fish/immortalwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add luci-app-koolproxy

Browse Source
This commit is contained in:
CN_SZTL 2019-05-25 18:03:00 +08:00
parent 95efb1cd48
commit 1470fe932a
No known key found for this signature in database
GPG Key ID: 6850B6345C862176
39 changed files with 20195 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -35,3 +35,4 @@ Default username is **root** and password is **password**, login address: 192.16
# License
### [GPL v3](https://www.gnu.org/licenses/gpl-3.0.html).
### Origin source: [coolsnowwolf/lede](https://github.com/coolsnowwolf/lede).
### luci-app-koolproxy source" [openwrt-develop/luci-app-koolproxy](https://github.com/openwrt-develop/luci-app-koolproxy)

95
package/cnsztl/luci-app-koolproxy/Makefile Normal file
View File

@ -0,0 +1,95 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-koolproxy
PKG_VERSION:=3.8.4
PKG_RELEASE:=3
PKG_MAINTAINER:=panda-mute <wxuzju@gmail.com>
PKG_LICENSE:=GPLv3
PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_PARALLEL:=1
RSTRIP:=true
include $(INCLUDE_DIR)/package.mk
define Package/luci-app-koolproxy
SECTION:=luci
CATEGORY:=LuCI
SUBMENU:=3. Applications
TITLE:=LuCI support for koolproxy
DEPENDS:=+openssl-util +ipset +dnsmasq-full +@BUSYBOX_CONFIG_DIFF +iptables-mod-nat-extra +wget
MAINTAINER:=panda-mute
endef
define Package/luci-app-koolproxy/description
This package contains LuCI configuration pages for koolproxy.
endef
define Build/Compile
endef
define Package/luci-app-koolproxy/postinst
#!/bin/sh
if [ -z "$${IPKG_INSTROOT}" ]; then
( . /etc/uci-defaults/luci-koolproxy ) && rm -f /etc/uci-defaults/luci-koolproxy
rm -f /tmp/luci-indexcache
fi
exit 0
endef
define Package/luci-app-koolproxy/install
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DIR) $(1)/etc/adblocklist
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/i18n/
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/koolproxy
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/koolproxy
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_DIR) $(1)/usr/share/koolproxy
$(INSTALL_DIR) $(1)/usr/share/koolproxy/data
$(INSTALL_DIR) $(1)/usr/share/koolproxy/data/rules/
$(INSTALL_BIN) ./files/etc/uci-defaults/luci-koolproxy $(1)/etc/uci-defaults/luci-koolproxy
$(INSTALL_BIN) ./files/etc/init.d/* $(1)/etc/init.d/
$(INSTALL_DATA) ./files/etc/config/* $(1)/etc/config/
$(INSTALL_DATA) ./files/etc/adblocklist/* $(1)/etc/adblocklist/
$(INSTALL_DATA) ./files/lib/upgrade/keep.d/koolproxy $(1)/lib/upgrade/keep.d/
$(INSTALL_DATA) ./files/usr/lib/lua/luci/model/cbi/koolproxy/global.lua $(1)/usr/lib/lua/luci/model/cbi/koolproxy/global.lua
$(INSTALL_DATA) ./files/usr/lib/lua/luci/model/cbi/koolproxy/rss_rule.lua $(1)/usr/lib/lua/luci/model/cbi/koolproxy/rss_rule.lua
$(INSTALL_DATA) ./files/usr/lib/lua/luci/controller/koolproxy.lua $(1)/usr/lib/lua/luci/controller/koolproxy.lua
$(INSTALL_DATA) ./files/usr/lib/lua/luci/view/koolproxy/* $(1)/usr/lib/lua/luci/view/koolproxy/
$(INSTALL_DATA) ./files/usr/lib/lua/luci/i18n/koolproxy.zh-cn.lmo $(1)/usr/lib/lua/luci/i18n/koolproxy.zh-cn.lmo
$(INSTALL_BIN) ./files/usr/sbin/* $(1)/usr/sbin/
$(INSTALL_BIN) ./files/usr/share/koolproxy/data/gen_ca.sh $(1)/usr/share/koolproxy/data/
$(INSTALL_DATA) ./files/usr/share/koolproxy/data/openssl.cnf $(1)/usr/share/koolproxy/data/
$(INSTALL_DATA) ./files/usr/share/koolproxy/data/user.txt $(1)/usr/share/koolproxy/data/
$(INSTALL_DATA) ./files/usr/share/koolproxy/data/source.list $(1)/usr/share/koolproxy/data/
$(INSTALL_DATA) ./files/usr/share/koolproxy/data/rules/* $(1)/usr/share/koolproxy/data/rules/
$(INSTALL_BIN) ./files/usr/share/koolproxy/camanagement $(1)/usr/share/koolproxy/camanagement
$(INSTALL_BIN) ./files/usr/share/koolproxy/kpupdate $(1)/usr/share/koolproxy/kpupdate
$(INSTALL_DATA) ./files/usr/share/koolproxy/koolproxy_ipset.conf $(1)/usr/share/koolproxy/koolproxy_ipset.conf
$(INSTALL_DATA) ./files/usr/share/koolproxy/dnsmasq.adblock $(1)/usr/share/koolproxy/dnsmasq.adblock
ifeq ($(ARCH),mipsel)
$(INSTALL_BIN) ./files/bin/mipsel $(1)/usr/share/koolproxy/koolproxy
endif
ifeq ($(ARCH),mips)
$(INSTALL_BIN) ./files/bin/mips $(1)/usr/share/koolproxy/koolproxy
endif
ifeq ($(ARCH),i386)
$(INSTALL_BIN) ./files/bin/i386 $(1)/usr/share/koolproxy/koolproxy
endif
ifeq ($(ARCH),x86_64)
$(INSTALL_BIN) ./files/bin/x86_64 $(1)/usr/share/koolproxy/koolproxy
endif
ifeq ($(ARCH),arm)
$(INSTALL_BIN) ./files/bin/arm $(1)/usr/share/koolproxy/koolproxy
endif
endef
$(eval $(call BuildPackage,luci-app-koolproxy))

BIN
package/cnsztl/luci-app-koolproxy/files/bin/arm Executable file
View File

Binary file not shown.

BIN
package/cnsztl/luci-app-koolproxy/files/bin/i386 Executable file
View File

Binary file not shown.

BIN
package/cnsztl/luci-app-koolproxy/files/bin/mips Executable file
View File

Binary file not shown.

BIN
package/cnsztl/luci-app-koolproxy/files/bin/mipsel Executable file
View File

Binary file not shown.

BIN
package/cnsztl/luci-app-koolproxy/files/bin/x86_64 Executable file
View File

Binary file not shown.

0
package/cnsztl/luci-app-koolproxy/files/etc/adblocklist/adblock Normal file
View File

1
package/cnsztl/luci-app-koolproxy/files/etc/adblocklist/adblockip Normal file
View File

@ -0,0 +1 @@
61.160.200.252

1
package/cnsztl/luci-app-koolproxy/files/etc/adblocklist/adbypass Normal file
View File

@ -0,0 +1 @@
v2ex.com

0
package/cnsztl/luci-app-koolproxy/files/etc/adblocklist/adbypassip Normal file
View File

18
package/cnsztl/luci-app-koolproxy/files/etc/config/koolproxy Normal file
View File

@ -0,0 +1,18 @@
config global
option time_update '4'
option koolproxy_port '0'
option startup_delay '5'
option koolproxy_acl_default '0'
option koolproxy_mode '2'
option koolproxy_host '1'
option koolproxy_rules 'koolproxy.txt daily.txt kp.dat user.txt'
option enabled '0'
config rss_rule
option name '乘风广告过滤规则'
option url 'https://raw.githubusercontent.com/xinggsf/Adblock-Plus-Rule/master/ABP-FX.txt'
option file 'ABP-FX.txt'
option load '0'
option time '2019-04-28 20:58'

468
package/cnsztl/luci-app-koolproxy/files/etc/init.d/koolproxy Executable file
View File

@ -0,0 +1,468 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2015 OpenWrt-dist
# Copyright (C) 2016 fw867 <ffkykzs@gmail.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
START=99
USE_PROCD=1
CONFIG=koolproxy
KP_DIR=/usr/share/koolproxy
TMP_DIR=/tmp
alias echo_date='echo $(date +%Y年%m月%d日\ %X):'
config_n_get() {
local ret=$(uci get $CONFIG.$1.$2 2>/dev/null)
echo ${ret:=$3}
}
config_t_get() {
local index=0
[ -n "$4" ] && index=$4
local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
add_ipset_conf() {
if [ -s /etc/adblocklist/adbypass ]; then
echo_date 添加白名单软连接...
cat /etc/adblocklist/adbypass | sed "s/,/\n/g" | sed "s/^/ipset=&\/./g" | sed "s/$/\/white_kp_list/g" >> /tmp/adbypass.conf
rm -rf /tmp/dnsmasq.d/adbypass.conf
ln -sf /tmp/adbypass.conf /tmp/dnsmasq.d/adbypass.conf
dnsmasq_restart=1
fi
if [ "$koolproxy_mode" == "2" ]; then
if [ "$koolproxy_host" == "1" ];then
echo_date 添加Adblock Plus Host软连接...
ln -sf $KP_DIR/dnsmasq.adblock /tmp/dnsmasq.d/dnsmasq.adblock
fi
echo_date 添加黑名单软连接...
rm -rf /tmp/dnsmasq.d/koolproxy_ipset.conf
ln -sf $KP_DIR/koolproxy_ipset.conf /tmp/dnsmasq.d/koolproxy_ipset.conf
echo_date 添加自定义黑名单软连接...
if [ -s /etc/adblocklist/adblock ]; then
cat /etc/adblocklist/adblock | sed "s/,/\n/g" | sed "s/^/ipset=&\/./g" | sed "s/$/\/black_koolproxy/g" >> /tmp/adblock.conf
rm -rf /tmp/dnsmasq.d/adblock.conf
ln -sf /tmp/adblock.conf /tmp/dnsmasq.d/adblock.conf
fi
dnsmasq_restart=1
fi
}
remove_ipset_conf() {
if [ -L "/tmp/dnsmasq.d/adbypass.conf" ]; then
echo_date 移除白名单软连接...
rm -rf /tmp/adbypass.conf
rm -rf /tmp/dnsmasq.d/adbypass.conf
dnsmasq_restart=1
fi
if [ -L "/tmp/dnsmasq.d/koolproxy_ipset.conf" ]; then
echo_date 移除黑名单软连接...
rm -rf /tmp/dnsmasq.d/koolproxy_ipset.conf
dnsmasq_restart=1
fi
if [ -L "/tmp/dnsmasq.d/adblock.conf" ]; then
echo_date 移除自定义黑名单软连接...
rm -rf /tmp/dnsmasq.d/adblock.conf
rm -rf /tmp/adblock.conf
dnsmasq_restart=1
fi
if [ -L "/tmp/dnsmasq.d/dnsmasq.adblock" ]; then
echo_date 移除Adblock Plus Host软连接...
rm -rf /tmp/dnsmasq.d/dnsmasq.adblock
dnsmasq_restart=1
fi
}
restart_dnsmasq() {
if [ "$dnsmasq_restart" == "1" ]; then
echo_date 重启dnsmasq进程...
/etc/init.d/dnsmasq restart > /dev/null 2>&1
fi
}
creat_ipset() {
echo_date 创建ipset名单
# Load ipset netfilter kernel modules and kernel modules
ipset -! create white_kp_list nethash
ipset -! create black_koolproxy iphash
cat $KP_DIR/data/rules/koolproxy.txt $KP_DIR/data/rules/daily.txt $KP_DIR/data/rules/user.txt | grep -Eo "(.\w+\:[1-9][0-9]{1,4})/" | grep -Eo "([0-9]{1,5})" | sort -un | sed -e '$a\80' -e '$a\443' | sed -e "s/^/-A kp_full_port &/g" -e "1 i\-N kp_full_port bitmap:port range 0-65535 " | ipset -R -!
}
add_white_black_ip() {
echo_date 添加ipset名单
ip_lan="0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 224.0.0.0/4 240.0.0.0/4"
for ip in $ip_lan
do
ipset -A white_kp_list $ip >/dev/null 2>&1
done
sed -e "s/^/add white_kp_list &/g" /etc/adblocklist/adbypassip | awk '{print $0} END{print "COMMIT"}' | ipset -R 2>/dev/null
ipset -A black_koolproxy 110.110.110.110 >/dev/null 2>&1
sed -e "s/^/add black_koolproxy &/g" /etc/adblocklist/adblockip | awk '{print $0} END{print "COMMIT"}' | ipset -R 2>/dev/null
}
load_config() {
ENABLED=$(config_t_get global enabled 0)
[ $ENABLED -ne 1 ] && return 0
koolproxy_mode=$(config_t_get global koolproxy_mode 1)
koolproxy_host=$(config_t_get global koolproxy_host 0)
koolproxy_acl_default=$(config_t_get global koolproxy_acl_default 1)
koolproxy_port=$(config_t_get global koolproxy_port 0)
koolproxy_bp_port=$(config_t_get global koolproxy_bp_port)
config_load $CONFIG
return 1
}
__load_lan_acl() {
local mac
local ipaddr
local proxy_mode
config_get mac $1 mac
config_get ipaddr $1 ipaddr
config_get proxy_mode $1 proxy_mode
[ -n "$ipaddr" ] && [ -z "$mac" ] && echo_date 加载ACL规则【$ipaddr】模式为$(get_mode_name $proxy_mode)
[ -z "$ipaddr" ] && [ -n "$mac" ] && echo_date 加载ACL规则【$mac】模式为$(get_mode_name $proxy_mode)
[ -n "$ipaddr" ] && [ -n "$mac" ] && echo_date 加载ACL规则【$ipaddr】【$mac】模式为$(get_mode_name $proxy_mode)
#echo iptables -t nat -A KOOLPROXY $(factor $ipaddr "-s") $(factor $mac "-m mac --mac-source") -p tcp $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode)
iptables -t nat -A KOOLPROXY $(factor $ipaddr "-s") $(factor $mac "-m mac --mac-source") -p tcp $(get_jump_mode $proxy_mode) $(get_action_chain $proxy_mode)
acl_nu=`expr $acl_nu + 1`
}
lan_acess_control() {
acl_nu=0
[ -z "$koolproxy_acl_default" ] && koolproxy_acl_default=1
config_foreach __load_lan_acl acl_rule
if [ $acl_nu -ne 0 ]; then
echo_date 加载ACL规则其余主机模式为$(get_mode_name $koolproxy_acl_default)
else
echo_date 加载ACL规则所有模式为$(get_mode_name $koolproxy_acl_default)
fi
}
__load_exrule() {
local file
local exrule
local enable
config_get file $1 file
config_get exrule $1 url
config_get enable $1 load
if [ -n "$exrule" ]; then
if [ $enable -ne 1 ]; then
[ -n "$file" ] && [ -f $KP_DIR/data/rules/$file ] && rm -f $KP_DIR/data/rules/$file
uci set koolproxy.$1.time=""
uci commit koolproxy
return
fi
if [ -z "$file" ]; then
file=$(echo $exrule |awk -F "/" '{print $NF}')
uci set koolproxy.$1.file="$file"
uci commit koolproxy
fi
if [ ! -f $KP_DIR/data/rules/$file ]; then
wget-ssl --quiet --timeout=5 --no-check-certificate $exrule -O $TMP_DIR/$file
if [ "$?" == "0" ]; then
uci set koolproxy.$1.time="`date +%Y-%m-%d" "%H:%M`"
uci commit koolproxy
mv $TMP_DIR/$file $KP_DIR/data/rules/$file
else
echo "koolproxy download rule $file failed!"
[ -f $TMP_DIR/$file ] && rm -f $TMP_DIR/$file
fi
fi
cat $KP_DIR/data/rules/$file >>$KP_DIR/data/rules/user.txt
fi
}
load_user_rules() {
cp $KP_DIR/data/user.txt $KP_DIR/data/rules/user.txt
config_foreach __load_exrule rss_rule
}
load_rules() {
sed -i '1,7s/1/0/g' $KP_DIR/data/source.list
local rulelist="$(uci -q get koolproxy.@global[0].koolproxy_rules)"
for rule in $rulelist
do
case "$rule" in
koolproxy.txt)
sed -i '1s/0/1/g' $KP_DIR/data/source.list
;;
daily.txt)
sed -i '2s/0/1/g' $KP_DIR/data/source.list
;;
kp.dat)
sed -i '3s/0/1/g' $KP_DIR/data/source.list
;;
user.txt)
sed -i '4s/0/1/g' $KP_DIR/data/source.list
;;
esac
done
local rulelist="$(uci -q get koolproxy.@global[0].thirdparty_rules)"
for rule in $rulelist
do
case "$rule" in
easylistchina.txt)
sed -i '5s/0/1/g' $KP_DIR/data/source.list
;;
chengfeng.txt)
sed -i '6s/0/1/g' $KP_DIR/data/source.list
;;
fanboy.txt)
sed -i '7s/0/1/g' $KP_DIR/data/source.list
;;
esac
done
}
get_mode_name() {
case "$1" in
0)
echo "不过滤"
;;
1)
echo "http模式"
;;
2)
echo "http + https"
;;
3)
echo "full port"
;;
esac
}
get_jump_mode() {
case "$1" in
0)
echo "-j"
;;
*)
echo "-g"
;;
esac
}
get_action_chain() {
case "$1" in
0)
echo "RETURN"
;;
1)
echo "KP_HTTP"
;;
2)
echo "KP_HTTPS"
;;
3)
echo "KP_ALL_PORT"
;;
esac
}
factor() {
if [ -z "$1" ] || [ -z "$2" ]; then
echo ""
else
echo "$2 $1"
fi
}
load_nat() {
echo_date 加载nat规则
#----------------------BASIC RULES---------------------
echo_date 写入iptables规则到nat表中...
# 创建KOOLPROXY nat rule
iptables -t nat -N KOOLPROXY
# 局域网地址不走KP
iptables -t nat -A KOOLPROXY -m set --match-set white_kp_list dst -j RETURN
# 生成对应CHAIN
iptables -t nat -N KP_HTTP
iptables -t nat -A KP_HTTP -p tcp -m multiport --dport 80 -j REDIRECT --to-ports 3000
iptables -t nat -N KP_HTTPS
iptables -t nat -A KP_HTTPS -p tcp -m multiport --dport 80,443 -j REDIRECT --to-ports 3000
iptables -t nat -N KP_ALL_PORT
#iptables -t nat -A KP_ALL_PORT -p tcp -j REDIRECT --to-ports 3000
# 端口控制
if [ "$koolproxy_port" == "1" ]; then
echo_date 开启端口控制:【$koolproxy_bp_port】
if [ -n "$koolproxy_bp_port" ]; then
iptables -t nat -A KP_ALL_PORT -p tcp -m multiport ! --dport $koolproxy_bp_port -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000
else
iptables -t nat -A KP_ALL_PORT -p tcp -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000
fi
else
iptables -t nat -A KP_ALL_PORT -p tcp -m set --match-set kp_full_port dst -j REDIRECT --to-ports 3000
fi
# 局域网控制
lan_acess_control
# 剩余流量转发到缺省规则定义的链中
iptables -t nat -A KOOLPROXY -p tcp -j $(get_action_chain $koolproxy_acl_default)
# 重定所有流量到 KOOLPROXY
# 全局模式和视频模式
[ "$koolproxy_mode" == "1" ] || [ "$koolproxy_mode" == "3" ] && iptables -t nat -I PREROUTING 1 -p tcp -j KOOLPROXY
# ipset 黑名单模式
[ "$koolproxy_mode" == "2" ] && iptables -t nat -I PREROUTING 1 -p tcp -m set --match-set black_koolproxy dst -j KOOLPROXY
}
add_cru() {
time=$(config_t_get global time_update)
wirtecron=$(cat /etc/crontabs/root | grep "00 $time * * *" | grep kpupdate)
if [ -z "$wirtecron" ];then
sed -i '/kpupdate/d' /etc/crontabs/root >/dev/null 2>&1
echo "0 $time * * * /usr/share/koolproxy/kpupdate" >> /etc/crontabs/root
fi
}
del_cru() {
sed -i '/kpupdate/d' /etc/crontabs/root >/dev/null 2>&1
}
detect_cert(){
if [ ! -f $KP_DIR/data/private/ca.key.pem -o ! -f $KP_DIR/data/cert/ca.crt ]; then
echo_date 开始生成koolproxy证书用于https过滤
cd $KP_DIR/data && sh gen_ca.sh
fi
}
flush_nat() {
echo_date 移除nat规则...
cd $TMP_DIR
iptables -t nat -S | grep -E "KOOLPROXY|KP_HTTP|KP_HTTPS|KP_ALL_PORT" | sed 's/-A/iptables -t nat -D/g'|sed 1,4d > clean.sh && chmod 777 clean.sh && ./clean.sh
[ -f $TMP_DIR/clean.sh ] && rm -f $TMP_DIR/clean.sh
iptables -t nat -X KOOLPROXY > /dev/null 2>&1
iptables -t nat -X KP_HTTP > /dev/null 2>&1
iptables -t nat -X KP_HTTPS > /dev/null 2>&1
iptables -t nat -X KP_ALL_PORT > /dev/null 2>&1
ipset -F black_koolproxy > /dev/null 2>&1 && ipset -X black_koolproxy > /dev/null 2>&1
ipset -F white_kp_list > /dev/null 2>&1 && ipset -X white_kp_list > /dev/null 2>&1
}
export_ipt_rules() {
FWI=$(uci get firewall.koolproxy.path 2>/dev/null)
[ -n "$FWI" ] || return 0
cat <<-CAT >>$FWI
iptables-save -c | grep -v -E "KOOLPROXY|KP" | iptables-restore -c
iptables-restore -n <<-EOF
$(iptables-save | grep -E "KOOLPROXY|KP|^\*|^COMMIT" |\
sed -e "s/^-A \(PREROUTING\)/-I \1 1/")
EOF
CAT
return $?
}
flush_ipt_rules() {
FWI=$(uci get firewall.koolproxy.path 2>/dev/null)
[ -n "$FWI" ] && echo '# firewall include file' >$FWI
return 0
}
pre_start() {
load_config
[ $? -ne 1 ] && return 0
iptables -t nat -C PREROUTING -p tcp -j KOOLPROXY 2>/dev/null && [ $? -eq 0 ] && return 0;
detect_cert
load_rules
load_user_rules
add_ipset_conf && restart_dnsmasq
creat_ipset
add_white_black_ip
load_nat
flush_ipt_rules && export_ipt_rules
add_cru
[ "$koolproxy_mode" == "1" ] && echo_date 选择【全局过滤模式】
[ "$koolproxy_mode" == "2" ] && echo_date 选择【IPSET过滤模式】
if [ "$koolproxy_mode" == "3" ]; then
echo_date 选择【视频过滤模式】
sed -i '1s/1/0/g;2s/1/0/g' $KP_DIR/data/source.list
fi
return 1
}
post_stop() {
load_config
[ $? -ne 1 ] && NO_RESTART_DNSMASQ=false
if [ $NO_RESTART_DNSMASQ ]; then
remove_ipset_conf
else
remove_ipset_conf && restart_dnsmasq
fi
flush_ipt_rules
flush_nat
del_cru
return 0
}
start_service() {
echo_date ================== koolproxy启用 ================
pre_start
[ $? -ne 1 ] && return 0
procd_open_instance
procd_set_param command /usr/share/koolproxy/koolproxy
procd_append_param command --mark
procd_append_param command --ttl 160
procd_set_param respawn
procd_set_param file /etc/adblocklist/adblock
procd_set_param file /etc/adblocklist/adblockip
procd_set_param file /usr/share/koolproxy/data/user.txt
procd_set_param stdout 1
procd_set_param stderr 1
procd_close_instance
logger "koolproxy has started."
echo_date =================================================
}
stop_service() {
echo_date ====================== 关闭 =====================
post_stop
logger "koolproxy has stopped."
echo_date =================================================
}
reload_service() {
logger "koolproxy reload service."
NO_RESTART_DNSMASQ=true
stop
start
}
service_triggers() {
procd_add_reload_trigger "koolproxy"
}
restart() {
logger "koolproxy restart service."
NO_RESTART_DNSMASQ=true
stop
start
}
boot() {
local delay=$(config_t_get global startup_delay 0)
(sleep $delay && start >/dev/null 2>&1) &
return 0
}

17
package/cnsztl/luci-app-koolproxy/files/etc/uci-defaults/luci-koolproxy Executable file
View File

@ -0,0 +1,17 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete ucitrack.@koolproxy[-1]
add ucitrack koolproxy
set ucitrack.@koolproxy[-1].init=koolproxy
commit ucitrack
delete firewall.koolproxy
set firewall.koolproxy=include
set firewall.koolproxy.type=script
set firewall.koolproxy.path=/var/etc/koolproxy.include
set firewall.koolproxy.reload=1
commit firewall
EOF
rm -f /tmp/luci-indexcache
exit 0

3
package/cnsztl/luci-app-koolproxy/files/lib/upgrade/keep.d/koolproxy Normal file
View File

@ -0,0 +1,3 @@
/usr/share/koolproxy/data/certs/ca.crt
/usr/share/koolproxy/data/private/base.key.pem
/usr/share/koolproxy/data/private/ca.key.pem

8
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/controller/koolproxy.lua Normal file
View File

@ -0,0 +1,8 @@
module("luci.controller.koolproxy",package.seeall)
function index()
if not nixio.fs.access("/etc/config/koolproxy")then
return
end
entry({"admin","services","koolproxy"},cbi("koolproxy/global"),_("KoolProxy"),1).dependent=true
entry({"admin","services","koolproxy","rss_rule"},cbi("koolproxy/rss_rule"), nil).leaf=true
end

BIN
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/i18n/koolproxy.zh-cn.lmo Normal file
View File

Binary file not shown.

370
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/model/cbi/koolproxy/global.lua Normal file
View File

@ -0,0 +1,370 @@
local fs = require "nixio.fs"
local sys = require "luci.sys"
local http = require "luci.http"
local o,t,e
local v=luci.sys.exec("/usr/share/koolproxy/koolproxy -v")
local s=luci.sys.exec("head -3 /usr/share/koolproxy/data/rules/koolproxy.txt | grep rules | awk -F' ' '{print $3,$4}'")
local u=luci.sys.exec("head -4 /usr/share/koolproxy/data/rules/koolproxy.txt | grep video | awk -F' ' '{print $3,$4}'")
local p=luci.sys.exec("head -3 /usr/share/koolproxy/data/rules/daily.txt | grep rules | awk -F' ' '{print $3,$4}'")
local l=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/koolproxy.txt | wc -l")
local q=luci.sys.exec("grep -v !x /usr/share/koolproxy/data/rules/daily.txt | wc -l")
local h=luci.sys.exec("grep -v '^!' /usr/share/koolproxy/data/rules/user.txt | wc -l")
local i=luci.sys.exec("cat /usr/share/koolproxy/dnsmasq.adblock | wc -l")
if luci.sys.call("pidof koolproxy >/dev/null") == 0 then
status = translate("<strong><font color=\"green\">KoolProxy is Running</font></strong>")
else
status = translate("<strong><font color=\"red\">KoolProxy is Not Running</font></strong>")
end
o = Map("koolproxy", translate("KoolProxy"), translate("A powerful advertisement blocker. <br /><font color=\"red\">Adblock Plus Host list + koolproxy Blacklist mode runs without loss of bandwidth due to performance issues.<br /></font>"))
t = o:section(TypedSection, "global")
t.anonymous = true
t.description = translate(string.format("%s<br /><br />", status))
t:tab("base",translate("Basic Settings"))
e = t:taboption("base", Flag, "enabled", translate("Enable"))
e.default = 0
e.rmempty = false
e = t:taboption("base", DummyValue, "koolproxy_status", translate("程序版本"))
e.value = string.format("[ %s ]", v)
e = t:taboption("base", Value, "startup_delay", translate("Startup Delay"))
e:value(0, translate("Not enabled"))
for _, v in ipairs({5, 10, 15, 25, 40}) do
e:value(v, translate("%u seconds") %{v})
end
e.datatype = "uinteger"
e.default = 0
e.rmempty = false
e = t:taboption("base", ListValue, "koolproxy_mode", translate("Filter Mode"))
e.default = 1
e.rmempty = false
e:value(1, translate("全局模式"))
e:value(2, translate("IPSET模式"))
e:value(3, translate("视频模式"))
e = t:taboption("base", MultiValue, "koolproxy_rules", translate("内置规则"))
e.optional = false
e.rmempty = false
e:value("koolproxy.txt", translate("静态规则"))
e:value("daily.txt", translate("每日规则"))
e:value("kp.dat", translate("视频规则"))
e:value("user.txt", translate("自定义规则"))
e = t:taboption("base", ListValue, "koolproxy_port", translate("端口控制"))
e.default = 0
e.rmempty = false
e:value(0, translate("关闭"))
e:value(1, translate("开启"))
e = t:taboption("base", Value, "koolproxy_bp_port", translate("例外端口"))
e:depends("koolproxy_port", "1")
e.rmempty = false
e.description = translate(string.format("<font color=\"red\"><strong>单端口:80&nbsp;&nbsp;多端口:80,443</strong></font>"))
e=t:taboption("base",Flag,"koolproxy_host",translate("开启Adblock Plus Host"))
e.default=0
e:depends("koolproxy_mode","2")
e = t:taboption("base", ListValue, "koolproxy_acl_default", translate("默认访问控制"))
e.default = 1
e.rmempty = false
e:value(0, translate("不过滤"))
e:value(1, translate("http only"))
e:value(2, translate("http + https"))
e:value(3, translate("full port"))
e.description = translate(string.format("<font color=\"blue\"><strong>访问控制设置中其他主机的默认规则</strong></font>"))
e = t:taboption("base", ListValue, "time_update", translate("定时更新"))
for t = 0,23 do
e:value(t,translate("每天"..t..""))
end
e.default = 0
e.rmempty = false
e.description = translate(string.format("<font color=\"red\"><strong>定时更新订阅规则与Adblock Plus Host</strong></font>"))
e = t:taboption("base", Button, "restart", translate("规则状态"))
e.inputtitle = translate("更新规则")
e.inputstyle = "reload"
e.write = function()
luci.sys.call("/usr/share/koolproxy/kpupdate 2>&1 >/dev/null")
luci.http.redirect(luci.dispatcher.build_url("admin","services","koolproxy"))
end
e.description = translate(string.format("<font color=\"red\"><strong>更新订阅规则与Adblock Plus Host</strong></font><br /><font color=\"green\">静态规则: %s / %s条 视频规则: %s<br />每日规则: %s / %s条 自定义规则: %s条<br />Host: %s条</font><br />", s, l, u, p, q, h, i))
t:tab("cert",translate("Certificate Management"))
e=t:taboption("cert",DummyValue,"c1status",translate("<div align=\"left\">Certificate Restore</div>"))
e=t:taboption("cert",FileUpload,"")
e.template="koolproxy/caupload"
e=t:taboption("cert",DummyValue,"",nil)
e.template="koolproxy/cadvalue"
if nixio.fs.access("/usr/share/koolproxy/data/certs/ca.crt")then
e=t:taboption("cert",DummyValue,"c2status",translate("<div align=\"left\">Certificate Backup</div>"))
e=t:taboption("cert",Button,"certificate")
e.inputtitle=translate("Backup Download")
e.inputstyle="reload"
e.write=function()
luci.sys.call("/usr/share/koolproxy/camanagement backup 2>&1 >/dev/null")
Download()
luci.http.redirect(luci.dispatcher.build_url("admin","services","koolproxy"))
end
end
t:tab("white_weblist",translate("网站白名单设置"))
local i = "/etc/adblocklist/adbypass"
e = t:taboption("white_weblist", TextValue, "adbypass_domain")
e.description = translate("These had been joined websites will not usefilter.Please input the domain names of websites,every line can input only one website domain.For example,google.com.")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
if value then
value = value:gsub("\r\n", "\n")
else
value = ""
end
fs.writefile("/tmp/adbypass", value)
if (luci.sys.call("cmp -s /tmp/adbypass /etc/adblocklist/adbypass") == 1) then
fs.writefile(i, value)
end
fs.remove("/tmp/adbypass")
end
t:tab("weblist",translate("Set Backlist Of Websites"))
local i = "/etc/adblocklist/adblock"
e = t:taboption("weblist", TextValue, "adblock_domain")
e.description = translate("These had been joined websites will use filter,but only blacklist model.Please input the domain names of websites,every line can input only one website domain.For example,google.com.")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
if value then
value = value:gsub("\r\n", "\n")
else
value = ""
end
fs.writefile("/tmp/adblock", value)
if (luci.sys.call("cmp -s /tmp/adblock /etc/adblocklist/adblock") == 1) then
fs.writefile(i, value)
end
fs.remove("/tmp/adblock")
end
t:tab("white_iplist",translate("IP白名单设置"))
local i = "/etc/adblocklist/adbypassip"
e = t:taboption("white_iplist", TextValue, "adbypass_ip")
e.description = translate("These had been joined ip addresses will use proxy, but only GFW model.Please input the ip address or ip address segment,every line can input only one ip address.For example,112.123.134.145/24 or 112.123.134.145.")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
if value then
value = value:gsub("\r\n", "\n")
else
value = ""
end
fs.writefile("/tmp/adbypassip", value)
if (luci.sys.call("cmp -s /tmp/adbypassip /etc/adblocklist/adbypassip") == 1) then
fs.writefile(i, value)
end
fs.remove("/tmp/adbypassip")
end
t:tab("iplist",translate("IP黑名单设置"))
local i = "/etc/adblocklist/adblockip"
e = t:taboption("iplist", TextValue, "adblock_ip")
e.description = translate("These had been joined ip addresses will not use filter.Please input the ip address or ip address segment,every line can input only one ip address.For example,112.123.134.145/24 or 112.123.134.145.")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
if value then
value = value:gsub("\r\n", "\n")
else
value = ""
end
fs.writefile("/tmp/adblockip", value)
if (luci.sys.call("cmp -s /tmp/adblockip /etc/adblocklist/adblockip") == 1) then
fs.writefile(i, value)
end
fs.remove("/tmp/adblockip")
end
t:tab("customlist", translate("Set Backlist Of custom"))
local i = "/usr/share/koolproxy/data/user.txt"
e = t:taboption("customlist", TextValue, "user_rule")
e.description = translate("Enter your custom rules, each row.")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
if value then
value = value:gsub("\r\n", "\n")
else
value = ""
end
fs.writefile("/tmp/user.txt", value)
if (luci.sys.call("cmp -s /tmp/user.txt /usr/share/koolproxy/data/user.txt") == 1) then
fs.writefile(i, value)
end
fs.remove("/tmp/user.txt")
end
t:tab("logs",translate("View the logs"))
local i = "/var/log/koolproxy.log"
e = t:taboption("logs", TextValue, "kpupdate_log")
e.description = translate("Koolproxy Logs")
e.rows = 28
e.wrap = "off"
e.rmempty = false
function e.cfgvalue()
return fs.readfile(i) or ""
end
function e.write(self, section, value)
end
t=o:section(TypedSection,"acl_rule",translate("KoolProxy 访问控制"),
translate("ACLs is a tools which used to designate specific IP filter mode,The MAC addresses added to the list will be filtered using https"))
t.template="cbi/tblsection"
t.sortable=true
t.anonymous=true
t.addremove=true
e=t:option(Value,"remarks",translate("Client Remarks"))
e.width="30%"
e.rmempty=true
e=t:option(Value,"ipaddr",translate("IP Address"))
e.width="20%"
e.datatype="ip4addr"
luci.ip.neighbors({family = 4}, function(neighbor)
if neighbor.reachable then
e:value(neighbor.dest:string(), "%s (%s)" %{neighbor.dest:string(), neighbor.mac})
end
end)
e=t:option(Value,"mac",translate("MAC Address"))
e.width="20%"
e.rmempty=true
e.datatype="macaddr"
luci.ip.neighbors({family = 4}, function(neighbor)
if neighbor.reachable then
e:value(neighbor.mac, "%s (%s)" %{neighbor.mac, neighbor.dest:string()})
end
end)
e=t:option(ListValue,"proxy_mode",translate("访问控制"))
e.width="20%"
e.default=1
e.rmempty=false
e:value(0,translate("不过滤"))
e:value(1,translate("http only"))
e:value(2,translate("http + https"))
e:value(3,translate("full port"))
t=o:section(TypedSection,"rss_rule",translate("KoolProxy 规则订阅"), translate("请确保订阅规则的兼容性"))
t.anonymous=true
t.addremove=true
t.sortable=true
t.template="cbi/tblsection"
t.extedit=luci.dispatcher.build_url("admin/services/koolproxy/rss_rule/%s")
t.create=function(...)
local sid=TypedSection.create(...)
if sid then
luci.http.redirect(t.extedit % sid)
return
end
end
e=t:option(Flag,"load",translate("启用"))
e.default=0
e.rmempty=false
e=t:option(DummyValue,"name",translate("规则名称"))
function e.cfgvalue(...)
return Value.cfgvalue(...) or translate("None")
end
e=t:option(DummyValue,"url",translate("规则地址"))
function e.cfgvalue(...)
return Value.cfgvalue(...) or translate("None")
end
e=t:option(DummyValue,"time",translate("更新时间"))
function Download()
local t,e
t=nixio.open("/tmp/upload/koolproxyca.tar.gz","r")
luci.http.header('Content-Disposition','attachment; filename="koolproxyCA.tar.gz"')
luci.http.prepare_content("application/octet-stream")
while true do
e=t:read(nixio.const.buffersize)
if(not e)or(#e==0)then
break
else
luci.http.write(e)
end
end
t:close()
luci.http.close()
end
local t,e
t="/tmp/upload/"
nixio.fs.mkdir(t)
luci.http.setfilehandler(
function(o,a,i)
if not e then
if not o then return end
e=nixio.open(t..o.file,"w")
if not e then
return
end
end
if a and e then
e:write(a)
end
if i and e then
e:close()
e=nil
luci.sys.call("/usr/share/koolproxy/camanagement restore 2>&1 >/dev/null")
end
end
)
return o

36
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/model/cbi/koolproxy/rss_rule.lua Normal file
View File

@ -0,0 +1,36 @@
local m, s, o
local koolproxy = "koolproxy"
local sid = arg[1]
m = Map(koolproxy, "%s - %s" %{translate("koolproxy"), translate("编辑规则")})
m.redirect = luci.dispatcher.build_url("admin/services/koolproxy")
if not arg[1] or m.uci:get(koolproxy, sid) ~= "rss_rule" then
luci.http.redirect(m.redirect)
return
end
-- [[ Edit Rule ]]--
s = m:section(NamedSection, sid, "rss_rule")
s.anonymous = true
s.addremove = true
o=s:option(Flag,"load",translate("启用"))
o.default=0
o.rmempty=false
o=s:option(Value,"name",translate("规则描述"))
o.rmempty=true
o=s:option(Value,"url",translate("规则地址"))
o.rmempty=false
o.placeholder="[https|http|ftp]://[Hostname]/[File]"
function o.validate(self, value)
if not value then
return nil
else
return value
end
end
return m

8
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/view/koolproxy/cadvalue.htm Normal file
View File

@ -0,0 +1,8 @@
<%+cbi/valueheader%>
<span style="color: green">
<%
local val = self:cfgvalue(section) or self.default or ""
write(pcdata(val))
%>
</span>
<%+cbi/valuefooter%>

5
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/view/koolproxy/caupload.htm Normal file
View File

@ -0,0 +1,5 @@
<%+cbi/valueheader%>
<label class="cbi-value" style="display:inline-block; width: 400px" for="ulfile"><font color="red"><%:Upload backup file,The file name must be koolproxyCA.tar.gz%></font></label><br />
<input class="cbi-input-file" style="width: 400px" type="file" id="ulfile" name="ulfile" />
<input type="submit" class="cbi-button cbi-input-apply" name="upload" value="<%:Upload Restore%>" />
<%+cbi/valuefooter%>

3
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/view/koolproxy/dvalue.htm Normal file
View File

@ -0,0 +1,3 @@
<%+cbi/valueheader%>
<span class="koolproxy_status"><%=pcdata(self:cfgvalue(section) or self.default or "")%></span>
<%+cbi/valuefooter%>

16
package/cnsztl/luci-app-koolproxy/files/usr/lib/lua/luci/view/koolproxy/index.htm Normal file
View File

@ -0,0 +1,16 @@
<%#
Copyright 2016 Chen RuiWei <crwbak@gmail.com>
Licensed to the public under the Apache License 2.0.
-%>
<% include("cbi/map") %>
<script type="text/javascript">//<![CDATA[
XHR.poll(2, '<%=luci.dispatcher.build_url("admin", "services", "koolproxy", "status")%>', null,
function(x, result)
{
var status = document.getElementsByClassName('koolproxy_status');
status[0].innerHTML = result.koolproxy?'<b><font color=green><%=translate("RUNNING")%></font></b>':'<b><font color=red><%=translate("NOT RUNNING")%></font></b>';
}
);
//]]>
</script>

23
package/cnsztl/luci-app-koolproxy/files/usr/sbin/adblockplus Executable file
View File

@ -0,0 +1,23 @@
#!/bin/sh
echo "$(date "+%F %T"): 正在下载adblockplus规则..."
wget-ssl --quiet --no-check-certificate https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt -O /tmp/adlist.txt
if [ "$?" == "0" ]; then
grep ^\|\|[^\*]*\^$ /tmp/adlist.txt | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/dnsmasq.adblock
rm -f /tmp/adlist.txt
diff /tmp/dnsmasq.adblock /usr/share/koolproxy/dnsmasq.adblock >/dev/null
[ $? = 0 ] && echo "$(date "+%F %T"): adblockplus本地规则和服务器规则相同无需更新!" && rm -f /tmp/dnsmasq.adblock && return 1
echo "$(date "+%F %T"): 检测到adblockplus规则有更新开始转换规则"
sed -i '/youku/d' /tmp/dnsmasq.adblock >/dev/null 2>&1
sed -i '/[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}/d' /tmp/dnsmasq.adblock >/dev/null 2>&1
mv /tmp/dnsmasq.adblock /usr/share/koolproxy/dnsmasq.adblock
echo "$(date "+%F %T"): adblockplus规则转换完成应用新规则。"
echo ""
echo "$(date "+%F %T"): 重启dnsmasq进程"
/etc/init.d/dnsmasq restart > /dev/null 2>&1
return 0
else
echo "$(date "+%F %T"): 获取在线版本时出现错误! "
[ -f /tmp/adlist.txt ] && rm -f /tmp/adlist.txt
return 1
fi

0
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/adblock.conf Normal file
View File

66
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/camanagement Executable file
View File

@ -0,0 +1,66 @@
#!/bin/sh
kpfolder="/usr/share/koolproxy/data"
kplogfile="/var/log/koolproxy.log"
readyfolder="/tmp/upload/koolproxy"
backup() {
if [ ! -f $kpfolder/private/ca.key.pem ]; then
echo "未找到ca.key.pem请先运行Koolproxy一次" > $kplogfile
exit 1
fi
if [ ! -f $kpfolder/private/base.key.pem ]; then
echo "未找到base.key.pem请先运行Koolproxy一次" > $kplogfile
exit 1
fi
if [ ! -f $kpfolder/certs/ca.crt ]; then
echo "未找到ca.crt请先运行Koolproxy一次" > $kplogfile
exit 1
fi
mkdir -p /tmp/upload
cd $kpfolder
tar czf /tmp/upload/koolproxyca.tar.gz private/ca.key.pem private/base.key.pem certs/ca.crt
[ -f /tmp/upload/koolproxyca.tar.gz ] && echo "证书备份已成功生成。" > $kplogfile
}
restore() {
if [ ! -f /tmp/upload/koolproxyCA.tar.gz ]; then
echo "未找到备份文件文件名必须为koolproxyCA.tar.gz或已损坏请检查备份文件" >> $kplogfile
else
mkdir -p $readyfolder
cd $readyfolder
tar xzf /tmp/upload/koolproxyCA.tar.gz
fi
if [ ! -f $readyfolder/private/ca.key.pem ]; then
echo "未找到ca.key.pem,备份文件不正确或已损坏,请检查备份文件!" > $kplogfile
exit 1
fi
if [ ! -f $readyfolder/private/base.key.pem ]; then
echo "未找到base.key.pem备份文件不正确或已损坏请检查备份文件" > $kplogfile
exit 1
fi
if [ ! -f $readyfolder/certs/ca.crt ]; then
echo "未找到ca.crt备份文件不正确或已损坏请检查备份文件" > $kplogfile
exit 1
fi
mv -f $readyfolder/private/ca.key.pem $kpfolder/private/ca.key.pem
mv -f $readyfolder/private/base.key.pem $kpfolder/private/base.key.pem
mv -f $readyfolder/certs/ca.crt $kpfolder/certs/ca.crt
rm -rf $readyfolder
rm -f /tmp/upload/koolproxyCA.tar.gz
echo "证书成功还原重启Koolproxy。" > $kplogfile
/etc/init.d/koolproxy restart
}
case "$*" in
"backup")
backup
;;
"restore")
restore
;;
"help")
echo "use backup or restore"
;;
esac

29
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/gen_ca.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh
alias echo_date='echo $(date +%Y年%m月%d日\ %X):'
if [ ! -f openssl.cnf ]; then
echo_date "Cannot found openssl.cnf"
exit 1
fi
if [ -f /usr/share/koolproxy/data/private/ca.key.pem ]; then
echo_date "已经有证书了!"
else
echo_date "生成证书中..."
#step 1, root ca
mkdir -p certs private
rm -f serial private/ca.key.pem
chmod 700 private
echo 1000 > serial
openssl genrsa -aes256 -passout pass:koolshare -out private/ca.key.pem 2048
chmod 400 private/ca.key.pem
openssl req -config openssl.cnf -passin pass:koolshare \
-subj "/C=CN/ST=Beijing/L=KP/O=KoolProxy inc/CN=koolproxy.com" \
-key private/ca.key.pem \
-new -x509 -days 7300 -sha256 -extensions v3_ca \
-out certs/ca.crt
#step 2, domain rsa key
openssl genrsa -aes256 -passout pass:koolshare -out private/base.key.pem 2048
echo_date "证书生成完毕..."
fi

132
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/openssl.cnf Executable file
View File

@ -0,0 +1,132 @@
# OpenSSL root CA configuration file.
# Copy to `/root/ca/openssl.cnf`.
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = ./ca
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
database = $dir/index.txt
serial = $dir/serial
RANDFILE = $dir/private/.rand
# The root key and root certificate.
private_key = $dir/private/ca.key.pem
certificate = $dir/certs/ca.cert.pem
# For certificate revocation lists.
crlnumber = $dir/crlnumber
crl = $dir/crl/ca.crl.pem
crl_extensions = crl_ext
default_crl_days = 30
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
name_opt = ca_default
cert_opt = ca_default
default_days = 375
preserve = no
policy = policy_strict
[ policy_strict ]
# The root CA should only sign intermediate certificates that match.
# See the POLICY FORMAT section of `man ca`.
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ policy_loose ]
# Allow the intermediate CA to sign a more diverse range of certificates.
# See the POLICY FORMAT section of the `ca` man page.
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
# Options for the `req` tool (`man req`).
default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = utf8only
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
# Extension to add when the -x509 option is used.
x509_extensions = v3_ca
[ req_distinguished_name ]
# See <https://en.wikipedia.org/wiki/Certificate_signing_request>.
countryName = Country Name (2 letter code)
stateOrProvinceName = State or Province Name
localityName = Locality Name
0.organizationName = Organization Name
organizationalUnitName = Organizational Unit Name
commonName = Common Name
emailAddress = Email Address
# Optionally, specify some defaults.
countryName_default = GB
stateOrProvinceName_default = England
localityName_default =
0.organizationName_default = Alice Ltd
organizationalUnitName_default =
emailAddress_default =
[ v3_ca ]
# Extensions for a typical CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ v3_intermediate_ca ]
# Extensions for a typical intermediate CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true, pathlen:0
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ usr_cert ]
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = client, email
nsComment = "OpenSSL Generated Client Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, emailProtection
[ server_cert ]
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
[ crl_ext ]
# Extension for CRLs (`man x509v3_config`).
authorityKeyIdentifier=keyid:always
[ ocsp ]
# Extension for OCSP signing certificates (`man ocsp`).
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, digitalSignature
extendedKeyUsage = critical, OCSPSigning

591
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/rules/daily.txt Normal file
View File

@ -0,0 +1,591 @@
!x -----------------------------------------------------------------------------------------------------------------
!x -----[KoolProxy 3.8.4]
!x -----Thanks: From lvba Group
!x -----Thanks for help: <yiclear> <adbyby> <adm> <adblock> <adguard>
!x -----------------------------------------------------------------------------------------------------------------
! ---- baidu union ----
|http://*/*mgkokpa.js
|http://*/*rlptqpn.js
! ---- baidu union ----
! ---- unsafe download ----
|http://*/*_*@*.exe
|http://*/*@*_*.exe
! ---- unsafe download ----
!x -----------------------------------------------------------------------------------------------------------------
@@@@|https://pic.yefu365.com
@@@@|https://www.douyu.com
@@@@|https://www.bilibili.com
@@@@|https://crash.163.com
@@|http://static.ws.126.net
@@|http://img3.126.net
@@|http://logstat.laosiji.com/index.html?
@@||cnzz.com/q_stat.php$domain=qd.alibaba.com
@@||mmstat.com/eg.js$domain=rjno1.com
|http://*/adright.$domain=elecfans.com
|http://d1.5h.com^
|http://www.52movieba.com/img/ad*
|http://ad.*
|http://*/adimg/*
|http://*/adImg/*
|https://media.trafficjunky.net/js/holiday-promo.js
|https://smpop.icfcdn.com/smpop-stable.js
|https://wxstatic.cn
|https://qclcdn.cn^
|https://mc.tvzhe.com^
|https://www.toolnb.com/Public/aliyun/900x60.png
|https://max.book118.com/statics/js2/
|https://max.book118.com/Public/book118/js/scz-zip/
|https://max.book118.com/Public/book118/js/picture-else/
|https://mgtv.djjca.cn/mgtv.php
|https://hkitblog.com^*-banner
|https://daima.huoche.net^
|https://pan.keyunzhan.com^
|https://static.hsbianma.com/Content/images/*-ad-
|https://chequeconvert.hkcoding.com/img/
|https://o.aolcdn.com/ads/
|https://e.so.com/baike/ads?
|https://v1.phb123.com^
|https://www.atyun.com/wp-content/themes/xmag/js/ad.js
|https://ba.cydp5.com^
|https://js.jianbaimei.com^
|https://www.91wii.com/*/common/ad_
|https://www.91wii.com/data/ad/
|https://asianmedia.com/*/www/delivery/
|https://fzb01.qiushibaike.com^
|https://cdn1.tvzhe.com^
|https://ssl.bsriedu.cn:8004/
|https://ax.*.ifeng.com^
|https://emjs.mkzhan.com^
|https://d1.5h.com^
|https://www.danji6.com/style/style2016/js/gaosuxiazai.js
|https://yy2018.jintonghua.com^
|https://www.dangdang.com/adall.
|https://www.dandanzan.com/res/dan
|https://kpshx.douguo.com
|https://ftic.qifake.com^
|https://dd1.diymianmo.com^
|https://union*.365inews.com^
|https://union1.365inews.com^
|https://ads.exosrv.com/ads.js
|https://rugncn.ifeng.com^
|https://jiejg.ifeng.com^
|https://bdjs.ixiumei.com^
|https://di.phncdn.com/www-static/js/
|https://ads.trafficjunky.net/ads?
|https://www.google-analytics.com/analytics.js
||eryamishu.com/zb_system/image/logo/64060.png
||eryamishu.com/zb_users/upload/2016/04/201604061459908985564295.jpg
||gum.xbooks.to/js/pc/pc_*_
||gum.xbooks.to/js/pc/pc_tsuibi
||meng.360zuowen.com^
||jzb.com/website/fe/pub_js/dbclickshow.js
||cjjjs.com/script/ad.js
||int.w3tong.com^
||fsdpp.cn/123.jpeg
||fsdpp.cn/skin/idea/images/hongbao.jpg
||52pk.com/style/files/images/beitou.jpg
||greenxf.com^$script
||91bg.xyz/Runtime/Js/
||usxpic.com/btimg/upload/image/20180426/42600001974.gif
||aigou023.com^
||ifengimg.com/static/news/js/newsAdvtrack_
||dm530.net/js/ne/*.js*.js
||jrjimg.cn/common/foot/wxXcxTg.js
||beijinglvyou.net.cn^
||76mao.com/52
||elecfans.com/skin-*ad_
||mglvqian.com^
||letvimg.com/*gugwl/*.swf
||emule.org.cn/km.gif
||emule.org.cn/templets/default/
||ucstatic.cn^
||mengheyu.com^
||7ia9h.cn^
||991pao.com^
||lfhnkp.com^
||1.ttxs123.net^
||chinaz.com/zt/hanyi/images/ziyou.jpg
||cnfol.com/index_new.php?id=
||cnfol.com/pc/Js/as/
||easypatent.net^
||aliyuncs.com/img/aliyun/300x300.jpg
||aliyuncs.com/img/aliyun/560x260.png
||bdcode.qinglm.com^
||hqcx.net/images/baidu.jpg
||159i.com/video/usr/uploads/1-
||159i.com/video/usr/uploads/bd/$image
||live173.com/AD/
||baid1.okooo.com^
||hqcx.net/index.php?m=poster&
||datas.tianqistatic.com^
||tom.com/adsender/
||gazoeft.cn^
||lglady.cn^
||cxslchkb.cn^
||hxyl.net/js/tv.js
||yjoiunf.com:5656/
||pniao.com/View/images/dianpu.png
||xcxzxc.cn
||https://7160.com/js/adweb
||https://7160.com/js/tiaozhuanquanju.js
||https://wdeie.com^
||https://zxin131.cn^
||https://yzaosite.com^
||https://zencu.com.cn^
||https://xn6ffc.com^
||https://yefu365.com^
||https://cojia.net:4457/
||https://4006825178.com^
||https://cwj2h.cn^
||https://18dusun.com^
||https://fjmailia.com^
||https://6yush.cn^
||https://15tianqi.com^
||https://wanzhuang.com^
||https://ybanj.com^
||https://spot.im/yad/
||https://atwola.com^
||https://spot.im/yad/
||https://adnxs.com^
||https://spotxchange.com^
||https://hnfxty.cn^
||https://clmmw.com^
||https://hchik.com^
||https://wjier.com^
||https://tinwong.cn^
||https://ywadf.cn^
||https://fastapi.net^
||https://ynp0h.cn^
||https://ejiur.com^
||https://qgaot.com^
||https://6nzev.cn^
||https://kguaq.com^
||https://nettsl.com^
||https://chenyanjiao.cn^
||https://ayues.com^
||https://22pixx.xyz/l/
||https://acv5e.cn^
||https://cxfzw.cn^
||https://tbaia.com^
||https://ysxywj.com^
||https://yjiaj.com^
||https://just9229.cn^
||https://tenh2.cn^
||https://beijinglvyou.net.cn^
||https://wcail.com^
||https://aganj.com^
||https://boyueguoji.com^
||https://heizundg.cn^
||https://themee.cn^
||https://kcenu.com^
||https://vkuay.com^
||https://whshangsha.com^
||https://shypqc.com^
||https://afefw.com:5110/
||https://c6z85.cn^
||https://pqnlorg.cn^
||https://gadhx.cn^
||https://galaxyns.com^
||https://rerwe.cn^
||https://izouo.com^
||https://979067.com^
||https://idanmei.cn^
||https://ni87.com^
||https://hzuok.com^
||https://baful.net:4459/
||https://aishangcan.com^
||https://spectram.pro^
||https://nxh2h.cn^
||https://vchim.com^
||https://qdiut.com^
||https://aliguojw.com^
||https://qwertyuiopa.co^
||https://boweineng.cn^
||https://wvstatic.cn^
||https://rtslgov.cn^
||https://gjuet.com^
||https://jscode.acg68.com^
||https://fbieq.com^
||https://zutodu.cn^
||https://fanli.in^
||https://ybaiu.com^
||https://xng02.com/api.php?mod=ad&
||https://wp.com/fbcinema.com/wp-content/uploads/20*?w=450
||https://yootui19999.com^
||https://phncdn.com/iframe
||https://dbeii.com^
||https://dceni.com^
||https://syxsa.cn^
||https://69yll.cn^
||https://yunsoka.com^
||https://xhera.cn^
||https://iyygzs.com^
||https://dldsrs.com^
||https://pkbrxja.cn^
||https://emshx.cn^
||https://ifengimg.com/*Couplet
||https://ifengimg.com/*adview_
||https://mmpuh.cn
||https://ucstatic.cn^
||https://mengheyu.com^
||https://hduic.com^
||https://991pao.com^
||https://7ia9h.cn^
||https://991pao.com^
||https://sjaidu.com^
||https://lguir.com^
||https://ibaop.com^
||https://zcand.com^
||https://mdous.com^
||https://tdoup.com^
||https://h2pzh.cn^
||https://wbanz.com^
||https://lfhnkp.com^
||https://1.ttxs123.net^
||https://jdflower.cn^
||https://baiduspider1.cn^
||https://wcaos.com^
||https://07kfh.cn^
||https://ahuac.com^
||https://fcunq.com^
||https://juejin.im/graphql
||https://9pb0h.cn^
||https://tjiaa.com^
||https://vbanm.com^
||https://hlhulu.com^
||https://ifeng.com^*=YWRp
||https://deliver.ifeng.com^
||https://izuis.com
||https://ifengimg.com/web/d/c_shichuang.js
!|https://pan.baidu.com/feproxy/ad/list?
!x -----------------------------------------------------------------------------------------------------------------
!|https://pan.baidu.com,yun.baidu.com##[id^="share-ad-"],A#share_ad_info_panl,div[id^="cpro_"],img.share-center,.ad-platform-tips,.banner-active
!x -----------------------------------------------------------------------------------------------------------------
||avtbo.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||av.movie/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||gdmm.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||ad353.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||zhongzishenqi.pw/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||thzvv.*/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||ruanyifeng.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||itboth.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||itkeyword.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||pniao.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||uxxux.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||360-bo.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||cnforex.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||onlytvb.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||onlytvb.com/$s@</body>@<script>fuckcss('#photo-carousel')</script></body>@
||dilidili.wang/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||yxdown.com/$s@</body>@<script>fuckcss('#adv_1,.pic_show');</script></body>@
||yxdown.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||epinv.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||epinv.com/$s@</body>@<script>fuckcss('.close:contains(关闭)');</script></body>@
||39.net/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||xsjdy.net/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||youxijpw.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||eyy5.cn/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||yn-dove.cn/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||https://mydrivers.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
||https://cnbeta.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.zuixingkong.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.freep.cn/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.ixjys.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.rs05.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://news.163.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.rs05.com/$s@</body>@<script>fuckcss('.item-third-dl,li:contains(家里没矿),li:contains(支付宝),.slideBox');</script></body>@
|http://bbs.hh010.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://thz2.cc/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.52ghai.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.52ghai.com/$s@</head>@<script>fuckcss('A[href="https://7449k.com/"]')</script></head>@
|http://cpnn5.com:91/$s@</head>@<script>fuckcss('A[href="https://7449k.com/"]')</script></head>@
|http://www.eroacg.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.friok.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.cjjjs.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.55xia.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://chromecj.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.ainuody.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://dm.dm530.net/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://dm.dm530.net/$s@</head>@<script>fuckcss('FuckXHR')</script></head>@
|http://m.biqu*.*/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.chnmoney.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.zimuzu.io/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://*btbtdy.*/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://m.biqu*.*/$s@</head>@<script>fuckcss('FuckXHR')</script></head>@
|http://www.meijumi.vip/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.meijumi.vip/$s@</body>@<script>fuckcss('.dgd_stb_box.none')</script></body>@
|http://www.avtbp.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://onetvb.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://onetvb.com/$s@</body>@<script>fuckcss('.photo-carousel,div#photo-carousel,img[src^="http://pan-yz.chaoxing.com/"]')</script></body>@
|http://yeyemo.biz/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.jav777.cc/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://159i.com/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://159i.com/$s@</body>@<script>fuckcss('img[src^="https://159i.com/video/"],img[src^="/video/usr/uploads/bd/"],img[src^="//159i.com/video/usr/uploads/bd/"],img[src^="//img1.uploadhouse.com/"]')</script></body>@
|http://www.xunbopian.cc/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|http://www.xunbopian.cc/$s@</head>@<script>fuckcss('FuckXHR')</script></head>@
|https://www.avav336.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.bt121.net/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://99a18.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://cnbtkitty.xyz/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.onetvb.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.phb123.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.ankangwang.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.445zh.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.sbiquge.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://wangpan007.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.eyusky.net/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://cc.dety.men/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.1788hd.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.btdx8.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.coolinet.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.tywx.la/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.tywx.la/$s@</head>@<script>fuckcss('FuckXHR')</script></head>@
|https://www.lanzous.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.biquge5200.cc/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://m.biquge5200.cc/$s@</head>@<script>fuckcss('FuckXHR')</script></head>@
|https://www.tom024.com/$s@</head>@<script src="https://kprules.b0.upaiyun.com/js/AR.js"></script></head>@
|https://xclient.info/$s@</head>@<script src=http://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=http://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.torrentkitty.se/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.imeiju.cc/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.chinatimes.com/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
|https://www.wudidy.net/$s@</head>@<script src=https://kprules.b0.upaiyun.com/js/hide_w.js></script><script src=https://kprules.b0.upaiyun.com/js/hide.js charset=UTF-8></script></head>@
!x -----------------------------------------------------------------------------------------------------------------
www.freep.cn###divimg_2
epinv.com##A[href*=".taobao.com"]
vpansou.com##A[href*=".taobao.com"]
dilidili.wang###newapp2018
w1rl.xyz##A[href^="/htmm/"]
zuanke8.com##DIV[style="padding:0px 0 10px 0;background-color:#F1F1F1;"],.zuanpw
youxijpw.com##[id^="bn_con"]
elecfans.com###MiddleLeaderboard,#company-ad,#new-adsm-berry,#adChannel,[id^="new-listAd"]
lvse.cn###ad_banner_outer,[class^="fb_banner"]
xmfish.com##.adv-760,[id^="adm_show_"],.wrapxy
58pic.com##.twelveModel,.feast,[id^="model-gift"],[id^="search_"]>*,.twelveFixedPage,.tallyActivity,div#ad.clearfix.w1200
cnfol.com##.allAd.Mt10,.rightAd,[class^="wid595Ad"],[class^="wid390Ad"],.wid600Ad,[class^="wid325Ad"],.Ad310,[class^="NavTopAd"],.wid300,.Ad1000,.NewAdBox.Cf
ali213.net##.ad1,[class^="ad_news_"]
www.bt.cn##.btad
ckck.vip##.alert_windows
9669.cn##.mt10[style="height:260px;"]
bbs.hh010.com##[id$="_banadblock"],#fwin_banadblock_cover,.wp.a_hh_h
sogou.com##.pz-widget-flash-container
eryamishu.com##.post_tags
xbooks.to##DIV[style="width:900px; height:250px; margin: -15px auto 15px auto;"],.movie-in-ad
kpd80.com###wrapper_right_bg[target="_blank"],.topad
zuowen.com##[class^="couplet_"]
360zuowen.com##[class^="guanggao"],.lew_tu
eworldship.com###d1,#d2,A[href*="ad_click&"]
kdnet.net##.c_spread
bbs.zhiyoo.com##.a_p
52pk.com###bg_link,.tcgg.ggleft,.tcgg.ggright
qmaile.com,wandhi.com##A[style="display: inline-block;position: relative"],#lovexin121
zysj.com.cn###ad_pc_bottom
pniao.com##img[src$="images/dianpu.png"]
tom.com###body_right_banner
isso.com.cn###wqd1519353145001serial
itboth.com##ad_pop,.ad_pop_left
hz66.com###hzhead + .column,.ad-line
huarenjie.net##DIV[style*="top: 50px;"]
33am.cn##.bd_980_90
m.9bbg.com##[class^="ndti"],[id^="ndt"]
html-js.com##.module[style="padding:0;"],DIV[style="margin:10px auto;width:1000px;"]
zimuzu.io##img[src^="http://tu.jstucdn.com/g3/ad-img/"]
huaban.com##.extra
henan100.com##.boxB
so.com##.windisplayCell,.commercialCell
gter.net##.ad1,.bottom,[class*="ad"]
m.520boxtv.com##.logo_top
|https://ditu.so.com##DIV[class^="index-adflag-"] + A,#imageSearch
|https://bbs.instrument.com.cn##A[href*="/ad/"]
|https://www.ggdoc.com.cn##.adDiv
|https://hkitblog.com##.widget_text.widget.widget_custom_html,.widget widget_text,.widget.widget_text
|https://www.backchina.com##DIV[style^="width:300px; min-height: 250px;"],div[id^="div-gpt-ad"],a[href*=".21usdeal.com"],.eis_subnav_area,.adsbygoogle,[style="width:300px; margin:0;"],.banner_ad,#eis_pad1,iframe[width="728"][height="90"],.trc-content-sponsored,.trc_related_container div[data-item-syndicated="true"],[style^="min-width:728px;min-height:90px;"]
|https://www.91wii.com##.a_fr,.a_fl
|https://www.rebooo.com###gong
|https://www.iqshw.com###ZAML
|https://www.howbuy.com##.topBigAd,a[href^="https://www.howbuy.com/advertisement/"]
|https://99a18.com,https://99re.com,https://99re16.com##.dmcenter,.layui-layer-shade,img[class="half-img"]
|https://99a18.com,https://99re.com,https://99re16.com##.spots,#_iframe_content
|https://www.keyunzhan.com###AdLayer2
|https://www.toolfk.com##.ad-container,.adsbygoogle
|https://www.pangzi.ca###pop
|https://cc.dety.men##.tips,#footer > table:nth-child(2) > tbody:nth-child(1) > tr:nth-child(1)
|https://cc.dety.men##DIV > A > IMG[src^="http://www.t66y.cc/img/"]:first-child,DIV.container > DIV > A[rel="nofollow"],blockquote img[onclick^="window.open('http://www.viidii.info/"],blockquote .f16
|https://www.pangzi.ca##img[src*="/ads/images"]
|https://lifanmoe.xyz##a[href^="http"]:not([href*="lifanmoe."]) > img[src*=".sinaimg."]
|https://btring.com##.card[target="_blank"]
|https://forum.xda-developers.com##.sponsor-banner,.leaderboard
|https://finance.sina.com.cn##.m-s-tab + DIV
|https://wenku.baidu.com##.ad-vip-close,.topicBox.search-topicBox-wrap
|https://www.tom024.com###layui-layer1,.layui-layer-shade
|https://www.china.com##.tonglan
|https://www.bt.cn##.btad
|https://www.myqqjd.com###advert_widget,.qz-box
|https://xclient.info##.lim-ad
|https://www.e-learn.cn###block-layui-ele,#block-tengxunyunshuang11
|https://gaus.ee##.adsbygoogle
|https://juejin.im##.sidebar-bd-entry
|https://www.cnbeta.com##.trc_related_container div[data-item-syndicated="true"]
||https://css88.com##.spark-rm
||https://zhangxinxu.com###topRecomm
||https://fastadmin.net##.container > .d-lg-block:first-child
||https://renren101.com##.ad-flag-wrap
||https://xsool.com###diy1,#diynavtop
||https://appinn.com###ranshownow
||https://engadget.com###atwAdFrame2,#atwAdFrame1,#atwAdFrame2,#AdDiv,div[data-spotim-slot],div[data-nav-drawer-slide-panel] > aside[role="banner"]
||https://haha.mx##.joke-list-anecdote,.ad-2,.ad-6,.adsbygoogle
||https://huarenjie.net##DIV[style*="top: 50px;"]
||https://laomoit.com###sidebar A[target="_blank"] > IMG,.cboxElement + CENTER[style=" padding-top:10px; "]
||https://pornhub.com##body > .wrapper + div[class][-ext-has='> .removeAdLink']
||https://pornhub.com##.realsex,.removeAdsStyle,.ad-link,#hAd
|https://hao.360.cn###header-patch,#daily-hotwords,#top_activity,#top_hotsite,#activity,#iguess,.mbar-bd,#festival-logoskin,#plane > .plane-hd,.cangbao_redbags,#top-full-column-tips,#plane-ria,.ad-top
!x -----------------------------------------------------------------------------------------------------------------
|http://bbs.hh010.com/$s@var freeaddon_banadblock = 0;@var freeaddon_banadblock = 30;@
|http://www.52movieba.com$s@var ua*</script>@</script>@
|http://vv.video.qq.com/getvinfo?$s@<ad>*</ad>@@
||52pk.com/$s@function goto() {@function goto() { return;@
|https://cc.dety.men/*.html$s@/((!?function )[readS\w]+\(\) ?{)/@${1}return;@
|https://cc.dety.men/*.html$s@/(setTimeout\(function ?\(\) ?{)/@${1}return;@
|https://cc.dety.men/*.html$s@<br><br>@<br>@
|https://www.coolinet.com/$s@e.insert(c);@return 0;@
|https://currencyex.doitwell.tw/$s@setTimeout(function() {@setTimeout(function() { return;@
|https://console.bonuscloud.io/$r@/https:\/\/.*\.bonuscloud\.io\/.*/@https://kprules.b0.upaiyun.com/null/404.html@
!x ------------------------------------------ xiaoshuo TXT ADV ----------------------------------------------------
|http://js.passport.qihucdn.com/11
|https://yihu.s06th.cn^
|https://m.zhenben.cc/2000/
||https://mgsue.cn^
||https://hjues.com^
|https://m.hjiec.com^
||https://ffanq.com^
||abfirst.cn^
||https://mendoc.cn^
||https://eshuy.com^
|http://*/haojio/images/KF-ZL.jpg
|http://livep.l.qq.com/livemsg?
|http://mtrace.qq.com/mkvcollect?
|http://dp3.qq.com/
|http://news.l.qq.com/app?
|https://1.bh5.com.cn^
|https://adman.henghost.com
|https://abc.hkepc.net^
|https://www.toolfk.com/tools/images/vps/
|https://www.toolfk.com/common/cp.js
|https://dp3.qq.com/
|https://news.l.qq.com/app?
|https://union.591.com.tw/cpt?
|https://vip.fengyelin.net:9595/
|https://m.eshuy.com^
|https://m.tingshuge.com/*/m
|https://static.xiashu.la/*/js/read.js
|https://static.xiashu.la/*/js/fx.js?0.4
|http://m.wodexiaoshuo2.cc/js/zhangjie.js
|https://m.xinshula.com/js/ziji
|https://m.x81zw.com/x81.js
|http://m.wodexiaoshuo2.cc/js/xialun
|https://wap.txtduo.com/mtxtduo.js
|https://m.txt2017.com/*/js/style.js
|https://m.shuanshu.com/js/dipiao.js
|https://m.booktxt.net/js/ym11111
|https://m.bxwx9.org/mjs/newwap.js
|https://m.shengyan.org/*/book.js
|https://m.biduo.cc/scripts/common.js
|https://m.qianrenge.cc/*/common.js
|https://m.zhuaji.org/css/common.js
|https://m.sjxs.la/js/comm.js
|https://m.qianrenge.cc/*/true.js
|https://m.liewen.cc/js/common.js
|https://m.biqumo.com/baidu/newcn
|http://m.biqugego.com/wap/dun.js
|https://gg.dsxdn.com/duanwenxue/wapdwx.js
|http://m.longtanxs.com/js/baisu.js
|https://jiansuo.dsxdn.com^
|https://m.ttzw.com/*/true.js
|https://m.ttzw.com/*/h.js
|https://m.duanwenxue.com/js/tongji.js
|https://m.dpcq1.net/*/s_wap_novelsearch_chapter_read.js
|https://m.daizhuzai.com/*/s_wap_novelsearch_chapter_read.js
|https://m.duanwenxue.com/functions/
|https://m.qu.la/*/true.js
|https://m.qu.la/*/cp.js
|http://m.xbiquge.la/js/wap.js
|https://m.biqudao.com/js/wap.js
|https://m.555zw.com/js/wap.js
|https://m.aszw.org/js/wap.js
|https://m.kewaishu.info/ad1/wap.js
|https://m.ranwena.com/scripts/wap.js
|https://m.sjxs.la/js/wap.js
|https://m.zhenben.cc/js/wap.js
|https://m.zhenben.cc/foot.js
|https://m.yfxiaoshuod.com/js/foot.js
|http://*/wap.js$domain=23wxx.com|chenhuixsd.com|cyxse.com|hfxiaoshuo.com|hlxiaoshuo.net|lwxiaoshuo.com|m.1200ksw.com|m.16kxsw.com|m.23sw.net|m.2kxs.com|m.31wxw8.com|m.360118.com|m.37zw.net|m.3dllc.cc|m.3kw.cc|m.50zw.co|m.50zw.la|m.50zww.com|m.52biquge.com|m.555zw.com|m.58xs.tw|m.5ccc.net|m.630book.la|m.67shu.com|m.69shu.org|m.6mao.com|m.80txt.com|m.83zw.com|m.88106.com|m.88dus.com|m.98xiaoshuo.com|m.99shumeng.net|m.aiquxs.com|m.amu520.com|m.aszw.org|m.b5200.net|m.baishulou8.com|m.baoliny.com|m.beijingaishu.net|m.bichi.me|m.biqudu.com|m.biquge.cm|m.biquge.com.tw|m.biquge.info|m.biqugego.com|m.biqugexsw.com|m.biqugezw.com|m.biqumo.com|m.biquwu.cc|m.boluoxs.com|m.book9.net|m.booktxt.net|m.bqg5.cc|m.bqg5200.com|m.bxwx9.org|m.daizhuzai.com|m.dashubao.cc|m.ddxsw.net|m.dhzw.org|m.diyibanzhu.xyz|m.dpcq1.net|m.duanwenxue.com|m.fhxiaoshuo.com|m.fhxsw.org|m.gsdaquan.com|m.gulizw.com|m.gxwztv.com|m.haotxt.com|m.haxwx2.com|m.heiyanwang.com|m.hkslg.net|m.jjxsw.org|m.kewaishu.info|m.konlan.org|m.kxs7.com|m.lanseshuba.com|m.lbxs.com|m.ldw.la|m.lewenxiaoshuo.com|m.liewen.cc|m.liushuba.com|m.lkshu.com|m.longtanxs.com|m.luoqiu.com|m.lwtxt.net|m.miaobige.com|m.miaoshufang.com|m.mishug.com|m.mpzw.com|m.panqis.cn|m.qianrenge.cc|m.qu.la|m.ranwena.com|m.sanjiangge.com|m.shengyan.org|m.shuanshu.com|m.shuketxt.net|m.shumil.com|m.shuqu8.com|m.shuquge.com|m.shushu8.com|m.silukeke.com|m.sjtxt.la|m.snwx8.com|m.sosoxiaoshuo.cc|m.sqsxs.com|m.suimeng.la|m.tingshuge.com|m.tmetb.net|m.tsxsw.com|m.ttzw.com|m.txt2017.com|m.txtduo.com|m.tywxw.la|m.vodtw.com|m.wanjuanba.com|m.wantxt.com|m.wenxue6.com|m.wenxuem.com|m.wenxuemi.com|m.wodeshucheng.com|m.wodexiaoshuo1.cc|m.x81zw.com|m.xbxwx.net|m.xiaoxiaoshuwu.net|m.xiashu.la|m.xinshula.com|m.xs.la|m.xs222.tw|m.xy48.net|m.yawenb.com|m.ybdu.com|m.yssm.org|m.yunlaige.com|m.yuyouge.com|m.zbzw.la|m.zhenben.cc|m.zhuaji.org|m.zhuishubang.com|qihaoqihao.com|wap.xxbiquge.com|wap.yb3.cc|xntk.net|yfxiaoshuoa.com|zhxiaoshuoa.com|zwdu.com|k.heiyanwang.com|3g.wenxuem.com|m.biquyun.com|dm530.net
|https://m.52biquge.com/*/true.js
|https://m.52biquge.com/*/h.js
|https://wap.xbiquge6.com/js/script.js
|https://m.chenhuixsg.com/js/foot.js
|https://m.chenhuixsg.com/js/p.js
|https://m.chenhuixsg.com/js/b.js
|https://m.chenhuixsg.com/js/p.js
|https://m.chenhuixsg.com/js/y.js
|https://m.chenhuixsg.com/js/hfz
|https://m.cyxsi.com/js/foot.js
|https://m.cyxsi.com/js/p.js
|https://m.cyxsi.com/js/b.js
|https://m.cyxsi.com/js/hfz
|https://m.yfxiaoshuod.com/js/hfz
|https://m.hfxiaoshuoa.com/js/foot.js
|https://m.hfxiaoshuoa.com/js/p.js
|https://m.hfxiaoshuoa.com/js/b.js
|https://m.hfxiaoshuoa.com/js/y.js
|https://m.hfxiaoshuoa.com/js/hfz
|https://m.hlxiaoshuoa.com/js/foot.js
|https://m.hlxiaoshuoa.com/js/p.js
|https://m.hlxiaoshuoa.com/js/b.js
|https://m.hlxiaoshuoa.com/js/y.js
|https://m.hlxiaoshuoa.com/js/hfz
|https://m.bichi.me/hepu/nydj
|https://m.bichi.me/hepu/xxf.js
|https://m.88dush.com/mobile/css/m.js
|https://www.qihaoqihao.com/script/book.js
||https://ienkdaccessible.cn^
|http://m.31wxw8.com/*/so.js
||https://edysn.cn^
|https://www.93vitui.com/svr/weixin.aspx?
|http://m.kukudm.com/mg/show2.js
||https://18tzx.com^
||https://uodoo.com^
|https://track.uc.cn/collect?
|https://rescn.u3.ucweb.com^
|https://applog.uc.cn/collect?
|https://m.cyxsi.com/js/m.js?$s@function _17mb_@function @
|https://m.hfxiaoshuoa.com/js/wap.js?$s@function _17mb_@function @
|https://m.hlxiaoshuoa.com/js/wap.js?$s@function _17mb_@function @
|https://m.23uu.org/*/script/wap.js$s@function _17mb_@function @
|https://m.fpzw.com/wap/wap.js$s@function style_@function @
|http://m.biquge.com.tw/*/style.js$s@function m_@function @
|https://m.x83zw.com/style/style.js$s@function yd_d@function @
|https://m.beijingaishu.net/*/wap.js$s@function qijixs_@function @
|https://m.bichi.me/wap/qijixs/wap.js$s@function xbaixs_@function @
|https://m.booktxt.net/js/read.js$s@function _17mb@function @
|https://m.bqg5.cc/js/main.js$s@function invoke1@function xxxx@
|https://m.dhzw.org/js/wap.js$s@function xuanfu@function xxxxxx@
|https://m.dhzw.org/js/wap.js$s@function yuedu@function xxxxxx@
|https://m.hkslg.net/js/wap.js$s@function yuedu@function xxxxx@
|https://m.lewenxiaoshuo.com/js/wap.js$s@function xuanfu@function xxxxxx@
|https://m.lewenxiaoshuo.com/js/wap.js$s@function yuedu@function xxxxxx@
|https://m.konlan.org/js/wap.js$s@function xuanfu@function xxxxxx@
|https://m.konlan.org/js/wap.js$s@function yuedu@function xxxxxx@
|https://m.sanjiangge.com/js/wap.js$s@function _17mb@function _xxxxx@
|https://m.sanjiangge.com/fs/style.js$s@function _17mb@function _xxxxx@
|https://m.snwx8.com/$s@function xuanxuan@function xxxxxx@
|https://m.snwx8.com/$s@function yuedu@function xxxxxx@
|https://m.sqsxs.com/js/wap.js$s@function xuanfu@function xxxxxx@
|https://m.sqsxs.com/js/wap.js$s@function yuedu@function xxxxxx@
|https://m.tmetb.net/js/wap.js$s@function xuanfu@function xxxxxx@
|https://m.tmetb.net/js/wap.js$s@function yuedu@function xxxxxx@
|https://m.wenxuemi6.com/js/common.js$s@function style_@function xxxxx_@
|https://m.zwdu.com/scripts/common.js$s@function app3@function xxxxx@
|http://m.biquge.com.tw/style/style.js$s@function middle(){*function uc_foot(){*}@@
|https://m.biqugexsw.com/js/common.js$s@eval(function(*});@@
!x ------------------------------------------ xiaoshuo TXT ADV ----------------------------------------------------

