smartdns/package/openwrt/files/etc/init.d/smartdns

#!/bin/sh /etc/rc.common
# Copyright (C) 2018 Nick Peng ([email protected])

START=99
NAME=smartdns
USE_PROCD=1
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
SERVICE_PID_FILE="/var/run/smartdns.pid"
BASECONFIGFILE="/etc/smartdns/smartdns.conf"
SMARTDNS_CONF_DIR="/etc/smartdns"
SMARTDNS_VAR_CONF_DIR="/var/etc/smartdns"
SMARTDNS_CONF="$SMARTDNS_VAR_CONF_DIR/smartdns.conf"
ADDRESS_CONF="$SMARTDNS_CONF_DIR/address.conf"
BLACKLIST_IP_CONF="$SMARTDNS_CONF_DIR/blacklist-ip.conf"
CUSTOM_CONF="$SMARTDNS_CONF_DIR/custom.conf"
SMARTDNS_CONF_TMP="${SMARTDNS_CONF}.tmp"
COREDUMP="0"
RESPAWN="1"

set_forward_dnsmasq()
{
	local PORT="$1"
	addr="127.0.0.1#$PORT"
	OLD_SERVER="`uci get dhcp.@dnsmasq[0].server 2>/dev/null`"
	echo $OLD_SERVER | grep "^$addr" >/dev/null 2>&1
	if [ $? -eq 0 ]; then
		return
	fi
	uci delete dhcp.@dnsmasq[0].server 2>/dev/null
	uci add_list dhcp.@dnsmasq[0].server=$addr
	for server in $OLD_SERVER; do
		if [ "$server" = "$addr" ]; then
			continue
		fi
		uci add_list dhcp.@dnsmasq[0].server=$server
	done
	uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null
	uci set dhcp.@dnsmasq[0].noresolv=1
	uci commit dhcp 
	/etc/init.d/dnsmasq restart
}

stop_forward_dnsmasq()
{
	local OLD_PORT="$1"
	addr="127.0.0.1#$OLD_PORT"
	OLD_SERVER="`uci get dhcp.@dnsmasq[0].server 2>/dev/null`"
	echo $OLD_SERVER | grep "^$addr" >/dev/null 2>&1
	if [ $? -ne 0 ]; then
		return
	fi

	uci del_list dhcp.@dnsmasq[0].server=$addr 2>/dev/null
	addrlist="`uci get dhcp.@dnsmasq[0].server 2>/dev/null`"
	if [ -z "$addrlist" ] ; then
		uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto 2>/dev/null
		uci delete dhcp.@dnsmasq[0].noresolv 2>/dev/null
	fi
	uci commit dhcp
	/etc/init.d/dnsmasq restart
}

set_iptable()
{
	local ipv6_server=$1
	local tcp_server=$2

	IPS="`ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F : '{print $2}'`"
	for IP in $IPS
	do
		if [ "$tcp_server" == "1" ]; then
			iptables -t nat -A PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT >/dev/null 2>&1
		fi
		iptables -t nat -A PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT >/dev/null 2>&1
	done

	if [ "$ipv6_server" == 0 ]; then
		return
	fi

	IPS="`ifconfig | grep "inet6 addr" | grep -v " fe80::" | grep -v " ::1" | grep "Global" | awk '{print $3}'`"
	for IP in $IPS
	do
		if [ "$tcp_server" == "1" ]; then
			ip6tables -t nat -A PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT >/dev/null 2>&1
		fi
		ip6tables -t nat -A PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $SMARTDNS_PORT >/dev/null 2>&1
	done

}

clear_iptable()
{
	local OLD_PORT="$1"
	local ipv6_server=$2
	IPS="`ifconfig | grep "inet addr" | grep -v ":127" | grep "Bcast" | awk '{print $2}' | awk -F : '{print $2}'`"
	for IP in $IPS
	do
		iptables -t nat -D PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $OLD_PORT >/dev/null 2>&1
		iptables -t nat -D PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $OLD_PORT >/dev/null 2>&1
	done

	if [ "$ipv6_server" == 0 ]; then
		return
	fi

	IPS="`ifconfig | grep "inet6 addr" | grep -v " fe80::" | grep -v " ::1" | grep "Global" | awk '{print $3}'`"
	for IP in $IPS
	do
		ip6tables -t nat -D PREROUTING -p udp -d $IP --dport 53 -j REDIRECT --to-ports $OLD_PORT >/dev/null 2>&1
		ip6tables -t nat -D PREROUTING -p tcp -d $IP --dport 53 -j REDIRECT --to-ports $OLD_PORT >/dev/null 2>&1
	done
	
