config: Add new options to reset settings dialog (choice of NFQWS strategy)

2025-12-31 03:48:17 +03:00 · 2025-12-12 12:27:18 +03:00
parent 6ea3432d0c
commit 18b9394679
5 changed files with 348 additions and 37 deletions
--- a/zapret/comfunc.sh
+++ b/zapret/comfunc.sh
@@ -108,12 +108,14 @@ function restore_all_ipset_cfg

 function create_default_cfg
 {
-	local cfgname=${1:-$ZAPRET_CFG_NAME}
+	local opt_flags=${1:--}
+	local opt_strat=$2
+	local cfgname=${3:-$ZAPRET_CFG_NAME}
 	local cfgfile=/etc/config/$cfgname
 	rm -f $cfgfile
 	touch $cfgfile
 	uci set $cfgname.config=main
-	set_cfg_default_values $cfgname
+	set_cfg_default_values "$opt_flags" "$opt_strat" $cfgname
 	return 0
 }

@@ -128,7 +130,7 @@ function merge_cfg_with_def_values
 	local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
 	[ -z "$cfg_sec_name" ] && create_default_cfg

-	create_default_cfg "$NEWCFGNAME"
+	create_default_cfg "-" "" "$NEWCFGNAME"
 	[ ! -f "$NEWCFGFILE" ] && return 1 

 	uci -m -f $cfgfile import "$NEWCFGNAME"
--- a/zapret/def-cfg.sh
+++ b/zapret/def-cfg.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 # Copyright (c) 2024 remittor

-function set_cfg_default_values
+function set_cfg_reset_values
 {
 	local cfgname=${1:-$ZAPRET_CFG_NAME}
 	local TAB="$( echo -n -e '\t' )"
@@ -38,31 +38,250 @@ function set_cfg_default_values
 		set $cfgname.config.NFQWS_UDP_PKT_IN='0'
 		set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0'
 		set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0'
-		set $cfgname.config.NFQWS_OPT="
-			--filter-tcp=443
-			--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
-			--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
-			--hostlist-exclude-domains=openwrt.org
-			--dpi-desync=fake,fakeddisorder
-			--dpi-desync-split-pos=10,midsld
-			--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
-			--dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com
-			--dpi-desync-fake-tls=0x0F0F0F0F
-			--dpi-desync-fake-tls-mod=none
-			--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
-			--dpi-desync-split-seqovl=336
-			--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin
-			--dpi-desync-fooling=badseq,badsum
-			--dpi-desync-badseq-increment=0
-			--new
-			--filter-udp=443
-			--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
-			--dpi-desync=fake
-			--dpi-desync-repeats=6
-			--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
-		"
 		# save changes
 		commit $cfgname
 	EOF
 	return 0
 }
+
+function clear_nfqws_strat
+{
+	local cfgname=${1:-$ZAPRET_CFG_NAME}
+	local TAB="$( echo -n -e '\t' )"
+	uci batch <<-EOF
+		set $cfgname.config.MODE_FILTER='hostlist'
+		set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+		set $cfgname.config.NFQWS_PORTS_UDP='443'
+		set $cfgname.config.NFQWS_OPT='$TAB'
+		commit $cfgname
+	EOF
+}
+
+function set_cfg_nfqws_strat
+{
+	local strat=${1:--}
+	local cfgname=${2:-$ZAPRET_CFG_NAME}
+	local TAB="$( echo -n -e '\t' )"
+    
+	uci batch <<-EOF
+		set $cfgname.config.MODE_FILTER='hostlist'
+		commit $cfgname
+	EOF
+	if [ "$strat" = "empty" ]; then
+		clear_nfqws_strat $cfgname
+	fi
+	if [ "$strat" = "v1_by_StressOzz" ]; then
+		uci batch <<-EOF
+			set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+			set $cfgname.config.NFQWS_PORTS_UDP='443'
+			set $cfgname.config.NFQWS_OPT="
+				# Strategy $strat
+				
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
+				--hostlist-auto=/opt/zapret/ipset/zapret-hosts-auto.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake,multidisorder
+				--dpi-desync-split-seqovl=681
+				--dpi-desync-split-pos=1
+				--dpi-desync-fooling=badseq
+				--dpi-desync-badseq-increment=10000000
+				--dpi-desync-repeats=2
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
+				--dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com
+				
+				--new
+				--filter-udp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake
+				--dpi-desync-repeats=6
+				--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
+			"
+			commit $cfgname
+		EOF
+	fi
+	if [ "$strat" = "v2_by_StressOzz" ]; then
+		uci batch <<-EOF
+			set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+			set $cfgname.config.NFQWS_PORTS_UDP='443'
+			set $cfgname.config.NFQWS_OPT="
+				# Strategy $strat
+				
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
+				--hostlist-auto=/opt/zapret/ipset/zapret-hosts-auto.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--dpi-desync=fake,fakeddisorder
+				--dpi-desync-split-pos=10,midsld
+				--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
+				--dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com
+				--dpi-desync-fake-tls=0x0F0F0F0F
+				--dpi-desync-fake-tls-mod=none
+				--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
+				--dpi-desync-split-seqovl=336
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin
+				--dpi-desync-fooling=badseq,badsum
+				--dpi-desync-badseq-increment=0
+				
+				--new
+				--filter-udp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake
+				--dpi-desync-repeats=6
+				--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
+			"
+			commit $cfgname
+		EOF
+	fi
+	if [ "$strat" = "v3_by_StressOzz" ]; then
+		uci batch <<-EOF
+			set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+			set $cfgname.config.NFQWS_PORTS_UDP='443'
+			set $cfgname.config.NFQWS_OPT="
+				# Strategy $strat
+				
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
+				--hostlist-auto=/opt/zapret/ipset/zapret-hosts-auto.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--dpi-desync=fake,fakeddisorder
+				--dpi-desync-split-pos=10,midsld
+				--dpi-desync-fake-tls=/opt/zapret/files/fake/t2.bin
+				--dpi-desync-fake-tls-mod=rnd,dupsid,sni=m.ok.ru
+				--dpi-desync-fake-tls=0x0F0F0F0F
+				--dpi-desync-fake-tls-mod=none
+				--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
+				--dpi-desync-split-seqovl=336
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin
+				--dpi-desync-fooling=badseq,badsum
+				--dpi-desync-badseq-increment=0
+				
+				--new
+				--filter-udp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake
+				--dpi-desync-repeats=6
+				--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
+			"
+			commit $cfgname
+		EOF
+	fi
+	if [ "$strat" = "v4_by_StressOzz" ]; then
+		uci batch <<-EOF
+			set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+			set $cfgname.config.NFQWS_PORTS_UDP='443'
+			set $cfgname.config.NFQWS_OPT="
+				# Strategy $strat
+				
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--dpi-desync=fake,multisplit
+				--dpi-desync-split-pos=2,sld
+				--dpi-desync-fake-tls=0x0F0F0F0F
+				--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
+				--dpi-desync-fake-tls-mod=rnd,dupsid,sni=google.com
+				--dpi-desync-split-seqovl=2108
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
+				--dpi-desync-fooling=badseq
+				
+				--new
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
+				--hostlist-auto=/opt/zapret/ipset/zapret-hosts-auto.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--dpi-desync-any-protocol=1
+				--dpi-desync-cutoff=n5
+				--dpi-desync=multisplit
+				--dpi-desync-split-seqovl=582
+				--dpi-desync-split-pos=1
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/4pda.bin
+				
+				--new
+				--filter-udp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake
+				--dpi-desync-repeats=6
+				--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
+			"
+			commit $cfgname
+		EOF
+	fi
+	if [ "$strat" = "v5_by_StressOzz" ]; then
+		uci batch <<-EOF
+			set $cfgname.config.NFQWS_PORTS_TCP='80,443'
+			set $cfgname.config.NFQWS_PORTS_UDP='443'
+			set $cfgname.config.NFQWS_OPT="
+				# Strategy $strat
+				
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--ip-id=zero
+				--dpi-desync=multisplit
+				--dpi-desync-split-seqovl=681
+				--dpi-desync-split-pos=1
+				--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
+				
+				--new
+				--filter-tcp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-user.txt
+				--hostlist-auto=/opt/zapret/ipset/zapret-hosts-auto.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--hostlist-exclude-domains=openwrt.org
+				--dpi-desync=fake,fakeddisorder
+				--dpi-desync-split-pos=10,midsld
+				--dpi-desync-fake-tls=/opt/zapret/files/fake/max.bin
+				--dpi-desync-fake-tls-mod=rnd,dupsid
+				--dpi-desync-fake-tls=0x0F0F0F0F
+				--dpi-desync-fake-tls-mod=none
+				--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
+				--dpi-desync-fooling=badseq,badsum
+				--dpi-desync-badseq-increment=0
+				
+				--new
+				--filter-udp=443
+				--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
+				--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
+				--dpi-desync=fake
+				--dpi-desync-repeats=6
+				--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
+			"
+			commit $cfgname
+		EOF
+	fi
+	return 0
+}
+
+function set_cfg_default_values
+{
+	local opt_flags=${1:--}
+	local opt_strat=${2:-v2_by_StressOzz}
+	local cfgname=${3:-$ZAPRET_CFG_NAME}
+
+	if ! echo "$opt_flags" | grep -q "(skip_base)"; then
+		set_cfg_reset_values $cfgname
+	fi
+	if [ "$opt_strat" != "-" ]; then
+		set_cfg_nfqws_strat "$opt_strat" $cfgname
+	fi
+	if echo "$opt_flags" | grep -q "(set_mode_autohostlist)"; then
+		uci batch <<-EOF
+			set $cfgname.config.MODE_FILTER='autohostlist'
+			commit $cfgname
+		EOF
+	fi
+	return 0
+}
--- a/zapret/restore-def-cfg.sh
+++ b/zapret/restore-def-cfg.sh
@@ -5,15 +5,29 @@

 cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )"

-restore_all_ipset_cfg
-create_default_cfg
+opt_flags=${1:--}
+opt_strat=$2
+
+if echo "$opt_flags" | grep -q "(reset_ipset)"; then
+	restore_all_ipset_cfg
+fi
+	
+create_default_cfg "$opt_flags" "$opt_strat"

 if [ "$cfg_run_on_boot" = "1" ]; then
 	uci set zapret.config.run_on_boot=1
 	uci commit
 fi

-if [ "$1" = "sync" ]; then
+ZAPRET_SYNC_CONFIG=0
+if [ "$opt_flags" = "sync" ]; then
+	ZAPRET_SYNC_CONFIG=1
+fi
+if echo "$opt_flags" | grep -q "(sync)"; then
+	ZAPRET_SYNC_CONFIG=1
+fi
+
+if [ "$ZAPRET_SYNC_CONFIG" = "1" ]; then
 	# renew main config
 	/opt/zapret/sync_config.sh
 fi