Mirror/zapret-openwrt
1
0
Fork 0
mirror of https://github.com/remittor/zapret-openwrt.git synced 2026-01-04 07:38:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirror:v65-20241025-23.05
Branches Tags
Mirror:master Mirror:zap1 Mirror:gh-pages
Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012
...
compare: Mirror:v72.20251022
Branches Tags
Mirror:master Mirror:zap1 Mirror:gh-pages
Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012

107 Commits
v65-202410 ... v72.202510

Author SHA1 Message Date
remittor
44ff0ec3e1 Bump version to v72.20251022 2025-10-22 15:15:29 +03:00
remittor
65d90d8ed3 luci: Open each link on new page 2025-10-22 15:11:39 +03:00
remittor
e8dfb187e3 Bump version to v72.20250924 2025-09-24 13:25:50 +03:00
remittor
1b2057f00f luci: Add examples for custom.d scripts 2025-09-23 12:09:18 +03:00
remittor
7941f12c63 Bump version to v71.20250918 2025-09-18 15:17:37 +03:00
remittor
81f4b493f6 Add FILTER_MARK support 2025-09-18 15:17:18 +03:00
remittor
bd2e62c8a6 Bump version to v71.20250708 2025-07-08 11:55:41 +03:00
remittor
caa82938c1 ipset: Update zapret-hosts-google.txt 2025-07-08 11:54:28 +03:00
remittor
b1fd577bd1 config: Update default config (v71) 2025-07-08 11:46:05 +03:00
remittor
e8fc868226 Bump version to v71.20250607 2025-06-07 22:06:10 +03:00
remittor
2670ff2985 build: Exclude arch arm_cortex-a7_neon-vfpv4 for SNAPSHOT 2025-06-07 22:05:49 +03:00
remittor
dda8f254a0 comfunc: MiniFix in init_before_start 2025-06-07 15:17:18 +03:00
remittor
62401bbad5 Bump version to v70.20250505 2025-05-05 15:26:18 +03:00
remittor
c31fab4aaf config: Add new param FILTER_TTL_EXPIRED_ICMP 
Source: dc1dc5c876
 2025-05-05 15:26:17 +03:00
remittor
d56cd06281 luci: Fix access to files into custom.d dir 2025-05-05 15:26:17 +03:00
remittor
5f681a372a install: Patch luci header.ut for force update browser-cache 
Aux info: https://github.com/openwrt/luci/pull/7725
 2025-05-05 15:26:17 +03:00
remittor
d9d339e157 comfunc: Fix stdout into func adapt_for_sed 2025-05-05 15:26:17 +03:00
remittor
dfbd77bb91 install: Check service running before stop 2025-04-27 20:30:01 +03:00
remittor
aa4adc0c50 Bump version to v70.20250419 2025-04-19 17:59:55 +03:00
remittor
919c91a6c7 luci: Fix get service info on OpenWrt 21.02 2025-04-19 17:59:31 +03:00
remittor
da2cf34f9f config: Remove comment-line from NFQWS_OPT on sync 2025-04-19 17:58:52 +03:00
remittor
6b1825387f luci: Add link to help page for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
ca2b1378c6 luci: Fix view multiline for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
d0b03e60b6 config: Fix process empty value for NFQWS_PORTS_xxx_KEEPALIVE 2025-04-18 14:07:00 +03:00
remittor
d4fb54c2c0 Bump version to v70.20250405 2025-04-05 12:03:52 +03:00
remittor
5a7676c6f5 luci: Update link to discord custom script 2025-04-04 19:51:38 +03:00
remittor
60865aa602 ipset: Add file "zapret-hosts-user.txt" 2025-03-31 20:08:32 +03:00
remittor
f6dd684b62 comfunc: Delete auto preset "abra-cadabra.com" 2025-03-31 20:03:09 +03:00
remittor
fee8520332 Revert "build: Exclude arch arm_cortex-a7_neon-vfpv4" 
This reverts commit f912f30944.
 2025-03-28 21:21:25 +03:00
remittor
d317bcf541 Bump version to v70.20250323 2025-03-23 12:43:45 +03:00
remittor
1d27f12791 luci: Fix version check for v24.10 release pkg 2025-03-23 12:43:27 +03:00
remittor
f912f30944 build: Exclude arch arm_cortex-a7_neon-vfpv4 2025-03-23 10:39:22 +03:00
remittor
2fb9ff7095 build: Remove arch arm_mpcore 2025-03-23 08:48:01 +03:00
remittor
8792204b57 build: Add arch aarch64_cortex-a76 2025-03-23 08:41:10 +03:00
remittor
59aaa0c3eb build: Using 24.10 branch 2025-03-23 08:39:57 +03:00
remittor
f77e985d37 ipset: Add play.google.com into zapret-hosts-user-exclude.txt 2025-02-25 10:47:18 +03:00
remittor
fa668eaaff ipset: add localhost to zapret-hosts-user-exclude.txt 2025-02-25 10:46:22 +03:00
remittor
6deb6f70fb init: Fix empty zapret-hosts-user.txt on start daemons 2025-02-25 10:41:38 +03:00
remittor
d234b5f762 Bump version to v70.20250213 2025-02-13 08:49:40 +03:00
remittor
7a36045383 luci: Fix initialization L.sysFeatures 2025-02-13 08:48:47 +03:00
remittor
55036bc03c init: Add cron task for removing huge log-files 2025-02-12 20:36:43 +03:00
remittor
f2e6b6fc7e luci: Rename blacklist to HostList 2025-02-12 20:27:37 +03:00
remittor
e2313c9096 luci: Add human readable messages (dmnlog) 2025-02-11 21:21:49 +03:00
remittor
a2fe8816f1 init: Fix ipset permissions on restart 2025-02-11 19:12:03 +03:00
remittor
71794ca7e0 readme: Update badges (add actual version) 2025-02-11 10:10:48 +03:00
remittor
cded72542e Bump version to v70.20250210 2025-02-10 21:03:36 +03:00
remittor
31522f53d7 config: Fix bug (add option DAEMON_LOG_FILE for sync) 2025-02-10 21:03:03 +03:00
remittor
794f86a34c luci: Fix refresh textarea with logs 2025-02-10 19:50:03 +03:00
remittor
2529444929 luci: Use fs.read_direct instead fs.exec_direct 2025-02-10 15:00:12 +03:00
remittor
8ef98e1bcd luci: Transfer option DISABLE_CUSTOM to tab custom.d 2025-02-10 14:56:52 +03:00
remittor
57cfc5af29 install: Fix file permissions 2025-02-10 14:03:22 +03:00
remittor
8e783c4bd6 init: Fix bug (remove log on each start) 2025-02-10 09:51:56 +03:00
remittor
f7114167eb init: Remove logs on start and restart 2025-02-09 20:55:44 +03:00
remittor
adab5d93c5 luci: Add log viewer 2025-02-09 20:42:51 +03:00
remittor
41df444327 config: Add new option DAEMON_LOG_ENABLE 2025-02-09 13:28:59 +03:00
remittor
c187d544e3 build: Add init step 2025-02-09 11:59:21 +03:00
remittor
c524434b43 build: Add option TEST_BUILD 2025-02-09 11:35:01 +03:00
remittor
b73f7e93d6 build: Disable JS minification 2025-02-09 09:57:53 +03:00
remittor
4c224634c1 config: Add new option WS_USER 2025-02-08 16:13:02 +03:00
remittor
82fafaa6fe config: Add new option DISABLE_CUSTOM 2025-02-05 20:14:11 +03:00
remittor
768ebb6241 readme: Add new badges 2025-01-31 12:52:45 +03:00
remittor
0891e9d2fa github: Cleanup build script 2025-01-17 11:30:08 +03:00
remittor
fbb1239606 readme: Add download counter for latest release 2025-01-17 11:26:36 +03:00
remittor
88d82932c9 Bump version to v70.20250116 2025-01-16 19:57:33 +03:00
remittor
d169c51a11 github: Global changes 2025-01-16 19:57:22 +03:00
remittor
474baa09aa readme: Add download counter 2025-01-16 14:27:41 +03:00
remittor
b9621559c3 luci: Add support custom.d scripts 2025-01-14 09:14:14 +03:00
remittor
e0fd21187b Bump version to v70-20250109 2025-01-09 12:33:23 +03:00
remittor
47822364d5 luci: Forced use busybox ps 2024-12-13 21:32:55 +03:00
remittor
72d1ac6d7a Bump version to v69-20241206 2024-12-06 21:27:16 +03:00
remittor
b1c289c397 github: Exclude arch arm_cortex-a9_vfpv3-d16 2024-12-06 21:26:50 +03:00
remittor
ce1563dc7d Bump version to v69-20241123 2024-11-23 20:44:17 +03:00
remittor
566f3376ae readme: Add about of tool 2024-11-21 18:11:40 +03:00
remittor
e377c7aa4d Bump version to v69-20241121 2024-11-21 18:10:59 +03:00
remittor
a36853921e github: Add support SNAPSHOT branch 2024-11-21 18:10:27 +03:00
remittor
bddb0f395d readme: Add donation address 2024-11-21 12:17:18 +03:00
remittor
9719c11a58 luci: Adapt code for APK support 2024-11-21 10:39:54 +03:00
remittor
51fc9739d8 config: Skip run_on_boot option on restore default uci-config 2024-11-20 22:08:40 +03:00
remittor
5f584bcf58 config: Renew default config (v69) 
Source: https://github.com/bol-van/zapret-win-bundle/blob/master/zapret-winws/preset_russia.cmd
 2024-11-19 21:09:36 +03:00
remittor
cedb032eee Bump version to v69-20241118 2024-11-18 16:55:09 +03:00
remittor
8ea92829c8 init: Log enabled status only on boot 2024-11-17 13:40:54 +03:00
remittor
cdbd9c80e0 install: Enable service when upgrade package 2024-11-17 13:39:45 +03:00
remittor
0cd2c5b088 Bump version to v68-20241115 2024-11-15 22:25:24 +03:00
remittor
2b178173de Add many new scripts for manage service 2024-11-15 22:25:24 +03:00
remittor
b0953bbaaf luci: Add removing quotes from DESYNC_OPT param 2024-11-13 21:23:01 +03:00
remittor
d595f1eaa3 config: Add check syntax of main config into sync_config.sh 2024-11-13 21:15:20 +03:00
remittor
f8905bf0d4 luci: Allow to reset and sync settings during service error 2024-11-13 20:32:27 +03:00
remittor
e6c901a06a install: Check syntax of main config on install and uninstall 2024-11-12 22:38:45 +03:00
remittor
4811af79da Remove PKG_RELEASE from all Makefiles 
Reason: for compatibility with OpenWrt 24+
 2024-11-12 20:15:56 +03:00
remittor
c0d77d6c8a Bump version to v68-20241110 2024-11-11 10:29:54 +03:00
remittor
d03ca95c93 github: Fix auto build (add setup for SDK) 2024-11-11 10:29:54 +03:00
remittor
f42c6da005 config: Update default desync config 2024-11-11 10:29:53 +03:00
remittor
1b2bd2bdd5 luci: Catch incorrect JSON into function decode_svc_info 2024-11-11 10:29:53 +03:00
remittor
2cf3d0b996 Bump version to v67-20241030 2024-10-30 15:19:16 +03:00
remittor
d463d2e39e config: Fix bug in default config (forced use google hostlist) 2024-10-30 15:18:57 +03:00
remittor
148a397051 install: Replace default hostlist "zapret-hosts-user.txt" to "zapret-hosts-google.txt" 2024-10-30 13:10:56 +03:00
remittor
9f73af44dd ipset: Rename "zapret-hosts-user.txt" to "zapret-hosts-google.txt" 2024-10-30 12:41:35 +03:00
remittor
40f0432b1c config: luci: Add support new hostlist file "zapret-hosts-google.txt" 2024-10-30 12:40:26 +03:00
remittor
ca11a6cd55 ipset: Remove empty txt files from ipset directory 2024-10-30 12:15:28 +03:00
remittor
39833fdcea config: Add info about <HOSTLIST_NOAUTO> (new in v67) 2024-10-30 11:59:40 +03:00
remittor
425fde748f luci: Add button "Reset settings" 2024-10-30 11:22:28 +03:00
remittor
0df621f443 Bump version to v66-20241026 2024-10-26 17:37:06 +03:00
remittor
f17b00c107 config: luci: Adapt settings for Zapret v66 (new config format) 2024-10-26 17:34:48 +03:00
remittor
c67ce19626 luci: Add support multiline long string editing 2024-10-26 15:46:27 +03:00
remittor
4b932b2c4a luci: Fix detect daemons status (empty instances dict) 2024-10-26 15:18:52 +03:00
remittor
a8d25b2d2b config: luci: Add AutoHostList settings 2024-10-26 11:23:45 +03:00
Oleg S.
9f40c1fcd1 readme: Add screenshot of main page 2024-10-25 15:25:29 +03:00
30 changed files with 1727 additions and 495 deletions
Expand all files Collapse all files

31
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,31 @@
# These are supported funding model platforms
# Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
github:
# Replace with a single Patreon username
patreon:
# Replace with a single Open Collective username
open_collective:
# Replace with a single Ko-fi username
ko_fi:
# Replace with a single Tidelift platform-name/package-name e.g., npm/babel
tidelift:
# Replace with a single Community Bridge project-name e.g., cloud-foundry
community_bridge:
# Replace with a single Liberapay username
liberapay:
# Replace with a single IssueHunt username
issuehunt:
# Replace with a single Otechie username
otechie:
# Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
custom: ['https://github.com/remittor/donate']

255
.github/workflows/build.yml vendored
View File

@@ -2,9 +2,47 @@ name: build
on:
workflow_dispatch:
inputs:
test_build:
description: 'Test build'
required: false
default: 'false'
type: choice
options:
- true
- false
fake_build:
description: 'Fake build'
required: false
default: 'false'
type: choice
options:
- true
- false
max_speed:
description: 'Build with max speed'
required: false
default: 'true'
type: choice
options:
- true
- false
push:
tags:
- '*'
- v[0-9]+*
env:
TEST_BUILD: ${{ github.event.inputs.test_build == 'true' }}
FAKE_BUILD: ${{ github.event.inputs.fake_build == 'true' }}
MAX_SPEED: ${{ github.event.inputs.max_speed != 'false' }}
TAG_SUFFIX: ${{ github.event.inputs.fake_build == 'true' && '-fake' || github.event.inputs.test_build == 'true' && '-test' || '' }}
REPO_URL: https://github.com/remittor/zapret-openwrt
REPO_LNK: remittor/zapret-openwrt
REPO_BRANCH: master
BUILD_ROOT: ${{ github.workspace }}/builder
BUILD_DATE: unknown
REPO_DATE: unknown
LUCI_ARCH: aarch64_cortex-a53
jobs:
check:
@@ -15,38 +53,45 @@ jobs:
sha: ${{ steps.gh.outputs.sha }}
url: ${{ steps.gh.outputs.url }}
message: ${{ steps.gh.outputs.message }}
build_date: ${{ steps.gh.outputs.build_date }}
fw_date: ${{ steps.gh.outputs.fw_date }}
is_active: ${{ steps.activity.outputs.is_active }}
test_build: ${{ env.TEST_BUILD }}
fake_build: ${{ env.FAKE_BUILD }}
steps:
- name: Get repo data via GH API
id: gh
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: 'remittor/zapret-openwrt'
run: |
echo "Tag name from GITHUB_REF_NAME: $GITHUB_REF_NAME"
echo "Tag name from github.ref_name: ${{ github.ref_name }}"
BRANCH=$(gh api repos/$REPO --jq '.default_branch')
DATE=$(gh api repos/$REPO/commits/$BRANCH --jq '.commit.committer.date')
BRANCH=$(gh api repos/$REPO_LNK --jq '.default_branch')
REPO_DATE=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.committer.date')
BUILD_DATE=$( date --utc +'%Y%m%d' )
FW_DATE=$( date --utc +'%Y-%m-%d' )
{
echo "tag=$GITHUB_REF_NAME"
echo "date=$(date --utc -d $DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO/commits/$BRANCH --jq '.html_url')"
echo "date=$(date --utc -d $REPO_DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.html_url')"
echo "message<<EOF"
gh api repos/$REPO/commits/$BRANCH --jq '.commit.message'
gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.message'
echo EOF
echo "build_date=$BUILD_DATE"
echo "fw_date=$FW_DATE"
} >> $GITHUB_OUTPUT
echo "DATE=$DATE" >> $GITHUB_ENV
echo "REPO_DATE=$REPO_DATE" >> $GITHUB_ENV
- name: Check for repo activity
id: activity
env:
DATE: ${{ env.DATE }}
REPO_DATE: ${{ env.REPO_DATE }}
URL: ${{ steps.gh.outputs.url }}
run: |
TIMESTAMP=$(date --utc -d $DATE +%s)
TIMESTAMP=$(date --utc -d $REPO_DATE +%s)
DAYS=$(( ( $(date --utc +%s) - $TIMESTAMP ) / 86400 ))
echo "Repository activity: $(date --utc -d $DATE)"
echo "Repository activity: $(date --utc -d $REPO_DATE)"
echo "Commit: $URL"
if [ "${{ github.event_name }}" != "schedule" ]; then
is_active=true
@@ -63,12 +108,13 @@ jobs:
#if: needs.check.outputs.is_active == 'true'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
#branch: [ openwrt-22.03, openwrt-23.05 ]
branch: [ openwrt-23.05 ]
branch: [ openwrt-24.10, SNAPSHOT ]
arch:
- aarch64_cortex-a53
- aarch64_cortex-a72
- aarch64_cortex-a76
- aarch64_generic
- arm_arm1176jzf-s_vfp
- arm_arm926ej-s
@@ -82,7 +128,6 @@ jobs:
- arm_cortex-a9_neon
- arm_cortex-a9_vfpv3-d16
- arm_fa526
- arm_mpcore
- arm_xscale
- mips64_octeonplus
- mips_24kc
@@ -93,135 +138,215 @@ jobs:
- mipsel_74kc
- mipsel_mips32
- x86_64
#include:
# - branch: SNAPSHOT
# arch: x86_64
#exclude:
# - branch: openwrt-22.03
# arch: arm_fa526
# - branch: openwrt-22.03
# arch: arm_mpcore
isTestOrFake:
- ${{ needs.check.outputs.test_build == 'true' || needs.check.outputs.fake_build == 'true' }}
exclude:
- branch: SNAPSHOT
arch: arm_cortex-a9_vfpv3-d16
- branch: SNAPSHOT
arch: arm_cortex-a7_neon-vfpv4
- { isTestOrFake: true }
include:
- branch: openwrt-24.10
arch: x86_64
- branch: openwrt-24.10
arch: aarch64_cortex-a53
- branch: SNAPSHOT
arch: aarch64_cortex-a53
container:
image: openwrt/sdk:${{ matrix.arch }}-${{ matrix.branch }}
options: --user root
outputs:
pkgver: ${{ steps.build.outputs.pkgver }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: 'remittor/zapret-openwrt'
repository: ${{ env.REPO_LNK }}
path: zapret-openwrt
- name: Setup OpenWrt SDK
working-directory: /builder
env:
BRANCH: ${{ matrix.branch }}
shell: bash
run: |
# gpg --verbose --recv-keys 0x1D53D1877742E911
gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc')
# disable check signatures
sed -i 's/gpg --/#gpg --/g' setup.sh
# disable cleanup keys
sed -r -i 's/^rm.+//' setup.sh
./setup.sh
ls -lh
if [ "$BRANCH" = "openwrt-24.10" ]; then
echo "PKGTYPE=ipk" >> $GITHUB_ENV
else
echo "PKGTYPE=apk" >> $GITHUB_ENV
fi
- name: Setup ccache
uses: actions/cache@v4
with:
path: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
path: '/builder/.ccache'
key: ccache-${{ matrix.arch }}-${{ matrix.branch }}-${{ github.run_id }}
restore-keys: |
ccache-${{ matrix.arch }}-${{ matrix.branch }}-
- name: Build packages
id: build
working-directory: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt' || '/builder' }}
- name: Init packages
id: init
working-directory: '/builder'
env:
DATE: ${{ needs.check.outputs.date }}
SHA: ${{ needs.check.outputs.sha }}
FAKE_BUILD: ${{ env.FAKE_BUILD == 'true' || ( env.TEST_BUILD == 'true' && matrix.branch == 'SNAPSHOT' ) }}
BUILD_DATE: ${{ needs.check.outputs.build_date }}
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
CCACHE_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
CCACHE_DIR: '/builder/.ccache'
shell: bash
run: |
#export PKG_VERSION=$(date --utc -d $DATE +%Y%m%d)
#find $GITHUB_WORKSPACE/zapret-openwrt -type d -path '*/package/zapret' -exec cp -r {} ./package \;
cp -r $GITHUB_WORKSPACE/zapret-openwrt ./package/zapret-openwrt/
PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt
MKFN=$PKGDIR/luci-app-zapret/Makefile
PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 )
echo "PKG_VERSION = $PKGVER"
cp -vr $PKGDIR ./package/zapret-openwrt/
mv feeds.conf.default feeds.conf
sed -i -e 's|base.*\.git|base https://github.com/openwrt/openwrt.git|' feeds.conf
sed -i -e 's|packages.*\.git|packages https://github.com/openwrt/packages.git|' feeds.conf
sed -i -e 's|luci.*\.git|luci https://github.com/openwrt/luci.git|' feeds.conf
mkdir -p ./logs
./scripts/feeds update base packages luci
./scripts/feeds install -a
if [ "$FAKE_BUILD" = "false" ]; then
./scripts/feeds update base packages luci
./scripts/feeds install -a
fi
echo "FAKE_BUILD=$FAKE_BUILD" >> $GITHUB_ENV
echo "PKGVER=$PKGVER" >> $GITHUB_ENV
echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT
echo "status=success" >> $GITHUB_OUTPUT
- name: Build packages
id: build
if: steps.init.outputs.status == 'success'
working-directory: '/builder'
env:
BUILD_DATE: ${{ needs.check.outputs.build_date }}
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
CCACHE_DIR: '/builder/.ccache'
shell: bash
run: |
MAKE_JOBS=$(($(nproc)+1))
echo "$MAKE_JOBS thread compile"
make defconfig
echo "------------- .config BEG -------------------"
cat .config
echo "------------- .config END -------------------"
if [ "$FAKE_BUILD" = "false" ]; then
make defconfig
sed -i 's/CONFIG_LUCI_JSMIN=y/CONFIG_LUCI_JSMIN=n/g' .config
echo "------------- .config BEG -------------------"
cat .config
echo "------------- .config END -------------------"
if [ "$ARCH" = "$LUCI_ARCH" ]; then
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile`
else
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net}/compile`
fi
if [ "$MAX_SPEED" = "false" ]; then
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
else
make -j$MAKE_JOBS $PKGLIST CONFIG_CCACHE=1
fi
else
OUT_DIR=./bin/packages/dev_x/base
mkdir -p $OUT_DIR
touch $OUT_DIR/zapret_$PKGVER-$ARCH.$PKGTYPE
touch $OUT_DIR/luci-app-zapret_$PKGVER-all.$PKGTYPE
fi
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile`
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.ipk$" -delete
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete
#echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source"
#ln -s `which usign` staging_dir/host/bin/usign
#echo "$SIGN_KEY" | base64 -d > key-build
#make package/index
tar -C ./bin/packages/*/base -cvf $GITHUB_WORKSPACE/ipk-$BRANCH-$ARCH.tar --transform "s|^\./|${BRANCH/openwrt-}/$ARCH/|" --show-transformed-names .
OUTDIR=$GITHUB_WORKSPACE/$PKGTYPE-$ARCH
mkdir -p $OUTDIR
cp -R ./bin/packages/*/base/. $OUTDIR/
./staging_dir/host/bin/ccache --max-size=10M --show-stats
echo "OUTDIR=$OUTDIR" >> $GITHUB_ENV
echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT
echo "status=success" >> $GITHUB_OUTPUT
- name: Compress build logs
if: always()
env:
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
LOGS_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/logs' || '/builder/logs' }}
LOGS_DIR: '/builder/logs'
run: |
tar -cJvf logs-$BRANCH-$ARCH.tar.xz $LOGS_DIR
- name: Upload packages
if: steps.build.outcome == 'success'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@main
with:
name: ipk-${{ matrix.branch }}-${{ matrix.arch }}
path: ./**/ipk-${{ matrix.branch }}-${{ matrix.arch }}.tar
path: ${{ env.OUTDIR }}
name: zapret,${{ env.PKGTYPE }},${{ matrix.arch }}
if-no-files-found: error
- name: Upload build logs
if: always()
uses: actions/upload-artifact@v4
with:
path: logs-*.tar.xz
name: logs-${{ matrix.branch }}-${{ matrix.arch }}
path: ./**/logs-*.tar.xz
release:
needs: [ check, build ]
permissions:
contents: write
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
#branch: [ '22.03', '23.05' ]
branch: [ '23.05' ]
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
pattern: ipk-*
pattern: zapret,*
- name: Put ipk into zip
- name: Put packages into zip
env:
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
DATE: ${{ needs.check.outputs.date }}
BUILD_DATE: ${{ needs.check.outputs.build_date }}
PKGVER: ${{ needs.build.outputs.pkgver }}
run: |
echo "------------- DIR BEG -------------------"
ls -la
echo "------------- DIR END -------------------"
mkdir -p sorted
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)/apk' \;
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)/apk' \;
LUCI_IPK=$( find . -type f -path "*/zapret,ipk,*/luci-app-zapret*.ipk" -print | head -n 1 )
LUCI_APK=$( find . -type f -path "*/zapret,apk,*/luci-app-zapret*.apk" -print | head -n 1 )
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \;
find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \;
mkdir -p public
find . -name "ipk-openwrt-$BRANCH-*.tar" -exec tar -xvf {} --wildcards '*.ipk' \;
find $BRANCH -mindepth 1 -type d -exec sh -c 'zip -0 ./public/zapret_${TAG}_$(basename {}).zip -j {} {}/*' \;
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \;
ls -lh ./public/*.zip
- name: Upload assets
uses: andelf/nightly-release@main
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
with:
prerelease: false
tag_name: ${{ needs.check.outputs.tag }}-${{ matrix.branch }}
name: '${{ needs.check.outputs.tag }} for OpenWrt ${{ matrix.branch }}'
prerelease: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }}
tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }}
name: zapret v${{ needs.build.outputs.pkgver }}
body: |
${{ needs.check.outputs.url }}: ${{ needs.check.outputs.message }}
zapret v${{ needs.build.outputs.pkgver }} for OpenWrt
files: ./public/*.zip

