update 2024-06-07 14:14:40

2025-01-07 07:06:58 +08:00 · 2024-06-07 14:14:40 +08:00 · 2024-06-07 14:14:40 +08:00 · f73b47c646
commit f73b47c646
parent 62ea9386e7
8 changed files with 200 additions and 83 deletions
--- a/luci-app-rtbwmon/Makefile
+++ b/luci-app-rtbwmon/Makefile
@ -2,7 +2,7 @@
 include $(TOPDIR)/rules.mk
-PKG_VERSION:=1.0.3-1
+PKG_VERSION:=1.0.4-1
 PKG_RELEASE:=
 PKG_MAINTAINER:=jjm2473 <jjm2473@gmail.com>
--- a/luci-app-rtbwmon/htdocs/luci-static/rtbwmon/rtbwmon.js
+++ b/luci-app-rtbwmon/htdocs/luci-static/rtbwmon/rtbwmon.js
@ -511,6 +511,17 @@
            let iface_select = document.getElementById('iface_select');
            let selected = iface_select.value;
            let ifaces = responseText.trimEnd().split('\n').filter(line=>line).map(iface=>{
                let priority = 0;
                switch (iface) {
                    case "br-lan":
                        priority = -2;
                        break;
                    case "docker0":
                        priority = -1;
                        break;
                }
                return {iface:iface, priority:priority};
            }).sort((a,b)=>a.priority-b.priority).map(o=>o.iface).map(iface=>{
                let option = document.createElement('option');
                option.value = iface;
                option.innerHTML = iface;
--- a/luci-app-rtbwmon/root/usr/libexec/rtbwmon.sh
+++ b/luci-app-rtbwmon/root/usr/libexec/rtbwmon.sh
@ -29,7 +29,7 @@ lookup() {
 }
 get_wan_iface() {
-    tail -n +2 /proc/net/route | sed -n -e 's/^\([^\t]\+\)\t00000000\t[^\t]\+\t[^\t]\+\t[^\t]\+\t[^\t]\+\t[^\t]\+\t00000000\t.*$/\1/p'
+    tail -n +2 /proc/net/route | sed -n -e 's/^\([^\t]\+\)\t00000000\t[^\t]\+\t[^\t]\+\t[^\t]\+\t[^\t]\+\t[^\t]\+\t00000000\t.*$/\1/p' | head -1
 }
 get_arp_excluded() {
@ -38,7 +38,7 @@ get_arp_excluded() {
 enforce_wan_iface() {
    local INTERFACE="$1"
-    [[ "$INTERFACE" = "br-lan" ]] && INTERFACE=`uci show network.wan | grep -E 'network\.wan\.(device|ifname)' | sed -n -e "1s/network\\.wan\\.[^=]\\+='\\([^']\\+\\)'\$/\\1/p"`
+    [[ "$INTERFACE" = "br-lan" ]] && INTERFACE=`uci show network.wan | grep -E 'network\.wan\.(device|ifname)=' | sed -n -e "1s/network\\.wan\\.[^=]\\+='\\([^']\\+\\)'\$/\\1/p"`
    [ -z "$INTERFACE" ] && INTERFACE="/"
    echo "$INTERFACE"
 }
@ -175,7 +175,7 @@ show_ifaces() {
    local WAN_INTERFACE=`get_wan_iface`
    [ -z "$WAN_INTERFACE" ] && return 1
    WAN_INTERFACE="$(enforce_wan_iface "$WAN_INTERFACE")"
-    ip addr show scope global up | grep '^ \+inet ' | sed -n -e 's/^.* \([^ ]\+\)$/\1/p' | grep -Fv "$WAN_INTERFACE" | sort -u
+    ip addr show scope global up | grep '^ \+inet ' | sed -n -e 's/^.* \([^ ]\+\)$/\1/p' | grep -Fxv "$WAN_INTERFACE" | sort -u
 }
 prerm() {
--- a/natflow/Makefile
+++ b/natflow/Makefile
@ -99,6 +99,8 @@ define Package/natflow-auth/install
 	$(INSTALL_DATA) ./files/20-natflow-zone.hotplug $(1)/etc/hotplug.d/iface/20-natflow-zone
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) ./files/urllogger-ctl.sh $(1)/usr/sbin/urllogger-ctl
 	$(INSTALL_BIN) ./files/natflow-hostacl.init $(1)/etc/init.d/natflow-hostacl
 	$(INSTALL_DATA) ./files/hostacl.config $(1)/etc/config/hostacl
 endef
 $(eval $(call KernelPackage,natflow))
--- a/natflow/files/hostacl.config
+++ b/natflow/files/hostacl.config
@ -0,0 +1,29 @@
 config main
 	option enabled '0'
 config rule
        list host "baidu.com" #baidu.com and ALL *.baidu.com
        list host "www.qq.com" #www.qq.com and ALL *.www.qq.com
        option action "reset"
