├── .github ├── FUNDING.yml └── workflows │ └── main.yml ├── LICENSE ├── README.md ├── apple ├── apple_cidr4.txt ├── apple_cidr6.txt └── apple_domain.txt ├── blacklist-mode └── blacklist-mode.tengo ├── block-app └── block-app.tengo ├── bypass-domain └── bypass-domain.tengo ├── china.pac ├── china_cidr4.txt ├── china_cidr6.txt ├── china_domain.txt ├── example_block.txt ├── example_cidr4.txt ├── example_cidr6.txt ├── example_domain.txt ├── example_script.tengo ├── ipa ├── downgrade.tengo └── history.tengo ├── mitmproxy └── mitmproxy.tengo ├── modules ├── 91porn.tengo ├── block_aaaa.tengo ├── block_google_secure_dns.tengo ├── block_youtube_ad.tengo ├── google_cn.tengo ├── index.html ├── instagram.tengo ├── juejin.tengo ├── modules.json ├── readme.md ├── soso.tengo └── zhihu.tengo ├── my ├── my_domain.txt └── my_script.tengo ├── only-allow-app └── only-allow-app.tengo ├── packet-capture └── packet-capture.tengo ├── private_cidr4.txt ├── proxy-telegram-only └── proxy-telegram-only.tengo ├── socks5-without-udp └── socks5-without-udp.tengo └── test └── test.sh /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] 4 | patreon: # Replace with a single Patreon username 5 | open_collective: # Replace with a single Open Collective username 6 | ko_fi: # Replace with a single Ko-fi username 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry 9 | liberapay: # Replace with a single Liberapay username 10 | issuehunt: # Replace with a single IssueHunt username 11 | otechie: # Replace with a single Otechie username 12 | custom: https://www.txthinking.com/opensource-support.html 13 | -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- 1 | on: workflow_dispatch 2 | jobs: 3 | fuckyaml: 4 | runs-on: macos-latest 5 | steps: 6 | - uses: actions/checkout@v4 7 | - run: bash ./test/test.sh 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2014-present Cloud https://www.txthinking.com 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 👉 https://github.com/txthinking/brook/tree/master/programmable 2 | -------------------------------------------------------------------------------- /apple/apple_cidr4.txt: -------------------------------------------------------------------------------- 1 | 127.0.0.0/8 2 | 169.254.0.0/16 3 | 172.16.0.0/12 4 | 192.168.0.0/16 5 | 224.0.0.0/4 6 | 10.0.0.0/13 7 | 10.8.0.0/16 8 | 10.10.0.0/15 9 | 10.12.0.0/14 10 | 10.16.0.0/12 11 | 10.32.0.0/11 12 | 10.64.0.0/10 13 | 10.128.0.0/9 14 | 17.0.0.0/8 15 | 103.81.148.0/22 16 | 103.81.148.0/24 17 | 103.81.149.0/24 18 | -------------------------------------------------------------------------------- /apple/apple_cidr6.txt: -------------------------------------------------------------------------------- 1 | 2620:149:a44::/48 2 | 2403:300:a42::/48 3 | 2403:300:a51::/48 4 | 2a01:b740:a42::/48 5 | -------------------------------------------------------------------------------- /apple/apple_domain.txt: -------------------------------------------------------------------------------- 1 | apple.com 2 | icloud.com 3 | cdn-apple.com 4 | mzstatic.com 5 | entrust.net 6 | digicert.com 7 | verisign.net 8 | apple 9 | itunes-apple.com.akadns.net 10 | cdn-apple.com.akadns.net 11 | cdn-apple.com.download.ks-cdn.com 12 | k128-mzstatic.gslb.ksyuncdn.com 13 | cdn-apple.com.edgekey.net 14 | e2885.e9.akamaiedge.net 15 | apple.com.edgekey.net 16 | e2490.dscb.akamaiedge.net 17 | idms-apple.com.akadns.net 18 | apple.com.edgekey.net.globalredir.akadns.net 19 | e6858.dscx.akamaiedge.net 20 | ioshost.qtlcdn.com 21 | -------------------------------------------------------------------------------- /blacklist-mode/blacklist-mode.tengo: -------------------------------------------------------------------------------- 1 | // Brook 黑名单模式 2 | // https://www.txthinking.com/talks/articles/brook-blacklist.article 3 | // Brook How to proxy only part of addresses 4 | // https://www.txthinking.com/talks/articles/brook-blacklist-en.article 5 | 6 | text := import("text") 7 | f := func() { 8 | if in_dnsquery { 9 | // block secure dns 10 | if in_dnsquery.domain == "dns.google" { 11 | return {block: true} 12 | } 13 | l := [ 14 | "google.com", 15 | "twitter.com" 16 | ] 17 | for v in l { 18 | if text.has_suffix(in_dnsquery.domain, v) { 19 | return 20 | } 21 | } 22 | return {"bypass": true} 23 | } 24 | if in_address { 25 | m := in_address 26 | if m.ipaddress { 27 | // block secure dns 28 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 29 | return { "block": true } 30 | } 31 | return {"bypass": true} 32 | } 33 | if m.domainaddress { 34 | // block secure dns 35 | if text.has_prefix(m.domainaddress, "dns.google:") { 36 | return { "block": true } 37 | } 38 | return 39 | } 40 | } 41 | } 42 | out := f() 43 | -------------------------------------------------------------------------------- /block-app/block-app.tengo: -------------------------------------------------------------------------------- 1 | // Brook macOS 如何禁止某个 App 联网 2 | // https://www.txthinking.com/talks/articles/brook-block-app.article 3 | // How Brook macOS block an app from connecting to the Internet 4 | // https://www.txthinking.com/talks/articles/brook-block-app-en.article 5 | 6 | f := func() { 7 | if in_dnsquery { 8 | if in_dnsquery.appid && in_dnsquery.appid == "ru.keepcoder.Telegram" { 9 | return {block: true} 10 | } 11 | } 12 | if in_address { 13 | if in_address.appid && in_address.appid == "ru.keepcoder.Telegram" { 14 | return {block: true} 15 | } 16 | } 17 | } 18 | out := f() 19 | -------------------------------------------------------------------------------- /bypass-domain/bypass-domain.tengo: -------------------------------------------------------------------------------- 1 | // Brook 如何跳过域名而不考虑其 IP 2 | // https://www.txthinking.com/talks/articles/brook-bypass-domain.article 3 | // How Brook bypass domain regardless of their IP 4 | // https://www.txthinking.com/talks/articles/brook-bypass-domain-en.article 5 | 6 | text := import("text") 7 | f := func() { 8 | if in_dnsquery { 9 | // block secure dns 10 | if in_dnsquery.domain == "dns.google" { 11 | return {block: true} 12 | } 13 | // if GUI bypass domain has no this domain, then this code is not required 14 | if in_dnsquery.domain == "http3.ooo" { 15 | return {forcefakedns: true} 16 | } 17 | } 18 | if in_address { 19 | m := in_address 20 | if m.ipaddress { 21 | // block secure dns 22 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 23 | return { "block": true } 24 | } 25 | } 26 | if m.domainaddress { 27 | // block secure dns 28 | if text.has_prefix(m.domainaddress, "dns.google:") { 29 | return { "block": true } 30 | } 31 | if text.has_prefix(m.domainaddress, "http3.ooo:") { 32 | return { ipaddressfrombypassdns: "A", bypass: true } 33 | } 34 | } 35 | } 36 | } 37 | out := f() 38 | -------------------------------------------------------------------------------- /china_cidr6.txt: -------------------------------------------------------------------------------- 1 | 2001:250::/31 2 | 2001:252::/32 3 | 2001:254::/32 4 | 2001:256:100::/48 5 | 2001:7fa:5::/48 6 | 2001:c68::/32 7 | 2001:da8::/32 8 | 2001:dc7::/32 9 | 2001:dd8:1::/48 10 | 2001:dd8:5::/48 11 | 2001:dd9::/48 12 | 2001:df0:2e00::/48 13 | 2001:df1:1d00::/48 14 | 2001:df1:4180::/48 15 | 2001:df1:a100::/48 16 | 2001:df1:b980::/48 17 | 2001:df1:bd80::/48 18 | 2001:df2:6680::/48 19 | 2001:df3:8b80::/48 20 | 2001:df4:1500::/48 21 | 2001:df5:7800::/48 22 | 2001:df6:f400::/48 23 | 2001:e88::/32 24 | 2400:3200::/32 25 | 2400:5280:f800::/38 26 | 2400:5400:10::/48 27 | 2400:6600::/32 28 | 2400:7fc0::/40 29 | 2400:7fc0:220::/44 30 | 2400:7fc0:240::/44 31 | 2400:7fc0:2c0::/44 32 | 2400:7fc0:4000::/40 33 | 2400:7fc0:8000::/36 34 | 2400:8200::/32 35 | 2400:89c0:1010::/44 36 | 2400:89c0:1020::/43 37 | 2400:89c0:1050::/46 38 | 2400:89c0:1091::/48 39 | 2400:89c0:1130::/44 40 | 2400:89c0:2100::/48 41 | 2400:89c0:2200::/48 42 | 2400:89c0:3010::/44 43 | 2400:89c0:6000::/48 44 | 2400:89c0:6100::/48 45 | 2400:9340::/32 46 | 2400:9380:8001::/48 47 | 2400:9380:8003::/48 48 | 2400:9380:8020::/47 49 | 2400:9380:8030::/48 50 | 2400:9380:8040::/48 51 | 2400:9380:8140::/48 52 | 2400:9380:8201::/48 53 | 2400:9380:8221::/48 54 | 2400:9380:8301::/48 55 | 2400:9380:9000::/47 56 | 2400:9380:9002::/48 57 | 2400:9380:9005::/48 58 | 2400:9380:9006::/47 59 | 2400:9380:9009::/48 60 | 2400:9380:900a::/48 61 | 2400:9380:9020::/47 62 | 2400:9380:9030::/47 63 | 2400:9380:9040::/47 64 | 2400:9380:9050::/47 65 | 2400:9380:9060::/47 66 | 2400:9380:9070::/47 67 | 2400:9380:9080::/47 68 | 2400:9380:90a0::/47 69 | 2400:9380:90b0::/45 70 | 2400:9380:9100::/47 71 | 2400:9380:9121::/48 72 | 2400:9380:9200::/47 73 | 2400:9380:9202::/48 74 | 2400:9380:9205::/48 75 | 2400:9380:9206::/48 76 | 2400:9380:9220::/47 77 | 2400:9380:9230::/47 78 | 2400:9380:9240::/47 79 | 2400:9380:9250::/47 80 | 2400:9380:9252::/48 81 | 2400:9380:9260::/47 82 | 2400:9380:9270::/47 83 | 2400:9380:9272::/48 84 | 2400:9380:9280::/47 85 | 2400:9380:9282::/48 86 | 2400:9380:92a0::/47 87 | 2400:9380:92b0::/45 88 | 2400:9380:a022::/48 89 | 2400:9600:8800::/48 90 | 2400:a040::/32 91 | 2400:a980::/29 92 | 2400:ae00:1981::/48 93 | 2400:b200::/32 94 | 2400:b600::/32 95 | 2400:be00::/32 96 | 2400:da00::/32 97 | 2400:dd00::/28 98 | 2400:de80::/32 99 | 2400:e140:1000::/48 100 | 2400:e140:3000::/48 101 | 2400:ebc0::/32 102 | 2400:ee00:ffff::/48 103 | 2400:f7c0::/32 104 | 2401:800::/32 105 | 2401:1740::/39 106 | 2401:1740:1000::/48 107 | 2401:1740:2000::/48 108 | 2401:1d40::/32 109 | 2401:2e00::/32 110 | 2401:33c0::/32 111 | 2401:3480::/36 112 | 2401:3480:2000::/35 113 | 2401:5180::/32 114 | 2401:8d00::/46 115 | 2401:8d00:4::/48 116 | 2401:8d00:6::/47 117 | 2401:8d00:8::/46 118 | 2401:8d00:c::/48 119 | 2401:8d00:f::/48 120 | 2401:8d00:10::/48 121 | 2401:b180::/32 122 | 2401:b400::/45 123 | 2401:b400:8::/47 124 | 2401:b400:10::/47 125 | 2401:b400:13::/48 126 | 2401:b400:15::/48 127 | 2401:b400:16::/47 128 | 2401:b400:18::/47 129 | 2401:b400:20::/47 130 | 2401:b680::/32 131 | 2401:be00::/32 132 | 2401:cb80::/32 133 | 2401:cc00::/32 134 | 2401:ce00::/32 135 | 2401:d180::/36 136 | 2401:d180:2120::/48 137 | 2401:de00::/32 138 | 2401:ec00::/32 139 | 2401:fa00:40::/43 140 | 2402:840:d000::/46 141 | 2402:1440::/39 142 | 2402:2000::/32 143 | 2402:28c0:fffa::/48 144 | 2402:2b40:8000::/36 145 | 2402:2b40:a000::/36 146 | 2402:33c0::/32 147 | 2402:3c00::/32 148 | 2402:3f80:1400::/40 149 | 2402:4b80::/32 150 | 2402:4e00::/32 151 | 2402:5ec0::/32 152 | 2402:6f40::/47 153 | 2402:7d80::/32 154 | 2402:8bc0::/32 155 | 2402:8cc0::/40 156 | 2402:8cc0:200::/40 157 | 2402:93c0::/48 158 | 2402:93c0:20::/48 159 | 2402:93c0:100::/48 160 | 2402:9e80:15::/48 161 | 2402:9e80:27::/48 162 | 2402:b440:3800::/46 163 | 2402:b8c0::/32 164 | 2402:b940::/40 165 | 2402:b940:200::/39 166 | 2402:d140:19::/48 167 | 2402:d140:110::/48 168 | 2402:d140:114::/48 169 | 2402:d340::/32 170 | 2402:db40::/33 171 | 2402:dfc0::/44 172 | 2402:dfc0:40::/43 173 | 2402:e380:15::/48 174 | 2402:e380:100::/40 175 | 2402:e480::/32 176 | 2402:e740::/32 177 | 2402:e7c0::/32 178 | 2402:ef40::/32 179 | 2402:f000::/32 180 | 2402:f740:1000::/36 181 | 2402:f740:2000::/36 182 | 2403:300:a42::/48 183 | 2403:300:a51::/48 184 | 2403:c80::/32 185 | 2403:1b80::/48 186 | 2403:1ec0:1200::/48 187 | 2403:1ec0:1610::/48 188 | 2403:2040::/32 189 | 2403:27c0::/32 190 | 2403:2940:1::/48 191 | 2403:2b40::/32 192 | 2403:3140::/32 193 | 2403:4240::/32 194 | 2403:4b40::/32 195 | 2403:5280::/32 196 | 2403:5c80::/48 197 | 2403:7580::/32 198 | 2403:8080::/32 199 | 2403:8880::/32 200 | 2403:8c00::/32 201 | 2403:8ec0::/32 202 | 2403:9b00::/32 203 | 2403:a140:10::/48 204 | 2403:a200::/32 205 | 2403:a880::/32 206 | 2403:ac00::/32 207 | 2403:b080::/32 208 | 2403:b400::/32 209 | 2403:d400::/32 210 | 2403:ffc0:1100::/40 211 | 2403:ffc0:1200::/39 212 | 2404:1c80::/32 213 | 2404:2280:124::/48 214 | 2404:49c0:11::/48 215 | 2404:6380::/48 216 | 2404:6380:8001::/48 217 | 2404:7180:a000::/48 218 | 2404:7180:a010::/48 219 | 2404:7180:a021::/48 220 | 2404:7180:a022::/48 221 | 2404:7180:aa00::/48 222 | 2404:7180:aa10::/48 223 | 2404:7180:b001::/48 224 | 2404:7180:b002::/48 225 | 2404:7180:b010::/48 226 | 2404:7180:b021::/48 227 | 2404:7180:b022::/48 228 | 2404:7180:c001::/48 229 | 2404:7180:c002::/48 230 | 2404:7180:c011::/48 231 | 2404:7180:c012::/48 232 | 2404:7180:f000::/48 233 | 2404:7180:f010::/48 234 | 2404:7240::/33 235 | 2404:7600::/32 236 | 2404:7940::/32 237 | 2404:7ac0:607::/48 238 | 2404:7ac0:660::/44 239 | 2404:c2c0::/40 240 | 2404:c2c0:240::/44 241 | 2404:c2c0:280::/44 242 | 2404:c2c0:2c0::/44 243 | 2404:c2c0:4000::/40 244 | 2404:c2c0:8000::/36 245 | 2404:c300::/32 246 | 2404:d480::/32 247 | 2404:de80::/39 248 | 2404:e280::/48 249 | 2404:e880::/32 250 | 2404:e8c0::/32 251 | 2404:ea80:400:2116::/64 252 | 2404:ea80:600:623::/64 253 | 2404:ea80:600:734::/64 254 | 2404:ea80:600:734a::/63 255 | 2404:ea80:600:734c::/64 256 | 2404:ea80:700:100::/63 257 | 2404:ea80:700:600::/64 258 | 2404:ea80:700:696::/63 259 | 2404:ea80:700:696a::/64 260 | 2404:ea80:800:653::/64 261 | 2404:eb40:1::/48 262 | 2404:eb40:2::/47 263 | 2404:eb40:100::/48 264 | 2404:f4c0:5000::/36 265 | 2404:f4c0:e010::/44 266 | 2404:f4c0:f000::/44 267 | 2404:f4c0:f102::/48 268 | 2404:f4c0:f200::/47 269 | 2404:f4c0:f54e::/48 270 | 2404:f4c0:f602::/48 271 | 2404:f4c0:f607::/48 272 | 2404:f4c0:f608::/46 273 | 2404:f4c0:f60f::/48 274 | 2404:f4c0:f900::/47 275 | 2404:f4c0:f90f::/48 276 | 2404:f4c0:fb00::/48 277 | 2404:f4c0:fc01::/48 278 | 2404:f4c0:fc02::/47 279 | 2404:f4c0:fc04::/46 280 | 2404:f4c0:fc08::/47 281 | 2404:f4c0:fc0a::/48 282 | 2404:f4c0:fc0f::/48 283 | 2404:f4c0:fe10::/48 284 | 2404:f4c0:fe12::/48 285 | 2404:f4c0:fff0::/48 286 | 2405:f40:7f40::/44 287 | 2405:f40:7fe0::/44 288 | 2405:1480:1000::/48 289 | 2405:1480:2000::/48 290 | 2405:3140:11::/48 291 | 2405:3140:31::/48 292 | 2405:3140:3a::/48 293 | 2405:57c0::/48 294 | 2405:5b00::/32 295 | 2405:66c0::/32 296 | 2405:6940::/48 297 | 2405:6f00::/32 298 | 2405:7040:6000::/47 299 | 2405:84c0:fa10::/44 300 | 2405:84c0:fb05::/48 301 | 2405:84c0:fb0b::/48 302 | 2405:84c0:ff10::/47 303 | 2405:84c0:ff13::/48 304 | 2405:84c0:ff14::/48 305 | 2405:84c0:ff1a::/48 306 | 2405:84c0:ff1c::/48 307 | 2405:84c0:ff1f::/48 308 | 2405:a900:ffee::/48 309 | 2405:a900:fffe::/48 310 | 2405:b7c0::/32 311 | 2405:d900::/32 312 | 2405:e000::/32 313 | 2406:280::/32 314 | 2406:840::/36 315 | 2406:840:1000::/40 316 | 2406:840:1200::/48 317 | 2406:840:1400::/44 318 | 2406:840:3000::/48 319 | 2406:840:e400::/44 320 | 2406:840:eb80::/44 321 | 2406:840:f380::/44 322 | 2406:840:f440::/44 323 | 2406:840:fd00::/48 324 | 2406:840:fd04::/48 325 | 2406:840:fd0b::/48 326 | 2406:840:fd0c::/48 327 | 2406:840:fe00::/44 328 | 2406:2000:a0::/48 329 | 2406:2700::/32 330 | 2406:3340::/32 331 | 2406:3d80::/32 332 | 2406:4500::/32 333 | 2406:5880::/32 334 | 2406:6e00::/32 335 | 2406:8080::/32 336 | 2406:8500::/32 337 | 2406:8b80::/32 338 | 2406:cf00::/48 339 | 2406:cf00:1000::/43 340 | 2406:dd80::/32 341 | 2406:e500::/33 342 | 2406:e580::/32 343 | 2406:e780::/32 344 | 2407:5380::/32 345 | 2407:8b80::/32 346 | 2407:9f00::/32 347 | 2407:ad80::/32 348 | 2407:ae80::/32 349 | 2407:b380::/32 350 | 2407:ba80::/32 351 | 2407:bc00::/32 352 | 2407:c080::/35 353 | 2407:c080:7800::/44 354 | 2408:4000::/22 355 | 2408:8000::/48 356 | 2408:8000:2::/47 357 | 2408:8000:1000::/36 358 | 2408:8000:2000::/35 359 | 2408:8000:4000::/34 360 | 2408:8000:8000::/33 361 | 2408:8001::/32 362 | 2408:8020::/30 363 | 2408:8024::/31 364 | 2408:8026::/32 365 | 2408:802a:8000::/33 366 | 2408:802c::/32 367 | 2408:8034::/32 368 | 2408:803e::/32 369 | 2408:8056::/32 370 | 2408:805c::/30 371 | 2408:8060::/33 372 | 2408:8077::/33 373 | 2408:80c2::/33 374 | 2408:80c5::/33 375 | 2408:80ca::/33 376 | 2408:80ca:8000::/34 377 | 2408:80da::/33 378 | 2408:80da:8000::/34 379 | 2408:80e0:4000::/34 380 | 2408:80e0:8000::/33 381 | 2408:80e2::/33 382 | 2408:80e3:8000::/33 383 | 2408:80e7::/34 384 | 2408:80e9:4000::/34 385 | 2408:80ea:4000::/34 386 | 2408:80ea:8000::/33 387 | 2408:80f0:4000::/34 388 | 2408:80f0:8000::/33 389 | 2408:80f1::/42 390 | 2408:80f1:40::/43 391 | 2408:80f1:70::/44 392 | 2408:80f1:80::/41 393 | 2408:80f1:100::/43 394 | 2408:80f1:120::/44 395 | 2408:80f1:160::/43 396 | 2408:80f1:180::/43 397 | 2408:80f1:1b0::/44 398 | 2408:80f1:1c0::/43 399 | 2408:80f1:1e0::/44 400 | 2408:80f1:200::/40 401 | 2408:80f5:4000::/34 402 | 2408:80f9:4000::/34 403 | 2408:80fa:4000::/34 404 | 2408:80fa:8000::/33 405 | 2408:8120:1::/48 406 | 2408:8120:2::/48 407 | 2408:8120:7000::/36 408 | 2408:8140:2000::/48 409 | 2408:815f:e000::/35 410 | 2408:8206::/31 411 | 2408:8208::/29 412 | 2408:8210::/30 413 | 2408:8214::/31 414 | 2408:821a::/31 415 | 2408:8220::/31 416 | 2408:8226::/32 417 | 2408:822a::/32 418 | 2408:822e::/31 419 | 2408:8230::/29 420 | 2408:8238::/31 421 | 2408:823c::/31 422 | 2408:8240::/32 423 | 2408:8244::/30 424 | 2408:8248::/30 425 | 2408:824c::/32 426 | 2408:824e::/31 427 | 2408:8250::/29 428 | 2408:8258::/30 429 | 2408:825c::/31 430 | 2408:8260::/32 431 | 2408:8262::/31 432 | 2408:8264::/31 433 | 2408:8266::/32 434 | 2408:826a::/32 435 | 2408:826c::/30 436 | 2408:8270::/32 437 | 2408:8274::/30 438 | 2408:8278::/31 439 | 2408:827a::/32 440 | 2408:8306::/31 441 | 2408:8308::/30 442 | 2408:8310::/30 443 | 2408:832e::/31 444 | 2408:8330::/30 445 | 2408:8340::/32 446 | 2408:8344::/30 447 | 2408:8348::/30 448 | 2408:834e::/31 449 | 2408:8350::/29 450 | 2408:8358::/30 451 | 2408:8360::/30 452 | 2408:8364::/31 453 | 2408:836c::/30 454 | 2408:8374::/30 455 | 2408:8378::/31 456 | 2408:837a::/32 457 | 2408:8410::/30 458 | 2408:8415::/32 459 | 2408:842a::/32 460 | 2408:842e::/32 461 | 2408:8434::/30 462 | 2408:8444::/30 463 | 2408:844e::/32 464 | 2408:8451::/32 465 | 2408:8456::/31 466 | 2408:8458::/30 467 | 2408:8462::/31 468 | 2408:8464::/31 469 | 2408:846c::/30 470 | 2408:8478::/31 471 | 2408:84e1::/32 472 | 2408:84e2::/31 473 | 2408:84e4::/30 474 | 2408:84e9::/32 475 | 2408:84eb::/32 476 | 2408:84ec::/30 477 | 2408:84f0::/28 478 | 2408:856c::/31 479 | 2408:8606::/31 480 | 2408:8608::/29 481 | 2408:8610::/30 482 | 2408:8614::/31 483 | 2408:861a::/31 484 | 2408:8620::/31 485 | 2408:8624::/31 486 | 2408:8626::/32 487 | 2408:862a::/32 488 | 2408:862e::/31 489 | 2408:8630::/29 490 | 2408:8638::/31 491 | 2408:863c::/31 492 | 2408:8640::/32 493 | 2408:8642::/32 494 | 2408:8644::/30 495 | 2408:8648::/31 496 | 2408:864c::/32 497 | 2408:864e::/31 498 | 2408:8650::/30 499 | 2408:8656::/31 500 | 2408:8658::/30 501 | 2408:865c::/31 502 | 2408:8660::/32 503 | 2408:8662::/31 504 | 2408:8664::/31 505 | 2408:8666::/32 506 | 2408:866a::/32 507 | 2408:866c::/30 508 | 2408:8670::/32 509 | 2408:8674::/31 510 | 2408:8676::/32 511 | 2408:8678::/31 512 | 2408:867a::/32 513 | 2408:8706::/31 514 | 2408:8708::/29 515 | 2408:8710::/30 516 | 2408:8719::/32 517 | 2408:871a::/32 518 | 2408:8720::/30 519 | 2408:8726::/32 520 | 2408:872b::/32 521 | 2408:872f::/32 522 | 2408:8730::/30 523 | 2408:8734::/31 524 | 2408:8736::/32 525 | 2408:8738::/32 526 | 2408:873c::/31 527 | 2408:8740::/32 528 | 2408:8742::/32 529 | 2408:8744::/30 530 | 2408:8748::/29 531 | 2408:8752::/32 532 | 2408:8756::/31 533 | 2408:8758::/30 534 | 2408:875c::/32 535 | 2408:8760::/32 536 | 2408:8762::/31 537 | 2408:8764::/31 538 | 2408:8766::/32 539 | 2408:8768::/32 540 | 2408:876a::/32 541 | 2408:876c::/30 542 | 2408:8770::/32 543 | 2408:8772::/31 544 | 2408:8774::/32 545 | 2408:8776::/31 546 | 2408:8778::/31 547 | 2408:877a::/32 548 | 2408:877c::/30 549 | 2408:8806::/44 550 | 2408:8806:20::/44 551 | 2408:880c::/30 552 | 2408:8810::/29 553 | 2408:8818::/31 554 | 2408:882c::/32 555 | 2408:883a::/32 556 | 2408:8856::/31 557 | 2408:8858::/30 558 | 2408:8866::/32 559 | 2408:886e::/31 560 | 2408:8872::/32 561 | 2408:890c::/31 562 | 2408:8912::/31 563 | 2408:8914::/31 564 | 2408:8916::/32 565 | 2408:891c::/32 566 | 2408:892c::/32 567 | 2408:893a::/32 568 | 2408:8948::/32 569 | 2408:8956::/31 570 | 2408:8958::/30 571 | 2408:8966::/32 572 | 2408:896e::/31 573 | 2408:8a00:c000::/34 574 | 2408:8a01::/36 575 | 2408:8a06::/47 576 | 2408:8a21:4000::/35 577 | 2408:8a22:9200::/39 578 | 2408:8a22:9400::/38 579 | 2408:8a22:9800::/40 580 | 2408:8a22:9a00::/39 581 | 2408:8a22:9c00::/38 582 | 2408:8a22:a000::/37 583 | 2408:8a23:4000::/34 584 | 2408:8a26:c000::/35 585 | 2409:8000::/20 586 | 240a:400b::/33 587 | 240a:4082:c000::/35 588 | 240a:408a:c000::/35 589 | 240a:4092:c000::/35 590 | 240a:409a:c000::/35 591 | 240a:40a2:c000::/35 592 | 240a:40aa:c000::/35 593 | 240a:414c::/31 594 | 240a:41cc::/31 595 | 240a:c000::/20 596 | 240c::/28 597 | 240c:4000::/22 598 | 240c:c000::/20 599 | 240d:4000::/21 600 | 240d:c000:1000::/36 601 | 240d:c000:2000::/36 602 | 240d:c010::/47 603 | 240d:c040::/44 604 | 240e::/20 605 | 2602:feda:1b2::/48 606 | 2602:feda:1bf::/48 607 | 2602:feda:1d0::/46 608 | 2602:feda:2d0::/47 609 | 2602:feda:2f0::/48 610 | 2602:feda:3a9::/48 611 | 2602:feda:ae5::/48 612 | 2602:feda:ae6::/47 613 | 2602:feda:ae8::/47 614 | 2602:feda:af3::/48 615 | 2602:feda:b8a::/48 616 | 2602:feda:be0::/48 617 | 2602:feda:bf0::/44 618 | 2602:ffc5:158::/47 619 | 2602:ffc5:15b::/48 620 | 2605:9d80:8001::/48 621 | 2605:9d80:8011::/48 622 | 2605:9d80:8021::/48 623 | 2605:9d80:8031::/48 624 | 2605:9d80:8041::/48 625 | 2605:9d80:8081::/48 626 | 2605:9d80:9003::/48 627 | 2605:9d80:9013::/48 628 | 2605:9d80:9023::/48 629 | 2605:9d80:9033::/48 630 | 2605:9d80:9042::/48 631 | 2605:9d80:9052::/48 632 | 2605:9d80:9061::/48 633 | 2605:9d80:9071::/48 634 | 2605:9d80:9092::/48 635 | 2620:149:a44::/48 636 | 2804:1e48::/32 637 | 2a01:b740:a42::/48 638 | 2a04:6f01:8f00::/48 639 | 2a04:f580:8000::/48 640 | 2a04:f580:8010::/47 641 | 2a04:f580:8090::/48 642 | 2a04:f580:80a0::/48 643 | 2a04:f580:8200::/48 644 | 2a04:f580:8210::/47 645 | 2a04:f580:8290::/48 646 | 2a04:f580:9000::/47 647 | 2a04:f580:9002::/48 648 | 2a04:f580:9010::/48 649 | 2a04:f580:9012::/47 650 | 2a04:f580:9020::/48 651 | 2a04:f580:9030::/48 652 | 2a04:f580:9040::/48 653 | 2a04:f580:9050::/48 654 | 2a04:f580:9060::/48 655 | 2a04:f580:9070::/48 656 | 2a04:f580:9080::/48 657 | 2a04:f580:9090::/48 658 | 2a04:f580:9200::/47 659 | 2a04:f580:9202::/48 660 | 2a04:f580:9210::/48 661 | 2a04:f580:9212::/47 662 | 2a04:f580:9220::/48 663 | 2a04:f580:9230::/48 664 | 2a04:f580:9240::/48 665 | 2a04:f580:9250::/48 666 | 2a04:f580:9260::/48 667 | 2a04:f580:9270::/48 668 | 2a04:f580:9280::/48 669 | 2a04:f580:9290::/48 670 | 2a07:1c44:7010::/47 671 | 2a07:1c44:7012::/48 672 | 2a07:1c44:7014::/48 673 | 2a07:1c44:9600::/40 674 | 2a07:59c1:30a0::/43 675 | 2a07:59c1:30c0::/43 676 | 2a09:4bc7:d020::/44 677 | 2a09:b280:ff80::/48 678 | 2a0b:4340:500::/44 679 | 2a0b:4340:520::/43 680 | 2a0b:4340:540::/43 681 | 2a0c:4a01:c30::/44 682 | 2a0c:4a01:c40::/44 683 | 2a0c:b641:571::/48 684 | 2a0e:aa01:1fff::/48 685 | 2a0e:aa06::/40 686 | 2a0e:aa07:f000::/48 687 | 2a0e:aa07:f0d0::/47 688 | 2a0e:b107:1d6::/47 689 | 2a0e:b107:1d9::/48 690 | 2a0e:b107:1dd::/48 691 | 2a0e:b107:1de::/47 692 | 2a0e:b107:9db::/48 693 | 2a0e:b107:bd1::/48 694 | 2a0e:b107:bd2::/47 695 | 2a0e:b107:bd4::/47 696 | 2a0e:b107:c10::/47 697 | 2a0f:5707:ac00::/47 698 | 2c0f:f7a8:8010::/47 699 | 2c0f:f7a8:8050::/48 700 | 2c0f:f7a8:805f::/48 701 | 2c0f:f7a8:8150::/48 702 | 2c0f:f7a8:815f::/48 703 | 2c0f:f7a8:8210::/47 704 | 2c0f:f7a8:9010::/47 705 | 2c0f:f7a8:9020::/48 706 | 2c0f:f7a8:9030::/48 707 | 2c0f:f7a8:9041::/48 708 | 2c0f:f7a8:9210::/47 709 | 2c0f:f7a8:9220::/48 710 | 2c0f:f7a8:9230::/48 711 | -------------------------------------------------------------------------------- /example_block.txt: -------------------------------------------------------------------------------- 1 | 38taobao.com 2 | 88-baidu.com 3 | a.baidu.com 4 | accscdn.m.taobao.com 5 | acs4baichuan.m.taobao.com 6 | acs.wapa.taobao.com 7 | ada.baidu.com 8 | adashbc.m.taobao.com 9 | adashbc.ut.taobao.com 10 | adash-c.m.taobao.com 11 | adash-c.ut.taobao.com 12 | adash.m.taobao.com 13 | adashx4yt.m.taobao.com 14 | adashxgc.ut.taobao.com 15 | adashx.m.taobao.com 16 | adavideo.baidu.com 17 | aden.baidu.com 18 | adm.baidu.com 19 | adn.baidu.com 20 | ad.player.baidu.com 21 | adscdn.baidu.com 22 | afd.baidu.com 23 | agoodm.m.taobao.com 24 | ai.m.taobao.com 25 | ai.taobao.com 26 | als.baidu.com 27 | amdc.m.taobao.com 28 | amdcopen.m.taobao.com 29 | anquan.baidu.com 30 | anti-bot.baidu.com 31 | antivirus.baidu.com 32 | api0.tuisong.baidu.com 33 | api1.tuisong.baidu.com 34 | api2.tuisong.baidu.com 35 | api3.tuisong.baidu.com 36 | api4.tuisong.baidu.com 37 | api5.tuisong.baidu.com 38 | api6.tuisong.baidu.com 39 | api7.tuisong.baidu.com 40 | api8.tuisong.baidu.com 41 | api9.tuisong.baidu.com 42 | api.cpu.baidu.com 43 | api.share.baidu.com 44 | api.tuisong.baidu.com 45 | api.waptest.taobao.com 46 | apoll.m.taobao.com 47 | appc.baidu.com 48 | as1.wenku.baidu.com 49 | as.baidu.com 50 | audid-api.taobao.com 51 | baichuan.baidu.com 52 | baidustatic.com 53 | baiduyubaidu.com 54 | baifen.music.baidu.com 55 | bar.baidu.com 56 | bcfeedback.taobao.com 57 | bdimg.share.baidu.com 58 | bdplus.baidu.com 59 | besc.baidustatic.com 60 | boxer.baidu.com 61 | browserkernel.baidu.com 62 | bzclk.baidu.com 63 | caclick.baidu.com 64 | c-adash.m.taobao.com 65 | cb.baidu.com 66 | cbjs.baidu.com 67 | cbjslog.baidu.com 68 | cdn-haokanapk.baidu.com 69 | cir-smart.baidu.com 70 | cjhq.baidu.com 71 | cjie.baidu.com 72 | cleaner.baidu.com 73 | click.bes.baidu.com 74 | click.fanyi.baidu.com 75 | click.hm.baidu.com 76 | click.mz.simba.taobao.com 77 | click.simba.taobao.com 78 | click.tz.simba.taobao.com 79 | cm.baichuan.baidu.com 80 | cm.baidu.com 81 | cm.pos.baidu.com 82 | count.taobao.com 83 | cpro2.baidu.com 84 | cpro2.baidustatic.com 85 | cpro.baidu.com 86 | cpro.baidustatic.com 87 | cpro.tieba.baidu.com 88 | cpro.zhidao.baidu.com 89 | cpu-admin.baidu.com 90 | cpu.baidu.com 91 | cpucdn.baidu.com 92 | crab.baidu.com 93 | crs.baidu.com 94 | cstm.baidu.com 95 | datax.baidu.com 96 | detail.taobao.com 97 | dj1.baidu.com 98 | dl1sw.baidu.com 99 | dl2.bav.baidu.com 100 | dl.client.baidu.com 101 | dl.ops.baidu.com 102 | dlsw.baidu.com 103 | dlsw.br.baidu.com 104 | dlswbr.baidu.com 105 | dl-vip.bav.baidu.com 106 | download.bav.baidu.com 107 | download.sd.baidu.com 108 | dsp.simba.taobao.com 109 | dup.baidustatic.com 110 | dxp.baidu.com 111 | e.baidu.com 112 | eclick.baidu.com 113 | eco.taobao.com 114 | eduad.baidu.com 115 | eiv.baidu.com 116 | em.baidu.com 117 | entry.baidu.com 118 | err.taobao.com 119 | ers.baidu.com 120 | fav.simba.taobao.com 121 | fc3tn.baidu.com 122 | fc5tn.baidu.com 123 | fclick.baidu.com 124 | fclog.baidu.com 125 | fcm.baidu.com 126 | feed.baidu.com 127 | feed-image.baidu.com 128 | fexclick.baidu.com 129 | fourier.taobao.com 130 | g.baidu.com 131 | g.click.taobao.com 132 | gimg.baidu.com 133 | goutong.baidu.com 134 | h-adashx4yt.ut.taobao.com 135 | h-adashx.ut.taobao.com 136 | hao123union.baidu.com 137 | hc.baidu.com 138 | hdj.baidu.com 139 | hijack.baidu.com 140 | hm.baidu.com 141 | hmma.baidu.com 142 | hpd.baidu.com 143 | idm.bce.baidu.com 144 | idm-su.baidu.com 145 | imageplus.baidu.com 146 | imgstat.baidu.com 147 | ip.taobao.com 148 | isite.baidu.com 149 | itsdata.map.baidu.com 150 | j.br.baidu.com 151 | jsmbaidu.com 152 | kstj.baidu.com 153 | log.music.baidu.com 154 | lxbjs.baidu.com 155 | m1.baidu.com 156 | m-adash.m.taobao.com 157 | mclick.simba.taobao.com 158 | mipengine.baidu.com 159 | mobads.baidu.com 160 | mobads-logs.baidu.com 161 | mo.baidu.com 162 | mountain.zhidao.baidu.com 163 | mpro.baidu.com 164 | m.simba.taobao.com 165 | msite.baidu.com 166 | mssp.baidu.com 167 | mtj.baidu.com 168 | nadvideo2.baidu.com 169 | nadvideo.baidu.com 170 | nbsdk-baichuan.taobao.com 171 | nj.t.bcsp2p.baidu.com 172 | nlog.baidu.com 173 | nsclick.baidu.com 174 | nsclickvideo.baidu.com 175 | openjmacs.m.taobao.com 176 | openrcv.baidu.com 177 | paimgcdn-feed.baidu.com 178 | pc.videoclick.baidu.com 179 | pimlog.baidu.com 180 | pindao.huoban.taobao.com 181 | plugin.mobopay.baidu.com 182 | pos.baidu.com 183 | pro.baidu.com 184 | publish-pic-cpu.baidu.com 185 | pups.baidu.com 186 | push.music.baidu.com 187 | push.zhanzhang.baidu.com 188 | qapm.baidu.com 189 | qianclick.baidu.com 190 | qw.baidu.com 191 | r6.mo.baidu.com 192 | redirect.simba.taobao.com 193 | release.baidu.com 194 | re.m.taobao.com 195 | res.mi.baidu.com 196 | re.taobao.com 197 | rigel.baidustatic.com 198 | river.zhidao.baidu.com 199 | rj.baidu.com 200 | rj.m.taobao.com 201 | rp.baidu.com 202 | sa0.tuisong.baidu.com 203 | sa1.tuisong.baidu.com 204 | sa3.tuisong.baidu.com 205 | sa.tuisong.baidu.com 206 | s.baidu.com 207 | sclick.baidu.com 208 | s.cpro.baidu.com 209 | sdkinit.taobao.com 210 | sestat.baidu.com 211 | shadu.baidu.com 212 | share.baidu.com 213 | show.re.taobao.com 214 | simaba.m.taobao.com 215 | simaba.taobao.com 216 | simba.m.taobao.com 217 | sjarvis.taobao.com 218 | sjh.baidu.com 219 | snippet.pos.baidu.com 220 | sobar.baidu.com 221 | sofire.baidu.com 222 | srd.simba.taobao.com 223 | s.share.baidu.com 224 | static1.searchbox.baidu.com 225 | stat.simba.taobao.com 226 | stat.v.baidu.com 227 | tcbox.baidu.com 228 | techain.baidu.com 229 | temai.taobao.com 230 | textlink.simba.taobao.com 231 | tns.simba.taobao.com 232 | toolbar.baidu.com 233 | top.taobao.com 234 | tracker.baidu.com 235 | tuijian.baidu.com 236 | tuisong.baidu.com 237 | tunion-api.m.taobao.com 238 | tyh.taobao.com 239 | ubmcmm.baidustatic.com 240 | ubmcvideo.baidustatic.com 241 | ucstat.baidu.com 242 | udpolimenew.baidu.com 243 | ulog.imap.baidu.com 244 | umengacs.m.taobao.com 245 | umengjmacs.m.taobao.com 246 | union.baidu.com 247 | unionimage.baidu.com 248 | unionsug.baidu.com 249 | unitacs.m.taobao.com 250 | usp1.baidu.com 251 | utility.baidu.com 252 | videopush.baidu.com 253 | wangmeng.baidu.com 254 | weishi.baidu.com 255 | w.gdown.baidu.com 256 | wisepush.video.baidu.com 257 | wkctj.baidu.com 258 | wm.baidu.com 259 | w.m.taobao.com 260 | wn.pos.baidu.com 261 | w.x.baidu.com 262 | xsolid.baidu.com 263 | yingxiao.baidu.com 264 | youku-acs.m.taobao.com 265 | znsv.baidu.com 266 | -------------------------------------------------------------------------------- /example_cidr4.txt: -------------------------------------------------------------------------------- 1 | 127.0.0.0/32 2 | 192.168.1.0/24 3 | 1.2.4.8/32 4 | -------------------------------------------------------------------------------- /example_cidr6.txt: -------------------------------------------------------------------------------- 1 | ::1/128 2 | fd00::/8 3 | 2001:dc7:1000::1/128 4 | -------------------------------------------------------------------------------- /example_domain.txt: -------------------------------------------------------------------------------- 1 | lt 2 | a.com 3 | c.b.com 4 | -------------------------------------------------------------------------------- /example_script.tengo: -------------------------------------------------------------------------------- 1 | text := import("text") 2 | brook := import("brook") 3 | json := import("json") 4 | 5 | dnsquery_handler := func(m){ 6 | // local dev example 7 | if m.domain == "myapi.local" { 8 | if m.type == "A" { 9 | return {ip: "10.211.1.76"} 10 | } 11 | if m.type == "AAAA" { 12 | return {"block": true} 13 | } 14 | } 15 | // block secure dns 16 | if m.domain == "dns.google" { 17 | return {"block": true} 18 | } 19 | // block ipv6 20 | if m.type == "AAAA" { 21 | return {"block": true} 22 | } 23 | // do not use fake dns, instagram 90% ? 24 | l := [ 25 | "facebook.com", 26 | "fbcdn.net", 27 | "facebook.net", 28 | "akamaihd.net", 29 | "thefacebook.com", 30 | "tfbnw.net", 31 | "messenger.com", 32 | "fb.me", 33 | "fbsbx.com", 34 | "fb.com", 35 | "whatsapp.net", 36 | "whatsapp.com", 37 | "instagram.com", 38 | "akamai.net", 39 | "aaplimg.com", 40 | "alibabadns.com", 41 | "akamaiedge.net", 42 | "apple-dns.net", 43 | "akadns.net", 44 | "cdninstagram.com" 45 | ] 46 | for v in l { 47 | if text.has_suffix(m.domain, v) { 48 | return {"system": true} 49 | } 50 | } 51 | // use bypass dns to resolve ip, apple push 52 | l = [ 53 | "apple.com", 54 | "icloud.com", 55 | "cdn-apple.com", 56 | "mzstatic.com", 57 | "entrust.net", 58 | "digicert.com", 59 | "verisign.net", 60 | "apple", 61 | "itunes-apple.com.akadns.net", 62 | "cdn-apple.com.akadns.net", 63 | "ks-cdn.com", 64 | "ksyuncdn.com", 65 | "cdn-apple.com.edgekey.net", 66 | "e2885.e9.akamaiedge.net", 67 | "apple.com.edgekey.net", 68 | "e2490.dscb.akamaiedge.net", 69 | "idms-apple.com.akadns.net", 70 | "apple.com.edgekey.net.globalredir.akadns.net", 71 | "e6858.dscx.akamaiedge.net", 72 | "ioshost.qtlcdn.com" 73 | ] 74 | for v in l { 75 | if text.has_suffix(m.domain, v) { 76 | return {"bypass": true} 77 | } 78 | } 79 | } 80 | 81 | address_handler := func(m) { 82 | if m.ipaddress { 83 | // block secure dns 84 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 85 | return { "block": true } 86 | } 87 | // extract ip 88 | r := brook.splithostport(m.ipaddress) 89 | if is_error(r) { 90 | return r 91 | } 92 | // block an ip 93 | if r.host == "1.2.4.8" { 94 | return { "block": true } 95 | } 96 | // bypass zz and cn ip 97 | s := brook.country(r.host) 98 | if s == "ZZ" || s == "CN" { 99 | return { "bypass": true } 100 | } 101 | // bypass apple push 102 | l := [ 103 | "17.0.0.0/8", 104 | "103.81.148.0/22", 105 | "103.81.148.0/24", 106 | "103.81.149.0/24", 107 | "2620:149:a44::/48", 108 | "2403:300:a42::/48", 109 | "2403:300:a51::/48", 110 | "2a01:b740:a42::/48" 111 | ] 112 | for v in l { 113 | if brook.cidrcontainsip(v, r.host) { 114 | return {"bypass": true} 115 | } 116 | } 117 | } 118 | if m.domainaddress { 119 | // block secure dns 120 | if text.has_prefix(m.domainaddress, "dns.google:") { 121 | return { "block": true } 122 | } 123 | if m.network == "tcp" { 124 | // Packet Capture and Modify 125 | if m.domainaddress == "httpbin.org:80" { 126 | return {"mitm": true, "mitmprotocol": "http"} 127 | } 128 | if m.domainaddress == "httpbin.org:443" { 129 | return {"mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 130 | } 131 | // connect this ip and bypass it 132 | if m.domainaddress == "myapi2.local:80" { 133 | return {"ipaddress": "10.211.1.76:8080", "bypass": true, "mitm": true, "mitmprotocol": "http", "mitmwithbody": true, "mitmautohandlecompress": true} 134 | } 135 | // get A via bypass dns, then connect it and bypass it 136 | if m.domainaddress == "myip.ipip.net:443" { 137 | return {"ipaddressfrombypassdns": "A", "bypass": true, "mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 138 | } 139 | } 140 | if m.network == "udp" { 141 | // block http3 142 | if m.domainaddress == "httpbin.org:443" { 143 | return { "block": true } 144 | } 145 | } 146 | } 147 | } 148 | 149 | httprequest_handler := func(request){ 150 | // redirect 151 | if text.has_prefix(request["URL"], "http://httpbin.org") { 152 | response := { 153 | "StatusCode": 301, 154 | "Location": text.replace(request["URL"], "http://", "https://", 1) 155 | } 156 | return response 157 | } 158 | // Packet Modify request header and body 159 | if request["URL"] == "https://httpbin.org/post" && request["Method"] == "POST" && request["Content-Type"] == "application/x-www-form-urlencoded" { 160 | request["User-Agent"] = "curl/7.79.1" 161 | request["Body"] = bytes("hello=world") 162 | return request 163 | } 164 | return request 165 | } 166 | 167 | httpresponse_handler := func(request, response){ 168 | delete(response, "Alt-Svc") // Avoid upgrading to http3 from http1 or http2 169 | // Packet Modify response body 170 | if text.has_prefix(request["URL"], "https://httpbin.org") && !text.has_prefix(request["URL"], "https://httpbin.org/stream/") && response["Content-Type"] == "application/json" { 171 | j := json.decode(response["Body"]) 172 | j.origin = "M.A.R.S" 173 | response["Body"] = json.encode(j) 174 | return response 175 | } 176 | // Packet Modify response body 177 | if text.has_prefix(request["URL"], "https://myip.ipip.net") { 178 | response["Body"] = bytes(text.split(string(response["Body"]), "IP")[0] + "来自: 火星") 179 | return response 180 | } 181 | return response 182 | } 183 | 184 | handler := func(){ 185 | if in_dnsquery { 186 | return dnsquery_handler(in_dnsquery) 187 | } 188 | if in_address { 189 | return address_handler(in_address) 190 | } 191 | if in_httprequest && !in_httpresponse { 192 | return httprequest_handler(in_httprequest) 193 | } 194 | if in_httprequest && in_httpresponse { 195 | return httpresponse_handler(in_httprequest, in_httpresponse) 196 | } 197 | } 198 | 199 | out := handler() 200 | -------------------------------------------------------------------------------- /ipa/downgrade.tengo: -------------------------------------------------------------------------------- 1 | // Download older version app from iTunes server 2 | // 使用 Brook 下载任意 iOS App 的旧版本 3 | // 4 | // Replace the values of appid and versionid to yours. 5 | // 6 | // https://www.txthinking.com/talks/articles/ios-old-version-app.article 7 | // https://www.txthinking.com/talks/articles/ios-old-version-app-en.article 8 | 9 | appid := "544007664" // YouTube 10 | versionid := "848374799" // v17.15.1 11 | 12 | text := import("text") 13 | f := func(){ 14 | if in_dnsquery { 15 | // block secure dns 16 | if in_dnsquery.domain == "dns.google" { 17 | return {block: true} 18 | } 19 | } 20 | if in_address { 21 | m := in_address 22 | if m.ipaddress { 23 | // block secure dns 24 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 25 | return { "block": true } 26 | } 27 | } 28 | if m.domainaddress { 29 | // block secure dns 30 | if text.has_prefix(m.domainaddress, "dns.google:") { 31 | return { "block": true } 32 | } 33 | if text.has_suffix(m.domainaddress, "-buy.itunes.apple.com:443") { 34 | return { 35 | mitm:true, 36 | mitmprotocol: "https", 37 | mitmwithbody: true, 38 | mitmautohandlecompress: true 39 | } 40 | } 41 | } 42 | return 43 | } 44 | if in_httprequest && !in_httpresponse { 45 | if in_httprequest["Method"] == "POST" && text.contains(in_httprequest["URL"], "/WebObjects/MZBuy.woa/wa/buyProduct") { 46 | s := string(in_httprequest["Body"]) 47 | if text.contains(s, ""+appid+"") { 48 | in_httprequest["Body"] = bytes(text.re_replace(`appExtVrsId\s*\d+`, s, "appExtVrsId\n"+versionid+"")) 49 | } 50 | } 51 | return in_httprequest 52 | } 53 | if in_httprequest && in_httpresponse { 54 | return in_httpresponse 55 | } 56 | } 57 | out := f() 58 | -------------------------------------------------------------------------------- /ipa/history.tengo: -------------------------------------------------------------------------------- 1 | // Get history version id list 2 | // 使用 Brook 下载任意 iOS App 的旧版本 3 | // 4 | // https://www.txthinking.com/talks/articles/ios-old-version-app.article 5 | // https://www.txthinking.com/talks/articles/ios-old-version-app-en.article 6 | 7 | text := import("text") 8 | f := func(){ 9 | if in_dnsquery { 10 | // block secure dns 11 | if in_dnsquery.domain == "dns.google" { 12 | return {block: true} 13 | } 14 | } 15 | if in_address { 16 | m := in_address 17 | if m.ipaddress { 18 | // block secure dns 19 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 20 | return { "block": true } 21 | } 22 | } 23 | if m.domainaddress { 24 | // block secure dns 25 | if text.has_prefix(m.domainaddress, "dns.google:") { 26 | return { "block": true } 27 | } 28 | if text.has_suffix(m.domainaddress, "-buy.itunes.apple.com:443") { 29 | return { 30 | mitm:true, 31 | mitmprotocol: "https", 32 | mitmwithbody: true, 33 | mitmautohandlecompress: true 34 | } 35 | } 36 | } 37 | return 38 | } 39 | if in_httprequest && !in_httpresponse { 40 | return in_httprequest 41 | } 42 | if in_httprequest && in_httpresponse { 43 | return in_httpresponse 44 | } 45 | } 46 | out := f() 47 | -------------------------------------------------------------------------------- /mitmproxy/mitmproxy.tengo: -------------------------------------------------------------------------------- 1 | // Brook and mitmproxy for mobile phone deep Packet Capture 2 | // https://www.txthinking.com/talks/articles/brook-mitmproxy-en.article 3 | // 4 | // Brook 和 mitmproxy 进行深度手机抓包 5 | // https://www.txthinking.com/talks/articles/brook-mitmproxy.article 6 | 7 | text := import("text") 8 | 9 | f := func(){ 10 | if in_dnsquery { 11 | // block secure dns 12 | if in_dnsquery.domain == "dns.google" { 13 | return {block: true} 14 | } 15 | // block ipv6, if your server or local does not support ipv6 16 | if in_dnsquery.type == "AAAA" { 17 | return {block: true} 18 | } 19 | } 20 | if in_address { 21 | m := in_address 22 | if m.ipaddress { 23 | // block secure dns 24 | if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" { 25 | return { "block": true } 26 | } 27 | // block or bypass udp 28 | if m.network == "udp" { 29 | return { bypass: true } // or { block : true } 30 | } 31 | } 32 | if m.domainaddress { 33 | // block secure dns 34 | if text.has_prefix(m.domainaddress, "dns.google:") { 35 | return { "block": true } 36 | } 37 | // block udp 38 | if m.network == "udp" { 39 | return { block: true } 40 | } 41 | } 42 | } 43 | } 44 | out := f() 45 | -------------------------------------------------------------------------------- /modules/91porn.tengo: -------------------------------------------------------------------------------- 1 | // 移除 91porn 广告 2 | modules = append(modules, { 3 | address: func(m) { 4 | if m.network == "tcp" && m.domainaddress { 5 | if m.domainaddress == "91porn.com:443" { 6 | return {"mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 7 | } 8 | if m.domainaddress == "91porn.com:80" { 9 | return {"mitm": true, "mitmprotocol": "http", "mitmwithbody": true, "mitmautohandlecompress": true} 10 | } 11 | return 12 | } 13 | if m.network == "udp" && m.domainaddress { 14 | if m.domainaddress == "91porn.com:443" { 15 | return { "block": true } 16 | } 17 | return 18 | } 19 | }, 20 | httpresponse: func(request, response) { 21 | text := import("text") 22 | if (text.has_prefix(request["URL"], "http://91porn.com/") || text.has_prefix(request["URL"], "https://91porn.com/")) && response["Content-Type"] == "text/html; charset=UTF-8" { 23 | response["Body"] = bytes(text.replace(string(response["Body"]), "", ``, 1)) 24 | return response 25 | } 26 | } 27 | }) 28 | -------------------------------------------------------------------------------- /modules/block_aaaa.tengo: -------------------------------------------------------------------------------- 1 | // Block AAAA 2 | modules = append(modules, { 3 | dnsquery: func(m) { 4 | if m.type == "AAAA" { 5 | return {"block": true} 6 | } 7 | } 8 | }) 9 | -------------------------------------------------------------------------------- /modules/block_google_secure_dns.tengo: -------------------------------------------------------------------------------- 1 | // Block google secure DNS on system or browser 2 | modules = append(modules, { 3 | dnsquery: func(m) { 4 | if m.domain == "dns.google" { 5 | return { "block": true } 6 | } 7 | }, 8 | address: func(m) { 9 | if m.ipaddress && (m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443") { 10 | return { "block": true } 11 | } 12 | if m.domainaddress { 13 | text := import("text") 14 | if text.has_prefix(m.domainaddress, "dns.google:") { 15 | return { "block": true } 16 | } 17 | } 18 | } 19 | }) 20 | -------------------------------------------------------------------------------- /modules/block_youtube_ad.tengo: -------------------------------------------------------------------------------- 1 | // iOS YouTube APP AD Block 2 | modules = append(modules, { 3 | address: func(m) { 4 | brook := import("brook") 5 | if brook.os != "ios" || brook.iosapponmac { 6 | return 7 | } 8 | if m.domainaddress { 9 | text := import("text") 10 | if (text.has_suffix(m.domainaddress, "googlevideo.com:443") && !text.has_prefix(m.domainaddress, "redirector")) || m.domainaddress == "www.youtube.com:443" || m.domainaddress == "s.youtube.com:443" || m.domainaddress == "youtubei.googleapis.com:443" { 11 | if m.network == "tcp" { 12 | return {"mitm": true, "mitmprotocol": "https"} 13 | } 14 | if m.network == "udp" { 15 | return { "block": true } 16 | } 17 | } 18 | } 19 | }, 20 | httprequest: func(request) { 21 | brook := import("brook") 22 | if brook.os != "ios" || brook.iosapponmac { 23 | return 24 | } 25 | text := import("text") 26 | if(text.contains(request["URL"], "googlevideo.com") && !text.contains(request["URL"], "googlevideo.com/dclk_video_ads") && !text.contains(request["URL"], "redirector") && text.contains(request["URL"], "&ctier=L") && text.contains(request["URL"], ",ctier,")){ 27 | return { 28 | "StatusCode": 302, 29 | "Location": text.replace(text.replace(request["URL"], "&ctier=L", "", 1), ",ctier,", "", 1) 30 | } 31 | } 32 | if(text.contains(request["URL"], "googlevideo.com") && !text.contains(request["URL"], "googlevideo.com/dclk_video_ads") && !text.contains(request["URL"], "googlevideo.com/videoplayback?") && !text.contains(request["URL"], "redirector") && text.contains(request["URL"], "&oad")){ 33 | return { 34 | "StatusCode": 503 35 | } 36 | } 37 | if(text.re_match(`^https?:\/\/youtubei\.googleapis\.com\/youtubei\/v\d\/player\/ad_break`, request["URL"])){ 38 | return { 39 | "StatusCode": 503 40 | } 41 | } 42 | if(text.re_match(`^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads`, request["URL"])){ 43 | return { 44 | "StatusCode": 503 45 | } 46 | } 47 | if(text.re_match(`^https?:\/\/(www|s)\.youtube\.com\/(pagead|ptracking)`, request["URL"])){ 48 | return { 49 | "StatusCode": 503 50 | } 51 | } 52 | if(text.re_match(`^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext`, request["URL"])){ 53 | return { 54 | "StatusCode": 503 55 | } 56 | } 57 | } 58 | }) 59 | -------------------------------------------------------------------------------- /modules/google_cn.tengo: -------------------------------------------------------------------------------- 1 | // www.google.cn 重定向到 www.google.com 2 | modules = append(modules, { 3 | dnsquery: func(m) { 4 | if m.domain == "www.google.cn" { 5 | return {forcefakedns: true} 6 | } 7 | }, 8 | address: func(m) { 9 | if m.domainaddress { 10 | if m.domainaddress == "www.google.cn:80" { 11 | if m.network == "tcp" { 12 | return {"mitm": true, "mitmprotocol": "http"} 13 | } 14 | } 15 | if m.domainaddress == "www.google.cn:443" { 16 | if m.network == "tcp" { 17 | return {"mitm": true, "mitmprotocol": "https"} 18 | } 19 | if m.network == "udp" { 20 | return { "block": true } 21 | } 22 | } 23 | } 24 | }, 25 | httprequest: func(request) { 26 | text := import("text") 27 | if text.has_prefix(request["URL"], "http://www.google.cn/") { 28 | return { 29 | "StatusCode": 302, 30 | "Location": text.replace(request["URL"], "http://www.google.cn", "https://www.google.com", 1) 31 | } 32 | } 33 | if text.has_prefix(request["URL"], "https://www.google.cn/") { 34 | return { 35 | "StatusCode": 302, 36 | "Location": text.replace(request["URL"], "https://www.google.cn", "https://www.google.com", 1) 37 | } 38 | } 39 | } 40 | }) 41 | -------------------------------------------------------------------------------- /modules/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 15 | 16 | 17 | 18 | 19 | 20 | Brook Script Builder 21 | 37 | 173 | 174 | 175 | 188 |
189 |
有些功能是无法抽象为模块或者不方便公开分享,所以更强大和灵活的请编写独立脚本。文档示例
190 |
Some functions cannot be abstracted into modules or are not convenient for public sharing, so please write standalone scripts for more powerful and flexible functions. Documentation and Examples.
191 |

选择你要开启的模块

192 |

Select the module you want to activate

193 |
194 |

195 |
196 |
197 | 207 |
208 |
209 | 210 | 211 |
212 | 217 | 218 | 219 | -------------------------------------------------------------------------------- /modules/instagram.tengo: -------------------------------------------------------------------------------- 1 | // Instagram itself has a non-standard dns cache, so we don't use fakedns for it. 2 | modules = append(modules, { 3 | dnsquery: func(m) { 4 | text := import("text") 5 | l := [ 6 | "facebook.com", 7 | "fbcdn.net", 8 | "facebook.net", 9 | "akamaihd.net", 10 | "thefacebook.com", 11 | "tfbnw.net", 12 | "messenger.com", 13 | "fb.me", 14 | "fbsbx.com", 15 | "fb.com", 16 | "whatsapp.net", 17 | "whatsapp.com", 18 | "instagram.com", 19 | "akamai.net", 20 | "aaplimg.com", 21 | "alibabadns.com", 22 | "akamaiedge.net", 23 | "apple-dns.net", 24 | "akadns.net", 25 | "cdninstagram.com" 26 | ] 27 | for v in l { 28 | if text.has_suffix(m.domain, v) { 29 | return {"system": true} 30 | } 31 | } 32 | } 33 | }) 34 | -------------------------------------------------------------------------------- /modules/juejin.tengo: -------------------------------------------------------------------------------- 1 | // 掘金忽略下载app,跳转外部链接继续访问 2 | modules = append(modules, { 3 | dnsquery: func(m) { 4 | brook := import("brook") 5 | if m.domain == "link.juejin.cn" || (m.domain == "juejin.cn" && (brook.os=="ios" || brook.os=="android")) { 6 | return {forcefakedns: true} 7 | } 8 | }, 9 | address: func(m) { 10 | if m.domainaddress { 11 | if m.domainaddress == "link.juejin.cn:443" { 12 | if m.network == "tcp" { 13 | return {"mitm": true, "mitmprotocol": "https"} 14 | } 15 | if m.network == "udp" { 16 | return { "block": true } 17 | } 18 | } 19 | if m.domainaddress == "juejin.cn:443" { 20 | if m.network == "tcp" { 21 | return {ipaddressfrombypassdns: "A", bypass: true, "mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 22 | } 23 | if m.network == "udp" { 24 | return { "block": true } 25 | } 26 | } 27 | } 28 | }, 29 | httprequest: func(request) { 30 | text := import("text") 31 | if text.has_prefix(request["URL"], "https://link.juejin.cn/") { 32 | brook := import("brook") 33 | s := brook.parsequery(brook.parseurl(request["URL"]).rawquery)["target"] 34 | if s { 35 | return { 36 | "StatusCode": 301, 37 | "Location": s 38 | } 39 | } 40 | } 41 | }, 42 | httpresponse: func(request, response) { 43 | text := import("text") 44 | if text.has_prefix(request["URL"], "https://juejin.cn/post/") && (text.contains(request["User-Agent"], "iPhone") || text.contains(request["User-Agent"], "Android")) { 45 | response["Body"] = bytes(text.replace(string(response["Body"]), "", ``, 1)) 46 | return response 47 | } 48 | } 49 | }) 50 | -------------------------------------------------------------------------------- /modules/modules.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "description_en": "Block google secure DNS, prevent Brook's Fake DNS from not working", 4 | "description_zh": "阻断 Google 安全 DNS, 避免 Brook 的 虚拟 DNS 不生效", 5 | "link_en": "https://www.txthinking.com/talks/articles/brook-fakedns-en.article", 6 | "link_zh": "https://www.txthinking.com/talks/articles/brook-fakedns.article", 7 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/block_google_secure_dns.tengo" 8 | }, 9 | { 10 | "description_en": "Block AAAA, if your local or server does not support IPv6", 11 | "description_zh": "阻断 AAAA, 如果你的本地或服务器不支持 IPv6", 12 | "link_en": "https://www.txthinking.com/talks/articles/brook-ipv6-en.article", 13 | "link_zh": "https://www.txthinking.com/talks/articles/brook-ipv6.article", 14 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/block_aaaa.tengo" 15 | }, 16 | { 17 | "description_en": "CA needs to be installed. Remove 91porn AD", 18 | "description_zh": "需要安装 CA。移除 91porn 广告", 19 | "link_en": "", 20 | "link_zh": "", 21 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/91porn.tengo" 22 | }, 23 | { 24 | "description_en": "CA needs to be installed. Remove iOS YouTube AD", 25 | "description_zh": "需要安装 CA。移除 iOS YouTube 广告", 26 | "link_en": "https://www.txthinking.com/talks/articles/block-youtube-app-ad-en.article", 27 | "link_zh": "https://www.txthinking.com/talks/articles/block-youtube-app-ad.article", 28 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/block_youtube_ad.tengo" 29 | }, 30 | { 31 | "description_en": "CA needs to be installed. google.cn 301 google.com", 32 | "description_zh": "需要安装 CA。google.cn 301 google.com", 33 | "link_en": "", 34 | "link_zh": "", 35 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/google_cn.tengo" 36 | }, 37 | { 38 | "description_en": "Instagram has a non-standard dns cache, so we don't use fakedns for it. The domain name may be incomplete, welcome to PR", 39 | "description_zh": "Instagram 的 DNS 缓存不标准,所以不让他走绕过 DNS。域名可能不全,欢迎PR", 40 | "link_en": "", 41 | "link_zh": "", 42 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/instagram.tengo" 43 | }, 44 | { 45 | "description_en": "CA needs to be installed. Optimize juejin", 46 | "description_zh": "需要安装 CA。掘金忽略下载app,跳转外部链接继续访问", 47 | "link_en": "", 48 | "link_zh": "", 49 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/juejin.tengo" 50 | }, 51 | { 52 | "description_en": "CA needs to be installed. Replace google search to soso.ooo on chrome mobile", 53 | "description_zh": "需要安装 CA。手机端的 Chrome 替换 Google搜索为 soso.ooo", 54 | "link_en": "", 55 | "link_zh": "", 56 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/soso.tengo" 57 | }, 58 | { 59 | "description_en": "CA needs to be installed. Optimize zhihu", 60 | "description_zh": "需要安装 CA。知乎登录弹窗,跳转外部链接", 61 | "link_en": "", 62 | "link_zh": "", 63 | "url": "https://raw.githubusercontent.com/txthinking/bypass/master/modules/zhihu.tengo" 64 | } 65 | ] 66 | -------------------------------------------------------------------------------- /modules/readme.md: -------------------------------------------------------------------------------- 1 | 此目录下是将一些可分享给他人的功能脚本抽象为独立的模块。有些功能是无法抽象为模块或者不方便公开分享,所以更强大和灵活的请编写独立脚本。[文档](https://brook.app) 和 [示例](https://github.com/txthinking/bypass)。 2 | 3 | > Under this directory, some functional scripts that can be shared with others are abstracted into modules. Some functions cannot be abstracted into modules or are not convenient for public sharing, so please write standalone scripts for more powerful and flexible functions. [documentation](https://brook.app) and [example](https://github.com/txthinking/bypass). 4 | 5 | ## Brook 脚本生成器 | Brook Script Builder 6 | 7 | https://modules.brook.app 8 | 9 | ## 模块原理 | Module principle 10 | 11 | 很简单,一个模块里有几个处理函数。一个头 + N 个模块 + 一个尾,最后合并成一个脚本文件。 12 | 13 | > Very simple, there are several processing functions in a module. A header + N modules + a footer, finally merged into a script file. 14 | 15 | 一个头 | header 16 | 17 | ``` 18 | modules := [] 19 | ``` 20 | 21 | 模块 | module 22 | 23 | ``` 24 | modules = append(modules, { 25 | dnsquery: func(m) { 26 | if m.domain == "dns.google" { 27 | return { "block": true } 28 | } 29 | }, 30 | address: func(m) { 31 | text := import("text") 32 | if m.ipaddress && (m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443") { 33 | return { "block": true } 34 | } 35 | if m.domainaddress && text.has_prefix(m.domainaddress, "dns.google:") { 36 | return { "block": true } 37 | } 38 | } 39 | }) 40 | ``` 41 | 42 | 一个尾 | footer 43 | 44 | ``` 45 | f := func() { 46 | if in_dnsquery { 47 | for i:=0; i", ``, 1)) 46 | return response 47 | } 48 | } 49 | }) 50 | -------------------------------------------------------------------------------- /my/my_domain.txt: -------------------------------------------------------------------------------- 1 | wxcloudrun.com 2 | alibabadns.com 3 | wsglb0.com 4 | ipchaxun.net 5 | push-apple.com.akadns.net 6 | 10010.com 7 | 115.com 8 | 126.net 9 | 127.net 10 | 163.com 11 | 163jiasu.com 12 | 163yun.com 13 | 1905.com 14 | 21cn.com 15 | 300hu.com 16 | 321fenx.com 17 | 360buyimg.com 18 | 365dmp.com 19 | 71edge.com 20 | 95516.com 21 | adkwai.com 22 | adukwai.com 23 | aggrx.com 24 | ali-health.com 25 | aliapp.org 26 | alibaba-inc.com 27 | alibaba.com 28 | alibabausercontent.com 29 | alicdn.com 30 | alipay.com 31 | alipayobjects.com 32 | aliyun.com 33 | aliyuncs.com 34 | amap.com 35 | amemv.com 36 | apple 37 | apple.com 38 | baidu.com 39 | baidubce.com 40 | baidupcs.com 41 | baidustatic.com 42 | baifubao.com 43 | baishan.com 44 | baizhanlive.com 45 | bcebos.com 46 | bcelive.com 47 | bdimg.com 48 | bdstatic.com 49 | bdurl.net 50 | bdxiguastatic.com 51 | bdxiguavod.com 52 | bigda.com 53 | biliapi.com 54 | biliapi.net 55 | bilibili.com 56 | biligame.com 57 | biligame.net 58 | bilivideo.com 59 | bjshcw.com 60 | bosszhipin.com 61 | bytedance.com 62 | byteeffecttos.com 63 | bytegecko.com 64 | bytegoofy.com 65 | byteimg.com 66 | bytemaimg.com 67 | bytemastatic.com 68 | bytescm.com 69 | bytetos.com 70 | c-ctrip.com 71 | calorietech.com 72 | cdn-apple.com 73 | cdnhwc2.com 74 | cdntips.net 75 | chinanetcenter.com 76 | cibntv.net 77 | cl2009.com 78 | cmbchina.com 79 | cmbimg.com 80 | cmpassport.com 81 | cn 82 | cnzz.com 83 | cpatrk.net 84 | ctfile.com 85 | ctobsnssdk.com 86 | dbankcloud.com 87 | dewu.com 88 | dewucdn.com 89 | dianping.com 90 | douyincdn.com 91 | douyinliving.com 92 | douyinstatic.com 93 | douyinvod.com 94 | douyu.com 95 | dpfile.com 96 | dutils.com 97 | duxiaoman.com 98 | duxiaomanfintech.com 99 | dxmpay.com 100 | easytomessage.com 101 | eckwai.com 102 | ecukwai.com 103 | effirst.com 104 | etoote.com 105 | fengkongcloud.com 106 | fun.tv 107 | funshion.com 108 | funshion.net 109 | gdtimg.com 110 | geetest.com 111 | gepush.com 112 | getui.com 113 | getui.net 114 | gifshow.com 115 | gotokeep.com 116 | gridsumdissector.com 117 | gtimg.com 118 | hc-cdn.com 119 | hdslb.com 120 | hicloud.com 121 | hitv.com 122 | httpdns.pro 123 | huanqiu.com 124 | huaweicloud.com 125 | hunantv.com 126 | huoshan.com 127 | huoshanlive.com 128 | huoshanstatic.com 129 | huoshanvod.com 130 | icloud.com 131 | id6.me 132 | idqqimg.com 133 | igexin.com 134 | ihuoshanlive.com 135 | imtmp.net 136 | inkuai.com 137 | ip6.arpa 138 | ipaddr.host 139 | ipv4only.arpa 140 | iqiyi.com 141 | iqiyipic.com 142 | irs01.com 143 | itoutiaostatic.com 144 | ixigua.com 145 | jd.com 146 | jdcloud.com 147 | jinhuahuolong.com 148 | jomoxc.com 149 | joying.com 150 | jpush.io 151 | keepcdn.com 152 | ksapisrv.com 153 | kskwai.com 154 | ksord.com 155 | ksosoft.com 156 | kspkg.com 157 | ksyun.com 158 | ksyungslb.com 159 | kuaishou.com 160 | kuaishouzt.com 161 | kuiniuca.com 162 | kwai.com 163 | kwaicdn.com 164 | kwaizt.com 165 | kwimgs.com 166 | laiqukankan.com 167 | le.com 168 | letv.com 169 | letvimg.com 170 | leyingtt.com 171 | lnk0.com 172 | m1905.com 173 | maoyan.com 174 | meipai.com 175 | meitu.com 176 | meituan.com 177 | meituan.net 178 | meitudata.com 179 | meitustat.com 180 | meizu.com 181 | mgtv.com 182 | miaozhen.com 183 | migucloud.com 184 | miguvideo.com 185 | mmstat.com 186 | mob.com 187 | myapp.com 188 | myqcloud.com 189 | myzhiniu.com 190 | mzstatic.com 191 | netease.com 192 | netease.im 193 | nintyinc.com 194 | novelfm.com 195 | novelfmstatic.com 196 | onethingpcs.com 197 | onewsvod.com 198 | oskwai.com 199 | pangolin-dsp-toutiao.com 200 | pangolin-sdk-toutiao-b.com 201 | pangolin-sdk-toutiao.com 202 | pddpic.com 203 | pddugc.com 204 | pglstatp-toutiao.com 205 | pinduoduo.com 206 | pinduoduo.net 207 | poizon.com 208 | ppsimg.com 209 | pstatp.com 210 | qcloud.com 211 | qingting.fm 212 | qiniup.com 213 | qiyi.com 214 | qiyukf.com 215 | qmail.com 216 | qnqcdn.net 217 | qq.com 218 | qqmail.com 219 | qy.net 220 | rr.tv 221 | sankuai.com 222 | servicewechat.com 223 | shuqireader.com 224 | smtcdns.net 225 | snssdk.com 226 | sohu.com 227 | sohucs.com 228 | szbdyd.com 229 | tamaegis.com 230 | tanx.com 231 | taobao.com 232 | tdatamaster.com 233 | tencent-cloud.com 234 | tencent-cloud.net 235 | tencent.com 236 | tencentmusic.com 237 | tenpay.com 238 | tfogc.com 239 | tingyun.com 240 | tmall.com 241 | toutiao.com 242 | toutiaoapi.com 243 | toutiaostatic.com 244 | toutiaovod.com 245 | tudou.com 246 | tv002.com 247 | ucweb.com 248 | ugdtimg.com 249 | ulikecam.com 250 | umeng.com 251 | umengcloud.com 252 | umsns.com 253 | unionpay.com 254 | upqzfile.com 255 | vemarsdev.com 256 | vemarsstatic.com 257 | vlabvod.com 258 | volceapplog.com 259 | volces.com 260 | vzuu.com 261 | wanzjhb.com 262 | weibo.com 263 | weibocdn.com 264 | weiyun.com 265 | wnsqzonebk.com 266 | xhscdn.com 267 | xiaodutv.com 268 | xiaohongshu.com 269 | xiaomi.com 270 | xiaomi.net 271 | ximalaya.com 272 | xiuxiustatic.com 273 | xmcdn.com 274 | xxpkg.com 275 | xycdn.com 276 | yangkeduo.com 277 | ykimg.com 278 | youku.com 279 | yqkk.link 280 | yximgs.com 281 | yy.com 282 | yystatic.com 283 | zhihu.com 284 | zhimg.com 285 | zhipin.com 286 | zhuanzfx.com 287 | zijieapi.com 288 | itunes-apple.com.akadns.net 289 | cdn-apple.com.akadns.net 290 | cdn-apple.com.download.ks-cdn.com 291 | k128-mzstatic.gslb.ksyuncdn.com 292 | cdn-apple.com.edgekey.net 293 | e2885.e9.akamaiedge.net 294 | apple.com.edgekey.net 295 | e2490.dscb.akamaiedge.net 296 | idms-apple.com.akadns.net 297 | apple.com.edgekey.net.globalredir.akadns.net 298 | e6858.dscx.akamaiedge.net 299 | ioshost.qtlcdn.com 300 | -------------------------------------------------------------------------------- /my/my_script.tengo: -------------------------------------------------------------------------------- 1 | // The script I use myself 2 | // 3 | // 自用脚本 4 | // 5 | 6 | text := import("text") 7 | brook := import("brook") 8 | 9 | modules := [] 10 | 11 | //////////////////// Block IPv6 AAAA query, 如果本地或服务端不支持 IPv6 ///////////////////////// 12 | /* modules = append(modules, { */ 13 | /* dnsquery: func(m) { */ 14 | /* if m.type == "AAAA" { */ 15 | /* return {"block": true} */ 16 | /* } */ 17 | /* } */ 18 | /* }) */ 19 | 20 | ///////////////////// Block google secure DNS on system or browser /////////////// 21 | modules = append(modules, { 22 | dnsquery: func(m) { 23 | if m.domain == "dns.google" { 24 | return { "block": true } 25 | } 26 | }, 27 | address: func(m) { 28 | if m.ipaddress && (m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443") { 29 | return { "block": true } 30 | } 31 | if m.domainaddress && text.has_prefix(m.domainaddress, "dns.google:") { 32 | return { "block": true } 33 | } 34 | } 35 | }) 36 | 37 | //////////////////// www.google.cn 重定向到 www.google.com /////////////// 38 | modules = append(modules, { 39 | dnsquery: func(m) { 40 | if m.domain == "www.google.cn" { 41 | return {forcefakedns: true} 42 | } 43 | }, 44 | address: func(m) { 45 | if m.domainaddress { 46 | if m.domainaddress == "www.google.cn:80" { 47 | if m.network == "tcp" { 48 | return {"mitm": true, "mitmprotocol": "http"} 49 | } 50 | } 51 | if m.domainaddress == "www.google.cn:443" { 52 | if m.network == "tcp" { 53 | return {"mitm": true, "mitmprotocol": "https"} 54 | } 55 | if m.network == "udp" { 56 | return { "block": true } 57 | } 58 | } 59 | } 60 | }, 61 | httprequest: func(request) { 62 | if text.has_prefix(request["URL"], "http://www.google.cn/") { 63 | return { 64 | "StatusCode": 302, 65 | "Location": text.replace(request["URL"], "http://www.google.cn", "https://www.google.com", 1) 66 | } 67 | } 68 | if text.has_prefix(request["URL"], "https://www.google.cn/") { 69 | return { 70 | "StatusCode": 302, 71 | "Location": text.replace(request["URL"], "https://www.google.cn", "https://www.google.com", 1) 72 | } 73 | } 74 | } 75 | }) 76 | 77 | //////////////// 移除 91 广告 ///////////////////////////////// 78 | modules = append(modules, { 79 | address: func(m) { 80 | if m.network == "tcp" && m.domainaddress { 81 | if m.domainaddress == "91porn.com:443" { 82 | return {"mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 83 | } 84 | if m.domainaddress == "91porn.com:80" { 85 | return {"mitm": true, "mitmprotocol": "http", "mitmwithbody": true, "mitmautohandlecompress": true} 86 | } 87 | return 88 | } 89 | if m.network == "udp" && m.domainaddress { 90 | if m.domainaddress == "91porn.com:443" { 91 | return { "block": true } 92 | } 93 | return 94 | } 95 | }, 96 | httpresponse: func(request, response) { 97 | if (text.has_prefix(request["URL"], "http://91porn.com/") || text.has_prefix(request["URL"], "https://91porn.com/")) && response["Content-Type"] == "text/html; charset=UTF-8" { 98 | response["Body"] = bytes(text.replace(string(response["Body"]), "", ``, 1)) 99 | return response 100 | } 101 | } 102 | }) 103 | 104 | //////////////////// Instagram itself has a non-standard dns cache, so we don't use fakedns for it ///////////////////////// 105 | modules = append(modules, { 106 | dnsquery: func(m) { 107 | l := [ 108 | "facebook.com", 109 | "fbcdn.net", 110 | "facebook.net", 111 | "akamaihd.net", 112 | "thefacebook.com", 113 | "tfbnw.net", 114 | "messenger.com", 115 | "fb.me", 116 | "fbsbx.com", 117 | "fb.com", 118 | "whatsapp.net", 119 | "whatsapp.com", 120 | "instagram.com", 121 | "akamai.net", 122 | "aaplimg.com", 123 | "alibabadns.com", 124 | "akamaiedge.net", 125 | "apple-dns.net", 126 | "akadns.net", 127 | "cdninstagram.com" 128 | ] 129 | for v in l { 130 | if text.has_suffix(m.domain, v) { 131 | return {"system": true} 132 | } 133 | } 134 | } 135 | }) 136 | 137 | //////////// 掘金忽略下载app,跳转外部链接继续访问 ///////////////////////////////// 138 | modules = append(modules, { 139 | dnsquery: func(m) { 140 | if m.domain == "link.juejin.cn" || (m.domain == "juejin.cn" && (brook.os=="ios" || brook.os=="android")) { 141 | return {forcefakedns: true} 142 | } 143 | }, 144 | address: func(m) { 145 | if m.domainaddress { 146 | if m.domainaddress == "link.juejin.cn:443" { 147 | if m.network == "tcp" { 148 | return {"mitm": true, "mitmprotocol": "https"} 149 | } 150 | if m.network == "udp" { 151 | return { "block": true } 152 | } 153 | } 154 | if m.domainaddress == "juejin.cn:443" { 155 | if m.network == "tcp" { 156 | return {ipaddressfrombypassdns: "A", bypass: true, "mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 157 | } 158 | if m.network == "udp" { 159 | return { "block": true } 160 | } 161 | } 162 | } 163 | }, 164 | httprequest: func(request) { 165 | if text.has_prefix(request["URL"], "https://link.juejin.cn/") { 166 | s := brook.parsequery(brook.parseurl(request["URL"]).rawquery)["target"] 167 | if s { 168 | return { 169 | "StatusCode": 301, 170 | "Location": s 171 | } 172 | } 173 | } 174 | }, 175 | httpresponse: func(request, response) { 176 | if text.has_prefix(request["URL"], "https://juejin.cn/post/") && (text.contains(request["User-Agent"], "iPhone") || text.contains(request["User-Agent"], "Android")) { 177 | response["Body"] = bytes(text.replace(string(response["Body"]), "", ``, 1)) 178 | return response 179 | } 180 | } 181 | }) 182 | 183 | ////////////////// 手机端的 Chrome 替换 Google搜索为 soso.ooo /////////////// 184 | modules = append(modules, { 185 | address: func(m) { 186 | if brook.os == "darwin" || brook.os == "linux" || brook.os == "windows" || brook.iosapponmac { 187 | return 188 | } 189 | if m.domainaddress && m.domainaddress == "www.google.com:443" { 190 | if m.network == "tcp" { 191 | return {"mitm": true, "mitmprotocol": "https"} 192 | } 193 | if m.network == "udp" { 194 | return { "block": true } 195 | } 196 | } 197 | }, 198 | httprequest: func(request) { 199 | if brook.os == "darwin" || brook.os == "linux" || brook.os == "windows" || brook.iosapponmac { 200 | return 201 | } 202 | if text.has_prefix(request["URL"], "https://www.google.com/search?q=") && (text.contains(request["User-Agent"], "iPhone") || text.contains(request["User-Agent"], "Android")) { 203 | return { 204 | "StatusCode": 302, 205 | "Location": text.replace(request["URL"], "https://www.google.com/search?q=", "https://soso.ooo/search.html?q=", 1) 206 | } 207 | } 208 | } 209 | }) 210 | 211 | //////////////////// iOS YouTube APP AD Block /////////////// 212 | modules = append(modules, { 213 | address: func(m) { 214 | if brook.os != "ios" || brook.iosapponmac { 215 | return 216 | } 217 | if m.domainaddress { 218 | if (text.has_suffix(m.domainaddress, "googlevideo.com:443") && !text.has_prefix(m.domainaddress, "redirector")) || m.domainaddress == "www.youtube.com:443" || m.domainaddress == "s.youtube.com:443" || m.domainaddress == "youtubei.googleapis.com:443" { 219 | if m.network == "tcp" { 220 | return {"mitm": true, "mitmprotocol": "https"} 221 | } 222 | if m.network == "udp" { 223 | return { "block": true } 224 | } 225 | } 226 | } 227 | }, 228 | httprequest: func(request) { 229 | if brook.os != "ios" || brook.iosapponmac { 230 | return 231 | } 232 | if(text.contains(request["URL"], "googlevideo.com") && !text.contains(request["URL"], "googlevideo.com/dclk_video_ads") && !text.contains(request["URL"], "redirector") && text.contains(request["URL"], "&ctier=L") && text.contains(request["URL"], ",ctier,")){ 233 | return { 234 | "StatusCode": 302, 235 | "Location": text.replace(text.replace(request["URL"], "&ctier=L", "", 1), ",ctier,", "", 1) 236 | } 237 | } 238 | if(text.contains(request["URL"], "googlevideo.com") && !text.contains(request["URL"], "googlevideo.com/dclk_video_ads") && !text.contains(request["URL"], "googlevideo.com/videoplayback?") && !text.contains(request["URL"], "redirector") && text.contains(request["URL"], "&oad")){ 239 | return { 240 | "StatusCode": 503 241 | } 242 | } 243 | if(text.re_match(`^https?:\/\/youtubei\.googleapis\.com\/youtubei\/v\d\/player\/ad_break`, request["URL"])){ 244 | return { 245 | "StatusCode": 503 246 | } 247 | } 248 | if(text.re_match(`^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads`, request["URL"])){ 249 | return { 250 | "StatusCode": 503 251 | } 252 | } 253 | if(text.re_match(`^https?:\/\/(www|s)\.youtube\.com\/(pagead|ptracking)`, request["URL"])){ 254 | return { 255 | "StatusCode": 503 256 | } 257 | } 258 | if(text.re_match(`^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext`, request["URL"])){ 259 | return { 260 | "StatusCode": 503 261 | } 262 | } 263 | } 264 | }) 265 | 266 | //////////// 知乎登录弹窗,跳转外部链接 ///////////////////////////////// 267 | modules = append(modules, { 268 | dnsquery: func(m) { 269 | if m.domain == "www.zhihu.com" || m.domain == "zhuanlan.zhihu.com" || m.domain == "link.zhihu.com" { 270 | return {forcefakedns: true} 271 | } 272 | }, 273 | address: func(m) { 274 | if m.domainaddress { 275 | if m.domainaddress == "link.zhihu.com:443" { 276 | if m.network == "tcp" { 277 | return {"mitm": true, "mitmprotocol": "https"} 278 | } 279 | if m.network == "udp" { 280 | return { "block": true } 281 | } 282 | } 283 | if m.domainaddress == "www.zhihu.com:443" || m.domainaddress == "zhuanlan.zhihu.com:443" { 284 | if m.network == "tcp" { 285 | return {ipaddressfrombypassdns: "A", bypass: true, "mitm": true, "mitmprotocol": "https", "mitmwithbody": true, "mitmautohandlecompress": true} 286 | } 287 | if m.network == "udp" { 288 | return { "block": true } 289 | } 290 | } 291 | } 292 | }, 293 | httprequest: func(request) { 294 | if text.has_prefix(request["URL"], "https://link.zhihu.com/") { 295 | s := brook.parsequery(brook.parseurl(request["URL"]).rawquery)["target"] 296 | if s { 297 | return { 298 | "StatusCode": 301, 299 | "Location": s 300 | } 301 | } 302 | } 303 | }, 304 | httpresponse: func(request, response) { 305 | if text.has_prefix(request["URL"], "https://zhuanlan.zhihu.com/p/") || text.has_prefix(request["URL"], "https://www.zhihu.com/question/") { 306 | delete(response, "Content-Security-Policy") 307 | response["Body"] = bytes(text.replace(string(response["Body"]), "", ``, 1)) 308 | return response 309 | } 310 | } 311 | }) 312 | 313 | /////////// END Modules ///////////////////////////////// 314 | 315 | dh := [] 316 | for i:=0; i /tmp/a.js 11 | echo 'echo(111)' >> /tmp/a.js 12 | jb /tmp/a.js 13 | otool -L $HOME/.nami/bin/jb 14 | --------------------------------------------------------------------------------