mirror of
https://github.com/itdoginfo/podkop.git
synced 2025-12-06 11:36:50 +03:00
Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
19897afcdd | ||
|
|
0e2ea60f01 | ||
|
|
2dc5944961 | ||
|
|
f65de36804 |
11
README.md
11
README.md
@@ -73,21 +73,10 @@ Luci: Services/podkop
|
||||
|
||||
**Custom subnets enable** - Добавить подсети или IP-адреса. Для подсетей задать маску.
|
||||
|
||||
# Известные баги
|
||||
- [x] Не отрабатывает service podkop stop, если podkop запущен и не может, к пример, зарезолвить домен с сломанным DNS
|
||||
- [x] Update list из remote url domain не удаляет старые домены. А добавляет новые. Для подсетей тоже самое скорее всего. Пересоздавать ruleset?
|
||||
|
||||
# ToDo
|
||||
Этот раздел не означает задачи, которые нужно брать и делать. Это общий список хотелок. Если вы хотите помочь, пожалуйста, спросите сначала в телеграмме.
|
||||
|
||||
- [x] Interface trigger
|
||||
- [x] Управление sing-box с помощью podkop. sing-box disable
|
||||
- [x] Сделать галку запрещающую подкопу редачить dhcp. Допилить в исключение вместе с пустыми полями proxy и vpn (нужно wiki)
|
||||
- [x] Рестарт сервиса без рестарта dnsmasq
|
||||
- [x] `ash: can't kill pid 9848: No such process` при обновлении
|
||||
- [x] Luci: Добавить валидацию "Proxy Configuration URL". Если пустое, то ошибка. Как с интерфейсом.
|
||||
- [ ] Не грузится диагностика полностью при одной нерабочей комманде. Подумать как это можно дебажить легко. https://t.me/itdogchat/142500/378956
|
||||
- [x] DoH возможность добавлять сервера c path. Взять пример из NextDNS
|
||||
- [ ] При добавлении github ломается скачивание скрипта установки и любые другие скрипты с github соотвественно. Скорее всего нужно делать опцией добавление в nft самого роутера как src.
|
||||
|
||||
Диагностика
|
||||
|
||||
19
install.sh
19
install.sh
@@ -425,6 +425,25 @@ check_system() {
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if opkg list-installed | grep -q https-dns-proxy; then
|
||||
printf "\033[31;1mСonflicting package detected: https-dns-proxy. Remove? yes/no\033[0m\n"
|
||||
|
||||
while true; do
|
||||
read -r -p '' DNSPROXY
|
||||
case $DNSPROXY in
|
||||
|
||||
yes|y|Y|yes)
|
||||
opkg remove --force-depends luci-app-https-dns-proxy https-dns-proxy
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo "Exit"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
|
||||
if opkg list-installed | grep -qE "iptables|kmod-iptab"; then
|
||||
printf "\033[31;1mFound incompatible iptables packages. If you're using FriendlyWrt: https://t.me/itdogchat/44512/181082\033[0m\n"
|
||||
fi
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-podkop
|
||||
PKG_VERSION:=0.3.38
|
||||
PKG_VERSION:=0.3.40
|
||||
PKG_RELEASE:=1
|
||||
|
||||
LUCI_TITLE:=LuCI podkop app
|
||||
|
||||
@@ -806,7 +806,12 @@ let createStatusSection = function (podkopStatus, singboxStatus, podkop, luci, s
|
||||
bypassStatus.message
|
||||
])
|
||||
])
|
||||
])
|
||||
]),
|
||||
ButtonFactory.createModalButton({
|
||||
label: _('Global check'),
|
||||
command: 'global_check',
|
||||
title: _('Click here for all the info')
|
||||
})
|
||||
]),
|
||||
|
||||
// Version Information Panel
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=podkop
|
||||
PKG_VERSION:=0.3.38
|
||||
PKG_VERSION:=0.3.40
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_MAINTAINER:=ITDog <podkop@itdog.info>
|
||||
|
||||
@@ -65,10 +65,6 @@ start_main() {
|
||||
log "[critical] Detected https-dns-proxy. Disable or uninstall it for correct functionality."
|
||||
fi
|
||||
|
||||
if grep -E "^nameserver\s+([0-9]{1,3}\.){3}[0-9]{1,3}" "$RESOLV_CONF" | grep -vqE "127\.0\.0\.1|0\.0\.0\.0"; then
|
||||
log "[critical] /etc/resolv.conf contains an external nameserver"
|
||||
fi
|
||||
|
||||
migration
|
||||
|
||||
config_foreach process_validate_service
|
||||
@@ -1831,6 +1827,7 @@ check_sing_box_logs() {
|
||||
}
|
||||
|
||||
check_fakeip() {
|
||||
# Not used
|
||||
nolog "Checking fakeip functionality..."
|
||||
|
||||
if ! command -v nslookup >/dev/null 2>&1; then
|
||||
@@ -1953,7 +1950,7 @@ show_sing_box_config() {
|
||||
}
|
||||
|
||||
show_config() {
|
||||
nolog "Current podkop configuration:"
|
||||
nolog "📄 Current podkop configuration:"
|
||||
|
||||
if [ ! -f /etc/config/podkop ]; then
|
||||
nolog "Configuration file not found"
|
||||
@@ -2089,6 +2086,9 @@ check_dns_available() {
|
||||
if echo "$dns_server" | grep -q "\.dns\.nextdns\.io$"; then
|
||||
local nextdns_id=$(echo "$dns_server" | cut -d'.' -f1)
|
||||
display_dns_server="$(echo "$nextdns_id" | sed 's/./*/g').dns.nextdns.io"
|
||||
elif echo "$dns_server" | grep -q "^dns\.nextdns\.io/"; then
|
||||
local masked_path=$(echo "$dns_server" | cut -d'/' -f2- | sed 's/./*/g')
|
||||
display_dns_server="dns.nextdns.io/$masked_path"
|
||||
fi
|
||||
|
||||
if [ "$dns_type" = "doh" ]; then
|
||||
@@ -2166,6 +2166,98 @@ sing_box_add_secure_dns_probe_domain() {
|
||||
log "DNS probe domain ${domain} configured with override to port ${override_port}"
|
||||
}
|
||||
|
||||
global_check() {
|
||||
nolog "📡 Global check run!"
|
||||
|
||||
nolog "Podkop $(opkg info podkop | grep -m 1 "Version:" | cut -d' ' -f2)"
|
||||
nolog "LuCi App $(opkg info luci-app-podkop | grep -m 1 "Version:" | cut -d' ' -f2)"
|
||||
nolog "Sing-box $(opkg info sing-box | grep -m 1 "Version:" | cut -d' ' -f2)"
|
||||
nolog "$(grep OPENWRT_RELEASE /etc/os-release | cut -d'"' -f2)"
|
||||
nolog "Device: $(cat /tmp/sysinfo/model)"
|
||||
|
||||
printf "\n"
|
||||
show_config
|
||||
printf "\n"
|
||||
|
||||
nolog "Checking fakeip functionality..."
|
||||
|
||||
nolog "➡️ DNS resolution: system DNS server"
|
||||
nslookup -timeout=2 $TEST_DOMAIN
|
||||
|
||||
local working_resolver=$(find_working_resolver)
|
||||
if [ -z "$working_resolver" ]; then
|
||||
nolog "❌ No working resolver found, skipping resolver check"
|
||||
else
|
||||
nolog "➡️ DNS resolution: external resolver ($working_resolver)"
|
||||
nslookup -timeout=2 $TEST_DOMAIN $working_resolver
|
||||
fi
|
||||
|
||||
# Main FakeIP check
|
||||
nolog "➡️ DNS resolution: sing-box DNS server (127.0.0.42)"
|
||||
local result=$(nslookup -timeout=2 $TEST_DOMAIN 127.0.0.42 2>&1)
|
||||
echo "$result"
|
||||
|
||||
if echo "$result" | grep -q "198.18"; then
|
||||
nolog "✅ FakeIP is working correctly! Domain resolved to FakeIP range (198.18.x.x)"
|
||||
else
|
||||
nolog "❌ FakeIP test failed. Domain did not resolve to FakeIP range"
|
||||
nolog "Checking if sing-box is running..."
|
||||
|
||||
if ! pgrep -f "sing-box" >/dev/null; then
|
||||
nolog "sing-box is not running"
|
||||
else
|
||||
nolog "sing-box is running, but FakeIP might not be configured correctly"
|
||||
nolog "Checking DNS configuration in sing-box..."
|
||||
|
||||
if [ -f "$SING_BOX_CONFIG" ]; then
|
||||
local fakeip_enabled=$(jq -r '.dns.fakeip.enabled' "$SING_BOX_CONFIG")
|
||||
local fakeip_range=$(jq -r '.dns.fakeip.inet4_range' "$SING_BOX_CONFIG")
|
||||
|
||||
nolog "FakeIP enabled: $fakeip_enabled"
|
||||
nolog "FakeIP range: $fakeip_range"
|
||||
|
||||
local dns_rules=$(jq -r '.dns.rules[] | select(.server == "fakeip-server") | .domain' "$SING_BOX_CONFIG")
|
||||
nolog "FakeIP domain: $dns_rules"
|
||||
else
|
||||
nolog "sing-box config file not found"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
printf "\n"
|
||||
|
||||
if grep -E "^nameserver\s+([0-9]{1,3}\.){3}[0-9]{1,3}" "$RESOLV_CONF" | grep -vqE "127\.0\.0\.1|0\.0\.0\.0"; then
|
||||
nolog "❌ /etc/resolv.conf contains an external nameserver:"
|
||||
cat /etc/resolv.conf
|
||||
echo ""
|
||||
else
|
||||
nolog "✅ /etc/resolv.conf OK"
|
||||
fi
|
||||
|
||||
cachesize="$(uci get dhcp.@dnsmasq[0].cachesize 2>/dev/null)"
|
||||
noresolv="$(uci get dhcp.@dnsmasq[0].noresolv 2>/dev/null)"
|
||||
server="$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)"
|
||||
|
||||
if [ "$cachesize" != "0" ] || [ "$noresolv" != "1" ] || [ "$server" != "127.0.0.42" ]; then
|
||||
nolog "❌ The configuration differs from the template. 📄 DHCP config:"
|
||||
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
|
||||
else
|
||||
nolog "✅ /etc/config/dhcp"
|
||||
fi
|
||||
|
||||
if ! pgrep -f "sing-box" >/dev/null; then
|
||||
nolog "❌ sing-box is not running"
|
||||
else
|
||||
nolog "✅ sing-box is running"
|
||||
fi
|
||||
|
||||
nolog "📄 NFT Table Podkop"
|
||||
if ! nft list table inet PodkopTable >/dev/null 2>&1; then
|
||||
nolog "PodkopTable not found"
|
||||
else
|
||||
nft list table inet PodkopTable
|
||||
fi
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
@@ -2233,8 +2325,11 @@ case "$1" in
|
||||
check_dns_available)
|
||||
check_dns_available
|
||||
;;
|
||||
global_check)
|
||||
global_check
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|reload|enable|disable|main|list_update|check_proxy|check_nft|check_github|check_logs|check_sing_box_connections|check_sing_box_logs|check_fakeip|check_dnsmasq|show_config|show_version|show_sing_box_config|show_luci_version|show_sing_box_version|show_system_info|get_status|get_sing_box_status|check_dns_available}"
|
||||
echo "Usage: $0 {start|stop|reload|enable|disable|main|list_update|check_proxy|check_nft|check_github|check_logs|check_sing_box_connections|check_sing_box_logs|check_fakeip|check_dnsmasq|show_config|show_version|show_sing_box_config|show_luci_version|show_sing_box_version|show_system_info|get_status|get_sing_box_status|check_dns_available|global_check}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
Reference in New Issue
Block a user