Mirror/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2025-12-18 13:38:14 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added split dns. Func for build sing-box config

Browse Source
This commit is contained in:
itdoginfo
2025-06-25 23:34:39 +03:00
parent 1fd67eefb3
commit ce1f86ceb7
3 changed files with 196 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
luci-app-podkop/htdocs/luci-static/resources/view/podkop/additionalTab.js
View File

@@ -34,7 +34,7 @@ function createAdditionalSection(mainSection, network) {
o.value('doh', _('DNS over HTTPS (DoH)')); o.value('doh', _('DNS over HTTPS (DoH)'));
o.value('dot', _('DNS over TLS (DoT)')); o.value('dot', _('DNS over TLS (DoT)'));
o.value('udp', _('UDP (Unprotected DNS)')); o.value('udp', _('UDP (Unprotected DNS)'));
o.default = 'doh'; o.default = 'udp';
o.rmempty = false; o.rmempty = false;
o.ucisection = 'main'; o.ucisection = 'main';
@@ -70,6 +70,53 @@ function createAdditionalSection(mainSection, network) {
return true; return true;
}; };
o = mainSection.taboption('additional', form.Flag, 'split_dns_enabled', _('Split DNS'), _('DNS for the list via proxy'));
o.default = '1';
o.rmempty = false;
o.ucisection = 'main';
o = mainSection.taboption('additional', form.ListValue, 'split_dns_type', _('Split DNS Protocol Type'), _('Select DNS protocol for split'));
o.value('doh', _('DNS over HTTPS (DoH)'));
o.value('dot', _('DNS over TLS (DoT)'));
o.value('udp', _('UDP (Unprotected DNS)'));
o.default = 'udp';
o.rmempty = false;
o.depends('split_dns_enabled', '1');
o.ucisection = 'main';
o = mainSection.taboption('additional', form.Value, 'split_dns_server', _('Split DNS Server'), _('Select or enter DNS server address'));
Object.entries(constants.DNS_SERVER_OPTIONS).forEach(([key, label]) => {
o.value(key, _(label));
});
o.default = '1.1.1.1';
o.rmempty = false;
o.depends('split_dns_enabled', '1');
o.ucisection = 'main';
o.validate = function (section_id, value) {
if (!value) {
return _('DNS server address cannot be empty');
}
const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/;
if (ipRegex.test(value)) {
const parts = value.split('.');
for (const part of parts) {
const num = parseInt(part);
if (num < 0 || num > 255) {
return _('IP address parts must be between 0 and 255');
}
}
return true;
}
const domainRegex = /^([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.[a-zA-Z]{2,}(\/[^\s]*)?$/;
if (!domainRegex.test(value)) {
return _('Invalid DNS server format. Examples: 8.8.8.8 or dns.example.com or dns.example.com/nicedns for DoH');
}
return true;
};
o = mainSection.taboption('additional', form.Value, 'dns_rewrite_ttl', _('DNS Rewrite TTL'), _('Time in seconds for DNS record caching (default: 60)')); o = mainSection.taboption('additional', form.Value, 'dns_rewrite_ttl', _('DNS Rewrite TTL'), _('Time in seconds for DNS record caching (default: 60)'));
o.default = '60'; o.default = '60';
o.rmempty = false; o.rmempty = false;

5
podkop/files/etc/config/podkop
View File

@@ -31,8 +31,11 @@ config main 'main'
option quic_disable '0' option quic_disable '0'
option dont_touch_dhcp '0' option dont_touch_dhcp '0'
option update_interval '1d' option update_interval '1d'
option dns_type 'doh' option dns_type 'udp'
option dns_server '8.8.8.8' option dns_server '8.8.8.8'
option split_dns_enabled '1'
option split_dns_type 'udp'
option split_dns_server '8.8.8.8'
option dns_rewrite_ttl '60' option dns_rewrite_ttl '60'
option cache_file '/tmp/cache.db' option cache_file '/tmp/cache.db'
list iface 'br-lan' list iface 'br-lan'

188
podkop/files/usr/bin/podkop
View File

@@ -53,6 +53,10 @@ echolog() {
nolog "$message" nolog "$message"
} }
build_sing_box_config() {
cat > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
}
start_main() { start_main() {
log "Starting podkop" log "Starting podkop"
