Mirror/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2025-12-07 03:56:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: replace non-working split DNS with bootstrap DNS for upstream DNS resolution

Browse Source
This commit is contained in:
Andrey Petelin
2025-10-02 15:58:26 +05:00
parent a3f4e942c3
commit aea201bf24
4 changed files with 47 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
luci-app-podkop/htdocs/luci-static/resources/view/podkop/additionalTab.js
View File

@@ -60,38 +60,27 @@ function createAdditionalSection(mainSection, network) {
return true; return true;
}; };
o = mainSection.taboption('additional', form.Flag, 'split_dns_enabled', _('Split DNS'), _('DNS for the list via proxy')); o = mainSection.taboption('additional', form.Value, 'bootstrap_dns_server', _('Bootstrap DNS server'), _('The DNS server used to look up the IP address of an upstream DNS server'));
o.default = '1'; o.value('77.88.8.8', '77.88.8.8 (Yandex DNS)');
o.value('77.88.8.1', '77.88.8.1 (Yandex DNS)');
o.value('1.1.1.1', '1.1.1.1 (Cloudflare DNS)');
o.value('1.0.0.1', '1.0.0.1 (Cloudflare DNS)');
o.value('8.8.8.8', '8.8.8.8 (Google DNS)');
o.value('8.8.4.4', '8.8.4.4 (Google DNS)');
o.value('9.9.9.9', '9.9.9.9 (Quad9 DNS)');
o.value('9.9.9.11', '9.9.9.11 (Quad9 DNS)');
o.default = '77.88.8.8';
o.rmempty = false; o.rmempty = false;
o.ucisection = 'main'; o.ucisection = 'main';
o = mainSection.taboption('additional', form.ListValue, 'split_dns_type', _('Split DNS Protocol Type'), _('Select DNS protocol for split'));
o.value('doh', _('DNS over HTTPS (DoH)'));
o.value('dot', _('DNS over TLS (DoT)'));
o.value('udp', _('UDP (Unprotected DNS)'));
o.default = 'udp';
o.rmempty = false;
o.depends('split_dns_enabled', '1');
o.ucisection = 'main';
o = mainSection.taboption('additional', form.Value, 'split_dns_server', _('Split DNS Server'), _('Select or enter DNS server address'));
Object.entries(constants.DNS_SERVER_OPTIONS).forEach(([key, label]) => {
o.value(key, _(label));
});
o.default = '1.1.1.1';
o.rmempty = false;
o.depends('split_dns_enabled', '1');
o.ucisection = 'main';
o.validate = function (section_id, value) { o.validate = function (section_id, value) {
if (!value) { if (!value) {
return _('DNS server address cannot be empty'); return _('DNS server address cannot be empty');
} }
const ipRegex = /^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.?\b){4}(:[0-9]{1,5})?$/; const ipRegex = /^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.?\b){4}(:[0-9]{1,5})?$/;
const domainRegex = /^(?:https:\/\/)?([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-zA-Z]{2,63}(:[0-9]{1,5})?(\/[^?#\s]*)?$/;
if (!ipRegex.test(value) && !domainRegex.test(value)) { if (!ipRegex.test(value)) {
return _('Invalid DNS server format. Examples: 8.8.8.8 or dns.example.com or dns.example.com/nicedns for DoH'); return _('Invalid DNS server format. Example: 8.8.8.8');
} }
return true; return true;

12
luci-app-podkop/htdocs/luci-static/resources/view/podkop/constants.js
View File

@@ -62,12 +62,12 @@ const UPDATE_INTERVAL_OPTIONS = {
}; };
const DNS_SERVER_OPTIONS = { const DNS_SERVER_OPTIONS = {
'1.1.1.1': 'Cloudflare (1.1.1.1)', '1.1.1.1': '1.1.1.1 (Cloudflare)',
'8.8.8.8': 'Google (8.8.8.8)', '8.8.8.8': '8.8.8.8 (Google)',
'9.9.9.9': 'Quad9 (9.9.9.9)', '9.9.9.9': '9.9.9.9 (Quad9)',
'dns.adguard-dns.com': 'AdGuard Default (dns.adguard-dns.com)', 'dns.adguard-dns.com': 'dns.adguard-dns.com (AdGuard Default)',
'unfiltered.adguard-dns.com': 'AdGuard Unfiltered (unfiltered.adguard-dns.com)', 'unfiltered.adguard-dns.com': 'unfiltered.adguard-dns.com (AdGuard Unfiltered)',
'family.adguard-dns.com': 'AdGuard Family (family.adguard-dns.com)' 'family.adguard-dns.com': 'family.adguard-dns.com (AdGuard Family)'
}; };
const DIAGNOSTICS_UPDATE_INTERVAL = 10000; // 10 seconds const DIAGNOSTICS_UPDATE_INTERVAL = 10000; // 10 seconds

99
podkop/files/usr/bin/podkop
View File

@@ -576,16 +576,6 @@ list_update() {
fi fi
} }
find_working_resolver() {
for resolver in $DNS_RESOLVERS; do
if nslookup -timeout=2 $FAKEIP_TEST_DOMAIN $resolver > /dev/null 2>&1; then
echo "$resolver"
return 0
fi
done
return 1
}
# sing-box funcs # sing-box funcs
sing_box_uci() { sing_box_uci() {
@@ -709,7 +699,7 @@ configure_outbound_handler() {
else else
outbound_tags="$outbound_tags,$outbound_tag" outbound_tags="$outbound_tags,$outbound_tag"
fi fi
i=$((i+1)) i=$((i + 1))
done done
urltest_tag="$(get_outbound_tag_by_section "$section-urltest")" urltest_tag="$(get_outbound_tag_by_section "$section-urltest")"
@@ -749,53 +739,22 @@ configure_outbound_handler() {
sing_box_configure_dns() { sing_box_configure_dns() {
log "Configure the DNS section of a sing-box JSON configuration" log "Configure the DNS section of a sing-box JSON configuration"
local split_dns_enabled final_dns_server config=$(sing_box_cm_configure_dns "$config" "$SB_DNS_SERVER_TAG" "ipv4_only" true)
config_get_bool split_dns_enabled "main" "split_dns_enabled" 0
if [ "$split_dns_enabled" -eq 1 ]; then
final_dns_server="$SB_SPLIT_DNS_SERVER_TAG"
else
final_dns_server="$SB_DNS_SERVER_TAG"
fi
config=$(sing_box_cm_configure_dns "$config" "$final_dns_server" "ipv4_only" true)
local dns_type dns_server split_dns_type split_dns_server dns_server_address split_dns_server_address log "Adding DNS Servers" "debug"
local dns_type dns_server bootstrap_dns_server dns_server_address dns_domain_resolver
config_get dns_type "main" "dns_type" "doh" config_get dns_type "main" "dns_type" "doh"
config_get dns_server "main" "dns_server" "1.1.1.1" config_get dns_server "main" "dns_server" "1.1.1.1"
config_get split_dns_type "main" "split_dns_type" "udp" config_get bootstrap_dns_server "main" "bootstrap_dns_server" "77.88.8.8"
config_get split_dns_server "main" "split_dns_server" "1.1.1.1"
dns_server_address=$(url_get_host "$dns_server") dns_server_address=$(url_get_host "$dns_server")
split_dns_server_address=$(url_get_host "$split_dns_server") if ! is_ipv4 "$dns_server_address"; then
dns_domain_resolver=$SB_BOOTSTRAP_SERVER_TAG
local need_dns_domain_resolver=0
if ! is_ipv4 "$dns_server_address" || ! is_ipv4 "$split_dns_server_address"; then
need_dns_domain_resolver=1
fi
log "Adding DNS Servers"
config=$(sing_box_cm_add_fakeip_dns_server "$config" "$SB_FAKEIP_DNS_SERVER_TAG" "$SB_FAKEIP_INET4_RANGE")
local dns_domain_resolver
if [ "$need_dns_domain_resolver" -eq 1 ]; then
log "One of the DNS server addresses is a domain. Searching for a working DNS server..."
dns_domain_resolver=$(find_working_resolver)
if [ -z "$dns_domain_resolver" ]; then
log "Working DNS server not found, using default DNS server"
dns_domain_resolver="1.1.1.1"
else
log "Working DNS server has been found: $dns_domain_resolver"
fi
config=$(sing_box_cm_add_udp_dns_server "$config" "$SB_DNS_DOMAIN_RESOLVER_TAG" "$dns_domain_resolver" 53)
dns_domain_resolver="$SB_DNS_DOMAIN_RESOLVER_TAG"
fi fi
config=$(sing_box_cm_add_udp_dns_server "$config" "$SB_BOOTSTRAP_SERVER_TAG" "$bootstrap_dns_server" 53)
config=$(sing_box_cf_add_dns_server "$config" "$dns_type" "$SB_DNS_SERVER_TAG" "$dns_server" "$dns_domain_resolver") config=$(sing_box_cf_add_dns_server "$config" "$dns_type" "$SB_DNS_SERVER_TAG" "$dns_server" "$dns_domain_resolver")
config=$(sing_box_cm_add_fakeip_dns_server "$config" "$SB_FAKEIP_DNS_SERVER_TAG" "$SB_FAKEIP_INET4_RANGE")
if [ "$split_dns_enabled" -eq 1 ]; then
config=$(
sing_box_cf_add_dns_server "$config" "$split_dns_type" "$SB_SPLIT_DNS_SERVER_TAG" "$split_dns_server" \
"$dns_domain_resolver" "$SB_MAIN_OUTBOUND_TAG"
)
fi
log "Adding DNS Rules" log "Adding DNS Rules"
local rewrite_ttl service_domains local rewrite_ttl service_domains
@@ -807,11 +766,6 @@ sing_box_configure_dns() {
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rewrite_ttl" "$rewrite_ttl") config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rewrite_ttl" "$rewrite_ttl")
service_domains=$(comma_string_to_json_array "$FAKEIP_TEST_DOMAIN,$CHECK_PROXY_IP_DOMAIN") service_domains=$(comma_string_to_json_array "$FAKEIP_TEST_DOMAIN,$CHECK_PROXY_IP_DOMAIN")
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "domain" "$service_domains") config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "domain" "$service_domains")
if [ "$split_dns_enabled" -eq 1 ]; then
config=$(sing_box_cm_add_dns_route_rule "$config" "$SB_DNS_SERVER_TAG" "$SB_INVERT_FAKEIP_DNS_RULE_TAG")
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_INVERT_FAKEIP_DNS_RULE_TAG" "invert" true)
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_INVERT_FAKEIP_DNS_RULE_TAG" "domain" "$service_domains")
fi
} }
sing_box_configure_route() { sing_box_configure_route() {
@@ -990,7 +944,9 @@ prepare_common_ruleset() {
config=$(sing_box_cm_add_local_ruleset "$config" "$ruleset_tag" "source" "$ruleset_filepath") config=$(sing_box_cm_add_local_ruleset "$config" "$ruleset_tag" "source" "$ruleset_filepath")
config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag") config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag")
case "$type" in case "$type" in
domains) _add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag" ;; domains)
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
;;
subnets) ;; subnets) ;;
*) log "Unsupported remote rule set type: $type" "warn" ;; *) log "Unsupported remote rule set type: $type" "warn" ;;
esac esac
@@ -1011,7 +967,7 @@ configure_community_list_handler() {
config=$(sing_box_cm_add_remote_ruleset "$config" "$ruleset_tag" "$format" "$url" "$detour" "$update_interval") config=$(sing_box_cm_add_remote_ruleset "$config" "$ruleset_tag" "$format" "$url" "$detour" "$update_interval")
config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag") config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag")
_add_ruleset_to_dns_rules "$ruleset_tag" config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
} }
configure_user_domain_or_subnets_list() { configure_user_domain_or_subnets_list() {
@@ -1070,7 +1026,7 @@ configure_local_domain_or_subnet_lists() {
domains) domains)
config_list_foreach "$section" "local_domain_lists" import_local_domain_or_subnet_list "$type" \ config_list_foreach "$section" "local_domain_lists" import_local_domain_or_subnet_list "$type" \
"$section" "$ruleset_filepath" "$section" "$ruleset_filepath"
_add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag" config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
;; ;;
subnets) subnets)
config_list_foreach "$section" "local_subnet_lists" import_local_domain_or_subnet_list "$type" \ config_list_foreach "$section" "local_subnet_lists" import_local_domain_or_subnet_list "$type" \
@@ -1130,7 +1086,9 @@ configure_remote_domain_or_subnet_list_handler() {
config=$(sing_box_cm_add_remote_ruleset "$config" "$ruleset_tag" "$format" "$url" "$detour" "$update_interval") config=$(sing_box_cm_add_remote_ruleset "$config" "$ruleset_tag" "$format" "$url" "$detour" "$update_interval")
config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag") config=$(sing_box_cm_patch_route_rule "$config" "$route_rule_tag" "rule_set" "$ruleset_tag")
case "$type" in case "$type" in
domains) _add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag" ;; domains)
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
;;
subnets) ;; subnets) ;;
*) log "Unsupported remote rule set type: $type" "warn" ;; *) log "Unsupported remote rule set type: $type" "warn" ;;
esac esac
@@ -1141,17 +1099,6 @@ configure_remote_domain_or_subnet_list_handler() {
esac esac
} }
_add_ruleset_to_dns_rules() {
local ruleset_tag="$1"
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
local split_dns_enabled final_dns_server
config_get_bool split_dns_enabled "main" "split_dns_enabled" 0
if [ "$split_dns_enabled" -eq 1 ]; then
config=$(sing_box_cm_patch_dns_route_rule "$config" "$SB_INVERT_FAKEIP_DNS_RULE_TAG" "rule_set" "$ruleset_tag")
fi
}
sing_box_configure_experimental() { sing_box_configure_experimental() {
log "Configure the experimental section of a sing-box JSON configuration" log "Configure the experimental section of a sing-box JSON configuration"
@@ -1990,6 +1937,16 @@ print_global() {
echo "$message" echo "$message"
} }
find_working_resolver() {
for resolver in $DNS_RESOLVERS; do
if nslookup -timeout=2 "$FAKEIP_TEST_DOMAIN" "$resolver" > /dev/null 2>&1; then
echo "$resolver"
return 0
fi
done
return 1
}
global_check() { global_check() {
print_global "📡 Global check run!" print_global "📡 Global check run!"
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"

3
podkop/files/usr/lib/constants.sh
View File

@@ -25,10 +25,9 @@ SB_REQUIRED_VERSION="1.12.0"
SB_DEFAULT_LOG_LEVEL="warn" SB_DEFAULT_LOG_LEVEL="warn"
# DNS # DNS
SB_DNS_SERVER_TAG="dns-server" SB_DNS_SERVER_TAG="dns-server"
SB_SPLIT_DNS_SERVER_TAG="split-dns-server"
SB_FAKEIP_DNS_SERVER_TAG="fakeip-server" SB_FAKEIP_DNS_SERVER_TAG="fakeip-server"
SB_FAKEIP_INET4_RANGE="198.18.0.0/15" SB_FAKEIP_INET4_RANGE="198.18.0.0/15"
SB_DNS_DOMAIN_RESOLVER_TAG="dns-domain-resolver" SB_BOOTSTRAP_SERVER_TAG="bootstrap-dns-server"
SB_FAKEIP_DNS_RULE_TAG="fakeip-dns-rule-tag" SB_FAKEIP_DNS_RULE_TAG="fakeip-dns-rule-tag"
SB_INVERT_FAKEIP_DNS_RULE_TAG="invert-fakeip-dns-rule-tag" SB_INVERT_FAKEIP_DNS_RULE_TAG="invert-fakeip-dns-rule-tag"
# Inbounds # Inbounds