diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 46470c7..5009daf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -208,7 +208,7 @@ jobs: shell: bash run: | PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt - MKFN=$PKGDIR/luci-app-zapret/Makefile + MKFN=$PKGDIR/luci-app-zapret2/Makefile PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 ) PKGREL=$( grep -s '^PKG_RELEASE:=.*' $MKFN | cut -d'=' -f2 ) [ "$PKGREL" != "1" ] && PKGVER=$PKGVER-r$PKGREL @@ -252,9 +252,9 @@ jobs: cat .config echo "------------- .config END -------------------" if [ "$ARCH" = "$LUCI_ARCH" ]; then - PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile` + PKGLIST=`echo package/zapret-openwrt/{zapret2,zapret2-mdig,zapret2-ip2net,luci-app-zapret2}/compile` else - PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net}/compile` + PKGLIST=`echo package/zapret-openwrt/{zapret2,zapret2-mdig,zapret2-ip2net}/compile` fi if [ "$MAX_SPEED" = "false" ]; then make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1 @@ -264,11 +264,11 @@ jobs: else OUT_DIR=./bin/packages/dev_x/base mkdir -p $OUT_DIR - touch $OUT_DIR/zapret_$PKGVER-$ARCH.$PKGTYPE - touch $OUT_DIR/luci-app-zapret_$PKGVER-all.$PKGTYPE + touch $OUT_DIR/zapret2_$PKGVER-$ARCH.$PKGTYPE + touch $OUT_DIR/luci-app-zapret2_$PKGVER-all.$PKGTYPE fi - find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete + find ./bin/packages/*/base -type f ! -regex ".*\(zapret2\).*\.[ai]pk$" -delete #echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source" #ln -s `which usign` staging_dir/host/bin/usign @@ -339,7 +339,7 @@ jobs: find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \; find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \; mkdir -p public - find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \; + find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret2_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \; ls -lh ./public/*.zip - name: Upload assets @@ -351,7 +351,7 @@ jobs: draft: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }} prerelease: true tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }} - name: zapret v${{ needs.build.outputs.pkgver }} + name: zapret2 v${{ needs.build.outputs.pkgver }} body: | - zapret v${{ needs.build.outputs.pkgver }} for OpenWrt + zapret2 v${{ needs.build.outputs.pkgver }} for OpenWrt files: ./public/*.zip diff --git a/README.md b/README.md index 22ea836..4d1f5d5 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ [![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate) # zapret-openwrt -Zapret is not a VPN! Zapret is an Anti-DPI utility! +Zapret2 is not a VPN! Zapret2 is an Anti-DPI utility! [Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapret‐openwrt-package) diff --git a/luci-app-zapret/Makefile b/luci-app-zapret/Makefile index 698a9a6..87d982e 100644 --- a/luci-app-zapret/Makefile +++ b/luci-app-zapret/Makefile @@ -4,14 +4,14 @@ include $(TOPDIR)/rules.mk -PKG_NAME:=luci-app-zapret -PKG_VERSION:=72.20251218 +PKG_NAME:=luci-app-zapret2 +PKG_VERSION:=0.7.20251218 PKG_RELEASE:=1 PKG_LICENSE:=MIT PKG_MAINTAINER:=remittor -LUCI_TITLE:=LuCI support for zapret -LUCI_DEPENDS:=+zapret +LUCI_TITLE:=LuCI support for zapret2 +LUCI_DEPENDS:=+zapret2 LUCI_PKGARCH:=all define Package/$(PKG_NAME)/postinst diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js index 3e0f7b2..3329db1 100644 --- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js +++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js @@ -11,7 +11,7 @@ return view.extend({ retrieveLog: async function() { return Promise.all([ L.resolveDefault(fs.stat('/bin/cat'), null), - fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret+*.log' ]), + fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret2+*.log' ]), uci.load(tools.appName), ]).then(function(status_array) { var filereader = status_array[0] ? status_array[0].path : null; @@ -130,7 +130,7 @@ return view.extend({ return; } var h2 = E('div', {'class' : 'cbi-title-section'}, [ - E('h2', {'class': 'cbi-title-field'}, [ _('Zapret') + ' - ' + _('Log Viewer') ]), + E('h2', {'class': 'cbi-title-field'}, [ _('Zapret2') + ' - ' + _('Log Viewer') ]), ]); var tabs = E('div', {}, E('div')); @@ -140,7 +140,7 @@ return view.extend({ var logfn = logdata[log_num].filename; let filename = logfn.replace(/.*\//, ''); let fname = filename.split('.')[0]; - fname = fname.replace(/^(zapret\+)/, ''); + fname = fname.replace(/^(zapret2\+)/, ''); let fn = fname.split('+'); let tabNameText = fname.replace(/\+/g, ' '); diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js index 07aa45a..699b3ba 100644 --- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js +++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js @@ -4,8 +4,8 @@ 'require uci'; 'require ui'; 'require view'; -'require view.zapret.tools as tools'; -'require view.zapret.updater as updater'; +'require view.zapret2.tools as tools'; +'require view.zapret2.updater as updater'; const btn_style_neutral = 'btn'; const btn_style_action = 'btn cbi-button-action'; @@ -55,7 +55,7 @@ return view.extend({ ]).catch(e => { ui.addNotification(null, E('p', _('Unable to execute or read contents') + ': %s [ %s | %s | %s ]'.format( - e.message, tools.execPath, 'tools.getInitState', 'uci.zapret' + e.message, tools.execPath, 'tools.getInitState', 'uci.zapret2' ))); }); }, @@ -249,8 +249,8 @@ return view.extend({ strat_list.push( E('option', { value: 'strat_' + id }, [ strat ] ) ); } let nfqws_strat = E('label', [ - _('NFQWS_OPT strategy: '), - E('select', { id: 'cfg_nfqws_strat' }, strat_list) + _('NFQWS2_OPT strategy: '), + E('select', { id: 'cfg_nfqws2_strat' }, strat_list) ]); let cancel_button = E('button', { @@ -274,7 +274,7 @@ return view.extend({ opt_flags += '(set_mode_autohostlist)'; }; //console.log('RESET: opt_flags = ' + opt_flags); - let sel_strat = document.getElementById('cfg_nfqws_strat'); + let sel_strat = document.getElementById('cfg_nfqws2_strat'); let opt_strat = sel_strat.options[sel_strat.selectedIndex].text; //console.log('RESET: strat = ' + opt_strat); opt_flags += '(sync)'; @@ -399,23 +399,23 @@ return view.extend({ poll.add(L.bind(this.statusPoll, this)); - let page_title = _('Zapret'); + let page_title = _('Zapret2'); let pkgdict = tools.decode_pkg_list(pkg_list.stdout, false); page_title += '   '; - if (pkgdict['zapret'] === undefined || pkgdict['zapret'] == '') { + if (pkgdict['zapret2'] === undefined || pkgdict['zapret2'] == '') { page_title += 'unknown version'; } else { - page_title += 'v' + pkgdict['zapret']; + page_title += 'v' + pkgdict['zapret2']; } let aux1 = E('em'); let aux2 = E('em'); - if (pkgdict['zapret'] != pkgdict['luci-app-zapret']) { - let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret'] + ' [ incorrect version! ]'; + if (pkgdict['zapret2'] != pkgdict['luci-app-zapret2']) { + let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret2'] + ' [ incorrect version! ]'; aux1 = E('div', { 'class': 'label-status error' }, errtxt); aux2 = E('div', { }, ' '); } - let url1 = 'https://github.com/bol-van/zapret'; + let url1 = 'https://github.com/bol-van/zapret2'; let url2 = 'https://github.com/remittor/zapret-openwrt'; return E([ diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js index 0602ea0..d7e90eb 100644 --- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js +++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js @@ -5,7 +5,7 @@ 'require uci'; 'require ui'; 'require view'; -'require view.zapret.tools as tools'; +'require view.zapret2.tools as tools'; return view.extend({ parsers: { }, @@ -48,7 +48,7 @@ return view.extend({ let m, s, o, tabname; - m = new form.Map(tools.appName, _('Zapret') + ' - ' + _('Settings')); + m = new form.Map(tools.appName, _('Zapret2') + ' - ' + _('Settings')); s = m.section(form.NamedSection, 'config'); s.anonymous = true; @@ -106,8 +106,8 @@ return view.extend({ /* NFQWS_OPT_DESYNC tab */ - tabname = 'nfqws_params'; - s.tab(tabname, _('NFQWS options')); + tabname = 'nfqws2_params'; + s.tab(tabname, _('NFQWS2 options')); let add_delim = function(sec, url = null) { let o = sec.taboption(tabname, form.DummyValue, '_hr'); @@ -154,7 +154,7 @@ return view.extend({ btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show(); }; - o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE')); + o = s.taboption(tabname, form.Flag, 'NFQWS2_ENABLE', _('NFQWS2_ENABLE')); o.rmempty = false; o.default = 1; @@ -173,31 +173,31 @@ return view.extend({ o.validate = function(section_id, value) { return true; }; o.write = function(section_id, value) { return form.Value.prototype.write.call(this, section_id, (value == null || value.trim() == '') ? "\t" : value.trim()); }; - o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP')); + o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP', _('NFQWS2_PORTS_TCP')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP')); + o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_UDP', _('NFQWS2_PORTS_UDP')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT')); + o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_OUT', _('NFQWS2_TCP_PKT_OUT')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN')); + o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_IN', _('NFQWS2_TCP_PKT_IN')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT')); + o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_OUT', _('NFQWS2_UDP_PKT_OUT')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN')); + o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_IN', _('NFQWS2_UDP_PKT_IN')); o.rmempty = false; o.datatype = 'string'; - o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE')); + o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP_KEEPALIVE', _('NFQWS2_PORTS_TCP_KEEPALIVE')); o.rmempty = false; o.datatype = 'uinteger'; @@ -206,7 +206,7 @@ return view.extend({ o.datatype = 'uinteger'; add_delim(s, tools.nfqws_opt_url); - add_param(s, 'NFQWS_OPT', null, 21, 2); + add_param(s, 'NFQWS2_OPT', null, 21, 2); /* AutoHostList settings */ diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js index 1cc5e7e..2677a0a 100644 --- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js +++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js @@ -36,32 +36,31 @@ document.head.append(E('style', {'type': 'text/css'}, return baseclass.extend({ packager : null, - appName : 'zapret', - execPath : '/etc/init.d/zapret', - syncCfgPath : '/opt/zapret/sync_config.sh', - defCfgPath : '/opt/zapret/def-cfg.sh', - defaultCfgPath : '/opt/zapret/restore-def-cfg.sh', + appName : 'zapret2', + execPath : '/etc/init.d/zapret2', + syncCfgPath : '/opt/zapret2/sync_config.sh', + defCfgPath : '/opt/zapret2/def-cfg.sh', + defaultCfgPath : '/opt/zapret2/restore-def-cfg.sh', - hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt', - hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt', - hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt', - iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt', - iplstUserFN : '/opt/zapret/ipset/zapret-ip-user.txt', - iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt', + hostsGoogleFN : '/opt/zapret2/ipset/zapret-hosts-google.txt', + hostsUserFN : '/opt/zapret2/ipset/zapret-hosts-user.txt', + hostsUserExcludeFN: '/opt/zapret2/ipset/zapret-hosts-user-exclude.txt', + iplstExcludeFN : '/opt/zapret2/ipset/zapret-ip-exclude.txt', + iplstUserFN : '/opt/zapret2/ipset/zapret-ip-user.txt', + iplstUserExcludeFN: '/opt/zapret2/ipset/zapret-ip-user-exclude.txt', custFileMax : 4, - custFileTemplate : '/opt/zapret/ipset/cust%s.txt', + custFileTemplate : '/opt/zapret2/ipset/cust%s.txt', customdPrefixList : [ 10, 20, 50, 60, 90 ] , - customdFileFormat : '/opt/zapret/init.d/openwrt/custom.d/%s-script.sh', + customdFileFormat : '/opt/zapret2/init.d/openwrt/custom.d/%s-script.sh', discord_num : 50, - discord_url : [ 'https://github.com/bol-van/zapret/blob/4e8e3a9ed9dbeb1156db68dfaa7b353051c13797/init.d/custom.d.examples.linux/50-discord', - 'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-discord-media', - 'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-stun4all', - 'https://github.com/bol-van/zapret/tree/master/init.d/custom.d.examples.linux' + discord_url : [ 'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-discord-media', + 'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-stun4all', + 'https://github.com/bol-van/zapret2/tree/master/init.d/custom.d.examples.linux' ], - nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/168', + nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/', - autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt', - autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log', + autoHostListFN : '/opt/zapret2/ipset/zapret-hosts-auto.txt', + autoHostListDbgFN : '/opt/zapret2/ipset/zapret-hosts-auto-debug.log', infoLabelRunning : '' + _('Running') + '', infoLabelStarting : '' + _('Starting') + '', @@ -106,11 +105,11 @@ return baseclass.extend({ if (L.hasSystemFeature('apk')) { this.packager.name = 'apk'; this.packager.path = '/usr/bin/apk'; - this.packager.args = [ 'list', '-I', '*zapret*' ]; + this.packager.args = [ 'list', '-I', '*zapret2*' ]; } else { this.packager.name = 'opkg'; this.packager.path = '/bin/opkg'; - this.packager.args = [ 'list-installed', '*zapret*' ]; + this.packager.args = [ 'list-installed', '*zapret2*' ]; } //console.log('PACKAGER: ' + this.packager.name); } @@ -271,9 +270,9 @@ return baseclass.extend({ return -4; } let jdata = svc_info; - if (typeof(jdata.zapret) == 'object') { + if (typeof(jdata.zapret2) == 'object') { result.dmn.inited = true; - let dmn_list = jdata.zapret.instances; + let dmn_list = jdata.zapret2.instances; if (typeof(dmn_list) == 'object') { for (const [dmn_name, daemon] of Object.entries(dmn_list)) { result.dmn.total += 1; @@ -470,7 +469,7 @@ return baseclass.extend({ }, load: function() { - let value = uci.get('zapret', this.cfgsec, this.cfgparam); + let value = uci.get('zapret2', this.cfgsec, this.cfgparam); if (typeof(value) === 'string') { value = value.trim(); if (this.multiline == 2) { @@ -544,7 +543,7 @@ return baseclass.extend({ } value = value.replace(/˂/g, '<'); value = value.replace(/˃/g, '>'); - uci.set('zapret', this.cfgsec, this.cfgparam, value); + uci.set('zapret2', this.cfgsec, this.cfgparam, value); uci.save(); let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam); if (elem) { diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/updater.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/updater.js index fbb6676..a93fac1 100644 --- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/updater.js +++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/updater.js @@ -5,7 +5,7 @@ 'require uci'; 'require ui'; 'require view'; -'require view.zapret.tools as tools'; +'require view.zapret2.tools as tools'; const btn_style_neutral = 'btn'; const btn_style_action = 'btn cbi-button-action'; @@ -14,7 +14,7 @@ const btn_style_negative = 'btn cbi-button-reset important'; const btn_style_warning = 'btn cbi-button-negative'; const btn_style_success = 'btn cbi-button-success important'; -const fn_update_pkg_sh = '/opt/zapret/update-pkg.sh'; +const fn_update_pkg_sh = '/opt/zapret2/update-pkg.sh'; return baseclass.extend({ releasesUrlPrefix : 'https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/', @@ -104,7 +104,7 @@ return baseclass.extend({ } let rpc_opt = { timeout: 5*1000 } //rpc_opt.uid = 0; // run under root - const logFile = '/tmp/zapret_pkg_install.log'; + const logFile = '/tmp/zapret2_pkg_install.log'; const rcFile = logFile + '.rc'; try { await fs.exec('/bin/busybox', [ 'rm', '-f', logFile + '*' ], null, rpc_opt); @@ -118,7 +118,7 @@ return baseclass.extend({ let opt = [ logFile, fn_update_pkg_sh ]; //opt.push('-t'); opt.push('0'); // only for testing opt.push(...opt_list); - let res = await fs.exec('/opt/zapret/script-exec.sh', opt, null, rpc_opt); + let res = await fs.exec('/opt/zapret2/script-exec.sh', opt, null, rpc_opt); if (res.code == 0) { this.appendLog('Process started...'); } else { diff --git a/luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json b/luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json index cea1cf2..873235f 100644 --- a/luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json +++ b/luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json @@ -1,46 +1,48 @@ { - "admin/services/zapret": { - "title": "Zapret", - "order": 61, + "admin/services/zapret2": { + "title": "Zapret2", + "order": 62, "action": { "type": "alias", - "path": "admin/services/zapret/service" + "path": "admin/services/zapret2/service" }, "depends": { - "acl": [ "luci-app-zapret" ], + "acl": [ "luci-app-zapret2" ], "fs": { - "/opt/zapret/sync_config.sh": "executable", - "/opt/zapret/restore-def-cfg.sh": "executable", - "/etc/init.d/zapret": "executable" + "/opt/zapret2/sync_config.sh": "executable", + "/opt/zapret2/restore-def-cfg.sh": "executable", + "/opt/zapret2/script-exec.sh": "executable", + "/opt/zapret2/update-pkg.sh.sh": "executable", + "/etc/init.d/zapret2": "executable" }, - "uci": { "zapret": true } + "uci": { "zapret2": true } } }, - "admin/services/zapret/service": { + "admin/services/zapret2/service": { "title": "Service", "order": 10, "action": { "type": "view", - "path": "zapret/service" + "path": "zapret2/service" } }, - "admin/services/zapret/settings": { + "admin/services/zapret2/settings": { "title": "Settings", "order": 20, "action": { "type": "view", - "path": "zapret/settings" + "path": "zapret2/settings" } }, - "admin/services/zapret/dmnlog": { + "admin/services/zapret2/dmnlog": { "title": "Log Viewer", "order": 30, "action": { "type": "view", - "path": "zapret/dmnlog" + "path": "zapret2/dmnlog" } } } diff --git a/luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json b/luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json index 341d4c9..5df5fe2 100644 --- a/luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json +++ b/luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json @@ -1,27 +1,27 @@ { - "luci-app-zapret": { - "description": "Grant access to zapret procedures", + "luci-app-zapret2": { + "description": "Grant access to zapret2 procedures", "read": { "cgi-io": [ "exec" ], "file": { - "/opt/zapret/config": [ "read" ], - "/opt/zapret/ipset/*": [ "read" ], - "/opt/zapret/init.d/openwrt/custom.d/*": [ "read" ], + "/opt/zapret2/config": [ "read" ], + "/opt/zapret2/ipset/*": [ "read" ], + "/opt/zapret2/init.d/openwrt/custom.d/*": [ "read" ], "/etc/crontabs/root": [ "read" ], "/tmp/zapret*": [ "read" ], - "/etc/init.d/zapret*": [ "exec" ], + "/etc/init.d/zapret2*": [ "exec" ], "/bin/ps*": [ "exec" ], "/bin/cat*": [ "exec" ], "/bin/busybox*": [ "exec" ], "/bin/opkg*": [ "exec" ], "/usr/bin/apk*": [ "exec" ], "/usr/bin/find*": [ "exec" ], - "/opt/zapret/restore-def-cfg.sh*": [ "exec" ], - "/opt/zapret/script-exec.sh*": [ "exec" ], - "/opt/zapret/update-pkg.sh*": [ "exec" ], - "/opt/zapret/sync_config.sh*": [ "exec" ] + "/opt/zapret2/restore-def-cfg.sh*": [ "exec" ], + "/opt/zapret2/script-exec.sh*": [ "exec" ], + "/opt/zapret2/update-pkg.sh*": [ "exec" ], + "/opt/zapret2/sync_config.sh*": [ "exec" ] }, - "uci": [ "zapret", "network" ], + "uci": [ "zapret2", "network" ], "ubus": { "luci": [ "getInitList", "setInitAction" ], "service": [ "list" ] @@ -29,12 +29,12 @@ }, "write": { "file": { - "/opt/zapret/config": [ "write" ], - "/opt/zapret/ipset/*": [ "write" ], - "/opt/zapret/init.d/openwrt/custom.d/*": [ "write" ], + "/opt/zapret2/config": [ "write" ], + "/opt/zapret2/ipset/*": [ "write" ], + "/opt/zapret2/init.d/openwrt/custom.d/*": [ "write" ], "/etc/crontabs/root": [ "write" ] }, - "uci": [ "zapret" ] + "uci": [ "zapret2" ] } } } diff --git a/zapret-ip2net/Makefile b/zapret-ip2net/Makefile index 97ce404..3e20cd8 100644 --- a/zapret-ip2net/Makefile +++ b/zapret-ip2net/Makefile @@ -1,20 +1,20 @@ include $(TOPDIR)/rules.mk -PKG_NAME:=zapret-ip2net -PKG_VERSION:=72.20251218 +PKG_NAME:=zapret2-ip2net +PKG_VERSION:=0.7.20251218 PKG_RELEASE:=1 PKG_MAINTAINER:=bol-van PKG_LICENSE:=MIT PKG_LICENSE_FILES:=docs/LICENSE.txt -PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git +PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 +PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601 PKG_SOURCE_DATE:=2025-12-18 #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? +#PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_HASH:=skip include $(INCLUDE_DIR)/package.mk @@ -28,8 +28,8 @@ define Package/$(PKG_NAME) SECTION:=net CATEGORY:=Network TITLE:=ip2net - SUBMENU:=Zapret - DEPENDS:=+zlib +zapret + SUBMENU:=Zapret2 + DEPENDS:=+zlib +zapret2 endef define Build/Prepare @@ -38,8 +38,8 @@ define Build/Prepare endef define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/opt/zapret/ip2net - $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net $(1)/opt/zapret/ip2net/ + $(INSTALL_DIR) $(1)/opt/zapret2/ip2net + $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net $(1)/opt/zapret2/ip2net/ endef $(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/zapret-mdig/Makefile b/zapret-mdig/Makefile index 16f36ae..8e3c712 100644 --- a/zapret-mdig/Makefile +++ b/zapret-mdig/Makefile @@ -1,20 +1,20 @@ include $(TOPDIR)/rules.mk -PKG_NAME:=zapret-mdig -PKG_VERSION:=72.20251218 +PKG_NAME:=zapret2-mdig +PKG_VERSION:=0.7.20251218 PKG_RELEASE:=1 PKG_MAINTAINER:=bol-van PKG_LICENSE:=MIT PKG_LICENSE_FILES:=docs/LICENSE.txt -PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git +PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 +PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601 PKG_SOURCE_DATE:=2025-12-18 #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? +#PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_HASH:=skip include $(INCLUDE_DIR)/package.mk @@ -28,8 +28,8 @@ define Package/$(PKG_NAME) SECTION:=net CATEGORY:=Network TITLE:=mdig - SUBMENU:=Zapret - DEPENDS:=+zlib +zapret + SUBMENU:=Zapret2 + DEPENDS:=+zlib +zapret2 endef define Build/Prepare @@ -38,8 +38,8 @@ define Build/Prepare endef define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/opt/zapret/mdig - $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig $(1)/opt/zapret/mdig/ + $(INSTALL_DIR) $(1)/opt/zapret2/mdig + $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig $(1)/opt/zapret2/mdig/ endef $(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/zapret-tpws/Makefile b/zapret-tpws/Makefile deleted file mode 100644 index bf492cb..0000000 --- a/zapret-tpws/Makefile +++ /dev/null @@ -1,45 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=zapret-tpws -PKG_VERSION:=72.20251218 -PKG_RELEASE:=1 - -PKG_MAINTAINER:=bol-van -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=docs/LICENSE.txt - -PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git -PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 -PKG_SOURCE_DATE:=2025-12-18 - -#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? -#PKG_HASH:=skip - -include $(INCLUDE_DIR)/package.mk - -#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) -#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) - -MAKE_PATH:=tpws - -define Package/$(PKG_NAME) - SECTION:=net - CATEGORY:=Network - TITLE:=tpws - SUBMENU:=Zapret - DEPENDS:=+zlib +libcap +zapret -endef - -define Build/Prepare - $(Build/Prepare/Default) - rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws -endef - -define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/opt/zapret/tpws - $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws $(1)/opt/zapret/tpws/ -endef - -$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/zapret/Makefile b/zapret/Makefile index 92acb6c..f7aac02 100644 --- a/zapret/Makefile +++ b/zapret/Makefile @@ -1,24 +1,24 @@ # -# Copyright (c) 2024 remittor +# Copyright (c) 2025 remittor # include $(TOPDIR)/rules.mk -PKG_NAME:=zapret -PKG_VERSION:=72.20251218 +PKG_NAME:=zapret2 +PKG_VERSION:=0.7.20251218 PKG_RELEASE:=1 PKG_MAINTAINER:=bol-van PKG_LICENSE:=MIT PKG_LICENSE_FILES:=docs/LICENSE.txt -PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git +PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 +PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601 PKG_SOURCE_DATE:=2025-12-18 #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? +#PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_HASH:=skip include $(INCLUDE_DIR)/package.mk @@ -26,14 +26,14 @@ include $(INCLUDE_DIR)/package.mk #TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) #TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) -MAKE_PATH:=nfq +MAKE_PATH:=nfq2 define Package/$(PKG_NAME) SECTION:=net CATEGORY:=Network TITLE:=$(PKG_NAME) - SUBMENU:=Zapret - URL:=https://github.com/bol-van/zapret + SUBMENU:=Zapret2 + URL:=https://github.com/bol-van/zapret2 DEPENDS:= +nftables +curl +gzip DEPENDS+= +coreutils +coreutils-sort +coreutils-sleep DEPENDS+= +kmod-nft-nat +kmod-nft-offload +kmod-nft-queue @@ -42,7 +42,7 @@ endef define Build/Prepare $(Build/Prepare/Default) - rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws + rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2 endef #define Build/Configure @@ -52,89 +52,85 @@ endef #endef define Package/$(PKG_NAME)/conffiles -/etc/config/zapret -/opt/zapret/config -/opt/zapret/ipset/ -/opt/zapret/init.d/openwrt/custom.d/ +/etc/config/zapret2 +/opt/zapret2/config +/opt/zapret2/ipset/ +/opt/zapret2/init.d/openwrt/custom.d/ endef define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/opt/zapret - $(INSTALL_DIR) $(1)/opt/zapret/$(MAKE_PATH) - $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws $(1)/opt/zapret/$(MAKE_PATH)/ - $(INSTALL_DIR) $(1)/opt/zapret/common - $(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret/common/ - #$(INSTALL_DIR) $(1)/opt/zapret/docs - #$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret/docs/ - $(INSTALL_DIR) $(1)/opt/zapret/files - $(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret/files/ - $(CP) ./files/* $(1)/opt/zapret/files/ - $(INSTALL_DIR) $(1)/opt/zapret/ipset - $(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh - #$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default - $(INSTALL_DIR) $(1)/opt/zapret/tmp - $(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt - $(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/ + $(INSTALL_DIR) $(1)/opt/zapret2 + $(INSTALL_DIR) $(1)/opt/zapret2/$(MAKE_PATH) + $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2 $(1)/opt/zapret2/$(MAKE_PATH)/ + $(INSTALL_DIR) $(1)/opt/zapret2/common + $(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret2/common/ + $(INSTALL_DIR) $(1)/opt/zapret2/lua + $(CP) $(PKG_BUILD_DIR)/lua/* $(1)/opt/zapret2/lua/ + #$(INSTALL_DIR) $(1)/opt/zapret2/docs + #$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret2/docs/ + $(INSTALL_DIR) $(1)/opt/zapret2/files + $(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret2/files/ + $(CP) ./files/* $(1)/opt/zapret2/files/ + $(INSTALL_DIR) $(1)/opt/zapret2/ipset + $(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret2/ipset/ + $(INSTALL_DIR) $(1)/opt/zapret2/blockcheck2.d + $(CP) $(PKG_BUILD_DIR)/blockcheck2.d/* $(1)/opt/zapret2/blockcheck2.d/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck2.sh $(1)/opt/zapret2/blockcheck2.sh + #$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret2/config.default + $(INSTALL_DIR) $(1)/opt/zapret2/tmp + $(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt + $(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret2/init.d/openwrt/ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface - $(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret + $(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret2 $(1)/etc/hotplug.d/iface/90-zapret2 $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret - $(INSTALL_DATA) ./config.default $(1)/opt/zapret/config.default - $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt - $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt - $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt - $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt - $(INSTALL_DIR) $(1)/opt/zapret/ipset_def - $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset_def/zapret-hosts-google.txt - $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset_def/zapret-hosts-user.txt - $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset_def/zapret-hosts-user-exclude.txt - $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset_def/zapret-ip-exclude.txt - $(INSTALL_DIR) $(1)/opt/zapret/init.d - $(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt - $(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt/custom.d - $(CP) ./custom.d/* $(1)/opt/zapret/init.d/openwrt/custom.d/ + $(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret2 + $(INSTALL_DATA) ./config.default $(1)/opt/zapret2/config.default + $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset/zapret-hosts-google.txt + $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset/zapret-hosts-user.txt + $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset/zapret-hosts-user-exclude.txt + $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset/zapret-ip-exclude.txt + $(INSTALL_DIR) $(1)/opt/zapret2/ipset_def + $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-google.txt + $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user.txt + $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user-exclude.txt + $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-ip-exclude.txt + $(INSTALL_DIR) $(1)/opt/zapret2/init.d + $(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt + $(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt/custom.d + $(CP) ./custom.d/* $(1)/opt/zapret2/init.d/openwrt/custom.d/ $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh - $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh - $(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret/comfunc.sh - $(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret/def-cfg.sh - $(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret/renew-cfg.sh - $(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret/restore-def-cfg.sh - $(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh - $(INSTALL_BIN) ./script-exec.sh $(1)/opt/zapret/script-exec.sh - $(INSTALL_BIN) ./update-pkg.sh $(1)/opt/zapret/update-pkg.sh + $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret2-uci-def-cfg.sh + $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret2/uci-def-cfg.sh + $(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret2/comfunc.sh + $(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret2/def-cfg.sh + $(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret2/renew-cfg.sh + $(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret2/restore-def-cfg.sh + $(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret2/sync_config.sh + $(INSTALL_BIN) ./script-exec.sh $(1)/opt/zapret2/script-exec.sh + $(INSTALL_BIN) ./update-pkg.sh $(1)/opt/zapret2/update-pkg.sh # Fix permisions - chmod 644 $(1)/opt/zapret/ipset/*.txt - chmod 644 $(1)/opt/zapret/ipset_def/*.txt - chmod 644 $(1)/opt/zapret/init.d/openwrt/custom.d/*.sh - chmod 644 $(1)/opt/zapret/config.default - chmod 755 $(1)/opt/zapret/*.sh + chmod 644 $(1)/opt/zapret2/ipset/*.txt + chmod 644 $(1)/opt/zapret2/ipset_def/*.txt + chmod 644 $(1)/opt/zapret2/init.d/openwrt/custom.d/*.sh + chmod 644 $(1)/opt/zapret2/config.default + chmod 755 $(1)/opt/zapret2/*.sh endef define Package/$(PKG_NAME)/preinst #!/bin/sh # check if we are on real system if [ -z "$${IPKG_INSTROOT}" ]; then - if [ -f "/etc/init.d/zapret" ]; then - SCRIPT=$$( readlink /etc/init.d/zapret ) + if [ -f "/etc/init.d/zapret2" ]; then + SCRIPT=$$( readlink /etc/init.d/zapret2 ) if [ -n "$${SCRIPT}" ]; then - echo "Please uninstall original zapret utility!" + echo "Please uninstall original zapret2 utility!" exit 44 fi fi if [ "$${PKG_UPGRADE}" = "1" ]; then # stop service if PKG_UPGRADE - if [ -x "/etc/init.d/zapret" ]; then - /etc/init.d/zapret running && /etc/init.d/zapret stop >/dev/null 2>&1 - fi - fi - if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then - if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then - CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' ) - if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then - rm -f "/opt/zapret/ipset/zapret-hosts-user.txt" - fi + if [ -x "/etc/init.d/zapret2" ]; then + /etc/init.d/zapret2 running && /etc/init.d/zapret2 stop >/dev/null 2>&1 fi fi fi @@ -145,40 +141,32 @@ define Package/$(PKG_NAME)/postinst #!/bin/sh # check if we are on real system if [ -z "$${IPKG_INSTROOT}" ]; then - ZAPRET_CONFIG=/opt/zapret/config - ZAPRET_CONFIG_DEF="/opt/zapret/config.default" + ZAPRET_CONFIG=/opt/zapret2/config + ZAPRET_CONFIG_DEF="/opt/zapret2/config.default" # creating main config if its not exists if [ ! -f "$${ZAPRET_CONFIG}" ]; then cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" fi - # check obsolete format for main config - if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then - echo "Detect obsolute format for main config!" - ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup" - cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}" - echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}" - cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" - fi # check existing uci-config - [ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0 + [ -f "/etc/config/zapret2" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0 # create or merge uci-config - /opt/zapret/uci-def-cfg.sh - [ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config" + /opt/zapret2/uci-def-cfg.sh + [ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret2 merged with default uci-config" # remove uci-default script from system dir (used into /etc/init.d/boot) - rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh + rm -f /etc/uci-defaults/zapret2-uci-def-cfg.sh # copy (sync) all params from uci-config to main config - /opt/zapret/sync_config.sh + /opt/zapret2/sync_config.sh # check main config sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58 # enable main service - /etc/init.d/zapret enable + /etc/init.d/zapret2 enable # stop all - /etc/init.d/zapret stop_fw - /etc/init.d/zapret stop_daemons - ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 + /etc/init.d/zapret2 stop_fw + /etc/init.d/zapret2 stop_daemons + ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 # start main service - /etc/init.d/zapret start + /etc/init.d/zapret2 start # restart firewall [ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart fi @@ -189,15 +177,15 @@ define Package/$(PKG_NAME)/prerm #!/bin/sh # check if we are on real system if [ -z "$${IPKG_INSTROOT}" ]; then - EXEDIR=/opt/zapret - ZAPRET_BASE=/opt/zapret - ZAPRET_CONFIG=/opt/zapret/config - ZAPRET_CONFIG_DEF="/opt/zapret/config.default" - OPENWRT_FW_INCLUDE=/etc/firewall.zapret + EXEDIR=/opt/zapret2 + ZAPRET_BASE=/opt/zapret2 + ZAPRET_CONFIG=/opt/zapret2/config + ZAPRET_CONFIG_DEF="/opt/zapret2/config.default" + OPENWRT_FW_INCLUDE=/etc/firewall.zapret2 # check main config sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then - ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 + ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 exit 0 fi . "$${ZAPRET_CONFIG}" @@ -205,9 +193,9 @@ if [ -z "$${IPKG_INSTROOT}" ]; then . "$${ZAPRET_BASE}/common/fwtype.sh" . "$${ZAPRET_BASE}/common/nft.sh" . "$${ZAPRET_BASE}/common/installer.sh" - /etc/init.d/zapret running && /etc/init.d/zapret stop - /etc/init.d/zapret disable - ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 + /etc/init.d/zapret2 running && /etc/init.d/zapret2 stop + /etc/init.d/zapret2 disable + ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 remove_openwrt_firewall nft_del_table restart_openwrt_firewall @@ -219,10 +207,10 @@ define Package/$(PKG_NAME)/postrm #!/bin/sh # check if we are on real system if [ -z "$${IPKG_INSTROOT}" ]; then - [ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg" - [ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup" - #rm -rf /opt/zapret - #echo "Directory /opt/zapret removed!" + [ -f "/etc/config/zapret2-opkg" ] && rm -f "/etc/config/zapret2-opkg" + [ -f "/opt/zapret2/config" ] && cp -f /opt/zapret2/config "/opt/zapret2/config.backup" + #rm -rf /opt/zapret2 + #echo "Directory /opt/zapret2 removed!" fi exit 0 endef diff --git a/zapret/comfunc.sh b/zapret/comfunc.sh index 7aaf3f0..85b9903 100755 --- a/zapret/comfunc.sh +++ b/zapret/comfunc.sh @@ -1,18 +1,18 @@ #!/bin/sh # Copyright (c) 2024 remittor -EXEDIR=/opt/zapret -ZAPRET_BASE=/opt/zapret +EXEDIR=/opt/zapret2 +ZAPRET_BASE=/opt/zapret2 -ZAPRET_INITD=/etc/init.d/zapret -ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret" +ZAPRET_INITD=/etc/init.d/zapret2 +ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret2" ZAPRET_CONFIG="$ZAPRET_BASE/config" ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new" ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default" -ZAPRET_CFG=/etc/config/zapret -ZAPRET_CFG_NAME=zapret +ZAPRET_CFG=/etc/config/zapret2 +ZAPRET_CFG_NAME=zapret2 ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )" . $ZAPRET_BASE/def-cfg.sh @@ -148,7 +148,7 @@ function merge_cfg_with_def_values local cfgname=${1:-$ZAPRET_CFG_NAME} local force=$2 local cfgfile=/etc/config/$cfgname - local NEWCFGNAME="zapret-default" + local NEWCFGNAME="zapret2-default" local NEWCFGFILE="/etc/config/$NEWCFGNAME" local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )" @@ -168,7 +168,7 @@ function merge_cfg_with_def_values function remove_cron_task_logs { if [ -f "$CRONTAB_FILE" ]; then - sed -i "/-name 'zapret\*.log' -size +/d" "$CRONTAB_FILE" + sed -i "/-name 'zapret2\*.log' -size +/d" "$CRONTAB_FILE" fi } @@ -176,8 +176,8 @@ function insert_cron_task_logs { [ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE" [ ! -f "$CRONTAB_FILE" ] && return 1 - if ! grep -q -e "-name 'zapret\*\.log' -size \+" "$CRONTAB_FILE"; then - echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE" + if ! grep -q -e "-name 'zapret2\*\.log' -size \+" "$CRONTAB_FILE"; then + echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret2*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE" /etc/init.d/cron restart 2> /dev/null fi return 0 @@ -190,7 +190,7 @@ function init_before_start [ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN" chmod 644 $ZAPRET_BASE/ipset/*.txt chmod 666 $ZAPRET_BASE/ipset/*.log - rm -f /tmp/zapret*.log + rm -f /tmp/zapret2*.log #*/ if [ "$DAEMON_LOG_ENABLE" = "1" ]; then insert_cron_task_logs diff --git a/zapret/config.default b/zapret/config.default index 1d7f0b5..2920e65 100644 --- a/zapret/config.default +++ b/zapret/config.default @@ -63,47 +63,31 @@ DESYNC_MARK_POSTNAT=0x20000000 FILTER_MARK="" -TPWS_SOCKS_ENABLE=0 -# tpws socks listens on this port on localhost and LAN interfaces -TPPORT_SOCKS=987 -# use and placeholders to engage standard hostlists and autohostlist in ipset dir -# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy -# appends ipset/zapret-hosts-auto.txt as normal list -TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol --new --filter-tcp=443 --split-tls=sni --disorder " - -TPWS_ENABLE=0 -TPWS_PORTS="80,443" -# use and placeholders to engage standard hostlists and autohostlist in ipset dir -# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy -# appends ipset/zapret-hosts-auto.txt as normal list -TPWS_OPT="--filter-tcp=80 --methodeol --new --filter-tcp=443 --split-tls=sni --disorder " - - -NFQWS_ENABLE=1 +NFQWS2_ENABLE=1 # redirect outgoing traffic with connbytes limiter applied in both directions. -NFQWS_PORTS_TCP="80,443" -NFQWS_PORTS_UDP="443" +NFQWS2_PORTS_TCP="80,443" +NFQWS2_PORTS_UDP="443" # PKT_OUT means connbytes dir original # PKT_IN means connbytes dir reply # this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU. -NFQWS_TCP_PKT_OUT="9" -NFQWS_TCP_PKT_IN="3" -NFQWS_UDP_PKT_OUT="9" -NFQWS_UDP_PKT_IN="0" +NFQWS2_TCP_PKT_OUT="9" +NFQWS2_TCP_PKT_IN="3" +NFQWS2_UDP_PKT_OUT="9" +NFQWS2_UDP_PKT_IN="0" # redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter # normally it's needed only for stateless DPI that matches every packet in a single TCP session # typical example are plain HTTP keep alives # this mode can be very CPU consuming. enable with care ! -NFQWS_PORTS_TCP_KEEPALIVE="" -NFQWS_PORTS_UDP_KEEPALIVE="" +NFQWS2_PORTS_TCP_KEEPALIVE="" +NFQWS2_PORTS_UDP_KEEPALIVE="" # use and placeholders to engage standard hostlists and autohostlist in ipset dir # hostlist markers are replaced to empty string if MODE_FILTER does not satisfy # appends ipset/zapret-hosts-auto.txt as normal list -NFQWS_OPT="--filter-tcp=80 --dpi-desync=fake,fakedsplit --dpi-desync-autottl=2 --dpi-desync-fooling=badsum --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-repeats=11 --dpi-desync-fooling=badsum --dpi-desync-fake-tls-mod=rnd,dupsid,sni=www.google.com --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=443 --dpi-desync=multidisorder --dpi-desync-split-pos=1,sniext+1,host+1,midsld-2,midsld,midsld+2,endhost-1" +NFQWS2_OPT="--filter-tcp=80 --filter-l7=http --payload=http_req --lua-desync=fake:blob=fake_default_http:tcp_md5 --lua-desync=multisplit:pos=method+2 --new --filter-tcp=443 --filter-l7=tls --payload=tls_client_hello --lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000 --lua-desync=multidisorder:pos=1,midsld --new --filter-udp=443 --filter-l7=quic --payload=quic_initial --lua-desync=fake:blob=fake_default_quic:repeats=6" DISABLE_CUSTOM=1 @@ -121,9 +105,8 @@ FLOWOFFLOAD=none # for routers based on desktop linux and macos. has no effect in openwrt. # CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES # or leave them commented if its not router -# it's possible to specify multiple interfaces like this : IFACE_LAN="eth0 eth1 eth2" +# it's possible to specify multiple interfaces like this : IFACE_WAN="eth0 eth1 eth2" # if IFACE_WAN6 is not defined it take the value of IFACE_WAN -#IFACE_LAN=eth0 #IFACE_WAN=eth1 #IFACE_WAN6="ipsec0 wireguard0 he_net" @@ -132,10 +115,10 @@ FLOWOFFLOAD=none INIT_APPLY_FW=1 # firewall apply hooks -#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret.hook.pre_up" -#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret.hook.post_up" -#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret.hook.pre_down" -#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret.hook.post_down" +#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret2.hook.pre_up" +#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret2.hook.post_up" +#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret2.hook.pre_down" +#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret2.hook.post_down" # do not work with ipv4 DISABLE_IPV4=0 @@ -156,4 +139,4 @@ FILTER_TTL_EXPIRED_ICMP=1 DAEMON_LOG_ENABLE=0 -DAEMON_LOG_FILE="/tmp/zapret+++.log" +DAEMON_LOG_FILE="/tmp/zapret2+++.log" diff --git a/zapret/custom.d/50-script.sh b/zapret/custom.d/50-script.sh index 83d7fea..3623a07 100644 --- a/zapret/custom.d/50-script.sh +++ b/zapret/custom.d/50-script.sh @@ -3,7 +3,7 @@ # NOTE: @ih requires nft 1.0.1+ and updated kernel version. it's confirmed to work on 5.15 (openwrt 23) and not work on 5.10 (openwrt 22) # can override in config : -NFQWS_OPT_DESYNC_STUN="${NFQWS_OPT_DESYNC_STUN:---dpi-desync=fake --dpi-desync-repeats=2}" +NFQWS_OPT_DESYNC_STUN="${NFQWS_OPT_DESYNC_STUN:---payload stun --lua-desync=fake:blob=0x00000000000000000000000000000000:repeats=2}" alloc_dnum DNUM_STUN4ALL alloc_qnum QNUM_STUN4ALL @@ -17,14 +17,14 @@ zapret_custom_daemons() } zapret_custom_firewall() { - # $1 - 1 - run, 0 - stop + # $1 - 1 - run, 0 - stop local f='-p udp -m u32 --u32' fw_nfqws_post $1 "$f 0>>22&0x3C@4>>16=28:65535&&0>>22&0x3C@12=0x2112A442&&0>>22&0x3C@8&0xC0000003=0" "$f 44>>16=28:65535&&52=0x2112A442&&48&0xC0000003=0" $QNUM_STUN4ALL } zapret_custom_firewall_nft() { - # stop logic is not required + # stop logic is not required local f="udp length >= 28 @ih,32,32 0x2112A442 @ih,0,2 0 @ih,30,2 0" nft_fw_nfqws_post "$f" "$f" $QNUM_STUN4ALL diff --git a/zapret/def-cfg.sh b/zapret/def-cfg.sh index d89f91a..602bef8 100755 --- a/zapret/def-cfg.sh +++ b/zapret/def-cfg.sh @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2024 remittor +# Copyright (c) 2025 remittor function set_cfg_reset_values { @@ -26,18 +26,18 @@ function set_cfg_reset_values set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60' set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0' # nfqws options - set $cfgname.config.NFQWS_ENABLE='1' + set $cfgname.config.NFQWS2_ENABLE='1' set $cfgname.config.DESYNC_MARK='0x40000000' set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000' set $cfgname.config.FILTER_MARK='$TAB' - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_TCP_PKT_OUT='9' - set $cfgname.config.NFQWS_TCP_PKT_IN='3' - set $cfgname.config.NFQWS_UDP_PKT_OUT='9' - set $cfgname.config.NFQWS_UDP_PKT_IN='0' - set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0' - set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0' + set $cfgname.config.NFQWS2_PORTS_TCP='80,443' + set $cfgname.config.NFQWS2_PORTS_UDP='443' + set $cfgname.config.NFQWS2_TCP_PKT_OUT='9' + set $cfgname.config.NFQWS2_TCP_PKT_IN='3' + set $cfgname.config.NFQWS2_UDP_PKT_OUT='9' + set $cfgname.config.NFQWS2_UDP_PKT_IN='0' + set $cfgname.config.NFQWS2_PORTS_TCP_KEEPALIVE='0' + set $cfgname.config.NFQWS2_PORTS_UDP_KEEPALIVE='0' # save changes commit $cfgname EOF @@ -50,9 +50,9 @@ function clear_nfqws_strat local TAB="$( echo -n -e '\t' )" uci batch <<-EOF set $cfgname.config.MODE_FILTER='hostlist' - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT='$TAB' + set $cfgname.config.NFQWS2_PORTS_TCP='80,443' + set $cfgname.config.NFQWS2_PORTS_UDP='443' + set $cfgname.config.NFQWS2_OPT='$TAB' commit $cfgname EOF } @@ -70,179 +70,31 @@ function set_cfg_nfqws_strat if [ "$strat" = "empty" ]; then clear_nfqws_strat $cfgname fi - if [ "$strat" = "v1_by_StressOzz" ]; then + if [ "$strat" = "default" ]; then uci batch <<-EOF - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT=" + set $cfgname.config.NFQWS2_PORTS_TCP='80,443' + set $cfgname.config.NFQWS2_PORTS_UDP='443' + set $cfgname.config.NFQWS2_OPT=" # Strategy $strat - --filter-tcp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --dpi-desync=fake,multidisorder - --dpi-desync-split-seqovl=681 - --dpi-desync-split-pos=1 - --dpi-desync-fooling=badseq - --dpi-desync-badseq-increment=10000000 - --dpi-desync-repeats=2 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin - --dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com + --filter-tcp=80 + --filter-l7=http + --payload=http_req + --lua-desync=fake:blob=fake_default_http:tcp_md5 + --lua-desync=multisplit:pos=method+2 --new - --filter-udp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --dpi-desync=fake - --dpi-desync-repeats=6 - --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin - " - commit $cfgname - EOF - fi - if [ "$strat" = "v2_by_StressOzz" ]; then - uci batch <<-EOF - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT=" - # Strategy $strat - - --filter-tcp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude-domains=openwrt.org - --dpi-desync=fake,fakeddisorder - --dpi-desync-split-pos=10,midsld - --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin - --dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com - --dpi-desync-fake-tls=0x0F0F0F0F - --dpi-desync-fake-tls-mod=none - --dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin - --dpi-desync-split-seqovl=336 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin - --dpi-desync-fooling=badseq,badsum - --dpi-desync-badseq-increment=0 - - --new - --filter-udp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --dpi-desync=fake - --dpi-desync-repeats=6 - --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin - " - commit $cfgname - EOF - fi - if [ "$strat" = "v3_by_StressOzz" ]; then - uci batch <<-EOF - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT=" - # Strategy $strat - - --filter-tcp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude-domains=openwrt.org - --dpi-desync=fake,fakeddisorder - --dpi-desync-split-pos=10,midsld - --dpi-desync-fake-tls=/opt/zapret/files/fake/t2.bin - --dpi-desync-fake-tls-mod=rnd,dupsid,sni=m.ok.ru - --dpi-desync-fake-tls=0x0F0F0F0F - --dpi-desync-fake-tls-mod=none - --dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin - --dpi-desync-split-seqovl=336 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin - --dpi-desync-fooling=badseq,badsum - --dpi-desync-badseq-increment=0 - - --new - --filter-udp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --dpi-desync=fake - --dpi-desync-repeats=6 - --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin - " - commit $cfgname - EOF - fi - if [ "$strat" = "v4_by_StressOzz" ]; then - uci batch <<-EOF - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT=" - # Strategy $strat - --filter-tcp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --hostlist-exclude-domains=openwrt.org - --dpi-desync=fake,multisplit - --dpi-desync-split-pos=2,sld - --dpi-desync-fake-tls=0x0F0F0F0F - --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin - --dpi-desync-fake-tls-mod=rnd,dupsid,sni=google.com - --dpi-desync-split-seqovl=2108 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin - --dpi-desync-fooling=badseq - - --new - --filter-tcp=443 - --hostlist-exclude-domains=openwrt.org - --dpi-desync-any-protocol=1 - --dpi-desync-cutoff=n5 - --dpi-desync=multisplit - --dpi-desync-split-seqovl=582 - --dpi-desync-split-pos=1 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/4pda.bin + --filter-l7=tls + --payload=tls_client_hello + --lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000 + --lua-desync=multidisorder:pos=1,midsld --new --filter-udp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --dpi-desync=fake - --dpi-desync-repeats=6 - --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin - " - commit $cfgname - EOF - fi - if [ "$strat" = "v5_by_StressOzz" ]; then - uci batch <<-EOF - set $cfgname.config.NFQWS_PORTS_TCP='80,443' - set $cfgname.config.NFQWS_PORTS_UDP='443' - set $cfgname.config.NFQWS_OPT=" - # Strategy $strat - - --filter-tcp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --hostlist-exclude-domains=openwrt.org - --ip-id=zero - --dpi-desync=multisplit - --dpi-desync-split-seqovl=681 - --dpi-desync-split-pos=1 - --dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin - - --new - --filter-tcp=443 - --hostlist-exclude-domains=openwrt.org - --dpi-desync=fake,fakeddisorder - --dpi-desync-split-pos=10,midsld - --dpi-desync-fake-tls=/opt/zapret/files/fake/max.bin - --dpi-desync-fake-tls-mod=rnd,dupsid - --dpi-desync-fake-tls=0x0F0F0F0F - --dpi-desync-fake-tls-mod=none - --dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin - --dpi-desync-fooling=badseq,badsum - --dpi-desync-badseq-increment=0 - - --new - --filter-udp=443 - --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt - --hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt - --dpi-desync=fake - --dpi-desync-repeats=6 - --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin + --filter-l7=quic + --payload=quic_initial + --lua-desync=fake:blob=fake_default_quic:repeats=6 " commit $cfgname EOF @@ -253,7 +105,7 @@ function set_cfg_nfqws_strat function set_cfg_default_values { local opt_flags=${1:--} - local opt_strat=${2:-v2_by_StressOzz} + local opt_strat=${2:-default} local cfgname=${3:-$ZAPRET_CFG_NAME} if ! echo "$opt_flags" | grep -q "(skip_base)"; then diff --git a/zapret/init.d.sh b/zapret/init.d.sh index ef43cf4..fd51bfa 100755 --- a/zapret/init.d.sh +++ b/zapret/init.d.sh @@ -7,17 +7,17 @@ START=21 SCRIPT_FILENAME=$1 -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh if ! is_valid_config ; then - logger -p err -t ZAPRET "Wrong main config: $ZAPRET_CONFIG" + logger -p err -t ZAPRET2 "Wrong main config: $ZAPRET_CONFIG" exit 91 fi . $ZAPRET_ORIG_INITD -EXEDIR=/opt/zapret -ZAPRET_BASE=/opt/zapret +EXEDIR=/opt/zapret2 +ZAPRET_BASE=/opt/zapret2 is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0 @@ -30,7 +30,7 @@ function enable if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then run_on_boot=$( get_run_on_boot_option ) if [ $run_on_boot != 1 ]; then - logger -p notice -t ZAPRET "Attempt to enable service, but service blocked!" + logger -p notice -t ZAPRET2 "Attempt to enable service, but service blocked!" return 61 fi fi @@ -49,7 +49,7 @@ function enabled run_on_boot=$( get_run_on_boot_option ) if [ $run_on_boot != 1 ]; then if [ "$IS_RUN_ON_BOOT" = "1" ]; then - logger -p notice -t ZAPRET "Service is blocked!" + logger -p notice -t ZAPRET2 "Service is blocked!" fi return 61 fi @@ -65,7 +65,7 @@ function boot if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then run_on_boot=$( get_run_on_boot_option ) if [ $run_on_boot != 1 ]; then - logger -p notice -t ZAPRET "Attempt to run service on boot! Service is blocked!" + logger -p notice -t ZAPRET2 "Attempt to run service on boot! Service is blocked!" return 61 fi fi diff --git a/zapret/patches/0001-Add-support-log-file-for-each-daemons.patch b/zapret/patches/0001-Add-support-log-file-for-each-daemons.patch index 98e4d0f..2ed3a69 100644 --- a/zapret/patches/0001-Add-support-log-file-for-each-daemons.patch +++ b/zapret/patches/0001-Add-support-log-file-for-each-daemons.patch @@ -25,10 +25,10 @@ index 0af19c0..41c0967 100644 done } } -diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret +diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret2 index 8d6d3a9..fcb1e91 100755 ---- a/init.d/openwrt/zapret -+++ b/init.d/openwrt/zapret +--- a/init.d/openwrt/zapret2 ++++ b/init.d/openwrt/zapret2 @@ -58,12 +58,29 @@ run_daemon() # use $PIDDIR/$DAEMONBASE$1.pid as pidfile local DAEMONBASE="$(basename "$2")" @@ -51,15 +51,15 @@ index 8d6d3a9..fcb1e91 100755 procd_open_instance - procd_set_param command $2 $3 + procd_set_param command $DAEMON_PATH $DAEMON_ARGS - procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid + procd_set_param pidfile $PIDDIR/${DAEMONBASE}_$1.pid procd_close_instance } +DAEMON_CFGNAME="main" + - run_tpws() + run_nfqws() { - [ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0 + run_daemon $1 "$NFQWS2" "$NFQWS2_OPT_BASE $2" -- 2.41.0.windows.3 diff --git a/zapret/renew-cfg.sh b/zapret/renew-cfg.sh index a250067..47a8973 100755 --- a/zapret/renew-cfg.sh +++ b/zapret/renew-cfg.sh @@ -1,7 +1,7 @@ #!/bin/sh # Copyright (c) 2024 remittor -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh merge_cfg_with_def_values @@ -12,5 +12,5 @@ CONFIGS_SYNC=0 if [ "$CONFIGS_SYNC" = "1" ]; then # renew main config - /opt/zapret/sync_config.sh + /opt/zapret2/sync_config.sh fi diff --git a/zapret/restore-def-cfg.sh b/zapret/restore-def-cfg.sh index eff0db6..80ff412 100755 --- a/zapret/restore-def-cfg.sh +++ b/zapret/restore-def-cfg.sh @@ -1,9 +1,9 @@ #!/bin/sh # Copyright (c) 2024 remittor -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh -cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )" +cfg_run_on_boot="$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )" opt_flags=${1:--} opt_strat=$2 @@ -15,7 +15,7 @@ fi create_default_cfg "$opt_flags" "$opt_strat" if [ "$cfg_run_on_boot" = "1" ]; then - uci set zapret.config.run_on_boot=1 + uci set $ZAPRET_CFG_NAME.config.run_on_boot=1 uci commit fi @@ -29,5 +29,5 @@ fi if [ "$ZAPRET_SYNC_CONFIG" = "1" ]; then # renew main config - /opt/zapret/sync_config.sh + /opt/zapret2/sync_config.sh fi diff --git a/zapret/sync_config.sh b/zapret/sync_config.sh index fbc9b94..f25f633 100755 --- a/zapret/sync_config.sh +++ b/zapret/sync_config.sh @@ -1,7 +1,7 @@ #!/bin/sh # Copyright (c) 2024 remittor -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh function uncomment_param { @@ -41,17 +41,17 @@ function sync_param { local param=$1 local vtype=$2 - local value="$( uci -q get zapret.config.$param )" + local value="$( uci -q get zapret2.config.$param )" uncomment_param $param append_param $param local TAB="$( echo -n -e '\t' )" if [ "$value" = "$TAB" ]; then value="" fi - if [ "$param" = "NFQWS_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS_PORTS_UDP_KEEPALIVE" ]; then + if [ "$param" = "NFQWS2_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS2_PORTS_UDP_KEEPALIVE" ]; then [ "$value" = "0" ] && value="" fi - if [ "$param" = "NFQWS_OPT" -a "$value" != "" ]; then + if [ "$param" = "NFQWS2_OPT" -a "$value" != "" ]; then value=$( echo -n "$value" | sed '/^#/d' ) fi if [ "$vtype" = "str" ]; then @@ -92,19 +92,19 @@ sync_param AUTOHOSTLIST_FAIL_THRESHOLD sync_param AUTOHOSTLIST_FAIL_TIME sync_param AUTOHOSTLIST_DEBUGLOG -sync_param NFQWS_ENABLE +sync_param NFQWS2_ENABLE sync_param DESYNC_MARK sync_param DESYNC_MARK_POSTNAT sync_param FILTER_MARK str -sync_param NFQWS_PORTS_TCP str -sync_param NFQWS_PORTS_UDP str -sync_param NFQWS_TCP_PKT_OUT str -sync_param NFQWS_TCP_PKT_IN str -sync_param NFQWS_UDP_PKT_OUT str -sync_param NFQWS_UDP_PKT_IN str -sync_param NFQWS_PORTS_TCP_KEEPALIVE str -sync_param NFQWS_PORTS_UDP_KEEPALIVE str -sync_param NFQWS_OPT str +sync_param NFQWS2_PORTS_TCP str +sync_param NFQWS2_PORTS_UDP str +sync_param NFQWS2_TCP_PKT_OUT str +sync_param NFQWS2_TCP_PKT_IN str +sync_param NFQWS2_UDP_PKT_OUT str +sync_param NFQWS2_UDP_PKT_IN str +sync_param NFQWS2_PORTS_TCP_KEEPALIVE str +sync_param NFQWS2_PORTS_UDP_KEEPALIVE str +sync_param NFQWS2_OPT str ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED" diff --git a/zapret/uci-def-cfg.sh b/zapret/uci-def-cfg.sh index 6354852..d6f35ce 100755 --- a/zapret/uci-def-cfg.sh +++ b/zapret/uci-def-cfg.sh @@ -1,17 +1,17 @@ #!/bin/sh # Copyright (c) 2024 remittor -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh # create empty txt files into ipset directory -[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt" -#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt" -[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt" -[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" -#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt" -[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt" -[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt" -[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt" +[ ! -f "/opt/zapret2/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-google.txt" +#[ ! -f "/opt/zapret2/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-auto.txt" +[ ! -f "/opt/zapret2/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-user.txt" +[ ! -f "/opt/zapret2/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-user-ipban.txt" +#[ ! -f "/opt/zapret2/ipset/zapret-ip.txt" ] && touch "/opt/zapret2/ipset/zapret-ip.txt" +[ ! -f "/opt/zapret2/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user.txt" +[ ! -f "/opt/zapret2/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user-exclude.txt" +[ ! -f "/opt/zapret2/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user-ipban.txt" # create or merge uci-config $ZAPRET_BASE/renew-cfg.sh diff --git a/zapret/update-pkg.sh b/zapret/update-pkg.sh index 4221ab1..03bed17 100755 --- a/zapret/update-pkg.sh +++ b/zapret/update-pkg.sh @@ -1,7 +1,7 @@ #!/bin/sh # Copyright (c) 2025 remittor -. /opt/zapret/comfunc.sh +. /opt/zapret2/comfunc.sh . /usr/share/libubox/jshn.sh . /etc/openwrt_release @@ -21,7 +21,7 @@ while getopts "cu:pft:" opt; do esac done -ZAP_PKG_DIR=/tmp/zapret_pkg +ZAP_PKG_DIR=/tmp/zapret2_pkg if [ "$opt_test" != "" ]; then echo 1; sleep 2; @@ -34,7 +34,7 @@ if [ "$opt_test" != "" ]; then fi ZAP_CPU_ARCH=$(get_cpu_arch) -ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap1_$ZAP_CPU_ARCH.json" +ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap2_$ZAP_CPU_ARCH.json" CURL_TIMEOUT=5 CURL_HEADER1="Accept: application/json" @@ -279,7 +279,7 @@ ZAP_PKG_FN= ZAP_PKG_BASE_FN= ZAP_PKG_LUCI_FN= -ZAP_CUR_PKG_VER=$( get_pkg_version zapret ) +ZAP_CUR_PKG_VER=$( get_pkg_version zapret2 ) echo "Current installed version: $ZAP_CUR_PKG_VER" if [ "$opt_update" = "" ]; then @@ -334,7 +334,7 @@ if [ "$opt_update" != "" ]; then return 0 fi fi - ZAP_PKG_DIR=/tmp/zapret_pkg + ZAP_PKG_DIR=/tmp/zapret2_pkg rm -rf $ZAP_PKG_DIR ZAP_PKG_HDRS=$( curl -s -I -L --max-time $CURL_TIMEOUT -H "$CURL_HEADER2" "$ZAP_PKG_URL" ) ZAP_PKG_SIZE=$( echo "$ZAP_PKG_HDRS" | grep -i 'content-length: ' | tail -n1 | awk '{print $2}' | tr -d '\r' ) @@ -372,10 +372,10 @@ if [ "$opt_update" != "" ]; then echo "------ Downloaded packages:" echo "$ZAP_PKG_LIST" echo "------" - ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "zapret_*.${ZAP_PKG_EXT}" | head -n 1 ) + ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "zapret2_*.${ZAP_PKG_EXT}" | head -n 1 ) ZAP_PKG_LUCI_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "luci-app-*.${ZAP_PKG_EXT}" | head -n 1 ) if [ ! -f "$ZAP_PKG_BASE_FN" ]; then - echo "ERROR: File \"zapret_*.${ZAP_PKG_EXT}\" not found!" + echo "ERROR: File \"zapret2_*.${ZAP_PKG_EXT}\" not found!" return 231 fi echo "ZAP_PKG_BASE_FN = $ZAP_PKG_BASE_FN"