BYPASS_MODE

luci-app-ruantiblock/Makefile

@@ -4,7 +4,7 @@
 
 include $(TOPDIR)/rules.mk
 
-PKG_VERSION:=1.2-1
+PKG_VERSION:=1.2-2
 LUCI_TITLE:=LuCI support for ruantiblock
 LUCI_DEPENDS:=+ruantiblock
 LUCI_PKGARCH:=all

luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/info.js

@@ -47,6 +47,7 @@ return view.extend({
 		if(data.rules.nftables && data.rules.nftables.length > 1) {
 			for(let i of data.rules.nftables) {
 				if(!i.rule) continue;
+
 				let set, bytes;
 				i.rule.expr.forEach(e => {
 					if(e.match && e.match.left && e.match.left.payload) {
@@ -75,7 +76,12 @@ return view.extend({
 				return sArray;
 			};
 
-			output.dnsmasq = parseDnsmasqData('dnsmasq');
+			if(data.dnsmasq) {
+				output.dnsmasq = parseDnsmasqData('dnsmasq');
+			};
+			if(data.dnsmasq_bypass) {
+				output.dnsmasq_bypass = parseDnsmasqData('dnsmasq_bypass');
+			};
 		};
 		return output;
 	},
@@ -177,8 +183,16 @@ return view.extend({
 				};
 
 				let rdTableWrapper = document.getElementById('rdTableWrapper');
-				rdTableWrapper.innerHTML = '';
-				rdTableWrapper.append(this.makeDnsmasqTable(nft_data.dnsmasq));
+				if(rdTableWrapper) {
+					rdTableWrapper.innerHTML = '';
+					rdTableWrapper.append(this.makeDnsmasqTable(nft_data.dnsmasq));
+				};
+
+				let rdbTableWrapper = document.getElementById('rdbTableWrapper');
+				if(rdbTableWrapper) {
+					rdbTableWrapper.innerHTML = '';
+					rdbTableWrapper.append(this.makeDnsmasqTable(nft_data.dnsmasq_bypass));
+				};
 
 			} else {
 				if(poll.active()) {
@@ -207,7 +221,9 @@ return view.extend({
 
 		let update_status = null,
 			rules         = null,
-			dnsmasq       = null;
+			dnsmasq       = null,
+			dnsmasqBypass = null;
+
 		if(data) {
 			if(data.status === 'enabled') {
 				update_status = E('table', { 'class': 'table' });
@@ -270,7 +286,9 @@ return view.extend({
 								E('td',{
 									'class'     : 'td left',
 									'data-title': _('Match-set'),
-								}, set + ((set.length == 1) ? (' (' + set.replace(/^c/, 'CIDR').replace(/^i/, 'IP').replace(/^d/, 'dnsmasq') + ')') : '')),
+								}, set + ((set.length >= 1) ? (
+									' (' + set.replace(/^c/, 'CIDR').replace(/^i/, 'IP').replace(/^d/, 'dnsmasq').replace(/^bi/, 'bypass IP').replace(/^bd/, 'bypass dnsmasq') + ')'
+								) : '')),
 								E('td', {
 									'class'     : 'td left',
 									'id'        : 'rules.' + set,
@@ -298,12 +316,25 @@ return view.extend({
 					]);
 				};
 
+				if(nft_data.dnsmasq_bypass) {
+					let rdbTableWrapper = E('div', {
+						'id'   : 'rdbTableWrapper',
+						'style': 'width:100%'
+					}, this.makeDnsmasqTable(nft_data.dnsmasq_bypass));
+
+					dnsmasqBypass = E([
+						E('h3', {}, _('Dnsmasq bypass')),
+						rdbTableWrapper,
+					]);
+				};
+
 				poll.add(L.bind(this.pollInfo, this), this.pollInterval);
 			} else {
 				update_status = E('em', {}, _('Status') + ' : ' + _('disabled'));
 			};
 		};
-		return E([
+
+		let layout = [
 			E('h2', { 'class': 'fade-in' },
 				_('Ruantiblock') + ' - ' + _('Statistics')
 			),
@@ -314,10 +345,25 @@ return view.extend({
 			E('div', { 'class': 'cbi-section fade-in' },
 				E('div', { 'class': 'cbi-section-node' }, rules)
 			),
-			E('div', { 'class': 'cbi-section fade-in' },
-				E('div', { 'class': 'cbi-section-node' }, dnsmasq)
-			),
-		]);
+		];
+
+		if(dnsmasqBypass) {
+			layout.splice(4, 0,
+				E('div', { 'class': 'cbi-section fade-in' },
+					E('div', { 'class': 'cbi-section-node' }, dnsmasqBypass)
+				)
+			);
+		};
+
+		if(dnsmasq) {
+			layout.splice(5, 0,
+				E('div', { 'class': 'cbi-section fade-in' },
+					E('div', { 'class': 'cbi-section-node' }, dnsmasq)
+				)
+			);
+		};
+
+		return E(layout);
 	},
 
 	handleSave     : null,

luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js

@@ -90,6 +90,13 @@ return view.extend({
 				'<br /><code>#comment<br />domain.net<br />sub.domain.com 8.8.8.8<br />sub.domain.com 8.8.8.8#53<br />74.125.131.19<br />74.125.0.0/16</code>'
 		);
 
+		let bypass_entries_edit = new tools.fileEditDialog(
+			tools.bypassEntriesFile,
+			_('Exclusion list'),
+			_('One entry (IP, CIDR or FQDN) per line. In the FQDN records, you can specify the DNS server for resolving this domain (separated by a space). You can also comment on lines (<code>#</code> is the first character of a line).<br />Examples:') +
+				'<br /><code>#comment<br />domain.net<br />sub.domain.com 8.8.8.8<br />sub.domain.com 8.8.8.8#53<br />74.125.131.19<br />74.125.0.0/16</code>'
+		);
+
 		let torrc_edit = new tools.fileEditDialog(
 			tools.torrcFile,
 			_('Tor configuration file'),
@@ -249,19 +256,45 @@ return view.extend({
 		bllist_module.value('', _('disabled'));
 		bllist_module.depends({ bllist_preset: new RegExp('^($|' + tools.appName + ')'), '!reverse': true });
 
-		// BYPASS_IP_MODE
-		o = s.taboption('blacklist_tab', form.Flag, 'bypass_ip_mode',
-			_('Enable IP exclusion list'), _("List of IP addresses that are excluded from block bypass (always available directly)"));
+		Object.entries(this.parsers).forEach(
+			e => bllist_module.value(e[1], e[0]));
+
+		// ADD_USER_ENTRIES
+		o = s.taboption('blacklist_tab', form.Flag, 'add_user_entries',
+			_('Enable user entries'), _("Add user entries to the blacklist when updating"));
+		o.rmempty = false;
+		o.default = 0;
+		o.depends({ bllist_preset: '', '!reverse': true });
+
+		// USER_ENTRIES edit dialog
+		o = s.taboption('blacklist_tab', form.Button, '_user_entries_btn',
+			_('User entries'));
+		o.onclick    = () => user_entries_edit.show();
+		o.inputtitle = _('Edit');
+		o.inputstyle = 'edit btn';
+
+		// USER_ENTRIES_DNS
+		o = s.taboption('blacklist_tab', form.Value, 'user_entries_dns',
+			_("DNS server that is used for the user's FQDN entries"), '<code>ipaddress[#port]</code>');
+		o.validate = this.validateIpPort;
+
+		// BYPASS_MODE
+		o = s.taboption('blacklist_tab', form.Flag, 'bypass_mode',
+			_('Enable exclusion list'), _("List of hosts that are excluded from block bypass (always available directly)"));
 		o.rmempty = false;
 		o.default = 0;
 
-		// BYPASS_IP_LIST
-		o = s.taboption('blacklist_tab', form.DynamicList, 'bypass_ip_list',
-			_('IP exclusion list'));
-		o.datatype = "ip4addr";
+		// BYPASS_ENTRIES edit dialog
+		o = s.taboption('blacklist_tab', form.Button, '_bypass_entries_btn',
+			_('Exclusion list'));
+		o.onclick    = () => bypass_entries_edit.show();
+		o.inputtitle = _('Edit');
+		o.inputstyle = 'edit btn';
 
-		Object.entries(this.parsers).forEach(
-			e => bllist_module.value(e[1], e[0]));
+		// BYPASS_ENTRIES_DNS
+		o = s.taboption('blacklist_tab', form.Value, 'bypass_entries_dns',
+			_("DNS server that is used for the FQDN entries of exclusion list"), '<code>ipaddress[#port]</code>');
+		o.validate = this.validateIpPort;
 
 		if(availableParsers) {
 			bllist_preset.description += '<br /> ( * - ' + _('requires installed blacklist module') + ' )';
@@ -374,30 +407,6 @@ return view.extend({
 
 		};
 
-
-		/* User entries tab */
-
-		s.tab('user_entries_tab', _('User entries'));
-
-		// ADD_USER_ENTRIES
-		o = s.taboption('user_entries_tab', form.Flag, 'add_user_entries',
-			_('Enable'), _("Add user entries to the blacklist when updating"));
-		o.rmempty = false;
-		o.default = 0;
-		o.depends({ bllist_preset: '', '!reverse': true });
-
-		// USER_ENTRIES_DNS
-		o = s.taboption('user_entries_tab', form.Value, 'user_entries_dns',
-			_("DNS server that is used for FQDN entries"), '<code>ipaddress[#port]</code>');
-		o.validate = this.validateIpPort;
-
-		// USER_ENTRIES edit dialog
-		o = s.taboption('user_entries_tab', form.Button, '_user_entries_btn',
-			_('User entries'));
-		o.onclick    = () => user_entries_edit.show();
-		o.inputtitle = _('Edit');
-		o.inputstyle = 'edit btn';
-
 		let map_promise = m.render();
 		map_promise.then(node => node.classList.add('fade-in'));
 		return map_promise;

luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/tools.js

@@ -40,6 +40,7 @@ return baseclass.extend({
 	parsersDir       : '/usr/libexec/ruantiblock',
 	torrcFile        : '/etc/tor/torrc',
 	userEntriesFile  : '/etc/ruantiblock/user_entries',
+	bypassEntriesFile: '/etc/ruantiblock/bypass_entries',
 	fqdnFilterFile   : '/etc/ruantiblock/fqdn_filter',
 	ipFilterFile     : '/etc/ruantiblock/ip_filter',
 	crontabFile      : '/etc/crontabs/root',

luci-app-ruantiblock/po/ru/ruantiblock.po

@@ -86,8 +86,11 @@ msgstr "Критическая ситуация"
 msgid "Current schedule"
 msgstr "Текущее расписание"
 
-msgid "DNS server that is used for FQDN entries"
-msgstr "DNS сервер для FQDN записей"
+msgid "DNS server that is used for the user's FQDN entries"
+msgstr "DNS сервер для FQDN записей пользователя"
+
+msgid "DNS server that is used for the FQDN entries of exclusion list"
+msgstr "DNS сервер для FQDN записей списка исключений"
 
 msgid "Day"
 msgstr "День"
@@ -119,12 +122,15 @@ msgstr "Включить"
 msgid "Enable FQDN filter"
 msgstr "Включить FQDN фильтр"
 
-msgid "Enable IP exclusion list"
-msgstr "Включить список исключений IP адресов"
-
 msgid "Enable IP filter"
 msgstr "Включить IP фильтр"
 
+msgid "Enable exclusion list"
+msgstr "Включить список исключений"
+
+msgid "Enable user entries"
+msgstr "Включить записи пользователя"
+
 msgid "Enabled"
 msgstr "Включено"
 
@@ -134,6 +140,9 @@ msgstr "Записи"
 msgid "Error"
 msgstr "Ошибка"
 
+msgid "Exclusion list"
+msgstr "Список исключений"
+
 msgid "Expecting:"
 msgstr "Ожидается:"
 
@@ -170,9 +179,6 @@ msgstr "IP-адрес"
 msgid "IP addresses of hosts"
 msgstr "IP-адреса хостов"
 
-msgid "IP exclusion list"
-msgstr "Список исключенных IP адресов"
-
 msgid "IP filter"
 msgstr "Фильтр IP"
 
@@ -209,8 +215,8 @@ msgstr "Последние записи"
 msgid "Level"
 msgstr "Уровень"
 
-msgid "List of IP addresses that are excluded from block bypass (always available directly)"
-msgstr "Список IP адресов, которые исключаются из обхода блокировок (всегда доступны напрямую)"
+msgid "List of hosts that are excluded from block bypass (always available directly)"
+msgstr "Список хостов, которые исключаются из обхода блокировок (всегда доступны напрямую)"
 
 msgid "Loading"
 msgstr "Загрузка"

luci-app-ruantiblock/po/templates/ruantiblock.pot

@@ -71,7 +71,10 @@ msgstr ""
 msgid "Current schedule"
 msgstr ""
 
-msgid "DNS server that is used for FQDN entries"
+msgid "DNS server that is used for the user's FQDN entries"
+msgstr ""
+
+msgid "DNS server that is used for the FQDN entries of exclusion list"
 msgstr ""
 
 msgid "Day"
@@ -102,10 +105,13 @@ msgstr ""
 msgid "Enable FQDN filter"
 msgstr ""
 
-msgid "Enable IP exclusion list"
+msgid "Enable IP filter"
 msgstr ""
 
-msgid "Enable IP filter"
+msgid "Enable exclusion list"
+msgstr ""
+
+msgid "Enable user entries"
 msgstr ""
 
 msgid "Enabled"
@@ -117,6 +123,9 @@ msgstr ""
 msgid "Error"
 msgstr ""
 
+msgid "Exclusion list"
+msgstr ""
+
 msgid "Expecting:"
 msgstr ""
 
@@ -153,9 +162,6 @@ msgstr ""
 msgid "IP addresses of hosts"
 msgstr ""
 
-msgid "IP exclusion list"
-msgstr ""
-
 msgid "IP filter"
 msgstr ""
 
@@ -189,7 +195,7 @@ msgstr ""
 msgid "Level"
 msgstr ""
 
-msgid "List of IP addresses that are excluded from block bypass (always available directly)"
+msgid "List of hosts that are excluded from block bypass (always available directly)"
 msgstr ""
 
 msgid "Loading"

luci-app-ruantiblock/root/usr/share/rpcd/acl.d/luci-app-ruantiblock.json

@@ -8,6 +8,7 @@
 				"/etc/ruantiblock/fqdn_filter": [ "read" ],
 				"/etc/ruantiblock/ip_filter": [ "read" ],
 				"/etc/ruantiblock/user_entries": [ "read" ],
+				"/etc/ruantiblock/bypass_entries": [ "read" ],
 				"/var/run/ruantiblock.token": [ "read" ],
 				"/etc/tor/torrc": [ "read" ],
 				"/etc/crontabs/root": [ "read" ],
@@ -25,6 +26,7 @@
 				"/etc/ruantiblock/fqdn_filter": [ "write" ],
 				"/etc/ruantiblock/ip_filter": [ "write" ],
 				"/etc/ruantiblock/user_entries": [ "write" ],
+				"/etc/ruantiblock/bypass_entries": [ "write" ],
 				"/etc/tor/torrc": [ "write" ],
 				"/etc/crontabs/root": [ "write" ]
 			},