From 9d6dc45fdbe9d023fb0290ef8869ede467a577df Mon Sep 17 00:00:00 2001
From: itdoginfo <koalav42@gmail.com>
Date: Thu, 8 May 2025 19:23:45 +0300
Subject: [PATCH] #99 Block mode

---
 README.md                                     |  2 -
 .../resources/view/podkop/podkop.js           |  1 +
 podkop/files/usr/bin/podkop                   | 68 +++++++++++++------
 3 files changed, 50 insertions(+), 21 deletions(-)

diff --git a/README.md b/README.md
index 0311f8f..a398dee 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,5 @@ sh <(wget -qO- https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/mai
 - [ ] IPv6. Только после наполнения Wiki
 
 Рефактор
-- [ ] Handle для sing-box
-- [ ] Handle для dnsmasq
 - [ ] Unit тесты (BATS)
 - [ ] Интеграционые тесты бекенда (OpenWrt rootfs + BATS)
diff --git a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
index 72ffce8..b199bf7 100644
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
@@ -87,6 +87,7 @@ function createConfigSection(section, map, network) {
     o = s.taboption('basic', form.ListValue, 'mode', _('Connection Type'), _('Select between VPN and Proxy connection methods for traffic routing'));
     o.value('proxy', ('Proxy'));
     o.value('vpn', ('VPN'));
+    o.value('block', ('Block'));
     o.ucisection = s.section;
 
     o = s.taboption('basic', form.ListValue, 'proxy_config_type', _('Configuration Type'), _('Select how to configure the proxy'));
diff --git a/podkop/files/usr/bin/podkop b/podkop/files/usr/bin/podkop
index 52dd715..6e4ac33 100755
--- a/podkop/files/usr/bin/podkop
+++ b/podkop/files/usr/bin/podkop
@@ -942,6 +942,9 @@ sing_box_outdound() {
             fi
         fi
         ;;
+    "block")
+        log "Block mode"
+        ;;
     *)
         log "Requires *vpn* or *proxy* value"
         return
@@ -1461,27 +1464,54 @@ sing_box_rules() {
     local rule_set="$1"
     local outbound="$2"
 
-    # Check if there is an outbound rule for "tproxy-in"
-    local rule_exists=$(jq -r '.route.rules[] | select(.outbound == "'"$outbound"'" and .inbound == ["tproxy-in"])' "$SING_BOX_CONFIG")
+    config_get mode "$section" "mode"
 
-    if [[ -n "$rule_exists" ]]; then
-        # If a rule for tproxy-in exists, add a new rule_set to the existing rule
-        jq \
-        --arg rule_set "$rule_set" \
-        --arg outbound "$outbound" \
-        '(.route.rules[] | select(.outbound == $outbound and .inbound == ["tproxy-in"]) .rule_set) += [$rule_set]' \
-        "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+    if [[ "$mode" == "block" ]]; then
+        # Action reject
+        # Check if there is an rule with reject"
+        local rule_exists=$(jq -r '.route.rules[] | select(.inbound == ["tproxy-in"] and .action == "reject")' "$SING_BOX_CONFIG")
+
+        if [[ -n "$rule_exists" ]]; then
+            # If a rule for rejectexists, add a new rule_set to the existing rule
+            jq \
+            --arg rule_set "$rule_set" \
+            '(.route.rules[] | select(.inbound == ["tproxy-in"] and .action == "reject") .rule_set) += [$rule_set]' \
+            "$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+        else
+            # If there is no rule for reject, create a new one with rule_set
+            jq \
+            --arg rule_set "$rule_set" \
+            '.route.rules += [{
+                "inbound": ["tproxy-in"],
+                "rule_set": [$rule_set],
+                "action": "reject"
+            }]' "$SING_BOX_CONFIG" > /tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+        fi
+        return
     else
-        # If there is no rule for tproxy-in, create a new one with rule_set
-        jq \
-        --arg rule_set "$rule_set" \
-        --arg outbound "$outbound" \
-        '.route.rules += [{
-            "inbound": ["tproxy-in"],
-            "rule_set": [$rule_set],
-            "outbound": $outbound,
-            "action": "route"
-        }]' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+        # Action route
+        # Check if there is an outbound rule for "tproxy-in"
+        local rule_exists=$(jq -r '.route.rules[] | select(.outbound == "'"$outbound"'" and .inbound == ["tproxy-in"])' "$SING_BOX_CONFIG")
+
+        if [[ -n "$rule_exists" ]]; then
+            # If a rule for tproxy-in exists, add a new rule_set to the existing rule
+            jq \
+            --arg rule_set "$rule_set" \
+            --arg outbound "$outbound" \
+            '(.route.rules[] | select(.outbound == $outbound and .inbound == ["tproxy-in"]) .rule_set) += [$rule_set]' \
+            "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+        else
+            # If there is no rule for tproxy-in, create a new one with rule_set
+            jq \
+            --arg rule_set "$rule_set" \
+            --arg outbound "$outbound" \
+            '.route.rules += [{
+                "inbound": ["tproxy-in"],
+                "rule_set": [$rule_set],
+                "outbound": $outbound,
+                "action": "route"
+            }]' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
+        fi
     fi
 }