diff --git a/.github/update.log b/.github/update.log index 3ef534c3c9..095357167d 100644 --- a/.github/update.log +++ b/.github/update.log @@ -579,3 +579,4 @@ Update On Mon Mar 4 19:27:35 CET 2024 Update On Tue Mar 5 01:51:50 CET 2024 Update On Tue Mar 5 02:18:45 CET 2024 Update On Tue Mar 5 19:29:09 CET 2024 +Update On Wed Mar 6 19:27:47 CET 2024 diff --git a/brook/README.md b/brook/README.md index f72d042204..a8c46140ec 100644 --- a/brook/README.md +++ b/brook/README.md @@ -1,101 +1,3 @@ -# Brook -A cross-platform programmable network tool - -# Sponsor -**❤️ [Shiliew - China Optimized Network App](https://www.txthinking.com/shiliew.html)** - -Table of Contents -================= - -* [Brook](#brook) -* [Sponsor](#sponsor) -* [Getting Started](#getting-started) - * [Server](#server) - * [GUI Client](#gui-client) - * [CLI Client](#cli-client) -* [GUI Documentation](#gui-documentation) - * [Software for which this article applies](#software-for-which-this-article-applies) - * [Programmable](#programmable) - * [Introduction to incoming variables](#introduction-to-incoming-variables) - * [in_brooklinks](#in_brooklinks) - * [in_dnsquery](#in_dnsquery) - * [in_address](#in_address) - * [in_httprequest](#in_httprequest) - * [in_httpresponse](#in_httpresponse) - * [Write script](#write-script) - * [Debug script](#debug-script) - * [Install CA](#install-ca) -* [Resources](#resources) -* [CLI Documentation](#cli-documentation) -* [NAME](#name) -* [SYNOPSIS](#synopsis) -* [GLOBAL OPTIONS](#global-options) -* [COMMANDS](#commands) - * [server](#server-1) - * [client](#client) - * [wsserver](#wsserver) - * [wsclient](#wsclient) - * [wssserver](#wssserver) - * [wssclient](#wssclient) - * [quicserver](#quicserver) - * [quicclient](#quicclient) - * [relayoverbrook](#relayoverbrook) - * [dnsserveroverbrook](#dnsserveroverbrook) - * [link](#link) - * [connect](#connect) - * [relay](#relay) - * [dnsserver](#dnsserver) - * [dnsclient](#dnsclient) - * [dohserver](#dohserver) - * [dohclient](#dohclient) - * [dhcpserver](#dhcpserver) - * [socks5](#socks5) - * [socks5tohttp](#socks5tohttp) - * [pac](#pac) - * [testsocks5](#testsocks5) - * [testbrook](#testbrook) - * [echoserver](#echoserver) - * [echoclient](#echoclient) - * [ipcountry](#ipcountry) - * [completion](#completion) - * [mdpage](#mdpage) - * [help, h](#help-h) - * [manpage](#manpage) - * [help, h](#help-h-1) -* [Examples](#examples) - * [Run brook server](#run-brook-server) - * [Run brook wsserver](#run-brook-wsserver) - * [Run brook wssserver: automatically certificate](#run-brook-wssserver-automatically-certificate) - * [Run brook wssserver Use a certificate issued by an existing trust authority](#run-brook-wssserver-use-a-certificate-issued-by-an-existing-trust-authority) - * [Run brook wssserver issue untrusted certificates yourself, any domain](#run-brook-wssserver-issue-untrusted-certificates-yourself-any-domain) - * [withoutBrookProtocol](#withoutbrookprotocol) - * [withoutBrookProtocol automatically certificate](#withoutbrookprotocol-automatically-certificate) - * [withoutBrookProtocol Use a certificate issued by an existing trust authority](#withoutbrookprotocol-use-a-certificate-issued-by-an-existing-trust-authority) - * [withoutBrookProtocol issue untrusted certificates yourself, any domain](#withoutbrookprotocol-issue-untrusted-certificates-yourself-any-domain) - * [Run brook socks5, A stand-alone standard socks5 server](#run-brook-socks5-a-stand-alone-standard-socks5-server) - * [Run brook socks5 with username and password. A stand-alone standard socks5 server](#run-brook-socks5-with-username-and-password-a-stand-alone-standard-socks5-server) - * [brook relayoverbrook can relay a local address to a remote address over brook, both TCP and UDP, it works with brook server wsserver wssserver.](#brook-relayoverbrook-can-relay-a-local-address-to-a-remote-address-over-brook-both-tcp-and-udp-it-works-with-brook-server-wsserver-wssserver) - * [brook dnsserveroverbrook can create a encrypted DNS server, both TCP and UDP, it works with brook server wsserver wssserver.](#brook-dnsserveroverbrook-can-create-a-encrypted-dns-server-both-tcp-and-udp-it-works-with-brook-server-wsserver-wssserver) - * [Brook OpenWRT Router: Perfectly supports IPv4/IPv6/TCP/UDP. Native IPv6](#brook-openwrt-router-perfectly-supports-ipv4ipv6tcpudp-native-ipv6) - * [Turn macOS into a Gateway with Brook](#turn-macos-into-a-gateway-with-brook) - * [Turn Windows into a Gateway with Brook](#turn-windows-into-a-gateway-with-brook) - * [Turn Linux into a Gateway with Brook](#turn-linux-into-a-gateway-with-brook) - * [brook relay can relay a address to a remote address. It can relay any tcp and udp server](#brook-relay-can-relay-a-address-to-a-remote-address-it-can-relay-any-tcp-and-udp-server) - * [brook socks5tohttp can convert a socks5 to a http proxy](#brook-socks5tohttp-can-convert-a-socks5-to-a-http-proxy) - * [brook pac creates pac server](#brook-pac-creates-pac-server) - * [brook pac creates pac file](#brook-pac-creates-pac-file) - * [There are countless examples; for more feature suggestions, it's best to look at the commands and parameters in the CLI documentation one by one, and blog, YouTube...](#there-are-countless-examples-for-more-feature-suggestions-its-best-to-look-at-the-commands-and-parameters-in-the-cli-documentation-one-by-one-and-blog-youtube) -* [Diagram](#diagram) - * [overview](#overview) - * [withoutBrookProtocol](#withoutbrookprotocol-1) - * [relayoverbrook](#relayoverbrook-1) - * [dnsserveroverbrook](#dnsserveroverbrook-1) - * [relay](#relay-1) - * [dnsserver](#dnsserver-1) - * [tproxy](#tproxy) - * [gui](#gui) - * [script](#script) - # Brook @@ -344,7 +246,7 @@ Brook - A cross-platform programmable network tool Brook ``` -brook [全局参数] 子命令 [子命令参数] +brook --help ``` **Usage**: @@ -379,6 +281,12 @@ Brook [GLOBAL OPTIONS] command [COMMAND OPTIONS] [ARGUMENTS...] - **--help, -h**: show help +- **--ipLimitInterval**="": Interval (s) for ipLimitMax (default: 0) + +- **--ipLimitMax**="": Limit the number of client IP addresses, be careful when using this parameter, as the client may have dynamic IP. Works with server/wsserver/wssserver/quicserver (default: 0) + +- **--ipLimitWait**="": How long (s) to wait for recovery after exceeding ipLimitMax (default: 0) + - **--log**="": Enable log. A valid value is file path or 'console'. If you want to debug SOCKS5 lib, set env SOCKS5_DEBUG=true - **--pprof**="": go http pprof listen addr, such as :6060 @@ -389,7 +297,11 @@ Brook [GLOBAL OPTIONS] command [COMMAND OPTIONS] [ARGUMENTS...] - **--serverHKDFInfo**="": server HKDF info, most time you don't need to change this, if changed, all and each brook links in client side must be same, I mean each (default: "brook") -- **--tag**="": Tag can be used to the process, will be append into log, such as: 'key1:value1' +- **--serverLog**="": Enable server log, traffic and more. A valid value is file path or 'console'. Mutually exclusive with the --log parameter. Works with server/wsserver/wssserver/quicserver + +- **--speedLimit**="": Limit speed (b), such as 500kb/s: 500000, works with server/wsserver/wssserver/quicserver (default: 0) + +- **--tag**="": Tag can be used to the process, will be append into log or serverLog, such as: 'key1:value1' - **--version, -v**: print the version @@ -400,11 +312,11 @@ Brook [GLOBAL OPTIONS] command [COMMAND OPTIONS] [ARGUMENTS...] Run as brook server, both TCP and UDP -- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt +- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt -- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt +- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--blockGeoIP**="": Block IP by Geo country code, such as US @@ -442,11 +354,11 @@ Run as brook client, both TCP and UDP, to start a socks5 proxy, [src <-> socks5 Run as brook wsserver, both TCP and UDP, it will start a standard http server and websocket server -- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt +- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt -- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt +- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--blockGeoIP**="": Block IP by Geo country code, such as US @@ -492,11 +404,11 @@ Run as brook wsclient, both TCP and UDP, to start a socks5 proxy, [src <-> socks Run as brook wssserver, both TCP and UDP, it will start a standard https server and websocket server -- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt +- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt -- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt +- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--blockGeoIP**="": Block IP by Geo country code, such as US @@ -522,13 +434,9 @@ Run as brook wssserver, both TCP and UDP, it will start a standard https server Run as brook wssclient, both TCP and UDP, to start a socks5 proxy, [src <-> socks5 <-> $ brook wssclient <-> $ brook wssserver <-> dst] -- **--address**="": Specify address instead of resolving addresses from host, such as 1.2.3.4:443 - -- **--ca**="": When server is brook wssserver, specify ca instead of insecure, such as /path/to/ca.pem - - **--http**="": Where to listen for HTTP proxy connections -- **--insecure**: Client do not verify the server's certificate chain and host name +- **--link**="": brook link, you can get it via $ brook link. The wssserver and password parameters will be ignored - **--password, -p**="": Brook wssserver password @@ -538,23 +446,19 @@ Run as brook wssclient, both TCP and UDP, to start a socks5 proxy, [src <-> sock - **--tcpTimeout**="": time (s) (default: 0) -- **--tlsfingerprint**="": When server is brook wssserver, select tls fingerprint, value can be: chrome - - **--udpTimeout**="": time (s) (default: 0) -- **--withoutBrookProtocol**: The data will not be encrypted with brook protocol - - **--wssserver, -s**="": Brook wssserver address, like: wss://google.com:443, if no path then /ws will be used. Do not omit the port under any circumstances ## quicserver Run as brook quicserver, both TCP and UDP -- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt +- **--blockCIDR4List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt -- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt +- **--blockCIDR6List**="": One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--blockGeoIP**="": Block IP by Geo country code, such as US @@ -604,13 +508,9 @@ Run as brook quicclient, both TCP and UDP, to start a socks5 proxy, [src <-> soc Run as relay over brook, both TCP and UDP, this means access [from address] is equal to [to address], [src <-> from address <-> $ brook server/wsserver/wssserver/quicserver <-> to address] -- **--address**="": When server is brook wsserver or brook wssserver or brook quicserver, specify address instead of resolving addresses from host, such as 1.2.3.4:443 - -- **--ca**="": When server is brook wssserver or brook quicserver, specify ca instead of insecure, such as /path/to/ca.pem - - **--from, -f, -l**="": Listen address: like ':9999' -- **--insecure**: When server is brook wssserver or brook quicserver, client do not verify the server's certificate chain and host name +- **--link**="": brook link, you can get it via $ brook link. The server and password parameters will be ignored - **--password, -p**="": Password @@ -618,27 +518,17 @@ Run as relay over brook, both TCP and UDP, this means access [from address] is e - **--tcpTimeout**="": time (s) (default: 0) -- **--tlsfingerprint**="": When server is brook wssserver, select tls fingerprint, value can be: chrome - - **--to, -t**="": Address which relay to, like: 1.2.3.4:9999 - **--udpTimeout**="": time (s) (default: 0) -- **--udpovertcp**: When server is brook server, UDP over TCP - -- **--withoutBrookProtocol**: When server is brook wsserver or brook wssserver or brook quicserver, the data will not be encrypted with brook protocol - ## dnsserveroverbrook Run as dns server over brook, both TCP and UDP, [src <-> $ brook dnserversoverbrook <-> $ brook server/wsserver/wssserver/quicserver <-> dns] or [src <-> $ brook dnsserveroverbrook <-> dnsForBypass] -- **--address**="": When server is brook wsserver or brook wssserver or brook quicserver, specify address instead of resolving addresses from host, such as 1.2.3.4:443 +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt - -- **--bypassDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt - -- **--ca**="": When server is brook wssserver or brook quicserver, specify ca instead of insecure, such as /path/to/ca.pem +- **--bypassDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--disableA**: Disable A query @@ -648,7 +538,7 @@ Run as dns server over brook, both TCP and UDP, [src <-> $ brook dnserversoverbr - **--dnsForBypass**="": DNS server for resolving domains in bypass list. Such as 223.5.5.5:53 or https://dns.alidns.com/dns-query?address=223.5.5.5:443, the address is required (default: 223.5.5.5:53) -- **--insecure**: When server is brook wssserver or brook quicserver, client do not verify the server's certificate chain and host name +- **--link**="": brook link, you can get it via $ brook link. The server and password parameters will be ignored - **--listen, -l**="": Listen address, like: 127.0.0.1:53 @@ -658,14 +548,8 @@ Run as dns server over brook, both TCP and UDP, [src <-> $ brook dnserversoverbr - **--tcpTimeout**="": time (s) (default: 0) -- **--tlsfingerprint**="": When server is brook wssserver, select tls fingerprint, value can be: chrome - - **--udpTimeout**="": time (s) (default: 0) -- **--udpovertcp**: When server is brook server, UDP over TCP - -- **--withoutBrookProtocol**: When server is brook wsserver or brook wssserver or brook quicserver, the data will not be encrypted with brook protocol - ## link Generate brook link @@ -676,6 +560,8 @@ Generate brook link - **--clientHKDFInfo**="": client HKDF info, most time you don't need to change this, read brook protocol if you don't know what this is +- **--fragment**="": When server is brook wssserver, split the ClientHello into multiple fragments and then send them one by one with delays (millisecond). The format is min_length:max_length:min_delay:max_delay, cannot be zero, such as 50:100:10:50, Note that: This is an experimental feature, currently only supported by the brook CLI and tun2brook. + - **--insecure**: When server is brook wssserver or brook quicserver, client do not verify the server's certificate chain and host name - **--name**="": Give this server a name @@ -726,7 +612,7 @@ Run as standalone relay, both TCP and UDP, this means access [from address] is e Run as standalone dns server -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--disableA**: Disable A query @@ -756,7 +642,7 @@ Send a dns query Run as standalone doh server -- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--blockDomainList**="": One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--cert**="": The cert file absolute path for the domain, such as /path/to/cert.pem. If cert or certkey is empty, a certificate will be issued automatically @@ -846,7 +732,7 @@ Convert socks5 to http proxy, [src <-> listen