MON@H Rasta
Occasional Visitor
- Install MicroSD into device.
- Format MicroSD as a single partition and install Entware on it using amtm.
-
Bash:
opkg update ; opkg upgrade ; opkg install tor tor-geoip bind-dig
-
Create another fileBash:
nano /jffs/scripts/init_ipset.sh
Bash:modprobe ip_setmodprobe ip_set_iphash modprobe ip_set_nethash modprobe ip_set_setlist ipset --create unblock iphash
Bash:chmod +x /jffs/scripts/init_ipset.sh
Bash:nano /jffs/scripts/services-start
Bash:#!/bin/sh # This script get called after all other system services # have been started at boot on router # --------------------------------------------------------- # Cron job to install after reboot cru a unblock-ipset "3 3 * * * /jffs/scripts/unblock_update.sh"
Bash:chmod +x /jffs/scripts/services-start
Bash:nano /jffs/scripts/nat-start
Bash:#!/bin/sh iptables -t nat -A PREROUTING -i br0 -p tcp -m set --set unblock dst -j REDIRECT --to-port 9141
Bash:chmod +x /jffs/scripts/nat-start
-
Bash:
cat /dev/null > /opt/etc/tor/torrc
Bash:nano /opt/etc/tor/torrc
Bash:User admin PidFile /opt/var/run/tor.pid ExcludeExitNodes {RU},{UA},{AM},{KG},{BY} StrictNodes 1 TransPort 192.168.1.1:9141 ExitRelay 0 ExitPolicy reject *:* ExitPolicy reject6 *:* GeoIPFile /opt/share/tor/geoip GeoIPv6File /opt/share/tor/geoip6 DataDirectory /opt/var/lib/tor
Exclude output nodes: Russia, Ukraine, Armenia, Kyrgyzstan, Belarus.
Hang up a "transparent" proxy at 192.168.1.1, port 9141.
Forbid being an exit point. -
unblock.txt - a simple list to unblock. You can unblock domain or IP address. One line - one item. Blank lines (including those with spaces and tabs) are ignored. You can use the # character at the beginning of a line to ignore. Create a new file with the commandBash:
nano /tmp/mnt/microsd/dnsmasq/unblock.txt
Bash:###Torrent-trackersrutracker.org rutor.info rutor.is mega-tor.org kinozal.tv nnm-club.me nnm-club.ws tfile.me tfile-home.org tfile1.cc megatfile.cc megapeer.org megapeer.ru tapochek.net tparser.org tparser.me rustorka.com uniongang.tv fast-torrent.ru ###Media content directories for programs rezka.ag hdrezka.ag hdrezka.me filmix.co filmix.cc seasonvar.ru ###Books lib.rus.ec flibusta.is flibs.me flisland.net flibusta.site ###Telegram telegram.org tdesktop.com tdesktop.org tdesktop.info tdesktop.net telesco.pe telegram.dog telegram.me t.me telegra.ph web.telegram.org desktop.telegram.org updates.tdesktop.com venus.web.telegram.org flora.web.telegram.org vesta.web.telegram.org pluto.web.telegram.org aurora.web.telegram.org ###misc 7-zip.org edem.tv 4pna.com 2019.vote ###Tor check check.torproject.org ###Example of unblocking by IP (remove the # at the beginning of the line) #195.82.146.214
-
Create a new file with the commandBash:
nano /jffs/scripts/unblock_ipset.sh
Bash:#!/bin/sh until ADDRS=$(dig +short google.com @localhost) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done while read line || [ -n "$line" ]; do [ -z "$line" ] && continue [ "${line:0:1}" = "#" ] && continue addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') if [ ! -z "$addr" ]; then if ipset --test unblock $addr | grep NOT; then ipset -q --add unblock $addr continue fi fi dig +short $line @localhost | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("if ipset --test unblock " $1 " | grep NOT; then ipset -q --add unblock " $1 "; fi")}' done < /tmp/mnt/microsd/dnsmasq/unblock.txt
Bash:chmod +x /jffs/scripts/unblock_ipset.sh
-
Create a new file with the commandBash:
nano /jffs/scripts/unblock_dnsmasq.sh
Bash:#!/bin/sh cat /dev/null > /tmp/mnt/microsd/dnsmasq/unblock.dnsmasq while read line || [ -n "$line" ]; do [ -z "$line" ] && continue [ "${line:0:1}" = "#" ] && continue echo $line | grep -Eq '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' && continue echo "ipset=/$line/unblock" >> /tmp/mnt/microsd/dnsmasq/unblock.dnsmasq done < /tmp/mnt/microsd/dnsmasq/unblock.txt
Bash:chmod +x /jffs/scripts/unblock_dnsmasq.sh
Bash:/jffs/scripts/unblock_dnsmasq.sh
Bash:cat /tmp/mnt/microsd/dnsmasq/unblock.dnsmasq
Bash:# cat /tmp/mnt/microsd/dnsmasq/unblock.dnsmasqipset=/rutracker.org/unblock ipset=/rutor.info/unblock ipset=/rutor.is/unblock ipset=/mega-tor.org/unblock ipset=/kinozal.tv/unblock ipset=/nnm-club.me/unblock ipset=/nnm-club.ws/unblock ipset=/tfile.me/unblock ipset=/tfile-home.org/unblock ipset=/tfile1.cc/unblock ipset=/megatfile.cc/unblock ipset=/megapeer.org/unblock ipset=/megapeer.ru/unblock ipset=/tapochek.net/unblock ipset=/tparser.org/unblock ipset=/tparser.me/unblock ipset=/rustorka.com/unblock ipset=/uniongang.tv/unblock ipset=/fast-torrent.ru/unblock
-
Create a new file with the commandBash:
nano /jffs/scripts/unblock_update.sh
Bash:#!/bin/sh ipset --flush unblock /jffs/scripts/unblock_dnsmasq.sh service restart_dnsmasq sleep 3 /jffs/scripts/unblock_ipset.sh &
Bash:chmod +x /jffs/scripts/unblock_update.sh
-
Create a new file with the commandBash:
nano /opt/etc/init.d/S99unblock
Bash:[ "$1" != "start" ] && exit 0 /jffs/scripts/init_ipset.sh /jffs/scripts/unblock_ipset.sh service restart_firewall
Bash:chmod +x /opt/etc/init.d/S99unblock
-
We need to connect the created unblock.dnsmasq file to dnsmasq. To do this, open the file in the editorBash:
nano /jffs/configs/dnsmasq.conf.add
Bash:conf-file=/tmp/mnt/microsd/dnsmasq/unblock.dnsmasq
Bash:server=8.8.8.8
I have a ton of spam in log likeBash:Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:11 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:12 dnsmasq[30532]: failed to update ipset unblock: File exists Dec 8 23:17:12 dnsmasq[30532]: failed to update ipset unblock: File exists
Last edited: