From d10813d62ff028940a49d6de1bb53eea58168ee1 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Sun, 13 Apr 2025 21:41:36 +0200 Subject: [PATCH] adblock: update 4.4.0-2 * minor ETAG fixes and improvements * permanently set the addnmount option for dnsmasq * cosmetics Signed-off-by: Dirk Brenken --- net/adblock/Makefile | 2 +- net/adblock/files/README.md | 18 +++++----- net/adblock/files/adblock.init | 12 +++++-- net/adblock/files/adblock.sh | 61 +++++++++++++++++----------------- 4 files changed, 50 insertions(+), 43 deletions(-) diff --git a/net/adblock/Makefile b/net/adblock/Makefile index 81263217f2..ba537ae187 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock PKG_VERSION:=4.4.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index 8b8c54de9a..b2c65bccf3 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -91,8 +91,8 @@ A lot of people already use adblocker plugins within their desktop browsers, but * Provides a 'DNS Shift', where the generated final DNS blocklist is moved to the backup directory and only a soft link to this file is set in memory. As long as your backup directory is located on an external drive, you should activate this option to save disk space. * Source parsing by fast & flexible regex rulesets, all rules and feed information are placed in an external JSON file ('/etc/adblock/adblock.feeds') * Overall duplicate removal in generated blocklist file 'adb_list.overall' +* Additional local allowlist for manual overrides, located in '/etc/adblock/adblock.allowlist' (only exact matches). * Additional local blocklist for manual overrides, located in '/etc/adblock/adblock.blocklist' -* Additional local allowlist for manual overrides, located in '/etc/adblock/adblock.allowlist' * Quality checks during blocklist update to ensure a reliable DNS backend service * Minimal status & error logging to syslog, enable debug logging to receive more output * Procd based init system support ('start', 'stop', 'restart', 'reload', 'enable', 'disable', 'running', 'status', 'suspend', 'resume', 'query', 'report') @@ -101,11 +101,11 @@ A lot of people already use adblocker plugins within their desktop browsers, but * Provides comprehensive runtime information * Provides a detailed DNS Query Report with DNS related information about client requests, top (blocked) domains and more * Provides a powerful query function to quickly find blocked (sub-)domains, e.g. to allow certain domains -* Includes an option to generate an additional, restrictive 'adb_list.jail' to block access to all domains except those listed in the whitelist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations +* Includes an option to generate an additional, restrictive 'adb_list.jail' to block access to all domains except those listed in the allowlist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations * Includes an option to force DNS requests to the local resolver * Automatic blocklist backup & restore, these backups will be used in case of download errors and during startup * Send notification E-Mails, see example configuration below -* Add new adblock feeds on your own, see example below +* Add new adblock feeds on your own with the 'Custom Feed Editor' in LuCI or via CLI, see example below * Strong LuCI support, all relevant options are exposed to the web frontend @@ -126,7 +126,6 @@ A lot of people already use adblocker plugins within their desktop browsers, but * Install 'adblock' (_opkg install adblock_). The adblock service is enabled by default * Install the LuCI companion package 'luci-app-adblock' (_opkg install luci-app-adblock_) * It's strongly recommended to use the LuCI frontend to easily configure all aspects of adblock, the application is located in LuCI under the 'Services' menu -* Update from a former adblock version is easy. During the update a backup is made of the old configuration '/etc/config/adblock-backup' and replaced by the new config - that's all ## Adblock CLI interface @@ -175,25 +174,24 @@ Available commands: | adb_dnstimeout | 10 | timeout in seconds to wait for a successful DNS backend restart | | adb_dnsinstance | 0, first instance | set to the relevant dns backend instance used by adblock (dnsmasq only) | | adb_dnsflush | 0, disabled | set to 1 to flush the DNS Cache before & after adblock processing | -| adb_dnsallow | -, not set | set to 1 to disable selective DNS whitelisting (RPZ-PASSTHRU) | -| adb_lookupdomain | example.com | external domain to check for a successful DNS backend restart or 'false' to disable this check | +| adb_lookupdomain | localhost | domain to check for a successful DNS backend restart | | adb_portlist | 53 853 5353 | space separated list of firewall ports which should be redirected locally | | adb_report | 0, disabled | set to 1 to enable the background tcpdump gathering process for reporting | -| adb_reportdir | /tmp | path for DNS related report files | +| adb_reportdir | /tmp/adblock-report | path for DNS related report files | | adb_repiface | -, auto-detected | name of the reporting interface or 'any' used by tcpdump | | adb_replisten | 53 | space separated list of reporting port(s) used by tcpdump | | adb_repchunkcnt | 5 | report chunk count used by tcpdump | | adb_repchunksize | 1 | report chunk size used by tcpdump in MB | | adb_represolve | 0, disabled | resolve reporting IP addresses using reverse DNS (PTR) lookups | | adb_tld | 1, enabled | set to 0 to disable the top level domain compression (tld) function | -| adb_backupdir | /tmp | path for adblock backups | +| adb_backupdir | /tmp/adblock-backup | path for adblock backups | | adb_tmpbase | /tmp | path for all adblock related runtime operations, e.g. downloading, sorting, merging etc. | | adb_safesearch | 0, disabled | enforce SafeSearch for google, bing, brave, duckduckgo, yandex, youtube and pixabay | | adb_safesearchlist | -, not set | Limit SafeSearch to certain provider (see above) | | adb_mail | 0, disabled | set to 1 to enable notification E-Mails in case of a processing errors | | adb_mailreceiver | -, not set | receiver address for adblock notification E-Mails | | adb_mailsender | no-reply@adblock | sender address for adblock notification E-Mails | -| adb_mailtopic | adblock notification | topic for adblock notification E-Mails | +| adb_mailtopic | adblock notification | topic for adblock notification E-Mails | | adb_mailprofile | adb_notify | mail profile used in 'msmtp' for adblock notification E-Mails | | adb_jail | 0 | set to 1 to enable the additional, restrictive 'adb_list.jail' creation | | adb_jaildir | /tmp | path for the generated jail list | @@ -230,7 +228,7 @@ Adblock deposits the final blocklist 'adb_list.overall' in '/etc/kresd', no furt No further configuration is needed, adblock deposits the final blocklist 'adb_list.overall' in '/tmp/smartdns' by default. **Use restrictive jail modes:** -You can enable a restrictive 'adb_list.jail' to block access to all domains except those listed in the whitelist file. Usually this list will be generated as an additional list for guest or kidsafe configurations (for a separate dns server instance). If the jail directory points to your primary dns directory, adblock enables the restrictive jail mode automatically (jail mode only). +You can enable a restrictive 'adb_list.jail' to block access to all domains except those listed in the allowlist file. Usually this list will be generated as an additional list for guest or kidsafe configurations (for a separate dns server instance). If the jail directory points to your primary dns directory, adblock enables the restrictive jail mode automatically (jail mode only). **Manually override the download options:** By default adblock uses the following pre-configured download options: diff --git a/net/adblock/files/adblock.init b/net/adblock/files/adblock.init index 6421e93106..10f1749c1c 100755 --- a/net/adblock/files/adblock.init +++ b/net/adblock/files/adblock.init @@ -17,8 +17,16 @@ adb_init="/etc/init.d/adblock" adb_script="/usr/bin/adblock.sh" adb_pidfile="/var/run/adblock.pid" -[ "${action}" = "boot" ] && "${adb_init}" running && exit 0 -[ -s "${adb_pidfile}" ] && { [ "${action}" = "start" ] || [ "${action}" = "stop" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "report" ] || [ "${action}" = "suspend" ] || [ "${action}" = "resume" ] || [ "${action}" = "query" ]; } && exit 1 +if [ -z "${IPKG_INSTROOT}" ]; then + if [ "${action}" = "boot" ] && "${adb_init}" running; then + exit 0 + elif [ -s "${adb_pidfile}" ] && + { [ "${action}" = "start" ] || [ "${action}" = "stop" ] || [ "${action}" = "restart" ] || + [ "${action}" = "reload" ] || [ "${action}" = "report" ] || [ "${action}" = "suspend" ] || + [ "${action}" = "resume" ] || [ "${action}" = "query" ]; }; then + exit 1 + fi +fi boot() { : >"${adb_pidfile}" diff --git a/net/adblock/files/adblock.sh b/net/adblock/files/adblock.sh