v0.3.22

feat: add support for comments in proxy and domain/subnet configuration

README.md

@@ -2,7 +2,7 @@
 
 - Это альфа версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
 - Основной функционал работает, но побочные штуки сейчас могут сбоить.
-- При обновлении **обязатально** сбрасывайте кэш LuCI.
+- При обновлении **обязательно** сбрасывайте кэш LuCI.
 - Также при обновлении всегда заходите в конфигурацию и проверяйте свои настройки. Конфигурация может измениться.
 - Необходимо минимум 15МБ свободного места на роутере. Роутерами с флешками на 16МБ сразу мимо.
 - При старте программы редактируется конфиг Dnsmasq.
@@ -49,11 +49,6 @@ sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/mai
 opkg remove luci-i18n-podkop-ru luci-app-podkop podkop
 ```
 
-Если был установлен русский язык
-```
-opkg remove luci-i18n-podkop-ru
-```
-
 # Использование
 Конфиг: /etc/config/podkop
 
@@ -74,8 +69,6 @@ Luci: Services/podkop
 ## Настройка доменов и подсетей
 **Community Lists** - Включить списки комьюнити
 
-**Subnets list enable** - Включить подсети из общего списка, выбрать из предложенных.
-
 **Custom domains enable** - Добавить свои домены
 
 **Custom subnets enable** - Добавить подсети или IP-адреса. Для подсетей задать маску.
@@ -94,13 +87,11 @@ Luci: Services/podkop
 
 Низкий приоритет
 - [ ] Галочка, которая режет доступ к doh серверам
-- [ ] Свой конфиг sing-box
 - [ ] IPv6. Только после наполнения Wiki
 
 Рефактор
 - [ ] Handle для sing-box
 - [ ] Handle для dnsmasq
-- [ ] Формирование json для sing-box на уровне jq, а не шаблонов
 - [ ] Unit тесты (BATS)
 - [ ] Интеграционые тесты бекенда (OpenWrt rootfs + BATS)
 
@@ -152,7 +143,7 @@ make package/luci-app-podkop/{clean,compile} V=s
 
 .ipk лежат в `bin/packages/x86_64/base/`
 
-## Примеры строкs
+## Примеры строк
 https://github.com/itdoginfo/podkop/blob/main/String-example.md
 
 ## Ошибки

luci-app-podkop/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-podkop
-PKG_VERSION:=0.3.16
+PKG_VERSION:=0.3.22
 PKG_RELEASE:=1
 
 LUCI_TITLE:=LuCI podkop app

luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js

@@ -11,7 +11,7 @@ const STATUS_COLORS = {
     WARNING: '#ff9800'
 };
 
-async function safeExec(command, args = [], timeout = 3000) {
+async function safeExec(command, args = [], timeout = 7000) {
     try {
         const controller = new AbortController();
         const timeoutId = setTimeout(() => controller.abort(), timeout);
@@ -41,10 +41,14 @@ function formatDiagnosticOutput(output) {
         .replace(/\r/g, '\n');
 }
 
-function getNetworkInterfaces(o) {
+function getNetworkInterfaces(o, section_id) {
     const excludeInterfaces = ['br-lan', 'eth0', 'eth1', 'wan', 'phy0-ap0', 'phy1-ap0', 'pppoe-wan'];
 
     return network.getDevices().then(devices => {
+        // Reset the options by creating a new keylist
+        o.keylist = [];
+        o.vallist = [];
+
         devices.forEach(device => {
             if (device.dev && device.dev.name) {
                 const deviceName = device.dev.name;
@@ -75,11 +79,12 @@ function createConfigSection(section, map, network) {
     o.depends('mode', 'proxy');
     o.ucisection = s.section;
 
-    o = s.taboption('basic', form.TextValue, 'proxy_string', _('Proxy Configuration URL'), '');
+    o = s.taboption('basic', form.TextValue, 'proxy_string', _('Proxy Configuration URL'), _(''));
     o.depends('proxy_config_type', 'url');
     o.rows = 5;
     o.ucisection = s.section;
     o.sectionDescriptions = new Map();
+    o.placeholder = 'vless://uuid@server:port?type=tcp&security=tls#main\n// backup ss://method:pass@server:port\n// backup2 vless://uuid@server:port?type=grpc&security=reality#alt';
 
     o.renderWidget = function (section_id, option_index, cfgvalue) {
         const original = form.TextValue.prototype.renderWidget.apply(this, [section_id, option_index, cfgvalue]);
@@ -88,10 +93,17 @@ function createConfigSection(section, map, network) {
 
         if (cfgvalue) {
             try {
-                const label = cfgvalue.split('#').pop() || 'unnamed';
-                const decodedLabel = decodeURIComponent(label);
-                const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Current config: ') + decodedLabel);
-                container.appendChild(descDiv);
+                // Extract only the active configuration (first non-comment line)
+                const activeConfig = cfgvalue.split('\n')
+                    .map(line => line.trim())
+                    .find(line => line && !line.startsWith('//'));
+
+                if (activeConfig) {
+                    const label = activeConfig.split('#').pop() || 'unnamed';
+                    const decodedLabel = decodeURIComponent(label);
+                    const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Current config: ') + decodedLabel);
+                    container.appendChild(descDiv);
+                }
             } catch (e) {
                 console.error('Error parsing config label:', e);
                 const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Current config: ') + (cfgvalue.split('#').pop() || 'unnamed'));
@@ -99,7 +111,7 @@ function createConfigSection(section, map, network) {
             }
         } else {
             const defaultDesc = E('div', { 'class': 'cbi-value-description' },
-                _('Enter connection string starting with vless:// or ss:// for proxy configuration'));
+                _('Enter connection string starting with vless:// or ss:// for proxy configuration. Add comments with // for backup configs'));
             container.appendChild(defaultDesc);
         }
 
@@ -112,14 +124,23 @@ function createConfigSection(section, map, network) {
         }
 
         try {
-            if (!value.startsWith('vless://') && !value.startsWith('ss://')) {
+            // Get the first non-comment line as the active configuration
+            const activeConfig = value.split('\n')
+                .map(line => line.trim())
+                .find(line => line && !line.startsWith('//'));
+
+            if (!activeConfig) {
+                return _('No active configuration found. At least one non-commented line is required.');
+            }
+
+            if (!activeConfig.startsWith('vless://') && !activeConfig.startsWith('ss://')) {
                 return _('URL must start with vless:// or ss://');
             }
 
-            if (value.startsWith('ss://')) {
+            if (activeConfig.startsWith('ss://')) {
                 let encrypted_part;
                 try {
-                    let mainPart = value.includes('?') ? value.split('?')[0] : value.split('#')[0];
+                    let mainPart = activeConfig.includes('?') ? activeConfig.split('?')[0] : activeConfig.split('#')[0];
                     encrypted_part = mainPart.split('/')[2].split('@')[0];
                     try {
                         let decoded = atob(encrypted_part);
@@ -138,7 +159,7 @@ function createConfigSection(section, map, network) {
                 }
 
                 try {
-                    let serverPart = value.split('@')[1];
+                    let serverPart = activeConfig.split('@')[1];
                     if (!serverPart) return _('Invalid Shadowsocks URL: missing server address');
                     let [server, portAndRest] = serverPart.split(':');
                     if (!server) return _('Invalid Shadowsocks URL: missing server');
@@ -153,12 +174,12 @@ function createConfigSection(section, map, network) {
                 }
             }
 
-            if (value.startsWith('vless://')) {
-                let uuid = value.split('/')[2].split('@')[0];
+            if (activeConfig.startsWith('vless://')) {
+                let uuid = activeConfig.split('/')[2].split('@')[0];
                 if (!uuid || uuid.length === 0) return _('Invalid VLESS URL: missing UUID');
 
                 try {
-                    let serverPart = value.split('@')[1];
+                    let serverPart = activeConfig.split('@')[1];
                     if (!serverPart) return _('Invalid VLESS URL: missing server address');
                     let [server, portAndRest] = serverPart.split(':');
                     if (!server) return _('Invalid VLESS URL: missing server');
@@ -172,7 +193,7 @@ function createConfigSection(section, map, network) {
                     return _('Invalid VLESS URL: missing or invalid server/port format');
                 }
 
-                let queryString = value.split('?')[1];
+                let queryString = activeConfig.split('?')[1];
                 if (!queryString) return _('Invalid VLESS URL: missing query parameters');
 
                 let params = new URLSearchParams(queryString.split('#')[0]);
@@ -225,7 +246,11 @@ function createConfigSection(section, map, network) {
     o = s.taboption('basic', form.ListValue, 'interface', _('Network Interface'), _('Select network interface for VPN connection'));
     o.depends('mode', 'vpn');
     o.ucisection = s.section;
-    getNetworkInterfaces(o);
+    o.load = function (section_id) {
+        return getNetworkInterfaces(this, section_id).then(() => {
+            return this.super('load', section_id);
+        });
+    };
 
     o = s.taboption('basic', form.Flag, 'domain_list_enabled', _('Community Lists'));
     o.default = '0';
@@ -327,18 +352,33 @@ function createConfigSection(section, map, network) {
         return true;
     };
 
-    o = s.taboption('basic', form.TextValue, 'custom_domains_text', _('User Domains List'), _('Enter domain names separated by comma, space or newline'));
-    o.placeholder = 'example.com, sub.example.com\ndomain.com test.com';
+    o = s.taboption('basic', form.TextValue, 'custom_domains_text', _('User Domains List'), _('Enter domain names separated by comma, space or newline. You can add comments after //'));
+    o.placeholder = 'example.com, sub.example.com\n// Social networks\ndomain.com test.com // personal domains';
     o.depends('custom_domains_list_type', 'text');
     o.rows = 8;
     o.rmempty = false;
     o.ucisection = s.section;
     o.validate = function (section_id, value) {
         if (!value || value.length === 0) return true;
-        const domains = value.split(/[,\s\n]/).map(d => d.trim()).filter(d => d.length > 0);
+
         const domainRegex = /^(?!-)[A-Za-z0-9-]+([-.][A-Za-z0-9-]+)*(\.[A-Za-z]{2,})?$/;
-        for (const domain of domains) {
-            if (!domainRegex.test(domain)) return _('Invalid domain format: %s. Enter domain without protocol').format(domain);
+        const lines = value.split(/\n/).map(line => line.trim());
+
+        for (const line of lines) {
+            // Skip empty lines or lines that start with //
+            if (!line || line.startsWith('//')) continue;
+
+            // Extract domain part (before any //)
+            const domainPart = line.split('//')[0].trim();
+
+            // Process each domain in the line (separated by comma or space)
+            const domains = domainPart.split(/[,\s]+/).map(d => d.trim()).filter(d => d.length > 0);
+
+            for (const domain of domains) {
+                if (!domainRegex.test(domain)) {
+                    return _('Invalid domain format: %s. Enter domain without protocol').format(domain);
+                }
+            }
         }
         return true;
     };
@@ -407,27 +447,48 @@ function createConfigSection(section, map, network) {
         return true;
     };
 
-    o = s.taboption('basic', form.TextValue, 'custom_subnets_text', _('User Subnets List'), _('Enter subnets in CIDR notation or single IP addresses, separated by comma, space or newline'));
-    o.placeholder = '103.21.244.0/22\n8.8.8.8\n1.1.1.1/32, 9.9.9.9';
+    o = s.taboption('basic', form.TextValue, 'custom_subnets_text', _('User Subnets List'), _('Enter subnets in CIDR notation or single IP addresses, separated by comma, space or newline. You can add comments after //'));
+    o.placeholder = '103.21.244.0/22\n// Google DNS\n8.8.8.8\n1.1.1.1/32, 9.9.9.9 // Cloudflare and Quad9';
     o.depends('custom_subnets_list_enabled', 'text');
     o.rows = 10;
     o.rmempty = false;
     o.ucisection = s.section;
     o.validate = function (section_id, value) {
         if (!value || value.length === 0) return true;
-        const subnets = value.split(/[,\s\n]/).map(s => s.trim()).filter(s => s.length > 0);
+
         const subnetRegex = /^(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?$/;
-        for (const subnet of subnets) {
-            if (!subnetRegex.test(subnet)) return _('Invalid format: %s. Use format: X.X.X.X or X.X.X.X/Y').format(subnet);
-            const [ip, cidr] = subnet.split('/');
-            const ipParts = ip.split('.');
-            for (const part of ipParts) {
-                const num = parseInt(part);
-                if (num < 0 || num > 255) return _('IP parts must be between 0 and 255 in: %s').format(subnet);
-            }
-            if (cidr !== undefined) {
-                const cidrNum = parseInt(cidr);
-                if (cidrNum < 0 || cidrNum > 32) return _('CIDR must be between 0 and 32 in: %s').format(subnet);
+        const lines = value.split(/\n/).map(line => line.trim());
+
+        for (const line of lines) {
+            // Skip empty lines or lines that start with //
+            if (!line || line.startsWith('//')) continue;
+
+            // Extract subnet part (before any //)
+            const subnetPart = line.split('//')[0].trim();
+
+            // Process each subnet in the line (separated by comma or space)
+            const subnets = subnetPart.split(/[,\s]+/).map(s => s.trim()).filter(s => s.length > 0);
+
+            for (const subnet of subnets) {
+                if (!subnetRegex.test(subnet)) {
+                    return _('Invalid format: %s. Use format: X.X.X.X or X.X.X.X/Y').format(subnet);
+                }
+
+                const [ip, cidr] = subnet.split('/');
+                const ipParts = ip.split('.');
+                for (const part of ipParts) {
+                    const num = parseInt(part);
+                    if (num < 0 || num > 255) {
+                        return _('IP parts must be between 0 and 255 in: %s').format(subnet);
+                    }
+                }
+
+                if (cidr !== undefined) {
+                    const cidrNum = parseInt(cidr);
+                    if (cidrNum < 0 || cidrNum > 32) {
+                        return _('CIDR must be between 0 and 32 in: %s').format(subnet);
+                    }
+                }
             }
         }
         return true;
@@ -1043,4 +1104,4 @@ return view.extend({
 
         return map_promise;
     }
-});
+});

podkop/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=podkop
-PKG_VERSION:=0.3.16
+PKG_VERSION:=0.3.22
 PKG_RELEASE:=1
 
 PKG_MAINTAINER:=ITDog <podkop@itdog.info>

podkop/files/etc/config/podkop

@@ -1,13 +1,13 @@
 config main 'main'
 	option mode 'proxy'
 	#option interface ''
-	option proxy_config_type ''
+	option proxy_config_type 'url'
 	#option outbound_json ''
 	option proxy_string ''
 	option domain_list_enabled '1'
-	option domain_list 'russia_inside'
+	list domain_list 'russia_inside'
 	option subnets_list_enabled '0'
-	option custom_domains_list_type 'disable'
+	option custom_domains_list_type 'disabled'
 	#list custom_domains ''
 	#option custom_domains_text ''
 	option custom_local_domains_list_enabled '0'

podkop/files/etc/init.d/podkop

@@ -24,8 +24,6 @@ EXTRA_HELP="        list_update     Updating domain and subnet lists
         show_system_info    Show OpenWrt version and device model
         get_sing_box_status  Get sing-box status"
 
-[ ! -L /usr/sbin/podkop ] && ln -s /etc/init.d/podkop /usr/sbin/podkop
-
 GITHUB_RAW_URL="https://raw.githubusercontent.com/itdoginfo/allow-domains/main"
 SRS_MAIN_URL="https://github.com/itdoginfo/allow-domains/releases/latest/download"
 DOMAINS_RU_INSIDE="${GITHUB_RAW_URL}/Russia/inside-dnsmasq-nfset.lst"
@@ -410,14 +408,17 @@ process_domains_text() {
     local tmp_file=$(mktemp)
     echo "$text" > "$tmp_file"
     
-    sed 's/[, ]\+/\n/g' "$tmp_file" | while IFS= read -r domain; do
+    # First filter out full comment lines and remove comments after domains
+    grep -v "^[[:space:]]*\/\/" "$tmp_file" | sed 's/\/\/.*$//' > "${tmp_file}.filtered"
+    
+    sed 's/[, ]\+/\n/g' "${tmp_file}.filtered" | while IFS= read -r domain; do
         domain=$(echo "$domain" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
         if [ -n "$domain" ]; then
             sing_box_ruleset_domains "$domain" "$name"
         fi
     done
     
-    rm -f "$tmp_file"
+    rm -f "$tmp_file" "${tmp_file}.filtered"
 }
 
 process_subnets_text() {
@@ -427,7 +428,10 @@ process_subnets_text() {
     local tmp_file=$(mktemp)
     echo "$text" > "$tmp_file"
     
-    sed 's/[, ]\+/\n/g' "$tmp_file" | while IFS= read -r subnet; do
+    # First filter out full comment lines and remove comments after subnets
+    grep -v "^[[:space:]]*\/\/" "$tmp_file" | sed 's/\/\/.*$//' > "${tmp_file}.filtered"
+    
+    sed 's/[, ]\+/\n/g' "${tmp_file}.filtered" | while IFS= read -r subnet; do
         subnet=$(echo "$subnet" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
         if [ -n "$subnet" ]; then
             if ! echo "$subnet" | grep -q "/"; then
@@ -437,7 +441,7 @@ process_subnets_text() {
         fi
     done
     
-    rm -f "$tmp_file"
+    rm -f "$tmp_file" "${tmp_file}.filtered"
 }
 
 add_cron_job() {
@@ -747,10 +751,19 @@ sing_box_outdound() {
             fi
         else
             config_get proxy_string $section "proxy_string"
-            if [[ "$proxy_string" =~ ^ss:// ]]; then
-                sing_box_config_shadowsocks "$section" "$proxy_string"
-            elif [[ "$proxy_string" =~ ^vless:// ]]; then
-                sing_box_config_vless "$section" "$proxy_string"
+            
+            # Extract the first non-comment line as the active configuration
+            active_proxy_string=$(echo "$proxy_string" | grep -v "^[[:space:]]*\/\/" | head -n 1)
+            
+            if [ -z "$active_proxy_string" ]; then
+                log "No active proxy configuration found"
+                return
+            fi
+            
+            if [[ "$active_proxy_string" =~ ^ss:// ]]; then
+                sing_box_config_shadowsocks "$section" "$active_proxy_string"
+            elif [[ "$active_proxy_string" =~ ^vless:// ]]; then
+                sing_box_config_vless "$section" "$active_proxy_string"
             else
                 log "Unsupported proxy type or missing configuration"
                 return
@@ -852,8 +865,6 @@ sing_box_config_outbound_json() {
     fi
 }
 
-
-
 sing_box_config_shadowsocks() {
     local section="$1"
     local STRING="$2"
@@ -1222,7 +1233,7 @@ list_subnets_download() {
     esac
 
     local filename=$(basename "$URL")
-    wget -q -O "/tmp/podkop/$filename" "$URL"
+    wget -O "/tmp/podkop/$filename" "$URL"
 
     while IFS= read -r subnet; do
         if [ "$service" = "discord" ]; then
@@ -1295,10 +1306,16 @@ sing_box_rule_preset() {
     config_get custom_subnets_list_enabled "$section" "custom_subnets_list_enabled"
     config_get custom_local_domains_list_enabled "$section" "custom_local_domains_list_enabled"
     config_get custom_download_domains_list_enabled "$section" "custom_download_domains_list_enabled"
+    config_get custom_download_subnets_list_enabled "$section" "custom_download_subnets_list_enabled"
 
     if [ "$custom_domains_list_type" != "disabled" ] || [ "$custom_subnets_list_enabled" != "disabled" ] ||
-        [ "$custom_local_domains_list_enabled" = "1" ] || [ "$custom_download_domains_list_enabled" = "1" ]; then
+        [ "$custom_local_domains_list_enabled" = "1" ] || [ "$custom_download_domains_list_enabled" = "1" ] ||
+        [ "$custom_download_subnets_list_enabled" = "1" ]; then
         sing_box_rules "$section" "$section"
+    fi
+
+    if [ "$custom_domains_list_type" != "disabled" ] || [ "$custom_local_domains_list_enabled" = "1" ] ||
+        [ "$custom_download_domains_list_enabled" = "1" ]; then
         sing_box_dns_rule_fakeip_section "$section" "$section"
     fi
 
@@ -1406,22 +1423,23 @@ process_all_traffic_for_section() {
     if [ "$all_traffic_from_ip_enabled" -eq "1" ]; then
         log "Adding an IP to redirect all traffic"
         config_list_foreach $section all_traffic_ip list_all_traffic_from_ip
-        config_list_foreach $section all_traffic_ip sing_box_rules_source_ip_cidr "$section" "$all_traffic_ip"
+        config_list_foreach $section all_traffic_ip sing_box_rules_source_ip_cidr $all_traffic_ip $section
     fi
 }
 
 sing_box_rules_source_ip_cidr() {
     log "Configure source_ip_cidr rule in sing-box"
-    local outbound="$2"
     local source_ip_cidr="$1"
+    local outbound="$2"
+
+    local current_source_ip_cidr=$(jq -r '.route.rules[] | select(.outbound == "'"$outbound"'" and .action == "route" and (.rule_set | not))' $SING_BOX_CONFIG)
 
-    local current_source_ip_cidr=$(jq -r ".route.rules[] | select(.outbound == \"$outbound\" and .source_ip_cidr) | .rule_set" $SING_BOX_CONFIG)
 
     if [[ -n "$current_source_ip_cidr" ]]; then
         jq \
         --arg source_ip_cidr "$source_ip_cidr" \
         --arg outbound "$outbound" \
-        '(.route.rules[] | select(.outbound == $outbound) | .source_ip_cidr) += [$source_ip_cidr]' \
+        '(.route.rules[] | select(.outbound == $outbound and .action == "route" and (.rule_set | not)) | .source_ip_cidr) += [$source_ip_cidr]' \
         $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG
     else
         jq \
@@ -1431,7 +1449,8 @@ sing_box_rules_source_ip_cidr() {
             {
                 "inbound": ["tproxy-in"],
                 "source_ip_cidr": [$source_ip_cidr],
-                "outbound": $outbound
+                "outbound": $outbound,
+                "action": "route"
             }
         ] + .route.rules' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG
     fi