i11th/ruantiblock_openwrt
1
0
Fork 0
mirror of https://github.com/gSpotx2f/ruantiblock_openwrt.git synced 2026-05-13 14:10:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

v0.9.6. "Transparent proxy" mode for Shadowsocks support.

Browse Source
This commit is contained in:
gSpot
2023-01-09 18:11:41 +03:00
parent 9140e260cd
commit dec209e12c
20 changed files with 392 additions and 204 deletions
Download Patch File Download Diff File Expand all files Collapse all files
autoinstall/autoinstall.sh
+56 -10
View File
@@ -4,13 +4,14 @@ PREFIX=""
TOR_USER="tor"
PROXY_MODE=1
LUA_MODULE=1
BLACKLIST=0
LUA_MODULE=0
LUCI_APP=1
OWRT_VERSION="current"
RUAB_VERSION="0.9.5-0"
RUAB_MOD_LUA_VERSION="0.9.5-0"
RUAB_LUCI_APP_VERSION="0.9.5-0"
RUAB_VERSION="0.9.6-0"
RUAB_MOD_LUA_VERSION="0.9.6-0"
RUAB_LUCI_APP_VERSION="0.9.6-0"
BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
PKG_DIR="/tmp"
@@ -177,11 +178,15 @@ InstallBaseConfig() {
RemoveFile "$FILE_RUAB_PKG" > /dev/null
DlFile "$URL_RUAB_PKG" "$FILE_RUAB_PKG" && $OPKG_CMD install "$FILE_RUAB_PKG" > /dev/null
_return_code=$?
# костыль для остановки сервиса, который запускается автоматически после установки пакета!
AppStop
return $_return_code
}
EnableBlacklist() {
$UCI_CMD set ruantiblock.config.bllist_preset="ruantiblock-fqdn"
$UCI_CMD commit ruantiblock
}
InstallVPNConfig() {
local _if_vpn
$UCI_CMD set ruantiblock.config.proxy_mode="2"
@@ -189,6 +194,12 @@ InstallVPNConfig() {
$UCI_CMD commit ruantiblock
}
InstallTPConfig() {
local _if_vpn
$UCI_CMD set ruantiblock.config.proxy_mode="3"
$UCI_CMD commit ruantiblock
}
TorrcSettings() {
local _lan_ip=`$UCI_CMD get network.lan.ipaddr | $AWK_CMD -F "/" '{print $1}'`
if [ -z "$_lan_ip" ]; then
@@ -208,7 +219,6 @@ InstallTorConfig() {
TorrcSettings
$UCI_CMD set ruantiblock.config.proxy_mode="1"
$UCI_CMD commit ruantiblock
# dnsmasq rebind protection
$UCI_CMD set dhcp.@dnsmasq[0].rebind_domain='.onion'
$UCI_CMD commit dhcp
}
@@ -243,7 +253,7 @@ InputError () {
ConfirmProxyMode() {
local _reply
printf " Select configuration [1: Tor | 2: VPN] (default: 1, quit: q) > "
printf " Select configuration [ 1: Tor | 2: VPN | 3: Transparent proxy ] (default: 1, quit: q) > "
read _reply
case $_reply in
1|"")
@@ -254,6 +264,10 @@ ConfirmProxyMode() {
PROXY_MODE=2
break
;;
3)
PROXY_MODE=3
break
;;
q|Q)
printf "Bye...\n"; exit 0
;;
@@ -263,9 +277,31 @@ ConfirmProxyMode() {
esac
}
ConfirmBlacklist() {
local _reply
printf " Select blacklist [ 1: User entries only | 2: RKN blacklist ] (default: 1, quit: q) > "
read _reply
case $_reply in
1|"")
BLACKLIST=1
break
;;
2)
BLACKLIST=2
break
;;
q|Q)
printf "Bye...\n"; exit 0
;;
*)
InputError ConfirmBlacklist
;;
esac
}
ConfirmLuaModule() {
local _reply
printf " Would you like to install the lua module? [y|n] (default: y, quit: q) > "
printf " Would you like to install the lua module? [ y | n ] (default: y, quit: q) > "
read _reply
case $_reply in
y|Y|"")
@@ -287,7 +323,7 @@ ConfirmLuaModule() {
ConfirmLuciApp() {
local _reply
printf " Would you like to install the LuCI application? [y|n] (default: y, quit: q) > "
printf " Would you like to install the LuCI application? [ y | n ] (default: y, quit: q) > "
read _reply
case $_reply in
y|Y|"")
@@ -309,7 +345,7 @@ ConfirmLuciApp() {
ConfirmProcessing() {
local _reply
printf " Next, the installation will begin... Continue? [y|n] (default: y, quit: q) > "
printf " Next, the installation will begin... Continue? [ y | n ] (default: y, quit: q) > "
read _reply
case $_reply in
y|Y|"")
@@ -325,6 +361,8 @@ ConfirmProcessing() {
}
ConfirmProxyMode
ConfirmBlacklist
#ConfirmLuaModule
ConfirmLuciApp
ConfirmProcessing
AppStop
@@ -338,6 +376,9 @@ if [ $? -eq 0 ]; then
if [ $PROXY_MODE = 2 ]; then
PrintBold "Installing VPN configuration..."
InstallVPNConfig
elif [ $PROXY_MODE = 3 ]; then
PrintBold "Installing transparent proxy configuration..."
InstallTPConfig
else
PrintBold "Installing Tor configuration..."
InstallTorConfig
@@ -346,6 +387,11 @@ if [ $? -eq 0 ]; then
fi
fi
if [ $BLACKLIST = 2 ]; then
PrintBold "Set RKN blacklist..."
EnableBlacklist
fi
if [ $LUA_MODULE = 1 ]; then
PrintBold "Installing lua module..."
InstallLuaModule
luci-app-ruantiblock/Makefile
+1 -1
View File
@@ -4,7 +4,7 @@
include $(TOPDIR)/rules.mk
PKG_VERSION:=0.9.5-0
PKG_VERSION:=0.9.6-0
LUCI_TITLE:=LuCI support for ruantiblock
LUCI_DEPENDS:=+ruantiblock
LUCI_PKGARCH:=all
luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js
+153 -110
View File
@@ -8,7 +8,7 @@
'require view.ruantiblock.tools as tools';
return view.extend({
availableParsers: {},
parsers: {},
appStatusCode : null,
@@ -20,10 +20,6 @@ return view.extend({
};
},
dependsBllistModule: function(elem) {
this.depends(elem, 'bllist_module', Object.values(this.availableParsers));
},
validateIpPort: function(section, value) {
return (/^$|^([0-9]{1,3}\.){3}[0-9]{1,3}(#[\d]{2,5})?$/.test(value)) ? true : _('Expecting:')
+ ` ${_('One of the following:')}\n - ${_('valid IP address')}\n - ${_('valid address#port')}\n`;
@@ -32,8 +28,8 @@ return view.extend({
load: function() {
return Promise.all([
L.resolveDefault(fs.exec(tools.execPath, [ 'raw-status' ]), 1),
fs.list(tools.parsersDir),
uci.load('network'),
L.resolveDefault(fs.list(tools.parsersDir), null),
uci.load(tools.appName),
]).catch(e => {
ui.addNotification(null, E('p', _('Unable to read the contents')
+ ': %s [ %s ]'.format(
@@ -47,18 +43,32 @@ return view.extend({
return;
};
this.appStatusCode = data[0].code;
let p_dir_arr = data[1];
let vpn_iface = uci.get('network', 'VPN', 'ifname') || 'tun0';
let p_dir_arr = data[1];
let curent_module = uci.get(tools.appName, 'config', 'bllist_module');
let curent_preset = uci.get(tools.appName, 'config', 'bllist_preset');
if(p_dir_arr) {
p_dir_arr.forEach(e => {
let fname = e.name;
if(fname.startsWith('ruab_parser')) {
this.availableParsers[fname] = tools.parsersDir + '/' + fname;
this.parsers[fname] = tools.parsersDir + '/' + fname;
};
});
};
let availableParsers = Object.keys(this.parsers).length > 0;
if(!availableParsers) {
for(let i of Object.keys(tools.blacklistPresets)) {
if(!new RegExp('^($|' + tools.appName + ')').test(i) && i !== curent_preset) {
delete tools.blacklistPresets[i];
};
};
};
if(curent_module) {
this.parsers[curent_module.match(/([^/]*)$/)[0]] = curent_module;
};
let ip_filter_edit = new tools.fileEditDialog(
tools.ipFilterFile,
_('IP filter'),
@@ -111,6 +121,7 @@ return view.extend({
_('Proxy mode'));
o.value('1', 'Tor');
o.value('2', 'VPN');
o.value('3', _('Transparent proxy'));
};
// PROXY_LOCAL_CLIENTS
@@ -156,7 +167,7 @@ return view.extend({
// TOR_TRANS_PORT
o = s.taboption('tor_settings', form.Value, 'tor_trans_port',
_('Transparent proxy port for iptables rules'));
_('Transparent proxy port'));
o.rmempty = false;
o.datatype = "port";
@@ -189,121 +200,153 @@ return view.extend({
o.multiple = false;
o.noaliases = true;
o.rmempty = false;
o.default = vpn_iface;
o.default = 'tun0';
/* Proxy tab */
s.tab('proxy_settings', _('Transparent proxy mode'));
// T_PROXY_PORT_TCP
o = s.taboption('proxy_settings', form.Value, 't_proxy_port_tcp',
_('Transparent proxy TCP port'));
o.rmempty = false;
o.datatype = "port";
//T_PROXY_ALLOW_UDP
o = s.taboption('proxy_settings', form.Flag, 't_proxy_allow_udp',
_("Send UDP traffic to transparent proxy"));
o.rmempty = false;
// T_PROXY_PORT_UDP
o = s.taboption('proxy_settings', form.Value, 't_proxy_port_udp',
_('Transparent proxy UDP port'));
o.rmempty = false;
o.datatype = "port";
};
/* Parser settings tab */
/* Blacklist module tab */
s.tab('parser_settings', _('Blacklist settings'));
// BLLIST_MODULE
let bllist_module = s.taboption('parser_settings', form.ListValue,
'bllist_module', _('Blacklist module'));
bllist_module.value('', _('none (user entries only)'));
Object.entries(this.availableParsers).forEach(
e => bllist_module.value(e[1], e[0]));
s.tab('blacklist_tab', _('Blacklist settings'));
// BLLIST_PRESET
let bllist_preset = s.taboption('parser_settings', form.ListValue,
let bllist_preset = s.taboption('blacklist_tab', form.ListValue,
'bllist_preset', _('Blacklist update mode'));
bllist_preset.description = _("Blacklist sources") + ':';
bllist_preset.value('', _('user entries only'));
Object.entries(tools.blacklistPresets).forEach(e => {
bllist_preset.value(e[0], `${e[1][0]} - ${e[1][1]}`);
bllist_preset.value(e[0], ((e[1][1]) ? `${e[1][0]} - ${e[1][1]}` : e[1][0]));
});
let bllist_sources = {};
Object.values(tools.blacklistPresets).forEach(v => {bllist_sources[v[0]] = v[2]});
Object.values(tools.blacklistPresets).forEach(v => { bllist_sources[v[0]] = v[2] });
Object.entries(bllist_sources).forEach(e => {
bllist_preset.description += `<br />${e[0]} - <a href="${e[1]}" target="_blank">${e[1]}</a>`;
if(e[1]) {
bllist_preset.description += `<br />${e[0]} - <a href="${e[1]}" target="_blank">${e[1]}</a>`;
};
});
// BLLIST_IP_LIMIT
o = s.taboption('parser_settings', form.Value, 'bllist_ip_limit', _("IP limit"));
o.description = _("The number of IP addresses in the subnet, upon reaching which the entire '/24' subnet is added to the list");
o.rmempty = false;
o.datatype = 'uinteger';
// BLLIST_MODULE
