🎉 Sync 2024-03-29 15:28:25

2025-01-09 09:47:28 +08:00 · 2024-03-29 15:28:25 +08:00 · 2024-03-29 15:28:25 +08:00 · d4c3a471c5
commit d4c3a471c5
parent 851ed523f0
5 changed files with 108 additions and 42 deletions
--- a/fullconenat/Makefile
+++ b/fullconenat/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=fullconenat
-PKG_RELEASE:=23
+PKG_RELEASE:=24

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/llccd/netfilter-full-cone-nat.git
--- a/fullconenat/patches/001-linux-6.1-support.patch
+++ b/fullconenat/patches/001-linux-6.1-support.patch
@ -1,26 +0,0 @@
--- a/xt_FULLCONENAT.c
-+++ b/xt_FULLCONENAT.c
-@@ -325,7 +325,11 @@
-     /* for now we do the same thing for both --random and --random-fully */
- 
-     /* select a random starting point */
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
-+    start = (uint16_t)(get_random_u32() % (u32)range_size);
-+#else
-     start = (uint16_t)(prandom_u32() % (u32)range_size);
-+#endif
-   } else {
- 
-     if ((original_port >= min && original_port <= min + range_size - 1)
-@@ -995,7 +999,11 @@
-     /* for now we do the same thing for both --random and --random-fully */
- 
-     /* select a random starting point */
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
-+    start = (uint16_t)(get_random_u32() % (u32)range_size);
-+#else
-     start = (uint16_t)(prandom_u32() % (u32)range_size);
-+#endif
-   } else {
- 
-     if ((original_port >= min && original_port <= min + range_size - 1)
--- a/microsocks/Makefile
+++ b/microsocks/Makefile
@ -1,43 +1,47 @@
-# SPDX-License-Identifier: GPL-3.0-only
-#
-# Copyright (C) 2021 ImmortalWrt.org
-
 include $(TOPDIR)/rules.mk

 PKG_NAME:=microsocks
 PKG_VERSION:=1.0.4
-PKG_RELEASE:=91
+PKG_RELEASE:=92

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/rofl0r/microsocks/tar.gz/v$(PKG_VERSION)?
 PKG_HASH:=skip

+PKG_MAINTAINER:=Mateusz Korniak <matkorgithubcom@ant.gliwice.pl>
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=lean

-PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
+PKG_BUILD_FLAGS:=lto

 include $(INCLUDE_DIR)/package.mk

 define Package/microsocks
  SECTION:=net
-  CATEGORY:=Network
  SUBMENU:=Web Servers/Proxies
-  TITLE:=Tiny, portable SOCKS5 server
-  URL:=https://github.com/rofl0r/microsocks
-  DEPENDS:=+libpthread
+  CATEGORY:=Network
+  TITLE:=SOCKS5 TCP/IP only proxy
 endef

 define Package/microsocks/description
-  A SOCKS5 service that you can run on your remote boxes to tunnel connections
-  through them, if for some reason SSH doesn't cut it for you.
+  Low resource SOCKS5 proxy.
+  Supports only SOCKS5 protocol and forwarding only TCP/IP connections.
 endef

+define Package/microsocks/conffiles
+/etc/config/microsocks
+endef
+
+TARGET_LDFLAGS+= -Wl,--gc-sections,--as-needed
+
 define Package/microsocks/install
 	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/bin/microsocks $(1)/usr/bin/microsocks
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/microsocks $(1)/usr/bin
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/microsocks.config $(1)/etc/config/microsocks
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/microsocks.init $(1)/etc/init.d/microsocks
 endef

 $(eval $(call BuildPackage,microsocks))
--- a/microsocks/files/microsocks.config
+++ b/microsocks/files/microsocks.config
@ -0,0 +1,14 @@
+
+config microsocks 'config'
+	option enabled '0'
+	option bindaddr ''
+	option listenip '::'
+	option port '1080'
+	option user ''
+	option password ''
+	# Boolean, must be used together with user/pass
+	option auth_once '0'
+	# Boolean, auto setup firewall rule so you can access it from Internet
+	option internet_access '0'
+	option quiet '1'
+
--- a/microsocks/files/microsocks.init
+++ b/microsocks/files/microsocks.init
@ -0,0 +1,74 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=95
+
+CONF="microsocks"
+
+start_service() {
+	config_load "$CONF"
+
+	local _enabled
+	config_get_bool _enabled "config" "enabled" "0"
+	[ "$_enabled" -eq "1" ] || return 1
+
+	local _port _listenip _bindaddr
+	local _user _password
+	local _auth_once _internet_access
+	local _quiet
+
+	config_get _port "config" "port"
+	config_get _listenip "config" "listenip"
+	config_get _bindaddr "config" "bindaddr"
+	config_get _user "config" "user"
+	config_get _password "config" "password"
+	config_get_bool _auth_once "config" "auth_once" 0
+	config_get_bool _internet_access "config" "internet_access" 0
+	config_get_bool _quiet "config" "quiet" 0
+
+	procd_open_instance "$CONF"
+	procd_set_param command /usr/bin/microsocks
+	[ -z "$_port" ] || procd_append_param command -p "${_port}"
+	[ -z "$_listenip" ] || procd_append_param command -i "${_listenip}"
+	[ -z "$_bindaddr" ] || procd_append_param command -b "${_bindaddr}"
+	[ -z "$_user" ] || procd_append_param command -u "${_user}"
+	[ -z "$_password" ] || procd_append_param command -P "${_password}"
+	[ "$_auth_once" -eq "0" ] || procd_append_param command -1
+	[ "$_quiet" -eq "0" ] || procd_append_param command -q
+
+	procd_set_param limits core="unlimited"
+	procd_set_param limits nofile="1000000 1000000"
+	procd_set_param respawn
+	procd_set_param stderr 1
+	# TODO: Make it dependable on some verbose/debug config setting?
+	# procd_set_param stdout 1
+
+	[ "$_internet_access" -eq "0" ] || {
+		procd_open_data
+		json_add_array firewall
+			json_add_object ""
+			json_add_string type rule
+			json_add_string name "Allow-access-microsocks-at-$_port"
+			json_add_string src "*"
+			json_add_string dest_port "$_port"
+			json_add_string proto tcp
+			json_add_string target ACCEPT
+			json_close_object
+		json_close_array
+		procd_close_data
+	}
+
+	procd_close_instance
+}
+
+service_started() {
+	procd_set_config_changed firewall
+}
+
+service_stopped() {
+	procd_set_config_changed firewall
+}
+
+service_triggers() {
+	procd_add_reload_trigger "$CONF"
+}