@@ -80,7 +84,7 @@ start_main() {
# Sync time for DoH/DoT # Sync time for DoH/DoT
/usr/sbin/ntpd -q -p 194.190.168.1 -p 216.239.35.0 -p 216.239.35.4 -p 162.159.200.1 -p 162.159.200.123 /usr/sbin/ntpd -q -p 194.190.168.1 -p 216.239.35.0 -p 216.239.35.4 -p 162.159.200.1 -p 162.159.200.123
sleep 2 sleep 1
mkdir -p /tmp/podkop mkdir -p /tmp/podkop
@@ -126,7 +130,7 @@ start_main() {
jq '.experimental.clash_api = { jq '.experimental.clash_api = {
"external_ui": "ui", "external_ui": "ui",
"external_controller": "0.0.0.0:9090" "external_controller": "0.0.0.0:9090"
}' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }' "$SING_BOX_CONFIG" | build_sing_box_config
fi fi
config_get_bool exclude_ntp "main" "exclude_ntp" "0" config_get_bool exclude_ntp "main" "exclude_ntp" "0"
@@ -149,7 +153,6 @@ start_main() {
sing_box_config_check sing_box_config_check
/etc/init.d/sing-box start /etc/init.d/sing-box start
#/etc/init.d/sing-box enable
log "Nice" log "Nice"
} }
@@ -557,7 +560,7 @@ prepare_custom_ruleset() {
"type": "local", "type": "local",
"format": "source", "format": "source",
"path": $file "path": $file
}]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }]' "$SING_BOX_CONFIG" | build_sing_box_config
sing_box_rules $tag $section sing_box_rules $tag $section
sing_box_dns_rule_fakeip_section $tag $tag sing_box_dns_rule_fakeip_section $tag $tag
@@ -674,7 +677,7 @@ add_socks5_for_section() {
"inbound": [$tag], "inbound": [$tag],
"outbound": $section, "outbound": $section,
"action": "route" "action": "route"
}]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }]' "$SING_BOX_CONFIG" | build_sing_box_config
} }
process_socks5() { process_socks5() {
@@ -731,9 +734,13 @@ sing_box_dns() {
local dns_type local dns_type
local dns_server local dns_server
local resolver_tag="resolver" local resolver_tag="resolver"
local split_resolver_tag="split-resolver"
config_get dns_type "main" "dns_type" "doh" config_get dns_type "main" "dns_type" "doh"
config_get dns_server "main" "dns_server" "1.1.1.1" config_get dns_server "main" "dns_server" "1.1.1.1"
config_get split_dns_enabled "main" "split_dns_enabled" "0"
config_get split_dns_type "main" "split_dns_type" "udp"
config_get split_dns_server "main" "split_dns_server" "1.1.1.1"
local server_json local server_json
local is_ip=$(echo "$dns_server" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' && echo "1" || echo "0") local is_ip=$(echo "$dns_server" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' && echo "1" || echo "0")
@@ -790,20 +797,79 @@ sing_box_dns() {
}]') }]')
fi fi
if [ "$split_dns_enabled" = "1" ]; then
local split_is_ip=$(echo "$split_dns_server" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' && echo "1" || echo "0")
if [ "$split_is_ip" = "0" ]; then
log "Finding working resolver for split DNS"
local split_dns_resolver=$(find_working_resolver)
if [ -z "$split_dns_resolver" ]; then
log "No working resolver found for split DNS, using default"
split_dns_resolver="1.1.1.1"
else
log "Found working resolver for split DNS: $split_dns_resolver"
fi
fi
server_json=$(echo "$server_json" | jq \
--arg type "$split_dns_type" \
--arg server "$split_dns_server" \
--arg split_is_ip "$split_is_ip" \
--arg split_resolver_tag "$split_resolver_tag" \
' .servers += [
{
"tag": "split-dns-server",
"address": (
if $type == "doh" then
"https://" + $server + "/dns-query"
elif $type == "dot" then
"tls://" + $server
else
$server
end
),
"detour": "main"
} + (
if $split_is_ip == "0" then
{"address_resolver": $split_resolver_tag}
else
{}
end
)
]')
if [ "$split_is_ip" = "0" ]; then
server_json=$(echo "$server_json" | jq \
--arg split_resolver_tag "$split_resolver_tag" \
--arg split_dns_resolver "$split_dns_resolver" \
'.servers += [{
"tag": $split_resolver_tag,
"address": $split_dns_resolver
