fix shortcut

2025-03-09 15:40:03 +00:00 · 2021-09-25 16:28:12 +08:00 · 2021-09-25 16:28:12 +08:00 · 2096997ef7
commit 2096997ef7
parent f9800379c8
31 changed files with 1015 additions and 673 deletions
--- a/luci-app-turboacc/root/etc/config/turboacc
+++ b/luci-app-turboacc/root/etc/config/turboacc
@ -0,0 +1,10 @@
+
+config turboacc 'config'
+	option sw_flow '1'
+	option hw_flow '1'
+	option sfe_flow '1'
+	option fullcone_nat '1'
+	option bbr_cca '0'
+	option dns_caching '0'
+	option dns_caching_mode '1'
+	option dns_caching_dns '114.114.114.114,114.114.115.115,223.5.5.5,223.6.6.6,180.76.76.76,119.29.29.29,119.28.28.28,1.2.4.8,210.2.4.8'
--- a/luci-app-turboacc/root/etc/init.d/turboacc
+++ b/luci-app-turboacc/root/etc/init.d/turboacc
@ -0,0 +1,345 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2018 Lean <coolsnowwolf@gmail.com>
+# Copyright (C) 2019-2021 Tianling Shen <cnsztl@immortalwrt.org>
+
+START=90
+STOP=10
+
+EXTRA_COMMANDS="check_status"
+EXTRA_HELP="	check_status Check running status of utils"
+
+restart_utils="true"
+
+inital_conf(){
+	config_load "turboacc"
+	config_get "sw_flow" "config" "sw_flow" "0"
+	config_get "hw_flow" "config" "hw_flow" "0"
+	config_get "sfe_flow" "config" "sfe_flow" "0"
+	config_get "bbr_cca" "config" "bbr_cca" "0"
+	config_get "fullcone_nat" "config" "fullcone_nat" "0"
+	config_get "dns_caching" "config" "dns_caching" "0"
+	config_get "dns_caching_mode" "config" "dns_caching_mode" "0"
+	config_get "dns_caching_dns" "config" "dns_caching_dns"
+
+	[ ! -e "/lib/modules/$(uname -r)/xt_FLOWOFFLOAD.ko" ] && { sw_flow="0"; hw_flow="0"; }
+	[ ! -e "/lib/modules/$(uname -r)/shortcut-fe-cm.ko" ] && sfe_flow="0"
+	[ ! -e "/lib/modules/$(uname -r)/tcp_bbr.ko" ] && bbr_cca="0"
+	[ ! -e "/lib/modules/$(uname -r)/xt_FULLCONENAT.ko" ] && fullcone_nat="0"
+}
+
+start_pdnsd() {
+	[ -d "/var/run/dnscache" ] || mkdir -p "/var/run/dnscache"
+	cat > "/var/run/dnscache/dnscache.conf" <<EOF
+global {
+    perm_cache=1024;        # dns缓存大小，单位KB，建议不要写的太大
+    cache_dir="/var/dnscache";     # 缓存文件的位置
+    pid_file = /var/run/dnscache.pid;
+    server_ip = 127.0.0.1;        # pdnsd监听的网卡，0.0.0.0是全部网卡
+    server_port=5333;           # pdnsd监听的端口，不要和别的服务冲突即可
+    status_ctl = on;
+    paranoid=on;                  # 二次请求模式，如果请求主DNS服务器返回的是垃圾地址，就向备用服务器请求
+    query_method=udp_only;
+    neg_domain_pol = off;
+    par_queries = 400;          # 最多同时请求数
+    min_ttl = 1h;               # DNS结果最短缓存时间
+    max_ttl = 1w;               # DNS结果最长缓存时间
+    timeout = 10;               # DNS请求超时时间，单位秒
+}
+
+server {
+    label = "routine";
+    ip = ${dns_caching_dns};     # 这里为主要上级 dns 的 ip 地址，建议填写一个当地最快的DNS地址
+    timeout = 5;              # DNS请求超时时间
+    reject = 74.125.127.102,  # 以下是脏IP，也就是DNS污染一般会返回的结果，如果收到如下DNS结果会触发二次请求（TCP协议一般不会碰到脏IP）
+        74.125.155.102,
+        74.125.39.102,
+        74.125.39.113,
+        209.85.229.138,
+        128.121.126.139,
+        159.106.121.75,
