mirror of
https://github.com/gSpotx2f/ruantiblock_openwrt.git
synced 2026-05-14 06:30:59 +00:00
Minor improvements. luci-app-ruantiblock: updated log.
This commit is contained in:
gSpot
@@ -1,12 +1,12 @@
|
||||
#
|
||||
# (с) 2024 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
|
||||
# (с) 2025 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=ruantiblock
|
||||
PKG_VERSION:=2.1.4
|
||||
PKG_RELEASE:=3
|
||||
PKG_VERSION:=2.1.5
|
||||
PKG_RELEASE:=1
|
||||
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
@@ -12,10 +12,10 @@ if [ "$ACTION" = "ifup" ]; then
|
||||
DEBUG=0
|
||||
IF_VPN_CURRENT=""
|
||||
|
||||
ruab_route_status=`$RUAB_CMD raw-status`
|
||||
ruab_route_status=$($RUAB_CMD raw-status)
|
||||
[ $ruab_route_status -eq 1 -o $ruab_route_status -eq 2 ] && exit 0
|
||||
|
||||
UCI_CMD=`which uci`
|
||||
UCI_CMD="$(which uci)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! UCI doesn't exists" >&2
|
||||
exit 1
|
||||
@@ -23,19 +23,19 @@ if [ "$ACTION" = "ifup" ]; then
|
||||
|
||||
[ -f "$CONFIG_FILE" ] && . "$CONFIG_FILE"
|
||||
|
||||
VPN_ROUTE_CHECK=`$UCI_CMD get ruantiblock.config.vpn_route_check`
|
||||
VPN_ROUTE_CHECK=$($UCI_CMD get ruantiblock.config.vpn_route_check)
|
||||
[ "$VPN_ROUTE_CHECK" != "0" ] && exit 0
|
||||
|
||||
PROXY_MODE=`$UCI_CMD get ruantiblock.config.proxy_mode`
|
||||
PROXY_MODE=$($UCI_CMD get ruantiblock.config.proxy_mode)
|
||||
if [ "$PROXY_MODE" = "2" ]; then
|
||||
IF_VPN_CURRENT=`$UCI_CMD get ruantiblock.config.if_vpn`
|
||||
IF_VPN_CURRENT=$($UCI_CMD get ruantiblock.config.if_vpn)
|
||||
fi
|
||||
|
||||
if [ "$DEVICE" != "$IF_VPN_CURRENT" ]; then
|
||||
|
||||
. "$USER_INSTANCES_COMMON"
|
||||
|
||||
for inst in `GetUserInstances 2`
|
||||
for inst in $(GetUserInstances 2)
|
||||
do
|
||||
IncludeUserInstanceVars "$inst"
|
||||
if [ "$DEVICE" = "$U_IF_VPN" ]; then
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
########################################################################
|
||||
#
|
||||
# Ruantiblock
|
||||
# (с) 2024 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
|
||||
# (с) 2025 gSpot (https://github.com/gSpotx2f/ruantiblock_openwrt)
|
||||
#
|
||||
########################################################################
|
||||
|
||||
export NAME="ruantiblock"
|
||||
export APP_EXEC="$0"
|
||||
export APP_NAME="`basename $0`"
|
||||
export APP_NAME="$(basename $0)"
|
||||
export LANG="en_US.UTF-8"
|
||||
export LANGUAGE="en"
|
||||
|
||||
@@ -182,6 +182,18 @@ export BLLIST_ALT_NSLOOKUP=0
|
||||
### Альтернативный DNS-сервер
|
||||
export BLLIST_ALT_DNS_ADDR="8.8.8.8"
|
||||
|
||||
########################## Instances defaults ##########################
|
||||
|
||||
INSTANCES_DEF_PROXY_MODE=$PROXY_MODE
|
||||
INSTANCES_DEF_TOR_TRANS_PORT=$TOR_TRANS_PORT
|
||||
INSTANCES_DEF_IF_VPN=$IF_VPN
|
||||
INSTANCES_DEF_T_PROXY_TYPE=$T_PROXY_TYPE
|
||||
INSTANCES_DEF_T_PROXY_PORT_TCP=$T_PROXY_PORT_TCP
|
||||
INSTANCES_DEF_T_PROXY_PORT_UDP=$T_PROXY_PORT_UDP
|
||||
INSTANCES_DEF_T_PROXY_ALLOW_UDP=$T_PROXY_ALLOW_UDP
|
||||
INSTANCES_DEF_ENABLE_BLLIST_PROXY=$ENABLE_BLLIST_PROXY
|
||||
INSTANCES_DEF_ENABLE_FPROXY=$ENABLE_FPROXY
|
||||
|
||||
############################ Configuration #############################
|
||||
|
||||
### External config
|
||||
@@ -207,24 +219,24 @@ export DNSMASQ_DATA_FILE="${DNSMASQ_CONFDIR}/02-${NAME}.dnsmasq"
|
||||
|
||||
### Utilities
|
||||
AWK_CMD="awk"
|
||||
NFT_CMD=`which nft`
|
||||
NFT_CMD="$(which nft)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! Nftables doesn't exists" >&2
|
||||
exit 1
|
||||
fi
|
||||
LOGGER_CMD=`which logger`
|
||||
LOGGER_CMD="$(which logger)"
|
||||
if [ $ENABLE_LOGGING = "1" -a $? -ne 0 ]; then
|
||||
echo " Logger doesn't exists" >&2
|
||||
ENABLE_LOGGING=0
|
||||
fi
|
||||
LOGGER_PARAMS="-t ${APP_NAME}"
|
||||
WGET_CMD=`which wget`
|
||||
WGET_CMD="$(which wget)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! Wget doesn't exists" >&2
|
||||
exit 1
|
||||
fi
|
||||
WGET_PARAMS="--no-check-certificate -q -O"
|
||||
NSLOOKUP_CMD=`which nslookup`
|
||||
NSLOOKUP_CMD="$(which nslookup)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! Nslookup doesn't exists" >&2
|
||||
exit 1
|
||||
@@ -261,8 +273,8 @@ export NFTSET_IP_TYPE="ipv4_addr"
|
||||
export NFTSET_DNSMASQ_TYPE="ipv4_addr"
|
||||
export NFTSET_CIDR_PATTERN="set %s {type ${NFTSET_CIDR_TYPE};size ${NFTSET_MAXELEM_CIDR};policy ${NFTSET_POLICY_CIDR};flags interval;auto-merge;"
|
||||
export NFTSET_IP_PATTERN="set %s {type ${NFTSET_IP_TYPE};size ${NFTSET_MAXELEM_IP};policy ${NFTSET_POLICY_IP};flags dynamic;"
|
||||
export NFTSET_CIDR_STRING_MAIN=`printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}"`
|
||||
export NFTSET_IP_STRING_MAIN=`printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}"`
|
||||
export NFTSET_CIDR_STRING_MAIN=$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}")
|
||||
export NFTSET_IP_STRING_MAIN=$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}")
|
||||
export NFTSET_BYPASS_IP_STRING="set ${NFTSET_BYPASS_IP} {type ${NFTSET_BYPASS_IP_TYPE};size ${NFTSET_MAXELEM_BYPASS_IP};policy ${NFTSET_POLICY_CIDR};flags interval;auto-merge;"
|
||||
export UPDATE_STATUS_FILE="${DATA_DIR}/update_status"
|
||||
export USER_ENTRIES_STATUS_FILE="${DATA_DIR}/user_entries_status"
|
||||
@@ -402,7 +414,7 @@ DownloadNativeBlacklist() {
|
||||
}
|
||||
|
||||
RestartDnsmasq() {
|
||||
eval `echo "$DNSMASQ_RESTART_CMD"`
|
||||
eval $(echo "$DNSMASQ_RESTART_CMD")
|
||||
}
|
||||
|
||||
FlushNftSets() {
|
||||
@@ -443,14 +455,14 @@ FormatNftSetElemsList() {
|
||||
AddBaseNftSets() {
|
||||
local _allowed_hosts _fproxy_private
|
||||
$NFT_CMD add set $NFT_TABLE "$NFTSET_ALLOWED_HOSTS" { type "$NFTSET_ALLOWED_HOSTS_TYPE"\; policy "$NFTSET_POLICY_CIDR"\; flags interval\; auto-merge\; }
|
||||
_allowed_hosts=`FormatNftSetElemsList "$ALLOWED_HOSTS_LIST"`
|
||||
_allowed_hosts=$(FormatNftSetElemsList "$ALLOWED_HOSTS_LIST")
|
||||
if [ -n "$_allowed_hosts" ]; then
|
||||
$NFT_CMD add element $NFT_TABLE "$NFTSET_ALLOWED_HOSTS" { "$_allowed_hosts" }
|
||||
fi
|
||||
$NFT_CMD add set $NFT_TABLE "$NFTSET_BYPASS_IP" { type "$NFTSET_BYPASS_IP_TYPE"\; size $NFTSET_MAXELEM_BYPASS_IP\; policy "$NFTSET_POLICY_CIDR"\; flags interval\; auto-merge\; }
|
||||
$NFT_CMD add set $NFT_TABLE "$NFTSET_BYPASS_FQDN" { type "$NFTSET_BYPASS_FQDN_TYPE"\; size $NFTSET_MAXELEM_BYPASS_FQDN\; policy "$NFTSET_POLICY_DNSMASQ"\; flags dynamic,timeout\; timeout "$NFTSET_DNSMASQ_TIMEOUT"\; }
|
||||
$NFT_CMD add set $NFT_TABLE "$NFTSET_FPROXY_PRIVATE" { type "$NFTSET_FPROXY_PRIVATE_TYPE"\; policy "$NFTSET_POLICY_CIDR"\; flags interval\; auto-merge\; }
|
||||
_fproxy_private=`FormatNftSetElemsList "$FPROXY_PRIVATE_NETS"`
|
||||
_fproxy_private=$(FormatNftSetElemsList "$FPROXY_PRIVATE_NETS")
|
||||
if [ -n "$_fproxy_private" ]; then
|
||||
$NFT_CMD add element $NFT_TABLE "$NFTSET_FPROXY_PRIVATE" { "$_fproxy_private" }
|
||||
fi
|
||||
@@ -468,7 +480,7 @@ MakeInstanceNftSets() {
|
||||
$NFT_CMD add set $NFT_TABLE "${NFTSET_DNSMASQ}${_name}" { type "$NFTSET_DNSMASQ_TYPE"\; size $NFTSET_MAXELEM_DNSMASQ\; policy "$NFTSET_POLICY_DNSMASQ"\; flags dynamic,timeout\; timeout "$NFTSET_DNSMASQ_TIMEOUT"\; }
|
||||
$NFT_CMD add set $NFT_TABLE "${NFTSET_ONION}${_name}" { type "$NFTSET_DNSMASQ_TYPE"\; size $NFTSET_MAXELEM_DNSMASQ\; policy "$NFTSET_POLICY_DNSMASQ"\; flags dynamic,timeout\; timeout "$NFTSET_DNSMASQ_TIMEOUT"\; }
|
||||
$NFT_CMD add set $NFT_TABLE "${NFTSET_FPROXY}${_name}" { type "$NFTSET_FPROXY_TYPE"\; policy "$NFTSET_POLICY_CIDR"\; flags interval\; auto-merge\; }
|
||||
_fproxy_hosts=`FormatNftSetElemsList "$_fproxy_list"`
|
||||
_fproxy_hosts=$(FormatNftSetElemsList "$_fproxy_list")
|
||||
if [ -n "$_fproxy_hosts" ]; then
|
||||
$NFT_CMD add element $NFT_TABLE "${NFTSET_FPROXY}${_name}" { "$_fproxy_hosts" }
|
||||
fi
|
||||
@@ -494,7 +506,7 @@ UpdateBllistProxySet() {
|
||||
_name=".${_name}"
|
||||
fi
|
||||
FlushNftSets "${NFTSET_BLLIST_PROXY}${_name}"
|
||||
for _host in `echo "$_urls" | $AWK_CMD '
|
||||
for _host in $(echo "$_urls" | $AWK_CMD '
|
||||
BEGIN {
|
||||
RS = " ";
|
||||
}
|
||||
@@ -511,15 +523,15 @@ UpdateBllistProxySet() {
|
||||
for(i in hosts_arr) {
|
||||
printf i " ";
|
||||
};
|
||||
}'`
|
||||
}')
|
||||
do
|
||||
if printf "$_host" | $AWK_CMD '{exit ($0 ~ /^([0-9]{1,3}.){3}[0-9]{1,3}$/) ? 0 : 1}'; then
|
||||
_ip_string="${_ip_string}${_host} "
|
||||
else
|
||||
_ip_string="${_ip_string}`$NSLOOKUP_CMD $_host 2> /dev/null | $AWK_CMD '/^Address: ([0-9]{1,3}.){3}[0-9]{1,3}$/ {printf $2" "}'`"
|
||||
_ip_string="${_ip_string}$($NSLOOKUP_CMD $_host 2> /dev/null | $AWK_CMD '/^Address: ([0-9]{1,3}.){3}[0-9]{1,3}$/ {printf $2" "}')"
|
||||
fi
|
||||
done
|
||||
_ip_string=`FormatNftSetElemsList "$_ip_string"`
|
||||
_ip_string=$(FormatNftSetElemsList "$_ip_string")
|
||||
|
||||
if [ $DEBUG -ge 1 ]; then
|
||||
echo " ruantiblock.UpdateBllistProxySet()._ip_string=${_ip_string}; _name=${_name}" >&2
|
||||
@@ -570,7 +582,7 @@ AddUserInstancesNftRules() {
|
||||
_route_table_id=$_tproxy_route_table_id
|
||||
fi
|
||||
_pkts_mark=$(($_pkts_mark + 1))
|
||||
NftInstanceAdd "\"$U_NAME\"" $_pkts_mark $U_PROXY_MODE $U_TOR_TRANS_PORT $_route_table_id "\"$U_IF_VPN\"" $U_T_PROXY_TYPE $U_T_PROXY_PORT_TCP $U_T_PROXY_PORT_UDP $U_T_PROXY_ALLOW_UDP $U_ENABLE_ENTRIES_REMOTE_PROXY $U_ENABLE_FPROXY "\"$U_VPN_GW_IP\""
|
||||
NftInstanceAdd "\"$U_NAME\"" $_pkts_mark ${U_PROXY_MODE:=$INSTANCES_DEF_PROXY_MODE} ${U_TOR_TRANS_PORT:=$INSTANCES_DEF_TOR_TRANS_PORT} $_route_table_id "\"${U_IF_VPN:=$INSTANCES_DEF_IF_VPN}\"" ${U_T_PROXY_TYPE:=$INSTANCES_DEF_T_PROXY_TYPE} ${U_T_PROXY_PORT_TCP:=$INSTANCES_DEF_T_PROXY_PORT_TCP} ${U_T_PROXY_PORT_UDP:=$INSTANCES_DEF_T_PROXY_PORT_UDP} ${U_T_PROXY_ALLOW_UDP:=$INSTANCES_DEF_T_PROXY_ALLOW_UDP} ${U_ENABLE_ENTRIES_REMOTE_PROXY:=$INSTANCES_DEF_ENABLE_BLLIST_PROXY} ${U_ENABLE_FPROXY:=$INSTANCES_DEF_ENABLE_FPROXY} "\"$U_VPN_GW_IP\""
|
||||
ClearUserInstanceVars
|
||||
_prio_offset=$(($_prio_offset - 1))
|
||||
done
|
||||
@@ -603,7 +615,7 @@ AddNftRules() {
|
||||
NftAddBaseChains $_chain_prio_first $_chain_prio_local $_chain_prio_fproxy
|
||||
NftAddActionChains $_chain_prio_action
|
||||
AddUserInstancesNftRules
|
||||
NftInstanceAdd "\" \"" $PKTS_MARK_START $PROXY_MODE $TOR_TRANS_PORT $_route_table_id "\"$IF_VPN\"" $T_PROXY_TYPE $T_PROXY_PORT_TCP $T_PROXY_PORT_UDP $T_PROXY_ALLOW_UDP $ENABLE_BLLIST_PROXY $ENABLE_FPROXY "\"$VPN_GW_IP\""
|
||||
NftInstanceAdd "\" \"" $PKTS_MARK_START ${PROXY_MODE:=$INSTANCES_DEF_PROXY_MODE} ${TOR_TRANS_PORT:=$INSTANCES_DEF_TOR_TRANS_PORT} $_route_table_id "\"${IF_VPN:=$INSTANCES_DEF_IF_VPN}\"" ${T_PROXY_TYPE:=$INSTANCES_DEF_T_PROXY_TYPE} ${T_PROXY_PORT_TCP:=$INSTANCES_DEF_T_PROXY_PORT_TCP} ${T_PROXY_PORT_UDP:=$INSTANCES_DEF_T_PROXY_PORT_UDP} ${T_PROXY_ALLOW_UDP:=$INSTANCES_DEF_T_PROXY_ALLOW_UDP} ${ENABLE_BLLIST_PROXY:=$INSTANCES_DEF_ENABLE_BLLIST_PROXY} ${ENABLE_FPROXY:=$INSTANCES_DEF_ENABLE_FPROXY} "\"$VPN_GW_IP\""
|
||||
if [ "$PROXY_LOCAL_CLIENTS" = "1" ]; then
|
||||
NftAddLocalClientsRule
|
||||
fi
|
||||
@@ -864,7 +876,7 @@ AddUserEntries() {
|
||||
printf "server=/onion/%s\nnftset=/onion/%s#%s\n" "$U_ONION_DNS_ADDR" "$NFT_TABLE_DNSMASQ" "${NFTSET_ONION}.${U_NAME}" >> "$_dnsmasq_data_file_user_instances"
|
||||
fi
|
||||
if [ -f "$_instance_entries_file" ]; then
|
||||
{ cat "$_instance_entries_file"; printf "\n0\n"; } | ParseUserEntries "`printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}"`" "`printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}"`" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:local" "$U_ENTRIES_DNS"
|
||||
{ cat "$_instance_entries_file"; printf "\n0\n"; } | ParseUserEntries "$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}")" "$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}")" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:local" "$U_ENTRIES_DNS"
|
||||
fi
|
||||
if [ -n "$U_ENTRIES_REMOTE" ]; then
|
||||
for _url in $U_ENTRIES_REMOTE
|
||||
@@ -876,7 +888,7 @@ AddUserEntries() {
|
||||
if [ "$U_ENABLE_ENTRIES_REMOTE_PROXY" = "1" ]; then
|
||||
UpdateBllistProxySet "$U_NAME" "$_url"
|
||||
fi
|
||||
{ Download - "$_url"; printf "\n$?\n"; } | ParseUserEntries "`printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}"`" "`printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}"`" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:${_url}" "$U_ENTRIES_DNS"
|
||||
{ Download - "$_url"; printf "\n$?\n"; } | ParseUserEntries "$(printf "$NFTSET_IP_PATTERN" "${NFTSET_IP}.${U_NAME}")" "$(printf "$NFTSET_CIDR_PATTERN" "${NFTSET_CIDR}.${U_NAME}")" "${NFTSET_DNSMASQ}.${U_NAME}" "$_ip_data_file_user_instances" "$_dnsmasq_data_file_user_instances" "$_user_entries_status_file" "${U_NAME}:${_url}" "$U_ENTRIES_DNS"
|
||||
if [ $? -eq 0 ]; then
|
||||
_instance_return_code=0
|
||||
break
|
||||
@@ -922,11 +934,11 @@ AddUserEntries() {
|
||||
if [ "$ENABLE_TMP_DOWNLOADS" != "1" ] || [ "$ENABLE_TMP_DOWNLOADS" = "1" -a $_return_code -eq 0 ]; then
|
||||
while read _str
|
||||
do
|
||||
_update_string=`printf "$_str" | $AWK_CMD '{
|
||||
_update_string=$(printf "$_str" | $AWK_CMD '{
|
||||
if(NF == 4) {
|
||||
printf "User entries (%s): CIDR: %s, IP: %s, FQDN: %s", $4, $1, $2, $3;
|
||||
};
|
||||
}'`
|
||||
}')
|
||||
if [ -n "$_update_string" ]; then
|
||||
### STDOUT
|
||||
echo " ${_update_string}"
|
||||
@@ -983,14 +995,14 @@ GetMainInstanceEntries() {
|
||||
FlushNftSets "$NFTSET_BLLIST_PROXY"
|
||||
fi
|
||||
if [ $_return_code -eq 0 ]; then
|
||||
_update_string=`$AWK_CMD '{
|
||||
_update_string=$($AWK_CMD '{
|
||||
printf "Received entries: %s\n", (NF < 3) ? "No data" : "CIDR: "$1", IP: "$2", FQDN: "$3;
|
||||
exit;
|
||||
}' "$UPDATE_STATUS_FILE"`
|
||||
}' "$UPDATE_STATUS_FILE")
|
||||
### STDOUT
|
||||
echo " ${_update_string}"
|
||||
MakeLogRecord "notice" "${_update_string}"
|
||||
printf " `date +%d.%m.%Y-%H:%M`\n" >> "$UPDATE_STATUS_FILE"
|
||||
printf " $(date +%d.%m.%Y-%H:%M)\n" >> "$UPDATE_STATUS_FILE"
|
||||
fi
|
||||
elif [ -z "$BLLIST_PRESET" -a -z "$BLLIST_MODULE" ]; then
|
||||
ClearDataFiles main_instance
|
||||
@@ -1199,20 +1211,20 @@ Reload() {
|
||||
Status() {
|
||||
local _update_status _user_entries_status _vpn_error
|
||||
if [ -f "$UPDATE_STATUS_FILE" ]; then
|
||||
_update_status=`$AWK_CMD '{
|
||||
_update_status=$($AWK_CMD '{
|
||||
update_string=(NF < 4) ? "No data" : $4" (CIDR: "$1" | IP: "$2" | FQDN: "$3")";
|
||||
printf "Last blacklist update: %s", update_string;
|
||||
}' "$UPDATE_STATUS_FILE"`
|
||||
}' "$UPDATE_STATUS_FILE")
|
||||
else
|
||||
_update_status="Last blacklist update: No data"
|
||||
fi
|
||||
|
||||
if [ -f "$USER_ENTRIES_STATUS_FILE" ]; then
|
||||
_user_entries_status=`$AWK_CMD '{
|
||||
_user_entries_status=$($AWK_CMD '{
|
||||
if(NF == 4) {
|
||||
printf " User entries (%s): CIDR: %s | IP: %s | FQDN: %s\n", $4, $1, $2, $3;
|
||||
};
|
||||
}' "$USER_ENTRIES_STATUS_FILE"`
|
||||
}' "$USER_ENTRIES_STATUS_FILE")
|
||||
fi
|
||||
|
||||
if ! GetVpnRouteStatus; then
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
PID_FILE="/var/run/`basename $0`.pid"
|
||||
PID_FILE="/var/run/$(basename $0).pid"
|
||||
APP_EXEC="/usr/bin/ruantiblock"
|
||||
|
||||
. "$USER_INSTANCES_COMMON"
|
||||
@@ -9,7 +9,7 @@ VPN_IFACES_STATUS=1
|
||||
|
||||
CheckIfaceStatus() {
|
||||
local _iface="$1" _ret_val=0
|
||||
if [ -z "`$IP_CMD link show dev $_iface up 2> /dev/null`" ]; then
|
||||
if [ -z "$($IP_CMD link show dev $_iface up 2> /dev/null)" ]; then
|
||||
_ret_val=1
|
||||
|
||||
if [ $DEBUG -ge 1 ]; then
|
||||
@@ -23,7 +23,7 @@ CheckIfaceStatus() {
|
||||
|
||||
VpnRouteInstanceStatus() {
|
||||
local _vpn_route_table_id=$1
|
||||
[ -n "`$IP_CMD route show table $_vpn_route_table_id 2> /dev/null`" ] && return 0
|
||||
[ -n "$($IP_CMD route show table $_vpn_route_table_id 2> /dev/null)" ] && return 0
|
||||
return 1
|
||||
}
|
||||
|
||||
@@ -83,7 +83,7 @@ Start() {
|
||||
}
|
||||
|
||||
Stop() {
|
||||
kill -s SIGKILL `cat "$PID_FILE"` 2> /dev/null
|
||||
kill -s SIGKILL $(cat "$PID_FILE") 2> /dev/null
|
||||
rm -f "$PID_FILE"
|
||||
}
|
||||
|
||||
@@ -104,7 +104,7 @@ case "$1" in
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Usage: `basename $0` start|stop"
|
||||
echo "Usage: $(basename $0) start|stop"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
|
||||
UCI_SECTION="ruantiblock.config"
|
||||
UCI_VARS="dnsmasq_confdir proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn vpn_gw_ip vpn_route_check tor_trans_port onion_dns_addr t_proxy_type t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup enable_tmp_downloads"
|
||||
UCI_CMD=`which uci`
|
||||
UCI_CMD="$(which uci)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! UCI doesn't exists" >&2
|
||||
exit 1
|
||||
fi
|
||||
AWK_CMD="awk"
|
||||
|
||||
eval `$UCI_CMD show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
|
||||
eval $($UCI_CMD show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
|
||||
BEGIN {
|
||||
split(UCI_VARS, split_array, " ");
|
||||
for(i in split_array)
|
||||
@@ -26,7 +27,7 @@ eval `$UCI_CMD show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
|
||||
for(i in vars_array)
|
||||
print toupper(i) "=\"""\"";
|
||||
};
|
||||
}'`
|
||||
}')
|
||||
|
||||
. /lib/functions/network.sh
|
||||
network_get_subnet subnet_lan "lan"
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
|
||||
UCI_VARS="u_enabled u_proxy_mode u_tor_trans_port u_onion_dns_addr u_if_vpn u_vpn_gw_ip u_t_proxy_type u_t_proxy_port_tcp u_t_proxy_port_udp u_t_proxy_allow_udp u_entries_dns u_entries_remote u_enable_entries_remote_proxy u_enable_fproxy u_fproxy_list"
|
||||
UCI_CMD=`which uci`
|
||||
UCI_CMD="$(which uci)"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo " Error! UCI doesn't exists" >&2
|
||||
exit 1
|
||||
@@ -26,7 +27,7 @@ IncludeUserInstanceVars() {
|
||||
local _inst="$1"
|
||||
local _uci_section="${NAME}.${_inst}"
|
||||
U_NAME="$_inst"
|
||||
eval `$UCI_CMD show "$_uci_section" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
|
||||
eval $($UCI_CMD show "$_uci_section" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
|
||||
BEGIN {
|
||||
split(UCI_VARS, split_array, " ");
|
||||
for(i in split_array)
|
||||
@@ -45,7 +46,7 @@ IncludeUserInstanceVars() {
|
||||
for(i in vars_array)
|
||||
print toupper(i) "=\"""\"";
|
||||
};
|
||||
}'`
|
||||
}')
|
||||
|
||||
if [ $DEBUG -ge 2 ]; then
|
||||
echo " user_instances_config_script.IncludeUserInstanceVars: _inst=${_inst} U_NAME=${U_NAME} U_PROXY_MODE=${U_PROXY_MODE}" >&2
|
||||
|
||||
@@ -1,18 +1,18 @@
|
||||
Info() {
|
||||
local _update_status _user_entries_status _inst
|
||||
if [ -f "$UPDATE_STATUS_FILE" ]; then
|
||||
_update_status=`$AWK_CMD '{
|
||||
_update_status=$($AWK_CMD '{
|
||||
if(NF < 4) {
|
||||
printf "{\"status\":false}";
|
||||
} else {
|
||||
printf "{\"status\":true,\"date\":\""$4"\",\"cidr\":\""$1"\",\"ip\":\""$2"\",\"fqdn\":\""$3"\"}";
|
||||
};
|
||||
}' "$UPDATE_STATUS_FILE"`
|
||||
}' "$UPDATE_STATUS_FILE")
|
||||
else
|
||||
_update_status="{\"status\":false}"
|
||||
fi
|
||||
if [ -f "$USER_ENTRIES_STATUS_FILE" ]; then
|
||||
_user_entries_status=`$AWK_CMD '
|
||||
_user_entries_status=$($AWK_CMD '
|
||||
BEGIN {
|
||||
items = 0;
|
||||
printf "[";
|
||||
@@ -29,7 +29,7 @@ Info() {
|
||||
}
|
||||
END {
|
||||
printf "]";
|
||||
}' "$USER_ENTRIES_STATUS_FILE"`
|
||||
}' "$USER_ENTRIES_STATUS_FILE")
|
||||
else
|
||||
_user_entries_status="[]"
|
||||
fi
|
||||
|
||||
@@ -56,7 +56,7 @@ NftRouteAdd() {
|
||||
if [ -n "$_vpn_gw_ip" ]; then
|
||||
_vpn_ip="$_vpn_gw_ip"
|
||||
else
|
||||
_vpn_ip=`$IP_CMD addr list dev "$_if_vpn" 2> /dev/null | $AWK_CMD '/inet/{f=($3 == "peer") ? 4 : 2; sub("/[0-9]{1,2}$", "", $f); print $f; exit}'`
|
||||
_vpn_ip=$($IP_CMD addr list dev "$_if_vpn" 2> /dev/null | $AWK_CMD '/inet/{f=($3 == "peer") ? 4 : 2; sub("/[0-9]{1,2}$", "", $f); print $f; exit}')
|
||||
fi
|
||||
if [ -n "$_vpn_ip" -a "$_type" = "vpn" ]; then
|
||||
echo 0 > "/proc/sys/net/ipv4/conf/${_if_vpn}/rp_filter"
|
||||
@@ -80,7 +80,7 @@ NftRouteAdd() {
|
||||
|
||||
NftRouteStatus() {
|
||||
local _route_table_id=$1
|
||||
[ -n "`$IP_CMD route show table "$_route_table_id" 2> /dev/null`" ] && return 0
|
||||
[ -n "$($IP_CMD route show table "$_route_table_id" 2> /dev/null)" ] && return 0
|
||||
return 1
|
||||
}
|
||||
|
||||
@@ -90,9 +90,7 @@ NftAddBaseChains() {
|
||||
$NFT_CMD add chain $NFT_TABLE "$NFT_BLLIST_CHAIN"
|
||||
$NFT_CMD add chain $NFT_TABLE "$NFT_FPROXY_CHAIN" { type filter hook prerouting priority ${_chain_prio_fproxy}\; policy accept\; }
|
||||
$NFT_CMD add chain $NFT_TABLE "$NFT_ALLOWED_HOSTS_CHAIN" { type filter hook prerouting priority ${_chain_prio_first}\; policy accept\; }
|
||||
NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_FPROXY_CHAIN" meta iif lo return
|
||||
NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_FPROXY_CHAIN" ip daddr "@${NFTSET_FPROXY_PRIVATE}" return
|
||||
NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_ALLOWED_HOSTS_CHAIN" meta iif lo return
|
||||
NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_ALLOWED_HOSTS_CHAIN" "$NFT_ALLOWED_HOSTS_PATTERN"
|
||||
if [ "$BYPASS_MODE" = "1" ]; then
|
||||
for _set in "$NFTSET_BYPASS_IP" "$NFTSET_BYPASS_FQDN"
|
||||
|
||||
@@ -25,7 +25,7 @@ ListUserInstances() {
|
||||
|
||||
GetUserInstances() {
|
||||
local _type="$1" _fnames="$2" _i=0 _inst _instances=""
|
||||
for _inst in `ListUserInstances`
|
||||
for _inst in $(ListUserInstances)
|
||||
do
|
||||
IncludeUserInstanceVars "$_inst"
|
||||
if [ $_i -lt $USER_INSTANCES_MAX -a -n "$U_NAME" -a "$U_ENABLED" != "0" ]; then
|
||||
@@ -45,7 +45,7 @@ GetUserInstances() {
|
||||
|
||||
SetUserInstancesItems() {
|
||||
local _i=0 _inst _instances_all="" _instances_all_fnames="" _instances_vpn="" _instances_vpn_fnames="" _instances_cfg="" _instances_cfg_fnames=""
|
||||
for _inst in `ListUserInstances`
|
||||
for _inst in $(ListUserInstances)
|
||||
do
|
||||
IncludeUserInstanceVars "$_inst"
|
||||
if [ $_i -lt $USER_INSTANCES_MAX -a -n "$U_NAME" -a "$U_ENABLED" != "0" ]; then
|
||||
|
||||
Reference in New Issue
Block a user