From a7289f779ab1a6f977349cf2b83f395eb76edf08 Mon Sep 17 00:00:00 2001 From: remittor Date: Thu, 10 Oct 2024 20:41:30 +0300 Subject: [PATCH] Add configs from ipset directory --- zapret/Makefile | 23 +++++++++++++---- zapret/config | 6 ++--- zapret/ipset/zapret-hosts-user-exclude.txt | 6 +++++ zapret/ipset/zapret-hosts-user-ipban.txt | 0 zapret/ipset/zapret-hosts-user.txt | 24 ++++++++++++++++++ zapret/ipset/zapret-ip-exclude.txt | 4 +++ zapret/ipset/zapret-ip-user-exclude.txt | 0 zapret/ipset/zapret-ip-user-ipban.txt | 0 zapret/ipset/zapret-ip-user.txt | 0 zapret/youtube.txt | 1 - zapret/zapret.config | 29 ++++++++++++++++++++-- 11 files changed, 82 insertions(+), 11 deletions(-) create mode 100644 zapret/ipset/zapret-hosts-user-exclude.txt create mode 100644 zapret/ipset/zapret-hosts-user-ipban.txt create mode 100644 zapret/ipset/zapret-hosts-user.txt create mode 100644 zapret/ipset/zapret-ip-exclude.txt create mode 100644 zapret/ipset/zapret-ip-user-exclude.txt create mode 100644 zapret/ipset/zapret-ip-user-ipban.txt create mode 100644 zapret/ipset/zapret-ip-user.txt delete mode 100644 zapret/youtube.txt diff --git a/zapret/Makefile b/zapret/Makefile index b7b02fc..33c4b0e 100644 --- a/zapret/Makefile +++ b/zapret/Makefile @@ -1,5 +1,5 @@ # -# Copyright (ñ) 2024 remittor +# Copyright (�) 2024 remittor # include $(TOPDIR)/rules.mk @@ -52,7 +52,12 @@ endef define Package/$(PKG_NAME)/conffiles /etc/config/zapret /opt/zapret/config -/opt/zapret/youtube.txt +/opt/zapret/ipset/zapret-hosts-user.txt +/opt/zapret/ipset/zapret-hosts-user-exclude.txt +/opt/zapret/ipset/zapret-hosts-user-ipban.txt +/opt/zapret/ipset/zapret-ip-user.txt +/opt/zapret/ipset/zapret-ip-user-exclude.txt +/opt/zapret/ipset/zapret-ip-user-ipban.txt endef #define Build/Configure @@ -73,8 +78,8 @@ define Package/$(PKG_NAME)/install $(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret/files/ $(INSTALL_DIR) $(1)/opt/zapret/ipset $(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh - $(INSTALL_BIN) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default + $(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh + $(INSTALL_CONF) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default $(INSTALL_DIR) $(1)/opt/zapret/tmp $(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt $(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/ @@ -85,7 +90,15 @@ define Package/$(PKG_NAME)/install $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./zapret.config $(1)/etc/config/zapret $(INSTALL_CONF) ./config $(1)/opt/zapret/config - $(INSTALL_CONF) ./youtube.txt $(1)/opt/zapret/youtube.txt + #$(INSTALL_CONF) ./ipset/zapret-hosts-auto.txt $(1)/opt/zapret/ipset/zapret-hosts-auto.txt + $(INSTALL_CONF) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt + $(INSTALL_CONF) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt + $(INSTALL_CONF) ./ipset/zapret-hosts-user-ipban.txt $(1)/opt/zapret/ipset/zapret-hosts-user-ipban.txt + #$(INSTALL_CONF) ./ipset/zapret-ip.txt $(1)/opt/zapret/ipset/zapret-ip.txt + $(INSTALL_CONF) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt + $(INSTALL_CONF) ./ipset/zapret-ip-user.txt $(1)/opt/zapret/ipset/zapret-ip-user.txt + $(INSTALL_CONF) ./ipset/zapret-ip-user-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-user-exclude.txt + $(INSTALL_CONF) ./ipset/zapret-ip-user-ipban.txt $(1)/opt/zapret/ipset/zapret-ip-user-ipban.txt endef define Package/$(PKG_NAME)/postinst diff --git a/zapret/config b/zapret/config index fd2c889..73c3f91 100644 --- a/zapret/config +++ b/zapret/config @@ -61,14 +61,14 @@ MODE_HTTPS=1 MODE_QUIC=1 # none,ipset,hostlist,autohostlist -MODE_FILTER=autohostlist +MODE_FILTER=hostlist # CHOOSE NFQWS DAEMON OPTIONS for DPI desync mode. run "nfq/nfqws --help" for option list DESYNC_MARK=0x40000000 DESYNC_MARK_POSTNAT=0x20000000 -NFQWS_OPT_DESYNC="--hostlist=/opt/zapret/youtube.txt --dpi-desync=fake,disorder2 --dpi-desync-split-pos=1 --dpi-desync-ttl=0 --dpi-desync-fooling=md5sig,badsum --dpi-desync-repeats=6 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin" +NFQWS_OPT_DESYNC="--dpi-desync=fake,disorder2 --dpi-desync-split-pos=1 --dpi-desync-ttl=0 --dpi-desync-fooling=md5sig,badsum --dpi-desync-repeats=6 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin" NFQWS_OPT_DESYNC_SUFFIX="" @@ -88,7 +88,7 @@ NFQWS_OPT_DESYNC_HTTPS6="" NFQWS_OPT_DESYNC_HTTPS6_SUFFIX="" -NFQWS_OPT_DESYNC_QUIC="--hostlist=/opt/zapret/youtube.txt --dpi-desync=fake --dpi-desync-repeats=6 --dpi-desync-ttl=0 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fooling=md5sig,badsum --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_google_com.bin" +NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake --dpi-desync-repeats=6 --dpi-desync-ttl=0 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fooling=md5sig,badsum --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_google_com.bin" NFQWS_OPT_DESYNC_QUIC_SUFFIX="" diff --git a/zapret/ipset/zapret-hosts-user-exclude.txt b/zapret/ipset/zapret-hosts-user-exclude.txt new file mode 100644 index 0000000..999ccdd --- /dev/null +++ b/zapret/ipset/zapret-hosts-user-exclude.txt @@ -0,0 +1,6 @@ +10.0.0.0/8 +172.16.0.0/12 +192.168.0.0/16 +169.254.0.0/16 +fc00::/7 +fe80::/10 diff --git a/zapret/ipset/zapret-hosts-user-ipban.txt b/zapret/ipset/zapret-hosts-user-ipban.txt new file mode 100644 index 0000000..e69de29 diff --git a/zapret/ipset/zapret-hosts-user.txt b/zapret/ipset/zapret-hosts-user.txt new file mode 100644 index 0000000..dd111d8 --- /dev/null +++ b/zapret/ipset/zapret-hosts-user.txt @@ -0,0 +1,24 @@ +googlevideo.com +youtube.com +m.youtube.com +ytimg.com +s.ytimg.com +ytimg.l.google.com +youtube.l.google.com +i.google.com +youtu.be +yt.be +accounts.youtube.com +consent.youtube.com +realtimesupport.youtube.com +studio.youtube.com +i9.ytimg.com +i.ytimg.com +yt3.ggpht.com +youtubekids.com +googleusercontent.com +googleapis.com +youtubei.googleapis.com +notifications-pa.googleapis.com +gstatic.com +suggestqueries.google.com diff --git a/zapret/ipset/zapret-ip-exclude.txt b/zapret/ipset/zapret-ip-exclude.txt new file mode 100644 index 0000000..aafd468 --- /dev/null +++ b/zapret/ipset/zapret-ip-exclude.txt @@ -0,0 +1,4 @@ +10.0.0.0/8 +169.254.0.0/16 +172.16.0.0/12 +192.168.0.0/16 diff --git a/zapret/ipset/zapret-ip-user-exclude.txt b/zapret/ipset/zapret-ip-user-exclude.txt new file mode 100644 index 0000000..e69de29 diff --git a/zapret/ipset/zapret-ip-user-ipban.txt b/zapret/ipset/zapret-ip-user-ipban.txt new file mode 100644 index 0000000..e69de29 diff --git a/zapret/ipset/zapret-ip-user.txt b/zapret/ipset/zapret-ip-user.txt new file mode 100644 index 0000000..e69de29 diff --git a/zapret/youtube.txt b/zapret/youtube.txt deleted file mode 100644 index 4258f9b..0000000 --- a/zapret/youtube.txt +++ /dev/null @@ -1 +0,0 @@ -googlevideo.com diff --git a/zapret/zapret.config b/zapret/zapret.config index 9879968..b635245 100644 --- a/zapret/zapret.config +++ b/zapret/zapret.config @@ -1,2 +1,27 @@ -config zapret - option startup '0' +config main 'config' + option autostart '0' + option FWTYPE 'nftables' + option MODE 'nfqws' + option FLOWOFFLOAD 'none' + option INIT_APPLY_FW '1' + option DISABLE_IPV4 '0' + option DISABLE_IPV6 '1' + option MODE_FILTER 'hostlist' + option NFQWS_OPT_DESYNC '--dpi-desync=fake,disorder2 --dpi-desync-split-pos=1 --dpi-desync-ttl=0 --dpi-desync-fooling=md5sig,badsum --dpi-desync-repeats=6 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin' + option NFQWS_OPT_DESYNC_SUFFIX '' + option MODE_HTTP '1' + option MODE_HTTP_KEEPALIVE '0' + option NFQWS_OPT_DESYNC_HTTP '' + option NFQWS_OPT_DESYNC_HTTP_SUFFIX '' + option NFQWS_OPT_DESYNC_HTTP6 '' + option NFQWS_OPT_DESYNC_HTTP6_SUFFIX '' + option MODE_HTTPS '1' + option NFQWS_OPT_DESYNC_HTTPS '' + option NFQWS_OPT_DESYNC_HTTPS_SUFFIX '' + option NFQWS_OPT_DESYNC_HTTPS6 '' + option NFQWS_OPT_DESYNC_HTTPS6_SUFFIX '' + option MODE_QUIC '1' + option NFQWS_OPT_DESYNC_QUIC '--dpi-desync=fake --dpi-desync-repeats=6 --dpi-desync-ttl=0 --dpi-desync-any-protocol --dpi-desync-cutoff=d4 --dpi-desync-fooling=md5sig,badsum --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_google_com.bin' + option NFQWS_OPT_DESYNC_QUIC_SUFFIX '' + option NFQWS_OPT_DESYNC_QUIC6 '' + option NFQWS_OPT_DESYNC_QUIC6_SUFFIX ''