Skip to content

Commit

Permalink
首次提交
Browse files Browse the repository at this point in the history
  • Loading branch information
your name committed Sep 25, 2020
0 parents commit 2194d10
Show file tree
Hide file tree
Showing 31 changed files with 775 additions and 0 deletions.
10 changes: 10 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# 使用方法


添加 src-git test https://github.com/Beginner-Go/my-package.git 到 OpenWRT源码根目录feeds.conf.default文件

然后执行

./scripts/feeds clean
./scripts/feeds update -a
./scripts/feeds install -a
17 changes: 17 additions & 0 deletions luci-app-control-webrestriction/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Copyright (C) 2016 Openwrt.org
#
# This is free software, licensed under the Apache License, Version 2.0 .
#

include $(TOPDIR)/rules.mk

LUCI_TITLE:=LuCI support for Webrestriction From Koolshare
LUCI_PKGARCH:=all
PKG_VERSION:=1.0
PKG_RELEASE:=6-20200921

include $(TOPDIR)/feeds/luci/luci.mk

# call BuildPackage - OpenWrt buildroot signature


Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
module("luci.controller.webrestriction", package.seeall)

function index()
if not nixio.fs.access("/etc/config/webrestriction") then return end

entry({"admin", "control"}, firstchild(), "Control", 44).dependent = false
entry({"admin", "control", "webrestriction"}, cbi("webrestriction"),
_("访问限制"), 11).dependent = true
entry({"admin", "control", "webrestriction", "status"}, call("status")).leaf =
true
end

function status()
local e = {}
e.status = luci.sys.call(
"iptables -L FORWARD |grep WEB_RESTRICTION >/dev/null") == 0
luci.http.prepare_content("application/json")
luci.http.write_json(e)
end
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
local o = require "luci.sys"
local a, e, t
a = Map("webrestriction", translate("访问限制"), translate(
"使用黑名单或者白名单模式控制列表中的客户端是否能够连接到互联网。"))
a.template = "webrestriction/index"
e = a:section(TypedSection, "basic", translate("Running Status"))
e.anonymous = true
t = e:option(DummyValue, "webrestriction_status", translate("当前状态"))
t.template = "webrestriction/webrestriction"
t.value = translate("Collecting data...")
e = a:section(TypedSection, "basic", translate("全局设置"))
e.anonymous = true
t = e:option(Flag, "enable", translate("开启"))
t.rmempty = false
t = e:option(ListValue, "limit_type", translate("限制模式"))
t.default = "blacklist"
t:value("whitelist", translate("白名单"))
t:value("blacklist", translate("黑名单"))
t.rmempty = false
e = a:section(TypedSection, "macbind", translate("名单设置"), translate(
"如果是黑名单模式,列表中的客户端将被禁止连接到互联网;白名单模式表示仅有列表中的客户端可以连接到互联网。"))
e.template = "cbi/tblsection"
e.anonymous = true
e.addremove = true
t = e:option(Flag, "enable", translate("开启控制"))
t.rmempty = false
t = e:option(Value, "macaddr", translate("MAC地址"))
t.rmempty = true
o.net.mac_hints(function(e, a) t:value(e, "%s (%s)" % {e, a}) end)
return a
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<%#
Copyright 2016 Chen RuiWei <crwbak@gmail.com>
Licensed to the public under the Apache License 2.0.
-%>

<% include("cbi/map") %>
<script type="text/javascript">//<![CDATA[
XHR.poll(2, '<%=luci.dispatcher.build_url("admin", "control", "webrestriction", "status")%>', null,
function(x, result)
{
var status = document.getElementsByClassName('webrestriction_status')[0];
status.setAttribute("style","font-weight:bold;");
status.setAttribute("color",result.status ? "green":"red");
status.innerHTML = result.status?'<%=translate("RUNNING")%>':'<%=translate("NOT RUNNING")%>';
}
)
//]]>
</script>
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<%+cbi/valueheader%>
<font class="webrestriction_status"><%=pcdata(self:cfgvalue(section) or self.default or "")%></font>
<%+cbi/valuefooter%>
2 changes: 2 additions & 0 deletions luci-app-control-webrestriction/po/zh-cn/webrestriction.po
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
msgid "Control"
msgstr "管控"
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

config basic
option enable '0'
option limit_type 'blacklist'

86 changes: 86 additions & 0 deletions luci-app-control-webrestriction/root/etc/init.d/webrestriction
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2015 OpenWrt-dist
# Copyright (C) 2016 fw867 <[email protected]>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#

