From f96f354ad1e62159804aacfcd62360d3e0cefd92 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Tue, 28 Jun 2016 21:22:44 +0200 Subject: [PATCH] adblock: release 1.3.0 * revised hotplug script * remove wget package dependency * support uclient-fetch or wget with ssl support * documentation update Signed-off-by: Dirk Brenken --- net/adblock/Makefile | 3 +- net/adblock/files/README.md | 9 +- net/adblock/files/adblock-helper.sh | 137 +++++++++++++++++----------- net/adblock/files/adblock-update.sh | 8 +- net/adblock/files/adblock.hotplug | 9 +- 5 files changed, 102 insertions(+), 64 deletions(-) diff --git a/net/adblock/Makefile b/net/adblock/Makefile index a29cdcef95..5e4c23a676 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock -PKG_VERSION:=1.2.8 +PKG_VERSION:=1.3.0 PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0+ PKG_MAINTAINER:=Dirk Brenken @@ -18,7 +18,6 @@ define Package/$(PKG_NAME) SECTION:=net CATEGORY:=Network TITLE:=Powerful adblock script to block ad/abuse domains - DEPENDS:=+wget PKGARCH:=all endef diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index b0295758c8..cab34580d2 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -69,7 +69,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but * [LEDE project](https://www.lede-project.org), tested with trunk > r98 * usual setup with enabled 'iptables', 'dnsmasq' and 'uhttpd' - dump AP modes without these basics are _not_ supported! * additional required software packages: - * wget + * a download utility: 'uclient-fetch' and 'wget' (full versions with ssl support) are supported. Normally you should use 'wget', it's quite stable and supports the online timestamp checks. If you need a smaller memory footprint try 'uclient-fetch' without openssl dependency. The default ustream ssl backend 'libustream-polarssl' has issues with certain https sites and is currently not supported. To change the ssl backend see example below. * optional: 'kmod-ipt-nat6' for IPv6 support * the above dependencies and requirements will be checked during package installation & script runtime @@ -123,6 +123,13 @@ A lot of people already use adblocker plugins within their desktop browsers, but ## Examples +**example to change the ssl backend for 'uclient-fetch':** +

+opkg update
+opkg remove --force-depends libustream-polarssl
+opkg install libustream-mbedtls
+
+ **example cronjob for a regular block list update:** 

 # configuration found in /etc/crontabs/root
diff --git a/net/adblock/files/adblock-helper.sh b/net/adblock/files/adblock-helper.sh
index 7b72d90105..5814e85f33 100644
--- a/net/adblock/files/adblock-helper.sh
+++ b/net/adblock/files/adblock-helper.sh
@@ -21,7 +21,6 @@ adb_minspace=12000
 adb_forcedns=1
 adb_fetchttl=5
 adb_restricted=0
-adb_fetch="$(which wget)"
 adb_uci="$(which uci)"
 unset adb_revsrclist
 
@@ -135,7 +134,7 @@ f_envcheck()
         f_exit
     elif [ "${adb_cfgver#*.}" != "${adb_mincfgver#*.}" ]
     then
-        outdate_ok="true"
+        outdated_ok="true"
     fi
     if [ "${adb_enabled}" != "1" ]
     then
@@ -212,13 +211,76 @@ f_envcheck()
         fi
     fi
 
+    # check general package dependencies
+    #
+    f_depend "busybox"
+    f_depend "uci"
+    f_depend "uhttpd"
+    f_depend "iptables"
+    f_depend "kmod-ipt-nat"
+
+    # check ipv6 related package dependencies
+    #
+    if [ -n "${adb_wanif6}" ]
+    then
+        f_depend "ip6tables" "true"
+        if [ "${package_ok}" = "false" ]
+        then
+            f_log "package 'ip6tables' not found, IPv6 support will be disabled"
+            unset adb_wanif6
+        else
+            f_depend "kmod-ipt-nat6" "true"
+            if [ "${package_ok}" = "false" ]
+            then
+                f_log "package 'kmod-ipt-nat6' not found, IPv6 support will be disabled"
+                unset adb_wanif6
+            fi
+        fi
+    fi
+
+    # check uclient-fetch/wget dependencies
+    #
+    f_depend "uclient-fetch" "true"
+    if [ "${package_ok}" = "true" ]
+    then
+        f_depend "libustream-polarssl" "true"
+        if [ "${package_ok}" = "false" ]
+        then
+            adb_fetch="$(which uclient-fetch)"
+            fetch_parm="-q --timeout=${adb_fetchttl}"
+            response_parm="--spider"
+        fi
+    fi
+    if [ -z "${adb_fetch}" ]
+    then
+        f_depend "wget" "true"
+        if [ "${package_ok}" = "true" ]
+        then
+            adb_fetch="$(which wget)"
+            fetch_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=${adb_fetchttl} --connect-timeout=${adb_fetchttl} --read-timeout=${adb_fetchttl}"
+            response_parm="--spider --server-response"
+        else
+            rc=-1
+            f_log "please install 'uclient-fetch' or 'wget' with ssl support to use adblock"
+            f_exit
+        fi
+    fi
+
+    # check ca-certificate package and set fetch parm accordingly
+    #
+    f_depend "ca-certificates" "true"
+    if [ "${package_ok}" = "false" ]
+    then
+        fetch_parm="${fetch_parm} --no-check-certificate"
+    fi
+
     # start normal processing/logging
     #
     f_log "domain adblock processing started (${adb_scriptver}, ${adb_sysver}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
 
