Bump version to v65-20241016

Example: /opt/zapret/ipset/cust1.txt

luci-app-zapret/Makefile

@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-zapret
-PKG_RELEASE:=20241014
-PKG_VERSION:=64-$(PKG_RELEASE)
+PKG_RELEASE:=20241016
+PKG_VERSION:=65-$(PKG_RELEASE)
 PKG_LICENSE:=MIT
 
 LUCI_TITLE:=LuCI support for zapret

luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js

@@ -60,8 +60,8 @@ return view.extend({
         s.tab(tabname, _('Main settings'));
 
         o = s.taboption(tabname, form.ListValue, 'FWTYPE', _('FWTYPE'));
-        o.value('nftables', 'NFTables');
-        //o.value('iptables', 'IPTables');
+        o.value('nftables', 'nftables');
+        //o.value('iptables', 'iptables');
         //o.value('ipfw',     'ipfw');
 
         o = s.taboption(tabname, form.ListValue, 'MODE', _('MODE'));
@@ -74,17 +74,17 @@ return view.extend({
         o.value('software',  'software');
         o.value('hardware',  'hardware');
 
-        o = s.taboption(tabname, form.ListValue, 'INIT_APPLY_FW', _('INIT_APPLY_FW'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'INIT_APPLY_FW', _('INIT_APPLY_FW'));
+        o.rmempty = false;
+        o.default = 0;
 
-        o = s.taboption(tabname, form.ListValue, 'DISABLE_IPV4', _('DISABLE_IPV4'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'DISABLE_IPV4', _('DISABLE_IPV4'));
+        o.rmempty = false;
+        o.default = 1;
 
-        o = s.taboption(tabname, form.ListValue, 'DISABLE_IPV6', _('DISABLE_IPV6'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'DISABLE_IPV6', _('DISABLE_IPV6'));
+        o.rmempty = false;
+        o.default = 0;
 
         o = s.taboption(tabname, form.ListValue, 'MODE_FILTER', _('MODE_FILTER'));
         //o.value('none',         'none');
@@ -92,21 +92,31 @@ return view.extend({
         o.value('hostlist',     'hostlist');
         o.value('autohostlist', 'autohostlist');
 
-        o = s.taboption(tabname, form.ListValue, 'MODE_HTTP', _('MODE_HTTP'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'MODE_HTTP', _('MODE_HTTP'));
+        o.rmempty = false;
+        o.default = 0;
 
-        o = s.taboption(tabname, form.ListValue, 'MODE_HTTP_KEEPALIVE', _('MODE_HTTP_KEEPALIVE'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'MODE_HTTP_KEEPALIVE', _('MODE_HTTP_KEEPALIVE'));
+        o.rmempty = false;
+        o.default = 0;
 
-        o = s.taboption(tabname, form.ListValue, 'MODE_HTTPS', _('MODE_HTTPS'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'MODE_HTTPS', _('MODE_HTTPS'));
+        o.rmempty = false;
+        o.default = 0;
 
-        o = s.taboption(tabname, form.ListValue, 'MODE_QUIC', _('MODE_QUIC'));
-        o.value('0', 'False');
-        o.value('1', 'True');
+        o = s.taboption(tabname, form.Flag, 'MODE_QUIC', _('MODE_QUIC'));
+        o.rmempty = false;
+        o.default = 0;
+
+        o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
+        //o.description = _("nfqws option for DPI desync attack");
+        o.rmempty     = false;
+        o.datatype    = 'string';
+
+        o = s.taboption(tabname, form.Value, 'DESYNC_MARK_POSTNAT', _('DESYNC_MARK_POSTNAT'));
+        //o.description = _("nfqws option for DPI desync attack");
+        o.rmempty     = false;
+        o.datatype    = 'string';
 
         /* NFQWS_OPT_DESYNC tab */
 
@@ -178,25 +188,77 @@ return view.extend({
         o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries'));
         o.inputtitle = _('Edit');
         o.inputstyle = 'edit btn';
+        o.description = tools.hostsUserFN;
         o.onclick = () => new tools.fileEditDialog(            
-            tools.userEntriesFile,
+            tools.hostsUserFN,
             _('User entries'),
             _('One hostname per line.<br />Examples:'),
             '<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
             15
         ).show();
 
-        o = s.taboption(tabname, form.Button, '_ip_filter_btn', _('User IP entries'));
+        o = s.taboption(tabname, form.Button, '_user_excluded_entries_btn', _('User excluded hostname entries'));
         o.inputtitle = _('Edit');
         o.inputstyle = 'edit btn';
+        o.description = tools.hostsUserExcludeFN;
+        o.onclick = () => new tools.fileEditDialog(            
+            tools.hostsUserExcludeFN,
+            _('User excluded entries'),
+            _('One hostname per line.<br />Examples:'),
+            '<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
+            15
+        ).show();
+        
+        add_delim(s);
+
+        o = s.taboption(tabname, form.Button, '_ip_exclude_filter_btn', _('Excluded IP entries'));
+        o.inputtitle = _('Edit');
+        o.inputstyle = 'edit btn';
+        o.description = tools.iplstExcludeFN;
         o.onclick = () => new tools.fileEditDialog(
-            tools.ipFilterFile,
-            _('IP filter'),
+            tools.iplstExcludeFN,
+            _('Excluded IP filter'),
             _('Patterns can be strings or regular expressions. Each pattern in a separate line<br />Examples:'),
             '<code>128.199.0.0/16<br />34.217.90.52<br />162.13.190.77</code>',
             15
         ).show();
 
+        o = s.taboption(tabname, form.Button, '_user_ip_filter_btn', _('User IP entries'));
+        o.inputtitle = _('Edit');
+        o.inputstyle = 'edit btn';
+        o.description = tools.iplstUserFN;
+        o.onclick = () => new tools.fileEditDialog(
+            tools.iplstUserFN,
+            _('User IP filter'),
+            _('Patterns can be strings or regular expressions. Each pattern in a separate line<br />Examples:'),
+            '<code>128.199.0.0/16<br />34.217.90.52<br />162.13.190.77</code>',
+            15
+        ).show();
+
+        o = s.taboption(tabname, form.Button, '_user_excluded_ip_filter_btn', _('User excluded IP entries'));
+        o.inputtitle = _('Edit');
+        o.inputstyle = 'edit btn';
+        o.description = tools.iplstUserExcludeFN;
+        o.onclick = () => new tools.fileEditDialog(
+            tools.iplstUserExcludeFN,
+            _('User excluded IP filter'),
+            _('Patterns can be strings or regular expressions. Each pattern in a separate line<br />Examples:'),
+            '<code>128.199.0.0/16<br />34.217.90.52<br />162.13.190.77</code>',
+            15
+        ).show();
+        
+        add_delim(s);
+        
+        for (let num = 1; num <= tools.custFileMax; num++) {
+            let fn = tools.custFileTemplate.format(num.toString());
+            let name = _('Custom file #' + num);
+            o = s.taboption(tabname, form.Button, '_cust_file%d_btn'.format(num), name);
+            o.inputtitle = _('Edit');
+            o.inputstyle = 'edit btn';
+            o.description = fn;
+            o.onclick = () => new tools.fileEditDialog(fn, name, '', '', 15).show();
+        }
+
         let map_promise = m.render();
         map_promise.then(node => node.classList.add('fade-in'));
         return map_promise;

luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js

@@ -37,9 +37,13 @@ document.head.append(E('style', {'type': 'text/css'},
 return baseclass.extend({
     appName           : 'zapret',
     execPath          : '/opt/zapret/init.d/openwrt/zapret',
-    parsersDir        : '/usr/libexec/ruantiblock',
-    userEntriesFile   : '/opt/zapret/ipset/zapret-hosts-user.txt',
-    ipFilterFile      : '/opt/zapret/ipset/zapret-ip-user.txt',
+    hostsUserFN       : '/opt/zapret/ipset/zapret-hosts-user.txt',
+    hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt',
+    iplstExcludeFN    : '/opt/zapret/ipset/zapret-ip-exclude.txt',
+    iplstUserFN       : '/opt/zapret/ipset/zapret-ip-user.txt',
+    iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt',
+    custFileMax       : 4,
+    custFileTemplate  : '/opt/zapret/ipset/cust%s.txt',
 
     infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
     infoLabelRunning  : '<span class="label-status running">' + _('Enabled') + '</span>',

zapret-ip2net/Makefile

@@ -1,21 +1,26 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zapret-ip2net
-PKG_VERSION:=64
-PKG_RELEASE:=20241014
+PKG_VERSION:=65
+PKG_RELEASE:=20241016
 
 PKG_MAINTAINER:=bol-van
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=docs/LICENSE.txt
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
-PKG_HASH:=skip
+PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=fc0b8266e3e02c62af699b18c032800b0032866f
+PKG_SOURCE_DATE:=2024-10-16
+
+#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+#PKG_HASH:=skip
 
 include $(INCLUDE_DIR)/package.mk
 
-TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
-TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
+#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
+#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
 
 MAKE_PATH:=ip2net
 

zapret-mdig/Makefile

@@ -1,21 +1,26 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zapret-mdig
-PKG_VERSION:=64
-PKG_RELEASE:=20241014
+PKG_VERSION:=65
+PKG_RELEASE:=20241016
 
 PKG_MAINTAINER:=bol-van
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=docs/LICENSE.txt
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
-PKG_HASH:=skip
+PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=fc0b8266e3e02c62af699b18c032800b0032866f
+PKG_SOURCE_DATE:=2024-10-16
+
+#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+#PKG_HASH:=skip
 
 include $(INCLUDE_DIR)/package.mk
 
-TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
-TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
+#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
+#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
 
 MAKE_PATH:=mdig
 

zapret-tpws/Makefile

@@ -1,21 +1,26 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zapret-tpws
-PKG_VERSION:=64
-PKG_RELEASE:=20241014
+PKG_VERSION:=65
+PKG_RELEASE:=20241016
 
 PKG_MAINTAINER:=bol-van
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=docs/LICENSE.txt
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
-PKG_HASH:=skip
+PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=fc0b8266e3e02c62af699b18c032800b0032866f
+PKG_SOURCE_DATE:=2024-10-16
+
+#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+#PKG_HASH:=skip
 
 include $(INCLUDE_DIR)/package.mk
 
-TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
-TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
+#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
+#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
 
 MAKE_PATH:=tpws
 

zapret/Makefile

@@ -5,21 +5,26 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zapret
-PKG_VERSION:=64
-PKG_RELEASE:=20241014
+PKG_VERSION:=65
+PKG_RELEASE:=20241016
 
 PKG_MAINTAINER:=bol-van
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=docs/LICENSE.txt
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
-PKG_HASH:=skip
+PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=fc0b8266e3e02c62af699b18c032800b0032866f
+PKG_SOURCE_DATE:=2024-10-16
+
+#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+#PKG_HASH:=skip
 
 include $(INCLUDE_DIR)/package.mk
 
-TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
-TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
+#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
+#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
 
 MAKE_PATH:=nfq
 
@@ -40,31 +45,26 @@ define Build/Prepare
 	rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws
 endef
 
-define Package/$(PKG_NAME)/conffiles
-/etc/config/zapret
-/opt/zapret/config
-/opt/zapret/ipset/zapret-hosts-user.txt
-/opt/zapret/ipset/zapret-hosts-user-exclude.txt
-/opt/zapret/ipset/zapret-hosts-user-ipban.txt
-/opt/zapret/ipset/zapret-ip-user.txt
-/opt/zapret/ipset/zapret-ip-user-exclude.txt
-/opt/zapret/ipset/zapret-ip-user-ipban.txt
-endef
-
 #define Build/Configure
 #endef
 
 #define Build/Compile
 #endef
 
+define Package/$(PKG_NAME)/conffiles
+/etc/config/zapret
+/opt/zapret/config
+/opt/zapret/ipset/
+endef
+
 define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/opt/zapret
 	$(INSTALL_DIR) $(1)/opt/zapret/$(MAKE_PATH)
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws $(1)/opt/zapret/$(MAKE_PATH)/	
 	$(INSTALL_DIR) $(1)/opt/zapret/common
 	$(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret/common/
-	$(INSTALL_DIR) $(1)/opt/zapret/docs
-	$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret/docs/
+	#$(INSTALL_DIR) $(1)/opt/zapret/docs
+	#$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret/docs/
 	$(INSTALL_DIR) $(1)/opt/zapret/files
 	$(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret/files/
 	$(INSTALL_DIR) $(1)/opt/zapret/ipset
@@ -90,17 +90,58 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_CONF) ./ipset/zapret-ip-user.txt            $(1)/opt/zapret/ipset/zapret-ip-user.txt
 	$(INSTALL_CONF) ./ipset/zapret-ip-user-exclude.txt    $(1)/opt/zapret/ipset/zapret-ip-user-exclude.txt
 	$(INSTALL_CONF) ./ipset/zapret-ip-user-ipban.txt      $(1)/opt/zapret/ipset/zapret-ip-user-ipban.txt
+	$(INSTALL_CONF) ./ipset/cust1.txt      $(1)/opt/zapret/ipset/cust1.txt
+	$(INSTALL_CONF) ./ipset/cust2.txt      $(1)/opt/zapret/ipset/cust2.txt
+	$(INSTALL_CONF) ./ipset/cust3.txt      $(1)/opt/zapret/ipset/cust3.txt
+	$(INSTALL_CONF) ./ipset/cust4.txt      $(1)/opt/zapret/ipset/cust4.txt
 	$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
 endef
 
+define Package/$(PKG_NAME)/preinst
+#!/bin/sh
+# check if we are on real system
+if [ -z "$${IPKG_INSTROOT}" ]; then
+	if [ "$${PKG_UPGRADE}" = "1" ]; then
+		# stop service if PKG_UPGRADE
+		[ -x "/etc/init.d/zapret" ] && /etc/init.d/zapret stop >/dev/null 2>&1
+	fi
+fi	
+exit 0
+endef
+
 define Package/$(PKG_NAME)/postinst
 #!/bin/sh
 # check if we are on real system
 if [ -z "$${IPKG_INSTROOT}" ]; then
+	NEWCFGNAME=zapret-opkg
+	NEWCFGFILE=/etc/config/$${NEWCFGNAME}
+	if [ -f "$${NEWCFGFILE}" ]; then
+		uci -m -f /etc/config/zapret import "$${NEWCFGNAME}"
+		uci commit "$${NEWCFGNAME}"
+		uci -m -f "$${NEWCFGFILE}" import zapret
+		uci commit zapret
+		rm -f "$${NEWCFGFILE}"
+		echo "File /etc/config/zapret merged from IPK"
+	fi
+	NEWCONFIG=/opt/zapret/config-opkg
+	if [ -f "$${NEWCONFIG}" ]; then
+		# backup current main config
+		mv -f /opt/zapret/config /opt/zapret/config.backup
+		# renew main config
+		mv -f "$${NEWCONFIG}" /opt/zapret/config
+		echo "File /opt/zapret/config replaced from IPK"
+	fi
+	# synchnonize main config
+	/opt/zapret/sync_config.sh
+	# enable main service
 	/etc/init.d/zapret enable
+	# stop all
 	/etc/init.d/zapret stop_fw
 	/etc/init.d/zapret stop_daemons
+	ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $1}' | xargs -r kill -9
+	# start main service
 	/etc/init.d/zapret start
+	# restart firewall
 	[ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart
 fi
 exit 0
@@ -109,17 +150,19 @@ endef
 define Package/$(PKG_NAME)/prerm
 #!/bin/sh
 # check if we are on real system
-if [ -n "$${IPKG_INSTROOT}" ]; then
+if [ -z "$${IPKG_INSTROOT}" ]; then
 	EXEDIR=/opt/zapret
 	ZAPRET_BASE=/opt/zapret
 	ZAPRET_CONFIG=/opt/zapret/config
 	OPENWRT_FW_INCLUDE=/etc/firewall.zapret
-	. "$ZAPRET_CONFIG"
-	. "$ZAPRET_BASE/common/base.sh"
-	. "$ZAPRET_BASE/common/fwtype.sh"
-	. "$ZAPRET_BASE/common/installer.sh"
+	. "$${ZAPRET_CONFIG}"
+	. "$${ZAPRET_BASE}/common/base.sh"
+	. "$${ZAPRET_BASE}/common/fwtype.sh"
+	. "$${ZAPRET_BASE}/common/nft.sh"
+	. "$${ZAPRET_BASE}/common/installer.sh"
 	/etc/init.d/zapret disable
 	/etc/init.d/zapret stop
+	ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $1}' | xargs -r kill -9
 	remove_openwrt_firewall
 	nft_del_table
 	restart_openwrt_firewall
@@ -127,4 +170,16 @@ fi
 exit 0
 endef
 
+define Package/$(PKG_NAME)/postrm
+#!/bin/sh
+# check if we are on real system
+if [ -z "$${IPKG_INSTROOT}" ]; then
+	[ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg"
+	[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup2"
+	#rm -rf /opt/zapret
+	#echo "Directory /opt/zapret removed!"
+fi
+exit 0
+endef
+
 $(eval $(call BuildPackage,$(PKG_NAME)))

zapret/sync_config.sh

@@ -46,6 +46,8 @@ sync_param INIT_APPLY_FW
 sync_param DISABLE_IPV4
 sync_param DISABLE_IPV6
 sync_param MODE_FILTER
+sync_param DESYNC_MARK
+sync_param DESYNC_MARK_POSTNAT
 sync_param NFQWS_OPT_DESYNC str
 sync_param NFQWS_OPT_DESYNC_SUFFIX str
 sync_param MODE_HTTP

zapret/zapret.config

@@ -7,6 +7,8 @@ config main 'config'
 	option DISABLE_IPV4 '0'
 	option DISABLE_IPV6 '1'
 	option MODE_FILTER 'hostlist'
+	option DESYNC_MARK '0x40000000'
+	option DESYNC_MARK_POSTNAT '0x20000000'
 	option NFQWS_OPT_DESYNC '--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin'
 	option NFQWS_OPT_DESYNC_SUFFIX ''
 	option MODE_HTTP '1'