diff --git a/README.md b/README.md new file mode 100644 index 0000000..83eccf9 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +# RouterichAX3000_configs + +Протестировано на роутере Routerich AX 3000 прошивка OpenWrt 23.05.5 r24106-10cc5fcd00 + +### Разблокировка сайтов с помощью youtubeUnblock + https-dns-proxy +Разблокировка сайтов с помощью подмены **Hello пакетов DPI** (приложение **youtubeUnblock**) + точечное перенаправление доменов, которые находятся в **геоблоке на ComssDNS** (через перенаправление dnsmasq и пакет **https-dns-proxy**) + добавление правил для **блокировки протокола QUIC** на уровне роутера + +Для корректной работы скрипта нужны установленные пакеты **youtubeUnblock** и **https-dns-proxy** + +**Установка** +```sh +wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/configure_zaprets.sh | sh +``` +**Откат** +```sh +wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/off_configure_zaprets.sh | sh +``` + +### Разблокировка сайтов с помощью WARP от CloudFlare + +**Установка** +```sh +wget --no-check-certificate -O /tmp/awg_config.sh https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/awg_config.sh && chmod +x /tmp/awg_config.sh && /tmp/awg_config.sh +``` +**Откат** +```sh +wget -O - https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main/off_awg_config.sh | sh +``` diff --git a/awg_config.sh b/awg_config.sh new file mode 100644 index 0000000..0f5ee51 --- /dev/null +++ b/awg_config.sh @@ -0,0 +1,373 @@ +#!/bin/sh + +install_awg_packages() { + # Получение pkgarch с наибольшим приоритетом + PKGARCH=$(opkg print-architecture | awk 'BEGIN {max=0} {if ($3 > max) {max = $3; arch = $2}} END {print arch}') + + TARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 1) + SUBTARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 2) + VERSION=$(ubus call system board | jsonfilter -e '@.release.version') + PKGPOSTFIX="_v${VERSION}_${PKGARCH}_${TARGET}_${SUBTARGET}.ipk" + BASE_URL="https://github.com/Slava-Shchipunov/awg-openwrt/releases/download/" + + AWG_DIR="/tmp/amneziawg" + mkdir -p "$AWG_DIR" + + if opkg list-installed | grep -q kmod-amneziawg; then + echo "kmod-amneziawg already installed" + else + KMOD_AMNEZIAWG_FILENAME="kmod-amneziawg${PKGPOSTFIX}" + DOWNLOAD_URL="${BASE_URL}v${VERSION}/${KMOD_AMNEZIAWG_FILENAME}" + wget -O "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL" + + if [ $? -eq 0 ]; then + echo "kmod-amneziawg file downloaded successfully" + else + echo "Error downloading kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again" + exit 1 + fi + + opkg install "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME" + + if [ $? -eq 0 ]; then + echo "kmod-amneziawg file downloaded successfully" + else + echo "Error installing kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again" + exit 1 + fi + fi + + if opkg list-installed | grep -q amneziawg-tools; then + echo "amneziawg-tools already installed" + else + AMNEZIAWG_TOOLS_FILENAME="amneziawg-tools${PKGPOSTFIX}" + DOWNLOAD_URL="${BASE_URL}v${VERSION}/${AMNEZIAWG_TOOLS_FILENAME}" + wget -O "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME" "$DOWNLOAD_URL" + + if [ $? -eq 0 ]; then + echo "amneziawg-tools file downloaded successfully" + else + echo "Error downloading amneziawg-tools. Please, install amneziawg-tools manually and run the script again" + exit 1 + fi + + opkg install "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME" + + if [ $? -eq 0 ]; then + echo "amneziawg-tools file downloaded successfully" + else + echo "Error installing amneziawg-tools. Please, install amneziawg-tools manually and run the script again" + exit 1 + fi + fi + + if opkg list-installed | grep -q luci-app-amneziawg; then + echo "luci-app-amneziawg already installed" + else + LUCI_APP_AMNEZIAWG_FILENAME="luci-app-amneziawg${PKGPOSTFIX}" + DOWNLOAD_URL="${BASE_URL}v${VERSION}/${LUCI_APP_AMNEZIAWG_FILENAME}" + wget -O "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL" + + if [ $? -eq 0 ]; then + echo "luci-app-amneziawg file downloaded successfully" + else + echo "Error downloading luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again" + exit 1 + fi + + opkg install "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME" + + if [ $? -eq 0 ]; then + echo "luci-app-amneziawg file downloaded successfully" + else + echo "Error installing luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again" + exit 1 + fi + fi + + rm -rf "$AWG_DIR" +} + +manage_package() { + local name="$1" + local autostart="$2" + local process="$3" + + # Проверка, установлен ли пакет + if opkg list-installed | grep -q "^$name"; then + + # Проверка, включен ли автозапуск + if /etc/init.d/$name enabled; then + if [ "$autostart" = "disable" ]; then + /etc/init.d/$name disable + fi + else + if [ "$autostart" = "enable" ]; then + /etc/init.d/$name enable + fi + fi + + # Проверка, запущен ли процесс + if pidof $name > /dev/null; then + if [ "$process" = "stop" ]; then + /etc/init.d/$name stop + fi + else + if [ "$process" = "start" ]; then + /etc/init.d/$name start + fi + fi + fi +} + +encoded_code="IyEvYmluL3NoCgojINCn0YLQtdC90LjQtSDQvNC+0LTQtdC70Lgg0LjQtyDRhNCw0LnQu9CwCm1vZGVsPSQoY2F0IC90bXAvc3lzaW5mby9tb2RlbCkKCiMg0J/RgNC+0LLQtdGA0LrQsCwg0YHQvtC00LXRgNC20LjRgiDQu9C4INC80L7QtNC10LvRjCDRgdC70L7QstC+ICJSb3V0ZXJpY2giCmlmICEgZWNobyAiJG1vZGVsIiB8IGdyZXAgLXEgIlJvdXRlcmljaCI7IHRoZW4KICAgIGVjaG8gIlRoaXMgc2NyaXB0IGZvciByb3V0ZXJzIFJvdXRlcmljaC4uLiBJZiB5b3Ugd2FudCB0byB1c2UgaXQsIHdyaXRlIHRvIHRoZSBlcCBjaGF0IFRHIEByb3V0ZXJpY2giCiAgICBleGl0IDEKZmk=" +eval "$(echo "$encoded_code" | base64 --decode)" + +echo "opkg update" +opkg update + +#проверка и установка пакетов AmneziaWG +install_awg_packages + +#проверяем установлени ли библиотека jq +if opkg list-installed | grep -q jq; then + echo "jq already installed..." +else + echo "jq not installed. Installed jq..." + opkg install jq + if [ $? -eq 0 ]; then + echo "jq file downloaded successfully" + else + echo "Error installing jq. Please, install jq manually and run the script again" + exit 1 + fi +fi + +#проверяем установлени ли пакет dnsmasq-full +if opkg list-installed | grep -q dnsmasq-full; then + echo "dnsmasq-full already installed..." +else + echo "Installed dnsmasq-full..." + cd /tmp/ && opkg download dnsmasq-full + opkg remove dnsmasq && opkg install dnsmasq-full --cache /tmp/ + + [ -f /etc/config/dhcp-opkg ] && cp /etc/config/dhcp /etc/config/dhcp-old && mv /etc/config/dhcp-opkg /etc/config/dhcp +fi + +#проверяем установлени ли пакет coreutils-base64 +if opkg list-installed | grep -q coreutils-base64; then + echo "coreutils-base64 already installed..." +else + echo "Installed coreutils-base64" + opkg install coreutils-base64 + if [ $? -eq 0 ]; then + echo "coreutils-base64 file downloaded successfully" + else + echo "Error installing coreutils-base64. Please, install coreutils-base64 manually and run the script again" + exit 1 + fi +fi + +DIR="/etc/config" +DIR_BACKUP="/root/backup2" +config_files="network +firewall" + +if [ ! -d "$DIR_BACKUP" ] +then + echo "Backup files..." + mkdir -p $DIR_BACKUP + for file in $config_files + do + cp -f "$DIR/$file" "$DIR_BACKUP/$file" + done +fi + +#запрос конфигурации WARP +result=$(curl 'https://warp.llimonix.pw/api/warp' \ + -H 'Accept: */*' \ + -H 'Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'Origin: https://warp.llimonix.pw' \ + -H 'Referer: https://warp.llimonix.pw/' \ + -H 'Sec-Fetch-Dest: empty' \ + -H 'Sec-Fetch-Mode: cors' \ + -H 'Sec-Fetch-Site: same-origin' \ + -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36' \ + -H 'sec-ch-ua: "Not(A:Brand";v="99", "Google Chrome";v="133", "Chromium";v="133")' \ + -H 'sec-ch-ua-mobile: ?0' \ + -H 'sec-ch-ua-platform: "Windows"' \ + --data-raw '{"selectedServices":[],"siteMode":"all","deviceType":"computer"}') + + +#парсим результат запроса конфигурации WARP +content=$(echo $result | jq '.content') +configBase64=$(echo $content | jq -r '.configBase64') +#echo "$result" +warp_config=$(echo "$configBase64" | base64 -d) +#echo "$warp_config" +while IFS=' = ' read -r line; do + if echo "$line" | grep -q "="; then + # Разделяем строку по первому вхождению "=" + key=$(echo "$line" | cut -d'=' -f1 | xargs) # Убираем пробелы + value=$(echo "$line" | cut -d'=' -f2- | xargs) # Убираем пробелы + eval "$key=\"$value\"" + fi +done < <(echo "$warp_config") + +#вытаскиваем нужные нам данные из распарсинного ответа +Address=$(echo "$Address" | cut -d',' -f1) +DNS=$(echo "$DNS" | cut -d',' -f1) +AllowedIPs=$(echo "$AllowedIPs" | cut -d',' -f1) +EndpointIP=$(echo "$Endpoint" | cut -d':' -f1) +EndpointPort=$(echo "$Endpoint" | cut -d':' -f2) + +printf "\033[32;1mCreate and configure tunnel AmneziaWG WARP...\033[0m\n" + +#задаём имя интерфейса +INTERFACE_NAME="awg10" +CONFIG_NAME="amneziawg_awg10" +PROTO="amneziawg" +ZONE_NAME="awg" + +uci set network.${INTERFACE_NAME}=interface +uci set network.${INTERFACE_NAME}.proto=$PROTO +if ! uci show network | grep -q ${CONFIG_NAME}; then + uci add network ${CONFIG_NAME} +fi +uci set network.${INTERFACE_NAME}.private_key=$PrivateKey +uci add_list network.${INTERFACE_NAME}.addresses=$Address +uci set network.${INTERFACE_NAME}.mtu=$MTU +uci set network.${INTERFACE_NAME}.awg_jc=$Jc +uci set network.${INTERFACE_NAME}.awg_jmin=$Jmin +uci set network.${INTERFACE_NAME}.awg_jmax=$Jmax +uci set network.${INTERFACE_NAME}.awg_s1=$S1 +uci set network.${INTERFACE_NAME}.awg_s2=$S2 +uci set network.${INTERFACE_NAME}.awg_h1=$H1 +uci set network.${INTERFACE_NAME}.awg_h2=$H2 +uci set network.${INTERFACE_NAME}.awg_h3=$H3 +uci set network.${INTERFACE_NAME}.awg_h4=$H4 +uci set network.@${CONFIG_NAME}[-1].description="${INTERFACE_NAME}_peer" +uci set network.@${CONFIG_NAME}[-1].public_key=$PublicKey +uci set network.@${CONFIG_NAME}[-1].endpoint_host=$EndpointIP +uci set network.@${CONFIG_NAME}[-1].endpoint_port=$EndpointPort +uci set network.@${CONFIG_NAME}[-1].persistent_keepalive='25' +uci set network.@${CONFIG_NAME}[-1].allowed_ips='0.0.0.0/0' +uci set network.@${CONFIG_NAME}[-1].route_allowed_ips='0' +uci commit network + +if ! uci show firewall | grep -q "@zone.*name='${ZONE_NAME}'"; then + printf "\033[32;1mZone Create\033[0m\n" + uci add firewall zone + uci set firewall.@zone[-1].name=$ZONE_NAME + uci set firewall.@zone[-1].network=$INTERFACE_NAME + uci set firewall.@zone[-1].forward='REJECT' + uci set firewall.@zone[-1].output='ACCEPT' + uci set firewall.@zone[-1].input='REJECT' + uci set firewall.@zone[-1].masq='1' + uci set firewall.@zone[-1].mtu_fix='1' + uci set firewall.@zone[-1].family='ipv4' + uci commit firewall +fi + +if ! uci show firewall | grep -q "@forwarding.*name='${ZONE_NAME}'"; then + printf "\033[32;1mConfigured forwarding\033[0m\n" + uci add firewall forwarding + uci set firewall.@forwarding[-1]=forwarding + uci set firewall.@forwarding[-1].name="${ZONE_NAME}" + uci set firewall.@forwarding[-1].dest=${ZONE_NAME} + uci set firewall.@forwarding[-1].src='lan' + uci set firewall.@forwarding[-1].family='ipv4' + uci commit firewall +fi + +# Получаем список всех зон +ZONES=$(uci show firewall | grep "zone$" | cut -d'=' -f1) +#echo $ZONES +# Циклически проходим по всем зонам +for zone in $ZONES; do + # Получаем имя зоны + CURR_ZONE_NAME=$(uci get $zone.name) + #echo $CURR_ZONE_NAME + # Проверяем, является ли это зона с именем "$ZONE_NAME" + if [ "$CURR_ZONE_NAME" = "$ZONE_NAME" ]; then + # Проверяем, существует ли интерфейс в зоне + if ! uci get $zone.network | grep -q "$INTERFACE_NAME"; then + # Добавляем интерфейс в зону + uci add_list $zone.network="$INTERFACE_NAME" + uci commit firewall + #echo "Интерфейс '$INTERFACE_NAME' добавлен в зону '$ZONE_NAME'" + fi + fi +done + +path_podkop_config="/etc/config/podkop" +path_podkop_config_backup="/root/podkop" +URL="https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main" + +if [ -f "/etc/init.d/podkop" ]; then + printf "Podkop installed. Reconfigured on AWG WARP? (y/n): \n" + is_reconfig_podkop="y" + read is_reconfig_podkop + if [ "$is_reconfig_podkop" = "y" ] || [ "$is_reconfig_podkop" = "Y" ]; then + cp -f "$path_podkop_config" "$path_podkop_config_backup" + wget -O "$path_podkop_config" "$URL/config_files/podkop" + echo "Backup of your config in path '$path_podkop_config_backup'" + echo "Podkop reconfigured..." + fi +else + printf "\033[32;1mInstall and configure PODKOP (a tool for point routing of traffic)?? (y/n): \033[0m\n" + is_install_podkop="y" + read is_install_podkop + + if [ "$is_install_podkop" = "y" ] || [ "$is_install_podkop" = "Y" ]; then + DOWNLOAD_DIR="/tmp/podkop" + mkdir -p "$DOWNLOAD_DIR" + podkop_files="podkop_0.2.5-1_all.ipk + luci-app-podkop_0.2.5_all.ipk + luci-i18n-podkop-ru_0.2.5.ipk" + for file in $podkop_files + do + echo "Download $file..." + wget -q -O "$DOWNLOAD_DIR/$file" "$URL/podkop_packets/$file" + done + opkg install $DOWNLOAD_DIR/podkop*.ipk + opkg install $DOWNLOAD_DIR/luci-app-podkop*.ipk + opkg install $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk + rm -f $DOWNLOAD_DIR/podkop*.ipk $DOWNLOAD_DIR/luci-app-podkop*.ipk $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk + wget -O "$path_podkop_config" "$URL/config_files/podkop" + echo "Podkop installed.." + fi +fi + +printf "\033[32;1mStop and disabled service 'youtubeUnblock' and 'ruantiblock'...\033[0m\n" +manage_package "youtubeUnblock" "disable" "stop" +manage_package "ruantiblock" "disable" "stop" + +printf "\033[32;1mStart and enable service 'https-dns-proxy'...\033[0m\n" +manage_package "https-dns-proxy" "enable" "start" + +str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root) +if [ ! -z "$str" ] +then + grep -v "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root > /etc/crontabs/temp + cp -f "/etc/crontabs/temp" "/etc/crontabs/root" + rm -f "/etc/crontabs/temp" +fi + +printf "\033[32;1mRestart firewall and network...\033[0m\n" +service firewall restart +#service network restart + +# Отключаем интерфейс +ifdown $INTERFACE_NAME +# Ждем несколько секунд (по желанию) +sleep 2 +# Включаем интерфейс +ifup $INTERFACE_NAME + +printf "\033[32;1mService Podkop restart...\033[0m\n" +service podkop restart + +printf "\033[32;1mConfigured completed...\033[0m\n" diff --git a/dhcp b/config_files/dhcp similarity index 100% rename from dhcp rename to config_files/dhcp diff --git a/https-dns-proxy b/config_files/https-dns-proxy similarity index 94% rename from https-dns-proxy rename to config_files/https-dns-proxy index 93e4e7c..f546eaa 100644 --- a/https-dns-proxy +++ b/config_files/https-dns-proxy @@ -28,7 +28,7 @@ config https-dns-proxy config https-dns-proxy option resolver_url 'https://router.comss.one/dns-query' - option bootstrap_dns '195.133.25.16, 212.109.195.93' + option bootstrap_dns '195.133.25.16,212.109.195.93' option listen_addr '127.0.0.1' option listen_port '5056' diff --git a/config_files/podkop b/config_files/podkop new file mode 100644 index 0000000..4860422 --- /dev/null +++ b/config_files/podkop @@ -0,0 +1,27 @@ + +config main 'main' + option mode 'vpn' + option domain_list_enabled '1' + option subnets_list_enabled '1' + option custom_domains_list_enabled 'dynamic' + option custom_subnets_list_enabled 'disabled' + option all_traffic_from_ip_enabled '0' + option custom_download_domains_list_enabled '0' + option custom_download_subnets_list_enabled '0' + option exclude_from_ip_enabled '0' + option exclude_ntp '1' + option update_interval '0 4 * * *' + option custom_local_domains_list_enabled '0' + option interface 'awg10' + option domain_list 'ru_inside' + option delist_domains_enabled '0' + list subnets 'meta' + list subnets 'twitter' + list subnets 'discord' + list custom_domains '2ip.ru' + +config second 'second' + option second_enable '0' + option domain_list_enabled '0' + list domains 'youtube' + diff --git a/youtubeUnblock b/config_files/youtubeUnblock similarity index 100% rename from youtubeUnblock rename to config_files/youtubeUnblock diff --git a/configure_zaprets.sh b/configure_zaprets.sh index ace4790..f5227dc 100644 --- a/configure_zaprets.sh +++ b/configure_zaprets.sh @@ -7,39 +7,199 @@ config_files="dhcp youtubeUnblock https-dns-proxy" +checkAndAddDomainPermanentName() +{ + nameRule="option name '$1'" + str=$(grep -i "$nameRule" /etc/config/dhcp) + if [ -z "$str" ] + then + + uci add dhcp domain + uci set dhcp.@domain[-1].name="$1" + uci set dhcp.@domain[-1].ip="$2" + uci commit dhcp + fi +} + +manage_package() { + local name="$1" + local autostart="$2" + local process="$3" + + # Проверка, установлен ли пакет + if opkg list-installed | grep -q "^$name"; then + + # Проверка, включен ли автозапуск + if /etc/init.d/$name enabled; then + if [ "$autostart" = "disable" ]; then + /etc/init.d/$name disable + fi + else + if [ "$autostart" = "enable" ]; then + /etc/init.d/$name enable + fi + fi + + # Проверка, запущен ли процесс + if pidof $name > /dev/null; then + if [ "$process" = "stop" ]; then + /etc/init.d/$name stop + fi + else + if [ "$process" = "start" ]; then + /etc/init.d/$name start + fi + fi + fi +} + +install_youtubeunblock_packages() { + PKGARCH=$(opkg print-architecture | awk 'BEGIN {max=0} {if ($3 > max) {max = $3; arch = $2}} END {print arch}') + VERSION=$(ubus call system board | jsonfilter -e '@.release.version') + BASE_URL="https://github.com/Waujito/youtubeUnblock/releases/download/v1.0.0/" + PACK_NAME="youtubeUnblock" + + AWG_DIR="/tmp/$PACK_NAME" + mkdir -p "$AWG_DIR" + + if opkg list-installed | grep -q $PACK_NAME; then + echo "$PACK_NAME already installed" + else + # Список пакетов, которые нужно проверить и установить/обновить + PACKAGES="kmod-nfnetlink-queue kmod-nft-queue kmod-nf-conntrack" + + for pkg in $PACKAGES; do + # Проверяем, установлен ли пакет + if opkg list-installed | grep -q "^$pkg "; then + echo "$pkg already installed" + else + echo "$pkg not installed. Instal..." + opkg install $pkg + if [ $? -eq 0 ]; then + echo "$pkg file installing successfully" + else + echo "Error installing $pkg Please, install $pkg manually and run the script again" + exit 1 + fi + fi + done + + if [ ! $VERSION = "23.05.5" ] + then + echo "Your version $VERSION OpenWRT not support. Please, install $PACK_NAME manually and run the script again" + exit 1 + fi + + YOUTUBEUNBLOCK_FILENAME="youtubeUnblock-1.0.0-10-f37c3dd-${PKGARCH}-openwrt-23.05.ipk" + DOWNLOAD_URL="${BASE_URL}${YOUTUBEUNBLOCK_FILENAME}" + echo $DOWNLOAD_URL + wget -O "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" "$DOWNLOAD_URL" + + if [ $? -eq 0 ]; then + echo "$PACK_NAME file downloaded successfully" + else + echo "Error downloading $PACK_NAME. Please, install $PACK_NAME manually and run the script again" + exit 1 + fi + + opkg install "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" + + if [ $? -eq 0 ]; then + echo "$PACK_NAME file installing successfully" + else + echo "Error installing $PACK_NAME. Please, install $PACK_NAME manually and run the script again" + exit 1 + fi + fi + + PACK_NAME="luci-app-youtubeUnblock" + if opkg list-installed | grep -q $PACK_NAME; then + echo "$PACK_NAME already installed" + else + PACK_NAME="luci-app-youtubeUnblock" + YOUTUBEUNBLOCK_FILENAME="luci-app-youtubeUnblock-1.0.0-10-f37c3dd.ipk" + DOWNLOAD_URL="${BASE_URL}${YOUTUBEUNBLOCK_FILENAME}" + echo $DOWNLOAD_URL + wget -O "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" "$DOWNLOAD_URL" + + if [ $? -eq 0 ]; then + echo "$PACK_NAME file downloaded successfully" + else + echo "Error downloading $PACK_NAME. Please, install $PACK_NAME manually and run the script again" + exit 1 + fi + + opkg install "$AWG_DIR/$YOUTUBEUNBLOCK_FILENAME" + + if [ $? -eq 0 ]; then + echo "$PACK_NAME file installing successfully" + else + echo "Error installing $PACK_NAME. Please, install $PACK_NAME manually and run the script again" + exit 1 + fi + fi + + rm -rf "$AWG_DIR" +} + +encoded_code="IyEvYmluL3NoCgojINCn0YLQtdC90LjQtSDQvNC+0LTQtdC70Lgg0LjQtyDRhNCw0LnQu9CwCm1vZGVsPSQoY2F0IC90bXAvc3lzaW5mby9tb2RlbCkKCiMg0J/RgNC+0LLQtdGA0LrQsCwg0YHQvtC00LXRgNC20LjRgiDQu9C4INC80L7QtNC10LvRjCDRgdC70L7QstC+ICJSb3V0ZXJpY2giCmlmICEgZWNobyAiJG1vZGVsIiB8IGdyZXAgLXEgIlJvdXRlcmljaCI7IHRoZW4KICAgIGVjaG8gIlRoaXMgc2NyaXB0IGZvciByb3V0ZXJzIFJvdXRlcmljaC4uLiBJZiB5b3Ugd2FudCB0byB1c2UgaXQsIHdyaXRlIHRvIHRoZSBlcCBjaGF0IFRHIEByb3V0ZXJpY2giCiAgICBleGl0IDEKZmk=" +eval "$(echo "$encoded_code" | base64 --decode)" + echo "Upgrade packages..." opkg update + +#проверяем установлени ли библиотека https-dns-proxy +if opkg list-installed | grep -q https-dns-proxy; then + echo "https-dns-proxy already installed..." +else + echo "https-dns-proxy not installed. Installed https-dns-proxy..." + opkg install https-dns-proxy + if [ $? -eq 0 ]; then + echo "https-dns-proxy file installed successfully" + else + echo "Error installing https-dns-proxy. Please, install https-dns-proxy manually and run the script again" + exit 1 + fi +fi + +if ! opkg list-installed | grep -q luci-app-https-dns-proxy; then + opkg install luci-app-https-dns-proxy +fi + +if ! opkg list-installed | grep -q luci-i18n-https-dns-proxy-ru; then + opkg install luci-i18n-https-dns-proxy-ru +fi + +install_youtubeunblock_packages + opkg upgrade youtubeUnblock opkg upgrade luci-app-youtubeUnblock -echo "Backup files..." - if [ ! -d "$DIR_BACKUP" ] then - mkdir $DIR_BACKUP + echo "Backup files..." + mkdir -p $DIR_BACKUP + for file in $config_files + do + cp -f "$DIR/$file" "$DIR_BACKUP/$file" + done + + echo "Replace configs..." + + for file in $config_files + do + if [ "$file" != "dhcp" ] + then + wget -O "$DIR/$file" "$URL/config_files/$file" + fi + done fi -for file in $config_files -do - cp -f "$DIR/$file" "$DIR_BACKUP/$file" -done - -echo "Replace configs..." - -for file in $config_files -do - if [ "$file" != "dhcp" ] - then - wget -O "$DIR/$file" "$URL/$file" - fi -done - echo "Configure dhcp..." uci set dhcp.cfg01411c.strictorder='1' uci set dhcp.cfg01411c.filter_aaaa='1' -uci del dhcp.cfg01411c.server uci add_list dhcp.cfg01411c.server='127.0.0.1#5053' uci add_list dhcp.cfg01411c.server='127.0.0.1#5054' uci add_list dhcp.cfg01411c.server='127.0.0.1#5055' @@ -59,23 +219,88 @@ uci add_list dhcp.cfg01411c.server='/*.clashroyale.com/127.0.0.1#5056' uci add_list dhcp.cfg01411c.server='/*.brawlstars.com/127.0.0.1#5056' uci add_list dhcp.cfg01411c.server='/*.clash.com/127.0.0.1#5056' uci add_list dhcp.cfg01411c.server='/*.clashofclans.com/127.0.0.1#5056' -uci add dhcp domain # =cfg13f37d -uci set dhcp.@domain[-1].name='chatgpt.com' -uci set dhcp.@domain[-1].ip='94.131.119.85' -uci add dhcp domain # =cfg14f37d -uci set dhcp.@domain[-1].name='openai.com' -uci set dhcp.@domain[-1].ip='94.131.119.85' +uci add_list dhcp.cfg01411c.server='/*.x.ai/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.grok.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.github.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.forzamotorsport.net/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.forzaracingchampionship.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.forzarc.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.gamepass.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.orithegame.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.renovacionxboxlive.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.tellmewhygame.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox.co/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox.eu/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox.org/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox360.co/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox360.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox360.eu/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbox360.org/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxab.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxgamepass.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxgamestudios.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxlive.cn/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxlive.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxone.co/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxone.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxone.eu/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxplayanywhere.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxservices.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xboxstudios.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.xbx.lv/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.sentry.io/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.usercentrics.eu/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.recaptcha.net/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.gstatic.com/127.0.0.1#5056' +uci add_list dhcp.cfg01411c.server='/*.brawlstarsgame.com/127.0.0.1#5056' uci commit dhcp -echo "Crod task add restart service yotubeUnblock..." +echo "Add unblock ChatGPT..." -cronTask="0 4 * * * service youtubeUnblock restart" -str=$(grep -i "0 4 \* \* \* service youtubeUnblock restart" /etc/crontabs/root) +checkAndAddDomainPermanentName "chatgpt.com" "94.131.119.85" +checkAndAddDomainPermanentName "openai.com" "94.131.119.85" +checkAndAddDomainPermanentName "webrtc.chatgpt.com" "94.131.119.85" +checkAndAddDomainPermanentName "ios.chat.openai.com" "94.131.119.85" +checkAndAddDomainPermanentName "searchgpt.com" "94.131.119.85" + +nameRule="option name 'Block_UDP_443'" +str=$(grep -i "$nameRule" /etc/config/firewall) if [ -z "$str" ] then + echo "Add block QUIC..." + + uci add firewall rule # =cfg2492bd + uci set firewall.@rule[-1].name='Block_UDP_80' + uci add_list firewall.@rule[-1].proto='udp' + uci set firewall.@rule[-1].src='lan' + uci set firewall.@rule[-1].dest='wan' + uci set firewall.@rule[-1].dest_port='80' + uci set firewall.@rule[-1].target='REJECT' + uci add firewall rule # =cfg2592bd + uci set firewall.@rule[-1].name='Block_UDP_443' + uci add_list firewall.@rule[-1].proto='udp' + uci set firewall.@rule[-1].src='lan' + uci set firewall.@rule[-1].dest='wan' + uci set firewall.@rule[-1].dest_port='443' + uci set firewall.@rule[-1].target='REJECT' + uci commit firewall + service firewall restart +fi + +cronTask="0 4 * * * wget -O - $URL/configure_zaprets.sh | sh" +str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root) +if [ -z "$str" ] +then + echo "Add cron task auto run configure_zapret..." echo "$cronTask" >> /etc/crontabs/root fi +manage_package "podkop" "disable" "stop" +manage_package "ruantiblock" "disable" "stop" +manage_package "https-dns-proxy" "enable" "start" +manage_package "youtubeUnblock" "enable" "start" + echo "Restart service..." service youtubeUnblock restart @@ -83,4 +308,4 @@ service https-dns-proxy restart service dnsmasq restart service odhcpd restart -echo "Configure complete..." +printf "\033[32;1mConfigured completed...\033[0m\n" diff --git a/off_awg_config.sh b/off_awg_config.sh new file mode 100644 index 0000000..86755ae --- /dev/null +++ b/off_awg_config.sh @@ -0,0 +1,62 @@ +#!/bin/sh + +DIR="/etc/config" +DIR_BACKUP="/root/backup2" +config_files="network +firewall" + +manage_package() { + local name="$1" + local autostart="$2" + local process="$3" + + # Проверка, установлен ли пакет + if opkg list-installed | grep -q "^$name"; then + + # Проверка, включен ли автозапуск + if /etc/init.d/$name enabled; then + if [ "$autostart" = "disable" ]; then + /etc/init.d/$name disable + fi + else + if [ "$autostart" = "enable" ]; then + /etc/init.d/$name enable + fi + fi + + # Проверка, запущен ли процесс + if pidof $name > /dev/null; then + if [ "$process" = "stop" ]; then + /etc/init.d/$name stop + fi + else + if [ "$process" = "start" ]; then + /etc/init.d/$name start + fi + fi + fi +} + +if [ -d "$DIR_BACKUP" ] +then + echo "Restore configs..." + for file in $config_files + do + cp -f "$DIR_BACKUP/$file" "$DIR/$file" + done + + rm -rf "$DIR_BACKUP" +fi + +echo "Stop and disabled autostart Podkop..." +manage_package "podkop" "disable" "stop" + +echo "Run and enabled autostart youtubeUnblock and ruantiblock..." +manage_package "youtubeUnblock" "enable" "start" +manage_package "ruantiblock" "enable" "start" + +printf "\033[32;1mRestart firewall...\033[0m\n" +service firewall restart +#service network restart + +printf "\033[32;1mOff configured completed...\033[0m\n" diff --git a/off_configure_zaprets.sh b/off_configure_zaprets.sh index 8825da5..c78a4ba 100644 --- a/off_configure_zaprets.sh +++ b/off_configure_zaprets.sh @@ -1,17 +1,22 @@ #!/bin/sh +URL="https://raw.githubusercontent.com/routerich/RouterichAX3000_configs/refs/heads/main" DIR="/etc/config" DIR_BACKUP="/root/backup" config_files="dhcp youtubeUnblock https-dns-proxy" -echo "Restore configs..." +if [ -d "$DIR_BACKUP" ] +then + echo "Restore configs..." + for file in $config_files + do + cp -f "$DIR_BACKUP/$file" "$DIR/$file" + done -for file in $config_files -do - cp -f "$DIR_BACKUP/$file" "$DIR/$file" -done + rm -rf "$DIR_BACKUP" +fi echo "Restart service..." @@ -20,4 +25,14 @@ service https-dns-proxy restart service dnsmasq restart service odhcpd restart -echo "Off configure complete..." +echo "Remove cron task auto run script configure zaprets.." + +str=$(grep -i "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root) +if [ ! -z "$str" ] +then + grep -v "0 4 \* \* \* wget -O - $URL/configure_zaprets.sh | sh" /etc/crontabs/root > /etc/crontabs/temp + cp -f "/etc/crontabs/temp" "/etc/crontabs/root" + rm -f "/etc/crontabs/temp" +fi + +printf "\033[32;1mOff configured completed...\033[0m\n" diff --git a/podkop_packets/luci-app-podkop_0.2.5_all.ipk b/podkop_packets/luci-app-podkop_0.2.5_all.ipk new file mode 100644 index 0000000..499ad73 Binary files /dev/null and b/podkop_packets/luci-app-podkop_0.2.5_all.ipk differ diff --git a/podkop_packets/luci-i18n-podkop-ru_0.2.5.ipk b/podkop_packets/luci-i18n-podkop-ru_0.2.5.ipk new file mode 100644 index 0000000..7c96b2e Binary files /dev/null and b/podkop_packets/luci-i18n-podkop-ru_0.2.5.ipk differ diff --git a/podkop_packets/podkop_0.2.5-1_all.ipk b/podkop_packets/podkop_0.2.5-1_all.ipk new file mode 100644 index 0000000..4e7f1b2 Binary files /dev/null and b/podkop_packets/podkop_0.2.5-1_all.ipk differ