yanistye/podkop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

chore: shfmt formatting

Browse Source
This commit is contained in:
Andrey Petelin
2025-09-11 16:40:06 +05:00
parent 074c1a9349
commit a7f6a993ac
1 changed files with 261 additions and 259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
podkop/files/usr/bin/podkop
View File

@@ -116,8 +116,8 @@ stop_main() {
if [ -f /var/run/podkop_list_update.pid ]; then
pid=$(cat /var/run/podkop_list_update.pid)
if kill -0 "$pid" 2>/dev/null; then
kill "$pid" 2>/dev/null
if kill -0 "$pid" 2> /dev/null; then
kill "$pid" 2> /dev/null
log "Stopped list_update"
fi
rm -f /var/run/podkop_list_update.pid
@@ -128,7 +128,7 @@ stop_main() {
rm -f "$TMP_RULESET_FOLDER"/*
log "Flush nft"
if nft list table inet "$NFT_TABLE_NAME" >/dev/null 2>&1; then
if nft list table inet "$NFT_TABLE_NAME" > /dev/null 2>&1; then
nft delete table inet "$NFT_TABLE_NAME"
fi
@@ -138,7 +138,7 @@ stop_main() {
fi
log "Flush ip route"
if ip route list table podkop >/dev/null 2>&1; then
if ip route list table podkop > /dev/null 2>&1; then
ip route flush table podkop
fi
@@ -268,7 +268,7 @@ process_validate_service() {
}
br_netfilter_disable() {
if lsmod | grep -q br_netfilter && [ "$(sysctl -n net.bridge.bridge-nf-call-iptables 2>/dev/null)" = "1" ]; then
if lsmod | grep -q br_netfilter && [ "$(sysctl -n net.bridge.bridge-nf-call-iptables 2> /dev/null)" = "1" ]; then
log "br_netfilter enabled detected. Disabling"
sysctl -w net.bridge.bridge-nf-call-iptables=0
sysctl -w net.bridge.bridge-nf-call-ip6tables=0
@@ -280,7 +280,7 @@ br_netfilter_disable() {
route_table_rule_mark() {
local table=podkop
grep -q "105 $table" /etc/iproute2/rt_tables || echo "105 $table" >>/etc/iproute2/rt_tables
grep -q "105 $table" /etc/iproute2/rt_tables || echo "105 $table" >> /etc/iproute2/rt_tables
if ! ip route list table $table | grep -q "local default dev lo scope host"; then
log "Added route for tproxy"
@@ -468,8 +468,8 @@ add_cron_job() {
;;
esac
if [ "$community_lists_enabled" -eq 1 ] || \
[ "$remote_domain_lists_enabled" -eq 1 ] || \
if [ "$community_lists_enabled" -eq 1 ] ||
[ "$remote_domain_lists_enabled" -eq 1 ] ||
[ "$remote_subnet_lists_enabled" -eq 1 ]; then
remove_cron_job
crontab -l | {
@@ -491,7 +491,7 @@ list_update() {
local i
for i in $(seq 1 60); do
if nslookup -timeout=1 openwrt.org >/dev/null 2>&1; then
if nslookup -timeout=1 openwrt.org > /dev/null 2>&1; then
echolog "✅ DNS check passed"
break
fi
@@ -507,12 +507,12 @@ list_update() {
for i in $(seq 1 60); do
config_get_bool detour "main" "detour" "0"
if [ "$detour" -eq 1 ]; then
if http_proxy="http://127.0.0.1:4534" https_proxy="http://127.0.0.1:4534" curl -s -m 3 https://github.com >/dev/null; then
if http_proxy="http://127.0.0.1:4534" https_proxy="http://127.0.0.1:4534" curl -s -m 3 https://github.com > /dev/null; then
echolog "✅ GitHub connection check passed (via proxy)"
break
fi
else
if curl -s -m 3 https://github.com >/dev/null; then
if curl -s -m 3 https://github.com > /dev/null; then
echolog "✅ GitHub connection check passed"
break
fi
@@ -542,7 +542,7 @@ list_update() {
find_working_resolver() {
for resolver in $DNS_RESOLVERS; do
if nslookup -timeout=2 $FAKEIP_TEST_DOMAIN $resolver >/dev/null 2>&1; then
if nslookup -timeout=2 $FAKEIP_TEST_DOMAIN $resolver > /dev/null 2>&1; then
echo "$resolver"
return 0
fi
@@ -1004,10 +1004,12 @@ configure_local_domain_or_subnet_lists() {
domains)
config_list_foreach "$section" "local_domain_lists" import_local_domain_or_subnet_list "$type" \
"$section" "$ruleset_filepath"
_add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag" ;;
