-
Notifications
You must be signed in to change notification settings - Fork 713
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
bol-van
committed
Dec 9, 2024
1 parent
e8395ee
commit 8e7b694
Showing
7 changed files
with
149 additions
and
80 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
standard_mode_tpws_socks() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
local opt | ||
[ "$TPWS_SOCKS_ENABLE" = 1 ] && { | ||
opt="--port=$TPPORT_SOCKS $TPWS_SOCKS_OPT" | ||
filter_apply_hostlist_target opt | ||
do_tpws_socks $1 2 "$opt" | ||
} | ||
} | ||
standard_mode_tpws() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
local opt | ||
[ "$TPWS_ENABLE" = 1 ] && check_bad_ws_options $1 "$TPWS_OPT" && { | ||
opt="--port=$TPPORT $TPWS_OPT" | ||
filter_apply_hostlist_target opt | ||
do_tpws $1 1 "$opt" | ||
} | ||
} | ||
standard_mode_nfqws() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
local opt | ||
[ "$NFQWS_ENABLE" = 1 ] && check_bad_ws_options $1 "$NFQWS_OPT" && { | ||
opt="--qnum=$QNUM $NFQWS_OPT" | ||
filter_apply_hostlist_target opt | ||
do_nfqws $1 3 "$opt" | ||
} | ||
} | ||
standard_mode_daemons() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
|
||
standard_mode_tpws_socks $1 | ||
standard_mode_tpws $1 | ||
standard_mode_nfqws $1 | ||
} | ||
zapret_do_daemons() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
|
||
standard_mode_daemons $1 | ||
custom_runner zapret_custom_daemons $1 | ||
|
||
return 0 | ||
} | ||
zapret_run_daemons() | ||
{ | ||
zapret_do_daemons 1 "$@" | ||
} | ||
zapret_stop_daemons() | ||
{ | ||
zapret_do_daemons 0 "$@" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# this custom script runs standard mode with extra firewall rules | ||
|
||
# config: use TPWS_ENABLE_OVERRIDE, NFQWS_ENABLE_OVERRIDE to enable standard mode daemons | ||
# standard and override switches cannot be enabled simultaneously ! | ||
|
||
TPWS_ENABLE_OVERRIDE=${TPWS_ENABLE_OVERRIDE:-0} | ||
NFQWS_ENABLE_OVERRIDE=${NFQWS_ENABLE_OVERRIDE:-0} | ||
|
||
# config: some if these values must be set in config. not setting any of these makes this script meaningless. | ||
# pre vars put ipt/nft code to the rule beginning | ||
#FW_EXTRA_PRE_TPWS_IPT= | ||
#FW_EXTRA_PRE_TPWS_NFT= | ||
#FW_EXTRA_PRE_NFQWS_IPT="-m mark --mark 0x10000000/0x10000000" | ||
#FW_EXTRA_PRE_NFQWS_NFT="mark and 0x10000000 != 0" | ||
# post vars put ipt/nft code to the rule end | ||
#FW_EXTRA_POST_TPWS_IPT= | ||
#FW_EXTRA_POST_TPWS_NFT= | ||
#FW_EXTRA_POST_NFQWS_IPT= | ||
#FW_EXTRA_POST_NFQWS_NFT= | ||
|
||
check_std_intersect() | ||
{ | ||
[ "$TPWS_ENABLE_OVERRIDE" = 1 -a "$TPWS_ENABLE" = 1 ] && { | ||
echo "ERROR ! both TPWS_ENABLE_OVERRIDE and TPWS_ENABLE are enabled" | ||
return 1 | ||
} | ||
[ "$NFQWS_ENABLE_OVERRIDE" = 1 -a "$NFQWS_ENABLE" = 1 ] && { | ||
echo "ERROR ! both NFQWS_ENABLE_OVERRIDE and NFQWS_ENABLE are enabled" | ||
return 1 | ||
} | ||
return 0 | ||
} | ||
|
||
zapret_custom_daemons() | ||
{ | ||
# $1 - 1 - add, 0 - stop | ||
|
||
check_std_intersect || return | ||
|
||
local TPWS_SOCKS_ENABLE=0 TPWS_ENABLE=$TPWS_ENABLE_OVERRIDE NFQWS_ENABLE=$NFQWS_ENABLE_OVERRIDE | ||
standard_mode_daemons "$1" | ||
} | ||
zapret_custom_firewall() | ||
{ | ||
# $1 - 1 - run, 0 - stop | ||
|
||
check_std_intersect || return | ||
|
||
local FW_EXTRA_PRE FW_EXTRA_POST TPWS_ENABLE=$TPWS_ENABLE_OVERRIDE NFQWS_ENABLE=$NFQWS_ENABLE_OVERRIDE | ||
FW_EXTRA_PRE="$FW_EXTRA_PRE_TPWS_IPT" FW_EXTRA_POST="$FW_EXTRA_POST_TPWS_IPT" | ||
zapret_do_firewall_standard_tpws_rules_ipt $1 | ||
FW_EXTRA_PRE="$FW_EXTRA_PRE_NFQWS_IPT" FW_EXTRA_POST="$FW_EXTRA_POST_NFQWS_IPT" | ||
zapret_do_firewall_standard_nfqws_rules_ipt $1 | ||
} | ||
zapret_custom_firewall_nft() | ||
{ | ||
# stop logic is not required | ||
|
||
check_std_intersect || return | ||
|
||
local FW_EXTRA_PRE FW_EXTRA_POST TPWS_ENABLE=$TPWS_ENABLE_OVERRIDE NFQWS_ENABLE=$NFQWS_ENABLE_OVERRIDE | ||
FW_EXTRA_PRE="$FW_EXTRA_PRE_TPWS_NFT" FW_EXTRA_POST="$FW_EXTRA_POST_TPWS_NFT" | ||
zapret_apply_firewall_standard_tpws_rules_nft | ||
FW_EXTRA_PRE="$FW_EXTRA_PRE_NFQWS_NFT" FW_EXTRA_POST="$FW_EXTRA_POST_NFQWS_NFT" | ||
zapret_apply_firewall_standard_nfqws_rules_nft | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters