├── Makefile
├── README.md
├── luasrc
├── controller
│ └── dnsfilter.lua
├── model
│ └── cbi
│ │ └── dnsfilter
│ │ ├── base.lua
│ │ ├── black.lua
│ │ ├── ip.lua
│ │ ├── log.lua
│ │ └── white.lua
└── view
│ └── dnsfilter
│ ├── dnsfilter_refresh.htm
│ └── dnsfilter_status.htm
├── po
├── zh-cn
│ └── dnsfilter.po
└── zh_Hans
└── root
├── etc
├── config
│ └── dnsfilter
├── dnsfilter
│ ├── black.list
│ ├── ip.list
│ └── white.list
├── init.d
│ └── dnsfilter
└── uci-defaults
│ └── luci-dnsfilter
└── usr
└── share
├── dnsfilter
├── addown
└── dnsfilter
└── rpcd
└── acl.d
└── luci-app-dnsfilter.json
/Makefile:
--------------------------------------------------------------------------------
1 | include $(TOPDIR)/rules.mk
2 |
3 | PKG_NAME:=luci-app-dnsfilter
4 | PKG_VERSION:=1.0
5 | PKG_RELEASE:=14
6 |
7 | PKG_LICENSE:=GPLv2
8 | PKG_MAINTAINER:=small_5 kiddin9
9 |
10 | LUCI_TITLE:=LuCI support for DNSFilter
11 | LUCI_PKGARCH:=all
12 | LUCI_DEPENDS:=+curl +dnsmasq-full +ipset
13 |
14 | define Package/$(PKG_NAME)/conffiles
15 | /etc/config/dnsfilter
16 | /etc/dnsfilter/
17 | endef
18 |
19 | include $(TOPDIR)/feeds/luci/luci.mk
20 |
21 | # call BuildPackage - OpenWrt buildroot signature
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | 基于 [small_5](https://github.com/small-5) 的 luci-app-adblock-plus 修改
2 |
3 | # 基于DNS的广告过滤 for OpenWrt
4 | ## 功能
5 |
6 | - 支持 AdGuardHome/Host/DNSMASQ/Domain 格式的规则订阅
7 |
8 | - 规则自动识别, 自动去重, 定时更新
9 |
10 | - 自定义黑白名单
11 |
12 | - 短视频APP拦截
13 |
14 | - 安全搜索
15 |
16 | ## 编译说明
17 |
18 | 本app依赖于```dnsmasq-full```,与OpenWrt默认的```dnsmasq```冲突,所以编译时请确保已经取消勾选```base-system -> dnsmasq```
19 |
--------------------------------------------------------------------------------
/luasrc/controller/dnsfilter.lua:
--------------------------------------------------------------------------------
1 | module("luci.controller.dnsfilter", package.seeall)
2 |
3 | function index()
4 | if not nixio.fs.access("/etc/config/dnsfilter") then
5 | return
6 | end
7 |
8 | local page = entry({"admin", "services", "dnsfilter"}, alias("admin", "services", "dnsfilter", "base"), _("DNS Filter"), 9)
9 | page.dependent = true
10 | page.acl_depends = { "luci-app-dnsfilter" }
11 |
12 | entry({"admin", "services", "dnsfilter", "base"}, cbi("dnsfilter/base"), _("Base Setting"), 10).leaf = true
13 | entry({"admin", "services", "dnsfilter", "white"}, form("dnsfilter/white"), _("White Domain List"), 20).leaf = true
14 | entry({"admin", "services", "dnsfilter", "black"}, form("dnsfilter/black"), _("Block Domain List"), 30).leaf = true
15 | entry({"admin", "services", "dnsfilter", "ip"}, form("dnsfilter/ip"), _("Block IP List"), 40).leaf = true
16 | entry({"admin", "services", "dnsfilter", "log"}, form("dnsfilter/log"), _("Update Log"), 50).leaf = true
17 | entry({"admin", "services", "dnsfilter", "run"}, call("act_status")).leaf = true
18 | entry({"admin", "services", "dnsfilter", "refresh"}, call("refresh_data"))
19 | end
20 |
21 | function act_status()
22 | local e = {}
23 | e.running = luci.sys.call("[ -s /tmp/dnsmasq.dnsfilter/rules.conf ]") == 0
24 | luci.http.prepare_content("application/json")
25 | luci.http.write_json(e)
26 | end
27 |
28 | function refresh_data()
29 | local set = luci.http.formvalue("set")
30 | local icount = 0
31 |
32 | luci.sys.exec("/usr/share/dnsfilter/dnsfilter down")
33 | icount = luci.sys.exec("find /tmp/ad_tmp -type f -name rules.conf -exec cat {} \\; 2>/dev/null | wc -l")
34 | if tonumber(icount)>0 then
35 | oldcount = luci.sys.exec("find /tmp/dnsfilter -type f -name rules.conf -exec cat {} \\; 2>/dev/null | wc -l")
36 | if tonumber(icount) ~= tonumber(oldcount) then
37 | luci.sys.exec("[ -h /tmp/dnsfilter/url ] && (rm -f /etc/dnsfilter/rules/*;cp -a /tmp/ad_tmp/* /etc/dnsfilter/rules) || (rm -f /tmp/dnsfilter/*;cp -a /tmp/ad_tmp/* /tmp/dnsfilter)")
38 | luci.sys.exec("/etc/init.d/dnsfilter restart &")
39 | retstring = tostring(math.ceil(tonumber(icount)))
40 | else
41 | retstring = 0
42 | end
43 | luci.sys.call("echo `date +'%Y-%m-%d %H:%M:%S'` > /tmp/dnsfilter/dnsfilter.updated")
44 | else
45 | retstring = "-1"
46 | end
47 | luci.sys.exec("rm -rf /tmp/ad_tmp")
48 |
49 | luci.http.prepare_content("application/json")
50 | luci.http.write_json({ret=retstring,retcount=icount})
51 | end
52 |
--------------------------------------------------------------------------------
/luasrc/model/cbi/dnsfilter/base.lua:
--------------------------------------------------------------------------------
1 | local SYS = require "luci.sys"
2 |
3 | m = Map("dnsfilter")
4 | m.title = translate("DNS Filter")
5 | m.description = translate("Support AdGuardHome/Host/DNSMASQ/Domain Rules")
6 | m:section(SimpleSection).template = "dnsfilter/dnsfilter_status"
7 |
8 | s = m:section(TypedSection, "dnsfilter")
9 | s.anonymous = true
10 |
11 | o = s:option(Flag, "enable", translate("Enable"))
12 | o.rmempty = false
13 |
14 | o = s:option(Flag, "block_ios", translate("Block Apple iOS OTA update"))
15 | o.rmempty = false
16 | o.default = 0
17 |
18 | o = s:option(Flag, "block_cnshort", translate("Block CNshort APP and Website"))
19 | o.rmempty = false
20 | o.default = 0
21 |
22 | o = s:option(Flag, "safe_search", translate("Safe Search"))
23 | o.description = translate("Enforcing SafeSearch for Google Bing Duckduckgo Yandex and Youtube.")
24 | o.rmempty = false
25 | o.default = 0
26 |
27 | o = s:option(Flag, "cron_mode", translate("Enable automatic update rules"))
28 | o.rmempty = false
29 | o.default = 1
30 |
31 | o = s:option(ListValue, "time_update", translate("Update time (every day)"))
32 | for s = 0,23 do
33 | o:value(s, s .. ':00')
34 | end
35 | o.default = 6
36 | o:depends("cron_mode",1)
37 |
38 | tmp_rule = 0
39 | if nixio.fs.access("/tmp/dnsfilter/rules.conf") then
40 | tmp_rule = 1
41 | UD = SYS.exec("cat /tmp/dnsfilter/dnsfilter.updated 2>/dev/null")
42 | rule_count = tonumber(SYS.exec("find /tmp/dnsfilter -exec cat {} \\; 2>/dev/null | wc -l"))
43 | o = s:option(DummyValue, "1", translate("Subscribe Rules Data"))
44 | o.rawhtml = true
45 | o.template = "dnsfilter/dnsfilter_refresh"
46 | o.value = rule_count.." "..translate("Records")
47 | o.description = string.format(translate("AdGuardHome / Host / DNSMASQ / Domain rules auto-convert").."
"..translate("Last Update Checked")..": %s
",UD)
48 | end
49 |
50 | o = s:option(Flag, "flash", translate("Save rules to flash"))
51 | o.description = translate("Should be enabled when rules addresses are slow to download")
52 | o.rmempty = false
53 | o.default = 0
54 |
55 | if tmp_rule == 1 then
56 | o = s:option(Button, "delete", translate("Delete All Subscribe Rules"))
57 | o.inputstyle = "reset"
58 | o.description = translate("Delete rules files and delete the subscription link
There is no need to click for modify the subscription link,The script will automatically replace the old rule file")
59 | o.write = function()
60 | SYS.exec("[ -d /etc/dnsfilter/rules ] && rm -rf /etc/dnsfilter/rules")
61 | SYS.exec("grep -wq 'list url' /etc/config/dnsfilter && sed -i '/list url/d' /etc/config/dnsfilter && /etc/init.d/dnsfilter restart 2>&1 &")
62 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "dnsfilter", "base"))
63 | end
64 | end
65 |
66 | if luci.sys.call("[ -h /tmp/dnsfilter/url ] || exit 9") == 9 then
67 | if nixio.fs.access("/etc/dnsfilter/rules") then
68 | o = s:option(Button, "delete_1", translate("Delete Subscribe Rules On The Flash"))
69 | o.inputstyle = "reset"
70 | o.write = function()
71 | SYS.exec("rm -rf /etc/dnsfilter/rules")
72 | luci.http.redirect(luci.dispatcher.build_url("admin", "services", "dnsfilter", "base"))
73 | end
74 | end
75 | end
76 |
77 | o = s:option(DynamicList, "url", translate("Anti-AD Rules Subscribe"))
78 | o:value("https://anti-ad.net/anti-ad-for-dnsmasq.conf", translate("anti-AD"))
79 | o:value("https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt", translate("AdGuard"))
80 | o:value("https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt", translate("Easylistchina+Easylist"))
81 | o:value("https://block.energized.pro/extensions/porn-lite/formats/domains.txt", translate("Anti-Porn"))
82 | o.default = "https://anti-ad.net/anti-ad-for-dnsmasq.conf"
83 |
84 | return m
85 |
--------------------------------------------------------------------------------
/luasrc/model/cbi/dnsfilter/black.lua:
--------------------------------------------------------------------------------
1 | local fs = require "nixio.fs"
2 | local conffile = "/etc/dnsfilter/black.list"
3 |
4 | f = SimpleForm("custom")
5 | t = f:field(TextValue, "conf")
6 | t.rmempty = true
7 | t.rows = 13
8 | t.description = translate("Will Always block these Domain")
9 |
10 | function t.cfgvalue()
11 | return fs.readfile(conffile) or ""
12 | end
13 |
14 | function f.handle(self,state,data)
15 | if state == FORM_VALID then
16 | if data.conf then
17 | fs.writefile(conffile,data.conf:gsub("\r\n","\n"))
18 | else
19 | luci.sys.call("> /etc/dnsfilter/black.list")
20 | end
21 | luci.sys.exec("[ \"$(uci -q get dnsfilter.@dnsfilter[0].enable)\" = 1 ] && /etc/init.d/dnsfilter restart")
22 | end
23 | return true
24 | end
25 |
26 | return f
27 |
--------------------------------------------------------------------------------
/luasrc/model/cbi/dnsfilter/ip.lua:
--------------------------------------------------------------------------------
1 | local fs = require "nixio.fs"
2 | local conffile = "/etc/dnsfilter/ip.list"
3 |
4 | f = SimpleForm("custom")
5 | t = f:field(TextValue, "conf")
6 | t.rmempty = true
7 | t.rows = 13
8 | t.description = translate("Will Always block these IP")
9 |
10 | function t.cfgvalue()
11 | return fs.readfile(conffile) or ""
12 | end
13 |
14 | function f.handle(self,state,data)
15 | if state == FORM_VALID then
16 | if data.conf then
17 | fs.writefile(conffile,data.conf:gsub("\r\n","\n"))
18 | else
19 | luci.sys.call("> /etc/dnsfilter/ip.list")
20 | end
21 | luci.sys.exec("ipset -F blockip 2>/dev/null && for i in $(cat /etc/dnsfilter/ip.list);do ipset add blockip $i 2>/dev/null;done")
22 | end
23 | return true
24 | end
25 |
26 | return f
27 |
--------------------------------------------------------------------------------
/luasrc/model/cbi/dnsfilter/log.lua:
--------------------------------------------------------------------------------
1 | local fs = require "nixio.fs"
2 | local conffile = "/tmp/adupdate.log"
3 |
4 | f = SimpleForm("logview")
5 | f.reset = false
6 | f.submit = false
7 | t = f:field(TextValue, "conf")
8 | t.rmempty = true
9 | t.rows = 20
10 |
11 | function t.cfgvalue()
12 | return fs.readfile(conffile) or ""
13 | end
14 | t.readonly = "readonly"
15 |
16 | return f
17 |
--------------------------------------------------------------------------------
/luasrc/model/cbi/dnsfilter/white.lua:
--------------------------------------------------------------------------------
1 | local fs = require "nixio.fs"
2 | local conffile = "/etc/dnsfilter/white.list"
3 |
4 | f = SimpleForm("custom")
5 | t = f:field(TextValue, "conf")
6 | t.rmempty = true
7 | t.rows = 13
8 | t.description = translate("Will Never filter these Domain")
9 |
10 | function t.cfgvalue()
11 | return fs.readfile(conffile) or ""
12 | end
13 |
14 | function f.handle(self,state,data)
15 | if state == FORM_VALID then
16 | if data.conf then
17 | fs.writefile(conffile,data.conf:gsub("\r\n","\n"))
18 | else
19 | luci.sys.call("> /etc/dnsfilter/white.list")
20 | end
21 | luci.sys.exec("for i in $(cat /etc/dnsfilter/white.list);do sed -i -e \"/\\/$i\\//d\" -e \"/\\.$i\\//d\" /tmp/dnsfilter/rules.conf 2>/dev/null;\\\
22 | [ -s /etc/dnsfilter/rules/rules.conf ] && sed -i -e \"/\\/$i\\//d\" -e \"/\\.$i\\//d\" /etc/dnsfilter/rules/rules.conf;done;\\\
23 | [ -s /tmp/dnsfilter/rules.conf ] && rm -f /tmp/dnsmasq.dnsfilter/rules.conf && /etc/init.d/dnsfilter start")
24 | end
25 | return true
26 | end
27 |
28 | return f
29 |
--------------------------------------------------------------------------------
/luasrc/view/dnsfilter/dnsfilter_refresh.htm:
--------------------------------------------------------------------------------
1 | <%+cbi/valueheader%>
2 |
32 |
33 | <%=self.value%>
34 | <%+cbi/valuefooter%>
35 |
--------------------------------------------------------------------------------
/luasrc/view/dnsfilter/dnsfilter_status.htm:
--------------------------------------------------------------------------------
1 |
16 |
17 |
22 |
--------------------------------------------------------------------------------
/po/zh-cn/dnsfilter.po:
--------------------------------------------------------------------------------
1 | msgid "Base Setting"
2 | msgstr "基本设置"
3 |
4 | msgid "DNS Filter"
5 | msgstr "DNS 过滤器"
6 |
7 | msgid "Support AdGuardHome/Host/DNSMASQ/Domain Rules"
8 | msgstr "支持 AdGuardHome/Host/DNSMASQ/Domain 规则"
9 |
10 | msgid "RUNNING"
11 | msgstr "运行中"
12 |
13 | msgid "NOT RUNNING"
14 | msgstr "未运行"
15 |
16 | msgid "Enable"
17 | msgstr "启用"
18 |
19 | msgid "Block Apple iOS OTA update"
20 | msgstr "拦截 Apple iOS 的OTA 更新"
21 |
22 | msgid "Block CNshort APP and Website"
23 | msgstr "拦截 短视频 APP 和网站"
24 |
25 | msgid "Enable automatic update rules"
26 | msgstr "启用规则自动更新"
27 |
28 | msgid "Update time (every day)"
29 | msgstr "更新时间 (每天)"
30 |
31 | msgid "DNSFilter Data"
32 | msgstr "DNSFilter 规则数据库"
33 |
34 | msgid "Records"
35 | msgstr "条记录"
36 |
37 | msgid "Refresh..."
38 | msgstr "正在更新,请稍候.."
39 |
40 | msgid "No new data!"
41 | msgstr "你已经是最新数据,无需更新!"
42 |
43 | msgid "Refresh Error!"
44 | msgstr "更新失败!"
45 |
46 | msgid "Refresh OK!"
47 | msgstr "更新成功!"
48 |
49 | msgid "Total Records:"
50 | msgstr "新的总纪录数:"
51 |
52 | msgid "Refresh Data"
53 | msgstr "更新数据库"
54 |
55 | msgid "Last Update Checked"
56 | msgstr "上一次检查规则更新"
57 |
58 | msgid "Subscribe Rules Data"
59 | msgstr "去广告规则"
60 |
61 | msgid "AdGuardHome / Host / DNSMASQ / Domain rules auto-convert"
62 | msgstr "AdGuardHome / Host / DNSMASQ / Domain 规则自动识别, 自动去重"
63 |
64 | msgid "Save rules to flash"
65 | msgstr "保存规则到闪存"
66 |
67 | msgid "Should be enabled when rules addresses are slow to download"
68 | msgstr "规则地址下载速度慢时应该打开"
69 |
70 | msgid "Delete All Subscribe Rules"
71 | msgstr "清空所有订阅的规则库"
72 |
73 | msgid "Delete rules files and delete the subscription link
There is no need to click for modify the subscription link,The script will automatically replace the old rule file"
74 | msgstr "清空规则文件,并且删除所有的订阅链接
如果只是修改订阅链接不需要清空,脚本会自动覆盖旧的规则文件"
75 |
76 | msgid "Delete Subscribe Rules On The Flash"
77 | msgstr "清空闪存上的订阅规则库"
78 |
79 | msgid "Anti-AD Rules Subscribe"
80 | msgstr "广告过滤规则订阅 URL"
81 |
82 | msgid "White Domain List"
83 | msgstr "域名白名单"
84 |
85 | msgid "Will Never filter these Domain"
86 | msgstr "永不过滤白名单内的域名"
87 |
88 | msgid "Block Domain List"
89 | msgstr "域名黑名单"
90 |
91 | msgid "Will Always block these Domain"
92 | msgstr "拦截黑名单内的域名"
93 |
94 | msgid "Block IP List"
95 | msgstr "IP 黑名单"
96 |
97 | msgid "Will Always block these IP"
98 | msgstr "拦截黑名单内的 IP 地址"
99 |
100 | msgid "Safe Search"
101 | msgstr "安全搜索"
102 |
103 | msgid "Enforcing SafeSearch for Google Bing Duckduckgo Yandex and Youtube."
