#!/bin/sh /etc/rc.common USE_PROCD=1 # after network START=21 SCRIPT=$(readlink /etc/init.d/zapret) if [ -n "$SCRIPT" ]; then EXEDIR=$(dirname "$SCRIPT") ZAPRET_BASE=$(readlink -f "$EXEDIR/../..") else ZAPRET_BASE=/opt/zapret fi . "$ZAPRET_BASE/init.d/openwrt/functions" # !!!!! in openwrt firewall rules are configured separately PIDDIR=/var/run [ -n "$NFQWS" ] || NFQWS="$ZAPRET_BASE/nfq/nfqws" NFQWS_OPT_BASE="--user=$WS_USER --dpi-desync-fwmark=$DESYNC_MARK" [ -n "$TPWS" ] || TPWS="$ZAPRET_BASE/tpws/tpws" TPWS_LOCALHOST4=127.0.0.127 HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts.txt.gz" [ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts.txt" [ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts-user.txt" TPWS_OPT_BASE="--user=$WS_USER" TPWS_OPT_BASE4="--bind-addr=$TPWS_LOCALHOST4" TPWS_OPT_BASE6="--bind-addr=::1" TPWS_WAIT="--bind-wait-ifup=30 --bind-wait-ip=30" TPWS_WAIT_SOCKS6="$TPWS_WAIT --bind-wait-ip-linklocal=30" TPWS_OPT_BASE6_PRE="--bind-linklocal=prefer $TPWS_WAIT --bind-wait-ip-linklocal=3" run_daemon() { # $1 - daemon string id or number. can use 1,2,3,... # $2 - daemon # $3 - daemon args # use $PIDDIR/$DAEMONBASE$1.pid as pidfile local DAEMONBASE=$(basename $2) echo "Starting daemon $1: $2 $3" procd_open_instance procd_set_param command $2 $3 procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid procd_close_instance } run_tpws() { [ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0 local OPT="$TPWS_OPT_BASE" local DEVICE [ "$DISABLE_IPV4" = "1" ] || OPT="$OPT $TPWS_OPT_BASE4" [ "$DISABLE_IPV6" = "1" ] || { OPT="$OPT $TPWS_OPT_BASE6" for lan in $OPENWRT_LAN; do network_get_device DEVICE $lan [ -n "$DEVICE" ] && OPT="$OPT --bind-iface6=$DEVICE $TPWS_OPT_BASE6_PRE" done } run_daemon $1 "$TPWS" "$OPT $2" } run_tpws_socks() { [ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && return 0 local opt="$TPWS_OPT_BASE --socks" tpws_apply_socks_binds opt run_daemon $1 "$TPWS" "$opt $2" } stop_tpws() { stop_daemon $1 "$TPWS" } filter_apply_hostlist_target() { # $1 - var name of tpws or nfqws params [ "$MODE_FILTER" = "hostlist" ] && eval $1="\"\$$1 --hostlist=$HOSTLIST\"" } tpws_apply_socks_binds() { local o [ "$DISABLE_IPV4" = "1" ] || o="--bind-addr=127.0.0.1" [ "$DISABLE_IPV6" = "1" ] || o="$o --bind-addr=::1" for lan in $OPENWRT_LAN; do network_get_device DEVICE $lan [ -n "$DEVICE" ] || continue [ "$DISABLE_IPV4" = "1" ] || o="$o --bind-iface4=$DEVICE $TPWS_WAIT" [ "$DISABLE_IPV6" = "1" ] || o="$o --bind-iface6=$DEVICE --bind-linklocal=unwanted $TPWS_WAIT_SOCKS6" done eval $1="\"\$$1 $o\"" } start_service() { local opt qn qns qn6 qns6 case "${MODE_OVERRIDE:-$MODE}" in tpws) opt="--port=$TPPORT $TPWS_OPT" filter_apply_hostlist_target opt run_tpws 1 "$opt" ;; tpws-socks) opt="--port=$TPPORT $TPWS_OPT" filter_apply_hostlist_target opt run_tpws_socks 1 "$opt" ;; nfqws) # quite complex but we need to minimize nfqws processes to save RAM get_nfqws_qnums qn qns qn6 qns6 [ -z "$qn" ] || { opt="--qnum=$qn $NFQWS_OPT_BASE $NFQWS_OPT_DESYNC_HTTP" filter_apply_hostlist_target opt run_daemon 1 "$NFQWS" "$opt" } [ -z "$qns" ] || [ "$qns" = "$qn" ] || { opt="--qnum=$qns $NFQWS_OPT_BASE $NFQWS_OPT_DESYNC_HTTPS" filter_apply_hostlist_target opt run_daemon 2 "$NFQWS" "$opt" } [ -z "$qn6" ] || [ "$qn6" = "$qn" ] || [ "$qn6" = "$qns" ] || { opt="--qnum=$qn6 $NFQWS_OPT_BASE $NFQWS_OPT_DESYNC_HTTP6" filter_apply_hostlist_target opt run_daemon 3 "$NFQWS" "$opt" } [ -z "$qns6" ] || [ "$qns6" = "$qn" ] || [ "$qns6" = "$qns" ] || [ "$qns6" = "$qn6" ] || { opt="--qnum=$qns6 $NFQWS_OPT_BASE $NFQWS_OPT_DESYNC_HTTPS6" filter_apply_hostlist_target opt run_daemon 4 "$NFQWS" "$opt" } ;; custom) existf zapret_custom_daemons && zapret_custom_daemons $1 ;; esac return 0 }