Mirror/zapret-openwrt
1
0
Fork 0
mirror of https://github.com/remittor/zapret-openwrt.git synced 2025-12-22 15:38:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add support Zapret2

Browse Source 
Sources: https://github.com/bol-van/zapret2
This commit is contained in:
remittor
2025-12-18 16:35:13 +03:00
parent 9298388a12
commit 7a4825a708
25 changed files with 325 additions and 546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/build.yml vendored
View File

@@ -208,7 +208,7 @@ jobs:
shell: bash shell: bash
run: | run: |
PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt
MKFN=$PKGDIR/luci-app-zapret/Makefile MKFN=$PKGDIR/luci-app-zapret2/Makefile
PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 ) PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 )
PKGREL=$( grep -s '^PKG_RELEASE:=.*' $MKFN | cut -d'=' -f2 ) PKGREL=$( grep -s '^PKG_RELEASE:=.*' $MKFN | cut -d'=' -f2 )
[ "$PKGREL" != "1" ] && PKGVER=$PKGVER-r$PKGREL [ "$PKGREL" != "1" ] && PKGVER=$PKGVER-r$PKGREL
@@ -252,9 +252,9 @@ jobs:
cat .config cat .config
echo "------------- .config END -------------------" echo "------------- .config END -------------------"
if [ "$ARCH" = "$LUCI_ARCH" ]; then if [ "$ARCH" = "$LUCI_ARCH" ]; then
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile` PKGLIST=`echo package/zapret-openwrt/{zapret2,zapret2-mdig,zapret2-ip2net,luci-app-zapret2}/compile`
else else
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net}/compile` PKGLIST=`echo package/zapret-openwrt/{zapret2,zapret2-mdig,zapret2-ip2net}/compile`
fi fi
if [ "$MAX_SPEED" = "false" ]; then if [ "$MAX_SPEED" = "false" ]; then
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1 make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
@@ -264,11 +264,11 @@ jobs:
else else
OUT_DIR=./bin/packages/dev_x/base OUT_DIR=./bin/packages/dev_x/base
mkdir -p $OUT_DIR mkdir -p $OUT_DIR
touch $OUT_DIR/zapret_$PKGVER-$ARCH.$PKGTYPE touch $OUT_DIR/zapret2_$PKGVER-$ARCH.$PKGTYPE
touch $OUT_DIR/luci-app-zapret_$PKGVER-all.$PKGTYPE touch $OUT_DIR/luci-app-zapret2_$PKGVER-all.$PKGTYPE
fi fi
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete find ./bin/packages/*/base -type f ! -regex ".*\(zapret2\).*\.[ai]pk$" -delete
#echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source" #echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source"
#ln -s `which usign` staging_dir/host/bin/usign #ln -s `which usign` staging_dir/host/bin/usign
@@ -339,7 +339,7 @@ jobs:
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \; find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \;
find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \; find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \;
mkdir -p public mkdir -p public
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \; find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret2_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \;
ls -lh ./public/*.zip ls -lh ./public/*.zip
- name: Upload assets - name: Upload assets
@@ -351,7 +351,7 @@ jobs:
draft: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }} draft: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }}
prerelease: true prerelease: true
tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }} tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }}
name: zapret v${{ needs.build.outputs.pkgver }} name: zapret2 v${{ needs.build.outputs.pkgver }}
body: | body: |
zapret v${{ needs.build.outputs.pkgver }} for OpenWrt zapret2 v${{ needs.build.outputs.pkgver }} for OpenWrt
files: ./public/*.zip files: ./public/*.zip

2
README.md
View File

@@ -6,7 +6,7 @@
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate) [![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)
# zapret-openwrt # zapret-openwrt
Zapret is not a VPN! Zapret is an Anti-DPI utility! Zapret2 is not a VPN! Zapret2 is an Anti-DPI utility!
[Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapretopenwrt-package) [Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapretopenwrt-package)

8
luci-app-zapret/Makefile
View File

@@ -4,14 +4,14 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-zapret PKG_NAME:=luci-app-zapret2
PKG_VERSION:=72.20251218 PKG_VERSION:=0.7.20251218
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=MIT PKG_LICENSE:=MIT
PKG_MAINTAINER:=remittor <https://github.com/remittor> PKG_MAINTAINER:=remittor <https://github.com/remittor>
LUCI_TITLE:=LuCI support for zapret LUCI_TITLE:=LuCI support for zapret2
LUCI_DEPENDS:=+zapret LUCI_DEPENDS:=+zapret2
LUCI_PKGARCH:=all LUCI_PKGARCH:=all
define Package/$(PKG_NAME)/postinst define Package/$(PKG_NAME)/postinst

6
luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js
View File

@@ -11,7 +11,7 @@ return view.extend({
retrieveLog: async function() { retrieveLog: async function() {
return Promise.all([ return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null), L.resolveDefault(fs.stat('/bin/cat'), null),
fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret+*.log' ]), fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret2+*.log' ]),
uci.load(tools.appName), uci.load(tools.appName),
]).then(function(status_array) { ]).then(function(status_array) {
var filereader = status_array[0] ? status_array[0].path : null; var filereader = status_array[0] ? status_array[0].path : null;
@@ -130,7 +130,7 @@ return view.extend({
return; return;
} }
var h2 = E('div', {'class' : 'cbi-title-section'}, [ var h2 = E('div', {'class' : 'cbi-title-section'}, [
E('h2', {'class': 'cbi-title-field'}, [ _('Zapret') + ' - ' + _('Log Viewer') ]), E('h2', {'class': 'cbi-title-field'}, [ _('Zapret2') + ' - ' + _('Log Viewer') ]),
]); ]);
var tabs = E('div', {}, E('div')); var tabs = E('div', {}, E('div'));
@@ -140,7 +140,7 @@ return view.extend({
var logfn = logdata[log_num].filename; var logfn = logdata[log_num].filename;
let filename = logfn.replace(/.*\//, ''); let filename = logfn.replace(/.*\//, '');
let fname = filename.split('.')[0]; let fname = filename.split('.')[0];
fname = fname.replace(/^(zapret\+)/, ''); fname = fname.replace(/^(zapret2\+)/, '');
let fn = fname.split('+'); let fn = fname.split('+');
let tabNameText = fname.replace(/\+/g, ' '); let tabNameText = fname.replace(/\+/g, ' ');

24
luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js
View File

@@ -4,8 +4,8 @@
'require uci'; 'require uci';
'require ui'; 'require ui';
'require view'; 'require view';
'require view.zapret.tools as tools'; 'require view.zapret2.tools as tools';
'require view.zapret.updater as updater'; 'require view.zapret2.updater as updater';
const btn_style_neutral = 'btn'; const btn_style_neutral = 'btn';
const btn_style_action = 'btn cbi-button-action'; const btn_style_action = 'btn cbi-button-action';
@@ -55,7 +55,7 @@ return view.extend({
]).catch(e => { ]).catch(e => {
ui.addNotification(null, E('p', _('Unable to execute or read contents') ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ %s | %s | %s ]'.format( + ': %s [ %s | %s | %s ]'.format(
e.message, tools.execPath, 'tools.getInitState', 'uci.zapret' e.message, tools.execPath, 'tools.getInitState', 'uci.zapret2'
))); )));
}); });
}, },
@@ -249,8 +249,8 @@ return view.extend({
strat_list.push( E('option', { value: 'strat_' + id }, [ strat ] ) ); strat_list.push( E('option', { value: 'strat_' + id }, [ strat ] ) );
} }
let nfqws_strat = E('label', [ let nfqws_strat = E('label', [
_('NFQWS_OPT strategy: '), _('NFQWS2_OPT strategy: '),
E('select', { id: 'cfg_nfqws_strat' }, strat_list) E('select', { id: 'cfg_nfqws2_strat' }, strat_list)
]); ]);
let cancel_button = E('button', { let cancel_button = E('button', {
@@ -274,7 +274,7 @@ return view.extend({
opt_flags += '(set_mode_autohostlist)'; opt_flags += '(set_mode_autohostlist)';
}; };
//console.log('RESET: opt_flags = ' + opt_flags); //console.log('RESET: opt_flags = ' + opt_flags);
let sel_strat = document.getElementById('cfg_nfqws_strat'); let sel_strat = document.getElementById('cfg_nfqws2_strat');
let opt_strat = sel_strat.options[sel_strat.selectedIndex].text; let opt_strat = sel_strat.options[sel_strat.selectedIndex].text;
//console.log('RESET: strat = ' + opt_strat); //console.log('RESET: strat = ' + opt_strat);
opt_flags += '(sync)'; opt_flags += '(sync)';
@@ -399,23 +399,23 @@ return view.extend({
poll.add(L.bind(this.statusPoll, this)); poll.add(L.bind(this.statusPoll, this));
let page_title = _('Zapret'); let page_title = _('Zapret2');
let pkgdict = tools.decode_pkg_list(pkg_list.stdout, false); let pkgdict = tools.decode_pkg_list(pkg_list.stdout, false);
page_title += ' &nbsp '; page_title += ' &nbsp ';
if (pkgdict['zapret'] === undefined || pkgdict['zapret'] == '') { if (pkgdict['zapret2'] === undefined || pkgdict['zapret2'] == '') {
page_title += 'unknown version'; page_title += 'unknown version';
} else { } else {
page_title += 'v' + pkgdict['zapret']; page_title += 'v' + pkgdict['zapret2'];
} }
let aux1 = E('em'); let aux1 = E('em');
let aux2 = E('em'); let aux2 = E('em');
if (pkgdict['zapret'] != pkgdict['luci-app-zapret']) { if (pkgdict['zapret2'] != pkgdict['luci-app-zapret2']) {
let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret'] + ' [ incorrect version! ]'; let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret2'] + ' [ incorrect version! ]';
aux1 = E('div', { 'class': 'label-status error' }, errtxt); aux1 = E('div', { 'class': 'label-status error' }, errtxt);
aux2 = E('div', { }, '&nbsp'); aux2 = E('div', { }, '&nbsp');
} }
let url1 = 'https://github.com/bol-van/zapret'; let url1 = 'https://github.com/bol-van/zapret2';
let url2 = 'https://github.com/remittor/zapret-openwrt'; let url2 = 'https://github.com/remittor/zapret-openwrt';
return E([ return E([

26
luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
View File

@@ -5,7 +5,7 @@
'require uci'; 'require uci';
'require ui'; 'require ui';
'require view'; 'require view';
'require view.zapret.tools as tools'; 'require view.zapret2.tools as tools';
return view.extend({ return view.extend({
parsers: { }, parsers: { },
@@ -48,7 +48,7 @@ return view.extend({
let m, s, o, tabname; let m, s, o, tabname;
m = new form.Map(tools.appName, _('Zapret') + ' - ' + _('Settings')); m = new form.Map(tools.appName, _('Zapret2') + ' - ' + _('Settings'));
s = m.section(form.NamedSection, 'config'); s = m.section(form.NamedSection, 'config');
s.anonymous = true; s.anonymous = true;
@@ -106,8 +106,8 @@ return view.extend({
/* NFQWS_OPT_DESYNC tab */ /* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params'; tabname = 'nfqws2_params';
s.tab(tabname, _('NFQWS options')); s.tab(tabname, _('NFQWS2 options'));
let add_delim = function(sec, url = null) { let add_delim = function(sec, url = null) {
let o = sec.taboption(tabname, form.DummyValue, '_hr'); let o = sec.taboption(tabname, form.DummyValue, '_hr');
@@ -154,7 +154,7 @@ return view.extend({
btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show(); btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show();
}; };
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE')); o = s.taboption(tabname, form.Flag, 'NFQWS2_ENABLE', _('NFQWS2_ENABLE'));
o.rmempty = false; o.rmempty = false;
o.default = 1; o.default = 1;
@@ -173,31 +173,31 @@ return view.extend({
o.validate = function(section_id, value) { return true; }; o.validate = function(section_id, value) { return true; };
o.write = function(section_id, value) { return form.Value.prototype.write.call(this, section_id, (value == null || value.trim() == '') ? "\t" : value.trim()); }; o.write = function(section_id, value) { return form.Value.prototype.write.call(this, section_id, (value == null || value.trim() == '') ? "\t" : value.trim()); };
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP')); o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP', _('NFQWS2_PORTS_TCP'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP')); o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_UDP', _('NFQWS2_PORTS_UDP'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT')); o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_OUT', _('NFQWS2_TCP_PKT_OUT'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN')); o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_IN', _('NFQWS2_TCP_PKT_IN'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT')); o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_OUT', _('NFQWS2_UDP_PKT_OUT'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN')); o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_IN', _('NFQWS2_UDP_PKT_IN'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'string'; o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE')); o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP_KEEPALIVE', _('NFQWS2_PORTS_TCP_KEEPALIVE'));
o.rmempty = false; o.rmempty = false;
o.datatype = 'uinteger'; o.datatype = 'uinteger';
@@ -206,7 +206,7 @@ return view.extend({
o.datatype = 'uinteger'; o.datatype = 'uinteger';
add_delim(s, tools.nfqws_opt_url); add_delim(s, tools.nfqws_opt_url);
add_param(s, 'NFQWS_OPT', null, 21, 2); add_param(s, 'NFQWS2_OPT', null, 21, 2);
/* AutoHostList settings */ /* AutoHostList settings */

51
luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js
View File

@@ -36,32 +36,31 @@ document.head.append(E('style', {'type': 'text/css'},
return baseclass.extend({ return baseclass.extend({
packager : null, packager : null,
appName : 'zapret', appName : 'zapret2',
execPath : '/etc/init.d/zapret', execPath : '/etc/init.d/zapret2',
syncCfgPath : '/opt/zapret/sync_config.sh', syncCfgPath : '/opt/zapret2/sync_config.sh',
defCfgPath : '/opt/zapret/def-cfg.sh', defCfgPath : '/opt/zapret2/def-cfg.sh',
defaultCfgPath : '/opt/zapret/restore-def-cfg.sh', defaultCfgPath : '/opt/zapret2/restore-def-cfg.sh',
hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt', hostsGoogleFN : '/opt/zapret2/ipset/zapret-hosts-google.txt',
hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt', hostsUserFN : '/opt/zapret2/ipset/zapret-hosts-user.txt',
hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt', hostsUserExcludeFN: '/opt/zapret2/ipset/zapret-hosts-user-exclude.txt',
iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt', iplstExcludeFN : '/opt/zapret2/ipset/zapret-ip-exclude.txt',
iplstUserFN : '/opt/zapret/ipset/zapret-ip-user.txt', iplstUserFN : '/opt/zapret2/ipset/zapret-ip-user.txt',
iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt', iplstUserExcludeFN: '/opt/zapret2/ipset/zapret-ip-user-exclude.txt',
custFileMax : 4, custFileMax : 4,
custFileTemplate : '/opt/zapret/ipset/cust%s.txt', custFileTemplate : '/opt/zapret2/ipset/cust%s.txt',
customdPrefixList : [ 10, 20, 50, 60, 90 ] , customdPrefixList : [ 10, 20, 50, 60, 90 ] ,
customdFileFormat : '/opt/zapret/init.d/openwrt/custom.d/%s-script.sh', customdFileFormat : '/opt/zapret2/init.d/openwrt/custom.d/%s-script.sh',
discord_num : 50, discord_num : 50,
discord_url : [ 'https://github.com/bol-van/zapret/blob/4e8e3a9ed9dbeb1156db68dfaa7b353051c13797/init.d/custom.d.examples.linux/50-discord', discord_url : [ 'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-discord-media',
'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-discord-media', 'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-stun4all',
'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-stun4all', 'https://github.com/bol-van/zapret2/tree/master/init.d/custom.d.examples.linux'
'https://github.com/bol-van/zapret/tree/master/init.d/custom.d.examples.linux'
], ],
nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/168', nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/',
autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt', autoHostListFN : '/opt/zapret2/ipset/zapret-hosts-auto.txt',
autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log', autoHostListDbgFN : '/opt/zapret2/ipset/zapret-hosts-auto-debug.log',
infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>', infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>',
infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>', infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
@@ -106,11 +105,11 @@ return baseclass.extend({
if (L.hasSystemFeature('apk')) { if (L.hasSystemFeature('apk')) {
this.packager.name = 'apk'; this.packager.name = 'apk';
this.packager.path = '/usr/bin/apk'; this.packager.path = '/usr/bin/apk';
this.packager.args = [ 'list', '-I', '*zapret*' ]; this.packager.args = [ 'list', '-I', '*zapret2*' ];
} else { } else {
this.packager.name = 'opkg'; this.packager.name = 'opkg';
this.packager.path = '/bin/opkg'; this.packager.path = '/bin/opkg';
this.packager.args = [ 'list-installed', '*zapret*' ]; this.packager.args = [ 'list-installed', '*zapret2*' ];
} }
//console.log('PACKAGER: ' + this.packager.name); //console.log('PACKAGER: ' + this.packager.name);
} }
@@ -271,9 +270,9 @@ return baseclass.extend({
return -4; return -4;
} }
let jdata = svc_info; let jdata = svc_info;
if (typeof(jdata.zapret) == 'object') { if (typeof(jdata.zapret2) == 'object') {
result.dmn.inited = true; result.dmn.inited = true;
let dmn_list = jdata.zapret.instances; let dmn_list = jdata.zapret2.instances;
if (typeof(dmn_list) == 'object') { if (typeof(dmn_list) == 'object') {
for (const [dmn_name, daemon] of Object.entries(dmn_list)) { for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1; result.dmn.total += 1;
@@ -470,7 +469,7 @@ return baseclass.extend({
}, },
load: function() { load: function() {
let value = uci.get('zapret', this.cfgsec, this.cfgparam); let value = uci.get('zapret2', this.cfgsec, this.cfgparam);
if (typeof(value) === 'string') { if (typeof(value) === 'string') {
value = value.trim(); value = value.trim();
if (this.multiline == 2) { if (this.multiline == 2) {
@@ -544,7 +543,7 @@ return baseclass.extend({
} }
value = value.replace(/˂/g, '<'); value = value.replace(/˂/g, '<');
value = value.replace(/˃/g, '>'); value = value.replace(/˃/g, '>');
uci.set('zapret', this.cfgsec, this.cfgparam, value); uci.set('zapret2', this.cfgsec, this.cfgparam, value);
uci.save(); uci.save();
let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam); let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam);
if (elem) { if (elem) {

8
luci-app-zapret/htdocs/luci-static/resources/view/zapret/updater.js
View File

@@ -5,7 +5,7 @@
'require uci'; 'require uci';
'require ui'; 'require ui';
'require view'; 'require view';
'require view.zapret.tools as tools'; 'require view.zapret2.tools as tools';
const btn_style_neutral = 'btn'; const btn_style_neutral = 'btn';
const btn_style_action = 'btn cbi-button-action'; const btn_style_action = 'btn cbi-button-action';
@@ -14,7 +14,7 @@ const btn_style_negative = 'btn cbi-button-reset important';
const btn_style_warning = 'btn cbi-button-negative'; const btn_style_warning = 'btn cbi-button-negative';
const btn_style_success = 'btn cbi-button-success important'; const btn_style_success = 'btn cbi-button-success important';
const fn_update_pkg_sh = '/opt/zapret/update-pkg.sh'; const fn_update_pkg_sh = '/opt/zapret2/update-pkg.sh';
return baseclass.extend({ return baseclass.extend({
releasesUrlPrefix : 'https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/', releasesUrlPrefix : 'https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/',
@@ -104,7 +104,7 @@ return baseclass.extend({
} }
let rpc_opt = { timeout: 5*1000 } let rpc_opt = { timeout: 5*1000 }
//rpc_opt.uid = 0; // run under root //rpc_opt.uid = 0; // run under root
const logFile = '/tmp/zapret_pkg_install.log'; const logFile = '/tmp/zapret2_pkg_install.log';
const rcFile = logFile + '.rc'; const rcFile = logFile + '.rc';
try { try {
await fs.exec('/bin/busybox', [ 'rm', '-f', logFile + '*' ], null, rpc_opt); await fs.exec('/bin/busybox', [ 'rm', '-f', logFile + '*' ], null, rpc_opt);
@@ -118,7 +118,7 @@ return baseclass.extend({
let opt = [ logFile, fn_update_pkg_sh ]; let opt = [ logFile, fn_update_pkg_sh ];
//opt.push('-t'); opt.push('0'); // only for testing //opt.push('-t'); opt.push('0'); // only for testing
opt.push(...opt_list); opt.push(...opt_list);
let res = await fs.exec('/opt/zapret/script-exec.sh', opt, null, rpc_opt); let res = await fs.exec('/opt/zapret2/script-exec.sh', opt, null, rpc_opt);
if (res.code == 0) { if (res.code == 0) {
this.appendLog('Process started...'); this.appendLog('Process started...');
} else { } else {

32
luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json
View File

@@ -1,46 +1,48 @@
{ {
"admin/services/zapret": { "admin/services/zapret2": {
"title": "Zapret", "title": "Zapret2",
"order": 61, "order": 62,
"action": { "action": {
"type": "alias", "type": "alias",
"path": "admin/services/zapret/service" "path": "admin/services/zapret2/service"
}, },
"depends": { "depends": {
"acl": [ "luci-app-zapret" ], "acl": [ "luci-app-zapret2" ],
"fs": { "fs": {
"/opt/zapret/sync_config.sh": "executable", "/opt/zapret2/sync_config.sh": "executable",
"/opt/zapret/restore-def-cfg.sh": "executable", "/opt/zapret2/restore-def-cfg.sh": "executable",
"/etc/init.d/zapret": "executable" "/opt/zapret2/script-exec.sh": "executable",
"/opt/zapret2/update-pkg.sh.sh": "executable",
"/etc/init.d/zapret2": "executable"
}, },
"uci": { "zapret": true } "uci": { "zapret2": true }
} }
}, },
"admin/services/zapret/service": { "admin/services/zapret2/service": {
"title": "Service", "title": "Service",
"order": 10, "order": 10,
"action": { "action": {
"type": "view", "type": "view",
"path": "zapret/service" "path": "zapret2/service"
} }
}, },
"admin/services/zapret/settings": { "admin/services/zapret2/settings": {
"title": "Settings", "title": "Settings",
"order": 20, "order": 20,
"action": { "action": {
"type": "view", "type": "view",
"path": "zapret/settings" "path": "zapret2/settings"
} }
}, },
"admin/services/zapret/dmnlog": { "admin/services/zapret2/dmnlog": {
"title": "Log Viewer", "title": "Log Viewer",
"order": 30, "order": 30,
"action": { "action": {
"type": "view", "type": "view",
"path": "zapret/dmnlog" "path": "zapret2/dmnlog"
} }
} }
} }

30
luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json
View File

@@ -1,27 +1,27 @@
{ {
"luci-app-zapret": { "luci-app-zapret2": {
"description": "Grant access to zapret procedures", "description": "Grant access to zapret2 procedures",
"read": { "read": {
"cgi-io": [ "exec" ], "cgi-io": [ "exec" ],
"file": { "file": {
"/opt/zapret/config": [ "read" ], "/opt/zapret2/config": [ "read" ],
"/opt/zapret/ipset/*": [ "read" ], "/opt/zapret2/ipset/*": [ "read" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "read" ], "/opt/zapret2/init.d/openwrt/custom.d/*": [ "read" ],
"/etc/crontabs/root": [ "read" ], "/etc/crontabs/root": [ "read" ],
"/tmp/zapret*": [ "read" ], "/tmp/zapret*": [ "read" ],
"/etc/init.d/zapret*": [ "exec" ], "/etc/init.d/zapret2*": [ "exec" ],
"/bin/ps*": [ "exec" ], "/bin/ps*": [ "exec" ],
"/bin/cat*": [ "exec" ], "/bin/cat*": [ "exec" ],
"/bin/busybox*": [ "exec" ], "/bin/busybox*": [ "exec" ],
"/bin/opkg*": [ "exec" ], "/bin/opkg*": [ "exec" ],
"/usr/bin/apk*": [ "exec" ], "/usr/bin/apk*": [ "exec" ],
"/usr/bin/find*": [ "exec" ], "/usr/bin/find*": [ "exec" ],
"/opt/zapret/restore-def-cfg.sh*": [ "exec" ], "/opt/zapret2/restore-def-cfg.sh*": [ "exec" ],
"/opt/zapret/script-exec.sh*": [ "exec" ], "/opt/zapret2/script-exec.sh*": [ "exec" ],
"/opt/zapret/update-pkg.sh*": [ "exec" ], "/opt/zapret2/update-pkg.sh*": [ "exec" ],
"/opt/zapret/sync_config.sh*": [ "exec" ] "/opt/zapret2/sync_config.sh*": [ "exec" ]
}, },
"uci": [ "zapret", "network" ], "uci": [ "zapret2", "network" ],
"ubus": { "ubus": {
"luci": [ "getInitList", "setInitAction" ], "luci": [ "getInitList", "setInitAction" ],
"service": [ "list" ] "service": [ "list" ]
@@ -29,12 +29,12 @@
}, },
"write": { "write": {
"file": { "file": {
"/opt/zapret/config": [ "write" ], "/opt/zapret2/config": [ "write" ],
"/opt/zapret/ipset/*": [ "write" ], "/opt/zapret2/ipset/*": [ "write" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "write" ], "/opt/zapret2/init.d/openwrt/custom.d/*": [ "write" ],
"/etc/crontabs/root": [ "write" ] "/etc/crontabs/root": [ "write" ]
}, },
"uci": [ "zapret" ] "uci": [ "zapret2" ]
} }
} }
} }

18
zapret-ip2net/Makefile
View File

@@ -1,20 +1,20 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-ip2net PKG_NAME:=zapret2-ip2net
PKG_VERSION:=72.20251218 PKG_VERSION:=0.7.20251218
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=bol-van PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601
PKG_SOURCE_DATE:=2025-12-18 PKG_SOURCE_DATE:=2025-12-18
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip #PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@@ -28,8 +28,8 @@ define Package/$(PKG_NAME)
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
TITLE:=ip2net TITLE:=ip2net
SUBMENU:=Zapret SUBMENU:=Zapret2
DEPENDS:=+zlib +zapret DEPENDS:=+zlib +zapret2
endef endef
define Build/Prepare define Build/Prepare
@@ -38,8 +38,8 @@ define Build/Prepare
endef endef
define Package/$(PKG_NAME)/install define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/ip2net $(INSTALL_DIR) $(1)/opt/zapret2/ip2net
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net $(1)/opt/zapret/ip2net/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net $(1)/opt/zapret2/ip2net/
endef endef
$(eval $(call BuildPackage,$(PKG_NAME))) $(eval $(call BuildPackage,$(PKG_NAME)))

18
zapret-mdig/Makefile
View File

@@ -1,20 +1,20 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-mdig PKG_NAME:=zapret2-mdig
PKG_VERSION:=72.20251218 PKG_VERSION:=0.7.20251218
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=bol-van PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601
PKG_SOURCE_DATE:=2025-12-18 PKG_SOURCE_DATE:=2025-12-18
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip #PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@@ -28,8 +28,8 @@ define Package/$(PKG_NAME)
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
TITLE:=mdig TITLE:=mdig
SUBMENU:=Zapret SUBMENU:=Zapret2
DEPENDS:=+zlib +zapret DEPENDS:=+zlib +zapret2
endef endef
define Build/Prepare define Build/Prepare
@@ -38,8 +38,8 @@ define Build/Prepare
endef endef
define Package/$(PKG_NAME)/install define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/mdig $(INSTALL_DIR) $(1)/opt/zapret2/mdig
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig $(1)/opt/zapret/mdig/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig $(1)/opt/zapret2/mdig/
endef endef
$(eval $(call BuildPackage,$(PKG_NAME))) $(eval $(call BuildPackage,$(PKG_NAME)))

45
zapret-tpws/Makefile
View File

@@ -1,45 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-tpws
PKG_VERSION:=72.20251218
PKG_RELEASE:=1
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732
PKG_SOURCE_DATE:=2025-12-18
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=tpws
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=tpws
SUBMENU:=Zapret
DEPENDS:=+zlib +libcap +zapret
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/tpws
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws $(1)/opt/zapret/tpws/
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

202
zapret/Makefile
View File

@@ -1,24 +1,24 @@
# #
# Copyright (c) 2024 remittor # Copyright (c) 2025 remittor
# #
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=zapret PKG_NAME:=zapret2
PKG_VERSION:=72.20251218 PKG_VERSION:=0.7.20251218
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=bol-van PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=994e9c34883ddc95e51c8285f134bd01fd6b6732 PKG_SOURCE_VERSION:=6d249528e4aea7a8f6edc0b69dddb95e35116601
PKG_SOURCE_DATE:=2025-12-18 PKG_SOURCE_DATE:=2025-12-18
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz #PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz? #PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip #PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@@ -26,14 +26,14 @@ include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) #TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) #TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=nfq MAKE_PATH:=nfq2
define Package/$(PKG_NAME) define Package/$(PKG_NAME)
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
TITLE:=$(PKG_NAME) TITLE:=$(PKG_NAME)
SUBMENU:=Zapret SUBMENU:=Zapret2
URL:=https://github.com/bol-van/zapret URL:=https://github.com/bol-van/zapret2
DEPENDS:= +nftables +curl +gzip DEPENDS:= +nftables +curl +gzip
DEPENDS+= +coreutils +coreutils-sort +coreutils-sleep DEPENDS+= +coreutils +coreutils-sort +coreutils-sleep
DEPENDS+= +kmod-nft-nat +kmod-nft-offload +kmod-nft-queue DEPENDS+= +kmod-nft-nat +kmod-nft-offload +kmod-nft-queue
@@ -42,7 +42,7 @@ endef
define Build/Prepare define Build/Prepare
$(Build/Prepare/Default) $(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2
endef endef
#define Build/Configure #define Build/Configure
@@ -52,89 +52,85 @@ endef
#endef #endef
define Package/$(PKG_NAME)/conffiles define Package/$(PKG_NAME)/conffiles
/etc/config/zapret /etc/config/zapret2
/opt/zapret/config /opt/zapret2/config
/opt/zapret/ipset/ /opt/zapret2/ipset/
/opt/zapret/init.d/openwrt/custom.d/ /opt/zapret2/init.d/openwrt/custom.d/
endef endef
define Package/$(PKG_NAME)/install define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret $(INSTALL_DIR) $(1)/opt/zapret2
$(INSTALL_DIR) $(1)/opt/zapret/$(MAKE_PATH) $(INSTALL_DIR) $(1)/opt/zapret2/$(MAKE_PATH)
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws $(1)/opt/zapret/$(MAKE_PATH)/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2 $(1)/opt/zapret2/$(MAKE_PATH)/
$(INSTALL_DIR) $(1)/opt/zapret/common $(INSTALL_DIR) $(1)/opt/zapret2/common
$(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret/common/ $(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret2/common/
#$(INSTALL_DIR) $(1)/opt/zapret/docs $(INSTALL_DIR) $(1)/opt/zapret2/lua
#$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret/docs/ $(CP) $(PKG_BUILD_DIR)/lua/* $(1)/opt/zapret2/lua/
$(INSTALL_DIR) $(1)/opt/zapret/files #$(INSTALL_DIR) $(1)/opt/zapret2/docs
$(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret/files/ #$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret2/docs/
$(CP) ./files/* $(1)/opt/zapret/files/ $(INSTALL_DIR) $(1)/opt/zapret2/files
$(INSTALL_DIR) $(1)/opt/zapret/ipset $(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret2/files/
$(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/ $(CP) ./files/* $(1)/opt/zapret2/files/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh $(INSTALL_DIR) $(1)/opt/zapret2/ipset
#$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default $(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret2/ipset/
$(INSTALL_DIR) $(1)/opt/zapret/tmp $(INSTALL_DIR) $(1)/opt/zapret2/blockcheck2.d
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt $(CP) $(PKG_BUILD_DIR)/blockcheck2.d/* $(1)/opt/zapret2/blockcheck2.d/
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck2.sh $(1)/opt/zapret2/blockcheck2.sh
#$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret2/config.default
$(INSTALL_DIR) $(1)/opt/zapret2/tmp
$(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret2/init.d/openwrt/
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret $(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret2 $(1)/etc/hotplug.d/iface/90-zapret2
$(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret $(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret2
$(INSTALL_DATA) ./config.default $(1)/opt/zapret/config.default $(INSTALL_DATA) ./config.default $(1)/opt/zapret2/config.default
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset/zapret-hosts-user.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/opt/zapret/ipset_def $(INSTALL_DIR) $(1)/opt/zapret2/ipset_def
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset_def/zapret-hosts-google.txt $(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset_def/zapret-hosts-user.txt $(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset_def/zapret-hosts-user-exclude.txt $(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset_def/zapret-ip-exclude.txt $(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/opt/zapret/init.d $(INSTALL_DIR) $(1)/opt/zapret2/init.d
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt $(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt/custom.d $(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt/custom.d
$(CP) ./custom.d/* $(1)/opt/zapret/init.d/openwrt/custom.d/ $(CP) ./custom.d/* $(1)/opt/zapret2/init.d/openwrt/custom.d/
$(INSTALL_DIR) $(1)/etc/uci-defaults $(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret2-uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh $(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret2/uci-def-cfg.sh
$(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret/comfunc.sh $(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret2/comfunc.sh
$(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret/def-cfg.sh $(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret2/def-cfg.sh
$(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret/renew-cfg.sh $(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret2/renew-cfg.sh
$(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret/restore-def-cfg.sh $(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret2/restore-def-cfg.sh
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh $(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret2/sync_config.sh
$(INSTALL_BIN) ./script-exec.sh $(1)/opt/zapret/script-exec.sh $(INSTALL_BIN) ./script-exec.sh $(1)/opt/zapret2/script-exec.sh
$(INSTALL_BIN) ./update-pkg.sh $(1)/opt/zapret/update-pkg.sh $(INSTALL_BIN) ./update-pkg.sh $(1)/opt/zapret2/update-pkg.sh
# Fix permisions # Fix permisions
chmod 644 $(1)/opt/zapret/ipset/*.txt chmod 644 $(1)/opt/zapret2/ipset/*.txt
chmod 644 $(1)/opt/zapret/ipset_def/*.txt chmod 644 $(1)/opt/zapret2/ipset_def/*.txt
chmod 644 $(1)/opt/zapret/init.d/openwrt/custom.d/*.sh chmod 644 $(1)/opt/zapret2/init.d/openwrt/custom.d/*.sh
chmod 644 $(1)/opt/zapret/config.default chmod 644 $(1)/opt/zapret2/config.default
chmod 755 $(1)/opt/zapret/*.sh chmod 755 $(1)/opt/zapret2/*.sh
endef endef
define Package/$(PKG_NAME)/preinst define Package/$(PKG_NAME)/preinst
#!/bin/sh #!/bin/sh
# check if we are on real system # check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then if [ -z "$${IPKG_INSTROOT}" ]; then
if [ -f "/etc/init.d/zapret" ]; then if [ -f "/etc/init.d/zapret2" ]; then
SCRIPT=$$( readlink /etc/init.d/zapret ) SCRIPT=$$( readlink /etc/init.d/zapret2 )
if [ -n "$${SCRIPT}" ]; then if [ -n "$${SCRIPT}" ]; then
echo "Please uninstall original zapret utility!" echo "Please uninstall original zapret2 utility!"
exit 44 exit 44
fi fi
fi fi
if [ "$${PKG_UPGRADE}" = "1" ]; then if [ "$${PKG_UPGRADE}" = "1" ]; then
# stop service if PKG_UPGRADE # stop service if PKG_UPGRADE
if [ -x "/etc/init.d/zapret" ]; then if [ -x "/etc/init.d/zapret2" ]; then
/etc/init.d/zapret running && /etc/init.d/zapret stop >/dev/null 2>&1 /etc/init.d/zapret2 running && /etc/init.d/zapret2 stop >/dev/null 2>&1
fi
fi
if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then
if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then
CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' )
if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then
rm -f "/opt/zapret/ipset/zapret-hosts-user.txt"
fi
fi fi
fi fi
fi fi
@@ -145,40 +141,32 @@ define Package/$(PKG_NAME)/postinst
#!/bin/sh #!/bin/sh
# check if we are on real system # check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_CONFIG=/opt/zapret/config ZAPRET_CONFIG=/opt/zapret2/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default" ZAPRET_CONFIG_DEF="/opt/zapret2/config.default"
# creating main config if its not exists # creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi fi
# check obsolete format for main config
if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then
echo "Detect obsolute format for main config!"
ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup"
cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}"
echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}"
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# check existing uci-config # check existing uci-config
[ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0 [ -f "/etc/config/zapret2" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
# create or merge uci-config # create or merge uci-config
/opt/zapret/uci-def-cfg.sh /opt/zapret2/uci-def-cfg.sh
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config" [ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret2 merged with default uci-config"
# remove uci-default script from system dir (used into /etc/init.d/boot) # remove uci-default script from system dir (used into /etc/init.d/boot)
rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh rm -f /etc/uci-defaults/zapret2-uci-def-cfg.sh
# copy (sync) all params from uci-config to main config # copy (sync) all params from uci-config to main config
/opt/zapret/sync_config.sh /opt/zapret2/sync_config.sh
# check main config # check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58 sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58
# enable main service # enable main service
/etc/init.d/zapret enable /etc/init.d/zapret2 enable
# stop all # stop all
/etc/init.d/zapret stop_fw /etc/init.d/zapret2 stop_fw
/etc/init.d/zapret stop_daemons /etc/init.d/zapret2 stop_daemons
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
# start main service # start main service
/etc/init.d/zapret start /etc/init.d/zapret2 start
# restart firewall # restart firewall
[ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart [ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart
fi fi
@@ -189,15 +177,15 @@ define Package/$(PKG_NAME)/prerm
#!/bin/sh #!/bin/sh
# check if we are on real system # check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then if [ -z "$${IPKG_INSTROOT}" ]; then
EXEDIR=/opt/zapret EXEDIR=/opt/zapret2
ZAPRET_BASE=/opt/zapret ZAPRET_BASE=/opt/zapret2
ZAPRET_CONFIG=/opt/zapret/config ZAPRET_CONFIG=/opt/zapret2/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default" ZAPRET_CONFIG_DEF="/opt/zapret2/config.default"
OPENWRT_FW_INCLUDE=/etc/firewall.zapret OPENWRT_FW_INCLUDE=/etc/firewall.zapret2
# check main config # check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}" sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
exit 0 exit 0
fi fi
. "$${ZAPRET_CONFIG}" . "$${ZAPRET_CONFIG}"
@@ -205,9 +193,9 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
. "$${ZAPRET_BASE}/common/fwtype.sh" . "$${ZAPRET_BASE}/common/fwtype.sh"
. "$${ZAPRET_BASE}/common/nft.sh" . "$${ZAPRET_BASE}/common/nft.sh"
. "$${ZAPRET_BASE}/common/installer.sh" . "$${ZAPRET_BASE}/common/installer.sh"
/etc/init.d/zapret running && /etc/init.d/zapret stop /etc/init.d/zapret2 running && /etc/init.d/zapret2 stop
/etc/init.d/zapret disable /etc/init.d/zapret2 disable
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9 ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
remove_openwrt_firewall remove_openwrt_firewall
nft_del_table nft_del_table
restart_openwrt_firewall restart_openwrt_firewall
@@ -219,10 +207,10 @@ define Package/$(PKG_NAME)/postrm
#!/bin/sh #!/bin/sh
# check if we are on real system # check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then if [ -z "$${IPKG_INSTROOT}" ]; then
[ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg" [ -f "/etc/config/zapret2-opkg" ] && rm -f "/etc/config/zapret2-opkg"
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup" [ -f "/opt/zapret2/config" ] && cp -f /opt/zapret2/config "/opt/zapret2/config.backup"
#rm -rf /opt/zapret #rm -rf /opt/zapret2
#echo "Directory /opt/zapret removed!" #echo "Directory /opt/zapret2 removed!"
fi fi
exit 0 exit 0
endef endef

22
zapret/comfunc.sh
View File

@@ -1,18 +1,18 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2024 remittor
EXEDIR=/opt/zapret EXEDIR=/opt/zapret2
ZAPRET_BASE=/opt/zapret ZAPRET_BASE=/opt/zapret2
ZAPRET_INITD=/etc/init.d/zapret ZAPRET_INITD=/etc/init.d/zapret2
ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret" ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret2"
ZAPRET_CONFIG="$ZAPRET_BASE/config" ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new" ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default" ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret ZAPRET_CFG=/etc/config/zapret2
ZAPRET_CFG_NAME=zapret ZAPRET_CFG_NAME=zapret2
ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )" ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )"
. $ZAPRET_BASE/def-cfg.sh . $ZAPRET_BASE/def-cfg.sh
@@ -148,7 +148,7 @@ function merge_cfg_with_def_values
local cfgname=${1:-$ZAPRET_CFG_NAME} local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2 local force=$2
local cfgfile=/etc/config/$cfgname local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="zapret-default" local NEWCFGNAME="zapret2-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME" local NEWCFGFILE="/etc/config/$NEWCFGNAME"
local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )" local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
@@ -168,7 +168,7 @@ function merge_cfg_with_def_values
function remove_cron_task_logs function remove_cron_task_logs
{ {
if [ -f "$CRONTAB_FILE" ]; then if [ -f "$CRONTAB_FILE" ]; then
sed -i "/-name 'zapret\*.log' -size +/d" "$CRONTAB_FILE" sed -i "/-name 'zapret2\*.log' -size +/d" "$CRONTAB_FILE"
fi fi
} }
@@ -176,8 +176,8 @@ function insert_cron_task_logs
{ {
[ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE" [ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE"
[ ! -f "$CRONTAB_FILE" ] && return 1 [ ! -f "$CRONTAB_FILE" ] && return 1
if ! grep -q -e "-name 'zapret\*\.log' -size \+" "$CRONTAB_FILE"; then if ! grep -q -e "-name 'zapret2\*\.log' -size \+" "$CRONTAB_FILE"; then
echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE" echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret2*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE"
/etc/init.d/cron restart 2> /dev/null /etc/init.d/cron restart 2> /dev/null
fi fi
return 0 return 0
@@ -190,7 +190,7 @@ function init_before_start
[ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN" [ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN"
chmod 644 $ZAPRET_BASE/ipset/*.txt chmod 644 $ZAPRET_BASE/ipset/*.txt
chmod 666 $ZAPRET_BASE/ipset/*.log chmod 666 $ZAPRET_BASE/ipset/*.log
rm -f /tmp/zapret*.log rm -f /tmp/zapret2*.log
#*/ #*/
if [ "$DAEMON_LOG_ENABLE" = "1" ]; then if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
insert_cron_task_logs insert_cron_task_logs

49
zapret/config.default
View File

@@ -63,47 +63,31 @@ DESYNC_MARK_POSTNAT=0x20000000
FILTER_MARK="" FILTER_MARK=""
TPWS_SOCKS_ENABLE=0 NFQWS2_ENABLE=1
# tpws socks listens on this port on localhost and LAN interfaces
TPPORT_SOCKS=987
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
TPWS_ENABLE=0
TPWS_PORTS="80,443"
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
NFQWS_ENABLE=1
# redirect outgoing traffic with connbytes limiter applied in both directions. # redirect outgoing traffic with connbytes limiter applied in both directions.
NFQWS_PORTS_TCP="80,443" NFQWS2_PORTS_TCP="80,443"
NFQWS_PORTS_UDP="443" NFQWS2_PORTS_UDP="443"
# PKT_OUT means connbytes dir original # PKT_OUT means connbytes dir original
# PKT_IN means connbytes dir reply # PKT_IN means connbytes dir reply
# this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU. # this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU.
NFQWS_TCP_PKT_OUT="9" NFQWS2_TCP_PKT_OUT="9"
NFQWS_TCP_PKT_IN="3" NFQWS2_TCP_PKT_IN="3"
NFQWS_UDP_PKT_OUT="9" NFQWS2_UDP_PKT_OUT="9"
NFQWS_UDP_PKT_IN="0" NFQWS2_UDP_PKT_IN="0"
# redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter # redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter
# normally it's needed only for stateless DPI that matches every packet in a single TCP session # normally it's needed only for stateless DPI that matches every packet in a single TCP session
# typical example are plain HTTP keep alives # typical example are plain HTTP keep alives
# this mode can be very CPU consuming. enable with care ! # this mode can be very CPU consuming. enable with care !
NFQWS_PORTS_TCP_KEEPALIVE="" NFQWS2_PORTS_TCP_KEEPALIVE=""
NFQWS_PORTS_UDP_KEEPALIVE="" NFQWS2_PORTS_UDP_KEEPALIVE=""
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir # use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy # hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list # <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
NFQWS_OPT="--filter-tcp=80 <HOSTLIST> --dpi-desync=fake,fakedsplit --dpi-desync-autottl=2 --dpi-desync-fooling=badsum --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-repeats=11 --dpi-desync-fooling=badsum --dpi-desync-fake-tls-mod=rnd,dupsid,sni=www.google.com --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 <HOSTLIST_NOAUTO> --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=443 <HOSTLIST> --dpi-desync=multidisorder --dpi-desync-split-pos=1,sniext+1,host+1,midsld-2,midsld,midsld+2,endhost-1" NFQWS2_OPT="--filter-tcp=80 --filter-l7=http <HOSTLIST> --payload=http_req --lua-desync=fake:blob=fake_default_http:tcp_md5 --lua-desync=multisplit:pos=method+2 --new --filter-tcp=443 --filter-l7=tls <HOSTLIST> --payload=tls_client_hello --lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000 --lua-desync=multidisorder:pos=1,midsld --new --filter-udp=443 --filter-l7=quic <HOSTLIST_NOAUTO> --payload=quic_initial --lua-desync=fake:blob=fake_default_quic:repeats=6"
DISABLE_CUSTOM=1 DISABLE_CUSTOM=1
@@ -121,9 +105,8 @@ FLOWOFFLOAD=none
# for routers based on desktop linux and macos. has no effect in openwrt. # for routers based on desktop linux and macos. has no effect in openwrt.
# CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES # CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES
# or leave them commented if its not router # or leave them commented if its not router
# it's possible to specify multiple interfaces like this : IFACE_LAN="eth0 eth1 eth2" # it's possible to specify multiple interfaces like this : IFACE_WAN="eth0 eth1 eth2"
# if IFACE_WAN6 is not defined it take the value of IFACE_WAN # if IFACE_WAN6 is not defined it take the value of IFACE_WAN
#IFACE_LAN=eth0
#IFACE_WAN=eth1 #IFACE_WAN=eth1
#IFACE_WAN6="ipsec0 wireguard0 he_net" #IFACE_WAN6="ipsec0 wireguard0 he_net"
@@ -132,10 +115,10 @@ FLOWOFFLOAD=none
INIT_APPLY_FW=1 INIT_APPLY_FW=1
# firewall apply hooks # firewall apply hooks
#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret.hook.pre_up" #INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret2.hook.pre_up"
#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret.hook.post_up" #INIT_FW_POST_UP_HOOK="/etc/firewall.zapret2.hook.post_up"
#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret.hook.pre_down" #INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret2.hook.pre_down"
#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret.hook.post_down" #INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret2.hook.post_down"
# do not work with ipv4 # do not work with ipv4
DISABLE_IPV4=0 DISABLE_IPV4=0
@@ -156,4 +139,4 @@ FILTER_TTL_EXPIRED_ICMP=1
DAEMON_LOG_ENABLE=0 DAEMON_LOG_ENABLE=0
DAEMON_LOG_FILE="/tmp/zapret+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log" DAEMON_LOG_FILE="/tmp/zapret2+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log"

6
zapret/custom.d/50-script.sh
View File

@@ -3,7 +3,7 @@
# NOTE: @ih requires nft 1.0.1+ and updated kernel version. it's confirmed to work on 5.15 (openwrt 23) and not work on 5.10 (openwrt 22) # NOTE: @ih requires nft 1.0.1+ and updated kernel version. it's confirmed to work on 5.15 (openwrt 23) and not work on 5.10 (openwrt 22)
# can override in config : # can override in config :
NFQWS_OPT_DESYNC_STUN="${NFQWS_OPT_DESYNC_STUN:---dpi-desync=fake --dpi-desync-repeats=2}" NFQWS_OPT_DESYNC_STUN="${NFQWS_OPT_DESYNC_STUN:---payload stun --lua-desync=fake:blob=0x00000000000000000000000000000000:repeats=2}"
alloc_dnum DNUM_STUN4ALL alloc_dnum DNUM_STUN4ALL
alloc_qnum QNUM_STUN4ALL alloc_qnum QNUM_STUN4ALL
@@ -17,14 +17,14 @@ zapret_custom_daemons()
} }
zapret_custom_firewall() zapret_custom_firewall()
{ {
# $1 - 1 - run, 0 - stop # $1 - 1 - run, 0 - stop
local f='-p udp -m u32 --u32' local f='-p udp -m u32 --u32'
fw_nfqws_post $1 "$f 0>>22&0x3C@4>>16=28:65535&&0>>22&0x3C@12=0x2112A442&&0>>22&0x3C@8&0xC0000003=0" "$f 44>>16=28:65535&&52=0x2112A442&&48&0xC0000003=0" $QNUM_STUN4ALL fw_nfqws_post $1 "$f 0>>22&0x3C@4>>16=28:65535&&0>>22&0x3C@12=0x2112A442&&0>>22&0x3C@8&0xC0000003=0" "$f 44>>16=28:65535&&52=0x2112A442&&48&0xC0000003=0" $QNUM_STUN4ALL
} }
zapret_custom_firewall_nft() zapret_custom_firewall_nft()
{ {
# stop logic is not required # stop logic is not required
local f="udp length >= 28 @ih,32,32 0x2112A442 @ih,0,2 0 @ih,30,2 0" local f="udp length >= 28 @ih,32,32 0x2112A442 @ih,0,2 0 @ih,30,2 0"
nft_fw_nfqws_post "$f" "$f" $QNUM_STUN4ALL nft_fw_nfqws_post "$f" "$f" $QNUM_STUN4ALL

208
zapret/def-cfg.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2025 remittor
function set_cfg_reset_values function set_cfg_reset_values
{ {
@@ -26,18 +26,18 @@ function set_cfg_reset_values
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60' set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0' set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
# nfqws options # nfqws options
set $cfgname.config.NFQWS_ENABLE='1' set $cfgname.config.NFQWS2_ENABLE='1'
set $cfgname.config.DESYNC_MARK='0x40000000' set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000' set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.FILTER_MARK='$TAB' set $cfgname.config.FILTER_MARK='$TAB'
set $cfgname.config.NFQWS_PORTS_TCP='80,443' set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443' set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS_TCP_PKT_OUT='9' set $cfgname.config.NFQWS2_TCP_PKT_OUT='9'
set $cfgname.config.NFQWS_TCP_PKT_IN='3' set $cfgname.config.NFQWS2_TCP_PKT_IN='3'
set $cfgname.config.NFQWS_UDP_PKT_OUT='9' set $cfgname.config.NFQWS2_UDP_PKT_OUT='9'
set $cfgname.config.NFQWS_UDP_PKT_IN='0' set $cfgname.config.NFQWS2_UDP_PKT_IN='0'
set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0' set $cfgname.config.NFQWS2_PORTS_TCP_KEEPALIVE='0'
set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0' set $cfgname.config.NFQWS2_PORTS_UDP_KEEPALIVE='0'
# save changes # save changes
commit $cfgname commit $cfgname
EOF EOF
@@ -50,9 +50,9 @@ function clear_nfqws_strat
local TAB="$( echo -n -e '\t' )" local TAB="$( echo -n -e '\t' )"
uci batch <<-EOF uci batch <<-EOF
set $cfgname.config.MODE_FILTER='hostlist' set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.NFQWS_PORTS_TCP='80,443' set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443' set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT='$TAB' set $cfgname.config.NFQWS2_OPT='$TAB'
commit $cfgname commit $cfgname
EOF EOF
} }
@@ -70,179 +70,31 @@ function set_cfg_nfqws_strat
if [ "$strat" = "empty" ]; then if [ "$strat" = "empty" ]; then
clear_nfqws_strat $cfgname clear_nfqws_strat $cfgname
fi fi
if [ "$strat" = "v1_by_StressOzz" ]; then if [ "$strat" = "default" ]; then
uci batch <<-EOF uci batch <<-EOF
set $cfgname.config.NFQWS_PORTS_TCP='80,443' set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443' set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT=" set $cfgname.config.NFQWS2_OPT="
# Strategy $strat # Strategy $strat
--filter-tcp=443 <HOSTLIST> --filter-tcp=80
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --filter-l7=http <HOSTLIST>
--dpi-desync=fake,multidisorder --payload=http_req
--dpi-desync-split-seqovl=681 --lua-desync=fake:blob=fake_default_http:tcp_md5
--dpi-desync-split-pos=1 --lua-desync=multisplit:pos=method+2
--dpi-desync-fooling=badseq
--dpi-desync-badseq-increment=10000000
--dpi-desync-repeats=2
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com
--new --new
--filter-udp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
--dpi-desync=fake
--dpi-desync-repeats=6
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
"
commit $cfgname
EOF
fi
if [ "$strat" = "v2_by_StressOzz" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT="
# Strategy $strat
--filter-tcp=443 <HOSTLIST>
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude-domains=openwrt.org
--dpi-desync=fake,fakeddisorder
--dpi-desync-split-pos=10,midsld
--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--dpi-desync-fake-tls-mod=rnd,dupsid,sni=fonts.google.com
--dpi-desync-fake-tls=0x0F0F0F0F
--dpi-desync-fake-tls-mod=none
--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
--dpi-desync-split-seqovl=336
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin
--dpi-desync-fooling=badseq,badsum
--dpi-desync-badseq-increment=0
--new
--filter-udp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
--dpi-desync=fake
--dpi-desync-repeats=6
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
"
commit $cfgname
EOF
fi
if [ "$strat" = "v3_by_StressOzz" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT="
# Strategy $strat
--filter-tcp=443 <HOSTLIST>
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude-domains=openwrt.org
--dpi-desync=fake,fakeddisorder
--dpi-desync-split-pos=10,midsld
--dpi-desync-fake-tls=/opt/zapret/files/fake/t2.bin
--dpi-desync-fake-tls-mod=rnd,dupsid,sni=m.ok.ru
--dpi-desync-fake-tls=0x0F0F0F0F
--dpi-desync-fake-tls-mod=none
--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
--dpi-desync-split-seqovl=336
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_gosuslugi_ru.bin
--dpi-desync-fooling=badseq,badsum
--dpi-desync-badseq-increment=0
--new
--filter-udp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
--dpi-desync=fake
--dpi-desync-repeats=6
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
"
commit $cfgname
EOF
fi
if [ "$strat" = "v4_by_StressOzz" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT="
# Strategy $strat
--filter-tcp=443 --filter-tcp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --filter-l7=tls <HOSTLIST>
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt --payload=tls_client_hello
--hostlist-exclude-domains=openwrt.org --lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000
--dpi-desync=fake,multisplit --lua-desync=multidisorder:pos=1,midsld
--dpi-desync-split-pos=2,sld
--dpi-desync-fake-tls=0x0F0F0F0F
--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--dpi-desync-fake-tls-mod=rnd,dupsid,sni=google.com
--dpi-desync-split-seqovl=2108
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--dpi-desync-fooling=badseq
--new
--filter-tcp=443 <HOSTLIST>
--hostlist-exclude-domains=openwrt.org
--dpi-desync-any-protocol=1
--dpi-desync-cutoff=n5
--dpi-desync=multisplit
--dpi-desync-split-seqovl=582
--dpi-desync-split-pos=1
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/4pda.bin
--new --new
--filter-udp=443 --filter-udp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --filter-l7=quic <HOSTLIST_NOAUTO>
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt --payload=quic_initial
--dpi-desync=fake --lua-desync=fake:blob=fake_default_quic:repeats=6
--dpi-desync-repeats=6
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
"
commit $cfgname
EOF
fi
if [ "$strat" = "v5_by_StressOzz" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_OPT="
# Strategy $strat
--filter-tcp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
--hostlist-exclude-domains=openwrt.org
--ip-id=zero
--dpi-desync=multisplit
--dpi-desync-split-seqovl=681
--dpi-desync-split-pos=1
--dpi-desync-split-seqovl-pattern=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--new
--filter-tcp=443 <HOSTLIST>
--hostlist-exclude-domains=openwrt.org
--dpi-desync=fake,fakeddisorder
--dpi-desync-split-pos=10,midsld
--dpi-desync-fake-tls=/opt/zapret/files/fake/max.bin
--dpi-desync-fake-tls-mod=rnd,dupsid
--dpi-desync-fake-tls=0x0F0F0F0F
--dpi-desync-fake-tls-mod=none
--dpi-desync-fakedsplit-pattern=/opt/zapret/files/fake/tls_clienthello_vk_com.bin
--dpi-desync-fooling=badseq,badsum
--dpi-desync-badseq-increment=0
--new
--filter-udp=443
--hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--hostlist-exclude=/opt/zapret/ipset/zapret-hosts-user-exclude.txt
--dpi-desync=fake
--dpi-desync-repeats=6
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
" "
commit $cfgname commit $cfgname
EOF EOF
@@ -253,7 +105,7 @@ function set_cfg_nfqws_strat
function set_cfg_default_values function set_cfg_default_values
{ {
local opt_flags=${1:--} local opt_flags=${1:--}
local opt_strat=${2:-v2_by_StressOzz} local opt_strat=${2:-default}
local cfgname=${3:-$ZAPRET_CFG_NAME} local cfgname=${3:-$ZAPRET_CFG_NAME}
if ! echo "$opt_flags" | grep -q "(skip_base)"; then if ! echo "$opt_flags" | grep -q "(skip_base)"; then

14
zapret/init.d.sh
View File

@@ -7,17 +7,17 @@ START=21
SCRIPT_FILENAME=$1 SCRIPT_FILENAME=$1
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
if ! is_valid_config ; then if ! is_valid_config ; then
logger -p err -t ZAPRET "Wrong main config: $ZAPRET_CONFIG" logger -p err -t ZAPRET2 "Wrong main config: $ZAPRET_CONFIG"
exit 91 exit 91
fi fi
. $ZAPRET_ORIG_INITD . $ZAPRET_ORIG_INITD
EXEDIR=/opt/zapret EXEDIR=/opt/zapret2
ZAPRET_BASE=/opt/zapret ZAPRET_BASE=/opt/zapret2
is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0 is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0
@@ -30,7 +30,7 @@ function enable
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option ) run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to enable service, but service blocked!" logger -p notice -t ZAPRET2 "Attempt to enable service, but service blocked!"
return 61 return 61
fi fi
fi fi
@@ -49,7 +49,7 @@ function enabled
run_on_boot=$( get_run_on_boot_option ) run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then if [ $run_on_boot != 1 ]; then
if [ "$IS_RUN_ON_BOOT" = "1" ]; then if [ "$IS_RUN_ON_BOOT" = "1" ]; then
logger -p notice -t ZAPRET "Service is blocked!" logger -p notice -t ZAPRET2 "Service is blocked!"
fi fi
return 61 return 61
fi fi
@@ -65,7 +65,7 @@ function boot
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option ) run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to run service on boot! Service is blocked!" logger -p notice -t ZAPRET2 "Attempt to run service on boot! Service is blocked!"
return 61 return 61
fi fi
fi fi

12
zapret/patches/0001-Add-support-log-file-for-each-daemons.patch
View File

@@ -25,10 +25,10 @@ index 0af19c0..41c0967 100644
done done
} }
} }
diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret2
index 8d6d3a9..fcb1e91 100755 index 8d6d3a9..fcb1e91 100755
--- a/init.d/openwrt/zapret --- a/init.d/openwrt/zapret2
+++ b/init.d/openwrt/zapret +++ b/init.d/openwrt/zapret2
@@ -58,12 +58,29 @@ run_daemon() @@ -58,12 +58,29 @@ run_daemon()
# use $PIDDIR/$DAEMONBASE$1.pid as pidfile # use $PIDDIR/$DAEMONBASE$1.pid as pidfile
local DAEMONBASE="$(basename "$2")" local DAEMONBASE="$(basename "$2")"
@@ -51,15 +51,15 @@ index 8d6d3a9..fcb1e91 100755
procd_open_instance procd_open_instance
- procd_set_param command $2 $3 - procd_set_param command $2 $3
+ procd_set_param command $DAEMON_PATH $DAEMON_ARGS + procd_set_param command $DAEMON_PATH $DAEMON_ARGS
procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid procd_set_param pidfile $PIDDIR/${DAEMONBASE}_$1.pid
procd_close_instance procd_close_instance
} }
+DAEMON_CFGNAME="main" +DAEMON_CFGNAME="main"
+ +
run_tpws() run_nfqws()
{ {
[ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0 run_daemon $1 "$NFQWS2" "$NFQWS2_OPT_BASE $2"
-- --
2.41.0.windows.3 2.41.0.windows.3

4
zapret/renew-cfg.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
merge_cfg_with_def_values merge_cfg_with_def_values
@@ -12,5 +12,5 @@ CONFIGS_SYNC=0
if [ "$CONFIGS_SYNC" = "1" ]; then if [ "$CONFIGS_SYNC" = "1" ]; then
# renew main config # renew main config
/opt/zapret/sync_config.sh /opt/zapret2/sync_config.sh
fi fi

8
zapret/restore-def-cfg.sh
View File

@@ -1,9 +1,9 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )" cfg_run_on_boot="$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )"
opt_flags=${1:--} opt_flags=${1:--}
opt_strat=$2 opt_strat=$2
@@ -15,7 +15,7 @@ fi
create_default_cfg "$opt_flags" "$opt_strat" create_default_cfg "$opt_flags" "$opt_strat"
if [ "$cfg_run_on_boot" = "1" ]; then if [ "$cfg_run_on_boot" = "1" ]; then
uci set zapret.config.run_on_boot=1 uci set $ZAPRET_CFG_NAME.config.run_on_boot=1
uci commit uci commit
fi fi
@@ -29,5 +29,5 @@ fi
if [ "$ZAPRET_SYNC_CONFIG" = "1" ]; then if [ "$ZAPRET_SYNC_CONFIG" = "1" ]; then
# renew main config # renew main config
/opt/zapret/sync_config.sh /opt/zapret2/sync_config.sh
fi fi

28
zapret/sync_config.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
function uncomment_param function uncomment_param
{ {
@@ -41,17 +41,17 @@ function sync_param
{ {
local param=$1 local param=$1
local vtype=$2 local vtype=$2
local value="$( uci -q get zapret.config.$param )" local value="$( uci -q get zapret2.config.$param )"
uncomment_param $param uncomment_param $param
append_param $param append_param $param
local TAB="$( echo -n -e '\t' )" local TAB="$( echo -n -e '\t' )"
if [ "$value" = "$TAB" ]; then if [ "$value" = "$TAB" ]; then
value="" value=""
fi fi
if [ "$param" = "NFQWS_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS_PORTS_UDP_KEEPALIVE" ]; then if [ "$param" = "NFQWS2_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS2_PORTS_UDP_KEEPALIVE" ]; then
[ "$value" = "0" ] && value="" [ "$value" = "0" ] && value=""
fi fi
if [ "$param" = "NFQWS_OPT" -a "$value" != "" ]; then if [ "$param" = "NFQWS2_OPT" -a "$value" != "" ]; then
value=$( echo -n "$value" | sed '/^#/d' ) value=$( echo -n "$value" | sed '/^#/d' )
fi fi
if [ "$vtype" = "str" ]; then if [ "$vtype" = "str" ]; then
@@ -92,19 +92,19 @@ sync_param AUTOHOSTLIST_FAIL_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_TIME sync_param AUTOHOSTLIST_FAIL_TIME
sync_param AUTOHOSTLIST_DEBUGLOG sync_param AUTOHOSTLIST_DEBUGLOG
sync_param NFQWS_ENABLE sync_param NFQWS2_ENABLE
sync_param DESYNC_MARK sync_param DESYNC_MARK
sync_param DESYNC_MARK_POSTNAT sync_param DESYNC_MARK_POSTNAT
sync_param FILTER_MARK str sync_param FILTER_MARK str
sync_param NFQWS_PORTS_TCP str sync_param NFQWS2_PORTS_TCP str
sync_param NFQWS_PORTS_UDP str sync_param NFQWS2_PORTS_UDP str
sync_param NFQWS_TCP_PKT_OUT str sync_param NFQWS2_TCP_PKT_OUT str
sync_param NFQWS_TCP_PKT_IN str sync_param NFQWS2_TCP_PKT_IN str
sync_param NFQWS_UDP_PKT_OUT str sync_param NFQWS2_UDP_PKT_OUT str
sync_param NFQWS_UDP_PKT_IN str sync_param NFQWS2_UDP_PKT_IN str
sync_param NFQWS_PORTS_TCP_KEEPALIVE str sync_param NFQWS2_PORTS_TCP_KEEPALIVE str
sync_param NFQWS_PORTS_UDP_KEEPALIVE str sync_param NFQWS2_PORTS_UDP_KEEPALIVE str
sync_param NFQWS_OPT str sync_param NFQWS2_OPT str
ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED" ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED"

18
zapret/uci-def-cfg.sh
View File

@@ -1,17 +1,17 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2024 remittor # Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
# create empty txt files into ipset directory # create empty txt files into ipset directory
[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt" [ ! -f "/opt/zapret2/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-google.txt"
#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt" #[ ! -f "/opt/zapret2/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-auto.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt" [ ! -f "/opt/zapret2/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" [ ! -f "/opt/zapret2/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret2/ipset/zapret-hosts-user-ipban.txt"
#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt" #[ ! -f "/opt/zapret2/ipset/zapret-ip.txt" ] && touch "/opt/zapret2/ipset/zapret-ip.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt" [ ! -f "/opt/zapret2/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt" [ ! -f "/opt/zapret2/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user-exclude.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt" [ ! -f "/opt/zapret2/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret2/ipset/zapret-ip-user-ipban.txt"
# create or merge uci-config # create or merge uci-config
$ZAPRET_BASE/renew-cfg.sh $ZAPRET_BASE/renew-cfg.sh

14
zapret/update-pkg.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# Copyright (c) 2025 remittor # Copyright (c) 2025 remittor
. /opt/zapret/comfunc.sh . /opt/zapret2/comfunc.sh
. /usr/share/libubox/jshn.sh . /usr/share/libubox/jshn.sh
. /etc/openwrt_release . /etc/openwrt_release
@@ -21,7 +21,7 @@ while getopts "cu:pft:" opt; do
esac esac
done done
ZAP_PKG_DIR=/tmp/zapret_pkg ZAP_PKG_DIR=/tmp/zapret2_pkg
if [ "$opt_test" != "" ]; then if [ "$opt_test" != "" ]; then
echo 1; sleep 2; echo 1; sleep 2;
@@ -34,7 +34,7 @@ if [ "$opt_test" != "" ]; then
fi fi
ZAP_CPU_ARCH=$(get_cpu_arch) ZAP_CPU_ARCH=$(get_cpu_arch)
ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap1_$ZAP_CPU_ARCH.json" ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap2_$ZAP_CPU_ARCH.json"
CURL_TIMEOUT=5 CURL_TIMEOUT=5
CURL_HEADER1="Accept: application/json" CURL_HEADER1="Accept: application/json"
@@ -279,7 +279,7 @@ ZAP_PKG_FN=
ZAP_PKG_BASE_FN= ZAP_PKG_BASE_FN=
ZAP_PKG_LUCI_FN= ZAP_PKG_LUCI_FN=
ZAP_CUR_PKG_VER=$( get_pkg_version zapret ) ZAP_CUR_PKG_VER=$( get_pkg_version zapret2 )
echo "Current installed version: $ZAP_CUR_PKG_VER" echo "Current installed version: $ZAP_CUR_PKG_VER"
if [ "$opt_update" = "" ]; then if [ "$opt_update" = "" ]; then
@@ -334,7 +334,7 @@ if [ "$opt_update" != "" ]; then
return 0 return 0
fi fi
fi fi
ZAP_PKG_DIR=/tmp/zapret_pkg ZAP_PKG_DIR=/tmp/zapret2_pkg
rm -rf $ZAP_PKG_DIR rm -rf $ZAP_PKG_DIR
ZAP_PKG_HDRS=$( curl -s -I -L --max-time $CURL_TIMEOUT -H "$CURL_HEADER2" "$ZAP_PKG_URL" ) ZAP_PKG_HDRS=$( curl -s -I -L --max-time $CURL_TIMEOUT -H "$CURL_HEADER2" "$ZAP_PKG_URL" )
ZAP_PKG_SIZE=$( echo "$ZAP_PKG_HDRS" | grep -i 'content-length: ' | tail -n1 | awk '{print $2}' | tr -d '\r' ) ZAP_PKG_SIZE=$( echo "$ZAP_PKG_HDRS" | grep -i 'content-length: ' | tail -n1 | awk '{print $2}' | tr -d '\r' )
@@ -372,10 +372,10 @@ if [ "$opt_update" != "" ]; then
echo "------ Downloaded packages:" echo "------ Downloaded packages:"
echo "$ZAP_PKG_LIST" echo "$ZAP_PKG_LIST"
echo "------" echo "------"
ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "zapret_*.${ZAP_PKG_EXT}" | head -n 1 ) ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "zapret2_*.${ZAP_PKG_EXT}" | head -n 1 )
ZAP_PKG_LUCI_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "luci-app-*.${ZAP_PKG_EXT}" | head -n 1 ) ZAP_PKG_LUCI_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "luci-app-*.${ZAP_PKG_EXT}" | head -n 1 )
if [ ! -f "$ZAP_PKG_BASE_FN" ]; then if [ ! -f "$ZAP_PKG_BASE_FN" ]; then
echo "ERROR: File \"zapret_*.${ZAP_PKG_EXT}\" not found!" echo "ERROR: File \"zapret2_*.${ZAP_PKG_EXT}\" not found!"
return 231 return 231
fi fi
echo "ZAP_PKG_BASE_FN = $ZAP_PKG_BASE_FN" echo "ZAP_PKG_BASE_FN = $ZAP_PKG_BASE_FN"