mirror of
https://github.com/bol-van/zapret.git
synced 2025-01-11 08:29:05 +00:00
blockcheck: bulk domain/ip_version tests
This commit is contained in:
parent
f7274a57dc
commit
af8836d86e
@ -14,7 +14,7 @@ ZAPRET_BASE="$EXEDIR"
|
|||||||
[ -n "$DESYNC_MARK" ] || DESYNC_MARK=0x40000000
|
[ -n "$DESYNC_MARK" ] || DESYNC_MARK=0x40000000
|
||||||
[ -n "$IPFW_RULE_NUM" ] || IPFW_RULE_NUM=1
|
[ -n "$IPFW_RULE_NUM" ] || IPFW_RULE_NUM=1
|
||||||
[ -n "$IPFW_DIVERT_PORT" ] || IPFW_DIVERT_PORT=59780
|
[ -n "$IPFW_DIVERT_PORT" ] || IPFW_DIVERT_PORT=59780
|
||||||
[ -n "$DOMAIN" ] || DOMAIN=rutracker.org
|
[ -n "$DOMAINS" ] || DOMAINS=rutracker.org
|
||||||
[ -n "$CURL_MAX_TIME" ] || CURL_MAX_TIME=5
|
[ -n "$CURL_MAX_TIME" ] || CURL_MAX_TIME=5
|
||||||
[ -n "$MIN_TTL" ] || MIN_TTL=1
|
[ -n "$MIN_TTL" ] || MIN_TTL=1
|
||||||
[ -n "$MAX_TTL" ] || MAX_TTL=12
|
[ -n "$MAX_TTL" ] || MAX_TTL=12
|
||||||
@ -279,7 +279,7 @@ pktws_ipt_prepare()
|
|||||||
IPT POSTROUTING -t mangle -p tcp --dport $1 -m mark ! --mark $DESYNC_MARK/$DESYNC_MARK -j NFQUEUE --queue-num $QNUM
|
IPT POSTROUTING -t mangle -p tcp --dport $1 -m mark ! --mark $DESYNC_MARK/$DESYNC_MARK -j NFQUEUE --queue-num $QNUM
|
||||||
;;
|
;;
|
||||||
FreeBSD)
|
FreeBSD)
|
||||||
IPFW_ADD divert $IPFW_DIVERT_PORT tcp from me to any 80,443 out not diverted not sockarg
|
IPFW_ADD divert $IPFW_DIVERT_PORT tcp from me to any 80,443 proto ip${IPV} out not diverted not sockarg
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
@ -303,11 +303,7 @@ tpws_ipt_prepare()
|
|||||||
IPT OUTPUT -t nat -p tcp --dport $1 -m owner ! --uid-owner $TPWS_UID -j DNAT --to $LOCALHOST_IPT:$TPPORT
|
IPT OUTPUT -t nat -p tcp --dport $1 -m owner ! --uid-owner $TPWS_UID -j DNAT --to $LOCALHOST_IPT:$TPPORT
|
||||||
;;
|
;;
|
||||||
FreeBSD)
|
FreeBSD)
|
||||||
if [ "$IPV" = 4 ]; then
|
IPFW_ADD fwd $LOCALHOST,$TPPORT tcp from me to any 80,443 proto ip${IPV} not uid $TPWS_UID
|
||||||
IPFW_ADD fwd 127.0.0.1,$TPPORT tcp from me to any 80,443 proto ip4 not uid $TPWS_UID
|
|
||||||
else
|
|
||||||
IPFW_ADD fwd ::1,$TPPORT tcp from me to any 80,443 proto ip6 not uid $TPWS_UID
|
|
||||||
fi
|
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
@ -529,7 +525,7 @@ check_domain()
|
|||||||
local code
|
local code
|
||||||
|
|
||||||
echo
|
echo
|
||||||
echo \* $1 $4
|
echo \* $1 ipv$IPV $4
|
||||||
|
|
||||||
# in case was interrupted before
|
# in case was interrupted before
|
||||||
pktws_ipt_unprepare $2
|
pktws_ipt_unprepare $2
|
||||||
@ -607,20 +603,23 @@ ask_params()
|
|||||||
{
|
{
|
||||||
echo
|
echo
|
||||||
echo NOTE ! this test should be run with zapret or any other bypass software disabled, without VPN
|
echo NOTE ! this test should be run with zapret or any other bypass software disabled, without VPN
|
||||||
|
echo
|
||||||
|
|
||||||
$ECHON "test this domain (default: $DOMAIN) : "
|
echo "specify domain(s) to test. multiple domains are space separated."