104 | msgstr "强制为 Google Bing Duckduckgo Yandex Youtube 开启安全搜索,过滤不健康内容"
105 |
106 | msgid "Update Log"
107 | msgstr "更新日志"
108 |
--------------------------------------------------------------------------------
/po/zh_Hans:
--------------------------------------------------------------------------------
1 | zh-cn
--------------------------------------------------------------------------------
/root/etc/config/dnsfilter:
--------------------------------------------------------------------------------
1 |
2 | config dnsfilter
3 | option cron_mode '1'
4 | option time_update '6'
5 | option flash '0'
6 | option enable '0'
7 |
--------------------------------------------------------------------------------
/root/etc/dnsfilter/black.list:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kiddin9/luci-app-dnsfilter/3a49542e566d8a95cb81b664a05aae29e1f534cf/root/etc/dnsfilter/black.list
--------------------------------------------------------------------------------
/root/etc/dnsfilter/ip.list:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kiddin9/luci-app-dnsfilter/3a49542e566d8a95cb81b664a05aae29e1f534cf/root/etc/dnsfilter/ip.list
--------------------------------------------------------------------------------
/root/etc/dnsfilter/white.list:
--------------------------------------------------------------------------------
1 | boxer.baidu.com
2 |
--------------------------------------------------------------------------------
/root/etc/init.d/dnsfilter:
--------------------------------------------------------------------------------
1 | #!/bin/sh /etc/rc.common
2 | START=99
3 | STOP=10
4 | B=0
5 | CRON_FILE=/etc/crontabs/root
6 | D=/tmp/dnsmasq.dnsfilter
7 | E="date +'%Y-%m-%d %H:%M:%S'"
8 | L=/etc/dnsfilter
9 | P=/usr/share/dnsfilter
10 | T=/tmp/dnsfilter
11 | STATUS=Y
12 | DEFAULT_DNSMASQ_CFGID="$(uci -q show "dhcp.@dnsmasq[0]" | awk 'NR==1 {split($0, conf, /[.=]/); print conf[2]}')"
13 | if [ -f "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID" ]; then
14 | DNSMASQ_CONF_DIR="$(awk -F '=' '/^conf-dir=/ {print $2}' "/tmp/etc/dnsmasq.conf.$DEFAULT_DNSMASQ_CFGID")"
15 | if [ -n "$DNSMASQ_CONF_DIR" ]; then
16 | DNSMASQ_CONF_DIR=${DNSMASQ_CONF_DIR%*/}
17 | else
18 | DNSMASQ_CONF_DIR="/tmp/dnsmasq.d"
19 | fi
20 | fi
21 | TAG="_DNSFILTER_RULE_"
22 | FWI=$(uci -q get firewall.dnsfilter.path)
23 | enable=$(uci -q get dnsfilter.@dnsfilter[0].enable)
24 | flash=$(uci -q get dnsfilter.@dnsfilter[0].flash)
25 | url=$(uci -q get dnsfilter.@dnsfilter[0].url)
26 |
27 | get_config(){
28 | config_get_bool cron_mode $1 cron_mode 1
29 | config_get_bool block_ios $1 block_ios 0
30 | config_get_bool block_cnshort $1 block_cnshort 0
31 | config_get_bool safe_search $1 safe_search 0
32 | config_get time_update $1 time_update 6
33 | }
34 |
35 | add_dns(){
36 | mkdir -p $DNSMASQ_CONF_DIR $D
37 | echo conf-dir=$D > $DNSMASQ_CONF_DIR/dnsfilter.conf
38 | if [ -n "$url" -a ! -s /tmp/dnsfilter/failed ];then
39 | mkdir -p $T
40 | if [ $flash = 1 ];then
41 | ln -sf $L/rules/rules.conf $T/rules.conf
42 | ln -sf $L/rules/url $T/url
43 | fi
44 | ln -sf $T/rules.conf $D/rules.conf
45 | fi
46 | [ $block_ios = 1 ] && echo 'mesu.apple.com' > $D/black.conf
47 | if [ $block_cnshort = 1 ];then
48 | cat <<-EOF >> $D/black.conf
49 | amemv.com
50 | tiktokv.com
51 | snssdk.com
52 | douyin.com
53 | ixigua.com
54 | pstatp.com
55 | ixiguavideo.com
56 | v.kandian.qq.com
57 | yximgs.com
58 | gifshow.com
59 | ksapisrv.com
60 | kuaishoupay.com
61 | ksyun.com
62 | live.xycdn.com
63 | danuoyi.alicdn.com
64 | v.weishi.qq.com
65 | pearvideo.com
66 | miaopai.com
67 | kuaishou.com
68 | qupai.me
69 | meipai.com
70 | huoshan.com
71 | ergengtv.com
72 | baijiahao.baidu.com
73 | xiongzhang.baidu.com
74 | EOF
75 | fi
76 | cat $L/black.list >> $D/black.conf
77 | if [ -s $D/black.conf ];then
78 | sed -i -e 's:^:address=/:' -e 's:$:/:' $D/black.conf
79 | echo "`sort -u $D/black.conf`" > $D/black.conf
80 | for i in $(cat $D/black.conf);do
81 | if grep -wq $i $D/rules.conf 2>/dev/null;then
82 | sed -i -e "s#$i##" -e '/^$/d' $D/black.conf
83 | fi
84 | done
85 | for i in $(cat $L/white.list);do sed -i -e "/\/$i\//d" -e "/\.$i\//d" $D/black.conf;done
86 | else
87 | rm -f $D/black.conf
88 | fi
89 |
90 | if [ $safe_search = 1 ];then
91 | cat <<-EOF >> $D/safesearch.conf
92 | address=/www.bing.com/204.79.197.220
93 | address=/www.google.com/216.239.38.120
94 | address=/google.com/216.239.38.120
95 | address=/www.google.ad/216.239.38.120
96 | address=/google.ad/216.239.38.120
97 | address=/www.google.ae/216.239.38.120
98 | address=/google.ae/216.239.38.120
99 | address=/www.google.al/216.239.38.120
100 | address=/google.al/216.239.38.120
101 | address=/www.google.am/216.239.38.120
102 | address=/google.am/216.239.38.120
103 | address=/www.google.as/216.239.38.120
104 | address=/google.as/216.239.38.120
105 | address=/www.google.at/216.239.38.120
106 | address=/google.at/216.239.38.120
107 | address=/www.google.az/216.239.38.120
108 | address=/google.az/216.239.38.120
109 | address=/www.google.ba/216.239.38.120
110 | address=/google.ba/216.239.38.120
111 | address=/www.google.be/216.239.38.120
112 | address=/google.be/216.239.38.120
113 | address=/www.google.bf/216.239.38.120
114 | address=/google.bf/216.239.38.120
115 | address=/www.google.bg/216.239.38.120
116 | address=/google.bg/216.239.38.120
117 | address=/www.google.bi/216.239.38.120
118 | address=/google.bi/216.239.38.120
119 | address=/www.google.bj/216.239.38.120
120 | address=/google.bj/216.239.38.120
121 | address=/www.google.bs/216.239.38.120
122 | address=/google.bs/216.239.38.120
123 | address=/www.google.bt/216.239.38.120
124 | address=/google.bt/216.239.38.120
125 | address=/www.google.by/216.239.38.120
126 | address=/google.by/216.239.38.120
127 | address=/www.google.ca/216.239.38.120
128 | address=/google.ca/216.239.38.120
129 | address=/www.google.cd/216.239.38.120
130 | address=/google.cd/216.239.38.120
131 | address=/www.google.cf/216.239.38.120
132 | address=/google.cf/216.239.38.120
133 | address=/www.google.cg/216.239.38.120
134 | address=/google.cg/216.239.38.120
135 | address=/www.google.ch/216.239.38.120
136 | address=/google.ch/216.239.38.120
137 | address=/www.google.ci/216.239.38.120
138 | address=/google.ci/216.239.38.120
139 | address=/www.google.cl/216.239.38.120
140 | address=/google.cl/216.239.38.120
141 | address=/www.google.cm/216.239.38.120
142 | address=/google.cm/216.239.38.120
143 | address=/www.google.cn/216.239.38.120
144 | address=/google.cn/216.239.38.120
145 | address=/www.google.cv/216.239.38.120
146 | address=/google.cv/216.239.38.120
147 | address=/www.google.cz/216.239.38.120
148 | address=/google.cz/216.239.38.120
149 | address=/www.google.de/216.239.38.120
150 | address=/google.de/216.239.38.120
151 | address=/www.google.dj/216.239.38.120
152 | address=/google.dj/216.239.38.120
153 | address=/www.google.dk/216.239.38.120
154 | address=/google.dk/216.239.38.120
155 | address=/www.google.dm/216.239.38.120
156 | address=/google.dm/216.239.38.120
157 | address=/www.google.dz/216.239.38.120
158 | address=/google.dz/216.239.38.120
159 | address=/www.google.ee/216.239.38.120
160 | address=/google.ee/216.239.38.120
161 | address=/www.google.es/216.239.38.120
162 | address=/google.es/216.239.38.120
163 | address=/www.google.fi/216.239.38.120
164 | address=/google.fi/216.239.38.120
165 | address=/www.google.fm/216.239.38.120
166 | address=/google.fm/216.239.38.120
167 | address=/www.google.fr/216.239.38.120
168 | address=/google.fr/216.239.38.120
169 | address=/www.google.ga/216.239.38.120
170 | address=/google.ga/216.239.38.120
171 | address=/www.google.ge/216.239.38.120
172 | address=/google.ge/216.239.38.120
173 | address=/www.google.gg/216.239.38.120
174 | address=/google.gg/216.239.38.120
175 | address=/www.google.gl/216.239.38.120
176 | address=/google.gl/216.239.38.120
177 | address=/www.google.gm/216.239.38.120
178 | address=/google.gm/216.239.38.120
179 | address=/www.google.gr/216.239.38.120
180 | address=/google.gr/216.239.38.120
181 | address=/www.google.gy/216.239.38.120
182 | address=/google.gy/216.239.38.120
183 | address=/www.google.hn/216.239.38.120
184 | address=/google.hn/216.239.38.120
185 | address=/www.google.hr/216.239.38.120
186 | address=/google.hr/216.239.38.120
187 | address=/www.google.ht/216.239.38.120
188 | address=/google.ht/216.239.38.120
189 | address=/www.google.hu/216.239.38.120
190 | address=/google.hu/216.239.38.120
191 | address=/www.google.ie/216.239.38.120
192 | address=/google.ie/216.239.38.120
193 | address=/www.google.im/216.239.38.120
194 | address=/google.im/216.239.38.120
195 | address=/www.google.iq/216.239.38.120
196 | address=/google.iq/216.239.38.120
197 | address=/www.google.is/216.239.38.120
198 | address=/google.is/216.239.38.120
199 | address=/www.google.it/216.239.38.120
200 | address=/google.it/216.239.38.120
201 | address=/www.google.je/216.239.38.120
202 | address=/google.je/216.239.38.120
203 | address=/www.google.jo/216.239.38.120
204 | address=/google.jo/216.239.38.120
205 | address=/www.google.ki/216.239.38.120
206 | address=/google.ki/216.239.38.120
207 | address=/www.google.kg/216.239.38.120
208 | address=/google.kg/216.239.38.120
209 | address=/www.google.kz/216.239.38.120
210 | address=/google.kz/216.239.38.120
211 | address=/www.google.la/216.239.38.120
212 | address=/google.la/216.239.38.120
213 | address=/www.google.li/216.239.38.120
214 | address=/google.li/216.239.38.120
215 | address=/www.google.lk/216.239.38.120
216 | address=/google.lk/216.239.38.120
217 | address=/www.google.lt/216.239.38.120
218 | address=/google.lt/216.239.38.120
219 | address=/www.google.lu/216.239.38.120
220 | address=/google.lu/216.239.38.120
221 | address=/www.google.lv/216.239.38.120
222 | address=/google.lv/216.239.38.120
223 | address=/www.google.md/216.239.38.120
224 | address=/google.md/216.239.38.120
225 | address=/www.google.me/216.239.38.120
226 | address=/google.me/216.239.38.120
227 | address=/www.google.mg/216.239.38.120
228 | address=/google.mg/216.239.38.120
229 | address=/www.google.mk/216.239.38.120
230 | address=/google.mk/216.239.38.120
231 | address=/www.google.ml/216.239.38.120
232 | address=/google.ml/216.239.38.120
233 | address=/www.google.mn/216.239.38.120
234 | address=/google.mn/216.239.38.120
235 | address=/www.google.ms/216.239.38.120
236 | address=/google.ms/216.239.38.120
237 | address=/www.google.mu/216.239.38.120
238 | address=/google.mu/216.239.38.120
239 | address=/www.google.mv/216.239.38.120
240 | address=/google.mv/216.239.38.120
241 | address=/www.google.mw/216.239.38.120
242 | address=/google.mw/216.239.38.120
243 | address=/www.google.ne/216.239.38.120
244 | address=/google.ne/216.239.38.120
245 | address=/www.google.nl/216.239.38.120
246 | address=/google.nl/216.239.38.120
247 | address=/www.google.no/216.239.38.120
248 | address=/google.no/216.239.38.120
249 | address=/www.google.nr/216.239.38.120
250 | address=/google.nr/216.239.38.120
251 | address=/www.google.nu/216.239.38.120
252 | address=/google.nu/216.239.38.120
253 | address=/www.google.pl/216.239.38.120
254 | address=/google.pl/216.239.38.120
255 | address=/www.google.pn/216.239.38.120
256 | address=/google.pn/216.239.38.120
257 | address=/www.google.ps/216.239.38.120
258 | address=/google.ps/216.239.38.120
259 | address=/www.google.pt/216.239.38.120
260 | address=/google.pt/216.239.38.120
261 | address=/www.google.ro/216.239.38.120
262 | address=/google.ro/216.239.38.120
263 | address=/www.google.ru/216.239.38.120
264 | address=/google.ru/216.239.38.120
265 | address=/www.google.rw/216.239.38.120
266 | address=/google.rw/216.239.38.120
267 | address=/www.google.sc/216.239.38.120
268 | address=/google.sc/216.239.38.120
269 | address=/www.google.se/216.239.38.120
270 | address=/google.se/216.239.38.120
271 | address=/www.google.sh/216.239.38.120
272 | address=/google.sh/216.239.38.120
273 | address=/www.google.si/216.239.38.120
274 | address=/google.si/216.239.38.120
275 | address=/www.google.sk/216.239.38.120
276 | address=/google.sk/216.239.38.120
277 | address=/www.google.sn/216.239.38.120
278 | address=/google.sn/216.239.38.120
279 | address=/www.google.so/216.239.38.120
280 | address=/google.so/216.239.38.120
281 | address=/www.google.sm/216.239.38.120
282 | address=/google.sm/216.239.38.120
283 | address=/www.google.sr/216.239.38.120
284 | address=/google.sr/216.239.38.120
285 | address=/www.google.st/216.239.38.120
286 | address=/google.st/216.239.38.120
287 | address=/www.google.td/216.239.38.120
288 | address=/google.td/216.239.38.120
289 | address=/www.google.tg/216.239.38.120
290 | address=/google.tg/216.239.38.120
291 | address=/www.google.tl/216.239.38.120
292 | address=/google.tl/216.239.38.120
293 | address=/www.google.tm/216.239.38.120
294 | address=/google.tm/216.239.38.120
295 | address=/www.google.tn/216.239.38.120
296 | address=/google.tn/216.239.38.120
297 | address=/www.google.to/216.239.38.120
298 | address=/google.to/216.239.38.120
299 | address=/www.google.tt/216.239.38.120
300 | address=/google.tt/216.239.38.120
301 | address=/www.google.vg/216.239.38.120
302 | address=/google.vg/216.239.38.120
303 | address=/www.google.vu/216.239.38.120
304 | address=/google.vu/216.239.38.120
305 | address=/www.google.ws/216.239.38.120
306 | address=/google.ws/216.239.38.120
307 | address=/www.google.rs/216.239.38.120
308 | address=/google.rs/216.239.38.120
309 | address=/www.google.cat/216.239.38.120
310 | address=/google.cat/216.239.38.120
311 | address=/ya.ru/213.180.193.56
312 | address=/yandex.ru/213.180.193.56
313 | address=/yandex.com/213.180.193.56
314 | address=/yandex.com.tr/213.180.193.56
315 | address=/yandex.ua/213.180.193.56
316 | address=/yandex.by/213.180.193.56
317 | address=/yandex.ee/213.180.193.56
318 | address=/yandex.lt/213.180.193.56
319 | address=/yandex.lv/213.180.193.56
320 | address=/yandex.md/213.180.193.56
321 | address=/yandex.uz/213.180.193.56
322 | address=/yandex.tm/213.180.193.56
323 | address=/yandex.tj/213.180.193.56
324 | address=/yandex.az/213.180.193.56
325 | address=/www.youtube.com/216.239.38.119
326 | address=/m.youtube.com/216.239.38.119
327 | address=/youtubei.googleapis.com/216.239.38.119
328 | address=/youtube.googleapis.com/216.239.38.119
329 | address=/www.youtube-nocookie.com/216.239.38.119
330 | EOF
331 | fi
332 | }
333 |
334 | gen(){
335 | echo '#!/bin/sh' > $FWI
336 | }
337 |
338 | add_rule(){
339 | ipset -N blockip hash:net 2>/dev/null
340 | for i in $(cat $L/ip.list);do ipset -! add blockip $i;done
341 | iptables -I FORWARD -m set --match-set blockip dst -m comment --comment "$TAG" -j DROP
342 | iptables -I OUTPUT -m set --match-set blockip dst -m comment --comment "$TAG" -j DROP
343 | gen
344 | extract_rules(){
345 | echo "*$1"
346 | iptables-save -t $1 | grep DNSFILTER |\
347 | sed -e "s/^-A \(OUTPUT\|FORWARD\)/-I \1 1/"
348 | echo 'COMMIT'
349 | }
350 | cat <<-EOF >> $FWI
351 | iptables-save -c | grep -v DNSFILTER | iptables-restore -c
352 | iptables-restore -n <<-EOT
353 | $(extract_rules filter)
354 | EOT
355 | EOF
356 | }
357 |
358 | add_cron(){
359 | if [ $cron_mode = 1 ];then
360 | if ! grep -wq "$time_update \* \* \* .*dnsfilter" $CRON_FILE;then
361 | grep -q dnsfilter $CRON_FILE && sed -i '/dnsfilter/d' $CRON_FILE
362 | echo "0 $time_update * * * $P/dnsfilter > /tmp/adupdate.log 2>&1" >> $CRON_FILE
363 | /etc/init.d/cron restart
364 | fi
365 | else
366 | del_cron
367 | fi
368 | }
369 |
370 | del_cron(){
371 | if grep -q dnsfilter $CRON_FILE;then
372 | sed -i '/dnsfilter/d' $CRON_FILE
373 | /etc/init.d/cron restart
374 | fi
375 | }
376 |
377 | del_rule(){
378 | iptables -D FORWARD -m set --match-set blockip dst -m comment --comment "$TAG" -j DROP 2>/dev/null
379 | iptables -D OUTPUT -m set --match-set blockip dst -m comment --comment "$TAG" -j DROP 2>/dev/null
380 | ipset -X blockip 2>/dev/null
381 | gen
382 | }
383 |
384 | start(){
385 | config_load dnsfilter
386 | config_foreach get_config dnsfilter
387 | if [ $enable = 0 ];then
388 | echo "`eval $E` [DNSFilter is disabled]"
389 | exit 1
390 | fi
391 | if [ -s $D/rules.conf ];then
392 | echo "`eval $E` [DNSFilter is running]"
393 | exit 1
394 | fi
395 | if [ -n "$url" ];then
396 | [ $flash = 0 -a ! -s $T/rules.conf ] && B=1
397 | [ $flash = 1 -a ! -s $L/rules/rules.conf ] && B=1
398 | fi
399 | if [ $B = 1 ];then
400 | echo "`eval $E` [Download Subscribe Rules...]"
