drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-24 22:32:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

ipv6 support

Browse Source
This commit is contained in:
bolvan
2019-05-13 18:27:16 +03:00
parent 3a5bf861b9
commit 561c82bf79
39 changed files with 885 additions and 356 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ipset/clear_lists.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
SCRIPT=$(readlink -f "$0")
EXEDIR=$(dirname "$SCRIPT")
. "$EXEDIR/def.sh"
rm -f "$ZIPLIST"* "$ZIPLIST6"* "$ZIPLIST_USER" "$ZIPLIST_USER6" "$ZIPLIST_IPBAN"* "$ZIPLIST_IPBAN6"* "$ZIPLIST_USER_IPBAN" "$ZIPLIST_USER_IPBAN6" "$ZHOSTLIST"*

39
ipset/create_ipset.sh
View File

@@ -23,15 +23,15 @@ do
zzexist "$f" && {
if [ -x "$IP2NET" ]; then
echo Adding to ipset $2 \($IPSTYPE , ip2net\) : $f
if [ -f "$ZIPLIST_EXCLUDE" ] ; then
zzcat "$f" | grep -vxFf "$ZIPLIST_EXCLUDE" | "$IP2NET" | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
if [ -f "$5" ] ; then
zzcat "$f" | grep -vxFf "$5" | "$IP2NET" | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
else
zzcat "$f" | "$IP2NET" | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
fi
else
echo Adding to ipset $2 \($IPSTYPE\) : $f
if [ -f "$ZIPLIST_EXCLUDE" ] ; then
zzcat "$f" | grep -vxFf "$ZIPLIST_EXCLUDE" | sort -u | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
if [ -f "$5" ] ; then
zzcat "$f" | grep -vxFf "$5" | sort -u | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
else
zzcat "$f" | sort -u | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
fi
@@ -41,5 +41,32 @@ done
return 0
}
create_ipset hash:ip $ZIPSET "$ZIPLIST" "$ZIPLIST_USER"
create_ipset hash:ip $ZIPSET_IPBAN "$ZIPLIST_IPBAN" "$ZIPLIST_USER_IPBAN"
create_ipset6()
{
local IPSTYPE=$1
ipset flush $2 2>/dev/null || ipset create $2 $IPSTYPE $IPSET_OPT family inet6
for f in "$3" "$4"
do
zzexist "$f" && {
echo Adding to ipset $2 \($IPSTYPE\) : $f
if [ -f "$5" ] ; then
zzcat "$f" | grep -vxFf "$5" | sort -u | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
else
zzcat "$f" | sort -u | sed -nre "s/^.+$/add $2 &/p" | ipset -! restore
fi
}
done
return 0
}
[ "$DISABLE_IPV4" != "1" ] && {
create_ipset hash:ip $ZIPSET "$ZIPLIST" "$ZIPLIST_USER" "$ZIPLIST_EXCLUDE"
create_ipset hash:ip $ZIPSET_IPBAN "$ZIPLIST_IPBAN" "$ZIPLIST_USER_IPBAN" "$ZIPLIST_EXCLUDE"
}
[ "$DISABLE_IPV6" != "1" ] && {
create_ipset6 hash:ip $ZIPSET6 "$ZIPLIST6" "$ZIPLIST_USER6" "$ZIPLIST_EXCLUDE6"
create_ipset6 hash:ip $ZIPSET_IPBAN6 "$ZIPLIST_IPBAN6" "$ZIPLIST_USER_IPBAN6" "$ZIPLIST_EXCLUDE6"
}
true

