luci: add ip-rules tab page.

package/luci/files/luci/i18n/smartdns.zh-cn.po

@@ -6,6 +6,10 @@ msgid ""
 "Additional Flags for rules, read help on domain-rule for more information."
 msgstr "额外的规则标识，具体参考domain-rule的帮助说明。"
 
+msgid ""
+"Additional Flags for rules, read help on ip-rule for more information."
+msgstr "额外的规则标识，具体参考ip-rule的帮助说明。"
+
 msgid "Additional Rule Flag"
 msgstr "额外规则标识"
 
@@ -29,12 +33,21 @@ msgstr "自动设置Dnsmasq"
 msgid "Automatically set as upstream of dnsmasq when port changes."
 msgstr "端口更改时自动设为 dnsmasq 的上游。"
 
+msgid "Blacklist IP"
+msgstr "黑名单"
+
+msgid "Blacklist IP Rule, Decline IP addresses within the range."
+msgstr "黑名单规则，拒绝指定范围的IP地址。"
+
 msgid "Bind Device"
 msgstr "绑定到设备"
 
 msgid "Bind Device Name"
 msgstr "绑定的设备名称"
 
+msgid "Bogus nxdomain"
+msgstr "假冒IP"
+
 msgid "Block domain"
 msgstr "屏蔽域名"
 
@@ -64,9 +77,15 @@ msgstr "配置域名规则列表"
 msgid "Configure forwarding domain name list."
 msgstr "配置分流域名列表"
 
+msgid "Configure ip rule list."
+msgstr "配置IP规则列表"
+
 msgid "Custom Settings"
 msgstr "自定义设置"
 
+msgid "Do not use these IP addresses."
+msgstr "忽略这些IP地址"
+
 msgid "DNS Block Setting"
 msgstr "域名屏蔽设置"
 
@@ -289,6 +308,30 @@ msgstr "IP黑名单过滤"
 msgid "IPV6 Server"
 msgstr "IPV6服务器"
 
+msgid "IP alias"
+msgstr "IP别名"
+
+msgid "IP Addresses"
+msgstr "IP地址"
+
+msgid "IP Address Mapping, Can be used for CDN acceleration with Anycast IP, such as Cloudflare's CDN."
+msgstr "IP地址映射，可用于支持AnyCast IP的CDN加速，比如Cloudflare的CDN。"
+
+msgid "Ignore IP"
+msgstr "忽略IP"
+
+msgid "IP Rule List"
+msgstr "IP规则列表"
+
+msgid "IP Rule Name"
+msgstr "IP规则名称"
+
+msgid "IP Set File"
+msgstr "IP集合列表文件"
+
+msgid "IP addresses, CIDR format."
+msgstr "IP地址，CIDR格式。"
+
 msgid "IPset Name"
 msgstr "IPset名称"
 
@@ -413,6 +456,9 @@ msgstr "设置返回给客户端的域名TTL最大值。"
 msgid "Report bugs"
 msgstr "报告BUG"
 
+msgid "Return SOA when the requested result contains a specified IP address."
+msgstr "当结果包含对应范围的IP时，返回SOA。"
+
 msgid "Resolve Local Hostnames"
 msgstr "解析本地主机名"
 
@@ -452,6 +498,9 @@ msgstr "设置指定域名的规则列表。"
 msgid "Set Specific ip blacklist."
 msgstr "设置指定的 IP 黑名单列表。"
 
+msgid "Set Specific ip rule list."
+msgstr "设置对应IP的规则。"
+
 msgid "Set TLS hostname to verify."
 msgstr "设置校验TLS主机名。"
 
@@ -608,6 +657,9 @@ msgstr "上传域名列表文件，或在下载文件设置页面设置自动下
 msgid "Upload domain list file."
 msgstr "上传域名列表文件"
 
+msgid "Upload IP set file."
+msgstr "上传IP集合列表文件。"
+
 msgid "Upload smartdns config file to /etc/smartdns/conf.d"
 msgstr "上传配置文件到/etc/smartdns/conf.d"
 