let bllist_module = s.taboption('blacklist_tab', form.ListValue,
'bllist_module', _('Blacklist module') + '*');
bllist_module.value('', _('disabled'));
bllist_module.depends({ bllist_preset: new RegExp('^($|' + tools.appName + ')'), '!reverse': true });
Object.entries(this.parsers).forEach(
e => bllist_module.value(e[1], e[0]));
if(availableParsers) {
bllist_preset.description += '<br /> ( * - ' + _('requires installed blacklist module') + ' )';
/* Parser settings tab */
s.tab('parser_settings_tab', _('Module settings'));
// BLLIST_FQDN_FILTER
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_fqdn_filter',
_("Enable FQDN filter"));
o.description = _('Exclude domains from blacklist by FQDN filter patterns');
o.rmempty = false;
// BLLIST_FQDN_FILTER_FILE edit dialog
o = s.taboption('parser_settings_tab', form.Button, '_fqdn_filter_btn',
_("FQDN filter"));
o.onclick = () => fqdn_filter_edit.show();
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
// BLLIST_SD_LIMIT
o = s.taboption('parser_settings_tab', form.Value, 'bllist_sd_limit',
_("Subdomains limit"));
o.description = _('The number of subdomains in the domain, upon reaching which the entire 2nd level domain is added to the list');
o.rmempty = false;
o.datatype = 'uinteger';
// BLLIST_GR_EXCLUDED_SLD
o = s.taboption('parser_settings_tab', form.DynamicList, 'bllist_gr_excluded_sld',
_('2nd level domains that are excluded from optimization'));
o.description = _('e.g:') + ' <code>livejournal.com</code>';
o.placeholder = _('e.g:') + ' livejournal.com';
o.datatype = "hostname";
// BLLIST_ENABLE_IDN
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_enable_idn',
_("Convert cyrillic domains to punycode"));
o.rmempty = false;
// BLLIST_ALT_NSLOOKUP
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_alt_nslookup',
_('Use optional DNS resolver'));
o.rmempty = false;
// BLLIST_ALT_DNS_ADDR
o = s.taboption('parser_settings_tab', form.Value, 'bllist_alt_dns_addr',
_("Optional DNS resolver"), '<code>ipaddress[#port]</code>');
o.rmempty = false;
o.validate = this.validateIpPort;
// BLLIST_IP_FILTER
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_ip_filter',
_("Enable IP filter"));
o.description = _('Exclude IP addresses from blacklist by IP filter patterns');
o.rmempty = false;
// BLLIST_IP_FILTER_FILE edit dialog
o = s.taboption('parser_settings_tab', form.Button, '_ip_filter_btn',
_("IP filter"));
o.onclick = () => ip_filter_edit.show();
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
// BLLIST_IP_LIMIT
o = s.taboption('parser_settings_tab', form.Value, 'bllist_ip_limit', _("IP limit"));
o.description = _("The number of IP addresses in the subnet, upon reaching which the entire '/24' subnet is added to the list");
o.rmempty = false;
o.datatype = 'uinteger';
// BLLIST_GR_EXCLUDED_NETS
o = s.taboption('parser_settings_tab', form.DynamicList, 'bllist_gr_excluded_nets');
o.title = _('IP subnet patterns (/24) that are excluded from optimization');
o.description = _('e.g:') + ' <code>192.168.1.</code>';
o.placeholder = _('e.g:') + ' 192.168.1.';
o.validate = (section, value) => {
return (/^$|^([0-9]{1,3}[.]){3}$/.test(value)) ? true : _('Expecting:')
+ ' ' + _('net pattern') + ' (' + _('e.g:') + ' 192.168.3.)\n';
};
// BLLIST_SUMMARIZE_IP
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_summarize_ip',
_("Summarize IP ranges"));
o.rmempty = false;
// BLLIST_SUMMARIZE_CIDR
o = s.taboption('parser_settings_tab', form.Flag, 'bllist_summarize_cidr',
_("Summarize '/24' networks"));
o.rmempty = false;
// BLLIST_GR_EXCLUDED_NETS
o = s.taboption('parser_settings', form.DynamicList, 'bllist_gr_excluded_nets');
o.title = _('IP subnet patterns (/24) that are excluded from optimization');
o.description = _('e.g:') + ' <code>192.168.1.</code>';
o.placeholder = _('e.g:') + ' 192.168.1.';
o.validate = (section, value) => {
return (/^$|^([0-9]{1,3}[.]){3}$/.test(value)) ? true : _('Expecting:')
+ ' ' + _('net pattern') + ' (' + _('e.g:') + ' 192.168.3.)\n';
};
// BLLIST_SUMMARIZE_IP
o = s.taboption('parser_settings', form.Flag, 'bllist_summarize_ip',
_("Summarize IP ranges"));
o.rmempty = false;
// BLLIST_SUMMARIZE_CIDR
o = s.taboption('parser_settings', form.Flag, 'bllist_summarize_cidr',
_("Summarize '/24' networks"));
o.rmempty = false;
// BLLIST_SD_LIMIT
o = s.taboption('parser_settings', form.Value, 'bllist_sd_limit',
_("Subdomains limit"));
o.description = _('The number of subdomains in the domain, upon reaching which the entire 2nd level domain is added to the list');
o.rmempty = false;
o.datatype = 'uinteger';
// BLLIST_GR_EXCLUDED_SLD
o = s.taboption('parser_settings', form.DynamicList, 'bllist_gr_excluded_sld',
_('2nd level domains that are excluded from optimization'));
o.description = _('e.g:') + ' <code>livejournal.com</code>';
o.placeholder = _('e.g:') + ' livejournal.com';
o.datatype = "hostname";
// BLLIST_ENABLE_IDN
o = s.taboption('parser_settings', form.Flag, 'bllist_enable_idn',
_("Convert cyrillic domains to punycode"));
