Mirror/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2025-12-11 14:06:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

refactor: global check #214

Browse Source
This commit is contained in:
itdoginfo
2025-10-16 16:49:47 +03:00
parent 40dac07b29
commit cfb821974f
1 changed files with 258 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

324
podkop/files/usr/bin/podkop
View File

@@ -1841,7 +1841,7 @@ check_dns_available() {
local dns_status=0 local dns_status=0
local dns_on_router=0 local dns_on_router=0
local bootstrap_dns_status=0 local bootstrap_dns_status=0
local dhcp_has_dns_server=0 local dhcp_config_status=1
local domain="google.com" local domain="google.com"
# Mask NextDNS ID if present # Mask NextDNS ID if present
@@ -1895,21 +1895,29 @@ check_dns_available() {
config_foreach check_dhcp_has_podkop_dns dnsmasq config_foreach check_dhcp_has_podkop_dns dnsmasq
config_load "$PODKOP_CONFIG" config_load "$PODKOP_CONFIG"
echo "{\"dns_type\":\"$dns_type\",\"dns_server\":\"$display_dns_server\",\"dns_status\":$dns_status,\"dns_on_router\":$dns_on_router,\"bootstrap_dns_server\":\"$bootstrap_dns_server\",\"bootstrap_dns_status\":$bootstrap_dns_status,\"dhcp_has_dns_server\":$dhcp_has_dns_server}" | jq . echo "{\"dns_type\":\"$dns_type\",\"dns_server\":\"$display_dns_server\",\"dns_status\":$dns_status,\"dns_on_router\":$dns_on_router,\"bootstrap_dns_server\":\"$bootstrap_dns_server\",\"bootstrap_dns_status\":$bootstrap_dns_status,\"dhcp_config_status\":$dhcp_config_status}" | jq .
} }
check_dhcp_has_podkop_dns() { check_dhcp_has_podkop_dns() {
local server_list local server_list cachesize noresolv server_found
config_get server_list "$1" "server" config_get server_list "$1" "server"
config_get cachesize "$1" "cachesize"
config_get noresolv "$1" "noresolv"
server_found=0
if [ -n "$server_list" ]; then if [ -n "$server_list" ]; then
for server in $server_list; do for server in $server_list; do
if [ "$server" = "127.0.0.42" ]; then if [ "$server" = "127.0.0.42" ]; then
dhcp_has_dns_server=1 server_found=1
return 0 break
fi fi
done done
fi fi
if [ "$cachesize" != "0" ] || [ "$noresolv" != "1" ] || [ "$server_found" != "1" ]; then
dhcp_config_status=0
fi
} }
check_nft_rules() { check_nft_rules() {
@@ -2187,50 +2195,229 @@ global_check() {
print_global "📡 Global check run!" print_global "📡 Global check run!"
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "🛠️ System info" print_global "🛠️ System info"
print_global "🕳️ Podkop: ${PODKOP_VERSION}"
print_global "🕳️ LuCI App: ${PODKOP_LUCI_VERSION}" local system_info_json
print_global "📦 Sing-box: $(sing-box version | head -n 1 | awk '{print $3}')" system_info_json=$(get_system_info)
print_global "🛜 OpenWrt: $(grep OPENWRT_RELEASE /etc/os-release | cut -d'"' -f2)"
print_global "🛜 Device: $(cat /tmp/sysinfo/model)" if [ -n "$system_info_json" ]; then
local podkop_version podkop_latest_version luci_app_version sing_box_version openwrt_version device_model
podkop_version=$(echo "$system_info_json" | jq -r '.podkop_version // "unknown"')
podkop_latest_version=$(echo "$system_info_json" | jq -r '.podkop_latest_version // "unknown"')
luci_app_version=$(echo "$system_info_json" | jq -r '.luci_app_version // "unknown"')
sing_box_version=$(echo "$system_info_json" | jq -r '.sing_box_version // "unknown"')
openwrt_version=$(echo "$system_info_json" | jq -r '.openwrt_version // "unknown"')
device_model=$(echo "$system_info_json" | jq -r '.device_model // "unknown"')
print_global "🕳️ Podkop: $podkop_version (latest: $podkop_latest_version)"
print_global "🕳️ LuCI App: $luci_app_version"
print_global "📦 Sing-box: $sing_box_version"
print_global "🛜 OpenWrt: $openwrt_version"
print_global "🛜 Device: $device_model"
else
print_global "❌ Failed to get system info"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "➡️ DNS status"
local dns_check_json
dns_check_json=$(check_dns_available)
if [ -n "$dns_check_json" ]; then
local dns_type dns_server dns_status dns_on_router bootstrap_dns_server bootstrap_dns_status dhcp_config_status
dns_type=$(echo "$dns_check_json" | jq -r '.dns_type // "unknown"')
dns_server=$(echo "$dns_check_json" | jq -r '.dns_server // "unknown"')
dns_status=$(echo "$dns_check_json" | jq -r '.dns_status // 0')
dns_on_router=$(echo "$dns_check_json" | jq -r '.dns_on_router // 0')
bootstrap_dns_server=$(echo "$dns_check_json" | jq -r '.bootstrap_dns_server // ""')
bootstrap_dns_status=$(echo "$dns_check_json" | jq -r '.bootstrap_dns_status // 0')
dhcp_config_status=$(echo "$dns_check_json" | jq -r '.dhcp_config_status // 0')
# Bootstrap DNS
if [ -n "$bootstrap_dns_server" ]; then
if [ "$bootstrap_dns_status" -eq 1 ]; then
print_global "✅ Bootstrap DNS: $bootstrap_dns_server"
else
print_global "❌ Bootstrap DNS: $bootstrap_dns_server"
fi
fi
# DNS server status
if [ "$dns_status" -eq 1 ]; then
print_global "✅ Main DNS: $dns_server [$dns_type]"
else
print_global "❌ Main DNS: $dns_server [$dns_type]"
fi
# DNS on router
if [ "$dns_on_router" -eq 1 ]; then
print_global "✅ DNS on router"
else
print_global "❌ DNS on router"
fi
# DHCP configuration check
local dont_touch_dhcp
config_get dont_touch_dhcp "main" "dont_touch_dhcp"
if [ "$dont_touch_dhcp" = "1" ]; then
print_global "⚠️ dont_touch_dhcp is enabled. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
elif [ "$dhcp_config_status" -eq 0 ]; then
print_global "❌ DHCP configuration differs from template. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
else
print_global "✅ /etc/config/dhcp"
fi
else
print_global "❌ Failed to get DNS info"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "📦 Sing-box status"
local singbox_check_json
singbox_check_json=$(check_sing_box)
if [ -n "$singbox_check_json" ]; then
local sing_box_installed sing_box_version_ok sing_box_service_exist sing_box_autostart_disabled sing_box_process_running sing_box_ports_listening
sing_box_installed=$(echo "$singbox_check_json" | jq -r '.sing_box_installed // 0')
sing_box_version_ok=$(echo "$singbox_check_json" | jq -r '.sing_box_version_ok // 0')
sing_box_service_exist=$(echo "$singbox_check_json" | jq -r '.sing_box_service_exist // 0')
sing_box_autostart_disabled=$(echo "$singbox_check_json" | jq -r '.sing_box_autostart_disabled // 0')
sing_box_process_running=$(echo "$singbox_check_json" | jq -r '.sing_box_process_running // 0')
sing_box_ports_listening=$(echo "$singbox_check_json" | jq -r '.sing_box_ports_listening // 0')
if [ "$sing_box_installed" -eq 1 ]; then
print_global "✅ Sing-box installed"
else
print_global "❌ Sing-box installed"
fi
if [ "$sing_box_version_ok" -eq 1 ]; then
print_global "✅ Sing-box version >= 1.12.4"
else
print_global "❌ Sing-box version >= 1.12.4"
fi
if [ "$sing_box_service_exist" -eq 1 ]; then
print_global "✅ Sing-box service exist"
else
print_global "❌ Sing-box service exist"
fi
if [ "$sing_box_autostart_disabled" -eq 1 ]; then
print_global "✅ Sing-box autostart disabled"
else
print_global "❌ Sing-box autostart disabled"
fi
if [ "$sing_box_process_running" -eq 1 ]; then
print_global "✅ Sing-box process running"
else
print_global "❌ Sing-box process running"
fi
if [ "$sing_box_ports_listening" -eq 1 ]; then
print_global "✅ Sing-box listening ports"
else
print_global "❌ Sing-box listening ports"
fi
else
print_global "❌ Failed to get sing-box info"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "🧱 NFT rules status"
local nft_check_json
nft_check_json=$(check_nft_rules)
if [ -n "$nft_check_json" ]; then
local table_exist rules_mangle_exist rules_mangle_counters rules_mangle_output_exist rules_mangle_output_counters rules_proxy_exist rules_proxy_counters rules_other_mark_exist
table_exist=$(echo "$nft_check_json" | jq -r '.table_exist // 0')
rules_mangle_exist=$(echo "$nft_check_json" | jq -r '.rules_mangle_exist // 0')
rules_mangle_counters=$(echo "$nft_check_json" | jq -r '.rules_mangle_counters // 0')
rules_mangle_output_exist=$(echo "$nft_check_json" | jq -r '.rules_mangle_output_exist // 0')
rules_mangle_output_counters=$(echo "$nft_check_json" | jq -r '.rules_mangle_output_counters // 0')
rules_proxy_exist=$(echo "$nft_check_json" | jq -r '.rules_proxy_exist // 0')
rules_proxy_counters=$(echo "$nft_check_json" | jq -r '.rules_proxy_counters // 0')
rules_other_mark_exist=$(echo "$nft_check_json" | jq -r '.rules_other_mark_exist // 0')
if [ "$table_exist" -eq 1 ]; then
print_global "✅ Table exist"
else
print_global "❌ Table exist"
fi
if [ "$rules_mangle_exist" -eq 1 ]; then
print_global "✅ Rules mangle exist"
else
print_global "❌ Rules mangle exist"
fi
if [ "$rules_mangle_counters" -eq 1 ]; then
print_global "✅ Rules mangle counters"
else
print_global "⚠️ Rules mangle counters"
fi
if [ "$rules_mangle_output_exist" -eq 1 ]; then
print_global "✅ Rules mangle output exist"
else
print_global "❌ Rules mangle output exist"
fi
if [ "$rules_mangle_output_counters" -eq 1 ]; then
print_global "✅ Rules mangle output counters"
else
print_global "⚠️ Rules mangle output counters"
fi
if [ "$rules_proxy_exist" -eq 1 ]; then
print_global "✅ Rules proxy exist"
else
print_global "❌ Rules proxy exist"
fi
if [ "$rules_proxy_counters" -eq 1 ]; then
print_global "✅ Rules proxy counters"
else
print_global "⚠️ Rules proxy counters"
fi
if [ "$rules_other_mark_exist" -eq 1 ]; then
print_global "⚠️ Additional marking rules found:"
nft list ruleset | awk '/table inet '"$NFT_TABLE_NAME"'/{flag=1; next} /^table/{flag=0} !flag' | grep -E "mark set|meta mark"
else
print_global "✅ Additional marking rules found"
fi
else
print_global "❌ Failed to get NFT rules info"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "📄 Podkop config" print_global "📄 Podkop config"
show_config show_config
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" # print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "🔧 System check" # print_global "🔧 System check"
if grep -E "^nameserver\s+([0-9]{1,3}\.){3}[0-9]{1,3}" "$RESOLV_CONF" | grep -vqE "127\.0\.0\.1|0\.0\.0\.0"; then # if grep -E "^nameserver\s+([0-9]{1,3}\.){3}[0-9]{1,3}" "$RESOLV_CONF" | grep -vqE "127\.0\.0\.1|0\.0\.0\.0"; then
print_global "❌ /etc/resolv.conf contains external nameserver:" # print_global "❌ /etc/resolv.conf contains external nameserver:"
cat /etc/resolv.conf # cat /etc/resolv.conf
echo "" # echo ""
else # else
print_global "✅ /etc/resolv.conf" # print_global "✅ /etc/resolv.conf"
fi # fi
cachesize="$(uci get dhcp.@dnsmasq[0].cachesize 2> /dev/null)" # print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
noresolv="$(uci get dhcp.@dnsmasq[0].noresolv 2> /dev/null)" # print_global "🧱 NFT table"
server="$(uci get dhcp.@dnsmasq[0].server 2> /dev/null)" # check_nft
if [ "$cachesize" != "0" ] || [ "$noresolv" != "1" ] || [ "$server" != "127.0.0.42" ]; then
print_global "❌ DHCP configuration differs from template. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
elif [ "$(uci get podkop.main.dont_touch_dhcp 2> /dev/null)" = "1" ]; then
print_global "⚠️ dont_touch_dhcp is enabled. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
else
print_global "✅ /etc/config/dhcp"
fi
if ! pgrep -f "sing-box" > /dev/null; then
print_global "❌ sing-box is not running"
else
print_global "✅ sing-box is running"
fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "🧱 NFT table"
check_nft
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "📄 WAN config" print_global "📄 WAN config"
@@ -2273,11 +2460,13 @@ global_check() {
fi fi
if uci show network | grep -q route_allowed_ips; then if uci show network | grep -q route_allowed_ips; then
uci show network | grep route_allowed_ips | cut -d"'" -f2 | while read -r value; do uci show network | grep "wireguard_.*\.route_allowed_ips='1'" | cut -d'.' -f1-2 | while read -r peer_section; do
if [ "$value" = "1" ]; then local allowed_ips
allowed_ips=$(uci get "${peer_section}.allowed_ips" 2>/dev/null)
if [ "$allowed_ips" = "0.0.0.0/0" ]; then
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "⚠️ WG Route allowed IP enabled" print_global "⚠️ WG Route allowed IP enabled with 0.0.0.0/0"
continue
fi fi
done done
fi fi
@@ -2288,33 +2477,32 @@ global_check() {
fi fi
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "➡️ DNS status" print_global "🥸 FakeIP status"
dns_info=$(check_dns_available)
dns_type=$(echo "$dns_info" | jq -r '.dns_type')
dns_server=$(echo "$dns_info" | jq -r '.dns_server')
status=$(echo "$dns_info" | jq -r '.status')
print_global "$dns_type ($dns_server) is $status"
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━" local fakeip_check_json
print_global "🔁 FakeIP" fakeip_check_json=$(check_fakeip)
print_global "➡️ DNS resolution: system DNS server" if [ -n "$fakeip_check_json" ]; then
nslookup -timeout=2 $FAKEIP_TEST_DOMAIN local fakeip_status
print_global "➡️ DNS resolution: sing-box DNS server (127.0.0.42)" fakeip_status=$(echo "$fakeip_check_json" | jq -r '.fakeip // false')
local result
result=$(nslookup -timeout=2 $FAKEIP_TEST_DOMAIN 127.0.0.42 2>&1)
echo "$result"
if echo "$result" | grep -q "198.18"; then if [ "$fakeip_status" = "true" ]; then
print_global "✅ FakeIP is working correctly on router (198.18.x.x)" print_global "✅ Router DNS is routed through sing-box"
else else
print_global "❌ FakeIP test failed: Domain did not resolve to FakeIP range" print_global "⚠️ Router DNS is NOT routed through sing-box"
if ! pgrep -f "sing-box" > /dev/null; then
print_global " ❌ sing-box is not running"
else
print_global " 🤔 sing-box is running"
fi fi
else
print_global "❌ Failed to get FakeIP info"
fi
local fakeip_address
fakeip_address=$(dig +short @127.0.0.42 $FAKEIP_TEST_DOMAIN)
if echo "$fakeip_address" | grep -q "^198\.18\."; then
print_global "✅ Sing-box works with FakeIP: $fakeip_address"
else
print_global "❌ Sing-box does NOT work with FakeIP: $fakeip_address"
fi fi
} }
@@ -2327,8 +2515,6 @@ Available commands:
stop Stop podkop service stop Stop podkop service
reload Reload podkop configuration reload Reload podkop configuration
restart Restart podkop service restart Restart podkop service
enable Enable podkop autostart
disable Disable podkop autostart
main Run main podkop process main Run main podkop process
list_update Update domain lists list_update Update domain lists
check_proxy Check proxy connectivity check_proxy Check proxy connectivity