|
||||||
|
$ECHON "domain(s) (default: $DOMAINS) : "
|
||||||
local dom
|
local dom
|
||||||
read dom
|
read dom
|
||||||
[ -n "$dom" ] && DOMAIN=$dom
|
[ -n "$dom" ] && DOMAINS="$dom"
|
||||||
|
|
||||||
$ECHON "ip protocol version - 4 or 6 (default: 4) : "
|
$ECHON "ip protocol version(s) - 4, 6 or 46 for both (default: 4) : "
|
||||||
read IPV
|
read IPVS
|
||||||
[ -n "$IPV" ] || IPV=4
|
[ -n "$IPVS" ] || IPVS=4
|
||||||
[ "$IPV" = 4 -o "$IPV" = 6 ] || {
|
[ "$IPVS" = 4 -o "$IPVS" = 6 -o "$IPVS" = 46 ] || {
|
||||||
echo invalid ip version. should be 4 or 6.
|
echo 'invalid ip version(s). should be 4, 6 or 46.'
|
||||||
exitp 1
|
exitp 1
|
||||||
}
|
}
|
||||||
configure_ip_version
|
[ "$IPVS" = 46 ] && IPVS="4 6"
|
||||||
|
|
||||||
configure_curl_opt
|
configure_curl_opt
|
||||||
|
|
||||||
ENABLE_HTTP=1
|
ENABLE_HTTP=1
|
||||||
@ -640,7 +639,7 @@ ask_params()
|
|||||||
echo "with TLS 1.3 more DPI bypass strategies can work but they may not apply to all sites"
|
echo "with TLS 1.3 more DPI bypass strategies can work but they may not apply to all sites"
|
||||||
echo "if a strategy works with TLS 1.2 it will also work with TLS 1.3"
|
echo "if a strategy works with TLS 1.2 it will also work with TLS 1.3"
|
||||||
echo "if nothing works with TLS 1.2 this test may find TLS1.3 only strategies"
|
echo "if nothing works with TLS 1.2 this test may find TLS1.3 only strategies"
|
||||||
echo "make sure that $DOMAIN supports TLS 1.3 otherwise all test will return an error"
|
echo "make sure that $DOMAINS supports TLS 1.3 otherwise all test will return an error"
|
||||||
ask_yes_no_var ENABLE_HTTPS_TLS13 "check https tls 1.3"
|
ask_yes_no_var ENABLE_HTTPS_TLS13 "check https tls 1.3"
|
||||||
else
|
else
|
||||||
echo "installed curl version does not support TLS 1.3 . tests disabled."
|
echo "installed curl version does not support TLS 1.3 . tests disabled."
|
||||||
@ -793,7 +792,6 @@ unprepare_all()
|
|||||||
}
|
}
|
||||||
ws_kill
|
ws_kill
|
||||||
}
|
}
|
||||||
|
|
||||||
sigint()
|
sigint()
|
||||||
{
|
{
|
||||||
echo
|
echo
|
||||||
@ -817,9 +815,14 @@ ask_params
|
|||||||
PID=
|
PID=
|
||||||
trap sigint INT
|
trap sigint INT
|
||||||
trap sigpipe PIPE
|
trap sigpipe PIPE
|
||||||
[ "$ENABLE_HTTP" = 1 ] && check_domain_http $DOMAIN
|
for dom in $DOMAINS; do
|
||||||
[ "$ENABLE_HTTPS_TLS12" = 1 ] && check_domain_https_tls12 $DOMAIN
|
for IPV in $IPVS; do
|
||||||
[ "$ENABLE_HTTPS_TLS13" = 1 ] && check_domain_https_tls13 $DOMAIN
|
configure_ip_version
|
||||||
|
[ "$ENABLE_HTTP" = 1 ] && check_domain_http $dom
|
||||||
|
[ "$ENABLE_HTTPS_TLS12" = 1 ] && check_domain_https_tls12 $dom
|
||||||
|
[ "$ENABLE_HTTPS_TLS13" = 1 ] && check_domain_https_tls13 $dom
|
||||||
|
done
|
||||||
|
done
|
||||||
trap - PIPE
|
trap - PIPE
|
||||||
trap - INT
|
trap - INT
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user