v1.4. ruab_route_check

2026-05-14 14:40:58 +00:00 · 2023-12-10 17:02:06 +03:00
parent 7cccca5664
commit 9113ea57d0
15 changed files with 179 additions and 55 deletions
@@ -9,9 +9,9 @@ LUA_MODULE=0
 LUCI_APP=1

 OWRT_VERSION="current"
-RUAB_VERSION="1.3-1"
-RUAB_MOD_LUA_VERSION="1.3-2"
-RUAB_LUCI_APP_VERSION="1.3-5"
+RUAB_VERSION="1.4-0"
+RUAB_MOD_LUA_VERSION="1.4-0"
+RUAB_LUCI_APP_VERSION="1.4-0"
 BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
 PKG_DIR="/tmp"

@@ -4,7 +4,7 @@

 include $(TOPDIR)/rules.mk

-PKG_VERSION:=1.3-5
+PKG_VERSION:=1.4-0
 LUCI_TITLE:=LuCI support for ruantiblock
 LUCI_DEPENDS:=+ruantiblock
 LUCI_PKGARCH:=all
@@ -132,7 +132,7 @@ return view.extend({

 		// PROXY_LOCAL_CLIENTS
 		let proxy_local_clients = s.taboption('main_settings', form.Flag, 'proxy_local_clients',
-			_("Apply proxy rules to router application traffic"));
+			_('Apply proxy rules to router application traffic'));
 		proxy_local_clients.rmempty = false;

 		// ENABLE_LOGGING
@@ -163,7 +163,7 @@ return view.extend({
 		// ALLOWED_HOSTS_LIST
 		o = s.taboption('main_settings', form.DynamicList, 'allowed_hosts_list',
 			_('IP addresses for host filter'));
-		o.datatype = "ip4addr";
+		o.datatype = 'ip4addr';

 		// ENABLE_FPROXY
 		o = s.taboption('main_settings', form.Flag, 'enable_fproxy',
@@ -174,7 +174,7 @@ return view.extend({
 		// FPROXY_LIST
 		o = s.taboption('main_settings', form.DynamicList, 'fproxy_list',
 			_('IP addresses for full proxy mode'));
-		o.datatype = "ip4addr";
+		o.datatype = 'ip4addr';


 		/* Tor tab */
@@ -185,7 +185,7 @@ return view.extend({
 		o = s.taboption('tor_settings', form.Value, 'tor_trans_port',
 			_('Transparent proxy port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';

 		// ONION_DNS_ADDR
 		o = s.taboption('tor_settings', form.Value, 'onion_dns_addr',
@@ -213,6 +213,15 @@ return view.extend({
 		o.rmempty   = false;
 		o.default   = 'tun0';

+		// VPN_ROUTE_CHECK
+		o = s.taboption('vpn_settings', form.ListValue, 'vpn_route_check',
+			_('Type of adding a VPN rule to the routing table'));
+		o.value('0', 'hotplug.d');
+		o.value('1', 'ruab_route_check');
+		o.description = _('hotplug.d - default option for many VPN applications that supported by OpenWrt.') +
+						'<br />' +
+						_('ruab_route_check - script that regularly checks an entry in the routing table.');
+

 		/* Proxy tab */

@@ -222,18 +231,18 @@ return view.extend({
 		o = s.taboption('proxy_settings', form.Value, 't_proxy_port_tcp',
 			_('Transparent proxy TCP port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';

 		// T_PROXY_ALLOW_UDP
 		o = s.taboption('proxy_settings', form.Flag, 't_proxy_allow_udp',
-			_("Send UDP traffic to transparent proxy"));
+			_('Send UDP traffic to transparent proxy'));
 		o.rmempty = false;

 		// T_PROXY_PORT_UDP
 		o = s.taboption('proxy_settings', form.Value, 't_proxy_port_udp',
 			_('Transparent proxy UDP port'));
 		o.rmempty  = false;
-		o.datatype = "port";
+		o.datatype = 'port';


 		/* Blacklist module tab */
@@ -243,7 +252,7 @@ return view.extend({
 		// BLLIST_PRESET
 		let bllist_preset = s.taboption('blacklist_tab', form.ListValue,
 			'bllist_preset', _('Blacklist update mode'));
-		bllist_preset.description = _("Blacklist sources") + ':';
+		bllist_preset.description = _('Blacklist sources') + ':';
 		bllist_preset.value('', _('user entries only'));
 		Object.entries(tools.blacklistPresets).forEach(e => {
 			bllist_preset.value(e[0], ((e[1][1]) ? `${e[1][0]} - ${e[1][1]}` : e[1][0]));
@@ -274,7 +283,7 @@ return view.extend({

 		// ADD_USER_ENTRIES
 		o = s.taboption('blacklist_tab', form.Flag, 'add_user_entries',
-			_('Enable user entries'), _("Add user entries to the blacklist when updating"));
+			_('Enable user entries'), _('Add user entries to the blacklist when updating'));
 		o.rmempty = false;
 		o.default = 0;
 		o.depends({ bllist_preset: '', '!reverse': true });
@@ -293,7 +302,7 @@ return view.extend({

 		// BYPASS_MODE
 		o = s.taboption('blacklist_tab', form.Flag, 'bypass_mode',
-			_('Enable exclusion list'), _("List of hosts that are excluded from block bypass (always available directly)"));
+			_('Enable exclusion list'), _('List of hosts that are excluded from block bypass (always available directly)'));
 		o.rmempty = false;
 		o.default = 0;

@@ -306,7 +315,7 @@ return view.extend({

 		// BYPASS_ENTRIES_DNS
 		o = s.taboption('blacklist_tab', form.Value, 'bypass_entries_dns',
-			_("DNS server that is used for the FQDN entries of exclusion list"), '<code>ipaddress[#port]</code>');
+			_('DNS server that is used for the FQDN entries of exclusion list'), '<code>ipaddress[#port]</code>');
 		o.validate = this.validateIpPort;

 		if(availableParsers) {
@@ -319,14 +328,14 @@ return view.extend({

 			// BLLIST_MIN_ENTRIES
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_min_entries',
-				_("Minimum allowed number of entries"));
+				_('Minimum allowed number of entries'));
 			o.description = _('If less than the specified number of entries are received from the source, then the lists are not updated');
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';

 			// BLLIST_FQDN_FILTER
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_fqdn_filter',
-				_("Enable FQDN filter"));
+				_('Enable FQDN filter'));
 			o.description = _('Pick domains from blacklist by FQDN filter patterns');
 			o.rmempty     = false;

@@ -338,14 +347,14 @@ return view.extend({

 			// BLLIST_FQDN_FILTER_FILE edit dialog
 			o = s.taboption('parser_settings_tab', form.Button, '_fqdn_filter_btn',
-				_("FQDN filter"));
+				_('FQDN filter'));
 			o.onclick    = () => fqdn_filter_edit.show();
 			o.inputtitle = _('Edit');
 			o.inputstyle = 'edit btn';

 			// BLLIST_SD_LIMIT
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_sd_limit',
-				_("Subdomains limit"));
+				_('Subdomains limit'));
 			o.description = _('The number of subdomains in the domain, upon reaching which the entire 2nd level domain is added to the list');
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';
@@ -355,11 +364,11 @@ return view.extend({
 				_('2nd level domains that are excluded from optimization'));
 			o.description = _('e.g:') + ' <code>livejournal.com</code>';
 			o.placeholder = _('e.g:') + ' livejournal.com';
-			o.datatype = "hostname";
+			o.datatype = 'hostname';

 			// BLLIST_ENABLE_IDN
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_enable_idn',
-				_("Convert cyrillic domains to punycode"));
+				_('Convert cyrillic domains to punycode'));
 			o.rmempty = false;