o.rmempty = false;
// BLLIST_ALT_NSLOOKUP
o = s.taboption('parser_settings', form.Flag, 'bllist_alt_nslookup',
_('Use optional DNS resolver'));
o.rmempty = false;
// BLLIST_ALT_DNS_ADDR
o = s.taboption('parser_settings', form.Value, 'bllist_alt_dns_addr',
_("Optional DNS resolver"), '<code>ipaddress[#port]</code>');
o.rmempty = false;
o.validate = this.validateIpPort;
/* Blacklist entry filters tab */
s.tab('entries_filter_tab', _('Blacklist entry filters'));
// BLLIST_IP_FILTER
o = s.taboption('entries_filter_tab', form.Flag, 'bllist_ip_filter',
_("Enable IP filter"));
o.description = _('Exclude IP addresses from blacklist by IP filter patterns');
o.rmempty = false;
// BLLIST_IP_FILTER_FILE edit dialog
o = s.taboption('entries_filter_tab', form.Button, '_ip_filter_btn',
_("IP filter"));
o.onclick = () => ip_filter_edit.show();
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
// BLLIST_FQDN_FILTER
o = s.taboption('entries_filter_tab', form.Flag, 'bllist_fqdn_filter',
_("Enable FQDN filter"));
o.description = _('Exclude domains from blacklist by FQDN filter patterns');
o.rmempty = false;
// BLLIST_FQDN_FILTER_FILE edit dialog
o = s.taboption('entries_filter_tab', form.Button, '_fqdn_filter_btn',
_("FQDN filter"));
o.onclick = () => fqdn_filter_edit.show();
o.inputtitle = _('Edit');
o.inputstyle = 'edit btn';
/* User entries tab */
@@ -314,7 +357,7 @@ return view.extend({
_('Enable'), _("Add user entries to the blacklist when updating"));
o.rmempty = false;
o.default = 0;
this.dependsBllistModule(o);
o.depends({ bllist_preset: '', '!reverse': true });
// USER_ENTRIES_DNS
o = s.taboption('user_entries_tab', form.Value, 'user_entries_dns',
luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/tools.js
+7 -7
View File
@@ -50,13 +50,13 @@ return baseclass.extend({
infoLabelError : '<span class="label-status error">' + _('Error') + '</span>',
blacklistPresets: {
'zapret-info-fqdn': [ 'zapret-info', 'fqdn', 'https://github.com/zapret-info/z-i' ],
'zapret-info-ip' : [ 'zapret-info', 'ip', 'https://github.com/zapret-info/z-i' ],
'rublacklist-fqdn': [ 'rublacklist', 'fqdn', 'https://rublacklist.net' ],
'rublacklist-ip' : [ 'rublacklist', 'ip', 'https://rublacklist.net' ],
'antifilter-ip' : [ 'antifilter', 'ip', 'https://antifilter.download' ],
'ruantiblock-fqdn': [ 'ruantiblock', 'fqdn', 'https://github.com/gSpotx2f/ruantiblock_blacklist' ],
'ruantiblock-ip' : [ 'ruantiblock', 'ip', 'https://github.com/gSpotx2f/ruantiblock_blacklist' ],
'zapret-info-fqdn': [ '*zapret-info', 'fqdn', 'https://github.com/zapret-info/z-i' ],
'zapret-info-ip' : [ '*zapret-info', 'ip', 'https://github.com/zapret-info/z-i' ],
'rublacklist-fqdn': [ '*rublacklist', 'fqdn', 'https://rublacklist.net' ],
'rublacklist-ip' : [ '*rublacklist', 'ip', 'https://rublacklist.net' ],
'antifilter-ip' : [ '*antifilter', 'ip', 'https://antifilter.download' ],
},
callInitStatus: rpc.declare({
@@ -172,8 +172,8 @@ return baseclass.extend({
(app_status_code != 2 && proxy_mode == 2 && vpn_route_status_code != 0)
? '<span class="label-status error">'
+ _('VPN routing error! Need restart') + '</span>' : '',
(proxy_mode == 1) ? 'Tor' : 'VPN',
(!bllist_module || bllist_module === '') ? _('user entries only') :
(proxy_mode == 3) ? _('Transparent proxy') : (proxy_mode == 2) ? 'VPN' : 'Tor',
(!bllist_preset || bllist_preset === '') ? _('user entries only') :
(this.blacklistPresets[bllist_preset]) ?
`<span style="cursor:help; border-bottom:1px dotted" data-tooltip="${this.blacklistPresets[bllist_preset][2]}">
${this.blacklistPresets[bllist_preset][0]}</span> - ${this.blacklistPresets[bllist_preset][1]}`
luci-app-ruantiblock/po/ru/ruantiblock.po
+22 -7
View File
@@ -37,9 +37,6 @@ msgstr "Применить"
msgid "Apply proxy rules to router application traffic"
msgstr "Применять правила прокси к трафику приложений роутера"
msgid "Blacklist entry filters"
msgstr "Фильтры записей блэклиста"
msgid "Blacklist module"
msgstr "Модуль блэклиста"
@@ -230,8 +227,8 @@ msgstr "Фильтр сообщений"
msgid "Minute"
msgstr "Минута"
msgid "Module operation mode"
msgstr "Режим работы модуля"
msgid "Module settings"
msgstr "Настройки модуля"
msgid "Name"
msgstr "Имя"
@@ -321,6 +318,9 @@ msgstr "Сохранить"
msgid "Send UDP traffic to Tor"
msgstr "Отправлять в Tor UDP-трафик"
msgid "Send UDP traffic to transparent proxy"
msgstr "Отправлять в прозрачный прокси UDP-трафик"
msgid "Service"
msgstr "Служба"
@@ -395,8 +395,20 @@ msgstr "Конфигурационный файл Tor"
msgid "Tor mode"
msgstr "Режим Tor"
msgid "Transparent proxy port for iptables rules"
msgstr "Порт прозрачного прокси для правил iptables"
msgid "Transparent proxy"
msgstr "Прозрачный прокси"
msgid "Transparent proxy mode"
msgstr "Режим прозрачного прокси"
msgid "Transparent proxy port"
msgstr "Порт прозрачного прокси"
msgid "Transparent proxy TCP port"
msgstr "TCP порт прозрачного прокси"
msgid "Transparent proxy UDP port"
msgstr "UDP порт прозрачного прокси"
msgid "Type an expression..."
msgstr "Введите выражение..."
