├── .DS_Store ├── .gitattributes ├── Makefile ├── bin ├── aarch64 ├── arm ├── mips ├── mipsel ├── x86 └── x86_64 ├── luasrc ├── controller │ └── koolproxy.lua ├── model │ └── cbi │ │ └── koolproxy │ │ ├── global.lua │ │ └── rss_rule.lua └── view │ └── koolproxy │ ├── cadvalue.htm │ ├── caupload.htm │ ├── dvalue.htm │ ├── feedback.htm │ └── index.htm ├── po └── zh-cn │ └── koolproxy.po └── root ├── etc ├── adblocklist │ ├── adblock │ ├── adblockip │ ├── adbypass │ └── adbypassip ├── config │ └── koolproxy ├── init.d │ └── koolproxy └── uci-defaults │ └── luci-koolproxy ├── lib └── upgrade │ └── keep.d │ └── koolproxy └── usr ├── sbin └── adblockplus └── share └── koolproxy ├── adblock.conf ├── camanagement ├── data ├── gen_ca.sh ├── openssl.cnf ├── rules │ └── user.txt ├── source.list └── user.txt ├── dnsmasq.adblock ├── koolproxy_ipset.conf └── kpupdate /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/.DS_Store -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=luci-app-koolproxyR 4 | PKG_VERSION:=3.8.5 5 | PKG_RELEASE:=1-20201105 6 | 7 | PKG_MAINTAINER:=panda-mute 8 | PKG_LICENSE:=GPLv3 9 | PKG_LICENSE_FILES:=LICENSE 10 | 11 | PKG_BUILD_PARALLEL:=1 12 | 13 | RSTRIP:=true 14 | 15 | include $(INCLUDE_DIR)/package.mk 16 | 17 | define Package/luci-app-koolproxyR 18 | SECTION:=luci 19 | CATEGORY:=LuCI 20 | SUBMENU:=3. Applications 21 | TITLE:=LuCI support for koolproxyR 22 | DEPENDS:=+openssl-util +ipset +dnsmasq-full +@BUSYBOX_CONFIG_DIFF +iptables-mod-nat-extra +wget 23 | MAINTAINER:=panda-mute 24 | endef 25 | 26 | define Package/luci-app-koolproxyR/description 27 | This package contains LuCI configuration pages for koolproxy. 28 | endef 29 | 30 | define Build/Compile 31 | endef 32 | 33 | define Package/luci-app-koolproxyR/postinst 34 | #!/bin/sh 35 | if [ -z "$${IPKG_INSTROOT}" ]; then 36 | ( . /etc/uci-defaults/luci-koolproxy ) && rm -f /etc/uci-defaults/luci-koolproxy 37 | rm -f /tmp/luci-indexcache 38 | fi 39 | exit 0 40 | endef 41 | 42 | define Package/luci-app-koolproxyR/conffiles 43 | /etc/config/koolproxy 44 | /usr/share/koolproxy/data/rules/ 45 | endef 46 | 47 | define Package/luci-app-koolproxyR/install 48 | $(INSTALL_DIR) $(1)/usr/lib/lua/luci 49 | cp -pR ./luasrc/* $(1)/usr/lib/lua/luci 50 | $(INSTALL_DIR) $(1)/ 51 | cp -pR ./root/* $(1)/ 52 | $(INSTALL_DIR) $(1)/usr/lib/lua/luci/i18n 53 | po2lmo ./po/zh-cn/koolproxy.po $(1)/usr/lib/lua/luci/i18n/koolproxy.zh-cn.lmo 54 | 55 | ifeq ($(ARCH),mipsel) 56 | $(INSTALL_BIN) ./bin/mipsel $(1)/usr/share/koolproxy/koolproxy 57 | endif 58 | ifeq ($(ARCH),mips) 59 | $(INSTALL_BIN) ./bin/mips $(1)/usr/share/koolproxy/koolproxy 60 | endif 61 | ifeq ($(ARCH),x86) 62 | $(INSTALL_BIN) ./bin/x86 $(1)/usr/share/koolproxy/koolproxy 63 | endif 64 | ifeq ($(ARCH),x86_64) 65 | $(INSTALL_BIN) ./bin/x86_64 $(1)/usr/share/koolproxy/koolproxy 66 | endif 67 | ifeq ($(ARCH),arm) 68 | $(INSTALL_BIN) ./bin/arm $(1)/usr/share/koolproxy/koolproxy 69 | endif 70 | ifeq ($(ARCH),aarch64) 71 | $(INSTALL_BIN) ./bin/aarch64 $(1)/usr/share/koolproxy/koolproxy 72 | endif 73 | endef 74 | 75 | $(eval $(call BuildPackage,luci-app-koolproxyR)) 76 | -------------------------------------------------------------------------------- /bin/aarch64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/aarch64 -------------------------------------------------------------------------------- /bin/arm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/arm -------------------------------------------------------------------------------- /bin/mips: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/mips -------------------------------------------------------------------------------- /bin/mipsel: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/mipsel -------------------------------------------------------------------------------- /bin/x86: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/x86 -------------------------------------------------------------------------------- /bin/x86_64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/bin/x86_64 -------------------------------------------------------------------------------- /luasrc/controller/koolproxy.lua: -------------------------------------------------------------------------------- 1 | module("luci.controller.koolproxy",package.seeall) 2 | function index() 3 | if not nixio.fs.access("/etc/config/koolproxy")then 4 | return 5 | end 6 | entry({"admin","services","koolproxy"},cbi("koolproxy/global"),_("广告过滤大师 Plus+"),1).dependent=true 7 | entry({"admin","services","koolproxy","rss_rule"},cbi("koolproxy/rss_rule"), nil).leaf=true 8 | end 9 | -------------------------------------------------------------------------------- /luasrc/model/cbi/koolproxy/global.lua: -------------------------------------------------------------------------------- 1 | -- Copyright 2018 Nick Peng (pymumu@gmail.com) 2 | 3 | require ("nixio.fs") 4 | require ("luci.http") 5 | require ("luci.dispatcher") 6 | require ("nixio.fs") 7 | 8 | local fs = require "nixio.fs" 9 | local sys = require "luci.sys" 10 | local http = require "luci.http" 11 | 12 | 13 | local o,t,e 14 | local v=luci.sys.exec("/usr/share/koolproxy/koolproxy -v") 15 | local a=luci.sys.exec("head -3 /usr/share/koolproxy/data/rules/koolproxy.txt | grep rules | awk -F' ' '{print $3,$4}'") 16 | local b=luci.sys.exec("head -4 /usr/share/koolproxy/data/rules/koolproxy.txt | grep video | awk -F' ' '{print $3,$4}'") 17 | local c=luci.sys.exec("head -3 /usr/share/koolproxy/data/rules/daily.txt | grep rules | awk -F' ' '{print $3,$4}'") 18 | local s=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/easylistchina.txt | wc -l") 19 | local m=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/mv.txt | wc -l") 20 | local u=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/fanboy.txt | wc -l") 21 | local p=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/yhosts.txt | wc -l") 22 | local h=luci.sys.exec("grep -v '^!' /usr/share/koolproxy/data/rules/user.txt | wc -l") 23 | local l=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/koolproxy.txt | wc -l") 24 | local q=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/daily.txt | wc -l") 25 | local f=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/anti-ad.txt | wc -l") 26 | local i=luci.sys.exec("cat /usr/share/koolproxy/dnsmasq.adblock | wc -l") 27 | 28 | 29 | if luci.sys.call("pidof koolproxy >/dev/null") == 0 then 30 | status = translate("广告过滤大师 Plus+ 运行中") 31 | else 32 | status = translate("广告过滤大师 Plus+ 已停止") 33 | end 34 | 35 | o = Map("koolproxy", "" .. translate("广告过滤大师 Plus+ ") .."", "" .. translate( "广告过滤大师 Plus+是能识别Adblock规则的广告屏蔽软件,可以过滤网页广告、视频广告、HTTPS广告") .."") 36 | 37 | t = o:section(TypedSection, "global") 38 | t.anonymous = true 39 | t.description = translate(string.format("%s

", status)) 40 | 41 | t:tab("base",translate("Basic Settings")) 42 | 43 | e = t:taboption("base", Flag, "enabled", translate("Enable")) 44 | e.default = 0 45 | e.rmempty = false 46 | 47 | e = t:taboption("base", DummyValue, "koolproxy_status", translate("程序版本")) 48 | e.value = string.format("[ %s ]", v) 49 | 50 | e = t:taboption("base", Value, "startup_delay", translate("启动延迟")) 51 | e:value(0, translate("不启用")) 52 | for _, v in ipairs({5, 10, 15, 25, 40, 60}) do 53 | e:value(v, translate("%u 秒") %{v}) 54 | end 55 | e.datatype = "uinteger" 56 | e.default = 0 57 | e.rmempty = false 58 | 59 | e = t:taboption("base", ListValue, "koolproxy_mode", translate("Filter Mode")) 60 | e.default = 1 61 | e.rmempty = false 62 | e:value(1, translate("全局模式")) 63 | e:value(2, translate("IPSET模式")) 64 | e:value(3, translate("视频模式")) 65 | 66 | e = t:taboption("base", MultiValue, "koolproxy_rules", translate("内置规则")) 67 | e.optional = false 68 | e.rmempty = false 69 | e:value("easylistchina.txt", translate("ABP规则")) 70 | e:value("fanboy.txt", translate("Fanboy规则")) 71 | e:value("yhosts.txt", translate("Yhosts规则")) 72 | e:value("anti-ad.txt", translate("Anti-AD规则")) 73 | e:value("koolproxy.txt", translate("静态规则")) 74 | e:value("daily.txt", translate("每日规则")) 75 | e:value("kp.dat", translate("视频规则")) 76 | e:value("mv.txt", translate("乘风视频")) 77 | e:value("user.txt", translate("自定义规则")) 78 | 79 | e = t:taboption("base", ListValue, "koolproxy_port", translate("端口控制")) 80 | e.default = 0 81 | e.rmempty = false 82 | e:value(0, translate("关闭")) 83 | e:value(1, translate("开启")) 84 | 85 | e = t:taboption("base", ListValue, "koolproxy_ipv6", translate("IPv6支持")) 86 | e.default = 0 87 | e.rmempty = false 88 | e:value(0, translate("关闭")) 89 | e:value(1, translate("开启")) 90 | 91 | e = t:taboption("base", Value, "koolproxy_bp_port", translate("例外端口")) 92 | e:depends("koolproxy_port", "1") 93 | e.rmempty = false 94 | e.description = translate(string.format("单端口:80  多端口:80,443")) 95 | 96 | e=t:taboption("base",Flag,"koolproxy_host",translate("开启Adblock Plus Hosts")) 97 | e.default=0 98 | e:depends("koolproxy_mode","2") 99 | 100 | 101 | e = t:taboption("base", ListValue, "koolproxy_acl_default", translate("默认访问控制")) 102 | e.default = 1 103 | e.rmempty = false 104 | e:value(0, translate("不过滤")) 105 | e:value(1, translate("过滤HTTP协议")) 106 | e:value(2, translate("过滤HTTP(S)协议")) 107 | e:value(3, translate("全部过滤")) 108 | e.description = translate(string.format("访问控制设置中其他主机的默认规则")) 109 | 110 | e = t:taboption("base", ListValue, "time_update", translate("定时更新")) 111 | 112 | for t = 0,23 do 113 | 114 | e:value(t,translate("每天"..t.."点")) 115 | end 116 | e:value(nil, translate("关闭")) 117 | e.default = 0 118 | e.rmempty = false 119 | e.description = translate(string.format("定时更新订阅规则与Adblock Plus Hosts")) 120 | 121 | e = t:taboption("base", Button, "restart", translate("规则状态")) 122 | e.inputtitle = translate("更新规则") 123 | e.inputstyle = "reload" 124 | e.write = function() 125 | luci.sys.call("/usr/share/koolproxy/kpupdate 2>&1 >/dev/null") 126 | luci.http.redirect(luci.dispatcher.build_url("admin","services","koolproxy")) 127 | end 128 | e.description = translate(string.format("更新订阅规则与Adblock Plus Hosts
ABP规则: %s条
Fanboy规则: %s条
Yhosts规则: %s条
Anti-AD规则: %s条
静态规则: %s条
视频规则: %s
乘风视频: %s条
每日规则: %s条
自定义规则: %s条
Host: %s条
", s, u, p, f, l, b, m, q, h, i)) 129 | t:tab("cert",translate("Certificate Management")) 130 | 131 | e=t:taboption("cert",DummyValue,"c1status",translate("
证书恢复
")) 132 | e=t:taboption("cert",FileUpload,"") 133 | e.template="koolproxy/caupload" 134 | e=t:taboption("cert",DummyValue,"",nil) 135 | e.template="koolproxy/cadvalue" 136 | if nixio.fs.access("/usr/share/koolproxy/data/certs/ca.crt")then 137 | e=t:taboption("cert",DummyValue,"c2status",translate("
证书备份
")) 138 | e=t:taboption("cert",Button,"certificate") 139 | e.inputtitle=translate("Backup Download") 140 | e.inputstyle="reload" 141 | e.write=function() 142 | luci.sys.call("/usr/share/koolproxy/camanagement backup 2>&1 >/dev/null") 143 | Download() 144 | luci.http.redirect(luci.dispatcher.build_url("admin","services","koolproxy")) 145 | end 146 | end 147 | 148 | 149 | t:tab("white_weblist",translate("网站白名单设置")) 150 | 151 | local i = "/etc/adblocklist/adbypass" 152 | e = t:taboption("white_weblist", TextValue, "adbypass_domain") 153 | e.description = translate("这些已经加入的网站将不会使用过滤器。请输入网站的域名,每行只能输入一个网站域名。例如google.com。") 154 | e.rows = 28 155 | e.wrap = "off" 156 | e.rmempty = false 157 | 158 | function e.cfgvalue() 159 | return fs.readfile(i) or "" 160 | end 161 | 162 | function e.write(self, section, value) 163 | if value then 164 | value = value:gsub("\r\n", "\n") 165 | else 166 | value = "" 167 | end 168 | fs.writefile("/tmp/adbypass", value) 169 | if (luci.sys.call("cmp -s /tmp/adbypass /etc/adblocklist/adbypass") == 1) then 170 | fs.writefile(i, value) 171 | end 172 | fs.remove("/tmp/adbypass") 173 | end 174 | 175 | t:tab("weblist",translate("Set Backlist Of Websites")) 176 | 177 | local i = "/etc/adblocklist/adblock" 178 | e = t:taboption("weblist", TextValue, "adblock_domain") 179 | e.description = translate("加入的网址将走广告过滤端口。只针对黑名单模式。只能输入WEB地址,如:google.com,每个地址一行。") 180 | e.rows = 28 181 | e.wrap = "off" 182 | e.rmempty = false 183 | 184 | function e.cfgvalue() 185 | return fs.readfile(i) or "" 186 | end 187 | 188 | function e.write(self, section, value) 189 | if value then 190 | value = value:gsub("\r\n", "\n") 191 | else 192 | value = "" 193 | end 194 | fs.writefile("/tmp/adblock", value) 195 | if (luci.sys.call("cmp -s /tmp/adblock /etc/adblocklist/adblock") == 1) then 196 | fs.writefile(i, value) 197 | end 198 | fs.remove("/tmp/adblock") 199 | end 200 | 201 | t:tab("white_iplist",translate("IP白名单设置")) 202 | 203 | local i = "/etc/adblocklist/adbypassip" 204 | e = t:taboption("white_iplist", TextValue, "adbypass_ip") 205 | e.description = translate("这些已加入的ip地址将使用代理,但只有GFW型号。请输入ip地址或ip地址段,每行只能输入一个ip地址。例如,112.123.134.145 / 24或112.123.134.145。") 206 | e.rows = 28 207 | e.wrap = "off" 208 | e.rmempty = false 209 | 210 | function e.cfgvalue() 211 | return fs.readfile(i) or "" 212 | end 213 | 214 | function e.write(self, section, value) 215 | if value then 216 | value = value:gsub("\r\n", "\n") 217 | else 218 | value = "" 219 | end 220 | fs.writefile("/tmp/adbypassip", value) 221 | if (luci.sys.call("cmp -s /tmp/adbypassip /etc/adblocklist/adbypassip") == 1) then 222 | fs.writefile(i, value) 223 | end 224 | fs.remove("/tmp/adbypassip") 225 | end 226 | 227 | t:tab("iplist",translate("IP黑名单设置")) 228 | 229 | local i = "/etc/adblocklist/adblockip" 230 | e = t:taboption("iplist", TextValue, "adblock_ip") 231 | e.description = translate("这些已经加入的ip地址不会使用过滤器.请输入ip地址或ip地址段,每行只能输入一个ip地址。例如,112.123.134.145 / 24或112.123.134.145。") 232 | e.rows = 28 233 | e.wrap = "off" 234 | e.rmempty = false 235 | 236 | function e.cfgvalue() 237 | return fs.readfile(i) or "" 238 | end 239 | 240 | function e.write(self, section, value) 241 | if value then 242 | value = value:gsub("\r\n", "\n") 243 | else 244 | value = "" 245 | end 246 | fs.writefile("/tmp/adblockip", value) 247 | if (luci.sys.call("cmp -s /tmp/adblockip /etc/adblocklist/adblockip") == 1) then 248 | fs.writefile(i, value) 249 | end 250 | fs.remove("/tmp/adblockip") 251 | end 252 | 253 | t:tab("customlist", translate("Set Backlist Of custom")) 254 | 255 | local i = "/usr/share/koolproxy/data/user.txt" 256 | e = t:taboption("customlist", TextValue, "user_rule") 257 | e.description = translate("Enter your custom rules, each row.") 258 | e.rows = 28 259 | e.wrap = "off" 260 | e.rmempty = false 261 | 262 | function e.cfgvalue() 263 | return fs.readfile(i) or "" 264 | end 265 | 266 | function e.write(self, section, value) 267 | if value then 268 | value = value:gsub("\r\n", "\n") 269 | else 270 | value = "" 271 | end 272 | fs.writefile("/tmp/user.txt", value) 273 | if (luci.sys.call("cmp -s /tmp/user.txt /usr/share/koolproxy/data/user.txt") == 1) then 274 | fs.writefile(i, value) 275 | end 276 | fs.remove("/tmp/user.txt") 277 | end 278 | 279 | t:tab("logs",translate("View the logs")) 280 | 281 | local i = "/var/log/koolproxy.log" 282 | e = t:taboption("logs", TextValue, "kpupdate_log") 283 | e.description = translate("Koolproxy Logs") 284 | e.rows = 28 285 | e.wrap = "off" 286 | e.rmempty = false 287 | 288 | function e.cfgvalue() 289 | return fs.readfile(i) or "" 290 | end 291 | 292 | function e.write(self, section, value) 293 | end 294 | 295 | t=o:section(TypedSection,"acl_rule",translate("访问控制"), 296 | translate("ACLs is a tools which used to designate specific IP filter mode,The MAC addresses added to the list will be filtered using https")) 297 | t.template="cbi/tblsection" 298 | t.sortable=true 299 | t.anonymous=true 300 | t.addremove=true 301 | e=t:option(Value,"remarks",translate("Client Remarks")) 302 | e.width="30%" 303 | e.rmempty=true 304 | e=t:option(Value,"ipaddr",translate("IP Address")) 305 | e.width="20%" 306 | e.datatype="ip4addr" 307 | luci.ip.neighbors({family = 4}, function(neighbor) 308 | if neighbor.reachable then 309 | e:value(neighbor.dest:string(), "%s (%s)" %{neighbor.dest:string(), neighbor.mac}) 310 | end 311 | end) 312 | e=t:option(Value,"mac",translate("MAC Address")) 313 | e.width="20%" 314 | e.rmempty=true 315 | e.datatype="macaddr" 316 | luci.ip.neighbors({family = 4}, function(neighbor) 317 | if neighbor.reachable then 318 | e:value(neighbor.mac, "%s (%s)" %{neighbor.mac, neighbor.dest:string()}) 319 | end 320 | end) 321 | e=t:option(ListValue,"proxy_mode",translate("访问控制")) 322 | e.width="20%" 323 | e.default=1 324 | e.rmempty=false 325 | e:value(0,translate("不过滤")) 326 | e:value(1,translate("过滤 HTTP")) 327 | e:value(2,translate("过滤HTTP + HTTPS")) 328 | e:value(3,translate("过滤全端口")) 329 | 330 | t=o:section(TypedSection,"rss_rule",translate("广告过滤规则订阅"), translate("请确保订阅规则的兼容性")) 331 | t.anonymous=true 332 | t.addremove=true 333 | t.sortable=true 334 | t.template="cbi/tblsection" 335 | t.extedit=luci.dispatcher.build_url("admin/services/koolproxy/rss_rule/%s") 336 | 337 | t.create=function(...) 338 | local sid=TypedSection.create(...) 339 | if sid then 340 | luci.http.redirect(t.extedit % sid) 341 | return 342 | end 343 | end 344 | 345 | e=t:option(Flag,"load",translate("启用")) 346 | e.default=0 347 | e.rmempty=false 348 | 349 | e=t:option(DummyValue,"name",translate("规则名称")) 350 | function e.cfgvalue(...) 351 | return Value.cfgvalue(...) or translate("None") 352 | end 353 | 354 | e=t:option(DummyValue,"url",translate("规则地址")) 355 | function e.cfgvalue(...) 356 | return Value.cfgvalue(...) or translate("None") 357 | end 358 | 359 | e=t:option(DummyValue,"time",translate("更新时间")) 360 | 361 | function Download() 362 | local t,e 363 | t=nixio.open("/tmp/upload/koolproxyca.tar.gz","r") 364 | luci.http.header('Content-Disposition','attachment; filename="koolproxyCA.tar.gz"') 365 | luci.http.prepare_content("application/octet-stream") 366 | while true do 367 | e=t:read(nixio.const.buffersize) 368 | if(not e)or(#e==0)then 369 | break 370 | else 371 | luci.http.write(e) 372 | end 373 | end 374 | t:close() 375 | luci.http.close() 376 | end 377 | local t,e 378 | t="/tmp/upload/" 379 | nixio.fs.mkdir(t) 380 | luci.http.setfilehandler( 381 | function(o,a,i) 382 | if not e then 383 | if not o then return end 384 | e=nixio.open(t..o.file,"w") 385 | if not e then 386 | return 387 | end 388 | end 389 | if a and e then 390 | e:write(a) 391 | end 392 | if i and e then 393 | e:close() 394 | e=nil 395 | luci.sys.call("/usr/share/koolproxy/camanagement restore 2>&1 >/dev/null") 396 | end 397 | end 398 | ) 399 | 400 | t=o:section(TypedSection,"rss_rules",translate("技术支持")) 401 | t.anonymous = true 402 | t:append(Template("koolproxy/feedback")) 403 | return o 404 | -------------------------------------------------------------------------------- /luasrc/model/cbi/koolproxy/rss_rule.lua: -------------------------------------------------------------------------------- 1 | local m, s, o 2 | local koolproxy = "koolproxy" 3 | local sid = arg[1] 4 | 5 | m = Map(koolproxy, "%s - %s" %{translate("广告过滤大师"), translate("编辑规则")}) 6 | m.redirect = luci.dispatcher.build_url("admin/services/koolproxy") 7 | 8 | if not arg[1] or m.uci:get(koolproxy, sid) ~= "rss_rule" then 9 | luci.http.redirect(m.redirect) 10 | return 11 | end 12 | 13 | -- [[ Edit Rule ]]-- 14 | s = m:section(NamedSection, sid, "rss_rule") 15 | s.anonymous = true 16 | s.addremove = true 17 | 18 | o=s:option(Flag,"load",translate("启用")) 19 | o.default=0 20 | o.rmempty=false 21 | 22 | o=s:option(Value,"name",translate("规则描述")) 23 | o.rmempty=true 24 | 25 | o=s:option(Value,"url",translate("规则地址")) 26 | o.rmempty=false 27 | o.placeholder="[https|http|ftp]://[Hostname]/[File]" 28 | function o.validate(self, value) 29 | if not value then 30 | return nil 31 | else 32 | return value 33 | end 34 | end 35 | 36 | return m 37 | -------------------------------------------------------------------------------- /luasrc/view/koolproxy/cadvalue.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | 3 | <% 4 | local val = self:cfgvalue(section) or self.default or "" 5 | write(pcdata(val)) 6 | %> 7 | 8 | <%+cbi/valuefooter%> 9 | -------------------------------------------------------------------------------- /luasrc/view/koolproxy/caupload.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 |
3 | 4 | 5 | <%+cbi/valuefooter%> 6 | -------------------------------------------------------------------------------- /luasrc/view/koolproxy/dvalue.htm: -------------------------------------------------------------------------------- 1 | <%+cbi/valueheader%> 2 | <%=pcdata(self:cfgvalue(section) or self.default or "")%> 3 | <%+cbi/valuefooter%> 4 | -------------------------------------------------------------------------------- /luasrc/view/koolproxy/feedback.htm: -------------------------------------------------------------------------------- 1 |
2 | 3 |
4 | 广告过滤大师使用须知: 5 |
6 | 1. 尽量在科学上网环境下更新规则。 7 |
8 | 2. 过滤HTTPS站点需要为相应设备安装证书,先启用HTTP + HTTPS过滤! 9 |
10 | 3. 在路由器下的设备,不管是电脑,还是移动设备,都可以在浏览器中输入110.110.110.110来下载证书。 11 |
12 | 4. 安装完证书请清除浏览器缓存并重启浏览器,如果访问网页弹出不安全提示,请检查证书是否安装正确。 13 |
14 | 5. 如果想在多台装有广告过滤大师的路由设备上使用一个证书,请用Winscp软件备份/usr/share/koolproxy/data文件夹,并上传到另一台路由。 15 |
16 | 17 |
18 |
19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /luasrc/view/koolproxy/index.htm: -------------------------------------------------------------------------------- 1 | <%# 2 | Copyright 2016 Chen RuiWei 3 | Licensed to the public under the Apache License 2.0. 4 | -%> 5 | 6 | <% include("cbi/map") %> 7 | 17 | -------------------------------------------------------------------------------- /po/zh-cn/koolproxy.po: -------------------------------------------------------------------------------- 1 | msgid "Filter Mode" 2 | msgstr "过滤模式" 3 | 4 | msgid "Basic Settings" 5 | msgstr "基础设置" 6 | 7 | msgid "View the logs" 8 | msgstr "更新日志" 9 | 10 | msgid "Certificate Management" 11 | msgstr "证书管理" 12 | 13 | msgid "Set Backlist Of custom" 14 | msgstr "自定义规则" 15 | 16 | msgid "IP Address" 17 | msgstr "内部IP地址" 18 | 19 | msgid "Client Remarks" 20 | msgstr "客户端备注" 21 | 22 | msgid "Upload Restore" 23 | msgstr "上传恢复证书" 24 | 25 | msgid "Backup Download" 26 | msgstr "下载证书备份" 27 | 28 | msgid "Set Backlist Of Websites" 29 | msgstr "网站黑名单设置" 30 | 31 | msgid "Koolproxy Logs" 32 | msgstr "查看最近的更新日志" 33 | 34 | msgid "Enter your custom rules, each row." 35 | msgstr "输入你的自定义规则,每条规则一行。" 36 | 37 | msgid "Upload backup file,The file name must be koolproxyCA.tar.gz" 38 | msgstr "上传恢复已备份的证书,文件名必须为koolproxyCA.tar.gz" 39 | 40 | msgid "ACLs is a tools which used to designate specific IP filter mode,The MAC addresses added to the list will be filtered using https" 41 | msgstr "访问控制列表是用于指定特殊IP过滤模式的工具,如为已安装证书的客户端开启https广告过滤等,MAC或者IP必须填写其中一项。" 42 | 43 | 44 | -------------------------------------------------------------------------------- /root/etc/adblocklist/adblock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/etc/adblocklist/adblock -------------------------------------------------------------------------------- /root/etc/adblocklist/adblockip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/etc/adblocklist/adblockip -------------------------------------------------------------------------------- /root/etc/adblocklist/adbypass: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/etc/adblocklist/adbypass -------------------------------------------------------------------------------- /root/etc/adblocklist/adbypassip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/etc/adblocklist/adbypassip -------------------------------------------------------------------------------- /root/etc/config/koolproxy: -------------------------------------------------------------------------------- 1 | 2 | config global 3 | option koolproxy_port '0' 4 | option startup_delay '0' 5 | option koolproxy_ipv6 '0' 6 | option koolproxy_mode '1' 7 | option koolproxy_acl_default '0' 8 | option time_update 'nil' 9 | option enabled '0' 10 | option koolproxy_rules 'easylistchina.txt fanboy.txt yhosts.txt anti-ad.txt koolproxy.txt daily.txt kp.dat mv.txt user.txt' 11 | 12 | config rss_rules 13 | option load '0' 14 | option name '1' 15 | option url '1' 16 | 17 | 18 | -------------------------------------------------------------------------------- /root/etc/init.d/koolproxy: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # 3 | # Copyright (C) 2015 OpenWrt-dist 4 | # Copyright (C) 2016 fw867 5 | # 6 | # This is free software, licensed under the GNU General Public License v3. 7 | # See /LICENSE for more information. 8 | # 9 | 10 | START=99 11 | USE_PROCD=1 12 | 13 | CONFIG=koolproxy 14 | KP_DIR=/usr/share/koolproxy 15 | TMP_DIR=/tmp 16 | 17 | alias echo_date='echo $(date +%Y年%m月%d日\ %X):' 18 | 19 | config_n_get() { 20 | local ret=$(uci get $CONFIG.$1.$2 2>/dev/null) 21 | echo ${ret:=$3} 22 | } 23 | 24 | config_t_get() { 25 | local index=0 26 | [ -n "$4" ] && index=$4 27 | local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null) 28 | echo ${ret:=$3} 29 | } 30 | 31 | add_ipset_conf() { 32 | if [ -s /etc/adblocklist/adbypass ]; then 33 | echo_date 添加白名单软连接... 34 | cat /etc/adblocklist/adbypass | sed "s/,/\n/g" | sed "s/^/ipset=&\/./g" | sed "s/$/\/white_kp_list/g" >> /tmp/adbypass.conf 35 | rm -rf /tmp/dnsmasq.d/adbypass.conf 36 | ln -sf /tmp/adbypass.conf /tmp/dnsmasq.d/adbypass.conf 37 | 38 | dnsmasq_restart=1 39 | fi 40 | 41 | if [ "$koolproxy_mode" == "2" ]; then 42 | if [ "$koolproxy_host" == "1" ];then 43 | echo_date 添加Adblock Plus Host软连接... 44 | ln -sf $KP_DIR/dnsmasq.adblock /tmp/dnsmasq.d/dnsmasq.adblock 45 | fi 46 | 47 | echo_date 添加黑名单软连接... 48 | rm -rf /tmp/dnsmasq.d/koolproxy_ipset.conf 49 | ln -sf $KP_DIR/koolproxy_ipset.conf /tmp/dnsmasq.d/koolproxy_ipset.conf 50 | 51 | echo_date 添加自定义黑名单软连接... 52 | if [ -s /etc/adblocklist/adblock ]; then 53 | cat /etc/adblocklist/adblock | sed "s/,/\n/g" | sed "s/^/ipset=&\/./g" | sed "s/$/\/black_koolproxy/g" >> /tmp/adblock.conf 54 | rm -rf /tmp/dnsmasq.d/adblock.conf 55 | ln -sf /tmp/adblock.conf /tmp/dnsmasq.d/adblock.conf 56 | fi 57 | 58 | dnsmasq_restart=1 59 | fi 60 | } 61 | 62 | remove_ipset_conf() { 63 | if [ -L "/tmp/dnsmasq.d/adbypass.conf" ]; then 64 | echo_date 移除白名单软连接... 65 | rm -rf /tmp/adbypass.conf 66 | rm -rf /tmp/dnsmasq.d/adbypass.conf 67 | dnsmasq_restart=1 68 | fi 69 | 70 | if [ -L "/tmp/dnsmasq.d/koolproxy_ipset.conf" ]; then 71 | echo_date 移除黑名单软连接... 72 | rm -rf /tmp/dnsmasq.d/koolproxy_ipset.conf 73 | dnsmasq_restart=1 74 | fi 75 | 76 | if [ -L "/tmp/dnsmasq.d/adblock.conf" ]; then 77 | echo_date 移除自定义黑名单软连接... 78 | rm -rf /tmp/dnsmasq.d/adblock.conf 79 | rm -rf /tmp/adblock.conf 80 | dnsmasq_restart=1 81 | fi 82 | 83 | if [ -L "/tmp/dnsmasq.d/dnsmasq.adblock" ]; then 84 | echo_date 移除Adblock Plus Host软连接... 85 | rm -rf /tmp/dnsmasq.d/dnsmasq.adblock 86 | dnsmasq_restart=1 87 | fi 88 | } 89 | 90 | 91 | restart_dnsmasq() { 92 | if [ "$dnsmasq_restart" == "1" ]; then 93 | echo_date 重启dnsmasq进程... 94 | /etc/init.d/dnsmasq restart > /dev/null 2>&1 95 | fi 96 | } 97 | 98 | creat_ipset() { 99 | echo_date 创建ipset名单 100 | # Load ipset netfilter kernel modules and kernel modules 101 | ipset -! create white_kp_list nethash 102 | ipset -! create black_koolproxy iphash 103 | cat $KP_DIR/data/rules/yhosts.txt $KP_DIR/data/rules/easylistchina.txt $KP_DIR/data/rules/fanboy.txt $KP_DIR/data/rules/anti-ad.txt $KP_DIR/data/rules/koolproxy.txt $KP_DIR/data/rules/mv.txt $KP_DIR/data/rules/daily.txt $KP_DIR/data/rules/user.txt | grep -Eo "(.\w+\:[1-9][0-9]{1,4})/" | grep -Eo "([0-9]{1,5})" | sort -un | sed -e '$a\80' -e '$a\443' | sed -e "s/^/-A kp_full_port &/g" -e "1 i\-N kp_full_port bitmap:port range 0-65535 " | ipset -R -! 104 | } 105 | 106 | add_white_black_ip() { 107 | echo_date 添加ipset名单 108 | ip_lan="0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 192.31.196.0/24 192.52.193.0/24 192.88.99.0/24 192.168.0.0/16 192.175.48.0/24 198.18.0.0/15 198.51.100.0/24 203.0.113.0/24 224.0.0.0/4 240.0.0.0/4 255.255.255.255" 109 | for ip in $ip_lan 110 | do 111 | ipset -A white_kp_list $ip >/dev/null 2>&1 112 | 113 | done 114 | sed -e "s/^/add white_kp_list &/g" /etc/adblocklist/adbypassip | awk '{print $0} END{print "COMMIT"}' | ipset -R 2>/dev/null 115 | ipset -A black_koolproxy 110.110.110.110 >/dev/null 2>&1 116 | sed -e "s/^/add black_koolproxy &/g" /etc/adblocklist/adblockip | awk '{print $0} END{print "COMMIT"}' | ipset -R 2>/dev/null 117 | } 118 | 119 | load_config() { 120 | ENABLED=$(config_t_get global enabled 0) 121 | [ $ENABLED -ne 1 ] && return 0 122 | koolproxy_mode=$(config_t_get global koolproxy_mode 1) 123 | koolproxy_host=$(config_t_get global koolproxy_host 0) 124 | koolproxy_acl_default=$(config_t_get global koolproxy_acl_default 1) 125 | koolproxy_port=$(config_t_get global koolproxy_port 0) 126 | koolproxy_bp_port=$(config_t_get global koolproxy_bp_port) 127 | koolproxy_ipv6=$(config_t_get global koolproxy_ipv6 0) 128 | config_load $CONFIG 129 | return 1 130 | } 131 | 132 | __load_lan_acl() { 133 | local mac 134 | local ipaddr 135 | local proxy_mode 136 | config_get mac $1 mac 137 | config_get ipaddr $1 ipaddr 138 | config_get proxy_mode $1 proxy_mode 139 | [ -n "$ipaddr" ] && [ -z "$mac" ] && echo_date 加载ACL规则:【$ipaddr】模式为:$(get_mode_name $proxy_mode) 140 | [ -z "$ipaddr" ] && [ -n "$mac" ] && echo_date 加载ACL规则:【$mac】模式为:$(get_mode_name $proxy_mode) 141 | [ -n "$ipaddr" ] && [ -n "$mac" ] && echo_date 加载ACL规则:【$ipaddr】【$mac】模式为:$(get_mode_name $proxy_mode) 142 | #echo iptables -t nat -A KOOLPROXY $(factor $ipaddr "-s") $(factor $mac "-m mac --mac-source") -p tcp $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode) 143 | iptables -t nat -A KOOLPROXY $(factor $ipaddr "-s") $(factor $mac "-m mac --mac-source") -p tcp $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode) 144 | 145 | acl_nu=`expr $acl_nu + 1` 146 | } 147 | 148 | lan_acess_control() { 149 | acl_nu=0 150 | [ -z "$koolproxy_acl_default" ] && koolproxy_acl_default=1 151 | config_foreach __load_lan_acl acl_rule 152 | if [ $acl_nu -ne 0 ]; then 153 | echo_date 加载ACL规则:其余主机模式为:$(get_mode_name $koolproxy_acl_default) 154 | else 155 | echo_date 加载ACL规则:所有模式为:$(get_mode_name $koolproxy_acl_default) 156 | fi 157 | } 158 | 159 | __load_exrule() { 160 | local file 161 | local exrule 162 | local enable 163 | config_get file $1 file 164 | config_get exrule $1 url 165 | config_get enable $1 load 166 | if [ -n "$exrule" ]; then 167 | if [ $enable -ne 1 ]; then 168 | [ -n "$file" ] && [ -f $KP_DIR/data/rules/$file ] && rm -f $KP_DIR/data/rules/$file 169 | uci set koolproxy.$1.time="" 170 | uci commit koolproxy 171 | return 172 | fi 173 | 174 | if [ -z "$file" ]; then 175 | file=$(echo $exrule |awk -F "/" '{print $NF}') 176 | uci set koolproxy.$1.file="$file" 177 | uci commit koolproxy 178 | fi 179 | 180 | if [ ! -f $KP_DIR/data/rules/$file ]; then 181 | wget-ssl --quiet --timeout=5 --no-check-certificate $exrule -O $TMP_DIR/$file 182 | if [ "$?" == "0" ]; then 183 | uci set koolproxy.$1.time="`date +%Y-%m-%d" "%H:%M`" 184 | uci commit koolproxy 185 | mv $TMP_DIR/$file $KP_DIR/data/rules/$file 186 | else 187 | echo "koolproxy download rule $file failed!" 188 | [ -f $TMP_DIR/$file ] && rm -f $TMP_DIR/$file 189 | fi 190 | fi 191 | cat $KP_DIR/data/rules/$file >>$KP_DIR/data/rules/user.txt 192 | fi 193 | } 194 | 195 | load_user_rules() { 196 | cp $KP_DIR/data/user.txt $KP_DIR/data/rules/user.txt 197 | config_foreach __load_exrule rss_rule 198 | } 199 | 200 | load_rules() { 201 | sed -i '1,7s/1/0/g' $KP_DIR/data/source.list 202 | 203 | local rulelist="$(uci -q get koolproxy.@global[0].koolproxy_rules)" 204 | for rule in $rulelist 205 | do 206 | case "$rule" in 207 | yhosts.txt) 208 | sed -i '1s/0/1/g' $KP_DIR/data/source.list 209 | ;; 210 | easylistchina.txt) 211 | sed -i '2s/0/1/g' $KP_DIR/data/source.list 212 | ;; 213 | fanboy.txt) 214 | sed -i '3s/0/1/g' $KP_DIR/data/source.list 215 | ;; 216 | anti-ad.txt) 217 | sed -i '4s/0/1/g' $KP_DIR/data/source.list 218 | ;; 219 | koolproxy.txt) 220 | sed -i '5s/0/1/g' $KP_DIR/data/source.list 221 | ;; 222 | mv.txt) 223 | sed -i '6s/0/1/g' $KP_DIR/data/source.list 224 | ;; 225 | daily.txt) 226 | sed -i '7s/0/1/g' $KP_DIR/data/source.list 227 | ;; 228 | kp.dat) 229 | sed -i '8s/0/1/g' $KP_DIR/data/source.list 230 | ;; 231 | user.txt) 232 | sed -i '9s/0/1/g' $KP_DIR/data/source.list 233 | ;; 234 | esac 235 | done 236 | 237 | local rulelist="$(uci -q get koolproxy.@global[0].thirdparty_rules)" 238 | for rule in $rulelist 239 | do 240 | case "$rule" in 241 | 242 | esac 243 | done 244 | } 245 | 246 | get_mode_name() { 247 | case "$1" in 248 | 0) 249 | echo "不过滤" 250 | ;; 251 | 1) 252 | echo "过滤 HTTP" 253 | ;; 254 | 2) 255 | echo "过滤HTTP + HTTPS" 256 | ;; 257 | 3) 258 | echo "过滤全端口" 259 | ;; 260 | esac 261 | } 262 | 263 | get_jump_mode() { 264 | case "$1" in 265 | 0) 266 | echo "-j" 267 | ;; 268 | *) 269 | echo "-g" 270 | ;; 271 | esac 272 | } 273 | 274 | get_action_chain() { 275 | case "$1" in 276 | 0) 277 | echo "RETURN" 278 | ;; 279 | 1) 280 | echo "KP_HTTP" 281 | ;; 282 | 2) 283 | echo "KP_HTTPS" 284 | ;; 285 | 3) 286 | echo "KP_ALL_PORT" 287 | ;; 288 | esac 289 | } 290 | 291 | factor() { 292 | if [ -z "$1" ] || [ -z "$2" ]; then 293 | echo "" 294 | else 295 | echo "$2 $1" 296 | fi 297 | } 298 | 299 | load_nat() { 300 | echo_date 加载nat规则! 301 | #----------------------BASIC RULES--------------------- 302 | echo_date 写入iptables规则到nat表中... 303 | # 创建KOOLPROXY nat rule 304 | iptables -t nat -N KOOLPROXY 305 | # 局域网地址不走KP 306 | iptables -t nat -A KOOLPROXY -m set --match-set white_kp_list dst -j RETURN 307 | # 生成对应CHAIN 308 | iptables -t nat -N KP_HTTP 309 | iptables -t nat -A KP_HTTP -p tcp -m multiport --dport 80 -j REDIRECT --to-ports 3000 310 | iptables -t nat -N KP_HTTPS 311 | iptables -t nat -A KP_HTTPS -p tcp -m multiport --dport 80,443 -j REDIRECT --to-ports 3000 312 | iptables -t nat -N KP_ALL_PORT 313 | #iptables -t nat -A KP_ALL_PORT -p tcp -j REDIRECT --to-ports 3000 314 | # 端口控制 315 | if [ "$koolproxy_port" == "1" ]; then 316 | echo_date 开启端口控制:【$koolproxy_bp_port】 317 | if [ -n "$koolproxy_bp_port" ]; then 318 | iptables -t nat -A KP_ALL_PORT -p tcp -m multiport ! --dport $koolproxy_bp_port -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000 319 | else 320 | iptables -t nat -A KP_ALL_PORT -p tcp -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000 321 | fi 322 | else 323 | iptables -t nat -A KP_ALL_PORT -p tcp -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000 324 | fi 325 | [ "$koolproxy_ipv6" == "1" ] && ip6tables -t nat -I PREROUTING -p tcp -j REDIRECT --to-ports 3000 326 | # 局域网控制 327 | lan_acess_control 328 | # 剩余流量转发到缺省规则定义的链中 329 | iptables -t nat -A KOOLPROXY -p tcp -j $(get_action_chain $koolproxy_acl_default) 330 | # 重定所有流量到 KOOLPROXY 331 | # 全局模式和视频模式 332 | [ "$koolproxy_mode" == "1" ] || [ "$koolproxy_mode" == "3" ] && iptables -t nat -I PREROUTING 1 -p tcp -j KOOLPROXY 333 | # ipset 黑名单模式 334 | [ "$koolproxy_mode" == "2" ] && iptables -t nat -I PREROUTING 1 -p tcp -m set --match-set black_koolproxy dst -j KOOLPROXY 335 | } 336 | 337 | add_cru() { 338 | time=$(config_t_get global time_update) 339 | wirtecron=$(cat /etc/crontabs/root | grep "00 $time * * *" | grep kpupdate) 340 | if [ -z "$wirtecron" ];then 341 | sed -i '/kpupdate/d' /etc/crontabs/root >/dev/null 2>&1 342 | echo "0 $time * * * /usr/share/koolproxy/kpupdate" >> /etc/crontabs/root 343 | fi 344 | } 345 | 346 | del_cru() { 347 | sed -i '/kpupdate/d' /etc/crontabs/root >/dev/null 2>&1 348 | } 349 | 350 | detect_cert(){ 351 | if [ ! -f $KP_DIR/data/private/ca.key.pem -o ! -f $KP_DIR/data/cert/ca.crt ]; then 352 | echo_date 开始生成koolproxy证书,用于https过滤! 353 | cd $KP_DIR/data && sh gen_ca.sh 354 | fi 355 | } 356 | 357 | flush_nat() { 358 | echo_date 移除nat规则... 359 | cd $TMP_DIR 360 | iptables -t nat -S | grep -E "KOOLPROXY|KP_HTTP|KP_HTTPS|KP_ALL_PORT" | sed 's/-A/iptables -t nat -D/g'|sed 1,4d > clean.sh && chmod 777 clean.sh && ./clean.sh 361 | [ -f $TMP_DIR/clean.sh ] && rm -f $TMP_DIR/clean.sh 362 | iptables -t nat -X KOOLPROXY > /dev/null 2>&1 363 | iptables -t nat -X KP_HTTP > /dev/null 2>&1 364 | iptables -t nat -X KP_HTTPS > /dev/null 2>&1 365 | iptables -t nat -X KP_ALL_PORT > /dev/null 2>&1 366 | ipset -F black_koolproxy > /dev/null 2>&1 && ipset -X black_koolproxy > /dev/null 2>&1 367 | ipset -F white_kp_list > /dev/null 2>&1 && ipset -X white_kp_list > /dev/null 2>&1 368 | ip6tables -t nat -D PREROUTING -p tcp -j REDIRECT --to-ports 3000 > /dev/null 2>&1 369 | } 370 | 371 | export_ipt_rules() { 372 | FWI=$(uci get firewall.koolproxy.path 2>/dev/null) 373 | [ -n "$FWI" ] || return 0 374 | cat <<-CAT >>$FWI 375 | iptables-save -c | grep -v -E "KOOLPROXY|KP" | iptables-restore -c 376 | iptables-restore -n <<-EOF 377 | $(iptables-save | grep -E "KOOLPROXY|KP|^\*|^COMMIT" |\ 378 | sed -e "s/^-A \(PREROUTING\)/-I \1 1/") 379 | EOF 380 | CAT 381 | return $? 382 | } 383 | 384 | flush_ipt_rules() { 385 | FWI=$(uci get firewall.koolproxy.path 2>/dev/null) 386 | [ -n "$FWI" ] && echo '# firewall include file' >$FWI 387 | return 0 388 | } 389 | 390 | pre_start() { 391 | load_config 392 | [ $? -ne 1 ] && return 0 393 | iptables -t nat -C PREROUTING -p tcp -j KOOLPROXY 2>/dev/null && [ $? -eq 0 ] && return 0; 394 | detect_cert 395 | load_rules 396 | load_user_rules 397 | add_ipset_conf && restart_dnsmasq 398 | creat_ipset 399 | add_white_black_ip 400 | load_nat 401 | flush_ipt_rules && export_ipt_rules 402 | add_cru 403 | [ "$koolproxy_mode" == "1" ] && echo_date 选择【全局过滤模式】 404 | [ "$koolproxy_mode" == "2" ] && echo_date 选择【IPSET过滤模式】 405 | if [ "$koolproxy_mode" == "3" ]; then 406 | echo_date 选择【视频过滤模式】 407 | sed -i '1s/1/0/g;2s/1/0/g' $KP_DIR/data/source.list 408 | fi 409 | return 1 410 | } 411 | 412 | post_stop() { 413 | load_config 414 | [ $? -ne 1 ] && NO_RESTART_DNSMASQ=false 415 | if [ $NO_RESTART_DNSMASQ ]; then 416 | remove_ipset_conf 417 | else 418 | remove_ipset_conf && restart_dnsmasq 419 | fi 420 | flush_ipt_rules 421 | flush_nat 422 | del_cru 423 | return 0 424 | } 425 | 426 | start_service() { 427 | echo_date ================== koolproxy启用 ================ 428 | pre_start 429 | [ $? -ne 1 ] && return 0 430 | 431 | procd_open_instance 432 | procd_set_param command /usr/share/koolproxy/koolproxy 433 | procd_append_param command --mark 434 | procd_append_param command --ttl 160 435 | procd_append_param command --ipv6 436 | 437 | procd_set_param respawn 438 | 439 | procd_set_param file /etc/adblocklist/adblock 440 | procd_set_param file /etc/adblocklist/adblockip 441 | procd_set_param file /usr/share/koolproxy/data/user.txt 442 | procd_set_param stdout 1 443 | procd_set_param stderr 1 444 | procd_close_instance 445 | 446 | logger "koolproxy has started." 447 | echo_date ================================================= 448 | } 449 | 450 | stop_service() { 451 | echo_date ====================== 关闭 ===================== 452 | post_stop 453 | logger "koolproxy has stopped." 454 | echo_date ================================================= 455 | } 456 | 457 | reload_service() { 458 | logger "koolproxy reload service." 459 | NO_RESTART_DNSMASQ=true 460 | stop 461 | start 462 | } 463 | 464 | service_triggers() { 465 | procd_add_reload_trigger "koolproxy" 466 | } 467 | 468 | restart() { 469 | logger "koolproxy restart service." 470 | NO_RESTART_DNSMASQ=true 471 | stop 472 | start 473 | } 474 | 475 | boot() { 476 | local delay=$(config_t_get global startup_delay 0) 477 | (sleep $delay && start >/dev/null 2>&1) & 478 | return 0 479 | } 480 | -------------------------------------------------------------------------------- /root/etc/uci-defaults/luci-koolproxy: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | uci -q batch <<-EOF >/dev/null 4 | delete ucitrack.@koolproxy[-1] 5 | add ucitrack koolproxy 6 | set ucitrack.@koolproxy[-1].init=koolproxy 7 | commit ucitrack 8 | delete firewall.koolproxy 9 | set firewall.koolproxy=include 10 | set firewall.koolproxy.type=script 11 | set firewall.koolproxy.path=/var/etc/koolproxy.include 12 | set firewall.koolproxy.reload=1 13 | commit firewall 14 | EOF 15 | 16 | rm -f /tmp/luci-indexcache 17 | exit 0 18 | -------------------------------------------------------------------------------- /root/lib/upgrade/keep.d/koolproxy: -------------------------------------------------------------------------------- 1 | /usr/share/koolproxy/data/certs/ca.crt 2 | /usr/share/koolproxy/data/private/base.key.pem 3 | /usr/share/koolproxy/data/private/ca.key.pem 4 | -------------------------------------------------------------------------------- /root/usr/sbin/adblockplus: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo "$(date "+%F %T"): 正在下载adblockplus规则..." 3 | wget-ssl --quiet --no-check-certificate https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt -O /tmp/adlist.txt 4 | if [ "$?" == "0" ]; then 5 | grep ^\|\|[^\*]*\^$ /tmp/adlist.txt | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/dnsmasq.adblock 6 | rm -f /tmp/adlist.txt 7 | diff /tmp/dnsmasq.adblock /usr/share/koolproxy/dnsmasq.adblock >/dev/null 8 | [ $? = 0 ] && echo "$(date "+%F %T"): adblockplus本地规则和服务器规则相同,无需更新!" && rm -f /tmp/dnsmasq.adblock && return 1 9 | echo "$(date "+%F %T"): 检测到adblockplus规则有更新,开始转换规则!" 10 | sed -i '/youku/d' /tmp/dnsmasq.adblock >/dev/null 2>&1 11 | sed -i '/[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}/d' /tmp/dnsmasq.adblock >/dev/null 2>&1 12 | mv /tmp/dnsmasq.adblock /usr/share/koolproxy/dnsmasq.adblock 13 | echo "$(date "+%F %T"): adblockplus规则转换完成,应用新规则。" 14 | echo "" 15 | echo "$(date "+%F %T"): 重启dnsmasq进程" 16 | /etc/init.d/dnsmasq restart > /dev/null 2>&1 17 | 18 | return 0 19 | else 20 | echo "$(date "+%F %T"): 获取在线版本时出现错误! " 21 | [ -f /tmp/adlist.txt ] && rm -f /tmp/adlist.txt 22 | return 1 23 | fi 24 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/adblock.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/usr/share/koolproxy/adblock.conf -------------------------------------------------------------------------------- /root/usr/share/koolproxy/camanagement: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | kpfolder="/usr/share/koolproxy/data" 3 | kplogfile="/var/log/koolproxy.log" 4 | readyfolder="/tmp/upload/koolproxy" 5 | 6 | backup() { 7 | if [ ! -f $kpfolder/private/ca.key.pem ]; then 8 | echo "未找到ca.key.pem,请先运行Koolproxy一次!" > $kplogfile 9 | exit 1 10 | fi 11 | if [ ! -f $kpfolder/private/base.key.pem ]; then 12 | echo "未找到base.key.pem,请先运行Koolproxy一次!" > $kplogfile 13 | exit 1 14 | fi 15 | if [ ! -f $kpfolder/certs/ca.crt ]; then 16 | echo "未找到ca.crt,请先运行Koolproxy一次!" > $kplogfile 17 | exit 1 18 | fi 19 | 20 | mkdir -p /tmp/upload 21 | cd $kpfolder 22 | tar czf /tmp/upload/koolproxyca.tar.gz private/ca.key.pem private/base.key.pem certs/ca.crt 23 | [ -f /tmp/upload/koolproxyca.tar.gz ] && echo "证书备份已成功生成。" > $kplogfile 24 | } 25 | 26 | restore() { 27 | if [ ! -f /tmp/upload/koolproxyCA.tar.gz ]; then 28 | echo "未找到备份文件,文件名必须为koolproxyCA.tar.gz或已损坏,请检查备份文件!" >> $kplogfile 29 | else 30 | mkdir -p $readyfolder 31 | cd $readyfolder 32 | tar xzf /tmp/upload/koolproxyCA.tar.gz 33 | fi 34 | if [ ! -f $readyfolder/private/ca.key.pem ]; then 35 | echo "未找到ca.key.pem,备份文件不正确或已损坏,请检查备份文件!" > $kplogfile 36 | exit 1 37 | fi 38 | if [ ! -f $readyfolder/private/base.key.pem ]; then 39 | echo "未找到base.key.pem,备份文件不正确或已损坏,请检查备份文件!" > $kplogfile 40 | exit 1 41 | fi 42 | if [ ! -f $readyfolder/certs/ca.crt ]; then 43 | echo "未找到ca.crt,备份文件不正确或已损坏,请检查备份文件!" > $kplogfile 44 | exit 1 45 | fi 46 | 47 | mv -f $readyfolder/private/ca.key.pem $kpfolder/private/ca.key.pem 48 | mv -f $readyfolder/private/base.key.pem $kpfolder/private/base.key.pem 49 | mv -f $readyfolder/certs/ca.crt $kpfolder/certs/ca.crt 50 | rm -rf $readyfolder 51 | rm -f /tmp/upload/koolproxyCA.tar.gz 52 | echo "证书成功还原,重启Koolproxy。" > $kplogfile 53 | /etc/init.d/koolproxy restart 54 | } 55 | 56 | case "$*" in 57 | "backup") 58 | backup 59 | ;; 60 | "restore") 61 | restore 62 | ;; 63 | "help") 64 | echo "use backup or restore" 65 | ;; 66 | esac 67 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/data/gen_ca.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | alias echo_date='echo $(date +%Y年%m月%d日\ %X):' 3 | 4 | if [ ! -f openssl.cnf ]; then 5 | echo_date "Cannot found openssl.cnf" 6 | exit 1 7 | fi 8 | if [ -f /usr/share/koolproxy/data/private/ca.key.pem ]; then 9 | echo_date "已经有证书了!" 10 | else 11 | echo_date "生成证书中..." 12 | 13 | #step 1, root ca 14 | mkdir -p certs private 15 | rm -f serial private/ca.key.pem 16 | chmod 700 private 17 | echo 1000 > serial 18 | openssl genrsa -aes256 -passout pass:koolshare -out private/ca.key.pem 2048 19 | chmod 400 private/ca.key.pem 20 | openssl req -config openssl.cnf -passin pass:koolshare \ 21 | -subj "/C=CN/ST=Beijing/L=KP/O=KoolProxy inc/CN=koolproxy.com" \ 22 | -key private/ca.key.pem \ 23 | -new -x509 -days 7300 -sha256 -extensions v3_ca \ 24 | -out certs/ca.crt 25 | 26 | #step 2, domain rsa key 27 | openssl genrsa -aes256 -passout pass:koolshare -out private/base.key.pem 2048 28 | echo_date "证书生成完毕..." 29 | fi 30 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/data/openssl.cnf: -------------------------------------------------------------------------------- 1 | # OpenSSL root CA configuration file. 2 | # Copy to `/root/ca/openssl.cnf`. 3 | 4 | [ ca ] 5 | # `man ca` 6 | default_ca = CA_default 7 | 8 | [ CA_default ] 9 | # Directory and file locations. 10 | dir = ./ca 11 | certs = $dir/certs 12 | crl_dir = $dir/crl 13 | new_certs_dir = $dir/newcerts 14 | database = $dir/index.txt 15 | serial = $dir/serial 16 | RANDFILE = $dir/private/.rand 17 | 18 | # The root key and root certificate. 19 | private_key = $dir/private/ca.key.pem 20 | certificate = $dir/certs/ca.cert.pem 21 | 22 | # For certificate revocation lists. 23 | crlnumber = $dir/crlnumber 24 | crl = $dir/crl/ca.crl.pem 25 | crl_extensions = crl_ext 26 | default_crl_days = 30 27 | 28 | # SHA-1 is deprecated, so use SHA-2 instead. 29 | default_md = sha256 30 | 31 | name_opt = ca_default 32 | cert_opt = ca_default 33 | default_days = 375 34 | preserve = no 35 | policy = policy_strict 36 | 37 | [ policy_strict ] 38 | # The root CA should only sign intermediate certificates that match. 39 | # See the POLICY FORMAT section of `man ca`. 40 | countryName = match 41 | stateOrProvinceName = match 42 | organizationName = match 43 | organizationalUnitName = optional 44 | commonName = supplied 45 | emailAddress = optional 46 | 47 | [ policy_loose ] 48 | # Allow the intermediate CA to sign a more diverse range of certificates. 49 | # See the POLICY FORMAT section of the `ca` man page. 50 | countryName = optional 51 | stateOrProvinceName = optional 52 | localityName = optional 53 | organizationName = optional 54 | organizationalUnitName = optional 55 | commonName = supplied 56 | emailAddress = optional 57 | 58 | [ req ] 59 | # Options for the `req` tool (`man req`). 60 | default_bits = 2048 61 | distinguished_name = req_distinguished_name 62 | string_mask = utf8only 63 | 64 | # SHA-1 is deprecated, so use SHA-2 instead. 