}]')
fi
fi
server_json=$(echo "$server_json" | jq '.servers += [{"tag": "fakeip-server", "address": "fakeip"}]') server_json=$(echo "$server_json" | jq '.servers += [{"tag": "fakeip-server", "address": "fakeip"}]')
jq \ jq \
--argjson dns_config "$server_json" \ --argjson dns_config "$server_json" \
--arg fakeip "$FAKEIP" \ --arg fakeip "$FAKEIP" \
--argjson split_dns_enabled "$split_dns_enabled" \
'.dns = { '.dns = {
"strategy": "ipv4_only", "strategy": "ipv4_only",
"independent_cache": true, "independent_cache": true,
"final": (
if $split_dns_enabled == 1 then
"split-dns-server"
else
"dns-server"
end
),
"fakeip": { "fakeip": {
"enabled": true, "enabled": true,
"inet4_range": $fakeip "inet4_range": $fakeip
}, },
"servers": $dns_config.servers "servers": $dns_config.servers
}' $SING_BOX_CONFIG > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_create_bypass_ruleset() { sing_box_create_bypass_ruleset() {
@@ -820,7 +886,7 @@ sing_box_create_bypass_ruleset() {
] ]
} }
] ]
}]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }]' "$SING_BOX_CONFIG" | build_sing_box_config
# Add a rule to route bypass domains to direct-out outbound # Add a rule to route bypass domains to direct-out outbound
jq ' jq '
@@ -829,49 +895,64 @@ sing_box_create_bypass_ruleset() {
"rule_set": ["bypass"], "rule_set": ["bypass"],
"outbound": "main", "outbound": "main",
"action": "route" "action": "route"
}]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }]' "$SING_BOX_CONFIG" | build_sing_box_config
# Make sure the bypass ruleset is in the fakeip DNS rule # Make sure the bypass ruleset is in the fakeip DNS rule
jq ' jq '
.dns.rules = (.dns.rules | map( .dns.rules = (.dns.rules | map(
if .server == "fakeip-server" then if (.server == "fakeip-server" or (.server == "dns-server" and .invert == true)) then
.rule_set += ["bypass"] if any(.rule_set[]?; . == "bypass") then
.
else
.rule_set += ["bypass"]
end
else else
. .
end end
))' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG ))' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_dns_rule_fakeip() { sing_box_dns_rule_fakeip() {
local rewrite_ttl local rewrite_ttl
config_get rewrite_ttl "main" "dns_rewrite_ttl" "600" config_get rewrite_ttl "main" "dns_rewrite_ttl" "60"
config_get split_dns_enabled "main" "split_dns_enabled" "0"
log "Configure fakeip route in sing-box and set TTL to $rewrite_ttl seconds" log "Configure fakeip route in sing-box and set TTL to $rewrite_ttl seconds"
jq \ jq \
--arg ttl "$rewrite_ttl" \ --arg ttl "$rewrite_ttl" \
'.dns += { --argjson split_dns_enabled "$split_dns_enabled" \
"rules": [ '.dns.rules = [
{
"query_type": [
"HTTPS"
],
"action": "reject"
},
{ {
"domain_suffix": [ "query_type": [
"use-application-dns.net" "HTTPS"
], ],
"action": "reject" "action": "reject"
}, },
{ {
"server": "fakeip-server", "domain_suffix": [
"domain": "", "use-application-dns.net"
"rewrite_ttl": ($ttl | tonumber), ],
"rule_set": [] "action": "reject"
},
{
"server": "fakeip-server",
"domain": "",
"rewrite_ttl": ($ttl | tonumber),
"rule_set": []
} }
] ]
}' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG + (
if $split_dns_enabled == 1 then
[{
"server": "dns-server",
"domain": "",
"invert": true,
"rule_set": []
}]
else []
end
)' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_dns_rule_fakeip_section() { sing_box_dns_rule_fakeip_section() {
@@ -882,7 +963,7 @@ sing_box_dns_rule_fakeip_section() {
jq \ jq \
--arg rule_set "$rule_set" \ --arg rule_set "$rule_set" \
'.dns.rules |= map( '.dns.rules |= map(
if .server == "fakeip-server" then if (.server == "fakeip-server" or (.server == "dns-server" and .invert == true)) then
if any(.rule_set[]?; . == $rule_set) then if any(.rule_set[]?; . == $rule_set) then
. .
else else
@@ -891,7 +972,7 @@ sing_box_dns_rule_fakeip_section() {
else else
. .
