Nft move br-lan to mark, renamed secondary, fixed po template

2025-12-09 13:06:52 +03:00 · 2024-11-13 00:44:26 +03:00
parent a5d6b202a9
commit d232023140
6 changed files with 59 additions and 58 deletions
--- a/README.md
+++ b/README.md
@@ -99,11 +99,11 @@ opkg update && opkg install sing-box
 - [x] Скрипт установки: проверка установлен ли уже podkop. Если да, то просто предлагать обновится без установки тунелей и прокси.

 Приоритет 1
- [ ] Изменить название "Alternative Config"
- [ ] "domain_service_enabled" Добавить _second
+- [x] Изменить название "Alternative Config"
+- [x] "domain_service_enabled" Добавить _second
 - [ ] Установка Ru пакета в install.sh
- [ ] Правка nft mark, tproxy
- [ ] Правка перевода
+- [x] Правка nft mark, tproxy
+- [x] Правка перевода минимальная

 Приоритет 2
 - [ ] Списки доменов и подсетей с роутера
@@ -117,7 +117,7 @@ Wiki
 - [x] Изначальное наполнение

 Низкий приоритет
- [ ] Переменная, раз во сколько часов обновлять списки
+- [x] Переменная, раз во сколько часов обновлять списки
 - [ ] Галочка, которая режет доступ к doh серверам
 - [ ] Свой конфиг sing-box

--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
@@ -53,7 +53,7 @@ return view.extend({
        o.rmempty = false;
        o.ucisection = 'main';

-        o = s.taboption('basic', form.ListValue, 'domain_list', _('Domain List'), _('Select a list <a href="https://github.com/itdoginfo/allow-domains" target="_blank">github.com/itdoginfo/allow-domains</a>'));
+        o = s.taboption('basic', form.ListValue, 'domain_list', _('Domain List'), _('Select a list') + ' <a href="https://github.com/itdoginfo/allow-domains" target="_blank">github.com/itdoginfo/allow-domains</a>');
        o.placeholder = 'placeholder';
        o.value('ru_inside', 'Russia inside');
        o.value('ru_outside', 'Russia outside');
@@ -302,24 +302,24 @@ return view.extend({

        // Secondary Settings Tab

-        o = s.tab('alternative_config', _('Alternative Config'));
+        o = s.tab('secondary_config', _('Secondary Config'));

-        o = s.taboption('alternative_config', form.Flag, 'second_enable', _('Alternative VPN/Proxy Enable'), _('Enable alternative VPN/Proxy configuration'));
+        o = s.taboption('secondary_config', form.Flag, 'second_enable', _('Secondary VPN/Proxy Enable'), _('Enable secondary VPN/Proxy configuration'));
        o.default = '0';
        o.rmempty = false;
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.ListValue, 'second_mode', _('Connection Type'), _('Select between VPN and Proxy connection methods for traffic routing'));
+        o = s.taboption('secondary_config', form.ListValue, 'second_mode', _('Connection Type'), _('Select between VPN and Proxy connection methods for traffic routing'));
        o.value('vpn', ('VPN'));
        o.value('proxy', ('Proxy'));
        o.depends('second_enable', '1');
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.TextValue, 'second_proxy_string', _('Proxy Configuration URL'), _('Enter connection string starting with vless:// or ss:// for proxy configuration'));
+        o = s.taboption('secondary_config', form.TextValue, 'second_proxy_string', _('Proxy Configuration URL'), _('Enter connection string starting with vless:// or ss:// for proxy configuration'));
        o.depends('second_mode', 'proxy');
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.ListValue, 'second_interface', _('Network Interface'), _('Select network interface for VPN connection'));
+        o = s.taboption('secondary_config', form.ListValue, 'second_interface', _('Network Interface'), _('Select network interface for VPN connection'));
        o.depends('second_mode', 'vpn');
        o.ucisection = 'second';

@@ -341,26 +341,26 @@ return view.extend({
            console.error('Error fetching devices:', error);
        }

-        o = s.taboption('alternative_config', form.Flag, 'domain_service_enabled', _('Service Domain List Enable'), _('Enable predefined service domain lists for routing'));
+        o = s.taboption('secondary_config', form.Flag, 'second_domain_service_enabled', _('Service Domain List Enable'), _('Enable predefined service domain lists for routing'));
        o.default = '0';
        o.rmempty = false;
        o.depends('second_enable', '1');
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.ListValue, 'service_list', _('Service List'), _('Select predefined services for routing'));
+        o = s.taboption('secondary_config', form.ListValue, 'second_service_list', _('Service List'), _('Select predefined services for routing'));
        o.placeholder = 'placeholder';
        o.value('youtube', 'Youtube');
-        o.depends('domain_service_enabled', '1');
+        o.depends('second_domain_service_enabled', '1');
        o.rmempty = false;
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.Flag, 'second_custom_domains_list_enabled', _('User Domain List'), _('Enable and manage your custom list of domains for selective routing'));
+        o = s.taboption('secondary_config', form.Flag, 'second_custom_domains_list_enabled', _('User Domain List'), _('Enable and manage your custom list of domains for selective routing'));
        o.default = '0';
        o.rmempty = false;
        o.depends('second_enable', '1');
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.DynamicList, 'second_custom_domains', _('User Domains'), _('Enter domain names without protocols (example: sub.example.com or example.com)'));
+        o = s.taboption('secondary_config', form.DynamicList, 'second_custom_domains', _('User Domains'), _('Enter domain names without protocols (example: sub.example.com or example.com)'));
        o.placeholder = 'Domains list';
        o.depends('second_custom_domains_list_enabled', '1');
        o.rmempty = false;
@@ -378,13 +378,13 @@ return view.extend({
            return true;
        };

-        o = s.taboption('alternative_config', form.Flag, 'second_custom_subnets_list_enabled', _('User Subnet List'), _('Enable and manage your custom list of IP subnets for selective routing'));
+        o = s.taboption('secondary_config', form.Flag, 'second_custom_subnets_list_enabled', _('User Subnet List'), _('Enable and manage your custom list of IP subnets for selective routing'));
        o.default = '0';
        o.rmempty = false;
        o.depends('second_enable', '1');
        o.ucisection = 'second';

-        o = s.taboption('alternative_config', form.DynamicList, 'second_custom_subnets', _('User Subnets'), _('Enter subnet in CIDR notation (example: 103.21.244.0/22)'));
+        o = s.taboption('secondary_config', form.DynamicList, 'second_custom_subnets', _('User Subnets'), _('Enter subnet in CIDR notation (example: 103.21.244.0/22)'));
        o.placeholder = 'Subnets list';
        o.depends('second_custom_subnets_list_enabled', '1');
        o.rmempty = false;
--- a/luci-app-podkop/po/ru/podkop.po
+++ b/luci-app-podkop/po/ru/podkop.po
@@ -10,13 +10,13 @@ msgstr "Основные настройки"
 msgid "Additional Settings"
 msgstr "Дополнительные настройки"

-msgid "Alternative Config"
+msgid "Secondary Config"
 msgstr "Альтернативная конфигурация"

-msgid "Alternative VPN/Proxy Enable"
+msgid "Secondary VPN/Proxy Enable"
 msgstr "Включить альтернативный VPN/Proxy"

-msgid "Enable alternative VPN/Proxy configuration"
+msgid "Enable secondary VPN/Proxy configuration"
 msgstr "Включить конфигурацию альтернативного VPN/Proxy"

 msgid "Connection Type"
@@ -37,16 +37,16 @@ msgstr "Сетевой интерфейс"
 msgid "Select network interface for VPN connection"
 msgstr "Выберите сетевой интерфейс для VPN подключения"

-msgid "Predefined Domain Lists"
+msgid "Community Domain Lists"
 msgstr "Предустановленные списки доменов"

 msgid "Domain List"
 msgstr "Список доменов"

-msgid "Select a predefined domain list"
-msgstr "Выберите предустановленный список доменов"
+msgid "Select a list"
+msgstr "Выберите список доменов"

-msgid "Predefined Service Networks"
+msgid "Community Subnet Lists"
 msgstr "Предустановленные сети сервисов"

 msgid "Enable routing for popular services like Twitter, Meta, and Discord"
@@ -91,8 +91,8 @@ msgstr "Включить и управлять пользовательским
 msgid "User Subnets"
 msgstr "Пользовательские подсети"

-msgid "Enter subnet in CIDR notation (example: 192.168.1.0/24)"
-msgstr "Введите подсеть в нотации CIDR (пример: 192.168.1.0/24)"
+msgid "Enter subnet in CIDR notation (example: 103.21.244.0/22)"
+msgstr "Введите подсеть в нотации CIDR (пример: 103.21.244.0/22)"

 msgid "Remote Subnet Lists"
 msgstr "Удаленные списки подсетей"
@@ -115,7 +115,7 @@ msgstr "Исключенные домены"
 msgid "Domains to be excluded from routing"
 msgstr "Домены, которые будут исключены из маршрутизации"

-msgid "Force Proxy IPs"
+msgid "IP for full redirection"
 msgstr "Принудительные прокси IP"

 msgid "Specify local IP addresses whose traffic will always use the configured route"
@@ -127,7 +127,7 @@ msgstr "Локальные IP"
 msgid "Enter valid IPv4 addresses"
 msgstr "Введите действительные IPv4 адреса"

-msgid "Bypass Proxy IPs"
+msgid "IP for exclusion"
 msgstr "Исключения прокси IP"

 msgid "Specify local IP addresses that will never use the configured route"
--- a/luci-app-podkop/po/templates/podkop.pot
+++ b/luci-app-podkop/po/templates/podkop.pot
@@ -10,13 +10,13 @@ msgstr ""
 msgid "Additional Settings"
 msgstr ""

-msgid "Alternative Config"
+msgid "Secondary Config"
 msgstr ""

-msgid "Alternative VPN/Proxy Enable"
+msgid "Secondary VPN/Proxy Enable"
 msgstr ""

-msgid "Enable alternative VPN/Proxy configuration"
+msgid "Enable secondary VPN/Proxy configuration"
 msgstr ""

 msgid "Connection Type"
@@ -37,16 +37,16 @@ msgstr ""
 msgid "Select network interface for VPN connection"
 msgstr ""

-msgid "Predefined Domain Lists"
+msgid "Community Domain Lists"
 msgstr ""

 msgid "Domain List"
 msgstr ""

-msgid "Select a predefined domain list"
+msgid "Select a list"
 msgstr ""

-msgid "Predefined Service Networks"
+msgid "Community Subnet Lists"
 msgstr ""

 msgid "Enable routing for popular services like Twitter, Meta, and Discord"
@@ -91,7 +91,7 @@ msgstr ""
 msgid "User Subnets"
 msgstr ""

-msgid "Enter subnet in CIDR notation (example: 192.168.1.0/24)"
+msgid "Enter subnet in CIDR notation (example: 103.21.244.0/22)"
 msgstr ""

 msgid "Remote Subnet Lists"
@@ -115,7 +115,7 @@ msgstr ""
 msgid "Domains to be excluded from routing"
 msgstr ""

-msgid "Force Proxy IPs"
+msgid "IP for full redirection"
 msgstr ""

 msgid "Specify local IP addresses whose traffic will always use the configured route"
@@ -127,7 +127,7 @@ msgstr ""
 msgid "Enter valid IPv4 addresses"
 msgstr ""

-msgid "Bypass Proxy IPs"
+msgid "IP for exclusion"
 msgstr ""

 msgid "Specify local IP addresses that will never use the configured route"
@@ -208,7 +208,7 @@ msgstr ""
 msgid "Invalid URL format. URL must start with http:// or https://"
 msgstr ""

-msgid "Invalid subnet format. Use format: X.X.X.X/Y (like 192.168.1.0/24)"
+msgid "Invalid subnet format. Use format: X.X.X.X/Y (like 103.21.244.0/22)"
 msgstr ""

 msgid "IP address parts must be between 0 and 255"
--- a/podkop/files/etc/config/podkop
+++ b/podkop/files/etc/config/podkop
@@ -23,14 +23,15 @@ config main 'main'
 	option yacd '0'
 	option socks5 '0'
 	option exclude_ntp '0'
+	option update_interval ''

 config second 'second'
 	option second_enable '0'
 	option second_mode 'proxy'
 	option second_interface ''
 	option second_proxy_string ''
-	option domain_service_enabled '0'
-	#list service_list 'youtube'
+	option second_domain_service_enabled '0'
+	#list second_service_list 'youtube'
 	option second_custom_domains_list_enabled '0'
 	#list second_custom_domains 'ifconfig.io'
 	option second_custom_subnets_list_enabled '0'
--- a/podkop/files/etc/init.d/podkop
+++ b/podkop/files/etc/init.d/podkop
@@ -320,17 +320,17 @@ list_update() {
        dnsmasq_config_check podkop2-custom-domains.lst
    fi

-    config_get_bool domain_service_enabled "second" "domain_service_enabled" "0"
-    if [ "$domain_service_enabled" -eq 1 ]; then
+    config_get_bool second_domain_service_enabled "second" "second_domain_service_enabled" "0"
+    if [ "$second_domain_service_enabled" -eq 1 ]; then
        log "Adding a service for podkop2"
        add_set "podkop2_domains" "second"
-        config_get service_list second "service_list"
-        lists_services_download "$service_list"
+        config_get second_service_list second "second_service_list"
+        lists_services_download "$second_service_list"
        config_list_foreach second second_custom_domains "list_delist_domains"
        dnsmasq_config_check podkop2-domains.lst
    fi

-    if [ "$second_custom_domains_list_enabled" -eq 1 ] || [ "$domain_service_enabled" -eq 1 ]; then
+    if [ "$second_custom_domains_list_enabled" -eq 1 ] || [ "$second_domain_service_enabled" -eq 1 ]; then
        /etc/init.d/dnsmasq restart
    fi

@@ -399,9 +399,9 @@ add_set() {
    "vpn")
        if ! nft list chain inet PodkopTable mangle | grep -q "ip daddr @"$set_name" meta mark set"; then
            if [ "$connect" = "main" ]; then
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta mark set 0x105 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta mark set 0x105 counter
            elif [ "$connect" = "second" ]; then
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta mark set 0x106 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta mark set 0x106 counter
            fi
        fi
        ;;
@@ -413,18 +413,18 @@ add_set() {
        else
            log "Added nft rule tproxy"
            if [ "$connect" = "main" ]; then
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta l4proto tcp meta mark set 0x105 counter
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta l4proto udp meta mark set 0x105 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta l4proto tcp meta mark set 0x105 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta l4proto udp meta mark set 0x105 counter
                if ! ( nft list table inet PodkopTable | grep -q "meta mark 0x00000105 meta l4proto tcp tproxy" ); then
-                    nft add rule inet PodkopTable proxy iifname "br-lan" meta mark 0x105 meta l4proto tcp tproxy ip to :1602 counter
-                    nft add rule inet PodkopTable proxy iifname "br-lan" meta mark 0x105 meta l4proto udp tproxy ip to :1602 counter
+                    nft add rule inet PodkopTable proxy meta mark 0x105 meta l4proto tcp tproxy ip to :1602 counter
+                    nft add rule inet PodkopTable proxy meta mark 0x105 meta l4proto udp tproxy ip to :1602 counter
                fi
            elif [ "$connect" = "second" ]; then
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta l4proto tcp meta mark set 0x106 counter
-                nft add rule inet PodkopTable mangle ip daddr @"$set_name" meta l4proto udp meta mark set 0x106 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta l4proto tcp meta mark set 0x106 counter
+                nft add rule inet PodkopTable mangle iifname "br-lan" ip daddr @"$set_name" meta l4proto udp meta mark set 0x106 counter
                if ! ( nft list table inet PodkopTable | grep -q "meta mark 0x00000106 meta l4proto tcp tproxy" ); then
-                    nft add rule inet PodkopTable proxy iifname "br-lan" meta mark 0x106 meta l4proto tcp tproxy ip to :1603 counter
-                    nft add rule inet PodkopTable proxy iifname "br-lan" meta mark 0x106 meta l4proto udp tproxy ip to :1603 counter
+                    nft add rule inet PodkopTable proxy meta mark 0x106 meta l4proto tcp tproxy ip to :1603 counter
+                    nft add rule inet PodkopTable proxy meta mark 0x106 meta l4proto udp tproxy ip to :1603 counter
                fi
            fi
        fi
@@ -662,7 +662,7 @@ list_all_traffic_from_ip() {
    if ! nft list chain inet PodkopTable mangle | grep -q "ip saddr $ip"; then
        config_get mode "main" "mode" "0"
        if [ "$mode" = "vpn" ]; then
-            nft insert rule inet PodkopTable mangle ip saddr $ip meta mark set 0x105 counter
+            nft insert rule inet PodkopTable mangle iifname "br-lan" ip saddr $ip meta mark set 0x105 counter
        elif [ "$mode" = "proxy" ]; then
            nft add set inet PodkopTable localv4 { type ipv4_addr\; flags interval\; }
            nft add element inet PodkopTable localv4 { \
@@ -680,7 +680,7 @@ list_all_traffic_from_ip() {
                203.0.113.0/24, \
                224.0.0.0/4, \
                240.0.0.0-255.255.255.255 }
-            nft insert rule inet PodkopTable mangle ip saddr $ip meta l4proto { tcp, udp } meta mark set 0x105 counter
+            nft insert rule inet PodkopTable mangle iifname "br-lan" ip saddr $ip meta l4proto { tcp, udp } meta mark set 0x105 counter
            nft insert rule inet PodkopTable mangle ip saddr $ip ip daddr @localv4 return
        fi
    fi