65 | default_md = sha256 66 | 67 | # Extension to add when the -x509 option is used. 68 | x509_extensions = v3_ca 69 | 70 | [ req_distinguished_name ] 71 | # See . 72 | countryName = Country Name (2 letter code) 73 | stateOrProvinceName = State or Province Name 74 | localityName = Locality Name 75 | 0.organizationName = Organization Name 76 | organizationalUnitName = Organizational Unit Name 77 | commonName = Common Name 78 | emailAddress = Email Address 79 | 80 | # Optionally, specify some defaults. 81 | countryName_default = GB 82 | stateOrProvinceName_default = England 83 | localityName_default = 84 | 0.organizationName_default = Alice Ltd 85 | organizationalUnitName_default = 86 | emailAddress_default = 87 | 88 | [ v3_ca ] 89 | # Extensions for a typical CA (`man x509v3_config`). 90 | subjectKeyIdentifier = hash 91 | authorityKeyIdentifier = keyid:always,issuer 92 | basicConstraints = critical, CA:true 93 | keyUsage = critical, digitalSignature, cRLSign, keyCertSign 94 | 95 | [ v3_intermediate_ca ] 96 | # Extensions for a typical intermediate CA (`man x509v3_config`). 97 | subjectKeyIdentifier = hash 98 | authorityKeyIdentifier = keyid:always,issuer 99 | basicConstraints = critical, CA:true, pathlen:0 100 | keyUsage = critical, digitalSignature, cRLSign, keyCertSign 101 | 102 | [ usr_cert ] 103 | # Extensions for client certificates (`man x509v3_config`). 104 | basicConstraints = CA:FALSE 105 | nsCertType = client, email 106 | nsComment = "OpenSSL Generated Client Certificate" 107 | subjectKeyIdentifier = hash 108 | authorityKeyIdentifier = keyid,issuer 109 | keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment 110 | extendedKeyUsage = clientAuth, emailProtection 111 | 112 | [ server_cert ] 113 | # Extensions for server certificates (`man x509v3_config`). 114 | basicConstraints = CA:FALSE 115 | nsCertType = server 116 | nsComment = "OpenSSL Generated Server Certificate" 117 | subjectKeyIdentifier = hash 118 | authorityKeyIdentifier = keyid,issuer:always 119 | keyUsage = critical, digitalSignature, keyEncipherment 120 | extendedKeyUsage = serverAuth 121 | 122 | [ crl_ext ] 123 | # Extension for CRLs (`man x509v3_config`). 124 | authorityKeyIdentifier=keyid:always 125 | 126 | [ ocsp ] 127 | # Extension for OCSP signing certificates (`man ocsp`). 128 | basicConstraints = CA:FALSE 129 | subjectKeyIdentifier = hash 130 | authorityKeyIdentifier = keyid,issuer 131 | keyUsage = critical, digitalSignature 132 | extendedKeyUsage = critical, OCSPSigning 133 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/data/rules/user.txt: -------------------------------------------------------------------------------- 1 | ! ******************************* 广告过滤大师 自定义过滤语法简表 ******************************* 2 | ! ------------------------ 规则基于adblock规则,并进行了语法部分的扩展 ------------------------ 3 | ! ABP规则请参考https://adblockplus.org/zh_CN/filters,下面为大致摘要 4 | ! "!" 为行注释符,注释行以该符号起始作为一行注释语义,用于规则描述 5 | ! "@@" 为白名单符,白名单具有最高优先级,放行过滤的网站,例如:@@||taobao.com 6 | ! "@@@@" 超级白名单,比白名单符拥有更高的优先级,主要用于放行https网站,例如:@@@@||https://taobao.com 7 | ! ------------------------------------------------------------------------------------------ 8 | ! "*" 为字符通配符,能够匹配0长度或任意长度的字符串,该通配符不能与正则语法混用。 9 | ! "^" 为分隔符,可以是除了字母、数字或者 _ - . % 之外的任何字符。 10 | ! "~" 为排除标识符,通配符能过滤大多数广告,但同时存在误杀, 可以通过排除标识符修正误杀链接。 11 | ! 注:通配符仅在 url 规则中支持,html 规则中不支持 12 | ! ------------------------------------------------------------------------------------------ 13 | ! "|" 为管线符号,来表示地址的最前端或最末端 14 | ! "||" 为子域通配符,方便匹配主域名下的所有子域 15 | ! 用法及例子如下:(以下等号表示等价于) 16 | ! ||xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad* 17 | ! ||http://xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad* 18 | ! ||https://xx.com/ad = https://xx.com/ad* || https://*.xx.com/ad* 19 | ! |xx.com/ad = http://xx.com/ad* 20 | ! |http://xx.com/ad = http://xx.com/ad* 21 | ! |https://xx.com/ad = https://xx.com/ad* 22 | ! ad = http://*ad* 23 | ! http://ad = http://*ad* 24 | ! https://ad = 不支持,需要指定域名,如下例 25 | ! https://xx.com/ad = |https://xx.com/ad = https://xx.com/ad* 26 | ! [同时可以表示两个以及两个以上的域名]如下例子 27 | ! https://xx.ad.com 和 https://xxx.xx.ad.com = ||https://ad.com (注意! 由于https的原因使用要非常谨慎,不可以大范围使用) 28 | ! ------------------------------------------------------------------------------------------ 29 | ! 兼容adblock规则的html规则语法,例如: 30 | ! fulldls.com,torrentzap.com##.tp_reccomend_banner 31 | ! 但是推荐写成以下标准写法: 32 | ! ||fulldls.com##.tp_reccomend_banner 33 | ! ||torrentzap.com##.tp_reccomend_banner 34 | ! 如果一个网站html规则有多条,可以合并为这样: 35 | ! ||torrentzap.com##.tp_reccomend_banner,.ad_top,[class="ad_right"]...... 36 | ! ------------------------------------------------------------------------------------------ 37 | ! 文本替换语法:$s@匹配内容@替换内容@ 38 | ! 非标准端口过滤语法:||abc.com:8081/ad.html或者|http://adb.com:8081/ 39 | ! 文本替换例子:|http://cdn.pcbeta.js.inimc.com/data/cache/common.js?$s@old@new@ 40 | ! 重定向语法:$r@匹配内容@替换内容@ 41 | ! 重定向例子:|http://koolshare.cn$r@http://koolshare.cn/*@http://www.qq.com@ 42 | ! 注:文本替换语法及重定向语法中的匹配内容不仅支持通配符功能,而且额外支持以下功能 43 | ! 支持通配符 * 和 ? 表示单个字符 44 | ! 支持全正则匹配,/正则内容/ 表示应用正则匹配 45 | ! 正则替换:替换内容支持 $1 $2 这样的符号 46 | ! 普通替换:替换内容支持 * 这样的符号,表示把命中的内容复制到替换的内容。(类似 $1 $2,但是 * 号会自动计算数字) 47 | ! ------------------------------------------------------------------------------------------ 48 | ! 未来将逐步添加相关语法,兼容adblock puls的更多语法,敬请期待。 49 | ! ****************************************************************************************** 50 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/data/source.list: -------------------------------------------------------------------------------- 1 | 0|user.txt||自定义规则 2 | 0|mv.txt|https://gitee.com/xinggsf/Adblock-Rule/raw/master/mv.txt|乘风视频 3 | 0|kp.dat|https://raw.githubusercontent.com/houzi-/CDN/master/kp.dat|视频规则 4 | 0|daily.txt|https://raw.githubusercontent.com/houzi-/CDN/master/daily.txt|每日规则 5 | 0|koolproxy.txt|https://raw.githubusercontent.com/houzi-/CDN/master/koolproxy.txt|静态规则 6 | 0|yhosts.txt|https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts.txt|Yhosts规则 7 | 0|fanboy.txt|https://raw.githubusercontent.com/ycg31/KoolProxy/master/rules/fanboy.txt|Fanboy规则 8 | 0|easylistchina.txt|https://raw.githubusercontent.com/ycg31/KoolProxy/master/rules/easylistchina.txt|ABP规则 9 | 0|anti-ad.txt|https://raw.githubusercontent.com/privacy-protection-tools/anti-AD/master/anti-ad-easylist.txt|Anti-AD规则 10 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/data/user.txt: -------------------------------------------------------------------------------- 1 | ! ******************************* 广告过滤大师 自定义过滤语法简表 ******************************* 2 | ! ------------------------ 规则基于adblock规则,并进行了语法部分的扩展 ------------------------ 3 | ! ABP规则请参考https://adblockplus.org/zh_CN/filters,下面为大致摘要 4 | ! "!" 为行注释符,注释行以该符号起始作为一行注释语义,用于规则描述 5 | ! "@@" 为白名单符,白名单具有最高优先级,放行过滤的网站,例如:@@||taobao.com 6 | ! "@@@@" 超级白名单,比白名单符拥有更高的优先级,主要用于放行https网站,例如:@@@@||https://taobao.com 7 | ! ------------------------------------------------------------------------------------------ 8 | ! "*" 为字符通配符,能够匹配0长度或任意长度的字符串,该通配符不能与正则语法混用。 9 | ! "^" 为分隔符,可以是除了字母、数字或者 _ - . % 之外的任何字符。 10 | ! "~" 为排除标识符,通配符能过滤大多数广告,但同时存在误杀, 可以通过排除标识符修正误杀链接。 11 | ! 注:通配符仅在 url 规则中支持,html 规则中不支持 12 | ! ------------------------------------------------------------------------------------------ 13 | ! "|" 为管线符号,来表示地址的最前端或最末端 14 | ! "||" 为子域通配符,方便匹配主域名下的所有子域 15 | ! 用法及例子如下:(以下等号表示等价于) 16 | ! ||xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad* 17 | ! ||http://xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad* 18 | ! ||https://xx.com/ad = https://xx.com/ad* || https://*.xx.com/ad* 19 | ! |xx.com/ad = http://xx.com/ad* 20 | ! |http://xx.com/ad = http://xx.com/ad* 21 | ! |https://xx.com/ad = https://xx.com/ad* 22 | ! ad = http://*ad* 23 | ! http://ad = http://*ad* 24 | ! https://ad = 不支持,需要指定域名,如下例 25 | ! https://xx.com/ad = |https://xx.com/ad = https://xx.com/ad* 26 | ! [同时可以表示两个以及两个以上的域名]如下例子 27 | ! https://xx.ad.com 和 https://xxx.xx.ad.com = ||https://ad.com (注意! 