v1.4. ruab_route_check

autoinstall/current/autoinstall.sh

@@ -9,9 +9,9 @@ LUA_MODULE=0
 LUCI_APP=1
 
 OWRT_VERSION="current"
-RUAB_VERSION="1.3-1"
+RUAB_VERSION="1.4-0"
-RUAB_MOD_LUA_VERSION="1.3-2"
+RUAB_MOD_LUA_VERSION="1.4-0"
-RUAB_LUCI_APP_VERSION="1.3-5"
+RUAB_LUCI_APP_VERSION="1.4-0"
 BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
 PKG_DIR="/tmp"
 

luci-app-ruantiblock/Makefile

@@ -4,7 +4,7 @@
 
 include $(TOPDIR)/rules.mk
 
-PKG_VERSION:=1.3-5
+PKG_VERSION:=1.4-0
 LUCI_TITLE:=LuCI support for ruantiblock
 LUCI_DEPENDS:=+ruantiblock
 LUCI_PKGARCH:=all

luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js

@@ -132,7 +132,7 @@ return view.extend({
 
 		// PROXY_LOCAL_CLIENTS
 		let proxy_local_clients = s.taboption('main_settings', form.Flag, 'proxy_local_clients',
-			_("Apply proxy rules to router application traffic"));
+			_('Apply proxy rules to router application traffic'));
 		proxy_local_clients.rmempty = false;
 
 		// ENABLE_LOGGING
@@ -163,7 +163,7 @@ return view.extend({
 		// ALLOWED_HOSTS_LIST
 		o = s.taboption('main_settings', form.DynamicList, 'allowed_hosts_list',
 			_('IP addresses for host filter'));
-		o.datatype = "ip4addr";
+		o.datatype = 'ip4addr';
 
 		// ENABLE_FPROXY
 		o = s.taboption('main_settings', form.Flag, 'enable_fproxy',
@@ -174,7 +174,7 @@ return view.extend({
 		// FPROXY_LIST
 		o = s.taboption('main_settings', form.DynamicList, 'fproxy_list',
 			_('IP addresses for full proxy mode'));
-		o.datatype = "ip4addr";
+		o.datatype = 'ip4addr';
 
 
 		/* Tor tab */
@@ -185,7 +185,7 @@ return view.extend({
 		o = s.taboption('tor_settings', form.Value, 'tor_trans_port',
 			_('Transparent proxy port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';
 
 		// ONION_DNS_ADDR
 		o = s.taboption('tor_settings', form.Value, 'onion_dns_addr',
@@ -213,6 +213,15 @@ return view.extend({
 		o.rmempty   = false;
 		o.default   = 'tun0';
 
+		// VPN_ROUTE_CHECK
+		o = s.taboption('vpn_settings', form.ListValue, 'vpn_route_check',
+			_('Type of adding a VPN rule to the routing table'));
+		o.value('0', 'hotplug.d');
+		o.value('1', 'ruab_route_check');
+		o.description = _('hotplug.d - default option for many VPN applications that supported by OpenWrt.') +
+						'<br />' +
+						_('ruab_route_check - script that regularly checks an entry in the routing table.');
+
 
 		/* Proxy tab */
 
@@ -222,18 +231,18 @@ return view.extend({
 		o = s.taboption('proxy_settings', form.Value, 't_proxy_port_tcp',
 			_('Transparent proxy TCP port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';
 
 		// T_PROXY_ALLOW_UDP
 		o = s.taboption('proxy_settings', form.Flag, 't_proxy_allow_udp',
-			_("Send UDP traffic to transparent proxy"));
+			_('Send UDP traffic to transparent proxy'));
 		o.rmempty = false;
 
 		// T_PROXY_PORT_UDP
 		o = s.taboption('proxy_settings', form.Value, 't_proxy_port_udp',
 			_('Transparent proxy UDP port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';
 
 
 		/* Blacklist module tab */
@@ -243,7 +252,7 @@ return view.extend({
 		// BLLIST_PRESET
 		let bllist_preset = s.taboption('blacklist_tab', form.ListValue,
 			'bllist_preset', _('Blacklist update mode'));
-		bllist_preset.description = _("Blacklist sources") + ':';
+		bllist_preset.description = _('Blacklist sources') + ':';
 		bllist_preset.value('', _('user entries only'));
 		Object.entries(tools.blacklistPresets).forEach(e => {
 			bllist_preset.value(e[0], ((e[1][1]) ? `${e[1][0]} - ${e[1][1]}` : e[1][0]));
@@ -274,7 +283,7 @@ return view.extend({
 
 		// ADD_USER_ENTRIES
 		o = s.taboption('blacklist_tab', form.Flag, 'add_user_entries',
-			_('Enable user entries'), _("Add user entries to the blacklist when updating"));
+			_('Enable user entries'), _('Add user entries to the blacklist when updating'));
 		o.rmempty = false;
 		o.default = 0;
 		o.depends({ bllist_preset: '', '!reverse': true });
@@ -293,7 +302,7 @@ return view.extend({
 
 		// BYPASS_MODE
 		o = s.taboption('blacklist_tab', form.Flag, 'bypass_mode',
-			_('Enable exclusion list'), _("List of hosts that are excluded from block bypass (always available directly)"));
+			_('Enable exclusion list'), _('List of hosts that are excluded from block bypass (always available directly)'));
 		o.rmempty = false;
 		o.default = 0;
 
@@ -306,7 +315,7 @@ return view.extend({
 
 		// BYPASS_ENTRIES_DNS
 		o = s.taboption('blacklist_tab', form.Value, 'bypass_entries_dns',
-			_("DNS server that is used for the FQDN entries of exclusion list"), '<code>ipaddress[#port]</code>');
+			_('DNS server that is used for the FQDN entries of exclusion list'), '<code>ipaddress[#port]</code>');
 		o.validate = this.validateIpPort;
 
 		if(availableParsers) {
@@ -319,14 +328,14 @@ return view.extend({
 
 			// BLLIST_MIN_ENTRIES
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_min_entries',
-				_("Minimum allowed number of entries"));
+				_('Minimum allowed number of entries'));
 			o.description = _('If less than the specified number of entries are received from the source, then the lists are not updated');
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';
 
 			// BLLIST_FQDN_FILTER
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_fqdn_filter',
-				_("Enable FQDN filter"));
+				_('Enable FQDN filter'));
 			o.description = _('Pick domains from blacklist by FQDN filter patterns');
 			o.rmempty     = false;
 
@@ -338,14 +347,14 @@ return view.extend({
 
 			// BLLIST_FQDN_FILTER_FILE edit dialog
 			o = s.taboption('parser_settings_tab', form.Button, '_fqdn_filter_btn',
-				_("FQDN filter"));
+				_('FQDN filter'));
 			o.onclick    = () => fqdn_filter_edit.show();
 			o.inputtitle = _('Edit');
 			o.inputstyle = 'edit btn';
 
 			// BLLIST_SD_LIMIT
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_sd_limit',
-				_("Subdomains limit"));
+				_('Subdomains limit'));
 			o.description = _('The number of subdomains in the domain, upon reaching which the entire 2nd level domain is added to the list');
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';
@@ -355,11 +364,11 @@ return view.extend({
 				_('2nd level domains that are excluded from optimization'));
 			o.description = _('e.g:') + ' <code>livejournal.com</code>';
 			o.placeholder = _('e.g:') + ' livejournal.com';
-			o.datatype = "hostname";
+			o.datatype = 'hostname';
 
 			// BLLIST_ENABLE_IDN
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_enable_idn',
-				_("Convert cyrillic domains to punycode"));
+				_('Convert cyrillic domains to punycode'));
 			o.rmempty = false;
 
 			// BLLIST_ALT_NSLOOKUP
@@ -369,13 +378,13 @@ return view.extend({
 
 			// BLLIST_ALT_DNS_ADDR
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_alt_dns_addr',
-				_("Optional DNS resolver"), '<code>ipaddress[#port]</code>');
+				_('Optional DNS resolver'), '<code>ipaddress[#port]</code>');
 			o.rmempty  = false;
 			o.validate = this.validateIpPort;
 
