diff --git a/db/ConfigBuilder.cpp b/db/ConfigBuilder.cpp index 0fc16df..a063882 100644 --- a/db/ConfigBuilder.cpp +++ b/db/ConfigBuilder.cpp @@ -181,8 +181,7 @@ namespace NekoGui { // Inbounds QJsonObject sniffing{ - {"destOverride", dataStore->fake_dns ? QJsonArray{"fakedns", "http", "tls", "quic"} - : QJsonArray{"http", "tls", "quic"}}, + {"destOverride", QJsonArray{"http", "tls", "quic"}}, {"enabled", true}, {"metadataOnly", false}, {"routeOnly", dataStore->routing->sniffing_mode == SniffingMode::FOR_ROUTING}, @@ -196,7 +195,7 @@ namespace NekoGui { inboundObj["listen"] = dataStore->inbound_address; inboundObj["port"] = dataStore->inbound_socks_port; QJsonObject socksSettings = {{"udp", true}}; - if (dataStore->fake_dns || dataStore->routing->sniffing_mode != SniffingMode::DISABLE) { + if (dataStore->routing->sniffing_mode != SniffingMode::DISABLE) { inboundObj["sniffing"] = sniffing; } if (dataStore->inbound_auth->NeedAuth()) { @@ -295,7 +294,7 @@ namespace NekoGui { // Remote or FakeDNS QJsonObject dnsServerRemote; - dnsServerRemote["address"] = dataStore->fake_dns ? "fakedns" : dataStore->routing->remote_dns; + dnsServerRemote["address"] = dataStore->routing->remote_dns; dnsServerRemote["domains"] = QList2QJsonArray(status->domainListDNSRemote); dnsServerRemote["queryStrategy"] = dataStore->routing->remote_dns_strategy; if (!status->forTest) dnsServers += dnsServerRemote; @@ -864,6 +863,19 @@ namespace NekoGui { {"detour", "direct"}, }; + // Fakedns + if (IS_NEKO_BOX_INTERNAL_TUN && dataStore->spmode_vpn && !status->forTest) { + dnsServers += QJsonObject{ + {"tag", "dns-fake"}, + {"address", "fakeip"}, + }; + dns["fakeip"] = QJsonObject{ + {"enabled", true}, + {"inet4_range", "198.18.0.0/15"}, + {"inet6_range", "fc00::/18"}, + }; + } + // Underlying 100% Working DNS dnsServers += QJsonObject{ {"tag", "dns-local"}, @@ -878,10 +890,17 @@ namespace NekoGui { rule["server"] = server; dnsRules += rule; }; - add_rule_dns(status->domainListDNSRemote, "dns-remote"); add_rule_dns(status->domainListDNSDirect, "dns-direct"); + // fakedns rule + if (IS_NEKO_BOX_INTERNAL_TUN && dataStore->spmode_vpn && !status->forTest) { + dnsRules += QJsonObject{ + {"inbound", "tun-in"}, + {"server", "dns-fake"}, + }; + } + dns["servers"] = dnsServers; dns["rules"] = dnsRules; dns["independent_cache"] = true; @@ -1042,16 +1061,17 @@ namespace NekoGui { auto configFn = ":/neko/vpn/sing-box-vpn.json"; if (QFile::exists("vpn/sing-box-vpn.json")) configFn = "vpn/sing-box-vpn.json"; auto config = ReadFileText(configFn) - .replace("%IPV6_ADDRESS%", dataStore->vpn_ipv6 ? R"("inet6_address": "fdfe:dcba:9876::1/126",)" : "") + .replace("//%IPV6_ADDRESS%", dataStore->vpn_ipv6 ? R"("inet6_address": "fdfe:dcba:9876::1/126",)" : "") + .replace("//%SOCKS_USER_PASS%", socks_user_pass) + .replace("//%PROCESS_NAME_RULE%", process_name_rule) + .replace("//%CIDR_RULE%", cidr_rule) .replace("%MTU%", Int2String(dataStore->vpn_mtu)) .replace("%STACK%", Preset::SingBox::VpnImplementation.value(dataStore->vpn_implementation)) - .replace("%PROCESS_NAME_RULE%", process_name_rule) - .replace("%CIDR_RULE%", cidr_rule) .replace("%TUN_NAME%", genTunName()) .replace("%STRICT_ROUTE%", dataStore->vpn_strict_route ? "true" : "false") - .replace("%SOCKS_USER_PASS%", socks_user_pass) .replace("%FINAL_OUT%", no_match_out) .replace("%DNS_ADDRESS%", BOX_UNDERLYING_DNS) + .replace("%FAKE_DNS_INBOUND%", dataStore->fake_dns ? "tun-in" : "empty") .replace("%PORT%", Int2String(dataStore->inbound_socks_port)); // hook.js auto source = qjs::ReadHookJS(); diff --git a/res/vpn/sing-box-vpn.json b/res/vpn/sing-box-vpn.json index 6dddef8..0d38169 100644 --- a/res/vpn/sing-box-vpn.json +++ b/res/vpn/sing-box-vpn.json @@ -1,19 +1,62 @@ { + "log": { + "level": "info" + }, "dns": { + "fakeip": { + "enabled": true, + "inet4_range": "198.18.0.0/15", + "inet6_range": "fc00::/18" + }, "servers": [ + { + "tag": "dns-remote", + "address": "8.8.8.8", + "detour": "nekoray-socks" + }, { "tag": "dns-direct", "address": "%DNS_ADDRESS%", "detour": "direct" + }, + { + "address": "fakeip", + "tag": "dns-fake" + }, + { + "address": "rcode://success", + "tag": "dns-block" + } + ], + "rules": [ + { + "domain_suffix": [ + ".lan" + ], + "server": "dns-block" + }, + { + "process_name": [ + "nekoray_core", + "nekoray_core.exe", + "nekobox_core", + "nekobox_core.exe" + ], + "server": "dns-direct" + }, + { + "inbound": "%FAKE_DNS_INBOUND%", + "server": "dns-fake" } ] }, "inbounds": [ { "type": "tun", + "tag": "tun-in", "interface_name": "%TUN_NAME%", "inet4_address": "172.19.0.1/28", - %IPV6_ADDRESS% + //%IPV6_ADDRESS% "mtu": %MTU%, "auto_route": true, "strict_route": %STRICT_ROUTE%, @@ -27,7 +70,7 @@ "type": "socks", "tag": "nekoray-socks", "udp_fragment": true, - %SOCKS_USER_PASS% + //%SOCKS_USER_PASS% "server": "127.0.0.1", "server_port": %PORT% }, @@ -48,10 +91,6 @@ "final": "%FINAL_OUT%", "auto_detect_interface": true, "rules": [ - { - "inbound": "dns-in", - "outbound": "dns-out" - }, { "network": "udp", "port": [ @@ -93,9 +132,13 @@ "nekobox_core.exe" ], "outbound": "direct" + }, + //%PROCESS_NAME_RULE% + //%CIDR_RULE% + { + "port": 53, + "outbound": "dns-out" } - %PROCESS_NAME_RULE% - %CIDR_RULE% ] } } \ No newline at end of file diff --git a/translations/fa_IR.ts b/translations/fa_IR.ts index 34e469c..8e2f681 100644 --- a/translations/fa_IR.ts +++ b/translations/fa_IR.ts @@ -695,6 +695,12 @@ These settings can be changed later. Format + + This is especially important and it is recommended to use the default value of "localhost". +If the default value does not work, try changing it to "223.5.5.5". +For more information, see the document "Configuration/DNS". + + DialogVPNSettings diff --git a/translations/ru_RU.ts b/translations/ru_RU.ts index a204d71..1e78b6d 100644 --- a/translations/ru_RU.ts +++ b/translations/ru_RU.ts @@ -688,6 +688,12 @@ These settings can be changed later. Remove routing: %1 Удалить маршруты: %1 + + This is especially important and it is recommended to use the default value of "localhost". +If the default value does not work, try changing it to "223.5.5.5". +For more information, see the document "Configuration/DNS". + + DialogVPNSettings diff --git a/translations/zh_CN.ts b/translations/zh_CN.ts index acddff2..ae82954 100644 --- a/translations/zh_CN.ts +++ b/translations/zh_CN.ts @@ -689,6 +689,14 @@ These settings can be changed later. Format 格式化 + + This is especially important and it is recommended to use the default value of "localhost". +If the default value does not work, try changing it to "223.5.5.5". +For more information, see the document "Configuration/DNS". + 此项尤为重要,建议使用默认值 "localhost"。 +如果默认值不工作,可以尝试更改为 "223.5.5.5"。 +更多信息,请参阅文档 "配置/DNS"。 + DialogVPNSettings @@ -1650,7 +1658,7 @@ Release note: Default - 默认 + 默认 diff --git a/ui/dialog_basic_settings.ui b/ui/dialog_basic_settings.ui index 19f36b6..18626c6 100644 --- a/ui/dialog_basic_settings.ui +++ b/ui/dialog_basic_settings.ui @@ -6,8 +6,8 @@ 0 0 - 650 - 500 + 600 + 400 @@ -33,7 +33,7 @@ - 3 + 0 @@ -606,7 +606,7 @@ - padding + Padding @@ -701,8 +701,8 @@ 0 0 - 515 - 315 + 198 + 58 diff --git a/ui/dialog_manage_routes.ui b/ui/dialog_manage_routes.ui index 6ced505..2532088 100644 --- a/ui/dialog_manage_routes.ui +++ b/ui/dialog_manage_routes.ui @@ -159,6 +159,11 @@ For sing-box, it sets inbound.domain_strategy + + This is especially important and it is recommended to use the default value of "localhost". +If the default value does not work, try changing it to "223.5.5.5". +For more information, see the document "Configuration/DNS". + Direct DNS diff --git a/ui/dialog_vpn_settings.cpp b/ui/dialog_vpn_settings.cpp index ec193f8..6576fb4 100644 --- a/ui/dialog_vpn_settings.cpp +++ b/ui/dialog_vpn_settings.cpp @@ -11,9 +11,7 @@ DialogVPNSettings::DialogVPNSettings(QWidget *parent) : QDialog(parent), ui(new ui->setupUi(this); ADD_ASTERISK(this); - ui->fake_dns->setVisible(!IS_NEKO_BOX); ui->fake_dns->setChecked(NekoGui::dataStore->fake_dns); - // ui->vpn_implementation->setCurrentIndex(NekoGui::dataStore->vpn_implementation); ui->vpn_mtu->setCurrentText(Int2String(NekoGui::dataStore->vpn_mtu)); ui->vpn_ipv6->setChecked(NekoGui::dataStore->vpn_ipv6); diff --git a/ui/mainwindow_grpc.cpp b/ui/mainwindow_grpc.cpp index cb1d0e5..d23c671 100644 --- a/ui/mainwindow_grpc.cpp +++ b/ui/mainwindow_grpc.cpp @@ -376,6 +376,12 @@ void MainWindow::neko_start(int _id) { restartMsgboxTimer->cancel(); restartMsgboxTimer->deleteLater(); restartMsgbox->deleteLater(); +#ifdef Q_OS_LINUX + // Check systemd-resolved + if (NekoGui::dataStore->spmode_vpn && NekoGui::dataStore->routing->direct_dns.startsWith("local") && ReadFileText("/etc/resolv.conf").contains("systemd-resolved")) { + MW_show_log("[Warning] The default Direct DNS may not works with systemd-resolved, you may consider change your DNS settings."); + } +#endif }); }); }