index 1ff6553153..bcf6110625 100755 --- a/net/adblock/files/adblock.sh +++ b/net/adblock/files/adblock.sh @@ -314,7 +314,7 @@ f_dns() { adb_dnscachecmd="-" adb_dnsinstance="${adb_dnsinstance:-"0"}" adb_dnsuser="${adb_dnsuser:-"root"}" - adb_dnsdir="${adb_dnsdir}" + adb_dnsdir="${adb_dnsdir:-"/tmp"}" adb_dnsheader="${adb_dnsheader:-""}" adb_dnsdeny="${adb_dnsdeny:-"0"}" adb_dnsallow="${adb_dnsallow:-"1"}" @@ -474,22 +474,36 @@ f_count() { # set external config options # f_extconf() { - local config config_option section zone port fwcfg + local config section zone port fwcfg case "${adb_dns}" in + "dnsmasq") + config="dhcp" + if [ "${adb_dnsshift}" = "1" ] && + ! uci_get ${config} @dnsmasq[${adb_dnsinstance}] addnmount | "${adb_grepcmd}" -q "${adb_backupdir}"; then + uci -q add_list ${config}.@dnsmasq[${adb_dnsinstance}].addnmount="${adb_backupdir}" + elif [ "${adb_dnsshift}" = "0" ] && + uci_get ${config} @dnsmasq[${adb_dnsinstance}] addnmount | "${adb_grepcmd}" -q "${adb_backupdir}"; then + uci -q del_list ${config}.@dnsmasq[${adb_dnsinstance}].addnmount="${adb_backupdir}" + fi + ;; "kresd") config="resolver" - if [ "${adb_enabled}" = "1" ] && ! uci_get ${config} kresd rpz_file >/dev/null 2>&1; then + if [ "${adb_enabled}" = "1" ] && + ! uci_get ${config} kresd rpz_file | "${adb_grepcmd}" -q "${adb_finaldir}/${adb_dnsfile}"; then uci -q add_list ${config}.kresd.rpz_file="${adb_finaldir}/${adb_dnsfile}" - elif [ "${adb_enabled}" = "0" ] && [ -n "${config_option}" ]; then + elif [ "${adb_enabled}" = "0" ] && + uci_get ${config} kresd rpz_file | "${adb_grepcmd}" -q "${adb_finaldir}/${adb_dnsfile}"; then uci -q del_list ${config}.kresd.rpz_file="${adb_finaldir}/${adb_dnsfile}" fi ;; "smartdns") config="smartdns" - if [ "${adb_enabled}" = "1" ] && ! uci_get ${config} @${config}[${adb_dnsinstance}] conf_files >/dev/null 2>&1; then + if [ "${adb_enabled}" = "1" ] && + ! uci_get ${config} @${config}[${adb_dnsinstance}] conf_files | "${adb_grepcmd}" -q "${adb_finaldir}/${adb_dnsfile}"; then uci -q add_list ${config}.@${config}[${adb_dnsinstance}].conf_files="${adb_finaldir}/${adb_dnsfile}" - elif [ "${adb_enabled}" = "0" ] && [ -n "${config_option}" ]; then + elif [ "${adb_enabled}" = "0" ] && + uci_get ${config} @${config}[${adb_dnsinstance}] conf_files | "${adb_grepcmd}" -q "${adb_finaldir}/${adb_dnsfile}"; then uci -q del_list ${config}.@${config}[${adb_dnsinstance}].conf_files="${adb_finaldir}/${adb_dnsfile}" fi ;; @@ -569,15 +583,6 @@ f_dnsup() { restart_rc="${?}" fi ;; - "dnsmasq") - if [ "${adb_dnsshift}" = "1" ] && - ! uci_get dhcp @dnsmasq[${adb_dnsinstance}] addnmount >/dev/null 2>&1; then - uci -q add_list dhcp.@dnsmasq[${adb_dnsinstance}].addnmount="${adb_backupdir}" - fi - "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1 - restart_rc="${?}" - uci -q revert dhcp - ;; *) "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1 restart_rc="${?}" @@ -631,9 +636,9 @@ f_etag() { if [ "${feed_cnt}" -lt "${etag_cnt}" ]; then "${adb_sedcmd}" -i "/^${feed}/d" "${adb_backupdir}/adblock.etag" else - "${adb_sedcmd}" -i "/^${feed}${feed_suffix}/d" "${adb_backupdir}/adblock.etag" + "${adb_sedcmd}" -i "/^${feed}${feed_suffix//\//\\/}/d" "${adb_backupdir}/adblock.etag" fi - printf "%-50s%s\n" "${feed}${feed_suffix}" "${etag_id}" >>"${adb_backupdir}/adblock.etag" + printf "%-80s%s\n" "${feed}${feed_suffix}" "${etag_id}" >>"${adb_backupdir}/adblock.etag" out_rc="2" fi @@ -1200,18 +1205,18 @@ f_main() { fi # etag handling on reload # - etag_rc="0" - src_cnt="$(printf "%s" "${src_cat}" | "${adb_wccmd}" -w)" - for suffix in ${src_cat}; do - if [ -n "${adb_etagparm}" ] && [ "${adb_action}" = "reload" ]; then + if [ -n "${adb_etagparm}" ] && [ "${adb_action}" = "reload" ]; then + etag_rc="0" + src_cnt="$(printf "%s" "${src_cat}" | "${adb_wccmd}" -w)" + for suffix in ${src_cat}; do if ! f_etag "${src_name}" "${src_url}" "${suffix}" "${src_cnt}"; then etag_rc="$(( etag_rc + 1))" fi - fi - done - if [ "${etag_rc}" = "0" ];then - if f_list restore; then - continue + done + if [ "${etag_rc}" = "0" ];then + if f_list restore; then + continue + fi fi fi # normal download @@ -1224,8 +1229,6 @@ f_main() { : >"${src_tmpcat}" fi done - # list preparation - # f_list prepare ) & else @@ -1270,8 +1273,6 @@ f_main() { "${adb_fetchcmd}" ${adb_fetchparm} "${src_tmpload}" "${src_url}" >/dev/null 2>&1 src_rc="${?}" fi - # list preparation - # f_list prepare ) & fi -- 2.30.2