From aa436c62472bd86ccefd12907285c6187df4acb2 Mon Sep 17 00:00:00 2001
From: azuo <azuo.lee@sohu.com>
Date: Fri, 16 Jun 2023 01:16:43 +0800
Subject: [PATCH] Disable EDNS0 Client Subnet (ECS) option in DoT queries

---
 release/src/router/rc/services.c | 2 +-
 release/src/router/rom/Makefile  | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/release/src/router/rc/services.c b/release/src/router/rc/services.c
index d0cb8b4b9..bc34b806b 100644
--- a/release/src/router/rc/services.c
+++ b/release/src/router/rc/services.c
@@ -1329,7 +1329,7 @@ void start_stubby(void)
 		"tls_query_padding_blocksize: 128\n"
 		"appdata_dir: \"/var/lib/misc\"\n"
 		"resolvconf: \"%s\"\n"
-		"edns_client_subnet_private: 1\n",
+		"edns_client_subnet_private: 0\n",
 		tls_possible ?
 			"  - GETDNS_TRANSPORT_TLS\n" :
 			"  - GETDNS_TRANSPORT_UDP\n"
diff --git a/release/src/router/rom/Makefile b/release/src/router/rom/Makefile
index 169c68bd9..5e8955cea 100644
--- a/release/src/router/rom/Makefile
+++ b/release/src/router/rom/Makefile
@@ -54,6 +54,7 @@ all:
 
 clean:
 #	rm -f rom/etc/motd
+	rm -f certs/ca-bundle.crt
 
 certs/ca-bundle.crt:
 	certs/mk-ca-bundle.pl -fu $@