验改善一般情况只需要增加上游服务器地址即可无需做其他配置修改如有其他配置修改请务必了解其用途避免修改后起到反作用。**
@@ -536,10 +584,10 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
| audit-size | 审计大小 | 128K | 数字 + K、M 或 G | audit-size 128K |
| audit-num | 审计归档个数 | 2 | 大于等于 0 的数字 | audit-num 2 |
| conf-file | 附加配置文件 | 无 | 合法路径字符串 | conf-file /etc/smartdns/smartdns.more.conf |
| server | 上游 UDP DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-blacklist-ip]:配置 IP 过滤结果。<br>[-whitelist-ip]:指定仅接受参数中配置的 IP 范围<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server 8.8.8.8:53 -blacklist-ip -group g1 |
| server-tcp | 上游 TCP DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:指定仅接受参数中配置的 IP 范围。<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-tcp 8.8.8.8:53 |
| server-tls | 上游 TLS DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-spki-pin [sha256-pin]]TLS 合法性校验 SPKI 值base64 编码的 sha256 SPKI pin 值<br>[-host-name]TLS SNI 名称, 名称设置为-表示停用SNI名称<br>[-tls-host-verify]TLS 证书主机名校验<br> [-no-check-certificate]:跳过证书校验<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:仅接受参数中配置的 IP 范围<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-tls 8.8.8.8:853 |
| server-https | 上游 HTTPS DNS | 无 | 可重复。<br>https://[host][:port]/path服务器 IP:端口(可选)<br>[-spki-pin [sha256-pin]]TLS 合法性校验 SPKI 值base64 编码的 sha256 SPKI pin 值<br>[-host-name]TLS SNI 名称<br>[-http-host]http 协议头主机名<br>[-tls-host-verify]TLS 证书主机名校验<br> [-no-check-certificate]:跳过证书校验<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:仅接受参数中配置的 IP 范围。<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-https https://cloudflare-dns.com/dns-query |
| server | 上游 UDP DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-blacklist-ip]:配置 IP 过滤结果。<br>[-whitelist-ip]:指定仅接受参数中配置的 IP 范围<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除。<br>[-set-mark]设置数据包标记so-mark| server 8.8.8.8:53 -blacklist-ip -group g1 |
| server-tcp | 上游 TCP DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:指定仅接受参数中配置的 IP 范围。<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除。<br>[-set-mark]设置数据包标记so-mark | server-tcp 8.8.8.8:53 |
| server-tls | 上游 TLS DNS | 无 | 可重复。<br>[ip][:port]:服务器 IP:端口(可选)<br>[-spki-pin [sha256-pin]]TLS 合法性校验 SPKI 值base64 编码的 sha256 SPKI pin 值<br>[-host-name]TLS SNI 名称, 名称设置为-表示停用SNI名称<br>[-tls-host-verify]TLS 证书主机名校验<br> [-no-check-certificate]:跳过证书校验<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:仅接受参数中配置的 IP 范围<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除。<br>[-set-mark]设置数据包标记so-mark | server-tls 8.8.8.8:853 |
| server-https | 上游 HTTPS DNS | 无 | 可重复。<br>https://[host][:port]/path服务器 IP:端口(可选)<br>[-spki-pin [sha256-pin]]TLS 合法性校验 SPKI 值base64 编码的 sha256 SPKI pin 值<br>[-host-name]TLS SNI 名称<br>[-http-host]http 协议头主机名<br>[-tls-host-verify]TLS 证书主机名校验<br> [-no-check-certificate]:跳过证书校验<br>[-blacklist-ip]:配置 IP 过滤结果<br>[-whitelist-ip]:仅接受参数中配置的 IP 范围。<br>[-group [group] ...]DNS 服务器所属组,比如 office 和 foreign和 nameserver 配套使用<br>[-exclude-default-group]:将 DNS 服务器从默认组中排除。<br>[-set-mark]设置数据包标记so-mark | server-https https://cloudflare-dns.com/dns-query |
| speed-check-mode | 测速模式选择 | 无 | [ping\|tcp:[80]\|none] | speed-check-mode ping,tcp:80,tcp:443 |
| response-mode | 首次查询响应模式 | first-ping |模式:[fisrt-ping\|fastest-ip\|fastest-response]<br> [first-ping]: 最快ping响应地址模式DNS上游最快查询时延+ping时延最短查询等待与链接体验最佳;<br>[fastest-ip]: 最快IP地址模式查询到的所有IP地址中ping最短的IP。需等待IP测速; <br>[fastest-response]: 最快响应的DNS结果DNS查询等待时间最短返回的IP地址可能不是最快。| response-mode first-ping |
| address | 指定域名 IP 地址 | 无 | address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6] <br>- 表示忽略 <br># 表示返回 SOA <br>4 表示 IPv4 <br>6 表示 IPv6 | address /www.example.com/1.2.3.4 |
@@ -549,7 +597,7 @@ entware|ipkg update<br>ipkg install smartdns|软件源路径https://bin.entwa
| nftset | 域名 nftset | 无 | nftset /domain/[#4\|#6\|-]:[family#nftable#nftset\|-][,#[4\|6]:[family#nftable#nftset\|-]]]-表示忽略ipv4 地址的 family 只支持 inet 和 ipipv6 地址的 family 只支持 inet 和 ip6由于 nft 限制,两种地址只能分开存放于两个 set 中。| nftset /www.example.com/#4:inet#mytab#dns4,#6:- |
| nftset-timeout | 设置 nftset 超时功能启用 | no | [yes\|no] | nftset-timeout yes |
| nftset-debug | 设置 nftset 调试功能启用 | no | [yes\|no] | nftset-debug yes |
| domain-rules | 设置域名规则 | 无 | domain-rules /domain/ [-rules...]<br>[-c\|-speed-check-mode]:测速模式,参考 speed-check-mode 配置<br>[-a\|-address]:参考 address 配置<br>[-n\|-nameserver]:参考 nameserver 配置<br>[-p\|-ipset]参考ipset配置<br>[-t\|-nftset]参考nftset配置<br>[-d\|-dualstack-ip-selection]:参考 dualstack-ip-selection | domain-rules /www.example.com/ -speed-check-mode none |
| domain-rules | 设置域名规则 | 无 | domain-rules /domain/ [-rules...]<br>[-c\|-speed-check-mode]:测速模式,参考 speed-check-mode 配置<br>[-a\|-address]:参考 address 配置<br>[-n\|-nameserver]:参考 nameserver 配置<br>[-p\|-ipset]参考ipset配置<br>[-t\|-nftset]参考nftset配置<br>[-d\|-dualstack-ip-selection]:参考 dualstack-ip-selection<br> [-no-serve-expired]:禁用过期缓存 | domain-rules /www.example.com/ -speed-check-mode none |
| domain-set | 设置域名集合 | 无 | domain-set [options...]<br>[-n\|-name]:域名集合名称 <br>[-t\|-type]域名集合类型当前仅支持list格式为域名列表一行一个域名。<br>[-f\|-file]:域名集合文件路径。<br> 选项需要配合address, nameserver, ipset, nftset等需要指定域名的地方使用使用方式为 /domain-set:[name]/| domain-set -name set -type list -file /path/to/list <br> address /domain-set:set/1.2.4.8 |
| bogus-nxdomain | 假冒 IP 地址过滤 | 无 | [ip/subnet],可重复 | bogus-nxdomain 1.2.3.4/16 |
| ignore-ip | 忽略 IP 地址 | 无 | [ip/subnet],可重复 | ignore-ip 1.2.3.4/16 |

63
ReadMe_en.md
View File

@@ -118,6 +118,9 @@ From the comparison, smartdns found the fastest IP address to visit www.baidu.co
8. **High performance, low resource consumption**
Multi-threaded asynchronous IO mode, cache cache query results.
9. **DNS domain forwarding**
Support DNS forwarding, ipset and nftables.
## Architecture
![Architecture](doc/architecture.png)
@@ -164,7 +167,7 @@ Download the matching version of the SmartDNS installation package. The correspo
* The released packages are statically compiled. If you need a small size package, please compile it yourself or obtain it from the openwrt / entware repository.
* **Please download from the Release page: [Download here](https://github.com/pymu/smartdns/releases)**
* **Please download from the Release page: [Download here](https://github.com/pymumu/smartdns/releases)**
```shell
https://github.com/pymumu/smartdns/releases
@@ -203,6 +206,18 @@ https://github.com/pymumu/smartdns/releases
vi /etc/smartdns/smartdns.conf
```
`smartdns.conf` example:
```
# set listen port
bind []:53
# set upstream servers
server 1.1.1.1
server-tls 8.8.8.8
# set domain rules
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
1. Start Service
```shell
@@ -363,6 +378,18 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
```shell
vi /opt/etc/smartdns/smartdns.conf
```
`smartdns.conf` example:
```
# set listen port
bind []:53
# set upstream servers
server 1.1.1.1
server-tls 8.8.8.8
# set domain rules
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
It can also be modified from Network Neighborhood. From the neighbor sharing directory `sda1` you can't see the `asusware.mipsbig` directory, but you can directly enter `asusware.mipsbig\etc\init.d` in `File Manager` to modify it.
@@ -392,6 +419,18 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
Vi /opt/etc/smartdns/smartdns.conf
```
`smartdns.conf` example:
```
# set listen port
bind []:53
# set upstream servers
server 1.1.1.1
server-tls 8.8.8.8
# set domain rules
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
Note: if you need to support IPV6, you can set the worke-mode to `2`, this will disable the DNS service of dnsmasq, and smartdns run as the primary DNS server. Change `SMARTDNS_WORKMODE` in the file `/opt/etc/smartdns/smartdns-opt.conf` to 2.
```shell
@@ -447,6 +486,18 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
In general, you only need to add `server [IP]:port`, `server-tcp [IP]:port` configuration items.
Configure as many upstream DNS servers as possible, including servers at home and abroad. Please refer to the `Configuration Parameters` section for configuration parameters.
`smartdns.conf` example:
```
# set listen port
bind []:53
# set upstream servers
server 1.1.1.1
server-tls 8.8.8.8
# set domain rules
address /example.com/1.2.3.4
domain-rule /example.com/ -address 1.2.3.4
```
1. Start Service
Double-click `reload.bat` in the `D:\smartdns\package\windows` directory for reload.
@@ -495,10 +546,10 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|audit-size|audit log size|128K|number+K,M,G|audit-size 128K
|audit-num|archived audit log number|2|Integer|audit-num 2
|conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf
|server|Upstream UDP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server 8.8.8.8:53 -blacklist-ip
|server-tcp|Upstream TCP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tcp 8.8.8.8:53
|server-tls|Upstream TLS DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name. `-` to disable SNI name.<br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tls 8.8.8.8:853
|server-https|Upstream HTTPS DNS server|None|Repeatable <br>`https://[host][:port]/path`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name<br>`[-http-host]`http header host. <br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-https https://cloudflare-dns.com/dns-query
|server|Upstream UDP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group. <br>`[-set-mark]`set mark on packets | server 8.8.8.8:53 -blacklist-ip
|server-tcp|Upstream TCP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group <br>`[-set-mark]`set mark on packets | server-tcp 8.8.8.8:53
|server-tls|Upstream TLS DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name. `-` to disable SNI name.<br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group <br> `[-set-mark]`set mark on packets | server-tls 8.8.8.8:853
|server-https|Upstream HTTPS DNS server|None|Repeatable <br>`https://[host][:port]/path`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name<br>`[-http-host]`http header host. <br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group <br> `[-set-mark]`set mark on packets | server-https https://cloudflare-dns.com/dns-query
|speed-check-mode|Speed mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:80,tcp:443
|response-mode|First query response mode|first-ping|Mode: [fisrt-ping\|fastest-ip\|fastest-response]<br> [first-ping]: The fastest dns + ping response mode, DNS query delay + ping delay is the shortest;<br>[fastest-ip]: The fastest IP address mode, return the fastest ip address, may take some time to test speed. <br>[fastest-response]: The fastest response DNS result mode, the DNS query waiting time is the shortest. | response-mode first-ping |
|address|Domain IP address|None|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4
@@ -508,7 +559,7 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|nftset|Domain nftset|None|nftset /domain/[#4\|#6\|-]:[family#nftable#nftset\|-][,#[4\|6]:[family#nftable#nftset\|-]]], `-` to ignore; the valid families are inet and ip for ipv4 addresses while the valid ones are inet and ip6 for ipv6 addresses; due to the limitation of nft, two types of addresses have to be stored in two sets|nftset /www.example.com/#4:inet#mytab#dns4,#6:-
|nftset-timeout|nftset timeout enable|no|[yes\|no]|nftset-timeout yes
|nftset-debug|nftset debug enable|no|[yes\|no]|nftset-debug yes
|domain-rules|set domain rules|None|domain-rules /domain/ [-rules...]<br>[-c\|-speed-check-mode]: set speed check modesame as parameter speed-check-mode<br>[-a\|-address]: same as parameter `address` <br>[-n\|-nameserver]: same as parameter `nameserver`<br>[-p\|-ipset]: same as parameter `nftset`<br>[-t\|-nftset]: same as parameter `nftset`<br>[-d\|-dualstack-ip-selection]: same as parameter `dualstack-ip-selection`|domain-rules /www.example.com/ -speed-check-mode none
|domain-rules|set domain rules|None|domain-rules /domain/ [-rules...]<br>[-c\|-speed-check-mode]: set speed check modesame as parameter speed-check-mode<br>[-a\|-address]: same as parameter `address` <br>[-n\|-nameserver]: same as parameter `nameserver`<br>[-p\|-ipset]: same as parameter `nftset`<br>[-t\|-nftset]: same as parameter `nftset`<br>[-d\|-dualstack-ip-selection]: same as parameter `dualstack-ip-selection`<br> [-no-serve-expired]disable serve expired|domain-rules /www.example.com/ -speed-check-mode none
| domain-set | collection of domains|None| domain-set [options...]<br>[-n\|-name]name of set <br>[-t\|-type] [list]: set type, only support list, one domain per line <br>[-f\|-file]file path of domain set<br> used with address, nameserver, ipset, nftset, example: /domain-set:[name]/ | domain-set -name set -type list -file /path/to/list <br> address /domain-set:set/1.2.4.8 |
|bogus-nxdomain|bogus IP address|None|[IP/subnet], Repeatable| bogus-nxdomain 1.2.3.4/16
|ignore-ip|ignore ip address|None|[ip/subnet], Repeatable| ignore-ip 1.2.3.4/16

2
etc/smartdns/smartdns.conf
View File

@@ -32,6 +32,7 @@
# -no-rule-soa: Skip address SOA(#) rules.
# -no-dualstack-selection: Disable dualstack ip selection.
# -force-aaaa-soa: force AAAA query return SOA.
# -set-mark: set mark on packets.
# example:
# IPV4:
# bind :53
@@ -237,6 +238,7 @@ log-level info
# [-p] -ipset [ipset|-]: same as ipset option
# [-t] -nftset [nftset|-]: same as nftset option
# [-d] -dualstack-ip-selection [yes|no]: same as dualstack-ip-selection option
# -no-serve-expired: ignore expired domain
# collection of domains
# the domain-set can be used with /domain/ for address, nameserver, ipset, etc.

168
package/luci-compat/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -2,6 +2,12 @@
msgid "Additional Args for upstream dns servers"
msgstr "额外的上游 DNS 服务器参数"
msgid "Additional Rule Flag"
msgstr "额外规则标识"
msgid "Additional Flags for rules, read help on domain-rule for more information."
msgstr "额外的规则标识具体参考domain-rule的帮助说明。"
msgid "Additional Server Args"
msgstr "额外的服务器参数"
@@ -22,7 +28,7 @@ msgstr "自动设置为Dnsmasq的上游服务器"
msgid "Cache Size"
msgstr "缓存大小"
msgid "Collecting data ..."
msgid "Collecting data..."
msgstr "正在收集数据..."
msgid ""
@@ -30,12 +36,27 @@ msgid ""
"DNS server."
msgstr "配置需要从指定域名服务器结果过滤的IP黑名单。"
msgid "Configure block domain list."
msgstr "配置屏蔽域名列表"
msgid "Configure forwarding domain name list."
msgstr "配置分流域名列表"
msgid "Custom Settings"
msgstr "自定义设置"
msgid "DNS Block Setting"
msgstr "域名屏蔽设置"
msgid "DNS Forwarding Setting"
msgstr "域名分流设置"
msgid "DNS Server Name"
msgstr "DNS服务器名称"
msgid "DNS Server group belongs to, such as office, home."
msgstr "配置归属服务器组例如office, home"
msgid ""
"DNS Server group belongs to, used with nameserver, such as office, home."
msgstr "DNS服务器所属组 配合nameserver使用例如officehome。"
@@ -52,8 +73,8 @@ msgstr "协议类型"
msgid "DNS domain result cache size"
msgstr "缓存DNS的结果缓存大小配置零则不缓存"
msgid "Dnsmasq Forwared To Smartdns Failure"
msgstr "重定向dnsmasq到smartdns失败"
msgid "Description"
msgstr "描述"
msgid "Do not check certificate."
msgstr "不校验证书的合法性。"
@@ -64,6 +85,18 @@ msgstr "禁用测速。"
msgid "Domain Address"
msgstr "域名地址"
msgid "Domain List"
msgstr "域名列表"
msgid "Domain List File"
msgstr "域名列表文件"
msgid "Domain Rules"
msgstr "域名规则"
msgid "Domain Rules Settings"
msgstr "域名规则设置"
msgid "Domain TTL"
msgstr "域名TTL"
@@ -82,12 +115,26 @@ msgstr "捐助"
msgid "Donate to smartdns"
msgstr "捐助smartdns项目"
msgid "Download Files"
msgstr "下载文件"
msgid "Download Files Setting"
msgstr "下载文件设置"
msgid ""
"Download domain list files for domain-rule and include config files, please "
"refresh the page after download to take effect."
msgstr "下载域名文件列表,下载后刷新页面生效"
msgid "Dual-stack IP Selection"
msgstr "双栈IP优选"
msgid "Enable"
msgstr "启用"
msgid "Enable Auto Update"
msgstr "启用自动更新"
msgid "Enable IP selection between IPV4 and IPV6"
msgstr "启用 IPV4 和 IPV6 间的 IP 优选策略"
@@ -97,6 +144,9 @@ msgstr "启用IPV6服务器"
msgid "Enable TCP DNS Server"
msgstr "启用TCP服务器"
msgid "Enable daily auto update."
msgstr "启用每日自动更新。"
msgid "Enable domain prefetch, accelerate domain response speed."
msgstr "启用域名预加载,加速域名响应速度。"
@@ -106,6 +156,18 @@ msgstr "是否启用第二DNS服务器。"
msgid "Enable or disable smartdns server"
msgstr "启用或禁用SmartDNS服务"
msgid "Exclude DNS Server from default group."
msgstr "从default默认服务器组中排除"
msgid "Exclude Default Group"
msgstr "从默认服务器组排除"
msgid "File Name"
msgstr "文件名"
msgid "File Type"
msgstr "文件类型"
msgid "Filtering IP with blacklist"
msgstr "使用IP黑名单过滤"
@@ -133,9 +195,6 @@ msgid ""
msgstr ""
"当smartdns异常时生成coredump文件coredump文件在/tmp/smartdns.xxx.core."
msgid "Grant access to LuCI app smartdns"
msgstr "授予访问 LuCI 应用 smartdns 的权限"
msgid "HTTP Host"
msgstr "HTTP主机"
@@ -148,18 +207,50 @@ msgstr "IP黑名单过滤"
msgid "IPV6 Server"
msgstr "IPV6服务器"
msgid "IPset Name"
msgstr "IPSet名称"
msgid "IPset name."
msgstr "IPSet名称。"
msgid "If you like this software, please buy me a cup of coffee."
msgstr "如果本软件对你有帮助,请给作者加个蛋。"
msgid "Include Config Files<br>/etc/smartdns/conf.d"
msgstr "包含配置文件"
msgid ""
"Include other config files from /etc/smartdns/conf.d or custom path, can be "
"downloaded from the download page."
msgstr "包含配置文件,路径为/etc/smartdns/conf.d或自定义配置文件路径可以从下载页"
msgid "List of files to download."
msgstr "下载的文件列表。"
msgid "Local Port"
msgstr "本地端口"
msgid "Marking Packets"
msgstr "数据包标记"
msgid "Set mark on packets."
msgstr "设置数据包标记。"
msgid "Maximum TTL for all domain result."
msgstr "所有域名的最大 TTL 值。"
msgid "Minimum TTL for all domain result."
msgstr "所有域名的最小 TTL 值。"
msgid "NFTset Name"
msgstr "NFTSet名称"
msgid "NFTset name format error, format: [#[4|6]:[family#table#set]]"
msgstr "NFTSet名称格式错误格式[#[4|6]:[family#table#set]]"
msgid "NFTset name, format: [#[4|6]:[family#table#set]]"
msgstr "NFTSet名称格式[#[4|6]:[family#table#set]]"
msgid "NOT RUNNING"
msgstr "未运行"
@@ -184,6 +275,12 @@ msgstr "解析本地主机名"
msgid "Resolve local hostnames by reading Dnsmasq lease file."
msgstr "读取Dnsmasq的租约文件解析本地主机名。"
msgid "Restart"
msgstr "重启"
msgid "Restart smartdns"
msgstr "重启服务"
msgid "Second Server Settings"
msgstr "第二DNS服务器"
@@ -193,6 +290,9 @@ msgstr "缓存过期服务"
msgid "Server Group"
msgstr "服务器组"
msgid "Server Group not exists"
msgstr "服务器组不存在"
msgid "Server Name"
msgstr "服务器名称"
@@ -275,11 +375,21 @@ msgstr "SmartDNS本地服务端口"
msgid ""
"Smartdns local server port, smartdns will be automatically set as main dns "
"when the port is 53."
msgstr "SmartDNS本地服务端口当端口号设置为53时smartdns将会自动配置为主dns。"
msgstr ""
"SmartDNS本地服务端口当端口号设置为53时smartdns将会自动配置为主dns。"
msgid "Smartdns server name"
msgstr "SmartDNS的服务器名称默认为smartdns留空为主机名"
msgid "Speed check mode is invalid."
msgstr "测速模式无效。"
msgid "Speed Check Mode"
msgstr "测速模式"
msgid "Smartdns speed check mode. "
msgstr "SmartDns测速模式设置。"
msgid ""
"Specify an IP address to return for any host in the given domains, Queries "
"in the domains are never forwarded and always replied to with the specified "
@@ -288,6 +398,9 @@ msgstr ""
"配置特定域名返回特定的IP地址域名查询将不到上游服务器请求直接返回配置的IP"
"地址,可用于广告屏蔽。"
msgid "Report bugs"
msgstr "报告BUG"
msgid "TCP Server"
msgstr "TCP服务器"
@@ -306,6 +419,38 @@ msgstr "设置所有域名的 TTL 值。"
msgid "Technical Support"
msgstr "技术支持"
msgid "URL"
msgstr "URL"
msgid "URL format error, format: http:// or https://"
msgstr "URL格式错误格式http://或https://"
msgid "Update Files"
msgstr "更新文件"
msgid "Upload Config File"
msgstr "上传域名列表文件"
msgid "Upload Domain List File"
msgstr "上传域名列表文件"
msgid "Upload domain list file to /etc/smartdns/domain-set"
msgstr "上传域名列表文件到/etc/smartdns/domain-set目录"
msgid ""
"Upload domain list file, or configure auto download from Download File "
"Setting page."
msgstr "上传域名列表文件,或在下载文件设置页面设置自动下载。"
msgid "Upload domain list file."
msgstr "上传域名列表文件。"
msgid "Upload smartdns config file to /etc/smartdns/conf.d"
msgstr "上传配置文件到/etc/smartdns/conf.d目录"
msgid "Upstream DNS Server Configuration"
msgstr "上游服务器配置"
msgid "Upstream Servers"
msgstr "上游服务器"
@@ -324,6 +469,9 @@ msgstr ""
"用于校验 TLS 服务器的有效性,数值为 Base64 编码的 SPKI 指纹,留空表示不验证 "
"TLS 的合法性。"
msgid "domain list (/etc/smartdns/domain-set)"
msgstr "域名列表(/etc/smartdns/domain-set"
msgid "https"
msgstr "https"
@@ -336,6 +484,9 @@ msgstr "打开网站"
msgid "port"
msgstr "端口"
msgid "smartdns config (/etc/smartdns/conf.d)"
msgstr "配置文件(/etc/smartdns/conf.d"
msgid "smartdns custom settings"
msgstr "smartdns 自定义设置,具体配置参数参考指导"
@@ -350,3 +501,6 @@ msgstr "类型"
msgid "udp"
msgstr "udp"
msgid "update domain list files"
msgstr "更新列表文件"

311
package/luci-compat/files/luci/model/cbi/smartdns/smartdns.lua
View File

@@ -19,6 +19,8 @@ require ("luci.http")
require ("luci.dispatcher")
require ("nixio.fs")
local uci = require "luci.model.uci".cursor()
m = Map("smartdns")
m.title = translate("SmartDNS Server")
m.description = translate("SmartDNS is a local high-performance DNS server, supports finding fastest IP, supports ad filtering, and supports avoiding DNS poisoning.")
@@ -30,6 +32,7 @@ s = m:section(TypedSection, "smartdns", translate("Settings"), translate("Genera
s.anonymous = true
s:tab("settings", translate("General Settings"))
s:tab("advanced", translate('Advanced Settings'))
s:tab("seconddns", translate("Second Server Settings"))
s:tab("custom", translate("Custom Settings"))
@@ -52,8 +55,54 @@ o.default = 53
o.datatype = "port"
o.rempty = false
---- Speed check mode;
o = s:taboption("advanced", Value, "speed_check_mode", translate("Speed Check Mode"), translate("Smartdns speed check mode."));
o.rmempty = true;
o.placeholder = "default";
o.default = o.enabled;
o:value("ping,tcp:80,tcp:443");
o:value("ping,tcp:443,tcp:80");
o:value("tcp:80,tcp:443,ping");
o:value("tcp:443,tcp:80,ping");
o:value("none", translate("None"));
function o.validate (section_id, value)
if value == "" then
return value
end
if value == nil then
return nil, translate("Speed check mode is invalid.")
end
if value == "none" then
return value
end
local mode = value:split(",");
for _, v in ipairs(mode) do repeat
if v == "ping" then
break
end
if v == nil then
return nil, translate("Speed check mode is invalid.")
end
local port = v:split(":");
if "tcp" == port[1] then
if tonumber(port[2]) then
break
end
end
return nil, translate("Speed check mode is invalid.")
until true end
return value
end
---- Enable TCP server
o = s:taboption("settings", Flag, "tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
o = s:taboption("advanced", Flag, "tcp_server", translate("TCP Server"), translate("Enable TCP DNS Server"))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -61,7 +110,7 @@ o.cfgvalue = function(...)
end
---- Support IPV6
o = s:taboption("settings", Flag, "ipv6_server", translate("IPV6 Server"), translate("Enable IPV6 DNS Server"))
o = s:taboption("advanced", Flag, "ipv6_server", translate("IPV6 Server"), translate("Enable IPV6 DNS Server"))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -69,7 +118,7 @@ o.cfgvalue = function(...)
end
---- Support DualStack ip selection
o = s:taboption("settings", Flag, "dualstack_ip_selection", translate("Dual-stack IP Selection"), translate("Enable IP selection between IPV4 and IPV6"))
o = s:taboption("advanced", Flag, "dualstack_ip_selection", translate("Dual-stack IP Selection"), translate("Enable IP selection between IPV4 and IPV6"))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -77,7 +126,7 @@ o.cfgvalue = function(...)
end
---- Domain prefetch load
o = s:taboption("settings", Flag, "prefetch_domain", translate("Domain prefetch"), translate("Enable domain prefetch, accelerate domain response speed."))
o = s:taboption("advanced", Flag, "prefetch_domain", translate("Domain prefetch"), translate("Enable domain prefetch, accelerate domain response speed."))
o.rmempty = false
o.default = o.disabled
o.cfgvalue = function(...)
@@ -85,7 +134,7 @@ o.cfgvalue = function(...)
end
---- Domain Serve expired
o = s:taboption("settings", Flag, "serve_expired", translate("Serve expired"),
o = s:taboption("advanced", Flag, "serve_expired", translate("Serve expired"),
translate("Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish."))
o.rmempty = false
o.default = o.enabled
@@ -94,11 +143,11 @@ o.cfgvalue = function(...)
end
---- cache-size
o = s:taboption("settings", Value, "cache_size", translate("Cache Size"), translate("DNS domain result cache size"))
o = s:taboption("advanced", Value, "cache_size", translate("Cache Size"), translate("DNS domain result cache size"))
o.rempty = true
-- cache-size
o = s:taboption("settings", Flag, "resolve_local_hostnames", translate("Resolve Local Hostnames"), translate("Resolve local hostnames by reading Dnsmasq lease file."));
o = s:taboption("advanced", Flag, "resolve_local_hostnames", translate("Resolve Local Hostnames"), translate("Resolve local hostnames by reading Dnsmasq lease file."))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -106,7 +155,7 @@ o.cfgvalue = function(...)
end
-- Automatically Set Dnsmasq
o = s:taboption("settings", Flag, "auto_set_dnsmasq", translate("Automatically Set Dnsmasq"), translate("Automatically set as upstream of dnsmasq when port changes."));
o = s:taboption("advanced", Flag, "auto_set_dnsmasq", translate("Automatically Set Dnsmasq"), translate("Automatically set as upstream of dnsmasq when port changes."))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -114,7 +163,7 @@ o.cfgvalue = function(...)
end
-- Force AAAA SOA
o = s:taboption("settings", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."));
o = s:taboption("advanced", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -122,7 +171,7 @@ o.cfgvalue = function(...)
end
-- Force HTTPS SOA
o = s:taboption("settings", Flag, "force_https_soa", translate("Force HTTPS SOA"), translate("Force HTTPS SOA."));
o = s:taboption("advanced", Flag, "force_https_soa", translate("Force HTTPS SOA"), translate("Force HTTPS SOA."))
o.rmempty = false
o.default = o.enabled
o.cfgvalue = function(...)
@@ -130,24 +179,35 @@ o.cfgvalue = function(...)
end
---- rr-ttl
o = s:taboption("settings", Value, "rr_ttl", translate("Domain TTL"), translate("TTL for all domain result."))
o = s:taboption("advanced", Value, "rr_ttl", translate("Domain TTL"), translate("TTL for all domain result."))
o.rempty = true
---- rr-ttl-min
o = s:taboption("settings", Value, "rr_ttl_min", translate("Domain TTL Min"), translate("Minimum TTL for all domain result."))
o = s:taboption("advanced", Value, "rr_ttl_min", translate("Domain TTL Min"), translate("Minimum TTL for all domain result."))
o.rempty = true
o.placeholder = "600"
o.default = 600
o.optional = true
---- rr-ttl-max
o = s:taboption("settings", Value, "rr_ttl_max", translate("Domain TTL Max"), translate("Maximum TTL for all domain result."))
o = s:taboption("advanced", Value, "rr_ttl_max", translate("Domain TTL Max"), translate("Maximum TTL for all domain result."))
o.rempty = true
---- rr-ttl-reply-max
o = s:taboption("settings", Value, "rr_ttl_reply_max", translate("Reply Domain TTL Max"), translate("Reply maximum TTL for all domain result."))
o = s:taboption("advanced", Value, "rr_ttl_reply_max", translate("Reply Domain TTL Max"), translate("Reply maximum TTL for all domain result."))
o.rempty = true
o = s:taboption("advanced", DynamicList, "conf_files", translate("Include Config Files<br>/etc/smartdns/conf.d"),
translate("Include other config files from /etc/smartdns/conf.d or custom path, can be downloaded from the download page."));
uci:foreach("smartdns", "download-file", function(section)
local filetype = section.type
if (filetype ~= 'config') then
return
end
o:value(section.name);
end)
---- second dns server
---- Eanble
o = s:taboption("seconddns", Flag, "seconddns_enabled", translate("Enable"), translate("Enable or disable second DNS server."))
@@ -305,11 +365,135 @@ o:value("https", translate("https"))
o.default = "udp"
o.rempty = false
s = m:section(TypedSection, "smartdns", translate("Advanced Settings"), translate("Advanced Settings"));
s.anonymous = true;
---- domain rules;
s = m:section(TypedSection, "domain-rule", translate("Domain Rules"), translate("Domain Rules Settings"))
s.anonymous = true
s.nodescriptions = true
s:tab("domain-address", translate("Domain Address"), translate("Set Specific domain ip address."));
s:tab("blackip-list", translate("IP Blacklist"), translate("Set Specific ip blacklist."));
s:tab("forwarding", translate('DNS Forwarding Setting'))
s:tab("block", translate("DNS Block Setting"))
s:tab("domain-address", translate("Domain Address"), translate("Set Specific domain ip address."))
s:tab("blackip-list", translate("IP Blacklist"), translate("Set Specific ip blacklist."))
---- domain forwarding;
o = s:taboption("forwarding", Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, such as office, home."))
o.rmempty = true
o.placeholder = "default"
o.datatype = "hostname"
o.rempty = true
uci:foreach("smartdns", "server", function(section)
local server_group = section.server_group
if server_group == nil then
return
end
o:value(server_group);
end)
function o.validate (section_id, value)
if value == "" then
return value
end
if value == nil then
return nil, translate('Server Group not exists')
end
local exists = false
uci:foreach("smartdns", "server", function(section)
local server_group = section.server_group
if (exists == true) then
return
end
if (value == server_group) then
exists = true
end
end)
if exists == false then
return nil, translate('Server Group not exists')
end
return value;
end
o = s:taboption("forwarding", Flag, "no_speed_check", translate("Skip Speed Check"),
translate("Do not check speed."))
o.rmempty = false
o.default = o.disabled
o = s:taboption("forwarding", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
o.rmempty = false
o.default = o.disabled
o = s:taboption("forwarding", Value, "ipset_name", translate("IPset Name"), translate("IPset name."))
o.rmempty = true
o.datatype = "hostname"
o.rempty = true
o = s:taboption("forwarding", Value, "nftset_name", translate("NFTset Name"), translate("NFTset name, format: [#[4|6]:[family#table#set]]"))
o.rmempty = true
o.datatype = "string"
o.rempty = true
function o.validate(self, value)
if (value == "") then
return value
end
if (value:match("#[4|6]:[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+#[a-zA-Z0-9%-_]+$")) then
return value
end
return nil, translate("NFTset name format error, format: [#[4|6]:[family#table#set]]")
end
---- other args
o = s:taboption("forwarding", Value, "addition_flag", translate("Additional Rule Flag"), translate("Additional Flags for rules, read help on domain-rule for more information."))
o.default = ""
o.rempty = true
o.modalonly = true;
o = s:taboption("forwarding", FileUpload, "forwarding_domain_set_file", translate("Domain List File"),
translate("Upload domain list file, or configure auto download from Download File Setting page."))
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/domain-set"
o = s:taboption("forwarding", TextValue, "domain_forwarding_list",
translate("Domain List"), translate("Configure forwarding domain name list."))
o.rows = 10
o.cols = 64
o.monospace = true
function o.cfgvalue(self, section)
return nixio.fs.readfile("/etc/smartdns/domain-forwarding.list")
end
function o.write(self, section, value)
value = value:gsub("\r\n?", "\n")
nixio.fs.writefile("/etc/smartdns/domain-forwarding.list", value)
end
---- domain block;
o = s:taboption("block", FileUpload, "block_domain_set_file", translate("Domain List File"), translate("Upload domain list file."))
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/domain-set"
o = s:taboption("block", TextValue, "domain_block_list",
translate("Domain List"), translate("Configure block domain list."))
o.rows = 10
o.cols = 64
function o.cfgvalue(self, section)
return nixio.fs.readfile("/etc/smartdns/domain-block.list")
end
function o.write(self, section, value)
value = value:gsub("\r\n?", "\n")
nixio.fs.writefile("/etc/smartdns/domain-block.list", value)
end
-- Doman addresss
addr = s:taboption("domain-address", Value, "address",
@@ -345,6 +529,81 @@ function addr.write(self, section, value)
nixio.fs.writefile("/etc/smartdns/blacklist-ip.conf", value)
end
s = m:section(TypedSection, "smartdns", translate("Download Files Setting"), translate("Download domain list files for domain-rule and include config files, please refresh the page after download to take effect."))
s.anonymous = true
---- download Files Settings
o = s:option(Flag, "enable_auto_update", translate("Enable Auto Update"), translate("Enable daily auto update."))
o.rmempty = false
o.default = o.disabled
o.rempty = true
o = s:option(FileUpload, "upload_conf_file", translate("Upload Config File"),
translate("Upload smartdns config file to /etc/smartdns/conf.d"))
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/conf.d"
o = s:option(FileUpload, "upload_list_file", translate("Upload Domain List File"),
translate("Upload domain list file to /etc/smartdns/domain-set"))
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/domain-set"
o = s:option(Button, "_updateate")
o.title = translate("Update Files")
o.inputtitle = translate("update domain list files")
o.inputstyle = "apply"
o.write = function()
luci.sys.call("/etc/init.d/smartdns updatefiles >/dev/null 2>&1")
end
s = m:section(TypedSection, "download-file", translate("Download Files"), translate("List of files to download."))
s.anonymous = true
s.addremove = true
s.template = "cbi/tblsection"
o = s:option(Value, 'name', translate('File Name'), translate('File Name'))
o.rmempty = false
o.datatype = 'string'
o = s:option(Value, 'url', translate('URL'), translate('URL'))
o.rmempty = false
o.datatype = 'string'
function o.validate(self, value, section)
if value == "" then
return nil, translate("URL format error, format: http:// or https://")
end
if value == nil then
return nil, translate("URL format error, format: http:// or https://")
end
if value.find(value, "http://") then
return value
end
if value.find(value, "https://") then
return value
end
return nil, translate("URL format error, format: http:// or https://")
end
o = s:option(ListValue, "type", translate("type"), translate("File Type"))
o:value("list", translate("domain list (/etc/smartdns/domain-set)"))
o:value("config", translate("smartdns config (/etc/smartdns/conf.d)"))
o.default = "list"
o.rempty = false
o = s:option(Value, 'desc', translate('Description'), translate('Description'))
o.rmempty = true
o.datatype = 'string'
-- Technical Support
s = m:section(TypedSection, "smartdns", translate("Technical Support"),
translate("If you like this software, please buy me a cup of coffee."))
@@ -358,6 +617,14 @@ o.write = function()
luci.http.redirect("https://pymumu.github.io/smartdns")
end
o = s:option(Button, "report")
o.title = translate("Report bugs")
o.inputtitle = translate("Report bugs")
o.inputstyle = "apply"
o.write = function()
luci.http.redirect("https://github.com/pymumu/smartdns/issues")
end
o = s:option(Button, "Donate")
o.title = translate("Donate to smartdns")
o.inputtitle = translate("Donate")
@@ -366,5 +633,13 @@ o.write = function()
luci.http.redirect("https://pymumu.github.io/smartdns/#donate")
end
o = s:option(Button, "Restart")
o.title = translate("Restart smartdns")
o.inputtitle = translate("Restart")
o.inputstyle = "apply"
o.write = function()
luci.sys.call("/etc/init.d/smartdns restart >/dev/null 2>&1")
end
return m

13
package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua
View File

@@ -62,6 +62,13 @@ o.placeholder = "default"
o.datatype = "hostname"
o.rempty = true
---- exclude default group
o = s:option(Flag, "exclude_default_group", translate("Exclude Default Group"), translate("Exclude DNS Server from default group."))
o.rmempty = false
o.default = o.disabled
o.editable = true
o.modalonly = true
---- blacklist_ip
o = s:option(Flag, "blacklist_ip", translate("IP Blacklist Filtering"), translate("Filtering IP with blacklist"))
o.rmempty = false
@@ -120,6 +127,12 @@ o.rempty = true
o:depends("type", "tls")
o:depends("type", "https")
---- mark
o = s:option(Value, "set_mark", translate("Marking Packets"), translate("Set mark on packets."))
o.default = ""
o.rempty = true
o.datatype = "uinteger"
---- other args
o = s:option(Value, "addition_arg", translate("Additional Server Args"), translate("Additional Args for upstream dns servers"))
o.default = ""

22
package/luci-compat/files/usr/share/rpcd/acl.d/luci-app-smartdns.json Normal file
View File

@@ -0,0 +1,22 @@
{
"luci-app-smartdns": {
"description": "Grant access to LuCI app smartdns",
"read": {
"file": {
"/etc/smartdns/*": [ "read" ]
},
"ubus": {
"service": [ "list" ]
},
"uci": [ "smartdns" ]
},
"write": {
"file": {
"/etc/smartdns/*": [ "write" ],
"/etc/init.d/smartdns restart": [ "exec" ],
"/etc/init.d/smartdns updatefiles": [ "exec" ]
},
"uci": [ "smartdns" ]
}
}
}

