[luci-app-ssr-plus]: add chinadns mode for mosdns

Signed-off-by: Xiaoli Chan

luci-app-ssr-plus/Makefile

@@ -1,8 +1,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-ssr-plus
-PKG_VERSION:=188
-PKG_RELEASE:=3
+PKG_VERSION:=190
+PKG_RELEASE:=1
 
 PKG_CONFIG_DEPENDS:= \
 	CONFIG_PACKAGE_$(PKG_NAME)_INCLUDE_NONE_V2RAY \
@@ -42,6 +42,9 @@ LUCI_DEPENDS:= \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Xray:xray-core \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_ChinaDNS_NG:chinadns-ng \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_MosDNS:mosdns \
+	+PACKAGE_$(PKG_NAME)_INCLUDE_MosDNS:yq \
+	+PACKAGE_$(PKG_NAME)_INCLUDE_MosDNS:v2dat \
+	+PACKAGE_$(PKG_NAME)_INCLUDE_MosDNS:diffutils \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Hysteria:hysteria \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Tuic_Client:tuic-client \
 	+PACKAGE_$(PKG_NAME)_INCLUDE_Shadow_TLS:shadow-tls \

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua

@@ -69,7 +69,7 @@ o:depends("netflix_enable", "1")
 
 o = s:option(ListValue, "shunt_dns_mode", translate("DNS Query Mode For Shunt Mode"))
 o:value("1", translate("Use DNS2SOCKS query and cache"))
-o:value("2", translate("Use MOSDNS query"))
+o:value("2", translate("Use MosDNS query"))
 o:depends("netflix_enable", "1")
 o.default = 1
 
@@ -97,9 +97,9 @@ o:value("tcp://4.2.2.1:53,tcp://4.2.2.2:53", translate("Level 3 Public DNS-2 (4.
 o:value("tcp://4.2.2.3:53,tcp://4.2.2.4:53", translate("Level 3 Public DNS-3 (4.2.2.3-4)"))
 o:value("tcp://1.1.1.1:53,tcp://1.0.0.1:53", translate("Cloudflare DNS"))
 o:depends("shunt_dns_mode", "2")
-o.description = translate("Custom DNS Server for mosdns")
+o.description = translate("Custom DNS Server for MosDNS")
 
-o = s:option(Flag, "shunt_mosdns_ipv6", translate("Disable IPv6 In MOSDNS Query Mode (Shunt Mode)"))
+o = s:option(Flag, "shunt_mosdns_ipv6", translate("Disable IPv6 In MosDNS Query Mode (Shunt Mode)"))
 o:depends("shunt_dns_mode", "2")
 o.rmempty = false
 o.default = "0"

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua

@@ -93,7 +93,7 @@ o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode"))
 o:value("1", translate("Use DNS2TCP query"))
 o:value("2", translate("Use DNS2SOCKS query and cache"))
 if is_finded("mosdns") then
-o:value("3", translate("Use MOSDNS query (Not Support Oversea Mode)"))
+o:value("3", translate("Use MosDNS query (Not Support Oversea Mode)"))
 end
 o:value("0", translate("Use Local DNS Service listen port 5335"))
 o.default = 1
@@ -125,9 +125,9 @@ o:value("tcp://4.2.2.1:53,tcp://4.2.2.2:53", translate("Level 3 Public DNS-2 (4.
 o:value("tcp://4.2.2.3:53,tcp://4.2.2.4:53", translate("Level 3 Public DNS-3 (4.2.2.3-4)"))
 o:value("tcp://1.1.1.1:53,tcp://1.0.0.1:53", translate("Cloudflare DNS"))
 o:depends("pdnsd_enable", "3")
-o.description = translate("Custom DNS Server for mosdns")
+o.description = translate("Custom DNS Server for MosDNS")
 
-o = s:option(Flag, "mosdns_ipv6", translate("Disable IPv6 in MOSDNS query mode"))
+o = s:option(Flag, "mosdns_disable_ipv6", translate("Disable IPv6 in MosDNS query mode (only for Non-CN domain)"))
 o:depends("pdnsd_enable", "3")
 o.rmempty = false
 o.default = "0"
@@ -141,8 +141,8 @@ if is_finded("chinadns-ng") then
 	o:value("119.29.29.29:53", translate("DNSPod Public DNS (119.29.29.29)"))
 	o:value("223.5.5.5:53", translate("AliYun Public DNS (223.5.5.5)"))
 	o:value("180.76.76.76:53", translate("Baidu Public DNS (180.76.76.76)"))
-	o:value("101.226.4.6:53", translate("360 Security DNS (China Telecom) (101.226.4.6)"))
-	o:value("123.125.81.6:53", translate("360 Security DNS (China Unicom) (123.125.81.6)"))
+	o:value("101.226.4.6:53", translate("DNS Pai (CT/CMCC/CU) (101.226.4.6)"))
+	o:value("123.125.81.6:53", translate("DNS Pai (CU) (123.125.81.6)"))
 	o:value("1.2.4.8:53", translate("CNNIC SDNS (1.2.4.8)"))
 	o:depends({pdnsd_enable = "1", run_mode = "router"})
 	o:depends({pdnsd_enable = "2", run_mode = "router"})
@@ -164,5 +164,24 @@ if is_finded("chinadns-ng") then
 	end
 end
 
-return m
+if is_finded("mosdns") then
+	o = s:option(Value, "chinadns_forward_mosdns", translate("Domestic DNS Server (ChinaDNS Mode With MosDNS)"))
+	o:value("", translate("Disable ChinaDNS in MosDNS"))
+	o:value("wan", translate("Use DNS from WAN"))
+	o:value("udp://114.114.114.114:53,udp://114.114.115.115:53", translate("Nanjing Xinfeng 114DNS"))
+	o:value("udp://119.29.29.29:53,udp://119.29.29.29:53", translate("DNSPod Public DNS"))
+	o:value("udp://223.5.5.5:53,udp://223.6.6.6:53", translate("AliYun Public DNS"))
+	o:value("udp://180.76.76.76:53,udp://180.76.76.76:53", translate("Baidu Public DNS"))
+	o:value("udp://101.226.4.6:53,udp://218.30.118.6:53", translate("DNS Pai (CT/CMCC/CU)"))
+	o:value("udp://123.125.81.6:53,udp://140.207.198.6:53", translate("DNS Pai (CU)"))
+	o:value("udp://1.2.4.8:53,udp://210.2.4.8:53", translate("CNNIC SDNS"))
+	o:depends({pdnsd_enable = "3", run_mode = "router"})
+	o.description = translate("Custom DNS Server format as IP:PORT (default: disabled)")
+end
 
+o = s:option(Flag, "mosdns_dnsleak", translate("Prevent DNS leak (Only Work With ChinaDNS Mode)"))
+o:depends({pdnsd_enable = "3", run_mode = "router"})
+o.rmempty = false
+o.default = "0"
+
+return m

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua

@@ -14,6 +14,8 @@ local gfw_count = 0
 local ad_count = 0
 local ip_count = 0
 local nfip_count = 0
+local mainland_domain_count = 0
+local non_mainland_domain_count = 0
 local Process_list = luci.sys.exec("busybox ps -w")
 local uci = luci.model.uci.cursor()
 -- html constants
@@ -52,6 +54,14 @@ if nixio.fs.access("/etc/ssrplus/netflixip.list") then
 	nfip_count = tonumber(luci.sys.exec("cat /etc/ssrplus/netflixip.list | wc -l"))
 end
 
+if nixio.fs.access("/etc/ssrplus/mosdns-chinadns/geosite_cn.txt") then
+	mainland_domain_count = tonumber(luci.sys.exec("cat /etc/ssrplus/mosdns-chinadns/geosite_cn.txt | wc -l"))
+end
+
+if nixio.fs.access("/etc/ssrplus/mosdns-chinadns/geosite_geolocation_not_cn.txt") then
+	non_mainland_domain_count = tonumber(luci.sys.exec("cat /etc/ssrplus/mosdns-chinadns/geosite_geolocation_not_cn.txt | wc -l"))
+end
+
 if Process_list:find("udp.only.ssr.reudp") then
 	reudp_run = 1
 end
@@ -170,10 +180,24 @@ s.template = "shadowsocksr/refresh"
 s.value = ip_count .. " " .. translate("Records")
 
 if uci:get_first("shadowsocksr", 'global', 'netflix_enable', '0') ~= '0' then
-s = m:field(DummyValue, "nfip_data", translate("Netflix IP Data"))
-s.rawhtml = true
-s.template = "shadowsocksr/refresh"
-s.value = nfip_count .. " " .. translate("Records")
+	s = m:field(DummyValue, "nfip_data", translate("Netflix IP Data"))
+	s.rawhtml = true
+	s.template = "shadowsocksr/refresh"
+	s.value = nfip_count .. " " .. translate("Records")
+end
+
+if uci:get_first("shadowsocksr", 'global', 'pdnsd_enable', '0') == '3' then
+	s = m:field(DummyValue, "geo_data", translate("Loyalsoldier's GeoData"))
+	s.rawhtml = true
+	s.template = "shadowsocksr/refresh"
+
+	s = m:field(DummyValue, "mainland_domain_count", translate("Loyalsoldier's GeoData: Mainland Domain Data"))
+	s.rawhtml = true
+	s.value = mainland_domain_count .. " " .. translate("Records")
+
+	s = m:field(DummyValue, "non_mainland_domain_count", translate("Loyalsoldier's GeoData: Non-Mainland Domain Data"))
+	s.rawhtml = true
+	s.value = non_mainland_domain_count .. " " .. translate("Records")
 end
 
 if uci:get_first("shadowsocksr", 'global', 'adblock', '0') == '1' then

luci-app-ssr-plus/po/zh-cn/ssr-plus.po

@@ -390,6 +390,15 @@ msgstr "【中国大陆 IP 段】数据库"
 msgid "Netflix IP Data"
 msgstr "【Netflix IP 段】数据库"
 
+msgid "Loyalsoldier's GeoData"
+msgstr "【GeoData】数据库 (Loyalsoldier)"
+
+msgid "Loyalsoldier's GeoData: Mainland Domain Data"
+msgstr "【GeoData 中的大陆域名】数据库 (Loyalsoldier)"
+
+msgid "Loyalsoldier's GeoData: Non-Mainland Domain Data"
+msgstr "【GeoData 中的非大陆域名】数据库 (Loyalsoldier)"
+
 msgid "Advertising Data"
 msgstr "【广告屏蔽】数据库"
 
@@ -531,26 +540,29 @@ msgstr "使用 DNS2TCP 查询"
 msgid "Use DNS2SOCKS query and cache"
 msgstr "使用 DNS2SOCKS 查询并缓存"
 
-msgid "Use MOSDNS query (Not Support Oversea Mode)"
-msgstr "使用 MOSDNS 查询 (不支持海外用户回国模式)"
+msgid "Use MosDNS query (Not Support Oversea Mode)"
+msgstr "使用 MosDNS 查询 (不支持海外用户回国模式)"
 
-msgid "Disable IPv6 in MOSDNS query mode"
-msgstr "禁止 MOSDNS 返回 IPv6 记录"
+msgid "Disable IPv6 in MosDNS query mode (only for Non-CN domain)"
+msgstr "禁止 MosDNS 返回 IPv6 记录 (仅限非大陆域名)"
 
 msgid "DNS Query Mode For Shunt Mode"
 msgstr "分流模式下的 DNS 查询模式"
 
 msgid "Anti-pollution DNS Server For Shunt Mode"
 msgstr "分流模式下的访问国外域名 DNS 服务器"
 
-msgid "Use MOSDNS query"
-msgstr "使用 MOSDNS 查询"
+msgid "Use MosDNS query"
+msgstr "使用 MosDNS 查询"
+
+msgid "Custom DNS Server for MosDNS"
+msgstr "MosDNS 自定义 DNS 服务器"
 