+        169.132.13.103,
+        192.67.198.6,
+        202.106.1.2,
+        202.181.7.85,
+        203.161.230.171,
+        203.98.7.65,
+        207.12.88.98,
+        208.56.31.43,
+        209.145.54.50,
+        209.220.30.174,
+        209.36.73.33,
+        211.94.66.147,
+        213.169.251.35,
+        216.221.188.182,
+        216.234.179.13,
+        243.185.187.39,
+        37.61.54.158,
+        4.36.66.178,
+        46.82.174.68,
+        59.24.3.173,
+        64.33.88.161,
+        64.33.99.47,
+        64.66.163.251,
+        65.104.202.252,
+        65.160.219.113,
+        66.45.252.237,
+        69.55.52.253,
+        72.14.205.104,
+        72.14.205.99,
+        78.16.49.15,
+        8.7.198.45,
+        93.46.8.89,
+        37.61.54.158,
+        243.185.187.39,
+        190.93.247.4,
+        190.93.246.4,
+        190.93.245.4,
+        190.93.244.4,
+        65.49.2.178,
+        189.163.17.5,
+        23.89.5.60,
+        49.2.123.56,
+        54.76.135.1,
+        77.4.7.92,
+        118.5.49.6,
+        159.24.3.173,
+        188.5.4.96,
+        197.4.4.12,
+        220.250.64.24,
+        243.185.187.30,
+        249.129.46.48,
+        253.157.14.165;
+    reject_policy = fail;
+}
+
+server {
+    label = "special";                  # 这个随便写
+    ip = 117.50.10.10,52.80.52.52,119.29.29.29; # 这里为备用DNS服务器的 ip 地址
+    port = 5353;                        # 推荐使用53以外的端口（DNS服务器必须支持
+    proxy_only = on;
+    timeout = 5;
+}
+
+source {
+	owner=localhost;
+//	serve_aliases=on;
+	file="/etc/hosts";
+}
+
+rr {
+	name=localhost;
+	reverse=on;
+	a=127.0.0.1;
+	owner=localhost;
+	soa=localhost,root.localhost,42,86400,900,86400,86400;
+}
+EOF
+
+	if [ ! -f "/var/dnscache/pdnsd.cache" ]; then
+		mkdir -p "/var/dnscache"
+		echo -ne "pd13\000\000\000\000" > "/var/dnscache/pdnsd.cache"
+		chown -R nobody.nogroup "/var/dnscache"
+	fi
+
+	[ -d "/var/sbin" ] || mkdir -p "/var/sbin"
+	cp -a "/usr/sbin/pdnsd" "/var/sbin/dnscache"
+	/var/sbin/dnscache -c "/var/run/dnscache/dnscache.conf" > "/var/log/dnscache.file" 2>&1 &
+	echo "PDNSD: Start DNS Caching"
+}
+
+start_dnsforwarder() {
+	mkdir -p "/var/run/dnscache"
+	cat > "/var/run/dnscache/dnscache.conf" <<EOF
+LogOn false
+LogFileThresholdLength 102400
+LogFileFolder /var/run/dnscache
+UDPLocal 127.0.0.1:5333
+UDPGroup ${dns_caching_dns} * on
+GroupFile
+BlockIP 243.185.187.39,46.82.174.68,37.61.54.158,93.46.8.89,59.24.3.173,203.98.7.65,8.7.198.45,78.16.49.15,159.106.121.75,69.63.187.12,31.13.76.8,31.13.64.49
+IPSubstituting
+BlockNegativeResponse false
+Hosts
+HostsUpdateInterval 18000
+HostsDownloadPath
+HostsScript
+HostsRetryInterval 30
+AppendHosts
+BlockIpv6WhenIpv4Exists false
+UseCache true
+CacheSize 1048576
+MemoryCache true
+CacheFile
+IgnoreTTL false
+OverrideTTL -1
+MultipleTTL 1
+ReloadCache false
+OverwriteCache false
+DisabledType
+DisabledDomain
+DisabledList
+DomainStatistic false
+DomainStatisticTempletFile
+StatisticUpdateInterval 29
