mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Merge branch 'test' into develop
This commit is contained in:
suyuan
commit
6c9779312e
15 changed files with 325 additions and 116 deletions
|
|
@ -28,11 +28,15 @@ if [ -z "$INTERFACE" ]; then
|
|||
else
|
||||
domain=$(echo $HOST | awk -F/ '{print $3}')
|
||||
hostip=$(dig +nocmd +noall +answer A $domain | grep -v CNAME | awk '{print $5}' | tr '\n' ' ')
|
||||
for ip in $hostip; do
|
||||
ipset add ss_rules_dst_bypass_all $ip
|
||||
done
|
||||
if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then
|
||||
for ip in $hostip; do
|
||||
ipset add ss_rules_dst_bypass_all $ip
|
||||
done
|
||||
fi
|
||||
curl -4 --interface $INTERFACE $HOST >/dev/null || echo
|
||||
for ip in $hostip; do
|
||||
ipset del ss_rules_dst_bypass_all $ip
|
||||
done
|
||||
if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then
|
||||
for ip in $hostip; do
|
||||
ipset del ss_rules_dst_bypass_all $ip
|
||||
done
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -3,14 +3,14 @@
|
|||
INTERFACE="$1"
|
||||
|
||||
echo "Select best test server..."
|
||||
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
|
||||
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
|
||||
bestping="999"
|
||||
for pinghost in $HOSTLST; do
|
||||
domain=$(echo $pinghost | awk -F/ '{print $3}')
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
ping=$(ping -c1 -w2 $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
ping=$(ping -6 -c1 -w2 $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
else
|
||||
ping=$(ping -c1 -w2 -I $INTERFACE -B $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
ping=$(ping -6 -c1 -w2 -I $INTERFACE -B $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
fi
|
||||
echo "host: $domain - ping: $ping"
|
||||
if [ -n "$ping" ] && [ "$ping" -lt "$bestping" ]; then
|
||||
|
|
@ -28,11 +28,15 @@ if [ -z "$INTERFACE" ]; then
|
|||
else
|
||||
domain=$(echo $HOST | awk -F/ '{print $3}')
|
||||
hostip=$(dig +nocmd +noall +answer AAAA $domain | grep -v CNAME | awk '{print $5}' | tr '\n' ' ')
|
||||
for ip in $hostip; do
|
||||
ipset add ss_rules6_dst_bypass_all $ip
|
||||
done
|
||||
if [ -n "$(ipset list 2>/dev/null | grep ss_rules6)" ]; then
|
||||
for ip in $hostip; do
|
||||
ipset add ss_rules6_dst_bypass_all $ip
|
||||
done
|
||||
fi
|
||||
curl -6 --interface $INTERFACE $HOST >/dev/null || echo
|
||||
for ip in $hostip; do
|
||||
ipset del ss_rules6_dst_bypass_all $ip
|
||||
done
|
||||
if [ -n "$(ipset list 2>/dev/null | grep ss_rules6)" ]; then
|
||||
for ip in $hostip; do
|
||||
ipset del ss_rules6_dst_bypass_all $ip
|
||||
done
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -804,6 +804,9 @@ _vps_firewall_redirect_port() {
|
|||
config_get src_ip $1 src_ip
|
||||
config_get v2ray $1 v2ray "0"
|
||||
config_get dmz $1 dmz "0"
|
||||
if [ -z "$src_dport" ] && [ -n "$dest_port" ]; then
|
||||
src_dport=$dest_port
|
||||
fi
|
||||
if [ "$dmz" = "1" ] && [ "$src_dport" != "2-64999" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.${section}.src_dport='2-64999'
|
||||
|
|
@ -971,6 +974,15 @@ _vps_firewall_close_port() {
|
|||
}
|
||||
|
||||
_set_vps_firewall() {
|
||||
fw3 -q print | grep 'vpn.* -d' |
|
||||
while IFS=$"\n" read -r c; do
|
||||
eval $(echo $c | sed 's/iptables/iptables -w/' | sed 's/-A/-D/') 2>&1 >/dev/null
|
||||
newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//')
|
||||
eval $(echo $newrule | sed 's/-A/-D/') || true
|
||||
eval $newrule
|
||||
done
|
||||
#'
|
||||
|
||||
fwservername=$1
|
||||
[ -z "$servername" ] && servername=$fwservername
|
||||
[ -z "$fwservername" ] && fwservername=$servername
|
||||
|
|
@ -1005,13 +1017,6 @@ _set_vps_firewall() {
|
|||
}
|
||||
|
||||
set_vps_firewall() {
|
||||
fw3 -q print | grep 'vpn.* -d' |
|
||||
while IFS=$"\n" read -r c; do
|
||||
eval $(echo $c | sed 's/-A/-D/') 2>&1 >/dev/null
|
||||
newrule=$(echo $c | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//')
|
||||
eval $(echo $newrule | sed 's/-A/-C/') || eval $newrule
|
||||
done
|
||||
#'
|
||||
config_load openmptcprouter
|
||||
config_foreach _set_vps_firewall server
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,6 +69,144 @@ fi
|
|||
# commit unbound
|
||||
#EOF
|
||||
|
||||
if [ -z "$(uci -q unbound.auth_icann)" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set unbound.auth_icann=zone
|
||||
set unbound.auth_icann.fallback='1'
|
||||
set unbound.auth_icann.url_dir='https://www.internic.net/domain/'
|
||||
set unbound.auth_icann.zone_type='auth_zone'
|
||||
add_list unbound.auth_icann.server='lax.xfr.dns.icann.org'
|
||||
add_list unbound.auth_icann.server='iad.xfr.dns.icann.org'
|
||||
add_list unbound.auth_icann.zone_name='.'
|
||||
add_list unbound.auth_icann.zone_name='arpa.'
|
||||
add_list unbound.auth_icann.zone_name='in-addr.arpa.'
|
||||
add_list unbound.auth_icann.zone_name='ip6.arpa.'
|
||||
set unbound.auth_icann.enabled='1'
|
||||
set unbound.fwd_isp=zone
|
||||
set unbound.fwd_isp.enabled='0'
|
||||
set unbound.fwd_isp.fallback='1'
|
||||
set unbound.fwd_isp.resolv_conf='1'
|
||||
set unbound.fwd_isp.zone_type='forward_zone'
|
||||
add_list unbound.fwd_isp.zone_name='isp-bill.example.com.'
|
||||
add_list unbound.fwd_isp.zone_name='isp-mail.example.net.'
|
||||
set unbound.fwd_google=zone
|
||||
set unbound.fwd_google.enabled='0'
|
||||
set unbound.fwd_google.fallback='1'
|
||||
set unbound.fwd_google.tls_index='dns.google'
|
||||
set unbound.fwd_google.tls_upstream='1'
|
||||
set unbound.fwd_google.zone_type='forward_zone'
|
||||
add_list unbound.fwd_google.server='8.8.4.4'
|
||||
add_list unbound.fwd_google.server='8.8.8.8'
|
||||
add_list unbound.fwd_google.server='2001:4860:4860::8844'
|
||||
add_list unbound.fwd_google.server='2001:4860:4860::8888'
|
||||
set unbound.fwd_google.zone_name='.'
|
||||
set unbound.fwd_cloudflare=zone
|
||||
set unbound.fwd_cloudflare.enabled='0'
|
||||
set unbound.fwd_cloudflare.fallback='1'
|
||||
set unbound.fwd_cloudflare.tls_index='cloudflare-dns.com'
|
||||
set unbound.fwd_cloudflare.tls_upstream='1'
|
||||
set unbound.fwd_cloudflare.zone_type='forward_zone'
|
||||
add_list unbound.fwd_cloudflare.server='1.1.1.1'
|
||||
add_list unbound.fwd_cloudflare.server='1.0.0.1'
|
||||
add_list unbound.fwd_cloudflare.server='2606:4700:4700::1111'
|
||||
add_list unbound.fwd_cloudflare.server='2606:4700:4700::1001'
|
||||
set unbound.fwd_cloudflare.zone_name='.'
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ -z "$(uci -q get unbound.fwd_adguard_family)" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set unbound.fwd_adguard_family=zone
|
||||
set unbound.fwd_adguard_family.enabled='0'
|
||||
set unbound.fwd_adguard_family.fallback='1'
|
||||
set unbound.fwd_adguard_family.tls_index='dns-family.adguard.com'
|
||||
set unbound.fwd_adguard_family.tls_upstream='1'
|
||||
set unbound.fwd_adguard_family.zone_type='forward_zone'
|
||||
add_list unbound.fwd_adguard_family.server='176.103.130.132'
|
||||
add_list unbound.fwd_adguard_family.server='176.103.130.134'
|
||||
set unbound.fwd_adguard_family.zone_name='.'
|
||||
set unbound.fwd_adguard_standard=zone
|
||||
set unbound.fwd_adguard_standard.enabled='0'
|
||||
set unbound.fwd_adguard_standard.fallback='1'
|
||||
set unbound.fwd_adguard_standard.tls_index='dns.adguard.com'
|
||||
set unbound.fwd_adguard_standard.tls_upstream='1'
|
||||
set unbound.fwd_adguard_standard.zone_type='forward_zone'
|
||||
add_list unbound.fwd_adguard_standard.server='176.103.130.130'
|
||||
add_list unbound.fwd_adguard_standard.server='176.103.130.131'
|
||||
set unbound.fwd_adguard_standard.zone_name='.'
|
||||
set unbound.fwd_cloudflare_family=zone
|
||||
set unbound.fwd_cloudflare_family.enabled='0'
|
||||
set unbound.fwd_cloudflare_family.fallback='1'
|
||||
set unbound.fwd_cloudflare_family.tls_index='family.cloudflare-dns.com'
|
||||
set unbound.fwd_cloudflare_family.tls_upstream='1'
|
||||
set unbound.fwd_cloudflare_family.zone_type='forward_zone'
|
||||
add_list unbound.fwd_cloudflare_family.server='1.1.1.3'
|
||||
add_list unbound.fwd_cloudflare_family.server='1.0.0.3'
|
||||
set unbound.fwd_cloudflare_family.zone_name='.'
