i11th/ruantiblock_openwrt
1
0
Fork 0
mirror of https://github.com/gSpotx2f/ruantiblock_openwrt.git synced 2026-05-13 22:20:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Standalone parser for user entries.

Browse Source
This commit is contained in:
gSpot
2025-12-31 03:15:47 +03:00
parent 75724ed7c0
commit 48fdb95abf
9 changed files with 273 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files
autoinstall/2.x/apk/autoinstall.sh
+3 -3
View File
@@ -10,9 +10,9 @@ LUCI_APP=1
HTTPS_DNS_PROXY=1 HTTPS_DNS_PROXY=1
OWRT_VERSION="25.12" OWRT_VERSION="25.12"
RUAB_VERSION="2.1.10-r1" RUAB_VERSION="2.1.11-r1"
RUAB_MOD_LUA_VERSION="2.1.10-r1" RUAB_MOD_LUA_VERSION="2.1.11-r1"
RUAB_LUCI_APP_VERSION="2.1.10-r2" RUAB_LUCI_APP_VERSION="2.1.11-r1"
BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master" BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
PKG_DIR="/tmp" PKG_DIR="/tmp"
autoinstall/2.x/autoinstall.sh
+3 -3
View File
@@ -10,9 +10,9 @@ LUCI_APP=1
HTTPS_DNS_PROXY=1 HTTPS_DNS_PROXY=1
OWRT_VERSION="24.10" OWRT_VERSION="24.10"
RUAB_VERSION="2.1.10-r1" RUAB_VERSION="2.1.11-r1"
RUAB_MOD_LUA_VERSION="2.1.10-r1" RUAB_MOD_LUA_VERSION="2.1.11-r1"
RUAB_LUCI_APP_VERSION="2.1.10-r2" RUAB_LUCI_APP_VERSION="2.1.11-r1"
BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master" BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
PKG_DIR="/tmp" PKG_DIR="/tmp"
luci-app-ruantiblock/Makefile
+3 -2
View File
@@ -5,8 +5,9 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-ruantiblock PKG_NAME:=luci-app-ruantiblock
PKG_VERSION:=2.1.10 PKG_VERSION:=2.1.11
PKG_RELEASE:=2 PKG_RELEASE:=1
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
LUCI_TITLE:=LuCI support for ruantiblock LUCI_TITLE:=LuCI support for ruantiblock
LUCI_DEPENDS:=+ruantiblock LUCI_DEPENDS:=+ruantiblock
LUCI_PKGARCH:=all LUCI_PKGARCH:=all
luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/info.js
+2 -4
View File
@@ -49,7 +49,6 @@ return view.extend({
if(!i.rule) { if(!i.rule) {
continue; continue;
}; };
let set, bytes; let set, bytes;
i.rule.expr.forEach(e => { i.rule.expr.forEach(e => {
if(e.match && e.match.left && e.match.left.payload) { if(e.match && e.match.left && e.match.left.payload) {
@@ -309,9 +308,8 @@ return view.extend({
user_entries.append( user_entries.append(
E('tr', { 'class': 'tr' }, [ E('tr', { 'class': 'tr' }, [
E('td', { 'class': 'td left', 'style': 'word-wrap:break-word' }, E('td', { 'class': 'td left', 'style': 'word-wrap:break-word' },
i.id), i.id.slice(0, 114) + (i.id.length > 115 ? '...' : '')),
E('td', { 'class': 'td left', E('td', { 'class': 'td left' },
'id' : 'user_entries_' + i },
`CIDR: ${i.cidr}, IP: ${i.ip}, FQDN: ${i.fqdn}`), `CIDR: ${i.cidr}, IP: ${i.ip}, FQDN: ${i.fqdn}`),
]) ])