1
package/luci-compat/make.sh
View File

@@ -54,6 +54,7 @@ build()
build_tool
mkdir $ROOT/root/usr/lib/lua/ -p
cp $ROOT/files/luci $ROOT/root/usr/lib/lua/ -af
cp $ROOT/files/usr $ROOT/root/ -af
#Generate Language
$PO2LMO $ROOT/files/luci/i18n/smartdns.zh-cn.po $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.lmo

194
package/luci/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -2,6 +2,12 @@
msgid "Additional Args for upstream dns servers"
msgstr "额外的上游 DNS 服务器参数"
msgid "Additional Rule Flag"
msgstr "额外规则标识"
msgid "Additional Flags for rules, read help on domain-rule for more information."
msgstr "额外的规则标识具体参考domain-rule的帮助说明。"
msgid "Additional Server Args"
msgstr "额外的服务器参数"
@@ -17,7 +23,13 @@ msgid "Automatically Set Dnsmasq"
msgstr "自动设置Dnsmasq"
msgid "Automatically set as upstream of dnsmasq when port changes."
msgstr "自动设置为Dnsmasq的上游服务器"
msgstr "端口更改时自动设为 dnsmasq 的上游"
msgid "Block domain type"
msgstr "屏蔽域名类型"
msgid "Block domain type."
msgstr "屏蔽域名类型。"
msgid "Cache Size"
msgstr "缓存大小"
@@ -30,15 +42,32 @@ msgid ""
"DNS server."
msgstr "配置需要从指定域名服务器结果过滤的IP黑名单。"
msgid "Configure block domain list."
msgstr "配置屏蔽域名列表"
msgid "Configure domain rule list."
msgstr "配置域名规则列表"
msgid "Configure forwarding domain name list."
msgstr "配置分流域名列表"
msgid "Custom Settings"
msgstr "自定义设置"
msgid "DNS Block Setting"
msgstr "域名屏蔽设置"
msgid "DNS Forwarding Setting"
msgstr "域名分流设置"
msgid "DNS Server Name"
msgstr "DNS服务器名称"
msgid ""
"DNS Server group belongs to, used with nameserver, such as office, home."
msgstr "DNS服务器所属组 配合nameserver使用例如officehome。"
msgid "DNS Server group"
msgstr "服务器组"
msgid "DNS Server group belongs to, such as office, home."
msgstr "设置服务器组例如officehome"
msgid "DNS Server ip"
msgstr "DNS服务器IP"
@@ -52,6 +81,12 @@ msgstr "协议类型"
msgid "DNS domain result cache size"
msgstr "缓存DNS的结果缓存大小配置零则不缓存"
msgid "default"
msgstr "默认"
msgid "Description"
msgstr "描述"
msgid "Dnsmasq Forwared To Smartdns Failure"
msgstr "重定向dnsmasq到smartdns失败"
@@ -64,6 +99,24 @@ msgstr "禁用测速。"
msgid "Domain Address"
msgstr "域名地址"
msgid "Domain List"
msgstr "域名列表"
msgid "Domain List File"
msgstr "域名列表文件"
msgid "Domain Rule List"
msgstr "域名规则列表"
msgid "Domain Rule Name"
msgstr "域名规则名称"
msgid "Domain Rules"
msgstr "域名规则"
msgid "Domain Rules Settings"
msgstr "域名规则设置"
msgid "Domain TTL"
msgstr "域名TTL"
@@ -82,12 +135,27 @@ msgstr "捐助"
msgid "Donate to smartdns"
msgstr "捐助smartdns项目"
msgid "Download Files"
msgstr "下载文件"
msgid "Download Files Setting"
msgstr "下载文件设置"
msgid ""
"Download domain list files for domain-rule and include config files, please "
"refresh the page after download to take effect."
msgstr ""
"下载域名规则所需要的域名列表文件和smartdns配置文件下载完成后刷新页面。"
msgid "Dual-stack IP Selection"
msgstr "双栈IP优选"
msgid "Enable"
msgstr "启用"
msgid "Enable Auto Update"
msgstr "启用自动更新"
msgid "Enable IP selection between IPV4 and IPV6"
msgstr "启用 IPV4 和 IPV6 间的 IP 优选策略"
@@ -97,6 +165,9 @@ msgstr "启用IPV6服务器"
msgid "Enable TCP DNS Server"
msgstr "启用TCP服务器"
msgid "Enable daily auto update."
msgstr "启用每日自动更新"
msgid "Enable domain prefetch, accelerate domain response speed."
msgstr "启用域名预加载,加速域名响应速度。"
@@ -106,6 +177,18 @@ msgstr "是否启用第二DNS服务器。"
msgid "Enable or disable smartdns server"
msgstr "启用或禁用SmartDNS服务"
msgid "Exclude DNS Server from default group."
msgstr "从default默认服务器组中排除"
msgid "Exclude Default Group"
msgstr "从默认组中排除"
msgid "File Name"
msgstr "文件名"
msgid "File Type"
msgstr "文件类型"
msgid "Filtering IP with blacklist"
msgstr "使用IP黑名单过滤"
@@ -148,24 +231,64 @@ msgstr "IP黑名单过滤"
msgid "IPV6 Server"
msgstr "IPV6服务器"
msgid "IPset Name"
msgstr "IPset名称"
msgid "IPset name."
msgstr "IPSet名称。"
msgid "If you like this software, please buy me a cup of coffee."
msgstr "如果本软件对你有帮助,请给作者加个蛋。"
msgid "Include Config Files<br>/etc/smartdns/conf.d"
msgstr "包含配置文件<br>/etc/smartdns/conf.d"
msgid ""
"Include other config files from /etc/smartdns/conf.d or custom path, can be "
"downloaded from the download page."
msgstr ""
"包含配置文件,路径为/etc/smartdns/conf.d或自定义配置文件路径可以从下载页"
"面配置自动下载。"
msgid "List of files to download."
msgstr "下载文件列表"
msgid "Local Port"
msgstr "本地端口"
msgid "Marking Packets"
msgstr "数据包标记"
msgid "Set mark on packets."
msgstr "设置数据包标记。"
msgid "Maximum TTL for all domain result."
msgstr "所有域名的最大 TTL 值。"
msgid "Minimum TTL for all domain result."
msgstr "所有域名的最小 TTL 值。"
msgid "NFTset Name"
msgstr "NFTSet名称"
msgid "NFTset name format error, format: [#[4|6]:[family#table#set]]"
msgstr "NFTSet名称格式错误格式[#[4|6]:[family#table#set]]"
msgid "NFTset name, format: [#[4|6]:[family#table#set]]"
msgstr "NFTSet名称格式[#[4|6]:[family#table#set]]"
msgid "NOT RUNNING"
msgstr "未运行"
msgid "No"
msgstr "否"
msgid "No check certificate"
msgstr "停用证书校验"
msgid "None"
msgstr "无"
msgid "Query DNS through specific dns server group, such as office, home."
msgstr "使用指定服务器组查询比如office, home。"
@@ -178,6 +301,9 @@ msgstr "回应的域名TTL最大值"
msgid "Reply maximum TTL for all domain result."
msgstr "设置返回给客户端的域名TTL最大值。"
msgid "Report bugs"
msgstr "报告BUG"
msgid "Resolve Local Hostnames"
msgstr "解析本地主机名"
@@ -199,12 +325,18 @@ msgstr "缓存过期服务"
msgid "Server Group"
msgstr "服务器组"
msgid "Server Group %s not exists"
msgstr "服务器组%s不存在"
msgid "Server Name"
msgstr "服务器名称"
msgid "Set Specific domain ip address."
msgstr "设置指定域名的IP地址。"
msgid "Set Specific domain rule list."
msgstr "设置指定域名的规则列表。"
msgid "Set Specific ip blacklist."
msgstr "设置指定的 IP 黑名单列表。"
@@ -216,8 +348,8 @@ msgid ""
"the URL address is an IP address."
msgstr "设置查询时使用的HTTP主机当URL地址的host是IP地址时使用此参数。"
msgid "Sets the server name indication for query."
msgstr "设置查询时使用的服务器SNI名称。"
msgid "Sets the server name indication for query. '-' for disable SNI name."
msgstr "设置服务器SNI名称-’表示禁用SNI名称。"
msgid "Settings"
msgstr "设置"
@@ -281,11 +413,18 @@ msgstr "SmartDNS本地服务端口"
msgid ""
"Smartdns local server port, smartdns will be automatically set as main dns "
"when the port is 53."
msgstr "SmartDNS本地服务端口当端口号设置为53时smartdns将会自动配置为主dns。"
msgstr ""
"SmartDNS本地服务端口当端口号设置为53时smartdns将会自动配置为主dns。"
msgid "Smartdns server name"
msgstr "SmartDNS的服务器名称默认为smartdns留空为主机名"
msgid "Smartdns speed check mode."
msgstr "SmartDNS测速模式。"
msgid "Speed Check Mode"
msgstr "测速模式"
msgid ""
"Specify an IP address to return for any host in the given domains, Queries "
"in the domains are never forwarded and always replied to with the specified "
@@ -312,6 +451,38 @@ msgstr "设置所有域名的 TTL 值。"
msgid "Technical Support"
msgstr "技术支持"
msgid "URL"
msgstr "URL"
msgid "URL format error, format: http:// or https://"
msgstr "URL格式错误格式http://或https://"
msgid "Update"
msgstr "更新"
msgid "Update Files"
msgstr "更新文件"
msgid "Upload Config File"
msgstr "上传配置文件"
msgid "Upload Domain List File"
msgstr "上传域名列表文件"
msgid "Upload domain list file to /etc/smartdns/domain-set"
msgstr "上传域名列表文件到/etc/smartdns/domain-set"
msgid ""
"Upload domain list file, or configure auto download from Download File "
"Setting page."
msgstr "上传域名列表文件,或在下载文件设置页面设置自动下载。"
msgid "Upload domain list file."
msgstr "上传域名列表文件"
msgid "Upload smartdns config file to /etc/smartdns/conf.d"
msgstr "上传配置文件到/etc/smartdns/conf.d"
msgid "Upstream Servers"
msgstr "上游服务器"
@@ -330,6 +501,9 @@ msgstr ""
"用于校验 TLS 服务器的有效性,数值为 Base64 编码的 SPKI 指纹,留空表示不验证 "
"TLS 的合法性。"
msgid "domain list (/etc/smartdns/domain-set)"
msgstr "域名列表(/etc/smartdns/domain-set"
msgid "https"
msgstr "https"
@@ -342,6 +516,9 @@ msgstr "打开网站"
msgid "port"
msgstr "端口"
msgid "smartdns config (/etc/smartdns/conf.d)"
msgstr "配置文件(/etc/smartdns/conf.d"
msgid "smartdns custom settings"
msgstr "smartdns 自定义设置,具体配置参数参考指导"
@@ -356,3 +533,6 @@ msgstr "类型"
msgid "udp"
msgstr "udp"
msgid "Yes"
msgstr "是"

3
package/luci/files/root/usr/share/rpcd/acl.d/luci-app-smartdns.json
View File

@@ -13,7 +13,8 @@
"write": {
"file": {
"/etc/smartdns/*": [ "write" ],
"/etc/init.d/smartdns restart": [ "exec" ]
"/etc/init.d/smartdns restart": [ "exec" ],
"/etc/init.d/smartdns updatefiles": [ "exec" ]
},
"uci": [ "smartdns" ]
}

549
package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js
View File

@@ -89,6 +89,8 @@ return view.extend({
},
render: function (stats) {
var m, s, o;
var ss, so;
var servers, downlfiles;
m = new form.Map('smartdns', _('SmartDNS'));
m.title = _("SmartDNS Server");
@@ -120,14 +122,21 @@ return view.extend({
]);
}
////////////////
// Basic;
////////////////
s = m.section(form.TypedSection, "smartdns", _("Settings"), _("General Settings"));
s.anonymous = true;
s.tab("settings", _("General Settings"));
s.tab("advanced", _('Advanced Settings'));
s.tab("seconddns", _("Second Server Settings"));
s.tab("files", _("Download Files Setting"), _("Download domain list files for domain-rule and include config files, please refresh the page after download to take effect."));
s.tab("custom", _("Custom Settings"));
///////////////////////////////////////
// Basic Settings
///////////////////////////////////////
o = s.taboption("settings", form.Flag, "enabled", _("Enable"), _("Enable or disable smartdns server"));
o.rmempty = false;
o.default = o.disabled;
@@ -146,64 +155,107 @@ return view.extend({
o.datatype = "port";
o.rempty = false;
///////////////////////////////////////
// advanced settings;
///////////////////////////////////////
// Speed check mode;
o = s.taboption("advanced", form.Value, "speed_check_mode", _("Speed Check Mode"), _("Smartdns speed check mode."));
o.rmempty = true;
o.placeholder = "default";
o.value("", _("default"));
o.value("ping,tcp:80,tcp:443");
o.value("ping,tcp:443,tcp:80");
o.value("tcp:80,tcp:443,ping");
o.value("tcp:443,tcp:80,ping");
o.value("none", _("None"));
o.validate = function (section_id, value) {
if (value == "") {
return true;
}
if (value == "none") {
return true;
}
var check_mode = value.split(",")
for (var i = 0; i < check_mode.length; i++) {
if (check_mode[i] == "ping") {
continue;
}
if (check_mode[i].indexOf("tcp:") == 0) {
var port = check_mode[i].split(":")[1];
if (port == "") {
return _("TCP port is empty");
}
continue;
}
return _("Speed check mode is invalid.");
}
return true;
}
// Enable TCP server;
o = s.taboption("settings", form.Flag, "tcp_server", _("TCP Server"), _("Enable TCP DNS Server"));
o = s.taboption("advanced", form.Flag, "tcp_server", _("TCP Server"), _("Enable TCP DNS Server"));
o.rmempty = false;
o.default = o.enabled;
// Support IPV6;
o = s.taboption("settings", form.Flag, "ipv6_server", _("IPV6 Server"), _("Enable IPV6 DNS Server"));
o = s.taboption("advanced", form.Flag, "ipv6_server", _("IPV6 Server"), _("Enable IPV6 DNS Server"));
o.rmempty = false;
o.default = o.enabled;
// Support DualStack ip selection;
o = s.taboption("settings", form.Flag, "dualstack_ip_selection", _("Dual-stack IP Selection"),
o = s.taboption("advanced", form.Flag, "dualstack_ip_selection", _("Dual-stack IP Selection"),
_("Enable IP selection between IPV4 and IPV6"));
o.rmempty = false;
o.default = o.enabled;
// Domain prefetch load ;
o = s.taboption("settings", form.Flag, "prefetch_domain", _("Domain prefetch"),
o = s.taboption("advanced", form.Flag, "prefetch_domain", _("Domain prefetch"),
_("Enable domain prefetch, accelerate domain response speed."));
o.rmempty = false;
o.default = o.disabled;
// Domain Serve expired
o = s.taboption("settings", form.Flag, "serve_expired", _("Serve expired"),
o = s.taboption("advanced", form.Flag, "serve_expired", _("Serve expired"),
_("Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish."));
o.rmempty = false;
o.default = o.enabled;
// cache-size;
o = s.taboption("settings", form.Value, "cache_size", _("Cache Size"), _("DNS domain result cache size"));
o = s.taboption("advanced", form.Value, "cache_size", _("Cache Size"), _("DNS domain result cache size"));
o.rempty = true;
// cache-size;
o = s.taboption("settings", form.Flag, "resolve_local_hostnames", _("Resolve Local Hostnames"), _("Resolve local hostnames by reading Dnsmasq lease file."));
o = s.taboption("advanced", form.Flag, "resolve_local_hostnames", _("Resolve Local Hostnames"), _("Resolve local hostnames by reading Dnsmasq lease file."));
o.rmempty = false;
o.default = o.enabled;
// auto-conf-dnsmasq;
o = s.taboption("settings", form.Flag, "auto_set_dnsmasq", _("Automatically Set Dnsmasq"), _("Automatically set as upstream of dnsmasq when port changes."));
o = s.taboption("advanced", form.Flag, "auto_set_dnsmasq", _("Automatically Set Dnsmasq"), _("Automatically set as upstream of dnsmasq when port changes."));
o.rmempty = false;
o.default = o.enabled;
// Force AAAA SOA
o = s.taboption("settings", form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
o = s.taboption("advanced", form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
o.rmempty = false;
o.default = o.disabled;
// Force HTTPS SOA
o = s.taboption("settings", form.Flag, "force_https_soa", _("Force HTTPS SOA"), _("Force HTTPS SOA."));
o = s.taboption("advanced", form.Flag, "force_https_soa", _("Force HTTPS SOA"), _("Force HTTPS SOA."));
o.rmempty = false;
o.default = o.enabled;
// rr-ttl;
o = s.taboption("settings", form.Value, "rr_ttl", _("Domain TTL"), _("TTL for all domain result."));
o = s.taboption("advanced", form.Value, "rr_ttl", _("Domain TTL"), _("TTL for all domain result."));
o.rempty = true;
// rr-ttl-min;
o = s.taboption("settings", form.Value, "rr_ttl_min", _("Domain TTL Min"),
o = s.taboption("advanced", form.Value, "rr_ttl_min", _("Domain TTL Min"),
_("Minimum TTL for all domain result."));
o.rempty = true;
o.placeholder = "600";
@@ -211,16 +263,34 @@ return view.extend({
o.optional = true;
// rr-ttl-max;
o = s.taboption("settings", form.Value, "rr_ttl_max", _("Domain TTL Max"),
o = s.taboption("advanced", form.Value, "rr_ttl_max", _("Domain TTL Max"),
_("Maximum TTL for all domain result."));
o.rempty = true;
// rr-ttl-reply-max;
o = s.taboption("settings", form.Value, "rr_ttl_reply_max", _("Reply Domain TTL Max"),
o = s.taboption("advanced", form.Value, "rr_ttl_reply_max", _("Reply Domain TTL Max"),
_("Reply maximum TTL for all domain result."));
o.rempty = true;
// include config
downlfiles = uci.sections('smartdns', 'download-file');
o = s.taboption("advanced", form.DynamicList, "conf_files", _("Include Config Files<br>/etc/smartdns/conf.d"),
_("Include other config files from /etc/smartdns/conf.d or custom path, can be downloaded from the download page."));
for (var i = 0; i < downlfiles.length; i++) {
if (downlfiles[i].type == undefined) {
continue;
}
if (downlfiles[i].type != 'config') {
continue
}
o.value(downlfiles[i].name);
}
///////////////////////////////////////
// second dns server;
///////////////////////////////////////
// Eanble;
o = s.taboption("seconddns", form.Flag, "seconddns_enabled", _("Enable"),
_("Enable or disable second DNS server."));
@@ -291,10 +361,83 @@ return view.extend({
o.rmempty = false;
o.default = o.disabled;
///////////////////////////////////////
// download Files Settings
///////////////////////////////////////
o = s.taboption("files", form.Flag, "enable_auto_update", _("Enable Auto Update"), _("Enable daily auto update."));
o.rmempty = false;
o.default = o.disabled;
o.rempty = true;
o = s.taboption("files", form.FileUpload, "upload_conf_file", _("Upload Config File"),
_("Upload smartdns config file to /etc/smartdns/conf.d"));
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.root_directory = "/etc/smartdns/conf.d"
o = s.taboption("files", form.FileUpload, "upload_list_file", _("Upload Domain List File"),
_("Upload domain list file to /etc/smartdns/domain-set"));
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.root_directory = "/etc/smartdns/domain-set"
o = s.taboption('files', form.DummyValue, "_update", _("Update Files"));
o.renderWidget = function () {
return E('button', {
'class': 'btn cbi-button cbi-button-apply',
'id': 'btn_update',
'click': ui.createHandlerFn(this, function () {
return fs.exec('/etc/init.d/smartdns', ['updatefiles'])
.catch(function (e) { ui.addNotification(null, E('p', e.message), 'error') });
})
}, [_("Update")]);
}
o = s.taboption('files', form.SectionValue, '__files__', form.GridSection, 'download-file', _('Download Files'),
_('List of files to download.'));
ss = o.subsection;
ss.addremove = true;
ss.anonymous = true;
ss.sortable = true;
so = ss.option(form.Value, 'name', _('File Name'), _('File Name'));
so.rmempty = false;
so.datatype = 'file';
so = ss.option(form.Value, 'url', _('URL'), _('URL'));
so.rmempty = false;
so.datatype = 'string';
so.validate = function (section_id, value) {
if (value == "") {
return true;
}
if (!value.match(/^(http|https|ftp|sftp):\/\//)) {
return _("URL format error, format: http:// or https://");
}
return true;
}
so = ss.option(form.ListValue, "type", _("type"), _("File Type"));
so.value("list", _("domain list (/etc/smartdns/domain-set)"));
so.value("config", _("smartdns config (/etc/smartdns/conf.d)"));
so.default = "list";
so.rempty = false;
so = ss.option(form.Value, 'desc', _('Description'), _('Description'));
so.rmempty = true;
so.datatype = 'string';
///////////////////////////////////////
// custom settings;
///////////////////////////////////////
o = s.taboption("custom", form.TextValue, "custom_conf",
"", _("smartdns custom settings"));
o.rows = 20;
o.cfgvalue = function (section_id) {
return fs.trimmed('/etc/smartdns/custom.conf');
@@ -312,12 +455,16 @@ return view.extend({
_("Generate Coredump file when smartdns crash, coredump file is located at /tmp/smartdns.xxx.core."));
o.rmempty = false;
o.default = o.disabled;
////////////////
// Upstream servers;
////////////////
s = m.section(form.GridSection, "server", _("Upstream Servers"),
_("Upstream Servers, support UDP, TCP protocol. Please configure multiple DNS servers, "
+ "including multiple foreign DNS servers."));
s.anonymous = true;
s.addremove = true;
s.sortable = true;
s.tab('general', _('General Settings'));
s.tab('advanced', _('Advanced Settings'));
@@ -355,14 +502,30 @@ return view.extend({
o.default = "udp";
o.rempty = false;
// Advanced Options
// server group
o = s.taboption("advanced", form.Value, "server_group", _("Server Group"), _("DNS Server group belongs to, "
+ "used with nameserver, such as office, home."))
o.rmempty = true
o.placeholder = "default"
o.datatype = "hostname"
o.rempty = true
o = s.taboption("general", form.Value, "server_group", _("Server Group"), _("DNS Server group"))
o.rmempty = true;
o.placeholder = "default";
o.datatype = "hostname";
o.rempty = true;
servers = uci.sections('smartdns', 'server');
var groupnames = new Set();
for (var i = 0; i < servers.length; i++) {
if (servers[i].server_group == undefined) {
continue;
}
groupnames.add(servers[i].server_group);
}
for (const groupname of groupnames) {
o.value(groupname);
}
// Advanced Options
o = s.taboption("advanced", form.Flag, "exclude_default_group", _("Exclude Default Group"), _("Exclude DNS Server from default group."))
o.rmempty = false;
o.default = o.disabled;
o.editable = true;
o.modalonly = true;
// blacklist_ip
@@ -393,7 +556,7 @@ return view.extend({
// SNI host name
o = s.taboption("advanced", form.Value, "host_name", _("TLS SNI name"),
_("Sets the server name indication for query."))
_("Sets the server name indication for query. '-' for disable SNI name."))
o.default = ""
o.datatype = "hostname"
o.rempty = true
@@ -421,6 +584,14 @@ return view.extend({
o.depends("type", "tls")
o.depends("type", "https")
// mark
o = s.taboption("advanced", form.Value, "set_mark", _("Marking Packets"),
_("Set mark on packets."))
o.default = ""
o.rempty = true
o.datatype = "uinteger"
o.modalonly = true;
// other args
o = s.taboption("advanced", form.Value, "addition_arg", _("Additional Server Args"),
_("Additional Args for upstream dns servers"))
@@ -428,13 +599,312 @@ return view.extend({
o.rempty = true
o.modalonly = true;
// Doman addresss;
s = m.section(form.TypedSection, "smartdns", _("Advanced Settings"), _("Advanced Settings"));
////////////////
// domain rules;
////////////////
s = m.section(form.TypedSection, "domain-rule", _("Domain Rules"), _("Domain Rules Settings"));
s.anonymous = true;
s.nodescriptions = true;
s.tab("forwarding", _('DNS Forwarding Setting'));
s.tab("block", _("DNS Block Setting"));
s.tab("domain-rule-list", _("Domain Rule List"), _("Set Specific domain rule list."));
s.tab("domain-address", _("Domain Address"), _("Set Specific domain ip address."));
s.tab("blackip-list", _("IP Blacklist"), _("Set Specific ip blacklist."));
///////////////////////////////////////
// domain forwarding;
///////////////////////////////////////
o = s.taboption("forwarding", form.Value, "server_group", _("Server Group"), _("DNS Server group belongs to, such as office, home."))
o.rmempty = true
o.placeholder = "default"
o.datatype = "hostname"
o.rempty = true
for (const groupname of groupnames) {
o.value(groupname);
}
o.validate = function (section_id, value) {
if (value == "") {
return true;
}
var val = uci.sections('smartdns', 'server');
for (var i = 0; i < val.length; i++) {
if (value == val[i].server_group) {
return true;
}
}
return _('Server Group %s not exists').format(value);
}
o = s.taboption("forwarding", form.Flag, "no_speed_check", _("Skip Speed Check"),
_("Do not check speed."));
o.rmempty = false;
o.default = o.disabled;
o = s.taboption("forwarding", form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
o.rmempty = false;
o.default = o.disabled;
o = s.taboption("forwarding", form.Value, "ipset_name", _("IPset Name"), _("IPset name."));
o.rmempty = true;
o.datatype = "hostname";
o.rempty = true;
o = s.taboption("forwarding", form.Value, "nftset_name", _("NFTset Name"), _("NFTset name, format: [#[4|6]:[family#table#set]]"));
o.rmempty = true;
o.datatype = "string";
o.rempty = true;
o.validate = function (section_id, value) {
if (value == "") {
return true;
}
var nftset = value.split(",")
for (var i = 0; i < nftset.length; i++) {
if (!nftset[i].match(/#[4|6]:[a-zA-Z0-9\-_]+#[a-zA-Z0-9\-_]+#[a-zA-Z0-9\-_]+$/)) {
return _("NFTset name format error, format: [#[4|6]:[family#table#set]]");
}
}
return true;
}
// other args
o = s.taboption("forwarding", form.Value, "addition_flag", _("Additional Rule Flag"),
_("Additional Flags for rules, read help on domain-rule for more information."))
o.default = ""
o.rempty = true
o.modalonly = true;
o = s.taboption("forwarding", form.FileUpload, "forwarding_domain_set_file", _("Domain List File"),
_("Upload domain list file, or configure auto download from Download File Setting page."));
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/domain-set"
o = s.taboption("forwarding", form.TextValue, "domain_forwarding_list",
_("Domain List"), _("Configure forwarding domain name list."));
o.rows = 10;
o.cols = 64;
o.monospace = true;
o.cfgvalue = function (section_id) {
return fs.trimmed('/etc/smartdns/domain-forwarding.list').catch(function (e) {
return "";
});
};
o.write = function (section_id, formvalue) {
return this.cfgvalue(section_id).then(function (value) {
if (value == formvalue) {
return
}
return fs.write('/etc/smartdns/domain-forwarding.list', formvalue.trim().replace(/\r\n/g, '\n') + '\n');
});
};
///////////////////////////////////////
// domain block;
///////////////////////////////////////
o = s.taboption("block", form.FileUpload, "block_domain_set_file", _("Domain List File"), _("Upload domain list file."));
o.rmempty = true
o.datatype = "file"
o.rempty = true
o.editable = true
o.root_directory = "/etc/smartdns/domain-set"
o = s.taboption("block", form.TextValue, "domain_block_list",
_("Domain List"), _("Configure block domain list."));
o.rows = 10;
o.cols = 64;
o.cfgvalue = function (section_id) {
return fs.trimmed('/etc/smartdns/domain-block.list').catch(function (e) {
return "";
});
};
o.write = function (section_id, formvalue) {
return this.cfgvalue(section_id).then(function (value) {
if (value == formvalue) {
return
}
return fs.write('/etc/smartdns/domain-block.list', formvalue.trim().replace(/\r\n/g, '\n') + '\n');
});
};
///////////////////////////////////////
// domain rule list;
///////////////////////////////////////
o = s.taboption('domain-rule-list', form.SectionValue, '__domain-rule-list__', form.GridSection, 'domain-rule-list', _('Domain Rule List'),
_('Configure domain rule list.'));
ss = o.subsection;
ss.addremove = true;
ss.anonymous = true;
ss.sortable = true;
// enable flag;
so = ss.option(form.Flag, "enabled", _("Enable"), _("Enable"));
so.rmempty = false;
so.default = so.enabled;
so.editable = true;
// name;
so = ss.option(form.Value, "name", _("Domain Rule Name"), _("Domain Rule Name"));
so = ss.option(form.Value, "server_group", _("Server Group"), _("DNS Server group belongs to, such as office, home."))
so.rmempty = true
so.placeholder = "default"
so.datatype = "hostname"
so.rempty = true
for (const groupname of groupnames) {
so.value(groupname);
}
so.validate = function (section_id, value) {
if (value == "") {
return true;
}
var val = uci.sections('smartdns', 'server');
for (var i = 0; i < val.length; i++) {
if (value == val[i].server_group) {
return true;
}
}
return _('Server Group %s not exists').format(value);
}
so = ss.option(form.FileUpload, "domain_list_file", _("Domain List File"),
_("Upload domain list file, or configure auto download from Download File Setting page."));
so.rmempty = false
so.datatype = "file"
so.rempty = true
so.root_directory = "/etc/smartdns/domain-set"
so = ss.option(form.ListValue, "block_domain_type", _("Block domain type"), _("Block domain type."));
so.rmempty = true;
so.value("none", _("None"));
so.value("all", "IPv4/IPv6");
so.value("ipv4", "IPv4");
so.value("ipv6", "IPv6");
so.modalonly = true;
// Support DualStack ip selection;
so = ss.option(form.ListValue, "dualstack_ip_selection", _("Dual-stack IP Selection"),
_("Enable IP selection between IPV4 and IPV6"));
so.rmempty = true;
so.default = "default";
so.modalonly = true;
so.value("", _("default"));
so.value("yes", _("Yes"));
so.value("no", _("No"));
so = ss.option(form.Value, "speed_check_mode", _("Speed Check Mode"), _("Smartdns speed check mode."));
so.rmempty = true;
so.placeholder = "default";
so.modalonly = true;
so.value("", _("default"));
so.value("ping,tcp:80,tcp:443");
so.value("ping,tcp:443,tcp:80");
so.value("tcp:80,tcp:443,ping");
so.value("tcp:443,tcp:80,ping");
so.value("none", _("None"));
so.validate = function (section_id, value) {
if (value == "") {
return true;
}
if (value == "none") {
return true;
}
var check_mode = value.split(",")
for (var i = 0; i < check_mode.length; i++) {
if (check_mode[i] == "ping") {
continue;
}
if (check_mode[i].indexOf("tcp:") == 0) {
var port = check_mode[i].split(":")[1];
if (port == "") {
return _("TCP port is empty");
}
continue;
}
return _("Speed check mode is invalid.");
}
return true;
}
so = ss.option(form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
so.rmempty = true;
so.default = so.disabled;
so.modalonly = true;
so = ss.option(form.Value, "ipset_name", _("IPset Name"), _("IPset name."));
so.rmempty = true;
so.datatype = "hostname";
so.rempty = true;
so.modalonly = true;
so = ss.option(form.Value, "nftset_name", _("NFTset Name"), _("NFTset name, format: [#[4|6]:[family#table#set]]"));
so.rmempty = true;
so.datatype = "string";
so.rempty = true;
so.modalonly = true;
so.validate = function (section_id, value) {
if (value == "") {
return true;
}
var nftset = value.split(",")
for (var i = 0; i < nftset.length; i++) {
if (!nftset[i].match(/#[4|6]:[a-zA-Z0-9\-_]+#[a-zA-Z0-9\-_]+#[a-zA-Z0-9\-_]+$/)) {
return _("NFTset name format error, format: [#[4|6]:[family#table#set]]");
}
}
return true;
}
// other args
so = ss.option(form.Value, "addition_flag", _("Additional Rule Flag"),
_("Additional Flags for rules, read help on domain-rule for more information."))
so.default = ""
so.rempty = true
so.modalonly = true;
///////////////////////////////////////
// IP Blacklist;
///////////////////////////////////////
// blacklist;
o = s.taboption("blackip-list", form.TextValue, "blackip_ip_conf",
"", _("Configure IP blacklists that will be filtered from the results of specific DNS server."));
o.rows = 20;
o.cfgvalue = function (section_id) {
return fs.trimmed('/etc/smartdns/blacklist-ip.conf');
};
o.write = function (section_id, formvalue) {
return this.cfgvalue(section_id).then(function (value) {
if (value == formvalue) {
return
}
return fs.write('/etc/smartdns/blacklist-ip.conf', formvalue.trim().replace(/\r\n/g, '\n') + '\n');
});
};
///////////////////////////////////////
// domain address
///////////////////////////////////////
o = s.taboption("domain-address", form.TextValue, "address_conf",
"",
_("Specify an IP address to return for any host in the given domains, Queries in the domains are never "
@@ -452,24 +922,9 @@ return view.extend({
});
};
// IP Blacklist;
// blacklist;
o = s.taboption("blackip-list", form.TextValue, "blackip_ip_conf",
"", _("Configure IP blacklists that will be filtered from the results of specific DNS server."));
o.rows = 20;
o.cfgvalue = function (section_id) {
return fs.trimmed('/etc/smartdns/blacklist-ip.conf');
};
o.write = function (section_id, formvalue) {
return this.cfgvalue(section_id).then(function (value) {
if (value == formvalue) {
return
}
return fs.write('/etc/smartdns/blacklist-ip.conf', formvalue.trim().replace(/\r\n/g, '\n') + '\n');
});
};
// Doman addresss;
////////////////
// Support
////////////////
s = m.section(form.TypedSection, "smartdns", _("Technical Support"),
_("If you like this software, please buy me a cup of coffee."));
s.anonymous = true;
@@ -482,6 +937,14 @@ return view.extend({
window.open("https://pymumu.github.io/smartdns", '_blank');
};
o = s.option(form.Button, "report");
o.title = _("Report bugs");
o.inputtitle = _("Report bugs");
o.inputstyle = "apply";
o.onclick = function () {
window.open("https://github.com/pymumu/smartdns/issues", '_blank');
};
o = s.option(form.Button, "Donate");
o.title = _("Donate to smartdns");
o.inputtitle = _("Donate");

4
package/openwrt/domain-block.list Normal file
View File

@@ -0,0 +1,4 @@
# domain block list, one domain name per line.
# example: block a.com, and b.com
# a.com
# b.com

4
package/openwrt/domain-forwarding.list Normal file
View File

@@ -0,0 +1,4 @@
# domain forwarding list, one domain name per line.
# example: forwarding a.com, and b.com
# a.com
# b.com

3
package/openwrt/files/etc/config/smartdns
View File

@@ -1,3 +1,4 @@
config 'smartdns'
option 'enabled' '0'
config 'domain-rule'

188
package/openwrt/files/etc/init.d/smartdns
View File

@@ -23,12 +23,16 @@ SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
SERVICE_PID_FILE="/var/run/smartdns.pid"
SMARTDNS_CONF_DIR="/etc/smartdns"
SMARTDNS_CONF_DOWNLOAD_DIR="$SMARTDNS_CONF_DIR/conf.d"
SMARTDNS_DOMAIN_LIST_DOWNLOAD_DIR="$SMARTDNS_CONF_DIR/domain-set"
SMARTDNS_VAR_CONF_DIR="/var/etc/smartdns"
SMARTDNS_CONF="$SMARTDNS_VAR_CONF_DIR/smartdns.conf"
ADDRESS_CONF="$SMARTDNS_CONF_DIR/address.conf"
BLACKLIST_IP_CONF="$SMARTDNS_CONF_DIR/blacklist-ip.conf"
CUSTOM_CONF="$SMARTDNS_CONF_DIR/custom.conf"
SMARTDNS_CONF_TMP="${SMARTDNS_CONF}.tmp"
EXTRA_COMMANDS="updatefiles"
EXTRA_HELP=" updatefiles Update files"
COREDUMP="0"
RESPAWN="1"
DO_RELOAD="0"
@@ -174,10 +178,12 @@ load_server()
config_get host_name "$section" "host_name" ""
config_get http_host "$section" "http_host" ""
config_get server_group "$section" "server_group" ""
config_get_bool exclude_default_group "$section" "exclude_default_group" "0"
config_get blacklist_ip "$section" "blacklist_ip" "0"
config_get check_edns "$section" "check_edns" "0"
config_get spki_pin "$section" "spki_pin" ""
config_get addition_arg "$section" "addition_arg" ""
config_get set_mark "$section" "set_mark" ""
[ "$enabled" = "0" ] && return
@@ -205,9 +211,11 @@ load_server()
[ -z "$host_name" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -host-name $host_name"
[ -z "$http_host" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -http-host $http_host"
[ -z "$server_group" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -group $server_group"
[ "$exclude_default_group" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -exclude-default-group"
[ "$blacklist_ip" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -blacklist-ip"
[ "$check_edns" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -check-edns"
[ -z "$spki_pin" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -spki-pin $spki_pin"
[ -z "$set_mark" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -set-mark $set_mark"
if [ -z "$port" ]; then
DNS_ADDRESS="$ip"
@@ -220,6 +228,126 @@ load_server()
conf_append "$SERVER" "$DNS_ADDRESS $ADDITIONAL_ARGS $addition_arg"
}
restart_crond()
{
/etc/init.d/cron restart >/dev/null 2>&1
}
disable_auto_update()
{
local no_restart="$1"
grep "/etc/init.d/smartdns" /etc/crontabs/root 1>/dev/null 2>&1
if [ $? -ne 0 ]; then
return
fi
sed -i '\@/etc/init.d/smartdns@d' /etc/crontabs/root
if [ "$no_restart" = "1" ]; then
return
fi
restart_crond
}
enable_auto_update()
{
grep "0 5 * * * /etc/init.d/smartdns updatefiles" /etc/crontabs/root 2>/dev/null
if [ $? -eq 0 ]; then
return
fi
disable_auto_update 1
echo "0 5 * * * /etc/init.d/smartdns updatefiles" >> /etc/crontabs/root
restart_crond
}
load_domain_rules()
{
local section="$1"
local domain_set_args=""
local domain_set_name="domain"
config_get server_group "$section" "server_group" ""
[ ! -z "$server_group" ] && domain_set_args="$domain_set_args -nameserver $server_group"
config_get_bool no_speed_check "$section" "no_speed_check" "0"
[ "$no_speed_check" = "1" ] && domain_set_args="$domain_set_args -speed-check-mode none"
config_get_bool force_aaaa_soa "$section" "force_aaaa_soa" "0"
[ "$force_aaaa_soa" = "1" ] && domain_set_args="$domain_set_args -address #6"
config_get ipset_name "$section" "ipset_name" ""
[ ! -z "$ipset_name" ] && domain_set_args="$domain_set_args -ipset $ipset_name"
config_get nftset_name "$section" "nftset_name" ""
[ ! -z "$nftset_name" ] && domain_set_args="$domain_set_args -nftset '$nftset_name'"
config_get addition_flag "$section" "addition_flag" ""
[ ! -z "$addition_flag" ] && domain_set_args="$domain_set_args $addition_flag"
config_get forwarding_domain_set_file "$section" "forwarding_domain_set_file" ""
[ ! -z "$forwarding_domain_set_file" ] && {
conf_append "domain-set" "-name ${domain_set_name}-forwarding-file -file '$forwarding_domain_set_file'"
conf_append "domain-rules" "/domain-set:${domain_set_name}-forwarding-file/ $domain_set_args"
}
conf_append "domain-set" "-name ${domain_set_name}-forwarding-list -file /etc/smartdns/domain-forwarding.list"
conf_append "domain-rules" "/domain-set:${domain_set_name}-forwarding-list/ $domain_set_args"
config_get block_domain_set_file "$section" "block_domain_set_file"
[ ! -z "$block_domain_set_file" ] && {
conf_append "domain-set" "-name ${domain_set_name}-block-file -file '$block_domain_set_file'"
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-file/ -group block"
}
conf_append "domain-set" "-name ${domain_set_name}-block-list -file /etc/smartdns/domain-block.list"
conf_append "domain-rules" "/domain-set:${domain_set_name}-block-list/ --address #"
}
load_domain_rule_list()
{
local section="$1"
local domain_set_args=""
local domain_set_name="$section"
config_get_bool enabled "$section" "enabled" "0"
[ "$enabled" != "1" ] && return
config_get server_group "$section" "server_group" ""
[ ! -z "$server_group" ] && domain_set_args="$domain_set_args -nameserver $server_group"
config_get block_domain_type "$section" "block_domain_type" ""
[ "$block_domain_type" = "all" ] && domain_set_args="$domain_set_args -address #"
[ "$block_domain_type" = "ipv4" ] && domain_set_args="$domain_set_args -address #4"
[ "$block_domain_type" = "ipv6" ] && domain_set_args="$domain_set_args -address #6"
config_get speed_check_mode "$section" "speed_check_mode" ""
[ ! -z "$speed_check_mode" ] && domain_set_args="$domain_set_args -speed-check-mode $speed_check_mode"
config_get dualstack_ip_selection "$section" "dualstack_ip_selection" ""
[ "$dualstack_ip_selection" = "no" ] && domain_set_args="$domain_set_args -dualstack-ip-selection no"
[ "$dualstack_ip_selection" = "yes" ] && domain_set_args="$domain_set_args -dualstack-ip-selection yes"
config_get_bool force_aaaa_soa "$section" "force_aaaa_soa" "0"
[ "$force_aaaa_soa" = "1" ] && domain_set_args="$domain_set_args -address #6"
config_get ipset_name "$section" "ipset_name" ""
[ ! -z "$ipset_name" ] && domain_set_args="$domain_set_args -ipset $ipset_name"
config_get nftset_name "$section" "nftset_name" ""
[ ! -z "$nftset_name" ] && domain_set_args="$domain_set_args -nftset '$nftset_name'"
config_get domain_list_file "$section" "domain_list_file" ""
[ -z "$domain_list_file" ] && return
config_get addition_flag "$section" "addition_flag" ""
[ ! -z "$addition_flag" ] && domain_set_args="$domain_set_args $addition_flag"
conf_append "domain-set" "-name domain-rule-list-${domain_set_name} -file '$domain_list_file'"
conf_append "domain-rules" "/domain-set:domain-rule-list-${domain_set_name}/ $domain_set_args"
}
load_second_server()
{
local section="$1"
@@ -270,6 +398,21 @@ load_second_server()
[ "$seconddns_tcp_server" = "1" ] && conf_append "bind-tcp" "$ADDR:$seconddns_port $ARGS"
}
conf_append_conf_files()
{
local conf_file="$1"
if [ "$1" != "${1#/}" ]; then
fullpath="$1"
else
fullpath="$SMARTDNS_CONF_DOWNLOAD_DIR/$conf_file"
fi
[ -f "$fullpath" ] && {
conf_append "conf-file" "'$fullpath'"
}
}
load_service()
{
local section="$1"
@@ -298,6 +441,9 @@ load_service()
config_get ipv6_server "$section" "ipv6_server" "1"
config_get tcp_server "$section" "tcp_server" "1"
config_get speed_check_mode "$section" "speed_check_mode" ""
[ ! -z "$speed_check_mode" ] && conf_append "speed-check-mode" "$speed_check_mode"
config_get dualstack_ip_selection "$section" "dualstack_ip_selection" "0"
[ "$dualstack_ip_selection" = "0" ] && conf_append "dualstack-ip-selection" "no"
@@ -345,6 +491,9 @@ load_service()
config_get log_file "$section" "log_file" ""
[ -z "$log_file" ] || conf_append "log-file" "$log_file"
config_get_bool enable_auto_update "$section" "enable_auto_update" "0"
[ "$enable_auto_update" = "1" ] && enable_auto_update || disable_auto_update
config_get redirect "$section" "redirect" ""
config_get old_port "$section" "old_port" "0"
config_get old_enabled "$section" "old_enabled" "0"
@@ -390,6 +539,7 @@ load_service()
[ "$old_enabled" = "0" ] && return 1
[ "$old_port" = "53" ] && stop_main_dns "0"
[ "$old_port" != "53" ] && [ "$old_auto_set_dnsmasq" = "1" ] && stop_forward_dnsmasq "$old_port" "0"
disable_auto_update
return 1
}
@@ -428,6 +578,12 @@ load_service()
config_foreach load_server "server"
config_list_foreach "$section" "conf_files" conf_append_conf_files
config_foreach load_domain_rules "domain-rule"
config_foreach load_domain_rule_list "domain-rule-list"
{
echo "conf-file $ADDRESS_CONF"
echo "conf-file $BLACKLIST_IP_CONF"
@@ -473,6 +629,38 @@ unload_service()
}
}
download_file() {
local section="$1"
config_get url "$section" "url" ""
config_get name "$section" "name" ""
config_get filetype "$section" "type" ""
[ -z "$url" ] && return 0
[ -z "$name" ] && return 0
[ -z "$filetype" ] && return 0
echo "download $filetype file $name from $url"
wget --timeout 120 -q -O "/tmp/$name" "$url"
if [ $? -ne 0 ]; then
echo "download file $name failed"
return 1
fi
echo "download file $name success"
if [ "$filetype" = "list" ]; then
mv "/tmp/$name" "$SMARTDNS_DOMAIN_LIST_DOWNLOAD_DIR/$name"
elif [ "$filetype" = "config" ]; then
mv "/tmp/$name" "$SMARTDNS_CONF_DOWNLOAD_DIR/$name"
fi
}
updatefiles() {
config_load "smartdns"
config_foreach download_file "download-file"
reload_service
}
service_stopped()
{
config_load "smartdns"

6
package/openwrt/make.sh
View File

@@ -23,6 +23,8 @@ SMARTDNS_CONF=$SMARTDNS_DIR/etc/smartdns/smartdns.conf
ADDRESS_CONF=$CURR_DIR/address.conf
BLACKLIST_IP_CONF=$CURR_DIR/blacklist-ip.conf
CUSTOM_CONF=$CURR_DIR/custom.conf
DOMAIN_BLOCK_LIST=$CURR_DIR/domain-block.list
DOMAIN_FORWARDING_LIST=$CURR_DIR/domain-forwarding.list
showhelp()
{
@@ -45,11 +47,15 @@ build()
mkdir $ROOT/root/usr/sbin -p
mkdir $ROOT/root/etc/init.d -p
mkdir $ROOT/root/etc/smartdns/ -p
mkdir $ROOT/root/etc/smartdns/domain-set/ -p
mkdir $ROOT/root/etc/smartdns/conf.d/ -p
cp $SMARTDNS_CONF $ROOT/root/etc/smartdns/
cp $ADDRESS_CONF $ROOT/root/etc/smartdns/
cp $BLACKLIST_IP_CONF $ROOT/root/etc/smartdns/
cp $CUSTOM_CONF $ROOT/root/etc/smartdns/
cp $DOMAIN_BLOCK_LIST $ROOT/root/etc/smartdns/
cp $DOMAIN_FORWARDING_LIST $ROOT/root/etc/smartdns/
cp $CURR_DIR/files/etc $ROOT/root/ -af
cp $SMARTDNS_BIN $ROOT/root/usr/sbin
if [ $? -ne 0 ]; then

18
src/dns_cache.c
View File

@@ -245,7 +245,7 @@ struct dns_cache_data *dns_cache_new_data_packet(void *packet, size_t packet_len
return (struct dns_cache_data *)cache_packet;
}
static int _dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int speed, int inactive,
static int _dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int speed, int no_inactive, int inactive,
struct dns_cache_data *cache_data)
{
struct dns_cache *dns_cache = NULL;
@@ -258,7 +258,7 @@ static int _dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int spee
/* lookup existing cache */
dns_cache = dns_cache_lookup(cache_key);
if (dns_cache == NULL) {
return dns_cache_insert(cache_key, ttl, speed, cache_data);
return dns_cache_insert(cache_key, ttl, speed, no_inactive, cache_data);
}
if (ttl < DNS_CACHE_TTL_MIN) {
@@ -273,6 +273,7 @@ static int _dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int spee
dns_cache->info.query_flag = cache_key->query_flag;
dns_cache->info.ttl = ttl;
dns_cache->info.speed = speed;
dns_cache->info.no_inactive = no_inactive;
old_cache_data = dns_cache->cache_data;
dns_cache->cache_data = cache_data;
list_del_init(&dns_cache->list);
@@ -293,14 +294,14 @@ static int _dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int spee
return 0;
}
int dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int speed, struct dns_cache_data *cache_data)
int dns_cache_replace(struct dns_cache_key *cache_key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data)
{
return _dns_cache_replace(cache_key, ttl, speed, 0, cache_data);
return _dns_cache_replace(cache_key, ttl, speed, no_inactive, 0, cache_data);
}
int dns_cache_replace_inactive(struct dns_cache_key *cache_key, int ttl, int speed, struct dns_cache_data *cache_data)
int dns_cache_replace_inactive(struct dns_cache_key *cache_key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data)
{
return _dns_cache_replace(cache_key, ttl, speed, 1, cache_data);
return _dns_cache_replace(cache_key, ttl, speed, no_inactive, 1, cache_data);
}
static void _dns_cache_remove_by_domain(struct dns_cache_key *cache_key)
@@ -390,7 +391,7 @@ errout:
return -1;
}
int dns_cache_insert(struct dns_cache_key *cache_key, int ttl, int speed, struct dns_cache_data *cache_data)
int dns_cache_insert(struct dns_cache_key *cache_key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data)
{
struct dns_cache_info info;
@@ -415,6 +416,7 @@ int dns_cache_insert(struct dns_cache_key *cache_key, int ttl, int speed, struct
info.ttl = ttl;
info.hitnum_update_add = DNS_CACHE_HITNUM_STEP;
info.speed = speed;
info.no_inactive = no_inactive;
time(&info.insert_time);
time(&info.replace_time);
@@ -663,7 +665,7 @@ void dns_cache_invalidate(dns_cache_callback precallback, int ttl_pre, unsigned
}
if (ttl < 0) {
if (dns_cache_head.enable_inactive) {
if (dns_cache_head.enable_inactive && dns_cache->info.no_inactive == 0) {
_dns_cache_move_inactive(dns_cache);
} else {
_dns_cache_remove(dns_cache);

7
src/dns_cache.h
View File

@@ -87,6 +87,7 @@ struct dns_cache_info {
int ttl;
int hitnum;
int speed;
int no_inactive;
int hitnum_update_add;
time_t insert_time;
time_t replace_time;
@@ -135,11 +136,11 @@ struct dns_cache_data *dns_cache_new_data_packet(void *packet, size_t packet_len
int dns_cache_init(int size, int enable_inactive, int inactive_list_expired);
int dns_cache_replace(struct dns_cache_key *key, int ttl, int speed, struct dns_cache_data *cache_data);
int dns_cache_replace(struct dns_cache_key *key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data);
int dns_cache_replace_inactive(struct dns_cache_key *key, int ttl, int speed, struct dns_cache_data *cache_data);
int dns_cache_replace_inactive(struct dns_cache_key *key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data);
int dns_cache_insert(struct dns_cache_key *key, int ttl, int speed, struct dns_cache_data *cache_data);
int dns_cache_insert(struct dns_cache_key *key, int ttl, int speed, int no_inactive, struct dns_cache_data *cache_data);
struct dns_cache *dns_cache_lookup(struct dns_cache_key *key);

23
src/dns_client.c
View File

@@ -93,6 +93,7 @@ struct dns_server_info {
int port;
/* server type */
dns_server_type_t type;
long long so_mark;
/* client socket */
int fd;
@@ -1045,6 +1046,7 @@ static int _dns_client_server_add(char *server_ip, char *server_host, int port,
server_info->ttl_range = 0;
server_info->skip_check_cert = skip_check_cert;
server_info->prohibit = 0;
server_info->so_mark = flags->set_mark;
pthread_mutex_init(&server_info->lock, NULL);
memcpy(&server_info->flags, flags, sizeof(server_info->flags));
@@ -1694,6 +1696,13 @@ static int _dns_client_create_socket_udp(struct dns_server_info *server_info)
return -1;
}
if (server_info->so_mark >= 0) {
unsigned int so_mark = server_info->so_mark;
if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) {
tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno));
}
}
setsockopt(server_info->fd, IPPROTO_IP, IP_RECVTTL, &on, sizeof(on));
setsockopt(server_info->fd, SOL_IP, IP_TTL, &val, sizeof(val));
setsockopt(server_info->fd, SOL_SOCKET, SO_PRIORITY, &priority, sizeof(priority));
@@ -1736,6 +1745,13 @@ static int _DNS_client_create_socket_tcp(struct dns_server_info *server_info)
goto errout;
}
if (server_info->so_mark >= 0) {
unsigned int so_mark = server_info->so_mark;
if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) {
tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno));
}
}
/* enable tcp fast open */
if (setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, &yes, sizeof(yes)) != 0) {
tlog(TLOG_DEBUG, "enable TCP fast open failed, %s", strerror(errno));
@@ -1818,6 +1834,13 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch
goto errout;
}
if (server_info->so_mark >= 0) {
unsigned int so_mark = server_info->so_mark;
if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) {
tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno));
}
}
if (setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, &yes, sizeof(yes)) != 0) {
tlog(TLOG_DEBUG, "enable TCP fast open failed.");
}

1
src/dns_client.h
View File

@@ -111,6 +111,7 @@ struct client_dns_server_flags {
dns_server_type_t type;
unsigned int server_flag;
unsigned int result_flag;
long long set_mark;
union {
struct client_dns_server_flag_udp udp;

26
src/dns_conf.c
View File

@@ -370,6 +370,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
{"tls-host-verify", required_argument, NULL, 'V' }, /* verify tls hostname */
{"group", required_argument, NULL, 'g'}, /* add to group */
{"exclude-default-group", no_argument, NULL, 'E'}, /* ecluse this from default group */
{"set-mark", required_argument, NULL, 254}, /* set mark */
{NULL, no_argument, NULL, 0}
};
/* clang-format on */
@@ -390,6 +391,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
server->hostname[0] = '\0';
server->httphost[0] = '\0';
server->tls_host_verify[0] = '\0';
server->set_mark = -1;
if (type == DNS_SERVER_HTTPS) {
if (parse_uri(ip, NULL, server->server, &port, server->path) != 0) {
@@ -467,6 +469,10 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
server->skip_check_cert = 1;
break;
}
case 254: {
server->set_mark = atoll(optarg);
break;
}
default:
break;
}
@@ -533,7 +539,7 @@ static void _config_address_destroy(radix_node_t *node, void *cbctx)
node->data = NULL;
}
static int _config_domain_set_rule_add_ext(char *set_name, enum domain_rule type, void *rule, unsigned int flags,
static int _config_domain_set_rule_add_ext(const char *set_name, enum domain_rule type, void *rule, unsigned int flags,
int is_clear_flag)
{
struct dns_domain_set_rule *set_rule = NULL;
@@ -587,7 +593,7 @@ errout:
return -1;
}
static int _config_domian_set_rule_flags(char *set_name, unsigned int flags, int is_clear_flag)
static int _config_domian_set_rule_flags(const char *set_name, unsigned int flags, int is_clear_flag)
{
return _config_domain_set_rule_add_ext(set_name, DOMAIN_RULE_FLAGS, NULL, flags, is_clear_flag);
}
@@ -664,7 +670,7 @@ errout:
return -1;
}
static int _config_domain_rule_flag_set(char *domain, unsigned int flag, unsigned int is_clear)
static int _config_domain_rule_flag_set(const char *domain, unsigned int flag, unsigned int is_clear)
{
struct dns_domain_rule *domain_rule = NULL;
struct dns_domain_rule *old_domain_rule = NULL;
@@ -1842,6 +1848,11 @@ errout:
return -1;
}
static int _conf_domain_rule_no_serve_expired(const char *domain)
{
return _config_domain_rule_flag_set(domain, DOMAIN_FLAG_NO_SERVE_EXPIRED, 0);
}
static int _conf_domain_rules(void *data, int argc, char *argv[])
{
int opt = 0;
@@ -1856,6 +1867,7 @@ static int _conf_domain_rules(void *data, int argc, char *argv[])
{"nftset", required_argument, NULL, 't'},
{"nameserver", required_argument, NULL, 'n'},
{"dualstack-ip-selection", required_argument, NULL, 'd'},
{"no-serve-expired", no_argument, NULL, 254},
{NULL, no_argument, NULL, 0}
};
/* clang-format on */
@@ -1952,6 +1964,14 @@ static int _conf_domain_rules(void *data, int argc, char *argv[])
break;
}
case 254: {
if (_conf_domain_rule_no_serve_expired(domain) != 0) {
tlog(TLOG_ERROR, "set no-serve-expired rule failed.");
goto errout;
}
break;
}
default:
break;
}

2
src/dns_conf.h
View File

@@ -97,6 +97,7 @@ typedef enum {
#define DOMAIN_FLAG_NFTSET_INET_IGN (1 << 12)
#define DOMAIN_FLAG_NFTSET_IP_IGN (1 << 13)
#define DOMAIN_FLAG_NFTSET_IP6_IGN (1 << 14)
#define DOMAIN_FLAG_NO_SERVE_EXPIRED (1 << 15)
#define SERVER_FLAG_EXCLUDE_DEFAULT (1 << 0)
@@ -230,6 +231,7 @@ struct dns_servers {
unsigned int server_flag;
int ttl;
dns_server_type_t type;
long long set_mark;
char skip_check_cert;
char spki[DNS_MAX_SPKI_LEN];
char hostname[DNS_MAX_CNAME_LEN];

108
src/dns_server.c
View File

@@ -236,6 +236,7 @@ struct dns_request {
int dualstack_selection_ping_time;
int dualstack_selection_has_ip;
struct dns_request *dualstack_request;
int no_serve_expired;
pthread_mutex_t ip_map_lock;
@@ -670,6 +671,10 @@ static int _dns_rrs_add_all_best_ip(struct dns_server_post_context *context)
_dns_rrs_result_log(context, added_ip_addr);
}
if (request->passthrough == 2) {
ignore_speed = 1;
}
while (true) {
pthread_mutex_lock(&request->ip_map_lock);
hash_for_each_safe(request->ip_map, bucket, tmp, addr_map, node)
@@ -1066,17 +1071,17 @@ static int _dns_server_request_update_cache(struct dns_request *request, dns_typ
if (request->prefetch) {
if (request->prefetch_expired_domain == 0) {
if (dns_cache_replace(&cache_key, ttl, speed, cache_data) != 0) {
if (dns_cache_replace(&cache_key, ttl, speed, request->no_serve_expired, cache_data) != 0) {
goto errout;
}
} else {
if (dns_cache_replace_inactive(&cache_key, ttl, speed, cache_data) != 0) {
if (dns_cache_replace_inactive(&cache_key, ttl, speed, request->no_serve_expired, cache_data) != 0) {
goto errout;
}
}
} else {
/* insert result to cache */
if (dns_cache_insert(&cache_key, ttl, speed, cache_data) != 0) {
if (dns_cache_insert(&cache_key, ttl, speed, request->no_serve_expired, cache_data) != 0) {
goto errout;
}
}
@@ -1214,17 +1219,17 @@ static int _dns_cache_cname_packet(struct dns_server_post_context *context)
if (request->prefetch) {
if (request->prefetch_expired_domain == 0) {
if (dns_cache_replace(&cache_key, ttl, speed, cache_packet) != 0) {
if (dns_cache_replace(&cache_key, ttl, speed, request->no_serve_expired, cache_packet) != 0) {
goto errout;
}
} else {
if (dns_cache_replace_inactive(&cache_key, ttl, speed, cache_packet) != 0) {
if (dns_cache_replace_inactive(&cache_key, ttl, speed, request->no_serve_expired, cache_packet) != 0) {
goto errout;
}
}
} else {
/* insert result to cache */
if (dns_cache_insert(&cache_key, ttl, speed, cache_packet) != 0) {
if (dns_cache_insert(&cache_key, ttl, speed, request->no_serve_expired, cache_packet) != 0) {
goto errout;
}
}
@@ -1256,12 +1261,12 @@ static int _dns_cache_packet(struct dns_server_post_context *context)
cache_key.query_flag = request->server_flags;
if (request->prefetch) {
if (dns_cache_replace(&cache_key, context->reply_ttl, -1, cache_packet) != 0) {
if (dns_cache_replace(&cache_key, context->reply_ttl, -1, request->no_serve_expired, cache_packet) != 0) {
goto errout;
}
} else {
/* insert result to cache */
if (dns_cache_insert(&cache_key, context->reply_ttl, -1, cache_packet) != 0) {
if (dns_cache_insert(&cache_key, context->reply_ttl, -1, request->no_serve_expired, cache_packet) != 0) {
goto errout;
}
}
@@ -1709,9 +1714,9 @@ static int _dns_server_force_dualstack(struct dns_request *request)
return 0;
}
static int _dns_server_request_complete(struct dns_request *request)
static int _dns_server_request_complete_with_all_IPs(struct dns_request *request, int with_all_ips)
{
int ttl = DNS_SERVER_TMOUT_TTL;
int ttl = 0;
int reply_ttl = ttl;
if (request->rcode == DNS_RC_SERVFAIL || request->rcode == DNS_RC_NXDOMAIN) {
@@ -1726,7 +1731,7 @@ static int _dns_server_request_complete(struct dns_request *request)
return 0;
}
if (request->has_ip != 0) {
if (request->has_ip != 0 && request->passthrough == 0) {
request->has_soa = 0;
if (request->has_ping_result == 0 && request->ip_ttl > DNS_SERVER_TMOUT_TTL) {
request->ip_ttl = DNS_SERVER_TMOUT_TTL;
@@ -1782,11 +1787,17 @@ out:
context.do_reply = 1;
context.reply_ttl = reply_ttl;
context.skip_notify_count = 1;
context.select_all_best_ip = with_all_ips;
_dns_request_post(&context);
return _dns_server_reply_all_pending_list(request, &context);
}
static int _dns_server_request_complete(struct dns_request *request)
{
return _dns_server_request_complete_with_all_IPs(request, 0);
}
static int _dns_ip_address_check_add(struct dns_request *request, char *cname, unsigned char *addr,
dns_type_t addr_type)
{
@@ -2316,6 +2327,10 @@ static int _dns_server_check_speed(struct dns_request *request, char *ip)
return -1;
}
if (request->passthrough) {
return -1;
}
ping_timeout = ping_timeout - (now - request->send_tick);
if (ping_timeout > DNS_PING_TIMEOUT) {
ping_timeout = DNS_PING_TIMEOUT;
@@ -2743,6 +2758,17 @@ static int _dns_server_passthrough_rule_check(struct dns_request *request, const
_dns_server_request_release(request);
return 0;
}
/* Ad blocking result */
if (addr[0] == 0 || addr[0] == 127) {
/* If half of the servers return the same result, then ignore this address */
if (atomic_inc_return(&request->adblock) <= (dns_server_num() / 2 + dns_server_num() % 2)) {
request->rcode = DNS_RC_NOERROR;
_dns_server_request_release(request);
return 0;
}
}
ttl = ttl_tmp;
_dns_server_request_release(request);
} break;
@@ -2778,6 +2804,16 @@ static int _dns_server_passthrough_rule_check(struct dns_request *request, const
return 0;
}
/* Ad blocking result */
if (_dns_server_is_adblock_ipv6(addr) == 0) {
/* If half of the servers return the same result, then ignore this address */
if (atomic_inc_return(&request->adblock) <= (dns_server_num() / 2 + dns_server_num() % 2)) {
request->rcode = DNS_RC_NOERROR;
_dns_server_request_release(request);
return 0;
}
}
ttl = ttl_tmp;
_dns_server_request_release(request);
} break;
@@ -2999,6 +3035,41 @@ static int dns_server_dualstack_callback(const char *domain, dns_rtcode_t rtcode
return 0;
}
static void _dns_server_passthrough_may_complete(struct dns_request *request)
{
const unsigned char *addr;
if (request->passthrough != 2) {
return;
}
if (request->has_ip == 0 && request->has_soa == 0) {
return;
}
if (request->qtype == DNS_T_A && request->has_ip == 1) {
/* Ad blocking result */
addr = request->ip_addr;
if (addr[0] == 0 || addr[0] == 127) {
/* If half of the servers return the same result, then ignore this address */
if (atomic_read(&request->adblock) <= (dns_server_num() / 2 + dns_server_num() % 2)) {
return;
}
}
}
if (request->qtype == DNS_T_AAAA && request->has_ip == 1) {
addr = request->ip_addr;
if (_dns_server_is_adblock_ipv6(addr) == 0) {
/* If half of the servers return the same result, then ignore this address */
if (atomic_read(&request->adblock) <= (dns_server_num() / 2 + dns_server_num() % 2)) {
return;
}
}
}
_dns_server_request_complete_with_all_IPs(request, 1);
}
static int dns_server_resolve_callback(const char *domain, dns_result_type rtype, struct dns_server_info *server_info,
struct dns_packet *packet, unsigned char *inpacket, int inpacket_len,
void *user_ptr)
@@ -3015,7 +3086,7 @@ static int dns_server_resolve_callback(const char *domain, dns_result_type rtype
tlog(TLOG_DEBUG, "query result from server %s: %d, type: %d", dns_client_get_server_ip(server_info),
dns_client_get_server_port(server_info), dns_client_get_server_type(server_info));
if (request->passthrough && atomic_read(&request->notified) == 0) {
if (request->passthrough == 1 && atomic_read(&request->notified) == 0) {
struct dns_server_post_context context;
int ttl = 0;
ret = _dns_server_passthrough_rule_check(request, domain, packet, result_flag, &ttl);
@@ -3064,6 +3135,7 @@ static int dns_server_resolve_callback(const char *domain, dns_result_type rtype
}
_dns_server_process_answer(request, domain, packet, result_flag);
_dns_server_passthrough_may_complete(request);
return 0;
} else if (rtype == DNS_QUERY_ERR) {
tlog(TLOG_ERROR, "request failed, %s", domain);
@@ -3532,6 +3604,10 @@ static int _dns_server_pre_process_rule_flags(struct dns_request *request)
}
flags = rule_flag->flags;
if (flags & DOMAIN_FLAG_NO_SERVE_EXPIRED) {
request->no_serve_expired = 1;
}
if (flags & DOMAIN_FLAG_ADDR_IGN) {
/* ignore this domain */
goto out;
@@ -3866,6 +3942,10 @@ reply_cache:
goto out;
}
if (dns_cache_get_ttl(dns_cache) <= 0 && request->no_serve_expired == 1) {
goto out;
}
ret = _dns_server_process_cache_data(request, dns_cache);
if (ret != 0) {
goto out;
@@ -4095,6 +4175,10 @@ static void _dns_server_check_set_passthrough(struct dns_request *request)
if (request->passthrough == 1) {
request->dualstack_selection = 0;
}
if (request->passthrough == 1 && (request->qtype == DNS_T_A || request->qtype == DNS_T_AAAA)) {
request->passthrough = 2;
}
}
static int _dns_server_process_host(struct dns_request *request)

4
src/lib/conf.c
View File

@@ -219,8 +219,8 @@ static int conf_parse_args(char *key, char *value, int *argc, char **argv)
continue;
}
if (*ptr == '"' && start == NULL) {
sep_flag = '"';
if ((*ptr == '"' || *ptr == '\'') && start == NULL) {
sep_flag = *ptr;
start = NULL;
}

1
src/smartdns.c
View File

@@ -269,6 +269,7 @@ static int _smartdns_add_servers(void)
flags.type = dns_conf_servers[i].type;
flags.server_flag = dns_conf_servers[i].server_flag;
flags.result_flag = dns_conf_servers[i].result_flag;
flags.set_mark = dns_conf_servers[i].set_mark;
ret = dns_client_add_server(dns_conf_servers[i].server, dns_conf_servers[i].port, dns_conf_servers[i].type,
&flags);
if (ret != 0) {