From c8e8832a3d223694eb59ab329a19d6fedf04f2d0 Mon Sep 17 00:00:00 2001 From: gSpot Date: Tue, 22 Aug 2023 18:16:04 +0300 Subject: [PATCH] Removed TOR_ALLOW_UDP option, NFTSET_DNSMASQ_TIMEOUT set to 3 hours --- luci-app-ruantiblock/Makefile | 2 +- .../luci-static/resources/view/ruantiblock/settings.js | 5 ----- luci-app-ruantiblock/po/ru/ruantiblock.po | 3 --- luci-app-ruantiblock/po/templates/ruantiblock.pot | 3 --- ruantiblock/Makefile | 2 +- ruantiblock/files/etc/config/ruantiblock | 1 - ruantiblock/files/etc/ruantiblock/ruantiblock.conf | 4 +--- ruantiblock/files/usr/bin/ruantiblock | 4 +--- ruantiblock/files/usr/share/ruantiblock/config_script | 2 +- ruantiblock/files/usr/share/ruantiblock/nft_functions | 3 --- 10 files changed, 5 insertions(+), 24 deletions(-) diff --git a/luci-app-ruantiblock/Makefile b/luci-app-ruantiblock/Makefile index a4f76fc..255da8d 100644 --- a/luci-app-ruantiblock/Makefile +++ b/luci-app-ruantiblock/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk -PKG_VERSION:=1.2-2 +PKG_VERSION:=1.2-3 LUCI_TITLE:=LuCI support for ruantiblock LUCI_DEPENDS:=+ruantiblock LUCI_PKGARCH:=all diff --git a/luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js b/luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js index 73705f7..f23df02 100644 --- a/luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js +++ b/luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js @@ -176,11 +176,6 @@ return view.extend({ o.rmempty = false; o.datatype = "port"; - //TOR_ALLOW_UDP - o = s.taboption('tor_settings', form.Flag, 'tor_allow_udp', - _("Send UDP traffic to Tor")); - o.rmempty = false; - // ONION_DNS_ADDR o = s.taboption('tor_settings', form.Value, 'onion_dns_addr', _("Optional DNS resolver for '.onion' zone"), 'ipaddress#port'); diff --git a/luci-app-ruantiblock/po/ru/ruantiblock.po b/luci-app-ruantiblock/po/ru/ruantiblock.po index d6b918f..b60cada 100644 --- a/luci-app-ruantiblock/po/ru/ruantiblock.po +++ b/luci-app-ruantiblock/po/ru/ruantiblock.po @@ -345,9 +345,6 @@ msgstr "Запуск при старте системы" msgid "Save" msgstr "Сохранить" -msgid "Send UDP traffic to Tor" -msgstr "Отправлять в Tor UDP-трафик" - msgid "Send UDP traffic to transparent proxy" msgstr "Отправлять в прозрачный прокси UDP-трафик" diff --git a/luci-app-ruantiblock/po/templates/ruantiblock.pot b/luci-app-ruantiblock/po/templates/ruantiblock.pot index fe3ec38..ca68609 100644 --- a/luci-app-ruantiblock/po/templates/ruantiblock.pot +++ b/luci-app-ruantiblock/po/templates/ruantiblock.pot @@ -316,9 +316,6 @@ msgstr "" msgid "Save" msgstr "" -msgid "Send UDP traffic to Tor" -msgstr "" - msgid "Send UDP traffic to transparent proxy" msgstr "" diff --git a/ruantiblock/Makefile b/ruantiblock/Makefile index 81e4551..9f4bfef 100644 --- a/ruantiblock/Makefile +++ b/ruantiblock/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ruantiblock PKG_VERSION:=1.2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_MAINTAINER:=gSpot include $(INCLUDE_DIR)/package.mk diff --git a/ruantiblock/files/etc/config/ruantiblock b/ruantiblock/files/etc/config/ruantiblock index 535fefd..fef1a6e 100644 --- a/ruantiblock/files/etc/config/ruantiblock +++ b/ruantiblock/files/etc/config/ruantiblock @@ -7,7 +7,6 @@ config main 'config' option bypass_mode '0' option if_vpn 'tun0' option tor_trans_port '9040' - option tor_allow_udp '0' option onion_dns_addr '127.0.0.1#9053' option t_proxy_port_tcp '1100' option t_proxy_port_udp '1100' diff --git