@@ -635,6 +687,12 @@ msgstr ""
 "用于校验 TLS 服务器的有效性，数值为 Base64 编码的 SPKI 指纹，留空表示不验证 "
 "TLS 的合法性。"
 
+msgid "Whitelist IP"
+msgstr "白名单"
+
+msgid "Whitelist IP Rule, Accept IP addresses within the range."
+msgstr "白名单规则，接受指定范围的IP地址。"
+
 msgid "Write cache to disk on exit and load on startup."
 msgstr "退出时保存cache到磁盘，启动时加载。"
 

package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js

@@ -850,6 +850,7 @@ return view.extend({
 		s.tab("forwarding", _('DNS Forwarding Setting'));
 		s.tab("block", _("DNS Block Setting"));
 		s.tab("domain-rule-list", _("Domain Rule List"), _("Set Specific domain rule list."));
+		s.tab("ip-rule-list", _("IP Rule List"), _("Set Specific ip rule list."));
 		s.tab("domain-address", _("Domain Address"), _("Set Specific domain ip address."));
 		s.tab("blackip-list", _("IP Blacklist"), _("Set Specific ip blacklist."));
 
@@ -1177,6 +1178,72 @@ return view.extend({
 			});
 		};
 
+		///////////////////////////////////////
+		// ip rule list;
+		///////////////////////////////////////
+		o = s.taboption('ip-rule-list', form.SectionValue, '__ip-rule-list__', form.GridSection, 'ip-rule-list', _('IP Rule List'),
+			_('Configure ip rule list.'));
+
+		ss = o.subsection;
+
+		ss.addremove = true;
+		ss.anonymous = true;
+		ss.sortable = true;
+
+		// enable flag;
+		so = ss.option(form.Flag, "enabled", _("Enable"), _("Enable"));
+		so.rmempty = false;
+		so.default = so.enabled;
+		so.editable = true;
+
+		// name;
+		so = ss.option(form.Value, "name", _("IP Rule Name"), _("IP Rule Name"));
+		so.rmempty = true;
+		so.datatype = "string";
+
+		so = ss.option(form.FileUpload, "ip_set_file", _("IP Set File"), _("Upload IP set file."));
+		so.rmempty = true
+		so.datatype = "file"
+		so.modalonly = true;
+		so.root_directory = "/etc/smartdns/ip-set"
+
+		so = ss.option(form.DynamicList, "ip_addr", _("IP Addresses"), _("IP addresses, CIDR format."));
+		so.rmempty = true;
+		so.datatype = "ipaddr"
+		so.modalonly = true;
+
+		so = ss.option(form.Flag, "whitelist_ip", _("Whitelist IP"), _("Whitelist IP Rule, Accept IP addresses within the range."));
+		so.rmempty = true;
+		so.default = so.disabled;
+		so.modalonly = true;
+
+		so = ss.option(form.Flag, "blacklist_ip", _("Blacklist IP"), _("Blacklist IP Rule, Decline IP addresses within the range."));
+		so.rmempty = true;
+		so.default = so.disabled;
+		so.modalonly = true;
+
+		so = ss.option(form.Flag, "ignore_ip", _("Ignore IP"), _("Do not use these IP addresses."));
+		so.rmempty = true;
+		so.default = so.disabled;
+		so.modalonly = true;
+
+		so = ss.option(form.Flag, "bogus_nxdomain", _("Bogus nxdomain"), _("Return SOA when the requested result contains a specified IP address."));
+		so.rmempty = true;
+		so.default = so.disabled;
+		so.modalonly = true;
+
+		so = ss.option(form.DynamicList, "ip_alias", _("IP alias"), _("IP Address Mapping, Can be used for CDN acceleration with Anycast IP, such as Cloudflare's CDN."));
+		so.rmempty = true;
+		so.datatype = 'ipaddr("nomask")';
+		so.modalonly = true;
+
+		// other args
+		so = ss.option(form.Value, "addition_flag", _("Additional Rule Flag"),
+			_("Additional Flags for rules, read help on ip-rule for more information."))
+		so.default = ""
+		so.rempty = true
+		so.modalonly = true;
+
 		////////////////
 		// Support
 		////////////////

