Delay setting option

Add HODCA, CloudFront, DO
Update
2025-12-06 11:36:50 +03:00 · 2025-09-02 14:09:35 +03:00 · 2025-08-29 15:02:43 +03:00 · 2025-08-28 19:11:37 +03:00 · 2025-08-28 18:40:53 +03:00 · 2025-08-28 18:12:35 +03:00
24 changed files with 3709 additions and 2292 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -0,0 +1,74 @@
 ---
 name: 🐛 Сообщение об ошибке
 description: Создавайте только, если проблема точно не на вашей стороне.
 title: "[BUG] "
 labels: ["bug"]
 assignees: []
 body:
  - type: markdown
    attributes:
      value: |
        Спасибо за создание отчета об ошибке!
        Перед отправкой, пожалуйста:
        - Проверьте [существующие issues](https://github.com/itdoginfo/podkop/issues)
        - Просмотрите [документацию](https://podkop.net)
  - type: textarea
    id: description
    attributes:
      label: 📝 Описание проблемы
      description: Четкое и краткое описание того, что не работает
      placeholder: Опишите проблему
    validations:
      required: true
  - type: textarea
    id: reproduction
    attributes:
      label: Шаги для воспроизведения
      description: Шаги для воспроизведения проблемы. Если вы настраваете что-то по мануалу, приложите ссылку на него.
      placeholder: |
        1. 
        2. 
        3. 
        4. 
    validations:
      required: true
  - type: textarea
    id: expected
    attributes:
      label: ✅ Ожидаемое поведение
      description: Четкое и краткое описание того, что должно было произойти
      placeholder: Опишите ожидаемое поведение
    validations:
      required: true
  - type: textarea
    id: environment
    attributes:
      label: 🖥️ Информация о системе
      description: |
        Информация о вашей системе (заполните всё применимое)
      value: |
        - **OpenWrt версия**: 
        - **Podkop версия**: 
        - **Роутер модель**: 
        - **Sing-box версия**: 
      render: markdown
    validations:
      required: true
  - type: textarea
    id: config
    attributes:
      label: ⚙️ Конфигурация
      description: |
        Релевантные части конфигурации (удалите чувствительную информацию!)
      placeholder: |
        Например:
        - Содержимое /etc/config/podkop
        - Конфигурация sing-box (если релевантно)
        - Дополнительные конфиги, которые потребуются wireless/network/dhcp и т.д.
      render: shell
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
 blank_issues_enabled: false
 contact_links:
  - name: 💬 Если у вас что-то не работает, прежде всего прочитайте README проекта
    url: https://github.com/itdoginfo/podkop
    about: README проекта
  - name: 📚 Если вы не нашли в README документацию, то вот ссылка на неё
    url: https://podkop.net
    about: Официальная документация PodKop
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -0,0 +1,68 @@
 ---
 name: ✨ Запрос новой функции
 description: Предложите новую функцию или улучшение для Podkop
 title: "[FEATURE] "
 labels: ["enhancement", "needs-discussion"]
 assignees: []
 body:
  - type: markdown
    attributes:
      value: |
        Спасибо за предложение новой функции!
        Перед отправкой, пожалуйста:
        - Проверьте [существующие запросы](https://github.com/itdoginfo/podkop/issues?q=is%3Aissue+label%3Aenhancement)
        - Убедитесь, что функции не существует в [документации](https://podkop.net)
  - type: textarea
    id: summary
    attributes:
      label: Краткое описание
      description: Краткое описание предлагаемой функции
      placeholder: В одном предложении опишите, что вы хотите добавить...
    validations:
      required: true
  - type: textarea
    id: problem
    attributes:
      label: Проблема, которую решает
      description: |
        Описание проблемы или неудобства, которое решит эта функция
      placeholder: |
        Сейчас нет возможности [...]
    validations:
      required: true
  - type: textarea
    id: solution
    attributes:
      label: 💡 Предлагаемое решение
      description: Четкое и краткое описание того, что вы хотите реализовать
      placeholder: |
        Я хочу, чтобы Podkop мог [...]
        Предлагаю добавить функцию, которая [...]
        Можно было бы улучшить [...] путем [...]
    validations:
      required: true
  - type: textarea
    id: alternatives
    attributes:
      label: Workaround
      description: |
        Опишите альтернативные решения или функции, которые вы рассматривали
        Есть ли обходные пути, которые вы используете сейчас?
      placeholder: |
        Сейчас я решаю это проблему путем [...]
        Альтернативой могло бы быть [...]
        Пробовал использовать [...], но это не подходит потому что [...]
  - type: textarea
    id: implementation
    attributes:
      label: Идеи реализации (опционально)
      description: |
        Если у вас есть идеи о том, как это можно реализовать, поделитесь ими. Помните про ограничения LuCI.
      placeholder: |
        Это можно реализовать с помощью [...]
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,12 @@
 # Описание изменений
 Краткое описание ваших изменений и их цель.
 ## Что изменено
 Детальное описание изменений:
 - 
 - 
 - 
 (Этим вы экономите время ревьювера)
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -10,28 +10,22 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4.2.1
        with:
          fetch-depth: 0
-      - name: Check version match
+      - name: Extract version
        id: version
        run: |
-          PODKOP_VERSION=$(grep '^PKG_VERSION:=' podkop/Makefile | cut -d '=' -f 2)
+          VERSION=$(git describe --tags --exact-match 2>/dev/null || echo "dev_$(date +%d%m%Y)")
-          LUCI_APP_PODKOP_VERSION=$(grep '^PKG_VERSION:=' luci-app-podkop/Makefile | cut -d '=' -f 2)
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
          TAG_VERSION=${GITHUB_REF#refs/tags/v}
          echo "Podkop version: $PODKOP_VERSION"
          echo "Luci-app-podkop version: $LUCI_APP_PODKOP_VERSION"
          echo "Tag version: $TAG_VERSION"
          if [ "$PODKOP_VERSION" != "$TAG_VERSION" ] || [ "$LUCI_APP_PODKOP_VERSION" != "$TAG_VERSION" ]; then
            echo "Error: Version mismatch"
            exit 1
          fi
      - name: Build and push
        uses: docker/build-push-action@v6.9.0
        with:
          context: .
          tags: podkop:ci
          build-args: |
            PKG_VERSION=${{ steps.version.outputs.version }}
      - name: Create Docker container
        run: docker create --name podkop podkop:ci
--- a/.shellcheckrc
+++ b/.shellcheckrc
@@ -0,0 +1 @@
 disable=SC3036,SC3010,SC3014,SC3015,SC3020,SC3003
--- a/5
+++ b/5
@@ -1,6 +1,7 @@
-FROM openwrt/sdk:x86_64-v23.05.5
+FROM itdoginfo/openwrt-sdk:24.10.1
-RUN ./scripts/feeds update -a && ./scripts/feeds install luci-base && mkdir -p /builder/package/feeds/utilites/ && mkdir -p /builder/package/feeds/luci/
+ARG PKG_VERSION
 ENV PKG_VERSION=${PKG_VERSION}
 COPY ./podkop /builder/package/feeds/utilites/podkop
 COPY ./luci-app-podkop /builder/package/feeds/luci/luci-app-podkop
--- a/3
+++ b/3
@@ -0,0 +1,3 @@
 FROM openwrt/sdk:x86_64-v24.10.1
 RUN ./scripts/feeds update -a && ./scripts/feeds install luci-base && mkdir -p /builder/package/feeds/utilites/ && mkdir -p /builder/package/feeds/luci/
--- a/README.md
+++ b/README.md
@@ -1,170 +1,52 @@
 # Вещи, которые вам нужно знать перед установкой
- Это альфа версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
+- Это бета-версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
- Основной функционал работает, но побочные штуки сейчас могут сбоить.
+- При возникновении проблем, нужен технически грамотный фидбэк в чат.
- При обновлении **обязательно** сбрасывайте кэш LuCI.
+- При обновлении **обязательно** [сбрасывайте кэш LuCI](https://podkop.net/docs/clear-browser-cache/).
 - Также при обновлении всегда заходите в конфигурацию и проверяйте свои настройки. Конфигурация может измениться.
- Необходимо минимум 15МБ свободного места на роутере. Роутерами с флешками на 16МБ сразу мимо.
+- Необходимо минимум 15МБ свободного места на роутере. Роутеры с флешками на 16МБ сразу мимо.
 - При старте программы редактируется конфиг Dnsmasq.
 - Podkop редактирует конфиг sing-box. Обязательно сохраните ваш конфиг sing-box перед установкой, если он вам нужен.
- Информация здесь может быть устаревшей. Все изменения фиксируются в телеграм-чате https://t.me/itdogchat - топик **Podkop**.
+- Информация здесь может быть устаревшей. Все изменения фиксируются в [телеграм-чате](https://t.me/itdogchat/81758/420321).
- Если у вас не что-то не работает, то следуюет сходить в телеграм чат, прочитать закрепы и выполнить что там написано..
+- [Если у вас не что-то не работает.](https://podkop.net/docs/diagnostics/)
- Если у вас установлен Getdomains, его следует удалить.
+- Если у вас установлен Getdomains, [его следует удалить](https://github.com/itdoginfo/domain-routing-openwrt?tab=readme-ov-file#%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82-%D0%B4%D0%BB%D1%8F-%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F).
-# Удаление GetDomains скриптом
+# Документация
-```
+https://podkop.net/
 sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/domain-routing-openwrt/refs/heads/master/getdomains-uninstall.sh)
 ```
 Оставляет туннели, зоны, forwarding. А также stubby и dnscrypt. Они не помешают. Конфиг sing-box будет перезаписан в podkop.
 # Установка Podkop
-Пакет работает на всех архитектурах.
+Полная информация в [документации](https://podkop.net/docs/install/)
 Тестировался на **ванильной** OpenWrt 23.05 и OpenWrt 24.10.
 На FriendlyWrt 23.05 присуствуют зависимости от iptables, которые ломают tproxy. Если у вас появляется warning про это в логах, следуйте инструкции по приведённой там ссылке.
-Поддержки APK на данный момент нет. APK будет сделан после того как разгребу основное.
+Вкратце, достаточно одного скрипта для установки и обновления:
 ## Автоматическая
 ```
 sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/main/install.sh)
 ```
 Скрипт также предложит выбрать, какой туннель будет использоваться. Для выбранного туннеля будут установлены нужные пакеты, а для Wireguard и AmneziaWG также будет предложена автоматическая настройка - прямо в консоли скрипт запросит данные конфига. Для AmneziaWG можно также выбрать вариант с использованием конфига обычного Wireguard и автоматической обфускацией до AmneziaWG.
 Для AmneziaWG скрипт проверяет наличие пакетов под вашу платформу в [стороннем репозитории](https://github.com/Slava-Shchipunov/awg-openwrt/releases), так как в официальном репозитории OpenWRT они отсутствуют, и автоматически их устанавливает.
 ## Вручную
 Сделать `opkg update`, чтоб установились зависимости.
 Скачать пакеты `podkop_*.ipk` и `luci-app-podkop_*.ipk` из релиза. `opkg install` сначала первый, потом второй.
 # Обновление
 Та же самая команда, что для установки. Скрипт обнаружит уже установленный podkop и предложит обновиться.
 ```
 sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/main/install.sh)
 ```
 # Удаление
 ```
 opkg remove luci-i18n-podkop-ru luci-app-podkop podkop
 ```
 # Использование
 Конфиг: /etc/config/podkop
 Luci: Services/podkop
 ## Режимы
 ### Proxy
 Для VLESS и Shadowsocks. Другие протоколы тоже будут, кидайте в чат примеры строк без чувствительных данных.
 В этом режиме просто копируйте строку в **Proxy String** и из неё автоматически настроится sing-box.
 ### VPN
 Здесь у вас должен быть уже настроен WG/OpenVPN/OpenConnect etc, зона Zone и Forwarding не обязательны.
 Просто выбрать интерфейс из списка.
 ## Настройка доменов и подсетей
 **Community Lists** - Включить списки комьюнити
 **Custom domains enable** - Добавить свои домены
 **Custom subnets enable** - Добавить подсети или IP-адреса. Для подсетей задать маску.
 # Известные баги
 - [x] Не отрабатывает service podkop stop, если podkop запущен и не может, к пример, зарезолвить домен с сломанным DNS
 - [x] Update list из remote url domain не удаляет старые домены. А добавляет новые. Для подсетей тоже самое скорее всего. Пересоздавать ruleset?
 # ToDo
 Этот раздел не означает задачи, которые нужно брать и делать. Это общий список хотелок. Если вы хотите помочь, пожалуйста, спросите сначала в телеграмме.
- [ ] Сделать галку запрещающую подкопу редачить dhcp. Допилить в исключение вместе с пустыми полями proxy и vpn (нужно wiki)
+Основные задачи в issues.
 - [ ] Рестарт сервиса без рестарта dnsmasq
 - [ ] `ash: can't kill pid 9848: No such process` при обновлении
-Низкий приоритет
+## Рефактор
- [ ] Галочка, которая режет доступ к doh серверам
+- [ ] Очевидные повторения в `/usr/bin/podkop` загнать в переменые
- [ ] IPv6. Только после наполнения Wiki
+- [ ] Возможно поменять структуру
-Рефактор
+## Списки
- [ ] Handle для sing-box
+- [ ] CloudFront
- [ ] Handle для dnsmasq
+- [ ] DO 
 - [ ] HODCA
 ## Будущее
 - [ ] [Подписка](https://github.com/itdoginfo/podkop/issues/118). Здесь нужна реализация, чтоб для каждой секции помимо ручного выбора, был выбор фильтрации по тегу. Например, для main выбираем ключевые слова NL, DE, FI. А для extra секции фильтруем по RU. И создаётся outbound c urltest в которых перечислены outbound из фильтров.
 - [ ] Опция, когда все запросы (с роутера в первую очередь), а не только br-lan идут в прокси. С этим связана #95. Требуется много переделать для nftables.
 - [ ] Весь трафик в Proxy\VPN. Вопрос, что делать с экстрасекциями в этом случае. FakeIP здесь скорее не нужен, а значит только main секция остаётся. Всё что касается fakeip проверок, придётся выключать в этом режиме.
 - [x] Поддержка Source format. Нужна расшифровка в json и если присуствуют подсети, заносить их в custom subnet nftset.
 - [ ] Переделывание функции формирования кастомных списков в JSON. Обрабатывать сразу скопом, а не по одному.
 - [ ] При успешном запуске переходит в фоновый режим и следит за состоянием sing-box. Если вдруг идёт exit 1, выполняется dnsmasq restore и снова следит за состоянием. Вопрос в том, как это искусcтвенно провернуть. Попробовать положить прокси и посмотреть, останется ли работать DNS в этом случае. И здесь, вероятно, можно обойтись триггером в init.d. [Issue](https://github.com/itdoginfo/podkop/issues/111)
 - [ ] Формирование конфига sing-box в /tmp
 - [ ] Галочка, которая режет доступ к doh серверам.
 - [ ] IPv6. Только после наполнения Wiki.
 ## Тесты
 - [ ] Unit тесты (BATS)
- [ ] Интеграционые тесты бекенда (OpenWrt rootfs + BATS)
+- [ ] Интеграционые тесты бекенда (OpenWrt rootfs + BATS)
 # Разработка
 Есть два варианта:
 - Просто поставить пакет на роутер или виртуалку и прям редактировать через SFTP (opkg install openssh-sftp-server)
 - SDK, чтоб собирать пакеты
 Для сборки пакетов нужен SDK, один из вариантов скачать прям файл и разархивировать
 https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/
 Нужен файл с SDK в имени
 ```
 wget https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/openwrt-sdk-23.05.5-x86-64_gcc-12.3.0_musl.Linux-x86_64.tar.xz
 tar xf openwrt-sdk-23.05.5-x86-64_gcc-12.3.0_musl.Linux-x86_64.tar.xz
 mv openwrt-sdk-23.05.5-x86-64_gcc-12.3.0_musl.Linux-x86_64 SDK
 ```
 Последнее для удобства.
 Создаём директорию для пакета
 ```
 mkdir package/utilites
 ```
 Симлинк из репозитория
 ```
 ln -s ~/podkop/podkop package/utilites/podkop
 ln -s ~/podkop/luci-app-podkop package/luci-app-podkop
 ```
 В первый раз для сборки luci-app необходимо обновить пакеты
 ```
 ./scripts/feeds update -a
 ```
 Для make можно добавить флаг -j N, где N - количество ядер для сборки. Первый раз пройдёт быстрее.
 При первом make выводится менюшка, можно просто save, exit и всё. Первый раз долго грузит зависимости.
 Сборка пакета. Сами пакеты собираются быстро.
 ```
 make package/podkop/{clean,compile} V=s
 ```
 Также для luci
 ```
 make package/luci-app-podkop/{clean,compile} V=s
 ```
 .ipk лежат в `bin/packages/x86_64/base/`
 ## Примеры строк
 https://github.com/itdoginfo/podkop/blob/main/String-example.md
 ## Ошибки
 ```
 Makefile:17: /SDK/feeds/luci/luci.mk: No such file or directory
 make[2]: *** No rule to make target '/SDK/feeds/luci/luci.mk'.  Stop.
 time: package/luci/luci-app-podkop/clean#0.00#0.00#0.00
    ERROR: package/luci/luci-app-podkop failed to build.
 make[1]: *** [package/Makefile:129: package/luci/luci-app-podkop/clean] Error 1
 make[1]: Leaving directory '/SDK'
 make: *** [/SDK/include/toplevel.mk:226: package/luci-app-podkop/clean] Error 2
 ```
 Не загружены пакеты для luci
 ## make зависимости
 https://openwrt.org/docs/guide-developer/toolchain/install-buildsystem
 Ubuntu
 ```
 sudo apt update
 sudo apt install build-essential clang flex bison g++ gawk \
 gcc-multilib g++-multilib gettext git libncurses-dev libssl-dev \
 python3-distutils rsync unzip zlib1g-dev file wget
 ```
--- a/String-example.md
+++ b/String-example.md
@@ -57,6 +57,11 @@ vless://uuid@server:443?security=tls&sni=server&fp=chrome&type=ws&path=/websocke
 vless://33333@example.com:443/?type=ws&encryption=none&path=%2Fwebsocket&security=tls&sni=example.com&fp=chrome#vless-tls-ws-4
 ```
 7.
 ```
 vless://id@sub.domain.example:443?type=ws&path=%2Fdir%2Fpath&host=sub.domain.example&security=tls#configname
 ```
 ## No security
 ```
 vless://8b60389a-7a01-4365-9244-c87f12bb98cf@example.com:443?type=tcp&security=none#vless-tls-no-encrypt
--- a/install.sh
+++ b/install.sh
@@ -1,53 +1,37 @@
 #!/bin/sh
 REPO="https://api.github.com/repos/itdoginfo/podkop/releases/latest"
 IS_SHOULD_RESTART_NETWORK=
 DOWNLOAD_DIR="/tmp/podkop"
 COUNT=3
 rm -rf "$DOWNLOAD_DIR"
 mkdir -p "$DOWNLOAD_DIR"
 msg() {
    printf "\033[32;1m%s\033[0m\n" "$1"
 }
 main() {
    check_system
    sing_box
-    
+
-    opkg update
+    /usr/sbin/ntpd -q -p 194.190.168.1 -p 216.239.35.0 -p 216.239.35.4 -p 162.159.200.1 -p 162.159.200.123
    opkg update || { echo "opkg update failed"; exit 1; }
    if [ -f "/etc/init.d/podkop" ]; then
-        printf "\033[32;1mPodkop is already installed. Just upgrade it? (y/n)\033[0m\n"
+        msg "Podkop is already installed. Upgraded..."
        printf "\033[32;1my - Only upgrade podkop\033[0m\n"
        printf "\033[32;1mn - Upgrade and install tunnels (WG, AWG, OpenVPN, OC)\033[0m\n"
        while true; do
            read -r -p '' UPDATE
            case $UPDATE in
            y)
                echo "Upgraded podkop..."
                break
                ;;
            n)
                add_tunnel
                break
                ;;
            *)
                echo "Please enter y or n"
                ;;
            esac
        done
    else
-        echo "Installed podkop..."
+        msg "Installed podkop..."
        add_tunnel
    fi
    if command -v curl &> /dev/null; then
        check_response=$(curl -s "https://api.github.com/repos/itdoginfo/podkop/releases/latest")
-    check_response=$(curl -s "https://api.github.com/repos/itdoginfo/podkop/releases/latest")
+        if echo "$check_response" | grep -q 'API rate limit '; then
-
+            msg "You've reached rate limit from GitHub. Repeat in five minutes."
-    if echo "$check_response" | grep -q 'API rate limit '; then
+            exit 1
-        echo "You've reached rate limit from GitHub. Repeat in five minutes."
+        fi
        exit 1
    fi
    download_success=0
@@ -57,33 +41,33 @@ main() {
        attempt=0
        while [ $attempt -lt $COUNT ]; do
-            echo "Download $filename (count $((attempt+1)))..."
+            msg "Download $filename (count $((attempt+1)))..."
            if wget -q -O "$filepath" "$url"; then
                if [ -s "$filepath" ]; then
-                    echo "$filename successfully downloaded"
+                    msg "$filename successfully downloaded"
                    download_success=1
                    break
                fi
            fi
-            echo "Download error $filename. Retry..."
+            msg "Download error $filename. Retry..."
            rm -f "$filepath"
            attempt=$((attempt+1))
        done
        if [ $attempt -eq $COUNT ]; then
-            echo "Failed to download $filename after $COUNT attempts"
+            msg "Failed to download $filename after $COUNT attempts"
        fi
    done < <(wget -qO- "$REPO" | grep -o 'https://[^"[:space:]]*\.ipk')
    if [ $download_success -eq 0 ]; then
-        echo "No packages were downloaded successfully"
+        msg "No packages were downloaded successfully"
        exit 1
    fi
    for pkg in podkop luci-app-podkop; do
        file=$(ls "$DOWNLOAD_DIR" | grep "^$pkg" | head -n 1)
        if [ -n "$file" ]; then
-            echo "Installing $file"
+            msg "Installing $file"
            opkg install "$DOWNLOAD_DIR/$file"
            sleep 3
        fi
@@ -91,340 +75,72 @@ main() {
    ru=$(ls "$DOWNLOAD_DIR" | grep "luci-i18n-podkop-ru" | head -n 1)
    if [ -n "$ru" ]; then
-        printf "\033[32;1mРусский язык интерфейса ставим? y/n (Need a Russian translation?)\033[0m "
+        if opkg list-installed | grep -q luci-i18n-podkop-ru; then
-        while true; do
+                msg "Upgraded ru translation..."
-            read -r -p '' RUS
+                opkg remove luci-i18n-podkop*
            case $RUS in
            y)
                opkg install "$DOWNLOAD_DIR/$ru"
-                break
+        else
-                ;;
+            msg "Русский язык интерфейса ставим? y/n (Need a Russian translation?)"
-            n)
+            while true; do
-                break
+                read -r -p '' RUS
-                ;;
+                case $RUS in
-            *)
+                y)
-                echo "Введите y или n"
+                    opkg remove luci-i18n-podkop*
-                ;;
+                    opkg install "$DOWNLOAD_DIR/$ru"
-            esac
+                    break
-        done
+                    ;;
                n)
                    break
                    ;;
                *)
                    echo "Введите y или n"
                    ;;
                esac
            done
        fi
    fi
    find "$DOWNLOAD_DIR" -type f -name '*podkop*' -exec rm {} \;
    if [ "$IS_SHOULD_RESTART_NETWORK" ]; then
        printf "\033[32;1mRestart network\033[0m\n"
        /etc/init.d/network restart
    fi
 }
 add_tunnel() {
    printf "\033[32;1mWill you be using Wireguard, AmneziaWG, OpenVPN, OpenConnect? If yes, select a number and they will be automatically installed\033[0m\n"
    echo "1) Wireguard"
    echo "2) AmneziaWG"
    echo "3) OpenVPN"
    echo "4) OpenConnect"
    echo "5) I use VLESS/SS. Skip this step"
    while true; do
        read -r -p '' TUNNEL
        case $TUNNEL in
        1)
            opkg install wireguard-tools luci-proto-wireguard luci-app-wireguard
            printf "\033[32;1mDo you want to configure the wireguard interface? (y/n): \033[0m\n"
            read IS_SHOULD_CONFIGURE_WG_INTERFACE
            if [ "$IS_SHOULD_CONFIGURE_WG_INTERFACE" = "y" ] || [ "$IS_SHOULD_CONFIGURE_WG_INTERFACE" = "Y" ]; then
                wg_awg_setup Wireguard
            else
            printf "\e[1;32mUse these instructions to manual configure https://itdog.info/nastrojka-klienta-wireguard-na-openwrt/\e[0m\n"
            fi
            break
            ;;
        2)
            install_awg_packages
            printf "\033[32;1mThere are no instructions for manual configure yet. Do you want to configure the amneziawg interface? (y/n): \033[0m\n"
            read IS_SHOULD_CONFIGURE_WG_INTERFACE
            if [ "$IS_SHOULD_CONFIGURE_WG_INTERFACE" = "y" ] || [ "$IS_SHOULD_CONFIGURE_WG_INTERFACE" = "Y" ]; then
                wg_awg_setup AmneziaWG
            fi
            break
            ;;
        3)
            opkg install opkg install openvpn-openssl luci-app-openvpn
            printf "\e[1;32mUse these instructions to configure https://itdog.info/nastrojka-klienta-openvpn-na-openwrt/\e[0m\n"
            break
            ;;
        4)
            opkg install opkg install openconnect luci-proto-openconnect
            printf "\e[1;32mUse these instructions to configure https://itdog.info/nastrojka-klienta-openconnect-na-openwrt/\e[0m\n"
            break
            ;;
        5)
            echo "Installation without additional dependencies."
            break
            ;;
        *)
            echo "Choose from the following options"
            ;;
        esac
    done
 }
 handler_network_restart() {
    IS_SHOULD_RESTART_NETWORK=true
 }
 install_awg_packages() {
    # Получение pkgarch с наибольшим приоритетом
    PKGARCH=$(opkg print-architecture | awk 'BEGIN {max=0} {if ($3 > max) {max = $3; arch = $2}} END {print arch}')
    TARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 1)
    SUBTARGET=$(ubus call system board | jsonfilter -e '@.release.target' | cut -d '/' -f 2)
    VERSION=$(ubus call system board | jsonfilter -e '@.release.version')
    PKGPOSTFIX="_v${VERSION}_${PKGARCH}_${TARGET}_${SUBTARGET}.ipk"
    BASE_URL="https://github.com/Slava-Shchipunov/awg-openwrt/releases/download/"
    AWG_DIR="/tmp/amneziawg"
    mkdir -p "$AWG_DIR"
    if opkg list-installed | grep -q kmod-amneziawg; then
        echo "kmod-amneziawg already installed"
    else
        KMOD_AMNEZIAWG_FILENAME="kmod-amneziawg${PKGPOSTFIX}"
        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${KMOD_AMNEZIAWG_FILENAME}"
        wget -O "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL"
        if [ $? -eq 0 ]; then
            echo "kmod-amneziawg file downloaded successfully"
        else
            echo "Error downloading kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again"
            exit 1
        fi
        opkg install "$AWG_DIR/$KMOD_AMNEZIAWG_FILENAME"
        if [ $? -eq 0 ]; then
            echo "kmod-amneziawg file downloaded successfully"
        else
            echo "Error installing kmod-amneziawg. Please, install kmod-amneziawg manually and run the script again"
            exit 1
        fi
    fi
    if opkg list-installed | grep -q amneziawg-tools; then
        echo "amneziawg-tools already installed"
    else
        AMNEZIAWG_TOOLS_FILENAME="amneziawg-tools${PKGPOSTFIX}"
        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${AMNEZIAWG_TOOLS_FILENAME}"
        wget -O "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME" "$DOWNLOAD_URL"
        if [ $? -eq 0 ]; then
            echo "amneziawg-tools file downloaded successfully"
        else
            echo "Error downloading amneziawg-tools. Please, install amneziawg-tools manually and run the script again"
            exit 1
        fi
        opkg install "$AWG_DIR/$AMNEZIAWG_TOOLS_FILENAME"
        if [ $? -eq 0 ]; then
            echo "amneziawg-tools file downloaded successfully"
        else
            echo "Error installing amneziawg-tools. Please, install amneziawg-tools manually and run the script again"
            exit 1
        fi
    fi
    if opkg list-installed | grep -q luci-app-amneziawg; then
        echo "luci-app-amneziawg already installed"
    else
        LUCI_APP_AMNEZIAWG_FILENAME="luci-app-amneziawg${PKGPOSTFIX}"
        DOWNLOAD_URL="${BASE_URL}v${VERSION}/${LUCI_APP_AMNEZIAWG_FILENAME}"
        wget -O "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME" "$DOWNLOAD_URL"
        if [ $? -eq 0 ]; then
            echo "luci-app-amneziawg file downloaded successfully"
        else
            echo "Error downloading luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again"
            exit 1
        fi
        opkg install "$AWG_DIR/$LUCI_APP_AMNEZIAWG_FILENAME"
        if [ $? -eq 0 ]; then
            echo "luci-app-amneziawg file downloaded successfully"
        else
            echo "Error installing luci-app-amneziawg. Please, install luci-app-amneziawg manually and run the script again"
            exit 1
        fi
    fi
    rm -rf "$AWG_DIR"
 }
 wg_awg_setup() {
    PROTOCOL_NAME=$1
    printf "\033[32;1mConfigure ${PROTOCOL_NAME}\033[0m\n"
    if [ "$PROTOCOL_NAME" = 'Wireguard' ]; then
        INTERFACE_NAME="wg0"
        CONFIG_NAME="wireguard_wg0"
        PROTO="wireguard"
        ZONE_NAME="wg"
    fi
    if [ "$PROTOCOL_NAME" = 'AmneziaWG' ]; then
        INTERFACE_NAME="awg0"
        CONFIG_NAME="amneziawg_awg0"
        PROTO="amneziawg"
        ZONE_NAME="awg"
        echo "Do you want to use AmneziaWG config or basic Wireguard config + automatic obfuscation?"
        echo "1) AmneziaWG"
        echo "2) Wireguard + automatic obfuscation"
        read CONFIG_TYPE
    fi
    read -r -p "Enter the private key (from [Interface]):"$'\n' WG_PRIVATE_KEY_INT
    while true; do
        read -r -p "Enter internal IP address with subnet, example 192.168.100.5/24 (from [Interface]):"$'\n' WG_IP
        if echo "$WG_IP" | egrep -oq '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]+$'; then
            break
        else
            echo "This IP is not valid. Please repeat"
        fi
    done
    read -r -p "Enter the public key (from [Peer]):"$'\n' WG_PUBLIC_KEY_INT
    read -r -p "If use PresharedKey, Enter this (from [Peer]). If your don't use leave blank:"$'\n' WG_PRESHARED_KEY_INT
    read -r -p "Enter Endpoint host without port (Domain or IP) (from [Peer]):"$'\n' WG_ENDPOINT_INT
    read -r -p "Enter Endpoint host port (from [Peer]) [51820]:"$'\n' WG_ENDPOINT_PORT_INT
    WG_ENDPOINT_PORT_INT=${WG_ENDPOINT_PORT_INT:-51820}
    if [ "$WG_ENDPOINT_PORT_INT" = '51820' ]; then
        echo $WG_ENDPOINT_PORT_INT
    fi
    if [ "$PROTOCOL_NAME" = 'AmneziaWG' ]; then
        if [ "$CONFIG_TYPE" = '1' ]; then
            read -r -p "Enter Jc value (from [Interface]):"$'\n' AWG_JC
            read -r -p "Enter Jmin value (from [Interface]):"$'\n' AWG_JMIN
            read -r -p "Enter Jmax value (from [Interface]):"$'\n' AWG_JMAX
            read -r -p "Enter S1 value (from [Interface]):"$'\n' AWG_S1
            read -r -p "Enter S2 value (from [Interface]):"$'\n' AWG_S2
            read -r -p "Enter H1 value (from [Interface]):"$'\n' AWG_H1
            read -r -p "Enter H2 value (from [Interface]):"$'\n' AWG_H2
            read -r -p "Enter H3 value (from [Interface]):"$'\n' AWG_H3
            read -r -p "Enter H4 value (from [Interface]):"$'\n' AWG_H4
        elif [ "$CONFIG_TYPE" = '2' ]; then
            #Default values to wg automatic obfuscation
            AWG_JC=4
            AWG_JMIN=40
            AWG_JMAX=70
            AWG_S1=0
            AWG_S2=0
            AWG_H1=1
            AWG_H2=2
            AWG_H3=3
            AWG_H4=4
        fi
    fi
    uci set network.${INTERFACE_NAME}=interface
    uci set network.${INTERFACE_NAME}.proto=$PROTO
    uci set network.${INTERFACE_NAME}.private_key=$WG_PRIVATE_KEY_INT
    uci set network.${INTERFACE_NAME}.listen_port='51821'
    uci set network.${INTERFACE_NAME}.addresses=$WG_IP
    if [ "$PROTOCOL_NAME" = 'AmneziaWG' ]; then
        uci set network.${INTERFACE_NAME}.awg_jc=$AWG_JC
        uci set network.${INTERFACE_NAME}.awg_jmin=$AWG_JMIN
        uci set network.${INTERFACE_NAME}.awg_jmax=$AWG_JMAX
        uci set network.${INTERFACE_NAME}.awg_s1=$AWG_S1
        uci set network.${INTERFACE_NAME}.awg_s2=$AWG_S2
        uci set network.${INTERFACE_NAME}.awg_h1=$AWG_H1
        uci set network.${INTERFACE_NAME}.awg_h2=$AWG_H2
        uci set network.${INTERFACE_NAME}.awg_h3=$AWG_H3
        uci set network.${INTERFACE_NAME}.awg_h4=$AWG_H4
    fi
    if ! uci show network | grep -q ${CONFIG_NAME}; then
        uci add network ${CONFIG_NAME}
    fi
    uci set network.@${CONFIG_NAME}[0]=$CONFIG_NAME
    uci set network.@${CONFIG_NAME}[0].name="${INTERFACE_NAME}_client"
    uci set network.@${CONFIG_NAME}[0].public_key=$WG_PUBLIC_KEY_INT
    uci set network.@${CONFIG_NAME}[0].preshared_key=$WG_PRESHARED_KEY_INT
    uci set network.@${CONFIG_NAME}[0].route_allowed_ips='0'
    uci set network.@${CONFIG_NAME}[0].persistent_keepalive='25'
    uci set network.@${CONFIG_NAME}[0].endpoint_host=$WG_ENDPOINT_INT
    uci set network.@${CONFIG_NAME}[0].allowed_ips='0.0.0.0/0'
    uci set network.@${CONFIG_NAME}[0].endpoint_port=$WG_ENDPOINT_PORT_INT
    uci commit network
    if ! uci show firewall | grep -q "@zone.*name='${ZONE_NAME}'"; then
        printf "\033[32;1mZone Create\033[0m\n"
        uci add firewall zone
        uci set firewall.@zone[-1].name=$ZONE_NAME
        uci set firewall.@zone[-1].network=$INTERFACE_NAME
        uci set firewall.@zone[-1].forward='REJECT'
        uci set firewall.@zone[-1].output='ACCEPT'
        uci set firewall.@zone[-1].input='REJECT'
        uci set firewall.@zone[-1].masq='1'
        uci set firewall.@zone[-1].mtu_fix='1'
        uci set firewall.@zone[-1].family='ipv4'
        uci commit firewall
    fi
    if ! uci show firewall | grep -q "@forwarding.*name='${ZONE_NAME}'"; then
        printf "\033[32;1mConfigured forwarding\033[0m\n"
        uci add firewall forwarding
        uci set firewall.@forwarding[-1]=forwarding
        uci set firewall.@forwarding[-1].name="${ZONE_NAME}-lan"
        uci set firewall.@forwarding[-1].dest=${ZONE_NAME}
        uci set firewall.@forwarding[-1].src='lan'
        uci set firewall.@forwarding[-1].family='ipv4'
        uci commit firewall
    fi
    handler_network_restart
 }
 check_system() {
    # Get router model
    MODEL=$(cat /tmp/sysinfo/model)
-    echo "Router model: $MODEL"
+    msg "Router model: $MODEL"
    # Check available space
    AVAILABLE_SPACE=$(df /overlay | awk 'NR==2 {print $4}')
    REQUIRED_SPACE=15360 # 15MB in KB
    if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_SPACE" ]; then
-        printf "\033[31;1mError: Insufficient space in flash\033[0m\n"
+        msg "Error: Insufficient space in flash"
-        echo "Available: $((AVAILABLE_SPACE/1024))MB"
+        msg "Available: $((AVAILABLE_SPACE/1024))MB"
-        echo "Required: $((REQUIRED_SPACE/1024))MB"
+        msg "Required: $((REQUIRED_SPACE/1024))MB"
        exit 1
    fi
    if ! nslookup google.com >/dev/null 2>&1; then
-        printf "\033[31;1mDNS not working\033[0m\n"
+        msg "DNS not working"
        exit 1
    fi
-    if opkg list-installed | grep -qE "iptables|kmod-iptab"; then
+    if opkg list-installed | grep -q https-dns-proxy; then
-        printf "\033[31;1mFound incompatible iptables packages. If you're using FriendlyWrt: https://t.me/itdogchat/44512/181082\033[0m\n"
+        msg "Сonflicting package detected: https-dns-proxy. Remove?"
        while true; do
                read -r -p '' DNSPROXY
                case $DNSPROXY in
                yes|y|Y|yes)
                    opkg remove --force-depends luci-app-https-dns-proxy https-dns-proxy luci-i18n-https-dns-proxy*
                    break
                    ;;
                *)
                    msg "Exit"
                    exit 1
                    ;;
        esac
    done
    fi
 }
@@ -437,6 +153,8 @@ sing_box() {
    required_version="1.11.1"
    if [ "$(echo -e "$sing_box_version\n$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
        msg "sing-box version $sing_box_version is older than required $required_version"
        msg "Removing old version..."
        opkg remove sing-box
    fi
 }
--- a/luci-app-podkop/Makefile
+++ b/luci-app-podkop/Makefile
@@ -1,7 +1,9 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=luci-app-podkop
-PKG_VERSION:=0.3.32
+
 PKG_VERSION := $(if $(PKG_VERSION),$(PKG_VERSION),dev_$(shell date +%d%m%Y))
 PKG_RELEASE:=1
 LUCI_TITLE:=LuCI podkop app
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/additionalTab.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/additionalTab.js
@@ -0,0 +1,254 @@
 'use strict';
 'require form';
 'require baseclass';
 'require view.podkop.constants as constants';
 'require tools.widgets as widgets';
 function createAdditionalSection(mainSection, network) {
    let o = mainSection.tab('additional', _('Additional Settings'));
    o = mainSection.taboption('additional', form.Flag, 'yacd', _('Yacd enable'), _('<a href="http://openwrt.lan:9090/ui" target="_blank">openwrt.lan:9090/ui</a>'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.Flag, 'exclude_ntp', _('Exclude NTP'), _('For issues with open connections sing-box'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.Flag, 'quic_disable', _('QUIC disable'), _('For issues with the video stream'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.ListValue, 'update_interval', _('List Update Frequency'), _('Select how often the lists will be updated'));
    Object.entries(constants.UPDATE_INTERVAL_OPTIONS).forEach(([key, label]) => {
        o.value(key, _(label));
    });
    o.default = '1d';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.ListValue, 'dns_type', _('DNS Protocol Type'), _('Select DNS protocol to use'));
    o.value('doh', _('DNS over HTTPS (DoH)'));
    o.value('dot', _('DNS over TLS (DoT)'));
    o.value('udp', _('UDP (Unprotected DNS)'));
    o.default = 'udp';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.Value, 'dns_server', _('DNS Server'), _('Select or enter DNS server address'));
    Object.entries(constants.DNS_SERVER_OPTIONS).forEach(([key, label]) => {
        o.value(key, _(label));
    });
    o.default = '8.8.8.8';
    o.rmempty = false;
    o.ucisection = 'main';
    o.validate = function (section_id, value) {
        if (!value) {
            return _('DNS server address cannot be empty');
        }
        const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/;
        if (ipRegex.test(value)) {
            const parts = value.split('.');
            for (const part of parts) {
                const num = parseInt(part);
                if (num < 0 || num > 255) {
                    return _('IP address parts must be between 0 and 255');
                }
            }
            return true;
        }
        const domainRegex = /^([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.[a-zA-Z]{2,}(\/[^\s]*)?$/;
        if (!domainRegex.test(value)) {
            return _('Invalid DNS server format. Examples: 8.8.8.8 or dns.example.com or dns.example.com/nicedns for DoH');
        }
        return true;
    };
    o = mainSection.taboption('additional', form.Flag, 'split_dns_enabled', _('Split DNS'), _('DNS for the list via proxy'));
    o.default = '1';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.ListValue, 'split_dns_type', _('Split DNS Protocol Type'), _('Select DNS protocol for split'));
    o.value('doh', _('DNS over HTTPS (DoH)'));
    o.value('dot', _('DNS over TLS (DoT)'));
    o.value('udp', _('UDP (Unprotected DNS)'));
    o.default = 'udp';
    o.rmempty = false;
    o.depends('split_dns_enabled', '1');
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.Value, 'split_dns_server', _('Split DNS Server'), _('Select or enter DNS server address'));
    Object.entries(constants.DNS_SERVER_OPTIONS).forEach(([key, label]) => {
        o.value(key, _(label));
    });
    o.default = '1.1.1.1';
    o.rmempty = false;
    o.depends('split_dns_enabled', '1');
    o.ucisection = 'main';
    o.validate = function (section_id, value) {
        if (!value) {
            return _('DNS server address cannot be empty');
        }
        const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/;
        if (ipRegex.test(value)) {
            const parts = value.split('.');
            for (const part of parts) {
                const num = parseInt(part);
                if (num < 0 || num > 255) {
                    return _('IP address parts must be between 0 and 255');
                }
            }
            return true;
        }
        const domainRegex = /^([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.[a-zA-Z]{2,}(\/[^\s]*)?$/;
        if (!domainRegex.test(value)) {
            return _('Invalid DNS server format. Examples: 8.8.8.8 or dns.example.com or dns.example.com/nicedns for DoH');
        }
        return true;
    };
    o = mainSection.taboption('additional', form.Value, 'dns_rewrite_ttl', _('DNS Rewrite TTL'), _('Time in seconds for DNS record caching (default: 60)'));
    o.default = '60';
    o.rmempty = false;
    o.ucisection = 'main';
    o.validate = function (section_id, value) {
        if (!value) {
            return _('TTL value cannot be empty');
        }
        const ttl = parseInt(value);
        if (isNaN(ttl) || ttl < 0) {
            return _('TTL must be a positive number');
        }
        return true;
    };
    o = mainSection.taboption('additional', form.Value, 'cache_file', _('Cache File Path'), _('Select or enter path for sing-box cache file. Change this ONLY if you know what you are doing'));
    o.value('/tmp/cache.db', 'RAM (/tmp/cache.db)');
    o.value('/usr/share/sing-box/cache.db', 'Flash (/usr/share/sing-box/cache.db)');
    o.default = '/tmp/cache.db';
    o.rmempty = false;
    o.ucisection = 'main';
    o.validate = function (section_id, value) {
        if (!value) {
            return _('Cache file path cannot be empty');
        }
        if (!value.startsWith('/')) {
            return _('Path must be absolute (start with /)');
        }
        if (!value.endsWith('cache.db')) {
            return _('Path must end with cache.db');
        }
        const parts = value.split('/').filter(Boolean);
        if (parts.length < 2) {
            return _('Path must contain at least one directory (like /tmp/cache.db)');
        }
        return true;
    };
    o = mainSection.taboption('additional', widgets.DeviceSelect, 'iface', _('Source Network Interface'), _('Select the network interface from which the traffic will originate'));
    o.ucisection = 'main';
    o.default = 'br-lan';
    o.noaliases = true;
    o.nobridges = false;
    o.noinactive = false;
    o.multiple = true;
    o.filter = function (section_id, value) {
        if (['wan', 'phy0-ap0', 'phy1-ap0', 'pppoe-wan'].indexOf(value) !== -1) {
            return false;
        }
        var device = this.devices.filter(function (dev) {
            return dev.getName() === value;
        })[0];
        if (device) {
            var type = device.getType();
            return type !== 'wifi' && type !== 'wireless' && !type.includes('wlan');
        }
        return true;
    };
    o = mainSection.taboption('additional', form.Flag, 'mon_restart_ifaces', _('Interface monitoring'), _('Interface monitoring for bad WAN'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', widgets.NetworkSelect, 'restart_ifaces', _('Interface for monitoring'), _('Select the WAN interfaces to be monitored'));
    o.ucisection = 'main';
    o.depends('mon_restart_ifaces', '1');
    o.multiple = true;
    o.filter = function (section_id, value) {
        return ['lan', 'loopback'].indexOf(value) === -1 && !value.startsWith('@');
    };
    o = mainSection.taboption('additional', form.Value, 'procd_reload_delay', _('Interface Monitoring Delay'), _('Delay in milliseconds before reloading podkop after interface UP'));
    o.ucisection = 'main';
    o.depends('mon_restart_ifaces', '1');
    o.default = '2000';
    o.rmempty = false;
    o.validate = function (section_id, value) {
        if (!value) {
            return _('Delay value cannot be empty');
        }
        return true;
    };
    o = mainSection.taboption('additional', form.Flag, 'dont_touch_dhcp', _('Dont touch my DHCP!'), _('Podkop will not change the DHCP config'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('additional', form.Flag, 'detour', _('Proxy download of lists'), _('Downloading all lists via main Proxy/VPN'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    // Extra IPs and exclusions (main section)
    o = mainSection.taboption('basic', form.Flag, 'exclude_from_ip_enabled', _('IP for exclusion'), _('Specify local IP addresses that will never use the configured route'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
    o = mainSection.taboption('basic', form.DynamicList, 'exclude_traffic_ip', _('Local IPs'), _('Enter valid IPv4 addresses'));
    o.placeholder = 'IP';
    o.depends('exclude_from_ip_enabled', '1');
    o.rmempty = false;
    o.ucisection = 'main';
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/;
        if (!ipRegex.test(value)) return _('Invalid IP format. Use format: X.X.X.X (like 192.168.1.1)');
        const ipParts = value.split('.');
        for (const part of ipParts) {
            const num = parseInt(part);
            if (num < 0 || num > 255) return _('IP address parts must be between 0 and 255');
        }
        return true;
    };
    o = mainSection.taboption('basic', form.Flag, 'socks5', _('Mixed enable'), _('Browser port: 2080'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = 'main';
 }
 return baseclass.extend({
    createAdditionalSection
 }); 
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/configSection.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/configSection.js
@@ -0,0 +1,532 @@
 'use strict';
 'require baseclass';
 'require form';
 'require ui';
 'require network';
 'require view.podkop.constants as constants';
 'require tools.widgets as widgets';
 function validateUrl(url, protocols = ['http:', 'https:']) {
    try {
        const parsedUrl = new URL(url);
        if (!protocols.includes(parsedUrl.protocol)) {
            return _('URL must use one of the following protocols: ') + protocols.join(', ');
        }
        return true;
    } catch (e) {
        return _('Invalid URL format');
    }
 }
 function createConfigSection(section, map, network) {
    const s = section;
    let o = s.tab('basic', _('Basic Settings'));
    o = s.taboption('basic', form.ListValue, 'mode', _('Connection Type'), _('Select between VPN and Proxy connection methods for traffic routing'));
    o.value('proxy', ('Proxy'));
    o.value('vpn', ('VPN'));
    o.value('block', ('Block'));
    o.ucisection = s.section;
    o = s.taboption('basic', form.ListValue, 'proxy_config_type', _('Configuration Type'), _('Select how to configure the proxy'));
    o.value('url', _('Connection URL'));
    o.value('outbound', _('Outbound Config'));
    o.default = 'url';
    o.depends('mode', 'proxy');
    o.ucisection = s.section;
    o = s.taboption('basic', form.TextValue, 'proxy_string', _('Proxy Configuration URL'), _(''));
    o.depends('proxy_config_type', 'url');
    o.rows = 5;
    o.rmempty = false;
    o.ucisection = s.section;
    o.sectionDescriptions = new Map();
    o.placeholder = 'vless://uuid@server:port?type=tcp&security=tls#main\n// backup ss://method:pass@server:port\n// backup2 vless://uuid@server:port?type=grpc&security=reality#alt';
    o.renderWidget = function (section_id, option_index, cfgvalue) {
        const original = form.TextValue.prototype.renderWidget.apply(this, [section_id, option_index, cfgvalue]);
        const container = E('div', {});
        container.appendChild(original);
        if (cfgvalue) {
            try {
                const activeConfig = cfgvalue.split('\n')
                    .map(line => line.trim())
                    .find(line => line && !line.startsWith('//'));
                if (activeConfig) {
                    if (activeConfig.includes('#')) {
                        const label = activeConfig.split('#').pop();
                        if (label && label.trim()) {
                            const decodedLabel = decodeURIComponent(label);
                            const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Current config: ') + decodedLabel);
                            container.appendChild(descDiv);
                        } else {
                            const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Config without description'));
                            container.appendChild(descDiv);
                        }
                    } else {
                        const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Config without description'));
                        container.appendChild(descDiv);
                    }
                }
            } catch (e) {
                console.error('Error parsing config label:', e);
                const descDiv = E('div', { 'class': 'cbi-value-description' }, _('Config without description'));
                container.appendChild(descDiv);
            }
        } else {
            const defaultDesc = E('div', { 'class': 'cbi-value-description' },
                _('Enter connection string starting with vless:// or ss:// for proxy configuration. Add comments with // for backup configs'));
            container.appendChild(defaultDesc);
        }
        return container;
    };
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) {
            return true;
        }
        try {
            const activeConfig = value.split('\n')
                .map(line => line.trim())
                .find(line => line && !line.startsWith('//'));
            if (!activeConfig) {
                return _('No active configuration found. At least one non-commented line is required.');
            }
            if (!activeConfig.startsWith('vless://') && !activeConfig.startsWith('ss://')) {
                return _('URL must start with vless:// or ss://');
            }
            if (activeConfig.startsWith('ss://')) {
                let encrypted_part;
                try {
                    let mainPart = activeConfig.includes('?') ? activeConfig.split('?')[0] : activeConfig.split('#')[0];
                    encrypted_part = mainPart.split('/')[2].split('@')[0];
                    try {
                        let decoded = atob(encrypted_part);
                        if (!decoded.includes(':')) {
                            if (!encrypted_part.includes(':') && !encrypted_part.includes('-')) {
                                return _('Invalid Shadowsocks URL format: missing method and password separator ":"');
                            }
                        }
                    } catch (e) {
                        if (!encrypted_part.includes(':') && !encrypted_part.includes('-')) {
                            return _('Invalid Shadowsocks URL format: missing method and password separator ":"');
                        }
                    }
                } catch (e) {
                    return _('Invalid Shadowsocks URL format');
                }
                try {
                    let serverPart = activeConfig.split('@')[1];
                    if (!serverPart) return _('Invalid Shadowsocks URL: missing server address');
                    let [server, portAndRest] = serverPart.split(':');
                    if (!server) return _('Invalid Shadowsocks URL: missing server');
                    let port = portAndRest ? portAndRest.split(/[?#]/)[0] : null;
                    if (!port) return _('Invalid Shadowsocks URL: missing port');
                    let portNum = parseInt(port);
                    if (isNaN(portNum) || portNum < 1 || portNum > 65535) {
                        return _('Invalid port number. Must be between 1 and 65535');
                    }
                } catch (e) {
                    return _('Invalid Shadowsocks URL: missing or invalid server/port format');
                }
            }
            if (activeConfig.startsWith('vless://')) {
                let uuid = activeConfig.split('/')[2].split('@')[0];
                if (!uuid || uuid.length === 0) return _('Invalid VLESS URL: missing UUID');
                try {
                    let serverPart = activeConfig.split('@')[1];
                    if (!serverPart) return _('Invalid VLESS URL: missing server address');
                    let [server, portAndRest] = serverPart.split(':');
                    if (!server) return _('Invalid VLESS URL: missing server');
                    let port = portAndRest ? portAndRest.split(/[/?#]/)[0] : null;
                    if (!port) return _('Invalid VLESS URL: missing port');
                    let portNum = parseInt(port);
                    if (isNaN(portNum) || portNum < 1 || portNum > 65535) {
                        return _('Invalid port number. Must be between 1 and 65535');
                    }
                } catch (e) {
                    return _('Invalid VLESS URL: missing or invalid server/port format');
                }
                let queryString = activeConfig.split('?')[1];
                if (!queryString) return _('Invalid VLESS URL: missing query parameters');
                let params = new URLSearchParams(queryString.split('#')[0]);
                let type = params.get('type');
                const validTypes = ['tcp', 'raw', 'udp', 'grpc', 'http', 'ws'];
                if (!type || !validTypes.includes(type)) {
                    return _('Invalid VLESS URL: type must be one of tcp, raw, udp, grpc, http, ws');
                }
                let security = params.get('security');
                const validSecurities = ['tls', 'reality', 'none'];
                if (!security || !validSecurities.includes(security)) {
                    return _('Invalid VLESS URL: security must be one of tls, reality, none');
                }
                if (security === 'reality') {
                    if (!params.get('pbk')) return _('Invalid VLESS URL: missing pbk parameter for reality security');
                    if (!params.get('fp')) return _('Invalid VLESS URL: missing fp parameter for reality security');
                }
            }
            return true;
        } catch (e) {
            console.error('Validation error:', e);
            return _('Invalid URL format: ') + e.message;
        }
    };
    o = s.taboption('basic', form.TextValue, 'outbound_json', _('Outbound Configuration'), _('Enter complete outbound configuration in JSON format'));
    o.depends('proxy_config_type', 'outbound');
    o.rows = 10;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        try {
            const parsed = JSON.parse(value);
            if (!parsed.type || !parsed.server || !parsed.server_port) {
                return _('JSON must contain at least type, server and server_port fields');
            }
            return true;
        } catch (e) {
            return _('Invalid JSON format');
        }
    };
    o = s.taboption('basic', form.Flag, 'ss_uot', _('Shadowsocks UDP over TCP'), _('Apply for SS2022'));
    o.default = '0';
    o.depends('mode', 'proxy');
    o.rmempty = false;
    o.ucisection = 'main';
    o = s.taboption('basic', widgets.DeviceSelect, 'interface', _('Network Interface'), _('Select network interface for VPN connection'));
    o.depends('mode', 'vpn');
    o.ucisection = s.section;
    o.noaliases = true;
    o.nobridges = false;
    o.noinactive = false;
    o.filter = function (section_id, value) {
        if (['br-lan', 'eth0', 'eth1', 'wan', 'phy0-ap0', 'phy1-ap0', 'pppoe-wan', 'lan'].indexOf(value) !== -1) {
            return false;
        }
        var device = this.devices.filter(function (dev) {
            return dev.getName() === value;
        })[0];
        if (device) {
            var type = device.getType();
            return type !== 'wifi' && type !== 'wireless' && !type.includes('wlan');
        }
        return true;
    };
    o = s.taboption('basic', form.Flag, 'domain_list_enabled', _('Community Lists'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'domain_list', _('Service List'), _('Select predefined service for routing') + ' <a href="https://github.com/itdoginfo/allow-domains" target="_blank">github.com/itdoginfo/allow-domains</a>');
    o.placeholder = 'Service list';
    Object.entries(constants.DOMAIN_LIST_OPTIONS).forEach(([key, label]) => {
        o.value(key, _(label));
    });
    o.depends('domain_list_enabled', '1');
    o.rmempty = false;
    o.ucisection = s.section;
    let lastValues = [];
    let isProcessing = false;
    o.onchange = function (ev, section_id, value) {
        if (isProcessing) return;
        isProcessing = true;
        try {
            const values = Array.isArray(value) ? value : [value];
            let newValues = [...values];
            let notifications = [];
            const selectedRegionalOptions = constants.REGIONAL_OPTIONS.filter(opt => newValues.includes(opt));
            if (selectedRegionalOptions.length > 1) {
                const lastSelected = selectedRegionalOptions[selectedRegionalOptions.length - 1];
                const removedRegions = selectedRegionalOptions.slice(0, -1);
                newValues = newValues.filter(v => v === lastSelected || !constants.REGIONAL_OPTIONS.includes(v));
                notifications.push(E('p', { class: 'alert-message warning' }, [
                    E('strong', {}, _('Regional options cannot be used together')), E('br'),
                    _('Warning: %s cannot be used together with %s. Previous selections have been removed.')
                        .format(removedRegions.join(', '), lastSelected)
                ]));
            }
            if (newValues.includes('russia_inside')) {
                const removedServices = newValues.filter(v => !constants.ALLOWED_WITH_RUSSIA_INSIDE.includes(v));
                if (removedServices.length > 0) {
                    newValues = newValues.filter(v => constants.ALLOWED_WITH_RUSSIA_INSIDE.includes(v));
                    notifications.push(E('p', { class: 'alert-message warning' }, [
                        E('strong', {}, _('Russia inside restrictions')), E('br'),
                        _('Warning: Russia inside can only be used with %s. %s already in Russia inside and have been removed from selection.')
                            .format(
                                constants.ALLOWED_WITH_RUSSIA_INSIDE.map(key => constants.DOMAIN_LIST_OPTIONS[key]).filter(label => label !== 'Russia inside').join(', '),
                                removedServices.join(', ')
                            )
                    ]));
                }
            }
            if (JSON.stringify(newValues.sort()) !== JSON.stringify(values.sort())) {
                this.getUIElement(section_id).setValue(newValues);
            }
            notifications.forEach(notification => ui.addNotification(null, notification));
            lastValues = newValues;
        } catch (e) {
            console.error('Error in onchange handler:', e);
        } finally {
            isProcessing = false;
        }
    };
    o = s.taboption('basic', form.ListValue, 'custom_domains_list_type', _('User Domain List Type'), _('Select how to add your custom domains'));
    o.value('disabled', _('Disabled'));
    o.value('dynamic', _('Dynamic List'));
    o.value('text', _('Text List'));
    o.default = 'disabled';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'custom_domains', _('User Domains'), _('Enter domain names without protocols (example: sub.example.com or example.com)'));
    o.placeholder = 'Domains list';
    o.depends('custom_domains_list_type', 'dynamic');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const domainRegex = /^(?!-)[A-Za-z0-9-]+([-.][A-Za-z0-9-]+)*(\.[A-Za-z]{2,})?$/;
        if (!domainRegex.test(value)) {
            return _('Invalid domain format. Enter domain without protocol (example: sub.example.com or ru)');
        }
        return true;
    };
    o = s.taboption('basic', form.TextValue, 'custom_domains_text', _('User Domains List'), _('Enter domain names separated by comma, space or newline. You can add comments after //'));
    o.placeholder = 'example.com, sub.example.com\n// Social networks\ndomain.com test.com // personal domains';
    o.depends('custom_domains_list_type', 'text');
    o.rows = 8;
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const domainRegex = /^(?!-)[A-Za-z0-9-]+([-.][A-Za-z0-9-]+)*(\.[A-Za-z]{2,})?$/;
        const lines = value.split(/\n/).map(line => line.trim());
        let hasValidDomain = false;
        for (const line of lines) {
            // Skip empty lines
            if (!line) continue;
            // Extract domain part (before any //)
            const domainPart = line.split('//')[0].trim();
            // Skip if line is empty after removing comments
            if (!domainPart) continue;
            // Process each domain in the line (separated by comma or space)
            const domains = domainPart.split(/[,\s]+/).map(d => d.trim()).filter(d => d.length > 0);
            for (const domain of domains) {
                if (!domainRegex.test(domain)) {
                    return _('Invalid domain format: %s. Enter domain without protocol').format(domain);
                }
                hasValidDomain = true;
            }
        }
        if (!hasValidDomain) {
            return _('At least one valid domain must be specified. Comments-only content is not allowed.');
        }
        return true;
    };
    o = s.taboption('basic', form.Flag, 'custom_local_domains_list_enabled', _('Local Domain Lists'), _('Use the list from the router filesystem'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'custom_local_domains', _('Local Domain Lists Path'), _('Enter the list file path'));
    o.placeholder = '/path/file.lst';
    o.depends('custom_local_domains_list_enabled', '1');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const pathRegex = /^\/[a-zA-Z0-9_\-\/\.]+$/;
        if (!pathRegex.test(value)) {
            return _('Invalid path format. Path must start with "/" and contain valid characters');
        }
        return true;
    };
    o = s.taboption('basic', form.Flag, 'custom_download_domains_list_enabled', _('Remote Domain Lists'), _('Download and use domain lists from remote URLs'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'custom_download_domains', _('Remote Domain URLs'), _('Enter full URLs starting with http:// or https://'));
    o.placeholder = 'URL';
    o.depends('custom_download_domains_list_enabled', '1');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        return validateUrl(value);
    };
    o = s.taboption('basic', form.ListValue, 'custom_subnets_list_enabled', _('User Subnet List Type'), _('Select how to add your custom subnets'));
    o.value('disabled', _('Disabled'));
    o.value('dynamic', _('Dynamic List'));
    o.value('text', _('Text List (comma/space/newline separated)'));
    o.default = 'disabled';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'custom_subnets', _('User Subnets'), _('Enter subnets in CIDR notation (example: 103.21.244.0/22) or single IP addresses'));
    o.placeholder = 'IP or subnet';
    o.depends('custom_subnets_list_enabled', 'dynamic');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const subnetRegex = /^(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?$/;
        if (!subnetRegex.test(value)) return _('Invalid format. Use format: X.X.X.X or X.X.X.X/Y');
        const [ip, cidr] = value.split('/');
        if (ip === "0.0.0.0") {
             return _('IP address 0.0.0.0 is not allowed');
        }
        const ipParts = ip.split('.');
        for (const part of ipParts) {
            const num = parseInt(part);
            if (num < 0 || num > 255) return _('IP address parts must be between 0 and 255');
        }
        if (cidr !== undefined) {
            const cidrNum = parseInt(cidr);
            if (cidrNum < 0 || cidrNum > 32) return _('CIDR must be between 0 and 32');
        }
        return true;
    };
    o = s.taboption('basic', form.TextValue, 'custom_subnets_text', _('User Subnets List'), _('Enter subnets in CIDR notation or single IP addresses, separated by comma, space or newline. You can add comments after //'));
    o.placeholder = '103.21.244.0/22\n// Google DNS\n8.8.8.8\n1.1.1.1/32, 9.9.9.9 // Cloudflare and Quad9';
    o.depends('custom_subnets_list_enabled', 'text');
    o.rows = 10;
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const subnetRegex = /^(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?$/;
        const lines = value.split(/\n/).map(line => line.trim());
        let hasValidSubnet = false;
        for (const line of lines) {
            // Skip empty lines
            if (!line) continue;
            // Extract subnet part (before any //)
            const subnetPart = line.split('//')[0].trim();
            // Skip if line is empty after removing comments
            if (!subnetPart) continue;
            // Process each subnet in the line (separated by comma or space)
            const subnets = subnetPart.split(/[,\s]+/).map(s => s.trim()).filter(s => s.length > 0);
            for (const subnet of subnets) {
                if (!subnetRegex.test(subnet)) {
                    return _('Invalid format: %s. Use format: X.X.X.X or X.X.X.X/Y').format(subnet);
                }
                const [ip, cidr] = subnet.split('/');
                const ipParts = ip.split('.');
                for (const part of ipParts) {
                    const num = parseInt(part);
                    if (num < 0 || num > 255) {
                        return _('IP parts must be between 0 and 255 in: %s').format(subnet);
                    }
                }
                if (cidr !== undefined) {
                    const cidrNum = parseInt(cidr);
                    if (cidrNum < 0 || cidrNum > 32) {
                        return _('CIDR must be between 0 and 32 in: %s').format(subnet);
                    }
                }
                hasValidSubnet = true;
            }
        }
        if (!hasValidSubnet) {
            return _('At least one valid subnet or IP must be specified. Comments-only content is not allowed.');
        }
        return true;
    };
    o = s.taboption('basic', form.Flag, 'custom_download_subnets_list_enabled', _('Remote Subnet Lists'), _('Download and use subnet lists from remote URLs'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'custom_download_subnets', _('Remote Subnet URLs'), _('Enter full URLs starting with http:// or https://'));
    o.placeholder = 'URL';
    o.depends('custom_download_subnets_list_enabled', '1');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        return validateUrl(value);
    };
    o = s.taboption('basic', form.Flag, 'all_traffic_from_ip_enabled', _('IP for full redirection'), _('Specify local IP addresses whose traffic will always use the configured route'));
    o.default = '0';
    o.rmempty = false;
    o.ucisection = s.section;
    o = s.taboption('basic', form.DynamicList, 'all_traffic_ip', _('Local IPs'), _('Enter valid IPv4 addresses'));
    o.placeholder = 'IP';
    o.depends('all_traffic_from_ip_enabled', '1');
    o.rmempty = false;
    o.ucisection = s.section;
    o.validate = function (section_id, value) {
        if (!value || value.length === 0) return true;
        const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/;
        if (!ipRegex.test(value)) return _('Invalid IP format. Use format: X.X.X.X (like 192.168.1.1)');
        const ipParts = value.split('.');
        for (const part of ipParts) {
            const num = parseInt(part);
            if (num < 0 || num > 255) return _('IP address parts must be between 0 and 255');
        }
        return true;
    };
 }
 return baseclass.extend({
    createConfigSection
 });
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/constants.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/constants.js
@@ -0,0 +1,113 @@
 'use strict';
 'require baseclass';
 const STATUS_COLORS = {
    SUCCESS: '#4caf50',
    ERROR: '#f44336',
    WARNING: '#ff9800'
 };
 const FAKEIP_CHECK_DOMAIN = 'fakeip.podkop.fyi';
 const IP_CHECK_DOMAIN = 'ip.podkop.fyi';
 const REGIONAL_OPTIONS = ['russia_inside', 'russia_outside', 'ukraine_inside'];
 const ALLOWED_WITH_RUSSIA_INSIDE = [
    'russia_inside',
    'meta',
    'twitter',
    'discord',
    'telegram',
    'cloudflare',
    'google_ai',
    'google_play',
    'hetzner',
    'ovh',
    'hodca',
    'digitalocean',
    'cloudfront'
 ];
 const DOMAIN_LIST_OPTIONS = {
    russia_inside: 'Russia inside',
    russia_outside: 'Russia outside',
    ukraine_inside: 'Ukraine',
    geoblock: 'Geo Block',
    block: 'Block',
    porn: 'Porn',
    news: 'News',
    anime: 'Anime',
    youtube: 'Youtube',
    discord: 'Discord',
    meta: 'Meta',
    twitter: 'Twitter (X)',
    hdrezka: 'HDRezka',
    tiktok: 'Tik-Tok',
    telegram: 'Telegram',
    cloudflare: 'Cloudflare',
    google_ai: 'Google AI',
    google_play: 'Google Play',
    hodca: 'H.O.D.C.A',
    hetzner: 'Hetzner ASN',
    ovh: 'OVH ASN',
    digitalocean: 'Digital Ocean ASN',
    cloudfront: 'CloudFront ASN'
 };
 const UPDATE_INTERVAL_OPTIONS = {
    '1h': 'Every hour',
    '3h': 'Every 3 hours',
    '12h': 'Every 12 hours',
    '1d': 'Every day',
    '3d': 'Every 3 days'
 };
 const DNS_SERVER_OPTIONS = {
    '1.1.1.1': 'Cloudflare (1.1.1.1)',
    '8.8.8.8': 'Google (8.8.8.8)',
    '9.9.9.9': 'Quad9 (9.9.9.9)',
    'dns.adguard-dns.com': 'AdGuard Default (dns.adguard-dns.com)',
    'unfiltered.adguard-dns.com': 'AdGuard Unfiltered (unfiltered.adguard-dns.com)',
    'family.adguard-dns.com': 'AdGuard Family (family.adguard-dns.com)'
 };
 const DIAGNOSTICS_UPDATE_INTERVAL = 10000; // 10 seconds
 const CACHE_TIMEOUT = DIAGNOSTICS_UPDATE_INTERVAL - 1000; // 9 seconds
 const ERROR_POLL_INTERVAL = 10000; // 10 seconds
 const COMMAND_TIMEOUT = 10000; // 10 seconds
 const FETCH_TIMEOUT = 10000; // 10 seconds
 const BUTTON_FEEDBACK_TIMEOUT = 1000; // 1 second
 const DIAGNOSTICS_INITIAL_DELAY = 100; // 100 milliseconds
 // Интервалы планирования команд в диагностике (в миллисекундах)
 const COMMAND_SCHEDULING = {
    P0_PRIORITY: 0,      // Наивысший приоритет (без задержки)
    P1_PRIORITY: 100,    // Очень высокий приоритет
    P2_PRIORITY: 300,    // Высокий приоритет
    P3_PRIORITY: 500,    // Выше среднего
    P4_PRIORITY: 700,    // Стандартный приоритет
    P5_PRIORITY: 900,    // Ниже среднего
    P6_PRIORITY: 1100,   // Низкий приоритет
    P7_PRIORITY: 1300,   // Очень низкий приоритет
    P8_PRIORITY: 1500,   // Фоновое выполнение
    P9_PRIORITY: 1700,   // Выполнение в режиме простоя
    P10_PRIORITY: 1900   // Наименьший приоритет
 };
 return baseclass.extend({
    STATUS_COLORS,
    FAKEIP_CHECK_DOMAIN,
    IP_CHECK_DOMAIN,
    REGIONAL_OPTIONS,
    ALLOWED_WITH_RUSSIA_INSIDE,
    DOMAIN_LIST_OPTIONS,
    UPDATE_INTERVAL_OPTIONS,
    DNS_SERVER_OPTIONS,
    DIAGNOSTICS_UPDATE_INTERVAL,
    ERROR_POLL_INTERVAL,
    COMMAND_TIMEOUT,
    FETCH_TIMEOUT,
    BUTTON_FEEDBACK_TIMEOUT,
    DIAGNOSTICS_INITIAL_DELAY,
    COMMAND_SCHEDULING,
    CACHE_TIMEOUT
 });
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/diagnosticTab.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/diagnosticTab.js
@@ -0,0 +1,887 @@
 'use strict';
 'require baseclass';
 'require form';
 'require ui';
 'require uci';
 'require fs';
 'require view.podkop.constants as constants';
 'require view.podkop.utils as utils';
 // Cache system for network requests
 const fetchCache = {};
 // Helper function to fetch with cache
 async function cachedFetch(url, options = {}) {
    const cacheKey = url;
    const currentTime = Date.now();
    // If we have a valid cached response, return it
    if (fetchCache[cacheKey] && currentTime - fetchCache[cacheKey].timestamp < constants.CACHE_TIMEOUT) {
        console.log(`Using cached response for ${url}`);
        return Promise.resolve(fetchCache[cacheKey].response.clone());
    }
    // Otherwise, make a new request
    try {
        const response = await fetch(url, options);
        // Cache the response
        fetchCache[cacheKey] = {
            response: response.clone(),
            timestamp: currentTime
        };
        return response;
    } catch (error) {
        throw error;
    }
 }
 // Helper functions for command execution with prioritization - Using from utils.js now
 function safeExec(command, args, priority, callback, timeout = constants.COMMAND_TIMEOUT) {
    return utils.safeExec(command, args, priority, callback, timeout);
 }
 // Helper functions for handling checks
 function runCheck(checkFunction, priority, callback) {
    // Default to highest priority execution if priority is not provided or invalid
    let schedulingDelay = constants.COMMAND_SCHEDULING.P0_PRIORITY;
    // If priority is a string, try to get the corresponding delay value
    if (typeof priority === 'string' && constants.COMMAND_SCHEDULING[priority] !== undefined) {
        schedulingDelay = constants.COMMAND_SCHEDULING[priority];
    }
    const executeCheck = async () => {
        try {
            const result = await checkFunction();
            if (callback && typeof callback === 'function') {
                callback(result);
            }
            return result;
        } catch (error) {
            if (callback && typeof callback === 'function') {
                callback({ error });
            }
            return { error };
        }
    };
    if (callback && typeof callback === 'function') {
        setTimeout(executeCheck, schedulingDelay);
        return;
    } else {
        return executeCheck();
    }
 }
 function runAsyncTask(taskFunction, priority) {
    // Default to highest priority execution if priority is not provided or invalid
    let schedulingDelay = constants.COMMAND_SCHEDULING.P0_PRIORITY;
    // If priority is a string, try to get the corresponding delay value
    if (typeof priority === 'string' && constants.COMMAND_SCHEDULING[priority] !== undefined) {
        schedulingDelay = constants.COMMAND_SCHEDULING[priority];
    }
    setTimeout(async () => {
        try {
            await taskFunction();
        } catch (error) {
            console.error('Async task error:', error);
        }
    }, schedulingDelay);
 }
 // Helper Functions for UI and formatting
 function createStatus(state, message, color) {
    return {
        state,
        message: _(message),
        color: constants.STATUS_COLORS[color]
    };
 }
 function formatDiagnosticOutput(output) {
    if (typeof output !== 'string') return '';
    return output.trim()
        .replace(/\x1b\[[0-9;]*m/g, '')
        .replace(/\r\n/g, '\n')
        .replace(/\r/g, '\n');
 }
 function copyToClipboard(text, button) {
    const textarea = document.createElement('textarea');
    textarea.value = text;
    document.body.appendChild(textarea);
    textarea.select();
    try {
        document.execCommand('copy');
        const originalText = button.textContent;
        button.textContent = _('Copied!');
        setTimeout(() => button.textContent = originalText, constants.BUTTON_FEEDBACK_TIMEOUT);
    } catch (err) {
        ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
    }
    document.body.removeChild(textarea);
 }
 // IP masking function
 function maskIP(ip) {
    if (!ip) return '';
    const parts = ip.split('.');
    if (parts.length !== 4) return ip;
    return ['XX', 'XX', 'XX', parts[3]].join('.');
 }
 // Status Check Functions
 async function checkFakeIP() {
    try {
        const controller = new AbortController();
        const timeoutId = setTimeout(() => controller.abort(), constants.FETCH_TIMEOUT);
        try {
            const response = await cachedFetch(`https://${constants.FAKEIP_CHECK_DOMAIN}/check`, { signal: controller.signal });
            const data = await response.json();
            clearTimeout(timeoutId);
            if (data.fakeip === true) {
                return createStatus('working', 'working', 'SUCCESS');
            } else {
                return createStatus('not_working', 'not working', 'ERROR');
            }
        } catch (fetchError) {
            clearTimeout(timeoutId);
            const message = fetchError.name === 'AbortError' ? 'timeout' : 'check error';
            return createStatus('error', message, 'WARNING');
        }
    } catch (error) {
        return createStatus('error', 'check error', 'WARNING');
    }
 }
 async function checkFakeIPCLI() {
    try {
        return new Promise((resolve) => {
            safeExec('nslookup', ['-timeout=2', constants.FAKEIP_CHECK_DOMAIN, '127.0.0.42'], 'P0_PRIORITY', result => {
                if (result.stdout && result.stdout.includes('198.18')) {
                    resolve(createStatus('working', 'working on router', 'SUCCESS'));
                } else {
                    resolve(createStatus('not_working', 'not working on router', 'ERROR'));
                }
            });
        });
    } catch (error) {
        return createStatus('error', 'CLI check error', 'WARNING');
    }
 }
 function checkDNSAvailability() {
    return new Promise(async (resolve) => {
        try {
            safeExec('/usr/bin/podkop', ['check_dns_available'], 'P0_PRIORITY', dnsStatusResult => {
                if (!dnsStatusResult || !dnsStatusResult.stdout) {
                    return resolve({
                        remote: createStatus('error', 'DNS check timeout', 'WARNING'),
                        local: createStatus('error', 'DNS check timeout', 'WARNING')
                    });
                }
                try {
                    const dnsStatus = JSON.parse(dnsStatusResult.stdout);
                    const remoteStatus = dnsStatus.is_available ?
                        createStatus('available', `${dnsStatus.dns_type.toUpperCase()} (${dnsStatus.dns_server}) available`, 'SUCCESS') :
                        createStatus('unavailable', `${dnsStatus.dns_type.toUpperCase()} (${dnsStatus.dns_server}) unavailable`, 'ERROR');
                    const localStatus = dnsStatus.local_dns_working ?
                        createStatus('available', 'Router DNS working', 'SUCCESS') :
                        createStatus('unavailable', 'Router DNS not working', 'ERROR');
                    return resolve({
                        remote: remoteStatus,
                        local: localStatus
                    });
                } catch (parseError) {
                    return resolve({
                        remote: createStatus('error', 'DNS check parse error', 'WARNING'),
                        local: createStatus('error', 'DNS check parse error', 'WARNING')
                    });
                }
            });
        } catch (error) {
            return resolve({
                remote: createStatus('error', 'DNS check error', 'WARNING'),
                local: createStatus('error', 'DNS check error', 'WARNING')
            });
        }
    });
 }
 async function checkBypass() {
    try {
        const controller = new AbortController();
        const timeoutId = setTimeout(() => controller.abort(), constants.FETCH_TIMEOUT);
        try {
            const response1 = await cachedFetch(`https://${constants.FAKEIP_CHECK_DOMAIN}/check`, { signal: controller.signal });
            const data1 = await response1.json();
            const response2 = await cachedFetch(`https://${constants.IP_CHECK_DOMAIN}/check`, { signal: controller.signal });
            const data2 = await response2.json();
            clearTimeout(timeoutId);
            if (data1.IP && data2.IP) {
                if (data1.IP !== data2.IP) {
                    return createStatus('working', 'working', 'SUCCESS');
                } else {
                    return createStatus('not_working', 'same IP for both domains', 'ERROR');
                }
            } else {
                return createStatus('error', 'check error (no IP)', 'WARNING');
            }
        } catch (fetchError) {
            clearTimeout(timeoutId);
            const message = fetchError.name === 'AbortError' ? 'timeout' : 'check error';
            return createStatus('error', message, 'WARNING');
        }
    } catch (error) {
        return createStatus('error', 'check error', 'WARNING');
    }
 }
 // Modal Functions
 function createModalContent(title, content) {
    return [
        E('div', {
            'class': 'panel-body',
            style: 'max-height: 70vh; overflow-y: auto; margin: 1em 0; padding: 1.5em; ' +
                'font-family: monospace; white-space: pre-wrap; word-wrap: break-word; ' +
                'line-height: 1.5; font-size: 14px;'
        }, [
            E('pre', { style: 'margin: 0;' }, content)
        ]),
        E('div', {
            'class': 'right',
            style: 'margin-top: 1em;'
        }, [
            E('button', {
                'class': 'btn',
                'click': ev => copyToClipboard('```txt\n' + content + '\n```', ev.target)
            }, _('Copy to Clipboard')),
            E('button', {
                'class': 'btn',
                'click': ui.hideModal
            }, _('Close'))
        ])
    ];
 }
 function showConfigModal(command, title) {
    // Create and show modal immediately with loading state
    const modalContent = E('div', { 'class': 'panel-body' }, [
        E('div', {
            'class': 'panel-body',
            style: 'max-height: 70vh; overflow-y: auto; margin: 1em 0; padding: 1.5em; ' +
                'font-family: monospace; white-space: pre-wrap; word-wrap: break-word; ' +
                'line-height: 1.5; font-size: 14px;'
        }, [
            E('pre', {
                'id': 'modal-content-pre',
                style: 'margin: 0;'
            }, _('Loading...'))
        ]),
        E('div', {
            'class': 'right',
            style: 'margin-top: 1em;'
        }, [
            E('button', {
                'class': 'btn',
                'id': 'copy-button',
                'click': ev => copyToClipboard('```txt\n' + document.getElementById('modal-content-pre').innerText + '\n```', ev.target)
            }, _('Copy to Clipboard')),
            E('button', {
                'class': 'btn',
                'click': ui.hideModal
            }, _('Close'))
        ])
    ]);
    ui.showModal(_(title), modalContent);
    // Function to update modal content
    const updateModalContent = (content) => {
        const pre = document.getElementById('modal-content-pre');
        if (pre) {
            pre.textContent = content;
        }
    };
    try {
        let formattedOutput = '';
        if (command === 'global_check') {
            safeExec('/usr/bin/podkop', [command], 'P0_PRIORITY', res => {
                formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
                try {
                    const controller = new AbortController();
                    const timeoutId = setTimeout(() => controller.abort(), constants.FETCH_TIMEOUT);
                    cachedFetch(`https://${constants.FAKEIP_CHECK_DOMAIN}/check`, { signal: controller.signal })
                        .then(response => response.json())
                        .then(data => {
                            clearTimeout(timeoutId);
                            if (data.fakeip === true) {
                                formattedOutput += '\n✅ ' + _('FakeIP is working in browser!') + '\n';
                            } else {
                                formattedOutput += '\n❌ ' + _('FakeIP is not working in browser') + '\n';
                                formattedOutput += _('Check DNS server on current device (PC, phone)') + '\n';
                                formattedOutput += _('Its must be router!') + '\n';
                            }
                            // Bypass check
                            cachedFetch(`https://${constants.FAKEIP_CHECK_DOMAIN}/check`, { signal: controller.signal })
                                .then(bypassResponse => bypassResponse.json())
                                .then(bypassData => {
                                    cachedFetch(`https://${constants.IP_CHECK_DOMAIN}/check`, { signal: controller.signal })
                                        .then(bypassResponse2 => bypassResponse2.json())
                                        .then(bypassData2 => {
                                            formattedOutput += '━━━━━━━━━━━━━━━━━━━━━━━━━━━\n';
                                            if (bypassData.IP && bypassData2.IP && bypassData.IP !== bypassData2.IP) {
                                                formattedOutput += '✅ ' + _('Proxy working correctly') + '\n';
                                                formattedOutput += _('Direct IP: ') + maskIP(bypassData.IP) + '\n';
                                                formattedOutput += _('Proxy IP: ') + maskIP(bypassData2.IP) + '\n';
                                            } else if (bypassData.IP === bypassData2.IP) {
                                                formattedOutput += '❌ ' + _('Proxy is not working - same IP for both domains') + '\n';
                                                formattedOutput += _('IP: ') + maskIP(bypassData.IP) + '\n';
                                            } else {
                                                formattedOutput += '❌ ' + _('Proxy check failed') + '\n';
                                            }
                                            updateModalContent(formattedOutput);
                                        })
                                        .catch(error => {
                                            formattedOutput += '\n❌ ' + _('Check failed: ') + (error.name === 'AbortError' ? _('timeout') : error.message) + '\n';
                                            updateModalContent(formattedOutput);
                                        });
                                })
                                .catch(error => {
                                    formattedOutput += '\n❌ ' + _('Check failed: ') + (error.name === 'AbortError' ? _('timeout') : error.message) + '\n';
                                    updateModalContent(formattedOutput);
                                });
                        })
                        .catch(error => {
                            formattedOutput += '\n❌ ' + _('Check failed: ') + (error.name === 'AbortError' ? _('timeout') : error.message) + '\n';
                            updateModalContent(formattedOutput);
                        });
                } catch (error) {
                    formattedOutput += '\n❌ ' + _('Check failed: ') + error.message + '\n';
                    updateModalContent(formattedOutput);
                }
            });
        } else {
            safeExec('/usr/bin/podkop', [command], 'P0_PRIORITY', res => {
                formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
                updateModalContent(formattedOutput);
            });
        }
    } catch (error) {
        updateModalContent(_('Error: ') + error.message);
    }
 }
 // Button Factory
 const ButtonFactory = {
    createButton: function (config) {
        return E('button', {
            'class': `btn ${config.additionalClass || ''}`.trim(),
            'click': config.onClick,
            'style': config.style || ''
        }, _(config.label));
    },
    createActionButton: function (config) {
        return this.createButton({
            label: config.label,
            additionalClass: `cbi-button-${config.type || ''}`,
            onClick: () => safeExec('/usr/bin/podkop', [config.action], 'P0_PRIORITY')
                .then(() => config.reload && location.reload()),
            style: config.style
        });
    },
    createInitActionButton: function (config) {
        return this.createButton({
            label: config.label,
            additionalClass: `cbi-button-${config.type || ''}`,
            onClick: () => safeExec('/etc/init.d/podkop', [config.action], 'P0_PRIORITY')
                .then(() => config.reload && location.reload()),
            style: config.style
        });
    },
    createModalButton: function (config) {
        return this.createButton({
            label: config.label,
            onClick: () => showConfigModal(config.command, config.title),
            additionalClass: `cbi-button-${config.type || ''}`,
            style: config.style
        });
    }
 };
 // Create a loading placeholder for status text
 function createLoadingStatusText() {
    return E('span', { 'class': 'loading-indicator' }, _('Loading...'));
 }
 // Create the status section with buttons loaded immediately but status indicators loading asynchronously
 let createStatusSection = async function () {
    // Get initial podkop status
    let initialPodkopStatus = { enabled: false };
    try {
        const result = await fs.exec('/usr/bin/podkop', ['get_status']);
        if (result && result.stdout) {
            const status = JSON.parse(result.stdout);
            initialPodkopStatus.enabled = status.enabled === 1;
        }
    } catch (e) {
        console.error('Error getting initial podkop status:', e);
    }
    return E('div', { 'class': 'cbi-section' }, [
        E('div', { 'class': 'table', style: 'display: flex; gap: 20px;' }, [
            // Podkop Status Panel
            E('div', { 'id': 'podkop-status-panel', 'class': 'panel', 'style': 'flex: 1; padding: 15px;' }, [
                E('div', { 'class': 'panel-heading' }, [
                    E('strong', {}, _('Podkop Status')),
                    E('br'),
                    E('span', { 'id': 'podkop-status-text' }, createLoadingStatusText())
                ]),
                E('div', { 'class': 'panel-body', 'style': 'display: flex; flex-direction: column; gap: 8px;' }, [
                    ButtonFactory.createActionButton({
                        label: 'Restart Podkop',
                        type: 'apply',
                        action: 'restart',
                        reload: true
                    }),
                    ButtonFactory.createActionButton({
                        label: 'Stop Podkop',
                        type: 'apply',
                        action: 'stop',
                        reload: true
                    }),
                    // Autostart button - create with initial state
                    ButtonFactory.createInitActionButton({
                        label: initialPodkopStatus.enabled ? 'Disable Autostart' : 'Enable Autostart',
                        type: initialPodkopStatus.enabled ? 'remove' : 'apply',
                        action: initialPodkopStatus.enabled ? 'disable' : 'enable',
                        reload: true
                    }),
                    ButtonFactory.createModalButton({
                        label: _('Global check'),
                        command: 'global_check',
                        title: _('Click here for all the info')
                    }),
                    ButtonFactory.createModalButton({
                        label: 'View Logs',
                        command: 'check_logs',
                        title: 'Podkop Logs'
                    }),
                    ButtonFactory.createModalButton({
                        label: _('Update Lists'),
                        command: 'list_update',
                        title: _('Lists Update Results')
                    })
                ])
            ]),
            // Sing-box Status Panel
            E('div', { 'id': 'singbox-status-panel', 'class': 'panel', 'style': 'flex: 1; padding: 15px;' }, [
                E('div', { 'class': 'panel-heading' }, [
                    E('strong', {}, _('Sing-box Status')),
                    E('br'),
                    E('span', { 'id': 'singbox-status-text' }, createLoadingStatusText())
                ]),
                E('div', { 'class': 'panel-body', 'style': 'display: flex; flex-direction: column; gap: 8px;' }, [
                    ButtonFactory.createModalButton({
                        label: 'Show Config',
                        command: 'show_sing_box_config',
                        title: 'Sing-box Configuration'
                    }),
                    ButtonFactory.createModalButton({
                        label: 'View Logs',
                        command: 'check_sing_box_logs',
                        title: 'Sing-box Logs'
                    }),
                    ButtonFactory.createModalButton({
                        label: 'Check Connections',
                        command: 'check_sing_box_connections',
                        title: 'Active Connections'
                    }),
                    ButtonFactory.createModalButton({
                        label: _('Check NFT Rules'),
                        command: 'check_nft',
                        title: _('NFT Rules')
                    }),
                    ButtonFactory.createModalButton({
                        label: _('Check DNSMasq'),
                        command: 'check_dnsmasq',
                        title: _('DNSMasq Configuration')
                    })
                ])
            ]),
            // FakeIP Status Panel
            E('div', { 'id': 'fakeip-status-panel', 'class': 'panel', 'style': 'flex: 1; padding: 15px;' }, [
                E('div', { 'class': 'panel-heading' }, [
                    E('strong', {}, _('FakeIP Status'))
                ]),
                E('div', { 'class': 'panel-body', 'style': 'display: flex; flex-direction: column; gap: 8px;' }, [
                    E('div', { style: 'margin-bottom: 5px;' }, [
                        E('div', {}, [
                            E('span', { 'id': 'fakeip-browser-status' }, createLoadingStatusText())
                        ]),
                        E('div', {}, [
                            E('span', { 'id': 'fakeip-router-status' }, createLoadingStatusText())
                        ])
                    ]),
                    E('div', { style: 'margin-bottom: 5px;' }, [
                        E('div', {}, [
                            E('strong', {}, _('DNS Status')),
                            E('br'),
                            E('span', { 'id': 'dns-remote-status' }, createLoadingStatusText()),
                            E('br'),
                            E('span', { 'id': 'dns-local-status' }, createLoadingStatusText())
                        ])
                    ]),
                    E('div', { style: 'margin-bottom: 5px;' }, [
                        E('div', {}, [
                            E('strong', { 'id': 'config-name-text' }, _('Main config')),
                            E('br'),
                            E('span', { 'id': 'bypass-status' }, createLoadingStatusText())
                        ])
                    ])
                ])
            ]),
            // Version Information Panel
            E('div', { 'id': 'version-info-panel', 'class': 'panel', 'style': 'flex: 1; padding: 15px;' }, [
                E('div', { 'class': 'panel-heading' }, [
                    E('strong', {}, _('Version Information'))
                ]),
                E('div', { 'class': 'panel-body' }, [
                    E('div', { 'style': 'margin-top: 10px; font-family: monospace; white-space: pre-wrap;' }, [
                        E('strong', {}, _('Podkop: ')), E('span', { 'id': 'podkop-version' }, _('Loading...')), '\n',
                        E('strong', {}, _('LuCI App: ')), E('span', { 'id': 'luci-version' }, _('Loading...')), '\n',
                        E('strong', {}, _('Sing-box: ')), E('span', { 'id': 'singbox-version' }, _('Loading...')), '\n',
                        E('strong', {}, _('OpenWrt Version: ')), E('span', { 'id': 'openwrt-version' }, _('Loading...')), '\n',
                        E('strong', {}, _('Device Model: ')), E('span', { 'id': 'device-model' }, _('Loading...'))
                    ])
                ])
            ])
        ])
    ]);
 };
 // Global variables for tracking state
 let diagnosticsUpdateTimer = null;
 let isInitialCheck = true;
 showConfigModal.busy = false;
 function startDiagnosticsUpdates() {
    if (diagnosticsUpdateTimer) {
        clearInterval(diagnosticsUpdateTimer);
    }
    // Immediately update when started
    updateDiagnostics();
    // Then set up periodic updates
    diagnosticsUpdateTimer = setInterval(updateDiagnostics, constants.DIAGNOSTICS_UPDATE_INTERVAL);
 }
 function stopDiagnosticsUpdates() {
    if (diagnosticsUpdateTimer) {
        clearInterval(diagnosticsUpdateTimer);
        diagnosticsUpdateTimer = null;
    }
 }
 // Update individual text element with new content
 function updateTextElement(elementId, content) {
    const element = document.getElementById(elementId);
    if (element) {
        element.innerHTML = '';
        element.appendChild(content);
    }
 }
 async function updateDiagnostics() {
    // Podkop Status check
    safeExec('/usr/bin/podkop', ['get_status'], 'P0_PRIORITY', result => {
        try {
            const parsedPodkopStatus = JSON.parse(result.stdout || '{"enabled":0,"status":"error"}');
            // Update Podkop status text
            updateTextElement('podkop-status-text',
                E('span', {
                    'style': `color: ${parsedPodkopStatus.enabled ? constants.STATUS_COLORS.SUCCESS : constants.STATUS_COLORS.ERROR}`
                }, [
                    parsedPodkopStatus.enabled ? '✔ Autostart enabled' : '✘ Autostart disabled'
                ])
            );
            // Update autostart button
            const autostartButton = parsedPodkopStatus.enabled ?
                ButtonFactory.createInitActionButton({
                    label: 'Disable Autostart',
                    type: 'remove',
                    action: 'disable',
                    reload: true
                }) :
                ButtonFactory.createInitActionButton({
                    label: 'Enable Autostart',
                    type: 'apply',
                    action: 'enable',
                    reload: true
                });
            // Find the autostart button and replace it
            const panel = document.getElementById('podkop-status-panel');
            if (panel) {
                const buttons = panel.querySelectorAll('.cbi-button');
                if (buttons.length >= 3) {
                    buttons[2].parentNode.replaceChild(autostartButton, buttons[2]);
                }
            }
        } catch (error) {
            updateTextElement('podkop-status-text',
                E('span', { 'style': `color: ${constants.STATUS_COLORS.ERROR}` }, '✘ Error')
            );
        }
    });
    // Sing-box Status check
    safeExec('/usr/bin/podkop', ['get_sing_box_status'], 'P0_PRIORITY', result => {
        try {
            const parsedSingboxStatus = JSON.parse(result.stdout || '{"running":0,"enabled":0,"status":"error"}');
            // Update Sing-box status text
            updateTextElement('singbox-status-text',
                E('span', {
                    'style': `color: ${parsedSingboxStatus.running && !parsedSingboxStatus.enabled ?
                        constants.STATUS_COLORS.SUCCESS : constants.STATUS_COLORS.ERROR}`
                }, [
                    parsedSingboxStatus.running && !parsedSingboxStatus.enabled ?
                        '✔ running' : '✘ ' + parsedSingboxStatus.status
                ])
            );
        } catch (error) {
            updateTextElement('singbox-status-text',
                E('span', { 'style': `color: ${constants.STATUS_COLORS.ERROR}` }, '✘ Error')
            );
        }
    });
    // Version Information checks
    safeExec('/usr/bin/podkop', ['show_version'], 'P2_PRIORITY', result => {
        updateTextElement('podkop-version',
            document.createTextNode(result.stdout ? result.stdout.trim() : _('Unknown'))
        );
    });
    safeExec('/usr/bin/podkop', ['show_luci_version'], 'P2_PRIORITY', result => {
        updateTextElement('luci-version',
            document.createTextNode(result.stdout ? result.stdout.trim() : _('Unknown'))
        );
    });
    safeExec('/usr/bin/podkop', ['show_sing_box_version'], 'P2_PRIORITY', result => {
        updateTextElement('singbox-version',
            document.createTextNode(result.stdout ? result.stdout.trim() : _('Unknown'))
        );
    });
    safeExec('/usr/bin/podkop', ['show_system_info'], 'P2_PRIORITY', result => {
        if (result.stdout) {
            updateTextElement('openwrt-version',
                document.createTextNode(result.stdout.split('\n')[1].trim())
            );
            updateTextElement('device-model',
                document.createTextNode(result.stdout.split('\n')[4].trim())
            );
        } else {
            updateTextElement('openwrt-version', document.createTextNode(_('Unknown')));
            updateTextElement('device-model', document.createTextNode(_('Unknown')));
        }
    });
    // FakeIP and DNS status checks
    runCheck(checkFakeIP, 'P3_PRIORITY', result => {
        updateTextElement('fakeip-browser-status',
            E('span', { style: `color: ${result.error ? constants.STATUS_COLORS.WARNING : result.color}` }, [
                result.error ? '! ' : result.state === 'working' ? '✔ ' : result.state === 'not_working' ? '✘ ' : '! ',
                result.error ? 'check error' : result.state === 'working' ? _('works in browser') : _('does not work in browser')
            ])
        );
    });
    runCheck(checkFakeIPCLI, 'P8_PRIORITY', result => {
        updateTextElement('fakeip-router-status',
            E('span', { style: `color: ${result.error ? constants.STATUS_COLORS.WARNING : result.color}` }, [
                result.error ? '! ' : result.state === 'working' ? '✔ ' : result.state === 'not_working' ? '✘ ' : '! ',
                result.error ? 'check error' : result.state === 'working' ? _('works on router') : _('does not work on router')
            ])
        );
    });
    runCheck(checkDNSAvailability, 'P4_PRIORITY', result => {
        if (result.error) {
            updateTextElement('dns-remote-status',
                E('span', { style: `color: ${constants.STATUS_COLORS.WARNING}` }, '! DNS check error')
            );
            updateTextElement('dns-local-status',
                E('span', { style: `color: ${constants.STATUS_COLORS.WARNING}` }, '! DNS check error')
            );
        } else {
            updateTextElement('dns-remote-status',
                E('span', { style: `color: ${result.remote.color}` }, [
                    result.remote.state === 'available' ? '✔ ' : result.remote.state === 'unavailable' ? '✘ ' : '! ',
                    result.remote.message
                ])
            );
            updateTextElement('dns-local-status',
                E('span', { style: `color: ${result.local.color}` }, [
                    result.local.state === 'available' ? '✔ ' : result.local.state === 'unavailable' ? '✘ ' : '! ',
                    result.local.message
                ])
            );
        }
    });
    runCheck(checkBypass, 'P1_PRIORITY', result => {
        updateTextElement('bypass-status',
            E('span', { style: `color: ${result.error ? constants.STATUS_COLORS.WARNING : result.color}` }, [
                result.error ? '! ' : result.state === 'working' ? '✔ ' : result.state === 'not_working' ? '✘ ' : '! ',
                result.error ? 'check error' : result.message
            ])
        );
    }, 'P1_PRIORITY');
    // Config name
    runAsyncTask(async () => {
        try {
            let configName = _('Main config');
            const data = await uci.load('podkop');
            const proxyString = uci.get('podkop', 'main', 'proxy_string');
            if (proxyString) {
                const activeConfig = proxyString.split('\n')
                    .map(line => line.trim())
                    .find(line => line && !line.startsWith('//'));
                if (activeConfig) {
                    if (activeConfig.includes('#')) {
                        const label = activeConfig.split('#').pop();
                        if (label && label.trim()) {
                            configName = _('Config: ') + decodeURIComponent(label);
                        }
                    }
                }
            }
            updateTextElement('config-name-text', document.createTextNode(configName));
        } catch (e) {
            console.error('Error getting config name from UCI:', e);
        }
    }, 'P1_PRIORITY');
 }
 function createDiagnosticsSection(mainSection) {
    let o = mainSection.tab('diagnostics', _('Diagnostics'));
    o = mainSection.taboption('diagnostics', form.DummyValue, '_status');
    o.rawhtml = true;
    o.cfgvalue = () => E('div', {
        id: 'diagnostics-status',
        'data-loading': 'true'
    });
 }
 function setupDiagnosticsEventHandlers(node) {
    const titleDiv = E('h2', { 'class': 'cbi-map-title' }, _('Podkop'));
    node.insertBefore(titleDiv, node.firstChild);
    // Function to initialize diagnostics
    function initDiagnostics(container) {
        if (container && container.hasAttribute('data-loading')) {
            container.innerHTML = '';
            showConfigModal.busy = false;
            createStatusSection().then(section => {
                container.appendChild(section);
                startDiagnosticsUpdates();
                // Start error polling when diagnostics tab is active
                utils.startErrorPolling();
            });
        }
    }
    document.addEventListener('visibilitychange', function () {
        const diagnosticsContainer = document.getElementById('diagnostics-status');
        const diagnosticsTab = document.querySelector('.cbi-tab[data-tab="diagnostics"]');
        if (document.hidden || !diagnosticsTab || !diagnosticsTab.classList.contains('cbi-tab-active')) {
            stopDiagnosticsUpdates();
            // Don't stop error polling here - it's managed in podkop.js for all tabs
        } else if (diagnosticsContainer && diagnosticsContainer.hasAttribute('data-loading')) {
            startDiagnosticsUpdates();
            // Ensure error polling is running when diagnostics tab is active
            utils.startErrorPolling();
        }
    });
    setTimeout(() => {
        const diagnosticsContainer = document.getElementById('diagnostics-status');
        const diagnosticsTab = document.querySelector('.cbi-tab[data-tab="diagnostics"]');
        const otherTabs = document.querySelectorAll('.cbi-tab:not([data-tab="diagnostics"])');
        // Check for direct page load case
        const noActiveTabsExist = !Array.from(otherTabs).some(tab => tab.classList.contains('cbi-tab-active'));
        if (diagnosticsContainer && diagnosticsTab && (diagnosticsTab.classList.contains('cbi-tab-active') || noActiveTabsExist)) {
            initDiagnostics(diagnosticsContainer);
        }
        const tabs = node.querySelectorAll('.cbi-tabmenu');
        if (tabs.length > 0) {
            tabs[0].addEventListener('click', function (e) {
                const tab = e.target.closest('.cbi-tab');
                if (tab) {
                    const tabName = tab.getAttribute('data-tab');
                    if (tabName === 'diagnostics') {
                        const container = document.getElementById('diagnostics-status');
                        container.setAttribute('data-loading', 'true');
                        initDiagnostics(container);
                    } else {
                        stopDiagnosticsUpdates();
                        // Don't stop error polling - it should continue on all tabs
                    }
                }
            });
        }
    }, constants.DIAGNOSTICS_INITIAL_DELAY);
    node.classList.add('fade-in');
    return node;
 }
 return baseclass.extend({
    createDiagnosticsSection,
    setupDiagnosticsEventHandlers
 }); 
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/utils.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/utils.js
@@ -0,0 +1,152 @@
 'use strict';
 'require baseclass';
 'require ui';
 'require fs';
 'require view.podkop.constants as constants';
 // Flag to track if this is the first error check
 let isInitialCheck = true;
 // Set to track which errors we've already seen
 const lastErrorsSet = new Set();
 // Timer for periodic error polling
 let errorPollTimer = null;
 // Helper function to fetch errors from the podkop command
 async function getPodkopErrors() {
    return new Promise(resolve => {
        safeExec('/usr/bin/podkop', ['check_logs'], 'P0_PRIORITY', result => {
            if (!result || !result.stdout) return resolve([]);
            const logs = result.stdout.split('\n');
            const errors = logs.filter(log =>
                log.includes('[critical]')
            );
            resolve(errors);
        });
    });
 }
 // Show error notification to the user
 function showErrorNotification(error, isMultiple = false) {
    const notificationContent = E('div', { 'class': 'alert-message error' }, [
        E('pre', { 'class': 'error-log' }, error)
    ]);
    ui.addNotification(null, notificationContent);
 }
 // Helper function for command execution with prioritization
 function safeExec(command, args, priority, callback, timeout = constants.COMMAND_TIMEOUT) {
    // Default to highest priority execution if priority is not provided or invalid
    let schedulingDelay = constants.COMMAND_SCHEDULING.P0_PRIORITY;
    // If priority is a string, try to get the corresponding delay value
    if (typeof priority === 'string' && constants.COMMAND_SCHEDULING[priority] !== undefined) {
        schedulingDelay = constants.COMMAND_SCHEDULING[priority];
    }
    const executeCommand = async () => {
        try {
            const controller = new AbortController();
            const timeoutId = setTimeout(() => controller.abort(), timeout);
            const result = await Promise.race([
                fs.exec(command, args),
                new Promise((_, reject) => {
                    controller.signal.addEventListener('abort', () => {
                        reject(new Error('Command execution timed out'));
                    });
                })
            ]);
            clearTimeout(timeoutId);
            if (callback && typeof callback === 'function') {
                callback(result);
            }
            return result;
        } catch (error) {
            console.warn(`Command execution failed or timed out: ${command} ${args.join(' ')}`);
            const errorResult = { stdout: '', stderr: error.message, error: error };
            if (callback && typeof callback === 'function') {
                callback(errorResult);
            }
            return errorResult;
        }
    };
    if (callback && typeof callback === 'function') {
        setTimeout(executeCommand, schedulingDelay);
        return;
    }
    else {
        return executeCommand();
    }
 }
 // Check for critical errors and show notifications
 async function checkForCriticalErrors() {
    try {
        const errors = await getPodkopErrors();
        if (errors && errors.length > 0) {
            // Filter out errors we've already seen
            const newErrors = errors.filter(error => !lastErrorsSet.has(error));
            if (newErrors.length > 0) {
                // On initial check, just store errors without showing notifications
                if (!isInitialCheck) {
                    // Show each new error as a notification
                    newErrors.forEach(error => {
                        showErrorNotification(error, newErrors.length > 1);
                    });
                }
                // Add new errors to our set of seen errors
                newErrors.forEach(error => lastErrorsSet.add(error));
            }
        }
        // After first check, mark as no longer initial
        isInitialCheck = false;
    } catch (error) {
        console.error('Error checking for critical messages:', error);
    }
 }
 // Start polling for errors at regular intervals
 function startErrorPolling() {
    if (errorPollTimer) {
        clearInterval(errorPollTimer);
    }
    // Reset initial check flag to make sure we show errors
    isInitialCheck = false;
    // Immediately check for errors on start
    checkForCriticalErrors();
    // Then set up periodic checks
    errorPollTimer = setInterval(checkForCriticalErrors, constants.ERROR_POLL_INTERVAL);
 }
 // Stop polling for errors
 function stopErrorPolling() {
    if (errorPollTimer) {
        clearInterval(errorPollTimer);
        errorPollTimer = null;
    }
 }
 return baseclass.extend({
    startErrorPolling,
    stopErrorPolling,
    checkForCriticalErrors,
    safeExec
 }); 
--- a/luci-app-podkop/po/ru/podkop.po
+++ b/luci-app-podkop/po/ru/podkop.po
@@ -88,8 +88,8 @@ msgstr "Введите имена доменов без протоколов (п
 msgid "User Domains List"
 msgstr "Список пользовательских доменов"
-msgid "Enter domain names separated by comma, space or newline (example: sub.example.com, example.com or one domain per line)"
+msgid "Enter domain names separated by comma, space or newline. You can add comments after //"
-msgstr "Введите имена доменов через запятую, пробел или новую строку (пример: sub.example.com, example.com или один домен на строку)"
+msgstr "Введите имена доменов, разделяя их запятой, пробелом или с новой строки. Вы можете добавлять комментарии после //"
 msgid "Local Domain Lists"
 msgstr "Локальные списки доменов"
@@ -232,6 +232,9 @@ msgstr "Неверный формат URL. URL должен начинаться
 msgid "Invalid format. Use format: X.X.X.X or X.X.X.X/Y"
 msgstr "Неверный формат. Используйте формат: X.X.X.X или X.X.X.X/Y"
 msgid "IP address 0.0.0.0 is not allowed"
 msgstr "IP адрес не может быть 0.0.0.0"
 msgid "IP address parts must be between 0 and 255"
 msgstr "Части IP-адреса должны быть между 0 и 255"
@@ -556,6 +559,9 @@ msgstr "Путь должен содержать хотя бы одну дире
 msgid "Invalid path format. Must be like /tmp/cache.db"
 msgstr "Неверный формат пути. Пример: /tmp/cache.db"
 msgid "Select the network interface from which the traffic will originate"
 msgstr "Выберите сетевой интерфейс, с которого будет исходить трафик"
 msgid "Copy to Clipboard"
 msgstr "Копировать в буфер обмена"
@@ -742,10 +748,10 @@ msgstr "Проверка FakeIP через CLI"
 msgid "FakeIP CLI Check Results"
 msgstr "Результаты проверки FakeIP через CLI"
-msgid "not works in browser"
+msgid "does not work in browser"
 msgstr "не работает в браузере"
-msgid "not works on router"
+msgid "does not work on router"
 msgstr "не работает на роутере"
 msgid "Diagnostics"
@@ -812,4 +818,82 @@ msgid "available"
 msgstr "доступен"
 msgid "unavailable"
-msgstr "недоступен"
+msgstr "недоступен"
 msgid "Apply for SS2022"
 msgstr "Применить для SS2022"
 msgid "PODKOP CONFIGURATION"
 msgstr "КОНФИГУРАЦИЯ PODKOP"
 msgid "FAKEIP ROUTER TEST"
 msgstr "ПРОВЕРКА FAKEIP НА РОУТЕРЕ"
 msgid "FAKEIP BROWSER TEST"
 msgstr "ПРОВЕРКА FAKEIP В БРАУЗЕРЕ"
 msgid "FakeIP is working correctly on router (198.18.x.x)"
 msgstr "FakeIP работает корректно на роутере (198.18.x.x)"
 msgid "Click here for all the info"
 msgstr "Нажмите для просмотра всей информации"
 msgid "Check DNS server on current device (PC, phone)"
 msgstr "Проверьте DNS сервер на текущем устройстве (ПК, телефон)"
 msgid "Its must be router!"
 msgstr "Это должен быть роутер!"
 msgid "Global check"
 msgstr "Глобальная проверка"
 msgid "Starting lists update..."
 msgstr "Начало обновления списков..."
 msgid "DNS check passed"
 msgstr "Проверка DNS пройдена"
 msgid "DNS check failed after 60 attempts"
 msgstr "Проверка DNS не удалась после 60 попыток"
 msgid "GitHub connection check passed"
 msgstr "Проверка подключения к GitHub пройдена"
 msgid "GitHub connection check passed (via proxy)"
 msgstr "Проверка подключения к GitHub пройдена (через прокси)"
 msgid "GitHub connection check failed after 60 attempts"
 msgstr "Проверка подключения к GitHub не удалась после 60 попыток"
 msgid "Downloading and processing lists..."
 msgstr "Загрузка и обработка списков..."
 msgid "Lists update completed successfully"
 msgstr "Обновление списков успешно завершено"
 msgid "Lists update failed"
 msgstr "Обновление списков не удалось"
 msgid "Error: "
 msgstr "Ошибка: "
 msgid "Interface monitoring"
 msgstr "Мониторинг интерфейсов"
 msgid "Interface monitoring for bad WAN"
 msgstr "Мониторинг интерфейсов для плохого WAN"
 msgid "Interface for monitoring"
 msgstr "Интерфейс для мониторинга"
 msgid "Select the WAN interfaces to be monitored"
 msgstr "Выберите WAN интерфейсы для мониторинга"
 msgid "Interface Monitoring Delay"
 msgstr "Задержка при мониторинге интерфейсов"
 msgid "Delay in milliseconds before reloading podkop after interface UP"
 msgstr "Задержка в миллисекундах перед перезагрузкой podkop после поднятия интерфейса"
 msgid "Delay value cannot be empty"
 msgstr "Значение не может быть пустым"
--- a/luci-app-podkop/po/templates/podkop.pot
+++ b/luci-app-podkop/po/templates/podkop.pot
@@ -232,6 +232,9 @@ msgstr ""
 msgid "Invalid format. Use format: X.X.X.X or X.X.X.X/Y"
 msgstr ""
 msgid "IP address 0.0.0.0 is not allowed"
 msgstr ""
 msgid "IP address parts must be between 0 and 255"
 msgstr ""
@@ -1096,10 +1099,10 @@ msgstr ""
 msgid "FakeIP CLI Check Results"
 msgstr ""
-msgid "not works in browser"
+msgid "does not work in browser"
 msgstr ""
-msgid "not works on router"
+msgid "does not work on router"
 msgstr ""
 msgid "Diagnostics"
@@ -1169,4 +1172,82 @@ msgid "available"
 msgstr ""
 msgid "unavailable"
 msgstr ""
 msgid "PODKOP CONFIGURATION"
 msgstr ""
 msgid "FAKEIP ROUTER TEST"
 msgstr ""
 msgid "FAKEIP BROWSER TEST"
 msgstr ""
 msgid "FakeIP is working correctly on router (198.18.x.x)"
 msgstr ""
 msgid "Click here for all the info"
 msgstr ""
 msgid "Check DNS server on current device (PC, phone)"
 msgstr ""
 msgid "Its must be router!"
 msgstr ""
 msgid "Global check"
 msgstr ""
 msgid "Starting lists update..."
 msgstr ""
 msgid "DNS check passed"
 msgstr ""
 msgid "DNS check failed after 60 attempts"
 msgstr ""
 msgid "GitHub connection check passed"
 msgstr ""
 msgid "GitHub connection check passed (via proxy)"
 msgstr ""
 msgid "GitHub connection check failed after 60 attempts"
 msgstr ""
 msgid "Downloading and processing lists..."
 msgstr ""
 msgid "Lists update completed successfully"
 msgstr ""
 msgid "Lists update failed"
 msgstr ""
 msgid "Loading..."
 msgstr ""
 msgid "Error: "
 msgstr ""
 msgid "Interface monitoring"
 msgstr ""
 msgid "Interface monitoring for bad WAN"
 msgstr ""
 msgid "Interface for monitoring"
 msgstr ""
 msgid "Select the WAN interfaces to be monitored"
 msgstr ""
 msgid "Interface Monitoring Delay"
 msgstr ""
 msgid "Delay in milliseconds before reloading podkop after interface UP"
 msgstr ""
 msgid "Delay value cannot be empty"
 msgstr ""
--- a/podkop/Makefile
+++ b/podkop/Makefile
@@ -1,7 +1,9 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=podkop
-PKG_VERSION:=0.3.32
+
 PKG_VERSION := $(if $(PKG_VERSION),$(PKG_VERSION),dev_$(shell date +%d%m%Y))
 PKG_RELEASE:=1
 PKG_MAINTAINER:=ITDog <podkop@itdog.info>
@@ -13,8 +15,9 @@ define Package/podkop
 	SECTION:=net
 	CATEGORY:=Network
 	DEPENDS:=+sing-box +curl +jq +kmod-nft-tproxy +coreutils-base64
 	CONFLICTS:=https-dns-proxy nextdns luci-app-passwall luci-app-passwall2
 	TITLE:=Domain routing app
-	URL:=https://itdog.info
+	URL:=https://podkop.net
 	PKGARCH:=all
 endef
--- a/podkop/files/etc/config/podkop
+++ b/podkop/files/etc/config/podkop
@@ -21,8 +21,6 @@ config main 'main'
 	#list custom_download_subnets ''
 	option all_traffic_from_ip_enabled '0'
 	#list all_traffic_ip ''
 	option delist_domains_enabled '0'
 	#list delist_domains ''
 	option exclude_from_ip_enabled '0'
 	#list exclude_traffic_ip ''
 	option yacd '0'
@@ -31,9 +29,16 @@ config main 'main'
 	option quic_disable '0'
 	option dont_touch_dhcp '0'
 	option update_interval '1d'
-	option dns_type 'doh'
+	option dns_type 'udp'
 	option dns_server '8.8.8.8'
 	option split_dns_enabled '1'
 	option split_dns_type 'udp'
 	option split_dns_server '1.1.1.1'
 	option dns_rewrite_ttl '60'
 	option cache_file '/tmp/cache.db'
 	list iface 'br-lan'
-	option ss_uot '0'
+	option mon_restart_ifaces '0'
 	#list restart_ifaces 'wan'
 	option procd_reload_delay '2000'
 	option ss_uot '0'
 	option detour '0'
--- a/podkop/files/etc/init.d/podkop
+++ b/podkop/files/etc/init.d/podkop
@@ -6,38 +6,16 @@ USE_PROCD=1
 script=$(readlink "$initscript")
 NAME="$(basename ${script:-$initscript})"
 config_load "$NAME"
 resolv_conf="/etc/resolv.conf"
 start_service() {
    echo "Start podkop"
-    sing_box_version=$(sing-box version | head -n 1 | awk '{print $3}')
+	config_get mon_restart_ifaces "main" "mon_restart_ifaces"
-    required_version="1.11.1"
+	config_get restart_ifaces "main" "restart_ifaces"
    if [ "$(echo -e "$sing_box_version\n$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
        echo "The version of sing-box ($sing_box_version) is lower than the minimum version. Update sing-box: opkg update && opkg remove sing-box && opkg install sing-box"
        exit 1
    fi
    if grep -q FriendlyWrt /etc/banner; then
        printf "\033[31;1mYou use FriendlyWrt. If you have problems, check out: https://t.me/itdogchat/44512/181082\033[0m\n"
    fi
    if grep -qE 'doh_backup_noresolv|doh_backup_server|doh_server' /etc/config/dhcp; then
        printf "\033[31;1mDetected https-dns-proxy. Disable or uninstall it for correct functionality.\033[0m\n"
    fi
    if ! ip addr | grep -q "br-lan"; then
        echo "Interface br-lan not found"
        exit 1
    fi
    if ! grep -q "search lan" "$resolv_conf" || ! grep -q "nameserver 127.0.0.1" "$resolv_conf"; then
        echo "/etc/resolv.conf does not contain 'search lan' or 'nameserver 127.0.0.1' entries"
    fi
 	procd_open_instance
-	procd_set_param command /bin/sh -c "/usr/bin/podkop start"
+	procd_set_param command /usr/bin/podkop start
 	[ "$mon_restart_ifaces" = "1" ] && [ -n "$restart_ifaces" ] && procd_set_param netdev $restart_ifaces
 	procd_set_param stdout 1
 	procd_set_param stderr 1
 	procd_close_instance
@@ -47,17 +25,26 @@ stop_service() {
    /usr/bin/podkop stop
 }
 restart_service() {
    stop
    start
 }
 reload_service() {
-    stop
+    /usr/bin/podkop reload > /dev/null 2>&1
    start
 }
 service_triggers() {
    echo "service_triggers start"
-    procd_add_config_trigger "config.change" "$NAME" "$initscript" reload 'on_config_change'
+
 	config_get mon_restart_ifaces "main" "mon_restart_ifaces"
 	config_get restart_ifaces "main" "restart_ifaces"
 	config_get procd_reload_delay "main" "procd_reload_delay" "2000"
    PROCD_RELOAD_DELAY=$procd_reload_delay
 	procd_open_trigger
 		procd_add_config_trigger "config.change" "$NAME" "$initscript" restart 'on_config_change'
        if [ "$mon_restart_ifaces" = "1" ]; then
 			for iface in $restart_ifaces; do
            	procd_add_interface_trigger "interface.*.up" "$iface" /etc/init.d/podkop reload
 			done
 		fi
 	procd_close_trigger
 }
--- a/podkop/files/usr/bin/podkop
+++ b/podkop/files/usr/bin/podkop
Author	SHA1	Message	Date
itdoginfo	86038e2756	Delay setting option	2025-09-02 14:09:35 +03:00
itdoginfo	f3f5bca555	Add HODCA, CloudFront, DO	2025-08-29 15:02:43 +03:00
itdoginfo	174f16bc76	Update	2025-08-28 19:11:37 +03:00
itdoginfo	7c63a35faa	Old value #131	2025-08-28 18:40:53 +03:00
itdoginfo	86a86df982	Fix template	2025-08-28 18:12:35 +03:00
itdoginfo	ac445bc227	Fix template config	2025-08-28 18:08:10 +03:00
itdoginfo	4398e6885b	Add template for issues and PR	2025-08-28 18:06:08 +03:00
itdoginfo	9974b42cc2	NFT: output chain for traffic from the router	2025-08-27 00:31:56 +03:00
itdoginfo	8cd990f8a3	Fix extension for list	2025-08-26 14:25:28 +03:00
itdoginfo	c509fd38c7	Fix version for docker	2025-08-26 14:16:08 +03:00
itdoginfo	38991a803a	Fix	2025-08-25 19:44:16 +03:00
itdoginfo	29c34e31db	Fix	2025-08-25 19:41:04 +03:00
itdoginfo	a77e8fae7d	Disable tag check	2025-08-25 19:13:01 +03:00
itdoginfo	6d83737336	Auto version for make	2025-08-25 19:11:12 +03:00
itdoginfo	84115e2f3b	v0.4.7	2025-08-25 17:02:46 +03:00
itdoginfo	2dbdb9d2c1	Global check: WG Route	2025-08-24 16:13:41 +03:00
itdoginfo	88c6717152	Disable delay	2025-08-24 13:44:49 +03:00
itdoginfo	b3986308ce	Cut WRP prefix	2025-08-24 13:44:39 +03:00
itdoginfo	a15c3cf171	Update #147	2025-08-24 11:59:40 +03:00
itdoginfo	4c91223f85	Merge pull request #136 from SaltyMonkey:main User Subnet validation for glob ip, init.d/zapret proper check, passwall in conflicts	2025-08-24 11:05:55 +03:00
itdoginfo	7cf7b1f626	Merge branch 'main' into main	2025-08-24 11:04:39 +03:00
SaltyMonkey	a2536534f8	Remove opkg list-installed checks for packages from conflicts	2025-08-24 10:00:13 +03:00
itdoginfo	c49354fe38	Merge pull request #149 from ampetelin:json_srs_lists Added support for JSON and SRS	2025-08-23 18:53:37 +03:00
Andrey Petelin	6e01e036eb	handle missing ip_cidr in rulesets	2025-08-23 20:42:43 +05:00
Andrey Petelin	7484d0c203	Fixed logging of custom ruleset preparation	2025-08-23 19:36:34 +05:00
Andrey Petelin	0eb4ca4ea9	Removed filepath from wget when downloading via proxy	2025-08-23 19:33:47 +05:00
Andrey Petelin	c2d95162b7	Added support for JSON and SRS rulesets	2025-08-20 21:42:46 +05:00
SaltyMonkey	1fc2947fbc	Log messages for nextdns	2025-07-25 09:41:58 +03:00
SaltyMonkey	ea931d8463	added nextdns package in conflicts	2025-07-25 09:38:48 +03:00
SaltyMonkey	e2f36c35d4	Log messages for luci-app-passwall and luci-app-passwall in binary	2025-07-12 01:08:39 +03:00
SaltyMonkey	e8f8dcc5e7	added passwall and passwall2(paid version?) in conflicts	2025-07-12 01:00:00 +03:00
SaltyMonkey	1e2174bb80	User Subnets validation: 0.0.0.0 is not allowed	2025-07-12 00:40:51 +03:00
SaltyMonkey	85e515ef15	Fix /etc/init.d/zapret check in global_check, cleanup useless whitespaces	2025-07-12 00:29:33 +03:00
itdoginfo	418cdc4366	rm iptables-mod-extra check	2025-06-30 16:56:39 +03:00
itdoginfo	25b0dcaad5	v0.4.6	2025-06-30 16:27:44 +03:00
itdoginfo	cc59e756dd	br_netfilter. Cache size unset. Mixed & source_ip_cidr	2025-06-30 16:26:31 +03:00
itdoginfo	210714c499	unnecessary check	2025-06-30 16:24:33 +03:00
itdoginfo	8b6c336584	Change to 1.1.1.1	2025-06-27 23:54:52 +03:00
itdoginfo	5c543c1608	Change to procd_add_interface_trigger. Added PROCD_RELOAD_DELAY	2025-06-27 23:54:31 +03:00
itdoginfo	ac274d8796	v0.4.5	2025-06-25 23:38:55 +03:00
itdoginfo	ce1f86ceb7	Added split dns. Func for build sing-box config	2025-06-25 23:34:39 +03:00
itdoginfo	1fd67eefb3	Fix eng phrase	2025-06-25 23:32:33 +03:00
itdoginfo	e7b726d27c	Merge pull request #127 from procudin/fix/extra-configs-visibility fix: hide extra configs for non-basic tabs	2025-06-23 13:58:25 +03:00
Artem Prokudin	adb16e7f74	fix: hide extra configs for non-basic tabs	2025-06-15 10:57:16 +03:00
itdoginfo	51da8c22fd	Update	2025-06-03 15:47:13 +03:00
itdoginfo	41351dafd2	Removed the installation awg/wg/ovpn/oc. Refactoring	2025-06-03 15:45:27 +03:00
itdoginfo	2aee77b9a2	v0.4.4 Added independent_cache	2025-06-02 15:40:14 +03:00
itdoginfo	2a1a220dc8	v0.4.3	2025-05-22 12:07:08 +03:00
itdoginfo	608caba090	Merge pull request #115 from itdoginfo/fix/comments ♻️ refactor(podkop): update command scheduling and priority handling	2025-05-22 12:01:53 +03:00
Ivan K	04af8c9649	♻️ refactor(podkop): update command scheduling and priority handling	2025-05-22 11:09:02 +03:00
itdoginfo	88d108e5ab	Fix i18n version	2025-05-21 19:43:27 +03:00
itdoginfo	8ce6790355	v0.4.2	2025-05-21 19:18:07 +03:00
itdoginfo	8e7b40cf56	Ready image	2025-05-21 19:17:55 +03:00
itdoginfo	21fa017443	Merge pull request #114 from itdoginfo/fix/comments Fix/comments	2025-05-21 15:43:58 +03:00
Ivan K	f1954df83b	♻️ refactor(diagnosticTab): move command execution helpers to utils.js	2025-05-21 15:09:42 +03:00
Ivan K	8573bd99b5	♻️ refactor(diagnosticTab): remove unused debug	2025-05-21 14:21:37 +03:00
Ivan K	c3f44bd124	✨ fix(diagnosticTab): add error polling and notification system	2025-05-21 14:18:23 +03:00
itdoginfo	59e394c4f2	v0.4.1 JS refactoring	2025-05-21 14:16:16 +03:00
itdoginfo	c897c90371	Merge pull request #110 from itdoginfo/fix/comments ♻️ refactor(podkop): modularize configuration and diagnostics sections	2025-05-21 13:48:30 +03:00
Ivan K	bcab66f88c	♻️ refactor(podkop): enhance check_nft function for domain-specific set statistics	2025-05-21 09:48:53 +03:00
Ivan K	05a551e5e3	💄 style(podkop): remove extra newline in NFT check completed message	2025-05-20 19:28:40 +03:00
Ivan K	1f81ec8403	🔧 chore(podkop): use check_nft in global_check	2025-05-20 17:32:04 +03:00
Ivan K	9748178562	♻️ refactor(podkop): enhance nft set statistics and chain configurations	2025-05-20 17:28:00 +03:00
Ivan K	1411e7d403	♻️ refactor(diagnosticTab): improve command execution and UI updates	2025-05-19 20:32:08 +03:00
Ivan K	d81a90bd28	♻️ refactor(diagnosticTab): improve status updates and caching	2025-05-19 19:59:29 +03:00
Ivan K	82f4720326	♻️ refactor(podkop): rename sections into correct files	2025-05-18 15:58:59 +03:00
Ivan K	10f246ea61	♻️ refactor(podkop): move URL validation to config.js	2025-05-16 23:30:23 +03:00
Ivan K	c0571320f1	♻️ refactor(networkUtils): remove custom network functions	2025-05-16 22:22:07 +03:00
Ivan K	a658ca5518	💄 style(podkop): remove unused networkUtils import	2025-05-16 18:40:29 +03:00
Ivan K	08709c93c7	♻️ refactor(podkop): rename section variables for clarity	2025-05-16 18:28:06 +03:00
Ivan K	cf5b2216be	♻️ refactor(podkop): reorganize sections into subdirectory	2025-05-16 18:23:16 +03:00
Ivan K	682913ade0	♻️ refactor(podkop): remove unused parameter from createAdditionalSection	2025-05-16 18:08:29 +03:00
Ivan K	3b2cbd0332	♻️ refactor(podkop): modularize configuration and diagnostics sections	2025-05-16 18:04:33 +03:00
itdoginfo	8f9dcf2c55	Merge pull request #109 from itdoginfo/fix/comments ♻️ refactor(podkop): refactor domain list and API endpoints	2025-05-16 14:50:59 +03:00
Ivan K	91d027b5fe	♻️ refactor(podkop): refactor domain list and API endpoints	2025-05-16 14:46:06 +03:00
itdoginfo	f90ab7f468	v0.4.0 beta	2025-05-15 13:26:57 +03:00
itdoginfo	e4bfd447ce	Merge pull request #108 from itdoginfo/fix/comments fix(podkop): add dont touch my dhcp logic to fake IP check functions	2025-05-15 12:07:08 +03:00
Ivan K	fbdd759b83	♻️ refactor(podkop): remove redundant DNS/sing-box checks in fakeip status	2025-05-15 11:53:30 +03:00
Ivan K	2488bc30b1	fix(podkop): add dont touch my dhcp logic to fake IP check functions	2025-05-15 11:31:33 +03:00
itdoginfo	dcc12cf920	Merge pull request #107 from itdoginfo/fix/comments 💄 style(podkop): update modal button titles and clipboard content	2025-05-14 14:33:53 +03:00
Ivan K	c99cef9f27	💄 style(podkop): update modal button titles and clipboard content	2025-05-14 14:30:52 +03:00
itdoginfo	8a68f3fcc2	Update	2025-05-13 14:26:50 +03:00
itdoginfo	ed2994be3a	v0.3.50 Adde Google AI, Play, HTZ, OVH of list	2025-05-12 23:31:06 +03:00
itdoginfo	77ff5ab781	Merge pull request #105 from itdoginfo/fix/comments ⚡️ perf(dns): improve DNS query performance and error handling	2025-05-12 18:17:50 +03:00
Ivan K	1c80bc5a5e	⚡️ perf(dns): improve DNS query performance and error handling	2025-05-12 17:50:50 +03:00
itdoginfo	f688d74c32	v0.3.49 Improved diagnostics	2025-05-12 17:32:51 +03:00
itdoginfo	7bc50d58d3	Merge pull request #104 from itdoginfo/fix/comments Fix/comments	2025-05-12 17:25:59 +03:00
Ivan K	77ce0c380b	🐛 fix(dns): improve DNS availability check logic	2025-05-12 17:21:38 +03:00
Ivan K	47d1b349c7	♻️ refactor(podkop): add local var	2025-05-12 16:51:59 +03:00
Ivan K	e9face1f4a	♻️ refactor(podkop): simplify logging function	2025-05-12 16:48:59 +03:00
itdoginfo	e5bf7d9bed	Merge pull request #103 from itdoginfo/fix/comments ♻️ refactor(podkop): improve diagnostics and error handling	2025-05-12 16:48:15 +03:00
Ivan K	dd4722f3e1	♻️ refactor(podkop): simplify logging functions	2025-05-12 16:40:44 +03:00
Ivan K	1e945dafe7	✨ feat(logging): add colored logging to stdout and syslog	2025-05-12 15:54:12 +03:00
itdoginfo	b080521a58	Update	2025-05-12 00:57:52 +03:00
itdoginfo	6a96a85773	Update	2025-05-12 00:49:19 +03:00
itdoginfo	6fb3a36974	Update	2025-05-12 00:46:30 +03:00
Ivan K	b3dbee1dbe	💄 style(podkop): adjust margin styles in status panel	2025-05-11 20:30:16 +03:00
Ivan K	916321578d	⚡️ feat(dns): add random DNS query ID generation	2025-05-11 19:33:08 +03:00
Ivan K	c74d733717	♻️ refactor(podkop): improve diagnostics and error handling	2025-05-11 19:26:29 +03:00
itdoginfo	433724f762	v0.3.48 Custom URL CRLF	2025-05-10 18:55:35 +03:00
itdoginfo	6378aa9910	Update	2025-05-10 16:15:53 +03:00
itdoginfo	68f5f123ca	v0.3.47 Fix noresolv 1	2025-05-10 12:50:01 +03:00
itdoginfo	fae43d0471	v0.3.46	2025-05-08 19:24:08 +03:00
itdoginfo	9d6dc45fdb	#99 Block mode	2025-05-08 19:23:45 +03:00
itdoginfo	9aa5a2d242	Fix site. #100 added ntpd	2025-05-08 10:14:58 +03:00
itdoginfo	63dc86fca4	v0.3.45 Update checker domain	2025-05-07 22:39:23 +03:00
itdoginfo	4d9cedaf4c	Return upgrade command	2025-05-07 17:58:19 +03:00
itdoginfo	14e7cbae01	v0.3.44	2025-05-07 17:26:57 +03:00
itdoginfo	c9f610bb1e	Change to ip.podkop.net. Fix log. Added restart	2025-05-07 17:24:32 +03:00
itdoginfo	19671c7f67	Stop btn. Change to ip.podkop.net	2025-05-07 17:23:20 +03:00
itdoginfo	6d1e4091e5	Detour	2025-05-07 00:22:04 +03:00
itdoginfo	96d661c49f	Fixed default values ttl in comment	2025-05-03 18:52:57 +03:00
itdoginfo	da8dd06b34	Move doc to wiki	2025-05-03 18:12:00 +03:00
itdoginfo	2c1bcffb6d	fix iptables	2025-05-03 18:11:49 +03:00
itdoginfo	3040ce7286	v0.3.43	2025-05-02 14:53:11 +03:00
itdoginfo	e025271a14	Added to global check: DNS check and proxy check. From VizzleTF	2025-05-02 14:50:06 +03:00
itdoginfo	2b8208186d	Fix global check text	2025-05-02 13:55:07 +03:00
itdoginfo	17fb11baf0	Fixed diagnostics from VizzleTF	2025-05-02 13:34:11 +03:00
itdoginfo	3c1b041b52	Edited text from #96	2025-05-01 22:52:41 +03:00
itdoginfo	38acac1a31	Merge pull request #96 from itdoginfo/chore/sing-box-status Issue #91 , Issue #94	2025-05-01 22:16:38 +03:00
Ivan K	2939229df3	back to the future	2025-05-01 19:30:05 +03:00
Ivan K	26c3d0bc7e	♻️ refactor(podkop): simplify DoH URL determination logic	2025-05-01 19:26:21 +03:00
Ivan K	b364363b1b	✨ feat(dns): add DoH URL resolution function	2025-05-01 19:20:36 +03:00
itdoginfo	d85caf0c0c	Fix https-dns-proxy i18	2025-05-01 19:10:18 +03:00
Ivan K	65f72e1e04	♻️ refactor(podkop): update WARP detection logic	2025-05-01 18:29:42 +03:00
Ivan K	e59ef6dd6f	💄 style(podkop): remove unnecessary sed commands in global_check	2025-05-01 17:57:51 +03:00
Ivan K	05272de650	💄 style(podkop): update formatting and messages	2025-05-01 17:48:25 +03:00
Ivan K	48716e7156	Enhance Podkop functionality with global check feature and improved diagnostics. Added support for FakeIP tests in both browser and router contexts. Updated UI elements for better status reporting and added localization for new messages.	2025-05-01 17:18:07 +03:00
itdoginfo	f29b97e495	v0.3.42	2025-05-01 14:17:18 +03:00
itdoginfo	41c21cebcd	Fixed validation for ws	2025-04-30 23:43:36 +03:00
itdoginfo	238e99a547	Update	2025-04-30 19:02:31 +03:00
itdoginfo	4f44fcfe99	Update	2025-04-30 14:48:12 +03:00
itdoginfo	9fd2fb9b6e	Update	2025-04-30 00:19:42 +03:00
itdoginfo	c0591b25b9	Fix	2025-04-30 00:16:09 +03:00
itdoginfo	97fd392334	Fixed read. Added upgrade flag	2025-04-30 00:11:55 +03:00
itdoginfo	848c784cc0	Fix	2025-04-29 23:49:28 +03:00
itdoginfo	ab971dcd36	Update	2025-04-29 23:48:49 +03:00
itdoginfo	b8d96f28cd	Added CF. Fixed https-dns-proxy warning. Masked for static wan	2025-04-29 18:54:50 +03:00
itdoginfo	f2268fd494	v0.3.41. Improved Diagnotics: WAN, WARP, versions, etc	2025-04-29 12:53:29 +03:00
itdoginfo	19897afcdd	v0.3.40. Improved Diagnotics	2025-04-28 00:33:07 +03:00
itdoginfo	0e2ea60f01	v0.3.39. Added global check button	2025-04-27 19:29:34 +03:00
itdoginfo	2dc5944961	Fix https-dns-proxy --force-depends	2025-04-27 18:07:58 +03:00
itdoginfo	f65de36804	Detect https-dns-proxy	2025-04-27 15:50:37 +03:00
itdoginfo	19541f8bb3	v0.3.38. fix reload config luci	2025-04-26 22:35:11 +03:00
itdoginfo	aa42c707fe	v0.3.37	2025-04-26 17:49:28 +03:00
itdoginfo	bf96f93987	Fix kill stderr. Return if 127.0.0.42 exists	2025-04-26 17:49:04 +03:00
itdoginfo	ff9aad8947	Option enable iface mon	2025-04-26 17:47:52 +03:00
itdoginfo	d9718617bd	Option enable iface mon	2025-04-26 17:47:42 +03:00
itdoginfo	e865c9f324	Validate raw network. Path for DoH. Bool for iface monitoring	2025-04-26 17:47:08 +03:00
itdoginfo	7df8bb5826	rmempty proxy url string	2025-04-25 19:29:31 +03:00
itdoginfo	f960358eb6	0.3.36	2025-04-25 10:57:59 +03:00
itdoginfo	ba44966c02	Interface trigger. Disable sing-box autostart. dont touch dhcp. reload without dnsmasq restart	2025-04-24 19:25:08 +03:00
itdoginfo	615241aa37	Merge pull request #88 from Davoyan/patch-1 Update localisation	2025-04-22 11:36:38 +03:00
Davoyan	9a3220d226	Update localisation	2025-04-22 11:24:54 +03:00
itdoginfo	ec8d28857e	#82 and #83	2025-04-15 00:42:16 +03:00
itdoginfo	26b49f5bbb	Check fix	2025-04-15 00:15:28 +03:00
itdoginfo	0a7efb3169	Fix	2025-04-03 17:53:21 +03:00
itdoginfo	468e51ee8e	v0.3.35	2025-04-03 17:42:45 +03:00
itdoginfo	3b93a914de	v0.3.34	2025-04-03 17:27:35 +03:00
itdoginfo	76c5baf1e2	Fix tailscale smartdns in resolve.conf	2025-04-03 17:27:13 +03:00
itdoginfo	c752c46abf	Fix resolv_conf value	2025-04-03 17:24:57 +03:00
itdoginfo	1df1defa5e	Check curl	2025-04-03 17:24:31 +03:00
itdoginfo	3cb4be6427	v0.3.33	2025-04-03 16:47:47 +03:00
itdoginfo	25bfdce5ce	Added critical log. Rm friendlywrt check. Added iptables check	2025-04-03 16:47:26 +03:00
itdoginfo	6d0f097a07	Merge pull request #75 from itdoginfo/feature/error-notification (#47 ) Feature/error notification	2025-04-03 14:52:00 +03:00
Ivan K	5f780955eb	💄 style(podkop): update error log filtering criteria	2025-04-03 13:42:55 +03:00
Ivan K	389def9056	♻️ refactor(podkop): remove unused createErrorModal function	2025-04-03 13:40:41 +03:00
Ivan K	e816da5133	✨ feat(podkop): add error logging and notification system	2025-04-03 13:36:22 +03:00
Ivan K	e57adbe042	🔒 refactor(config): Mask NextDNS server address in config output	2025-03-30 20:36:49 +03:00
itdoginfo	d78c51360d	Merge pull request #73 from itdoginfo/feature/no-more-cache 🐛 fix(doh): Improve DoH server compatibility detection for quad9	2025-03-30 18:44:26 +03:00
Ivan K	c2357337fc	🐛 fix(dns): improve DoH server compatibility and error handling	2025-03-30 17:20:06 +03:00
Ivan K	bc6490b56e	🐛 fix(doh): Improve DoH server compatibility detection for quad9	2025-03-30 17:04:30 +03:00
		`@@ -0,0 +1 @@`
							`disable=SC3036,SC3010,SC3014,SC3015,SC3020,SC3003`
		`@@ -0,0 +1,3 @@`
							`FROM openwrt/sdk:x86_64-v24.10.1`

							`RUN ./scripts/feeds update -a && ./scripts/feeds install luci-base && mkdir -p /builder/package/feeds/utilites/ && mkdir -p /builder/package/feeds/luci/`