 			// BLLIST_IP_FILTER
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_ip_filter',
-				_("Enable IP filter"));
+				_('Enable IP filter'));
 			o.description = _('Pick IP addresses from blacklist by IP filter patterns');
 			o.rmempty     = false;
 
@@ -387,13 +396,13 @@ return view.extend({
 
 			// BLLIST_IP_FILTER_FILE edit dialog
 			o = s.taboption('parser_settings_tab', form.Button, '_ip_filter_btn',
-				_("IP filter"));
+				_('IP filter'));
 			o.onclick    = () => ip_filter_edit.show();
 			o.inputtitle = _('Edit');
 			o.inputstyle = 'edit btn';
 
 			// BLLIST_IP_LIMIT
-			o = s.taboption('parser_settings_tab', form.Value, 'bllist_ip_limit', _("IP limit"));
+			o = s.taboption('parser_settings_tab', form.Value, 'bllist_ip_limit', _('IP limit'));
 			o.description = _("The number of IP addresses in the subnet, upon reaching which the entire '/24' subnet is added to the list");
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';
@@ -410,7 +419,7 @@ return view.extend({
 
 			// BLLIST_SUMMARIZE_IP
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_summarize_ip',
-				_("Summarize IP ranges"));
+				_('Summarize IP ranges'));
 			o.rmempty = false;
 
 			// BLLIST_SUMMARIZE_CIDR

luci-app-ruantiblock/po/ru/ruantiblock.po

@@ -479,8 +479,11 @@ msgstr "UDP порт прозрачного прокси"
 msgid "Turn on if blacklist source is blocked"
 msgstr "Включите, если источник блэклиста заблокирован"
 
-msgid "Type an expression..."
+msgid "Type a search pattern..."
-msgstr "Введите выражение..."
+msgstr "Введите шаблон для поиска"
+
+msgid "Type of adding a VPN rule to the routing table"
+msgstr "Тип добавления правила VPN в таблицу маршрутизации"
 
 msgid "Unable to execute or read contents"
 msgstr "Невозможно выполнить или прочитать содержимое"
@@ -545,6 +548,9 @@ msgstr "отключен"
 msgid "e.g:"
 msgstr "прим:"
 
+msgid "hotplug.d - default option for many VPN applications that supported by OpenWrt."
+msgstr "hotplug.d - стандартная опция для многих VPN-приложений поддерживаемых в OpenWrt."
+
 msgid "net pattern"
 msgstr "шаблон сети"
 
@@ -557,6 +563,9 @@ msgstr "необходим установленный модуль блэкли
 msgid "user entries only"
 msgstr "только записи пользователя"
 
+msgid "ruab_route_check - script that regularly checks an entry in the routing table."
+msgstr "ruab_route_check - скрипт, который регулярно проверяет запись в таблице маршрутизации."
+
 msgid "valid IP address"
 msgstr "верный IP-адрес"
 

luci-app-ruantiblock/po/templates/ruantiblock.pot

@@ -444,8 +444,12 @@ msgstr ""
 msgid "Turn on if blacklist source is blocked"
 msgstr ""
 
-msgid "Type an expression..."
+msgid "Type a search pattern..."
 msgstr ""
+
+msgid "Type of adding a VPN rule to the routing table"
+msgstr ""
+
 msgid "Unable to execute or read contents"
 msgstr ""
 
@@ -508,6 +512,9 @@ msgstr ""
 msgid "e.g:"
 msgstr ""
 
+msgid "hotplug.d - default option for many VPN applications that supported by OpenWrt."
+msgstr ""
+
 msgid "net pattern"
 msgstr ""
 
@@ -517,6 +524,9 @@ msgstr ""
 msgid "requires installed blacklist module"
 msgstr ""
 
+msgid "ruab_route_check - script that regularly checks an entry in the routing table."
+msgstr ""
+
 msgid "user entries only"
 msgstr ""
 

ruantiblock-mod-lua/Makefile

@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruantiblock-mod-lua
-PKG_VERSION:=1.3
+PKG_VERSION:=1.4
-PKG_RELEASE:=2
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
 
 include $(INCLUDE_DIR)/package.mk

ruantiblock-mod-py/Makefile

@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruantiblock-mod-py
-PKG_VERSION:=1.3
+PKG_VERSION:=1.4
-PKG_RELEASE:=2
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
 
 include $(INCLUDE_DIR)/package.mk

ruantiblock/Makefile

@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruantiblock
-PKG_VERSION:=1.3
+PKG_VERSION:=1.4
-PKG_RELEASE:=1
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
 
 include $(INCLUDE_DIR)/package.mk
@@ -55,6 +55,8 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/config_script $(1)/usr/share/ruantiblock/config_script
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/info_output $(1)/usr/share/ruantiblock/info_output
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/nft_functions $(1)/usr/share/ruantiblock/nft_functions
+	$(INSTALL_DIR) $(1)/usr/libexec/ruantiblock
+	$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_route_check $(1)/usr/libexec/ruantiblock/ruab_route_check
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) ./files/usr/bin/ruantiblock $(1)/usr/bin/ruantiblock
 endef

ruantiblock/files/etc/config/ruantiblock

@@ -8,6 +8,7 @@ config main 'config'
 	option enable_fproxy '0'
 	option enable_bllist_proxy '0'
 	option if_vpn 'tun0'
+	option vpn_route_check '0'
 	option tor_trans_port '9040'
 	option onion_dns_addr '127.0.0.1#9053'
 	option t_proxy_port_tcp '1100'

ruantiblock/files/etc/hotplug.d/iface/40-ruantiblock

@@ -1,11 +1,20 @@
 #!/bin/sh
 
-IF_VPN=`uci get ruantiblock.config.if_vpn`
+UCI_CMD=`which uci`
-PROXY_MODE=`uci get ruantiblock.config.proxy_mode`
+if [ $? -ne 0 ]; then
+    echo " Error! UCI doesn't exists" >&2
+    exit 1
+fi
+RUAB_CMD="/usr/bin/ruantiblock"
+PROXY_MODE=`$UCI_CMD get ruantiblock.config.proxy_mode`
+IF_VPN=`$UCI_CMD get ruantiblock.config.if_vpn`
+VPN_ROUTE_CHECK=`$UCI_CMD get ruantiblock.config.vpn_route_check`
+
+[ "$VPN_ROUTE_CHECK" != "0" ] && exit 0
 
 if [ "$ACTION" = "ifup" ] && [ "$PROXY_MODE" = "2" ] && [ "$DEVICE" = "$IF_VPN" ]; then
-	if [ `/usr/bin/ruantiblock raw-status` -ne 2 ]; then
+	if [ `$RUAB_CMD raw-status` -ne 2 ]; then
 		sleep 5
-		/usr/bin/ruantiblock reload
+		$RUAB_CMD reload
 	fi
 fi

ruantiblock/files/etc/ruantiblock/ruantiblock.conf

@@ -23,16 +23,20 @@ NFTSET_CLEAR_SETS=0
 ALLOWED_HOSTS_MODE=0
 ### Список IP адресов хостов для фильтра, через пробел (прим.: 192.168.0.10 192.168.0.15)
 ALLOWED_HOSTS_LIST=""
-### VPN интерфейс для правил маршрутизации
-IF_VPN="tun0"
 ### Порт прозрачного прокси Tor (параметр TransPort в torrc)
 TOR_TRANS_PORT=9040
 ### DNS-сервер для резолвинга в домене .onion (Tor)
 ONION_DNS_ADDR="127.0.0.1#9053"
-### метка для отбора пакетов в VPN туннель
+### VPN интерфейс для правил маршрутизации
+IF_VPN="tun0"
+### Метка для отбора пакетов в VPN туннель
 VPN_PKTS_MARK=8
+### Таблица маршрутизации для отправки пакетов в VPN туннель
+VPN_ROUTE_TABLE_ID=99
 ### Приоритет правила отбора пакетов при маршрутизации в VPN-интерфейс
 VPN_RULE_PRIO=1000
+### Способ добавления в таблицу маршрутизации правила для отправки пакетов в VPN туннель (0 - hotplug.d, 1 - скрипт ruab_route_check)
+VPN_ROUTE_CHECK=0
 ### TCP порт прокси в режиме прозрачного прокси
 T_PROXY_PORT_TCP=1100
 ### UDP порт прокси в режиме прозрачного прокси

ruantiblock/files/usr/bin/ruantiblock

@@ -3,11 +3,12 @@
 ########################################################################
 #
 # Ruantiblock
-# (с) 2020 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
+# (с) 2023 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
 #
 ########################################################################
 
 export NAME="ruantiblock"
+export APP_EXEC="$0"
 export LANG="en_US.UTF-8"
 export LANGUAGE="en"
 
@@ -38,16 +39,20 @@ export NFTSET_CLEAR_SETS=0
 export ALLOWED_HOSTS_MODE=0
 ### Список IP адресов хостов для фильтра, через пробел (прим.: 192.168.0.10 192.168.0.15)
 export ALLOWED_HOSTS_LIST=""
-### VPN интерфейс для правил маршрутизации
-export IF_VPN="tun0"
 ### Порт прозрачного прокси Tor (параметр TransPort в torrc)
 export TOR_TRANS_PORT=9040
 ### DNS-сервер для резолвинга в домене .onion (Tor)
 export ONION_DNS_ADDR="127.0.0.1#9053"
-### метка для отбора пакетов в VPN туннель
+### VPN интерфейс для правил маршрутизации
+export IF_VPN="tun0"
+### Метка для отбора пакетов в VPN туннель
 export VPN_PKTS_MARK=8
+### Таблица маршрутизации для отправки пакетов в VPN туннель
+export VPN_ROUTE_TABLE_ID=99
 ### Приоритет правила отбора пакетов при маршрутизации в VPN-интерфейс
 export VPN_RULE_PRIO=1000
+### Способ добавления в таблицу маршрутизации правила для отправки пакетов в VPN туннель (0 - hotplug.d, 1 - скрипт ruab_route_check)
+export VPN_ROUTE_CHECK=0
 ### TCP порт прокси в режиме прозрачного прокси
 export T_PROXY_PORT_TCP=1100
 ### UDP порт прокси в режиме прозрачного прокси
@@ -208,6 +213,12 @@ if [ $? -ne 0 ]; then
     echo " Error! Nslookup doesn't exists" >&2
     exit 1
 fi
+export IP_CMD="ip"
+if [ $? -ne 0 ]; then
+    echo " Error! Iproute2 doesn't exists" >&2
+    exit 1
+fi
+ROUTE_CHECK_EXEC="${MODULES_DIR}/ruab_route_check"
 export IP_DATA_FILE="${DATA_DIR}/${NAME}.ip"
 export NFT_TABLE="ip r"
 export NFT_TABLE_DNSMASQ="4#ip#r"
@@ -574,7 +585,7 @@ GetDataFiles() {
             ### STDOUT
             echo " Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]" >&2
             MakeLogRecord "err" "Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]"
-            _attempt=`expr $_attempt + 1`
+            _attempt=$(($_attempt + 1))
             [ $_attempt -gt $MODULE_RUN_ATTEMPTS ] && break
             sleep $MODULE_RUN_TIMEOUT
         done
@@ -687,6 +698,9 @@ Start() {
         PreStartCheck
         UpdateBllistSets
         _return_code=$?
+        if [ "$PROXY_MODE" = "2" -a "$VPN_ROUTE_CHECK" = "1" -a -x "$ROUTE_CHECK_EXEC" ]; then
+            $ROUTE_CHECK_EXEC start &> /dev/null &
+        fi
         ### Start-script
         [ -x "$START_SCRIPT" ] && $START_SCRIPT > /dev/null 2>&1 &
     fi
@@ -703,6 +717,9 @@ Stop() {
         MakeLogRecord "info" "${1}..."
         DropNetConfig &> /dev/null
         _return_code=$?
+        if [ -x "$ROUTE_CHECK_EXEC" ]; then
+            $ROUTE_CHECK_EXEC stop &> /dev/null
+        fi
         ### Stop-script
         [ -x "$STOP_SCRIPT" ] && $STOP_SCRIPT > /dev/null 2>&1 &
         MakeToken
@@ -720,7 +737,7 @@ Reload() {
         if [ $_i -ge $_attempts ]; then
             return 1
         fi
-        _i=`expr $_i + 1`
+        _i=$(($_i + 1))
         sleep 1
     done
     echo " ${NAME} reload..."