        option disabled '1'
        list ip '192.168.15.100'
 	list ipv6 'fd57:538a:7ca5::/64'
        list mac 'aa:bb:cc:11:22:33'
 config rule
        list host "google.com" #google.com and ALL *.google.com
        list host "v.qq.com"
        option action "drop"
        option disabled '1'
        list ip '192.168.15.200,192.168.15.250-192.168.15.254'
 config rule
        list host "1.2.3.4" #HTTP ip access
        option action "reset"
        option disabled '1'
        option mac 'aa:bb:cc:11:22:33,aa:bb:cc:11:22:44,aa:bb:cc:11:22:55'
 config rule
        list host "cn" #cn and ALL .cn domains
        option action 'record'
        option disabled "1"
--- a/natflow/files/natflow-hostacl.init
+++ b/natflow/files/natflow-hostacl.init
@ -0,0 +1,101 @@
 #!/bin/sh /etc/rc.common
 # Copyright (C) 2018-2024 X-WRT
 START=95
 IPOPS="lua /usr/lib/lua/ipops.lua"
 test -e /usr/share/natflow/ipops.lua && IPOPS="lua /usr/share/natflow/ipops.lua"
 stop()
 {
 	test -c /dev/hostacl_ctl || return 0
 	echo clear >/dev/hostacl_ctl
 	for i in $(seq 0 31); do
 		ipset destroy host_acl_rule${i}_mac 2>/dev/null
 		ipset destroy host_acl_rule${i}_ipv4 2>/dev/null
 		ipset destroy host_acl_rule${i}_ipv6 2>/dev/null
 	done
 }
 # ipset_add ipsetname net
 ipv4set_add()
 {
 	local ipsetname=$1
 	local net=$2
 	#hack for 0.0.0.0/0
 	[ "$net" = "0.0.0.0/0" ] && net="0.0.0.0/1 128.0.0.0/1"
 	for n in $net; do
 		ipset add $ipsetname $n
 	done
 }
 start()
 {
 	test -c /dev/hostacl_ctl || return 0
 	stop
 	enabled=$(uci get hostacl.@main[0].enabled 2>/dev/null || echo 0)
 	[ $enabled = "0" ] && return 0
 	idx=0
 	while uci get hostacl.@rule[$idx] &>/dev/null; do
 		disabled=$(uci get hostacl.@rule[$idx].disabled 2>/dev/null || echo 0)
 		if [ "$disabled" = "1" ]; then
 			idx=$((idx+1))
 			continue
 		fi
 		ip=$(uci get hostacl.@rule[$idx].ip 2>/dev/null)
 		ip=$($IPOPS netStrings2ipcidrStrings "$ip")
 		if [ "$(echo $ip | sed 's/,/ /g' | wc -w)" -gt 1 ]; then
 			ipset create host_acl_rule${idx}_ipv4 hash:net family inet 2>/dev/null
 			ipset flush host_acl_rule${idx}_ipv4
 			for net in $(echo $ip | sed 's/,/ /g'); do
 				ipv4set_add host_acl_rule${idx}_ipv4 $net
 			done
 		fi
 		ipv6=$(uci get hostacl.@rule[$idx].ipv6 2>/dev/null)
 		if test -n "$ipv6"; then
 			ipset create host_acl_rule${idx}_ipv6 hash:net family inet6 2>/dev/null
 			ipset flush host_acl_rule${idx}_ipv6
 			for net in $(echo $ipv6 | sed "s/,/ /g;s/'/ /g"); do
 				ipset add host_acl_rule${idx}_ipv6 $net
 			done
 		fi
 		mac=$(uci get hostacl.@rule[$idx].mac 2>/dev/null)
 		if test -n "$mac"; then
 			ipset create host_acl_rule${idx}_mac hash:mac 2>/dev/null
 			ipset flush host_acl_rule${idx}_mac
 			for net in $(echo $mac | sed "s/,/ /g;s/'/ /g"); do
 				ipset add host_acl_rule${idx}_mac $net
 			done
 		fi
 		action=$(uci get hostacl.@rule[$idx].action 2>/dev/null)
 		if [ "$action" = "record" ]; then
 			action=0
 		elif [ "$action" = "drop" ]; then
 			action=1
 		elif [ "$action" = "reset" ]; then
 			action=2
 		elif [ "$action" = "redirect" ]; then
 			action=3
 		else
 			action=0
 		fi
 		host=$(uci get hostacl.@rule[$idx].host 2>/dev/null)
 		host=$(echo $host | sed "s/,/ /g;s/'/ /g")
 		for HOST in $host; do
 			echo add acl=${idx},${action},$HOST >/dev/hostacl_ctl
 		done
 		idx=$((idx+1))
 	done
 }
 restart()
 {
 	start
 }
--- a/natflow/files/natflow.config
+++ b/natflow/files/natflow.config
@ -46,29 +46,3 @@ config qos_simple "simple1"
 	option rx_rate '10Mbps'
 	option tx_rate '5Mbps'
 	option disabled '1'
 config hostacl
 	list host "baidu.com" #baidu.com and ALL *.baidu.com
 	list host "www.qq.com" #www.qq.com and ALL *.www.qq.com
 	option action "reset"
 	option disabled '1'
 	list ip '192.168.15.100'
 	list mac 'aa:bb:cc:11:22:33'
 config hostacl
 	list host "google.com" #google.com and ALL *.google.com
 	list host "v.qq.com"
 	option action "drop"
 	option disabled '1'
 	list ip '192.168.15.200,192.168.15.250-192.168.15.254'
 config hostacl
 	list host "1.2.3.4" #HTTP ip access
 	option action "reset"
 	option disabled '1'
 	option mac 'aa:bb:cc:11:22:33,aa:bb:cc:11:22:44,aa:bb:cc:11:22:55'
 config hostacl
 	list host "cn" #cn and ALL .cn domains
 	option action 'record'
 	option disabled "1"
--- a/sing-box/files/sing-box.init
+++ b/sing-box/files/sing-box.init
@ -1,54 +1,54 @@
-#!/bin/sh /etc/rc.common
+#!/bin/sh /etc/rc.common
-#
+#
-# Copyright (C) 2022 by nekohasekai <contact-sagernet@sekai.icu>
+# Copyright (C) 2022 by nekohasekai <contact-sagernet@sekai.icu>
-# 
+# 
-# This program is free software: you can redistribute it and/or modify
+# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
+# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
+# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
+# (at your option) any later version.
-# 
+# 
-# This program is distributed in the hope that it will be useful,
+# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
+# GNU General Public License for more details.
-# 
+# 
-# You should have received a copy of the GNU General Public License
+# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
+#
-
+
-START=99
+START=99
-USE_PROCD=1
+USE_PROCD=1
-
+
-#####  ONLY CHANGE THIS BLOCK  ######
+#####  ONLY CHANGE THIS BLOCK  ######
-PROG=/usr/bin/sing-box # where is sing-box
+PROG=/usr/bin/sing-box # where is sing-box
-RES_DIR=/etc/sing-box/ # resource dir / working dir / the dir where you store ip/domain lists
+RES_DIR=/etc/sing-box/ # resource dir / working dir / the dir where you store ip/domain lists
-CONF=./config.json   # where is the config file, it can be a relative path to $RES_DIR
+CONF=./config.json   # where is the config file, it can be a relative path to $RES_DIR
-#####  ONLY CHANGE THIS BLOCK  ######
+#####  ONLY CHANGE THIS BLOCK  ######
-
+
-start_service() {
+start_service() {
-  procd_open_instance
+  procd_open_instance
-  procd_set_param command $PROG run -D $RES_DIR -c $CONF
+  procd_set_param command $PROG run -D $RES_DIR -c $CONF
-
+
-  procd_set_param user root
+  procd_set_param user root
-  procd_set_param limits core="unlimited"
+  procd_set_param limits core="unlimited"
-  procd_set_param limits nofile="1000000 1000000"
+  procd_set_param limits nofile="1000000 1000000"
-  procd_set_param stdout 1
+  procd_set_param stdout 1
-  procd_set_param stderr 1
+  procd_set_param stderr 1
-  procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
+  procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
-  procd_close_instance
+  procd_close_instance
-  iptables -I FORWARD -o tun+ -j ACCEPT
+  iptables -I FORWARD -o tun+ -j ACCEPT
-  echo "sing-box is started!"
+  echo "sing-box is started!"
-}
+}
-
+
-stop_service() {
+stop_service() {
-  service_stop $PROG
+  service_stop $PROG
-  iptables -D FORWARD -o tun+ -j ACCEPT
+  iptables -D FORWARD -o tun+ -j ACCEPT
-  echo "sing-box is stopped!"
+  echo "sing-box is stopped!"
-}
+}
-
+
-reload_service() {
+reload_service() {
-  stop
+  stop
-  sleep 2s
+  sleep 2s
-  echo "sing-box is restarted!"
+  echo "sing-box is restarted!"
-  start
+  start
 }