|
||||
set unbound.fwd_cloudflare_malware=zone
|
||||
set unbound.fwd_cloudflare_malware.enabled='0'
|
||||
set unbound.fwd_cloudflare_malware.fallback='1'
|
||||
set unbound.fwd_cloudflare_malware.tls_index='security.cloudflare-dns.com'
|
||||
set unbound.fwd_cloudflare_malware.tls_upstream='1'
|
||||
set unbound.fwd_cloudflare_malware.zone_type='forward_zone'
|
||||
add_list unbound.fwd_cloudflare_malware.server='1.1.1.2'
|
||||
add_list unbound.fwd_cloudflare_malware.server='1.0.0.2'
|
||||
set unbound.fwd_cloudflare_malware.zone_name='.'
|
||||
set unbound.fwd_odvr=zone
|
||||
set unbound.fwd_odvr.enabled='0'
|
||||
set unbound.fwd_odvr.fallback='1'
|
||||
set unbound.fwd_odvr.tls_index='odvr.nic.cz'
|
||||
set unbound.fwd_odvr.tls_upstream='1'
|
||||
set unbound.fwd_odvr.zone_type='forward_zone'
|
||||
add_list unbound.fwd_odvr.server='193.17.47.1'
|
||||
add_list unbound.fwd_odvr.server='185.43.135.1'
|
||||
set unbound.fwd_odvr.zone_name='.'
|
||||
set unbound.fwd_libredns=zone
|
||||
set unbound.fwd_libredns.enabled='0'
|
||||
set unbound.fwd_libredns.fallback='1'
|
||||
set unbound.fwd_libredns.tls_index='doh.libredns.gr'
|
||||
set unbound.fwd_libredns.tls_upstream='1'
|
||||
set unbound.fwd_libredns.zone_type='forward_zone'
|
||||
add_list unbound.fwd_libredns.server='116.202.176.26'
|
||||
set unbound.fwd_libredns.zone_name='.'
|
||||
set unbound.fwd_quad9_recommended=zone
|
||||
set unbound.fwd_quad9_recommended.enabled='0'
|
||||
set unbound.fwd_quad9_recommended.fallback='1'
|
||||
set unbound.fwd_quad9_recommended.tls_index='dns.quad9.net'
|
||||
set unbound.fwd_quad9_recommended.tls_upstream='1'
|
||||
set unbound.fwd_quad9_recommended.zone_type='forward_zone'
|
||||
add_list unbound.fwd_quad9_recommended.server='9.9.9.9'
|
||||
add_list unbound.fwd_quad9_recommended.server='149.112.112.112'
|
||||
set unbound.fwd_quad9_recommended.zone_name='.'
|
||||
set unbound.fwd_quad9_unsecured=zone
|
||||
set unbound.fwd_quad9_unsecured.enabled='0'
|
||||
set unbound.fwd_quad9_unsecured.fallback='1'
|
||||
set unbound.fwd_quad9_unsecured.tls_index='dns10.quad9.net'
|
||||
set unbound.fwd_quad9_unsecured.tls_upstream='1'
|
||||
set unbound.fwd_quad9_unsecured.zone_type='forward_zone'
|
||||
add_list unbound.fwd_quad9_unsecured.server='9.9.9.10'
|
||||
add_list unbound.fwd_quad9_unsecured.server='149.112.112.10'
|
||||
set unbound.fwd_quad9_unsecured.zone_name='.'
|
||||
set unbound.fwd_quad9_ecs=zone
|
||||
set unbound.fwd_quad9_ecs.enabled='0'
|
||||
set unbound.fwd_quad9_ecs.fallback='1'
|
||||
set unbound.fwd_quad9_ecs.tls_index='dns11.quad9.net'
|
||||
set unbound.fwd_quad9_ecs.tls_upstream='1'
|
||||
set unbound.fwd_quad9_ecs.zone_type='forward_zone'
|
||||
add_list unbound.fwd_quad9_ecs.server='9.9.9.11'
|
||||
add_list unbound.fwd_quad9_ecs.server='149.112.112.11'
|
||||
set unbound.fwd_quad9_ecs.zone_name='.'
|
||||
set unbound.fwd_quad9_secured=zone
|
||||
set unbound.fwd_quad9_secured.enabled='0'
|
||||
set unbound.fwd_quad9_secured.fallback='1'
|
||||
set unbound.fwd_quad9_secured.tls_index='dns9.quad9.net'
|
||||
set unbound.fwd_quad9_secured.tls_upstream='1'
|
||||
set unbound.fwd_quad9_secured.zone_type='forward_zone'
|
||||
add_list unbound.fwd_quad9_secured.server='9.9.9.9'
|
||||
add_list unbound.fwd_quad9_secured.server='149.112.112.9'
|
||||
set unbound.fwd_quad9_secured.zone_name='.'
|
||||
EOF
|
||||
fi
|
||||
|
||||
rm -f /tmp/luci-indexcache
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue