adblock: 0.70.1

* fix root cause for https timeout issues * fix startup issues via luci * detach init start process to fix luci timeout issues * fix html header in adblock pages * fix adblock.conf options to single quotes Signed-off-by: Dirk Brenken <openwrt@brenken.org>
9 years ago · d27b8c82a9
--- a/net/adblock/Makefile
+++ b/net/adblock/Makefile
@ -7,7 +7,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=adblock
 PKG_VERSION:=0.70.0
 PKG_VERSION:=0.70.1
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <openwrt@brenken.org>
--- a/net/adblock/files/adblock-helper.sh
+++ b/net/adblock/files/adblock-helper.sh
@ -175,6 +175,7 @@ f_envparse()
    adb_prechain_ipv6="PREROUTING"
    adb_fwdchain_ipv6="forwarding_rule"
    adb_outchain_ipv6="output_rule"
    adb_fetch="/usr/bin/wget"
    unset adb_srclist
    unset adb_revsrclist
    unset adb_errsrclist
@ -370,36 +371,40 @@ f_envcheck()

    # check ipv4/iptables configuration
    #
    if [ -n "${adb_wanif4}" ]
    then
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-prerouting" "-p tcp -d ${adb_nullipv4} --dport 80 -j REDIRECT --to-ports ${adb_port}"
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns1" "-p udp --dport 53 -j REDIRECT"
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns2" "-p tcp --dport 53 -j REDIRECT"
        f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward1" "-p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward2" "-d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output1" "-p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output2" "-d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
    if [ -n "${adb_wanif4}" ] && [ -n "${adb_wandev4}" ]
    then
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-prerouting" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -m multiport --dports 80,443 -j REDIRECT --to-ports ${adb_port}"
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns" "! -i ${adb_wandev4} -p udp --dport 53 -j REDIRECT"
        f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns" "! -i ${adb_wandev4} -p tcp --dport 53 -j REDIRECT"
        f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -p udp -d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -d ${adb_nullipv4} -j REJECT --reject-with icmp-proto-unreachable"
        f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -p udp -d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -d ${adb_nullipv4} -j REJECT --reject-with icmp-proto-unreachable"
        if [ "${fw_done}" = "true" ]
        then
            f_log "created volatile IPv4 firewall ruleset for adblock"
            f_log "created volatile IPv4 firewall ruleset"
            fw_done="false"
        fi
    fi

    # check ipv6/ip6tables configuration
    #
    if [ -n "${adb_wanif6}" ]
    then
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-prerouting" "-p tcp -d ${adb_nullipv6} --dport 80 -j REDIRECT --to-ports ${adb_port}"
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns1" "-p udp --dport 53 -j REDIRECT"
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns2" "-p tcp --dport 53 -j REDIRECT"
        f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward1" "-p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward2" "-d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output1" "-p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output2" "-d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
    if [ -n "${adb_wanif6}" ] && [ -n "${adb_wandev6}" ]
    then
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-prerouting" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -m multiport --dports 80,443 -j REDIRECT --to-ports ${adb_port}"
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns" "! -i ${adb_wandev6} -p udp --dport 53 -j REDIRECT"
        f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns" "! -i ${adb_wandev6} -p tcp --dport 53 -j REDIRECT"
        f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -p udp -d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -d ${adb_nullipv6} -j REJECT --reject-with icmp-proto-unreachable"
        f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -p udp -d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
        f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
        f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -d ${adb_nullipv6} -j REJECT --reject-with icmp-proto-unreachable"
        if [ "${fw_done}" = "true" ]
        then
            f_log "created volatile IPv6 firewall ruleset for adblock"
            f_log "created volatile IPv6 firewall ruleset"
            fw_done="false"
        fi
    fi
@ -411,7 +416,7 @@ f_envcheck()
    then
        if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
        then
            uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" -p "[${adb_ipv6}]:${adb_port}">/dev/null 2>&1
            uhttpd -h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" -p "[${adb_ipv6}]:${adb_port}">/dev/null 2>&1
            rc=${?}
            if [ $((rc)) -eq 0 ]
            then
@ -422,7 +427,7 @@ f_envcheck()
            fi
        elif [ -n "${adb_wanif4}" ]
        then
            uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" >/dev/null 2>&1
            uhttpd -h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" >/dev/null 2>&1
            rc=${?}
            if [ $((rc)) -eq 0 ]
            then
@ -433,7 +438,7 @@ f_envcheck()
            fi
        elif [ -n "${adb_wanif6}" ]
        then
            uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "[${adb_ipv6}]:${adb_port}" >/dev/null 2>&1
            uhttpd -h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "[${adb_ipv6}]:${adb_port}" >/dev/null 2>&1
            rc=${?}
            if [ $((rc)) -eq 0 ]
            then
@ -583,7 +588,7 @@ f_firewall()
 #
 f_log()
 {
    local log_term
    local log_parm
    local log_msg="${1}"
    local log_rc="${2}"
    local class="info "
@ -592,7 +597,7 @@ f_log()
    #
    if [ -t 1 ]
    then
        log_term="-s"
        log_parm="-s"
    fi

    # log to different output devices, set log class accordingly
@ -605,7 +610,7 @@ f_log()
            log_rc=", rc: ${log_rc}"
            log_msg="${log_msg}${log_rc}"
        fi
        /usr/bin/logger ${log_term} -t "adblock[${adb_pid}] ${class}" "${log_msg}"
        /usr/bin/logger ${log_parm} -t "adblock[${adb_pid}] ${class}" "${log_msg}"
        if [ "${log_ok}" = "true" ]
        then
            printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${adb_pid}] ${class}: ${log_msg}" >> "${adb_logfile}"
@ -732,14 +737,14 @@ f_exit()
        if [ -n "${adb_wanif4}" ]
        then
            ipv4_prerouting="$(${iptv4} -t nat -vnL | awk '$11 ~ /^adb-prerouting$/ {sum += $1} END {print sum}')"
            ipv4_forward="$(${iptv4} -vnL | awk '$11 ~ /^adb-forward[12]$/ {sum += $1} END {print sum}')"
            ipv4_output="$(${iptv4} -vnL | awk '$11 ~ /^adb-output[12]$/ {sum += $1} END {print sum}')"
            ipv4_forward="$(${iptv4} -vnL | awk '$11 ~ /^adb-forward$/ {sum += $1} END {print sum}')"
            ipv4_output="$(${iptv4} -vnL | awk '$11 ~ /^adb-output$/ {sum += $1} END {print sum}')"
        fi
        if [ -n "${adb_wanif6}" ]
        then
            ipv6_prerouting="$(${iptv6} -t nat -vnL | awk '$11 ~ /^adb-prerouting$/ {sum += $1} END {print sum}')"
            ipv6_forward="$(${iptv6} -vnL | awk '$11 ~ /^adb-forward[12]$/ {sum += $1} END {print sum}')"
            ipv6_output="$(${iptv6} -vnL | awk '$11 ~ /^adb-output[12]$/ {sum += $1} END {print sum}')"
            ipv6_forward="$(${iptv6} -vnL | awk '$11 ~ /^adb-forward$/ {sum += $1} END {print sum}')"
            ipv6_output="$(${iptv6} -vnL | awk '$11 ~ /^adb-output$/ {sum += $1} END {print sum}')"
        fi
        if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
        then
--- a/net/adblock/files/adblock-update.sh
+++ b/net/adblock/files/adblock-update.sh
@ -45,7 +45,7 @@ fi
 # get current directory, script- and openwrt version
 #
 adb_scriptdir="${0%/*}"
 adb_scriptver="0.70.0"
 adb_scriptver="0.70.1"
 openwrt_version="$(cat /etc/openwrt_version 2>/dev/null)"