}

service_triggers() {
	procd_add_reload_trigger firewall
	procd_add_reload_trigger smartdns
}


conf_append()
{
	echo "$1 $2" >> $SMARTDNS_CONF_TMP
}

load_server()
{
	local section="$1"
	local ADDITIONAL_ARGS=""
	local DNS_ADDRESS=""

	config_get_bool "enabled" "$section" "enabled" "1"
	config_get "port" "$section" "port" ""
	config_get "type" "$section" "type" "udp"
	config_get "ip" "$section" "ip" ""
	config_get "server_group" "$section" "server_group" ""
	config_get "blacklist_ip" "$section" "blacklist_ip" "0"
	config_get "check_edns" "$section" "check_edns" "0"
	config_get "spki_pin" "$section" "spki_pin" ""
	config_get "addition_arg" "$section" "addition_arg" ""

	if [ "$enabled" = "0" ]; then
		return
	fi

	if [ -z "$ip" ] || [ -z "$type" ]; then
		return
	fi

	SERVER="server"
	if [ "$type" = "tcp" ]; then
		SERVER="server-tcp"
	elif [ "$type" = "tls" ]; then
		SERVER="server-tls"
	elif [ "$type" = "https" ]; then
		SERVER="server-https"
	fi

	if [ ! -z "`echo $ip | grep ":" | grep -v "https://"`" ]; then
		if [ -z "`echo $ip | grep "\["`" ]; then
			ip="[$ip]"
		fi
	fi

	if [ ! -z "$server_group" ]; then
		ADDITIONAL_ARGS="$ADDITIONAL_ARGS -group $server_group"
	fi

	if [ "$blacklist_ip" != "0" ]; then
		ADDITIONAL_ARGS="$ADDITIONAL_ARGS -blacklist-ip"
	fi

	if [ "$check_edns" != "0" ]; then
		ADDITIONAL_ARGS="$ADDITIONAL_ARGS -check-edns"
	fi

	if [ ! -z "$spki_pin" ]; then
		ADDITIONAL_ARGS="$ADDITIONAL_ARGS -spki-pin $spki_pin"
	fi

	if [ ! -z "$port" ]; then
		DNS_ADDRESS="$ip:$port"
	else
		DNS_ADDRESS="$ip"
	fi

	if [ "$type" = "https" ]; then
		DNS_ADDRESS="$ip"
	fi

	conf_append "$SERVER" "$DNS_ADDRESS $ADDITIONAL_ARGS $addition_arg"
}

load_service() {
	local section="$1"
	args=""

	mkdir -p $SMARTDNS_VAR_CONF_DIR
	rm -f $SMARTDNS_CONF_TMP

	config_get_bool "enabled" "$section" "enabled" '0'

	config_get "server_name" "$section" "server_name" ""
	if [ ! -z "$server_name" ]; then
		conf_append "server-name" "$server_name"	
	fi

	config_get "coredump" "$section" "coredump" "0"
	if [ "$coredump" = "1" ]; then
		COREDUMP="1"
	fi

	config_get "port" "$section" "port" "6053"
	config_get "ipv6_server" "$section" "ipv6_server" "1"
	config_get "tcp_server" "$section" "tcp_server" "1"
	if [ "$ipv6_server" = "1" ]; then
		conf_append "bind" "[::]:$port"
	else
		conf_append "bind" ":$port"
	fi

	if [ "$tcp_server" = "1" ]; then
		if [ "$ipv6_server" = "1" ]; then
			conf_append "bind-tcp" "[::]:$port"
		else
			conf_append "bind-tcp" ":$port"
		fi
	fi
	config_get "dualstack_ip_selection" "$section" "dualstack_ip_selection" "0"
	if [ "$dualstack_ip_selection" = "1" ]; then
		conf_append "dualstack-ip-selection" "yes"
	fi

	config_get "prefetch_domain" "$section" "prefetch_domain" "0"
	if [ "$prefetch_domain" = "1" ]; then
		conf_append "prefetch-domain" "yes"
	fi

