v0.4.6

br_netfilter. Cache size unset. Mixed & source_ip_cidr
unnecessary check
2025-12-07 12:06:56 +03:00 · 2025-06-30 16:27:44 +03:00 · 2025-06-30 16:26:31 +03:00 · 2025-06-30 16:24:33 +03:00 · 2025-06-27 23:54:52 +03:00 · 2025-06-27 23:54:31 +03:00
6 changed files with 20 additions and 17 deletions
--- a/luci-app-podkop/Makefile
+++ b/luci-app-podkop/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=luci-app-podkop
-PKG_VERSION:=0.4.5
+PKG_VERSION:=0.4.6
 PKG_RELEASE:=1

 LUCI_TITLE:=LuCI podkop app
--- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/configSection.js
+++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/configSection.js
@@ -179,10 +179,6 @@ function createConfigSection(section, map, network) {
                    if (!params.get('pbk')) return _('Invalid VLESS URL: missing pbk parameter for reality security');
                    if (!params.get('fp')) return _('Invalid VLESS URL: missing fp parameter for reality security');
                }
-
-                if (security === 'tls' && type !== 'tcp' && !params.get('sni')) {
-                    return _('Invalid VLESS URL: missing sni parameter for tls security');
-                }
            }

            return true;
--- a/podkop/Makefile
+++ b/podkop/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=podkop
-PKG_VERSION:=0.4.5
+PKG_VERSION:=0.4.6
 PKG_RELEASE:=1

 PKG_MAINTAINER:=ITDog <podkop@itdog.info>
--- a/podkop/files/etc/config/podkop
+++ b/podkop/files/etc/config/podkop
@@ -35,7 +35,7 @@ config main 'main'
 	option dns_server '8.8.8.8'
 	option split_dns_enabled '1'
 	option split_dns_type 'udp'
-	option split_dns_server '8.8.8.8'
+	option split_dns_server '1.1.1.1'
 	option dns_rewrite_ttl '60'
 	option cache_file '/tmp/cache.db'
 	list iface 'br-lan'
--- a/podkop/files/etc/init.d/podkop
+++ b/podkop/files/etc/init.d/podkop
@@ -35,12 +35,14 @@ service_triggers() {
 	config_get mon_restart_ifaces "main" "mon_restart_ifaces"
 	config_get restart_ifaces "main" "restart_ifaces"

+    PROCD_RELOAD_DELAY=2000
+
 	procd_open_trigger
 		procd_add_config_trigger "config.change" "$NAME" "$initscript" restart 'on_config_change'

        if [ "$mon_restart_ifaces" = "1" ]; then
 			for iface in $restart_ifaces; do
-				procd_add_reload_interface_trigger $iface
+            	procd_add_interface_trigger "interface.*.up" "$iface" /etc/init.d/podkop reload
 			done
 		fi
 	procd_close_trigger
--- a/podkop/files/usr/bin/podkop
+++ b/podkop/files/usr/bin/podkop
@@ -69,10 +69,6 @@ start_main() {
        exit 1
    fi

-    if opkg list-installed | grep -q iptables-mod-extra; then
-        log "[critical] Conflicting package detected: iptables-mod-extra"
-    fi
-
    if grep -qE 'doh_backup_noresolv|doh_backup_server|doh_server' /etc/config/dhcp; then
        log "[critical] Detected https-dns-proxy in dhcp config. Edit /etc/config/dhcp"
    fi
@@ -80,6 +76,8 @@ start_main() {
    migration

    config_foreach process_validate_service
+    
+    br_netfilter_disable

    # Sync time for DoH/DoT
    /usr/sbin/ntpd -q -p 194.190.168.1 -p 216.239.35.0 -p 216.239.35.4 -p 162.159.200.1 -p 162.159.200.123
@@ -302,6 +300,14 @@ process_validate_service() {
    fi
 }

+br_netfilter_disable() {
+    if lsmod | grep -q br_netfilter && [ "$(sysctl -n net.bridge.bridge-nf-call-iptables 2>/dev/null)" = "1" ]; then
+        log "br_netfilter enabled detected. Disabling"
+        sysctl -w net.bridge.bridge-nf-call-iptables=0
+        sysctl -w net.bridge.bridge-nf-call-ip6tables=0
+	fi
+}
+
 # Main funcs

 route_table_rule_mark() {
@@ -419,8 +425,9 @@ dnsmasq_restore() {
    log "Removing configuration for dnsmasq"

    local cachesize=$(uci get dhcp.@dnsmasq[0].podkop_cachesize 2>/dev/null)
-    if [ -z "$cachesize" ]; then
+    if [[ "$cachesize" == "unset" ]]; then
        log "dnsmasq revert: cachesize is unset"
+        uci -q delete dhcp.@dnsmasq[0].cachesize
    else
        uci set dhcp.@dnsmasq[0].cachesize="$cachesize"
    fi
@@ -1810,15 +1817,13 @@ sing_box_rules_source_ip_cidr() {
    local source_ip_cidr="$1"
    local outbound="$2"

-    local current_source_ip_cidr=$(jq -r '.route.rules[] | select(.outbound == "'"$outbound"'" and .action == "route" and (.rule_set | not))' $SING_BOX_CONFIG)
-
+    local current_source_ip_cidr=$(jq -r '.route.rules[] | select(.outbound == "'"$outbound"'" and .action == "route" and .source_ip_cidr and (.inbound // [] | contains(["tproxy-in"])))' $SING_BOX_CONFIG)

    if [[ -n "$current_source_ip_cidr" ]]; then
        jq \
        --arg source_ip_cidr "$source_ip_cidr" \
        --arg outbound "$outbound" \
-        '(.route.rules[] | select(.outbound == $outbound and .action == "route" and (.rule_set | not)) | .source_ip_cidr) += [$source_ip_cidr]' \
-        "$SING_BOX_CONFIG" | build_sing_box_config
+        '(.route.rules[] | select(.outbound == $outbound and .action == "route" and .source_ip_cidr and (.inbound // [] | contains(["tproxy-in"]))) | .source_ip_cidr) += [$source_ip_cidr]' "$SING_BOX_CONFIG" | build_sing_box_config
    else
        jq \
        --arg source_ip_cidr "$source_ip_cidr" \
Author	SHA1	Message	Date
itdoginfo	25b0dcaad5	v0.4.6	2025-06-30 16:27:44 +03:00
itdoginfo	cc59e756dd	br_netfilter. Cache size unset. Mixed & source_ip_cidr	2025-06-30 16:26:31 +03:00
itdoginfo	210714c499	unnecessary check	2025-06-30 16:24:33 +03:00
itdoginfo	8b6c336584	Change to 1.1.1.1	2025-06-27 23:54:52 +03:00
itdoginfo	5c543c1608	Change to procd_add_interface_trigger. Added PROCD_RELOAD_DELAY	2025-06-27 23:54:31 +03:00