address(http proxy) <-> socks5 add Run as PAC server or save PAC to file -- **--bypassDomainList, -b**="": One domain per line, suffix match mode. http(s):// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt +- **--bypassDomainList, -b**="": One domain per line, suffix match mode. http(s):// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt - **--file, -f**="": Save PAC to file, this will ignore listen address diff --git a/brook/cli/brook/main.go b/brook/cli/brook/main.go index ed0954b1a4..a5cd2916fa 100644 --- a/brook/cli/brook/main.go +++ b/brook/cli/brook/main.go @@ -53,7 +53,7 @@ func main() { df := func() {} app := cli.NewApp() app.Name = "Brook" - app.Version = "20240214" + app.Version = "20240404" app.Usage = "A cross-platform programmable network tool" app.Authors = []*cli.Author{ { @@ -266,15 +266,15 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "blockCIDR4List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt", }, &cli.StringFlag{ Name: "blockCIDR6List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt", }, &cli.StringSliceFlag{ Name: "blockGeoIP", @@ -469,15 +469,15 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "blockCIDR4List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt", }, &cli.StringFlag{ Name: "blockCIDR6List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt", }, &cli.StringSliceFlag{ Name: "blockGeoIP", @@ -690,15 +690,15 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "blockCIDR4List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt", }, &cli.StringFlag{ Name: "blockCIDR6List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt", }, &cli.StringSliceFlag{ Name: "blockGeoIP", @@ -940,15 +940,15 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "blockCIDR4List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr4.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt", }, &cli.StringFlag{ Name: "blockCIDR6List", - Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://txthinking.github.io/bypass/example_cidr6.txt", + Usage: "One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt", }, &cli.StringSliceFlag{ Name: "blockGeoIP", @@ -1292,11 +1292,11 @@ func main() { }, &cli.StringFlag{ Name: "bypassDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.BoolFlag{ Name: "disableA", @@ -1679,7 +1679,7 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.BoolFlag{ Name: "disableA", @@ -1836,7 +1836,7 @@ func main() { }, &cli.StringFlag{ Name: "blockDomainList", - Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. https://, http:// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.BoolFlag{ Name: "disableA", @@ -2206,7 +2206,7 @@ func main() { &cli.StringFlag{ Name: "bypassDomainList", Aliases: []string{"b"}, - Usage: "One domain per line, suffix match mode. http(s):// or local absolute file path. Like: https://txthinking.github.io/bypass/example_domain.txt", + Usage: "One domain per line, suffix match mode. http(s):// or local absolute file path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt", }, &cli.StringFlag{ Name: "file", diff --git a/brook/docs/build.sh b/brook/docs/build.sh index 2ef96dd85a..7d85cc9295 100755 --- a/brook/docs/build.sh +++ b/brook/docs/build.sh @@ -13,23 +13,10 @@ cat gui.md >> ../readme.md cat resources.md >> ../readme.md echo '# CLI Documentation' >> ../readme.md -cd ../cli/brook -go build -mv brook ~/.nami/bin/ -cd ../../docs -jb '$1`brook mdpage`.split("\n").filter(v=>!v.startsWith("[")).join("\n").replace("```\n```", "```\nbrook [全局参数] 子命令 [子命令参数]\n```").split("\n").forEach(v=> echo(v.startsWith("**") && !v.startsWith("**Usage") ? "- "+v : v))' >> ../readme.md +jb '$1`brook mdpage`.split("\n").filter(v=>!v.startsWith("[")).join("\n").replace("```\n```", "```\nbrook --help\n```").split("\n").forEach(v=> echo(v.startsWith("**") && !v.startsWith("**Usage") ? "- "+v : v))' >> ../readme.md cat example.md >> ../readme.md cat diagram.md >> ../readme.md markdown ../readme.md ./index.html -echo '# Brook' > _.md -echo 'A cross-platform programmable network tool' >> _.md -echo '' >> _.md -echo '# Sponsor' >> _.md -echo '**❤️ [Shiliew - China Optimized Network App](https://www.txthinking.com/shiliew.html)**' >> _.md -mdtoc ../readme.md >> _.md -cat ../readme.md >> _.md -mv _.md ../readme.md - diff --git a/brook/docs/index.html b/brook/docs/index.html index 440e756f5b..84569007a5 100644 --- a/brook/docs/index.html +++ b/brook/docs/index.html @@ -1,10 +1,9 @@ - - Brook +Brook - + +
+ + +
<%:Collecting data...%> 
+
+ diff --git a/openwrt-packages/luci-app-amlogic/po/zh-cn/amlogic.po b/openwrt-packages/luci-app-amlogic/po/zh-cn/amlogic.po index aeb9f7509d..64f3795206 100644 --- a/openwrt-packages/luci-app-amlogic/po/zh-cn/amlogic.po +++ b/openwrt-packages/luci-app-amlogic/po/zh-cn/amlogic.po @@ -449,6 +449,18 @@ msgstr "当前版本" msgid "Latest Version" msgstr "最新版本" +msgid "Rescue Kernel" +msgstr "救援内核" + +msgid "When a kernel update fails and causes the OpenWrt system to be unbootable, the kernel can be restored by mutual recovery from eMMC/NVMe/sdX." +msgstr "当内核更新失败造成 OpenWrt 系统无法启动时,可以从 eMMC/NVME/sdX 相互恢复内核。" + +msgid "Rescue the original system kernel" +msgstr "救援原系统内核" + +msgid "Rescuing..." +msgstr "正在救援..." + msgid "Current Device:" msgstr "当前设备:" diff --git a/openwrt-packages/luci-app-amlogic/root/usr/sbin/openwrt-kernel b/openwrt-packages/luci-app-amlogic/root/usr/sbin/openwrt-kernel index 0f792d59f9..3f12ea20e3 100755 --- a/openwrt-packages/luci-app-amlogic/root/usr/sbin/openwrt-kernel +++ b/openwrt-packages/luci-app-amlogic/root/usr/sbin/openwrt-kernel @@ -33,7 +33,7 @@ release_file="/etc/flippy-openwrt-release" # Encountered a serious error, abort the script execution error_msg() { - echo -e "[\033[1;91m Error \033[0m] ${1}" + echo -e "[Error] ${1}" exit 1 } @@ -344,20 +344,138 @@ update_uboot() { sync && echo "" } -echo -e "Start update the openwrt kernel." +# Rescue the kernel +sos_kernel() { + echo -e "Start rescuing kernel..." + + # Supports specifying disks, such as: [ openwrt-kernel -s mmcblk1 ] + box_disk="${2}" + + if [[ -n "${box_disk}" ]]; then + # Format the disk names + box_disk="${box_disk//\/dev\//}" + + # Check if the disk exists + [[ -b "/dev/${box_disk}" ]] || error_msg "The specified disk [ ${box_disk} ] does not exist." + + # Check if the disk is the same as the current system disk + [[ "${box_disk}" == "${EMMC_NAME}" ]] && error_msg "The specified disk [ ${box_disk} ] is the same as the current system disk [ ${EMMC_NAME} ]." + + echo -e "The device name of the specified disk: [ ${box_disk} ]" + else + # Find emmc disk, first find emmc containing boot0 partition + box_disk="$(lsblk -l -o NAME | grep -oE '(mmcblk[0-9]?|nvme[0-9]?n[0-9]?|[hsv]d[a-z])' | grep -vE ^${EMMC_NAME} | sort -u | head -n 1)" + + # Check if disk exists + [[ -z "${box_disk}" ]] && error_msg "Unable to locate the storage requiring rescue." + + echo -e "The device name of the target disk: [ ${box_disk} ]" + fi + + rescue_disk="/dev/${box_disk}" + echo -e "The current OpenWrt is running on [ /dev/${EMMC_NAME} ], and the target disk for restoration is [ ${rescue_disk} ]." + + # Create a temporary mount directory + umount ${P4_PATH}/bootfs 2>/dev/null + umount ${P4_PATH}/rootfs 2>/dev/null + rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs 2>/dev/null + mkdir -p ${P4_PATH}/{bootfs/,rootfs/} && sync + [[ "${?}" -ne "0" ]] && error_msg "Failed to create temporary mount directory [ ${P4_PATH} ]" + + # Mount target bootfs partition + [[ "${box_disk}" =~ ^([hsv]d[a-z]) ]] && rescue_disk_partition_name="" || rescue_disk_partition_name="p" + mount ${rescue_disk}${rescue_disk_partition_name}1 ${P4_PATH}/bootfs + [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}1 failed!" + echo -e "The [ ${rescue_disk}${rescue_disk_partition_name}1 ] partition is mounted on [ ${P4_PATH}/bootfs ]." + + # Search uuid file + if [[ -f "${P4_PATH}/bootfs/uEnv.txt" ]]; then + search_file="uEnv.txt" + elif [[ -f "${P4_PATH}/bootfs/armbianEnv.txt" ]]; then + search_file="armbianEnv.txt" + elif [[ -f "${P4_PATH}/bootfs/extlinux/extlinux.conf" ]]; then + search_file="extlinux/extlinux.conf" + else + error_msg "The [ uEnv.txt, armbianEnv.txt, extlinux/extlinux.conf ] file does not exist, stop rescuing." + fi + + # Get the target partition uuid and rootfs + target_parttion_uuid="$(grep '=UUID=' ${P4_PATH}/bootfs/${search_file} | sed -n 's/.*=UUID=\([a-f0-9-]*\).*/\1/p')" + [[ -z "${target_parttion_uuid}" ]] && error_msg "The [ ${search_file} ] file does not contain the UUID value." + target_rootfs="$(blkid | grep ${target_parttion_uuid} | awk -F':' '{print $1;}')" + [[ -z "${target_rootfs}" ]] && error_msg "The [ ${target_parttion_uuid} ] UUID does not exist in the system." + + # Mount target rootfs partition + mount ${target_rootfs} ${P4_PATH}/rootfs + [[ "${?}" -ne "0" ]] && error_msg "mount ${rescue_disk}${PARTITION_NAME}2 failed!" + echo -e "The [ ${target_rootfs} ] partition is mounted on [ ${P4_PATH}/rootfs ]." + + # Identify the current kernel files + kernel_signature="$(uname -r)" + + # 01. For /boot files + [[ -d "${P4_PATH}/bootfs" ]] && { + cd ${P4_PATH}/bootfs + rm -rf config-* initrd.img-* System.map-* vmlinuz-* uInitrd* *Image dtb* u-boot.ext u-boot.emmc + [[ -f "/boot/u-boot.ext" ]] && { + cp -f /boot/u-boot.ext . + cp -f /boot/u-boot.ext u-boot.emmc + chmod +x u-boot.ext u-boot.emmc + } + cp -rf /boot/{*-${kernel_signature},uInitrd,*Image,dtb} . + [[ "${?}" -ne "0" ]] && error_msg "(1/2) [ boot ] kernel files rescue failed." + echo -e "(1/2) [ boot ] kernel files rescue succeeded." + } || error_msg "(1/2) The [ ${P4_PATH}/bootfs ] folder does not exist, stop rescuing." + + # 02. For /lib/modules/${kernel_signature} + [[ -d "${P4_PATH}/rootfs/lib/modules" ]] && { + cd ${P4_PATH}/rootfs/lib/modules + rm -rf * + cp -rf /lib/modules/${kernel_signature} . + [[ "${?}" -ne "0" ]] && error_msg "(2/2) [ modules ] kernel files rescue failed." + echo -e "(2/2) [ modules ] kernel files rescue succeeded." + } || error_msg "(2/2) The [ ${P4_PATH}/rootfs/lib/modules ] folder does not exist, stop rescuing." + + # Unmount the emmc partition + cd ${P4_PATH} + umount -f ${P4_PATH}/bootfs + [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/bootfs ]" + umount -f ${P4_PATH}/rootfs + [[ "${?}" -ne "0" ]] && error_msg "Failed to umount [ ${P4_PATH}/rootfs ]" + # Remove the temporary mount directory + rm -rf ${P4_PATH}/bootfs ${P4_PATH}/rootfs + + sync && echo "" +} + +echo -e "Welcome to the OpenWrt Kernel Management Tool." # Operation environment check [[ -x "/usr/sbin/openwrt-kernel" ]] || error_msg "Please grant execution permission: chmod +x /usr/sbin/openwrt-kernel" -# -# Initialize all variables -init_var "${@}" -# Check kernel files list -check_kernel -# Update the kernel -update_kernel -# Update the uboot -update_uboot -# -sync && sleep 3 -echo "Successfully updated, automatic restarting..." -reboot -exit 0 + +# Execute relevant functions based on the options +if [[ "${@}" =~ ^-s(\s)* ]]; then + # Initialize all variables + init_var "${@}" + # Start rescuing the kernel + sos_kernel "${@}" + + # Kernel restore successful + sync && sleep 3 + echo -e "Kernel rescue successful, please remove the disk and restart the OpenWrt system." + exit 0 +else + # Initialize all variables + init_var "${@}" + # Check kernel files list + check_kernel + # Update the kernel + update_kernel + # Update the uboot + update_uboot + + # Kernel update successful + sync && sleep 3 + echo "Successfully updated, automatic restarting..." + reboot + exit 0 +fi diff --git a/openwrt-passwall/.github/workflows/Auto compile with openwrt sdk.yml b/openwrt-passwall/.github/workflows/Auto compile with openwrt sdk.yml index 5a3c3a7b00..f16aae3338 100644 --- a/openwrt-passwall/.github/workflows/Auto compile with openwrt sdk.yml +++ b/openwrt-passwall/.github/workflows/Auto compile with openwrt sdk.yml @@ -277,6 +277,9 @@ jobs: ./scripts/feeds install -a -f -p passwall_packages ./scripts/feeds install luci-app-passwall + rm -rf feeds/packages/lang/golang + git clone https://github.com/sbwml/packages_lang_golang -b 22.x feeds/packages/lang/golang + echo "CONFIG_ALL_NONSHARED=n" > .config echo "CONFIG_ALL_KMODS=n" >> .config echo "CONFIG_ALL=n" >> .config diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua index a90495ccc8..eafb54de6c 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua @@ -1,6 +1,7 @@ local api = require "luci.passwall.api" local appname = api.appname local has_xray = api.finded_com("xray") +local has_singbox = api.finded_com("singbox") m = Map(appname) api.set_apply_on_parse(m) @@ -62,12 +63,12 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end o.default = 0 o:depends("auto_update", true) -if has_xray then +if has_xray or has_singbox then o = s:option(Value, "v2ray_location_asset", translate("Location of V2ray/Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are.")) o.default = "/usr/share/v2ray/" o.rmempty = false - s = m:section(TypedSection, "shunt_rules", "Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") + s = m:section(TypedSection, "shunt_rules", "Sing-Box/Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") s.template = "cbi/tblsection" s.anonymous = false s.addremove = true diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/shunt_rules.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/shunt_rules.lua index d936711b73..52488d47ac 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/shunt_rules.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/shunt_rules.lua @@ -2,7 +2,7 @@ local api = require "luci.passwall.api" local appname = api.appname local datatypes = api.datatypes -m = Map(appname, "Xray " .. translate("Shunt Rule")) +m = Map(appname, "Sing-Box/Xray " .. translate("Shunt Rule")) m.redirect = api.url() api.set_apply_on_parse(m) diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh index ff6e02e57c..2328554ff9 100755 --- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1610,6 +1610,11 @@ start() { check_depends $USE_TABLES + [ "$USE_TABLES" = "nftables" ] && { + dnsmasq_version=$(dnsmasq -v | grep -i "Dnsmasq version " | awk '{print $3}') + [ "$(expr $dnsmasq_version \>= 2.90)" == 0 ] && echolog "Dnsmasq版本低于2.90,建议升级至2.90及以上版本以避免部分情况下Dnsmasq崩溃问题!" + } + [ "$ENABLED_DEFAULT_ACL" == 1 ] && { start_redir TCP start_redir UDP diff --git a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/nftables.sh b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/nftables.sh index 2d8c6f9886..125d4cb9ac 100755 --- a/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/nftables.sh +++ b/openwrt-passwall/luci-app-passwall/root/usr/share/passwall/nftables.sh @@ -747,9 +747,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN ipv4_addr "2d" 0 $(cat $RULES_PATH/chnroute | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_WHITELIST ipv4_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_BLOCKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLACKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_WHITELIST ipv4_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLOCKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") gen_nftset $NFTSET_SHUNTLIST ipv4_addr 0 0 gen_nftset $NFTSET_VPSLIST6 ipv6_addr 0 0 @@ -761,9 +761,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN6 ipv6_addr "2d" 0 $(cat $RULES_PATH/chnroute6 | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_WHITELIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLACKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_WHITELIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") gen_nftset $NFTSET_SHUNTLIST6 ipv6_addr 0 0 local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') @@ -792,7 +792,7 @@ add_firewall_rule() { [ -n "$ISP_DNS" ] && { #echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do - insert_nftset $NFTSET_WHITELIST "-1" $ispip + insert_nftset $NFTSET_WHITELIST 0 $ispip echolog " - [$?]追加ISP IPv4 DNS到白名单:${ispip}" done } @@ -800,7 +800,7 @@ add_firewall_rule() { [ -n "$ISP_DNS6" ] && { #echolog "处理 ISP IPv6 DNS 例外..." for ispip6 in $ISP_DNS6; do - insert_nftset $NFTSET_WHITELIST6 "-1" $ispip6 + insert_nftset $NFTSET_WHITELIST6 0 $ispip6 echolog " - [$?]追加ISP IPv6 DNS到白名单:${ispip6}" done } @@ -1059,7 +1059,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" fi [ "$PROXY_IPV6" == "1" ] && { @@ -1110,7 +1110,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && { [ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && { @@ -1253,11 +1253,11 @@ gen_include() { [ ! -z "\${WAN_IP}" ] && nft "replace rule inet fw4 PSW_MANGLE handle \$PR_INDEX ip daddr "\${WAN_IP}" counter return comment \"WAN_IP_RETURN\"" fi nft "add rule inet fw4 mangle_prerouting meta nfproto {ipv4} counter jump PSW_MANGLE" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" } \$(sh ${MY_PATH} insert_rule_before "inet fw4" "mangle_prerouting" "PSW_MANGLE" "counter jump PSW_DIVERT") - [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && { PR_INDEX=\$(sh ${MY_PATH} RULE_LAST_INDEX "inet fw4" PSW_MANGLE_V6 WAN6_IP_RETURN -1) diff --git a/openwrt-passwall2/.github/workflows/Auto compile with openwrt sdk.yml b/openwrt-passwall2/.github/workflows/Auto compile with openwrt sdk.yml index 91fa53b8b0..2c5f04a66c 100644 --- a/openwrt-passwall2/.github/workflows/Auto compile with openwrt sdk.yml +++ b/openwrt-passwall2/.github/workflows/Auto compile with openwrt sdk.yml @@ -279,6 +279,11 @@ jobs: ./scripts/feeds install -a -f -p passwall_packages ./scripts/feeds install luci-app-passwall2 + rm -rf feeds/packages/lang/golang + git clone https://github.com/sbwml/packages_lang_golang -b 22.x feeds/packages/lang/golang + + + echo "CONFIG_ALL_NONSHARED=n" > .config echo "CONFIG_ALL_KMODS=n" >> .config echo "CONFIG_ALL=n" >> .config diff --git a/openwrt-passwall2/luci-app-passwall2/Makefile b/openwrt-passwall2/luci-app-passwall2/Makefile index 8fb7a113ae..1881ae2a8d 100644 --- a/openwrt-passwall2/luci-app-passwall2/Makefile +++ b/openwrt-passwall2/luci-app-passwall2/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-passwall2 -PKG_VERSION:=1.27-3 +PKG_VERSION:=1.27-4 PKG_RELEASE:= PKG_CONFIG_DEPENDS:= \ diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/rule.lua b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/rule.lua index beab119a98..12fd1f2fc5 100644 --- a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/rule.lua +++ b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/rule.lua @@ -43,7 +43,7 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end o.default = 0 o:depends("auto_update", true) -s = m:section(TypedSection, "shunt_rules", "Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") +s = m:section(TypedSection, "shunt_rules", "Sing-Box/Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") s.template = "cbi/tblsection" s.anonymous = false s.addremove = true diff --git a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/shunt_rules.lua b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/shunt_rules.lua index 7c1cef804b..3c2546603e 100644 --- a/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/shunt_rules.lua +++ b/openwrt-passwall2/luci-app-passwall2/luasrc/model/cbi/passwall2/client/shunt_rules.lua @@ -2,7 +2,7 @@ local api = require "luci.passwall2.api" local appname = api.appname local datatypes = api.datatypes -m = Map(appname, "Xray " .. translate("Shunt Rule")) +m = Map(appname, "Sing-Box/Xray " .. translate("Shunt Rule")) m.redirect = api.url() api.set_apply_on_parse(m) diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh index 29ed5fc855..22731d74e4 100644 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/app.sh @@ -1030,6 +1030,11 @@ start() { fi check_depends $USE_TABLES + + [ "$USE_TABLES" = "nftables" ] && { + dnsmasq_version=$(dnsmasq -v | grep -i "Dnsmasq version " | awk '{print $3}') + [ "$(expr $dnsmasq_version \>= 2.90)" == 0 ] && echolog "Dnsmasq版本低于2.90,建议升级至2.90及以上版本以避免部分情况下Dnsmasq崩溃问题!" + } [ "$ENABLED_DEFAULT_ACL" == 1 ] && run_global [ -n "$USE_TABLES" ] && source $APP_PATH/${USE_TABLES}.sh start diff --git a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh index 81129faef5..8f305e34e6 100755 --- a/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh +++ b/openwrt-passwall2/luci-app-passwall2/root/usr/share/passwall2/nftables.sh @@ -802,7 +802,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW2_OUTPUT_MANGLE ip protocol tcp $(factor $TCP_REDIR_PORTS "tcp dport") jump PSW2_RULE" nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp iif lo $(REDIRECT $REDIR_PORT TPROXY4) comment \"本机\"" nft "add rule inet fw4 PSW2_MANGLE ip protocol tcp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" fi [ "$PROXY_IPV6" == "1" ] && { @@ -836,7 +836,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW2_OUTPUT_MANGLE ip protocol udp $(factor $UDP_REDIR_PORTS "udp dport") jump PSW2_RULE" nft "add rule inet fw4 PSW2_MANGLE ip protocol udp iif lo $(REDIRECT $REDIR_PORT TPROXY4) comment \"本机\"" nft "add rule inet fw4 PSW2_MANGLE ip protocol udp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" if [ "$PROXY_IPV6_UDP" == "1" ]; then nft "add rule inet fw4 PSW2_OUTPUT_MANGLE_V6 meta l4proto udp ip6 daddr $FAKE_IP_6 jump PSW2_RULE" @@ -961,11 +961,11 @@ gen_include() { [ ! -z "\${WAN_IP}" ] && nft "replace rule inet fw4 PSW2_MANGLE handle \$PR_INDEX ip daddr "\${WAN_IP}" counter return comment \"WAN_IP_RETURN\"" fi nft "add rule inet fw4 mangle_prerouting meta nfproto {ipv4} counter jump PSW2_MANGLE" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" } \$(sh ${MY_PATH} insert_rule_before "inet fw4" "mangle_prerouting" "PSW2_MANGLE" "counter jump PSW2_DIVERT") - [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" + [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW2_OUTPUT_MANGLE comment \"PSW2_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && { PR_INDEX=\$(sh ${MY_PATH} RULE_LAST_INDEX "inet fw4" PSW2_MANGLE_V6 WAN6_IP_RETURN -1) diff --git a/small/brook/Makefile b/small/brook/Makefile index 4e2e15ab55..fbb5b287ce 100644 --- a/small/brook/Makefile +++ b/small/brook/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=brook -PKG_VERSION:=20240214 +PKG_VERSION:=20240404 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/txthinking/brook/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=d3c77b8069b21cfdb14f3282eba26b7b4860cd741462e4d6b6929ad07fa55153 +PKG_HASH:=6eda9a348f9c3555a1c27711e81c0982ea9999bf2878e73cf2eaaee90e8cc2e7 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=GPL-3.0 diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua index a90495ccc8..93e164c6eb 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/rule.lua @@ -1,6 +1,7 @@ local api = require "luci.passwall.api" local appname = api.appname local has_xray = api.finded_com("xray") +local has_singbox = api.finded_com("sing-box") m = Map(appname) api.set_apply_on_parse(m) @@ -62,12 +63,12 @@ for e = 0, 23 do o:value(e, e .. translate("oclock")) end o.default = 0 o:depends("auto_update", true) -if has_xray then +if has_xray or has_singbox then o = s:option(Value, "v2ray_location_asset", translate("Location of V2ray/Xray asset"), translate("This variable specifies a directory where geoip.dat and geosite.dat files are.")) o.default = "/usr/share/v2ray/" o.rmempty = false - s = m:section(TypedSection, "shunt_rules", "Xray " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") + s = m:section(TypedSection, "shunt_rules", "Xray/Sing-Box " .. translate("Shunt Rule"), "" .. translate("Please note attention to the priority, the higher the order, the higher the priority.") .. "") s.template = "cbi/tblsection" s.anonymous = false s.addremove = true diff --git a/small/luci-app-passwall/root/usr/share/passwall/app.sh b/small/luci-app-passwall/root/usr/share/passwall/app.sh index ff6e02e57c..2328554ff9 100755 --- a/small/luci-app-passwall/root/usr/share/passwall/app.sh +++ b/small/luci-app-passwall/root/usr/share/passwall/app.sh @@ -1610,6 +1610,11 @@ start() { check_depends $USE_TABLES + [ "$USE_TABLES" = "nftables" ] && { + dnsmasq_version=$(dnsmasq -v | grep -i "Dnsmasq version " | awk '{print $3}') + [ "$(expr $dnsmasq_version \>= 2.90)" == 0 ] && echolog "Dnsmasq版本低于2.90,建议升级至2.90及以上版本以避免部分情况下Dnsmasq崩溃问题!" + } + [ "$ENABLED_DEFAULT_ACL" == 1 ] && { start_redir TCP start_redir UDP diff --git a/small/luci-app-passwall/root/usr/share/passwall/nftables.sh b/small/luci-app-passwall/root/usr/share/passwall/nftables.sh index 2d8c6f9886..125d4cb9ac 100755 --- a/small/luci-app-passwall/root/usr/share/passwall/nftables.sh +++ b/small/luci-app-passwall/root/usr/share/passwall/nftables.sh @@ -747,9 +747,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN ipv4_addr "2d" 0 $(cat $RULES_PATH/chnroute | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_WHITELIST ipv4_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") - gen_nftset $NFTSET_BLOCKLIST ipv4_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLACKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_WHITELIST ipv4_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") + gen_nftset $NFTSET_BLOCKLIST ipv4_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "(\.((2(5[0-5]|[0-4][0-9]))|[0-1]?[0-9]{1,2})){3}") gen_nftset $NFTSET_SHUNTLIST ipv4_addr 0 0 gen_nftset $NFTSET_VPSLIST6 ipv6_addr 0 0 @@ -761,9 +761,9 @@ add_firewall_rule() { else gen_nftset $NFTSET_CHN6 ipv6_addr "2d" 0 $(cat $RULES_PATH/chnroute6 | tr -s '\n' | grep -v "^#") fi - gen_nftset $NFTSET_BLACKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_WHITELIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") - gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr 0 "-1" $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLACKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/proxy_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_WHITELIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/direct_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") + gen_nftset $NFTSET_BLOCKLIST6 ipv6_addr "2d" 0 $(cat $RULES_PATH/block_ip | tr -s '\n' | grep -v "^#" | grep -E "([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}") gen_nftset $NFTSET_SHUNTLIST6 ipv6_addr 0 0 local shunt_ids=$(uci show $CONFIG | grep "=shunt_rules" | awk -F '.' '{print $2}' | awk -F '=' '{print $1}') @@ -792,7 +792,7 @@ add_firewall_rule() { [ -n "$ISP_DNS" ] && { #echolog "处理 ISP DNS 例外..." for ispip in $ISP_DNS; do - insert_nftset $NFTSET_WHITELIST "-1" $ispip + insert_nftset $NFTSET_WHITELIST 0 $ispip echolog " - [$?]追加ISP IPv4 DNS到白名单:${ispip}" done } @@ -800,7 +800,7 @@ add_firewall_rule() { [ -n "$ISP_DNS6" ] && { #echolog "处理 ISP IPv6 DNS 例外..." for ispip6 in $ISP_DNS6; do - insert_nftset $NFTSET_WHITELIST6 "-1" $ispip6 + insert_nftset $NFTSET_WHITELIST6 0 $ispip6 echolog " - [$?]追加ISP IPv6 DNS到白名单:${ispip6}" done } @@ -1059,7 +1059,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo $(REDIRECT $TCP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol tcp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" fi [ "$PROXY_IPV6" == "1" ] && { @@ -1110,7 +1110,7 @@ add_firewall_rule() { nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo $(REDIRECT $UDP_REDIR_PORT TPROXY4) comment \"本机\"" } nft "add rule inet fw4 PSW_MANGLE ip protocol udp iif lo counter return comment \"本机\"" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && [ "$PROXY_IPV6_UDP" == "1" ] && { [ -n "${LOCALHOST_UDP_PROXY_MODE}" ] && { @@ -1253,11 +1253,11 @@ gen_include() { [ ! -z "\${WAN_IP}" ] && nft "replace rule inet fw4 PSW_MANGLE handle \$PR_INDEX ip daddr "\${WAN_IP}" counter return comment \"WAN_IP_RETURN\"" fi nft "add rule inet fw4 mangle_prerouting meta nfproto {ipv4} counter jump PSW_MANGLE" - nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + nft "add rule inet fw4 mangle_output ip protocol tcp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" } \$(sh ${MY_PATH} insert_rule_before "inet fw4" "mangle_prerouting" "PSW_MANGLE" "counter jump PSW_DIVERT") - [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output meta nfproto {ipv4} ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" + [ "$UDP_NODE" != "nil" -o "$TCP_UDP" = "1" ] && nft "add rule inet fw4 mangle_output ip protocol udp counter jump PSW_OUTPUT_MANGLE comment \"PSW_OUTPUT_MANGLE\"" [ "$PROXY_IPV6" == "1" ] && { PR_INDEX=\$(sh ${MY_PATH} RULE_LAST_INDEX "inet fw4" PSW_MANGLE_V6 WAN6_IP_RETURN -1) diff --git a/small/redsocks2/Makefile b/small/redsocks2/Makefile index eb7256b649..f68f88ed65 100644 --- a/small/redsocks2/Makefile +++ b/small/redsocks2/Makefile @@ -5,14 +5,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=redsocks2 -PKG_VERSION:=0.67 -PKG_RELEASE:=5 +PKG_VERSION:=release-test4 +PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/semigodking/redsocks.git -PKG_SOURCE_DATE:=2020-05-10 -PKG_SOURCE_VERSION:=d94c245ea47859cda5b4b7373308589206b97bdc -PKG_MIRROR_HASH:=5ca32b2f849af7ebda2cab90bbe286bfd97a69de1a85dac09c8df2fbdd8c947c +PKG_SOURCE_DATE:=2024-01-27 +PKG_SOURCE_VERSION:=92dbff008a54540159bbb4c0ff19ccf224155d76 +PKG_MIRROR_HASH:=6c45324e824fd261eb919592207b368c8a2668c01ef882bd348868362ea80f44 PKG_MAINTAINER:=semigodking PKG_LICENSE:=Apache-2.0 diff --git a/small/sing-box/Makefile b/small/sing-box/Makefile index 9bf99d538a..d2bae057c2 100644 --- a/small/sing-box/Makefile +++ b/small/sing-box/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sing-box -PKG_VERSION:=1.8.7 +PKG_VERSION:=1.8.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=35db2a6953c04ea6301f242ba2d6c7ca7f6d52bae0b4927beca5255ee958b218 +PKG_HASH:=dfa64c1da309000998ff9c5fb35bac2795c9e88ce3c63ad47862ba6c3aeda74f PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=LICENSE diff --git a/xray-core/app/observatory/burst/healthping.go b/xray-core/app/observatory/burst/healthping.go index cde9fbc1a9..2f0bbcc667 100644 --- a/xray-core/app/observatory/burst/healthping.go +++ b/xray-core/app/observatory/burst/healthping.go @@ -79,6 +79,15 @@ func (h *HealthPing) StartScheduler(selector func() ([]string, error)) { tickerClose := make(chan struct{}) h.ticker = ticker h.tickerClose = tickerClose + go func() { + tags, err := selector() + if err != nil { + newError("error select outbounds for initial health check: ", err).AtWarning().WriteToLog() + return + } + h.Check(tags) + }() + go func() { for { go func() { diff --git a/xray-core/go.mod b/xray-core/go.mod index c85f421dab..6856cff9d1 100644 --- a/xray-core/go.mod +++ b/xray-core/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.41.0 github.com/refraction-networking/utls v1.6.3 - github.com/sagernet/sing v0.3.4 + github.com/sagernet/sing v0.3.5 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.9.0 @@ -25,8 +25,8 @@ require ( golang.org/x/sync v0.6.0 golang.org/x/sys v0.18.0 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 - google.golang.org/grpc v1.62.0 - google.golang.org/protobuf v1.32.0 + google.golang.org/grpc v1.62.1 + google.golang.org/protobuf v1.33.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 lukechampine.com/blake3 v1.2.1 diff --git a/xray-core/go.sum b/xray-core/go.sum index b87ad8e373..a893f648df 100644 --- a/xray-core/go.sum +++ b/xray-core/go.sum @@ -121,8 +121,8 @@ github.com/refraction-networking/utls v1.6.3/go.mod h1:yil9+7qSl+gBwJqztoQseO6Pr github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.3.4 h1:mFGTVGFz/RxIDT9BMyJ67PanLxVh6fagB27eaUlO0aw= -github.com/sagernet/sing v0.3.4/go.mod h1:qHySJ7u8po9DABtMYEkNBcOumx7ZZJf/fbv2sfTkNHE= +github.com/sagernet/sing v0.3.5 h1:f87Y5tU8RiWhA/zzZy7rht3SbWU8t15YZEuj/UNi/gY= +github.com/sagernet/sing v0.3.5/go.mod h1:+60H3Cm91RnL9dpVGWDPHt0zTQImO9Vfqt9a4rSambI= github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s= github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= @@ -278,12 +278,12 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.62.0 h1:HQKZ/fa1bXkX1oFOvSjmZEUL8wLSaZTjCcLAlmZRtdk= -google.golang.org/grpc v1.62.0/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= +google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= +google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/yass/.github/workflows/compiler.yml b/yass/.github/workflows/compiler.yml index 02cdd5e1cc..ff6236c19f 100644 --- a/yass/.github/workflows/compiler.yml +++ b/yass/.github/workflows/compiler.yml @@ -214,7 +214,7 @@ jobs: - name: Build run: | ./tools/build --variant gui --arch ${{ matrix.arch }} --system mingw -build-test \ - --clang-path $PWD/third_party/llvm-mingw-20230614-ucrt-ubuntu-20.04-x86_64 -nc + --clang-path $PWD/third_party/llvm-mingw-20230614-ucrt-ubuntu-20.04-x86_64 -no-packaging - name: Populate depedencies (Tests-i686) if: ${{ matrix.arch == 'i686' }} run: | diff --git a/yass/.github/workflows/releases-android-binary.yml b/yass/.github/workflows/releases-android-binary.yml index 03563d4e7c..c7a91199a6 100644 --- a/yass/.github/workflows/releases-android-binary.yml +++ b/yass/.github/workflows/releases-android-binary.yml @@ -119,7 +119,7 @@ jobs: with: path: | qemu-user-static*.deb - key: ${{ runner.os }}-qemu-8.2.0-ds-5 + key: ${{ runner.os }}-qemu-8.2.2-ds-2 - name: Cache sysroot id: sysroot-cache uses: actions/cache@v4 @@ -153,7 +153,7 @@ jobs: - name: "Install dependency: qemu user cache" if: ${{ steps.qemu-user-cache.outputs.cache-hit != 'true' }} run: | - wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.0+ds-5_amd64.deb + wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.2+ds-2_amd64.deb - name: Change ubuntu mirror run: | sudo sed -i 's/azure.archive.ubuntu.com/azure.archive.ubuntu.com/g' /etc/apt/sources.list diff --git a/yass/.github/workflows/releases-linux-binary.yml b/yass/.github/workflows/releases-linux-binary.yml index bd3a386e69..92a5a91581 100644 --- a/yass/.github/workflows/releases-linux-binary.yml +++ b/yass/.github/workflows/releases-linux-binary.yml @@ -95,7 +95,7 @@ jobs: with: path: | qemu-user-static*.deb - key: ${{ runner.os }}-qemu-8.2.0-ds-5 + key: ${{ runner.os }}-qemu-8.2.2-ds-2 - name: Cache sysroot id: sysroot-cache uses: actions/cache@v4 @@ -115,7 +115,7 @@ jobs: - name: "Install dependency: qemu user cache" if: ${{ steps.qemu-user-cache.outputs.cache-hit != 'true' }} run: | - wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.0+ds-5_amd64.deb + wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.2+ds-2_amd64.deb - name: "Install dependency: sysroot" if: ${{ steps.sysroot-cache.outputs.cache-hit != 'true' }} run: | diff --git a/yass/.github/workflows/releases-mingw-new.yml b/yass/.github/workflows/releases-mingw-new.yml index d96b4e9355..76d1c95ff1 100644 --- a/yass/.github/workflows/releases-mingw-new.yml +++ b/yass/.github/workflows/releases-mingw-new.yml @@ -123,7 +123,7 @@ jobs: - name: Populate depedencies run: | sudo apt-get update -qq - sudo apt-get install -y cmake ninja-build nasm zip + sudo apt-get install -y cmake ninja-build nasm zip nsis locales-all # required by mbedtls build sudo apt-get install -y python3-jsonschema python3-jinja2 - name: Patch libcxx for windows xp @@ -141,6 +141,9 @@ jobs: echo "BUILD_OPTIONS=-mingw-allow-xp -enable-lto=false" >> $GITHUB_ENV - name: Build run: | + # fix cpack error on C.UTF-8 locale + # see https://github.com/lightspark/lightspark/discussions/604#discussioncomment-1034262 + export LC_ALL=en_US.UTF-8 ./tools/build --variant gui --arch ${{ matrix.arch }} --system mingw \ -build-test -build-benchmark \ -mingw-dir $PWD/third_party/llvm-mingw-20230614-${{ matrix.variant }}-ubuntu-20.04-x86_64 \ diff --git a/yass/.github/workflows/releases-openwrt-binary.yml b/yass/.github/workflows/releases-openwrt-binary.yml index 2f2dea10c9..ddb01f2021 100644 --- a/yass/.github/workflows/releases-openwrt-binary.yml +++ b/yass/.github/workflows/releases-openwrt-binary.yml @@ -97,7 +97,7 @@ jobs: with: path: | qemu-user-static*.deb - key: ${{ runner.os }}-qemu-8.2.0-ds-5 + key: ${{ runner.os }}-qemu-8.2.2-ds-2 - name: Cache openwrt sdk home id: openwrt-sdkhome-cache uses: actions/cache@v4 @@ -119,7 +119,7 @@ jobs: - name: "Install dependency: qemu user cache" if: ${{ steps.qemu-user-cache.outputs.cache-hit != 'true' }} run: | - wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.0+ds-5_amd64.deb + wget http://ftp.us.debian.org/debian/pool/main/q/qemu/qemu-user-static_8.2.2+ds-2_amd64.deb - name: Change ubuntu mirror run: | sudo sed -i 's/azure.archive.ubuntu.com/azure.archive.ubuntu.com/g' /etc/apt/sources.list diff --git a/yass/CMakeLists.txt b/yass/CMakeLists.txt index f99b3c65f6..36f30d9ca7 100644 --- a/yass/CMakeLists.txt +++ b/yass/CMakeLists.txt @@ -4484,7 +4484,7 @@ if(NOT CMAKE_SKIP_INSTALL_RULES) file(READ third_party/zlib/LICENSE _ZLIB_LICENSE) set(LICENSE_FILE "${CMAKE_CURRENT_BINARY_DIR}/LICENSE") - configure_file("LICENSE.tmpl" "${LICENSE_FILE}" @ONLY) + configure_file("LICENSE.cmake.in" "${LICENSE_FILE}" @ONLY) install(FILES "${LICENSE_FILE}" DESTINATION ${CMAKE_INSTALL_DOCDIR}) endif() diff --git a/yass/LICENSE.tmpl b/yass/LICENSE.cmake.in similarity index 100% rename from yass/LICENSE.tmpl rename to yass/LICENSE.cmake.in diff --git a/yass/tools/build.go b/yass/tools/build.go index a46d002bee..149746e08c 100644 --- a/yass/tools/build.go +++ b/yass/tools/build.go @@ -477,7 +477,7 @@ func getGNUTargetTypeAndArch(arch string, subsystem string) (string, string) { } func getLLVMVersion() string { - entries, err := os.ReadDir(filepath.Join(clangPath, "lib", "clang")) + entries, err := ioutil.ReadDir(filepath.Join(clangPath, "lib", "clang")) if err != nil { glog.Fatalf("%v", err) } @@ -505,7 +505,7 @@ func getAndFixHarmonyLibunwind() { // FIX libunwind target_path := fmt.Sprintf(filepath.Join(clangPath, "lib")) source_path := fmt.Sprintf("%s/native/llvm/lib", harmonyNdkDir) - entries, err := os.ReadDir(source_path) + entries, err := ioutil.ReadDir(source_path) if err != nil { glog.Fatalf("%v", err) } @@ -533,7 +533,7 @@ func getAndFixLibunwind(source_path string, subdir string) { glog.Fatalf("Symbolic link is not supported on windows") } // ln -sf $PWD/third_party/android_toolchain/toolchains/llvm/prebuilt/linux-x86_64/lib64/clang/14.0.7/lib/linux/i386 third_party/llvm-build/Release+Asserts/lib/clang/18/lib/linux - entries, err := os.ReadDir(filepath.Join(clangPath, "lib", "clang")) + entries, err := ioutil.ReadDir(filepath.Join(clangPath, "lib", "clang")) if err != nil { glog.Fatalf("%v", err) } @@ -549,7 +549,7 @@ func getAndFixLibunwind(source_path string, subdir string) { glog.Fatalf("%v", err) } target_path := fmt.Sprintf(filepath.Join(clangPath, "lib", "clang", llvm_version, "lib", subdir)) - entries, err = os.ReadDir(source_path) + entries, err = ioutil.ReadDir(source_path) if err != nil { glog.Fatalf("%v", err) } @@ -2022,19 +2022,41 @@ func generateNSIS(output string, dllPaths []string) { glog.Fatalf("%v", err) } glog.Info("Feeding NSIS compiler...") - cmdRun([]string{"C:\\Program Files (x86)\\NSIS\\makensis.exe", "/XSetCompressor /FINAL lzma", "yass.nsi"}, true) + if runtime.GOOS == "windows" { + cmdRun([]string{"C:\\Program Files (x86)\\NSIS\\makensis.exe", "/XSetCompressor /FINAL lzma", "yass.nsi"}, true) + } else { + cmdRun([]string{"makensis", "-XSetCompressor /FINAL lzma", "yass.nsi"}, true) + } } func generateNSISSystemInstaller(output string) { glog.Info("Feeding CPack NSIS compiler...") - cmdRun([]string{"C:\\Program Files\\CMake\\bin\\cpack.exe"}, true) - - if msvcTargetArchFlag == "x86" { - os.Rename(fmt.Sprintf("yass-%s-win32.exe", tagFlag), output) - } else if msvcTargetArchFlag == "x64" { - os.Rename(fmt.Sprintf("yass-%s-win64.exe", tagFlag), output) + if runtime.GOOS == "windows" { + cmdRun([]string{"C:\\Program Files\\CMake\\bin\\cpack.exe"}, true) } else { - glog.Fatalf("Unsupported msvc arch: %s for nsis builder", msvcTargetArchFlag) + cmdRun([]string{"cpack"}, true) + } + + if systemNameFlag == "windows" { + if msvcTargetArchFlag == "x86" { + os.Rename(fmt.Sprintf("yass-%s-win32.exe", tagFlag), output) + } else if msvcTargetArchFlag == "x64" { + os.Rename(fmt.Sprintf("yass-%s-win64.exe", tagFlag), output) + } else if msvcTargetArchFlag == "arm64" { + os.Rename(fmt.Sprintf("yass-%s-win64.exe", tagFlag), output) + } else { + glog.Fatalf("Unsupported msvc arch: %s for nsis builder", msvcTargetArchFlag) + } + } else if systemNameFlag == "mingw" { + if archFlag == "x86" || archFlag == "i686" { + os.Rename(fmt.Sprintf("yass-%s-win32.exe", tagFlag), output) + } else if archFlag == "x64" || archFlag == "x86_64" || archFlag == "amd64" { + os.Rename(fmt.Sprintf("yass-%s-win64.exe", tagFlag), output) + } else if archFlag == "arm64" || archFlag == "aarch64" { + os.Rename(fmt.Sprintf("yass-%s-win64.exe", tagFlag), output) + } else { + glog.Fatalf("Unsupported mingw arch: %s for nsis builder", archFlag) + } } } @@ -2140,7 +2162,7 @@ func postStateArchives() map[string][]string { var dbgPaths []string if systemNameFlag == "windows" { - entries, _ := os.ReadDir("./") + entries, _ := ioutil.ReadDir("./") for _, entry := range entries { name := entry.Name() iname := strings.ToLower(name) @@ -2181,7 +2203,7 @@ func postStateArchives() map[string][]string { archives[msiArchive] = []string{msiArchive} } // nsis installer - if systemNameFlag == "windows" && msvcTargetArchFlag != "arm64" { + if systemNameFlag == "windows" || systemNameFlag == "mingw" { generateNSIS(nsisArchive, dllPaths) archives[nsisArchive] = []string{nsisArchive} generateNSISSystemInstaller(nsisSystemArchive) diff --git a/yt-dlp/yt_dlp/extractor/_extractors.py b/yt-dlp/yt_dlp/extractor/_extractors.py index 881519c951..c8a701050f 100644 --- a/yt-dlp/yt_dlp/extractor/_extractors.py +++ b/yt-dlp/yt_dlp/extractor/_extractors.py @@ -1640,6 +1640,7 @@ from .restudy import RestudyIE from .reuters import ReutersIE from .reverbnation import ReverbNationIE from .rheinmaintv import RheinMainTVIE +from .ridehome import RideHomeIE from .rinsefm import ( RinseFMIE, RinseFMArtistPlaylistIE, diff --git a/yt-dlp/yt_dlp/extractor/ridehome.py b/yt-dlp/yt_dlp/extractor/ridehome.py new file mode 100644 index 0000000000..78f838ac15 --- /dev/null +++ b/yt-dlp/yt_dlp/extractor/ridehome.py @@ -0,0 +1,96 @@ +from .art19 import Art19IE +from .common import InfoExtractor +from ..utils import extract_attributes, get_elements_html_by_class +from ..utils.traversal import traverse_obj + + +class RideHomeIE(InfoExtractor): + _VALID_URL = r'https?://(?:www\.)?ridehome\.info/show/[\w-]+/(?P[\w-]+)/?(?:$|[?#])' + _TESTS = [{ + 'url': 'https://www.ridehome.info/show/techmeme-ride-home/thu-1228-will-2024-be-the-year-apple-gets-serious-about-gaming-on-macs/', + 'info_dict': { + 'id': 'thu-1228-will-2024-be-the-year-apple-gets-serious-about-gaming-on-macs', + }, + 'playlist_count': 1, + 'playlist': [{ + 'md5': 'c84ea3cc96950a9ab86fe540f3edc588', + 'info_dict': { + 'id': '540e5493-9fe6-4c14-a488-dc508d8794b2', + 'ext': 'mp3', + 'title': 'Thu. 12/28 – Will 2024 Be The Year Apple Gets Serious About Gaming On Macs?', + 'description': 'md5:9dba86ae9b5047a8150eceddeeb629c2', + 'series': 'Techmeme Ride Home', + 'series_id': '3c30e8f4-ab48-415b-9421-1ae06cd4058b', + 'upload_date': '20231228', + 'timestamp': 1703780995, + 'modified_date': '20231230', + 'episode_id': '540e5493-9fe6-4c14-a488-dc508d8794b2', + 'modified_timestamp': 1703912404, + 'release_date': '20231228', + 'release_timestamp': 1703782800, + 'duration': 1000.1502, + 'thumbnail': r're:^https?://content\.production\.cdn\.art19\.com/images/.*\.jpeg$', + }, + }], + }, { + 'url': 'https://www.ridehome.info/show/techmeme-ride-home/portfolio-profile-sensel-with-ilyarosenberg/', + 'info_dict': { + 'id': 'portfolio-profile-sensel-with-ilyarosenberg', + }, + 'playlist_count': 1, + 'playlist': [{ + 'md5': 'bf9d6efad221008ce71aea09d5533cf6', + 'info_dict': { + 'id': '6beed803-b1ef-4536-9fef-c23cf6b4dcac', + 'ext': 'mp3', + 'title': '(Portfolio Profile) Sensel - With @IlyaRosenberg', + 'description': 'md5:e1e4a970bce04290e0ba6f030b0125db', + 'series': 'Techmeme Ride Home', + 'series_id': '3c30e8f4-ab48-415b-9421-1ae06cd4058b', + 'upload_date': '20220108', + 'timestamp': 1641656064, + 'modified_date': '20230418', + 'episode_id': '6beed803-b1ef-4536-9fef-c23cf6b4dcac', + 'modified_timestamp': 1681843318, + 'release_date': '20220108', + 'release_timestamp': 1641672000, + 'duration': 2789.38122, + 'thumbnail': r're:^https?://content\.production\.cdn\.art19\.com/images/.*\.jpeg$' + }, + }], + }, { + 'url': 'https://www.ridehome.info/show/spacecasts/big-tech-news-apples-macbook-pro-event/', + 'info_dict': { + 'id': 'big-tech-news-apples-macbook-pro-event', + }, + 'playlist_count': 1, + 'playlist': [{ + 'md5': 'b1428530c6e03904a8271e978007fc05', + 'info_dict': { + 'id': 'f4780044-6c4b-4ce0-8215-8a86cc66bff7', + 'ext': 'mp3', + 'title': 'md5:e6c05d44d59b6577a4145ac339de5040', + 'description': 'md5:14152f7228c8a301a77e3d6bc891b145', + 'series': 'SpaceCasts', + 'series_id': '8e3e837d-7fe0-4a23-8e11-894917e07e17', + 'upload_date': '20211026', + 'timestamp': 1635271450, + 'modified_date': '20230502', + 'episode_id': 'f4780044-6c4b-4ce0-8215-8a86cc66bff7', + 'modified_timestamp': 1683057500, + 'release_date': '20211026', + 'release_timestamp': 1635272124, + 'duration': 2266.30531, + 'thumbnail': r're:^https?://content\.production\.cdn\.art19\.com/images/.*\.jpeg$' + }, + }], + }] + + def _real_extract(self, url): + article_id = self._match_id(url) + webpage = self._download_webpage(url, article_id) + + urls = traverse_obj( + get_elements_html_by_class('iframeContainer', webpage), + (..., {extract_attributes}, lambda k, v: k == 'data-src' and Art19IE.suitable(v))) + return self.playlist_from_matches(urls, article_id, ie=Art19IE)