zhao/OpenAppFilter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge https://github.com/destan19/OpenAppFilter

Browse Source
This commit is contained in:
sbwml 2022-12-22 09:27:28 +08:00
commit c87860f168
22 changed files with 296 additions and 589 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
LICENSE Normal file → Executable file
View File

120
README.md
View File

@ -1,70 +1,54 @@
应用过滤是一款基于OpenWrt的家长管理插件支持游戏、视频、聊天、下载等app过滤比如抖音、斗鱼、王者荣耀等
### 固件下载
固件基于openwrt源码加入应用过滤插件包含热门路由器固件固件都是精简版默认关闭加速等冲突模块开启应用过滤即可生效。
[下载固件](http://175.178.71.82:88/oaf)
### 如何自己编译应用过滤固件
1. 准备OpenWrt源码并编译成功
推荐源码仓库:
https://github.com/coolsnowwolf/lede.git
2. clone应用过滤源码到OpenWrt源码package目录
git clone https://github.com/destan19/OpenAppFilter.git package/OpenAppFilter
3. 开启oaf插件配置
执行命令make menuconfig进入编译配置界面勾选luci-app-oaf后保存
luci-app-oaf依赖appfilter、kmod-oaf两个模块选择luci-app-oaf后会自动选择依赖。
4. 编译生成固件
make V=s
5. 支持模式
- 主路由模式
- 旁路由模式AP桥模式也可以使用该模式旁路由模式仅用来过滤如果需要完整审计功能请部署为主路由
### 如何安装应用过滤插件
[如何安装应用过滤插件](https://github.com/destan19/OpenAppFilter/wiki/%E5%A6%82%E4%BD%95%E5%AE%89%E8%A3%85%E5%BA%94%E7%94%A8%E8%BF%87%E6%BB%A4%E6%8F%92%E4%BB%B6)
### 使用前必读
1. 关闭网络加速
进入网络-->网络加速(ACC)菜单将所有的勾取消并保存生效如果是高通AX系列产品还需要手动通过命令调整ecm慢速转发包个数
调整为比较大的值比如1000000该值表示某条连接多少个报文进入应用过滤模块。
命令:
```
echo "1000000" > /sys/kernel/debug/ecm/ecm_classifier_default/accel_delay_pkts
```
注意重启后会失效,可以加入到启动脚本。
2. 关闭可能冲突的模块
广告过滤、QOS、多WAN等涉及到连接跟踪标记(mark)的模块可能和应用过滤冲突,测试时最好先不开启其他任何模块。
### 特征库下载地址
https://destan19.github.io/feature/
### 插件截图
![](https://github.com/destan19/picture/blob/main/oaf1.jpg)
![](https://github.com/destan19/picture/blob/main/oaf2.jpg)
![](https://github.com/destan19/picture/blob/main/oaf3.jpg)
![](https://github.com/destan19/picture/blob/main/oaf4.jpg)
![](https://github.com/destan19/picture/blob/main/oaf5.jpg)
![](https://github.com/destan19/picture/blob/main/oaf6.jpg)
App filtering is a parent management plug-in based on OpenWrt, which supports app filtering for games, videos, chats, downloads, etc.
### How to compile application filtering firmware
1. Prepare OpenWrt source code and compile successfully
Recommended source code repository:
https://github.com/coolsnowwolf/lede.git
If you use the official source code, please switch luci to 1.0, the current code does not support luci2.0
2. Clone the application filtering source code to the OpenWrt source code package directory
git clone https://github.com/destan19/OpenAppFilter.git package/OpenAppFilter
3. make menuconfig to open the application filter plug-in macro
Execute make menuconfig in the OpenWrt source code directory, select luci-app-oaf,appfilter and kmod-oaf
4. Compile and generate firmware
## OAF(Open App Filter)
OAF is a parental control plug-in based on OpenWrt, which supports app filtering for games, videos, chats, downloads, such as Tiktok, Youtube, Telegram,etc.,and support self-defined app rules, you can lean more and download firmware by visiting [www.openappfilter.com](http://www.openappfilter.com) .
### Preparation
- Prepare a router that supports openwrt
There are already many routers that support the openwrt system, you can choose a simple one for installation,[See which devices support](https://openwrt.org).
- Install the openwrt system on your router
The openwrt install tutorial can be found through the [forum](https://forum.openwrt.org).
### How to compile OAF
1. Prepare OpenWrt source or SDK and compile successfully
#### general steps
```
git clone https://github.com/openwrt/openwrt
cd openwrt
./scripts/feeds update -a
./scripts/feeds install -a
make defconfig
make V=s
```
2. Download OAF source code
git clone https://github.com/destan19/OpenAppFilter.git package/OpenAppFilter
3. Open the compile configuration
```
echo "CONFIG_PACKAGE_luci-app-oaf=y" >>.config
make defconfig
```
4. Begin compile
- Compile OAF separately
```
make package/luci-app-oaf/compile V=s
```
- Compile the entire firmware
```
make V=s
### Instructions for use
1. Make the application filtering device the main route
2. Turn off software and hardware acceleration, advertising filtering, QOS, multi-WAN and other modules related to nf_conn mark
3. Turn on application filtering and select the app that needs to be filtered to take effect
```
### How to install OAF
If you can't compile it yourself, you can install it directly into the released OpenWrt version
1. Install an officially released version of openwrt
Note that it must be the official release version,may cause failure if other versions are used, because OAF depend on the kernel version.
It is best to download through the following official address
https://downloads.openwrt.org/releases
2. Download OAF zip file
Find the corresponding OAF zip file on the release page and download it, note that the plug-in version and the system version must be consistent.
3. Install OAF ipks
Unzip thie OAF package and then install ipks in order
- kmod-oaf
- appfilter
- luci-compat(if the luci version is 2.0, openwrt 19.07+)
- luci-app-oaf
- luci-i18n-oaf-zh-cn(Chinese Language Pack, optional)
### Notice
If there is no version you need, you need to compile and generate it yourself, and I will release more architecture ipks later.

4
luci-app-oaf/Makefile
View File

@ -7,9 +7,9 @@ include $(TOPDIR)/rules.mk
LUCI_TITLE:=Open App Filter Module
LUCI_PKGARCH:=all
LUCI_DEPENDS:=+appfilter +kmod-oaf
LUCI_DEPENDS:=+appfilter +kmod-oaf +luci-compat
PKG_NAME:=luci-app-oaf
PKG_VERSION:=5.0
PKG_VERSION:=5.0.2
PKG_RELEASE:=1
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

37
luci-app-oaf/luasrc/model/cbi/appfilter/base_setting.lua
View File

@ -13,36 +13,59 @@ local SYS = require "luci.sys"
local m, s
m = Map("appfilter", translate("App Filter"), translate(
"Please turn off all possible conflicting modules such as acceleration (acc), advertisement filtering, multi-dialing, etc."))
"Please close the modules that may conflict, such as acceleration, ad filtering, and multi-dial"))
s = m:section(TypedSection, "global", translate("Basic Settings"))
s:option(Flag, "enable", translate("Enable App Filter"), translate(""))
s.anonymous = true
o=s:option(ListValue, "work_mode", translate("Working mode"),translate("Please select the mode correctly. Generally, it is the main route after WAN port forwarding. It is recommended to restart the device after switching the mode."))
o=s:option(ListValue, "work_mode", translate("Work Mode"),translate(""))
o.default=0
o:value(0, translate("Main router mode"))
o:value(1, translate("Bypass mode"))
o:value(0, translate("Gateway Mode"))
o:value(1,translate("Bypass Mode"))
local rule_count = 0
local version = ""
s = m:section(TypedSection, "appfilter", translate("App Filter Rules"))
s = m:section(TypedSection, "appfilter", translate("App Filter Rules"),
translate("If there is no app you want, you can add the app by updating the app feature file"))
s.anonymous = true
s.addremove = false
function get_class_i18n_name(class_name)
local fd = io.open("/tmp/app_class.txt", "r")
if not fd then return end
while true do
local ln = fd:read("*l")
if not ln then
break
end
local id, name1, name2 = ln:match("^(%d+) (%S+) (%S+)")
if class_name == name1 then
fd:close()
return name2
end
end
fd:close()
return nil
end
local class_fd = io.popen("find /tmp/appfilter/ -type f -name '*.class'")
if class_fd then
while true do
local apps
local class
local i18n_name
local path = class_fd:read("*l")
if not path then
break
end
class = path:match("([^/]+)%.class$")
s:tab(class, translate(class))
i18n_name=get_class_i18n_name(class)
if nil ~= i18n_name then
s:tab(class, i18n_name)
else
s:tab(class, class)
end
apps = s:taboption(class, MultiValue, class .. "apps", translate(""))
apps.rmempty = true
apps.widget = "checkbox"

35
luci-app-oaf/luasrc/model/cbi/appfilter/feature.lua
View File

@ -13,19 +13,25 @@ local SYS = require "luci.sys"
local m, s
m = Map("appfilter", translate(""),
translate("Feature library is used to describe app features, app filtering effect and number-dependent feature library"))
translate("The feature library is used to describe app features, app filtering effect and number-dependent feature library"))
local rule_count = 0
local version = ""
local format = ""
if nixio.fs.access("/tmp/feature.cfg") then
rule_count = tonumber(SYS.exec("cat /tmp/feature.cfg | wc -l"))
version = SYS.exec("cat /tmp/feature.cfg |grep \"#version\" | awk '{print $2}'")
end
format=SYS.exec("uci get appfilter.feature.format")
if format == "" then
format="v2.0"
end
local display_str = translate("Current Version:") .. "<font color='#00bd3e'>" .. version .. "</font>" .. "<br>" .. translate("App Feature Num:") ..
"<font color='#00bd3e'>" .. rule_count .. "</font>" ..
"<br>" .. translate("Download Link:") .. "<a href=\"https://destan19.github.io/feature/\" target=\"_blank\">https://destan19.github.io/feature/</a>"
s = m:section(TypedSection, "feature", translate("Update feature"), display_str)
local display_str = "<strong>"..translate("Current Version:")..": </strong>" .. version ..
"<br><strong>"..translate("Feature format:")..":</strong> " ..format ..
"<br><strong>"..translate("App Feature Num:")..":</strong> " ..rule_count ..
"<br><strong>"..translate("Feature download:")..":</strong><a href=\"http://www.openappfilter.com\" target=\"_blank\">www.openappfilter.com</a>"
s = m:section(TypedSection, "feature", translate("App Feature"), display_str)
fu = s:option(FileUpload, "")
fu.template = "cbi/oaf_upload"
@ -38,6 +44,8 @@ local dir, fd
dir = "/tmp/upload/"
nixio.fs.mkdir(dir)
http.setfilehandler(function(meta, chunk, eof)
local feature_file = "/etc/appfilter/feature.cfg"
local f_format="v1.0"
if not fd then
if not meta then
return
@ -55,16 +63,25 @@ http.setfilehandler(function(meta, chunk, eof)
if eof and fd then
fd:close()
local fd2 = io.open("/tmp/upload/" .. meta.file)
local line = fd2:read("*l");
local version_line = fd2:read("*l");
local format_line = fd2:read("*l");
fd2:close()
local ret = string.match(line, "#version")
local feature_file = "/etc/appfilter/feature.cfg"
local ret = string.match(version_line, "#version")
if ret ~= nil then
if string.match(format_line, "#format") then
f_format = SYS.exec("echo '"..format_line.."'|awk '{print $2}'")
end
if not string.match(f_format, format) then
um.value = translate("Failed to update feature file, format error"..",feature format:"..f_format)
os.execute("rm /tmp/upload/* -fr");
return
end
local cmd = "cp /tmp/upload/" .. meta.file .. " " .. feature_file;
os.execute(cmd);
os.execute("chmod 666 " .. feature_file);
os.execute("rm /tmp/appfilter -fr");
luci.sys.exec("/etc/init.d/appfilter restart &");
os.execute("uci set appfilter.feature.update=1");
luci.sys.exec("/etc/init.d/appfilter restart");
um.value = translate("Update the feature file successfully, please refresh the page")
else
um.value = translate("Failed to update feature file, format error")

8
luci-app-oaf/luasrc/model/cbi/appfilter/time_setting.lua
View File

@ -14,14 +14,14 @@ local m, s
m = Map("appfilter", translate(""), translate(""))
s = m:section(TypedSection, "time", translate("Time Setting"),translate("Time 2 is optional, the start and end times need to be set at the same time, and the end time must be greater than the start time"))
s = m:section(TypedSection, "time", translate("Time Setting"),translate("The second time is optional, the end time must be greater than the start time"))
s.anonymous = true
o=s:option(ListValue, "time_mode", translate("Time Match Mode:"),translate(""))
o=s:option(ListValue, "time_mode", translate("Time Mode"),translate(""))
o.default=0
o:value(0, translate("Rules take effect within the time frame"))
o:value(1, translate("Rules take effect outside of time frame"))
o:value(0,translate("Blacklist mode"))
o:value(1,translate("Whitelist mode"))
days = s:option(MultiValue, "days", "", translate(""))
days.widget = "checkbox"

107
luci-app-oaf/po/zh-cn/oaf.po
View File

@ -8,9 +8,6 @@ msgstr "应用过滤"
msgid "App Filter"
msgstr "应用过滤"
msgid "User list"
msgstr "用户列表"
msgid "game"
msgstr "游戏"
@ -47,15 +44,6 @@ msgstr "基本设置"
msgid "App Filter Rules"
msgstr "应用过滤规则"
msgid "Effective User"
msgstr "生效用户"
msgid "Effective Time"
msgstr "生效时间"
msgid "Please turn off all possible conflicting modules such as acceleration (acc), advertisement filtering, multi-dialing, etc."
msgstr "请先关闭所有加速(acc)、广告过滤、多拨等可能冲突的模块"
msgid "It takes effect for all users by default, and only takes effect for the selected users when checked"
msgstr "默认对所有用户生效,勾选后只对选择的用户生效"
@ -92,15 +80,11 @@ msgstr "过滤状态"
msgid "Data Statistics"
msgstr "数据统计"
msgid "Feature library is used to describe app features, app filtering effect and number-dependent feature library"
msgstr "特征库用于描述app特征app过滤效果和个数依赖特征库"
msgid "Current Version:"
msgstr "当前版本:"
msgid "Download Link:"
msgstr "下载地址:"
msgid "App Feature Num:"
msgstr "特征码个数:"
@ -146,7 +130,6 @@ msgstr "开始时间1"
msgid "End Time1"
msgstr "结束时间1"
msgid "Start Time2"
msgstr "开始时间2"
@ -186,29 +169,69 @@ msgstr "MAC 地址"
msgid "IP"
msgstr "IP 地址"
msgid "Working mode"
msgstr "工作模式"
msgid "Please select the mode correctly. Generally, it is the main route after WAN port forwarding. It is recommended to restart the device after switching the mode."
msgstr "请正确选择模式一般经过了WAN口转发则为主路由建议切换模式后重启设备"
msgid "Main router mode"
msgstr "主路由模式"
msgid "Bypass mode"
msgstr "旁路由模式"
msgid "Time 2 is optional, the start and end times need to be set at the same time, and the end time must be greater than the start time"
msgstr "时间 2 为选填,开始和结束时间需要同时设置,结束时间要大于开始时间"
msgid "Time Match Mode:"
msgstr "时间匹配模式:"
msgid "Rules take effect within the time frame"
msgstr "时间范围内规则生效"
msgid "Rules take effect outside of time frame"
msgstr "时间范围外规则生效"
msgid "Format 01:00"
msgstr "格式 01:00"
msgid "App Feature"
msgstr "应用特征库"
msgid "Effective User"
msgstr "生效用户"
msgid "Effective Time"
msgstr "生效时间"
msgid "Basic Settings"
msgstr "基本设置"
msgid "Please close the modules that may conflict, such as acceleration, ad filtering, and multi-dial"
msgstr "请先关闭加速、广告过滤、多拨等可能冲突的模块"
msgid "Work Mode"
msgstr "工作模式"
msgid "Gateway Mode"
msgstr "网关模式"
msgid "Bypass Mode"
msgstr "旁路模式"
msgid "Bypass Mode"
msgstr "旁路模式"
msgid "Current version"
msgstr "当前版本"
msgid "Current version"
msgstr "当前版本"
msgid "App number"
msgstr "App个数"
msgid "Feature download:"
msgstr "特征库下载:"
msgid "The second time is optional, the end time must be greater than the start time"
msgstr "时间2为选填结束时间要大于开始时间"
msgid "Time Mode"
msgstr "时间匹配模式"
msgid "Blacklist mode"
msgstr "黑名单模式"
msgid "Whitelist mode"
msgstr "白名单模式"
msgid "The feature library is used to describe app features, app filtering effect and number-dependent feature library"
msgstr "特征库用于描述app特征app过滤效果和个数依赖特征库"
msgid "User List"
msgstr "用户列表"
msgid "If there is no app you want, you can add the app by updating the app feature file"
msgstr "如果没有你想要的APP可以通过升级特征库增加APP"
msgid "Feature format:"
msgstr "特征码格式:"

7
luci-app-oaf/root/etc/uci-defaults/93_feature_2.0 Executable file
View File

@ -0,0 +1,7 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
set appfilter.feature.update='0'
set appfilter.feature.format='v2.0'
commit appfilter
EOF

2
oaf/src/app_filter.c
View File

@ -1204,10 +1204,8 @@ int netlink_oaf_init(void)
static int __init app_filter_init(void)
{
printk("appfilter version:" AF_VERSION "\n");
if (0 != load_feature_config())
{
printk("load feature failed\n");
return -1;
}