package/openwrt/Makefile

@@ -50,7 +50,7 @@ endef
 
 define Package/smartdns/install
 	$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d 
-	$(INSTALL_DIR) $(1)/etc/smartdns $(1)/etc/smartdns/domain-set $(1)/etc/smartdns/conf.d/
+	$(INSTALL_DIR) $(1)/etc/smartdns $(1)/etc/smartdns/domain-set $(1)/etc/smartdns/conf.d/ $(1)/etc/smartdns/ip-set
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/smartdns $(1)/usr/sbin/smartdns
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/package/openwrt/files/etc/init.d/smartdns $(1)/etc/init.d/smartdns
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/address.conf $(1)/etc/smartdns/address.conf

package/openwrt/files/etc/init.d/smartdns

@@ -362,6 +362,52 @@ load_domain_rule_list()
 	conf_append "domain-rules" "/domain-set:domain-rule-list-${domain_set_name}/ $domain_set_args"	
 }
 
+ip_rule_addr_append()
+{
+	conf_append "ip-rules" "$1 $IP_set_args"
+}
+
+load_IP_rule_list()
+{
+	local section="$1"
+	local IP_set_args=""
+	local IP_set_name="$section"
+
+	config_get_bool enabled "$section" "enabled" "0"
+	[ "$enabled" != "1" ] && return
+
+	config_get ip_set_file "$section" "ip_set_file" ""
+
+	config_get_bool whitelist_ip "$section" "whitelist_ip" "0"
+	[ "$whitelist_ip" = "1" ] && IP_set_args="$IP_set_args -whitelist-ip"
+
+	config_get_bool blacklist_ip "$section" "blacklist_ip" "0"
+	[ "$blacklist_ip" = "1" ] && IP_set_args="$IP_set_args -blacklist-ip"
+
+	config_get_bool ignore_ip "$section" "ignore_ip" "0"
+	[ "$ignore_ip" = "1" ] && IP_set_args="$IP_set_args -ignore-ip"
+
+	config_get_bool bogus_nxdomain "$section" "bogus_nxdomain" "0"
+	[ "$bogus_nxdomain" = "1" ] && IP_set_args="$IP_set_args -bogus-nxdomain"
+
+	config_get ip_alias "$section" "ip_alias" ""
+	[ ! -z "$ip_alias" ] && {
+		ip_alias="$(echo "$ip_alias" | sed 's/ /,/g')"
+		IP_set_args="$IP_set_args -ip-alias $ip_alias"
+	}
+
+	config_get addition_flag "$section" "addition_flag" ""
+	[ ! -z "$addition_flag" ] && IP_set_args="$IP_set_args $addition_flag"
+	[ -z "$IP_set_args" ] && return
+
+	[ ! -z "$ip_set_file" ] && [ -e "$ip_set_file" ] && {
+		conf_append "ip-set" "-name ip-rule-list-file-${section} -file '$ip_set_file'"
+		conf_append "ip-rules" "ip-set:ip-rule-list-file-${section} $IP_set_args"
+	}
+
+	config_list_foreach "$section" "ip_addr" ip_rule_addr_append
+}
+
 conf_append_bind()
 {
 	local ADDR=""
@@ -667,6 +713,8 @@ load_service()
 
 	config_foreach load_domain_rule_list "domain-rule-list"
 
+	config_foreach load_IP_rule_list "ip-rule-list"
+
 	{
 		echo "conf-file $ADDRESS_CONF"
 		echo "conf-file $BLACKLIST_IP_CONF"

package/openwrt/make.sh

@@ -48,6 +48,7 @@ build()
 	mkdir $ROOT/root/etc/init.d -p
 	mkdir $ROOT/root/etc/smartdns/ -p
 	mkdir $ROOT/root/etc/smartdns/domain-set/ -p 
+	mkdir $ROOT/root/etc/smartdns/ip-set/ -p 
 	mkdir $ROOT/root/etc/smartdns/conf.d/ -p 
 
 	cp $SMARTDNS_CONF  $ROOT/root/etc/smartdns/