     # log partially outdated config
     #
-    if [ "${outdate_ok}" = "true" ]
+    if [ "${outdated_ok}" = "true" ]
     then
         f_log "partially outdated adblock config (${adb_mincfgver} vs. ${adb_cfgver}), please run '/etc/init.d/adblock cfgup' to update your configuration"
     fi
@@ -237,34 +299,6 @@ f_envcheck()
         f_log "Restricted mode enabled"
     fi
 
-    # check general package dependencies
-    #
-    f_depend "busybox"
-    f_depend "uci"
-    f_depend "uhttpd"
-    f_depend "wget"
-    f_depend "iptables"
-    f_depend "kmod-ipt-nat"
-
-    # check ipv6 related package dependencies
-    #
-    if [ -n "${adb_wanif6}" ]
-    then
-        check="$(printf "${pkg_list}" | grep "^ip6tables -")"
-        if [ -z "${check}" ]
-        then
-            f_log "package 'ip6tables' not found, IPv6 support will be disabled"
-            unset adb_wanif6
-        else
-            check="$(printf "${pkg_list}" | grep "^kmod-ipt-nat6 -")"
-            if [ -z "${check}" ]
-            then
-                f_log "package 'kmod-ipt-nat6' not found, IPv6 support will be disabled"
-                unset adb_wanif6
-            fi
-        fi
-    fi
-
     # check dns hideout directory
     #
     if [ -d "${adb_dnshidedir}" ]
@@ -274,15 +308,6 @@ f_envcheck()
         mkdir -p -m 660 "${adb_dnshidedir}"
     fi
 
-    # check ca-certificates package and set fetch parms accordingly
-    #
-    fetch_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=${adb_fetchttl} --connect-timeout=${adb_fetchttl} --read-timeout=${adb_fetchttl}"
-    check="$(printf "${pkg_list}" | grep "^ca-certificates -")"
-    if [ -z "${check}" ]
-    then
-        fetch_parm="${fetch_parm} --no-check-certificate"
-    fi
-
     # check adblock temp directory
     #
     adb_tmpfile="$(mktemp -tu)"
@@ -386,10 +411,9 @@ f_envcheck()
         f_firewall "IPv6" "nat" "PREROUTING" "adb-nat" "1" "nat" "-p tcp --dport 80 -j DNAT --to-destination [${adb_ipv6}]:${adb_nullport}"
         f_firewall "IPv6" "nat" "PREROUTING" "adb-nat" "2" "nat" "-p tcp --dport 443 -j DNAT --to-destination [${adb_ipv6}]:${adb_nullportssl}"
     fi
-    if [ "${fw_done}" = "true" ]
+    if [ "${firewall_ok}" = "true" ]
     then
         f_log "created volatile firewall rulesets"
-        fw_done="false"
     fi
 
     # check volatile uhttpd instance configuration
@@ -409,10 +433,9 @@ f_envcheck()
             f_uhttpd "adbIPv6_80" "1" "-p [${adb_ipv6}]:${adb_nullport}"
             f_uhttpd "adbIPv6_443" "0" "-p [${adb_ipv6}]:${adb_nullportssl}"
         fi
-        if [ "${uhttpd_done}" = "true" ]
+        if [ "${uhttpd_ok}" = "true" ]
         then
             f_log "created volatile uhttpd instances"
-            uhttpd_done="false"
         fi
     fi
 
@@ -434,11 +457,17 @@ f_depend()
 {
     local check
     local package="${1}"
+    local check_only="${2}"
+    package_ok="true"
 
     check="$(printf "${pkg_list}" | grep "^${package} -")"
-    if [ -z "${check}" ]
+    if [ "${check_only}" = "true" ] && [ -z "${check}" ]
+    then
+        package_ok="false"
+    elif [ -z "${check}" ]
     then
-        rc=115
+        rc=-1
+        package_ok="false"
         f_log "package '${package}' not found"
         f_exit
     fi
@@ -457,6 +486,7 @@ f_firewall()
     local chpos="${5}"
     local notes="adb-${6}"
     local rules="${7}"
+    firewall_ok="true"
 