7
open-app-filter/Makefile
View File

@ -2,14 +2,11 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=appfilter
PKG_VERSION:=5.0
PKG_VERSION:=5.0.2
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
#include $(INCLUDE_DIR)/kernel.mk
define Package/appfilter
SECTION:=Derry Apps
@ -42,12 +39,10 @@ endef
define Package/appfilter/install
echo "install"
$(INSTALL_DIR) $(1)/usr/bin $(1)/etc/init.d
$(INSTALL_DIR) $(1)/etc/appfilter
$(INSTALL_DIR) $(1)/etc/config
$(CP) ./files/*.cfg $(1)/etc/appfilter/
$(CP) ./files/*.txt $(1)/etc/appfilter/
$(INSTALL_BIN) ./files/appfilter.init $(1)/etc/init.d/appfilter
$(INSTALL_BIN) ./files/oaf_rule $(1)/usr/bin
$(INSTALL_BIN) ./files/gen_class.sh $(1)/usr/bin

8
open-app-filter/files/app_class.txt
View File

@ -1,8 +0,0 @@
1 聊天
2 游戏
3 视频
4 购物
5 音乐
6 招聘
7 下载
8 常用网站

8
open-app-filter/files/app_class_en.txt
View File

@ -1,8 +0,0 @@
1 chat
2 game
3 video
4 shopping
5 music
6 recruitment
7 download
8 website

2
open-app-filter/files/appfilter.config
View File

@ -5,6 +5,8 @@ config global global
config appfilter appfilter
config feature feature
option update 0
option format 'v2.0'
config time 'time'
option time_mode '0'

23
open-app-filter/files/appfilter.init
View File

@ -18,23 +18,18 @@ stop_service(){
}
start_service(){
lang=`uci get luci.main.lang`
test -f $FEATURE_FILE && rm $FEATURE_FILE
test -f $CLASS_FILE && rm $CLASS_FILE
if [ x"" == x"$lang" -o x"auto" == x"$lang" ];then
local update
rm $FEATURE_FILE
update=`uci get appfilter.feature.update`
if [ x"1" == x"$update" ];then
ln -s /etc/appfilter/feature.cfg $FEATURE_FILE
ln -s /etc/appfilter/app_class.txt $CLASS_FILE
else
if [ -f "/etc/appfilter/feature_$lang.cfg" ];then
ln -s /etc/appfilter/feature_$lang.cfg $FEATURE_FILE
uci get luci.languages.zh_cn >/dev/null 2>&1
if [ $? -eq 0 ];then
test -f $FEATURE_FILE && rm $FEATURE_FILE
ln -s /etc/appfilter/feature_cn.cfg $FEATURE_FILE
else
ln -s /etc/appfilter/feature.cfg $FEATURE_FILE
fi
if [ -f "/etc/appfilter/app_class_$lang.txt" ];then
ln -s /etc/appfilter/app_class_$lang.txt $CLASS_FILE
else
ln -s /etc/appfilter/app_class.txt $CLASS_FILE
ln -s /etc/appfilter/feature_en.cfg $FEATURE_FILE
fi
fi
gen_class.sh /tmp/feature.cfg

262
open-app-filter/files/appfilter.lua
View File

@ -1,262 +0,0 @@
#!/usr/bin/lua
local libubus = require "ubus"
local uloop = require "uloop"
local UBUS_STATUS_OK = 0
local UBUS_STATUS_INVALID_COMMAND = 1
local UBUS_STATUS_INVALID_ARGUMENT = 2
local UBUS_STATUS_METHOD_NOT_FOUND = 3
local UBUS_STATUS_NOT_FOUND = 4
local UBUS_STATUS_NO_DATA = 5
local UBUS_STATUS_PERMISSION_DENIED = 6
local UBUS_STATUS_TIMEOUT = 7
local UBUS_STATUS_NOT_SUPPORTED = 8
local UBUS_STATUS_UNKNOWN_ERROR = 9
local UBUS_STATUS_CONNECTION_FAILED = 10
local UBUS_STATUS_ALREADY_EXISTS = 11
local cfg_file = "/etc/appfilter/feature.cfg"
local cfg = {}
local class = {}
local ubus
cfg.__index = cfg
class.__index = class
function cfg:init(file)
local f = io.open(file, "r")
local t = {}
local t2 = {}
if f then
for line in f:lines() do
table.insert(t, line)
local tt = line:match("#class (%S+)")
if tt then
table.insert(t2, tt)
end
end
setmetatable(t, self)
setmetatable(t2, self)
return t,t2
end
return nil
end
function cfg:lookup(o)
if not o then return UBUS_STATUS_INVALID_ARGUMENT end
local tab = self
for _, v in ipairs(tab) do
if v:match(o) then
if v:match("#class") then
local tt = {}
local t2 = {}
local found
for _, t in ipairs(tab) do
repeat
if t:match(o) then
found = true
table.insert(tt, t)
break
end
if t:match("#class") then
found = false
table.insert(t2, t)
break
end
if found then
table.insert(tt, t)
else
table.insert(t2, t)
end
until true
end
setmetatable(tt, self)
setmetatable(t2, self)
return tt, t2
else
return v
end
end
end
return nil
end
function cfg:lookup_class(m)
if not m then return UBUS_STATUS_INVALID_ARGUMENT end
local t1, t2 = self:lookup(m)
if type(t1) ~= "table" then return nil end
return t1, t2
end
function cfg:add_class(m)
if not m then return UBUS_STATUS_INVALID_ARGUMENT end
local f = io.open(cfg_file, "r+")
local tab = self
if f then
io.output(f)
for _, v in ipairs(tab) do
io.write(v)
io.write("\n")
end
io.write("#class "..m)
f:flush()
f:close()
return UBUS_STATUS_OK
else
return UBUS_STATUS_NOT_FOUND
end
end
function cfg:add_app(m, name, proto, sport, dport, url, request, dict)
if not name then return UBUS_STATUS_INVALID_ARGUMENT end
local id
local offset
local f = io.open(cfg_file, "r+")
io.output(f)
local t1,t2 = self:lookup_class(m)
if t1[#t1] == nil or "" then
offset = 0
id = math.modf(string.match(t1[#t1-1], "(%d+) %S+:") +1)
else
offset = 1
id = math.modf(string.match(t1[#t1], "(%d+) %S+:") +1)
end
local str = string.format("%d %s:[%s;%s;%s;%s;%s;%s]", id, name, proto, sport or "", dport or "", url or "", request or "", dict or "")
table.insert(t1, #t1+offset, str)
if f then
for _, v in ipairs(t2) do
if v then
io.write(v)
io.write("\n")
end
end
for _, v in ipairs(t1) do
if v then
io.write(v)
io.write("\n")
end
end
f:flush()
f:close()
end
return id
end
function cfg:del_app(id, name)
local t = self
local f = io.open(cfg_file, "r+")
local ret
if id then
for i, v in ipairs(t) do
if v:match(id) then
table.remove(t, i)
ret = i
end
end
end
if name then
for i, v in ipairs(t) do
if v:match(name) then
table.remove(t, i)
ret = i
end
end
end
if f then
io.output(f)
for _, v in ipairs(t) do
io.write(v)
io.write("\n")
end
f:flush()
f:close()
end
return ret
end
local methods = {
["appfilter"] = {
add_class = {
function(req, msg)
if not msg.class then return UBUS_STATUS_INVALID_ARGUMENT end
local t = cfg:init(cfg_file)
local ret
if t:lookup_class(msg.class) then return ubus.reply(req, {ret = UBUS_STATUS_ALREADY_EXISTS}) end
ret = t:add_class(msg.class)
ubus.reply(req, {msg = ret})
end, {class = libubus.STRING}
},
add_app = {
function (req, msg)
if not msg.class then return UBUS_STATUS_INVALID_ARGUMENT end
if not msg.name then return UBUS_STATUS_INVALID_ARGUMENT end
if not msg.proto then return UBUS_STATUS_INVALID_ARGUMENT end
local t = cfg:init(cfg_file)
local ret
if t:lookup(msg.name) then return ubus.reply(req, {ret = UBUS_STATUS_ALREADY_EXISTS}) end
ret = t:add_app(msg.class, msg.name, msg.proto, msg.sport, msg.dport, msg.url, msg.request, msg.dict)
ubus.reply(req, {ret = ret})
end,{class = libubus.STRING, name = libubus.STRING, proto = libubus.STRING, sport = libubus.INT32, dport = libubus.INT32, url = libubus.STRING, request = libubus.STRING, dict = libubus.STRING}
},
del_app = {
function(req, msg)
local t = cfg:init(cfg_file)
local ret = t:del_app(msg.id, msg.name)
ubus.reply(req, {ret = ret})
end,{id = libubus.INT32, name = libubus.STRING}
},
list_class = {
function (req, msg)
local _, c = cfg:init(cfg_file)
ubus.reply(req, {result = c})
end,{}
},
list_app = {
function (req, msg)
if not msg.class then return UBUS_STATUS_INVALID_ARGUMENT end
local t = cfg:init(cfg_file)
local ret = {}
for i, v in ipairs(t:lookup_class(msg.class)) do
if not v:match("#class") then
local id, name = v:match("(%d+) (%S+):%[")
ret[i-1] = {id = id, name = name}
end
end
ubus.reply(req, {result = ret})
end,{class = libubus.STRING}
}
}
}
function ubus_init()
local conn = libubus.connect()
if not conn then
error("Failed to connect to ubus")
end
conn:add(methods)
return {
call = function(object, method, params)
return conn:call(object, method, params or {})
end,
reply = function(req, msg)
conn:reply(req, msg)
end
}
end
local function main()
uloop.init()
ubus = ubus_init()
uloop.run()
end
main()

88
open-app-filter/files/appfilter.sh
View File

@ -1,88 +0,0 @@
. /usr/share/libubox/jshn.sh
. /lib/functions.sh
config_apply()
{
test -z "$1" && return 1
if [ -e "/dev/appfilter" ];then
echo "config json str=$1"
echo "$1" >/dev/appfilter
fi
}
clean_rule()
{
json_init
echo "clean appfilter rule..."
json_add_int "op" 3
json_add_object "data"
json_str=`json_dump`
config_apply "$json_str"
json_cleanup
}
load_rule()
{
json_init
config_load appfilter
config_get enable "global" enable
echo "enable = $enable"
if [ x"$enable" != x"1" ];then
echo "appfilter is disabled"
echo 0 >/proc/sys/oaf/enable>/dev/null
return 0
else
insmod oaf >/dev/null
echo 1 >/proc/sys/oaf/enable
fi
echo "appfilter is enabled"
json_add_int "op" 1
json_add_object "data"
json_add_array "apps"
for file in `ls /tmp/appfilter/*.class`
do
class_name=`echo "$file" | awk -F/ '{print $4}'| awk -F. '{print $1}'`
config_get appid_list "appfilter" "${class_name}apps"
echo "appid_list=$appid_list"
if ! test -z "$appid_list";then
for appid in $appid_list:
do
json_add_int "" $appid
done
fi
done
json_str=`json_dump`
config_apply "$json_str"
json_cleanup
}
load_mac_list()
{
json_init
config_load appfilter
json_add_int "op" 4
json_add_object "data"
json_add_array "mac_list"
config_get appid_list "user" "users"
echo "appid list=$appid_list"
for appid in $appid_list:
do
echo "appid=$appid"
json_add_string "" $appid
done
json_str=`json_dump`
config_apply "$json_str"
echo "json str=$json_str"
json_cleanup
}
clean_rule
load_rule
load_mac_list

17
open-app-filter/files/feature.cfg → open-app-filter/files/feature_cn.cfg
View File

