diff --git a/package/lean/luci-app-unblockmusic/Makefile b/package/lean/luci-app-unblockmusic/Makefile index 6afd4071a..289d95085 100644 --- a/package/lean/luci-app-unblockmusic/Makefile +++ b/package/lean/luci-app-unblockmusic/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-unblockmusic PKG_VERSION:=2.3.1 -PKG_RELEASE:=30 +PKG_RELEASE:=31 PKG_CONFIG_DEPENDS := \ CONFIG_UnblockNeteaseMusic_Go \ diff --git a/package/lean/luci-app-unblockmusic/luasrc/model/cbi/unblockmusic.lua b/package/lean/luci-app-unblockmusic/luasrc/model/cbi/unblockmusic.lua index 8c1e29f4a..9fe46287c 100644 --- a/package/lean/luci-app-unblockmusic/luasrc/model/cbi/unblockmusic.lua +++ b/package/lean/luci-app-unblockmusic/luasrc/model/cbi/unblockmusic.lua @@ -69,4 +69,29 @@ o.write = function() end o:depends("apptype", "nodejs") +t=mp:section(TypedSection,"acl_rule",translate("例外客户端规则"), +translate("可以为局域网客户端分别设置不同的例外模式,默认无需设置")) +t.template="cbi/tblsection" +t.sortable=true +t.anonymous=true +t.addremove=true + +e=t:option(Value,"ipaddr",translate("IP Address")) +e.width="40%" +e.datatype="ip4addr" +e.placeholder="0.0.0.0/0" +luci.ip.neighbors({ family = 4 }, function(entry) + if entry.reachable then + e:value(entry.dest:string()) + end +end) + +e=t:option(ListValue,"filter_mode",translate("例外协议")) +e.width="40%" +e.default="disable" +e.rmempty=false +e:value("disable",translate("不代理HTTP和HTTPS")) +e:value("http",translate("不代理HTTP")) +e:value("https",translate("不代理HTTPS")) + return mp diff --git a/package/lean/luci-app-unblockmusic/root/etc/init.d/unblockmusic b/package/lean/luci-app-unblockmusic/root/etc/init.d/unblockmusic index cc9e5cfcf..304a4e77c 100755 --- a/package/lean/luci-app-unblockmusic/root/etc/init.d/unblockmusic +++ b/package/lean/luci-app-unblockmusic/root/etc/init.d/unblockmusic @@ -10,6 +10,16 @@ uci_get_by_type() { echo ${ret:=$3} } +uci_get_by_name() { + local index=0 + if [ -n $4 ]; then + + index=$4 + fi + local ret=$(uci get $NAME.@$1[$index].$2 2>/dev/null) + echo ${ret:=$3} +} + check_host() { local host=$1 if echo $host | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then @@ -27,6 +37,30 @@ check_host() { echo -e $hostip } +ip_rule() +{ + local icount=$(uci show unblockmusic | grep 'filter_mode' | wc -l) + let icount=icount-1 + for i in $(seq 0 $icount) + do + local ip=$(uci_get_by_name acl_rule ipaddr '' $i) + local mode=$(uci_get_by_name acl_rule filter_mode '' $i) + echo $i $ip $mode + case "$mode" in + http) + ipset -! add music_http $ip + ;; + https) + ipset -! add music_https $ip + ;; + disable) + ipset -! add music_http $ip + ipset -! add music_https $ip + ;; + esac + done +} + ENABLE=$(uci_get_by_type unblockmusic enabled 0) TYPE=$(uci_get_by_type unblockmusic musicapptype default) AUTOUPDATE=$(uci_get_by_type unblockmusic autoupdate 0) @@ -46,6 +80,8 @@ ipt_n="iptables -t nat" add_rule() { ipset -! -N music hash:ip + ipset -! -N music_http hash:ip + ipset -! -N music_https hash:ip $ipt_n -N CLOUD_MUSIC $ipt_n -A CLOUD_MUSIC -d 0.0.0.0/8 -j RETURN $ipt_n -A CLOUD_MUSIC -d 10.0.0.0/8 -j RETURN @@ -56,14 +92,16 @@ add_rule() $ipt_n -A CLOUD_MUSIC -d 224.0.0.0/4 -j RETURN $ipt_n -A CLOUD_MUSIC -d 240.0.0.0/4 -j RETURN if [ "$APPTYPE" != "cloud" ]; then - $ipt_n -A CLOUD_MUSIC -p tcp --dport 80 -j REDIRECT --to-ports 5200 - $ipt_n -A CLOUD_MUSIC -p tcp --dport 443 -j REDIRECT --to-ports 5201 + $ipt_n -A CLOUD_MUSIC -p tcp -m set ! --match-set music_http src --dport 80 -j REDIRECT --to-ports 5200 + $ipt_n -A CLOUD_MUSIC -p tcp -m set ! --match-set music_https src --dport 443 -j REDIRECT --to-ports 5201 else $ipt_n -A CLOUD_MUSIC -p tcp --dport 80 -j DNAT --to $cloudip:$cloudhttp $ipt_n -A CLOUD_MUSIC -p tcp --dport 443 -j DNAT --to $cloudip:$cloudhttps fi $ipt_n -I PREROUTING -p tcp -m set --match-set music dst -j CLOUD_MUSIC iptables -I OUTPUT -d 223.252.199.10 -j DROP + + ip_rule } del_rule(){ @@ -72,6 +110,9 @@ del_rule(){ $ipt_n -X CLOUD_MUSIC 2>/dev/null iptables -D OUTPUT -d 223.252.199.10 -j DROP 2>/dev/null + ipset -X music_http 2>/dev/null + ipset -X music_https 2>/dev/null + rm -f /tmp/dnsmasq.d/dnsmasq-163.conf /etc/init.d/dnsmasq reload >/dev/null 2>&1 }