Last active
June 4, 2016 08:53
-
-
Save qxj/546f723138adb4a351c1 to your computer and use it in GitHub Desktop.
墙认证的域名和IP收集,用来避免DNS污染和自定义路由规则。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| single_instance() { | |
| LOCKFILE=$1 | |
| [ -f $LOCKFILE ] && echo "Another instance is running." && exit 1 | |
| trap "{ rm -f $LOCKFILE; exit 0; }" EXIT SIGTERM SIGINT | |
| touch $LOCKFILE | |
| } | |
| single_instance /tmp/fix_vpn.lck | |
| if ! test $(pidof obfsproxy); | |
| then | |
| echo "$(date) obfsproxy broken, restarting..." | |
| eval $(grep obfsproxy /etc/rc.local) | |
| fi | |
| ! test $(pidof obfsproxy) && exit 1 | |
| if ! test $(pidof openvpn); | |
| then | |
| echo "$(date) openvpn broken, restarting..." | |
| /etc/init.d/openvpn start | |
| fi | |
| ! test $(pidof openvpn) && exit 1 | |
| if test $(route -n |wc -l) -lt 20; | |
| then | |
| echo "$(date) gfw route reload..." | |
| cd /root && ./gfw_route.sh load gfw_subnet.conf | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ## works under ash (busybox) | |
| # get remote vpn's ip automatically, e.g. | |
| # | |
| # tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 | |
| # inet addr:10.8.0.10 P-t-P:10.8.0.9 Mask:255.255.255.255 | |
| # UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 | |
| # | |
| _GWIP=$(/sbin/ifconfig tun0|grep "P-t-P"|tr -s ' '|cut -d' ' -f4|cut -d: -f2) | |
| # one rough regex for subnet validation | |
| # | |
| # eg: 178.79.0.0, default netmask is 255.255.0.0 | |
| # or: 178.79.0.0/255.255.255.0, specified netmask is 255.255.255.0 | |
| # | |
| _IP_REGEX="^[[:space:]]*[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})?$" | |
| _route_add() { | |
| local subnet=$1 | |
| local gwip=$2 | |
| if [ -z $gwip ]; then | |
| gwip=$_GWIP; | |
| fi | |
| if [ -z $gwip ]; then | |
| echo "Error gateway, failed to add route $subnet." >&2 | |
| return 255 | |
| fi | |
| echo $subnet | grep -E $_IP_REGEX >/dev/null | |
| if [ $? -eq 0 ]; then | |
| local ip= | |
| local netmask= | |
| echo $subnet | tr -c '[0-9\.\n]' ' ' | | |
| if read ip netmask; then | |
| test -z $netmask && netmask="255.255.0.0" | |
| # echo "[ADD] $ip/$netmask gw $gwip" | |
| route add -net $ip netmask $netmask gw $gwip dev tun0 | |
| fi | |
| return $? | |
| else | |
| return 255 | |
| fi | |
| } | |
| _route_del() { | |
| local subnet=$1 | |
| echo $subnet | grep -E $_IP_REGEX >/dev/null | |
| if [ $? -eq 0 ]; then | |
| local ip= | |
| local netmask= | |
| echo $subnet | tr -c '[0-9\.\n]' ' ' | | |
| if read ip netmask; then | |
| test -z $netmask && netmask="255.255.0.0" | |
| # echo "[DELETE] $ip/$netmask" | |
| route del -net $ip netmask $netmask dev tun0 | |
| fi | |
| return $? | |
| else | |
| return 255 | |
| fi | |
| } | |
| _route_existed() { | |
| local subnet=$1 | |
| echo $subnet | tr -c '[0-9\.\n]' ' ' | | |
| if read ip netmask; then | |
| test -z $netmask && netmask="255.255.0.0" | |
| route -n | grep -q -E "$ip.+$netmask" | |
| fi | |
| return $? | |
| } | |
| case $1 in | |
| "load") | |
| route_file=$2 | |
| if [ ! -f $route_file ]; then | |
| echo "Please specify a route file formatted as blow: | |
| # dropbox | |
| 199.47.0.0 | |
| 205.251.0.0 | |
| 108.160.166.0/255.255.255.0 | |
| " | |
| else | |
| cat $route_file | while read ip; do | |
| _route_existed $ip || _route_add $ip | |
| done | |
| fi | |
| ;; | |
| "check") | |
| if _route_existed $2; then | |
| echo "route $2 is already existed." | |
| else | |
| echo "route $2 is not existed." | |
| fi | |
| ;; | |
| "add") | |
| if _route_existed $2; then | |
| echo "route $2 is already existed." | |
| else | |
| if _route_add $2; then | |
| echo "route $2 is added." | |
| else | |
| echo "failed to add route $2" | |
| fi | |
| fi | |
| ;; | |
| "del*") | |
| if _route_existed $2; then | |
| if _route_del $2; then | |
| echo "route $2 is deleted." | |
| else | |
| echo "failed to delete route $2" | |
| fi | |
| else | |
| echo "route $2 isn't existed." | |
| fi | |
| ;; | |
| *) | |
| echo "Usage: | |
| 1) $0 load <route file> | |
| 2) $0 add <subnet_ip/netmask> | |
| 3) $0 del <subnet_ip/netmask> | |
| " | |
| ;; | |
| esac |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## blocked subnet list | |
| 178.79.0.0 | |
| 76.74.0.0 | |
| 210.163.0.0 | |
| 66.155.0.0 | |
| 68.180.0.0 | |
| 98.139.0.0 | |
| 199.59.0.0 | |
| 184.154.0.0 | |
| 72.233.0.0 | |
| 69.58.0.0 | |
| 68.142.0.0 | |
| #opendns | |
| 208.67.222.0/255.255.255.0 | |
| 208.67.220.0/255.255.255.0 | |
| 64.233.0.0 | |
| 66.102.0.0 | |
| 66.249.0.0 | |
| 209.85.0.0 | |
| 216.239.0.0 | |
| 216.58.0.0 | |
| 173.194.0.0 | |
| 74.125.0.0 | |
| 72.14.0.0 | |
| 203.208.0.0 | |
| # manually | |
| 199.16.0.0 | |
| 184.50.0.0 | |
| 178.18.0.0 | |
| 199.96.0.0 | |
| 67.228.0.0 | |
| # dropbox | |
| 199.47.0.0 | |
| 174.129.0.0 | |
| 205.251.0.0 | |
| 108.160.166.0/255.255.255.0 | |
| #tor | |
| 38.229.0.0 | |
| 82.195.0.0 | |
| 86.59.0.0 | |
| 93.95.0.0 | |
| 46.4.0.0 | |
| #wikipedia | |
| 208.80.0.0 | |
| #tumblr | |
| 68.232.0.0 | |
| 66.6.0.0 | |
| #github | |
| 192.30.0.0 | |
| 54.230.0.0 | |
| 54.182.2.0/255.255.255.0 | |
| #droplr | |
| 50.112.0.0 | |
| #dns | |
| 199.91.0.0 | |
| 8.8.0.0 | |
| #btdigg | |
| 193.105.0.0 | |
| #digital ocean | |
| 23.235.0.0 | |
| 129.250.6.0/255.255.255.0 | |
| 103.245.222.0/255.255.255.0 | |
| 173.252.0.0 | |
| 31.13.0.0 | |
| 69.171.0.0 | |
| #slideshare | |
| 216.52.242.0/255.255.255.0 | |
| 199.101.163.0/255.255.255.0 | |
| 108.174.2.0/255.255.255.0 | |
| #simplecd | |
| 76.164.227.0/255.255.255.0 | |
| #sf.net | |
| 216.34.181.0/255.255.255.0 | |
| #wordpress | |
| 192.0.78.0/255.255.255.0 | |
| #scribd.com | |
| 199.27.79.0/255.255.255.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Usful tools: | |
| # View cache: pdnsd-ctl dump | |
| # Flush cache: pdnsd-ctl empty-cache | |
| global { | |
| # debug = on; # /var/pdnsd/pdnsd.debug | |
| perm_cache=4096; # 1MB cache | |
| cache_dir="/var/pdnsd"; | |
| run_as="nobody"; | |
| paranoid=on; | |
| server_port = 53; | |
| server_ip = any; | |
| status_ctl = on; | |
| #query_method=tcp_only; # gfw don't pollute TCP query now | |
| query_method=udp_tcp; | |
| min_ttl=8h; | |
| max_ttl=1w; | |
| timeout=10; | |
| # https://wiki.archlinux.org/index.php/Pdnsd#Performance_Settings_For_Home_Broadband_Users | |
| neg_rrs_pol=on; | |
| par_queries=1; | |
| } | |
| server { | |
| label="114 & V2EX DNS"; | |
| ip=114.114.114.114,114.114.115.115; | |
| uptest=none; | |
| # root_server = on; | |
| proxy_only=on; | |
| purge_cache=off; | |
| edns_query=on; | |
| exclude= | |
| ".android.com", | |
| ".appspot.com", | |
| ".bit.ly", | |
| ".bitly.com", | |
| ".blogger.com", | |
| ".blogspot.com", | |
| ".bloomberg.com", | |
| ".chromium.org", | |
| ".dropbox.com", | |
| ".dropboxusercontent.com", | |
| ".droplr.com", | |
| ".edgecastcdn.net", | |
| ".facebook.com", | |
| ".facebook.net", | |
| ".fb.me", | |
| ".fbcdn.net", | |
| ".fbsbx.com", | |
| ".feedburner.com", | |
| ".flickr.com", | |
| ".g.co", | |
| ".ggpht.com", | |
| ".ghconduit.com", | |
| ".github.com", | |
| ".gmail.com", | |
| ".goo.gl", | |
| ".google-analytics.com", | |
| ".google.com", | |
| ".googleapis.com", | |
| ".googlecode.com", | |
| ".googlelabs.com", | |
| ".googlepages.com", | |
| ".googlesource.com", | |
| ".googlesyndication.com", | |
| ".googleusercontent.com", | |
| ".googlevideo.com", | |
| ".gravatar.com", | |
| ".gstatic.com", | |
| ".igfw.net", | |
| ".img.ly", | |
| ".keyhole.com", | |
| ".mobile01.com", | |
| ".nytimes.com", | |
| ".openvpn.net", | |
| ".pandora.tv", | |
| ".panoramio.com", | |
| ".paper.li", | |
| ".pastebin.com", | |
| ".pastie.org", | |
| ".ptt.cc", | |
| ".sf.net", | |
| ".simplecd.org", | |
| ".slideshare.net", | |
| ".sourceforge.net", | |
| ".t.co", | |
| ".t66y.com", | |
| ".tfbnw.net", | |
| ".torproject.org", | |
| ".twimg.com", | |
| ".twitter.com", | |
| ".twitter4j.org", | |
| ".twttr.com", | |
| ".vimeo.com", | |
| ".w.org", | |
| ".wikipedia.org", | |
| ".wp.com", | |
| ".wordpress.com", | |
| ".w3schools.com", | |
| ".yimg.com", | |
| ".youtube.com", | |
| ".lithium.com", | |
| ".ytimg.com"; | |
| # ".dynect.net",".akamaihd.net" | |
| } | |
| server { | |
| label="V2EX & Google DNS"; | |
| ip=208.67.222.222,208.67.220.220; | |
| #ip=208.67.222.123,208.67.220.123; | |
| # root_server = on; | |
| # uptest = ping; | |
| uptest = none; | |
| proxy_only=on; | |
| purge_cache=off; | |
| } | |
| source { | |
| owner=localhost; | |
| # serve_aliases=on; | |
| file="/etc/hosts"; | |
| } | |
| rr { | |
| name=localhost; | |
| reverse=on; | |
| a=127.0.0.1; | |
| owner=localhost; | |
| soa=localhost,root.localhost,42,86400,900,86400,86400; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment