Merge pull request #271 from itdoginfo/fix/fully_routed_ips_priority

fix: lower priority of fully_routed_ips relative to routing_excluded_ips

fe-app-podkop/locales/calls.json

@@ -529,14 +529,14 @@
     "call": "Exclude NTP",
     "key": "Exclude NTP",
     "places": [
-      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384"
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:402"
     ]
   },
   {
     "call": "Exclude NTP protocol traffic from the tunnel to prevent it from being routed through the proxy or VPN",
     "key": "Exclude NTP protocol traffic from the tunnel to prevent it from being routed through the proxy or VPN",
     "places": [
-      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385"
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:403"
     ]
   },
   {
@@ -711,14 +711,14 @@
     "call": "Invalid HY2 URL: parsing failed",
     "key": "Invalid HY2 URL: parsing failed",
     "places": [
-      "src/validators/validateHysteriaUrl.ts:113"
+      "src/validators/validateHysteriaUrl.ts:115"
     ]
   },
   {
     "call": "Invalid HY2 URL: sni cannot be empty",
     "key": "Invalid HY2 URL: sni cannot be empty",
     "places": [
-      "src/validators/validateHysteriaUrl.ts:106"
+      "src/validators/validateHysteriaUrl.ts:108"
     ]
   },
   {
@@ -960,6 +960,13 @@
       "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/section.js:545"
     ]
   },
+  {
+    "call": "Log Level",
+    "key": "Log Level",
+    "places": [
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384"
+    ]
+  },
   {
     "call": "Main DNS",
     "key": "Main DNS",
@@ -1198,7 +1205,7 @@
     "call": "Routing Excluded IPs",
     "key": "Routing Excluded IPs",
     "places": [
-      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:395"
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:413"
     ]
   },
   {
@@ -1356,6 +1363,13 @@
       "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/section.js:444"
     ]
   },
+  {
+    "call": "Select the log level for sing-box",
+    "key": "Select the log level for sing-box",
+    "places": [
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385"
+    ]
+  },
   {
     "call": "Select the network interface from which the traffic will originate",
     "key": "Select the network interface from which the traffic will originate",
@@ -1459,7 +1473,7 @@
     "call": "Specify a local IP address to be excluded from routing",
     "key": "Specify a local IP address to be excluded from routing",
     "places": [
-      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:396"
+      "../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:414"
     ]
   },
   {
@@ -1760,7 +1774,7 @@
       "src/validators/validateDns.ts:18",
       "src/validators/validateDomain.ts:13",
       "src/validators/validateDomain.ts:30",
-      "src/validators/validateHysteriaUrl.ts:111",
+      "src/validators/validateHysteriaUrl.ts:113",
       "src/validators/validateIp.ts:8",
       "src/validators/validateOutboundJson.ts:7",
       "src/validators/validatePath.ts:16",

fe-app-podkop/locales/podkop.pot

@@ -7,8 +7,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PODKOP\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-12-01 14:30+0200\n"
-"PO-Revision-Date: 2025-12-01 14:30+0200\n"
+"POT-Creation-Date: 2025-12-13 16:15+0200\n"
+"PO-Revision-Date: 2025-12-13 16:15+0200\n"
 "Last-Translator: divocat <divocatt@gmail.com>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -323,11 +323,11 @@ msgstr ""
 msgid "Every 5 minutes"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:402
 msgid "Exclude NTP"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:403
 msgid "Exclude NTP protocol traffic from the tunnel to prevent it from being routed through the proxy or VPN"
 msgstr ""
 
@@ -430,11 +430,11 @@ msgstr ""
 msgid "Invalid HY2 URL: obfs-password required when obfs is set"
 msgstr ""
 
-#: src/validators/validateHysteriaUrl.ts:113
+#: src/validators/validateHysteriaUrl.ts:115
 msgid "Invalid HY2 URL: parsing failed"
 msgstr ""
 
-#: src/validators/validateHysteriaUrl.ts:106
+#: src/validators/validateHysteriaUrl.ts:108
 msgid "Invalid HY2 URL: sni cannot be empty"
 msgstr ""
 
@@ -575,6 +575,10 @@ msgstr ""
 msgid "Local Subnet Lists"
 msgstr ""
 
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384
+msgid "Log Level"
+msgstr ""
+
 #: src/podkop/tabs/diagnostic/checks/runDnsCheck.ts:72
 msgid "Main DNS"
 msgstr ""
@@ -713,7 +717,7 @@ msgstr ""
 msgid "Router DNS is routed through sing-box"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:395
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:413
 msgid "Routing Excluded IPs"
 msgstr ""
 
@@ -806,6 +810,10 @@ msgstr ""
 msgid "Select the list type for adding custom subnets"
 msgstr ""
 
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385
+msgid "Select the log level for sing-box"
+msgstr ""
+
 #: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:90
 msgid "Select the network interface from which the traffic will originate"
 msgstr ""
@@ -863,7 +871,7 @@ msgstr ""
 msgid "Source Network Interface"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:396
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:414
 msgid "Specify a local IP address to be excluded from routing"
 msgstr ""
 
@@ -1041,7 +1049,7 @@ msgstr ""
 #: src/validators/validateDns.ts:18
 #: src/validators/validateDomain.ts:13
 #: src/validators/validateDomain.ts:30
-#: src/validators/validateHysteriaUrl.ts:111
+#: src/validators/validateHysteriaUrl.ts:113
 #: src/validators/validateIp.ts:8
 #: src/validators/validateOutboundJson.ts:7
 #: src/validators/validatePath.ts:16

fe-app-podkop/locales/podkop.ru.po

@@ -7,8 +7,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PODKOP\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-12-01 16:30+0200\n"
-"PO-Revision-Date: 2025-12-01 16:30+0200\n"
+"POT-Creation-Date: 2025-12-13 18:15+0200\n"
+"PO-Revision-Date: 2025-12-13 18:15+0200\n"
 "Last-Translator: divocat\n"
 "Language-Team: none\n"
 "Language: ru\n"
@@ -419,6 +419,9 @@ msgstr "Локальные списки доменов"
 msgid "Local Subnet Lists"
 msgstr "Локальные списки подсетей"
 
+msgid "Log Level"
+msgstr "Уровень логов"
+
 msgid "Main DNS"
 msgstr "Основной DNS"
 
@@ -584,6 +587,9 @@ msgstr "Выберите тип списка для добавления пол
 msgid "Select the list type for adding custom subnets"
 msgstr "Выберите тип списка для добавления пользовательских подсетей"
 
+msgid "Select the log level for sing-box"
+msgstr "Выберите уровень логов для sing-box"
+
 msgid "Select the network interface from which the traffic will originate"
 msgstr "Выберите сетевой интерфейс, с которого будет исходить трафик"
 

install.sh

@@ -109,16 +109,16 @@ main() {
     pkg_list_update || { echo "Packages list update failed"; exit 1; }
 
     if [ -f "/etc/init.d/podkop" ]; then
-        msg "Podkop is already installed. Upgraded..."
+        msg "Podkop is already installed. Upgrading..."
     else
-        msg "Installed podkop..."
+        msg "Installing podkop..."
     fi
 
     if command -v curl >/dev/null 2>&1; then
         check_response=$(curl -s "https://api.github.com/repos/itdoginfo/podkop/releases/latest")
 
         if echo "$check_response" | grep -q 'API rate limit '; then
-            msg "You've reached rate limit from GitHub. Repeat in five minutes."
+            msg "You've reached the GitHub rate limit. Repeat in five minutes."
             exit 1
         fi
     fi
@@ -143,7 +143,7 @@ main() {
                     break
                 fi
             fi
-            msg "Download error $filename. Retry..."
+            msg "Download error for $filename. Retrying..."
             rm -f "$filepath"
             attempt=$((attempt+1))
         done
@@ -168,7 +168,7 @@ main() {
             fi
         done
         if [ -n "$file" ]; then
-            msg "Installing $file"
+            msg "Installing $file..."
             pkg_install "$DOWNLOAD_DIR/$file"
             sleep 3
         fi
@@ -183,11 +183,11 @@ main() {
     done
     if [ -n "$ru" ]; then
         if pkg_is_installed luci-i18n-podkop-ru; then
-                msg "Upgraded ru translation..."
+                msg "Upgrading Russian translation..."
                 pkg_remove luci-i18n-podkop*
                 pkg_install "$DOWNLOAD_DIR/$ru"
         else
-            msg "Русский язык интерфейса ставим? y/n (Need a Russian translation?)"
+            msg "Русский язык интерфейса ставим? y/n (Install the Russian interface language?)"
             while true; do
                 read -r -p '' RUS
                 case $RUS in
@@ -236,7 +236,7 @@ check_system() {
     fi
 
     if ! nslookup google.com >/dev/null 2>&1; then
-        msg "DNS not working"
+        msg "DNS is not working."
         exit 1
     fi
 
@@ -270,7 +270,7 @@ check_system() {
     fi
 
     if pkg_is_installed https-dns-proxy; then
-        msg "Сonflicting package detected: https-dns-proxy. Remove?"
+        msg "Conflicting package detected: https-dns-proxy. Remove?"
 
         while true; do
                 read -r -p '' DNSPROXY
@@ -300,7 +300,7 @@ sing_box() {
     required_version="1.12.4"
 
     if [ "$(printf '%s\n%s\n' "$sing_box_version" "$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
-        msg "sing-box version $sing_box_version is older than required $required_version"
+        msg "sing-box version $sing_box_version is older than the required version $required_version."
         msg "Removing old version..."
         service podkop stop
         pkg_remove sing-box

luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js

@@ -378,6 +378,24 @@ function createSettingsContent(section) {
     return true;
   };
 
+  o = section.option(
+    form.ListValue,
+    "log_level",
+    _("Log Level"),
+    _(
+      "Select the log level for sing-box",
+    ),
+  );
+  o.value("trace", "Trace");
+  o.value("debug", "Debug");
+  o.value("info", "Info");
+  o.value("warn", "Warn");
+  o.value("error", "Error");
+  o.value("fatal", "Fatal");
+  o.value("panic", "Panic");
+  o.default = "warn";
+  o.rmempty = false;
+
   o = section.option(
     form.Flag,
     "exclude_ntp",

luci-app-podkop/po/ru/podkop.po

@@ -7,8 +7,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PODKOP\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-12-01 16:30+0200\n"
-"PO-Revision-Date: 2025-12-01 16:30+0200\n"
+"POT-Creation-Date: 2025-12-13 18:15+0200\n"
+"PO-Revision-Date: 2025-12-13 18:15+0200\n"
 "Last-Translator: divocat\n"
 "Language-Team: none\n"
 "Language: ru\n"
@@ -419,6 +419,9 @@ msgstr "Локальные списки доменов"
 msgid "Local Subnet Lists"
 msgstr "Локальные списки подсетей"
 
+msgid "Log Level"
+msgstr "Уровень логов"
+
 msgid "Main DNS"
 msgstr "Основной DNS"
 
@@ -584,6 +587,9 @@ msgstr "Выберите тип списка для добавления пол
 msgid "Select the list type for adding custom subnets"
 msgstr "Выберите тип списка для добавления пользовательских подсетей"
 
+msgid "Select the log level for sing-box"
+msgstr "Выберите уровень логов для sing-box"
+
 msgid "Select the network interface from which the traffic will originate"
 msgstr "Выберите сетевой интерфейс, с которого будет исходить трафик"
 

luci-app-podkop/po/templates/podkop.pot

@@ -7,8 +7,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PODKOP\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-12-01 14:30+0200\n"
-"PO-Revision-Date: 2025-12-01 14:30+0200\n"
+"POT-Creation-Date: 2025-12-13 16:15+0200\n"
+"PO-Revision-Date: 2025-12-13 16:15+0200\n"
 "Last-Translator: divocat <divocatt@gmail.com>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -323,11 +323,11 @@ msgstr ""
 msgid "Every 5 minutes"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:402
 msgid "Exclude NTP"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:403
 msgid "Exclude NTP protocol traffic from the tunnel to prevent it from being routed through the proxy or VPN"
 msgstr ""
 
@@ -430,11 +430,11 @@ msgstr ""
 msgid "Invalid HY2 URL: obfs-password required when obfs is set"
 msgstr ""
 
-#: src/validators/validateHysteriaUrl.ts:113
+#: src/validators/validateHysteriaUrl.ts:115
 msgid "Invalid HY2 URL: parsing failed"
 msgstr ""
 
-#: src/validators/validateHysteriaUrl.ts:106
+#: src/validators/validateHysteriaUrl.ts:108
 msgid "Invalid HY2 URL: sni cannot be empty"
 msgstr ""
 
@@ -575,6 +575,10 @@ msgstr ""
 msgid "Local Subnet Lists"
 msgstr ""
 
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:384
+msgid "Log Level"
+msgstr ""
+
 #: src/podkop/tabs/diagnostic/checks/runDnsCheck.ts:72
 msgid "Main DNS"
 msgstr ""
@@ -713,7 +717,7 @@ msgstr ""
 msgid "Router DNS is routed through sing-box"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:395
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:413
 msgid "Routing Excluded IPs"
 msgstr ""
 
@@ -806,6 +810,10 @@ msgstr ""
 msgid "Select the list type for adding custom subnets"
 msgstr ""
 
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:385
+msgid "Select the log level for sing-box"
+msgstr ""
+
 #: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:90
 msgid "Select the network interface from which the traffic will originate"
 msgstr ""
@@ -863,7 +871,7 @@ msgstr ""
 msgid "Source Network Interface"
 msgstr ""
 
-#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:396
+#: ../luci-app-podkop/htdocs/luci-static/resources/view/podkop/settings.js:414
 msgid "Specify a local IP address to be excluded from routing"
 msgstr ""
 
@@ -1041,7 +1049,7 @@ msgstr ""
 #: src/validators/validateDns.ts:18
 #: src/validators/validateDomain.ts:13
 #: src/validators/validateDomain.ts:30
-#: src/validators/validateHysteriaUrl.ts:111
+#: src/validators/validateHysteriaUrl.ts:113
 #: src/validators/validateIp.ts:8
 #: src/validators/validateOutboundJson.ts:7
 #: src/validators/validatePath.ts:16

podkop/files/etc/config/podkop

@@ -16,6 +16,7 @@ config settings 'settings'
         option dont_touch_dhcp '0'
         option config_path '/etc/sing-box/config.json'
         option cache_path '/tmp/sing-box/cache.db'
+        option log_level 'warn'
         option exclude_ntp '0'
         option shutdown_correctly '0'
         #list routing_excluded_ips '192.168.1.3'

podkop/files/usr/bin/podkop

@@ -12,6 +12,7 @@ check_required_file() {
 PODKOP_LIB="/usr/lib/podkop"
 check_required_file /lib/functions.sh
 check_required_file /lib/config/uci.sh
+check_required_file /lib/functions/network.sh
 check_required_file "$PODKOP_LIB/constants.sh"
 check_required_file "$PODKOP_LIB/nft.sh"
 check_required_file "$PODKOP_LIB/helpers.sh"
@@ -19,8 +20,9 @@ check_required_file "$PODKOP_LIB/sing_box_config_manager.sh"
 check_required_file "$PODKOP_LIB/sing_box_config_facade.sh"
 check_required_file "$PODKOP_LIB/logging.sh"
 check_required_file "$PODKOP_LIB/rulesets.sh"
-. /lib/config/uci.sh
 . /lib/functions.sh
+. /lib/config/uci.sh
+. /lib/functions/network.sh
 . "$PODKOP_LIB/constants.sh"
 . "$PODKOP_LIB/nft.sh"
 . "$PODKOP_LIB/helpers.sh"
@@ -588,7 +590,9 @@ sing_box_init_config() {
 sing_box_configure_log() {
     log "Configure the log section of a sing-box JSON configuration"
 
-    config=$(sing_box_cm_configure_log "$config" false "$SB_DEFAULT_LOG_LEVEL" false)
+    local log_level
+    config_get log_level "settings" "log_level"
+    config=$(sing_box_cm_configure_log "$config" false "$log_level" false)
 }
 
 sing_box_configure_inbounds() {
@@ -783,8 +787,6 @@ sing_box_configure_route() {
     config=$(sing_box_cf_proxy_domain "$config" "$SB_TPROXY_INBOUND_TAG" "$CHECK_PROXY_IP_DOMAIN" "$first_outbound_tag")
     config=$(sing_box_cf_override_domain_port "$config" "$FAKEIP_TEST_DOMAIN" 8443)
 
-    config_foreach include_source_ips_in_routing_handler "section"
-
     configure_common_reject_route_rule
 
     local routing_excluded_ips
@@ -795,6 +797,8 @@ sing_box_configure_route() {
         config_list_foreach "settings" "routing_excluded_ips" exclude_source_ip_from_routing_handler "$rule_tag"
     fi
 
+    config_foreach include_source_ips_in_routing_handler "section"
+
     config_foreach configure_routing_for_section_lists "section"
 }
 
@@ -1505,12 +1509,16 @@ section_has_enabled_lists() {
 get_service_listen_address() {
     local service_listen_address
 
-    service_listen_address="$(uci_get "network" "lan" "ipaddr")"
-
-    if [ -z "$service_listen_address" ]; then
-        config_get service_listen_address "settings" "service_listen_address" # TODO(ampetelin): Remove after testing
+    config_get service_listen_address "settings" "service_listen_address"
+    if [ -n "$service_listen_address" ]; then
+        log "Attention! The service_listen_address option is being used, overriding the automatic detection of the listening IP address!" "warn"
+        echo "$service_listen_address"
+        return 0
     fi
 
+    local interface="lan"
+    network_get_ipaddr service_listen_address "$interface"
+
     if [ -z "$service_listen_address" ]; then
         log "Failed to determine the listening IP address. Please open an issue to report this problem: https://github.com/itdoginfo/podkop/issues" "error"
         return 1

podkop/files/usr/lib/constants.sh

@@ -22,8 +22,6 @@ NFT_INTERFACE_SET_NAME="interfaces"
 
 ## sing-box
 SB_REQUIRED_VERSION="1.12.0"
-# Log
-SB_DEFAULT_LOG_LEVEL="warn"
 # DNS
 SB_DNS_SERVER_TAG="dns-server"
 SB_FAKEIP_DNS_SERVER_TAG="fakeip-server"