17
README.md
View File

@@ -1,6 +1,21 @@
[![build](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml/badge.svg)](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml)
[![GitHub Release](https://img.shields.io/github/release/remittor/zapret-openwrt)](https://github.com/remittor/zapret-openwrt/releases)
[![Github All Releases](https://img.shields.io/github/downloads/remittor/zapret-openwrt/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![Github Latest Release](https://img.shields.io/github/downloads/remittor/zapret-openwrt/latest/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![ViewCount](https://views.whatilearened.today/views/github/remittor/zapret-openwrt.svg)](https://github.com/remittor/zapret-openwrt)
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fremittor%2Fzapret-openwrt&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=hits&edge_flat=false)](https://github.com/remittor/zapret-openwrt/releases)
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)
# zapret-openwrt
Zapret is not a VPN! Zapret is an Anti-DPI utility!
[Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapretopenwrt-package)
[Download page](https://github.com/remittor/zapret-openwrt/releases)
## Screenshots
![image](https://github.com/user-attachments/assets/b79940b3-6a0d-4310-bd58-e461be004397)
## Donations
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)

8
luci-app-zapret/Makefile
View File

@@ -5,9 +5,9 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-zapret
PKG_RELEASE:=20241025
PKG_VERSION:=65-$(PKG_RELEASE)
PKG_VERSION:=72.20251022
PKG_LICENSE:=MIT
PKG_MAINTAINER:=remittor <https://github.com/remittor>
LUCI_TITLE:=LuCI support for zapret
LUCI_DEPENDS:=+zapret
@@ -20,8 +20,8 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
rm -rf /tmp/luci-modulecache/
#killall -HUP rpcd 2>/dev/null
/etc/init.d/rpcd reload
/sbin/luci-reload
/etc/init.d/uhttpd reload
[ -f "/sbin/luci-reload" ] && /sbin/luci-reload
[ -f "/etc/init.d/uhttpd" ] && /etc/init.d/uhttpd reload
fi
exit 0
endef

200
luci-app-zapret/htdocs/luci-static/resources/view/zapret/dmnlog.js Normal file
View File

@@ -0,0 +1,200 @@
'use strict';
'require view';
'require fs';
'require form';
'require poll';
'require uci';
'require ui';
'require view.zapret.tools as tools';
return view.extend({
retrieveLog: async function() {
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', 'zapret+*.log' ]),
uci.load(tools.appName),
]).then(function(status_array) {
var filereader = status_array[0] ? status_array[0].path : null;
var log_data = status_array[1]; // stdout: multiline text
if (log_data.code != 0) {
ui.addNotification(null, E('p', _('Unable to get log files') + '(code = ' + log_data.code + ') : retrieveLog()'));
return null;
}
var reason = '';
var uci_cfg = uci.get(tools.appName, 'config');
if (uci_cfg !== null && typeof(uci_cfg) === 'object') {
let flag = uci_cfg.DAEMON_LOG_ENABLE;
if (flag != '1') {
reason = ' (Reason: option DAEMON_LOG_ENABLE = ' + flag + ')';
}
}
if (typeof(log_data.stdout) !== 'string') {
return 'Log files not found.' + reason;
}
var log_list = log_data.stdout.trim().split('\n');
if (log_list.length <= 0) {
return 'Log files not found!' + reason;
}
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/') && logfn.endsWith('+main.log')) {
log_list.splice(i, 1);
log_list.unshift(logfn);
break;
}
}
var tasks = [ ];
var logdata = [ ];
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/')) {
//console.log('LOG: ' + logfn);
logdata.push( { filename: logfn, data: null, rows: 0 } );
tasks.push( fs.read_direct(logfn) );
}
}
return Promise.all(tasks).then(function(log_array) {
for (let i = 0; i < log_array.length; i++) {
if (log_array[i]) {
logdata[i].data = log_array[i];
logdata[i].rows = tools.getLineCount(log_array[i]) + 1;
}
}
return logdata;
}).catch(function(e) {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ %s | %s | %s ]'.format(
e.message, 'retrieveLogData', 'uci.zapret'
)));
return null;
});
}).catch(function(e) {
const [, lineno, colno] = e.stack.match(/(\d+):(\d+)/);
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ lineno: %s | %s | %s | %s ]'.format(
e.message, lineno, 'retrieveLog', 'uci.zapret'
)));
return null;
});
},
pollLog: async function() {
let logdate_len = -2;
let logdata;
for (let txt_id = 0; txt_id < 10; txt_id++) {
let elem = document.getElementById('dmnlog_' + txt_id);
if (!elem)
break;
if (logdate_len == -2) {
logdata = await this.retrieveLog();
logdate_len = (Array.isArray(logdata)) ? logdata.length : -1;
}
let elem_name = elem.getAttribute("name");
let founded = false;
if (logdate_len > 0) {
for (let log_num = 0; log_num < logdate_len; log_num++) {
if (logdata[log_num].filename == elem_name) {
if (logdata[log_num].data) {
elem.value = logdata[log_num].data;
elem.rows = logdata[log_num].rows;
founded = true;
//console.log('POLL: updated ' + elem_name);
}
break;
}
}
}
if (!founded) {
elem.value = '';
elem.rows = 0;
}
}
},
load: async function() {
poll.add(this.pollLog.bind(this));
return await this.retrieveLog();
},
render: function(logdata) {
if (!logdata) {
return;
}
if (typeof(logdata) === 'string') {
return E('div', {}, [
E('p', {'class': 'cbi-title-field'}, [ logdata ]),
]);
}
if (!Array.isArray(logdata)) {
ui.addNotification(null, E('p', _('Unable to get log files') + ' : render()'));
return;
}
var h2 = E('div', {'class' : 'cbi-title-section'}, [
E('h2', {'class': 'cbi-title-field'}, [ _('Zapret') + ' - ' + _('Log Viewer') ]),
]);
var tabs = E('div', {}, E('div'));
for (let log_num = 0; log_num < logdata.length; log_num++) {
//console.log('REN: ' + logdata[log_num].filename + ' : ' + logdata[log_num].data.length);
var logfn = logdata[log_num].filename;
let filename = logfn.replace(/.*\//, '');
let fname = filename.split('.')[0];
fname = fname.replace(/^(zapret\+)/, '');
let fn = fname.split('+');
let tabNameText = fname.replace(/\+/g, ' ');
let tabname = 'tablog_' + log_num;
var scrollDownButton = null;
var scrollUpButton = null;
scrollDownButton = E('button', {
'id': 'scrollDownButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to tail', 'scroll to bottom (the tail) of the log file')
);
scrollDownButton.addEventListener('click', function() {
scrollUpButton.focus();
});
scrollUpButton = E('button', {
'id' : 'scrollUpButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to head', 'scroll to top (the head) of the log file')
);
scrollUpButton.addEventListener('click', function() {
scrollDownButton.focus();
});
let log_id = 'dmnlog_' + log_num;
let log_name = logdata[log_num].filename;
let log_text = (logdata[log_num].data) ? logdata[log_num].data : '';
let tab = E('div', { 'data-tab': tabname, 'data-tab-title': tabNameText }, [
E('div', { 'id': 'content_dmnlog_' + log_num }, [
E('div', {'style': 'padding-bottom: 20px'}, [ scrollDownButton ]),
E('textarea', {
'id': log_id,
'name': log_name,
'style': 'font-size:12px',
'readonly': 'readonly',
'wrap': 'off',
'rows': logdata[log_num].rows,
}, [ log_text ]),
E('div', {'style': 'padding-bottom: 20px'}, [ scrollUpButton ]),
]),
]);
tabs.firstElementChild.appendChild(tab);
}
ui.tabs.initTabGroup(tabs.firstElementChild.childNodes);
//this.pollFn = L.bind(this.handleScanRefresh, this);
//poll.add(this.pollFn);
return E('div', { }, [ h2, tabs ]);
},
handleSaveApply: null,
handleSave: null,
handleReset: null
});

119
luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js
View File

@@ -22,10 +22,15 @@ return view.extend({
restart : elems.btn_restart || document.getElementById('btn_restart'),
stop : elems.btn_stop || document.getElementById('btn_stop'),
update : elems.btn_update || document.getElementById('btn_update'),
reset : elems.btn_update || document.getElementById('btn_reset'),
};
},
disableButtons: function(flag, button, elems = { }) {
let error_code = 0;
if (Number.isInteger(button) && button < 0) {
error_code = button;
}
let btn = this.get_svc_buttons(elems);
btn.enable.disabled = flag;
btn.disable.disabled = flag;
@@ -33,14 +38,16 @@ return view.extend({
btn.restart.disabled = flag;
btn.stop.disabled = flag;
btn.update.disabled = true; // TODO
btn.reset.disabled = (error_code == 0) ? flag : false;
},
getAppStatus: function() {
return Promise.all([
tools.getInitState(tools.appName), // svc_state
fs.exec(tools.execPath, [ 'info' ]), // svc_info
fs.exec('/bin/ps'), // process list
fs.exec('/bin/opkg', [ 'list-installed', '*zapret*' ]), // installed packages
tools.getInitState(tools.appName), // svc_boot
fs.exec(tools.execPath, [ 'enabled' ]), // svc_en
tools.getSvcInfo(), // svc_info
fs.exec('/bin/busybox', [ 'ps' ]), // process list
fs.exec(tools.packager.path, tools.packager.args), // installed packages
uci.load(tools.appName), // config
]).catch(e => {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
@@ -56,45 +63,51 @@ return view.extend({
let elem_status = elems.status || document.getElementById("status");
elem_status.innerHTML = tools.makeStatusString(null);
ui.addNotification(null, E('p', _('Unable to read the contents') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
let svc_autorun = status_array[0] ? true : false;
let svc_info = status_array[1]; // stdout: JSON as text
let proc_list = status_array[2]; // stdout: multiline text
let pkg_list = status_array[3]; // stdout: installed packages
if (svc_info.code != 0) {
let svc_boot = status_array[0] ? true : false;
let svc_en = status_array[1]; // stdout: empty or error text
let svc_info = status_array[2]; // stdout: JSON as text
let proc_list = status_array[3]; // stdout: multiline text
let pkg_list = status_array[4]; // stdout: installed packages
//console.log('svc_en: ' + svc_en.code);
svc_en = (svc_en.code == 0) ? true : false;
if (typeof(svc_info) !== 'object') {
ui.addNotification(null, E('p', _('Unable to read the service info') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
if (proc_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to read process list') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
if (pkg_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
return;
}
let svcinfo;
if (force_app_status) {
svcinfo = force_app_status;
} else {
svcinfo = tools.decode_svc_info(svc_autorun, svc_info, proc_list, cfg);
svcinfo = tools.decode_svc_info(svc_en, svc_info, proc_list, cfg);
}
let btn = this.get_svc_buttons(elems);
btn.update.disabled = true; // TODO
btn.reset.disabled = false;
if (Number.isInteger(svcinfo)) {
ui.addNotification(null, E('p', _('Error')
+ ' %s: return code = %s'.format('decode_svc_info', svcinfo + ' ')));
this.disableButtons(true, null, elems);
this.disableButtons(true, -1, elems);
} else {
btn.enable.disabled = (svc_autorun) ? true : false;
btn.disable.disabled = (svc_autorun) ? false : true;
if (svcinfo.dmn.total == 0) {
btn.enable.disabled = (svc_en) ? true : false;
btn.disable.disabled = (svc_en) ? false : true;
if (!svcinfo.dmn.inited) {
btn.start.disabled = false;
btn.restart.disabled = true;
btn.stop.disabled = true;
@@ -134,7 +147,7 @@ return view.extend({
});
},
serviceActionEx: function(action, button) {
serviceActionEx: function(action, button, hide_modal = false) {
if (button) {
let elem = document.getElementById(button);
this.disableButtons(true, elem);
@@ -142,11 +155,32 @@ return view.extend({
poll.stop();
let _this = this;
return fs.exec(tools.syncCfgPath)
let exec_cmd = null;
let exec_arg = [ ];
let errmsg = 'ERROR:';
if (action == 'start' || action == 'restart') {
exec_cmd = tools.syncCfgPath;
errmsg = _('Unable to run sync_config.sh script.');
}
else if (action == 'reset') {
exec_cmd = tools.defaultCfgPath;
exec_arg = [ 'sync' ]; // restore config + sync configs
errmsg = _('Unable to run restore-def-cfg.sh script.');
action = null;
} else {
ui.addNotification(null, E('p', 'ERROR: unknown action'));
return null;
}
return fs.exec(exec_cmd, exec_arg)
.then(function(res) {
if (res.code != 0) {
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' res.code = ' + res.code));
ui.addNotification(null, E('p', errmsg + ' res.code = ' + res.code));
action = null; // return with error
}
if (hide_modal) {
ui.hideModal();
}
if (!action) {
return _this.getAppStatus().then(
(status_array) => {
_this.setAppStatus(status_array);
@@ -156,7 +190,7 @@ return view.extend({
return _this.serviceAction(action, null);
})
.catch(e => {
ui.addNotification(null, E('p', _('Unable to run sync_config.sh script.') + ' Error: ' + e.message));
ui.addNotification(null, E('p', errmsg + ' Error: ' + e.message));
});
},
@@ -192,35 +226,40 @@ return view.extend({
);
},
dialogDestroy: function(ev) {
dialogResetCfg: function(ev) {
ev.target.blur();
let cancel_button = E('button', {
'class': btn_style_neutral,
'click': ui.hideModal,
}, _('Cancel'));
let shutdown_btn = E('button', {
'class': btn_style_warning,
}, _('Shutdown'));
shutdown_btn.onclick = ui.createHandlerFn(this, () => {
cancel_button.disabled = true;
return this.appAction('destroy');
let resetcfg_btn = E('button', {
'class': btn_style_action,
}, _('Reset settings'));
resetcfg_btn.onclick = ui.createHandlerFn(this, () => {
//cancel_button.disabled = true;
return this.serviceActionEx('reset', resetcfg_btn, true);
});
ui.showModal(_('Shutdown'), [
ui.showModal(_('Reset settings to default'), [
E('div', { 'class': 'cbi-section' }, [
E('p', _('The service will be disabled. Continue?')),
E('p', _('All settings will be reset to default. Continue?')),
]),
E('div', { 'class': 'right' }, [
shutdown_btn,
' ',
cancel_button,
' ',
resetcfg_btn,
])
]);
},
load: function() {
return this.getAppStatus();
var _this = this;
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
]).then(function(data) {
return _this.getAppStatus();
});
},
render: function(status_array) {
@@ -229,7 +268,7 @@ return view.extend({
}
let cfg = uci.get(tools.appName, 'config');
let pkg_list = status_array[3];
let pkg_list = status_array[4];
if (pkg_list === undefined || typeof(pkg_list) !== 'object' || pkg_list.code != 0) {
ui.addNotification(null, E('p', _('Unable to enumerate installed packages') + ': setAppStatus()'));
return;
@@ -292,10 +331,11 @@ return view.extend({
let btn_update = create_btn('btn_update', btn_style_action, _('Update'));
btn_update.onclick = ui.createHandlerFn(this, () => { this.appAction('update', 'btn_update') });
layout_append(_('Update blacklist'), null, [ btn_update ] );
layout_append(_('Update HostLists'), null, [ btn_update ] );
let btn_destroy = create_btn('btn_destroy', btn_style_negative, _('Shutdown'));
btn_destroy.onclick = L.bind(this.dialogDestroy, this);
let btn_reset = create_btn('btn_reset', btn_style_action, _('Reset settings'));
btn_reset.onclick = L.bind(this.dialogResetCfg, this);
layout_append(_('Reset settings to default'), null, [ btn_reset ] );
let elems = {
"status": status_string,
@@ -305,6 +345,7 @@ return view.extend({
"btn_restart": btn_restart,
"btn_stop": btn_stop,
"btn_update": btn_update,
"btn_reset": btn_reset,
};
this.setAppStatus(status_array, elems);

297
luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
View File

@@ -64,10 +64,10 @@ return view.extend({
//o.value('iptables', 'iptables');
//o.value('ipfw', 'ipfw');
o = s.taboption(tabname, form.ListValue, 'MODE', _('MODE'));
o.value('nfqws', 'nfqws');
//o.value('tpws', 'tpws');
o = s.taboption(tabname, form.Flag, 'POSTNAT', _('POSTNAT'));
o.rmempty = false;
o.default = 1;
o = s.taboption(tabname, form.ListValue, 'FLOWOFFLOAD', _('FLOWOFFLOAD'));
o.value('donttouch', 'donttouch');
o.value('none', 'none');
@@ -86,39 +86,77 @@ return view.extend({
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Flag, 'FILTER_TTL_EXPIRED_ICMP', 'FILTER_TTL_EXPIRED_ICMP');
o.rmempty = false;
o.default = 1;
o = s.taboption(tabname, form.ListValue, 'MODE_FILTER', _('MODE_FILTER'));
//o.value('none', 'none');
//o.value('ipset', 'ipset');
o.value('hostlist', 'hostlist');
o.value('autohostlist', 'autohostlist');
o = s.taboption(tabname, form.Flag, 'MODE_HTTP', _('MODE_HTTP'));
o = s.taboption(tabname, form.Value, 'WS_USER', _('WS_USER'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'DAEMON_LOG_ENABLE', _('DAEMON_LOG_ENABLE'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Flag, 'MODE_HTTP_KEEPALIVE', _('MODE_HTTP_KEEPALIVE'));
/* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params';
s.tab(tabname, _('NFQWS options'));
let add_delim = function(sec, url = null) {
let o = sec.taboption(tabname, form.DummyValue, '_hr');
o.rawhtml = true;
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
if (url) {
o.default += '<br/>' + _('Help') + ': <a target=_blank href=%s>%s</a>'.format(url);
}
};
let add_param = function(sec, param, locname = null, rows = 10, multiline = false) {
if (!locname)
locname = param;
let btn = sec.taboption(tabname, form.Button, '_' + param + '_btn', locname);
btn.inputtitle = _('Edit');
btn.inputstyle = 'edit btn';
let val = sec.taboption(tabname, form.DummyValue, '_' + param);
val.rawhtml = multiline ? true : false;
val.cfgvalue = function(section_id) {
let value = uci.get(tools.appName, section_id, param);
if (value == null) {
return "";
}
value = value.trim();
if (multiline == 2) {
value = value.replace(/\n --/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/ --/g, "\n--");
}
if (val.rawhtml) {
value = value.replace(/</g, '˂');
value = value.replace(/>/g, '˃');
value = value.replace(/\n/g, '<br/>');
}
return value;
};
val.validate = function(section_id, value) {
return (value) ? value.trim() : "";
};
let desc = locname;
if (multiline == 2) {
desc += '<br/>' + _('Example') + ': <a target=_blank href=%s>%s</a>'.format(tools.nfqws_opt_url);
}
btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show();
};
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'HTTP_PORTS', _('HTTP_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'MODE_HTTPS', _('MODE_HTTPS'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'HTTPS_PORTS', _('HTTPS_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'MODE_QUIC', _('MODE_QUIC'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Value, 'QUIC_PORTS', _('QUIC_PORTS'));
o.rmempty = false;
o.datatype = 'string';
o.default = 1;
o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
//o.description = _("nfqws option for DPI desync attack");
@@ -130,82 +168,117 @@ return view.extend({
o.rmempty = false;
o.datatype = 'string';
/* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params';
s.tab(tabname, _('NFQWS options'));
let add_delim = function(sec) {
let o = sec.taboption(tabname, form.DummyValue, '_hr');
o.rawhtml = true;
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
};
let add_param = function(sec, param, locname = null, rows = 10) {
if (!locname)
locname = param;
let btn = sec.taboption(tabname, form.Button, '_' + param + '_btn', locname);
btn.inputtitle = _('Edit');
btn.inputstyle = 'edit btn';
let val = sec.taboption(tabname, form.DummyValue, '_' + param);
val.rawhtml = false;
val.cfgvalue = function(section_id) {
let name = uci.get(tools.appName, section_id, param);
if (name == null || name == "")
name = "";
return name;
};
val.validate = function(section_id, value) {
if (!value)
return "";
return value.trim();
};
btn.onclick = () => new tools.longstrEditDialog('config', param, param, locname, rows).show();
};
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTP6_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_HTTPS6_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC_SUFFIX');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6');
add_delim(s);
add_param(s, 'NFQWS_OPT_DESYNC_QUIC6_SUFFIX');
o = s.taboption(tabname, form.Value, 'FILTER_MARK', _('FILTER_MARK'));
o.rmempty = false;
o.validate = function(section_id, value) { return true; };
o.write = function(section_id, value) { return form.Value.prototype.write.call(this, section_id, (value == null || value.trim() == '') ? "\t" : value.trim()); };
/* Blacklist settings */
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP'));
o.rmempty = false;
o.datatype = 'string';
tabname = 'blacklist_tab';
s.tab(tabname, _('Blacklist settings'));
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries'));
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP_KEEPALIVE', _('NFQWS_PORTS_UDP_KEEPALIVE'));
o.rmempty = false;
o.datatype = 'uinteger';
add_delim(s, tools.nfqws_opt_url);
add_param(s, 'NFQWS_OPT', null, 21, 2);
/* AutoHostList settings */
tabname = 'autohostlist_tab';
s.tab(tabname, _('AutoHostList'));
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_THRESHOLD', _('RETRANS_THRESHOLD'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_THRESHOLD', _('FAIL_THRESHOLD'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_FAIL_TIME', _('FAIL_TIME'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Button, '_auto_host_btn', _('Auto host list entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.autoHostListFN;
o.onclick = () => new tools.fileEditDialog(
tools.autoHostListFN,
_('Auto host list'),
'',
'',
15
).show();
o = s.taboption(tabname, form.Flag, 'AUTOHOSTLIST_DEBUGLOG', _('DEBUGLOG'));
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.Button, '_auto_host_debug_btn', _('Auto host debug list entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.autoHostListDbgFN;
o.onclick = () => new tools.fileEditDialog(
tools.autoHostListDbgFN,
_('Auto host debug list'),
'',
'',
15
).show();
/* HostList settings */
tabname = 'hostlist_tab';
s.tab(tabname, _('Host lists'));
o = s.taboption(tabname, form.Button, '_google_entries_btn', _('Google hostname entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsGoogleFN;
o.onclick = () => new tools.fileEditDialog(
tools.hostsGoogleFN,
_('Google hostname entries'),
_('One hostname per line.<br />Examples:'),
'<code>youtube.com<br />googlevideo.com</code>',
15
).show();
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries <HOSTLIST>'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsUserFN;
o.onclick = () => new tools.fileEditDialog(
o.onclick = () => new tools.fileEditDialog(
tools.hostsUserFN,
_('User entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />facebook.com</code>',
15
).show();
@@ -213,11 +286,11 @@ return view.extend({
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsUserExcludeFN;
o.onclick = () => new tools.fileEditDialog(
o.onclick = () => new tools.fileEditDialog(
tools.hostsUserExcludeFN,
_('User excluded entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />gosuslugi.ru</code>',
15
).show();
@@ -271,6 +344,38 @@ return view.extend({
o.onclick = () => new tools.fileEditDialog(fn, name, '', '', 15).show();
}
/* custom.d files */
tabname = 'custom_d_tab';
s.tab(tabname, 'custom.d');
o = s.taboption(tabname, form.Flag, 'DISABLE_CUSTOM', _('DISABLE_CUSTOM'));
o.rmempty = false;
o.default = 0;
add_delim(s);
for (let i = 0; i < tools.customdPrefixList.length; i++) {
let num = tools.customdPrefixList[i];
let fn = tools.customdFileFormat.format(num.toString());
let name = _('custom.d script #' + num);
o = s.taboption(tabname, form.Button, '_customd_file%d_btn'.format(num), name);
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = fn;
let desc = '';
if (num == tools.discord_num) {
desc = _('Example') + ': ';
for (let k = 0; k < tools.discord_url.length; k++) {
let url = tools.discord_url[k];
if (k > 0) desc += ' <br> ';
const filename = url.substring(url.lastIndexOf("/") + 1).split("?")[0];
desc += '<a target=_blank href=' + url + '>' + filename + '</a>';
}
}
o.onclick = () => new tools.fileEditDialog(fn, name, desc, '', 15).show();
}
let map_promise = m.render();
map_promise.then(node => node.classList.add('fade-in'));
return map_promise;

178
luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js
View File

@@ -35,10 +35,13 @@ document.head.append(E('style', {'type': 'text/css'},
`));
return baseclass.extend({
packager : null,
appName : 'zapret',
execPath : '/etc/init.d/zapret',
syncCfgPath : '/opt/zapret/sync_config.sh',
defaultCfgPath : '/opt/zapret/restore-def-cfg.sh',
hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt',
hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt',
hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt',
iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt',
@@ -46,6 +49,18 @@ return baseclass.extend({
iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt',
custFileMax : 4,
custFileTemplate : '/opt/zapret/ipset/cust%s.txt',
customdPrefixList : [ 10, 20, 50, 60, 90 ] ,
customdFileFormat : '/opt/zapret/init.d/openwrt/custom.d/%s-script.sh',
discord_num : 50,
discord_url : [ 'https://github.com/bol-van/zapret/blob/4e8e3a9ed9dbeb1156db68dfaa7b353051c13797/init.d/custom.d.examples.linux/50-discord',
'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-discord-media',
'https://github.com/bol-van/zapret/blob/b251ea839cc8f04c45090314ef69fce69f2c00f2/init.d/custom.d.examples.linux/50-stun4all',
'https://github.com/bol-van/zapret/tree/master/init.d/custom.d.examples.linux'
],
nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/168',
autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt',
autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log',
infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>',
infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
@@ -63,6 +78,13 @@ return baseclass.extend({
running : { code: 4, name: _('Running') , label: this.infoLabelRunning },
},
callServiceList: rpc.declare({
object: 'service',
method: 'list',
params: [ 'name', 'verbose' ],
expect: { '': {} }
}),
callInitState: rpc.declare({
object: 'luci',
method: 'getInitList',
@@ -77,7 +99,35 @@ return baseclass.extend({
expect: { result: false }
}),
init_consts: function() {
if (!this.packager) {
this.packager = { };
if (L.hasSystemFeature('apk')) {
this.packager.name = 'apk';
this.packager.path = '/usr/bin/apk';
this.packager.args = [ 'list', '-I', '*zapret*' ];
} else {
this.packager.name = 'opkg';
this.packager.path = '/bin/opkg';
this.packager.args = [ 'list-installed', '*zapret*' ];
}
//console.log('PACKAGER: ' + this.packager.name);
}
},
getSvcInfo: function(svc_name = null) {
this.init_consts();
let name = (svc_name) ? svc_name : this.appName;
let verbose = 1;
return this.callServiceList(name, verbose).then(res => {
return res;
}).catch(e => {
ui.addNotification(null, E('p', _('Failed to get %s service info: %s').format(name, e)));
});
},
getInitState: function(name) {
this.init_consts();
return this.callInitState(name).then(res => {
if (res) {
return res[name].enabled ? true : false;
@@ -109,12 +159,38 @@ return baseclass.extend({
let lines = pkg_list.trim().split('\n');
for (let i = 0; i < lines.length; i++) {
let line = lines[i].trim();
if (line.length >= 4) {
let word_list = line.split(' - ');
let name = word_list[0].trim();
let ver = word_list[1].trim();
pkg_dict[name] = ver;
let name;
let ver;
if (this.packager.name == 'apk') {
let fullname = line.split(' ')[0];
let mpos = fullname.lastIndexOf("-");
if (mpos <= 0)
continue;
if (fullname.substring(mpos+1, mpos+2) == 'r') {
// release number
fullname = fullname.substring(0, mpos);
}
mpos = fullname.lastIndexOf("-");
if (mpos <= 0)
continue;
name = fullname.substring(0, mpos).trim();
ver = fullname.substring(mpos+1).trim();
} else {
if (!line.includes(' - '))
continue;
name = line.split(' - ')[0].trim();
ver = line.split(' - ')[1].trim();
let spos = ver.indexOf(" ");
if (spos > 0) {
ver = ver.substring(0, spos);
}
let mpos = ver.lastIndexOf("-");
if (mpos > 0 && ver.substring(mpos+1, mpos+2) == 'r') {
// release number
ver = ver.substring(0, mpos);
}
}
pkg_dict[name] = ver;
}
return pkg_dict;
},
@@ -140,37 +216,38 @@ return baseclass.extend({
let result = {
"autorun": svc_autorun,
"dmn": {
inited: false,
total: 0,
running: 0,
working: 0,
},
"status": this.statusDict.error,
};
if (svc_info.code != 0) {
return -1;
}
if (proc_list.code != 0) {
return -2;
}
let plist = this.get_pid_list(proc_list.stdout);
let jdata = JSON.parse(svc_info.stdout);
if (typeof(jdata) !== 'object') {
if (plist.length < 4) {
return -3;
}
if (typeof(svc_info) !== 'object') {
return -4;
}
let jdata = svc_info;
if (typeof(jdata.zapret) == 'object') {
result.dmn.inited = true;
let dmn_list = jdata.zapret.instances;
if (typeof(dmn_list) !== 'object') {
return -4;
}
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1;
if (daemon.running) {
result.dmn.running += 1;
}
if (daemon.pid !== undefined && daemon.pid != null) {
if (plist.includes(daemon.pid)) {
result.dmn.working += 1;
if (typeof(dmn_list) == 'object') {
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1;
if (daemon.running) {
result.dmn.running += 1;
}
if (daemon.pid !== undefined && daemon.pid != null) {
if (plist.includes(daemon.pid)) {
result.dmn.working += 1;
}
}
}
}
@@ -179,7 +256,7 @@ return baseclass.extend({
if (result.dmn.total == 0) {
result.status = (!svc_autorun) ? this.statusDict.disabled : this.statusDict.stopped;
} else {
result.status = (!result.dmn.working) ? this.statusDict.started : this.statusDict.running;
result.status = (result.dmn.inited) ? this.statusDict.started : this.statusDict.running;
}
return result;
},
@@ -190,7 +267,7 @@ return baseclass.extend({
if (typeof(svcinfo) == 'object') {
svc_autorun = (svcinfo.autorun) ? _('Enabled') : _('Disabled');
if (svcinfo.dmn.total == 0) {
if (!svcinfo.dmn.inited) {
svc_daemons = _('Stopped');
} else {
svc_daemons = (!svcinfo.dmn.working) ? _('Starting') : _('Running');
@@ -229,7 +306,7 @@ return baseclass.extend({
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('Blacklist update mode')}:
${_('HostLists update mode')}:
</td>
<td class="td left">
${update_mode}
@@ -244,6 +321,17 @@ return baseclass.extend({
</table>`;
return out;
},
getLineCount: function(mstr) {
let count = 0;
let c = '\n'.charAt(0);
for (let i = 0; i < mstr.length; ++i) {
if (c === mstr.charAt(i)) {
++count;
}
}
return count;
},
fileEditDialog: baseclass.extend({
__init__: function(file, title, desc, aux = null, rows = 10, callback, file_exists = false) {
@@ -346,18 +434,27 @@ return baseclass.extend({
}),
longstrEditDialog: baseclass.extend({
__init__: function(cfgsec, cfgparam, title, desc, rows = 10) {
__init__: function(cfgsec, cfgparam, title, desc, rows = 10, multiline = false) {
this.cfgsec = cfgsec;
this.cfgparam = cfgparam;
this.title = title;
this.desc = desc;
this.rows = rows;
this.multiline = multiline;
},
load: function() {
let value = uci.get('zapret', this.cfgsec, this.cfgparam);
if (typeof(value) === 'string') {
return value.trim();
value = value.trim();
if (this.multiline == 2) {
value = value.replace(/\n\t\t\t--/g, "\n--");
value = value.replace(/\n\t\t--/g, "\n--");
value = value.replace(/\n\t--/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/ --/g, "\n--");
}
}
return value;
},
@@ -397,15 +494,40 @@ return baseclass.extend({
handleSave: function(ev) {
let txt = document.getElementById('widget.modal_content');
let value = txt.value.trim().replace(/\r\n/g, ' ').replace(/\r/g, ' ').replace(/\n/g, ' ').trim();
let value = txt.value.trim();
if (this.multiline) {
value = value.replace(/\r/g, '');
if (value != "" && value != "\t") {
value = '\n' + value + '\n';
if (this.multiline == 2) {
value = value.replace(/"/g, '');
value = value.replace(/'/g, '');
}
}
} else {
value = value.replace(/\r\n/g, ' ');
value = value.replace(/\r/g, ' ');
value = value.replace(/\n/g, ' ');
value = value.trim();
}
if (value == "") {
value = "\t";
}
value = value.replace(/˂/g, '<');
value = value.replace(/˃/g, '>');
uci.set('zapret', this.cfgsec, this.cfgparam, value);
uci.save();
let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam);
if (elem) {
elem.querySelector('div').textContent = value;
let val = value.trim();
if (this.multiline) {
val = val.replace(/</g, '˂');
val = val.replace(/>/g, '˃');
val = val.replace(/\n/g, '<br/>');
elem.querySelector('div').innerHTML = val;
} else {
elem.querySelector('div').textContent = val;
}
}
ui.hideModal();
/*

10
luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json
View File

@@ -10,6 +10,7 @@
"acl": [ "luci-app-zapret" ],
"fs": {
"/opt/zapret/sync_config.sh": "executable",
"/opt/zapret/restore-def-cfg.sh": "executable",
"/etc/init.d/zapret": "executable"
},
"uci": { "zapret": true }
@@ -32,5 +33,14 @@
"type": "view",
"path": "zapret/settings"
}
},
"admin/services/zapret/dmnlog": {
"title": "Log Viewer",
"order": 30,
"action": {
"type": "view",
"path": "zapret/dmnlog"
}
}
}

13
luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json
View File

@@ -6,21 +6,30 @@
"file": {
"/opt/zapret/config": [ "read" ],
"/opt/zapret/ipset/*": [ "read" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "read" ],
"/etc/crontabs/root": [ "read" ],
"/tmp/zapret*": [ "read" ],
"/etc/init.d/zapret*": [ "exec" ],
"/bin/ps*": [ "exec" ],
"/bin/cat*": [ "exec" ],
"/bin/busybox*": [ "exec" ],
"/bin/opkg*": [ "exec" ],
"/usr/bin/apk*": [ "exec" ],
"/usr/bin/find*": [ "exec" ],
"/opt/zapret/restore-def-cfg.sh*": [ "exec" ],
"/opt/zapret/sync_config.sh*": [ "exec" ]
},
"uci": [ "zapret", "network" ],
"ubus": {
"luci": [ "getInitList", "setInitAction" ]
"luci": [ "getInitList", "setInitAction" ],
"service": [ "list" ]
}
},
"write": {
"file": {
"/opt/zapret/config": [ "write" ],
"/opt/zapret/ipset/*.txt": [ "write" ],
"/opt/zapret/ipset/*": [ "write" ],
"/opt/zapret/init.d/openwrt/custom.d/*": [ "write" ],
"/etc/crontabs/root": [ "write" ]
},
"uci": [ "zapret" ]

7
zapret-ip2net/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-ip2net
PKG_VERSION:=65
PKG_RELEASE:=20241025
PKG_VERSION:=72.20251022
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=2c68d1c94f293470bf3a87b28c4d15242e22218c
PKG_SOURCE_DATE:=2024-10-25
PKG_SOURCE_VERSION:=29935b09347be15ecf6536950a2bce12b41e0b0b
PKG_SOURCE_DATE:=2025-10-22
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

7
zapret-mdig/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-mdig
PKG_VERSION:=65
PKG_RELEASE:=20241025
PKG_VERSION:=72.20251022
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=2c68d1c94f293470bf3a87b28c4d15242e22218c
PKG_SOURCE_DATE:=2024-10-25
PKG_SOURCE_VERSION:=29935b09347be15ecf6536950a2bce12b41e0b0b
PKG_SOURCE_DATE:=2025-10-22
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

7
zapret-tpws/Makefile
View File

@@ -1,8 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-tpws
PKG_VERSION:=65
PKG_RELEASE:=20241025
PKG_VERSION:=72.20251022
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -10,8 +9,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=2c68d1c94f293470bf3a87b28c4d15242e22218c
PKG_SOURCE_DATE:=2024-10-25
PKG_SOURCE_VERSION:=29935b09347be15ecf6536950a2bce12b41e0b0b
PKG_SOURCE_DATE:=2025-10-22
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?

84
zapret/Makefile
View File

@@ -5,8 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret
PKG_VERSION:=65
PKG_RELEASE:=20241025
PKG_VERSION:=72.20251022
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
@@ -14,8 +13,8 @@ PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=2c68d1c94f293470bf3a87b28c4d15242e22218c
PKG_SOURCE_DATE:=2024-10-25
PKG_SOURCE_VERSION:=29935b09347be15ecf6536950a2bce12b41e0b0b
PKG_SOURCE_DATE:=2025-10-22
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
@@ -70,28 +69,30 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/ipset
$(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh
$(INSTALL_CONF) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default
#$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default
$(INSTALL_DIR) $(1)/opt/zapret/tmp
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/zapret $(1)/etc/init.d/zapret
$(INSTALL_CONF) ./config.default $(1)/opt/zapret/config.default
#$(INSTALL_CONF) ./ipset/zapret-hosts-auto.txt $(1)/opt/zapret/ipset/zapret-hosts-auto.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret/ipset/zapret-hosts-user.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user-ipban.txt $(1)/opt/zapret/ipset/zapret-hosts-user-ipban.txt
#$(INSTALL_CONF) ./ipset/zapret-ip.txt $(1)/opt/zapret/ipset/zapret-ip.txt
$(INSTALL_CONF) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user.txt $(1)/opt/zapret/ipset/zapret-ip-user.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-user-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-ip-user-ipban.txt $(1)/opt/zapret/ipset/zapret-ip-user-ipban.txt
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
$(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret
$(INSTALL_DATA) ./config.default $(1)/opt/zapret/config.default
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh
$(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret/comfunc.sh
$(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret/def-cfg.sh
$(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret/renew-cfg.sh
$(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret/restore-def-cfg.sh
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
# Fix permisions
chmod 644 $(1)/opt/zapret/ipset/*.txt
chmod 644 $(1)/opt/zapret/config.default
chmod 755 $(1)/opt/zapret/*.sh
endef
define Package/$(PKG_NAME)/preinst
@@ -107,9 +108,19 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
fi
if [ "$${PKG_UPGRADE}" = "1" ]; then
# stop service if PKG_UPGRADE
[ -x "/etc/init.d/zapret" ] && /etc/init.d/zapret stop >/dev/null 2>&1
if [ -x "/etc/init.d/zapret" ]; then
/etc/init.d/zapret running && /etc/init.d/zapret stop >/dev/null 2>&1
fi
fi
fi
if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then
if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then
CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' )
if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then
rm -f "/opt/zapret/ipset/zapret-hosts-user.txt"
fi
fi
fi
fi
exit 0
endef
@@ -119,6 +130,18 @@ define Package/$(PKG_NAME)/postinst
if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
# creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# check obsolete format for main config
if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then
echo "Detect obsolute format for main config!"
ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup"
cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}"
echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}"
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# check existing uci-config
[ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
# create or merge uci-config
@@ -126,11 +149,11 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config"
# remove uci-default script from system dir (used into /etc/init.d/boot)
rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh
# creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
/opt/zapret/sync_config.sh
fi
# copy (sync) all params from uci-config to main config
/opt/zapret/sync_config.sh
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58
# enable main service
/etc/init.d/zapret enable
# stop all
@@ -152,14 +175,21 @@ if [ -z "$${IPKG_INSTROOT}" ]; then
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
OPENWRT_FW_INCLUDE=/etc/firewall.zapret
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
exit 0
fi
. "$${ZAPRET_CONFIG}"
. "$${ZAPRET_BASE}/common/base.sh"
. "$${ZAPRET_BASE}/common/fwtype.sh"
. "$${ZAPRET_BASE}/common/nft.sh"
. "$${ZAPRET_BASE}/common/installer.sh"
/etc/init.d/zapret running && /etc/init.d/zapret stop
/etc/init.d/zapret disable
/etc/init.d/zapret stop
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
remove_openwrt_firewall
nft_del_table

191
zapret/comfunc.sh Executable file
View File

@@ -0,0 +1,191 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_INITD=/etc/init.d/zapret
ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret"
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret
ZAPRET_CFG_NAME=zapret
ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )"
. $ZAPRET_BASE/def-cfg.sh
CRONTAB_FILE="/etc/crontabs/root"
function adapt_for_sed
{
echo -n "$1" | tr '\r' ' ' | tr '\n' ' ' | tr '\t' ' ' | sed -r 's/([\$\.\*\/\[\\^])/\\\1/g' | sed 's/[]]/\\]/g'
}
function is_valid_config
{
local fname=${1:-$ZAPRET_CONFIG}
sh -n "$fname" &>/dev/null
return $?
}
function get_ppid_by_pid
{
local pid=$1
local ppid="$( cat /proc/$pid/status 2>/dev/null | grep '^PPid:' | awk '{print $2}' )"
echo "$ppid"
}
function get_proc_path_by_pid
{
local pid=$1
local path=$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' | head -n1 )
echo "$path"
}
function get_proc_cmd_by_pid
{
local pid=$1
local delim="$2"
local cmdline
if [ "$delim" = "" ]; then
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' )"
else
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' "$delim" )"
fi
echo "$cmdline"
}
function is_run_via_procd
{
local pname
[ "$$" = "1" ] && return 0
pname="$( get_proc_path_by_pid $$ )"
[ "$pname" = "/sbin/procd" ] && return 0
[ "$PPID" = "1" ] && return 0
pname="$( get_proc_path_by_pid $PPID )"
[ "$pname" = "/sbin/procd" ] && return 0
return 1
}
function is_run_on_boot
{
local cmdline="$( get_proc_cmd_by_pid $$ ' ' )"
if echo "$cmdline" | grep -q " /etc/rc.d/S" ; then
if echo "$cmdline" | grep -q " boot $" ; then
return 0
fi
fi
return 1
}
function get_run_on_boot_option
{
if [ "$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )" = "1" ]; then
echo 1
else
echo 0
fi
}
function create_default_cfg
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local cfgfile=/etc/config/$cfgname
rm -f $cfgfile
touch $cfgfile
uci set $cfgname.config=main
set_cfg_default_values $cfgname
return 0
}
function merge_cfg_with_def_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2
local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="zapret-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
[ -z "$cfg_sec_name" ] && create_default_cfg
create_default_cfg "$NEWCFGNAME"
[ ! -f "$NEWCFGFILE" ] && return 1
uci -m -f $cfgfile import "$NEWCFGNAME"
uci commit "$NEWCFGNAME"
uci -m -f "$NEWCFGFILE" import $cfgname
uci commit $cfgname
rm -f "$NEWCFGFILE"
return 0
}
function remove_cron_task_logs
{
if [ -f "$CRONTAB_FILE" ]; then
sed -i "/-name 'zapret\*.log' -size +/d" "$CRONTAB_FILE"
fi
}
function insert_cron_task_logs
{
[ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE"
[ ! -f "$CRONTAB_FILE" ] && return 1
if ! grep -q -e "-name 'zapret\*\.log' -size \+" "$CRONTAB_FILE"; then
echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name 'zapret*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE"
/etc/init.d/cron restart 2> /dev/null
fi
return 0
}
function init_before_start
{
local DAEMON_LOG_ENABLE=$1
local HOSTLIST_FN="$ZAPRET_BASE/ipset/zapret-hosts-user.txt"
[ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN"
chmod 644 $ZAPRET_BASE/ipset/*.txt
chmod 666 $ZAPRET_BASE/ipset/*.log
rm -f /tmp/zapret*.log
#*/
if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
insert_cron_task_logs
else
remove_cron_task_logs
fi
return 0
}
function patch_luci_header_ut
{
# INFO: https://github.com/openwrt/luci/pull/7725
local header_ut=/usr/share/ucode/luci/template/header.ut
local runtime_uc=/usr/share/ucode/luci/runtime.uc
local newenv
[ ! -f $header_ut ] && return 0
[ ! -f $runtime_uc ] && return 0
if grep -q "pkgs_update_time" $runtime_uc; then
return 0
fi
if grep -q "pkgs_update_time" $header_ut; then
return 0
fi
sed -i "/^import { access/i import { stat } from 'fs';" $runtime_uc
if ! grep -q "{ stat }" $runtime_uc; then
return 1
fi
newenv="self.env.pkgs_update_time = stat('/lib/apk/db/installed')?.mtime ?? stat('/usr/lib/opkg/status')?.mtime ?? 0;"
newenv=`adapt_for_sed "$newenv"`
sed -i "/self.env.include =/i $newenv" $runtime_uc
if ! grep -q "pkgs_update_time" $runtime_uc; then
return 1
fi
sed -i 's/luci.js?v=\(.*\)"><\/script>/luci.js?v=\1-{{ pkgs_update_time }}"><\/script>/g' $header_ut
if ! grep -q "pkgs_update_time" $header_ut; then
return 1
fi
logger -p notice -t ZAPRET "patch_luci_header_ut: OK"
return 0
}

118
zapret/config.default
View File

@@ -4,9 +4,16 @@
# can help in case /tmp has not enough space
#TMPDIR=/opt/zapret/tmp
# redefine user for zapret daemons. required on Keenetic
WS_USER="daemon"
# override firewall type : iptables,nftables,ipfw
FWTYPE=nftables
# nftables only : set this to 0 to use pre-nat mode. default is post-nat.
# pre-nat mode disables some bypass techniques for forwarded traffic but allows to see client IP addresses in debug log
POSTNAT=1
# options for ipsets
# maximum number of elements in sets. also used for nft sets
SET_MAXELEM=522288
@@ -41,66 +48,65 @@ GZIP_LISTS=0
# set to "-" to disable reload
#LISTS_RELOAD="pfctl -f /etc/pf.conf"
# override ports
HTTP_PORTS=80
HTTPS_PORTS=443
QUIC_PORTS=443
# CHOOSE OPERATION MODE
# MODE : nfqws,tpws,tpws-socks,filter,custom
# nfqws : nfqws for dpi desync
# tpws : tpws transparent mode
# tpws-socks : tpws socks mode
# filter : no daemon, just create ipset or download hostlist
# custom : custom mode. should modify custom init script and add your own code
MODE=nfqws
MODE_HTTP=1
MODE_HTTP_KEEPALIVE=0
MODE_HTTPS=1
MODE_QUIC=1
# none,ipset,hostlist,autohostlist
MODE_FILTER=hostlist
# CHOOSE NFQWS DAEMON OPTIONS for DPI desync mode. run "nfq/nfqws --help" for option list
# mark bit used by nfqws to prevent loop
DESYNC_MARK=0x40000000
DESYNC_MARK_POSTNAT=0x20000000
NFQWS_OPT_DESYNC="--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin"
NFQWS_OPT_DESYNC_SUFFIX=""
NFQWS_OPT_DESYNC_HTTP=""
NFQWS_OPT_DESYNC_HTTP_SUFFIX=""
NFQWS_OPT_DESYNC_HTTPS=""
NFQWS_OPT_DESYNC_HTTPS_SUFFIX=""
NFQWS_OPT_DESYNC_HTTP6=""
NFQWS_OPT_DESYNC_HTTP6_SUFFIX=""
NFQWS_OPT_DESYNC_HTTPS6=""
NFQWS_OPT_DESYNC_HTTPS6_SUFFIX=""
NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15"
NFQWS_OPT_DESYNC_QUIC_SUFFIX=""
NFQWS_OPT_DESYNC_QUIC6=""
NFQWS_OPT_DESYNC_QUIC6_SUFFIX=""
# do not pass outgoing traffic to tpws/nfqws not marked with this bit
# this setting allows to write your own rules to limit traffic that should be fooled
# for example based on source IP or incoming interface name
# no filter if not defined
FILTER_MARK=""
# CHOOSE TPWS DAEMON OPTIONS. run "tpws/tpws --help" for option list
# SUFFIX VARS define additional lower priority desync profile. it's required if MODE_FILTER=hostlist and strategy has hostlist-incompatible 0-phase desync methods (mss)
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
#TPWS_OPT_SUFFIX="--mss 88"
TPWS_SOCKS_ENABLE=0
# tpws socks listens on this port on localhost and LAN interfaces
TPPORT_SOCKS=987
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
TPWS_ENABLE=0
TPWS_PORTS="80,443"
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
NFQWS_ENABLE=1
# redirect outgoing traffic with connbytes limiter applied in both directions.
NFQWS_PORTS_TCP="80,443"
NFQWS_PORTS_UDP="443"
# PKT_OUT means connbytes dir original
# PKT_IN means connbytes dir reply
# this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU.
NFQWS_TCP_PKT_OUT="9"
NFQWS_TCP_PKT_IN="3"
NFQWS_UDP_PKT_OUT="9"
NFQWS_UDP_PKT_IN="0"
# redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter
# normally it's needed only for stateless DPI that matches every packet in a single TCP session
# typical example are plain HTTP keep alives
# this mode can be very CPU consuming. enable with care !
NFQWS_PORTS_TCP_KEEPALIVE=""
NFQWS_PORTS_UDP_KEEPALIVE=""
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
NFQWS_OPT="--filter-tcp=80 <HOSTLIST> --dpi-desync=fake,fakedsplit --dpi-desync-autottl=2 --dpi-desync-fooling=badsum --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-repeats=11 --dpi-desync-fooling=badsum --dpi-desync-fake-tls-mod=rnd,dupsid,sni=www.google.com --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 <HOSTLIST_NOAUTO> --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=443 <HOSTLIST> --dpi-desync=multidisorder --dpi-desync-split-pos=1,sniext+1,host+1,midsld-2,midsld,midsld+2,endhost-1"
DISABLE_CUSTOM=0
# FlowOffload mode : donttouch,none,software,hardware
FLOWOFFLOAD=none
@@ -137,7 +143,17 @@ DISABLE_IPV4=0
# do not work with ipv6
DISABLE_IPV6=1
# drop icmp time exceeded messages for nfqws tampered connections
# in POSTNAT mode this can interfere with default mtr/traceroute in tcp or udp mode. use source port not redirected to nfqws
# set to 0 if you are not expecting connection breakage due to icmp in response to TCP SYN or UDP
FILTER_TTL_EXPIRED_ICMP=1
# select which init script will be used to get ip or host list
# possible values : get_user.sh get_antizapret.sh get_combined.sh get_reestr.sh get_hostlist.sh
# comment if not required
#GETLIST=get_antizapret_domains.sh
DAEMON_LOG_ENABLE=0
DAEMON_LOG_FILE="/tmp/zapret+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log"

71
zapret/def-cfg.sh Executable file
View File

@@ -0,0 +1,71 @@
#!/bin/sh
# Copyright (c) 2024 remittor
function set_cfg_default_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( echo -n -e '\t' )"
uci batch <<-EOF
set $cfgname.config.run_on_boot='0'
# settings for zapret service
set $cfgname.config.FWTYPE='nftables'
set $cfgname.config.POSTNAT='1'
set $cfgname.config.FLOWOFFLOAD='none'
set $cfgname.config.INIT_APPLY_FW='1'
set $cfgname.config.DISABLE_IPV4='0'
set $cfgname.config.DISABLE_IPV6='1'
set $cfgname.config.FILTER_TTL_EXPIRED_ICMP='1'
set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.DISABLE_CUSTOM='0'
set $cfgname.config.WS_USER='daemon'
set $cfgname.config.DAEMON_LOG_ENABLE='0'
set $cfgname.config.DAEMON_LOG_FILE='/tmp/zapret+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log'
# autohostlist options
set $cfgname.config.AUTOHOSTLIST_RETRANS_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
# nfqws options
set $cfgname.config.NFQWS_ENABLE='1'
set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.FILTER_MARK='$TAB'
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_TCP_PKT_OUT='9'
set $cfgname.config.NFQWS_TCP_PKT_IN='3'
set $cfgname.config.NFQWS_UDP_PKT_OUT='9'
set $cfgname.config.NFQWS_UDP_PKT_IN='0'
set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0'
set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0'
set $cfgname.config.NFQWS_OPT="
--filter-tcp=80 <HOSTLIST>
--dpi-desync=fake,fakedsplit
--dpi-desync-autottl=2
--dpi-desync-fooling=badsum
--new
--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake,multidisorder
--dpi-desync-split-pos=1,midsld
--dpi-desync-repeats=11
--dpi-desync-fooling=badsum
--dpi-desync-fake-tls-mod=rnd,dupsid,sni=www.google.com
--new
--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake
--dpi-desync-repeats=11
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
--new
--filter-udp=443 <HOSTLIST_NOAUTO>
--dpi-desync=fake
--dpi-desync-repeats=11
--new
--filter-tcp=443 <HOSTLIST>
--dpi-desync=multidisorder
--dpi-desync-split-pos=1,sniext+1,host+1,midsld-2,midsld,midsld+2,endhost-1
"
# save changes
commit $cfgname
EOF
return 0
}

87
zapret/init.d.sh Executable file
View File

@@ -0,0 +1,87 @@
#!/bin/sh /etc/rc.common
# Copyright (c) 2024 remittor
USE_PROCD=1
# after network
START=21
SCRIPT_FILENAME=$1
. /opt/zapret/comfunc.sh
if ! is_valid_config ; then
logger -p err -t ZAPRET "Wrong main config: $ZAPRET_CONFIG"
exit 91
fi
. $ZAPRET_ORIG_INITD
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0
function enable
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to enable service, but service blocked!"
return 61
fi
fi
fi
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
uci set $ZAPRET_CFG_NAME.config.run_on_boot=1
uci commit
fi
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD enable
}
function enabled
{
local run_on_boot=""
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
logger -p notice -t ZAPRET "Service is blocked!"
fi
return 61
fi
fi
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD enabled
}
function boot
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to run service on boot! Service is blocked!"
return 61
fi
fi
fi
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function start
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function restart
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD restart "$@"
}

178
zapret/ipset/zapret-hosts-google.txt Normal file
View File

@@ -0,0 +1,178 @@
googlevideo.com
youtubei.googleapis.com
ytimg.com
yt3.ggpht.com
yt4.ggpht.com
youtube.com
youtubeembeddedplayer.googleapis.com
ytimg.l.google.com
jnn-pa.googleapis.com
youtube-nocookie.com
youtube-ui.l.google.com
yt-video-upload.l.google.com
wide-youtube.l.google.com
youtu.be
youtube.googleapis.com
yt.be
withyoutube.com
youtubeeducation.com
youtubefanfest.com
youtubegaming.com
youtubekids.com
youtubemobilesupport.com
youtube.ae
youtube.al
youtube.am
youtube.at
youtube.az
youtube.ba
youtube.be
youtube.bg
youtube.bh
youtube.bo
youtube.by
youtube.ca
youtube.cat
youtube.ch
youtube.cl
youtube.co
youtube.co.ae
youtube.co.at
youtube.co.cr
youtube.co.hu
youtube.co.id
youtube.co.il
youtube.co.in
youtube.co.jp
youtube.co.ke
youtube.co.kr
youtube.co.ma
youtube.co.nz
youtube.co.th
youtube.co.tz
youtube.co.ug
youtube.co.uk
youtube.co.ve
youtube.co.za
youtube.co.zw
youtube.com.ar
youtube.com.au
youtube.com.az
youtube.com.bd
youtube.com.bh
youtube.com.bo
youtube.com.br
youtube.com.by
youtube.com.co
youtube.com.do
youtube.com.ec
youtube.com.ee
youtube.com.eg
youtube.com.es
youtube.com.gh
youtube.com.gr
youtube.com.gt
youtube.com.hk
youtube.com.hn
youtube.com.hr
youtube.com.jm
youtube.com.jo
youtube.com.kw
youtube.com.lb
youtube.com.lv
youtube.com.ly
youtube.com.mk
youtube.com.mt
youtube.com.mx
youtube.com.my
youtube.com.ng
youtube.com.ni
youtube.com.om
youtube.com.pa
youtube.com.pe
youtube.com.ph
youtube.com.pk
youtube.com.pt
youtube.com.py
youtube.com.qa
youtube.com.ro
youtube.com.sa
youtube.com.sg
youtube.com.sv
youtube.com.tn
youtube.com.tr
youtube.com.tw
youtube.com.ua
youtube.com.uy
youtube.com.ve
youtube.cr
youtube.cz
youtube.de
youtube.dk
youtube.ee
youtube.es
youtube.fi
youtube.fr
youtube.ge
youtube.gr
youtube.gt
youtube.hk
youtube.hr
youtube.hu
youtube.ie
youtube.in
youtube.iq
youtube.is
youtube.it
youtube.jo
youtube.jp
youtube.kr
youtube.kz
youtube.la
youtube.lk
youtube.lt
youtube.lu
youtube.lv
youtube.ly
youtube.ma
youtube.md
youtube.me
youtube.mk
youtube.mn
youtube.mx
youtube.my
youtube.ng
youtube.ni
youtube.nl
youtube.no
youtube.pa
youtube.pe
youtube.ph
youtube.pk
youtube.pl
youtube.pr
youtube.pt
youtube.qa
youtube.ro
youtube.rs
youtube.ru
youtube.sa
youtube.se
youtube.sg
youtube.si
youtube.sk
youtube.sn
youtube.soy
youtube.sv
youtube.tn
youtube.tv
youtube.ua
youtube.ug
youtube.uy
youtube.vn
youtubego.co.id
youtubego.co.in
youtubego.com
youtubego.com.br
youtubego.id
youtubego.in

14
zapret/ipset/zapret-hosts-user-exclude.txt
View File

@@ -1,6 +1,20 @@
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
::1
fc00::/7
fe80::/10
play.google.com
android.com
google-analytics.com
googleusercontent.com
gstatic.com
gvt1.com
ggpht.com
dl.google.com
dl-ssl.google.com
android.clients.google.com
gvt2.com
gvt3.com

0
zapret/ipset/zapret-hosts-user-ipban.txt
View File

14
zapret/ipset/zapret-hosts-user.txt
View File

@@ -1,13 +1 @@
googlevideo.com
youtubei.googleapis.com
ytimg.com
yt3.ggpht.com
yt4.ggpht.com
youtube.com
youtubeembeddedplayer.googleapis.com
ytimg.l.google.com
jnn-pa.googleapis.com
youtube-nocookie.com
youtube-ui.l.google.com
yt-video-upload.l.google.com
wide-youtube.l.google.com
abra-cadabra.com

0
zapret/ipset/zapret-ip-user-exclude.txt
View File

0
zapret/ipset/zapret-ip-user-ipban.txt
View File

0
zapret/ipset/zapret-ip-user.txt
View File

65
zapret/patches/0001-Add-support-log-file-for-each-daemons.patch Normal file
View File

@@ -0,0 +1,65 @@
From 069fb25032d1b85ea57615ca234752e3969b777b Mon Sep 17 00:00:00 2001
From: remittor <remittor@gmail.com>
Date: Sat, 8 Feb 2025 22:04:51 +0300
Subject: [PATCH] Add support log file for each daemons
---
diff --git a/common/custom.sh b/common/custom.sh
index 0af19c0..41c0967 100644
--- a/common/custom.sh
+++ b/common/custom.sh
@@ -13,9 +13,16 @@ custom_runner()
dir_is_not_empty "$CUSTOM_DIR/custom.d" && {
for script in "$CUSTOM_DIR/custom.d/"*; do
[ -f "$script" ] || continue
+ DAEMON_CFGNAME_SAVED="$DAEMON_CFGNAME"
+ unset DAEMON_CFGNAME
unset -f $FUNC
. "$script"
+ if [ -z "$DAEMON_CFGNAME" ]; then
+ DAEMON_CFGNAME="$(basename "$script")"
+ DAEMON_CFGNAME="${DAEMON_CFGNAME%%.*}"
+ fi
existf $FUNC && $FUNC "$@"
+ DAEMON_CFGNAME="$DAEMON_CFGNAME_SAVED"
done
}
}
diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret
index 8d6d3a9..fcb1e91 100755
--- a/init.d/openwrt/zapret
+++ b/init.d/openwrt/zapret
@@ -58,12 +58,29 @@ run_daemon()
# use $PIDDIR/$DAEMONBASE$1.pid as pidfile
local DAEMONBASE="$(basename "$2")"
echo "Starting daemon $1: $2 $3"
+ local DAEMON_NAME="$DAEMONBASE"
+ local DAEMON_IDNUM=$1
+ local DAEMON_PATH="$2"
+ local DAEMON_ARGS="$3"
+ local DAEMON_LOG=
+ if [ -n "$DAEMON_LOG_FILE" ]; then
+ DAEMON_LOG="$DAEMON_LOG_FILE"
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_NAME>/$DAEMON_NAME}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_IDNUM>/$DAEMON_IDNUM}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_CFGNAME>/$DAEMON_CFGNAME}
+ [ -f "$DAEMON_LOG" ] && rm -f "$DAEMON_LOG"
+ if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
+ DAEMON_ARGS="--debug=@$DAEMON_LOG $DAEMON_ARGS"
+ fi
+ fi
procd_open_instance
- procd_set_param command $2 $3
+ procd_set_param command $DAEMON_PATH $DAEMON_ARGS
procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid
procd_close_instance
}
+DAEMON_CFGNAME="main"
+
run_tpws()
{
[ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0
--
2.41.0.windows.3

16
zapret/renew-cfg.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
merge_cfg_with_def_values
CONFIGS_SYNC=0
[ ! -f "$ZAPRET_CONFIG" ] && CONFIGS_SYNC=1
[ "$1" = "sync" ] && CONFIGS_SYNC=1
if [ "$CONFIGS_SYNC" = "1" ]; then
# renew main config
/opt/zapret/sync_config.sh
fi

18
zapret/restore-def-cfg.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )"
create_default_cfg
if [ "$cfg_run_on_boot" = "1" ]; then
uci set zapret.config.run_on_boot=1
uci commit
fi
if [ "$1" = "sync" ]; then
# renew main config
/opt/zapret/sync_config.sh
fi

89
zapret/sync_config.sh
View File

@@ -1,24 +1,7 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret
ZAPRET_CFG_SEC_NAME="$( uci -q get zapret.config )"
if [ -z "$ZAPRET_CFG_SEC_NAME" ]; then
# wrong uci-config
return 1
fi
function get_sed_compat
{
local str=$( ( echo $1|sed -r 's/([\$\.\*\/\[\\^])/\\\1/g'|sed 's/[]]/\\]/g' )>&1 )
echo "$str"
}
. /opt/zapret/comfunc.sh
function uncomment_param
{
@@ -41,7 +24,7 @@ function append_param
function set_param_value
{
local param=$1
local value=$( get_sed_compat "$2" )
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=$value/g" $fname
}
@@ -49,7 +32,7 @@ function set_param_value
function set_param_value_str
{
local param=$1
local value=$( get_sed_compat "$2" )
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=\"$value\"/g" $fname
}
@@ -65,6 +48,12 @@ function sync_param
if [ "$value" = "$TAB" ]; then
value=""
fi
if [ "$param" = "NFQWS_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS_PORTS_UDP_KEEPALIVE" ]; then
[ "$value" = "0" ] && value=""
fi
if [ "$param" = "NFQWS_OPT" -a "$value" != "" ]; then
value=$( echo -n "$value" | sed '/^#/d' )
fi
if [ "$vtype" = "str" ]; then
set_param_value_str $param "$value"
else
@@ -80,33 +69,49 @@ if [ ! -f "$ZAPRET_CONFIG" ]; then
fi
fi
sync_param MODE
cp -f "$ZAPRET_CONFIG" "$ZAPRET_CONFIG_NEW"
ZAPRET_CONFIG__SAVED="$ZAPRET_CONFIG"
ZAPRET_CONFIG="$ZAPRET_CONFIG_NEW"
sync_param FWTYPE
sync_param POSTNAT
sync_param FLOWOFFLOAD
sync_param INIT_APPLY_FW
sync_param DISABLE_IPV4
sync_param DISABLE_IPV6
sync_param FILTER_TTL_EXPIRED_ICMP
sync_param MODE_FILTER
sync_param DISABLE_CUSTOM
sync_param WS_USER str
sync_param DAEMON_LOG_ENABLE
sync_param DAEMON_LOG_FILE str
sync_param AUTOHOSTLIST_RETRANS_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_TIME
sync_param AUTOHOSTLIST_DEBUGLOG
sync_param NFQWS_ENABLE
sync_param DESYNC_MARK
sync_param DESYNC_MARK_POSTNAT
sync_param NFQWS_OPT_DESYNC str
sync_param NFQWS_OPT_DESYNC_SUFFIX str
sync_param MODE_HTTP
sync_param MODE_HTTP_KEEPALIVE
sync_param HTTP_PORTS
sync_param NFQWS_OPT_DESYNC_HTTP str
sync_param NFQWS_OPT_DESYNC_HTTP_SUFFIX str
sync_param NFQWS_OPT_DESYNC_HTTP6 str
sync_param NFQWS_OPT_DESYNC_HTTP6_SUFFIX str
sync_param MODE_HTTPS
sync_param HTTPS_PORTS
sync_param NFQWS_OPT_DESYNC_HTTPS str
sync_param NFQWS_OPT_DESYNC_HTTPS_SUFFIX str
sync_param NFQWS_OPT_DESYNC_HTTPS6 str
sync_param NFQWS_OPT_DESYNC_HTTPS6_SUFFIX str
sync_param MODE_QUIC
sync_param QUIC_PORTS
sync_param NFQWS_OPT_DESYNC_QUIC str
sync_param NFQWS_OPT_DESYNC_QUIC_SUFFIX str
sync_param NFQWS_OPT_DESYNC_QUIC6 str
sync_param NFQWS_OPT_DESYNC_QUIC6_SUFFIX str
sync_param FILTER_MARK str
sync_param NFQWS_PORTS_TCP str
sync_param NFQWS_PORTS_UDP str
sync_param NFQWS_TCP_PKT_OUT str
sync_param NFQWS_TCP_PKT_IN str
sync_param NFQWS_UDP_PKT_OUT str
sync_param NFQWS_UDP_PKT_IN str
sync_param NFQWS_PORTS_TCP_KEEPALIVE str
sync_param NFQWS_PORTS_UDP_KEEPALIVE str
sync_param NFQWS_OPT str
ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED"
if is_valid_config "$ZAPRET_CONFIG_NEW" ; then
cp -f "$ZAPRET_CONFIG_NEW" "$ZAPRET_CONFIG"
rm -f "$ZAPRET_CONFIG_NEW"
else
rm -f "$ZAPRET_CONFIG_NEW"
return 97
fi

128
zapret/uci-def-cfg.sh
View File

@@ -1,120 +1,18 @@
#!/bin/sh
# Copyright (c) 2024 remittor
SCRIPT_SOURCED=0
case ${0##*/} in ash|-ash) SCRIPT_SOURCED=1;; esac
#[[ $_ != $0 ]] && echo "Script is being sourced" || echo "Script is a subshell"
. /opt/zapret/comfunc.sh
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG_FILE=/etc/config/zapret
ZAPRET_CFG_NAME=zapret
# create empty txt files into ipset directory
[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt"
#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt"
#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt"
CFG_OPT_FORCE=0
CFG_OPT_MERGE=0
CFG_OPT_SYNC_CFG=0
function set_default_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( echo -n -e '\t' )"
uci batch <<-EOF
set $cfgname.config.autostart='0'
set $cfgname.config.FWTYPE='nftables'
set $cfgname.config.MODE='nfqws'
set $cfgname.config.FLOWOFFLOAD='none'
set $cfgname.config.INIT_APPLY_FW='1'
set $cfgname.config.DISABLE_IPV4='0'
set $cfgname.config.DISABLE_IPV6='1'
set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.NFQWS_OPT_DESYNC='--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin'
set $cfgname.config.NFQWS_OPT_DESYNC_SUFFIX="$TAB"
set $cfgname.config.MODE_HTTP='1'
set $cfgname.config.MODE_HTTP_KEEPALIVE='0'
set $cfgname.config.HTTP_PORTS='80'
set $cfgname.config.NFQWS_OPT_DESYNC_HTTP="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTP_SUFFIX="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTP6="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTP6_SUFFIX="$TAB"
set $cfgname.config.MODE_HTTPS='1'
set $cfgname.config.HTTPS_PORTS='443'
set $cfgname.config.NFQWS_OPT_DESYNC_HTTPS="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTPS_SUFFIX="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTPS6="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_HTTPS6_SUFFIX="$TAB"
set $cfgname.config.MODE_QUIC='1'
set $cfgname.config.QUIC_PORTS='443'
set $cfgname.config.NFQWS_OPT_DESYNC_QUIC='--dpi-desync=fake,split2 --dpi-desync-repeats=15 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --dpi-desync=fake --dpi-desync-repeats=15'
set $cfgname.config.NFQWS_OPT_DESYNC_QUIC_SUFFIX="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_QUIC6="$TAB"
set $cfgname.config.NFQWS_OPT_DESYNC_QUIC6_SUFFIX="$TAB"
commit $cfgname
EOF
return 0
}
function create_default_config
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local cfgfile=/etc/config/$cfgname
rm -f $cfgfile
touch $cfgfile
uci set $cfgname.config=main
set_default_values $cfgname
return 0
}
function merge_config_with_def_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2
local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="zapret-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
create_default_config "$NEWCFGNAME"
[ ! -f "$NEWCFGFILE" ] && return 1
uci -m -f $cfgfile import "$NEWCFGNAME"
uci commit "$NEWCFGNAME"
uci -m -f "$NEWCFGFILE" import $cfgname
uci commit $cfgname
rm -f "$NEWCFGFILE"
return 0
}
if [ "$SCRIPT_SOURCED" != "1" ]; then
while getopts "fms" SCRIPT_OPT; do
case $SCRIPT_OPT in
f) CFG_OPT_FORCE=1;;
m) CFG_OPT_MERGE=1;;
s) CFG_OPT_SYNC_CFG=1;;
esac
done
if [ ! -f "$ZAPRET_CFG_FILE" ]; then
CFG_OPT_FORCE=1
fi
if [ "$CFG_OPT_FORCE" = "1" ]; then
create_default_config
[ "$CFG_OPT_SYNC_CFG" = "1" ] && /opt/zapret/sync_config.sh
return 0
fi
fi
CFG_OPT_MERGE=1
merge_config_with_def_values
if [ ! -f "$ZAPRET_CONFIG" ]; then
# create main config
/opt/zapret/sync_config.sh
fi
return 0
# create or merge uci-config
$ZAPRET_BASE/renew-cfg.sh