-msgid "Custom DNS Server for mosdns"
-msgstr "MOSDNS 自定义 DNS 服务器"
+msgid "Disable IPv6 In MosDNS Query Mode (Shunt Mode)"
+msgstr "禁止 MosDNS 返回 IPv6 记录 (分流模式)"
 
-msgid "Disable IPv6 In MOSDNS Query Mode (Shunt Mode)"
-msgstr "禁止 MOSDNS 返回 IPv6 记录 (分流模式)"
+msgid "Prevent DNS leak (Only Work With ChinaDNS Mode)"
+msgstr "防止DNS泄漏 (仅适用于ChinaDNS模式)"
 
 msgid "DNS Server IP:Port"
 msgstr "DNS 服务器 IP:Port"

luci-app-ssr-plus/root/etc/init.d/shadowsocksr

@@ -98,6 +98,12 @@ get_host_ip() {
 	echo $ip
 }
 
+yq_ssr() {
+    temp_file="$(echo "$2" | awk -F '.' '{print $1"-temp."$2}')"
+    cat $2 | yq e "$1" -M > "$temp_file"
+    mv "$temp_file" "$2"
+}
+
 clean_log() {
 	local logsnum=$(cat $LOG_FILE 2>/dev/null | wc -l)
 	[ "$logsnum" -gt 1000 ] && {
@@ -206,24 +212,77 @@ start_dns() {
 			pdnsd_enable_flag=2
 			;;
 		3)
-			local mosdns_ipv6="$(uci_get_by_type global mosdns_ipv6)"
+			local mosdns_disable_ipv6="$(uci_get_by_type global mosdns_disable_ipv6)"
 			local mosdns_dnsserver="$(uci_get_by_type global tunnel_forward_mosdns)"
-			output=$(for i in $(echo $mosdns_dnsserver | sed "s/,/ /g"); do
-				dnsserver=${i%:*}
-				dnsserver=${i##*/}
-				add_dns_into_ipset $run_mode $dnsserver
-				echo "            - addr: $i"
-				echo "              enable_pipeline: true"
-			done)
+			local chinadns_mosdns="$(uci_get_by_type global chinadns_forward_mosdns)"
+			local mosdns_dnsleak="$(uci_get_by_type global mosdns_dnsleak)"
+			local netflix_enable="$(uci_get_by_type global netflix_enable)"
+			if [ "$run_mode" = "router" ] && [ -n "$chinadns_mosdns" ]; then
+				cp /etc/ssrplus/mosdns-config-chinadns.yaml $TMP_PATH/mosdns-config-chinadns.yaml
+				tmp=$(for i in $(echo $mosdns_dnsserver | sed "s/,/ /g"); do
+					dnsserver=${i%:*}
+					dnsserver=${i##*/}
+					add_dns_into_ipset $run_mode $dnsserver
+					yq_ssr '.plugins[4].args.upstreams += [{"addr":"'"${i}"'","enable_pipeline":"true"}]' $TMP_PATH/mosdns-config-chinadns.yaml
+				done)
+
+				if [ "$chinadns_mosdns" = "wan" ]; then
+					wandns=$(ifstatus wan | jsonfilter -e '@["dns-server"]' | sed 's/\[//g; s/\]//g' | sed 's/"//g' | sed 's/ //g' | sed 's/,/ /g')
+					tmp=$(for i in $(echo $wandns); do
+						i="udp://$i:53"
+						yq_ssr '.plugins[5].args.upstreams += [{"addr":"'"${i}"'"}]' $TMP_PATH/mosdns-config-chinadns.yaml
+					done)
+				else
+					tmp=$(for i in $(echo $chinadns_mosdns | sed "s/,/ /g"); do
+						yq_ssr '.plugins[5].args.upstreams += [{"addr":"'"${i}"'"}]' $TMP_PATH/mosdns-config-chinadns.yaml
+					done)
+				fi
+
+				if [ "$mosdns_disable_ipv6" == "0" ]; then
+					yq_ssr '.plugins[10].args[0].exec="$remote_sequence_with_IPv6" | .plugins[12].args[0].exec="$remote_sequence_with_IPv6"' $TMP_PATH/mosdns-config-chinadns.yaml
+				else
+					yq_ssr '.plugins[10].args[0].exec="$remote_sequence_disable_IPv6" | .plugins[12].args[0].exec="$remote_sequence_disable_IPv6"' $TMP_PATH/mosdns-config-chinadns.yaml
+				fi
+
+				if [ "$mosdns_dnsleak" != "0" ]; then
+					yq_ssr '.plugins[13].args.primary="query_is_remote_ip"' $TMP_PATH/mosdns-config-chinadns.yaml
+				fi
+
+				yq_ssr '.plugins[16].args.listen="0.0.0.0:'${dns_port}'" | .plugins[17].args.listen="0.0.0.0:'${dns_port}'"' $TMP_PATH/mosdns-config-chinadns.yaml
+
+				if [ "$netflix_enable" == 1 ]; then
+					yq_ssr '.plugins |= (.[:4] + [{"tag": "netflix_domain", "type": "domain_set", "args": {"files": ["/etc/ssrplus/netflix.list"]}}] + .[4:])' $TMP_PATH/mosdns-config-chinadns.yaml
+					yq_ssr '.plugins |= (.[:7] + [{"tag": "forward_netflix", "type": "forward", "args": {"upstreams": [{"addr":"udp://127.0.0.1:'"${tmp_shunt_dns_port}"'"}]}}] + .[7:])' $TMP_PATH/mosdns-config-chinadns.yaml
+					yq_ssr '.plugins |= (.[:11] + [{"tag": "netflix_sequence", "type": "sequence", "args": [{"exec": "$forward_netflix"}]}] + .[11:])' $TMP_PATH/mosdns-config-chinadns.yaml
+					yq_ssr '.plugins |= (.[:14] + [{"tag": "query_is_netflix_domain", "type": "sequence", "args": [{"matches": "qname $netflix_domain", "exec": "$netflix_sequence"}, {"exec": "ipset netflix,inet,24"}]}] + .[14:])' $TMP_PATH/mosdns-config-chinadns.yaml
+					yq_ssr '.plugins[19].args |= (.[:3] + [{"exec": "$query_is_netflix_domain"}, {"exec": "jump has_resp_sequence"}] + .[3:])' $TMP_PATH/mosdns-config-chinadns.yaml
+				fi
 
-			awk -v line=14 -v text="$output" 'NR == line+1 {print text} 1' /etc/ssrplus/mosdns-config.yaml | sed "s/DNS_PORT/$dns_port/g" > $TMP_PATH/mosdns-config.yaml
-			if [ "$mosdns_ipv6" == "0" ]; then
-				sed -i "s/DNS_MODE/main_sequence_with_IPv6/g" $TMP_PATH/mosdns-config.yaml
+				pdnsd_enable_flag=3
+				ln_start_bin $(first_type mosdns) mosdns start -c $TMP_PATH/mosdns-config-chinadns.yaml
+				cat <<-EOF >> "$TMP_DNSMASQ_PATH/chinadns_fixed_server.conf"
+					no-poll
+					no-resolv
+					server=127.0.0.1#$dns_port
+				EOF
 			else
-				sed -i "s/DNS_MODE/main_sequence_disable_IPv6/g" $TMP_PATH/mosdns-config.yaml
+				cp /etc/ssrplus/mosdns-config.yaml $TMP_PATH/mosdns-config.yaml
+				tmp=$(for i in $(echo $mosdns_dnsserver | sed "s/,/ /g"); do
+					dnsserver=${i%:*}
+					dnsserver=${i##*/}
+					add_dns_into_ipset $run_mode $dnsserver
+					yq_ssr '.plugins[1].args.upstreams += [{"addr":"'"${i}"'","enable_pipeline":"true"}]' $TMP_PATH/mosdns-config.yaml
+				done)
+
+				if [ "$mosdns_disable_ipv6" == "0" ]; then
+					yq_ssr '.plugins[4].args.entry="main_sequence_with_IPv6" | .plugins[5].args.entry="main_sequence_with_IPv6"' $TMP_PATH/mosdns-config.yaml
+				else
+					yq_ssr '.plugins[4].args.entry="main_sequence_disable_IPv6" | .plugins[5].args.entry="main_sequence_disable_IPv6"' $TMP_PATH/mosdns-config.yaml
+				fi
+				yq_ssr '.plugins[4].args.listen="0.0.0.0:'${dns_port}'" | .plugins[5].args.listen="0.0.0.0:'${dns_port}'"' $TMP_PATH/mosdns-config.yaml
+				pdnsd_enable_flag=3
+				ln_start_bin $(first_type mosdns) mosdns start -c $TMP_PATH/mosdns-config.yaml
 			fi
-			ln_start_bin $(first_type mosdns) mosdns start -c $TMP_PATH/mosdns-config.yaml
-			pdnsd_enable_flag=3
 			;;
 		esac
 
