mirror of
https://github.com/openwrt/packages.git
synced 2026-05-31 23:12:02 +08:00
Stan Grishin
c9b004abf2
Maintainer: me
Compile tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Run tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Description:Add nftables notrack for localhost traffic
- Removed. License is now included in the main project.
net/https-dns-proxy/Makefile:
- Bumped PKG_RELEASE to 5.
net/https-dns-proxy/files/etc/config/https-dns-proxy:
- Added 'option notrack_dns '1'' to the default configuration.
net/https-dns-proxy/files/etc/init.d/https-dns-proxy:
- Defined NOTRACK_NFT_FILE constant.
- Added 'notrack_dns' and 'notrack_ports' variables.
- Implemented 'notrack_nft' function to manage nftables rules for notracking local DNS traffic.
- Enabled loading of 'notrack_dns' boolean from configuration.
- Modified start_instance to collect listen_port into notrack_ports if notrack_dns is enabled.
- Modified start_service to call notrack_nft update/remove based on notrack_dns and collected ports.
- Modified stop_service to call notrack_nft remove.
- Updated service_started and service_stopped to trigger firewall config changes when notrack_dns is enabled.
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit fa4b35ad53)
Signed-off-by: Stan Grishin <stangri@melmac.ca>
64 lines
2.0 KiB
Makefile
64 lines
2.0 KiB
Makefile
# SPDX-License-Identifier: MIT
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=https-dns-proxy
|
|
PKG_VERSION:=2025.12.29
|
|
PKG_RELEASE:=5
|
|
|
|
PKG_SOURCE_PROTO:=git
|
|
PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy/
|
|
PKG_MIRROR_HASH:=df9b4dea9ce7d9a0f26e39b8e10631f0cb3c35b8c7ef8f2603453cb55d0e3d20
|
|
PKG_SOURCE_VERSION:=67ecae05c0b9a5020b32782f9ff7ac8c887dda8a
|
|
|
|
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
|
|
PKG_LICENSE:=MIT
|
|
PKG_LICENSE_FILES:=LICENSE
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
include $(INCLUDE_DIR)/cmake.mk
|
|
|
|
TARGET_CFLAGS += $(FPIC)
|
|
TARGET_LDFLAGS += -Wl,--gc-sections
|
|
CMAKE_OPTIONS += -DCLANG_TIDY_EXE= -DSW_VERSION=$(PKG_VERSION)-r$(PKG_RELEASE)
|
|
|
|
define Package/https-dns-proxy
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
TITLE:=DNS Over HTTPS Proxy
|
|
URL:=https://github.com/mossdef-org/https-dns-proxy/
|
|
DEPENDS:= \
|
|
+libcares \
|
|
+libcurl \
|
|
+libev \
|
|
+ca-bundle \
|
|
+jsonfilter \
|
|
+resolveip \
|
|
+!BUSYBOX_DEFAULT_GREP:grep \
|
|
+!BUSYBOX_DEFAULT_SED:sed
|
|
CONFLICTS:=https_dns_proxy
|
|
endef
|
|
|
|
define Package/https-dns-proxy/description
|
|
Light-weight DNS-over-HTTPS, non-caching translation proxy for the RFC 8484 DoH standard.
|
|
It receives regular, unencrypted (UDP) DNS requests and resolves them via DoH resolver.
|
|
Please see https://docs.openwrt.melmac.ca/https-dns-proxy/ for more information.
|
|
endef
|
|
|
|
define Package/https-dns-proxy/conffiles
|
|
/etc/config/https-dns-proxy
|
|
endef
|
|
|
|
define Package/https-dns-proxy/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_BUILD_DIR)/https_dns_proxy $(1)/usr/sbin/https-dns-proxy
|
|
$(INSTALL_DIR) $(1)/etc/init.d
|
|
$(INSTALL_BIN) ./files/etc/init.d/https-dns-proxy $(1)/etc/init.d/https-dns-proxy
|
|
$(SED) "s|^\(readonly PKG_VERSION\).*|\1='$(PKG_VERSION)-r$(PKG_RELEASE)'|" $(1)/etc/init.d/https-dns-proxy
|
|
$(INSTALL_DIR) $(1)/etc/config
|
|
$(INSTALL_CONF) ./files/etc/config/https-dns-proxy $(1)/etc/config/https-dns-proxy
|
|
$(INSTALL_DIR) $(1)/etc/uci-defaults/
|
|
$(INSTALL_BIN) ./files/etc/uci-defaults/50-https-dns-proxy-migrate-options.sh $(1)/etc/uci-defaults/50-https-dns-proxy-migrate-options.sh
|
|
endef
|
|
|
|
$(eval $(call BuildPackage,https-dns-proxy))
|