Mirror/zapret-openwrt
1
0
Fork 0
mirror of https://github.com/remittor/zapret-openwrt.git synced 2026-01-04 07:38:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirror:v65-20241023-23.05
Branches Tags
Mirror:master Mirror:zap1 Mirror:gh-pages
Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012
...
compare: Mirror:v71.20250607
Branches Tags
Mirror:master Mirror:zap1 Mirror:gh-pages
Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012

105 Commits
v65-202410 ... v71.202506

Author SHA1 Message Date
remittor
e8fc868226 Bump version to v71.20250607 2025-06-07 22:06:10 +03:00
remittor
2670ff2985 build: Exclude arch arm_cortex-a7_neon-vfpv4 for SNAPSHOT 2025-06-07 22:05:49 +03:00
remittor
dda8f254a0 comfunc: MiniFix in init_before_start 2025-06-07 15:17:18 +03:00
remittor
62401bbad5 Bump version to v70.20250505 2025-05-05 15:26:18 +03:00
remittor
c31fab4aaf config: Add new param FILTER_TTL_EXPIRED_ICMP 
Source: dc1dc5c876
 2025-05-05 15:26:17 +03:00
remittor
d56cd06281 luci: Fix access to files into custom.d dir 2025-05-05 15:26:17 +03:00
remittor
5f681a372a install: Patch luci header.ut for force update browser-cache 
Aux info: https://github.com/openwrt/luci/pull/7725
 2025-05-05 15:26:17 +03:00
remittor
d9d339e157 comfunc: Fix stdout into func adapt_for_sed 2025-05-05 15:26:17 +03:00
remittor
dfbd77bb91 install: Check service running before stop 2025-04-27 20:30:01 +03:00
remittor
aa4adc0c50 Bump version to v70.20250419 2025-04-19 17:59:55 +03:00
remittor
919c91a6c7 luci: Fix get service info on OpenWrt 21.02 2025-04-19 17:59:31 +03:00
remittor
da2cf34f9f config: Remove comment-line from NFQWS_OPT on sync 2025-04-19 17:58:52 +03:00
remittor
6b1825387f luci: Add link to help page for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
ca2b1378c6 luci: Fix view multiline for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
d0b03e60b6 config: Fix process empty value for NFQWS_PORTS_xxx_KEEPALIVE 2025-04-18 14:07:00 +03:00
remittor
d4fb54c2c0 Bump version to v70.20250405 2025-04-05 12:03:52 +03:00
remittor
5a7676c6f5 luci: Update link to discord custom script 2025-04-04 19:51:38 +03:00
remittor
60865aa602 ipset: Add file "zapret-hosts-user.txt" 2025-03-31 20:08:32 +03:00
remittor
f6dd684b62 comfunc: Delete auto preset "abra-cadabra.com" 2025-03-31 20:03:09 +03:00
remittor
fee8520332 Revert "build: Exclude arch arm_cortex-a7_neon-vfpv4" 
This reverts commit f912f30944.
 2025-03-28 21:21:25 +03:00
remittor
d317bcf541 Bump version to v70.20250323 2025-03-23 12:43:45 +03:00
remittor
1d27f12791 luci: Fix version check for v24.10 release pkg 2025-03-23 12:43:27 +03:00
remittor
f912f30944 build: Exclude arch arm_cortex-a7_neon-vfpv4 2025-03-23 10:39:22 +03:00
remittor
2fb9ff7095 build: Remove arch arm_mpcore 2025-03-23 08:48:01 +03:00
remittor
8792204b57 build: Add arch aarch64_cortex-a76 2025-03-23 08:41:10 +03:00
remittor
59aaa0c3eb build: Using 24.10 branch 2025-03-23 08:39:57 +03:00
remittor
f77e985d37 ipset: Add play.google.com into zapret-hosts-user-exclude.txt 2025-02-25 10:47:18 +03:00
remittor
fa668eaaff ipset: add localhost to zapret-hosts-user-exclude.txt 2025-02-25 10:46:22 +03:00
remittor
6deb6f70fb init: Fix empty zapret-hosts-user.txt on start daemons 2025-02-25 10:41:38 +03:00
remittor
d234b5f762 Bump version to v70.20250213 2025-02-13 08:49:40 +03:00
remittor
7a36045383 luci: Fix initialization L.sysFeatures 2025-02-13 08:48:47 +03:00
remittor
55036bc03c init: Add cron task for removing huge log-files 2025-02-12 20:36:43 +03:00
remittor
f2e6b6fc7e luci: Rename blacklist to HostList 2025-02-12 20:27:37 +03:00
remittor
e2313c9096 luci: Add human readable messages (dmnlog) 2025-02-11 21:21:49 +03:00
remittor
a2fe8816f1 init: Fix ipset permissions on restart 2025-02-11 19:12:03 +03:00
remittor
71794ca7e0 readme: Update badges (add actual version) 2025-02-11 10:10:48 +03:00
remittor
cded72542e Bump version to v70.20250210 2025-02-10 21:03:36 +03:00
remittor
31522f53d7 config: Fix bug (add option DAEMON_LOG_FILE for sync) 2025-02-10 21:03:03 +03:00
remittor
794f86a34c luci: Fix refresh textarea with logs 2025-02-10 19:50:03 +03:00
remittor
2529444929 luci: Use fs.read_direct instead fs.exec_direct 2025-02-10 15:00:12 +03:00
remittor
8ef98e1bcd luci: Transfer option DISABLE_CUSTOM to tab custom.d 2025-02-10 14:56:52 +03:00
remittor
57cfc5af29 install: Fix file permissions 2025-02-10 14:03:22 +03:00
remittor
8e783c4bd6 init: Fix bug (remove log on each start) 2025-02-10 09:51:56 +03:00
remittor
f7114167eb init: Remove logs on start and restart 2025-02-09 20:55:44 +03:00
remittor
adab5d93c5 luci: Add log viewer 2025-02-09 20:42:51 +03:00
remittor
41df444327 config: Add new option DAEMON_LOG_ENABLE 2025-02-09 13:28:59 +03:00
remittor
c187d544e3 build: Add init step 2025-02-09 11:59:21 +03:00
remittor
c524434b43 build: Add option TEST_BUILD 2025-02-09 11:35:01 +03:00
remittor
b73f7e93d6 build: Disable JS minification 2025-02-09 09:57:53 +03:00
remittor
4c224634c1 config: Add new option WS_USER 2025-02-08 16:13:02 +03:00
remittor
82fafaa6fe config: Add new option DISABLE_CUSTOM 2025-02-05 20:14:11 +03:00
remittor
768ebb6241 readme: Add new badges 2025-01-31 12:52:45 +03:00
remittor
0891e9d2fa github: Cleanup build script 2025-01-17 11:30:08 +03:00
remittor
fbb1239606 readme: Add download counter for latest release 2025-01-17 11:26:36 +03:00
remittor
88d82932c9 Bump version to v70.20250116 2025-01-16 19:57:33 +03:00
remittor
d169c51a11 github: Global changes 2025-01-16 19:57:22 +03:00
remittor
474baa09aa readme: Add download counter 2025-01-16 14:27:41 +03:00
remittor
b9621559c3 luci: Add support custom.d scripts 2025-01-14 09:14:14 +03:00
remittor
e0fd21187b Bump version to v70-20250109 2025-01-09 12:33:23 +03:00
remittor
47822364d5 luci: Forced use busybox ps 2024-12-13 21:32:55 +03:00
remittor
72d1ac6d7a Bump version to v69-20241206 2024-12-06 21:27:16 +03:00
remittor
b1c289c397 github: Exclude arch arm_cortex-a9_vfpv3-d16 2024-12-06 21:26:50 +03:00
remittor
ce1563dc7d Bump version to v69-20241123 2024-11-23 20:44:17 +03:00
remittor
566f3376ae readme: Add about of tool 2024-11-21 18:11:40 +03:00
remittor
e377c7aa4d Bump version to v69-20241121 2024-11-21 18:10:59 +03:00
remittor
a36853921e github: Add support SNAPSHOT branch 2024-11-21 18:10:27 +03:00
remittor
bddb0f395d readme: Add donation address 2024-11-21 12:17:18 +03:00
remittor
9719c11a58 luci: Adapt code for APK support 2024-11-21 10:39:54 +03:00
remittor
51fc9739d8 config: Skip run_on_boot option on restore default uci-config 2024-11-20 22:08:40 +03:00
remittor
5f584bcf58 config: Renew default config (v69) 
Source: https://github.com/bol-van/zapret-win-bundle/blob/master/zapret-winws/preset_russia.cmd
 2024-11-19 21:09:36 +03:00
remittor
cedb032eee Bump version to v69-20241118 2024-11-18 16:55:09 +03:00
remittor
8ea92829c8 init: Log enabled status only on boot 2024-11-17 13:40:54 +03:00
remittor
cdbd9c80e0 install: Enable service when upgrade package 2024-11-17 13:39:45 +03:00
remittor
0cd2c5b088 Bump version to v68-20241115 2024-11-15 22:25:24 +03:00
remittor
2b178173de Add many new scripts for manage service 2024-11-15 22:25:24 +03:00
remittor
b0953bbaaf luci: Add removing quotes from DESYNC_OPT param 2024-11-13 21:23:01 +03:00
remittor
d595f1eaa3 config: Add check syntax of main config into sync_config.sh 2024-11-13 21:15:20 +03:00
remittor
f8905bf0d4 luci: Allow to reset and sync settings during service error 2024-11-13 20:32:27 +03:00
remittor
e6c901a06a install: Check syntax of main config on install and uninstall 2024-11-12 22:38:45 +03:00
remittor
4811af79da Remove PKG_RELEASE from all Makefiles 
Reason: for compatibility with OpenWrt 24+
 2024-11-12 20:15:56 +03:00
remittor
c0d77d6c8a Bump version to v68-20241110 2024-11-11 10:29:54 +03:00
remittor
d03ca95c93 github: Fix auto build (add setup for SDK) 2024-11-11 10:29:54 +03:00
remittor
f42c6da005 config: Update default desync config 2024-11-11 10:29:53 +03:00
remittor
1b2bd2bdd5 luci: Catch incorrect JSON into function decode_svc_info 2024-11-11 10:29:53 +03:00
remittor
2cf3d0b996 Bump version to v67-20241030 2024-10-30 15:19:16 +03:00
remittor
d463d2e39e config: Fix bug in default config (forced use google hostlist) 2024-10-30 15:18:57 +03:00
remittor
148a397051 install: Replace default hostlist "zapret-hosts-user.txt" to "zapret-hosts-google.txt" 2024-10-30 13:10:56 +03:00
remittor
9f73af44dd ipset: Rename "zapret-hosts-user.txt" to "zapret-hosts-google.txt" 2024-10-30 12:41:35 +03:00
remittor
40f0432b1c config: luci: Add support new hostlist file "zapret-hosts-google.txt" 2024-10-30 12:40:26 +03:00
remittor
ca11a6cd55 ipset: Remove empty txt files from ipset directory 2024-10-30 12:15:28 +03:00
remittor
39833fdcea config: Add info about <HOSTLIST_NOAUTO> (new in v67) 2024-10-30 11:59:40 +03:00
remittor
425fde748f luci: Add button "Reset settings" 2024-10-30 11:22:28 +03:00
remittor
0df621f443 Bump version to v66-20241026 2024-10-26 17:37:06 +03:00
remittor
f17b00c107 config: luci: Adapt settings for Zapret v66 (new config format) 2024-10-26 17:34:48 +03:00
remittor
c67ce19626 luci: Add support multiline long string editing 2024-10-26 15:46:27 +03:00
remittor
4b932b2c4a luci: Fix detect daemons status (empty instances dict) 2024-10-26 15:18:52 +03:00
remittor
a8d25b2d2b config: luci: Add AutoHostList settings 2024-10-26 11:23:45 +03:00
Oleg S.
9f40c1fcd1 readme: Add screenshot of main page 2024-10-25 15:25:29 +03:00
remittor
3154d3f5f6 Bump version to v65-20241025 2024-10-25 14:20:35 +03:00
remittor
7e901513c5 config: luci: Fix merging longstr values (NFQWS_DESYNC_*) 2024-10-25 14:04:12 +03:00
remittor
5373d5dd2a config: Replace static uci-config to dynamic uci-config 2024-10-25 12:15:24 +03:00
remittor
836b324a0b luci: Show and check versions of installed packages 2024-10-24 15:08:37 +03:00
remittor
2db3bd7514 luci: Cleanup code (elems of btn) 2024-10-24 15:05:36 +03:00
remittor
0b20fe4a93 luci: Add postinst script for luci-reload 2024-10-24 13:20:23 +03:00
remittor
5f3dfe04ab config: Fix update and append params into main config 2024-10-24 13:18:51 +03:00
32 changed files with 1758 additions and 530 deletions
Expand all files Collapse all files

31
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,31 @@
# These are supported funding model platforms
# Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
github:
# Replace with a single Patreon username
patreon:
# Replace with a single Open Collective username
open_collective:
# Replace with a single Ko-fi username
ko_fi:
# Replace with a single Tidelift platform-name/package-name e.g., npm/babel
tidelift:
# Replace with a single Community Bridge project-name e.g., cloud-foundry
community_bridge:
# Replace with a single Liberapay username
liberapay:
# Replace with a single IssueHunt username
issuehunt:
# Replace with a single Otechie username
otechie:
# Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
custom: ['https://github.com/remittor/donate']

255
.github/workflows/build.yml vendored
View File

@@ -2,9 +2,47 @@ name: build
on:
workflow_dispatch:
inputs:
test_build:
description: 'Test build'
required: false
default: 'false'
type: choice
options:
- true
- false
fake_build:
description: 'Fake build'
required: false
default: 'false'
type: choice
options:
- true
- false
max_speed:
description: 'Build with max speed'
required: false
default: 'true'
type: choice
options:
- true
- false
push:
tags:
- '*'
- v[0-9]+*
env:
TEST_BUILD: ${{ github.event.inputs.test_build == 'true' }}
FAKE_BUILD: ${{ github.event.inputs.fake_build == 'true' }}
MAX_SPEED: ${{ github.event.inputs.max_speed != 'false' }}
TAG_SUFFIX: ${{ github.event.inputs.fake_build == 'true' && '-fake' || github.event.inputs.test_build == 'true' && '-test' || '' }}
REPO_URL: https://github.com/remittor/zapret-openwrt
REPO_LNK: remittor/zapret-openwrt
REPO_BRANCH: master
BUILD_ROOT: ${{ github.workspace }}/builder
BUILD_DATE: unknown
REPO_DATE: unknown
LUCI_ARCH: aarch64_cortex-a53
jobs:
check:
@@ -15,38 +53,45 @@ jobs:
sha: ${{ steps.gh.outputs.sha }}
url: ${{ steps.gh.outputs.url }}
message: ${{ steps.gh.outputs.message }}
build_date: ${{ steps.gh.outputs.build_date }}
fw_date: ${{ steps.gh.outputs.fw_date }}
is_active: ${{ steps.activity.outputs.is_active }}
test_build: ${{ env.TEST_BUILD }}
fake_build: ${{ env.FAKE_BUILD }}
steps:
- name: Get repo data via GH API
id: gh
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: 'remittor/zapret-openwrt'
run: |
echo "Tag name from GITHUB_REF_NAME: $GITHUB_REF_NAME"
echo "Tag name from github.ref_name: ${{ github.ref_name }}"
BRANCH=$(gh api repos/$REPO --jq '.default_branch')
DATE=$(gh api repos/$REPO/commits/$BRANCH --jq '.commit.committer.date')
BRANCH=$(gh api repos/$REPO_LNK --jq '.default_branch')
REPO_DATE=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.committer.date')
BUILD_DATE=$( date --utc +'%Y%m%d' )
FW_DATE=$( date --utc +'%Y-%m-%d' )
{
echo "tag=$GITHUB_REF_NAME"
echo "date=$(date --utc -d $DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO/commits/$BRANCH --jq '.html_url')"
echo "date=$(date --utc -d $REPO_DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.html_url')"
echo "message<<EOF"
gh api repos/$REPO/commits/$BRANCH --jq '.commit.message'
gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.message'
echo EOF
echo "build_date=$BUILD_DATE"
echo "fw_date=$FW_DATE"
} >> $GITHUB_OUTPUT
echo "DATE=$DATE" >> $GITHUB_ENV
echo "REPO_DATE=$REPO_DATE" >> $GITHUB_ENV
- name: Check for repo activity
id: activity
env:
DATE: ${{ env.DATE }}
REPO_DATE: ${{ env.REPO_DATE }}
URL: ${{ steps.gh.outputs.url }}
run: |
TIMESTAMP=$(date --utc -d $DATE +%s)
TIMESTAMP=$(date --utc -d $REPO_DATE +%s)
DAYS=$(( ( $(date --utc +%s) - $TIMESTAMP ) / 86400 ))
echo "Repository activity: $(date --utc -d $DATE)"
echo "Repository activity: $(date --utc -d $REPO_DATE)"
echo "Commit: $URL"
if [ "${{ github.event_name }}" != "schedule" ]; then
is_active=true
@@ -63,12 +108,13 @@ jobs:
#if: needs.check.outputs.is_active == 'true'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
#branch: [ openwrt-22.03, openwrt-23.05 ]
branch: [ openwrt-23.05 ]
branch: [ openwrt-24.10, SNAPSHOT ]
arch:
- aarch64_cortex-a53
- aarch64_cortex-a72
- aarch64_cortex-a76
- aarch64_generic
- arm_arm1176jzf-s_vfp
- arm_arm926ej-s
@@ -82,7 +128,6 @@ jobs:
- arm_cortex-a9_neon
- arm_cortex-a9_vfpv3-d16
- arm_fa526
- arm_mpcore
- arm_xscale
- mips64_octeonplus
- mips_24kc
@@ -93,135 +138,215 @@ jobs:
- mipsel_74kc
- mipsel_mips32
- x86_64
#include:
# - branch: SNAPSHOT
# arch: x86_64
#exclude:
# - branch: openwrt-22.03
# arch: arm_fa526
# - branch: openwrt-22.03
# arch: arm_mpcore
isTestOrFake:
- ${{ needs.check.outputs.test_build == 'true' || needs.check.outputs.fake_build == 'true' }}
exclude:
- branch: SNAPSHOT
arch: arm_cortex-a9_vfpv3-d16
- branch: SNAPSHOT
arch: arm_cortex-a7_neon-vfpv4
- { isTestOrFake: true }
include:
- branch: openwrt-24.10
arch: x86_64
- branch: openwrt-24.10
arch: aarch64_cortex-a53
- branch: SNAPSHOT
arch: aarch64_cortex-a53
container:
image: openwrt/sdk:${{ matrix.arch }}-${{ matrix.branch }}
options: --user root
outputs:
pkgver: ${{ steps.build.outputs.pkgver }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: 'remittor/zapret-openwrt'
repository: ${{ env.REPO_LNK }}
path: zapret-openwrt
- name: Setup OpenWrt SDK
working-directory: /builder
env:
BRANCH: ${{ matrix.branch }}
shell: bash
run: |
# gpg --verbose --recv-keys 0x1D53D1877742E911
gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc')
# disable check signatures
sed -i 's/gpg --/#gpg --/g' setup.sh
# disable cleanup keys
sed -r -i 's/^rm.+//' setup.sh
./setup.sh
ls -lh
if [ "$BRANCH" = "openwrt-24.10" ]; then
echo "PKGTYPE=ipk" >> $GITHUB_ENV
else
echo "PKGTYPE=apk" >> $GITHUB_ENV
fi
- name: Setup ccache
uses: actions/cache@v4
with:
path: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
path: '/builder/.ccache'
key: ccache-${{ matrix.arch }}-${{ matrix.branch }}-${{ github.run_id }}
restore-keys: |
ccache-${{ matrix.arch }}-${{ matrix.branch }}-
- name: Build packages
id: build
working-directory: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt' || '/builder' }}
- name: Init packages
id: init
working-directory: '/builder'
env:
DATE: ${{ needs.check.outputs.date }}
SHA: ${{ needs.check.outputs.sha }}
FAKE_BUILD: ${{ env.FAKE_BUILD == 'true' || ( env.TEST_BUILD == 'true' && matrix.branch == 'SNAPSHOT' ) }}
BUILD_DATE: ${{ needs.check.outputs.build_date }}
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
CCACHE_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
CCACHE_DIR: '/builder/.ccache'
shell: bash
run: |
#export PKG_VERSION=$(date --utc -d $DATE +%Y%m%d)
#find $GITHUB_WORKSPACE/zapret-openwrt -type d -path '*/package/zapret' -exec cp -r {} ./package \;
cp -r $GITHUB_WORKSPACE/zapret-openwrt ./package/zapret-openwrt/
PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt
MKFN=$PKGDIR/luci-app-zapret/Makefile
PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 )
echo "PKG_VERSION = $PKGVER"
cp -vr $PKGDIR ./package/zapret-openwrt/
mv feeds.conf.default feeds.conf
sed -i -e 's|base.*\.git|base https://github.com/openwrt/openwrt.git|' feeds.conf
sed -i -e 's|packages.*\.git|packages https://github.com/openwrt/packages.git|' feeds.conf
sed -i -e 's|luci.*\.git|luci https://github.com/openwrt/luci.git|' feeds.conf
mkdir -p ./logs
./scripts/feeds update base packages luci
./scripts/feeds install -a
if [ "$FAKE_BUILD" = "false" ]; then
./scripts/feeds update base packages luci
./scripts/feeds install -a
fi
echo "FAKE_BUILD=$FAKE_BUILD" >> $GITHUB_ENV
echo "PKGVER=$PKGVER" >> $GITHUB_ENV
echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT
echo "status=success" >> $GITHUB_OUTPUT
- name: Build packages
id: build
if: steps.init.outputs.status == 'success'
working-directory: '/builder'
env:
BUILD_DATE: ${{ needs.check.outputs.build_date }}
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
CCACHE_DIR: '/builder/.ccache'
shell: bash
run: |
MAKE_JOBS=$(($(nproc)+1))
echo "$MAKE_JOBS thread compile"
make defconfig
echo "------------- .config BEG -------------------"
cat .config
echo "------------- .config END -------------------"
if [ "$FAKE_BUILD" = "false" ]; then
make defconfig
sed -i 's/CONFIG_LUCI_JSMIN=y/CONFIG_LUCI_JSMIN=n/g' .config
echo "------------- .config BEG -------------------"
cat .config
echo "------------- .config END -------------------"
if [ "$ARCH" = "$LUCI_ARCH" ]; then
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile`
else
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net}/compile`
fi
if [ "$MAX_SPEED" = "false" ]; then
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
else
make -j$MAKE_JOBS $PKGLIST CONFIG_CCACHE=1
fi
else
OUT_DIR=./bin/packages/dev_x/base
mkdir -p $OUT_DIR
touch $OUT_DIR/zapret_$PKGVER-$ARCH.$PKGTYPE
touch $OUT_DIR/luci-app-zapret_$PKGVER-all.$PKGTYPE
fi
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile`
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.ipk$" -delete
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete
#echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source"
#ln -s `which usign` staging_dir/host/bin/usign
#echo "$SIGN_KEY" | base64 -d > key-build
#make package/index
tar -C ./bin/packages/*/base -cvf $GITHUB_WORKSPACE/ipk-$BRANCH-$ARCH.tar --transform "s|^\./|${BRANCH/openwrt-}/$ARCH/|" --show-transformed-names .
OUTDIR=$GITHUB_WORKSPACE/$PKGTYPE-$ARCH
mkdir -p $OUTDIR
cp -R ./bin/packages/*/base/. $OUTDIR/
./staging_dir/host/bin/ccache --max-size=10M --show-stats
echo "OUTDIR=$OUTDIR" >> $GITHUB_ENV
echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT
echo "status=success" >> $GITHUB_OUTPUT
- name: Compress build logs
if: always()
env:
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
LOGS_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/logs' || '/builder/logs' }}
LOGS_DIR: '/builder/logs'
run: |
tar -cJvf logs-$BRANCH-$ARCH.tar.xz $LOGS_DIR
- name: Upload packages
if: steps.build.outcome == 'success'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@main
with:
name: ipk-${{ matrix.branch }}-${{ matrix.arch }}
path: ./**/ipk-${{ matrix.branch }}-${{ matrix.arch }}.tar
path: ${{ env.OUTDIR }}
name: zapret,${{ env.PKGTYPE }},${{ matrix.arch }}
if-no-files-found: error
- name: Upload build logs
if: always()
uses: actions/upload-artifact@v4
with:
path: logs-*.tar.xz
name: logs-${{ matrix.branch }}-${{ matrix.arch }}
path: ./**/logs-*.tar.xz
release:
needs: [ check, build ]
permissions:
contents: write
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
#branch: [ '22.03', '23.05' ]
branch: [ '23.05' ]
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
pattern: ipk-*
pattern: zapret,*
- name: Put ipk into zip
- name: Put packages into zip
env:
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
DATE: ${{ needs.check.outputs.date }}
BUILD_DATE: ${{ needs.check.outputs.build_date }}
PKGVER: ${{ needs.build.outputs.pkgver }}
run: |
echo "------------- DIR BEG -------------------"
ls -la
echo "------------- DIR END -------------------"
mkdir -p sorted
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)/apk' \;
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)/apk' \;
LUCI_IPK=$( find . -type f -path "*/zapret,ipk,*/luci-app-zapret*.ipk" -print | head -n 1 )
LUCI_APK=$( find . -type f -path "*/zapret,apk,*/luci-app-zapret*.apk" -print | head -n 1 )
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \;
find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \;
mkdir -p public
find . -name "ipk-openwrt-$BRANCH-*.tar" -exec tar -xvf {} --wildcards '*.ipk' \;
find $BRANCH -mindepth 1 -type d -exec sh -c 'zip -0 ./public/zapret_${TAG}_$(basename {}).zip -j {} {}/*' \;
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \;
ls -lh ./public/*.zip
- name: Upload assets
uses: andelf/nightly-release@main
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
with:
prerelease: false
tag_name: ${{ needs.check.outputs.tag }}-${{ matrix.branch }}
name: '${{ needs.check.outputs.tag }} for OpenWrt ${{ matrix.branch }}'
prerelease: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }}
tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }}
name: zapret v${{ needs.build.outputs.pkgver }}
body: |
${{ needs.check.outputs.url }}: ${{ needs.check.outputs.message }}
zapret v${{ needs.build.outputs.pkgver }} for OpenWrt
files: ./public/*.zip