_add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag"
;;
subnets)
config_list_foreach "$section" "local_subnet_lists" import_local_domain_or_subnet_list "$type" \
"$section" "$ruleset_filepath";;
"$section" "$ruleset_filepath"
;;
*) log "Unsupported local rule set type: $type" "warn" ;;
esac
}
@@ -1050,7 +1052,7 @@ configure_remote_domain_or_subnet_list_handler() {
local file_extension
file_extension=$(url_get_file_extension "$url")
case "$file_extension" in
json|srs)
json | srs)
log "Detected file extension: '$file_extension' → proceeding with processing" "debug"
local basename ruleset_tag format detour update_interval
basename=$(url_get_basename "$url")
@@ -1138,7 +1140,7 @@ sing_box_save_config() {
log "Save sing-box temporary config to $temp_file_path" "debug"
sing_box_cm_save_config_to_file "$config" "$temp_file_path"
current_config_hash=$(md5sum "$sing_box_config_path" 2>/dev/null | awk '{print $1}')
current_config_hash=$(md5sum "$sing_box_config_path" 2> /dev/null | awk '{print $1}')
temp_config_hash=$(md5sum "$temp_file_path" | awk '{print $1}')
log "Current sing-box config hash: $current_config_hash" "debug"
log "Temporary sing-box config hash: $temp_config_hash" "debug"
@@ -1154,7 +1156,7 @@ sing_box_save_config() {
sing_box_config_check() {
local sing_box_config_path
config_get sing_box_config_path "main" "config_path"
if ! sing-box -c "$sing_box_config_path" check >/dev/null 2>&1; then
if ! sing-box -c "$sing_box_config_path" check > /dev/null 2>&1; then
log "Sing-box configuration is invalid" "fatal"
exit 1
fi
@@ -1247,7 +1249,7 @@ import_domains_from_remote_domain_list_handler() {
local file_extension
file_extension=$(url_get_file_extension "$url")
case "$file_extension" in
json|srs)
json | srs)
log "Detected file extension: '$file_extension' → no update needed, sing-box manages updates" "debug"
;;
*)
@@ -1320,7 +1322,7 @@ import_domains_or_subnets_from_remote_file() {
ruleset_filepath="$TMP_RULESET_FOLDER/$ruleset_filename"
json_array="$(comma_string_to_json_array "$items")"
case "$type" in
domains) sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "domain_suffix" "$json_array";;
domains) sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "domain_suffix" "$json_array" ;;
subnets)
sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "ip_cidr" "$json_array"
nft_add_set_elements "$NFT_TABLE_NAME" "$NFT_COMMON_SET_NAME" "$items"
@@ -1418,12 +1420,12 @@ section_has_enabled_lists() {
config_get_bool local_subnet_lists_enabled "$section" "local_subnet_lists_enabled" 0
config_get_bool remote_subnet_lists_enabled "$section" "remote_subnet_lists_enabled" 0
if [ "$community_lists_enabled" -ne 0 ] || \
[ "$user_domain_list_type" != "disabled" ] || \
[ "$local_domain_lists_enabled" -ne 0 ] || \
[ "$remote_domain_lists_enabled" -ne 0 ] || \
[ "$user_subnet_list_type" != "disabled" ] || \
[ "$local_subnet_lists_enabled" -ne 0 ] || \
if [ "$community_lists_enabled" -ne 0 ] ||
[ "$user_domain_list_type" != "disabled" ] ||
[ "$local_domain_lists_enabled" -ne 0 ] ||
[ "$remote_domain_lists_enabled" -ne 0 ] ||
[ "$user_subnet_list_type" != "disabled" ] ||
[ "$local_subnet_lists_enabled" -ne 0 ] ||
[ "$remote_subnet_lists_enabled" -ne 0 ]; then
return 0
else
@@ -1446,7 +1448,7 @@ check_proxy() {
local sing_box_config_path
config_get sing_box_config_path "main" "config_path"
if ! command -v sing-box >/dev/null 2>&1; then
if ! command -v sing-box > /dev/null 2>&1; then
nolog "sing-box is not installed"
return 1
fi
@@ -1458,7 +1460,7 @@ check_proxy() {
nolog "Checking sing-box configuration..."
if ! sing-box -c "$sing_box_config_path" check >/dev/null; then
if ! sing-box -c "$sing_box_config_path" check > /dev/null; then
nolog "Invalid configuration"
return 1
fi
@@ -1490,9 +1492,8 @@ check_proxy() {
nolog "Checking proxy connection..."
for attempt in `seq 1 5`; do
response=$(sing-box tools fetch ifconfig.me -D /etc/sing-box 2>/dev/null)
for attempt in $(seq 1 5); do
response=$(sing-box tools fetch ifconfig.me -D /etc/sing-box 2> /dev/null)
if echo "$response" | grep -q "^<html\|403 Forbidden"; then
continue
fi
@@ -1518,7 +1519,7 @@ check_proxy() {
}
check_nft() {
if ! command -v nft >/dev/null 2>&1; then
if ! command -v nft > /dev/null 2>&1; then
nolog "nft is not installed"
return 1
fi
@@ -1526,7 +1527,7 @@ check_nft() {
nolog "Checking $NFT_TABLE_NAME rules..."
# Check if table exists
if ! nft list table inet "$NFT_TABLE_NAME" >/dev/null 2>&1; then
if ! nft list table inet "$NFT_TABLE_NAME" > /dev/null 2>&1; then
nolog "❌ $NFT_TABLE_NAME not found"
return 1
fi
@@ -1561,9 +1562,9 @@ check_nft() {
nolog "Sets statistics:"
for set_name in $sets; do
if nft list set inet "$NFT_TABLE_NAME" $set_name >/dev/null 2>&1; then
if nft list set inet "$NFT_TABLE_NAME" $set_name > /dev/null 2>&1; then
# Count elements using grep to count commas and add 1 (last element has no comma)
local count=$(nft list set inet "$NFT_TABLE_NAME" $set_name 2>/dev/null | grep -o ',\|{' | wc -l)
local count=$(nft list set inet "$NFT_TABLE_NAME" $set_name 2> /dev/null | grep -o ',\|{' | wc -l)
echo "- $set_name: $count elements"
fi
done
@@ -1635,7 +1636,7 @@ check_dnsmasq() {
check_sing_box_connections() {
nolog "Checking sing-box connections..."
if ! command -v netstat >/dev/null 2>&1; then
if ! command -v netstat > /dev/null 2>&1; then
nolog "netstat is not installed"
return 1
fi
@@ -1666,7 +1667,7 @@ check_sing_box_logs() {
check_logs() {
nolog "Showing podkop logs from system journal..."
if ! command -v logread >/dev/null 2>&1; then
if ! command -v logread > /dev/null 2>&1; then
nolog "Error: logread command not found"
return 1
fi
@@ -1783,13 +1784,13 @@ get_sing_box_status() {
fi
# Check if service is running
if pgrep -f "sing-box" >/dev/null; then
if pgrep -f "sing-box" > /dev/null; then
running=1
version=$(sing-box version | head -n 1 | awk '{print $3}')
fi
# Check DNS configuration
local dns_server=$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)
local dns_server=$(uci get dhcp.@dnsmasq[0].server 2> /dev/null)
if [ "$dns_server" = "127.0.0.42" ]; then
dns_configured=1
fi
@@ -1828,8 +1829,8 @@ get_status() {
}
check_dns_available() {
local dns_type=$(uci get podkop.main.dns_type 2>/dev/null)
local dns_server=$(uci get podkop.main.dns_server 2>/dev/null)
local dns_type=$(uci get podkop.main.dns_type 2> /dev/null)
local dns_server=$(uci get podkop.main.dns_server 2> /dev/null)
local is_available=0
local status="unavailable"
local local_dns_working=0
@@ -1847,37 +1848,37 @@ check_dns_available() {
if [ "$dns_type" = "doh" ]; then
# Generate random DNS query ID (2 bytes)
local random_id=$(head -c2 /dev/urandom | hexdump -ve '1/1 "%.2x"' 2>/dev/null)
local random_id=$(head -c2 /dev/urandom | hexdump -ve '1/1 "%.2x"' 2> /dev/null)
if [ $? -ne 0 ]; then
error_message="Failed to generate random ID"
status="internal error"
else
# Create DNS wire format query for google.com A record with random ID
local dns_query=$(printf "\x${random_id:0:2}\x${random_id:2:2}\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www\x06google\x03com\x00\x00\x01\x00\x01" | base64 2>/dev/null)
local dns_query=$(printf "\x${random_id:0:2}\x${random_id:2:2}\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www\x06google\x03com\x00\x00\x01\x00\x01" | base64 2> /dev/null)
if [ $? -ne 0 ]; then
error_message="Failed to generate DNS query"
status="internal error"
else
# Try POST method first (RFC 8484 compliant) with shorter timeout
local result=$(echo "$dns_query" | base64 -d 2>/dev/null | curl -H "Content-Type: application/dns-message" \
local result=$(echo "$dns_query" | base64 -d 2> /dev/null | curl -H "Content-Type: application/dns-message" \
-H "Accept: application/dns-message" \
--data-binary @- \
--max-time 2 \
--connect-timeout 1 \
-s \
"https://$dns_server/dns-query" 2>/dev/null)
"https://$dns_server/dns-query" 2> /dev/null)
if [ $? -eq 0 ] && [ -n "$result" ]; then
is_available=1
status="available"
else
# Try GET method as fallback with shorter timeout
local dns_query_no_padding=$(echo "$dns_query" | tr -d '=' 2>/dev/null)
local dns_query_no_padding=$(echo "$dns_query" | tr -d '=' 2> /dev/null)
result=$(curl -H "accept: application/dns-message" \
--max-time 2 \
--connect-timeout 1 \
-s \
"https://$dns_server/dns-query?dns=$dns_query_no_padding" 2>/dev/null)
"https://$dns_server/dns-query?dns=$dns_query_no_padding" 2> /dev/null)
if [ $? -eq 0 ] && [ -n "$result" ]; then
is_available=1
@@ -1889,24 +1890,25 @@ check_dns_available() {
fi
fi
elif [ "$dns_type" = "dot" ]; then
(nc "$dns_server" 853 </dev/null >/dev/null 2>&1) & pid=$!
(nc "$dns_server" 853 < /dev/null > /dev/null 2>&1) &
pid=$!
sleep 2
if kill -0 $pid 2>/dev/null; then
kill $pid 2>/dev/null
wait $pid 2>/dev/null
if kill -0 $pid 2> /dev/null; then
kill $pid 2> /dev/null
wait $pid 2> /dev/null
else
is_available=1
status="available"
fi
elif [ "$dns_type" = "udp" ]; then
if nslookup -timeout=2 itdog.info $dns_server >/dev/null 2>&1; then
if nslookup -timeout=2 itdog.info $dns_server > /dev/null 2>&1; then
is_available=1
status="available"
fi
fi
# Check if local DNS resolver is working
if nslookup -timeout=2 $FAKEIP_TEST_DOMAIN 127.0.0.1 >/dev/null 2>&1; then
if nslookup -timeout=2 $FAKEIP_TEST_DOMAIN 127.0.0.1 > /dev/null 2>&1; then
local_dns_working=1
local_dns_status="available"
fi
@@ -1944,21 +1946,21 @@ global_check() {
print_global "✅ /etc/resolv.conf"
fi
cachesize="$(uci get dhcp.@dnsmasq[0].cachesize 2>/dev/null)"
noresolv="$(uci get dhcp.@dnsmasq[0].noresolv 2>/dev/null)"
server="$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)"
cachesize="$(uci get dhcp.@dnsmasq[0].cachesize 2> /dev/null)"
noresolv="$(uci get dhcp.@dnsmasq[0].noresolv 2> /dev/null)"
server="$(uci get dhcp.@dnsmasq[0].server 2> /dev/null)"
if [ "$cachesize" != "0" ] || [ "$noresolv" != "1" ] || [ "$server" != "127.0.0.42" ]; then
print_global "❌ DHCP configuration differs from template. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
elif [ "$(uci get podkop.main.dont_touch_dhcp 2>/dev/null)" = "1" ]; then
elif [ "$(uci get podkop.main.dont_touch_dhcp 2> /dev/null)" = "1" ]; then
print_global "⚠️ dont_touch_dhcp is enabled. 📄 DHCP config:"
awk '/^config /{p=($2=="dnsmasq")} p' /etc/config/dhcp
else
print_global "✅ /etc/config/dhcp"
fi
if ! pgrep -f "sing-box" >/dev/null; then
if ! pgrep -f "sing-box" > /dev/null; then
print_global "❌ sing-box is not running"
else
print_global "✅ sing-box is running"
@@ -1970,7 +1972,7 @@ global_check() {
print_global "━━━━━━━━━━━━━━━━━━━━━━━━━━━"
print_global "📄 WAN config"
if uci show network.wan >/dev/null 2>&1; then
if uci show network.wan > /dev/null 2>&1; then
awk '
/^config / {
p = ($2 == "interface" && $3 == "'\''wan'\''")
@@ -2055,7 +2057,7 @@ global_check() {
print_global "✅ FakeIP is working correctly on router (198.18.x.x)"
else
print_global "❌ FakeIP test failed: Domain did not resolve to FakeIP range"
if ! pgrep -f "sing-box" >/dev/null; then
if ! pgrep -f "sing-box" > /dev/null; then
print_global " ❌ sing-box is not running"
else
print_global " 🤔 sing-box is running"
@@ -2097,76 +2099,76 @@ EOF
}
case "$1" in
start)
start)
start
;;
stop)
stop)
stop
;;
reload)
reload)
reload
;;
restart)
restart)
restart
;;
main)
main)
main
;;
list_update)
list_update)
list_update
;;
check_proxy)
check_proxy)
check_proxy
;;
check_nft)
check_nft)
check_nft
;;
check_github)
check_github)
check_github
;;
check_logs)
check_logs)
check_logs
;;
check_sing_box_connections)
check_sing_box_connections)
check_sing_box_connections
;;
check_sing_box_logs)
check_sing_box_logs)
check_sing_box_logs
;;
check_dnsmasq)
check_dnsmasq)
check_dnsmasq
;;
show_config)
show_config)
show_config
;;
show_version)
show_version)
show_version
;;
show_sing_box_config)
show_sing_box_config)
show_sing_box_config
;;
show_luci_version)
show_luci_version)
show_luci_version
;;
show_sing_box_version)
show_sing_box_version)
show_sing_box_version
;;
show_system_info)
show_system_info)
show_system_info
;;
get_status)
get_status)
get_status
;;
get_sing_box_status)
get_sing_box_status)
get_sing_box_status
;;
check_dns_available)
check_dns_available)
check_dns_available
;;
global_check)
global_check)
global_check
;;
*)
*)
show_help
exit 1
;;