); );
ruantiblock-mod-lua/Makefile
+1 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock-mod-lua PKG_NAME:=ruantiblock-mod-lua
PKG_VERSION:=2.1.10 PKG_VERSION:=2.1.11
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt> PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
ruantiblock-mod-py/Makefile
+1 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock-mod-py PKG_NAME:=ruantiblock-mod-py
PKG_VERSION:=2.1.10 PKG_VERSION:=2.1.11
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt> PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
ruantiblock/Makefile
+2 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock PKG_NAME:=ruantiblock
PKG_VERSION:=2.1.10 PKG_VERSION:=2.1.11
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt> PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
@@ -73,6 +73,7 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DATA) ./files/usr/share/ruantiblock/user_instances_common $(1)/usr/share/ruantiblock/user_instances_common $(INSTALL_DATA) ./files/usr/share/ruantiblock/user_instances_common $(1)/usr/share/ruantiblock/user_instances_common
$(INSTALL_DIR) $(1)/usr/libexec/ruantiblock $(INSTALL_DIR) $(1)/usr/libexec/ruantiblock
$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_route_check $(1)/usr/libexec/ruantiblock/ruab_route_check $(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_route_check $(1)/usr/libexec/ruantiblock/ruab_route_check
$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_parser_user_entries $(1)/usr/libexec/ruantiblock/ruab_parser_user_entries
$(INSTALL_DIR) $(1)/usr/bin $(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) ./files/usr/bin/ruantiblock $(1)/usr/bin/ruantiblock $(INSTALL_BIN) ./files/usr/bin/ruantiblock $(1)/usr/bin/ruantiblock
endef endef
ruantiblock/files/usr/bin/ruantiblock
+49 -127
View File
@@ -228,24 +228,24 @@ export DNSMASQ_DATA_FILE_USER_INSTANCES="${DNSMASQ_CONFDIR}/01-${NAME}_user_inst
export DNSMASQ_DATA_FILE="${DNSMASQ_CONFDIR}/02-${NAME}.dnsmasq" export DNSMASQ_DATA_FILE="${DNSMASQ_CONFDIR}/02-${NAME}.dnsmasq"
### Utilities ### Utilities
AWK_CMD="awk" export AWK_CMD="awk"
NFT_CMD="$(which nft)" NFT_CMD="$(which nft)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo " Error! Nftables doesn't exists" >&2 echo " Error! Nftables doesn't exists" >&2
exit 1 exit 1
fi fi
LOGGER_CMD="$(which logger)" export LOGGER_CMD="$(which logger)"
if [ $ENABLE_LOGGING = "1" -a $? -ne 0 ]; then if [ $ENABLE_LOGGING = "1" -a $? -ne 0 ]; then
echo " Logger doesn't exists" >&2 echo " Logger doesn't exists" >&2
ENABLE_LOGGING=0 ENABLE_LOGGING=0
fi fi
LOGGER_PARAMS="-t ${APP_NAME}" export LOGGER_PARAMS="-t ${APP_NAME}"
WGET_CMD="$(which wget)" export WGET_CMD="$(which wget)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo " Error! Wget doesn't exists" >&2 echo " Error! Wget doesn't exists" >&2
exit 1 exit 1
fi fi
WGET_PARAMS="--no-check-certificate -q -O" export WGET_PARAMS="--no-check-certificate -q -O"
NSLOOKUP_CMD="$(which nslookup)" NSLOOKUP_CMD="$(which nslookup)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo " Error! Nslookup doesn't exists" >&2 echo " Error! Nslookup doesn't exists" >&2
@@ -256,6 +256,7 @@ if [ $? -ne 0 ]; then
echo " Error! Iproute2 doesn't exists" >&2 echo " Error! Iproute2 doesn't exists" >&2
exit 1 exit 1
fi fi
USER_ENTRIES_PARSER="${MODULES_DIR}/ruab_parser_user_entries"
ROUTE_CHECK_EXEC="${MODULES_DIR}/ruab_route_check" ROUTE_CHECK_EXEC="${MODULES_DIR}/ruab_route_check"
export IP_DATA_FILE="${DATA_DIR}/${NAME}.ip" export IP_DATA_FILE="${DATA_DIR}/${NAME}.ip"
export IP_DATA_FILE_BYPASS="${DATA_DIR}/${NAME}_bypass.ip" export IP_DATA_FILE_BYPASS="${DATA_DIR}/${NAME}_bypass.ip"
@@ -298,7 +299,6 @@ NFT_FUNCTIONS="${SCRIPTS_DIR}/nft_functions"
INFO_OUTPUT_FUNCTION="${SCRIPTS_DIR}/info_output" INFO_OUTPUT_FUNCTION="${SCRIPTS_DIR}/info_output"
export IP_DATA_FILE_TMP="${IP_DATA_FILE}.tmp" export IP_DATA_FILE_TMP="${IP_DATA_FILE}.tmp"
export IP_DATA_FILE_USER_INSTANCES_TMP="${IP_DATA_FILE_USER_INSTANCES}.tmp" export IP_DATA_FILE_USER_INSTANCES_TMP="${IP_DATA_FILE_USER_INSTANCES}.tmp"
export DNSMASQ_DATA_FILE_TMP="${DNSMASQ_DATA_FILE}.tmp"
export DNSMASQ_DATA_FILE_USER_INSTANCES_TMP="${DNSMASQ_DATA_FILE_USER_INSTANCES}.tmp" export DNSMASQ_DATA_FILE_USER_INSTANCES_TMP="${DNSMASQ_DATA_FILE_USER_INSTANCES}.tmp"
export DNSMASQ_DATA_FILE_TMP="${DNSMASQ_DATA_FILE}.tmp" export DNSMASQ_DATA_FILE_TMP="${DNSMASQ_DATA_FILE}.tmp"
export UPDATE_STATUS_FILE_TMP="${UPDATE_STATUS_FILE}.tmp" export UPDATE_STATUS_FILE_TMP="${UPDATE_STATUS_FILE}.tmp"
@@ -313,9 +313,6 @@ INSTANCES_CACHE="${RUN_FILES_DIR}/${NAME}.instances"
DL_IPSET_URL="" DL_IPSET_URL=""
DL_DMASK_URL="" DL_DMASK_URL=""
DL_STAT_URL="" DL_STAT_URL=""
### for compatibility with v1.x parsers
export NFTSET_CIDR_CFG="$NFTSET_CIDR_STRING_MAIN"
export NFTSET_IP_CFG="$NFTSET_IP_STRING_MAIN"
######################### External functions ########################### ######################### External functions ###########################
@@ -447,11 +444,8 @@ FlushInstancesNftSets() {
_name=".${_name}" _name=".${_name}"
fi fi
case "$_arg" in case "$_arg" in
fqdn)
FlushNftSets "${NFTSET_DNSMASQ}${_name}" "${NFTSET_ONION}${_name}"
;;
bllist) bllist)
FlushNftSets "${NFTSET_CIDR}${_name}" "${NFTSET_IP}${_name}" "${NFTSET_DNSMASQ}${_name}" FlushNftSets "${NFTSET_CIDR}${_name}" "${NFTSET_IP}${_name}" "${NFTSET_DNSMASQ}${_name}" "${NFTSET_ONION}${_name}"
;; ;;
*) *)
FlushNftSets "${NFTSET_FPROXY}${_name}" "${NFTSET_BLLIST_PROXY}${_name}" "${NFTSET_CIDR}${_name}" "${NFTSET_IP}${_name}" "${NFTSET_DNSMASQ}${_name}" "${NFTSET_ONION}${_name}" FlushNftSets "${NFTSET_FPROXY}${_name}" "${NFTSET_BLLIST_PROXY}${_name}" "${NFTSET_CIDR}${_name}" "${NFTSET_IP}${_name}" "${NFTSET_DNSMASQ}${_name}" "${NFTSET_ONION}${_name}"
@@ -532,7 +526,6 @@ UpdateBllistProxySet() {
else else
_name=".${_name}" _name=".${_name}"
fi fi
FlushNftSets "${NFTSET_BLLIST_PROXY}${_name}"
for _host in $(echo "$_urls" | $AWK_CMD ' for _host in $(echo "$_urls" | $AWK_CMD '
BEGIN { BEGIN {
RS = " "; RS = " ";
@@ -746,12 +739,12 @@ AddBypassEntries() {
FlushNftSets "$NFTSET_BYPASS_IP" "$NFTSET_BYPASS_FQDN" FlushNftSets "$NFTSET_BYPASS_IP" "$NFTSET_BYPASS_FQDN"
if [ "$BYPASS_MODE" = "1" ]; then if [ "$BYPASS_MODE" = "1" ]; then
if [ -f "$BYPASS_ENTRIES_FILE" ]; then if [ -f "$BYPASS_ENTRIES_FILE" ]; then
$AWK_CMD 'BEGIN { $AWK_CMD '
ip_array[0]; BEGIN {
fqdn_array[0]; delete ip_array;
delete fqdn_array;
} }
function writeIpList(array, _str) { function writeIpList(array, _str) {
_str = "";
for(i in array) { for(i in array) {
_str = _str i ","; _str = _str i ",";
}; };
@@ -767,9 +760,8 @@ AddBypassEntries() {
printf "nftset=/%s/%s#%s\n", val, ENVIRON["NFT_TABLE_DNSMASQ"], ENVIRON["NFTSET_BYPASS_FQDN"] >> ENVIRON["DNSMASQ_DATA_FILE_BYPASS"]; printf "nftset=/%s/%s#%s\n", val, ENVIRON["NFT_TABLE_DNSMASQ"], ENVIRON["NFTSET_BYPASS_FQDN"] >> ENVIRON["DNSMASQ_DATA_FILE_BYPASS"];
}; };
function writeFqdnEntries() { function writeFqdnEntries() {
delete fqdn_array[0];
for(i in fqdn_array) { for(i in fqdn_array) {
split(fqdn_array[i], a, " "); split(i, a, " ");
writeDNSData(a[1], a[2]); writeDNSData(a[1], a[2]);
}; };
}; };
@@ -779,12 +771,11 @@ AddBypassEntries() {
ip_array[$0]; ip_array[$0];
} }
else if($0 ~ /^([a-z0-9._-]+[.])*([a-z]{2,}|xn--[a-z0-9]+)([ ][0-9]{1,3}([.][0-9]{1,3}){3}([#][0-9]{2,5})?)?$/) { else if($0 ~ /^([a-z0-9._-]+[.])*([a-z]{2,}|xn--[a-z0-9]+)([ ][0-9]{1,3}([.][0-9]{1,3}){3}([#][0-9]{2,5})?)?$/) {
fqdn_array[length(fqdn_array)] = $1 " " $2; fqdn_array[$0];
}; };
} }
END { END {
printf "table %s {\n%s", ENVIRON["NFT_TABLE"], ENVIRON["NFTSET_BYPASS_IP_STRING"] >> ENVIRON["IP_DATA_FILE_BYPASS"]; printf "table %s {\n%s", ENVIRON["NFT_TABLE"], ENVIRON["NFTSET_BYPASS_IP_STRING"] >> ENVIRON["IP_DATA_FILE_BYPASS"];
delete ip_array[0];
if(length(ip_array) > 0) { if(length(ip_array) > 0) {
printf "elements={%s};", writeIpList(ip_array) >> ENVIRON["IP_DATA_FILE_BYPASS"]; printf "elements={%s};", writeIpList(ip_array) >> ENVIRON["IP_DATA_FILE_BYPASS"];
}; };
@@ -795,77 +786,6 @@ AddBypassEntries() {
fi fi
} }
ParseUserEntries() {
$AWK_CMD -v NFTSET_IP_STRING="$1" -v NFTSET_CIDR_STRING="$2" -v NFTSET_DNSMASQ="$3" \
-v IP_DATA_FILE="$4" -v DNSMASQ_DATA_FILE="$5" -v USER_ENTRIES_STATUS_FILE="$6" \
-v ID="$7" -v USER_ENTRIES_DNS="$8" '
BEGIN {
ip_array[0];
cidr_array[0];
fqdn_array[0];
}
function writeIpList(array, _str) {
_str = "";
for(i in array) {
_str = _str i ",";
};
return _str;
};
function writeDNSData(val, dns) {
if(length(dns) == 0 && length(USER_ENTRIES_DNS) > 0) {
dns = USER_ENTRIES_DNS;
};
if(length(dns) > 0) {
printf "server=/%s/%s\n", val, dns >> DNSMASQ_DATA_FILE;
};
printf "nftset=/%s/%s#%s\n", val, ENVIRON["NFT_TABLE_DNSMASQ"], NFTSET_DNSMASQ >> DNSMASQ_DATA_FILE;
};
function writeFqdnEntries() {
delete fqdn_array[0];
for(i in fqdn_array) {
split(fqdn_array[i], a, " ");
writeDNSData(a[1], a[2]);
};
};
($0 !~ /^([\040\011]*$|#)/) {
sub("\015", "", $0);
if($0 ~ /^[0-9]{1,3}([.][0-9]{1,3}){3}$/) {
ip_array[$0];
}
else if($0 ~ /^[0-9]{1,3}([.][0-9]{1,3}){3}[\057][0-9]{1,2}$/) {
cidr_array[$0];
}
else if($0 ~ /^([a-z0-9._-]+[.])*([a-z]{2,}|xn--[a-z0-9]+)([ ][0-9]{1,3}([.][0-9]{1,3}){3}([#][0-9]{2,5})?)?$/) {
fqdn_array[length(fqdn_array)] = $1 " " $2;
};
}
END {
ret_code = 0;
if($0 ~ /[0-9]+/) {
ret_code = $0;
};
delete cidr_array[0];
delete ip_array[0];
if(ret_code == 0 && (length(cidr_array) > 0 || length(ip_array) > 0)) {
printf "table %s {\n%s", ENVIRON["NFT_TABLE"], NFTSET_CIDR_STRING >> IP_DATA_FILE;
if(length(cidr_array) > 0) {
printf "elements={%s};", writeIpList(cidr_array) >> IP_DATA_FILE;
};
printf "}\n%s", NFTSET_IP_STRING >> IP_DATA_FILE;
if(length(ip_array) > 0) {
printf "elements={%s};", writeIpList(ip_array) >> IP_DATA_FILE;
};
printf "}\n}\n" >> IP_DATA_FILE;
};
writeFqdnEntries();
if(ret_code == 0) {
printf "%s %s %s %s\n", length(cidr_array), length(ip_array), length(fqdn_array), ID >> USER_ENTRIES_STATUS_FILE;
};
exit ret_code;
}' -
}
AddUserEntries() { AddUserEntries() {
local _inst _url _return_code=0 _instance_return_code=0 _attempt=1 _instance_entries_file _ip_data_file_user_instances _dnsmasq_data_file_user_instances _user_entries_status_file _str _update_string local _inst _url _return_code=0 _instance_return_code=0 _attempt=1 _instance_entries_file _ip_data_file_user_instances _dnsmasq_data_file_user_instances _user_entries_status_file _str _update_string
@@ -901,42 +821,44 @@ AddUserEntries() {
### Запись для .onion ### Запись для .onion
printf "server=/onion/%s\nnftset=/onion/%s#%s\n" "$U_ONION_DNS_ADDR" "$NFT_TABLE_DNSMASQ" "${NFTSET_ONION}.${U_NAME}" >> "$_dnsmasq_data_file_user_instances" printf "server=/onion/%s\nnftset=/onion/%s#%s\n" "$U_ONION_DNS_ADDR" "$NFT_TABLE_DNSMASQ" "${NFTSET_ONION}.${U_NAME}" >> "$_dnsmasq_data_file_user_instances"
fi fi
if [ -f "$_instance_entries_file" ]; then
{ cat "$_instance_entries_file"; printf "\n0\n"; } | ParseUserEntries "$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}")" "$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}")" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:local" "$U_ENTRIES_DNS" if [ "$U_ENABLE_ENTRIES_REMOTE_PROXY" = "1" ]; then
fi
if [ -n "$U_ENTRIES_REMOTE" ]; then
for _url in $U_ENTRIES_REMOTE for _url in $U_ENTRIES_REMOTE
do do
_instance_return_code=0 UpdateBllistProxySet "$U_NAME" "$_url"
_attempt=1
while :
do
if [ "$U_ENABLE_ENTRIES_REMOTE_PROXY" = "1" ]; then
UpdateBllistProxySet "$U_NAME" "$_url"
fi
{ Download - "$_url"; printf "\n$?\n"; } | ParseUserEntries "$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}")" "$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}")" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:${_url}" "$U_ENTRIES_DNS"
if [ $? -eq 0 ]; then
_instance_return_code=0
break
else
_instance_return_code=1
### STDOUT
echo " User entries download attempt ${_attempt}: failed [${U_NAME}:${_url}]" >&2
MakeLogRecord "err" "User entries download attempt ${_attempt}: failed [${U_NAME}:${_url}]"
_attempt=$(($_attempt + 1))
[ $_attempt -gt $USER_ENTRIES_REMOTE_DOWNLOAD_ATTEMPTS ] && break
sleep $USER_ENTRIES_REMOTE_DOWNLOAD_TIMEOUT
fi
done
if [ $_instance_return_code -ne 0 ]; then
_return_code=$_instance_return_code
if [ "$ENABLE_TMP_DOWNLOADS" = "1" ]; then
break 2
fi
fi
done done
if [ "$U_ENABLE_ENTRIES_REMOTE_PROXY" = "1" ]; then fi
FlushNftSets "${NFTSET_BLLIST_PROXY}.${U_NAME}"
export U_NAME
export U_ENTRIES_REMOTE
export U_ENTRIES_DNS
export I_NFTSET_CIDR_STRING="$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}")"
export I_NFTSET_IP_STRING="$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}")"
export I_NFTSET_DNSMASQ="${NFTSET_DNSMASQ}.${U_NAME}"
export I_IP_DATA_FILE="$_ip_data_file_user_instances"
export I_DNSMASQ_DATA_FILE="$_dnsmasq_data_file_user_instances"
export I_USER_ENTRIES_STATUS_FILE="$_user_entries_status_file"
export I_INSTANCE_ENTRIES_FILE="$_instance_entries_file"
$USER_ENTRIES_PARSER
_instance_return_code=$?
unset I_NFTSET_CIDR_STRING
unset I_NFTSET_IP_STRING
unset I_NFTSET_DNSMASQ
unset I_IP_DATA_FILE
unset I_DNSMASQ_DATA_FILE
unset I_USER_ENTRIES_STATUS_FILE
unset I_INSTANCE_ENTRIES_FILE
if [ "$U_ENABLE_ENTRIES_REMOTE_PROXY" = "1" ]; then
FlushNftSets "${NFTSET_BLLIST_PROXY}.${U_NAME}"
fi
if [ $_instance_return_code -ne 0 ]; then
_return_code=$_instance_return_code
if [ "$ENABLE_TMP_DOWNLOADS" = "1" ]; then
break
fi fi
fi fi
ClearUserInstanceVars ClearUserInstanceVars
@@ -1139,7 +1061,7 @@ Update() {
FlushInstancesNftSets bllist FlushInstancesNftSets bllist
fi fi
GetBlacklistFiles GetBlacklistFiles
FlushInstancesNftSets fqdn FlushInstancesNftSets bllist
UpdateBllistSets UpdateBllistSets
_return_code=$? _return_code=$?
RestartDnsmasq RestartDnsmasq
ruantiblock/files/usr/libexec/ruantiblock/ruab_parser_user_entries
Executable
+209
View File
@@ -0,0 +1,209 @@
#!/bin/sh
echo | $AWK_CMD -v WGET_CMD="$WGET_CMD" -v WGET_PARAMS="$WGET_PARAMS" \
-v LOGGER_CMD="$LOGGER_CMD" -v LOGGER_PARAMS="$LOGGER_PARAMS" '
BEGIN {
stderr = "/dev/stderr";
ENABLE_LOGGING = ENVIRON["ENABLE_LOGGING"];
ENABLE_TMP_DOWNLOADS = ENVIRON["ENABLE_TMP_DOWNLOADS"];
sleep = "sleep " ENVIRON["USER_ENTRIES_REMOTE_DOWNLOAD_TIMEOUT"];
DOWNLOAD_ATTEMPTS = ENVIRON["USER_ENTRIES_REMOTE_DOWNLOAD_ATTEMPTS"];
attempt_err_pattern = "User entries download attempt %s: failed [%s:%s]";
U_NAME = ENVIRON["U_NAME"];
U_ENTRIES_REMOTE = ENVIRON["U_ENTRIES_REMOTE"];
U_USER_ENTRIES_DNS = ENVIRON["U_ENTRIES_DNS"];
NFT_TABLE = ENVIRON["NFT_TABLE"];
NFTSET_CIDR_STRING = ENVIRON["I_NFTSET_CIDR_STRING"];
NFTSET_IP_STRING = ENVIRON["I_NFTSET_IP_STRING"];
NFTSET_DNSMASQ = ENVIRON["I_NFTSET_DNSMASQ"];
NFT_TABLE_DNSMASQ = ENVIRON["NFT_TABLE_DNSMASQ"];
IP_DATA_FILE = ENVIRON["I_IP_DATA_FILE"];
DNSMASQ_DATA_FILE = ENVIRON["I_DNSMASQ_DATA_FILE"];
USER_ENTRIES_STATUS_FILE = ENVIRON["I_USER_ENTRIES_STATUS_FILE"];
INSTANCE_ENTRIES_FILE = ENVIRON["I_INSTANCE_ENTRIES_FILE"];
exit_code = 0;
gsub("\042", "%22", U_ENTRIES_REMOTE);
gsub("\047", "%27", U_ENTRIES_REMOTE);
split(U_ENTRIES_REMOTE, urls, /[\040\011\012]+/);
delete ip_array;
delete cidr_array;
delete fqdn_array;
delete download_results;
}
function makeLogRecord(level, msg) {
if(ENABLE_LOGGING == 1) {
system(sprintf("%s %s -p \"user.%s\" \"%s\"", LOGGER_CMD, LOGGER_PARAMS, level, msg));
};
};
function writeIpList(array, _str) {
for(i in array) {
_str = _str i ",";
};
return _str;
};
function writeDNSData(val, dns) {
if(length(dns) == 0 && length(U_USER_ENTRIES_DNS) > 0) {
dns = U_USER_ENTRIES_DNS;
};
if(length(dns) > 0) {
printf "server=/%s/%s\n", val, dns >> DNSMASQ_DATA_FILE;
};
printf "nftset=/%s/%s#%s\n", val, NFT_TABLE_DNSMASQ, NFTSET_DNSMASQ >> DNSMASQ_DATA_FILE;
};
function writeFqdnEntries() {
for(i in fqdn_array) {
split(i, a, " ");
writeDNSData(a[1], a[2]);
};
};
function trimEntry(str) {
sub("\015", "", str);
return str;
};
function checkEntry(str) {
if (str ~ /^([\040\011]*$|#)/) {
return 0;
}
else if(str ~ /^[0-9]{1,3}([.][0-9]{1,3}){3}$/) {
return 2;
}
else if(str ~ /^[0-9]{1,3}([.][0-9]{1,3}){3}[\057][0-9]{1,2}$/) {
return 1;
}
else if(str ~ /^([a-z0-9._-]+[.])*([a-z]{2,}|xn--[a-z0-9]+)([ ][0-9]{1,3}([.][0-9]{1,3}){3}([#][0-9]{2,5})?)?$/) {
return 3;
};
};
function readFile(fpath, fname, _line, _cidr_num, _ip_num, _fqdn_num, _ret) {
_cidr_num = 0; _ip_num = 0; _fqdn_num = 0;
while((getline _line <fpath) > 0) {
_line = trimEntry(_line);
_ret = checkEntry(_line);
if(_ret == 1) {
if(!(_line in cidr_array)) {
cidr_array[_line];
_cidr_num++;
};
}
else if(_ret == 2) {
if(!(_line in ip_array)) {
ip_array[_line];
_ip_num++;
};
}
else if(_ret == 3) {
if(!(_line in fqdn_array)) {
fqdn_array[_line];
_fqdn_num++;
};
};
};
close(fpath);
download_results[length(download_results)] = sprintf("%s %s %s %s:%s",
_cidr_num, _ip_num, _fqdn_num, U_NAME, fname);
};
function downloadFile(url, _ret_code, _wget_call, _cidr_array, _ip_array, _fqdn_array, _val, _ret) {
if(length(url) == 0) {
return 1;
};
_ret_code = 1;
_wget_call = sprintf("%s %s - \"%s\"; printf \"\n$?\n\"", WGET_CMD, WGET_PARAMS, url);
delete _cidr_array;
delete _ip_array;
delete _fqdn_array;
for(i = 1; i <= DOWNLOAD_ATTEMPTS; i++) {
delete _cidr_array;
delete _ip_array;
delete _fqdn_array;
while((_wget_call | getline _val) > 0) {
if(_val ~ /^[0-9]{1,3}$/) {
continue;
};
_val = trimEntry(_val);
_ret = checkEntry(_val);
if(_ret == 1) {
_cidr_array[_val];
}
else if(_ret == 2) {
_ip_array[_val];
}
else if(_ret == 3) {
_fqdn_array[_val];
};
};
close(_wget_call);
if(_val ~ /^[0-9]{1,3}$/) {
_ret_code = _val;
};
if(_ret_code == 0) {
break;
};
makeLogRecord("err", sprintf(attempt_err_pattern, i, U_NAME, url));
printf(" " attempt_err_pattern "\n", i, U_NAME, url) > stderr;
if(i >= DOWNLOAD_ATTEMPTS) {
break;
};
sleep | getline _;
close(sleep);
};
if(_ret_code == 0 && (length(_cidr_array) > 0 || length(_ip_array) > 0 || length(_fqdn_array) > 0)) {
for(i in _cidr_array) {
cidr_array[i];
};
for(i in _ip_array) {
ip_array[i];
};
for(i in _fqdn_array) {
fqdn_array[i];
};
};
download_results[length(download_results)] = sprintf("%s %s %s %s:%s",
length(_cidr_array), length(_ip_array), length(_fqdn_array), U_NAME, url);
return _ret_code;
};
END {
readFile(INSTANCE_ENTRIES_FILE, "local");
dl_ret_code = 1;
for(i in urls) {
url = urls[i];
dl_ret_code = downloadFile(url);
if(dl_ret_code != 0) {
exit_code = dl_ret_code;
if(ENABLE_TMP_DOWNLOADS == 1) {
break;
};
};
};
if(ENABLE_TMP_DOWNLOADS != 1 || (ENABLE_TMP_DOWNLOADS == 1 && exit_code == 0)) {
if(length(cidr_array) > 0 || length(ip_array) > 0) {
printf "table %s {\n%s", NFT_TABLE, NFTSET_CIDR_STRING >> IP_DATA_FILE;
if(length(cidr_array) > 0) {
printf "elements={%s};", writeIpList(cidr_array) >> IP_DATA_FILE;
};
printf "}\n%s", NFTSET_IP_STRING >> IP_DATA_FILE;
if(length(ip_array) > 0) {
printf "elements={%s};", writeIpList(ip_array) >> IP_DATA_FILE;
};
printf "}\n}\n" >> IP_DATA_FILE;
};
writeFqdnEntries();
for(i in download_results) {
print download_results[i] >> USER_ENTRIES_STATUS_FILE;
};
};
exit exit_code;
}'
exit $?