mirror of
https://github.com/itdoginfo/podkop.git
synced 2025-12-06 11:36:50 +03:00
Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
f90ab7f468 | ||
|
|
e4bfd447ce | ||
|
|
fbdd759b83 | ||
|
|
2488bc30b1 | ||
|
|
dcc12cf920 | ||
|
|
c99cef9f27 | ||
|
|
8a68f3fcc2 | ||
|
|
ed2994be3a | ||
|
|
77ff5ab781 | ||
|
|
1c80bc5a5e |
10
README.md
10
README.md
@@ -1,6 +1,6 @@
|
||||
# Вещи, которые вам нужно знать перед установкой
|
||||
|
||||
- Это альфа версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
|
||||
- Это бета-версия, которая находится в активной разработке. Из версии в версию что-то может меняться.
|
||||
- При возникновении проблем, нужен технически грамотный фидбэк в чат.
|
||||
- При обновлении **обязательно** [сбрасывайте кэш LuCI](https://podkop.net/docs/clearbrowsercache/).
|
||||
- Также при обновлении всегда заходите в конфигурацию и проверяйте свои настройки. Конфигурация может измениться.
|
||||
@@ -38,10 +38,10 @@ sh <(wget -qO- https://raw.githubusercontent.com/itdoginfo/podkop/refs/heads/mai
|
||||
|
||||
## Списки
|
||||
- [ ] Speedtest
|
||||
- [ ] Google AI
|
||||
- [ ] Google PlayMarket. Здесь уточнить, что точно не работает через корректную настройку FakeIP, а не dnsmasq+nft.
|
||||
- [ ] Hetzner ASN (AS24940)
|
||||
- [ ] OVH ASN (AS16276)
|
||||
- [x] Google AI
|
||||
- [x] Google PlayMarket. Здесь уточнить, что точно не работает через корректную настройку FakeIP, а не dnsmasq+nft.
|
||||
- [x] Hetzner ASN (AS24940)
|
||||
- [x] OVH ASN (AS16276)
|
||||
|
||||
## Будущее
|
||||
- [ ] После наполнения вики про туннели, убрать всё что связано с их установкой из скрипта. Только с AWG что-то решить, лучше чтоб был скрипт в сторонем репозитории.
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-podkop
|
||||
PKG_VERSION:=0.3.49
|
||||
PKG_VERSION:=0.4.0
|
||||
PKG_RELEASE:=1
|
||||
|
||||
LUCI_TITLE:=LuCI podkop app
|
||||
|
||||
@@ -300,7 +300,7 @@ function createConfigSection(section, map, network) {
|
||||
o.value('russia_inside', 'Russia inside');
|
||||
o.value('russia_outside', 'Russia outside');
|
||||
o.value('ukraine_inside', 'Ukraine');
|
||||
o.value('geoblock', 'GEO Block');
|
||||
o.value('geoblock', 'Geo Block');
|
||||
o.value('block', 'Block');
|
||||
o.value('porn', 'Porn');
|
||||
o.value('news', 'News');
|
||||
@@ -313,6 +313,11 @@ function createConfigSection(section, map, network) {
|
||||
o.value('tiktok', 'Tik-Tok');
|
||||
o.value('telegram', 'Telegram');
|
||||
o.value('cloudflare', 'Cloudflare');
|
||||
o.value('google_ai', 'Google AI');
|
||||
o.value('google_play', 'Google Play');
|
||||
o.value('hetzner', 'Hetzner ASN');
|
||||
o.value('ovh', 'OVH ASN');
|
||||
|
||||
o.depends('domain_list_enabled', '1');
|
||||
o.rmempty = false;
|
||||
o.ucisection = s.section;
|
||||
@@ -344,13 +349,13 @@ function createConfigSection(section, map, network) {
|
||||
}
|
||||
|
||||
if (newValues.includes('russia_inside')) {
|
||||
const allowedWithRussiaInside = ['russia_inside', 'meta', 'twitter', 'discord', 'telegram', 'cloudflare'];
|
||||
const allowedWithRussiaInside = ['russia_inside', 'meta', 'twitter', 'discord', 'telegram', 'cloudflare', 'google_ai', 'google_play', 'hetzner', 'ovh'];
|
||||
const removedServices = newValues.filter(v => !allowedWithRussiaInside.includes(v));
|
||||
if (removedServices.length > 0) {
|
||||
newValues = newValues.filter(v => allowedWithRussiaInside.includes(v));
|
||||
notifications.push(E('p', { class: 'alert-message warning' }, [
|
||||
E('strong', {}, _('Russia inside restrictions')), E('br'),
|
||||
_('Warning: Russia inside can only be used with Meta, Twitter, Discord, Cloudflare and Telegram. %s already in Russia inside and have been removed from selection.')
