#!/usr/bin/env python | |
#coding=utf-8 | |
# | |
# Generate a list of dnsmasq rules with ipset for gfwlist | |
# | |
# Copyright (C) 2014 http://www.shuyz.com | |
# Ref https://code.google.com/p/autoproxy-gfwlist/wiki/Rules | |
import urllib2 | |
import re | |
import os | |
import datetime | |
import base64 | |
import shutil | |
mydnsip = '127.0.0.1' | |
mydnsport = '1053' | |
# the url of gfwlist | |
baseurl = 'https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt' | |
# match comments/title/whitelist/ip address | |
comment_pattern = '^\!|\[|^@@|^\d+\.\d+\.\d+\.\d+' | |
domain_pattern = '([\w\-\_]+\.[\w\.\-\_]+)[\/\*]*' | |
tmpfile = '/tmp/gfwlisttmp' | |
# do not write to router internal flash directly | |
outfile = '/tmp/gfwlist.conf' | |
rulesfile = '/etc/dnsmasq.d/gfwlist.conf' | |
fs = file(outfile, 'w') | |
fs.write('# gfw list ipset rules for dnsmasq\n') | |
fs.write('# updated on ' + datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") + '\n') | |
fs.write('#\n') | |
print 'fetching list...' | |
content = urllib2.urlopen(baseurl, timeout=15).read().decode('base64') | |
# write the decoded content to file then read line by line | |
tfs = open(tmpfile, 'w') | |
tfs.write(content) | |
tfs.close() | |
tfs = open(tmpfile, 'r') | |
print 'page content fetched, analysis...' | |
# remember all blocked domains, in case of duplicate records | |
domainlist = [] | |
for line in tfs.readlines(): | |
if re.findall(comment_pattern, line): | |
print 'this is a comment line: ' + line | |
#fs.write('#' + line) | |
else: | |
domain = re.findall(domain_pattern, line) | |
if domain: | |
try: | |
found = domainlist.index(domain[0]) | |
print domain[0] + ' exists.' | |
except ValueError: | |
print 'saving ' + domain[0] | |
domainlist.append(domain[0]) | |
fs.write('server=/.%s/%s#%s\n'%(domain[0],mydnsip,mydnsport)) | |
fs.write('ipset=/.%s/gfwlist\n'%domain[0]) | |
else: | |
print 'no valid domain in this line: ' + line | |
tfs.close() | |
fs.close(); | |
print 'moving generated file to dnsmasg directory' | |
shutil.move(outfile, rulesfile) | |
print 'restart dnsmasq...' | |
print os.popen('/etc/init.d/dnsmasq restart').read() | |
print 'done!' |
#!/bin/sh /etc/rc.common | |
# Copyright (C) 2006-2011 OpenWrt.org | |
# ref http://ipset.netfilter.org/ipset.man.html | |
START=95 | |
SERVICE_USE_PID=1 | |
SERVICE_WRITE_PID=1 | |
SERVICE_DAEMONIZE=1 | |
start() { | |
echo starting ss-redir... | |
service_start /opt/bin/ss-redir -c /etc/shadowsocks.json | |
echo loading firewall rules... | |
ipset create gfwlist hash:ip counters timeout 1200 | |
iptables -t nat -A zone_lan_prerouting -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081 | |
echo done. | |
} | |
stop() { | |
echo stopping ss-redir... | |
service_stop /opt/bin/ss-redir | |
echo restarting firewall... | |
/etc/init.d/firewall restart | |
echo done. | |
} |
This comment has been minimized.
This comment has been minimized.
我的就是在路由器上更新的,使用http获取gfwlist失败,换成https就没问题。网上有gfwlist的镜像也可以用。 |
This comment has been minimized.
This comment has been minimized.
!/usr/bin/env python-- coding: utf-8 --tanyewei@gmail.comimport re domain_regex = re.compile(r'[a-zA-Z\d-]{,63}(.[a-zA-Z\d-]{,63})*') with open('gfwlist', 'r') as f: domain_list = [] for i in data.decode('base64').splitlines(): domain_list = list(set(domain_list)) with open('gfw.conf', 'w') as f: |
This comment has been minimized.
This comment has been minimized.
楼主,最新的 gfwlist 文件换了 https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt 可以改一发 |
This comment has been minimized.
This comment has been minimized.
@Rabbit52 谢谢提醒!已更改。 |
This comment has been minimized.
This comment has been minimized.
楼主,这个好像不能匹配 这一行,于是google.com.hk就用不了? |
This comment has been minimized.
This comment has been minimized.
请问DD WRT可以用码? |
This comment has been minimized.
本来想在 openwrt 上做个 cron 自动更新的,但是下不动 gfwlist 怎么破~