@ -1,6 +1,7 @@
#version v22.12.21
#format v2.0
#id name:[proto;sport;dport;host url;request;dict]
#class chat
#class chat 1 聊天
1001 QQ:[tcp;;;;;00:02|-1:03,tcp;;;;;02:02|-1:03,tcp;;14000;;;,tcp;;8080;;;00:ca|01:3c,tcp;;;;;00:00|01:00|02:00|03:15]
1002 微信:[tcp;;;;;01:f1|02:03,tcp;;;;;00:ab|01:00|02:00,tcp;;80;;/mmtls;]
1003 微博:[tcp;;443;weibo;;]
@ -12,7 +13,7 @@
1009 探探:[tcp;;;tancdn;;,tcp;;;tantanapp;;]
1010 多闪:[tcp;;;ppkankan;;]
#class game
#class game 2 游戏
2001 王者荣耀:[udp;;;;;00:01|01:02|02:00|03:00,tcp;;;;;00:33|1:66|02:00|03:0b]
2002 和平精英:[tcp;;;;;00:33|1:66|03:0a|05:0a]
2003 英雄联盟:[udp;;;;;44:00|45:00|46:00|47:02]
@ -51,7 +52,7 @@
2036 uu加速器:[tcp;;;mg.uu.163.com;;]
2037 腾讯加速器:[tcp;;;m.acc.qq.com;;]
#class video
#class video 3 视频
3001 抖音短视频:[tcp;;;-dy-;;,tcp;;;-dy.;;,tcp;;;douyin;;]
3002 火山小视频:[tcp;;;.huoshan.com;;,tcp;;;hs.pstatp.com;;,tcp;;;hs.ixigua.com;;]
3003 腾讯视频:[tcp;;443;v.qq.com;;,tcp;;443;tc.qq.com;;,tcp;;443;video.qq.com;;,tcp;;443;btrace.qq.com;;]
@ -87,7 +88,7 @@
3035 九秀直播:[tcp;;;9xiu;;]
3036 微信视频:[tcp;;;;/mmtls;,tcp;;;szextshort.weixin.qq.com;;]
#class shopping
#class shopping 4 购物
4001 淘宝:[tcp;;;taobao;;,tcp;;;alicdn.com;;,tcp;;;tmall.com;;,tcp;;;;;00:d3|01:00,,tcp;;;;;00:d4|01:00,,tcp;;;;;00:d3|01:00,udp;;1106;;;00:82|01:cc,tcp;;;;/mediaplatform;]
4002 京东:[tcp;;;360buyimg;;,tcp;;;jd.com;;,tcp;;;jdcdn.com;;,tcp;;;vod.300hu.com;;]
4003 唯品会:[tcp;;;vips-mobile;;,tcp;;;vipshop;;,tcp;;;vip.com;;,tcp;;;vipstatic.com;;,tcp;;;appsimg.com;;]
@ -131,7 +132,7 @@
4054 Lazada:[tcp;;;lazada.com;;]
4025 海豚家:[tcp;;;kepler8;;,tcp;;;qiyukf;;]
#class music
#class music 5 音乐
5001 网易云音乐:[tcp;;;music.163;;,tcp;;;music.126;;]
5002 QQ音乐:[tcp;;;;^/amobile.music.tc.qq.com;,tcp;;;qqmusic;;]
5003 酷狗音乐:[tcp;;;kugou;;,tcp;;;kgimg;;,tcp;;;fanxing;;]
@ -146,7 +147,7 @@
5012 懒人听书:[tcp;;;lrts.me;;]
5013 AppleMuisc:[tcp;;;aod.itunes.apple.com;;,tcp;;;radio-activity.itunes.apple.com;;,tcp;;;cma.itunes.apple.com;;,tcp;;;play.itunes.apple.com;;,tcp;;;music.apple.com;;,tcp;;;apptrailers.itunes.apple.com;;,tcp;;;amp-api.music.apple.com;;tcp;;;blobstore.apple.com;;,tcp;;;streamingaudio.itunes.apple.com;;,tcp;;;mvod.itunes.apple.com;;,tcp;;;audio.itunes.apple.com;;,tcp;;;audio-ssl.itunes.apple.com;;,tcp;;;aod-ssl.itunes.apple.com;;]
#class employee
#class employee 6 招聘
6001 前程无忧:[tcp;;;51job;;]
6002 智联招聘:[tcp;;;zhaopin;;]
6003 猎聘:[tcp;;;liepin;;]
@ -162,7 +163,7 @@
6013 boss直聘:[tcp;;;zhipin.com;;]
6014 实习僧:[tcp;;;shixiseng.com;;]
#class download
#class download 7 下载
7001 迅雷:[udp;12345;;;;,udp;15000;;;;,tcp;;54321;;;,tcp;;12345;;;,udp;6881;;;;,udp;;12346;;;,udp;12346;;;;]
7002 AppStore:[tcp;;;itunes.apple.com;;,tcp;;;mzstatic.com;;,tcp;;;apps.apple.com;;,udp;;;ess.apple.com;;]
7003 samba共享:[tcp;;445;;;]
@ -181,7 +182,7 @@
7035 SSH:[tcp;;;;;00:53|01:53|02:48]
7036 WeGame下载器:[tcp;;;wegame-client;;]
#class website
#class website 8 常用网站
8001 百度:[tcp;;;baidu.com;;]
8002 新浪:[tcp;;;sina.com;;]
8003 搜狐:[tcp;;;sohu.com;;]

96
open-app-filter/files/feature_en.cfg
View File

@ -1,27 +1,32 @@
#version v21.9.1
#version v22.11.11
#format v2.0
#id name:[proto;sport;dport;host url;request;dict]
#class chat
#class chat 1 Chat
1001 Facebook:[tcp;;;facebook.com;;]
1002 Whatsapp:[tcp;;;whatsapp;;]
1003 Twitter:[tcp;;;twitter.com;;]
1004 Instagram:[tcp;;;instagram.com;;]
1005 VK:[tcp;;;vk.com;;]
1006 Line:[tcp;;;line;;]
1007 Snapchat:[tcp;;;snapchat.com;;]
1008 Tinder:[tcp;;;tinder.com;;]
#class video
#class video 3 Video
3001 YouTube:[tcp;;;youtube;;]
3002 NetFlix:[tcp;;;netflix;;]
3003 Vimeo:[tcp;;;vimeo;;]
3004 DailyMotion:[tcp;;;dailymotion;;]
3005 Hulu:[tcp;;;hulu;;]
3006 Vube:[tcp;;;vube;;]
3007 Twitch:[tcp;;;twitch;;]
3008 LiveLeak:[tcp;;;itemfix;;]
3002 Tiktok:[tcp;;;tiktok;;]
3003 NetFlix:[tcp;;;netflix;;]
3004 Vimeo:[tcp;;;vimeo;;]
3005 DailyMotion:[tcp;;;dailymotion;;]
3006 Hulu:[tcp;;;hulu;;]
3007 Vube:[tcp;;;vube;;]
3008 Twitch:[tcp;;;twitch;;]
3009 LiveLeak:[tcp;;;itemfix;;]
3010 Xvideos:[tcp;;;xvideos.com;;]
3011 Pornhub:[tcp;;;pornhub.com;;]
3010 Spotify:[tcp;;;spotify.com;;]
3050 Xvideos:[tcp;;;xvideos.com;;]
3051 Pornhub:[tcp;;;pornhub.com;;]
3052 Xnxx:[tcp;;;xnxx.com;;]
#class shopping
#class shopping 4 Shopping
4001 Amazon:[tcp;;;amazon.com;;]
4002 eBay:[tcp;;;ebay.com;;]
4003 Etsy:[tcp;;;etsy.com;;]
@ -35,17 +40,60 @@
4011 Asos:[tcp;;;asos.com;;]
4012 Cuyana:[tcp;;;cuyana.com;;]
#class download
7001 Google Play:[tcp;;;play.google.com;;]
7002 AppStore:[tcp;;80;iosapps.itunes.apple.com;;]
#class download 7 Download
7001 GooglePlay:[tcp;;;play.google.com;;]
7002 AppStore:[tcp;;;iosapps.itunes.apple.com;;]
7003 WindowsUpdate:[tcp;;80;update.microsoft.com;;,tcp;;;windowsupdate.com;;]
7050 Speedtest:[tcp;;;speedtest.net;;]
7060 samba:[tcp;;445;;;]
7061 ftp:[tcp;;21;;;]
7062 ssh:[tcp;;22;;;]
#class website
#class website 8 Website
8001 Google:[tcp;;;www.google.com;;]
8002 Wiki:[tcp;;;www.wikipedia.com;;]
8003 Yahoo:[tcp;;;www.yahoo.com;;]
8002 Wiki:[tcp;;;wikipedia.com;;]
8003 Yahoo:[tcp;;;yahoo;;]
8004 Apple:[tcp;;;www.apple.com;;]
8010 Reddit:[tcp;;;www.reddit.com;;]
8011 Outlook:[tcp;;;www.outlook.live.com;;]
8012 Naver:[tcp;;;www.naver.com;;]
8013 Fandom:[tcp;;;www.fandom.com;;]
8015 Globo:[tcp;;;www.globo.com;;]
8010 Reddit:[tcp;;;reddit.com;;]
8011 Outlook:[tcp;;;outlook.live.com;;]
8012 Naver:[tcp;;;naver.com;;]
8013 Fandom:[tcp;;;fandom.com;;]
8015 Globo:[tcp;;;globo.com;;]
8016 Yelp:[tcp;;;yelp.com;;]
8017 Pinterest:[tcp;;;www.pinterest.com;;]
8018 BBC:[tcp;;;www.bbc.com;;]
8020 Linkedin:[tcp;;;linkedin.com;;]
8022 Merriam-webster:[tcp;;;merriam-webster.com;;]
8027 Dictionary:[tcp;;;dictionary.com;;]
8028 Tripadvisor:[tcp;;;tripadvisor.com;;]
8029 Britannica:[tcp;;;britannica.com;;]
8030 Cambridge:[tcp;;;cambridge.org;;]
8032 Weather:[tcp;;;weather.com;;]
8033 Wiktionary:[tcp;;;wiktionary.org;;]
8034 Espn:[tcp;;;espn.com;;]
8035 Microsoft:[tcp;;;microsoft.com;;]
8038 Gsmarena:[tcp;;;gsmarena.com;;]
8039 Webmd:[tcp;;;webmd.com;;]
8040 Craigslist:[tcp;;;craigslist.org;;]
8041 Cricbuzz:[tcp;;;cricbuzz.com;;]
8042 Mayoclinic:[tcp;;;mayoclinic.org;;]
8043 Timeanddate:[tcp;;;timeanddate.com;;]
8044 Espncricinfo:[tcp;;;espncricinfo.com;;]
8045 Healthline:[tcp;;;healthline.com;;]
8047 Rottentomatoes:[tcp;;;rottentomatoes.com;;]
8049 Thefreedictionary:[tcp;;;thefreedictionary.com;;]
8052 Bestbuy:[tcp;;;bestbuy.com;;]
8053 Indeed:[tcp;;;indeed.com;;]
8058 Samsung:[tcp;;;samsung.com;;]
8059 Investopedia:[tcp;;;investopedia.com;;]
8060 Flashscore:[tcp;;;flashscore.com;;]
8061 Steampowered:[tcp;;;steampowered.com;;]
8064 Roblox:[tcp;;;roblox.com;;]
8065 Nordstrom:[tcp;;;nordstrom.com;;]
8066 Thepiratebay:[tcp;;;thepiratebay.org;;]
8067 Indiatimes:[tcp;;;indiatimes.com;;]
8068 Cnbc:[tcp;;;cnbc.com;;]
8069 Ssyoutube:[tcp;;;ssyoutube.com;;]
8070 Adobe:[tcp;;;adobe.com;;]
8071 Speedtest:[tcp;;;speedtest.net;;]
8072 Lowes:[tcp;;;lowes.com;;]