由于https的原因使用要非常谨慎,不可以大范围使用) 28 | ! ------------------------------------------------------------------------------------------ 29 | ! 兼容adblock规则的html规则语法,例如: 30 | ! fulldls.com,torrentzap.com##.tp_reccomend_banner 31 | ! 但是推荐写成以下标准写法: 32 | ! ||fulldls.com##.tp_reccomend_banner 33 | ! ||torrentzap.com##.tp_reccomend_banner 34 | ! 如果一个网站html规则有多条,可以合并为这样: 35 | ! ||torrentzap.com##.tp_reccomend_banner,.ad_top,[class="ad_right"]...... 36 | ! ------------------------------------------------------------------------------------------ 37 | ! 文本替换语法:$s@匹配内容@替换内容@ 38 | ! 非标准端口过滤语法:||abc.com:8081/ad.html或者|http://adb.com:8081/ 39 | ! 文本替换例子:|http://cdn.pcbeta.js.inimc.com/data/cache/common.js?$s@old@new@ 40 | ! 重定向语法:$r@匹配内容@替换内容@ 41 | ! 重定向例子:|http://koolshare.cn$r@http://koolshare.cn/*@http://www.qq.com@ 42 | ! 注:文本替换语法及重定向语法中的匹配内容不仅支持通配符功能,而且额外支持以下功能 43 | ! 支持通配符 * 和 ? 表示单个字符 44 | ! 支持全正则匹配,/正则内容/ 表示应用正则匹配 45 | ! 正则替换:替换内容支持 $1 $2 这样的符号 46 | ! 普通替换:替换内容支持 * 这样的符号,表示把命中的内容复制到替换的内容。(类似 $1 $2,但是 * 号会自动计算数字) 47 | ! ------------------------------------------------------------------------------------------ 48 | ! 未来将逐步添加相关语法,兼容adblock puls的更多语法,敬请期待。 49 | ! ****************************************************************************************** 50 | -------------------------------------------------------------------------------- /root/usr/share/koolproxy/dnsmasq.adblock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/usr/share/koolproxy/dnsmasq.adblock -------------------------------------------------------------------------------- /root/usr/share/koolproxy/koolproxy_ipset.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cnzd/luci-app-koolproxyR/d727c6927c85fa60786a4475a1d0b30c42c4c882/root/usr/share/koolproxy/koolproxy_ipset.conf -------------------------------------------------------------------------------- /root/usr/share/koolproxy/kpupdate: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # set -x 3 | 4 | . /lib/functions.sh 5 | 6 | CONFIG=koolproxy 7 | KP_DIR=/usr/share/koolproxy 8 | TMP_DIR=/tmp/koolproxy 9 | LOGFILE="/var/log/koolproxy.log" 10 | 11 | config_t_get() { 12 | local index=0 13 | [ -n "$4" ] && index=$4 14 | local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null) 15 | echo ${ret:=$3} 16 | } 17 | 18 | limit_log() { 19 | local log=$1 20 | [ ! -f "$log" ] && return 21 | local sc=100 22 | [ -n "$2" ] && sc=$2 23 | local count=$(grep -c "" $log) 24 | if [ $count -gt $sc ];then 25 | let count=count-$sc 26 | sed -i "1,$count d" $log 27 | fi 28 | } 29 | 30 | init_env() { 31 | rm -rf "$TMP_DIR" 32 | mkdir -p "$TMP_DIR" 33 | } 34 | 35 | restart_koolproxy() { 36 | /etc/init.d/koolproxy restart 37 | } 38 | 39 | __compare_file() { 40 | local descript=$1 41 | local localPath=$2 42 | local remoteUrl=$3 43 | 44 | echo $(date "+%F %T"): ------------------- $descript更新 ------------------- >>$LOGFILE 45 | local filename=`basename $localPath` 46 | local remotePath="$TMP_DIR/$filename" 47 | wget-ssl -qT5 --no-check-certificate "$remoteUrl" -O "$remotePath" 48 | if [ "$?" == "0" ]; then 49 | if [ -f "$localPath" ]; then 50 | localMD5=`md5sum "$localPath" | awk '{print $1}'` 51 | localNum=`cat "$localPath" | grep -v '^!' | wc -l` 52 | else 53 | localMD5="文件不存在" 54 | localNum="0" 55 | fi 56 | remoteMD5=`md5sum "$remotePath" | awk '{print $1}'` 57 | remoteNum=`cat "$remotePath" | grep -v '^!' | wc -l` 58 | 59 | echo $(date "+%F %T"): 本地版本MD5:$localMD5 >>$LOGFILE 60 | echo $(date "+%F %T"): 本地版本条数:$localNum >>$LOGFILE 61 | echo >>$LOGFILE 62 | echo $(date "+%F %T"): 在线版本MD5:$remoteMD5 >>$LOGFILE 63 | echo $(date "+%F %T"): 在线版本条数:$remoteNum >>$LOGFILE 64 | echo >>$LOGFILE 65 | 66 | if [ "$localMD5" != "$remoteMD5" ];then 67 | echo $(date "+%F %T"): 检测到更新,开始更新规则! >>$LOGFILE 68 | mv -f "$remotePath" "$localPath" 69 | echo $(date "+%F %T"): 更新成功! >>$LOGFILE 70 | echo >>$LOGFILE 71 | return 0 72 | fi 73 | else 74 | echo "$(date "+%F %T"): 获取在线版本时出现错误! " >>$LOGFILE 75 | echo >>$LOGFILE 76 | fi 77 | return 1 78 | } 79 | 80 | __update_rule() { 81 | local name 82 | local file 83 | local exrule 84 | local enable 85 | config_get name $1 name 86 | config_get file $1 file 87 | config_get exrule $1 url 88 | config_get enable $1 load 89 | if [ -n "$file" ] && [ -n "$exrule" ]; then 90 | if [ $enable -ne 1 ]; then 91 | return 92 | fi 93 | __compare_file "$name" "$KP_DIR/data/rules/$file" "$exrule" 94 | if [ "$?" == "0" ]; then 95 | uci set koolproxy.$1.time="`date +%Y-%m-%d" "%H:%M`" 96 | uci commit koolproxy 97 | RESTART_KOOLPROXY=true 98 | fi 99 | cat $KP_DIR/data/rules/$file >>$KP_DIR/data/rules/user.txt 100 | echo >>$LOGFILE 101 | fi 102 | } 103 | 104 | update_rss_rules() { 105 | cp $KP_DIR/data/user.txt $KP_DIR/data/rules/user.txt 106 | config_load $CONFIG 107 | config_foreach __update_rule rss_rule 108 | } 109 | 110 | 111 | 112 | update_rules() { 113 | echo $(date "+%F %T"): ------------------- 内置规则更新 ------------------- >>$LOGFILE 114 | wget 'https://raw.githubusercontent.com/houzi-/CDN/master/kp.dat' -q -O $KP_DIR/data/rules/kp.dat 115 | wget 'https://raw.githubusercontent.com/houzi-/CDN/master/daily.txt' -q -O $KP_DIR/data/rules/daily.txt 116 | wget 'https://raw.githubusercontent.com/houzi-/CDN/master/koolproxy.txt' -q -O $KP_DIR/data/rules/koolproxy.txt 117 | wget 'https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts.txt' -q -O $KP_DIR/data/rules/yhosts.txt 118 | wget 'https://raw.githubusercontent.com/ycg31/KoolProxy/master/rules/fanboy.txt' -q -O $KP_DIR/data/rules/fanboy.txt 119 | wget 'https://raw.githubusercontent.com/ycg31/KoolProxy/master/rules/easylistchina.txt' -q -O $KP_DIR/data/rules/easylistchina.txt 120 | wget 'https://raw.githubusercontent.com/privacy-protection-tools/anti-AD/master/anti-ad-easylist.txt' -q -O $KP_DIR/data/rules/anti-ad.txt 121 | wget 'https://gitee.com/xinggsf/Adblock-Rule/raw/master/mv.txt' -q -O $KP_DIR/data/rules/mv.txt 122 | easylist_rules_local=`cat /usr/share/koolproxy/data/rules/easylistchina.txt | sed -n '3p'|awk '{print $3,$4}'` 123 | fanboy_rules_local=`cat /usr/share/koolproxy/data/rules/fanboy.txt | sed -n '3p'|awk '{print $3,$4}'` 124 | koolproxy_rules_local=`cat /usr/share/koolproxy/data/rules/koolproxy.txt | sed -n '3p'|awk '{print $3,$4}'` 125 | mv_rules_local=`cat /usr/share/koolproxy/data/rules/mv.txt | sed -n '3p'|awk '{print $3,$4}'` 126 | echo $(date "+%F %T"): -------------------easylist version $easylist_rules_local >>$LOGFILE 127 | echo $(date "+%F %T"): -------------------fanboy version $fanboy_rules_local >>$LOGFILE 128 | echo $(date "+%F %T"): -------------------koolproxy version $koolproxy_rules_local >>$LOGFILE 129 | echo $(date "+%F %T"): -------------------mv version $mv_rules_local >>$LOGFILE 130 | echo $(date "+%F %T"): ------------------- 内置规则更新成功! ------------------- >>$LOGFILE 131 | RESTART_KOOLPROXY=true 132 | 133 | } 134 | 135 | update_adb_host() { 136 | /usr/sbin/adblockplus >>$LOGFILE 2>&1 & 137 | if [ "$?" == "0" ]; then 138 | RESTART_DNSMASQ=true 139 | fi 140 | } 141 | 142 | # main process 143 | init_env 144 | limit_log $LOGFILE 145 | 146 | # update rules 147 | update_rules 148 | 149 | # update user rules 150 | update_rss_rules 151 | 152 | koolproxy_mode=$(config_t_get global koolproxy_mode 1) 153 | koolproxy_host=$(config_t_get global koolproxy_host 0) 154 | 155 | # update ADB Plus Host 156 | if [ "$koolproxy_mode" == "2" ] && [ "$koolproxy_host" == "1" ];then 157 | update_adb_host 158 | fi 159 | 160 | if [ $RESTART_KOOLPROXY ]; then 161 | restart_koolproxy 162 | echo $(date "+%F %T"): 重启koolproxy进程 >>$LOGFILE 163 | fi 164 | 165 | init_env 166 | --------------------------------------------------------------------------------