START=99

CONFIG=webrestriction
limit_type=$(uci -q get webrestriction.@basic[0].limit_type)

uci_get_by_type() {
local index=0
if [ -n $4 ]; then
index=$4
fi
local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
echo ${ret:=$3}
}

is_true() {
case $1 in
1|on|true|yes|enabled) echo 0;;
*) echo 1;;
esac
}

load_config() {
ENABLED=$(uci_get_by_type basic enable)
return $(is_true $ENABLED)
}


add_rule(){
action=$1
for i in $(seq 0 100)
do
enable=$(uci_get_by_type macbind enable '' $i)
macaddr=$(uci_get_by_type macbind macaddr '' $i)
if [ -z $enable ] || [ -z $macaddr ]; then
break
fi
if [ "$enable" == "1" ]; then
iptables -t filter -A WEB_RESTRICTION -m mac --mac-source $macaddr -j $action
[ "$limit_type" == "blacklist" ] && iptables -t nat -A WEB_RESTRICTION -m mac --mac-source $macaddr -j RETURN
#unset "$macaddr"
fi
done
}

start(){

! load_config && exit 0
[ "`iptables -L FORWARD|grep -c WEB_RESTRICTION`" -gt 0 ] && exit 0;
iptables -P FORWARD DROP
iptables -t filter -N WEB_RESTRICTION
if [ "$limit_type" == "blacklist" ]; then
iptables -t nat -N WEB_RESTRICTION
add_rule DROP
else
add_rule ACCEPT
iptables -t filter -A WEB_RESTRICTION -j DROP
fi

#获取FORWARD ACCEPT规则行号
FA_INDEX=`iptables -t filter -L FORWARD --line-numbers | tail -n +3 | grep -E ACCEPT | grep ctstate | grep fw3 | awk '{print $1}'`
if [ -n "$FA_INDEX" ]; then
let FA_INDEX+=1
fi
#确保添加到FORWARD ACCEPT规则之后
iptables -t filter -I FORWARD $FA_INDEX -m comment --comment "Rule For Control" -j WEB_RESTRICTION
[ "$limit_type" == "blacklist" ] && iptables -t nat -I PREROUTING 1 -m comment --comment "Rule For Control" -j WEB_RESTRICTION
}
stop(){
[ "`iptables -t filter -L | grep -c WEB_RESTRICTION`" -gt 0 ] && {
iptables -t filter -D FORWARD -m comment --comment "Rule For Control" -j WEB_RESTRICTION
iptables -t nat -D PREROUTING -m comment --comment "Rule For Control" -j WEB_RESTRICTION
iptables -t filter -F WEB_RESTRICTION
iptables -t filter -X WEB_RESTRICTION
iptables -t nat -F WEB_RESTRICTION
iptables -t nat -X WEB_RESTRICTION
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#!/bin/sh

uci -q batch <<-EOF >/dev/null
delete ucitrack.@webrestriction[-1]
add ucitrack webrestriction
set ucitrack.@webrestriction[-1].init=webrestriction
commit ucitrack
EOF

rm -f /tmp/luci-indexcache
exit 0
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{
"luci-app-control-webrestriction": {
"description": "Grant UCI access for luci-app-control-webrestriction",
"read": {
"uci": [ "webrestriction" ]
},
"write": {
"uci": [ "webrestriction" ]
}
}
}
18 changes: 18 additions & 0 deletions luci-app-control-weburl/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Copyright (C) 2016 Openwrt.org
#
# This is free software, licensed under the Apache License, Version 2.0 .
#

include $(TOPDIR)/rules.mk

LUCI_TITLE:=LuCI support for Weburl From Koolshare
LUCI_DEPENDS:=+iptables-mod-filter +kmod-ipt-filter
LUCI_PKGARCH:=all
PKG_VERSION:=1.5
PKG_RELEASE:=20200923

include $(TOPDIR)/feeds/luci/luci.mk

# call BuildPackage - OpenWrt buildroot signature


10 changes: 10 additions & 0 deletions luci-app-control-weburl/luasrc/controller/weburl.lua
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
module("luci.controller.weburl", package.seeall)

function index()
if not nixio.fs.access("/etc/config/weburl") then return end

entry({"admin", "control"}, firstchild(), "Control", 50).dependent = false
entry({"admin", "control", "weburl"}, cbi("weburl"), _("过滤军刀"), 12).dependent =
true
end

65 changes: 65 additions & 0 deletions luci-app-control-weburl/luasrc/model/cbi/weburl.lua
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
local o = require "luci.sys"
local a, t, e
local button = ""
local state_msg = ""
local running=(luci.sys.call("iptables -L FORWARD|grep WEBURL >/dev/null") == 0)
local button = ""
local state_msg = ""
if running then
state_msg = "<b><font color=\"green\">" .. translate("正在运行") .. "</font></b>"
else
state_msg = "<b><font color=\"red\">" .. translate("没有运行") .. "</font></b>"
end
a = Map("weburl", translate("网址过滤/关键字过滤/MAC黑名单/时间控制/端口控制"), translate("<b><font color=\"green\">利用iptables来单独或组合使用多种条件过滤。条件除特别说明外都可以留空不使用。</font> </b></br>* 如指定“关键词/URL”(MAC黑名单、时间、星期可选)则为关键字过滤,关键字可以是字符串或网址。</br>* 如指定“MAC黑名单”而“关键词/URL”留空则为纯MAC黑名单模式(如已改变默认时间或星期则成为时间控制)。</br>* 如指定端口(MAC黑名单、时间、星期可选)则禁止通过此端口联网。端口可以是端口范围如5000:5100或多端口5100,5110。" .. button .. "<br/><br/>" .. translate("运行状态").. " : " .. state_msg .. "<br />"))
t = a:section(TypedSection, "basic", translate(""), translate(""))
t.anonymous = true
e = t:option(Flag, "enabled", translate("开启功能"))
e.rmempty = false
e = t:option(ListValue, "algos", translate("过滤力度"))
e:value("bm", "一般过滤")
e:value("kmp", "强效过滤")
e.default = "kmp"
t = a:section(TypedSection, "macbind", translate(""))
t.template = "cbi/tblsection"
t.anonymous = true
t.addremove = true
e = t:option(Flag, "enable", translate("开启"))
e.rmempty = false
e.default = '1'
e = t:option(Value, "macaddr", translate("黑名单MAC<font color=\"green\">(留空则过滤全部客户端)</font>"))
e.rmempty = true
o.net.mac_hints(function(t, a) e:value(t, "%s (%s)" % {t, a}) end)
e = t:option(Value, "keyword", translate("关键词/URL<font color=\"green\">(可留空)</font>"))
e.rmempty = true
e = t:option(ListValue, "proto", translate("<font color=\"gray\">端口协议</font>"))
e.rmempty = false
e.default = 'tcp'
e:value("tcp", translate("TCP"))
e:value("udp", translate("UDP"))
e = t:option(Value, "sport", translate("<font color=\"gray\">源端口</font>"))
e.rmempty = true
e = t:option(Value, "dport", translate("<font color=\"gray\">目的端口</font>"))
e.rmempty = true
e = t:option(Value, "timeon", translate("起控时间"))
e.placeholder = "00:00"
e.default = '00:00'
e.rmempty = true
e = t:option(Value, "timeoff", translate("停控时间"))
e.placeholder = "00:00"
e.default = '00:00'
e.rmempty = true
e = t:option(MultiValue, "daysofweek", translate("星期<font color=\"green\">(至少选一天,某天不选则该天不进行控制)</font>"))
e.optional = false
e.rmempty = false
e.default = 'Monday Tuesday Wednesday Thursday Friday Saturday Sunday'
e:value("Monday", translate(""))
e:value("Tuesday", translate(""))
e:value("Wednesday", translate(""))
e:value("Thursday", translate(""))
e:value("Friday", translate(""))
e:value("Saturday", translate(""))
e:value("Sunday", translate(""))
return a



2 changes: 2 additions & 0 deletions luci-app-control-weburl/po/zh-cn/weburl.po
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
msgid "Control"
msgstr "管控"
27 changes: 27 additions & 0 deletions luci-app-control-weburl/root/etc/config/weburl
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@

config basic
option algos 'kmp'
option enabled '0'

config macbind
option timeoff '00:00'
option timeon '00:00'
option daysofweek 'Monday Tuesday Wednesday Thursday Friday Saturday Sunday'
option keyword 'qq.com'
option enable '0'

config macbind
option timeoff '00:00'
option timeon '00:00'
option daysofweek 'Monday Tuesday Wednesday Thursday Friday Saturday Sunday'
option enable '0'
option keyword 'www'

config macbind
option timeoff '00:00'
option timeon '00:00'
option daysofweek 'Monday Tuesday Wednesday Thursday Friday Saturday Sunday'
option enable '0'
option keyword 'cmd.exe'


Loading

0 comments on commit 2194d10

Please sign in to comment.