a/ruantiblock/files/etc/ruantiblock/ruantiblock.conf b/ruantiblock/files/etc/ruantiblock/ruantiblock.conf index 4fd21e9..f59f3c0 100644 --- a/ruantiblock/files/etc/ruantiblock/ruantiblock.conf +++ b/ruantiblock/files/etc/ruantiblock/ruantiblock.conf @@ -27,8 +27,6 @@ ALLOWED_HOSTS_LIST="" IF_VPN="tun0" ### Порт прозрачного прокси Tor (параметр TransPort в torrc) TOR_TRANS_PORT=9040 -### Отправлять в Tor UDP-трафик (0 - выкл, 1 - вкл) -TOR_ALLOW_UDP=0 ### DNS-сервер для резолвинга в домене .onion (Tor) ONION_DNS_ADDR="127.0.0.1#9053" ### метка для отбора пакетов в VPN туннель @@ -56,7 +54,7 @@ NFTSET_POLICY_CIDR="memory" NFTSET_POLICY_IP="memory" NFTSET_POLICY_DNSMASQ="performance" ### Таймаут для записей в сете $NFTSET_DNSMASQ -NFTSET_DNSMASQ_TIMEOUT="1h" +NFTSET_DNSMASQ_TIMEOUT="3h" ### Динамическое обновление таймаута записей в сете $NFTSET_DNSMASQ (0 - выкл, 1 - вкл) NFTSET_DNSMASQ_TIMEOUT_UPDATE=1 ### Приоритет правила отбора пакетов nftables для конфигупации Tor или прозрачного прокси diff --git a/ruantiblock/files/usr/bin/ruantiblock b/ruantiblock/files/usr/bin/ruantiblock index 951f7bc..394a567 100755 --- a/ruantiblock/files/usr/bin/ruantiblock +++ b/ruantiblock/files/usr/bin/ruantiblock @@ -42,8 +42,6 @@ export ALLOWED_HOSTS_LIST="" export IF_VPN="tun0" ### Порт прозрачного прокси Tor (параметр TransPort в torrc) export TOR_TRANS_PORT=9040 -### Отправлять в Tor UDP-трафик (0 - выкл, 1 - вкл) -export TOR_ALLOW_UDP=0 ### DNS-сервер для резолвинга в домене .onion (Tor) export ONION_DNS_ADDR="127.0.0.1#9053" ### метка для отбора пакетов в VPN туннель @@ -71,7 +69,7 @@ export NFTSET_POLICY_CIDR="memory" export NFTSET_POLICY_IP="memory" export NFTSET_POLICY_DNSMASQ="performance" ### Таймаут для записей в сете $NFTSET_DNSMASQ -export NFTSET_DNSMASQ_TIMEOUT="1h" +export NFTSET_DNSMASQ_TIMEOUT="3h" ### Динамическое обновление таймаута записей в сете $NFTSET_DNSMASQ (0 - выкл, 1 - вкл) export NFTSET_DNSMASQ_TIMEOUT_UPDATE=1 ### Приоритет правила отбора пакетов nftables для конфигупации Tor или прозрачного прокси diff --git a/ruantiblock/files/usr/share/ruantiblock/config_script b/ruantiblock/files/usr/share/ruantiblock/config_script index adf8208..4cc940e 100644 --- a/ruantiblock/files/usr/share/ruantiblock/config_script +++ b/ruantiblock/files/usr/share/ruantiblock/config_script @@ -1,6 +1,6 @@ AWK_CMD="awk" UCI_SECTION="ruantiblock.config" -UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns if_vpn tor_trans_port tor_allow_udp onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup" +UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns if_vpn tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup" eval `uci show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" ' BEGIN { diff --git a/ruantiblock/files/usr/share/ruantiblock/nft_functions b/ruantiblock/files/usr/share/ruantiblock/nft_functions index 20b852f..7a05657 100644 --- a/ruantiblock/files/usr/share/ruantiblock/nft_functions +++ b/ruantiblock/files/usr/share/ruantiblock/nft_functions @@ -84,9 +84,6 @@ NftMainAdd() { fi else NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_ACTION_CHAIN" tcp dport { 0-65535 } redirect to $TOR_TRANS_PORT - if [ "$TOR_ALLOW_UDP" = "1" ]; then - NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_ACTION_CHAIN" udp dport { 0-65535 } redirect to $TOR_TRANS_PORT - fi NftCmdWrapper $NFT_CMD add rule $NFT_TABLE "$NFT_BLLIST_CHAIN" ip daddr "@${NFTSET_ONION}" counter goto "$NFT_ACTION_CHAIN" fi if [ "$BYPASS_MODE" = "1" ]; then