Mirror/zapret-openwrt
1
0
Fork 0
mirror of https://github.com/remittor/zapret-openwrt.git synced 2026-01-27 12:50:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirror:v70-20250109
Branches Tags
Mirror:master Mirror:gh-pages Mirror:zap1
Mirror:v72.20260126 Mirror:v0.8.20260125 Mirror:v72.20260125 Mirror:v72.20260119 Mirror:v0.8.20260118 Mirror:v72.20260117 Mirror:v0.8.20260117 Mirror:v72.20260116 Mirror:v72.20260115 Mirror:v72.20260114 Mirror:v0.8.20260113 Mirror:v72.20260113 Mirror:v0.8.20260111 Mirror:v72.20260111 Mirror:v0.8.20260109 Mirror:v72.20260108 Mirror:v0.8.20260107 Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012
..
compare: Mirror:v0.8.20260113
Branches Tags
Mirror:gh-pages Mirror:zap1 Mirror:master
Mirror:v72.20260126 Mirror:v0.8.20260125 Mirror:v72.20260125 Mirror:v72.20260119 Mirror:v0.8.20260118 Mirror:v72.20260117 Mirror:v0.8.20260117 Mirror:v72.20260116 Mirror:v72.20260115 Mirror:v72.20260114 Mirror:v0.8.20260113 Mirror:v72.20260113 Mirror:v0.8.20260111 Mirror:v72.20260111 Mirror:v0.8.20260109 Mirror:v72.20260108 Mirror:v0.8.20260107 Mirror:v0.8.20251230 Mirror:v0.8.20251229 Mirror:v0.7.20251227 Mirror:v72.20251227 Mirror:v0.7.20251226 Mirror:v0.7.20251225-r2 Mirror:v72.20251225-r2 Mirror:v0.7.20251225 Mirror:v72.20251225 Mirror:v0.7.20251224 Mirror:v0.7.20251220 Mirror:v0.7.20251219 Mirror:v72.20251219 Mirror:v72.20251218 Mirror:v72.20251217 Mirror:v72.20251216 Mirror:v72.20251213 Mirror:v72.20251212 Mirror:v72.20251122 Mirror:v72.20251022 Mirror:v72.20250924 Mirror:v71.20250918 Mirror:v71.20250708 Mirror:v71.20250607 Mirror:v70.20250505 Mirror:v70.20250419 Mirror:v70.20250405 Mirror:v70.20250323 Mirror:v70.20250213 Mirror:v70.20250210 Mirror:v70.20250116 Mirror:v70-20250109 Mirror:v70-20250109-23.05 Mirror:v69-20241206 Mirror:v69-20241206-23.05 Mirror:v69-20241123 Mirror:v69-20241123-23.05 Mirror:v69-20241121-23.05 Mirror:v69-20241121 Mirror:v69-20241118 Mirror:v69-20241118-23.05 Mirror:v68-20241115 Mirror:v68-20241115-23.05 Mirror:v68-20241110 Mirror:v68-20241110-23.05 Mirror:v67-20241030 Mirror:v67-20241030-23.05 Mirror:v66-20241026-23.05 Mirror:v66-20241026 Mirror:v65-20241025 Mirror:v65-20241025-23.05 Mirror:v65-20241023 Mirror:v65-20241023-23.05 Mirror:v65-20241018 Mirror:v65-20241018-23.05 Mirror:v65-20241016 Mirror:v65-20241016-23.05 Mirror:v64-20241014 Mirror:v64-20241014-23.05 Mirror:v64-20241012

180 Commits
v70-202501 ... v0.8.20260

Author SHA1 Message Date
remittor
ee8089e1bb Bump version to v0.8.20260113 2026-01-13 14:37:26 +03:00
remittor
4dd7030c60 makefile: Fix conffiles section and other fixes 2026-01-13 14:31:21 +03:00
remittor
00490e3b5d shell: Fix sh-scripts (copilot) 2026-01-13 14:17:07 +03:00
remittor
126e7dea89 Fix uci-def-cfg.sh 2026-01-13 14:15:25 +03:00
remittor
fc85552e4e updater: Fix pkg_mgr_update for opkg 2026-01-13 14:14:57 +03:00
remittor
e15eaafa33 luci: Add description for "Diagnostics" button 2026-01-13 14:11:00 +03:00
remittor
5b331132a1 github: releases: Add step "Wait for GitHub API consistency" 2026-01-12 22:51:52 +03:00
remittor
5711c1f2d4 config: Fix sync for AUTOHOSTLIST_RETRANS_RESET 2026-01-12 21:56:01 +03:00
remittor
0ee7ae325e diag: Fix bugs in dwc.sh 2026-01-11 19:09:07 +03:00
remittor
c4ce5c1aeb diag: Fix load comfunc.sh 2026-01-11 17:30:42 +03:00
remittor
d50aa75e94 makefile: skip init.d.sh 2026-01-11 16:09:35 +03:00
remittor
77f8f94d38 Bump version to v0.8.20260111 2026-01-11 15:31:38 +03:00
remittor
f7e01283e7 diag: Fix DPI checker 2026-01-11 15:30:48 +03:00
remittor
5b997a5eb5 config: Add new option AUTOHOSTLIST_RETRANS_RESET 2026-01-11 14:49:19 +03:00
remittor
0e2940c338 ipset: Update zapret-hosts-user-exclude.txt 2026-01-11 14:21:48 +03:00
remittor
0e31e5d804 Add diagnostic button (DPI checker) 2026-01-11 11:54:19 +03:00
remittor
ab50c2099b luci: updater: Add new func tools.execAndRead 2026-01-10 20:51:11 +03:00
remittor
17afabe150 luci: Fix update text after edit for NFQWS2_OPT 2026-01-10 10:56:58 +03:00
remittor
2ecf3cf5d0 luci: Fix js-files for unification 2026-01-09 22:31:11 +03:00
remittor
9e8046d734 luci: Splitting file tools.js into two parts (add file env.js) 2026-01-09 21:58:12 +03:00
remittor
c68236c8fd Replace "founded" to "found" 2026-01-09 17:36:26 +03:00
remittor
706f92fea7 config: Update default values 
src: https://github.com/bol-van/zapret2/commits/master/config.default
 2026-01-09 17:10:18 +03:00
remittor
d747201f9b Bump version to v0.8.20260109 2026-01-09 16:55:37 +03:00
remittor
9ead0e1d30 build: Rewrite build script (using OpenWrt SDK from github) 2026-01-09 16:55:24 +03:00
remittor
b37b35db80 updater: Add support install packages on clean OpenWrt 
Example: ./update-pkg.sh -u 1
Example: ./update-pkg.sh -u 2
 2026-01-08 18:33:51 +03:00
remittor
9737a10e1f Bump version to v0.8.20260107 2026-01-07 23:08:59 +03:00
remittor
bc1af90349 Integrate mdig and ip2net to main package 2026-01-01 20:59:37 +03:00
remittor
11f632259e Remove mdig and ip2net packages 2026-01-01 12:30:10 +03:00
remittor
a215600415 Bump version to v0.8.20251230 2025-12-30 13:38:10 +03:00
remittor
28e6c466cb updater: Change get_actual_release error 1 to 150 2025-12-30 13:36:13 +03:00
remittor
c72921f2fa zapret: Global use of dynamic variables 2025-12-29 21:10:58 +03:00
remittor
55041b3b16 luci: updater: Skip error -32000 2025-12-29 19:36:59 +03:00
remittor
bf012b36bf updater: Fix get_pkg_version for OpenWrt 25 2025-12-29 18:33:58 +03:00
remittor
9717bc8ff7 Bump version to v0.8.20251229 2025-12-29 18:16:24 +03:00
remittor
61e234ab12 build: Rename base directories 2025-12-28 20:17:33 +03:00
remittor
c11ca1ca2e Rename all directories 2025-12-28 20:15:29 +03:00
remittor
dd35b5d50a Bump version to v0.7.20251227 2025-12-27 13:18:59 +03:00
remittor
072b742a13 luci: tools: Fix modal dialog for NFQWS2_OPT 2025-12-27 10:47:53 +03:00
remittor
487d92bda2 updater: Fix files renaming 2025-12-26 15:44:11 +03:00
remittor
71eccc6057 Bump version to v0.7.20251226 2025-12-26 09:00:21 +03:00
remittor
5f92425261 luci: Rename handleSave to handleSaveAdv 2025-12-26 08:58:30 +03:00
remittor
950672426c updater: Update func download_releases_info 2025-12-26 08:56:45 +03:00
remittor
d0c49a8e6f def-cfg: Add new strategy v2_by_Schiz23 2025-12-26 08:03:58 +03:00
remittor
2da0526472 Bump version to v0.7.20251225-r2 2025-12-25 18:06:29 +03:00
remittor
c9823adaae luci: tools: Fix show and close modal dialog for NFQWS_OPT 2025-12-25 18:01:29 +03:00
remittor
d14f26a8cb updater: Fix find base package after ZIP unpack 2025-12-25 14:54:49 +03:00
remittor
ecf49f1be8 Bump version to v0.7.20251225 2025-12-25 09:01:37 +03:00
remittor
3ef469b416 fake: Add TLS 1.3 hello from max.ru 2025-12-25 08:25:52 +03:00
remittor
88665d417a luci: tools: Fix close modal dialog for NFQWS2_OPT 2025-12-24 18:49:41 +03:00
remittor
35fb6e9a43 luci: updater: Fix timer using 2025-12-24 14:38:07 +03:00
remittor
9c7f906b72 Bump version to v0.7.20251224 2025-12-24 10:30:59 +03:00
remittor
bd3d224178 def-cfg: Add new strategy v1_by_Schiz23 2025-12-24 10:27:40 +03:00
remittor
fcf7889a93 luci: tools: Fix close modal dialog for NFQWS_OPT 2025-12-23 14:15:22 +03:00
remittor
76dcf0638d luci: dmnlog: Fix load tools.js 2025-12-20 14:16:47 +03:00
remittor
d20c81b1c1 Bump version to v0.7.20251220 2025-12-20 10:43:48 +03:00
remittor
ea2a39877d Makefile: Fix build with LUA 
Source: https://github.com/spvkgn/zapret2-openwrt/blob/main/package/nfqws2/Makefile
 2025-12-20 10:24:43 +03:00
remittor
85b7f91767 comfunc: Fix remove debug log 2025-12-20 10:12:25 +03:00
remittor
7cd7293424 luci: settings: Fix NFQWS2_PORTS_UDP_KEEPALIVE 2025-12-20 10:12:14 +03:00
remittor
116ce93c63 Bump version to v0.7.20251219 2025-12-19 17:23:10 +03:00
remittor
4f586e66b0 build: Delete riscv64 arch 2025-12-19 17:22:53 +03:00
remittor
3e19c9c9e2 luci: Fix for show menu Zapret2 2025-12-19 14:23:11 +03:00
remittor
980dd77ba1 def-cfg: Fix DAEMON_LOG_FILE value 2025-12-19 13:58:38 +03:00
remittor
aaef886826 updater: Add check for unzip installed 2025-12-19 11:12:27 +03:00
remittor
c8558cf6c1 updater: Adapt code for new version format 2025-12-19 10:44:49 +03:00
remittor
c6e2e79683 updater: Fix parsing package version (APK) 2025-12-19 10:23:52 +03:00
remittor
08e6776a81 zapret: Add depends from luajit 2025-12-18 18:11:45 +03:00
remittor
509b834729 zapret: Makefile: Fix Package-install section 2025-12-18 17:43:49 +03:00
remittor
003160cb05 build: Fix compile packages 2025-12-18 17:22:18 +03:00
remittor
682d153742 zapret: Add depends from liblua 2025-12-18 17:02:33 +03:00
remittor
e2810bbe98 build: Fix detection tag-version 2025-12-18 16:49:04 +03:00
remittor
7aecaa4ab7 config: Add new options for AutoHostList 2025-12-18 16:42:41 +03:00
remittor
03e8513703 luci: Rename files: zapret -> zapret2 2025-12-18 16:38:57 +03:00
remittor
7a4825a708 Add support Zapret2 
Sources: https://github.com/bol-van/zapret2
 2025-12-18 16:35:13 +03:00
remittor
9298388a12 build: Fix build package for riscv64 arch 2025-12-18 13:34:24 +03:00
remittor
0972ce0889 Bump version to v72.20251218 2025-12-18 11:32:56 +03:00
remittor
40084f0762 luci: Show package version with release number (exclude r1) 2025-12-18 11:30:16 +03:00
remittor
a616c6fa4e updater: Added retcode file (pid-file deleted) 2025-12-18 10:46:29 +03:00
remittor
06f45e3fbb updater: Replace wget to curl and other fixes 2025-12-18 09:19:08 +03:00
remittor
252a7eab9d Bump version to v72.20251217 2025-12-17 11:38:50 +03:00
remittor
73104ca3ca zapret: Fix makefile for install new sh-files 2025-12-17 11:33:59 +03:00
remittor
a5156e0d0c Add support check and install updates from GitHub 2025-12-17 11:31:13 +03:00
remittor
565ef66299 luci: Fix getting CPU arch info 2025-12-17 10:10:18 +03:00
remittor
1364bcbf1a ipset: Update zapret-hosts-user-exclude.txt 2025-12-16 08:23:47 +03:00
remittor
57ba961b07 github: releases: Remove draft releases 2025-12-16 08:14:32 +03:00
remittor
3a37ec9172 build: Add release number to pkg version string 2025-12-16 08:02:18 +03:00
remittor
e0ecbf5145 github: releases: Fix auto run 2025-12-15 23:15:05 +03:00
remittor
cc7ae8a91c build: Fix creation draft release 2025-12-15 23:05:32 +03:00
remittor
50ce130e1c build: Create releases.yml and auto mark all releases as prereleases 2025-12-15 20:55:20 +03:00
remittor
ac97bfae89 luci: Add showing CPU arch 2025-12-15 12:19:35 +03:00
remittor
058b3af2b3 build: releases: Create directory for releases 2025-12-14 15:11:05 +03:00
remittor
029923bac7 build: releases: Create releases for each ARCH 2025-12-14 14:25:28 +03:00
remittor
6aa114e87f build: releases: Add support second branch 2025-12-14 13:09:18 +03:00
remittor
ebd13f65c3 build: Add releases.yml to gh-pages 2025-12-14 12:42:20 +03:00
remittor
a95c938c78 build: Add arch riscv64 2025-12-14 12:42:20 +03:00
remittor
98dcd66524 luci: settings: Rename checkbox DISABLE_CUSTOM 2025-12-14 12:41:32 +03:00
remittor
1e2a9f48a2 luci: Remove unused controls from service-page 2025-12-14 12:41:03 +03:00
remittor
f63ce9d1e2 Bump version to v72.20251213 2025-12-13 10:33:20 +03:00
remittor
3f17898289 luci: Show option MODE_FILTER as checkbox: hostlist/autohostlist 2025-12-13 10:31:44 +03:00
remittor
52bd72079c install: Fix copy fake-files into distributive 2025-12-13 10:08:53 +03:00
remittor
6627678827 custom.d: Mark files into custom.d as configs 2025-12-13 10:06:56 +03:00
remittor
5691882d5e config: Fix using autohostlist option into NFQWS_OPT 2025-12-13 10:04:08 +03:00
remittor
fee8b480b0 Bump version to v72.20251212 2025-12-12 13:23:21 +03:00
remittor
2fb3ac3cc1 build: Return arm_cortex-a7_neon-vfpv4 for SNAPSHOT 2025-12-12 13:23:03 +03:00
remittor
f443195a44 build: fix gpg import 
PR: https://github.com/remittor/zapret-openwrt/pull/443
 2025-12-12 12:56:31 +03:00
remittor
5b65e2078f luci: Improved display of logs 
PR: https://github.com/remittor/zapret-openwrt/pull/526
 2025-12-12 12:53:51 +03:00
remittor
18b9394679 config: Add new options to reset settings dialog (choice of NFQWS strategy) 2025-12-12 12:27:18 +03:00
remittor
6ea3432d0c config: set DISABLE_CUSTOM=1 by default 2025-12-12 09:24:55 +03:00
remittor
5b28626ac0 custom.d: Add Stun4ALL script (50-script.sh) 2025-12-12 09:24:55 +03:00
remittor
6cbf1e3c47 ipset: Add ability for restore default ipset configs 2025-12-12 09:24:54 +03:00
remittor
2b04a6f37a fake: Added new TLS HELLO fakes 2025-12-09 14:57:25 +03:00
remittor
8ed3a6e3ae ipset: Update zapret-hosts-user-exclude.txt 2025-12-09 14:55:42 +03:00
remittor
55daf2f006 Bump version to v72.20251122 2025-11-22 11:58:46 +03:00
remittor
c60b70a02f config: Update default configs (by StressOzz v2) 2025-11-22 11:58:26 +03:00
remittor
44ff0ec3e1 Bump version to v72.20251022 2025-10-22 15:15:29 +03:00
remittor
65d90d8ed3 luci: Open each link on new page 2025-10-22 15:11:39 +03:00
remittor
e8dfb187e3 Bump version to v72.20250924 2025-09-24 13:25:50 +03:00
remittor
1b2057f00f luci: Add examples for custom.d scripts 2025-09-23 12:09:18 +03:00
remittor
7941f12c63 Bump version to v71.20250918 2025-09-18 15:17:37 +03:00
remittor
81f4b493f6 Add FILTER_MARK support 2025-09-18 15:17:18 +03:00
remittor
bd2e62c8a6 Bump version to v71.20250708 2025-07-08 11:55:41 +03:00
remittor
caa82938c1 ipset: Update zapret-hosts-google.txt 2025-07-08 11:54:28 +03:00
remittor
b1fd577bd1 config: Update default config (v71) 2025-07-08 11:46:05 +03:00
remittor
e8fc868226 Bump version to v71.20250607 2025-06-07 22:06:10 +03:00
remittor
2670ff2985 build: Exclude arch arm_cortex-a7_neon-vfpv4 for SNAPSHOT 2025-06-07 22:05:49 +03:00
remittor
dda8f254a0 comfunc: MiniFix in init_before_start 2025-06-07 15:17:18 +03:00
remittor
62401bbad5 Bump version to v70.20250505 2025-05-05 15:26:18 +03:00
remittor
c31fab4aaf config: Add new param FILTER_TTL_EXPIRED_ICMP 
Source: dc1dc5c876
 2025-05-05 15:26:17 +03:00
remittor
d56cd06281 luci: Fix access to files into custom.d dir 2025-05-05 15:26:17 +03:00
remittor
5f681a372a install: Patch luci header.ut for force update browser-cache 
Aux info: https://github.com/openwrt/luci/pull/7725
 2025-05-05 15:26:17 +03:00
remittor
d9d339e157 comfunc: Fix stdout into func adapt_for_sed 2025-05-05 15:26:17 +03:00
remittor
dfbd77bb91 install: Check service running before stop 2025-04-27 20:30:01 +03:00
remittor
aa4adc0c50 Bump version to v70.20250419 2025-04-19 17:59:55 +03:00
remittor
919c91a6c7 luci: Fix get service info on OpenWrt 21.02 2025-04-19 17:59:31 +03:00
remittor
da2cf34f9f config: Remove comment-line from NFQWS_OPT on sync 2025-04-19 17:58:52 +03:00
remittor
6b1825387f luci: Add link to help page for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
ca2b1378c6 luci: Fix view multiline for NFQWS_OPT 2025-04-19 14:36:58 +03:00
remittor
d0b03e60b6 config: Fix process empty value for NFQWS_PORTS_xxx_KEEPALIVE 2025-04-18 14:07:00 +03:00
remittor
d4fb54c2c0 Bump version to v70.20250405 2025-04-05 12:03:52 +03:00
remittor
5a7676c6f5 luci: Update link to discord custom script 2025-04-04 19:51:38 +03:00
remittor
60865aa602 ipset: Add file "zapret-hosts-user.txt" 2025-03-31 20:08:32 +03:00
remittor
f6dd684b62 comfunc: Delete auto preset "abra-cadabra.com" 2025-03-31 20:03:09 +03:00
remittor
fee8520332 Revert "build: Exclude arch arm_cortex-a7_neon-vfpv4" 
This reverts commit f912f30944.
 2025-03-28 21:21:25 +03:00
remittor
d317bcf541 Bump version to v70.20250323 2025-03-23 12:43:45 +03:00
remittor
1d27f12791 luci: Fix version check for v24.10 release pkg 2025-03-23 12:43:27 +03:00
remittor
f912f30944 build: Exclude arch arm_cortex-a7_neon-vfpv4 2025-03-23 10:39:22 +03:00
remittor
2fb9ff7095 build: Remove arch arm_mpcore 2025-03-23 08:48:01 +03:00
remittor
8792204b57 build: Add arch aarch64_cortex-a76 2025-03-23 08:41:10 +03:00
remittor
59aaa0c3eb build: Using 24.10 branch 2025-03-23 08:39:57 +03:00
remittor
f77e985d37 ipset: Add play.google.com into zapret-hosts-user-exclude.txt 2025-02-25 10:47:18 +03:00
remittor
fa668eaaff ipset: add localhost to zapret-hosts-user-exclude.txt 2025-02-25 10:46:22 +03:00
remittor
6deb6f70fb init: Fix empty zapret-hosts-user.txt on start daemons 2025-02-25 10:41:38 +03:00
remittor
d234b5f762 Bump version to v70.20250213 2025-02-13 08:49:40 +03:00
remittor
7a36045383 luci: Fix initialization L.sysFeatures 2025-02-13 08:48:47 +03:00
remittor
55036bc03c init: Add cron task for removing huge log-files 2025-02-12 20:36:43 +03:00
remittor
f2e6b6fc7e luci: Rename blacklist to HostList 2025-02-12 20:27:37 +03:00
remittor
e2313c9096 luci: Add human readable messages (dmnlog) 2025-02-11 21:21:49 +03:00
remittor
a2fe8816f1 init: Fix ipset permissions on restart 2025-02-11 19:12:03 +03:00
remittor
71794ca7e0 readme: Update badges (add actual version) 2025-02-11 10:10:48 +03:00
remittor
cded72542e Bump version to v70.20250210 2025-02-10 21:03:36 +03:00
remittor
31522f53d7 config: Fix bug (add option DAEMON_LOG_FILE for sync) 2025-02-10 21:03:03 +03:00
remittor
794f86a34c luci: Fix refresh textarea with logs 2025-02-10 19:50:03 +03:00
remittor
2529444929 luci: Use fs.read_direct instead fs.exec_direct 2025-02-10 15:00:12 +03:00
remittor
8ef98e1bcd luci: Transfer option DISABLE_CUSTOM to tab custom.d 2025-02-10 14:56:52 +03:00
remittor
57cfc5af29 install: Fix file permissions 2025-02-10 14:03:22 +03:00
remittor
8e783c4bd6 init: Fix bug (remove log on each start) 2025-02-10 09:51:56 +03:00
remittor
f7114167eb init: Remove logs on start and restart 2025-02-09 20:55:44 +03:00
remittor
adab5d93c5 luci: Add log viewer 2025-02-09 20:42:51 +03:00
remittor
41df444327 config: Add new option DAEMON_LOG_ENABLE 2025-02-09 13:28:59 +03:00
remittor
c187d544e3 build: Add init step 2025-02-09 11:59:21 +03:00
remittor
c524434b43 build: Add option TEST_BUILD 2025-02-09 11:35:01 +03:00
remittor
b73f7e93d6 build: Disable JS minification 2025-02-09 09:57:53 +03:00
remittor
4c224634c1 config: Add new option WS_USER 2025-02-08 16:13:02 +03:00
remittor
82fafaa6fe config: Add new option DISABLE_CUSTOM 2025-02-05 20:14:11 +03:00
remittor
768ebb6241 readme: Add new badges 2025-01-31 12:52:45 +03:00
remittor
0891e9d2fa github: Cleanup build script 2025-01-17 11:30:08 +03:00
remittor
fbb1239606 readme: Add download counter for latest release 2025-01-17 11:26:36 +03:00
remittor
88d82932c9 Bump version to v70.20250116 2025-01-16 19:57:33 +03:00
remittor
d169c51a11 github: Global changes 2025-01-16 19:57:22 +03:00
remittor
474baa09aa readme: Add download counter 2025-01-16 14:27:41 +03:00
remittor
b9621559c3 luci: Add support custom.d scripts 2025-01-14 09:14:14 +03:00
49 changed files with 4002 additions and 1074 deletions
Expand all files Collapse all files

31
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,31 @@
# These are supported funding model platforms
# Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
github:
# Replace with a single Patreon username
patreon:
# Replace with a single Open Collective username
open_collective:
# Replace with a single Ko-fi username
ko_fi:
# Replace with a single Tidelift platform-name/package-name e.g., npm/babel
tidelift:
# Replace with a single Community Bridge project-name e.g., cloud-foundry
community_bridge:
# Replace with a single Liberapay username
liberapay:
# Replace with a single IssueHunt username
issuehunt:
# Replace with a single Otechie username
otechie:
# Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
custom: ['https://github.com/remittor/donate']

327
.github/workflows/build.yml vendored
View File

@@ -2,51 +2,99 @@ name: build
on:
workflow_dispatch:
inputs:
test_build:
description: 'Test build'
required: false
default: 'false'
type: choice
options:
- true
- false
fake_build:
description: 'Fake build'
required: false
default: 'false'
type: choice
options:
- true
- false
max_speed:
description: 'Build with max speed'
required: false
default: 'true'
type: choice
options:
- true
- false
push:
tags:
- v[0-9]+*
env:
TEST_BUILD: ${{ github.event.inputs.test_build == 'true' }}
FAKE_BUILD: ${{ github.event.inputs.fake_build == 'true' }}
MAX_SPEED: ${{ github.event.inputs.max_speed != 'false' }}
TAG_SUFFIX: ${{ github.event.inputs.fake_build == 'true' && '-fake' || github.event.inputs.test_build == 'true' && '-test' || '' }}
REPO_NAME: zapret-openwrt
REPO_URL: https://github.com/remittor/zapret-openwrt
REPO_LNK: remittor/zapret-openwrt
REPO_BRANCH: master
PKGDIR: ${{ github.workspace }}/zapret-openwrt
SDKDIR: /builder
BUILD_DATE: unknown
REPO_DATE: unknown
LUCI_ARCH: aarch64_cortex-a53
jobs:
check:
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
outputs:
tag: ${{ steps.gh.outputs.tag }}
date: ${{ steps.gh.outputs.date }}
sha: ${{ steps.gh.outputs.sha }}
url: ${{ steps.gh.outputs.url }}
message: ${{ steps.gh.outputs.message }}
build_date: ${{ steps.gh.outputs.build_date }}
fw_date: ${{ steps.gh.outputs.fw_date }}
is_active: ${{ steps.activity.outputs.is_active }}
test_build: ${{ env.TEST_BUILD }}
fake_build: ${{ env.FAKE_BUILD }}
steps:
- name: Get repo data via GH API
id: gh
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: 'remittor/zapret-openwrt'
run: |
echo "Tag name from GITHUB_REF_NAME: $GITHUB_REF_NAME"
echo "Tag name from github.ref_name: ${{ github.ref_name }}"
BRANCH=$(gh api repos/$REPO --jq '.default_branch')
DATE=$(gh api repos/$REPO/commits/$BRANCH --jq '.commit.committer.date')
BRANCH=$(gh api repos/$REPO_LNK --jq '.default_branch')
REPO_DATE=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.committer.date')
BUILD_DATE=$( date --utc +'%Y%m%d' )
FW_DATE=$( date --utc +'%Y-%m-%d' )
{
echo "tag=$GITHUB_REF_NAME"
echo "date=$(date --utc -d $DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO/commits/$BRANCH --jq '.html_url')"
echo "date=$(date --utc -d $REPO_DATE +%Y%m%d)"
echo "sha=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.sha[0:7]')"
echo "url=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.html_url')"
echo "message<<EOF"
gh api repos/$REPO/commits/$BRANCH --jq '.commit.message'
gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.message'
echo EOF
echo "build_date=$BUILD_DATE"
echo "fw_date=$FW_DATE"
} >> $GITHUB_OUTPUT
echo "DATE=$DATE" >> $GITHUB_ENV
echo "REPO_DATE=$REPO_DATE" >> $GITHUB_ENV
- name: Check for repo activity
id: activity
env:
DATE: ${{ env.DATE }}
REPO_DATE: ${{ env.REPO_DATE }}
URL: ${{ steps.gh.outputs.url }}
run: |
TIMESTAMP=$(date --utc -d $DATE +%s)
TIMESTAMP=$(date --utc -d $REPO_DATE +%s)
DAYS=$(( ( $(date --utc +%s) - $TIMESTAMP ) / 86400 ))
echo "Repository activity: $(date --utc -d $DATE)"
echo "Repository activity: $(date --utc -d $REPO_DATE)"
echo "Commit: $URL"
if [ "${{ github.event_name }}" != "schedule" ]; then
is_active=true
@@ -58,17 +106,33 @@ jobs:
fi
echo "is_active=$is_active" >> $GITHUB_OUTPUT
var:
runs-on: ubuntu-24.04
outputs:
IPK_BRANCH: ${{ steps.set.outputs.IPK_BRANCH }}
APK_BRANCH: ${{ steps.set.outputs.APK_BRANCH }}
XXX_BRANCH: ${{ steps.set.outputs.XXX_BRANCH }}
steps:
- id: set
run: |
echo "IPK_BRANCH=v24.10.5" >> "$GITHUB_OUTPUT"
echo "APK_BRANCH=v25.12.0-rc2" >> "$GITHUB_OUTPUT"
echo "XXX_BRANCH=SNAPSHOT" >> "$GITHUB_OUTPUT"
build:
needs: check
needs: [ check, var ]
#if: needs.check.outputs.is_active == 'true'
runs-on: ubuntu-latest
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
branch: [ openwrt-23.05, SNAPSHOT ]
branch:
- ${{ needs.var.outputs.IPK_BRANCH }}
- ${{ needs.var.outputs.APK_BRANCH }}
arch:
- aarch64_cortex-a53
- aarch64_cortex-a72
- aarch64_cortex-a76
- aarch64_generic
- arm_arm1176jzf-s_vfp
- arm_arm926ej-s
@@ -82,7 +146,6 @@ jobs:
- arm_cortex-a9_neon
- arm_cortex-a9_vfpv3-d16
- arm_fa526
- arm_mpcore
- arm_xscale
- mips64_octeonplus
- mips_24kc
@@ -93,32 +156,70 @@ jobs:
- mipsel_74kc
- mipsel_mips32
- x86_64
include:
- branch: SNAPSHOT
arch: aarch64_cortex-a76
#arch: riscv64_riscv64
isTestOrFake:
- ${{ needs.check.outputs.test_build == 'true' || needs.check.outputs.fake_build == 'true' }}
exclude:
- branch: SNAPSHOT
arch: arm_mpcore
- branch: SNAPSHOT
- branch: ${{ needs.var.outputs.APK_BRANCH }}
arch: arm_cortex-a9_vfpv3-d16
- branch: ${{ needs.var.outputs.APK_BRANCH }}
arch: mips_4kec
- { isTestOrFake: true }
include:
- branch: ${{ needs.var.outputs.IPK_BRANCH }}
arch: x86_64
- branch: ${{ needs.var.outputs.IPK_BRANCH }}
arch: aarch64_cortex-a53
- branch: ${{ needs.var.outputs.APK_BRANCH }}
arch: aarch64_cortex-a53
container:
image: openwrt/sdk:${{ matrix.arch }}-${{ matrix.branch }}
image: ghcr.io/openwrt/sdk:${{ matrix.arch }}-${{ matrix.branch }}
options: --user root
outputs:
pkgver: ${{ steps.prepare.outputs.pkgver }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: 'remittor/zapret-openwrt'
path: zapret-openwrt
repository: ${{ env.REPO_LNK }}
path: ${{ env.REPO_NAME }}
- name: Fix SDK paths
run: |
mkdir -p $SDKDIR/shared-workdir
rm -rf $SDKDIR/shared-workdir/build
ln -sf $SDKDIR $SDKDIR/shared-workdir/build
- name: Initialization environment
working-directory: ${{ env.SDKDIR }}
env:
DEBIAN_FRONTEND: noninteractive
ARCH_TAG: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
FAKE_BUILD: ${{ env.FAKE_BUILD == 'true' || ( env.TEST_BUILD == 'true' && matrix.branch == needs.var.outputs.APK_BRANCH ) }}
run: |
if [ "$BRANCH" = "${{ needs.var.outputs.IPK_BRANCH }}" ]; then
echo "PKGTYPE=ipk" >> $GITHUB_ENV
else
echo "PKGTYPE=apk" >> $GITHUB_ENV
fi
mkdir -p ./logs
#echo ============== $SDKDIR ======================
#ls -la $SDKDIR
#echo ----------------------------------------------
echo "FAKE_BUILD=$FAKE_BUILD" >> $GITHUB_ENV
echo "ARCH_TAG=$ARCH_TAG" >> $GITHUB_ENV
echo "BRANCH=$BRANCH" >> $GITHUB_ENV
echo "TZ=UTC" >> $GITHUB_ENV
- name: Setup OpenWrt SDK
if: ${{ matrix.branch == 'openwrt-23.05' || matrix.branch == 'SNAPSHOT' }}
working-directory: /builder
shell: bash
if: false
working-directory: ${{ env.SDKDIR }}
run: |
# gpg --verbose --recv-keys 0x1D53D1877742E911
gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc')
# gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc')
gpg --verbose --import <(wget -qO- 'https://raw.githubusercontent.com/openwrt/keyring/refs/heads/master/gpg/0x1D53D1877742E911.asc')
# disable check signatures
sed -i 's/gpg --/#gpg --/g' setup.sh
# disable cleanup keys
@@ -127,115 +228,175 @@ jobs:
ls -lh
- name: Setup ccache
if: false
uses: actions/cache@v4
with:
path: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
path: ${{ env.SDKDIR }}/.ccache
key: ccache-${{ matrix.arch }}-${{ matrix.branch }}-${{ github.run_id }}
restore-keys: |
ccache-${{ matrix.arch }}-${{ matrix.branch }}-
- name: Build packages
id: build
working-directory: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt' || '/builder' }}
env:
DATE: ${{ needs.check.outputs.date }}
SHA: ${{ needs.check.outputs.sha }}
ARCH: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
CCACHE_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/.ccache' || '/builder/.ccache' }}
shell: bash
- name: Prepare packages
id: prepare
working-directory: ${{ env.SDKDIR }}
run: |
MKFN=$( ls -1 $PKGDIR/luci-app-zapret*/Makefile )
PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 )
PKGREL=$( grep -s '^PKG_RELEASE:=.*' $MKFN | cut -d'=' -f2 )
[ "$PKGREL" != "1" ] && PKGVER=$PKGVER-r$PKGREL
echo "PKG_VERSION = $PKGVER"
cp -vr $PKGDIR ./package/$REPO_NAME/
echo "PKGVER=$PKGVER" >> $GITHUB_ENV
echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT
echo "status=success" >> $GITHUB_OUTPUT
- name: Init packages
id: init
if: steps.prepare.outputs.status == 'success'
working-directory: ${{ env.SDKDIR }}
run: |
#export PKG_VERSION=$(date --utc -d $DATE +%Y%m%d)
#find $GITHUB_WORKSPACE/zapret-openwrt -type d -path '*/package/zapret' -exec cp -vr {} ./package \;
cp -vr $GITHUB_WORKSPACE/zapret-openwrt ./package/zapret-openwrt/
mv feeds.conf.default feeds.conf
sed -i -e 's|base.*\.git|base https://github.com/openwrt/openwrt.git|' feeds.conf
sed -i -e 's|packages.*\.git|packages https://github.com/openwrt/packages.git|' feeds.conf
sed -i -e 's|luci.*\.git|luci https://github.com/openwrt/luci.git|' feeds.conf
./scripts/feeds update base packages luci
./scripts/feeds install -a
echo "status=success" >> $GITHUB_OUTPUT
- name: Init config
id: config
if: steps.init.outputs.status == 'success'
working-directory: ${{ env.SDKDIR }}
run: |
make defconfig
echo "------------- .config BEG -------------------"
cat .config
echo "------------- .config END -------------------"
PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile`
make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1
find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete
sed -i 's/CONFIG_LUCI_JSMIN=y/CONFIG_LUCI_JSMIN=n/g' .config
echo "status=success" >> $GITHUB_OUTPUT
- name: Show config
working-directory: ${{ env.SDKDIR }}
run: |
cat .config || echo "File .config not found"
- name: Build packages
id: build
if: steps.config.outputs.status == 'success' && env.FAKE_BUILD != 'true'
working-directory: ${{ env.SDKDIR }}
env:
ARCH_TAG: ${{ matrix.arch }}
run: |
PKGLIST="package/zapret-openwrt/zapret2/compile"
if [ "$ARCH_TAG" = "$LUCI_ARCH" ]; then
PKGLIST="$PKGLIST package/zapret-openwrt/luci-app-zapret2/compile"
fi
MAKE_JOBS=$(nproc)
echo "$MAKE_JOBS thread compile"
if [ "$MAX_SPEED" != "true" ]; then
make $PKGLIST V=sc BUILD_LOG=1
else
make $PKGLIST -j$MAKE_JOBS
fi
echo "status=success" >> $GITHUB_OUTPUT
- name: Build packages (FAKE)
id: build_fake
if: env.FAKE_BUILD == 'true'
working-directory: ${{ env.SDKDIR }}
env:
ARCH_TAG: ${{ matrix.arch }}
run: |
OUT_DIR=./bin/packages/dev_x/base
mkdir -p $OUT_DIR
touch $OUT_DIR/zapret2_$PKGVER-$ARCH_TAG.$PKGTYPE
touch $OUT_DIR/luci-app-zapret2_$PKGVER-all.$PKGTYPE
echo "status=success" >> $GITHUB_OUTPUT
- name: Install packages
id: install
if: steps.build.outputs.status == 'success' || steps.build_fake.outputs.status == 'success'
working-directory: ${{ env.SDKDIR }}
env:
ARCH_TAG: ${{ matrix.arch }}
SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }}
run: |
find ./bin/packages/*/base -type f ! -regex ".*\(zapret2\).*\.[ai]pk$" -delete
#echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source"
#ln -s `which usign` staging_dir/host/bin/usign
#echo "$SIGN_KEY" | base64 -d > key-build
#make package/index
tar -C ./bin/packages/*/base -cvf $GITHUB_WORKSPACE/pkg-$BRANCH-$ARCH.tar --transform "s|^\./|${BRANCH/openwrt-}/$ARCH/|" --show-transformed-names .
./staging_dir/host/bin/ccache --max-size=10M --show-stats
OUTDIR=$GITHUB_WORKSPACE/$PKGTYPE-$ARCH_TAG
mkdir -p $OUTDIR
cp -R ./bin/packages/*/base/. $OUTDIR/
echo "OUTDIR=$OUTDIR" >> $GITHUB_ENV
echo "status=success" >> $GITHUB_OUTPUT
- name: Compress build logs
if: always()
env:
ARCH: ${{ matrix.arch }}
ARCH_TAG: ${{ matrix.arch }}
BRANCH: ${{ matrix.branch }}
LOGS_DIR: ${{ matrix.branch == 'openwrt-19.07' && '/home/build/openwrt/logs' || '/builder/logs' }}
LOGS_DIR: ${{ env.SDKDIR }}/logs
run: |
tar -cJvf logs-$BRANCH-$ARCH.tar.xz $LOGS_DIR
tar -cJvf logs-$BRANCH-$ARCH_TAG.tar.xz $LOGS_DIR
- name: Upload packages
if: steps.build.outcome == 'success'
uses: actions/upload-artifact@v4
if: steps.install.outcome == 'success'
uses: actions/upload-artifact@main
with:
name: pkg-${{ matrix.branch }}-${{ matrix.arch }}
path: pkg-*.tar
path: ${{ env.OUTDIR }}
name: zapret,${{ env.PKGTYPE }},${{ matrix.arch }}
if-no-files-found: error
- name: Upload build logs
if: always()
uses: actions/upload-artifact@v4
with:
name: logs-${{ matrix.branch }}-${{ matrix.arch }}
path: logs-*.tar.xz
name: logs-${{ matrix.branch }}-${{ matrix.arch }}
release:
needs: [ check, build ]
permissions:
contents: write
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
branch: [ 'SNAPSHOT', '23.05' ]
runs-on: ubuntu-24.04
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
pattern: pkg-*
pattern: zapret,*
- name: Put packages into zip
env:
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
DATE: ${{ needs.check.outputs.date }}
BUILD_DATE: ${{ needs.check.outputs.build_date }}
PKGVER: ${{ needs.build.outputs.pkgver }}
run: |
echo "------------- DIR BEG -------------------"
ls -la
echo "------------- DIR END -------------------"
mkdir -p sorted
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)/apk' \;
find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)' \;
find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)/apk' \;
LUCI_IPK=$( find . -type f -path "*/zapret,ipk,*/luci-app-zapret*.ipk" -print | head -n 1 )
LUCI_APK=$( find . -type f -path "*/zapret,apk,*/luci-app-zapret*.apk" -print | head -n 1 )
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \;
find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \;
mkdir -p public
find . -name "*-$BRANCH-*.tar" -exec tar -xvf {} --wildcards '*.*pk' \;
find $BRANCH -mindepth 1 -type d -exec sh -c 'zip -0 ./public/zapret_${TAG}_$(basename {}).zip -j {} {}/*' \;
find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret2_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \;
ls -lh ./public/*.zip
- name: Upload assets
uses: andelf/nightly-release@main
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BRANCH: ${{ matrix.branch }}
TAG: ${{ needs.check.outputs.tag }}
with:
prerelease: false
tag_name: ${{ needs.check.outputs.tag }}-${{ matrix.branch }}
name: '${{ needs.check.outputs.tag }} for OpenWrt ${{ matrix.branch }}'
draft: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }}
prerelease: true
tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }}
name: zapret2 v${{ needs.build.outputs.pkgver }}
body: |
${{ needs.check.outputs.url }}: ${{ needs.check.outputs.message }}
zapret2 v${{ needs.build.outputs.pkgver }} for OpenWrt
files: ./public/*.zip

196
.github/workflows/releases.yml vendored Normal file
View File

@@ -0,0 +1,196 @@
name: Update releases.json
on:
workflow_run:
workflows: ["build"]
types: [completed]
release:
types: [published, unpublished, created, edited, deleted, prereleased]
permissions:
contents: write
jobs:
update-json:
if: |
github.event_name != 'workflow_run' ||
github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
steps:
- name: Checkout gh-pages
uses: actions/checkout@v4
with:
ref: gh-pages
continue-on-error: true
- name: Wait for GitHub API consistency (release events)
if: github.event_name == 'release'
env:
REPO: ${{ github.repository }}
ACTION: ${{ github.event.action }}
TARGET_ID: ${{ github.event.release.id }}
TARGET_NAME: ${{ github.event.release.name }}
run: |
set -e
echo "Release action: $ACTION"
echo "Target release id: $TARGET_ID"
max=10
delay=6
check() {
curl -s https://api.github.com/repos/$REPO/releases
}
for iter in $(seq 1 $max); do
case "$ACTION" in
created)
echo "Release created (draft). No API wait needed."
exit 0
;;
published|prereleased)
if check | jq "any(.[]; .id == $TARGET_ID)"; then
echo "Release appeared in API"
exit 0
fi
;;
deleted)
if ! check | jq "any(.[]; .id == $TARGET_ID)"; then
echo "Release disappeared from API"
exit 0
fi
;;
unpublished)
if check | jq "any(.[]; .id == $TARGET_ID and .draft == true)"; then
echo "Release is now draft"
exit 0
fi
;;
edited)
if check | jq "any(.[]; .id == $TARGET_ID and .name == \"$TARGET_NAME\")"; then
echo "Release updated"
exit 0
fi
;;
*)
echo "No consistency wait needed for action: $ACTION"
exit 0
;;
esac
echo "Retry $iter/$max..."
sleep "$delay"
done
echo "WARNING: API consistency timeout for action $ACTION"
- name: Save FULL releases.json
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OWNER: ${{ github.repository_owner }}
REPO: ${{ github.event.repository.name }}
run: |
curl -s \
-H "Authorization: Bearer $GH_TOKEN" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/$OWNER/$REPO/releases \
> releases.json
- name: Generate releases_BRANCH.json
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OWNER: ${{ github.repository_owner }}
REPO: ${{ github.event.repository.name }}
run: |
curl -s \
-H "Authorization: Bearer $GH_TOKEN" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/$OWNER/$REPO/releases \
| jq '
def normalize_release:
{
id: .id,
version: (.tag_name | sub("^v"; "")),
tag: .tag_name,
name: .name,
draft: .draft,
prerelease: .prerelease,
created_at: .created_at,
published_at: .published_at,
url: .html_url,
assets: (
.assets | map({
id: .id,
name: .name,
size: .size,
content_type: .content_type,
browser_download_url: .browser_download_url
})
)
};
sort_by(.created_at) | reverse
| {
zap1: (
map(select(.draft == false))
| map(select(.name | startswith("zapret ")))
| .[0:20]
| {
generated_at: (now | todate),
releases: map(normalize_release)
}
),
zap2: (
map(select(.draft == false))
| map(select(.name | startswith("zapret2 ")))
| .[0:20]
| {
generated_at: (now | todate),
releases: map(normalize_release)
}
)
}
' \
| tee \
>(jq '.zap1' > releases_zap1.json) \
>(jq '.zap2' > releases_zap2.json)
- name: Generate releases_BRANCH_ARCH.json
run: |
BRANCHES=("zap1" "zap2")
for ARCH in $(jq -r '.[] | .assets[].name | capture("^[^_]+_[^_]+_(?<arch>.+)\\.zip$").arch' releases.json | sort -u); do
for BRANCH in "${BRANCHES[@]}"; do
if [ "$BRANCH" == "zap1" ]; then
PREFIX="zapret "
else
PREFIX="zapret2 "
fi
jq --arg prefix "$PREFIX" --arg arch "$ARCH" '
sort_by(.created_at) | reverse
| map(select(.draft == false))
| map(select(.name | startswith($prefix)))
| .[0:20]
| map(
. as $release
| {
tag: $release.tag_name,
name: $release.name,
prerelease: $release.prerelease,
created_at: $release.created_at,
updated_at: $release.updated_at,
published_at: $release.published_at,
url: $release.html_url,
assets: ($release.assets | map(select(.name | test("_\($arch)\\.zip$"))))
}
)
| { generated_at: (now | todate), releases: . }
' releases.json > "releases_${BRANCH}_${ARCH}.json"
done
done
- name: Commit and push ALL releases.json
run: |
mkdir -p releases
mv releases*.json releases/
git config user.name "github-actions"
git config user.email "github-actions@github.com"
git checkout -B gh-pages
git add releases/*
git commit -m "Update releases" || exit 0
git push origin gh-pages

14
README.md
View File

@@ -1,7 +1,12 @@
[![build](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml/badge.svg)](https://github.com/remittor/zapret-openwrt/actions/workflows/build.yml)
[![GitHub Release](https://img.shields.io/github/release/remittor/zapret-openwrt)](https://github.com/remittor/zapret-openwrt/releases)
[![Github All Releases](https://img.shields.io/github/downloads/remittor/zapret-openwrt/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![Github Latest Release](https://img.shields.io/github/downloads/remittor/zapret-openwrt/latest/total.svg)](https://github.com/remittor/zapret-openwrt/releases)
[![ViewCount](https://views.whatilearened.today/views/github/remittor/zapret-openwrt.svg)](https://github.com/remittor/zapret-openwrt)
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fremittor%2Fzapret-openwrt&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=hits&edge_flat=false)](https://github.com/remittor/zapret-openwrt/releases)
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)
# zapret-openwrt
Zapret is not a VPN! Zapret is an Anti-DPI utility!
Zapret2 is not a VPN! Zapret2 is an Anti-DPI utility!
[Instructions for installing](https://github.com/remittor/zapret-openwrt/wiki/Installing-zapretopenwrt-package)
@@ -13,7 +18,4 @@ Zapret is not a VPN! Zapret is an Anti-DPI utility!
## Donations
<img src=https://cdn-icons-png.flaticon.com/16/14446/14446252.png alt="USDT" style="vertical-align: middle;"/> USDT (ethereum network)
```
0x840E78D3E47A7ed4987bc36b4A4f0C5240bd7DE8
```
[![Donations Page](https://github.com/andry81-cache/gh-content-static-cache/raw/master/common/badges/donate/donate.svg)](https://github.com/remittor/donate)

37
luci-app-zapret/root/usr/share/luci/menu.d/luci-app-zapret.json
View File

@@ -1,37 +0,0 @@
{
"admin/services/zapret": {
"title": "Zapret",
"order": 61,
"action": {
"type": "alias",
"path": "admin/services/zapret/service"
},
"depends": {
"acl": [ "luci-app-zapret" ],
"fs": {
"/opt/zapret/sync_config.sh": "executable",
"/opt/zapret/restore-def-cfg.sh": "executable",
"/etc/init.d/zapret": "executable"
},
"uci": { "zapret": true }
}
},
"admin/services/zapret/service": {
"title": "Service",
"order": 10,
"action": {
"type": "view",
"path": "zapret/service"
}
},
"admin/services/zapret/settings": {
"title": "Settings",
"order": 20,
"action": {
"type": "view",
"path": "zapret/settings"
}
}
}

31
luci-app-zapret/root/usr/share/rpcd/acl.d/luci-app-zapret.json
View File

@@ -1,31 +0,0 @@
{
"luci-app-zapret": {
"description": "Grant access to zapret procedures",
"read": {
"cgi-io": [ "exec" ],
"file": {
"/opt/zapret/config": [ "read" ],
"/opt/zapret/ipset/*": [ "read" ],
"/etc/crontabs/root": [ "read" ],
"/etc/init.d/zapret*": [ "exec" ],
"/bin/busybox*": [ "exec" ],
"/bin/opkg*": [ "exec" ],
"/usr/bin/apk*": [ "exec" ],
"/opt/zapret/restore-def-cfg.sh*": [ "exec" ],
"/opt/zapret/sync_config.sh*": [ "exec" ]
},
"uci": [ "zapret", "network" ],
"ubus": {
"luci": [ "getInitList", "setInitAction" ]
}
},
"write": {
"file": {
"/opt/zapret/config": [ "write" ],
"/opt/zapret/ipset/*.txt": [ "write" ],
"/etc/crontabs/root": [ "write" ]
},
"uci": [ "zapret" ]
}
}
}

9
luci-app-zapret/Makefile → luci-app-zapret2/Makefile
View File

@@ -4,13 +4,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-zapret
PKG_VERSION:=70.20250109
PKG_NAME:=luci-app-zapret2
PKG_VERSION:=0.8.20260113
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_MAINTAINER:=remittor <https://github.com/remittor>
LUCI_TITLE:=LuCI support for zapret
LUCI_DEPENDS:=+zapret
LUCI_TITLE:=LuCI support for zapret2
LUCI_DEPENDS:=+zapret2
LUCI_PKGARCH:=all
define Package/$(PKG_NAME)/postinst

96
luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/diagnost.js Normal file
View File

@@ -0,0 +1,96 @@
'use strict';
'require baseclass';
'require fs';
'require poll';
'require uci';
'require ui';
'require view';
'require view.zapret2.tools as tools';
const btn_style_neutral = 'btn';
const btn_style_action = 'btn cbi-button-action';
const btn_style_positive = 'btn cbi-button-save important';
const btn_style_negative = 'btn cbi-button-reset important';
const btn_style_warning = 'btn cbi-button-negative';
const btn_style_success = 'btn cbi-button-success important';
const fn_dwc_sh = '/opt/'+tools.appName+'/dwc.sh';
return baseclass.extend({
appendLog: function(msg, end = '\n')
{
this.logArea.value += msg + end;
this.logArea.scrollTop = this.logArea.scrollHeight;
},
dpiCheck: async function()
{
this._action = 'dpiCheck';
this.appendLog('DPI check [tcp 16-20]...');
this.appendLog('Original sources: https://github.com/hyperion-cs/dpi-checkers');
this.appendLog('WEB-version: https://hyperion-cs.github.io/dpi-checkers/ru/tcp-16-20/');
let cmd = [ fn_dwc_sh ];
let log = '/tmp/'+tools.appName+'_dwc.log';
let callback = this.execAndReadCallback;
let wnd = this;
return tools.execAndRead({ cmd: cmd, log: log, logArea: this.logArea, callback: callback, cbarg: wnd });
},
execAndReadCallback: function(wnd, rc, txt = '')
{
if (rc == 0 && txt) {
if (wnd._action == 'dpiCheck') {
wnd.appendLog('=========================================================');
return;
}
}
if (rc >= 500) {
if (txt) {
wnd.appendLog(txt.startsWith('ERROR') ? txt : 'ERROR: ' + txt);
} else {
wnd.appendLog('ERROR: ' + wnd._action + ': Terminated with error code = ' + rc);
}
} else {
wnd.appendLog('ERROR: Process finished with retcode = ' + rc);
}
wnd.appendLog('=========================================================');
},
openDiagnostDialog: function(pkg_arch)
{
this.pkg_arch = pkg_arch;
this.logArea = E('textarea', {
'id': 'widget.modal_content',
'readonly': true,
'style': 'width:100% !important; font-family: monospace;',
'rows': 26,
'wrap': 'off',
});
this.btn_cancel = E('button', {
'id': 'btn_cancel',
'name': 'btn_cancel',
'class': btn_style_warning,
}, _('Cancel'));
this.btn_cancel.onclick = ui.hideModal;
this.btn_dpicheck = E('button', {
'id': 'btn_dpicheck',
'name': 'btn_dpicheck',
'class': btn_style_action,
}, _('DPI check [tcp 16-20]'));
this.btn_dpicheck.onclick = ui.createHandlerFn(this, () => { this.dpiCheck() });
ui.showModal(_('Diagnostics'), [
E('div', { 'class': 'cbi-section' }, [
this.logArea,
]),
E('div', { 'class': 'right' }, [
this.btn_dpicheck,
' ',
this.btn_cancel,
])
]);
}
});

204
luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/dmnlog.js Normal file
View File

@@ -0,0 +1,204 @@
'use strict';
'require view';
'require fs';
'require form';
'require poll';
'require uci';
'require ui';
'require view.zapret2.tools as tools';
return view.extend({
retrieveLog: async function() {
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
fs.exec('/usr/bin/find', [ '/tmp', '-maxdepth', '1', '-type', 'f', '-name', tools.appName+'+*.log' ]),
uci.load(tools.appName),
]).then(function(status_array) {
var filereader = status_array[0] ? status_array[0].path : null;
var log_data = status_array[1]; // stdout: multiline text
if (log_data.code != 0) {
ui.addNotification(null, E('p', _('Unable to get log files') + '(code = ' + log_data.code + ') : retrieveLog()'));
return null;
}
var reason = '';
var uci_cfg = uci.get(tools.appName, 'config');
if (uci_cfg !== null && typeof(uci_cfg) === 'object') {
let flag = uci_cfg.DAEMON_LOG_ENABLE;
if (flag != '1') {
reason = ' (Reason: option DAEMON_LOG_ENABLE = ' + flag + ')';
}
}
if (typeof(log_data.stdout) !== 'string') {
return 'Log files not found.' + reason;
}
var log_list = log_data.stdout.trim().split('\n');
if (log_list.length <= 0) {
return 'Log files not found!' + reason;
}
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/') && logfn.endsWith('+main.log')) {
log_list.splice(i, 1);
log_list.unshift(logfn);
break;
}
}
var tasks = [ ];
var logdata = [ ];
for (let i = 0; i < log_list.length; i++) {
let logfn = log_list[i].trim();
if (logfn.startsWith('/tmp/')) {
//console.log('LOG: ' + logfn);
logdata.push( { filename: logfn, data: null, rows: 0 } );
tasks.push( fs.read_direct(logfn) );
}
}
return Promise.all(tasks).then(function(log_array) {
for (let i = 0; i < log_array.length; i++) {
if (log_array[i]) {
logdata[i].data = log_array[i];
logdata[i].rows = tools.getLineCount(log_array[i]) + 1;
}
}
return logdata;
}).catch(function(e) {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ %s | %s | %s ]'.format(
e.message, 'retrieveLogData', 'uci.'+tools.appName
)));
return null;
});
}).catch(function(e) {
const [, lineno, colno] = e.stack.match(/(\d+):(\d+)/);
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ lineno: %s | %s | %s | %s ]'.format(
e.message, lineno, 'retrieveLog', 'uci.'+tools.appName
)));
return null;
});
},
pollLog: async function() {
let logdate_len = -2;
let logdata;
for (let txt_id = 0; txt_id < 10; txt_id++) {
let elem = document.getElementById('dmnlog_' + txt_id);
if (!elem)
break;
if (logdate_len == -2) {
logdata = await this.retrieveLog();
logdate_len = (Array.isArray(logdata)) ? logdata.length : -1;
}
let elem_name = elem.getAttribute("name");
let found = false;
if (logdate_len > 0) {
for (let log_num = 0; log_num < logdate_len; log_num++) {
if (logdata[log_num].filename == elem_name) {
if (logdata[log_num].data) {
elem.value = logdata[log_num].data;
elem.rows = logdata[log_num].rows;
found = true;
//console.log('POLL: updated ' + elem_name);
}
break;
}
}
}
if (!found) {
elem.value = '';
elem.rows = 0;
}
}
},
load: async function() {
poll.add(this.pollLog.bind(this));
return await this.retrieveLog();
},
render: function(logdata) {
if (!logdata) {
return;
}
if (typeof(logdata) === 'string') {
return E('div', {}, [
E('p', {'class': 'cbi-title-field'}, [ logdata ]),
]);
}
if (!Array.isArray(logdata)) {
ui.addNotification(null, E('p', _('Unable to get log files') + ' : render()'));
return;
}
var h2 = E('div', {'class' : 'cbi-title-section'}, [
E('h2', {'class': 'cbi-title-field'}, [ tools.AppName + ' - ' + _('Log Viewer') ]),
]);
var tabs = E('div', {}, E('div'));
for (let log_num = 0; log_num < logdata.length; log_num++) {
//console.log('REN: ' + logdata[log_num].filename + ' : ' + logdata[log_num].data.length);
var logfn = logdata[log_num].filename;
let filename = logfn.replace(/.*\//, '');
let fname = filename.split('.')[0];
if (tools.appName == 'zapret2') {
fname = fname.replace(/^(zapret2\+)/, '');
} else {
fname = fname.replace(/^(zapret\+)/, '');
}
let fn = fname.split('+');
let tabNameText = fname.replace(/\+/g, ' ');
let tabname = 'tablog_' + log_num;
var scrollDownButton = null;
var scrollUpButton = null;
scrollDownButton = E('button', {
'id': 'scrollDownButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to tail', 'scroll to bottom (the tail) of the log file')
);
scrollDownButton.addEventListener('click', function() {
scrollUpButton.focus();
});
scrollUpButton = E('button', {
'id' : 'scrollUpButton_' + log_num,
'class': 'cbi-button cbi-button-neutral'
}, _('Scroll to head', 'scroll to top (the head) of the log file')
);
scrollUpButton.addEventListener('click', function() {
scrollDownButton.focus();
});
let log_id = 'dmnlog_' + log_num;
let log_name = logdata[log_num].filename;
let log_text = (logdata[log_num].data) ? logdata[log_num].data : '';
let tab = E('div', { 'data-tab': tabname, 'data-tab-title': tabNameText }, [
E('div', { 'id': 'content_dmnlog_' + log_num }, [
E('div', {'style': 'margin-bottom: 20px; '}, [ scrollDownButton ]),
E('textarea', {
'id': log_id,
'name': log_name,
'style': 'font-size:12px; width: 100%; max-height: 50vh;',
'readonly': 'readonly',
'wrap': 'off',
'rows': logdata[log_num].rows,
}, [ log_text ]),
E('div', {'style': 'margin-top: 20px'}, [ scrollUpButton ]),
]),
]);
tabs.firstElementChild.appendChild(tab);
}
ui.tabs.initTabGroup(tabs.firstElementChild.childNodes);
//this.pollFn = L.bind(this.handleScanRefresh, this);
//poll.add(this.pollFn);
return E('div', { }, [ h2, tabs ]);
},
handleSaveApply: null,
handleSave: null,
handleReset: null
});

52
luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/env.js Normal file
View File

@@ -0,0 +1,52 @@
'use strict';
'require baseclass';
return baseclass.extend({
packager : { },
appName : 'zapret2',
AppName : 'Zapret2',
execPath : '/etc/init.d/zapret2',
appDir : '/opt/zapret2',
syncCfgPath : '/opt/zapret2/sync_config.sh',
defCfgPath : '/opt/zapret2/def-cfg.sh',
defaultCfgPath : '/opt/zapret2/restore-def-cfg.sh',
hostsGoogleFN : '/opt/zapret2/ipset/zapret-hosts-google.txt',
hostsUserFN : '/opt/zapret2/ipset/zapret-hosts-user.txt',
hostsUserExcludeFN: '/opt/zapret2/ipset/zapret-hosts-user-exclude.txt',
iplstExcludeFN : '/opt/zapret2/ipset/zapret-ip-exclude.txt',
iplstUserFN : '/opt/zapret2/ipset/zapret-ip-user.txt',
iplstUserExcludeFN: '/opt/zapret2/ipset/zapret-ip-user-exclude.txt',
custFileMax : 4,
custFileTemplate : '/opt/zapret2/ipset/cust%s.txt',
customdPrefixList : [ 10, 20, 50, 60, 90 ] ,
customdFileFormat : '/opt/zapret2/init.d/openwrt/custom.d/%s-script.sh',
discord_num : 50,
discord_url : [ 'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-discord-media',
'https://github.com/bol-van/zapret2/blob/master/init.d/custom.d.examples.linux/50-stun4all',
'https://github.com/bol-van/zapret2/tree/master/init.d/custom.d.examples.linux'
],
nfqws_opt_url : 'https://github.com/remittor/zapret-openwrt/discussions/',
autoHostListFN : '/opt/zapret2/ipset/zapret-hosts-auto.txt',
autoHostListDbgFN : '/opt/zapret2/ipset/zapret-hosts-auto-debug.log',
load_env: function(dst_obj) {
let env_proto = Object.getPrototypeOf(this);
Object.getOwnPropertyNames(env_proto).forEach(function(key) {
if (key === 'constructor' || key === 'load_env' || key.startsWith('__'))
return;
dst_obj[key] = env_proto[key];
});
dst_obj.packager = { };
if (L.hasSystemFeature('apk')) {
dst_obj.packager.name = 'apk';
dst_obj.packager.path = '/usr/bin/apk';
dst_obj.packager.args = [ 'list', '-I', '*'+this.appName+'*' ];
} else {
dst_obj.packager.name = 'opkg';
dst_obj.packager.path = '/bin/opkg';
dst_obj.packager.args = [ 'list-installed', '*'+this.appName+'*' ];
}
}
});

133
luci-app-zapret/htdocs/luci-static/resources/view/zapret/service.js → luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/service.js
View File

@@ -4,7 +4,9 @@
'require uci';
'require ui';
'require view';
'require view.zapret.tools as tools';
'require view.zapret2.tools as tools';
'require view.zapret2.diagnost as diagnost';
'require view.zapret2.updater as updater';
const btn_style_neutral = 'btn';
const btn_style_action = 'btn cbi-button-action';
@@ -21,8 +23,9 @@ return view.extend({
start : elems.btn_start || document.getElementById('btn_start'),
restart : elems.btn_restart || document.getElementById('btn_restart'),
stop : elems.btn_stop || document.getElementById('btn_stop'),
reset : elems.btn_reset || document.getElementById('btn_reset'),
diag : elems.btn_diag || document.getElementById('btn_diag'),
update : elems.btn_update || document.getElementById('btn_update'),
reset : elems.btn_update || document.getElementById('btn_reset'),
};
},
@@ -37,22 +40,24 @@ return view.extend({
btn.start.disabled = flag;
btn.restart.disabled = flag;
btn.stop.disabled = flag;
btn.update.disabled = true; // TODO
btn.reset.disabled = (error_code == 0) ? flag : false;
btn.update.disabled = (error_code == 0) ? flag : false;
},
getAppStatus: function() {
return Promise.all([
tools.getInitState(tools.appName), // svc_boot
fs.exec(tools.execPath, [ 'enabled' ]), // svc_en
fs.exec(tools.execPath, [ 'info' ]), // svc_info
tools.getSvcInfo(), // svc_info
fs.exec('/bin/busybox', [ 'ps' ]), // process list
fs.exec(tools.packager.path, tools.packager.args), // installed packages
tools.getStratList(), // nfqws strategy list
fs.exec('/bin/cat', [ '/etc/openwrt_release' ]), // CPU arch
uci.load(tools.appName), // config
]).catch(e => {
ui.addNotification(null, E('p', _('Unable to execute or read contents')
+ ': %s [ %s | %s | %s ]'.format(
e.message, tools.execPath, 'tools.getInitState', 'uci.zapret'
e.message, tools.execPath, 'tools.getInitState', 'uci.'+tools.appName
)));
});
},
@@ -61,7 +66,7 @@ return view.extend({
let cfg = uci.get(tools.appName, 'config');
if (!status_array || cfg == null || typeof(cfg) !== 'object') {
let elem_status = elems.status || document.getElementById("status");
elem_status.innerHTML = tools.makeStatusString(null);
elem_status.innerHTML = tools.makeStatusString(null, '', '');
ui.addNotification(null, E('p', _('Unable to read the contents') + ': setAppStatus()'));
this.disableButtons(true, -1, elems);
return;
@@ -71,11 +76,16 @@ return view.extend({
let svc_info = status_array[2]; // stdout: JSON as text
let proc_list = status_array[3]; // stdout: multiline text
let pkg_list = status_array[4]; // stdout: installed packages
let stratlist = status_array[5]; // array of strat names
let sys_info = status_array[6]; // stdout: openwrt distrib info
this.nfqws_strat_list = stratlist;
this.pkg_arch = tools.getConfigPar(sys_info.stdout, 'DISTRIB_ARCH', 'unknown');
//console.log('svc_en: ' + svc_en.code);
svc_en = (svc_en.code == 0) ? true : false;
if (svc_info.code != 0) {
if (typeof(svc_info) !== 'object') {
ui.addNotification(null, E('p', _('Unable to read the service info') + ': setAppStatus()'));
this.disableButtons(true, -1, elems);
return;
@@ -97,8 +107,8 @@ return view.extend({
svcinfo = tools.decode_svc_info(svc_en, svc_info, proc_list, cfg);
}
let btn = this.get_svc_buttons(elems);
btn.update.disabled = true; // TODO
btn.reset.disabled = false;
btn.update.disabled = false;
if (Number.isInteger(svcinfo)) {
ui.addNotification(null, E('p', _('Error')
@@ -118,7 +128,7 @@ return view.extend({
}
}
let elem_status = elems.status || document.getElementById("status");
elem_status.innerHTML = tools.makeStatusString(svcinfo, cfg.FWTYPE, 'user_only');
elem_status.innerHTML = tools.makeStatusString(svcinfo, this.pkg_arch, '');
if (!poll.active()) {
poll.start();
@@ -147,7 +157,7 @@ return view.extend({
});
},
serviceActionEx: function(action, button, hide_modal = false) {
serviceActionEx: function(action, button, args = [ ], hide_modal = false) {
if (button) {
let elem = document.getElementById(button);
this.disableButtons(true, elem);
@@ -164,7 +174,7 @@ return view.extend({
}
else if (action == 'reset') {
exec_cmd = tools.defaultCfgPath;
exec_arg = [ 'sync' ]; // restore config + sync configs
exec_arg = args; // (reset_ipset)(sync) ==> restore all configs + sync config
errmsg = _('Unable to run restore-def-cfg.sh script.');
action = null;
} else {
@@ -199,17 +209,7 @@ return view.extend({
let elem = document.getElementById(button);
this.disableButtons(true, elem);
}
poll.stop();
if (action === 'update') {
this.getAppStatus().then(
(status_array) => {
this.setAppStatus(status_array, [], 4);
}
);
}
return fs.exec_direct(tools.execPath, [ action ]).then(res => {
return this.getAppStatus().then(
(status_array) => {
@@ -228,6 +228,34 @@ return view.extend({
dialogResetCfg: function(ev) {
ev.target.blur();
let reset_base = E('label', [
E('input', { type: 'checkbox', id: 'cfg_reset_base', checked: true }),
' ', _('Restore all base settings')
]);
let reset_ipset = E('label', [
E('input', { type: 'checkbox', id: 'cfg_reset_ipset', checked: true }),
' ', _('Restore ipset configs')
]);
let set_autohostlist = E('label', [
E('input', { type: 'checkbox', id: 'cfg_autohostlist', checked: true }),
' ', _('Set AutoHostList mode')
]);
let strat_list = [ ];
strat_list.push( E('option', { value: 'strat__skip__' }, [ '-' ] ) );
for (let id = 0; id < this.nfqws_strat_list.length; id++) {
let strat = '' + this.nfqws_strat_list[id];
strat_list.push( E('option', { value: 'strat_' + id }, [ strat ] ) );
}
let label_nfqws = (tools.appName == 'zapret2') ? _('NFQWS2_OPT strategy: ') : _('NFQWS_OPT strategy: ');
let nfqws_strat = E('label', [
label_nfqws,
E('select', { id: 'cfg_nfqws_strat' }, strat_list)
]);
let cancel_button = E('button', {
'class': btn_style_neutral,
'click': ui.hideModal,
@@ -238,12 +266,35 @@ return view.extend({
}, _('Reset settings'));
resetcfg_btn.onclick = ui.createHandlerFn(this, () => {
//cancel_button.disabled = true;
return this.serviceActionEx('reset', resetcfg_btn, true);
let opt_flags = '';
if (document.getElementById('cfg_reset_base').checked == false) {
opt_flags += '(skip_base)';
};
if (document.getElementById('cfg_reset_ipset').checked) {
opt_flags += '(reset_ipset)';
};
if (document.getElementById('cfg_autohostlist').checked) {
opt_flags += '(set_mode_autohostlist)';
};
//console.log('RESET: opt_flags = ' + opt_flags);
let sel_strat = document.getElementById('cfg_nfqws_strat');
let opt_strat = sel_strat.options[sel_strat.selectedIndex].text;
//console.log('RESET: strat = ' + opt_strat);
opt_flags += '(sync)';
let args = [ opt_flags, opt_strat ];
return this.serviceActionEx('reset', resetcfg_btn, args, true);
});
ui.showModal(_('Reset settings to default'), [
E('div', { 'class': 'cbi-section' }, [
E('p', _('All settings will be reset to default. Continue?')),
reset_base,
E('br'), E('br'),
reset_ipset,
E('br'), E('br'),
set_autohostlist,
E('br'), E('br'),
nfqws_strat,
E('br'), E('br')
]),
E('div', { 'class': 'right' }, [
cancel_button,
@@ -254,7 +305,12 @@ return view.extend({
},
load: function() {
return this.getAppStatus();
var _this = this;
return Promise.all([
L.resolveDefault(fs.stat('/bin/cat'), null),
]).then(function(data) {
return _this.getAppStatus();
});
},
render: function(status_array) {
@@ -324,14 +380,18 @@ return view.extend({
btn_stop.onclick = ui.createHandlerFn(this, this.serviceAction, 'stop', 'btn_stop');
layout_append(_('Service daemons control'), null, [ btn_start, btn_restart, btn_stop ] );
let btn_update = create_btn('btn_update', btn_style_action, _('Update'));
btn_update.onclick = ui.createHandlerFn(this, () => { this.appAction('update', 'btn_update') });
layout_append(_('Update blacklist'), null, [ btn_update ] );
let btn_reset = create_btn('btn_reset', btn_style_action, _('Reset settings'));
btn_reset.onclick = L.bind(this.dialogResetCfg, this);
layout_append(_('Reset settings to default'), null, [ btn_reset ] );
let btn_diag = create_btn('btn_diag', btn_style_action, _('Diagnostics'));
btn_diag.onclick = ui.createHandlerFn(this, () => { diagnost.openDiagnostDialog(this.pkg_arch) });
layout_append('Diagnostic tools', null, [ btn_diag ] );
let btn_update = create_btn('btn_update', btn_style_action, _('Update'));
btn_update.onclick = ui.createHandlerFn(this, () => { updater.openUpdateDialog(this.pkg_arch) });
layout_append(_('Update package'), null, [ btn_update ] );
let elems = {
"status": status_string,
"btn_enable": btn_enable,
@@ -339,30 +399,31 @@ return view.extend({
"btn_start": btn_start,
"btn_restart": btn_restart,
"btn_stop": btn_stop,
"btn_update": btn_update,
"btn_reset": btn_reset,
"btn_diag": btn_diag,
"btn_update": btn_update,
};
this.setAppStatus(status_array, elems);
poll.add(L.bind(this.statusPoll, this));
let page_title = _('Zapret');
let pkgdict = tools.decode_pkg_list(pkg_list.stdout);
let page_title = tools.AppName;
let pkgdict = tools.decode_pkg_list(pkg_list.stdout, false);
page_title += ' &nbsp ';
if (pkgdict['zapret'] === undefined || pkgdict['zapret'] == '') {
if (pkgdict[tools.appName] === undefined || pkgdict[tools.appName] == '') {
page_title += 'unknown version';
} else {
page_title += 'v' + pkgdict['zapret'];
page_title += 'v' + pkgdict[tools.appName];
}
let aux1 = E('em');
let aux2 = E('em');
if (pkgdict['zapret'] != pkgdict['luci-app-zapret']) {
let errtxt = 'LuCI APP v' + pkgdict['luci-app-zapret'] + ' [ incorrect version! ]';
if (pkgdict[tools.appName] != pkgdict['luci-app-'+tools.appName]) {
let errtxt = 'LuCI APP v' + pkgdict['luci-app-'+tools.appName] + ' [ incorrect version! ]';
aux1 = E('div', { 'class': 'label-status error' }, errtxt);
aux2 = E('div', { }, '&nbsp');
}
let url1 = 'https://github.com/bol-van/zapret';
let url1 = 'https://github.com/bol-van/'+tools.appName;
let url2 = 'https://github.com/remittor/zapret-openwrt';
return E([

200
luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js → luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/settings.js
View File

@@ -5,7 +5,7 @@
'require uci';
'require ui';
'require view';
'require view.zapret.tools as tools';
'require view.zapret2.tools as tools';
return view.extend({
parsers: { },
@@ -48,7 +48,7 @@ return view.extend({
let m, s, o, tabname;
m = new form.Map(tools.appName, _('Zapret') + ' - ' + _('Settings'));
m = new form.Map(tools.appName, tools.AppName + ' - ' + _('Settings'));
s = m.section(form.NamedSection, 'config');
s.anonymous = true;
@@ -86,21 +86,40 @@ return view.extend({
o.rmempty = false;
o.default = 0;
o = s.taboption(tabname, form.ListValue, 'MODE_FILTER', _('MODE_FILTER'));
o = s.taboption(tabname, form.Flag, 'FILTER_TTL_EXPIRED_ICMP', 'FILTER_TTL_EXPIRED_ICMP');
o.rmempty = false;
o.default = 1;
//o = s.taboption(tabname, form.ListValue, 'MODE_FILTER', _('MODE_FILTER'));
//o.value('none', 'none');
//o.value('ipset', 'ipset');
o.value('hostlist', 'hostlist');
o.value('autohostlist', 'autohostlist');
//o.value('hostlist', 'hostlist');
//o.value('autohostlist', 'autohostlist');
o = s.taboption(tabname, form.Value, 'WS_USER', _('WS_USER'));
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Flag, 'DAEMON_LOG_ENABLE', _('DAEMON_LOG_ENABLE'));
o.rmempty = false;
o.default = 0;
/* NFQWS_OPT_DESYNC tab */
tabname = 'nfqws_params';
s.tab(tabname, _('NFQWS options'));
if (tools.appName == 'zapret2') {
s.tab(tabname, _('NFQWS2 options'));
} else {
s.tab(tabname, _('NFQWS options'));
}
let add_delim = function(sec) {
let add_delim = function(sec, url = null) {
let o = sec.taboption(tabname, form.DummyValue, '_hr');
o.rawhtml = true;
o.default = '<hr style="width: 620px; height: 1px; margin: 1px 0 1px; border-top: 1px solid;">';
if (url) {
o.default += '<br/>' + _('Help') + ': <a target=_blank href=%s>%s</a>'.format(url);
}
};
let add_param = function(sec, param, locname = null, rows = 10, multiline = false) {
@@ -132,10 +151,18 @@ return view.extend({
val.validate = function(section_id, value) {
return (value) ? value.trim() : "";
};
btn.onclick = () => new tools.longstrEditDialog('config', param, param, locname, rows, multiline).show();
let desc = locname;
if (multiline == 2) {
desc += '<br/>' + _('Example') + ': <a target=_blank href=%s>%s</a>'.format(tools.nfqws_opt_url);
}
btn.onclick = () => new tools.longstrEditDialog('config', param, param, desc, rows, multiline).show();
};
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Flag, 'NFQWS2_ENABLE', _('NFQWS2_ENABLE'));
} else {
o = s.taboption(tabname, form.Flag, 'NFQWS_ENABLE', _('NFQWS_ENABLE'));
}
o.rmempty = false;
o.default = 1;
@@ -148,46 +175,115 @@ return view.extend({
//o.description = _("nfqws option for DPI desync attack");
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'FILTER_MARK', _('FILTER_MARK'));
o.rmempty = false;
o.validate = function(section_id, value) { return true; };
o.write = function(section_id, value) { return form.Value.prototype.write.call(this, section_id, (value == null || value.trim() == '') ? "\t" : value.trim()); };
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP', _('NFQWS2_PORTS_TCP'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP', _('NFQWS_PORTS_TCP'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_UDP', _('NFQWS2_PORTS_UDP'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP', _('NFQWS_PORTS_UDP'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_OUT', _('NFQWS2_TCP_PKT_OUT'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_OUT', _('NFQWS_TCP_PKT_OUT'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_TCP_PKT_IN', _('NFQWS2_TCP_PKT_IN'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_TCP_PKT_IN', _('NFQWS_TCP_PKT_IN'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_OUT', _('NFQWS2_UDP_PKT_OUT'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_OUT', _('NFQWS_UDP_PKT_OUT'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_UDP_PKT_IN', _('NFQWS2_UDP_PKT_IN'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_UDP_PKT_IN', _('NFQWS_UDP_PKT_IN'));
}
o.rmempty = false;
o.datatype = 'string';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_TCP_KEEPALIVE', _('NFQWS2_PORTS_TCP_KEEPALIVE'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_TCP_KEEPALIVE', _('NFQWS_PORTS_TCP_KEEPALIVE'));
}
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP_KEEPALIVE', _('NFQWS_PORTS_UDP_KEEPALIVE'));
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'NFQWS2_PORTS_UDP_KEEPALIVE', _('NFQWS2_PORTS_UDP_KEEPALIVE'));
} else {
o = s.taboption(tabname, form.Value, 'NFQWS_PORTS_UDP_KEEPALIVE', _('NFQWS_PORTS_UDP_KEEPALIVE'));
}
o.rmempty = false;
o.datatype = 'uinteger';
add_delim(s);
add_param(s, 'NFQWS_OPT', null, 18, 2);
add_delim(s, tools.nfqws_opt_url);
if (tools.appName == 'zapret2') {
add_param(s, 'NFQWS2_OPT', null, 21, 2);
} else {
add_param(s, 'NFQWS_OPT', null, 21, 2);
}
/* AutoHostList settings */
tabname = 'autohostlist_tab';
s.tab(tabname, _('AutoHostList'));
o = s.taboption(tabname, form.Flag, 'MODE_FILTER', _('Use AutoHostList mode'));
o.rmempty = false;
o.default = '0';
o.validate = function(section_id, value) { return true; };
o.load = function(section_id) {
return uci.load(tools.appName).then(L.bind(function() {
var v = uci.get(tools.appName, section_id, 'MODE_FILTER');
return (v === 'autohostlist') ? '1' : '0';
}, this));
};
o.write = function(section_id, value) {
return uci.set(tools.appName, section_id, 'MODE_FILTER', value === '1' ? 'autohostlist' : 'hostlist');
};
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_INCOMING_MAXSEQ', _('INCOMING_MAXSEQ'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_MAXSEQ', _('RETRANS_MAXSEQ'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_RESET', _('RETRANS_RESET'));
o.rmempty = false;
o.datatype = 'uinteger';
}
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_RETRANS_THRESHOLD', _('RETRANS_THRESHOLD'));
o.rmempty = false;
@@ -201,6 +297,16 @@ return view.extend({
o.rmempty = false;
o.datatype = 'uinteger';
if (tools.appName == 'zapret2') {
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_UDP_IN', _('UDP_IN'));
o.rmempty = false;
o.datatype = 'uinteger';
o = s.taboption(tabname, form.Value, 'AUTOHOSTLIST_UDP_OUT', _('UDP_OUT'));
o.rmempty = false;
o.datatype = 'uinteger';
}
o = s.taboption(tabname, form.Button, '_auto_host_btn', _('Auto host list entries'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
@@ -229,10 +335,10 @@ return view.extend({
15
).show();
/* Blacklist settings */
/* HostList settings */
tabname = 'blacklist_tab';
s.tab(tabname, _('Blacklist settings'));
tabname = 'hostlist_tab';
s.tab(tabname, _('Host lists'));
o = s.taboption(tabname, form.Button, '_google_entries_btn', _('Google hostname entries'));
o.inputtitle = _('Edit');
@@ -246,7 +352,7 @@ return view.extend({
15
).show();
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries'));
o = s.taboption(tabname, form.Button, '_user_entries_btn', _('User hostname entries <HOSTLIST>'));
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = tools.hostsUserFN;
@@ -254,7 +360,7 @@ return view.extend({
tools.hostsUserFN,
_('User entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />facebook.com</code>',
15
).show();
@@ -266,7 +372,7 @@ return view.extend({
tools.hostsUserExcludeFN,
_('User excluded entries'),
_('One hostname per line.<br />Examples:'),
'<code>domain.net<br />sub.domain.com<br />googlevideo.com</code>',
'<code>domain.net<br />sub.domain.com<br />gosuslugi.ru</code>',
15
).show();
@@ -320,6 +426,48 @@ return view.extend({
o.onclick = () => new tools.fileEditDialog(fn, name, '', '', 15).show();
}
/* custom.d files */
tabname = 'custom_d_tab';
s.tab(tabname, 'custom.d');
o = s.taboption(tabname, form.Flag, 'DISABLE_CUSTOM', _('Use custom.d scripts'));
o.rmempty = false;
o.default = '0';
o.validate = function(section_id, value) { return true; };
o.load = function(section_id) {
return uci.load(tools.appName).then(L.bind(function() {
var v = uci.get(tools.appName, section_id, 'DISABLE_CUSTOM');
return (v === '1') ? '0' : '1';
}, this));
};
o.write = function(section_id, value) {
return uci.set(tools.appName, section_id, 'DISABLE_CUSTOM', value === '1' ? '0' : '1');
};
add_delim(s);
for (let i = 0; i < tools.customdPrefixList.length; i++) {
let num = tools.customdPrefixList[i];
let fn = tools.customdFileFormat.format(num.toString());
let name = _('custom.d script #' + num);
o = s.taboption(tabname, form.Button, '_customd_file%d_btn'.format(num), name);
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
o.description = fn;
let desc = '';
if (num == tools.discord_num) {
desc = _('Example') + ': ';
for (let k = 0; k < tools.discord_url.length; k++) {
let url = tools.discord_url[k];
if (k > 0) desc += ' <br> ';
const filename = url.substring(url.lastIndexOf("/") + 1).split("?")[0];
desc += '<a target=_blank href=' + url + '>' + filename + '</a>';
}
}
o.onclick = () => new tools.fileEditDialog(fn, name, desc, '', 15).show();
}
let map_promise = m.render();
map_promise.then(node => node.classList.add('fade-in'));
return map_promise;

352
luci-app-zapret/htdocs/luci-static/resources/view/zapret/tools.js → luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/tools.js
View File

@@ -4,6 +4,7 @@
'require rpc';
'require ui';
'require uci';
'require view.zapret2.env as env_tools';
document.head.append(E('style', {'type': 'text/css'},
`
@@ -35,23 +36,11 @@ document.head.append(E('style', {'type': 'text/css'},
`));
return baseclass.extend({
packager : null,
appName : 'zapret',
execPath : '/etc/init.d/zapret',
syncCfgPath : '/opt/zapret/sync_config.sh',
defaultCfgPath : '/opt/zapret/restore-def-cfg.sh',
hostsGoogleFN : '/opt/zapret/ipset/zapret-hosts-google.txt',
hostsUserFN : '/opt/zapret/ipset/zapret-hosts-user.txt',
hostsUserExcludeFN: '/opt/zapret/ipset/zapret-hosts-user-exclude.txt',
iplstExcludeFN : '/opt/zapret/ipset/zapret-ip-exclude.txt',
iplstUserFN : '/opt/zapret/ipset/zapret-ip-user.txt',
iplstUserExcludeFN: '/opt/zapret/ipset/zapret-ip-user-exclude.txt',
custFileMax : 4,
custFileTemplate : '/opt/zapret/ipset/cust%s.txt',
autoHostListFN : '/opt/zapret/ipset/zapret-hosts-auto.txt',
autoHostListDbgFN : '/opt/zapret/ipset/zapret-hosts-auto-debug.log',
__init__() {
env_tools.load_env(this);
//console.log('appName: ' + this.appName);
//console.log('PACKAGER: ' + this.packager.name);
},
infoLabelRunning : '<span class="label-status running">' + _('Running') + '</span>',
infoLabelStarting : '<span class="label-status starting">' + _('Starting') + '</span>',
@@ -69,6 +58,13 @@ return baseclass.extend({
running : { code: 4, name: _('Running') , label: this.infoLabelRunning },
},
callServiceList: rpc.declare({
object: 'service',
method: 'list',
params: [ 'name', 'verbose' ],
expect: { '': {} }
}),
callInitState: rpc.declare({
object: 'luci',
method: 'getInitList',
@@ -83,24 +79,17 @@ return baseclass.extend({
expect: { result: false }
}),
init_consts: function() {
if (!this.packager) {
this.packager = { };
if (L.hasSystemFeature('apk')) {
this.packager.name = 'apk';
this.packager.path = '/usr/bin/apk';
this.packager.args = [ 'list', '-I', '*zapret*' ];
} else {
this.packager.name = 'opkg';
this.packager.path = '/bin/opkg';
this.packager.args = [ 'list-installed', '*zapret*' ];
}
//console.log('PACKAGER: ' + this.packager.name);
}
getSvcInfo: function(svc_name = null) {
let name = (svc_name) ? svc_name : this.appName;
let verbose = 1;
return this.callServiceList(name, verbose).then(res => {
return res;
}).catch(e => {
ui.addNotification(null, E('p', _('Failed to get %s service info: %s').format(name, e)));
});
},
getInitState: function(name) {
this.init_consts();
return this.callInitState(name).then(res => {
if (res) {
return res[name].enabled ? true : false;
@@ -112,6 +101,19 @@ return baseclass.extend({
});
},
getStratList: function() {
let exec_cmd = '/bin/busybox';
let exec_arg = [ 'awk', '-F', '"', '/if \\[ "\\$strat" = "/ {print $4}', this.defCfgPath ];
return fs.exec(exec_cmd, exec_arg).then(res => {
if (res.code == 0) {
return this.getWordsArray(res.stdout);
}
return [ ];
}).catch(e => {
ui.addNotification(null, E('p', _('Failed to get strat list: %s').format(e)));
});
},
handleServiceAction: function(name, action) {
return this.callInitAction(name, action).then(success => {
if (!success) {
@@ -127,36 +129,62 @@ return baseclass.extend({
return (v && typeof(v) === 'string') ? v.trim().replace(/\r?\n/g, '') : v;
},
decode_pkg_list: function(pkg_list) {
getWordsArray: function (text, { trim = true, removeEmpty = true } = {}) {
const rawLines = text.split(/\n/);
const processed = trim ? rawLines.map(line => line.trim()) : rawLines.slice();
return removeEmpty ? processed.filter(line => line.length > 0) : processed;
},
getConfigPar: function(txt, key, defval = null) {
const re = new RegExp(`^${key}\\s*=\\s*(['"])(.*?)\\1`, 'm');
const m = txt.match(re);
return m ? m[2] : defval;
},
decode_pkg_list: function(pkg_list, with_suffix_r1 = true) {
let pkg_dict = { };
if (!pkg_list) {
return pkg_dict;
}
let lines = pkg_list.trim().split('\n');
for (let i = 0; i < lines.length; i++) {
let line = lines[i].trim();
let name;
let ver;
let rev = -1;
if (this.packager.name == 'apk') {
let fullname = line.split(' ')[0];
let mpos = fullname.lastIndexOf("-");
if (mpos <= 0)
continue;
if (fullname.substring(mpos+1, mpos+2) == 'r') {
// release number
fullname = fullname.substring(0, mpos);
let match = fullname.match(/^(.*)-r(\d+)$/);
if (match) {
fullname = match[1];
rev = parseInt(match[2], 10);
}
mpos = fullname.lastIndexOf("-");
let mpos = fullname.lastIndexOf('-');
if (mpos <= 0)
continue;
name = fullname.substring(0, mpos).trim();
ver = fullname.substring(mpos+1).trim();
continue; // incorrect format
name = fullname.slice(0, mpos).trim();
ver = fullname.slice(mpos + 1).trim();
} else {
if (!line.includes(' - '))
continue;
continue; // incorrect format
name = line.split(' - ')[0].trim();
ver = line.split(' - ')[1].trim();
let spos = ver.indexOf(" ");
if (spos > 0) {
ver = ver.substring(0, spos);
}
let match = ver.match(/^(.*)-r(\d+)$/);
if (match) {
ver = match[1];
rev = parseInt(match[2], 10);
}
}
if (rev >= 0) {
if (rev == 1 && !with_suffix_r1) {
// nothing
} else {
ver += '-r' + rev;
}
}
pkg_dict[name] = ver;
}
@@ -191,9 +219,6 @@ return baseclass.extend({
},
"status": this.statusDict.error,
};
if (svc_info.code != 0) {
return -1;
}
if (proc_list.code != 0) {
return -2;
}
@@ -202,25 +227,13 @@ return baseclass.extend({
if (plist.length < 4) {
return -3;
}
if (typeof(svc_info.stdout) !== 'string') {
if (typeof(svc_info) !== 'object') {
return -4;
}
if (svc_info.stdout.length < 3) {
return -5;
}
let jdata;
try {
jdata = JSON.parse(svc_info.stdout);
} catch (e) {
console.log('Incorrect JSON: ' + svc_info.stdout);
return -6;
}
if (typeof(jdata) !== 'object') {
return -7;
}
if (typeof(jdata.zapret) == 'object') {
let jdata = svc_info;
if (typeof(jdata[this.appName]) == 'object') {
result.dmn.inited = true;
let dmn_list = jdata.zapret.instances;
let dmn_list = jdata[this.appName].instances;
if (typeof(dmn_list) == 'object') {
for (const [dmn_name, daemon] of Object.entries(dmn_list)) {
result.dmn.total += 1;
@@ -244,7 +257,7 @@ return baseclass.extend({
return result;
},
makeStatusString: function(svcinfo, fwtype, bllist_preset) {
makeStatusString: function(svcinfo, pkg_arch, bllist_preset) {
let svc_autorun = _('Unknown');
let svc_daemons = _('Unknown');
@@ -257,12 +270,18 @@ return baseclass.extend({
svc_daemons += ' [' + svcinfo.dmn.working + '/' + svcinfo.dmn.total + ']';
}
}
let update_mode = _('user entries only');
let td_name_width = 40;
let td_name_style = `style="width: ${td_name_width}%; min-width:${td_name_width}%; max-width:${td_name_width}%;"`;
let out = `
<table class="table">
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('CPU architecture')}:
</td>
<td class="td left">
${pkg_arch}
</td>
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('Service autorun status')}:
@@ -279,22 +298,6 @@ return baseclass.extend({
${svc_daemons}
</td>
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('FW type')}:
</td>
<td class="td left">
${fwtype}
</td>
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
${_('Blacklist update mode')}:
</td>
<td class="td left">
${update_mode}
</td>
</tr>
<tr class="tr">
<td class="td left" ${td_name_style}>
</td>
@@ -304,6 +307,17 @@ return baseclass.extend({
</table>`;
return out;
},
getLineCount: function(mstr) {
let count = 0;
let c = '\n'.charAt(0);
for (let i = 0; i < mstr.length; ++i) {
if (c === mstr.charAt(i)) {
++count;
}
}
return count;
},
fileEditDialog: baseclass.extend({
__init__: function(file, title, desc, aux = null, rows = 10, callback, file_exists = false) {
@@ -350,13 +364,13 @@ return baseclass.extend({
E('button', {
'id': 'btn_save',
'class': 'btn cbi-button-positive important',
'click': ui.createHandlerFn(this, this.handleSave),
'click': ui.createHandlerFn(this, this.handleSaveAdv),
}, _('Save')),
]),
]);
},
handleSave: function(ev) {
handleSaveAdv: function(ev) {
let txt = document.getElementById('widget.modal_content');
let value = txt.value.trim().replace(/\r\n/g, '\n') + '\n';
@@ -413,13 +427,20 @@ return baseclass.extend({
this.desc = desc;
this.rows = rows;
this.multiline = multiline;
env_tools.load_env(this);
},
load: function() {
let value = uci.get('zapret', this.cfgsec, this.cfgparam);
let value = uci.get(this.appName, this.cfgsec, this.cfgparam);
if (typeof(value) === 'string') {
value = value.trim();
if (this.multiline == 2) {
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n\t/g, "\n");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/\n --/g, "\n--");
value = value.replace(/ --/g, "\n--");
@@ -439,7 +460,7 @@ return baseclass.extend({
'class': 'cbi-input-textarea',
'style': 'width:100% !important',
'rows': this.rows,
'wrap': 'on',
'wrap': 'off',
'spellcheck': 'false',
},
content)
@@ -455,13 +476,13 @@ return baseclass.extend({
E('button', {
'id': 'btn_save',
'class': 'btn cbi-button-positive important',
'click': ui.createHandlerFn(this, this.handleSave),
'click': ui.createHandlerFn(this, this.handleSaveAdv),
}, _('Save')),
]),
]);
},
handleSave: function(ev) {
handleSaveAdv: function(ev) {
let txt = document.getElementById('widget.modal_content');
let value = txt.value.trim();
if (this.multiline) {
@@ -484,33 +505,31 @@ return baseclass.extend({
}
value = value.replace(/˂/g, '<');
value = value.replace(/˃/g, '>');
uci.set('zapret', this.cfgsec, this.cfgparam, value);
uci.save();
let elem = document.getElementById("cbi-zapret-" + this.cfgsec + "-_" + this.cfgparam);
if (elem) {
let val = value.trim();
if (this.multiline) {
val = val.replace(/</g, '˂');
val = val.replace(/>/g, '˃');
val = val.replace(/\n/g, '<br/>');
elem.querySelector('div').innerHTML = val;
} else {
elem.querySelector('div').textContent = val;
try {
let elem = document.getElementById("cbi-" + this.appName + "-" + this.cfgsec + "-_" + this.cfgparam);
if (elem) {
if (elem.querySelector('div')) {
elem = elem.querySelector('div');
} else {
elem = elem.querySelector('output');
}
}
if (elem) {
let val = value.trim();
if (this.multiline) {
val = val.replace(/</g, '˂');
val = val.replace(/>/g, '˃');
val = val.replace(/\n/g, '<br/>');
elem.innerHTML = val;
} else {
elem.textContent = val;
}
}
} catch(e) {
console.error('ERROR: cannot found elem for ' + this.cfgsec + '.' + this.cfgparam);
}
ui.hideModal();
/*
return uci.save()
.then(L.bind(ui.changes.init, ui.changes))
.then(L.bind(ui.changes.displayChanges, ui.changes))
//.then(L.bind(ui.changes.apply, ui.changes))
.then(ui.addNotification(null, E('p', _('Contents have been saved.')), 'info'))
.catch(e => {
ui.addNotification(null, E('p', _('Unable to save the contents') + ': %s'.format(e.message)));
}).finally(() => {
ui.hideModal();
});
*/
uci.set(this.appName, this.cfgsec, this.cfgparam, value);
uci.save().then(ui.hideModal);
},
error: function(e) {
@@ -529,14 +548,107 @@ return baseclass.extend({
},
show: function() {
//ui.showModal(null, E('p', { 'class': 'spinning' }, _('Loading')) );
let content = this.load();
//ui.hideModal();
if (content === null) {
return this.error('Cannot load parameter');
}
return this.render(content);
ui.showModal(null,
E('p', { 'class': 'spinning' }, _('Loading'))
);
L.resolveDefault(this.load(), null)
.then(content => {
ui.hideModal();
return this.render(content);
}).catch(e => {
ui.hideModal();
return this.error(e);
})
},
}),
execAndRead: async function({ cmd = [ ], log = '', logArea = null, callback = null, cbarg = null, hiderow = [ ], rpc_timeout = 5, rpc_root = false } = {})
{
function appendLog(msg, end = '\n')
{
logArea.value += msg + end;
logArea.scrollTop = logArea.scrollHeight;
}
function fixLogEnd()
{
if (logArea.value && logArea.value.slice(-1) != '\n') {
appendLog('');
}
}
let hide_rows = Array.isArray(hiderow) ? hiderow : [ hiderow ];
let rpc_opt = { "timeout": rpc_timeout*1000 };
if (rpc_root) {
rpc_opt.uid = 0; // run under root
}
const logFile = log; // file for reading: '/tmp/zapret_pkg_install.log'
const rcFile = logFile + '.rc';
try {
await fs.exec('/bin/busybox', [ 'rm', '-f', logFile + '*' ], null, rpc_opt);
appendLog('Output file cleared!');
} catch (e) {
return callback(cbarg, 500, 'ERROR: Failed to clear output file');
}
try {
let opt_list = [ logFile ];
opt_list.push(...cmd);
let res = await fs.exec(this.appDir+'/script-exec.sh', opt_list, null, rpc_opt);
if (res.code != 0) {
return callback(cbarg, 525, 'ERROR: cannot run "' + cmd[0] + '" script! (error = ' + res.code + ')');
}
appendLog('Process started...');
} catch (e) {
return callback(cbarg, 520, 'ERROR: Failed on execute process: ' + e.message);
}
let lastLen = 0;
let retCode = -1;
let timerBusy = false;
let timer = setInterval(async () => {
if (timerBusy)
return; // skip iteration
timerBusy = true;
try {
let res = await fs.exec('/bin/cat', [ logFile ], null, rpc_opt);
if (res.stdout && res.stdout.length > lastLen) {
let log = res.stdout.slice(lastLen);
hide_rows.forEach(re => {
log = log.replace(re, '');
});
appendLog(log, '');
lastLen = res.stdout.length;
}
if (retCode < 0) {
let rc = await fs.exec('/bin/cat', [ rcFile ], null, rpc_opt);
if (rc.code != 0) {
clearInterval(timer);
fixLogEnd();
return callback(cbarg, 545, 'ERROR: cannot read file "' + rcFile + '"');
}
if (rc.stdout) {
retCode = parseInt(rc.stdout.trim(), 10);
}
}
if (retCode >= 0) {
clearInterval(timer);
fixLogEnd();
if (retCode == 0 && res.stdout) {
return callback(cbarg, 0, res.stdout);
}
return callback(cbarg, retCode, 'ERROR: Process failed with error ' + retCode);
}
} catch (e) {
if (e.message?.includes('RPC call to file/exec failed with error -32000: Object not found')) {
console.warn('WARN: execAndRead: ' + e.message);
return; // goto next timer iteration
}
clearInterval(timer);
fixLogEnd();
let errtxt = 'ERROR: execAndRead: ' + e.message;
errtxt += 'ERROR: execAndRead: ' + e.stack?.trim().split('\n')[0];
return callback(cbarg, 540, errtxt);
} finally {
timerBusy = false;
}
}, 500);
},
});

203
luci-app-zapret2/htdocs/luci-static/resources/view/zapret2/updater.js Normal file
View File

@@ -0,0 +1,203 @@
'use strict';
'require baseclass';
'require fs';
'require poll';
'require uci';
'require ui';
'require view';
'require view.zapret2.tools as tools';
const btn_style_neutral = 'btn';
const btn_style_action = 'btn cbi-button-action';
const btn_style_positive = 'btn cbi-button-save important';
const btn_style_negative = 'btn cbi-button-reset important';
const btn_style_warning = 'btn cbi-button-negative';
const btn_style_success = 'btn cbi-button-success important';
const fn_update_pkg_sh = '/opt/'+tools.appName+'/update-pkg.sh';
return baseclass.extend({
releasesUrlPrefix : 'https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/',
appendLog: function(msg, end = '\n')
{
this.logArea.value += msg + end;
this.logArea.scrollTop = this.logArea.scrollHeight;
},
setBtnMode: function(enable)
{
this.btn_cancel.disabled = enable ? false : true;
this.btn_action.disabled = (enable == 2) ? false : true;
},
setStage: function(stage, btn_flag = true)
{
if (stage == 0) {
this.btn_action.textContent = _('Check for updates');
this.btn_action.classList.remove('hidden');
} else
if (stage == 1) {
this.btn_action.textContent = _('Update packages');
this.btn_action.classList.remove('hidden');
} else {
this.btn_action.classList.add('hidden');
}
if (stage > 1 && typeof(this.btn_action) == 'object') {
this.setBtnMode(1);
}
this.stage = stage;
},
checkUpdates: async function()
{
this._action = 'checkUpdates';
this.setStage(0);
this.setBtnMode(0);
this.pkg_url = null;
this.appendLog(_('Checking for updates...'));
let cmd = [ fn_update_pkg_sh, '-c' ]; // check for updates
if (document.getElementById('cfg_exclude_prereleases').checked == false) {
cmd.push('-p'); // include prereleases ZIP-files
}
this.forced_reinstall = document.getElementById('cfg_forced_reinstall').checked;
let log = '/tmp/'+tools.appName+'_pkg_check.log';
let callback = this.execAndReadCallback;
let wnd = this;
return tools.execAndRead({ cmd: cmd, log: log, logArea: this.logArea, callback: callback, cbarg: wnd });
},
installUpdates: async function()
{
this._action = 'installUpdates';
this.setStage(1);
this.setBtnMode(0);
if (!this.pkg_url || this.pkg_url.length < 10) {
this.appendLog('ERROR: pkg_url = null');
this.setStage(999);
return;
}
this.appendLog(_('Install updates...'));
let cmd = [ fn_update_pkg_sh, '-u', this.pkg_url ]; // update packages
if (document.getElementById('cfg_forced_reinstall').checked == true) {
cmd.push('-f'); // forced reinstall if same version
}
//this._test = 1; cmd.push('-t'); cmd.push('45'); // only for testing
let log = '/tmp/'+tools.appName+'_pkg_install.log';
let hiderow = /^ \* resolve_conffiles.*(?:\r?\n|$)/gm;
let callback = this.execAndReadCallback;
let wnd = this;
return tools.execAndRead({ cmd: cmd, log: log, logArea: this.logArea, hiderow: hiderow, callback: callback, cbarg: wnd });
},
execAndReadCallback: function(wnd, rc, txt = '')
{
//console.log('execAndReadCallback = ' + rc + '; _action = ' + wnd._action);
if (rc == 0 && txt) {
let code = txt.match(/^RESULT:\s*\(([^)]+)\)\s+.+$/m);
if (wnd._action == 'checkUpdates') {
let pkg_url = txt.match(/^ZAP_PKG_URL\s*=\s*(.+)$/m);
if (code && pkg_url) {
wnd.appendLog('=========================================================');
wnd.pkg_url = pkg_url[1];
code = code[1];
if (code == 'E' && !wnd.forced_reinstall) {
wnd.setStage(999); // install not needed
return;
}
wnd.setStage(1);
wnd.setBtnMode(2); // enable all buttons
return; // install allowed
}
}
if (wnd._action == 'installUpdates') {
if (wnd._test || (code && code[1] == '+')) {
wnd.stage = 999;
wnd.btn_action.textContent = _('OK');
wnd.btn_action.disabled = false;
wnd.btn_cancel.disabled = true;
return;
}
}
}
if (rc >= 500) {
if (txt) {
wnd.appendLog(txt.startsWith('ERROR') ? txt : 'ERROR: ' + txt);
} else {
wnd.appendLog('ERROR: ' + wnd._action + ': Terminated with error code = ' + rc);
}
} else {
wnd.appendLog('ERROR: Process finished with retcode = ' + rc);
}
wnd.setStage(999);
if (wnd._action == 'checkUpdates') {
wnd.appendLog('=========================================================');
}
},
openUpdateDialog: function(pkg_arch)
{
this.stage = 0;
this.pkg_arch = pkg_arch;
this.pkg_url = null;
let exclude_prereleases = E('label', [
E('input', { type: 'checkbox', id: 'cfg_exclude_prereleases', checked: true }),
' ', _('Exclude PreReleases')
]);
let forced_reinstall = E('label', [
E('input', { type: 'checkbox', id: 'cfg_forced_reinstall'}),
' ', _('Forced reinstall packages')
]);
this.logArea = E('textarea', {
'id': 'widget.modal_content',
'readonly': true,
'style': 'width:100% !important; font-family: monospace;',
'rows': 20,
'wrap': 'off',
});
this.btn_cancel = E('button', {
'id': 'btn_cancel',
'name': 'btn_cancel',
'class': btn_style_warning,
}, _('Cancel'));
this.btn_cancel.onclick = ui.hideModal;
this.btn_action = E('button', {
'id': 'btn_action',
'name': 'btn_action',
'class': btn_style_action,
}, 'BUTTON_ACTION');
this.btn_action.onclick = ui.createHandlerFn(this, () => {
if (this.stage == 0) {
return this.checkUpdates();
}
if (this.stage == 1) {
return this.installUpdates();
}
return ui.hideModal();
});
this.setStage(0);
this.setBtnMode(2);
ui.showModal(_('Package update'), [
E('div', { 'class': 'cbi-section' }, [
exclude_prereleases,
E('br'), E('br'),
forced_reinstall,
E('br'), E('br'),
E('hr'),
this.logArea,
]),
E('div', { 'class': 'right' }, [
this.btn_cancel,
' ',
this.btn_action,
])
]);
}
});

41
luci-app-zapret2/root/usr/share/luci/menu.d/luci-app-zapret2.json Normal file
View File

@@ -0,0 +1,41 @@
{
"admin/services/zapret2": {
"title": "Zapret2",
"order": 62,
"action": {
"type": "alias",
"path": "admin/services/zapret2/service"
},
"depends": {
"acl": [ "luci-app-zapret2" ],
"uci": { "zapret2": true }
}
},
"admin/services/zapret2/service": {
"title": "Service",
"order": 10,
"action": {
"type": "view",
"path": "zapret2/service"
}
},
"admin/services/zapret2/settings": {
"title": "Settings",
"order": 20,
"action": {
"type": "view",
"path": "zapret2/settings"
}
},
"admin/services/zapret2/dmnlog": {
"title": "Log Viewer",
"order": 30,
"action": {
"type": "view",
"path": "zapret2/dmnlog"
}
}
}

40
luci-app-zapret2/root/usr/share/rpcd/acl.d/luci-app-zapret2.json Normal file
View File

@@ -0,0 +1,40 @@
{
"luci-app-zapret2": {
"description": "Grant access to zapret2 procedures",
"read": {
"cgi-io": [ "exec" ],
"file": {
"/opt/zapret2/config": [ "read" ],
"/opt/zapret2/ipset/*": [ "read" ],
"/opt/zapret2/init.d/openwrt/custom.d/*": [ "read" ],
"/etc/crontabs/root": [ "read" ],
"/tmp/zapret*": [ "read" ],
"/etc/init.d/zapret2*": [ "exec" ],
"/bin/ps*": [ "exec" ],
"/bin/cat*": [ "exec" ],
"/bin/busybox*": [ "exec" ],
"/bin/opkg*": [ "exec" ],
"/usr/bin/apk*": [ "exec" ],
"/usr/bin/find*": [ "exec" ],
"/opt/zapret2/restore-def-cfg.sh*": [ "exec" ],
"/opt/zapret2/script-exec.sh*": [ "exec" ],
"/opt/zapret2/update-pkg.sh*": [ "exec" ],
"/opt/zapret2/sync_config.sh*": [ "exec" ]
},
"uci": [ "zapret2", "network" ],
"ubus": {
"luci": [ "getInitList", "setInitAction" ],
"service": [ "list" ]
}
},
"write": {
"file": {
"/opt/zapret2/config": [ "write" ],
"/opt/zapret2/ipset/*": [ "write" ],
"/opt/zapret2/init.d/openwrt/custom.d/*": [ "write" ],
"/etc/crontabs/root": [ "write" ]
},
"uci": [ "zapret2" ]
}
}
}

44
zapret-ip2net/Makefile
View File

@@ -1,44 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-ip2net
PKG_VERSION:=70.20250109
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=f21bd0c63c4997cad7d792c29053a2a7556663e8
PKG_SOURCE_DATE:=2025-01-09
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=ip2net
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=ip2net
SUBMENU:=Zapret
DEPENDS:=+zlib +zapret
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/ip2net
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/ip2net $(1)/opt/zapret/ip2net/
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

44
zapret-mdig/Makefile
View File

@@ -1,44 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-mdig
PKG_VERSION:=70.20250109
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=f21bd0c63c4997cad7d792c29053a2a7556663e8
PKG_SOURCE_DATE:=2025-01-09
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=mdig
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=mdig
SUBMENU:=Zapret
DEPENDS:=+zlib +zapret
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/mdig
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/mdig $(1)/opt/zapret/mdig/
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