|
||||
_('Warning: Russia inside can only be used with Meta, Twitter, Discord, Cloudflare, Google AI, Google Play, Hetzner, OVH and Telegram. %s already in Russia inside and have been removed from selection.')
|
||||
.format(removedServices.join(', '))
|
||||
]));
|
||||
}
|
||||
@@ -676,7 +681,7 @@ const showConfigModal = async (command, title) => {
|
||||
E('button', {
|
||||
'class': 'btn',
|
||||
'id': 'copy-button',
|
||||
'click': ev => copyToClipboard(document.getElementById('modal-content-pre').innerText, ev.target)
|
||||
'click': ev => copyToClipboard('```txt\n' + document.getElementById('modal-content-pre').innerText + '\n```', ev.target)
|
||||
}, _('Copy to Clipboard')),
|
||||
E('button', {
|
||||
'class': 'btn',
|
||||
@@ -842,7 +847,7 @@ const createStatusPanel = (title, status, buttons, extraData = {}) => {
|
||||
ButtonFactory.createModalButton({
|
||||
label: E('strong', _('Global check')),
|
||||
command: 'global_check',
|
||||
title: _('Click here for all the info')
|
||||
title: _('Global check')
|
||||
}),
|
||||
ButtonFactory.createModalButton({
|
||||
label: 'View Logs',
|
||||
@@ -1121,6 +1126,64 @@ function stopErrorPolling() {
|
||||
}
|
||||
}
|
||||
|
||||
async function checkFakeIP() {
|
||||
const createStatus = (state, message, color) => ({
|
||||
state,
|
||||
message: _(message),
|
||||
color: STATUS_COLORS[color]
|
||||
});
|
||||
|
||||
try {
|
||||
const controller = new AbortController();
|
||||
const timeoutId = setTimeout(() => controller.abort(), FETCH_TIMEOUT);
|
||||
|
||||
try {
|
||||
const response = await fetch('https://fakeip.podkop.fyi/check', { signal: controller.signal });
|
||||
const data = await response.json();
|
||||
clearTimeout(timeoutId);
|
||||
|
||||
if (data.fakeip === true) {
|
||||
return createStatus('working', 'working', 'SUCCESS');
|
||||
} else {
|
||||
return createStatus('not_working', 'not working', 'ERROR');
|
||||
}
|
||||
} catch (fetchError) {
|
||||
clearTimeout(timeoutId);
|
||||
const message = fetchError.name === 'AbortError' ? 'timeout' : 'check error';
|
||||
return createStatus('error', message, 'WARNING');
|
||||
}
|
||||
} catch (error) {
|
||||
return createStatus('error', 'check error', 'WARNING');
|
||||
}
|
||||
}
|
||||
|
||||
async function checkFakeIPCLI() {
|
||||
const createStatus = (state, message, color) => ({
|
||||
state,
|
||||
message: _(message),
|
||||
color: STATUS_COLORS[color]
|
||||
});
|
||||
|
||||
try {
|
||||
const singboxStatusResult = await safeExec('/usr/bin/podkop', ['get_sing_box_status']);
|
||||
const singboxStatus = JSON.parse(singboxStatusResult.stdout || '{"running":0,"dns_configured":0}');
|
||||
|
||||
if (!singboxStatus.running) {
|
||||
return createStatus('not_working', 'sing-box not running', 'ERROR');
|
||||
}
|
||||
|
||||
const result = await safeExec('nslookup', ['-timeout=2', 'fakeip.podkop.fyi', '127.0.0.42']);
|
||||
|
||||
if (result.stdout && result.stdout.includes('198.18')) {
|
||||
return createStatus('working', 'working on router', 'SUCCESS');
|
||||
} else {
|
||||
return createStatus('not_working', 'not working on router', 'ERROR');
|
||||
}
|
||||
} catch (error) {
|
||||
return createStatus('error', 'CLI check error', 'WARNING');
|
||||
}
|
||||
}
|
||||
|
||||
return view.extend({
|
||||
async render() {
|
||||
document.head.insertAdjacentHTML('beforeend', `
|
||||
@@ -1369,81 +1432,6 @@ return view.extend({
|
||||
}
|
||||
}
|
||||
|
||||
function checkFakeIP() {
|
||||
const createStatus = (state, message, color) => ({
|
||||
state,
|
||||
message: _(message),
|
||||
color: STATUS_COLORS[color]
|
||||
});
|
||||
|
||||
return new Promise(async (resolve) => {
|
||||
try {
|
||||
const singboxStatusResult = await safeExec('/usr/bin/podkop', ['get_sing_box_status']);
|
||||
const singboxStatus = JSON.parse(singboxStatusResult.stdout || '{"running":0,"dns_configured":0}');
|
||||
|
||||
if (!singboxStatus.running) {
|
||||
return resolve(createStatus('not_working', 'sing-box not running', 'ERROR'));
|
||||
}
|
||||
if (!singboxStatus.dns_configured) {
|
||||
return resolve(createStatus('not_working', 'DNS not configured', 'ERROR'));
|
||||
}
|
||||
|
||||
const controller = new AbortController();
|
||||
const timeoutId = setTimeout(() => controller.abort(), FETCH_TIMEOUT);
|
||||
|
||||
try {
|
||||
const response = await fetch('https://fakeip.podkop.fyi/check', { signal: controller.signal });
|
||||
const data = await response.json();
|
||||
clearTimeout(timeoutId);
|
||||
|
||||
if (data.fakeip === true) {
|
||||
return resolve(createStatus('working', 'working', 'SUCCESS'));
|
||||
} else {
|
||||
return resolve(createStatus('not_working', 'not working', 'ERROR'));
|
||||
}
|
||||
} catch (fetchError) {
|
||||
clearTimeout(timeoutId);
|
||||
const message = fetchError.name === 'AbortError' ? 'timeout' : 'check error';
|
||||
return resolve(createStatus('error', message, 'WARNING'));
|
||||
}
|
||||
} catch (error) {
|
||||
return resolve(createStatus('error', 'check error', 'WARNING'));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function checkFakeIPCLI() {
|
||||
const createStatus = (state, message, color) => ({
|
||||
state,
|
||||
message: _(message),
|
||||
color: STATUS_COLORS[color]
|
||||
});
|
||||
|
||||
return new Promise(async (resolve) => {
|
||||
try {
|
||||
const singboxStatusResult = await safeExec('/usr/bin/podkop', ['get_sing_box_status']);
|
||||
const singboxStatus = JSON.parse(singboxStatusResult.stdout || '{"running":0,"dns_configured":0}');
|
||||
|
||||
if (!singboxStatus.running) {
|
||||
return resolve(createStatus('not_working', 'sing-box not running', 'ERROR'));
|
||||
}
|
||||
if (!singboxStatus.dns_configured) {
|
||||
return resolve(createStatus('not_working', 'DNS not configured', 'ERROR'));
|
||||
}
|
||||
|
||||
const result = await safeExec('nslookup', ['-timeout=2', 'fakeip.podkop.fyi', '127.0.0.42']);
|
||||
|
||||
if (result.stdout && result.stdout.includes('198.18')) {
|
||||
return resolve(createStatus('working', 'working on router', 'SUCCESS'));
|
||||
} else {
|
||||
return resolve(createStatus('not_working', 'not working on router', 'ERROR'));
|
||||
}
|
||||
} catch (error) {
|
||||
return resolve(createStatus('error', 'CLI check error', 'WARNING'));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function checkBypass() {
|
||||
const createStatus = (state, message, color) => ({
|
||||
state,
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=podkop
|
||||
PKG_VERSION:=0.3.49
|
||||
PKG_VERSION:=0.4.0
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_MAINTAINER:=ITDog <podkop@itdog.info>
|
||||
|
||||
@@ -16,9 +16,11 @@ SUBNETS_META="${GITHUB_RAW_URL}/Subnets/IPv4/meta.lst"
|
||||
SUBNETS_DISCORD="${GITHUB_RAW_URL}/Subnets/IPv4/discord.lst"
|
||||
SUBNETS_TELERAM="${GITHUB_RAW_URL}/Subnets/IPv4/telegram.lst"
|
||||
SUBNETS_CLOUDFLARE="${GITHUB_RAW_URL}/Subnets/IPv4/cloudflare.lst"
|
||||
SUBNETS_HETZNER="${GITHUB_RAW_URL}/Subnets/IPv4/hetzner.lst"
|
||||
SUBNETS_OVH="${GITHUB_RAW_URL}/Subnets/IPv4/ovh.lst"
|
||||
SING_BOX_CONFIG="/etc/sing-box/config.json"
|
||||
FAKEIP="198.18.0.0/15"
|
||||
VALID_SERVICES="russia_inside russia_outside ukraine_inside geoblock block porn news anime youtube discord meta twitter hdrezka tiktok telegram cloudflare"
|
||||
VALID_SERVICES="russia_inside russia_outside ukraine_inside geoblock block porn news anime youtube discord meta twitter hdrezka tiktok telegram cloudflare google_ai google_play hetzner ovh"
|
||||
DNS_RESOLVERS="1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 9.9.9.9 9.9.9.11 94.140.14.14 94.140.15.15 208.67.220.220 208.67.222.222 77.88.8.1 77.88.8.8"
|
||||
TEST_DOMAIN="fakeip.podkop.fyi"
|
||||
INTERFACES_LIST=""
|
||||
@@ -1448,6 +1450,12 @@ list_subnets_download() {
|
||||
"cloudflare")
|
||||
URL=$SUBNETS_CLOUDFLARE
|
||||
;;
|
||||
"hetzner")
|
||||
URL=$SUBNETS_HETZNER
|
||||
;;
|
||||
"ovh")
|
||||
URL=$SUBNETS_OVH
|
||||
;;
|
||||
"discord")
|
||||
URL=$SUBNETS_DISCORD
|
||||
nft add set inet $table podkop_discord_subnets { type ipv4_addr\; flags interval\; auto-merge\; }
|
||||
@@ -2212,30 +2220,45 @@ check_dns_available() {
|
||||
|
||||
if [ "$dns_type" = "doh" ]; then
|
||||
# Generate random DNS query ID (2 bytes)
|
||||
local random_id=$(head -c2 /dev/urandom | hexdump -ve '1/1 "%.2x"')
|
||||
# Create DNS wire format query for google.com A record with random ID
|
||||
local dns_query=$(printf "\x${random_id:0:2}\x${random_id:2:2}\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www\x06google\x03com\x00\x00\x01\x00\x01" | base64)
|
||||
|
||||
# Try POST method first (RFC 8484 compliant)
|
||||
local result=$(echo "$dns_query" | base64 -d | curl -H "Content-Type: application/dns-message" \
|
||||
-H "Accept: application/dns-message" \
|
||||
--data-binary @- \
|
||||
--connect-timeout 5 -s \
|
||||
"https://$dns_server/dns-query" 2>/dev/null)
|
||||
|
||||
if [ $? -eq 0 ] && [ -n "$result" ]; then
|
||||
is_available=1
|
||||
status="available"
|
||||
local random_id=$(head -c2 /dev/urandom | hexdump -ve '1/1 "%.2x"' 2>/dev/null)
|
||||
if [ $? -ne 0 ]; then
|
||||
error_message="Failed to generate random ID"
|
||||
status="internal error"
|
||||
else
|
||||
# Try GET method as fallback, remove padding from base64
|
||||
local dns_query_no_padding=$(echo "$dns_query" | tr -d '=')
|
||||
result=$(curl -H "accept: application/dns-message" \
|
||||
--connect-timeout 5 -s \
|
||||
"https://$dns_server/dns-query?dns=$dns_query_no_padding" 2>/dev/null)
|
||||
|
||||
if [ $? -eq 0 ] && [ -n "$result" ]; then
|
||||
is_available=1
|
||||
status="available"
|
||||
# Create DNS wire format query for google.com A record with random ID
|
||||
local dns_query=$(printf "\x${random_id:0:2}\x${random_id:2:2}\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www\x06google\x03com\x00\x00\x01\x00\x01" | base64 2>/dev/null)
|
||||
if [ $? -ne 0 ]; then
|
||||
error_message="Failed to generate DNS query"
|
||||
status="internal error"
|
||||
else
|
||||
# Try POST method first (RFC 8484 compliant) with shorter timeout
|
||||
local result=$(echo "$dns_query" | base64 -d 2>/dev/null | curl -H "Content-Type: application/dns-message" \
|
||||
-H "Accept: application/dns-message" \
|
||||
--data-binary @- \
|
||||
--max-time 2 \
|
||||
--connect-timeout 1 \
|
||||
-s \
|
||||
"https://$dns_server/dns-query" 2>/dev/null)
|
||||
|
||||
if [ $? -eq 0 ] && [ -n "$result" ]; then
|
||||
is_available=1
|
||||
status="available"
|
||||
else
|
||||
# Try GET method as fallback with shorter timeout
|
||||
local dns_query_no_padding=$(echo "$dns_query" | tr -d '=' 2>/dev/null)
|
||||
result=$(curl -H "accept: application/dns-message" \
|
||||
--max-time 2 \
|
||||
--connect-timeout 1 \
|
||||
-s \
|
||||
"https://$dns_server/dns-query?dns=$dns_query_no_padding" 2>/dev/null)
|
||||
|
||||
if [ $? -eq 0 ] && [ -n "$result" ]; then
|
||||
is_available=1
|
||||
status="available"
|
||||
else
|
||||
error_message="DoH server not responding"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
elif [ "$dns_type" = "dot" ]; then
|
||||
@@ -2441,6 +2464,40 @@ global_check() {
|
||||
fi
|
||||
}
|
||||
|
||||
show_help() {
|
||||
cat << EOF
|
||||
Usage: $0 COMMAND
|
||||
|
||||
Available commands:
|
||||
start Start podkop service
|
||||
stop Stop podkop service
|
||||
reload Reload podkop configuration
|
||||
restart Restart podkop service
|
||||
enable Enable podkop autostart
|
||||
disable Disable podkop autostart
|
||||
main Run main podkop process
|
||||
list_update Update domain lists
|
||||
check_proxy Check proxy connectivity
|
||||
check_nft Check NFT rules
|
||||
check_github Check GitHub connectivity
|
||||
check_logs Show podkop logs from system journal
|
||||
check_sing_box_connections Show active sing-box connections
|
||||
check_sing_box_logs Show sing-box logs
|
||||
check_fakeip Check FakeIP DNS functionality
|
||||
check_dnsmasq Check DNSMasq configuration
|
||||
show_config Display current podkop configuration
|
||||
show_version Show podkop version
|
||||
show_sing_box_config Show sing-box configuration
|
||||
show_luci_version Show LuCI app version
|
||||
show_sing_box_version Show sing-box version
|
||||
show_system_info Show system information
|
||||
get_status Get podkop service status
|
||||
get_sing_box_status Get sing-box service status
|
||||
check_dns_available Check DNS server availability
|
||||
global_check Run global system check
|
||||
EOF
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
@@ -2515,7 +2572,7 @@ case "$1" in
|
||||
global_check
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|reload|restart|enable|disable|main|list_update|check_proxy|check_nft|check_github|check_logs|check_sing_box_connections|check_sing_box_logs|check_fakeip|check_dnsmasq|show_config|show_version|show_sing_box_config|show_luci_version|show_sing_box_version|show_system_info|get_status|get_sing_box_status|check_dns_available|global_check}"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
Reference in New Issue
Block a user