12576
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/rules/koolproxy.txt Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/rules/kp.dat Normal file
View File

Binary file not shown.

49
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/rules/user.txt Normal file
View File

@ -0,0 +1,49 @@
! ******************************* koolproxy 自定义过滤语法简表 *******************************
! ------------------------ 规则基于adblock规则并进行了语法部分的扩展 ------------------------
! ABP规则请参考https://adblockplus.org/zh_CN/filters下面为大致摘要
! "!" 为行注释符,注释行以该符号起始作为一行注释语义,用于规则描述
! "@@" 为白名单符,白名单具有最高优先级,放行过滤的网站,例如:@@||taobao.com
! "@@@@" 超级白名单比白名单符拥有更高的优先级主要用于放行https网站例如:@@@@||https://taobao.com
! ------------------------------------------------------------------------------------------
! "*" 为字符通配符能够匹配0长度或任意长度的字符串该通配符不能与正则语法混用。
! "^" 为分隔符,可以是除了字母、数字或者 _ - . % 之外的任何字符。
! "~" 为排除标识符,通配符能过滤大多数广告,但同时存在误杀, 可以通过排除标识符修正误杀链接。
! 注:通配符仅在 url 规则中支持html 规则中不支持
! ------------------------------------------------------------------------------------------
! "|" 为管线符号,来表示地址的最前端或最末端
! "||" 为子域通配符,方便匹配主域名下的所有子域
! 用法及例子如下:(以下等号表示等价于)
! ||xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad*
! ||http://xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad*
! ||https://xx.com/ad = https://xx.com/ad* || https://*.xx.com/ad*
! |xx.com/ad = http://xx.com/ad*
! |http://xx.com/ad = http://xx.com/ad*
! |https://xx.com/ad = https://xx.com/ad*
! ad = http://*ad*
! http://ad = http://*ad*
! https://ad = 不支持,需要指定域名,如下例
! https://xx.com/ad = |https://xx.com/ad = https://xx.com/ad*
! [同时可以表示两个以及两个以上的域名]如下例子
! https://xx.ad.com 和 https://xxx.xx.ad.com = ||https://ad.com (注意! 由于https的原因使用要非常谨慎,不可以大范围使用)
! ------------------------------------------------------------------------------------------
! 兼容adblock规则的html规则语法例如
! fulldls.com,torrentzap.com##.tp_reccomend_banner
! 但是推荐写成以下标准写法:
! ||fulldls.com##.tp_reccomend_banner
! ||torrentzap.com##.tp_reccomend_banner
! 如果一个网站html规则有多条可以合并为这样
! ||torrentzap.com##.tp_reccomend_banner,.ad_top,[class="ad_right"]......
! ------------------------------------------------------------------------------------------
! 文本替换语法:$s@匹配内容@替换内容@
! 非标准端口过滤语法:||abc.com:8081/ad.html或者|http://adb.com:8081/
! 文本替换例子:|http://cdn.pcbeta.js.inimc.com/data/cache/common.js?$s@old@new@
! 重定向语法:$r@匹配内容@替换内容@
! 重定向例子:|http://koolshare.cn$r@http://koolshare.cn/*@http://www.qq.com@
! 注:文本替换语法及重定向语法中的匹配内容不仅支持通配符功能,而且额外支持以下功能
! 支持通配符 * 和 ? 表示单个字符
! 支持全正则匹配,/正则内容/ 表示应用正则匹配
! 正则替换:替换内容支持 $1 $2 这样的符号
! 普通替换:替换内容支持 * 这样的符号,表示把命中的内容复制到替换的内容。(类似 $1 $2但是 * 号会自动计算数字)
! ------------------------------------------------------------------------------------------
! 未来将逐步添加相关语法兼容adblock puls的更多语法敬请期待。
! ******************************************************************************************

7
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/source.list Normal file
View File

@ -0,0 +1,7 @@
0|koolproxy.txt|https://kprule.com/koolproxy.txt|静态规则
0|daily.txt|https://kprule.com/daily.txt|每日规则
0|kp.dat|https://kprule.com/kp.dat|视频规则
0|user.txt||自定义规则
0|easylistchina.txt|https://kprule.com/easylistchina.txt|ABP规则
0|chengfeng.txt|https://kprule.com/chengfeng.txt|乘风规则
0|fanboy.txt|https://kprule.com/fanboy.txt|Fanboy规则

49
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/data/user.txt Normal file
View File

@ -0,0 +1,49 @@
! ******************************* koolproxy 自定义过滤语法简表 *******************************
! ------------------------ 规则基于adblock规则并进行了语法部分的扩展 ------------------------
! ABP规则请参考https://adblockplus.org/zh_CN/filters下面为大致摘要
! "!" 为行注释符,注释行以该符号起始作为一行注释语义,用于规则描述
! "@@" 为白名单符,白名单具有最高优先级,放行过滤的网站,例如:@@||taobao.com
! "@@@@" 超级白名单比白名单符拥有更高的优先级主要用于放行https网站例如:@@@@||https://taobao.com
! ------------------------------------------------------------------------------------------
! "*" 为字符通配符能够匹配0长度或任意长度的字符串该通配符不能与正则语法混用。
! "^" 为分隔符,可以是除了字母、数字或者 _ - . % 之外的任何字符。
! "~" 为排除标识符,通配符能过滤大多数广告,但同时存在误杀, 可以通过排除标识符修正误杀链接。
! 注:通配符仅在 url 规则中支持html 规则中不支持
! ------------------------------------------------------------------------------------------
! "|" 为管线符号,来表示地址的最前端或最末端
! "||" 为子域通配符,方便匹配主域名下的所有子域
! 用法及例子如下:(以下等号表示等价于)
! ||xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad*
! ||http://xx.com/ad = http://xx.com/ad* || http://*.xx.com/ad*
! ||https://xx.com/ad = https://xx.com/ad* || https://*.xx.com/ad*
! |xx.com/ad = http://xx.com/ad*
! |http://xx.com/ad = http://xx.com/ad*
! |https://xx.com/ad = https://xx.com/ad*
! ad = http://*ad*
! http://ad = http://*ad*
! https://ad = 不支持,需要指定域名,如下例
! https://xx.com/ad = |https://xx.com/ad = https://xx.com/ad*
! [同时可以表示两个以及两个以上的域名]如下例子
! https://xx.ad.com 和 https://xxx.xx.ad.com = ||https://ad.com (注意! 由于https的原因使用要非常谨慎,不可以大范围使用)
! ------------------------------------------------------------------------------------------
! 兼容adblock规则的html规则语法例如
! fulldls.com,torrentzap.com##.tp_reccomend_banner
! 但是推荐写成以下标准写法:
! ||fulldls.com##.tp_reccomend_banner
! ||torrentzap.com##.tp_reccomend_banner
! 如果一个网站html规则有多条可以合并为这样
! ||torrentzap.com##.tp_reccomend_banner,.ad_top,[class="ad_right"]......
! ------------------------------------------------------------------------------------------
! 文本替换语法:$s@匹配内容@替换内容@
! 非标准端口过滤语法:||abc.com:8081/ad.html或者|http://adb.com:8081/
! 文本替换例子:|http://cdn.pcbeta.js.inimc.com/data/cache/common.js?$s@old@new@
! 重定向语法:$r@匹配内容@替换内容@
! 重定向例子:|http://koolshare.cn$r@http://koolshare.cn/*@http://www.qq.com@
! 注:文本替换语法及重定向语法中的匹配内容不仅支持通配符功能,而且额外支持以下功能
! 支持通配符 * 和 ? 表示单个字符
! 支持全正则匹配,/正则内容/ 表示应用正则匹配
! 正则替换:替换内容支持 $1 $2 这样的符号
! 普通替换:替换内容支持 * 这样的符号,表示把命中的内容复制到替换的内容。(类似 $1 $2但是 * 号会自动计算数字)
! ------------------------------------------------------------------------------------------
! 未来将逐步添加相关语法兼容adblock puls的更多语法敬请期待。
! ******************************************************************************************

4706
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/dnsmasq.adblock Normal file
View File

File diff suppressed because it is too large Load Diff

572
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/koolproxy_ipset.conf Normal file
View File

@ -0,0 +1,572 @@
#通用广告
ipset=/1000re.com/black_koolproxy
ipset=/168ad.cc/black_koolproxy
ipset=/ad8.cc/black_koolproxy
ipset=/adcash.com/black_koolproxy
ipset=/adexprt.com/black_koolproxy
ipset=/adhai.com/black_koolproxy
ipset=/adjuggler.com/black_koolproxy
ipset=/adkongjian.com/black_koolproxy
ipset=/adm668.com/black_koolproxy
ipset=/admaji.com/black_koolproxy
ipset=/adm-cnzz.net/black_koolproxy
ipset=/admin5.com/black_koolproxy
ipset=/admin5.net/black_koolproxy
ipset=/adnxs.com/black_koolproxy
ipset=/ad-plus.cn/black_koolproxy
ipset=/adpolestar.net/black_koolproxy
ipset=/adpush.cn/black_koolproxy
ipset=/ads360.cn/black_koolproxy
ipset=/ads80.com/black_koolproxy
ipset=/adsage.com/black_koolproxy
ipset=/adsame.com/black_koolproxy
ipset=/adsfactor.net/black_koolproxy
ipset=/adshost2.com/black_koolproxy
ipset=/adszui.com/black_koolproxy
ipset=/adultfriendfinder.com/black_koolproxy
ipset=/adv-first.ru/black_koolproxy
ipset=/adxpansion.com/black_koolproxy
ipset=/adxquare.com/black_koolproxy
ipset=/adyun.com/black_koolproxy
ipset=/allyes.com/black_koolproxy
ipset=/allyes.com.cn/black_koolproxy
ipset=/amazon-adsystem.com/black_koolproxy
ipset=/baifendian.com/black_koolproxy
ipset=/baitaiad.com/black_koolproxy
ipset=/buysellads.com/black_koolproxy
ipset=/buzzads.com/black_koolproxy
ipset=/clkads.com/black_koolproxy
ipset=/admaster.com.cn/black_koolproxy
ipset=/dcads.sina.com.cn/black_koolproxy
ipset=/blogad.com.tw/black_koolproxy
ipset=/comadsage.com/black_koolproxy
ipset=/cyad.cc/black_koolproxy
ipset=/cyad123.com/black_koolproxy
ipset=/d1ad.com/black_koolproxy
ipset=/doubleclick.net/black_koolproxy
ipset=/dwstatic.com/black_koolproxy
ipset=/irs01.com/black_koolproxy
ipset=/irs01.net/black_koolproxy
ipset=/juicyads.com/black_koolproxy
ipset=/madadsmedia.com/black_koolproxy
ipset=/miaozhen.com/black_koolproxy
ipset=/popads.net/black_koolproxy
ipset=/propellerads.com/black_koolproxy
ipset=/scorecardresearch.com/black_koolproxy
ipset=/serving-sys.com/black_koolproxy
ipset=/tenoad.com/black_koolproxy
ipset=/you1ad.com/black_koolproxy
ipset=/jtdcg.com/black_koolproxy
ipset=/51yes.com/black_koolproxy
ipset=/8ox.cn/black_koolproxy
ipset=/criteo.com/black_koolproxy
ipset=/88rpg.net/black_koolproxy
ipset=/3dwwwgame.com/black_koolproxy
#百度广告
ipset=/cbjs.baidu.com/black_koolproxy
ipset=/list.video.baidu.com/black_koolproxy
ipset=/nsclick.baidu.com/black_koolproxy
ipset=/play.baidu.com/black_koolproxy
ipset=/sclick.baidu.com/black_koolproxy
ipset=/tieba.baidu.com/black_koolproxy
ipset=/baidustatic.com/black_koolproxy
ipset=/bdimg.com/black_koolproxy
ipset=/bdstatic.com/black_koolproxy
ipset=/share.baidu.com/black_koolproxy
ipset=/hm.baidu.com/black_koolproxy
#谷歌广告
ipset=/googleadservices.com/black_koolproxy
ipset=/googleadsserving.cn/black_koolproxy
ipset=/googlesyndication.com/black_koolproxy
ipset=/googletagservices.com/black_koolproxy
ipset=/1-ps.googleusercontent.com/black_koolproxy
#视频广告
ipset=/v.baidu.com/black_koolproxy
ipset=/1000fr.net/black_koolproxy
ipset=/56.com/black_koolproxy
ipset=/v-56.com/black_koolproxy
ipset=/acfun.com/black_koolproxy
ipset=/acfun.tv/black_koolproxy
ipset=/baofeng.com/black_koolproxy
ipset=/baofeng.net/black_koolproxy
ipset=/cntv.cn/black_koolproxy
ipset=/hoopchina.com.cn/black_koolproxy
ipset=/funshion.com/black_koolproxy
ipset=/fun.tv/black_koolproxy
ipset=/hitvs.cn/black_koolproxy
ipset=/hljtv.com/black_koolproxy
ipset=/iqiyi.com/black_koolproxy
ipset=/qiyi.com/black_koolproxy
ipset=/tv.sohu.com/black_koolproxy
ipset=/hd.sohu.com/black_koolproxy
ipset=/aty.sohu.com/black_koolproxy
ipset=/vrs.sohu.com/black_koolproxy
ipset=/hd.sohu.com.cn/black_koolproxy
ipset=/agn.aty.sohu.com/black_koolproxy
ipset=/itc.cn/black_koolproxy
ipset=/kankan.com/black_koolproxy
ipset=/ku6.com/black_koolproxy
ipset=/letv.com/black_koolproxy
ipset=/letvcloud.com/black_koolproxy
ipset=/letvimg.com/black_koolproxy
ipset=/pplive.cn/black_koolproxy
ipset=/pps.tv/black_koolproxy
ipset=/ppsimg.com/black_koolproxy
ipset=/pptv.com/black_koolproxy
ipset=/v.qq.com/black_koolproxy
ipset=/l.qq.com/black_koolproxy
ipset=/video.sina.com.cn/black_koolproxy
ipset=/tudou.com/black_koolproxy
ipset=/wasu.cn/black_koolproxy
ipset=/analytics-union.xunlei.com/black_koolproxy
ipset=/kankan.xunlei.com/black_koolproxy
ipset=/youku.com/black_koolproxy
ipset=/hunantv.com/black_koolproxy
#特定网站
ipset=/anywlan.com/black_koolproxy
ipset=/qidian.com/black_koolproxy
ipset=/uuu9.com/black_koolproxy
ipset=/suppig.net/black_koolproxy
ipset=/ali213.net/black_koolproxy
ipset=/cnbeta.com/black_koolproxy
ipset=/mydrivers.com/black_koolproxy
ipset=/tanx.com/black_koolproxy
ipset=/mp4ba.com/black_koolproxy
ipset=/.a.baiy.net/black_koolproxy
ipset=/.a.collective-media.net/black_koolproxy
ipset=/.a.itiexue.net/black_koolproxy
ipset=/.a.kickass.to/black_koolproxy
ipset=/.a.shamla.net/black_koolproxy
ipset=/.a.xlpu.cc/black_koolproxy
ipset=/.aavideo.xyz/black_koolproxy
ipset=/.action.data.cp61.ott.cibntv.net/black_koolproxy
ipset=/.ad-apac.doubleclick.net/black_koolproxy
ipset=/.ad.adfurikun.jp/black_koolproxy
ipset=/.ad.csdn.net/black_koolproxy
ipset=/.ad.doubleclick.net/black_koolproxy
ipset=/.ad.ettoday.net/black_koolproxy
ipset=/.ad.fglighting.net/black_koolproxy
ipset=/.ad.hefei.cc/black_koolproxy
ipset=/.ad.jp.doubleclick.net/black_koolproxy
ipset=/.ad.leadboltads.net/black_koolproxy
ipset=/.ad.leadboltmobile.net/black_koolproxy
ipset=/.ad.qingting.fm/black_koolproxy
ipset=/.ad.yixin.im/black_koolproxy
ipset=/.ad7.tagphi.net/black_koolproxy
ipset=/.adbma.adk2.co/black_koolproxy
ipset=/.adclick.g.doubleclick.net/black_koolproxy
ipset=/.adimg.cqnews.net/black_koolproxy
ipset=/.adimg.daumcdn.net/black_koolproxy
ipset=/.adimgs.xici.net/black_koolproxy
ipset=/.adinf.cp11.ott.cibntv.net/black_koolproxy
ipset=/.adm.zbinfo.net/black_koolproxy
ipset=/.admaster.mobi/black_koolproxy
ipset=/.admgr.qingting.fm/black_koolproxy
ipset=/.admicro1.vcmedia.vn/black_koolproxy
ipset=/.admicro4.vcmedia.vn/black_koolproxy
ipset=/.admicro5.vcmedia.vn/black_koolproxy
ipset=/.admicro6.vcmedia.vn/black_koolproxy
ipset=/.admin.louxia.org/black_koolproxy
ipset=/.adplexmedia.adk2.co/black_koolproxy
ipset=/.ads.csdn.net/black_koolproxy
ipset=/.ads.doublemax.net/black_koolproxy
ipset=/.ads.mp.mydas.mobi/black_koolproxy
ipset=/.ads.mydas.mobi/black_koolproxy
ipset=/.ads.pro-market.net/black_koolproxy
ipset=/.ads.trafficjunky.net/black_koolproxy
ipset=/.ads.wasu.tv/black_koolproxy
ipset=/.ads2.opensubtitles.org/black_koolproxy
ipset=/.adstat.cp11.ott.cibntv.net/black_koolproxy
ipset=/.adsystem.wasu.tv/black_koolproxy
ipset=/.adv.fjtv.net/black_koolproxy
ipset=/.adwasu.wasu.tv/black_koolproxy
ipset=/.ag.nukefans.net/black_koolproxy
ipset=/.agn.aty.cp45.ott.cibntv.net/black_koolproxy
ipset=/.al.za5.net/black_koolproxy
ipset=/.aladdin.genieesspv.jp/black_koolproxy
ipset=/.alog.umeng.co/black_koolproxy
ipset=/.amiok.org/black_koolproxy
ipset=/.ams.51junpin.net/black_koolproxy
ipset=/.analytics.ad.daum.net/black_koolproxy
ipset=/.analytics.ws.126.net/black_koolproxy
ipset=/.android.push.126.net/black_koolproxy
ipset=/.androidsdk.ads.mp.mydas.mobi/black_koolproxy
ipset=/.aos.gw.youmi.net/black_koolproxy
ipset=/.aos.prf.hn/black_koolproxy
ipset=/.aos.wall.youmi.net/black_koolproxy
ipset=/.api.adfurikun.jp/black_koolproxy
ipset=/.api.adtimaserver.vn/black_koolproxy
ipset=/.api.cupid.ptqy.gitv.tv/black_koolproxy
ipset=/.api.dewmobile.net/black_koolproxy
ipset=/.api.oneyuan.nagezan.net/black_koolproxy
ipset=/.apklog.cp11.ott.cibntv.net/black_koolproxy
ipset=/.app-g.39.net/black_koolproxy
ipset=/.app.50bang.org/black_koolproxy
ipset=/.ark.cp21.ott.cibntv.net/black_koolproxy
ipset=/.ark.letv-epg.wasu.tv/black_koolproxy
ipset=/.as.kejet.net/black_koolproxy
ipset=/.asimgs.cp61.ott.cibntv.net/black_koolproxy
ipset=/.au.umeng.co/black_koolproxy
ipset=/.au.youmi.net/black_koolproxy
ipset=/.aw.kejet.net/black_koolproxy
ipset=/.b.baiy.net/black_koolproxy
ipset=/.b.bst.126.net/black_koolproxy
ipset=/.b.yunfanlm.net/black_koolproxy
ipset=/.banner.img.static.youmi.net/black_koolproxy
ipset=/.bdaz.adsfactor.net/black_koolproxy
ipset=/.beacon.krxd.net/black_koolproxy
ipset=/.bid.g.doubleclick.net/black_koolproxy
ipset=/.bigbos.top/black_koolproxy
ipset=/.biz5.sandai.net/black_koolproxy
ipset=/.bkmcgi.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.bksdkconfig.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.brance.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.bshare.optimix.asia/black_koolproxy
ipset=/.bx.optimix.asia/black_koolproxy
ipset=/.c.ad6media.fr/black_koolproxy
ipset=/.c.mnet-ad.net/black_koolproxy
ipset=/.c03.optimix.asia/black_koolproxy
ipset=/.c1.adform.net/black_koolproxy
ipset=/.c1.popads.net/black_koolproxy
ipset=/.c2.97you.net/black_koolproxy
ipset=/.c2.popads.net/black_koolproxy
ipset=/.c5.97you.net/black_koolproxy
ipset=/.cachenotice.cp11.ott.cibntv.net/black_koolproxy
ipset=/.cc.bigbos.top/black_koolproxy
ipset=/.cc.ccg51.win/black_koolproxy
ipset=/.cc.yfi052.pw/black_koolproxy
ipset=/.ccg51.win/black_koolproxy
ipset=/.cdn.adsfactor.net/black_koolproxy
ipset=/.cdn.clicktale.net/black_koolproxy
ipset=/.cdn.innity.net/black_koolproxy
ipset=/.cdn.media.innity.net/black_koolproxy
ipset=/.cdn1.ettoday.net/black_koolproxy
ipset=/.cdn3.e705.net/black_koolproxy
ipset=/.cdnonead-onead.cdn.hinet.net/black_koolproxy
ipset=/.cdnssl.clicktale.net/black_koolproxy
ipset=/.cf.gdatecube.net/black_koolproxy
ipset=/.cfg.adsmogo.mobi/black_koolproxy
ipset=/.cfg.adsmogo.net/black_koolproxy
ipset=/.cfg.adsmogo.org/black_koolproxy
ipset=/.ck.kejet.net/black_koolproxy
ipset=/.clicklog.moviebox.baofeng.net/black_koolproxy
ipset=/.clicktalecdn.sslcs.cdngc.net/black_koolproxy
ipset=/.clk.gentags.net/black_koolproxy
ipset=/.cloud.zyiis.net/black_koolproxy
ipset=/.cm.fastapi.net/black_koolproxy
ipset=/.cm.g.doubleclick.net/black_koolproxy
ipset=/.cm.gtags.net/black_koolproxy
ipset=/.cmarket.kejet.net/black_koolproxy
ipset=/.cms.gtags.net/black_koolproxy
ipset=/.code2.huimee.net/black_koolproxy
ipset=/.config.baofeng.net/black_koolproxy
ipset=/.contextual.media.net/black_koolproxy
ipset=/.corner.houyi.baofeng.net/black_koolproxy
ipset=/.count.game.pps.tv/black_koolproxy
ipset=/.counter.csdn.net/black_koolproxy
ipset=/.cp.3big.net/black_koolproxy
ipset=/.cp.5jjx.net/black_koolproxy
ipset=/.cp.efo.cc/black_koolproxy
ipset=/.cp.jiajv.net/black_koolproxy
ipset=/.cpc.88rpg.net/black_koolproxy
ipset=/.cus.adsmogo.mobi/black_koolproxy
ipset=/.cus.adsmogo.org/black_koolproxy
ipset=/.cvt.mydas.mobi/black_koolproxy
ipset=/.d.39.net/black_koolproxy
ipset=/.d.pixiv.org/black_koolproxy
ipset=/.d.yoyi.tv/black_koolproxy
ipset=/.d1635hfcvs8ero.cloudfront.net/black_koolproxy
ipset=/.d3al52d8cojds7.cloudfront.net/black_koolproxy
ipset=/.d3f.houyi.baofeng.net/black_koolproxy
ipset=/.daima.jiduan.cc/black_koolproxy
ipset=/.daima.kandu.cc/black_koolproxy
ipset=/.dat.gtags.net/black_koolproxy
ipset=/.dc.cp21.ott.cibntv.net/black_koolproxy
ipset=/.dc.csdn.net/black_koolproxy
ipset=/.dc.letv-epg.wasu.tv/black_koolproxy
ipset=/.dc2.csdn.net/black_koolproxy
ipset=/.de.as.cp61.ott.cibntv.net/black_koolproxy
ipset=/.dex.advg.jp/black_koolproxy
ipset=/.display.ad.daum.net/black_koolproxy
ipset=/.dl-vip.pcfaster.baidu.co.th/black_koolproxy
ipset=/.dl.img80.net/black_koolproxy
ipset=/.dl.xyymall.net/black_koolproxy
ipset=/.dload.qd.qingting.fm/black_koolproxy
ipset=/.dm531.dm530.net/black_koolproxy
ipset=/.dm532.dm530.net/black_koolproxy
ipset=/.dmp.kejet.net/black_koolproxy
ipset=/.dmp.tenmax.io/black_koolproxy
ipset=/.dolphin.ftimg.net/black_koolproxy
ipset=/.down.laomaotao.net/black_koolproxy
ipset=/.down.xiazai2.net/black_koolproxy
ipset=/.down.xiazaiyuan.net/black_koolproxy
ipset=/.downloada.dewmobile.net/black_koolproxy
ipset=/.downloadb.dewmobile.net/black_koolproxy
ipset=/.dp3.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.dpvc.39.net/black_koolproxy
ipset=/.dr3k6qonw2kee.cloudfront.net/black_koolproxy
ipset=/.dt.39photo.net/black_koolproxy
ipset=/.dz.njq.net/black_koolproxy
ipset=/.e-vcdn.anthill.vn/black_koolproxy
ipset=/.e.e708.net/black_koolproxy
ipset=/.ee.e701.net/black_koolproxy
ipset=/.ex.puata.info/black_koolproxy
ipset=/.f.e703.net/black_koolproxy
ipset=/.f.e719.net/black_koolproxy
ipset=/.f.novanet.vn/black_koolproxy
ipset=/.f2.e703.net/black_koolproxy
ipset=/.float.sandai.net/black_koolproxy
ipset=/.g.ad8.cc/black_koolproxy
ipset=/.g.doubleclick.net/black_koolproxy
ipset=/.g.fastapi.net/black_koolproxy
ipset=/.g.ousns.net/black_koolproxy
ipset=/.game.pps.tv/black_koolproxy
ipset=/.googleads.g.doubleclick.net/black_koolproxy
ipset=/.guess.union2.50bang.org/black_koolproxy
ipset=/.ha.pro-market.net/black_koolproxy
ipset=/.haitaoad.nosdn.127.net/black_koolproxy
ipset=/.i.9le.net/black_koolproxy
ipset=/.i.adfurikun.jp/black_koolproxy
ipset=/.i.bsshw.net/black_koolproxy
ipset=/.i.jiajv.net/black_koolproxy
ipset=/.i.l.inmobicdn.net/black_koolproxy
ipset=/.icon.51.la/black_koolproxy
ipset=/.id1.anreson.net/black_koolproxy
ipset=/.ii.bsshw.net/black_koolproxy
ipset=/.ima.xcyjzs.net/black_koolproxy
ipset=/.images.cp45.ott.cibntv.net/black_koolproxy
ipset=/.img.88rpg.net/black_koolproxy
ipset=/.img.ads.csdn.net/black_koolproxy
ipset=/.img.users.51.la/black_koolproxy
ipset=/.img1.126.net/black_koolproxy
ipset=/.img1.pszyzxh.org/black_koolproxy
ipset=/.img2.126.net/black_koolproxy
ipset=/.imgcdn.xixiwan.net/black_koolproxy
ipset=/.imp-mdsp.avazutracking.net/black_koolproxy
ipset=/.imp.adsmogo.mobi/black_koolproxy
ipset=/.imp.adsmogo.net/black_koolproxy
ipset=/.ipua.adfurikun.jp/black_koolproxy
ipset=/.irs01.net/black_koolproxy
ipset=/.j.microad.net/black_koolproxy
ipset=/.jgl.microad.net/black_koolproxy
ipset=/.jp.as.cp61.ott.cibntv.net/black_koolproxy
ipset=/.jph.itiexue.net/black_koolproxy
ipset=/.js-1.pchome.net/black_koolproxy
ipset=/.js.a3p4.net/black_koolproxy
ipset=/.js.cyad.cc/black_koolproxy
ipset=/.js.mumayi.net/black_koolproxy
ipset=/.js.revsci.net/black_koolproxy
ipset=/.js.users.51.la/black_koolproxy
ipset=/.js1116.anreson.net/black_koolproxy
ipset=/.js1315.anreson.net/black_koolproxy
ipset=/.js1940.anreson.net/black_koolproxy
ipset=/.js2294.anreson.net/black_koolproxy
ipset=/.js3555.hongtaidichan.net/black_koolproxy
ipset=/.js4476.hongtaidichan.net/black_koolproxy
ipset=/.js4775.hongtaidichan.net/black_koolproxy
ipset=/.js883.anreson.net/black_koolproxy
ipset=/.jsc.dt07.net/black_koolproxy
ipset=/.jssd.kb20.cc/black_koolproxy
ipset=/.jump1.pszyzxh.org/black_koolproxy
ipset=/.jump2.pszyzxh.org/black_koolproxy
ipset=/.kawa11.space/black_koolproxy
ipset=/.keydot.net/black_koolproxy
ipset=/.kti.bigbos.top/black_koolproxy
ipset=/.l.fastapi.net/black_koolproxy
ipset=/.lg.logging.admicro.vn/black_koolproxy
ipset=/.lg1.logging.admicro.vn/black_koolproxy
ipset=/.link.jiduan.cc/black_koolproxy
ipset=/.livep.l.cp81.ott.cibntv.net/black_koolproxy
ipset=/.lives.l.cp81.ott.cibntv.net/black_koolproxy
ipset=/.loading.baofeng5.baofeng.net/black_koolproxy
ipset=/.log.adtimaserver.vn/black_koolproxy
ipset=/.log.houyi.baofeng.net/black_koolproxy
ipset=/.log.tiexue.net/black_koolproxy
ipset=/.logger.qingting.fm/black_koolproxy
ipset=/.logic.cpm.cm.sandai.net/black_koolproxy
ipset=/.m.analytics.126.net/black_koolproxy
ipset=/.m.down.sandai.net/black_koolproxy
ipset=/.m.kejet.net/black_koolproxy
ipset=/.mc.yandex.ru/black_koolproxy
ipset=/.mcc.chinauma.net/black_koolproxy
ipset=/.mcgi.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.media.adtimaserver.vn/black_koolproxy
ipset=/.media.trafficjunky.net/black_koolproxy
ipset=/.mg.dt07.net/black_koolproxy
ipset=/.mid.houyi.baofeng.net/black_koolproxy
ipset=/.mimg.126.net/black_koolproxy
ipset=/.mixer.cupid.ptqy.gitv.tv/black_koolproxy
ipset=/.mlog.search.xiaomi.net/black_koolproxy
ipset=/.mmg.aty.cp45.ott.cibntv.net/black_koolproxy
ipset=/.ms.anreson.net/black_koolproxy
ipset=/.msg.71.am/black_koolproxy
ipset=/.msg.ptqy.gitv.tv/black_koolproxy
ipset=/.msg.video.ptqy.gitv.tv/black_koolproxy
ipset=/.msg2.video.ptqy.gitv.tv/black_koolproxy
ipset=/.msga.71.am/black_koolproxy
ipset=/.msga.ptqy.gitv.tv/black_koolproxy
ipset=/.nclog.mars.baofeng.net/black_koolproxy
ipset=/.news-l.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.news.766ba.net/black_koolproxy
ipset=/.news.push.126.net/black_koolproxy
ipset=/.nl.rcd.ptqy.gitv.tv/black_koolproxy
ipset=/.oc.umeng.co/black_koolproxy
ipset=/.oki.xcyjzs.net/black_koolproxy
ipset=/.okt.xcyjzs.net/black_koolproxy
ipset=/.onlinetips.baofeng5.baofeng.net/black_koolproxy
ipset=/.outer.anquan.org/black_koolproxy
ipset=/.p-l.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.p.rhgw.net/black_koolproxy
ipset=/.panel.adtify.pl/black_koolproxy
ipset=/.parser.houyi.baofeng.net/black_koolproxy
ipset=/.pb.bi.gitv.tv/black_koolproxy
ipset=/.pb.ott.hd.cp45.ott.cibntv.net/black_koolproxy
ipset=/.pclog.suishenyun.net/black_koolproxy
ipset=/.pd7-imp.revsci.net/black_koolproxy
ipset=/.phpad.cqnews.net/black_koolproxy
ipset=/.pic.fastapi.net/black_koolproxy
ipset=/.pix04.revsci.net/black_koolproxy
ipset=/.pre.api.tw06.xlmc.sandai.net/black_koolproxy
ipset=/.ps.eyeota.net/black_koolproxy
ipset=/.pt.trafficjunky.net/black_koolproxy
ipset=/.pubads.g.doubleclick.net/black_koolproxy
ipset=/.push.tv.api.3g.cp31.ott.cibntv.net/black_koolproxy
ipset=/.pvlog.moviebox.baofeng.net/black_koolproxy
ipset=/.px.owneriq.net/black_koolproxy
ipset=/.qiye11.ejunshi.net/black_koolproxy
ipset=/.qosp.msg.71.am/black_koolproxy
ipset=/.qr.cp31.ott.cibntv.net/black_koolproxy
ipset=/.quote.51.la/black_koolproxy
ipset=/.r.l.cp31.ott.cibntv.net/black_koolproxy
ipset=/.r.popin.cc/black_koolproxy
ipset=/.r.youmi.net/black_koolproxy
ipset=/.r1.cp31.ott.cibntv.net/black_koolproxy
ipset=/.resolver.msg.xiaomi.net/black_koolproxy
ipset=/.rlog.popin.cc/black_koolproxy
ipset=/.rtb-asiamax.tenmax.io/black_koolproxy
ipset=/.rtb-p.kejet.net/black_koolproxy
ipset=/.s.5jjx.net/black_koolproxy
ipset=/.s.ato.mx/black_koolproxy
ipset=/.s.de123.net/black_koolproxy
ipset=/.s.druu.cc/black_koolproxy
ipset=/.s.eclick.vn/black_koolproxy
ipset=/.s.effectivemeasure.net/black_koolproxy
ipset=/.s.fastapi.net/black_koolproxy
ipset=/.s.gdatecube.net/black_koolproxy
ipset=/.s.qd.qingting.fm/black_koolproxy
ipset=/.s.youmi.net/black_koolproxy
ipset=/.s0.2mdn.net/black_koolproxy
ipset=/.s03.optimix.asia/black_koolproxy
ipset=/.s1.2mdn.net/black_koolproxy
ipset=/.s4.55.la/black_koolproxy
ipset=/.s5.keydot.net/black_koolproxy
ipset=/.sd.kk3g.net/black_koolproxy
ipset=/.sd.mmfile.net/black_koolproxy
ipset=/.sdk.data.cp61.ott.cibntv.net/black_koolproxy
ipset=/.sdk.m.cp31.ott.cibntv.net/black_koolproxy
ipset=/.sdkconfig.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.securepubads.g.doubleclick.net/black_koolproxy
ipset=/.serve.popads.net/black_koolproxy
ipset=/.servedby.adsfactor.net/black_koolproxy
ipset=/.servicegetbook.net/black_koolproxy
ipset=/.sg-cdn.effectivemeasure.net/black_koolproxy
ipset=/.sh.adingo.jp/black_koolproxy
ipset=/.shzyjbr.wtdtjs.rocks/black_koolproxy
ipset=/.sis.jpush.io/black_koolproxy
ipset=/.sit.gentags.net/black_koolproxy
ipset=/.sjkmio.812920.top/black_koolproxy
ipset=/.snap.snapmobile.asia/black_koolproxy
ipset=/.sp.gmossp-sp.jp/black_koolproxy
ipset=/.spap.adingo.jp.eimg.jp/black_koolproxy
ipset=/.spap.adingo.jp/black_koolproxy
ipset=/.spapi.i-mobile.co.jp/black_koolproxy
ipset=/.spdmg-backend.i-mobile.co.jp/black_koolproxy
ipset=/.spdmg.i-mobile.co.jp/black_koolproxy
ipset=/.ss.subo.me/black_koolproxy
ipset=/.ss2p.uuxs.net/black_koolproxy
ipset=/.ssl-cdn.media.innity.net/black_koolproxy
ipset=/.ssp.tenmax.io/black_koolproxy
ipset=/.stat.cp33.ott.cibntv.net/black_koolproxy
ipset=/.stat.gw.youmi.net/black_koolproxy
ipset=/.stat.pchome.net/black_koolproxy
ipset=/.stat.titan.imgo.tv/black_koolproxy
ipset=/.static.adtimaserver.vn/black_koolproxy
ipset=/.static.anquan.org/black_koolproxy
ipset=/.static.criteo.net/black_koolproxy
ipset=/.static.eclick.vn/black_koolproxy
ipset=/.static.houyi.baofeng.net/black_koolproxy
ipset=/.static.novanet.vn/black_koolproxy
ipset=/.static.snapmobile.asia/black_koolproxy
ipset=/.static.youmi.net/black_koolproxy
ipset=/.stats.g.doubleclick.net/black_koolproxy
ipset=/.store.ptqy.gitv.tv/black_koolproxy
ipset=/.store.tv.api.3g.cp31.ott.cibntv.net/black_koolproxy
ipset=/.super.kdnet.net/black_koolproxy
ipset=/.t-l.play.cp81.ott.cibntv.net/black_koolproxy
ipset=/.t.adcrops.net/black_koolproxy
ipset=/.t.vbxx.net/black_koolproxy
ipset=/.t2.vbxx.net/black_koolproxy
ipset=/.tenmax-static.cacafly.net/black_koolproxy
ipset=/.test.api.xlmc.sandai.net/black_koolproxy
ipset=/.tinydrag.t.cp61.ott.cibntv.net/black_koolproxy
ipset=/.tj.yule8.net/black_koolproxy
ipset=/.tp.sphwq.net/black_koolproxy
ipset=/.track.dmp.youmi.net/black_koolproxy
ipset=/.tw13b093.sandai.net/black_koolproxy
ipset=/.twbill.xyz/black_koolproxy
ipset=/.u.1133.cc/black_koolproxy
ipset=/.ujs.jialiren.net/black_koolproxy
ipset=/.uma.gtags.net/black_koolproxy
ipset=/.union2.50bang.org/black_koolproxy
ipset=/.update.123juzi.net/black_koolproxy
ipset=/.ups.ksmobile.net/black_koolproxy
ipset=/.users.51.la/black_koolproxy
ipset=/.ut.gtags.net/black_koolproxy
ipset=/.util.nphoto.net/black_koolproxy
ipset=/.v.e704.net/black_koolproxy
ipset=/.v.img80.net/black_koolproxy
ipset=/.v.jtxh.net/black_koolproxy
ipset=/.val.atm.cp31.ott.cibntv.net/black_koolproxy
ipset=/.valf.atm.cp31.ott.cibntv.net/black_koolproxy
ipset=/.vip.yoyozz.net/black_koolproxy
ipset=/.vip.yule8.net/black_koolproxy
ipset=/.vipjs.csad.cc/black_koolproxy
ipset=/.vpie.net/black_koolproxy
ipset=/.w.3big.net/black_koolproxy
ipset=/.w.efo.cc/black_koolproxy
ipset=/.w2.3big.net/black_koolproxy
ipset=/.w2.docols.net/black_koolproxy
ipset=/.wazero.online/black_koolproxy
ipset=/.web.51.la/black_koolproxy
ipset=/.web.houyi.baofeng.net/black_koolproxy
ipset=/.web1.51.la/black_koolproxy
ipset=/.web2.51.la/black_koolproxy
ipset=/.wl.houyi.baofeng.net/black_koolproxy
ipset=/.wm.20150.net/black_koolproxy
ipset=/.ws.ksmobile.net/black_koolproxy
ipset=/.ww202.keyyou.net/black_koolproxy
ipset=/.www.51.la/black_koolproxy
ipset=/.www.6604.org/black_koolproxy
ipset=/.www.ads8.cc/black_koolproxy
ipset=/.www.daima123.cc/black_koolproxy
ipset=/.www.i1236.net/black_koolproxy
ipset=/.www.keydot.net/black_koolproxy
ipset=/.www.laomaotao.net/black_koolproxy
ipset=/.www.umeng.co/black_koolproxy
ipset=/.www.yanjiele8.club/black_koolproxy
ipset=/.www.yoyozz.net/black_koolproxy
ipset=/.xs.houyi.baofeng.net/black_koolproxy
ipset=/.y.one.impact-ad.jp/black_koolproxy
ipset=/.yads.c.yimg.jp/black_koolproxy
ipset=/.yads.yahoo.co.jp/black_koolproxy
ipset=/.yiyuan.nagezan.net/black_koolproxy
ipset=/.yoo.yiiyoo.net/black_koolproxy
ipset=/1000fr.net/black_koolproxy
ipset=/acfun.tv/black_koolproxy
ipset=/baofeng.net/black_koolproxy
ipset=/fun.tv/black_koolproxy
ipset=/pps.tv/black_koolproxy

137
package/cnsztl/luci-app-koolproxy/files/usr/share/koolproxy/kpupdate Executable file
View File

@ -0,0 +1,137 @@
#!/bin/sh
# set -x
. /lib/functions.sh
CONFIG=koolproxy
KP_DIR=/usr/share/koolproxy
TMP_DIR=/tmp/koolproxy
LOGFILE="/var/log/koolproxy.log"
config_t_get() {
local index=0
[ -n "$4" ] && index=$4
local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}
limit_log() {
local log=$1
[ ! -f "$log" ] && return
local sc=100
[ -n "$2" ] && sc=$2
local count=$(grep -c "" $log)
if [ $count -gt $sc ];then
let count=count-$sc
sed -i "1,$count d" $log
fi
}
init_env() {
rm -rf "$TMP_DIR"
mkdir -p "$TMP_DIR"
}
restart_koolproxy() {
/etc/init.d/koolproxy restart
}
__compare_file() {
local descript=$1
local localPath=$2
local remoteUrl=$3
echo $(date "+%F %T"): ------------------- $descript更新 ------------------- >>$LOGFILE
local filename=`basename $localPath`
local remotePath="$TMP_DIR/$filename"
wget-ssl -qT5 --no-check-certificate "$remoteUrl" -O "$remotePath"
if [ "$?" == "0" ]; then
if [ -f "$localPath" ]; then
localMD5=`md5sum "$localPath" | awk '{print $1}'`
localNum=`cat "$localPath" | grep -v '^!' | wc -l`
else
localMD5="文件不存在"
localNum="0"
fi
remoteMD5=`md5sum "$remotePath" | awk '{print $1}'`
remoteNum=`cat "$remotePath" | grep -v '^!' | wc -l`
echo $(date "+%F %T"): 本地版本MD5$localMD5 >>$LOGFILE
echo $(date "+%F %T"): 本地版本条数:$localNum >>$LOGFILE
echo >>$LOGFILE
echo $(date "+%F %T"): 在线版本MD5$remoteMD5 >>$LOGFILE
echo $(date "+%F %T"): 在线版本条数:$remoteNum >>$LOGFILE
echo >>$LOGFILE
if [ "$localMD5" != "$remoteMD5" ];then
echo $(date "+%F %T"): 检测到更新,开始更新规则! >>$LOGFILE
mv -f "$remotePath" "$localPath"
echo $(date "+%F %T"): 更新成功! >>$LOGFILE
echo >>$LOGFILE
return 0
fi
else
echo "$(date "+%F %T"): 获取在线版本时出现错误! " >>$LOGFILE
echo >>$LOGFILE
fi
return 1
}
__update_rule() {
local name
local file
local exrule
local enable
config_get name $1 name
config_get file $1 file
config_get exrule $1 url
config_get enable $1 load
if [ -n "$file" ] && [ -n "$exrule" ]; then
if [ $enable -ne 1 ]; then
return
fi
__compare_file "$name" "$KP_DIR/data/rules/$file" "$exrule"
if [ "$?" == "0" ]; then
uci set koolproxy.$1.time="`date +%Y-%m-%d" "%H:%M`"
uci commit koolproxy
RESTART_KOOLPROXY=true
fi
cat $KP_DIR/data/rules/$file >>$KP_DIR/data/rules/user.txt
echo >>$LOGFILE
fi
}
update_rss_rules() {
cp $KP_DIR/data/user.txt $KP_DIR/data/rules/user.txt
config_load $CONFIG
config_foreach __update_rule rss_rule
}
update_adb_host() {
/usr/sbin/adblockplus >>$LOGFILE 2>&1 &
if [ "$?" == "0" ]; then
RESTART_DNSMASQ=true
fi
}
# main process
init_env
limit_log $LOGFILE
# update user rules
update_rss_rules
koolproxy_mode=$(config_t_get global koolproxy_mode 1)
koolproxy_host=$(config_t_get global koolproxy_host 0)
# update ADB Plus Host
if [ "$koolproxy_mode" == "2" ] && [ "$koolproxy_host" == "1" ];then
update_adb_host
fi
if [ $RESTART_KOOLPROXY ]; then
restart_koolproxy
echo $(date "+%F %T"): 重启koolproxy进程 >>$LOGFILE
fi
init_env

194
package/cnsztl/luci-app-koolproxy/koolproxy.txt Normal file
View File

@ -0,0 +1,194 @@
koolproxy插件/固件开发文档1.3
更新日期2017年7月7日koolproxy 3.6.1
================================================================================================
声明:
KoolProxy 是一个免费软件,著作权归属 KoolProxy.com用户可以非商业性地复制和使用 KoolProxy但禁止将 KoolProxy 用于商业用途。
KoolProxy 可以对 https 网络数据进行识别代理,使用 https 功能的用户需要自己提供相关证书,本程序提供的证书生成脚本仅供用户参考,证书的保密工作由用户自行负责。
使用本软件的风险由用户自行承担在适用法律允许的最大范围内对因使用本产品所产生的损害及风险包括但不限于直接或间接的个人损害、商业赢利的丧失、贸易中断、商业信息的丢失或任何其它经济损失KoolProxy.com 不承担任何责任。
================================================================================================
KoolProxy By Xiaobao & Crwnet v3.6.1
USAGE:
koolproxy [options] [arguments...]
OPTIONS:
-p value listen port, default value is 3000
-l value log level (0:DEBUG, 1:INFO, 2:AD, 3:WARNING, 4:ERROR), default value is ERROR
-c value thread count, default value is the number of cpus
-b value data path, default value is './data'
-d run as daemon mode
-v show version
-h show help
ADVANCED:
--cert generate ssl cert
--ipv6 enable ipv6, works for ipv6 nat mode
--video | -e video mode, load video rules only
--mark mark mode, set the socket mark(src ip) when connect to remote host. requires the CAP_NET_ADMIN capability
--ttl value ttl mode, set the socket ttl when connect to remote host. default value is 0 (disable)
================================================================================================
交流地址:
1 QQ群1 595300867
2 QQ群2 203726739
3 TG群 https://t.me/joinchat/AAAAAD-tO7GPvfOU131_vg
4 更新日志http://koolshare.cn/thread-64086-1-1.html
================================================================================================
#koolproxy部署文件目录参考1使用openssl生成证书
.
├── data
│   ├── gen_ca.sh #证书生成脚本
│   ├── koolproxy_ipset.conf #ipset名单
│   ├── openssl.cnf #证书生成所用配置文件
│   ├── rules #规则存放文件夹
│   │   ├── kp.dat #视频规则
│   │   ├── koolproxy.txt #静态规则
│   │   ├── daily.txt #每日规则
│   │   └── user.txt #自定义规则
│   └── version #插件版本号(merlin)
└── koolproxy #koolproxy二进制(为了保证二进制顺利更新,请保证目录可写)
1 证书生成使用命令 sh gen_ca.sh该脚本会调用系统内的openssl来生成证书运行成功后会自动创建data/private data/cert目录
私钥和公钥会分别存在data/private data/cert目录下使用http://110.110.110.110会下载路由器内的证书
------------------------------------------------------------------------------------------------
#koolproxy部署文件目录参考2使用koolproxy生成证书
.
└── koolproxy #koolproxy二进制(为了保证二进制顺利更新,请保证目录可写)
1 因为规则文件会由koolproxy自动下载,下载后会自动创建data/rules目录
2 使用koolproxy --cert命令可以生成证书运行成功后会自动创建data/private data/cert目录
私钥和公钥会分别存在data/private data/cert目录下使用http://110.110.110.110会下载路由器内的证书
因为mbedtls性能原因在非软路由机器上用koolproxy --cert生成证书需要时间较长请耐心等待
================================================================================================
说明:
1 koolproxy启动会自动检测规则更新如果没有./data/rules文件夹会自己创建并下载规则到此处
2 koolproxy启动后会检测二进制文件更新如果有更新会替换./koolproxy并且由父进程重启koolproxy以后每20分钟检测一次更新
3 现在不支持规则订阅了只能识别kp.dat, koolproxy.txt, user.txt,daily.txt需要自定义规则的可以修改user.txt
# 二进制下载固定地址
https://koolproxy.com/downloads/i386
https://koolproxy.com/downloads/x86_64
https://koolproxy.com/downloads/arm
https://koolproxy.com/downloads/mips
https://koolproxy.com/downloads/mipsel
# 规则下载固定地址
https://kprule.com/koolproxy.txt
https://kprule.com/daily.txt
https://kprule.com/kp.dat
https://kprule.com/user.txt
# 规则下载对应的CDN地址
https://kprules.b0.upaiyun.com/koolproxy.txt
https://kprules.b0.upaiyun.com/daily.txt
https://kprules.b0.upaiyun.com/kp.dat
https://kprules.b0.upaiyun.com/user.txt
# 二进制文件和规则 github备份地址
二进制https://github.com/koolproxy/koolproxy-bin (已作废)
规则https://github.com/koolproxy/koolproxy_rules (已作废)
1 建议从上面的链接获取最新的二进制和基本的规则文件,然后按照上面的目录结构来部署
2 如果不需要https过滤只需要一个koolproxy程序就足够了data文件夹和rules文件夹都会自己创建。
3 koolproxy.txt内有视频规则、静态规则、每日规则的更新日期可以用于提取并显示到界面
================================================================================================
koolproxy运行
1 在koolproxy主程序目录运行例如merlin固件下运行cd /koolshare/koolproxy && koolproxy -d
2 不在koolproxy主程序目录运行例如将koolproxy放在环境变量中例如merlin固件下运行koolproxy -b /koolshare/koolproxy -d -b为data路径
其它运行方式可能会造成koolproxy识别不到data目录而无法加载规则
koolproxy运行后默认会使用端口3000作为透明代理端口需要利用iptables将数据导到端口3000才能发挥作用。
视频模式:
1 使用命令koolproxy -e 即可开启
2 开启后只会加载视频规则kp.dat和user.txt
调试模式:
1 使用命令koolproxy -l0 即可开启l后面的数字代表不同的日志详细程度
2 需要检查规则命中行数可以需要使用-l2
ttl功能
1 使用命令koolproxy --ttl 160 即可开启ttl功能后面的数值代表ttl大小
2 ttl功能开启后koolproxy会对经过它的所有数据ttl进行调整可以利用iptables的match ttl功能数据进行匹配
mark功能
1 使用命令koolproxy --mark 即可开启mark功能
2 mark功能开启后koolproxy会对经过它的所有数据打上标记mark值等于该数据的源ip转换为十六进制的值
3 例如局域网内192.168.1.100的数据将会被打上0xc0a80164的mark192 = c0, 168 = a8, 1 = 01, 100 = 64
4 开发者可以用此功和SS配合达到既科学上网又能过滤这些科学上网的流量还不影响科学上网访问控制的功能
5 ip转换为mark值参考命令echo 192.168.1.100 | awk -F "." '{printf ("0x%02x", $1)} {printf ("%02x", $2)} {printf ("%02x", $3)} {printf ("%02x\n", $4)}'
================================================================================================
ss + kp过滤方案2017年7月7日
方案1优先SS其次KP不推荐
1 在NAT PREROUTING链内SS在前KP在后流量将先走SS经过SS分流后国外流量走ss-redir实现翻墙
2 而剩下国内流量在PREROUTING链内继续往下匹配到koolrpxy规则流量最终走koolproxy实现过滤。
结果koolproxy只能过滤国内流量SS剩下的
方案2优先KP其次SS不推荐;
1 在NAT PREROUTING链内KP在前SS在后流量将先走KP实现过滤
2 为了SS能拿到KP过滤后的数据使用match ttl匹配在OUTPUT链内将流量全部给SS实现翻墙
结果因为在OUTPUT链内没有源ip信息流量给SS后无法匹配到源ip因此SS失去了acl访问控制功能。
方案3 (优先kp其次SS推荐)
为便于理解以下iptables配置只展示流量经过顺序不是iptables的创建顺序PREROUTING内规则的创建实际上应该在最后
0 koolproxy默认开启ttl和mark功能 KoolProxy --ttl 160 --mark -d固件不支持ttl的仅开启mark也行: KoolProxy --mark -d
1 在NAT PREROUTING链内KP在前SS在后KP开启--mark流量将先走KP80,443实现过滤过滤后每个主机会被打上不同的mark
#KP在前所有tcp流量全部交给KOOLPROXY链
-A PREROUTING -p tcp -j KOOLPROXY
#SS在后在kp开启的时候只能拿到非80,443的流量在kp关闭后可以拿到所有端口的流量
-A PREROUTING -p tcp -j SHADOWSOCKS
2 例如局域网内192.168.1.100主机的数据经过kp过滤后将会被打上0xc0a80164的mark192 = c0, 168 = a8, 1 = 01, 100 = 64
#创建KOOLPROXY链用于白名单和访问控制
-N KOOLPROXY
#创建KOOLPROXY_HTTP链用于过滤http流量
-N KOOLPROXY_HTTP
#创建KOOLPROXY_HTTPS链用于过滤https流量
-N KOOLPROXY_HTTPS
#局域网和保留地址不走kp
-A KOOLPROXY -m set --match-set white_kp_list dst -j RETURN
#主机192.168.1.100需要https过滤
-A KOOLPROXY -s 192.168.1.100/32 -p tcp -g KOOLPROXY_HTTPS
#其它主机过滤http流量
-A KOOLPROXY -p tcp -j KOOLPROXY_HTTP
3 为了SS能拿到数据在NAT OUTPUT链中使用match ttl匹配在OUTPUT链内将流量全部给SHADOWSOCKS_EXT链
#创建SHADOWSOCKS_EXT链用于开启kp情况下ss的访问控制实现
-N SHADOWSOCKS_EXT
#使用ttl匹配将KP过滤后的数据转到SHADOWSOCKS_EXT链如果固件不支持ttl匹配使用下面的命令
-A OUTPUT -p tcp -m ttl --ttl-eq 160 -j SHADOWSOCKS_EXT
#如果固件不支持ttl match可以用mark匹配ip地址的前三位用0xffffff00作为掩码的形式来将KP过滤后的数据转到SHADOWSOCKS_EXT链
# echo 192.168.1 | awk -F "." '{printf ("0x%02x", $1)} {printf ("%02x", $2)} {printf ("%02x", $3)} {printf ("00/0xffffff00\n")}' = 0xc0a80100/0xffffff00
-A OUTPUT -p tcp -m mark --mark 0xc0a80100/0xffffff00 -j SHADOWSOCKS_EXT
4 如果开启了acl比如需要192.168.1.75不走SS全端口192.168.1.246走gfwlist模式80,443端口192.168.1.214走大陆白名单模式22,80,443端口剩余主机全部走大陆白名单模式全端口
#主机192.168.1.750xc0a8014b流量经过KP过滤后并打上mark后通过OUTPUT链进入SHADOWSOCKS_EXT链而未能翻墙RETURN
-A SHADOWSOCKS_EXT -p tcp -m mark --mark 0xc0a8014b -j RETURN
#主机192.168.1.2460xc0a801f6流量经过KP过滤后并打上mark后通过OUTPUT链进入SHADOWSOCKS_EXT链在此流量被导向了SHADOWSOCKS_GFW链实现gfwlist模式翻墙80,443端口
-A SHADOWSOCKS_EXT -p tcp -m multiport --dports 80,443 -m mark --mark 0xc0a801f6 -g SHADOWSOCKS_GFW
#主机192.168.1.2140xc0a801f6流量经过KP过滤后并打上mark后通过OUTPUT链进入SHADOWSOCKS_EXT链在此流量被导向了SHADOWSOCKS_CHN链实现大陆白名单模式翻墙22,80,443端口
-A SHADOWSOCKS_EXT -p tcp -m multiport --dports 22,,80,443 -m mark --mark 0xc0a801d6 -g SHADOWSOCKS_CHN
#剩余的主机流量经过KP过滤后并打上mark后通过OUTPUT链进入SHADOWSOCKS_EXT链在此流量被导向了SHADOWSOCKS_CHN链实现大陆白名单模式翻墙全端口
-A SHADOWSOCKS_EXT -p tcp -j SHADOWSOCKS_CHN
情形:
1 当SS开启kp未开启所有流量走ss PREROUTING过经过分流后国内的流量在经过OUTPUT的时候因为KP没开数据不会匹配到ttl值或者没匹配到mark值所以不会过滤广告翻墙正常
2 当KP开启SS未开启所有流量走kp PREROUTING过广告过滤正常
3 当SS开启翻墙和acl工作正常的时候开启KPKP在PREROUTING内插入到SS前面会先得到流量广告过滤正常
4 当KP开启过滤广告正常的时候开启SSSS从原来的从PREROUTING拿流量变成从OUTPUT内拿流量翻墙和acl会同样正常
5 当KP和SS都开启此时关闭SSkp过滤广告正常
6 当KP和SS都开启此时关闭KPss翻墙和acl正常
总结:
使用 ttl + mark 或者纯mark的方式可以实现原先很难实现的过滤经过SS流量的广告
主要的改动在于给SS预置好OUTPUT和SHADOWSOCKS_EXT规则链当kp启用时它们就会工作kp关闭时不会影响正常数据
次要的改动就是给koolproxy默认开启ttl + mark或者纯mark功能
================================================================================================

14
package/cnsztl/luci-app-koolproxy/koolproxyupdate.sh Executable file
View File

@ -0,0 +1,14 @@
#wget 'https://kprule.com/kp.dat' -O files/usr/share/koolproxy/data/rules/kp.dat
#wget 'https://kprule.com/koolproxy.txt' -O files/usr/share/koolproxy/data/rules/koolproxy.txt
#wget 'https://kprule.com/daily.txt' -O files/usr/share/koolproxy/data/rules/daily.txt
#wget 'https://kprule.com/user.txt' -O files/usr/share/koolproxy/data/user.txt
#wget 'https://koolproxy.com/downloads/arm' -O files/bin/arm
#wget 'https://koolproxy.com/downloads/i386' -O files/bin/i386
#wget 'https://koolproxy.com/downloads/mips' -O files/bin/mips
#wget 'https://koolproxy.com/downloads/mipsel' -O files/bin/mipsel
#wget 'https://koolproxy.com/downloads/x86_64' -O files/bin/x86_64
#chmod +x files/bin/*
wget https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt -O- | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > files/usr/share/koolproxy/dnsmasq.adblock
sed -i '/youku/d' files/usr/share/koolproxy/dnsmasq.adblock
sed -i '/[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}\.[1-9]\{1,3\}/d' files/usr/share/koolproxy/dnsmasq.adblock