#!/bin/sh /etc/rc.common # Copyright (C) 2006-2011 OpenWrt.org USE_PROCD=1 # start betfore firewall - we need ipset populated START=18 # +++ REVIEW CONFIG HERE +++ # CHOOSE OPERATION MODE # leave only one MODE= uncommented # using nfqws with ipset #MODE=nfqws_ipset #MODE=nfqws_ipset_https # using nfqws for all #MODE=nfqws_all #MODE=nfqws_all_https # CHOOSE NFQWS DAEMON OPTIONS. run "nfq/nfqws --help" for option list NFQWS_OPT="--wsize=3 --hostspell=HOST" # using tpws with ipset #MODE=tpws_ipset MODE=tpws_ipset_https # using tpws for all #MODE=tpws_all #MODE=tpws_all_https # using tpws with hostlist #MODE=tpws_hostlist # CHOOSE TPWS DAEMON OPTIONS. run "tpws/tpws --help" for option list TPWS_OPT_HTTP="--hostspell=HOST --split-http-req=method" TPWS_OPT_HTTPS="--split-pos=3" # only fill ipset, do not run daemons #MODE=ipset # Custom mode # Find out what works for you and modify "# PLACEHOLDER" parts of this script #MODE=custom # --- REVIEW CONFIG HERE --- # !!!!! in openwrt you need to add firewall rules manually to /etc/firewall.user PIDDIR=/var/run ZAPRET_BASE=/opt/zapret IPSET_CR=$ZAPRET_BASE/ipset/create_ipset.sh QNUM=200 NFQWS=$ZAPRET_BASE/nfq/nfqws NFQWS_OPT_BASE="--qnum=$QNUM" TPPORT_HTTP=1188 TPPORT_HTTPS=1189 TPWS=$ZAPRET_BASE/tpws/tpws TPWS_USER=daemon TPWS_HOSTLIST=$ZAPRET_BASE/ipset/zapret-hosts.txt TPWS_OPT_BASE="--user=$TPWS_USER --bind-addr=127.0.0.1" TPWS_OPT_BASE_HTTP="--port=$TPPORT_HTTP $TPWS_OPT_BASE" TPWS_OPT_BASE_HTTPS="--port=$TPPORT_HTTPS $TPWS_OPT_BASE" run_daemon() { # $1 - daemon string id or number. can use 1,2,3,... # $2 - daemon # $3 - daemon args # use $PIDDIR/$DAEMONBASE$1.pid as pidfile local DAEMONBASE=$(basename $2) echo "Starting daemon $1: $2 $3" procd_open_instance procd_set_param command $2 $3 procd_set_param pidfile $PIDDIR/$DAEMONBASE$1.pid procd_close_instance } create_ipset() { echo "Creating ipset" ($IPSET_CR) } start_service() { case "${MODE}" in tpws_hostlist) run_daemon 1 $TPWS "$TPWS_OPT_BASE_HTTP $TPWS_OPT_HTTP --hostlist=$TPWS_HOSTLIST" ;; tpws_ipset|tpws_all) create_ipset run_daemon 1 $TPWS "$TPWS_OPT_BASE_HTTP $TPWS_OPT_HTTP" ;; tpws_ipset_https|tpws_all_https) create_ipset run_daemon 1 $TPWS "$TPWS_OPT_BASE_HTTP $TPWS_OPT_HTTP" run_daemon 2 $TPWS "$TPWS_OPT_BASE_HTTPS $TPWS_OPT_HTTPS" ;; nfqws_ipset|nfqws_ipset_https) create_ipset run_daemon 1 $NFQWS "$NFQWS_OPT_BASE $NFQWS_OPT" ;; nfqws_all|nfqws_all_https) run_daemon 1 $NFQWS "$NFQWS_OPT_BASE $NFQWS_OPT" ;; ipset) create_ipset ;; custom) # PLACEHOLDER echo !!! NEED ATTENTION !!! echo Start daemon\(s\) echo Study how other sections work ;; esac }