33
ipset/def.sh
View File

@@ -1,14 +1,23 @@
. "$EXEDIR/../config"
TMPDIR=/tmp
ZIPSET=zapret
ZIPSET6=zapret6
ZIPLIST=$EXEDIR/zapret-ip.txt
ZIPLIST6=$EXEDIR/zapret-ip6.txt
ZIPLIST_EXCLUDE=$EXEDIR/zapret-ip-exclude.txt
ZIPLIST_EXCLUDE6=$EXEDIR/zapret-ip-exclude6.txt
ZIPLIST_USER=$EXEDIR/zapret-ip-user.txt
ZIPLIST_USER6=$EXEDIR/zapret-ip-user6.txt
ZUSERLIST=$EXEDIR/zapret-hosts-user.txt
ZHOSTLIST=$EXEDIR/zapret-hosts.txt
ZIPSET_IPBAN=ipban
ZIPSET_IPBAN6=ipban6
ZIPLIST_IPBAN=$EXEDIR/zapret-ip-ipban.txt
ZIPLIST_IPBAN6=$EXEDIR/zapret-ip-ipban6.txt
ZIPLIST_USER_IPBAN=$EXEDIR/zapret-ip-user-ipban.txt
ZIPLIST_USER_IPBAN6=$EXEDIR/zapret-ip-user-ipban6.txt
ZUSERLIST_IPBAN=$EXEDIR/zapret-hosts-user-ipban.txt
MDIG=$EXEDIR/../mdig/mdig
@@ -33,30 +42,38 @@ zz()
digger()
{
>&2 echo digging "$1" : domains=$(wc -l <"$1")
# $1 - hostlist
# $2 - family (4|6)
>&2 echo digging $(wc -l <"$1") ipv$2 domains : "$1"
if [ -x "$MDIG" ]; then
zzcat "$1" | "$MDIG" --family=4 --threads=$MDIG_THREADS --stats=1000
zzcat "$1" | "$MDIG" --family=$2 --threads=$MDIG_THREADS --stats=1000
else
zzcat "$1" | dig A +short +time=8 +tries=2 -f - | grep -E '^[^;].*[^\.]$'
local A=A
[ "$2" = "6" ] && A=AAAA
zzcat "$1" | dig $A +short +time=8 +tries=2 -f - | grep -E '^[^;].*[^\.]$'
fi
}
cut_local()
{
grep -vE '^192\.168\.[0-9]+\.[0-9]+$' |
grep -vE '^127\.[0-9]+\.[0-9]+\.[0-9]+$' |
grep -vE '^10\.[0-9]+\.[0-9]+\.[0-9]+$'
grep -vE '^192\.168\.|^127\.|^10\.'
}
cut_local6()
{
grep -vE '^::|fc..:|fd..:'
}
getuser()
{
[ -f "$ZUSERLIST" ] && {
digger "$ZUSERLIST" | cut_local | sort -u > "$ZIPLIST_USER"
[ "$DISABLE_IPV4" != "1" ] && digger "$ZUSERLIST" 4 | cut_local | sort -u > "$ZIPLIST_USER"
[ "$DISABLE_IPV6" != "1" ] && digger "$ZUSERLIST" 6 | cut_local6 | sort -u > "$ZIPLIST_USER6"
}
[ -f "$ZUSERLIST_IPBAN" ] && {
digger "$ZUSERLIST_IPBAN" | cut_local | sort -u > "$ZIPLIST_USER_IPBAN"
[ "$DISABLE_IPV4" != "1" ] && digger "$ZUSERLIST_IPBAN" 4 | cut_local | sort -u > "$ZIPLIST_USER_IPBAN"
[ "$DISABLE_IPV6" != "1" ] && digger "$ZUSERLIST_IPBAN" 6 | cut_local6 | sort -u > "$ZIPLIST_USER_IPBAN6"
}
}

25
ipset/get_reestr.sh
View File

@@ -14,6 +14,9 @@ ZURL=https://raw.githubusercontent.com/zapret-info/z-i/master/dump.csv
getuser
# both disabled
[ "$DISABLE_IPV4" = "1" ] && [ "$DISABLE_IPV6" = "1" ] && exit 0
curl -k --fail --max-time 150 --connect-timeout 5 --retry 3 --max-filesize 62914560 "$ZURL" >"$ZREESTR" ||
{
echo reestr list download failed
@@ -29,12 +32,24 @@ echo preparing dig list ..
#sed -nre 's/^[^;]*;([^;|\\]{4,250})\;.*$/\1/p' $ZREESTR | sort | uniq >$ZDIG
cut -f2 -d ';' "$ZREESTR" | grep -avE '^$|\*|:' >"$ZDIG"
rm -f "$ZREESTR"
echo digging started. this can take long ...
digger "$ZDIG" | cut_local >"$ZIPLISTTMP" || {
rm -f "$ZDIG"
exit 1
[ "$DISABLE_IPV4" != "1" ] && {
digger "$ZDIG" 4 | cut_local >"$ZIPLISTTMP" || {
rm -f "$ZDIG"
exit 1
}
sort -u "$ZIPLISTTMP" | zz "$ZIPLIST"
rm -f "$ZIPLISTTMP"
}
[ "$DISABLE_IPV6" != "1" ] && {
digger "$ZDIG" 6 | cut_local6 >"$ZIPLISTTMP" || {
rm -f "$ZDIG"
exit 1
}
sort -u "$ZIPLISTTMP" | zz "$ZIPLIST6"
rm -f "$ZIPLISTTMP"
}
rm -f "$ZDIG"
sort -u "$ZIPLISTTMP" | zz "$ZIPLIST"
rm -f "$ZIPLISTTMP"
"$EXEDIR/create_ipset.sh"