@@ -467,6 +479,9 @@ msgstr "шаблон сети"
msgid "none (user entries only)"
msgstr "нет (только записи пользователя)"
msgid "requires installed blacklist module"
msgstr "необходим установленный модуль блэклиста"
msgid "user entries only"
msgstr "только записи пользователя"
luci-app-ruantiblock/po/templates/ruantiblock.pot
+20 -5
View File
@@ -22,9 +22,6 @@ msgstr ""
msgid "Apply proxy rules to router application traffic"
msgstr ""
msgid "Blacklist entry filters"
msgstr ""
msgid "Blacklist module"
msgstr ""
@@ -210,7 +207,7 @@ msgstr ""
msgid "Minute"
msgstr ""
msgid "Module operation mode"
msgid "Module settings"
msgstr ""
msgid "Name"
@@ -292,6 +289,9 @@ msgstr ""
msgid "Send UDP traffic to Tor"
msgstr ""
msgid "Send UDP traffic to transparent proxy"
msgstr ""
msgid "Service"
msgstr ""
@@ -359,7 +359,19 @@ msgstr ""
msgid "Tor mode"
msgstr ""
msgid "Transparent proxy port for iptables rules"
msgid "Transparent proxy"
msgstr ""
msgid "Transparent proxy mode"
msgstr ""
msgid "Transparent proxy port"
msgstr ""
msgid "Transparent proxy TCP port"
msgstr ""
msgid "Transparent proxy UDP port"
msgstr ""
msgid "Type an expression..."
@@ -428,6 +440,9 @@ msgstr ""
msgid "none (user entries only)"
msgstr ""
msgid "requires installed blacklist module"
msgstr ""
msgid "user entries only"
msgstr ""
ruantiblock-mod-lua/Makefile
+3 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock-mod-lua
PKG_VERSION:=0.9.5
PKG_VERSION:=0.9.6
PKG_RELEASE:=0
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
@@ -34,6 +34,8 @@ define Package/$(PKG_NAME)/install
$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_parser.lua $(1)/usr/libexec/ruantiblock/ruab_parser.lua
$(INSTALL_DIR) $(1)/usr/lib/lua
$(INSTALL_DATA) ./files/usr/lib/lua/ruab_sum_ip.lua $(1)/usr/lib/lua/ruab_sum_ip.lua
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_DATA) ./files/etc/uci-defaults/ruantiblock-mod-lua $(1)/etc/uci-defaults/ruantiblock-mod-lua
endef
$(eval $(call BuildPackage,$(PKG_NAME)))
ruantiblock-mod-lua/files/etc/uci-defaults/ruantiblock-mod-lua
+1
View File
@@ -0,0 +1 @@
uci set ruantiblock.config.bllist_module='/usr/libexec/ruantiblock/ruab_parser.lua'; uci commit ruantiblock
ruantiblock-mod-py/Makefile
+3 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock-mod-py
PKG_VERSION:=0.9.5
PKG_VERSION:=0.9.6
PKG_RELEASE:=0
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
@@ -34,6 +34,8 @@ define Package/$(PKG_NAME)/install
$(INSTALL_BIN) ./files/usr/libexec/ruantiblock/ruab_parser.py $(1)/usr/libexec/ruantiblock/ruab_parser.py
$(INSTALL_DIR) $(1)/usr/lib/python3.10
$(INSTALL_DATA) ./files/usr/lib/python3.10/ruab_sum_ip.py $(1)/usr/lib/python3.10/ruab_sum_ip.py
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_DATA) ./files/etc/uci-defaults/ruantiblock-mod-py $(1)/etc/uci-defaults/ruantiblock-mod-py
endef
$(eval $(call BuildPackage,$(PKG_NAME)))
ruantiblock-mod-py/files/etc/uci-defaults/ruantiblock-mod-py
+1
View File
@@ -0,0 +1 @@
uci set ruantiblock.config.bllist_module='/usr/libexec/ruantiblock/ruab_parser.py'; uci commit ruantiblock
ruantiblock/Makefile
+1 -1
View File
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ruantiblock
PKG_VERSION:=0.9.5
PKG_VERSION:=0.9.6
PKG_RELEASE:=0
PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
ruantiblock/files/etc/config/ruantiblock
+4 -2
View File
@@ -6,11 +6,13 @@ config main 'config'
option allowed_hosts_mode '0'
option if_vpn 'tun0'
option tor_trans_port '9040'
option tor_allow_udp '1'
option tor_allow_udp '0'
option onion_dns_addr '127.0.0.1#9053'
option t_proxy_port_tcp '1100'
option t_proxy_port_udp '1100'
option t_proxy_allow_udp '0'
option add_user_entries '0'
option enable_logging '1'
option bllist_preset 'ruantiblock-fqdn'
option bllist_ip_limit '0'
option bllist_summarize_ip '1'
option bllist_summarize_cidr '1'
ruantiblock/files/etc/ruantiblock/ruantiblock.conf
+14 -8
View File
@@ -12,7 +12,7 @@ DNSMASQ_RESTART_CMD="/etc/init.d/dnsmasq restart"
### Директория для html-страницы статуса (не используется в OpenWrt)
HTML_DIR="/www"
### Режим обработки пакетов в правилах iptables (1 - Tor, 2 - VPN)
### Режим обработки пакетов в правилах iptables (1 - Tor, 2 - VPN, 3 - Прозрачный прокси)
PROXY_MODE=1
### Применять правила проксификации для трафика локальных сервисов роутера (0 - off, 1 - on)
PROXY_LOCAL_CLIENTS=1
@@ -24,12 +24,20 @@ export ALLOWED_HOSTS_MODE=0
export ALLOWED_HOSTS_LIST=""
### VPN интерфейс для правил маршрутизации
IF_VPN="tun0"
### Порт транспарентного proxy Tor (параметр TransPort в torrc)
### Порт прозрачного прокси Tor (параметр TransPort в torrc)
TOR_TRANS_PORT=9040
### Отправлять в Tor UDP-трафик
TOR_ALLOW_UDP=1
### Отправлять в Tor UDP-трафик (0 - off, 1 - on)
TOR_ALLOW_UDP=0
### DNS-сервер для резолвинга в домене .onion (Tor)
ONION_DNS_ADDR="127.0.0.1#9053"
### --set-mark для отбора пакетов в VPN туннель
VPN_PKTS_MARK=8
### TCP порт прокси в режиме прозрачного прокси
T_PROXY_PORT_TCP=1100
### UDP порт прокси в режиме прозрачного прокси
T_PROXY_PORT_UDP=1100
### Отправлять в прозрачный прокси UDP-трафик (0 - off, 1 - on)
T_PROXY_ALLOW_UDP=0
### Добавление в список блокировок пользовательских записей из файла $USER_ENTRIES_FILE (0 - off, 1 - on)
### В $DATA_DIR можно создать текстовый файл user_entries с записями IP, CIDR или FQDN (одна на строку). Эти записи будут добавлены в список блокировок
### В записях FQDN можно задать DNS-сервер для разрешения данного домена, через пробел (прим.: domain.com 8.8.8.8)
@@ -43,8 +51,6 @@ USER_ENTRIES_FILE="/etc/ruantiblock/user_entries"
ENABLE_LOGGING=1
### Html-страница с инфо о текущем статусе (0 - off, 1 - on) (не используется в OpenWrt)
ENABLE_HTML_INFO=0
### --set-mark для отбора пакетов в VPN туннель
VPN_PKTS_MARK=8
### Максимальное кол-во элементов списка ipset
IPSET_MAXELEM=2000000
### Таймаут для записей в сете $IPSET_DNSMASQ
@@ -60,8 +66,8 @@ BLLIST_MODULE=""
### Настройки модулей-парсеров ###
### Режим обхода блокировок: zapret-info-ip, zapret-info-fqdn, rublacklist-ip, rublacklist-fqdn, antifilter-ip, ruantiblock-ip, ruantiblock-fqdn
BLLIST_PRESET="zapret-info-fqdn"
### Режим обхода блокировок: ruantiblock-ip, ruantiblock-fqdn, zapret-info-ip, zapret-info-fqdn, rublacklist-ip, rublacklist-fqdn, antifilter-ip
BLLIST_PRESET=""
### В случае если из источника получено менее указанного кол-ва записей, то обновления списков не происходит
BLLIST_MIN_ENTRIES=30000
### Лимит ip адресов. При достижении, в конфиг ipset будет добавлена вся подсеть /24 вместо множества ip-адресов пренадлежащих этой сети (0 - off)
ruantiblock/files/etc/ruantiblock/scripts/config_script
+1 -1
View File
@@ -1,6 +1,6 @@
AWK_CMD="awk"
UCI_SECTION="ruantiblock.config"
UCI_VARS="proxy_mode proxy_local_clients ipset_clear_sets allowed_hosts_mode allowed_hosts_list if_vpn tor_trans_port tor_allow_udp onion_dns_addr add_user_entries user_entries_dns enable_logging bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
UCI_VARS="proxy_mode proxy_local_clients ipset_clear_sets allowed_hosts_mode allowed_hosts_list if_vpn tor_trans_port tor_allow_udp onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
eval `uci show "$UCI_SECTION" | $AWK_CMD -F "=" -v UCI_VARS="$UCI_VARS" '
BEGIN {
ruantiblock/files/etc/ruantiblock/scripts/ipt_functions
+6
View File
@@ -77,6 +77,12 @@ IptMainAdd() {
if [ "$PROXY_MODE" = "2" ]; then
IptCmdWrapper $IPT_CMD -t "$IPT_TABLE" -A "$IPT_ACTION_CHAIN" -j MARK --set-mark $VPN_PKTS_MARK
IPT_IPSETS="${IPSET_CIDR} ${IPSET_IP} ${IPSET_DNSMASQ}"
elif [ "$PROXY_MODE" = "3" ]; then
IptCmdWrapper $IPT_CMD -t "$IPT_TABLE" -A "$IPT_ACTION_CHAIN" -p tcp -j REDIRECT --to-ports ${T_PROXY_PORT_TCP}
if [ "$T_PROXY_ALLOW_UDP" = "1" ]; then
IptCmdWrapper $IPT_CMD -t "$IPT_TABLE" -A "$IPT_ACTION_CHAIN" -p udp -j REDIRECT --to-ports ${T_PROXY_PORT_UDP}
fi
IPT_IPSETS="${IPSET_CIDR} ${IPSET_IP} ${IPSET_DNSMASQ}"
else
IptCmdWrapper $IPT_CMD -t "$IPT_TABLE" -A "$IPT_ACTION_CHAIN" -p tcp -j REDIRECT --to-ports ${TOR_TRANS_PORT}
if [ "$TOR_ALLOW_UDP" = "1" ]; then
ruantiblock/files/usr/bin/ruantiblock
+99 -50
View File
@@ -26,7 +26,7 @@ export HTML_DIR="/www"
########################## Default Settings ############################
### Режим обработки пакетов в правилах iptables (1 - Tor, 2 - VPN)
### Режим обработки пакетов в правилах iptables (1 - Tor, 2 - VPN, 3 - Прозрачный прокси)
export PROXY_MODE=1
### Применять правила проксификации для трафика локальных сервисов роутера (0 - off, 1 - on)
export PROXY_LOCAL_CLIENTS=1
@@ -38,12 +38,20 @@ export ALLOWED_HOSTS_MODE=0
export ALLOWED_HOSTS_LIST=""
### VPN интерфейс для правил маршрутизации
export IF_VPN="tun0"
### Порт транспарентного proxy Tor (параметр TransPort в torrc)
### Порт прозрачного прокси Tor (параметр TransPort в torrc)
export TOR_TRANS_PORT=9040
### Отправлять в Tor UDP-трафик
export TOR_ALLOW_UDP=1
### Отправлять в Tor UDP-трафик (0 - off, 1 - on)
export TOR_ALLOW_UDP=0
### DNS-сервер для резолвинга в домене .onion (Tor)
export ONION_DNS_ADDR="127.0.0.1#9053"
### --set-mark для отбора пакетов в VPN туннель
export VPN_PKTS_MARK=8
### TCP порт прокси в режиме прозрачного прокси
export T_PROXY_PORT_TCP=1100
### UDP порт прокси в режиме прозрачного прокси
export T_PROXY_PORT_UDP=1100
### Отправлять в прозрачный прокси UDP-трафик (0 - off, 1 - on)
export T_PROXY_ALLOW_UDP=0
### Добавление в список блокировок пользовательских записей из файла $USER_ENTRIES_FILE (0 - off, 1 - on)
### В $DATA_DIR можно создать текстовый файл user_entries с записями IP, CIDR или FQDN (одна на строку). Эти записи будут добавлены в список блокировок
### В записях FQDN можно задать DNS-сервер для разрешения данного домена, через пробел (прим.: domain.com 8.8.8.8)
@@ -57,8 +65,6 @@ export USER_ENTRIES_FILE="${CONFIG_DIR}/user_entries"
export ENABLE_LOGGING=1
### Html-страница с инфо о текущем статусе (0 - off, 1 - on) (не используется в OpenWrt)
export ENABLE_HTML_INFO=0
### --set-mark для отбора пакетов в VPN туннель
export VPN_PKTS_MARK=8
### Максимальное кол-во элементов списка ipset
export IPSET_MAXELEM=2000000
### Таймаут для записей в сете $IPSET_DNSMASQ
@@ -74,8 +80,8 @@ export BLLIST_MODULE=""
##############################
### Режим обхода блокировок: zapret-info-fqdn, zapret-info-ip, rublacklist-fqdn, rublacklist-ip, antifilter-ip, ruantiblock-fqdn, ruantiblock-ip
export BLLIST_PRESET="zapret-info-fqdn"
### Режим обхода блокировок: ruantiblock-fqdn, ruantiblock-ip, zapret-info-fqdn, zapret-info-ip, rublacklist-fqdn, rublacklist-ip, antifilter-ip
export BLLIST_PRESET=""
### В случае если из источника получено менее указанного кол-ва записей, то обновления списков не происходит
export BLLIST_MIN_ENTRIES=30000
### Лимит IP адресов. При достижении, в конфиг ipset будет добавлена вся подсеть /24 вместо множества IP адресов пренадлежащих этой сети (0 - off)
@@ -138,40 +144,7 @@ STOP_SCRIPT="${CONFIG_DIR}/scripts/stop_script"
### Config script
[ -f "$CONFIG_SCRIPT" ] && . "$CONFIG_SCRIPT"
### Blacklist source and mode
case "$BLLIST_PRESET" in
zapret-info-ip)
### Источник для обновления списка блокировок (zapret-info, rublacklist, antifilter, ruantiblock)
export BLLIST_SOURCE="zapret-info"
### Режим обхода блокировок: ip, fqdn
export BLLIST_MODE="ip"
;;
rublacklist-ip)
export BLLIST_SOURCE="rublacklist"
export BLLIST_MODE="ip"
;;
rublacklist-fqdn)
export BLLIST_SOURCE="rublacklist"
export BLLIST_MODE="fqdn"
;;
antifilter-ip)
export BLLIST_SOURCE="antifilter"
export BLLIST_MODE="ip"
;;
ruantiblock-ip)
export BLLIST_SOURCE="ruantiblock"
export BLLIST_MODE="ip"
;;
ruantiblock-fqdn)
export BLLIST_SOURCE="ruantiblock"
export BLLIST_MODE="fqdn"
;;
*)
export BLLIST_SOURCE="zapret-info"
export BLLIST_MODE="fqdn"
;;
esac
### Utilities
AWK_CMD="awk"
IPSET_CMD=`which ipset`
if [ $? -ne 0 ]; then
@@ -184,7 +157,15 @@ if [ $ENABLE_LOGGING = "1" -a $? -ne 0 ]; then
ENABLE_LOGGING=0
fi
LOGGER_PARAMS="-t `basename $0`"
WGET_CMD=`which wget`
if [ $? -ne 0 ]; then
echo " Error! Wget doesn't exists" >&2
exit 1
fi
WGET_PARAMS="--no-check-certificate -q -O"
export IP_DATA_FILE="${DATA_DIR}/${NAME}.ip"
export IPSET_ALLOWED_HOSTS="r_allowed_ip"
export IPSET_ONION="r_onion"
export IPSET_CIDR="rc"
@@ -192,6 +173,7 @@ export IPSET_CIDR_TMP="${IPSET_CIDR}t"
export IPSET_IP="ri"
export IPSET_IP_TMP="${IPSET_IP}t"
export IPSET_DNSMASQ="rd"
export UPDATE_STATUS_FILE="${DATA_DIR}/update_status"
UPDATE_PID_FILE="/var/run/${NAME}_update.pid"
START_PID_FILE="/var/run/${NAME}_start.pid"
@@ -213,7 +195,7 @@ fi
Help() {
cat << EOF
Usage: `basename $0` start|force-start|stop|destroy|restart|update|force-update|data-files|status|status-html|help
Usage: `basename $0` start|force-start|stop|destroy|restart|update|force-update|data-files|status|raw-status|html-info|help
start : Start
force-start : Removing the pid-file before running
stop : Stop
@@ -241,6 +223,29 @@ cat << EOF
EOF
}
Download() {
$WGET_CMD $WGET_PARAMS "$1" "$2"
if [ $? -ne 0 ]; then
echo "Connection error (${2})" >&2
return 1
fi
}
DownloadRuabBlacklist() {
case "$1" in
"ip")
Download "$IP_DATA_FILE" "$RA_IP_IPSET_URL" && Download "$DNSMASQ_DATA_FILE" "$RA_IP_DMASK_URL" && Download "$UPDATE_STATUS_FILE" "$RA_IP_STAT_URL"
;;
"fqdn")
Download "$DNSMASQ_DATA_FILE" "$RA_FQDN_DMASK_URL" && Download "$IP_DATA_FILE" "$RA_FQDN_IPSET_URL" && Download "$UPDATE_STATUS_FILE" "$RA_FQDN_STAT_URL"
;;
*)
echo "Blacklist configuration error (${1})" >&2
exit 1
;;
esac
}
MakeLogRecord() {
if [ $ENABLE_LOGGING = "1" ]; then
$LOGGER_CMD $LOGGER_PARAMS -p "user.${1}" "$2"
@@ -406,14 +411,14 @@ GetDataFiles() {
local _return_code=1 _attempt=1 _update_string
PreStartCheck
echo "$$" > "$UPDATE_PID_FILE"
if [ -n "$BLLIST_MODULE" ]; then
if [ -n "$BLLIST_PRESET" -a -n "$BLLIST_MODULE" ]; then
while :
do
$BLLIST_MODULE
_return_code=$?
[ $_return_code -eq 0 ] && break
### STDOUT
echo " Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]"
echo " Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]" >&2
MakeLogRecord "err" "Module run attempt ${_attempt}: failed [${BLLIST_MODULE}]"
_attempt=`expr $_attempt + 1`
[ $_attempt -gt $MODULE_RUN_ATTEMPTS ] && break
@@ -430,13 +435,17 @@ GetDataFiles() {
MakeLogRecord "notice" "${_update_string}"
printf " `date +%d.%m.%Y-%H:%M`\n" >> "$UPDATE_STATUS_FILE"
fi
else
elif [ -z "$BLLIST_PRESET" -a -z "$BLLIST_MODULE" ]; then
ClearDataFiles
ADD_USER_ENTRIES=1
AddUserEntries
_return_code=0
else
_return_code=2
rm -f "$UPDATE_PID_FILE"
return $_return_code
fi
if [ "$PROXY_MODE" = "2" ]; then
if [ "$PROXY_MODE" = "2" -o "$PROXY_MODE" = "3" ]; then
printf "\n" >> "$DNSMASQ_DATA_FILE"
else
### Запись для .onion в $DNSMASQ_DATA_FILE
@@ -476,8 +485,8 @@ Update() {
MakeLogRecord "notice" "Blacklist updated"
;;
2)
echo " Error! Blacklist update error" >&2
MakeLogRecord "err" "Error! Blacklist update error"
echo " Blacklist update error!" >&2
MakeLogRecord "err" "Blacklist update error!"
_return_code=1
;;
*)
@@ -561,7 +570,7 @@ Reload() {
Status() {
local _set
if CheckStatus; then
printf "\n \033[1m${NAME} status\033[m: \033[1;32mEnabled\033[m\n\n PROXY_MODE: ${PROXY_MODE}\n PROXY_LOCAL_CLIENTS: ${PROXY_LOCAL_CLIENTS}\n BLLIST_MODULE: ${BLLIST_MODULE}\n"
printf "\n \033[1m${NAME} status\033[m: \033[1;32mEnabled\033[m\n\n PROXY_MODE: ${PROXY_MODE}\n PROXY_LOCAL_CLIENTS: ${PROXY_LOCAL_CLIENTS}\n BLLIST_PRESET: ${BLLIST_PRESET}\n BLLIST_MODULE: ${BLLIST_MODULE}\n"
if [ -f "$UPDATE_STATUS_FILE" ]; then
$AWK_CMD '{
update_string=(NF < 4) ? "No data" : $4" (CIDR: "$1" | IP: "$2" | FQDN: "$3")";
@@ -605,6 +614,46 @@ StatusOutput() {
############################ Main section ##############################
### Blacklist source and mode
case "$BLLIST_PRESET" in
zapret-info-ip)
### Источник для обновления списка блокировок (zapret-info, rublacklist, antifilter, ruantiblock)
export BLLIST_SOURCE="zapret-info"
### Режим обхода блокировок: ip, fqdn
export BLLIST_MODE="ip"
;;
zapret-info-fqdn)
export BLLIST_SOURCE="zapret-info"
export BLLIST_MODE="fqdn"
;;
rublacklist-ip)
export BLLIST_SOURCE="rublacklist"
export BLLIST_MODE="ip"
;;
rublacklist-fqdn)
export BLLIST_SOURCE="rublacklist"
export BLLIST_MODE="fqdn"
;;
antifilter-ip)
export BLLIST_SOURCE="antifilter"
export BLLIST_MODE="ip"
;;
ruantiblock-ip)
export BLLIST_SOURCE="ruantiblock"
export BLLIST_MODE="ip"
BLLIST_MODULE="DownloadRuabBlacklist $BLLIST_MODE"
;;
ruantiblock-fqdn)
export BLLIST_SOURCE="ruantiblock"
export BLLIST_MODE="fqdn"
BLLIST_MODULE="DownloadRuabBlacklist $BLLIST_MODE"
;;
*)
export BLLIST_SOURCE=""
export BLLIST_MODE=""
;;
esac
return_code=1
case "$1" in
start|force-start)
screenshots/01.jpg
BIN
View File
Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 114 KiB

After

Width:  |  Height:  |  Size: 72 KiB

screenshots/02.jpg
BIN
View File
Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 149 KiB

After

Width:  |  Height:  |  Size: 104 KiB

screenshots/03.jpg
BIN
View File
Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 124 KiB

After

Width:  |  Height:  |  Size: 80 KiB

screenshots/04.jpg
BIN
View File
Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 285 KiB

After

Width:  |  Height:  |  Size: 173 KiB