17
README.md
View File

@@ -1,6 +1,21 @@
[![build](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml/badge.svg)](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml)
[![GitHub Release](https://img.shields.io/github/release/remittor/zapret-openwrt)](https://github.com/remittor/zapret-openwrt/releases)
[![Github All Releases](https://img.shields.io/github/downloads/remittor/zapret-openwrt/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![Github Latest Release](https://img.shields.io/github/downloads/remittor/zapret-openwrt/latest/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![ViewCount](https://views.whatilearened.today/views/github/remittor/zapret-openwrt.svg)](https://github.com/remittor/zapret-openwrt)
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fremittor%2Fzapret-openwrt&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=hits&edge_flat=false)](https://github.com/remittor/zapret-openwrt/releases)
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)
# zapret-openwrt
Zapret is not a VPN! Zapret is an Anti-DPI utility!
[Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapretopenwrt-package)
[Download page](https://github.com/remittor/zapret-openwrt/releases)
## Screenshots
![image](https://github.com/user-attachments/assets/b79940b3-6a0d-4310-bd58-e461be004397)
## Donations
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)

18
luci-app-zapret/Makefile
View File

@@ -5,15 +5,27 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-zapret
PKG_RELEASE:=20241023
PKG_VERSION:=65-$(PKG_RELEASE)
PKG_VERSION:=71.20250607
PKG_LICENSE:=MIT
PKG_MAINTAINER:=remittor <https://github.com/remittor>
LUCI_TITLE:=LuCI support for zapret
LUCI_DEPENDS:=+zapret
LUCI_PKGARCH:=all
#include ../../luci.mk
define Package/$(PKG_NAME)/postinst
#!/bin/sh
if [ -z "$${IPKG_INSTROOT}" ]; then
rm -f /tmp/luci-index*
rm -rf /tmp/luci-modulecache/
#killall -HUP rpcd 2>/dev/null
/etc/init.d/rpcd reload
[ -f "/sbin/luci-reload" ] && /sbin/luci-reload
[ -f "/etc/init.d/uhttpd" ] && /etc/init.d/uhttpd reload
fi
exit 0
endef
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

200
luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js Normal file
View File

@@ -0,0 +1,200 @@
'use strict';
'require view';
'require fs';
'require form';
'require poll';
'require uci';
'require ui';
'require view.zapret.tools as tools';
return view.extend({
retrieveLog: async function() {
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret+*.log' ]),
uci.load(tools.appName),
]).then(function(status_array) {
var filereader = status_array[0] ? status_array[0].path : null;
var log_data = status_array[1]; // stdout: multiline text
if (log_data.code != 0) {
ui.addNotification(null, E('p', _('Unable to get log files') + '(code = ' + log_data.code + ') : retrieveLog()'));
return null;
}
var reason = '';
var uci_cfg = uci.get(tools.appName, 'config');
if (uci_cfg !== null && typeof(uci_cfg) === 'object') {
let flag = uci_cfg.DAEMON_LOG_ENABLE;
if (flag != '1') {
reason = ' (Reason: option DAEMON_LOG_ENABLE = ' + flag + ')';
}
}
if (typeof(log_data.stdout) !== 'string') {
return 'Log files not found.' + reason;
}
var log_list = log_data.stdout.trim().split('\n');
if (log_list.length <= 0) {
return 'Log files not found!' + reason;
}
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/') && logfn.endsWith('+main.log')) {
log_list.splice(i, 1);
log_list.unshift(logfn);
break;
}
}
var tasks = [ ];
var logdata = [ ];
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/')) {
//console.log('LOG: ' + logfn);
logdata.push( { filename: logfn, data: null, rows: 0 } );
tasks.push( fs.read_direct(logfn) );
}
}
return Promise.all(tasks).then(function(log_array) {
for (let i = 0; i < log_array.length; i++) {
if (log_array[i]) {
logdata[i].data = log_array[i];
logdata[i].rows = tools.getLineCount(log_array[i]) + 1;
}
}
return logdata;
}).catch(function(e) {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ %s | %s | %s ]'.format(
e.message, 'retrieveLogData', 'uci.zapret'
)));
return null;
});
}).catch(function(e) {
const [, lineno, colno] = e.stack.match(/(\d+):(\d+)/);
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ lineno: %s | %s | %s | %s ]'.format(
e.message, lineno, 'retrieveLog', 'uci.zapret'
)));
return null;
});
},
pollLog: async function() {
let logdate_len = -2;
let logdata;
for (let txt_id = 0; txt_id < 10; txt_id++) {
let elem = document.getElementById('dmnlog_' + txt_id);
if (!elem)
break;
if (logdate_len == -2) {
logdata = await this.retrieveLog();
logdate_len = (Array.isArray(logdata)) ? logdata.length : -1;
}
let elem_name = elem.getAttribute("name");
let founded = false;
if (logdate_len > 0) {
for (let log_num = 0; log_num < logdate_len; log_num++) {
if (logdata[log_num].filename == elem_name) {
if (logdata[log_num].data) {
elem.value = logdata[log_num].data;
elem.rows = logdata[log_num].rows;
founded = true;
//console.log('POLL: updated ' + elem_name);
}
break;
}
}
}
if (!founded) {
elem.value = '';
elem.rows = 0;
}
}
},
load: async function() {
poll.add(this.pollLog.bind(this));
return await this.retrieveLog();
},
render: function(logdata) {
if (!logdata) {
return;
}
if (typeof(logdata) === 'string') {
return E('div', {}, [
E('p', {'class': 'cbi-title-field'}, [ logdata ]),
]);
}
if (!Array.isArray(logdata)) {
ui.addNotification(null, E('p', _('Unable to get log files') + ' : render()'));
return;
}
var h2 = E('div', {'class' : 'cbi-title-section'}, [
E('h2', {'class': 'cbi-title-field'}, [ _('Zapret') + ' - ' + _('Log Viewer') ]),
]);
var tabs = E('div', {}, E('div'));
for (let log_num = 0; log_num < logdata.length; log_num++) {
//console.log('REN: ' + logdata[log_num].filename + ' : ' + logdata[log_num].data.length);
var logfn = logdata[log_num].filename;
let filename = logfn.replace(/.*\//, '');
let fname = filename.split('.')[0];
fname = fname.replace(/^(zapret\+)/, '');
let fn = fname.split('+');
let tabNameText = fname.replace(/\+/g, ' ');
let tabname = 'tablog_' + log_num;
var scrollDownButton = null;
var scrollUpButton = null;
scrollDownButton = E('button', {
'id': 'scrollDownButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to tail', 'scroll to bottom (the tail) of the log file')
);
scrollDownButton.addEventListener('click', function() {
scrollUpButton.focus();
});
scrollUpButton = E('button', {
'id' : 'scrollUpButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to head', 'scroll to top (the head) of the log file')
);
scrollUpButton.addEventListener('click', function() {
scrollDownButton.focus();
});
let log_id = 'dmnlog_' + log_num;
let log_name = logdata[log_num].filename;
let log_text = (logdata[log_num].data) ? logdata[log_num].data : '';
let tab = E('div', { 'data-tab': tabname, 'data-tab-title': tabNameText }, [
E('div', { 'id': 'content_dmnlog_' + log_num }, [
E('div', {'style': 'padding-bottom: 20px'}, [ scrollDownButton ]),
E('textarea', {
'id': log_id,
'name': log_name,
'style': 'font-size:12px',
'readonly': 'readonly',
'wrap': 'off',
'rows': logdata[log_num].rows,
}, [ log_text ]),
E('div', {'style': 'padding-bottom: 20px'}, [ scrollUpButton ]),
]),
]);
tabs.firstElementChild.appendChild(tab);
}
ui.tabs.initTabGroup(tabs.firstElementChild.childNodes);
//this.pollFn = L.bind(this.handleScanRefresh, this);
//poll.add(this.pollFn);
return E('div', { }, [ h2, tabs ]);
},
handleSaveApply: null,
handleSave: null,
handleReset: null
});

199
luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js
View File

@@ -14,26 +14,40 @@ const btn_style_warning = 'btn cbi-button-negative';
const btn_style_success = 'btn cbi-button-success important';
return view.extend({
disableButtons: function(flag, btn, elems = { }) {
let btn_enable = elems.btn_enable || document.getElementById('btn_enable');
let btn_disable = elems.btn_disable || document.getElementById('btn_disable');
let btn_start = elems.btn_start || document.getElementById('btn_start');
let btn_restart = elems.btn_restart || document.getElementById('btn_restart');
let btn_stop = elems.btn_stop || document.getElementById('btn_stop');
let btn_update = elems.btn_update || document.getElementById('btn_update');
btn_enable.disabled = flag;
btn_disable.disabled = flag;
btn_start.disabled = flag;
btn_restart.disabled = flag;
btn_stop.disabled = flag;
btn_update.disabled = true; // TODO
get_svc_buttons: function(elems = { }) {
return {
enable : elems.btn_enable || document.getElementById('btn_enable'),
disable : elems.btn_disable || document.getElementById('btn_disable'),
start : elems.btn_start || document.getElementById('btn_start'),
restart : elems.btn_restart || document.getElementById('btn_restart'),
stop : elems.btn_stop || document.getElementById('btn_stop'),
update : elems.btn_update || document.getElementById('btn_update'),
reset : elems.btn_update || document.getElementById('btn_reset'),
};
},
disableButtons: function(flag, button, elems = { }) {
let error_code = 0;
if (Number.isInteger(button) && button < 0) {
error_code = button;
}
let btn = this.get_svc_buttons(elems);
btn.enable.disabled = flag;
btn.disable.disabled = flag;
btn.start.disabled = flag;
btn.restart.disabled = flag;
btn.stop.disabled = flag;
btn.update.disabled = true; // TODO
btn.reset.disabled = (error_code == 0) ? flag : false;
},
getAppStatus: function() {
return Promise.all([
tools.getInitState(tools.appName), // svc_state
fs.exec(tools.execPath, [ 'info' ]), // svc_info
fs.exec('/bin/ps'), // process list
tools.getInitState(tools.appName), // svc_boot
fs.exec(tools.execPath, [ 'enabled' ]), // svc_en
tools.getSvcInfo(), // svc_info
fs.exec('/bin/busybox', [ 'ps' ]), // process list
fs.exec(tools.packager.path, tools.packager.args), // installed packages
uci.load(tools.appName), // config
]).catch(e => {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
@@ -49,53 +63,58 @@ return view.extend({
let elem_status = elems.status || document.getElementById("status");
elem_status.innerHTML = tools.makeStatusString(null);
ui.addNotification(null, E('p', _('Unable to read the contents') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
let svc_autorun = status_array[0] ? true : false;
let svc_info = status_array[1]; // stdout: JSON as text
let proc_list = status_array[2]; // stdout: multiline text
if (svc_info.code != 0) {
let svc_boot = status_array[0] ? true : false;
let svc_en = status_array[1]; // stdout: empty or error text
let svc_info = status_array[2]; // stdout: JSON as text
let proc_list = status_array[3]; // stdout: multiline text
let pkg_list = status_array[4]; // stdout: installed packages
//console.log('svc_en: ' + svc_en.code);
svc_en = (svc_en.code == 0) ? true : false;
if (typeof(svc_info) !== 'object') {
ui.addNotification(null, E('p', _('Unable to read the service info') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
if (proc_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to read process list') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
if (pkg_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
this.disableButtons(true, -1, elems);
return;
}
let svcinfo;
if (force_app_status) {
svcinfo = force_app_status;
} else {
svcinfo = tools.decode_svc_info(svc_autorun, svc_info, proc_list, cfg);
svcinfo = tools.decode_svc_info(svc_en, svc_info, proc_list, cfg);
}
let btn_enable = elems.btn_enable || document.getElementById('btn_enable');
let btn_disable = elems.btn_disable || document.getElementById('btn_disable');
let btn_start = elems.btn_start || document.getElementById('btn_start');
let btn_restart = elems.btn_restart || document.getElementById('btn_restart');
let btn_stop = elems.btn_stop || document.getElementById('btn_stop');
let btn_update = elems.btn_update || document.getElementById('btn_update');
btn_update.disabled = true; // TODO
let btn = this.get_svc_buttons(elems);
btn.update.disabled = true; // TODO
btn.reset.disabled = false;
if (Number.isInteger(svcinfo)) {
ui.addNotification(null, E('p', _('Error')
+ ' %s: return code = %s'.format('decode_svc_info', svcinfo + ' ')));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
} else {
btn_enable.disabled = (svc_autorun) ? true : false;
btn_disable.disabled = (svc_autorun) ? false : true;
if (svcinfo.dmn.total == 0) {
btn_start.disabled = false;
btn_restart.disabled = true;
btn_stop.disabled = true;
btn.enable.disabled = (svc_en) ? true : false;
btn.disable.disabled = (svc_en) ? false : true;
if (!svcinfo.dmn.inited) {
btn.start.disabled = false;
btn.restart.disabled = true;
btn.stop.disabled = true;
} else {
btn_start.disabled = true;
btn_restart.disabled = false;
btn_stop.disabled = false;
btn.start.disabled = true;
btn.restart.disabled = false;
btn.stop.disabled = false;
}
}
let elem_status = elems.status || document.getElementById("status");
@@ -128,7 +147,7 @@ return view.extend({
});
},
serviceActionEx: function(action, button) {
serviceActionEx: function(action, button, hide_modal = false) {
if (button) {
let elem = document.getElementById(button);
this.disableButtons(true, elem);
@@ -136,11 +155,32 @@ return view.extend({
poll.stop();
let _this = this;
return fs.exec(tools.syncCfgPath)
let exec_cmd = null;
let exec_arg = [ ];
let errmsg = 'ERROR:';
if (action == 'start' || action == 'restart') {
exec_cmd = tools.syncCfgPath;
errmsg = _('Unable to run sync_config.sh script.');
}
else if (action == 'reset') {
exec_cmd = tools.defaultCfgPath;
exec_arg = [ 'sync' ]; // restore config + sync configs
errmsg = _('Unable to run restore-def-cfg.sh script.');
action = null;
} else {
ui.addNotification(null, E('p', 'ERROR: unknown action'));
return null;
}
return fs.exec(exec_cmd, exec_arg)
.then(function(res) {
if (res.code != 0) {
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' res.code = ' + res.code));
ui.addNotification(null, E('p', errmsg + ' res.code = ' + res.code));
action = null; // return with error
}
if (hide_modal) {
ui.hideModal();
}
if (!action) {
return _this.getAppStatus().then(
(status_array) => {
_this.setAppStatus(status_array);
@@ -150,7 +190,7 @@ return view.extend({
return _this.serviceAction(action, null);
})
.catch(e => {
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' Error: ' + e.message));
ui.addNotification(null, E('p', errmsg + ' Error: ' + e.message));
});
},
@@ -186,35 +226,40 @@ return view.extend({
);
},
dialogDestroy: function(ev) {
dialogResetCfg: function(ev) {
ev.target.blur();
let cancel_button = E('button', {
'class': btn_style_neutral,
'click': ui.hideModal,
}, _('Cancel'));
let shutdown_btn = E('button', {
'class': btn_style_warning,
}, _('Shutdown'));
shutdown_btn.onclick = ui.createHandlerFn(this, () => {
cancel_button.disabled = true;
return this.appAction('destroy');
let resetcfg_btn = E('button', {
'class': btn_style_action,
}, _('Reset settings'));
resetcfg_btn.onclick = ui.createHandlerFn(this, () => {
//cancel_button.disabled = true;
return this.serviceActionEx('reset', resetcfg_btn, true);
});
ui.showModal(_('Shutdown'), [
ui.showModal(_('Reset settings to default'), [
E('div', { 'class': 'cbi-section' }, [
E('p', _('The service will be disabled. Continue?')),
E('p', _('All settings will be reset to default. Continue?')),
]),
E('div', { 'class': 'right' }, [
shutdown_btn,
' ',
cancel_button,
' ',
resetcfg_btn,
])
]);
},
load: function() {
return this.getAppStatus();
var _this = this;
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
]).then(function(data) {
return _this.getAppStatus();
});
},
render: function(status_array) {
@@ -223,6 +268,12 @@ return view.extend({
}
let cfg = uci.get(tools.appName, 'config');
let pkg_list = status_array[4];
if (pkg_list === undefined || typeof(pkg_list) !== 'object' || pkg_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
return;
}
let status_string = E('div', {
'id' : 'status',
'name' : 'status',
@@ -280,10 +331,11 @@ return view.extend({
let btn_update = create_btn('btn_update', btn_style_action, _('Update'));
btn_update.onclick = ui.createHandlerFn(this, () => { this.appAction('update', 'btn_update') });
layout_append(_('Update blacklist'), null, [ btn_update ] );
layout_append(_('Update HostLists'), null, [ btn_update ] );
let btn_destroy = create_btn('btn_destroy', btn_style_negative, _('Shutdown'));
btn_destroy.onclick = L.bind(this.dialogDestroy, this);
let btn_reset = create_btn('btn_reset', btn_style_action, _('Reset settings'));
btn_reset.onclick = L.bind(this.dialogResetCfg, this);
layout_append(_('Reset settings to default'), null, [ btn_reset ] );
let elems = {
"status": status_string,
@@ -293,16 +345,35 @@ return view.extend({
"btn_restart": btn_restart,
"btn_stop": btn_stop,
"btn_update": btn_update,
"btn_reset": btn_reset,
};
this.setAppStatus(status_array, elems);
poll.add(L.bind(this.statusPoll, this));
let page_title = _('Zapret');
let pkgdict = tools.decode_pkg_list(pkg_list.stdout);
page_title += ' &nbsp ';
if (pkgdict['zapret'] === undefined || pkgdict['zapret'] == '') {
page_title += 'unknown version';
} else {
page_title += 'v' + pkgdict['zapret'];
}
let aux1 = E('em');
let aux2 = E('em');
if (pkgdict['zapret'] != pkgdict['luci-app-zapret']) {
let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret'] + ' [ incorrect version! ]';
aux1 = E('div', { 'class': 'label-status error' }, errtxt);
aux2 = E('div', { }, '&nbsp');
}
let url1 = 'https://github.com/bol-van/zapret';
let url2 = 'https://github.com/remittor/zapret-openwrt';
return E([
E('h2', { 'class': 'fade-in' }, _('Zapret')),
E('h2', { 'class': 'fade-in' }, page_title),
aux1,
aux2,
E('div', { 'class': 'cbi-section-descr fade-in' },
E('a', { 'href': url1, 'target': '_blank' }, url1),
),

285
luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
View File

@@ -64,10 +64,10 @@ return view.extend({
//o.value('iptables', 'iptables');
//o.value('ipfw', 'ipfw');
o = s.taboption(tabname, form.ListValue, 'MODE', _('MODE'));
o.value('nfqws', 'nfqws');
//o.value('tpws', 'tpws');
o = s.taboption(tabname, form.Flag, 'POSTNAT', _('POSTNAT'));
o.rmempty = false;
o.default = 1;
o = s.taboption(tabname, form.ListValue, 'FLOWOFFLOAD', _('FLOWOFFLOAD'));
o.value('donttouch', 'donttouch');
o.value('none', 'none');
@@ -86,39 +86,77 @@ return view.extend({
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Flag, 'FILTER_TTL_EXPIRED_ICMP', 'FILTER_TTL_EXPIRED_ICMP');
o.rmempty = false;
o.default = 1;
o = s.taboption(tabname, form.ListValue, 'MODE_FILTER', _('MODE_FILTER'));
//o.value('none', 'none');
//o.value('ipset', 'ipset');
o.value('hostlist', 'hostlist');
o.value('autohostlist', 'autohostlist');
o = s.taboption(tabname, form.Flag, 'MODE_HTTP', _('MODE_HTTP'));
o = s.taboption(tabname, form.Value, 'WS_USER', _('WS_USER'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'DAEMON_LOG_ENABLE', _('DAEMON_LOG_ENABLE'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Flag, 'MODE_HTTP_KEEPALIVE', _('MODE_HTTP_KEEPALIVE'));
/* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params';
s.tab(tabname, _('NFQWS options'));
let add_delim = function(sec, url = null) {
let o = sec.taboption(tabname, form.DummyValue, '_hr');
o.rawhtml = true;
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
if (url) {
o.default += '<br/>' + _('Help') + ': <a href=%s>%s</a>'.format(url);
}
};
let add_param = function(sec, param, locname = null, rows = 10, multiline = false) {
if (!locname)
locname = param;
let btn = sec.taboption(tabname, form.Button, '_' + param + '_btn', locname);
btn.inputtitle = _('Edit');
btn.inputstyle = 'edit btn';
let val = sec.taboption(tabname, form.DummyValue, '_' + param);
val.rawhtml = multiline ? true : false;
val.cfgvalue = function(section_id) {
let value = uci.get(tools.appName, section_id, param);
if (value == null) {
return "";
}
value = value.trim();
if (multiline == 2) {
value = value.replace(/\n --/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/ --/g, "\n--");
}
if (val.rawhtml) {
value = value.replace(/</g, '˂');
value = value.replace(/>/g, '˃');
value = value.replace(/\n/g, '<br/>');
}
return value;
};
val.validate = function(section_id, value) {
return (value) ? value.trim() : "";
};
let desc = locname;
if (multiline == 2) {
desc += '<br/>' + _('Example') + ': <a href=%s>%s</a>'.format(tools.nfqws_opt_url);
}
btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show();
};
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'HTTP_PORTS', _('HTTP_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'MODE_HTTPS', _('MODE_HTTPS'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'HTTPS_PORTS', _('HTTPS_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'MODE_QUIC', _('MODE_QUIC'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'QUIC_PORTS', _('QUIC_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o.default = 1;
o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
//o.description = _("nfqws option for DPI desync attack");
@@ -129,83 +167,113 @@ return view.extend({
//o.description = _("nfqws option for DPI desync attack");
o.rmempty = false;
o.datatype = 'string';
/* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params';
s.tab(tabname, _('NFQWS options'));
let add_delim = function(sec) {
let o = sec.taboption(tabname, form.DummyValue, '_hr');
o.rawhtml = true;
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
};
let add_param = function(sec, param, locname = null, rows = 10) {
if (!locname)
locname = param;
let btn = sec.taboption(tabname, form.Button, '_' + param + '_btn', locname);
btn.inputtitle = _('Edit');
btn.inputstyle = 'edit btn';
let val = sec.taboption(tabname, form.DummyValue, '_' + param);
val.rawhtml = false;
val.cfgvalue = function(section_id) {
let name = uci.get(tools.appName, section_id, param);
if (name == null || name == "")
name = "";
return name;
};
val.validate = function(section_id, value) {
if (!value)
return "";
return value.trim();
};
btn.onclick = () => new tools.longstrEditDialog('config', param, param, locname, rows).show();
};
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6_SUFFIX');
/* Blacklist settings */
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP'));
o.rmempty = false;
o.datatype = 'string';
tabname = 'blacklist_tab';
s.tab(tabname, _('Blacklist settings'));
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries'));
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP_KEEPALIVE', _('NFQWS_PORTS_UDP_KEEPALIVE'));
o.rmempty = false;
o.datatype = 'uinteger';
add_delim(s, tools.nfqws_opt_url);
add_param(s, 'NFQWS_OPT', null, 21, 2);
/* AutoHostList settings */
tabname = 'autohostlist_tab';
s.tab(tabname, _('AutoHostList'));
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_THRESHOLD', _('RETRANS_THRESHOLD'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_THRESHOLD', _('FAIL_THRESHOLD'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_TIME', _('FAIL_TIME'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Button, '_auto_host_btn', _('Auto host list entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.autoHostListFN;
o.onclick = () => new tools.fileEditDialog(
tools.autoHostListFN,
_('Auto host list'),
'',
'',
15
).show();
o = s.taboption(tabname, form.Flag, 'AUTOHOSTLIST_DEBUGLOG', _('DEBUGLOG'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Button, '_auto_host_debug_btn', _('Auto host debug list entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.autoHostListDbgFN;
o.onclick = () => new tools.fileEditDialog(
tools.autoHostListDbgFN,
_('Auto host debug list'),
'',
'',
15
).show();
/* HostList settings */
tabname = 'hostlist_tab';
s.tab(tabname, _('Host lists'));
o = s.taboption(tabname, form.Button, '_google_entries_btn', _('Google hostname entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsGoogleFN;
o.onclick = () => new tools.fileEditDialog(
tools.hostsGoogleFN,
_('Google hostname entries'),
_('One hostname per line.<br />Examples:'),
'<code>youtube.com<br />googlevideo.com</code>',
15
).show();
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries <HOSTLIST>'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsUserFN;
o.onclick = () => new tools.fileEditDialog(
o.onclick = () => new tools.fileEditDialog(
tools.hostsUserFN,
_('User entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />facebook.com</code>',
15
).show();
@@ -213,11 +281,11 @@ return view.extend({
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsUserExcludeFN;
o.onclick = () => new tools.fileEditDialog(
o.onclick = () => new tools.fileEditDialog(
tools.hostsUserExcludeFN,
_('User excluded entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />gosuslugi.ru</code>',
15
).show();
@@ -271,6 +339,29 @@ return view.extend({
o.onclick = () => new tools.fileEditDialog(fn, name, '', '', 15).show();
}
/* custom.d files */
tabname = 'custom_d_tab';
s.tab(tabname, 'custom.d');
o = s.taboption(tabname, form.Flag, 'DISABLE_CUSTOM', _('DISABLE_CUSTOM'));
o.rmempty = false;
o.default = 0;
add_delim(s);
for (let i = 0; i < tools.customdPrefixList.length; i++) {
let num = tools.customdPrefixList[i];
let fn = tools.customdFileFormat.format(num.toString());
let name = _('custom.d script #' + num);
o = s.taboption(tabname, form.Button, '_customd_file%d_btn'.format(num), name);
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = fn;
let desc = (num == tools.discord_num) ? _('Example') + ': <a href=%s>%s</a>'.format(tools.discord_url) : '';
o.onclick = () => new tools.fileEditDialog(fn, name, desc, '', 15).show();
}
let map_promise = m.render();
map_promise.then(node => node.classList.add('fade-in'));
return map_promise;

187
luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js
View File

@@ -35,10 +35,13 @@ document.head.append(E('style', {'type': 'text/css'},
`));
return baseclass.extend({
packager : null,
appName : 'zapret',
execPath : '/etc/init.d/zapret',
syncCfgPath : '/opt/zapret/sync_config.sh',
defaultCfgPath : '/opt/zapret/restore-def-cfg.sh',
hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt',
hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt',
hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt',
iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt',
@@ -46,6 +49,14 @@ return baseclass.extend({
iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt',
custFileMax : 4,
custFileTemplate : '/opt/zapret/ipset/cust%s.txt',
customdPrefixList : [ 10, 20, 50, 60, 90 ] ,
customdFileFormat : '/opt/zapret/init.d/openwrt/custom.d/%s-script.sh',
discord_num : 50,
discord_url : 'https://github.com/bol-van/zapret/blob/4e8e3a9ed9dbeb1156db68dfaa7b353051c13797/init.d/custom.d.examples.linux/50-discord',
nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/168',
autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt',
autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log',
infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>',
infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
@@ -63,6 +74,13 @@ return baseclass.extend({
running : { code: 4, name: _('Running') , label: this.infoLabelRunning },
},
callServiceList: rpc.declare({
object: 'service',
method: 'list',
params: [ 'name', 'verbose' ],
expect: { '': {} }
}),
callInitState: rpc.declare({
object: 'luci',
method: 'getInitList',
@@ -77,7 +95,35 @@ return baseclass.extend({
expect: { result: false }
}),
init_consts: function() {
if (!this.packager) {
this.packager = { };
if (L.hasSystemFeature('apk')) {
this.packager.name = 'apk';
this.packager.path = '/usr/bin/apk';
this.packager.args = [ 'list', '-I', '*zapret*' ];
} else {
this.packager.name = 'opkg';
this.packager.path = '/bin/opkg';
this.packager.args = [ 'list-installed', '*zapret*' ];
}
//console.log('PACKAGER: ' + this.packager.name);
}
},
getSvcInfo: function(svc_name = null) {
this.init_consts();
let name = (svc_name) ? svc_name : this.appName;
let verbose = 1;
return this.callServiceList(name, verbose).then(res => {
return res;
}).catch(e => {
ui.addNotification(null, E('p', _('Failed to get %s service info: %s').format(name, e)));
});
},
getInitState: function(name) {
this.init_consts();
return this.callInitState(name).then(res => {
if (res) {
return res[name].enabled ? true : false;
@@ -104,6 +150,47 @@ return baseclass.extend({
return (v && typeof(v) === 'string') ? v.trim().replace(/\r?\n/g, '') : v;
},
decode_pkg_list: function(pkg_list) {
let pkg_dict = { };
let lines = pkg_list.trim().split('\n');
for (let i = 0; i < lines.length; i++) {
let line = lines[i].trim();
let name;
let ver;
if (this.packager.name == 'apk') {
let fullname = line.split(' ')[0];
let mpos = fullname.lastIndexOf("-");
if (mpos <= 0)
continue;
if (fullname.substring(mpos+1, mpos+2) == 'r') {
// release number
fullname = fullname.substring(0, mpos);
}
mpos = fullname.lastIndexOf("-");
if (mpos <= 0)
continue;
name = fullname.substring(0, mpos).trim();
ver = fullname.substring(mpos+1).trim();
} else {
if (!line.includes(' - '))
continue;
name = line.split(' - ')[0].trim();
ver = line.split(' - ')[1].trim();
let spos = ver.indexOf(" ");
if (spos > 0) {
ver = ver.substring(0, spos);
}
let mpos = ver.lastIndexOf("-");
if (mpos > 0 && ver.substring(mpos+1, mpos+2) == 'r') {
// release number
ver = ver.substring(0, mpos);
}
}
pkg_dict[name] = ver;
}
return pkg_dict;
},
get_pid_list: function(proc_list) {
let plist = [ ];
let lines = proc_list.trim().split('\n');
@@ -125,37 +212,38 @@ return baseclass.extend({
let result = {
"autorun": svc_autorun,
"dmn": {
inited: false,
total: 0,
running: 0,
working: 0,
},
"status": this.statusDict.error,
};
if (svc_info.code != 0) {
return -1;
}
if (proc_list.code != 0) {
return -2;
}
let plist = this.get_pid_list(proc_list.stdout);
let jdata = JSON.parse(svc_info.stdout);
if (typeof(jdata) !== 'object') {
if (plist.length < 4) {
return -3;
}
if (typeof(svc_info) !== 'object') {
return -4;
}
let jdata = svc_info;
if (typeof(jdata.zapret) == 'object') {
result.dmn.inited = true;
let dmn_list = jdata.zapret.instances;
if (typeof(dmn_list) !== 'object') {
return -4;
}
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1;
if (daemon.running) {
result.dmn.running += 1;
}
if (daemon.pid !== undefined && daemon.pid != null) {
if (plist.includes(daemon.pid)) {
result.dmn.working += 1;
if (typeof(dmn_list) == 'object') {
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1;
if (daemon.running) {
result.dmn.running += 1;
}
if (daemon.pid !== undefined && daemon.pid != null) {
if (plist.includes(daemon.pid)) {
result.dmn.working += 1;
}
}
}
}
@@ -164,7 +252,7 @@ return baseclass.extend({
if (result.dmn.total == 0) {
result.status = (!svc_autorun) ? this.statusDict.disabled : this.statusDict.stopped;
} else {
result.status = (!result.dmn.working) ? this.statusDict.started : this.statusDict.running;
result.status = (result.dmn.inited) ? this.statusDict.started : this.statusDict.running;
}
return result;
},
@@ -175,7 +263,7 @@ return baseclass.extend({
if (typeof(svcinfo) == 'object') {
svc_autorun = (svcinfo.autorun) ? _('Enabled') : _('Disabled');
if (svcinfo.dmn.total == 0) {
if (!svcinfo.dmn.inited) {
svc_daemons = _('Stopped');
} else {
svc_daemons = (!svcinfo.dmn.working) ? _('Starting') : _('Running');
@@ -214,7 +302,7 @@ return baseclass.extend({
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('Blacklist update mode')}:
${_('HostLists update mode')}:
</td>
<td class="td left">
${update_mode}
@@ -229,6 +317,17 @@ return baseclass.extend({
</table>`;
return out;
},
getLineCount: function(mstr) {
let count = 0;
let c = '\n'.charAt(0);
for (let i = 0; i < mstr.length; ++i) {
if (c === mstr.charAt(i)) {
++count;
}
}
return count;
},
fileEditDialog: baseclass.extend({
__init__: function(file, title, desc, aux = null, rows = 10, callback, file_exists = false) {
@@ -331,16 +430,29 @@ return baseclass.extend({
}),
longstrEditDialog: baseclass.extend({
__init__: function(cfgsec, cfgparam, title, desc, rows = 10) {
__init__: function(cfgsec, cfgparam, title, desc, rows = 10, multiline = false) {
this.cfgsec = cfgsec;
this.cfgparam = cfgparam;
this.title = title;
this.desc = desc;
this.rows = rows;
this.multiline = multiline;
},
load: function() {
return uci.get('zapret', this.cfgsec, this.cfgparam);
let value = uci.get('zapret', this.cfgsec, this.cfgparam);
if (typeof(value) === 'string') {
value = value.trim();
if (this.multiline == 2) {
value = value.replace(/\n\t\t\t--/g, "\n--");
value = value.replace(/\n\t\t--/g, "\n--");
value = value.replace(/\n\t--/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/ --/g, "\n--");
}
}
return value;
},
render: function(content) {
@@ -378,13 +490,40 @@ return baseclass.extend({
handleSave: function(ev) {
let txt = document.getElementById('widget.modal_content');
let value = txt.value.trim().replace(/\r\n/g, ' ').replace(/\r/g, ' ').replace(/\n/g, ' ').trim();
let value = txt.value.trim();
if (this.multiline) {
value = value.replace(/\r/g, '');
if (value != "" && value != "\t") {
value = '\n' + value + '\n';
if (this.multiline == 2) {
value = value.replace(/"/g, '');
value = value.replace(/'/g, '');
}
}
} else {
value = value.replace(/\r\n/g, ' ');
value = value.replace(/\r/g, ' ');
value = value.replace(/\n/g, ' ');
value = value.trim();
}
if (value == "") {
value = "\t";
}
value = value.replace(/˂/g, '<');
value = value.replace(/˃/g, '>');
uci.set('zapret', this.cfgsec, this.cfgparam, value);
uci.save();
let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam);
if (elem) {
elem.querySelector('div').textContent = value;
let val = value.trim();
if (this.multiline) {
val = val.replace(/</g, '˂');
val = val.replace(/>/g, '˃');
val = val.replace(/\n/g, '<br/>');
elem.querySelector('div').innerHTML = val;
} else {
elem.querySelector('div').textContent = val;
}
}
ui.hideModal();
/*

10
luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json
View File

@@ -10,6 +10,7 @@
"acl": [ "luci-app-zapret" ],
"fs": {
"/opt/zapret/sync_config.sh": "executable",
"/opt/zapret/restore-def-cfg.sh": "executable",
"/etc/init.d/zapret": "executable"
},
"uci": { "zapret": true }
@@ -32,5 +33,14 @@
"type": "view",
"path": "zapret/settings"
}
},
"admin/services/zapret/dmnlog": {
"title": "Log Viewer",
"order": 30,
"action": {
"type": "view",
"path": "zapret/dmnlog"
}
}
}

14
luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json
View File

@@ -6,20 +6,30 @@
"file": {
"/opt/zapret/config": [ "read" ],
"/opt/zapret/ipset/*": [ "read" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "read" ],
"/etc/crontabs/root": [ "read" ],
"/tmp/zapret*": [ "read" ],
"/etc/init.d/zapret*": [ "exec" ],
"/bin/ps*": [ "exec" ],
"/bin/cat*": [ "exec" ],
"/bin/busybox*": [ "exec" ],
"/bin/opkg*": [ "exec" ],
"/usr/bin/apk*": [ "exec" ],
"/usr/bin/find*": [ "exec" ],
"/opt/zapret/restore-def-cfg.sh*": [ "exec" ],
"/opt/zapret/sync_config.sh*": [ "exec" ]
},
"uci": [ "zapret", "network" ],
"ubus": {
"luci": [ "getInitList", "setInitAction" ]
"luci": [ "getInitList", "setInitAction" ],
"service": [ "list" ]
}
},
"write": {
"file": {
"/opt/zapret/config": [ "write" ],
"/opt/zapret/ipset/*.txt": [ "write" ],
"/opt/zapret/ipset/*": [ "write" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "write" ],
"/etc/crontabs/root": [ "write" ]
},
"uci": [ "zapret" ]

7
zapret-ip2net/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-ip2net
PKG_VERSION:=65
PKG_RELEASE:=20241023
PKG_VERSION:=71.20250607
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
PKG_SOURCE_DATE:=2024-10-23
PKG_SOURCE_VERSION:=f3d48b7160f5e257edf0adb302878488d4955095
PKG_SOURCE_DATE:=2025-06-07
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

7
zapret-mdig/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-mdig
PKG_VERSION:=65
PKG_RELEASE:=20241023
PKG_VERSION:=71.20250607
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
PKG_SOURCE_DATE:=2024-10-23
PKG_SOURCE_VERSION:=f3d48b7160f5e257edf0adb302878488d4955095
PKG_SOURCE_DATE:=2025-06-07
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

7
zapret-tpws/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-tpws
PKG_VERSION:=65
PKG_RELEASE:=20241023
PKG_VERSION:=71.20250607
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
PKG_SOURCE_DATE:=2024-10-23
PKG_SOURCE_VERSION:=f3d48b7160f5e257edf0adb302878488d4955095
PKG_SOURCE_DATE:=2025-06-07
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

105
zapret/Makefile
View File

@@ -5,8 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret
PKG_VERSION:=65
PKG_RELEASE:=20241023
PKG_VERSION:=71.20250607
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -14,8 +13,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=5cd5ab176ebe020f0af66829254dc29f275c1840
PKG_SOURCE_DATE:=2024-10-23
PKG_SOURCE_VERSION:=f3d48b7160f5e257edf0adb302878488d4955095
PKG_SOURCE_DATE:=2025-06-07
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
@@ -70,27 +69,30 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/ipset
$(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh
$(INSTALL_CONF) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default
#$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default
$(INSTALL_DIR) $(1)/opt/zapret/tmp
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/zapret $(1)/etc/init.d/zapret
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./zapret.config $(1)/etc/config/zapret
$(INSTALL_CONF) ./config $(1)/opt/zapret/config
#$(INSTALL_CONF) ./ipset/zapret-hosts-auto.txt $(1)/opt/zapret/ipset/zapret-hosts-auto.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user-ipban.txt $(1)/opt/zapret/ipset/zapret-hosts-user-ipban.txt
#$(INSTALL_CONF) ./ipset/zapret-ip.txt $(1)/opt/zapret/ipset/zapret-ip.txt
$(INSTALL_CONF) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user.txt $(1)/opt/zapret/ipset/zapret-ip-user.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-user-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user-ipban.txt $(1)/opt/zapret/ipset/zapret-ip-user-ipban.txt
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
$(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret
$(INSTALL_DATA) ./config.default $(1)/opt/zapret/config.default
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh
$(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret/comfunc.sh
$(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret/def-cfg.sh
$(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret/renew-cfg.sh
$(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret/restore-def-cfg.sh
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
# Fix permisions
chmod 644 $(1)/opt/zapret/ipset/*.txt
chmod 644 $(1)/opt/zapret/config.default
chmod 755 $(1)/opt/zapret/*.sh
endef
define Package/$(PKG_NAME)/preinst
@@ -106,9 +108,19 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
fi
if [ "$${PKG_UPGRADE}" = "1" ]; then
# stop service if PKG_UPGRADE
[ -x "/etc/init.d/zapret" ] && /etc/init.d/zapret stop >/dev/null 2>&1
if [ -x "/etc/init.d/zapret" ]; then
/etc/init.d/zapret running && /etc/init.d/zapret stop >/dev/null 2>&1
fi
fi
fi
if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then
if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then
CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' )
if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then
rm -f "/opt/zapret/ipset/zapret-hosts-user.txt"
fi
fi
fi
fi
exit 0
endef
@@ -116,26 +128,32 @@ define Package/$(PKG_NAME)/postinst
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
NEWCFGNAME=zapret-opkg
NEWCFGFILE=/etc/config/$${NEWCFGNAME}
if [ -f "$${NEWCFGFILE}" ]; then
uci -m -f /etc/config/zapret import "$${NEWCFGNAME}"
uci commit "$${NEWCFGNAME}"
uci -m -f "$${NEWCFGFILE}" import zapret
uci commit zapret
rm -f "$${NEWCFGFILE}"
echo "File /etc/config/zapret merged from IPK"
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
# creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
NEWCONFIG=/opt/zapret/config-opkg
if [ -f "$${NEWCONFIG}" ]; then
# backup current main config
mv -f /opt/zapret/config /opt/zapret/config.backup
# renew main config
mv -f "$${NEWCONFIG}" /opt/zapret/config
echo "File /opt/zapret/config replaced from IPK"
# check obsolete format for main config
if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then
echo "Detect obsolute format for main config!"
ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup"
cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}"
echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}"
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# synchnonize main config
# check existing uci-config
[ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
# create or merge uci-config
/opt/zapret/uci-def-cfg.sh
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config"
# remove uci-default script from system dir (used into /etc/init.d/boot)
rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh
# copy (sync) all params from uci-config to main config
/opt/zapret/sync_config.sh
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58
# enable main service
/etc/init.d/zapret enable
# stop all
@@ -157,14 +175,21 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
OPENWRT_FW_INCLUDE=/etc/firewall.zapret
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
exit 0
fi
. "$${ZAPRET_CONFIG}"
. "$${ZAPRET_BASE}/common/base.sh"
. "$${ZAPRET_BASE}/common/fwtype.sh"
. "$${ZAPRET_BASE}/common/nft.sh"
. "$${ZAPRET_BASE}/common/installer.sh"
/etc/init.d/zapret running && /etc/init.d/zapret stop
/etc/init.d/zapret disable
/etc/init.d/zapret stop
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
remove_openwrt_firewall
nft_del_table
@@ -178,7 +203,7 @@ define Package/$(PKG_NAME)/postrm
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
[ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg"
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup2"
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup"
#rm -rf /opt/zapret
#echo "Directory /opt/zapret removed!"
fi

191
zapret/comfunc.sh Executable file
View File

@@ -0,0 +1,191 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_INITD=/etc/init.d/zapret
ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret"
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret
ZAPRET_CFG_NAME=zapret
ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )"
. $ZAPRET_BASE/def-cfg.sh
CRONTAB_FILE="/etc/crontabs/root"
function adapt_for_sed
{
echo -n "$1" | tr '\r' ' ' | tr '\n' ' ' | tr '\t' ' ' | sed -r 's/([\$\.\*\/\[\\^])/\\\1/g' | sed 's/[]]/\\]/g'
}
function is_valid_config
{
local fname=${1:-$ZAPRET_CONFIG}
sh -n "$fname" &>/dev/null
return $?
}
function get_ppid_by_pid
{
local pid=$1
local ppid="$( cat /proc/$pid/status 2>/dev/null | grep '^PPid:' | awk '{print $2}' )"
echo "$ppid"
}
function get_proc_path_by_pid
{
local pid=$1
local path=$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' | head -n1 )
echo "$path"
}
function get_proc_cmd_by_pid
{
local pid=$1
local delim="$2"
local cmdline
if [ "$delim" = "" ]; then
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' )"
else
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' "$delim" )"
fi
echo "$cmdline"
}
function is_run_via_procd
{
local pname
[ "$$" = "1" ] && return 0
pname="$( get_proc_path_by_pid $$ )"
[ "$pname" = "/sbin/procd" ] && return 0
[ "$PPID" = "1" ] && return 0
pname="$( get_proc_path_by_pid $PPID )"
[ "$pname" = "/sbin/procd" ] && return 0
return 1
}
function is_run_on_boot
{
local cmdline="$( get_proc_cmd_by_pid $$ ' ' )"
if echo "$cmdline" | grep -q " /etc/rc.d/S" ; then
if echo "$cmdline" | grep -q " boot $" ; then
return 0
fi
fi
return 1
}
function get_run_on_boot_option
{
if [ "$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )" = "1" ]; then
echo 1
else
echo 0
fi
}
function create_default_cfg
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local cfgfile=/etc/config/$cfgname
rm -f $cfgfile
touch $cfgfile
uci set $cfgname.config=main
set_cfg_default_values $cfgname
return 0
}
function merge_cfg_with_def_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2
local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="zapret-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
[ -z "$cfg_sec_name" ] && create_default_cfg
create_default_cfg "$NEWCFGNAME"
[ ! -f "$NEWCFGFILE" ] && return 1
uci -m -f $cfgfile import "$NEWCFGNAME"
uci commit "$NEWCFGNAME"
uci -m -f "$NEWCFGFILE" import $cfgname
uci commit $cfgname
rm -f "$NEWCFGFILE"
return 0
}
function remove_cron_task_logs
{
if [ -f "$CRONTAB_FILE" ]; then
sed -i "/-name 'zapret\*.log' -size +/d" "$CRONTAB_FILE"
fi
}
function insert_cron_task_logs
{
[ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE"
[ ! -f "$CRONTAB_FILE" ] && return 1
if ! grep -q -e "-name 'zapret\*\.log' -size \+" "$CRONTAB_FILE"; then
echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE"
/etc/init.d/cron restart 2> /dev/null
fi
return 0
}
function init_before_start
{
local DAEMON_LOG_ENABLE=$1
local HOSTLIST_FN="$ZAPRET_BASE/ipset/zapret-hosts-user.txt"
[ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN"
chmod 644 $ZAPRET_BASE/ipset/*.txt
chmod 666 $ZAPRET_BASE/ipset/*.log
rm -f /tmp/zapret*.log
#*/
if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
insert_cron_task_logs
else
remove_cron_task_logs
fi
return 0
}
function patch_luci_header_ut
{
# INFO: https://github.com/openwrt/luci/pull/7725
local header_ut=/usr/share/ucode/luci/template/header.ut
local runtime_uc=/usr/share/ucode/luci/runtime.uc
local newenv
[ ! -f $header_ut ] && return 0
[ ! -f $runtime_uc ] && return 0
if grep -q "pkgs_update_time" $runtime_uc; then
return 0
fi
if grep -q "pkgs_update_time" $header_ut; then
return 0
fi
sed -i "/^import { access/i import { stat } from 'fs';" $runtime_uc
if ! grep -q "{ stat }" $runtime_uc; then
return 1
fi
newenv="self.env.pkgs_update_time = stat('/lib/apk/db/installed')?.mtime ?? stat('/usr/lib/opkg/status')?.mtime ?? 0;"
newenv=`adapt_for_sed "$newenv"`
sed -i "/self.env.include =/i $newenv" $runtime_uc
if ! grep -q "pkgs_update_time" $runtime_uc; then
return 1
fi
sed -i 's/luci.js?v=\(.*\)"><\/script>/luci.js?v=\1-{{ pkgs_update_time }}"><\/script>/g' $header_ut
if ! grep -q "pkgs_update_time" $header_ut; then
return 1
fi
logger -p notice -t ZAPRET "patch_luci_header_ut: OK"
return 0
}

144
zapret/config
View File

@@ -1,144 +0,0 @@
# this file is included from init scripts
# change values here
# can help in case /tmp has not enough space
#TMPDIR=/opt/zapret/tmp
# override firewall type : iptables,nftables,ipfw
FWTYPE=nftables
# options for ipsets
# maximum number of elements in sets. also used for nft sets
SET_MAXELEM=522288
# too low hashsize can cause memory allocation errors on low RAM systems , even if RAM is enough
# too large hashsize will waste lots of RAM
IPSET_OPT="hashsize 262144 maxelem $SET_MAXELEM"
# dynamically generate additional ip. $1 = ipset/nfset/table name
#IPSET_HOOK="/etc/zapret.ipset.hook"
# options for ip2net. "-4" or "-6" auto added by ipset create script
IP2NET_OPT4="--prefix-length=22-30 --v4-threshold=3/4"
IP2NET_OPT6="--prefix-length=56-64 --v6-threshold=5"
# options for auto hostlist
AUTOHOSTLIST_RETRANS_THRESHOLD=3
AUTOHOSTLIST_FAIL_THRESHOLD=3
AUTOHOSTLIST_FAIL_TIME=60
# 1 = debug autohostlist positives to ipset/zapret-hosts-auto-debug.log
AUTOHOSTLIST_DEBUGLOG=0
# number of parallel threads for domain list resolves
MDIG_THREADS=30
# ipset/*.sh can compress large lists
GZIP_LISTS=0
# command to reload ip/host lists after update
# comment or leave empty for auto backend selection : ipset or ipfw if present
# on BSD systems with PF no auto reloading happens. you must provide your own command
# set to "-" to disable reload
#LISTS_RELOAD="pfctl -f /etc/pf.conf"
# override ports
HTTP_PORTS=80
HTTPS_PORTS=443
QUIC_PORTS=443
# CHOOSE OPERATION MODE
# MODE : nfqws,tpws,tpws-socks,filter,custom
# nfqws : nfqws for dpi desync
# tpws : tpws transparent mode
# tpws-socks : tpws socks mode
# filter : no daemon, just create ipset or download hostlist
# custom : custom mode. should modify custom init script and add your own code
MODE=nfqws
MODE_HTTP=1
MODE_HTTP_KEEPALIVE=0
MODE_HTTPS=1
MODE_QUIC=1
# none,ipset,hostlist,autohostlist
MODE_FILTER=hostlist
# CHOOSE NFQWS DAEMON OPTIONS for DPI desync mode. run "nfq/nfqws --help" for option list
DESYNC_MARK=0x40000000
DESYNC_MARK_POSTNAT=0x20000000
NFQWS_OPT_DESYNC="--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin"
NFQWS_OPT_DESYNC_SUFFIX=""
NFQWS_OPT_DESYNC_HTTP=""
NFQWS_OPT_DESYNC_HTTP_SUFFIX=""
NFQWS_OPT_DESYNC_HTTPS=""
NFQWS_OPT_DESYNC_HTTPS_SUFFIX=""
NFQWS_OPT_DESYNC_HTTP6=""
NFQWS_OPT_DESYNC_HTTP6_SUFFIX=""
NFQWS_OPT_DESYNC_HTTPS6=""
NFQWS_OPT_DESYNC_HTTPS6_SUFFIX=""
NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15"
NFQWS_OPT_DESYNC_QUIC_SUFFIX=""
NFQWS_OPT_DESYNC_QUIC6=""
NFQWS_OPT_DESYNC_QUIC6_SUFFIX=""
# CHOOSE TPWS DAEMON OPTIONS. run "tpws/tpws --help" for option list
# SUFFIX VARS define additional lower priority desync profile. it's required if MODE_FILTER=hostlist and strategy has hostlist-incompatible 0-phase desync methods (mss)
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
#TPWS_OPT_SUFFIX="--mss 88"
# FlowOffload mode : donttouch,none,software,hardware
FLOWOFFLOAD=none
# openwrt: specify networks to be treated as LAN. default is "lan"
#OPENWRT_LAN="lan lan2 lan3"
# openwrt: specify networks to be treated as WAN. default wans are interfaces with default route
#OPENWRT_WAN4="wan vpn"
#OPENWRT_WAN6="wan6 vpn6"
# for routers based on desktop linux and macos. has no effect in openwrt.
# CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES
# or leave them commented if its not router
# it's possible to specify multiple interfaces like this : IFACE_LAN="eth0 eth1 eth2"
# if IFACE_WAN6 is not defined it take the value of IFACE_WAN
#IFACE_LAN=eth0
#IFACE_WAN=eth1
#IFACE_WAN6="ipsec0 wireguard0 he_net"
# should start/stop command of init scripts apply firewall rules ?
# not applicable to openwrt with firewall3+iptables
INIT_APPLY_FW=1
# firewall apply hooks
#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret.hook.pre_up"
#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret.hook.post_up"
#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret.hook.pre_down"
#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret.hook.post_down"
# do not work with ipv4
DISABLE_IPV4=0
# do not work with ipv6
DISABLE_IPV6=1
# select which init script will be used to get ip or host list
# possible values : get_user.sh get_antizapret.sh get_combined.sh get_reestr.sh get_hostlist.sh
# comment if not required
#GETLIST=get_antizapret_domains.sh
#GETLIST=get_antifilter_ipsmart.sh

152
zapret/config.default Normal file
View File

@@ -0,0 +1,152 @@
# this file is included from init scripts
# change values here
# can help in case /tmp has not enough space
#TMPDIR=/opt/zapret/tmp
# redefine user for zapret daemons. required on Keenetic
WS_USER="daemon"
# override firewall type : iptables,nftables,ipfw
FWTYPE=nftables
# nftables only : set this to 0 to use pre-nat mode. default is post-nat.
# pre-nat mode disables some bypass techniques for forwarded traffic but allows to see client IP addresses in debug log
POSTNAT=1
# options for ipsets
# maximum number of elements in sets. also used for nft sets
SET_MAXELEM=522288
# too low hashsize can cause memory allocation errors on low RAM systems , even if RAM is enough
# too large hashsize will waste lots of RAM
IPSET_OPT="hashsize 262144 maxelem $SET_MAXELEM"
# dynamically generate additional ip. $1 = ipset/nfset/table name
#IPSET_HOOK="/etc/zapret.ipset.hook"
# options for ip2net. "-4" or "-6" auto added by ipset create script
IP2NET_OPT4="--prefix-length=22-30 --v4-threshold=3/4"
IP2NET_OPT6="--prefix-length=56-64 --v6-threshold=5"
# options for auto hostlist
AUTOHOSTLIST_RETRANS_THRESHOLD=3
AUTOHOSTLIST_FAIL_THRESHOLD=3
AUTOHOSTLIST_FAIL_TIME=60
# 1 = debug autohostlist positives to ipset/zapret-hosts-auto-debug.log
AUTOHOSTLIST_DEBUGLOG=0
# number of parallel threads for domain list resolves
MDIG_THREADS=30
# ipset/*.sh can compress large lists
GZIP_LISTS=0
# command to reload ip/host lists after update
# comment or leave empty for auto backend selection : ipset or ipfw if present
# on BSD systems with PF no auto reloading happens. you must provide your own command
# set to "-" to disable reload
#LISTS_RELOAD="pfctl -f /etc/pf.conf"
# none,ipset,hostlist,autohostlist
MODE_FILTER=hostlist
# mark bit used by nfqws to prevent loop
DESYNC_MARK=0x40000000
DESYNC_MARK_POSTNAT=0x20000000
TPWS_SOCKS_ENABLE=0
# tpws socks listens on this port on localhost and LAN interfaces
TPPORT_SOCKS=987
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
TPWS_ENABLE=0
TPWS_PORTS="80,443"
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
NFQWS_ENABLE=1
# redirect outgoing traffic with connbytes limiter applied in both directions.
NFQWS_PORTS_TCP="80,443"
NFQWS_PORTS_UDP="443"
# PKT_OUT means connbytes dir original
# PKT_IN means connbytes dir reply
# this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU.
NFQWS_TCP_PKT_OUT="9"
NFQWS_TCP_PKT_IN="3"
NFQWS_UDP_PKT_OUT="9"
NFQWS_UDP_PKT_IN="0"
# redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter
# normally it's needed only for stateless DPI that matches every packet in a single TCP session
# typical example are plain HTTP keep alives
# this mode can be very CPU consuming. enable with care !
NFQWS_PORTS_TCP_KEEPALIVE=""
NFQWS_PORTS_UDP_KEEPALIVE=""
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
NFQWS_OPT="--filter-tcp=80 <HOSTLIST> --dpi-desync=fake,fakedsplit --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-repeats=11 --dpi-desync-fooling=md5sig --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 <HOSTLIST_NOAUTO> --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=443 <HOSTLIST> --dpi-desync=fake,multidisorder --dpi-desync-split-pos=midsld --dpi-desync-repeats=6 --dpi-desync-fooling=badseq,md5sig"
DISABLE_CUSTOM=0
# FlowOffload mode : donttouch,none,software,hardware
FLOWOFFLOAD=none
# openwrt: specify networks to be treated as LAN. default is "lan"
#OPENWRT_LAN="lan lan2 lan3"
# openwrt: specify networks to be treated as WAN. default wans are interfaces with default route
#OPENWRT_WAN4="wan vpn"
#OPENWRT_WAN6="wan6 vpn6"
# for routers based on desktop linux and macos. has no effect in openwrt.
# CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES
# or leave them commented if its not router
# it's possible to specify multiple interfaces like this : IFACE_LAN="eth0 eth1 eth2"
# if IFACE_WAN6 is not defined it take the value of IFACE_WAN
#IFACE_LAN=eth0
#IFACE_WAN=eth1
#IFACE_WAN6="ipsec0 wireguard0 he_net"
# should start/stop command of init scripts apply firewall rules ?
# not applicable to openwrt with firewall3+iptables
INIT_APPLY_FW=1
# firewall apply hooks
#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret.hook.pre_up"
#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret.hook.post_up"
#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret.hook.pre_down"
#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret.hook.post_down"
# do not work with ipv4
DISABLE_IPV4=0
# do not work with ipv6
DISABLE_IPV6=1
# drop icmp time exceeded messages for nfqws tampered connections
# in POSTNAT mode this can interfere with default mtr/traceroute in tcp or udp mode. use source port not redirected to nfqws
# set to 0 if you are not expecting connection breakage due to icmp in response to TCP SYN or UDP
FILTER_TTL_EXPIRED_ICMP=1
# select which init script will be used to get ip or host list
# possible values : get_user.sh get_antizapret.sh get_combined.sh get_reestr.sh get_hostlist.sh
# comment if not required
#GETLIST=get_antizapret_domains.sh
DAEMON_LOG_ENABLE=0
DAEMON_LOG_FILE="/tmp/zapret+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log"

72
zapret/def-cfg.sh Executable file
View File

@@ -0,0 +1,72 @@
#!/bin/sh
# Copyright (c) 2024 remittor
function set_cfg_default_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( echo -n -e '\t' )"
uci batch <<-EOF
set $cfgname.config.run_on_boot='0'
# settings for zapret service
set $cfgname.config.FWTYPE='nftables'
set $cfgname.config.POSTNAT='1'
set $cfgname.config.FLOWOFFLOAD='none'
set $cfgname.config.INIT_APPLY_FW='1'
set $cfgname.config.DISABLE_IPV4='0'
set $cfgname.config.DISABLE_IPV6='1'
set $cfgname.config.FILTER_TTL_EXPIRED_ICMP='1'
set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.DISABLE_CUSTOM='0'
set $cfgname.config.WS_USER='daemon'
set $cfgname.config.DAEMON_LOG_ENABLE='0'
set $cfgname.config.DAEMON_LOG_FILE='/tmp/zapret+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log'
# autohostlist options
set $cfgname.config.AUTOHOSTLIST_RETRANS_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
# nfqws options
set $cfgname.config.NFQWS_ENABLE='1'
set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_TCP_PKT_OUT='9'
set $cfgname.config.NFQWS_TCP_PKT_IN='3'
set $cfgname.config.NFQWS_UDP_PKT_OUT='9'
set $cfgname.config.NFQWS_UDP_PKT_IN='0'
set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0'
set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0'
set $cfgname.config.NFQWS_OPT="
--filter-tcp=80 <HOSTLIST>
--dpi-desync=fake,fakedsplit
--dpi-desync-autottl=2
--dpi-desync-fooling=md5sig
--new
--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake,multidisorder
--dpi-desync-split-pos=1,midsld
--dpi-desync-repeats=11
--dpi-desync-fooling=md5sig
--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--new
--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake
--dpi-desync-repeats=11
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
--new
--filter-udp=443 <HOSTLIST_NOAUTO>
--dpi-desync=fake
--dpi-desync-repeats=11
--new
--filter-tcp=443 <HOSTLIST>
--dpi-desync=fake,multidisorder
--dpi-desync-split-pos=midsld
--dpi-desync-repeats=6
--dpi-desync-fooling=badseq,md5sig
"
# save changes
commit $cfgname
EOF
return 0
}

87
zapret/init.d.sh Executable file
View File

@@ -0,0 +1,87 @@
#!/bin/sh /etc/rc.common
# Copyright (c) 2024 remittor
USE_PROCD=1
# after network
START=21
SCRIPT_FILENAME=$1
. /opt/zapret/comfunc.sh
if ! is_valid_config ; then
logger -p err -t ZAPRET "Wrong main config: $ZAPRET_CONFIG"
exit 91
fi
. $ZAPRET_ORIG_INITD
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0
function enable
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to enable service, but service blocked!"
return 61
fi
fi
fi
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
uci set $ZAPRET_CFG_NAME.config.run_on_boot=1
uci commit
fi
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD enable
}
function enabled
{
local run_on_boot=""
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
logger -p notice -t ZAPRET "Service is blocked!"
fi
return 61
fi
fi
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD enabled
}
function boot
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to run service on boot! Service is blocked!"
return 61
fi
fi
fi
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function start
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function restart
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD restart "$@"
}

13
zapret/ipset/zapret-hosts-google.txt Normal file
View File

@@ -0,0 +1,13 @@
googlevideo.com
youtubei.googleapis.com
ytimg.com
yt3.ggpht.com
yt4.ggpht.com
youtube.com
youtubeembeddedplayer.googleapis.com
ytimg.l.google.com
jnn-pa.googleapis.com
youtube-nocookie.com
youtube-ui.l.google.com
yt-video-upload.l.google.com
wide-youtube.l.google.com

14
zapret/ipset/zapret-hosts-user-exclude.txt
View File

@@ -1,6 +1,20 @@
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
::1
fc00::/7
fe80::/10
play.google.com
android.com
google-analytics.com
googleusercontent.com
gstatic.com
gvt1.com
ggpht.com
dl.google.com
dl-ssl.google.com
android.clients.google.com
gvt2.com
gvt3.com

0
zapret/ipset/zapret-hosts-user-ipban.txt
View File

14
zapret/ipset/zapret-hosts-user.txt
View File

@@ -1,13 +1 @@
googlevideo.com
youtubei.googleapis.com
ytimg.com
yt3.ggpht.com
yt4.ggpht.com
youtube.com
youtubeembeddedplayer.googleapis.com
ytimg.l.google.com
jnn-pa.googleapis.com
youtube-nocookie.com
youtube-ui.l.google.com
yt-video-upload.l.google.com
wide-youtube.l.google.com
abra-cadabra.com

0
zapret/ipset/zapret-ip-user-exclude.txt
View File

0
zapret/ipset/zapret-ip-user-ipban.txt
View File

0
zapret/ipset/zapret-ip-user.txt
View File

65
zapret/patches/0001-Add-support-log-file-for-each-daemons.patch Normal file
View File

@@ -0,0 +1,65 @@
From 069fb25032d1b85ea57615ca234752e3969b777b Mon Sep 17 00:00:00 2001
From: remittor <remittor@gmail.com>
Date: Sat, 8 Feb 2025 22:04:51 +0300
Subject: [PATCH] Add support log file for each daemons
---
diff --git a/common/custom.sh b/common/custom.sh
index 0af19c0..41c0967 100644
--- a/common/custom.sh
+++ b/common/custom.sh
@@ -13,9 +13,16 @@ custom_runner()
dir_is_not_empty "$CUSTOM_DIR/custom.d" && {
for script in "$CUSTOM_DIR/custom.d/"*; do
[ -f "$script" ] || continue
+ DAEMON_CFGNAME_SAVED="$DAEMON_CFGNAME"
+ unset DAEMON_CFGNAME
unset -f $FUNC
. "$script"
+ if [ -z "$DAEMON_CFGNAME" ]; then
+ DAEMON_CFGNAME="$(basename "$script")"
+ DAEMON_CFGNAME="${DAEMON_CFGNAME%%.*}"
+ fi
existf $FUNC && $FUNC "$@"
+ DAEMON_CFGNAME="$DAEMON_CFGNAME_SAVED"
done
}
}
diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret
index 8d6d3a9..fcb1e91 100755
--- a/init.d/openwrt/zapret
+++ b/init.d/openwrt/zapret
@@ -58,12 +58,29 @@ run_daemon()
# use $PIDDIR/$DAEMONBASE$1.pid as pidfile
local DAEMONBASE="$(basename "$2")"
echo "Starting daemon $1: $2 $3"
+ local DAEMON_NAME="$DAEMONBASE"
+ local DAEMON_IDNUM=$1
+ local DAEMON_PATH="$2"
+ local DAEMON_ARGS="$3"
+ local DAEMON_LOG=
+ if [ -n "$DAEMON_LOG_FILE" ]; then
+ DAEMON_LOG="$DAEMON_LOG_FILE"
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_NAME>/$DAEMON_NAME}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_IDNUM>/$DAEMON_IDNUM}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_CFGNAME>/$DAEMON_CFGNAME}
+ [ -f "$DAEMON_LOG" ] && rm -f "$DAEMON_LOG"
+ if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
+ DAEMON_ARGS="--debug=@$DAEMON_LOG $DAEMON_ARGS"
+ fi
+ fi
procd_open_instance
- procd_set_param command $2 $3
+ procd_set_param command $DAEMON_PATH $DAEMON_ARGS
procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid
procd_close_instance
}
+DAEMON_CFGNAME="main"
+
run_tpws()
{
[ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0
--
2.41.0.windows.3

16
zapret/renew-cfg.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
merge_cfg_with_def_values
CONFIGS_SYNC=0
[ ! -f "$ZAPRET_CONFIG" ] && CONFIGS_SYNC=1
[ "$1" = "sync" ] && CONFIGS_SYNC=1
if [ "$CONFIGS_SYNC" = "1" ]; then
# renew main config
/opt/zapret/sync_config.sh
fi

18
zapret/restore-def-cfg.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )"
create_default_cfg
if [ "$cfg_run_on_boot" = "1" ]; then
uci set zapret.config.run_on_boot=1
uci commit
fi
if [ "$1" = "sync" ]; then
# renew main config
/opt/zapret/sync_config.sh
fi

110
zapret/sync_config.sh
View File

@@ -1,21 +1,30 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CFG=/etc/config/zapret
. /opt/zapret/comfunc.sh
function get_sed_compat
function uncomment_param
{
local str=$( ( echo $1|sed -r 's/([\$\.\*\/\[\\^])/\\\1/g'|sed 's/[]]/\\]/g' )>&1 )
echo "$str"
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
sed -i "/^#$param=/s/^#//" $fname
}
function append_param
{
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
grep -q "^$param=" $fname
if [ "$?" != "0" ]; then
echo "" >> $fname
echo "$param=" >> $fname
fi
}
function set_param_value
{
local param=$1
local value=$( get_sed_compat "$2" )
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=$value/g" $fname
}
@@ -23,7 +32,7 @@ function set_param_value
function set_param_value_str
{
local param=$1
local value=$( get_sed_compat "$2" )
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=\"$value\"/g" $fname
}
@@ -32,41 +41,76 @@ function sync_param
{
local param=$1
local vtype=$2
local value=$( uci -q get zapret.@main[0].$param )
local value="$( uci -q get zapret.config.$param )"
uncomment_param $param
append_param $param
local TAB="$( echo -n -e '\t' )"
if [ "$value" = "$TAB" ]; then
value=""
fi
if [ "$param" = "NFQWS_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS_PORTS_UDP_KEEPALIVE" ]; then
[ "$value" = "0" ] && value=""
fi
if [ "$param" = "NFQWS_OPT" -a "$value" != "" ]; then
value=$( echo -n "$value" | sed '/^#/d' )
fi
if [ "$vtype" = "str" ]; then
set_param_value_str $param "$value"
else
set_param_value $param $value
fi
}
sync_param MODE
if [ ! -f "$ZAPRET_CONFIG" ]; then
if [ ! -f "$ZAPRET_CONFIG_DEF" ]; then
touch "$ZAPRET_CONFIG"
else
cp -f "$ZAPRET_CONFIG_DEF" "$ZAPRET_CONFIG"
fi
fi
cp -f "$ZAPRET_CONFIG" "$ZAPRET_CONFIG_NEW"
ZAPRET_CONFIG__SAVED="$ZAPRET_CONFIG"
ZAPRET_CONFIG="$ZAPRET_CONFIG_NEW"
sync_param FWTYPE
sync_param POSTNAT
sync_param FLOWOFFLOAD
sync_param INIT_APPLY_FW
sync_param DISABLE_IPV4
sync_param DISABLE_IPV6
sync_param FILTER_TTL_EXPIRED_ICMP
sync_param MODE_FILTER
sync_param DISABLE_CUSTOM
sync_param WS_USER str
sync_param DAEMON_LOG_ENABLE
sync_param DAEMON_LOG_FILE str
sync_param AUTOHOSTLIST_RETRANS_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_TIME
sync_param AUTOHOSTLIST_DEBUGLOG
sync_param NFQWS_ENABLE
sync_param DESYNC_MARK
sync_param DESYNC_MARK_POSTNAT
sync_param NFQWS_OPT_DESYNC str
sync_param NFQWS_OPT_DESYNC_SUFFIX str
sync_param MODE_HTTP
sync_param MODE_HTTP_KEEPALIVE
sync_param HTTP_PORTS
sync_param NFQWS_OPT_DESYNC_HTTP str
sync_param NFQWS_OPT_DESYNC_HTTP_SUFFIX str
sync_param NFQWS_OPT_DESYNC_HTTP6 str
sync_param NFQWS_OPT_DESYNC_HTTP6_SUFFIX str
sync_param MODE_HTTPS
sync_param HTTPS_PORTS
sync_param NFQWS_OPT_DESYNC_HTTPS str
sync_param NFQWS_OPT_DESYNC_HTTPS_SUFFIX str
sync_param NFQWS_OPT_DESYNC_HTTPS6 str
sync_param NFQWS_OPT_DESYNC_HTTPS6_SUFFIX str
sync_param MODE_QUIC
sync_param QUIC_PORTS
sync_param NFQWS_OPT_DESYNC_QUIC str
sync_param NFQWS_OPT_DESYNC_QUIC_SUFFIX str
sync_param NFQWS_OPT_DESYNC_QUIC6 str
sync_param NFQWS_OPT_DESYNC_QUIC6_SUFFIX str
sync_param NFQWS_PORTS_TCP str
sync_param NFQWS_PORTS_UDP str
sync_param NFQWS_TCP_PKT_OUT str
sync_param NFQWS_TCP_PKT_IN str
sync_param NFQWS_UDP_PKT_OUT str
sync_param NFQWS_UDP_PKT_IN str
sync_param NFQWS_PORTS_TCP_KEEPALIVE str
sync_param NFQWS_PORTS_UDP_KEEPALIVE str
sync_param NFQWS_OPT str
ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED"
if is_valid_config "$ZAPRET_CONFIG_NEW" ; then
cp -f "$ZAPRET_CONFIG_NEW" "$ZAPRET_CONFIG"
rm -f "$ZAPRET_CONFIG_NEW"
else
rm -f "$ZAPRET_CONFIG_NEW"
return 97
fi

18
zapret/uci-def-cfg.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
# create empty txt files into ipset directory
[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt"
#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt"
#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt"
# create or merge uci-config
$ZAPRET_BASE/renew-cfg.sh

32
zapret/zapret.config
View File

@@ -1,32 +0,0 @@
config main 'config'
option autostart '0'
option FWTYPE 'nftables'
option MODE 'nfqws'
option FLOWOFFLOAD 'none'
option INIT_APPLY_FW '1'
option DISABLE_IPV4 '0'
option DISABLE_IPV6 '1'
option MODE_FILTER 'hostlist'
option DESYNC_MARK '0x40000000'
option DESYNC_MARK_POSTNAT '0x20000000'
option NFQWS_OPT_DESYNC '--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin'
option NFQWS_OPT_DESYNC_SUFFIX ''
option MODE_HTTP '1'
option MODE_HTTP_KEEPALIVE '0'
option HTTP_PORTS '80'
option NFQWS_OPT_DESYNC_HTTP ''
option NFQWS_OPT_DESYNC_HTTP_SUFFIX ''
option NFQWS_OPT_DESYNC_HTTP6 ''
option NFQWS_OPT_DESYNC_HTTP6_SUFFIX ''
option MODE_HTTPS '1'
option HTTPS_PORTS '443'
option NFQWS_OPT_DESYNC_HTTPS ''
option NFQWS_OPT_DESYNC_HTTPS_SUFFIX ''
option NFQWS_OPT_DESYNC_HTTPS6 ''
option NFQWS_OPT_DESYNC_HTTPS6_SUFFIX ''
option MODE_QUIC '1'
option QUIC_PORTS '443'
option NFQWS_OPT_DESYNC_QUIC '--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15'
option NFQWS_OPT_DESYNC_QUIC_SUFFIX ''
option NFQWS_OPT_DESYNC_QUIC6 ''
option NFQWS_OPT_DESYNC_QUIC6_SUFFIX ''