 			// BLLIST_ALT_NSLOOKUP
@@ -369,13 +378,13 @@ return view.extend({

 			// BLLIST_ALT_DNS_ADDR
 			o = s.taboption('parser_settings_tab', form.Value, 'bllist_alt_dns_addr',
-				_("Optional DNS resolver"), '<code>ipaddress[#port]</code>');
+				_('Optional DNS resolver'), '<code>ipaddress[#port]</code>');
 			o.rmempty  = false;
 			o.validate = this.validateIpPort;

 			// BLLIST_IP_FILTER
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_ip_filter',
-				_("Enable IP filter"));
+				_('Enable IP filter'));
 			o.description = _('Pick IP addresses from blacklist by IP filter patterns');
 			o.rmempty     = false;

@@ -387,13 +396,13 @@ return view.extend({

 			// BLLIST_IP_FILTER_FILE edit dialog
 			o = s.taboption('parser_settings_tab', form.Button, '_ip_filter_btn',
-				_("IP filter"));
+				_('IP filter'));
 			o.onclick    = () => ip_filter_edit.show();
 			o.inputtitle = _('Edit');
 			o.inputstyle = 'edit btn';

 			// BLLIST_IP_LIMIT
-			o = s.taboption('parser_settings_tab', form.Value, 'bllist_ip_limit', _("IP limit"));
+			o = s.taboption('parser_settings_tab', form.Value, 'bllist_ip_limit', _('IP limit'));
 			o.description = _("The number of IP addresses in the subnet, upon reaching which the entire '/24' subnet is added to the list");
 			o.rmempty     = false;
 			o.datatype    = 'uinteger';
@@ -410,7 +419,7 @@ return view.extend({

 			// BLLIST_SUMMARIZE_IP
 			o = s.taboption('parser_settings_tab', form.Flag, 'bllist_summarize_ip',
-				_("Summarize IP ranges"));
+				_('Summarize IP ranges'));
 			o.rmempty = false;

 			// BLLIST_SUMMARIZE_CIDR
@@ -479,8 +479,11 @@ msgstr "UDP порт прозрачного прокси"
 msgid "Turn on if blacklist source is blocked"
 msgstr "Включите, если источник блэклиста заблокирован"

-msgid "Type an expression..."
-msgstr "Введите выражение..."
+msgid "Type a search pattern..."
+msgstr "Введите шаблон для поиска"
+
+msgid "Type of adding a VPN rule to the routing table"
+msgstr "Тип добавления правила VPN в таблицу маршрутизации"

 msgid "Unable to execute or read contents"
 msgstr "Невозможно выполнить или прочитать содержимое"
@@ -545,6 +548,9 @@ msgstr "отключен"
 msgid "e.g:"
 msgstr "прим:"

+msgid "hotplug.d - default option for many VPN applications that supported by OpenWrt."
+msgstr "hotplug.d - стандартная опция для многих VPN-приложений поддерживаемых в OpenWrt."
+
 msgid "net pattern"
 msgstr "шаблон сети"

@@ -557,6 +563,9 @@ msgstr "необходим установленный модуль блэкли
 msgid "user entries only"
 msgstr "только записи пользователя"

+msgid "ruab_route_check - script that regularly checks an entry in the routing table."
+msgstr "ruab_route_check - скрипт, который регулярно проверяет запись в таблице маршрутизации."
+
 msgid "valid IP address"
 msgstr "верный IP-адрес"

@@ -444,8 +444,12 @@ msgstr ""
 msgid "Turn on if blacklist source is blocked"
 msgstr ""

-msgid "Type an expression..."
+msgid "Type a search pattern..."
 msgstr ""
+
+msgid "Type of adding a VPN rule to the routing table"
+msgstr ""
+
 msgid "Unable to execute or read contents"
 msgstr ""

@@ -508,6 +512,9 @@ msgstr ""
 msgid "e.g:"
 msgstr ""

+msgid "hotplug.d - default option for many VPN applications that supported by OpenWrt."
+msgstr ""
+
 msgid "net pattern"
 msgstr ""

@@ -517,6 +524,9 @@ msgstr ""
 msgid "requires installed blacklist module"
 msgstr ""

+msgid "ruab_route_check - script that regularly checks an entry in the routing table."
+msgstr ""
+
 msgid "user entries only"
 msgstr ""

@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ruantiblock-mod-lua
-PKG_VERSION:=1.3
-PKG_RELEASE:=2
+PKG_VERSION:=1.4
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>

 include $(INCLUDE_DIR)/package.mk
@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ruantiblock-mod-py
-PKG_VERSION:=1.3
-PKG_RELEASE:=2
+PKG_VERSION:=1.4
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>

 include $(INCLUDE_DIR)/package.mk
@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ruantiblock
-PKG_VERSION:=1.3
-PKG_RELEASE:=1
+PKG_VERSION:=1.4
+PKG_RELEASE:=0
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>

 include $(INCLUDE_DIR)/package.mk
@@ -55,6 +55,8 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/config_script $(1)/usr/share/ruantiblock/config_script
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/info_output $(1)/usr/share/ruantiblock/info_output
 	$(INSTALL_DATA) ./files/usr/share/ruantiblock/nft_functions $(1)/usr/share/ruantiblock/nft_functions
+	$(INSTALL_DIR) $(1)/usr/libexec/ruantiblock
+	$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_route_check $(1)/usr/libexec/ruantiblock/ruab_route_check
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) ./files/usr/bin/ruantiblock $(1)/usr/bin/ruantiblock
 endef
@@ -8,6 +8,7 @@ config main 'config'
 	option enable_fproxy '0'
 	option enable_bllist_proxy '0'
 	option if_vpn 'tun0'
+	option vpn_route_check '0'
 	option tor_trans_port '9040'
 	option onion_dns_addr '127.0.0.1#9053'
 	option t_proxy_port_tcp '1100'
@@ -1,11 +1,20 @@
 #!/bin/sh

-IF_VPN=`uci get ruantiblock.config.if_vpn`
-PROXY_MODE=`uci get ruantiblock.config.proxy_mode`
+UCI_CMD=`which uci`
+if [ $? -ne 0 ]; then
+    echo " Error! UCI doesn't exists" >&2
+    exit 1
+fi
+RUAB_CMD="/usr/bin/ruantiblock"
+PROXY_MODE=`$UCI_CMD get ruantiblock.config.proxy_mode`
+IF_VPN=`$UCI_CMD get ruantiblock.config.if_vpn`
+VPN_ROUTE_CHECK=`$UCI_CMD get ruantiblock.config.vpn_route_check`
+
+[ "$VPN_ROUTE_CHECK" != "0" ] && exit 0

 if [ "$ACTION" = "ifup" ] && [ "$PROXY_MODE" = "2" ] && [ "$DEVICE" = "$IF_VPN" ]; then
-	if [ `/usr/bin/ruantiblock raw-status` -ne 2 ]; then
+	if [ `$RUAB_CMD raw-status` -ne 2 ]; then
 		sleep 5
-		/usr/bin/ruantiblock reload
+		$RUAB_CMD reload
 	fi
 fi
@@ -23,16 +23,20 @@ NFTSET_CLEAR_SETS=0
 ALLOWED_HOSTS_MODE=0
 ### Список IP адресов хостов для фильтра, через пробел (прим.: 192.168.0.10 192.168.0.15)
 ALLOWED_HOSTS_LIST=""
-### VPN интерфейс для правил маршрутизации
-IF_VPN="tun0"
 ### Порт прозрачного прокси Tor (параметр TransPort в torrc)
 TOR_TRANS_PORT=9040
 ### DNS-сервер для резолвинга в домене .onion (Tor)
 ONION_DNS_ADDR="127.0.0.1#9053"
-### метка для отбора пакетов в VPN туннель
+### VPN интерфейс для правил маршрутизации
+IF_VPN="tun0"
+### Метка для отбора пакетов в VPN туннель
 VPN_PKTS_MARK=8
+### Таблица маршрутизации для отправки пакетов в VPN туннель
+VPN_ROUTE_TABLE_ID=99
 ### Приоритет правила отбора пакетов при маршрутизации в VPN-интерфейс
 VPN_RULE_PRIO=1000
+### Способ добавления в таблицу маршрутизации правила для отправки пакетов в VPN туннель (0 - hotplug.d, 1 - скрипт ruab_route_check)
+VPN_ROUTE_CHECK=0
 ### TCP порт прокси в режиме прозрачного прокси
 T_PROXY_PORT_TCP=1100
 ### UDP порт прокси в режиме прозрачного прокси
@@ -3,11 +3,12 @@
 ########################################################################
 #
 # Ruantiblock
-# (с) 2020 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
+# (с) 2023 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
 #
 ########################################################################

 export NAME="ruantiblock"
+export APP_EXEC="$0"
 export LANG="en_US.UTF-8"
 export LANGUAGE="en"

@@ -38,16 +39,20 @@ export NFTSET_CLEAR_SETS=0
 export ALLOWED_HOSTS_MODE=0
 ### Список IP адресов хостов для фильтра, через пробел (прим.: 192.168.0.10 192.168.0.15)
 export ALLOWED_HOSTS_LIST=""
-### VPN интерфейс для правил маршрутизации
-export IF_VPN="tun0"
 ### Порт прозрачного прокси Tor (параметр TransPort в torrc)
 export TOR_TRANS_PORT=9040
 ### DNS-сервер для резолвинга в домене .onion (Tor)
 export ONION_DNS_ADDR="127.0.0.1#9053"
-### метка для отбора пакетов в VPN туннель
+### VPN интерфейс для правил маршрутизации
+export IF_VPN="tun0"
+### Метка для отбора пакетов в VPN туннель
 export VPN_PKTS_MARK=8
+### Таблица маршрутизации для отправки пакетов в VPN туннель
+export VPN_ROUTE_TABLE_ID=99
 ### Приоритет правила отбора пакетов при маршрутизации в VPN-интерфейс
 export VPN_RULE_PRIO=1000
+### Способ добавления в таблицу маршрутизации правила для отправки пакетов в VPN туннель (0 - hotplug.d, 1 - скрипт ruab_route_check)
+export VPN_ROUTE_CHECK=0
 ### TCP порт прокси в режиме прозрачного прокси
 export T_PROXY_PORT_TCP=1100
 ### UDP порт прокси в режиме прозрачного прокси
@@ -208,6 +213,12 @@ if [ $? -ne 0 ]; then
    echo " Error! Nslookup doesn't exists" >&2
    exit 1
 fi
+export IP_CMD="ip"
+if [ $? -ne 0 ]; then
+    echo " Error! Iproute2 doesn't exists" >&2
+    exit 1
+fi
+ROUTE_CHECK_EXEC="${MODULES_DIR}/ruab_route_check"
 export IP_DATA_FILE="${DATA_DIR}/${NAME}.ip"
 export NFT_TABLE="ip r"
 export NFT_TABLE_DNSMASQ="4#ip#r"
@@ -574,7 +585,7 @@ GetDataFiles() {
            ### STDOUT
            echo " Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]" >&2
            MakeLogRecord "err" "Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]"
-            _attempt=`expr $_attempt + 1`
+            _attempt=$(($_attempt + 1))
            [ $_attempt -gt $MODULE_RUN_ATTEMPTS ] && break
            sleep $MODULE_RUN_TIMEOUT
        done
@@ -687,6 +698,9 @@ Start() {
        PreStartCheck
        UpdateBllistSets
        _return_code=$?
+        if [ "$PROXY_MODE" = "2" -a "$VPN_ROUTE_CHECK" = "1" -a -x "$ROUTE_CHECK_EXEC" ]; then
+            $ROUTE_CHECK_EXEC start &> /dev/null &
+        fi
        ### Start-script
        [ -x "$START_SCRIPT" ] && $START_SCRIPT > /dev/null 2>&1 &
    fi
@@ -703,6 +717,9 @@ Stop() {
        MakeLogRecord "info" "${1}..."
        DropNetConfig &> /dev/null
        _return_code=$?
+        if [ -x "$ROUTE_CHECK_EXEC" ]; then
+            $ROUTE_CHECK_EXEC stop &> /dev/null
+        fi
        ### Stop-script
        [ -x "$STOP_SCRIPT" ] && $STOP_SCRIPT > /dev/null 2>&1 &
        MakeToken
@@ -720,7 +737,7 @@ Reload() {
        if [ $_i -ge $_attempts ]; then
            return 1
        fi
-        _i=`expr $_i + 1`
+        _i=$(($_i + 1))
        sleep 1
    done
    echo " ${NAME} reload..."
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+PID_FILE="/var/run/`basename $0`.pid"
+
+VpnRouteStatus() {
+    [ -n "`$IP_CMD route show table $VPN_ROUTE_TABLE_ID 2> /dev/null`" ] && return 0
+    return 1
+}
+
+Main() {
+    while [ -e "$PID_FILE" ]
+    do
+        if ! VpnRouteStatus; then
+            if $IP_CMD link show $IF_VPN &> /dev/null; then
+                $APP_EXEC reload
+            fi
+        fi
+        sleep 10
+    done
+}
+
+TrapFunc() {
+    rm -f "$PID_FILE"
+    exit 0
+}
+
+Start() {
+    echo $$ > "$PID_FILE"
+    trap "TrapFunc" 2 3 15
+    Main
+}
+
+Stop() {
+    kill -s SIGKILL `cat "$PID_FILE"` 2> /dev/null
+    rm -f "$PID_FILE"
+}
+
+case "$1" in
+    start)
+        if [ -e "$PID_FILE" ]; then
+            echo "${PID_FILE} exists. Already running?" >&2
+            Stop
+        fi
+        Start
+    ;;
+    stop)
+        if [ -e "$PID_FILE" ]; then
+            Stop
+        else
+            echo "${PID_FILE} does not exists. Not running?" >&2
+            exit 1
+        fi
+    ;;
+    *)
+        echo "Usage: `basename $0` start|stop"
+        exit 1
+    ;;
+esac
+
+exit 0
@@ -1,8 +1,13 @@
-AWK_CMD="awk"
 UCI_SECTION="ruantiblock.config"
-UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
+UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn vpn_route_check tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
+UCI_CMD=`which uci`
+if [ $? -ne 0 ]; then
+    echo " Error! UCI doesn't exists" >&2
+    exit 1
+fi
+AWK_CMD="awk"

-eval `uci show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
+eval `$UCI_CMD show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
    BEGIN {
        split(UCI_VARS, split_array, " ");
        for(i in split_array)
@@ -1,11 +1,9 @@
-IP_CMD="ip"
 NFT_ALLOWED_HOSTS_CHAIN="allowed_hosts"
 NFT_BLLIST_CHAIN="blacklist"
 NFT_FPROXY_FILTER="fproxy_filter"
 NFT_DNSMASQ_TIMEOUT_UPDATE_CHAIN="dnsmasq_timeout_update"
 NFT_ACTION_CHAIN="action"
 NFT_LOCAL_CLIENTS_CHAIN="local_clients"
-VPN_ROUTE_TABLE_ID=99

 if [ "$PROXY_MODE" = "2" ]; then
    MAIN_CHAIN_TYPE="type filter hook prerouting priority ${NFT_PRIO_ROUTE}; policy accept;"
@@ -41,7 +39,7 @@ NftCmdWrapper() {
            _return_code=$?
            break
        fi
-        _i=`expr $_i + 1`
+        _i=$(($_i + 1))
    done
    return $_return_code
 }