mirror of
https://github.com/remittor/zapret-openwrt.git
synced 2026-01-04 07:38:50 +03:00
Compare commits
25 Commits
v65-202410
...
v68-202411
| Author | SHA1 | Date | |
|---|---|---|---|
|
c0d77d6c8a | ||
|
|
d03ca95c93 | ||
|
|
f42c6da005 | ||
|
|
1b2bd2bdd5 | ||
|
|
2cf3d0b996 | ||
|
|
d463d2e39e | ||
|
|
148a397051 | ||
|
|
9f73af44dd | ||
|
|
40f0432b1c | ||
|
|
ca11a6cd55 | ||
|
|
39833fdcea | ||
|
|
425fde748f | ||
|
|
0df621f443 | ||
|
|
f17b00c107 | ||
|
|
c67ce19626 | ||
|
|
4b932b2c4a | ||
|
|
a8d25b2d2b | ||
|
|
9f40c1fcd1 | ||
|
|
3154d3f5f6 | ||
|
|
7e901513c5 | ||
|
|
5373d5dd2a | ||
|
|
836b324a0b | ||
|
|
2db3bd7514 | ||
|
|
0b20fe4a93 | ||
|
|
5f3dfe04ab |
18
.github/workflows/build.yml
vendored
18
.github/workflows/build.yml
vendored
@@ -4,7 +4,7 @@ on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
- v[0-9]+*
|
||||
|
||||
jobs:
|
||||
check:
|
||||
@@ -63,6 +63,7 @@ jobs:
|
||||
#if: needs.check.outputs.is_active == 'true'
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
#branch: [ openwrt-22.03, openwrt-23.05 ]
|
||||
branch: [ openwrt-23.05 ]
|
||||
@@ -111,6 +112,17 @@ jobs:
|
||||
repository: 'remittor/zapret-openwrt'
|
||||
path: zapret-openwrt
|
||||
|
||||
- name: Setup OpenWrt SDK
|
||||
if: ${{ matrix.branch == 'openwrt-23.05' || matrix.branch == 'SNAPSHOT' }}
|
||||
working-directory: /builder
|
||||
shell: bash
|
||||
run: |
|
||||
# gpg --verbose --recv-keys 0x1D53D1877742E911
|
||||
gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc')
|
||||
sed -r -i 's/^rm.+//' setup.sh
|
||||
./setup.sh
|
||||
ls -lh
|
||||
|
||||
- name: Setup ccache
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
@@ -132,8 +144,8 @@ jobs:
|
||||
shell: bash
|
||||
run: |
|
||||
#export PKG_VERSION=$(date --utc -d $DATE +%Y%m%d)
|
||||
#find $GITHUB_WORKSPACE/zapret-openwrt -type d -path '*/package/zapret' -exec cp -r {} ./package \;
|
||||
cp -r $GITHUB_WORKSPACE/zapret-openwrt ./package/zapret-openwrt/
|
||||
#find $GITHUB_WORKSPACE/zapret-openwrt -type d -path '*/package/zapret' -exec cp -vr {} ./package \;
|
||||
cp -vr $GITHUB_WORKSPACE/zapret-openwrt ./package/zapret-openwrt/
|
||||
|
||||
mv feeds.conf.default feeds.conf
|
||||
sed -i -e 's|base.*\.git|base https://github.com/openwrt/openwrt.git|' feeds.conf
|
||||
|
||||
@@ -4,3 +4,8 @@
|
||||
[Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapret‐openwrt-package)
|
||||
|
||||
[Download page](https://github.com/remittor/zapret-openwrt/releases)
|
||||
|
||||
Screenshot:
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -5,15 +5,27 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=luci-app-zapret
|
||||
PKG_RELEASE:=20241023
|
||||
PKG_VERSION:=65-$(PKG_RELEASE)
|
||||
PKG_RELEASE:=20241110
|
||||
PKG_VERSION:=68-$(PKG_RELEASE)
|
||||
PKG_LICENSE:=MIT
|
||||
|
||||
LUCI_TITLE:=LuCI support for zapret
|
||||
LUCI_DEPENDS:=+zapret
|
||||
LUCI_PKGARCH:=all
|
||||
|
||||
#include ../../luci.mk
|
||||
define Package/$(PKG_NAME)/postinst
|
||||
#!/bin/sh
|
||||
if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
rm -f /tmp/luci-index*
|
||||
rm -rf /tmp/luci-modulecache/
|
||||
#killall -HUP rpcd 2>/dev/null
|
||||
/etc/init.d/rpcd reload
|
||||
/sbin/luci-reload
|
||||
/etc/init.d/uhttpd reload
|
||||
fi
|
||||
exit 0
|
||||
endef
|
||||
|
||||
include $(TOPDIR)/feeds/luci/luci.mk
|
||||
|
||||
# call BuildPackage - OpenWrt buildroot signature
|
||||
|
||||
@@ -14,19 +14,27 @@ const btn_style_warning = 'btn cbi-button-negative';
|
||||
const btn_style_success = 'btn cbi-button-success important';
|
||||
|
||||
return view.extend({
|
||||
disableButtons: function(flag, btn, elems = { }) {
|
||||
let btn_enable = elems.btn_enable || document.getElementById('btn_enable');
|
||||
let btn_disable = elems.btn_disable || document.getElementById('btn_disable');
|
||||
let btn_start = elems.btn_start || document.getElementById('btn_start');
|
||||
let btn_restart = elems.btn_restart || document.getElementById('btn_restart');
|
||||
let btn_stop = elems.btn_stop || document.getElementById('btn_stop');
|
||||
let btn_update = elems.btn_update || document.getElementById('btn_update');
|
||||
btn_enable.disabled = flag;
|
||||
btn_disable.disabled = flag;
|
||||
btn_start.disabled = flag;
|
||||
btn_restart.disabled = flag;
|
||||
btn_stop.disabled = flag;
|
||||
btn_update.disabled = true; // TODO
|
||||
get_svc_buttons: function(elems = { }) {
|
||||
return {
|
||||
enable : elems.btn_enable || document.getElementById('btn_enable'),
|
||||
disable : elems.btn_disable || document.getElementById('btn_disable'),
|
||||
start : elems.btn_start || document.getElementById('btn_start'),
|
||||
restart : elems.btn_restart || document.getElementById('btn_restart'),
|
||||
stop : elems.btn_stop || document.getElementById('btn_stop'),
|
||||
update : elems.btn_update || document.getElementById('btn_update'),
|
||||
reset : elems.btn_update || document.getElementById('btn_reset'),
|
||||
};
|
||||
},
|
||||
|
||||
disableButtons: function(flag, button, elems = { }) {
|
||||
let btn = this.get_svc_buttons(elems);
|
||||
btn.enable.disabled = flag;
|
||||
btn.disable.disabled = flag;
|
||||
btn.start.disabled = flag;
|
||||
btn.restart.disabled = flag;
|
||||
btn.stop.disabled = flag;
|
||||
btn.update.disabled = true; // TODO
|
||||
btn.reset.disabled = flag;
|
||||
},
|
||||
|
||||
getAppStatus: function() {
|
||||
@@ -34,6 +42,7 @@ return view.extend({
|
||||
tools.getInitState(tools.appName), // svc_state
|
||||
fs.exec(tools.execPath, [ 'info' ]), // svc_info
|
||||
fs.exec('/bin/ps'), // process list
|
||||
fs.exec('/bin/opkg', [ 'list-installed', '*zapret*' ]), // installed packages
|
||||
uci.load(tools.appName), // config
|
||||
]).catch(e => {
|
||||
ui.addNotification(null, E('p', _('Unable to execute or read contents')
|
||||
@@ -55,6 +64,7 @@ return view.extend({
|
||||
let svc_autorun = status_array[0] ? true : false;
|
||||
let svc_info = status_array[1]; // stdout: JSON as text
|
||||
let proc_list = status_array[2]; // stdout: multiline text
|
||||
let pkg_list = status_array[3]; // stdout: installed packages
|
||||
if (svc_info.code != 0) {
|
||||
ui.addNotification(null, E('p', _('Unable to read the service info') + ': setAppStatus()'));
|
||||
this.disableButtons(true, null, elems);
|
||||
@@ -65,37 +75,36 @@ return view.extend({
|
||||
this.disableButtons(true, null, elems);
|
||||
return;
|
||||
}
|
||||
if (pkg_list.code != 0) {
|
||||
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
|
||||
this.disableButtons(true, null, elems);
|