ruantiblock/files/usr/libexec/ruantiblock/ruab_route_check

@@ -0,0 +1,60 @@
+#!/bin/sh
+
+PID_FILE="/var/run/`basename $0`.pid"
+
+VpnRouteStatus() {
+    [ -n "`$IP_CMD route show table $VPN_ROUTE_TABLE_ID 2> /dev/null`" ] && return 0
+    return 1
+}
+
+Main() {
+    while [ -e "$PID_FILE" ]
+    do
+        if ! VpnRouteStatus; then
+            if $IP_CMD link show $IF_VPN &> /dev/null; then
+                $APP_EXEC reload
+            fi
+        fi
+        sleep 10
+    done
+}
+
+TrapFunc() {
+    rm -f "$PID_FILE"
+    exit 0
+}
+
+Start() {
+    echo $$ > "$PID_FILE"
+    trap "TrapFunc" 2 3 15
+    Main
+}
+
+Stop() {
+    kill -s SIGKILL `cat "$PID_FILE"` 2> /dev/null
+    rm -f "$PID_FILE"
+}
+
+case "$1" in
+    start)
+        if [ -e "$PID_FILE" ]; then
+            echo "${PID_FILE} exists. Already running?" >&2
+            Stop
+        fi
+        Start
+    ;;
+    stop)
+        if [ -e "$PID_FILE" ]; then
+            Stop
+        else
+            echo "${PID_FILE} does not exists. Not running?" >&2
+            exit 1
+        fi
+    ;;
+    *)
+        echo "Usage: `basename $0` start|stop"
+        exit 1
+    ;;
+esac
+
+exit 0

ruantiblock/files/usr/share/ruantiblock/config_script

@@ -1,8 +1,13 @@
-AWK_CMD="awk"
 UCI_SECTION="ruantiblock.config"
-UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
+UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn vpn_route_check tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
+UCI_CMD=`which uci`
+if [ $? -ne 0 ]; then
+    echo " Error! UCI doesn't exists" >&2
+    exit 1
+fi
+AWK_CMD="awk"
 
-eval `uci show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
+eval `$UCI_CMD show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
     BEGIN {
         split(UCI_VARS, split_array, " ");
         for(i in split_array)

ruantiblock/files/usr/share/ruantiblock/nft_functions

@@ -1,11 +1,9 @@
-IP_CMD="ip"
 NFT_ALLOWED_HOSTS_CHAIN="allowed_hosts"
 NFT_BLLIST_CHAIN="blacklist"
 NFT_FPROXY_FILTER="fproxy_filter"
 NFT_DNSMASQ_TIMEOUT_UPDATE_CHAIN="dnsmasq_timeout_update"
 NFT_ACTION_CHAIN="action"
 NFT_LOCAL_CLIENTS_CHAIN="local_clients"
-VPN_ROUTE_TABLE_ID=99
 
 if [ "$PROXY_MODE" = "2" ]; then
     MAIN_CHAIN_TYPE="type filter hook prerouting priority ${NFT_PRIO_ROUTE}; policy accept;"
@@ -41,7 +39,7 @@ NftCmdWrapper() {
             _return_code=$?
             break
         fi
-        _i=`expr $_i + 1`
+        _i=$(($_i + 1))
     done
     return $_return_code
 }