401 | $P/addown --down $B >/dev/null 2>&1 &
402 | exit 9
403 | fi
404 | echo "`eval $E` [Load DNSFilter Rules]"
405 | add_dns
406 | add_rule
407 | add_cron
408 | if [ $STATUS = Y ];then
409 | echo "`eval $E` [Dnsmasq Change]"
410 | /etc/init.d/dnsmasq restart >/dev/null 2>&1
411 | fi
412 | }
413 |
414 | stop(){
415 | del_rule
416 | kill -9 $(ps -w | grep grep $P/dnsfilter | grep -v grep | awk '{print$1}') 2>/dev/null
417 | kill -9 $(ps -w | grep grep $P/addown | grep -v grep | awk '{print$1}') 2>/dev/null
418 | kill -9 $(ps -w | grep ad_new.conf | grep -v grep | awk '{print$1}') 2>/dev/null
419 | echo "`eval $E` [Stop DNSFilter]"
420 | rm -rf $DNSMASQ_CONF_DIR/dnsfilter.conf $D /var/lock/dnsfilter.lock
421 | if [ "$(echo $url | sed 's/ /\n/g' | sort -u)" != "$(cat $T/url 2>/dev/null)" ];then
422 | rm -rf $T
423 | [ -d $L/rules ] && rm -rf $L/rules
424 | fi
425 | ([ -h $T/url -a $flash = 0 ] || [ -z "$url" ]) && rm -rf $T
426 | [ $enable = 0 ] && del_cron
427 | if [ $STATUS = Y ];then
428 | rm -rf $T
429 | echo "`eval $E` [Revert Dnsmasq]"
430 | /etc/init.d/dnsmasq restart >/dev/null 2>&1
431 | rm -f /tmp/adupdate.log
432 | fi
433 | }
434 |
435 | restart(){
436 | if [ $enable = 1 ];then
437 | STATUS=N
438 | stop
439 | start
440 | echo "`eval $E` [Restart Dnsmasq]"
441 | /etc/init.d/dnsmasq restart >/dev/null 2>&1
442 | else
443 | stop
444 | fi
445 | }
446 |
447 | boot(){
448 | gen;start
449 | }
450 |
--------------------------------------------------------------------------------
/root/etc/uci-defaults/luci-dnsfilter:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | uci -q batch <<-EOF >/dev/null
3 | delete ucitrack.@dnsfilter[-1]
4 | add ucitrack dnsfilter
5 | set ucitrack.@dnsfilter[-1].init=dnsfilter
6 | commit ucitrack
7 | delete firewall.dnsfilter
8 | set firewall.dnsfilter=include
9 | set firewall.dnsfilter.type=script
10 | set firewall.dnsfilter.path=/var/etc/dnsfilter.include
11 | set firewall.dnsfilter.reload=1
12 | commit firewall
13 | EOF
14 |
15 | chmod 755 /etc/init.d/dnsfilter /usr/share/dnsfilter/* >/dev/null 2>&1
16 | rm -rf /tmp/luci-*
17 | exit 0
18 |
--------------------------------------------------------------------------------
/root/usr/share/dnsfilter/addown:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | [ "$1" = --down ] || exit 1
3 | # 防止重复启动
4 | LOCK=/var/lock/dnsfilter.lock
5 | [ -f $LOCK ] && exit 1
6 | touch $LOCK
7 |
8 | B=/tmp/dnsfilter
9 | C=/tmp/adupdate.log
10 | D="date +'%Y-%m-%d %H:%M:%S'"
11 | E="curl -kLfso"
12 | G="Download Subscribe Rules"
13 |
14 | if [ "$2" = 1 ];then
15 | echo "`eval $D` [$G]" >> $C
16 | /usr/share/dnsfilter/dnsfilter addown >> $C
17 | fi
18 |
19 | echo "`eval $D` [Start DNSFilter]" >> $C;echo `eval $D` > $B/dnsfilter.updated
20 | rm -f $LOCK
21 | /etc/init.d/dnsfilter start &
22 |
--------------------------------------------------------------------------------
/root/usr/share/dnsfilter/dnsfilter:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # 防止重复启动
3 | LOCK=/var/lock/dnsfilter.lock
4 | if [ -f $LOCK ];then
5 | case $1 in
6 | gen|addown)X=1;;
7 | *)exit 1;;
8 | esac
9 | fi
10 | touch $LOCK
11 |
12 | B="Download Subscribe Rules"
13 | C=0
14 | D=0
15 | E="date +'%Y-%m-%d %H:%M:%S'"
16 | U=`uci -q get dnsfilter.@dnsfilter[0].url`
17 | P=/tmp/dnsfilter
18 | W=`cat /etc/dnsfilter/white.list`
19 |
20 | gen(){
21 | cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | grep -Ev "^\|\|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}*" | sed -e 's:||:address=/:' -e 's:\^:/:' > /tmp/ad.conf
22 | for i in $W;do sed -i -e "/\/$i\//d" -e "/\.$i\//d" /tmp/ad.conf;done
23 | rm -f /tmp/adnew.conf
24 | }
25 |
26 | down(){
27 | G=/tmp/ad_tmp
28 | F=$G/ad_new.conf
29 | rm -rf $G
30 | mkdir -p $G $P
31 | for i in $U;do
32 | X=1