||||
return;
|
||||
}
|
||||
let svcinfo;
|
||||
if (force_app_status) {
|
||||
svcinfo = force_app_status;
|
||||
} else {
|
||||
svcinfo = tools.decode_svc_info(svc_autorun, svc_info, proc_list, cfg);
|
||||
}
|
||||
let btn_enable = elems.btn_enable || document.getElementById('btn_enable');
|
||||
let btn_disable = elems.btn_disable || document.getElementById('btn_disable');
|
||||
|
||||
let btn_start = elems.btn_start || document.getElementById('btn_start');
|
||||
let btn_restart = elems.btn_restart || document.getElementById('btn_restart');
|
||||
let btn_stop = elems.btn_stop || document.getElementById('btn_stop');
|
||||
|
||||
let btn_update = elems.btn_update || document.getElementById('btn_update');
|
||||
btn_update.disabled = true; // TODO
|
||||
let btn = this.get_svc_buttons(elems);
|
||||
btn.update.disabled = true; // TODO
|
||||
btn.reset.disabled = false;
|
||||
|
||||
if (Number.isInteger(svcinfo)) {
|
||||
ui.addNotification(null, E('p', _('Error')
|
||||
+ ' %s: return code = %s'.format('decode_svc_info', svcinfo + ' ')));
|
||||
this.disableButtons(true, null, elems);
|
||||
} else {
|
||||
btn_enable.disabled = (svc_autorun) ? true : false;
|
||||
btn_disable.disabled = (svc_autorun) ? false : true;
|
||||
if (svcinfo.dmn.total == 0) {
|
||||
btn_start.disabled = false;
|
||||
btn_restart.disabled = true;
|
||||
btn_stop.disabled = true;
|
||||
btn.enable.disabled = (svc_autorun) ? true : false;
|
||||
btn.disable.disabled = (svc_autorun) ? false : true;
|
||||
if (!svcinfo.dmn.inited) {
|
||||
btn.start.disabled = false;
|
||||
btn.restart.disabled = true;
|
||||
btn.stop.disabled = true;
|
||||
} else {
|
||||
btn_start.disabled = true;
|
||||
btn_restart.disabled = false;
|
||||
btn_stop.disabled = false;
|
||||
btn.start.disabled = true;
|
||||
btn.restart.disabled = false;
|
||||
btn.stop.disabled = false;
|
||||
}
|
||||
}
|
||||
let elem_status = elems.status || document.getElementById("status");
|
||||
@@ -128,7 +137,7 @@ return view.extend({
|
||||
});
|
||||
},
|
||||
|
||||
serviceActionEx: function(action, button) {
|
||||
serviceActionEx: function(action, button, hide_modal = false) {
|
||||
if (button) {
|
||||
let elem = document.getElementById(button);
|
||||
this.disableButtons(true, elem);
|
||||
@@ -136,11 +145,32 @@ return view.extend({
|
||||
poll.stop();
|
||||
|
||||
let _this = this;
|
||||
|
||||
return fs.exec(tools.syncCfgPath)
|
||||
let exec_cmd = null;
|
||||
let exec_arg = [ ];
|
||||
let errmsg = 'ERROR:';
|
||||
if (action == 'start' || action == 'restart') {
|
||||
exec_cmd = tools.syncCfgPath;
|
||||
errmsg = _('Unable to run sync_config.sh script.');
|
||||
}
|
||||
else if (action == 'reset') {
|
||||
exec_cmd = tools.defaultCfgPath;
|
||||
exec_arg = [ '-f' ];
|
||||
errmsg = _('Unable to run uci-def-cfg.sh script.');
|
||||
action = null;
|
||||
} else {
|
||||
ui.addNotification(null, E('p', 'ERROR: unknown action'));
|
||||
return null;
|
||||
}
|
||||
return fs.exec(exec_cmd, exec_arg)
|
||||
.then(function(res) {
|
||||
if (res.code != 0) {
|
||||
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' res.code = ' + res.code));
|
||||
ui.addNotification(null, E('p', errmsg + ' res.code = ' + res.code));
|
||||
action = null; // return with error
|
||||
}
|
||||
if (hide_modal) {
|
||||
ui.hideModal();
|
||||
}
|
||||
if (!action) {
|
||||
return _this.getAppStatus().then(
|
||||
(status_array) => {
|
||||
_this.setAppStatus(status_array);
|
||||
@@ -150,7 +180,7 @@ return view.extend({
|
||||
return _this.serviceAction(action, null);
|
||||
})
|
||||
.catch(e => {
|
||||
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' Error: ' + e.message));
|
||||
ui.addNotification(null, E('p', errmsg + ' Error: ' + e.message));
|
||||
});
|
||||
},
|
||||
|
||||
@@ -186,29 +216,29 @@ return view.extend({
|
||||
);
|
||||
},
|
||||
|
||||
dialogDestroy: function(ev) {
|
||||
dialogResetCfg: function(ev) {
|
||||
ev.target.blur();
|
||||
let cancel_button = E('button', {
|
||||
'class': btn_style_neutral,
|
||||
'click': ui.hideModal,
|
||||
}, _('Cancel'));
|
||||
|
||||
let shutdown_btn = E('button', {
|
||||
'class': btn_style_warning,
|
||||
}, _('Shutdown'));
|
||||
shutdown_btn.onclick = ui.createHandlerFn(this, () => {
|
||||
let resetcfg_btn = E('button', {
|
||||
'class': btn_style_action,
|
||||
}, _('Reset settings'));
|
||||
resetcfg_btn.onclick = ui.createHandlerFn(this, () => {
|
||||
cancel_button.disabled = true;
|
||||
return this.appAction('destroy');
|
||||
return this.serviceActionEx('reset', resetcfg_btn, true);
|
||||
});
|
||||
|
||||
ui.showModal(_('Shutdown'), [
|
||||
ui.showModal(_('Reset settings to default'), [
|
||||
E('div', { 'class': 'cbi-section' }, [
|
||||
E('p', _('The service will be disabled. Continue?')),
|
||||
E('p', _('All settings will be reset to default. Continue?')),
|
||||
]),
|
||||
E('div', { 'class': 'right' }, [
|
||||
shutdown_btn,
|
||||
' ',
|
||||
cancel_button,
|
||||
' ',
|
||||
resetcfg_btn,
|
||||
])
|
||||
]);
|
||||
},
|
||||
@@ -223,6 +253,12 @@ return view.extend({
|
||||
}
|
||||
let cfg = uci.get(tools.appName, 'config');
|
||||
|
||||
let pkg_list = status_array[3];
|
||||
if (pkg_list === undefined || typeof(pkg_list) !== 'object' || pkg_list.code != 0) {
|
||||
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
|
||||
return;
|
||||
}
|
||||
|
||||
let status_string = E('div', {
|
||||
'id' : 'status',
|
||||
'name' : 'status',
|
||||
@@ -282,8 +318,9 @@ return view.extend({
|
||||
btn_update.onclick = ui.createHandlerFn(this, () => { this.appAction('update', 'btn_update') });
|
||||
layout_append(_('Update blacklist'), null, [ btn_update ] );
|
||||
|
||||
let btn_destroy = create_btn('btn_destroy', btn_style_negative, _('Shutdown'));
|
||||
btn_destroy.onclick = L.bind(this.dialogDestroy, this);
|
||||
let btn_reset = create_btn('btn_reset', btn_style_action, _('Reset settings'));
|
||||
btn_reset.onclick = L.bind(this.dialogResetCfg, this);
|
||||
layout_append(_('Reset settings to default'), null, [ btn_reset ] );
|
||||
|
||||
let elems = {
|
||||
"status": status_string,
|
||||
@@ -293,16 +330,35 @@ return view.extend({
|
||||
"btn_restart": btn_restart,
|
||||
"btn_stop": btn_stop,
|
||||
"btn_update": btn_update,
|
||||
"btn_reset": btn_reset,
|
||||
};
|
||||
this.setAppStatus(status_array, elems);
|
||||
|
||||
poll.add(L.bind(this.statusPoll, this));
|
||||
|
||||
let page_title = _('Zapret');
|
||||
let pkgdict = tools.decode_pkg_list(pkg_list.stdout);
|
||||
page_title += '   ';
|
||||
if (pkgdict['zapret'] === undefined || pkgdict['zapret'] == '') {
|
||||
page_title += 'unknown version';
|
||||
} else {
|
||||
page_title += 'v' + pkgdict['zapret'];
|
||||
}
|
||||
let aux1 = E('em');
|
||||
let aux2 = E('em');
|
||||
if (pkgdict['zapret'] != pkgdict['luci-app-zapret']) {
|
||||
let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret'] + ' [ incorrect version! ]';
|
||||
aux1 = E('div', { 'class': 'label-status error' }, errtxt);
|
||||
aux2 = E('div', { }, ' ');
|
||||
}
|
||||
|
||||
let url1 = 'https://github.com/bol-van/zapret';
|
||||
let url2 = 'https://github.com/remittor/zapret-openwrt';
|
||||
|
||||
return E([
|
||||
E('h2', { 'class': 'fade-in' }, _('Zapret')),
|
||||
E('h2', { 'class': 'fade-in' }, page_title),
|
||||
aux1,
|
||||
aux2,
|
||||
E('div', { 'class': 'cbi-section-descr fade-in' },
|
||||
E('a', { 'href': url1, 'target': '_blank' }, url1),
|
||||
),
|
||||
|
||||
@@ -64,10 +64,10 @@ return view.extend({
|
||||
//o.value('iptables', 'iptables');
|
||||
//o.value('ipfw', 'ipfw');
|
||||
|
||||
o = s.taboption(tabname, form.ListValue, 'MODE', _('MODE'));
|
||||
o.value('nfqws', 'nfqws');
|
||||
//o.value('tpws', 'tpws');
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'POSTNAT', _('POSTNAT'));
|
||||
o.rmempty = false;
|
||||
o.default = 1;
|
||||
|
||||
o = s.taboption(tabname, form.ListValue, 'FLOWOFFLOAD', _('FLOWOFFLOAD'));
|
||||
o.value('donttouch', 'donttouch');
|
||||
o.value('none', 'none');
|
||||
@@ -92,44 +92,6 @@ return view.extend({
|
||||
o.value('hostlist', 'hostlist');
|
||||
o.value('autohostlist', 'autohostlist');
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'MODE_HTTP', _('MODE_HTTP'));
|
||||
o.rmempty = false;
|
||||
o.default = 0;
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'MODE_HTTP_KEEPALIVE', _('MODE_HTTP_KEEPALIVE'));
|
||||
o.rmempty = false;
|
||||
o.default = 0;
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'HTTP_PORTS', _('HTTP_PORTS'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'MODE_HTTPS', _('MODE_HTTPS'));
|
||||
o.rmempty = false;
|
||||
o.default = 0;
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'HTTPS_PORTS', _('HTTPS_PORTS'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'MODE_QUIC', _('MODE_QUIC'));
|
||||
o.rmempty = false;
|
||||
o.default = 0;
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'QUIC_PORTS', _('QUIC_PORTS'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
|
||||
//o.description = _("nfqws option for DPI desync attack");
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'DESYNC_MARK_POSTNAT', _('DESYNC_MARK_POSTNAT'));
|
||||
//o.description = _("nfqws option for DPI desync attack");
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
/* NFQWS_OPT_DESYNC tab */
|
||||
|
||||
tabname = 'nfqws_params';
|
||||
@@ -141,67 +103,154 @@ return view.extend({
|
||||
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
|
||||
};
|
||||
|
||||
let add_param = function(sec, param, locname = null, rows = 10) {
|
||||
let add_param = function(sec, param, locname = null, rows = 10, multiline = false) {
|
||||
if (!locname)
|
||||
locname = param;
|
||||
let btn = sec.taboption(tabname, form.Button, '_' + param + '_btn', locname);
|
||||
btn.inputtitle = _('Edit');
|
||||
btn.inputstyle = 'edit btn';
|
||||
let val = sec.taboption(tabname, form.DummyValue, '_' + param);
|
||||
val.rawhtml = false;
|
||||
val.rawhtml = multiline ? true : false;
|
||||
val.cfgvalue = function(section_id) {
|
||||
let name = uci.get(tools.appName, section_id, param);
|
||||
if (name == null || name == "")
|
||||
name = "";
|
||||
return name;
|
||||
let value = uci.get(tools.appName, section_id, param);
|
||||
if (value == null) {
|
||||
return "";
|
||||
}
|
||||
value = value.trim();
|
||||
if (multiline == 2) {
|
||||
value = value.replace(/\n --/g, "\n--");
|
||||
value = value.replace(/\n --/g, "\n--");
|
||||
value = value.replace(/ --/g, "\n--");
|
||||
}
|
||||
if (val.rawhtml) {
|
||||
value = value.replace(/</g, '˂');
|
||||
value = value.replace(/>/g, '˃');
|
||||
value = value.replace(/\n/g, '<br/>');
|
||||
}
|
||||
return value;
|
||||
};
|
||||
val.validate = function(section_id, value) {
|
||||
if (!value)
|
||||
return "";
|
||||
return value.trim();
|
||||
return (value) ? value.trim() : "";
|
||||
};
|
||||
btn.onclick = () => new tools.longstrEditDialog('config', param, param, locname, rows).show();
|
||||
btn.onclick = () => new tools.longstrEditDialog('config', param, param, locname, rows, multiline).show();
|
||||
};
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE'));
|
||||
o.rmempty = false;
|
||||
o.default = 1;
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
|
||||
//o.description = _("nfqws option for DPI desync attack");
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'DESYNC_MARK_POSTNAT', _('DESYNC_MARK_POSTNAT'));
|
||||
//o.description = _("nfqws option for DPI desync attack");
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'string';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'uinteger';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP_KEEPALIVE', _('NFQWS_PORTS_UDP_KEEPALIVE'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'uinteger';
|
||||
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTP');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTP_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_QUIC');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_QUIC_SUFFIX');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6');
|
||||
add_delim(s);
|
||||
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6_SUFFIX');
|
||||
add_param(s, 'NFQWS_OPT', null, 18, 2);
|
||||
|
||||
/* AutoHostList settings */
|
||||
|
||||
tabname = 'autohostlist_tab';
|
||||
s.tab(tabname, _('AutoHostList'));
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_THRESHOLD', _('RETRANS_THRESHOLD'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'uinteger';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_THRESHOLD', _('FAIL_THRESHOLD'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'uinteger';
|
||||
|
||||
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_TIME', _('FAIL_TIME'));
|
||||
o.rmempty = false;
|
||||
o.datatype = 'uinteger';
|
||||
|
||||
o = s.taboption(tabname, form.Button, '_auto_host_btn', _('Auto host list entries'));
|
||||
o.inputtitle = _('Edit');
|
||||
o.inputstyle = 'edit btn';
|
||||
o.description = tools.autoHostListFN;
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
tools.autoHostListFN,
|
||||
_('Auto host list'),
|
||||
'',
|
||||
'',
|
||||
15
|
||||
).show();
|
||||
|
||||
o = s.taboption(tabname, form.Flag, 'AUTOHOSTLIST_DEBUGLOG', _('DEBUGLOG'));
|
||||
o.rmempty = false;
|
||||
o.default = 0;
|
||||
|
||||
o = s.taboption(tabname, form.Button, '_auto_host_debug_btn', _('Auto host debug list entries'));
|
||||
o.inputtitle = _('Edit');
|
||||
o.inputstyle = 'edit btn';
|
||||
o.description = tools.autoHostListDbgFN;
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
tools.autoHostListDbgFN,
|
||||
_('Auto host debug list'),
|
||||
'',
|
||||
'',
|
||||
15
|
||||
).show();
|
||||
|
||||
/* Blacklist settings */
|
||||
|
||||
tabname = 'blacklist_tab';
|
||||
s.tab(tabname, _('Blacklist settings'));
|
||||
|
||||
o = s.taboption(tabname, form.Button, '_google_entries_btn', _('Google hostname entries'));
|
||||
o.inputtitle = _('Edit');
|
||||
o.inputstyle = 'edit btn';
|
||||
o.description = tools.hostsGoogleFN;
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
tools.hostsGoogleFN,
|
||||
_('Google hostname entries'),
|
||||
_('One hostname per line.<br />Examples:'),
|
||||
'<code>youtube.com<br />googlevideo.com</code>',
|
||||
15
|
||||
).show();
|
||||
|
||||
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries'));
|
||||
o.inputtitle = _('Edit');
|
||||
o.inputstyle = 'edit btn';
|
||||
o.description = tools.hostsUserFN;
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
tools.hostsUserFN,
|
||||
_('User entries'),
|
||||
_('One hostname per line.<br />Examples:'),
|
||||
@@ -213,7 +262,7 @@ return view.extend({
|
||||
o.inputtitle = _('Edit');
|
||||
o.inputstyle = 'edit btn';
|
||||
o.description = tools.hostsUserExcludeFN;
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
o.onclick = () => new tools.fileEditDialog(
|
||||
tools.hostsUserExcludeFN,
|
||||
_('User excluded entries'),
|
||||
_('One hostname per line.<br />Examples:'),
|
||||
|
||||
@@ -38,7 +38,9 @@ return baseclass.extend({
|
||||
appName : 'zapret',
|
||||
execPath : '/etc/init.d/zapret',
|
||||
syncCfgPath : '/opt/zapret/sync_config.sh',
|
||||
defaultCfgPath : '/opt/zapret/uci-def-cfg.sh',
|
||||
|
||||
hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt',
|
||||
hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt',
|
||||
hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt',
|
||||
iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt',
|
||||
@@ -47,6 +49,9 @@ return baseclass.extend({
|
||||
custFileMax : 4,
|
||||
custFileTemplate : '/opt/zapret/ipset/cust%s.txt',
|
||||
|
||||
autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt',
|
||||
autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log',
|
||||
|
||||
infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>',
|
||||
infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
|
||||
infoLabelStopped : '<span class="label-status stopped">' + _('Stopped') + '</span>',
|
||||
@@ -104,6 +109,21 @@ return baseclass.extend({
|
||||
return (v && typeof(v) === 'string') ? v.trim().replace(/\r?\n/g, '') : v;
|
||||
},
|
||||
|
||||
decode_pkg_list: function(pkg_list) {
|
||||
let pkg_dict = { };
|
||||
let lines = pkg_list.trim().split('\n');
|
||||
for (let i = 0; i < lines.length; i++) {
|
||||
let line = lines[i].trim();
|
||||
if (line.length >= 4) {
|
||||
let word_list = line.split(' - ');
|
||||
let name = word_list[0].trim();
|
||||
let ver = word_list[1].trim();
|
||||
pkg_dict[name] = ver;
|
||||
}
|
||||
}
|
||||
return pkg_dict;
|
||||
},
|
||||
|
||||
get_pid_list: function(proc_list) {
|
||||
let plist = [ ];
|
||||
let lines = proc_list.trim().split('\n');
|
||||
@@ -125,6 +145,7 @@ return baseclass.extend({
|
||||
let result = {
|
||||
"autorun": svc_autorun,
|
||||
"dmn": {
|
||||
inited: false,
|
||||
total: 0,
|
||||
running: 0,
|
||||
working: 0,
|
||||
@@ -139,23 +160,38 @@ return baseclass.extend({
|
||||
}
|
||||
let plist = this.get_pid_list(proc_list.stdout);
|
||||
|
||||
let jdata = JSON.parse(svc_info.stdout);
|
||||
if (typeof(jdata) !== 'object') {
|
||||
if (plist.length < 4) {
|
||||
return -3;
|
||||
}
|
||||
if (typeof(svc_info.stdout) !== 'string') {
|
||||
return -4;
|
||||
}
|
||||
if (svc_info.stdout.length < 3) {
|
||||
return -5;
|
||||
}
|
||||
let jdata;
|
||||
try {
|
||||
jdata = JSON.parse(svc_info.stdout);
|
||||
} catch (e) {
|
||||
console.log('Incorrect JSON: ' + svc_info.stdout);
|
||||
return -6;
|
||||
}
|
||||
if (typeof(jdata) !== 'object') {
|
||||
return -7;
|
||||
}
|
||||
if (typeof(jdata.zapret) == 'object') {
|
||||
result.dmn.inited = true;
|
||||
let dmn_list = jdata.zapret.instances;
|
||||
if (typeof(dmn_list) !== 'object') {
|
||||
return -4;
|
||||
}
|
||||
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
|
||||
result.dmn.total += 1;
|
||||
if (daemon.running) {
|
||||
result.dmn.running += 1;
|
||||
}
|
||||
if (daemon.pid !== undefined && daemon.pid != null) {
|
||||
if (plist.includes(daemon.pid)) {
|
||||
result.dmn.working += 1;
|
||||
if (typeof(dmn_list) == 'object') {
|
||||
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
|
||||
result.dmn.total += 1;
|
||||
if (daemon.running) {
|
||||
result.dmn.running += 1;
|
||||
}
|
||||
if (daemon.pid !== undefined && daemon.pid != null) {
|
||||
if (plist.includes(daemon.pid)) {
|
||||
result.dmn.working += 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -164,7 +200,7 @@ return baseclass.extend({
|
||||
if (result.dmn.total == 0) {
|
||||
result.status = (!svc_autorun) ? this.statusDict.disabled : this.statusDict.stopped;
|
||||
} else {
|
||||
result.status = (!result.dmn.working) ? this.statusDict.started : this.statusDict.running;
|
||||
result.status = (result.dmn.inited) ? this.statusDict.started : this.statusDict.running;
|
||||
}
|
||||
return result;
|
||||
},
|
||||
@@ -175,7 +211,7 @@ return baseclass.extend({
|
||||
|
||||
if (typeof(svcinfo) == 'object') {
|
||||
svc_autorun = (svcinfo.autorun) ? _('Enabled') : _('Disabled');
|
||||
if (svcinfo.dmn.total == 0) {
|
||||
if (!svcinfo.dmn.inited) {
|
||||
svc_daemons = _('Stopped');
|
||||
} else {
|
||||
svc_daemons = (!svcinfo.dmn.working) ? _('Starting') : _('Running');
|
||||
@@ -331,16 +367,26 @@ return baseclass.extend({
|
||||
}),
|
||||
|
||||
longstrEditDialog: baseclass.extend({
|
||||
__init__: function(cfgsec, cfgparam, title, desc, rows = 10) {
|
||||
__init__: function(cfgsec, cfgparam, title, desc, rows = 10, multiline = false) {
|
||||
this.cfgsec = cfgsec;
|
||||
this.cfgparam = cfgparam;
|
||||
this.title = title;
|
||||
this.desc = desc;
|
||||
this.rows = rows;
|
||||
this.multiline = multiline;
|
||||
},
|
||||
|
||||
load: function() {
|
||||
return uci.get('zapret', this.cfgsec, this.cfgparam);
|
||||
let value = uci.get('zapret', this.cfgsec, this.cfgparam);
|
||||
if (typeof(value) === 'string') {
|
||||
value = value.trim();
|
||||
if (this.multiline == 2) {
|
||||
value = value.replace(/\n --/g, "\n--");
|
||||
value = value.replace(/\n --/g, "\n--");
|
||||
value = value.replace(/ --/g, "\n--");
|
||||
}
|
||||
}
|
||||
return value;
|
||||
},
|
||||
|
||||
render: function(content) {
|
||||
@@ -378,13 +424,36 @@ return baseclass.extend({
|
||||
|
||||
handleSave: function(ev) {
|
||||
let txt = document.getElementById('widget.modal_content');
|
||||
let value = txt.value.trim().replace(/\r\n/g, ' ').replace(/\r/g, ' ').replace(/\n/g, ' ').trim();
|
||||
|
||||
let value = txt.value.trim();
|
||||
if (this.multiline) {
|
||||
value = value.replace(/\r/g, '');
|
||||
if (value != "" && value != "\t") {
|
||||
value = '\n' + value + '\n';
|
||||
}
|
||||
} else {
|
||||
value = value.replace(/\r\n/g, ' ');
|
||||
value = value.replace(/\r/g, ' ');
|
||||
value = value.replace(/\n/g, ' ');
|
||||
value = value.trim();
|
||||
}
|
||||
if (value == "") {
|
||||
value = "\t";
|
||||
}
|
||||
value = value.replace(/˂/g, '<');
|
||||
value = value.replace(/˃/g, '>');
|
||||
uci.set('zapret', this.cfgsec, this.cfgparam, value);
|
||||
uci.save();
|
||||
let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam);
|
||||
if (elem) {
|
||||
elem.querySelector('div').textContent = value;
|
||||
let val = value.trim();
|
||||
if (this.multiline) {
|
||||
val = val.replace(/</g, '˂');
|
||||
val = val.replace(/>/g, '˃');
|
||||
val = val.replace(/\n/g, '<br/>');
|
||||
elem.querySelector('div').innerHTML = val;
|
||||
} else {
|
||||
elem.querySelector('div').textContent = val;
|
||||
}
|
||||
}
|
||||
ui.hideModal();
|
||||
/*
|
||||
|
||||
@@ -9,6 +9,8 @@
|
||||
"/etc/crontabs/root": [ "read" ],
|
||||
"/etc/init.d/zapret*": [ "exec" ],
|
||||
"/bin/ps*": [ "exec" ],
|
||||
"/bin/opkg*": [ "exec" ],
|
||||
"/opt/zapret/uci-def-cfg.sh*": [ "exec" ],
|
||||
"/opt/zapret/sync_config.sh*": [ "exec" ]
|
||||
},
|
||||
"uci": [ "zapret", "network" ],
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=zapret-ip2net
|
||||
PKG_VERSION:=65
|
||||
PKG_RELEASE:=20241023
|
||||
PKG_VERSION:=68
|
||||
PKG_RELEASE:=20241110
|
||||
|
||||
PKG_MAINTAINER:=bol-van
|
||||
PKG_LICENSE:=MIT
|
||||
@@ -10,8 +10,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
|
||||
|
||||
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
|
||||
PKG_SOURCE_DATE:=2024-10-23
|
||||
PKG_SOURCE_VERSION:=41b4c6650b13707654066b5af007d531dd348286
|
||||
PKG_SOURCE_DATE:=2024-11-10
|
||||
|
||||
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=zapret-mdig
|
||||
PKG_VERSION:=65
|
||||
PKG_RELEASE:=20241023
|
||||
PKG_VERSION:=68
|
||||
PKG_RELEASE:=20241110
|
||||
|
||||
PKG_MAINTAINER:=bol-van
|
||||
PKG_LICENSE:=MIT
|
||||
@@ -10,8 +10,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
|
||||
|
||||
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
|
||||
PKG_SOURCE_DATE:=2024-10-23
|
||||
PKG_SOURCE_VERSION:=41b4c6650b13707654066b5af007d531dd348286
|
||||
PKG_SOURCE_DATE:=2024-11-10
|
||||
|
||||
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=zapret-tpws
|
||||
PKG_VERSION:=65
|
||||
PKG_RELEASE:=20241023
|
||||
PKG_VERSION:=68
|
||||
PKG_RELEASE:=20241110
|
||||
|
||||
PKG_MAINTAINER:=bol-van
|
||||
PKG_LICENSE:=MIT
|
||||
@@ -10,8 +10,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
|
||||
|
||||
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
|
||||
PKG_SOURCE_DATE:=2024-10-23
|
||||
PKG_SOURCE_VERSION:=41b4c6650b13707654066b5af007d531dd348286
|
||||
PKG_SOURCE_DATE:=2024-11-10
|
||||
|
||||
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
|
||||
|
||||
@@ -5,8 +5,8 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=zapret
|
||||
PKG_VERSION:=65
|
||||
PKG_RELEASE:=20241023
|
||||
PKG_VERSION:=68
|
||||
PKG_RELEASE:=20241110
|
||||
|
||||
PKG_MAINTAINER:=bol-van
|
||||
PKG_LICENSE:=MIT
|
||||
@@ -14,8 +14,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
|
||||
|
||||
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
|
||||
PKG_SOURCE_DATE:=2024-10-23
|
||||
PKG_SOURCE_VERSION:=41b4c6650b13707654066b5af007d531dd348286
|
||||
PKG_SOURCE_DATE:=2024-11-10
|
||||
|
||||
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
|
||||
@@ -78,19 +78,14 @@ define Package/$(PKG_NAME)/install
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret
|
||||
$(INSTALL_DIR) $(1)/etc/init.d
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/zapret $(1)/etc/init.d/zapret
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
$(INSTALL_CONF) ./zapret.config $(1)/etc/config/zapret
|
||||
$(INSTALL_CONF) ./config $(1)/opt/zapret/config
|
||||
#$(INSTALL_CONF) ./ipset/zapret-hosts-auto.txt $(1)/opt/zapret/ipset/zapret-hosts-auto.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt
|
||||
$(INSTALL_CONF) ./config.default $(1)/opt/zapret/config.default
|
||||
$(INSTALL_CONF) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-hosts-user-ipban.txt $(1)/opt/zapret/ipset/zapret-hosts-user-ipban.txt
|
||||
#$(INSTALL_CONF) ./ipset/zapret-ip.txt $(1)/opt/zapret/ipset/zapret-ip.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-ip-user.txt $(1)/opt/zapret/ipset/zapret-ip-user.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-ip-user-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-user-exclude.txt
|
||||
$(INSTALL_CONF) ./ipset/zapret-ip-user-ipban.txt $(1)/opt/zapret/ipset/zapret-ip-user-ipban.txt
|
||||
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
|
||||
$(INSTALL_DIR) $(1)/etc/uci-defaults
|
||||
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh
|
||||
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh
|
||||
endef
|
||||
|
||||
define Package/$(PKG_NAME)/preinst
|
||||
@@ -108,7 +103,15 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
# stop service if PKG_UPGRADE
|
||||
[ -x "/etc/init.d/zapret" ] && /etc/init.d/zapret stop >/dev/null 2>&1
|
||||
fi
|
||||
fi
|
||||
if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then
|
||||
if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then
|
||||
CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' )
|
||||
if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then
|
||||
rm -f "/opt/zapret/ipset/zapret-hosts-user.txt"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
exit 0
|
||||
endef
|
||||
|
||||
@@ -116,25 +119,37 @@ define Package/$(PKG_NAME)/postinst
|
||||
#!/bin/sh
|
||||
# check if we are on real system
|
||||
if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
NEWCFGNAME=zapret-opkg
|
||||
NEWCFGFILE=/etc/config/$${NEWCFGNAME}
|
||||
if [ -f "$${NEWCFGFILE}" ]; then
|
||||
uci -m -f /etc/config/zapret import "$${NEWCFGNAME}"
|
||||
uci commit "$${NEWCFGNAME}"
|
||||
uci -m -f "$${NEWCFGFILE}" import zapret
|
||||
uci commit zapret
|
||||
rm -f "$${NEWCFGFILE}"
|
||||
echo "File /etc/config/zapret merged from IPK"
|
||||
ZAPRET_CONFIG=/opt/zapret/config
|
||||
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
|
||||
# creating main config if its not exists
|
||||
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
|
||||
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
|
||||
fi
|
||||
NEWCONFIG=/opt/zapret/config-opkg
|
||||
if [ -f "$${NEWCONFIG}" ]; then
|
||||
# backup current main config
|
||||
mv -f /opt/zapret/config /opt/zapret/config.backup
|
||||
# renew main config
|
||||
mv -f "$${NEWCONFIG}" /opt/zapret/config
|
||||
echo "File /opt/zapret/config replaced from IPK"
|
||||
# check obsolete format for main config
|
||||
if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then
|
||||
echo "Detect obsolute format for main config!"
|
||||
ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup"
|
||||
cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}"
|
||||
echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}"
|
||||
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
|
||||
fi
|
||||
# synchnonize main config
|
||||
# create empty txt files into ipset directory
|
||||
[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt"
|
||||
#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt"
|
||||
[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt"
|
||||
[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt"
|
||||
#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt"
|
||||
[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt"
|
||||
[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt"
|
||||
[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt"
|
||||
# check existing uci-config
|
||||
[ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
|
||||
# create or merge uci-config
|
||||
/opt/zapret/uci-def-cfg.sh
|
||||
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config"
|
||||
# remove uci-default script from system dir (used into /etc/init.d/boot)
|
||||
rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh
|
||||
# copy (sync) all params from uci-config to main config
|
||||
/opt/zapret/sync_config.sh
|
||||
# enable main service
|
||||
/etc/init.d/zapret enable
|
||||
@@ -178,7 +193,7 @@ define Package/$(PKG_NAME)/postrm
|
||||
# check if we are on real system
|
||||
if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
[ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg"
|
||||
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup2"
|
||||
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup"
|
||||
#rm -rf /opt/zapret
|
||||
#echo "Directory /opt/zapret removed!"
|
||||
fi
|
||||
|
||||
@@ -7,6 +7,10 @@
|
||||
# override firewall type : iptables,nftables,ipfw
|
||||
FWTYPE=nftables
|
||||
|
||||
# nftables only : set this to 0 to use pre-nat mode. default is post-nat.
|
||||
# pre-nat mode disables some bypass techniques for forwarded traffic but allows to see client IP addresses in debug log
|
||||
POSTNAT=1
|
||||
|
||||
# options for ipsets
|
||||
# maximum number of elements in sets. also used for nft sets
|
||||
SET_MAXELEM=522288
|
||||
@@ -41,66 +45,56 @@ GZIP_LISTS=0
|
||||
# set to "-" to disable reload
|
||||
#LISTS_RELOAD="pfctl -f /etc/pf.conf"
|
||||
|
||||
# override ports
|
||||
HTTP_PORTS=80
|
||||
HTTPS_PORTS=443
|
||||
QUIC_PORTS=443
|
||||
|
||||
# CHOOSE OPERATION MODE
|
||||
# MODE : nfqws,tpws,tpws-socks,filter,custom
|
||||
# nfqws : nfqws for dpi desync
|
||||
# tpws : tpws transparent mode
|
||||
# tpws-socks : tpws socks mode
|
||||
# filter : no daemon, just create ipset or download hostlist
|
||||
# custom : custom mode. should modify custom init script and add your own code
|
||||
MODE=nfqws
|
||||
|
||||
MODE_HTTP=1
|
||||
MODE_HTTP_KEEPALIVE=0
|
||||
MODE_HTTPS=1
|
||||
MODE_QUIC=1
|
||||
|
||||
# none,ipset,hostlist,autohostlist
|
||||
MODE_FILTER=hostlist
|
||||
|
||||
# CHOOSE NFQWS DAEMON OPTIONS for DPI desync mode. run "nfq/nfqws --help" for option list
|
||||
# mark bit used by nfqws to prevent loop
|
||||
DESYNC_MARK=0x40000000
|
||||
DESYNC_MARK_POSTNAT=0x20000000
|
||||
|
||||
|
||||
NFQWS_OPT_DESYNC="--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin"
|
||||
TPWS_SOCKS_ENABLE=0
|
||||
# tpws socks listens on this port on localhost and LAN interfaces
|
||||
TPPORT_SOCKS=987
|
||||
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
|
||||
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
|
||||
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
|
||||
TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
|
||||
|
||||
NFQWS_OPT_DESYNC_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTP=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTP_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTPS=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTPS_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTP6=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTP6_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTPS6=""
|
||||
|
||||
NFQWS_OPT_DESYNC_HTTPS6_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15"
|
||||
|
||||
NFQWS_OPT_DESYNC_QUIC_SUFFIX=""
|
||||
|
||||
NFQWS_OPT_DESYNC_QUIC6=""
|
||||
|
||||
NFQWS_OPT_DESYNC_QUIC6_SUFFIX=""
|
||||
TPWS_ENABLE=0
|
||||
TPWS_PORTS="80,443"
|
||||
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
|
||||
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
|
||||
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
|
||||
TPWS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
|
||||
|
||||
|
||||
# CHOOSE TPWS DAEMON OPTIONS. run "tpws/tpws --help" for option list
|
||||
# SUFFIX VARS define additional lower priority desync profile. it's required if MODE_FILTER=hostlist and strategy has hostlist-incompatible 0-phase desync methods (mss)
|
||||
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
|
||||
#TPWS_OPT_SUFFIX="--mss 88"
|
||||
NFQWS_ENABLE=1
|
||||
|
||||
# redirect outgoing traffic with connbytes limiter applied in both directions.
|
||||
NFQWS_PORTS_TCP="80,443"
|
||||
NFQWS_PORTS_UDP="443"
|
||||
|
||||
# PKT_OUT means connbytes dir original
|
||||
# PKT_IN means connbytes dir reply
|
||||
# this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU.
|
||||
NFQWS_TCP_PKT_OUT="9"
|
||||
NFQWS_TCP_PKT_IN="3"
|
||||
NFQWS_UDP_PKT_OUT="9"
|
||||
NFQWS_UDP_PKT_IN="0"
|
||||
|
||||
# redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter
|
||||
# normally it's needed only for stateless DPI that matches every packet in a single TCP session
|
||||
# typical example are plain HTTP keep alives
|
||||
# this mode can be very CPU consuming. enable with care !
|
||||
NFQWS_PORTS_TCP_KEEPALIVE=0
|
||||
NFQWS_PORTS_UDP_KEEPALIVE=0
|
||||
|
||||
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
|
||||
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
|
||||
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
|
||||
NFQWS_OPT="--filter-tcp=80 <HOSTLIST> --dpi-desync=fake,split2 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,split2 --dpi-desync-repeats=11 --dpi-desync-fooling=md5sig --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 <HOSTLIST_NOAUTO> --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=80,443 <HOSTLIST> --dpi-desync=fake,disorder2 --dpi-desync-repeats=6 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig"
|
||||
|
||||
|
||||
# FlowOffload mode : donttouch,none,software,hardware
|
||||
FLOWOFFLOAD=none
|
||||
@@ -141,4 +135,3 @@ DISABLE_IPV6=1
|
||||
# possible values : get_user.sh get_antizapret.sh get_combined.sh get_reestr.sh get_hostlist.sh
|
||||
# comment if not required
|
||||
#GETLIST=get_antizapret_domains.sh
|
||||
#GETLIST=get_antifilter_ipsmart.sh
|
||||
@@ -4,14 +4,40 @@
|
||||
EXEDIR=/opt/zapret
|
||||
ZAPRET_BASE=/opt/zapret
|
||||
ZAPRET_CONFIG="$ZAPRET_BASE/config"
|
||||
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
|
||||
ZAPRET_CFG=/etc/config/zapret
|
||||
|
||||
ZAPRET_CFG_SEC_NAME="$( uci -q get zapret.config )"
|
||||
|
||||
if [ -z "$ZAPRET_CFG_SEC_NAME" ]; then
|
||||
# wrong uci-config
|
||||
return 1
|
||||
fi
|
||||
|
||||
function get_sed_compat
|
||||
{
|
||||
local str=$( ( echo $1|sed -r 's/([\$\.\*\/\[\\^])/\\\1/g'|sed 's/[]]/\\]/g' )>&1 )
|
||||
echo "$str"
|
||||
}
|
||||
|
||||
function uncomment_param
|
||||
{
|
||||
local param=$1
|
||||
local fname=${2:-$ZAPRET_CONFIG}
|
||||
sed -i "/^#$param=/s/^#//" $fname
|
||||
}
|
||||
|
||||
function append_param
|
||||
{
|
||||
local param=$1
|
||||
local fname=${2:-$ZAPRET_CONFIG}
|
||||
grep -q "^$param=" $fname
|
||||
if [ "$?" != "0" ]; then
|
||||
echo "" >> $fname
|
||||
echo "$param=" >> $fname
|
||||
fi
|
||||
}
|
||||
|
||||
function set_param_value
|
||||
{
|
||||
local param=$1
|
||||
@@ -32,41 +58,50 @@ function sync_param
|
||||
{
|
||||
local param=$1
|
||||
local vtype=$2
|
||||
local value=$( uci -q get zapret.@main[0].$param )
|
||||
local value="$( uci -q get zapret.config.$param )"
|
||||
uncomment_param $param
|
||||
append_param $param
|
||||
local TAB="$( echo -n -e '\t' )"
|
||||
if [ "$value" = "$TAB" ]; then
|
||||
value=""
|
||||
fi
|
||||
if [ "$vtype" = "str" ]; then
|
||||
set_param_value_str $param "$value"
|
||||
else
|
||||
set_param_value $param $value
|
||||
fi
|
||||
}
|
||||
|
||||
sync_param MODE
|
||||
|
||||
if [ ! -f "$ZAPRET_CONFIG" ]; then
|
||||
if [ ! -f "$ZAPRET_CONFIG_DEF" ]; then
|
||||
touch "$ZAPRET_CONFIG"
|
||||
else
|
||||
cp -f "$ZAPRET_CONFIG_DEF" "$ZAPRET_CONFIG"
|
||||
fi
|
||||
fi
|
||||
|
||||
sync_param FWTYPE
|
||||
sync_param POSTNAT
|
||||
sync_param FLOWOFFLOAD
|
||||
sync_param INIT_APPLY_FW
|
||||
sync_param DISABLE_IPV4
|
||||
sync_param DISABLE_IPV6
|
||||
sync_param MODE_FILTER
|
||||
|
||||
sync_param AUTOHOSTLIST_RETRANS_THRESHOLD
|
||||
sync_param AUTOHOSTLIST_FAIL_THRESHOLD
|
||||
sync_param AUTOHOSTLIST_FAIL_TIME
|
||||
sync_param AUTOHOSTLIST_DEBUGLOG
|
||||
|
||||
sync_param NFQWS_ENABLE
|
||||
sync_param DESYNC_MARK
|
||||
sync_param DESYNC_MARK_POSTNAT
|
||||
sync_param NFQWS_OPT_DESYNC str
|
||||
sync_param NFQWS_OPT_DESYNC_SUFFIX str
|
||||
sync_param MODE_HTTP
|
||||
sync_param MODE_HTTP_KEEPALIVE
|
||||
sync_param HTTP_PORTS
|
||||
sync_param NFQWS_OPT_DESYNC_HTTP str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTP_SUFFIX str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTP6 str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTP6_SUFFIX str
|
||||
sync_param MODE_HTTPS
|
||||
sync_param HTTPS_PORTS
|
||||
sync_param NFQWS_OPT_DESYNC_HTTPS str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTPS_SUFFIX str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTPS6 str
|
||||
sync_param NFQWS_OPT_DESYNC_HTTPS6_SUFFIX str
|
||||
sync_param MODE_QUIC
|
||||
sync_param QUIC_PORTS
|
||||
sync_param NFQWS_OPT_DESYNC_QUIC str
|
||||
sync_param NFQWS_OPT_DESYNC_QUIC_SUFFIX str
|
||||
sync_param NFQWS_OPT_DESYNC_QUIC6 str
|
||||
sync_param NFQWS_OPT_DESYNC_QUIC6_SUFFIX str
|
||||
|
||||
sync_param NFQWS_PORTS_TCP str
|
||||
sync_param NFQWS_PORTS_UDP str
|
||||
sync_param NFQWS_TCP_PKT_OUT str
|
||||
sync_param NFQWS_TCP_PKT_IN str
|
||||
sync_param NFQWS_UDP_PKT_OUT str
|
||||
sync_param NFQWS_UDP_PKT_IN str
|
||||
sync_param NFQWS_PORTS_TCP_KEEPALIVE
|
||||
sync_param NFQWS_PORTS_UDP_KEEPALIVE
|
||||
sync_param NFQWS_OPT str
|
||||
|
||||
143
zapret/uci-def-cfg.sh
Executable file
143
zapret/uci-def-cfg.sh
Executable file
@@ -0,0 +1,143 @@
|
||||
#!/bin/sh
|
||||
# Copyright (c) 2024 remittor
|
||||
|
||||
SCRIPT_SOURCED=0
|
||||
case ${0##*/} in ash|-ash) SCRIPT_SOURCED=1;; esac
|
||||
#[[ $_ != $0 ]] && echo "Script is being sourced" || echo "Script is a subshell"
|
||||
|
||||
ZAPRET_BASE=/opt/zapret
|
||||
ZAPRET_CONFIG="$ZAPRET_BASE/config"
|
||||
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
|
||||
ZAPRET_CFG_FILE=/etc/config/zapret
|
||||
ZAPRET_CFG_NAME=zapret
|
||||
|
||||
CFG_OPT_FORCE=0
|
||||
CFG_OPT_MERGE=0
|
||||
CFG_OPT_SYNC_CFG=0
|
||||
|
||||
|
||||
function set_default_values
|
||||
{
|
||||
local cfgname=${1:-$ZAPRET_CFG_NAME}
|
||||
local TAB="$( echo -n -e '\t' )"
|
||||
uci batch <<-EOF
|
||||
set $cfgname.config.autostart='0'
|
||||
# settings for zapret service
|
||||
set $cfgname.config.FWTYPE='nftables'
|
||||
set $cfgname.config.POSTNAT='1'
|
||||
set $cfgname.config.FLOWOFFLOAD='none'
|
||||
set $cfgname.config.INIT_APPLY_FW='1'
|
||||
set $cfgname.config.DISABLE_IPV4='0'
|
||||
set $cfgname.config.DISABLE_IPV6='1'
|
||||
set $cfgname.config.MODE_FILTER='hostlist'
|
||||
# autohostlist options
|
||||
set $cfgname.config.AUTOHOSTLIST_RETRANS_THRESHOLD='3'
|
||||
set $cfgname.config.AUTOHOSTLIST_FAIL_THRESHOLD='3'
|
||||
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
|
||||
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
|
||||
# nfqws options
|
||||
set $cfgname.config.NFQWS_ENABLE='1'
|
||||
set $cfgname.config.DESYNC_MARK='0x40000000'
|
||||
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
|
||||
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
|
||||
set $cfgname.config.NFQWS_PORTS_UDP='443'
|
||||
set $cfgname.config.NFQWS_TCP_PKT_OUT='9'
|
||||
set $cfgname.config.NFQWS_TCP_PKT_IN='3'
|
||||
set $cfgname.config.NFQWS_UDP_PKT_OUT='9'
|
||||
set $cfgname.config.NFQWS_UDP_PKT_IN='0'
|
||||
set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0'
|
||||
set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0'
|
||||
set $cfgname.config.NFQWS_OPT="
|
||||
--filter-tcp=80 <HOSTLIST>
|
||||
--dpi-desync=fake,split2
|
||||
--dpi-desync-autottl=2
|
||||
--dpi-desync-fooling=md5sig
|
||||
--new
|
||||
--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
|
||||
--dpi-desync=fake,split2
|
||||
--dpi-desync-repeats=11
|
||||
--dpi-desync-fooling=md5sig
|
||||
--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
|
||||
--new
|
||||
--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
|
||||
--dpi-desync=fake
|
||||
--dpi-desync-repeats=11
|
||||
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
|
||||
--new
|
||||
--filter-udp=443 <HOSTLIST_NOAUTO>
|
||||
--dpi-desync=fake
|
||||
--dpi-desync-repeats=11
|
||||
--new
|
||||
--filter-tcp=80,443 <HOSTLIST>
|
||||
--dpi-desync=fake,disorder2
|
||||
--dpi-desync-repeats=6
|
||||
--dpi-desync-autottl=2
|
||||
--dpi-desync-fooling=md5sig
|
||||
"
|
||||
# save changes
|
||||
commit $cfgname
|
||||
EOF
|
||||
return 0
|
||||
}
|
||||
|
||||
function create_default_config
|
||||
{
|
||||
local cfgname=${1:-$ZAPRET_CFG_NAME}
|
||||
local cfgfile=/etc/config/$cfgname
|
||||
rm -f $cfgfile
|
||||
touch $cfgfile
|
||||
uci set $cfgname.config=main
|
||||
set_default_values $cfgname
|
||||
return 0
|
||||
}
|
||||
|
||||
function merge_config_with_def_values
|
||||
{
|
||||
local cfgname=${1:-$ZAPRET_CFG_NAME}
|
||||
local force=$2
|
||||
local cfgfile=/etc/config/$cfgname
|
||||
local NEWCFGNAME="zapret-default"
|
||||
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
|
||||
|
||||
create_default_config "$NEWCFGNAME"
|
||||
[ ! -f "$NEWCFGFILE" ] && return 1
|
||||
|
||||
uci -m -f $cfgfile import "$NEWCFGNAME"
|
||||
uci commit "$NEWCFGNAME"
|
||||
uci -m -f "$NEWCFGFILE" import $cfgname
|
||||
uci commit $cfgname
|
||||
rm -f "$NEWCFGFILE"
|
||||
return 0
|
||||
}
|
||||
|
||||
|
||||
if [ "$SCRIPT_SOURCED" != "1" ]; then
|
||||
while getopts "fms" SCRIPT_OPT; do
|
||||
case $SCRIPT_OPT in
|
||||
f) CFG_OPT_FORCE=1;;
|
||||
m) CFG_OPT_MERGE=1;;
|
||||
s) CFG_OPT_SYNC_CFG=1;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ ! -f "$ZAPRET_CFG_FILE" ]; then
|
||||
CFG_OPT_FORCE=1
|
||||
fi
|
||||
|
||||
if [ "$CFG_OPT_FORCE" = "1" ]; then
|
||||
create_default_config
|
||||
[ "$CFG_OPT_SYNC_CFG" = "1" ] && /opt/zapret/sync_config.sh
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
CFG_OPT_MERGE=1
|
||||
merge_config_with_def_values
|
||||
|
||||
if [ ! -f "$ZAPRET_CONFIG" ]; then
|
||||
# create main config
|
||||
/opt/zapret/sync_config.sh
|
||||
fi
|
||||
|
||||
return 0
|
||||
@@ -1,32 +0,0 @@
|
||||
config main 'config'
|
||||
option autostart '0'
|
||||
option FWTYPE 'nftables'
|
||||
option MODE 'nfqws'
|
||||
option FLOWOFFLOAD 'none'
|
||||
option INIT_APPLY_FW '1'
|
||||
option DISABLE_IPV4 '0'
|
||||
option DISABLE_IPV6 '1'
|
||||
option MODE_FILTER 'hostlist'
|
||||
option DESYNC_MARK '0x40000000'
|
||||
option DESYNC_MARK_POSTNAT '0x20000000'
|
||||
option NFQWS_OPT_DESYNC '--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin'
|
||||
option NFQWS_OPT_DESYNC_SUFFIX ''
|
||||
option MODE_HTTP '1'
|
||||
option MODE_HTTP_KEEPALIVE '0'
|
||||
option HTTP_PORTS '80'
|
||||
option NFQWS_OPT_DESYNC_HTTP ''
|
||||
option NFQWS_OPT_DESYNC_HTTP_SUFFIX ''
|
||||
option NFQWS_OPT_DESYNC_HTTP6 ''
|
||||
option NFQWS_OPT_DESYNC_HTTP6_SUFFIX ''
|
||||
option MODE_HTTPS '1'
|
||||
option HTTPS_PORTS '443'
|
||||
option NFQWS_OPT_DESYNC_HTTPS ''
|
||||
option NFQWS_OPT_DESYNC_HTTPS_SUFFIX ''
|
||||
option NFQWS_OPT_DESYNC_HTTPS6 ''
|
||||
option NFQWS_OPT_DESYNC_HTTPS6_SUFFIX ''
|
||||
option MODE_QUIC '1'
|
||||
option QUIC_PORTS '443'
|
||||
option NFQWS_OPT_DESYNC_QUIC '--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15'
|
||||
option NFQWS_OPT_DESYNC_QUIC_SUFFIX ''
|
||||
option NFQWS_OPT_DESYNC_QUIC6 ''
|
||||
option NFQWS_OPT_DESYNC_QUIC6_SUFFIX ''
|
||||
Reference in New Issue
Block a user