From b861d0d61eba0d03ac3560d7f56d564ad6a9a7e0 Mon Sep 17 00:00:00 2001
From: Vadim Vetrov <vetrovvd@gmail.com>
Date: Wed, 28 Aug 2024 13:49:25 +0300
Subject: [PATCH] Add build scripts for entware

---
 youtubeUnblock/Makefile                     |  10 +-
 youtubeUnblock/files/537-youtubeUnblock.nft |   5 -
 youtubeUnblock/files/S51youtubeUnblock      | 179 ++++++++++++++++++++
 youtubeUnblock/files/youtubeUnblock.owrt    |  18 --
 4 files changed, 183 insertions(+), 29 deletions(-)
 delete mode 100644 youtubeUnblock/files/537-youtubeUnblock.nft
 create mode 100755 youtubeUnblock/files/S51youtubeUnblock
 delete mode 100755 youtubeUnblock/files/youtubeUnblock.owrt

diff --git a/youtubeUnblock/Makefile b/youtubeUnblock/Makefile
index bafb75e..d5727f0 100644
--- a/youtubeUnblock/Makefile
+++ b/youtubeUnblock/Makefile
@@ -41,12 +41,10 @@ define Build/Compile
 endef
 
 define Package/youtubeUnblock/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/build/youtubeUnblock $(1)/usr/bin
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/youtubeUnblock.owrt $(1)/etc/init.d/youtubeUnblock
-	$(INSTALL_DIR) $(1)/usr/share/nftables.d/ruleset-post/
-	$(CP) ./files/537-youtubeUnblock.nft $(1)/usr/share/nftables.d/ruleset-post/537-youtubeUnblock.nft
+	$(INSTALL_DIR) $(1)/opt/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/build/youtubeUnblock $(1)/opt/bin
+	$(INSTALL_DIR) $(1)/opt/etc/init.d
+	$(INSTALL_BIN) ./files/S51youtubeUnblock $(1)/opt/etc/init.d/S51youtubeUnblock
 endef
 
 $(eval $(call BuildPackage,youtubeUnblock))
diff --git a/youtubeUnblock/files/537-youtubeUnblock.nft b/youtubeUnblock/files/537-youtubeUnblock.nft
deleted file mode 100644
index c70a2cd..0000000
--- a/youtubeUnblock/files/537-youtubeUnblock.nft
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/usr/sbin/nft -f
-# This file 
-
-insert rule inet fw4 mangle_forward tcp dport 443 ct original packets < 20 counter queue num 537 bypass
-insert rule inet fw4 output mark and 0x8000 == 0x8000 counter accept
diff --git a/youtubeUnblock/files/S51youtubeUnblock b/youtubeUnblock/files/S51youtubeUnblock
new file mode 100755
index 0000000..7b184be
--- /dev/null
+++ b/youtubeUnblock/files/S51youtubeUnblock
@@ -0,0 +1,179 @@
+#!/bin/sh
+
+# Pass your args here
+ARGS=""
+
+ENABLED=yes
+PROCS=youtubeUnblock
+PATH=/opt/sbin:/opt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+IPV6=1
+
+ACTION=$1
+CALLER=$2
+
+# . /opt/etc/nfqws/nfqws.conf
+
+ansi_red="\033[1;31m";
+ansi_white="\033[1;37m";
+ansi_green="\033[1;32m";
+ansi_yellow="\033[1;33m";
+ansi_blue="\033[1;34m";
+ansi_bell="\007";
+ansi_blink="\033[5m";
+ansi_std="\033[m";
+ansi_rev="\033[7m";
+ansi_ul="\033[4m";
+
+is_running() {
+	PID_RUNNING=$(pgrep -nx "$PROCS" 2>/dev/null)
+	
+	if [ -z "$PID_RUNNING" ]; then
+		return 1
+	fi
+	
+	return 0
+}
+
+start() {
+	if [ "$CALLER" = "cron" -a "$ENABLED" != yes ]; then
+		return 8
+	fi
+
+	if is_running; then
+		echo -e "$ansi_white $PROCS is already running $ansi_std" >&2
+		return 1
+	fi
+	
+	kernel_modules_load
+
+	if [ $IPV6 -eq 0 ]; then
+		ARGS+=" --no-ipv6"
+	fi
+	
+	$PROCS $ARGS 2>&1 >/dev/null &
+	
+	firewall_start_v4
+	firewall_start_v6
+	system_config
+	
+        echo -e "$ansi_white Started $PROCS $ansi_std"
+}
+
+stop() {
+        echo -e "$ansi_white Shutting down $PROCS $ansi_std"
+
+	firewall_stop_v4
+	firewall_stop_v6
+	
+	killall $PROCS 2> /dev/null
+}
+
+_iptables()
+{
+	ARG="$@"	
+	CMD=$1 # iptables or ip6tables
+	ACTION=$2 # -I, -A, -D
+	RULE=${@:3}  
+
+	$CMD -C $RULE 2>/dev/null
+	exists=$(( ! $? ))
+
+	if [[ $ACTION == "-A" ]] || [[ $ACTION == "-I" ]]
+	then
+		if [ $exists -eq 0 ]; then
+			$ARG
+		fi
+	else # -D
+		if [ $exists -ne 0 ]; then
+			$ARG
+		fi
+	fi
+}
+
+firewall_start_v4() {
+	_iptables iptables -A FORWARD -t mangle -p tcp --dport 443 -m connbytes --connbytes-dir original --connbytes-mode packets --connbytes 0:19 -j NFQUEUE --queue-num 537 --queue-bypass	
+	_iptables iptables -I OUTPUT -m mark --mark 32768/32768 -j ACCEPT
+}
+
+firewall_stop_v4() {
+	_iptables iptables -D FORWARD -t mangle -p tcp --dport 443 -m connbytes --connbytes-dir original --connbytes-mode packets --connbytes 0:19 -j NFQUEUE --queue-num 537 --queue-bypass	
+	_iptables iptables -D OUTPUT -t filter -m mark --mark 32768/32768 -j ACCEPT
+}
+
+firewall_start_v6() {
+	if [ $IPV6 -eq 0 ]; then
+		return 0
+	fi
+
+	_iptables ip6tables -A FORWARD -t mangle -p tcp --dport 443 -m connbytes --connbytes-dir original --connbytes-mode packets --connbytes 0:19 -j NFQUEUE --queue-num 537 --queue-bypass	
+	_iptables ip6tables -I OUTPUT -m mark --mark 32768/32768 -j ACCEPT
+}
+
+firewall_stop_v6() {
+	if [ $IPV6 -eq 0 ]; then
+		return 0
+	fi
+
+	_iptables ip6tables -D FORWARD -t mangle -p tcp --dport 443 -m connbytes --connbytes-dir original --connbytes-mode packets --connbytes 0:19 -j NFQUEUE --queue-num 537 --queue-bypass	
+	_iptables ip6tables -D OUTPUT -t filter -m mark --mark 32768/32768 -j ACCEPT
+}
+
+kernel_modules_load() {
+	KERNEL=$(uname -r)
+
+	if [ -z "$(lsmod 2>/dev/null | grep "xt_connbytes ")" ]; then
+		insmod /lib/modules/$KERNEL/xt_connbytes.ko &> /dev/null
+		echo "xt_connbytes.ko loaded"
+	fi
+
+	if [ -z "$(lsmod 2>/dev/null | grep "xt_NFQUEUE ")" ]; then
+		insmod /lib/modules/$KERNEL/xt_NFQUEUE.ko &> /dev/null
+		echo "xt_NFQUEUE.ko loaded"
+	fi
+}
+
+system_config() {
+	sysctl -w net.netfilter.nf_conntrack_checksum=0 &> /dev/null
+	sysctl -w net.netfilter.nf_conntrack_tcp_be_liberal=1 &> /dev/null
+}
+
+status() {
+	if is_running; then
+		echo "running"
+  	else
+		echo "stopped"
+  	fi
+}
+
+case $ACTION in
+	start)
+		start
+		;;
+	stop)
+		stop
+		;;
+	status)
+		status
+		;;
+	restart)
+		stop
+		start
+		;;
+	firewall-load)
+		firewall_start_v4
+		firewall_start_v6
+		;;
+	firewall-stop)
+		firewall_stop_v4
+		firewall_stop_v6
+		;;
+	init-system)
+		kernel_modules_load
+		system_config
+		;;
+	*)
+		echo "Usage: $0 {start|stop|restart|status|firewall-load|firewall-stop||init-system}"
+esac
+
+
+
diff --git a/youtubeUnblock/files/youtubeUnblock.owrt b/youtubeUnblock/files/youtubeUnblock.owrt
deleted file mode 100755
index 26382d3..0000000
--- a/youtubeUnblock/files/youtubeUnblock.owrt
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh /etc/rc.common
-USE_PROCD=1
-
-# Openwrt procd script: https://openwrt.org/docs/guide-developer/procd-init-script-example
-# The program should be put into /usr/bin/
-# This file should be put into /etc/init.d/
-
-start_service() {
-	procd_open_instance
-	procd_set_param command /usr/bin/youtubeUnblock 537
-
-	procd_set_param nice -20
-
-	procd_set_param stdout 1
-	procd_set_param stderr 1
-
-	procd_close_instance
-}