33 | while ! curl --connect-timeout 6 --retry 2 -m 60 -kLfso $F $i;do
34 | [ $X -ge 20 ] && echo "`eval $E` [Download $i Failed]" && continue 2 || let X++
35 | sleep 2
36 | done
37 | X=`md5sum $G/rules.conf 2>/dev/null | awk '{print$1}'`
38 | Y=`md5sum $G/host 2>/dev/null | awk '{print$1}'`
39 | sed -i -e '/127.0.0.1 #/d' -e '/127.0.0.1 !/d' -e 's:#.*::' -e 's:!.*::' -e 's/\$important//g' -e 's/[ \t]*$//g' -e 's/^[ \t]*//g' -e '/\*/d' -e '/^$/d' $F
40 | sed -i "s/\r//g" $F
41 | if grep -q "^address=" $F;then
42 | cat $F >> $G/rules.conf
43 | elif grep -q -e "^0.0.0.0 " -e "^127.0.0.1 " $F;then
44 | cat $F >> $G/host
45 | elif ! grep -q -e "|" -e "@" $F;then
46 | cat $F | sed -e 's:^:address=/:' -e 's:$:/:' >> $G/rules.conf
47 | else
48 | cat $F | grep ^\|\|[^\*]*\^$ | grep -Ev "^\|\|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}*" | sed -e 's:||:address=/:' -e 's:\^.*:/:' >> $G/rules.conf
49 | fi
50 | [ "$X" = "`md5sum $G/rules.conf 2>/dev/null | awk '{print$1}'`" -a "$Y" = "`md5sum $G/host 2>/dev/null | awk '{print$1}'`" ] && echo "`eval $E` [Conversion $i Failed]"
51 | echo $i >> $G/url
52 | done
53 | [ -s $G/host ] && sed -e '/:/d' -e '/ 0.0.0.0/d' -e '/255.255.255.255/d' -e '/ local/d' -e 's:127.0.0.1 :address=/:' -e 's:0.0.0.0 :address=/:' -e 's:$:/:' $G/host >> $G/rules.conf
54 | [ -s $G/rules.conf ] && sed -i -e 's:/127.0.0.1$:/:' -e 's:/0.0.0.0$:/:' $G/rules.conf && echo "`sort -u $G/rules.conf`" > $G/rules.conf
55 | [ -s $G/url ] && echo "`sort -u $G/url`" > $G/url
56 | if [ -s $G/rules.conf ];then
57 | echo "`eval $E` [$B Successful]"
58 | rm -f $F $G/host $P/failed
59 | for i in $W;do sed -i -e "/\/$i\//d" -e "/\.$i\//d" $G/rules.conf;done
60 | [ "$1" = 2 ] && rm -f $LOCK && exit
61 | X=`uci -q get dnsfilter.@dnsfilter[0].flash`
62 | Y=`md5sum $G/* | awk '{print$1}'`
63 | [ $X = 0 ] && Z=`md5sum $P/* 2>/dev/null | awk '{print$1}'` || Z=`md5sum /etc/dnsfilter/rules/* 2>/dev/null | awk '{print$1}'`
64 | if [ "$Y" != "$Z" ];then
65 | [ "$1" = 1 ] || echo "`eval $E` [Subscribe Rules Need Update]"
66 | if [ "$X" = 0 ];then
67 | rm -f $P/*
68 | cp -a $G/* $P
69 | else
70 | [ ! -d "/etc/dnsfilter/rules" ] &&
71 | mkdir /etc/dnsfilter/rules
72 | rm -f /etc/dnsfilter/rules/*
73 | cp -a $G/* /etc/dnsfilter/rules
74 | fi
75 | D=1
76 | else
77 | echo "`eval $E` [Subscribe Rules No Change]"
78 | fi
79 | else
80 | echo "`eval $E` [$B Failed]"
81 | echo failed > $P/failed
82 | [ "$1" = 2 ] && rm -f $LOCK && exit
83 | fi
84 | rm -rf $G
85 | }
86 |
87 | case $1 in
88 | addown)down 1;exit;;
89 | down)down 2;;
90 | gen)gen;[ "$X" = 1 ] || rm -f $LOCK;exit;;
91 | esac
92 |
93 | if [ `uci -q get dnsfilter.@dnsfilter[0].enable` = 1 ];then
94 | [ -n "$U" ] && down
95 | echo `eval $E` > $P/dnsfilter.updated
96 | fi
97 |
98 | if [ $D = 1 ];then
99 | echo "`eval $E` [Reload DNSFilter Rules]"
100 | /etc/init.d/dnsfilter restart
101 | fi
102 |
103 | rm -f $LOCK
104 |
--------------------------------------------------------------------------------
/root/usr/share/rpcd/acl.d/luci-app-dnsfilter.json:
--------------------------------------------------------------------------------
1 | {
2 | "luci-app-dnsfilter": {
3 | "description": "Grant UCI access for luci-app-dnsfilter",
4 | "read": {
5 | "file": {
6 | "/etc/init.d/dnsfilter": [ "exec" ],
7 | "/usr/share/dnsfilter/addown": [ "exec" ],
8 | "/usr/share/dnsfilter/dnsfilter": [ "exec" ],
9 | "/tmp/dnsfilter/rules.conf": [ "read" ]
10 | },
11 | "uci": [ "dnsfilter" ]
12 | },
13 | "write": {
14 | "file": {
15 | "/etc/dnsfilter/black.list": [ "write" ],
16 | "/etc/dnsfilter/ip.list": [ "write" ],
17 | "/etc/dnsfilter/white.list": [ "write" ],
18 | "/etc/dnsfilter/rules/rules.conf": [ "write" ],
19 | "/etc/dnsfilter/url": [ "write" ]
20 | },
21 | "uci": [ "dnsfilter" ]
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------