end end
)' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" )' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_cache_file() { sing_box_cache_file() {
@@ -907,7 +988,7 @@ sing_box_cache_file() {
"store_fakeip": true, "store_fakeip": true,
"path": $cache_file "path": $cache_file
} }
}' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_outdound() { sing_box_outdound() {
@@ -990,7 +1071,7 @@ sing_box_outbound_interface() {
[{"tag": $section, "type": "direct", "bind_interface": $interface}] [{"tag": $section, "type": "direct", "bind_interface": $interface}]
else [] end else [] end
) )
)' "$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" )' "$SING_BOX_CONFIG" | build_sing_box_config
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
log "Config updated successfully" log "Config updated successfully"
@@ -1018,7 +1099,7 @@ sing_box_rule_dns() {
} }
], ],
"auto_detect_interface": true "auto_detect_interface": true
}' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }' "$SING_BOX_CONFIG" | build_sing_box_config
} }
sing_box_config_check() { sing_box_config_check() {
@@ -1050,7 +1131,7 @@ sing_box_config_outbound_json() {
[$outbound] [$outbound]
else [] end else [] end
) )
)' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG )' "$SING_BOX_CONFIG" | build_sing_box_config
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
log "Outbound config updated successfully" log "Outbound config updated successfully"
@@ -1113,7 +1194,7 @@ sing_box_config_shadowsocks() {
} + (if $ss_uot == 1 then { "udp_over_tcp": { "enabled": true, "version": 2 } } else {} end)] } + (if $ss_uot == 1 then { "udp_over_tcp": { "enabled": true, "version": 2 } } else {} end)]
else [] end else [] end
) )
)' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG )' "$SING_BOX_CONFIG" | build_sing_box_config
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
log "Config Shadowsocks updated successfully" log "Config Shadowsocks updated successfully"
@@ -1239,7 +1320,7 @@ sing_box_config_vless() {
else . end else . end
else . end else . end
) )
else . end' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG else . end' "$SING_BOX_CONFIG" | build_sing_box_config
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
@@ -1275,7 +1356,7 @@ sing_box_ruleset_domains() {
else else
. .
end end
' /etc/sing-box/config.json > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json ' "$SING_BOX_CONFIG" | build_sing_box_config
log "$domain added to the list for tag $tag" log "$domain added to the list for tag $tag"
else else
@@ -1294,7 +1375,7 @@ sing_box_ruleset_domains() {
} }
] ]
} }
]' /etc/sing-box/config.json > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json ]' "$SING_BOX_CONFIG" | build_sing_box_config
log "$domain added as a new rule set for tag $tag" log "$domain added as a new rule set for tag $tag"
fi fi
@@ -1326,7 +1407,7 @@ sing_box_ruleset_subnets() {
else else
. .
end end
' /etc/sing-box/config.json > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json ' "$SING_BOX_CONFIG" | build_sing_box_config
log "$subnet added to the list for tag $tag" log "$subnet added to the list for tag $tag"
else else
@@ -1345,7 +1426,7 @@ sing_box_ruleset_subnets() {
} }
] ]
} }
]' /etc/sing-box/config.json > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json ]' "$SING_BOX_CONFIG" | build_sing_box_config
log "$subnet added as a new rule set for tag $tag" log "$subnet added as a new rule set for tag $tag"
fi fi
@@ -1428,7 +1509,7 @@ sing_box_ruleset_remote() {
} + } +
(if $detour == "1" then {"download_detour": "main"} else {} end) (if $detour == "1" then {"download_detour": "main"} else {} end)
) )
]' "$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" ]' "$SING_BOX_CONFIG" | build_sing_box_config
log "Added new ruleset with tag $tag" log "Added new ruleset with tag $tag"
fi fi
@@ -1502,7 +1583,7 @@ sing_box_rules() {
jq \ jq \
--arg rule_set "$rule_set" \ --arg rule_set "$rule_set" \
'(.route.rules[] | select(.inbound == ["tproxy-in"] and .action == "reject") .rule_set) += [$rule_set]' \ '(.route.rules[] | select(.inbound == ["tproxy-in"] and .action == "reject") .rule_set) += [$rule_set]' \