	SMARTDNS_PORT="$port"

	config_get "cache_size" "$section" "cache_size" ""
	if [ ! -z "$cache_size" ]; then
		conf_append "cache-size" "$cache_size"
	fi

	config_get "rr_ttl" "$section" "rr_ttl" ""
	if [ ! -z "$rr_ttl" ]; then
		conf_append "rr-ttl" "$rr_ttl"
	fi

	config_get "rr_ttl_min" "$section" "rr_ttl_min" ""
	if [ ! -z "$rr_ttl_min" ]; then
		conf_append "rr-ttl-min" "$rr_ttl_min"
	fi

	config_get "rr_ttl_max" "$section" "rr_ttl_max" ""
	if [ ! -z "$rr_ttl_max" ]; then
		conf_append "rr-ttl-max" "$rr_ttl_max"
	fi

	config_get "log_size" "$section" "log_size" "64K"
	if [ ! -z "$log_size" ]; then
		conf_append "log-size" "$log_size"
	fi

	config_get "log_num" "$section" "log_num" "1"
	if [ ! -z "$log_num" ]; then
		conf_append "log-num" "$log_num"
	fi

	config_get "log_level" "$section" "log_level" "error"
	if [ ! -z "$log_level" ]; then
		conf_append "log-level" "$log_level"
	fi

	config_get "log_file" "$section" "log_file" ""
	if [ ! -z "$log_file" ]; then
		conf_append "log-file" "$log_file"
	fi

	config_get "redirect" "$section" "redirect" "none"
	config_get "old_redirect" "$section" "old_redirect" "none"
	config_get "old_port" "$section" "old_port" "0"
	config_get "old_enabled" "$section" "old_enabled" "0"

	if [ "$old_redirect" != "$redirect" ] || [ "$old_port" != "$SMARTDNS_PORT" ] || [ "$old_enabled" = "1" -a "$enabled" = "0" ]; then
		if [ "$old_redirect" != "none" ]; then
			if [ "$old_port" != "0" ]; then
				clear_iptable "$old_port" "$ipv6_server"
			fi
			if [ "$old_redirect" == "dnsmasq-upstream" ]; then
				stop_forward_dnsmasq "$old_port"
			fi
		fi
	fi
	
	uci delete smartdns.@smartdns[0].old_redirect 2>/dev/null
	uci delete smartdns.@smartdns[0].old_port 2>/dev/null
	uci delete smartdns.@smartdns[0].old_enabled 2>/dev/null
	uci add_list smartdns.@smartdns[0].old_redirect="$redirect" 2>/dev/null
	uci add_list smartdns.@smartdns[0].old_port="$SMARTDNS_PORT" 2>/dev/null
	uci add_list smartdns.@smartdns[0].old_enabled="$enabled" 2>/dev/null
	uci commit smartdns

	[ "$enabled" -gt 0 ] || return 1

	if [ "$redirect" = "redirect" ]; then
		set_iptable $ipv6_server $tcp_server
	elif [ "$redirect" = "dnsmasq-upstream" ]; then
		set_forward_dnsmasq "$SMARTDNS_PORT"
	fi

	config_foreach load_server "server"

	echo "conf-file $ADDRESS_CONF" >> $SMARTDNS_CONF_TMP
	echo "conf-file $BLACKLIST_IP_CONF" >> $SMARTDNS_CONF_TMP
	echo "conf-file $CUSTOM_CONF" >> $SMARTDNS_CONF_TMP
	mv $SMARTDNS_CONF_TMP $SMARTDNS_CONF

	procd_open_instance "smartdns"
	if [ "$COREDUMP" = "1" ]; then
		args="$args -S"
		procd_set_param limits core="unlimited"
	fi
	
	procd_set_param command /usr/sbin/smartdns -f -c $SMARTDNS_CONF $args
	if [ "$RESPAWN" = "1" ]; then
		procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
	fi
	procd_set_param file "$SMARTDNS_CONF"
	procd_close_instance
}

start_service() {
	config_load "smartdns"
	config_foreach load_service "smartdns"
}

reload_service(){
	stop
	start
}