     # select appropriate iptables executable for IPv6
     #
@@ -494,10 +524,9 @@ f_firewall()
     then
         "${ipt}" -w -t "${table}" -I "${chain}" "${chpos}" -m comment --comment "${notes}" ${rules}
         rc=${?}
-        if [ $((rc)) -eq 0 ]
+        if [ $((rc)) -ne 0 ]
         then
-            fw_done="true"
-        else
+            firewall_ok="false"
             f_log "failed to initialize volatile ${proto} firewall rule '${notes}'"
             f_exit
         fi
@@ -511,12 +540,13 @@ f_uhttpd()
     local realm="${1}"
     local timeout="${2}"
     local ports="${3}"
+    uhttpd_ok="true"
+
     uhttpd -h "/www/adblock" -N 25 -T "${timeout}" -r "${realm}" -k 0 -t 0 -R -D -S -E "/index.html" ${ports}
     rc=${?}
-    if [ $((rc)) -eq 0 ]
+    if [ $((rc)) -ne 0 ]
     then
-        uhttpd_done="true"
-    else
+        uhttpd_ok="false"
         f_log "failed to initialize volatile uhttpd instance (${realm})"
         f_exit
     fi
@@ -527,6 +557,7 @@ f_uhttpd()
 f_space()
 {
     local mp="${1}"
+    space_ok="true"
 
     if [ -d "${mp}" ]
     then
@@ -535,6 +566,8 @@ f_space()
         then
             space_ok="false"
         fi
+    else
+        space_ok="false"
     fi
 }
 
diff --git a/net/adblock/files/adblock-update.sh b/net/adblock/files/adblock-update.sh
index 59a3e1daa3..2dc8dbfd8d 100755
--- a/net/adblock/files/adblock-update.sh
+++ b/net/adblock/files/adblock-update.sh
@@ -10,7 +10,7 @@
 #
 adb_pid="${$}"
 adb_pidfile="/var/run/adblock.pid"
-adb_scriptver="1.2.8"
+adb_scriptver="1.3.0"
 adb_mincfgver="2.2"
 adb_scriptdir="${0%/*}"
 if [ -r "${adb_pidfile}" ]
@@ -85,7 +85,7 @@ do
     then
         url_time="$(date -r "${url}")"
     else
-        url_time="$(${adb_fetch} ${fetch_parm} --server-response --spider "${url}" 2>&1 | awk '$0 ~ /Last-Modified/ {printf substr($0,18)}')"
+        url_time="$(${adb_fetch} ${fetch_parm} ${response_parm} "${url}" 2>&1 | awk '$0 ~ /Last-Modified/ {printf substr($0,18)}')"
     fi
     if [ -z "${url_time}" ]
     then
@@ -102,7 +102,7 @@ do
         then
             shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
             shalla_file="${adb_tmpdir}/shallalist.txt"
-            "${adb_fetch}" ${fetch_parm} --output-document="${shalla_archive}" "${url}"
+            "${adb_fetch}" ${fetch_parm} -O "${shalla_archive}" "${url}"
             rc=${?}
             if [ $((rc)) -eq 0 ]
             then
@@ -123,7 +123,7 @@ do
                 rm -f "${shalla_file}"
             fi
         else
-            tmp_domains="$(${adb_fetch} ${fetch_parm} --output-document=- "${url}")"
+            tmp_domains="$(${adb_fetch} ${fetch_parm} -O- "${url}")"
         fi
         rc=${?}
     else
diff --git a/net/adblock/files/adblock.hotplug b/net/adblock/files/adblock.hotplug
index 0aa6196878..8ea8a18350 100644
--- a/net/adblock/files/adblock.hotplug
+++ b/net/adblock/files/adblock.hotplug
@@ -2,20 +2,19 @@
 #
 
 adb_pid="${$}"
+adb_helper="/usr/bin/adblock-helper.sh"
 adb_pidfile="/var/run/adblock.pid"
-adb_logger="/usr/bin/logger"
 
 if [ -f "${adb_pidfile}" ] || [ "${ACTION}" != "ifup" ]
 then
     exit 0
 fi
 
-. /lib/functions/network.sh
-network_find_wan adb_wanif4
-network_find_wan6 adb_wanif6
+. "${adb_helper}"
+f_envload
 
 if [ "${INTERFACE}" = "${adb_wanif4}" ] || [ "${INTERFACE}" = "${adb_wanif6}" ]
 then
     /etc/init.d/adblock start
-    "${adb_logger}" -t "adblock[${adb_pid}] info " "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
+    f_log "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
 fi
-- 
2.30.2