"$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" "$SING_BOX_CONFIG" | build_sing_box_config
else else
# If there is no rule for reject, create a new one with rule_set # If there is no rule for reject, create a new one with rule_set
jq \ jq \
@@ -1511,7 +1592,7 @@ sing_box_rules() {
"inbound": ["tproxy-in"], "inbound": ["tproxy-in"],
"rule_set": [$rule_set], "rule_set": [$rule_set],
"action": "reject" "action": "reject"
}]' "$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" }]' "$SING_BOX_CONFIG" | build_sing_box_config
fi fi
return return
else else
@@ -1525,7 +1606,7 @@ sing_box_rules() {
--arg rule_set "$rule_set" \ --arg rule_set "$rule_set" \
--arg outbound "$outbound" \ --arg outbound "$outbound" \
'(.route.rules[] | select(.outbound == $outbound and .inbound == ["tproxy-in"]) .rule_set) += [$rule_set]' \ '(.route.rules[] | select(.outbound == $outbound and .inbound == ["tproxy-in"]) .rule_set) += [$rule_set]' \
"$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" "$SING_BOX_CONFIG" | build_sing_box_config
else else
# If there is no rule for tproxy-in, create a new one with rule_set # If there is no rule for tproxy-in, create a new one with rule_set
jq \ jq \
@@ -1536,7 +1617,7 @@ sing_box_rules() {
"rule_set": [$rule_set], "rule_set": [$rule_set],
"outbound": $outbound, "outbound": $outbound,
"action": "route" "action": "route"
}]' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" }]' "$SING_BOX_CONFIG" | build_sing_box_config
fi fi
fi fi
} }
@@ -1554,7 +1635,7 @@ sing_box_quic_reject() {
. + [$rule] . + [$rule]
end end
) )
)' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" )' "$SING_BOX_CONFIG" | build_sing_box_config
log "QUIC reject rule added successfully" log "QUIC reject rule added successfully"
fi fi
@@ -1737,7 +1818,7 @@ sing_box_rules_source_ip_cidr() {
--arg source_ip_cidr "$source_ip_cidr" \ --arg source_ip_cidr "$source_ip_cidr" \
--arg outbound "$outbound" \ --arg outbound "$outbound" \
'(.route.rules[] | select(.outbound == $outbound and .action == "route" and (.rule_set | not)) | .source_ip_cidr) += [$source_ip_cidr]' \ '(.route.rules[] | select(.outbound == $outbound and .action == "route" and (.rule_set | not)) | .source_ip_cidr) += [$source_ip_cidr]' \
$SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG "$SING_BOX_CONFIG" | build_sing_box_config
else else
jq \ jq \
--arg source_ip_cidr "$source_ip_cidr" \ --arg source_ip_cidr "$source_ip_cidr" \
@@ -1749,7 +1830,7 @@ sing_box_rules_source_ip_cidr() {
"outbound": $outbound, "outbound": $outbound,
"action": "route" "action": "route"
} }
] + .route.rules' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG ] + .route.rules' "$SING_BOX_CONFIG" | build_sing_box_config
fi fi
} }
@@ -1775,7 +1856,7 @@ detour_mixed() {
"inbound": [$tag], "inbound": [$tag],
"outbound": $section, "outbound": $section,
"action": "route" "action": "route"
}]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG }]' "$SING_BOX_CONFIG" | build_sing_box_config
} }
## nftables ## nftables
@@ -2348,7 +2429,7 @@ sing_box_add_secure_dns_probe_domain() {
--arg domain "$domain" \ --arg domain "$domain" \
--argjson override_port "$override_port" \ --argjson override_port "$override_port" \
'.dns.rules |= map( '.dns.rules |= map(
if .server == "fakeip-server" then if (.server == "fakeip-server" or (.server == "dns-server" and .invert == true)) then
. + { . + {
"domain": $domain "domain": $domain
} }
@@ -2362,7 +2443,7 @@ sing_box_add_secure_dns_probe_domain() {
"action": "route-options", "action": "route-options",
"override_port": $override_port "override_port": $override_port
} }
]' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG" ]' "$SING_BOX_CONFIG" | build_sing_box_config
log "DNS probe domain ${domain} configured with override to port ${override_port}" log "DNS probe domain ${domain} configured with override to port ${override_port}"
} }
@@ -2461,6 +2542,11 @@ global_check() {
done done
fi fi
if [ -d "/etc/init.d/zapret" ]; then
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "⚠️ Zapret detected"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "➡️ DNS status" print_global "➡️ DNS status"
dns_info=$(check_dns_available) dns_info=$(check_dns_available)