Mirror/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2025-12-06 11:36:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirror:v0.3.4
Branches Tags
Mirror:main Mirror:nftsets
Mirror:0.7.10 Mirror:0.7.9 Mirror:0.7.8 Mirror:0.7.7 Mirror:0.7.6 Mirror:0.7.5 Mirror:0.7.4 Mirror:0.7.3 Mirror:0.7.2 Mirror:0.7.1 Mirror:0.7.0 Mirror:0.6.2 Mirror:v0.6.1 Mirror:v0.6.0 Mirror:v0.5.8 Mirror:v0.5.7 Mirror:v0.5.6 Mirror:v0.5.5 Mirror:v0.5.4 Mirror:v0.5.3 Mirror:v0.5.2 Mirror:v0.5.1 Mirror:v0.5.0 Mirror:v0.4.11 Mirror:v0.4.10 Mirror:v0.4.9 Mirror:v0.4.8 Mirror:v0.4.7 Mirror:v0.4.6 Mirror:v0.4.5 Mirror:v0.4.4 Mirror:v0.4.3 Mirror:v0.4.2 Mirror:v0.4.1 Mirror:v0.4.0 Mirror:v0.3.50 Mirror:v0.3.49 Mirror:v0.3.48 Mirror:v0.3.47 Mirror:v0.3.46 Mirror:v0.3.45 Mirror:v0.3.44 Mirror:v0.3.43 Mirror:v0.3.42 Mirror:v0.3.41 Mirror:v0.3.40 Mirror:v0.3.39 Mirror:v0.3.38 Mirror:v0.3.37 Mirror:v0.3.36 Mirror:v0.3.35 Mirror:v0.3.34 Mirror:v0.3.33 Mirror:v0.3.32 Mirror:v0.3.31 Mirror:v0.3.30 Mirror:v0.3.29 Mirror:v0.3.28 Mirror:v0.3.27 Mirror:v0.3.26 Mirror:v0.3.25 Mirror:v0.3.24 Mirror:v0.3.23 Mirror:v0.3.22 Mirror:v0.3.21 Mirror:v0.3.20 Mirror:v0.3.19 Mirror:v0.3.18 Mirror:v0.3.17 Mirror:v0.3.16 Mirror:v0.3.15 Mirror:v0.3.14 Mirror:v0.3.13 Mirror:v0.3.12 Mirror:v0.3.11 Mirror:v0.3.10 Mirror:v0.3.9 Mirror:v0.3.8 Mirror:v0.3.7 Mirror:v0.3.6 Mirror:v0.3.5 Mirror:v0.3.4 Mirror:v0.3.3 Mirror:v0.3.2 Mirror:v0.3.1 Mirror:v0.3.0 Mirror:v0.2.5 Mirror:v0.2.4 Mirror:v0.2.3 Mirror:v0.2.2 Mirror:v0.2.1 Mirror:v0.2.0 Mirror:v0.1.9 Mirror:v0.1.8 Mirror:v0.1.7 Mirror:v0.1.6 Mirror:v0.1.5 Mirror:v0.1.4 Mirror:v0.1.3 Mirror:v0.1.2 Mirror:v0.1.1 Mirror:v0.1.0
...
compare: Mirror:v0.3.9
Branches Tags
Mirror:main Mirror:nftsets
Mirror:0.7.10 Mirror:0.7.9 Mirror:0.7.8 Mirror:0.7.7 Mirror:0.7.6 Mirror:0.7.5 Mirror:0.7.4 Mirror:0.7.3 Mirror:0.7.2 Mirror:0.7.1 Mirror:0.7.0 Mirror:0.6.2 Mirror:v0.6.1 Mirror:v0.6.0 Mirror:v0.5.8 Mirror:v0.5.7 Mirror:v0.5.6 Mirror:v0.5.5 Mirror:v0.5.4 Mirror:v0.5.3 Mirror:v0.5.2 Mirror:v0.5.1 Mirror:v0.5.0 Mirror:v0.4.11 Mirror:v0.4.10 Mirror:v0.4.9 Mirror:v0.4.8 Mirror:v0.4.7 Mirror:v0.4.6 Mirror:v0.4.5 Mirror:v0.4.4 Mirror:v0.4.3 Mirror:v0.4.2 Mirror:v0.4.1 Mirror:v0.4.0 Mirror:v0.3.50 Mirror:v0.3.49 Mirror:v0.3.48 Mirror:v0.3.47 Mirror:v0.3.46 Mirror:v0.3.45 Mirror:v0.3.44 Mirror:v0.3.43 Mirror:v0.3.42 Mirror:v0.3.41 Mirror:v0.3.40 Mirror:v0.3.39 Mirror:v0.3.38 Mirror:v0.3.37 Mirror:v0.3.36 Mirror:v0.3.35 Mirror:v0.3.34 Mirror:v0.3.33 Mirror:v0.3.32 Mirror:v0.3.31 Mirror:v0.3.30 Mirror:v0.3.29 Mirror:v0.3.28 Mirror:v0.3.27 Mirror:v0.3.26 Mirror:v0.3.25 Mirror:v0.3.24 Mirror:v0.3.23 Mirror:v0.3.22 Mirror:v0.3.21 Mirror:v0.3.20 Mirror:v0.3.19 Mirror:v0.3.18 Mirror:v0.3.17 Mirror:v0.3.16 Mirror:v0.3.15 Mirror:v0.3.14 Mirror:v0.3.13 Mirror:v0.3.12 Mirror:v0.3.11 Mirror:v0.3.10 Mirror:v0.3.9 Mirror:v0.3.8 Mirror:v0.3.7 Mirror:v0.3.6 Mirror:v0.3.5 Mirror:v0.3.4 Mirror:v0.3.3 Mirror:v0.3.2 Mirror:v0.3.1 Mirror:v0.3.0 Mirror:v0.2.5 Mirror:v0.2.4 Mirror:v0.2.3 Mirror:v0.2.2 Mirror:v0.2.1 Mirror:v0.2.0 Mirror:v0.1.9 Mirror:v0.1.8 Mirror:v0.1.7 Mirror:v0.1.6 Mirror:v0.1.5 Mirror:v0.1.4 Mirror:v0.1.3 Mirror:v0.1.2 Mirror:v0.1.1 Mirror:v0.1.0

30 Commits
v0.3.4 ... v0.3.9

Author SHA1 Message Date
itdoginfo
ae06de8189 v0.3.9 2025-02-17 23:36:53 +03:00
itdoginfo
1663f6665f Fix #27, added copy and div 2025-02-17 23:36:37 +03:00
itdoginfo
b005cbe50e Fix rule for section custom_download 2025-02-17 19:42:39 +03:00
itdoginfo
6c752d59ce Merge pull request #27 from VizzleTF/main 
Поправил диагностику
 2025-02-17 19:41:26 +03:00
itdoginfo
dbdd0560bf Added CODEOWNERS 2025-02-17 19:21:07 +03:00
Ivan K
aeacd9d8fd docs: update README.md with installation instructions 2025-02-17 19:09:52 +03:00
Ivan K
ded0bff23a chore: update build workflow to simplify install script generation 2025-02-17 19:09:09 +03:00
Ivan K
80ab7caee9 chore: update build workflow to use git commit -am 2025-02-17 18:49:29 +03:00
Ivan K
516063310a refactor: update install script generation to use current version tag 2025-02-17 18:40:54 +03:00
Ivan K
c6d72aa781 docs: update README with installation instructions for specific version 2025-02-17 18:28:53 +03:00
Ivan K
91fa2a2859 Merge branch 'itdoginfo:main' into main 2025-02-17 18:08:37 +03:00
Ivan K
13e84afcf0 feat: add new diagnostic checks and update install script 2025-02-17 18:08:13 +03:00
itdoginfo
88c160d3f8 Fix 2025-02-17 17:22:45 +03:00
itdoginfo
ebd185f633 Added install for 0.2.5 2025-02-17 16:34:27 +03:00
itdoginfo
e86bffb720 v0.3.8 2025-02-17 16:04:34 +03:00
itdoginfo
fb65b63639 Merge pull request #25 from VizzleTF/main 
docs(ru): add new translations for podkop configuration
 2025-02-17 15:51:19 +03:00
itdoginfo
daf7e30ed1 dnsmasq add 8.8.8.8. Validate domain_list 2025-02-17 15:22:55 +03:00
itdoginfo
dd62ecfbeb Check sing-box 2025-02-17 13:20:28 +03:00
Ivan K
41cb8cd650 Merge branch 'itdoginfo:main' into main 2025-02-17 13:08:35 +03:00
Ivan K
b7ad256986 docs(ru): add new translations for podkop configuration 2025-02-17 13:07:11 +03:00
itdoginfo
f88ffa1893 Fix install logic 2025-02-17 12:44:48 +03:00
itdoginfo
6f604ca765 Update 2025-02-16 17:53:14 +03:00
itdoginfo
52c6eeae12 Fix version 2025-02-16 17:52:57 +03:00
itdoginfo
778f2897bc Fix check iptables 2025-02-16 17:41:58 +03:00
itdoginfo
ca7bb77356 Fix 2025-02-16 16:57:16 +03:00
itdoginfo
da8195b795 Fix migrate 2025-02-16 15:59:07 +03:00
itdoginfo
98129720bb rm until 2025-02-16 14:29:50 +03:00
itdoginfo
3c1865c8a3 Expanding checkes. DNS 127.0.0.42. QUIC disable. Some fixes 2025-02-16 14:18:19 +03:00
itdoginfo
77ac728d47 Check sing-box 2025-02-16 12:16:43 +03:00
itdoginfo
1b5cfa3371 Move check sing-box to start 2025-02-15 23:32:18 +03:00
11 changed files with 974 additions and 195 deletions
Expand all files Collapse all files

1
.github/CODEOWNERS vendored Normal file
View File

@@ -0,0 +1 @@
* @itdoginfo

20
README.md
View File

@@ -2,11 +2,13 @@
- Это альфа версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
- Основной функционал работает, но побочные штуки сейчас могут сбоить.
- При обновлении всегда заходите в конфигурацию и проверяйте свои настройки. Конфигурация может измениться.
- При обновлении **обязатально** сбрасывайте кэш LuCI.
- Также при обновлении всегда заходите в конфигурацию и проверяйте свои настройки. Конфигурация может измениться.
- Необходимо минимум 15МБ свободного места на роутере. Роутерами с флешками на 16МБ сразу мимо.
- При старте программы редактируется конфиг Dnsmasq.
- Podkop редактирует конфиг sing-box. Обязательно сохраните ваш конфиг sing-box перед установкой, если он вам нужен.
- Информация здесь может быть устаревшей. Все изменения фиксируются в телеграм-чате https://t.me/itdogchat - топик **Podkop**.
- Если у вас не что-то не работает, то следуюет сходить в телеграм чат, прочитать закрепы и выполнить что там написано..
- Если у вас установлен Getdomains, его следует удалить.
# Удаление GetDomains скриптом
@@ -18,7 +20,8 @@ sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/domain-routing-openwr
# Установка Podkop
Пакет работает на всех архитектурах.
Тестировался на OpenWrt 23.05 и OpenWrt 24.10.
Тестировался на **ванильной** OpenWrt 23.05 и OpenWrt 24.10.
На FriendlyWrt 23.05 присуствуют зависимости от iptables, которые ломают tproxy. Если у вас появляется warning про это в логах, следуйте инструкции по приведённой там ссылке.
Поддержки APK на данный момент нет. APK будет сделан после того как разгребу основное.
@@ -43,7 +46,7 @@ sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/mai
# Удаление
```
opkg remove luci-app-podkop podkop
opkg remove luci-i18n-podkop-ru luci-app-podkop podkop
```
Если был установлен русский язык
@@ -98,6 +101,8 @@ Luci: Services/podkop
list doh_server '127.0.0.1#5053'
list doh_server '127.0.0.1#5054'
```
- [x] Только кастомный remote list не создаёт секцию в route-rules-rule-set и dns-rules-ruleset
# ToDo
Этот раздел не означает задачи, которые нужно брать и делать. Это общий список хотелок. Если вы хотите помочь, пожалуйста, спросите сначала в телеграмме.
@@ -149,6 +154,7 @@ Luci: Services/podkop
- [ ] Сделать галку запрещающую подкопу редачить dhcp. Допилить в исключение вместе с пустыми полями proxy и vpn
- [ ] Валидации предустановленных значений. Если прописаны другие, то вывод в лог о неизвестной переменной и продолжение работы
- [ ] Добавление в список доменов домены первого уровня (LuCI)
- [ ] Проверка, что версия в makefile совпадает с тегом
Приоритет 2
- [x] Списки доменов и подсетей с роутера
@@ -175,6 +181,14 @@ Wiki
Хз как сделать
- [ ] Добавить label от конфига vless\ss\etc в luci.
# Установка версии v0.2.5
Удаляет полностью все пакеты podkop. Удаляет текущую конфигурацию podkop.
После установки **обязательно** сбросьте кэш в LuCI.
```
sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/main/install-v0.2.5.sh)
```
# Разработка
Есть два варианта:
- Просто поставить пакет на роутер или виртуалку и прям редактировать через SFTP (opkg install openssh-sftp-server)

97
install-v0.2.5.sh Executable file
View File

@@ -0,0 +1,97 @@
#!/bin/sh
REPO="https://api.github.com/repos/itdoginfo/podkop/releases/tags/v0.2.5"
DOWNLOAD_DIR="/tmp/podkop"
COUNT=3
rm -rf "$DOWNLOAD_DIR"
mkdir -p "$DOWNLOAD_DIR"
main() {
check_system
opkg update
if [ -f "/etc/init.d/podkop" ]; then
echo "Remove current vesrion podkop"
opkg remove luci-i18n-podkop-ru luci-app-podkop podkop
rm /etc/config/podkop
else
echo "Installed podkop..."
fi
wget -qO- "$REPO" | grep -o 'https://[^"[:space:]]*\.ipk' | while read -r url; do
filename=$(basename "$url")
filepath="$DOWNLOAD_DIR/$filename"
attempt=0
while [ $attempt -lt $COUNT ]; do
if [ -f "$filepath" ] && [ -s "$filepath" ]; then
echo "$filename has already been uploaded"
break
fi
echo "Download $filename (count $((attempt+1)))..."
wget -q -O "$filepath" "$url"
if [ -s "$filepath" ]; then
echo "$filename successfully downloaded"
else
echo "Download error $filename. Retry..."
rm -f "$filepath"
fi
attempt=$((attempt+1))
done
done
for pkg in podkop luci-app-podkop; do
file=$(ls "$DOWNLOAD_DIR" | grep "^$pkg" | head -n 1)
if [ -n "$file" ]; then
echo "Installing $file"
opkg install "$DOWNLOAD_DIR/$file"
fi
done
ru=$(ls "$DOWNLOAD_DIR" | grep "luci-i18n-podkop-ru" | head -n 1)
if [ -n "$ru" ]; then
printf "\033[32;1mРусский язык интерфейса ставим? y/n (Need a Russian translation?)\033[0m "
while true; do
read -r -p '' RUS
case $RUS in
y)
opkg install "$DOWNLOAD_DIR/$ru"
break
;;
n)
break
;;
*)
echo "Введите y или n"
;;
esac
done
fi
rm -f $DOWNLOAD_DIR/podkop*.ipk $DOWNLOAD_DIR/luci-app-podkop*.ipk $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk
}
check_system() {
# Get router model
MODEL=$(cat /tmp/sysinfo/model)
echo "Router model: $MODEL"
if ! nslookup google.com >/dev/null 2>&1; then
log "DNS not working"
exit 1
fi
if opkg list-installed | grep -qE "iptables|kmod-iptab"; then
printf "\033[31;1mFound incompatible iptables packages. If you're using FriendlyWrt: https://t.me/itdogchat/44512/181082\033[0m\n"
fi
}
main

132
install.sh
View File

@@ -11,39 +11,14 @@ mkdir -p "$DOWNLOAD_DIR"
main() {
check_system
wget -qO- "$REPO" | grep -o 'https://[^"[:space:]]*\.ipk' | while read -r url; do
filename=$(basename "$url")
filepath="$DOWNLOAD_DIR/$filename"
attempt=0
while [ $attempt -lt $COUNT ]; do
if [ -f "$filepath" ] && [ -s "$filepath" ]; then
echo "$filename has already been uploaded"
break
fi
echo "Download $filename (count $((attempt+1)))..."
wget -q -O "$filepath" "$url"
if [ -s "$filepath" ]; then
echo "$filename successfully downloaded"
break
else
echo "Download error $filename. Retry..."
rm -f "$filepath"
fi
attempt=$((attempt+1))
done
done
echo "opkg update"
sing_box
opkg update
if [ -f "/etc/init.d/podkop" ]; then
printf "\033[32;1mPodkop is already installed. Just upgrade it? (y/n)\033[0m\n"
printf "\033[32;1my - Only upgrade podkop\033[0m\n"
printf "\033[32;1mn - Upgrade and install proxy or tunnels\033[0m\n"
printf "\033[32;1mn - Upgrade and install tunnels (WG, AWG, OpenVPN, OC)\033[0m\n"
while true; do
read -r -p '' UPDATE
@@ -68,28 +43,60 @@ main() {
add_tunnel
fi
opkg install $DOWNLOAD_DIR/podkop*.ipk
opkg install $DOWNLOAD_DIR/luci-app-podkop*.ipk
wget -qO- "$REPO" | grep -o 'https://[^"[:space:]]*\.ipk' | while read -r url; do
filename=$(basename "$url")
filepath="$DOWNLOAD_DIR/$filename"
echo "Русский язык интерфейса ставим? y/n (Need a Russian translation?)"
while true; do
read -r -p '' RUS
case $RUS in
y)
opkg install $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk
break
;;
attempt=0
while [ $attempt -lt $COUNT ]; do
if [ -f "$filepath" ] && [ -s "$filepath" ]; then
echo "$filename has already been uploaded"
break
fi
n)
break
;;
*)
echo "Please enter y or n"
;;
esac
echo "Download $filename (count $((attempt+1)))..."
wget -q -O "$filepath" "$url"
if [ -s "$filepath" ]; then
echo "$filename successfully downloaded"
else
echo "Download error $filename. Retry..."
rm -f "$filepath"
fi
attempt=$((attempt+1))
done
done
for pkg in podkop luci-app-podkop; do
file=$(ls "$DOWNLOAD_DIR" | grep "^$pkg" | head -n 1)
if [ -n "$file" ]; then
echo "Installing $file"
opkg install "$DOWNLOAD_DIR/$file"
sleep 3
fi
done
ru=$(ls "$DOWNLOAD_DIR" | grep "luci-i18n-podkop-ru" | head -n 1)
if [ -n "$ru" ]; then
printf "\033[32;1mРусский язык интерфейса ставим? y/n (Need a Russian translation?)\033[0m "
while true; do
read -r -p '' RUS
case $RUS in
y)
opkg install "$DOWNLOAD_DIR/$ru"
break
;;
n)
break
;;
*)
echo "Введите y или n"
;;
esac
done
fi
rm -f $DOWNLOAD_DIR/podkop*.ipk $DOWNLOAD_DIR/luci-app-podkop*.ipk $DOWNLOAD_DIR/luci-i18n-podkop-ru*.ipk
if [ "$IS_SHOULD_RESTART_NETWORK" ]; then
@@ -99,7 +106,7 @@ main() {
}
add_tunnel() {
echo "Will you be using Wireguard, AmneziaWG, OpenVPN, OpenConnect? If yes, select a number and they will be automatically installed"
printf "\033[32;1mWill you be using Wireguard, AmneziaWG, OpenVPN, OpenConnect? If yes, select a number and they will be automatically installed\033[0m "
echo "1) Wireguard"
echo "2) AmneziaWG"
echo "3) OpenVPN"
@@ -151,7 +158,7 @@ add_tunnel() {
;;
5)
echo "Skip. Use this if you're installing an upgrade."
echo "Installation without additional dependencies."
break
;;
@@ -389,18 +396,37 @@ check_system() {
echo "Router model: $MODEL"
# Check available space
AVAILABLE_SPACE=$(df /tmp | awk 'NR==2 {print $4}')
AVAILABLE_SPACE=$(df /overlay | awk 'NR==2 {print $4}')
REQUIRED_SPACE=15360 # 15MB in KB
echo "Available space: $((AVAILABLE_SPACE/1024))MB"
echo "Required space: $((REQUIRED_SPACE/1024))MB"
if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_SPACE" ]; then
echo "Error: Insufficient space in /tmp"
printf "\033[31;1mError: Insufficient space in flash\033[0m\n"
echo "Available: $((AVAILABLE_SPACE/1024))MB"
echo "Required: $((REQUIRED_SPACE/1024))MB"
exit 1
fi
if ! nslookup google.com >/dev/null 2>&1; then
log "DNS not working"
exit 1
fi
if opkg list-installed | grep -qE "iptables|kmod-iptab"; then
printf "\033[31;1mFound incompatible iptables packages. If you're using FriendlyWrt: https://t.me/itdogchat/44512/181082\033[0m\n"
fi
}
sing_box() {
if ! opkg list-installed | grep -q "^sing-box"; then
return
fi
sing_box_version=$(sing-box version | head -n 1 | awk '{print $3}')
required_version="1.11.1"
if [ "$(echo -e "$sing_box_version\n$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
opkg remove sing-box
fi
}
main

2
luci-app-podkop/Makefile
View File

@@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-podkop
PKG_VERSION:=0.3.4
PKG_VERSION:=0.3.9
PKG_RELEASE:=1
LUCI_TITLE:=LuCI podkop app

333
luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js
View File

@@ -404,13 +404,16 @@ return view.extend({
o = s.taboption('additional', form.Flag, 'yacd', _('Yacd enable'), _('http://openwrt.lan:9090/ui'));
o.default = '0';
o.depends('mode', 'proxy');
o.rmempty = false;
o.ucisection = 'main';
o = s.taboption('additional', form.Flag, 'exclude_ntp', _('Exclude NTP'), _('For issues with open connections sing-box'));
o.default = '0';
o.depends('mode', 'proxy');
o.rmempty = false;
o.ucisection = 'main';
o = s.taboption('additional', form.Flag, 'quic_disable', _('QUIC disable'), _('For issues with the video stream'));
o.default = '0';
o.rmempty = false;
o.ucisection = 'main';
@@ -439,18 +442,17 @@ return view.extend({
`: ${status === 'available' ? '✓' : '✗'}`);
}
// Check All - full diagnostic
o = s.taboption('diagnostics', form.Button, '_check_all');
o.title = _('Main Check');
o.description = _('Run a comprehensive diagnostic check of all components');
o.inputtitle = _('Run Check');
// Connection Checks Section
o = s.taboption('diagnostics', form.Button, '_check_nft');
o.title = _('NFT Rules');
o.description = _('Show current nftables rules and statistics');
o.inputtitle = _('Check Rules');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['check_three'])
return fs.exec('/etc/init.d/podkop', ['check_nft'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
const modalElement = ui.showModal(_('Full Diagnostic Results'), [
ui.showModal(_('NFT Rules'), [
E('div', {
style:
'max-height: 70vh;' +
@@ -475,7 +477,7 @@ return view.extend({
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = '```txt\n' + formattedOutput + '\n```';
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
@@ -491,27 +493,77 @@ return view.extend({
'click': ui.hideModal
}, _('Close'))
])
], 'large');
]);
});
};
if (modalElement && modalElement.parentElement) {
modalElement.parentElement.style.width = '90%';
modalElement.parentElement.style.maxWidth = '1200px';
modalElement.parentElement.style.margin = '2rem auto';
}
// Logs Section
o = s.taboption('diagnostics', form.Button, '_check_sing_box_logs');
o.title = _('Sing-Box Logs');
o.description = _('View recent sing-box logs from system journal');
o.inputtitle = _('View Sing-Box Logs');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['check_sing_box_logs'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
ui.showModal(_('Sing-Box Logs'), [
E('div', {
style:
'max-height: 70vh;' +
'overflow-y: auto;' +
'margin: 1em 0;' +
'padding: 1.5em;' +
'background: #f8f9fa;' +
'border: 1px solid #e9ecef;' +
'border-radius: 4px;' +
'font-family: monospace;' +
'white-space: pre-wrap;' +
'word-wrap: break-word;' +
'line-height: 1.5;' +
'font-size: 14px;'
}, [
E('pre', { style: 'margin: 0;' }, formattedOutput)
]),
E('div', {
style: 'display: flex; justify-content: space-between; margin-top: 1em;'
}, [
E('button', {
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand('copy');
} catch (err) {
ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
}
document.body.removeChild(textarea);
}
}, _('Copy to Clipboard')),
E('button', {
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
]);
});
};
o = s.taboption('diagnostics', form.Button, '_check_logs');
o.title = _('System Logs');
o.description = _('View recent system logs related to Podkop');
o.inputtitle = _('View Logs');
o.title = _('Podkop Logs');
o.description = _('View recent podkop logs from system journal');
o.inputtitle = _('View Podkop Logs');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['check_logs'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
const modalElement = ui.showModal(_('System Logs'), [
ui.showModal(_('Podkop Logs'), [
E('div', {
style:
'max-height: 70vh;' +
@@ -536,7 +588,7 @@ return view.extend({
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = '```txt\n' + formattedOutput + '\n```';
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
@@ -552,18 +604,175 @@ return view.extend({
'click': ui.hideModal
}, _('Close'))
])
], 'large');
]);
});
};
if (modalElement && modalElement.parentElement) {
modalElement.parentElement.style.width = '90%';
modalElement.parentElement.style.maxWidth = '1200px';
modalElement.parentElement.style.margin = '2rem auto';
}
// Configurations Section
o = s.taboption('diagnostics', form.Button, '_check_sing_box_connections');
o.title = _('Active Connections');
o.description = _('View active sing-box network connections');
o.inputtitle = _('Check Connections');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['check_sing_box_connections'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
ui.showModal(_('Active Connections'), [
E('div', {
style:
'max-height: 70vh;' +
'overflow-y: auto;' +
'margin: 1em 0;' +
'padding: 1.5em;' +
'background: #f8f9fa;' +
'border: 1px solid #e9ecef;' +
'border-radius: 4px;' +
'font-family: monospace;' +
'white-space: pre-wrap;' +
'word-wrap: break-word;' +
'line-height: 1.5;' +
'font-size: 14px;'
}, [
E('pre', { style: 'margin: 0;' }, formattedOutput)
]),
E('div', {
style: 'display: flex; justify-content: space-between; margin-top: 1em;'
}, [
E('button', {
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand('copy');
} catch (err) {
ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
}
document.body.removeChild(textarea);
}
}, _('Copy to Clipboard')),
E('button', {
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
]);
});
};
o = s.taboption('diagnostics', form.Button, '_check_dnsmasq');
o.title = _('DNSMasq Configuration');
o.description = _('View current DNSMasq configuration settings');
o.inputtitle = _('Check DNSMasq');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['check_dnsmasq'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
ui.showModal(_('DNSMasq Configuration'), [
E('div', {
style:
'max-height: 70vh;' +
'overflow-y: auto;' +
'margin: 1em 0;' +
'padding: 1.5em;' +
'background: #f8f9fa;' +
'border: 1px solid #e9ecef;' +
'border-radius: 4px;' +
'font-family: monospace;' +
'white-space: pre-wrap;' +
'word-wrap: break-word;' +
'line-height: 1.5;' +
'font-size: 14px;'
}, [
E('pre', { style: 'margin: 0;' }, formattedOutput)
]),
E('div', {
style: 'display: flex; justify-content: space-between; margin-top: 1em;'
}, [
E('button', {
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand('copy');
} catch (err) {
ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
}
document.body.removeChild(textarea);
}
}, _('Copy to Clipboard')),
E('button', {
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
]);
});
};
o = s.taboption('diagnostics', form.Button, '_show_sing_box_config');
o.title = _('Sing-Box Configuration');
o.description = _('Show current sing-box configuration');
o.inputtitle = _('Show Sing-Box Config');
o.inputstyle = 'apply';
o.onclick = function () {
return fs.exec('/etc/init.d/podkop', ['show_sing_box_config'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
ui.showModal(_('Sing-Box Configuration'), [
E('div', {
style:
'max-height: 70vh;' +
'overflow-y: auto;' +
'margin: 1em 0;' +
'padding: 1.5em;' +
'background: #f8f9fa;' +
'border: 1px solid #e9ecef;' +
'border-radius: 4px;' +
'font-family: monospace;' +
'white-space: pre-wrap;' +
'word-wrap: break-word;' +
'line-height: 1.5;' +
'font-size: 14px;'
}, [
E('pre', { style: 'margin: 0;' }, formattedOutput)
]),
E('div', {
style: 'display: flex; justify-content: space-between; margin-top: 1em;'
}, [
E('button', {
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = '```json\n' + formattedOutput + '\n```';
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand('copy');
} catch (err) {
ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
}
document.body.removeChild(textarea);
}
}, _('Copy to Clipboard')),
E('button', {
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
]);
});
};
o = s.taboption('diagnostics', form.Button, '_show_config');
o.title = _('Show Config');
o.title = _('Podkop Configuration');
o.description = _('Show current podkop configuration with masked sensitive data');
o.inputtitle = _('Show Config');
o.inputstyle = 'apply';
@@ -571,22 +780,36 @@ return view.extend({
return fs.exec('/etc/init.d/podkop', ['show_config'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
const modalElement = ui.showModal(_('Podkop Configuration'), [
E('div', { class: 'cbi-section' }, [
E('pre', { class: 'cbi-value-field' }, formattedOutput)
ui.showModal(_('Podkop Configuration'), [
E('div', {
style:
'max-height: 70vh;' +
'overflow-y: auto;' +
'margin: 1em 0;' +
'padding: 1.5em;' +
'background: #f8f9fa;' +
'border: 1px solid #e9ecef;' +
'border-radius: 4px;' +
'font-family: monospace;' +
'white-space: pre-wrap;' +
'word-wrap: break-word;' +
'line-height: 1.5;' +
'font-size: 14px;'
}, [
E('pre', { style: 'margin: 0;' }, formattedOutput)
]),
E('div', { style: 'display: flex; justify-content: space-between; margin-top: 1em;' }, [
E('div', {
style: 'display: flex; justify-content: space-between; margin-top: 1em;'
}, [
E('button', {
'class': 'btn cbi-button-save',
'class': 'btn',
'click': function () {
const textarea = document.createElement('textarea');
textarea.value = '```\n' + formattedOutput + '\n```';
textarea.value = formattedOutput;
document.body.appendChild(textarea);
textarea.select();
try {
document.execCommand('copy');
ui.hideModal();
} catch (err) {
ui.addNotification(null, E('p', {}, _('Failed to copy: ') + err.message));
}
@@ -594,35 +817,31 @@ return view.extend({
}
}, _('Copy to Clipboard')),
E('button', {
'class': 'btn cbi-button-neutral',
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
], 'large');
if (modalElement && modalElement.parentElement) {
modalElement.parentElement.classList.add('modal-overlay-large');
}
]);
});
};
o = s.taboption('diagnostics', form.Button, '_list_update');
o.title = _('Update lists');
o.title = _('Update Lists');
o.description = _('Update all lists in config');
o.inputtitle = _('Update lists');
o.inputtitle = _('Update Lists');
o.inputstyle = 'apply';
o.onclick = function () {
fs.exec('/etc/init.d/podkop', ['list_update']);
ui.showModal(_('List Update'), [
E('p', {}, _('Lists will be updated in background. You can check the progress in system logs.')),
E('div', { class: 'right' }, [
E('button', {
'class': 'btn',
'click': ui.hideModal
}, _('Close'))
])
]);
return fs.exec('/etc/init.d/podkop', ['list_update'])
.then(function (res) {
const formattedOutput = formatDiagnosticOutput(res.stdout || _('No output'));
ui.showModal(_('Lists Update Results'), [
E('div', { style: 'white-space:pre-wrap;padding:5px' }, formattedOutput),
E('div', { class: 'right' }, E('button', {
class: 'btn',
click: ui.hideModal
}, _('Close')))
]);
});
};

134
luci-app-podkop/po/ru/podkop.po
View File

@@ -329,4 +329,136 @@ msgid "View Logs"
msgstr "Просмотр логов"
msgid "Failed to copy logs: "
msgstr "Ошибка копирования логов: "
msgstr "Ошибка копирования логов: "
msgid "Show Config"
msgstr "Показать конфигурацию"
msgid "Show current podkop configuration with masked sensitive data"
msgstr "Показать текущую конфигурацию podkop с маскированными конфиденциальными данными"
msgid "Podkop Configuration"
msgstr "Конфигурация Podkop"
msgid "Update lists"
msgstr "Обновить списки"
msgid "Update all lists in config"
msgstr "Обновить все списки в конфигурации"
msgid "List Update"
msgstr "Обновление списков"
msgid "Lists will be updated in background. You can check the progress in system logs."
msgstr "Списки будут обновлены в фоновом режиме. Вы можете проверить прогресс в системных логах."
msgid "Extra configurations"
msgstr "Дополнительные конфигурации"
msgid "Extra configuration"
msgstr "Дополнительная конфигурация"
msgid "Add Section"
msgstr "Добавить раздел"
msgid "QUIC disable"
msgstr "Отключить QUIC"
msgid "For issues with the video stream"
msgstr "Для проблем с видеопотоком"
msgid "Community Lists"
msgstr "Списки сообщества"
msgid "Local Domain Lists"
msgstr "Локальные списки доменов"
msgid "Use the list from the router filesystem"
msgstr "Использовать список из файловой системы роутера"
msgid "Local Domain Lists Path"
msgstr "Путь к локальным спискам доменов"
msgid "Enter to the list file path"
msgstr "Введите путь к файлу списка"
msgid "Proxy Check"
msgstr "Проверка прокси"
msgid "Check if sing-box proxy works correctly"
msgstr "Проверить корректность работы прокси sing-box"
msgid "Check Proxy"
msgstr "Проверить прокси"
msgid "Proxy Check Results"
msgstr "Результаты проверки прокси"
msgid "NFT Rules"
msgstr "Правила NFT"
msgid "Show current nftables rules and statistics"
msgstr "Показать текущие правила и статистику nftables"
msgid "Check Rules"
msgstr "Проверить правила"
msgid "GitHub Connectivity"
msgstr "Подключение к GitHub"
msgid "Check GitHub connectivity and lists availability"
msgstr "Проверить подключение к GitHub и доступность списков"
msgid "Check GitHub"
msgstr "Проверить GitHub"
msgid "GitHub Connectivity Results"
msgstr "Результаты проверки подключения к GitHub"
msgid "Sing-Box Logs"
msgstr "Логи Sing-Box"
msgid "View recent sing-box logs from system journal"
msgstr "Просмотр последних логов sing-box из системного журнала"
msgid "View Sing-Box Logs"
msgstr "Просмотр логов Sing-Box"
msgid "Podkop Logs"
msgstr "Логи Podkop"
msgid "View recent podkop logs from system journal"
msgstr "Просмотр последних логов podkop из системного журнала"
msgid "View Podkop Logs"
msgstr "Просмотр логов Podkop"
msgid "Active Connections"
msgstr "Активные соединения"
msgid "View active sing-box network connections"
msgstr "Просмотр активных сетевых соединений sing-box"
msgid "Check Connections"
msgstr "Проверить соединения"
msgid "DNSMasq Configuration"
msgstr "Конфигурация DNSMasq"
msgid "View current DNSMasq configuration settings"
msgstr "Просмотр текущих настроек конфигурации DNSMasq"
msgid "Check DNSMasq"
msgstr "Проверить DNSMasq"
msgid "Sing-Box Configuration"
msgstr "Конфигурация Sing-Box"
msgid "Show current sing-box configuration"
msgstr "Показать текущую конфигурацию sing-box"
msgid "Show Sing-Box Config"
msgstr "Показать конфигурацию Sing-Box"
msgid "Lists Update Results"
msgstr "Результаты обновления списков"

132
luci-app-podkop/po/templates/podkop.pot
View File

@@ -329,4 +329,136 @@ msgid "View Logs"
msgstr ""
msgid "Failed to copy logs: "
msgstr ""
msgid "Show Config"
msgstr ""
msgid "Show current podkop configuration with masked sensitive data"
msgstr ""
msgid "Podkop Configuration"
msgstr ""
msgid "Update lists"
msgstr ""
msgid "Update all lists in config"
msgstr ""
msgid "List Update"
msgstr ""
msgid "Lists will be updated in background. You can check the progress in system logs."
msgstr ""
msgid "Extra configurations"
msgstr ""
msgid "Extra configuration"
msgstr ""
msgid "Add Section"
msgstr ""
msgid "QUIC disable"
msgstr ""
msgid "For issues with the video stream"
msgstr ""
msgid "Community Lists"
msgstr ""
msgid "Local Domain Lists"
msgstr ""
msgid "Use the list from the router filesystem"
msgstr ""
msgid "Local Domain Lists Path"
msgstr ""
msgid "Enter to the list file path"
msgstr ""
msgid "Proxy Check"
msgstr ""
msgid "Check if sing-box proxy works correctly"
msgstr ""
msgid "Check Proxy"
msgstr ""
msgid "Proxy Check Results"
msgstr ""
msgid "NFT Rules"
msgstr ""
msgid "Show current nftables rules and statistics"
msgstr ""
msgid "Check Rules"
msgstr ""
msgid "GitHub Connectivity"
msgstr ""
msgid "Check GitHub connectivity and lists availability"
msgstr ""
msgid "Check GitHub"
msgstr ""
msgid "GitHub Connectivity Results"
msgstr ""
msgid "Sing-Box Logs"
msgstr ""
msgid "View recent sing-box logs from system journal"
msgstr ""
msgid "View Sing-Box Logs"
msgstr ""
msgid "Podkop Logs"
msgstr ""
msgid "View recent podkop logs from system journal"
msgstr ""
msgid "View Podkop Logs"
msgstr ""
msgid "Active Connections"
msgstr ""
msgid "View active sing-box network connections"
msgstr ""
msgid "Check Connections"
msgstr ""
msgid "DNSMasq Configuration"
msgstr ""
msgid "View current DNSMasq configuration settings"
msgstr ""
msgid "Check DNSMasq"
msgstr ""
msgid "Sing-Box Configuration"
msgstr ""
msgid "Show current sing-box configuration"
msgstr ""
msgid "Show Sing-Box Config"
msgstr ""
msgid "Lists Update Results"
msgstr ""

2
podkop/Makefile
View File

@@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=podkop
PKG_VERSION:=0.3.4
PKG_VERSION:=0.3.9
PKG_RELEASE:=1
PKG_MAINTAINER:=ITDog <podkop@itdog.info>

1
podkop/files/etc/config/podkop
View File

@@ -28,5 +28,6 @@ config main 'main'
option yacd '0'
option socks5 '0'
option exclude_ntp '0'
option quic_disable '0'
option update_interval '1d'
option custom_domains_text

315
podkop/files/etc/init.d/podkop
View File

@@ -7,18 +7,18 @@ script=$(readlink "$initscript")
NAME="$(basename ${script:-$initscript})"
config_load "$NAME"
EXTRA_COMMANDS="list_update check_proxy check_nft check_github check_logs check_all check_three main show_config show_version"
EXTRA_COMMANDS="main list_update check_proxy check_nft check_github check_logs check_sing_box_connections check_sing_box_logs check_dnsmasq show_config show_version show_sing_box_config"
EXTRA_HELP=" list_update Updating domain and subnet lists
sing_box_config_vless For test vless string
check_proxy Check if sing-box proxy works correctly
check_nft Show PodkopTable nftables rules
check_github Check GitHub connectivity and lists availability
check_logs Show podkop logs from system journal
check_all Run all checks
check_three Run check_proxy, check_nft and check_github
main Main function
check_sing_box_connections Show active sing-box network connections
check_sing_box_logs Show recent sing-box logs
check_dnsmasq Show current DNSMasq configuration
show_config Show current configuration with masked sensitive data
show_version Show current version"
show_version Show current version
show_sing_box_config Show current sing-box configuration"
[ ! -L /usr/sbin/podkop ] && ln -s /etc/init.d/podkop /usr/sbin/podkop
@@ -35,10 +35,32 @@ SUBNETS_TELERAM="${GITHUB_RAW_URL}/Subnets/IPv4/telegram.lst"
SING_BOX_CONFIG="/etc/sing-box/config.json"
CACHE_FILE_PATH="/tmp/cache.db"
FAKEIP="198.18.0.0/15"
VALID_SERVICES="russia_inside russia_outside ukraine_inside geoblock block porn news anime youtube discord meta twitter hdrezka tiktok telegram"
start_service() {
log "Start podkop"
sing_box_version=$(sing-box version | head -n 1 | awk '{print $3}')
required_version="1.11.1"
if [ "$(echo -e "$sing_box_version\n$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
echo "The version of sing-box ($sing_box_version) is lower than the minimum version. Update sing-box: opkg update && opkg remove sing-box && opkg install sing-box"
exit 1
fi
if opkg list-installed | grep -qE "iptables|kmod-iptab"; then
printf "\033[31;1mFound incompatible iptables packages. If you're using FriendlyWrt: https://t.me/itdogchat/44512/181082\033[0m\n"
fi
if ! ip addr | grep -q "br-lan"; then
log "Interface br-lan not found"
exit 1
fi
migration
config_foreach process_validate_service
procd_open_instance
procd_set_param command /bin/sh -c "/etc/init.d/podkop main &"
procd_set_param stdout 1
@@ -111,26 +133,12 @@ nolog() {
}
main() {
sing_box_version=$(sing-box version | head -n 1 | awk '{print $3}')
required_version="1.11.1"
if [ "$(echo -e "$sing_box_version\n$required_version" | sort -V | head -n 1)" != "$required_version" ]; then
echo "The version of sing-box ($sing_box_version) is lower than the minimum version. Update sing-box: opkg update && opkg install sing-box"
exit 1
fi
migration
sleep 5
config_foreach wget_github
mkdir -p /tmp/podkop
if ! ip addr | grep -q "br-lan"; then
log "Interface br-lan not found"
fi
# base
route_table_rule_mark
create_nft_table
@@ -178,6 +186,12 @@ main() {
nft insert rule inet PodkopTable mangle udp dport 123 return
fi
config_get_bool quic_disable "main" "quic_disable" "0"
if [ "$quic_disable" -eq 1 ]; then
log "Rule for disable QUIC"
sing_box_quic_reject
fi
sing_box_config_check
/etc/init.d/sing-box restart
/etc/init.d/sing-box enable
@@ -190,18 +204,69 @@ main() {
fi
}
# Migrations funcs
# Migrations and validation funcs
migration() {
# list migrate
grep -q "list domain_list 'ru_inside'" /etc/config/podkop && sed -i "s/list domain_list 'ru_inside'/list domain_list 'russia_inside'/" /etc/config/podkop
grep -q "list domain_list 'ru_outside'" /etc/config/podkop && sed -i "s/list domain_list 'ru_outside'/list domain_list 'russia_outside'/" /etc/config/podkop
grep -q "list domain_list 'ua'" /etc/config/podkop && sed -i "s/list domain_list 'ua'/list domain_list 'ukraine_inside'/" /etc/config/podkop
local CONFIG="/etc/config/podkop"
if grep -q "ru_inside" $CONFIG; then
log "Depricated list found: ru_inside"
sed -i '/ru_inside/d' $CONFIG
fi
if grep -q "list domain_list 'ru_outside'" $CONFIG; then
log "Depricated list found: sru_outside"
sed -i '/ru_outside/d' $CONFIG
fi
if grep -q "list domain_list 'ua'" $CONFIG; then
log "Depricated list found: ua"
sed -i '/ua/d' $CONFIG
fi
# Subnet list
if grep -q "list subnets" $CONFIG; then
log "Depricated second section found"
sed -i '/list subnets/d' $CONFIG
fi
# second remove
grep -q "config second 'second'" /etc/config/podkop && sed -i '/second/d' /etc/config/podkop
if grep -q "config second 'second'" $CONFIG; then
log "Depricated second section found"
sed -i '/second/d' $CONFIG
fi
# cron update
grep -qE "^\s*option update_interval '[0-9*/,-]+( [0-9*/,-]+){4}'" /etc/config/podkop && sed -i "s|^\(\s*option update_interval\) '[0-9*/,-]\+\( [0-9*/,-]\+\)\{4\}'|\1 '1d'|" /etc/config/podkop
if grep -qE "^\s*option update_interval '[0-9*/,-]+( [0-9*/,-]+){4}'" $CONFIG; then
log "Depricated update_interval"
sed -i "s|^\(\s*option update_interval\) '[0-9*/,-]\+\( [0-9*/,-]\+\)\{4\}'|\1 '1d'|" $CONFIG
fi
# dnsmasq https
if grep -q "^filter-rr=HTTPS" "/etc/dnsmasq.conf"; then
log "Found and removed filter-rr=HTTPS in dnsmasq config"
sed -i '/^filter-rr=HTTPS/d' "/etc/dnsmasq.conf"
fi
}
validate_service() {
local domain="$1"
for valid_service in $VALID_SERVICES; do
if [ "$domain" = "$valid_service" ]; then
return 0
fi
done
log "Invalid service in domain_list: $domain. Exiting. Check config and LuCI cache"
exit 1
}
process_validate_service() {
config_get_bool domain_list_enabled "$section" "domain_list_enabled" "0"
if [ "$domain_list_enabled" -eq 1 ]; then
config_list_foreach "$section" domain_list validate_service
fi
}
# Main funcs
@@ -252,12 +317,10 @@ dnsmasq_add() {
uci set dhcp.@dnsmasq[0].filter_aaaa="1"
uci set dhcp.@dnsmasq[0].cachesize="0"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
uci add_list dhcp.@dnsmasq[0].server="127.0.0.42"
uci add_list dhcp.@dnsmasq[0].server='/use-application-dns.net/'
uci commit dhcp
grep -q "filter-rr=HTTPS" /etc/dnsmasq.conf || echo "filter-rr=HTTPS" >> /etc/dnsmasq.conf
/etc/init.d/dnsmasq restart
}
@@ -267,10 +330,9 @@ dnsmasq_rm() {
uci set dhcp.@dnsmasq[0].filter_aaaa="0"
uci set dhcp.@dnsmasq[0].cachesize="1000"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="8.8.8.8"
uci commit dhcp
sed -i '/filter-rr=HTTPS/d' /etc/dnsmasq.conf
/etc/init.d/dnsmasq restart
}
@@ -484,8 +546,8 @@ sing_box_inbound_proxy() {
{
"tag": "dns-in",
"type": "direct",
"listen": "127.0.0.1",
"listen_port": 5353
"listen": "127.0.0.42",
"listen_port": 53
}
],
"outbounds": [
@@ -526,6 +588,12 @@ sing_box_dns_rule_fakeip() {
jq \
'.dns += {
"rules": [
{
"query_type": [
"HTTPS"
],
"action": "reject"
},
{
"server": "fakeip-server",
"rule_set": []
@@ -686,8 +754,8 @@ sing_box_config_outbound_json() {
{
"tag": "dns-in",
"type": "direct",
"listen": "127.0.0.1",
"listen_port": 5353
"listen": "127.0.0.42",
"listen_port": 53
}
],
"outbounds": [],
@@ -1111,6 +1179,25 @@ sing_box_rules() {
fi
}
sing_box_quic_reject() {
local quic_rule_exists=$(jq -e '.route.rules[] | select(.protocol == "quic" and .action == "reject")' "$SING_BOX_CONFIG")
if [[ -z "$quic_rule_exists" ]]; then
jq '
.route.rules |= (
reduce .[] as $rule ([];
if $rule.protocol == "dns" and $rule.action == "hijack-dns" then
. + [$rule, {"protocol": "quic", "action": "reject"}]
else
. + [$rule]
end
)
)' "$SING_BOX_CONFIG" >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json "$SING_BOX_CONFIG"
log "QUIC reject rule added successfully"
fi
}
process_remote_ruleset() {
config_get_bool domain_list_enabled "$section" "domain_list_enabled" "0"
if [ "$domain_list_enabled" -eq 1 ]; then
@@ -1123,8 +1210,11 @@ process_remote_ruleset() {
sing_box_rule_preset() {
config_get custom_domains_list_type "$section" "custom_domains_list_type"
config_get custom_subnets_list_enabled "$section" "custom_subnets_list_enabled"
config_get custom_local_domains_list_enabled "$section" "custom_local_domains_list_enabled"
config_get custom_download_domains_list_enabled "$section" "custom_download_domains_list_enabled"
if [ "$custom_domains_list_type" != "disabled" ] || [ "$custom_subnets_list_enabled" != "disabled" ]; then
if [ "$custom_domains_list_type" != "disabled" ] || [ "$custom_subnets_list_enabled" != "disabled" ] ||
[ "$custom_local_domains_list_enabled" = "1" ] || [ "$custom_download_domains_list_enabled" = "1" ]; then
sing_box_rules "$section" "$section"
sing_box_dns_rule_fakeip_section "$section" "$section"
fi
@@ -1303,15 +1393,29 @@ check_proxy() {
fi
jq '
walk(
if type == "object" then
with_entries(
if [.key] | inside(["uuid", "server", "server_name", "password", "public_key", "short_id"]) then
.value = "MASKED"
else . end
)
else . end
)' $SING_BOX_CONFIG
walk(
if type == "object" then
with_entries(
if .key == "uuid" then
.value = "MASKED"
elif .key == "server" then
.value = "MASKED"
elif .key == "server_name" then
.value = "MASKED"
elif .key == "password" then
.value = "MASKED"
elif .key == "public_key" then
.value = "MASKED"
elif .key == "short_id" then
.value = "MASKED"
elif .key == "fingerprint" then
.value = "MASKED"
elif .key == "server_port" then
.value = "MASKED"
else . end
)
else . end
)' $SING_BOX_CONFIG
nolog "Checking proxy connection..."
@@ -1350,22 +1454,18 @@ check_nft() {
nolog "Checking PodkopTable rules..."
local sets="podkop_domains podkop_subnets podkop_subnets_discord localv4"
nolog "Sets statistics:"
for set_name in $sets; do
if nft list set inet PodkopTable $set_name >/dev/null 2>&1; then
local count=$(nft list set inet PodkopTable $set_name 2>/dev/null | grep -c ",")
nolog "- $set_name: $count elements"
else
nolog "- $set_name: not found"
fi
done
# Check if table exists
if ! nft list table inet PodkopTable >/dev/null 2>&1; then
nolog "PodkopTable not found"
return 1
fi
nolog "Current chains and rules:"
nft list table inet PodkopTable | grep "chain\|counter"
# Get all sets
nolog "\nSets configuration:"
nolog "NFT check completed"
nft list table inet PodkopTable
nolog "\nNFT check completed"
}
check_github() {
@@ -1390,37 +1490,94 @@ check_github() {
done
}
check_dnsmasq() {
nolog "Checking dnsmasq configuration..."
local config=$(uci show dhcp.@dnsmasq[0])
if [ -z "$config" ]; then
nolog "No dnsmasq configuration found"
return 1
fi
echo "$config" | while IFS='=' read -r key value; do
nolog "$key = $value"
done
}
check_sing_box_connections() {
nolog "Checking sing-box connections..."
if ! command -v netstat >/dev/null 2>&1; then
nolog "netstat is not installed"
return 1
fi
local connections=$(netstat -tuanp | grep sing-box)
if [ -z "$connections" ]; then
nolog "No active sing-box connections found"
return 1
fi
echo "$connections" | while read -r line; do
nolog "$line"
done
}
check_sing_box_logs() {
nolog "Showing sing-box logs from system journal..."
local logs=$(logread -e sing-box | tail -n 50)
if [ -z "$logs" ]; then
nolog "No sing-box logs found"
return 1
fi
echo "$logs"
}
check_logs() {
nolog "Showing podkop logs from system journal..."
if command -v logread >/dev/null 2>&1; then
logread -e "podkop" | tail -n 50
logread -e podkop | tail -n 50
else
nolog "Error: logread command not found"
return 1
fi
}
check_three() {
nolog "\n=== Checking GitHub connectivity ==="
check_github
show_sing_box_config() {
nolog "Current sing-box configuration:"
nolog "\n=== Checking proxy settings ==="
check_proxy
nolog "\n=== Checking NFT rules ==="
check_nft
nolog "\nFull diagnostic check completed"
}
if [ ! -f "$SING_BOX_CONFIG" ]; then
nolog "Configuration file not found"
return 1
fi
check_all() {
nolog "Starting full diagnostic check..."
nolog "\n=== Checking recent logs ==="
check_logs
check_three
jq '
walk(
if type == "object" then
with_entries(
if .key == "uuid" then
.value = "MASKED"
elif .key == "server" then
.value = "MASKED"
elif .key == "server_name" then
.value = "MASKED"
elif .key == "password" then
.value = "MASKED"
elif .key == "public_key" then
.value = "MASKED"
elif .key == "short_id" then
.value = "MASKED"
elif .key == "fingerprint" then
.value = "MASKED"
elif .key == "server_port" then
.value = "MASKED"
else . end
)
else . end
)' "$SING_BOX_CONFIG"
}
show_config() {