 # source in adblock function library
@ -100,7 +100,7 @@ then
    # only process shallalist archive with updated timestamp,
    # extract and merge only domains of selected shallalist categories
    #
    shalla_time="$(wget ${wget_parm} --timeout=10 --server-response --spider "${adb_arc_shalla}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)"
    shalla_time="$(${adb_fetch} ${wget_parm} --timeout=5 --server-response --spider "${adb_arc_shalla}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)"
    shalla_time="${shalla_time/*: /}"
    if [ -z "${shalla_time}" ]
    then
@ -109,7 +109,7 @@ then
    fi
    if [ -z "${list_time}" ] || [ "${list_time}" != "${shalla_time}" ]
    then
        wget ${wget_parm} --timeout="${adb_maxtime}" --output-document="${shalla_archive}" "${adb_arc_shalla}" 2>/dev/null
        ${adb_fetch} ${wget_parm} --timeout="${adb_maxtime}" --output-document="${shalla_archive}" "${adb_arc_shalla}" 2>/dev/null
        rc=${?}
        if [ $((rc)) -eq 0 ]
        then
@ -184,7 +184,7 @@ do
    then
        url_time="${shalla_time}"
    else
        url_time="$(wget ${wget_parm} --timeout=10 --server-response --spider "${url}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)"
        url_time="$(${adb_fetch} ${wget_parm} --timeout=5 --server-response --spider "${url}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)"
        url_time="${url_time/*: /}"
    fi
    if [ -z "${url_time}" ]
@ -203,7 +203,7 @@ do
            tmp_domains="$(cat "${shalla_file}" 2>/dev/null)"
            rc=${?}
        else
            tmp_domains="$(wget ${wget_parm} --timeout="${adb_maxtime}" --output-document=- "${url}" 2>/dev/null)"
            tmp_domains="$(${adb_fetch} ${wget_parm} --timeout="${adb_maxtime}" --output-document=- "${url}" 2>/dev/null)"
            rc=${?}
        fi
    else
--- a/net/adblock/files/adblock.conf
+++ b/net/adblock/files/adblock.conf
@ -1,81 +1,81 @@
 # adblock configuration, for further information
 # see '/etc/adblock/README.md'

 config adblock "global"
 	option adb_enabled "1"
 	option adb_cfgver "0.70"
 	option adb_blacklist "/etc/adblock/adblock.blacklist"
 	option adb_whitelist "/etc/adblock/adblock.whitelist"

 config service "backup"
 	option enabled "0"
 	option adb_backupdir "/tmp"

 config service "debuglog"
 	option enabled "0"
 	option adb_logfile "/tmp/adb_debug.log"

 config source "adaway"
 	option enabled "1"
 	option adb_src_adaway "https://adaway.org/hosts.txt&ruleset=rset_adaway"

 config source "disconnect"
 	option enabled "1"
 	option adb_src_disconnect "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt&ruleset=rset_disconnect"

 config source "dshield"
 	option enabled "0"
 	option adb_src_dshield "http://www.dshield.org/feeds/suspiciousdomains_Low.txt&ruleset=rset_dshield"

 config source "feodo"
 	option enabled "0"
 	option adb_src_feodo "https://feodotracker.abuse.ch/blocklist/?download=domainblocklist&ruleset=rset_feodo"

 config source "malware"
 	option enabled "0"
 	option adb_src_malware "https://mirror.cedia.org.ec/malwaredomains/justdomains&ruleset=rset_malware"

 config source "malwarelist"
 	option enabled "0"
 	option adb_src_malwarelist "http://www.malwaredomainlist.com/hostslist/hosts.txt&ruleset=rset_malwarelist"

 config source "openphish"
 	option enabled "0"
 	option adb_src_openphish "https://openphish.com/feed.txt&ruleset=rset_openphish"

 config source "palevo"
 	option enabled "0"
 	option adb_src_palevo "https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist&ruleset=rset_palevo"

 config source "ruadlist"
 	option enabled "0"
 	option adb_src_ruadlist "https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt&ruleset=rset_ruadlist"

 config source "shalla"
 	option enabled "0"
 	option adb_arc_shalla "http://www.shallalist.de/Downloads/shallalist.tar.gz"
 	list adb_catlist "adv"
 	list adb_catlist "costtraps"
 	list adb_catlist "spyware"
 	list adb_catlist "tracker"
 	list adb_catlist "warez"

 config source "spam404"
 	option enabled "0"
 	option adb_src_spam404 "http://spam404bl.com/spam404scamlist.txt&ruleset=rset_spam404"

 config source "whocares"
 	option enabled "0"
 	option adb_src_whocares "http://someonewhocares.org/hosts/hosts&ruleset=rset_whocares"

 config source "winhelp"
 	option enabled "0"
 	option adb_src_winhelp "http://winhelp2002.mvps.org/hosts.txt&ruleset=rset_winhelp"

 config source "yoyo"
 	option enabled "1"
 	option adb_src_yoyo "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo"

 config source "zeus"
 	option enabled "0"
 	option adb_src_zeus "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist&ruleset=rset_zeus"
 config adblock 'global'
 	option adb_enabled '1'
 	option adb_cfgver '0.70'
 	option adb_blacklist '/etc/adblock/adblock.blacklist'
 	option adb_whitelist '/etc/adblock/adblock.whitelist'

 config service 'backup'
 	option enabled '0'
 	option adb_backupdir '/tmp'

 config service 'debuglog'
 	option enabled '0'
 	option adb_logfile '/tmp/adb_debug.log'

 config source 'adaway'
 	option enabled '1'
 	option adb_src_adaway 'https://adaway.org/hosts.txt&ruleset=rset_adaway'

 config source 'disconnect'
 	option enabled '1'
 	option adb_src_disconnect 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt&ruleset=rset_disconnect'

 config source 'dshield'
 	option enabled '0'
 	option adb_src_dshield 'http://www.dshield.org/feeds/suspiciousdomains_Low.txt&ruleset=rset_dshield'

 config source 'feodo'
 	option enabled '0'
 	option adb_src_feodo 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist&ruleset=rset_feodo'

 config source 'malware'
 	option enabled '0'
 	option adb_src_malware 'https://mirror.cedia.org.ec/malwaredomains/justdomains&ruleset=rset_malware'

 config source 'malwarelist'
 	option enabled '0'
 	option adb_src_malwarelist 'http://www.malwaredomainlist.com/hostslist/hosts.txt&ruleset=rset_malwarelist'

 config source 'openphish'
 	option enabled '0'
 	option adb_src_openphish 'https://openphish.com/feed.txt&ruleset=rset_openphish'

 config source 'palevo'
 	option enabled '0'
 	option adb_src_palevo 'https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist&ruleset=rset_palevo'

 config source 'ruadlist'
 	option enabled '0'
 	option adb_src_ruadlist 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt&ruleset=rset_ruadlist'

 config source 'shalla'
 	option enabled '0'
 	option adb_arc_shalla 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
 	list adb_catlist 'adv'
 	list adb_catlist 'costtraps'
 	list adb_catlist 'spyware'
 	list adb_catlist 'tracker'
 	list adb_catlist 'warez'

 config source 'spam404'
 	option enabled '0'
 	option adb_src_spam404 'http://spam404bl.com/spam404scamlist.txt&ruleset=rset_spam404'

 config source 'whocares'
 	option enabled '0'
 	option adb_src_whocares 'http://someonewhocares.org/hosts/hosts&ruleset=rset_whocares'

 config source 'winhelp'
 	option enabled '0'
 	option adb_src_winhelp 'http://winhelp2002.mvps.org/hosts.txt&ruleset=rset_winhelp'

 config source 'yoyo'
 	option enabled '1'
 	option adb_src_yoyo 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo'

 config source 'zeus'
 	option enabled '0'
 	option adb_src_zeus 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist&ruleset=rset_zeus'
--- a/net/adblock/files/adblock.init
+++ b/net/adblock/files/adblock.init
@ -10,18 +10,23 @@ adb_logger="/usr/bin/logger"

 if [ -t 1 ]
 then
    log_term="-s"
    log_parm="-s"
    unset bg_parm
 else
    unset log_parm
    bg_parm="&"
 fi

 if [ -r "${adb_pidfile}" ]
 then
    "${adb_logger}" ${log_term} -t "adblock[${adb_pid}] error" "adblock service already running ($(cat ${adb_pidfile} 2>/dev/null))"
    "${adb_logger}" ${log_parm} -t "adblock[${adb_pid}] error" "adblock service already running ($(cat ${adb_pidfile} 2>/dev/null))"
    exit 255
 fi

 start()
 {
    "${adb_script}"
    eval "${adb_script}" ${bg_parm}
    return 0
 }

 restart()
@ -53,7 +58,7 @@ stop()

    if [ -n "${rm_done}" ] || [ -n "${uhttpd_pid}" ]
    then
        "${adb_logger}" ${log_term} -t "adblock[${adb_pid}] info " "all adblock related services stopped"
        "${adb_logger}" ${log_parm} -t "adblock[${adb_pid}] info " "all adblock related services stopped"
    fi
    return 0
 }
--- a/net/adblock/files/www/adblock/adblock.html
+++ b/net/adblock/files/www/adblock/adblock.html
@ -1,5 +1,5 @@
 <html>
    <head></head>
    <head><meta charset="utf-8"></head>
    <body>
        <img src="/adblock.png" border="0" alt=""></img>
    </body>
--- a/net/adblock/files/www/adblock/index.html
+++ b/net/adblock/files/www/adblock/index.html
@ -1,5 +1,5 @@
 <html>
    <head></head>
    <head><meta charset="utf-8"></head>
    <body>
        <img src="/adblock.png" border="0" alt=""></img>
    </body>