13
open-app-filter/files/gen_class.sh
View File

@ -1,11 +1,13 @@
#!/bin/sh
CLASS_NAME_FILE="/tmp/app_class.txt"
f_file=$1
test -z "$f_file" && return
test -d /tmp/appfilter && return
cur_class=""
cur_class_file=""
test -z "$f_file" && return
test -d /tmp/appfilter && rm /tmp/appfilter -fr
mkdir /tmp/appfilter
rm $CLASS_NAME_FILE
while read line
do
echo "$line"| grep "^#class"
@ -18,13 +20,12 @@ do
rm $cur_class_file
fi
touch $cur_class_file
echo $line | awk '{print $3 " " $2 " "$4}' >>$CLASS_NAME_FILE
fi
continue
fi
test -z "$cur_class" && continue
appid=`echo "$line" |awk '{print $1}'`
appname=`echo "$line" | awk '{print $2}' | awk -F: '{print $1}'`
echo "$appid $appname" >> $cur_class_file
done < $f_file
echo "ok"

27
open-app-filter/files/oaf_rule
View File

@ -5,9 +5,7 @@
config_apply()
{
test -z "$1" && return 1
if [ -e "/dev/appfilter" ];then
echo "config json str=$1"
echo "$1" >/dev/appfilter
fi
}
@ -15,14 +13,10 @@ config_apply()
clean_rule()
{
json_init
echo "clean appfilter rule..."
json_add_int "op" 3
json_add_object "data"
json_str=`json_dump`
config_apply "$json_str"
json_cleanup
}
@ -32,18 +26,17 @@ load_rule()
json_add_int "op" 1
json_add_object "data"
json_add_array "apps"
for file in `ls /tmp/appfilter/*.class`
do
class_name=`echo "$file" | awk -F/ '{print $4}'| awk -F. '{print $1}'`
config_get appid_list "appfilter" "${class_name}apps"
class_name=`echo "$file" | awk -F/ '{print $4}'| awk -F. '{print $1}'`
config_get appid_list "appfilter" "${class_name}apps"
if ! test -z "$appid_list";then
for appid in $appid_list:
do
json_add_int "" $appid
done
fi
if ! test -z "$appid_list";then
for appid in $appid_list:
do
json_add_int "" $appid
done
fi
done
json_str=`json_dump`
@ -59,7 +52,6 @@ load_mac_list()
json_add_object "data"
json_add_array "mac_list"
config_get mac_list "user" "users"
echo "mac list=$mac_list"
if [ x"$mac_list" != x"" ];then
for mac in $mac_list:
do
@ -79,16 +71,13 @@ reload_rule(){
}
reload_base_config(){
local old_work_mode
config_load appfilter
config_get work_mode "global" "work_mode"
echo "work mode=$work_mode"
echo "$work_mode" >/proc/sys/oaf/work_mode
}
case $1 in
"reload")
echo "reload appfilter rule..."
reload_base_config
reload_rule
;;

3
open-app-filter/src/appfilter_config.c
View File

@ -195,7 +195,8 @@ void init_app_class_name_table(void)
}
while (fgets(line_buf, sizeof(line_buf), fp))
{
sscanf(line_buf, "%d %s", &class_id, class_name);
sscanf(line_buf, "%d %*s %s", &class_id, class_name);
printf("line buf = %s, class_name = %s\n", line_buf, class_name);
strcpy(CLASS_NAME_TABLE[class_id - 1], class_name);
g_cur_class_num++;
}

11
open-app-filter/src/appfilter_netlink.c
View File

@ -47,7 +47,6 @@ void appfilter_nl_handler(struct uloop_fd *u, unsigned int ev)
int type;
int id;
char *mac = NULL;
printf("%s %d\n", __func__, __LINE__);
struct msghdr msg = {
.msg_name = &nladdr,
@ -92,7 +91,6 @@ void appfilter_nl_handler(struct uloop_fd *u, unsigned int ev)
printf("parse json failed:%s", kdata);
return;
}
printf("recv msg = %s\n", kdata);
struct json_object *mac_obj = json_object_object_get(root, "mac");
@ -158,8 +156,6 @@ void appfilter_nl_handler(struct uloop_fd *u, unsigned int ev)
}
else
{
printf("%s %d\n", __func__, __LINE__);
visit_info_t *visit_node = (visit_info_t *)calloc(1, sizeof(visit_info_t));
visit_node->action = action;
visit_node->appid = appid;
@ -167,8 +163,6 @@ void appfilter_nl_handler(struct uloop_fd *u, unsigned int ev)
visit_node->first_time = cur_time.tv_sec - MIN_VISIT_TIME;
visit_node->next = NULL;
add_visit_info_node(&node->visit_htable[hash], visit_node);
//printf("add visit info curtime=%d\n", cur_time.tv_sec);
}
}
@ -183,8 +177,6 @@ int send_msg_to_kernel(int fd, void *msg, int len)
daddr.nl_family = AF_NETLINK;
daddr.nl_pid = 0; // to kernel
daddr.nl_groups = 0;
printf("%s %d\n", __func__, __LINE__);
int ret = 0;
struct nlmsghdr *nlh = NULL;
nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(MAX_NL_MSG_LEN));
@ -201,8 +193,6 @@ int send_msg_to_kernel(int fd, void *msg, int len)
char *p_data = msg_buf + sizeof(struct af_msg_hdr);
memcpy(p_data, msg, len);
// memset(nlh, 0, sizeof(struct nlmsghdr));
memcpy(NLMSG_DATA(nlh), msg_buf, len + sizeof(struct af_msg_hdr));
ret = sendto(fd, nlh, nlh->nlmsg_len, 0, (struct sockaddr *)&daddr, sizeof(struct sockaddr_nl));
@ -211,7 +201,6 @@ int send_msg_to_kernel(int fd, void *msg, int len)
perror("sendto error\n");
return -1;
}
printf("%s %d\n", __func__, __LINE__);
return 0;
}