From 356534dd42497802bfc9c37344b4246151c98322 Mon Sep 17 00:00:00 2001 From: Stan Grishin Date: Sat, 1 Oct 2022 23:11:28 +0000 Subject: [PATCH] simple-adblock: allow domains bugfix & canary domains support * fix bug in download_lists and adb_allow to prevent unintended exclisions from the block-lists of domains containing allowed domain. Fixes issue: https://github.com/stangri/source.openwrt.melmac.net/issues/160 * add support for returning NXDOMAIN/blocking iCloud & Mozilla canary domains, disabled by default Signed-off-by: Stan Grishin (cherry picked from commit 9156ef6507f8c3fe6785234dff223bad5b59a78e) --- net/simple-adblock/Makefile | 2 +- net/simple-adblock/files/simple-adblock.conf | 2 ++ net/simple-adblock/files/simple-adblock.init | 27 +++++++++++++++----- 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/net/simple-adblock/Makefile b/net/simple-adblock/Makefile index 0413b5c82..039d081f7 100644 --- a/net/simple-adblock/Makefile +++ b/net/simple-adblock/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=simple-adblock PKG_VERSION:=1.9.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_MAINTAINER:=Stan Grishin PKG_LICENSE:=GPL-3.0-or-later diff --git a/net/simple-adblock/files/simple-adblock.conf b/net/simple-adblock/files/simple-adblock.conf index 890462466..2346801c5 100644 --- a/net/simple-adblock/files/simple-adblock.conf +++ b/net/simple-adblock/files/simple-adblock.conf @@ -16,6 +16,8 @@ config simple-adblock 'config' # list force_dns_port '4434' # list force_dns_port '5443' # list force_dns_port '8443' + option canary_domains_icloud '0' + option canary_domains_mozilla '0' option led 'none' option boot_delay '120' option download_timeout '10' diff --git a/net/simple-adblock/files/simple-adblock.init b/net/simple-adblock/files/simple-adblock.init index 993a4e1a1..2021cb0c2 100644 --- a/net/simple-adblock/files/simple-adblock.init +++ b/net/simple-adblock/files/simple-adblock.init @@ -72,6 +72,9 @@ readonly _WARNING_='\033[0;33mWARNING\033[0m' readonly ipset="$(command -v ipset)" # shellcheck disable=SC2155 readonly nft="$(command -v nft)" +readonly canaryDomainsMozilla='use-application-dns.net' +readonly canaryDomainsiCloud='mask.icloud.com mask-h2.icloud.com' +# readonly canaryDomains="$canaryDomainsMozilla $canaryDomainsiCloud" debug() { local i j; for i in "$@"; do eval "j=\$$i"; echo "${i}: ${j} "; done; } @@ -688,10 +691,17 @@ download_lists() { rm -f "$sharedMemoryError" fi - for hf in ${blocked_domain}; do echo "$hf" | sed "$domainsFilter" >> $B_TMP; done + if [ "$canary_domains_icloud" -ne 0 ]; then + canaryDomains="${canaryDomains:+$canaryDomains }${canaryDomainsiCloud}" + fi + if [ "$canary_domains_mozilla" -ne 0 ]; then + canaryDomains="${canaryDomains:+$canaryDomains }${canaryDomainsMozilla}" + fi + + for hf in $blocked_domain $canaryDomains; do echo "$hf" | sed "$domainsFilter" >> $B_TMP; done allowed_domain="${allowed_domain} $(cat $A_TMP)" - for hf in ${allowed_domain}; do hf="$(echo "$hf" | sed 's/\./\\./g')"; w_filter="$w_filter/${hf}$/d;"; done + for hf in ${allowed_domain}; do hf="$(echo "$hf" | sed 's/\./\\./g')"; w_filter="$w_filter/^${hf}$/d;/\.${hf}$/d;"; done [ ! -s "$B_TMP" ] && return 1 @@ -846,7 +856,7 @@ $(cat $A_TMP)" } adb_allow() { - local c string="$1" + local c hf string="$1" local validation_result="$3" load_environment "$validation_result" if [ ! -s "$outputFile" ]; then @@ -858,10 +868,11 @@ adb_allow() { dnsmasq.addnhosts|dnsmasq.conf|dnsmasq.ipset|dnsmasq.nftset|dnsmasq.servers) output 1 "Allowing domain(s) and restarting dnsmasq " output 2 "Allowing domain(s) \\n" - for c in $string; do + for c in $string; do output 2 " $c " - if sed -i "/${string}/d" "$outputFile" && \ - uci_add_list_if_new "${packageName}" 'config' 'allowed_domain' "$string"; then + hf="$(echo "$c" | sed 's/\./\\./g')" + if sed -i "/^${hf}$/d;/\.${hf}$/d;" "$outputFile" && \ + uci_add_list_if_new "${packageName}" 'config' 'allowed_domain' "$c"; then output_ok else output_fail @@ -1356,6 +1367,8 @@ load_validate_config() { local compressed_cache local ipv6_enabled local allow_non_ascii + local canary_domains_icloud + local canary_domains_mozilla local config_update_enabled local config_update_url local boot_delay @@ -1379,6 +1392,8 @@ load_validate_config() { 'compressed_cache:bool:0' \ 'ipv6_enabled:bool:0' \ 'allow_non_ascii:bool:0' \ + 'canary_domains_icloud:bool:0' \ + 'canary_domains_mozilla:bool:0' \ 'config_update_enabled:bool:0' \ 'config_update_url:string:https://cdn.jsdelivr.net/gh/openwrt/packages/net/simple-adblock/files/simple-adblock.conf.update' \ 'boot_delay:range(0,240):120' \