@@ -487,20 +546,19 @@ shunt_dns_command() {
 		ln_start_bin $(first_type dns2socks) dns2socks 127.0.0.1:$tmp_port $shunt_dnsserver 127.0.0.1:$tmp_shunt_dns_port -q
 		;;
 	2)
-		local shunt_mosdns_ipv6="$(uci_get_by_type global shunt_mosdns_ipv6)"
+		local shunt_mosdns_disable_ipv6="$(uci_get_by_type global shunt_mosdns_disable_ipv6)"
 		local shunt_mosdns_dnsserver="$(uci_get_by_type global shunt_mosdns_dnsserver)"
-		output=$(for i in $(echo $shunt_mosdns_dnsserver | sed "s/,/ /g"); do
-			echo "            - addr: $i"
-			echo "              socks5: \"127.0.0.1:$tmp_port\""
-			echo "              enable_pipeline: true"
+		cp /etc/ssrplus/mosdns-config.yaml $TMP_PATH/mosdns-config-shunt.yaml
+		tmp=$(for i in $(echo $shunt_mosdns_dnsserver | sed "s/,/ /g"); do
+			yq_ssr '.plugins[1].args.upstreams += [{"addr":"'"${i}"'","socks5":"127.0.0.1:'"${tmp_port}"'","enable_pipeline":"true"}]' $TMP_PATH/mosdns-config-shunt.yaml
 		done)
-		awk -v line=14 -v text="$output" 'NR == line+1 {print text} 1' /etc/ssrplus/mosdns-config.yaml | sed "s/DNS_PORT/$tmp_shunt_dns_port/g" > $TMP_PATH/mosdns-config-shunt.yaml
 
-		if [ "$shunt_mosdns_ipv6" == "0" ]; then
-			sed -i "s/DNS_MODE/main_sequence_with_IPv6/g" $TMP_PATH/mosdns-config-shunt.yaml
+		if [ "$shunt_mosdns_disable_ipv6" == "0" ]; then
+			yq_ssr '.plugins[4].args.entry="main_sequence_with_IPv6" | .plugins[5].args.entry="main_sequence_with_IPv6"' $TMP_PATH/mosdns-config-shunt.yaml
 		else
-			sed -i "s/DNS_MODE/main_sequence_disable_IPv6/g" $TMP_PATH/mosdns-config-shunt.yaml
+			yq_ssr '.plugins[4].args.entry="main_sequence_disable_IPv6" | .plugins[5].args.entry="main_sequence_disable_IPv6"' $TMP_PATH/mosdns-config-shunt.yaml
 		fi
+		yq_ssr '.plugins[4].args.listen="0.0.0.0:'${tmp_shunt_dns_port}'" | .plugins[5].args.listen="0.0.0.0:'${tmp_shunt_dns_port}'"' $TMP_PATH/mosdns-config-shunt.yaml
 		ln_start_bin $(first_type mosdns) mosdns start -c $TMP_PATH/mosdns-config-shunt.yaml
 		;;
 	esac