44
zapret-tpws/Makefile
View File

@@ -1,44 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret-tpws
PKG_VERSION:=70.20250109
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=f21bd0c63c4997cad7d792c29053a2a7556663e8
PKG_SOURCE_DATE:=2025-01-09
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=tpws
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=tpws
SUBMENU:=Zapret
DEPENDS:=+zlib +libcap +zapret
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret/tpws
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/tpws $(1)/opt/zapret/tpws/
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

207
zapret/Makefile
View File

@@ -1,207 +0,0 @@
#
# Copyright (c) 2024 remittor
#
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret
PKG_VERSION:=70.20250109
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=f21bd0c63c4997cad7d792c29053a2a7556663e8
PKG_SOURCE_DATE:=2025-01-09
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=nfq
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=$(PKG_NAME)
SUBMENU:=Zapret
URL:=https://github.com/bol-van/zapret
DEPENDS:= +nftables +curl +gzip
DEPENDS+= +coreutils +coreutils-sort +coreutils-sleep
DEPENDS+= +kmod-nft-nat +kmod-nft-offload +kmod-nft-queue
DEPENDS+= +libnetfilter-queue +libcap +zlib
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws
endef
#define Build/Configure
#endef
#define Build/Compile
#endef
define Package/$(PKG_NAME)/conffiles
/etc/config/zapret
/opt/zapret/config
/opt/zapret/ipset/
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret
$(INSTALL_DIR) $(1)/opt/zapret/$(MAKE_PATH)
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws $(1)/opt/zapret/$(MAKE_PATH)/
$(INSTALL_DIR) $(1)/opt/zapret/common
$(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret/common/
#$(INSTALL_DIR) $(1)/opt/zapret/docs
#$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret/docs/
$(INSTALL_DIR) $(1)/opt/zapret/files
$(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret/files/
$(INSTALL_DIR) $(1)/opt/zapret/ipset
$(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret/ipset/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck.sh $(1)/opt/zapret/blockcheck.sh
$(INSTALL_CONF) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret/config.default
$(INSTALL_DIR) $(1)/opt/zapret/tmp
$(INSTALL_DIR) $(1)/opt/zapret/init.d/openwrt
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret/init.d/openwrt/
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret $(1)/etc/hotplug.d/iface/90-zapret
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret
$(INSTALL_CONF) ./config.default $(1)/opt/zapret/config.default
$(INSTALL_CONF) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret/ipset/zapret-hosts-google.txt
$(INSTALL_CONF) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_CONF) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret/ipset/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret-uci-def-cfg.sh
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/opt/zapret/uci-def-cfg.sh
$(INSTALL_BIN) ./comfunc.sh $(1)/opt/zapret/comfunc.sh
$(INSTALL_BIN) ./def-cfg.sh $(1)/opt/zapret/def-cfg.sh
$(INSTALL_BIN) ./renew-cfg.sh $(1)/opt/zapret/renew-cfg.sh
$(INSTALL_BIN) ./restore-def-cfg.sh $(1)/opt/zapret/restore-def-cfg.sh
$(INSTALL_BIN) ./sync_config.sh $(1)/opt/zapret/sync_config.sh
endef
define Package/$(PKG_NAME)/preinst
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
if [ -f "/etc/init.d/zapret" ]; then
SCRIPT=$$( readlink /etc/init.d/zapret )
if [ -n "$${SCRIPT}" ]; then
echo "Please uninstall original zapret utility!"
exit 44
fi
fi
if [ "$${PKG_UPGRADE}" = "1" ]; then
# stop service if PKG_UPGRADE
[ -x "/etc/init.d/zapret" ] && /etc/init.d/zapret stop >/dev/null 2>&1
fi
if [ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ]; then
if [ -f "/opt/zapret/ipset/zapret-hosts-user.txt" ]; then
CFGLISTHASH=$$( md5sum "/opt/zapret/ipset/zapret-hosts-user.txt" | awk '{print $$1;}' )
if [ "$${CFGLISTHASH}" = "79e35df62b0d1ae455d0a7e04c4cecac" ]; then
rm -f "/opt/zapret/ipset/zapret-hosts-user.txt"
fi
fi
fi
fi
exit 0
endef
define Package/$(PKG_NAME)/postinst
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
# creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# check obsolete format for main config
if grep -qE "^NFQWS_OPT_DESYNC=|^MODE_HTTP=|^MODE_HTTPS=|^MODE_QUIC=|^MODE=" "$${ZAPRET_CONFIG}" ; then
echo "Detect obsolute format for main config!"
ZAPRET_CONFIG_BACKUP="$${ZAPRET_CONFIG}.backup"
cp -f "$${ZAPRET_CONFIG}" "$${ZAPRET_CONFIG_BACKUP}"
echo "Current file $${ZAPRET_CONFIG} backuped to $${ZAPRET_CONFIG_BACKUP}"
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# check existing uci-config
[ -f "/etc/config/zapret" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
# create or merge uci-config
/opt/zapret/uci-def-cfg.sh
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret merged with default uci-config"
# remove uci-default script from system dir (used into /etc/init.d/boot)
rm -f /etc/uci-defaults/zapret-uci-def-cfg.sh
# copy (sync) all params from uci-config to main config
/opt/zapret/sync_config.sh
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58
# enable main service
/etc/init.d/zapret enable
# stop all
/etc/init.d/zapret stop_fw
/etc/init.d/zapret stop_daemons
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
# start main service
/etc/init.d/zapret start
# restart firewall
[ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart
fi
exit 0
endef
define Package/$(PKG_NAME)/prerm
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_CONFIG=/opt/zapret/config
ZAPRET_CONFIG_DEF="/opt/zapret/config.default"
OPENWRT_FW_INCLUDE=/etc/firewall.zapret
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
exit 0
fi
. "$${ZAPRET_CONFIG}"
. "$${ZAPRET_BASE}/common/base.sh"
. "$${ZAPRET_BASE}/common/fwtype.sh"
. "$${ZAPRET_BASE}/common/nft.sh"
. "$${ZAPRET_BASE}/common/installer.sh"
/etc/init.d/zapret disable
/etc/init.d/zapret stop
ps w | grep '/opt/zapret/nfq/nfqws' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
remove_openwrt_firewall
nft_del_table
restart_openwrt_firewall
fi
exit 0
endef
define Package/$(PKG_NAME)/postrm
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
[ -f "/etc/config/zapret-opkg" ] && rm -f "/etc/config/zapret-opkg"
[ -f "/opt/zapret/config" ] && cp -f /opt/zapret/config "/opt/zapret/config.backup"
#rm -rf /opt/zapret
#echo "Directory /opt/zapret removed!"
fi
exit 0
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

124
zapret/comfunc.sh
View File

@@ -1,124 +0,0 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
ZAPRET_INITD=/etc/init.d/zapret
ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret"
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret
ZAPRET_CFG_NAME=zapret
ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_NAME.config )"
. $ZAPRET_BASE/def-cfg.sh
function adapt_for_sed
{
local str=$( ( echo $1|sed -r 's/([\$\.\*\/\[\\^])/\\\1/g'|sed 's/[]]/\\]/g' )>&1 )
echo "$str"
}
function is_valid_config
{
local fname=${1:-$ZAPRET_CONFIG}
sh -n "$fname" &>/dev/null
return $?
}
function get_ppid_by_pid
{
local pid=$1
local ppid="$( cat /proc/$pid/status 2>/dev/null | grep '^PPid:' | awk '{print $2}' )"
echo "$ppid"
}
function get_proc_path_by_pid
{
local pid=$1
local path=$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' | head -n1 )
echo "$path"
}
function get_proc_cmd_by_pid
{
local pid=$1
local delim="$2"
local cmdline
if [ "$delim" = "" ]; then
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' )"
else
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' "$delim" )"
fi
echo "$cmdline"
}
function is_run_via_procd
{
local pname
[ "$$" = "1" ] && return 0
pname="$( get_proc_path_by_pid $$ )"
[ "$pname" = "/sbin/procd" ] && return 0
[ "$PPID" = "1" ] && return 0
pname="$( get_proc_path_by_pid $PPID )"
[ "$pname" = "/sbin/procd" ] && return 0
return 1
}
function is_run_on_boot
{
local cmdline="$( get_proc_cmd_by_pid $$ ' ' )"
if echo "$cmdline" | grep -q " /etc/rc.d/S" ; then
if echo "$cmdline" | grep -q " boot $" ; then
return 0
fi
fi
return 1
}
function get_run_on_boot_option
{
if [ "$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )" = "1" ]; then
echo 1
else
echo 0
fi
}
function create_default_cfg
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local cfgfile=/etc/config/$cfgname
rm -f $cfgfile
touch $cfgfile
uci set $cfgname.config=main
set_cfg_default_values $cfgname
return 0
}
function merge_cfg_with_def_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2
local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="zapret-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
[ -z "$cfg_sec_name" ] && create_default_cfg
create_default_cfg "$NEWCFGNAME"
[ ! -f "$NEWCFGFILE" ] && return 1
uci -m -f $cfgfile import "$NEWCFGNAME"
uci commit "$NEWCFGNAME"
uci -m -f "$NEWCFGFILE" import $cfgname
uci commit $cfgname
rm -f "$NEWCFGFILE"
return 0
}

67
zapret/def-cfg.sh
View File

@@ -1,67 +0,0 @@
#!/bin/sh
# Copyright (c) 2024 remittor
function set_cfg_default_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( echo -n -e '\t' )"
uci batch <<-EOF
set $cfgname.config.run_on_boot='0'
# settings for zapret service
set $cfgname.config.FWTYPE='nftables'
set $cfgname.config.POSTNAT='1'
set $cfgname.config.FLOWOFFLOAD='none'
set $cfgname.config.INIT_APPLY_FW='1'
set $cfgname.config.DISABLE_IPV4='0'
set $cfgname.config.DISABLE_IPV6='1'
set $cfgname.config.MODE_FILTER='hostlist'
# autohostlist options
set $cfgname.config.AUTOHOSTLIST_RETRANS_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
# nfqws options
set $cfgname.config.NFQWS_ENABLE='1'
set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.NFQWS_PORTS_TCP='80,443'
set $cfgname.config.NFQWS_PORTS_UDP='443'
set $cfgname.config.NFQWS_TCP_PKT_OUT='9'
set $cfgname.config.NFQWS_TCP_PKT_IN='3'
set $cfgname.config.NFQWS_UDP_PKT_OUT='9'
set $cfgname.config.NFQWS_UDP_PKT_IN='0'
set $cfgname.config.NFQWS_PORTS_TCP_KEEPALIVE='0'
set $cfgname.config.NFQWS_PORTS_UDP_KEEPALIVE='0'
set $cfgname.config.NFQWS_OPT="
--filter-tcp=80 <HOSTLIST>
--dpi-desync=fake,fakedsplit
--dpi-desync-autottl=2
--dpi-desync-fooling=md5sig
--new
--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake,multidisorder
--dpi-desync-split-pos=1,midsld
--dpi-desync-repeats=11
--dpi-desync-fooling=md5sig
--dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin
--new
--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt
--dpi-desync=fake
--dpi-desync-repeats=11
--dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin
--new
--filter-udp=443 <HOSTLIST_NOAUTO>
--dpi-desync=fake
--dpi-desync-repeats=11
--new
--filter-tcp=443 <HOSTLIST>
--dpi-desync=fake,multidisorder
--dpi-desync-split-pos=midsld
--dpi-desync-repeats=6
--dpi-desync-fooling=badseq,md5sig
"
# save changes
commit $cfgname
EOF
return 0
}

13
zapret/ipset/zapret-hosts-google.txt
View File

@@ -1,13 +0,0 @@
googlevideo.com
youtubei.googleapis.com
ytimg.com
yt3.ggpht.com
yt4.ggpht.com
youtube.com
youtubeembeddedplayer.googleapis.com
ytimg.l.google.com
jnn-pa.googleapis.com
youtube-nocookie.com
youtube-ui.l.google.com
yt-video-upload.l.google.com
wide-youtube.l.google.com

6
zapret/ipset/zapret-hosts-user-exclude.txt
View File

@@ -1,6 +0,0 @@
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
fc00::/7
fe80::/10

18
zapret/restore-def-cfg.sh
View File

@@ -1,18 +0,0 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
cfg_run_on_boot="$( uci -q get zapret.config.run_on_boot )"
create_default_cfg
if [ "$cfg_run_on_boot" = "1" ]; then
uci set zapret.config.run_on_boot=1
uci commit
fi
if [ "$1" = "sync" ]; then
# renew main config
/opt/zapret/sync_config.sh
fi

105
zapret/sync_config.sh
View File

@@ -1,105 +0,0 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
function uncomment_param
{
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
sed -i "/^#$param=/s/^#//" $fname
}
function append_param
{
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
grep -q "^$param=" $fname
if [ "$?" != "0" ]; then
echo "" >> $fname
echo "$param=" >> $fname
fi
}
function set_param_value
{
local param=$1
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=$value/g" $fname
}
function set_param_value_str
{
local param=$1
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=\"$value\"/g" $fname
}
function sync_param
{
local param=$1
local vtype=$2
local value="$( uci -q get zapret.config.$param )"
uncomment_param $param
append_param $param
local TAB="$( echo -n -e '\t' )"
if [ "$value" = "$TAB" ]; then
value=""
fi
if [ "$vtype" = "str" ]; then
set_param_value_str $param "$value"
else
set_param_value $param $value
fi
}
if [ ! -f "$ZAPRET_CONFIG" ]; then
if [ ! -f "$ZAPRET_CONFIG_DEF" ]; then
touch "$ZAPRET_CONFIG"
else
cp -f "$ZAPRET_CONFIG_DEF" "$ZAPRET_CONFIG"
fi
fi
cp -f "$ZAPRET_CONFIG" "$ZAPRET_CONFIG_NEW"
ZAPRET_CONFIG__SAVED="$ZAPRET_CONFIG"
ZAPRET_CONFIG="$ZAPRET_CONFIG_NEW"
sync_param FWTYPE
sync_param POSTNAT
sync_param FLOWOFFLOAD
sync_param INIT_APPLY_FW
sync_param DISABLE_IPV4
sync_param DISABLE_IPV6
sync_param MODE_FILTER
sync_param AUTOHOSTLIST_RETRANS_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_TIME
sync_param AUTOHOSTLIST_DEBUGLOG
sync_param NFQWS_ENABLE
sync_param DESYNC_MARK
sync_param DESYNC_MARK_POSTNAT
sync_param NFQWS_PORTS_TCP str
sync_param NFQWS_PORTS_UDP str
sync_param NFQWS_TCP_PKT_OUT str
sync_param NFQWS_TCP_PKT_IN str
sync_param NFQWS_UDP_PKT_OUT str
sync_param NFQWS_UDP_PKT_IN str
sync_param NFQWS_PORTS_TCP_KEEPALIVE
sync_param NFQWS_PORTS_UDP_KEEPALIVE
sync_param NFQWS_OPT str
ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED"
if is_valid_config "$ZAPRET_CONFIG_NEW" ; then
cp -f "$ZAPRET_CONFIG_NEW" "$ZAPRET_CONFIG"
rm -f "$ZAPRET_CONFIG_NEW"
else
rm -f "$ZAPRET_CONFIG_NEW"
return 97
fi

18
zapret/uci-def-cfg.sh
View File

@@ -1,18 +0,0 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
# create empty txt files into ipset directory
[ ! -f "/opt/zapret/ipset/zapret-hosts-google.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-google.txt"
#[ ! -f "/opt/zapret/ipset/zapret-hosts-auto.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-auto.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-hosts-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-hosts-user-ipban.txt"
#[ ! -f "/opt/zapret/ipset/zapret-ip.txt" ] && touch "/opt/zapret/ipset/zapret-ip.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-exclude.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-exclude.txt"
[ ! -f "/opt/zapret/ipset/zapret-ip-user-ipban.txt" ] && touch "/opt/zapret/ipset/zapret-ip-user-ipban.txt"
# create or merge uci-config
$ZAPRET_BASE/renew-cfg.sh

320
zapret2/Makefile Normal file
View File

@@ -0,0 +1,320 @@
#
# Copyright (c) 2025 remittor
#
include $(TOPDIR)/rules.mk
PKG_NAME:=zapret2
PKG_VERSION:=0.8.20260113
PKG_RELEASE:=1
PKG_MAINTAINER:=bol-van
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=docs/LICENSE.txt
PKG_SOURCE_URL:=https://github.com/bol-van/zapret2.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=dced388652c49fea6eb82401f79146b484a9cd7a
PKG_SOURCE_DATE:=2026-01-13
#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
#PKG_SOURCE_URL:=https://github.com/bol-van/zapret2/archive/refs/tags/v$(PKG_VERSION).tar.gz?
#PKG_HASH:=skip
LUA_JIT?=1
ifeq ($(LUA_JIT),1)
LUAJIT_VER?=2.1
LUA_VER?=5.1
LUA_DEPEND:=luajit
LUA_INCLUDE:=-I$(STAGING_DIR)/usr/include/luajit-$(LUAJIT_VER)
LUA_LIBRARY:=-L$(STAGING_DIR)/usr/lib -lluajit-$(LUA_VER)
else
LUA_VER?=5.3
LUA_DEPEND:=lua$(LUA_VER)
LUA_INCLUDE:=-I$(STAGING_DIR)/usr/include/lua$(LUA_VER)
LUA_LIBRARY:=-L$(STAGING_DIR)/usr/lib -llua$(LUA_VER)
endif
include $(INCLUDE_DIR)/package.mk
#TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS)
#TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
MAKE_PATH:=nfq2
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
TITLE:=$(PKG_NAME)
SUBMENU:=Zapret2
URL:=https://github.com/bol-van/zapret2
DEPENDS:= +nftables +curl +gzip +$(LUA_DEPEND)
DEPENDS+= +coreutils +coreutils-sort +coreutils-sleep
DEPENDS+= +kmod-nft-nat +kmod-nft-offload +kmod-nft-queue
DEPENDS+= +libnetfilter-queue +libcap +zlib
endef
define Build/Prepare
$(Build/Prepare/Default)
rm -f $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2
rm -f $(PKG_BUILD_DIR)/ip2net/ip2net
rm -f $(PKG_BUILD_DIR)/mdig/mdig
endef
#define Build/Configure
#endef
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR)/$(MAKE_PATH) $(TARGET_CONFIGURE_OPTS) LUA_JIT=$(LUA_JIT) LUA_CFLAGS="$(LUA_INCLUDE)" LUA_LIB="$(LUA_LIBRARY)"
$(MAKE) -C $(PKG_BUILD_DIR)/ip2net $(TARGET_CONFIGURE_OPTS)
$(MAKE) -C $(PKG_BUILD_DIR)/mdig $(TARGET_CONFIGURE_OPTS)
endef
define Package/$(PKG_NAME)/conffiles
/opt/zapret2/config
/opt/zapret2/ipset/zapret-hosts-google.txt
/opt/zapret2/ipset/zapret-hosts-user.txt
/opt/zapret2/ipset/zapret-hosts-user-exclude.txt
/opt/zapret2/ipset/zapret-ip-exclude.txt
/opt/zapret2/ipset/zapret-hosts-auto.txt
/opt/zapret2/init.d/openwrt/custom.d/10-script.sh
/opt/zapret2/init.d/openwrt/custom.d/20-script.sh
/opt/zapret2/init.d/openwrt/custom.d/50-script.sh
/opt/zapret2/init.d/openwrt/custom.d/60-script.sh
/opt/zapret2/init.d/openwrt/custom.d/90-script.sh
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/opt/zapret2
$(INSTALL_DIR) $(1)/opt/zapret2/$(MAKE_PATH)
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(MAKE_PATH)/nfqws2 $(1)/opt/zapret2/$(MAKE_PATH)/
$(INSTALL_DIR) $(1)/opt/zapret2/ip2net
$(INSTALL_BIN) $(PKG_BUILD_DIR)/ip2net/ip2net $(1)/opt/zapret2/ip2net/
$(INSTALL_DIR) $(1)/opt/zapret2/mdig
$(INSTALL_BIN) $(PKG_BUILD_DIR)/mdig/mdig $(1)/opt/zapret2/mdig/
$(INSTALL_DIR) $(1)/opt/zapret2/common
$(CP) $(PKG_BUILD_DIR)/common/* $(1)/opt/zapret2/common/
$(INSTALL_DIR) $(1)/opt/zapret2/lua
$(CP) $(PKG_BUILD_DIR)/lua/* $(1)/opt/zapret2/lua/
#$(INSTALL_DIR) $(1)/opt/zapret2/docs
#$(CP) $(PKG_BUILD_DIR)/docs/* $(1)/opt/zapret2/docs/
$(INSTALL_DIR) $(1)/opt/zapret2/files
$(CP) $(PKG_BUILD_DIR)/files/* $(1)/opt/zapret2/files/
$(CP) ./files/* $(1)/opt/zapret2/files/
$(INSTALL_DIR) $(1)/opt/zapret2/ipset
$(CP) $(PKG_BUILD_DIR)/ipset/* $(1)/opt/zapret2/ipset/
$(INSTALL_DIR) $(1)/opt/zapret2/blockcheck2.d
$(CP) $(PKG_BUILD_DIR)/blockcheck2.d/* $(1)/opt/zapret2/blockcheck2.d/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/blockcheck2.sh $(1)/opt/zapret2/blockcheck2.sh
#$(INSTALL_DATA) $(PKG_BUILD_DIR)/config.default $(1)/opt/zapret2/config.default
$(INSTALL_DIR) $(1)/opt/zapret2/tmp
$(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt
$(CP) $(PKG_BUILD_DIR)/init.d/openwrt/* $(1)/opt/zapret2/init.d/openwrt/
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/init.d/openwrt/90-zapret2 $(1)/etc/hotplug.d/iface/90-zapret2
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./init.d.sh $(1)/etc/init.d/zapret2
$(INSTALL_DATA) ./config.default $(1)/opt/zapret2/config.default
$(INSTALL_DATA) ./config.default $(1)/opt/zapret2/config
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset/zapret-hosts-user.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/opt/zapret2/ipset_def
$(INSTALL_DATA) ./ipset/zapret-hosts-google.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-google.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user.txt
$(INSTALL_DATA) ./ipset/zapret-hosts-user-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-hosts-user-exclude.txt
$(INSTALL_DATA) ./ipset/zapret-ip-exclude.txt $(1)/opt/zapret2/ipset_def/zapret-ip-exclude.txt
$(INSTALL_DIR) $(1)/opt/zapret2/init.d
$(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt
$(INSTALL_DIR) $(1)/opt/zapret2/init.d/openwrt/custom.d
$(CP) ./custom.d/* $(1)/opt/zapret2/init.d/openwrt/custom.d/
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./uci-def-cfg.sh $(1)/etc/uci-defaults/zapret2-uci-def-cfg.sh
# install all sh-scripts
$(CP) ./*.sh $(1)/opt/zapret2/
rm -f $(1)/opt/zapret2/init.d.sh
# Create empty conf files
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/ipset/zapret-hosts-auto.txt
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/ipset/cust1.txt
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/ipset/cust2.txt
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/ipset/cust3.txt
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/ipset/cust4.txt
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/init.d/openwrt/custom.d/10-script.sh
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/init.d/openwrt/custom.d/20-script.sh
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/init.d/openwrt/custom.d/60-script.sh
$(INSTALL_DATA) /dev/null $(1)/opt/zapret2/init.d/openwrt/custom.d/90-script.sh
# Fix permissions
chmod 644 $(1)/opt/zapret2/ipset/*.txt
chmod 644 $(1)/opt/zapret2/ipset_def/*.txt
chmod 644 $(1)/opt/zapret2/init.d/openwrt/custom.d/*.sh
chmod 644 $(1)/opt/zapret2/config*
chmod 755 $(1)/opt/zapret2/*.sh
chmod 755 $(1)/opt/zapret2/$(MAKE_PATH)/*
chmod 755 $(1)/opt/zapret2/ip2net/*
chmod 755 $(1)/opt/zapret2/mdig/*
endef
define Package/$(PKG_NAME)/preinst
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_DIR=/opt/zapret2
ZAPRET_INITD=/etc/init.d/zapret2
ZAPRET_CFG=/etc/config/zapret2
if [ -f "$${ZAPRET_INITD}" ]; then
SCRIPT=$$( readlink "$${ZAPRET_INITD}" )
if [ -n "$${SCRIPT}" ]; then
echo "Please uninstall incompatible \"zapret2\" service!"
exit 44
fi
fi
if command -v apk >/dev/null; then
PKG_MGR="apk"
PKG_CHECK="apk info -e "
PKG_REMOVE="apk del --force "
else
PKG_MGR="opkg"
PKG_CHECK="opkg status "
PKG_REMOVE="opkg remove --force-remove "
fi
if [ "$${PKG_UPGRADE}" = "1" ]; then
# stop service if PKG_UPGRADE
if [ -x "$${ZAPRET_INITD}" ]; then
$${ZAPRET_INITD} running && $${ZAPRET_INITD} stop >/dev/null 2>&1
fi
fi
if $${PKG_CHECK} zapret2 >/dev/null 2>&1; then
if [ ! -f "/opt/zapret2/sync_config.sh" ]; then
echo "Please uninstall incompatible \"zapret2\" package!"
exit 47
fi
if [ -f "$${ZAPRET_CFG}" ] && ! grep -q "run_on_boot" "$${ZAPRET_CFG}"; then
echo "Please uninstall incompatible \"zapret2\" package!"
exit 48
fi
fi
if $${PKG_CHECK} luci-app-zapret2 >/dev/null 2>&1; then
SVC_FILE=/www/luci-static/resources/view/zapret2/service.js
if [ ! -f "$${SVC_FILE}" ] || ! grep -Fq "/remittor/zapret-openwrt" "$${SVC_FILE}"; then
echo "Please uninstall incompatible \"luci-app-zapret2\" package!"
exit 55
fi
fi
if [ -f "$${ZAPRET_CFG}" ] && ! grep -q "run_on_boot" "$${ZAPRET_CFG}"; then
if [ -x "$${ZAPRET_INITD}" ]; then
$${ZAPRET_INITD} running && $${ZAPRET_INITD} stop >/dev/null 2>&1
fi
rm -f $${ZAPRET_CFG}
rm -f $${ZAPRET_INITD}
[ -d "$${ZAPRET_DIR}" ] && rm -rf $${ZAPRET_DIR}
echo "All files of the previously installed package have been removed!"
fi
if $${PKG_CHECK} zapret2-mdig >/dev/null 2>&1; then
$${PKG_REMOVE} zapret2-mdig
fi
if $${PKG_CHECK} zapret2-ip2net >/dev/null 2>&1; then
$${PKG_REMOVE} zapret2-ip2net
fi
if [ ! -d "$${ZAPRET_DIR}" ]; then
mkdir -p $${ZAPRET_DIR}
fi
fi
exit 0
endef
define Package/$(PKG_NAME)/postinst
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_DIR=/opt/zapret2
ZAPRET_INITD=/etc/init.d/zapret2
ZAPRET_CFG=/etc/config/zapret2
ZAPRET_CONFIG=/opt/zapret2/config
ZAPRET_CONFIG_DEF="/opt/zapret2/config.default"
# Fix permissions
chmod 644 $${ZAPRET_CFG} >/dev/null 2>&1
chmod 644 $${ZAPRET_DIR}/ipset/*.txt >/dev/null 2>&1
chmod 644 $${ZAPRET_DIR}/ipset_def/*.txt >/dev/null 2>&1
chmod 644 $${ZAPRET_DIR}/init.d/openwrt/custom.d/*.sh >/dev/null 2>&1
chmod 644 $${ZAPRET_DIR}/config* >/dev/null 2>&1
# creating main config if its not exists
if [ ! -f "$${ZAPRET_CONFIG}" ]; then
cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
fi
# remove fake uci-config
[ -f "$${ZAPRET_CFG}" ] && [ ! -s "$${ZAPRET_CFG}" ] && rm -f "$${ZAPRET_CFG}"
# check existing uci-config
[ -f "$${ZAPRET_CFG}" ] && ZAPRET_CFG_EXISTS=1 || ZAPRET_CFG_EXISTS=0
# create or merge uci-config
/opt/zapret2/uci-def-cfg.sh
[ "$${ZAPRET_CFG_EXISTS}" = "1" ] && echo "Config /etc/config/zapret2 merged with default uci-config"
# remove uci-default script from system dir (used into /etc/init.d/boot)
rm -f /etc/uci-defaults/zapret2-uci-def-cfg.sh
# copy (sync) all params from uci-config to main config
/opt/zapret2/sync_config.sh
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || exit 58
# enable main service
$${ZAPRET_INITD} enable
# stop all
$${ZAPRET_INITD} stop_fw >/dev/null 2>&1
$${ZAPRET_INITD} stop_daemons >/dev/null 2>&1
ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
# start main service
$${ZAPRET_INITD} start
# restart firewall
[ -x /sbin/fw4 ] && fw4 -q restart || fw3 -q restart
fi
exit 0
endef
define Package/$(PKG_NAME)/prerm
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
ZAPRET_DIR=/opt/zapret2
ZAPRET_BASE=/opt/zapret2
ZAPRET_INITD=/etc/init.d/zapret2
ZAPRET_CFG=/etc/config/zapret2
ZAPRET_CONFIG=/opt/zapret2/config
ZAPRET_CONFIG_DEF="/opt/zapret2/config.default"
OPENWRT_FW_INCLUDE=/etc/firewall.zapret2
# check main config
sh -n "$${ZAPRET_CONFIG}" 2>/dev/null || cp -f "$${ZAPRET_CONFIG_DEF}" "$${ZAPRET_CONFIG}"
if ! sh -n "$${ZAPRET_CONFIG}" 2>/dev/null ; then
ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
exit 0
fi
. "$${ZAPRET_CONFIG}"
. "$${ZAPRET_BASE}/common/base.sh"
. "$${ZAPRET_BASE}/common/fwtype.sh"
. "$${ZAPRET_BASE}/common/nft.sh"
. "$${ZAPRET_BASE}/common/installer.sh"
$${ZAPRET_INITD} running && $${ZAPRET_INITD} stop >/dev/null 2>&1
$${ZAPRET_INITD} disable >/dev/null 2>&1
ps w | grep '/opt/zapret2/nfq2/nfqws2' | grep -v grep | awk '{print $$1}' | xargs -r kill -9
remove_openwrt_firewall
nft_del_table
restart_openwrt_firewall
fi
exit 0
endef
define Package/$(PKG_NAME)/postrm
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
rm -f /etc/config/zapret2-opkg*
rm -f /etc/config/zapret2.opkg*
rm -f /etc/config/zapret2.apk*
[ -f "/opt/zapret2/config" ] && cp -f /opt/zapret2/config "/opt/zapret2/config.backup"
#rm -rf /opt/zapret2
#echo "Directory /opt/zapret2 removed!"
fi
exit 0
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

236
zapret2/comfunc.sh Executable file
View File

@@ -0,0 +1,236 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXEDIR=/opt/zapret2
ZAPRET_BASE=/opt/zapret2
ZAPRET_INITD=/etc/init.d/zapret2
ZAPRET_ORIG_INITD="$ZAPRET_BASE/init.d/openwrt/zapret2"
ZAP_LOG_TAG=ZAPRET2
ZAPRET_CONFIG="$ZAPRET_BASE/config"
ZAPRET_CONFIG_NEW="$ZAPRET_BASE/config.new"
ZAPRET_CONFIG_DEF="$ZAPRET_BASE/config.default"
ZAPRET_CFG=/etc/config/zapret2
ZAPRET_CFG_NAME=zapret2
ZAPRET_CFG_SEC=$ZAPRET_CFG_NAME.config
ZAPRET_CFG_SEC_NAME="$( uci -q get $ZAPRET_CFG_SEC )"
. $ZAPRET_BASE/def-cfg.sh
CRONTAB_FILE="/etc/crontabs/root"
function adapt_for_sed
{
echo -n "$1" | tr '\r' ' ' | tr '\n' ' ' | tr '\t' ' ' | sed -r 's/([\$\.\*\/\[\\^])/\\\1/g' | sed 's/[]]/\\]/g'
}
function is_valid_config
{
local fname=${1:-$ZAPRET_CONFIG}
sh -n "$fname" &>/dev/null
return $?
}
function get_ppid_by_pid
{
local pid=$1
local ppid="$( cat /proc/$pid/status 2>/dev/null | grep '^PPid:' | awk '{print $2}' )"
echo "$ppid"
}
function get_proc_path_by_pid
{
local pid=$1
local path=$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' | head -n1 )
echo "$path"
}
function get_proc_cmd_by_pid
{
local pid=$1
local delim="$2"
local cmdline
if [ "$delim" = "" ]; then
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' '\n' )"
else
cmdline="$( cat /proc/$pid/cmdline 2>/dev/null | tr '\0' "$delim" )"
fi
echo "$cmdline"
}
function is_run_via_procd
{
local pname
[ "$$" = "1" ] && return 0
pname="$( get_proc_path_by_pid $$ )"
[ "$pname" = "/sbin/procd" ] && return 0
[ "$PPID" = "1" ] && return 0
pname="$( get_proc_path_by_pid $PPID )"
[ "$pname" = "/sbin/procd" ] && return 0
return 1
}
function is_run_on_boot
{
local cmdline="$( get_proc_cmd_by_pid $$ ' ' )"
if echo "$cmdline" | grep -q " /etc/rc.d/S" ; then
if echo "$cmdline" | grep -q " boot $" ; then
return 0
fi
fi
return 1
}
function get_run_on_boot_option
{
if [ "$( uci -q get $ZAPRET_CFG_NAME.config.run_on_boot )" = "1" ]; then
echo 1
else
echo 0
fi
}
function get_distrib_param
{
local parname=$1
local value="__unknown__"
if [ -f /etc/openwrt_release ]; then
while IFS='=' read -r key val; do
val="${val#\'}"
val="${val%\'}"
val="${val#\"}"
val="${val%\"}"
if [ "$key" = "$parname" ]; then
value="$val"
break
fi
done < /etc/openwrt_release
fi
printf '%s' "$value"
}
function get_cpu_arch
{
get_distrib_param DISTRIB_ARCH
}
function restore_ipset_txt
{
local cfgname=$1
if [ -f "$ZAPRET_BASE/ipset_def/$cfgname" ]; then
cp -f "$ZAPRET_BASE/ipset_def/$cfgname" "$ZAPRET_BASE/ipset/$cfgname"
fi
}
function restore_all_ipset_cfg
{
restore_ipset_txt zapret-hosts-google.txt
restore_ipset_txt zapret-hosts-user.txt
restore_ipset_txt zapret-hosts-user-exclude.txt
restore_ipset_txt zapret-ip-exclude.txt
}
function create_default_cfg
{
local opt_flags=${1:--}
local opt_strat=$2
local cfgname=${3:-$ZAPRET_CFG_NAME}
local cfgfile=/etc/config/$cfgname
rm -f $cfgfile
touch $cfgfile
uci set $cfgname.config=main
set_cfg_default_values "$opt_flags" "$opt_strat" $cfgname
return 0
}
function merge_cfg_with_def_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local force=$2
local cfgfile=/etc/config/$cfgname
local NEWCFGNAME="$ZAPRET_CFG_NAME-default"
local NEWCFGFILE="/etc/config/$NEWCFGNAME"
local cfg_sec_name="$( uci -q get $ZAPRET_CFG_NAME.config )"
[ -z "$cfg_sec_name" ] && create_default_cfg
create_default_cfg "-" "" "$NEWCFGNAME"
[ ! -f "$NEWCFGFILE" ] && return 1
uci -m -f $cfgfile import "$NEWCFGNAME"
uci commit "$NEWCFGNAME"
uci -m -f "$NEWCFGFILE" import $cfgname
uci commit $cfgname
rm -f "$NEWCFGFILE"
return 0
}
function remove_cron_task_logs
{
if [ -f "$CRONTAB_FILE" ]; then
sed -i "/-name '$ZAPRET_CFG_NAME+\*.log' -size +/d" "$CRONTAB_FILE"
fi
}
function insert_cron_task_logs
{
[ ! -f "$CRONTAB_FILE" ] && touch "$CRONTAB_FILE"
[ ! -f "$CRONTAB_FILE" ] && return 1
if ! grep -q -e "-name '$ZAPRET_CFG_NAME\*\.log' -size \+" "$CRONTAB_FILE"; then
echo "*/2 * * * * /usr/bin/find /tmp -maxdepth 1 -type f -name '$ZAPRET_CFG_NAME+*.log' -size +2600k -exec rm -f {} \;" >> "$CRONTAB_FILE"
/etc/init.d/cron restart 2> /dev/null
fi
return 0
}
function init_before_start
{
local DAEMON_LOG_ENABLE=$1
local HOSTLIST_FN="$ZAPRET_BASE/ipset/zapret-hosts-user.txt"
[ ! -f "$HOSTLIST_FN" ] && touch "$HOSTLIST_FN"
chmod 644 $ZAPRET_BASE/ipset/*.txt
chmod 666 $ZAPRET_BASE/ipset/*.log
rm -f /tmp/$ZAPRET_CFG_NAME+*.log
#*/
if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
insert_cron_task_logs
else
remove_cron_task_logs
fi
return 0
}
function patch_luci_header_ut
{
# INFO: https://github.com/openwrt/luci/pull/7725
local header_ut=/usr/share/ucode/luci/template/header.ut
local runtime_uc=/usr/share/ucode/luci/runtime.uc
local newenv
[ ! -f $header_ut ] && return 0
[ ! -f $runtime_uc ] && return 0
if grep -q "pkgs_update_time" $runtime_uc; then
return 0
fi
if grep -q "pkgs_update_time" $header_ut; then
return 0
fi
sed -i "/^import { access/i import { stat } from 'fs';" $runtime_uc
if ! grep -q "{ stat }" $runtime_uc; then
return 1
fi
newenv="self.env.pkgs_update_time = stat('/lib/apk/db/installed')?.mtime ?? stat('/usr/lib/opkg/status')?.mtime ?? 0;"
newenv=`adapt_for_sed "$newenv"`
sed -i "/self.env.include =/i $newenv" $runtime_uc
if ! grep -q "pkgs_update_time" $runtime_uc; then
return 1
fi
sed -i 's/luci.js?v=\(.*\)"><\/script>/luci.js?v=\1-{{ pkgs_update_time }}"><\/script>/g' $header_ut
if ! grep -q "pkgs_update_time" $header_ut; then
return 1
fi
logger -p notice -t ZAPRET "patch_luci_header_ut: OK"
return 0
}

77
zapret/config.default → zapret2/config.default
View File

@@ -4,6 +4,9 @@
# can help in case /tmp has not enough space
#TMPDIR=/opt/zapret/tmp
# redefine user for zapret daemons. required on Keenetic
WS_USER="daemon"
# override firewall type : iptables,nftables,ipfw
FWTYPE=nftables
@@ -27,14 +30,25 @@ IP2NET_OPT4="--prefix-length=22-30 --v4-threshold=3/4"
IP2NET_OPT6="--prefix-length=56-64 --v6-threshold=5"
# options for auto hostlist
# NOTE : in order for these adjustment to work it's required to redirect enough starting packets
# NOTE : set PKT_IN, PKT_OUT variables appropriately
AUTOHOSTLIST_INCOMING_MAXSEQ=4096
AUTOHOSTLIST_RETRANS_MAXSEQ=32768
AUTOHOSTLIST_RETRANS_RESET=1
AUTOHOSTLIST_RETRANS_THRESHOLD=3
AUTOHOSTLIST_FAIL_THRESHOLD=3
AUTOHOSTLIST_FAIL_TIME=60
AUTOHOSTLIST_UDP_IN=1
AUTOHOSTLIST_UDP_OUT=4
# 1 = debug autohostlist positives to ipset/zapret-hosts-auto-debug.log
AUTOHOSTLIST_DEBUGLOG=0
# number of parallel threads for domain list resolves
MDIG_THREADS=30
# EAI_AGAIN retries
MDIG_EAGAIN=10
# delay between EAI_AGAIN retries (ms)
MDIG_EAGAIN_DELAY=500
# ipset/*.sh can compress large lists
GZIP_LISTS=0
@@ -53,49 +67,41 @@ DESYNC_MARK=0x40000000
DESYNC_MARK_POSTNAT=0x20000000
TPWS_SOCKS_ENABLE=0
# tpws socks listens on this port on localhost and LAN interfaces
TPPORT_SOCKS=987
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_SOCKS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
TPWS_ENABLE=0
TPWS_PORTS="80,443"
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_OPT="--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=443 --split-tls=sni --disorder <HOSTLIST>"
# do not pass outgoing traffic to tpws/nfqws not marked with this bit
# this setting allows to write your own rules to limit traffic that should be fooled
# for example based on source IP or incoming interface name
# no filter if not defined
FILTER_MARK=""
NFQWS_ENABLE=1
NFQWS2_ENABLE=1
# redirect outgoing traffic with connbytes limiter applied in both directions.
NFQWS_PORTS_TCP="80,443"
NFQWS_PORTS_UDP="443"
NFQWS2_PORTS_TCP="80,443"
NFQWS2_PORTS_UDP="443"
# PKT_OUT means connbytes dir original
# PKT_IN means connbytes dir reply
# this is --dpi-desync-cutoff=nX kernel mode implementation for linux. it saves a lot of CPU.
NFQWS_TCP_PKT_OUT="9"
NFQWS_TCP_PKT_IN="3"
NFQWS_UDP_PKT_OUT="9"
NFQWS_UDP_PKT_IN="0"
NFQWS2_TCP_PKT_OUT="20"
NFQWS2_TCP_PKT_IN="10"
NFQWS2_UDP_PKT_OUT="5"
NFQWS2_UDP_PKT_IN="3"
# redirect outgoing traffic without connbytes limiter and incoming with connbytes limiter
# normally it's needed only for stateless DPI that matches every packet in a single TCP session
# typical example are plain HTTP keep alives
# this mode can be very CPU consuming. enable with care !
NFQWS_PORTS_TCP_KEEPALIVE=0
NFQWS_PORTS_UDP_KEEPALIVE=0
NFQWS2_PORTS_TCP_KEEPALIVE=""
NFQWS2_PORTS_UDP_KEEPALIVE=""
# use <HOSTLIST> and <HOSTLIST_NOAUTO> placeholders to engage standard hostlists and autohostlist in ipset dir
# hostlist markers are replaced to empty string if MODE_FILTER does not satisfy
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
NFQWS_OPT="--filter-tcp=80 <HOSTLIST> --dpi-desync=fake,fakedsplit --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig --new --filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-repeats=11 --dpi-desync-fooling=md5sig --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin --new --filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-google.txt --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/zapret/files/fake/quic_initial_www_google_com.bin --new --filter-udp=443 <HOSTLIST_NOAUTO> --dpi-desync=fake --dpi-desync-repeats=11 --new --filter-tcp=443 <HOSTLIST> --dpi-desync=fake,multidisorder --dpi-desync-split-pos=midsld --dpi-desync-repeats=6 --dpi-desync-fooling=badseq,md5sig"
NFQWS2_OPT="--filter-tcp=80 --filter-l7=http <HOSTLIST> --payload=http_req --lua-desync=fake:blob=fake_default_http:tcp_md5 --lua-desync=multisplit:pos=method+2 --new --filter-tcp=443 --filter-l7=tls <HOSTLIST> --payload=tls_client_hello --lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000 --lua-desync=multidisorder:pos=1,midsld --new --filter-udp=443 --filter-l7=quic <HOSTLIST_NOAUTO> --payload=quic_initial --lua-desync=fake:blob=fake_default_quic:repeats=6"
DISABLE_CUSTOM=1
# FlowOffload mode : donttouch,none,software,hardware
FLOWOFFLOAD=none
@@ -109,9 +115,8 @@ FLOWOFFLOAD=none
# for routers based on desktop linux and macos. has no effect in openwrt.
# CHOOSE LAN and optinally WAN/WAN6 NETWORK INTERFACES
# or leave them commented if its not router
# it's possible to specify multiple interfaces like this : IFACE_LAN="eth0 eth1 eth2"
# it's possible to specify multiple interfaces like this : IFACE_WAN="eth0 eth1 eth2"
# if IFACE_WAN6 is not defined it take the value of IFACE_WAN
#IFACE_LAN=eth0
#IFACE_WAN=eth1
#IFACE_WAN6="ipsec0 wireguard0 he_net"
@@ -120,10 +125,10 @@ FLOWOFFLOAD=none
INIT_APPLY_FW=1
# firewall apply hooks
#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret.hook.pre_up"
#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret.hook.post_up"
#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret.hook.pre_down"
#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret.hook.post_down"
#INIT_FW_PRE_UP_HOOK="/etc/firewall.zapret2.hook.pre_up"
#INIT_FW_POST_UP_HOOK="/etc/firewall.zapret2.hook.post_up"
#INIT_FW_PRE_DOWN_HOOK="/etc/firewall.zapret2.hook.pre_down"
#INIT_FW_POST_DOWN_HOOK="/etc/firewall.zapret2.hook.post_down"
# do not work with ipv4
DISABLE_IPV4=0
@@ -131,7 +136,17 @@ DISABLE_IPV4=0
# do not work with ipv6
DISABLE_IPV6=1
# drop icmp time exceeded messages for nfqws tampered connections
# in POSTNAT mode this can interfere with default mtr/traceroute in tcp or udp mode. use source port not redirected to nfqws
# set to 0 if you are not expecting connection breakage due to icmp in response to TCP SYN or UDP
FILTER_TTL_EXPIRED_ICMP=1
# select which init script will be used to get ip or host list
# possible values : get_user.sh get_antizapret.sh get_combined.sh get_reestr.sh get_hostlist.sh
# comment if not required
#GETLIST=get_antizapret_domains.sh
DAEMON_LOG_ENABLE=0
DAEMON_LOG_FILE="/tmp/zapret2+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log"

31
zapret2/custom.d/50-script.sh Normal file
View File

@@ -0,0 +1,31 @@
# Stun4ALL (discord audio, discord video, telegram call, etc)
# this custom script runs desync to all stun packets
# NOTE: @ih requires nft 1.0.1+ and updated kernel version. it's confirmed to work on 5.15 (openwrt 23) and not work on 5.10 (openwrt 22)
# can override in config :
NFQWS_OPT_DESYNC_STUN="${NFQWS_OPT_DESYNC_STUN:---payload stun --lua-desync=fake:blob=0x00000000000000000000000000000000:repeats=2}"
alloc_dnum DNUM_STUN4ALL
alloc_qnum QNUM_STUN4ALL
zapret_custom_daemons()
{
# $1 - 1 - add, 0 - stop
local opt="--qnum=$QNUM_STUN4ALL $NFQWS_OPT_DESYNC_STUN"
do_nfqws $1 $DNUM_STUN4ALL "$opt"
}
zapret_custom_firewall()
{
# $1 - 1 - run, 0 - stop
local f='-p udp -m u32 --u32'
fw_nfqws_post $1 "$f 0>>22&0x3C@4>>16=28:65535&&0>>22&0x3C@12=0x2112A442&&0>>22&0x3C@8&0xC0000003=0" "$f 44>>16=28:65535&&52=0x2112A442&&48&0xC0000003=0" $QNUM_STUN4ALL
}
zapret_custom_firewall_nft()
{
# stop logic is not required
local f="udp length >= 28 @ih,32,32 0x2112A442 @ih,0,2 0 @ih,30,2 0"
nft_fw_nfqws_post "$f" "$f" $QNUM_STUN4ALL
}

185
zapret2/def-cfg.sh Executable file
View File

@@ -0,0 +1,185 @@
#!/bin/sh
# Copyright (c) 2025 remittor
function set_cfg_reset_values
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( printf '\t' )"
uci batch <<-EOF
set $cfgname.config.run_on_boot='0'
# settings for zapret service
set $cfgname.config.FWTYPE='nftables'
set $cfgname.config.POSTNAT='1'
set $cfgname.config.FLOWOFFLOAD='none'
set $cfgname.config.INIT_APPLY_FW='1'
set $cfgname.config.DISABLE_IPV4='0'
set $cfgname.config.DISABLE_IPV6='1'
set $cfgname.config.FILTER_TTL_EXPIRED_ICMP='1'
set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.DISABLE_CUSTOM='1'
set $cfgname.config.WS_USER='daemon'
set $cfgname.config.DAEMON_LOG_ENABLE='0'
set $cfgname.config.DAEMON_LOG_FILE='/tmp/zapret2+<DAEMON_NAME>+<DAEMON_IDNUM>+<DAEMON_CFGNAME>.log'
# autohostlist options
set $cfgname.config.AUTOHOSTLIST_INCOMING_MAXSEQ='4096'
set $cfgname.config.AUTOHOSTLIST_RETRANS_MAXSEQ='32768'
set $cfgname.config.AUTOHOSTLIST_RETRANS_RESET='1'
set $cfgname.config.AUTOHOSTLIST_RETRANS_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_THRESHOLD='3'
set $cfgname.config.AUTOHOSTLIST_FAIL_TIME='60'
set $cfgname.config.AUTOHOSTLIST_UDP_IN='1'
set $cfgname.config.AUTOHOSTLIST_UDP_OUT='4'
set $cfgname.config.AUTOHOSTLIST_DEBUGLOG='0'
# nfqws options
set $cfgname.config.NFQWS2_ENABLE='1'
set $cfgname.config.DESYNC_MARK='0x40000000'
set $cfgname.config.DESYNC_MARK_POSTNAT='0x20000000'
set $cfgname.config.FILTER_MARK='$TAB'
set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS2_TCP_PKT_OUT='20'
set $cfgname.config.NFQWS2_TCP_PKT_IN='10'
set $cfgname.config.NFQWS2_UDP_PKT_OUT='5'
set $cfgname.config.NFQWS2_UDP_PKT_IN='3'
set $cfgname.config.NFQWS2_PORTS_TCP_KEEPALIVE='0'
set $cfgname.config.NFQWS2_PORTS_UDP_KEEPALIVE='0'
# save changes
commit $cfgname
EOF
return 0
}
function clear_nfqws_strat
{
local cfgname=${1:-$ZAPRET_CFG_NAME}
local TAB="$( printf '\t' )"
uci batch <<-EOF
set $cfgname.config.MODE_FILTER='hostlist'
set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS2_OPT='$TAB'
commit $cfgname
EOF
}
function set_cfg_nfqws_strat
{
local strat=${1:--}
local cfgname=${2:-$ZAPRET_CFG_NAME}
local TAB="$( printf '\t' )"
uci batch <<-EOF
set $cfgname.config.MODE_FILTER='hostlist'
commit $cfgname
EOF
if [ "$strat" = "empty" ]; then
clear_nfqws_strat $cfgname
fi
if [ "$strat" = "default" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS2_OPT="
# Strategy $strat
--filter-tcp=80
--filter-l7=http <HOSTLIST>
--payload=http_req
--lua-desync=fake:blob=fake_default_http:tcp_md5
--lua-desync=multisplit:pos=method+2
--new
--filter-tcp=443
--filter-l7=tls <HOSTLIST>
--payload=tls_client_hello
--lua-desync=fake:blob=fake_default_tls:tcp_md5:tcp_seq=-10000
--lua-desync=multidisorder:pos=1,midsld
--new
--filter-udp=443
--filter-l7=quic <HOSTLIST_NOAUTO>
--payload=quic_initial
--lua-desync=fake:blob=fake_default_quic:repeats=6
"
commit $cfgname
EOF
fi
if [ "$strat" = "v1_by_Schiz23" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS2_OPT="
# Strategy $strat
--filter-tcp=80
--filter-l7=http <HOSTLIST>
--payload=http_req
--lua-desync=fake:blob=fake_default_http:tcp_md5
--lua-desync=multisplit:pos=method+2
--new
--filter-tcp=443
--filter-l7=tls <HOSTLIST>
--lua-desync=fake:blob=fake_default_tls:ip_ttl=1:ip6_ttl=1:tls_mod=rnd,rndsni,padencap
--lua-desync=multidisorder:payload=tls_client_hello:pos=3
--new
--filter-udp=443
--filter-l7=quic <HOSTLIST_NOAUTO>
--lua-desync=fake:blob=fake_default_quic:repeats=11:payload=all:out_range=-d10
"
commit $cfgname
EOF
fi
if [ "$strat" = "v2_by_Schiz23" ]; then
uci batch <<-EOF
set $cfgname.config.NFQWS2_PORTS_TCP='80,443'
set $cfgname.config.NFQWS2_PORTS_UDP='443'
set $cfgname.config.NFQWS2_OPT="
# Strategy $strat
--filter-tcp=80
--filter-l7=http <HOSTLIST>
--payload=http_req
--lua-desync=fake:blob=fake_default_http:tcp_md5
--lua-desync=multisplit:pos=method+2
--new
--filter-tcp=443
--filter-l7=tls <HOSTLIST>
--payload=tls_client_hello
--lua-desync=multidisorder:payload=tls_client_hello:pos=100,midsld,sniext+1,endhost-2,-10
--lua-desync=send:sni=.microsoft
--new
--filter-udp=443
--filter-l7=quic <HOSTLIST_NOAUTO>
--payload=quic_initial
--lua-desync=fake:blob=fake_default_quic:repeats=4
"
commit $cfgname
EOF
fi
return 0
}
function set_cfg_default_values
{
local opt_flags=${1:--}
local opt_strat=${2:-default}
local cfgname=${3:-$ZAPRET_CFG_NAME}
if ! echo "$opt_flags" | grep -q "(skip_base)"; then
set_cfg_reset_values $cfgname
fi
if [ "$opt_strat" != "-" ]; then
set_cfg_nfqws_strat "$opt_strat" $cfgname
fi
if echo "$opt_flags" | grep -q "(set_mode_autohostlist)"; then
uci batch <<-EOF
set $cfgname.config.MODE_FILTER='autohostlist'
commit $cfgname
EOF
fi
return 0
}

119
zapret2/dwc.sh Normal file
View File

@@ -0,0 +1,119 @@
#!/bin/sh
# Copyright (c) 2026 remittor
. /opt/zapret2/comfunc.sh
ZAP_TMP_DIR=/tmp/zapret_dwc
rm -rf $ZAP_TMP_DIR
CURL_TIMEOUT=5
CURL_RANGETO=65535
if ! command -v curl >/dev/null 2>&1; then
echo "ERROR: package \"curl\" not installed!"
return 10
fi
CURL_INFO=$( curl -V )
if ! echo "$CURL_INFO" | grep -q 'https'; then
echo "------- package curl"
echo "$CURL_INFO"
echo "-------"
echo "ERROR: package \"curl\" not supported HTTPS protocol!"
echo "NOTE: Please install package \"curl-ssl\""
return 11
fi
#echo 'Original sources: https://github.com/hyperion-cs/dpi-checkers'
#echo 'WEB-version: https://hyperion-cs.github.io/dpi-checkers/ru/tcp-16-20/'
TEST_SUITE='[
{ id: "US.CF-01", provider: "🇺🇸 Cloudflare", times: 1, url: "https://img.wzstats.gg/cleaver/gunFullDisplay" },
{ id: "US.CF-02", provider: "🇺🇸 Cloudflare", times: 1, url: "https://genshin.jmp.blue/characters/all#" },
{ id: "US.CF-03", provider: "🇺🇸 Cloudflare", times: 1, url: "https://api.frankfurter.dev/v1/2000-01-01..2002-12-31" },
{ id: "US.CF-04", provider: "🇨🇦 Cloudflare", times: 1, url: "https://www.bigcartel.com/" },
{ id: "US.DO-01", provider: "🇺🇸 DigitalOcean", times: 2, url: "https://genderize.io/" },
{ id: "DE.HE-01", provider: "🇩🇪 Hetzner", times: 1, url: "https://j.dejure.org/jcg/doctrine/doctrine_banner.webp" },
{ id: "DE.HE-02", provider: "🇩🇪 Hetzner", times: 1, url: "https://maps.gnosis.earth/ogcapi/api/swagger-ui/swagger-ui-standalone-preset.js#" },
{ id: "FI.HE-01", provider: "🇫🇮 Hetzner", times: 1, url: "https://251b5cd9.nip.io/1MB.bin" },
{ id: "FI.HE-02", provider: "🇫🇮 Hetzner", times: 1, url: "https://5fd8c176.nip.io/1MB.bin" },
{ id: "FI.HE-03", provider: "🇫🇮 Hetzner", times: 1, url: "https://5fd8bdae.nip.io/1MB.bin" },
{ id: "FI.HE-04", provider: "🇫🇮 Hetzner", times: 1, url: "https://5fd8bca5.nip.io/1MB.bin" },
{ id: "FR.OVH-01", provider: "🇫🇷 OVH", times: 1, url: "https://eu.api.ovh.com/console/rapidoc-min.js" },
{ id: "FR.OVH-02", provider: "🇫🇷 OVH", times: 1, url: "https://ovh.sfx.ovh/10M.bin" },
{ id: "SE.OR-01", provider: "🇸🇪 Oracle", times: 1, url: "https://oracle.sfx.ovh/10M.bin" },
{ id: "DE.AWS-01", provider: "🇩🇪 AWS", times: 1, url: "https://www.getscope.com/assets/fonts/fa-solid-900.woff2" },
{ id: "US.AWS-01", provider: "🇺🇸 AWS", times: 1, url: "https://corp.kaltura.com/wp-content/cache/min/1/wp-content/themes/airfleet/dist/styles/theme.css" },
{ id: "US.GC-01", provider: "🇺🇸 Google Cloud", times: 1, url: "https://api.usercentrics.eu/gvl/v3/en.json" },
{ id: "US.FST-01", provider: "🇺🇸 Fastly", times: 1, url: "https://www.jetblue.com/main.c7b61d59416f714f.js" },
{ id: "CA.FST-01", provider: "🇨🇦 Fastly", times: 1, url: "https://www.cnn10.com/" },
{ id: "US.AKM-01", provider: "🇺🇸 Akamai", times: 1, url: "https://www.roxio.com/static/roxio/images/products/creator/nxt9/call-action-footer-bg.jpg" },
{ id: "PL.AKM-01", provider: "🇵🇱 Akamai", times: 1, url: "https://media-assets.stryker.com/is/image/stryker/gateway_1?$max_width_1410$" },
{ id: "US.CDN77-01", provider: "🇺🇸 CDN77", times: 1, url: "https://cdn.eso.org/images/banner1920/eso2520a.jpg" },
{ id: "FR.CNTB-01", provider: "🇫🇷 Contabo", times: 1, url: "https://airsea.no/images/main_logo.png" },
{ id: "NL.SW-01", provider: "🇳🇱 Scaleway", times: 1, url: "https://www.velivole.fr/img/header.jpg" },
{ id: "US.CNST-01", provider: "🇺🇸 Constant", times: 1, url: "https://cdn.xuansiwei.com/common/lib/font-awesome/4.7.0/fontawesome-webfont.woff2?v=4.7.0" }
]'
function trim
{
echo "$1" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'
}
mkdir -p $ZAP_TMP_DIR
ID=0
while IFS='|' read -r TAG PROVIDER TIMES URL; do
[ -z "$TAG" ] && continue
ID=$((ID+1))
ID3=$(printf '%03d' "$ID")
COUNTRY="$(echo "$TAG" | cut -d. -f1)"
CNTFLAG="$(echo "$PROVIDER" | awk '{print $1}')"
PROVIDER="$(echo "$PROVIDER" | cut -d' ' -f2-)"
URL_NO_PROTO="${URL#*://}"
DOMAIN="${URL_NO_PROTO%%/*}"
URLPATH="/${URL_NO_PROTO#*/}"
[ "$URLPATH" = "/$URL_NO_PROTO" ] && URLPATH="/"
#echo "TAG=$TAG , COUNTRY=$COUNTRY , PROVIDER=$PROVIDER , TIMES=$TIMES , URL=$URL"
(
DST_IP=$( curl -4 -s -o /dev/null -w '%{remote_ip}\n' $DOMAIN )
if [ -z "$DST_IP" ]; then
DST_IP="$( ping -c1 "$DOMAIN" 2>/dev/null | sed -n '1s/.*(\([0-9.]*\)).*/\1/p')"
fi
curl -k $URL --resolve $DOMAIN:443:$DST_IP -o /dev/null -s -w '%{size_download}\n' --max-time $CURL_TIMEOUT --range 0-$CURL_RANGETO
) >"$ZAP_TMP_DIR/$ID3=$TAG=$PROVIDER.txt" 2>&1 &
done <<EOF
$(printf '%s\n' "$TEST_SUITE" | sed -n '
s/.*id:[[:space:]]*"\([^"]*\)".*provider:[[:space:]]*"\([^"]*\)".*times:[[:space:]]*\([0-9]\+\).*url:[[:space:]]*"\([^"]*\)".*/\1|\2|\3|\4/p
')
EOF
wait
printf '%s\n' "$ZAP_TMP_DIR"/*.txt | sort | while IFS= read -r file; do
[ -f "$file" ] || continue
FNAME="${file##*/}"
ID=$( echo "$FNAME" | cut -d= -f1)
TAG=$( echo "$FNAME" | cut -d= -f2)
PROVIDER=$(echo "$FNAME" | cut -d= -f3 | sed 's/\.txt$//' )
res=$( cat "$file" )
res=$( trim "$res" )
status=
case "$res" in
''|*[!0-9]*)
status="Error (incorrect value)"
;;
esac
if [ -z "$status" ]; then
if [ "$res" = 0 ]; then
status="Possibly detected"
elif [ "$res" -lt $CURL_RANGETO ]; then
status="Failed to complete detection"
else
status="[ OK ]"
fi
fi
printf '%12s / %-13s: %s \n' "$TAG" "$PROVIDER" "$status"
done
return 0

BIN
zapret2/files/fake/4pda.bin Normal file
View File

Binary file not shown.

BIN
zapret2/files/fake/max.bin Normal file
View File

Binary file not shown.

BIN
zapret2/files/fake/t2.bin Normal file
View File

Binary file not shown.

BIN
zapret2/files/fake/tls_clienthello_max_ru.bin Normal file
View File

Binary file not shown.

30
zapret/init.d.sh → zapret2/init.d.sh
View File

@@ -7,17 +7,17 @@ START=21
SCRIPT_FILENAME=$1
. /opt/zapret/comfunc.sh
. /opt/zapret2/comfunc.sh
if ! is_valid_config ; then
logger -p err -t ZAPRET "Wrong main config: $ZAPRET_CONFIG"
logger -p err -t $ZAP_LOG_TAG "Wrong main config: $ZAPRET_CONFIG"
exit 91
fi
. $ZAPRET_ORIG_INITD
EXEDIR=/opt/zapret
ZAPRET_BASE=/opt/zapret
EXEDIR=/opt/$ZAPRET_CFG_NAME
ZAPRET_BASE=/opt/$ZAPRET_CFG_NAME
is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0
@@ -25,17 +25,18 @@ is_run_on_boot && IS_RUN_ON_BOOT=1 || IS_RUN_ON_BOOT=0
function enable
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to enable service, but service blocked!"
logger -p notice -t $ZAP_LOG_TAG "Attempt to enable service, but service blocked!"
return 61
fi
fi
fi
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
uci set $ZAPRET_CFG_NAME.config.run_on_boot=1
uci set $ZAPRET_CFG_SEC.run_on_boot=1
uci commit
fi
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD enable
@@ -48,7 +49,7 @@ function enabled
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
logger -p notice -t ZAPRET "Service is blocked!"
logger -p notice -t $ZAP_LOG_TAG "Service is blocked!"
fi
return 61
fi
@@ -59,15 +60,28 @@ function enabled
function boot
{
local run_on_boot=""
patch_luci_header_ut
if [ "$IS_RUN_ON_BOOT" = "1" ]; then
if [ -n "$ZAPRET_CFG_SEC_NAME" ]; then
run_on_boot=$( get_run_on_boot_option )
if [ $run_on_boot != 1 ]; then
logger -p notice -t ZAPRET "Attempt to run service on boot! Service is blocked!"
logger -p notice -t $ZAP_LOG_TAG "Attempt to run service on boot! Service is blocked!"
return 61
fi
fi
fi
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function start
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD start "$@"
}
function restart
{
init_before_start "$DAEMON_LOG_ENABLE"
/bin/sh /etc/rc.common $ZAPRET_ORIG_INITD restart "$@"
}

198
zapret2/ipset/zapret-hosts-google.txt Normal file
View File

@@ -0,0 +1,198 @@
cdn.youtube.com
fonts.googleapis.com
fonts.gstatic.com
ggpht.com
googleapis.com
googleusercontent.com
googlevideo.com
i.ytimg.com
i9.ytimg.com
jnn-pa.googleapis.com
kids.youtube.com
m.youtube.com
manifest.googlevideo.com
music.youtube.com
nhacmp3youtube.com
returnyoutubedislikeapi.com
s.ytimg.com
signaler-pa.youtube.com
studio.youtube.com
tv.youtube.com
wide-youtube.l.google.com
withyoutube.com
youtu.be
youtube.com
youtube.googleapis.com
youtubeeducation.com
youtubeembeddedplayer.googleapis.com
youtubefanfest.com
youtubegaming.com
youtubei.googleapis.com
youtubekids.com
youtubemobilesupport.com
youtube-nocookie.com
youtube-ui.l.google.com
yt.be
yt3.ggpht.com
yt3.googleusercontent.com
yt4.ggpht.com
ytimg.com
ytimg.l.google.com
yting.com
yt-video-upload.l.google.com
youtube.ae
youtube.al
youtube.am
youtube.at
youtube.az
youtube.ba
youtube.be
youtube.bg
youtube.bh
youtube.bo
youtube.by
youtube.ca
youtube.cat
youtube.ch
youtube.cl
youtube.co
youtube.co.ae
youtube.co.at
youtube.co.cr
youtube.co.hu
youtube.co.id
youtube.co.il
youtube.co.in
youtube.co.jp
youtube.co.ke
youtube.co.kr
youtube.co.ma
youtube.co.nz
youtube.co.th
youtube.co.tz
youtube.co.ug
youtube.co.uk
youtube.co.ve
youtube.co.za
youtube.co.zw
youtube.com.ar
youtube.com.au
youtube.com.az
youtube.com.bd
youtube.com.bh
youtube.com.bo
youtube.com.br
youtube.com.by
youtube.com.co
youtube.com.do
youtube.com.ec
youtube.com.ee
youtube.com.eg
youtube.com.es
youtube.com.gh
youtube.com.gr
youtube.com.gt
youtube.com.hk
youtube.com.hn
youtube.com.hr
youtube.com.jm
youtube.com.jo
youtube.com.kw
youtube.com.lb
youtube.com.lv
youtube.com.ly
youtube.com.mk
youtube.com.mt
youtube.com.mx
youtube.com.my
youtube.com.ng
youtube.com.ni
youtube.com.om
youtube.com.pa
youtube.com.pe
youtube.com.ph
youtube.com.pk
youtube.com.pt
youtube.com.py
youtube.com.qa
youtube.com.ro
youtube.com.sa
youtube.com.sg
youtube.com.sv
youtube.com.tn
youtube.com.tr
youtube.com.tw
youtube.com.ua
youtube.com.uy
youtube.com.ve
youtube.cr
youtube.cz
youtube.de
youtube.dk
youtube.ee
youtube.es
youtube.fi
youtube.fr
youtube.ge
youtube.gr
youtube.gt
youtube.hk
youtube.hr
youtube.hu
youtube.ie
youtube.in
youtube.iq
youtube.is
youtube.it
youtube.jo
youtube.jp
youtube.kr
youtube.kz
youtube.la
youtube.lk
youtube.lt
youtube.lu
youtube.lv
youtube.ly
youtube.ma
youtube.md
youtube.me
youtube.mk
youtube.mn
youtube.mx
youtube.my
youtube.ng
youtube.ni
youtube.nl
youtube.no
youtube.pa
youtube.pe
youtube.ph
youtube.pk
youtube.pl
youtube.pr
youtube.pt
youtube.qa
youtube.ro
youtube.rs
youtube.ru
youtube.sa
youtube.se
youtube.sg
youtube.si
youtube.sk
youtube.sn
youtube.soy
youtube.sv
youtube.tn
youtube.tv
youtube.ua
youtube.ug
youtube.uy
youtube.vn
youtubego.co.id
youtubego.co.in
youtubego.com
youtubego.com.br
youtubego.id
youtubego.in

362
zapret2/ipset/zapret-hosts-user-exclude.txt Normal file
View File

@@ -0,0 +1,362 @@
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
100.64.0.0/10
::1
fc00::/7
fe80::/10
####################################
nalog.ru
gstatic.com
gosuslugi.ru
mos-gorsud.ru
gov.ru
sudrf.ru
ottai.com
ipstream.one
#################################### Epicgames
easy.ac
fab.com
quixel.se
quixel.com
eac-cdn.com
paragon.com
spyjinx.com
3lateral.com
fortnite.com
epicgames.com
epicgames.dev
hyprsense.com
sketchfab.com
artstation.com
roborecall.com
twinmotion.com
cubicmotion.com
playparagon.com
realityscan.com
epicgamescdn.com
et.epicgames.com
ol.epicgames.com
radgametools.com
unrealengine.com
api.epicgames.dev
easyanticheat.net
shadowcomplex.com
battlebreakers.com
store.epicgames.com
capturingreality.com
unrealtournament.com
cdn1.unrealengine.com
cdn2.unrealengine.com
accounts.epicgames.com
download.epicgames.com
tracking.epicgames.com
download2.epicgames.com
download3.epicgames.com
download4.epicgames.com
metrics.ol.epicgames.com
datarouter.ol.epicgames.com
fastly-download.epicgames.com
store-content.ak.epicgames.com
static-assets-prod.epicgames.com
epicgames-download1.akamaized.net
launcher-website-prod07.ol.epicgames.com
ut-public-service-prod10.ol.epicgames.com
store-site-backend-static.ak.epicgames.com
library-service.live.use1a.on.epicgames.com
accountportal-website-prod07.ol.epicgames.com
account-public-service-prod03.ol.epicgames.com
catalog-public-service-prod06.ol.epicgames.com
friends-public-service-prod06.ol.epicgames.com
launcher-public-service-prod06.ol.epicgames.com
entitlement-public-service-prod08.ol.epicgames.com
lightswitch-public-service-prod06.ol.epicgames.com
orderprocessor-public-service-ecomprod01.ol.epicgames.com
launcherwaitingroom-public-service-prod06.ol.epicgames.com
datastorage-public-service-liveegs.live.use1a.on.epicgames.com
#################################### Steam
s.team
steam.tv
valve.net
steamcdn.com
steamcdn.net
steamstat.us
valvecdn.com
steam-api.com
steamchat.com
steamdeck.com
steam-chat.com
steamgames.com
steamgames.net
underlords.com
steamserver.net
steamstatic.com
playartifact.com
steam.cdn.on.net
steamcontent.com
steampowered.com
valvecontent.com
valvesoftware.com
valvesoftware.net
steam.cdn.webra.ru
steambroadcast.com
steamcommunity.com
cdn.steamstatic.com
cs.steampowered.com
dl.steam.clngaa.com
steam.ru.qtlglb.com
api.steampowered.com
steam.eca.qtlglb.com
steamusercontent.com
help.steampowered.com
steam.apac.qtlglb.com
steam.naeu.qtlglb.com
cdn.steamcommunity.com
gstore.val.manlaxy.com
login.steampowered.com
media.steampowered.com
partner.steamgames.com
shared.steamstatic.com
steam.cdn.orcon.net.nz
store.steampowered.com
steamcdn-a.akamaihd.net
steampipe.akamaized.net
partner.steampowered.com
steamcdn-a.akamaized.net
steamdeckusercontent.com
support.steampowered.com
checkout.steampowered.com
community.steamstatic.com
steam.cdn.slingshot.co.nz
steammobile.akamaized.net
steamstatic.akamaized.net
steamstore-a.akamaihd.net
steamvideo-a.akamaihd.net
workshop.steampowered.com
cdn.akamai.steamstatic.com
cdn.fastly.steamstatic.com
client-update.queniuqe.com
community.steampowered.com
steamdeckcdn.akamaized.net
steampipe-kr.akamaized.net
clan.fastly.steamstatic.com
steamcontent-a.akamaihd.net
steambroadcast.akamaized.net
steamcommunity.akamaized.net
store.akamai.steamstatic.com
store.fastly.steamstatic.com
scontent.steamusercontent.com
shared.fastly.steamstatic.com
steamcommunity-a.akamaihd.net
avatars.fastly.steamstatic.com
cdn.cloudflare.steamstatic.com
edge.steam-dns.top.comcast.net
steamcommunity-a.akamaized.net
steamuserimages-a.akamaihd.net
steampipe-partner.akamaized.net
steamusercontent-a.akamaihd.net
client-download.steampowered.com
community.fastly.steamstatic.com
store.cloudflare.steamstatic.com
community.cloudflare.steamstatic.com
steamcdn-a.akamaihd.net.edgesuite.net
steamcloudsweden.blob.core.windows.net
steamcommunity.cloudflare.steamstatic.com
steamcommunity-a.akamaihd.net.edgesuite.net
#################################### OpenWRT
github.com
openwrt.org
gh.openwrt.org
cdn.openwrt.org
dev.openwrt.org
git.openwrt.org
lede-project.org
wiki.openwrt.org
forum.openwrt.org
lists.openwrt.org
openwrt.gitlab.io
archive.openwrt.org
downloads.openwrt.org
fwdownloads.openwrt.org
mirror-01.infra.openwrt.org
mirror-02.infra.openwrt.org
mirror-03.infra.openwrt.org
mirror-04.infra.openwrt.org
#################################### UbisoftConnect
ubi.com
ubisoft.com
store.ubi.com
ubisoftconnect.com
connect.ubisoft.com
drops-register.ubi.com
public-ubiservices.ubi.com
ubisoftconnect.cdn.ubi.com
uplaypc-s-ubisoft.cdn.ubi.com
uplaypc-s-ubisoft-ww.cdn.ubi.com
ubisoft-orbit-savegames.s3.amazonaws.com
ubisoft-uplay-savegames.s3.amazonaws.com
#################################### Aliexpress
ae.com
ae-rus.net
alicdn.com
aestatic.net
aliexpress.ru
aliexpress.us
aliexpress.com
aliexpress-media.com
#################################### PSN
scea.com
np.scea.com
ps5update.com
psdownload.com
playstation.net
playstation.com
account.sony.com
psremoteplay.com
ps4.playstation.com
ps5.playstation.com
playstationcloud.com
psapi.playstation.net
store.playstation.com
media.playstation.com
auth.np.ac.playstation.net
sonyentertainmentnetwork.com
np.community.playstation.net
id.sonyentertainmentnetwork.com
#################################### Twitch
twitch.tv
ttvnw.net
jtvnw.net
twimg.com
m.twitch.tv
id.twitch.tv
www.twitch.tv
twitchcdn.net
ext-twitch.tv
twitchsvc.net
api.twitch.tv
gql.twitch.tv
dev.twitch.tv
live-video.net
twitch.a2z.com
chat.twitch.tv
help.twitch.tv
assets.twitch.tv
twitch-shadow.net
passport.twitch.tv
irc.chat.twitch.tv
vod-metro.twitch.tv
twitchcdn-shadow.net
static.twitchcdn.net
vod-secure.twitch.tv
irc-ws.chat.twitch.tv
pubsub-edge.twitch.tv
vod-pop-secure.twitch.tv
#################################### Valorant
pvp.net
vivox.com
sd-rtn.com
riotcdn.net
adobess.com
valorant.com
akamaihd.net
riotgames.com
playvalorant.com
#################################### TikTok
musical.ly
tiktok.com
tiktokv.eu
tiktokv.us
tiktokw.eu
tiktokw.us
muscdn.com
tiktokd.net
tiktokd.org
tiktokv.com
tiktokcdn.com
ibytedtos.com
ttwstatic.com
tik-tokapi.com
tiktok-row.net
tiktokminis.us
byteoversea.com
tiktok-minis.com
tiktokcdn-eu.com
tiktokcdn-us.com
tiktokeu-cdn.com
tiktokrow-cdn.com
tiktokglobalshopv.com
tiktokcdn.com.akamaized.net
tiktokcdn.com.edgesuite.net
tiktokcdn-us.com.edgesuite.net
#################################### Hoyoverse
hoyo.link
hoyolab.com
yuanshen.com
hoyoverse.com
genshinimpact.com
zenlesszonezero.com
#################################### Xiaomi
mi.com
miui.com
wali.com
c.mi.com
mgslb.com
mifile.cn
xiaomi.cn
mipay.com
youpin.cn
zmifi.com
mi-idc.com
mi-img.com
mijia.tech
mitvos.com
miwifi.com
xiaomi.com
xiaomi.net
duokan.com
saxyit.com
mi-fan.com
mihome.com
xiaomisa.cn
migames.com
miaibox.com
mi-home.com
xiaomicp.com
xiaomidns.cn
xiaomiev.com
xiaomiinc.cn
xiaominr.com
xiaomisa.com
xiaomisa.net
xiaomisa.org
roborock.com
mi-robot.com
yeelight.com
miot-spec.cn
xiaomidns.com
xiaomidns.net
xiaomiinc.com
xiaomiinc.net
duokanbox.com
youpin.com.cn
miot-spec.org
miot-spec.com
xiaomiwear.com
xiaomimimo.com
dreamehome.com
xiaomiprint.com
xiaomidns.com.cn
xiaomiinc.com.cn
xiaomimobile.com
xiaomixiaoai.com
xiaomiyoupin.com
xiaoaiassist.com
xiaomi-mijia.com
xiaomifactory.com
airstarfinance.net
dreame-technology.cn
dreame-technology.com
####################################

23
zapret2/ipset/zapret-hosts-user.txt Normal file
View File

@@ -0,0 +1,23 @@
dis.gd
discord-attachments-uploads-prd.storage.googleapis.com
discord.app
discord.co
discord.com
discord.design
discord.dev
discord.gift
discord.gifts
discord.gg
discord.media
discord.new
discord.store
discord.status
discord-activities.com
discordactivities.com
discordapp.com
discordapp.net
discordcdn.com
discordmerch.com
discordpartygames.com
discordsays.com
discordsez.com

0
zapret/ipset/zapret-ip-exclude.txt → zapret2/ipset/zapret-ip-exclude.txt
View File

65
zapret2/patches/0001-Add-support-log-file-for-each-daemons.patch Normal file
View File

@@ -0,0 +1,65 @@
From 069fb25032d1b85ea57615ca234752e3969b777b Mon Sep 17 00:00:00 2001
From: remittor <remittor@gmail.com>
Date: Sat, 8 Feb 2025 22:04:51 +0300
Subject: [PATCH] Add support log file for each daemons
---
diff --git a/common/custom.sh b/common/custom.sh
index 0af19c0..41c0967 100644
--- a/common/custom.sh
+++ b/common/custom.sh
@@ -13,9 +13,16 @@ custom_runner()
dir_is_not_empty "$CUSTOM_DIR/custom.d" && {
for script in "$CUSTOM_DIR/custom.d/"*; do
[ -f "$script" ] || continue
+ DAEMON_CFGNAME_SAVED="$DAEMON_CFGNAME"
+ unset DAEMON_CFGNAME
unset -f $FUNC
. "$script"
+ if [ -z "$DAEMON_CFGNAME" ]; then
+ DAEMON_CFGNAME="$(basename "$script")"
+ DAEMON_CFGNAME="${DAEMON_CFGNAME%%.*}"
+ fi
existf $FUNC && $FUNC "$@"
+ DAEMON_CFGNAME="$DAEMON_CFGNAME_SAVED"
done
}
}
diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret2
index 8d6d3a9..fcb1e91 100755
--- a/init.d/openwrt/zapret2
+++ b/init.d/openwrt/zapret2
@@ -58,12 +58,29 @@ run_daemon()
# use $PIDDIR/$DAEMONBASE$1.pid as pidfile
local DAEMONBASE="$(basename "$2")"
echo "Starting daemon $1: $2 $3"
+ local DAEMON_NAME="$DAEMONBASE"
+ local DAEMON_IDNUM=$1
+ local DAEMON_PATH="$2"
+ local DAEMON_ARGS="$3"
+ local DAEMON_LOG=
+ if [ -n "$DAEMON_LOG_FILE" ]; then
+ DAEMON_LOG="$DAEMON_LOG_FILE"
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_NAME>/$DAEMON_NAME}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_IDNUM>/$DAEMON_IDNUM}
+ DAEMON_LOG=${DAEMON_LOG/<DAEMON_CFGNAME>/$DAEMON_CFGNAME}
+ [ -f "$DAEMON_LOG" ] && rm -f "$DAEMON_LOG"
+ if [ "$DAEMON_LOG_ENABLE" = "1" ]; then
+ DAEMON_ARGS="--debug=@$DAEMON_LOG $DAEMON_ARGS"
+ fi
+ fi
procd_open_instance
- procd_set_param command $2 $3
+ procd_set_param command $DAEMON_PATH $DAEMON_ARGS
procd_set_param pidfile $PIDDIR/${DAEMONBASE}_$1.pid
procd_close_instance
}
+DAEMON_CFGNAME="main"
+
run_nfqws()
{
run_daemon $1 "$NFQWS2" "$NFQWS2_OPT_BASE $2"
--
2.41.0.windows.3

6
zapret/renew-cfg.sh → zapret2/renew-cfg.sh
View File

@@ -1,7 +1,9 @@
#!/bin/sh
# Copyright (c) 2024 remittor
. /opt/zapret/comfunc.sh
EXE_DIR=$(cd "$(dirname "$0")" 2>/dev/null || exit 1; pwd)
. $EXE_DIR/comfunc.sh
merge_cfg_with_def_values
@@ -12,5 +14,5 @@ CONFIGS_SYNC=0
if [ "$CONFIGS_SYNC" = "1" ]; then
# renew main config
/opt/zapret/sync_config.sh
$ZAPRET_BASE/sync_config.sh
fi

35
zapret2/restore-def-cfg.sh Executable file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXE_DIR=$(cd "$(dirname "$0")" 2>/dev/null || exit 1; pwd)
. $EXE_DIR/comfunc.sh
cfg_run_on_boot="$( uci -q get $ZAPRET_CFG_SEC.run_on_boot )"
opt_flags=${1:--}
opt_strat=$2
if echo "$opt_flags" | grep -q "(reset_ipset)"; then
restore_all_ipset_cfg
fi
create_default_cfg "$opt_flags" "$opt_strat"
if [ "$cfg_run_on_boot" = "1" ]; then
uci set $ZAPRET_CFG_SEC.run_on_boot=1
uci commit
fi
ZAPRET_SYNC_CONFIG=0
if [ "$opt_flags" = "sync" ]; then
ZAPRET_SYNC_CONFIG=1
fi
if echo "$opt_flags" | grep -q "(sync)"; then
ZAPRET_SYNC_CONFIG=1
fi
if [ "$ZAPRET_SYNC_CONFIG" = "1" ]; then
# renew main config
$ZAPRET_BASE/sync_config.sh
fi

15
zapret2/script-exec.sh Executable file
View File

@@ -0,0 +1,15 @@
#!/bin/sh
# Copyright (c) 2024 remittor
LOG_FILE=$1
RC_FILE=$1.rc
shift 1
: > $LOG_FILE
: > $RC_FILE
(
exec </dev/null >/dev/null 2>&1
"$@" >> $LOG_FILE 2>&1
RETCODE=$?
sleep 1
echo $RETCODE > $RC_FILE
) &
exit 0

147
zapret2/sync_config.sh Executable file
View File

@@ -0,0 +1,147 @@
#!/bin/sh
# Copyright (c) 2024 remittor
EXE_DIR=$(cd "$(dirname "$0")" 2>/dev/null || exit 1; pwd)
. $EXE_DIR/comfunc.sh
function uncomment_param
{
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
sed -i "/^#$param=/s/^#//" $fname
}
function append_param
{
local param=$1
local fname=${2:-$ZAPRET_CONFIG}
grep -q "^$param=" $fname
if [ "$?" != "0" ]; then
echo "" >> $fname
echo "$param=" >> $fname
fi
}
function set_param_value
{
local param=$1
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=$value/g" $fname
}
function set_param_value_str
{
local param=$1
local value=$( adapt_for_sed "$2" )
local fname=${3:-$ZAPRET_CONFIG}
sed -i "s/^$param=.*/$param=\"$value\"/g" $fname
}
function sync_param
{
local param=$1
local vtype=$2
local value="$( uci -q get $ZAPRET_CFG_SEC.$param )"
uncomment_param $param
append_param $param
local TAB="$( printf '\t' )"
if [ "$value" = "$TAB" ]; then
value=""
fi
if [ "$param" = "NFQWS_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS_PORTS_UDP_KEEPALIVE" ]; then
[ "$value" = "0" ] && value=""
fi
if [ "$param" = "NFQWS2_PORTS_TCP_KEEPALIVE" -o "$param" = "NFQWS2_PORTS_UDP_KEEPALIVE" ]; then
[ "$value" = "0" ] && value=""
fi
if [ "$param" = "NFQWS_OPT" -a "$value" != "" ]; then
value=$( echo -n "$value" | sed '/^#/d' )
fi
if [ "$param" = "NFQWS2_OPT" -a "$value" != "" ]; then
value=$( echo -n "$value" | sed '/^#/d' )
fi
if [ "$vtype" = "str" ]; then
set_param_value_str $param "$value"
else
set_param_value $param $value
fi
}
if [ ! -f "$ZAPRET_CONFIG" ]; then
if [ ! -f "$ZAPRET_CONFIG_DEF" ]; then
touch "$ZAPRET_CONFIG"
else
cp -f "$ZAPRET_CONFIG_DEF" "$ZAPRET_CONFIG"
fi
fi
cp -f "$ZAPRET_CONFIG" "$ZAPRET_CONFIG_NEW"
ZAPRET_CONFIG__SAVED="$ZAPRET_CONFIG"
ZAPRET_CONFIG="$ZAPRET_CONFIG_NEW"
sync_param FWTYPE
sync_param POSTNAT
sync_param FLOWOFFLOAD
sync_param INIT_APPLY_FW
sync_param DISABLE_IPV4
sync_param DISABLE_IPV6
sync_param FILTER_TTL_EXPIRED_ICMP
sync_param MODE_FILTER
sync_param DISABLE_CUSTOM
sync_param WS_USER str
sync_param DAEMON_LOG_ENABLE
sync_param DAEMON_LOG_FILE str
sync_param AUTOHOSTLIST_RETRANS_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_THRESHOLD
sync_param AUTOHOSTLIST_FAIL_TIME
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
sync_param AUTOHOSTLIST_INCOMING_MAXSEQ
sync_param AUTOHOSTLIST_RETRANS_MAXSEQ
sync_param AUTOHOSTLIST_RETRANS_RESET
sync_param AUTOHOSTLIST_UDP_IN
sync_param AUTOHOSTLIST_UDP_OUT
fi
sync_param AUTOHOSTLIST_DEBUGLOG
sync_param DESYNC_MARK
sync_param DESYNC_MARK_POSTNAT
sync_param FILTER_MARK str
if [ $ZAPRET_CFG_NAME = "zapret" ]; then
sync_param NFQWS_ENABLE
sync_param NFQWS_PORTS_TCP str
sync_param NFQWS_PORTS_UDP str
sync_param NFQWS_TCP_PKT_OUT str
sync_param NFQWS_TCP_PKT_IN str
sync_param NFQWS_UDP_PKT_OUT str
sync_param NFQWS_UDP_PKT_IN str
sync_param NFQWS_PORTS_TCP_KEEPALIVE str
sync_param NFQWS_PORTS_UDP_KEEPALIVE str
sync_param NFQWS_OPT str
fi
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
sync_param NFQWS2_ENABLE
sync_param NFQWS2_PORTS_TCP str
sync_param NFQWS2_PORTS_UDP str
sync_param NFQWS2_TCP_PKT_OUT str
sync_param NFQWS2_TCP_PKT_IN str
sync_param NFQWS2_UDP_PKT_OUT str
sync_param NFQWS2_UDP_PKT_IN str
sync_param NFQWS2_PORTS_TCP_KEEPALIVE str
sync_param NFQWS2_PORTS_UDP_KEEPALIVE str
sync_param NFQWS2_OPT str
fi
ZAPRET_CONFIG="$ZAPRET_CONFIG__SAVED"
if is_valid_config "$ZAPRET_CONFIG_NEW" ; then
cp -f "$ZAPRET_CONFIG_NEW" "$ZAPRET_CONFIG"
rm -f "$ZAPRET_CONFIG_NEW"
else
rm -f "$ZAPRET_CONFIG_NEW"
return 97
fi

23
zapret2/uci-def-cfg.sh Executable file
View File

@@ -0,0 +1,23 @@
#!/bin/sh
# Copyright (c) 2024 remittor
[ ! -f /opt/zapret2/comfunc.sh ] && exit 0
. /opt/zapret2/comfunc.sh
mkdir -p $ZAPRET_BASE/ipset
# create empty txt files into ipset directory
[ ! -f "$ZAPRET_BASE/ipset/zapret-hosts-google.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-hosts-google.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-hosts-auto.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-hosts-auto.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-hosts-user.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-hosts-user.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-hosts-user-ipban.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-hosts-user-ipban.txt"
#[ ! -f "$ZAPRET_BASE/ipset/zapret-ip.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-ip.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-ip-user.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-ip-user.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-ip-user-exclude.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-ip-user-exclude.txt"
[ ! -f "$ZAPRET_BASE/ipset/zapret-ip-user-ipban.txt" ] && touch "$ZAPRET_BASE/ipset/zapret-ip-user-ipban.txt"
# create or merge uci-config
[ ! -f "$ZAPRET_BASE/renew-cfg.sh" ] && exit 0
$ZAPRET_BASE/renew-cfg.sh

548
zapret2/update-pkg.sh Executable file
View File

@@ -0,0 +1,548 @@
#!/bin/sh
# Copyright (c) 2025 remittor
EXE_DIR=$(cd "$(dirname "$0")" 2>/dev/null || exit 1; pwd)
opt_check=
opt_prerelease=
opt_update=
opt_forced=
opt_test=
while getopts "cu:pft:" opt; do
case $opt in
c) opt_check=true;;
p) opt_prerelease="true";;
u) opt_update="$OPTARG";;
f) opt_forced="true";;
t) opt_test="$OPTARG";;
esac
done
if [ "$EXE_DIR" = "/tmp" ]; then
ZAPRET_CFG_NAME="zapret"
if [ "$opt_update" = "1" ]; then
ZAPRET_CFG_NAME="zapret"
opt_update="@"
opt_forced="true"
fi
if [ "$opt_update" = "2" ]; then
ZAPRET_CFG_NAME="zapret2"
opt_update="@"
opt_forced="true"
fi
else
[ -f "$EXE_DIR/comfunc.sh" ] || { echo "ERROR: file $EXE_DIR/comfunc.sh not found!"; exit 1; }
. $EXE_DIR/comfunc.sh
fi
. /usr/share/libubox/jshn.sh
. /etc/openwrt_release
ZAP_PKG_DIR=/tmp/$ZAPRET_CFG_NAME-pkg
if [ "$opt_test" != "" ]; then
echo 1; sleep 2;
echo 2; sleep 2;
echo 3; sleep 2;
echo ' * resolve_conffiles 123456'; sleep 1;
echo 4; sleep 2;
echo END
return "$opt_test"
fi
ZAP_CPU_ARCH="$DISTRIB_ARCH"
if [ $ZAPRET_CFG_NAME = "zapret" ]; then
ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap1_$ZAP_CPU_ARCH.json"
fi
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
ZAP_REL_URL="https://raw.githubusercontent.com/remittor/zapret-openwrt/gh-pages/releases/releases_zap2_$ZAP_CPU_ARCH.json"
fi
CURL_TIMEOUT=5
CURL_HEADER1="Accept: application/json"
CURL_HEADER2="Cache-Control: no-cache"
REL_JSON=
REL_ACTUAL_TAG=
REL_ACTUAL_PRE=
REL_ACTUAL_URL=
ZAP_OUT=
ZAP_ERR=
ZAP_PKG_URL=
if command -v apk >/dev/null; then
PKG_MGR=apk
ZAP_PKG_EXT=apk
elif command -v opkg >/dev/null; then
PKG_MGR=opkg
ZAP_PKG_EXT=ipk
else
echo "ERROR: No package manager found"
return 1
fi
# -------------------------------------------------------------------------------------------------------
function get_distrib_param
{
local parname=$1
local value="__unknown__"
if [ -f /etc/openwrt_release ]; then
while IFS='=' read -r key val; do
val="${val#\'}"
val="${val%\'}"
val="${val#\"}"
val="${val%\"}"
if [ "$key" = "$parname" ]; then
value="$val"
break
fi
done < /etc/openwrt_release
fi
printf '%s' "$value"
}
function pkg_mgr_update
{
local forced=$1
if [ "$PKG_MGR" = "opkg" ]; then
PKG_TOTAL=$( opkg list | wc -l )
PKG_INSTALLED=$( opkg list-installed | wc -l )
if [ "$PKG_TOTAL" -le "$PKG_INSTALLED" ] || [[ "$PKG_TOTAL" -le $((PKG_INSTALLED + 100)) ]]; then
echo ">>> OPKG update..."
opkg update
return $?
fi
else
PKG_AVAIL=$( apk list --available 2>/dev/null | wc -l )
if [ "$PKG_AVAIL" -lt 100 ]; then
echo ">>> APK update..."
apk update
return $?
fi
fi
return 0
}
function curl_install
{
if command -v curl >/dev/null 2>&1; then
return 0
fi
pkg_mgr_update || { echo "ERROR: cannot update packages list"; return 1; }
echo ">>> Package curl not found, installing..."
if [ "$PKG_MGR" = "opkg" ]; then
opkg install curl
else
apk add curl
fi
}
function unzip_install
{
if command -v unzip >/dev/null 2>&1; then
return 0
fi
pkg_mgr_update || { echo "ERROR: cannot update packages list"; return 1; }
echo ">>> Package unzip not found, installing..."
if [ "$PKG_MGR" = "opkg" ]; then
opkg install unzip
else
apk add unzip
fi
}
function get_pkg_version
{
local pkg_name="$1"
local ver line base
if [ "$PKG_MGR" = opkg ]; then
ver=$( opkg list-installed "$pkg_name" 2>/dev/null | awk -F' - ' '{print $2}' | tr -d '\r' )
if [ -n "$ver" ]; then
echo -n "$ver"
return 0
fi
fi
if [ "$PKG_MGR" = apk ]; then
line=$( apk info -s "$pkg_name" 2>/dev/null | head -n 1 | awk '{print $1}' || true )
if [ -n "$line" ]; then
base=${line%-r[0-9]*}
ver=${base##*-}
case "$line" in
*-r[0-9]*)
echo -n "$ver${line#$base}"
;;
*)
echo -n "$ver"
;;
esac
return 0
fi
fi
echo ""
return 1
}
function normalize_version
{
local ver="$1"
local base
local major minor build rel
local old_ifs
case "$ver" in
*-r[0-9]*)
rel="${ver##*-r}"
base="${ver%-r*}"
;;
*)
rel=1
base="$ver"
;;
esac
old_ifs="$IFS" ; IFS='.' ; set -- $base ; IFS="$old_ifs"
rel=${rel:-1}
major=${1:-0}
minor=${2:-0}
if [ $ZAPRET_CFG_NAME = "zapret" ]; then
echo "$major.$minor.$rel"
fi
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
build=${3:-0}
echo "$major.$minor.$build.$rel"
fi
}
function pkg_version_cmp
{
local ver1=$( normalize_version "$1" )
local ver2=$( normalize_version "$2" )
local x1 x2
# major
x1=$( echo "$ver1" | cut -d. -f1 )
x2=$( echo "$ver2" | cut -d. -f1 )
[ "$x1" -gt "$x2" ] && { echo -n "G"; return 0; }
[ "$x1" -lt "$x2" ] && { echo -n "L"; return 0; }
# minor
x1=$( echo "$ver1" | cut -d. -f2 )
x2=$( echo "$ver2" | cut -d. -f2 )
[ "$x1" -gt "$x2" ] && { echo -n "G"; return 0; }
[ "$x1" -lt "$x2" ] && { echo -n "L"; return 0; }
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
# build
x1=$( echo "$ver1" | cut -d. -f3 )
x2=$( echo "$ver2" | cut -d. -f3 )
[ "$x1" -gt "$x2" ] && { echo -n "G"; return 0; }
[ "$x1" -lt "$x2" ] && { echo -n "L"; return 0; }
fi
# release
if [ $ZAPRET_CFG_NAME = "zapret" ]; then
x1=$( echo "$ver1" | cut -d. -f3 )
x2=$( echo "$ver2" | cut -d. -f3 )
fi
if [ $ZAPRET_CFG_NAME = "zapret2" ]; then
x1=$( echo "$ver1" | cut -d. -f4 )
x2=$( echo "$ver2" | cut -d. -f4 )
fi
[ "$x1" -gt "$x2" ] && { echo -n "G"; return 0; }
[ "$x1" -lt "$x2" ] && { echo -n "L"; return 0; }
echo -n "E"
}
function download_releases_info
{
local fname resp hdr txt txtlen txtlines generated_at
REL_JSON=
echo "Download releases info..."
fname="${ZAP_REL_URL##*/}"
resp=$( curl -s -D - --max-time $CURL_TIMEOUT -H "$CURL_HEADER1" -H "$CURL_HEADER2" "$ZAP_REL_URL" 2>/dev/null )
hdr="${resp%%$'\r\n\r\n'*}"
status=$( printf '%s\n' "$hdr" | head -n 1 | awk '{print $2}' )
if [ "$status" != 200 ]; then
echo "ERROR: Cannot download file \"$ZAP_REL_URL\" (status = $status)"
return 103
fi
txtlen=$( printf '%s\n' "$hdr" | awk -F': ' 'BEGIN{IGNORECASE=1} $1=="Content-Length"{print $2}' | tr -d '\r' )
echo "Content-Length: $txtlen bytes"
txt="${resp#*$'\r\n\r\n'}"
txtlen=${#txt}
txtlines=$(printf '%s\n' "$txt" | wc -l)
if [[ $txtlen -lt 64 ]]; then
echo "ERROR: Cannot download releases info! (size = $txtlen)"
return 104
fi
echo "Releases info downloaded! Size = $txtlen, Lines = $txtlines"
generated_at=$( printf '%s\n' "$txt" | grep -m1 -o '"generated_at"[[:space:]]*:[[:space:]]*".*"' | cut -d'"' -f4 )
if [[ "$generated_at" = "" ]]; then
echo "ERROR: Cannot download releases info! (incorrect generated_at)"
return 105
fi
echo "Releases info generated_at = $generated_at"
REL_JSON="$txt"
return 0
}
function get_actual_release
{
local tag url pre idx_list
REL_ACTUAL_TAG=
REL_ACTUAL_PRE=
REL_ACTUAL_URL=
json_load "$(printf '%s' "$REL_JSON")"
if [ $? -ne 0 ]; then
echo "ERROR: incorrect format of ${ZAP_REL_URL##*/}"
json_cleanup
return 151
fi
json_select releases
if [ $? -ne 0 ]; then
echo "ERROR: incorrect format of ${ZAP_REL_URL##*/}"
json_cleanup
return 157
fi
json_get_keys idx_list
# array already sorted by created_at => take first elem
for rel_id in $idx_list; do
json_select "$rel_id" # enter into releases[rel_id]
json_get_var tag tag
json_get_var pre prerelease
#echo "rel_id = $rel_id opt_prerelease = $opt_prerelease pre = $pre"
if [ "$opt_prerelease" != "true" ] && [ "$pre" = "1" ]; then
json_select .. # exit from releases[rel_id]
continue
fi
json_select assets
if [ $? -ne 0 ]; then
echo "ERROR: release[$rel_id] has not include 'assets'"
json_cleanup
return 160
fi
json_select 0 > /dev/null
if [ $? -ne 0 ]; then
json_select 1 > /dev/null
if [ $? -ne 0 ]; then
echo "ERROR: release[$rel_id] include incorrect 'assets'"
json_cleanup
return 162
fi
fi
json_get_var url browser_download_url
json_select .. .. .. # assets-elem -> assets -> releases[rel_id] -> releases
json_cleanup
REL_ACTUAL_TAG="$tag"
REL_ACTUAL_PRE="$pre"
REL_ACTUAL_URL="$url"
return 0
done
json_cleanup
echo "ERROR: latest release for arch \"$ZAP_CPU_ARCH\" not found!"
return 150 # release not found
}
# -------------------------------------------------------------------------------------------------------
if [ "$opt_check" != "true" -a "$opt_update" = "" ]; then
echo 'ERROR: Incorrect arguments'
return 4
fi
if [ "$opt_update" = "@" ]; then
opt_check="true"
fi
#echo "DISTRIB_ID: $DISTRIB_ID"
echo "DISTRIB_RELEASE: $DISTRIB_RELEASE"
echo "DISTRIB_DESCRIPTION:" $( get_distrib_param DISTRIB_DESCRIPTION )
echo "DISTRIB_ARCH:" $( get_distrib_param DISTRIB_ARCH )
if ! command -v curl >/dev/null 2>&1; then
if [ "$opt_forced" = true ]; then
curl_install
fi
fi
if ! command -v curl >/dev/null 2>&1; then
echo "ERROR: Required package \"curl\" not installed!"
return 10
fi
CURL_INFO=$( curl -V )
if ! echo "$CURL_INFO" | grep -q 'https'; then
echo "------- package curl"
echo "$CURL_INFO"
echo "-------"
echo "ERROR: package \"curl\" not supported HTTPS protocol!"
echo "NOTE: Please install package \"curl-ssl\""
return 11
fi
if [ "$opt_check" = "true" ]; then
download_releases_info
ZAP_ERR=$?
if [ $ZAP_ERR -ne 0 ]; then
echo "ERROR: Func download_releases_info return error code: $ZAP_ERR"
return $ZAP_ERR
fi
get_actual_release
ZAP_ERR=$?
if [ $ZAP_ERR = 150 ] && [ "$opt_prerelease" != true ] && [ "$opt_forced" = true ]; then
opt_prerelease="true"
get_actual_release
ZAP_ERR=$?
fi
if [ $ZAP_ERR -ne 0 ]; then
echo "ERROR: Func get_actual_release return error code: $ZAP_ERR"
return $ZAP_ERR
fi
echo "Latest package version: $REL_ACTUAL_TAG"
echo "Latest package url: $REL_ACTUAL_URL"
fi
ZAP_PKG_SIZE=
ZAP_PKG_SZ=
ZAP_PKG_ZIP_NAME=
ZAP_PKG_FN=
ZAP_PKG_BASE_FN=
ZAP_PKG_LUCI_FN=
ZAP_CUR_PKG_VER=$( get_pkg_version $ZAPRET_CFG_NAME )
echo "Current installed version: $ZAP_CUR_PKG_VER"
if [ "$opt_update" = "" ]; then
ZAP_PKG_URL="$REL_ACTUAL_URL"
if [ "$ZAP_PKG_URL" = "" ]; then
echo "ERROR: actual release not found!"
return 199
fi
else
ZAP_PKG_URL="$opt_update"
if [ "$opt_update" = "@" ]; then
ZAP_PKG_URL="$REL_ACTUAL_URL"
fi
if [ "$opt_update" = "@" -a "$ZAP_PKG_URL" = "" ]; then
echo "ERROR: actual release not found!"
return 199
fi
fi
ZAP_PKG_ZIP_NAME=${ZAP_PKG_URL##*/}
ZAP_PKG_ZIP_VER=${ZAP_PKG_ZIP_NAME#*_v}
ZAP_PKG_ZIP_VER=${ZAP_PKG_ZIP_VER%%_*}
if [ "$opt_update" != "" ]; then
if [ "$opt_update" = "@" ]; then
echo "Latest available version: $ZAP_PKG_ZIP_VER"
else
echo "Target requested version: $ZAP_PKG_ZIP_VER"
fi
fi
echo "ZAP_PKG_URL = $ZAP_PKG_URL"
ZAP_VER_CMP=$( pkg_version_cmp "$ZAP_CUR_PKG_VER" "$ZAP_PKG_ZIP_VER" )
if [ "$opt_update" = "" ]; then
if [ "$ZAP_VER_CMP" = "E" ]; then
echo "RESULT: (E) No update required for this package!"
elif [ "$ZAP_VER_CMP" = "G" ]; then
echo "RESULT: (G) You have a newer version installed than the one on GitHub!"
elif [ "$ZAP_VER_CMP" = "L" ]; then
echo "RESULT: (L) You have an older version installed than the one on GitHub!"
else
echo "ERROR: ZAP_PKG_ZIP_VER='$ZAP_PKG_ZIP_VER' ZAP_VER_CMP='$ZAP_VER_CMP'"
return 199
fi
return 0
fi
if [ "$opt_update" != "" ]; then
if [ "$opt_forced" != "true" ]; then
if [ "$ZAP_VER_CMP" = "E" ]; then
echo "RESULT: (E) No update required for this package!"
return 0
fi
fi
ZAP_PKG_DIR=/tmp/$ZAPRET_CFG_NAME-pkg
rm -rf $ZAP_PKG_DIR 2>/dev/null
ZAP_PKG_HDRS=$( curl -s -I -L --max-time $CURL_TIMEOUT -H "$CURL_HEADER2" "$ZAP_PKG_URL" )
ZAP_PKG_SIZE=$( echo "$ZAP_PKG_HDRS" | grep -i 'content-length: ' | tail -n1 | awk '{print $2}' | tr -d '\r' )
echo "Downloded ZIP-file size = $ZAP_PKG_SIZE bytes"
[ "$ZAP_PKG_SIZE" = "" ] || [[ $ZAP_PKG_SIZE -lt 256 ]] && {
echo "ERROR: incorrect package size!"
return 210
}
mkdir $ZAP_PKG_DIR
ZAP_PKG_FN="$ZAP_PKG_DIR/${ZAP_PKG_URL##*/}"
echo "Download ZIP-file..."
curl -s -L --max-time 15 -H "$CURL_HEADER2" "$ZAP_PKG_URL" -o "$ZAP_PKG_FN"
if [ $? -ne 0 ]; then
echo "ERROR: cannot download package!"
return 215
fi
ZAP_PKG_SZ=$( wc -c < "$ZAP_PKG_FN" )
if [ "$ZAP_PKG_SZ" != "$ZAP_PKG_SIZE" ]; then
echo "ERROR: downloaded package is incorrect! (size = $ZAP_PKG_SZ)"
return 216
fi
if ! command -v unzip >/dev/null 2>&1; then
if [ "$opt_forced" = true ]; then
unzip_install
fi
fi
if ! command -v unzip >/dev/null 2>&1; then
echo "ERROR: package \"upzip\" not installed!"
return 218
fi
unzip -q "$ZAP_PKG_FN" -d $ZAP_PKG_DIR
rm -f "$ZAP_PKG_FN" 2>/dev/null
if [ "$PKG_MGR" = "apk" ]; then
if [ ! -d "$ZAP_PKG_DIR/apk" ]; then
echo "ERROR: APK-files not found"
return 221
fi
rm -f $ZAP_PKG_DIR/*.ipk 2>/dev/null
mv $ZAP_PKG_DIR/apk/* $ZAP_PKG_DIR/
else
rm -rf $ZAP_PKG_DIR/apk 2>/dev/null
fi
ZAP_PKG_LIST=$( ls -1 "$ZAP_PKG_DIR" )
echo "------ Downloaded packages:"
echo "$ZAP_PKG_LIST"
echo "------"
if [ "$PKG_MGR" != "apk" ]; then
ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "${ZAPRET_CFG_NAME}_*.${ZAP_PKG_EXT}" | head -n 1 )
else
ZAP_PKG_BASE_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "${ZAPRET_CFG_NAME}-[0-9]*.?*.${ZAP_PKG_EXT}" | head -n 1 )
fi
ZAP_PKG_LUCI_FN=$( find "$ZAP_PKG_DIR" -maxdepth 1 -type f -name "luci-app-${ZAPRET_CFG_NAME}*.${ZAP_PKG_EXT}" | head -n 1 )
if [ ! -f "$ZAP_PKG_BASE_FN" ]; then
echo "ERROR: File \"${ZAPRET_CFG_NAME}*.${ZAP_PKG_EXT}\" not found!"
return 231
fi
echo "ZAP_PKG_BASE_FN = $ZAP_PKG_BASE_FN"
if [ ! -f "$ZAP_PKG_LUCI_FN" ]; then
echo "ERROR: File \"luci-app-${ZAPRET_CFG_NAME}*.${ZAP_PKG_EXT}\" not found!"
return 232
fi
echo "ZAP_PKG_LUCI_FN = $ZAP_PKG_LUCI_FN"
if [ "$opt_forced" = true ]; then
pkg_mgr_update
fi
echo "Install downloaded packages..."
if [ "$PKG_MGR" != "apk" ]; then
opkg install --force-reinstall "$ZAP_PKG_BASE_FN"
else
apk add --allow-untrusted --upgrade "$ZAP_PKG_BASE_FN"
fi
if [ $? -ne 0 ]; then
echo "ERROR: Failed to install package $ZAP_PKG_BASE_FN"
return 245
fi
if [ "$PKG_MGR" != "apk" ]; then
opkg install --force-reinstall "$ZAP_PKG_LUCI_FN"
else
apk add --allow-untrusted --upgrade "$ZAP_PKG_LUCI_FN"
fi
if [ $? -ne 0 ]; then
echo "ERROR: Failed to install package $ZAP_PKG_LUCI_FN"
return 247
fi
echo "RESULT: (+) Packages from $ZAP_PKG_ZIP_NAME successfully installed!"
fi