+EOF
+
+	[ -d "/var/sbin" ] || mkdir -p "/var/sbin"
+	cp -a "/usr/bin/dnsforwarder" "/var/sbin/dnscache"
+	/var/sbin/dnscache -f "/var/run/dnscache/dnscache.conf" > "/var/log/dnscache.file" 2>&1 &
+	echo "DnsForwarder: Start DNS Caching"
+
+}
+
+start_dnsproxy() {
+	[ -d "/var/run/dnscache" ] || mkdir -p "/var/run/dnscache"
+	echo -e "${dns_caching_dns//,/\\n}" > "/var/run/dnscache/dnscache.conf"
+
+	[ -d "/var/sbin" ] || mkdir -p "/var/sbin"
+	cp -a "/usr/bin/dnsproxy" "/var/sbin/dnscache"
+	/var/sbin/dnscache -l "127.0.0.1" -p "5333" -b "tls://9.9.9.9" -f "tls://8.8.8.8" -u "/var/run/dnscache/dnscache.conf" --all-servers --cache --cache-min-ttl=3600 > "/var/log/dnscache.file" 2>&1 &
+	echo "DNSProxy: Start DNS Caching"
+}
+
+stop_dnscache() {
+	killall -9 "dnscache"
+	kill -9 $(ps | grep dnscache-while.sh | grep -v "grep" | awk '{print $1}')
+	rm -rf "/var/dnscache" "/var/run/dnscache"
+	echo "Stop DNS Caching"
+}
+
+change_dns() {
+ 	uci -q delete dhcp.@dnsmasq[0].server
+	uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#5333"
+	uci set dhcp.@dnsmasq[0].noresolv="1"
+	uci commit dhcp
+
+}
+
+revert_dns() {
+	uci -q del_list dhcp.@dnsmasq[0].server="127.0.0.1#5333"
+	uci set dhcp.@dnsmasq[0].resolvfile="/tmp/resolv.conf.d/resolv.conf.auto"
+	uci set dhcp.@dnsmasq[0].noresolv="0"
+	uci commit dhcp
+}
+
+start(){
+	inital_conf
+
+	uci set firewall.@defaults[0].flow_offloading="${sw_flow}"
+	uci set firewall.@defaults[0].flow_offloading_hw="${hw_flow}"
+	uci set firewall.@defaults[0].fullcone="${fullcone_nat}"
+	uci commit firewall
+
+	[ "${sw_flow}" -ne "1" ] && [ "${sfe_flow}" -eq "1" ] && {
+		[ "$(have_ecm_init)" = "0" ] && {
+			/etc/init.d/shortcut-fe enabled || /etc/init.d/shortcut-fe enable
+			/etc/init.d/shortcut-fe start
+		}
+	}
+
+	if [ "${bbr_cca}" -eq "1" ];  then
+		sysctl -w net.ipv4.tcp_congestion_control="bbr"
+	else
+		sysctl -w net.ipv4.tcp_congestion_control="cubic"
+	fi	
+
+	if [ "${dns_caching}" -eq "1" ];  then
+		stop_dnscache
+		sleep 1
+
+		rm -f "/var/log/dnscache.file"
+		if [ "${dns_caching_mode}" = "1" ];  then
+			start_pdnsd
+		elif [ "${dns_caching_mode}" = "2" ];  then
+			start_dnsforwarder
+		elif [ "${dns_caching_mode}" = "3" ];  then
+			start_dnsproxy
+		fi
+
+		change_dns
+		/usr/share/dnscache/dnscache-while.sh > "/var/log/dnscache.file" 2>&1 &
+	else
+		stop_dnscache
+		revert_dns
+	fi
+
+	if [ "${restart_utils}" = "true" ]; then
+		/etc/init.d/dnsmasq restart >"/dev/null" 2>&1 && echo "DNSMASQ change"
+		/etc/init.d/firewall restart >"/dev/null" 2>&1
+	fi
+}
+
+stop(){
+	inital_conf
+
+	uci set firewall.@defaults[0].flow_offloading="${sw_flow}"
+	uci set firewall.@defaults[0].flow_offloading_hw="${hw_flow}"
+	uci set firewall.@defaults[0].fullcone="${fullcone_nat}"
+	uci commit firewall
+
+	[ "${sfe_flow}" -ne "1" ] && {
+		[ -e "/etc/init.d/shortcut-fe" ] && [ "$(have_ecm_init)" = "0" ] && {
+			/etc/init.d/shortcut-fe stop 2>"/dev/null"
+			/etc/init.d/shortcut-fe enabled && /etc/init.d/shortcut-fe disable
+		}
+	}
+
+	stop_dnscache
+	revert_dns
+
+	if [ "${restart_utils}" = "true" ]; then
+		/etc/init.d/dnsmasq restart >"/dev/null" 2>&1 && echo "DNSMASQ revert"
+		/etc/init.d/firewall restart >"/dev/null" 2>&1
+	fi
+}
+
+restart(){
+	restart_utils="false"
+	stop
+	start
+	/etc/init.d/dnsmasq restart >"/dev/null" 2>&1 && echo "DNSMASQ restart"
+	/etc/init.d/firewall restart >"/dev/null" 2>&1
+}
+
+have_ecm_init() {
+	[ -d "/etc/init.d/qca-nss-ecm" ] && echo 1 && return
+	echo 0
+}
+
+check_status(){
+	case "$1" in
+	"fastpath")
+		if [ "$(cat "/sys/module/xt_FLOWOFFLOAD/refcnt" 2>"/dev/null" || echo 0)" -ne "0" ]; then
+			echo -n "Flow Offloading"
+			exit 0
+		elif lsmod | grep -q "ecm"; then
+			if lsmod | grep -q "shortcut_fe_drv"; then
+				echo -n "QCA-NSS-ECM-SFE"
+				exit 0
+			else
+				echo -n "QCA-NSS-ECM"
+				exit 0
+			fi
+		elif lsmod | grep -q "shortcut_fe_cm"; then
+			echo -n "Shortcut-FE"
+			exit 0
+		else
+			exit 1
+		fi
+		;;
+	"fullconenat")
+		[ "$(cat "/sys/module/xt_FULLCONENAT/refcnt" 2>"/dev/null" || echo 0)" -ne "0" ] && \
+			exit 0 || exit 1
+		;;
+	"bbr")
+		[ "x$(cat "/proc/sys/net/ipv4/tcp_congestion_control" 2>"/dev/null")" = "xbbr" ] && \
+			exit 0 || exit 1
+		;;
+	"dns")
+		pgrep "dnscache" >"/dev/null" && exit 0 || exit 1
+		;;
+	*)
+		exit 2
+		;;
+	esac
+}
--- a/luci-app-turboacc/root/etc/uci-defaults/luci-turboacc
+++ b/luci-app-turboacc/root/etc/uci-defaults/luci-turboacc
@ -0,0 +1,10 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@turboacc[-1]
+	add ucitrack turboacc
+	set ucitrack.@turboacc[-1].init=turboacc
+	commit ucitrack
+EOF
+
+exit 0
--- a/luci-app-turboacc/root/usr/share/dnscache/dnscache-while.sh
+++ b/luci-app-turboacc/root/usr/share/dnscache/dnscache-while.sh
@ -0,0 +1,38 @@
+#!/bin/sh
+
+sleeptime=60
+
+dnsconf="/var/run/dnscache/dnscache.conf"
+dnsprogram="/var/sbin/dnscache"
+logfile="/var/log/dnscache.file"
+
+dns_caching="$(uci -q get turboacc.config.dns_caching)"
+dns_caching_mode="$(uci -q get turboacc.config.dns_caching_mode)"
+
+clean_log() {
+	logrow="$(grep -c "" "${logfile}")"
+	[ "${logrow}" -lt "500" ] || echo "${curtime} Log 条数超限，清空处理！" > "${logfile}"
+}
+
+while [ "${dns_caching}" -eq "1" ];
+do
+	curtime="$(date "+%H:%M:%S")"
+
+	clean_log
+
+	if pidof dnscache > "/dev/null"; then
+		echo -e "${curtime} online!" >> "${logfile}"
+	else
+		if [ "${dns_caching_mode}" = "1" ]; then
+			${dnsprogram} -c "${dnsconf}" > "${logfile}" 2>&1 &
+		elif [ "${dns_caching_mode}" = "2" ]; then
+			${dnsprogram} -f "${dnsconf}" > "${logfile}" 2>&1 &
+		elif [ "${dns_caching_mode}" = "3" ]; then
+			${dnsprogram} -o "${logfile}" -l "127.0.0.1" -p "5333" -b "tls://9.9.9.9" -f "tls://8.8.8.8" -u "${dnsconf}" --all-servers --cache --cache-min-ttl=3600 > "${logfile}" 2>&1 &
+		fi
+		echo "${curtime} 重启服务！" >> ${logfile}
+	fi
+
+	sleep "${sleeptime}"
+	continue
+done